summaryrefslogtreecommitdiffstats
path: root/security/nss/lib
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib')
-rw-r--r--security/nss/lib/Makefile97
-rw-r--r--security/nss/lib/base/Makefile11
-rw-r--r--security/nss/lib/base/arena.c1143
-rw-r--r--security/nss/lib/base/base.gyp32
-rw-r--r--security/nss/lib/base/base.h1106
-rw-r--r--security/nss/lib/base/baset.h124
-rw-r--r--security/nss/lib/base/config.mk19
-rw-r--r--security/nss/lib/base/error.c269
-rw-r--r--security/nss/lib/base/errorval.c65
-rw-r--r--security/nss/lib/base/exports.gyp33
-rw-r--r--security/nss/lib/base/hash.c314
-rw-r--r--security/nss/lib/base/hashops.c64
-rw-r--r--security/nss/lib/base/item.c186
-rw-r--r--security/nss/lib/base/libc.c143
-rw-r--r--security/nss/lib/base/list.c405
-rw-r--r--security/nss/lib/base/manifest.mn38
-rw-r--r--security/nss/lib/base/nssbase.h233
-rw-r--r--security/nss/lib/base/nssbaset.h118
-rw-r--r--security/nss/lib/base/tracker.c378
-rw-r--r--security/nss/lib/base/utf8.c679
-rw-r--r--security/nss/lib/certdb/Makefile48
-rw-r--r--security/nss/lib/certdb/alg1485.c1576
-rw-r--r--security/nss/lib/certdb/cert.h1584
-rw-r--r--security/nss/lib/certdb/certdb.c3231
-rw-r--r--security/nss/lib/certdb/certdb.gyp34
-rw-r--r--security/nss/lib/certdb/certdb.h89
-rw-r--r--security/nss/lib/certdb/certi.h381
-rw-r--r--security/nss/lib/certdb/certt.h1328
-rw-r--r--security/nss/lib/certdb/certv3.c222
-rw-r--r--security/nss/lib/certdb/certxutl.c493
-rw-r--r--security/nss/lib/certdb/certxutl.h44
-rw-r--r--security/nss/lib/certdb/config.mk15
-rw-r--r--security/nss/lib/certdb/crl.c3045
-rw-r--r--security/nss/lib/certdb/exports.gyp36
-rw-r--r--security/nss/lib/certdb/genname.c2019
-rw-r--r--security/nss/lib/certdb/genname.h93
-rw-r--r--security/nss/lib/certdb/manifest.mn40
-rw-r--r--security/nss/lib/certdb/polcyxtn.c806
-rw-r--r--security/nss/lib/certdb/secname.c711
-rw-r--r--security/nss/lib/certdb/stanpcertdb.c1039
-rw-r--r--security/nss/lib/certdb/xauthkid.c128
-rw-r--r--security/nss/lib/certdb/xbsconst.c143
-rw-r--r--security/nss/lib/certdb/xconst.c269
-rw-r--r--security/nss/lib/certdb/xconst.h30
-rw-r--r--security/nss/lib/certhigh/Makefile48
-rw-r--r--security/nss/lib/certhigh/certhigh.c1204
-rw-r--r--security/nss/lib/certhigh/certhigh.gyp31
-rw-r--r--security/nss/lib/certhigh/certhtml.c300
-rw-r--r--security/nss/lib/certhigh/certreq.c331
-rw-r--r--security/nss/lib/certhigh/certvfy.c2082
-rw-r--r--security/nss/lib/certhigh/certvfypkix.c2305
-rw-r--r--security/nss/lib/certhigh/config.mk15
-rw-r--r--security/nss/lib/certhigh/crlv2.c160
-rw-r--r--security/nss/lib/certhigh/exports.gyp33
-rw-r--r--security/nss/lib/certhigh/manifest.mn34
-rw-r--r--security/nss/lib/certhigh/ocsp.c6120
-rw-r--r--security/nss/lib/certhigh/ocsp.h723
-rw-r--r--security/nss/lib/certhigh/ocspi.h166
-rw-r--r--security/nss/lib/certhigh/ocspsig.c597
-rw-r--r--security/nss/lib/certhigh/ocspt.h301
-rw-r--r--security/nss/lib/certhigh/ocspti.h356
-rw-r--r--security/nss/lib/certhigh/xcrldist.c212
-rw-r--r--security/nss/lib/ckfw/Makefile39
-rw-r--r--security/nss/lib/ckfw/builtins/Makefile54
-rw-r--r--security/nss/lib/ckfw/builtins/README45
-rw-r--r--security/nss/lib/ckfw/builtins/anchor.c17
-rw-r--r--security/nss/lib/ckfw/builtins/bfind.c261
-rw-r--r--security/nss/lib/ckfw/builtins/binst.c87
-rw-r--r--security/nss/lib/ckfw/builtins/bobject.c206
-rw-r--r--security/nss/lib/ckfw/builtins/bsession.c71
-rw-r--r--security/nss/lib/ckfw/builtins/bslot.c81
-rw-r--r--security/nss/lib/ckfw/builtins/btoken.c135
-rw-r--r--security/nss/lib/ckfw/builtins/builtins.gyp61
-rw-r--r--security/nss/lib/ckfw/builtins/builtins.h66
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.perl192
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.txt29506
-rw-r--r--security/nss/lib/ckfw/builtins/ckbiver.c18
-rw-r--r--security/nss/lib/ckfw/builtins/config.mk38
-rw-r--r--security/nss/lib/ckfw/builtins/constants.c64
-rw-r--r--security/nss/lib/ckfw/builtins/exports.gyp25
-rw-r--r--security/nss/lib/ckfw/builtins/manifest.mn30
-rw-r--r--security/nss/lib/ckfw/builtins/nssckbi.def26
-rw-r--r--security/nss/lib/ckfw/builtins/nssckbi.h61
-rw-r--r--security/nss/lib/ckfw/builtins/nssckbi.rc64
-rw-r--r--security/nss/lib/ckfw/capi/Makefile75
-rw-r--r--security/nss/lib/ckfw/capi/README7
-rw-r--r--security/nss/lib/ckfw/capi/anchor.c17
-rw-r--r--security/nss/lib/ckfw/capi/cfind.c562
-rw-r--r--security/nss/lib/ckfw/capi/cinst.c97
-rw-r--r--security/nss/lib/ckfw/capi/ckcapi.h242
-rw-r--r--security/nss/lib/ckfw/capi/ckcapiver.c17
-rw-r--r--security/nss/lib/ckfw/capi/cobject.c2226
-rw-r--r--security/nss/lib/ckfw/capi/config.mk31
-rw-r--r--security/nss/lib/ckfw/capi/constants.c63
-rw-r--r--security/nss/lib/ckfw/capi/crsa.c687
-rw-r--r--security/nss/lib/ckfw/capi/csession.c87
-rw-r--r--security/nss/lib/ckfw/capi/cslot.c81
-rw-r--r--security/nss/lib/ckfw/capi/ctoken.c184
-rw-r--r--security/nss/lib/ckfw/capi/manifest.mn33
-rw-r--r--security/nss/lib/ckfw/capi/nsscapi.def26
-rw-r--r--security/nss/lib/ckfw/capi/nsscapi.h41
-rw-r--r--security/nss/lib/ckfw/capi/nsscapi.rc64
-rw-r--r--security/nss/lib/ckfw/capi/staticobj.c40
-rw-r--r--security/nss/lib/ckfw/ck.api541
-rw-r--r--security/nss/lib/ckfw/ck.h88
-rw-r--r--security/nss/lib/ckfw/ckapi.perl434
-rw-r--r--security/nss/lib/ckfw/ckfw.gyp34
-rw-r--r--security/nss/lib/ckfw/ckfw.h2049
-rw-r--r--security/nss/lib/ckfw/ckfwm.h112
-rw-r--r--security/nss/lib/ckfw/ckfwtm.h23
-rw-r--r--security/nss/lib/ckfw/ckmd.h28
-rw-r--r--security/nss/lib/ckfw/ckt.h8
-rw-r--r--security/nss/lib/ckfw/config.mk25
-rw-r--r--security/nss/lib/ckfw/crypto.c318
-rw-r--r--security/nss/lib/ckfw/dbm/Makefile9
-rw-r--r--security/nss/lib/ckfw/dbm/anchor.c17
-rw-r--r--security/nss/lib/ckfw/dbm/ckdbm.h210
-rw-r--r--security/nss/lib/ckfw/dbm/config.mk8
-rw-r--r--security/nss/lib/ckfw/dbm/db.c1069
-rw-r--r--security/nss/lib/ckfw/dbm/find.c126
-rw-r--r--security/nss/lib/ckfw/dbm/instance.c147
-rw-r--r--security/nss/lib/ckfw/dbm/manifest.mn25
-rw-r--r--security/nss/lib/ckfw/dbm/object.c155
-rw-r--r--security/nss/lib/ckfw/dbm/session.c255
-rw-r--r--security/nss/lib/ckfw/dbm/slot.c165
-rw-r--r--security/nss/lib/ckfw/dbm/token.c260
-rw-r--r--security/nss/lib/ckfw/exports.gyp44
-rw-r--r--security/nss/lib/ckfw/find.c362
-rw-r--r--security/nss/lib/ckfw/hash.c280
-rw-r--r--security/nss/lib/ckfw/instance.c1294
-rw-r--r--security/nss/lib/ckfw/manifest.mn53
-rw-r--r--security/nss/lib/ckfw/mechanism.c1102
-rw-r--r--security/nss/lib/ckfw/mutex.c248
-rw-r--r--security/nss/lib/ckfw/nssck.api1854
-rw-r--r--security/nss/lib/ckfw/nssckepv.h10
-rw-r--r--security/nss/lib/ckfw/nssckft.h11
-rw-r--r--security/nss/lib/ckfw/nssckfw.h462
-rw-r--r--security/nss/lib/ckfw/nssckfwc.h879
-rw-r--r--security/nss/lib/ckfw/nssckfwt.h109
-rw-r--r--security/nss/lib/ckfw/nssckg.h10
-rw-r--r--security/nss/lib/ckfw/nssckmdt.h1904
-rw-r--r--security/nss/lib/ckfw/nssckt.h12
-rw-r--r--security/nss/lib/ckfw/nssmkey/Makefile72
-rw-r--r--security/nss/lib/ckfw/nssmkey/README21
-rw-r--r--security/nss/lib/ckfw/nssmkey/ckmk.h182
-rw-r--r--security/nss/lib/ckfw/nssmkey/ckmkver.c17
-rw-r--r--security/nss/lib/ckfw/nssmkey/config.mk24
-rw-r--r--security/nss/lib/ckfw/nssmkey/manchor.c17
-rw-r--r--security/nss/lib/ckfw/nssmkey/manifest.mn33
-rw-r--r--security/nss/lib/ckfw/nssmkey/mconstants.c61
-rw-r--r--security/nss/lib/ckfw/nssmkey/mfind.c352
-rw-r--r--security/nss/lib/ckfw/nssmkey/minst.c97
-rw-r--r--security/nss/lib/ckfw/nssmkey/mobject.c1861
-rw-r--r--security/nss/lib/ckfw/nssmkey/mrsa.c479
-rw-r--r--security/nss/lib/ckfw/nssmkey/msession.c87
-rw-r--r--security/nss/lib/ckfw/nssmkey/mslot.c81
-rw-r--r--security/nss/lib/ckfw/nssmkey/mtoken.c184
-rw-r--r--security/nss/lib/ckfw/nssmkey/nssmkey.def26
-rw-r--r--security/nss/lib/ckfw/nssmkey/nssmkey.h41
-rw-r--r--security/nss/lib/ckfw/nssmkey/staticobj.c36
-rw-r--r--security/nss/lib/ckfw/object.c973
-rw-r--r--security/nss/lib/ckfw/session.c2390
-rw-r--r--security/nss/lib/ckfw/sessobj.c1012
-rw-r--r--security/nss/lib/ckfw/slot.c694
-rw-r--r--security/nss/lib/ckfw/token.c1791
-rw-r--r--security/nss/lib/ckfw/wrap.c5550
-rw-r--r--security/nss/lib/crmf/Makefile49
-rw-r--r--security/nss/lib/crmf/asn1cmn.c216
-rw-r--r--security/nss/lib/crmf/challcli.c238
-rw-r--r--security/nss/lib/crmf/cmmf.h1082
-rw-r--r--security/nss/lib/crmf/cmmfasn1.c131
-rw-r--r--security/nss/lib/crmf/cmmfchal.c289
-rw-r--r--security/nss/lib/crmf/cmmfi.h92
-rw-r--r--security/nss/lib/crmf/cmmfit.h115
-rw-r--r--security/nss/lib/crmf/cmmfrec.c316
-rw-r--r--security/nss/lib/crmf/cmmfresp.c280
-rw-r--r--security/nss/lib/crmf/cmmft.h73
-rw-r--r--security/nss/lib/crmf/config.mk16
-rw-r--r--security/nss/lib/crmf/crmf.gyp43
-rw-r--r--security/nss/lib/crmf/crmf.h1741
-rw-r--r--security/nss/lib/crmf/crmfcont.c1161
-rw-r--r--security/nss/lib/crmf/crmfdec.c360
-rw-r--r--security/nss/lib/crmf/crmfenc.c48
-rw-r--r--security/nss/lib/crmf/crmffut.h357
-rw-r--r--security/nss/lib/crmf/crmfget.c443
-rw-r--r--security/nss/lib/crmf/crmfi.h185
-rw-r--r--security/nss/lib/crmf/crmfit.h185
-rw-r--r--security/nss/lib/crmf/crmfpop.c598
-rw-r--r--security/nss/lib/crmf/crmfreq.c663
-rw-r--r--security/nss/lib/crmf/crmft.h186
-rw-r--r--security/nss/lib/crmf/crmftmpl.c240
-rw-r--r--security/nss/lib/crmf/encutil.c33
-rw-r--r--security/nss/lib/crmf/exports.gyp37
-rw-r--r--security/nss/lib/crmf/manifest.mn46
-rw-r--r--security/nss/lib/crmf/respcli.c136
-rw-r--r--security/nss/lib/crmf/respcmn.c399
-rw-r--r--security/nss/lib/crmf/servget.c974
-rw-r--r--security/nss/lib/cryptohi/Makefile49
-rw-r--r--security/nss/lib/cryptohi/config.mk15
-rw-r--r--security/nss/lib/cryptohi/cryptohi.gyp27
-rw-r--r--security/nss/lib/cryptohi/cryptohi.h364
-rw-r--r--security/nss/lib/cryptohi/cryptoht.h14
-rw-r--r--security/nss/lib/cryptohi/dsautil.c271
-rw-r--r--security/nss/lib/cryptohi/exports.gyp37
-rw-r--r--security/nss/lib/cryptohi/key.h12
-rw-r--r--security/nss/lib/cryptohi/keyhi.h271
-rw-r--r--security/nss/lib/cryptohi/keyi.h22
-rw-r--r--security/nss/lib/cryptohi/keyt.h10
-rw-r--r--security/nss/lib/cryptohi/keythi.h247
-rw-r--r--security/nss/lib/cryptohi/manifest.mn36
-rw-r--r--security/nss/lib/cryptohi/sechash.c438
-rw-r--r--security/nss/lib/cryptohi/sechash.h58
-rw-r--r--security/nss/lib/cryptohi/seckey.c1963
-rw-r--r--security/nss/lib/cryptohi/secsign.c510
-rw-r--r--security/nss/lib/cryptohi/secvfy.c781
-rw-r--r--security/nss/lib/dbm/Makefile52
-rw-r--r--security/nss/lib/dbm/config/config.mk35
-rw-r--r--security/nss/lib/dbm/include/Makefile47
-rw-r--r--security/nss/lib/dbm/include/exports.gyp38
-rw-r--r--security/nss/lib/dbm/include/extern.h63
-rw-r--r--security/nss/lib/dbm/include/hash.h341
-rw-r--r--security/nss/lib/dbm/include/hsearch.h50
-rw-r--r--security/nss/lib/dbm/include/include.gyp12
-rw-r--r--security/nss/lib/dbm/include/manifest.mn23
-rw-r--r--security/nss/lib/dbm/include/mcom_db.h423
-rw-r--r--security/nss/lib/dbm/include/ncompat.h224
-rw-r--r--security/nss/lib/dbm/include/page.h93
-rw-r--r--security/nss/lib/dbm/include/queue.h258
-rw-r--r--security/nss/lib/dbm/include/search.h50
-rw-r--r--security/nss/lib/dbm/include/winfile.h103
-rw-r--r--security/nss/lib/dbm/manifest.mn17
-rw-r--r--security/nss/lib/dbm/src/Makefile48
-rw-r--r--security/nss/lib/dbm/src/config.mk33
-rw-r--r--security/nss/lib/dbm/src/db.c134
-rw-r--r--security/nss/lib/dbm/src/dirent.c344
-rw-r--r--security/nss/lib/dbm/src/dirent.h97
-rw-r--r--security/nss/lib/dbm/src/h_bigkey.c707
-rw-r--r--security/nss/lib/dbm/src/h_func.c207
-rw-r--r--security/nss/lib/dbm/src/h_log2.c54
-rw-r--r--security/nss/lib/dbm/src/h_page.c1252
-rw-r--r--security/nss/lib/dbm/src/hash.c1172
-rw-r--r--security/nss/lib/dbm/src/hash_buf.c407
-rw-r--r--security/nss/lib/dbm/src/manifest.mn28
-rw-r--r--security/nss/lib/dbm/src/memmove.c146
-rw-r--r--security/nss/lib/dbm/src/mktemp.c149
-rw-r--r--security/nss/lib/dbm/src/snprintf.c50
-rw-r--r--security/nss/lib/dbm/src/src.gyp40
-rw-r--r--security/nss/lib/dbm/src/strerror.c73
-rw-r--r--security/nss/lib/dbm/tests/Makefile41
-rw-r--r--security/nss/lib/dbm/tests/dbmtest.pkg2
-rw-r--r--security/nss/lib/dbm/tests/lots.c553
-rw-r--r--security/nss/lib/dev/Makefile24
-rw-r--r--security/nss/lib/dev/ckhelper.c592
-rw-r--r--security/nss/lib/dev/ckhelper.h148
-rw-r--r--security/nss/lib/dev/config.mk19
-rw-r--r--security/nss/lib/dev/dev.gyp26
-rw-r--r--security/nss/lib/dev/dev.h747
-rw-r--r--security/nss/lib/dev/devm.h157
-rw-r--r--security/nss/lib/dev/devslot.c247
-rw-r--r--security/nss/lib/dev/devt.h147
-rw-r--r--security/nss/lib/dev/devtm.h25
-rw-r--r--security/nss/lib/dev/devtoken.c1558
-rw-r--r--security/nss/lib/dev/devutil.c998
-rw-r--r--security/nss/lib/dev/exports.gyp31
-rw-r--r--security/nss/lib/dev/manifest.mn35
-rw-r--r--security/nss/lib/dev/nssdev.h36
-rw-r--r--security/nss/lib/dev/nssdevt.h36
-rw-r--r--security/nss/lib/freebl/Makefile764
-rw-r--r--security/nss/lib/freebl/aeskeywrap.c389
-rw-r--r--security/nss/lib/freebl/alg2268.c509
-rw-r--r--security/nss/lib/freebl/alghmac.c165
-rw-r--r--security/nss/lib/freebl/alghmac.h64
-rw-r--r--security/nss/lib/freebl/arcfive.c87
-rw-r--r--security/nss/lib/freebl/arcfour-amd64-gas.s88
-rw-r--r--security/nss/lib/freebl/arcfour-amd64-masm.asm107
-rw-r--r--security/nss/lib/freebl/arcfour-amd64-sun.s84
-rw-r--r--security/nss/lib/freebl/arcfour.c594
-rw-r--r--security/nss/lib/freebl/blapi.h1625
-rw-r--r--security/nss/lib/freebl/blapii.h61
-rw-r--r--security/nss/lib/freebl/blapit.h414
-rw-r--r--security/nss/lib/freebl/blname.c100
-rw-r--r--security/nss/lib/freebl/camellia.c1896
-rw-r--r--security/nss/lib/freebl/camellia.h42
-rw-r--r--security/nss/lib/freebl/chacha20.c119
-rw-r--r--security/nss/lib/freebl/chacha20.h26
-rw-r--r--security/nss/lib/freebl/chacha20_vec.c327
-rw-r--r--security/nss/lib/freebl/chacha20poly1305.c198
-rw-r--r--security/nss/lib/freebl/chacha20poly1305.h15
-rw-r--r--security/nss/lib/freebl/config.mk97
-rw-r--r--security/nss/lib/freebl/ctr.c246
-rw-r--r--security/nss/lib/freebl/ctr.h53
-rw-r--r--security/nss/lib/freebl/cts.c307
-rw-r--r--security/nss/lib/freebl/cts.h33
-rw-r--r--security/nss/lib/freebl/des.c676
-rw-r--r--security/nss/lib/freebl/des.h43
-rw-r--r--security/nss/lib/freebl/desblapi.c256
-rw-r--r--security/nss/lib/freebl/det_rng.c67
-rw-r--r--security/nss/lib/freebl/det_rng.h12
-rw-r--r--security/nss/lib/freebl/dh.c452
-rw-r--r--security/nss/lib/freebl/drbg.c968
-rw-r--r--security/nss/lib/freebl/dsa.c647
-rw-r--r--security/nss/lib/freebl/ec.c1159
-rw-r--r--security/nss/lib/freebl/ec.h21
-rw-r--r--security/nss/lib/freebl/ecdecode.c311
-rw-r--r--security/nss/lib/freebl/ecl/README267
-rw-r--r--security/nss/lib/freebl/ecl/curve25519_32.c390
-rw-r--r--security/nss/lib/freebl/ecl/curve25519_64.c514
-rw-r--r--security/nss/lib/freebl/ecl/ec_naf.c68
-rw-r--r--security/nss/lib/freebl/ecl/ecl-curve.h123
-rw-r--r--security/nss/lib/freebl/ecl/ecl-exp.h167
-rw-r--r--security/nss/lib/freebl/ecl/ecl-priv.h257
-rw-r--r--security/nss/lib/freebl/ecl/ecl.c301
-rw-r--r--security/nss/lib/freebl/ecl/ecl.h60
-rw-r--r--security/nss/lib/freebl/ecl/ecl_curve.c93
-rw-r--r--security/nss/lib/freebl/ecl/ecl_gf.c958
-rw-r--r--security/nss/lib/freebl/ecl/ecl_mult.c305
-rw-r--r--security/nss/lib/freebl/ecl/ecp.h106
-rw-r--r--security/nss/lib/freebl/ecl/ecp_25519.c120
-rw-r--r--security/nss/lib/freebl/ecl/ecp_256.c401
-rw-r--r--security/nss/lib/freebl/ecl/ecp_256_32.c1535
-rw-r--r--security/nss/lib/freebl/ecl/ecp_384.c258
-rw-r--r--security/nss/lib/freebl/ecl/ecp_521.c137
-rw-r--r--security/nss/lib/freebl/ecl/ecp_aff.c308
-rw-r--r--security/nss/lib/freebl/ecl/ecp_jac.c513
-rw-r--r--security/nss/lib/freebl/ecl/ecp_jm.c283
-rw-r--r--security/nss/lib/freebl/ecl/ecp_mont.c154
-rw-r--r--security/nss/lib/freebl/ecl/tests/ec_naft.c121
-rw-r--r--security/nss/lib/freebl/ecl/tests/ecp_test.c409
-rw-r--r--security/nss/lib/freebl/ecl/uint128.c87
-rw-r--r--security/nss/lib/freebl/ecl/uint128.h35
-rw-r--r--security/nss/lib/freebl/exports.gyp48
-rw-r--r--security/nss/lib/freebl/fipsfreebl.c1715
-rw-r--r--security/nss/lib/freebl/freebl.def26
-rw-r--r--security/nss/lib/freebl/freebl.gyp408
-rw-r--r--security/nss/lib/freebl/freebl.rc68
-rw-r--r--security/nss/lib/freebl/freebl_hash.def39
-rw-r--r--security/nss/lib/freebl/freebl_hash_vector.def34
-rw-r--r--security/nss/lib/freebl/freeblver.c18
-rw-r--r--security/nss/lib/freebl/gcm.c860
-rw-r--r--security/nss/lib/freebl/gcm.h31
-rw-r--r--security/nss/lib/freebl/genload.c167
-rw-r--r--security/nss/lib/freebl/hmacct.c335
-rw-r--r--security/nss/lib/freebl/hmacct.h38
-rw-r--r--security/nss/lib/freebl/intel-aes-x64-masm.asm971
-rw-r--r--security/nss/lib/freebl/intel-aes-x86-masm.asm949
-rw-r--r--security/nss/lib/freebl/intel-aes.h143
-rw-r--r--security/nss/lib/freebl/intel-aes.s2514
-rw-r--r--security/nss/lib/freebl/intel-gcm-wrap.c254
-rw-r--r--security/nss/lib/freebl/intel-gcm-x64-masm.asm1295
-rw-r--r--security/nss/lib/freebl/intel-gcm-x86-masm.asm1209
-rw-r--r--security/nss/lib/freebl/intel-gcm.h83
-rw-r--r--security/nss/lib/freebl/intel-gcm.s1340
-rw-r--r--security/nss/lib/freebl/jpake.c495
-rw-r--r--security/nss/lib/freebl/ldvector.c353
-rw-r--r--security/nss/lib/freebl/loader.c2126
-rw-r--r--security/nss/lib/freebl/loader.h788
-rw-r--r--security/nss/lib/freebl/lowhash_vector.c217
-rw-r--r--security/nss/lib/freebl/manifest.mn195
-rw-r--r--security/nss/lib/freebl/md2.c269
-rw-r--r--security/nss/lib/freebl/md5.c598
-rw-r--r--security/nss/lib/freebl/mknewpc2.c208
-rw-r--r--security/nss/lib/freebl/mksp.c119
-rw-r--r--security/nss/lib/freebl/mpi/Makefile244
-rw-r--r--security/nss/lib/freebl/mpi/Makefile.os2243
-rw-r--r--security/nss/lib/freebl/mpi/Makefile.win254
-rw-r--r--security/nss/lib/freebl/mpi/README749
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/all-tests83
-rw-r--r--security/nss/lib/freebl/mpi/doc/LICENSE11
-rw-r--r--security/nss/lib/freebl/mpi/doc/LICENSE-MPL3
-rw-r--r--security/nss/lib/freebl/mpi/doc/basecvt.pod65
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/doc/build30
-rw-r--r--security/nss/lib/freebl/mpi/doc/div.txt64
-rw-r--r--security/nss/lib/freebl/mpi/doc/expt.txt94
-rw-r--r--security/nss/lib/freebl/mpi/doc/gcd.pod28
-rw-r--r--security/nss/lib/freebl/mpi/doc/invmod.pod34
-rw-r--r--security/nss/lib/freebl/mpi/doc/isprime.pod63
-rw-r--r--security/nss/lib/freebl/mpi/doc/lap.pod36
-rw-r--r--security/nss/lib/freebl/mpi/doc/mpi-test.pod51
-rw-r--r--security/nss/lib/freebl/mpi/doc/mul.txt77
-rw-r--r--security/nss/lib/freebl/mpi/doc/pi.txt53
-rw-r--r--security/nss/lib/freebl/mpi/doc/prime.txt6542
-rw-r--r--security/nss/lib/freebl/mpi/doc/prng.pod38
-rw-r--r--security/nss/lib/freebl/mpi/doc/redux.txt86
-rw-r--r--security/nss/lib/freebl/mpi/doc/sqrt.txt50
-rw-r--r--security/nss/lib/freebl/mpi/doc/square.txt72
-rw-r--r--security/nss/lib/freebl/mpi/doc/timing.txt213
-rw-r--r--security/nss/lib/freebl/mpi/hpma512.s615
-rw-r--r--security/nss/lib/freebl/mpi/hppa20.s904
-rw-r--r--security/nss/lib/freebl/mpi/hppatch.adb21
-rw-r--r--security/nss/lib/freebl/mpi/logtab.h28
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/make-logtab29
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/make-test-arrays98
-rw-r--r--security/nss/lib/freebl/mpi/mdxptest.c306
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.c286
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.h65
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.il108
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.s1938
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv8.il108
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv8.s1818
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv9.il93
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv9.s2346
-rw-r--r--security/nss/lib/freebl/mpi/mp_comba.c3235
-rw-r--r--security/nss/lib/freebl/mpi/mp_comba_amd64_masm.asm13066
-rw-r--r--security/nss/lib/freebl/mpi/mp_comba_amd64_sun.s16097
-rw-r--r--security/nss/lib/freebl/mpi/mp_gf2m-priv.h73
-rw-r--r--security/nss/lib/freebl/mpi/mp_gf2m.c678
-rw-r--r--security/nss/lib/freebl/mpi/mp_gf2m.h28
-rw-r--r--security/nss/lib/freebl/mpi/mpcpucache.c808
-rw-r--r--security/nss/lib/freebl/mpi/mpcpucache_amd64.s861
-rw-r--r--security/nss/lib/freebl/mpi/mpcpucache_x86.s902
-rw-r--r--security/nss/lib/freebl/mpi/mpi-config.h68
-rw-r--r--security/nss/lib/freebl/mpi/mpi-priv.h243
-rw-r--r--security/nss/lib/freebl/mpi/mpi.c4839
-rw-r--r--security/nss/lib/freebl/mpi/mpi.h313
-rw-r--r--security/nss/lib/freebl/mpi/mpi_amd64.c32
-rw-r--r--security/nss/lib/freebl/mpi/mpi_amd64_gas.s389
-rw-r--r--security/nss/lib/freebl/mpi/mpi_amd64_masm.asm388
-rw-r--r--security/nss/lib/freebl/mpi/mpi_amd64_sun.s385
-rw-r--r--security/nss/lib/freebl/mpi/mpi_arm.c175
-rw-r--r--security/nss/lib/freebl/mpi/mpi_hp.c81
-rw-r--r--security/nss/lib/freebl/mpi/mpi_i86pc.s313
-rw-r--r--security/nss/lib/freebl/mpi/mpi_mips.s472
-rw-r--r--security/nss/lib/freebl/mpi/mpi_sparc.c226
-rw-r--r--security/nss/lib/freebl/mpi/mpi_sse2.s294
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86.s541
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86_asm.c531
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86_os2.s538
-rw-r--r--security/nss/lib/freebl/mpi/mplogic.c443
-rw-r--r--security/nss/lib/freebl/mpi/mplogic.h52
-rw-r--r--security/nss/lib/freebl/mpi/mpmontg.c1141
-rw-r--r--security/nss/lib/freebl/mpi/mpprime.c599
-rw-r--r--security/nss/lib/freebl/mpi/mpprime.h38
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparc.c221
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparcv8.s1607
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparcv9.s1645
-rw-r--r--security/nss/lib/freebl/mpi/mpvalpha.c183
-rw-r--r--security/nss/lib/freebl/mpi/mulsqr.c84
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/multest76
-rw-r--r--security/nss/lib/freebl/mpi/primes.c841
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/stats39
-rw-r--r--security/nss/lib/freebl/mpi/target.mk233
-rw-r--r--security/nss/lib/freebl/mpi/test-arrays.txt55
-rw-r--r--security/nss/lib/freebl/mpi/tests/LICENSE6
-rw-r--r--security/nss/lib/freebl/mpi/tests/LICENSE-MPL3
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-1.c43
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-2.c62
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-3.c105
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-3a.c123
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4.c111
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4a.c109
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4b.c107
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-5.c85
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-5a.c147
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-6.c78
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-7.c85
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-8.c68
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-9.c109
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-b.c230
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi1k.txt1
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi2k.txt1
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi5k.txt1
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/timetest99
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/types.pl127
-rw-r--r--security/nss/lib/freebl/mpi/utils/LICENSE4
-rw-r--r--security/nss/lib/freebl/mpi/utils/LICENSE-MPL3
-rw-r--r--security/nss/lib/freebl/mpi/utils/PRIMES41
-rw-r--r--security/nss/lib/freebl/mpi/utils/README206
-rw-r--r--security/nss/lib/freebl/mpi/utils/basecvt.c68
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbs_rand.c65
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbs_rand.h24
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbsrand.c35
-rw-r--r--security/nss/lib/freebl/mpi/utils/dec2hex.c40
-rw-r--r--security/nss/lib/freebl/mpi/utils/exptmod.c55
-rw-r--r--security/nss/lib/freebl/mpi/utils/fact.c84
-rw-r--r--security/nss/lib/freebl/mpi/utils/gcd.c95
-rw-r--r--security/nss/lib/freebl/mpi/utils/hex2dec.c40
-rw-r--r--security/nss/lib/freebl/mpi/utils/identest.c84
-rw-r--r--security/nss/lib/freebl/mpi/utils/invmod.c61
-rw-r--r--security/nss/lib/freebl/mpi/utils/isprime.c89
-rw-r--r--security/nss/lib/freebl/mpi/utils/lap.c90
-rw-r--r--security/nss/lib/freebl/mpi/utils/makeprime.c116
-rw-r--r--security/nss/lib/freebl/mpi/utils/metime.c102
-rw-r--r--security/nss/lib/freebl/mpi/utils/pi.c171
-rw-r--r--security/nss/lib/freebl/mpi/utils/primegen.c159
-rw-r--r--security/nss/lib/freebl/mpi/utils/prng.c57
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/utils/ptab.pl26
-rw-r--r--security/nss/lib/freebl/mpi/utils/sieve.c243
-rw-r--r--security/nss/lib/freebl/mpi/vis_32.il1291
-rw-r--r--security/nss/lib/freebl/mpi/vis_64.il997
-rw-r--r--security/nss/lib/freebl/mpi/vis_proto.h234
-rw-r--r--security/nss/lib/freebl/nsslowhash.c150
-rw-r--r--security/nss/lib/freebl/nsslowhash.h33
-rw-r--r--security/nss/lib/freebl/os2_rand.c334
-rw-r--r--security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c881
-rw-r--r--security/nss/lib/freebl/poly1305.c314
-rw-r--r--security/nss/lib/freebl/poly1305.h28
-rw-r--r--security/nss/lib/freebl/pqg.c1878
-rw-r--r--security/nss/lib/freebl/pqg.h25
-rw-r--r--security/nss/lib/freebl/rawhash.c154
-rw-r--r--security/nss/lib/freebl/ret_cr16.s27
-rw-r--r--security/nss/lib/freebl/rijndael.c1375
-rw-r--r--security/nss/lib/freebl/rijndael.h67
-rw-r--r--security/nss/lib/freebl/rijndael32.tab1219
-rw-r--r--security/nss/lib/freebl/rijndael_tables.c215
-rw-r--r--security/nss/lib/freebl/rsa.c1625
-rw-r--r--security/nss/lib/freebl/rsapkcs.c1385
-rw-r--r--security/nss/lib/freebl/secmpi.h54
-rw-r--r--security/nss/lib/freebl/secrng.h65
-rw-r--r--security/nss/lib/freebl/seed.c641
-rw-r--r--security/nss/lib/freebl/seed.h125
-rw-r--r--security/nss/lib/freebl/sha-fast-amd64-sun.s2151
-rw-r--r--security/nss/lib/freebl/sha256.h19
-rw-r--r--security/nss/lib/freebl/sha512.c1655
-rw-r--r--security/nss/lib/freebl/sha_fast.c545
-rw-r--r--security/nss/lib/freebl/sha_fast.h176
-rw-r--r--security/nss/lib/freebl/shsign.h14
-rw-r--r--security/nss/lib/freebl/shvfy.c534
-rw-r--r--security/nss/lib/freebl/stubs.c711
-rw-r--r--security/nss/lib/freebl/stubs.h66
-rw-r--r--security/nss/lib/freebl/sysrand.c49
-rw-r--r--security/nss/lib/freebl/tlsprfalg.c134
-rw-r--r--security/nss/lib/freebl/unix_rand.c1176
-rw-r--r--security/nss/lib/freebl/win_rand.c161
-rw-r--r--security/nss/lib/jar/Makefile11
-rw-r--r--security/nss/lib/jar/config.mk26
-rw-r--r--security/nss/lib/jar/exports.gyp27
-rw-r--r--security/nss/lib/jar/jar-ds.c36
-rw-r--r--security/nss/lib/jar/jar-ds.h77
-rw-r--r--security/nss/lib/jar/jar.c687
-rw-r--r--security/nss/lib/jar/jar.gyp76
-rw-r--r--security/nss/lib/jar/jar.h372
-rw-r--r--security/nss/lib/jar/jarfile.c966
-rw-r--r--security/nss/lib/jar/jarfile.h76
-rw-r--r--security/nss/lib/jar/jarint.c52
-rw-r--r--security/nss/lib/jar/jarint.h54
-rw-r--r--security/nss/lib/jar/jarnav.c63
-rw-r--r--security/nss/lib/jar/jarsign.c250
-rw-r--r--security/nss/lib/jar/jarver.c1167
-rw-r--r--security/nss/lib/jar/jzconf.h189
-rw-r--r--security/nss/lib/jar/jzlib.h916
-rw-r--r--security/nss/lib/jar/manifest.mn25
-rwxr-xr-xsecurity/nss/lib/libpkix/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/config.mk16
-rwxr-xr-xsecurity/nss/lib/libpkix/include/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/include/config.mk15
-rw-r--r--security/nss/lib/libpkix/include/exports.gyp38
-rw-r--r--security/nss/lib/libpkix/include/include.gyp12
-rwxr-xr-xsecurity/nss/lib/libpkix/include/manifest.mn32
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix.h301
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_certsel.h1826
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_certstore.h714
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_checker.h394
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_crlsel.h759
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_errorstrings.h1099
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_params.h1793
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_pl_pki.h2735
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_pl_system.h1545
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_results.h425
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_revchecker.h215
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_sample_modules.h420
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_util.h941
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkixt.h485
-rwxr-xr-xsecurity/nss/lib/libpkix/manifest.mn13
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/Makefile48
-rw-r--r--security/nss/lib/libpkix/pkix/certsel/certsel.gyp24
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/certsel/exports.gyp26
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/manifest.mn23
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/pkix_certselector.c1637
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/pkix_certselector.h41
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.c1188
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.h57
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/Makefile48
-rw-r--r--security/nss/lib/libpkix/pkix/checker/checker.gyp35
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/checker/exports.gyp37
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/manifest.mn45
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c306
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.h42
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c322
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.h36
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.c438
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.h68
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.c328
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.h92
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.c113
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.h30
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.c121
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.h30
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.c308
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.h43
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.c419
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.h67
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_policychecker.c2783
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_policychecker.h73
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c475
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.h151
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.c66
-rw-r--r--security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.h81
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c443
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.h44
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.c516
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.h47
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/config.mk15
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/crlsel/crlsel.gyp24
-rw-r--r--security/nss/lib/libpkix/pkix/crlsel/exports.gyp26
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/manifest.mn23
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.c826
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.h38
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.c870
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.h40
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/manifest.mn11
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/params/exports.gyp28
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/manifest.mn27
-rw-r--r--security/nss/lib/libpkix/pkix/params/params.gyp26
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_procparams.c1417
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_procparams.h50
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_resourcelimits.c433
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_resourcelimits.h36
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_trustanchor.c525
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_trustanchor.h35
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_valparams.c335
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/params/pkix_valparams.h33
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/results/exports.gyp28
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/manifest.mn27
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_buildresult.c362
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_buildresult.h40
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_policynode.c1377
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_policynode.h74
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_valresult.c442
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_valresult.h43
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_verifynode.c1182
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_verifynode.h75
-rw-r--r--security/nss/lib/libpkix/pkix/results/results.gyp26
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/store/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/store/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/store/exports.gyp25
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/store/manifest.mn21
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/store/pkix_store.c415
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/store/pkix_store.h41
-rw-r--r--security/nss/lib/libpkix/pkix/store/store.gyp23
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/top/exports.gyp27
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/manifest.mn25
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_build.c3763
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_build.h120
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_lifecycle.c210
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_lifecycle.h23
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_validate.c1451
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_validate.h42
-rw-r--r--security/nss/lib/libpkix/pkix/top/top.gyp25
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix/util/exports.gyp28
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/manifest.mn28
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_error.c565
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_error.h36
-rw-r--r--security/nss/lib/libpkix/pkix/util/pkix_errpaths.c103
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_list.c1701
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_list.h95
-rw-r--r--security/nss/lib/libpkix/pkix/util/pkix_logger.c1088
-rw-r--r--security/nss/lib/libpkix/pkix/util/pkix_logger.h57
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_tools.c1519
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_tools.h1588
-rw-r--r--security/nss/lib/libpkix/pkix/util/util.gyp27
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/config.mk15
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/manifest.mn11
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/Makefile48
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/config.mk35
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/exports.gyp36
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/manifest.mn38
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/module.gyp41
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c699
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h65
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c1282
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.h34
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c1147
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.h62
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c1654
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.h139
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.c1116
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.h75
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.c2493
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.h82
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.c757
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.h86
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.c786
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.h96
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapt.h314
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaptemplates.c417
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c319
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h52
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c1039
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.h31
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c1695
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.h209
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/pki/Makefile49
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/pki/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/exports.gyp41
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/pki/manifest.mn53
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pki.gyp39
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.c407
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.h47
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c3714
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h107
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.c371
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.h50
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c386
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.h49
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.c365
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.h52
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c1068
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.h48
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.c151
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.h53
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c880
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.h46
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.c466
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.h55
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.c873
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.h49
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c874
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h49
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.c1274
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.h68
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.c251
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.h53
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.c441
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.h61
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c1067
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.h106
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.c489
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.h38
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.c667
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.h74
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/Makefile49
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/config.mk15
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/system/exports.gyp37
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/manifest.mn46
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.c398
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.h40
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.c504
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.h40
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.c1073
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h159
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_error.c26
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.c383
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.h29
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c279
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h91
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.c168
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.h24
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.c136
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.h33
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.c163
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.h33
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.c1440
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.h76
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c316
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.h39
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.c584
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.h102
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.c217
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.h35
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.c621
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.h37
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/system/system.gyp36
-rw-r--r--security/nss/lib/manifest.mn62
-rw-r--r--security/nss/lib/nss/Makefile46
-rw-r--r--security/nss/lib/nss/config.mk114
-rw-r--r--security/nss/lib/nss/exports.gyp32
-rw-r--r--security/nss/lib/nss/manifest.mn31
-rw-r--r--security/nss/lib/nss/nss.def1099
-rw-r--r--security/nss/lib/nss/nss.gyp83
-rw-r--r--security/nss/lib/nss/nss.h322
-rw-r--r--security/nss/lib/nss/nss.rc68
-rw-r--r--security/nss/lib/nss/nssinit.c1372
-rw-r--r--security/nss/lib/nss/nssoptions.c104
-rw-r--r--security/nss/lib/nss/nssoptions.h20
-rw-r--r--security/nss/lib/nss/nssrenam.h15
-rw-r--r--security/nss/lib/nss/nssver.c18
-rw-r--r--security/nss/lib/nss/pkixpriv.def322
-rw-r--r--security/nss/lib/nss/utilwrap.c870
-rw-r--r--security/nss/lib/pk11wrap/Makefile62
-rw-r--r--security/nss/lib/pk11wrap/config.mk15
-rw-r--r--security/nss/lib/pk11wrap/debug_module.c2760
-rw-r--r--security/nss/lib/pk11wrap/dev3hack.c279
-rw-r--r--security/nss/lib/pk11wrap/dev3hack.h30
-rw-r--r--security/nss/lib/pk11wrap/exports.gyp39
-rw-r--r--security/nss/lib/pk11wrap/manifest.mn63
-rw-r--r--security/nss/lib/pk11wrap/pk11akey.c2525
-rw-r--r--security/nss/lib/pk11wrap/pk11auth.c807
-rw-r--r--security/nss/lib/pk11wrap/pk11cert.c2744
-rw-r--r--security/nss/lib/pk11wrap/pk11cxt.c1019
-rw-r--r--security/nss/lib/pk11wrap/pk11err.c141
-rw-r--r--security/nss/lib/pk11wrap/pk11func.h15
-rw-r--r--security/nss/lib/pk11wrap/pk11kea.c140
-rw-r--r--security/nss/lib/pk11wrap/pk11list.c99
-rw-r--r--security/nss/lib/pk11wrap/pk11load.c643
-rw-r--r--security/nss/lib/pk11wrap/pk11mech.c1913
-rw-r--r--security/nss/lib/pk11wrap/pk11merge.c1432
-rw-r--r--security/nss/lib/pk11wrap/pk11nobj.c791
-rw-r--r--security/nss/lib/pk11wrap/pk11obj.c2098
-rw-r--r--security/nss/lib/pk11wrap/pk11pars.c1796
-rw-r--r--security/nss/lib/pk11wrap/pk11pbe.c1433
-rw-r--r--security/nss/lib/pk11wrap/pk11pk12.c669
-rw-r--r--security/nss/lib/pk11wrap/pk11pqg.c522
-rw-r--r--security/nss/lib/pk11wrap/pk11pqg.h135
-rw-r--r--security/nss/lib/pk11wrap/pk11priv.h187
-rw-r--r--security/nss/lib/pk11wrap/pk11pub.h879
-rw-r--r--security/nss/lib/pk11wrap/pk11sdr.c437
-rw-r--r--security/nss/lib/pk11wrap/pk11sdr.h28
-rw-r--r--security/nss/lib/pk11wrap/pk11skey.c2770
-rw-r--r--security/nss/lib/pk11wrap/pk11slot.c2484
-rw-r--r--security/nss/lib/pk11wrap/pk11util.c1629
-rw-r--r--security/nss/lib/pk11wrap/pk11wrap.gyp51
-rw-r--r--security/nss/lib/pk11wrap/secmod.h167
-rw-r--r--security/nss/lib/pk11wrap/secmodi.h170
-rw-r--r--security/nss/lib/pk11wrap/secmodt.h444
-rw-r--r--security/nss/lib/pk11wrap/secmodti.h183
-rw-r--r--security/nss/lib/pk11wrap/secpkcs5.h61
-rw-r--r--security/nss/lib/pkcs12/Makefile49
-rw-r--r--security/nss/lib/pkcs12/config.mk16
-rw-r--r--security/nss/lib/pkcs12/exports.gyp29
-rw-r--r--security/nss/lib/pkcs12/manifest.mn31
-rw-r--r--security/nss/lib/pkcs12/p12.h236
-rw-r--r--security/nss/lib/pkcs12/p12creat.c218
-rw-r--r--security/nss/lib/pkcs12/p12d.c3576
-rw-r--r--security/nss/lib/pkcs12/p12dec.c670
-rw-r--r--security/nss/lib/pkcs12/p12e.c2067
-rw-r--r--security/nss/lib/pkcs12/p12exp.c1374
-rw-r--r--security/nss/lib/pkcs12/p12local.c1341
-rw-r--r--security/nss/lib/pkcs12/p12local.h58
-rw-r--r--security/nss/lib/pkcs12/p12plcy.c122
-rw-r--r--security/nss/lib/pkcs12/p12plcy.h25
-rw-r--r--security/nss/lib/pkcs12/p12t.h155
-rw-r--r--security/nss/lib/pkcs12/p12tmpl.c290
-rw-r--r--security/nss/lib/pkcs12/pkcs12.gyp29
-rw-r--r--security/nss/lib/pkcs12/pkcs12.h41
-rw-r--r--security/nss/lib/pkcs12/pkcs12t.h341
-rw-r--r--security/nss/lib/pkcs7/Makefile48
-rw-r--r--security/nss/lib/pkcs7/certread.c528
-rw-r--r--security/nss/lib/pkcs7/config.mk14
-rw-r--r--security/nss/lib/pkcs7/exports.gyp33
-rw-r--r--security/nss/lib/pkcs7/manifest.mn33
-rw-r--r--security/nss/lib/pkcs7/p7common.c663
-rw-r--r--security/nss/lib/pkcs7/p7create.c1247
-rw-r--r--security/nss/lib/pkcs7/p7decode.c1914
-rw-r--r--security/nss/lib/pkcs7/p7encode.c1079
-rw-r--r--security/nss/lib/pkcs7/p7local.c1310
-rw-r--r--security/nss/lib/pkcs7/p7local.h137
-rw-r--r--security/nss/lib/pkcs7/pkcs7.gyp29
-rw-r--r--security/nss/lib/pkcs7/pkcs7t.h233
-rw-r--r--security/nss/lib/pkcs7/secmime.c800
-rw-r--r--security/nss/lib/pkcs7/secmime.h160
-rw-r--r--security/nss/lib/pkcs7/secpkcs7.h606
-rw-r--r--security/nss/lib/pki/Makefile11
-rw-r--r--security/nss/lib/pki/asymmkey.c361
-rw-r--r--security/nss/lib/pki/certdecode.c60
-rw-r--r--security/nss/lib/pki/certificate.c1101
-rw-r--r--security/nss/lib/pki/config.mk19
-rw-r--r--security/nss/lib/pki/cryptocontext.c911
-rw-r--r--security/nss/lib/pki/doc/standiag.pngbin0 -> 20475 bytes
-rw-r--r--security/nss/lib/pki/doc/standoc.html442
-rw-r--r--security/nss/lib/pki/exports.gyp32
-rw-r--r--security/nss/lib/pki/manifest.mn45
-rw-r--r--security/nss/lib/pki/nsspki.h2779
-rw-r--r--security/nss/lib/pki/nsspkit.h247
-rw-r--r--security/nss/lib/pki/pki.gyp32
-rw-r--r--security/nss/lib/pki/pki.h141
-rw-r--r--security/nss/lib/pki/pki3hack.c1441
-rw-r--r--security/nss/lib/pki/pki3hack.h149
-rw-r--r--security/nss/lib/pki/pkibase.c1222
-rw-r--r--security/nss/lib/pki/pkim.h547
-rw-r--r--security/nss/lib/pki/pkistore.c675
-rw-r--r--security/nss/lib/pki/pkistore.h138
-rw-r--r--security/nss/lib/pki/pkit.h183
-rw-r--r--security/nss/lib/pki/pkitm.h88
-rw-r--r--security/nss/lib/pki/symmkey.c238
-rw-r--r--security/nss/lib/pki/tdcache.c1106
-rw-r--r--security/nss/lib/pki/trustdomain.c1192
-rw-r--r--security/nss/lib/smime/Makefile48
-rw-r--r--security/nss/lib/smime/cms.h1153
-rw-r--r--security/nss/lib/smime/cmsarray.c186
-rw-r--r--security/nss/lib/smime/cmsasn1.c491
-rw-r--r--security/nss/lib/smime/cmsattr.c425
-rw-r--r--security/nss/lib/smime/cmscinfo.c375
-rw-r--r--security/nss/lib/smime/cmscipher.c722
-rw-r--r--security/nss/lib/smime/cmsdecode.c738
-rw-r--r--security/nss/lib/smime/cmsdigdata.c210
-rw-r--r--security/nss/lib/smime/cmsdigest.c259
-rw-r--r--security/nss/lib/smime/cmsencdata.c260
-rw-r--r--security/nss/lib/smime/cmsencode.c763
-rw-r--r--security/nss/lib/smime/cmsenvdata.c398
-rw-r--r--security/nss/lib/smime/cmslocal.h351
-rw-r--r--security/nss/lib/smime/cmsmessage.c293
-rw-r--r--security/nss/lib/smime/cmspubkey.c285
-rw-r--r--security/nss/lib/smime/cmsrecinfo.c669
-rw-r--r--security/nss/lib/smime/cmsreclist.c170
-rw-r--r--security/nss/lib/smime/cmsreclist.h27
-rw-r--r--security/nss/lib/smime/cmssigdata.c1141
-rw-r--r--security/nss/lib/smime/cmssiginfo.c1024
-rw-r--r--security/nss/lib/smime/cmst.h491
-rw-r--r--security/nss/lib/smime/cmsudf.c440
-rw-r--r--security/nss/lib/smime/cmsutil.c367
-rw-r--r--security/nss/lib/smime/config.mk63
-rw-r--r--security/nss/lib/smime/exports.gyp34
-rw-r--r--security/nss/lib/smime/manifest.mn51
-rw-r--r--security/nss/lib/smime/smime.def287
-rw-r--r--security/nss/lib/smime/smime.gyp80
-rw-r--r--security/nss/lib/smime/smime.h141
-rw-r--r--security/nss/lib/smime/smime.rc68
-rw-r--r--security/nss/lib/smime/smimemessage.c183
-rw-r--r--security/nss/lib/smime/smimesym.c12
-rw-r--r--security/nss/lib/smime/smimeutil.c776
-rw-r--r--security/nss/lib/smime/smimever.c18
-rw-r--r--security/nss/lib/softoken/Makefile78
-rw-r--r--security/nss/lib/softoken/config.mk63
-rw-r--r--security/nss/lib/softoken/exports.gyp38
-rw-r--r--security/nss/lib/softoken/fipsaudt.c321
-rw-r--r--security/nss/lib/softoken/fipstest.c654
-rw-r--r--security/nss/lib/softoken/fipstokn.c1656
-rw-r--r--security/nss/lib/softoken/jpakesftk.c359
-rw-r--r--security/nss/lib/softoken/legacydb/Makefile62
-rw-r--r--security/nss/lib/softoken/legacydb/cdbhdl.h51
-rw-r--r--security/nss/lib/softoken/legacydb/config.mk57
-rw-r--r--security/nss/lib/softoken/legacydb/dbmshim.c600
-rw-r--r--security/nss/lib/softoken/legacydb/keydb.c2250
-rw-r--r--security/nss/lib/softoken/legacydb/keydbi.h52
-rw-r--r--security/nss/lib/softoken/legacydb/legacydb.gyp66
-rw-r--r--security/nss/lib/softoken/legacydb/lgattr.c1792
-rw-r--r--security/nss/lib/softoken/legacydb/lgcreate.c1017
-rw-r--r--security/nss/lib/softoken/legacydb/lgdb.h175
-rw-r--r--security/nss/lib/softoken/legacydb/lgdestroy.c110
-rw-r--r--security/nss/lib/softoken/legacydb/lgfind.c912
-rw-r--r--security/nss/lib/softoken/legacydb/lgfips.c115
-rw-r--r--security/nss/lib/softoken/legacydb/lginit.c660
-rw-r--r--security/nss/lib/softoken/legacydb/lgutil.c399
-rw-r--r--security/nss/lib/softoken/legacydb/lowcert.c856
-rw-r--r--security/nss/lib/softoken/legacydb/lowkey.c395
-rw-r--r--security/nss/lib/softoken/legacydb/lowkeyi.h151
-rw-r--r--security/nss/lib/softoken/legacydb/lowkeyti.h132
-rw-r--r--security/nss/lib/softoken/legacydb/manifest.mn32
-rw-r--r--security/nss/lib/softoken/legacydb/nssdbm.def31
-rw-r--r--security/nss/lib/softoken/legacydb/nssdbm.rc68
-rw-r--r--security/nss/lib/softoken/legacydb/pcert.h228
-rw-r--r--security/nss/lib/softoken/legacydb/pcertdb.c5333
-rw-r--r--security/nss/lib/softoken/legacydb/pcertt.h418
-rw-r--r--security/nss/lib/softoken/legacydb/pk11db.c731
-rw-r--r--security/nss/lib/softoken/lgglue.c408
-rw-r--r--security/nss/lib/softoken/lgglue.h59
-rw-r--r--security/nss/lib/softoken/lowkey.c500
-rw-r--r--security/nss/lib/softoken/lowkeyi.h71
-rw-r--r--security/nss/lib/softoken/lowkeyti.h93
-rw-r--r--security/nss/lib/softoken/lowpbe.c1363
-rw-r--r--security/nss/lib/softoken/lowpbe.h107
-rw-r--r--security/nss/lib/softoken/manifest.mn61
-rw-r--r--security/nss/lib/softoken/padbuf.c49
-rw-r--r--security/nss/lib/softoken/pkcs11.c4930
-rw-r--r--security/nss/lib/softoken/pkcs11c.c7797
-rw-r--r--security/nss/lib/softoken/pkcs11i.h763
-rw-r--r--security/nss/lib/softoken/pkcs11ni.h20
-rw-r--r--security/nss/lib/softoken/pkcs11u.c1994
-rw-r--r--security/nss/lib/softoken/sdb.c2107
-rw-r--r--security/nss/lib/softoken/sdb.h93
-rw-r--r--security/nss/lib/softoken/sftkdb.c2716
-rw-r--r--security/nss/lib/softoken/sftkdb.h71
-rw-r--r--security/nss/lib/softoken/sftkdbt.h12
-rw-r--r--security/nss/lib/softoken/sftkdbti.h58
-rw-r--r--security/nss/lib/softoken/sftkhmac.c190
-rw-r--r--security/nss/lib/softoken/sftkpars.c251
-rw-r--r--security/nss/lib/softoken/sftkpars.h14
-rw-r--r--security/nss/lib/softoken/sftkpwd.c1261
-rw-r--r--security/nss/lib/softoken/softkver.c18
-rw-r--r--security/nss/lib/softoken/softkver.h31
-rw-r--r--security/nss/lib/softoken/softoken.gyp71
-rw-r--r--security/nss/lib/softoken/softoken.h265
-rw-r--r--security/nss/lib/softoken/softokn.def28
-rw-r--r--security/nss/lib/softoken/softokn.rc68
-rw-r--r--security/nss/lib/softoken/softoknt.h43
-rw-r--r--security/nss/lib/softoken/tlsprf.c198
-rw-r--r--security/nss/lib/sqlite/Makefile54
-rw-r--r--security/nss/lib/sqlite/README3
-rw-r--r--security/nss/lib/sqlite/config.mk43
-rw-r--r--security/nss/lib/sqlite/exports.gyp25
-rw-r--r--security/nss/lib/sqlite/manifest.mn34
-rw-r--r--security/nss/lib/sqlite/sqlite.def147
-rw-r--r--security/nss/lib/sqlite/sqlite.gyp50
-rw-r--r--security/nss/lib/sqlite/sqlite3.c186041
-rw-r--r--security/nss/lib/sqlite/sqlite3.h8630
-rw-r--r--security/nss/lib/ssl/Makefile65
-rw-r--r--security/nss/lib/ssl/SSLerrs.h507
-rw-r--r--security/nss/lib/ssl/authcert.c89
-rw-r--r--security/nss/lib/ssl/cmpcert.c89
-rw-r--r--security/nss/lib/ssl/config.mk71
-rw-r--r--security/nss/lib/ssl/dhe-param.c418
-rw-r--r--security/nss/lib/ssl/dtlscon.c1214
-rw-r--r--security/nss/lib/ssl/exports.gyp29
-rw-r--r--security/nss/lib/ssl/manifest.mn57
-rw-r--r--security/nss/lib/ssl/notes.txt104
-rw-r--r--security/nss/lib/ssl/os2_err.c330
-rw-r--r--security/nss/lib/ssl/os2_err.h53
-rw-r--r--security/nss/lib/ssl/preenc.h113
-rw-r--r--security/nss/lib/ssl/prelib.c34
-rw-r--r--security/nss/lib/ssl/ssl.def223
-rw-r--r--security/nss/lib/ssl/ssl.gyp98
-rw-r--r--security/nss/lib/ssl/ssl.h1344
-rw-r--r--security/nss/lib/ssl/ssl.rc68
-rw-r--r--security/nss/lib/ssl/ssl3con.c13350
-rw-r--r--security/nss/lib/ssl/ssl3ecc.c1009
-rw-r--r--security/nss/lib/ssl/ssl3ext.c530
-rw-r--r--security/nss/lib/ssl/ssl3ext.h156
-rw-r--r--security/nss/lib/ssl/ssl3exthandle.c2579
-rw-r--r--security/nss/lib/ssl/ssl3exthandle.h95
-rw-r--r--security/nss/lib/ssl/ssl3gthr.c573
-rw-r--r--security/nss/lib/ssl/ssl3prot.h331
-rw-r--r--security/nss/lib/ssl/sslauth.c292
-rw-r--r--security/nss/lib/ssl/sslcert.c992
-rw-r--r--security/nss/lib/ssl/sslcert.h59
-rw-r--r--security/nss/lib/ssl/sslcon.c264
-rw-r--r--security/nss/lib/ssl/ssldef.c224
-rw-r--r--security/nss/lib/ssl/sslenum.c157
-rw-r--r--security/nss/lib/ssl/sslerr.c41
-rw-r--r--security/nss/lib/ssl/sslerr.h253
-rw-r--r--security/nss/lib/ssl/sslerrstrs.c36
-rw-r--r--security/nss/lib/ssl/sslgrp.c164
-rw-r--r--security/nss/lib/ssl/sslimpl.h1872
-rw-r--r--security/nss/lib/ssl/sslinfo.c493
-rw-r--r--security/nss/lib/ssl/sslinit.c59
-rw-r--r--security/nss/lib/ssl/sslmutex.c658
-rw-r--r--security/nss/lib/ssl/sslmutex.h128
-rw-r--r--security/nss/lib/ssl/sslnonce.c495
-rw-r--r--security/nss/lib/ssl/sslproto.h294
-rw-r--r--security/nss/lib/ssl/sslreveal.c110
-rw-r--r--security/nss/lib/ssl/sslsecur.c1235
-rw-r--r--security/nss/lib/ssl/sslsnce.c1990
-rw-r--r--security/nss/lib/ssl/sslsock.c3742
-rw-r--r--security/nss/lib/ssl/sslt.h415
-rw-r--r--security/nss/lib/ssl/ssltrace.c114
-rw-r--r--security/nss/lib/ssl/sslver.c18
-rw-r--r--security/nss/lib/ssl/tls13con.c4512
-rw-r--r--security/nss/lib/ssl/tls13con.h88
-rw-r--r--security/nss/lib/ssl/tls13exthandle.c1169
-rw-r--r--security/nss/lib/ssl/tls13exthandle.h74
-rw-r--r--security/nss/lib/ssl/tls13hkdf.c270
-rw-r--r--security/nss/lib/ssl/tls13hkdf.h38
-rw-r--r--security/nss/lib/ssl/unix_err.c837
-rw-r--r--security/nss/lib/ssl/unix_err.h57
-rw-r--r--security/nss/lib/ssl/win32err.c550
-rw-r--r--security/nss/lib/ssl/win32err.h51
-rw-r--r--security/nss/lib/sysinit/Makefile48
-rw-r--r--security/nss/lib/sysinit/config.mk80
-rw-r--r--security/nss/lib/sysinit/manifest.mn15
-rw-r--r--security/nss/lib/sysinit/nsssysinit.c403
-rw-r--r--security/nss/lib/sysinit/sysinit.gyp31
-rw-r--r--security/nss/lib/util/Makefile50
-rw-r--r--security/nss/lib/util/SECerrs.h551
-rw-r--r--security/nss/lib/util/base64.h41
-rw-r--r--security/nss/lib/util/ciferfam.h59
-rw-r--r--security/nss/lib/util/config.mk45
-rw-r--r--security/nss/lib/util/derdec.c189
-rw-r--r--security/nss/lib/util/derenc.c460
-rw-r--r--security/nss/lib/util/dersubr.c249
-rw-r--r--security/nss/lib/util/dertime.c310
-rw-r--r--security/nss/lib/util/eccutil.h15
-rw-r--r--security/nss/lib/util/errstrs.c41
-rw-r--r--security/nss/lib/util/exports.gyp67
-rw-r--r--security/nss/lib/util/hasht.h63
-rw-r--r--security/nss/lib/util/manifest.mn90
-rw-r--r--security/nss/lib/util/nssb64.h94
-rw-r--r--security/nss/lib/util/nssb64d.c822
-rw-r--r--security/nss/lib/util/nssb64e.c734
-rw-r--r--security/nss/lib/util/nssb64t.h15
-rw-r--r--security/nss/lib/util/nssilckt.h191
-rw-r--r--security/nss/lib/util/nssilock.c479
-rw-r--r--security/nss/lib/util/nssilock.h267
-rw-r--r--security/nss/lib/util/nsslocks.h10
-rw-r--r--security/nss/lib/util/nssrwlk.c448
-rw-r--r--security/nss/lib/util/nssrwlk.h132
-rw-r--r--security/nss/lib/util/nssrwlkt.h19
-rw-r--r--security/nss/lib/util/nssutil.def292
-rw-r--r--security/nss/lib/util/nssutil.h41
-rw-r--r--security/nss/lib/util/nssutil.rc68
-rw-r--r--security/nss/lib/util/oidstring.c114
-rw-r--r--security/nss/lib/util/pkcs11.h252
-rw-r--r--security/nss/lib/util/pkcs11f.h812
-rw-r--r--security/nss/lib/util/pkcs11n.h501
-rw-r--r--security/nss/lib/util/pkcs11p.h21
-rw-r--r--security/nss/lib/util/pkcs11t.h1800
-rw-r--r--security/nss/lib/util/pkcs11u.h19
-rw-r--r--security/nss/lib/util/pkcs1sig.c169
-rw-r--r--security/nss/lib/util/pkcs1sig.h30
-rw-r--r--security/nss/lib/util/portreg.c375
-rw-r--r--security/nss/lib/util/portreg.h81
-rw-r--r--security/nss/lib/util/quickder.c819
-rw-r--r--security/nss/lib/util/secalgid.c129
-rw-r--r--security/nss/lib/util/secasn1.h291
-rw-r--r--security/nss/lib/util/secasn1d.c3373
-rw-r--r--security/nss/lib/util/secasn1e.c1568
-rw-r--r--security/nss/lib/util/secasn1t.h267
-rw-r--r--security/nss/lib/util/secasn1u.c94
-rw-r--r--security/nss/lib/util/seccomon.h91
-rw-r--r--security/nss/lib/util/secder.h172
-rw-r--r--security/nss/lib/util/secdert.h129
-rw-r--r--security/nss/lib/util/secdig.c182
-rw-r--r--security/nss/lib/util/secdig.h100
-rw-r--r--security/nss/lib/util/secdigt.h26
-rw-r--r--security/nss/lib/util/secerr.h218
-rw-r--r--security/nss/lib/util/secitem.c487
-rw-r--r--security/nss/lib/util/secitem.h118
-rw-r--r--security/nss/lib/util/secload.c182
-rw-r--r--security/nss/lib/util/secoid.c2306
-rw-r--r--security/nss/lib/util/secoid.h140
-rw-r--r--security/nss/lib/util/secoidt.h540
-rw-r--r--security/nss/lib/util/secplcy.c83
-rw-r--r--security/nss/lib/util/secplcy.h104
-rw-r--r--security/nss/lib/util/secport.c732
-rw-r--r--security/nss/lib/util/secport.h287
-rw-r--r--security/nss/lib/util/sectime.c163
-rw-r--r--security/nss/lib/util/templates.c136
-rw-r--r--security/nss/lib/util/utf8.c445
-rw-r--r--security/nss/lib/util/util.gyp59
-rw-r--r--security/nss/lib/util/utilmod.c765
-rw-r--r--security/nss/lib/util/utilmodt.h43
-rw-r--r--security/nss/lib/util/utilpars.c1231
-rw-r--r--security/nss/lib/util/utilpars.h63
-rw-r--r--security/nss/lib/util/utilparst.h78
-rw-r--r--security/nss/lib/util/utilrename.h162
-rw-r--r--security/nss/lib/util/verref.h43
-rw-r--r--security/nss/lib/zlib/Makefile55
-rw-r--r--security/nss/lib/zlib/README115
-rw-r--r--security/nss/lib/zlib/README.nss18
-rw-r--r--security/nss/lib/zlib/adler32.c169
-rw-r--r--security/nss/lib/zlib/compress.c80
-rw-r--r--security/nss/lib/zlib/config.mk20
-rw-r--r--security/nss/lib/zlib/crc32.c442
-rw-r--r--security/nss/lib/zlib/crc32.h445
-rw-r--r--security/nss/lib/zlib/deflate.c1834
-rw-r--r--security/nss/lib/zlib/deflate.h342
-rw-r--r--security/nss/lib/zlib/example.c565
-rw-r--r--security/nss/lib/zlib/exports.gyp33
-rw-r--r--security/nss/lib/zlib/gzclose.c25
-rw-r--r--security/nss/lib/zlib/gzguts.h132
-rw-r--r--security/nss/lib/zlib/gzlib.c537
-rw-r--r--security/nss/lib/zlib/gzread.c653
-rw-r--r--security/nss/lib/zlib/gzwrite.c531
-rw-r--r--security/nss/lib/zlib/infback.c632
-rw-r--r--security/nss/lib/zlib/inffast.c340
-rw-r--r--security/nss/lib/zlib/inffast.h11
-rw-r--r--security/nss/lib/zlib/inffixed.h98
-rw-r--r--security/nss/lib/zlib/inflate.c1480
-rw-r--r--security/nss/lib/zlib/inflate.h122
-rw-r--r--security/nss/lib/zlib/inftrees.c330
-rw-r--r--security/nss/lib/zlib/inftrees.h62
-rw-r--r--security/nss/lib/zlib/manifest.mn39
-rw-r--r--security/nss/lib/zlib/minigzip.c440
-rw-r--r--security/nss/lib/zlib/patches/prune-zlib.sh34
-rw-r--r--security/nss/lib/zlib/trees.c1244
-rw-r--r--security/nss/lib/zlib/trees.h132
-rw-r--r--security/nss/lib/zlib/uncompr.c59
-rw-r--r--security/nss/lib/zlib/zconf.h428
-rw-r--r--security/nss/lib/zlib/zlib.gyp49
-rw-r--r--security/nss/lib/zlib/zlib.h1613
-rw-r--r--security/nss/lib/zlib/zutil.c318
-rw-r--r--security/nss/lib/zlib/zutil.h275
1174 files changed, 762712 insertions, 0 deletions
diff --git a/security/nss/lib/Makefile b/security/nss/lib/Makefile
new file mode 100644
index 000000000..8eedad0b2
--- /dev/null
+++ b/security/nss/lib/Makefile
@@ -0,0 +1,97 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+ifndef USE_SYSTEM_ZLIB
+ZLIB_SRCDIR = zlib # Add the zlib directory to DIRS.
+endif
+
+ifndef MOZILLA_CLIENT
+ifndef NSS_USE_SYSTEM_SQLITE
+SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
+endif
+endif
+
+ifndef MOZILLA_CLIENT
+ifeq ($(OS_ARCH),Linux)
+SYSINIT_SRCDIR = sysinit # Add the sysinit directory to DIRS.
+endif
+endif
+
+ifndef NSS_DISABLE_DBM
+DBM_SRCDIR = dbm # Add the dbm directory to DIRS.
+endif
+
+ifeq ($(NSS_BUILD_UTIL_ONLY),1)
+SYSINIT_SRCDIR=
+endif
+
+ifndef NSS_DISABLE_LIBPKIX
+LIBPKIX_SRCDIR = libpkix # Add the libpkix directory to DIRS.
+endif
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+ifeq ($(NSS_BUILD_UTIL_ONLY),1)
+ UTIL_SRCDIR = util
+ FREEBL_SRCDIR =
+ SOFTOKEN_SRCDIR =
+else
+ ifeq ($(NSS_BUILD_SOFTOKEN_ONLY),1)
+ UTIL_SRCDIR =
+ FREEBL_SRCDIR = freebl
+ SOFTOKEN_SRCDIR = softoken
+ else
+ ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
+ # Not included when building nss without softoken
+ # This build type uses the build results of the prior
+ # NSS_BUILD_UTIL_ONLY and NSS_BUILD_SOFTOKEN_ONLY builds
+ UTIL_SRCDIR =
+ FREEBL_SRCDIR =
+ SOFTOKEN_SRCDIR =
+ else
+ # default is to include all
+ UTIL_SRCDIR = util
+ FREEBL_SRCDIR = freebl
+ SOFTOKEN_SRCDIR = softoken
+ endif
+ endif
+endif
diff --git a/security/nss/lib/base/Makefile b/security/nss/lib/base/Makefile
new file mode 100644
index 000000000..fc78ae92c
--- /dev/null
+++ b/security/nss/lib/base/Makefile
@@ -0,0 +1,11 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+export:: private_export
diff --git a/security/nss/lib/base/arena.c b/security/nss/lib/base/arena.c
new file mode 100644
index 000000000..b8e64643d
--- /dev/null
+++ b/security/nss/lib/base/arena.c
@@ -0,0 +1,1143 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * arena.c
+ *
+ * This contains the implementation of NSS's thread-safe arenas.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#ifdef ARENA_THREADMARK
+#include "prthread.h"
+#endif /* ARENA_THREADMARK */
+
+#include "prlock.h"
+#include "plarena.h"
+
+#include <string.h>
+
+/*
+ * NSSArena
+ *
+ * This is based on NSPR's arena code, but it is threadsafe.
+ *
+ * The public methods relating to this type are:
+ *
+ * NSSArena_Create -- constructor
+ * NSSArena_Destroy
+ * NSS_ZAlloc
+ * NSS_ZRealloc
+ * NSS_ZFreeIf
+ *
+ * The nonpublic methods relating to this type are:
+ *
+ * nssArena_Create -- constructor
+ * nssArena_Destroy
+ * nssArena_Mark
+ * nssArena_Release
+ * nssArena_Unmark
+ *
+ * nss_ZAlloc
+ * nss_ZFreeIf
+ * nss_ZRealloc
+ *
+ * In debug builds, the following calls are available:
+ *
+ * nssArena_verifyPointer
+ * nssArena_registerDestructor
+ * nssArena_deregisterDestructor
+ */
+
+struct NSSArenaStr {
+ PLArenaPool pool;
+ PRLock *lock;
+#ifdef ARENA_THREADMARK
+ PRThread *marking_thread;
+ nssArenaMark *first_mark;
+ nssArenaMark *last_mark;
+#endif /* ARENA_THREADMARK */
+#ifdef ARENA_DESTRUCTOR_LIST
+ struct arena_destructor_node *first_destructor;
+ struct arena_destructor_node *last_destructor;
+#endif /* ARENA_DESTRUCTOR_LIST */
+};
+
+/*
+ * nssArenaMark
+ *
+ * This type is used to mark the current state of an NSSArena.
+ */
+
+struct nssArenaMarkStr {
+ PRUint32 magic;
+ void *mark;
+#ifdef ARENA_THREADMARK
+ nssArenaMark *next;
+#endif /* ARENA_THREADMARK */
+#ifdef ARENA_DESTRUCTOR_LIST
+ struct arena_destructor_node *next_destructor;
+ struct arena_destructor_node *prev_destructor;
+#endif /* ARENA_DESTRUCTOR_LIST */
+};
+
+#define MARK_MAGIC 0x4d41524b /* "MARK" how original */
+
+/*
+ * But first, the pointer-tracking code
+ */
+#ifdef DEBUG
+extern const NSSError NSS_ERROR_INTERNAL_ERROR;
+
+static nssPointerTracker arena_pointer_tracker;
+
+static PRStatus
+arena_add_pointer(const NSSArena *arena)
+{
+ PRStatus rv;
+
+ rv = nssPointerTracker_initialize(&arena_pointer_tracker);
+ if (PR_SUCCESS != rv) {
+ return rv;
+ }
+
+ rv = nssPointerTracker_add(&arena_pointer_tracker, arena);
+ if (PR_SUCCESS != rv) {
+ NSSError e = NSS_GetError();
+ if (NSS_ERROR_NO_MEMORY != e) {
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR);
+ }
+
+ return rv;
+ }
+
+ return PR_SUCCESS;
+}
+
+static PRStatus
+arena_remove_pointer(const NSSArena *arena)
+{
+ PRStatus rv;
+
+ rv = nssPointerTracker_remove(&arena_pointer_tracker, arena);
+ if (PR_SUCCESS != rv) {
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR);
+ }
+
+ return rv;
+}
+
+/*
+ * nssArena_verifyPointer
+ *
+ * This method is only present in debug builds.
+ *
+ * If the specified pointer is a valid pointer to an NSSArena object,
+ * this routine will return PR_SUCCESS. Otherwise, it will put an
+ * error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ *
+ * Return value:
+ * PR_SUCCESS if the pointer is valid
+ * PR_FAILURE if it isn't
+ */
+
+NSS_IMPLEMENT PRStatus
+nssArena_verifyPointer(const NSSArena *arena)
+{
+ PRStatus rv;
+
+ rv = nssPointerTracker_initialize(&arena_pointer_tracker);
+ if (PR_SUCCESS != rv) {
+ /*
+ * This is a little disingenious. We have to initialize the
+ * tracker, because someone could "legitimately" try to verify
+ * an arena pointer before one is ever created. And this step
+ * might fail, due to lack of memory. But the only way that
+ * this step can fail is if it's doing the call_once stuff,
+ * (later calls just no-op). And if it didn't no-op, there
+ * aren't any valid arenas.. so the argument certainly isn't one.
+ */
+ nss_SetError(NSS_ERROR_INVALID_ARENA);
+ return PR_FAILURE;
+ }
+
+ rv = nssPointerTracker_verify(&arena_pointer_tracker, arena);
+ if (PR_SUCCESS != rv) {
+ nss_SetError(NSS_ERROR_INVALID_ARENA);
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+#endif /* DEBUG */
+
+#ifdef ARENA_DESTRUCTOR_LIST
+
+struct arena_destructor_node {
+ struct arena_destructor_node *next;
+ struct arena_destructor_node *prev;
+ void (*destructor)(void *argument);
+ void *arg;
+};
+
+/*
+ * nssArena_registerDestructor
+ *
+ * This routine stores a pointer to a callback and an arbitrary
+ * pointer-sized argument in the arena, at the current point in
+ * the mark stack. If the arena is destroyed, or an "earlier"
+ * mark is released, then this destructor will be called at that
+ * time. Note that the destructor will be called with the arena
+ * locked, which means the destructor may free memory in that
+ * arena, but it may not allocate or cause to be allocated any
+ * memory. This callback facility was included to support our
+ * debug-version pointer-tracker feature; overuse runs counter to
+ * the the original intent of arenas. This routine returns a
+ * PRStatus value; if successful, it will return PR_SUCCESS. If
+ * unsuccessful, it will set an error on the error stack and
+ * return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssArena_registerDestructor(NSSArena *arena, void (*destructor)(void *argument),
+ void *arg)
+{
+ struct arena_destructor_node *it;
+
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return PR_FAILURE;
+ }
+#endif /* NSSDEBUG */
+
+ it = nss_ZNEW(arena, struct arena_destructor_node);
+ if ((struct arena_destructor_node *)NULL == it) {
+ return PR_FAILURE;
+ }
+
+ it->prev = arena->last_destructor;
+ arena->last_destructor->next = it;
+ arena->last_destructor = it;
+ it->destructor = destructor;
+ it->arg = arg;
+
+ if ((nssArenaMark *)NULL != arena->last_mark) {
+ arena->last_mark->prev_destructor = it->prev;
+ arena->last_mark->next_destructor = it->next;
+ }
+
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssArena_deregisterDestructor(NSSArena *arena,
+ void (*destructor)(void *argument), void *arg)
+{
+ struct arena_destructor_node *it;
+
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return PR_FAILURE;
+ }
+#endif /* NSSDEBUG */
+
+ for (it = arena->first_destructor; it; it = it->next) {
+ if ((it->destructor == destructor) && (it->arg == arg)) {
+ break;
+ }
+ }
+
+ if ((struct arena_destructor_node *)NULL == it) {
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+ }
+
+ if (it == arena->first_destructor) {
+ arena->first_destructor = it->next;
+ }
+
+ if (it == arena->last_destructor) {
+ arena->last_destructor = it->prev;
+ }
+
+ if ((struct arena_destructor_node *)NULL != it->prev) {
+ it->prev->next = it->next;
+ }
+
+ if ((struct arena_destructor_node *)NULL != it->next) {
+ it->next->prev = it->prev;
+ }
+
+ {
+ nssArenaMark *m;
+ for (m = arena->first_mark; m; m = m->next) {
+ if (m->next_destructor == it) {
+ m->next_destructor = it->next;
+ }
+ if (m->prev_destructor == it) {
+ m->prev_destructor = it->prev;
+ }
+ }
+ }
+
+ nss_ZFreeIf(it);
+ return PR_SUCCESS;
+}
+
+static void
+nss_arena_call_destructor_chain(struct arena_destructor_node *it)
+{
+ for (; it; it = it->next) {
+ (*(it->destructor))(it->arg);
+ }
+}
+
+#endif /* ARENA_DESTRUCTOR_LIST */
+
+/*
+ * NSSArena_Create
+ *
+ * This routine creates a new memory arena. This routine may return
+ * NULL upon error, in which case it will have created an error stack.
+ *
+ * The top-level error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to an NSSArena upon success
+ */
+
+NSS_IMPLEMENT NSSArena *
+NSSArena_Create(void)
+{
+ nss_ClearErrorStack();
+ return nssArena_Create();
+}
+
+/*
+ * nssArena_Create
+ *
+ * This routine creates a new memory arena. This routine may return
+ * NULL upon error, in which case it will have set an error on the
+ * error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to an NSSArena upon success
+ */
+
+NSS_IMPLEMENT NSSArena *
+nssArena_Create(void)
+{
+ NSSArena *rv = (NSSArena *)NULL;
+
+ rv = nss_ZNEW((NSSArena *)NULL, NSSArena);
+ if ((NSSArena *)NULL == rv) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (NSSArena *)NULL;
+ }
+
+ rv->lock = PR_NewLock();
+ if ((PRLock *)NULL == rv->lock) {
+ (void)nss_ZFreeIf(rv);
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (NSSArena *)NULL;
+ }
+
+ /*
+ * Arena sizes. The current security code has 229 occurrences of
+ * PORT_NewArena. The default chunksizes specified break down as
+ *
+ * Size Mult. Specified as
+ * 512 1 512
+ * 1024 7 1024
+ * 2048 5 2048
+ * 2048 5 CRMF_DEFAULT_ARENA_SIZE
+ * 2048 190 DER_DEFAULT_CHUNKSIZE
+ * 2048 20 SEC_ASN1_DEFAULT_ARENA_SIZE
+ * 4096 1 4096
+ *
+ * Obviously this "default chunksize" flexibility isn't very
+ * useful to us, so I'll just pick 2048.
+ */
+
+ PL_InitArenaPool(&rv->pool, "NSS", 2048, sizeof(double));
+
+#ifdef DEBUG
+ {
+ PRStatus st;
+ st = arena_add_pointer(rv);
+ if (PR_SUCCESS != st) {
+ PL_FinishArenaPool(&rv->pool);
+ PR_DestroyLock(rv->lock);
+ (void)nss_ZFreeIf(rv);
+ return (NSSArena *)NULL;
+ }
+ }
+#endif /* DEBUG */
+
+ return rv;
+}
+
+/*
+ * NSSArena_Destroy
+ *
+ * This routine will destroy the specified arena, freeing all memory
+ * allocated from it. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCESS. If unsuccessful, it will
+ * create an error stack and return PR_FAILURE.
+ *
+ * The top-level error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ *
+ * Return value:
+ * PR_SUCCESS upon success
+ * PR_FAILURE upon failure
+ */
+
+NSS_IMPLEMENT PRStatus
+NSSArena_Destroy(NSSArena *arena)
+{
+ nss_ClearErrorStack();
+
+#ifdef DEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return PR_FAILURE;
+ }
+#endif /* DEBUG */
+
+ return nssArena_Destroy(arena);
+}
+
+/*
+ * nssArena_Destroy
+ *
+ * This routine will destroy the specified arena, freeing all memory
+ * allocated from it. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCESS. If unsuccessful, it will
+ * set an error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssArena_Destroy(NSSArena *arena)
+{
+ PRLock *lock;
+
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return PR_FAILURE;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRLock *)NULL == arena->lock) {
+ /* Just got destroyed */
+ nss_SetError(NSS_ERROR_INVALID_ARENA);
+ return PR_FAILURE;
+ }
+ PR_Lock(arena->lock);
+
+#ifdef DEBUG
+ if (PR_SUCCESS != arena_remove_pointer(arena)) {
+ PR_Unlock(arena->lock);
+ return PR_FAILURE;
+ }
+#endif /* DEBUG */
+
+#ifdef ARENA_DESTRUCTOR_LIST
+ /* Note that the arena is locked at this time */
+ nss_arena_call_destructor_chain(arena->first_destructor);
+#endif /* ARENA_DESTRUCTOR_LIST */
+
+ PL_FinishArenaPool(&arena->pool);
+ lock = arena->lock;
+ arena->lock = (PRLock *)NULL;
+ PR_Unlock(lock);
+ PR_DestroyLock(lock);
+ (void)nss_ZFreeIf(arena);
+ return PR_SUCCESS;
+}
+
+static void *nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size);
+
+/*
+ * nssArena_Mark
+ *
+ * This routine "marks" the current state of an arena. Space
+ * allocated after the arena has been marked can be freed by
+ * releasing the arena back to the mark with nssArena_Release,
+ * or committed by calling nssArena_Unmark. When successful,
+ * this routine returns a valid nssArenaMark pointer. This
+ * routine may return NULL upon error, in which case it will
+ * have set an error on the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon failure
+ * An nssArenaMark pointer upon success
+ */
+
+NSS_IMPLEMENT nssArenaMark *
+nssArena_Mark(NSSArena *arena)
+{
+ nssArenaMark *rv;
+ void *p;
+
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return (nssArenaMark *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRLock *)NULL == arena->lock) {
+ /* Just got destroyed */
+ nss_SetError(NSS_ERROR_INVALID_ARENA);
+ return (nssArenaMark *)NULL;
+ }
+ PR_Lock(arena->lock);
+
+#ifdef ARENA_THREADMARK
+ if ((PRThread *)NULL == arena->marking_thread) {
+ /* Unmarked. Store our thread ID */
+ arena->marking_thread = PR_GetCurrentThread();
+ /* This call never fails. */
+ } else {
+ /* Marked. Verify it's the current thread */
+ if (PR_GetCurrentThread() != arena->marking_thread) {
+ PR_Unlock(arena->lock);
+ nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
+ return (nssArenaMark *)NULL;
+ }
+ }
+#endif /* ARENA_THREADMARK */
+
+ p = PL_ARENA_MARK(&arena->pool);
+ /* No error possible */
+
+ /* Do this after the mark */
+ rv = (nssArenaMark *)nss_zalloc_arena_locked(arena, sizeof(nssArenaMark));
+ if ((nssArenaMark *)NULL == rv) {
+ PR_Unlock(arena->lock);
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (nssArenaMark *)NULL;
+ }
+
+#ifdef ARENA_THREADMARK
+ if ((nssArenaMark *)NULL == arena->first_mark) {
+ arena->first_mark = rv;
+ arena->last_mark = rv;
+ } else {
+ arena->last_mark->next = rv;
+ arena->last_mark = rv;
+ }
+#endif /* ARENA_THREADMARK */
+
+ rv->mark = p;
+ rv->magic = MARK_MAGIC;
+
+#ifdef ARENA_DESTRUCTOR_LIST
+ rv->prev_destructor = arena->last_destructor;
+#endif /* ARENA_DESTRUCTOR_LIST */
+
+ PR_Unlock(arena->lock);
+
+ return rv;
+}
+
+/*
+ * nss_arena_unmark_release
+ *
+ * This static routine implements the routines nssArena_Release
+ * ans nssArena_Unmark, which are almost identical.
+ */
+
+static PRStatus
+nss_arena_unmark_release(NSSArena *arena, nssArenaMark *arenaMark,
+ PRBool release)
+{
+ void *inner_mark;
+
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return PR_FAILURE;
+ }
+#endif /* NSSDEBUG */
+
+ if (MARK_MAGIC != arenaMark->magic) {
+ nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
+ return PR_FAILURE;
+ }
+
+ if ((PRLock *)NULL == arena->lock) {
+ /* Just got destroyed */
+ nss_SetError(NSS_ERROR_INVALID_ARENA);
+ return PR_FAILURE;
+ }
+ PR_Lock(arena->lock);
+
+#ifdef ARENA_THREADMARK
+ if ((PRThread *)NULL != arena->marking_thread) {
+ if (PR_GetCurrentThread() != arena->marking_thread) {
+ PR_Unlock(arena->lock);
+ nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
+ return PR_FAILURE;
+ }
+ }
+#endif /* ARENA_THREADMARK */
+
+ if (MARK_MAGIC != arenaMark->magic) {
+ /* Just got released */
+ PR_Unlock(arena->lock);
+ nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
+ return PR_FAILURE;
+ }
+
+ arenaMark->magic = 0;
+ inner_mark = arenaMark->mark;
+
+#ifdef ARENA_THREADMARK
+ {
+ nssArenaMark **pMark = &arena->first_mark;
+ nssArenaMark *rest;
+ nssArenaMark *last = (nssArenaMark *)NULL;
+
+ /* Find this mark */
+ while (*pMark != arenaMark) {
+ last = *pMark;
+ pMark = &(*pMark)->next;
+ }
+
+ /* Remember the pointer, then zero it */
+ rest = (*pMark)->next;
+ *pMark = (nssArenaMark *)NULL;
+
+ arena->last_mark = last;
+
+ /* Invalidate any later marks being implicitly released */
+ for (; (nssArenaMark *)NULL != rest; rest = rest->next) {
+ rest->magic = 0;
+ }
+
+ /* If we just got rid of the first mark, clear the thread ID */
+ if ((nssArenaMark *)NULL == arena->first_mark) {
+ arena->marking_thread = (PRThread *)NULL;
+ }
+ }
+#endif /* ARENA_THREADMARK */
+
+ if (release) {
+#ifdef ARENA_DESTRUCTOR_LIST
+ if ((struct arena_destructor_node *)NULL !=
+ arenaMark->prev_destructor) {
+ arenaMark->prev_destructor->next =
+ (struct arena_destructor_node *)NULL;
+ }
+ arena->last_destructor = arenaMark->prev_destructor;
+
+ /* Note that the arena is locked at this time */
+ nss_arena_call_destructor_chain(arenaMark->next_destructor);
+#endif /* ARENA_DESTRUCTOR_LIST */
+
+ PL_ARENA_RELEASE(&arena->pool, inner_mark);
+ /* No error return */
+ }
+
+ PR_Unlock(arena->lock);
+ return PR_SUCCESS;
+}
+
+/*
+ * nssArena_Release
+ *
+ * This routine invalidates and releases all memory allocated from
+ * the specified arena after the point at which the specified mark
+ * was obtained. This routine returns a PRStatus value; if successful,
+ * it will return PR_SUCCESS. If unsuccessful, it will set an error
+ * on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_INVALID_ARENA_MARK
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssArena_Release(NSSArena *arena, nssArenaMark *arenaMark)
+{
+ return nss_arena_unmark_release(arena, arenaMark, PR_TRUE);
+}
+
+/*
+ * nssArena_Unmark
+ *
+ * This routine "commits" the indicated mark and any marks after
+ * it, making them unreleasable. Note that any earlier marks can
+ * still be released, and such a release will invalidate these
+ * later unmarked regions. If an arena is to be safely shared by
+ * more than one thread, all marks must be either released or
+ * unmarked. This routine returns a PRStatus value; if successful,
+ * it will return PR_SUCCESS. If unsuccessful, it will set an error
+ * on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_INVALID_ARENA_MARK
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssArena_Unmark(NSSArena *arena, nssArenaMark *arenaMark)
+{
+ return nss_arena_unmark_release(arena, arenaMark, PR_FALSE);
+}
+
+/*
+ * We prefix this header to all allocated blocks. It is a multiple
+ * of the alignment size. Note that this usage of a header may make
+ * purify spew bogus warnings about "potentially leaked blocks" of
+ * memory; if that gets too annoying we can add in a pointer to the
+ * header in the header itself. There's not a lot of safety here;
+ * maybe we should add a magic value?
+ */
+struct pointer_header {
+ NSSArena *arena;
+ PRUint32 size;
+};
+
+static void *
+nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size)
+{
+ void *p;
+ void *rv;
+ struct pointer_header *h;
+ PRUint32 my_size = size + sizeof(struct pointer_header);
+ PL_ARENA_ALLOCATE(p, &arena->pool, my_size);
+ if ((void *)NULL == p) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (void *)NULL;
+ }
+ /*
+ * Do this before we unlock. This way if the user is using
+ * an arena in one thread while destroying it in another, he'll
+ * fault/FMR in his code, not ours.
+ */
+ h = (struct pointer_header *)p;
+ h->arena = arena;
+ h->size = size;
+ rv = (void *)((char *)h + sizeof(struct pointer_header));
+ (void)nsslibc_memset(rv, 0, size);
+ return rv;
+}
+
+/*
+ * NSS_ZAlloc
+ *
+ * This routine allocates and zeroes a section of memory of the
+ * size, and returns to the caller a pointer to that memory. If
+ * the optional arena argument is non-null, the memory will be
+ * obtained from that arena; otherwise, the memory will be obtained
+ * from the heap. This routine may return NULL upon error, in
+ * which case it will have set an error upon the error stack. The
+ * value specified for size may be zero; in which case a valid
+ * zero-length block of memory will be allocated. This block may
+ * be expanded by calling NSS_ZRealloc.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+NSS_IMPLEMENT void *
+NSS_ZAlloc(NSSArena *arenaOpt, PRUint32 size)
+{
+ return nss_ZAlloc(arenaOpt, size);
+}
+
+/*
+ * nss_ZAlloc
+ *
+ * This routine allocates and zeroes a section of memory of the
+ * size, and returns to the caller a pointer to that memory. If
+ * the optional arena argument is non-null, the memory will be
+ * obtained from that arena; otherwise, the memory will be obtained
+ * from the heap. This routine may return NULL upon error, in
+ * which case it will have set an error upon the error stack. The
+ * value specified for size may be zero; in which case a valid
+ * zero-length block of memory will be allocated. This block may
+ * be expanded by calling nss_ZRealloc.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+NSS_IMPLEMENT void *
+nss_ZAlloc(NSSArena *arenaOpt, PRUint32 size)
+{
+ struct pointer_header *h;
+ PRUint32 my_size = size + sizeof(struct pointer_header);
+
+ if (my_size < sizeof(struct pointer_header)) {
+ /* Wrapped */
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (void *)NULL;
+ }
+
+ if ((NSSArena *)NULL == arenaOpt) {
+ /* Heap allocation, no locking required. */
+ h = (struct pointer_header *)PR_Calloc(1, my_size);
+ if ((struct pointer_header *)NULL == h) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (void *)NULL;
+ }
+
+ h->arena = (NSSArena *)NULL;
+ h->size = size;
+ /* We used calloc: it's already zeroed */
+
+ return (void *)((char *)h + sizeof(struct pointer_header));
+ } else {
+ void *rv;
+/* Arena allocation */
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ return (void *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRLock *)NULL == arenaOpt->lock) {
+ /* Just got destroyed */
+ nss_SetError(NSS_ERROR_INVALID_ARENA);
+ return (void *)NULL;
+ }
+ PR_Lock(arenaOpt->lock);
+
+#ifdef ARENA_THREADMARK
+ if ((PRThread *)NULL != arenaOpt->marking_thread) {
+ if (PR_GetCurrentThread() != arenaOpt->marking_thread) {
+ nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
+ PR_Unlock(arenaOpt->lock);
+ return (void *)NULL;
+ }
+ }
+#endif /* ARENA_THREADMARK */
+
+ rv = nss_zalloc_arena_locked(arenaOpt, size);
+
+ PR_Unlock(arenaOpt->lock);
+ return rv;
+ }
+ /*NOTREACHED*/
+}
+
+/*
+ * NSS_ZFreeIf
+ *
+ * If the specified pointer is non-null, then the region of memory
+ * to which it points -- which must have been allocated with
+ * NSS_ZAlloc -- will be zeroed and released. This routine
+ * returns a PRStatus value; if successful, it will return PR_SUCCESS.
+ * If unsuccessful, it will set an error on the error stack and return
+ * PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+NSS_IMPLEMENT PRStatus
+NSS_ZFreeIf(void *pointer)
+{
+ return nss_ZFreeIf(pointer);
+}
+
+/*
+ * nss_ZFreeIf
+ *
+ * If the specified pointer is non-null, then the region of memory
+ * to which it points -- which must have been allocated with
+ * nss_ZAlloc -- will be zeroed and released. This routine
+ * returns a PRStatus value; if successful, it will return PR_SUCCESS.
+ * If unsuccessful, it will set an error on the error stack and return
+ * PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nss_ZFreeIf(void *pointer)
+{
+ struct pointer_header *h;
+
+ if ((void *)NULL == pointer) {
+ return PR_SUCCESS;
+ }
+
+ h = (struct pointer_header *)((char *)pointer -
+ sizeof(struct pointer_header));
+
+ /* Check any magic here */
+
+ if ((NSSArena *)NULL == h->arena) {
+ /* Heap */
+ (void)nsslibc_memset(pointer, 0, h->size);
+ PR_Free(h);
+ return PR_SUCCESS;
+ } else {
+/* Arena */
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(h->arena)) {
+ return PR_FAILURE;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRLock *)NULL == h->arena->lock) {
+ /* Just got destroyed.. so this pointer is invalid */
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return PR_FAILURE;
+ }
+ PR_Lock(h->arena->lock);
+
+ (void)nsslibc_memset(pointer, 0, h->size);
+
+ /* No way to "free" it within an NSPR arena. */
+
+ PR_Unlock(h->arena->lock);
+ return PR_SUCCESS;
+ }
+ /*NOTREACHED*/
+}
+
+/*
+ * NSS_ZRealloc
+ *
+ * This routine reallocates a block of memory obtained by calling
+ * nss_ZAlloc or nss_ZRealloc. The portion of memory
+ * between the new and old sizes -- which is either being newly
+ * obtained or released -- is in either case zeroed. This routine
+ * may return NULL upon failure, in which case it will have placed
+ * an error on the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the replacement segment of memory
+ */
+
+NSS_EXTERN void *
+NSS_ZRealloc(void *pointer, PRUint32 newSize)
+{
+ return nss_ZRealloc(pointer, newSize);
+}
+
+/*
+ * nss_ZRealloc
+ *
+ * This routine reallocates a block of memory obtained by calling
+ * nss_ZAlloc or nss_ZRealloc. The portion of memory
+ * between the new and old sizes -- which is either being newly
+ * obtained or released -- is in either case zeroed. This routine
+ * may return NULL upon failure, in which case it will have placed
+ * an error on the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the replacement segment of memory
+ */
+
+NSS_EXTERN void *
+nss_ZRealloc(void *pointer, PRUint32 newSize)
+{
+ NSSArena *arena;
+ struct pointer_header *h, *new_h;
+ PRUint32 my_newSize = newSize + sizeof(struct pointer_header);
+ void *rv;
+
+ if (my_newSize < sizeof(struct pointer_header)) {
+ /* Wrapped */
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (void *)NULL;
+ }
+
+ if ((void *)NULL == pointer) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (void *)NULL;
+ }
+
+ h = (struct pointer_header *)((char *)pointer -
+ sizeof(struct pointer_header));
+
+ /* Check any magic here */
+
+ if (newSize == h->size) {
+ /* saves thrashing */
+ return pointer;
+ }
+
+ arena = h->arena;
+ if (!arena) {
+ /* Heap */
+ new_h = (struct pointer_header *)PR_Calloc(1, my_newSize);
+ if ((struct pointer_header *)NULL == new_h) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (void *)NULL;
+ }
+
+ new_h->arena = (NSSArena *)NULL;
+ new_h->size = newSize;
+ rv = (void *)((char *)new_h + sizeof(struct pointer_header));
+
+ if (newSize > h->size) {
+ (void)nsslibc_memcpy(rv, pointer, h->size);
+ (void)nsslibc_memset(&((char *)rv)[h->size], 0,
+ (newSize - h->size));
+ } else {
+ (void)nsslibc_memcpy(rv, pointer, newSize);
+ }
+
+ (void)nsslibc_memset(pointer, 0, h->size);
+ h->size = 0;
+ PR_Free(h);
+
+ return rv;
+ } else {
+ void *p;
+/* Arena */
+#ifdef NSSDEBUG
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return (void *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (!arena->lock) {
+ /* Just got destroyed.. so this pointer is invalid */
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (void *)NULL;
+ }
+ PR_Lock(arena->lock);
+
+#ifdef ARENA_THREADMARK
+ if (arena->marking_thread) {
+ if (PR_GetCurrentThread() != arena->marking_thread) {
+ PR_Unlock(arena->lock);
+ nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
+ return (void *)NULL;
+ }
+ }
+#endif /* ARENA_THREADMARK */
+
+ if (newSize < h->size) {
+ /*
+ * We have no general way of returning memory to the arena
+ * (mark/release doesn't work because things may have been
+ * allocated after this object), so the memory is gone
+ * anyway. We might as well just return the same pointer to
+ * the user, saying "yeah, uh-hunh, you can only use less of
+ * it now." We'll zero the leftover part, of course. And
+ * in fact we might as well *not* adjust h->size-- this way,
+ * if the user reallocs back up to something not greater than
+ * the original size, then voila, there's the memory! This
+ * way a thrash big/small/big/small doesn't burn up the arena.
+ */
+ char *extra = &((char *)pointer)[newSize];
+ (void)nsslibc_memset(extra, 0, (h->size - newSize));
+ PR_Unlock(arena->lock);
+ return pointer;
+ }
+
+ PL_ARENA_ALLOCATE(p, &arena->pool, my_newSize);
+ if ((void *)NULL == p) {
+ PR_Unlock(arena->lock);
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (void *)NULL;
+ }
+
+ new_h = (struct pointer_header *)p;
+ new_h->arena = arena;
+ new_h->size = newSize;
+ rv = (void *)((char *)new_h + sizeof(struct pointer_header));
+ if (rv != pointer) {
+ (void)nsslibc_memcpy(rv, pointer, h->size);
+ (void)nsslibc_memset(pointer, 0, h->size);
+ }
+ (void)nsslibc_memset(&((char *)rv)[h->size], 0, (newSize - h->size));
+ h->arena = (NSSArena *)NULL;
+ h->size = 0;
+ PR_Unlock(arena->lock);
+ return rv;
+ }
+ /*NOTREACHED*/
+}
+
+PRStatus
+nssArena_Shutdown(void)
+{
+ PRStatus rv = PR_SUCCESS;
+#ifdef DEBUG
+ rv = nssPointerTracker_finalize(&arena_pointer_tracker);
+#endif
+ return rv;
+}
diff --git a/security/nss/lib/base/base.gyp b/security/nss/lib/base/base.gyp
new file mode 100644
index 000000000..42318c897
--- /dev/null
+++ b/security/nss/lib/base/base.gyp
@@ -0,0 +1,32 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nssb',
+ 'type': 'static_library',
+ 'sources': [
+ 'arena.c',
+ 'error.c',
+ 'errorval.c',
+ 'hash.c',
+ 'hashops.c',
+ 'item.c',
+ 'libc.c',
+ 'list.c',
+ 'tracker.c',
+ 'utf8.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/base/base.h b/security/nss/lib/base/base.h
new file mode 100644
index 000000000..2033c4455
--- /dev/null
+++ b/security/nss/lib/base/base.h
@@ -0,0 +1,1106 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BASE_H
+#define BASE_H
+
+/*
+ * base.h
+ *
+ * This header file contains basic prototypes and preprocessor
+ * definitions used throughout nss but not available publicly.
+ */
+
+#ifndef BASET_H
+#include "baset.h"
+#endif /* BASET_H */
+
+#ifndef NSSBASE_H
+#include "nssbase.h"
+#endif /* NSSBASE_H */
+
+#include "plhash.h"
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * NSSArena
+ *
+ * The nonpublic methods relating to this type are:
+ *
+ * nssArena_Create -- constructor
+ * nssArena_Destroy
+ * nssArena_Mark
+ * nssArena_Release
+ * nssArena_Unmark
+ *
+ * nss_ZAlloc
+ * nss_ZFreeIf
+ * nss_ZRealloc
+ *
+ * Additionally, there are some preprocessor macros:
+ *
+ * nss_ZNEW
+ * nss_ZNEWARRAY
+ *
+ * In debug builds, the following calls are available:
+ *
+ * nssArena_verifyPointer
+ * nssArena_registerDestructor
+ * nssArena_deregisterDestructor
+ *
+ * The following preprocessor macro is also always available:
+ *
+ * nssArena_VERIFYPOINTER
+ *
+ * A constant PLHashAllocOps structure is available for users
+ * of the NSPL PLHashTable routines.
+ *
+ * nssArenaHashAllocOps
+ */
+
+/*
+ * nssArena_Create
+ *
+ * This routine creates a new memory arena. This routine may return
+ * NULL upon error, in which case it will have set an error on the
+ * error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to an NSSArena upon success
+ */
+
+/*
+ * XXX fgmr
+ * Arenas can be named upon creation; this is mostly of use when
+ * debugging. Should we expose that here, allowing an optional
+ * "const char *name" argument? Should the public version of this
+ * call (NSSArena_Create) have it too?
+ */
+
+NSS_EXTERN NSSArena *nssArena_Create(void);
+
+extern const NSSError NSS_ERROR_NO_MEMORY;
+
+/*
+ * nssArena_Destroy
+ *
+ * This routine will destroy the specified arena, freeing all memory
+ * allocated from it. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCESS. If unsuccessful, it will
+ * set an error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus nssArena_Destroy(NSSArena *arena);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+
+/*
+ * nssArena_Mark
+ *
+ * This routine "marks" the current state of an arena. Space
+ * allocated after the arena has been marked can be freed by
+ * releasing the arena back to the mark with nssArena_Release,
+ * or committed by calling nssArena_Unmark. When successful,
+ * this routine returns a valid nssArenaMark pointer. This
+ * routine may return NULL upon error, in which case it will
+ * have set an error on the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon failure
+ * An nssArenaMark pointer upon success
+ */
+
+NSS_EXTERN nssArenaMark *nssArena_Mark(NSSArena *arena);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_NO_MEMORY;
+extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
+
+/*
+ * nssArena_Release
+ *
+ * This routine invalidates and releases all memory allocated from
+ * the specified arena after the point at which the specified mark
+ * was obtained. This routine returns a PRStatus value; if successful,
+ * it will return PR_SUCCESS. If unsuccessful, it will set an error
+ * on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_INVALID_ARENA_MARK
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus nssArena_Release(NSSArena *arena, nssArenaMark *arenaMark);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
+
+/*
+ * nssArena_Unmark
+ *
+ * This routine "commits" the indicated mark and any marks after
+ * it, making them unreleasable. Note that any earlier marks can
+ * still be released, and such a release will invalidate these
+ * later unmarked regions. If an arena is to be safely shared by
+ * more than one thread, all marks must be either released or
+ * unmarked. This routine returns a PRStatus value; if successful,
+ * it will return PR_SUCCESS. If unsuccessful, it will set an error
+ * on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_INVALID_ARENA_MARK
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus nssArena_Unmark(NSSArena *arena, nssArenaMark *arenaMark);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
+extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
+
+#ifdef ARENA_DESTRUCTOR_LIST
+
+/*
+ * nssArena_registerDestructor
+ *
+ * This routine stores a pointer to a callback and an arbitrary
+ * pointer-sized argument in the arena, at the current point in
+ * the mark stack. If the arena is destroyed, or an "earlier"
+ * mark is released, then this destructor will be called at that
+ * time. Note that the destructor will be called with the arena
+ * locked, which means the destructor may free memory in that
+ * arena, but it may not allocate or cause to be allocated any
+ * memory. This callback facility was included to support our
+ * debug-version pointer-tracker feature; overuse runs counter to
+ * the the original intent of arenas. This routine returns a
+ * PRStatus value; if successful, it will return PR_SUCCESS. If
+ * unsuccessful, it will set an error on the error stack and
+ * return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus nssArena_registerDestructor(
+ NSSArena *arena, void (*destructor)(void *argument), void *arg);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_NO_MEMORY;
+
+/*
+ * nssArena_deregisterDestructor
+ *
+ * This routine will remove the first destructor in the specified
+ * arena which has the specified destructor and argument values.
+ * The destructor will not be called. This routine returns a
+ * PRStatus value; if successful, it will return PR_SUCCESS. If
+ * unsuccessful, it will set an error on the error stack and
+ * return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NOT_FOUND
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus nssArena_deregisterDestructor(
+ NSSArena *arena, void (*destructor)(void *argument), void *arg);
+
+extern const NSSError NSS_ERROR_INVALID_ITEM;
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+#endif /* ARENA_DESTRUCTOR_LIST */
+
+/*
+ * nss_ZAlloc
+ *
+ * This routine allocates and zeroes a section of memory of the
+ * size, and returns to the caller a pointer to that memory. If
+ * the optional arena argument is non-null, the memory will be
+ * obtained from that arena; otherwise, the memory will be obtained
+ * from the heap. This routine may return NULL upon error, in
+ * which case it will have set an error upon the error stack. The
+ * value specified for size may be zero; in which case a valid
+ * zero-length block of memory will be allocated. This block may
+ * be expanded by calling nss_ZRealloc.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+NSS_EXTERN void *nss_ZAlloc(NSSArena *arenaOpt, PRUint32 size);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_NO_MEMORY;
+extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
+
+/*
+ * nss_ZFreeIf
+ *
+ * If the specified pointer is non-null, then the region of memory
+ * to which it points -- which must have been allocated with
+ * nss_ZAlloc -- will be zeroed and released. This routine
+ * returns a PRStatus value; if successful, it will return PR_SUCCESS.
+ * If unsuccessful, it will set an error on the error stack and return
+ * PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus nss_ZFreeIf(void *pointer);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+
+/*
+ * nss_ZRealloc
+ *
+ * This routine reallocates a block of memory obtained by calling
+ * nss_ZAlloc or nss_ZRealloc. The portion of memory
+ * between the new and old sizes -- which is either being newly
+ * obtained or released -- is in either case zeroed. This routine
+ * may return NULL upon failure, in which case it will have placed
+ * an error on the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the replacement segment of memory
+ */
+
+NSS_EXTERN void *nss_ZRealloc(void *pointer, PRUint32 newSize);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+extern const NSSError NSS_ERROR_NO_MEMORY;
+extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
+
+/*
+ * nss_ZNEW
+ *
+ * This preprocessor macro will allocate memory for a new object
+ * of the specified type with nss_ZAlloc, and will cast the
+ * return value appropriately. If the optional arena argument is
+ * non-null, the memory will be obtained from that arena; otherwise,
+ * the memory will be obtained from the heap. This routine may
+ * return NULL upon error, in which case it will have set an error
+ * upon the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+#define nss_ZNEW(arenaOpt, type) ((type *)nss_ZAlloc((arenaOpt), sizeof(type)))
+
+/*
+ * nss_ZNEWARRAY
+ *
+ * This preprocessor macro will allocate memory for an array of
+ * new objects, and will cast the return value appropriately.
+ * If the optional arena argument is non-null, the memory will
+ * be obtained from that arena; otherwise, the memory will be
+ * obtained from the heap. This routine may return NULL upon
+ * error, in which case it will have set an error upon the error
+ * stack. The array size may be specified as zero.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+#define nss_ZNEWARRAY(arenaOpt, type, quantity) \
+ ((type *)nss_ZAlloc((arenaOpt), sizeof(type) * (quantity)))
+
+/*
+ * nss_ZREALLOCARRAY
+ *
+ * This preprocessor macro will reallocate memory for an array of
+ * new objects, and will cast the return value appropriately.
+ * This routine may return NULL upon error, in which case it will
+ * have set an error upon the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the replacement segment of memory
+ */
+#define nss_ZREALLOCARRAY(p, type, quantity) \
+ ((type *)nss_ZRealloc((p), sizeof(type) * (quantity)))
+
+/*
+ * nssArena_verifyPointer
+ *
+ * This method is only present in debug builds.
+ *
+ * If the specified pointer is a valid pointer to an NSSArena object,
+ * this routine will return PR_SUCCESS. Otherwise, it will put an
+ * error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ *
+ * Return value:
+ * PR_SUCCESS if the pointer is valid
+ * PR_FAILURE if it isn't
+ */
+
+#ifdef DEBUG
+NSS_EXTERN PRStatus nssArena_verifyPointer(const NSSArena *arena);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+#endif /* DEBUG */
+
+/*
+ * nssArena_VERIFYPOINTER
+ *
+ * This macro is always available. In debug builds it will call
+ * nssArena_verifyPointer; in non-debug builds, it will merely
+ * check that the pointer is not null. Note that in non-debug
+ * builds it cannot place an error on the error stack.
+ *
+ * Return value:
+ * PR_SUCCESS if the pointer is valid
+ * PR_FAILURE if it isn't
+ */
+
+#ifdef DEBUG
+#define nssArena_VERIFYPOINTER(p) nssArena_verifyPointer(p)
+#else /* DEBUG */
+
+#define nssArena_VERIFYPOINTER(p) \
+ (((NSSArena *)NULL == (p)) ? PR_FAILURE : PR_SUCCESS)
+#endif /* DEBUG */
+
+/*
+ * Private function to be called by NSS_Shutdown to cleanup nssArena
+ * bookkeeping.
+ */
+extern PRStatus nssArena_Shutdown(void);
+
+/*
+ * nssArenaHashAllocOps
+ *
+ * This constant structure contains allocation callbacks designed for
+ * use with the NSPL routine PL_NewHashTable. For example:
+ *
+ * NSSArena *hashTableArena = nssArena_Create();
+ * PLHashTable *t = PL_NewHashTable(n, hasher, key_compare,
+ * value_compare, nssArenaHashAllocOps, hashTableArena);
+ */
+
+NSS_EXTERN_DATA PLHashAllocOps nssArenaHashAllocOps;
+
+/*
+ * The error stack
+ *
+ * The nonpublic methods relating to the error stack are:
+ *
+ * nss_SetError
+ * nss_ClearErrorStack
+ */
+
+/*
+ * nss_SetError
+ *
+ * This routine places a new error code on the top of the calling
+ * thread's error stack. Calling this routine wiht an error code
+ * of zero will clear the error stack.
+ */
+
+NSS_EXTERN void nss_SetError(PRUint32 error);
+
+/*
+ * nss_ClearErrorStack
+ *
+ * This routine clears the calling thread's error stack.
+ */
+
+NSS_EXTERN void nss_ClearErrorStack(void);
+
+/*
+ * nss_DestroyErrorStack
+ *
+ * This routine frees the calling thread's error stack.
+ */
+
+NSS_EXTERN void nss_DestroyErrorStack(void);
+
+/*
+ * NSSItem
+ *
+ * nssItem_Create
+ * nssItem_Duplicate
+ * nssItem_Equal
+ */
+
+NSS_EXTERN NSSItem *nssItem_Create(NSSArena *arenaOpt, NSSItem *rvOpt,
+ PRUint32 length, const void *data);
+
+NSS_EXTERN void nssItem_Destroy(NSSItem *item);
+
+NSS_EXTERN NSSItem *nssItem_Duplicate(NSSItem *obj, NSSArena *arenaOpt,
+ NSSItem *rvOpt);
+
+NSS_EXTERN PRBool nssItem_Equal(const NSSItem *one, const NSSItem *two,
+ PRStatus *statusOpt);
+
+/*
+ * NSSUTF8
+ *
+ * nssUTF8_CaseIgnoreMatch
+ * nssUTF8_Duplicate
+ * nssUTF8_Size
+ * nssUTF8_Length
+ * nssUTF8_CopyIntoFixedBuffer
+ */
+
+/*
+ * nssUTF8_CaseIgnoreMatch
+ *
+ * Returns true if the two UTF8-encoded strings pointed to by the
+ * two specified NSSUTF8 pointers differ only in typcase.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_TRUE if the strings match, ignoring case
+ * PR_FALSE if they don't
+ * PR_FALSE upon error
+ */
+
+NSS_EXTERN PRBool nssUTF8_CaseIgnoreMatch(const NSSUTF8 *a, const NSSUTF8 *b,
+ PRStatus *statusOpt);
+
+/*
+ * nssUTF8_Duplicate
+ *
+ * This routine duplicates the UTF8-encoded string pointed to by the
+ * specified NSSUTF8 pointer. If the optional arenaOpt argument is
+ * not null, the memory required will be obtained from that arena;
+ * otherwise, the memory required will be obtained from the heap.
+ * A pointer to the new string will be returned. In case of error,
+ * an error will be placed on the error stack and NULL will be
+ * returned.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ */
+
+NSS_EXTERN NSSUTF8 *nssUTF8_Duplicate(const NSSUTF8 *s, NSSArena *arenaOpt);
+
+/*
+ * nssUTF8_PrintableMatch
+ *
+ * Returns true if the two Printable strings pointed to by the
+ * two specified NSSUTF8 pointers match when compared with the
+ * rules for Printable String (leading and trailing spaces are
+ * disregarded, extents of whitespace match irregardless of length,
+ * and case is not significant), then PR_TRUE will be returned.
+ * Otherwise, PR_FALSE will be returned. Upon failure, PR_FALSE
+ * will be returned. If the optional statusOpt argument is not
+ * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
+ * location.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_TRUE if the strings match, ignoring case
+ * PR_FALSE if they don't
+ * PR_FALSE upon error
+ */
+
+NSS_EXTERN PRBool nssUTF8_PrintableMatch(const NSSUTF8 *a, const NSSUTF8 *b,
+ PRStatus *statusOpt);
+
+/*
+ * nssUTF8_Size
+ *
+ * This routine returns the length in bytes (including the terminating
+ * null) of the UTF8-encoded string pointed to by the specified
+ * NSSUTF8 pointer. Zero is returned on error.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_VALUE_TOO_LARGE
+ *
+ * Return value:
+ * nonzero size of the string
+ * 0 on error
+ */
+
+NSS_EXTERN PRUint32 nssUTF8_Size(const NSSUTF8 *s, PRStatus *statusOpt);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
+
+/*
+ * nssUTF8_Length
+ *
+ * This routine returns the length in characters (not including the
+ * terminating null) of the UTF8-encoded string pointed to by the
+ * specified NSSUTF8 pointer.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_VALUE_TOO_LARGE
+ * NSS_ERROR_INVALID_STRING
+ *
+ * Return value:
+ * length of the string (which may be zero)
+ * 0 on error
+ */
+
+NSS_EXTERN PRUint32 nssUTF8_Length(const NSSUTF8 *s, PRStatus *statusOpt);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
+extern const NSSError NSS_ERROR_INVALID_STRING;
+
+/*
+ * nssUTF8_Create
+ *
+ * This routine creates a UTF8 string from a string in some other
+ * format. Some types of string may include embedded null characters,
+ * so for them the length parameter must be used. For string types
+ * that are null-terminated, the length parameter is optional; if it
+ * is zero, it will be ignored. If the optional arena argument is
+ * non-null, the memory used for the new string will be obtained from
+ * that arena, otherwise it will be obtained from the heap. This
+ * routine may return NULL upon error, in which case it will have
+ * placed an error on the error stack.
+ *
+ * The error may be one of the following:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_UNSUPPORTED_TYPE
+ *
+ * Return value:
+ * NULL upon error
+ * A non-null pointer to a new UTF8 string otherwise
+ */
+
+NSS_EXTERN NSSUTF8 *nssUTF8_Create(NSSArena *arenaOpt, nssStringType type,
+ const void *inputString,
+ PRUint32 size /* in bytes, not characters */
+ );
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+extern const NSSError NSS_ERROR_NO_MEMORY;
+extern const NSSError NSS_ERROR_UNSUPPORTED_TYPE;
+
+NSS_EXTERN NSSItem *nssUTF8_GetEncoding(NSSArena *arenaOpt, NSSItem *rvOpt,
+ nssStringType type, NSSUTF8 *string);
+
+/*
+ * nssUTF8_CopyIntoFixedBuffer
+ *
+ * This will copy a UTF8 string into a fixed-length buffer, making
+ * sure that the all characters are valid. Any remaining space will
+ * be padded with the specified ASCII character, typically either
+ * null or space.
+ *
+ * Blah, blah, blah.
+ */
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
+
+NSS_EXTERN PRStatus nssUTF8_CopyIntoFixedBuffer(NSSUTF8 *string, char *buffer,
+ PRUint32 bufferSize, char pad);
+
+/*
+ * nssUTF8_Equal
+ *
+ */
+
+NSS_EXTERN PRBool nssUTF8_Equal(const NSSUTF8 *a, const NSSUTF8 *b,
+ PRStatus *statusOpt);
+
+/*
+ * nssList
+ *
+ * The goal is to provide a simple, optionally threadsafe, linked list
+ * class. Since NSS did not seem to use the circularity of PRCList
+ * much before, this provides a list that appears to be a linear,
+ * NULL-terminated list.
+ */
+
+/*
+ * nssList_Create
+ *
+ * If threadsafe is true, the list will be locked during modifications
+ * and traversals.
+ */
+NSS_EXTERN nssList *nssList_Create(NSSArena *arenaOpt, PRBool threadSafe);
+
+/*
+ * nssList_Destroy
+ */
+NSS_EXTERN PRStatus nssList_Destroy(nssList *list);
+
+NSS_EXTERN void nssList_Clear(nssList *list,
+ nssListElementDestructorFunc destructor);
+
+/*
+ * nssList_SetCompareFunction
+ *
+ * By default, two list elements will be compared by comparing their
+ * data pointers. By setting this function, the user can control
+ * how elements are compared.
+ */
+NSS_EXTERN void nssList_SetCompareFunction(nssList *list,
+ nssListCompareFunc compareFunc);
+
+/*
+ * nssList_SetSortFunction
+ *
+ * Sort function to use for an ordered list.
+ */
+NSS_EXTERN void nssList_SetSortFunction(nssList *list,
+ nssListSortFunc sortFunc);
+
+/*
+ * nssList_Add
+ */
+NSS_EXTERN PRStatus nssList_Add(nssList *list, void *data);
+
+/*
+ * nssList_AddUnique
+ *
+ * This will use the compare function to see if the element is already
+ * in the list.
+ */
+NSS_EXTERN PRStatus nssList_AddUnique(nssList *list, void *data);
+
+/*
+ * nssList_Remove
+ *
+ * Uses the compare function to locate the element and remove it.
+ */
+NSS_EXTERN PRStatus nssList_Remove(nssList *list, void *data);
+
+/*
+ * nssList_Get
+ *
+ * Uses the compare function to locate an element. Also serves as
+ * nssList_Exists.
+ */
+NSS_EXTERN void *nssList_Get(nssList *list, void *data);
+
+/*
+ * nssList_Count
+ */
+NSS_EXTERN PRUint32 nssList_Count(nssList *list);
+
+/*
+ * nssList_GetArray
+ *
+ * Fill rvArray, up to maxElements, with elements in the list. The
+ * array is NULL-terminated, so its allocated size must be maxElements + 1.
+ */
+NSS_EXTERN PRStatus nssList_GetArray(nssList *list, void **rvArray,
+ PRUint32 maxElements);
+
+/*
+ * nssList_CreateIterator
+ *
+ * Create an iterator for list traversal.
+ */
+NSS_EXTERN nssListIterator *nssList_CreateIterator(nssList *list);
+
+NSS_EXTERN nssList *nssList_Clone(nssList *list);
+
+/*
+ * nssListIterator_Destroy
+ */
+NSS_EXTERN void nssListIterator_Destroy(nssListIterator *iter);
+
+/*
+ * nssListIterator_Start
+ *
+ * Begin a list iteration. After this call, if the list is threadSafe,
+ * the list is *locked*.
+ */
+NSS_EXTERN void *nssListIterator_Start(nssListIterator *iter);
+
+/*
+ * nssListIterator_Next
+ *
+ * Continue a list iteration.
+ */
+NSS_EXTERN void *nssListIterator_Next(nssListIterator *iter);
+
+/*
+ * nssListIterator_Finish
+ *
+ * Complete a list iteration. This *must* be called in order for the
+ * lock to be released.
+ */
+NSS_EXTERN PRStatus nssListIterator_Finish(nssListIterator *iter);
+
+/*
+ * nssHash
+ *
+ * nssHash_Create
+ * nssHash_Destroy
+ * nssHash_Add
+ * nssHash_Remove
+ * nssHash_Count
+ * nssHash_Exists
+ * nssHash_Lookup
+ * nssHash_Iterate
+ */
+
+/*
+ * nssHash_Create
+ *
+ */
+
+NSS_EXTERN nssHash *nssHash_Create(NSSArena *arenaOpt, PRUint32 numBuckets,
+ PLHashFunction keyHash,
+ PLHashComparator keyCompare,
+ PLHashComparator valueCompare);
+
+NSS_EXTERN nssHash *nssHash_CreatePointer(NSSArena *arenaOpt,
+ PRUint32 numBuckets);
+
+NSS_EXTERN nssHash *nssHash_CreateString(NSSArena *arenaOpt,
+ PRUint32 numBuckets);
+
+NSS_EXTERN nssHash *nssHash_CreateItem(NSSArena *arenaOpt, PRUint32 numBuckets);
+
+/*
+ * nssHash_Destroy
+ *
+ */
+NSS_EXTERN void nssHash_Destroy(nssHash *hash);
+
+/*
+ * nssHash_Add
+ *
+ */
+
+extern const NSSError NSS_ERROR_HASH_COLLISION;
+
+NSS_EXTERN PRStatus nssHash_Add(nssHash *hash, const void *key,
+ const void *value);
+
+/*
+ * nssHash_Remove
+ *
+ */
+NSS_EXTERN void nssHash_Remove(nssHash *hash, const void *it);
+
+/*
+ * nssHash_Count
+ *
+ */
+NSS_EXTERN PRUint32 nssHash_Count(nssHash *hash);
+
+/*
+ * nssHash_Exists
+ *
+ */
+NSS_EXTERN PRBool nssHash_Exists(nssHash *hash, const void *it);
+
+/*
+ * nssHash_Lookup
+ *
+ */
+NSS_EXTERN void *nssHash_Lookup(nssHash *hash, const void *it);
+
+/*
+ * nssHash_Iterate
+ *
+ */
+NSS_EXTERN void nssHash_Iterate(nssHash *hash, nssHashIterator fcn,
+ void *closure);
+
+/*
+ * nssPointerTracker
+ *
+ * This type and these methods are only present in debug builds.
+ *
+ * The nonpublic methods relating to this type are:
+ *
+ * nssPointerTracker_initialize
+ * nssPointerTracker_finalize
+ * nssPointerTracker_add
+ * nssPointerTracker_remove
+ * nssPointerTracker_verify
+ */
+
+/*
+ * nssPointerTracker_initialize
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine initializes an nssPointerTracker object. Note that
+ * the object must have been declared *static* to guarantee that it
+ * is in a zeroed state initially. This routine is idempotent, and
+ * may even be safely called by multiple threads simultaneously with
+ * the same argument. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCESS. On failure it will set an
+ * error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+#ifdef DEBUG
+NSS_EXTERN PRStatus nssPointerTracker_initialize(nssPointerTracker *tracker);
+
+extern const NSSError NSS_ERROR_NO_MEMORY;
+#endif /* DEBUG */
+
+/*
+ * nssPointerTracker_finalize
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine returns the nssPointerTracker object to the pre-
+ * initialized state, releasing all resources used by the object.
+ * It will *NOT* destroy the objects being tracked by the pointer
+ * (should any remain), and therefore cannot be used to "sweep up"
+ * remaining objects. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCES. On failure it will set an
+ * error on the error stack and return PR_FAILURE. If any objects
+ * remain in the tracker when it is finalized, that will be treated
+ * as an error.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_TRACKER_NOT_EMPTY
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+#ifdef DEBUG
+NSS_EXTERN PRStatus nssPointerTracker_finalize(nssPointerTracker *tracker);
+
+extern const NSSError NSS_ERROR_TRACKER_NOT_EMPTY;
+#endif /* DEBUG */
+
+/*
+ * nssPointerTracker_add
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine adds the specified pointer to the nssPointerTracker
+ * object. It should be called in constructor objects to register
+ * new valid objects. The nssPointerTracker is threadsafe, but this
+ * call is not idempotent. This routine returns a PRStatus value;
+ * if successful it will return PR_SUCCESS. On failure it will set
+ * an error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_TRACKER_NOT_INITIALIZED
+ * NSS_ERROR_DUPLICATE_POINTER
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+#ifdef DEBUG
+NSS_EXTERN PRStatus nssPointerTracker_add(nssPointerTracker *tracker,
+ const void *pointer);
+
+extern const NSSError NSS_ERROR_NO_MEMORY;
+extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
+extern const NSSError NSS_ERROR_DUPLICATE_POINTER;
+#endif /* DEBUG */
+
+/*
+ * nssPointerTracker_remove
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine removes the specified pointer from the
+ * nssPointerTracker object. It does not call any destructor for the
+ * object; rather, this should be called from the object's destructor.
+ * The nssPointerTracker is threadsafe, but this call is not
+ * idempotent. This routine returns a PRStatus value; if successful
+ * it will return PR_SUCCESS. On failure it will set an error on the
+ * error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_TRACKER_NOT_INITIALIZED
+ * NSS_ERROR_POINTER_NOT_REGISTERED
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+#ifdef DEBUG
+NSS_EXTERN PRStatus nssPointerTracker_remove(nssPointerTracker *tracker,
+ const void *pointer);
+
+extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
+extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
+#endif /* DEBUG */
+
+/*
+ * nssPointerTracker_verify
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine verifies that the specified pointer has been registered
+ * with the nssPointerTracker object. The nssPointerTracker object is
+ * threadsafe, and this call may be safely called from multiple threads
+ * simultaneously with the same arguments. This routine returns a
+ * PRStatus value; if the pointer is registered this will return
+ * PR_SUCCESS. Otherwise it will set an error on the error stack and
+ * return PR_FAILURE. Although the error is suitable for leaving on
+ * the stack, callers may wish to augment the information available by
+ * placing a more type-specific error on the stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_POINTER_NOT_REGISTERED
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILRUE
+ */
+
+#ifdef DEBUG
+NSS_EXTERN PRStatus nssPointerTracker_verify(nssPointerTracker *tracker,
+ const void *pointer);
+
+extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
+#endif /* DEBUG */
+
+/*
+ * libc
+ *
+ * nsslibc_memcpy
+ * nsslibc_memset
+ * nsslibc_offsetof
+ */
+
+/*
+ * nsslibc_memcpy
+ *
+ * Errors:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * NULL on error
+ * The destination pointer on success
+ */
+
+NSS_EXTERN void *nsslibc_memcpy(void *dest, const void *source, PRUint32 n);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+
+/*
+ * nsslibc_memset
+ *
+ * Errors:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * NULL on error
+ * The destination pointer on success
+ */
+
+NSS_EXTERN void *nsslibc_memset(void *dest, PRUint8 byte, PRUint32 n);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+
+/*
+ * nsslibc_memequal
+ *
+ * Errors:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_TRUE if they match
+ * PR_FALSE if they don't
+ * PR_FALSE upon error
+ */
+
+NSS_EXTERN PRBool nsslibc_memequal(const void *a, const void *b, PRUint32 len,
+ PRStatus *statusOpt);
+
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+
+#define nsslibc_offsetof(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
+
+PR_END_EXTERN_C
+
+#endif /* BASE_H */
diff --git a/security/nss/lib/base/baset.h b/security/nss/lib/base/baset.h
new file mode 100644
index 000000000..3953a755e
--- /dev/null
+++ b/security/nss/lib/base/baset.h
@@ -0,0 +1,124 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BASET_H
+#define BASET_H
+
+/*
+ * baset.h
+ *
+ * This file contains definitions for the basic types used throughout
+ * nss but not available publicly.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#include "plhash.h"
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * nssArenaMark
+ *
+ * This type is used to mark the current state of an NSSArena.
+ */
+
+struct nssArenaMarkStr;
+typedef struct nssArenaMarkStr nssArenaMark;
+
+#ifdef DEBUG
+/*
+ * ARENA_THREADMARK
+ *
+ * Optionally, this arena implementation can be compiled with some
+ * runtime checking enabled, which will catch the situation where
+ * one thread "marks" the arena, another thread allocates memory,
+ * and then the mark is released. Usually this is a surprise to
+ * the second thread, and this leads to weird runtime errors.
+ * Define ARENA_THREADMARK to catch these cases; we define it for all
+ * (internal and external) debug builds.
+ */
+#define ARENA_THREADMARK
+
+/*
+ * ARENA_DESTRUCTOR_LIST
+ *
+ * Unfortunately, our pointer-tracker facility, used in debug
+ * builds to agressively fight invalid pointers, requries that
+ * pointers be deregistered when objects are destroyed. This
+ * conflicts with the standard arena usage where "memory-only"
+ * objects (that don't hold onto resources outside the arena)
+ * can be allocated in an arena, and never destroyed other than
+ * when the arena is destroyed. Therefore we have added a
+ * destructor-registratio facility to our arenas. This was not
+ * a simple decision, since we're getting ever-further away from
+ * the original arena philosophy. However, it was felt that
+ * adding this in debug builds wouldn't be so bad; as it would
+ * discourage them from being used for "serious" purposes.
+ * This facility requires ARENA_THREADMARK to be defined.
+ */
+#ifdef ARENA_THREADMARK
+#define ARENA_DESTRUCTOR_LIST
+#endif /* ARENA_THREADMARK */
+
+#endif /* DEBUG */
+
+typedef struct nssListStr nssList;
+typedef struct nssListIteratorStr nssListIterator;
+typedef PRBool (*nssListCompareFunc)(void *a, void *b);
+typedef PRIntn (*nssListSortFunc)(void *a, void *b);
+typedef void (*nssListElementDestructorFunc)(void *el);
+
+typedef struct nssHashStr nssHash;
+typedef void(PR_CALLBACK *nssHashIterator)(const void *key, void *value,
+ void *arg);
+
+/*
+ * nssPointerTracker
+ *
+ * This type is used in debug builds (both external and internal) to
+ * track our object pointers. Objects of this type must be statically
+ * allocated, which means the structure size must be available to the
+ * compiler. Therefore we must expose the contents of this structure.
+ * But please don't access elements directly; use the accessors.
+ */
+
+#ifdef DEBUG
+struct nssPointerTrackerStr {
+ PRCallOnceType once;
+ PZLock *lock;
+ PLHashTable *table;
+};
+typedef struct nssPointerTrackerStr nssPointerTracker;
+#endif /* DEBUG */
+
+/*
+ * nssStringType
+ *
+ * There are several types of strings in the real world. We try to
+ * use only UTF8 and avoid the rest, but that's not always possible.
+ * So we have a couple converter routines to go to and from the other
+ * string types. We have to be able to specify those string types,
+ * so we have this enumeration.
+ */
+
+enum nssStringTypeEnum {
+ nssStringType_DirectoryString,
+ nssStringType_TeletexString, /* Not "teletext" with trailing 't' */
+ nssStringType_PrintableString,
+ nssStringType_UniversalString,
+ nssStringType_BMPString,
+ nssStringType_UTF8String,
+ nssStringType_PHGString,
+ nssStringType_GeneralString,
+
+ nssStringType_Unknown = -1
+};
+typedef enum nssStringTypeEnum nssStringType;
+
+PR_END_EXTERN_C
+
+#endif /* BASET_H */
diff --git a/security/nss/lib/base/config.mk b/security/nss/lib/base/config.mk
new file mode 100644
index 000000000..2676cd537
--- /dev/null
+++ b/security/nss/lib/base/config.mk
@@ -0,0 +1,19 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef BUILD_IDG
+DEFINES += -DNSSDEBUG
+endif
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/base/error.c b/security/nss/lib/base/error.c
new file mode 100644
index 000000000..ea1d5e3e8
--- /dev/null
+++ b/security/nss/lib/base/error.c
@@ -0,0 +1,269 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * error.c
+ *
+ * This file contains the code implementing the per-thread error
+ * stacks upon which most NSS routines report their errors.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+#include <limits.h> /* for UINT_MAX */
+#include <string.h> /* for memmove */
+
+#define NSS_MAX_ERROR_STACK_COUNT 16 /* error codes */
+
+/*
+ * The stack itself has a header, and a sequence of integers.
+ * The header records the amount of space (as measured in stack
+ * slots) already allocated for the stack, and the count of the
+ * number of records currently being used.
+ */
+
+struct stack_header_str {
+ PRUint16 space;
+ PRUint16 count;
+};
+
+struct error_stack_str {
+ struct stack_header_str header;
+ PRInt32 stack[1];
+};
+typedef struct error_stack_str error_stack;
+
+/*
+ * error_stack_index
+ *
+ * Thread-private data must be indexed. This is that index.
+ * See PR_NewThreadPrivateIndex for more information.
+ *
+ * Thread-private data indexes are in the range [0, 127].
+ */
+
+#define INVALID_TPD_INDEX UINT_MAX
+static PRUintn error_stack_index = INVALID_TPD_INDEX;
+
+/*
+ * call_once
+ *
+ * The thread-private index must be obtained (once!) at runtime.
+ * This block is used for that one-time call.
+ */
+
+static PRCallOnceType error_call_once;
+
+/*
+ * error_once_function
+ *
+ * This is the once-called callback.
+ */
+static PRStatus
+error_once_function(void)
+{
+ return PR_NewThreadPrivateIndex(&error_stack_index, PR_Free);
+}
+
+/*
+ * error_get_my_stack
+ *
+ * This routine returns the calling thread's error stack, creating
+ * it if necessary. It may return NULL upon error, which implicitly
+ * means that it ran out of memory.
+ */
+
+static error_stack *
+error_get_my_stack(void)
+{
+ PRStatus st;
+ error_stack *rv;
+ PRUintn new_size;
+ PRUint32 new_bytes;
+ error_stack *new_stack;
+
+ if (INVALID_TPD_INDEX == error_stack_index) {
+ st = PR_CallOnce(&error_call_once, error_once_function);
+ if (PR_SUCCESS != st) {
+ return (error_stack *)NULL;
+ }
+ }
+
+ rv = (error_stack *)PR_GetThreadPrivate(error_stack_index);
+ if ((error_stack *)NULL == rv) {
+ /* Doesn't exist; create one */
+ new_size = 16;
+ } else if (rv->header.count == rv->header.space &&
+ rv->header.count < NSS_MAX_ERROR_STACK_COUNT) {
+ /* Too small, expand it */
+ new_size = PR_MIN(rv->header.space * 2, NSS_MAX_ERROR_STACK_COUNT);
+ } else {
+ /* Okay, return it */
+ return rv;
+ }
+
+ new_bytes = (new_size * sizeof(PRInt32)) + sizeof(error_stack);
+ /* Use NSPR's calloc/realloc, not NSS's, to avoid loops! */
+ new_stack = PR_Calloc(1, new_bytes);
+
+ if ((error_stack *)NULL != new_stack) {
+ if ((error_stack *)NULL != rv) {
+ (void)nsslibc_memcpy(new_stack, rv, rv->header.space);
+ }
+ new_stack->header.space = new_size;
+ }
+
+ /* Set the value, whether or not the allocation worked */
+ PR_SetThreadPrivate(error_stack_index, new_stack);
+ return new_stack;
+}
+
+/*
+ * The error stack
+ *
+ * The public methods relating to the error stack are:
+ *
+ * NSS_GetError
+ * NSS_GetErrorStack
+ *
+ * The nonpublic methods relating to the error stack are:
+ *
+ * nss_SetError
+ * nss_ClearErrorStack
+ *
+ */
+
+/*
+ * NSS_GetError
+ *
+ * This routine returns the highest-level (most general) error set
+ * by the most recent NSS library routine called by the same thread
+ * calling this routine.
+ *
+ * This routine cannot fail. However, it may return zero, which
+ * indicates that the previous NSS library call did not set an error.
+ *
+ * Return value:
+ * 0 if no error has been set
+ * A nonzero error number
+ */
+
+NSS_IMPLEMENT PRInt32
+NSS_GetError(void)
+{
+ error_stack *es = error_get_my_stack();
+
+ if ((error_stack *)NULL == es) {
+ return NSS_ERROR_NO_MEMORY; /* Good guess! */
+ }
+
+ if (0 == es->header.count) {
+ return 0;
+ }
+
+ return es->stack[es->header.count - 1];
+}
+
+/*
+ * NSS_GetErrorStack
+ *
+ * This routine returns a pointer to an array of integers, containing
+ * the entire sequence or "stack" of errors set by the most recent NSS
+ * library routine called by the same thread calling this routine.
+ * NOTE: the caller DOES NOT OWN the memory pointed to by the return
+ * value. The pointer will remain valid until the calling thread
+ * calls another NSS routine. The lowest-level (most specific) error
+ * is first in the array, and the highest-level is last. The array is
+ * zero-terminated. This routine may return NULL upon error; this
+ * indicates a low-memory situation.
+ *
+ * Return value:
+ * NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
+ * A NON-caller-owned pointer to an array of integers
+ */
+
+NSS_IMPLEMENT PRInt32 *
+NSS_GetErrorStack(void)
+{
+ error_stack *es = error_get_my_stack();
+
+ if ((error_stack *)NULL == es) {
+ return (PRInt32 *)NULL;
+ }
+
+ /* Make sure it's terminated */
+ es->stack[es->header.count] = 0;
+
+ return es->stack;
+}
+
+/*
+ * nss_SetError
+ *
+ * This routine places a new error code on the top of the calling
+ * thread's error stack. Calling this routine wiht an error code
+ * of zero will clear the error stack.
+ */
+
+NSS_IMPLEMENT void
+nss_SetError(PRUint32 error)
+{
+ error_stack *es;
+
+ if (0 == error) {
+ nss_ClearErrorStack();
+ return;
+ }
+
+ es = error_get_my_stack();
+ if ((error_stack *)NULL == es) {
+ /* Oh, well. */
+ return;
+ }
+
+ if (es->header.count < es->header.space) {
+ es->stack[es->header.count++] = error;
+ } else {
+ memmove(es->stack, es->stack + 1,
+ (es->header.space - 1) * (sizeof es->stack[0]));
+ es->stack[es->header.space - 1] = error;
+ }
+ return;
+}
+
+/*
+ * nss_ClearErrorStack
+ *
+ * This routine clears the calling thread's error stack.
+ */
+
+NSS_IMPLEMENT void
+nss_ClearErrorStack(void)
+{
+ error_stack *es = error_get_my_stack();
+ if ((error_stack *)NULL == es) {
+ /* Oh, well. */
+ return;
+ }
+
+ es->header.count = 0;
+ es->stack[0] = 0;
+ return;
+}
+
+/*
+ * nss_DestroyErrorStack
+ *
+ * This routine frees the calling thread's error stack.
+ */
+
+NSS_IMPLEMENT void
+nss_DestroyErrorStack(void)
+{
+ if (INVALID_TPD_INDEX != error_stack_index) {
+ PR_SetThreadPrivate(error_stack_index, NULL);
+ }
+ return;
+}
diff --git a/security/nss/lib/base/errorval.c b/security/nss/lib/base/errorval.c
new file mode 100644
index 000000000..b7045a390
--- /dev/null
+++ b/security/nss/lib/base/errorval.c
@@ -0,0 +1,65 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * errorval.c
+ *
+ * This file contains the actual error constants used in NSS.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+/* clang-format off */
+
+const NSSError NSS_ERROR_NO_ERROR = 0;
+const NSSError NSS_ERROR_INTERNAL_ERROR = 1;
+const NSSError NSS_ERROR_NO_MEMORY = 2;
+const NSSError NSS_ERROR_INVALID_POINTER = 3;
+const NSSError NSS_ERROR_INVALID_ARENA = 4;
+const NSSError NSS_ERROR_INVALID_ARENA_MARK = 5;
+const NSSError NSS_ERROR_DUPLICATE_POINTER = 6;
+const NSSError NSS_ERROR_POINTER_NOT_REGISTERED = 7;
+const NSSError NSS_ERROR_TRACKER_NOT_EMPTY = 8;
+const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED = 9;
+const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD = 10;
+const NSSError NSS_ERROR_VALUE_TOO_LARGE = 11;
+const NSSError NSS_ERROR_UNSUPPORTED_TYPE = 12;
+const NSSError NSS_ERROR_BUFFER_TOO_SHORT = 13;
+const NSSError NSS_ERROR_INVALID_ATOB_CONTEXT = 14;
+const NSSError NSS_ERROR_INVALID_BASE64 = 15;
+const NSSError NSS_ERROR_INVALID_BTOA_CONTEXT = 16;
+const NSSError NSS_ERROR_INVALID_ITEM = 17;
+const NSSError NSS_ERROR_INVALID_STRING = 18;
+const NSSError NSS_ERROR_INVALID_ASN1ENCODER = 19;
+const NSSError NSS_ERROR_INVALID_ASN1DECODER = 20;
+
+const NSSError NSS_ERROR_INVALID_BER = 21;
+const NSSError NSS_ERROR_INVALID_ATAV = 22;
+const NSSError NSS_ERROR_INVALID_ARGUMENT = 23;
+const NSSError NSS_ERROR_INVALID_UTF8 = 24;
+const NSSError NSS_ERROR_INVALID_NSSOID = 25;
+const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE = 26;
+
+const NSSError NSS_ERROR_NOT_FOUND = 27;
+
+const NSSError NSS_ERROR_INVALID_PASSWORD = 28;
+const NSSError NSS_ERROR_USER_CANCELED = 29;
+
+const NSSError NSS_ERROR_MAXIMUM_FOUND = 30;
+
+const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND = 31;
+
+const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE = 32;
+
+const NSSError NSS_ERROR_HASH_COLLISION = 33;
+const NSSError NSS_ERROR_DEVICE_ERROR = 34;
+const NSSError NSS_ERROR_INVALID_CERTIFICATE = 35;
+const NSSError NSS_ERROR_BUSY = 36;
+const NSSError NSS_ERROR_ALREADY_INITIALIZED = 37;
+
+const NSSError NSS_ERROR_PKCS11 = 38;
+
+/* clang-format on */ \ No newline at end of file
diff --git a/security/nss/lib/base/exports.gyp b/security/nss/lib/base/exports.gyp
new file mode 100644
index 000000000..394bc1dea
--- /dev/null
+++ b/security/nss/lib/base/exports.gyp
@@ -0,0 +1,33 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_base_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'nssbase.h',
+ 'nssbaset.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'base.h',
+ 'baset.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/base/hash.c b/security/nss/lib/base/hash.c
new file mode 100644
index 000000000..f9ee75803
--- /dev/null
+++ b/security/nss/lib/base/hash.c
@@ -0,0 +1,314 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * hash.c
+ *
+ * This is merely a couple wrappers around NSPR's PLHashTable, using
+ * the identity hash and arena-aware allocators.
+ * This is a copy of ckfw/hash.c, with modifications to use NSS types
+ * (not Cryptoki types). Would like for this to be a single implementation,
+ * but doesn't seem like it will work.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#include "prbit.h"
+
+/*
+ * nssHash
+ *
+ * nssHash_Create
+ * nssHash_Destroy
+ * nssHash_Add
+ * nssHash_Remove
+ * nssHash_Count
+ * nssHash_Exists
+ * nssHash_Lookup
+ * nssHash_Iterate
+ */
+
+struct nssHashStr {
+ NSSArena *arena;
+ PRBool i_alloced_arena;
+ PRLock *mutex;
+
+ /*
+ * The invariant that mutex protects is:
+ * The count accurately reflects the hashtable state.
+ */
+
+ PLHashTable *plHashTable;
+ PRUint32 count;
+};
+
+static PLHashNumber
+nss_identity_hash(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+static PLHashNumber
+nss_item_hash(const void *key)
+{
+ unsigned int i;
+ PLHashNumber h;
+ NSSItem *it = (NSSItem *)key;
+ h = 0;
+ for (i = 0; i < it->size; i++)
+ h = PR_ROTATE_LEFT32(h, 4) ^ ((unsigned char *)it->data)[i];
+ return h;
+}
+
+static int
+nss_compare_items(const void *v1, const void *v2)
+{
+ PRStatus ignore;
+ return (int)nssItem_Equal((NSSItem *)v1, (NSSItem *)v2, &ignore);
+}
+
+/*
+ * nssHash_create
+ *
+ */
+NSS_IMPLEMENT nssHash *
+nssHash_Create(NSSArena *arenaOpt, PRUint32 numBuckets, PLHashFunction keyHash,
+ PLHashComparator keyCompare, PLHashComparator valueCompare)
+{
+ nssHash *rv;
+ NSSArena *arena;
+ PRBool i_alloced;
+
+#ifdef NSSDEBUG
+ if (arenaOpt && PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (nssHash *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (arenaOpt) {
+ arena = arenaOpt;
+ i_alloced = PR_FALSE;
+ } else {
+ arena = nssArena_Create();
+ i_alloced = PR_TRUE;
+ }
+
+ rv = nss_ZNEW(arena, nssHash);
+ if ((nssHash *)NULL == rv) {
+ goto loser;
+ }
+
+ rv->mutex = PZ_NewLock(nssILockOther);
+ if ((PZLock *)NULL == rv->mutex) {
+ goto loser;
+ }
+
+ rv->plHashTable =
+ PL_NewHashTable(numBuckets, keyHash, keyCompare, valueCompare,
+ &nssArenaHashAllocOps, arena);
+ if ((PLHashTable *)NULL == rv->plHashTable) {
+ (void)PZ_DestroyLock(rv->mutex);
+ goto loser;
+ }
+
+ rv->count = 0;
+ rv->arena = arena;
+ rv->i_alloced_arena = i_alloced;
+
+ return rv;
+loser:
+ (void)nss_ZFreeIf(rv);
+ return (nssHash *)NULL;
+}
+
+/*
+ * nssHash_CreatePointer
+ *
+ */
+NSS_IMPLEMENT nssHash *
+nssHash_CreatePointer(NSSArena *arenaOpt, PRUint32 numBuckets)
+{
+ return nssHash_Create(arenaOpt, numBuckets, nss_identity_hash,
+ PL_CompareValues, PL_CompareValues);
+}
+
+/*
+ * nssHash_CreateString
+ *
+ */
+NSS_IMPLEMENT nssHash *
+nssHash_CreateString(NSSArena *arenaOpt, PRUint32 numBuckets)
+{
+ return nssHash_Create(arenaOpt, numBuckets, PL_HashString,
+ PL_CompareStrings, PL_CompareStrings);
+}
+
+/*
+ * nssHash_CreateItem
+ *
+ */
+NSS_IMPLEMENT nssHash *
+nssHash_CreateItem(NSSArena *arenaOpt, PRUint32 numBuckets)
+{
+ return nssHash_Create(arenaOpt, numBuckets, nss_item_hash,
+ nss_compare_items, PL_CompareValues);
+}
+
+/*
+ * nssHash_Destroy
+ *
+ */
+NSS_IMPLEMENT void
+nssHash_Destroy(nssHash *hash)
+{
+ (void)PZ_DestroyLock(hash->mutex);
+ PL_HashTableDestroy(hash->plHashTable);
+ if (hash->i_alloced_arena) {
+ nssArena_Destroy(hash->arena);
+ } else {
+ nss_ZFreeIf(hash);
+ }
+}
+
+/*
+ * nssHash_Add
+ *
+ */
+NSS_IMPLEMENT PRStatus
+nssHash_Add(nssHash *hash, const void *key, const void *value)
+{
+ PRStatus error = PR_FAILURE;
+ PLHashEntry *he;
+
+ PZ_Lock(hash->mutex);
+
+ he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
+ if ((PLHashEntry *)NULL == he) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ } else if (he->value != value) {
+ nss_SetError(NSS_ERROR_HASH_COLLISION);
+ } else {
+ hash->count++;
+ error = PR_SUCCESS;
+ }
+
+ (void)PZ_Unlock(hash->mutex);
+
+ return error;
+}
+
+/*
+ * nssHash_Remove
+ *
+ */
+NSS_IMPLEMENT void
+nssHash_Remove(nssHash *hash, const void *it)
+{
+ PRBool found;
+
+ PZ_Lock(hash->mutex);
+
+ found = PL_HashTableRemove(hash->plHashTable, it);
+ if (found) {
+ hash->count--;
+ }
+
+ (void)PZ_Unlock(hash->mutex);
+ return;
+}
+
+/*
+ * nssHash_Count
+ *
+ */
+NSS_IMPLEMENT PRUint32
+nssHash_Count(nssHash *hash)
+{
+ PRUint32 count;
+
+ PZ_Lock(hash->mutex);
+
+ count = hash->count;
+
+ (void)PZ_Unlock(hash->mutex);
+
+ return count;
+}
+
+/*
+ * nssHash_Exists
+ *
+ */
+NSS_IMPLEMENT PRBool
+nssHash_Exists(nssHash *hash, const void *it)
+{
+ void *value;
+
+ PZ_Lock(hash->mutex);
+
+ value = PL_HashTableLookup(hash->plHashTable, it);
+
+ (void)PZ_Unlock(hash->mutex);
+
+ if ((void *)NULL == value) {
+ return PR_FALSE;
+ } else {
+ return PR_TRUE;
+ }
+}
+
+/*
+ * nssHash_Lookup
+ *
+ */
+NSS_IMPLEMENT void *
+nssHash_Lookup(nssHash *hash, const void *it)
+{
+ void *rv;
+
+ PZ_Lock(hash->mutex);
+
+ rv = PL_HashTableLookup(hash->plHashTable, it);
+
+ (void)PZ_Unlock(hash->mutex);
+
+ return rv;
+}
+
+struct arg_str {
+ nssHashIterator fcn;
+ void *closure;
+};
+
+static PRIntn
+nss_hash_enumerator(PLHashEntry *he, PRIntn index, void *arg)
+{
+ struct arg_str *as = (struct arg_str *)arg;
+ as->fcn(he->key, he->value, as->closure);
+ return HT_ENUMERATE_NEXT;
+}
+
+/*
+ * nssHash_Iterate
+ *
+ * NOTE that the iteration function will be called with the hashtable locked.
+ */
+NSS_IMPLEMENT void
+nssHash_Iterate(nssHash *hash, nssHashIterator fcn, void *closure)
+{
+ struct arg_str as;
+ as.fcn = fcn;
+ as.closure = closure;
+
+ PZ_Lock(hash->mutex);
+
+ PL_HashTableEnumerateEntries(hash->plHashTable, nss_hash_enumerator, &as);
+
+ (void)PZ_Unlock(hash->mutex);
+
+ return;
+}
diff --git a/security/nss/lib/base/hashops.c b/security/nss/lib/base/hashops.c
new file mode 100644
index 000000000..57b30dd1f
--- /dev/null
+++ b/security/nss/lib/base/hashops.c
@@ -0,0 +1,64 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * hashops.c
+ *
+ * This file includes a set of PLHashAllocOps that use NSSArenas.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+static void *PR_CALLBACK
+nss_arena_hash_alloc_table(void *pool, PRSize size)
+{
+ NSSArena *arena = (NSSArena *)NULL;
+
+#ifdef NSSDEBUG
+ if ((void *)NULL != arena) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return (void *)NULL;
+ }
+ }
+#endif /* NSSDEBUG */
+
+ return nss_ZAlloc(arena, size);
+}
+
+static void PR_CALLBACK
+nss_arena_hash_free_table(void *pool, void *item)
+{
+ (void)nss_ZFreeIf(item);
+}
+
+static PLHashEntry *PR_CALLBACK
+nss_arena_hash_alloc_entry(void *pool, const void *key)
+{
+ NSSArena *arena = NULL;
+
+#ifdef NSSDEBUG
+ if ((void *)NULL != arena) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ return (void *)NULL;
+ }
+ }
+#endif /* NSSDEBUG */
+
+ return nss_ZNEW(arena, PLHashEntry);
+}
+
+static void PR_CALLBACK
+nss_arena_hash_free_entry(void *pool, PLHashEntry *he, PRUintn flag)
+{
+ if (HT_FREE_ENTRY == flag) {
+ (void)nss_ZFreeIf(he);
+ }
+}
+
+NSS_IMPLEMENT_DATA PLHashAllocOps nssArenaHashAllocOps = {
+ nss_arena_hash_alloc_table, nss_arena_hash_free_table,
+ nss_arena_hash_alloc_entry, nss_arena_hash_free_entry
+};
diff --git a/security/nss/lib/base/item.c b/security/nss/lib/base/item.c
new file mode 100644
index 000000000..a1bb802ed
--- /dev/null
+++ b/security/nss/lib/base/item.c
@@ -0,0 +1,186 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * item.c
+ *
+ * This contains some item-manipulation code.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+/*
+ * nssItem_Create
+ *
+ * -- fgmr comments --
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * A pointer to an NSSItem upon success
+ * NULL upon failure
+ */
+
+NSS_IMPLEMENT NSSItem *
+nssItem_Create(NSSArena *arenaOpt, NSSItem *rvOpt, PRUint32 length,
+ const void *data)
+{
+ NSSItem *rv = (NSSItem *)NULL;
+
+#ifdef DEBUG
+ if ((NSSArena *)NULL != arenaOpt) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ return (NSSItem *)NULL;
+ }
+ }
+
+ if ((const void *)NULL == data) {
+ if (length > 0) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (NSSItem *)NULL;
+ }
+ }
+#endif /* DEBUG */
+
+ if ((NSSItem *)NULL == rvOpt) {
+ rv = (NSSItem *)nss_ZNEW(arenaOpt, NSSItem);
+ if ((NSSItem *)NULL == rv) {
+ goto loser;
+ }
+ } else {
+ rv = rvOpt;
+ }
+
+ rv->size = length;
+ rv->data = nss_ZAlloc(arenaOpt, length);
+ if ((void *)NULL == rv->data) {
+ goto loser;
+ }
+
+ if (length > 0) {
+ (void)nsslibc_memcpy(rv->data, data, length);
+ }
+
+ return rv;
+
+loser:
+ if (rv != rvOpt) {
+ nss_ZFreeIf(rv);
+ }
+
+ return (NSSItem *)NULL;
+}
+
+NSS_IMPLEMENT void
+nssItem_Destroy(NSSItem *item)
+{
+ nss_ClearErrorStack();
+
+ nss_ZFreeIf(item->data);
+ nss_ZFreeIf(item);
+}
+
+/*
+ * nssItem_Duplicate
+ *
+ * -- fgmr comments --
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ * NSS_ERROR_INVALID_ITEM
+ *
+ * Return value:
+ * A pointer to an NSSItem upon success
+ * NULL upon failure
+ */
+
+NSS_IMPLEMENT NSSItem *
+nssItem_Duplicate(NSSItem *obj, NSSArena *arenaOpt, NSSItem *rvOpt)
+{
+#ifdef DEBUG
+ if ((NSSArena *)NULL != arenaOpt) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ return (NSSItem *)NULL;
+ }
+ }
+
+ if ((NSSItem *)NULL == obj) {
+ nss_SetError(NSS_ERROR_INVALID_ITEM);
+ return (NSSItem *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssItem_Create(arenaOpt, rvOpt, obj->size, obj->data);
+}
+
+#ifdef DEBUG
+/*
+ * nssItem_verifyPointer
+ *
+ * -- fgmr comments --
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ITEM
+ *
+ * Return value:
+ * PR_SUCCESS upon success
+ * PR_FAILURE upon failure
+ */
+
+NSS_IMPLEMENT PRStatus
+nssItem_verifyPointer(const NSSItem *item)
+{
+ if (((const NSSItem *)NULL == item) ||
+ (((void *)NULL == item->data) && (item->size > 0))) {
+ nss_SetError(NSS_ERROR_INVALID_ITEM);
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+#endif /* DEBUG */
+
+/*
+ * nssItem_Equal
+ *
+ * -- fgmr comments --
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ITEM
+ *
+ * Return value:
+ * PR_TRUE if the items are identical
+ * PR_FALSE if they aren't
+ * PR_FALSE upon error
+ */
+
+NSS_IMPLEMENT PRBool
+nssItem_Equal(const NSSItem *one, const NSSItem *two, PRStatus *statusOpt)
+{
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ if (((const NSSItem *)NULL == one) && ((const NSSItem *)NULL == two)) {
+ return PR_TRUE;
+ }
+
+ if (((const NSSItem *)NULL == one) || ((const NSSItem *)NULL == two)) {
+ return PR_FALSE;
+ }
+
+ if (one->size != two->size) {
+ return PR_FALSE;
+ }
+
+ return nsslibc_memequal(one->data, two->data, one->size, statusOpt);
+}
diff --git a/security/nss/lib/base/libc.c b/security/nss/lib/base/libc.c
new file mode 100644
index 000000000..7954a3161
--- /dev/null
+++ b/security/nss/lib/base/libc.c
@@ -0,0 +1,143 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * libc.c
+ *
+ * This file contains our wrappers/reimplementations for "standard"
+ * libc functions. Things like "memcpy." We add to this as we need
+ * it. Oh, and let's keep it in alphabetical order, should it ever
+ * get large. Most string/character stuff should be in utf8.c, not
+ * here. This file (and maybe utf8.c) should be the only ones in
+ * NSS to include files with angle brackets.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#include <string.h> /* memcpy, memset */
+
+/*
+ * nsslibc_memcpy
+ * nsslibc_memset
+ * nsslibc_offsetof
+ * nsslibc_memequal
+ */
+
+/*
+ * nsslibc_memcpy
+ *
+ * Errors:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * NULL on error
+ * The destination pointer on success
+ */
+
+NSS_IMPLEMENT void *
+nsslibc_memcpy(void *dest, const void *source, PRUint32 n)
+{
+#ifdef NSSDEBUG
+ if (((void *)NULL == dest) || ((const void *)NULL == source)) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (void *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return memcpy(dest, source, (size_t)n);
+}
+
+/*
+ * nsslibc_memset
+ *
+ * Errors:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * NULL on error
+ * The destination pointer on success
+ */
+
+NSS_IMPLEMENT void *
+nsslibc_memset(void *dest, PRUint8 byte, PRUint32 n)
+{
+#ifdef NSSDEBUG
+ if (((void *)NULL == dest)) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (void *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return memset(dest, (int)byte, (size_t)n);
+}
+
+/*
+ * nsslibc_memequal
+ *
+ * Errors:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_TRUE if they match
+ * PR_FALSE if they don't
+ * PR_FALSE upon error
+ */
+
+NSS_IMPLEMENT PRBool
+nsslibc_memequal(const void *a, const void *b, PRUint32 len,
+ PRStatus *statusOpt)
+{
+#ifdef NSSDEBUG
+ if ((((void *)NULL == a) || ((void *)NULL == b))) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return PR_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ if (0 == memcmp(a, b, len)) {
+ return PR_TRUE;
+ } else {
+ return PR_FALSE;
+ }
+}
+
+/*
+ * nsslibc_memcmp
+ */
+
+NSS_IMPLEMENT PRInt32
+nsslibc_memcmp(const void *a, const void *b, PRUint32 len, PRStatus *statusOpt)
+{
+ int v;
+
+#ifdef NSSDEBUG
+ if ((((void *)NULL == a) || ((void *)NULL == b))) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return -2;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ v = memcmp(a, b, len);
+ return (PRInt32)v;
+}
+
+/*
+ * offsetof is a preprocessor definition
+ */
diff --git a/security/nss/lib/base/list.c b/security/nss/lib/base/list.c
new file mode 100644
index 000000000..e798cf09c
--- /dev/null
+++ b/security/nss/lib/base/list.c
@@ -0,0 +1,405 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * list.c
+ *
+ * This contains the implementation of NSS's thread-safe linked list.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+struct nssListElementStr {
+ PRCList link;
+ void *data;
+};
+
+typedef struct nssListElementStr nssListElement;
+
+struct nssListStr {
+ NSSArena *arena;
+ PZLock *lock;
+ nssListElement *head;
+ PRUint32 count;
+ nssListCompareFunc compareFunc;
+ nssListSortFunc sortFunc;
+ PRBool i_alloced_arena;
+};
+
+struct nssListIteratorStr {
+ PZLock *lock;
+ nssList *list;
+ nssListElement *current;
+};
+
+#define NSSLIST_LOCK_IF(list) \
+ if ((list)->lock) \
+ PZ_Lock((list)->lock)
+
+#define NSSLIST_UNLOCK_IF(list) \
+ if ((list)->lock) \
+ PZ_Unlock((list)->lock)
+
+static PRBool
+pointer_compare(void *a, void *b)
+{
+ return (PRBool)(a == b);
+}
+
+static nssListElement *
+nsslist_get_matching_element(nssList *list, void *data)
+{
+ nssListElement *node;
+ node = list->head;
+ if (!node) {
+ return NULL;
+ }
+ while (node) {
+ /* using a callback slows things down when it's just compare ... */
+ if (list->compareFunc(node->data, data)) {
+ break;
+ }
+ if (&node->link == PR_LIST_TAIL(&list->head->link)) {
+ node = NULL;
+ break;
+ }
+ node = (nssListElement *)PR_NEXT_LINK(&node->link);
+ }
+ return node;
+}
+
+NSS_IMPLEMENT nssList *
+nssList_Create(NSSArena *arenaOpt, PRBool threadSafe)
+{
+ NSSArena *arena;
+ nssList *list;
+ PRBool i_alloced;
+ if (arenaOpt) {
+ arena = arenaOpt;
+ i_alloced = PR_FALSE;
+ } else {
+ arena = nssArena_Create();
+ i_alloced = PR_TRUE;
+ }
+ if (!arena) {
+ return (nssList *)NULL;
+ }
+ list = nss_ZNEW(arena, nssList);
+ if (!list) {
+ if (!arenaOpt) {
+ NSSArena_Destroy(arena);
+ }
+ return (nssList *)NULL;
+ }
+ if (threadSafe) {
+ list->lock = PZ_NewLock(nssILockOther);
+ if (!list->lock) {
+ if (arenaOpt) {
+ nss_ZFreeIf(list);
+ } else {
+ NSSArena_Destroy(arena);
+ }
+ return (nssList *)NULL;
+ }
+ }
+ list->arena = arena;
+ list->i_alloced_arena = i_alloced;
+ list->compareFunc = pointer_compare;
+ return list;
+}
+
+NSS_IMPLEMENT PRStatus
+nssList_Destroy(nssList *list)
+{
+ if (!list) {
+ return PR_SUCCESS;
+ }
+ if (!list->i_alloced_arena) {
+ nssList_Clear(list, NULL);
+ }
+ if (list->lock) {
+ (void)PZ_DestroyLock(list->lock);
+ }
+ if (list->i_alloced_arena) {
+ NSSArena_Destroy(list->arena);
+ list = NULL;
+ }
+ nss_ZFreeIf(list);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT void
+nssList_SetCompareFunction(nssList *list, nssListCompareFunc compareFunc)
+{
+ list->compareFunc = compareFunc;
+}
+
+NSS_IMPLEMENT void
+nssList_SetSortFunction(nssList *list, nssListSortFunc sortFunc)
+{
+ /* XXX if list already has elements, sort them */
+ list->sortFunc = sortFunc;
+}
+
+NSS_IMPLEMENT nssListCompareFunc
+nssList_GetCompareFunction(nssList *list)
+{
+ return list->compareFunc;
+}
+
+NSS_IMPLEMENT void
+nssList_Clear(nssList *list, nssListElementDestructorFunc destructor)
+{
+ PRCList *link;
+ nssListElement *node, *tmp;
+ if (!list) {
+ return;
+ }
+ NSSLIST_LOCK_IF(list);
+ node = list->head;
+ list->head = NULL;
+ while (node && list->count > 0) {
+ if (destructor)
+ (*destructor)(node->data);
+ link = &node->link;
+ tmp = (nssListElement *)PR_NEXT_LINK(link);
+ PR_REMOVE_LINK(link);
+ nss_ZFreeIf(node);
+ node = tmp;
+ --list->count;
+ }
+ NSSLIST_UNLOCK_IF(list);
+}
+
+static PRStatus
+nsslist_add_element(nssList *list, void *data)
+{
+ nssListElement *node = nss_ZNEW(list->arena, nssListElement);
+ if (!node) {
+ return PR_FAILURE;
+ }
+ PR_INIT_CLIST(&node->link);
+ node->data = data;
+ if (list->head) {
+ if (list->sortFunc) {
+ PRCList *link;
+ nssListElement *currNode;
+ currNode = list->head;
+ /* insert in ordered list */
+ while (currNode) {
+ link = &currNode->link;
+ if (list->sortFunc(data, currNode->data) <= 0) {
+ /* new element goes before current node */
+ PR_INSERT_BEFORE(&node->link, link);
+ /* reset head if this is first */
+ if (currNode == list->head)
+ list->head = node;
+ break;
+ }
+ if (link == PR_LIST_TAIL(&list->head->link)) {
+ /* reached end of list, append */
+ PR_INSERT_AFTER(&node->link, link);
+ break;
+ }
+ currNode = (nssListElement *)PR_NEXT_LINK(&currNode->link);
+ }
+ } else {
+ /* not sorting */
+ PR_APPEND_LINK(&node->link, &list->head->link);
+ }
+ } else {
+ list->head = node;
+ }
+ ++list->count;
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssList_Add(nssList *list, void *data)
+{
+ NSSLIST_LOCK_IF(list);
+ (void)nsslist_add_element(list, data);
+ NSSLIST_UNLOCK_IF(list);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssList_AddUnique(nssList *list, void *data)
+{
+ PRStatus nssrv;
+ nssListElement *node;
+ NSSLIST_LOCK_IF(list);
+ node = nsslist_get_matching_element(list, data);
+ if (node) {
+ /* already in, finish */
+ NSSLIST_UNLOCK_IF(list);
+ return PR_SUCCESS;
+ }
+ nssrv = nsslist_add_element(list, data);
+ NSSLIST_UNLOCK_IF(list);
+ return nssrv;
+}
+
+NSS_IMPLEMENT PRStatus
+nssList_Remove(nssList *list, void *data)
+{
+ nssListElement *node;
+ NSSLIST_LOCK_IF(list);
+ node = nsslist_get_matching_element(list, data);
+ if (node) {
+ if (node == list->head) {
+ list->head = (nssListElement *)PR_NEXT_LINK(&node->link);
+ }
+ PR_REMOVE_LINK(&node->link);
+ nss_ZFreeIf(node);
+ if (--list->count == 0) {
+ list->head = NULL;
+ }
+ }
+ NSSLIST_UNLOCK_IF(list);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT void *
+nssList_Get(nssList *list, void *data)
+{
+ nssListElement *node;
+ NSSLIST_LOCK_IF(list);
+ node = nsslist_get_matching_element(list, data);
+ NSSLIST_UNLOCK_IF(list);
+ return (node) ? node->data : NULL;
+}
+
+NSS_IMPLEMENT PRUint32
+nssList_Count(nssList *list)
+{
+ return list->count;
+}
+
+NSS_IMPLEMENT PRStatus
+nssList_GetArray(nssList *list, void **rvArray, PRUint32 maxElements)
+{
+ nssListElement *node;
+ PRUint32 i = 0;
+ PR_ASSERT(maxElements > 0);
+ node = list->head;
+ if (!node) {
+ return PR_SUCCESS;
+ }
+ NSSLIST_LOCK_IF(list);
+ while (node) {
+ rvArray[i++] = node->data;
+ if (i == maxElements)
+ break;
+ node = (nssListElement *)PR_NEXT_LINK(&node->link);
+ if (node == list->head) {
+ break;
+ }
+ }
+ NSSLIST_UNLOCK_IF(list);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT nssList *
+nssList_Clone(nssList *list)
+{
+ nssList *rvList;
+ nssListElement *node;
+ rvList = nssList_Create(NULL, (list->lock != NULL));
+ if (!rvList) {
+ return NULL;
+ }
+ NSSLIST_LOCK_IF(list);
+ if (list->count > 0) {
+ node = list->head;
+ while (PR_TRUE) {
+ nssList_Add(rvList, node->data);
+ node = (nssListElement *)PR_NEXT_LINK(&node->link);
+ if (node == list->head) {
+ break;
+ }
+ }
+ }
+ NSSLIST_UNLOCK_IF(list);
+ return rvList;
+}
+
+NSS_IMPLEMENT nssListIterator *
+nssList_CreateIterator(nssList *list)
+{
+ nssListIterator *rvIterator;
+ rvIterator = nss_ZNEW(NULL, nssListIterator);
+ if (!rvIterator) {
+ return NULL;
+ }
+ rvIterator->list = nssList_Clone(list);
+ if (!rvIterator->list) {
+ nss_ZFreeIf(rvIterator);
+ return NULL;
+ }
+ rvIterator->current = rvIterator->list->head;
+ if (list->lock) {
+ rvIterator->lock = PZ_NewLock(nssILockOther);
+ if (!rvIterator->lock) {
+ nssList_Destroy(rvIterator->list);
+ nss_ZFreeIf(rvIterator);
+ rvIterator = NULL;
+ }
+ }
+ return rvIterator;
+}
+
+NSS_IMPLEMENT void
+nssListIterator_Destroy(nssListIterator *iter)
+{
+ if (iter->lock) {
+ (void)PZ_DestroyLock(iter->lock);
+ }
+ if (iter->list) {
+ nssList_Destroy(iter->list);
+ }
+ nss_ZFreeIf(iter);
+}
+
+NSS_IMPLEMENT void *
+nssListIterator_Start(nssListIterator *iter)
+{
+ NSSLIST_LOCK_IF(iter);
+ if (iter->list->count == 0) {
+ return NULL;
+ }
+ iter->current = iter->list->head;
+ return iter->current->data;
+}
+
+NSS_IMPLEMENT void *
+nssListIterator_Next(nssListIterator *iter)
+{
+ nssListElement *node;
+ PRCList *link;
+ if (iter->list->count == 1 || iter->current == NULL) {
+ /* Reached the end of the list. Don't change the state, force to
+ * user to call nssList_Finish to clean up.
+ */
+ return NULL;
+ }
+ node = (nssListElement *)PR_NEXT_LINK(&iter->current->link);
+ link = &node->link;
+ if (link == PR_LIST_TAIL(&iter->list->head->link)) {
+ /* Signal the end of the list. */
+ iter->current = NULL;
+ return node->data;
+ }
+ iter->current = node;
+ return node->data;
+}
+
+NSS_IMPLEMENT PRStatus
+nssListIterator_Finish(nssListIterator *iter)
+{
+ iter->current = iter->list->head;
+ return (iter->lock) ? PZ_Unlock(iter->lock) : PR_SUCCESS;
+}
diff --git a/security/nss/lib/base/manifest.mn b/security/nss/lib/base/manifest.mn
new file mode 100644
index 000000000..da3a0f336
--- /dev/null
+++ b/security/nss/lib/base/manifest.mn
@@ -0,0 +1,38 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+PRIVATE_EXPORTS = \
+ baset.h \
+ base.h \
+ $(NULL)
+
+EXPORTS = \
+ nssbaset.h \
+ nssbase.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ arena.c \
+ error.c \
+ errorval.c \
+ hashops.c \
+ libc.c \
+ tracker.c \
+ item.c \
+ utf8.c \
+ list.c \
+ hash.c \
+ $(NULL)
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nssb
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/base/nssbase.h b/security/nss/lib/base/nssbase.h
new file mode 100644
index 000000000..02e285fba
--- /dev/null
+++ b/security/nss/lib/base/nssbase.h
@@ -0,0 +1,233 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSBASE_H
+#define NSSBASE_H
+
+/*
+ * nssbase.h
+ *
+ * This header file contains the prototypes of the basic public
+ * NSS routines.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * NSSArena
+ *
+ * The public methods relating to this type are:
+ *
+ * NSSArena_Create -- constructor
+ * NSSArena_Destroy
+ * NSS_ZAlloc
+ * NSS_ZRealloc
+ * NSS_ZFreeIf
+ */
+
+/*
+ * NSSArena_Create
+ *
+ * This routine creates a new memory arena. This routine may return
+ * NULL upon error, in which case it will have created an error stack.
+ *
+ * The top-level error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to an NSSArena upon success
+ */
+
+NSS_EXTERN NSSArena *NSSArena_Create(void);
+
+extern const NSSError NSS_ERROR_NO_MEMORY;
+
+/*
+ * NSSArena_Destroy
+ *
+ * This routine will destroy the specified arena, freeing all memory
+ * allocated from it. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCESS. If unsuccessful, it will
+ * create an error stack and return PR_FAILURE.
+ *
+ * The top-level error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ *
+ * Return value:
+ * PR_SUCCESS upon success
+ * PR_FAILURE upon failure
+ */
+
+NSS_EXTERN PRStatus NSSArena_Destroy(NSSArena *arena);
+
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+
+/*
+ * The error stack
+ *
+ * The public methods relating to the error stack are:
+ *
+ * NSS_GetError
+ * NSS_GetErrorStack
+ */
+
+/*
+ * NSS_GetError
+ *
+ * This routine returns the highest-level (most general) error set
+ * by the most recent NSS library routine called by the same thread
+ * calling this routine.
+ *
+ * This routine cannot fail. It may return NSS_ERROR_NO_ERROR, which
+ * indicates that the previous NSS library call did not set an error.
+ *
+ * Return value:
+ * 0 if no error has been set
+ * A nonzero error number
+ */
+
+NSS_EXTERN NSSError NSS_GetError(void);
+
+extern const NSSError NSS_ERROR_NO_ERROR;
+
+/*
+ * NSS_GetErrorStack
+ *
+ * This routine returns a pointer to an array of NSSError values,
+ * containingthe entire sequence or "stack" of errors set by the most
+ * recent NSS library routine called by the same thread calling this
+ * routine. NOTE: the caller DOES NOT OWN the memory pointed to by
+ * the return value. The pointer will remain valid until the calling
+ * thread calls another NSS routine. The lowest-level (most specific)
+ * error is first in the array, and the highest-level is last. The
+ * array is zero-terminated. This routine may return NULL upon error;
+ * this indicates a low-memory situation.
+ *
+ * Return value:
+ * NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
+ * A NON-caller-owned pointer to an array of NSSError values
+ */
+
+NSS_EXTERN NSSError *NSS_GetErrorStack(void);
+
+/*
+ * NSS_ZNEW
+ *
+ * This preprocessor macro will allocate memory for a new object
+ * of the specified type with nss_ZAlloc, and will cast the
+ * return value appropriately. If the optional arena argument is
+ * non-null, the memory will be obtained from that arena; otherwise,
+ * the memory will be obtained from the heap. This routine may
+ * return NULL upon error, in which case it will have set an error
+ * upon the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+#define NSS_ZNEW(arenaOpt, type) ((type *)NSS_ZAlloc((arenaOpt), sizeof(type)))
+
+/*
+ * NSS_ZNEWARRAY
+ *
+ * This preprocessor macro will allocate memory for an array of
+ * new objects, and will cast the return value appropriately.
+ * If the optional arena argument is non-null, the memory will
+ * be obtained from that arena; otherwise, the memory will be
+ * obtained from the heap. This routine may return NULL upon
+ * error, in which case it will have set an error upon the error
+ * stack. The array size may be specified as zero.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+#define NSS_ZNEWARRAY(arenaOpt, type, quantity) \
+ ((type *)NSS_ZAlloc((arenaOpt), sizeof(type) * (quantity)))
+
+/*
+ * NSS_ZAlloc
+ *
+ * This routine allocates and zeroes a section of memory of the
+ * size, and returns to the caller a pointer to that memory. If
+ * the optional arena argument is non-null, the memory will be
+ * obtained from that arena; otherwise, the memory will be obtained
+ * from the heap. This routine may return NULL upon error, in
+ * which case it will have set an error upon the error stack. The
+ * value specified for size may be zero; in which case a valid
+ * zero-length block of memory will be allocated. This block may
+ * be expanded by calling NSS_ZRealloc.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the new segment of zeroed memory
+ */
+
+NSS_EXTERN void *NSS_ZAlloc(NSSArena *arenaOpt, PRUint32 size);
+
+/*
+ * NSS_ZRealloc
+ *
+ * This routine reallocates a block of memory obtained by calling
+ * nss_ZAlloc or nss_ZRealloc. The portion of memory
+ * between the new and old sizes -- which is either being newly
+ * obtained or released -- is in either case zeroed. This routine
+ * may return NULL upon failure, in which case it will have placed
+ * an error on the error stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
+ *
+ * Return value:
+ * NULL upon error
+ * A pointer to the replacement segment of memory
+ */
+
+NSS_EXTERN void *NSS_ZRealloc(void *pointer, PRUint32 newSize);
+
+/*
+ * NSS_ZFreeIf
+ *
+ * If the specified pointer is non-null, then the region of memory
+ * to which it points -- which must have been allocated with
+ * nss_ZAlloc -- will be zeroed and released. This routine
+ * returns a PRStatus value; if successful, it will return PR_SUCCESS.
+ * If unsuccessful, it will set an error on the error stack and return
+ * PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_EXTERN PRStatus NSS_ZFreeIf(void *pointer);
+
+PR_END_EXTERN_C
+
+#endif /* NSSBASE_H */
diff --git a/security/nss/lib/base/nssbaset.h b/security/nss/lib/base/nssbaset.h
new file mode 100644
index 000000000..8bc556e6e
--- /dev/null
+++ b/security/nss/lib/base/nssbaset.h
@@ -0,0 +1,118 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSBASET_H
+#define NSSBASET_H
+
+/*
+ * nssbaset.h
+ *
+ * This file contains the most low-level, fundamental public types.
+ */
+
+#include "nspr.h"
+#include "nssilock.h"
+
+/*
+ * NSS_EXTERN, NSS_IMPLEMENT, NSS_EXTERN_DATA, NSS_IMPLEMENT_DATA
+ *
+ * NSS has its own versions of these NSPR macros, in a form which
+ * does not confuse ctags and other related utilities. NSPR
+ * defines these macros to take the type as an argument, because
+ * of certain OS requirements on platforms not supported by NSS.
+ */
+
+#define DUMMY /* dummy */
+#define NSS_EXTERN extern
+#define NSS_EXTERN_DATA extern
+#define NSS_IMPLEMENT
+#define NSS_IMPLEMENT_DATA
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * NSSError
+ *
+ * Calls to NSS routines may result in one or more errors being placed
+ * on the calling thread's "error stack." Every possible error that
+ * may be returned from a function is declared where the function is
+ * prototyped. All errors are of the following type.
+ */
+
+typedef PRInt32 NSSError;
+
+/*
+ * NSSArena
+ *
+ * Arenas are logical sets of heap memory, from which memory may be
+ * allocated. When an arena is destroyed, all memory allocated within
+ * that arena is implicitly freed. These arenas are thread-safe:
+ * an arena pointer may be used by multiple threads simultaneously.
+ * However, as they are not backed by shared memory, they may only be
+ * used within one process.
+ */
+
+struct NSSArenaStr;
+typedef struct NSSArenaStr NSSArena;
+
+/*
+ * NSSItem
+ *
+ * This is the basic type used to refer to an unconstrained datum of
+ * arbitrary size.
+ */
+
+struct NSSItemStr {
+ void *data;
+ PRUint32 size;
+};
+typedef struct NSSItemStr NSSItem;
+
+/*
+ * NSSBER
+ *
+ * Data packed according to the Basic Encoding Rules of ASN.1.
+ */
+
+typedef NSSItem NSSBER;
+
+/*
+ * NSSDER
+ *
+ * Data packed according to the Distinguished Encoding Rules of ASN.1;
+ * this form is also known as the Canonical Encoding Rules form (CER).
+ */
+
+typedef NSSBER NSSDER;
+
+/*
+ * NSSBitString
+ *
+ * Some ASN.1 types use "bit strings," which are passed around as
+ * octet strings but whose length is counted in bits. We use this
+ * typedef of NSSItem to point out the occasions when the length
+ * is counted in bits, not octets.
+ */
+
+typedef NSSItem NSSBitString;
+
+/*
+ * NSSUTF8
+ *
+ * Character strings encoded in UTF-8, as defined by RFC 2279.
+ */
+
+typedef char NSSUTF8;
+
+/*
+ * NSSASCII7
+ *
+ * Character strings guaranteed to be 7-bit ASCII.
+ */
+
+typedef char NSSASCII7;
+
+PR_END_EXTERN_C
+
+#endif /* NSSBASET_H */
diff --git a/security/nss/lib/base/tracker.c b/security/nss/lib/base/tracker.c
new file mode 100644
index 000000000..850add7c4
--- /dev/null
+++ b/security/nss/lib/base/tracker.c
@@ -0,0 +1,378 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * tracker.c
+ *
+ * This file contains the code used by the pointer-tracking calls used
+ * in the debug builds to catch bad pointers. The entire contents are
+ * only available in debug builds (both internal and external builds).
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#ifdef DEBUG
+/*
+ * identity_hash
+ *
+ * This static callback is a PLHashFunction as defined in plhash.h
+ * It merely returns the value of the object pointer as its hash.
+ * There are no possible errors.
+ */
+
+static PLHashNumber PR_CALLBACK
+identity_hash(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+/*
+ * trackerOnceFunc
+ *
+ * This function is called once, using the nssCallOnce function above.
+ * It creates a new pointer tracker object; initialising its hash
+ * table and protective lock.
+ */
+
+static PRStatus
+trackerOnceFunc(void *arg)
+{
+ nssPointerTracker *tracker = (nssPointerTracker *)arg;
+
+ tracker->lock = PZ_NewLock(nssILockOther);
+ if ((PZLock *)NULL == tracker->lock) {
+ return PR_FAILURE;
+ }
+
+ tracker->table =
+ PL_NewHashTable(0, identity_hash, PL_CompareValues, PL_CompareValues,
+ (PLHashAllocOps *)NULL, (void *)NULL);
+ if ((PLHashTable *)NULL == tracker->table) {
+ PZ_DestroyLock(tracker->lock);
+ tracker->lock = (PZLock *)NULL;
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+
+/*
+ * nssPointerTracker_initialize
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine initializes an nssPointerTracker object. Note that
+ * the object must have been declared *static* to guarantee that it
+ * is in a zeroed state initially. This routine is idempotent, and
+ * may even be safely called by multiple threads simultaneously with
+ * the same argument. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCESS. On failure it will set an
+ * error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_NO_MEMORY
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssPointerTracker_initialize(nssPointerTracker *tracker)
+{
+ PRStatus rv = PR_CallOnceWithArg(&tracker->once, trackerOnceFunc, tracker);
+ if (PR_SUCCESS != rv) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ }
+
+ return rv;
+}
+
+#ifdef DONT_DESTROY_EMPTY_TABLES
+/* See same #ifdef below */
+/*
+ * count_entries
+ *
+ * This static routine is a PLHashEnumerator, as defined in plhash.h.
+ * It merely causes the enumeration function to count the number of
+ * entries.
+ */
+
+static PRIntn PR_CALLBACK
+count_entries(PLHashEntry *he, PRIntn index, void *arg)
+{
+ return HT_ENUMERATE_NEXT;
+}
+#endif /* DONT_DESTROY_EMPTY_TABLES */
+
+/*
+ * zero_once
+ *
+ * This is a guaranteed zeroed once block. It's used to help clear
+ * the tracker.
+ */
+
+static const PRCallOnceType zero_once;
+
+/*
+ * nssPointerTracker_finalize
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine returns the nssPointerTracker object to the pre-
+ * initialized state, releasing all resources used by the object.
+ * It will *NOT* destroy the objects being tracked by the pointer
+ * (should any remain), and therefore cannot be used to "sweep up"
+ * remaining objects. This routine returns a PRStatus value; if
+ * successful, it will return PR_SUCCES. On failure it will set an
+ * error on the error stack and return PR_FAILURE. If any objects
+ * remain in the tracker when it is finalized, that will be treated
+ * as an error.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_TRACKER_NOT_INITIALIZED
+ * NSS_ERROR_TRACKER_NOT_EMPTY
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssPointerTracker_finalize(nssPointerTracker *tracker)
+{
+ PZLock *lock;
+
+ if ((nssPointerTracker *)NULL == tracker) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return PR_FAILURE;
+ }
+
+ if ((PZLock *)NULL == tracker->lock) {
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ lock = tracker->lock;
+ PZ_Lock(lock);
+
+ if ((PLHashTable *)NULL == tracker->table) {
+ PZ_Unlock(lock);
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+#ifdef DONT_DESTROY_EMPTY_TABLES
+ /*
+ * I changed my mind; I think we don't want this after all.
+ * Comments?
+ */
+ count = PL_HashTableEnumerateEntries(tracker->table, count_entries,
+ (void *)NULL);
+
+ if (0 != count) {
+ PZ_Unlock(lock);
+ nss_SetError(NSS_ERROR_TRACKER_NOT_EMPTY);
+ return PR_FAILURE;
+ }
+#endif /* DONT_DESTROY_EMPTY_TABLES */
+
+ PL_HashTableDestroy(tracker->table);
+ /* memset(tracker, 0, sizeof(nssPointerTracker)); */
+ tracker->once = zero_once;
+ tracker->lock = (PZLock *)NULL;
+ tracker->table = (PLHashTable *)NULL;
+
+ PZ_Unlock(lock);
+ PZ_DestroyLock(lock);
+
+ return PR_SUCCESS;
+}
+
+/*
+ * nssPointerTracker_add
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine adds the specified pointer to the nssPointerTracker
+ * object. It should be called in constructor objects to register
+ * new valid objects. The nssPointerTracker is threadsafe, but this
+ * call is not idempotent. This routine returns a PRStatus value;
+ * if successful it will return PR_SUCCESS. On failure it will set
+ * an error on the error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_TRACKER_NOT_INITIALIZED
+ * NSS_ERROR_DUPLICATE_POINTER
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssPointerTracker_add(nssPointerTracker *tracker, const void *pointer)
+{
+ void *check;
+ PLHashEntry *entry;
+
+ if ((nssPointerTracker *)NULL == tracker) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return PR_FAILURE;
+ }
+
+ if ((PZLock *)NULL == tracker->lock) {
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ PZ_Lock(tracker->lock);
+
+ if ((PLHashTable *)NULL == tracker->table) {
+ PZ_Unlock(tracker->lock);
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ check = PL_HashTableLookup(tracker->table, pointer);
+ if ((void *)NULL != check) {
+ PZ_Unlock(tracker->lock);
+ nss_SetError(NSS_ERROR_DUPLICATE_POINTER);
+ return PR_FAILURE;
+ }
+
+ entry = PL_HashTableAdd(tracker->table, pointer, (void *)pointer);
+
+ PZ_Unlock(tracker->lock);
+
+ if ((PLHashEntry *)NULL == entry) {
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+
+/*
+ * nssPointerTracker_remove
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine removes the specified pointer from the
+ * nssPointerTracker object. It does not call any destructor for the
+ * object; rather, this should be called from the object's destructor.
+ * The nssPointerTracker is threadsafe, but this call is not
+ * idempotent. This routine returns a PRStatus value; if successful
+ * it will return PR_SUCCESS. On failure it will set an error on the
+ * error stack and return PR_FAILURE.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_TRACKER_NOT_INITIALIZED
+ * NSS_ERROR_POINTER_NOT_REGISTERED
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILURE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssPointerTracker_remove(nssPointerTracker *tracker, const void *pointer)
+{
+ PRBool registered;
+
+ if ((nssPointerTracker *)NULL == tracker) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return PR_FAILURE;
+ }
+
+ if ((PZLock *)NULL == tracker->lock) {
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ PZ_Lock(tracker->lock);
+
+ if ((PLHashTable *)NULL == tracker->table) {
+ PZ_Unlock(tracker->lock);
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ registered = PL_HashTableRemove(tracker->table, pointer);
+ PZ_Unlock(tracker->lock);
+
+ if (!registered) {
+ nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+
+/*
+ * nssPointerTracker_verify
+ *
+ * This method is only present in debug builds.
+ *
+ * This routine verifies that the specified pointer has been registered
+ * with the nssPointerTracker object. The nssPointerTracker object is
+ * threadsafe, and this call may be safely called from multiple threads
+ * simultaneously with the same arguments. This routine returns a
+ * PRStatus value; if the pointer is registered this will return
+ * PR_SUCCESS. Otherwise it will set an error on the error stack and
+ * return PR_FAILURE. Although the error is suitable for leaving on
+ * the stack, callers may wish to augment the information available by
+ * placing a more type-specific error on the stack.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_TRACKER_NOT_INITIALIZED
+ * NSS_ERROR_POINTER_NOT_REGISTERED
+ *
+ * Return value:
+ * PR_SUCCESS
+ * PR_FAILRUE
+ */
+
+NSS_IMPLEMENT PRStatus
+nssPointerTracker_verify(nssPointerTracker *tracker, const void *pointer)
+{
+ void *check;
+
+ if ((nssPointerTracker *)NULL == tracker) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return PR_FAILURE;
+ }
+
+ if ((PZLock *)NULL == tracker->lock) {
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ PZ_Lock(tracker->lock);
+
+ if ((PLHashTable *)NULL == tracker->table) {
+ PZ_Unlock(tracker->lock);
+ nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+
+ check = PL_HashTableLookup(tracker->table, pointer);
+ PZ_Unlock(tracker->lock);
+
+ if ((void *)NULL == check) {
+ nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+
+#endif /* DEBUG */
diff --git a/security/nss/lib/base/utf8.c b/security/nss/lib/base/utf8.c
new file mode 100644
index 000000000..6d7b6a015
--- /dev/null
+++ b/security/nss/lib/base/utf8.c
@@ -0,0 +1,679 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * utf8.c
+ *
+ * This file contains some additional utility routines required for
+ * handling UTF8 strings.
+ */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#include "plstr.h"
+
+/*
+ * NOTES:
+ *
+ * There's an "is hex string" function in pki1/atav.c. If we need
+ * it in more places, pull that one out.
+ */
+
+/*
+ * nssUTF8_CaseIgnoreMatch
+ *
+ * Returns true if the two UTF8-encoded strings pointed to by the
+ * two specified NSSUTF8 pointers differ only in typcase.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_TRUE if the strings match, ignoring case
+ * PR_FALSE if they don't
+ * PR_FALSE upon error
+ */
+
+NSS_IMPLEMENT PRBool
+nssUTF8_CaseIgnoreMatch(const NSSUTF8 *a, const NSSUTF8 *b, PRStatus *statusOpt)
+{
+#ifdef NSSDEBUG
+ if (((const NSSUTF8 *)NULL == a) || ((const NSSUTF8 *)NULL == b)) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return PR_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ /*
+ * XXX fgmr
+ *
+ * This is, like, so wrong!
+ */
+ if (0 == PL_strcasecmp((const char *)a, (const char *)b)) {
+ return PR_TRUE;
+ } else {
+ return PR_FALSE;
+ }
+}
+
+/*
+ * nssUTF8_PrintableMatch
+ *
+ * Returns true if the two Printable strings pointed to by the
+ * two specified NSSUTF8 pointers match when compared with the
+ * rules for Printable String (leading and trailing spaces are
+ * disregarded, extents of whitespace match irregardless of length,
+ * and case is not significant), then PR_TRUE will be returned.
+ * Otherwise, PR_FALSE will be returned. Upon failure, PR_FALSE
+ * will be returned. If the optional statusOpt argument is not
+ * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
+ * location.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ *
+ * Return value:
+ * PR_TRUE if the strings match, ignoring case
+ * PR_FALSE if they don't
+ * PR_FALSE upon error
+ */
+
+NSS_IMPLEMENT PRBool
+nssUTF8_PrintableMatch(const NSSUTF8 *a, const NSSUTF8 *b, PRStatus *statusOpt)
+{
+ PRUint8 *c;
+ PRUint8 *d;
+
+#ifdef NSSDEBUG
+ if (((const NSSUTF8 *)NULL == a) || ((const NSSUTF8 *)NULL == b)) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return PR_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ c = (PRUint8 *)a;
+ d = (PRUint8 *)b;
+
+ while (' ' == *c) {
+ c++;
+ }
+
+ while (' ' == *d) {
+ d++;
+ }
+
+ while (('\0' != *c) && ('\0' != *d)) {
+ PRUint8 e, f;
+
+ e = *c;
+ f = *d;
+
+ if (('a' <= e) && (e <= 'z')) {
+ e -= ('a' - 'A');
+ }
+
+ if (('a' <= f) && (f <= 'z')) {
+ f -= ('a' - 'A');
+ }
+
+ if (e != f) {
+ return PR_FALSE;
+ }
+
+ c++;
+ d++;
+
+ if (' ' == *c) {
+ while (' ' == *c) {
+ c++;
+ }
+ c--;
+ }
+
+ if (' ' == *d) {
+ while (' ' == *d) {
+ d++;
+ }
+ d--;
+ }
+ }
+
+ while (' ' == *c) {
+ c++;
+ }
+
+ while (' ' == *d) {
+ d++;
+ }
+
+ if (*c == *d) {
+ /* And both '\0', btw */
+ return PR_TRUE;
+ } else {
+ return PR_FALSE;
+ }
+}
+
+/*
+ * nssUTF8_Duplicate
+ *
+ * This routine duplicates the UTF8-encoded string pointed to by the
+ * specified NSSUTF8 pointer. If the optional arenaOpt argument is
+ * not null, the memory required will be obtained from that arena;
+ * otherwise, the memory required will be obtained from the heap.
+ * A pointer to the new string will be returned. In case of error,
+ * an error will be placed on the error stack and NULL will be
+ * returned.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_INVALID_ARENA
+ * NSS_ERROR_NO_MEMORY
+ */
+
+NSS_IMPLEMENT NSSUTF8 *
+nssUTF8_Duplicate(const NSSUTF8 *s, NSSArena *arenaOpt)
+{
+ NSSUTF8 *rv;
+ PRUint32 len;
+
+#ifdef NSSDEBUG
+ if ((const NSSUTF8 *)NULL == s) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (NSSUTF8 *)NULL;
+ }
+
+ if ((NSSArena *)NULL != arenaOpt) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ return (NSSUTF8 *)NULL;
+ }
+ }
+#endif /* NSSDEBUG */
+
+ len = PL_strlen((const char *)s);
+#ifdef PEDANTIC
+ if ('\0' != ((const char *)s)[len]) {
+ /* must have wrapped, e.g., too big for PRUint32 */
+ nss_SetError(NSS_ERROR_NO_MEMORY);
+ return (NSSUTF8 *)NULL;
+ }
+#endif /* PEDANTIC */
+ len++; /* zero termination */
+
+ rv = nss_ZAlloc(arenaOpt, len);
+ if ((void *)NULL == rv) {
+ return (NSSUTF8 *)NULL;
+ }
+
+ (void)nsslibc_memcpy(rv, s, len);
+ return rv;
+}
+
+/*
+ * nssUTF8_Size
+ *
+ * This routine returns the length in bytes (including the terminating
+ * null) of the UTF8-encoded string pointed to by the specified
+ * NSSUTF8 pointer. Zero is returned on error.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_VALUE_TOO_LARGE
+ *
+ * Return value:
+ * 0 on error
+ * nonzero length of the string.
+ */
+
+NSS_IMPLEMENT PRUint32
+nssUTF8_Size(const NSSUTF8 *s, PRStatus *statusOpt)
+{
+ PRUint32 sv;
+
+#ifdef NSSDEBUG
+ if ((const NSSUTF8 *)NULL == s) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return 0;
+ }
+#endif /* NSSDEBUG */
+
+ sv = PL_strlen((const char *)s) + 1;
+#ifdef PEDANTIC
+ if ('\0' != ((const char *)s)[sv - 1]) {
+ /* wrapped */
+ nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return 0;
+ }
+#endif /* PEDANTIC */
+
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ return sv;
+}
+
+/*
+ * nssUTF8_Length
+ *
+ * This routine returns the length in characters (not including the
+ * terminating null) of the UTF8-encoded string pointed to by the
+ * specified NSSUTF8 pointer.
+ *
+ * The error may be one of the following values:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_VALUE_TOO_LARGE
+ * NSS_ERROR_INVALID_STRING
+ *
+ * Return value:
+ * length of the string (which may be zero)
+ * 0 on error
+ */
+
+NSS_IMPLEMENT PRUint32
+nssUTF8_Length(const NSSUTF8 *s, PRStatus *statusOpt)
+{
+ PRUint32 l = 0;
+ const PRUint8 *c = (const PRUint8 *)s;
+
+#ifdef NSSDEBUG
+ if ((const NSSUTF8 *)NULL == s) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ goto loser;
+ }
+#endif /* NSSDEBUG */
+
+ /*
+ * From RFC 2044:
+ *
+ * UCS-4 range (hex.) UTF-8 octet sequence (binary)
+ * 0000 0000-0000 007F 0xxxxxxx
+ * 0000 0080-0000 07FF 110xxxxx 10xxxxxx
+ * 0000 0800-0000 FFFF 1110xxxx 10xxxxxx 10xxxxxx
+ * 0001 0000-001F FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * 0020 0000-03FF FFFF 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * 0400 0000-7FFF FFFF 1111110x 10xxxxxx ... 10xxxxxx
+ */
+
+ while (0 != *c) {
+ PRUint32 incr;
+ if ((*c & 0x80) == 0) {
+ incr = 1;
+ } else if ((*c & 0xE0) == 0xC0) {
+ incr = 2;
+ } else if ((*c & 0xF0) == 0xE0) {
+ incr = 3;
+ } else if ((*c & 0xF8) == 0xF0) {
+ incr = 4;
+ } else if ((*c & 0xFC) == 0xF8) {
+ incr = 5;
+ } else if ((*c & 0xFE) == 0xFC) {
+ incr = 6;
+ } else {
+ nss_SetError(NSS_ERROR_INVALID_STRING);
+ goto loser;
+ }
+
+ l += incr;
+
+#ifdef PEDANTIC
+ if (l < incr) {
+ /* Wrapped-- too big */
+ nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
+ goto loser;
+ }
+
+ {
+ PRUint8 *d;
+ for (d = &c[1]; d < &c[incr]; d++) {
+ if ((*d & 0xC0) != 0xF0) {
+ nss_SetError(NSS_ERROR_INVALID_STRING);
+ goto loser;
+ }
+ }
+ }
+#endif /* PEDANTIC */
+
+ c += incr;
+ }
+
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+
+ return l;
+
+loser:
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+
+ return 0;
+}
+
+/*
+ * nssUTF8_Create
+ *
+ * This routine creates a UTF8 string from a string in some other
+ * format. Some types of string may include embedded null characters,
+ * so for them the length parameter must be used. For string types
+ * that are null-terminated, the length parameter is optional; if it
+ * is zero, it will be ignored. If the optional arena argument is
+ * non-null, the memory used for the new string will be obtained from
+ * that arena, otherwise it will be obtained from the heap. This
+ * routine may return NULL upon error, in which case it will have
+ * placed an error on the error stack.
+ *
+ * The error may be one of the following:
+ * NSS_ERROR_INVALID_POINTER
+ * NSS_ERROR_NO_MEMORY
+ * NSS_ERROR_UNSUPPORTED_TYPE
+ *
+ * Return value:
+ * NULL upon error
+ * A non-null pointer to a new UTF8 string otherwise
+ */
+
+extern const NSSError NSS_ERROR_INTERNAL_ERROR; /* XXX fgmr */
+
+NSS_IMPLEMENT NSSUTF8 *
+nssUTF8_Create(NSSArena *arenaOpt, nssStringType type, const void *inputString,
+ PRUint32 size /* in bytes, not characters */
+ )
+{
+ NSSUTF8 *rv = NULL;
+
+#ifdef NSSDEBUG
+ if ((NSSArena *)NULL != arenaOpt) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ return (NSSUTF8 *)NULL;
+ }
+ }
+
+ if ((const void *)NULL == inputString) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (NSSUTF8 *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ switch (type) {
+ case nssStringType_DirectoryString:
+ /* This is a composite type requiring BER */
+ nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
+ break;
+ case nssStringType_TeletexString:
+ /*
+ * draft-ietf-pkix-ipki-part1-11 says in part:
+ *
+ * In addition, many legacy implementations support names encoded
+ * in the ISO 8859-1 character set (Latin1String) but tag them as
+ * TeletexString. The Latin1String includes characters used in
+ * Western European countries which are not part of the
+ * TeletexString charcter set. Implementations that process
+ * TeletexString SHOULD be prepared to handle the entire ISO
+ * 8859-1 character set.[ISO 8859-1].
+ */
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_PrintableString:
+ /*
+ * PrintableString consists of A-Za-z0-9 ,()+,-./:=?
+ * This is a subset of ASCII, which is a subset of UTF8.
+ * So we can just duplicate the string over.
+ */
+
+ if (0 == size) {
+ rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
+ } else {
+ rv = nss_ZAlloc(arenaOpt, size + 1);
+ if ((NSSUTF8 *)NULL == rv) {
+ return (NSSUTF8 *)NULL;
+ }
+
+ (void)nsslibc_memcpy(rv, inputString, size);
+ }
+
+ break;
+ case nssStringType_UniversalString:
+ /* 4-byte unicode */
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_BMPString:
+ /* Base Multilingual Plane of Unicode */
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_UTF8String:
+ if (0 == size) {
+ rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
+ } else {
+ rv = nss_ZAlloc(arenaOpt, size + 1);
+ if ((NSSUTF8 *)NULL == rv) {
+ return (NSSUTF8 *)NULL;
+ }
+
+ (void)nsslibc_memcpy(rv, inputString, size);
+ }
+
+ break;
+ case nssStringType_PHGString:
+ /*
+ * PHGString is an IA5String (with case-insensitive comparisons).
+ * IA5 is ~almost~ ascii; ascii has dollar-sign where IA5 has
+ * currency symbol.
+ */
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_GeneralString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ default:
+ nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
+ break;
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT NSSItem *
+nssUTF8_GetEncoding(NSSArena *arenaOpt, NSSItem *rvOpt, nssStringType type,
+ NSSUTF8 *string)
+{
+ NSSItem *rv = (NSSItem *)NULL;
+ PRStatus status = PR_SUCCESS;
+
+#ifdef NSSDEBUG
+ if ((NSSArena *)NULL != arenaOpt) {
+ if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
+ return (NSSItem *)NULL;
+ }
+ }
+
+ if ((NSSUTF8 *)NULL == string) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return (NSSItem *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ switch (type) {
+ case nssStringType_DirectoryString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_TeletexString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_PrintableString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_UniversalString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_BMPString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ case nssStringType_UTF8String: {
+ NSSUTF8 *dup = nssUTF8_Duplicate(string, arenaOpt);
+ if ((NSSUTF8 *)NULL == dup) {
+ return (NSSItem *)NULL;
+ }
+
+ if ((NSSItem *)NULL == rvOpt) {
+ rv = nss_ZNEW(arenaOpt, NSSItem);
+ if ((NSSItem *)NULL == rv) {
+ (void)nss_ZFreeIf(dup);
+ return (NSSItem *)NULL;
+ }
+ } else {
+ rv = rvOpt;
+ }
+
+ rv->data = dup;
+ dup = (NSSUTF8 *)NULL;
+ rv->size = nssUTF8_Size(rv->data, &status);
+ if ((0 == rv->size) && (PR_SUCCESS != status)) {
+ if ((NSSItem *)NULL == rvOpt) {
+ (void)nss_ZFreeIf(rv);
+ }
+ return (NSSItem *)NULL;
+ }
+ } break;
+ case nssStringType_PHGString:
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
+ break;
+ default:
+ nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
+ break;
+ }
+
+ return rv;
+}
+
+/*
+ * nssUTF8_CopyIntoFixedBuffer
+ *
+ * This will copy a UTF8 string into a fixed-length buffer, making
+ * sure that the all characters are valid. Any remaining space will
+ * be padded with the specified ASCII character, typically either
+ * null or space.
+ *
+ * Blah, blah, blah.
+ */
+
+NSS_IMPLEMENT PRStatus
+nssUTF8_CopyIntoFixedBuffer(NSSUTF8 *string, char *buffer, PRUint32 bufferSize,
+ char pad)
+{
+ PRUint32 stringSize = 0;
+
+#ifdef NSSDEBUG
+ if ((char *)NULL == buffer) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ return PR_FALSE;
+ }
+
+ if (0 == bufferSize) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return PR_FALSE;
+ }
+
+ if ((pad & 0x80) != 0x00) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return PR_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if ((NSSUTF8 *)NULL == string) {
+ string = (NSSUTF8 *)"";
+ }
+
+ stringSize = nssUTF8_Size(string, (PRStatus *)NULL);
+ stringSize--; /* don't count the trailing null */
+ if (stringSize > bufferSize) {
+ PRUint32 bs = bufferSize;
+ (void)nsslibc_memcpy(buffer, string, bufferSize);
+
+ if ((((buffer[bs - 1] & 0x80) == 0x00)) ||
+ ((bs > 1) && ((buffer[bs - 2] & 0xE0) == 0xC0)) ||
+ ((bs > 2) && ((buffer[bs - 3] & 0xF0) == 0xE0)) ||
+ ((bs > 3) && ((buffer[bs - 4] & 0xF8) == 0xF0)) ||
+ ((bs > 4) && ((buffer[bs - 5] & 0xFC) == 0xF8)) ||
+ ((bs > 5) && ((buffer[bs - 6] & 0xFE) == 0xFC))) {
+ /* It fit exactly */
+ return PR_SUCCESS;
+ }
+
+ /* Too long. We have to trim the last character */
+ for (/*bs*/; bs != 0; bs--) {
+ if ((buffer[bs - 1] & 0xC0) != 0x80) {
+ buffer[bs - 1] = pad;
+ break;
+ } else {
+ buffer[bs - 1] = pad;
+ }
+ }
+ } else {
+ (void)nsslibc_memset(buffer, pad, bufferSize);
+ (void)nsslibc_memcpy(buffer, string, stringSize);
+ }
+
+ return PR_SUCCESS;
+}
+
+/*
+ * nssUTF8_Equal
+ *
+ */
+
+NSS_IMPLEMENT PRBool
+nssUTF8_Equal(const NSSUTF8 *a, const NSSUTF8 *b, PRStatus *statusOpt)
+{
+ PRUint32 la, lb;
+
+#ifdef NSSDEBUG
+ if (((const NSSUTF8 *)NULL == a) || ((const NSSUTF8 *)NULL == b)) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ if ((PRStatus *)NULL != statusOpt) {
+ *statusOpt = PR_FAILURE;
+ }
+ return PR_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ la = nssUTF8_Size(a, statusOpt);
+ if (0 == la) {
+ return PR_FALSE;
+ }
+
+ lb = nssUTF8_Size(b, statusOpt);
+ if (0 == lb) {
+ return PR_FALSE;
+ }
+
+ if (la != lb) {
+ return PR_FALSE;
+ }
+
+ return nsslibc_memequal(a, b, la, statusOpt);
+}
diff --git a/security/nss/lib/certdb/Makefile b/security/nss/lib/certdb/Makefile
new file mode 100644
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/certdb/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c
new file mode 100644
index 000000000..b6736c462
--- /dev/null
+++ b/security/nss/lib/certdb/alg1485.c
@@ -0,0 +1,1576 @@
+/* alg1485.c - implementation of RFCs 1485, 1779 and 2253.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prprf.h"
+#include "cert.h"
+#include "certi.h"
+#include "xconst.h"
+#include "genname.h"
+#include "secitem.h"
+#include "secerr.h"
+
+typedef struct NameToKindStr {
+ const char* name;
+ unsigned int maxLen; /* max bytes in UTF8 encoded string value */
+ SECOidTag kind;
+ int valueType;
+} NameToKind;
+
+/* local type for directory string--could be printable_string or utf8 */
+#define SEC_ASN1_DS SEC_ASN1_HIGH_TAG_NUMBER
+
+/* clang-format off */
+
+/* Add new entries to this table, and maybe to function ParseRFC1485AVA */
+static const NameToKind name2kinds[] = {
+/* IANA registered type names
+ * (See: http://www.iana.org/assignments/ldap-parameters)
+ */
+/* RFC 3280, 4630 MUST SUPPORT */
+ { "CN", 640, SEC_OID_AVA_COMMON_NAME, SEC_ASN1_DS},
+ { "ST", 128, SEC_OID_AVA_STATE_OR_PROVINCE,
+ SEC_ASN1_DS},
+ { "O", 128, SEC_OID_AVA_ORGANIZATION_NAME,
+ SEC_ASN1_DS},
+ { "OU", 128, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME,
+ SEC_ASN1_DS},
+ { "dnQualifier", 32767, SEC_OID_AVA_DN_QUALIFIER, SEC_ASN1_PRINTABLE_STRING},
+ { "C", 2, SEC_OID_AVA_COUNTRY_NAME, SEC_ASN1_PRINTABLE_STRING},
+ { "serialNumber", 64, SEC_OID_AVA_SERIAL_NUMBER,SEC_ASN1_PRINTABLE_STRING},
+
+/* RFC 3280, 4630 SHOULD SUPPORT */
+ { "L", 128, SEC_OID_AVA_LOCALITY, SEC_ASN1_DS},
+ { "title", 64, SEC_OID_AVA_TITLE, SEC_ASN1_DS},
+ { "SN", 64, SEC_OID_AVA_SURNAME, SEC_ASN1_DS},
+ { "givenName", 64, SEC_OID_AVA_GIVEN_NAME, SEC_ASN1_DS},
+ { "initials", 64, SEC_OID_AVA_INITIALS, SEC_ASN1_DS},
+ { "generationQualifier",
+ 64, SEC_OID_AVA_GENERATION_QUALIFIER,
+ SEC_ASN1_DS},
+/* RFC 3280, 4630 MAY SUPPORT */
+ { "DC", 128, SEC_OID_AVA_DC, SEC_ASN1_IA5_STRING},
+ { "MAIL", 256, SEC_OID_RFC1274_MAIL, SEC_ASN1_IA5_STRING},
+ { "UID", 256, SEC_OID_RFC1274_UID, SEC_ASN1_DS},
+
+/* ------------------ "strict" boundary ---------------------------------
+ * In strict mode, cert_NameToAscii does not encode any of the attributes
+ * below this line. The first SECOidTag below this line must be used to
+ * conditionally define the "endKind" in function AppendAVA() below.
+ * Most new attribute names should be added below this line.
+ * Maybe this line should be up higher? Say, after the 3280 MUSTs and
+ * before the 3280 SHOULDs?
+ */
+
+/* values from draft-ietf-ldapbis-user-schema-05 (not in RFC 3280) */
+ { "postalAddress", 128, SEC_OID_AVA_POSTAL_ADDRESS, SEC_ASN1_DS},
+ { "postalCode", 40, SEC_OID_AVA_POSTAL_CODE, SEC_ASN1_DS},
+ { "postOfficeBox", 40, SEC_OID_AVA_POST_OFFICE_BOX,SEC_ASN1_DS},
+ { "houseIdentifier",64, SEC_OID_AVA_HOUSE_IDENTIFIER,SEC_ASN1_DS},
+/* end of IANA registered type names */
+
+/* legacy keywords */
+ { "E", 128, SEC_OID_PKCS9_EMAIL_ADDRESS,SEC_ASN1_IA5_STRING},
+ { "STREET", 128, SEC_OID_AVA_STREET_ADDRESS, SEC_ASN1_DS},
+ { "pseudonym", 64, SEC_OID_AVA_PSEUDONYM, SEC_ASN1_DS},
+
+/* values defined by the CAB Forum for EV */
+ { "incorporationLocality", 128, SEC_OID_EV_INCORPORATION_LOCALITY,
+ SEC_ASN1_DS},
+ { "incorporationState", 128, SEC_OID_EV_INCORPORATION_STATE,
+ SEC_ASN1_DS},
+ { "incorporationCountry", 2, SEC_OID_EV_INCORPORATION_COUNTRY,
+ SEC_ASN1_PRINTABLE_STRING},
+ { "businessCategory", 64, SEC_OID_BUSINESS_CATEGORY, SEC_ASN1_DS},
+
+/* values defined in X.520 */
+ { "name", 64, SEC_OID_AVA_NAME, SEC_ASN1_DS},
+
+ { 0, 256, SEC_OID_UNKNOWN, 0},
+};
+
+/* Table facilitates conversion of ASCII hex to binary. */
+static const PRInt16 x2b[256] = {
+/* #0x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #1x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #2x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #3x */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
+/* #4x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #5x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #6x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #7x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #8x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #9x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #ax */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #bx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #cx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #dx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #ex */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+/* #fx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
+};
+
+#define IS_HEX(c) (x2b[(PRUint8)(c)] >= 0)
+
+#define C_DOUBLE_QUOTE '\042'
+
+#define C_BACKSLASH '\134'
+
+#define C_EQUAL '='
+
+#define OPTIONAL_SPACE(c) \
+ (((c) == ' ') || ((c) == '\r') || ((c) == '\n'))
+
+#define SPECIAL_CHAR(c) \
+ (((c) == ',') || ((c) == '=') || ((c) == C_DOUBLE_QUOTE) || \
+ ((c) == '\r') || ((c) == '\n') || ((c) == '+') || \
+ ((c) == '<') || ((c) == '>') || ((c) == '#') || \
+ ((c) == ';') || ((c) == C_BACKSLASH))
+
+
+#define IS_PRINTABLE(c) \
+ ((((c) >= 'a') && ((c) <= 'z')) || \
+ (((c) >= 'A') && ((c) <= 'Z')) || \
+ (((c) >= '0') && ((c) <= '9')) || \
+ ((c) == ' ') || \
+ ((c) == '\'') || \
+ ((c) == '\050') || /* ( */ \
+ ((c) == '\051') || /* ) */ \
+ (((c) >= '+') && ((c) <= '/')) || /* + , - . / */ \
+ ((c) == ':') || \
+ ((c) == '=') || \
+ ((c) == '?'))
+
+/* clang-format on */
+
+/* RFC 2253 says we must escape ",+\"\\<>;=" EXCEPT inside a quoted string.
+ * Inside a quoted string, we only need to escape " and \
+ * We choose to quote strings containing any of those special characters,
+ * so we only need to escape " and \
+ */
+#define NEEDS_ESCAPE(c) (c == C_DOUBLE_QUOTE || c == C_BACKSLASH)
+
+#define NEEDS_HEX_ESCAPE(c) ((PRUint8)c < 0x20 || c == 0x7f)
+
+int
+cert_AVAOidTagToMaxLen(SECOidTag tag)
+{
+ const NameToKind* n2k = name2kinds;
+
+ while (n2k->kind != tag && n2k->kind != SEC_OID_UNKNOWN) {
+ ++n2k;
+ }
+ return (n2k->kind != SEC_OID_UNKNOWN) ? n2k->maxLen : -1;
+}
+
+static PRBool
+IsPrintable(unsigned char* data, unsigned len)
+{
+ unsigned char ch, *end;
+
+ end = data + len;
+ while (data < end) {
+ ch = *data++;
+ if (!IS_PRINTABLE(ch)) {
+ return PR_FALSE;
+ }
+ }
+ return PR_TRUE;
+}
+
+static void
+skipSpace(const char** pbp, const char* endptr)
+{
+ const char* bp = *pbp;
+ while (bp < endptr && OPTIONAL_SPACE(*bp)) {
+ bp++;
+ }
+ *pbp = bp;
+}
+
+static SECStatus
+scanTag(const char** pbp, const char* endptr, char* tagBuf, int tagBufSize)
+{
+ const char* bp;
+ char* tagBufp;
+ int taglen;
+
+ PORT_Assert(tagBufSize > 0);
+
+ /* skip optional leading space */
+ skipSpace(pbp, endptr);
+ if (*pbp == endptr) {
+ /* nothing left */
+ return SECFailure;
+ }
+
+ /* fill tagBuf */
+ taglen = 0;
+ bp = *pbp;
+ tagBufp = tagBuf;
+ while (bp < endptr && !OPTIONAL_SPACE(*bp) && (*bp != C_EQUAL)) {
+ if (++taglen >= tagBufSize) {
+ *pbp = bp;
+ return SECFailure;
+ }
+ *tagBufp++ = *bp++;
+ }
+ /* null-terminate tagBuf -- guaranteed at least one space left */
+ *tagBufp++ = 0;
+ *pbp = bp;
+
+ /* skip trailing spaces till we hit something - should be an equal sign */
+ skipSpace(pbp, endptr);
+ if (*pbp == endptr) {
+ /* nothing left */
+ return SECFailure;
+ }
+ if (**pbp != C_EQUAL) {
+ /* should be an equal sign */
+ return SECFailure;
+ }
+ /* skip over the equal sign */
+ (*pbp)++;
+
+ return SECSuccess;
+}
+
+/* Returns the number of bytes in the value. 0 means failure. */
+static int
+scanVal(const char** pbp, const char* endptr, char* valBuf, int valBufSize)
+{
+ const char* bp;
+ char* valBufp;
+ int vallen = 0;
+ PRBool isQuoted;
+
+ PORT_Assert(valBufSize > 0);
+
+ /* skip optional leading space */
+ skipSpace(pbp, endptr);
+ if (*pbp == endptr) {
+ /* nothing left */
+ return 0;
+ }
+
+ bp = *pbp;
+
+ /* quoted? */
+ if (*bp == C_DOUBLE_QUOTE) {
+ isQuoted = PR_TRUE;
+ /* skip over it */
+ bp++;
+ } else {
+ isQuoted = PR_FALSE;
+ }
+
+ valBufp = valBuf;
+ while (bp < endptr) {
+ char c = *bp;
+ if (c == C_BACKSLASH) {
+ /* escape character */
+ bp++;
+ if (bp >= endptr) {
+ /* escape charater must appear with paired char */
+ *pbp = bp;
+ return 0;
+ }
+ c = *bp;
+ if (IS_HEX(c) && (endptr - bp) >= 2 && IS_HEX(bp[1])) {
+ bp++;
+ c = (char)((x2b[(PRUint8)c] << 4) | x2b[(PRUint8)*bp]);
+ }
+ } else if (c == '#' && bp == *pbp) {
+ /* ignore leading #, quotation not required for it. */
+ } else if (!isQuoted && SPECIAL_CHAR(c)) {
+ /* unescaped special and not within quoted value */
+ break;
+ } else if (c == C_DOUBLE_QUOTE) {
+ /* reached unescaped double quote */
+ break;
+ }
+ /* append character */
+ vallen++;
+ if (vallen >= valBufSize) {
+ *pbp = bp;
+ return 0;
+ }
+ *valBufp++ = c;
+ bp++;
+ }
+
+ /* strip trailing spaces from unquoted values */
+ if (!isQuoted) {
+ while (valBufp > valBuf) {
+ char c = valBufp[-1];
+ if (!OPTIONAL_SPACE(c))
+ break;
+ --valBufp;
+ }
+ vallen = valBufp - valBuf;
+ }
+
+ if (isQuoted) {
+ /* insist that we stopped on a double quote */
+ if (*bp != C_DOUBLE_QUOTE) {
+ *pbp = bp;
+ return 0;
+ }
+ /* skip over the quote and skip optional space */
+ bp++;
+ skipSpace(&bp, endptr);
+ }
+
+ *pbp = bp;
+
+ /* null-terminate valBuf -- guaranteed at least one space left */
+ *valBufp = 0;
+
+ return vallen;
+}
+
+/* Caller must set error code upon failure */
+static SECStatus
+hexToBin(PLArenaPool* pool, SECItem* destItem, const char* src, int len)
+{
+ PRUint8* dest;
+
+ destItem->data = NULL;
+ if (len <= 0 || (len & 1)) {
+ goto loser;
+ }
+ len >>= 1;
+ if (!SECITEM_AllocItem(pool, destItem, len))
+ goto loser;
+ dest = destItem->data;
+ for (; len > 0; len--, src += 2) {
+ PRInt16 bin = (x2b[(PRUint8)src[0]] << 4) | x2b[(PRUint8)src[1]];
+ if (bin < 0)
+ goto loser;
+ *dest++ = (PRUint8)bin;
+ }
+ return SECSuccess;
+loser:
+ if (!pool)
+ SECITEM_FreeItem(destItem, PR_FALSE);
+ return SECFailure;
+}
+
+/* Parses one AVA, starting at *pbp. Stops at endptr.
+ * Advances *pbp past parsed AVA and trailing separator (if present).
+ * On any error, returns NULL and *pbp is undefined.
+ * On success, returns CERTAVA allocated from arena, and (*pbp)[-1] was
+ * the last character parsed. *pbp is either equal to endptr or
+ * points to first character after separator.
+ */
+static CERTAVA*
+ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr)
+{
+ CERTAVA* a;
+ const NameToKind* n2k;
+ const char* bp;
+ int vt = -1;
+ int valLen;
+ SECOidTag kind = SEC_OID_UNKNOWN;
+ SECStatus rv = SECFailure;
+ SECItem derOid = { 0, NULL, 0 };
+ SECItem derVal = { 0, NULL, 0 };
+ char sep = 0;
+
+ char tagBuf[32];
+ char valBuf[1024];
+
+ PORT_Assert(arena);
+ if (SECSuccess != scanTag(pbp, endptr, tagBuf, sizeof tagBuf) ||
+ !(valLen = scanVal(pbp, endptr, valBuf, sizeof valBuf))) {
+ goto loser;
+ }
+
+ bp = *pbp;
+ if (bp < endptr) {
+ sep = *bp++; /* skip over separator */
+ }
+ *pbp = bp;
+ /* if we haven't finished, insist that we've stopped on a separator */
+ if (sep && sep != ',' && sep != ';' && sep != '+') {
+ goto loser;
+ }
+
+ /* is this a dotted decimal OID attribute type ? */
+ if (!PL_strncasecmp("oid.", tagBuf, 4)) {
+ rv = SEC_StringToOID(arena, &derOid, tagBuf, strlen(tagBuf));
+ } else {
+ for (n2k = name2kinds; n2k->name; n2k++) {
+ SECOidData* oidrec;
+ if (PORT_Strcasecmp(n2k->name, tagBuf) == 0) {
+ kind = n2k->kind;
+ vt = n2k->valueType;
+ oidrec = SECOID_FindOIDByTag(kind);
+ if (oidrec == NULL)
+ goto loser;
+ derOid = oidrec->oid;
+ break;
+ }
+ }
+ }
+ if (kind == SEC_OID_UNKNOWN && rv != SECSuccess)
+ goto loser;
+
+ /* Is this a hex encoding of a DER attribute value ? */
+ if ('#' == valBuf[0]) {
+ /* convert attribute value from hex to binary */
+ rv = hexToBin(arena, &derVal, valBuf + 1, valLen - 1);
+ if (rv)
+ goto loser;
+ a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal);
+ } else {
+ if (kind == SEC_OID_UNKNOWN)
+ goto loser;
+ if (kind == SEC_OID_AVA_COUNTRY_NAME && valLen != 2)
+ goto loser;
+ if (vt == SEC_ASN1_PRINTABLE_STRING &&
+ !IsPrintable((unsigned char*)valBuf, valLen))
+ goto loser;
+ if (vt == SEC_ASN1_DS) {
+ /* RFC 4630: choose PrintableString or UTF8String */
+ if (IsPrintable((unsigned char*)valBuf, valLen))
+ vt = SEC_ASN1_PRINTABLE_STRING;
+ else
+ vt = SEC_ASN1_UTF8_STRING;
+ }
+
+ derVal.data = (unsigned char*)valBuf;
+ derVal.len = valLen;
+ a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal);
+ }
+ return a;
+
+loser:
+ /* matched no kind -- invalid tag */
+ PORT_SetError(SEC_ERROR_INVALID_AVA);
+ return 0;
+}
+
+static CERTName*
+ParseRFC1485Name(const char* buf, int len)
+{
+ SECStatus rv;
+ CERTName* name;
+ const char *bp, *e;
+ CERTAVA* ava;
+ CERTRDN* rdn = NULL;
+
+ name = CERT_CreateName(NULL);
+ if (name == NULL) {
+ return NULL;
+ }
+
+ e = buf + len;
+ bp = buf;
+ while (bp < e) {
+ ava = ParseRFC1485AVA(name->arena, &bp, e);
+ if (ava == 0)
+ goto loser;
+ if (!rdn) {
+ rdn = CERT_CreateRDN(name->arena, ava, (CERTAVA*)0);
+ if (rdn == 0)
+ goto loser;
+ rv = CERT_AddRDN(name, rdn);
+ } else {
+ rv = CERT_AddAVA(name->arena, rdn, ava);
+ }
+ if (rv)
+ goto loser;
+ if (bp[-1] != '+')
+ rdn = NULL; /* done with this RDN */
+ skipSpace(&bp, e);
+ }
+
+ if (name->rdns[0] == 0) {
+ /* empty name -- illegal */
+ goto loser;
+ }
+
+ /* Reverse order of RDNS to comply with RFC */
+ {
+ CERTRDN** firstRdn;
+ CERTRDN** lastRdn;
+ CERTRDN* tmp;
+
+ /* get first one */
+ firstRdn = name->rdns;
+
+ /* find last one */
+ lastRdn = name->rdns;
+ while (*lastRdn)
+ lastRdn++;
+ lastRdn--;
+
+ /* reverse list */
+ for (; firstRdn < lastRdn; firstRdn++, lastRdn--) {
+ tmp = *firstRdn;
+ *firstRdn = *lastRdn;
+ *lastRdn = tmp;
+ }
+ }
+
+ /* return result */
+ return name;
+
+loser:
+ CERT_DestroyName(name);
+ return NULL;
+}
+
+CERTName*
+CERT_AsciiToName(const char* string)
+{
+ CERTName* name;
+ name = ParseRFC1485Name(string, PORT_Strlen(string));
+ return name;
+}
+
+/************************************************************************/
+
+typedef struct stringBufStr {
+ char* buffer;
+ unsigned offset;
+ unsigned size;
+} stringBuf;
+
+#define DEFAULT_BUFFER_SIZE 200
+
+static SECStatus
+AppendStr(stringBuf* bufp, char* str)
+{
+ char* buf;
+ unsigned bufLen, bufSize, len;
+ int size = 0;
+
+ /* Figure out how much to grow buf by (add in the '\0') */
+ buf = bufp->buffer;
+ bufLen = bufp->offset;
+ len = PORT_Strlen(str);
+ bufSize = bufLen + len;
+ if (!buf) {
+ bufSize++;
+ size = PR_MAX(DEFAULT_BUFFER_SIZE, bufSize * 2);
+ buf = (char*)PORT_Alloc(size);
+ bufp->size = size;
+ } else if (bufp->size < bufSize) {
+ size = bufSize * 2;
+ buf = (char*)PORT_Realloc(buf, size);
+ bufp->size = size;
+ }
+ if (!buf) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ bufp->buffer = buf;
+ bufp->offset = bufSize;
+
+ /* Concatenate str onto buf */
+ buf = buf + bufLen;
+ if (bufLen)
+ buf--; /* stomp on old '\0' */
+ PORT_Memcpy(buf, str, len + 1); /* put in new null */
+ return SECSuccess;
+}
+
+typedef enum {
+ minimalEscape = 0, /* only hex escapes, and " and \ */
+ minimalEscapeAndQuote, /* as above, plus quoting */
+ fullEscape /* no quoting, full escaping */
+} EQMode;
+
+/* Some characters must be escaped as a hex string, e.g. c -> \nn .
+ * Others must be escaped by preceding with a '\', e.g. c -> \c , but
+ * there are certain "special characters" that may be handled by either
+ * escaping them, or by enclosing the entire attribute value in quotes.
+ * A NULL value for pEQMode implies selecting minimalEscape mode.
+ * Some callers will do quoting when needed, others will not.
+ * If a caller selects minimalEscapeAndQuote, and the string does not
+ * need quoting, then this function changes it to minimalEscape.
+ */
+static int
+cert_RFC1485_GetRequiredLen(const char* src, int srclen, EQMode* pEQMode)
+{
+ int i, reqLen = 0;
+ EQMode mode = pEQMode ? *pEQMode : minimalEscape;
+ PRBool needsQuoting = PR_FALSE;
+ char lastC = 0;
+
+ /* need to make an initial pass to determine if quoting is needed */
+ for (i = 0; i < srclen; i++) {
+ char c = src[i];
+ reqLen++;
+ if (NEEDS_HEX_ESCAPE(c)) { /* c -> \xx */
+ reqLen += 2;
+ } else if (NEEDS_ESCAPE(c)) { /* c -> \c */
+ reqLen++;
+ } else if (SPECIAL_CHAR(c)) {
+ if (mode == minimalEscapeAndQuote) /* quoting is allowed */
+ needsQuoting = PR_TRUE; /* entirety will need quoting */
+ else if (mode == fullEscape)
+ reqLen++; /* MAY escape this character */
+ } else if (OPTIONAL_SPACE(c) && OPTIONAL_SPACE(lastC)) {
+ if (mode == minimalEscapeAndQuote) /* quoting is allowed */
+ needsQuoting = PR_TRUE; /* entirety will need quoting */
+ }
+ lastC = c;
+ }
+ /* if it begins or ends in optional space it needs quoting */
+ if (!needsQuoting && srclen > 0 && mode == minimalEscapeAndQuote &&
+ (OPTIONAL_SPACE(src[srclen - 1]) || OPTIONAL_SPACE(src[0]))) {
+ needsQuoting = PR_TRUE;
+ }
+
+ if (needsQuoting)
+ reqLen += 2;
+ if (pEQMode && mode == minimalEscapeAndQuote && !needsQuoting)
+ *pEQMode = minimalEscape;
+ return reqLen;
+}
+
+static const char hexChars[16] = { "0123456789abcdef" };
+
+static SECStatus
+escapeAndQuote(char* dst, int dstlen, char* src, int srclen, EQMode* pEQMode)
+{
+ int i, reqLen = 0;
+ EQMode mode = pEQMode ? *pEQMode : minimalEscape;
+
+ /* space for terminal null */
+ reqLen = cert_RFC1485_GetRequiredLen(src, srclen, &mode) + 1;
+ if (reqLen > dstlen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ if (mode == minimalEscapeAndQuote)
+ *dst++ = C_DOUBLE_QUOTE;
+ for (i = 0; i < srclen; i++) {
+ char c = src[i];
+ if (NEEDS_HEX_ESCAPE(c)) {
+ *dst++ = C_BACKSLASH;
+ *dst++ = hexChars[(c >> 4) & 0x0f];
+ *dst++ = hexChars[c & 0x0f];
+ } else {
+ if (NEEDS_ESCAPE(c) || (SPECIAL_CHAR(c) && mode == fullEscape)) {
+ *dst++ = C_BACKSLASH;
+ }
+ *dst++ = c;
+ }
+ }
+ if (mode == minimalEscapeAndQuote)
+ *dst++ = C_DOUBLE_QUOTE;
+ *dst++ = 0;
+ if (pEQMode)
+ *pEQMode = mode;
+ return SECSuccess;
+}
+
+SECStatus
+CERT_RFC1485_EscapeAndQuote(char* dst, int dstlen, char* src, int srclen)
+{
+ EQMode mode = minimalEscapeAndQuote;
+ return escapeAndQuote(dst, dstlen, src, srclen, &mode);
+}
+
+/* convert an OID to dotted-decimal representation */
+/* Returns a string that must be freed with PR_smprintf_free(), */
+char*
+CERT_GetOidString(const SECItem* oid)
+{
+ PRUint8* stop; /* points to first byte after OID string */
+ PRUint8* first; /* byte of an OID component integer */
+ PRUint8* last; /* byte of an OID component integer */
+ char* rvString = NULL;
+ char* prefix = NULL;
+
+#define MAX_OID_LEN 1024 /* bytes */
+
+ if (oid->len > MAX_OID_LEN) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return NULL;
+ }
+
+ /* first will point to the next sequence of bytes to decode */
+ first = (PRUint8*)oid->data;
+ /* stop points to one past the legitimate data */
+ stop = &first[oid->len];
+
+ /*
+ * Check for our pseudo-encoded single-digit OIDs
+ */
+ if ((*first == 0x80) && (2 == oid->len)) {
+ /* Funky encoding. The second byte is the number */
+ rvString = PR_smprintf("%lu", (PRUint32)first[1]);
+ if (!rvString) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ return rvString;
+ }
+
+ for (; first < stop; first = last + 1) {
+ unsigned int bytesBeforeLast;
+
+ for (last = first; last < stop; last++) {
+ if (0 == (*last & 0x80)) {
+ break;
+ }
+ }
+ bytesBeforeLast = (unsigned int)(last - first);
+ if (bytesBeforeLast <= 3U) { /* 0-28 bit number */
+ PRUint32 n = 0;
+ PRUint32 c;
+
+#define CGET(i, m) \
+ c = last[-i] & m; \
+ n |= c << (7 * i)
+
+#define CASE(i, m) \
+ case i: \
+ CGET(i, m); \
+ if (!n) \
+ goto unsupported /* fall-through */
+
+ switch (bytesBeforeLast) {
+ CASE(3, 0x7f);
+ CASE(2, 0x7f);
+ CASE(1, 0x7f);
+ case 0:
+ n |=
+ last[0] & 0x7f;
+ break;
+ }
+ if (last[0] & 0x80)
+ goto unsupported;
+
+ if (!rvString) {
+ /* This is the first number.. decompose it */
+ PRUint32 one = PR_MIN(n / 40, 2); /* never > 2 */
+ PRUint32 two = n - (one * 40);
+
+ rvString = PR_smprintf("OID.%lu.%lu", one, two);
+ } else {
+ prefix = rvString;
+ rvString = PR_smprintf("%s.%lu", prefix, n);
+ }
+ } else if (bytesBeforeLast <= 9U) { /* 29-64 bit number */
+ PRUint64 n = 0;
+ PRUint64 c;
+
+ switch (bytesBeforeLast) {
+ CASE(9, 0x01);
+ CASE(8, 0x7f);
+ CASE(7, 0x7f);
+ CASE(6, 0x7f);
+ CASE(5, 0x7f);
+ CASE(4, 0x7f);
+ CGET(3, 0x7f);
+ CGET(2, 0x7f);
+ CGET(1, 0x7f);
+ CGET(0, 0x7f);
+ break;
+ }
+ if (last[0] & 0x80)
+ goto unsupported;
+
+ if (!rvString) {
+ /* This is the first number.. decompose it */
+ PRUint64 one = PR_MIN(n / 40, 2); /* never > 2 */
+ PRUint64 two = n - (one * 40);
+
+ rvString = PR_smprintf("OID.%llu.%llu", one, two);
+ } else {
+ prefix = rvString;
+ rvString = PR_smprintf("%s.%llu", prefix, n);
+ }
+ } else {
+ /* More than a 64-bit number, or not minimal encoding. */
+ unsupported:
+ if (!rvString)
+ rvString = PR_smprintf("OID.UNSUPPORTED");
+ else {
+ prefix = rvString;
+ rvString = PR_smprintf("%s.UNSUPPORTED", prefix);
+ }
+ }
+
+ if (prefix) {
+ PR_smprintf_free(prefix);
+ prefix = NULL;
+ }
+ if (!rvString) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ break;
+ }
+ }
+ return rvString;
+}
+
+/* convert DER-encoded hex to a string */
+static SECItem*
+get_hex_string(SECItem* data)
+{
+ SECItem* rv;
+ unsigned int i, j;
+ static const char hex[] = { "0123456789ABCDEF" };
+
+ /* '#' + 2 chars per octet + terminator */
+ rv = SECITEM_AllocItem(NULL, NULL, data->len * 2 + 2);
+ if (!rv) {
+ return NULL;
+ }
+ rv->data[0] = '#';
+ rv->len = 1 + 2 * data->len;
+ for (i = 0; i < data->len; i++) {
+ j = data->data[i];
+ rv->data[2 * i + 1] = hex[j >> 4];
+ rv->data[2 * i + 2] = hex[j & 15];
+ }
+ rv->data[rv->len] = 0;
+ return rv;
+}
+
+/* For compliance with RFC 2253, RFC 3280 and RFC 4630, we choose to
+ * use the NAME=STRING form, rather than the OID.N.N=#hexXXXX form,
+ * when both of these conditions are met:
+ * 1) The attribute name OID (kind) has a known name string that is
+ * defined in one of those RFCs, or in RFCs that they cite, AND
+ * 2) The attribute's value encoding is RFC compliant for the kind
+ * (e.g., the value's encoding tag is correct for the kind, and
+ * the value's length is in the range allowed for the kind, and
+ * the value's contents are appropriate for the encoding tag).
+ * Otherwise, we use the OID.N.N=#hexXXXX form.
+ *
+ * If the caller prefers maximum human readability to RFC compliance,
+ * then
+ * - We print the kind in NAME= string form if we know the name
+ * string for the attribute type OID, regardless of whether the
+ * value is correctly encoded or not. else we use the OID.N.N= form.
+ * - We use the non-hex STRING form for the attribute value if the
+ * value can be represented in such a form. Otherwise, we use
+ * the hex string form.
+ * This implies that, for maximum human readability, in addition to
+ * the two forms allowed by the RFC, we allow two other forms of output:
+ * - the OID.N.N=STRING form, and
+ * - the NAME=#hexXXXX form
+ * When the caller prefers maximum human readability, we do not allow
+ * the value of any attribute to exceed the length allowed by the RFC.
+ * If the attribute value exceeds the allowed length, we truncate it to
+ * the allowed length and append "...".
+ * Also in this case, we arbitrarily impose a limit on the length of the
+ * entire AVA encoding, regardless of the form, of 384 bytes per AVA.
+ * This limit includes the trailing NULL character. If the encoded
+ * AVA length exceeds that limit, this function reports failure to encode
+ * the AVA.
+ *
+ * An ASCII representation of an AVA is said to be "invertible" if
+ * conversion back to DER reproduces the original DER encoding exactly.
+ * The RFC 2253 rules do not ensure that all ASCII AVAs derived according
+ * to its rules are invertible. That is because the RFCs allow some
+ * attribute values to be encoded in any of a number of encodings,
+ * and the encoding type information is lost in the non-hex STRING form.
+ * This is particularly true of attributes of type DirectoryString.
+ * The encoding type information is always preserved in the hex string
+ * form, because the hex includes the entire DER encoding of the value.
+ *
+ * So, when the caller perfers maximum invertibility, we apply the
+ * RFC compliance rules stated above, and add a third required
+ * condition on the use of the NAME=STRING form.
+ * 3) The attribute's kind is not is allowed to be encoded in any of
+ * several different encodings, such as DirectoryStrings.
+ *
+ * The chief difference between CERT_N2A_STRICT and CERT_N2A_INVERTIBLE
+ * is that the latter forces DirectoryStrings to be hex encoded.
+ *
+ * As a simplification, we assume the value is correctly encoded for
+ * its encoding type. That is, we do not test that all the characters
+ * in a string encoded type are allowed by that type. We assume it.
+ */
+static SECStatus
+AppendAVA(stringBuf* bufp, CERTAVA* ava, CertStrictnessLevel strict)
+{
+#define TMPBUF_LEN 2048
+ const NameToKind* pn2k = name2kinds;
+ SECItem* avaValue = NULL;
+ char* unknownTag = NULL;
+ char* encodedAVA = NULL;
+ PRBool useHex = PR_FALSE; /* use =#hexXXXX form */
+ PRBool truncateName = PR_FALSE;
+ PRBool truncateValue = PR_FALSE;
+ SECOidTag endKind;
+ SECStatus rv;
+ unsigned int len;
+ unsigned int nameLen, valueLen;
+ unsigned int maxName, maxValue;
+ EQMode mode = minimalEscapeAndQuote;
+ NameToKind n2k = { NULL, 32767, SEC_OID_UNKNOWN, SEC_ASN1_DS };
+ char tmpBuf[TMPBUF_LEN];
+
+#define tagName n2k.name /* non-NULL means use NAME= form */
+#define maxBytes n2k.maxLen
+#define tag n2k.kind
+#define vt n2k.valueType
+
+ /* READABLE mode recognizes more names from the name2kinds table
+ * than do STRICT or INVERTIBLE modes. This assignment chooses the
+ * point in the table where the attribute type name scanning stops.
+ */
+ endKind = (strict == CERT_N2A_READABLE) ? SEC_OID_UNKNOWN
+ : SEC_OID_AVA_POSTAL_ADDRESS;
+ tag = CERT_GetAVATag(ava);
+ while (pn2k->kind != tag && pn2k->kind != endKind) {
+ ++pn2k;
+ }
+
+ if (pn2k->kind != endKind) {
+ n2k = *pn2k;
+ } else if (strict != CERT_N2A_READABLE) {
+ useHex = PR_TRUE;
+ }
+ /* For invertable form, force Directory Strings to use hex form. */
+ if (strict == CERT_N2A_INVERTIBLE && vt == SEC_ASN1_DS) {
+ tagName = NULL; /* must use OID.N form */
+ useHex = PR_TRUE; /* must use hex string */
+ }
+ if (!useHex) {
+ avaValue = CERT_DecodeAVAValue(&ava->value);
+ if (!avaValue) {
+ useHex = PR_TRUE;
+ if (strict != CERT_N2A_READABLE) {
+ tagName = NULL; /* must use OID.N form */
+ }
+ }
+ }
+ if (!tagName) {
+ /* handle unknown attribute types per RFC 2253 */
+ tagName = unknownTag = CERT_GetOidString(&ava->type);
+ if (!tagName) {
+ if (avaValue)
+ SECITEM_FreeItem(avaValue, PR_TRUE);
+ return SECFailure;
+ }
+ }
+ if (useHex) {
+ avaValue = get_hex_string(&ava->value);
+ if (!avaValue) {
+ if (unknownTag)
+ PR_smprintf_free(unknownTag);
+ return SECFailure;
+ }
+ }
+
+ nameLen = strlen(tagName);
+ valueLen =
+ (useHex ? avaValue->len : cert_RFC1485_GetRequiredLen(
+ (char*)avaValue->data, avaValue->len, &mode));
+ len = nameLen + valueLen + 2; /* Add 2 for '=' and trailing NUL */
+
+ maxName = nameLen;
+ maxValue = valueLen;
+ if (len <= sizeof(tmpBuf)) {
+ encodedAVA = tmpBuf;
+ } else if (strict != CERT_N2A_READABLE) {
+ encodedAVA = PORT_Alloc(len);
+ if (!encodedAVA) {
+ SECITEM_FreeItem(avaValue, PR_TRUE);
+ if (unknownTag)
+ PR_smprintf_free(unknownTag);
+ return SECFailure;
+ }
+ } else {
+ /* Must make output fit in tmpbuf */
+ unsigned int fair = (sizeof tmpBuf) / 2 - 1; /* for = and \0 */
+
+ if (nameLen < fair) {
+ /* just truncate the value */
+ maxValue = (sizeof tmpBuf) - (nameLen + 6); /* for "=...\0",
+ and possibly '"' */
+ } else if (valueLen < fair) {
+ /* just truncate the name */
+ maxName = (sizeof tmpBuf) - (valueLen + 5); /* for "=...\0" */
+ } else {
+ /* truncate both */
+ maxName = maxValue = fair - 3; /* for "..." */
+ }
+ if (nameLen > maxName) {
+ PORT_Assert(unknownTag && unknownTag == tagName);
+ truncateName = PR_TRUE;
+ nameLen = maxName;
+ }
+ encodedAVA = tmpBuf;
+ }
+
+ memcpy(encodedAVA, tagName, nameLen);
+ if (truncateName) {
+ /* If tag name is too long, we know it is an OID form that was
+ * allocated from the heap, so we can modify it in place
+ */
+ encodedAVA[nameLen - 1] = '.';
+ encodedAVA[nameLen - 2] = '.';
+ encodedAVA[nameLen - 3] = '.';
+ }
+ encodedAVA[nameLen++] = '=';
+ if (unknownTag)
+ PR_smprintf_free(unknownTag);
+
+ if (strict == CERT_N2A_READABLE && maxValue > maxBytes)
+ maxValue = maxBytes;
+ if (valueLen > maxValue) {
+ valueLen = maxValue;
+ truncateValue = PR_TRUE;
+ }
+ /* escape and quote as necessary - don't quote hex strings */
+ if (useHex) {
+ char* end = encodedAVA + nameLen + valueLen;
+ memcpy(encodedAVA + nameLen, (char*)avaValue->data, valueLen);
+ end[0] = '\0';
+ if (truncateValue) {
+ end[-1] = '.';
+ end[-2] = '.';
+ end[-3] = '.';
+ }
+ rv = SECSuccess;
+ } else if (!truncateValue) {
+ rv = escapeAndQuote(encodedAVA + nameLen, len - nameLen,
+ (char*)avaValue->data, avaValue->len, &mode);
+ } else {
+ /* must truncate the escaped and quoted value */
+ char bigTmpBuf[TMPBUF_LEN * 3 + 3];
+ PORT_Assert(valueLen < sizeof tmpBuf);
+ rv = escapeAndQuote(bigTmpBuf, sizeof bigTmpBuf, (char*)avaValue->data,
+ PR_MIN(avaValue->len, valueLen), &mode);
+
+ bigTmpBuf[valueLen--] = '\0'; /* hard stop here */
+ /* See if we're in the middle of a multi-byte UTF8 character */
+ while (((bigTmpBuf[valueLen] & 0xc0) == 0x80) && valueLen > 0) {
+ bigTmpBuf[valueLen--] = '\0';
+ }
+ /* add ellipsis to signify truncation. */
+ bigTmpBuf[++valueLen] = '.';
+ bigTmpBuf[++valueLen] = '.';
+ bigTmpBuf[++valueLen] = '.';
+ if (bigTmpBuf[0] == '"')
+ bigTmpBuf[++valueLen] = '"';
+ bigTmpBuf[++valueLen] = '\0';
+ PORT_Assert(nameLen + valueLen <= (sizeof tmpBuf) - 1);
+ memcpy(encodedAVA + nameLen, bigTmpBuf, valueLen + 1);
+ }
+
+ SECITEM_FreeItem(avaValue, PR_TRUE);
+ if (rv == SECSuccess)
+ rv = AppendStr(bufp, encodedAVA);
+ if (encodedAVA != tmpBuf)
+ PORT_Free(encodedAVA);
+ return rv;
+}
+
+#undef tagName
+#undef maxBytes
+#undef tag
+#undef vt
+
+char*
+CERT_NameToAsciiInvertible(CERTName* name, CertStrictnessLevel strict)
+{
+ CERTRDN** rdns;
+ CERTRDN** lastRdn;
+ CERTRDN** rdn;
+ PRBool first = PR_TRUE;
+ stringBuf strBuf = { NULL, 0, 0 };
+
+ rdns = name->rdns;
+ if (rdns == NULL) {
+ return NULL;
+ }
+
+ /* find last RDN */
+ lastRdn = rdns;
+ while (*lastRdn)
+ lastRdn++;
+ lastRdn--;
+
+ /*
+ * Loop over name contents in _reverse_ RDN order appending to string
+ */
+ for (rdn = lastRdn; rdn >= rdns; rdn--) {
+ CERTAVA** avas = (*rdn)->avas;
+ CERTAVA* ava;
+ PRBool newRDN = PR_TRUE;
+
+ /*
+ * XXX Do we need to traverse the AVAs in reverse order, too?
+ */
+ while (avas && (ava = *avas++) != NULL) {
+ SECStatus rv;
+ /* Put in comma or plus separator */
+ if (!first) {
+ /* Use of spaces is deprecated in RFC 2253. */
+ rv = AppendStr(&strBuf, newRDN ? "," : "+");
+ if (rv)
+ goto loser;
+ } else {
+ first = PR_FALSE;
+ }
+
+ /* Add in tag type plus value into strBuf */
+ rv = AppendAVA(&strBuf, ava, strict);
+ if (rv)
+ goto loser;
+ newRDN = PR_FALSE;
+ }
+ }
+ return strBuf.buffer;
+loser:
+ if (strBuf.buffer) {
+ PORT_Free(strBuf.buffer);
+ }
+ return NULL;
+}
+
+char*
+CERT_NameToAscii(CERTName* name)
+{
+ return CERT_NameToAsciiInvertible(name, CERT_N2A_READABLE);
+}
+
+/*
+ * Return the string representation of a DER encoded distinguished name
+ * "dername" - The DER encoded name to convert
+ */
+char*
+CERT_DerNameToAscii(SECItem* dername)
+{
+ int rv;
+ PLArenaPool* arena = NULL;
+ CERTName name;
+ char* retstr = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, &name, CERT_NameTemplate, dername);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ retstr = CERT_NameToAscii(&name);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (retstr);
+}
+
+static char*
+avaToString(PLArenaPool* arena, CERTAVA* ava)
+{
+ char* buf = NULL;
+ SECItem* avaValue;
+ int valueLen;
+
+ avaValue = CERT_DecodeAVAValue(&ava->value);
+ if (!avaValue) {
+ return buf;
+ }
+ valueLen =
+ cert_RFC1485_GetRequiredLen((char*)avaValue->data, avaValue->len, NULL) + 1;
+ if (arena) {
+ buf = (char*)PORT_ArenaZAlloc(arena, valueLen);
+ } else {
+ buf = (char*)PORT_ZAlloc(valueLen);
+ }
+ if (buf) {
+ SECStatus rv =
+ escapeAndQuote(buf, valueLen, (char*)avaValue->data, avaValue->len, NULL);
+ if (rv != SECSuccess) {
+ if (!arena)
+ PORT_Free(buf);
+ buf = NULL;
+ }
+ }
+ SECITEM_FreeItem(avaValue, PR_TRUE);
+ return buf;
+}
+
+/* RDNs are sorted from most general to most specific.
+ * This code returns the FIRST one found, the most general one found.
+ */
+static char*
+CERT_GetNameElement(PLArenaPool* arena, const CERTName* name, int wantedTag)
+{
+ CERTRDN** rdns = name->rdns;
+ CERTRDN* rdn;
+ CERTAVA* ava = NULL;
+
+ while (rdns && (rdn = *rdns++) != 0) {
+ CERTAVA** avas = rdn->avas;
+ while (avas && (ava = *avas++) != 0) {
+ int tag = CERT_GetAVATag(ava);
+ if (tag == wantedTag) {
+ avas = NULL;
+ rdns = NULL; /* break out of all loops */
+ }
+ }
+ }
+ return ava ? avaToString(arena, ava) : NULL;
+}
+
+/* RDNs are sorted from most general to most specific.
+ * This code returns the LAST one found, the most specific one found.
+ * This is particularly appropriate for Common Name. See RFC 2818.
+ */
+static char*
+CERT_GetLastNameElement(PLArenaPool* arena, const CERTName* name, int wantedTag)
+{
+ CERTRDN** rdns = name->rdns;
+ CERTRDN* rdn;
+ CERTAVA* lastAva = NULL;
+
+ while (rdns && (rdn = *rdns++) != 0) {
+ CERTAVA** avas = rdn->avas;
+ CERTAVA* ava;
+ while (avas && (ava = *avas++) != 0) {
+ int tag = CERT_GetAVATag(ava);
+ if (tag == wantedTag) {
+ lastAva = ava;
+ }
+ }
+ }
+ return lastAva ? avaToString(arena, lastAva) : NULL;
+}
+
+char*
+CERT_GetCertificateEmailAddress(CERTCertificate* cert)
+{
+ char* rawEmailAddr = NULL;
+ SECItem subAltName;
+ SECStatus rv;
+ CERTGeneralName* nameList = NULL;
+ CERTGeneralName* current;
+ PLArenaPool* arena = NULL;
+ int i;
+
+ subAltName.data = NULL;
+
+ rawEmailAddr = CERT_GetNameElement(cert->arena, &(cert->subject),
+ SEC_OID_PKCS9_EMAIL_ADDRESS);
+ if (rawEmailAddr == NULL) {
+ rawEmailAddr =
+ CERT_GetNameElement(cert->arena, &(cert->subject), SEC_OID_RFC1274_MAIL);
+ }
+ if (rawEmailAddr == NULL) {
+
+ rv =
+ CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, &subAltName);
+ if (rv != SECSuccess) {
+ goto finish;
+ }
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ goto finish;
+ }
+ nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName);
+ if (!nameList) {
+ goto finish;
+ }
+ if (nameList != NULL) {
+ do {
+ if (current->type == certDirectoryName) {
+ rawEmailAddr =
+ CERT_GetNameElement(cert->arena, &(current->name.directoryName),
+ SEC_OID_PKCS9_EMAIL_ADDRESS);
+ if (rawEmailAddr ==
+ NULL) {
+ rawEmailAddr =
+ CERT_GetNameElement(cert->arena, &(current->name.directoryName),
+ SEC_OID_RFC1274_MAIL);
+ }
+ } else if (current->type == certRFC822Name) {
+ rawEmailAddr =
+ (char*)PORT_ArenaZAlloc(cert->arena, current->name.other.len +
+ 1);
+ if (!rawEmailAddr) {
+ goto finish;
+ }
+ PORT_Memcpy(rawEmailAddr, current->name.other.data,
+ current->name.other.len);
+ rawEmailAddr[current->name.other.len] =
+ '\0';
+ }
+ if (rawEmailAddr) {
+ break;
+ }
+ current = CERT_GetNextGeneralName(current);
+ } while (current != nameList);
+ }
+ }
+ if (rawEmailAddr) {
+ for (i = 0; i <= (int)PORT_Strlen(rawEmailAddr); i++) {
+ rawEmailAddr[i] = tolower(rawEmailAddr[i]);
+ }
+ }
+
+finish:
+
+ /* Don't free nameList, it's part of the arena. */
+
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (subAltName.data) {
+ SECITEM_FreeItem(&subAltName, PR_FALSE);
+ }
+
+ return (rawEmailAddr);
+}
+
+static char*
+appendStringToBuf(char* dest, char* src, PRUint32* pRemaining)
+{
+ PRUint32 len;
+ if (dest && src && src[0] && *pRemaining > (len = PL_strlen(src))) {
+ PRUint32 i;
+ for (i = 0; i < len; ++i)
+ dest[i] = tolower(src[i]);
+ dest[len] = 0;
+ dest += len + 1;
+ *pRemaining -= len + 1;
+ }
+ return dest;
+}
+
+#undef NEEDS_HEX_ESCAPE
+#define NEEDS_HEX_ESCAPE(c) (c < 0x20)
+
+static char*
+appendItemToBuf(char* dest, SECItem* src, PRUint32* pRemaining)
+{
+ if (dest && src && src->data && src->len && src->data[0]) {
+ PRUint32 len = src->len;
+ PRUint32 i;
+ PRUint32 reqLen = len + 1;
+ /* are there any embedded control characters ? */
+ for (i = 0; i < len; i++) {
+ if (NEEDS_HEX_ESCAPE(src->data[i]))
+ reqLen += 2;
+ }
+ if (*pRemaining > reqLen) {
+ for (i = 0; i < len; ++i) {
+ PRUint8 c = src->data[i];
+ if (NEEDS_HEX_ESCAPE(c)) {
+ *dest++ =
+ C_BACKSLASH;
+ *dest++ =
+ hexChars[(c >> 4) & 0x0f];
+ *dest++ =
+ hexChars[c & 0x0f];
+ } else {
+ *dest++ =
+ tolower(c);
+ }
+ }
+ *dest++ = '\0';
+ *pRemaining -= reqLen;
+ }
+ }
+ return dest;
+}
+
+/* Returns a pointer to an environment-like string, a series of
+** null-terminated strings, terminated by a zero-length string.
+** This function is intended to be internal to NSS.
+*/
+char*
+cert_GetCertificateEmailAddresses(CERTCertificate* cert)
+{
+ char* rawEmailAddr = NULL;
+ char* addrBuf = NULL;
+ char* pBuf = NULL;
+ PORTCheapArenaPool tmpArena;
+ PRUint32 maxLen = 0;
+ PRInt32 finalLen = 0;
+ SECStatus rv;
+ SECItem subAltName;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ subAltName.data = NULL;
+ maxLen = cert->derCert.len;
+ PORT_Assert(maxLen);
+ if (!maxLen)
+ maxLen = 2000; /* a guess, should never happen */
+
+ pBuf = addrBuf = (char*)PORT_ArenaZAlloc(&tmpArena.arena, maxLen + 1);
+ if (!addrBuf)
+ goto loser;
+
+ rawEmailAddr = CERT_GetNameElement(&tmpArena.arena, &cert->subject,
+ SEC_OID_PKCS9_EMAIL_ADDRESS);
+ pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
+
+ rawEmailAddr = CERT_GetNameElement(&tmpArena.arena, &cert->subject,
+ SEC_OID_RFC1274_MAIL);
+ pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, &subAltName);
+ if (rv == SECSuccess && subAltName.data) {
+ CERTGeneralName* nameList = NULL;
+
+ if (!!(nameList = CERT_DecodeAltNameExtension(&tmpArena.arena, &subAltName))) {
+ CERTGeneralName* current = nameList;
+ do {
+ if (current->type == certDirectoryName) {
+ rawEmailAddr =
+ CERT_GetNameElement(&tmpArena.arena,
+ &current->name.directoryName,
+ SEC_OID_PKCS9_EMAIL_ADDRESS);
+ pBuf =
+ appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
+
+ rawEmailAddr =
+ CERT_GetNameElement(&tmpArena.arena,
+ &current->name.directoryName,
+ SEC_OID_RFC1274_MAIL);
+ pBuf =
+ appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
+ } else if (current->type == certRFC822Name) {
+ pBuf =
+ appendItemToBuf(pBuf, &current->name.other, &maxLen);
+ }
+ current = CERT_GetNextGeneralName(current);
+ } while (current != nameList);
+ }
+ SECITEM_FreeItem(&subAltName, PR_FALSE);
+ /* Don't free nameList, it's part of the tmpArena. */
+ }
+ /* now copy superstring to cert's arena */
+ finalLen = (pBuf - addrBuf) + 1;
+ pBuf = NULL;
+ if (finalLen > 1) {
+ pBuf = PORT_ArenaAlloc(cert->arena, finalLen);
+ if (pBuf) {
+ PORT_Memcpy(pBuf, addrBuf, finalLen);
+ }
+ }
+loser:
+ PORT_DestroyCheapArena(&tmpArena);
+
+ return pBuf;
+}
+
+/* returns pointer to storage in cert's arena. Storage remains valid
+** as long as cert's reference count doesn't go to zero.
+** Caller should strdup or otherwise copy.
+*/
+const char* /* const so caller won't muck with it. */
+ CERT_GetFirstEmailAddress(CERTCertificate* cert)
+{
+ if (cert && cert->emailAddr && cert->emailAddr[0])
+ return (const char*)cert->emailAddr;
+ return NULL;
+}
+
+/* returns pointer to storage in cert's arena. Storage remains valid
+** as long as cert's reference count doesn't go to zero.
+** Caller should strdup or otherwise copy.
+*/
+const char* /* const so caller won't muck with it. */
+ CERT_GetNextEmailAddress(CERTCertificate* cert, const char* prev)
+{
+ if (cert && prev && prev[0]) {
+ PRUint32 len = PL_strlen(prev);
+ prev += len + 1;
+ if (prev && prev[0])
+ return prev;
+ }
+ return NULL;
+}
+
+/* This is seriously bogus, now that certs store their email addresses in
+** subject Alternative Name extensions.
+** Returns a string allocated by PORT_StrDup, which the caller must free.
+*/
+char*
+CERT_GetCertEmailAddress(const CERTName* name)
+{
+ char* rawEmailAddr;
+ char* emailAddr;
+
+ rawEmailAddr = CERT_GetNameElement(NULL, name, SEC_OID_PKCS9_EMAIL_ADDRESS);
+ if (rawEmailAddr == NULL) {
+ rawEmailAddr = CERT_GetNameElement(NULL, name, SEC_OID_RFC1274_MAIL);
+ }
+ emailAddr = CERT_FixupEmailAddr(rawEmailAddr);
+ if (rawEmailAddr) {
+ PORT_Free(rawEmailAddr);
+ }
+ return (emailAddr);
+}
+
+/* The return value must be freed with PORT_Free. */
+char*
+CERT_GetCommonName(const CERTName* name)
+{
+ return (CERT_GetLastNameElement(NULL, name, SEC_OID_AVA_COMMON_NAME));
+}
+
+char*
+CERT_GetCountryName(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_AVA_COUNTRY_NAME));
+}
+
+char*
+CERT_GetLocalityName(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_AVA_LOCALITY));
+}
+
+char*
+CERT_GetStateName(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_AVA_STATE_OR_PROVINCE));
+}
+
+char*
+CERT_GetOrgName(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_AVA_ORGANIZATION_NAME));
+}
+
+char*
+CERT_GetDomainComponentName(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_AVA_DC));
+}
+
+char*
+CERT_GetOrgUnitName(const CERTName* name)
+{
+ return (
+ CERT_GetNameElement(NULL, name, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME));
+}
+
+char*
+CERT_GetDnQualifier(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_AVA_DN_QUALIFIER));
+}
+
+char*
+CERT_GetCertUid(const CERTName* name)
+{
+ return (CERT_GetNameElement(NULL, name, SEC_OID_RFC1274_UID));
+}
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h
new file mode 100644
index 000000000..e0af65ab0
--- /dev/null
+++ b/security/nss/lib/certdb/cert.h
@@ -0,0 +1,1584 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * cert.h - public data structures and prototypes for the certificate library
+ */
+
+#ifndef _CERT_H_
+#define _CERT_H_
+
+#include "utilrename.h"
+#include "plarena.h"
+#include "plhash.h"
+#include "prlong.h"
+#include "prlog.h"
+
+#include "seccomon.h"
+#include "secdert.h"
+#include "secoidt.h"
+#include "keyt.h"
+#include "certt.h"
+
+SEC_BEGIN_PROTOS
+
+/****************************************************************************
+ *
+ * RFC1485 ascii to/from X.? RelativeDistinguishedName (aka CERTName)
+ *
+ ****************************************************************************/
+
+/*
+** Convert an ascii RFC1485 encoded name into its CERTName equivalent.
+*/
+extern CERTName *CERT_AsciiToName(const char *string);
+
+/*
+** Convert an CERTName into its RFC1485 encoded equivalent.
+** Returns a string that must be freed with PORT_Free().
+** This version produces a string for maximum human readability,
+** not for strict RFC compliance.
+*/
+extern char *CERT_NameToAscii(CERTName *name);
+
+/*
+** Convert an CERTName into its RFC1485 encoded equivalent.
+** Returns a string that must be freed with PORT_Free().
+** Caller chooses encoding rules.
+*/
+extern char *CERT_NameToAsciiInvertible(CERTName *name,
+ CertStrictnessLevel strict);
+
+extern CERTAVA *CERT_CopyAVA(PLArenaPool *arena, CERTAVA *src);
+
+/* convert an OID to dotted-decimal representation */
+/* Returns a string that must be freed with PR_smprintf_free(). */
+extern char *CERT_GetOidString(const SECItem *oid);
+
+/*
+** Examine an AVA and return the tag that refers to it. The AVA tags are
+** defined as SEC_OID_AVA*.
+*/
+extern SECOidTag CERT_GetAVATag(CERTAVA *ava);
+
+/*
+** Compare two AVA's, returning the difference between them.
+*/
+extern SECComparison CERT_CompareAVA(const CERTAVA *a, const CERTAVA *b);
+
+/*
+** Create an RDN (relative-distinguished-name). The argument list is a
+** NULL terminated list of AVA's.
+*/
+extern CERTRDN *CERT_CreateRDN(PLArenaPool *arena, CERTAVA *avas, ...);
+
+/*
+** Make a copy of "src" storing it in "dest".
+*/
+extern SECStatus CERT_CopyRDN(PLArenaPool *arena, CERTRDN *dest, CERTRDN *src);
+
+/*
+** Add an AVA to an RDN.
+** "rdn" the RDN to add to
+** "ava" the AVA to add
+*/
+extern SECStatus CERT_AddAVA(PLArenaPool *arena, CERTRDN *rdn, CERTAVA *ava);
+
+/*
+** Compare two RDN's, returning the difference between them.
+*/
+extern SECComparison CERT_CompareRDN(const CERTRDN *a, const CERTRDN *b);
+
+/*
+** Create an X.500 style name using a NULL terminated list of RDN's.
+*/
+extern CERTName *CERT_CreateName(CERTRDN *rdn, ...);
+
+/*
+** Make a copy of "src" storing it in "dest". Memory is allocated in
+** "dest" for each of the appropriate sub objects. Memory is not freed in
+** "dest" before allocation is done (use CERT_DestroyName(dest, PR_FALSE) to
+** do that).
+*/
+extern SECStatus CERT_CopyName(PLArenaPool *arena, CERTName *dest,
+ const CERTName *src);
+
+/*
+** Destroy a Name object.
+** "name" the CERTName to destroy
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void CERT_DestroyName(CERTName *name);
+
+/*
+** Add an RDN to a name.
+** "name" the name to add the RDN to
+** "rdn" the RDN to add to name
+*/
+extern SECStatus CERT_AddRDN(CERTName *name, CERTRDN *rdn);
+
+/*
+** Compare two names, returning the difference between them.
+*/
+extern SECComparison CERT_CompareName(const CERTName *a, const CERTName *b);
+
+/*
+** Convert a CERTName into something readable
+*/
+extern char *CERT_FormatName(CERTName *name);
+
+/*
+** Convert a der-encoded integer to a hex printable string form.
+** Perhaps this should be a SEC function but it's only used for certs.
+*/
+extern char *CERT_Hexify(SECItem *i, int do_colon);
+
+/*
+** Converts DER string (with explicit length) into zString, if destination
+** buffer is big enough to receive it. Does quoting and/or escaping as
+** specified in RFC 1485. Input string must be single or multi-byte DER
+** character set, (ASCII, UTF8, or ISO 8851-x) not a wide character set.
+** Returns SECSuccess or SECFailure with error code set. If output buffer
+** is too small, sets error code SEC_ERROR_OUTPUT_LEN.
+*/
+extern SECStatus CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src,
+ int srclen);
+
+/******************************************************************************
+ *
+ * Certificate handling operations
+ *
+ *****************************************************************************/
+
+/*
+** Create a new validity object given two unix time values.
+** "notBefore" the time before which the validity is not valid
+** "notAfter" the time after which the validity is not valid
+*/
+extern CERTValidity *CERT_CreateValidity(PRTime notBefore, PRTime notAfter);
+
+/*
+** Destroy a validity object.
+** "v" the validity to destroy
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void CERT_DestroyValidity(CERTValidity *v);
+
+/*
+** Copy the "src" object to "dest". Memory is allocated in "dest" for
+** each of the appropriate sub-objects. Memory in "dest" is not freed
+** before memory is allocated (use CERT_DestroyValidity(v, PR_FALSE) to do
+** that).
+*/
+extern SECStatus CERT_CopyValidity(PLArenaPool *arena, CERTValidity *dest,
+ CERTValidity *src);
+
+/*
+** The cert lib considers a cert or CRL valid if the "notBefore" time is
+** in the not-too-distant future, e.g. within the next 24 hours. This
+** prevents freshly issued certificates from being considered invalid
+** because the local system's time zone is incorrectly set.
+** The amount of "pending slop time" is adjustable by the application.
+** Units of SlopTime are seconds. Default is 86400 (24 hours).
+** Negative SlopTime values are not allowed.
+*/
+PRInt32 CERT_GetSlopTime(void);
+
+SECStatus CERT_SetSlopTime(PRInt32 slop);
+
+/*
+** Create a new certificate object. The result must be wrapped with an
+** CERTSignedData to create a signed certificate.
+** "serialNumber" the serial number
+** "issuer" the name of the certificate issuer
+** "validity" the validity period of the certificate
+** "req" the certificate request that prompted the certificate issuance
+*/
+extern CERTCertificate *CERT_CreateCertificate(unsigned long serialNumber,
+ CERTName *issuer,
+ CERTValidity *validity,
+ CERTCertificateRequest *req);
+
+/*
+** Destroy a certificate object
+** "cert" the certificate to destroy
+** NOTE: certificate's are reference counted. This call decrements the
+** reference count, and if the result is zero, then the object is destroyed
+** and optionally freed.
+*/
+extern void CERT_DestroyCertificate(CERTCertificate *cert);
+
+/*
+** Make a shallow copy of a certificate "c". Just increments the
+** reference count on "c".
+*/
+extern CERTCertificate *CERT_DupCertificate(CERTCertificate *c);
+
+/*
+** Create a new certificate request. This result must be wrapped with an
+** CERTSignedData to create a signed certificate request.
+** "name" the subject name (who the certificate request is from)
+** "spki" describes/defines the public key the certificate is for
+** "attributes" if non-zero, some optional attribute data
+*/
+extern CERTCertificateRequest *CERT_CreateCertificateRequest(
+ CERTName *name, CERTSubjectPublicKeyInfo *spki, SECItem **attributes);
+
+/*
+** Destroy a certificate-request object
+** "r" the certificate-request to destroy
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void CERT_DestroyCertificateRequest(CERTCertificateRequest *r);
+
+/*
+** Start adding extensions to a certificate request.
+*/
+void *CERT_StartCertificateRequestAttributes(CERTCertificateRequest *req);
+
+/*
+** Reformat the certificate extension list into a CertificateRequest
+** attribute list.
+*/
+SECStatus CERT_FinishCertificateRequestAttributes(CERTCertificateRequest *req);
+
+/*
+** Extract the Extension Requests from a DER CertRequest attribute list.
+*/
+SECStatus CERT_GetCertificateRequestExtensions(CERTCertificateRequest *req,
+ CERTCertExtension ***exts);
+
+/*
+** Extract a public key object from a certificate
+*/
+extern SECKEYPublicKey *CERT_ExtractPublicKey(CERTCertificate *cert);
+
+/*
+** Retrieve the Key Type associated with the cert we're dealing with
+*/
+
+extern KeyType CERT_GetCertKeyType(const CERTSubjectPublicKeyInfo *spki);
+
+/*
+** Initialize the certificate database. This is called to create
+** the initial list of certificates in the database.
+*/
+extern SECStatus CERT_InitCertDB(CERTCertDBHandle *handle);
+
+extern int CERT_GetDBContentVersion(CERTCertDBHandle *handle);
+
+/*
+** Default certificate database routines
+*/
+extern void CERT_SetDefaultCertDB(CERTCertDBHandle *handle);
+
+extern CERTCertDBHandle *CERT_GetDefaultCertDB(void);
+
+extern CERTCertList *CERT_GetCertChainFromCert(CERTCertificate *cert,
+ PRTime time, SECCertUsage usage);
+extern CERTCertificate *CERT_NewTempCertificate(CERTCertDBHandle *handle,
+ SECItem *derCert,
+ char *nickname, PRBool isperm,
+ PRBool copyDER);
+
+/******************************************************************************
+ *
+ * X.500 Name handling operations
+ *
+ *****************************************************************************/
+
+/*
+** Create an AVA (attribute-value-assertion)
+** "arena" the memory arena to alloc from
+** "kind" is one of SEC_OID_AVA_*
+** "valueType" is one of DER_PRINTABLE_STRING, DER_IA5_STRING, or
+** DER_T61_STRING
+** "value" is the null terminated string containing the value
+*/
+extern CERTAVA *CERT_CreateAVA(PLArenaPool *arena, SECOidTag kind,
+ int valueType, char *value);
+
+/*
+** Extract the Distinguished Name from a DER encoded certificate
+** "derCert" is the DER encoded certificate
+** "derName" is the SECItem that the name is returned in
+*/
+extern SECStatus CERT_NameFromDERCert(SECItem *derCert, SECItem *derName);
+
+/*
+** Extract the Issuers Distinguished Name from a DER encoded certificate
+** "derCert" is the DER encoded certificate
+** "derName" is the SECItem that the name is returned in
+*/
+extern SECStatus CERT_IssuerNameFromDERCert(SECItem *derCert, SECItem *derName);
+
+extern SECItem *CERT_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest,
+ PLArenaPool *arena);
+
+extern CERTGeneralName *CERT_DecodeGeneralName(PLArenaPool *reqArena,
+ SECItem *encodedName,
+ CERTGeneralName *genName);
+
+/*
+** Generate a database search key for a certificate, based on the
+** issuer and serial number.
+** "arena" the memory arena to alloc from
+** "derCert" the DER encoded certificate
+** "key" the returned key
+*/
+extern SECStatus CERT_KeyFromDERCert(PLArenaPool *reqArena, SECItem *derCert,
+ SECItem *key);
+
+extern SECStatus CERT_KeyFromIssuerAndSN(PLArenaPool *arena, SECItem *issuer,
+ SECItem *sn, SECItem *key);
+
+extern SECStatus CERT_SerialNumberFromDERCert(SECItem *derCert,
+ SECItem *derName);
+
+/*
+** Generate a database search key for a crl, based on the
+** issuer.
+** "arena" the memory arena to alloc from
+** "derCrl" the DER encoded crl
+** "key" the returned key
+*/
+extern SECStatus CERT_KeyFromDERCrl(PLArenaPool *arena, SECItem *derCrl,
+ SECItem *key);
+
+/*
+** Open the certificate database. Use callback to get name of database.
+*/
+extern SECStatus CERT_OpenCertDB(CERTCertDBHandle *handle, PRBool readOnly,
+ CERTDBNameFunc namecb, void *cbarg);
+
+/* Open the certificate database. Use given filename for database. */
+extern SECStatus CERT_OpenCertDBFilename(CERTCertDBHandle *handle,
+ char *certdbname, PRBool readOnly);
+
+/*
+** Open and initialize a cert database that is entirely in memory. This
+** can be used when the permanent database can not be opened or created.
+*/
+extern SECStatus CERT_OpenVolatileCertDB(CERTCertDBHandle *handle);
+
+/*
+** Extract the list of host names, host name patters, IP address strings
+** this cert is valid for.
+** This function does NOT return nicknames.
+** Type CERTCertNicknames is being used because it's a convenient
+** data structure to carry a list of strings and its count.
+*/
+extern CERTCertNicknames *CERT_GetValidDNSPatternsFromCert(
+ CERTCertificate *cert);
+
+/*
+** Check the hostname to make sure that it matches the shexp that
+** is given in the common name of the certificate.
+*/
+extern SECStatus CERT_VerifyCertName(const CERTCertificate *cert,
+ const char *hostname);
+
+/*
+** Add a domain name to the list of names that the user has explicitly
+** allowed (despite cert name mismatches) for use with a server cert.
+*/
+extern SECStatus CERT_AddOKDomainName(CERTCertificate *cert,
+ const char *hostname);
+
+/*
+** Decode a DER encoded certificate into an CERTCertificate structure
+** "derSignedCert" is the DER encoded signed certificate
+** "copyDER" is true if the DER should be copied, false if the
+** existing copy should be referenced
+** "nickname" is the nickname to use in the database. If it is NULL
+** then a temporary nickname is generated.
+*/
+extern CERTCertificate *CERT_DecodeDERCertificate(SECItem *derSignedCert,
+ PRBool copyDER,
+ char *nickname);
+/*
+** Decode a DER encoded CRL into a CERTSignedCrl structure
+** "derSignedCrl" is the DER encoded signed CRL.
+** "type" must be SEC_CRL_TYPE.
+*/
+#define SEC_CRL_TYPE 1
+#define SEC_KRL_TYPE 0 /* deprecated */
+
+extern CERTSignedCrl *CERT_DecodeDERCrl(PLArenaPool *arena,
+ SECItem *derSignedCrl, int type);
+
+/*
+ * same as CERT_DecodeDERCrl, plus allow options to be passed in
+ */
+
+extern CERTSignedCrl *CERT_DecodeDERCrlWithFlags(PLArenaPool *narena,
+ SECItem *derSignedCrl,
+ int type, PRInt32 options);
+
+/* CRL options to pass */
+
+#define CRL_DECODE_DEFAULT_OPTIONS 0x00000000
+
+/* when CRL_DECODE_DONT_COPY_DER is set, the DER is not copied . The
+ application must then keep derSignedCrl until it destroys the
+ CRL . Ideally, it should allocate derSignedCrl in an arena
+ and pass that arena in as the first argument to
+ CERT_DecodeDERCrlWithFlags */
+
+#define CRL_DECODE_DONT_COPY_DER 0x00000001
+#define CRL_DECODE_SKIP_ENTRIES 0x00000002
+#define CRL_DECODE_KEEP_BAD_CRL 0x00000004
+#define CRL_DECODE_ADOPT_HEAP_DER 0x00000008
+
+/* complete the decoding of a partially decoded CRL, ie. decode the
+ entries. Note that entries is an optional field in a CRL, so the
+ "entries" pointer in CERTCrlStr may still be NULL even after
+ function returns SECSuccess */
+
+extern SECStatus CERT_CompleteCRLDecodeEntries(CERTSignedCrl *crl);
+
+/* Validate CRL then import it to the dbase. If there is already a CRL with the
+ * same CA in the dbase, it will be replaced if derCRL is more up to date.
+ * If the process successes, a CRL will be returned. Otherwise, a NULL will
+ * be returned. The caller should call PORT_GetError() for the exactly error
+ * code.
+ */
+extern CERTSignedCrl *CERT_ImportCRL(CERTCertDBHandle *handle, SECItem *derCRL,
+ char *url, int type, void *wincx);
+
+extern void CERT_DestroyCrl(CERTSignedCrl *crl);
+
+/* this is a hint to flush the CRL cache. crlKey is the DER subject of
+ the issuer (CA). */
+void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle *dbhandle, SECItem *crlKey);
+
+/* add the specified DER CRL object to the CRL cache. Doing so will allow
+ certificate verification functions (such as CERT_VerifyCertificate)
+ to automatically find and make use of this CRL object.
+ Once a CRL is added to the CRL cache, the application must hold on to
+ the object's memory, because the cache will reference it directly. The
+ application can only free the object after it calls CERT_UncacheCRL to
+ remove it from the CRL cache.
+*/
+SECStatus CERT_CacheCRL(CERTCertDBHandle *dbhandle, SECItem *newcrl);
+
+/* remove a previously added CRL object from the CRL cache. It is OK
+ for the application to free the memory after a successful removal
+*/
+SECStatus CERT_UncacheCRL(CERTCertDBHandle *dbhandle, SECItem *oldcrl);
+
+/*
+** Find a certificate in the database
+** "key" is the database key to look for
+*/
+extern CERTCertificate *CERT_FindCertByKey(CERTCertDBHandle *handle,
+ SECItem *key);
+
+/*
+** Find a certificate in the database by name
+** "name" is the distinguished name to look up
+*/
+extern CERTCertificate *CERT_FindCertByName(CERTCertDBHandle *handle,
+ SECItem *name);
+
+/*
+** Find a certificate in the database by name
+** "name" is the distinguished name to look up (in ascii)
+*/
+extern CERTCertificate *CERT_FindCertByNameString(CERTCertDBHandle *handle,
+ char *name);
+
+/*
+** Find a certificate in the database by name and keyid
+** "name" is the distinguished name to look up
+** "keyID" is the value of the subjectKeyID to match
+*/
+extern CERTCertificate *CERT_FindCertByKeyID(CERTCertDBHandle *handle,
+ SECItem *name, SECItem *keyID);
+
+/*
+** Generate a certificate key from the issuer and serialnumber, then look it
+** up in the database. Return the cert if found.
+** "issuerAndSN" is the issuer and serial number to look for
+*/
+extern CERTCertificate *CERT_FindCertByIssuerAndSN(
+ CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN);
+
+/*
+** Find a certificate in the database by a subject key ID
+** "subjKeyID" is the subject Key ID to look for
+*/
+extern CERTCertificate *CERT_FindCertBySubjectKeyID(CERTCertDBHandle *handle,
+ SECItem *subjKeyID);
+
+/*
+** Encode Certificate SKID (Subject Key ID) extension.
+**
+*/
+extern SECStatus CERT_EncodeSubjectKeyID(PLArenaPool *arena,
+ const SECItem *srcString,
+ SECItem *encodedValue);
+
+/*
+** Find a certificate in the database by a nickname
+** "nickname" is the ascii string nickname to look for
+*/
+extern CERTCertificate *CERT_FindCertByNickname(CERTCertDBHandle *handle,
+ const char *nickname);
+
+/*
+** Find a certificate in the database by a DER encoded certificate
+** "derCert" is the DER encoded certificate
+*/
+extern CERTCertificate *CERT_FindCertByDERCert(CERTCertDBHandle *handle,
+ SECItem *derCert);
+
+/*
+** Find a certificate in the database by a email address
+** "emailAddr" is the email address to look up
+*/
+CERTCertificate *CERT_FindCertByEmailAddr(CERTCertDBHandle *handle,
+ char *emailAddr);
+
+/*
+** Find a certificate in the database by a email address or nickname
+** "name" is the email address or nickname to look up
+*/
+CERTCertificate *CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle,
+ const char *name);
+
+/*
+** Find a certificate in the database by a email address or nickname
+** and require it to have the given usage.
+** "name" is the email address or nickname to look up
+*/
+CERTCertificate *CERT_FindCertByNicknameOrEmailAddrForUsage(
+ CERTCertDBHandle *handle, const char *name, SECCertUsage lookingForUsage);
+
+/*
+** Find a certificate in the database by a digest of a subject public key
+** "spkDigest" is the digest to look up
+*/
+extern CERTCertificate *CERT_FindCertBySPKDigest(CERTCertDBHandle *handle,
+ SECItem *spkDigest);
+
+/*
+ * Find the issuer of a cert
+ */
+CERTCertificate *CERT_FindCertIssuer(CERTCertificate *cert, PRTime validTime,
+ SECCertUsage usage);
+
+/*
+** Check the validity times of a certificate vs. time 't', allowing
+** some slop for broken clocks and stuff.
+** "cert" is the certificate to be checked
+** "t" is the time to check against
+** "allowOverride" if true then check to see if the invalidity has
+** been overridden by the user.
+*/
+extern SECCertTimeValidity CERT_CheckCertValidTimes(const CERTCertificate *cert,
+ PRTime t,
+ PRBool allowOverride);
+
+/*
+** WARNING - this function is deprecated, and will either go away or have
+** a new API in the near future.
+**
+** Check the validity times of a certificate vs. the current time, allowing
+** some slop for broken clocks and stuff.
+** "cert" is the certificate to be checked
+*/
+extern SECStatus CERT_CertTimesValid(CERTCertificate *cert);
+
+/*
+** Extract the validity times from a certificate
+** "c" is the certificate
+** "notBefore" is the start of the validity period
+** "notAfter" is the end of the validity period
+*/
+extern SECStatus CERT_GetCertTimes(const CERTCertificate *c, PRTime *notBefore,
+ PRTime *notAfter);
+
+/*
+** Extract the issuer and serial number from a certificate
+*/
+extern CERTIssuerAndSN *CERT_GetCertIssuerAndSN(PLArenaPool *,
+ CERTCertificate *);
+
+/*
+** verify the signature of a signed data object with a given certificate
+** "sd" the signed data object to be verified
+** "cert" the certificate to use to check the signature
+*/
+extern SECStatus CERT_VerifySignedData(CERTSignedData *sd,
+ CERTCertificate *cert, PRTime t,
+ void *wincx);
+/*
+** verify the signature of a signed data object with the given DER publickey
+*/
+extern SECStatus CERT_VerifySignedDataWithPublicKeyInfo(
+ CERTSignedData *sd, CERTSubjectPublicKeyInfo *pubKeyInfo, void *wincx);
+
+/*
+** verify the signature of a signed data object with a SECKEYPublicKey.
+*/
+extern SECStatus CERT_VerifySignedDataWithPublicKey(const CERTSignedData *sd,
+ SECKEYPublicKey *pubKey,
+ void *wincx);
+
+/*
+** NEW FUNCTIONS with new bit-field-FIELD SECCertificateUsage - please use
+** verify a certificate by checking validity times against a certain time,
+** that we trust the issuer, and that the signature on the certificate is
+** valid.
+** "cert" the certificate to verify
+** "checkSig" only check signatures if true
+*/
+extern SECStatus CERT_VerifyCertificate(CERTCertDBHandle *handle,
+ CERTCertificate *cert, PRBool checkSig,
+ SECCertificateUsage requiredUsages,
+ PRTime t, void *wincx,
+ CERTVerifyLog *log,
+ SECCertificateUsage *returnedUsages);
+
+/* same as above, but uses current time */
+extern SECStatus CERT_VerifyCertificateNow(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRBool checkSig,
+ SECCertificateUsage requiredUsages,
+ void *wincx,
+ SECCertificateUsage *returnedUsages);
+
+/*
+** Verify that a CA cert can certify some (unspecified) leaf cert for a given
+** purpose. This is used by UI code to help identify where a chain may be
+** broken and why. This takes identical parameters to CERT_VerifyCert
+*/
+extern SECStatus CERT_VerifyCACertForUsage(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRBool checkSig,
+ SECCertUsage certUsage, PRTime t,
+ void *wincx, CERTVerifyLog *log);
+
+/*
+** OLD OBSOLETE FUNCTIONS with enum SECCertUsage - DO NOT USE FOR NEW CODE
+** verify a certificate by checking validity times against a certain time,
+** that we trust the issuer, and that the signature on the certificate is
+** valid.
+** "cert" the certificate to verify
+** "checkSig" only check signatures if true
+*/
+extern SECStatus CERT_VerifyCert(CERTCertDBHandle *handle,
+ CERTCertificate *cert, PRBool checkSig,
+ SECCertUsage certUsage, PRTime t, void *wincx,
+ CERTVerifyLog *log);
+
+/* same as above, but uses current time */
+extern SECStatus CERT_VerifyCertNow(CERTCertDBHandle *handle,
+ CERTCertificate *cert, PRBool checkSig,
+ SECCertUsage certUsage, void *wincx);
+
+SECStatus CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertUsage certUsage,
+ PRTime t, void *wincx, CERTVerifyLog *log);
+
+/*
+** Read a base64 ascii encoded DER certificate and convert it to our
+** internal format.
+** "certstr" is a null-terminated string containing the certificate
+*/
+extern CERTCertificate *CERT_ConvertAndDecodeCertificate(char *certstr);
+
+/*
+** Read a certificate in some foreign format, and convert it to our
+** internal format.
+** "certbuf" is the buffer containing the certificate
+** "certlen" is the length of the buffer
+** NOTE - currently supports netscape base64 ascii encoded raw certs
+** and netscape binary DER typed files.
+*/
+extern CERTCertificate *CERT_DecodeCertFromPackage(char *certbuf, int certlen);
+
+extern SECStatus CERT_ImportCAChain(SECItem *certs, int numcerts,
+ SECCertUsage certUsage);
+
+extern SECStatus CERT_ImportCAChainTrusted(SECItem *certs, int numcerts,
+ SECCertUsage certUsage);
+
+/*
+** Read a certificate chain in some foreign format, and pass it to a
+** callback function.
+** "certbuf" is the buffer containing the certificate
+** "certlen" is the length of the buffer
+** "f" is the callback function
+** "arg" is the callback argument
+*/
+typedef SECStatus(PR_CALLBACK *CERTImportCertificateFunc)(void *arg,
+ SECItem **certs,
+ int numcerts);
+
+extern SECStatus CERT_DecodeCertPackage(char *certbuf, int certlen,
+ CERTImportCertificateFunc f, void *arg);
+
+/*
+** Returns the value of an AVA. This was a formerly static
+** function that has been exposed due to the need to decode
+** and convert unicode strings to UTF8.
+**
+** XXX This function resides in certhtml.c, should it be
+** moved elsewhere?
+*/
+extern SECItem *CERT_DecodeAVAValue(const SECItem *derAVAValue);
+
+/*
+** extract various element strings from a distinguished name.
+** "name" the distinguished name
+*/
+
+extern char *CERT_GetCertificateEmailAddress(CERTCertificate *cert);
+
+extern char *CERT_GetCertEmailAddress(const CERTName *name);
+
+extern const char *CERT_GetFirstEmailAddress(CERTCertificate *cert);
+
+extern const char *CERT_GetNextEmailAddress(CERTCertificate *cert,
+ const char *prev);
+
+/* The return value must be freed with PORT_Free. */
+extern char *CERT_GetCommonName(const CERTName *name);
+
+extern char *CERT_GetCountryName(const CERTName *name);
+
+extern char *CERT_GetLocalityName(const CERTName *name);
+
+extern char *CERT_GetStateName(const CERTName *name);
+
+extern char *CERT_GetOrgName(const CERTName *name);
+
+extern char *CERT_GetOrgUnitName(const CERTName *name);
+
+extern char *CERT_GetDomainComponentName(const CERTName *name);
+
+extern char *CERT_GetCertUid(const CERTName *name);
+
+/* manipulate the trust parameters of a certificate */
+
+extern SECStatus CERT_GetCertTrust(const CERTCertificate *cert,
+ CERTCertTrust *trust);
+
+extern SECStatus CERT_ChangeCertTrust(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ CERTCertTrust *trust);
+
+extern SECStatus CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb,
+ CERTCertificate *cert,
+ SECCertUsage usage);
+
+/*************************************************************************
+ *
+ * manipulate the extensions of a certificate
+ *
+ ************************************************************************/
+
+/*
+** Set up a cert for adding X509v3 extensions. Returns an opaque handle
+** used by the next two routines.
+** "cert" is the certificate we are adding extensions to
+*/
+extern void *CERT_StartCertExtensions(CERTCertificate *cert);
+
+/*
+** Add an extension to a certificate.
+** "exthandle" is the handle returned by the previous function
+** "idtag" is the integer tag for the OID that should ID this extension
+** "value" is the value of the extension
+** "critical" is the critical extension flag
+** "copyData" is a flag indicating whether the value data should be
+** copied.
+*/
+extern SECStatus CERT_AddExtension(void *exthandle, int idtag, SECItem *value,
+ PRBool critical, PRBool copyData);
+
+extern SECStatus CERT_AddExtensionByOID(void *exthandle, SECItem *oid,
+ SECItem *value, PRBool critical,
+ PRBool copyData);
+
+extern SECStatus CERT_EncodeAndAddExtension(void *exthandle, int idtag,
+ void *value, PRBool critical,
+ const SEC_ASN1Template *atemplate);
+
+extern SECStatus CERT_EncodeAndAddBitStrExtension(void *exthandle, int idtag,
+ SECItem *value,
+ PRBool critical);
+
+extern SECStatus CERT_EncodeAltNameExtension(PLArenaPool *arena,
+ CERTGeneralName *value,
+ SECItem *encodedValue);
+
+/*
+** Finish adding cert extensions. Does final processing on extension
+** data, putting it in the right format, and freeing any temporary
+** storage.
+** "exthandle" is the handle used to add extensions to a certificate
+*/
+extern SECStatus CERT_FinishExtensions(void *exthandle);
+
+/*
+** Merge an external list of extensions into a cert's extension list, adding one
+** only when its OID matches none of the cert's existing extensions. Call this
+** immediately before calling CERT_FinishExtensions().
+*/
+SECStatus CERT_MergeExtensions(void *exthandle, CERTCertExtension **exts);
+
+/* If the extension is found, return its criticality and value.
+** This allocate storage for the returning extension value.
+*/
+extern SECStatus CERT_GetExtenCriticality(CERTCertExtension **extensions,
+ int tag, PRBool *isCritical);
+
+extern void CERT_DestroyOidSequence(CERTOidSequence *oidSeq);
+
+/****************************************************************************
+ *
+ * DER encode and decode extension values
+ *
+ ****************************************************************************/
+
+/* Encode the value of the basicConstraint extension.
+** arena - where to allocate memory for the encoded value.
+** value - extension value to encode
+** encodedValue - output encoded value
+*/
+extern SECStatus CERT_EncodeBasicConstraintValue(PLArenaPool *arena,
+ CERTBasicConstraints *value,
+ SECItem *encodedValue);
+
+/*
+** Encode the value of the authorityKeyIdentifier extension.
+*/
+extern SECStatus CERT_EncodeAuthKeyID(PLArenaPool *arena, CERTAuthKeyID *value,
+ SECItem *encodedValue);
+
+/*
+** Encode the value of the crlDistributionPoints extension.
+*/
+extern SECStatus CERT_EncodeCRLDistributionPoints(
+ PLArenaPool *arena, CERTCrlDistributionPoints *value, SECItem *derValue);
+
+/*
+** Decodes a DER encoded basicConstaint extension value into a readable format
+** value - decoded value
+** encodedValue - value to decoded
+*/
+extern SECStatus CERT_DecodeBasicConstraintValue(CERTBasicConstraints *value,
+ const SECItem *encodedValue);
+
+/* Decodes a DER encoded authorityKeyIdentifier extension value into a
+** readable format.
+** arena - where to allocate memory for the decoded value
+** encodedValue - value to be decoded
+** Returns a CERTAuthKeyID structure which contains the decoded value
+*/
+extern CERTAuthKeyID *CERT_DecodeAuthKeyID(PLArenaPool *arena,
+ const SECItem *encodedValue);
+
+/* Decodes a DER encoded crlDistributionPoints extension value into a
+** readable format.
+** arena - where to allocate memory for the decoded value
+** der - value to be decoded
+** Returns a CERTCrlDistributionPoints structure which contains the
+** decoded value
+*/
+extern CERTCrlDistributionPoints *CERT_DecodeCRLDistributionPoints(
+ PLArenaPool *arena, SECItem *der);
+
+/* Extract certain name type from a generalName */
+extern void *CERT_GetGeneralNameByType(CERTGeneralName *genNames,
+ CERTGeneralNameType type,
+ PRBool derFormat);
+
+extern CERTOidSequence *CERT_DecodeOidSequence(const SECItem *seqItem);
+
+/****************************************************************************
+ *
+ * Find extension values of a certificate
+ *
+ ***************************************************************************/
+
+extern SECStatus CERT_FindCertExtension(const CERTCertificate *cert, int tag,
+ SECItem *value);
+
+extern SECStatus CERT_FindNSCertTypeExtension(CERTCertificate *cert,
+ SECItem *value);
+
+extern char *CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag);
+
+extern SECStatus CERT_FindCertExtensionByOID(CERTCertificate *cert,
+ SECItem *oid, SECItem *value);
+
+/* Returns the decoded value of the authKeyID extension.
+** Note that this uses passed in the arena to allocate storage for the result
+*/
+extern CERTAuthKeyID *CERT_FindAuthKeyIDExten(PLArenaPool *arena,
+ CERTCertificate *cert);
+
+/* Returns the decoded value of the basicConstraint extension.
+ */
+extern SECStatus CERT_FindBasicConstraintExten(CERTCertificate *cert,
+ CERTBasicConstraints *value);
+
+/* Returns the decoded value of the crlDistributionPoints extension.
+** Note that the arena in cert is used to allocate storage for the result
+*/
+extern CERTCrlDistributionPoints *CERT_FindCRLDistributionPoints(
+ CERTCertificate *cert);
+
+/* Returns value of the keyUsage extension. This uses PR_Alloc to allocate
+** buffer for the decoded value. The caller should free up the storage
+** allocated in value->data.
+*/
+extern SECStatus CERT_FindKeyUsageExtension(CERTCertificate *cert,
+ SECItem *value);
+
+/* Return the decoded value of the subjectKeyID extension. The caller should
+** free up the storage allocated in retItem->data.
+*/
+extern SECStatus CERT_FindSubjectKeyIDExtension(CERTCertificate *cert,
+ SECItem *retItem);
+
+/*
+** If cert is a v3 certificate, and a critical keyUsage extension is included,
+** then check the usage against the extension value. If a non-critical
+** keyUsage extension is included, this will return SECSuccess without
+** checking, since the extension is an advisory field, not a restriction.
+** If cert is not a v3 certificate, this will return SECSuccess.
+** cert - certificate
+** usage - one of the x.509 v3 the Key Usage Extension flags
+*/
+extern SECStatus CERT_CheckCertUsage(CERTCertificate *cert,
+ unsigned char usage);
+
+/****************************************************************************
+ *
+ * CRL v2 Extensions supported routines
+ *
+ ****************************************************************************/
+
+extern SECStatus CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid,
+ SECItem *value);
+
+extern SECStatus CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value);
+
+extern SECStatus CERT_FindInvalidDateExten(CERTCrl *crl, PRTime *value);
+
+/*
+** Set up a crl for adding X509v3 extensions. Returns an opaque handle
+** used by routines that take an exthandle (void*) argument .
+** "crl" is the CRL we are adding extensions to
+*/
+extern void *CERT_StartCRLExtensions(CERTCrl *crl);
+
+/*
+** Set up a crl entry for adding X509v3 extensions. Returns an opaque handle
+** used by routines that take an exthandle (void*) argument .
+** "crl" is the crl we are adding certs entries to
+** "entry" is the crl entry we are adding extensions to
+*/
+extern void *CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry);
+
+extern CERTCertNicknames *CERT_GetCertNicknames(CERTCertDBHandle *handle,
+ int what, void *wincx);
+
+/*
+** Finds the crlNumber extension and decodes its value into 'value'
+*/
+extern SECStatus CERT_FindCRLNumberExten(PLArenaPool *arena, CERTCrl *crl,
+ SECItem *value);
+
+extern SECStatus CERT_FindCRLEntryReasonExten(CERTCrlEntry *crlEntry,
+ CERTCRLEntryReasonCode *value);
+
+extern void CERT_FreeNicknames(CERTCertNicknames *nicknames);
+
+extern PRBool CERT_CompareCerts(const CERTCertificate *c1,
+ const CERTCertificate *c2);
+
+extern PRBool CERT_CompareCertsForRedirection(CERTCertificate *c1,
+ CERTCertificate *c2);
+
+/*
+** Generate an array of the Distinguished Names that the given cert database
+** "trusts"
+*/
+extern CERTDistNames *CERT_GetSSLCACerts(CERTCertDBHandle *handle);
+
+extern void CERT_FreeDistNames(CERTDistNames *names);
+
+/* Duplicate distinguished name array */
+extern CERTDistNames *CERT_DupDistNames(CERTDistNames *orig);
+
+/*
+** Generate an array of Distinguished names from an array of nicknames
+*/
+extern CERTDistNames *CERT_DistNamesFromNicknames(CERTCertDBHandle *handle,
+ char **nicknames, int nnames);
+
+/*
+** Generate an array of Distinguished names from a list of certs.
+*/
+extern CERTDistNames *CERT_DistNamesFromCertList(CERTCertList *list);
+
+/*
+** Generate a certificate chain from a certificate.
+*/
+extern CERTCertificateList *CERT_CertChainFromCert(CERTCertificate *cert,
+ SECCertUsage usage,
+ PRBool includeRoot);
+
+extern CERTCertificateList *CERT_CertListFromCert(CERTCertificate *cert);
+
+extern CERTCertificateList *CERT_DupCertList(
+ const CERTCertificateList *oldList);
+
+extern void CERT_DestroyCertificateList(CERTCertificateList *list);
+
+/*
+** is cert a user cert? i.e. does it have CERTDB_USER trust,
+** i.e. a private key?
+*/
+PRBool CERT_IsUserCert(CERTCertificate *cert);
+
+/* is cert a newer than cert b? */
+PRBool CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb);
+
+/* currently a stub for address book */
+PRBool CERT_IsCertRevoked(CERTCertificate *cert);
+
+void CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts);
+
+/* convert an email address to lower case */
+char *CERT_FixupEmailAddr(const char *emailAddr);
+
+/* decode string representation of trust flags into trust struct */
+SECStatus CERT_DecodeTrustString(CERTCertTrust *trust, const char *trusts);
+
+/* encode trust struct into string representation of trust flags */
+char *CERT_EncodeTrustString(CERTCertTrust *trust);
+
+/* find the next or prev cert in a subject list */
+CERTCertificate *CERT_PrevSubjectCert(CERTCertificate *cert);
+CERTCertificate *CERT_NextSubjectCert(CERTCertificate *cert);
+
+/*
+ * import a collection of certs into the temporary or permanent cert
+ * database
+ */
+SECStatus CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
+ unsigned int ncerts, SECItem **derCerts,
+ CERTCertificate ***retCerts, PRBool keepCerts,
+ PRBool caOnly, char *nickname);
+
+char *CERT_MakeCANickname(CERTCertificate *cert);
+
+PRBool CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype);
+
+PRBool CERT_IsCADERCert(SECItem *derCert, unsigned int *rettype);
+
+PRBool CERT_IsRootDERCert(SECItem *derCert);
+
+SECStatus CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
+ SECItem *profileTime);
+
+/*
+ * find the smime symmetric capabilities profile for a given cert
+ */
+SECItem *CERT_FindSMimeProfile(CERTCertificate *cert);
+
+SECStatus CERT_AddNewCerts(CERTCertDBHandle *handle);
+
+CERTCertificatePolicies *CERT_DecodeCertificatePoliciesExtension(
+ const SECItem *extnValue);
+
+void CERT_DestroyCertificatePoliciesExtension(
+ CERTCertificatePolicies *policies);
+
+CERTCertificatePolicyMappings *CERT_DecodePolicyMappingsExtension(
+ SECItem *encodedCertPolicyMaps);
+
+SECStatus CERT_DestroyPolicyMappingsExtension(
+ CERTCertificatePolicyMappings *mappings);
+
+SECStatus CERT_DecodePolicyConstraintsExtension(
+ CERTCertificatePolicyConstraints *decodedValue,
+ const SECItem *encodedValue);
+
+SECStatus CERT_DecodeInhibitAnyExtension(
+ CERTCertificateInhibitAny *decodedValue, SECItem *extnValue);
+
+CERTUserNotice *CERT_DecodeUserNotice(SECItem *noticeItem);
+
+extern CERTGeneralName *CERT_DecodeAltNameExtension(PLArenaPool *reqArena,
+ SECItem *EncodedAltName);
+
+extern CERTNameConstraints *CERT_DecodeNameConstraintsExtension(
+ PLArenaPool *arena, const SECItem *encodedConstraints);
+
+/* returns addr of a NULL termainated array of pointers to CERTAuthInfoAccess */
+extern CERTAuthInfoAccess **CERT_DecodeAuthInfoAccessExtension(
+ PLArenaPool *reqArena, const SECItem *encodedExtension);
+
+extern CERTPrivKeyUsagePeriod *CERT_DecodePrivKeyUsagePeriodExtension(
+ PLArenaPool *arena, SECItem *extnValue);
+
+extern CERTGeneralName *CERT_GetNextGeneralName(CERTGeneralName *current);
+
+extern CERTGeneralName *CERT_GetPrevGeneralName(CERTGeneralName *current);
+
+/*
+ * Look up name constraints for some certs that do not include name constraints
+ * (Most importantly, root certificates)
+ *
+ * If a matching subject is found, |extensions| will be populated with a copy of
+ * the
+ * DER-encoded name constraints extension. The data in |extensions| will point
+ * to
+ * memory that the caller owns.
+ *
+ * There is no mechanism to configure imposed name constraints right now. All
+ * imposed name constraints are built into NSS.
+ */
+SECStatus CERT_GetImposedNameConstraints(const SECItem *derSubject,
+ SECItem *extensions);
+
+CERTNameConstraint *CERT_GetNextNameConstraint(CERTNameConstraint *current);
+
+CERTNameConstraint *CERT_GetPrevNameConstraint(CERTNameConstraint *current);
+
+void CERT_DestroyUserNotice(CERTUserNotice *userNotice);
+
+typedef char *(*CERTPolicyStringCallback)(char *org, unsigned long noticeNumber,
+ void *arg);
+void CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg);
+
+char *CERT_GetCertCommentString(CERTCertificate *cert);
+
+PRBool CERT_GovtApprovedBitSet(CERTCertificate *cert);
+
+SECStatus CERT_AddPermNickname(CERTCertificate *cert, char *nickname);
+
+CERTCertList *CERT_MatchUserCert(CERTCertDBHandle *handle, SECCertUsage usage,
+ int nCANames, char **caNames, void *proto_win);
+
+CERTCertList *CERT_NewCertList(void);
+
+/* free the cert list and all the certs in the list */
+void CERT_DestroyCertList(CERTCertList *certs);
+
+/* remove the node and free the cert */
+void CERT_RemoveCertListNode(CERTCertListNode *node);
+
+/* equivalent to CERT_AddCertToListTailWithData(certs, cert, NULL) */
+SECStatus CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert);
+
+/* equivalent to CERT_AddCertToListHeadWithData(certs, cert, NULL) */
+SECStatus CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert);
+
+/*
+ * The new cert list node takes ownership of "cert". "cert" is freed
+ * when the list node is removed.
+ */
+SECStatus CERT_AddCertToListTailWithData(CERTCertList *certs,
+ CERTCertificate *cert, void *appData);
+
+/*
+ * The new cert list node takes ownership of "cert". "cert" is freed
+ * when the list node is removed.
+ */
+SECStatus CERT_AddCertToListHeadWithData(CERTCertList *certs,
+ CERTCertificate *cert, void *appData);
+
+typedef PRBool (*CERTSortCallback)(CERTCertificate *certa,
+ CERTCertificate *certb, void *arg);
+SECStatus CERT_AddCertToListSorted(CERTCertList *certs, CERTCertificate *cert,
+ CERTSortCallback f, void *arg);
+
+/* callback for CERT_AddCertToListSorted that sorts based on validity
+ * period and a given time.
+ */
+PRBool CERT_SortCBValidity(CERTCertificate *certa, CERTCertificate *certb,
+ void *arg);
+
+SECStatus CERT_CheckForEvilCert(CERTCertificate *cert);
+
+CERTGeneralName *CERT_GetCertificateNames(CERTCertificate *cert,
+ PLArenaPool *arena);
+
+CERTGeneralName *CERT_GetConstrainedCertificateNames(
+ const CERTCertificate *cert, PLArenaPool *arena,
+ PRBool includeSubjectCommonName);
+
+/*
+ * Creates or adds to a list of all certs with a give subject name, sorted by
+ * validity time, newest first. Invalid certs are considered older than
+ * valid certs. If validOnly is set, do not include invalid certs on list.
+ */
+CERTCertList *CERT_CreateSubjectCertList(CERTCertList *certList,
+ CERTCertDBHandle *handle,
+ const SECItem *name, PRTime sorttime,
+ PRBool validOnly);
+
+/*
+ * remove certs from a list that don't have keyUsage and certType
+ * that match the given usage.
+ */
+SECStatus CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
+ PRBool ca);
+
+/*
+ * check the key usage of a cert against a set of required values
+ */
+SECStatus CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage);
+
+/*
+ * return required key usage and cert type based on cert usage
+ */
+SECStatus CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage, PRBool ca,
+ unsigned int *retKeyUsage,
+ unsigned int *retCertType);
+/*
+ * return required trust flags for various cert usages for CAs
+ */
+SECStatus CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
+ unsigned int *retFlags,
+ SECTrustType *retTrustType);
+
+/*
+ * Find all user certificates that match the given criteria.
+ *
+ * "handle" - database to search
+ * "usage" - certificate usage to match
+ * "oneCertPerName" - if set then only return the "best" cert per
+ * name
+ * "validOnly" - only return certs that are curently valid
+ * "proto_win" - window handle passed to pkcs11
+ */
+CERTCertList *CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
+ SECCertUsage usage,
+ PRBool oneCertPerName, PRBool validOnly,
+ void *proto_win);
+
+/*
+ * Find a user certificate that matchs the given criteria.
+ *
+ * "handle" - database to search
+ * "nickname" - nickname to match
+ * "usage" - certificate usage to match
+ * "validOnly" - only return certs that are curently valid
+ * "proto_win" - window handle passed to pkcs11
+ */
+CERTCertificate *CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
+ const char *nickname,
+ SECCertUsage usage, PRBool validOnly,
+ void *proto_win);
+
+/*
+ * Filter a list of certificates, removing those certs that do not have
+ * one of the named CA certs somewhere in their cert chain.
+ *
+ * "certList" - the list of certificates to filter
+ * "nCANames" - number of CA names
+ * "caNames" - array of CA names in string(rfc 1485) form
+ * "usage" - what use the certs are for, this is used when
+ * selecting CA certs
+ */
+SECStatus CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
+ char **caNames, SECCertUsage usage);
+
+/*
+ * Filter a list of certificates, removing those certs that aren't user certs
+ */
+SECStatus CERT_FilterCertListForUserCerts(CERTCertList *certList);
+
+/*
+ * Collect the nicknames from all certs in a CertList. If the cert is not
+ * valid, append a string to that nickname.
+ *
+ * "certList" - the list of certificates
+ * "expiredString" - the string to append to the nickname of any expired cert
+ * "notYetGoodString" - the string to append to the nickname of any cert
+ * that is not yet valid
+ */
+CERTCertNicknames *CERT_NicknameStringsFromCertList(CERTCertList *certList,
+ char *expiredString,
+ char *notYetGoodString);
+
+/*
+ * Extract the nickname from a nickmake string that may have either
+ * expiredString or notYetGoodString appended.
+ *
+ * Args:
+ * "namestring" - the string containing the nickname, and possibly
+ * one of the validity label strings
+ * "expiredString" - the expired validity label string
+ * "notYetGoodString" - the not yet good validity label string
+ *
+ * Returns the raw nickname
+ */
+char *CERT_ExtractNicknameString(char *namestring, char *expiredString,
+ char *notYetGoodString);
+
+/*
+ * Given a certificate, return a string containing the nickname, and possibly
+ * one of the validity strings, based on the current validity state of the
+ * certificate.
+ *
+ * "arena" - arena to allocate returned string from. If NULL, then heap
+ * is used.
+ * "cert" - the cert to get nickname from
+ * "expiredString" - the string to append to the nickname if the cert is
+ * expired.
+ * "notYetGoodString" - the string to append to the nickname if the cert is
+ * not yet good.
+ */
+char *CERT_GetCertNicknameWithValidity(PLArenaPool *arena,
+ CERTCertificate *cert,
+ char *expiredString,
+ char *notYetGoodString);
+
+/*
+ * Return the string representation of a DER encoded distinguished name
+ * "dername" - The DER encoded name to convert
+ */
+char *CERT_DerNameToAscii(SECItem *dername);
+
+/*
+ * Supported usage values and types:
+ * certUsageSSLClient
+ * certUsageSSLServer
+ * certUsageSSLServerWithStepUp
+ * certUsageEmailSigner
+ * certUsageEmailRecipient
+ * certUsageObjectSigner
+ */
+
+CERTCertificate *CERT_FindMatchingCert(CERTCertDBHandle *handle,
+ SECItem *derName, CERTCertOwner owner,
+ SECCertUsage usage, PRBool preferTrusted,
+ PRTime validTime, PRBool validOnly);
+
+/*
+ * Acquire the global lock on the cert database.
+ * This lock is currently used for the following operations:
+ * adding or deleting a cert to either the temp or perm databases
+ * converting a temp to perm or perm to temp
+ * changing(maybe just adding?) the trust of a cert
+ * adjusting the reference count of a cert
+ */
+void CERT_LockDB(CERTCertDBHandle *handle);
+
+/*
+ * Free the global cert database lock.
+ */
+void CERT_UnlockDB(CERTCertDBHandle *handle);
+
+/*
+ * Get the certificate status checking configuratino data for
+ * the certificate database
+ */
+CERTStatusConfig *CERT_GetStatusConfig(CERTCertDBHandle *handle);
+
+/*
+ * Set the certificate status checking information for the
+ * database. The input structure becomes part of the certificate
+ * database and will be freed by calling the 'Destroy' function in
+ * the configuration object.
+ */
+void CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *config);
+
+/*
+ * Acquire the cert reference count lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+void CERT_LockCertRefCount(CERTCertificate *cert);
+
+/*
+ * Free the cert reference count lock
+ */
+void CERT_UnlockCertRefCount(CERTCertificate *cert);
+
+/*
+ * Acquire the cert trust lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+void CERT_LockCertTrust(const CERTCertificate *cert);
+
+/*
+ * Free the cert trust lock
+ */
+void CERT_UnlockCertTrust(const CERTCertificate *cert);
+
+/*
+ * Digest the cert's subject public key using the specified algorithm.
+ * NOTE: this digests the value of the BIT STRING subjectPublicKey (excluding
+ * the tag, length, and number of unused bits) rather than the whole
+ * subjectPublicKeyInfo field.
+ *
+ * The necessary storage for the digest data is allocated. If "fill" is
+ * non-null, the data is put there, otherwise a SECItem is allocated.
+ * Allocation from "arena" if it is non-null, heap otherwise. Any problem
+ * results in a NULL being returned (and an appropriate error set).
+ */
+extern SECItem *CERT_GetSubjectPublicKeyDigest(PLArenaPool *arena,
+ const CERTCertificate *cert,
+ SECOidTag digestAlg,
+ SECItem *fill);
+
+/*
+ * Digest the cert's subject name using the specified algorithm.
+ */
+extern SECItem *CERT_GetSubjectNameDigest(PLArenaPool *arena,
+ const CERTCertificate *cert,
+ SECOidTag digestAlg, SECItem *fill);
+
+SECStatus CERT_CheckCRL(CERTCertificate *cert, CERTCertificate *issuer,
+ const SECItem *dp, PRTime t, void *wincx);
+
+/*
+ * Add a CERTNameConstraint to the CERTNameConstraint list
+ */
+extern CERTNameConstraint *CERT_AddNameConstraint(
+ CERTNameConstraint *list, CERTNameConstraint *constraint);
+
+/*
+ * Allocate space and copy CERTNameConstraint from src to dest.
+ * Arena is used to allocate result(if dest eq NULL) and its members
+ * SECItem data.
+ */
+extern CERTNameConstraint *CERT_CopyNameConstraint(PLArenaPool *arena,
+ CERTNameConstraint *dest,
+ CERTNameConstraint *src);
+
+/*
+ * Verify name against all the constraints relevant to that type of
+ * the name.
+ */
+extern SECStatus CERT_CheckNameSpace(PLArenaPool *arena,
+ const CERTNameConstraints *constraints,
+ const CERTGeneralName *currentName);
+
+/*
+ * Extract and allocate the name constraints extension from the CA cert.
+ * If the certificate contains no name constraints extension, but
+ * CERT_GetImposedNameConstraints returns a name constraints extension
+ * for the subject of the certificate, then that extension will be returned.
+ */
+extern SECStatus CERT_FindNameConstraintsExten(
+ PLArenaPool *arena, CERTCertificate *cert,
+ CERTNameConstraints **constraints);
+
+/*
+ * Initialize a new GERTGeneralName fields (link)
+ */
+extern CERTGeneralName *CERT_NewGeneralName(PLArenaPool *arena,
+ CERTGeneralNameType type);
+
+/*
+ * Lookup a CERTGeneralNameType constant by its human readable string.
+ */
+extern CERTGeneralNameType CERT_GetGeneralNameTypeFromString(
+ const char *string);
+
+/*
+ * PKIX extension encoding routines
+ */
+extern SECStatus CERT_EncodePolicyConstraintsExtension(
+ PLArenaPool *arena, CERTCertificatePolicyConstraints *constr,
+ SECItem *dest);
+extern SECStatus CERT_EncodeInhibitAnyExtension(
+ PLArenaPool *arena, CERTCertificateInhibitAny *inhibitAny, SECItem *dest);
+extern SECStatus CERT_EncodePolicyMappingExtension(
+ PLArenaPool *arena, CERTCertificatePolicyMappings *maps, SECItem *dest);
+
+extern SECStatus CERT_EncodeInfoAccessExtension(PLArenaPool *arena,
+ CERTAuthInfoAccess **info,
+ SECItem *dest);
+extern SECStatus CERT_EncodeUserNotice(PLArenaPool *arena,
+ CERTUserNotice *notice, SECItem *dest);
+
+extern SECStatus CERT_EncodeDisplayText(PLArenaPool *arena, SECItem *text,
+ SECItem *dest);
+
+extern SECStatus CERT_EncodeCertPoliciesExtension(PLArenaPool *arena,
+ CERTPolicyInfo **info,
+ SECItem *dest);
+extern SECStatus CERT_EncodeNoticeReference(PLArenaPool *arena,
+ CERTNoticeReference *reference,
+ SECItem *dest);
+
+/*
+ * Returns a pointer to a static structure.
+ */
+extern const CERTRevocationFlags *CERT_GetPKIXVerifyNistRevocationPolicy(void);
+
+/*
+ * Returns a pointer to a static structure.
+ */
+extern const CERTRevocationFlags *CERT_GetClassicOCSPEnabledSoftFailurePolicy(
+ void);
+
+/*
+ * Returns a pointer to a static structure.
+ */
+extern const CERTRevocationFlags *CERT_GetClassicOCSPEnabledHardFailurePolicy(
+ void);
+
+/*
+ * Returns a pointer to a static structure.
+ */
+extern const CERTRevocationFlags *CERT_GetClassicOCSPDisabledPolicy(void);
+
+/*
+ * Verify a Cert with libpkix
+ * paramsIn control the verification options. If a value isn't specified
+ * in paramsIn, it reverts to the application default.
+ * paramsOut specifies the parameters the caller would like to get back.
+ * the caller may pass NULL, in which case no parameters are returned.
+ */
+extern SECStatus CERT_PKIXVerifyCert(CERTCertificate *cert,
+ SECCertificateUsage usages,
+ CERTValInParam *paramsIn,
+ CERTValOutParam *paramsOut, void *wincx);
+
+/* Makes old cert validation APIs(CERT_VerifyCert, CERT_VerifyCertificate)
+ * to use libpkix validation engine. The function should be called ones at
+ * application initialization time.
+ * Function is not thread safe.*/
+extern SECStatus CERT_SetUsePKIXForValidation(PRBool enable);
+
+/* The function return PR_TRUE if cert validation should use
+ * libpkix cert validation engine. */
+extern PRBool CERT_GetUsePKIXForValidation(void);
+
+/*
+ * Allocate a parameter container of type CERTRevocationFlags,
+ * and allocate the inner arrays of the given sizes.
+ * To cleanup call CERT_DestroyCERTRevocationFlags.
+ */
+extern CERTRevocationFlags *CERT_AllocCERTRevocationFlags(
+ PRUint32 number_leaf_methods, PRUint32 number_leaf_pref_methods,
+ PRUint32 number_chain_methods, PRUint32 number_chain_pref_methods);
+
+/*
+ * Destroy the arrays inside flags,
+ * and destroy the object pointed to by flags, too.
+ */
+extern void CERT_DestroyCERTRevocationFlags(CERTRevocationFlags *flags);
+
+SEC_END_PROTOS
+
+#endif /* _CERT_H_ */
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
new file mode 100644
index 000000000..d37334d73
--- /dev/null
+++ b/security/nss/lib/certdb/certdb.c
@@ -0,0 +1,3231 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Certificate handling code
+ */
+
+#include "nssilock.h"
+#include "prmon.h"
+#include "prtime.h"
+#include "cert.h"
+#include "certi.h"
+#include "secder.h"
+#include "secoid.h"
+#include "secasn1.h"
+#include "genname.h"
+#include "keyhi.h"
+#include "secitem.h"
+#include "certdb.h"
+#include "prprf.h"
+#include "sechash.h"
+#include "prlong.h"
+#include "certxutl.h"
+#include "portreg.h"
+#include "secerr.h"
+#include "sslerr.h"
+#include "pk11func.h"
+#include "xconst.h" /* for CERT_DecodeAltNameExtension */
+
+#include "pki.h"
+#include "pki3hack.h"
+
+SEC_ASN1_MKSUB(CERT_TimeChoiceTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_BitStringTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_SkipTemplate)
+
+/*
+ * Certificate database handling code
+ */
+
+const SEC_ASN1Template CERT_CertExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertExtension) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTCertExtension, id) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
+ offsetof(CERTCertExtension, critical) },
+ { SEC_ASN1_OCTET_STRING, offsetof(CERTCertExtension, value) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, CERT_CertExtensionTemplate }
+};
+
+const SEC_ASN1Template CERT_TimeChoiceTemplate[] = {
+ { SEC_ASN1_CHOICE, offsetof(SECItem, type), 0, sizeof(SECItem) },
+ { SEC_ASN1_UTC_TIME, 0, 0, siUTCTime },
+ { SEC_ASN1_GENERALIZED_TIME, 0, 0, siGeneralizedTime },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_ValidityTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTValidity) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTValidity, notBefore),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate), 0 },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTValidity, notAfter),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate), 0 },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_CertificateTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertificate) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, /* XXX DER_DEFAULT */
+ offsetof(CERTCertificate, version),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_INTEGER, offsetof(CERTCertificate, serialNumber) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTCertificate, signature),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_SAVE, offsetof(CERTCertificate, derIssuer) },
+ { SEC_ASN1_INLINE, offsetof(CERTCertificate, issuer), CERT_NameTemplate },
+ { SEC_ASN1_INLINE, offsetof(CERTCertificate, validity),
+ CERT_ValidityTemplate },
+ { SEC_ASN1_SAVE, offsetof(CERTCertificate, derSubject) },
+ { SEC_ASN1_INLINE, offsetof(CERTCertificate, subject), CERT_NameTemplate },
+ { SEC_ASN1_SAVE, offsetof(CERTCertificate, derPublicKey) },
+ { SEC_ASN1_INLINE, offsetof(CERTCertificate, subjectPublicKeyInfo),
+ CERT_SubjectPublicKeyInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(CERTCertificate, issuerID),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ offsetof(CERTCertificate, subjectID),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 3,
+ offsetof(CERTCertificate, extensions),
+ CERT_SequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template SEC_SignedCertificateTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertificate) },
+ { SEC_ASN1_SAVE, offsetof(CERTCertificate, signatureWrap.data) },
+ { SEC_ASN1_INLINE, 0, CERT_CertificateTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTCertificate, signatureWrap.signatureAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING, offsetof(CERTCertificate, signatureWrap.signature) },
+ { 0 }
+};
+
+/*
+ * Find the subjectName in a DER encoded certificate
+ */
+const SEC_ASN1Template SEC_CertSubjectTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECItem) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ 0, SEC_ASN1_SUB(SEC_SkipTemplate) }, /* version */
+ { SEC_ASN1_SKIP }, /* serial number */
+ { SEC_ASN1_SKIP }, /* signature algorithm */
+ { SEC_ASN1_SKIP }, /* issuer */
+ { SEC_ASN1_SKIP }, /* validity */
+ { SEC_ASN1_ANY, 0, NULL }, /* subject */
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+
+/*
+ * Find the issuerName in a DER encoded certificate
+ */
+const SEC_ASN1Template SEC_CertIssuerTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECItem) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ 0, SEC_ASN1_SUB(SEC_SkipTemplate) }, /* version */
+ { SEC_ASN1_SKIP }, /* serial number */
+ { SEC_ASN1_SKIP }, /* signature algorithm */
+ { SEC_ASN1_ANY, 0, NULL }, /* issuer */
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+/*
+ * Find the subjectName in a DER encoded certificate
+ */
+const SEC_ASN1Template SEC_CertSerialNumberTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECItem) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ 0, SEC_ASN1_SUB(SEC_SkipTemplate) }, /* version */
+ { SEC_ASN1_ANY, 0, NULL }, /* serial number */
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+
+/*
+ * Find the issuer and serialNumber in a DER encoded certificate.
+ * This data is used as the database lookup key since its the unique
+ * identifier of a certificate.
+ */
+const SEC_ASN1Template CERT_CertKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertKey) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ 0, SEC_ASN1_SUB(SEC_SkipTemplate) }, /* version */
+ { SEC_ASN1_INTEGER, offsetof(CERTCertKey, serialNumber) },
+ { SEC_ASN1_SKIP }, /* signature algorithm */
+ { SEC_ASN1_ANY, offsetof(CERTCertKey, derIssuer) },
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_TimeChoiceTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SignedCertificateTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SequenceOfCertExtensionTemplate)
+
+SECStatus
+CERT_KeyFromIssuerAndSN(PLArenaPool *arena, SECItem *issuer, SECItem *sn,
+ SECItem *key)
+{
+ key->len = sn->len + issuer->len;
+
+ if ((sn->data == NULL) || (issuer->data == NULL)) {
+ goto loser;
+ }
+
+ key->data = (unsigned char *)PORT_ArenaAlloc(arena, key->len);
+ if (!key->data) {
+ goto loser;
+ }
+
+ /* copy the serialNumber */
+ PORT_Memcpy(key->data, sn->data, sn->len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Extract the subject name from a DER certificate
+ */
+SECStatus
+CERT_NameFromDERCert(SECItem *derCert, SECItem *derName)
+{
+ int rv;
+ PLArenaPool *arena;
+ CERTSignedData sd;
+ void *tmpptr;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ return (SECFailure);
+ }
+
+ PORT_Memset(&sd, 0, sizeof(CERTSignedData));
+ rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
+
+ if (rv) {
+ goto loser;
+ }
+
+ PORT_Memset(derName, 0, sizeof(SECItem));
+ rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertSubjectTemplate,
+ &sd.data);
+
+ if (rv) {
+ goto loser;
+ }
+
+ tmpptr = derName->data;
+ derName->data = (unsigned char *)PORT_Alloc(derName->len);
+ if (derName->data == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(derName->data, tmpptr, derName->len);
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (SECFailure);
+}
+
+SECStatus
+CERT_IssuerNameFromDERCert(SECItem *derCert, SECItem *derName)
+{
+ int rv;
+ PORTCheapArenaPool tmpArena;
+ CERTSignedData sd;
+ void *tmpptr;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ PORT_Memset(&sd, 0, sizeof(CERTSignedData));
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &sd, CERT_SignedDataTemplate,
+ derCert);
+ if (rv) {
+ goto loser;
+ }
+
+ PORT_Memset(derName, 0, sizeof(SECItem));
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, derName,
+ SEC_CertIssuerTemplate, &sd.data);
+ if (rv) {
+ goto loser;
+ }
+
+ tmpptr = derName->data;
+ derName->data = (unsigned char *)PORT_Alloc(derName->len);
+ if (derName->data == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(derName->data, tmpptr, derName->len);
+
+ PORT_DestroyCheapArena(&tmpArena);
+ return (SECSuccess);
+
+loser:
+ PORT_DestroyCheapArena(&tmpArena);
+ return (SECFailure);
+}
+
+SECStatus
+CERT_SerialNumberFromDERCert(SECItem *derCert, SECItem *derName)
+{
+ int rv;
+ PORTCheapArenaPool tmpArena;
+ CERTSignedData sd;
+ void *tmpptr;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ PORT_Memset(&sd, 0, sizeof(CERTSignedData));
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &sd, CERT_SignedDataTemplate,
+ derCert);
+ if (rv) {
+ goto loser;
+ }
+
+ PORT_Memset(derName, 0, sizeof(SECItem));
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, derName,
+ SEC_CertSerialNumberTemplate, &sd.data);
+ if (rv) {
+ goto loser;
+ }
+
+ tmpptr = derName->data;
+ derName->data = (unsigned char *)PORT_Alloc(derName->len);
+ if (derName->data == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(derName->data, tmpptr, derName->len);
+
+ PORT_DestroyCheapArena(&tmpArena);
+ return (SECSuccess);
+
+loser:
+ PORT_DestroyCheapArena(&tmpArena);
+ return (SECFailure);
+}
+
+/*
+ * Generate a database key, based on serial number and issuer, from a
+ * DER certificate.
+ */
+SECStatus
+CERT_KeyFromDERCert(PLArenaPool *reqArena, SECItem *derCert, SECItem *key)
+{
+ int rv;
+ CERTSignedData sd;
+ CERTCertKey certkey;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ PORT_Memset(&sd, 0, sizeof(CERTSignedData));
+ rv =
+ SEC_QuickDERDecodeItem(reqArena, &sd, CERT_SignedDataTemplate, derCert);
+
+ if (rv) {
+ goto loser;
+ }
+
+ PORT_Memset(&certkey, 0, sizeof(CERTCertKey));
+ rv = SEC_QuickDERDecodeItem(reqArena, &certkey, CERT_CertKeyTemplate,
+ &sd.data);
+
+ if (rv) {
+ goto loser;
+ }
+
+ return (CERT_KeyFromIssuerAndSN(reqArena, &certkey.derIssuer,
+ &certkey.serialNumber, key));
+loser:
+ return (SECFailure);
+}
+
+/*
+ * fill in keyUsage field of the cert based on the cert extension
+ * if the extension is not critical, then we allow all uses
+ */
+static SECStatus
+GetKeyUsage(CERTCertificate *cert)
+{
+ SECStatus rv;
+ SECItem tmpitem;
+
+ rv = CERT_FindKeyUsageExtension(cert, &tmpitem);
+ if (rv == SECSuccess) {
+ /* remember the actual value of the extension */
+ cert->rawKeyUsage = tmpitem.data[0];
+ cert->keyUsagePresent = PR_TRUE;
+ cert->keyUsage = tmpitem.data[0];
+
+ PORT_Free(tmpitem.data);
+ tmpitem.data = NULL;
+ } else {
+ /* if the extension is not present, then we allow all uses */
+ cert->keyUsage = KU_ALL;
+ cert->rawKeyUsage = KU_ALL;
+ cert->keyUsagePresent = PR_FALSE;
+ }
+
+ if (CERT_GovtApprovedBitSet(cert)) {
+ cert->keyUsage |= KU_NS_GOVT_APPROVED;
+ cert->rawKeyUsage |= KU_NS_GOVT_APPROVED;
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+findOIDinOIDSeqByTagNum(CERTOidSequence *seq, SECOidTag tagnum)
+{
+ SECItem **oids;
+ SECItem *oid;
+ SECStatus rv = SECFailure;
+
+ if (seq != NULL) {
+ oids = seq->oids;
+ while (oids != NULL && *oids != NULL) {
+ oid = *oids;
+ if (SECOID_FindOIDTag(oid) == tagnum) {
+ rv = SECSuccess;
+ break;
+ }
+ oids++;
+ }
+ }
+ return rv;
+}
+
+/*
+ * fill in nsCertType field of the cert based on the cert extension
+ */
+SECStatus
+cert_GetCertType(CERTCertificate *cert)
+{
+ PRUint32 nsCertType;
+
+ if (cert->nsCertType) {
+ /* once set, no need to recalculate */
+ return SECSuccess;
+ }
+ nsCertType = cert_ComputeCertType(cert);
+
+ /* Assert that it is safe to cast &cert->nsCertType to "PRInt32 *" */
+ PORT_Assert(sizeof(cert->nsCertType) == sizeof(PRInt32));
+ PR_ATOMIC_SET((PRInt32 *)&cert->nsCertType, nsCertType);
+ return SECSuccess;
+}
+
+PRUint32
+cert_ComputeCertType(CERTCertificate *cert)
+{
+ SECStatus rv;
+ SECItem tmpitem;
+ SECItem encodedExtKeyUsage;
+ CERTOidSequence *extKeyUsage = NULL;
+ PRBool basicConstraintPresent = PR_FALSE;
+ CERTBasicConstraints basicConstraint;
+ PRUint32 nsCertType = 0;
+
+ tmpitem.data = NULL;
+ CERT_FindNSCertTypeExtension(cert, &tmpitem);
+ encodedExtKeyUsage.data = NULL;
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE,
+ &encodedExtKeyUsage);
+ if (rv == SECSuccess) {
+ extKeyUsage = CERT_DecodeOidSequence(&encodedExtKeyUsage);
+ }
+ rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
+ if (rv == SECSuccess) {
+ basicConstraintPresent = PR_TRUE;
+ }
+ if (tmpitem.data != NULL || extKeyUsage != NULL) {
+ if (tmpitem.data == NULL) {
+ nsCertType = 0;
+ } else {
+ nsCertType = tmpitem.data[0];
+ }
+
+ /* free tmpitem data pointer to avoid memory leak */
+ PORT_Free(tmpitem.data);
+ tmpitem.data = NULL;
+
+ /*
+ * for this release, we will allow SSL certs with an email address
+ * to be used for email
+ */
+ if ((nsCertType & NS_CERT_TYPE_SSL_CLIENT) && cert->emailAddr &&
+ cert->emailAddr[0]) {
+ nsCertType |= NS_CERT_TYPE_EMAIL;
+ }
+ /*
+ * for this release, we will allow SSL intermediate CAs to be
+ * email intermediate CAs too.
+ */
+ if (nsCertType & NS_CERT_TYPE_SSL_CA) {
+ nsCertType |= NS_CERT_TYPE_EMAIL_CA;
+ }
+ /*
+ * allow a cert with the extended key usage of EMail Protect
+ * to be used for email or as an email CA, if basic constraints
+ * indicates that it is a CA.
+ */
+ if (findOIDinOIDSeqByTagNum(extKeyUsage,
+ SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT) ==
+ SECSuccess) {
+ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) {
+ nsCertType |= NS_CERT_TYPE_EMAIL_CA;
+ } else {
+ nsCertType |= NS_CERT_TYPE_EMAIL;
+ }
+ }
+ if (findOIDinOIDSeqByTagNum(
+ extKeyUsage, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH) == SECSuccess) {
+ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) {
+ nsCertType |= NS_CERT_TYPE_SSL_CA;
+ } else {
+ nsCertType |= NS_CERT_TYPE_SSL_SERVER;
+ }
+ }
+ /*
+ * Treat certs with step-up OID as also having SSL server type.
+ * COMODO needs this behaviour until June 2020. See Bug 737802.
+ */
+ if (findOIDinOIDSeqByTagNum(extKeyUsage,
+ SEC_OID_NS_KEY_USAGE_GOVT_APPROVED) ==
+ SECSuccess) {
+ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) {
+ nsCertType |= NS_CERT_TYPE_SSL_CA;
+ } else {
+ nsCertType |= NS_CERT_TYPE_SSL_SERVER;
+ }
+ }
+ if (findOIDinOIDSeqByTagNum(
+ extKeyUsage, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH) == SECSuccess) {
+ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) {
+ nsCertType |= NS_CERT_TYPE_SSL_CA;
+ } else {
+ nsCertType |= NS_CERT_TYPE_SSL_CLIENT;
+ }
+ }
+ if (findOIDinOIDSeqByTagNum(
+ extKeyUsage, SEC_OID_EXT_KEY_USAGE_CODE_SIGN) == SECSuccess) {
+ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) {
+ nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
+ } else {
+ nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING;
+ }
+ }
+ if (findOIDinOIDSeqByTagNum(
+ extKeyUsage, SEC_OID_EXT_KEY_USAGE_TIME_STAMP) == SECSuccess) {
+ nsCertType |= EXT_KEY_USAGE_TIME_STAMP;
+ }
+ if (findOIDinOIDSeqByTagNum(extKeyUsage, SEC_OID_OCSP_RESPONDER) ==
+ SECSuccess) {
+ nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
+ }
+ } else {
+ /* If no NS Cert Type extension and no EKU extension, then */
+ nsCertType = 0;
+ if (CERT_IsCACert(cert, &nsCertType))
+ nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
+ /* if the basic constraint extension says the cert is a CA, then
+ allow SSL CA and EMAIL CA and Status Responder */
+ if (basicConstraintPresent && basicConstraint.isCA) {
+ nsCertType |= (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA |
+ EXT_KEY_USAGE_STATUS_RESPONDER);
+ }
+ /* allow any ssl or email (no ca or object signing. */
+ nsCertType |= NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER |
+ NS_CERT_TYPE_EMAIL;
+ }
+
+ if (encodedExtKeyUsage.data != NULL) {
+ PORT_Free(encodedExtKeyUsage.data);
+ }
+ if (extKeyUsage != NULL) {
+ CERT_DestroyOidSequence(extKeyUsage);
+ }
+ return nsCertType;
+}
+
+/*
+ * cert_GetKeyID() - extract or generate the subjectKeyID from a certificate
+ */
+SECStatus
+cert_GetKeyID(CERTCertificate *cert)
+{
+ SECItem tmpitem;
+ SECStatus rv;
+
+ cert->subjectKeyID.len = 0;
+
+ /* see of the cert has a key identifier extension */
+ rv = CERT_FindSubjectKeyIDExtension(cert, &tmpitem);
+ if (rv == SECSuccess) {
+ cert->subjectKeyID.data =
+ (unsigned char *)PORT_ArenaAlloc(cert->arena, tmpitem.len);
+ if (cert->subjectKeyID.data != NULL) {
+ PORT_Memcpy(cert->subjectKeyID.data, tmpitem.data, tmpitem.len);
+ cert->subjectKeyID.len = tmpitem.len;
+ cert->keyIDGenerated = PR_FALSE;
+ }
+
+ PORT_Free(tmpitem.data);
+ }
+
+ /* if the cert doesn't have a key identifier extension, then generate one*/
+ if (cert->subjectKeyID.len == 0) {
+ /*
+ * pkix says that if the subjectKeyID is not present, then we should
+ * use the SHA-1 hash of the DER-encoded publicKeyInfo from the cert
+ */
+ cert->subjectKeyID.data =
+ (unsigned char *)PORT_ArenaAlloc(cert->arena, SHA1_LENGTH);
+ if (cert->subjectKeyID.data != NULL) {
+ rv = PK11_HashBuf(SEC_OID_SHA1, cert->subjectKeyID.data,
+ cert->derPublicKey.data, cert->derPublicKey.len);
+ if (rv == SECSuccess) {
+ cert->subjectKeyID.len = SHA1_LENGTH;
+ }
+ }
+ }
+
+ if (cert->subjectKeyID.len == 0) {
+ return (SECFailure);
+ }
+ return (SECSuccess);
+}
+
+static PRBool
+cert_IsRootCert(CERTCertificate *cert)
+{
+ SECStatus rv;
+ SECItem tmpitem;
+
+ /* cache the authKeyID extension, if present */
+ cert->authKeyID = CERT_FindAuthKeyIDExten(cert->arena, cert);
+
+ /* it MUST be self-issued to be a root */
+ if (cert->derIssuer.len == 0 ||
+ !SECITEM_ItemsAreEqual(&cert->derIssuer, &cert->derSubject)) {
+ return PR_FALSE;
+ }
+
+ /* check the authKeyID extension */
+ if (cert->authKeyID) {
+ /* authority key identifier is present */
+ if (cert->authKeyID->keyID.len > 0) {
+ /* the keyIdentifier field is set, look for subjectKeyID */
+ rv = CERT_FindSubjectKeyIDExtension(cert, &tmpitem);
+ if (rv == SECSuccess) {
+ PRBool match;
+ /* also present, they MUST match for it to be a root */
+ match =
+ SECITEM_ItemsAreEqual(&cert->authKeyID->keyID, &tmpitem);
+ PORT_Free(tmpitem.data);
+ if (!match)
+ return PR_FALSE; /* else fall through */
+ } else {
+ /* the subject key ID is required when AKI is present */
+ return PR_FALSE;
+ }
+ }
+ if (cert->authKeyID->authCertIssuer) {
+ SECItem *caName;
+ caName = (SECItem *)CERT_GetGeneralNameByType(
+ cert->authKeyID->authCertIssuer, certDirectoryName, PR_TRUE);
+ if (caName) {
+ if (!SECITEM_ItemsAreEqual(&cert->derIssuer, caName)) {
+ return PR_FALSE;
+ } /* else fall through */
+ } /* else ??? could not get general name as directory name? */
+ }
+ if (cert->authKeyID->authCertSerialNumber.len > 0) {
+ if (!SECITEM_ItemsAreEqual(
+ &cert->serialNumber,
+ &cert->authKeyID->authCertSerialNumber)) {
+ return PR_FALSE;
+ } /* else fall through */
+ }
+ /* all of the AKI fields that were present passed the test */
+ return PR_TRUE;
+ }
+ /* else the AKI was not present, so this is a root */
+ return PR_TRUE;
+}
+
+/*
+ * take a DER certificate and decode it into a certificate structure
+ */
+CERTCertificate *
+CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
+ char *nickname)
+{
+ CERTCertificate *cert;
+ PLArenaPool *arena;
+ void *data;
+ int rv;
+ int len;
+ char *tmpname;
+
+ /* make a new arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ return 0;
+ }
+
+ /* allocate the certificate structure */
+ cert = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
+
+ if (!cert) {
+ goto loser;
+ }
+
+ cert->arena = arena;
+
+ if (copyDER) {
+ /* copy the DER data for the cert into this arena */
+ data = (void *)PORT_ArenaAlloc(arena, derSignedCert->len);
+ if (!data) {
+ goto loser;
+ }
+ cert->derCert.data = (unsigned char *)data;
+ cert->derCert.len = derSignedCert->len;
+ PORT_Memcpy(data, derSignedCert->data, derSignedCert->len);
+ } else {
+ /* point to passed in DER data */
+ cert->derCert = *derSignedCert;
+ }
+
+ /* decode the certificate info */
+ rv = SEC_QuickDERDecodeItem(arena, cert, SEC_SignedCertificateTemplate,
+ &cert->derCert);
+
+ if (rv) {
+ goto loser;
+ }
+
+ if (cert_HasUnknownCriticalExten(cert->extensions) == PR_TRUE) {
+ cert->options.bits.hasUnsupportedCriticalExt = PR_TRUE;
+ }
+
+ /* generate and save the database key for the cert */
+ rv = CERT_KeyFromIssuerAndSN(arena, &cert->derIssuer, &cert->serialNumber,
+ &cert->certKey);
+ if (rv) {
+ goto loser;
+ }
+
+ /* set the nickname */
+ if (nickname == NULL) {
+ cert->nickname = NULL;
+ } else {
+ /* copy and install the nickname */
+ len = PORT_Strlen(nickname) + 1;
+ cert->nickname = (char *)PORT_ArenaAlloc(arena, len);
+ if (cert->nickname == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(cert->nickname, nickname, len);
+ }
+
+ /* set the email address */
+ cert->emailAddr = cert_GetCertificateEmailAddresses(cert);
+
+ /* initialize the subjectKeyID */
+ rv = cert_GetKeyID(cert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* initialize keyUsage */
+ rv = GetKeyUsage(cert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* determine if this is a root cert */
+ cert->isRoot = cert_IsRootCert(cert);
+
+ /* initialize the certType */
+ rv = cert_GetCertType(cert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ tmpname = CERT_NameToAscii(&cert->subject);
+ if (tmpname != NULL) {
+ cert->subjectName = PORT_ArenaStrdup(cert->arena, tmpname);
+ PORT_Free(tmpname);
+ }
+
+ tmpname = CERT_NameToAscii(&cert->issuer);
+ if (tmpname != NULL) {
+ cert->issuerName = PORT_ArenaStrdup(cert->arena, tmpname);
+ PORT_Free(tmpname);
+ }
+
+ cert->referenceCount = 1;
+ cert->slot = NULL;
+ cert->pkcs11ID = CK_INVALID_HANDLE;
+ cert->dbnickname = NULL;
+
+ return (cert);
+
+loser:
+
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (0);
+}
+
+CERTCertificate *
+__CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
+ char *nickname)
+{
+ return CERT_DecodeDERCertificate(derSignedCert, copyDER, nickname);
+}
+
+CERTValidity *
+CERT_CreateValidity(PRTime notBefore, PRTime notAfter)
+{
+ CERTValidity *v;
+ int rv;
+ PLArenaPool *arena;
+
+ if (notBefore > notAfter) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ return (0);
+ }
+
+ v = (CERTValidity *)PORT_ArenaZAlloc(arena, sizeof(CERTValidity));
+ if (v) {
+ v->arena = arena;
+ rv = DER_EncodeTimeChoice(arena, &v->notBefore, notBefore);
+ if (rv)
+ goto loser;
+ rv = DER_EncodeTimeChoice(arena, &v->notAfter, notAfter);
+ if (rv)
+ goto loser;
+ }
+ return v;
+
+loser:
+ CERT_DestroyValidity(v);
+ return 0;
+}
+
+SECStatus
+CERT_CopyValidity(PLArenaPool *arena, CERTValidity *to, CERTValidity *from)
+{
+ SECStatus rv;
+
+ CERT_DestroyValidity(to);
+ to->arena = arena;
+
+ rv = SECITEM_CopyItem(arena, &to->notBefore, &from->notBefore);
+ if (rv)
+ return rv;
+ rv = SECITEM_CopyItem(arena, &to->notAfter, &from->notAfter);
+ return rv;
+}
+
+void
+CERT_DestroyValidity(CERTValidity *v)
+{
+ if (v && v->arena) {
+ PORT_FreeArena(v->arena, PR_FALSE);
+ }
+ return;
+}
+
+/*
+** Amount of time that a certifiate is allowed good before it is actually
+** good. This is used for pending certificates, ones that are about to be
+** valid. The slop is designed to allow for some variance in the clocks
+** of the machine checking the certificate.
+*/
+#define PENDING_SLOP (24L * 60L * 60L) /* seconds per day */
+static PRInt32 pendingSlop = PENDING_SLOP; /* seconds */
+
+PRInt32
+CERT_GetSlopTime(void)
+{
+ return pendingSlop; /* seconds */
+}
+
+SECStatus CERT_SetSlopTime(PRInt32 slop) /* seconds */
+{
+ if (slop < 0)
+ return SECFailure;
+ pendingSlop = slop;
+ return SECSuccess;
+}
+
+SECStatus
+CERT_GetCertTimes(const CERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
+{
+ SECStatus rv;
+
+ if (!c || !notBefore || !notAfter) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* convert DER not-before time */
+ rv = DER_DecodeTimeChoice(notBefore, &c->validity.notBefore);
+ if (rv) {
+ return (SECFailure);
+ }
+
+ /* convert DER not-after time */
+ rv = DER_DecodeTimeChoice(notAfter, &c->validity.notAfter);
+ if (rv) {
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+/*
+ * Check the validity times of a certificate
+ */
+SECCertTimeValidity
+CERT_CheckCertValidTimes(const CERTCertificate *c, PRTime t,
+ PRBool allowOverride)
+{
+ PRTime notBefore, notAfter, llPendingSlop, tmp1;
+ SECStatus rv;
+
+ if (!c) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return (secCertTimeUndetermined);
+ }
+ /* if cert is already marked OK, then don't bother to check */
+ if (allowOverride && c->timeOK) {
+ return (secCertTimeValid);
+ }
+
+ rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
+
+ if (rv) {
+ return (secCertTimeExpired); /*XXX is this the right thing to do here?*/
+ }
+
+ LL_I2L(llPendingSlop, pendingSlop);
+ /* convert to micro seconds */
+ LL_UI2L(tmp1, PR_USEC_PER_SEC);
+ LL_MUL(llPendingSlop, llPendingSlop, tmp1);
+ LL_SUB(notBefore, notBefore, llPendingSlop);
+ if (LL_CMP(t, <, notBefore)) {
+ PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
+ return (secCertTimeNotValidYet);
+ }
+ if (LL_CMP(t, >, notAfter)) {
+ PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
+ return (secCertTimeExpired);
+ }
+
+ return (secCertTimeValid);
+}
+
+SECStatus
+SEC_GetCrlTimes(CERTCrl *date, PRTime *notBefore, PRTime *notAfter)
+{
+ int rv;
+
+ /* convert DER not-before time */
+ rv = DER_DecodeTimeChoice(notBefore, &date->lastUpdate);
+ if (rv) {
+ return (SECFailure);
+ }
+
+ /* convert DER not-after time */
+ if (date->nextUpdate.data) {
+ rv = DER_DecodeTimeChoice(notAfter, &date->nextUpdate);
+ if (rv) {
+ return (SECFailure);
+ }
+ } else {
+ LL_I2L(*notAfter, 0L);
+ }
+ return (SECSuccess);
+}
+
+/* These routines should probably be combined with the cert
+ * routines using an common extraction routine.
+ */
+SECCertTimeValidity
+SEC_CheckCrlTimes(CERTCrl *crl, PRTime t)
+{
+ PRTime notBefore, notAfter, llPendingSlop, tmp1;
+ SECStatus rv;
+
+ if (!crl) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return (secCertTimeUndetermined);
+ }
+
+ rv = SEC_GetCrlTimes(crl, &notBefore, &notAfter);
+
+ if (rv) {
+ return (secCertTimeExpired);
+ }
+
+ LL_I2L(llPendingSlop, pendingSlop);
+ /* convert to micro seconds */
+ LL_I2L(tmp1, PR_USEC_PER_SEC);
+ LL_MUL(llPendingSlop, llPendingSlop, tmp1);
+ LL_SUB(notBefore, notBefore, llPendingSlop);
+ if (LL_CMP(t, <, notBefore)) {
+ PORT_SetError(SEC_ERROR_CRL_EXPIRED);
+ return (secCertTimeNotValidYet);
+ }
+
+ /* If next update is omitted and the test for notBefore passes, then
+ we assume that the crl is up to date.
+ */
+ if (LL_IS_ZERO(notAfter)) {
+ return (secCertTimeValid);
+ }
+
+ if (LL_CMP(t, >, notAfter)) {
+ PORT_SetError(SEC_ERROR_CRL_EXPIRED);
+ return (secCertTimeExpired);
+ }
+
+ return (secCertTimeValid);
+}
+
+PRBool
+SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old)
+{
+ PRTime newNotBefore, newNotAfter;
+ PRTime oldNotBefore, oldNotAfter;
+ SECStatus rv;
+
+ /* problems with the new CRL? reject it */
+ rv = SEC_GetCrlTimes(inNew, &newNotBefore, &newNotAfter);
+ if (rv)
+ return PR_FALSE;
+
+ /* problems with the old CRL? replace it */
+ rv = SEC_GetCrlTimes(old, &oldNotBefore, &oldNotAfter);
+ if (rv)
+ return PR_TRUE;
+
+ /* Question: what about the notAfter's? */
+ return ((PRBool)LL_CMP(oldNotBefore, <, newNotBefore));
+}
+
+/*
+ * return required key usage and cert type based on cert usage
+ */
+SECStatus
+CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage, PRBool ca,
+ unsigned int *retKeyUsage,
+ unsigned int *retCertType)
+{
+ unsigned int requiredKeyUsage = 0;
+ unsigned int requiredCertType = 0;
+
+ if (ca) {
+ switch (usage) {
+ case certUsageSSLServerWithStepUp:
+ requiredKeyUsage = KU_NS_GOVT_APPROVED | KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_SSL_CA;
+ break;
+ case certUsageSSLClient:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_SSL_CA;
+ break;
+ case certUsageSSLServer:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_SSL_CA;
+ break;
+ case certUsageSSLCA:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_SSL_CA;
+ break;
+ case certUsageEmailSigner:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_EMAIL_CA;
+ break;
+ case certUsageEmailRecipient:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_EMAIL_CA;
+ break;
+ case certUsageObjectSigner:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA;
+ break;
+ case certUsageAnyCA:
+ case certUsageVerifyCA:
+ case certUsageStatusResponder:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA |
+ NS_CERT_TYPE_EMAIL_CA | NS_CERT_TYPE_SSL_CA;
+ break;
+ default:
+ PORT_Assert(0);
+ goto loser;
+ }
+ } else {
+ switch (usage) {
+ case certUsageSSLClient:
+ /*
+ * RFC 5280 lists digitalSignature and keyAgreement for
+ * id-kp-clientAuth. NSS does not support the *_fixed_dh and
+ * *_fixed_ecdh client certificate types.
+ */
+ requiredKeyUsage = KU_DIGITAL_SIGNATURE;
+ requiredCertType = NS_CERT_TYPE_SSL_CLIENT;
+ break;
+ case certUsageSSLServer:
+ requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
+ requiredCertType = NS_CERT_TYPE_SSL_SERVER;
+ break;
+ case certUsageSSLServerWithStepUp:
+ requiredKeyUsage =
+ KU_KEY_AGREEMENT_OR_ENCIPHERMENT | KU_NS_GOVT_APPROVED;
+ requiredCertType = NS_CERT_TYPE_SSL_SERVER;
+ break;
+ case certUsageSSLCA:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_SSL_CA;
+ break;
+ case certUsageEmailSigner:
+ requiredKeyUsage = KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION;
+ requiredCertType = NS_CERT_TYPE_EMAIL;
+ break;
+ case certUsageEmailRecipient:
+ requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
+ requiredCertType = NS_CERT_TYPE_EMAIL;
+ break;
+ case certUsageObjectSigner:
+ /* RFC 5280 lists only digitalSignature for id-kp-codeSigning.
+ */
+ requiredKeyUsage = KU_DIGITAL_SIGNATURE;
+ requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING;
+ break;
+ case certUsageStatusResponder:
+ requiredKeyUsage = KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION;
+ requiredCertType = EXT_KEY_USAGE_STATUS_RESPONDER;
+ break;
+ default:
+ PORT_Assert(0);
+ goto loser;
+ }
+ }
+
+ if (retKeyUsage != NULL) {
+ *retKeyUsage = requiredKeyUsage;
+ }
+ if (retCertType != NULL) {
+ *retCertType = requiredCertType;
+ }
+
+ return (SECSuccess);
+loser:
+ return (SECFailure);
+}
+
+/*
+ * check the key usage of a cert against a set of required values
+ */
+SECStatus
+CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage)
+{
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* choose between key agreement or key encipherment based on key
+ * type in cert
+ */
+ if (requiredUsage & KU_KEY_AGREEMENT_OR_ENCIPHERMENT) {
+ KeyType keyType = CERT_GetCertKeyType(&cert->subjectPublicKeyInfo);
+ /* turn off the special bit */
+ requiredUsage &= (~KU_KEY_AGREEMENT_OR_ENCIPHERMENT);
+
+ switch (keyType) {
+ case rsaKey:
+ requiredUsage |= KU_KEY_ENCIPHERMENT;
+ break;
+ case dsaKey:
+ requiredUsage |= KU_DIGITAL_SIGNATURE;
+ break;
+ case dhKey:
+ requiredUsage |= KU_KEY_AGREEMENT;
+ break;
+ case ecKey:
+ /* Accept either signature or agreement. */
+ if (!(cert->keyUsage &
+ (KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT)))
+ goto loser;
+ break;
+ default:
+ goto loser;
+ }
+ }
+
+ /* Allow either digital signature or non-repudiation */
+ if (requiredUsage & KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION) {
+ /* turn off the special bit */
+ requiredUsage &= (~KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION);
+
+ if (!(cert->keyUsage & (KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION)))
+ goto loser;
+ }
+
+ if ((cert->keyUsage & requiredUsage) == requiredUsage)
+ return SECSuccess;
+
+loser:
+ PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
+ return SECFailure;
+}
+
+CERTCertificate *
+CERT_DupCertificate(CERTCertificate *c)
+{
+ if (c) {
+ NSSCertificate *tmp = STAN_GetNSSCertificate(c);
+ nssCertificate_AddRef(tmp);
+ }
+ return c;
+}
+
+/*
+ * Allow use of default cert database, so that apps(such as mozilla) don't
+ * have to pass the handle all over the place.
+ */
+static CERTCertDBHandle *default_cert_db_handle = 0;
+
+void
+CERT_SetDefaultCertDB(CERTCertDBHandle *handle)
+{
+ default_cert_db_handle = handle;
+
+ return;
+}
+
+CERTCertDBHandle *
+CERT_GetDefaultCertDB(void)
+{
+ return (default_cert_db_handle);
+}
+
+/* XXX this would probably be okay/better as an xp routine? */
+static void
+sec_lower_string(char *s)
+{
+ if (s == NULL) {
+ return;
+ }
+
+ while (*s) {
+ *s = PORT_Tolower(*s);
+ s++;
+ }
+
+ return;
+}
+
+static PRBool
+cert_IsIPAddr(const char *hn)
+{
+ PRBool isIPaddr = PR_FALSE;
+ PRNetAddr netAddr;
+ isIPaddr = (PR_SUCCESS == PR_StringToNetAddr(hn, &netAddr));
+ return isIPaddr;
+}
+
+/*
+** Add a domain name to the list of names that the user has explicitly
+** allowed (despite cert name mismatches) for use with a server cert.
+*/
+SECStatus
+CERT_AddOKDomainName(CERTCertificate *cert, const char *hn)
+{
+ CERTOKDomainName *domainOK;
+ int newNameLen;
+
+ if (!hn || !(newNameLen = strlen(hn))) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ domainOK = (CERTOKDomainName *)PORT_ArenaZAlloc(cert->arena, sizeof(*domainOK));
+ if (!domainOK) {
+ return SECFailure; /* error code is already set. */
+ }
+ domainOK->name = (char *)PORT_ArenaZAlloc(cert->arena, newNameLen + 1);
+ if (!domainOK->name) {
+ return SECFailure; /* error code is already set. */
+ }
+
+ PORT_Strncpy(domainOK->name, hn, newNameLen + 1);
+ sec_lower_string(domainOK->name);
+
+ /* put at head of list. */
+ domainOK->next = cert->domainOK;
+ cert->domainOK = domainOK;
+ return SECSuccess;
+}
+
+/* returns SECSuccess if hn matches pattern cn,
+** returns SECFailure with SSL_ERROR_BAD_CERT_DOMAIN if no match,
+** returns SECFailure with some other error code if another error occurs.
+**
+** This function may modify string cn, so caller must pass a modifiable copy.
+*/
+static SECStatus
+cert_TestHostName(char *cn, const char *hn)
+{
+ static int useShellExp = -1;
+
+ if (useShellExp < 0) {
+ useShellExp = (NULL != PR_GetEnvSecure("NSS_USE_SHEXP_IN_CERT_NAME"));
+ }
+ if (useShellExp) {
+ /* Backward compatible code, uses Shell Expressions (SHEXP). */
+ int regvalid = PORT_RegExpValid(cn);
+ if (regvalid != NON_SXP) {
+ SECStatus rv;
+ /* cn is a regular expression, try to match the shexp */
+ int match = PORT_RegExpCaseSearch(hn, cn);
+
+ if (match == 0) {
+ rv = SECSuccess;
+ } else {
+ PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
+ rv = SECFailure;
+ }
+ return rv;
+ }
+ } else {
+ /* New approach conforms to RFC 6125. */
+ char *wildcard = PORT_Strchr(cn, '*');
+ char *firstcndot = PORT_Strchr(cn, '.');
+ char *secondcndot =
+ firstcndot ? PORT_Strchr(firstcndot + 1, '.') : NULL;
+ char *firsthndot = PORT_Strchr(hn, '.');
+
+ /* For a cn pattern to be considered valid, the wildcard character...
+ * - may occur only in a DNS name with at least 3 components, and
+ * - may occur only as last character in the first component, and
+ * - may be preceded by additional characters, and
+ * - must not be preceded by an IDNA ACE prefix (xn--)
+ */
+ if (wildcard && secondcndot && secondcndot[1] && firsthndot &&
+ firstcndot - wildcard == 1 /* wildcard is last char in first component */
+ && secondcndot - firstcndot > 1 /* second component is non-empty */
+ && PORT_Strrchr(cn, '*') == wildcard /* only one wildcard in cn */
+ && !PORT_Strncasecmp(cn, hn, wildcard - cn) &&
+ !PORT_Strcasecmp(firstcndot, firsthndot)
+ /* If hn starts with xn--, then cn must start with wildcard */
+ && (PORT_Strncasecmp(hn, "xn--", 4) || wildcard == cn)) {
+ /* valid wildcard pattern match */
+ return SECSuccess;
+ }
+ }
+ /* String cn has no wildcard or shell expression.
+ * Compare entire string hn with cert name.
+ */
+ if (PORT_Strcasecmp(hn, cn) == 0) {
+ return SECSuccess;
+ }
+
+ PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
+ return SECFailure;
+}
+
+SECStatus
+cert_VerifySubjectAltName(const CERTCertificate *cert, const char *hn)
+{
+ PLArenaPool *arena = NULL;
+ CERTGeneralName *nameList = NULL;
+ CERTGeneralName *current;
+ char *cn;
+ int cnBufLen;
+ int DNSextCount = 0;
+ int IPextCount = 0;
+ PRBool isIPaddr = PR_FALSE;
+ SECStatus rv = SECFailure;
+ SECItem subAltName;
+ PRNetAddr netAddr;
+ char cnbuf[128];
+
+ subAltName.data = NULL;
+ cn = cnbuf;
+ cnBufLen = sizeof cnbuf;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
+ &subAltName);
+ if (rv != SECSuccess) {
+ goto fail;
+ }
+ isIPaddr = (PR_SUCCESS == PR_StringToNetAddr(hn, &netAddr));
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena)
+ goto fail;
+
+ nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName);
+ if (!current)
+ goto fail;
+
+ do {
+ switch (current->type) {
+ case certDNSName:
+ if (!isIPaddr) {
+ /* DNS name current->name.other.data is not null terminated.
+ ** so must copy it.
+ */
+ int cnLen = current->name.other.len;
+ rv = CERT_RFC1485_EscapeAndQuote(
+ cn, cnBufLen, (char *)current->name.other.data, cnLen);
+ if (rv != SECSuccess &&
+ PORT_GetError() == SEC_ERROR_OUTPUT_LEN) {
+ cnBufLen =
+ cnLen * 3 + 3; /* big enough for worst case */
+ cn = (char *)PORT_ArenaAlloc(arena, cnBufLen);
+ if (!cn)
+ goto fail;
+ rv = CERT_RFC1485_EscapeAndQuote(
+ cn, cnBufLen, (char *)current->name.other.data,
+ cnLen);
+ }
+ if (rv == SECSuccess)
+ rv = cert_TestHostName(cn, hn);
+ if (rv == SECSuccess)
+ goto finish;
+ }
+ DNSextCount++;
+ break;
+ case certIPAddress:
+ if (isIPaddr) {
+ int match = 0;
+ PRIPv6Addr v6Addr;
+ if (current->name.other.len == 4 && /* IP v4 address */
+ netAddr.inet.family == PR_AF_INET) {
+ match = !memcmp(&netAddr.inet.ip,
+ current->name.other.data, 4);
+ } else if (current->name.other.len ==
+ 16 && /* IP v6 address */
+ netAddr.ipv6.family == PR_AF_INET6) {
+ match = !memcmp(&netAddr.ipv6.ip,
+ current->name.other.data, 16);
+ } else if (current->name.other.len ==
+ 16 && /* IP v6 address */
+ netAddr.inet.family == PR_AF_INET) {
+ /* convert netAddr to ipv6, then compare. */
+ /* ipv4 must be in Network Byte Order on input. */
+ PR_ConvertIPv4AddrToIPv6(netAddr.inet.ip, &v6Addr);
+ match = !memcmp(&v6Addr, current->name.other.data, 16);
+ } else if (current->name.other.len == 4 && /* IP v4 address */
+ netAddr.inet.family == PR_AF_INET6) {
+ /* convert netAddr to ipv6, then compare. */
+ PRUint32 ipv4 = (current->name.other.data[0] << 24) |
+ (current->name.other.data[1] << 16) |
+ (current->name.other.data[2] << 8) |
+ current->name.other.data[3];
+ /* ipv4 must be in Network Byte Order on input. */
+ PR_ConvertIPv4AddrToIPv6(PR_htonl(ipv4), &v6Addr);
+ match = !memcmp(&netAddr.ipv6.ip, &v6Addr, 16);
+ }
+ if (match) {
+ rv = SECSuccess;
+ goto finish;
+ }
+ }
+ IPextCount++;
+ break;
+ default:
+ break;
+ }
+ current = CERT_GetNextGeneralName(current);
+ } while (current != nameList);
+
+fail:
+
+ if (!(isIPaddr ? IPextCount : DNSextCount)) {
+ /* no relevant value in the extension was found. */
+ PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
+ } else {
+ PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
+ }
+ rv = SECFailure;
+
+finish:
+
+ /* Don't free nameList, it's part of the arena. */
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (subAltName.data) {
+ SECITEM_FreeItem(&subAltName, PR_FALSE);
+ }
+
+ return rv;
+}
+
+/*
+ * If found:
+ * - subAltName contains the extension (caller must free)
+ * - return value is the decoded namelist (allocated off arena)
+ * if not found, or if failure to decode:
+ * - return value is NULL
+ */
+CERTGeneralName *
+cert_GetSubjectAltNameList(const CERTCertificate *cert, PLArenaPool *arena)
+{
+ CERTGeneralName *nameList = NULL;
+ SECStatus rv = SECFailure;
+ SECItem subAltName;
+
+ if (!cert || !arena)
+ return NULL;
+
+ subAltName.data = NULL;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
+ &subAltName);
+ if (rv != SECSuccess)
+ return NULL;
+
+ nameList = CERT_DecodeAltNameExtension(arena, &subAltName);
+ SECITEM_FreeItem(&subAltName, PR_FALSE);
+ return nameList;
+}
+
+PRUint32
+cert_CountDNSPatterns(CERTGeneralName *firstName)
+{
+ CERTGeneralName *current;
+ PRUint32 count = 0;
+
+ if (!firstName)
+ return 0;
+
+ current = firstName;
+ do {
+ switch (current->type) {
+ case certDNSName:
+ case certIPAddress:
+ ++count;
+ break;
+ default:
+ break;
+ }
+ current = CERT_GetNextGeneralName(current);
+ } while (current != firstName);
+
+ return count;
+}
+
+#ifndef INET6_ADDRSTRLEN
+#define INET6_ADDRSTRLEN 46
+#endif
+
+/* will fill nickNames,
+ * will allocate all data from nickNames->arena,
+ * numberOfGeneralNames should have been obtained from cert_CountDNSPatterns,
+ * will ensure the numberOfGeneralNames matches the number of output entries.
+ */
+SECStatus
+cert_GetDNSPatternsFromGeneralNames(CERTGeneralName *firstName,
+ PRUint32 numberOfGeneralNames,
+ CERTCertNicknames *nickNames)
+{
+ CERTGeneralName *currentInput;
+ char **currentOutput;
+
+ if (!firstName || !nickNames || !numberOfGeneralNames)
+ return SECFailure;
+
+ nickNames->numnicknames = numberOfGeneralNames;
+ nickNames->nicknames = PORT_ArenaAlloc(
+ nickNames->arena, sizeof(char *) * numberOfGeneralNames);
+ if (!nickNames->nicknames)
+ return SECFailure;
+
+ currentInput = firstName;
+ currentOutput = nickNames->nicknames;
+ do {
+ char *cn = NULL;
+ char ipbuf[INET6_ADDRSTRLEN];
+ PRNetAddr addr;
+
+ if (numberOfGeneralNames < 1) {
+ /* internal consistency error */
+ return SECFailure;
+ }
+
+ switch (currentInput->type) {
+ case certDNSName:
+ /* DNS name currentInput->name.other.data is not null
+ *terminated.
+ ** so must copy it.
+ */
+ cn = (char *)PORT_ArenaAlloc(nickNames->arena,
+ currentInput->name.other.len + 1);
+ if (!cn)
+ return SECFailure;
+ PORT_Memcpy(cn, currentInput->name.other.data,
+ currentInput->name.other.len);
+ cn[currentInput->name.other.len] = 0;
+ break;
+ case certIPAddress:
+ if (currentInput->name.other.len == 4) {
+ addr.inet.family = PR_AF_INET;
+ memcpy(&addr.inet.ip, currentInput->name.other.data,
+ currentInput->name.other.len);
+ } else if (currentInput->name.other.len == 16) {
+ addr.ipv6.family = PR_AF_INET6;
+ memcpy(&addr.ipv6.ip, currentInput->name.other.data,
+ currentInput->name.other.len);
+ }
+ if (PR_NetAddrToString(&addr, ipbuf, sizeof(ipbuf)) ==
+ PR_FAILURE)
+ return SECFailure;
+ cn = PORT_ArenaStrdup(nickNames->arena, ipbuf);
+ if (!cn)
+ return SECFailure;
+ break;
+ default:
+ break;
+ }
+ if (cn) {
+ *currentOutput = cn;
+ nickNames->totallen += PORT_Strlen(cn);
+ ++currentOutput;
+ --numberOfGeneralNames;
+ }
+ currentInput = CERT_GetNextGeneralName(currentInput);
+ } while (currentInput != firstName);
+
+ return (numberOfGeneralNames == 0) ? SECSuccess : SECFailure;
+}
+
+/*
+ * Collect all valid DNS names from the given cert.
+ * The output arena will reference some temporaray data,
+ * but this saves us from dealing with two arenas.
+ * The caller may free all data by freeing CERTCertNicknames->arena.
+ */
+CERTCertNicknames *
+CERT_GetValidDNSPatternsFromCert(CERTCertificate *cert)
+{
+ CERTGeneralName *generalNames;
+ CERTCertNicknames *nickNames;
+ PLArenaPool *arena;
+ char *singleName;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return NULL;
+ }
+
+ nickNames = PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
+ if (!nickNames) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ /* init the structure */
+ nickNames->arena = arena;
+ nickNames->head = NULL;
+ nickNames->numnicknames = 0;
+ nickNames->nicknames = NULL;
+ nickNames->totallen = 0;
+
+ generalNames = cert_GetSubjectAltNameList(cert, arena);
+ if (generalNames) {
+ SECStatus rv_getnames = SECFailure;
+ PRUint32 numNames = cert_CountDNSPatterns(generalNames);
+
+ if (numNames) {
+ rv_getnames = cert_GetDNSPatternsFromGeneralNames(
+ generalNames, numNames, nickNames);
+ }
+
+ /* if there were names, we'll exit now, either with success or failure
+ */
+ if (numNames) {
+ if (rv_getnames == SECSuccess) {
+ return nickNames;
+ }
+
+ /* failure to produce output */
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ }
+
+ /* no SAN extension or no names found in extension */
+ singleName = CERT_GetCommonName(&cert->subject);
+ if (singleName) {
+ nickNames->numnicknames = 1;
+ nickNames->nicknames = PORT_ArenaAlloc(arena, sizeof(char *));
+ if (nickNames->nicknames) {
+ *nickNames->nicknames = PORT_ArenaStrdup(arena, singleName);
+ }
+ PORT_Free(singleName);
+
+ /* Did we allocate both the buffer of pointers and the string? */
+ if (nickNames->nicknames && *nickNames->nicknames) {
+ return nickNames;
+ }
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+/* Make sure that the name of the host we are connecting to matches the
+ * name that is incoded in the common-name component of the certificate
+ * that they are using.
+ */
+SECStatus
+CERT_VerifyCertName(const CERTCertificate *cert, const char *hn)
+{
+ char *cn;
+ SECStatus rv;
+ CERTOKDomainName *domainOK;
+
+ if (!hn || !strlen(hn)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* if the name is one that the user has already approved, it's OK. */
+ for (domainOK = cert->domainOK; domainOK; domainOK = domainOK->next) {
+ if (0 == PORT_Strcasecmp(hn, domainOK->name)) {
+ return SECSuccess;
+ }
+ }
+
+ /* Per RFC 2818, if the SubjectAltName extension is present, it must
+ ** be used as the cert's identity.
+ */
+ rv = cert_VerifySubjectAltName(cert, hn);
+ if (rv == SECSuccess || PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
+ return rv;
+
+ cn = CERT_GetCommonName(&cert->subject);
+ if (cn) {
+ PRBool isIPaddr = cert_IsIPAddr(hn);
+ if (isIPaddr) {
+ if (PORT_Strcasecmp(hn, cn) == 0) {
+ rv = SECSuccess;
+ } else {
+ PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
+ rv = SECFailure;
+ }
+ } else {
+ rv = cert_TestHostName(cn, hn);
+ }
+ PORT_Free(cn);
+ } else
+ PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
+ return rv;
+}
+
+PRBool
+CERT_CompareCerts(const CERTCertificate *c1, const CERTCertificate *c2)
+{
+ SECComparison comp;
+
+ comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
+ if (comp == SECEqual) { /* certs are the same */
+ return (PR_TRUE);
+ } else {
+ return (PR_FALSE);
+ }
+}
+
+static SECStatus
+StringsEqual(char *s1, char *s2)
+{
+ if ((s1 == NULL) || (s2 == NULL)) {
+ if (s1 != s2) { /* only one is null */
+ return (SECFailure);
+ }
+ return (SECSuccess); /* both are null */
+ }
+
+ if (PORT_Strcmp(s1, s2) != 0) {
+ return (SECFailure); /* not equal */
+ }
+
+ return (SECSuccess); /* strings are equal */
+}
+
+PRBool
+CERT_CompareCertsForRedirection(CERTCertificate *c1, CERTCertificate *c2)
+{
+ SECComparison comp;
+ char *c1str, *c2str;
+ SECStatus eq;
+
+ comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
+ if (comp == SECEqual) { /* certs are the same */
+ return (PR_TRUE);
+ }
+
+ /* check if they are issued by the same CA */
+ comp = SECITEM_CompareItem(&c1->derIssuer, &c2->derIssuer);
+ if (comp != SECEqual) { /* different issuer */
+ return (PR_FALSE);
+ }
+
+ /* check country name */
+ c1str = CERT_GetCountryName(&c1->subject);
+ c2str = CERT_GetCountryName(&c2->subject);
+ eq = StringsEqual(c1str, c2str);
+ PORT_Free(c1str);
+ PORT_Free(c2str);
+ if (eq != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+ /* check locality name */
+ c1str = CERT_GetLocalityName(&c1->subject);
+ c2str = CERT_GetLocalityName(&c2->subject);
+ eq = StringsEqual(c1str, c2str);
+ PORT_Free(c1str);
+ PORT_Free(c2str);
+ if (eq != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+ /* check state name */
+ c1str = CERT_GetStateName(&c1->subject);
+ c2str = CERT_GetStateName(&c2->subject);
+ eq = StringsEqual(c1str, c2str);
+ PORT_Free(c1str);
+ PORT_Free(c2str);
+ if (eq != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+ /* check org name */
+ c1str = CERT_GetOrgName(&c1->subject);
+ c2str = CERT_GetOrgName(&c2->subject);
+ eq = StringsEqual(c1str, c2str);
+ PORT_Free(c1str);
+ PORT_Free(c2str);
+ if (eq != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+#ifdef NOTDEF
+ /* check orgUnit name */
+ /*
+ * We need to revisit this and decide which fields should be allowed to be
+ * different
+ */
+ c1str = CERT_GetOrgUnitName(&c1->subject);
+ c2str = CERT_GetOrgUnitName(&c2->subject);
+ eq = StringsEqual(c1str, c2str);
+ PORT_Free(c1str);
+ PORT_Free(c2str);
+ if (eq != SECSuccess) {
+ return (PR_FALSE);
+ }
+#endif
+
+ return (PR_TRUE); /* all fields but common name are the same */
+}
+
+/* CERT_CertChainFromCert and CERT_DestroyCertificateList moved
+ to certhigh.c */
+
+CERTIssuerAndSN *
+CERT_GetCertIssuerAndSN(PLArenaPool *arena, CERTCertificate *cert)
+{
+ CERTIssuerAndSN *result;
+ SECStatus rv;
+
+ if (arena == NULL) {
+ arena = cert->arena;
+ }
+
+ result = (CERTIssuerAndSN *)PORT_ArenaZAlloc(arena, sizeof(*result));
+ if (result == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ rv = SECITEM_CopyItem(arena, &result->derIssuer, &cert->derIssuer);
+ if (rv != SECSuccess)
+ return NULL;
+
+ rv = CERT_CopyName(arena, &result->issuer, &cert->issuer);
+ if (rv != SECSuccess)
+ return NULL;
+
+ rv = SECITEM_CopyItem(arena, &result->serialNumber, &cert->serialNumber);
+ if (rv != SECSuccess)
+ return NULL;
+
+ return result;
+}
+
+char *
+CERT_MakeCANickname(CERTCertificate *cert)
+{
+ char *firstname = NULL;
+ char *org = NULL;
+ char *nickname = NULL;
+ int count;
+ CERTCertificate *dummycert;
+
+ firstname = CERT_GetCommonName(&cert->subject);
+ if (firstname == NULL) {
+ firstname = CERT_GetOrgUnitName(&cert->subject);
+ }
+
+ org = CERT_GetOrgName(&cert->issuer);
+ if (org == NULL) {
+ org = CERT_GetDomainComponentName(&cert->issuer);
+ if (org == NULL) {
+ if (firstname) {
+ org = firstname;
+ firstname = NULL;
+ } else {
+ org = PORT_Strdup("Unknown CA");
+ }
+ }
+ }
+
+ /* can only fail if PORT_Strdup fails, in which case
+ * we're having memory problems. */
+ if (org == NULL) {
+ goto done;
+ }
+
+ count = 1;
+ while (1) {
+
+ if (firstname) {
+ if (count == 1) {
+ nickname = PR_smprintf("%s - %s", firstname, org);
+ } else {
+ nickname = PR_smprintf("%s - %s #%d", firstname, org, count);
+ }
+ } else {
+ if (count == 1) {
+ nickname = PR_smprintf("%s", org);
+ } else {
+ nickname = PR_smprintf("%s #%d", org, count);
+ }
+ }
+ if (nickname == NULL) {
+ goto done;
+ }
+
+ /* look up the nickname to make sure it isn't in use already */
+ dummycert = CERT_FindCertByNickname(cert->dbhandle, nickname);
+
+ if (dummycert == NULL) {
+ goto done;
+ }
+
+ /* found a cert, destroy it and loop */
+ CERT_DestroyCertificate(dummycert);
+
+ /* free the nickname */
+ PORT_Free(nickname);
+
+ count++;
+ }
+
+done:
+ if (firstname) {
+ PORT_Free(firstname);
+ }
+ if (org) {
+ PORT_Free(org);
+ }
+
+ return (nickname);
+}
+
+/* CERT_Import_CAChain moved to certhigh.c */
+
+void
+CERT_DestroyCrl(CERTSignedCrl *crl)
+{
+ SEC_DestroyCrl(crl);
+}
+
+static int
+cert_Version(CERTCertificate *cert)
+{
+ int version = 0;
+ if (cert && cert->version.data && cert->version.len) {
+ version = DER_GetInteger(&cert->version);
+ if (version < 0)
+ version = 0;
+ }
+ return version;
+}
+
+static unsigned int
+cert_ComputeTrustOverrides(CERTCertificate *cert, unsigned int cType)
+{
+ CERTCertTrust trust;
+ SECStatus rv = SECFailure;
+
+ rv = CERT_GetCertTrust(cert, &trust);
+
+ if (rv == SECSuccess &&
+ (trust.sslFlags | trust.emailFlags | trust.objectSigningFlags)) {
+
+ if (trust.sslFlags & (CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED))
+ cType |= NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_SSL_CLIENT;
+ if (trust.sslFlags & (CERTDB_VALID_CA | CERTDB_TRUSTED_CA))
+ cType |= NS_CERT_TYPE_SSL_CA;
+#if defined(CERTDB_NOT_TRUSTED)
+ if (trust.sslFlags & CERTDB_NOT_TRUSTED)
+ cType &= ~(NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_SSL_CLIENT |
+ NS_CERT_TYPE_SSL_CA);
+#endif
+ if (trust.emailFlags & (CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED))
+ cType |= NS_CERT_TYPE_EMAIL;
+ if (trust.emailFlags & (CERTDB_VALID_CA | CERTDB_TRUSTED_CA))
+ cType |= NS_CERT_TYPE_EMAIL_CA;
+#if defined(CERTDB_NOT_TRUSTED)
+ if (trust.emailFlags & CERTDB_NOT_TRUSTED)
+ cType &= ~(NS_CERT_TYPE_EMAIL | NS_CERT_TYPE_EMAIL_CA);
+#endif
+ if (trust.objectSigningFlags &
+ (CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED))
+ cType |= NS_CERT_TYPE_OBJECT_SIGNING;
+ if (trust.objectSigningFlags & (CERTDB_VALID_CA | CERTDB_TRUSTED_CA))
+ cType |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
+#if defined(CERTDB_NOT_TRUSTED)
+ if (trust.objectSigningFlags & CERTDB_NOT_TRUSTED)
+ cType &=
+ ~(NS_CERT_TYPE_OBJECT_SIGNING | NS_CERT_TYPE_OBJECT_SIGNING_CA);
+#endif
+ }
+ return cType;
+}
+
+/*
+ * Does a cert belong to a CA? We decide based on perm database trust
+ * flags, Netscape Cert Type Extension, and KeyUsage Extension.
+ */
+PRBool
+CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype)
+{
+ unsigned int cType = cert->nsCertType;
+ PRBool ret = PR_FALSE;
+
+ /*
+ * Check if the constraints are available and it's a CA, OR if it's
+ * a X.509 v1 Root CA.
+ */
+ CERTBasicConstraints constraints;
+ if ((CERT_FindBasicConstraintExten(cert, &constraints) == SECSuccess &&
+ constraints.isCA) ||
+ (cert->isRoot && cert_Version(cert) < SEC_CERTIFICATE_VERSION_3))
+ cType |= (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
+
+ /*
+ * Apply trust overrides, if any.
+ */
+ cType = cert_ComputeTrustOverrides(cert, cType);
+ ret = (cType & (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA |
+ NS_CERT_TYPE_OBJECT_SIGNING_CA))
+ ? PR_TRUE
+ : PR_FALSE;
+
+ if (rettype) {
+ *rettype = cType;
+ }
+
+ return ret;
+}
+
+PRBool
+CERT_IsCADERCert(SECItem *derCert, unsigned int *type)
+{
+ CERTCertificate *cert;
+ PRBool isCA;
+
+ /* This is okay -- only looks at extensions */
+ cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
+ if (cert == NULL)
+ return PR_FALSE;
+
+ isCA = CERT_IsCACert(cert, type);
+ CERT_DestroyCertificate(cert);
+ return isCA;
+}
+
+PRBool
+CERT_IsRootDERCert(SECItem *derCert)
+{
+ CERTCertificate *cert;
+ PRBool isRoot;
+
+ /* This is okay -- only looks at extensions */
+ cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
+ if (cert == NULL)
+ return PR_FALSE;
+
+ isRoot = cert->isRoot;
+ CERT_DestroyCertificate(cert);
+ return isRoot;
+}
+
+CERTCompareValidityStatus
+CERT_CompareValidityTimes(CERTValidity *val_a, CERTValidity *val_b)
+{
+ PRTime notBeforeA, notBeforeB, notAfterA, notAfterB;
+
+ if (!val_a || !val_b) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return certValidityUndetermined;
+ }
+
+ if (SECSuccess != DER_DecodeTimeChoice(&notBeforeA, &val_a->notBefore) ||
+ SECSuccess != DER_DecodeTimeChoice(&notBeforeB, &val_b->notBefore) ||
+ SECSuccess != DER_DecodeTimeChoice(&notAfterA, &val_a->notAfter) ||
+ SECSuccess != DER_DecodeTimeChoice(&notAfterB, &val_b->notAfter)) {
+ return certValidityUndetermined;
+ }
+
+ /* sanity check */
+ if (LL_CMP(notBeforeA, >, notAfterA) || LL_CMP(notBeforeB, >, notAfterB)) {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return certValidityUndetermined;
+ }
+
+ if (LL_CMP(notAfterA, !=, notAfterB)) {
+ /* one cert validity goes farther into the future, select it */
+ return LL_CMP(notAfterA, <, notAfterB) ? certValidityChooseB
+ : certValidityChooseA;
+ }
+ /* the two certs have the same expiration date */
+ PORT_Assert(LL_CMP(notAfterA, ==, notAfterB));
+ /* do they also have the same start date ? */
+ if (LL_CMP(notBeforeA, ==, notBeforeB)) {
+ return certValidityEqual;
+ }
+ /* choose cert with the later start date */
+ return LL_CMP(notBeforeA, <, notBeforeB) ? certValidityChooseB
+ : certValidityChooseA;
+}
+
+/*
+ * is certa newer than certb? If one is expired, pick the other one.
+ */
+PRBool
+CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb)
+{
+ PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
+ SECStatus rv;
+ PRBool newerbefore, newerafter;
+
+ rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
+ if (rv != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+ rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
+ if (rv != SECSuccess) {
+ return (PR_TRUE);
+ }
+
+ newerbefore = PR_FALSE;
+ if (LL_CMP(notBeforeA, >, notBeforeB)) {
+ newerbefore = PR_TRUE;
+ }
+
+ newerafter = PR_FALSE;
+ if (LL_CMP(notAfterA, >, notAfterB)) {
+ newerafter = PR_TRUE;
+ }
+
+ if (newerbefore && newerafter) {
+ return (PR_TRUE);
+ }
+
+ if ((!newerbefore) && (!newerafter)) {
+ return (PR_FALSE);
+ }
+
+ /* get current time */
+ now = PR_Now();
+
+ if (newerbefore) {
+ /* cert A was issued after cert B, but expires sooner */
+ /* if A is expired, then pick B */
+ if (LL_CMP(notAfterA, <, now)) {
+ return (PR_FALSE);
+ }
+ return (PR_TRUE);
+ } else {
+ /* cert B was issued after cert A, but expires sooner */
+ /* if B is expired, then pick A */
+ if (LL_CMP(notAfterB, <, now)) {
+ return (PR_TRUE);
+ }
+ return (PR_FALSE);
+ }
+}
+
+void
+CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts)
+{
+ unsigned int i;
+
+ if (certs) {
+ for (i = 0; i < ncerts; i++) {
+ if (certs[i]) {
+ CERT_DestroyCertificate(certs[i]);
+ }
+ }
+
+ PORT_Free(certs);
+ }
+
+ return;
+}
+
+char *
+CERT_FixupEmailAddr(const char *emailAddr)
+{
+ char *retaddr;
+ char *str;
+
+ if (emailAddr == NULL) {
+ return (NULL);
+ }
+
+ /* copy the string */
+ str = retaddr = PORT_Strdup(emailAddr);
+ if (str == NULL) {
+ return (NULL);
+ }
+
+ /* make it lower case */
+ while (*str) {
+ *str = tolower(*str);
+ str++;
+ }
+
+ return (retaddr);
+}
+
+/*
+ * NOTE - don't allow encode of govt-approved or invisible bits
+ */
+SECStatus
+CERT_DecodeTrustString(CERTCertTrust *trust, const char *trusts)
+{
+ unsigned int i;
+ unsigned int *pflags;
+
+ if (!trust) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ trust->sslFlags = 0;
+ trust->emailFlags = 0;
+ trust->objectSigningFlags = 0;
+ if (!trusts) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ pflags = &trust->sslFlags;
+
+ for (i = 0; i < PORT_Strlen(trusts); i++) {
+ switch (trusts[i]) {
+ case 'p':
+ *pflags = *pflags | CERTDB_TERMINAL_RECORD;
+ break;
+
+ case 'P':
+ *pflags = *pflags | CERTDB_TRUSTED | CERTDB_TERMINAL_RECORD;
+ break;
+
+ case 'w':
+ *pflags = *pflags | CERTDB_SEND_WARN;
+ break;
+
+ case 'c':
+ *pflags = *pflags | CERTDB_VALID_CA;
+ break;
+
+ case 'T':
+ *pflags = *pflags | CERTDB_TRUSTED_CLIENT_CA | CERTDB_VALID_CA;
+ break;
+
+ case 'C':
+ *pflags = *pflags | CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
+ break;
+
+ case 'u':
+ *pflags = *pflags | CERTDB_USER;
+ break;
+
+ case 'i':
+ *pflags = *pflags | CERTDB_INVISIBLE_CA;
+ break;
+ case 'g':
+ *pflags = *pflags | CERTDB_GOVT_APPROVED_CA;
+ break;
+
+ case ',':
+ if (pflags == &trust->sslFlags) {
+ pflags = &trust->emailFlags;
+ } else {
+ pflags = &trust->objectSigningFlags;
+ }
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+static void
+EncodeFlags(char *trusts, unsigned int flags)
+{
+ if (flags & CERTDB_VALID_CA)
+ if (!(flags & CERTDB_TRUSTED_CA) && !(flags & CERTDB_TRUSTED_CLIENT_CA))
+ PORT_Strcat(trusts, "c");
+ if (flags & CERTDB_TERMINAL_RECORD)
+ if (!(flags & CERTDB_TRUSTED))
+ PORT_Strcat(trusts, "p");
+ if (flags & CERTDB_TRUSTED_CA)
+ PORT_Strcat(trusts, "C");
+ if (flags & CERTDB_TRUSTED_CLIENT_CA)
+ PORT_Strcat(trusts, "T");
+ if (flags & CERTDB_TRUSTED)
+ PORT_Strcat(trusts, "P");
+ if (flags & CERTDB_USER)
+ PORT_Strcat(trusts, "u");
+ if (flags & CERTDB_SEND_WARN)
+ PORT_Strcat(trusts, "w");
+ if (flags & CERTDB_INVISIBLE_CA)
+ PORT_Strcat(trusts, "I");
+ if (flags & CERTDB_GOVT_APPROVED_CA)
+ PORT_Strcat(trusts, "G");
+ return;
+}
+
+char *
+CERT_EncodeTrustString(CERTCertTrust *trust)
+{
+ char tmpTrustSSL[32];
+ char tmpTrustEmail[32];
+ char tmpTrustSigning[32];
+ char *retstr = NULL;
+
+ if (trust) {
+ tmpTrustSSL[0] = '\0';
+ tmpTrustEmail[0] = '\0';
+ tmpTrustSigning[0] = '\0';
+
+ EncodeFlags(tmpTrustSSL, trust->sslFlags);
+ EncodeFlags(tmpTrustEmail, trust->emailFlags);
+ EncodeFlags(tmpTrustSigning, trust->objectSigningFlags);
+
+ retstr = PR_smprintf("%s,%s,%s", tmpTrustSSL, tmpTrustEmail,
+ tmpTrustSigning);
+ }
+
+ return (retstr);
+}
+
+SECStatus
+CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
+ unsigned int ncerts, SECItem **derCerts,
+ CERTCertificate ***retCerts, PRBool keepCerts, PRBool caOnly,
+ char *nickname)
+{
+ unsigned int i;
+ CERTCertificate **certs = NULL;
+ unsigned int fcerts = 0;
+
+ if (ncerts) {
+ certs = PORT_ZNewArray(CERTCertificate *, ncerts);
+ if (certs == NULL) {
+ return (SECFailure);
+ }
+
+ /* decode all of the certs into the temporary DB */
+ for (i = 0, fcerts = 0; i < ncerts; i++) {
+ certs[fcerts] = CERT_NewTempCertificate(certdb, derCerts[i], NULL,
+ PR_FALSE, PR_TRUE);
+ if (certs[fcerts]) {
+ SECItem subjKeyID = { siBuffer, NULL, 0 };
+ if (CERT_FindSubjectKeyIDExtension(certs[fcerts], &subjKeyID) ==
+ SECSuccess) {
+ if (subjKeyID.data) {
+ cert_AddSubjectKeyIDMapping(&subjKeyID, certs[fcerts]);
+ }
+ SECITEM_FreeItem(&subjKeyID, PR_FALSE);
+ }
+ fcerts++;
+ }
+ }
+
+ if (keepCerts) {
+ for (i = 0; i < fcerts; i++) {
+ char *canickname = NULL;
+ PRBool isCA;
+
+ SECKEY_UpdateCertPQG(certs[i]);
+
+ isCA = CERT_IsCACert(certs[i], NULL);
+ if (isCA) {
+ canickname = CERT_MakeCANickname(certs[i]);
+ }
+
+ if (isCA && (fcerts > 1)) {
+ /* if we are importing only a single cert and specifying
+ * a nickname, we want to use that nickname if it a CA,
+ * otherwise if there are more than one cert, we don't
+ * know which cert it belongs to. But we still may try
+ * the individual canickname from the cert itself.
+ */
+ /* Bug 1192442 - propagate errors from these calls. */
+ (void)CERT_AddTempCertToPerm(certs[i], canickname, NULL);
+ } else {
+ (void)CERT_AddTempCertToPerm(
+ certs[i], nickname ? nickname : canickname, NULL);
+ }
+
+ PORT_Free(canickname);
+ /* don't care if it fails - keep going */
+ }
+ }
+ }
+
+ if (retCerts) {
+ *retCerts = certs;
+ } else {
+ if (certs) {
+ CERT_DestroyCertArray(certs, fcerts);
+ }
+ }
+
+ return (fcerts || !ncerts) ? SECSuccess : SECFailure;
+}
+
+/*
+ * a real list of certificates - need to convert CERTCertificateList
+ * stuff and ASN 1 encoder/decoder over to using this...
+ */
+CERTCertList *
+CERT_NewCertList(void)
+{
+ PLArenaPool *arena = NULL;
+ CERTCertList *ret = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ ret = (CERTCertList *)PORT_ArenaZAlloc(arena, sizeof(CERTCertList));
+ if (ret == NULL) {
+ goto loser;
+ }
+
+ ret->arena = arena;
+
+ PR_INIT_CLIST(&ret->list);
+
+ return (ret);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+void
+CERT_DestroyCertList(CERTCertList *certs)
+{
+ PRCList *node;
+
+ while (!PR_CLIST_IS_EMPTY(&certs->list)) {
+ node = PR_LIST_HEAD(&certs->list);
+ CERT_DestroyCertificate(((CERTCertListNode *)node)->cert);
+ PR_REMOVE_LINK(node);
+ }
+
+ PORT_FreeArena(certs->arena, PR_FALSE);
+
+ return;
+}
+
+void
+CERT_RemoveCertListNode(CERTCertListNode *node)
+{
+ CERT_DestroyCertificate(node->cert);
+ PR_REMOVE_LINK(&node->links);
+ return;
+}
+
+SECStatus
+CERT_AddCertToListTailWithData(CERTCertList *certs, CERTCertificate *cert,
+ void *appData)
+{
+ CERTCertListNode *node;
+
+ node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
+ sizeof(CERTCertListNode));
+ if (node == NULL) {
+ goto loser;
+ }
+
+ PR_INSERT_BEFORE(&node->links, &certs->list);
+ /* certs->count++; */
+ node->cert = cert;
+ node->appData = appData;
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+SECStatus
+CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert)
+{
+ return CERT_AddCertToListTailWithData(certs, cert, NULL);
+}
+
+SECStatus
+CERT_AddCertToListHeadWithData(CERTCertList *certs, CERTCertificate *cert,
+ void *appData)
+{
+ CERTCertListNode *node;
+ CERTCertListNode *head;
+
+ head = CERT_LIST_HEAD(certs);
+
+ if (head == NULL)
+ return CERT_AddCertToListTail(certs, cert);
+
+ node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
+ sizeof(CERTCertListNode));
+ if (node == NULL) {
+ goto loser;
+ }
+
+ PR_INSERT_BEFORE(&node->links, &head->links);
+ /* certs->count++; */
+ node->cert = cert;
+ node->appData = appData;
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+SECStatus
+CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert)
+{
+ return CERT_AddCertToListHeadWithData(certs, cert, NULL);
+}
+
+/*
+ * Sort callback function to determine if cert a is newer than cert b.
+ * Not valid certs are considered older than valid certs.
+ */
+PRBool
+CERT_SortCBValidity(CERTCertificate *certa, CERTCertificate *certb, void *arg)
+{
+ PRTime sorttime;
+ PRTime notBeforeA, notAfterA, notBeforeB, notAfterB;
+ SECStatus rv;
+ PRBool newerbefore, newerafter;
+ PRBool aNotValid = PR_FALSE, bNotValid = PR_FALSE;
+
+ sorttime = *(PRTime *)arg;
+
+ rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
+ if (rv != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+ rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
+ if (rv != SECSuccess) {
+ return (PR_TRUE);
+ }
+ newerbefore = PR_FALSE;
+ if (LL_CMP(notBeforeA, >, notBeforeB)) {
+ newerbefore = PR_TRUE;
+ }
+ newerafter = PR_FALSE;
+ if (LL_CMP(notAfterA, >, notAfterB)) {
+ newerafter = PR_TRUE;
+ }
+
+ /* check if A is valid at sorttime */
+ if (CERT_CheckCertValidTimes(certa, sorttime, PR_FALSE) !=
+ secCertTimeValid) {
+ aNotValid = PR_TRUE;
+ }
+
+ /* check if B is valid at sorttime */
+ if (CERT_CheckCertValidTimes(certb, sorttime, PR_FALSE) !=
+ secCertTimeValid) {
+ bNotValid = PR_TRUE;
+ }
+
+ /* a is valid, b is not */
+ if (bNotValid && (!aNotValid)) {
+ return (PR_TRUE);
+ }
+
+ /* b is valid, a is not */
+ if (aNotValid && (!bNotValid)) {
+ return (PR_FALSE);
+ }
+
+ /* a and b are either valid or not valid */
+ if (newerbefore && newerafter) {
+ return (PR_TRUE);
+ }
+
+ if ((!newerbefore) && (!newerafter)) {
+ return (PR_FALSE);
+ }
+
+ if (newerbefore) {
+ /* cert A was issued after cert B, but expires sooner */
+ return (PR_TRUE);
+ } else {
+ /* cert B was issued after cert A, but expires sooner */
+ return (PR_FALSE);
+ }
+}
+
+SECStatus
+CERT_AddCertToListSorted(CERTCertList *certs, CERTCertificate *cert,
+ CERTSortCallback f, void *arg)
+{
+ CERTCertListNode *node;
+ CERTCertListNode *head;
+ PRBool ret;
+
+ node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
+ sizeof(CERTCertListNode));
+ if (node == NULL) {
+ goto loser;
+ }
+
+ head = CERT_LIST_HEAD(certs);
+
+ while (!CERT_LIST_END(head, certs)) {
+
+ /* if cert is already in the list, then don't add it again */
+ if (cert == head->cert) {
+ /*XXX*/
+ /* don't keep a reference */
+ CERT_DestroyCertificate(cert);
+ goto done;
+ }
+
+ ret = (*f)(cert, head->cert, arg);
+ /* if sort function succeeds, then insert before current node */
+ if (ret) {
+ PR_INSERT_BEFORE(&node->links, &head->links);
+ goto done;
+ }
+
+ head = CERT_LIST_NEXT(head);
+ }
+ /* if we get to the end, then just insert it at the tail */
+ PR_INSERT_BEFORE(&node->links, &certs->list);
+
+done:
+ /* certs->count++; */
+ node->cert = cert;
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/* This routine is here because pcertdb.c still has a call to it.
+ * The SMIME profile code in pcertdb.c should be split into high (find
+ * the email cert) and low (store the profile) code. At that point, we
+ * can move this to certhigh.c where it belongs.
+ *
+ * remove certs from a list that don't have keyUsage and certType
+ * that match the given usage.
+ */
+SECStatus
+CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
+ PRBool ca)
+{
+ unsigned int requiredKeyUsage;
+ unsigned int requiredCertType;
+ CERTCertListNode *node, *savenode;
+ SECStatus rv;
+
+ if (certList == NULL)
+ goto loser;
+
+ rv = CERT_KeyUsageAndTypeForCertUsage(usage, ca, &requiredKeyUsage,
+ &requiredCertType);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ node = CERT_LIST_HEAD(certList);
+
+ while (!CERT_LIST_END(node, certList)) {
+
+ PRBool bad = (PRBool)(!node->cert);
+
+ /* bad key usage ? */
+ if (!bad &&
+ CERT_CheckKeyUsage(node->cert, requiredKeyUsage) != SECSuccess) {
+ bad = PR_TRUE;
+ }
+ /* bad cert type ? */
+ if (!bad) {
+ unsigned int certType = 0;
+ if (ca) {
+ /* This function returns a more comprehensive cert type that
+ * takes trust flags into consideration. Should probably
+ * fix the cert decoding code to do this.
+ */
+ (void)CERT_IsCACert(node->cert, &certType);
+ } else {
+ certType = node->cert->nsCertType;
+ }
+ if (!(certType & requiredCertType)) {
+ bad = PR_TRUE;
+ }
+ }
+
+ if (bad) {
+ /* remove the node if it is bad */
+ savenode = CERT_LIST_NEXT(node);
+ CERT_RemoveCertListNode(node);
+ node = savenode;
+ } else {
+ node = CERT_LIST_NEXT(node);
+ }
+ }
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+PRBool
+CERT_IsUserCert(CERTCertificate *cert)
+{
+ CERTCertTrust trust;
+ SECStatus rv = SECFailure;
+
+ rv = CERT_GetCertTrust(cert, &trust);
+ if (rv == SECSuccess &&
+ ((trust.sslFlags & CERTDB_USER) || (trust.emailFlags & CERTDB_USER) ||
+ (trust.objectSigningFlags & CERTDB_USER))) {
+ return PR_TRUE;
+ } else {
+ return PR_FALSE;
+ }
+}
+
+SECStatus
+CERT_FilterCertListForUserCerts(CERTCertList *certList)
+{
+ CERTCertListNode *node, *freenode;
+ CERTCertificate *cert;
+
+ if (!certList) {
+ return SECFailure;
+ }
+
+ node = CERT_LIST_HEAD(certList);
+
+ while (!CERT_LIST_END(node, certList)) {
+ cert = node->cert;
+ if (PR_TRUE != CERT_IsUserCert(cert)) {
+ /* Not a User Cert, so remove this cert from the list */
+ freenode = node;
+ node = CERT_LIST_NEXT(node);
+ CERT_RemoveCertListNode(freenode);
+ } else {
+ /* Is a User cert, so leave it in the list */
+ node = CERT_LIST_NEXT(node);
+ }
+ }
+
+ return (SECSuccess);
+}
+
+static PZLock *certRefCountLock = NULL;
+
+/*
+ * Acquire the cert reference count lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+void
+CERT_LockCertRefCount(CERTCertificate *cert)
+{
+ PORT_Assert(certRefCountLock != NULL);
+ PZ_Lock(certRefCountLock);
+ return;
+}
+
+/*
+ * Free the cert reference count lock
+ */
+void
+CERT_UnlockCertRefCount(CERTCertificate *cert)
+{
+ PORT_Assert(certRefCountLock != NULL);
+
+#ifdef DEBUG
+ {
+ PRStatus prstat = PZ_Unlock(certRefCountLock);
+ PORT_Assert(prstat == PR_SUCCESS);
+ }
+#else
+ PZ_Unlock(certRefCountLock);
+#endif
+}
+
+static PZLock *certTrustLock = NULL;
+
+/*
+ * Acquire the cert trust lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+void
+CERT_LockCertTrust(const CERTCertificate *cert)
+{
+ PORT_Assert(certTrustLock != NULL);
+ PZ_Lock(certTrustLock);
+ return;
+}
+
+SECStatus
+cert_InitLocks(void)
+{
+ if (certRefCountLock == NULL) {
+ certRefCountLock = PZ_NewLock(nssILockRefLock);
+ PORT_Assert(certRefCountLock != NULL);
+ if (!certRefCountLock) {
+ return SECFailure;
+ }
+ }
+
+ if (certTrustLock == NULL) {
+ certTrustLock = PZ_NewLock(nssILockCertDB);
+ PORT_Assert(certTrustLock != NULL);
+ if (!certTrustLock) {
+ PZ_DestroyLock(certRefCountLock);
+ certRefCountLock = NULL;
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+cert_DestroyLocks(void)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(certRefCountLock != NULL);
+ if (certRefCountLock) {
+ PZ_DestroyLock(certRefCountLock);
+ certRefCountLock = NULL;
+ } else {
+ rv = SECFailure;
+ }
+
+ PORT_Assert(certTrustLock != NULL);
+ if (certTrustLock) {
+ PZ_DestroyLock(certTrustLock);
+ certTrustLock = NULL;
+ } else {
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+ * Free the cert trust lock
+ */
+void
+CERT_UnlockCertTrust(const CERTCertificate *cert)
+{
+ PORT_Assert(certTrustLock != NULL);
+
+#ifdef DEBUG
+ {
+ PRStatus prstat = PZ_Unlock(certTrustLock);
+ PORT_Assert(prstat == PR_SUCCESS);
+ }
+#else
+ PZ_Unlock(certTrustLock);
+#endif
+}
+
+/*
+ * Get the StatusConfig data for this handle
+ */
+CERTStatusConfig *
+CERT_GetStatusConfig(CERTCertDBHandle *handle)
+{
+ return handle->statusConfig;
+}
+
+/*
+ * Set the StatusConfig data for this handle. There
+ * should not be another configuration set.
+ */
+void
+CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *statusConfig)
+{
+ PORT_Assert(handle->statusConfig == NULL);
+ handle->statusConfig = statusConfig;
+}
+
+/*
+ * Code for dealing with subjKeyID to cert mappings.
+ */
+
+static PLHashTable *gSubjKeyIDHash = NULL;
+static PRLock *gSubjKeyIDLock = NULL;
+static PLHashTable *gSubjKeyIDSlotCheckHash = NULL;
+static PRLock *gSubjKeyIDSlotCheckLock = NULL;
+
+static void *
+cert_AllocTable(void *pool, PRSize size)
+{
+ return PORT_Alloc(size);
+}
+
+static void
+cert_FreeTable(void *pool, void *item)
+{
+ PORT_Free(item);
+}
+
+static PLHashEntry *
+cert_AllocEntry(void *pool, const void *key)
+{
+ return PORT_New(PLHashEntry);
+}
+
+static void
+cert_FreeEntry(void *pool, PLHashEntry *he, PRUintn flag)
+{
+ SECITEM_FreeItem((SECItem *)(he->value), PR_TRUE);
+ if (flag == HT_FREE_ENTRY) {
+ SECITEM_FreeItem((SECItem *)(he->key), PR_TRUE);
+ PORT_Free(he);
+ }
+}
+
+static PLHashAllocOps cert_AllocOps = { cert_AllocTable, cert_FreeTable,
+ cert_AllocEntry, cert_FreeEntry };
+
+SECStatus
+cert_CreateSubjectKeyIDSlotCheckHash(void)
+{
+ /*
+ * This hash is used to remember the series of a slot
+ * when we last checked for user certs
+ */
+ gSubjKeyIDSlotCheckHash =
+ PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
+ SECITEM_HashCompare, &cert_AllocOps, NULL);
+ if (!gSubjKeyIDSlotCheckHash) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ gSubjKeyIDSlotCheckLock = PR_NewLock();
+ if (!gSubjKeyIDSlotCheckLock) {
+ PL_HashTableDestroy(gSubjKeyIDSlotCheckHash);
+ gSubjKeyIDSlotCheckHash = NULL;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+cert_CreateSubjectKeyIDHashTable(void)
+{
+ gSubjKeyIDHash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
+ SECITEM_HashCompare, &cert_AllocOps, NULL);
+ if (!gSubjKeyIDHash) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ gSubjKeyIDLock = PR_NewLock();
+ if (!gSubjKeyIDLock) {
+ PL_HashTableDestroy(gSubjKeyIDHash);
+ gSubjKeyIDHash = NULL;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ /* initialize the companion hash (for remembering slot series) */
+ if (cert_CreateSubjectKeyIDSlotCheckHash() != SECSuccess) {
+ cert_DestroySubjectKeyIDHashTable();
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+cert_AddSubjectKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert)
+{
+ SECItem *newKeyID, *oldVal, *newVal;
+ SECStatus rv = SECFailure;
+
+ if (!gSubjKeyIDLock) {
+ /* If one is created, then both are there. So only check for one. */
+ return SECFailure;
+ }
+
+ newVal = SECITEM_DupItem(&cert->derCert);
+ if (!newVal) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto done;
+ }
+ newKeyID = SECITEM_DupItem(subjKeyID);
+ if (!newKeyID) {
+ SECITEM_FreeItem(newVal, PR_TRUE);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto done;
+ }
+
+ PR_Lock(gSubjKeyIDLock);
+ /* The hash table implementation does not free up the memory
+ * associated with the key of an already existing entry if we add a
+ * duplicate, so we would wind up leaking the previously allocated
+ * key if we don't remove before adding.
+ */
+ oldVal = (SECItem *)PL_HashTableLookup(gSubjKeyIDHash, subjKeyID);
+ if (oldVal) {
+ PL_HashTableRemove(gSubjKeyIDHash, subjKeyID);
+ }
+
+ rv = (PL_HashTableAdd(gSubjKeyIDHash, newKeyID, newVal)) ? SECSuccess
+ : SECFailure;
+ PR_Unlock(gSubjKeyIDLock);
+done:
+ return rv;
+}
+
+SECStatus
+cert_RemoveSubjectKeyIDMapping(SECItem *subjKeyID)
+{
+ SECStatus rv;
+ if (!gSubjKeyIDLock)
+ return SECFailure;
+
+ PR_Lock(gSubjKeyIDLock);
+ rv = (PL_HashTableRemove(gSubjKeyIDHash, subjKeyID)) ? SECSuccess
+ : SECFailure;
+ PR_Unlock(gSubjKeyIDLock);
+ return rv;
+}
+
+SECStatus
+cert_UpdateSubjectKeyIDSlotCheck(SECItem *slotid, int series)
+{
+ SECItem *oldSeries, *newSlotid, *newSeries;
+ SECStatus rv = SECFailure;
+
+ if (!gSubjKeyIDSlotCheckLock) {
+ return rv;
+ }
+
+ newSlotid = SECITEM_DupItem(slotid);
+ newSeries = SECITEM_AllocItem(NULL, NULL, sizeof(int));
+ if (!newSlotid || !newSeries) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(newSeries->data, &series, sizeof(int));
+
+ PR_Lock(gSubjKeyIDSlotCheckLock);
+ oldSeries = (SECItem *)PL_HashTableLookup(gSubjKeyIDSlotCheckHash, slotid);
+ if (oldSeries) {
+ /*
+ * make sure we don't leak the key of an existing entry
+ * (similar to cert_AddSubjectKeyIDMapping, see comment there)
+ */
+ PL_HashTableRemove(gSubjKeyIDSlotCheckHash, slotid);
+ }
+ rv = (PL_HashTableAdd(gSubjKeyIDSlotCheckHash, newSlotid, newSeries))
+ ? SECSuccess
+ : SECFailure;
+ PR_Unlock(gSubjKeyIDSlotCheckLock);
+ if (rv == SECSuccess) {
+ return rv;
+ }
+
+loser:
+ if (newSlotid) {
+ SECITEM_FreeItem(newSlotid, PR_TRUE);
+ }
+ if (newSeries) {
+ SECITEM_FreeItem(newSeries, PR_TRUE);
+ }
+ return rv;
+}
+
+int
+cert_SubjectKeyIDSlotCheckSeries(SECItem *slotid)
+{
+ SECItem *seriesItem = NULL;
+ int series;
+
+ if (!gSubjKeyIDSlotCheckLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return -1;
+ }
+
+ PR_Lock(gSubjKeyIDSlotCheckLock);
+ seriesItem = (SECItem *)PL_HashTableLookup(gSubjKeyIDSlotCheckHash, slotid);
+ PR_Unlock(gSubjKeyIDSlotCheckLock);
+ /* getting a null series just means we haven't registered one yet,
+ * just return 0 */
+ if (seriesItem == NULL) {
+ return 0;
+ }
+ /* if we got a series back, assert if it's not the proper length. */
+ PORT_Assert(seriesItem->len == sizeof(int));
+ if (seriesItem->len != sizeof(int)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return -1;
+ }
+ PORT_Memcpy(&series, seriesItem->data, sizeof(int));
+ return series;
+}
+
+SECStatus
+cert_DestroySubjectKeyIDSlotCheckHash(void)
+{
+ if (gSubjKeyIDSlotCheckHash) {
+ PR_Lock(gSubjKeyIDSlotCheckLock);
+ PL_HashTableDestroy(gSubjKeyIDSlotCheckHash);
+ gSubjKeyIDSlotCheckHash = NULL;
+ PR_Unlock(gSubjKeyIDSlotCheckLock);
+ PR_DestroyLock(gSubjKeyIDSlotCheckLock);
+ gSubjKeyIDSlotCheckLock = NULL;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+cert_DestroySubjectKeyIDHashTable(void)
+{
+ if (gSubjKeyIDHash) {
+ PR_Lock(gSubjKeyIDLock);
+ PL_HashTableDestroy(gSubjKeyIDHash);
+ gSubjKeyIDHash = NULL;
+ PR_Unlock(gSubjKeyIDLock);
+ PR_DestroyLock(gSubjKeyIDLock);
+ gSubjKeyIDLock = NULL;
+ }
+ cert_DestroySubjectKeyIDSlotCheckHash();
+ return SECSuccess;
+}
+
+SECItem *
+cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID)
+{
+ SECItem *val;
+
+ if (!gSubjKeyIDLock)
+ return NULL;
+
+ PR_Lock(gSubjKeyIDLock);
+ val = (SECItem *)PL_HashTableLookup(gSubjKeyIDHash, subjKeyID);
+ if (val) {
+ val = SECITEM_DupItem(val);
+ }
+ PR_Unlock(gSubjKeyIDLock);
+ return val;
+}
+
+CERTCertificate *
+CERT_FindCertBySubjectKeyID(CERTCertDBHandle *handle, SECItem *subjKeyID)
+{
+ CERTCertificate *cert = NULL;
+ SECItem *derCert;
+
+ derCert = cert_FindDERCertBySubjectKeyID(subjKeyID);
+ if (derCert) {
+ cert = CERT_FindCertByDERCert(handle, derCert);
+ SECITEM_FreeItem(derCert, PR_TRUE);
+ }
+ return cert;
+}
diff --git a/security/nss/lib/certdb/certdb.gyp b/security/nss/lib/certdb/certdb.gyp
new file mode 100644
index 000000000..673d56da3
--- /dev/null
+++ b/security/nss/lib/certdb/certdb.gyp
@@ -0,0 +1,34 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'certdb',
+ 'type': 'static_library',
+ 'sources': [
+ 'alg1485.c',
+ 'certdb.c',
+ 'certv3.c',
+ 'certxutl.c',
+ 'crl.c',
+ 'genname.c',
+ 'polcyxtn.c',
+ 'secname.c',
+ 'stanpcertdb.c',
+ 'xauthkid.c',
+ 'xbsconst.c',
+ 'xconst.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/certdb/certdb.h b/security/nss/lib/certdb/certdb.h
new file mode 100644
index 000000000..53d8a3919
--- /dev/null
+++ b/security/nss/lib/certdb/certdb.h
@@ -0,0 +1,89 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CERTDB_H_
+#define _CERTDB_H_
+
+/* common flags for all types of certificates */
+#define CERTDB_TERMINAL_RECORD (1u << 0)
+#define CERTDB_TRUSTED (1u << 1)
+#define CERTDB_SEND_WARN (1u << 2)
+#define CERTDB_VALID_CA (1u << 3)
+#define CERTDB_TRUSTED_CA (1u << 4) /* trusted for issuing server certs */
+#define CERTDB_NS_TRUSTED_CA (1u << 5)
+#define CERTDB_USER (1u << 6)
+#define CERTDB_TRUSTED_CLIENT_CA (1u << 7) /* trusted for issuing client certs */
+#define CERTDB_INVISIBLE_CA (1u << 8) /* don't show in UI */
+#define CERTDB_GOVT_APPROVED_CA (1u << 9) /* can do strong crypto in export ver */
+
+/* old usage, to keep old programs compiling */
+/* On Windows, Mac, and Linux (and other gcc platforms), we can give compile
+ * time deprecation warnings when applications use the old CERTDB_VALID_PEER
+ * define */
+#if __GNUC__ > 3
+#if (__GNUC__ == 4) && (__GNUC_MINOR__ < 5)
+typedef unsigned int __CERTDB_VALID_PEER __attribute__((deprecated));
+#else
+typedef unsigned int __CERTDB_VALID_PEER __attribute__((
+ deprecated("CERTDB_VALID_PEER is now CERTDB_TERMINAL_RECORD")));
+#endif
+#define CERTDB_VALID_PEER ((__CERTDB_VALID_PEER)CERTDB_TERMINAL_RECORD)
+#else
+#ifdef _WIN32
+#pragma deprecated(CERTDB_VALID_PEER)
+#endif
+#define CERTDB_VALID_PEER CERTDB_TERMINAL_RECORD
+#endif
+
+SEC_BEGIN_PROTOS
+
+CERTSignedCrl *SEC_FindCrlByKey(CERTCertDBHandle *handle, SECItem *crlKey,
+ int type);
+
+CERTSignedCrl *SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey,
+ int type);
+
+CERTSignedCrl *SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl,
+ int type);
+
+PRBool SEC_CertNicknameConflict(const char *nickname, const SECItem *derSubject,
+ CERTCertDBHandle *handle);
+CERTSignedCrl *SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl,
+ int type);
+
+SECStatus SEC_DeletePermCRL(CERTSignedCrl *crl);
+
+SECStatus SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes,
+ int type);
+
+SECStatus SEC_DestroyCrl(CERTSignedCrl *crl);
+
+CERTSignedCrl *SEC_DupCrl(CERTSignedCrl *acrl);
+
+SECStatus CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
+ CERTCertTrust *trust);
+
+SECStatus SEC_DeletePermCertificate(CERTCertificate *cert);
+
+PRBool SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old);
+
+/*
+** Extract the validity times from a CRL
+** "crl" is the CRL
+** "notBefore" is the start of the validity period (last update)
+** "notAfter" is the end of the validity period (next update)
+*/
+SECStatus SEC_GetCrlTimes(CERTCrl *crl, PRTime *notBefore, PRTime *notAfter);
+
+/*
+** Check the validity times of a crl vs. time 't', allowing
+** some slop for broken clocks and stuff.
+** "crl" is the certificate to be checked
+** "t" is the time to check against
+*/
+SECCertTimeValidity SEC_CheckCrlTimes(CERTCrl *crl, PRTime t);
+
+SEC_END_PROTOS
+
+#endif /* _CERTDB_H_ */
diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h
new file mode 100644
index 000000000..1cdf4b8fa
--- /dev/null
+++ b/security/nss/lib/certdb/certi.h
@@ -0,0 +1,381 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * certi.h - private data structures for the certificate library
+ */
+#ifndef _CERTI_H_
+#define _CERTI_H_
+
+#include "certt.h"
+#include "nssrwlkt.h"
+
+/*
+#define GLOBAL_RWLOCK 1
+*/
+
+#define DPC_RWLOCK 1
+
+/* all definitions in this file are subject to change */
+
+typedef struct OpaqueCRLFieldsStr OpaqueCRLFields;
+typedef struct CRLEntryCacheStr CRLEntryCache;
+typedef struct CRLDPCacheStr CRLDPCache;
+typedef struct CRLIssuerCacheStr CRLIssuerCache;
+typedef struct CRLCacheStr CRLCache;
+typedef struct CachedCrlStr CachedCrl;
+typedef struct NamedCRLCacheStr NamedCRLCache;
+typedef struct NamedCRLCacheEntryStr NamedCRLCacheEntry;
+
+struct OpaqueCRLFieldsStr {
+ PRBool partial;
+ PRBool decodingError;
+ PRBool badEntries;
+ PRBool badDER;
+ PRBool badExtensions;
+ PRBool heapDER;
+};
+
+typedef struct PreAllocatorStr PreAllocator;
+
+struct PreAllocatorStr {
+ PRSize len;
+ void* data;
+ PRSize used;
+ PLArenaPool* arena;
+ PRSize extra;
+};
+
+/* CRL entry cache.
+ This is the same as an entry plus the next/prev pointers for the hash table
+*/
+
+struct CRLEntryCacheStr {
+ CERTCrlEntry entry;
+ CRLEntryCache *prev, *next;
+};
+
+#define CRL_CACHE_INVALID_CRLS 0x0001 /* this state will be set \
+ if we have CRL objects with an invalid DER or signature. Can be \
+ cleared if the invalid objects are deleted from the token */
+#define CRL_CACHE_LAST_FETCH_FAILED 0x0002 /* this state will be set \
+ if the last CRL fetch encountered an error. Can be cleared if a \
+ new fetch succeeds */
+
+#define CRL_CACHE_OUT_OF_MEMORY 0x0004 /* this state will be set \
+ if we don't have enough memory to build the hash table of entries */
+
+typedef enum {
+ CRL_OriginToken = 0, /* CRL came from PKCS#11 token */
+ CRL_OriginExplicit = 1 /* CRL was explicitly added to the cache, from RAM */
+} CRLOrigin;
+
+typedef enum {
+ dpcacheNoEntry = 0, /* no entry found for this SN */
+ dpcacheFoundEntry = 1, /* entry found for this SN */
+ dpcacheCallerError = 2, /* invalid args */
+ dpcacheInvalidCacheError = 3, /* CRL in cache may be bad DER */
+ /* or unverified */
+ dpcacheEmpty = 4, /* no CRL in cache */
+ dpcacheLookupError = 5 /* internal error */
+} dpcacheStatus;
+
+struct CachedCrlStr {
+ CERTSignedCrl* crl;
+ CRLOrigin origin;
+ /* hash table of entries. We use a PLHashTable and pre-allocate the
+ required amount of memory in one shot, so that our allocator can
+ simply pass offsets into it when hashing.
+
+ This won't work anymore when we support delta CRLs and iCRLs, because
+ the size of the hash table will vary over time. At that point, the best
+ solution will be to allocate large CRLEntry structures by modifying
+ the DER decoding template. The extra space would be for next/prev
+ pointers. This would allow entries from different CRLs to be mixed in
+ the same hash table.
+ */
+ PLHashTable* entries;
+ PreAllocator* prebuffer; /* big pre-allocated buffer mentioned above */
+ PRBool sigChecked; /* this CRL signature has already been checked */
+ PRBool sigValid; /* signature verification status .
+ Only meaningful if checked is PR_TRUE . */
+ PRBool unbuildable; /* Avoid using assosiated CRL is it fails
+ * a decoding step */
+};
+
+/* CRL distribution point cache object
+ This is a cache of CRL entries for a given distribution point of an issuer
+ It is built from a collection of one full and 0 or more delta CRLs.
+*/
+
+struct CRLDPCacheStr {
+#ifdef DPC_RWLOCK
+ NSSRWLock* lock;
+#else
+ PRLock* lock;
+#endif
+ SECItem* issuerDERCert; /* issuer DER cert. Don't hold a reference
+ to the actual cert so the trust can be
+ updated on the cert automatically.
+ XXX there may be multiple issuer certs,
+ with different validity dates. Also
+ need to deal with SKID/AKID . See
+ bugzilla 217387, 233118 */
+
+ CERTCertDBHandle* dbHandle;
+
+ SECItem* subject; /* DER of issuer subject */
+ SECItem* distributionPoint; /* DER of distribution point. This may be
+ NULL when distribution points aren't
+ in use (ie. the CA has a single CRL).
+ Currently not used. */
+
+ /* array of full CRLs matching this distribution point */
+ PRUint32 ncrls; /* total number of CRLs in crls */
+ CachedCrl** crls; /* array of all matching CRLs */
+ /* XCRL With iCRLs and multiple DPs, the CRL can be shared accross several
+ issuers. In the future, we'll need to globally recycle the CRL in a
+ separate list in order to avoid extra lookups, decodes, and copies */
+
+ /* pointers to good decoded CRLs used to build the cache */
+ CachedCrl* selected; /* full CRL selected for use in the cache */
+#if 0
+ /* for future use */
+ PRInt32 numdeltas; /* number of delta CRLs used for the cache */
+ CachedCrl** deltas; /* delta CRLs used for the cache */
+#endif
+ /* cache invalidity bitflag */
+ PRUint16 invalid; /* this state will be set if either
+ CRL_CACHE_INVALID_CRLS or CRL_CACHE_LAST_FETCH_FAILED is set.
+ In those cases, all certs are considered to have unknown status.
+ The invalid state can only be cleared during an update if all
+ error states are cleared */
+ PRBool refresh; /* manual refresh from tokens has been forced */
+ PRBool mustchoose; /* trigger reselection algorithm, for case when
+ RAM CRL objects are dropped from the cache */
+ PRTime lastfetch; /* time a CRL token fetch was last performed */
+ PRTime lastcheck; /* time CRL token objects were last checked for
+ existence */
+};
+
+/* CRL issuer cache object
+ This object tracks all the distribution point caches for a given issuer.
+ XCRL once we support multiple issuing distribution points, this object
+ will be a hash table. For now, it just holds the single CRL distribution
+ point cache structure.
+*/
+
+struct CRLIssuerCacheStr {
+ SECItem* subject; /* DER of issuer subject */
+ CRLDPCache* dpp;
+};
+
+/* CRL revocation cache object
+ This object tracks all the issuer caches
+*/
+
+struct CRLCacheStr {
+#ifdef GLOBAL_RWLOCK
+ NSSRWLock* lock;
+#else
+ PRLock* lock;
+#endif
+ /* hash table of issuer to CRLIssuerCacheStr,
+ indexed by issuer DER subject */
+ PLHashTable* issuers;
+};
+
+SECStatus InitCRLCache(void);
+SECStatus ShutdownCRLCache(void);
+
+/* Returns a pointer to an environment-like string, a series of
+** null-terminated strings, terminated by a zero-length string.
+** This function is intended to be internal to NSS.
+*/
+extern char* cert_GetCertificateEmailAddresses(CERTCertificate* cert);
+
+/*
+ * These functions are used to map subjectKeyID extension values to certs
+ * and to keep track of the checks for user certificates in each slot
+ */
+SECStatus cert_CreateSubjectKeyIDHashTable(void);
+
+SECStatus cert_AddSubjectKeyIDMapping(SECItem* subjKeyID,
+ CERTCertificate* cert);
+
+SECStatus cert_UpdateSubjectKeyIDSlotCheck(SECItem* slotid, int series);
+
+int cert_SubjectKeyIDSlotCheckSeries(SECItem* slotid);
+
+/*
+ * Call this function to remove an entry from the mapping table.
+ */
+SECStatus cert_RemoveSubjectKeyIDMapping(SECItem* subjKeyID);
+
+SECStatus cert_DestroySubjectKeyIDHashTable(void);
+
+SECItem* cert_FindDERCertBySubjectKeyID(SECItem* subjKeyID);
+
+/* return maximum length of AVA value based on its type OID tag. */
+extern int cert_AVAOidTagToMaxLen(SECOidTag tag);
+
+/* Make an AVA, allocated from pool, from OID and DER encoded value */
+extern CERTAVA* CERT_CreateAVAFromRaw(PLArenaPool* pool, const SECItem* OID,
+ const SECItem* value);
+
+/* Make an AVA from binary input specified by SECItem */
+extern CERTAVA* CERT_CreateAVAFromSECItem(PLArenaPool* arena, SECOidTag kind,
+ int valueType, SECItem* value);
+
+/*
+ * get a DPCache object for the given issuer subject and dp
+ * Automatically creates the cache object if it doesn't exist yet.
+ */
+SECStatus AcquireDPCache(CERTCertificate* issuer, const SECItem* subject,
+ const SECItem* dp, PRTime t, void* wincx,
+ CRLDPCache** dpcache, PRBool* writeLocked);
+
+/* check if a particular SN is in the CRL cache and return its entry */
+dpcacheStatus DPCache_Lookup(CRLDPCache* cache, const SECItem* sn,
+ CERTCrlEntry** returned);
+
+/* release a DPCache object that was previously acquired */
+void ReleaseDPCache(CRLDPCache* dpcache, PRBool writeLocked);
+
+/*
+ * map Stan errors into NSS errors
+ * This function examines the stan error stack and automatically sets
+ * PORT_SetError(); to the appropriate SEC_ERROR value.
+ */
+void CERT_MapStanError();
+
+/* Like CERT_VerifyCert, except with an additional argument, flags. The
+ * flags are defined immediately below.
+ */
+SECStatus cert_VerifyCertWithFlags(CERTCertDBHandle* handle,
+ CERTCertificate* cert, PRBool checkSig,
+ SECCertUsage certUsage, PRTime t,
+ PRUint32 flags, void* wincx,
+ CERTVerifyLog* log);
+
+/* Use the default settings.
+ * cert_VerifyCertWithFlags(..., CERT_VERIFYCERT_USE_DEFAULTS, ...) is
+ * equivalent to CERT_VerifyCert(...);
+ */
+#define CERT_VERIFYCERT_USE_DEFAULTS 0
+
+/* Skip all the OCSP checks during certificate verification, regardless of
+ * the global OCSP settings. By default, certificate |cert| will have its
+ * revocation status checked via OCSP according to the global OCSP settings.
+ *
+ * OCSP checking is always skipped when certUsage is certUsageStatusResponder.
+ */
+#define CERT_VERIFYCERT_SKIP_OCSP 1
+
+/* Interface function for libpkix cert validation engine:
+ * cert_verify wrapper. */
+SECStatus cert_VerifyCertChainPkix(CERTCertificate* cert, PRBool checkSig,
+ SECCertUsage requiredUsage, PRTime time,
+ void* wincx, CERTVerifyLog* log,
+ PRBool* sigError, PRBool* revoked);
+
+SECStatus cert_InitLocks(void);
+
+SECStatus cert_DestroyLocks(void);
+
+/*
+ * fill in nsCertType field of the cert based on the cert extension
+ */
+extern SECStatus cert_GetCertType(CERTCertificate* cert);
+
+/*
+ * compute and return the value of nsCertType for cert, but do not
+ * update the CERTCertificate.
+ */
+extern PRUint32 cert_ComputeCertType(CERTCertificate* cert);
+
+void cert_AddToVerifyLog(CERTVerifyLog* log, CERTCertificate* cert,
+ long errorCode, unsigned int depth, void* arg);
+
+/* Insert a DER CRL into the CRL cache, and take ownership of it.
+ *
+ * cert_CacheCRLByGeneralName takes ownership of the memory in crl argument
+ * completely. crl must be freeable by SECITEM_FreeItem. It will be freed
+ * immediately if it is rejected from the CRL cache, or later during cache
+ * updates when a new crl is available, or at shutdown time.
+ *
+ * canonicalizedName represents the source of the CRL, a GeneralName.
+ * The format of the encoding is not restricted, but all callers of
+ * cert_CacheCRLByGeneralName and cert_FindCRLByGeneralName must use
+ * the same encoding. To facilitate X.500 name matching, a canonicalized
+ * encoding of the GeneralName should be used, if available.
+ */
+
+SECStatus cert_CacheCRLByGeneralName(CERTCertDBHandle* dbhandle, SECItem* crl,
+ const SECItem* canonicalizedName);
+
+struct NamedCRLCacheStr {
+ PRLock* lock;
+ PLHashTable* entries;
+};
+
+/* NamedCRLCacheEntryStr is filled in by cert_CacheCRLByGeneralName,
+ * and read by cert_FindCRLByGeneralName */
+struct NamedCRLCacheEntryStr {
+ SECItem* canonicalizedName;
+ SECItem* crl; /* DER, kept only if CRL
+ * is successfully cached */
+ PRBool inCRLCache;
+ PRTime successfulInsertionTime; /* insertion time */
+ PRTime lastAttemptTime; /* time of last call to
+ cert_CacheCRLByGeneralName with this name */
+ PRBool badDER; /* ASN.1 error */
+ PRBool dupe; /* matching DER CRL already in CRL cache */
+ PRBool unsupported; /* IDP, delta, any other reason */
+};
+
+typedef enum {
+ certRevocationStatusRevoked = 0,
+ certRevocationStatusValid = 1,
+ certRevocationStatusUnknown = 2
+} CERTRevocationStatus;
+
+/* Returns detailed status of the cert(revStatus variable). Tells if
+ * issuer cache has OriginFetchedWithTimeout crl in it. */
+SECStatus cert_CheckCertRevocationStatus(CERTCertificate* cert,
+ CERTCertificate* issuer,
+ const SECItem* dp, PRTime t,
+ void* wincx,
+ CERTRevocationStatus* revStatus,
+ CERTCRLEntryReasonCode* revReason);
+
+SECStatus cert_AcquireNamedCRLCache(NamedCRLCache** returned);
+
+/* cert_FindCRLByGeneralName must be called only while the named cache is
+ * acquired, and the entry is only valid until cache is released.
+ */
+SECStatus cert_FindCRLByGeneralName(NamedCRLCache* ncc,
+ const SECItem* canonicalizedName,
+ NamedCRLCacheEntry** retEntry);
+
+SECStatus cert_ReleaseNamedCRLCache(NamedCRLCache* ncc);
+
+/* This is private for now. Maybe shoule be public. */
+CERTGeneralName* cert_GetSubjectAltNameList(const CERTCertificate* cert,
+ PLArenaPool* arena);
+
+/* Count DNS names and IP addresses in a list of GeneralNames */
+PRUint32 cert_CountDNSPatterns(CERTGeneralName* firstName);
+
+/*
+ * returns the trust status of the leaf certificate based on usage.
+ * If the leaf is explicitly untrusted, this function will fail and
+ * failedFlags will be set to the trust bit value that lead to the failure.
+ * If the leaf is trusted, isTrusted is set to true and the function returns
+ * SECSuccess. This function does not check if the cert is fit for a
+ * particular usage.
+ */
+SECStatus cert_CheckLeafTrust(CERTCertificate* cert, SECCertUsage usage,
+ unsigned int* failedFlags, PRBool* isTrusted);
+
+#endif /* _CERTI_H_ */
diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h
new file mode 100644
index 000000000..797f9f585
--- /dev/null
+++ b/security/nss/lib/certdb/certt.h
@@ -0,0 +1,1328 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * certt.h - public data structures for the certificate library
+ */
+#ifndef _CERTT_H_
+#define _CERTT_H_
+
+#include "prclist.h"
+#include "pkcs11t.h"
+#include "seccomon.h"
+#include "secmodt.h"
+#include "secoidt.h"
+#include "plarena.h"
+#include "prcvar.h"
+#include "nssilock.h"
+#include "prio.h"
+#include "prmon.h"
+
+/* Stan data types */
+struct NSSCertificateStr;
+struct NSSTrustDomainStr;
+
+/* Non-opaque objects */
+typedef struct CERTAVAStr CERTAVA;
+typedef struct CERTAttributeStr CERTAttribute;
+typedef struct CERTAuthInfoAccessStr CERTAuthInfoAccess;
+typedef struct CERTAuthKeyIDStr CERTAuthKeyID;
+typedef struct CERTBasicConstraintsStr CERTBasicConstraints;
+typedef struct NSSTrustDomainStr CERTCertDBHandle;
+typedef struct CERTCertExtensionStr CERTCertExtension;
+typedef struct CERTCertKeyStr CERTCertKey;
+typedef struct CERTCertListStr CERTCertList;
+typedef struct CERTCertListNodeStr CERTCertListNode;
+typedef struct CERTCertNicknamesStr CERTCertNicknames;
+typedef struct CERTCertTrustStr CERTCertTrust;
+typedef struct CERTCertificateStr CERTCertificate;
+typedef struct CERTCertificateListStr CERTCertificateList;
+typedef struct CERTCertificateRequestStr CERTCertificateRequest;
+typedef struct CERTCrlStr CERTCrl;
+typedef struct CERTCrlDistributionPointsStr CERTCrlDistributionPoints;
+typedef struct CERTCrlEntryStr CERTCrlEntry;
+typedef struct CERTCrlHeadNodeStr CERTCrlHeadNode;
+typedef struct CERTCrlKeyStr CERTCrlKey;
+typedef struct CERTCrlNodeStr CERTCrlNode;
+typedef struct CERTDERCertsStr CERTDERCerts;
+typedef struct CERTDistNamesStr CERTDistNames;
+typedef struct CERTGeneralNameStr CERTGeneralName;
+typedef struct CERTGeneralNameListStr CERTGeneralNameList;
+typedef struct CERTIssuerAndSNStr CERTIssuerAndSN;
+typedef struct CERTNameStr CERTName;
+typedef struct CERTNameConstraintStr CERTNameConstraint;
+typedef struct CERTNameConstraintsStr CERTNameConstraints;
+typedef struct CERTOKDomainNameStr CERTOKDomainName;
+typedef struct CERTPrivKeyUsagePeriodStr CERTPrivKeyUsagePeriod;
+typedef struct CERTPublicKeyAndChallengeStr CERTPublicKeyAndChallenge;
+typedef struct CERTRDNStr CERTRDN;
+typedef struct CERTSignedCrlStr CERTSignedCrl;
+typedef struct CERTSignedDataStr CERTSignedData;
+typedef struct CERTStatusConfigStr CERTStatusConfig;
+typedef struct CERTSubjectListStr CERTSubjectList;
+typedef struct CERTSubjectNodeStr CERTSubjectNode;
+typedef struct CERTSubjectPublicKeyInfoStr CERTSubjectPublicKeyInfo;
+typedef struct CERTValidityStr CERTValidity;
+typedef struct CERTVerifyLogStr CERTVerifyLog;
+typedef struct CERTVerifyLogNodeStr CERTVerifyLogNode;
+typedef struct CRLDistributionPointStr CRLDistributionPoint;
+
+/* CRL extensions type */
+typedef unsigned long CERTCrlNumber;
+
+/*
+** An X.500 AVA object
+*/
+struct CERTAVAStr {
+ SECItem type;
+ SECItem value;
+};
+
+/*
+** An X.500 RDN object
+*/
+struct CERTRDNStr {
+ CERTAVA **avas;
+};
+
+/*
+** An X.500 name object
+*/
+struct CERTNameStr {
+ PLArenaPool *arena;
+ CERTRDN **rdns;
+};
+
+/*
+** An X.509 validity object
+*/
+struct CERTValidityStr {
+ PLArenaPool *arena;
+ SECItem notBefore;
+ SECItem notAfter;
+};
+
+/*
+ * A serial number and issuer name, which is used as a database key
+ */
+struct CERTCertKeyStr {
+ SECItem serialNumber;
+ SECItem derIssuer;
+};
+
+/*
+** A signed data object. Used to implement the "signed" macro used
+** in the X.500 specs.
+*/
+struct CERTSignedDataStr {
+ SECItem data;
+ SECAlgorithmID signatureAlgorithm;
+ SECItem signature;
+};
+
+/*
+** An X.509 subject-public-key-info object
+*/
+struct CERTSubjectPublicKeyInfoStr {
+ PLArenaPool *arena;
+ SECAlgorithmID algorithm;
+ SECItem subjectPublicKey;
+};
+
+struct CERTPublicKeyAndChallengeStr {
+ SECItem spki;
+ SECItem challenge;
+};
+
+struct CERTCertTrustStr {
+ unsigned int sslFlags;
+ unsigned int emailFlags;
+ unsigned int objectSigningFlags;
+};
+
+/*
+ * defined the types of trust that exist
+ */
+typedef enum SECTrustTypeEnum {
+ trustSSL = 0,
+ trustEmail = 1,
+ trustObjectSigning = 2,
+ trustTypeNone = 3
+} SECTrustType;
+
+#define SEC_GET_TRUST_FLAGS(trust, type) \
+ (((type) == trustSSL) \
+ ? ((trust)->sslFlags) \
+ : (((type) == trustEmail) ? ((trust)->emailFlags) \
+ : (((type) == trustObjectSigning) \
+ ? ((trust)->objectSigningFlags) \
+ : 0)))
+
+/*
+** An X.509.3 certificate extension
+*/
+struct CERTCertExtensionStr {
+ SECItem id;
+ SECItem critical;
+ SECItem value;
+};
+
+struct CERTSubjectNodeStr {
+ struct CERTSubjectNodeStr *next;
+ struct CERTSubjectNodeStr *prev;
+ SECItem certKey;
+ SECItem keyID;
+};
+
+struct CERTSubjectListStr {
+ PLArenaPool *arena;
+ int ncerts;
+ char *emailAddr;
+ CERTSubjectNode *head;
+ CERTSubjectNode *tail; /* do we need tail? */
+ void *entry;
+};
+
+/*
+** An X.509 certificate object (the unsigned form)
+*/
+struct CERTCertificateStr {
+ /* the arena is used to allocate any data structures that have the same
+ * lifetime as the cert. This is all stuff that hangs off of the cert
+ * structure, and is all freed at the same time. It is used when the
+ * cert is decoded, destroyed, and at some times when it changes
+ * state
+ */
+ PLArenaPool *arena;
+
+ /* The following fields are static after the cert has been decoded */
+ char *subjectName;
+ char *issuerName;
+ CERTSignedData signatureWrap; /* XXX */
+ SECItem derCert; /* original DER for the cert */
+ SECItem derIssuer; /* DER for issuer name */
+ SECItem derSubject; /* DER for subject name */
+ SECItem derPublicKey; /* DER for the public key */
+ SECItem certKey; /* database key for this cert */
+ SECItem version;
+ SECItem serialNumber;
+ SECAlgorithmID signature;
+ CERTName issuer;
+ CERTValidity validity;
+ CERTName subject;
+ CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
+ SECItem issuerID;
+ SECItem subjectID;
+ CERTCertExtension **extensions;
+ char *emailAddr;
+ CERTCertDBHandle *dbhandle;
+ SECItem subjectKeyID; /* x509v3 subject key identifier */
+ PRBool keyIDGenerated; /* was the keyid generated? */
+ unsigned int keyUsage; /* what uses are allowed for this cert */
+ unsigned int rawKeyUsage; /* value of the key usage extension */
+ PRBool keyUsagePresent; /* was the key usage extension present */
+ PRUint32 nsCertType; /* value of the ns cert type extension */
+ /* must be 32-bit for PR_ATOMIC_SET */
+
+ /* these values can be set by the application to bypass certain checks
+ * or to keep the cert in memory for an entire session.
+ * XXX - need an api to set these
+ */
+ PRBool keepSession; /* keep this cert for entire session*/
+ PRBool timeOK; /* is the bad validity time ok? */
+ CERTOKDomainName *domainOK; /* these domain names are ok */
+
+ /*
+ * these values can change when the cert changes state. These state
+ * changes include transitions from temp to perm or vice-versa, and
+ * changes of trust flags
+ */
+ PRBool isperm;
+ PRBool istemp;
+ char *nickname;
+ char *dbnickname;
+ struct NSSCertificateStr *nssCertificate; /* This is Stan stuff. */
+ CERTCertTrust *trust;
+
+ /* the reference count is modified whenever someone looks up, dups
+ * or destroys a certificate
+ */
+ int referenceCount;
+
+ /* The subject list is a list of all certs with the same subject name.
+ * It can be modified any time a cert is added or deleted from either
+ * the in-memory(temporary) or on-disk(permanent) database.
+ */
+ CERTSubjectList *subjectList;
+
+ /* these belong in the static section, but are here to maintain
+ * the structure's integrity
+ */
+ CERTAuthKeyID *authKeyID; /* x509v3 authority key identifier */
+ PRBool isRoot; /* cert is the end of a chain */
+
+ /* these fields are used by client GUI code to keep track of ssl sockets
+ * that are blocked waiting on GUI feedback related to this cert.
+ * XXX - these should be moved into some sort of application specific
+ * data structure. They are only used by the browser right now.
+ */
+ union {
+ void *apointer; /* was struct SECSocketNode* authsocketlist */
+ struct {
+ unsigned int hasUnsupportedCriticalExt : 1;
+ /* add any new option bits needed here */
+ } bits;
+ } options;
+ int series; /* was int authsocketcount; record the series of the pkcs11ID */
+
+ /* This is PKCS #11 stuff. */
+ PK11SlotInfo *slot; /*if this cert came of a token, which is it*/
+ CK_OBJECT_HANDLE pkcs11ID; /*and which object on that token is it */
+ PRBool ownSlot; /*true if the cert owns the slot reference */
+};
+#define SEC_CERTIFICATE_VERSION_1 0 /* default created */
+#define SEC_CERTIFICATE_VERSION_2 1 /* v2 */
+#define SEC_CERTIFICATE_VERSION_3 2 /* v3 extensions */
+
+#define SEC_CRL_VERSION_1 0 /* default */
+#define SEC_CRL_VERSION_2 1 /* v2 extensions */
+
+/*
+ * used to identify class of cert in mime stream code
+ */
+#define SEC_CERT_CLASS_CA 1
+#define SEC_CERT_CLASS_SERVER 2
+#define SEC_CERT_CLASS_USER 3
+#define SEC_CERT_CLASS_EMAIL 4
+
+struct CERTDERCertsStr {
+ PLArenaPool *arena;
+ int numcerts;
+ SECItem *rawCerts;
+};
+
+/*
+** A PKCS ? Attribute
+** XXX this is duplicated through out the code, it *should* be moved
+** to a central location. Where would be appropriate?
+*/
+struct CERTAttributeStr {
+ SECItem attrType;
+ SECItem **attrValue;
+};
+
+/*
+** A PKCS#10 certificate-request object (the unsigned form)
+*/
+struct CERTCertificateRequestStr {
+ PLArenaPool *arena;
+ SECItem version;
+ CERTName subject;
+ CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
+ CERTAttribute **attributes;
+};
+#define SEC_CERTIFICATE_REQUEST_VERSION 0 /* what we *create* */
+
+/*
+** A certificate list object.
+*/
+struct CERTCertificateListStr {
+ SECItem *certs;
+ int len; /* number of certs */
+ PLArenaPool *arena;
+};
+
+struct CERTCertListNodeStr {
+ PRCList links;
+ CERTCertificate *cert;
+ void *appData;
+};
+
+struct CERTCertListStr {
+ PRCList list;
+ PLArenaPool *arena;
+};
+
+#define CERT_LIST_HEAD(l) ((CERTCertListNode *)PR_LIST_HEAD(&l->list))
+#define CERT_LIST_TAIL(l) ((CERTCertListNode *)PR_LIST_TAIL(&l->list))
+#define CERT_LIST_NEXT(n) ((CERTCertListNode *)n->links.next)
+#define CERT_LIST_END(n, l) (((void *)n) == ((void *)&l->list))
+#define CERT_LIST_EMPTY(l) CERT_LIST_END(CERT_LIST_HEAD(l), l)
+
+struct CERTCrlEntryStr {
+ SECItem serialNumber;
+ SECItem revocationDate;
+ CERTCertExtension **extensions;
+};
+
+struct CERTCrlStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECAlgorithmID signatureAlg;
+ SECItem derName;
+ CERTName name;
+ SECItem lastUpdate;
+ SECItem nextUpdate; /* optional for x.509 CRL */
+ CERTCrlEntry **entries;
+ CERTCertExtension **extensions;
+ /* can't add anything there for binary backwards compatibility reasons */
+};
+
+struct CERTCrlKeyStr {
+ SECItem derName;
+ SECItem dummy; /* The decoder can not skip a primitive,
+ this serves as a place holder for the
+ decoder to finish its task only
+ */
+};
+
+struct CERTSignedCrlStr {
+ PLArenaPool *arena;
+ CERTCrl crl;
+ void *reserved1;
+ PRBool reserved2;
+ PRBool isperm;
+ PRBool istemp;
+ int referenceCount;
+ CERTCertDBHandle *dbhandle;
+ CERTSignedData signatureWrap; /* XXX */
+ char *url;
+ SECItem *derCrl;
+ PK11SlotInfo *slot;
+ CK_OBJECT_HANDLE pkcs11ID;
+ void *opaque; /* do not touch */
+};
+
+struct CERTCrlHeadNodeStr {
+ PLArenaPool *arena;
+ CERTCertDBHandle *dbhandle;
+ CERTCrlNode *first;
+ CERTCrlNode *last;
+};
+
+struct CERTCrlNodeStr {
+ CERTCrlNode *next;
+ int type;
+ CERTSignedCrl *crl;
+};
+
+/*
+ * Array of X.500 Distinguished Names
+ */
+struct CERTDistNamesStr {
+ PLArenaPool *arena;
+ int nnames;
+ SECItem *names;
+ void *head; /* private */
+};
+
+#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
+#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
+#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
+#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
+#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
+#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
+#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
+#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
+
+#define EXT_KEY_USAGE_TIME_STAMP (0x8000)
+#define EXT_KEY_USAGE_STATUS_RESPONDER (0x4000)
+
+#define NS_CERT_TYPE_APP \
+ (NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL | \
+ NS_CERT_TYPE_OBJECT_SIGNING)
+
+#define NS_CERT_TYPE_CA \
+ (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA | \
+ NS_CERT_TYPE_OBJECT_SIGNING_CA | EXT_KEY_USAGE_STATUS_RESPONDER)
+typedef enum SECCertUsageEnum {
+ certUsageSSLClient = 0,
+ certUsageSSLServer = 1,
+ certUsageSSLServerWithStepUp = 2,
+ certUsageSSLCA = 3,
+ certUsageEmailSigner = 4,
+ certUsageEmailRecipient = 5,
+ certUsageObjectSigner = 6,
+ certUsageUserCertImport = 7,
+ certUsageVerifyCA = 8,
+ certUsageProtectedObjectSigner = 9,
+ certUsageStatusResponder = 10,
+ certUsageAnyCA = 11
+} SECCertUsage;
+
+typedef PRInt64 SECCertificateUsage;
+
+#define certificateUsageCheckAllUsages (0x0000)
+#define certificateUsageSSLClient (0x0001)
+#define certificateUsageSSLServer (0x0002)
+#define certificateUsageSSLServerWithStepUp (0x0004)
+#define certificateUsageSSLCA (0x0008)
+#define certificateUsageEmailSigner (0x0010)
+#define certificateUsageEmailRecipient (0x0020)
+#define certificateUsageObjectSigner (0x0040)
+#define certificateUsageUserCertImport (0x0080)
+#define certificateUsageVerifyCA (0x0100)
+#define certificateUsageProtectedObjectSigner (0x0200)
+#define certificateUsageStatusResponder (0x0400)
+#define certificateUsageAnyCA (0x0800)
+
+#define certificateUsageHighest certificateUsageAnyCA
+
+/*
+ * Does the cert belong to the user, a peer, or a CA.
+ */
+typedef enum CERTCertOwnerEnum {
+ certOwnerUser = 0,
+ certOwnerPeer = 1,
+ certOwnerCA = 2
+} CERTCertOwner;
+
+/*
+ * This enum represents the state of validity times of a certificate
+ */
+typedef enum SECCertTimeValidityEnum {
+ secCertTimeValid = 0,
+ secCertTimeExpired = 1,
+ secCertTimeNotValidYet = 2,
+ secCertTimeUndetermined = 3 /* validity could not be decoded from the
+ cert, most likely because it was NULL */
+} SECCertTimeValidity;
+
+/*
+ * This is used as return status in functions that compare the validity
+ * periods of two certificates A and B, currently only
+ * CERT_CompareValidityTimes.
+ */
+
+typedef enum CERTCompareValidityStatusEnum {
+ certValidityUndetermined = 0, /* the function is unable to select one cert
+ over another */
+ certValidityChooseB = 1, /* cert B should be preferred */
+ certValidityEqual = 2, /* both certs have the same validity period */
+ certValidityChooseA = 3 /* cert A should be preferred */
+} CERTCompareValidityStatus;
+
+/*
+ * Interface for getting certificate nickname strings out of the database
+ */
+
+/* these are values for the what argument below */
+#define SEC_CERT_NICKNAMES_ALL 1
+#define SEC_CERT_NICKNAMES_USER 2
+#define SEC_CERT_NICKNAMES_SERVER 3
+#define SEC_CERT_NICKNAMES_CA 4
+
+struct CERTCertNicknamesStr {
+ PLArenaPool *arena;
+ void *head;
+ int numnicknames;
+ char **nicknames;
+ int what;
+ int totallen;
+};
+
+struct CERTIssuerAndSNStr {
+ SECItem derIssuer;
+ CERTName issuer;
+ SECItem serialNumber;
+};
+
+/* X.509 v3 Key Usage Extension flags */
+#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
+#define KU_NON_REPUDIATION (0x40) /* bit 1 */
+#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
+#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
+#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
+#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
+#define KU_CRL_SIGN (0x02) /* bit 6 */
+#define KU_ENCIPHER_ONLY (0x01) /* bit 7 */
+#define KU_ALL \
+ (KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT | \
+ KU_DATA_ENCIPHERMENT | KU_KEY_AGREEMENT | KU_KEY_CERT_SIGN | \
+ KU_CRL_SIGN | KU_ENCIPHER_ONLY)
+
+/* This value will not occur in certs. It is used internally for the case
+ * when either digital signature or non-repudiation is the correct value.
+ */
+#define KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION (0x2000)
+
+/* This value will not occur in certs. It is used internally for the case
+ * when the key type is not know ahead of time and either key agreement or
+ * key encipherment are the correct value based on key type
+ */
+#define KU_KEY_AGREEMENT_OR_ENCIPHERMENT (0x4000)
+
+/* internal bits that do not match bits in the x509v3 spec, but are used
+ * for similar purposes
+ */
+#define KU_NS_GOVT_APPROVED (0x8000) /*don't make part of KU_ALL!*/
+/*
+* x.509 v3 Basic Constraints Extension
+* If isCA is false, the pathLenConstraint is ignored.
+* Otherwise, the following pathLenConstraint values will apply:
+* < 0 - there is no limit to the certificate path
+* 0 - CA can issues end-entity certificates only
+* > 0 - the number of certificates in the certificate path is
+* limited to this number
+*/
+#define CERT_UNLIMITED_PATH_CONSTRAINT -2
+
+struct CERTBasicConstraintsStr {
+ PRBool isCA; /* on if is CA */
+ int pathLenConstraint; /* maximum number of certificates that can be
+ in the cert path. Only applies to a CA
+ certificate; otherwise, it's ignored.
+ */
+};
+
+/* Maximum length of a certificate chain */
+#define CERT_MAX_CERT_CHAIN 20
+
+#define CERT_MAX_SERIAL_NUMBER_BYTES 20 /* from RFC 3280 */
+#define CERT_MAX_DN_BYTES 4096 /* arbitrary */
+
+/* x.509 v3 Reason Flags, used in CRLDistributionPoint Extension */
+#define RF_UNUSED (0x80) /* bit 0 */
+#define RF_KEY_COMPROMISE (0x40) /* bit 1 */
+#define RF_CA_COMPROMISE (0x20) /* bit 2 */
+#define RF_AFFILIATION_CHANGED (0x10) /* bit 3 */
+#define RF_SUPERSEDED (0x08) /* bit 4 */
+#define RF_CESSATION_OF_OPERATION (0x04) /* bit 5 */
+#define RF_CERTIFICATE_HOLD (0x02) /* bit 6 */
+
+/* enum for CRL Entry Reason Code */
+typedef enum CERTCRLEntryReasonCodeEnum {
+ crlEntryReasonUnspecified = 0,
+ crlEntryReasonKeyCompromise = 1,
+ crlEntryReasonCaCompromise = 2,
+ crlEntryReasonAffiliationChanged = 3,
+ crlEntryReasonSuperseded = 4,
+ crlEntryReasonCessationOfOperation = 5,
+ crlEntryReasoncertificatedHold = 6,
+ crlEntryReasonRemoveFromCRL = 8,
+ crlEntryReasonPrivilegeWithdrawn = 9,
+ crlEntryReasonAaCompromise = 10
+} CERTCRLEntryReasonCode;
+
+/* If we needed to extract the general name field, use this */
+/* General Name types */
+typedef enum CERTGeneralNameTypeEnum {
+ certOtherName = 1,
+ certRFC822Name = 2,
+ certDNSName = 3,
+ certX400Address = 4,
+ certDirectoryName = 5,
+ certEDIPartyName = 6,
+ certURI = 7,
+ certIPAddress = 8,
+ certRegisterID = 9
+} CERTGeneralNameType;
+
+typedef struct OtherNameStr {
+ SECItem name;
+ SECItem oid;
+} OtherName;
+
+struct CERTGeneralNameStr {
+ CERTGeneralNameType type; /* name type */
+ union {
+ CERTName directoryName; /* distinguish name */
+ OtherName OthName; /* Other Name */
+ SECItem other; /* the rest of the name forms */
+ } name;
+ SECItem derDirectoryName; /* this is saved to simplify directory name
+ comparison */
+ PRCList l;
+};
+
+struct CERTGeneralNameListStr {
+ PLArenaPool *arena;
+ CERTGeneralName *name;
+ int refCount;
+ int len;
+ PZLock *lock;
+};
+
+struct CERTNameConstraintStr {
+ CERTGeneralName name;
+ SECItem DERName;
+ SECItem min;
+ SECItem max;
+ PRCList l;
+};
+
+struct CERTNameConstraintsStr {
+ CERTNameConstraint *permited;
+ CERTNameConstraint *excluded;
+ SECItem **DERPermited;
+ SECItem **DERExcluded;
+};
+
+/* Private Key Usage Period extension struct. */
+struct CERTPrivKeyUsagePeriodStr {
+ SECItem notBefore;
+ SECItem notAfter;
+ PLArenaPool *arena;
+};
+
+/* X.509 v3 Authority Key Identifier extension. For the authority certificate
+ issuer field, we only support URI now.
+ */
+struct CERTAuthKeyIDStr {
+ SECItem keyID; /* unique key identifier */
+ CERTGeneralName *authCertIssuer; /* CA's issuer name. End with a NULL */
+ SECItem authCertSerialNumber; /* CA's certificate serial number */
+ SECItem **DERAuthCertIssuer; /* This holds the DER encoded format of
+ the authCertIssuer field. It is used
+ by the encoding engine. It should be
+ used as a read only field by the caller.
+ */
+};
+
+/* x.509 v3 CRL Distributeion Point */
+
+/*
+ * defined the types of CRL Distribution points
+ */
+typedef enum DistributionPointTypesEnum {
+ generalName = 1, /* only support this for now */
+ relativeDistinguishedName = 2
+} DistributionPointTypes;
+
+struct CRLDistributionPointStr {
+ DistributionPointTypes distPointType;
+ union {
+ CERTGeneralName *fullName;
+ CERTRDN relativeName;
+ } distPoint;
+ SECItem reasons;
+ CERTGeneralName *crlIssuer;
+
+ /* Reserved for internal use only*/
+ SECItem derDistPoint;
+ SECItem derRelativeName;
+ SECItem **derCrlIssuer;
+ SECItem **derFullName;
+ SECItem bitsmap;
+};
+
+struct CERTCrlDistributionPointsStr {
+ CRLDistributionPoint **distPoints;
+};
+
+/*
+ * This structure is used to keep a log of errors when verifying
+ * a cert chain. This allows multiple errors to be reported all at
+ * once.
+ */
+struct CERTVerifyLogNodeStr {
+ CERTCertificate *cert; /* what cert had the error */
+ long error; /* what error was it? */
+ unsigned int depth; /* how far up the chain are we */
+ void *arg; /* error specific argument */
+ struct CERTVerifyLogNodeStr *next; /* next in the list */
+ struct CERTVerifyLogNodeStr *prev; /* next in the list */
+};
+
+struct CERTVerifyLogStr {
+ PLArenaPool *arena;
+ unsigned int count;
+ struct CERTVerifyLogNodeStr *head;
+ struct CERTVerifyLogNodeStr *tail;
+};
+
+struct CERTOKDomainNameStr {
+ CERTOKDomainName *next;
+ char *name;
+};
+
+typedef SECStatus(PR_CALLBACK *CERTStatusChecker)(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRTime time, void *pwArg);
+
+typedef SECStatus(PR_CALLBACK *CERTStatusDestroy)(CERTStatusConfig *handle);
+
+struct CERTStatusConfigStr {
+ CERTStatusChecker statusChecker; /* NULL means no checking enabled */
+ CERTStatusDestroy statusDestroy; /* enabled or no, will clean up */
+ void *statusContext; /* cx specific to checking protocol */
+};
+
+struct CERTAuthInfoAccessStr {
+ SECItem method;
+ SECItem derLocation;
+ CERTGeneralName *location; /* decoded location */
+};
+
+/* This is the typedef for the callback passed to CERT_OpenCertDB() */
+/* callback to return database name based on version number */
+typedef char *(*CERTDBNameFunc)(void *arg, int dbVersion);
+
+/*
+ * types of cert packages that we can decode
+ */
+typedef enum CERTPackageTypeEnum {
+ certPackageNone = 0,
+ certPackageCert = 1,
+ certPackagePKCS7 = 2,
+ certPackageNSCertSeq = 3,
+ certPackageNSCertWrap = 4
+} CERTPackageType;
+
+/*
+ * these types are for the PKIX Certificate Policies extension
+ */
+typedef struct {
+ SECOidTag oid;
+ SECItem qualifierID;
+ SECItem qualifierValue;
+} CERTPolicyQualifier;
+
+typedef struct {
+ SECOidTag oid;
+ SECItem policyID;
+ CERTPolicyQualifier **policyQualifiers;
+} CERTPolicyInfo;
+
+typedef struct {
+ PLArenaPool *arena;
+ CERTPolicyInfo **policyInfos;
+} CERTCertificatePolicies;
+
+typedef struct {
+ SECItem organization;
+ SECItem **noticeNumbers;
+} CERTNoticeReference;
+
+typedef struct {
+ PLArenaPool *arena;
+ CERTNoticeReference noticeReference;
+ SECItem derNoticeReference;
+ SECItem displayText;
+} CERTUserNotice;
+
+typedef struct {
+ PLArenaPool *arena;
+ SECItem **oids;
+} CERTOidSequence;
+
+/*
+ * these types are for the PKIX Policy Mappings extension
+ */
+typedef struct {
+ SECItem issuerDomainPolicy;
+ SECItem subjectDomainPolicy;
+} CERTPolicyMap;
+
+typedef struct {
+ PLArenaPool *arena;
+ CERTPolicyMap **policyMaps;
+} CERTCertificatePolicyMappings;
+
+/*
+ * these types are for the PKIX inhibitAnyPolicy extension
+ */
+typedef struct {
+ SECItem inhibitAnySkipCerts;
+} CERTCertificateInhibitAny;
+
+/*
+ * these types are for the PKIX Policy Constraints extension
+ */
+typedef struct {
+ SECItem explicitPolicySkipCerts;
+ SECItem inhibitMappingSkipCerts;
+} CERTCertificatePolicyConstraints;
+
+/*
+ * These types are for the validate chain callback param.
+ *
+ * CERTChainVerifyCallback is an application-supplied callback that can be used
+ * to augment libpkix's certificate chain validation with additional
+ * application-specific checks. It may be called multiple times if there are
+ * multiple potentially-valid paths for the certificate being validated. This
+ * callback is called before revocation checking is done on the certificates in
+ * the given chain.
+ *
+ * - isValidChainArg contains the application-provided opaque argument
+ * - currentChain is the currently validated chain. It is ordered with the leaf
+ * certificate at the head and the trust anchor at the tail.
+ *
+ * The callback should set *chainOK = PR_TRUE and return SECSuccess if the
+ * certificate chain is acceptable. It should set *chainOK = PR_FALSE and
+ * return SECSuccess if the chain is unacceptable, to indicate that the given
+ * chain is bad and path building should continue. It should return SECFailure
+ * to indicate an fatal error that will cause path validation to fail
+ * immediately.
+ */
+typedef SECStatus (*CERTChainVerifyCallbackFunc)(
+ void *isChainValidArg, const CERTCertList *currentChain, PRBool *chainOK);
+
+/*
+ * Note: If extending this structure, it will be necessary to change the
+ * associated CERTValParamInType
+ */
+typedef struct {
+ CERTChainVerifyCallbackFunc isChainValid;
+ void *isChainValidArg;
+} CERTChainVerifyCallback;
+
+/*
+ * these types are for the CERT_PKIX* Verification functions
+ * These are all optional parameters.
+ */
+
+typedef enum {
+ cert_pi_end = 0, /* SPECIAL: signifies end of array of
+ * CERTValParam* */
+ cert_pi_nbioContext = 1, /* specify a non-blocking IO context used to
+ * resume a session. If this argument is
+ * specified, no other arguments should be.
+ * Specified in value.pointer.p. If the
+ * operation completes the context will be
+ * freed. */
+ cert_pi_nbioAbort = 2, /* specify a non-blocking IO context for an
+ * existing operation which the caller wants
+ * to abort. If this argument is
+ * specified, no other arguments should be.
+ * Specified in value.pointer.p. If the
+ * operation succeeds the context will be
+ * freed. */
+ cert_pi_certList = 3, /* specify the chain to validate against. If
+ * this value is given, then the path
+ * construction step in the validation is
+ * skipped. Specified in value.pointer.chain */
+ cert_pi_policyOID = 4, /* validate certificate for policy OID.
+ * Specified in value.array.oids. Cert must
+ * be good for at least one OID in order
+ * to validate. Default is that the user is not
+ * concerned about certificate policy. */
+ cert_pi_policyFlags = 5, /* flags for each policy specified in policyOID.
+ * Specified in value.scalar.ul. Policy flags
+ * apply to all specified oids.
+ * Use CERT_POLICY_FLAG_* macros below. If not
+ * specified policy flags default to 0 */
+ cert_pi_keyusage = 6, /* specify what the keyusages the certificate
+ * will be evaluated against, specified in
+ * value.scalar.ui. The cert must validate for
+ * at least one of the specified key usages.
+ * Values match the KU_ bit flags defined
+ * in this file. Default is derived from
+ * the 'usages' function argument */
+ cert_pi_extendedKeyusage = 7, /* specify what the required extended key
+ * usage of the certificate. Specified as
+ * an array of oidTags in value.array.oids.
+ * The cert must validate for at least one
+ * of the specified extended key usages.
+ * If not specified, no extended key usages
+ * will be checked. */
+ cert_pi_date = 8, /* validate certificate is valid as of date
+ * specified in value.scalar.time. A special
+ * value '0' indicates 'now'. default is '0' */
+ cert_pi_revocationFlags = 9, /* Specify what revocation checking to do.
+ * See CERT_REV_FLAG_* macros below
+ * Set in value.pointer.revocation */
+ cert_pi_certStores = 10, /* Bitmask of Cert Store flags (see below)
+ * Set in value.scalar.ui */
+ cert_pi_trustAnchors =
+ 11, /* Specify the list of trusted roots to
+ * validate against.
+ * The default set of trusted roots, these are
+ * root CA certs from libnssckbi.so or CA
+ * certs trusted by user, are used in any of
+ * the following cases:
+ * * when the parameter is not set.
+ * * when the list of trust anchors is
+ * empty.
+ * Note that this handling can be further
+ * altered by altering the
+ * cert_pi_useOnlyTrustAnchors flag
+ * Specified in value.pointer.chain */
+ cert_pi_useAIACertFetch = 12, /* Enables cert fetching using AIA extension.
+ * In NSS 3.12.1 or later. Default is off.
+ * Value is in value.scalar.b */
+ cert_pi_chainVerifyCallback = 13,
+ /* The callback container for doing extra
+ * validation on the currently calculated chain.
+ * Value is in value.pointer.chainVerifyCallback */
+ cert_pi_useOnlyTrustAnchors = 14,
+ /* If true, disables trusting any
+ * certificates other than the ones passed in via cert_pi_trustAnchors.
+ * If false, then the certificates specified via cert_pi_trustAnchors
+ * will be combined with the pre-existing trusted roots, but only
+ * for the certificate validation being performed.
+ * If no value has been supplied via cert_pi_trustAnchors, this has
+ * no effect.
+ * The default value is true, meaning if this is not supplied, only
+ * trust anchors supplied via cert_pi_trustAnchors are trusted.
+ * Specified in value.scalar.b */
+ cert_pi_max /* SPECIAL: signifies maximum allowed value,
+ * can increase in future releases */
+} CERTValParamInType;
+
+/*
+ * for all out parameters:
+ * out parameters are only returned if the caller asks for them in
+ * the CERTValOutParam array. Caller is responsible for the CERTValOutParam
+ * array itself. The pkix verify function will allocate and other arrays
+ * pointers, or objects. The Caller is responsible for freeing those results.
+ * If SECWouldBlock is returned, only cert_pi_nbioContext is returned.
+ */
+typedef enum {
+ cert_po_end = 0, /* SPECIAL: signifies end of array of
+ * CERTValParam* */
+ cert_po_nbioContext = 1, /* Return a nonblocking context. If no
+ * non-blocking context is specified, then
+ * blocking IO will be used.
+ * Returned in value.pointer.p. The context is
+ * freed after an abort or a complete operation.
+ * This value is only returned on SECWouldBlock.
+ */
+ cert_po_trustAnchor = 2, /* Return the trust anchor for the chain that
+ * was validated. Returned in
+ * value.pointer.cert, this value is only
+ * returned on SECSuccess. */
+ cert_po_certList = 3, /* Return the entire chain that was validated.
+ * Returned in value.pointer.certList. If no
+ * chain could be constructed, this value
+ * would be NULL. */
+ cert_po_policyOID = 4, /* Return the policies that were found to be
+ * valid. Returned in value.array.oids as an
+ * array. This is only returned on
+ * SECSuccess. */
+ cert_po_errorLog = 5, /* Return a log of problems with the chain.
+ * Returned in value.pointer.log */
+ cert_po_usages = 6, /* Return what usages the certificate is valid
+ for. Returned in value.scalar.usages */
+ cert_po_keyUsage = 7, /* Return what key usages the certificate
+ * is valid for.
+ * Returned in value.scalar.usage */
+ cert_po_extendedKeyusage = 8, /* Return what extended key usages the
+ * certificate is valid for.
+ * Returned in value.array.oids */
+ cert_po_max /* SPECIAL: signifies maximum allowed value,
+ * can increase in future releases */
+
+} CERTValParamOutType;
+
+typedef enum {
+ cert_revocation_method_crl = 0,
+ cert_revocation_method_ocsp,
+ cert_revocation_method_count
+} CERTRevocationMethodIndex;
+
+/*
+ * The following flags are supposed to be used to control bits in
+ * each integer contained in the array pointed to be:
+ * CERTRevocationTests.cert_rev_flags_per_method
+ * All Flags are prefixed by CERT_REV_M_, where _M_ indicates
+ * this is a method dependent flag.
+ */
+
+/*
+ * Whether or not to use a method for revocation testing.
+ * If set to "do not test", then all other flags are ignored.
+ */
+#define CERT_REV_M_DO_NOT_TEST_USING_THIS_METHOD 0UL
+#define CERT_REV_M_TEST_USING_THIS_METHOD 1UL
+
+/*
+ * Whether or not NSS is allowed to attempt to fetch fresh information
+ * from the network.
+ * (Although fetching will never happen if fresh information for the
+ * method is already locally available.)
+ */
+#define CERT_REV_M_ALLOW_NETWORK_FETCHING 0UL
+#define CERT_REV_M_FORBID_NETWORK_FETCHING 2UL
+
+/*
+ * Example for an implicit default source:
+ * The globally configured default OCSP responder.
+ * IGNORE means:
+ * ignore the implicit default source, whether it's configured or not.
+ * ALLOW means:
+ * if an implicit default source is configured,
+ * then it overrides any available or missing source in the cert.
+ * if no implicit default source is configured,
+ * then we continue to use what's available (or not available)
+ * in the certs.
+ */
+#define CERT_REV_M_ALLOW_IMPLICIT_DEFAULT_SOURCE 0UL
+#define CERT_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE 4UL
+
+/*
+ * Defines the behavior if no fresh information is available,
+ * fetching from the network is allowed, but the source of revocation
+ * information is unknown (even after considering implicit sources,
+ * if allowed by other flags).
+ * SKIPT_TEST means:
+ * We ignore that no fresh information is available and
+ * skip this test.
+ * REQUIRE_INFO means:
+ * We still require that fresh information is available.
+ * Other flags define what happens on missing fresh info.
+ */
+#define CERT_REV_M_SKIP_TEST_ON_MISSING_SOURCE 0UL
+#define CERT_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE 8UL
+
+/*
+ * Defines the behavior if we are unable to obtain fresh information.
+ * INGORE means:
+ * Return "cert status unknown"
+ * FAIL means:
+ * Return "cert revoked".
+ */
+#define CERT_REV_M_IGNORE_MISSING_FRESH_INFO 0UL
+#define CERT_REV_M_FAIL_ON_MISSING_FRESH_INFO 16UL
+
+/*
+ * What should happen if we were able to find fresh information using
+ * this method, and the data indicated the cert is good?
+ * STOP_TESTING means:
+ * Our success is sufficient, do not continue testing
+ * other methods.
+ * CONTINUE_TESTING means:
+ * We will continue and test the next allowed
+ * specified method.
+ */
+#define CERT_REV_M_STOP_TESTING_ON_FRESH_INFO 0UL
+#define CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO 32UL
+
+/* When this flag is used, libpkix will never attempt to use the GET HTTP
+ * method for OCSP requests; it will always use POST.
+ */
+#define CERT_REV_M_FORCE_POST_METHOD_FOR_OCSP 64UL
+
+/*
+ * The following flags are supposed to be used to control bits in
+ * CERTRevocationTests.cert_rev_method_independent_flags
+ * All Flags are prefixed by CERT_REV_M_, where _M_ indicates
+ * this is a method independent flag.
+ */
+
+/*
+ * This defines the order to checking.
+ * EACH_METHOD_SEPARATELY means:
+ * Do all tests related to a particular allowed method
+ * (both local information and network fetching) in a single step.
+ * Only after testing for a particular method is done,
+ * then switching to the next method will happen.
+ * ALL_LOCAL_INFORMATION_FIRST means:
+ * Start by testing the information for all allowed methods
+ * which are already locally available. Only after that is done
+ * consider to fetch from the network (as allowed by other flags).
+ */
+#define CERT_REV_MI_TEST_EACH_METHOD_SEPARATELY 0UL
+#define CERT_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST 1UL
+
+/*
+ * Use this flag to specify that it's necessary that fresh information
+ * is available for at least one of the allowed methods, but it's
+ * irrelevant which of the mechanisms succeeded.
+ * NO_OVERALL_INFO_REQUIREMENT means:
+ * We strictly follow the requirements for each individual method.
+ * REQUIRE_SOME_FRESH_INFO_AVAILABLE means:
+ * After the individual tests have been executed, we must have
+ * been able to find fresh information using at least one method.
+ * If we were unable to find fresh info, it's a failure.
+ * This setting overrides the CERT_REV_M_FAIL_ON_MISSING_FRESH_INFO
+ * flag on all methods.
+ */
+#define CERT_REV_MI_NO_OVERALL_INFO_REQUIREMENT 0UL
+#define CERT_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE 2UL
+
+typedef struct {
+ /*
+ * The size of the array that cert_rev_flags_per_method points to,
+ * meaning, the number of methods that are known and defined
+ * by the caller.
+ */
+ PRUint32 number_of_defined_methods;
+
+ /*
+ * A pointer to an array of integers.
+ * Each integer defines revocation checking for a single method,
+ * by having individual CERT_REV_M_* bits set or not set.
+ * The meaning of index numbers into this array are defined by
+ * enum CERTRevocationMethodIndex
+ * The size of the array must be specified by the caller in the separate
+ * variable number_of_defined_methods.
+ * The size of the array may be smaller than
+ * cert_revocation_method_count, it can happen if a caller
+ * is not yet aware of the latest revocation methods
+ * (or does not want to use them).
+ */
+ PRUint64 *cert_rev_flags_per_method;
+
+ /*
+ * How many preferred methods are specified?
+ * This is equivalent to the size of the array that
+ * preferred_methods points to.
+ * It's allowed to set this value to zero,
+ * then NSS will decide which methods to prefer.
+ */
+ PRUint32 number_of_preferred_methods;
+
+ /* Array that may specify an optional order of preferred methods.
+ * Each array entry shall contain a method identifier as defined
+ * by CERTRevocationMethodIndex.
+ * The entry at index [0] specifies the method with highest preference.
+ * These methods will be tested first for locally available information.
+ * Methods allowed for downloading will be attempted in the same order.
+ */
+ CERTRevocationMethodIndex *preferred_methods;
+
+ /*
+ * An integer which defines certain aspects of revocation checking
+ * (independent of individual methods) by having individual
+ * CERT_REV_MI_* bits set or not set.
+ */
+ PRUint64 cert_rev_method_independent_flags;
+} CERTRevocationTests;
+
+typedef struct {
+ CERTRevocationTests leafTests;
+ CERTRevocationTests chainTests;
+} CERTRevocationFlags;
+
+typedef struct CERTValParamInValueStr {
+ union {
+ PRBool b;
+ PRInt32 i;
+ PRUint32 ui;
+ PRInt64 l;
+ PRUint64 ul;
+ PRTime time;
+ } scalar;
+ union {
+ const void *p;
+ const char *s;
+ const CERTCertificate *cert;
+ const CERTCertList *chain;
+ const CERTRevocationFlags *revocation;
+ const CERTChainVerifyCallback *chainVerifyCallback;
+ } pointer;
+ union {
+ const PRInt32 *pi;
+ const PRUint32 *pui;
+ const PRInt64 *pl;
+ const PRUint64 *pul;
+ const SECOidTag *oids;
+ } array;
+ int arraySize;
+} CERTValParamInValue;
+
+typedef struct CERTValParamOutValueStr {
+ union {
+ PRBool b;
+ PRInt32 i;
+ PRUint32 ui;
+ PRInt64 l;
+ PRUint64 ul;
+ SECCertificateUsage usages;
+ } scalar;
+ union {
+ void *p;
+ char *s;
+ CERTVerifyLog *log;
+ CERTCertificate *cert;
+ CERTCertList *chain;
+ } pointer;
+ union {
+ void *p;
+ SECOidTag *oids;
+ } array;
+ int arraySize;
+} CERTValParamOutValue;
+
+typedef struct {
+ CERTValParamInType type;
+ CERTValParamInValue value;
+} CERTValInParam;
+
+typedef struct {
+ CERTValParamOutType type;
+ CERTValParamOutValue value;
+} CERTValOutParam;
+
+/*
+ * Levels of standards conformance strictness for CERT_NameToAsciiInvertible
+ */
+typedef enum CertStrictnessLevels {
+ CERT_N2A_READABLE = 0, /* maximum human readability */
+ CERT_N2A_STRICT = 10, /* strict RFC compliance */
+ CERT_N2A_INVERTIBLE = 20 /* maximum invertibility,
+ all DirectoryStrings encoded in hex */
+} CertStrictnessLevel;
+
+/*
+ * policy flag defines
+ */
+#define CERT_POLICY_FLAG_NO_MAPPING 1
+#define CERT_POLICY_FLAG_EXPLICIT 2
+#define CERT_POLICY_FLAG_NO_ANY 4
+
+/*
+ * CertStore flags
+ */
+#define CERT_ENABLE_LDAP_FETCH 1
+#define CERT_ENABLE_HTTP_FETCH 2
+
+/* This functin pointer type may be used for any function that takes
+ * a CERTCertificate * and returns an allocated string, which must be
+ * freed by a call to PORT_Free.
+ */
+typedef char *(*CERT_StringFromCertFcn)(CERTCertificate *cert);
+
+/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
+
+#include "secasn1t.h" /* way down here because I expect template stuff to
+ * move out of here anyway */
+
+SEC_BEGIN_PROTOS
+
+extern const SEC_ASN1Template CERT_CertificateRequestTemplate[];
+extern const SEC_ASN1Template CERT_CertificateTemplate[];
+extern const SEC_ASN1Template SEC_SignedCertificateTemplate[];
+extern const SEC_ASN1Template CERT_CertExtensionTemplate[];
+extern const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[];
+extern const SEC_ASN1Template SECKEY_PublicKeyTemplate[];
+extern const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[];
+extern const SEC_ASN1Template CERT_TimeChoiceTemplate[];
+extern const SEC_ASN1Template CERT_ValidityTemplate[];
+extern const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[];
+extern const SEC_ASN1Template SEC_CertSequenceTemplate[];
+
+extern const SEC_ASN1Template CERT_IssuerAndSNTemplate[];
+extern const SEC_ASN1Template CERT_NameTemplate[];
+extern const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[];
+extern const SEC_ASN1Template CERT_RDNTemplate[];
+extern const SEC_ASN1Template CERT_SignedDataTemplate[];
+extern const SEC_ASN1Template CERT_CrlTemplate[];
+extern const SEC_ASN1Template CERT_SignedCrlTemplate[];
+
+/*
+** XXX should the attribute stuff be centralized for all of ns/security?
+*/
+extern const SEC_ASN1Template CERT_AttributeTemplate[];
+extern const SEC_ASN1Template CERT_SetOfAttributeTemplate[];
+
+/* These functions simply return the address of the above-declared templates.
+** This is necessary for Windows DLLs. Sigh.
+*/
+SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateRequestTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_CrlTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_NameTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_SequenceOfCertExtensionTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_SubjectPublicKeyInfoTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_SignedCertificateTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_SignedCrlTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_TimeChoiceTemplate)
+
+SEC_END_PROTOS
+
+#endif /* _CERTT_H_ */
diff --git a/security/nss/lib/certdb/certv3.c b/security/nss/lib/certdb/certv3.c
new file mode 100644
index 000000000..bf0bcf96c
--- /dev/null
+++ b/security/nss/lib/certdb/certv3.c
@@ -0,0 +1,222 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Code for dealing with X509.V3 extensions.
+ */
+
+#include "cert.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "certxutl.h"
+#include "secerr.h"
+
+SECStatus
+CERT_FindCertExtensionByOID(CERTCertificate *cert, SECItem *oid, SECItem *value)
+{
+ return (cert_FindExtensionByOID(cert->extensions, oid, value));
+}
+
+SECStatus
+CERT_FindCertExtension(const CERTCertificate *cert, int tag, SECItem *value)
+{
+ return (cert_FindExtension(cert->extensions, tag, value));
+}
+
+static void
+SetExts(void *object, CERTCertExtension **exts)
+{
+ CERTCertificate *cert = (CERTCertificate *)object;
+
+ cert->extensions = exts;
+ DER_SetUInteger(cert->arena, &(cert->version), SEC_CERTIFICATE_VERSION_3);
+}
+
+void *
+CERT_StartCertExtensions(CERTCertificate *cert)
+{
+ return (cert_StartExtensions((void *)cert, cert->arena, SetExts));
+}
+
+/*
+ * get the value of the Netscape Certificate Type Extension
+ */
+SECStatus
+CERT_FindNSCertTypeExtension(CERTCertificate *cert, SECItem *retItem)
+{
+
+ return (CERT_FindBitStringExtension(
+ cert->extensions, SEC_OID_NS_CERT_EXT_CERT_TYPE, retItem));
+}
+
+/*
+ * get the value of a string type extension
+ */
+char *
+CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag)
+{
+ SECItem wrapperItem, tmpItem = { siBuffer, 0 };
+ SECStatus rv;
+ PLArenaPool *arena = NULL;
+ char *retstring = NULL;
+
+ wrapperItem.data = NULL;
+ tmpItem.data = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ goto loser;
+ }
+
+ rv = cert_FindExtension(cert->extensions, oidtag, &wrapperItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(
+ arena, &tmpItem, SEC_ASN1_GET(SEC_IA5StringTemplate), &wrapperItem);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ retstring = (char *)PORT_Alloc(tmpItem.len + 1);
+ if (retstring == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(retstring, tmpItem.data, tmpItem.len);
+ retstring[tmpItem.len] = '\0';
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (wrapperItem.data) {
+ PORT_Free(wrapperItem.data);
+ }
+
+ return (retstring);
+}
+
+/*
+ * get the value of the X.509 v3 Key Usage Extension
+ */
+SECStatus
+CERT_FindKeyUsageExtension(CERTCertificate *cert, SECItem *retItem)
+{
+
+ return (CERT_FindBitStringExtension(cert->extensions,
+ SEC_OID_X509_KEY_USAGE, retItem));
+}
+
+/*
+ * get the value of the X.509 v3 Key Usage Extension
+ */
+SECStatus
+CERT_FindSubjectKeyIDExtension(CERTCertificate *cert, SECItem *retItem)
+{
+
+ SECStatus rv;
+ SECItem encodedValue = { siBuffer, NULL, 0 };
+ SECItem decodedValue = { siBuffer, NULL, 0 };
+
+ rv = cert_FindExtension(cert->extensions, SEC_OID_X509_SUBJECT_KEY_ID,
+ &encodedValue);
+ if (rv == SECSuccess) {
+ PORTCheapArenaPool tmpArena;
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &decodedValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ &encodedValue);
+ if (rv == SECSuccess) {
+ rv = SECITEM_CopyItem(NULL, retItem, &decodedValue);
+ }
+ PORT_DestroyCheapArena(&tmpArena);
+ }
+ SECITEM_FreeItem(&encodedValue, PR_FALSE);
+ return rv;
+}
+
+SECStatus
+CERT_FindBasicConstraintExten(CERTCertificate *cert,
+ CERTBasicConstraints *value)
+{
+ SECItem encodedExtenValue;
+ SECStatus rv;
+
+ encodedExtenValue.data = NULL;
+ encodedExtenValue.len = 0;
+
+ rv = cert_FindExtension(cert->extensions, SEC_OID_X509_BASIC_CONSTRAINTS,
+ &encodedExtenValue);
+ if (rv != SECSuccess) {
+ return (rv);
+ }
+
+ rv = CERT_DecodeBasicConstraintValue(value, &encodedExtenValue);
+
+ /* free the raw extension data */
+ PORT_Free(encodedExtenValue.data);
+ encodedExtenValue.data = NULL;
+
+ return (rv);
+}
+
+CERTAuthKeyID *
+CERT_FindAuthKeyIDExten(PLArenaPool *arena, CERTCertificate *cert)
+{
+ SECItem encodedExtenValue;
+ SECStatus rv;
+ CERTAuthKeyID *ret;
+
+ encodedExtenValue.data = NULL;
+ encodedExtenValue.len = 0;
+
+ rv = cert_FindExtension(cert->extensions, SEC_OID_X509_AUTH_KEY_ID,
+ &encodedExtenValue);
+ if (rv != SECSuccess) {
+ return (NULL);
+ }
+
+ ret = CERT_DecodeAuthKeyID(arena, &encodedExtenValue);
+
+ PORT_Free(encodedExtenValue.data);
+ encodedExtenValue.data = NULL;
+
+ return (ret);
+}
+
+SECStatus
+CERT_CheckCertUsage(CERTCertificate *cert, unsigned char usage)
+{
+ SECItem keyUsage;
+ SECStatus rv;
+
+ /* There is no extension, v1 or v2 certificate */
+ if (cert->extensions == NULL) {
+ return (SECSuccess);
+ }
+
+ keyUsage.data = NULL;
+
+ /* This code formerly ignored the Key Usage extension if it was
+ ** marked non-critical. That was wrong. Since we do understand it,
+ ** we are obligated to honor it, whether or not it is critical.
+ */
+ rv = CERT_FindKeyUsageExtension(cert, &keyUsage);
+ if (rv == SECFailure) {
+ rv = (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) ? SECSuccess
+ : SECFailure;
+ } else if (!(keyUsage.data[0] & usage)) {
+ PORT_SetError(SEC_ERROR_CERT_USAGES_INVALID);
+ rv = SECFailure;
+ }
+ PORT_Free(keyUsage.data);
+ return (rv);
+}
diff --git a/security/nss/lib/certdb/certxutl.c b/security/nss/lib/certdb/certxutl.c
new file mode 100644
index 000000000..c53f15cdf
--- /dev/null
+++ b/security/nss/lib/certdb/certxutl.c
@@ -0,0 +1,493 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Certificate Extensions handling code
+ *
+ */
+
+#include "cert.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "certxutl.h"
+#include "secerr.h"
+
+#ifdef OLD
+#include "ocspti.h" /* XXX a better extensions interface would not
+ * require knowledge of data structures of callers */
+#endif
+
+static CERTCertExtension *
+GetExtension(CERTCertExtension **extensions, SECItem *oid)
+{
+ CERTCertExtension **exts;
+ CERTCertExtension *ext = NULL;
+ SECComparison comp;
+
+ exts = extensions;
+
+ if (exts) {
+ while (*exts) {
+ ext = *exts;
+ comp = SECITEM_CompareItem(oid, &ext->id);
+ if (comp == SECEqual)
+ break;
+
+ exts++;
+ }
+ return (*exts ? ext : NULL);
+ }
+ return (NULL);
+}
+
+SECStatus
+cert_FindExtensionByOID(CERTCertExtension **extensions, SECItem *oid,
+ SECItem *value)
+{
+ CERTCertExtension *ext;
+ SECStatus rv = SECSuccess;
+
+ ext = GetExtension(extensions, oid);
+ if (ext == NULL) {
+ PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
+ return (SECFailure);
+ }
+ if (value)
+ rv = SECITEM_CopyItem(NULL, value, &ext->value);
+ return (rv);
+}
+
+SECStatus
+CERT_GetExtenCriticality(CERTCertExtension **extensions, int tag,
+ PRBool *isCritical)
+{
+ CERTCertExtension *ext;
+ SECOidData *oid;
+
+ if (!isCritical)
+ return (SECSuccess);
+
+ /* find the extension in the extensions list */
+ oid = SECOID_FindOIDByTag((SECOidTag)tag);
+ if (!oid) {
+ return (SECFailure);
+ }
+ ext = GetExtension(extensions, &oid->oid);
+ if (ext == NULL) {
+ PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
+ return (SECFailure);
+ }
+
+ /* If the criticality is omitted, then it is false by default.
+ ex->critical.data is NULL */
+ if (ext->critical.data == NULL)
+ *isCritical = PR_FALSE;
+ else
+ *isCritical = (ext->critical.data[0] == 0xff) ? PR_TRUE : PR_FALSE;
+ return (SECSuccess);
+}
+
+SECStatus
+cert_FindExtension(CERTCertExtension **extensions, int tag, SECItem *value)
+{
+ SECOidData *oid;
+
+ oid = SECOID_FindOIDByTag((SECOidTag)tag);
+ if (!oid) {
+ return (SECFailure);
+ }
+
+ return (cert_FindExtensionByOID(extensions, &oid->oid, value));
+}
+
+typedef struct _extNode {
+ struct _extNode *next;
+ CERTCertExtension *ext;
+} extNode;
+
+typedef struct {
+ void (*setExts)(void *object, CERTCertExtension **exts);
+ void *object;
+ PLArenaPool *ownerArena;
+ PLArenaPool *arena;
+ extNode *head;
+ int count;
+} extRec;
+
+/*
+ * cert_StartExtensions
+ *
+ * NOTE: This interface changed significantly to remove knowledge
+ * about callers data structures (owner objects)
+ */
+void *
+cert_StartExtensions(void *owner, PLArenaPool *ownerArena,
+ void (*setExts)(void *object, CERTCertExtension **exts))
+{
+ PLArenaPool *arena;
+ extRec *handle;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return (0);
+ }
+
+ handle = (extRec *)PORT_ArenaAlloc(arena, sizeof(extRec));
+ if (!handle) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return (0);
+ }
+
+ handle->object = owner;
+ handle->ownerArena = ownerArena;
+ handle->setExts = setExts;
+
+ handle->arena = arena;
+ handle->head = 0;
+ handle->count = 0;
+
+ return (handle);
+}
+
+static unsigned char hextrue = 0xff;
+
+/*
+ * Note - assumes that data pointed to by oid->data will not move
+ */
+SECStatus
+CERT_AddExtensionByOID(void *exthandle, SECItem *oid, SECItem *value,
+ PRBool critical, PRBool copyData)
+{
+ CERTCertExtension *ext;
+ SECStatus rv;
+ extNode *node;
+ extRec *handle;
+
+ handle = (extRec *)exthandle;
+
+ /* allocate space for extension and list node */
+ ext = (CERTCertExtension *)PORT_ArenaZAlloc(handle->ownerArena,
+ sizeof(CERTCertExtension));
+ if (!ext) {
+ return (SECFailure);
+ }
+
+ node = (extNode *)PORT_ArenaAlloc(handle->arena, sizeof(extNode));
+ if (!node) {
+ return (SECFailure);
+ }
+
+ /* add to list */
+ node->next = handle->head;
+ handle->head = node;
+
+ /* point to ext struct */
+ node->ext = ext;
+
+ /* set critical field */
+ if (critical) {
+ ext->critical.data = (unsigned char *)&hextrue;
+ ext->critical.len = 1;
+ }
+
+ /* set object ID of the extension and its value */
+ if (copyData) {
+ rv = SECITEM_CopyItem(handle->ownerArena, &ext->id, oid);
+ if (rv) {
+ return (SECFailure);
+ }
+
+ rv = SECITEM_CopyItem(handle->ownerArena, &ext->value, value);
+ if (rv) {
+ return (SECFailure);
+ }
+ } else {
+ ext->id = *oid;
+ ext->value = *value;
+ }
+
+ handle->count++;
+
+ return (SECSuccess);
+}
+
+SECStatus
+CERT_AddExtension(void *exthandle, int idtag, SECItem *value, PRBool critical,
+ PRBool copyData)
+{
+ SECOidData *oid;
+
+ oid = SECOID_FindOIDByTag((SECOidTag)idtag);
+ if (!oid) {
+ return (SECFailure);
+ }
+
+ return (CERT_AddExtensionByOID(exthandle, &oid->oid, value, critical,
+ copyData));
+}
+
+SECStatus
+CERT_EncodeAndAddExtension(void *exthandle, int idtag, void *value,
+ PRBool critical, const SEC_ASN1Template *atemplate)
+{
+ extRec *handle;
+ SECItem *encitem;
+
+ handle = (extRec *)exthandle;
+
+ encitem = SEC_ASN1EncodeItem(handle->ownerArena, NULL, value, atemplate);
+ if (encitem == NULL) {
+ return (SECFailure);
+ }
+
+ return CERT_AddExtension(exthandle, idtag, encitem, critical, PR_FALSE);
+}
+
+void
+PrepareBitStringForEncoding(SECItem *bitsmap, SECItem *value)
+{
+ unsigned char onebyte;
+ unsigned int i, len = 0;
+
+ /* to prevent warning on some platform at compile time */
+ onebyte = '\0';
+ /* Get the position of the right-most turn-on bit */
+ for (i = 0; i < (value->len) * 8; ++i) {
+ if (i % 8 == 0)
+ onebyte = value->data[i / 8];
+ if (onebyte & 0x80)
+ len = i;
+ onebyte <<= 1;
+ }
+ bitsmap->data = value->data;
+ /* Add one here since we work with base 1 */
+ bitsmap->len = len + 1;
+}
+
+SECStatus
+CERT_EncodeAndAddBitStrExtension(void *exthandle, int idtag, SECItem *value,
+ PRBool critical)
+{
+ SECItem bitsmap;
+
+ PrepareBitStringForEncoding(&bitsmap, value);
+ return (CERT_EncodeAndAddExtension(exthandle, idtag, &bitsmap, critical,
+ SEC_ASN1_GET(SEC_BitStringTemplate)));
+}
+
+SECStatus
+CERT_FinishExtensions(void *exthandle)
+{
+ extRec *handle;
+ extNode *node;
+ CERTCertExtension **exts;
+ SECStatus rv = SECFailure;
+
+ handle = (extRec *)exthandle;
+
+ /* allocate space for extensions array */
+ exts = PORT_ArenaNewArray(handle->ownerArena, CERTCertExtension *,
+ handle->count + 1);
+ if (exts == NULL) {
+ goto loser;
+ }
+
+/* put extensions in owner object and update its version number */
+
+#ifdef OLD
+ switch (handle->type) {
+ case CertificateExtensions:
+ handle->owner.cert->extensions = exts;
+ DER_SetUInteger(ownerArena, &(handle->owner.cert->version),
+ SEC_CERTIFICATE_VERSION_3);
+ break;
+ case CrlExtensions:
+ handle->owner.crl->extensions = exts;
+ DER_SetUInteger(ownerArena, &(handle->owner.crl->version),
+ SEC_CRL_VERSION_2);
+ break;
+ case OCSPRequestExtensions:
+ handle->owner.request->tbsRequest->requestExtensions = exts;
+ break;
+ case OCSPSingleRequestExtensions:
+ handle->owner.singleRequest->singleRequestExtensions = exts;
+ break;
+ case OCSPResponseSingleExtensions:
+ handle->owner.singleResponse->singleExtensions = exts;
+ break;
+ }
+#endif
+
+ handle->setExts(handle->object, exts);
+
+ /* update the version number */
+
+ /* copy each extension pointer */
+ node = handle->head;
+ while (node) {
+ *exts = node->ext;
+
+ node = node->next;
+ exts++;
+ }
+
+ /* terminate the array of extensions */
+ *exts = 0;
+
+ rv = SECSuccess;
+
+loser:
+ /* free working arena */
+ PORT_FreeArena(handle->arena, PR_FALSE);
+ return rv;
+}
+
+SECStatus
+CERT_MergeExtensions(void *exthandle, CERTCertExtension **extensions)
+{
+ CERTCertExtension *ext;
+ SECStatus rv = SECSuccess;
+ SECOidTag tag;
+ extNode *node;
+ extRec *handle = exthandle;
+
+ if (!exthandle || !extensions) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ while ((ext = *extensions++) != NULL) {
+ tag = SECOID_FindOIDTag(&ext->id);
+ for (node = handle->head; node != NULL; node = node->next) {
+ if (tag == 0) {
+ if (SECITEM_ItemsAreEqual(&ext->id, &node->ext->id))
+ break;
+ } else {
+ if (SECOID_FindOIDTag(&node->ext->id) == tag) {
+ break;
+ }
+ }
+ }
+ if (node == NULL) {
+ PRBool critical = (ext->critical.len != 0 &&
+ ext->critical.data[ext->critical.len - 1] != 0);
+ if (critical && tag == SEC_OID_UNKNOWN) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
+ rv = SECFailure;
+ break;
+ }
+ /* add to list */
+ rv = CERT_AddExtensionByOID(exthandle, &ext->id, &ext->value,
+ critical, PR_TRUE);
+ if (rv != SECSuccess)
+ break;
+ }
+ }
+ return rv;
+}
+
+/*
+ * get the value of the Netscape Certificate Type Extension
+ */
+SECStatus
+CERT_FindBitStringExtension(CERTCertExtension **extensions, int tag,
+ SECItem *retItem)
+{
+ SECItem wrapperItem, tmpItem = { siBuffer, 0 };
+ SECStatus rv;
+ PORTCheapArenaPool tmpArena;
+
+ wrapperItem.data = NULL;
+ tmpItem.data = NULL;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ rv = cert_FindExtension(extensions, tag, &wrapperItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &tmpItem,
+ SEC_ASN1_GET(SEC_BitStringTemplate),
+ &wrapperItem);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ retItem->data = (unsigned char *)PORT_Alloc((tmpItem.len + 7) >> 3);
+ if (retItem->data == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(retItem->data, tmpItem.data, (tmpItem.len + 7) >> 3);
+ retItem->len = tmpItem.len;
+
+ rv = SECSuccess;
+ goto done;
+
+loser:
+ rv = SECFailure;
+
+done:
+ PORT_DestroyCheapArena(&tmpArena);
+
+ if (wrapperItem.data) {
+ PORT_Free(wrapperItem.data);
+ }
+
+ return (rv);
+}
+
+PRBool
+cert_HasCriticalExtension(CERTCertExtension **extensions)
+{
+ CERTCertExtension **exts;
+ CERTCertExtension *ext = NULL;
+ PRBool hasCriticalExten = PR_FALSE;
+
+ exts = extensions;
+
+ if (exts) {
+ while (*exts) {
+ ext = *exts;
+ /* If the criticality is omitted, it's non-critical */
+ if (ext->critical.data && ext->critical.data[0] == 0xff) {
+ hasCriticalExten = PR_TRUE;
+ break;
+ }
+ exts++;
+ }
+ }
+ return (hasCriticalExten);
+}
+
+PRBool
+cert_HasUnknownCriticalExten(CERTCertExtension **extensions)
+{
+ CERTCertExtension **exts;
+ CERTCertExtension *ext = NULL;
+ PRBool hasUnknownCriticalExten = PR_FALSE;
+
+ exts = extensions;
+
+ if (exts) {
+ while (*exts) {
+ ext = *exts;
+ /* If the criticality is omitted, it's non-critical.
+ If an extension is critical, make sure that we know
+ how to process the extension.
+ */
+ if (ext->critical.data && ext->critical.data[0] == 0xff) {
+ if (SECOID_KnownCertExtenOID(&ext->id) == PR_FALSE) {
+ hasUnknownCriticalExten = PR_TRUE;
+ break;
+ }
+ }
+ exts++;
+ }
+ }
+ return (hasUnknownCriticalExten);
+}
diff --git a/security/nss/lib/certdb/certxutl.h b/security/nss/lib/certdb/certxutl.h
new file mode 100644
index 000000000..a8c76b5cf
--- /dev/null
+++ b/security/nss/lib/certdb/certxutl.h
@@ -0,0 +1,44 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * x.509 v3 certificate extension helper routines
+ *
+ */
+
+#ifndef _CERTXUTL_H_
+#define _CERTXUTL_H_
+
+#include "nspr.h"
+
+#ifdef OLD
+typedef enum {
+ CertificateExtensions,
+ CrlExtensions,
+ OCSPRequestExtensions,
+ OCSPSingleRequestExtensions,
+ OCSPResponseSingleExtensions
+} ExtensionsType;
+#endif
+
+extern PRBool cert_HasCriticalExtension(CERTCertExtension **extensions);
+
+extern SECStatus CERT_FindBitStringExtension(CERTCertExtension **extensions,
+ int tag, SECItem *retItem);
+extern void *cert_StartExtensions(void *owner, PLArenaPool *arena,
+ void (*setExts)(void *object,
+ CERTCertExtension **exts));
+
+extern SECStatus cert_FindExtension(CERTCertExtension **extensions, int tag,
+ SECItem *value);
+
+extern SECStatus cert_FindExtensionByOID(CERTCertExtension **extensions,
+ SECItem *oid, SECItem *value);
+
+extern SECStatus cert_GetExtenCriticality(CERTCertExtension **extensions,
+ int tag, PRBool *isCritical);
+
+extern PRBool cert_HasUnknownCriticalExten(CERTCertExtension **extensions);
+
+#endif
diff --git a/security/nss/lib/certdb/config.mk b/security/nss/lib/certdb/config.mk
new file mode 100644
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/certdb/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c
new file mode 100644
index 000000000..87469085e
--- /dev/null
+++ b/security/nss/lib/certdb/crl.c
@@ -0,0 +1,3045 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Moved from secpkcs7.c
+ */
+
+#include "cert.h"
+#include "certi.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "certdb.h"
+#include "certxutl.h"
+#include "prtime.h"
+#include "secerr.h"
+#include "pk11func.h"
+#include "dev.h"
+#include "dev3hack.h"
+#include "nssbase.h"
+#if defined(DPC_RWLOCK) || defined(GLOBAL_RWLOCK)
+#include "nssrwlk.h"
+#endif
+#include "pk11priv.h"
+
+const SEC_ASN1Template SEC_CERTExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertExtension) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTCertExtension, id) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
+ offsetof(CERTCertExtension, critical) },
+ { SEC_ASN1_OCTET_STRING, offsetof(CERTCertExtension, value) },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_CERTExtensionsTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_CERTExtensionTemplate }
+};
+
+/*
+ * XXX Also, these templates need to be tested; Lisa did the obvious
+ * translation but they still should be verified.
+ */
+
+const SEC_ASN1Template CERT_IssuerAndSNTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTIssuerAndSN) },
+ { SEC_ASN1_SAVE, offsetof(CERTIssuerAndSN, derIssuer) },
+ { SEC_ASN1_INLINE, offsetof(CERTIssuerAndSN, issuer), CERT_NameTemplate },
+ { SEC_ASN1_INTEGER, offsetof(CERTIssuerAndSN, serialNumber) },
+ { 0 }
+};
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(CERT_TimeChoiceTemplate)
+
+static const SEC_ASN1Template cert_CrlKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCrlKey) },
+ { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(CERTCrlKey, dummy) },
+ { SEC_ASN1_SKIP },
+ { SEC_ASN1_ANY, offsetof(CERTCrlKey, derName) },
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+
+static const SEC_ASN1Template cert_CrlEntryTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCrlEntry) },
+ { SEC_ASN1_INTEGER, offsetof(CERTCrlEntry, serialNumber) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTCrlEntry, revocationDate),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
+ offsetof(CERTCrlEntry, extensions), SEC_CERTExtensionTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_CrlTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCrl) },
+ { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(CERTCrl, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTCrl, signatureAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_SAVE, offsetof(CERTCrl, derName) },
+ { SEC_ASN1_INLINE, offsetof(CERTCrl, name), CERT_NameTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTCrl, lastUpdate),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN,
+ offsetof(CERTCrl, nextUpdate), SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF, offsetof(CERTCrl, entries),
+ cert_CrlEntryTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_EXPLICIT | 0,
+ offsetof(CERTCrl, extensions), SEC_CERTExtensionsTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_CrlTemplateNoEntries[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCrl) },
+ { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(CERTCrl, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTCrl, signatureAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_SAVE, offsetof(CERTCrl, derName) },
+ { SEC_ASN1_INLINE, offsetof(CERTCrl, name), CERT_NameTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CERTCrl, lastUpdate),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN,
+ offsetof(CERTCrl, nextUpdate), SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF |
+ SEC_ASN1_SKIP }, /* skip entries */
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_EXPLICIT | 0,
+ offsetof(CERTCrl, extensions), SEC_CERTExtensionsTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_CrlTemplateEntriesOnly[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCrl) },
+ { SEC_ASN1_SKIP | SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL },
+ { SEC_ASN1_SKIP },
+ { SEC_ASN1_SKIP },
+ { SEC_ASN1_SKIP | SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTCrl, lastUpdate), SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_SKIP | SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN,
+ offsetof(CERTCrl, nextUpdate), SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF, offsetof(CERTCrl, entries),
+ cert_CrlEntryTemplate }, /* decode entries */
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_SignedCrlTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTSignedCrl) },
+ { SEC_ASN1_SAVE, offsetof(CERTSignedCrl, signatureWrap.data) },
+ { SEC_ASN1_INLINE, offsetof(CERTSignedCrl, crl), CERT_CrlTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTSignedCrl, signatureWrap.signatureAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING, offsetof(CERTSignedCrl, signatureWrap.signature) },
+ { 0 }
+};
+
+static const SEC_ASN1Template cert_SignedCrlTemplateNoEntries[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTSignedCrl) },
+ { SEC_ASN1_SAVE, offsetof(CERTSignedCrl, signatureWrap.data) },
+ { SEC_ASN1_INLINE, offsetof(CERTSignedCrl, crl),
+ CERT_CrlTemplateNoEntries },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTSignedCrl, signatureWrap.signatureAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING, offsetof(CERTSignedCrl, signatureWrap.signature) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, CERT_SignedCrlTemplate },
+};
+
+/* get CRL version */
+int
+cert_get_crl_version(CERTCrl* crl)
+{
+ /* CRL version is defaulted to v1 */
+ int version = SEC_CRL_VERSION_1;
+ if (crl && crl->version.data != 0) {
+ version = (int)DER_GetUInteger(&crl->version);
+ }
+ return version;
+}
+
+/* check the entries in the CRL */
+SECStatus
+cert_check_crl_entries(CERTCrl* crl)
+{
+ CERTCrlEntry** entries;
+ CERTCrlEntry* entry;
+ PRBool hasCriticalExten = PR_FALSE;
+ SECStatus rv = SECSuccess;
+
+ if (!crl) {
+ return SECFailure;
+ }
+
+ if (crl->entries == NULL) {
+ /* CRLs with no entries are valid */
+ return (SECSuccess);
+ }
+
+ /* Look in the crl entry extensions. If there is a critical extension,
+ then the crl version must be v2; otherwise, it should be v1.
+ */
+ entries = crl->entries;
+ while (*entries) {
+ entry = *entries;
+ if (entry->extensions) {
+ /* If there is a critical extension in the entries, then the
+ CRL must be of version 2. If we already saw a critical
+ extension,
+ there is no need to check the version again.
+ */
+ if (hasCriticalExten == PR_FALSE) {
+ hasCriticalExten = cert_HasCriticalExtension(entry->extensions);
+ if (hasCriticalExten) {
+ if (cert_get_crl_version(crl) != SEC_CRL_VERSION_2) {
+ /* only CRL v2 critical extensions are supported */
+ PORT_SetError(SEC_ERROR_CRL_V1_CRITICAL_EXTENSION);
+ rv = SECFailure;
+ break;
+ }
+ }
+ }
+
+ /* For each entry, make sure that it does not contain an unknown
+ critical extension. If it does, we must reject the CRL since
+ we don't know how to process the extension.
+ */
+ if (cert_HasUnknownCriticalExten(entry->extensions) == PR_TRUE) {
+ PORT_SetError(SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION);
+ rv = SECFailure;
+ break;
+ }
+ }
+ ++entries;
+ }
+ return (rv);
+}
+
+/* Check the version of the CRL. If there is a critical extension in the crl
+ or crl entry, then the version must be v2. Otherwise, it should be v1. If
+ the crl contains critical extension(s), then we must recognized the
+ extension's OID.
+ */
+SECStatus
+cert_check_crl_version(CERTCrl* crl)
+{
+ PRBool hasCriticalExten = PR_FALSE;
+ int version = cert_get_crl_version(crl);
+
+ if (version > SEC_CRL_VERSION_2) {
+ PORT_SetError(SEC_ERROR_CRL_INVALID_VERSION);
+ return (SECFailure);
+ }
+
+ /* Check the crl extensions for a critial extension. If one is found,
+ and the version is not v2, then we are done.
+ */
+ if (crl->extensions) {
+ hasCriticalExten = cert_HasCriticalExtension(crl->extensions);
+ if (hasCriticalExten) {
+ if (version != SEC_CRL_VERSION_2) {
+ /* only CRL v2 critical extensions are supported */
+ PORT_SetError(SEC_ERROR_CRL_V1_CRITICAL_EXTENSION);
+ return (SECFailure);
+ }
+ /* make sure that there is no unknown critical extension */
+ if (cert_HasUnknownCriticalExten(crl->extensions) == PR_TRUE) {
+ PORT_SetError(SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION);
+ return (SECFailure);
+ }
+ }
+ }
+
+ return (SECSuccess);
+}
+
+/*
+ * Generate a database key, based on the issuer name from a
+ * DER crl.
+ */
+SECStatus
+CERT_KeyFromDERCrl(PLArenaPool* arena, SECItem* derCrl, SECItem* key)
+{
+ SECStatus rv;
+ CERTSignedData sd;
+ CERTCrlKey crlkey;
+ PLArenaPool* myArena;
+
+ if (!arena) {
+ /* arena needed for QuickDER */
+ myArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ } else {
+ myArena = arena;
+ }
+ PORT_Memset(&sd, 0, sizeof(sd));
+ rv = SEC_QuickDERDecodeItem(myArena, &sd, CERT_SignedDataTemplate, derCrl);
+ if (SECSuccess == rv) {
+ PORT_Memset(&crlkey, 0, sizeof(crlkey));
+ rv = SEC_QuickDERDecodeItem(myArena, &crlkey, cert_CrlKeyTemplate,
+ &sd.data);
+ }
+
+ /* make a copy so the data doesn't point to memory inside derCrl, which
+ may be temporary */
+ if (SECSuccess == rv) {
+ rv = SECITEM_CopyItem(arena, key, &crlkey.derName);
+ }
+
+ if (myArena != arena) {
+ PORT_FreeArena(myArena, PR_FALSE);
+ }
+
+ return rv;
+}
+
+#define GetOpaqueCRLFields(x) ((OpaqueCRLFields*)x->opaque)
+
+SECStatus
+CERT_CompleteCRLDecodeEntries(CERTSignedCrl* crl)
+{
+ SECStatus rv = SECSuccess;
+ SECItem* crldata = NULL;
+ OpaqueCRLFields* extended = NULL;
+
+ if ((!crl) || (!(extended = (OpaqueCRLFields*)crl->opaque)) ||
+ (PR_TRUE == extended->decodingError)) {
+ rv = SECFailure;
+ } else {
+ if (PR_FALSE == extended->partial) {
+ /* the CRL has already been fully decoded */
+ return SECSuccess;
+ }
+ if (PR_TRUE == extended->badEntries) {
+ /* the entries decoding already failed */
+ return SECFailure;
+ }
+ crldata = &crl->signatureWrap.data;
+ if (!crldata) {
+ rv = SECFailure;
+ }
+ }
+
+ if (SECSuccess == rv) {
+ rv = SEC_QuickDERDecodeItem(crl->arena, &crl->crl,
+ CERT_CrlTemplateEntriesOnly, crldata);
+ if (SECSuccess == rv) {
+ extended->partial = PR_FALSE; /* successful decode, avoid
+ decoding again */
+ } else {
+ extended->decodingError = PR_TRUE;
+ extended->badEntries = PR_TRUE;
+ /* cache the decoding failure. If it fails the first time,
+ it will fail again, which will grow the arena and leak
+ memory, so we want to avoid it */
+ }
+ rv = cert_check_crl_entries(&crl->crl);
+ if (rv != SECSuccess) {
+ extended->badExtensions = PR_TRUE;
+ }
+ }
+ return rv;
+}
+
+/*
+ * take a DER CRL and decode it into a CRL structure
+ * allow reusing the input DER without making a copy
+ */
+CERTSignedCrl*
+CERT_DecodeDERCrlWithFlags(PLArenaPool* narena, SECItem* derSignedCrl, int type,
+ PRInt32 options)
+{
+ PLArenaPool* arena;
+ CERTSignedCrl* crl;
+ SECStatus rv;
+ OpaqueCRLFields* extended = NULL;
+ const SEC_ASN1Template* crlTemplate = CERT_SignedCrlTemplate;
+ PRInt32 testOptions = options;
+
+ PORT_Assert(derSignedCrl);
+ if (!derSignedCrl) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /* Adopting DER requires not copying it. Code that sets ADOPT flag
+ * but doesn't set DONT_COPY probably doesn't know What it is doing.
+ * That condition is a programming error in the caller.
+ */
+ testOptions &= (CRL_DECODE_ADOPT_HEAP_DER | CRL_DECODE_DONT_COPY_DER);
+ PORT_Assert(testOptions != CRL_DECODE_ADOPT_HEAP_DER);
+ if (testOptions == CRL_DECODE_ADOPT_HEAP_DER) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /* make a new arena if needed */
+ if (narena == NULL) {
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return NULL;
+ }
+ } else {
+ arena = narena;
+ }
+
+ /* allocate the CRL structure */
+ crl = (CERTSignedCrl*)PORT_ArenaZAlloc(arena, sizeof(CERTSignedCrl));
+ if (!crl) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ crl->arena = arena;
+
+ /* allocate opaque fields */
+ crl->opaque = (void*)PORT_ArenaZAlloc(arena, sizeof(OpaqueCRLFields));
+ if (!crl->opaque) {
+ goto loser;
+ }
+ extended = (OpaqueCRLFields*)crl->opaque;
+ if (options & CRL_DECODE_ADOPT_HEAP_DER) {
+ extended->heapDER = PR_TRUE;
+ }
+ if (options & CRL_DECODE_DONT_COPY_DER) {
+ crl->derCrl = derSignedCrl; /* DER is not copied . The application
+ must keep derSignedCrl until it
+ destroys the CRL */
+ } else {
+ crl->derCrl = (SECItem*)PORT_ArenaZAlloc(arena, sizeof(SECItem));
+ if (crl->derCrl == NULL) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, crl->derCrl, derSignedCrl);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* Save the arena in the inner crl for CRL extensions support */
+ crl->crl.arena = arena;
+ if (options & CRL_DECODE_SKIP_ENTRIES) {
+ crlTemplate = cert_SignedCrlTemplateNoEntries;
+ extended->partial = PR_TRUE;
+ }
+
+ /* decode the CRL info */
+ switch (type) {
+ case SEC_CRL_TYPE:
+ rv = SEC_QuickDERDecodeItem(arena, crl, crlTemplate, crl->derCrl);
+ if (rv != SECSuccess) {
+ extended->badDER = PR_TRUE;
+ break;
+ }
+ /* check for critical extensions */
+ rv = cert_check_crl_version(&crl->crl);
+ if (rv != SECSuccess) {
+ extended->badExtensions = PR_TRUE;
+ break;
+ }
+
+ if (PR_TRUE == extended->partial) {
+ /* partial decoding, don't verify entries */
+ break;
+ }
+
+ rv = cert_check_crl_entries(&crl->crl);
+ if (rv != SECSuccess) {
+ extended->badExtensions = PR_TRUE;
+ }
+
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ crl->referenceCount = 1;
+
+ return (crl);
+
+loser:
+ if (options & CRL_DECODE_KEEP_BAD_CRL) {
+ if (extended) {
+ extended->decodingError = PR_TRUE;
+ }
+ if (crl) {
+ crl->referenceCount = 1;
+ return (crl);
+ }
+ }
+
+ if ((narena == NULL) && arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (0);
+}
+
+/*
+ * take a DER CRL and decode it into a CRL structure
+ */
+CERTSignedCrl*
+CERT_DecodeDERCrl(PLArenaPool* narena, SECItem* derSignedCrl, int type)
+{
+ return CERT_DecodeDERCrlWithFlags(narena, derSignedCrl, type,
+ CRL_DECODE_DEFAULT_OPTIONS);
+}
+
+/*
+ * Lookup a CRL in the databases. We mirror the same fast caching data base
+ * caching stuff used by certificates....?
+ * return values :
+ *
+ * SECSuccess means we got a valid decodable DER CRL, or no CRL at all.
+ * Caller may distinguish those cases by the value returned in "decoded".
+ * When DER CRL is not found, error code will be SEC_ERROR_CRL_NOT_FOUND.
+ *
+ * SECFailure means we got a fatal error - most likely, we found a CRL,
+ * and it failed decoding, or there was an out of memory error. Do NOT ignore
+ * it and specifically do NOT treat it the same as having no CRL, as this
+ * can compromise security !!! Ideally, you should treat this case as if you
+ * received a "catch-all" CRL where all certs you were looking up are
+ * considered to be revoked
+ */
+static SECStatus
+SEC_FindCrlByKeyOnSlot(PK11SlotInfo* slot, SECItem* crlKey, int type,
+ CERTSignedCrl** decoded, PRInt32 decodeoptions)
+{
+ SECStatus rv = SECSuccess;
+ CERTSignedCrl* crl = NULL;
+ SECItem* derCrl = NULL;
+ CK_OBJECT_HANDLE crlHandle = 0;
+ char* url = NULL;
+
+ PORT_Assert(decoded);
+ if (!decoded) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ derCrl = PK11_FindCrlByName(&slot, &crlHandle, crlKey, type, &url);
+ if (derCrl == NULL) {
+ /* if we had a problem other than the CRL just didn't exist, return
+ * a failure to the upper level */
+ int nsserror = PORT_GetError();
+ if (nsserror != SEC_ERROR_CRL_NOT_FOUND) {
+ rv = SECFailure;
+ }
+ goto loser;
+ }
+ PORT_Assert(crlHandle != CK_INVALID_HANDLE);
+ /* PK11_FindCrlByName obtained a slot reference. */
+
+ /* derCRL is a fresh HEAP copy made for us by PK11_FindCrlByName.
+ Force adoption of the DER CRL from the heap - this will cause it
+ to be automatically freed when SEC_DestroyCrl is invoked */
+ decodeoptions |= (CRL_DECODE_ADOPT_HEAP_DER | CRL_DECODE_DONT_COPY_DER);
+
+ crl = CERT_DecodeDERCrlWithFlags(NULL, derCrl, type, decodeoptions);
+ if (crl) {
+ crl->slot = slot;
+ slot = NULL; /* adopt it */
+ derCrl = NULL; /* adopted by the crl struct */
+ crl->pkcs11ID = crlHandle;
+ if (url) {
+ crl->url = PORT_ArenaStrdup(crl->arena, url);
+ }
+ } else {
+ rv = SECFailure;
+ }
+
+ if (url) {
+ PORT_Free(url);
+ }
+
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+
+loser:
+ if (derCrl) {
+ SECITEM_FreeItem(derCrl, PR_TRUE);
+ }
+
+ *decoded = crl;
+
+ return rv;
+}
+
+CERTSignedCrl*
+crl_storeCRL(PK11SlotInfo* slot, char* url, CERTSignedCrl* newCrl,
+ SECItem* derCrl, int type)
+{
+ CERTSignedCrl *oldCrl = NULL, *crl = NULL;
+ PRBool deleteOldCrl = PR_FALSE;
+ CK_OBJECT_HANDLE crlHandle = CK_INVALID_HANDLE;
+
+ PORT_Assert(newCrl);
+ PORT_Assert(derCrl);
+ PORT_Assert(type == SEC_CRL_TYPE);
+
+ if (type != SEC_CRL_TYPE) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /* we can't use the cache here because we must look in the same
+ token */
+ (void)SEC_FindCrlByKeyOnSlot(slot, &newCrl->crl.derName, type, &oldCrl,
+ CRL_DECODE_SKIP_ENTRIES);
+ /* if there is an old crl on the token, make sure the one we are
+ installing is newer. If not, exit out, otherwise delete the
+ old crl.
+ */
+ if (oldCrl != NULL) {
+ /* if it's already there, quietly continue */
+ if (SECITEM_CompareItem(newCrl->derCrl, oldCrl->derCrl) == SECEqual) {
+ crl = newCrl;
+ crl->slot = PK11_ReferenceSlot(slot);
+ crl->pkcs11ID = oldCrl->pkcs11ID;
+ if (oldCrl->url && !url)
+ url = oldCrl->url;
+ if (url)
+ crl->url = PORT_ArenaStrdup(crl->arena, url);
+ goto done;
+ }
+ if (!SEC_CrlIsNewer(&newCrl->crl, &oldCrl->crl)) {
+ PORT_SetError(SEC_ERROR_OLD_CRL);
+ goto done;
+ }
+
+ /* if we have a url in the database, use that one */
+ if (oldCrl->url && !url) {
+ url = oldCrl->url;
+ }
+
+ /* really destroy this crl */
+ /* first drum it out of the permanment Data base */
+ deleteOldCrl = PR_TRUE;
+ }
+
+ /* invalidate CRL cache for this issuer */
+ CERT_CRLCacheRefreshIssuer(NULL, &newCrl->crl.derName);
+ /* Write the new entry into the data base */
+ crlHandle = PK11_PutCrl(slot, derCrl, &newCrl->crl.derName, url, type);
+ if (crlHandle != CK_INVALID_HANDLE) {
+ crl = newCrl;
+ crl->slot = PK11_ReferenceSlot(slot);
+ crl->pkcs11ID = crlHandle;
+ if (url) {
+ crl->url = PORT_ArenaStrdup(crl->arena, url);
+ }
+ }
+
+done:
+ if (oldCrl) {
+ if (deleteOldCrl && crlHandle != CK_INVALID_HANDLE) {
+ SEC_DeletePermCRL(oldCrl);
+ }
+ SEC_DestroyCrl(oldCrl);
+ }
+
+ return crl;
+}
+
+/*
+ *
+ * create a new CRL from DER material.
+ *
+ * The signature on this CRL must be checked before you
+ * load it. ???
+ */
+CERTSignedCrl*
+SEC_NewCrl(CERTCertDBHandle* handle, char* url, SECItem* derCrl, int type)
+{
+ CERTSignedCrl* retCrl = NULL;
+ PK11SlotInfo* slot = PK11_GetInternalKeySlot();
+ retCrl =
+ PK11_ImportCRL(slot, derCrl, url, type, NULL, CRL_IMPORT_BYPASS_CHECKS,
+ NULL, CRL_DECODE_DEFAULT_OPTIONS);
+ PK11_FreeSlot(slot);
+
+ return retCrl;
+}
+
+CERTSignedCrl*
+SEC_FindCrlByDERCert(CERTCertDBHandle* handle, SECItem* derCrl, int type)
+{
+ PLArenaPool* arena;
+ SECItem crlKey;
+ SECStatus rv;
+ CERTSignedCrl* crl = NULL;
+
+ /* create a scratch arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return (NULL);
+ }
+
+ /* extract the database key from the cert */
+ rv = CERT_KeyFromDERCrl(arena, derCrl, &crlKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* find the crl */
+ crl = SEC_FindCrlByName(handle, &crlKey, type);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (crl);
+}
+
+CERTSignedCrl*
+SEC_DupCrl(CERTSignedCrl* acrl)
+{
+ if (acrl) {
+ PR_ATOMIC_INCREMENT(&acrl->referenceCount);
+ return acrl;
+ }
+ return NULL;
+}
+
+SECStatus
+SEC_DestroyCrl(CERTSignedCrl* crl)
+{
+ if (crl) {
+ if (PR_ATOMIC_DECREMENT(&crl->referenceCount) < 1) {
+ if (crl->slot) {
+ PK11_FreeSlot(crl->slot);
+ }
+ if (GetOpaqueCRLFields(crl) &&
+ PR_TRUE == GetOpaqueCRLFields(crl)->heapDER) {
+ SECITEM_FreeItem(crl->derCrl, PR_TRUE);
+ }
+ if (crl->arena) {
+ PORT_FreeArena(crl->arena, PR_FALSE);
+ }
+ }
+ return SECSuccess;
+ } else {
+ return SECFailure;
+ }
+}
+
+SECStatus
+SEC_LookupCrls(CERTCertDBHandle* handle, CERTCrlHeadNode** nodes, int type)
+{
+ CERTCrlHeadNode* head;
+ PLArenaPool* arena = NULL;
+ SECStatus rv;
+
+ *nodes = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return SECFailure;
+ }
+
+ /* build a head structure */
+ head = (CERTCrlHeadNode*)PORT_ArenaAlloc(arena, sizeof(CERTCrlHeadNode));
+ head->arena = arena;
+ head->first = NULL;
+ head->last = NULL;
+ head->dbhandle = handle;
+
+ /* Look up the proper crl types */
+ *nodes = head;
+
+ rv = PK11_LookupCrls(head, type, NULL);
+
+ if (rv != SECSuccess) {
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ *nodes = NULL;
+ }
+ }
+
+ return rv;
+}
+
+/* These functions simply return the address of the above-declared templates.
+** This is necessary for Windows DLLs. Sigh.
+*/
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_IssuerAndSNTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CrlTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedCrlTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SetOfSignedCrlTemplate)
+
+/* CRL cache code starts here */
+
+/* constructor */
+static SECStatus CachedCrl_Create(CachedCrl** returned, CERTSignedCrl* crl,
+ CRLOrigin origin);
+/* destructor */
+static SECStatus CachedCrl_Destroy(CachedCrl* crl);
+
+/* create hash table of CRL entries */
+static SECStatus CachedCrl_Populate(CachedCrl* crlobject);
+
+/* empty the cache content */
+static SECStatus CachedCrl_Depopulate(CachedCrl* crl);
+
+/* are these CRLs the same, as far as the cache is concerned ?
+ Or are they the same token object, but with different DER ? */
+
+static SECStatus CachedCrl_Compare(CachedCrl* a, CachedCrl* b, PRBool* isDupe,
+ PRBool* isUpdated);
+
+/* create a DPCache object */
+static SECStatus DPCache_Create(CRLDPCache** returned, CERTCertificate* issuer,
+ const SECItem* subject, SECItem* dp);
+
+/* destructor for CRL DPCache object */
+static SECStatus DPCache_Destroy(CRLDPCache* cache);
+
+/* add a new CRL object to the dynamic array of CRLs of the DPCache, and
+ returns the cached CRL object . Needs write access to DPCache. */
+static SECStatus DPCache_AddCRL(CRLDPCache* cache, CachedCrl* crl,
+ PRBool* added);
+
+/* fetch the CRL for this DP from the PKCS#11 tokens */
+static SECStatus DPCache_FetchFromTokens(CRLDPCache* cache, PRTime vfdate,
+ void* wincx);
+
+/* update the content of the CRL cache, including fetching of CRLs, and
+ reprocessing with specified issuer and date */
+static SECStatus DPCache_GetUpToDate(CRLDPCache* cache, CERTCertificate* issuer,
+ PRBool readlocked, PRTime vfdate,
+ void* wincx);
+
+/* returns true if there are CRLs from PKCS#11 slots */
+static PRBool DPCache_HasTokenCRLs(CRLDPCache* cache);
+
+/* remove CRL at offset specified */
+static SECStatus DPCache_RemoveCRL(CRLDPCache* cache, PRUint32 offset);
+
+/* Pick best CRL to use . needs write access */
+static SECStatus DPCache_SelectCRL(CRLDPCache* cache);
+
+/* create an issuer cache object (per CA subject ) */
+static SECStatus IssuerCache_Create(CRLIssuerCache** returned,
+ CERTCertificate* issuer,
+ const SECItem* subject, const SECItem* dp);
+
+/* destructor for CRL IssuerCache object */
+SECStatus IssuerCache_Destroy(CRLIssuerCache* cache);
+
+/* add a DPCache to the issuer cache */
+static SECStatus IssuerCache_AddDP(CRLIssuerCache* cache,
+ CERTCertificate* issuer,
+ const SECItem* subject, const SECItem* dp,
+ CRLDPCache** newdpc);
+
+/* get a particular DPCache object from an IssuerCache */
+static CRLDPCache* IssuerCache_GetDPCache(CRLIssuerCache* cache,
+ const SECItem* dp);
+
+/*
+** Pre-allocator hash allocator ops.
+*/
+
+/* allocate memory for hash table */
+static void* PR_CALLBACK
+PreAllocTable(void* pool, PRSize size)
+{
+ PreAllocator* alloc = (PreAllocator*)pool;
+ PORT_Assert(alloc);
+ if (!alloc) {
+ /* no allocator, or buffer full */
+ return NULL;
+ }
+ if (size > (alloc->len - alloc->used)) {
+ /* initial buffer full, let's use the arena */
+ alloc->extra += size;
+ return PORT_ArenaAlloc(alloc->arena, size);
+ }
+ /* use the initial buffer */
+ alloc->used += size;
+ return (char*)alloc->data + alloc->used - size;
+}
+
+/* free hash table memory.
+ Individual PreAllocator elements cannot be freed, so this is a no-op. */
+static void PR_CALLBACK
+PreFreeTable(void* pool, void* item)
+{
+}
+
+/* allocate memory for hash table */
+static PLHashEntry* PR_CALLBACK
+PreAllocEntry(void* pool, const void* key)
+{
+ return PreAllocTable(pool, sizeof(PLHashEntry));
+}
+
+/* free hash table entry.
+ Individual PreAllocator elements cannot be freed, so this is a no-op. */
+static void PR_CALLBACK
+PreFreeEntry(void* pool, PLHashEntry* he, PRUintn flag)
+{
+}
+
+/* methods required for PL hash table functions */
+static PLHashAllocOps preAllocOps = { PreAllocTable, PreFreeTable,
+ PreAllocEntry, PreFreeEntry };
+
+/* destructor for PreAllocator object */
+void
+PreAllocator_Destroy(PreAllocator* PreAllocator)
+{
+ if (!PreAllocator) {
+ return;
+ }
+ if (PreAllocator->arena) {
+ PORT_FreeArena(PreAllocator->arena, PR_TRUE);
+ }
+}
+
+/* constructor for PreAllocator object */
+PreAllocator*
+PreAllocator_Create(PRSize size)
+{
+ PLArenaPool* arena = NULL;
+ PreAllocator* prebuffer = NULL;
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return NULL;
+ }
+ prebuffer = (PreAllocator*)PORT_ArenaZAlloc(arena, sizeof(PreAllocator));
+ if (!prebuffer) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+ }
+ prebuffer->arena = arena;
+
+ if (size) {
+ prebuffer->len = size;
+ prebuffer->data = PORT_ArenaAlloc(arena, size);
+ if (!prebuffer->data) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+ }
+ }
+ return prebuffer;
+}
+
+/* global Named CRL cache object */
+static NamedCRLCache namedCRLCache = { NULL, NULL };
+
+/* global CRL cache object */
+static CRLCache crlcache = { NULL, NULL };
+
+/* initial state is off */
+static PRBool crlcache_initialized = PR_FALSE;
+
+PRTime CRLCache_Empty_TokenFetch_Interval = 60 * 1000000; /* how often
+ to query the tokens for CRL objects, in order to discover new objects, if
+ the cache does not contain any token CRLs . In microseconds */
+
+PRTime CRLCache_TokenRefetch_Interval = 600 * 1000000; /* how often
+ to query the tokens for CRL objects, in order to discover new objects, if
+ the cache already contains token CRLs In microseconds */
+
+PRTime CRLCache_ExistenceCheck_Interval = 60 * 1000000; /* how often to check
+ if a token CRL object still exists. In microseconds */
+
+/* this function is called at NSS initialization time */
+SECStatus
+InitCRLCache(void)
+{
+ if (PR_FALSE == crlcache_initialized) {
+ PORT_Assert(NULL == crlcache.lock);
+ PORT_Assert(NULL == crlcache.issuers);
+ PORT_Assert(NULL == namedCRLCache.lock);
+ PORT_Assert(NULL == namedCRLCache.entries);
+ if (crlcache.lock || crlcache.issuers || namedCRLCache.lock ||
+ namedCRLCache.entries) {
+ /* CRL cache already partially initialized */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+#ifdef GLOBAL_RWLOCK
+ crlcache.lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL);
+#else
+ crlcache.lock = PR_NewLock();
+#endif
+ namedCRLCache.lock = PR_NewLock();
+ crlcache.issuers = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
+ PL_CompareValues, NULL, NULL);
+ namedCRLCache.entries = PL_NewHashTable(
+ 0, SECITEM_Hash, SECITEM_HashCompare, PL_CompareValues, NULL, NULL);
+ if (!crlcache.lock || !namedCRLCache.lock || !crlcache.issuers ||
+ !namedCRLCache.entries) {
+ if (crlcache.lock) {
+#ifdef GLOBAL_RWLOCK
+ NSSRWLock_Destroy(crlcache.lock);
+#else
+ PR_DestroyLock(crlcache.lock);
+#endif
+ crlcache.lock = NULL;
+ }
+ if (namedCRLCache.lock) {
+ PR_DestroyLock(namedCRLCache.lock);
+ namedCRLCache.lock = NULL;
+ }
+ if (crlcache.issuers) {
+ PL_HashTableDestroy(crlcache.issuers);
+ crlcache.issuers = NULL;
+ }
+ if (namedCRLCache.entries) {
+ PL_HashTableDestroy(namedCRLCache.entries);
+ namedCRLCache.entries = NULL;
+ }
+
+ return SECFailure;
+ }
+ crlcache_initialized = PR_TRUE;
+ return SECSuccess;
+ } else {
+ PORT_Assert(crlcache.lock);
+ PORT_Assert(crlcache.issuers);
+ if ((NULL == crlcache.lock) || (NULL == crlcache.issuers)) {
+ /* CRL cache not fully initialized */
+ return SECFailure;
+ } else {
+ /* CRL cache already initialized */
+ return SECSuccess;
+ }
+ }
+}
+
+/* destructor for CRL DPCache object */
+static SECStatus
+DPCache_Destroy(CRLDPCache* cache)
+{
+ PRUint32 i = 0;
+ PORT_Assert(cache);
+ if (!cache) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (cache->lock) {
+#ifdef DPC_RWLOCK
+ NSSRWLock_Destroy(cache->lock);
+#else
+ PR_DestroyLock(cache->lock);
+#endif
+ } else {
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ /* destroy all our CRL objects */
+ for (i = 0; i < cache->ncrls; i++) {
+ if (!cache->crls || !cache->crls[i] ||
+ SECSuccess != CachedCrl_Destroy(cache->crls[i])) {
+ return SECFailure;
+ }
+ }
+ /* free the array of CRLs */
+ if (cache->crls) {
+ PORT_Free(cache->crls);
+ }
+ /* destroy the cert */
+ if (cache->issuerDERCert) {
+ SECITEM_FreeItem(cache->issuerDERCert, PR_TRUE);
+ }
+ /* free the subject */
+ if (cache->subject) {
+ SECITEM_FreeItem(cache->subject, PR_TRUE);
+ }
+ /* free the distribution points */
+ if (cache->distributionPoint) {
+ SECITEM_FreeItem(cache->distributionPoint, PR_TRUE);
+ }
+ PORT_Free(cache);
+ return SECSuccess;
+}
+
+/* destructor for CRL IssuerCache object */
+SECStatus
+IssuerCache_Destroy(CRLIssuerCache* cache)
+{
+ PORT_Assert(cache);
+ if (!cache) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+#ifdef XCRL
+ if (cache->lock) {
+ NSSRWLock_Destroy(cache->lock);
+ } else {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (cache->issuer) {
+ CERT_DestroyCertificate(cache->issuer);
+ }
+#endif
+ /* free the subject */
+ if (cache->subject) {
+ SECITEM_FreeItem(cache->subject, PR_TRUE);
+ }
+ if (SECSuccess != DPCache_Destroy(cache->dpp)) {
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ PORT_Free(cache);
+ return SECSuccess;
+}
+
+/* create a named CRL entry object */
+static SECStatus
+NamedCRLCacheEntry_Create(NamedCRLCacheEntry** returned)
+{
+ NamedCRLCacheEntry* entry = NULL;
+ if (!returned) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ *returned = NULL;
+ entry = (NamedCRLCacheEntry*)PORT_ZAlloc(sizeof(NamedCRLCacheEntry));
+ if (!entry) {
+ return SECFailure;
+ }
+ *returned = entry;
+ return SECSuccess;
+}
+
+/* destroy a named CRL entry object */
+static SECStatus
+NamedCRLCacheEntry_Destroy(NamedCRLCacheEntry* entry)
+{
+ if (!entry) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (entry->crl) {
+ /* named CRL cache owns DER memory */
+ SECITEM_ZfreeItem(entry->crl, PR_TRUE);
+ }
+ if (entry->canonicalizedName) {
+ SECITEM_FreeItem(entry->canonicalizedName, PR_TRUE);
+ }
+ PORT_Free(entry);
+ return SECSuccess;
+}
+
+/* callback function used in hash table destructor */
+static PRIntn PR_CALLBACK
+FreeIssuer(PLHashEntry* he, PRIntn i, void* arg)
+{
+ CRLIssuerCache* issuer = NULL;
+ SECStatus* rv = (SECStatus*)arg;
+
+ PORT_Assert(he);
+ if (!he) {
+ return HT_ENUMERATE_NEXT;
+ }
+ issuer = (CRLIssuerCache*)he->value;
+ PORT_Assert(issuer);
+ if (issuer) {
+ if (SECSuccess != IssuerCache_Destroy(issuer)) {
+ PORT_Assert(rv);
+ if (rv) {
+ *rv = SECFailure;
+ }
+ return HT_ENUMERATE_NEXT;
+ }
+ }
+ return HT_ENUMERATE_NEXT;
+}
+
+/* callback function used in hash table destructor */
+static PRIntn PR_CALLBACK
+FreeNamedEntries(PLHashEntry* he, PRIntn i, void* arg)
+{
+ NamedCRLCacheEntry* entry = NULL;
+ SECStatus* rv = (SECStatus*)arg;
+
+ PORT_Assert(he);
+ if (!he) {
+ return HT_ENUMERATE_NEXT;
+ }
+ entry = (NamedCRLCacheEntry*)he->value;
+ PORT_Assert(entry);
+ if (entry) {
+ if (SECSuccess != NamedCRLCacheEntry_Destroy(entry)) {
+ PORT_Assert(rv);
+ if (rv) {
+ *rv = SECFailure;
+ }
+ return HT_ENUMERATE_NEXT;
+ }
+ }
+ return HT_ENUMERATE_NEXT;
+}
+
+/* needs to be called at NSS shutdown time
+ This will destroy the global CRL cache, including
+ - the hash table of issuer cache objects
+ - the issuer cache objects
+ - DPCache objects in issuer cache objects */
+SECStatus
+ShutdownCRLCache(void)
+{
+ SECStatus rv = SECSuccess;
+ if (PR_FALSE == crlcache_initialized && !crlcache.lock &&
+ !crlcache.issuers) {
+ /* CRL cache has already been shut down */
+ return SECSuccess;
+ }
+ if (PR_TRUE == crlcache_initialized &&
+ (!crlcache.lock || !crlcache.issuers || !namedCRLCache.lock ||
+ !namedCRLCache.entries)) {
+ /* CRL cache has partially been shut down */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* empty the CRL cache */
+ /* free the issuers */
+ PL_HashTableEnumerateEntries(crlcache.issuers, &FreeIssuer, &rv);
+ /* free the hash table of issuers */
+ PL_HashTableDestroy(crlcache.issuers);
+ crlcache.issuers = NULL;
+/* free the global lock */
+#ifdef GLOBAL_RWLOCK
+ NSSRWLock_Destroy(crlcache.lock);
+#else
+ PR_DestroyLock(crlcache.lock);
+#endif
+ crlcache.lock = NULL;
+
+ /* empty the named CRL cache. This must be done after freeing the CRL
+ * cache, since some CRLs in this cache are in the memory for the other */
+ /* free the entries */
+ PL_HashTableEnumerateEntries(namedCRLCache.entries, &FreeNamedEntries, &rv);
+ /* free the hash table of issuers */
+ PL_HashTableDestroy(namedCRLCache.entries);
+ namedCRLCache.entries = NULL;
+ /* free the global lock */
+ PR_DestroyLock(namedCRLCache.lock);
+ namedCRLCache.lock = NULL;
+
+ crlcache_initialized = PR_FALSE;
+ return rv;
+}
+
+/* add a new CRL object to the dynamic array of CRLs of the DPCache, and
+ returns the cached CRL object . Needs write access to DPCache. */
+static SECStatus
+DPCache_AddCRL(CRLDPCache* cache, CachedCrl* newcrl, PRBool* added)
+{
+ CachedCrl** newcrls = NULL;
+ PRUint32 i = 0;
+ PORT_Assert(cache);
+ PORT_Assert(newcrl);
+ PORT_Assert(added);
+ if (!cache || !newcrl || !added) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ *added = PR_FALSE;
+ /* before adding a new CRL, check if it is a duplicate */
+ for (i = 0; i < cache->ncrls; i++) {
+ CachedCrl* existing = NULL;
+ SECStatus rv = SECSuccess;
+ PRBool dupe = PR_FALSE, updated = PR_FALSE;
+ if (!cache->crls) {
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ existing = cache->crls[i];
+ if (!existing) {
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ rv = CachedCrl_Compare(existing, newcrl, &dupe, &updated);
+ if (SECSuccess != rv) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (PR_TRUE == dupe) {
+ /* dupe */
+ PORT_SetError(SEC_ERROR_CRL_ALREADY_EXISTS);
+ return SECSuccess;
+ }
+ if (PR_TRUE == updated) {
+ /* this token CRL is in the same slot and has the same object ID,
+ but different content. We need to remove the old object */
+ if (SECSuccess != DPCache_RemoveCRL(cache, i)) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return PR_FALSE;
+ }
+ }
+ }
+
+ newcrls = (CachedCrl**)PORT_Realloc(cache->crls, (cache->ncrls + 1) *
+ sizeof(CachedCrl*));
+ if (!newcrls) {
+ return SECFailure;
+ }
+ cache->crls = newcrls;
+ cache->ncrls++;
+ cache->crls[cache->ncrls - 1] = newcrl;
+ *added = PR_TRUE;
+ return SECSuccess;
+}
+
+/* remove CRL at offset specified */
+static SECStatus
+DPCache_RemoveCRL(CRLDPCache* cache, PRUint32 offset)
+{
+ CachedCrl* acrl = NULL;
+ PORT_Assert(cache);
+ if (!cache || (!cache->crls) || (!(offset < cache->ncrls))) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ acrl = cache->crls[offset];
+ PORT_Assert(acrl);
+ if (!acrl) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ cache->crls[offset] = cache->crls[cache->ncrls - 1];
+ cache->crls[cache->ncrls - 1] = NULL;
+ cache->ncrls--;
+ if (cache->selected == acrl) {
+ cache->selected = NULL;
+ }
+ if (SECSuccess != CachedCrl_Destroy(acrl)) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* check whether a CRL object stored in a PKCS#11 token still exists in
+ that token . This has to be efficient (the entire CRL value cannot be
+ transferred accross the token boundaries), so this is accomplished by
+ simply fetching the subject attribute and making sure it hasn't changed .
+ Note that technically, the CRL object could have been replaced with a new
+ PKCS#11 object of the same ID and subject (which actually happens in
+ softoken), but this function has no way of knowing that the object
+ value changed, since CKA_VALUE isn't checked. */
+static PRBool
+TokenCRLStillExists(CERTSignedCrl* crl)
+{
+ NSSItem newsubject;
+ SECItem subject;
+ CK_ULONG crl_class;
+ PRStatus status;
+ PK11SlotInfo* slot = NULL;
+ nssCryptokiObject instance;
+ NSSArena* arena;
+ PRBool xstatus = PR_TRUE;
+ SECItem* oldSubject = NULL;
+
+ PORT_Assert(crl);
+ if (!crl) {
+ return PR_FALSE;
+ }
+ slot = crl->slot;
+ PORT_Assert(crl->slot);
+ if (!slot) {
+ return PR_FALSE;
+ }
+ oldSubject = &crl->crl.derName;
+ PORT_Assert(oldSubject);
+ if (!oldSubject) {
+ return PR_FALSE;
+ }
+
+ /* query subject and type attributes in order to determine if the
+ object has been deleted */
+
+ /* first, make an nssCryptokiObject */
+ instance.handle = crl->pkcs11ID;
+ PORT_Assert(instance.handle);
+ if (!instance.handle) {
+ return PR_FALSE;
+ }
+ instance.token = PK11Slot_GetNSSToken(slot);
+ PORT_Assert(instance.token);
+ if (!instance.token) {
+ return PR_FALSE;
+ }
+ instance.isTokenObject = PR_TRUE;
+ instance.label = NULL;
+
+ arena = NSSArena_Create();
+ PORT_Assert(arena);
+ if (!arena) {
+ return PR_FALSE;
+ }
+
+ status =
+ nssCryptokiCRL_GetAttributes(&instance, NULL, /* XXX sessionOpt */
+ arena, NULL, &newsubject, /* subject */
+ &crl_class, /* class */
+ NULL, NULL);
+ if (PR_SUCCESS == status) {
+ subject.data = newsubject.data;
+ subject.len = newsubject.size;
+ if (SECITEM_CompareItem(oldSubject, &subject) != SECEqual) {
+ xstatus = PR_FALSE;
+ }
+ if (CKO_NETSCAPE_CRL != crl_class) {
+ xstatus = PR_FALSE;
+ }
+ } else {
+ xstatus = PR_FALSE;
+ }
+ NSSArena_Destroy(arena);
+ return xstatus;
+}
+
+/* verify the signature of a CRL against its issuer at a given date */
+static SECStatus
+CERT_VerifyCRL(CERTSignedCrl* crlobject, CERTCertificate* issuer, PRTime vfdate,
+ void* wincx)
+{
+ return CERT_VerifySignedData(&crlobject->signatureWrap, issuer, vfdate,
+ wincx);
+}
+
+/* verify a CRL and update cache state */
+static SECStatus
+CachedCrl_Verify(CRLDPCache* cache, CachedCrl* crlobject, PRTime vfdate,
+ void* wincx)
+{
+ /* Check if it is an invalid CRL
+ if we got a bad CRL, we want to cache it in order to avoid
+ subsequent fetches of this same identical bad CRL. We set
+ the cache to the invalid state to ensure that all certs on this
+ DP are considered to have unknown status from now on. The cache
+ object will remain in this state until the bad CRL object
+ is removed from the token it was fetched from. If the cause
+ of the failure is that we didn't have the issuer cert to
+ verify the signature, this state can be cleared when
+ the issuer certificate becomes available if that causes the
+ signature to verify */
+
+ if (!cache || !crlobject) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (PR_TRUE == GetOpaqueCRLFields(crlobject->crl)->decodingError) {
+ crlobject->sigChecked = PR_TRUE; /* we can never verify a CRL
+ with bogus DER. Mark it checked so we won't try again */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECSuccess;
+ } else {
+ SECStatus signstatus = SECFailure;
+ if (cache->issuerDERCert) {
+ CERTCertificate* issuer = CERT_NewTempCertificate(
+ cache->dbHandle, cache->issuerDERCert, NULL, PR_FALSE, PR_TRUE);
+
+ if (issuer) {
+ signstatus =
+ CERT_VerifyCRL(crlobject->crl, issuer, vfdate, wincx);
+ CERT_DestroyCertificate(issuer);
+ }
+ }
+ if (SECSuccess != signstatus) {
+ if (!cache->issuerDERCert) {
+ /* we tried to verify without an issuer cert . This is
+ because this CRL came through a call to SEC_FindCrlByName.
+ So, we don't cache this verification failure. We'll try
+ to verify the CRL again when a certificate from that issuer
+ becomes available */
+ } else {
+ crlobject->sigChecked = PR_TRUE;
+ }
+ PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
+ return SECSuccess;
+ } else {
+ crlobject->sigChecked = PR_TRUE;
+ crlobject->sigValid = PR_TRUE;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/* fetch the CRLs for this DP from the PKCS#11 tokens */
+static SECStatus
+DPCache_FetchFromTokens(CRLDPCache* cache, PRTime vfdate, void* wincx)
+{
+ SECStatus rv = SECSuccess;
+ CERTCrlHeadNode head;
+ if (!cache) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* first, initialize list */
+ memset(&head, 0, sizeof(head));
+ head.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ rv = pk11_RetrieveCrls(&head, cache->subject, wincx);
+
+ /* if this function fails, something very wrong happened, such as an out
+ of memory error during CRL decoding. We don't want to proceed and must
+ mark the cache object invalid */
+ if (SECFailure == rv) {
+ /* fetch failed, add error bit */
+ cache->invalid |= CRL_CACHE_LAST_FETCH_FAILED;
+ } else {
+ /* fetch was successful, clear this error bit */
+ cache->invalid &= (~CRL_CACHE_LAST_FETCH_FAILED);
+ }
+
+ /* add any CRLs found to our array */
+ if (SECSuccess == rv) {
+ CERTCrlNode* crlNode = NULL;
+
+ for (crlNode = head.first; crlNode; crlNode = crlNode->next) {
+ CachedCrl* returned = NULL;
+ CERTSignedCrl* crlobject = crlNode->crl;
+ if (!crlobject) {
+ PORT_Assert(0);
+ continue;
+ }
+ rv = CachedCrl_Create(&returned, crlobject, CRL_OriginToken);
+ if (SECSuccess == rv) {
+ PRBool added = PR_FALSE;
+ rv = DPCache_AddCRL(cache, returned, &added);
+ if (PR_TRUE != added) {
+ rv = CachedCrl_Destroy(returned);
+ returned = NULL;
+ } else if (vfdate) {
+ rv = CachedCrl_Verify(cache, returned, vfdate, wincx);
+ }
+ } else {
+ /* not enough memory to add the CRL to the cache. mark it
+ invalid so we will try again . */
+ cache->invalid |= CRL_CACHE_LAST_FETCH_FAILED;
+ }
+ if (SECFailure == rv) {
+ break;
+ }
+ }
+ }
+
+ if (head.arena) {
+ CERTCrlNode* crlNode = NULL;
+ /* clean up the CRL list in case we got a partial one
+ during a failed fetch */
+ for (crlNode = head.first; crlNode; crlNode = crlNode->next) {
+ if (crlNode->crl) {
+ SEC_DestroyCrl(crlNode->crl); /* free the CRL. Either it got
+ added to the cache and the refcount got bumped, or not, and
+ thus we need to free its RAM */
+ }
+ }
+ PORT_FreeArena(head.arena, PR_FALSE); /* destroy CRL list */
+ }
+
+ return rv;
+}
+
+static SECStatus
+CachedCrl_GetEntry(CachedCrl* crl, const SECItem* sn, CERTCrlEntry** returned)
+{
+ CERTCrlEntry* acrlEntry;
+
+ PORT_Assert(crl);
+ PORT_Assert(crl->entries);
+ PORT_Assert(sn);
+ PORT_Assert(returned);
+ if (!crl || !sn || !returned || !crl->entries) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ acrlEntry = PL_HashTableLookup(crl->entries, (void*)sn);
+ if (acrlEntry) {
+ *returned = acrlEntry;
+ } else {
+ *returned = NULL;
+ }
+ return SECSuccess;
+}
+
+/* check if a particular SN is in the CRL cache and return its entry */
+dpcacheStatus
+DPCache_Lookup(CRLDPCache* cache, const SECItem* sn, CERTCrlEntry** returned)
+{
+ SECStatus rv;
+ if (!cache || !sn || !returned) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ /* no cache or SN to look up, or no way to return entry */
+ return dpcacheCallerError;
+ }
+ *returned = NULL;
+ if (0 != cache->invalid) {
+ /* the cache contains a bad CRL, or there was a CRL fetching error. */
+ PORT_SetError(SEC_ERROR_CRL_INVALID);
+ return dpcacheInvalidCacheError;
+ }
+ if (!cache->selected) {
+ /* no CRL means no entry to return. This is OK, except for
+ * NIST policy */
+ return dpcacheEmpty;
+ }
+ rv = CachedCrl_GetEntry(cache->selected, sn, returned);
+ if (SECSuccess != rv) {
+ return dpcacheLookupError;
+ } else {
+ if (*returned) {
+ return dpcacheFoundEntry;
+ } else {
+ return dpcacheNoEntry;
+ }
+ }
+}
+
+#if defined(DPC_RWLOCK)
+
+#define DPCache_LockWrite() \
+ { \
+ if (readlocked) { \
+ NSSRWLock_UnlockRead(cache->lock); \
+ } \
+ NSSRWLock_LockWrite(cache->lock); \
+ }
+
+#define DPCache_UnlockWrite() \
+ { \
+ if (readlocked) { \
+ NSSRWLock_LockRead(cache->lock); \
+ } \
+ NSSRWLock_UnlockWrite(cache->lock); \
+ }
+
+#else
+
+/* with a global lock, we are always locked for read before we need write
+ access, so do nothing */
+
+#define DPCache_LockWrite() \
+ { \
+ }
+
+#define DPCache_UnlockWrite() \
+ { \
+ }
+
+#endif
+
+/* update the content of the CRL cache, including fetching of CRLs, and
+ reprocessing with specified issuer and date . We are always holding
+ either the read or write lock on DPCache upon entry. */
+static SECStatus
+DPCache_GetUpToDate(CRLDPCache* cache, CERTCertificate* issuer,
+ PRBool readlocked, PRTime vfdate, void* wincx)
+{
+ /* Update the CRLDPCache now. We don't cache token CRL lookup misses
+ yet, as we have no way of getting notified of new PKCS#11 object
+ creation that happens in a token */
+ SECStatus rv = SECSuccess;
+ PRUint32 i = 0;
+ PRBool forcedrefresh = PR_FALSE;
+ PRBool dirty = PR_FALSE; /* whether something was changed in the
+ cache state during this update cycle */
+ PRBool hastokenCRLs = PR_FALSE;
+ PRTime now = 0;
+ PRTime lastfetch = 0;
+ PRBool mustunlock = PR_FALSE;
+
+ if (!cache) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /* first, make sure we have obtained all the CRLs we need.
+ We do an expensive token fetch in the following cases :
+ 1) cache is empty because no fetch was ever performed yet
+ 2) cache is explicitly set to refresh state
+ 3) cache is in invalid state because last fetch failed
+ 4) cache contains no token CRLs, and it's been more than one minute
+ since the last fetch
+ 5) cache contains token CRLs, and it's been more than 10 minutes since
+ the last fetch
+ */
+ forcedrefresh = cache->refresh;
+ lastfetch = cache->lastfetch;
+ if (PR_TRUE != forcedrefresh &&
+ (!(cache->invalid & CRL_CACHE_LAST_FETCH_FAILED))) {
+ now = PR_Now();
+ hastokenCRLs = DPCache_HasTokenCRLs(cache);
+ }
+ if ((0 == lastfetch) ||
+
+ (PR_TRUE == forcedrefresh) ||
+
+ (cache->invalid & CRL_CACHE_LAST_FETCH_FAILED) ||
+
+ ((PR_FALSE == hastokenCRLs) &&
+ ((now - cache->lastfetch > CRLCache_Empty_TokenFetch_Interval) ||
+ (now < cache->lastfetch))) ||
+
+ ((PR_TRUE == hastokenCRLs) &&
+ ((now - cache->lastfetch > CRLCache_TokenRefetch_Interval) ||
+ (now < cache->lastfetch)))) {
+ /* the cache needs to be refreshed, and/or we had zero CRL for this
+ DP. Try to get one from PKCS#11 tokens */
+ DPCache_LockWrite();
+ /* check if another thread updated before us, and skip update if so */
+ if (lastfetch == cache->lastfetch) {
+ /* we are the first */
+ rv = DPCache_FetchFromTokens(cache, vfdate, wincx);
+ if (PR_TRUE == cache->refresh) {
+ cache->refresh = PR_FALSE; /* clear refresh state */
+ }
+ dirty = PR_TRUE;
+ cache->lastfetch = PR_Now();
+ }
+ DPCache_UnlockWrite();
+ }
+
+ /* now, make sure we have no extraneous CRLs (deleted token objects)
+ we'll do this inexpensive existence check either
+ 1) if there was a token object fetch
+ 2) every minute */
+ if ((PR_TRUE != dirty) && (!now)) {
+ now = PR_Now();
+ }
+ if ((PR_TRUE == dirty) ||
+ ((now - cache->lastcheck > CRLCache_ExistenceCheck_Interval) ||
+ (now < cache->lastcheck))) {
+ PRTime lastcheck = cache->lastcheck;
+ mustunlock = PR_FALSE;
+ /* check if all CRLs still exist */
+ for (i = 0; (i < cache->ncrls); i++) {
+ CachedCrl* savcrl = cache->crls[i];
+ if ((!savcrl) || (savcrl && CRL_OriginToken != savcrl->origin)) {
+ /* we only want to check token CRLs */
+ continue;
+ }
+ if ((PR_TRUE != TokenCRLStillExists(savcrl->crl))) {
+
+ /* this CRL is gone */
+ if (PR_TRUE != mustunlock) {
+ DPCache_LockWrite();
+ mustunlock = PR_TRUE;
+ }
+ /* first, we need to check if another thread did an update
+ before we did */
+ if (lastcheck == cache->lastcheck) {
+ /* the CRL is gone. And we are the one to do the update */
+ DPCache_RemoveCRL(cache, i);
+ dirty = PR_TRUE;
+ }
+ /* stay locked here intentionally so we do all the other
+ updates in this thread for the remaining CRLs */
+ }
+ }
+ if (PR_TRUE == mustunlock) {
+ cache->lastcheck = PR_Now();
+ DPCache_UnlockWrite();
+ mustunlock = PR_FALSE;
+ }
+ }
+
+ /* add issuer certificate if it was previously unavailable */
+ if (issuer && (NULL == cache->issuerDERCert) &&
+ (SECSuccess == CERT_CheckCertUsage(issuer, KU_CRL_SIGN))) {
+ /* if we didn't have a valid issuer cert yet, but we do now. add it */
+ DPCache_LockWrite();
+ if (!cache->issuerDERCert) {
+ dirty = PR_TRUE;
+ cache->dbHandle = issuer->dbhandle;
+ cache->issuerDERCert = SECITEM_DupItem(&issuer->derCert);
+ }
+ DPCache_UnlockWrite();
+ }
+
+ /* verify CRLs that couldn't be checked when inserted into the cache
+ because the issuer cert or a verification date was unavailable.
+ These are CRLs that were inserted into the cache through
+ SEC_FindCrlByName, or through manual insertion, rather than through a
+ certificate verification (CERT_CheckCRL) */
+
+ if (cache->issuerDERCert && vfdate) {
+ mustunlock = PR_FALSE;
+ /* re-process all unverified CRLs */
+ for (i = 0; i < cache->ncrls; i++) {
+ CachedCrl* savcrl = cache->crls[i];
+ if (!savcrl) {
+ continue;
+ }
+ if (PR_TRUE != savcrl->sigChecked) {
+ if (!mustunlock) {
+ DPCache_LockWrite();
+ mustunlock = PR_TRUE;
+ }
+ /* first, we need to check if another thread updated
+ it before we did, and abort if it has been modified since
+ we acquired the lock. Make sure first that the CRL is still
+ in the array at the same position */
+ if ((i < cache->ncrls) && (savcrl == cache->crls[i]) &&
+ (PR_TRUE != savcrl->sigChecked)) {
+ /* the CRL is still there, unverified. Do it */
+ CachedCrl_Verify(cache, savcrl, vfdate, wincx);
+ dirty = PR_TRUE;
+ }
+ /* stay locked here intentionally so we do all the other
+ updates in this thread for the remaining CRLs */
+ }
+ if (mustunlock && !dirty) {
+ DPCache_UnlockWrite();
+ mustunlock = PR_FALSE;
+ }
+ }
+ }
+
+ if (dirty || cache->mustchoose) {
+ /* changes to the content of the CRL cache necessitate examining all
+ CRLs for selection of the most appropriate one to cache */
+ if (!mustunlock) {
+ DPCache_LockWrite();
+ mustunlock = PR_TRUE;
+ }
+ DPCache_SelectCRL(cache);
+ cache->mustchoose = PR_FALSE;
+ }
+ if (mustunlock)
+ DPCache_UnlockWrite();
+
+ return rv;
+}
+
+/* callback for qsort to sort by thisUpdate */
+static int
+SortCRLsByThisUpdate(const void* arg1, const void* arg2)
+{
+ PRTime timea, timeb;
+ SECStatus rv = SECSuccess;
+ CachedCrl *a, *b;
+
+ a = *(CachedCrl**)arg1;
+ b = *(CachedCrl**)arg2;
+
+ if (!a || !b) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ }
+
+ if (SECSuccess == rv) {
+ rv = DER_DecodeTimeChoice(&timea, &a->crl->crl.lastUpdate);
+ }
+ if (SECSuccess == rv) {
+ rv = DER_DecodeTimeChoice(&timeb, &b->crl->crl.lastUpdate);
+ }
+ if (SECSuccess == rv) {
+ if (timea > timeb) {
+ return 1; /* a is better than b */
+ }
+ if (timea < timeb) {
+ return -1; /* a is not as good as b */
+ }
+ }
+
+ /* if they are equal, or if all else fails, use pointer differences */
+ PORT_Assert(a != b); /* they should never be equal */
+ return a > b ? 1 : -1;
+}
+
+/* callback for qsort to sort a set of disparate CRLs, some of which are
+ invalid DER or failed signature check.
+
+ Validated CRLs are differentiated by thisUpdate .
+ Validated CRLs are preferred over non-validated CRLs .
+ Proper DER CRLs are preferred over non-DER data .
+*/
+static int
+SortImperfectCRLs(const void* arg1, const void* arg2)
+{
+ CachedCrl *a, *b;
+
+ a = *(CachedCrl**)arg1;
+ b = *(CachedCrl**)arg2;
+
+ if (!a || !b) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0);
+ } else {
+ PRBool aDecoded = PR_FALSE, bDecoded = PR_FALSE;
+ if ((PR_TRUE == a->sigValid) && (PR_TRUE == b->sigValid)) {
+ /* both CRLs have been validated, choose the latest one */
+ return SortCRLsByThisUpdate(arg1, arg2);
+ }
+ if (PR_TRUE == a->sigValid) {
+ return 1; /* a is greater than b */
+ }
+ if (PR_TRUE == b->sigValid) {
+ return -1; /* a is not as good as b */
+ }
+ aDecoded = GetOpaqueCRLFields(a->crl)->decodingError;
+ bDecoded = GetOpaqueCRLFields(b->crl)->decodingError;
+ /* neither CRL had its signature check pass */
+ if ((PR_FALSE == aDecoded) && (PR_FALSE == bDecoded)) {
+ /* both CRLs are proper DER, choose the latest one */
+ return SortCRLsByThisUpdate(arg1, arg2);
+ }
+ if (PR_FALSE == aDecoded) {
+ return 1; /* a is better than b */
+ }
+ if (PR_FALSE == bDecoded) {
+ return -1; /* a is not as good as b */
+ }
+ /* both are invalid DER. sigh. */
+ }
+ /* if they are equal, or if all else fails, use pointer differences */
+ PORT_Assert(a != b); /* they should never be equal */
+ return a > b ? 1 : -1;
+}
+
+/* Pick best CRL to use . needs write access */
+static SECStatus
+DPCache_SelectCRL(CRLDPCache* cache)
+{
+ PRUint32 i;
+ PRBool valid = PR_TRUE;
+ CachedCrl* selected = NULL;
+
+ PORT_Assert(cache);
+ if (!cache) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* if any invalid CRL is present, then the CRL cache is
+ considered invalid, for security reasons */
+ for (i = 0; i < cache->ncrls; i++) {
+ if (!cache->crls[i] || !cache->crls[i]->sigChecked ||
+ !cache->crls[i]->sigValid) {
+ valid = PR_FALSE;
+ break;
+ }
+ }
+ if (PR_TRUE == valid) {
+ /* all CRLs are valid, clear this error */
+ cache->invalid &= (~CRL_CACHE_INVALID_CRLS);
+ } else {
+ /* some CRLs are invalid, set this error */
+ cache->invalid |= CRL_CACHE_INVALID_CRLS;
+ }
+
+ if (cache->invalid) {
+ /* cache is in an invalid state, so reset it */
+ if (cache->selected) {
+ cache->selected = NULL;
+ }
+ /* also sort the CRLs imperfectly */
+ qsort(cache->crls, cache->ncrls, sizeof(CachedCrl*), SortImperfectCRLs);
+ return SECSuccess;
+ }
+
+ if (cache->ncrls) {
+ /* all CRLs are good, sort them by thisUpdate */
+ qsort(cache->crls, cache->ncrls, sizeof(CachedCrl*), SortCRLsByThisUpdate);
+
+ /* pick the newest CRL */
+ selected = cache->crls[cache->ncrls - 1];
+
+ /* and populate the cache */
+ if (SECSuccess != CachedCrl_Populate(selected)) {
+ return SECFailure;
+ }
+ }
+
+ cache->selected = selected;
+
+ return SECSuccess;
+}
+
+/* initialize a DPCache object */
+static SECStatus
+DPCache_Create(CRLDPCache** returned, CERTCertificate* issuer,
+ const SECItem* subject, SECItem* dp)
+{
+ CRLDPCache* cache = NULL;
+ PORT_Assert(returned);
+ /* issuer and dp are allowed to be NULL */
+ if (!returned || !subject) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ *returned = NULL;
+ cache = PORT_ZAlloc(sizeof(CRLDPCache));
+ if (!cache) {
+ return SECFailure;
+ }
+#ifdef DPC_RWLOCK
+ cache->lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL);
+#else
+ cache->lock = PR_NewLock();
+#endif
+ if (!cache->lock) {
+ PORT_Free(cache);
+ return SECFailure;
+ }
+ if (issuer) {
+ cache->dbHandle = issuer->dbhandle;
+ cache->issuerDERCert = SECITEM_DupItem(&issuer->derCert);
+ }
+ cache->distributionPoint = SECITEM_DupItem(dp);
+ cache->subject = SECITEM_DupItem(subject);
+ cache->lastfetch = 0;
+ cache->lastcheck = 0;
+ *returned = cache;
+ return SECSuccess;
+}
+
+/* create an issuer cache object (per CA subject ) */
+static SECStatus
+IssuerCache_Create(CRLIssuerCache** returned, CERTCertificate* issuer,
+ const SECItem* subject, const SECItem* dp)
+{
+ SECStatus rv = SECSuccess;
+ CRLIssuerCache* cache = NULL;
+ PORT_Assert(returned);
+ PORT_Assert(subject);
+ /* issuer and dp are allowed to be NULL */
+ if (!returned || !subject) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ *returned = NULL;
+ cache = (CRLIssuerCache*)PORT_ZAlloc(sizeof(CRLIssuerCache));
+ if (!cache) {
+ return SECFailure;
+ }
+ cache->subject = SECITEM_DupItem(subject);
+#ifdef XCRL
+ cache->lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL);
+ if (!cache->lock) {
+ rv = SECFailure;
+ }
+ if (SECSuccess == rv && issuer) {
+ cache->issuer = CERT_DupCertificate(issuer);
+ if (!cache->issuer) {
+ rv = SECFailure;
+ }
+ }
+#endif
+ if (SECSuccess != rv) {
+ PORT_Assert(SECSuccess == IssuerCache_Destroy(cache));
+ return SECFailure;
+ }
+ *returned = cache;
+ return SECSuccess;
+}
+
+/* add a DPCache to the issuer cache */
+static SECStatus
+IssuerCache_AddDP(CRLIssuerCache* cache, CERTCertificate* issuer,
+ const SECItem* subject, const SECItem* dp,
+ CRLDPCache** newdpc)
+{
+ /* now create the required DP cache object */
+ if (!cache || !subject || !newdpc) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (!dp) {
+ /* default distribution point */
+ SECStatus rv = DPCache_Create(&cache->dpp, issuer, subject, NULL);
+ if (SECSuccess == rv) {
+ *newdpc = cache->dpp;
+ return SECSuccess;
+ }
+ } else {
+ /* we should never hit this until we support multiple DPs */
+ PORT_Assert(dp);
+ /* XCRL allocate a new distribution point cache object, initialize it,
+ and add it to the hash table of DPs */
+ }
+ return SECFailure;
+}
+
+/* add an IssuerCache to the global hash table of issuers */
+static SECStatus
+CRLCache_AddIssuer(CRLIssuerCache* issuer)
+{
+ PORT_Assert(issuer);
+ PORT_Assert(crlcache.issuers);
+ if (!issuer || !crlcache.issuers) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (NULL == PL_HashTableAdd(crlcache.issuers, (void*)issuer->subject,
+ (void*)issuer)) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* retrieve the issuer cache object for a given issuer subject */
+static SECStatus
+CRLCache_GetIssuerCache(CRLCache* cache, const SECItem* subject,
+ CRLIssuerCache** returned)
+{
+ /* we need to look up the issuer in the hash table */
+ SECStatus rv = SECSuccess;
+ PORT_Assert(cache);
+ PORT_Assert(subject);
+ PORT_Assert(returned);
+ PORT_Assert(crlcache.issuers);
+ if (!cache || !subject || !returned || !crlcache.issuers) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ }
+
+ if (SECSuccess == rv) {
+ *returned = (CRLIssuerCache*)PL_HashTableLookup(crlcache.issuers,
+ (void*)subject);
+ }
+
+ return rv;
+}
+
+/* retrieve the full CRL object that best matches the content of a DPCache */
+static CERTSignedCrl*
+GetBestCRL(CRLDPCache* cache, PRBool entries)
+{
+ CachedCrl* acrl = NULL;
+
+ PORT_Assert(cache);
+ if (!cache) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ if (0 == cache->ncrls) {
+ /* empty cache*/
+ PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
+ return NULL;
+ }
+
+ /* if we have a valid full CRL selected, return it */
+ if (cache->selected) {
+ return SEC_DupCrl(cache->selected->crl);
+ }
+
+ /* otherwise, use latest valid DER CRL */
+ acrl = cache->crls[cache->ncrls - 1];
+
+ if (acrl && (PR_FALSE == GetOpaqueCRLFields(acrl->crl)->decodingError)) {
+ SECStatus rv = SECSuccess;
+ if (PR_TRUE == entries) {
+ rv = CERT_CompleteCRLDecodeEntries(acrl->crl);
+ }
+ if (SECSuccess == rv) {
+ return SEC_DupCrl(acrl->crl);
+ }
+ }
+
+ PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
+ return NULL;
+}
+
+/* get a particular DPCache object from an IssuerCache */
+static CRLDPCache*
+IssuerCache_GetDPCache(CRLIssuerCache* cache, const SECItem* dp)
+{
+ CRLDPCache* dpp = NULL;
+ PORT_Assert(cache);
+ /* XCRL for now we only support the "default" DP, ie. the
+ full CRL. So we can return the global one without locking. In
+ the future we will have a lock */
+ PORT_Assert(NULL == dp);
+ if (!cache || dp) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+#ifdef XCRL
+ NSSRWLock_LockRead(cache->lock);
+#endif
+ dpp = cache->dpp;
+#ifdef XCRL
+ NSSRWLock_UnlockRead(cache->lock);
+#endif
+ return dpp;
+}
+
+/* get a DPCache object for the given issuer subject and dp
+ Automatically creates the cache object if it doesn't exist yet.
+ */
+SECStatus
+AcquireDPCache(CERTCertificate* issuer, const SECItem* subject,
+ const SECItem* dp, PRTime t, void* wincx, CRLDPCache** dpcache,
+ PRBool* writeLocked)
+{
+ SECStatus rv = SECSuccess;
+ CRLIssuerCache* issuercache = NULL;
+#ifdef GLOBAL_RWLOCK
+ PRBool globalwrite = PR_FALSE;
+#endif
+ PORT_Assert(crlcache.lock);
+ if (!crlcache.lock) {
+ /* CRL cache is not initialized */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+#ifdef GLOBAL_RWLOCK
+ NSSRWLock_LockRead(crlcache.lock);
+#else
+ PR_Lock(crlcache.lock);
+#endif
+ rv = CRLCache_GetIssuerCache(&crlcache, subject, &issuercache);
+ if (SECSuccess != rv) {
+#ifdef GLOBAL_RWLOCK
+ NSSRWLock_UnlockRead(crlcache.lock);
+#else
+ PR_Unlock(crlcache.lock);
+#endif
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (!issuercache) {
+ /* there is no cache for this issuer yet. This means this is the
+ first time we look up a cert from that issuer, and we need to
+ create the cache. */
+
+ rv = IssuerCache_Create(&issuercache, issuer, subject, dp);
+ if (SECSuccess == rv && !issuercache) {
+ PORT_Assert(issuercache);
+ rv = SECFailure;
+ }
+
+ if (SECSuccess == rv) {
+ /* This is the first time we look up a cert of this issuer.
+ Create the DPCache for this DP . */
+ rv = IssuerCache_AddDP(issuercache, issuer, subject, dp, dpcache);
+ }
+
+ if (SECSuccess == rv) {
+ /* lock the DPCache for write to ensure the update happens in this
+ thread */
+ *writeLocked = PR_TRUE;
+#ifdef DPC_RWLOCK
+ NSSRWLock_LockWrite((*dpcache)->lock);
+#else
+ PR_Lock((*dpcache)->lock);
+#endif
+ }
+
+ if (SECSuccess == rv) {
+/* now add the new issuer cache to the global hash table of
+ issuers */
+#ifdef GLOBAL_RWLOCK
+ CRLIssuerCache* existing = NULL;
+ NSSRWLock_UnlockRead(crlcache.lock);
+ /* when using a r/w lock for the global cache, check if the issuer
+ already exists before adding to the hash table */
+ NSSRWLock_LockWrite(crlcache.lock);
+ globalwrite = PR_TRUE;
+ rv = CRLCache_GetIssuerCache(&crlcache, subject, &existing);
+ if (!existing) {
+#endif
+ rv = CRLCache_AddIssuer(issuercache);
+ if (SECSuccess != rv) {
+ /* failure */
+ rv = SECFailure;
+ }
+#ifdef GLOBAL_RWLOCK
+ } else {
+ /* somebody else updated before we did */
+ IssuerCache_Destroy(issuercache); /* destroy the new object */
+ issuercache = existing; /* use the existing one */
+ *dpcache = IssuerCache_GetDPCache(issuercache, dp);
+ }
+#endif
+ }
+
+/* now unlock the global cache. We only want to lock the issuer hash
+ table addition. Holding it longer would hurt scalability */
+#ifdef GLOBAL_RWLOCK
+ if (PR_TRUE == globalwrite) {
+ NSSRWLock_UnlockWrite(crlcache.lock);
+ globalwrite = PR_FALSE;
+ } else {
+ NSSRWLock_UnlockRead(crlcache.lock);
+ }
+#else
+ PR_Unlock(crlcache.lock);
+#endif
+
+ /* if there was a failure adding an issuer cache object, destroy it */
+ if (SECSuccess != rv && issuercache) {
+ if (PR_TRUE == *writeLocked) {
+#ifdef DPC_RWLOCK
+ NSSRWLock_UnlockWrite((*dpcache)->lock);
+#else
+ PR_Unlock((*dpcache)->lock);
+#endif
+ }
+ IssuerCache_Destroy(issuercache);
+ issuercache = NULL;
+ }
+
+ if (SECSuccess != rv) {
+ return SECFailure;
+ }
+ } else {
+#ifdef GLOBAL_RWLOCK
+ NSSRWLock_UnlockRead(crlcache.lock);
+#else
+ PR_Unlock(crlcache.lock);
+#endif
+ *dpcache = IssuerCache_GetDPCache(issuercache, dp);
+ }
+ /* we now have a DPCache that we can use for lookups */
+ /* lock it for read, unless we already locked for write */
+ if (PR_FALSE == *writeLocked) {
+#ifdef DPC_RWLOCK
+ NSSRWLock_LockRead((*dpcache)->lock);
+#else
+ PR_Lock((*dpcache)->lock);
+#endif
+ }
+
+ if (SECSuccess == rv) {
+ /* currently there is always one and only one DPCache per issuer */
+ PORT_Assert(*dpcache);
+ if (*dpcache) {
+ /* make sure the DP cache is up to date before using it */
+ rv = DPCache_GetUpToDate(*dpcache, issuer, PR_FALSE == *writeLocked,
+ t, wincx);
+ } else {
+ rv = SECFailure;
+ }
+ }
+ return rv;
+}
+
+/* unlock access to the DPCache */
+void
+ReleaseDPCache(CRLDPCache* dpcache, PRBool writeLocked)
+{
+ if (!dpcache) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return;
+ }
+#ifdef DPC_RWLOCK
+ if (PR_TRUE == writeLocked) {
+ NSSRWLock_UnlockWrite(dpcache->lock);
+ } else {
+ NSSRWLock_UnlockRead(dpcache->lock);
+ }
+#else
+ PR_Unlock(dpcache->lock);
+#endif
+}
+
+SECStatus
+cert_CheckCertRevocationStatus(CERTCertificate* cert, CERTCertificate* issuer,
+ const SECItem* dp, PRTime t, void* wincx,
+ CERTRevocationStatus* revStatus,
+ CERTCRLEntryReasonCode* revReason)
+{
+ PRBool lockedwrite = PR_FALSE;
+ SECStatus rv = SECSuccess;
+ CRLDPCache* dpcache = NULL;
+ CERTRevocationStatus status = certRevocationStatusRevoked;
+ CERTCRLEntryReasonCode reason = crlEntryReasonUnspecified;
+ CERTCrlEntry* entry = NULL;
+ dpcacheStatus ds;
+
+ if (!cert || !issuer) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ if (revStatus) {
+ *revStatus = status;
+ }
+ if (revReason) {
+ *revReason = reason;
+ }
+
+ if (t &&
+ secCertTimeValid != CERT_CheckCertValidTimes(issuer, t, PR_FALSE)) {
+ /* we won't be able to check the CRL's signature if the issuer cert
+ is expired as of the time we are verifying. This may cause a valid
+ CRL to be cached as bad. short-circuit to avoid this case. */
+ PORT_SetError(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE);
+ return SECFailure;
+ }
+
+ rv = AcquireDPCache(issuer, &issuer->derSubject, dp, t, wincx, &dpcache,
+ &lockedwrite);
+ PORT_Assert(SECSuccess == rv);
+ if (SECSuccess != rv) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* now look up the certificate SN in the DP cache's CRL */
+ ds = DPCache_Lookup(dpcache, &cert->serialNumber, &entry);
+ switch (ds) {
+ case dpcacheFoundEntry:
+ PORT_Assert(entry);
+ /* check the time if we have one */
+ if (entry->revocationDate.data && entry->revocationDate.len) {
+ PRTime revocationDate = 0;
+ if (SECSuccess ==
+ DER_DecodeTimeChoice(&revocationDate,
+ &entry->revocationDate)) {
+ /* we got a good revocation date, only consider the
+ certificate revoked if the time we are inquiring about
+ is past the revocation date */
+ if (t >= revocationDate) {
+ rv = SECFailure;
+ } else {
+ status = certRevocationStatusValid;
+ }
+ } else {
+ /* invalid revocation date, consider the certificate
+ permanently revoked */
+ rv = SECFailure;
+ }
+ } else {
+ /* no revocation date, certificate is permanently revoked */
+ rv = SECFailure;
+ }
+ if (SECFailure == rv) {
+ (void)CERT_FindCRLEntryReasonExten(entry, &reason);
+ PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
+ }
+ break;
+
+ case dpcacheEmpty:
+ /* useful for NIST policy */
+ status = certRevocationStatusUnknown;
+ break;
+
+ case dpcacheNoEntry:
+ status = certRevocationStatusValid;
+ break;
+
+ case dpcacheInvalidCacheError:
+ /* treat it as unknown and let the caller decide based on
+ the policy */
+ status = certRevocationStatusUnknown;
+ break;
+
+ default:
+ /* leave status as revoked */
+ break;
+ }
+
+ ReleaseDPCache(dpcache, lockedwrite);
+ if (revStatus) {
+ *revStatus = status;
+ }
+ if (revReason) {
+ *revReason = reason;
+ }
+ return rv;
+}
+
+/* check CRL revocation status of given certificate and issuer */
+SECStatus
+CERT_CheckCRL(CERTCertificate* cert, CERTCertificate* issuer, const SECItem* dp,
+ PRTime t, void* wincx)
+{
+ return cert_CheckCertRevocationStatus(cert, issuer, dp, t, wincx, NULL,
+ NULL);
+}
+
+/* retrieve full CRL object that best matches the cache status */
+CERTSignedCrl*
+SEC_FindCrlByName(CERTCertDBHandle* handle, SECItem* crlKey, int type)
+{
+ CERTSignedCrl* acrl = NULL;
+ CRLDPCache* dpcache = NULL;
+ SECStatus rv = SECSuccess;
+ PRBool writeLocked = PR_FALSE;
+
+ if (!crlKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ rv = AcquireDPCache(NULL, crlKey, NULL, 0, NULL, &dpcache, &writeLocked);
+ if (SECSuccess == rv) {
+ acrl = GetBestCRL(dpcache, PR_TRUE); /* decode entries, because
+ SEC_FindCrlByName always returned fully decoded CRLs in the past */
+ ReleaseDPCache(dpcache, writeLocked);
+ }
+ return acrl;
+}
+
+/* invalidate the CRL cache for a given issuer, which forces a refetch of
+ CRL objects from PKCS#11 tokens */
+void
+CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey)
+{
+ CRLDPCache* cache = NULL;
+ SECStatus rv = SECSuccess;
+ PRBool writeLocked = PR_FALSE;
+ PRBool readlocked;
+
+ (void)dbhandle; /* silence compiler warnings */
+
+ /* XCRL we will need to refresh all the DPs of the issuer in the future,
+ not just the default one */
+ rv = AcquireDPCache(NULL, crlKey, NULL, 0, NULL, &cache, &writeLocked);
+ if (SECSuccess != rv) {
+ return;
+ }
+ /* we need to invalidate the DPCache here */
+ readlocked = (writeLocked == PR_TRUE ? PR_FALSE : PR_TRUE);
+ DPCache_LockWrite();
+ cache->refresh = PR_TRUE;
+ DPCache_UnlockWrite();
+ ReleaseDPCache(cache, writeLocked);
+ return;
+}
+
+/* add the specified RAM CRL object to the cache */
+SECStatus
+CERT_CacheCRL(CERTCertDBHandle* dbhandle, SECItem* newdercrl)
+{
+ CRLDPCache* cache = NULL;
+ SECStatus rv = SECSuccess;
+ PRBool writeLocked = PR_FALSE;
+ PRBool readlocked;
+ CachedCrl* returned = NULL;
+ PRBool added = PR_FALSE;
+ CERTSignedCrl* newcrl = NULL;
+ int realerror = 0;
+
+ if (!dbhandle || !newdercrl) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* first decode the DER CRL to make sure it's OK */
+ newcrl = CERT_DecodeDERCrlWithFlags(NULL, newdercrl, SEC_CRL_TYPE,
+ CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_SKIP_ENTRIES);
+
+ if (!newcrl) {
+ return SECFailure;
+ }
+
+ /* XXX check if it has IDP extension. If so, do not proceed and set error */
+
+ rv = AcquireDPCache(NULL, &newcrl->crl.derName, NULL, 0, NULL, &cache,
+ &writeLocked);
+ if (SECSuccess == rv) {
+ readlocked = (writeLocked == PR_TRUE ? PR_FALSE : PR_TRUE);
+
+ rv = CachedCrl_Create(&returned, newcrl, CRL_OriginExplicit);
+ if (SECSuccess == rv && returned) {
+ DPCache_LockWrite();
+ rv = DPCache_AddCRL(cache, returned, &added);
+ if (PR_TRUE != added) {
+ realerror = PORT_GetError();
+ CachedCrl_Destroy(returned);
+ returned = NULL;
+ }
+ DPCache_UnlockWrite();
+ }
+
+ ReleaseDPCache(cache, writeLocked);
+
+ if (!added) {
+ rv = SECFailure;
+ }
+ }
+ SEC_DestroyCrl(newcrl); /* free the CRL. Either it got added to the cache
+ and the refcount got bumped, or not, and thus we need to free its
+ RAM */
+ if (realerror) {
+ PORT_SetError(realerror);
+ }
+ return rv;
+}
+
+/* remove the specified RAM CRL object from the cache */
+SECStatus
+CERT_UncacheCRL(CERTCertDBHandle* dbhandle, SECItem* olddercrl)
+{
+ CRLDPCache* cache = NULL;
+ SECStatus rv = SECSuccess;
+ PRBool writeLocked = PR_FALSE;
+ PRBool readlocked;
+ PRBool removed = PR_FALSE;
+ PRUint32 i;
+ CERTSignedCrl* oldcrl = NULL;
+
+ if (!dbhandle || !olddercrl) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* first decode the DER CRL to make sure it's OK */
+ oldcrl = CERT_DecodeDERCrlWithFlags(NULL, olddercrl, SEC_CRL_TYPE,
+ CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_SKIP_ENTRIES);
+
+ if (!oldcrl) {
+ /* if this DER CRL can't decode, it can't be in the cache */
+ return SECFailure;
+ }
+
+ rv = AcquireDPCache(NULL, &oldcrl->crl.derName, NULL, 0, NULL, &cache,
+ &writeLocked);
+ if (SECSuccess == rv) {
+ CachedCrl* returned = NULL;
+
+ readlocked = (writeLocked == PR_TRUE ? PR_FALSE : PR_TRUE);
+
+ rv = CachedCrl_Create(&returned, oldcrl, CRL_OriginExplicit);
+ if (SECSuccess == rv && returned) {
+ DPCache_LockWrite();
+ for (i = 0; i < cache->ncrls; i++) {
+ PRBool dupe = PR_FALSE, updated = PR_FALSE;
+ rv = CachedCrl_Compare(returned, cache->crls[i], &dupe,
+ &updated);
+ if (SECSuccess != rv) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ break;
+ }
+ if (PR_TRUE == dupe) {
+ rv = DPCache_RemoveCRL(cache, i); /* got a match */
+ if (SECSuccess == rv) {
+ cache->mustchoose = PR_TRUE;
+ removed = PR_TRUE;
+ }
+ break;
+ }
+ }
+
+ DPCache_UnlockWrite();
+
+ if (SECSuccess != CachedCrl_Destroy(returned)) {
+ rv = SECFailure;
+ }
+ }
+
+ ReleaseDPCache(cache, writeLocked);
+ }
+ if (SECSuccess != SEC_DestroyCrl(oldcrl)) {
+ /* need to do this because object is refcounted */
+ rv = SECFailure;
+ }
+ if (SECSuccess == rv && PR_TRUE != removed) {
+ PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
+ }
+ return rv;
+}
+
+SECStatus
+cert_AcquireNamedCRLCache(NamedCRLCache** returned)
+{
+ PORT_Assert(returned);
+ if (!namedCRLCache.lock) {
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ PR_Lock(namedCRLCache.lock);
+ *returned = &namedCRLCache;
+ return SECSuccess;
+}
+
+/* This must be called only while cache is acquired, and the entry is only
+ * valid until cache is released.
+ */
+SECStatus
+cert_FindCRLByGeneralName(NamedCRLCache* ncc, const SECItem* canonicalizedName,
+ NamedCRLCacheEntry** retEntry)
+{
+ if (!ncc || !canonicalizedName || !retEntry) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ *retEntry = (NamedCRLCacheEntry*)PL_HashTableLookup(
+ namedCRLCache.entries, (void*)canonicalizedName);
+ return SECSuccess;
+}
+
+SECStatus
+cert_ReleaseNamedCRLCache(NamedCRLCache* ncc)
+{
+ if (!ncc) {
+ return SECFailure;
+ }
+ if (!ncc->lock) {
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ PR_Unlock(namedCRLCache.lock);
+ return SECSuccess;
+}
+
+/* creates new named cache entry from CRL, and tries to add it to CRL cache */
+static SECStatus
+addCRLToCache(CERTCertDBHandle* dbhandle, SECItem* crl,
+ const SECItem* canonicalizedName, NamedCRLCacheEntry** newEntry)
+{
+ SECStatus rv = SECSuccess;
+ NamedCRLCacheEntry* entry = NULL;
+
+ /* create new named entry */
+ if (SECSuccess != NamedCRLCacheEntry_Create(newEntry) || !*newEntry) {
+ /* no need to keep unused CRL around */
+ SECITEM_ZfreeItem(crl, PR_TRUE);
+ return SECFailure;
+ }
+ entry = *newEntry;
+ entry->crl = crl; /* named CRL cache owns DER */
+ entry->lastAttemptTime = PR_Now();
+ entry->canonicalizedName = SECITEM_DupItem(canonicalizedName);
+ if (!entry->canonicalizedName) {
+ rv = NamedCRLCacheEntry_Destroy(entry); /* destroys CRL too */
+ PORT_Assert(SECSuccess == rv);
+ return SECFailure;
+ }
+ /* now, attempt to insert CRL into CRL cache */
+ if (SECSuccess == CERT_CacheCRL(dbhandle, entry->crl)) {
+ entry->inCRLCache = PR_TRUE;
+ entry->successfulInsertionTime = entry->lastAttemptTime;
+ } else {
+ switch (PR_GetError()) {
+ case SEC_ERROR_CRL_ALREADY_EXISTS:
+ entry->dupe = PR_TRUE;
+ break;
+
+ case SEC_ERROR_BAD_DER:
+ entry->badDER = PR_TRUE;
+ break;
+
+ /* all other reasons */
+ default:
+ entry->unsupported = PR_TRUE;
+ break;
+ }
+ rv = SECFailure;
+ /* no need to keep unused CRL around */
+ SECITEM_ZfreeItem(entry->crl, PR_TRUE);
+ entry->crl = NULL;
+ }
+ return rv;
+}
+
+/* take ownership of CRL, and insert it into the named CRL cache
+ * and indexed CRL cache
+ */
+SECStatus
+cert_CacheCRLByGeneralName(CERTCertDBHandle* dbhandle, SECItem* crl,
+ const SECItem* canonicalizedName)
+{
+ NamedCRLCacheEntry *oldEntry, *newEntry = NULL;
+ NamedCRLCache* ncc = NULL;
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(namedCRLCache.lock);
+ PORT_Assert(namedCRLCache.entries);
+
+ if (!crl || !canonicalizedName) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ rv = cert_AcquireNamedCRLCache(&ncc);
+ PORT_Assert(SECSuccess == rv);
+ if (SECSuccess != rv) {
+ SECITEM_ZfreeItem(crl, PR_TRUE);
+ return SECFailure;
+ }
+ rv = cert_FindCRLByGeneralName(ncc, canonicalizedName, &oldEntry);
+ PORT_Assert(SECSuccess == rv);
+ if (SECSuccess != rv) {
+ (void)cert_ReleaseNamedCRLCache(ncc);
+ SECITEM_ZfreeItem(crl, PR_TRUE);
+ return SECFailure;
+ }
+ if (SECSuccess ==
+ addCRLToCache(dbhandle, crl, canonicalizedName, &newEntry)) {
+ if (!oldEntry) {
+ /* add new good entry to the hash table */
+ if (NULL == PL_HashTableAdd(namedCRLCache.entries,
+ (void*)newEntry->canonicalizedName,
+ (void*)newEntry)) {
+ PORT_Assert(0);
+ NamedCRLCacheEntry_Destroy(newEntry);
+ rv = SECFailure;
+ }
+ } else {
+ PRBool removed;
+ /* remove the old CRL from the cache if needed */
+ if (oldEntry->inCRLCache) {
+ rv = CERT_UncacheCRL(dbhandle, oldEntry->crl);
+ PORT_Assert(SECSuccess == rv);
+ }
+ removed = PL_HashTableRemove(namedCRLCache.entries,
+ (void*)oldEntry->canonicalizedName);
+ PORT_Assert(removed);
+ if (!removed) {
+ rv = SECFailure;
+ /* leak old entry since we couldn't remove it from the hash
+ * table */
+ } else {
+ PORT_CheckSuccess(NamedCRLCacheEntry_Destroy(oldEntry));
+ }
+ if (NULL == PL_HashTableAdd(namedCRLCache.entries,
+ (void*)newEntry->canonicalizedName,
+ (void*)newEntry)) {
+ PORT_Assert(0);
+ rv = SECFailure;
+ }
+ }
+ } else {
+ /* error adding new CRL to cache */
+ if (!oldEntry) {
+ /* no old cache entry, use the new one even though it's bad */
+ if (NULL == PL_HashTableAdd(namedCRLCache.entries,
+ (void*)newEntry->canonicalizedName,
+ (void*)newEntry)) {
+ PORT_Assert(0);
+ rv = SECFailure;
+ }
+ } else {
+ if (oldEntry->inCRLCache) {
+ /* previous cache entry was good, keep it and update time */
+ oldEntry->lastAttemptTime = newEntry->lastAttemptTime;
+ /* throw away new bad entry */
+ rv = NamedCRLCacheEntry_Destroy(newEntry);
+ PORT_Assert(SECSuccess == rv);
+ } else {
+ /* previous cache entry was bad, just replace it */
+ PRBool removed = PL_HashTableRemove(
+ namedCRLCache.entries, (void*)oldEntry->canonicalizedName);
+ PORT_Assert(removed);
+ if (!removed) {
+ /* leak old entry since we couldn't remove it from the hash
+ * table */
+ rv = SECFailure;
+ } else {
+ PORT_CheckSuccess(NamedCRLCacheEntry_Destroy(oldEntry));
+ }
+ if (NULL == PL_HashTableAdd(namedCRLCache.entries,
+ (void*)newEntry->canonicalizedName,
+ (void*)newEntry)) {
+ PORT_Assert(0);
+ rv = SECFailure;
+ }
+ }
+ }
+ }
+ PORT_CheckSuccess(cert_ReleaseNamedCRLCache(ncc));
+
+ return rv;
+}
+
+static SECStatus
+CachedCrl_Create(CachedCrl** returned, CERTSignedCrl* crl, CRLOrigin origin)
+{
+ CachedCrl* newcrl = NULL;
+ if (!returned) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ newcrl = PORT_ZAlloc(sizeof(CachedCrl));
+ if (!newcrl) {
+ return SECFailure;
+ }
+ newcrl->crl = SEC_DupCrl(crl);
+ newcrl->origin = origin;
+ *returned = newcrl;
+ return SECSuccess;
+}
+
+/* empty the cache content */
+static SECStatus
+CachedCrl_Depopulate(CachedCrl* crl)
+{
+ if (!crl) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* destroy the hash table */
+ if (crl->entries) {
+ PL_HashTableDestroy(crl->entries);
+ crl->entries = NULL;
+ }
+
+ /* free the pre buffer */
+ if (crl->prebuffer) {
+ PreAllocator_Destroy(crl->prebuffer);
+ crl->prebuffer = NULL;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+CachedCrl_Destroy(CachedCrl* crl)
+{
+ if (!crl) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ CachedCrl_Depopulate(crl);
+ SEC_DestroyCrl(crl->crl);
+ PORT_Free(crl);
+ return SECSuccess;
+}
+
+/* create hash table of CRL entries */
+static SECStatus
+CachedCrl_Populate(CachedCrl* crlobject)
+{
+ SECStatus rv = SECFailure;
+ CERTCrlEntry** crlEntry = NULL;
+ PRUint32 numEntries = 0;
+
+ if (!crlobject) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* complete the entry decoding . XXX thread-safety of CRL object */
+ rv = CERT_CompleteCRLDecodeEntries(crlobject->crl);
+ if (SECSuccess != rv) {
+ crlobject->unbuildable = PR_TRUE; /* don't try to build this again */
+ return SECFailure;
+ }
+
+ if (crlobject->entries && crlobject->prebuffer) {
+ /* cache is already built */
+ return SECSuccess;
+ }
+
+ /* build the hash table from the full CRL */
+ /* count CRL entries so we can pre-allocate space for hash table entries */
+ for (crlEntry = crlobject->crl->crl.entries; crlEntry && *crlEntry;
+ crlEntry++) {
+ numEntries++;
+ }
+ crlobject->prebuffer =
+ PreAllocator_Create(numEntries * sizeof(PLHashEntry));
+ PORT_Assert(crlobject->prebuffer);
+ if (!crlobject->prebuffer) {
+ return SECFailure;
+ }
+ /* create a new hash table */
+ crlobject->entries =
+ PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare, PL_CompareValues,
+ &preAllocOps, crlobject->prebuffer);
+ PORT_Assert(crlobject->entries);
+ if (!crlobject->entries) {
+ return SECFailure;
+ }
+ /* add all serial numbers to the hash table */
+ for (crlEntry = crlobject->crl->crl.entries; crlEntry && *crlEntry;
+ crlEntry++) {
+ PL_HashTableAdd(crlobject->entries, &(*crlEntry)->serialNumber,
+ *crlEntry);
+ }
+
+ return SECSuccess;
+}
+
+/* returns true if there are CRLs from PKCS#11 slots */
+static PRBool
+DPCache_HasTokenCRLs(CRLDPCache* cache)
+{
+ PRBool answer = PR_FALSE;
+ PRUint32 i;
+ for (i = 0; i < cache->ncrls; i++) {
+ if (cache->crls[i] && (CRL_OriginToken == cache->crls[i]->origin)) {
+ answer = PR_TRUE;
+ break;
+ }
+ }
+ return answer;
+}
+
+/* are these CRLs the same, as far as the cache is concerned ? */
+/* are these CRLs the same token object but with different DER ?
+ This can happen if the DER CRL got updated in the token, but the PKCS#11
+ object ID did not change. NSS softoken has the unfortunate property to
+ never change the object ID for CRL objects. */
+static SECStatus
+CachedCrl_Compare(CachedCrl* a, CachedCrl* b, PRBool* isDupe, PRBool* isUpdated)
+{
+ PORT_Assert(a);
+ PORT_Assert(b);
+ PORT_Assert(isDupe);
+ PORT_Assert(isUpdated);
+ if (!a || !b || !isDupe || !isUpdated || !a->crl || !b->crl) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ *isDupe = *isUpdated = PR_FALSE;
+
+ if (a == b) {
+ /* dupe */
+ *isDupe = PR_TRUE;
+ *isUpdated = PR_FALSE;
+ return SECSuccess;
+ }
+ if (b->origin != a->origin) {
+ /* CRLs of different origins are not considered dupes,
+ and can't be updated either */
+ return SECSuccess;
+ }
+ if (CRL_OriginToken == b->origin) {
+ /* for token CRLs, slot and PKCS#11 object handle must match for CRL
+ to truly be a dupe */
+ if ((b->crl->slot == a->crl->slot) &&
+ (b->crl->pkcs11ID == a->crl->pkcs11ID)) {
+ /* ASN.1 DER needs to match for dupe check */
+ /* could optimize by just checking a few fields like thisUpdate */
+ if (SECEqual ==
+ SECITEM_CompareItem(b->crl->derCrl, a->crl->derCrl)) {
+ *isDupe = PR_TRUE;
+ } else {
+ *isUpdated = PR_TRUE;
+ }
+ }
+ return SECSuccess;
+ }
+ if (CRL_OriginExplicit == b->origin) {
+ /* We need to make sure this is the same object that the user provided
+ to CERT_CacheCRL previously. That API takes a SECItem*, thus, we
+ just do a pointer comparison here.
+ */
+ if (b->crl->derCrl == a->crl->derCrl) {
+ *isDupe = PR_TRUE;
+ }
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/certdb/exports.gyp b/security/nss/lib/certdb/exports.gyp
new file mode 100644
index 000000000..359c93041
--- /dev/null
+++ b/security/nss/lib/certdb/exports.gyp
@@ -0,0 +1,36 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_certdb_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'cert.h',
+ 'certdb.h',
+ 'certt.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'certi.h',
+ 'certxutl.h',
+ 'genname.h',
+ 'xconst.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/certdb/genname.c b/security/nss/lib/certdb/genname.c
new file mode 100644
index 000000000..644913cee
--- /dev/null
+++ b/security/nss/lib/certdb/genname.c
@@ -0,0 +1,2019 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "plarena.h"
+#include "seccomon.h"
+#include "secitem.h"
+#include "secoidt.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "certt.h"
+#include "cert.h"
+#include "certi.h"
+#include "xconst.h"
+#include "secerr.h"
+#include "secoid.h"
+#include "prprf.h"
+#include "genname.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_IA5StringTemplate)
+SEC_ASN1_MKSUB(SEC_ObjectIDTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+
+static const SEC_ASN1Template CERTNameConstraintTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraint) },
+ { SEC_ASN1_ANY, offsetof(CERTNameConstraint, DERName) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(CERTNameConstraint, min), SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(CERTNameConstraint, max), SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_NameConstraintSubtreeSubTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+static const SEC_ASN1Template CERTNameConstraintsTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraints) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(CERTNameConstraints, DERPermited),
+ CERT_NameConstraintSubtreeSubTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(CERTNameConstraints, DERExcluded),
+ CERT_NameConstraintSubtreeSubTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template CERTOthNameTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OtherName) },
+ { SEC_ASN1_OBJECT_ID, offsetof(OtherName, oid) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_XTRN | 0,
+ offsetof(OtherName, name), SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template CERTOtherNameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
+ offsetof(CERTGeneralName, name.OthName), CERTOthNameTemplate,
+ sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_RFC822NameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(CERTGeneralName, name.other),
+ SEC_ASN1_SUB(SEC_IA5StringTemplate), sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_DNSNameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ offsetof(CERTGeneralName, name.other),
+ SEC_ASN1_SUB(SEC_IA5StringTemplate), sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_X400AddressTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_XTRN | 3,
+ offsetof(CERTGeneralName, name.other), SEC_ASN1_SUB(SEC_AnyTemplate),
+ sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_DirectoryNameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_XTRN | 4,
+ offsetof(CERTGeneralName, derDirectoryName),
+ SEC_ASN1_SUB(SEC_AnyTemplate), sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_EDIPartyNameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_XTRN | 5,
+ offsetof(CERTGeneralName, name.other), SEC_ASN1_SUB(SEC_AnyTemplate),
+ sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_URITemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 6,
+ offsetof(CERTGeneralName, name.other),
+ SEC_ASN1_SUB(SEC_IA5StringTemplate), sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_IPAddressTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 7,
+ offsetof(CERTGeneralName, name.other),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate), sizeof(CERTGeneralName) }
+};
+
+static const SEC_ASN1Template CERT_RegisteredIDTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 8,
+ offsetof(CERTGeneralName, name.other), SEC_ASN1_SUB(SEC_ObjectIDTemplate),
+ sizeof(CERTGeneralName) }
+};
+
+const SEC_ASN1Template CERT_GeneralNamesTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+static struct {
+ CERTGeneralNameType type;
+ char *name;
+} typesArray[] = { { certOtherName, "other" },
+ { certRFC822Name, "email" },
+ { certRFC822Name, "rfc822" },
+ { certDNSName, "dns" },
+ { certX400Address, "x400" },
+ { certX400Address, "x400addr" },
+ { certDirectoryName, "directory" },
+ { certDirectoryName, "dn" },
+ { certEDIPartyName, "edi" },
+ { certEDIPartyName, "ediparty" },
+ { certURI, "uri" },
+ { certIPAddress, "ip" },
+ { certIPAddress, "ipaddr" },
+ { certRegisterID, "registerid" } };
+
+CERTGeneralNameType
+CERT_GetGeneralNameTypeFromString(const char *string)
+{
+ int types_count = sizeof(typesArray) / sizeof(typesArray[0]);
+ int i;
+
+ for (i = 0; i < types_count; i++) {
+ if (PORT_Strcasecmp(string, typesArray[i].name) == 0) {
+ return typesArray[i].type;
+ }
+ }
+ return 0;
+}
+
+CERTGeneralName *
+CERT_NewGeneralName(PLArenaPool *arena, CERTGeneralNameType type)
+{
+ CERTGeneralName *name = arena ? PORT_ArenaZNew(arena, CERTGeneralName)
+ : PORT_ZNew(CERTGeneralName);
+ if (name) {
+ name->type = type;
+ name->l.prev = name->l.next = &name->l;
+ }
+ return name;
+}
+
+/* Copy content of one General Name to another.
+** Caller has allocated destination general name.
+** This function does not change the destinate's GeneralName's list linkage.
+*/
+SECStatus
+cert_CopyOneGeneralName(PLArenaPool *arena, CERTGeneralName *dest,
+ CERTGeneralName *src)
+{
+ SECStatus rv;
+ void *mark = NULL;
+
+ PORT_Assert(dest != NULL);
+ dest->type = src->type;
+
+ mark = PORT_ArenaMark(arena);
+
+ switch (src->type) {
+ case certDirectoryName:
+ rv = SECITEM_CopyItem(arena, &dest->derDirectoryName,
+ &src->derDirectoryName);
+ if (rv == SECSuccess)
+ rv = CERT_CopyName(arena, &dest->name.directoryName,
+ &src->name.directoryName);
+ break;
+
+ case certOtherName:
+ rv = SECITEM_CopyItem(arena, &dest->name.OthName.name,
+ &src->name.OthName.name);
+ if (rv == SECSuccess)
+ rv = SECITEM_CopyItem(arena, &dest->name.OthName.oid,
+ &src->name.OthName.oid);
+ break;
+
+ default:
+ rv = SECITEM_CopyItem(arena, &dest->name.other, &src->name.other);
+ break;
+ }
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(arena, mark);
+ } else {
+ PORT_ArenaUnmark(arena, mark);
+ }
+ return rv;
+}
+
+void
+CERT_DestroyGeneralNameList(CERTGeneralNameList *list)
+{
+ PZLock *lock;
+
+ if (list != NULL) {
+ lock = list->lock;
+ PZ_Lock(lock);
+ if (--list->refCount <= 0 && list->arena != NULL) {
+ PORT_FreeArena(list->arena, PR_FALSE);
+ PZ_Unlock(lock);
+ PZ_DestroyLock(lock);
+ } else {
+ PZ_Unlock(lock);
+ }
+ }
+ return;
+}
+
+CERTGeneralNameList *
+CERT_CreateGeneralNameList(CERTGeneralName *name)
+{
+ PLArenaPool *arena;
+ CERTGeneralNameList *list = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto done;
+ }
+ list = PORT_ArenaZNew(arena, CERTGeneralNameList);
+ if (!list)
+ goto loser;
+ if (name != NULL) {
+ SECStatus rv;
+ list->name = CERT_NewGeneralName(arena, (CERTGeneralNameType)0);
+ if (!list->name)
+ goto loser;
+ rv = CERT_CopyGeneralName(arena, list->name, name);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+ list->lock = PZ_NewLock(nssILockList);
+ if (!list->lock)
+ goto loser;
+ list->arena = arena;
+ list->refCount = 1;
+done:
+ return list;
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+CERTGeneralName *
+CERT_GetNextGeneralName(CERTGeneralName *current)
+{
+ PRCList *next;
+
+ next = current->l.next;
+ return (CERTGeneralName *)(((char *)next) - offsetof(CERTGeneralName, l));
+}
+
+CERTGeneralName *
+CERT_GetPrevGeneralName(CERTGeneralName *current)
+{
+ PRCList *prev;
+ prev = current->l.prev;
+ return (CERTGeneralName *)(((char *)prev) - offsetof(CERTGeneralName, l));
+}
+
+CERTNameConstraint *
+CERT_GetNextNameConstraint(CERTNameConstraint *current)
+{
+ PRCList *next;
+
+ next = current->l.next;
+ return (CERTNameConstraint *)(((char *)next) -
+ offsetof(CERTNameConstraint, l));
+}
+
+CERTNameConstraint *
+CERT_GetPrevNameConstraint(CERTNameConstraint *current)
+{
+ PRCList *prev;
+ prev = current->l.prev;
+ return (CERTNameConstraint *)(((char *)prev) -
+ offsetof(CERTNameConstraint, l));
+}
+
+SECItem *
+CERT_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest,
+ PLArenaPool *arena)
+{
+
+ const SEC_ASN1Template *template;
+
+ PORT_Assert(arena);
+ if (arena == NULL || !genName) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ /* TODO: mark arena */
+ if (dest == NULL) {
+ dest = PORT_ArenaZNew(arena, SECItem);
+ if (!dest)
+ goto loser;
+ }
+ if (genName->type == certDirectoryName) {
+ if (genName->derDirectoryName.data == NULL) {
+ /* The field hasn't been encoded yet. */
+ SECItem *pre_dest = SEC_ASN1EncodeItem(
+ arena, &(genName->derDirectoryName),
+ &(genName->name.directoryName), CERT_NameTemplate);
+ if (!pre_dest)
+ goto loser;
+ }
+ if (genName->derDirectoryName.data == NULL) {
+ goto loser;
+ }
+ }
+ switch (genName->type) {
+ case certURI:
+ template = CERT_URITemplate;
+ break;
+ case certRFC822Name:
+ template = CERT_RFC822NameTemplate;
+ break;
+ case certDNSName:
+ template = CERT_DNSNameTemplate;
+ break;
+ case certIPAddress:
+ template = CERT_IPAddressTemplate;
+ break;
+ case certOtherName:
+ template = CERTOtherNameTemplate;
+ break;
+ case certRegisterID:
+ template = CERT_RegisteredIDTemplate;
+ break;
+ /* for this type, we expect the value is already encoded */
+ case certEDIPartyName:
+ template = CERT_EDIPartyNameTemplate;
+ break;
+ /* for this type, we expect the value is already encoded */
+ case certX400Address:
+ template = CERT_X400AddressTemplate;
+ break;
+ case certDirectoryName:
+ template = CERT_DirectoryNameTemplate;
+ break;
+ default:
+ PORT_Assert(0);
+ goto loser;
+ }
+ dest = SEC_ASN1EncodeItem(arena, dest, genName, template);
+ if (!dest) {
+ goto loser;
+ }
+ /* TODO: unmark arena */
+ return dest;
+loser:
+ /* TODO: release arena back to mark */
+ return NULL;
+}
+
+SECItem **
+cert_EncodeGeneralNames(PLArenaPool *arena, CERTGeneralName *names)
+{
+ CERTGeneralName *current_name;
+ SECItem **items = NULL;
+ int count = 1;
+ int i;
+ PRCList *head;
+
+ if (!names) {
+ return NULL;
+ }
+
+ PORT_Assert(arena);
+ /* TODO: mark arena */
+ current_name = names;
+ head = &(names->l);
+ while (current_name->l.next != head) {
+ current_name = CERT_GetNextGeneralName(current_name);
+ ++count;
+ }
+ current_name = CERT_GetNextGeneralName(current_name);
+ items = PORT_ArenaNewArray(arena, SECItem *, count + 1);
+ if (items == NULL) {
+ goto loser;
+ }
+ for (i = 0; i < count; i++) {
+ items[i] = CERT_EncodeGeneralName(current_name, (SECItem *)NULL, arena);
+ if (items[i] == NULL) {
+ goto loser;
+ }
+ current_name = CERT_GetNextGeneralName(current_name);
+ }
+ items[i] = NULL;
+ /* TODO: unmark arena */
+ return items;
+loser:
+ /* TODO: release arena to mark */
+ return NULL;
+}
+
+CERTGeneralName *
+CERT_DecodeGeneralName(PLArenaPool *reqArena, SECItem *encodedName,
+ CERTGeneralName *genName)
+{
+ const SEC_ASN1Template *template;
+ CERTGeneralNameType genNameType;
+ SECStatus rv = SECSuccess;
+ SECItem *newEncodedName;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ /* make a copy for decoding so the data decoded with QuickDER doesn't
+ point to temporary memory */
+ newEncodedName = SECITEM_ArenaDupItem(reqArena, encodedName);
+ if (!newEncodedName) {
+ return NULL;
+ }
+ /* TODO: mark arena */
+ genNameType = (CERTGeneralNameType)((*(newEncodedName->data) & 0x0f) + 1);
+ if (genName == NULL) {
+ genName = CERT_NewGeneralName(reqArena, genNameType);
+ if (!genName)
+ goto loser;
+ } else {
+ genName->type = genNameType;
+ genName->l.prev = genName->l.next = &genName->l;
+ }
+
+ switch (genNameType) {
+ case certURI:
+ template = CERT_URITemplate;
+ break;
+ case certRFC822Name:
+ template = CERT_RFC822NameTemplate;
+ break;
+ case certDNSName:
+ template = CERT_DNSNameTemplate;
+ break;
+ case certIPAddress:
+ template = CERT_IPAddressTemplate;
+ break;
+ case certOtherName:
+ template = CERTOtherNameTemplate;
+ break;
+ case certRegisterID:
+ template = CERT_RegisteredIDTemplate;
+ break;
+ case certEDIPartyName:
+ template = CERT_EDIPartyNameTemplate;
+ break;
+ case certX400Address:
+ template = CERT_X400AddressTemplate;
+ break;
+ case certDirectoryName:
+ template = CERT_DirectoryNameTemplate;
+ break;
+ default:
+ goto loser;
+ }
+ rv = SEC_QuickDERDecodeItem(reqArena, genName, template, newEncodedName);
+ if (rv != SECSuccess)
+ goto loser;
+ if (genNameType == certDirectoryName) {
+ rv = SEC_QuickDERDecodeItem(reqArena, &(genName->name.directoryName),
+ CERT_NameTemplate,
+ &(genName->derDirectoryName));
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ /* TODO: unmark arena */
+ return genName;
+loser:
+ /* TODO: release arena to mark */
+ return NULL;
+}
+
+CERTGeneralName *
+cert_DecodeGeneralNames(PLArenaPool *arena, SECItem **encodedGenName)
+{
+ PRCList *head = NULL;
+ PRCList *tail = NULL;
+ CERTGeneralName *currentName = NULL;
+
+ PORT_Assert(arena);
+ if (!encodedGenName || !arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ /* TODO: mark arena */
+ while (*encodedGenName != NULL) {
+ currentName = CERT_DecodeGeneralName(arena, *encodedGenName, NULL);
+ if (currentName == NULL)
+ break;
+ if (head == NULL) {
+ head = &(currentName->l);
+ tail = head;
+ }
+ currentName->l.next = head;
+ currentName->l.prev = tail;
+ tail = head->prev = tail->next = &(currentName->l);
+ encodedGenName++;
+ }
+ if (currentName) {
+ /* TODO: unmark arena */
+ return CERT_GetNextGeneralName(currentName);
+ }
+ /* TODO: release arena to mark */
+ return NULL;
+}
+
+void
+CERT_DestroyGeneralName(CERTGeneralName *name)
+{
+ cert_DestroyGeneralNames(name);
+}
+
+SECStatus
+cert_DestroyGeneralNames(CERTGeneralName *name)
+{
+ CERTGeneralName *first;
+ CERTGeneralName *next = NULL;
+
+ first = name;
+ do {
+ next = CERT_GetNextGeneralName(name);
+ PORT_Free(name);
+ name = next;
+ } while (name != first);
+ return SECSuccess;
+}
+
+static SECItem *
+cert_EncodeNameConstraint(CERTNameConstraint *constraint, SECItem *dest,
+ PLArenaPool *arena)
+{
+ PORT_Assert(arena);
+ if (dest == NULL) {
+ dest = PORT_ArenaZNew(arena, SECItem);
+ if (dest == NULL) {
+ return NULL;
+ }
+ }
+ CERT_EncodeGeneralName(&(constraint->name), &(constraint->DERName), arena);
+
+ dest =
+ SEC_ASN1EncodeItem(arena, dest, constraint, CERTNameConstraintTemplate);
+ return dest;
+}
+
+SECStatus
+cert_EncodeNameConstraintSubTree(CERTNameConstraint *constraints,
+ PLArenaPool *arena, SECItem ***dest,
+ PRBool permited)
+{
+ CERTNameConstraint *current_constraint = constraints;
+ SECItem **items = NULL;
+ int count = 0;
+ int i;
+ PRCList *head;
+
+ PORT_Assert(arena);
+ /* TODO: mark arena */
+ if (constraints != NULL) {
+ count = 1;
+ }
+ head = &constraints->l;
+ while (current_constraint->l.next != head) {
+ current_constraint = CERT_GetNextNameConstraint(current_constraint);
+ ++count;
+ }
+ current_constraint = CERT_GetNextNameConstraint(current_constraint);
+ items = PORT_ArenaZNewArray(arena, SECItem *, count + 1);
+ if (items == NULL) {
+ goto loser;
+ }
+ for (i = 0; i < count; i++) {
+ items[i] = cert_EncodeNameConstraint(current_constraint,
+ (SECItem *)NULL, arena);
+ if (items[i] == NULL) {
+ goto loser;
+ }
+ current_constraint = CERT_GetNextNameConstraint(current_constraint);
+ }
+ *dest = items;
+ if (*dest == NULL) {
+ goto loser;
+ }
+ /* TODO: unmark arena */
+ return SECSuccess;
+loser:
+ /* TODO: release arena to mark */
+ return SECFailure;
+}
+
+SECStatus
+cert_EncodeNameConstraints(CERTNameConstraints *constraints, PLArenaPool *arena,
+ SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(arena);
+ /* TODO: mark arena */
+ if (constraints->permited != NULL) {
+ rv = cert_EncodeNameConstraintSubTree(
+ constraints->permited, arena, &constraints->DERPermited, PR_TRUE);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ }
+ if (constraints->excluded != NULL) {
+ rv = cert_EncodeNameConstraintSubTree(
+ constraints->excluded, arena, &constraints->DERExcluded, PR_FALSE);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ }
+ dest = SEC_ASN1EncodeItem(arena, dest, constraints,
+ CERTNameConstraintsTemplate);
+ if (dest == NULL) {
+ goto loser;
+ }
+ /* TODO: unmark arena */
+ return SECSuccess;
+loser:
+ /* TODO: release arena to mark */
+ return SECFailure;
+}
+
+CERTNameConstraint *
+cert_DecodeNameConstraint(PLArenaPool *reqArena, SECItem *encodedConstraint)
+{
+ CERTNameConstraint *constraint;
+ SECStatus rv = SECSuccess;
+ CERTGeneralName *temp;
+ SECItem *newEncodedConstraint;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ newEncodedConstraint = SECITEM_ArenaDupItem(reqArena, encodedConstraint);
+ if (!newEncodedConstraint) {
+ return NULL;
+ }
+ /* TODO: mark arena */
+ constraint = PORT_ArenaZNew(reqArena, CERTNameConstraint);
+ if (!constraint)
+ goto loser;
+ rv = SEC_QuickDERDecodeItem(
+ reqArena, constraint, CERTNameConstraintTemplate, newEncodedConstraint);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ temp = CERT_DecodeGeneralName(reqArena, &(constraint->DERName),
+ &(constraint->name));
+ if (temp != &(constraint->name)) {
+ goto loser;
+ }
+
+ /* ### sjlee: since the name constraint contains only one
+ * CERTGeneralName, the list within CERTGeneralName shouldn't
+ * point anywhere else. Otherwise, bad things will happen.
+ */
+ constraint->name.l.prev = constraint->name.l.next = &(constraint->name.l);
+ /* TODO: unmark arena */
+ return constraint;
+loser:
+ /* TODO: release arena back to mark */
+ return NULL;
+}
+
+static CERTNameConstraint *
+cert_DecodeNameConstraintSubTree(PLArenaPool *arena, SECItem **subTree,
+ PRBool permited)
+{
+ CERTNameConstraint *current = NULL;
+ CERTNameConstraint *first = NULL;
+ CERTNameConstraint *last = NULL;
+ int i = 0;
+
+ PORT_Assert(arena);
+ /* TODO: mark arena */
+ while (subTree[i] != NULL) {
+ current = cert_DecodeNameConstraint(arena, subTree[i]);
+ if (current == NULL) {
+ goto loser;
+ }
+ if (first == NULL) {
+ first = current;
+ } else {
+ current->l.prev = &(last->l);
+ last->l.next = &(current->l);
+ }
+ last = current;
+ i++;
+ }
+ if (first && last) {
+ first->l.prev = &(last->l);
+ last->l.next = &(first->l);
+ }
+ /* TODO: unmark arena */
+ return first;
+loser:
+ /* TODO: release arena back to mark */
+ return NULL;
+}
+
+CERTNameConstraints *
+cert_DecodeNameConstraints(PLArenaPool *reqArena,
+ const SECItem *encodedConstraints)
+{
+ CERTNameConstraints *constraints;
+ SECStatus rv;
+ SECItem *newEncodedConstraints;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ PORT_Assert(encodedConstraints);
+ newEncodedConstraints = SECITEM_ArenaDupItem(reqArena, encodedConstraints);
+
+ /* TODO: mark arena */
+ constraints = PORT_ArenaZNew(reqArena, CERTNameConstraints);
+ if (constraints == NULL) {
+ goto loser;
+ }
+ rv = SEC_QuickDERDecodeItem(reqArena, constraints,
+ CERTNameConstraintsTemplate,
+ newEncodedConstraints);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (constraints->DERPermited != NULL &&
+ constraints->DERPermited[0] != NULL) {
+ constraints->permited = cert_DecodeNameConstraintSubTree(
+ reqArena, constraints->DERPermited, PR_TRUE);
+ if (constraints->permited == NULL) {
+ goto loser;
+ }
+ }
+ if (constraints->DERExcluded != NULL &&
+ constraints->DERExcluded[0] != NULL) {
+ constraints->excluded = cert_DecodeNameConstraintSubTree(
+ reqArena, constraints->DERExcluded, PR_FALSE);
+ if (constraints->excluded == NULL) {
+ goto loser;
+ }
+ }
+ /* TODO: unmark arena */
+ return constraints;
+loser:
+ /* TODO: release arena back to mark */
+ return NULL;
+}
+
+/* Copy a chain of one or more general names to a destination chain.
+** Caller has allocated at least the first destination GeneralName struct.
+** Both source and destination chains are circular doubly-linked lists.
+** The first source struct is copied to the first destination struct.
+** If the source chain has more than one member, and the destination chain
+** has only one member, then this function allocates new structs for all but
+** the first copy from the arena and links them into the destination list.
+** If the destination struct is part of a list with more than one member,
+** then this function traverses both the source and destination lists,
+** copying each source struct to the corresponding dest struct.
+** In that case, the destination list MUST contain at least as many
+** structs as the source list or some dest entries will be overwritten.
+*/
+SECStatus
+CERT_CopyGeneralName(PLArenaPool *arena, CERTGeneralName *dest,
+ CERTGeneralName *src)
+{
+ SECStatus rv;
+ CERTGeneralName *destHead = dest;
+ CERTGeneralName *srcHead = src;
+
+ PORT_Assert(dest != NULL);
+ if (!dest) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* TODO: mark arena */
+ do {
+ rv = cert_CopyOneGeneralName(arena, dest, src);
+ if (rv != SECSuccess)
+ goto loser;
+ src = CERT_GetNextGeneralName(src);
+ /* if there is only one general name, we shouldn't do this */
+ if (src != srcHead) {
+ if (dest->l.next == &destHead->l) {
+ CERTGeneralName *temp;
+ temp = CERT_NewGeneralName(arena, (CERTGeneralNameType)0);
+ if (!temp)
+ goto loser;
+ temp->l.next = &destHead->l;
+ temp->l.prev = &dest->l;
+ destHead->l.prev = &temp->l;
+ dest->l.next = &temp->l;
+ dest = temp;
+ } else {
+ dest = CERT_GetNextGeneralName(dest);
+ }
+ }
+ } while (src != srcHead && rv == SECSuccess);
+ /* TODO: unmark arena */
+ return rv;
+loser:
+ /* TODO: release back to mark */
+ return SECFailure;
+}
+
+CERTGeneralNameList *
+CERT_DupGeneralNameList(CERTGeneralNameList *list)
+{
+ if (list != NULL) {
+ PZ_Lock(list->lock);
+ list->refCount++;
+ PZ_Unlock(list->lock);
+ }
+ return list;
+}
+
+/* Allocate space and copy CERTNameConstraint from src to dest */
+CERTNameConstraint *
+CERT_CopyNameConstraint(PLArenaPool *arena, CERTNameConstraint *dest,
+ CERTNameConstraint *src)
+{
+ SECStatus rv;
+
+ /* TODO: mark arena */
+ if (dest == NULL) {
+ dest = PORT_ArenaZNew(arena, CERTNameConstraint);
+ if (!dest)
+ goto loser;
+ /* mark that it is not linked */
+ dest->name.l.prev = dest->name.l.next = &(dest->name.l);
+ }
+ rv = CERT_CopyGeneralName(arena, &dest->name, &src->name);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, &dest->DERName, &src->DERName);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, &dest->min, &src->min);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, &dest->max, &src->max);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ dest->l.prev = dest->l.next = &dest->l;
+ /* TODO: unmark arena */
+ return dest;
+loser:
+ /* TODO: release arena to mark */
+ return NULL;
+}
+
+CERTGeneralName *
+cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2)
+{
+ PRCList *begin1;
+ PRCList *begin2;
+ PRCList *end1;
+ PRCList *end2;
+
+ if (list1 == NULL) {
+ return list2;
+ } else if (list2 == NULL) {
+ return list1;
+ } else {
+ begin1 = &list1->l;
+ begin2 = &list2->l;
+ end1 = list1->l.prev;
+ end2 = list2->l.prev;
+ end1->next = begin2;
+ end2->next = begin1;
+ begin1->prev = end2;
+ begin2->prev = end1;
+ return list1;
+ }
+}
+
+CERTNameConstraint *
+cert_CombineConstraintsLists(CERTNameConstraint *list1,
+ CERTNameConstraint *list2)
+{
+ PRCList *begin1;
+ PRCList *begin2;
+ PRCList *end1;
+ PRCList *end2;
+
+ if (list1 == NULL) {
+ return list2;
+ } else if (list2 == NULL) {
+ return list1;
+ } else {
+ begin1 = &list1->l;
+ begin2 = &list2->l;
+ end1 = list1->l.prev;
+ end2 = list2->l.prev;
+ end1->next = begin2;
+ end2->next = begin1;
+ begin1->prev = end2;
+ begin2->prev = end1;
+ return list1;
+ }
+}
+
+/* Add a CERTNameConstraint to the CERTNameConstraint list */
+CERTNameConstraint *
+CERT_AddNameConstraint(CERTNameConstraint *list, CERTNameConstraint *constraint)
+{
+ PORT_Assert(constraint != NULL);
+ constraint->l.next = constraint->l.prev = &constraint->l;
+ list = cert_CombineConstraintsLists(list, constraint);
+ return list;
+}
+
+SECStatus
+CERT_GetNameConstraintByType(CERTNameConstraint *constraints,
+ CERTGeneralNameType type,
+ CERTNameConstraint **returnList,
+ PLArenaPool *arena)
+{
+ CERTNameConstraint *current = NULL;
+ void *mark = NULL;
+
+ *returnList = NULL;
+ if (!constraints)
+ return SECSuccess;
+
+ mark = PORT_ArenaMark(arena);
+
+ current = constraints;
+ do {
+ PORT_Assert(current->name.type);
+ if (current->name.type == type) {
+ CERTNameConstraint *temp;
+ temp = CERT_CopyNameConstraint(arena, NULL, current);
+ if (temp == NULL)
+ goto loser;
+ *returnList = CERT_AddNameConstraint(*returnList, temp);
+ }
+ current = CERT_GetNextNameConstraint(current);
+ } while (current != constraints);
+ PORT_ArenaUnmark(arena, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return SECFailure;
+}
+
+void *
+CERT_GetGeneralNameByType(CERTGeneralName *genNames, CERTGeneralNameType type,
+ PRBool derFormat)
+{
+ CERTGeneralName *current;
+
+ if (!genNames)
+ return NULL;
+ current = genNames;
+
+ do {
+ if (current->type == type) {
+ switch (type) {
+ case certDNSName:
+ case certEDIPartyName:
+ case certIPAddress:
+ case certRegisterID:
+ case certRFC822Name:
+ case certX400Address:
+ case certURI:
+ return (void *)&current->name.other; /* SECItem * */
+
+ case certOtherName:
+ return (void *)&current->name.OthName; /* OthName * */
+
+ case certDirectoryName:
+ return derFormat
+ ? (void *)&current
+ ->derDirectoryName /* SECItem * */
+ : (void *)&current->name
+ .directoryName; /* CERTName * */
+ }
+ PORT_Assert(0);
+ return NULL;
+ }
+ current = CERT_GetNextGeneralName(current);
+ } while (current != genNames);
+ return NULL;
+}
+
+int
+CERT_GetNamesLength(CERTGeneralName *names)
+{
+ int length = 0;
+ CERTGeneralName *first;
+
+ first = names;
+ if (names != NULL) {
+ do {
+ length++;
+ names = CERT_GetNextGeneralName(names);
+ } while (names != first);
+ }
+ return length;
+}
+
+/* Creates new GeneralNames for any email addresses found in the
+** input DN, and links them onto the list for the DN.
+*/
+SECStatus
+cert_ExtractDNEmailAddrs(CERTGeneralName *name, PLArenaPool *arena)
+{
+ CERTGeneralName *nameList = NULL;
+ const CERTRDN **nRDNs = (const CERTRDN **)(name->name.directoryName.rdns);
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(name->type == certDirectoryName);
+ if (name->type != certDirectoryName) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* TODO: mark arena */
+ while (nRDNs && *nRDNs) { /* loop over RDNs */
+ const CERTRDN *nRDN = *nRDNs++;
+ CERTAVA **nAVAs = nRDN->avas;
+ while (nAVAs && *nAVAs) { /* loop over AVAs */
+ int tag;
+ CERTAVA *nAVA = *nAVAs++;
+ tag = CERT_GetAVATag(nAVA);
+ if (tag == SEC_OID_PKCS9_EMAIL_ADDRESS ||
+ tag == SEC_OID_RFC1274_MAIL) { /* email AVA */
+ CERTGeneralName *newName = NULL;
+ SECItem *avaValue = CERT_DecodeAVAValue(&nAVA->value);
+ if (!avaValue)
+ goto loser;
+ rv = SECFailure;
+ newName = CERT_NewGeneralName(arena, certRFC822Name);
+ if (newName) {
+ rv =
+ SECITEM_CopyItem(arena, &newName->name.other, avaValue);
+ }
+ SECITEM_FreeItem(avaValue, PR_TRUE);
+ if (rv != SECSuccess)
+ goto loser;
+ nameList = cert_CombineNamesLists(nameList, newName);
+ } /* handle one email AVA */
+ } /* loop over AVAs */
+ } /* loop over RDNs */
+ /* combine new names with old one. */
+ (void)cert_CombineNamesLists(name, nameList);
+ /* TODO: unmark arena */
+ return SECSuccess;
+
+loser:
+ /* TODO: release arena back to mark */
+ return SECFailure;
+}
+
+/* Extract all names except Subject Common Name from a cert
+** in preparation for a name constraints test.
+*/
+CERTGeneralName *
+CERT_GetCertificateNames(CERTCertificate *cert, PLArenaPool *arena)
+{
+ return CERT_GetConstrainedCertificateNames(cert, arena, PR_FALSE);
+}
+
+/* This function is called by CERT_VerifyCertChain to extract all
+** names from a cert in preparation for a name constraints test.
+*/
+CERTGeneralName *
+CERT_GetConstrainedCertificateNames(const CERTCertificate *cert,
+ PLArenaPool *arena,
+ PRBool includeSubjectCommonName)
+{
+ CERTGeneralName *DN;
+ CERTGeneralName *SAN;
+ PRUint32 numDNSNames = 0;
+ SECStatus rv;
+
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ /* TODO: mark arena */
+ DN = CERT_NewGeneralName(arena, certDirectoryName);
+ if (DN == NULL) {
+ goto loser;
+ }
+ rv = CERT_CopyName(arena, &DN->name.directoryName, &cert->subject);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, &DN->derDirectoryName, &cert->derSubject);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* Extract email addresses from DN, construct CERTGeneralName structs
+ ** for them, add them to the name list
+ */
+ rv = cert_ExtractDNEmailAddrs(DN, arena);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Now extract any GeneralNames from the subject name names extension. */
+ SAN = cert_GetSubjectAltNameList(cert, arena);
+ if (SAN) {
+ numDNSNames = cert_CountDNSPatterns(SAN);
+ DN = cert_CombineNamesLists(DN, SAN);
+ }
+ if (!numDNSNames && includeSubjectCommonName) {
+ char *cn = CERT_GetCommonName(&cert->subject);
+ if (cn) {
+ CERTGeneralName *CN = CERT_NewGeneralName(arena, certDNSName);
+ if (CN) {
+ SECItem cnItem = { siBuffer, NULL, 0 };
+ cnItem.data = (unsigned char *)cn;
+ cnItem.len = strlen(cn);
+ rv = SECITEM_CopyItem(arena, &CN->name.other, &cnItem);
+ if (rv == SECSuccess) {
+ DN = cert_CombineNamesLists(DN, CN);
+ }
+ }
+ PORT_Free(cn);
+ }
+ }
+ if (rv == SECSuccess) {
+ /* TODO: unmark arena */
+ return DN;
+ }
+loser:
+ /* TODO: release arena to mark */
+ return NULL;
+}
+
+/* Returns SECSuccess if name matches constraint per RFC 3280 rules for
+** URI name constraints. SECFailure otherwise.
+** If the constraint begins with a dot, it is a domain name, otherwise
+** It is a host name. Examples:
+** Constraint Name Result
+** ------------ --------------- --------
+** foo.bar.com foo.bar.com matches
+** foo.bar.com FoO.bAr.CoM matches
+** foo.bar.com www.foo.bar.com no match
+** foo.bar.com nofoo.bar.com no match
+** .foo.bar.com www.foo.bar.com matches
+** .foo.bar.com nofoo.bar.com no match
+** .foo.bar.com foo.bar.com no match
+** .foo.bar.com www..foo.bar.com no match
+*/
+static SECStatus
+compareURIN2C(const SECItem *name, const SECItem *constraint)
+{
+ int offset;
+ /* The spec is silent on intepreting zero-length constraints.
+ ** We interpret them as matching no URI names.
+ */
+ if (!constraint->len)
+ return SECFailure;
+ if (constraint->data[0] != '.') {
+ /* constraint is a host name. */
+ if (name->len != constraint->len ||
+ PL_strncasecmp((char *)name->data, (char *)constraint->data,
+ constraint->len))
+ return SECFailure;
+ return SECSuccess;
+ }
+ /* constraint is a domain name. */
+ if (name->len < constraint->len)
+ return SECFailure;
+ offset = name->len - constraint->len;
+ if (PL_strncasecmp((char *)(name->data + offset), (char *)constraint->data,
+ constraint->len))
+ return SECFailure;
+ if (!offset ||
+ (name->data[offset - 1] == '.') + (constraint->data[0] == '.') == 1)
+ return SECSuccess;
+ return SECFailure;
+}
+
+/* for DNSname constraints, RFC 3280 says, (section 4.2.1.11, page 38)
+**
+** DNS name restrictions are expressed as foo.bar.com. Any DNS name
+** that can be constructed by simply adding to the left hand side of the
+** name satisfies the name constraint. For example, www.foo.bar.com
+** would satisfy the constraint but foo1.bar.com would not.
+**
+** But NIST's PKITS test suite requires that the constraint be treated
+** as a domain name, and requires that any name added to the left hand
+** side end in a dot ".". Sensible, but not strictly following the RFC.
+**
+** Constraint Name RFC 3280 NIST PKITS
+** ------------ --------------- -------- ----------
+** foo.bar.com foo.bar.com matches matches
+** foo.bar.com FoO.bAr.CoM matches matches
+** foo.bar.com www.foo.bar.com matches matches
+** foo.bar.com nofoo.bar.com MATCHES NO MATCH
+** .foo.bar.com www.foo.bar.com matches matches? disallowed?
+** .foo.bar.com foo.bar.com no match no match
+** .foo.bar.com www..foo.bar.com matches probably not
+**
+** We will try to conform to NIST's PKITS tests, and the unstated
+** rules they imply.
+*/
+static SECStatus
+compareDNSN2C(const SECItem *name, const SECItem *constraint)
+{
+ int offset;
+ /* The spec is silent on intepreting zero-length constraints.
+ ** We interpret them as matching all DNSnames.
+ */
+ if (!constraint->len)
+ return SECSuccess;
+ if (name->len < constraint->len)
+ return SECFailure;
+ offset = name->len - constraint->len;
+ if (PL_strncasecmp((char *)(name->data + offset), (char *)constraint->data,
+ constraint->len))
+ return SECFailure;
+ if (!offset ||
+ (name->data[offset - 1] == '.') + (constraint->data[0] == '.') == 1)
+ return SECSuccess;
+ return SECFailure;
+}
+
+/* Returns SECSuccess if name matches constraint per RFC 3280 rules for
+** internet email addresses. SECFailure otherwise.
+** If constraint contains a '@' then the two strings much match exactly.
+** Else if constraint starts with a '.'. then it must match the right-most
+** substring of the name,
+** else constraint string must match entire name after the name's '@'.
+** Empty constraint string matches all names. All comparisons case insensitive.
+*/
+static SECStatus
+compareRFC822N2C(const SECItem *name, const SECItem *constraint)
+{
+ int offset;
+ if (!constraint->len)
+ return SECSuccess;
+ if (name->len < constraint->len)
+ return SECFailure;
+ if (constraint->len == 1 && constraint->data[0] == '.')
+ return SECSuccess;
+ for (offset = constraint->len - 1; offset >= 0; --offset) {
+ if (constraint->data[offset] == '@') {
+ return (name->len == constraint->len &&
+ !PL_strncasecmp((char *)name->data,
+ (char *)constraint->data, constraint->len))
+ ? SECSuccess
+ : SECFailure;
+ }
+ }
+ offset = name->len - constraint->len;
+ if (PL_strncasecmp((char *)(name->data + offset), (char *)constraint->data,
+ constraint->len))
+ return SECFailure;
+ if (constraint->data[0] == '.')
+ return SECSuccess;
+ if (offset > 0 && name->data[offset - 1] == '@')
+ return SECSuccess;
+ return SECFailure;
+}
+
+/* name contains either a 4 byte IPv4 address or a 16 byte IPv6 address.
+** constraint contains an address of the same length, and a subnet mask
+** of the same length. Compare name's address to the constraint's
+** address, subject to the mask.
+** Return SECSuccess if they match, SECFailure if they don't.
+*/
+static SECStatus
+compareIPaddrN2C(const SECItem *name, const SECItem *constraint)
+{
+ int i;
+ if (name->len == 4 && constraint->len == 8) { /* ipv4 addr */
+ for (i = 0; i < 4; i++) {
+ if ((name->data[i] ^ constraint->data[i]) & constraint->data[i + 4])
+ goto loser;
+ }
+ return SECSuccess;
+ }
+ if (name->len == 16 && constraint->len == 32) { /* ipv6 addr */
+ for (i = 0; i < 16; i++) {
+ if ((name->data[i] ^ constraint->data[i]) &
+ constraint->data[i + 16])
+ goto loser;
+ }
+ return SECSuccess;
+ }
+loser:
+ return SECFailure;
+}
+
+/* start with a SECItem that points to a URI. Parse it lookingg for
+** a hostname. Modify item->data and item->len to define the hostname,
+** but do not modify and data at item->data.
+** If anything goes wrong, the contents of *item are undefined.
+*/
+static SECStatus
+parseUriHostname(SECItem *item)
+{
+ int i;
+ PRBool found = PR_FALSE;
+ for (i = 0; (unsigned)(i + 2) < item->len; ++i) {
+ if (item->data[i] == ':' && item->data[i + 1] == '/' &&
+ item->data[i + 2] == '/') {
+ i += 3;
+ item->data += i;
+ item->len -= i;
+ found = PR_TRUE;
+ break;
+ }
+ }
+ if (!found)
+ return SECFailure;
+ /* now look for a '/', which is an upper bound in the end of the name */
+ for (i = 0; (unsigned)i < item->len; ++i) {
+ if (item->data[i] == '/') {
+ item->len = i;
+ break;
+ }
+ }
+ /* now look for a ':', which marks the end of the name */
+ for (i = item->len; --i >= 0;) {
+ if (item->data[i] == ':') {
+ item->len = i;
+ break;
+ }
+ }
+ /* now look for an '@', which marks the beginning of the hostname */
+ for (i = 0; (unsigned)i < item->len; ++i) {
+ if (item->data[i] == '@') {
+ ++i;
+ item->data += i;
+ item->len -= i;
+ break;
+ }
+ }
+ return item->len ? SECSuccess : SECFailure;
+}
+
+/* This function takes one name, and a list of constraints.
+** It searches the constraints looking for a match.
+** It returns SECSuccess if the name satisfies the constraints, i.e.,
+** if excluded, then the name does not match any constraint,
+** if permitted, then the name matches at least one constraint.
+** It returns SECFailure if the name fails to satisfy the constraints,
+** or if some code fails (e.g. out of memory, or invalid constraint)
+*/
+SECStatus
+cert_CompareNameWithConstraints(const CERTGeneralName *name,
+ const CERTNameConstraint *constraints,
+ PRBool excluded)
+{
+ SECStatus rv = SECSuccess;
+ SECStatus matched = SECFailure;
+ const CERTNameConstraint *current;
+
+ PORT_Assert(constraints); /* caller should not call with NULL */
+ if (!constraints) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ current = constraints;
+ do {
+ rv = SECSuccess;
+ matched = SECFailure;
+ PORT_Assert(name->type == current->name.type);
+ switch (name->type) {
+
+ case certDNSName:
+ matched =
+ compareDNSN2C(&name->name.other, &current->name.name.other);
+ break;
+
+ case certRFC822Name:
+ matched = compareRFC822N2C(&name->name.other,
+ &current->name.name.other);
+ break;
+
+ case certURI: {
+ /* make a modifiable copy of the URI SECItem. */
+ SECItem uri = name->name.other;
+ /* find the hostname in the URI */
+ rv = parseUriHostname(&uri);
+ if (rv == SECSuccess) {
+ /* does our hostname meet the constraint? */
+ matched = compareURIN2C(&uri, &current->name.name.other);
+ }
+ } break;
+
+ case certDirectoryName:
+ /* Determine if the constraint directory name is a "prefix"
+ ** for the directory name being tested.
+ */
+ {
+ /* status defaults to SECEqual, so that a constraint with
+ ** no AVAs will be a wildcard, matching all directory names.
+ */
+ SECComparison status = SECEqual;
+ const CERTRDN **cRDNs =
+ (const CERTRDN **)current->name.name.directoryName.rdns;
+ const CERTRDN **nRDNs =
+ (const CERTRDN **)name->name.directoryName.rdns;
+ while (cRDNs && *cRDNs && nRDNs && *nRDNs) {
+ /* loop over name RDNs and constraint RDNs in lock step
+ */
+ const CERTRDN *cRDN = *cRDNs++;
+ const CERTRDN *nRDN = *nRDNs++;
+ CERTAVA **cAVAs = cRDN->avas;
+ while (cAVAs &&
+ *cAVAs) { /* loop over constraint AVAs */
+ CERTAVA *cAVA = *cAVAs++;
+ CERTAVA **nAVAs = nRDN->avas;
+ while (nAVAs && *nAVAs) { /* loop over name AVAs */
+ CERTAVA *nAVA = *nAVAs++;
+ status = CERT_CompareAVA(cAVA, nAVA);
+ if (status == SECEqual)
+ break;
+ } /* loop over name AVAs */
+ if (status != SECEqual)
+ break;
+ } /* loop over constraint AVAs */
+ if (status != SECEqual)
+ break;
+ } /* loop over name RDNs and constraint RDNs */
+ matched = (status == SECEqual) ? SECSuccess : SECFailure;
+ break;
+ }
+
+ case certIPAddress: /* type 8 */
+ matched = compareIPaddrN2C(&name->name.other,
+ &current->name.name.other);
+ break;
+
+ /* NSS does not know how to compare these "Other" type names with
+ ** their respective constraints. But it does know how to tell
+ ** if the constraint applies to the type of name (by comparing
+ ** the constraint OID to the name OID). NSS makes no use of "Other"
+ ** type names at all, so NSS errs on the side of leniency for these
+ ** types, provided that their OIDs match. So, when an "Other"
+ ** name constraint appears in an excluded subtree, it never causes
+ ** a name to fail. When an "Other" name constraint appears in a
+ ** permitted subtree, AND the constraint's OID matches the name's
+ ** OID, then name is treated as if it matches the constraint.
+ */
+ case certOtherName: /* type 1 */
+ matched =
+ (!excluded && name->type == current->name.type &&
+ SECITEM_ItemsAreEqual(&name->name.OthName.oid,
+ &current->name.name.OthName.oid))
+ ? SECSuccess
+ : SECFailure;
+ break;
+
+ /* NSS does not know how to compare these types of names with their
+ ** respective constraints. But NSS makes no use of these types of
+ ** names at all, so it errs on the side of leniency for these types.
+ ** Constraints for these types of names never cause the name to
+ ** fail the constraints test. NSS behaves as if the name matched
+ ** for permitted constraints, and did not match for excluded ones.
+ */
+ case certX400Address: /* type 4 */
+ case certEDIPartyName: /* type 6 */
+ case certRegisterID: /* type 9 */
+ matched = excluded ? SECFailure : SECSuccess;
+ break;
+
+ default: /* non-standard types are not supported */
+ rv = SECFailure;
+ break;
+ }
+ if (matched == SECSuccess || rv != SECSuccess)
+ break;
+ current = CERT_GetNextNameConstraint((CERTNameConstraint *)current);
+ } while (current != constraints);
+ if (rv == SECSuccess) {
+ if (matched == SECSuccess)
+ rv = excluded ? SECFailure : SECSuccess;
+ else
+ rv = excluded ? SECSuccess : SECFailure;
+ return rv;
+ }
+
+ return SECFailure;
+}
+
+/* Add and link a CERTGeneralName to a CERTNameConstraint list. Most
+** likely the CERTNameConstraint passed in is either the permitted
+** list or the excluded list of a CERTNameConstraints.
+*/
+SECStatus
+CERT_AddNameConstraintByGeneralName(PLArenaPool *arena,
+ CERTNameConstraint **constraints,
+ CERTGeneralName *name)
+{
+ SECStatus rv;
+ CERTNameConstraint *current = NULL;
+ CERTNameConstraint *first = *constraints;
+ void *mark = NULL;
+
+ mark = PORT_ArenaMark(arena);
+
+ current = PORT_ArenaZNew(arena, CERTNameConstraint);
+ if (current == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ rv = cert_CopyOneGeneralName(arena, &current->name, name);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ current->name.l.prev = current->name.l.next = &(current->name.l);
+
+ if (first == NULL) {
+ *constraints = current;
+ PR_INIT_CLIST(&current->l);
+ } else {
+ PR_INSERT_BEFORE(&current->l, &first->l);
+ }
+
+done:
+ if (rv == SECFailure) {
+ PORT_ArenaRelease(arena, mark);
+ } else {
+ PORT_ArenaUnmark(arena, mark);
+ }
+ return rv;
+}
+
+/*
+ * Here we define a list of name constraints to be imposed on
+ * certain certificates, most importantly root certificates.
+ *
+ * Each entry in the name constraints list is constructed with this
+ * macro. An entry contains two SECItems, which have names in
+ * specific forms to make the macro work:
+ *
+ * * ${CA}_SUBJECT_DN - The subject DN for which the constraints
+ * should be applied
+ * * ${CA}_NAME_CONSTRAINTS - The name constraints extension
+ *
+ * Entities subject to name constraints are identified by subject name
+ * so that we can cover all certificates for that entity, including, e.g.,
+ * cross-certificates. We use subject rather than public key because
+ * calling methods often have easy access to that field (vs., say, a key ID),
+ * and in practice, subject names and public keys are usually in one-to-one
+ * correspondence anyway.
+ *
+ */
+
+#define STRING_TO_SECITEM(str) \
+ { \
+ siBuffer, (unsigned char *)str, sizeof(str) - 1 \
+ }
+
+#define NAME_CONSTRAINTS_ENTRY(CA) \
+ { \
+ STRING_TO_SECITEM(CA##_SUBJECT_DN) \
+ , \
+ STRING_TO_SECITEM(CA##_NAME_CONSTRAINTS) \
+ }
+
+/* clang-format off */
+
+/* Agence Nationale de la Securite des Systemes d'Information (ANSSI) */
+
+#define ANSSI_SUBJECT_DN \
+ "\x30\x81\x85" \
+ "\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02" "FR" /* C */ \
+ "\x31\x0F\x30\x0D\x06\x03\x55\x04\x08\x13\x06" "France" /* ST */ \
+ "\x31\x0E\x30\x0C\x06\x03\x55\x04\x07\x13\x05" "Paris" /* L */ \
+ "\x31\x10\x30\x0E\x06\x03\x55\x04\x0A\x13\x07" "PM/SGDN" /* O */ \
+ "\x31\x0E\x30\x0C\x06\x03\x55\x04\x0B\x13\x05" "DCSSI" /* OU */ \
+ "\x31\x0E\x30\x0C\x06\x03\x55\x04\x03\x13\x05" "IGC/A" /* CN */ \
+ "\x31\x23\x30\x21\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01" \
+ "\x16\x14" "igca@sgdn.pm.gouv.fr" /* emailAddress */ \
+
+#define ANSSI_NAME_CONSTRAINTS \
+ "\x30\x5D\xA0\x5B" \
+ "\x30\x05\x82\x03" ".fr" \
+ "\x30\x05\x82\x03" ".gp" \
+ "\x30\x05\x82\x03" ".gf" \
+ "\x30\x05\x82\x03" ".mq" \
+ "\x30\x05\x82\x03" ".re" \
+ "\x30\x05\x82\x03" ".yt" \
+ "\x30\x05\x82\x03" ".pm" \
+ "\x30\x05\x82\x03" ".bl" \
+ "\x30\x05\x82\x03" ".mf" \
+ "\x30\x05\x82\x03" ".wf" \
+ "\x30\x05\x82\x03" ".pf" \
+ "\x30\x05\x82\x03" ".nc" \
+ "\x30\x05\x82\x03" ".tf"
+
+/* TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 */
+
+#define TUBITAK1_SUBJECT_DN \
+ "\x30\x81\xd2" \
+ "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02" \
+ /* C */ "TR" \
+ "\x31\x18\x30\x16\x06\x03\x55\x04\x07\x13\x0f" \
+ /* L */ "Gebze - Kocaeli" \
+ "\x31\x42\x30\x40\x06\x03\x55\x04\x0a\x13\x39" \
+ /* O */ "Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK" \
+ "\x31\x2d\x30\x2b\x06\x03\x55\x04\x0b\x13\x24" \
+ /* OU */ "Kamu Sertifikasyon Merkezi - Kamu SM" \
+ "\x31\x36\x30\x34\x06\x03\x55\x04\x03\x13\x2d" \
+ /* CN */ "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+
+#define TUBITAK1_NAME_CONSTRAINTS \
+ "\x30\x65\xa0\x63" \
+ "\x30\x09\x82\x07" ".gov.tr" \
+ "\x30\x09\x82\x07" ".k12.tr" \
+ "\x30\x09\x82\x07" ".pol.tr" \
+ "\x30\x09\x82\x07" ".mil.tr" \
+ "\x30\x09\x82\x07" ".tsk.tr" \
+ "\x30\x09\x82\x07" ".kep.tr" \
+ "\x30\x09\x82\x07" ".bel.tr" \
+ "\x30\x09\x82\x07" ".edu.tr" \
+ "\x30\x09\x82\x07" ".org.tr"
+
+/* clang-format on */
+
+static const SECItem builtInNameConstraints[][2] = {
+ NAME_CONSTRAINTS_ENTRY(ANSSI),
+ NAME_CONSTRAINTS_ENTRY(TUBITAK1)
+};
+
+SECStatus
+CERT_GetImposedNameConstraints(const SECItem *derSubject, SECItem *extensions)
+{
+ size_t i;
+
+ if (!extensions) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ for (i = 0; i < PR_ARRAY_SIZE(builtInNameConstraints); ++i) {
+ if (SECITEM_ItemsAreEqual(derSubject, &builtInNameConstraints[i][0])) {
+ return SECITEM_CopyItem(NULL, extensions,
+ &builtInNameConstraints[i][1]);
+ }
+ }
+
+ PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
+ return SECFailure;
+}
+
+/*
+ * Extract the name constraints extension from the CA cert.
+ * If the certificate contains no name constraints extension, but
+ * CERT_GetImposedNameConstraints returns a name constraints extension
+ * for the subject of the certificate, then that extension will be returned.
+ */
+SECStatus
+CERT_FindNameConstraintsExten(PLArenaPool *arena, CERTCertificate *cert,
+ CERTNameConstraints **constraints)
+{
+ SECStatus rv = SECSuccess;
+ SECItem constraintsExtension;
+ void *mark = NULL;
+
+ *constraints = NULL;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_NAME_CONSTRAINTS,
+ &constraintsExtension);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
+ return rv;
+ }
+ rv = CERT_GetImposedNameConstraints(&cert->derSubject,
+ &constraintsExtension);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) {
+ return SECSuccess;
+ }
+ return rv;
+ }
+ }
+
+ mark = PORT_ArenaMark(arena);
+
+ *constraints = cert_DecodeNameConstraints(arena, &constraintsExtension);
+ if (*constraints == NULL) { /* decode failed */
+ rv = SECFailure;
+ }
+ PORT_Free(constraintsExtension.data);
+
+ if (rv == SECFailure) {
+ PORT_ArenaRelease(arena, mark);
+ } else {
+ PORT_ArenaUnmark(arena, mark);
+ }
+
+ return rv;
+}
+
+/* Verify name against all the constraints relevant to that type of
+** the name.
+*/
+SECStatus
+CERT_CheckNameSpace(PLArenaPool *arena, const CERTNameConstraints *constraints,
+ const CERTGeneralName *currentName)
+{
+ CERTNameConstraint *matchingConstraints;
+ SECStatus rv = SECSuccess;
+
+ if (constraints->excluded != NULL) {
+ rv = CERT_GetNameConstraintByType(constraints->excluded,
+ currentName->type,
+ &matchingConstraints, arena);
+ if (rv == SECSuccess && matchingConstraints != NULL) {
+ rv = cert_CompareNameWithConstraints(currentName,
+ matchingConstraints, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ return (rv);
+ }
+ }
+
+ if (constraints->permited != NULL) {
+ rv = CERT_GetNameConstraintByType(constraints->permited,
+ currentName->type,
+ &matchingConstraints, arena);
+ if (rv == SECSuccess && matchingConstraints != NULL) {
+ rv = cert_CompareNameWithConstraints(currentName,
+ matchingConstraints, PR_FALSE);
+ }
+ if (rv != SECSuccess) {
+ return (rv);
+ }
+ }
+
+ return (SECSuccess);
+}
+
+/* Extract the name constraints extension from the CA cert.
+** Test each and every name in namesList against all the constraints
+** relevant to that type of name.
+** Returns NULL in pBadCert for success, if all names are acceptable.
+** If some name is not acceptable, returns a pointer to the cert that
+** contained that name.
+*/
+SECStatus
+CERT_CompareNameSpace(CERTCertificate *cert, CERTGeneralName *namesList,
+ CERTCertificate **certsList, PLArenaPool *reqArena,
+ CERTCertificate **pBadCert)
+{
+ SECStatus rv = SECSuccess;
+ CERTNameConstraints *constraints;
+ CERTGeneralName *currentName;
+ int count = 0;
+ CERTCertificate *badCert = NULL;
+
+ /* If no names to check, then no names can be bad. */
+ if (!namesList)
+ goto done;
+ rv = CERT_FindNameConstraintsExten(reqArena, cert, &constraints);
+ if (rv != SECSuccess) {
+ count = -1;
+ goto done;
+ }
+
+ currentName = namesList;
+ do {
+ if (constraints) {
+ rv = CERT_CheckNameSpace(reqArena, constraints, currentName);
+ if (rv != SECSuccess) {
+ break;
+ }
+ }
+ currentName = CERT_GetNextGeneralName(currentName);
+ count++;
+ } while (currentName != namesList);
+
+done:
+ if (rv != SECSuccess) {
+ badCert = (count >= 0) ? certsList[count] : cert;
+ }
+ if (pBadCert)
+ *pBadCert = badCert;
+
+ return rv;
+}
+
+#if 0
+/* not exported from shared libs, not used. Turn on if we ever need it. */
+SECStatus
+CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b)
+{
+ CERTGeneralName *currentA;
+ CERTGeneralName *currentB;
+ PRBool found;
+
+ currentA = a;
+ currentB = b;
+ if (a != NULL) {
+ do {
+ if (currentB == NULL) {
+ return SECFailure;
+ }
+ currentB = CERT_GetNextGeneralName(currentB);
+ currentA = CERT_GetNextGeneralName(currentA);
+ } while (currentA != a);
+ }
+ if (currentB != b) {
+ return SECFailure;
+ }
+ currentA = a;
+ do {
+ currentB = b;
+ found = PR_FALSE;
+ do {
+ if (currentB->type == currentA->type) {
+ switch (currentB->type) {
+ case certDNSName:
+ case certEDIPartyName:
+ case certIPAddress:
+ case certRegisterID:
+ case certRFC822Name:
+ case certX400Address:
+ case certURI:
+ if (SECITEM_CompareItem(&currentA->name.other,
+ &currentB->name.other)
+ == SECEqual) {
+ found = PR_TRUE;
+ }
+ break;
+ case certOtherName:
+ if (SECITEM_CompareItem(&currentA->name.OthName.oid,
+ &currentB->name.OthName.oid)
+ == SECEqual &&
+ SECITEM_CompareItem(&currentA->name.OthName.name,
+ &currentB->name.OthName.name)
+ == SECEqual) {
+ found = PR_TRUE;
+ }
+ break;
+ case certDirectoryName:
+ if (CERT_CompareName(&currentA->name.directoryName,
+ &currentB->name.directoryName)
+ == SECEqual) {
+ found = PR_TRUE;
+ }
+ }
+
+ }
+ currentB = CERT_GetNextGeneralName(currentB);
+ } while (currentB != b && found != PR_TRUE);
+ if (found != PR_TRUE) {
+ return SECFailure;
+ }
+ currentA = CERT_GetNextGeneralName(currentA);
+ } while (currentA != a);
+ return SECSuccess;
+}
+
+SECStatus
+CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b)
+{
+ SECStatus rv;
+
+ if (a == b) {
+ return SECSuccess;
+ }
+ if (a != NULL && b != NULL) {
+ PZ_Lock(a->lock);
+ PZ_Lock(b->lock);
+ rv = CERT_CompareGeneralName(a->name, b->name);
+ PZ_Unlock(a->lock);
+ PZ_Unlock(b->lock);
+ } else {
+ rv = SECFailure;
+ }
+ return rv;
+}
+#endif
+
+#if 0
+/* This function is not exported from NSS shared libraries, and is not
+** used inside of NSS.
+** XXX it doesn't check for failed allocations. :-(
+*/
+void *
+CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
+ CERTGeneralNameType type,
+ PLArenaPool *arena)
+{
+ CERTName *name = NULL;
+ SECItem *item = NULL;
+ OtherName *other = NULL;
+ OtherName *tmpOther = NULL;
+ void *data;
+
+ PZ_Lock(list->lock);
+ data = CERT_GetGeneralNameByType(list->name, type, PR_FALSE);
+ if (data != NULL) {
+ switch (type) {
+ case certDNSName:
+ case certEDIPartyName:
+ case certIPAddress:
+ case certRegisterID:
+ case certRFC822Name:
+ case certX400Address:
+ case certURI:
+ if (arena != NULL) {
+ item = PORT_ArenaNew(arena, SECItem);
+ if (item != NULL) {
+XXX SECITEM_CopyItem(arena, item, (SECItem *) data);
+ }
+ } else {
+ item = SECITEM_DupItem((SECItem *) data);
+ }
+ PZ_Unlock(list->lock);
+ return item;
+ case certOtherName:
+ other = (OtherName *) data;
+ if (arena != NULL) {
+ tmpOther = PORT_ArenaNew(arena, OtherName);
+ } else {
+ tmpOther = PORT_New(OtherName);
+ }
+ if (tmpOther != NULL) {
+XXX SECITEM_CopyItem(arena, &tmpOther->oid, &other->oid);
+XXX SECITEM_CopyItem(arena, &tmpOther->name, &other->name);
+ }
+ PZ_Unlock(list->lock);
+ return tmpOther;
+ case certDirectoryName:
+ if (arena) {
+ name = PORT_ArenaZNew(list->arena, CERTName);
+ if (name) {
+XXX CERT_CopyName(arena, name, (CERTName *) data);
+ }
+ }
+ PZ_Unlock(list->lock);
+ return name;
+ }
+ }
+ PZ_Unlock(list->lock);
+ return NULL;
+}
+#endif
+
+#if 0
+/* This function is not exported from NSS shared libraries, and is not
+** used inside of NSS.
+** XXX it should NOT be a void function, since it does allocations
+** that can fail.
+*/
+void
+CERT_AddGeneralNameToList(CERTGeneralNameList *list,
+ CERTGeneralNameType type,
+ void *data, SECItem *oid)
+{
+ CERTGeneralName *name;
+
+ if (list != NULL && data != NULL) {
+ PZ_Lock(list->lock);
+ name = CERT_NewGeneralName(list->arena, type);
+ if (!name)
+ goto done;
+ switch (type) {
+ case certDNSName:
+ case certEDIPartyName:
+ case certIPAddress:
+ case certRegisterID:
+ case certRFC822Name:
+ case certX400Address:
+ case certURI:
+XXX SECITEM_CopyItem(list->arena, &name->name.other, (SECItem *)data);
+ break;
+ case certOtherName:
+XXX SECITEM_CopyItem(list->arena, &name->name.OthName.name,
+ (SECItem *) data);
+XXX SECITEM_CopyItem(list->arena, &name->name.OthName.oid,
+ oid);
+ break;
+ case certDirectoryName:
+XXX CERT_CopyName(list->arena, &name->name.directoryName,
+ (CERTName *) data);
+ break;
+ }
+ list->name = cert_CombineNamesLists(list->name, name);
+ list->len++;
+done:
+ PZ_Unlock(list->lock);
+ }
+ return;
+}
+#endif
diff --git a/security/nss/lib/certdb/genname.h b/security/nss/lib/certdb/genname.h
new file mode 100644
index 000000000..582415710
--- /dev/null
+++ b/security/nss/lib/certdb/genname.h
@@ -0,0 +1,93 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _GENAME_H_
+#define _GENAME_H_
+
+#include "plarena.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "certt.h"
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+extern const SEC_ASN1Template CERT_GeneralNamesTemplate[];
+
+extern SECItem **cert_EncodeGeneralNames(PLArenaPool *arena,
+ CERTGeneralName *names);
+
+extern CERTGeneralName *cert_DecodeGeneralNames(PLArenaPool *arena,
+ SECItem **encodedGenName);
+
+extern SECStatus cert_DestroyGeneralNames(CERTGeneralName *name);
+
+extern SECStatus cert_EncodeNameConstraints(CERTNameConstraints *constraints,
+ PLArenaPool *arena, SECItem *dest);
+
+extern CERTNameConstraints *cert_DecodeNameConstraints(
+ PLArenaPool *arena, const SECItem *encodedConstraints);
+
+extern CERTGeneralName *cert_CombineNamesLists(CERTGeneralName *list1,
+ CERTGeneralName *list2);
+
+extern CERTNameConstraint *cert_CombineConstraintsLists(
+ CERTNameConstraint *list1, CERTNameConstraint *list2);
+
+/*********************************************************************/
+/* A thread safe implementation of General Names */
+/*********************************************************************/
+
+/* Destroy a Single CERTGeneralName */
+void CERT_DestroyGeneralName(CERTGeneralName *name);
+
+SECStatus CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b);
+
+SECStatus CERT_CopyGeneralName(PLArenaPool *arena, CERTGeneralName *dest,
+ CERTGeneralName *src);
+
+/* General Name Lists are a thread safe, reference counting layer to
+ * general names */
+
+/* Destroys a CERTGeneralNameList */
+void CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
+
+/* Creates a CERTGeneralNameList */
+CERTGeneralNameList *CERT_CreateGeneralNameList(CERTGeneralName *name);
+
+/* Compares two CERTGeneralNameList */
+SECStatus CERT_CompareGeneralNameLists(CERTGeneralNameList *a,
+ CERTGeneralNameList *b);
+
+/* returns a copy of the first name of the type requested */
+void *CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
+ CERTGeneralNameType type,
+ PLArenaPool *arena);
+
+/* Adds a name to the tail of the list */
+void CERT_AddGeneralNameToList(CERTGeneralNameList *list,
+ CERTGeneralNameType type, void *data,
+ SECItem *oid);
+
+/* returns a duplicate of the CERTGeneralNameList */
+CERTGeneralNameList *CERT_DupGeneralNameList(CERTGeneralNameList *list);
+
+/* returns the number of CERTGeneralName objects in the doubly linked
+** list of which *names is a member.
+*/
+extern int CERT_GetNamesLength(CERTGeneralName *names);
+
+/************************************************************************/
+
+SECStatus CERT_CompareNameSpace(CERTCertificate *cert,
+ CERTGeneralName *namesList,
+ CERTCertificate **certsList,
+ PLArenaPool *reqArena,
+ CERTCertificate **pBadCert);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/certdb/manifest.mn b/security/nss/lib/certdb/manifest.mn
new file mode 100644
index 000000000..28548f467
--- /dev/null
+++ b/security/nss/lib/certdb/manifest.mn
@@ -0,0 +1,40 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ cert.h \
+ certt.h \
+ certdb.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ genname.h \
+ xconst.h \
+ certxutl.h \
+ certi.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ alg1485.c \
+ certdb.c \
+ certv3.c \
+ certxutl.c \
+ crl.c \
+ genname.c \
+ stanpcertdb.c \
+ polcyxtn.c \
+ secname.c \
+ xauthkid.c \
+ xbsconst.c \
+ xconst.c \
+ $(NULL)
+
+LIBRARY_NAME = certdb
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/certdb/polcyxtn.c b/security/nss/lib/certdb/polcyxtn.c
new file mode 100644
index 000000000..aae34e243
--- /dev/null
+++ b/security/nss/lib/certdb/polcyxtn.c
@@ -0,0 +1,806 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support for various policy related extensions
+ */
+
+#include "seccomon.h"
+#include "secport.h"
+#include "secder.h"
+#include "cert.h"
+#include "secoid.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "nspr.h"
+
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_ObjectIDTemplate)
+
+const SEC_ASN1Template CERT_DisplayTextTypeTemplate[] = {
+ { SEC_ASN1_CHOICE, offsetof(SECItem, type), 0, sizeof(SECItem) },
+ { SEC_ASN1_IA5_STRING, 0, 0, siAsciiString },
+ { SEC_ASN1_VISIBLE_STRING, 0, 0, siVisibleString },
+ { SEC_ASN1_BMP_STRING, 0, 0, siBMPString },
+ { SEC_ASN1_UTF8_STRING, 0, 0, siUTF8String },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_NoticeReferenceTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNoticeReference) },
+ { SEC_ASN1_INLINE, offsetof(CERTNoticeReference, organization),
+ CERT_DisplayTextTypeTemplate, 0 },
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN,
+ offsetof(CERTNoticeReference, noticeNumbers),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_UserNoticeTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTUserNotice) },
+ { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL,
+ offsetof(CERTUserNotice, noticeReference), CERT_NoticeReferenceTemplate,
+ 0 },
+ { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL,
+ offsetof(CERTUserNotice, displayText), CERT_DisplayTextTypeTemplate, 0 },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_PolicyQualifierTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPolicyQualifier) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyQualifier, qualifierID) },
+ { SEC_ASN1_ANY, offsetof(CERTPolicyQualifier, qualifierValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_PolicyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPolicyInfo) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyInfo, policyID) },
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_OPTIONAL,
+ offsetof(CERTPolicyInfo, policyQualifiers),
+ CERT_PolicyQualifierTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_CertificatePoliciesTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, offsetof(CERTCertificatePolicies, policyInfos),
+ CERT_PolicyInfoTemplate, sizeof(CERTCertificatePolicies) }
+};
+
+const SEC_ASN1Template CERT_PolicyMapTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPolicyMap) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyMap, issuerDomainPolicy) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTPolicyMap, subjectDomainPolicy) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_PolicyMappingsTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, offsetof(CERTCertificatePolicyMappings, policyMaps),
+ CERT_PolicyMapTemplate, sizeof(CERTPolicyMap) }
+};
+
+const SEC_ASN1Template CERT_PolicyConstraintsTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTCertificatePolicyConstraints) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(CERTCertificatePolicyConstraints, explicitPolicySkipCerts),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(CERTCertificatePolicyConstraints, inhibitMappingSkipCerts),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_InhibitAnyTemplate[] = {
+ { SEC_ASN1_INTEGER,
+ offsetof(CERTCertificateInhibitAny, inhibitAnySkipCerts), NULL,
+ sizeof(CERTCertificateInhibitAny) }
+};
+
+static void
+breakLines(char *string)
+{
+ char *tmpstr;
+ char *lastspace = NULL;
+ int curlen = 0;
+ int c;
+
+ tmpstr = string;
+
+ while ((c = *tmpstr) != '\0') {
+ switch (c) {
+ case ' ':
+ lastspace = tmpstr;
+ break;
+ case '\n':
+ lastspace = NULL;
+ curlen = 0;
+ break;
+ }
+
+ if ((curlen >= 55) && (lastspace != NULL)) {
+ *lastspace = '\n';
+ curlen = (tmpstr - lastspace);
+ lastspace = NULL;
+ }
+
+ curlen++;
+ tmpstr++;
+ }
+
+ return;
+}
+
+CERTCertificatePolicies *
+CERT_DecodeCertificatePoliciesExtension(const SECItem *extnValue)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ CERTCertificatePolicies *policies;
+ CERTPolicyInfo **policyInfos, *policyInfo;
+ CERTPolicyQualifier **policyQualifiers, *policyQualifier;
+ SECItem newExtnValue;
+
+ /* make a new arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ goto loser;
+ }
+
+ /* allocate the certificate policies structure */
+ policies = (CERTCertificatePolicies *)PORT_ArenaZAlloc(
+ arena, sizeof(CERTCertificatePolicies));
+
+ if (policies == NULL) {
+ goto loser;
+ }
+
+ policies->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* decode the policy info */
+ rv = SEC_QuickDERDecodeItem(
+ arena, policies, CERT_CertificatePoliciesTemplate, &newExtnValue);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* initialize the oid tags */
+ policyInfos = policies->policyInfos;
+ while (*policyInfos != NULL) {
+ policyInfo = *policyInfos;
+ policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);
+ policyQualifiers = policyInfo->policyQualifiers;
+ while (policyQualifiers != NULL && *policyQualifiers != NULL) {
+ policyQualifier = *policyQualifiers;
+ policyQualifier->oid =
+ SECOID_FindOIDTag(&policyQualifier->qualifierID);
+ policyQualifiers++;
+ }
+ policyInfos++;
+ }
+
+ return (policies);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+void
+CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies)
+{
+ if (policies != NULL) {
+ PORT_FreeArena(policies->arena, PR_FALSE);
+ }
+ return;
+}
+
+CERTCertificatePolicyMappings *
+CERT_DecodePolicyMappingsExtension(SECItem *extnValue)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ CERTCertificatePolicyMappings *mappings;
+ SECItem newExtnValue;
+
+ /* make a new arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ goto loser;
+ }
+
+ /* allocate the policy mappings structure */
+ mappings = (CERTCertificatePolicyMappings *)PORT_ArenaZAlloc(
+ arena, sizeof(CERTCertificatePolicyMappings));
+ if (mappings == NULL) {
+ goto loser;
+ }
+ mappings->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* decode the policy mappings */
+ rv = SEC_QuickDERDecodeItem(arena, mappings, CERT_PolicyMappingsTemplate,
+ &newExtnValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return (mappings);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+SECStatus
+CERT_DestroyPolicyMappingsExtension(CERTCertificatePolicyMappings *mappings)
+{
+ if (mappings != NULL) {
+ PORT_FreeArena(mappings->arena, PR_FALSE);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CERT_DecodePolicyConstraintsExtension(
+ CERTCertificatePolicyConstraints *decodedValue, const SECItem *encodedValue)
+{
+ CERTCertificatePolicyConstraints decodeContext;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+
+ /* initialize so we can tell when an optional component is omitted */
+ PORT_Memset(&decodeContext, 0, sizeof(decodeContext));
+
+ /* make a new arena */
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (!arena) {
+ return SECFailure;
+ }
+
+ do {
+ /* decode the policy constraints */
+ rv = SEC_QuickDERDecodeItem(arena, &decodeContext,
+ CERT_PolicyConstraintsTemplate,
+ encodedValue);
+
+ if (rv != SECSuccess) {
+ break;
+ }
+
+ if (decodeContext.explicitPolicySkipCerts.len == 0) {
+ *(PRInt32 *)decodedValue->explicitPolicySkipCerts.data = -1;
+ } else {
+ *(PRInt32 *)decodedValue->explicitPolicySkipCerts.data =
+ DER_GetInteger(&decodeContext.explicitPolicySkipCerts);
+ }
+
+ if (decodeContext.inhibitMappingSkipCerts.len == 0) {
+ *(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data = -1;
+ } else {
+ *(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data =
+ DER_GetInteger(&decodeContext.inhibitMappingSkipCerts);
+ }
+
+ if ((*(PRInt32 *)decodedValue->explicitPolicySkipCerts.data ==
+ PR_INT32_MIN) ||
+ (*(PRInt32 *)decodedValue->explicitPolicySkipCerts.data ==
+ PR_INT32_MAX) ||
+ (*(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data ==
+ PR_INT32_MIN) ||
+ (*(PRInt32 *)decodedValue->inhibitMappingSkipCerts.data ==
+ PR_INT32_MAX)) {
+ rv = SECFailure;
+ }
+
+ } while (0);
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (rv);
+}
+
+SECStatus
+CERT_DecodeInhibitAnyExtension(CERTCertificateInhibitAny *decodedValue,
+ SECItem *encodedValue)
+{
+ CERTCertificateInhibitAny decodeContext;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+
+ /* make a new arena */
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (!arena) {
+ return SECFailure;
+ }
+
+ do {
+
+ /* decode the policy mappings */
+ decodeContext.inhibitAnySkipCerts.type = siUnsignedInteger;
+ rv = SEC_QuickDERDecodeItem(arena, &decodeContext,
+ CERT_InhibitAnyTemplate, encodedValue);
+
+ if (rv != SECSuccess) {
+ break;
+ }
+
+ *(PRInt32 *)decodedValue->inhibitAnySkipCerts.data =
+ DER_GetInteger(&decodeContext.inhibitAnySkipCerts);
+
+ } while (0);
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (rv);
+}
+
+CERTUserNotice *
+CERT_DecodeUserNotice(SECItem *noticeItem)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ CERTUserNotice *userNotice;
+ SECItem newNoticeItem;
+
+ /* make a new arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ goto loser;
+ }
+
+ /* allocate the userNotice structure */
+ userNotice =
+ (CERTUserNotice *)PORT_ArenaZAlloc(arena, sizeof(CERTUserNotice));
+
+ if (userNotice == NULL) {
+ goto loser;
+ }
+
+ userNotice->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newNoticeItem, noticeItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* decode the user notice */
+ rv = SEC_QuickDERDecodeItem(arena, userNotice, CERT_UserNoticeTemplate,
+ &newNoticeItem);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (userNotice->derNoticeReference.data != NULL) {
+
+ rv = SEC_QuickDERDecodeItem(arena, &userNotice->noticeReference,
+ CERT_NoticeReferenceTemplate,
+ &userNotice->derNoticeReference);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ }
+
+ return (userNotice);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+void
+CERT_DestroyUserNotice(CERTUserNotice *userNotice)
+{
+ if (userNotice != NULL) {
+ PORT_FreeArena(userNotice->arena, PR_FALSE);
+ }
+ return;
+}
+
+static CERTPolicyStringCallback policyStringCB = NULL;
+static void *policyStringCBArg = NULL;
+
+void
+CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg)
+{
+ policyStringCB = cb;
+ policyStringCBArg = cbarg;
+ return;
+}
+
+char *
+stringFromUserNotice(SECItem *noticeItem)
+{
+ SECItem *org;
+ unsigned int len, headerlen;
+ char *stringbuf;
+ CERTUserNotice *userNotice;
+ char *policystr;
+ char *retstr = NULL;
+ SECItem *displayText;
+ SECItem **noticeNumbers;
+ unsigned int strnum;
+
+ /* decode the user notice */
+ userNotice = CERT_DecodeUserNotice(noticeItem);
+ if (userNotice == NULL) {
+ return (NULL);
+ }
+
+ org = &userNotice->noticeReference.organization;
+ if ((org->len != 0) && (policyStringCB != NULL)) {
+ /* has a noticeReference */
+
+ /* extract the org string */
+ len = org->len;
+ stringbuf = (char *)PORT_Alloc(len + 1);
+ if (stringbuf != NULL) {
+ PORT_Memcpy(stringbuf, org->data, len);
+ stringbuf[len] = '\0';
+
+ noticeNumbers = userNotice->noticeReference.noticeNumbers;
+ while (*noticeNumbers != NULL) {
+ /* XXX - only one byte integers right now*/
+ strnum = (*noticeNumbers)->data[0];
+ policystr =
+ (*policyStringCB)(stringbuf, strnum, policyStringCBArg);
+ if (policystr != NULL) {
+ if (retstr != NULL) {
+ retstr = PR_sprintf_append(retstr, "\n%s", policystr);
+ } else {
+ retstr = PR_sprintf_append(retstr, "%s", policystr);
+ }
+
+ PORT_Free(policystr);
+ }
+
+ noticeNumbers++;
+ }
+
+ PORT_Free(stringbuf);
+ }
+ }
+
+ if (retstr == NULL) {
+ if (userNotice->displayText.len != 0) {
+ displayText = &userNotice->displayText;
+
+ if (displayText->len > 2) {
+ if (displayText->data[0] == SEC_ASN1_VISIBLE_STRING) {
+ headerlen = 2;
+ if (displayText->data[1] & 0x80) {
+ /* multibyte length */
+ headerlen += (displayText->data[1] & 0x7f);
+ }
+
+ len = displayText->len - headerlen;
+ retstr = (char *)PORT_Alloc(len + 1);
+ if (retstr != NULL) {
+ PORT_Memcpy(retstr, &displayText->data[headerlen], len);
+ retstr[len] = '\0';
+ }
+ }
+ }
+ }
+ }
+
+ CERT_DestroyUserNotice(userNotice);
+
+ return (retstr);
+}
+
+char *
+CERT_GetCertCommentString(CERTCertificate *cert)
+{
+ char *retstring = NULL;
+ SECStatus rv;
+ SECItem policyItem;
+ CERTCertificatePolicies *policies = NULL;
+ CERTPolicyInfo **policyInfos;
+ CERTPolicyQualifier **policyQualifiers, *qualifier;
+
+ policyItem.data = NULL;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES,
+ &policyItem);
+ if (rv != SECSuccess) {
+ goto nopolicy;
+ }
+
+ policies = CERT_DecodeCertificatePoliciesExtension(&policyItem);
+ if (policies == NULL) {
+ goto nopolicy;
+ }
+
+ policyInfos = policies->policyInfos;
+ /* search through policyInfos looking for the verisign policy */
+ while (*policyInfos != NULL) {
+ if ((*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES) {
+ policyQualifiers = (*policyInfos)->policyQualifiers;
+ /* search through the policy qualifiers looking for user notice */
+ while (policyQualifiers != NULL && *policyQualifiers != NULL) {
+ qualifier = *policyQualifiers;
+ if (qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER) {
+ retstring =
+ stringFromUserNotice(&qualifier->qualifierValue);
+ break;
+ }
+
+ policyQualifiers++;
+ }
+ break;
+ }
+ policyInfos++;
+ }
+
+nopolicy:
+ if (policyItem.data != NULL) {
+ PORT_Free(policyItem.data);
+ }
+
+ if (policies != NULL) {
+ CERT_DestroyCertificatePoliciesExtension(policies);
+ }
+
+ if (retstring == NULL) {
+ retstring =
+ CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_COMMENT);
+ }
+
+ if (retstring != NULL) {
+ breakLines(retstring);
+ }
+
+ return (retstring);
+}
+
+const SEC_ASN1Template CERT_OidSeqTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, offsetof(CERTOidSequence, oids),
+ SEC_ASN1_SUB(SEC_ObjectIDTemplate) }
+};
+
+CERTOidSequence *
+CERT_DecodeOidSequence(const SECItem *seqItem)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ CERTOidSequence *oidSeq;
+ SECItem newSeqItem;
+
+ /* make a new arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ goto loser;
+ }
+
+ /* allocate the userNotice structure */
+ oidSeq =
+ (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
+
+ if (oidSeq == NULL) {
+ goto loser;
+ }
+
+ oidSeq->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newSeqItem, seqItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* decode the user notice */
+ rv =
+ SEC_QuickDERDecodeItem(arena, oidSeq, CERT_OidSeqTemplate, &newSeqItem);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return (oidSeq);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return (NULL);
+}
+
+void
+CERT_DestroyOidSequence(CERTOidSequence *oidSeq)
+{
+ if (oidSeq != NULL) {
+ PORT_FreeArena(oidSeq->arena, PR_FALSE);
+ }
+ return;
+}
+
+PRBool
+CERT_GovtApprovedBitSet(CERTCertificate *cert)
+{
+ SECStatus rv;
+ SECItem extItem;
+ CERTOidSequence *oidSeq = NULL;
+ PRBool ret;
+ SECItem **oids;
+ SECItem *oid;
+ SECOidTag oidTag;
+
+ extItem.data = NULL;
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ oidSeq = CERT_DecodeOidSequence(&extItem);
+ if (oidSeq == NULL) {
+ goto loser;
+ }
+
+ oids = oidSeq->oids;
+ while (oids != NULL && *oids != NULL) {
+ oid = *oids;
+
+ oidTag = SECOID_FindOIDTag(oid);
+
+ if (oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED) {
+ goto success;
+ }
+
+ oids++;
+ }
+
+loser:
+ ret = PR_FALSE;
+ goto done;
+success:
+ ret = PR_TRUE;
+done:
+ if (oidSeq != NULL) {
+ CERT_DestroyOidSequence(oidSeq);
+ }
+ if (extItem.data != NULL) {
+ PORT_Free(extItem.data);
+ }
+ return (ret);
+}
+
+SECStatus
+CERT_EncodePolicyConstraintsExtension(PLArenaPool *arena,
+ CERTCertificatePolicyConstraints *constr,
+ SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(constr != NULL && dest != NULL);
+ if (constr == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, dest, constr,
+ CERT_PolicyConstraintsTemplate) == NULL) {
+ rv = SECFailure;
+ }
+ return (rv);
+}
+
+SECStatus
+CERT_EncodePolicyMappingExtension(PLArenaPool *arena,
+ CERTCertificatePolicyMappings *mapping,
+ SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(mapping != NULL && dest != NULL);
+ if (mapping == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, dest, mapping, CERT_PolicyMappingsTemplate) ==
+ NULL) {
+ rv = SECFailure;
+ }
+ return (rv);
+}
+
+SECStatus
+CERT_EncodeCertPoliciesExtension(PLArenaPool *arena, CERTPolicyInfo **info,
+ SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(info != NULL && dest != NULL);
+ if (info == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, dest, info,
+ CERT_CertificatePoliciesTemplate) == NULL) {
+ rv = SECFailure;
+ }
+ return (rv);
+}
+
+SECStatus
+CERT_EncodeUserNotice(PLArenaPool *arena, CERTUserNotice *notice, SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(notice != NULL && dest != NULL);
+ if (notice == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, dest, notice, CERT_UserNoticeTemplate) ==
+ NULL) {
+ rv = SECFailure;
+ }
+
+ return (rv);
+}
+
+SECStatus
+CERT_EncodeNoticeReference(PLArenaPool *arena, CERTNoticeReference *reference,
+ SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(reference != NULL && dest != NULL);
+ if (reference == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, dest, reference,
+ CERT_NoticeReferenceTemplate) == NULL) {
+ rv = SECFailure;
+ }
+
+ return (rv);
+}
+
+SECStatus
+CERT_EncodeInhibitAnyExtension(PLArenaPool *arena,
+ CERTCertificateInhibitAny *certInhibitAny,
+ SECItem *dest)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(certInhibitAny != NULL && dest != NULL);
+ if (certInhibitAny == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, dest, certInhibitAny,
+ CERT_InhibitAnyTemplate) == NULL) {
+ rv = SECFailure;
+ }
+ return (rv);
+}
diff --git a/security/nss/lib/certdb/secname.c b/security/nss/lib/certdb/secname.c
new file mode 100644
index 000000000..6d3e9d372
--- /dev/null
+++ b/security/nss/lib/certdb/secname.c
@@ -0,0 +1,711 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "secoid.h"
+#include "secder.h" /* XXX remove this when remove the DERTemplates */
+#include "secasn1.h"
+#include "secitem.h"
+#include <stdarg.h>
+#include "secerr.h"
+#include "certi.h"
+
+static const SEC_ASN1Template cert_AVATemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAVA) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTAVA, type) },
+ { SEC_ASN1_ANY, offsetof(CERTAVA, value) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_RDNTemplate[] = {
+ { SEC_ASN1_SET_OF, offsetof(CERTRDN, avas), cert_AVATemplate,
+ sizeof(CERTRDN) }
+};
+
+static int
+CountArray(void **array)
+{
+ int count = 0;
+ if (array) {
+ while (*array++) {
+ count++;
+ }
+ }
+ return count;
+}
+
+static void **
+AddToArray(PLArenaPool *arena, void **array, void *element)
+{
+ unsigned count;
+ void **ap;
+
+ /* Count up number of slots already in use in the array */
+ count = 0;
+ ap = array;
+ if (ap) {
+ while (*ap++) {
+ count++;
+ }
+ }
+
+ if (array) {
+ array =
+ (void **)PORT_ArenaGrow(arena, array, (count + 1) * sizeof(void *),
+ (count + 2) * sizeof(void *));
+ } else {
+ array = (void **)PORT_ArenaAlloc(arena, (count + 2) * sizeof(void *));
+ }
+ if (array) {
+ array[count] = element;
+ array[count + 1] = 0;
+ }
+ return array;
+}
+
+SECOidTag
+CERT_GetAVATag(CERTAVA *ava)
+{
+ SECOidData *oid;
+ if (!ava->type.data)
+ return (SECOidTag)-1;
+
+ oid = SECOID_FindOID(&ava->type);
+
+ if (oid) {
+ return (oid->offset);
+ }
+ return (SECOidTag)-1;
+}
+
+static SECStatus
+SetupAVAType(PLArenaPool *arena, SECOidTag type, SECItem *it, unsigned *maxLenp)
+{
+ unsigned char *oid;
+ unsigned oidLen;
+ unsigned char *cp;
+ int maxLen;
+ SECOidData *oidrec;
+
+ oidrec = SECOID_FindOIDByTag(type);
+ if (oidrec == NULL)
+ return SECFailure;
+
+ oid = oidrec->oid.data;
+ oidLen = oidrec->oid.len;
+
+ maxLen = cert_AVAOidTagToMaxLen(type);
+ if (maxLen < 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ it->data = cp = (unsigned char *)PORT_ArenaAlloc(arena, oidLen);
+ if (cp == NULL) {
+ return SECFailure;
+ }
+ it->len = oidLen;
+ PORT_Memcpy(cp, oid, oidLen);
+ *maxLenp = (unsigned)maxLen;
+ return SECSuccess;
+}
+
+static SECStatus
+SetupAVAValue(PLArenaPool *arena, int valueType, const SECItem *in,
+ SECItem *out, unsigned maxLen)
+{
+ PRUint8 *value, *cp, *ucs4Val;
+ unsigned valueLen, valueLenLen, total;
+ unsigned ucs4Len = 0, ucs4MaxLen;
+
+ value = in->data;
+ valueLen = in->len;
+ switch (valueType) {
+ case SEC_ASN1_PRINTABLE_STRING:
+ case SEC_ASN1_IA5_STRING:
+ case SEC_ASN1_T61_STRING:
+ case SEC_ASN1_UTF8_STRING: /* no conversion required */
+ break;
+ case SEC_ASN1_UNIVERSAL_STRING:
+ ucs4MaxLen = valueLen * 6;
+ ucs4Val = (PRUint8 *)PORT_ArenaZAlloc(arena, ucs4MaxLen);
+ if (!ucs4Val ||
+ !PORT_UCS4_UTF8Conversion(PR_TRUE, value, valueLen, ucs4Val,
+ ucs4MaxLen, &ucs4Len)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ value = ucs4Val;
+ valueLen = ucs4Len;
+ maxLen *= 4;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (valueLen > maxLen) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ valueLenLen = DER_LengthLength(valueLen);
+ total = 1 + valueLenLen + valueLen;
+ cp = (PRUint8 *)PORT_ArenaAlloc(arena, total);
+ if (!cp) {
+ return SECFailure;
+ }
+ out->data = cp;
+ out->len = total;
+ cp = (PRUint8 *)DER_StoreHeader(cp, valueType, valueLen);
+ PORT_Memcpy(cp, value, valueLen);
+ return SECSuccess;
+}
+
+CERTAVA *
+CERT_CreateAVAFromRaw(PLArenaPool *pool, const SECItem *OID,
+ const SECItem *value)
+{
+ CERTAVA *ava;
+ int rv;
+
+ ava = PORT_ArenaZNew(pool, CERTAVA);
+ if (ava) {
+ rv = SECITEM_CopyItem(pool, &ava->type, OID);
+ if (rv)
+ return NULL;
+
+ rv = SECITEM_CopyItem(pool, &ava->value, value);
+ if (rv)
+ return NULL;
+ }
+ return ava;
+}
+
+CERTAVA *
+CERT_CreateAVAFromSECItem(PLArenaPool *arena, SECOidTag kind, int valueType,
+ SECItem *value)
+{
+ CERTAVA *ava;
+ int rv;
+ unsigned maxLen;
+
+ ava = (CERTAVA *)PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
+ if (ava) {
+ rv = SetupAVAType(arena, kind, &ava->type, &maxLen);
+ if (rv) {
+ /* Illegal AVA type */
+ return NULL;
+ }
+ rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen);
+ if (rv) {
+ /* Illegal value type */
+ return NULL;
+ }
+ }
+ return ava;
+}
+
+CERTAVA *
+CERT_CreateAVA(PLArenaPool *arena, SECOidTag kind, int valueType, char *value)
+{
+ SECItem item = { siBuffer, NULL, 0 };
+
+ item.data = (PRUint8 *)value;
+ item.len = PORT_Strlen(value);
+
+ return CERT_CreateAVAFromSECItem(arena, kind, valueType, &item);
+}
+
+CERTAVA *
+CERT_CopyAVA(PLArenaPool *arena, CERTAVA *from)
+{
+ CERTAVA *ava;
+ int rv;
+
+ ava = (CERTAVA *)PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
+ if (ava) {
+ rv = SECITEM_CopyItem(arena, &ava->type, &from->type);
+ if (rv)
+ goto loser;
+ rv = SECITEM_CopyItem(arena, &ava->value, &from->value);
+ if (rv)
+ goto loser;
+ }
+ return ava;
+
+loser:
+ return 0;
+}
+
+CERTRDN *
+CERT_CreateRDN(PLArenaPool *arena, CERTAVA *ava0, ...)
+{
+ CERTAVA *ava;
+ CERTRDN *rdn;
+ va_list ap;
+ unsigned count;
+ CERTAVA **avap;
+
+ rdn = (CERTRDN *)PORT_ArenaAlloc(arena, sizeof(CERTRDN));
+ if (rdn) {
+ /* Count number of avas going into the rdn */
+ count = 0;
+ if (ava0) {
+ count++;
+ va_start(ap, ava0);
+ while ((ava = va_arg(ap, CERTAVA *)) != 0) {
+ count++;
+ }
+ va_end(ap);
+ }
+
+ /* Now fill in the pointers */
+ rdn->avas = avap =
+ (CERTAVA **)PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTAVA *));
+ if (!avap) {
+ return 0;
+ }
+ if (ava0) {
+ *avap++ = ava0;
+ va_start(ap, ava0);
+ while ((ava = va_arg(ap, CERTAVA *)) != 0) {
+ *avap++ = ava;
+ }
+ va_end(ap);
+ }
+ *avap++ = 0;
+ }
+ return rdn;
+}
+
+SECStatus
+CERT_AddAVA(PLArenaPool *arena, CERTRDN *rdn, CERTAVA *ava)
+{
+ rdn->avas = (CERTAVA **)AddToArray(arena, (void **)rdn->avas, ava);
+ return rdn->avas ? SECSuccess : SECFailure;
+}
+
+SECStatus
+CERT_CopyRDN(PLArenaPool *arena, CERTRDN *to, CERTRDN *from)
+{
+ CERTAVA **avas, *fava, *tava;
+ SECStatus rv = SECSuccess;
+
+ /* Copy each ava from from */
+ avas = from->avas;
+ if (avas) {
+ if (avas[0] == NULL) {
+ rv = CERT_AddAVA(arena, to, NULL);
+ return rv;
+ }
+ while ((fava = *avas++) != 0) {
+ tava = CERT_CopyAVA(arena, fava);
+ if (!tava) {
+ rv = SECFailure;
+ break;
+ }
+ rv = CERT_AddAVA(arena, to, tava);
+ if (rv != SECSuccess)
+ break;
+ }
+ }
+ return rv;
+}
+
+/************************************************************************/
+
+const SEC_ASN1Template CERT_NameTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, offsetof(CERTName, rdns), CERT_RDNTemplate,
+ sizeof(CERTName) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_NameTemplate)
+
+CERTName *
+CERT_CreateName(CERTRDN *rdn0, ...)
+{
+ CERTRDN *rdn;
+ CERTName *name;
+ va_list ap;
+ unsigned count;
+ CERTRDN **rdnp;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return (0);
+ }
+
+ name = (CERTName *)PORT_ArenaAlloc(arena, sizeof(CERTName));
+ if (name) {
+ name->arena = arena;
+
+ /* Count number of RDNs going into the Name */
+ if (!rdn0) {
+ count = 0;
+ } else {
+ count = 1;
+ va_start(ap, rdn0);
+ while ((rdn = va_arg(ap, CERTRDN *)) != 0) {
+ count++;
+ }
+ va_end(ap);
+ }
+
+ /* Allocate space (including space for terminal null ptr) */
+ name->rdns = rdnp =
+ (CERTRDN **)PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTRDN *));
+ if (!name->rdns) {
+ goto loser;
+ }
+
+ /* Now fill in the pointers */
+ if (count > 0) {
+ *rdnp++ = rdn0;
+ va_start(ap, rdn0);
+ while ((rdn = va_arg(ap, CERTRDN *)) != 0) {
+ *rdnp++ = rdn;
+ }
+ va_end(ap);
+ }
+
+ /* null terminate the list */
+ *rdnp++ = 0;
+ }
+ return name;
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (0);
+}
+
+void
+CERT_DestroyName(CERTName *name)
+{
+ if (name) {
+ PLArenaPool *arena = name->arena;
+ name->rdns = NULL;
+ name->arena = NULL;
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+}
+
+SECStatus
+CERT_AddRDN(CERTName *name, CERTRDN *rdn)
+{
+ name->rdns = (CERTRDN **)AddToArray(name->arena, (void **)name->rdns, rdn);
+ return name->rdns ? SECSuccess : SECFailure;
+}
+
+SECStatus
+CERT_CopyName(PLArenaPool *arena, CERTName *to, const CERTName *from)
+{
+ CERTRDN **rdns, *frdn, *trdn;
+ SECStatus rv = SECSuccess;
+
+ if (!to || !from) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ CERT_DestroyName(to);
+ to->arena = arena;
+
+ /* Copy each rdn from from */
+ rdns = from->rdns;
+ if (rdns) {
+ if (rdns[0] == NULL) {
+ rv = CERT_AddRDN(to, NULL);
+ return rv;
+ }
+ while ((frdn = *rdns++) != NULL) {
+ trdn = CERT_CreateRDN(arena, NULL);
+ if (!trdn) {
+ rv = SECFailure;
+ break;
+ }
+ rv = CERT_CopyRDN(arena, trdn, frdn);
+ if (rv != SECSuccess)
+ break;
+ rv = CERT_AddRDN(to, trdn);
+ if (rv != SECSuccess)
+ break;
+ }
+ }
+ return rv;
+}
+
+/************************************************************************/
+
+static void
+canonicalize(SECItem *foo)
+{
+ int ch, lastch, len, src, dest;
+
+ /* strip trailing whitespace. */
+ len = foo->len;
+ while (len > 0 && ((ch = foo->data[len - 1]) == ' ' || ch == '\t' ||
+ ch == '\r' || ch == '\n')) {
+ len--;
+ }
+
+ src = 0;
+ /* strip leading whitespace. */
+ while (src < len && ((ch = foo->data[src]) == ' ' || ch == '\t' ||
+ ch == '\r' || ch == '\n')) {
+ src++;
+ }
+ dest = 0;
+ lastch = ' ';
+ while (src < len) {
+ ch = foo->data[src++];
+ if (ch == ' ' || ch == '\t' || ch == '\r' || ch == '\n') {
+ ch = ' ';
+ if (ch == lastch)
+ continue;
+ } else if (ch >= 'A' && ch <= 'Z') {
+ ch |= 0x20; /* downshift */
+ }
+ foo->data[dest++] = lastch = ch;
+ }
+ foo->len = dest;
+}
+
+/* SECItems a and b contain DER-encoded printable strings. */
+SECComparison
+CERT_CompareDERPrintableStrings(const SECItem *a, const SECItem *b)
+{
+ SECComparison rv = SECLessThan;
+ SECItem *aVal = CERT_DecodeAVAValue(a);
+ SECItem *bVal = CERT_DecodeAVAValue(b);
+
+ if (aVal && aVal->len && aVal->data && bVal && bVal->len && bVal->data) {
+ canonicalize(aVal);
+ canonicalize(bVal);
+ rv = SECITEM_CompareItem(aVal, bVal);
+ }
+ SECITEM_FreeItem(aVal, PR_TRUE);
+ SECITEM_FreeItem(bVal, PR_TRUE);
+ return rv;
+}
+
+SECComparison
+CERT_CompareAVA(const CERTAVA *a, const CERTAVA *b)
+{
+ SECComparison rv;
+
+ rv = SECITEM_CompareItem(&a->type, &b->type);
+ if (SECEqual != rv)
+ return rv; /* Attribute types don't match. */
+ /* Let's be optimistic. Maybe the values will just compare equal. */
+ rv = SECITEM_CompareItem(&a->value, &b->value);
+ if (SECEqual == rv)
+ return rv; /* values compared exactly. */
+ if (a->value.len && a->value.data && b->value.len && b->value.data) {
+ /* Here, the values did not match.
+ ** If the values had different encodings, convert them to the same
+ ** encoding and compare that way.
+ */
+ if (a->value.data[0] != b->value.data[0]) {
+ /* encodings differ. Convert both to UTF-8 and compare. */
+ SECItem *aVal = CERT_DecodeAVAValue(&a->value);
+ SECItem *bVal = CERT_DecodeAVAValue(&b->value);
+ if (aVal && aVal->len && aVal->data && bVal && bVal->len &&
+ bVal->data) {
+ rv = SECITEM_CompareItem(aVal, bVal);
+ }
+ SECITEM_FreeItem(aVal, PR_TRUE);
+ SECITEM_FreeItem(bVal, PR_TRUE);
+ } else if (a->value.data[0] == 0x13) { /* both are printable strings. */
+ /* printable strings */
+ rv = CERT_CompareDERPrintableStrings(&a->value, &b->value);
+ }
+ }
+ return rv;
+}
+
+SECComparison
+CERT_CompareRDN(const CERTRDN *a, const CERTRDN *b)
+{
+ CERTAVA **aavas, *aava;
+ CERTAVA **bavas, *bava;
+ int ac, bc;
+ SECComparison rv = SECEqual;
+
+ aavas = a->avas;
+ bavas = b->avas;
+
+ /*
+ ** Make sure array of ava's are the same length. If not, then we are
+ ** not equal
+ */
+ ac = CountArray((void **)aavas);
+ bc = CountArray((void **)bavas);
+ if (ac < bc)
+ return SECLessThan;
+ if (ac > bc)
+ return SECGreaterThan;
+
+ while (NULL != (aava = *aavas++)) {
+ for (bavas = b->avas; NULL != (bava = *bavas++);) {
+ rv = SECITEM_CompareItem(&aava->type, &bava->type);
+ if (SECEqual == rv) {
+ rv = CERT_CompareAVA(aava, bava);
+ if (SECEqual != rv)
+ return rv;
+ break;
+ }
+ }
+ if (!bava) /* didn't find a match */
+ return SECGreaterThan;
+ }
+ return rv;
+}
+
+SECComparison
+CERT_CompareName(const CERTName *a, const CERTName *b)
+{
+ CERTRDN **ardns, *ardn;
+ CERTRDN **brdns, *brdn;
+ int ac, bc;
+ SECComparison rv = SECEqual;
+
+ ardns = a->rdns;
+ brdns = b->rdns;
+
+ /*
+ ** Make sure array of rdn's are the same length. If not, then we are
+ ** not equal
+ */
+ ac = CountArray((void **)ardns);
+ bc = CountArray((void **)brdns);
+ if (ac < bc)
+ return SECLessThan;
+ if (ac > bc)
+ return SECGreaterThan;
+
+ for (;;) {
+ if (!ardns++ || !brdns++) {
+ break;
+ }
+ ardn = *ardns;
+ brdn = *brdns;
+ if (!ardn) {
+ break;
+ }
+ rv = CERT_CompareRDN(ardn, brdn);
+ if (rv)
+ return rv;
+ }
+ return rv;
+}
+
+/* Moved from certhtml.c */
+SECItem *
+CERT_DecodeAVAValue(const SECItem *derAVAValue)
+{
+ SECItem *retItem;
+ const SEC_ASN1Template *theTemplate = NULL;
+ enum { conv_none,
+ conv_ucs4,
+ conv_ucs2,
+ conv_iso88591 } convert = conv_none;
+ SECItem avaValue = { siBuffer, 0 };
+ PORTCheapArenaPool tmpArena;
+
+ if (!derAVAValue || !derAVAValue->len || !derAVAValue->data) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ switch (derAVAValue->data[0]) {
+ case SEC_ASN1_UNIVERSAL_STRING:
+ convert = conv_ucs4;
+ theTemplate = SEC_ASN1_GET(SEC_UniversalStringTemplate);
+ break;
+ case SEC_ASN1_IA5_STRING:
+ theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
+ break;
+ case SEC_ASN1_PRINTABLE_STRING:
+ theTemplate = SEC_ASN1_GET(SEC_PrintableStringTemplate);
+ break;
+ case SEC_ASN1_T61_STRING:
+ /*
+ * Per common practice, we're not decoding actual T.61, but instead
+ * treating T61-labeled strings as containing ISO-8859-1.
+ */
+ convert = conv_iso88591;
+ theTemplate = SEC_ASN1_GET(SEC_T61StringTemplate);
+ break;
+ case SEC_ASN1_BMP_STRING:
+ convert = conv_ucs2;
+ theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
+ break;
+ case SEC_ASN1_UTF8_STRING:
+ /* No conversion needed ! */
+ theTemplate = SEC_ASN1_GET(SEC_UTF8StringTemplate);
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_AVA);
+ return NULL;
+ }
+
+ PORT_Memset(&avaValue, 0, sizeof(SECItem));
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+ if (SEC_QuickDERDecodeItem(&tmpArena.arena, &avaValue, theTemplate,
+ derAVAValue) != SECSuccess) {
+ PORT_DestroyCheapArena(&tmpArena);
+ return NULL;
+ }
+
+ if (convert != conv_none) {
+ unsigned int utf8ValLen = avaValue.len * 3;
+ unsigned char *utf8Val =
+ (unsigned char *)PORT_ArenaZAlloc(&tmpArena.arena, utf8ValLen);
+
+ switch (convert) {
+ case conv_ucs4:
+ if (avaValue.len % 4 != 0 ||
+ !PORT_UCS4_UTF8Conversion(PR_FALSE, avaValue.data,
+ avaValue.len, utf8Val, utf8ValLen,
+ &utf8ValLen)) {
+ PORT_DestroyCheapArena(&tmpArena);
+ PORT_SetError(SEC_ERROR_INVALID_AVA);
+ return NULL;
+ }
+ break;
+ case conv_ucs2:
+ if (avaValue.len % 2 != 0 ||
+ !PORT_UCS2_UTF8Conversion(PR_FALSE, avaValue.data,
+ avaValue.len, utf8Val, utf8ValLen,
+ &utf8ValLen)) {
+ PORT_DestroyCheapArena(&tmpArena);
+ PORT_SetError(SEC_ERROR_INVALID_AVA);
+ return NULL;
+ }
+ break;
+ case conv_iso88591:
+ if (!PORT_ISO88591_UTF8Conversion(avaValue.data, avaValue.len,
+ utf8Val, utf8ValLen,
+ &utf8ValLen)) {
+ PORT_DestroyCheapArena(&tmpArena);
+ PORT_SetError(SEC_ERROR_INVALID_AVA);
+ return NULL;
+ }
+ break;
+ case conv_none:
+ PORT_Assert(0); /* not reached */
+ break;
+ }
+
+ avaValue.data = utf8Val;
+ avaValue.len = utf8ValLen;
+ }
+
+ retItem = SECITEM_DupItem(&avaValue);
+ PORT_DestroyCheapArena(&tmpArena);
+ return retItem;
+}
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c
new file mode 100644
index 000000000..2b1aa97cd
--- /dev/null
+++ b/security/nss/lib/certdb/stanpcertdb.c
@@ -0,0 +1,1039 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prtime.h"
+
+#include "cert.h"
+#include "certi.h"
+#include "certdb.h"
+#include "secitem.h"
+#include "secder.h"
+
+/* Call to PK11_FreeSlot below */
+
+#include "secasn1.h"
+#include "secerr.h"
+#include "nssilock.h"
+#include "prmon.h"
+#include "base64.h"
+#include "sechash.h"
+#include "plhash.h"
+#include "pk11func.h" /* sigh */
+
+#include "nsspki.h"
+#include "pki.h"
+#include "pkim.h"
+#include "pki3hack.h"
+#include "ckhelper.h"
+#include "base.h"
+#include "pkistore.h"
+#include "dev3hack.h"
+#include "dev.h"
+
+PRBool
+SEC_CertNicknameConflict(const char *nickname, const SECItem *derSubject,
+ CERTCertDBHandle *handle)
+{
+ CERTCertificate *cert;
+ PRBool conflict = PR_FALSE;
+
+ cert = CERT_FindCertByNickname(handle, nickname);
+
+ if (!cert) {
+ return conflict;
+ }
+
+ conflict = !SECITEM_ItemsAreEqual(derSubject, &cert->derSubject);
+ CERT_DestroyCertificate(cert);
+ return conflict;
+}
+
+SECStatus
+SEC_DeletePermCertificate(CERTCertificate *cert)
+{
+ PRStatus nssrv;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSCertificate *c = STAN_GetNSSCertificate(cert);
+ CERTCertTrust *certTrust;
+
+ if (c == NULL) {
+ /* error code is set */
+ return SECFailure;
+ }
+
+ certTrust = nssTrust_GetCERTCertTrustForCert(c, cert);
+ if (certTrust) {
+ NSSTrust *nssTrust = nssTrustDomain_FindTrustForCertificate(td, c);
+ if (nssTrust) {
+ nssrv = STAN_DeleteCertTrustMatchingSlot(c);
+ if (nssrv != PR_SUCCESS) {
+ CERT_MapStanError();
+ }
+ /* This call always returns PR_SUCCESS! */
+ (void)nssTrust_Destroy(nssTrust);
+ }
+ }
+
+ /* get rid of the token instances */
+ nssrv = NSSCertificate_DeleteStoredObject(c, NULL);
+
+ /* get rid of the cache entry */
+ nssTrustDomain_LockCertCache(td);
+ nssTrustDomain_RemoveCertFromCacheLOCKED(td, c);
+ nssTrustDomain_UnlockCertCache(td);
+
+ return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
+}
+
+SECStatus
+CERT_GetCertTrust(const CERTCertificate *cert, CERTCertTrust *trust)
+{
+ SECStatus rv;
+ CERT_LockCertTrust(cert);
+ if (cert->trust == NULL) {
+ rv = SECFailure;
+ } else {
+ *trust = *cert->trust;
+ rv = SECSuccess;
+ }
+ CERT_UnlockCertTrust(cert);
+ return (rv);
+}
+
+extern const NSSError NSS_ERROR_NO_ERROR;
+extern const NSSError NSS_ERROR_INTERNAL_ERROR;
+extern const NSSError NSS_ERROR_NO_MEMORY;
+extern const NSSError NSS_ERROR_INVALID_POINTER;
+extern const NSSError NSS_ERROR_INVALID_ARENA;
+extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
+extern const NSSError NSS_ERROR_DUPLICATE_POINTER;
+extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
+extern const NSSError NSS_ERROR_TRACKER_NOT_EMPTY;
+extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
+extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
+extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
+extern const NSSError NSS_ERROR_UNSUPPORTED_TYPE;
+extern const NSSError NSS_ERROR_BUFFER_TOO_SHORT;
+extern const NSSError NSS_ERROR_INVALID_ATOB_CONTEXT;
+extern const NSSError NSS_ERROR_INVALID_BASE64;
+extern const NSSError NSS_ERROR_INVALID_BTOA_CONTEXT;
+extern const NSSError NSS_ERROR_INVALID_ITEM;
+extern const NSSError NSS_ERROR_INVALID_STRING;
+extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
+extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
+extern const NSSError NSS_ERROR_INVALID_BER;
+extern const NSSError NSS_ERROR_INVALID_ATAV;
+extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
+extern const NSSError NSS_ERROR_INVALID_UTF8;
+extern const NSSError NSS_ERROR_INVALID_NSSOID;
+extern const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE;
+extern const NSSError NSS_ERROR_NOT_FOUND;
+extern const NSSError NSS_ERROR_INVALID_PASSWORD;
+extern const NSSError NSS_ERROR_USER_CANCELED;
+extern const NSSError NSS_ERROR_MAXIMUM_FOUND;
+extern const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND;
+extern const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE;
+extern const NSSError NSS_ERROR_HASH_COLLISION;
+extern const NSSError NSS_ERROR_DEVICE_ERROR;
+extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
+extern const NSSError NSS_ERROR_BUSY;
+extern const NSSError NSS_ERROR_ALREADY_INITIALIZED;
+extern const NSSError NSS_ERROR_PKCS11;
+
+/* Look at the stan error stack and map it to NSS 3 errors */
+#define STAN_MAP_ERROR(x, y) \
+ else if (error == (x)) { secError = y; }
+
+/*
+ * map Stan errors into NSS errors
+ * This function examines the stan error stack and automatically sets
+ * PORT_SetError(); to the appropriate SEC_ERROR value.
+ */
+void
+CERT_MapStanError()
+{
+ PRInt32 *errorStack;
+ NSSError error, prevError;
+ int secError;
+ int i;
+
+ errorStack = NSS_GetErrorStack();
+ if (errorStack == 0) {
+ PORT_SetError(0);
+ return;
+ }
+ error = prevError = CKR_GENERAL_ERROR;
+ /* get the 'top 2' error codes from the stack */
+ for (i = 0; errorStack[i]; i++) {
+ prevError = error;
+ error = errorStack[i];
+ }
+ if (error == NSS_ERROR_PKCS11) {
+ /* map it */
+ secError = PK11_MapError(prevError);
+ }
+ STAN_MAP_ERROR(NSS_ERROR_NO_ERROR, 0)
+ STAN_MAP_ERROR(NSS_ERROR_NO_MEMORY, SEC_ERROR_NO_MEMORY)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_BASE64, SEC_ERROR_BAD_DATA)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_BER, SEC_ERROR_BAD_DER)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ATAV, SEC_ERROR_INVALID_AVA)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_PASSWORD, SEC_ERROR_BAD_PASSWORD)
+ STAN_MAP_ERROR(NSS_ERROR_BUSY, SEC_ERROR_BUSY)
+ STAN_MAP_ERROR(NSS_ERROR_DEVICE_ERROR, SEC_ERROR_IO)
+ STAN_MAP_ERROR(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND,
+ SEC_ERROR_UNKNOWN_ISSUER)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_CERTIFICATE, SEC_ERROR_CERT_NOT_VALID)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_UTF8, SEC_ERROR_BAD_DATA)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_NSSOID, SEC_ERROR_BAD_DATA)
+
+ /* these are library failure for lack of a better error code */
+ STAN_MAP_ERROR(NSS_ERROR_NOT_FOUND, SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_CERTIFICATE_IN_CACHE, SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_MAXIMUM_FOUND, SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_USER_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_TRACKER_NOT_INITIALIZED, SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_ALREADY_INITIALIZED, SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD,
+ SEC_ERROR_LIBRARY_FAILURE)
+ STAN_MAP_ERROR(NSS_ERROR_HASH_COLLISION, SEC_ERROR_LIBRARY_FAILURE)
+
+ STAN_MAP_ERROR(NSS_ERROR_INTERNAL_ERROR, SEC_ERROR_LIBRARY_FAILURE)
+
+ /* these are all invalid arguments */
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ARGUMENT, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_POINTER, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ARENA, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ARENA_MARK, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_DUPLICATE_POINTER, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_POINTER_NOT_REGISTERED, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_TRACKER_NOT_EMPTY, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_VALUE_TOO_LARGE, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_UNSUPPORTED_TYPE, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_BUFFER_TOO_SHORT, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ATOB_CONTEXT, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_BTOA_CONTEXT, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ITEM, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_STRING, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ASN1ENCODER, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_INVALID_ASN1DECODER, SEC_ERROR_INVALID_ARGS)
+ STAN_MAP_ERROR(NSS_ERROR_UNKNOWN_ATTRIBUTE, SEC_ERROR_INVALID_ARGS)
+ else { secError = SEC_ERROR_LIBRARY_FAILURE; }
+ PORT_SetError(secError);
+}
+
+SECStatus
+CERT_ChangeCertTrust(CERTCertDBHandle *handle, CERTCertificate *cert,
+ CERTCertTrust *trust)
+{
+ SECStatus rv = SECSuccess;
+ PRStatus ret;
+
+ ret = STAN_ChangeCertTrust(cert, trust);
+ if (ret != PR_SUCCESS) {
+ rv = SECFailure;
+ CERT_MapStanError();
+ }
+ return rv;
+}
+
+extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
+
+SECStatus
+__CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
+ CERTCertTrust *trust)
+{
+ NSSUTF8 *stanNick;
+ PK11SlotInfo *slot;
+ NSSToken *internal;
+ NSSCryptoContext *context;
+ nssCryptokiObject *permInstance;
+ NSSCertificate *c = STAN_GetNSSCertificate(cert);
+ nssCertificateStoreTrace lockTrace = { NULL, NULL, PR_FALSE, PR_FALSE };
+ nssCertificateStoreTrace unlockTrace = { NULL, NULL, PR_FALSE, PR_FALSE };
+ SECStatus rv;
+ PRStatus ret;
+
+ if (c == NULL) {
+ CERT_MapStanError();
+ return SECFailure;
+ }
+
+ context = c->object.cryptoContext;
+ if (!context) {
+ PORT_SetError(SEC_ERROR_ADDING_CERT);
+ return SECFailure; /* wasn't a temp cert */
+ }
+ stanNick = nssCertificate_GetNickname(c, NULL);
+ if (stanNick && nickname && strcmp(nickname, stanNick) != 0) {
+ /* different: take the new nickname */
+ cert->nickname = NULL;
+ nss_ZFreeIf(stanNick);
+ stanNick = NULL;
+ }
+ if (!stanNick && nickname) {
+ /* Either there was no nickname yet, or we have a new nickname */
+ stanNick = nssUTF8_Duplicate((NSSUTF8 *)nickname, NULL);
+ } /* else: old stanNick is identical to new nickname */
+ /* Delete the temp instance */
+ nssCertificateStore_Lock(context->certStore, &lockTrace);
+ nssCertificateStore_RemoveCertLOCKED(context->certStore, c);
+ nssCertificateStore_Unlock(context->certStore, &lockTrace, &unlockTrace);
+ c->object.cryptoContext = NULL;
+ /* Import the perm instance onto the internal token */
+ slot = PK11_GetInternalKeySlot();
+ internal = PK11Slot_GetNSSToken(slot);
+ permInstance = nssToken_ImportCertificate(
+ internal, NULL, NSSCertificateType_PKIX, &c->id, stanNick, &c->encoding,
+ &c->issuer, &c->subject, &c->serial, cert->emailAddr, PR_TRUE);
+ nss_ZFreeIf(stanNick);
+ stanNick = NULL;
+ PK11_FreeSlot(slot);
+ if (!permInstance) {
+ if (NSS_GetError() == NSS_ERROR_INVALID_CERTIFICATE) {
+ PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
+ }
+ return SECFailure;
+ }
+ nssPKIObject_AddInstance(&c->object, permInstance);
+ nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
+ /* reset the CERTCertificate fields */
+ cert->nssCertificate = NULL;
+ cert = STAN_GetCERTCertificateOrRelease(c); /* should return same pointer */
+ if (!cert) {
+ CERT_MapStanError();
+ return SECFailure;
+ }
+ cert->istemp = PR_FALSE;
+ cert->isperm = PR_TRUE;
+ if (!trust) {
+ return SECSuccess;
+ }
+ ret = STAN_ChangeCertTrust(cert, trust);
+ rv = SECSuccess;
+ if (ret != PR_SUCCESS) {
+ rv = SECFailure;
+ CERT_MapStanError();
+ }
+ return rv;
+}
+
+SECStatus
+CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
+ CERTCertTrust *trust)
+{
+ return __CERT_AddTempCertToPerm(cert, nickname, trust);
+}
+
+CERTCertificate *
+CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
+ char *nickname, PRBool isperm, PRBool copyDER)
+{
+ NSSCertificate *c;
+ CERTCertificate *cc;
+ NSSCertificate *tempCert = NULL;
+ nssPKIObject *pkio;
+ NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext();
+ NSSTrustDomain *gTD = STAN_GetDefaultTrustDomain();
+ if (!isperm) {
+ NSSDER encoding;
+ NSSITEM_FROM_SECITEM(&encoding, derCert);
+ /* First, see if it is already a temp cert */
+ c = NSSCryptoContext_FindCertificateByEncodedCertificate(gCC,
+ &encoding);
+ if (!c) {
+ /* Then, see if it is already a perm cert */
+ c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
+ &encoding);
+ }
+ if (c) {
+ /* actually, that search ends up going by issuer/serial,
+ * so it is still possible to return a cert with the same
+ * issuer/serial but a different encoding, and we're
+ * going to reject that
+ */
+ if (!nssItem_Equal(&c->encoding, &encoding, NULL)) {
+ nssCertificate_Destroy(c);
+ PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
+ cc = NULL;
+ } else {
+ cc = STAN_GetCERTCertificateOrRelease(c);
+ if (cc == NULL) {
+ CERT_MapStanError();
+ }
+ }
+ return cc;
+ }
+ }
+ pkio = nssPKIObject_Create(NULL, NULL, gTD, gCC, nssPKIMonitor);
+ if (!pkio) {
+ CERT_MapStanError();
+ return NULL;
+ }
+ c = nss_ZNEW(pkio->arena, NSSCertificate);
+ if (!c) {
+ CERT_MapStanError();
+ nssPKIObject_Destroy(pkio);
+ return NULL;
+ }
+ c->object = *pkio;
+ if (copyDER) {
+ nssItem_Create(c->object.arena, &c->encoding, derCert->len,
+ derCert->data);
+ } else {
+ NSSITEM_FROM_SECITEM(&c->encoding, derCert);
+ }
+ /* Forces a decoding of the cert in order to obtain the parts used
+ * below
+ */
+ /* 'c' is not adopted here, if we fail loser frees what has been
+ * allocated so far for 'c' */
+ cc = STAN_GetCERTCertificate(c);
+ if (!cc) {
+ CERT_MapStanError();
+ goto loser;
+ }
+ nssItem_Create(c->object.arena, &c->issuer, cc->derIssuer.len,
+ cc->derIssuer.data);
+ nssItem_Create(c->object.arena, &c->subject, cc->derSubject.len,
+ cc->derSubject.data);
+ if (PR_TRUE) {
+ /* CERTCertificate stores serial numbers decoded. I need the DER
+ * here. sigh.
+ */
+ SECItem derSerial = { 0 };
+ CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
+ if (!derSerial.data)
+ goto loser;
+ nssItem_Create(c->object.arena, &c->serial, derSerial.len,
+ derSerial.data);
+ PORT_Free(derSerial.data);
+ }
+ if (nickname) {
+ c->object.tempName =
+ nssUTF8_Create(c->object.arena, nssStringType_UTF8String,
+ (NSSUTF8 *)nickname, PORT_Strlen(nickname));
+ }
+ if (cc->emailAddr && cc->emailAddr[0]) {
+ c->email = nssUTF8_Create(
+ c->object.arena, nssStringType_PrintableString,
+ (NSSUTF8 *)cc->emailAddr, PORT_Strlen(cc->emailAddr));
+ }
+
+ tempCert = NSSCryptoContext_FindOrImportCertificate(gCC, c);
+ if (!tempCert) {
+ CERT_MapStanError();
+ goto loser;
+ }
+ /* destroy our copy */
+ NSSCertificate_Destroy(c);
+ /* and use the stored entry */
+ c = tempCert;
+ cc = STAN_GetCERTCertificateOrRelease(c);
+ if (!cc) {
+ /* STAN_GetCERTCertificateOrRelease destroys c on failure. */
+ CERT_MapStanError();
+ return NULL;
+ }
+
+ cc->istemp = PR_TRUE;
+ cc->isperm = PR_FALSE;
+ return cc;
+loser:
+ /* Perhaps this should be nssCertificate_Destroy(c) */
+ nssPKIObject_Destroy(&c->object);
+ return NULL;
+}
+
+/* This symbol is exported for backward compatibility. */
+CERTCertificate *
+__CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
+ char *nickname, PRBool isperm, PRBool copyDER)
+{
+ return CERT_NewTempCertificate(handle, derCert, nickname, isperm, copyDER);
+}
+
+/* maybe all the wincx's should be some const for internal token login? */
+CERTCertificate *
+CERT_FindCertByIssuerAndSN(CERTCertDBHandle *handle,
+ CERTIssuerAndSN *issuerAndSN)
+{
+ PK11SlotInfo *slot;
+ CERTCertificate *cert;
+
+ cert = PK11_FindCertByIssuerAndSN(&slot, issuerAndSN, NULL);
+ if (cert && slot) {
+ PK11_FreeSlot(slot);
+ }
+
+ return cert;
+}
+
+static NSSCertificate *
+get_best_temp_or_perm(NSSCertificate *ct, NSSCertificate *cp)
+{
+ NSSUsage usage;
+ NSSCertificate *arr[3];
+ if (!ct) {
+ return nssCertificate_AddRef(cp);
+ } else if (!cp) {
+ return nssCertificate_AddRef(ct);
+ }
+ arr[0] = ct;
+ arr[1] = cp;
+ arr[2] = NULL;
+ usage.anyUsage = PR_TRUE;
+ return nssCertificateArray_FindBestCertificate(arr, NULL, &usage, NULL);
+}
+
+CERTCertificate *
+CERT_FindCertByName(CERTCertDBHandle *handle, SECItem *name)
+{
+ NSSCertificate *cp, *ct, *c;
+ NSSDER subject;
+ NSSUsage usage;
+ NSSCryptoContext *cc;
+ NSSITEM_FROM_SECITEM(&subject, name);
+ usage.anyUsage = PR_TRUE;
+ cc = STAN_GetDefaultCryptoContext();
+ ct = NSSCryptoContext_FindBestCertificateBySubject(cc, &subject, NULL,
+ &usage, NULL);
+ cp = NSSTrustDomain_FindBestCertificateBySubject(handle, &subject, NULL,
+ &usage, NULL);
+ c = get_best_temp_or_perm(ct, cp);
+ if (ct) {
+ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
+ }
+ if (cp) {
+ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(cp));
+ }
+ return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
+}
+
+CERTCertificate *
+CERT_FindCertByKeyID(CERTCertDBHandle *handle, SECItem *name, SECItem *keyID)
+{
+ CERTCertList *list;
+ CERTCertificate *cert = NULL;
+ CERTCertListNode *node, *head;
+
+ list = CERT_CreateSubjectCertList(NULL, handle, name, 0, PR_FALSE);
+ if (list == NULL)
+ return NULL;
+
+ node = head = CERT_LIST_HEAD(list);
+ if (head) {
+ do {
+ if (node->cert &&
+ SECITEM_ItemsAreEqual(&node->cert->subjectKeyID, keyID)) {
+ cert = CERT_DupCertificate(node->cert);
+ goto done;
+ }
+ node = CERT_LIST_NEXT(node);
+ } while (node && head != node);
+ }
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+done:
+ if (list) {
+ CERT_DestroyCertList(list);
+ }
+ return cert;
+}
+
+CERTCertificate *
+CERT_FindCertByNickname(CERTCertDBHandle *handle, const char *nickname)
+{
+ NSSCryptoContext *cc;
+ NSSCertificate *c, *ct;
+ CERTCertificate *cert;
+ NSSUsage usage;
+ usage.anyUsage = PR_TRUE;
+ cc = STAN_GetDefaultCryptoContext();
+ ct = NSSCryptoContext_FindBestCertificateByNickname(cc, nickname, NULL,
+ &usage, NULL);
+ cert = PK11_FindCertFromNickname(nickname, NULL);
+ c = NULL;
+ if (cert) {
+ c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
+ CERT_DestroyCertificate(cert);
+ if (ct) {
+ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
+ }
+ } else {
+ c = ct;
+ }
+ return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
+}
+
+CERTCertificate *
+CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert)
+{
+ NSSCryptoContext *cc;
+ NSSCertificate *c;
+ NSSDER encoding;
+ NSSITEM_FROM_SECITEM(&encoding, derCert);
+ cc = STAN_GetDefaultCryptoContext();
+ c = NSSCryptoContext_FindCertificateByEncodedCertificate(cc, &encoding);
+ if (!c) {
+ c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
+ &encoding);
+ if (!c)
+ return NULL;
+ }
+ return STAN_GetCERTCertificateOrRelease(c);
+}
+
+static CERTCertificate *
+common_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle,
+ const char *name, PRBool anyUsage,
+ SECCertUsage lookingForUsage)
+{
+ NSSCryptoContext *cc;
+ NSSCertificate *c, *ct;
+ CERTCertificate *cert = NULL;
+ NSSUsage usage;
+ CERTCertList *certlist;
+
+ if (NULL == name) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ usage.anyUsage = anyUsage;
+
+ if (!anyUsage) {
+ usage.nss3lookingForCA = PR_FALSE;
+ usage.nss3usage = lookingForUsage;
+ }
+
+ cc = STAN_GetDefaultCryptoContext();
+ ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name, NULL, &usage,
+ NULL);
+ if (!ct && PORT_Strchr(name, '@') != NULL) {
+ char *lowercaseName = CERT_FixupEmailAddr(name);
+ if (lowercaseName) {
+ ct = NSSCryptoContext_FindBestCertificateByEmail(
+ cc, lowercaseName, NULL, &usage, NULL);
+ PORT_Free(lowercaseName);
+ }
+ }
+
+ if (anyUsage) {
+ cert = PK11_FindCertFromNickname(name, NULL);
+ } else {
+ if (ct) {
+ /* Does ct really have the required usage? */
+ nssDecodedCert *dc;
+ dc = nssCertificate_GetDecoding(ct);
+ if (!dc->matchUsage(dc, &usage)) {
+ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
+ ct = NULL;
+ }
+ }
+
+ certlist = PK11_FindCertsFromNickname(name, NULL);
+ if (certlist) {
+ SECStatus rv =
+ CERT_FilterCertListByUsage(certlist, lookingForUsage, PR_FALSE);
+ if (SECSuccess == rv &&
+ !CERT_LIST_END(CERT_LIST_HEAD(certlist), certlist)) {
+ cert = CERT_DupCertificate(CERT_LIST_HEAD(certlist)->cert);
+ }
+ CERT_DestroyCertList(certlist);
+ }
+ }
+
+ if (cert) {
+ c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
+ CERT_DestroyCertificate(cert);
+ if (ct) {
+ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
+ }
+ } else {
+ c = ct;
+ }
+ return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
+}
+
+CERTCertificate *
+CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name)
+{
+ return common_FindCertByNicknameOrEmailAddrForUsage(handle, name, PR_TRUE,
+ 0);
+}
+
+CERTCertificate *
+CERT_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle,
+ const char *name,
+ SECCertUsage lookingForUsage)
+{
+ return common_FindCertByNicknameOrEmailAddrForUsage(handle, name, PR_FALSE,
+ lookingForUsage);
+}
+
+static void
+add_to_subject_list(CERTCertList *certList, CERTCertificate *cert,
+ PRBool validOnly, PRTime sorttime)
+{
+ SECStatus secrv;
+ if (!validOnly ||
+ CERT_CheckCertValidTimes(cert, sorttime, PR_FALSE) ==
+ secCertTimeValid) {
+ secrv = CERT_AddCertToListSorted(certList, cert, CERT_SortCBValidity,
+ (void *)&sorttime);
+ if (secrv != SECSuccess) {
+ CERT_DestroyCertificate(cert);
+ }
+ } else {
+ CERT_DestroyCertificate(cert);
+ }
+}
+
+CERTCertList *
+CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
+ const SECItem *name, PRTime sorttime,
+ PRBool validOnly)
+{
+ NSSCryptoContext *cc;
+ NSSCertificate **tSubjectCerts, **pSubjectCerts;
+ NSSCertificate **ci;
+ CERTCertificate *cert;
+ NSSDER subject;
+ PRBool myList = PR_FALSE;
+ cc = STAN_GetDefaultCryptoContext();
+ NSSITEM_FROM_SECITEM(&subject, name);
+ /* Collect both temp and perm certs for the subject */
+ tSubjectCerts =
+ NSSCryptoContext_FindCertificatesBySubject(cc, &subject, NULL, 0, NULL);
+ pSubjectCerts = NSSTrustDomain_FindCertificatesBySubject(handle, &subject,
+ NULL, 0, NULL);
+ if (!tSubjectCerts && !pSubjectCerts) {
+ return NULL;
+ }
+ if (certList == NULL) {
+ certList = CERT_NewCertList();
+ myList = PR_TRUE;
+ if (!certList)
+ goto loser;
+ }
+ /* Iterate over the matching temp certs. Add them to the list */
+ ci = tSubjectCerts;
+ while (ci && *ci) {
+ cert = STAN_GetCERTCertificateOrRelease(*ci);
+ /* *ci may be invalid at this point, don't reference it again */
+ if (cert) {
+ /* NOTE: add_to_subject_list adopts the incoming cert. */
+ add_to_subject_list(certList, cert, validOnly, sorttime);
+ }
+ ci++;
+ }
+ /* Iterate over the matching perm certs. Add them to the list */
+ ci = pSubjectCerts;
+ while (ci && *ci) {
+ cert = STAN_GetCERTCertificateOrRelease(*ci);
+ /* *ci may be invalid at this point, don't reference it again */
+ if (cert) {
+ /* NOTE: add_to_subject_list adopts the incoming cert. */
+ add_to_subject_list(certList, cert, validOnly, sorttime);
+ }
+ ci++;
+ }
+ /* all the references have been adopted or freed at this point, just
+ * free the arrays now */
+ nss_ZFreeIf(tSubjectCerts);
+ nss_ZFreeIf(pSubjectCerts);
+ return certList;
+loser:
+ /* need to free the references in tSubjectCerts and pSubjectCerts! */
+ nssCertificateArray_Destroy(tSubjectCerts);
+ nssCertificateArray_Destroy(pSubjectCerts);
+ if (myList && certList != NULL) {
+ CERT_DestroyCertList(certList);
+ }
+ return NULL;
+}
+
+void
+CERT_DestroyCertificate(CERTCertificate *cert)
+{
+ if (cert) {
+ /* don't use STAN_GetNSSCertificate because we don't want to
+ * go to the trouble of translating the CERTCertificate into
+ * an NSSCertificate just to destroy it. If it hasn't been done
+ * yet, don't do it at all.
+ */
+ NSSCertificate *tmp = cert->nssCertificate;
+ if (tmp) {
+ /* delete the NSSCertificate */
+ NSSCertificate_Destroy(tmp);
+ } else if (cert->arena) {
+ PORT_FreeArena(cert->arena, PR_FALSE);
+ }
+ }
+ return;
+}
+
+int
+CERT_GetDBContentVersion(CERTCertDBHandle *handle)
+{
+ /* should read the DB content version from the pkcs #11 device */
+ return 0;
+}
+
+SECStatus
+certdb_SaveSingleProfile(CERTCertificate *cert, const char *emailAddr,
+ SECItem *emailProfile, SECItem *profileTime)
+{
+ PRTime oldtime;
+ PRTime newtime;
+ SECStatus rv = SECFailure;
+ PRBool saveit;
+ SECItem oldprof, oldproftime;
+ SECItem *oldProfile = NULL;
+ SECItem *oldProfileTime = NULL;
+ PK11SlotInfo *slot = NULL;
+ NSSCertificate *c;
+ NSSCryptoContext *cc;
+ nssSMIMEProfile *stanProfile = NULL;
+ PRBool freeOldProfile = PR_FALSE;
+
+ c = STAN_GetNSSCertificate(cert);
+ if (!c)
+ return SECFailure;
+ cc = c->object.cryptoContext;
+ if (cc != NULL) {
+ stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
+ if (stanProfile) {
+ PORT_Assert(stanProfile->profileData);
+ SECITEM_FROM_NSSITEM(&oldprof, stanProfile->profileData);
+ oldProfile = &oldprof;
+ SECITEM_FROM_NSSITEM(&oldproftime, stanProfile->profileTime);
+ oldProfileTime = &oldproftime;
+ }
+ } else {
+ oldProfile = PK11_FindSMimeProfile(&slot, (char *)emailAddr,
+ &cert->derSubject, &oldProfileTime);
+ freeOldProfile = PR_TRUE;
+ }
+
+ saveit = PR_FALSE;
+
+ /* both profileTime and emailProfile have to exist or not exist */
+ if (emailProfile == NULL) {
+ profileTime = NULL;
+ } else if (profileTime == NULL) {
+ emailProfile = NULL;
+ }
+
+ if (oldProfileTime == NULL) {
+ saveit = PR_TRUE;
+ } else {
+ /* there was already a profile for this email addr */
+ if (profileTime) {
+ /* we have an old and new profile - save whichever is more recent*/
+ if (oldProfileTime->len == 0) {
+ /* always replace if old entry doesn't have a time */
+ oldtime = LL_MININT;
+ } else {
+ rv = DER_UTCTimeToTime(&oldtime, oldProfileTime);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ rv = DER_UTCTimeToTime(&newtime, profileTime);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (LL_CMP(newtime, >, oldtime)) {
+ /* this is a newer profile, save it and cert */
+ saveit = PR_TRUE;
+ }
+ } else {
+ saveit = PR_TRUE;
+ }
+ }
+
+ if (saveit) {
+ if (cc) {
+ if (stanProfile && profileTime && emailProfile) {
+ /* stanProfile is already stored in the crypto context,
+ * overwrite the data
+ */
+ NSSArena *arena = stanProfile->object.arena;
+ stanProfile->profileTime = nssItem_Create(
+ arena, NULL, profileTime->len, profileTime->data);
+ stanProfile->profileData = nssItem_Create(
+ arena, NULL, emailProfile->len, emailProfile->data);
+ } else if (profileTime && emailProfile) {
+ PRStatus nssrv;
+ NSSItem profTime, profData;
+ NSSITEM_FROM_SECITEM(&profTime, profileTime);
+ NSSITEM_FROM_SECITEM(&profData, emailProfile);
+ stanProfile = nssSMIMEProfile_Create(c, &profTime, &profData);
+ if (!stanProfile)
+ goto loser;
+ nssrv = nssCryptoContext_ImportSMIMEProfile(cc, stanProfile);
+ rv = (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
+ }
+ } else {
+ rv = PK11_SaveSMimeProfile(slot, (char *)emailAddr,
+ &cert->derSubject, emailProfile,
+ profileTime);
+ }
+ } else {
+ rv = SECSuccess;
+ }
+
+loser:
+ if (oldProfile && freeOldProfile) {
+ SECITEM_FreeItem(oldProfile, PR_TRUE);
+ }
+ if (oldProfileTime && freeOldProfile) {
+ SECITEM_FreeItem(oldProfileTime, PR_TRUE);
+ }
+ if (stanProfile) {
+ nssSMIMEProfile_Destroy(stanProfile);
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+
+ return (rv);
+}
+
+/*
+ *
+ * Manage S/MIME profiles
+ *
+ */
+
+SECStatus
+CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
+ SECItem *profileTime)
+{
+ const char *emailAddr;
+ SECStatus rv;
+
+ if (!cert) {
+ return SECFailure;
+ }
+
+ if (cert->slot && !PK11_IsInternal(cert->slot)) {
+ /* this cert comes from an external source, we need to add it
+ to the cert db before creating an S/MIME profile */
+ PK11SlotInfo *internalslot = PK11_GetInternalKeySlot();
+ if (!internalslot) {
+ return SECFailure;
+ }
+ rv = PK11_ImportCert(internalslot, cert, CK_INVALID_HANDLE, NULL,
+ PR_FALSE);
+
+ PK11_FreeSlot(internalslot);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+
+ if (cert->slot && cert->isperm && CERT_IsUserCert(cert) &&
+ (!emailProfile || !emailProfile->len)) {
+ /* Don't clobber emailProfile for user certs. */
+ return SECSuccess;
+ }
+
+ for (emailAddr = CERT_GetFirstEmailAddress(cert); emailAddr != NULL;
+ emailAddr = CERT_GetNextEmailAddress(cert, emailAddr)) {
+ rv = certdb_SaveSingleProfile(cert, emailAddr, emailProfile,
+ profileTime);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+SECItem *
+CERT_FindSMimeProfile(CERTCertificate *cert)
+{
+ PK11SlotInfo *slot = NULL;
+ NSSCertificate *c;
+ NSSCryptoContext *cc;
+ SECItem *rvItem = NULL;
+
+ if (!cert || !cert->emailAddr || !cert->emailAddr[0]) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ c = STAN_GetNSSCertificate(cert);
+ if (!c)
+ return NULL;
+ cc = c->object.cryptoContext;
+ if (cc != NULL) {
+ nssSMIMEProfile *stanProfile;
+ stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
+ if (stanProfile) {
+ rvItem =
+ SECITEM_AllocItem(NULL, NULL, stanProfile->profileData->size);
+ if (rvItem) {
+ rvItem->data = stanProfile->profileData->data;
+ }
+ nssSMIMEProfile_Destroy(stanProfile);
+ }
+ return rvItem;
+ }
+ rvItem =
+ PK11_FindSMimeProfile(&slot, cert->emailAddr, &cert->derSubject, NULL);
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ return rvItem;
+}
+
+/*
+ * deprecated functions that are now just stubs.
+ */
+/*
+ * Close the database
+ */
+void
+__CERT_ClosePermCertDB(CERTCertDBHandle *handle)
+{
+ PORT_Assert("CERT_ClosePermCertDB is Deprecated" == NULL);
+ return;
+}
+
+SECStatus
+CERT_OpenCertDBFilename(CERTCertDBHandle *handle, char *certdbname,
+ PRBool readOnly)
+{
+ PORT_Assert("CERT_OpenCertDBFilename is Deprecated" == NULL);
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+SECItem *
+SECKEY_HashPassword(char *pw, SECItem *salt)
+{
+ PORT_Assert("SECKEY_HashPassword is Deprecated" == NULL);
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+}
+
+SECStatus
+__CERT_TraversePermCertsForSubject(CERTCertDBHandle *handle,
+ SECItem *derSubject, void *cb, void *cbarg)
+{
+ PORT_Assert("CERT_TraversePermCertsForSubject is Deprecated" == NULL);
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+SECStatus
+__CERT_TraversePermCertsForNickname(CERTCertDBHandle *handle, char *nickname,
+ void *cb, void *cbarg)
+{
+ PORT_Assert("CERT_TraversePermCertsForNickname is Deprecated" == NULL);
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
diff --git a/security/nss/lib/certdb/xauthkid.c b/security/nss/lib/certdb/xauthkid.c
new file mode 100644
index 000000000..c7ef046db
--- /dev/null
+++ b/security/nss/lib/certdb/xauthkid.c
@@ -0,0 +1,128 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * X.509 v3 Subject Key Usage Extension
+ *
+ */
+
+#include "prtypes.h"
+#include "seccomon.h"
+#include "secdert.h"
+#include "secoidt.h"
+#include "secasn1t.h"
+#include "secasn1.h"
+#include "secport.h"
+#include "certt.h"
+#include "genname.h"
+#include "secerr.h"
+
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+
+const SEC_ASN1Template CERTAuthKeyIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthKeyID) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(CERTAuthKeyID, keyID), SEC_ASN1_SUB(SEC_OctetStringTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(CERTAuthKeyID, DERAuthCertIssuer), CERT_GeneralNamesTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ offsetof(CERTAuthKeyID, authCertSerialNumber),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { 0 }
+};
+
+SECStatus
+CERT_EncodeAuthKeyID(PLArenaPool *arena, CERTAuthKeyID *value,
+ SECItem *encodedValue)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(value);
+ PORT_Assert(arena);
+ PORT_Assert(value->DERAuthCertIssuer == NULL);
+ PORT_Assert(encodedValue);
+
+ do {
+
+ /* If both of the authCertIssuer and the serial number exist, encode
+ the name first. Otherwise, it is an error if one exist and the other
+ is not.
+ */
+ if (value->authCertIssuer) {
+ if (!value->authCertSerialNumber.data) {
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ break;
+ }
+
+ value->DERAuthCertIssuer =
+ cert_EncodeGeneralNames(arena, value->authCertIssuer);
+ if (!value->DERAuthCertIssuer) {
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ break;
+ }
+ } else if (value->authCertSerialNumber.data) {
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ break;
+ }
+
+ if (SEC_ASN1EncodeItem(arena, encodedValue, value,
+ CERTAuthKeyIDTemplate) == NULL)
+ break;
+ rv = SECSuccess;
+
+ } while (0);
+ return (rv);
+}
+
+CERTAuthKeyID *
+CERT_DecodeAuthKeyID(PLArenaPool *arena, const SECItem *encodedValue)
+{
+ CERTAuthKeyID *value = NULL;
+ SECStatus rv = SECFailure;
+ void *mark;
+ SECItem newEncodedValue;
+
+ PORT_Assert(arena);
+
+ do {
+ mark = PORT_ArenaMark(arena);
+ value = (CERTAuthKeyID *)PORT_ArenaZAlloc(arena, sizeof(*value));
+ if (value == NULL)
+ break;
+ value->DERAuthCertIssuer = NULL;
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue);
+ if (rv != SECSuccess) {
+ break;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, value, CERTAuthKeyIDTemplate,
+ &newEncodedValue);
+ if (rv != SECSuccess)
+ break;
+
+ value->authCertIssuer =
+ cert_DecodeGeneralNames(arena, value->DERAuthCertIssuer);
+ if (value->authCertIssuer == NULL)
+ break;
+
+ /* what if the general name contains other format but not URI ?
+ hl
+ */
+ if ((value->authCertSerialNumber.data && !value->authCertIssuer) ||
+ (!value->authCertSerialNumber.data && value->authCertIssuer)) {
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ break;
+ }
+ } while (0);
+
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(arena, mark);
+ return ((CERTAuthKeyID *)NULL);
+ }
+ PORT_ArenaUnmark(arena, mark);
+ return (value);
+}
diff --git a/security/nss/lib/certdb/xbsconst.c b/security/nss/lib/certdb/xbsconst.c
new file mode 100644
index 000000000..4f01f51f4
--- /dev/null
+++ b/security/nss/lib/certdb/xbsconst.c
@@ -0,0 +1,143 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * X.509 v3 Basic Constraints Extension
+ */
+
+#include "prtypes.h"
+#include <limits.h> /* for LONG_MAX */
+#include "seccomon.h"
+#include "secdert.h"
+#include "secoidt.h"
+#include "secasn1t.h"
+#include "secasn1.h"
+#include "certt.h"
+#include "secder.h"
+#include "prprf.h"
+#include "secerr.h"
+
+typedef struct EncodedContext {
+ SECItem isCA;
+ SECItem pathLenConstraint;
+ SECItem encodedValue;
+ PLArenaPool *arena;
+} EncodedContext;
+
+static const SEC_ASN1Template CERTBasicConstraintsTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(EncodedContext) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
+ offsetof(EncodedContext, isCA) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
+ offsetof(EncodedContext, pathLenConstraint) },
+ { 0 }
+};
+
+static unsigned char hexTrue = 0xff;
+static unsigned char hexFalse = 0x00;
+
+#define GEN_BREAK(status) \
+ rv = status; \
+ break;
+
+SECStatus
+CERT_EncodeBasicConstraintValue(PLArenaPool *arena, CERTBasicConstraints *value,
+ SECItem *encodedValue)
+{
+ EncodedContext encodeContext;
+ PLArenaPool *our_pool = NULL;
+ SECStatus rv = SECSuccess;
+
+ do {
+ PORT_Memset(&encodeContext, 0, sizeof(encodeContext));
+ if (!value->isCA && value->pathLenConstraint >= 0) {
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ GEN_BREAK(SECFailure);
+ }
+
+ encodeContext.arena = arena;
+ if (value->isCA == PR_TRUE) {
+ encodeContext.isCA.data = &hexTrue;
+ encodeContext.isCA.len = 1;
+ }
+
+ /* If the pathLenConstraint is less than 0, then it should be
+ * omitted from the encoding.
+ */
+ if (value->isCA && value->pathLenConstraint >= 0) {
+ our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (our_pool == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ GEN_BREAK(SECFailure);
+ }
+ if (SEC_ASN1EncodeUnsignedInteger(
+ our_pool, &encodeContext.pathLenConstraint,
+ (unsigned long)value->pathLenConstraint) == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ GEN_BREAK(SECFailure);
+ }
+ }
+ if (SEC_ASN1EncodeItem(arena, encodedValue, &encodeContext,
+ CERTBasicConstraintsTemplate) == NULL) {
+ GEN_BREAK(SECFailure);
+ }
+ } while (0);
+ if (our_pool)
+ PORT_FreeArena(our_pool, PR_FALSE);
+ return (rv);
+}
+
+SECStatus
+CERT_DecodeBasicConstraintValue(CERTBasicConstraints *value,
+ const SECItem *encodedValue)
+{
+ EncodedContext decodeContext;
+ PORTCheapArenaPool tmpArena;
+ SECStatus rv = SECSuccess;
+
+ do {
+ PORT_Memset(&decodeContext, 0, sizeof(decodeContext));
+ /* initialize the value just in case we got "0x30 00", or when the
+ pathLenConstraint is omitted.
+ */
+ decodeContext.isCA.data = &hexFalse;
+ decodeContext.isCA.len = 1;
+
+ PORT_InitCheapArena(&tmpArena, SEC_ASN1_DEFAULT_ARENA_SIZE);
+
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &decodeContext,
+ CERTBasicConstraintsTemplate, encodedValue);
+ if (rv == SECFailure)
+ break;
+
+ value->isCA = decodeContext.isCA.data
+ ? (PRBool)(decodeContext.isCA.data[0] != 0)
+ : PR_FALSE;
+ if (decodeContext.pathLenConstraint.data == NULL) {
+ /* if the pathLenConstraint is not encoded, and the current setting
+ is CA, then the pathLenConstraint should be set to a negative
+ number
+ for unlimited certificate path.
+ */
+ if (value->isCA)
+ value->pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
+ } else if (value->isCA) {
+ long len = DER_GetInteger(&decodeContext.pathLenConstraint);
+ if (len < 0 || len == LONG_MAX) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ GEN_BREAK(SECFailure);
+ }
+ value->pathLenConstraint = len;
+ } else {
+ /* here we get an error where the subject is not a CA, but
+ the pathLenConstraint is set */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ GEN_BREAK(SECFailure);
+ break;
+ }
+ } while (0);
+
+ PORT_DestroyCheapArena(&tmpArena);
+ return (rv);
+}
diff --git a/security/nss/lib/certdb/xconst.c b/security/nss/lib/certdb/xconst.c
new file mode 100644
index 000000000..9a5634a90
--- /dev/null
+++ b/security/nss/lib/certdb/xconst.c
@@ -0,0 +1,269 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * X.509 Extension Encoding
+ */
+
+#include "prtypes.h"
+#include "seccomon.h"
+#include "secdert.h"
+#include "secoidt.h"
+#include "secasn1t.h"
+#include "secasn1.h"
+#include "cert.h"
+#include "secder.h"
+#include "prprf.h"
+#include "xconst.h"
+#include "genname.h"
+#include "secasn1.h"
+#include "secerr.h"
+
+static const SEC_ASN1Template CERTSubjectKeyIDTemplate[] = {
+ { SEC_ASN1_OCTET_STRING }
+};
+
+static const SEC_ASN1Template CERTIA5TypeTemplate[] = {
+ { SEC_ASN1_IA5_STRING }
+};
+
+SEC_ASN1_MKSUB(SEC_GeneralizedTimeTemplate)
+
+static const SEC_ASN1Template CERTPrivateKeyUsagePeriodTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPrivKeyUsagePeriod) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(CERTPrivKeyUsagePeriod, notBefore),
+ SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(CERTPrivKeyUsagePeriod, notAfter),
+ SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERTAltNameTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED, offsetof(CERTAltNameEncodedContext, encodedGenName),
+ CERT_GeneralNamesTemplate }
+};
+
+const SEC_ASN1Template CERTAuthInfoAccessItemTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthInfoAccess) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTAuthInfoAccess, method) },
+ { SEC_ASN1_ANY, offsetof(CERTAuthInfoAccess, derLocation) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERTAuthInfoAccessTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, CERTAuthInfoAccessItemTemplate }
+};
+
+SECStatus
+CERT_EncodeSubjectKeyID(PLArenaPool *arena, const SECItem *srcString,
+ SECItem *encodedValue)
+{
+ SECStatus rv = SECSuccess;
+
+ if (!srcString) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (SEC_ASN1EncodeItem(arena, encodedValue, srcString,
+ CERTSubjectKeyIDTemplate) == NULL) {
+ rv = SECFailure;
+ }
+
+ return (rv);
+}
+
+SECStatus
+CERT_EncodePrivateKeyUsagePeriod(PLArenaPool *arena,
+ CERTPrivKeyUsagePeriod *pkup,
+ SECItem *encodedValue)
+{
+ SECStatus rv = SECSuccess;
+
+ if (SEC_ASN1EncodeItem(arena, encodedValue, pkup,
+ CERTPrivateKeyUsagePeriodTemplate) == NULL) {
+ rv = SECFailure;
+ }
+ return (rv);
+}
+
+CERTPrivKeyUsagePeriod *
+CERT_DecodePrivKeyUsagePeriodExtension(PLArenaPool *arena, SECItem *extnValue)
+{
+ SECStatus rv;
+ CERTPrivKeyUsagePeriod *pPeriod;
+ SECItem newExtnValue;
+
+ /* allocate the certificate policies structure */
+ pPeriod = PORT_ArenaZNew(arena, CERTPrivKeyUsagePeriod);
+ if (pPeriod == NULL) {
+ goto loser;
+ }
+
+ pPeriod->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(
+ arena, pPeriod, CERTPrivateKeyUsagePeriodTemplate, &newExtnValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return pPeriod;
+
+loser:
+ return NULL;
+}
+
+SECStatus
+CERT_EncodeIA5TypeExtension(PLArenaPool *arena, char *value,
+ SECItem *encodedValue)
+{
+ SECItem encodeContext;
+ SECStatus rv = SECSuccess;
+
+ PORT_Memset(&encodeContext, 0, sizeof(encodeContext));
+
+ if (value != NULL) {
+ encodeContext.data = (unsigned char *)value;
+ encodeContext.len = strlen(value);
+ }
+ if (SEC_ASN1EncodeItem(arena, encodedValue, &encodeContext,
+ CERTIA5TypeTemplate) == NULL) {
+ rv = SECFailure;
+ }
+
+ return (rv);
+}
+
+SECStatus
+CERT_EncodeAltNameExtension(PLArenaPool *arena, CERTGeneralName *value,
+ SECItem *encodedValue)
+{
+ SECItem **encodedGenName;
+ SECStatus rv = SECSuccess;
+
+ encodedGenName = cert_EncodeGeneralNames(arena, value);
+ if (SEC_ASN1EncodeItem(arena, encodedValue, &encodedGenName,
+ CERT_GeneralNamesTemplate) == NULL) {
+ rv = SECFailure;
+ }
+
+ return rv;
+}
+
+CERTGeneralName *
+CERT_DecodeAltNameExtension(PLArenaPool *reqArena, SECItem *EncodedAltName)
+{
+ SECStatus rv = SECSuccess;
+ CERTAltNameEncodedContext encodedContext;
+ SECItem *newEncodedAltName;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ newEncodedAltName = SECITEM_ArenaDupItem(reqArena, EncodedAltName);
+ if (!newEncodedAltName) {
+ return NULL;
+ }
+
+ encodedContext.encodedGenName = NULL;
+ PORT_Memset(&encodedContext, 0, sizeof(CERTAltNameEncodedContext));
+ rv = SEC_QuickDERDecodeItem(reqArena, &encodedContext,
+ CERT_GeneralNamesTemplate, newEncodedAltName);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ if (encodedContext.encodedGenName && encodedContext.encodedGenName[0])
+ return cert_DecodeGeneralNames(reqArena, encodedContext.encodedGenName);
+ /* Extension contained an empty GeneralNames sequence */
+ /* Treat as extension not found */
+ PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
+loser:
+ return NULL;
+}
+
+SECStatus
+CERT_EncodeNameConstraintsExtension(PLArenaPool *arena,
+ CERTNameConstraints *value,
+ SECItem *encodedValue)
+{
+ SECStatus rv = SECSuccess;
+
+ rv = cert_EncodeNameConstraints(value, arena, encodedValue);
+ return rv;
+}
+
+CERTNameConstraints *
+CERT_DecodeNameConstraintsExtension(PLArenaPool *arena,
+ const SECItem *encodedConstraints)
+{
+ return cert_DecodeNameConstraints(arena, encodedConstraints);
+}
+
+CERTAuthInfoAccess **
+CERT_DecodeAuthInfoAccessExtension(PLArenaPool *reqArena,
+ const SECItem *encodedExtension)
+{
+ CERTAuthInfoAccess **info = NULL;
+ SECStatus rv;
+ int i;
+ SECItem *newEncodedExtension;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ newEncodedExtension = SECITEM_ArenaDupItem(reqArena, encodedExtension);
+ if (!newEncodedExtension) {
+ return NULL;
+ }
+
+ rv = SEC_QuickDERDecodeItem(reqArena, &info, CERTAuthInfoAccessTemplate,
+ newEncodedExtension);
+ if (rv != SECSuccess || info == NULL) {
+ return NULL;
+ }
+
+ for (i = 0; info[i] != NULL; i++) {
+ info[i]->location =
+ CERT_DecodeGeneralName(reqArena, &(info[i]->derLocation), NULL);
+ }
+ return info;
+}
+
+SECStatus
+CERT_EncodeInfoAccessExtension(PLArenaPool *arena, CERTAuthInfoAccess **info,
+ SECItem *dest)
+{
+ SECItem *dummy;
+ int i;
+
+ PORT_Assert(info != NULL);
+ PORT_Assert(dest != NULL);
+ if (info == NULL || dest == NULL) {
+ return SECFailure;
+ }
+
+ for (i = 0; info[i] != NULL; i++) {
+ if (CERT_EncodeGeneralName(info[i]->location, &(info[i]->derLocation),
+ arena) == NULL)
+ /* Note that this may leave some of the locations filled in. */
+ return SECFailure;
+ }
+ dummy = SEC_ASN1EncodeItem(arena, dest, &info, CERTAuthInfoAccessTemplate);
+ if (dummy == NULL) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/certdb/xconst.h b/security/nss/lib/certdb/xconst.h
new file mode 100644
index 000000000..8cf2e826e
--- /dev/null
+++ b/security/nss/lib/certdb/xconst.h
@@ -0,0 +1,30 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _XCONST_H_
+#define _XCONST_H_
+
+#include "certt.h"
+
+typedef struct CERTAltNameEncodedContextStr {
+ SECItem **encodedGenName;
+} CERTAltNameEncodedContext;
+
+SEC_BEGIN_PROTOS
+
+extern SECStatus CERT_EncodePrivateKeyUsagePeriod(PLArenaPool *arena,
+ CERTPrivKeyUsagePeriod *pkup,
+ SECItem *encodedValue);
+
+extern SECStatus CERT_EncodeNameConstraintsExtension(PLArenaPool *arena,
+ CERTNameConstraints *value,
+ SECItem *encodedValue);
+
+extern SECStatus CERT_EncodeIA5TypeExtension(PLArenaPool *arena, char *value,
+ SECItem *encodedValue);
+
+SECStatus cert_EncodeAuthInfoAccessExtension(PLArenaPool *arena,
+ CERTAuthInfoAccess **info,
+ SECItem *dest);
+SEC_END_PROTOS
+#endif
diff --git a/security/nss/lib/certhigh/Makefile b/security/nss/lib/certhigh/Makefile
new file mode 100644
index 000000000..a2f0cf7d5
--- /dev/null
+++ b/security/nss/lib/certhigh/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+-include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c
new file mode 100644
index 000000000..55259898b
--- /dev/null
+++ b/security/nss/lib/certhigh/certhigh.c
@@ -0,0 +1,1204 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "nspr.h"
+#include "secerr.h"
+#include "secasn1.h"
+#include "seccomon.h"
+#include "pk11func.h"
+#include "certdb.h"
+#include "certt.h"
+#include "cert.h"
+#include "certxutl.h"
+
+#include "nsspki.h"
+#include "pki.h"
+#include "pkit.h"
+#include "pkitm.h"
+#include "pki3hack.h"
+
+PRBool
+CERT_MatchNickname(char *name1, char *name2)
+{
+ char *nickname1 = NULL;
+ char *nickname2 = NULL;
+ char *token1;
+ char *token2;
+
+ /* first deal with the straight comparison */
+ if (PORT_Strcmp(name1, name2) == 0) {
+ return PR_TRUE;
+ }
+ /* we need to handle the case where one name has an explicit token and the other
+ * doesn't */
+ token1 = PORT_Strchr(name1, ':');
+ token2 = PORT_Strchr(name2, ':');
+ if ((token1 && token2) || (!token1 && !token2)) {
+ /* either both token names are specified or neither are, not match */
+ return PR_FALSE;
+ }
+ if (token1) {
+ nickname1 = token1;
+ nickname2 = name2;
+ } else {
+ nickname1 = token2;
+ nickname2 = name1;
+ }
+ nickname1++;
+ if (PORT_Strcmp(nickname1, nickname2) != 0) {
+ return PR_FALSE;
+ }
+ /* Bug 1192443 - compare the other token with the internal slot here */
+ return PR_TRUE;
+}
+
+/*
+ * Find all user certificates that match the given criteria.
+ *
+ * "handle" - database to search
+ * "usage" - certificate usage to match
+ * "oneCertPerName" - if set then only return the "best" cert per
+ * name
+ * "validOnly" - only return certs that are curently valid
+ * "proto_win" - window handle passed to pkcs11
+ */
+CERTCertList *
+CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
+ SECCertUsage usage,
+ PRBool oneCertPerName,
+ PRBool validOnly,
+ void *proto_win)
+{
+ CERTCertNicknames *nicknames = NULL;
+ char **nnptr;
+ int nn;
+ CERTCertificate *cert = NULL;
+ CERTCertList *certList = NULL;
+ SECStatus rv;
+ PRTime time;
+ CERTCertListNode *node = NULL;
+ CERTCertListNode *freenode = NULL;
+ int n;
+
+ time = PR_Now();
+
+ nicknames = CERT_GetCertNicknames(handle, SEC_CERT_NICKNAMES_USER,
+ proto_win);
+
+ if ((nicknames == NULL) || (nicknames->numnicknames == 0)) {
+ goto loser;
+ }
+
+ nnptr = nicknames->nicknames;
+ nn = nicknames->numnicknames;
+
+ while (nn > 0) {
+ cert = NULL;
+ /* use the pk11 call so that we pick up any certs on tokens,
+ * which may require login
+ */
+ if (proto_win != NULL) {
+ cert = PK11_FindCertFromNickname(*nnptr, proto_win);
+ }
+
+ /* Sigh, It turns out if the cert is already in the temp db, because
+ * it's in the perm db, then the nickname lookup doesn't work.
+ * since we already have the cert here, though, than we can just call
+ * CERT_CreateSubjectCertList directly. For those cases where we didn't
+ * find the cert in pkcs #11 (because we didn't have a password arg,
+ * or because the nickname is for a peer, server, or CA cert, then we
+ * go look the cert up.
+ */
+ if (cert == NULL) {
+ cert = CERT_FindCertByNickname(handle, *nnptr);
+ }
+
+ if (cert != NULL) {
+ /* collect certs for this nickname, sorting them into the list */
+ certList = CERT_CreateSubjectCertList(certList, handle,
+ &cert->derSubject, time, validOnly);
+
+ CERT_FilterCertListForUserCerts(certList);
+
+ /* drop the extra reference */
+ CERT_DestroyCertificate(cert);
+ }
+
+ nnptr++;
+ nn--;
+ }
+
+ /* remove certs with incorrect usage */
+ rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* remove any extra certs for each name */
+ if (oneCertPerName) {
+ PRBool *flags;
+
+ nn = nicknames->numnicknames;
+ nnptr = nicknames->nicknames;
+
+ if (!certList) {
+ goto loser;
+ }
+
+ flags = (PRBool *)PORT_ZAlloc(sizeof(PRBool) * nn);
+ if (flags == NULL) {
+ goto loser;
+ }
+
+ node = CERT_LIST_HEAD(certList);
+
+ /* treverse all certs in the list */
+ while (!CERT_LIST_END(node, certList)) {
+
+ /* find matching nickname index */
+ for (n = 0; n < nn; n++) {
+ if (CERT_MatchNickname(nnptr[n], node->cert->nickname)) {
+ /* We found a match. If this is the first one, then
+ * set the flag and move on to the next cert. If this
+ * is not the first one then delete it from the list.
+ */
+ if (flags[n]) {
+ /* We have already seen a cert with this nickname,
+ * so delete this one.
+ */
+ freenode = node;
+ node = CERT_LIST_NEXT(node);
+ CERT_RemoveCertListNode(freenode);
+ } else {
+ /* keep the first cert for each nickname, but set the
+ * flag so we know to delete any others with the same
+ * nickname.
+ */
+ flags[n] = PR_TRUE;
+ node = CERT_LIST_NEXT(node);
+ }
+ break;
+ }
+ }
+ if (n == nn) {
+ /* if we get here it means that we didn't find a matching
+ * nickname, which should not happen.
+ */
+ PORT_Assert(0);
+ node = CERT_LIST_NEXT(node);
+ }
+ }
+ PORT_Free(flags);
+ }
+
+ goto done;
+
+loser:
+ if (certList != NULL) {
+ CERT_DestroyCertList(certList);
+ certList = NULL;
+ }
+
+done:
+ if (nicknames != NULL) {
+ CERT_FreeNicknames(nicknames);
+ }
+
+ return (certList);
+}
+
+/*
+ * Find a user certificate that matchs the given criteria.
+ *
+ * "handle" - database to search
+ * "nickname" - nickname to match
+ * "usage" - certificate usage to match
+ * "validOnly" - only return certs that are curently valid
+ * "proto_win" - window handle passed to pkcs11
+ */
+CERTCertificate *
+CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
+ const char *nickname,
+ SECCertUsage usage,
+ PRBool validOnly,
+ void *proto_win)
+{
+ CERTCertificate *cert = NULL;
+ CERTCertList *certList = NULL;
+ SECStatus rv;
+ PRTime time;
+
+ time = PR_Now();
+
+ /* use the pk11 call so that we pick up any certs on tokens,
+ * which may require login
+ */
+ /* XXX - why is this restricted? */
+ if (proto_win != NULL) {
+ cert = PK11_FindCertFromNickname(nickname, proto_win);
+ }
+
+ /* sigh, There are still problems find smart cards from the temp
+ * db. This will get smart cards working again. The real fix
+ * is to make sure we can search the temp db by their token nickname.
+ */
+ if (cert == NULL) {
+ cert = CERT_FindCertByNickname(handle, nickname);
+ }
+
+ if (cert != NULL) {
+ unsigned int requiredKeyUsage;
+ unsigned int requiredCertType;
+
+ rv = CERT_KeyUsageAndTypeForCertUsage(usage, PR_FALSE,
+ &requiredKeyUsage, &requiredCertType);
+ if (rv != SECSuccess) {
+ /* drop the extra reference */
+ CERT_DestroyCertificate(cert);
+ cert = NULL;
+ goto loser;
+ }
+ /* If we already found the right cert, just return it */
+ if ((!validOnly || CERT_CheckCertValidTimes(cert, time, PR_FALSE) == secCertTimeValid) &&
+ (CERT_CheckKeyUsage(cert, requiredKeyUsage) == SECSuccess) &&
+ (cert->nsCertType & requiredCertType) &&
+ CERT_IsUserCert(cert)) {
+ return (cert);
+ }
+
+ /* collect certs for this nickname, sorting them into the list */
+ certList = CERT_CreateSubjectCertList(certList, handle,
+ &cert->derSubject, time, validOnly);
+
+ CERT_FilterCertListForUserCerts(certList);
+
+ /* drop the extra reference */
+ CERT_DestroyCertificate(cert);
+ cert = NULL;
+ }
+
+ if (certList == NULL) {
+ goto loser;
+ }
+
+ /* remove certs with incorrect usage */
+ rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (!CERT_LIST_END(CERT_LIST_HEAD(certList), certList)) {
+ cert = CERT_DupCertificate(CERT_LIST_HEAD(certList)->cert);
+ }
+
+loser:
+ if (certList != NULL) {
+ CERT_DestroyCertList(certList);
+ }
+
+ return (cert);
+}
+
+CERTCertList *
+CERT_MatchUserCert(CERTCertDBHandle *handle,
+ SECCertUsage usage,
+ int nCANames, char **caNames,
+ void *proto_win)
+{
+ CERTCertList *certList = NULL;
+ SECStatus rv;
+
+ certList = CERT_FindUserCertsByUsage(handle, usage, PR_TRUE, PR_TRUE,
+ proto_win);
+ if (certList == NULL) {
+ goto loser;
+ }
+
+ rv = CERT_FilterCertListByCANames(certList, nCANames, caNames, usage);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ goto done;
+
+loser:
+ if (certList != NULL) {
+ CERT_DestroyCertList(certList);
+ certList = NULL;
+ }
+
+done:
+
+ return (certList);
+}
+
+typedef struct stringNode {
+ struct stringNode *next;
+ char *string;
+} stringNode;
+
+static PRStatus
+CollectNicknames(NSSCertificate *c, void *data)
+{
+ CERTCertNicknames *names;
+ PRBool saveit = PR_FALSE;
+ stringNode *node;
+ int len;
+#ifdef notdef
+ NSSTrustDomain *td;
+ NSSTrust *trust;
+#endif
+ char *stanNickname;
+ char *nickname = NULL;
+
+ names = (CERTCertNicknames *)data;
+
+ stanNickname = nssCertificate_GetNickname(c, NULL);
+
+ if (stanNickname) {
+ nss_ZFreeIf(stanNickname);
+ stanNickname = NULL;
+ if (names->what == SEC_CERT_NICKNAMES_USER) {
+ saveit = NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL);
+ }
+#ifdef notdef
+ else {
+ td = NSSCertificate_GetTrustDomain(c);
+ if (!td) {
+ return PR_SUCCESS;
+ }
+ trust = nssTrustDomain_FindTrustForCertificate(td, c);
+
+ switch (names->what) {
+ case SEC_CERT_NICKNAMES_ALL:
+ if ((trust->sslFlags & (CERTDB_VALID_CA | CERTDB_VALID_PEER)) ||
+ (trust->emailFlags & (CERTDB_VALID_CA | CERTDB_VALID_PEER)) ||
+ (trust->objectSigningFlags &
+ (CERTDB_VALID_CA | CERTDB_VALID_PEER))) {
+ saveit = PR_TRUE;
+ }
+
+ break;
+ case SEC_CERT_NICKNAMES_SERVER:
+ if (trust->sslFlags & CERTDB_VALID_PEER) {
+ saveit = PR_TRUE;
+ }
+
+ break;
+ case SEC_CERT_NICKNAMES_CA:
+ if (((trust->sslFlags & CERTDB_VALID_CA) == CERTDB_VALID_CA) ||
+ ((trust->emailFlags & CERTDB_VALID_CA) == CERTDB_VALID_CA) ||
+ ((trust->objectSigningFlags & CERTDB_VALID_CA) ==
+ CERTDB_VALID_CA)) {
+ saveit = PR_TRUE;
+ }
+ break;
+ }
+ }
+#endif
+ }
+
+ /* traverse the list of collected nicknames and make sure we don't make
+ * a duplicate
+ */
+ if (saveit) {
+ nickname = STAN_GetCERTCertificateName(NULL, c);
+ /* nickname can only be NULL here if we are having memory
+ * alloc problems */
+ if (nickname == NULL) {
+ return PR_FAILURE;
+ }
+ node = (stringNode *)names->head;
+ while (node != NULL) {
+ if (PORT_Strcmp(nickname, node->string) == 0) {
+ /* if the string matches, then don't save this one */
+ saveit = PR_FALSE;
+ break;
+ }
+ node = node->next;
+ }
+ }
+
+ if (saveit) {
+
+ /* allocate the node */
+ node = (stringNode *)PORT_ArenaAlloc(names->arena, sizeof(stringNode));
+ if (node == NULL) {
+ PORT_Free(nickname);
+ return PR_FAILURE;
+ }
+
+ /* copy the string */
+ len = PORT_Strlen(nickname) + 1;
+ node->string = (char *)PORT_ArenaAlloc(names->arena, len);
+ if (node->string == NULL) {
+ PORT_Free(nickname);
+ return PR_FAILURE;
+ }
+ PORT_Memcpy(node->string, nickname, len);
+
+ /* link it into the list */
+ node->next = (stringNode *)names->head;
+ names->head = (void *)node;
+
+ /* bump the count */
+ names->numnicknames++;
+ }
+
+ if (nickname)
+ PORT_Free(nickname);
+ return (PR_SUCCESS);
+}
+
+CERTCertNicknames *
+CERT_GetCertNicknames(CERTCertDBHandle *handle, int what, void *wincx)
+{
+ PLArenaPool *arena;
+ CERTCertNicknames *names;
+ int i;
+ stringNode *node;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (NULL);
+ }
+
+ names = (CERTCertNicknames *)PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
+ if (names == NULL) {
+ goto loser;
+ }
+
+ names->arena = arena;
+ names->head = NULL;
+ names->numnicknames = 0;
+ names->nicknames = NULL;
+ names->what = what;
+ names->totallen = 0;
+
+ /* make sure we are logged in */
+ (void)pk11_TraverseAllSlots(NULL, NULL, PR_TRUE, wincx);
+
+ NSSTrustDomain_TraverseCertificates(handle,
+ CollectNicknames, (void *)names);
+ if (names->numnicknames) {
+ names->nicknames = (char **)PORT_ArenaAlloc(arena,
+ names->numnicknames *
+ sizeof(char *));
+
+ if (names->nicknames == NULL) {
+ goto loser;
+ }
+
+ node = (stringNode *)names->head;
+
+ for (i = 0; i < names->numnicknames; i++) {
+ PORT_Assert(node != NULL);
+
+ names->nicknames[i] = node->string;
+ names->totallen += PORT_Strlen(node->string);
+ node = node->next;
+ }
+
+ PORT_Assert(node == NULL);
+ }
+
+ return (names);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (NULL);
+}
+
+void
+CERT_FreeNicknames(CERTCertNicknames *nicknames)
+{
+ PORT_FreeArena(nicknames->arena, PR_FALSE);
+
+ return;
+}
+
+/* [ FROM pcertdb.c ] */
+
+typedef struct dnameNode {
+ struct dnameNode *next;
+ SECItem name;
+} dnameNode;
+
+void
+CERT_FreeDistNames(CERTDistNames *names)
+{
+ PORT_FreeArena(names->arena, PR_FALSE);
+
+ return;
+}
+
+static SECStatus
+CollectDistNames(CERTCertificate *cert, SECItem *k, void *data)
+{
+ CERTDistNames *names;
+ PRBool saveit = PR_FALSE;
+ CERTCertTrust trust;
+ dnameNode *node;
+ int len;
+
+ names = (CERTDistNames *)data;
+
+ if (CERT_GetCertTrust(cert, &trust) == SECSuccess) {
+ /* only collect names of CAs trusted for issuing SSL clients */
+ if (trust.sslFlags & CERTDB_TRUSTED_CLIENT_CA) {
+ saveit = PR_TRUE;
+ }
+ }
+
+ if (saveit) {
+ /* allocate the node */
+ node = (dnameNode *)PORT_ArenaAlloc(names->arena, sizeof(dnameNode));
+ if (node == NULL) {
+ return (SECFailure);
+ }
+
+ /* copy the name */
+ node->name.len = len = cert->derSubject.len;
+ node->name.type = siBuffer;
+ node->name.data = (unsigned char *)PORT_ArenaAlloc(names->arena, len);
+ if (node->name.data == NULL) {
+ return (SECFailure);
+ }
+ PORT_Memcpy(node->name.data, cert->derSubject.data, len);
+
+ /* link it into the list */
+ node->next = (dnameNode *)names->head;
+ names->head = (void *)node;
+
+ /* bump the count */
+ names->nnames++;
+ }
+
+ return (SECSuccess);
+}
+
+/*
+ * Return all of the CAs that are "trusted" for SSL.
+ */
+CERTDistNames *
+CERT_DupDistNames(CERTDistNames *orig)
+{
+ PLArenaPool *arena;
+ CERTDistNames *names;
+ int i;
+ SECStatus rv;
+
+ /* allocate an arena to use */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (NULL);
+ }
+
+ /* allocate the header structure */
+ names = (CERTDistNames *)PORT_ArenaAlloc(arena, sizeof(CERTDistNames));
+ if (names == NULL) {
+ goto loser;
+ }
+
+ /* initialize the header struct */
+ names->arena = arena;
+ names->head = NULL;
+ names->nnames = orig->nnames;
+ names->names = NULL;
+
+ /* construct the array from the list */
+ if (orig->nnames) {
+ names->names = (SECItem *)PORT_ArenaNewArray(arena, SECItem,
+ orig->nnames);
+ if (names->names == NULL) {
+ goto loser;
+ }
+ for (i = 0; i < orig->nnames; i++) {
+ rv = SECITEM_CopyItem(arena, &names->names[i], &orig->names[i]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ }
+ return (names);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (NULL);
+}
+
+CERTDistNames *
+CERT_GetSSLCACerts(CERTCertDBHandle *handle)
+{
+ PLArenaPool *arena;
+ CERTDistNames *names;
+ int i;
+ SECStatus rv;
+ dnameNode *node;
+
+ /* allocate an arena to use */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (NULL);
+ }
+
+ /* allocate the header structure */
+ names = (CERTDistNames *)PORT_ArenaAlloc(arena, sizeof(CERTDistNames));
+ if (names == NULL) {
+ goto loser;
+ }
+
+ /* initialize the header struct */
+ names->arena = arena;
+ names->head = NULL;
+ names->nnames = 0;
+ names->names = NULL;
+
+ /* collect the names from the database */
+ rv = PK11_TraverseSlotCerts(CollectDistNames, (void *)names, NULL);
+ if (rv) {
+ goto loser;
+ }
+
+ /* construct the array from the list */
+ if (names->nnames) {
+ names->names = (SECItem *)PORT_ArenaAlloc(arena, names->nnames * sizeof(SECItem));
+
+ if (names->names == NULL) {
+ goto loser;
+ }
+
+ node = (dnameNode *)names->head;
+
+ for (i = 0; i < names->nnames; i++) {
+ PORT_Assert(node != NULL);
+
+ names->names[i] = node->name;
+ node = node->next;
+ }
+
+ PORT_Assert(node == NULL);
+ }
+
+ return (names);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (NULL);
+}
+
+CERTDistNames *
+CERT_DistNamesFromCertList(CERTCertList *certList)
+{
+ CERTDistNames *dnames = NULL;
+ PLArenaPool *arena;
+ CERTCertListNode *node = NULL;
+ SECItem *names = NULL;
+ int listLen = 0, i = 0;
+
+ if (certList == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ node = CERT_LIST_HEAD(certList);
+ while (!CERT_LIST_END(node, certList)) {
+ listLen += 1;
+ node = CERT_LIST_NEXT(node);
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto loser;
+ dnames = PORT_ArenaZNew(arena, CERTDistNames);
+ if (dnames == NULL)
+ goto loser;
+
+ dnames->arena = arena;
+ dnames->nnames = listLen;
+ dnames->names = names = PORT_ArenaZNewArray(arena, SECItem, listLen);
+ if (names == NULL)
+ goto loser;
+
+ node = CERT_LIST_HEAD(certList);
+ while (!CERT_LIST_END(node, certList)) {
+ CERTCertificate *cert = node->cert;
+ SECStatus rv = SECITEM_CopyItem(arena, &names[i++], &cert->derSubject);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ node = CERT_LIST_NEXT(node);
+ }
+ return dnames;
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+CERTDistNames *
+CERT_DistNamesFromNicknames(CERTCertDBHandle *handle, char **nicknames,
+ int nnames)
+{
+ CERTDistNames *dnames = NULL;
+ PLArenaPool *arena;
+ int i, rv;
+ SECItem *names = NULL;
+ CERTCertificate *cert = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto loser;
+ dnames = PORT_ArenaZNew(arena, CERTDistNames);
+ if (dnames == NULL)
+ goto loser;
+
+ dnames->arena = arena;
+ dnames->nnames = nnames;
+ dnames->names = names = PORT_ArenaZNewArray(arena, SECItem, nnames);
+ if (names == NULL)
+ goto loser;
+
+ for (i = 0; i < nnames; i++) {
+ cert = CERT_FindCertByNicknameOrEmailAddr(handle, nicknames[i]);
+ if (cert == NULL)
+ goto loser;
+ rv = SECITEM_CopyItem(arena, &names[i], &cert->derSubject);
+ if (rv == SECFailure)
+ goto loser;
+ CERT_DestroyCertificate(cert);
+ }
+ return dnames;
+
+loser:
+ if (cert != NULL)
+ CERT_DestroyCertificate(cert);
+ if (arena != NULL)
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+/* [ from pcertdb.c - calls Ascii to Name ] */
+/*
+ * Lookup a certificate in the database by name
+ */
+CERTCertificate *
+CERT_FindCertByNameString(CERTCertDBHandle *handle, char *nameStr)
+{
+ CERTName *name;
+ SECItem *nameItem;
+ CERTCertificate *cert = NULL;
+ PLArenaPool *arena = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ name = CERT_AsciiToName(nameStr);
+
+ if (name) {
+ nameItem = SEC_ASN1EncodeItem(arena, NULL, (void *)name,
+ CERT_NameTemplate);
+ if (nameItem != NULL) {
+ cert = CERT_FindCertByName(handle, nameItem);
+ }
+ CERT_DestroyName(name);
+ }
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (cert);
+}
+
+/* From certv3.c */
+
+CERTCrlDistributionPoints *
+CERT_FindCRLDistributionPoints(CERTCertificate *cert)
+{
+ SECItem encodedExtenValue;
+ SECStatus rv;
+ CERTCrlDistributionPoints *dps;
+
+ encodedExtenValue.data = NULL;
+ encodedExtenValue.len = 0;
+
+ rv = cert_FindExtension(cert->extensions, SEC_OID_X509_CRL_DIST_POINTS,
+ &encodedExtenValue);
+ if (rv != SECSuccess) {
+ return (NULL);
+ }
+
+ dps = CERT_DecodeCRLDistributionPoints(cert->arena, &encodedExtenValue);
+
+ PORT_Free(encodedExtenValue.data);
+
+ return dps;
+}
+
+/* From crl.c */
+CERTSignedCrl *
+CERT_ImportCRL(CERTCertDBHandle *handle, SECItem *derCRL, char *url, int type, void *wincx)
+{
+ CERTSignedCrl *retCrl = NULL;
+ PK11SlotInfo *slot = PK11_GetInternalKeySlot();
+ retCrl = PK11_ImportCRL(slot, derCRL, url, type, wincx,
+ CRL_IMPORT_DEFAULT_OPTIONS, NULL, CRL_DECODE_DEFAULT_OPTIONS);
+ PK11_FreeSlot(slot);
+
+ return retCrl;
+}
+
+/* From certdb.c */
+static SECStatus
+cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool trusted)
+{
+ SECStatus rv;
+ SECItem *derCert;
+ CERTCertificate *cert = NULL;
+ CERTCertificate *newcert = NULL;
+ CERTCertDBHandle *handle;
+ CERTCertTrust trust;
+ PRBool isca;
+ char *nickname;
+ unsigned int certtype;
+
+ handle = CERT_GetDefaultCertDB();
+
+ while (numcerts--) {
+ derCert = certs;
+ certs++;
+
+ /* decode my certificate */
+ /* This use is ok -- only looks at decoded parts, calls NewTemp later */
+ newcert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
+ if (newcert == NULL) {
+ goto loser;
+ }
+
+ if (!trusted) {
+ /* make sure that cert is valid */
+ rv = CERT_CertTimesValid(newcert);
+ if (rv == SECFailure) {
+ goto endloop;
+ }
+ }
+
+ /* does it have the CA extension */
+
+ /*
+ * Make sure that if this is an intermediate CA in the chain that
+ * it was given permission by its signer to be a CA.
+ */
+ isca = CERT_IsCACert(newcert, &certtype);
+
+ if (!isca) {
+ if (!trusted) {
+ goto endloop;
+ }
+ trust.sslFlags = CERTDB_VALID_CA;
+ trust.emailFlags = CERTDB_VALID_CA;
+ trust.objectSigningFlags = CERTDB_VALID_CA;
+ } else {
+ /* SSL ca's must have the ssl bit set */
+ if ((certUsage == certUsageSSLCA) &&
+ ((certtype & NS_CERT_TYPE_SSL_CA) != NS_CERT_TYPE_SSL_CA)) {
+ goto endloop;
+ }
+
+ /* it passed all of the tests, so lets add it to the database */
+ /* mark it as a CA */
+ PORT_Memset((void *)&trust, 0, sizeof(trust));
+ switch (certUsage) {
+ case certUsageSSLCA:
+ trust.sslFlags = CERTDB_VALID_CA;
+ break;
+ case certUsageUserCertImport:
+ if ((certtype & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
+ trust.sslFlags = CERTDB_VALID_CA;
+ }
+ if ((certtype & NS_CERT_TYPE_EMAIL_CA) ==
+ NS_CERT_TYPE_EMAIL_CA) {
+ trust.emailFlags = CERTDB_VALID_CA;
+ }
+ if ((certtype & NS_CERT_TYPE_OBJECT_SIGNING_CA) ==
+ NS_CERT_TYPE_OBJECT_SIGNING_CA) {
+ trust.objectSigningFlags = CERTDB_VALID_CA;
+ }
+ break;
+ default:
+ PORT_Assert(0);
+ break;
+ }
+ }
+
+ cert = CERT_NewTempCertificate(handle, derCert, NULL,
+ PR_FALSE, PR_FALSE);
+ if (cert == NULL) {
+ goto loser;
+ }
+
+ /* if the cert is temp, make it perm; otherwise we're done */
+ if (cert->istemp) {
+ /* get a default nickname for it */
+ nickname = CERT_MakeCANickname(cert);
+
+ rv = CERT_AddTempCertToPerm(cert, nickname, &trust);
+
+ /* free the nickname */
+ if (nickname) {
+ PORT_Free(nickname);
+ }
+ } else {
+ rv = SECSuccess;
+ }
+
+ CERT_DestroyCertificate(cert);
+ cert = NULL;
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ endloop:
+ if (newcert) {
+ CERT_DestroyCertificate(newcert);
+ newcert = NULL;
+ }
+ }
+
+ rv = SECSuccess;
+ goto done;
+loser:
+ rv = SECFailure;
+done:
+
+ if (newcert) {
+ CERT_DestroyCertificate(newcert);
+ newcert = NULL;
+ }
+
+ if (cert) {
+ CERT_DestroyCertificate(cert);
+ cert = NULL;
+ }
+
+ return (rv);
+}
+
+SECStatus
+CERT_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage)
+{
+ return cert_ImportCAChain(certs, numcerts, certUsage, PR_FALSE);
+}
+
+SECStatus
+CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage)
+{
+ return cert_ImportCAChain(certs, numcerts, certUsage, PR_TRUE);
+}
+
+/* Moved from certdb.c */
+/*
+** CERT_CertChainFromCert
+**
+** Construct a CERTCertificateList consisting of the given certificate and all
+** of the issuer certs until we either get to a self-signed cert or can't find
+** an issuer. Since we don't know how many certs are in the chain we have to
+** build a linked list first as we count them.
+*/
+
+typedef struct certNode {
+ struct certNode *next;
+ CERTCertificate *cert;
+} certNode;
+
+CERTCertificateList *
+CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
+ PRBool includeRoot)
+{
+ CERTCertificateList *chain = NULL;
+ NSSCertificate **stanChain;
+ NSSCertificate *stanCert;
+ PLArenaPool *arena;
+ NSSUsage nssUsage;
+ int i, len;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSCryptoContext *cc = STAN_GetDefaultCryptoContext();
+
+ stanCert = STAN_GetNSSCertificate(cert);
+ if (!stanCert) {
+ /* error code is set */
+ return NULL;
+ }
+ nssUsage.anyUsage = PR_FALSE;
+ nssUsage.nss3usage = usage;
+ nssUsage.nss3lookingForCA = PR_FALSE;
+ stanChain = NSSCertificate_BuildChain(stanCert, NULL, &nssUsage, NULL, NULL,
+ CERT_MAX_CERT_CHAIN, NULL, NULL, td, cc);
+ if (!stanChain) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+ return NULL;
+ }
+
+ len = 0;
+ stanCert = stanChain[0];
+ while (stanCert) {
+ stanCert = stanChain[++len];
+ }
+
+ arena = PORT_NewArena(4096);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ chain = (CERTCertificateList *)PORT_ArenaAlloc(arena,
+ sizeof(CERTCertificateList));
+ if (!chain)
+ goto loser;
+ chain->certs = (SECItem *)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
+ if (!chain->certs)
+ goto loser;
+ i = 0;
+ stanCert = stanChain[i];
+ while (stanCert) {
+ SECItem derCert;
+ CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);
+ if (!cCert) {
+ goto loser;
+ }
+ derCert.len = (unsigned int)stanCert->encoding.size;
+ derCert.data = (unsigned char *)stanCert->encoding.data;
+ derCert.type = siBuffer;
+ SECITEM_CopyItem(arena, &chain->certs[i], &derCert);
+ stanCert = stanChain[++i];
+ if (!stanCert && !cCert->isRoot) {
+ /* reached the end of the chain, but the final cert is
+ * not a root. Don't discard it.
+ */
+ includeRoot = PR_TRUE;
+ }
+ CERT_DestroyCertificate(cCert);
+ }
+ if (!includeRoot && len > 1) {
+ chain->len = len - 1;
+ } else {
+ chain->len = len;
+ }
+
+ chain->arena = arena;
+ nss_ZFreeIf(stanChain);
+ return chain;
+loser:
+ i = 0;
+ stanCert = stanChain[i];
+ while (stanCert) {
+ CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);
+ if (cCert) {
+ CERT_DestroyCertificate(cCert);
+ }
+ stanCert = stanChain[++i];
+ }
+ nss_ZFreeIf(stanChain);
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+/* Builds a CERTCertificateList holding just one DER-encoded cert, namely
+** the one for the cert passed as an argument.
+*/
+CERTCertificateList *
+CERT_CertListFromCert(CERTCertificate *cert)
+{
+ CERTCertificateList *chain = NULL;
+ int rv;
+ PLArenaPool *arena;
+
+ /* arena for SecCertificateList */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto no_memory;
+
+ /* build the CERTCertificateList */
+ chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
+ if (chain == NULL)
+ goto no_memory;
+ chain->certs = (SECItem *)PORT_ArenaAlloc(arena, 1 * sizeof(SECItem));
+ if (chain->certs == NULL)
+ goto no_memory;
+ rv = SECITEM_CopyItem(arena, chain->certs, &(cert->derCert));
+ if (rv < 0)
+ goto loser;
+ chain->len = 1;
+ chain->arena = arena;
+
+ return chain;
+
+no_memory:
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+CERTCertificateList *
+CERT_DupCertList(const CERTCertificateList *oldList)
+{
+ CERTCertificateList *newList = NULL;
+ PLArenaPool *arena = NULL;
+ SECItem *newItem;
+ SECItem *oldItem;
+ int len = oldList->len;
+ int rv;
+
+ /* arena for SecCertificateList */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto no_memory;
+
+ /* now build the CERTCertificateList */
+ newList = PORT_ArenaNew(arena, CERTCertificateList);
+ if (newList == NULL)
+ goto no_memory;
+ newList->arena = arena;
+ newItem = (SECItem *)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
+ if (newItem == NULL)
+ goto no_memory;
+ newList->certs = newItem;
+ newList->len = len;
+
+ for (oldItem = oldList->certs; len > 0; --len, ++newItem, ++oldItem) {
+ rv = SECITEM_CopyItem(arena, newItem, oldItem);
+ if (rv < 0)
+ goto loser;
+ }
+ return newList;
+
+no_memory:
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+void
+CERT_DestroyCertificateList(CERTCertificateList *list)
+{
+ PORT_FreeArena(list->arena, PR_FALSE);
+}
diff --git a/security/nss/lib/certhigh/certhigh.gyp b/security/nss/lib/certhigh/certhigh.gyp
new file mode 100644
index 000000000..5817c3eb5
--- /dev/null
+++ b/security/nss/lib/certhigh/certhigh.gyp
@@ -0,0 +1,31 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'certhi',
+ 'type': 'static_library',
+ 'sources': [
+ 'certhigh.c',
+ 'certhtml.c',
+ 'certreq.c',
+ 'certvfy.c',
+ 'certvfypkix.c',
+ 'crlv2.c',
+ 'ocsp.c',
+ 'ocspsig.c',
+ 'xcrldist.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/certhigh/certhtml.c b/security/nss/lib/certhigh/certhtml.c
new file mode 100644
index 000000000..a522f6925
--- /dev/null
+++ b/security/nss/lib/certhigh/certhtml.c
@@ -0,0 +1,300 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * certhtml.c --- convert a cert to html
+ */
+
+#include "seccomon.h"
+#include "secitem.h"
+#include "sechash.h"
+#include "cert.h"
+#include "keyhi.h"
+#include "secder.h"
+#include "prprf.h"
+#include "secport.h"
+#include "secasn1.h"
+#include "pk11func.h"
+
+static char *hex = "0123456789ABCDEF";
+
+/*
+** Convert a der-encoded integer to a hex printable string form
+*/
+char *
+CERT_Hexify(SECItem *i, int do_colon)
+{
+ unsigned char *cp, *end;
+ char *rv, *o;
+
+ if (!i->len) {
+ return PORT_Strdup("00");
+ }
+
+ rv = o = (char *)PORT_Alloc(i->len * 3);
+ if (!rv)
+ return rv;
+
+ cp = i->data;
+ end = cp + i->len;
+ while (cp < end) {
+ unsigned char ch = *cp++;
+ *o++ = hex[(ch >> 4) & 0xf];
+ *o++ = hex[ch & 0xf];
+ if (cp != end) {
+ if (do_colon) {
+ *o++ = ':';
+ }
+ }
+ }
+ *o = 0; /* Null terminate the string */
+ return rv;
+}
+
+#define BREAK "<br>"
+#define BREAKLEN 4
+#define COMMA ", "
+#define COMMALEN 2
+
+#define MAX_OUS 20
+#define MAX_DC MAX_OUS
+
+char *
+CERT_FormatName(CERTName *name)
+{
+ CERTRDN **rdns;
+ CERTRDN *rdn;
+ CERTAVA **avas;
+ CERTAVA *ava;
+ char *buf = 0;
+ char *tmpbuf = 0;
+ SECItem *cn = 0;
+ SECItem *email = 0;
+ SECItem *org = 0;
+ SECItem *loc = 0;
+ SECItem *state = 0;
+ SECItem *country = 0;
+ SECItem *dq = 0;
+
+ unsigned len = 0;
+ int tag;
+ int i;
+ int ou_count = 0;
+ int dc_count = 0;
+ PRBool first;
+ SECItem *orgunit[MAX_OUS];
+ SECItem *dc[MAX_DC];
+
+ /* Loop over name components and gather the interesting ones */
+ rdns = name->rdns;
+ while ((rdn = *rdns++) != 0) {
+ avas = rdn->avas;
+ while ((ava = *avas++) != 0) {
+ tag = CERT_GetAVATag(ava);
+ switch (tag) {
+ case SEC_OID_AVA_COMMON_NAME:
+ if (cn) {
+ break;
+ }
+ cn = CERT_DecodeAVAValue(&ava->value);
+ if (!cn) {
+ goto loser;
+ }
+ len += cn->len;
+ break;
+ case SEC_OID_AVA_COUNTRY_NAME:
+ if (country) {
+ break;
+ }
+ country = CERT_DecodeAVAValue(&ava->value);
+ if (!country) {
+ goto loser;
+ }
+ len += country->len;
+ break;
+ case SEC_OID_AVA_LOCALITY:
+ if (loc) {
+ break;
+ }
+ loc = CERT_DecodeAVAValue(&ava->value);
+ if (!loc) {
+ goto loser;
+ }
+ len += loc->len;
+ break;
+ case SEC_OID_AVA_STATE_OR_PROVINCE:
+ if (state) {
+ break;
+ }
+ state = CERT_DecodeAVAValue(&ava->value);
+ if (!state) {
+ goto loser;
+ }
+ len += state->len;
+ break;
+ case SEC_OID_AVA_ORGANIZATION_NAME:
+ if (org) {
+ break;
+ }
+ org = CERT_DecodeAVAValue(&ava->value);
+ if (!org) {
+ goto loser;
+ }
+ len += org->len;
+ break;
+ case SEC_OID_AVA_DN_QUALIFIER:
+ if (dq) {
+ break;
+ }
+ dq = CERT_DecodeAVAValue(&ava->value);
+ if (!dq) {
+ goto loser;
+ }
+ len += dq->len;
+ break;
+ case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
+ if (ou_count < MAX_OUS) {
+ orgunit[ou_count] = CERT_DecodeAVAValue(&ava->value);
+ if (!orgunit[ou_count]) {
+ goto loser;
+ }
+ len += orgunit[ou_count++]->len;
+ }
+ break;
+ case SEC_OID_AVA_DC:
+ if (dc_count < MAX_DC) {
+ dc[dc_count] = CERT_DecodeAVAValue(&ava->value);
+ if (!dc[dc_count]) {
+ goto loser;
+ }
+ len += dc[dc_count++]->len;
+ }
+ break;
+ case SEC_OID_PKCS9_EMAIL_ADDRESS:
+ case SEC_OID_RFC1274_MAIL:
+ if (email) {
+ break;
+ }
+ email = CERT_DecodeAVAValue(&ava->value);
+ if (!email) {
+ goto loser;
+ }
+ len += email->len;
+ break;
+ default:
+ break;
+ }
+ }
+ }
+
+ /* XXX - add some for formatting */
+ len += 128;
+
+ /* allocate buffer */
+ buf = (char *)PORT_Alloc(len);
+ if (!buf) {
+ goto loser;
+ }
+
+ tmpbuf = buf;
+
+ if (cn) {
+ PORT_Memcpy(tmpbuf, cn->data, cn->len);
+ tmpbuf += cn->len;
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+ if (email) {
+ PORT_Memcpy(tmpbuf, email->data, email->len);
+ tmpbuf += (email->len);
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+ for (i = ou_count - 1; i >= 0; i--) {
+ PORT_Memcpy(tmpbuf, orgunit[i]->data, orgunit[i]->len);
+ tmpbuf += (orgunit[i]->len);
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+ if (dq) {
+ PORT_Memcpy(tmpbuf, dq->data, dq->len);
+ tmpbuf += (dq->len);
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+ if (org) {
+ PORT_Memcpy(tmpbuf, org->data, org->len);
+ tmpbuf += (org->len);
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+ for (i = dc_count - 1; i >= 0; i--) {
+ PORT_Memcpy(tmpbuf, dc[i]->data, dc[i]->len);
+ tmpbuf += (dc[i]->len);
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+ first = PR_TRUE;
+ if (loc) {
+ PORT_Memcpy(tmpbuf, loc->data, loc->len);
+ tmpbuf += (loc->len);
+ first = PR_FALSE;
+ }
+ if (state) {
+ if (!first) {
+ PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
+ tmpbuf += COMMALEN;
+ }
+ PORT_Memcpy(tmpbuf, state->data, state->len);
+ tmpbuf += (state->len);
+ first = PR_FALSE;
+ }
+ if (country) {
+ if (!first) {
+ PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
+ tmpbuf += COMMALEN;
+ }
+ PORT_Memcpy(tmpbuf, country->data, country->len);
+ tmpbuf += (country->len);
+ first = PR_FALSE;
+ }
+ if (!first) {
+ PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
+ tmpbuf += BREAKLEN;
+ }
+
+ *tmpbuf = 0;
+
+/* fall through and clean */
+loser:
+ if (cn) {
+ SECITEM_FreeItem(cn, PR_TRUE);
+ }
+ if (email) {
+ SECITEM_FreeItem(email, PR_TRUE);
+ }
+ for (i = ou_count - 1; i >= 0; i--) {
+ SECITEM_FreeItem(orgunit[i], PR_TRUE);
+ }
+ if (dq) {
+ SECITEM_FreeItem(dq, PR_TRUE);
+ }
+ if (org) {
+ SECITEM_FreeItem(org, PR_TRUE);
+ }
+ for (i = dc_count - 1; i >= 0; i--) {
+ SECITEM_FreeItem(dc[i], PR_TRUE);
+ }
+ if (loc) {
+ SECITEM_FreeItem(loc, PR_TRUE);
+ }
+ if (state) {
+ SECITEM_FreeItem(state, PR_TRUE);
+ }
+ if (country) {
+ SECITEM_FreeItem(country, PR_TRUE);
+ }
+
+ return (buf);
+}
diff --git a/security/nss/lib/certhigh/certreq.c b/security/nss/lib/certhigh/certreq.c
new file mode 100644
index 000000000..4087bc978
--- /dev/null
+++ b/security/nss/lib/certhigh/certreq.c
@@ -0,0 +1,331 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "certt.h"
+#include "secder.h"
+#include "key.h"
+#include "secitem.h"
+#include "secasn1.h"
+#include "secerr.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+
+const SEC_ASN1Template CERT_AttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTAttribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CERTAttribute, attrType) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(CERTAttribute, attrValue),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_SetOfAttributeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, CERT_AttributeTemplate },
+};
+
+const SEC_ASN1Template CERT_CertificateRequestTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTCertificateRequest) },
+ { SEC_ASN1_INTEGER,
+ offsetof(CERTCertificateRequest, version) },
+ { SEC_ASN1_INLINE,
+ offsetof(CERTCertificateRequest, subject),
+ CERT_NameTemplate },
+ { SEC_ASN1_INLINE,
+ offsetof(CERTCertificateRequest, subjectPublicKeyInfo),
+ CERT_SubjectPublicKeyInfoTemplate },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(CERTCertificateRequest, attributes),
+ CERT_SetOfAttributeTemplate },
+ { 0 }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateRequestTemplate)
+
+CERTCertificate *
+CERT_CreateCertificate(unsigned long serialNumber,
+ CERTName *issuer,
+ CERTValidity *validity,
+ CERTCertificateRequest *req)
+{
+ CERTCertificate *c;
+ int rv;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ return (0);
+ }
+
+ c = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
+
+ if (!c) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return 0;
+ }
+
+ c->referenceCount = 1;
+ c->arena = arena;
+
+ /*
+ * Default is a plain version 1.
+ * If extensions are added, it will get changed as appropriate.
+ */
+ rv = DER_SetUInteger(arena, &c->version, SEC_CERTIFICATE_VERSION_1);
+ if (rv)
+ goto loser;
+
+ rv = DER_SetUInteger(arena, &c->serialNumber, serialNumber);
+ if (rv)
+ goto loser;
+
+ rv = CERT_CopyName(arena, &c->issuer, issuer);
+ if (rv)
+ goto loser;
+
+ rv = CERT_CopyValidity(arena, &c->validity, validity);
+ if (rv)
+ goto loser;
+
+ rv = CERT_CopyName(arena, &c->subject, &req->subject);
+ if (rv)
+ goto loser;
+ rv = SECKEY_CopySubjectPublicKeyInfo(arena, &c->subjectPublicKeyInfo,
+ &req->subjectPublicKeyInfo);
+ if (rv)
+ goto loser;
+
+ return c;
+
+loser:
+ CERT_DestroyCertificate(c);
+ return 0;
+}
+
+/************************************************************************/
+/* It's clear from the comments that the original author of this
+ * function expected the template for certificate requests to treat
+ * the attributes as a SET OF ANY. This function expected to be
+ * passed an array of SECItems each of which contained an already encoded
+ * Attribute. But the cert request template does not treat the
+ * Attributes as a SET OF ANY, and AFAIK never has. Instead the template
+ * encodes attributes as a SET OF xxxxxxx. That is, it expects to encode
+ * each of the Attributes, not have them pre-encoded. Consequently an
+ * array of SECItems containing encoded Attributes is of no value to this
+ * function. But we cannot change the signature of this public function.
+ * It must continue to take SECItems.
+ *
+ * I have recoded this function so that each SECItem contains an
+ * encoded cert extension. The encoded cert extensions form the list for the
+ * single attribute of the cert request. In this implementation there is at most
+ * one attribute and it is always of type SEC_OID_PKCS9_EXTENSION_REQUEST.
+ */
+
+CERTCertificateRequest *
+CERT_CreateCertificateRequest(CERTName *subject,
+ CERTSubjectPublicKeyInfo *spki,
+ SECItem **attributes)
+{
+ CERTCertificateRequest *certreq;
+ PLArenaPool *arena;
+ CERTAttribute *attribute;
+ SECOidData *oidData;
+ SECStatus rv;
+ int i = 0;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ certreq = PORT_ArenaZNew(arena, CERTCertificateRequest);
+ if (!certreq) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ /* below here it is safe to goto loser */
+
+ certreq->arena = arena;
+
+ rv = DER_SetUInteger(arena, &certreq->version,
+ SEC_CERTIFICATE_REQUEST_VERSION);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = CERT_CopyName(arena, &certreq->subject, subject);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = SECKEY_CopySubjectPublicKeyInfo(arena,
+ &certreq->subjectPublicKeyInfo,
+ spki);
+ if (rv != SECSuccess)
+ goto loser;
+
+ certreq->attributes = PORT_ArenaZNewArray(arena, CERTAttribute *, 2);
+ if (!certreq->attributes)
+ goto loser;
+
+ /* Copy over attribute information */
+ if (!attributes || !attributes[0]) {
+ /*
+ ** Invent empty attribute information. According to the
+ ** pkcs#10 spec, attributes has this ASN.1 type:
+ **
+ ** attributes [0] IMPLICIT Attributes
+ **
+ ** Which means, we should create a NULL terminated list
+ ** with the first entry being NULL;
+ */
+ certreq->attributes[0] = NULL;
+ return certreq;
+ }
+
+ /* allocate space for attributes */
+ attribute = PORT_ArenaZNew(arena, CERTAttribute);
+ if (!attribute)
+ goto loser;
+
+ oidData = SECOID_FindOIDByTag(SEC_OID_PKCS9_EXTENSION_REQUEST);
+ PORT_Assert(oidData);
+ if (!oidData)
+ goto loser;
+ rv = SECITEM_CopyItem(arena, &attribute->attrType, &oidData->oid);
+ if (rv != SECSuccess)
+ goto loser;
+
+ for (i = 0; attributes[i] != NULL; i++)
+ ;
+ attribute->attrValue = PORT_ArenaZNewArray(arena, SECItem *, i + 1);
+ if (!attribute->attrValue)
+ goto loser;
+
+ /* copy attributes */
+ for (i = 0; attributes[i]; i++) {
+ /*
+ ** Attributes are a SetOf Attribute which implies
+ ** lexigraphical ordering. It is assumes that the
+ ** attributes are passed in sorted. If we need to
+ ** add functionality to sort them, there is an
+ ** example in the PKCS 7 code.
+ */
+ attribute->attrValue[i] = SECITEM_ArenaDupItem(arena, attributes[i]);
+ if (!attribute->attrValue[i])
+ goto loser;
+ }
+
+ certreq->attributes[0] = attribute;
+
+ return certreq;
+
+loser:
+ CERT_DestroyCertificateRequest(certreq);
+ return NULL;
+}
+
+void
+CERT_DestroyCertificateRequest(CERTCertificateRequest *req)
+{
+ if (req && req->arena) {
+ PORT_FreeArena(req->arena, PR_FALSE);
+ }
+ return;
+}
+
+static void
+setCRExt(void *o, CERTCertExtension **exts)
+{
+ ((CERTCertificateRequest *)o)->attributes = (struct CERTAttributeStr **)exts;
+}
+
+/*
+** Set up to start gathering cert extensions for a cert request.
+** The list is created as CertExtensions and converted to an
+** attribute list by CERT_FinishCRAttributes().
+ */
+extern void *cert_StartExtensions(void *owner, PLArenaPool *ownerArena,
+ void (*setExts)(void *object, CERTCertExtension **exts));
+void *
+CERT_StartCertificateRequestAttributes(CERTCertificateRequest *req)
+{
+ return (cert_StartExtensions((void *)req, req->arena, setCRExt));
+}
+
+/*
+** At entry req->attributes actually contains an list of cert extensions--
+** req-attributes is overloaded until the list is DER encoded (the first
+** ...EncodeItem() below).
+** We turn this into an attribute list by encapsulating it
+** in a PKCS 10 Attribute structure
+ */
+SECStatus
+CERT_FinishCertificateRequestAttributes(CERTCertificateRequest *req)
+{
+ SECItem *extlist;
+ SECOidData *oidrec;
+ CERTAttribute *attribute;
+
+ if (!req || !req->arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (req->attributes == NULL || req->attributes[0] == NULL)
+ return SECSuccess;
+
+ extlist = SEC_ASN1EncodeItem(req->arena, NULL, &req->attributes,
+ SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate));
+ if (extlist == NULL)
+ return (SECFailure);
+
+ oidrec = SECOID_FindOIDByTag(SEC_OID_PKCS9_EXTENSION_REQUEST);
+ if (oidrec == NULL)
+ return SECFailure;
+
+ /* now change the list of cert extensions into a list of attributes
+ */
+ req->attributes = PORT_ArenaZNewArray(req->arena, CERTAttribute *, 2);
+
+ attribute = PORT_ArenaZNew(req->arena, CERTAttribute);
+
+ if (req->attributes == NULL || attribute == NULL ||
+ SECITEM_CopyItem(req->arena, &attribute->attrType, &oidrec->oid) != 0) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ attribute->attrValue = PORT_ArenaZNewArray(req->arena, SECItem *, 2);
+
+ if (attribute->attrValue == NULL)
+ return SECFailure;
+
+ attribute->attrValue[0] = extlist;
+ attribute->attrValue[1] = NULL;
+ req->attributes[0] = attribute;
+ req->attributes[1] = NULL;
+
+ return SECSuccess;
+}
+
+SECStatus
+CERT_GetCertificateRequestExtensions(CERTCertificateRequest *req,
+ CERTCertExtension ***exts)
+{
+ if (req == NULL || exts == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (req->attributes == NULL || *req->attributes == NULL)
+ return SECSuccess;
+
+ if ((*req->attributes)->attrValue == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return (SEC_ASN1DecodeItem(req->arena, exts,
+ SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate),
+ (*req->attributes)->attrValue[0]));
+}
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
new file mode 100644
index 000000000..ccd38e660
--- /dev/null
+++ b/security/nss/lib/certhigh/certvfy.c
@@ -0,0 +1,2082 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "nspr.h"
+#include "secerr.h"
+#include "secport.h"
+#include "seccomon.h"
+#include "secoid.h"
+#include "genname.h"
+#include "keyhi.h"
+#include "cert.h"
+#include "certdb.h"
+#include "certi.h"
+#include "cryptohi.h"
+
+#ifndef NSS_DISABLE_LIBPKIX
+#include "pkix.h"
+#include "pkix_pl_cert.h"
+#else
+#include "nss.h"
+#endif /* NSS_DISABLE_LIBPKIX */
+
+#include "nsspki.h"
+#include "pkitm.h"
+#include "pkim.h"
+#include "pki3hack.h"
+#include "base.h"
+#include "keyhi.h"
+
+/*
+ * Check the validity times of a certificate
+ */
+SECStatus
+CERT_CertTimesValid(CERTCertificate *c)
+{
+ SECCertTimeValidity valid = CERT_CheckCertValidTimes(c, PR_Now(), PR_TRUE);
+ return (valid == secCertTimeValid) ? SECSuccess : SECFailure;
+}
+
+SECStatus
+checkKeyParams(const SECAlgorithmID *sigAlgorithm, const SECKEYPublicKey *key)
+{
+ SECStatus rv;
+ SECOidTag sigAlg;
+ SECOidTag curve;
+ PRUint32 policyFlags = 0;
+ PRInt32 minLen, len;
+
+ sigAlg = SECOID_GetAlgorithmTag(sigAlgorithm);
+
+ switch (sigAlg) {
+ case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+ if (key->keyType != ecKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ curve = SECKEY_GetECCOid(&key->u.ec.DEREncodedParams);
+ if (curve != 0) {
+ if (NSS_GetAlgorithmPolicy(curve, &policyFlags) == SECFailure ||
+ !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
+ PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+ return SECFailure;
+ } else {
+ return SECSuccess;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return SECFailure;
+ }
+ return SECSuccess;
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
+ case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
+ if (key->keyType != rsaKey && key->keyType != rsaPssKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ len = 8 * key->u.rsa.modulus.len;
+
+ rv = NSS_OptionGet(NSS_RSA_MIN_KEY_SIZE, &minLen);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (len < minLen) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ case SEC_OID_SDN702_DSA_SIGNATURE:
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST:
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST:
+ if (key->keyType != dsaKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ len = 8 * key->u.dsa.params.prime.len;
+
+ rv = NSS_OptionGet(NSS_DSA_MIN_KEY_SIZE, &minLen);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (len < minLen) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+ default:
+ return SECSuccess;
+ }
+}
+
+/*
+ * verify the signature of a signed data object with the given DER publickey
+ */
+SECStatus
+CERT_VerifySignedDataWithPublicKey(const CERTSignedData *sd,
+ SECKEYPublicKey *pubKey,
+ void *wincx)
+{
+ SECStatus rv;
+ SECItem sig;
+ SECOidTag hashAlg = SEC_OID_UNKNOWN;
+
+ if (!pubKey || !sd) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ /* check the signature */
+ sig = sd->signature;
+ /* convert sig->len from bit counts to byte count. */
+ DER_ConvertBitString(&sig);
+
+ rv = VFY_VerifyDataWithAlgorithmID(sd->data.data, sd->data.len, pubKey,
+ &sig, &sd->signatureAlgorithm, &hashAlg, wincx);
+ if (rv == SECSuccess) {
+ /* Are we honoring signatures for this algorithm? */
+ PRUint32 policyFlags = 0;
+ rv = checkKeyParams(&sd->signatureAlgorithm, pubKey);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+ return SECFailure;
+ }
+
+ rv = NSS_GetAlgorithmPolicy(hashAlg, &policyFlags);
+ if (rv == SECSuccess &&
+ !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
+ PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+ return SECFailure;
+ }
+ }
+ return rv;
+}
+
+/*
+ * verify the signature of a signed data object with the given DER publickey
+ */
+SECStatus
+CERT_VerifySignedDataWithPublicKeyInfo(CERTSignedData *sd,
+ CERTSubjectPublicKeyInfo *pubKeyInfo,
+ void *wincx)
+{
+ SECKEYPublicKey *pubKey;
+ SECStatus rv = SECFailure;
+
+ /* get cert's public key */
+ pubKey = SECKEY_ExtractPublicKey(pubKeyInfo);
+ if (pubKey) {
+ rv = CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);
+ SECKEY_DestroyPublicKey(pubKey);
+ }
+ return rv;
+}
+
+/*
+ * verify the signature of a signed data object with the given certificate
+ */
+SECStatus
+CERT_VerifySignedData(CERTSignedData *sd, CERTCertificate *cert,
+ PRTime t, void *wincx)
+{
+ SECKEYPublicKey *pubKey = 0;
+ SECStatus rv = SECFailure;
+ SECCertTimeValidity validity;
+
+ /* check the certificate's validity */
+ validity = CERT_CheckCertValidTimes(cert, t, PR_FALSE);
+ if (validity != secCertTimeValid) {
+ return rv;
+ }
+
+ /* get cert's public key */
+ pubKey = CERT_ExtractPublicKey(cert);
+ if (pubKey) {
+ rv = CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);
+ SECKEY_DestroyPublicKey(pubKey);
+ }
+ return rv;
+}
+
+SECStatus
+SEC_CheckCRL(CERTCertDBHandle *handle, CERTCertificate *cert,
+ CERTCertificate *caCert, PRTime t, void *wincx)
+{
+ return CERT_CheckCRL(cert, caCert, NULL, t, wincx);
+}
+
+/*
+ * Find the issuer of a cert. Use the authorityKeyID if it exists.
+ */
+CERTCertificate *
+CERT_FindCertIssuer(CERTCertificate *cert, PRTime validTime, SECCertUsage usage)
+{
+ NSSCertificate *me;
+ NSSTime *nssTime;
+ NSSTrustDomain *td;
+ NSSCryptoContext *cc;
+ NSSCertificate *chain[3];
+ NSSUsage nssUsage;
+ PRStatus status;
+
+ me = STAN_GetNSSCertificate(cert);
+ if (!me) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ nssTime = NSSTime_SetPRTime(NULL, validTime);
+ nssUsage.anyUsage = PR_FALSE;
+ nssUsage.nss3usage = usage;
+ nssUsage.nss3lookingForCA = PR_TRUE;
+ memset(chain, 0, 3 * sizeof(NSSCertificate *));
+ td = STAN_GetDefaultTrustDomain();
+ cc = STAN_GetDefaultCryptoContext();
+ (void)NSSCertificate_BuildChain(me, nssTime, &nssUsage, NULL,
+ chain, 2, NULL, &status, td, cc);
+ nss_ZFreeIf(nssTime);
+ if (status == PR_SUCCESS) {
+ PORT_Assert(me == chain[0]);
+ /* if it's a root, the chain will only have one cert */
+ if (!chain[1]) {
+ /* already has a reference from the call to BuildChain */
+ return cert;
+ }
+ NSSCertificate_Destroy(chain[0]); /* the first cert in the chain */
+ return STAN_GetCERTCertificate(chain[1]); /* return the 2nd */
+ }
+ if (chain[0]) {
+ PORT_Assert(me == chain[0]);
+ NSSCertificate_Destroy(chain[0]); /* the first cert in the chain */
+ }
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+ return NULL;
+}
+
+/*
+ * return required trust flags for various cert usages for CAs
+ */
+SECStatus
+CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
+ unsigned int *retFlags,
+ SECTrustType *retTrustType)
+{
+ unsigned int requiredFlags;
+ SECTrustType trustType;
+
+ switch (usage) {
+ case certUsageSSLClient:
+ requiredFlags = CERTDB_TRUSTED_CLIENT_CA;
+ trustType = trustSSL;
+ break;
+ case certUsageSSLServer:
+ case certUsageSSLCA:
+ requiredFlags = CERTDB_TRUSTED_CA;
+ trustType = trustSSL;
+ break;
+ case certUsageSSLServerWithStepUp:
+ requiredFlags = CERTDB_TRUSTED_CA | CERTDB_GOVT_APPROVED_CA;
+ trustType = trustSSL;
+ break;
+ case certUsageEmailSigner:
+ case certUsageEmailRecipient:
+ requiredFlags = CERTDB_TRUSTED_CA;
+ trustType = trustEmail;
+ break;
+ case certUsageObjectSigner:
+ requiredFlags = CERTDB_TRUSTED_CA;
+ trustType = trustObjectSigning;
+ break;
+ case certUsageVerifyCA:
+ case certUsageAnyCA:
+ case certUsageStatusResponder:
+ requiredFlags = CERTDB_TRUSTED_CA;
+ trustType = trustTypeNone;
+ break;
+ default:
+ PORT_Assert(0);
+ goto loser;
+ }
+ if (retFlags != NULL) {
+ *retFlags = requiredFlags;
+ }
+ if (retTrustType != NULL) {
+ *retTrustType = trustType;
+ }
+
+ return (SECSuccess);
+loser:
+ return (SECFailure);
+}
+
+void
+cert_AddToVerifyLog(CERTVerifyLog *log, CERTCertificate *cert, long error,
+ unsigned int depth, void *arg)
+{
+ CERTVerifyLogNode *node, *tnode;
+
+ PORT_Assert(log != NULL);
+
+ node = (CERTVerifyLogNode *)PORT_ArenaAlloc(log->arena,
+ sizeof(CERTVerifyLogNode));
+ if (node != NULL) {
+ node->cert = CERT_DupCertificate(cert);
+ node->error = error;
+ node->depth = depth;
+ node->arg = arg;
+
+ if (log->tail == NULL) {
+ /* empty list */
+ log->head = log->tail = node;
+ node->prev = NULL;
+ node->next = NULL;
+ } else if (depth >= log->tail->depth) {
+ /* add to tail */
+ node->prev = log->tail;
+ log->tail->next = node;
+ log->tail = node;
+ node->next = NULL;
+ } else if (depth < log->head->depth) {
+ /* add at head */
+ node->prev = NULL;
+ node->next = log->head;
+ log->head->prev = node;
+ log->head = node;
+ } else {
+ /* add in middle */
+ tnode = log->tail;
+ while (tnode != NULL) {
+ if (depth >= tnode->depth) {
+ /* insert after tnode */
+ node->prev = tnode;
+ node->next = tnode->next;
+ tnode->next->prev = node;
+ tnode->next = node;
+ break;
+ }
+
+ tnode = tnode->prev;
+ }
+ }
+
+ log->count++;
+ }
+ return;
+}
+
+#define EXIT_IF_NOT_LOGGING(log) \
+ if (log == NULL) { \
+ goto loser; \
+ }
+
+#define LOG_ERROR_OR_EXIT(log, cert, depth, arg) \
+ if (log != NULL) { \
+ cert_AddToVerifyLog(log, cert, PORT_GetError(), depth, \
+ (void *)(PRWord)arg); \
+ } else { \
+ goto loser; \
+ }
+
+#define LOG_ERROR(log, cert, depth, arg) \
+ if (log != NULL) { \
+ cert_AddToVerifyLog(log, cert, PORT_GetError(), depth, \
+ (void *)(PRWord)arg); \
+ }
+
+/* /C=CN/O=WoSign CA Limited/CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6
+ * Using a consistent naming convention, this would actually be called
+ * 'CA沃通根证书DN', but since GCC 6.2.1 apparently can't handle UTF-8
+ * identifiers, this will have to do.
+ */
+static const unsigned char CAWoSignRootDN[72] = {
+ 0x30, 0x46, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+ 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11,
+ 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D,
+ 0x69, 0x74, 0x65, 0x64, 0x31, 0x1B, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03,
+ 0x0C, 0x12, 0x43, 0x41, 0x20, 0xE6, 0xB2, 0x83, 0xE9, 0x80, 0x9A, 0xE6, 0xA0,
+ 0xB9, 0xE8, 0xAF, 0x81, 0xE4, 0xB9, 0xA6,
+};
+
+/* /C=CN/O=WoSign CA Limited/CN=CA WoSign ECC Root */
+static const unsigned char CAWoSignECCRootDN[72] = {
+ 0x30, 0x46, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+ 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11,
+ 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D,
+ 0x69, 0x74, 0x65, 0x64, 0x31, 0x1B, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x03,
+ 0x13, 0x12, 0x43, 0x41, 0x20, 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x45,
+ 0x43, 0x43, 0x20, 0x52, 0x6F, 0x6F, 0x74,
+};
+
+/* /C=CN/O=WoSign CA Limited/CN=Certification Authority of WoSign */
+static const unsigned char CertificationAuthorityofWoSignDN[87] = {
+ 0x30, 0x55, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+ 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11,
+ 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D,
+ 0x69, 0x74, 0x65, 0x64, 0x31, 0x2A, 0x30, 0x28, 0x06, 0x03, 0x55, 0x04, 0x03,
+ 0x13, 0x21, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
+ 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20,
+ 0x6F, 0x66, 0x20, 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E,
+};
+
+/* /C=CN/O=WoSign CA Limited/CN=Certification Authority of WoSign G2 */
+static const unsigned char CertificationAuthorityofWoSignG2DN[90] = {
+ 0x30, 0x58, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+ 0x43, 0x4E, 0x31, 0x1A, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x11,
+ 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x41, 0x20, 0x4C, 0x69, 0x6D,
+ 0x69, 0x74, 0x65, 0x64, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03,
+ 0x13, 0x24, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
+ 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20,
+ 0x6F, 0x66, 0x20, 0x57, 0x6F, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x47, 0x32,
+};
+
+/* /C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority */
+static const unsigned char StartComCertificationAuthorityDN[127] = {
+ 0x30, 0x7D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+ 0x49, 0x4C, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0D,
+ 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x4C, 0x74, 0x64, 0x2E,
+ 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x53, 0x65,
+ 0x63, 0x75, 0x72, 0x65, 0x20, 0x44, 0x69, 0x67, 0x69, 0x74, 0x61, 0x6C, 0x20,
+ 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x53,
+ 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67, 0x31, 0x29, 0x30, 0x27, 0x06, 0x03, 0x55,
+ 0x04, 0x03, 0x13, 0x20, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20,
+ 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E,
+ 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79,
+};
+
+/* /C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2 */
+static const unsigned char StartComCertificationAuthorityG2DN[85] = {
+ 0x30, 0x53, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+ 0x49, 0x4C, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0D,
+ 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x4C, 0x74, 0x64, 0x2E,
+ 0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x23, 0x53, 0x74,
+ 0x61, 0x72, 0x74, 0x43, 0x6F, 0x6D, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+ 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F,
+ 0x72, 0x69, 0x74, 0x79, 0x20, 0x47, 0x32,
+};
+
+struct DataAndLength {
+ const unsigned char *data;
+ PRUint32 len;
+};
+
+static const struct DataAndLength StartComAndWoSignDNs[] = {
+ { CAWoSignRootDN,
+ sizeof(CAWoSignRootDN) },
+ { CAWoSignECCRootDN,
+ sizeof(CAWoSignECCRootDN) },
+ { CertificationAuthorityofWoSignDN,
+ sizeof(CertificationAuthorityofWoSignDN) },
+ { CertificationAuthorityofWoSignG2DN,
+ sizeof(CertificationAuthorityofWoSignG2DN) },
+ { StartComCertificationAuthorityDN,
+ sizeof(StartComCertificationAuthorityDN) },
+ { StartComCertificationAuthorityG2DN,
+ sizeof(StartComCertificationAuthorityG2DN) },
+};
+
+static PRBool
+CertIsStartComOrWoSign(const CERTCertificate *cert)
+{
+ int i;
+ const struct DataAndLength *dn = StartComAndWoSignDNs;
+
+ for (i = 0; i < sizeof(StartComAndWoSignDNs) / sizeof(struct DataAndLength); ++i, dn++) {
+ if (cert->derSubject.len == dn->len &&
+ memcmp(cert->derSubject.data, dn->data, dn->len) == 0) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+SECStatus
+isIssuerCertAllowedAtCertIssuanceTime(CERTCertificate *issuerCert,
+ CERTCertificate *referenceCert)
+{
+ if (!issuerCert || !referenceCert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (CertIsStartComOrWoSign(issuerCert)) {
+ /* PRTime is microseconds since the epoch, whereas JS time is milliseconds.
+ * (new Date("2016-10-21T00:00:00Z")).getTime() * 1000
+ */
+ static const PRTime OCTOBER_21_2016 = 1477008000000000;
+
+ PRTime notBefore, notAfter;
+ SECStatus rv;
+
+ rv = CERT_GetCertTimes(referenceCert, &notBefore, &notAfter);
+ if (rv != SECSuccess)
+ return rv;
+
+ if (notBefore > OCTOBER_21_2016) {
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, PRBool *sigerror,
+ SECCertUsage certUsage, PRTime t, void *wincx,
+ CERTVerifyLog *log, PRBool *revoked)
+{
+ SECTrustType trustType;
+ CERTBasicConstraints basicConstraint;
+ CERTCertificate *issuerCert = NULL;
+ CERTCertificate *subjectCert = NULL;
+ CERTCertificate *badCert = NULL;
+ PRBool isca;
+ SECStatus rv;
+ SECStatus rvFinal = SECSuccess;
+ int count;
+ int currentPathLen = 0;
+ int pathLengthLimit = CERT_UNLIMITED_PATH_CONSTRAINT;
+ unsigned int caCertType;
+ unsigned int requiredCAKeyUsage;
+ unsigned int requiredFlags;
+ PLArenaPool *arena = NULL;
+ CERTGeneralName *namesList = NULL;
+ CERTCertificate **certsList = NULL;
+ int certsListLen = 16;
+ int namesCount = 0;
+ PRBool subjectCertIsSelfIssued;
+ CERTCertTrust issuerTrust;
+
+ if (revoked) {
+ *revoked = PR_FALSE;
+ }
+
+ if (CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_TRUE,
+ &requiredCAKeyUsage,
+ &caCertType) !=
+ SECSuccess) {
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredCAKeyUsage = 0;
+ caCertType = 0;
+ }
+
+ switch (certUsage) {
+ case certUsageSSLClient:
+ case certUsageSSLServer:
+ case certUsageSSLCA:
+ case certUsageSSLServerWithStepUp:
+ case certUsageEmailSigner:
+ case certUsageEmailRecipient:
+ case certUsageObjectSigner:
+ case certUsageVerifyCA:
+ case certUsageAnyCA:
+ case certUsageStatusResponder:
+ if (CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
+ &trustType) != SECSuccess) {
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ /* XXX continuing with requiredFlags = 0 seems wrong. It'll
+ * cause the following test to be true incorrectly:
+ * flags = SEC_GET_TRUST_FLAGS(issuerCert->trust, trustType);
+ * if (( flags & requiredFlags ) == requiredFlags) {
+ * rv = rvFinal;
+ * goto done;
+ * }
+ * There are three other instances of this problem.
+ */
+ requiredFlags = 0;
+ trustType = trustSSL;
+ }
+ break;
+ default:
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredFlags = 0;
+ trustType = trustSSL; /* This used to be 0, but we need something
+ * that matches the enumeration type.
+ */
+ caCertType = 0;
+ }
+
+ subjectCert = CERT_DupCertificate(cert);
+ if (subjectCert == NULL) {
+ goto loser;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ certsList = PORT_ZNewArray(CERTCertificate *, certsListLen);
+ if (certsList == NULL)
+ goto loser;
+
+ /* RFC 3280 says that the name constraints will apply to the names
+ ** in the leaf (EE) cert, whether it is self issued or not, so
+ ** we pretend that it is not.
+ */
+ subjectCertIsSelfIssued = PR_FALSE;
+ for (count = 0; count < CERT_MAX_CERT_CHAIN; count++) {
+ PRBool validCAOverride = PR_FALSE;
+
+ /* Construct a list of names for the current and all previous
+ * certifcates (except leaf (EE) certs, root CAs, and self-issued
+ * intermediate CAs) to be verified against the name constraints
+ * extension of the issuer certificate.
+ */
+ if (subjectCertIsSelfIssued == PR_FALSE) {
+ CERTGeneralName *subjectNameList;
+ int subjectNameListLen;
+ int i;
+ PRBool getSubjectCN = (!count && certUsage == certUsageSSLServer);
+ subjectNameList =
+ CERT_GetConstrainedCertificateNames(subjectCert, arena,
+ getSubjectCN);
+ if (!subjectNameList)
+ goto loser;
+ subjectNameListLen = CERT_GetNamesLength(subjectNameList);
+ if (!subjectNameListLen)
+ goto loser;
+ if (certsListLen <= namesCount + subjectNameListLen) {
+ CERTCertificate **tmpCertsList;
+ certsListLen = (namesCount + subjectNameListLen) * 2;
+ tmpCertsList =
+ (CERTCertificate **)PORT_Realloc(certsList,
+ certsListLen *
+ sizeof(CERTCertificate *));
+ if (tmpCertsList == NULL) {
+ goto loser;
+ }
+ certsList = tmpCertsList;
+ }
+ for (i = 0; i < subjectNameListLen; i++) {
+ certsList[namesCount + i] = subjectCert;
+ }
+ namesCount += subjectNameListLen;
+ namesList = cert_CombineNamesLists(namesList, subjectNameList);
+ }
+
+ /* check if the cert has an unsupported critical extension */
+ if (subjectCert->options.bits.hasUnsupportedCriticalExt) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
+ LOG_ERROR_OR_EXIT(log, subjectCert, count, 0);
+ }
+
+ /* find the certificate of the issuer */
+ issuerCert = CERT_FindCertIssuer(subjectCert, t, certUsage);
+ if (!issuerCert) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+ LOG_ERROR(log, subjectCert, count, 0);
+ goto loser;
+ }
+
+ /* verify the signature on the cert */
+ if (checkSig) {
+ rv = CERT_VerifySignedData(&subjectCert->signatureWrap,
+ issuerCert, t, wincx);
+
+ if (rv != SECSuccess) {
+ if (sigerror) {
+ *sigerror = PR_TRUE;
+ }
+ if (PORT_GetError() == SEC_ERROR_EXPIRED_CERTIFICATE) {
+ PORT_SetError(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, 0);
+ } else {
+ if (PORT_GetError() !=
+ SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ }
+ LOG_ERROR_OR_EXIT(log, subjectCert, count, 0);
+ }
+ }
+ }
+
+ /* If the basicConstraint extension is included in an immediate CA
+ * certificate, make sure that the isCA flag is on. If the
+ * pathLenConstraint component exists, it must be greater than the
+ * number of CA certificates we have seen so far. If the extension
+ * is omitted, we will assume that this is a CA certificate with
+ * an unlimited pathLenConstraint (since it already passes the
+ * netscape-cert-type extension checking).
+ */
+
+ rv = CERT_FindBasicConstraintExten(issuerCert, &basicConstraint);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, 0);
+ }
+ pathLengthLimit = CERT_UNLIMITED_PATH_CONSTRAINT;
+ /* no basic constraints found, we aren't (yet) a CA. */
+ isca = PR_FALSE;
+ } else {
+ if (basicConstraint.isCA == PR_FALSE) {
+ PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, 0);
+ }
+ pathLengthLimit = basicConstraint.pathLenConstraint;
+ isca = PR_TRUE;
+ }
+ /* make sure that the path len constraint is properly set.*/
+ if (pathLengthLimit >= 0 && currentPathLen > pathLengthLimit) {
+ PORT_SetError(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, pathLengthLimit);
+ }
+
+ /* make sure that the entire chain is within the name space of the
+ * current issuer certificate.
+ */
+ rv = CERT_CompareNameSpace(issuerCert, namesList, certsList,
+ arena, &badCert);
+ if (rv != SECSuccess || badCert != NULL) {
+ PORT_SetError(SEC_ERROR_CERT_NOT_IN_NAME_SPACE);
+ LOG_ERROR_OR_EXIT(log, badCert, count + 1, 0);
+ goto loser;
+ }
+
+ rv = isIssuerCertAllowedAtCertIssuanceTime(issuerCert, cert);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
+ LOG_ERROR(log, issuerCert, count + 1, 0);
+ goto loser;
+ }
+
+ /* XXX - the error logging may need to go down into CRL stuff at some
+ * point
+ */
+ /* check revoked list (issuer) */
+ rv = SEC_CheckCRL(handle, subjectCert, issuerCert, t, wincx);
+ if (rv == SECFailure) {
+ if (revoked) {
+ *revoked = PR_TRUE;
+ }
+ LOG_ERROR_OR_EXIT(log, subjectCert, count, 0);
+ } else if (rv == SECWouldBlock) {
+ /* We found something fishy, so we intend to issue an
+ * error to the user, but the user may wish to continue
+ * processing, in which case we better make sure nothing
+ * worse has happened... so keep cranking the loop */
+ rvFinal = SECFailure;
+ if (revoked) {
+ *revoked = PR_TRUE;
+ }
+ LOG_ERROR(log, subjectCert, count, 0);
+ }
+
+ if (CERT_GetCertTrust(issuerCert, &issuerTrust) == SECSuccess) {
+ /* we have some trust info, but this does NOT imply that this
+ * cert is actually trusted for any purpose. The cert may be
+ * explicitly UNtrusted. We won't know until we examine the
+ * trust bits.
+ */
+ unsigned int flags;
+
+ if (certUsage != certUsageAnyCA &&
+ certUsage != certUsageStatusResponder) {
+
+ /*
+ * XXX This choice of trustType seems arbitrary.
+ */
+ if (certUsage == certUsageVerifyCA) {
+ if (subjectCert->nsCertType & NS_CERT_TYPE_EMAIL_CA) {
+ trustType = trustEmail;
+ } else if (subjectCert->nsCertType & NS_CERT_TYPE_SSL_CA) {
+ trustType = trustSSL;
+ } else {
+ trustType = trustObjectSigning;
+ }
+ }
+
+ flags = SEC_GET_TRUST_FLAGS(&issuerTrust, trustType);
+ if ((flags & requiredFlags) == requiredFlags) {
+ /* we found a trusted one, so return */
+ rv = rvFinal;
+ goto done;
+ }
+ if (flags & CERTDB_VALID_CA) {
+ validCAOverride = PR_TRUE;
+ }
+ /* is it explicitly distrusted? */
+ if ((flags & CERTDB_TERMINAL_RECORD) &&
+ ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0)) {
+ /* untrusted -- the cert is explicitly untrusted, not
+ * just that it doesn't chain to a trusted cert */
+ PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, flags);
+ }
+ } else {
+ /* Check if we have any valid trust when cheching for
+ * certUsageAnyCA or certUsageStatusResponder. */
+ for (trustType = trustSSL; trustType < trustTypeNone;
+ trustType++) {
+ flags = SEC_GET_TRUST_FLAGS(&issuerTrust, trustType);
+ if ((flags & requiredFlags) == requiredFlags) {
+ rv = rvFinal;
+ goto done;
+ }
+ if (flags & CERTDB_VALID_CA)
+ validCAOverride = PR_TRUE;
+ }
+ /* We have 2 separate loops because we want any single trust
+ * bit to allow this usage to return trusted. Only if none of
+ * the trust bits are on do we check to see if the cert is
+ * untrusted */
+ for (trustType = trustSSL; trustType < trustTypeNone;
+ trustType++) {
+ flags = SEC_GET_TRUST_FLAGS(&issuerTrust, trustType);
+ /* is it explicitly distrusted? */
+ if ((flags & CERTDB_TERMINAL_RECORD) &&
+ ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0)) {
+ /* untrusted -- the cert is explicitly untrusted, not
+ * just that it doesn't chain to a trusted cert */
+ PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, flags);
+ }
+ }
+ }
+ }
+
+ if (!validCAOverride) {
+ /*
+ * Make sure that if this is an intermediate CA in the chain that
+ * it was given permission by its signer to be a CA.
+ */
+ /*
+ * if basicConstraints says it is a ca, then we check the
+ * nsCertType. If the nsCertType has any CA bits set, then
+ * it must have the right one.
+ */
+ if (!isca || (issuerCert->nsCertType & NS_CERT_TYPE_CA)) {
+ isca = (issuerCert->nsCertType & caCertType) ? PR_TRUE : PR_FALSE;
+ }
+
+ if (!isca) {
+ PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, 0);
+ }
+
+ /* make sure key usage allows cert signing */
+ if (CERT_CheckKeyUsage(issuerCert, requiredCAKeyUsage) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
+ LOG_ERROR_OR_EXIT(log, issuerCert, count + 1, requiredCAKeyUsage);
+ }
+ }
+
+ /* make sure that the issuer is not self signed. If it is, then
+ * stop here to prevent looping.
+ */
+ if (issuerCert->isRoot) {
+ PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
+ LOG_ERROR(log, issuerCert, count + 1, 0);
+ goto loser;
+ }
+ /* The issuer cert will be the subject cert in the next loop.
+ * A cert is self-issued if its subject and issuer are equal and
+ * both are of non-zero length.
+ */
+ subjectCertIsSelfIssued = (PRBool)
+ SECITEM_ItemsAreEqual(&issuerCert->derIssuer,
+ &issuerCert->derSubject) &&
+ issuerCert->derSubject.len >
+ 0;
+ if (subjectCertIsSelfIssued == PR_FALSE) {
+ /* RFC 3280 says only non-self-issued intermediate CA certs
+ * count in path length.
+ */
+ ++currentPathLen;
+ }
+
+ CERT_DestroyCertificate(subjectCert);
+ subjectCert = issuerCert;
+ issuerCert = NULL;
+ }
+
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+ LOG_ERROR(log, subjectCert, count, 0);
+loser:
+ rv = SECFailure;
+done:
+ if (certsList != NULL) {
+ PORT_Free(certsList);
+ }
+ if (issuerCert) {
+ CERT_DestroyCertificate(issuerCert);
+ }
+
+ if (subjectCert) {
+ CERT_DestroyCertificate(subjectCert);
+ }
+
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+SECStatus
+cert_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, PRBool *sigerror,
+ SECCertUsage certUsage, PRTime t, void *wincx,
+ CERTVerifyLog *log, PRBool *revoked)
+{
+ if (CERT_GetUsePKIXForValidation()) {
+ return cert_VerifyCertChainPkix(cert, checkSig, certUsage, t,
+ wincx, log, sigerror, revoked);
+ }
+ return cert_VerifyCertChainOld(handle, cert, checkSig, sigerror,
+ certUsage, t, wincx, log, revoked);
+}
+
+SECStatus
+CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertUsage certUsage, PRTime t,
+ void *wincx, CERTVerifyLog *log)
+{
+ return cert_VerifyCertChain(handle, cert, checkSig, NULL, certUsage, t,
+ wincx, log, NULL);
+}
+
+/*
+ * verify that a CA can sign a certificate with the requested usage.
+ */
+SECStatus
+CERT_VerifyCACertForUsage(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertUsage certUsage, PRTime t,
+ void *wincx, CERTVerifyLog *log)
+{
+ SECTrustType trustType;
+ CERTBasicConstraints basicConstraint;
+ PRBool isca;
+ PRBool validCAOverride = PR_FALSE;
+ SECStatus rv;
+ SECStatus rvFinal = SECSuccess;
+ unsigned int flags;
+ unsigned int caCertType;
+ unsigned int requiredCAKeyUsage;
+ unsigned int requiredFlags;
+ CERTCertificate *issuerCert;
+ CERTCertTrust certTrust;
+
+ if (CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_TRUE,
+ &requiredCAKeyUsage,
+ &caCertType) != SECSuccess) {
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredCAKeyUsage = 0;
+ caCertType = 0;
+ }
+
+ switch (certUsage) {
+ case certUsageSSLClient:
+ case certUsageSSLServer:
+ case certUsageSSLCA:
+ case certUsageSSLServerWithStepUp:
+ case certUsageEmailSigner:
+ case certUsageEmailRecipient:
+ case certUsageObjectSigner:
+ case certUsageVerifyCA:
+ case certUsageStatusResponder:
+ if (CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
+ &trustType) != SECSuccess) {
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredFlags = 0;
+ trustType = trustSSL;
+ }
+ break;
+ default:
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredFlags = 0;
+ trustType = trustSSL; /* This used to be 0, but we need something
+ * that matches the enumeration type.
+ */
+ caCertType = 0;
+ }
+
+ /* If the basicConstraint extension is included in an intermmediate CA
+ * certificate, make sure that the isCA flag is on. If the
+ * pathLenConstraint component exists, it must be greater than the
+ * number of CA certificates we have seen so far. If the extension
+ * is omitted, we will assume that this is a CA certificate with
+ * an unlimited pathLenConstraint (since it already passes the
+ * netscape-cert-type extension checking).
+ */
+
+ rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
+ LOG_ERROR_OR_EXIT(log, cert, 0, 0);
+ }
+ /* no basic constraints found, we aren't (yet) a CA. */
+ isca = PR_FALSE;
+ } else {
+ if (basicConstraint.isCA == PR_FALSE) {
+ PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
+ LOG_ERROR_OR_EXIT(log, cert, 0, 0);
+ }
+
+ /* can't check path length if we don't know the previous path */
+ isca = PR_TRUE;
+ }
+
+ if (CERT_GetCertTrust(cert, &certTrust) == SECSuccess) {
+ /* we have some trust info, but this does NOT imply that this
+ * cert is actually trusted for any purpose. The cert may be
+ * explicitly UNtrusted. We won't know until we examine the
+ * trust bits.
+ */
+ if (certUsage == certUsageStatusResponder) {
+ /* Check the special case of certUsageStatusResponder */
+ issuerCert = CERT_FindCertIssuer(cert, t, certUsage);
+ if (issuerCert) {
+ if (SEC_CheckCRL(handle, cert, issuerCert, t, wincx) !=
+ SECSuccess) {
+ PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
+ CERT_DestroyCertificate(issuerCert);
+ goto loser;
+ }
+ CERT_DestroyCertificate(issuerCert);
+ }
+ /* XXX We have NOT determined that this cert is trusted.
+ * For years, NSS has treated this as trusted,
+ * but it seems incorrect.
+ */
+ rv = rvFinal;
+ goto done;
+ }
+
+ /*
+ * check the trust params of the issuer
+ */
+ flags = SEC_GET_TRUST_FLAGS(&certTrust, trustType);
+ if ((flags & requiredFlags) == requiredFlags) {
+ /* we found a trusted one, so return */
+ rv = rvFinal;
+ goto done;
+ }
+ if (flags & CERTDB_VALID_CA) {
+ validCAOverride = PR_TRUE;
+ }
+ /* is it explicitly distrusted? */
+ if ((flags & CERTDB_TERMINAL_RECORD) &&
+ ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0)) {
+ /* untrusted -- the cert is explicitly untrusted, not
+ * just that it doesn't chain to a trusted cert */
+ PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
+ LOG_ERROR_OR_EXIT(log, cert, 0, flags);
+ }
+ }
+ if (!validCAOverride) {
+ /*
+ * Make sure that if this is an intermediate CA in the chain that
+ * it was given permission by its signer to be a CA.
+ */
+ /*
+ * if basicConstraints says it is a ca, then we check the
+ * nsCertType. If the nsCertType has any CA bits set, then
+ * it must have the right one.
+ */
+ if (!isca || (cert->nsCertType & NS_CERT_TYPE_CA)) {
+ isca = (cert->nsCertType & caCertType) ? PR_TRUE : PR_FALSE;
+ }
+
+ if (!isca) {
+ PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
+ LOG_ERROR_OR_EXIT(log, cert, 0, 0);
+ }
+
+ /* make sure key usage allows cert signing */
+ if (CERT_CheckKeyUsage(cert, requiredCAKeyUsage) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
+ LOG_ERROR_OR_EXIT(log, cert, 0, requiredCAKeyUsage);
+ }
+ }
+ /* make sure that the issuer is not self signed. If it is, then
+ * stop here to prevent looping.
+ */
+ if (cert->isRoot) {
+ PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
+ LOG_ERROR(log, cert, 0, 0);
+ goto loser;
+ }
+
+ return CERT_VerifyCertChain(handle, cert, checkSig, certUsage, t,
+ wincx, log);
+loser:
+ rv = SECFailure;
+done:
+ return rv;
+}
+
+#define NEXT_USAGE() \
+ { \
+ i *= 2; \
+ certUsage++; \
+ continue; \
+ }
+
+#define VALID_USAGE() \
+ { \
+ NEXT_USAGE(); \
+ }
+
+#define INVALID_USAGE() \
+ { \
+ if (returnedUsages) { \
+ *returnedUsages &= (~i); \
+ } \
+ if (PR_TRUE == requiredUsage) { \
+ valid = SECFailure; \
+ } \
+ NEXT_USAGE(); \
+ }
+
+/*
+ * check the leaf cert against trust and usage.
+ * returns success if the cert is not distrusted. If the cert is
+ * trusted, then the trusted bool will be true.
+ * returns failure if the cert is distrusted. If failure, flags
+ * will return the flag bits that indicated distrust.
+ */
+SECStatus
+cert_CheckLeafTrust(CERTCertificate *cert, SECCertUsage certUsage,
+ unsigned int *failedFlags, PRBool *trusted)
+{
+ unsigned int flags;
+ CERTCertTrust trust;
+
+ *failedFlags = 0;
+ *trusted = PR_FALSE;
+
+ /* check trust flags to see if this cert is directly trusted */
+ if (CERT_GetCertTrust(cert, &trust) == SECSuccess) {
+ switch (certUsage) {
+ case certUsageSSLClient:
+ case certUsageSSLServer:
+ flags = trust.sslFlags;
+
+ /* is the cert directly trusted or not trusted ? */
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if (flags & CERTDB_TRUSTED) { /* trust this cert */
+ *trusted = PR_TRUE;
+ return SECSuccess;
+ } else { /* don't trust this cert */
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ break;
+ case certUsageSSLServerWithStepUp:
+ /* XXX - step up certs can't be directly trusted, only distrust */
+ flags = trust.sslFlags;
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if ((flags & CERTDB_TRUSTED) == 0) {
+ /* don't trust this cert */
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ break;
+ case certUsageSSLCA:
+ flags = trust.sslFlags;
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0) {
+ /* don't trust this cert */
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ break;
+ case certUsageEmailSigner:
+ case certUsageEmailRecipient:
+ flags = trust.emailFlags;
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if (flags & CERTDB_TRUSTED) { /* trust this cert */
+ *trusted = PR_TRUE;
+ return SECSuccess;
+ } else { /* don't trust this cert */
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+
+ break;
+ case certUsageObjectSigner:
+ flags = trust.objectSigningFlags;
+
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if (flags & CERTDB_TRUSTED) { /* trust this cert */
+ *trusted = PR_TRUE;
+ return SECSuccess;
+ } else { /* don't trust this cert */
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ break;
+ case certUsageVerifyCA:
+ case certUsageStatusResponder:
+ flags = trust.sslFlags;
+ /* is the cert directly trusted or not trusted ? */
+ if ((flags & (CERTDB_VALID_CA | CERTDB_TRUSTED_CA)) ==
+ (CERTDB_VALID_CA | CERTDB_TRUSTED_CA)) {
+ *trusted = PR_TRUE;
+ return SECSuccess;
+ }
+ flags = trust.emailFlags;
+ /* is the cert directly trusted or not trusted ? */
+ if ((flags & (CERTDB_VALID_CA | CERTDB_TRUSTED_CA)) ==
+ (CERTDB_VALID_CA | CERTDB_TRUSTED_CA)) {
+ *trusted = PR_TRUE;
+ return SECSuccess;
+ }
+ flags = trust.objectSigningFlags;
+ /* is the cert directly trusted or not trusted ? */
+ if ((flags & (CERTDB_VALID_CA | CERTDB_TRUSTED_CA)) ==
+ (CERTDB_VALID_CA | CERTDB_TRUSTED_CA)) {
+ *trusted = PR_TRUE;
+ return SECSuccess;
+ }
+ /* fall through to test distrust */
+ case certUsageAnyCA:
+ case certUsageUserCertImport:
+ /* do we distrust these certs explicitly */
+ flags = trust.sslFlags;
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0) {
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ flags = trust.emailFlags;
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0) {
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ /* fall through */
+ case certUsageProtectedObjectSigner:
+ flags = trust.objectSigningFlags;
+ if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
+ * authoritative */
+ if ((flags & (CERTDB_TRUSTED | CERTDB_TRUSTED_CA)) == 0) {
+ *failedFlags = flags;
+ return SECFailure;
+ }
+ }
+ break;
+ }
+ }
+ return SECSuccess;
+}
+
+/*
+ * verify a certificate by checking if it's valid and that we
+ * trust the issuer.
+ *
+ * certificateUsage contains a bitfield of all cert usages that are
+ * required for verification to succeed
+ *
+ * a bitfield of cert usages is returned in *returnedUsages
+ * if requiredUsages is non-zero, the returned bitmap is only
+ * for those required usages, otherwise it is for all usages
+ *
+ */
+SECStatus
+CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertificateUsage requiredUsages, PRTime t,
+ void *wincx, CERTVerifyLog *log, SECCertificateUsage *returnedUsages)
+{
+ SECStatus rv;
+ SECStatus valid;
+ unsigned int requiredKeyUsage;
+ unsigned int requiredCertType;
+ unsigned int flags;
+ unsigned int certType;
+ PRBool allowOverride;
+ SECCertTimeValidity validity;
+ CERTStatusConfig *statusConfig;
+ PRInt32 i;
+ SECCertUsage certUsage = 0;
+ PRBool checkedOCSP = PR_FALSE;
+ PRBool checkAllUsages = PR_FALSE;
+ PRBool revoked = PR_FALSE;
+ PRBool sigerror = PR_FALSE;
+ PRBool trusted = PR_FALSE;
+
+ if (!requiredUsages) {
+ /* there are no required usages, so the user probably wants to
+ get status for all usages */
+ checkAllUsages = PR_TRUE;
+ }
+
+ if (returnedUsages) {
+ *returnedUsages = 0;
+ } else {
+ /* we don't have a place to return status for all usages,
+ so we can skip checks for usages that aren't required */
+ checkAllUsages = PR_FALSE;
+ }
+ valid = SECSuccess; /* start off assuming cert is valid */
+
+ /* make sure that the cert is valid at time t */
+ allowOverride = (PRBool)((requiredUsages & certificateUsageSSLServer) ||
+ (requiredUsages & certificateUsageSSLServerWithStepUp));
+ validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
+ if (validity != secCertTimeValid) {
+ valid = SECFailure;
+ LOG_ERROR_OR_EXIT(log, cert, 0, validity);
+ }
+
+ /* check key usage and netscape cert type */
+ cert_GetCertType(cert);
+ certType = cert->nsCertType;
+
+ for (i = 1; i <= certificateUsageHighest &&
+ (SECSuccess == valid || returnedUsages || log);) {
+ PRBool requiredUsage = (i & requiredUsages) ? PR_TRUE : PR_FALSE;
+ if (PR_FALSE == requiredUsage && PR_FALSE == checkAllUsages) {
+ NEXT_USAGE();
+ }
+ if (returnedUsages) {
+ *returnedUsages |= i; /* start off assuming this usage is valid */
+ }
+ switch (certUsage) {
+ case certUsageSSLClient:
+ case certUsageSSLServer:
+ case certUsageSSLServerWithStepUp:
+ case certUsageSSLCA:
+ case certUsageEmailSigner:
+ case certUsageEmailRecipient:
+ case certUsageObjectSigner:
+ case certUsageStatusResponder:
+ rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
+ &requiredKeyUsage,
+ &requiredCertType);
+ if (rv != SECSuccess) {
+ PORT_Assert(0);
+ /* EXIT_IF_NOT_LOGGING(log); XXX ??? */
+ requiredKeyUsage = 0;
+ requiredCertType = 0;
+ INVALID_USAGE();
+ }
+ break;
+
+ case certUsageAnyCA:
+ case certUsageProtectedObjectSigner:
+ case certUsageUserCertImport:
+ case certUsageVerifyCA:
+ /* these usages cannot be verified */
+ NEXT_USAGE();
+
+ default:
+ PORT_Assert(0);
+ requiredKeyUsage = 0;
+ requiredCertType = 0;
+ INVALID_USAGE();
+ }
+ if (CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess) {
+ if (PR_TRUE == requiredUsage) {
+ PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
+ }
+ LOG_ERROR(log, cert, 0, requiredKeyUsage);
+ INVALID_USAGE();
+ }
+ if (!(certType & requiredCertType)) {
+ if (PR_TRUE == requiredUsage) {
+ PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
+ }
+ LOG_ERROR(log, cert, 0, requiredCertType);
+ INVALID_USAGE();
+ }
+
+ rv = cert_CheckLeafTrust(cert, certUsage, &flags, &trusted);
+ if (rv == SECFailure) {
+ if (PR_TRUE == requiredUsage) {
+ PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
+ }
+ LOG_ERROR(log, cert, 0, flags);
+ INVALID_USAGE();
+ } else if (trusted) {
+ VALID_USAGE();
+ }
+
+ if (PR_TRUE == revoked || PR_TRUE == sigerror) {
+ INVALID_USAGE();
+ }
+
+ rv = cert_VerifyCertChain(handle, cert,
+ checkSig, &sigerror,
+ certUsage, t, wincx, log,
+ &revoked);
+
+ if (rv != SECSuccess) {
+ /* EXIT_IF_NOT_LOGGING(log); XXX ???? */
+ INVALID_USAGE();
+ }
+
+ /*
+ * Check OCSP revocation status, but only if the cert we are checking
+ * is not a status responder itself. We only do this in the case
+ * where we checked the cert chain (above); explicit trust "wins"
+ * (avoids status checking, just as it avoids CRL checking) by
+ * bypassing this code.
+ */
+
+ if (PR_FALSE == checkedOCSP) {
+ checkedOCSP = PR_TRUE; /* only check OCSP once */
+ statusConfig = CERT_GetStatusConfig(handle);
+ if (requiredUsages != certificateUsageStatusResponder &&
+ statusConfig != NULL) {
+ if (statusConfig->statusChecker != NULL) {
+ rv = (*statusConfig->statusChecker)(handle, cert,
+ t, wincx);
+ if (rv != SECSuccess) {
+ LOG_ERROR(log, cert, 0, 0);
+ revoked = PR_TRUE;
+ INVALID_USAGE();
+ }
+ }
+ }
+ }
+
+ NEXT_USAGE();
+ }
+
+loser:
+ return (valid);
+}
+
+SECStatus
+CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertUsage certUsage, PRTime t,
+ void *wincx, CERTVerifyLog *log)
+{
+ return cert_VerifyCertWithFlags(handle, cert, checkSig, certUsage, t,
+ CERT_VERIFYCERT_USE_DEFAULTS, wincx, log);
+}
+
+SECStatus
+cert_VerifyCertWithFlags(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertUsage certUsage, PRTime t,
+ PRUint32 flags, void *wincx, CERTVerifyLog *log)
+{
+ SECStatus rv;
+ unsigned int requiredKeyUsage;
+ unsigned int requiredCertType;
+ unsigned int failedFlags;
+ unsigned int certType;
+ PRBool trusted;
+ PRBool allowOverride;
+ SECCertTimeValidity validity;
+ CERTStatusConfig *statusConfig;
+
+#ifdef notdef
+ /* check if this cert is in the Evil list */
+ rv = CERT_CheckForEvilCert(cert);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
+ LOG_ERROR_OR_EXIT(log, cert, 0, 0);
+ }
+#endif
+
+ /* make sure that the cert is valid at time t */
+ allowOverride = (PRBool)((certUsage == certUsageSSLServer) ||
+ (certUsage == certUsageSSLServerWithStepUp));
+ validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
+ if (validity != secCertTimeValid) {
+ LOG_ERROR_OR_EXIT(log, cert, 0, validity);
+ }
+
+ /* check key usage and netscape cert type */
+ cert_GetCertType(cert);
+ certType = cert->nsCertType;
+ switch (certUsage) {
+ case certUsageSSLClient:
+ case certUsageSSLServer:
+ case certUsageSSLServerWithStepUp:
+ case certUsageSSLCA:
+ case certUsageEmailSigner:
+ case certUsageEmailRecipient:
+ case certUsageObjectSigner:
+ case certUsageStatusResponder:
+ rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
+ &requiredKeyUsage,
+ &requiredCertType);
+ if (rv != SECSuccess) {
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredKeyUsage = 0;
+ requiredCertType = 0;
+ }
+ break;
+ case certUsageVerifyCA:
+ case certUsageAnyCA:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_CA;
+ if (!(certType & NS_CERT_TYPE_CA)) {
+ certType |= NS_CERT_TYPE_CA;
+ }
+ break;
+ default:
+ PORT_Assert(0);
+ EXIT_IF_NOT_LOGGING(log);
+ requiredKeyUsage = 0;
+ requiredCertType = 0;
+ }
+ if (CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
+ LOG_ERROR_OR_EXIT(log, cert, 0, requiredKeyUsage);
+ }
+ if (!(certType & requiredCertType)) {
+ PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
+ LOG_ERROR_OR_EXIT(log, cert, 0, requiredCertType);
+ }
+
+ rv = cert_CheckLeafTrust(cert, certUsage, &failedFlags, &trusted);
+ if (rv == SECFailure) {
+ PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
+ LOG_ERROR_OR_EXIT(log, cert, 0, failedFlags);
+ } else if (trusted) {
+ goto done;
+ }
+
+ rv = CERT_VerifyCertChain(handle, cert, checkSig, certUsage,
+ t, wincx, log);
+ if (rv != SECSuccess) {
+ EXIT_IF_NOT_LOGGING(log);
+ }
+
+ /*
+ * Check revocation status, but only if the cert we are checking is not a
+ * status responder itself and the caller did not ask us to skip the check.
+ * We only do this in the case where we checked the cert chain (above);
+ * explicit trust "wins" (avoids status checking, just as it avoids CRL
+ * checking, which is all done inside VerifyCertChain) by bypassing this
+ * code.
+ */
+ if (!(flags & CERT_VERIFYCERT_SKIP_OCSP) &&
+ certUsage != certUsageStatusResponder) {
+ statusConfig = CERT_GetStatusConfig(handle);
+ if (statusConfig && statusConfig->statusChecker) {
+ rv = (*statusConfig->statusChecker)(handle, cert,
+ t, wincx);
+ if (rv != SECSuccess) {
+ LOG_ERROR_OR_EXIT(log, cert, 0, 0);
+ }
+ }
+ }
+
+done:
+ if (log && log->head) {
+ return SECFailure;
+ }
+ return (SECSuccess);
+
+loser:
+ rv = SECFailure;
+
+ return (rv);
+}
+
+/*
+ * verify a certificate by checking if its valid and that we
+ * trust the issuer. Verify time against now.
+ */
+SECStatus
+CERT_VerifyCertificateNow(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertificateUsage requiredUsages,
+ void *wincx, SECCertificateUsage *returnedUsages)
+{
+ return (CERT_VerifyCertificate(handle, cert, checkSig,
+ requiredUsages, PR_Now(), wincx, NULL, returnedUsages));
+}
+
+/* obsolete, do not use for new code */
+SECStatus
+CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool checkSig, SECCertUsage certUsage, void *wincx)
+{
+ return (CERT_VerifyCert(handle, cert, checkSig,
+ certUsage, PR_Now(), wincx, NULL));
+}
+
+/* [ FROM pcertdb.c ] */
+/*
+ * Supported usage values and types:
+ * certUsageSSLClient
+ * certUsageSSLServer
+ * certUsageSSLServerWithStepUp
+ * certUsageEmailSigner
+ * certUsageEmailRecipient
+ * certUsageObjectSigner
+ */
+
+CERTCertificate *
+CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
+ CERTCertOwner owner, SECCertUsage usage,
+ PRBool preferTrusted, PRTime validTime, PRBool validOnly)
+{
+ CERTCertList *certList = NULL;
+ CERTCertificate *cert = NULL;
+ CERTCertTrust certTrust;
+ unsigned int requiredTrustFlags;
+ SECTrustType requiredTrustType;
+ unsigned int flags;
+
+ PRBool lookingForCA = PR_FALSE;
+ SECStatus rv;
+ CERTCertListNode *node;
+ CERTCertificate *saveUntrustedCA = NULL;
+
+ /* if preferTrusted is set, must be a CA cert */
+ PORT_Assert(!(preferTrusted && (owner != certOwnerCA)));
+
+ if (owner == certOwnerCA) {
+ lookingForCA = PR_TRUE;
+ if (preferTrusted) {
+ rv = CERT_TrustFlagsForCACertUsage(usage, &requiredTrustFlags,
+ &requiredTrustType);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ requiredTrustFlags |= CERTDB_VALID_CA;
+ }
+ }
+
+ certList = CERT_CreateSubjectCertList(NULL, handle, derName, validTime,
+ validOnly);
+ if (certList != NULL) {
+ rv = CERT_FilterCertListByUsage(certList, usage, lookingForCA);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ node = CERT_LIST_HEAD(certList);
+
+ while (!CERT_LIST_END(node, certList)) {
+ cert = node->cert;
+
+ /* looking for a trusted CA cert */
+ if ((owner == certOwnerCA) && preferTrusted &&
+ (requiredTrustType != trustTypeNone)) {
+
+ if (CERT_GetCertTrust(cert, &certTrust) != SECSuccess) {
+ flags = 0;
+ } else {
+ flags = SEC_GET_TRUST_FLAGS(&certTrust, requiredTrustType);
+ }
+
+ if ((flags & requiredTrustFlags) != requiredTrustFlags) {
+ /* cert is not trusted */
+ /* if this is the first cert to get this far, then save
+ * it, so we can use it if we can't find a trusted one
+ */
+ if (saveUntrustedCA == NULL) {
+ saveUntrustedCA = cert;
+ }
+ goto endloop;
+ }
+ }
+ /* if we got this far, then this cert meets all criteria */
+ break;
+
+ endloop:
+ node = CERT_LIST_NEXT(node);
+ cert = NULL;
+ }
+
+ /* use the saved one if we have it */
+ if (cert == NULL) {
+ cert = saveUntrustedCA;
+ }
+
+ /* if we found one then bump the ref count before freeing the list */
+ if (cert != NULL) {
+ /* bump the ref count */
+ cert = CERT_DupCertificate(cert);
+ }
+
+ CERT_DestroyCertList(certList);
+ }
+
+ return (cert);
+
+loser:
+ if (certList != NULL) {
+ CERT_DestroyCertList(certList);
+ }
+
+ return (NULL);
+}
+
+/* [ From certdb.c ] */
+/*
+ * Filter a list of certificates, removing those certs that do not have
+ * one of the named CA certs somewhere in their cert chain.
+ *
+ * "certList" - the list of certificates to filter
+ * "nCANames" - number of CA names
+ * "caNames" - array of CA names in string(rfc 1485) form
+ * "usage" - what use the certs are for, this is used when
+ * selecting CA certs
+ */
+SECStatus
+CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
+ char **caNames, SECCertUsage usage)
+{
+ CERTCertificate *issuerCert = NULL;
+ CERTCertificate *subjectCert;
+ CERTCertListNode *node, *freenode;
+ CERTCertificate *cert;
+ int n;
+ char **names;
+ PRBool found;
+ PRTime time;
+
+ if (nCANames <= 0) {
+ return (SECSuccess);
+ }
+
+ time = PR_Now();
+
+ node = CERT_LIST_HEAD(certList);
+
+ while (!CERT_LIST_END(node, certList)) {
+ cert = node->cert;
+
+ subjectCert = CERT_DupCertificate(cert);
+
+ /* traverse the CA certs for this cert */
+ found = PR_FALSE;
+ while (subjectCert != NULL) {
+ n = nCANames;
+ names = caNames;
+
+ if (subjectCert->issuerName != NULL) {
+ while (n > 0) {
+ if (PORT_Strcmp(*names, subjectCert->issuerName) == 0) {
+ found = PR_TRUE;
+ break;
+ }
+
+ n--;
+ names++;
+ }
+ }
+
+ if (found) {
+ break;
+ }
+
+ issuerCert = CERT_FindCertIssuer(subjectCert, time, usage);
+ if (issuerCert == subjectCert) {
+ CERT_DestroyCertificate(issuerCert);
+ issuerCert = NULL;
+ break;
+ }
+ CERT_DestroyCertificate(subjectCert);
+ subjectCert = issuerCert;
+ }
+ CERT_DestroyCertificate(subjectCert);
+ if (!found) {
+ /* CA was not found, so remove this cert from the list */
+ freenode = node;
+ node = CERT_LIST_NEXT(node);
+ CERT_RemoveCertListNode(freenode);
+ } else {
+ /* CA was found, so leave it in the list */
+ node = CERT_LIST_NEXT(node);
+ }
+ }
+
+ return (SECSuccess);
+}
+
+/*
+ * Given a certificate, return a string containing the nickname, and possibly
+ * one of the validity strings, based on the current validity state of the
+ * certificate.
+ *
+ * "arena" - arena to allocate returned string from. If NULL, then heap
+ * is used.
+ * "cert" - the cert to get nickname from
+ * "expiredString" - the string to append to the nickname if the cert is
+ * expired.
+ * "notYetGoodString" - the string to append to the nickname if the cert is
+ * not yet good.
+ */
+char *
+CERT_GetCertNicknameWithValidity(PLArenaPool *arena, CERTCertificate *cert,
+ char *expiredString, char *notYetGoodString)
+{
+ SECCertTimeValidity validity;
+ char *nickname = NULL, *tmpstr = NULL;
+
+ validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
+
+ /* if the cert is good, then just use the nickname directly */
+ if (validity == secCertTimeValid) {
+ if (arena == NULL) {
+ nickname = PORT_Strdup(cert->nickname);
+ } else {
+ nickname = PORT_ArenaStrdup(arena, cert->nickname);
+ }
+
+ if (nickname == NULL) {
+ goto loser;
+ }
+ } else {
+
+ /* if the cert is not valid, then tack one of the strings on the
+ * end
+ */
+ if (validity == secCertTimeExpired) {
+ tmpstr = PR_smprintf("%s%s", cert->nickname,
+ expiredString);
+ } else if (validity == secCertTimeNotValidYet) {
+ /* not yet valid */
+ tmpstr = PR_smprintf("%s%s", cert->nickname,
+ notYetGoodString);
+ } else {
+ /* undetermined */
+ tmpstr = PR_smprintf("%s",
+ "(NULL) (Validity Unknown)");
+ }
+
+ if (tmpstr == NULL) {
+ goto loser;
+ }
+
+ if (arena) {
+ /* copy the string into the arena and free the malloc'd one */
+ nickname = PORT_ArenaStrdup(arena, tmpstr);
+ PORT_Free(tmpstr);
+ } else {
+ nickname = tmpstr;
+ }
+ if (nickname == NULL) {
+ goto loser;
+ }
+ }
+ return (nickname);
+
+loser:
+ return (NULL);
+}
+
+/*
+ * Collect the nicknames from all certs in a CertList. If the cert is not
+ * valid, append a string to that nickname.
+ *
+ * "certList" - the list of certificates
+ * "expiredString" - the string to append to the nickname of any expired cert
+ * "notYetGoodString" - the string to append to the nickname of any cert
+ * that is not yet valid
+ */
+CERTCertNicknames *
+CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
+ char *notYetGoodString)
+{
+ CERTCertNicknames *names;
+ PLArenaPool *arena;
+ CERTCertListNode *node;
+ char **nn;
+
+ /* allocate an arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return (NULL);
+ }
+
+ /* allocate the structure */
+ names = PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
+ if (names == NULL) {
+ goto loser;
+ }
+
+ /* init the structure */
+ names->arena = arena;
+ names->head = NULL;
+ names->numnicknames = 0;
+ names->nicknames = NULL;
+ names->totallen = 0;
+
+ /* count the certs in the list */
+ node = CERT_LIST_HEAD(certList);
+ while (!CERT_LIST_END(node, certList)) {
+ names->numnicknames++;
+ node = CERT_LIST_NEXT(node);
+ }
+
+ /* allocate nicknames array */
+ names->nicknames = PORT_ArenaAlloc(arena,
+ sizeof(char *) * names->numnicknames);
+ if (names->nicknames == NULL) {
+ goto loser;
+ }
+
+ /* just in case printf can't deal with null strings */
+ if (expiredString == NULL) {
+ expiredString = "";
+ }
+
+ if (notYetGoodString == NULL) {
+ notYetGoodString = "";
+ }
+
+ /* traverse the list of certs and collect the nicknames */
+ nn = names->nicknames;
+ node = CERT_LIST_HEAD(certList);
+ while (!CERT_LIST_END(node, certList)) {
+ *nn = CERT_GetCertNicknameWithValidity(arena, node->cert,
+ expiredString,
+ notYetGoodString);
+ if (*nn == NULL) {
+ goto loser;
+ }
+
+ names->totallen += PORT_Strlen(*nn);
+
+ nn++;
+ node = CERT_LIST_NEXT(node);
+ }
+
+ return (names);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (NULL);
+}
+
+/*
+ * Extract the nickname from a nickmake string that may have either
+ * expiredString or notYetGoodString appended.
+ *
+ * Args:
+ * "namestring" - the string containing the nickname, and possibly
+ * one of the validity label strings
+ * "expiredString" - the expired validity label string
+ * "notYetGoodString" - the not yet good validity label string
+ *
+ * Returns the raw nickname
+ */
+char *
+CERT_ExtractNicknameString(char *namestring, char *expiredString,
+ char *notYetGoodString)
+{
+ int explen, nyglen, namelen;
+ int retlen;
+ char *retstr;
+
+ namelen = PORT_Strlen(namestring);
+ explen = PORT_Strlen(expiredString);
+ nyglen = PORT_Strlen(notYetGoodString);
+
+ if (namelen > explen) {
+ if (PORT_Strcmp(expiredString, &namestring[namelen - explen]) == 0) {
+ retlen = namelen - explen;
+ retstr = (char *)PORT_Alloc(retlen + 1);
+ if (retstr == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(retstr, namestring, retlen);
+ retstr[retlen] = '\0';
+ goto done;
+ }
+ }
+
+ if (namelen > nyglen) {
+ if (PORT_Strcmp(notYetGoodString, &namestring[namelen - nyglen]) == 0) {
+ retlen = namelen - nyglen;
+ retstr = (char *)PORT_Alloc(retlen + 1);
+ if (retstr == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(retstr, namestring, retlen);
+ retstr[retlen] = '\0';
+ goto done;
+ }
+ }
+
+ /* if name string is shorter than either invalid string, then it must
+ * be a raw nickname
+ */
+ retstr = PORT_Strdup(namestring);
+
+done:
+ return (retstr);
+
+loser:
+ return (NULL);
+}
+
+CERTCertList *
+CERT_GetCertChainFromCert(CERTCertificate *cert, PRTime time, SECCertUsage usage)
+{
+ CERTCertList *chain = NULL;
+ int count = 0;
+
+ if (NULL == cert) {
+ return NULL;
+ }
+
+ cert = CERT_DupCertificate(cert);
+ if (NULL == cert) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ chain = CERT_NewCertList();
+ if (NULL == chain) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ while (cert != NULL && ++count <= CERT_MAX_CERT_CHAIN) {
+ if (SECSuccess != CERT_AddCertToListTail(chain, cert)) {
+ /* return partial chain */
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return chain;
+ }
+
+ if (cert->isRoot) {
+ /* return complete chain */
+ return chain;
+ }
+
+ cert = CERT_FindCertIssuer(cert, time, usage);
+ }
+
+ /* return partial chain */
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+ return chain;
+}
diff --git a/security/nss/lib/certhigh/certvfypkix.c b/security/nss/lib/certhigh/certvfypkix.c
new file mode 100644
index 000000000..a536c21c0
--- /dev/null
+++ b/security/nss/lib/certhigh/certvfypkix.c
@@ -0,0 +1,2305 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * nss_pkix_proxy.h
+ *
+ * PKIX - NSS proxy functions
+ *
+ * NOTE: All structures, functions, data types are parts of library private
+ * api and are subjects to change in any following releases.
+ *
+ */
+#include "prerror.h"
+#include "prprf.h"
+
+#include "nspr.h"
+#include "pk11func.h"
+#include "certdb.h"
+#include "cert.h"
+#include "secerr.h"
+#include "nssb64.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "pkit.h"
+
+#ifndef NSS_DISABLE_LIBPKIX
+#include "pkix_pl_common.h"
+
+extern PRLogModuleInfo *pkixLog;
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+
+extern PKIX_UInt32
+pkix_pl_lifecycle_ObjectLeakCheck(int *);
+
+extern SECStatus
+pkix_pl_lifecycle_ObjectTableUpdate(int *objCountTable);
+
+PRInt32 parallelFnInvocationCount;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+static PRBool usePKIXValidationEngine = PR_FALSE;
+#endif /* NSS_DISABLE_LIBPKIX */
+
+/*
+ * FUNCTION: CERT_SetUsePKIXForValidation
+ * DESCRIPTION:
+ *
+ * Enables or disables use of libpkix for certificate validation
+ *
+ * PARAMETERS:
+ * "enable"
+ * PR_TRUE: enables use of libpkix for cert validation.
+ * PR_FALSE: disables.
+ * THREAD SAFETY:
+ * NOT Thread Safe.
+ * RETURNS:
+ * Returns SECSuccess if successfully enabled
+ */
+SECStatus
+CERT_SetUsePKIXForValidation(PRBool enable)
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+#else
+ usePKIXValidationEngine = (enable > 0) ? PR_TRUE : PR_FALSE;
+ return SECSuccess;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+/*
+ * FUNCTION: CERT_GetUsePKIXForValidation
+ * DESCRIPTION:
+ *
+ * Checks if libpkix building function should be use for certificate
+ * chain building.
+ *
+ * PARAMETERS:
+ * NONE
+ * THREAD SAFETY:
+ * NOT Thread Safe
+ * RETURNS:
+ * Returns PR_TRUE if libpkix should be used. PR_FALSE otherwise.
+ */
+PRBool
+CERT_GetUsePKIXForValidation()
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ return PR_FALSE;
+#else
+ return usePKIXValidationEngine;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+#ifndef NSS_DISABLE_LIBPKIX
+#ifdef NOTDEF
+/*
+ * FUNCTION: cert_NssKeyUsagesToPkix
+ * DESCRIPTION:
+ *
+ * Converts nss key usage bit field(PRUint32) to pkix key usage
+ * bit field.
+ *
+ * PARAMETERS:
+ * "nssKeyUsage"
+ * Nss key usage bit field.
+ * "pkixKeyUsage"
+ * Pkix key usage big field.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_NssKeyUsagesToPkix(
+ PRUint32 nssKeyUsage,
+ PKIX_UInt32 *pPkixKeyUsage,
+ void *plContext)
+{
+ PKIX_UInt32 pkixKeyUsage = 0;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_NssKeyUsagesToPkix");
+ PKIX_NULLCHECK_ONE(pPkixKeyUsage);
+
+ *pPkixKeyUsage = 0;
+
+ if (nssKeyUsage & KU_DIGITAL_SIGNATURE) {
+ pkixKeyUsage |= PKIX_DIGITAL_SIGNATURE;
+ }
+
+ if (nssKeyUsage & KU_NON_REPUDIATION) {
+ pkixKeyUsage |= PKIX_NON_REPUDIATION;
+ }
+
+ if (nssKeyUsage & KU_KEY_ENCIPHERMENT) {
+ pkixKeyUsage |= PKIX_KEY_ENCIPHERMENT;
+ }
+
+ if (nssKeyUsage & KU_DATA_ENCIPHERMENT) {
+ pkixKeyUsage |= PKIX_DATA_ENCIPHERMENT;
+ }
+
+ if (nssKeyUsage & KU_KEY_AGREEMENT) {
+ pkixKeyUsage |= PKIX_KEY_AGREEMENT;
+ }
+
+ if (nssKeyUsage & KU_KEY_CERT_SIGN) {
+ pkixKeyUsage |= PKIX_KEY_CERT_SIGN;
+ }
+
+ if (nssKeyUsage & KU_CRL_SIGN) {
+ pkixKeyUsage |= PKIX_CRL_SIGN;
+ }
+
+ if (nssKeyUsage & KU_ENCIPHER_ONLY) {
+ pkixKeyUsage |= PKIX_ENCIPHER_ONLY;
+ }
+
+ /* Not supported. XXX we should support this once it is
+ * fixed in NSS */
+ /* pkixKeyUsage |= PKIX_DECIPHER_ONLY; */
+
+ *pPkixKeyUsage = pkixKeyUsage;
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+extern SECOidTag ekuOidStrings[];
+
+enum {
+ ekuIndexSSLServer = 0,
+ ekuIndexSSLClient,
+ ekuIndexCodeSigner,
+ ekuIndexEmail,
+ ekuIndexTimeStamp,
+ ekuIndexStatusResponder,
+ ekuIndexUnknown
+} ekuIndex;
+
+typedef struct {
+ SECCertUsage certUsage;
+ PRUint32 ekuStringIndex;
+} SECCertUsageToEku;
+
+const SECCertUsageToEku certUsageEkuStringMap[] = {
+ { certUsageSSLClient, ekuIndexSSLClient },
+ { certUsageSSLServer, ekuIndexSSLServer },
+ { certUsageSSLCA, ekuIndexSSLServer },
+ { certUsageEmailSigner, ekuIndexEmail },
+ { certUsageEmailRecipient, ekuIndexEmail },
+ { certUsageObjectSigner, ekuIndexCodeSigner },
+ { certUsageUserCertImport, ekuIndexUnknown },
+ { certUsageVerifyCA, ekuIndexUnknown },
+ { certUsageProtectedObjectSigner, ekuIndexUnknown },
+ { certUsageStatusResponder, ekuIndexStatusResponder },
+ { certUsageAnyCA, ekuIndexUnknown },
+};
+
+/*
+ * FUNCTION: cert_NssCertificateUsageToPkixKUAndEKU
+ * DESCRIPTION:
+ *
+ * Converts nss CERTCertificateUsage bit field to pkix key and
+ * extended key usages.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Pointer to CERTCertificate structure of validating cert.
+ * "requiredCertUsages"
+ * Required usage that will be converted to pkix eku and ku.
+ * "requiredKeyUsage",
+ * Additional key usages impose to cert.
+ * "isCA",
+ * it true, convert usages for cert that is a CA cert.
+ * "ppkixEKUList"
+ * Returned address of a list of pkix extended key usages.
+ * "ppkixKU"
+ * Returned address of pkix required key usages bit field.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_NssCertificateUsageToPkixKUAndEKU(
+ CERTCertificate *cert,
+ SECCertUsage requiredCertUsage,
+ PRUint32 requiredKeyUsages,
+ PRBool isCA,
+ PKIX_List **ppkixEKUList,
+ PKIX_UInt32 *ppkixKU,
+ void *plContext)
+{
+ PKIX_List *ekuOidsList = NULL;
+ PKIX_PL_OID *ekuOid = NULL;
+ int i = 0;
+ int ekuIndex = ekuIndexUnknown;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_NssCertificateUsageToPkixEku");
+ PKIX_NULLCHECK_TWO(ppkixEKUList, ppkixKU);
+
+ PKIX_CHECK(
+ PKIX_List_Create(&ekuOidsList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (; i < PR_ARRAY_SIZE(certUsageEkuStringMap); i++) {
+ const SECCertUsageToEku *usageToEkuElem =
+ &certUsageEkuStringMap[i];
+ if (usageToEkuElem->certUsage == requiredCertUsage) {
+ ekuIndex = usageToEkuElem->ekuStringIndex;
+ break;
+ }
+ }
+ if (ekuIndex != ekuIndexUnknown) {
+ PRUint32 reqKeyUsage = 0;
+ PRUint32 reqCertType = 0;
+
+ CERT_KeyUsageAndTypeForCertUsage(requiredCertUsage, isCA,
+ &reqKeyUsage,
+ &reqCertType);
+
+ requiredKeyUsages |= reqKeyUsage;
+
+ PKIX_CHECK(
+ PKIX_PL_OID_Create(ekuOidStrings[ekuIndex], &ekuOid,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_List_AppendItem(ekuOidsList, (PKIX_PL_Object *)ekuOid,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(ekuOid);
+ }
+
+ PKIX_CHECK(
+ cert_NssKeyUsagesToPkix(requiredKeyUsages, ppkixKU, plContext),
+ PKIX_NSSCERTIFICATEUSAGETOPKIXKUANDEKUFAILED);
+
+ *ppkixEKUList = ekuOidsList;
+ ekuOidsList = NULL;
+
+cleanup:
+
+ PKIX_DECREF(ekuOid);
+ PKIX_DECREF(ekuOidsList);
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+#endif
+
+/*
+ * FUNCTION: cert_ProcessingParamsSetKeyAndCertUsage
+ * DESCRIPTION:
+ *
+ * Converts cert usage to pkix KU type and sets
+ * converted data into PKIX_ProcessingParams object. It also sets
+ * proper cert usage into nsscontext object.
+ *
+ * PARAMETERS:
+ * "procParams"
+ * Pointer to PKIX_ProcessingParams used during validation.
+ * "requiredCertUsage"
+ * Required certificate usages the certificate and chain is built and
+ * validated for.
+ * "requiredKeyUsage"
+ * Request additional key usages the certificate should be validated for.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_ProcessingParamsSetKeyAndCertUsage(
+ PKIX_ProcessingParams *procParams,
+ SECCertUsage requiredCertUsage,
+ PRUint32 requiredKeyUsages,
+ void *plContext)
+{
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_ComCertSelParams *certSelParams = NULL;
+ PKIX_PL_NssContext *nssContext = (PKIX_PL_NssContext *)plContext;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_ProcessingParamsSetKeyAndCertUsage");
+ PKIX_NULLCHECK_TWO(procParams, nssContext);
+
+ PKIX_CHECK(
+ pkix_pl_NssContext_SetCertUsage(
+ ((SECCertificateUsage)1) << requiredCertUsage, nssContext),
+ PKIX_NSSCONTEXTSETCERTUSAGEFAILED);
+
+ if (requiredKeyUsages) {
+ PKIX_CHECK(
+ PKIX_ProcessingParams_GetTargetCertConstraints(procParams,
+ &certSelector, plContext),
+ PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
+
+ PKIX_CHECK(
+ PKIX_CertSelector_GetCommonCertSelectorParams(certSelector,
+ &certSelParams, plContext),
+ PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_SetKeyUsage(certSelParams, requiredKeyUsages,
+ plContext),
+ PKIX_COMCERTSELPARAMSSETKEYUSAGEFAILED);
+ }
+cleanup:
+ PKIX_DECREF(certSelector);
+ PKIX_DECREF(certSelParams);
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+/*
+ * Unused parameters:
+ *
+ * CERTCertList *initialChain,
+ * CERTCertStores certStores,
+ * CERTCertRevCheckers certRevCheckers,
+ * CERTCertChainCheckers certChainCheckers,
+ * SECItem *initPolicies,
+ * PRBool policyQualifierRejected,
+ * PRBool anyPolicyInhibited,
+ * PRBool reqExplicitPolicy,
+ * PRBool policyMappingInhibited,
+ * PKIX_CertSelector certConstraints,
+ */
+
+/*
+ * FUNCTION: cert_CreatePkixProcessingParams
+ * DESCRIPTION:
+ *
+ * Creates and fills in PKIX_ProcessingParams structure to be used
+ * for certificate chain building.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Pointer to the CERTCertificate: the leaf certificate of a chain.
+ * "time"
+ * Validity time.
+ * "wincx"
+ * Nss db password token.
+ * "useArena"
+ * Flags to use arena for data allocation during chain building process.
+ * "pprocParams"
+ * Address to return created processing parameters.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_CreatePkixProcessingParams(
+ CERTCertificate *cert,
+ PRBool checkSig, /* not used yet. See bug 391476 */
+ PRTime time,
+ void *wincx,
+ PRBool useArena,
+ PRBool disableOCSPRemoteFetching,
+ PKIX_ProcessingParams **pprocParams,
+ void **pplContext)
+{
+ PKIX_List *anchors = NULL;
+ PKIX_PL_Cert *targetCert = NULL;
+ PKIX_PL_Date *date = NULL;
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_ComCertSelParams *certSelParams = NULL;
+ PKIX_CertStore *certStore = NULL;
+ PKIX_List *certStores = NULL;
+ PKIX_RevocationChecker *revChecker = NULL;
+ PKIX_UInt32 methodFlags = 0;
+ void *plContext = NULL;
+ CERTStatusConfig *statusConfig = NULL;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_CreatePkixProcessingParams");
+ PKIX_NULLCHECK_TWO(cert, pprocParams);
+
+ PKIX_CHECK(
+ PKIX_PL_NssContext_Create(0, useArena, wincx, &plContext),
+ PKIX_NSSCONTEXTCREATEFAILED);
+
+ *pplContext = plContext;
+
+#ifdef PKIX_NOTDEF
+ /* Functions should be implemented in patch for 390532 */
+ PKIX_CHECK(
+ pkix_pl_NssContext_SetCertSignatureCheck(checkSig,
+ (PKIX_PL_NssContext *)plContext),
+ PKIX_NSSCONTEXTSETCERTSIGNCHECKFAILED);
+
+#endif /* PKIX_NOTDEF */
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_Create(&procParams, plContext),
+ PKIX_PROCESSINGPARAMSCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_Create(&certSelParams, plContext),
+ PKIX_COMCERTSELPARAMSCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_CreateFromCERTCertificate(cert, &targetCert, plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_SetCertificate(certSelParams,
+ targetCert, plContext),
+ PKIX_COMCERTSELPARAMSSETCERTIFICATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext),
+ PKIX_COULDNOTCREATECERTSELECTOROBJECT);
+
+ PKIX_CHECK(
+ PKIX_CertSelector_SetCommonCertSelectorParams(certSelector,
+ certSelParams, plContext),
+ PKIX_CERTSELECTORSETCOMMONCERTSELECTORPARAMSFAILED);
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetTargetCertConstraints(procParams,
+ certSelector, plContext),
+ PKIX_PROCESSINGPARAMSSETTARGETCERTCONSTRAINTSFAILED);
+
+ /* Turn off quialification of target cert since leaf cert is
+ * already check for date validity, key usages and extended
+ * key usages. */
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetQualifyTargetCert(procParams, PKIX_FALSE,
+ plContext),
+ PKIX_PROCESSINGPARAMSSETQUALIFYTARGETCERTFLAGFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Pk11CertStore_Create(&certStore, plContext),
+ PKIX_PK11CERTSTORECREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_List_Create(&certStores, plContext),
+ PKIX_UNABLETOCREATELIST);
+
+ PKIX_CHECK(
+ PKIX_List_AppendItem(certStores, (PKIX_PL_Object *)certStore,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetCertStores(procParams, certStores,
+ plContext),
+ PKIX_PROCESSINGPARAMSADDCERTSTOREFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Date_CreateFromPRTime(time, &date, plContext),
+ PKIX_DATECREATEFROMPRTIMEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetDate(procParams, date, plContext),
+ PKIX_PROCESSINGPARAMSSETDATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_RevocationChecker_Create(
+ PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST |
+ PKIX_REV_MI_NO_OVERALL_INFO_REQUIREMENT,
+ PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST |
+ PKIX_REV_MI_NO_OVERALL_INFO_REQUIREMENT,
+ &revChecker, plContext),
+ PKIX_REVOCATIONCHECKERCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetRevocationChecker(procParams, revChecker,
+ plContext),
+ PKIX_PROCESSINGPARAMSSETREVOCATIONCHECKERFAILED);
+
+ /* CRL method flags */
+ methodFlags =
+ PKIX_REV_M_TEST_USING_THIS_METHOD |
+ PKIX_REV_M_FORBID_NETWORK_FETCHING |
+ PKIX_REV_M_SKIP_TEST_ON_MISSING_SOURCE | /* 0 */
+ PKIX_REV_M_IGNORE_MISSING_FRESH_INFO | /* 0 */
+ PKIX_REV_M_CONTINUE_TESTING_ON_FRESH_INFO;
+
+ /* add CRL revocation method to check the leaf certificate */
+ PKIX_CHECK(
+ PKIX_RevocationChecker_CreateAndAddMethod(revChecker, procParams,
+ PKIX_RevocationMethod_CRL, methodFlags,
+ 0, NULL, PKIX_TRUE, plContext),
+ PKIX_REVOCATIONCHECKERADDMETHODFAILED);
+
+ /* add CRL revocation method for other certs in the chain. */
+ PKIX_CHECK(
+ PKIX_RevocationChecker_CreateAndAddMethod(revChecker, procParams,
+ PKIX_RevocationMethod_CRL, methodFlags,
+ 0, NULL, PKIX_FALSE, plContext),
+ PKIX_REVOCATIONCHECKERADDMETHODFAILED);
+
+ /* For compatibility with the old code, need to check that
+ * statusConfig is set in the db handle and status checker
+ * is defined befor allow ocsp status check on the leaf cert.*/
+ statusConfig = CERT_GetStatusConfig(CERT_GetDefaultCertDB());
+ if (statusConfig != NULL && statusConfig->statusChecker != NULL) {
+
+ /* Enable OCSP revocation checking for the leaf cert. */
+ /* OCSP method flags */
+ methodFlags =
+ PKIX_REV_M_TEST_USING_THIS_METHOD |
+ PKIX_REV_M_ALLOW_NETWORK_FETCHING | /* 0 */
+ PKIX_REV_M_ALLOW_IMPLICIT_DEFAULT_SOURCE | /* 0 */
+ PKIX_REV_M_SKIP_TEST_ON_MISSING_SOURCE | /* 0 */
+ PKIX_REV_M_IGNORE_MISSING_FRESH_INFO | /* 0 */
+ PKIX_REV_M_CONTINUE_TESTING_ON_FRESH_INFO;
+
+ /* Disabling ocsp fetching when checking the status
+ * of ocsp response signer. Here and in the next if,
+ * adjust flags for ocsp signer cert validation case. */
+ if (disableOCSPRemoteFetching) {
+ methodFlags |= PKIX_REV_M_FORBID_NETWORK_FETCHING;
+ }
+
+ if (ocsp_FetchingFailureIsVerificationFailure() &&
+ !disableOCSPRemoteFetching) {
+ methodFlags |=
+ PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO;
+ }
+
+ /* add OCSP revocation method to check only the leaf certificate.*/
+ PKIX_CHECK(
+ PKIX_RevocationChecker_CreateAndAddMethod(revChecker, procParams,
+ PKIX_RevocationMethod_OCSP, methodFlags,
+ 1, NULL, PKIX_TRUE, plContext),
+ PKIX_REVOCATIONCHECKERADDMETHODFAILED);
+ }
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetAnyPolicyInhibited(procParams, PR_FALSE,
+ plContext),
+ PKIX_PROCESSINGPARAMSSETANYPOLICYINHIBITED);
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetExplicitPolicyRequired(procParams, PR_FALSE,
+ plContext),
+ PKIX_PROCESSINGPARAMSSETEXPLICITPOLICYREQUIRED);
+
+ PKIX_CHECK(
+ PKIX_ProcessingParams_SetPolicyMappingInhibited(procParams, PR_FALSE,
+ plContext),
+ PKIX_PROCESSINGPARAMSSETPOLICYMAPPINGINHIBITED);
+
+ *pprocParams = procParams;
+ procParams = NULL;
+
+cleanup:
+ PKIX_DECREF(anchors);
+ PKIX_DECREF(targetCert);
+ PKIX_DECREF(date);
+ PKIX_DECREF(certSelector);
+ PKIX_DECREF(certSelParams);
+ PKIX_DECREF(certStore);
+ PKIX_DECREF(certStores);
+ PKIX_DECREF(procParams);
+ PKIX_DECREF(revChecker);
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+/*
+ * FUNCTION: cert_PkixToNssCertsChain
+ * DESCRIPTION:
+ *
+ * Converts pkix cert list into nss cert list.
+ *
+ * PARAMETERS:
+ * "pkixCertChain"
+ * Pkix certificate list.
+ * "pvalidChain"
+ * An address of returned nss certificate list.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_PkixToNssCertsChain(
+ PKIX_List *pkixCertChain,
+ CERTCertList **pvalidChain,
+ void *plContext)
+{
+ PLArenaPool *arena = NULL;
+ CERTCertificate *nssCert = NULL;
+ CERTCertList *validChain = NULL;
+ PKIX_PL_Object *certItem = NULL;
+ PKIX_UInt32 length = 0;
+ PKIX_UInt32 i = 0;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_PkixToNssCertsChain");
+ PKIX_NULLCHECK_ONE(pvalidChain);
+
+ if (pkixCertChain == NULL) {
+ goto cleanup;
+ }
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ validChain = (CERTCertList *)PORT_ArenaZAlloc(arena, sizeof(CERTCertList));
+ if (validChain == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+ PR_INIT_CLIST(&validChain->list);
+ validChain->arena = arena;
+ arena = NULL;
+
+ PKIX_CHECK(
+ PKIX_List_GetLength(pkixCertChain, &length, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < length; i++) {
+ CERTCertListNode *node = NULL;
+
+ PKIX_CHECK(
+ PKIX_List_GetItem(pkixCertChain, i, &certItem, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetCERTCertificate((PKIX_PL_Cert *)certItem, &nssCert,
+ plContext),
+ PKIX_CERTGETCERTCERTIFICATEFAILED);
+
+ node =
+ (CERTCertListNode *)PORT_ArenaZAlloc(validChain->arena,
+ sizeof(CERTCertListNode));
+ if (node == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ PR_INSERT_BEFORE(&node->links, &validChain->list);
+
+ node->cert = nssCert;
+ nssCert = NULL;
+
+ PKIX_DECREF(certItem);
+ }
+
+ *pvalidChain = validChain;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ if (validChain) {
+ CERT_DestroyCertList(validChain);
+ } else if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ if (nssCert) {
+ CERT_DestroyCertificate(nssCert);
+ }
+ }
+ PKIX_DECREF(certItem);
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+/*
+ * FUNCTION: cert_BuildAndValidateChain
+ * DESCRIPTION:
+ *
+ * The function builds and validates a cert chain based on certificate
+ * selection criterias from procParams. This function call PKIX_BuildChain
+ * to accomplish chain building. If PKIX_BuildChain returns with incomplete
+ * IO, the function waits with PR_Poll until the blocking IO is finished and
+ * return control back to PKIX_BuildChain.
+ *
+ * PARAMETERS:
+ * "procParams"
+ * Processing parameters to be used during chain building.
+ * "pResult"
+ * Returned build result.
+ * "pVerifyNode"
+ * Returned pointed to verify node structure: the tree-like structure
+ * that reports points of chain building failures.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_BuildAndValidateChain(
+ PKIX_ProcessingParams *procParams,
+ PKIX_BuildResult **pResult,
+ PKIX_VerifyNode **pVerifyNode,
+ void *plContext)
+{
+ PKIX_BuildResult *result = NULL;
+ PKIX_VerifyNode *verifyNode = NULL;
+ void *nbioContext = NULL;
+ void *state = NULL;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_BuildAndVerifyChain");
+ PKIX_NULLCHECK_TWO(procParams, pResult);
+
+ do {
+ if (nbioContext && state) {
+ /* PKIX-XXX: need to test functionality of NBIO handling in libPkix.
+ * See bug 391180 */
+ PRInt32 filesReady = 0;
+ PRPollDesc *pollDesc = (PRPollDesc *)nbioContext;
+ filesReady = PR_Poll(pollDesc, 1, PR_INTERVAL_NO_TIMEOUT);
+ if (filesReady <= 0) {
+ PKIX_ERROR(PKIX_PRPOLLRETBADFILENUM);
+ }
+ }
+
+ PKIX_CHECK(
+ PKIX_BuildChain(procParams, &nbioContext, &state,
+ &result, &verifyNode, plContext),
+ PKIX_UNABLETOBUILDCHAIN);
+
+ } while (nbioContext && state);
+
+ *pResult = result;
+
+cleanup:
+ if (pVerifyNode) {
+ *pVerifyNode = verifyNode;
+ }
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+/*
+ * FUNCTION: cert_PkixErrorToNssCode
+ * DESCRIPTION:
+ *
+ * Converts pkix error(PKIX_Error) structure to PR error codes.
+ *
+ * PKIX-XXX to be implemented. See 391183.
+ *
+ * PARAMETERS:
+ * "error"
+ * Pkix error that will be converted.
+ * "nssCode"
+ * Corresponding nss error code.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_PkixErrorToNssCode(
+ PKIX_Error *error,
+ SECErrorCodes *pNssErr,
+ void *plContext)
+{
+ int errLevel = 0;
+ PKIX_Int32 nssErr = 0;
+ PKIX_Error *errPtr = error;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_PkixErrorToNssCode");
+ PKIX_NULLCHECK_TWO(error, pNssErr);
+
+ /* Loop until we find at least one error with non-null
+ * plErr code, that is going to be nss error code. */
+ while (errPtr) {
+ if (errPtr->plErr && !nssErr) {
+ nssErr = errPtr->plErr;
+ if (!pkixLog)
+ break;
+ }
+ if (pkixLog) {
+#ifdef PKIX_ERROR_DESCRIPTION
+ PR_LOG(pkixLog, 2, ("Error at level %d: %s\n", errLevel,
+ PKIX_ErrorText[errPtr->errCode]));
+#else
+ PR_LOG(pkixLog, 2, ("Error at level %d: Error code %d\n", errLevel,
+ errPtr->errCode));
+#endif /* PKIX_ERROR_DESCRIPTION */
+ }
+ errPtr = errPtr->cause;
+ errLevel += 1;
+ }
+ PORT_Assert(nssErr);
+ if (!nssErr) {
+ *pNssErr = SEC_ERROR_LIBPKIX_INTERNAL;
+ } else {
+ *pNssErr = nssErr;
+ }
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+/*
+ * FUNCTION: cert_GetLogFromVerifyNode
+ * DESCRIPTION:
+ *
+ * Recursive function that converts verify node tree-like set of structures
+ * to CERTVerifyLog.
+ *
+ * PARAMETERS:
+ * "log"
+ * Pointed to already allocated CERTVerifyLog structure.
+ * "node"
+ * A node of PKIX_VerifyNode tree.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_GetLogFromVerifyNode(
+ CERTVerifyLog *log,
+ PKIX_VerifyNode *node,
+ void *plContext)
+{
+ PKIX_List *children = NULL;
+ PKIX_VerifyNode *childNode = NULL;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_GetLogFromVerifyNode");
+
+ children = node->children;
+
+ if (children == NULL) {
+ PKIX_ERRORCODE errCode = PKIX_ANCHORDIDNOTCHAINTOCERT;
+ if (node->error && node->error->errCode != errCode) {
+ if (log != NULL) {
+ SECErrorCodes nssErrorCode = 0;
+ CERTCertificate *cert = NULL;
+
+ cert = node->verifyCert->nssCert;
+
+ PKIX_CHECK(
+ cert_PkixErrorToNssCode(node->error, &nssErrorCode,
+ plContext),
+ PKIX_GETPKIXERRORCODEFAILED);
+
+ cert_AddToVerifyLog(log, cert, nssErrorCode, node->depth, NULL);
+ }
+ }
+ PKIX_RETURN(CERTVFYPKIX);
+ } else {
+ PRUint32 i = 0;
+ PKIX_UInt32 length = 0;
+
+ PKIX_CHECK(
+ PKIX_List_GetLength(children, &length, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < length; i++) {
+
+ PKIX_CHECK(
+ PKIX_List_GetItem(children, i, (PKIX_PL_Object **)&childNode,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ cert_GetLogFromVerifyNode(log, childNode, plContext),
+ PKIX_ERRORINRECURSIVEEQUALSCALL);
+
+ PKIX_DECREF(childNode);
+ }
+ }
+
+cleanup:
+ PKIX_DECREF(childNode);
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+
+/*
+ * FUNCTION: cert_GetBuildResults
+ * DESCRIPTION:
+ *
+ * Converts pkix build results to nss results. This function is called
+ * regardless of build result.
+ *
+ * If it called after chain was successfully constructed, then it will
+ * convert:
+ * * pkix cert list that represent the chain to nss cert list
+ * * trusted root the chain was anchored to nss certificate.
+ *
+ * In case of failure it will convert:
+ * * pkix error to PR error code(will set it with PORT_SetError)
+ * * pkix validation log to nss CERTVerifyLog
+ *
+ * PARAMETERS:
+ * "buildResult"
+ * Build results returned by PKIX_BuildChain.
+ * "verifyNode"
+ * Tree-like structure of chain building/validation failures
+ * returned by PKIX_BuildChain. Ignored in case of success.
+ * "error"
+ * Final error returned by PKIX_BuildChain. Should be NULL in
+ * case of success.
+ * "log"
+ * Address of pre-allocated(if not NULL) CERTVerifyLog structure.
+ * "ptrustedRoot"
+ * Address of returned trusted root the chain was anchored to.
+ * "pvalidChain"
+ * Address of returned valid chain.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Verify Error if the function fails in an unrecoverable way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+cert_GetBuildResults(
+ PKIX_BuildResult *buildResult,
+ PKIX_VerifyNode *verifyNode,
+ PKIX_Error *error,
+ CERTVerifyLog *log,
+ CERTCertificate **ptrustedRoot,
+ CERTCertList **pvalidChain,
+ void *plContext)
+{
+ PKIX_ValidateResult *validResult = NULL;
+ CERTCertList *validChain = NULL;
+ CERTCertificate *trustedRoot = NULL;
+ PKIX_TrustAnchor *trustAnchor = NULL;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_List *pkixCertChain = NULL;
+
+ PKIX_ENTER(CERTVFYPKIX, "cert_GetBuildResults");
+ if (buildResult == NULL && error == NULL) {
+ PKIX_ERROR(PKIX_NULLARGUMENT);
+ }
+
+ if (error) {
+ SECErrorCodes nssErrorCode = 0;
+ if (verifyNode) {
+ PKIX_Error *tmpError =
+ cert_GetLogFromVerifyNode(log, verifyNode, plContext);
+ if (tmpError) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)tmpError, plContext);
+ }
+ }
+ cert_PkixErrorToNssCode(error, &nssErrorCode, plContext);
+ PORT_SetError(nssErrorCode);
+ goto cleanup;
+ }
+
+ if (pvalidChain) {
+ PKIX_CHECK(
+ PKIX_BuildResult_GetCertChain(buildResult, &pkixCertChain,
+ plContext),
+ PKIX_BUILDRESULTGETCERTCHAINFAILED);
+
+ PKIX_CHECK(
+ cert_PkixToNssCertsChain(pkixCertChain, &validChain, plContext),
+ PKIX_CERTCHAINTONSSCHAINFAILED);
+ }
+
+ if (ptrustedRoot) {
+ PKIX_CHECK(
+ PKIX_BuildResult_GetValidateResult(buildResult, &validResult,
+ plContext),
+ PKIX_BUILDRESULTGETVALIDATERESULTFAILED);
+
+ PKIX_CHECK(
+ PKIX_ValidateResult_GetTrustAnchor(validResult, &trustAnchor,
+ plContext),
+ PKIX_VALIDATERESULTGETTRUSTANCHORFAILED);
+
+ PKIX_CHECK(
+ PKIX_TrustAnchor_GetTrustedCert(trustAnchor, &trustedCert,
+ plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetCERTCertificate(trustedCert, &trustedRoot,
+ plContext),
+ PKIX_CERTGETCERTCERTIFICATEFAILED);
+ }
+
+ PORT_Assert(!PKIX_ERROR_RECEIVED);
+
+ if (trustedRoot) {
+ *ptrustedRoot = trustedRoot;
+ }
+ if (validChain) {
+ *pvalidChain = validChain;
+ }
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ if (trustedRoot) {
+ CERT_DestroyCertificate(trustedRoot);
+ }
+ if (validChain) {
+ CERT_DestroyCertList(validChain);
+ }
+ }
+ PKIX_DECREF(trustAnchor);
+ PKIX_DECREF(trustedCert);
+ PKIX_DECREF(pkixCertChain);
+ PKIX_DECREF(validResult);
+ PKIX_DECREF(error);
+ PKIX_DECREF(verifyNode);
+ PKIX_DECREF(buildResult);
+
+ PKIX_RETURN(CERTVFYPKIX);
+}
+#endif /* NSS_DISABLE_LIBPKIX */
+
+/*
+ * FUNCTION: cert_VerifyCertChainPkix
+ * DESCRIPTION:
+ *
+ * The main wrapper function that is called from CERT_VerifyCert and
+ * CERT_VerifyCACertForUsage functions to validate cert with libpkix.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Leaf certificate of a chain we want to build.
+ * "checkSig"
+ * Certificate signatures will not be verified if this
+ * flag is set to PR_FALSE.
+ * "requiredUsage"
+ * Required usage for certificate and chain.
+ * "time"
+ * Validity time.
+ * "wincx"
+ * Nss database password token.
+ * "log"
+ * Address of already allocated CERTVerifyLog structure. Not
+ * used if NULL;
+ * "pSigerror"
+ * Address of PRBool. If not NULL, returns true is cert chain
+ * was invalidated because of bad certificate signature.
+ * "pRevoked"
+ * Address of PRBool. If not NULL, returns true is cert chain
+ * was invalidated because a revoked certificate was found in
+ * the chain.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * SECFailure is chain building process has failed. SECSuccess otherwise.
+ */
+SECStatus
+cert_VerifyCertChainPkix(
+ CERTCertificate *cert,
+ PRBool checkSig,
+ SECCertUsage requiredUsage,
+ PRTime time,
+ void *wincx,
+ CERTVerifyLog *log,
+ PRBool *pSigerror,
+ PRBool *pRevoked)
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+#else
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_BuildResult *result = NULL;
+ PKIX_VerifyNode *verifyNode = NULL;
+ PKIX_Error *error = NULL;
+
+ SECStatus rv = SECFailure;
+ void *plContext = NULL;
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ int leakedObjNum = 0;
+ int memLeakLoopCount = 0;
+ int objCountTable[PKIX_NUMTYPES];
+ int fnInvLocalCount = 0;
+ PKIX_Boolean savedUsePkixEngFlag = usePKIXValidationEngine;
+
+ if (usePKIXValidationEngine) {
+ /* current memory leak testing implementation does not allow
+ * to run simultaneous tests one the same or a different threads.
+ * Setting the variable to false, to make additional chain
+ * validations be handled by old nss. */
+ usePKIXValidationEngine = PR_FALSE;
+ }
+ testStartFnStackPosition = 2;
+ fnStackNameArr[0] = "cert_VerifyCertChainPkix";
+ fnStackInvCountArr[0] = 0;
+ PKIX_Boolean abortOnLeak =
+ (PR_GetEnvSecure("PKIX_OBJECT_LEAK_TEST_ABORT_ON_LEAK") == NULL) ? PKIX_FALSE
+ : PKIX_TRUE;
+ runningLeakTest = PKIX_TRUE;
+
+ /* Prevent multi-threaded run of object leak test */
+ fnInvLocalCount = PR_ATOMIC_INCREMENT(&parallelFnInvocationCount);
+ PORT_Assert(fnInvLocalCount == 1);
+
+ do {
+ rv = SECFailure;
+ plContext = NULL;
+ procParams = NULL;
+ result = NULL;
+ verifyNode = NULL;
+ error = NULL;
+ errorGenerated = PKIX_FALSE;
+ stackPosition = 0;
+
+ if (leakedObjNum) {
+ pkix_pl_lifecycle_ObjectTableUpdate(objCountTable);
+ }
+ memLeakLoopCount += 1;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ error =
+ cert_CreatePkixProcessingParams(cert, checkSig, time, wincx,
+ PR_FALSE /*use arena*/,
+ requiredUsage == certUsageStatusResponder,
+ &procParams, &plContext);
+ if (error) {
+ goto cleanup;
+ }
+
+ error =
+ cert_ProcessingParamsSetKeyAndCertUsage(procParams, requiredUsage, 0,
+ plContext);
+ if (error) {
+ goto cleanup;
+ }
+
+ error =
+ cert_BuildAndValidateChain(procParams, &result, &verifyNode, plContext);
+ if (error) {
+ goto cleanup;
+ }
+
+ if (pRevoked) {
+ /* Currently always PR_FALSE. Will be fixed as a part of 394077 */
+ *pRevoked = PR_FALSE;
+ }
+ if (pSigerror) {
+ /* Currently always PR_FALSE. Will be fixed as a part of 394077 */
+ *pSigerror = PR_FALSE;
+ }
+ rv = SECSuccess;
+
+ cleanup:
+ error = cert_GetBuildResults(result, verifyNode, error, log, NULL, NULL,
+ plContext);
+ if (error) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
+ }
+ if (procParams) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)procParams, plContext);
+ }
+ if (plContext) {
+ PKIX_PL_NssContext_Destroy(plContext);
+ }
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ leakedObjNum =
+ pkix_pl_lifecycle_ObjectLeakCheck(leakedObjNum ? objCountTable : NULL);
+
+ if (pkixLog && leakedObjNum) {
+ PR_LOG(pkixLog, 1, ("The generated error caused an object leaks. Loop %d."
+ "Stack %s\n",
+ memLeakLoopCount, errorFnStackString));
+ }
+ PR_Free(errorFnStackString);
+ errorFnStackString = NULL;
+ if (abortOnLeak) {
+ PORT_Assert(leakedObjNum == 0);
+ }
+
+ } while (errorGenerated);
+
+ runningLeakTest = PKIX_FALSE;
+ PR_ATOMIC_DECREMENT(&parallelFnInvocationCount);
+ usePKIXValidationEngine = savedUsePkixEngFlag;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ return rv;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+#ifndef NSS_DISABLE_LIBPKIX
+PKIX_CertSelector *
+cert_GetTargetCertConstraints(CERTCertificate *target, void *plContext)
+{
+ PKIX_ComCertSelParams *certSelParams = NULL;
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_CertSelector *r = NULL;
+ PKIX_PL_Cert *eeCert = NULL;
+ PKIX_Error *error = NULL;
+
+ error = PKIX_PL_Cert_CreateFromCERTCertificate(target, &eeCert, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_ComCertSelParams_Create(&certSelParams, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_ComCertSelParams_SetCertificate(
+ certSelParams, eeCert, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, certSelParams, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_PL_Object_IncRef((PKIX_PL_Object *)certSelector, plContext);
+ if (error == NULL)
+ r = certSelector;
+
+cleanup:
+ if (certSelParams != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certSelParams, plContext);
+
+ if (eeCert != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)eeCert, plContext);
+
+ if (certSelector != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certSelector, plContext);
+
+ if (error != NULL) {
+ SECErrorCodes nssErr;
+
+ cert_PkixErrorToNssCode(error, &nssErr, plContext);
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
+ PORT_SetError(nssErr);
+ }
+
+ return r;
+}
+
+static PKIX_List *
+cert_GetCertStores(void *plContext)
+{
+ PKIX_CertStore *certStore = NULL;
+ PKIX_List *certStores = NULL;
+ PKIX_List *r = NULL;
+ PKIX_Error *error = NULL;
+
+ error = PKIX_PL_Pk11CertStore_Create(&certStore, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_List_Create(&certStores, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_List_AppendItem(certStores,
+ (PKIX_PL_Object *)certStore, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_PL_Object_IncRef((PKIX_PL_Object *)certStores, plContext);
+ if (error == NULL)
+ r = certStores;
+
+cleanup:
+ if (certStores != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certStores, plContext);
+
+ if (certStore != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certStore, plContext);
+
+ if (error != NULL) {
+ SECErrorCodes nssErr;
+
+ cert_PkixErrorToNssCode(error, &nssErr, plContext);
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
+ PORT_SetError(nssErr);
+ }
+
+ return r;
+}
+
+struct fake_PKIX_PL_CertStruct {
+ CERTCertificate *nssCert;
+};
+
+/* This needs to be part of the PKIX_PL_* */
+/* This definitely needs to go away, and be replaced with
+ a real accessor function in PKIX */
+static CERTCertificate *
+cert_NSSCertFromPKIXCert(const PKIX_PL_Cert *pkix_cert)
+{
+ struct fake_PKIX_PL_CertStruct *fcert = NULL;
+
+ fcert = (struct fake_PKIX_PL_CertStruct *)pkix_cert;
+
+ return CERT_DupCertificate(fcert->nssCert);
+}
+
+PKIX_List *
+cert_PKIXMakeOIDList(const SECOidTag *oids, int oidCount, void *plContext)
+{
+ PKIX_List *r = NULL;
+ PKIX_List *policyList = NULL;
+ PKIX_PL_OID *policyOID = NULL;
+ PKIX_Error *error = NULL;
+ int i;
+
+ error = PKIX_List_Create(&policyList, plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ for (i = 0; i < oidCount; i++) {
+ error = PKIX_PL_OID_Create(oids[i], &policyOID, plContext);
+ if (error) {
+ goto cleanup;
+ }
+ error = PKIX_List_AppendItem(policyList,
+ (PKIX_PL_Object *)policyOID, plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)policyOID, plContext);
+ policyOID = NULL;
+ }
+
+ error = PKIX_List_SetImmutable(policyList, plContext);
+ if (error != NULL)
+ goto cleanup;
+
+ error = PKIX_PL_Object_IncRef((PKIX_PL_Object *)policyList, plContext);
+ if (error == NULL)
+ r = policyList;
+
+cleanup:
+ if (policyOID != NULL) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)policyOID, plContext);
+ }
+ if (policyList != NULL) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)policyList, plContext);
+ }
+ if (error != NULL) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
+ }
+
+ return r;
+}
+
+CERTValOutParam *
+cert_pkix_FindOutputParam(CERTValOutParam *params, const CERTValParamOutType t)
+{
+ CERTValOutParam *i;
+ if (params == NULL) {
+ return NULL;
+ }
+ for (i = params; i->type != cert_po_end; i++) {
+ if (i->type == t) {
+ return i;
+ }
+ }
+ return NULL;
+}
+
+static PKIX_Error *
+setRevocationMethod(PKIX_RevocationChecker *revChecker,
+ PKIX_ProcessingParams *procParams,
+ const CERTRevocationTests *revTest,
+ CERTRevocationMethodIndex certRevMethod,
+ PKIX_RevocationMethodType pkixRevMethod,
+ PKIX_Boolean verifyResponderUsages,
+ PKIX_Boolean isLeafTest,
+ void *plContext)
+{
+ PKIX_UInt32 methodFlags = 0;
+ PKIX_Error *error = NULL;
+ PKIX_UInt32 priority = 0;
+
+ if (revTest->number_of_defined_methods <= (PRUint32)certRevMethod) {
+ return NULL;
+ }
+ if (revTest->preferred_methods) {
+ unsigned int i = 0;
+ for (; i < revTest->number_of_preferred_methods; i++) {
+ if (revTest->preferred_methods[i] == certRevMethod)
+ break;
+ }
+ priority = i;
+ }
+ methodFlags = revTest->cert_rev_flags_per_method[certRevMethod];
+ if (verifyResponderUsages &&
+ pkixRevMethod == PKIX_RevocationMethod_OCSP) {
+ methodFlags |= PKIX_REV_M_FORBID_NETWORK_FETCHING;
+ }
+ error =
+ PKIX_RevocationChecker_CreateAndAddMethod(revChecker, procParams,
+ pkixRevMethod, methodFlags,
+ priority, NULL,
+ isLeafTest, plContext);
+ return error;
+}
+
+SECStatus
+cert_pkixSetParam(PKIX_ProcessingParams *procParams,
+ const CERTValInParam *param, void *plContext)
+{
+ PKIX_Error *error = NULL;
+ SECStatus r = SECSuccess;
+ PKIX_PL_Date *date = NULL;
+ PKIX_List *policyOIDList = NULL;
+ PKIX_List *certListPkix = NULL;
+ const CERTRevocationFlags *flags;
+ SECErrorCodes errCode = SEC_ERROR_INVALID_ARGS;
+ const CERTCertList *certList = NULL;
+ CERTCertListNode *node;
+ PKIX_PL_Cert *certPkix = NULL;
+ PKIX_TrustAnchor *trustAnchor = NULL;
+ PKIX_RevocationChecker *revChecker = NULL;
+ PKIX_PL_NssContext *nssContext = (PKIX_PL_NssContext *)plContext;
+
+ /* XXX we need a way to map generic PKIX error to generic NSS errors */
+
+ switch (param->type) {
+
+ case cert_pi_policyOID:
+
+ /* needed? */
+ error = PKIX_ProcessingParams_SetExplicitPolicyRequired(
+ procParams, PKIX_TRUE, plContext);
+
+ if (error != NULL) {
+ break;
+ }
+
+ policyOIDList = cert_PKIXMakeOIDList(param->value.array.oids,
+ param->value.arraySize, plContext);
+ if (policyOIDList == NULL) {
+ r = SECFailure;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ break;
+ }
+
+ error = PKIX_ProcessingParams_SetInitialPolicies(
+ procParams, policyOIDList, plContext);
+ break;
+
+ case cert_pi_date:
+ if (param->value.scalar.time == 0) {
+ error = PKIX_PL_Date_Create_UTCTime(NULL, &date, plContext);
+ if (error != NULL) {
+ errCode = SEC_ERROR_INVALID_TIME;
+ break;
+ }
+ } else {
+ error = pkix_pl_Date_CreateFromPRTime(param->value.scalar.time,
+ &date, plContext);
+ if (error != NULL) {
+ errCode = SEC_ERROR_INVALID_TIME;
+ break;
+ }
+ }
+
+ error = PKIX_ProcessingParams_SetDate(procParams, date, plContext);
+ if (error != NULL) {
+ errCode = SEC_ERROR_INVALID_TIME;
+ }
+ break;
+
+ case cert_pi_revocationFlags: {
+ PKIX_UInt32 leafIMFlags = 0;
+ PKIX_UInt32 chainIMFlags = 0;
+ PKIX_Boolean validatingResponderCert = PKIX_FALSE;
+
+ flags = param->value.pointer.revocation;
+ if (!flags) {
+ PORT_SetError(errCode);
+ r = SECFailure;
+ break;
+ }
+
+ leafIMFlags =
+ flags->leafTests.cert_rev_method_independent_flags;
+ chainIMFlags =
+ flags->chainTests.cert_rev_method_independent_flags;
+
+ error =
+ PKIX_RevocationChecker_Create(leafIMFlags, chainIMFlags,
+ &revChecker, plContext);
+ if (error) {
+ break;
+ }
+
+ error =
+ PKIX_ProcessingParams_SetRevocationChecker(procParams,
+ revChecker, plContext);
+ if (error) {
+ break;
+ }
+
+ if (((PKIX_PL_NssContext *)plContext)->certificateUsage &
+ certificateUsageStatusResponder) {
+ validatingResponderCert = PKIX_TRUE;
+ }
+
+ error = setRevocationMethod(revChecker,
+ procParams, &flags->leafTests,
+ cert_revocation_method_crl,
+ PKIX_RevocationMethod_CRL,
+ validatingResponderCert,
+ PKIX_TRUE, plContext);
+ if (error) {
+ break;
+ }
+
+ error = setRevocationMethod(revChecker,
+ procParams, &flags->leafTests,
+ cert_revocation_method_ocsp,
+ PKIX_RevocationMethod_OCSP,
+ validatingResponderCert,
+ PKIX_TRUE, plContext);
+ if (error) {
+ break;
+ }
+
+ error = setRevocationMethod(revChecker,
+ procParams, &flags->chainTests,
+ cert_revocation_method_crl,
+ PKIX_RevocationMethod_CRL,
+ validatingResponderCert,
+ PKIX_FALSE, plContext);
+ if (error) {
+ break;
+ }
+
+ error = setRevocationMethod(revChecker,
+ procParams, &flags->chainTests,
+ cert_revocation_method_ocsp,
+ PKIX_RevocationMethod_OCSP,
+ validatingResponderCert,
+ PKIX_FALSE, plContext);
+ if (error) {
+ break;
+ }
+
+ } break;
+
+ case cert_pi_trustAnchors:
+ certList = param->value.pointer.chain;
+ if (!certList) {
+ PORT_SetError(errCode);
+ r = SECFailure;
+ break;
+ }
+ error = PKIX_List_Create(&certListPkix, plContext);
+ if (error != NULL) {
+ break;
+ }
+ for (node = CERT_LIST_HEAD(certList); !CERT_LIST_END(node, certList);
+ node = CERT_LIST_NEXT(node)) {
+ error = PKIX_PL_Cert_CreateFromCERTCertificate(node->cert,
+ &certPkix, plContext);
+ if (error) {
+ break;
+ }
+ error = PKIX_TrustAnchor_CreateWithCert(certPkix, &trustAnchor,
+ plContext);
+ if (error) {
+ break;
+ }
+ error = PKIX_List_AppendItem(certListPkix,
+ (PKIX_PL_Object *)trustAnchor, plContext);
+ if (error) {
+ break;
+ }
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)trustAnchor, plContext);
+ trustAnchor = NULL;
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certPkix, plContext);
+ certPkix = NULL;
+ }
+ error =
+ PKIX_ProcessingParams_SetTrustAnchors(procParams, certListPkix,
+ plContext);
+ break;
+
+ case cert_pi_useAIACertFetch:
+ error =
+ PKIX_ProcessingParams_SetUseAIAForCertFetching(procParams,
+ (PRBool)(param->value.scalar.b !=
+ 0),
+ plContext);
+ break;
+
+ case cert_pi_chainVerifyCallback: {
+ const CERTChainVerifyCallback *chainVerifyCallback =
+ param->value.pointer.chainVerifyCallback;
+ if (!chainVerifyCallback || !chainVerifyCallback->isChainValid) {
+ PORT_SetError(errCode);
+ r = SECFailure;
+ break;
+ }
+
+ nssContext->chainVerifyCallback = *chainVerifyCallback;
+ } break;
+
+ case cert_pi_useOnlyTrustAnchors:
+ error =
+ PKIX_ProcessingParams_SetUseOnlyTrustAnchors(procParams,
+ (PRBool)(param->value.scalar.b !=
+ 0),
+ plContext);
+ break;
+
+ default:
+ PORT_SetError(errCode);
+ r = SECFailure;
+ break;
+ }
+
+ if (policyOIDList != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)policyOIDList, plContext);
+
+ if (date != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)date, plContext);
+
+ if (revChecker != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)revChecker, plContext);
+
+ if (certListPkix)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certListPkix, plContext);
+
+ if (trustAnchor)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)trustAnchor, plContext);
+
+ if (certPkix)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certPkix, plContext);
+
+ if (error != NULL) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
+ PORT_SetError(errCode);
+ r = SECFailure;
+ }
+
+ return r;
+}
+
+void
+cert_pkixDestroyValOutParam(CERTValOutParam *params)
+{
+ CERTValOutParam *i;
+
+ if (params == NULL) {
+ return;
+ }
+ for (i = params; i->type != cert_po_end; i++) {
+ switch (i->type) {
+ case cert_po_trustAnchor:
+ if (i->value.pointer.cert) {
+ CERT_DestroyCertificate(i->value.pointer.cert);
+ i->value.pointer.cert = NULL;
+ }
+ break;
+
+ case cert_po_certList:
+ if (i->value.pointer.chain) {
+ CERT_DestroyCertList(i->value.pointer.chain);
+ i->value.pointer.chain = NULL;
+ }
+ break;
+
+ default:
+ break;
+ }
+ }
+}
+
+static PRUint64 certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy_LeafFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FORBID_NETWORK_FETCHING |
+ CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO,
+ /* ocsp */
+ CERT_REV_M_TEST_USING_THIS_METHOD
+};
+
+static PRUint64 certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy_ChainFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FORBID_NETWORK_FETCHING |
+ CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO,
+ /* ocsp */
+ 0
+};
+
+static CERTRevocationMethodIndex
+ certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy_Method_Preference = {
+ cert_revocation_method_crl
+ };
+
+static const CERTRevocationFlags certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy = {
+ { /* leafTests */
+ 2,
+ certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy_LeafFlags,
+ 1,
+ &certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy_Method_Preference,
+ 0 },
+ { /* chainTests */
+ 2,
+ certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy_ChainFlags,
+ 0,
+ 0,
+ 0 }
+};
+#endif /* NSS_DISABLE_LIBPKIX */
+
+extern const CERTRevocationFlags *
+CERT_GetClassicOCSPEnabledSoftFailurePolicy()
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+#else
+ return &certRev_NSS_3_11_Ocsp_Enabled_Soft_Policy;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+#ifndef NSS_DISABLE_LIBPKIX
+static PRUint64 certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy_LeafFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FORBID_NETWORK_FETCHING |
+ CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO,
+ /* ocsp */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FAIL_ON_MISSING_FRESH_INFO
+};
+
+static PRUint64 certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy_ChainFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FORBID_NETWORK_FETCHING |
+ CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO,
+ /* ocsp */
+ 0
+};
+
+static CERTRevocationMethodIndex
+ certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy_Method_Preference = {
+ cert_revocation_method_crl
+ };
+
+static const CERTRevocationFlags certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy = {
+ { /* leafTests */
+ 2,
+ certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy_LeafFlags,
+ 1,
+ &certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy_Method_Preference,
+ 0 },
+ { /* chainTests */
+ 2,
+ certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy_ChainFlags,
+ 0,
+ 0,
+ 0 }
+};
+#endif /* NSS_DISABLE_LIBPKIX */
+
+extern const CERTRevocationFlags *
+CERT_GetClassicOCSPEnabledHardFailurePolicy()
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+#else
+ return &certRev_NSS_3_11_Ocsp_Enabled_Hard_Policy;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+#ifndef NSS_DISABLE_LIBPKIX
+static PRUint64 certRev_NSS_3_11_Ocsp_Disabled_Policy_LeafFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FORBID_NETWORK_FETCHING |
+ CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO,
+ /* ocsp */
+ 0
+};
+
+static PRUint64 certRev_NSS_3_11_Ocsp_Disabled_Policy_ChainFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FORBID_NETWORK_FETCHING |
+ CERT_REV_M_CONTINUE_TESTING_ON_FRESH_INFO,
+ /* ocsp */
+ 0
+};
+
+static const CERTRevocationFlags certRev_NSS_3_11_Ocsp_Disabled_Policy = {
+ { /* leafTests */
+ 2,
+ certRev_NSS_3_11_Ocsp_Disabled_Policy_LeafFlags,
+ 0,
+ 0,
+ 0 },
+ { /* chainTests */
+ 2,
+ certRev_NSS_3_11_Ocsp_Disabled_Policy_ChainFlags,
+ 0,
+ 0,
+ 0 }
+};
+#endif /* NSS_DISABLE_LIBPKIX */
+
+extern const CERTRevocationFlags *
+CERT_GetClassicOCSPDisabledPolicy()
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+#else
+ return &certRev_NSS_3_11_Ocsp_Disabled_Policy;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+#ifndef NSS_DISABLE_LIBPKIX
+static PRUint64 certRev_PKIX_Verify_Nist_Policy_LeafFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FAIL_ON_MISSING_FRESH_INFO |
+ CERT_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE,
+ /* ocsp */
+ 0
+};
+
+static PRUint64 certRev_PKIX_Verify_Nist_Policy_ChainFlags[2] = {
+ /* crl */
+ CERT_REV_M_TEST_USING_THIS_METHOD |
+ CERT_REV_M_FAIL_ON_MISSING_FRESH_INFO |
+ CERT_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE,
+ /* ocsp */
+ 0
+};
+
+static const CERTRevocationFlags certRev_PKIX_Verify_Nist_Policy = {
+ { /* leafTests */
+ 2,
+ certRev_PKIX_Verify_Nist_Policy_LeafFlags,
+ 0,
+ 0,
+ 0 },
+ { /* chainTests */
+ 2,
+ certRev_PKIX_Verify_Nist_Policy_ChainFlags,
+ 0,
+ 0,
+ 0 }
+};
+#endif /* NSS_DISABLE_LIBPKIX */
+
+extern const CERTRevocationFlags *
+CERT_GetPKIXVerifyNistRevocationPolicy()
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+#else
+ return &certRev_PKIX_Verify_Nist_Policy;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+CERTRevocationFlags *
+CERT_AllocCERTRevocationFlags(
+ PRUint32 number_leaf_methods, PRUint32 number_leaf_pref_methods,
+ PRUint32 number_chain_methods, PRUint32 number_chain_pref_methods)
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+#else
+ CERTRevocationFlags *flags;
+
+ flags = PORT_New(CERTRevocationFlags);
+ if (!flags)
+ return (NULL);
+
+ flags->leafTests.number_of_defined_methods = number_leaf_methods;
+ flags->leafTests.cert_rev_flags_per_method =
+ PORT_NewArray(PRUint64, number_leaf_methods);
+
+ flags->leafTests.number_of_preferred_methods = number_leaf_pref_methods;
+ flags->leafTests.preferred_methods =
+ PORT_NewArray(CERTRevocationMethodIndex, number_leaf_pref_methods);
+
+ flags->chainTests.number_of_defined_methods = number_chain_methods;
+ flags->chainTests.cert_rev_flags_per_method =
+ PORT_NewArray(PRUint64, number_chain_methods);
+
+ flags->chainTests.number_of_preferred_methods = number_chain_pref_methods;
+ flags->chainTests.preferred_methods =
+ PORT_NewArray(CERTRevocationMethodIndex, number_chain_pref_methods);
+
+ if (!flags->leafTests.cert_rev_flags_per_method ||
+ !flags->leafTests.preferred_methods ||
+ !flags->chainTests.cert_rev_flags_per_method ||
+ !flags->chainTests.preferred_methods) {
+ CERT_DestroyCERTRevocationFlags(flags);
+ return (NULL);
+ }
+
+ return flags;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+void
+CERT_DestroyCERTRevocationFlags(CERTRevocationFlags *flags)
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return;
+#else
+ if (!flags)
+ return;
+
+ if (flags->leafTests.cert_rev_flags_per_method)
+ PORT_Free(flags->leafTests.cert_rev_flags_per_method);
+
+ if (flags->leafTests.preferred_methods)
+ PORT_Free(flags->leafTests.preferred_methods);
+
+ if (flags->chainTests.cert_rev_flags_per_method)
+ PORT_Free(flags->chainTests.cert_rev_flags_per_method);
+
+ if (flags->chainTests.preferred_methods)
+ PORT_Free(flags->chainTests.preferred_methods);
+
+ PORT_Free(flags);
+#endif /* NSS_DISABLE_LIBPKIX */
+}
+
+/*
+ * CERT_PKIXVerifyCert
+ *
+ * Verify a Certificate using the PKIX library.
+ *
+ * Parameters:
+ * cert - the target certificate to verify. Must be non-null
+ * params - an array of type/value parameters which can be
+ * used to modify the behavior of the validation
+ * algorithm, or supply additional constraints.
+ *
+ * outputTrustAnchor - the trust anchor which the certificate
+ * chains to. The caller is responsible
+ * for freeing this.
+ *
+ * Example Usage:
+ * CERTValParam args[3];
+ * args[0].type = cvpt_policyOID;
+ * args[0].value.si = oid;
+ * args[1].type = revCheckRequired;
+ * args[1].value.b = PR_TRUE;
+ * args[2].type = cvpt_end;
+ *
+ * CERT_PKIXVerifyCert(cert, &output, args
+ */
+SECStatus
+CERT_PKIXVerifyCert(
+ CERTCertificate *cert,
+ SECCertificateUsage usages,
+ CERTValInParam *paramsIn,
+ CERTValOutParam *paramsOut,
+ void *wincx)
+{
+#ifdef NSS_DISABLE_LIBPKIX
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+#else
+ SECStatus r = SECFailure;
+ PKIX_Error *error = NULL;
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_BuildResult *buildResult = NULL;
+ void *nbioContext = NULL; /* for non-blocking IO */
+ void *buildState = NULL; /* for non-blocking IO */
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_List *certStores = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_VerifyNode *verifyNode = NULL;
+ PKIX_TrustAnchor *trustAnchor = NULL;
+ PKIX_PL_Cert *trustAnchorCert = NULL;
+ PKIX_List *builtCertList = NULL;
+ CERTValOutParam *oparam = NULL;
+ int i = 0;
+
+ void *plContext = NULL;
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ int leakedObjNum = 0;
+ int memLeakLoopCount = 0;
+ int objCountTable[PKIX_NUMTYPES];
+ int fnInvLocalCount = 0;
+ PKIX_Boolean savedUsePkixEngFlag = usePKIXValidationEngine;
+
+ if (usePKIXValidationEngine) {
+ /* current memory leak testing implementation does not allow
+ * to run simultaneous tests one the same or a different threads.
+ * Setting the variable to false, to make additional chain
+ * validations be handled by old nss. */
+ usePKIXValidationEngine = PR_FALSE;
+ }
+ testStartFnStackPosition = 1;
+ fnStackNameArr[0] = "CERT_PKIXVerifyCert";
+ fnStackInvCountArr[0] = 0;
+ PKIX_Boolean abortOnLeak =
+ (PR_GetEnvSecure("PKIX_OBJECT_LEAK_TEST_ABORT_ON_LEAK") == NULL) ? PKIX_FALSE
+ : PKIX_TRUE;
+ runningLeakTest = PKIX_TRUE;
+
+ /* Prevent multi-threaded run of object leak test */
+ fnInvLocalCount = PR_ATOMIC_INCREMENT(&parallelFnInvocationCount);
+ PORT_Assert(fnInvLocalCount == 1);
+
+ do {
+ r = SECFailure;
+ error = NULL;
+ procParams = NULL;
+ buildResult = NULL;
+ nbioContext = NULL; /* for non-blocking IO */
+ buildState = NULL; /* for non-blocking IO */
+ certSelector = NULL;
+ certStores = NULL;
+ valResult = NULL;
+ verifyNode = NULL;
+ trustAnchor = NULL;
+ trustAnchorCert = NULL;
+ builtCertList = NULL;
+ oparam = NULL;
+ i = 0;
+ errorGenerated = PKIX_FALSE;
+ stackPosition = 0;
+
+ if (leakedObjNum) {
+ pkix_pl_lifecycle_ObjectTableUpdate(objCountTable);
+ }
+ memLeakLoopCount += 1;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ error = PKIX_PL_NssContext_Create(
+ 0, PR_FALSE /*use arena*/, wincx, &plContext);
+ if (error != NULL) { /* need pkix->nss error map */
+ PORT_SetError(SEC_ERROR_CERT_NOT_VALID);
+ goto cleanup;
+ }
+
+ error = pkix_pl_NssContext_SetCertUsage(usages, plContext);
+ if (error != NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+
+ error = PKIX_ProcessingParams_Create(&procParams, plContext);
+ if (error != NULL) { /* need pkix->nss error map */
+ PORT_SetError(SEC_ERROR_CERT_NOT_VALID);
+ goto cleanup;
+ }
+
+ /* local cert store should be set into procParams before
+ * filling in revocation settings. */
+ certStores = cert_GetCertStores(plContext);
+ if (certStores == NULL) {
+ goto cleanup;
+ }
+ error = PKIX_ProcessingParams_SetCertStores(procParams, certStores, plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ /* now process the extensible input parameters structure */
+ if (paramsIn != NULL) {
+ i = 0;
+ while (paramsIn[i].type != cert_pi_end) {
+ if (paramsIn[i].type >= cert_pi_max) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+ if (cert_pkixSetParam(procParams,
+ &paramsIn[i], plContext) !=
+ SECSuccess) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+ i++;
+ }
+ }
+
+ certSelector = cert_GetTargetCertConstraints(cert, plContext);
+ if (certSelector == NULL) {
+ goto cleanup;
+ }
+ error = PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ error = PKIX_BuildChain(procParams, &nbioContext,
+ &buildState, &buildResult, &verifyNode,
+ plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ error = PKIX_BuildResult_GetValidateResult(buildResult, &valResult,
+ plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ error = PKIX_ValidateResult_GetTrustAnchor(valResult, &trustAnchor,
+ plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ if (trustAnchor != NULL) {
+ error = PKIX_TrustAnchor_GetTrustedCert(trustAnchor, &trustAnchorCert,
+ plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+ }
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ /* Can not continue if error was generated but not returned.
+ * Jumping to cleanup. */
+ if (errorGenerated)
+ goto cleanup;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ oparam = cert_pkix_FindOutputParam(paramsOut, cert_po_trustAnchor);
+ if (oparam != NULL) {
+ if (trustAnchorCert != NULL) {
+ oparam->value.pointer.cert =
+ cert_NSSCertFromPKIXCert(trustAnchorCert);
+ } else {
+ oparam->value.pointer.cert = NULL;
+ }
+ }
+
+ error = PKIX_BuildResult_GetCertChain(buildResult, &builtCertList,
+ plContext);
+ if (error != NULL) {
+ goto cleanup;
+ }
+
+ oparam = cert_pkix_FindOutputParam(paramsOut, cert_po_certList);
+ if (oparam != NULL) {
+ error = cert_PkixToNssCertsChain(builtCertList,
+ &oparam->value.pointer.chain,
+ plContext);
+ if (error)
+ goto cleanup;
+ }
+
+ r = SECSuccess;
+
+ cleanup:
+ if (verifyNode) {
+ /* Return validation log only upon error. */
+ oparam = cert_pkix_FindOutputParam(paramsOut, cert_po_errorLog);
+#ifdef PKIX_OBJECT_LEAK_TEST
+ if (!errorGenerated)
+#endif /* PKIX_OBJECT_LEAK_TEST */
+ if (r && oparam != NULL) {
+ PKIX_Error *tmpError =
+ cert_GetLogFromVerifyNode(oparam->value.pointer.log,
+ verifyNode, plContext);
+ if (tmpError) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)tmpError, plContext);
+ }
+ }
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)verifyNode, plContext);
+ }
+
+ if (procParams != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)procParams, plContext);
+
+ if (trustAnchorCert != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)trustAnchorCert, plContext);
+
+ if (trustAnchor != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)trustAnchor, plContext);
+
+ if (valResult != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)valResult, plContext);
+
+ if (buildResult != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)buildResult, plContext);
+
+ if (certStores != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certStores, plContext);
+
+ if (certSelector != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)certSelector, plContext);
+
+ if (builtCertList != NULL)
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)builtCertList, plContext);
+
+ if (error != NULL) {
+ SECErrorCodes nssErrorCode = 0;
+
+ cert_PkixErrorToNssCode(error, &nssErrorCode, plContext);
+ cert_pkixDestroyValOutParam(paramsOut);
+ PORT_SetError(nssErrorCode);
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
+ }
+
+ PKIX_PL_NssContext_Destroy(plContext);
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ leakedObjNum =
+ pkix_pl_lifecycle_ObjectLeakCheck(leakedObjNum ? objCountTable : NULL);
+
+ if (pkixLog && leakedObjNum) {
+ PR_LOG(pkixLog, 1, ("The generated error caused an object leaks. Loop %d."
+ "Stack %s\n",
+ memLeakLoopCount, errorFnStackString));
+ }
+ PR_Free(errorFnStackString);
+ errorFnStackString = NULL;
+ if (abortOnLeak) {
+ PORT_Assert(leakedObjNum == 0);
+ }
+
+ } while (errorGenerated);
+
+ runningLeakTest = PKIX_FALSE;
+ PR_ATOMIC_DECREMENT(&parallelFnInvocationCount);
+ usePKIXValidationEngine = savedUsePkixEngFlag;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ return r;
+#endif /* NSS_DISABLE_LIBPKIX */
+}
diff --git a/security/nss/lib/certhigh/config.mk b/security/nss/lib/certhigh/config.mk
new file mode 100644
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/certhigh/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/certhigh/crlv2.c b/security/nss/lib/certhigh/crlv2.c
new file mode 100644
index 000000000..d58d4e083
--- /dev/null
+++ b/security/nss/lib/certhigh/crlv2.c
@@ -0,0 +1,160 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Code for dealing with x.509 v3 crl and crl entries extensions.
+ */
+
+#include "cert.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secoidt.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "certxutl.h"
+
+SECStatus
+CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
+{
+ return (cert_FindExtensionByOID(crl->extensions, oid, value));
+}
+
+SECStatus
+CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
+{
+ return (cert_FindExtension(crl->extensions, tag, value));
+}
+
+/* Callback to set extensions and adjust verison */
+static void
+SetCrlExts(void *object, CERTCertExtension **exts)
+{
+ CERTCrl *crl = (CERTCrl *)object;
+
+ crl->extensions = exts;
+ DER_SetUInteger(crl->arena, &crl->version, SEC_CRL_VERSION_2);
+}
+
+void *
+CERT_StartCRLExtensions(CERTCrl *crl)
+{
+ return (cert_StartExtensions((void *)crl, crl->arena, SetCrlExts));
+}
+
+static void
+SetCrlEntryExts(void *object, CERTCertExtension **exts)
+{
+ CERTCrlEntry *crlEntry = (CERTCrlEntry *)object;
+
+ crlEntry->extensions = exts;
+}
+
+void *
+CERT_StartCRLEntryExtensions(CERTCrl *crl, CERTCrlEntry *entry)
+{
+ return (cert_StartExtensions(entry, crl->arena, SetCrlEntryExts));
+}
+
+SECStatus
+CERT_FindCRLNumberExten(PLArenaPool *arena, CERTCrl *crl,
+ SECItem *value)
+{
+ SECItem encodedExtenValue;
+ SECItem *tmpItem = NULL;
+ SECStatus rv;
+ void *mark = NULL;
+
+ encodedExtenValue.data = NULL;
+ encodedExtenValue.len = 0;
+
+ rv = cert_FindExtension(crl->extensions, SEC_OID_X509_CRL_NUMBER,
+ &encodedExtenValue);
+ if (rv != SECSuccess)
+ return (rv);
+
+ mark = PORT_ArenaMark(arena);
+
+ tmpItem = SECITEM_ArenaDupItem(arena, &encodedExtenValue);
+ if (tmpItem) {
+ rv = SEC_QuickDERDecodeItem(arena, value,
+ SEC_ASN1_GET(SEC_IntegerTemplate),
+ tmpItem);
+ } else {
+ rv = SECFailure;
+ }
+
+ PORT_Free(encodedExtenValue.data);
+ if (rv == SECFailure) {
+ PORT_ArenaRelease(arena, mark);
+ } else {
+ PORT_ArenaUnmark(arena, mark);
+ }
+ return (rv);
+}
+
+SECStatus
+CERT_FindCRLEntryReasonExten(CERTCrlEntry *crlEntry,
+ CERTCRLEntryReasonCode *value)
+{
+ SECItem wrapperItem = { siBuffer, 0 };
+ SECItem tmpItem = { siBuffer, 0 };
+ SECStatus rv;
+ PLArenaPool *arena = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return (SECFailure);
+ }
+
+ rv = cert_FindExtension(crlEntry->extensions, SEC_OID_X509_REASON_CODE,
+ &wrapperItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, &tmpItem,
+ SEC_ASN1_GET(SEC_EnumeratedTemplate),
+ &wrapperItem);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ *value = (CERTCRLEntryReasonCode)DER_GetInteger(&tmpItem);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (wrapperItem.data) {
+ PORT_Free(wrapperItem.data);
+ }
+
+ return (rv);
+}
+
+SECStatus
+CERT_FindInvalidDateExten(CERTCrl *crl, PRTime *value)
+{
+ SECItem encodedExtenValue;
+ SECItem decodedExtenValue = { siBuffer, 0 };
+ SECStatus rv;
+
+ encodedExtenValue.data = decodedExtenValue.data = NULL;
+ encodedExtenValue.len = decodedExtenValue.len = 0;
+
+ rv = cert_FindExtension(crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
+ if (rv != SECSuccess)
+ return (rv);
+
+ rv = SEC_ASN1DecodeItem(NULL, &decodedExtenValue,
+ SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
+ &encodedExtenValue);
+ if (rv == SECSuccess)
+ rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
+ PORT_Free(decodedExtenValue.data);
+ PORT_Free(encodedExtenValue.data);
+ return (rv);
+}
diff --git a/security/nss/lib/certhigh/exports.gyp b/security/nss/lib/certhigh/exports.gyp
new file mode 100644
index 000000000..b8e2f3ebc
--- /dev/null
+++ b/security/nss/lib/certhigh/exports.gyp
@@ -0,0 +1,33 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_certhigh_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'ocsp.h',
+ 'ocspt.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'ocspi.h',
+ 'ocspti.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/certhigh/manifest.mn b/security/nss/lib/certhigh/manifest.mn
new file mode 100644
index 000000000..ed9b9108a
--- /dev/null
+++ b/security/nss/lib/certhigh/manifest.mn
@@ -0,0 +1,34 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ ocsp.h \
+ ocspt.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ ocspti.h \
+ ocspi.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ certhtml.c \
+ certreq.c \
+ crlv2.c \
+ ocsp.c \
+ ocspsig.c \
+ certhigh.c \
+ certvfy.c \
+ certvfypkix.c \
+ xcrldist.c \
+ $(NULL)
+
+LIBRARY_NAME = certhi
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
new file mode 100644
index 000000000..10485137b
--- /dev/null
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -0,0 +1,6120 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Implementation of OCSP services, for both client and server.
+ * (XXX, really, mostly just for client right now, but intended to do both.)
+ */
+
+#include "prerror.h"
+#include "prprf.h"
+#include "plarena.h"
+#include "prnetdb.h"
+
+#include "seccomon.h"
+#include "secitem.h"
+#include "secoidt.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "cert.h"
+#include "certi.h"
+#include "xconst.h"
+#include "secerr.h"
+#include "secoid.h"
+#include "hasht.h"
+#include "sechash.h"
+#include "secasn1.h"
+#include "plbase64.h"
+#include "keyhi.h"
+#include "cryptohi.h"
+#include "ocsp.h"
+#include "ocspti.h"
+#include "ocspi.h"
+#include "genname.h"
+#include "certxutl.h"
+#include "pk11func.h" /* for PK11_HashBuf */
+#include <stdarg.h>
+#include <plhash.h>
+
+#define DEFAULT_OCSP_CACHE_SIZE 1000
+#define DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 1 * 60 * 60L
+#define DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 24 * 60 * 60L
+#define DEFAULT_OSCP_TIMEOUT_SECONDS 60
+#define MICROSECONDS_PER_SECOND 1000000L
+
+typedef struct OCSPCacheItemStr OCSPCacheItem;
+typedef struct OCSPCacheDataStr OCSPCacheData;
+
+struct OCSPCacheItemStr {
+ /* LRU linking */
+ OCSPCacheItem *moreRecent;
+ OCSPCacheItem *lessRecent;
+
+ /* key */
+ CERTOCSPCertID *certID;
+ /* CertID's arena also used to allocate "this" cache item */
+
+ /* cache control information */
+ PRTime nextFetchAttemptTime;
+
+ /* Cached contents. Use a separate arena, because lifetime is different */
+ PLArenaPool *certStatusArena; /* NULL means: no cert status cached */
+ ocspCertStatus certStatus;
+
+ /* This may contain an error code when no OCSP response is available. */
+ SECErrorCodes missingResponseError;
+
+ PRPackedBool haveThisUpdate;
+ PRPackedBool haveNextUpdate;
+ PRTime thisUpdate;
+ PRTime nextUpdate;
+};
+
+struct OCSPCacheDataStr {
+ PLHashTable *entries;
+ PRUint32 numberOfEntries;
+ OCSPCacheItem *MRUitem; /* most recently used cache item */
+ OCSPCacheItem *LRUitem; /* least recently used cache item */
+};
+
+static struct OCSPGlobalStruct {
+ PRMonitor *monitor;
+ const SEC_HttpClientFcn *defaultHttpClientFcn;
+ PRInt32 maxCacheEntries;
+ PRUint32 minimumSecondsToNextFetchAttempt;
+ PRUint32 maximumSecondsToNextFetchAttempt;
+ PRUint32 timeoutSeconds;
+ OCSPCacheData cache;
+ SEC_OcspFailureMode ocspFailureMode;
+ CERT_StringFromCertFcn alternateOCSPAIAFcn;
+ PRBool forcePost;
+} OCSP_Global = { NULL,
+ NULL,
+ DEFAULT_OCSP_CACHE_SIZE,
+ DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
+ DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
+ DEFAULT_OSCP_TIMEOUT_SECONDS,
+ { NULL, 0, NULL, NULL },
+ ocspMode_FailureIsVerificationFailure,
+ NULL,
+ PR_FALSE };
+
+/* Forward declarations */
+static SECItem *
+ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
+ CERTOCSPRequest *request,
+ const char *location,
+ const char *method,
+ PRTime time,
+ PRBool addServiceLocator,
+ void *pwArg,
+ CERTOCSPRequest **pRequest);
+static SECStatus
+ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
+ CERTOCSPCertID *certID,
+ CERTCertificate *cert,
+ PRTime time,
+ void *pwArg,
+ PRBool *certIDWasConsumed,
+ SECStatus *rv_ocsp);
+
+static SECStatus
+ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
+ CERTOCSPCertID *certID,
+ CERTCertificate *cert,
+ PRTime time,
+ void *pwArg,
+ const SECItem *encodedResponse,
+ CERTOCSPResponse **pDecodedResponse,
+ CERTOCSPSingleResponse **pSingle);
+
+static SECStatus
+ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time);
+
+static CERTOCSPCertID *
+cert_DupOCSPCertID(const CERTOCSPCertID *src);
+
+#ifndef DEBUG
+#define OCSP_TRACE(msg)
+#define OCSP_TRACE_TIME(msg, time)
+#define OCSP_TRACE_CERT(cert)
+#define OCSP_TRACE_CERTID(certid)
+#else
+#define OCSP_TRACE(msg) ocsp_Trace msg
+#define OCSP_TRACE_TIME(msg, time) ocsp_dumpStringWithTime(msg, time)
+#define OCSP_TRACE_CERT(cert) dumpCertificate(cert)
+#define OCSP_TRACE_CERTID(certid) dumpCertID(certid)
+
+#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS) || \
+ defined(XP_MACOSX)
+#define NSS_HAVE_GETENV 1
+#endif
+
+static PRBool
+wantOcspTrace(void)
+{
+ static PRBool firstTime = PR_TRUE;
+ static PRBool wantTrace = PR_FALSE;
+
+#ifdef NSS_HAVE_GETENV
+ if (firstTime) {
+ char *ev = PR_GetEnvSecure("NSS_TRACE_OCSP");
+ if (ev && ev[0]) {
+ wantTrace = PR_TRUE;
+ }
+ firstTime = PR_FALSE;
+ }
+#endif
+ return wantTrace;
+}
+
+static void
+ocsp_Trace(const char *format, ...)
+{
+ char buf[2000];
+ va_list args;
+
+ if (!wantOcspTrace())
+ return;
+ va_start(args, format);
+ PR_vsnprintf(buf, sizeof(buf), format, args);
+ va_end(args);
+ PR_LogPrint("%s", buf);
+}
+
+static void
+ocsp_dumpStringWithTime(const char *str, PRTime time)
+{
+ PRExplodedTime timePrintable;
+ char timestr[256];
+
+ if (!wantOcspTrace())
+ return;
+ PR_ExplodeTime(time, PR_GMTParameters, &timePrintable);
+ if (PR_FormatTime(timestr, 256, "%a %b %d %H:%M:%S %Y", &timePrintable)) {
+ ocsp_Trace("OCSP %s %s\n", str, timestr);
+ }
+}
+
+static void
+printHexString(const char *prefix, SECItem *hexval)
+{
+ unsigned int i;
+ char *hexbuf = NULL;
+
+ for (i = 0; i < hexval->len; i++) {
+ if (i != hexval->len - 1) {
+ hexbuf = PR_sprintf_append(hexbuf, "%02x:", hexval->data[i]);
+ } else {
+ hexbuf = PR_sprintf_append(hexbuf, "%02x", hexval->data[i]);
+ }
+ }
+ if (hexbuf) {
+ ocsp_Trace("%s %s\n", prefix, hexbuf);
+ PR_smprintf_free(hexbuf);
+ }
+}
+
+static void
+dumpCertificate(CERTCertificate *cert)
+{
+ if (!wantOcspTrace())
+ return;
+
+ ocsp_Trace("OCSP ----------------\n");
+ ocsp_Trace("OCSP ## SUBJECT: %s\n", cert->subjectName);
+ {
+ PRTime timeBefore, timeAfter;
+ PRExplodedTime beforePrintable, afterPrintable;
+ char beforestr[256], afterstr[256];
+ PRStatus rv1, rv2;
+ DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore);
+ DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter);
+ PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
+ PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
+ rv1 = PR_FormatTime(beforestr, 256, "%a %b %d %H:%M:%S %Y",
+ &beforePrintable);
+ rv2 = PR_FormatTime(afterstr, 256, "%a %b %d %H:%M:%S %Y",
+ &afterPrintable);
+ ocsp_Trace("OCSP ## VALIDITY: %s to %s\n", rv1 ? beforestr : "",
+ rv2 ? afterstr : "");
+ }
+ ocsp_Trace("OCSP ## ISSUER: %s\n", cert->issuerName);
+ printHexString("OCSP ## SERIAL NUMBER:", &cert->serialNumber);
+}
+
+static void
+dumpCertID(CERTOCSPCertID *certID)
+{
+ if (!wantOcspTrace())
+ return;
+
+ printHexString("OCSP certID issuer", &certID->issuerNameHash);
+ printHexString("OCSP certID serial", &certID->serialNumber);
+}
+#endif
+
+SECStatus
+SEC_RegisterDefaultHttpClient(const SEC_HttpClientFcn *fcnTable)
+{
+ if (!OCSP_Global.monitor) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ OCSP_Global.defaultHttpClientFcn = fcnTable;
+ PR_ExitMonitor(OCSP_Global.monitor);
+
+ return SECSuccess;
+}
+
+SECStatus
+CERT_RegisterAlternateOCSPAIAInfoCallBack(
+ CERT_StringFromCertFcn newCallback,
+ CERT_StringFromCertFcn *oldCallback)
+{
+ CERT_StringFromCertFcn old;
+
+ if (!OCSP_Global.monitor) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ old = OCSP_Global.alternateOCSPAIAFcn;
+ OCSP_Global.alternateOCSPAIAFcn = newCallback;
+ PR_ExitMonitor(OCSP_Global.monitor);
+ if (oldCallback)
+ *oldCallback = old;
+ return SECSuccess;
+}
+
+static PLHashNumber PR_CALLBACK
+ocsp_CacheKeyHashFunction(const void *key)
+{
+ CERTOCSPCertID *cid = (CERTOCSPCertID *)key;
+ PLHashNumber hash = 0;
+ unsigned int i;
+ unsigned char *walk;
+
+ /* a very simple hash calculation for the initial coding phase */
+ walk = (unsigned char *)cid->issuerNameHash.data;
+ for (i = 0; i < cid->issuerNameHash.len; ++i, ++walk) {
+ hash += *walk;
+ }
+ walk = (unsigned char *)cid->issuerKeyHash.data;
+ for (i = 0; i < cid->issuerKeyHash.len; ++i, ++walk) {
+ hash += *walk;
+ }
+ walk = (unsigned char *)cid->serialNumber.data;
+ for (i = 0; i < cid->serialNumber.len; ++i, ++walk) {
+ hash += *walk;
+ }
+ return hash;
+}
+
+static PRIntn PR_CALLBACK
+ocsp_CacheKeyCompareFunction(const void *v1, const void *v2)
+{
+ CERTOCSPCertID *cid1 = (CERTOCSPCertID *)v1;
+ CERTOCSPCertID *cid2 = (CERTOCSPCertID *)v2;
+
+ return (SECEqual == SECITEM_CompareItem(&cid1->issuerNameHash,
+ &cid2->issuerNameHash) &&
+ SECEqual == SECITEM_CompareItem(&cid1->issuerKeyHash,
+ &cid2->issuerKeyHash) &&
+ SECEqual == SECITEM_CompareItem(&cid1->serialNumber,
+ &cid2->serialNumber));
+}
+
+static SECStatus
+ocsp_CopyRevokedInfo(PLArenaPool *arena, ocspCertStatus *dest,
+ ocspRevokedInfo *src)
+{
+ SECStatus rv = SECFailure;
+ void *mark;
+
+ mark = PORT_ArenaMark(arena);
+
+ dest->certStatusInfo.revokedInfo =
+ (ocspRevokedInfo *)PORT_ArenaZAlloc(arena, sizeof(ocspRevokedInfo));
+ if (!dest->certStatusInfo.revokedInfo) {
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(arena,
+ &dest->certStatusInfo.revokedInfo->revocationTime,
+ &src->revocationTime);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (src->revocationReason) {
+ dest->certStatusInfo.revokedInfo->revocationReason =
+ SECITEM_ArenaDupItem(arena, src->revocationReason);
+ if (!dest->certStatusInfo.revokedInfo->revocationReason) {
+ goto loser;
+ }
+ } else {
+ dest->certStatusInfo.revokedInfo->revocationReason = NULL;
+ }
+
+ PORT_ArenaUnmark(arena, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return SECFailure;
+}
+
+static SECStatus
+ocsp_CopyCertStatus(PLArenaPool *arena, ocspCertStatus *dest,
+ ocspCertStatus *src)
+{
+ SECStatus rv = SECFailure;
+ dest->certStatusType = src->certStatusType;
+
+ switch (src->certStatusType) {
+ case ocspCertStatus_good:
+ dest->certStatusInfo.goodInfo =
+ SECITEM_ArenaDupItem(arena, src->certStatusInfo.goodInfo);
+ if (dest->certStatusInfo.goodInfo != NULL) {
+ rv = SECSuccess;
+ }
+ break;
+ case ocspCertStatus_revoked:
+ rv = ocsp_CopyRevokedInfo(arena, dest,
+ src->certStatusInfo.revokedInfo);
+ break;
+ case ocspCertStatus_unknown:
+ dest->certStatusInfo.unknownInfo =
+ SECITEM_ArenaDupItem(arena, src->certStatusInfo.unknownInfo);
+ if (dest->certStatusInfo.unknownInfo != NULL) {
+ rv = SECSuccess;
+ }
+ break;
+ case ocspCertStatus_other:
+ default:
+ PORT_Assert(src->certStatusType == ocspCertStatus_other);
+ dest->certStatusInfo.otherInfo =
+ SECITEM_ArenaDupItem(arena, src->certStatusInfo.otherInfo);
+ if (dest->certStatusInfo.otherInfo != NULL) {
+ rv = SECSuccess;
+ }
+ break;
+ }
+ return rv;
+}
+
+static void
+ocsp_AddCacheItemToLinkedList(OCSPCacheData *cache, OCSPCacheItem *new_most_recent)
+{
+ PR_EnterMonitor(OCSP_Global.monitor);
+
+ if (!cache->LRUitem) {
+ cache->LRUitem = new_most_recent;
+ }
+ new_most_recent->lessRecent = cache->MRUitem;
+ new_most_recent->moreRecent = NULL;
+
+ if (cache->MRUitem) {
+ cache->MRUitem->moreRecent = new_most_recent;
+ }
+ cache->MRUitem = new_most_recent;
+
+ PR_ExitMonitor(OCSP_Global.monitor);
+}
+
+static void
+ocsp_RemoveCacheItemFromLinkedList(OCSPCacheData *cache, OCSPCacheItem *item)
+{
+ PR_EnterMonitor(OCSP_Global.monitor);
+
+ if (!item->lessRecent && !item->moreRecent) {
+ /*
+ * Fail gracefully on attempts to remove an item from the list,
+ * which is currently not part of the list.
+ * But check for the edge case it is the single entry in the list.
+ */
+ if (item == cache->LRUitem &&
+ item == cache->MRUitem) {
+ /* remove the single entry */
+ PORT_Assert(cache->numberOfEntries == 1);
+ PORT_Assert(item->moreRecent == NULL);
+ cache->MRUitem = NULL;
+ cache->LRUitem = NULL;
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return;
+ }
+
+ PORT_Assert(cache->numberOfEntries > 1);
+
+ if (item == cache->LRUitem) {
+ PORT_Assert(item != cache->MRUitem);
+ PORT_Assert(item->lessRecent == NULL);
+ PORT_Assert(item->moreRecent != NULL);
+ PORT_Assert(item->moreRecent->lessRecent == item);
+ cache->LRUitem = item->moreRecent;
+ cache->LRUitem->lessRecent = NULL;
+ } else if (item == cache->MRUitem) {
+ PORT_Assert(item->moreRecent == NULL);
+ PORT_Assert(item->lessRecent != NULL);
+ PORT_Assert(item->lessRecent->moreRecent == item);
+ cache->MRUitem = item->lessRecent;
+ cache->MRUitem->moreRecent = NULL;
+ } else {
+ /* remove an entry in the middle of the list */
+ PORT_Assert(item->moreRecent != NULL);
+ PORT_Assert(item->lessRecent != NULL);
+ PORT_Assert(item->lessRecent->moreRecent == item);
+ PORT_Assert(item->moreRecent->lessRecent == item);
+ item->moreRecent->lessRecent = item->lessRecent;
+ item->lessRecent->moreRecent = item->moreRecent;
+ }
+
+ item->lessRecent = NULL;
+ item->moreRecent = NULL;
+
+ PR_ExitMonitor(OCSP_Global.monitor);
+}
+
+static void
+ocsp_MakeCacheEntryMostRecent(OCSPCacheData *cache, OCSPCacheItem *new_most_recent)
+{
+ OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent THREADID %p\n",
+ PR_GetCurrentThread()));
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (cache->MRUitem == new_most_recent) {
+ OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent ALREADY MOST\n"));
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return;
+ }
+ OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent NEW entry\n"));
+ ocsp_RemoveCacheItemFromLinkedList(cache, new_most_recent);
+ ocsp_AddCacheItemToLinkedList(cache, new_most_recent);
+ PR_ExitMonitor(OCSP_Global.monitor);
+}
+
+static PRBool
+ocsp_IsCacheDisabled(void)
+{
+ /*
+ * maxCacheEntries == 0 means unlimited cache entries
+ * maxCacheEntries < 0 means cache is disabled
+ */
+ PRBool retval;
+ PR_EnterMonitor(OCSP_Global.monitor);
+ retval = (OCSP_Global.maxCacheEntries < 0);
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return retval;
+}
+
+static OCSPCacheItem *
+ocsp_FindCacheEntry(OCSPCacheData *cache, CERTOCSPCertID *certID)
+{
+ OCSPCacheItem *found_ocsp_item = NULL;
+ OCSP_TRACE(("OCSP ocsp_FindCacheEntry\n"));
+ OCSP_TRACE_CERTID(certID);
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (ocsp_IsCacheDisabled())
+ goto loser;
+
+ found_ocsp_item = (OCSPCacheItem *)PL_HashTableLookup(
+ cache->entries, certID);
+ if (!found_ocsp_item)
+ goto loser;
+
+ OCSP_TRACE(("OCSP ocsp_FindCacheEntry FOUND!\n"));
+ ocsp_MakeCacheEntryMostRecent(cache, found_ocsp_item);
+
+loser:
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return found_ocsp_item;
+}
+
+static void
+ocsp_FreeCacheItem(OCSPCacheItem *item)
+{
+ OCSP_TRACE(("OCSP ocsp_FreeCacheItem\n"));
+ if (item->certStatusArena) {
+ PORT_FreeArena(item->certStatusArena, PR_FALSE);
+ }
+ if (item->certID->poolp) {
+ /* freeing this poolp arena will also free item */
+ PORT_FreeArena(item->certID->poolp, PR_FALSE);
+ }
+}
+
+static void
+ocsp_RemoveCacheItem(OCSPCacheData *cache, OCSPCacheItem *item)
+{
+ /* The item we're removing could be either the least recently used item,
+ * or it could be an item that couldn't get updated with newer status info
+ * because of an allocation failure, or it could get removed because we're
+ * cleaning up.
+ */
+ OCSP_TRACE(("OCSP ocsp_RemoveCacheItem, THREADID %p\n", PR_GetCurrentThread()));
+ PR_EnterMonitor(OCSP_Global.monitor);
+
+ ocsp_RemoveCacheItemFromLinkedList(cache, item);
+#ifdef DEBUG
+ {
+ PRBool couldRemoveFromHashTable = PL_HashTableRemove(cache->entries,
+ item->certID);
+ PORT_Assert(couldRemoveFromHashTable);
+ }
+#else
+ PL_HashTableRemove(cache->entries, item->certID);
+#endif
+ --cache->numberOfEntries;
+ ocsp_FreeCacheItem(item);
+ PR_ExitMonitor(OCSP_Global.monitor);
+}
+
+static void
+ocsp_CheckCacheSize(OCSPCacheData *cache)
+{
+ OCSP_TRACE(("OCSP ocsp_CheckCacheSize\n"));
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (OCSP_Global.maxCacheEntries > 0) {
+ /* Cache is not disabled. Number of cache entries is limited.
+ * The monitor ensures that maxCacheEntries remains positive.
+ */
+ while (cache->numberOfEntries >
+ (PRUint32)OCSP_Global.maxCacheEntries) {
+ ocsp_RemoveCacheItem(cache, cache->LRUitem);
+ }
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+}
+
+SECStatus
+CERT_ClearOCSPCache(void)
+{
+ OCSP_TRACE(("OCSP CERT_ClearOCSPCache\n"));
+ PR_EnterMonitor(OCSP_Global.monitor);
+ while (OCSP_Global.cache.numberOfEntries > 0) {
+ ocsp_RemoveCacheItem(&OCSP_Global.cache,
+ OCSP_Global.cache.LRUitem);
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+}
+
+static SECStatus
+ocsp_CreateCacheItemAndConsumeCertID(OCSPCacheData *cache,
+ CERTOCSPCertID *certID,
+ OCSPCacheItem **pCacheItem)
+{
+ PLArenaPool *arena;
+ void *mark;
+ PLHashEntry *new_hash_entry;
+ OCSPCacheItem *item;
+
+ PORT_Assert(pCacheItem != NULL);
+ *pCacheItem = NULL;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ arena = certID->poolp;
+ mark = PORT_ArenaMark(arena);
+
+ /* ZAlloc will init all Bools to False and all Pointers to NULL
+ and all error codes to zero/good. */
+ item = (OCSPCacheItem *)PORT_ArenaZAlloc(certID->poolp,
+ sizeof(OCSPCacheItem));
+ if (!item) {
+ goto loser;
+ }
+ item->certID = certID;
+ new_hash_entry = PL_HashTableAdd(cache->entries, item->certID,
+ item);
+ if (!new_hash_entry) {
+ goto loser;
+ }
+ ++cache->numberOfEntries;
+ PORT_ArenaUnmark(arena, mark);
+ ocsp_AddCacheItemToLinkedList(cache, item);
+ *pCacheItem = item;
+
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECFailure;
+}
+
+static SECStatus
+ocsp_SetCacheItemResponse(OCSPCacheItem *item,
+ const CERTOCSPSingleResponse *response)
+{
+ if (item->certStatusArena) {
+ PORT_FreeArena(item->certStatusArena, PR_FALSE);
+ item->certStatusArena = NULL;
+ }
+ item->haveThisUpdate = item->haveNextUpdate = PR_FALSE;
+ if (response) {
+ SECStatus rv;
+ item->certStatusArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (item->certStatusArena == NULL) {
+ return SECFailure;
+ }
+ rv = ocsp_CopyCertStatus(item->certStatusArena, &item->certStatus,
+ response->certStatus);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(item->certStatusArena, PR_FALSE);
+ item->certStatusArena = NULL;
+ return rv;
+ }
+ item->missingResponseError = 0;
+ rv = DER_GeneralizedTimeToTime(&item->thisUpdate,
+ &response->thisUpdate);
+ item->haveThisUpdate = (rv == SECSuccess);
+ if (response->nextUpdate) {
+ rv = DER_GeneralizedTimeToTime(&item->nextUpdate,
+ response->nextUpdate);
+ item->haveNextUpdate = (rv == SECSuccess);
+ } else {
+ item->haveNextUpdate = PR_FALSE;
+ }
+ }
+ return SECSuccess;
+}
+
+static void
+ocsp_FreshenCacheItemNextFetchAttemptTime(OCSPCacheItem *cacheItem)
+{
+ PRTime now;
+ PRTime earliestAllowedNextFetchAttemptTime;
+ PRTime latestTimeWhenResponseIsConsideredFresh;
+
+ OCSP_TRACE(("OCSP ocsp_FreshenCacheItemNextFetchAttemptTime\n"));
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+
+ now = PR_Now();
+ OCSP_TRACE_TIME("now:", now);
+
+ if (cacheItem->haveThisUpdate) {
+ OCSP_TRACE_TIME("thisUpdate:", cacheItem->thisUpdate);
+ latestTimeWhenResponseIsConsideredFresh = cacheItem->thisUpdate +
+ OCSP_Global.maximumSecondsToNextFetchAttempt *
+ MICROSECONDS_PER_SECOND;
+ OCSP_TRACE_TIME("latestTimeWhenResponseIsConsideredFresh:",
+ latestTimeWhenResponseIsConsideredFresh);
+ } else {
+ latestTimeWhenResponseIsConsideredFresh = now +
+ OCSP_Global.minimumSecondsToNextFetchAttempt *
+ MICROSECONDS_PER_SECOND;
+ OCSP_TRACE_TIME("no thisUpdate, "
+ "latestTimeWhenResponseIsConsideredFresh:",
+ latestTimeWhenResponseIsConsideredFresh);
+ }
+
+ if (cacheItem->haveNextUpdate) {
+ OCSP_TRACE_TIME("have nextUpdate:", cacheItem->nextUpdate);
+ }
+
+ if (cacheItem->haveNextUpdate &&
+ cacheItem->nextUpdate < latestTimeWhenResponseIsConsideredFresh) {
+ latestTimeWhenResponseIsConsideredFresh = cacheItem->nextUpdate;
+ OCSP_TRACE_TIME("nextUpdate is smaller than latestFresh, setting "
+ "latestTimeWhenResponseIsConsideredFresh:",
+ latestTimeWhenResponseIsConsideredFresh);
+ }
+
+ earliestAllowedNextFetchAttemptTime = now +
+ OCSP_Global.minimumSecondsToNextFetchAttempt *
+ MICROSECONDS_PER_SECOND;
+ OCSP_TRACE_TIME("earliestAllowedNextFetchAttemptTime:",
+ earliestAllowedNextFetchAttemptTime);
+
+ if (latestTimeWhenResponseIsConsideredFresh <
+ earliestAllowedNextFetchAttemptTime) {
+ latestTimeWhenResponseIsConsideredFresh =
+ earliestAllowedNextFetchAttemptTime;
+ OCSP_TRACE_TIME("latest < earliest, setting latest to:",
+ latestTimeWhenResponseIsConsideredFresh);
+ }
+
+ cacheItem->nextFetchAttemptTime =
+ latestTimeWhenResponseIsConsideredFresh;
+ OCSP_TRACE_TIME("nextFetchAttemptTime",
+ latestTimeWhenResponseIsConsideredFresh);
+
+ PR_ExitMonitor(OCSP_Global.monitor);
+}
+
+static PRBool
+ocsp_IsCacheItemFresh(OCSPCacheItem *cacheItem)
+{
+ PRTime now;
+ PRBool fresh;
+
+ now = PR_Now();
+
+ fresh = cacheItem->nextFetchAttemptTime > now;
+
+ /* Work around broken OCSP responders that return unknown responses for
+ * certificates, especially certificates that were just recently issued.
+ */
+ if (fresh && cacheItem->certStatusArena &&
+ cacheItem->certStatus.certStatusType == ocspCertStatus_unknown) {
+ fresh = PR_FALSE;
+ }
+
+ OCSP_TRACE(("OCSP ocsp_IsCacheItemFresh: %d\n", fresh));
+
+ return fresh;
+}
+
+/*
+ * Status in *certIDWasConsumed will always be correct, regardless of
+ * return value.
+ * If the caller is unable to transfer ownership of certID,
+ * then the caller must set certIDWasConsumed to NULL,
+ * and this function will potentially duplicate the certID object.
+ */
+static SECStatus
+ocsp_CreateOrUpdateCacheEntry(OCSPCacheData *cache,
+ CERTOCSPCertID *certID,
+ CERTOCSPSingleResponse *single,
+ PRBool *certIDWasConsumed)
+{
+ SECStatus rv;
+ OCSPCacheItem *cacheItem;
+ OCSP_TRACE(("OCSP ocsp_CreateOrUpdateCacheEntry\n"));
+
+ if (certIDWasConsumed)
+ *certIDWasConsumed = PR_FALSE;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ PORT_Assert(OCSP_Global.maxCacheEntries >= 0);
+
+ cacheItem = ocsp_FindCacheEntry(cache, certID);
+
+ /* Don't replace an unknown or revoked entry with an error entry, even if
+ * the existing entry is expired. Instead, we'll continue to use the
+ * existing (possibly expired) cache entry until we receive a valid signed
+ * response to replace it.
+ */
+ if (!single && cacheItem && cacheItem->certStatusArena &&
+ (cacheItem->certStatus.certStatusType == ocspCertStatus_revoked ||
+ cacheItem->certStatus.certStatusType == ocspCertStatus_unknown)) {
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+ }
+
+ if (!cacheItem) {
+ CERTOCSPCertID *myCertID;
+ if (certIDWasConsumed) {
+ myCertID = certID;
+ *certIDWasConsumed = PR_TRUE;
+ } else {
+ myCertID = cert_DupOCSPCertID(certID);
+ if (!myCertID) {
+ PR_ExitMonitor(OCSP_Global.monitor);
+ PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+ return SECFailure;
+ }
+ }
+
+ rv = ocsp_CreateCacheItemAndConsumeCertID(cache, myCertID,
+ &cacheItem);
+ if (rv != SECSuccess) {
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return rv;
+ }
+ }
+ if (single) {
+ PRTime thisUpdate;
+ rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
+
+ if (!cacheItem->haveThisUpdate ||
+ (rv == SECSuccess && cacheItem->thisUpdate < thisUpdate)) {
+ rv = ocsp_SetCacheItemResponse(cacheItem, single);
+ if (rv != SECSuccess) {
+ ocsp_RemoveCacheItem(cache, cacheItem);
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return rv;
+ }
+ } else {
+ OCSP_TRACE(("Not caching response because the response is not "
+ "newer than the cache"));
+ }
+ } else {
+ cacheItem->missingResponseError = PORT_GetError();
+ if (cacheItem->certStatusArena) {
+ PORT_FreeArena(cacheItem->certStatusArena, PR_FALSE);
+ cacheItem->certStatusArena = NULL;
+ }
+ }
+ ocsp_FreshenCacheItemNextFetchAttemptTime(cacheItem);
+ ocsp_CheckCacheSize(cache);
+
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+}
+
+extern SECStatus
+CERT_SetOCSPFailureMode(SEC_OcspFailureMode ocspFailureMode)
+{
+ switch (ocspFailureMode) {
+ case ocspMode_FailureIsVerificationFailure:
+ case ocspMode_FailureIsNotAVerificationFailure:
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ OCSP_Global.ocspFailureMode = ocspFailureMode;
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+}
+
+SECStatus
+CERT_OCSPCacheSettings(PRInt32 maxCacheEntries,
+ PRUint32 minimumSecondsToNextFetchAttempt,
+ PRUint32 maximumSecondsToNextFetchAttempt)
+{
+ if (minimumSecondsToNextFetchAttempt > maximumSecondsToNextFetchAttempt ||
+ maxCacheEntries < -1) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+
+ if (maxCacheEntries < 0) {
+ OCSP_Global.maxCacheEntries = -1; /* disable cache */
+ } else if (maxCacheEntries == 0) {
+ OCSP_Global.maxCacheEntries = 0; /* unlimited cache entries */
+ } else {
+ OCSP_Global.maxCacheEntries = maxCacheEntries;
+ }
+
+ if (minimumSecondsToNextFetchAttempt <
+ OCSP_Global.minimumSecondsToNextFetchAttempt ||
+ maximumSecondsToNextFetchAttempt <
+ OCSP_Global.maximumSecondsToNextFetchAttempt) {
+ /*
+ * Ensure our existing cache entries are not used longer than the
+ * new settings allow, we're lazy and just clear the cache
+ */
+ CERT_ClearOCSPCache();
+ }
+
+ OCSP_Global.minimumSecondsToNextFetchAttempt =
+ minimumSecondsToNextFetchAttempt;
+ OCSP_Global.maximumSecondsToNextFetchAttempt =
+ maximumSecondsToNextFetchAttempt;
+ ocsp_CheckCacheSize(&OCSP_Global.cache);
+
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+}
+
+SECStatus
+CERT_SetOCSPTimeout(PRUint32 seconds)
+{
+ /* no locking, see bug 406120 */
+ OCSP_Global.timeoutSeconds = seconds;
+ return SECSuccess;
+}
+
+/* this function is called at NSS initialization time */
+SECStatus
+OCSP_InitGlobal(void)
+{
+ SECStatus rv = SECFailure;
+
+ if (OCSP_Global.monitor == NULL) {
+ OCSP_Global.monitor = PR_NewMonitor();
+ }
+ if (!OCSP_Global.monitor)
+ return SECFailure;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (!OCSP_Global.cache.entries) {
+ OCSP_Global.cache.entries =
+ PL_NewHashTable(0,
+ ocsp_CacheKeyHashFunction,
+ ocsp_CacheKeyCompareFunction,
+ PL_CompareValues,
+ NULL,
+ NULL);
+ OCSP_Global.ocspFailureMode = ocspMode_FailureIsVerificationFailure;
+ OCSP_Global.cache.numberOfEntries = 0;
+ OCSP_Global.cache.MRUitem = NULL;
+ OCSP_Global.cache.LRUitem = NULL;
+ } else {
+ /*
+ * NSS might call this function twice while attempting to init.
+ * But it's not allowed to call this again after any activity.
+ */
+ PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+ if (OCSP_Global.cache.entries)
+ rv = SECSuccess;
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return rv;
+}
+
+SECStatus
+OCSP_ShutdownGlobal(void)
+{
+ if (!OCSP_Global.monitor)
+ return SECSuccess;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (OCSP_Global.cache.entries) {
+ CERT_ClearOCSPCache();
+ PL_HashTableDestroy(OCSP_Global.cache.entries);
+ OCSP_Global.cache.entries = NULL;
+ }
+ PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
+ OCSP_Global.cache.MRUitem = NULL;
+ OCSP_Global.cache.LRUitem = NULL;
+
+ OCSP_Global.defaultHttpClientFcn = NULL;
+ OCSP_Global.maxCacheEntries = DEFAULT_OCSP_CACHE_SIZE;
+ OCSP_Global.minimumSecondsToNextFetchAttempt =
+ DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
+ OCSP_Global.maximumSecondsToNextFetchAttempt =
+ DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
+ OCSP_Global.ocspFailureMode =
+ ocspMode_FailureIsVerificationFailure;
+ PR_ExitMonitor(OCSP_Global.monitor);
+
+ PR_DestroyMonitor(OCSP_Global.monitor);
+ OCSP_Global.monitor = NULL;
+ return SECSuccess;
+}
+
+/*
+ * A return value of NULL means:
+ * The application did not register it's own HTTP client.
+ */
+const SEC_HttpClientFcn *
+SEC_GetRegisteredHttpClient(void)
+{
+ const SEC_HttpClientFcn *retval;
+
+ if (!OCSP_Global.monitor) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return NULL;
+ }
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ retval = OCSP_Global.defaultHttpClientFcn;
+ PR_ExitMonitor(OCSP_Global.monitor);
+
+ return retval;
+}
+
+/*
+ * The following structure is only used internally. It is allocated when
+ * someone turns on OCSP checking, and hangs off of the status-configuration
+ * structure in the certdb structure. We use it to keep configuration
+ * information specific to OCSP checking.
+ */
+typedef struct ocspCheckingContextStr {
+ PRBool useDefaultResponder;
+ char *defaultResponderURI;
+ char *defaultResponderNickname;
+ CERTCertificate *defaultResponderCert;
+} ocspCheckingContext;
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_NullTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToAnyTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_SequenceOfAnyTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToGeneralizedTimeTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToEnumeratedTemplate)
+
+/*
+ * Forward declarations of sub-types, so I can lay out the types in the
+ * same order as the ASN.1 is laid out in the OCSP spec itself.
+ *
+ * These are in alphabetical order (case-insensitive); please keep it that way!
+ */
+extern const SEC_ASN1Template ocsp_CertIDTemplate[];
+extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
+extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
+extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
+extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
+extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
+extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
+extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
+
+/*
+ * Request-related templates...
+ */
+
+/*
+ * OCSPRequest ::= SEQUENCE {
+ * tbsRequest TBSRequest,
+ * optionalSignature [0] EXPLICIT Signature OPTIONAL }
+ */
+static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPRequest) },
+ { SEC_ASN1_POINTER,
+ offsetof(CERTOCSPRequest, tbsRequest),
+ ocsp_TBSRequestTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(CERTOCSPRequest, optionalSignature),
+ ocsp_PointerToSignatureTemplate },
+ { 0 }
+};
+
+/*
+ * TBSRequest ::= SEQUENCE {
+ * version [0] EXPLICIT Version DEFAULT v1,
+ * requestorName [1] EXPLICIT GeneralName OPTIONAL,
+ * requestList SEQUENCE OF Request,
+ * requestExtensions [2] EXPLICIT Extensions OPTIONAL }
+ *
+ * Version ::= INTEGER { v1(0) }
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspTBSRequest) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(ocspTBSRequest, version),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(ocspTBSRequest, derRequestorName),
+ SEC_ASN1_SUB(SEC_PointerToAnyTemplate) },
+ { SEC_ASN1_SEQUENCE_OF,
+ offsetof(ocspTBSRequest, requestList),
+ ocsp_SingleRequestTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
+ offsetof(ocspTBSRequest, requestExtensions),
+ CERT_SequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+/*
+ * Signature ::= SEQUENCE {
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signature BIT STRING,
+ * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+ */
+static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspSignature) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(ocspSignature, signatureAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(ocspSignature, signature) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(ocspSignature, derCerts),
+ SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
+ { 0 }
+};
+
+/*
+ * This template is just an extra level to use in an explicitly-tagged
+ * reference to a Signature.
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
+ { SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
+};
+
+/*
+ * Request ::= SEQUENCE {
+ * reqCert CertID,
+ * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspSingleRequest) },
+ { SEC_ASN1_POINTER,
+ offsetof(ocspSingleRequest, reqCert),
+ ocsp_CertIDTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(ocspSingleRequest, singleRequestExtensions),
+ CERT_SequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+/*
+ * This data structure and template (CertID) is used by both OCSP
+ * requests and responses. It is the only one that is shared.
+ *
+ * CertID ::= SEQUENCE {
+ * hashAlgorithm AlgorithmIdentifier,
+ * issuerNameHash OCTET STRING, -- Hash of Issuer DN
+ * issuerKeyHash OCTET STRING, -- Hash of Issuer public key
+ * serialNumber CertificateSerialNumber }
+ *
+ * CertificateSerialNumber ::= INTEGER
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_CertIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPCertID) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTOCSPCertID, hashAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(CERTOCSPCertID, issuerNameHash) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(CERTOCSPCertID, issuerKeyHash) },
+ { SEC_ASN1_INTEGER,
+ offsetof(CERTOCSPCertID, serialNumber) },
+ { 0 }
+};
+
+/*
+ * Response-related templates...
+ */
+
+/*
+ * OCSPResponse ::= SEQUENCE {
+ * responseStatus OCSPResponseStatus,
+ * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
+ */
+const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPResponse) },
+ { SEC_ASN1_ENUMERATED,
+ offsetof(CERTOCSPResponse, responseStatus) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(CERTOCSPResponse, responseBytes),
+ ocsp_PointerToResponseBytesTemplate },
+ { 0 }
+};
+
+/*
+ * ResponseBytes ::= SEQUENCE {
+ * responseType OBJECT IDENTIFIER,
+ * response OCTET STRING }
+ */
+const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspResponseBytes) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(ocspResponseBytes, responseType) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(ocspResponseBytes, response) },
+ { 0 }
+};
+
+/*
+ * This template is just an extra level to use in an explicitly-tagged
+ * reference to a ResponseBytes.
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
+ { SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
+};
+
+/*
+ * BasicOCSPResponse ::= SEQUENCE {
+ * tbsResponseData ResponseData,
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signature BIT STRING,
+ * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+ */
+static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspBasicOCSPResponse) },
+ { SEC_ASN1_ANY | SEC_ASN1_SAVE,
+ offsetof(ocspBasicOCSPResponse, tbsResponseDataDER) },
+ { SEC_ASN1_POINTER,
+ offsetof(ocspBasicOCSPResponse, tbsResponseData),
+ ocsp_ResponseDataTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
+ SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
+ { 0 }
+};
+
+/*
+ * ResponseData ::= SEQUENCE {
+ * version [0] EXPLICIT Version DEFAULT v1,
+ * responderID ResponderID,
+ * producedAt GeneralizedTime,
+ * responses SEQUENCE OF SingleResponse,
+ * responseExtensions [1] EXPLICIT Extensions OPTIONAL }
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspResponseData) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(ocspResponseData, version),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_ANY,
+ offsetof(ocspResponseData, derResponderID) },
+ { SEC_ASN1_GENERALIZED_TIME,
+ offsetof(ocspResponseData, producedAt) },
+ { SEC_ASN1_SEQUENCE_OF,
+ offsetof(ocspResponseData, responses),
+ ocsp_SingleResponseTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(ocspResponseData, responseExtensions),
+ CERT_SequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+/*
+ * ResponderID ::= CHOICE {
+ * byName [1] EXPLICIT Name,
+ * byKey [2] EXPLICIT KeyHash }
+ *
+ * KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
+ * (excluding the tag and length fields)
+ *
+ * XXX Because the ASN.1 encoder and decoder currently do not provide
+ * a way to automatically handle a CHOICE, we need to do it in two
+ * steps, looking at the type tag and feeding the exact choice back
+ * to the ASN.1 code. Hopefully that will change someday and this
+ * can all be simplified down into a single template. Anyway, for
+ * now we list each choice as its own template:
+ */
+const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(ocspResponderID, responderIDValue.name),
+ CERT_NameTemplate }
+};
+const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 2,
+ offsetof(ocspResponderID, responderIDValue.keyHash),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate) }
+};
+static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
+ { SEC_ASN1_ANY,
+ offsetof(ocspResponderID, responderIDValue.other) }
+};
+
+/* Decode choice container, but leave x509 name object encoded */
+static const SEC_ASN1Template ocsp_ResponderIDDerNameTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+/*
+ * SingleResponse ::= SEQUENCE {
+ * certID CertID,
+ * certStatus CertStatus,
+ * thisUpdate GeneralizedTime,
+ * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
+ * singleExtensions [1] EXPLICIT Extensions OPTIONAL }
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPSingleResponse) },
+ { SEC_ASN1_POINTER,
+ offsetof(CERTOCSPSingleResponse, certID),
+ ocsp_CertIDTemplate },
+ { SEC_ASN1_ANY,
+ offsetof(CERTOCSPSingleResponse, derCertStatus) },
+ { SEC_ASN1_GENERALIZED_TIME,
+ offsetof(CERTOCSPSingleResponse, thisUpdate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(CERTOCSPSingleResponse, nextUpdate),
+ SEC_ASN1_SUB(SEC_PointerToGeneralizedTimeTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(CERTOCSPSingleResponse, singleExtensions),
+ CERT_SequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+/*
+ * CertStatus ::= CHOICE {
+ * good [0] IMPLICIT NULL,
+ * revoked [1] IMPLICIT RevokedInfo,
+ * unknown [2] IMPLICIT UnknownInfo }
+ *
+ * Because the ASN.1 encoder and decoder currently do not provide
+ * a way to automatically handle a CHOICE, we need to do it in two
+ * steps, looking at the type tag and feeding the exact choice back
+ * to the ASN.1 code. Hopefully that will change someday and this
+ * can all be simplified down into a single template. Anyway, for
+ * now we list each choice as its own template:
+ */
+static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(ocspCertStatus, certStatusInfo.goodInfo),
+ SEC_ASN1_SUB(SEC_NullTemplate) }
+};
+static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
+ ocsp_RevokedInfoTemplate }
+};
+static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
+ SEC_ASN1_SUB(SEC_NullTemplate) }
+};
+static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(ocspCertStatus, certStatusInfo.otherInfo),
+ SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+/*
+ * RevokedInfo ::= SEQUENCE {
+ * revocationTime GeneralizedTime,
+ * revocationReason [0] EXPLICIT CRLReason OPTIONAL }
+ *
+ * Note: this should be static but the AIX compiler doesn't like it (because it
+ * was forward-declared above); it is not meant to be exported, but this
+ * is the only way it will compile.
+ */
+const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspRevokedInfo) },
+ { SEC_ASN1_GENERALIZED_TIME,
+ offsetof(ocspRevokedInfo, revocationTime) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(ocspRevokedInfo, revocationReason),
+ SEC_ASN1_SUB(SEC_PointerToEnumeratedTemplate) },
+ { 0 }
+};
+
+/*
+ * OCSP-specific extension templates:
+ */
+
+/*
+ * ServiceLocator ::= SEQUENCE {
+ * issuer Name,
+ * locator AuthorityInfoAccessSyntax OPTIONAL }
+ */
+static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspServiceLocator) },
+ { SEC_ASN1_POINTER,
+ offsetof(ocspServiceLocator, issuer),
+ CERT_NameTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+ offsetof(ocspServiceLocator, locator) },
+ { 0 }
+};
+
+/*
+ * REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
+ */
+
+/*
+ * FUNCTION: CERT_EncodeOCSPRequest
+ * DER encodes an OCSP Request, possibly adding a signature as well.
+ * XXX Signing is not yet supported, however; see comments in code.
+ * INPUTS:
+ * PLArenaPool *arena
+ * The return value is allocated from here.
+ * If a NULL is passed in, allocation is done from the heap instead.
+ * CERTOCSPRequest *request
+ * The request to be encoded.
+ * void *pwArg
+ * Pointer to argument for password prompting, if needed. (Definitely
+ * not needed if not signing.)
+ * RETURN:
+ * Returns a NULL on error and a pointer to the SECItem with the
+ * encoded value otherwise. Any error is likely to be low-level
+ * (e.g. no memory).
+ */
+SECItem *
+CERT_EncodeOCSPRequest(PLArenaPool *arena, CERTOCSPRequest *request,
+ void *pwArg)
+{
+ SECStatus rv;
+
+ /* XXX All of these should generate errors if they fail. */
+ PORT_Assert(request);
+ PORT_Assert(request->tbsRequest);
+
+ if (request->tbsRequest->extensionHandle != NULL) {
+ rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
+ request->tbsRequest->extensionHandle = NULL;
+ if (rv != SECSuccess)
+ return NULL;
+ }
+
+ /*
+ * XXX When signed requests are supported and request->optionalSignature
+ * is not NULL:
+ * - need to encode tbsRequest->requestorName
+ * - need to encode tbsRequest
+ * - need to sign that encoded result (using cert in sig), filling in the
+ * request->optionalSignature structure with the result, the signing
+ * algorithm and (perhaps?) the cert (and its chain?) in derCerts
+ */
+
+ return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
+}
+
+/*
+ * FUNCTION: CERT_DecodeOCSPRequest
+ * Decode a DER encoded OCSP Request.
+ * INPUTS:
+ * SECItem *src
+ * Pointer to a SECItem holding DER encoded OCSP Request.
+ * RETURN:
+ * Returns a pointer to a CERTOCSPRequest containing the decoded request.
+ * On error, returns NULL. Most likely error is trouble decoding
+ * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
+ */
+CERTOCSPRequest *
+CERT_DecodeOCSPRequest(const SECItem *src)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECFailure;
+ CERTOCSPRequest *dest = NULL;
+ int i;
+ SECItem newSrc;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+ dest = (CERTOCSPRequest *)PORT_ArenaZAlloc(arena,
+ sizeof(CERTOCSPRequest));
+ if (dest == NULL) {
+ goto loser;
+ }
+ dest->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newSrc, src);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, dest, ocsp_OCSPRequestTemplate, &newSrc);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
+ goto loser;
+ }
+
+ /*
+ * XXX I would like to find a way to get rid of the necessity
+ * of doing this copying of the arena pointer.
+ */
+ for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
+ dest->tbsRequest->requestList[i]->arena = arena;
+ }
+
+ return dest;
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECStatus
+CERT_DestroyOCSPCertID(CERTOCSPCertID *certID)
+{
+ if (certID && certID->poolp) {
+ PORT_FreeArena(certID->poolp, PR_FALSE);
+ return SECSuccess;
+ }
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+}
+
+/*
+ * Digest data using the specified algorithm.
+ * The necessary storage for the digest data is allocated. If "fill" is
+ * non-null, the data is put there, otherwise a SECItem is allocated.
+ * Allocation from "arena" if it is non-null, heap otherwise. Any problem
+ * results in a NULL being returned (and an appropriate error set).
+ */
+
+SECItem *
+ocsp_DigestValue(PLArenaPool *arena, SECOidTag digestAlg,
+ SECItem *fill, const SECItem *src)
+{
+ const SECHashObject *digestObject;
+ SECItem *result = NULL;
+ void *mark = NULL;
+ void *digestBuff = NULL;
+
+ if (arena != NULL) {
+ mark = PORT_ArenaMark(arena);
+ }
+
+ digestObject = HASH_GetHashObjectByOidTag(digestAlg);
+ if (digestObject == NULL) {
+ goto loser;
+ }
+
+ if (fill == NULL || fill->data == NULL) {
+ result = SECITEM_AllocItem(arena, fill, digestObject->length);
+ if (result == NULL) {
+ goto loser;
+ }
+ digestBuff = result->data;
+ } else {
+ if (fill->len < digestObject->length) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ digestBuff = fill->data;
+ }
+
+ if (PK11_HashBuf(digestAlg, digestBuff,
+ src->data, src->len) != SECSuccess) {
+ goto loser;
+ }
+
+ if (arena != NULL) {
+ PORT_ArenaUnmark(arena, mark);
+ }
+
+ if (result == NULL) {
+ result = fill;
+ }
+ return result;
+
+loser:
+ if (arena != NULL) {
+ PORT_ArenaRelease(arena, mark);
+ } else {
+ if (result != NULL) {
+ SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
+ }
+ }
+ return (NULL);
+}
+
+/*
+ * Digest the cert's subject public key using the specified algorithm.
+ * The necessary storage for the digest data is allocated. If "fill" is
+ * non-null, the data is put there, otherwise a SECItem is allocated.
+ * Allocation from "arena" if it is non-null, heap otherwise. Any problem
+ * results in a NULL being returned (and an appropriate error set).
+ */
+SECItem *
+CERT_GetSubjectPublicKeyDigest(PLArenaPool *arena, const CERTCertificate *cert,
+ SECOidTag digestAlg, SECItem *fill)
+{
+ SECItem spk;
+
+ /*
+ * Copy just the length and data pointer (nothing needs to be freed)
+ * of the subject public key so we can convert the length from bits
+ * to bytes, which is what the digest function expects.
+ */
+ spk = cert->subjectPublicKeyInfo.subjectPublicKey;
+ DER_ConvertBitString(&spk);
+
+ return ocsp_DigestValue(arena, digestAlg, fill, &spk);
+}
+
+/*
+ * Digest the cert's subject name using the specified algorithm.
+ */
+SECItem *
+CERT_GetSubjectNameDigest(PLArenaPool *arena, const CERTCertificate *cert,
+ SECOidTag digestAlg, SECItem *fill)
+{
+ SECItem name;
+
+ /*
+ * Copy just the length and data pointer (nothing needs to be freed)
+ * of the subject name
+ */
+ name = cert->derSubject;
+
+ return ocsp_DigestValue(arena, digestAlg, fill, &name);
+}
+
+/*
+ * Create and fill-in a CertID. This function fills in the hash values
+ * (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
+ * Someday it might need to be more flexible about hash algorithm, but
+ * for now we have no intention/need to create anything else.
+ *
+ * Error causes a null to be returned; most likely cause is trouble
+ * finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+static CERTOCSPCertID *
+ocsp_CreateCertID(PLArenaPool *arena, CERTCertificate *cert, PRTime time)
+{
+ CERTOCSPCertID *certID;
+ CERTCertificate *issuerCert = NULL;
+ void *mark = PORT_ArenaMark(arena);
+ SECStatus rv;
+
+ PORT_Assert(arena != NULL);
+
+ certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
+ if (certID == NULL) {
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
+ NULL);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
+ if (issuerCert == NULL) {
+ goto loser;
+ }
+
+ if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_SHA1,
+ &(certID->issuerNameHash)) == NULL) {
+ goto loser;
+ }
+ certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
+ certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
+
+ if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD5,
+ &(certID->issuerMD5NameHash)) == NULL) {
+ goto loser;
+ }
+
+ if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD2,
+ &(certID->issuerMD2NameHash)) == NULL) {
+ goto loser;
+ }
+
+ if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_SHA1,
+ &certID->issuerKeyHash) == NULL) {
+ goto loser;
+ }
+ certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
+ certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
+ /* cache the other two hash algorithms as well */
+ if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD5,
+ &certID->issuerMD5KeyHash) == NULL) {
+ goto loser;
+ }
+ if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD2,
+ &certID->issuerMD2KeyHash) == NULL) {
+ goto loser;
+ }
+
+ /* now we are done with issuerCert */
+ CERT_DestroyCertificate(issuerCert);
+ issuerCert = NULL;
+
+ rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(arena, mark);
+ return certID;
+
+loser:
+ if (issuerCert != NULL) {
+ CERT_DestroyCertificate(issuerCert);
+ }
+ PORT_ArenaRelease(arena, mark);
+ return NULL;
+}
+
+CERTOCSPCertID *
+CERT_CreateOCSPCertID(CERTCertificate *cert, PRTime time)
+{
+ PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ CERTOCSPCertID *certID;
+ PORT_Assert(arena != NULL);
+ if (!arena)
+ return NULL;
+
+ certID = ocsp_CreateCertID(arena, cert, time);
+ if (!certID) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ certID->poolp = arena;
+ return certID;
+}
+
+static CERTOCSPCertID *
+cert_DupOCSPCertID(const CERTOCSPCertID *src)
+{
+ CERTOCSPCertID *dest;
+ PLArenaPool *arena = NULL;
+
+ if (!src) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena)
+ goto loser;
+
+ dest = PORT_ArenaZNew(arena, CERTOCSPCertID);
+ if (!dest)
+ goto loser;
+
+#define DUPHELP(element) \
+ if (src->element.data && \
+ SECITEM_CopyItem(arena, &dest->element, &src->element) != \
+ SECSuccess) { \
+ goto loser; \
+ }
+
+ DUPHELP(hashAlgorithm.algorithm)
+ DUPHELP(hashAlgorithm.parameters)
+ DUPHELP(issuerNameHash)
+ DUPHELP(issuerKeyHash)
+ DUPHELP(serialNumber)
+ DUPHELP(issuerSHA1NameHash)
+ DUPHELP(issuerMD5NameHash)
+ DUPHELP(issuerMD2NameHash)
+ DUPHELP(issuerSHA1KeyHash)
+ DUPHELP(issuerMD5KeyHash)
+ DUPHELP(issuerMD2KeyHash)
+
+ dest->poolp = arena;
+ return dest;
+
+loser:
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+ PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+ return NULL;
+}
+
+/*
+ * Callback to set Extensions in request object
+ */
+void
+SetSingleReqExts(void *object, CERTCertExtension **exts)
+{
+ ocspSingleRequest *singleRequest =
+ (ocspSingleRequest *)object;
+
+ singleRequest->singleRequestExtensions = exts;
+}
+
+/*
+ * Add the Service Locator extension to the singleRequestExtensions
+ * for the given singleRequest.
+ *
+ * All errors are internal or low-level problems (e.g. no memory).
+ */
+static SECStatus
+ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
+ CERTCertificate *cert)
+{
+ ocspServiceLocator *serviceLocator = NULL;
+ void *extensionHandle = NULL;
+ SECStatus rv = SECFailure;
+
+ serviceLocator = PORT_ZNew(ocspServiceLocator);
+ if (serviceLocator == NULL)
+ goto loser;
+
+ /*
+ * Normally it would be a bad idea to do a direct reference like
+ * this rather than allocate and copy the name *or* at least dup
+ * a reference of the cert. But all we need is to be able to read
+ * the issuer name during the encoding we are about to do, so a
+ * copy is just a waste of time.
+ */
+ serviceLocator->issuer = &cert->issuer;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
+ &serviceLocator->locator);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
+ goto loser;
+ }
+
+ /* prepare for following loser gotos */
+ rv = SECFailure;
+ PORT_SetError(0);
+
+ extensionHandle = cert_StartExtensions(singleRequest,
+ singleRequest->arena, SetSingleReqExts);
+ if (extensionHandle == NULL)
+ goto loser;
+
+ rv = CERT_EncodeAndAddExtension(extensionHandle,
+ SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
+ serviceLocator, PR_FALSE,
+ ocsp_ServiceLocatorTemplate);
+
+loser:
+ if (extensionHandle != NULL) {
+ /*
+ * Either way we have to finish out the extension context (so it gets
+ * freed). But careful not to override any already-set bad status.
+ */
+ SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
+ if (rv == SECSuccess)
+ rv = tmprv;
+ }
+
+ /*
+ * Finally, free the serviceLocator structure itself and we are done.
+ */
+ if (serviceLocator != NULL) {
+ if (serviceLocator->locator.data != NULL)
+ SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
+ PORT_Free(serviceLocator);
+ }
+
+ return rv;
+}
+
+/*
+ * Creates an array of ocspSingleRequest based on a list of certs.
+ * Note that the code which later compares the request list with the
+ * response expects this array to be in the exact same order as the
+ * certs are found in the list. It would be harder to change that
+ * order than preserve it, but since the requirement is not obvious,
+ * it deserves to be mentioned.
+ *
+ * Any problem causes a null return and error set:
+ * SEC_ERROR_UNKNOWN_ISSUER
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+static ocspSingleRequest **
+ocsp_CreateSingleRequestList(PLArenaPool *arena, CERTCertList *certList,
+ PRTime time, PRBool includeLocator)
+{
+ ocspSingleRequest **requestList = NULL;
+ CERTCertListNode *node = NULL;
+ int i, count;
+ void *mark = PORT_ArenaMark(arena);
+
+ node = CERT_LIST_HEAD(certList);
+ for (count = 0; !CERT_LIST_END(node, certList); count++) {
+ node = CERT_LIST_NEXT(node);
+ }
+
+ if (count == 0)
+ goto loser;
+
+ requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
+ if (requestList == NULL)
+ goto loser;
+
+ node = CERT_LIST_HEAD(certList);
+ for (i = 0; !CERT_LIST_END(node, certList); i++) {
+ requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
+ if (requestList[i] == NULL)
+ goto loser;
+
+ OCSP_TRACE(("OCSP CERT_CreateOCSPRequest %s\n", node->cert->subjectName));
+ requestList[i]->arena = arena;
+ requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
+ if (requestList[i]->reqCert == NULL)
+ goto loser;
+
+ if (includeLocator == PR_TRUE) {
+ SECStatus rv;
+
+ rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ node = CERT_LIST_NEXT(node);
+ }
+
+ PORT_Assert(i == count);
+
+ PORT_ArenaUnmark(arena, mark);
+ requestList[i] = NULL;
+ return requestList;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return NULL;
+}
+
+static ocspSingleRequest **
+ocsp_CreateRequestFromCert(PLArenaPool *arena,
+ CERTOCSPCertID *certID,
+ CERTCertificate *singleCert,
+ PRTime time,
+ PRBool includeLocator)
+{
+ ocspSingleRequest **requestList = NULL;
+ void *mark = PORT_ArenaMark(arena);
+ PORT_Assert(certID != NULL && singleCert != NULL);
+
+ /* meaning of value 2: one entry + one end marker */
+ requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, 2);
+ if (requestList == NULL)
+ goto loser;
+ requestList[0] = PORT_ArenaZNew(arena, ocspSingleRequest);
+ if (requestList[0] == NULL)
+ goto loser;
+ requestList[0]->arena = arena;
+ /* certID will live longer than the request */
+ requestList[0]->reqCert = certID;
+
+ if (includeLocator == PR_TRUE) {
+ SECStatus rv;
+ rv = ocsp_AddServiceLocatorExtension(requestList[0], singleCert);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(arena, mark);
+ requestList[1] = NULL;
+ return requestList;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return NULL;
+}
+
+static CERTOCSPRequest *
+ocsp_prepareEmptyOCSPRequest(void)
+{
+ PLArenaPool *arena = NULL;
+ CERTOCSPRequest *request = NULL;
+ ocspTBSRequest *tbsRequest = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+ request = PORT_ArenaZNew(arena, CERTOCSPRequest);
+ if (request == NULL) {
+ goto loser;
+ }
+ request->arena = arena;
+
+ tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
+ if (tbsRequest == NULL) {
+ goto loser;
+ }
+ request->tbsRequest = tbsRequest;
+ /* version 1 is the default, so we need not fill in a version number */
+ return request;
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+CERTOCSPRequest *
+cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
+ CERTCertificate *singleCert,
+ PRTime time,
+ PRBool addServiceLocator,
+ CERTCertificate *signerCert)
+{
+ CERTOCSPRequest *request;
+ OCSP_TRACE(("OCSP cert_CreateSingleCertOCSPRequest %s\n", singleCert->subjectName));
+
+ /* XXX Support for signerCert may be implemented later,
+ * see also the comment in CERT_CreateOCSPRequest.
+ */
+ if (signerCert != NULL) {
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+ }
+
+ request = ocsp_prepareEmptyOCSPRequest();
+ if (!request)
+ return NULL;
+ /*
+ * Version 1 is the default, so we need not fill in a version number.
+ * Now create the list of single requests, one for each cert.
+ */
+ request->tbsRequest->requestList =
+ ocsp_CreateRequestFromCert(request->arena,
+ certID,
+ singleCert,
+ time,
+ addServiceLocator);
+ if (request->tbsRequest->requestList == NULL) {
+ PORT_FreeArena(request->arena, PR_FALSE);
+ return NULL;
+ }
+ return request;
+}
+
+/*
+ * FUNCTION: CERT_CreateOCSPRequest
+ * Creates a CERTOCSPRequest, requesting the status of the certs in
+ * the given list.
+ * INPUTS:
+ * CERTCertList *certList
+ * A list of certs for which status will be requested.
+ * Note that all of these certificates should have the same issuer,
+ * or it's expected the response will be signed by a trusted responder.
+ * If the certs need to be broken up into multiple requests, that
+ * must be handled by the caller (and thus by having multiple calls
+ * to this routine), who knows about where the request(s) are being
+ * sent and whether there are any trusted responders in place.
+ * PRTime time
+ * Indicates the time for which the certificate status is to be
+ * determined -- this may be used in the search for the cert's issuer
+ * but has no effect on the request itself.
+ * PRBool addServiceLocator
+ * If true, the Service Locator extension should be added to the
+ * single request(s) for each cert.
+ * CERTCertificate *signerCert
+ * If non-NULL, means sign the request using this cert. Otherwise,
+ * do not sign.
+ * XXX note that request signing is not yet supported; see comment in code
+ * RETURN:
+ * A pointer to a CERTOCSPRequest structure containing an OCSP request
+ * for the cert list. On error, null is returned, with an error set
+ * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
+ * (The issuer is needed to create a request for the certificate.)
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+CERTOCSPRequest *
+CERT_CreateOCSPRequest(CERTCertList *certList, PRTime time,
+ PRBool addServiceLocator,
+ CERTCertificate *signerCert)
+{
+ CERTOCSPRequest *request = NULL;
+
+ if (!certList) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ /*
+ * XXX When we are prepared to put signing of requests back in,
+ * we will need to allocate a signature
+ * structure for the request, fill in the "derCerts" field in it,
+ * save the signerCert there, as well as fill in the "requestorName"
+ * field of the tbsRequest.
+ */
+ if (signerCert != NULL) {
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+ }
+ request = ocsp_prepareEmptyOCSPRequest();
+ if (!request)
+ return NULL;
+ /*
+ * Now create the list of single requests, one for each cert.
+ */
+ request->tbsRequest->requestList =
+ ocsp_CreateSingleRequestList(request->arena,
+ certList,
+ time,
+ addServiceLocator);
+ if (request->tbsRequest->requestList == NULL) {
+ PORT_FreeArena(request->arena, PR_FALSE);
+ return NULL;
+ }
+ return request;
+}
+
+/*
+ * FUNCTION: CERT_AddOCSPAcceptableResponses
+ * Add the AcceptableResponses extension to an OCSP Request.
+ * INPUTS:
+ * CERTOCSPRequest *request
+ * The request to which the extension should be added.
+ * ...
+ * A list (of one or more) of SECOidTag -- each of the response types
+ * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
+ * (This marks the end of the list, and it must be specified because a
+ * client conforming to the OCSP standard is required to handle the basic
+ * response type.) The OIDs are not checked in any way.
+ * RETURN:
+ * SECSuccess if the extension is added; SECFailure if anything goes wrong.
+ * All errors are internal or low-level problems (e.g. no memory).
+ */
+
+void
+SetRequestExts(void *object, CERTCertExtension **exts)
+{
+ CERTOCSPRequest *request = (CERTOCSPRequest *)object;
+
+ request->tbsRequest->requestExtensions = exts;
+}
+
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wvarargs"
+#endif
+SECStatus
+CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
+ SECOidTag responseType0, ...)
+{
+ void *extHandle;
+ va_list ap;
+ int i, count;
+ SECOidTag responseType;
+ SECOidData *responseOid;
+ SECItem **acceptableResponses = NULL;
+ SECStatus rv = SECFailure;
+
+ extHandle = request->tbsRequest->extensionHandle;
+ if (extHandle == NULL) {
+ extHandle = cert_StartExtensions(request, request->arena, SetRequestExts);
+ if (extHandle == NULL)
+ goto loser;
+ }
+
+ /* Count number of OIDS going into the extension value. */
+ count = 1;
+ if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
+ va_start(ap, responseType0);
+ do {
+ count++;
+ responseType = va_arg(ap, SECOidTag);
+ } while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+ va_end(ap);
+ }
+
+ acceptableResponses = PORT_NewArray(SECItem *, count + 1);
+ if (acceptableResponses == NULL)
+ goto loser;
+
+ i = 0;
+ responseOid = SECOID_FindOIDByTag(responseType0);
+ acceptableResponses[i++] = &(responseOid->oid);
+ if (count > 1) {
+ va_start(ap, responseType0);
+ for (; i < count; i++) {
+ responseType = va_arg(ap, SECOidTag);
+ responseOid = SECOID_FindOIDByTag(responseType);
+ acceptableResponses[i] = &(responseOid->oid);
+ }
+ va_end(ap);
+ }
+ acceptableResponses[i] = NULL;
+
+ rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
+ &acceptableResponses, PR_FALSE,
+ SEC_ASN1_GET(SEC_SequenceOfObjectIDTemplate));
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_Free(acceptableResponses);
+ if (request->tbsRequest->extensionHandle == NULL)
+ request->tbsRequest->extensionHandle = extHandle;
+ return SECSuccess;
+
+loser:
+ if (acceptableResponses != NULL)
+ PORT_Free(acceptableResponses);
+ if (extHandle != NULL)
+ (void)CERT_FinishExtensions(extHandle);
+ return rv;
+}
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
+
+/*
+ * FUNCTION: CERT_DestroyOCSPRequest
+ * Frees an OCSP Request structure.
+ * INPUTS:
+ * CERTOCSPRequest *request
+ * Pointer to CERTOCSPRequest to be freed.
+ * RETURN:
+ * No return value; no errors.
+ */
+void
+CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
+{
+ if (request == NULL)
+ return;
+
+ if (request->tbsRequest != NULL) {
+ if (request->tbsRequest->requestorName != NULL)
+ CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
+ if (request->tbsRequest->extensionHandle != NULL)
+ (void)CERT_FinishExtensions(request->tbsRequest->extensionHandle);
+ }
+
+ if (request->optionalSignature != NULL) {
+ if (request->optionalSignature->cert != NULL)
+ CERT_DestroyCertificate(request->optionalSignature->cert);
+
+ /*
+ * XXX Need to free derCerts? Or do they come out of arena?
+ * (Currently we never fill in derCerts, which is why the
+ * answer is not obvious. Once we do, add any necessary code
+ * here and remove this comment.)
+ */
+ }
+
+ /*
+ * We should actually never have a request without an arena,
+ * but check just in case. (If there isn't one, there is not
+ * much we can do about it...)
+ */
+ PORT_Assert(request->arena != NULL);
+ if (request->arena != NULL)
+ PORT_FreeArena(request->arena, PR_FALSE);
+}
+
+/*
+ * RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
+ */
+
+/*
+ * Helper function for encoding or decoding a ResponderID -- based on the
+ * given type, return the associated template for that choice.
+ */
+static const SEC_ASN1Template *
+ocsp_ResponderIDTemplateByType(CERTOCSPResponderIDType responderIDType)
+{
+ const SEC_ASN1Template *responderIDTemplate;
+
+ switch (responderIDType) {
+ case ocspResponderID_byName:
+ responderIDTemplate = ocsp_ResponderIDByNameTemplate;
+ break;
+ case ocspResponderID_byKey:
+ responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
+ break;
+ case ocspResponderID_other:
+ default:
+ PORT_Assert(responderIDType == ocspResponderID_other);
+ responderIDTemplate = ocsp_ResponderIDOtherTemplate;
+ break;
+ }
+
+ return responderIDTemplate;
+}
+
+/*
+ * Helper function for encoding or decoding a CertStatus -- based on the
+ * given type, return the associated template for that choice.
+ */
+static const SEC_ASN1Template *
+ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
+{
+ const SEC_ASN1Template *certStatusTemplate;
+
+ switch (certStatusType) {
+ case ocspCertStatus_good:
+ certStatusTemplate = ocsp_CertStatusGoodTemplate;
+ break;
+ case ocspCertStatus_revoked:
+ certStatusTemplate = ocsp_CertStatusRevokedTemplate;
+ break;
+ case ocspCertStatus_unknown:
+ certStatusTemplate = ocsp_CertStatusUnknownTemplate;
+ break;
+ case ocspCertStatus_other:
+ default:
+ PORT_Assert(certStatusType == ocspCertStatus_other);
+ certStatusTemplate = ocsp_CertStatusOtherTemplate;
+ break;
+ }
+
+ return certStatusTemplate;
+}
+
+/*
+ * Helper function for decoding a certStatus -- turn the actual DER tag
+ * into our local translation.
+ */
+static ocspCertStatusType
+ocsp_CertStatusTypeByTag(int derTag)
+{
+ ocspCertStatusType certStatusType;
+
+ switch (derTag) {
+ case 0:
+ certStatusType = ocspCertStatus_good;
+ break;
+ case 1:
+ certStatusType = ocspCertStatus_revoked;
+ break;
+ case 2:
+ certStatusType = ocspCertStatus_unknown;
+ break;
+ default:
+ certStatusType = ocspCertStatus_other;
+ break;
+ }
+
+ return certStatusType;
+}
+
+/*
+ * Helper function for decoding SingleResponses -- they each contain
+ * a status which is encoded as CHOICE, which needs to be decoded "by hand".
+ *
+ * Note -- on error, this routine does not release the memory it may
+ * have allocated; it expects its caller to do that.
+ */
+static SECStatus
+ocsp_FinishDecodingSingleResponses(PLArenaPool *reqArena,
+ CERTOCSPSingleResponse **responses)
+{
+ ocspCertStatus *certStatus;
+ ocspCertStatusType certStatusType;
+ const SEC_ASN1Template *certStatusTemplate;
+ int derTag;
+ int i;
+ SECStatus rv = SECFailure;
+
+ if (!reqArena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (responses == NULL) /* nothing to do */
+ return SECSuccess;
+
+ for (i = 0; responses[i] != NULL; i++) {
+ SECItem *newStatus;
+ /*
+ * The following assert points out internal errors (problems in
+ * the template definitions or in the ASN.1 decoder itself, etc.).
+ */
+ PORT_Assert(responses[i]->derCertStatus.data != NULL);
+
+ derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
+ certStatusType = ocsp_CertStatusTypeByTag(derTag);
+ certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
+
+ certStatus = PORT_ArenaZAlloc(reqArena, sizeof(ocspCertStatus));
+ if (certStatus == NULL) {
+ goto loser;
+ }
+ newStatus = SECITEM_ArenaDupItem(reqArena, &responses[i]->derCertStatus);
+ if (!newStatus) {
+ goto loser;
+ }
+ rv = SEC_QuickDERDecodeItem(reqArena, certStatus, certStatusTemplate,
+ newStatus);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ goto loser;
+ }
+
+ certStatus->certStatusType = certStatusType;
+ responses[i]->certStatus = certStatus;
+ }
+
+ return SECSuccess;
+
+loser:
+ return rv;
+}
+
+/*
+ * Helper function for decoding a responderID -- turn the actual DER tag
+ * into our local translation.
+ */
+static CERTOCSPResponderIDType
+ocsp_ResponderIDTypeByTag(int derTag)
+{
+ CERTOCSPResponderIDType responderIDType;
+
+ switch (derTag) {
+ case 1:
+ responderIDType = ocspResponderID_byName;
+ break;
+ case 2:
+ responderIDType = ocspResponderID_byKey;
+ break;
+ default:
+ responderIDType = ocspResponderID_other;
+ break;
+ }
+
+ return responderIDType;
+}
+
+/*
+ * Decode "src" as a BasicOCSPResponse, returning the result.
+ */
+static ocspBasicOCSPResponse *
+ocsp_DecodeBasicOCSPResponse(PLArenaPool *arena, SECItem *src)
+{
+ void *mark;
+ ocspBasicOCSPResponse *basicResponse;
+ ocspResponseData *responseData;
+ ocspResponderID *responderID;
+ CERTOCSPResponderIDType responderIDType;
+ const SEC_ASN1Template *responderIDTemplate;
+ int derTag;
+ SECStatus rv;
+ SECItem newsrc;
+
+ mark = PORT_ArenaMark(arena);
+
+ basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
+ if (basicResponse == NULL) {
+ goto loser;
+ }
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newsrc, src);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, basicResponse,
+ ocsp_BasicOCSPResponseTemplate, &newsrc);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ goto loser;
+ }
+
+ responseData = basicResponse->tbsResponseData;
+
+ /*
+ * The following asserts point out internal errors (problems in
+ * the template definitions or in the ASN.1 decoder itself, etc.).
+ */
+ PORT_Assert(responseData != NULL);
+ PORT_Assert(responseData->derResponderID.data != NULL);
+
+ /*
+ * XXX Because responderID is a CHOICE, which is not currently handled
+ * by our ASN.1 decoder, we have to decode it "by hand".
+ */
+ derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
+ responderIDType = ocsp_ResponderIDTypeByTag(derTag);
+ responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
+
+ responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
+ if (responderID == NULL) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, responderID, responderIDTemplate,
+ &responseData->derResponderID);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ goto loser;
+ }
+
+ responderID->responderIDType = responderIDType;
+ responseData->responderID = responderID;
+
+ /*
+ * XXX Each SingleResponse also contains a CHOICE, which has to be
+ * fixed up by hand.
+ */
+ rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(arena, mark);
+ return basicResponse;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return NULL;
+}
+
+/*
+ * Decode the responseBytes based on the responseType found in "rbytes",
+ * leaving the resulting translated/decoded information in there as well.
+ */
+static SECStatus
+ocsp_DecodeResponseBytes(PLArenaPool *arena, ocspResponseBytes *rbytes)
+{
+ if (rbytes == NULL) {
+ PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
+ return SECFailure;
+ }
+
+ rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
+ switch (rbytes->responseTypeTag) {
+ case SEC_OID_PKIX_OCSP_BASIC_RESPONSE: {
+ ocspBasicOCSPResponse *basicResponse;
+
+ basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
+ &rbytes->response);
+ if (basicResponse == NULL)
+ return SECFailure;
+
+ rbytes->decodedResponse.basic = basicResponse;
+ } break;
+
+ /*
+ * Add new/future response types here.
+ */
+
+ default:
+ PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: CERT_DecodeOCSPResponse
+ * Decode a DER encoded OCSP Response.
+ * INPUTS:
+ * SECItem *src
+ * Pointer to a SECItem holding DER encoded OCSP Response.
+ * RETURN:
+ * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
+ * the caller is responsible for destroying it. Or NULL if error (either
+ * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
+ * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
+ * or a low-level or internal error occurred).
+ */
+CERTOCSPResponse *
+CERT_DecodeOCSPResponse(const SECItem *src)
+{
+ PLArenaPool *arena = NULL;
+ CERTOCSPResponse *response = NULL;
+ SECStatus rv = SECFailure;
+ ocspResponseStatus sv;
+ SECItem newSrc;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+ response = (CERTOCSPResponse *)PORT_ArenaZAlloc(arena,
+ sizeof(CERTOCSPResponse));
+ if (response == NULL) {
+ goto loser;
+ }
+ response->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newSrc, src);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, response, ocsp_OCSPResponseTemplate, &newSrc);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ goto loser;
+ }
+
+ sv = (ocspResponseStatus)DER_GetInteger(&response->responseStatus);
+ response->statusValue = sv;
+ if (sv != ocspResponse_successful) {
+ /*
+ * If the response status is anything but successful, then we
+ * are all done with decoding; the status is all there is.
+ */
+ return response;
+ }
+
+ /*
+ * A successful response contains much more information, still encoded.
+ * Now we need to decode that.
+ */
+ rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return response;
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+/*
+ * The way an OCSPResponse is defined, there are many levels to descend
+ * before getting to the actual response information. And along the way
+ * we need to check that the response *type* is recognizable, which for
+ * now means that it is a BasicOCSPResponse, because that is the only
+ * type currently defined. Rather than force all routines to perform
+ * a bunch of sanity checking every time they want to work on a response,
+ * this function isolates that and gives back the interesting part.
+ * Note that no copying is done, this just returns a pointer into the
+ * substructure of the response which is passed in.
+ *
+ * XXX This routine only works when a valid response structure is passed
+ * into it; this is checked with many assertions. Assuming the response
+ * was creating by decoding, it wouldn't make it this far without being
+ * okay. That is a sufficient assumption since the entire OCSP interface
+ * is only used internally. When this interface is officially exported,
+ * each assertion below will need to be followed-up with setting an error
+ * and returning (null).
+ *
+ * FUNCTION: ocsp_GetResponseData
+ * Returns ocspResponseData structure and a pointer to tbs response
+ * data DER from a valid ocsp response.
+ * INPUTS:
+ * CERTOCSPResponse *response
+ * structure of a valid ocsp response
+ * RETURN:
+ * Returns a pointer to ocspResponseData structure: decoded OCSP response
+ * data, and a pointer(tbsResponseDataDER) to its undecoded data DER.
+ */
+ocspResponseData *
+ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER)
+{
+ ocspBasicOCSPResponse *basic;
+ ocspResponseData *responseData;
+
+ PORT_Assert(response != NULL);
+
+ PORT_Assert(response->responseBytes != NULL);
+
+ PORT_Assert(response->responseBytes->responseTypeTag ==
+ SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+
+ basic = response->responseBytes->decodedResponse.basic;
+ PORT_Assert(basic != NULL);
+
+ responseData = basic->tbsResponseData;
+ PORT_Assert(responseData != NULL);
+
+ if (tbsResponseDataDER) {
+ *tbsResponseDataDER = &basic->tbsResponseDataDER;
+
+ PORT_Assert((*tbsResponseDataDER)->data != NULL);
+ PORT_Assert((*tbsResponseDataDER)->len != 0);
+ }
+
+ return responseData;
+}
+
+/*
+ * Much like the routine above, except it returns the response signature.
+ * Again, no copy is done.
+ */
+ocspSignature *
+ocsp_GetResponseSignature(CERTOCSPResponse *response)
+{
+ ocspBasicOCSPResponse *basic;
+
+ PORT_Assert(response != NULL);
+ if (NULL == response->responseBytes) {
+ return NULL;
+ }
+ if (response->responseBytes->responseTypeTag !=
+ SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
+ return NULL;
+ }
+ basic = response->responseBytes->decodedResponse.basic;
+ PORT_Assert(basic != NULL);
+
+ return &(basic->responseSignature);
+}
+
+/*
+ * FUNCTION: CERT_DestroyOCSPResponse
+ * Frees an OCSP Response structure.
+ * INPUTS:
+ * CERTOCSPResponse *request
+ * Pointer to CERTOCSPResponse to be freed.
+ * RETURN:
+ * No return value; no errors.
+ */
+void
+CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
+{
+ if (response != NULL) {
+ ocspSignature *signature = ocsp_GetResponseSignature(response);
+ if (signature && signature->cert != NULL)
+ CERT_DestroyCertificate(signature->cert);
+
+ /*
+ * We should actually never have a response without an arena,
+ * but check just in case. (If there isn't one, there is not
+ * much we can do about it...)
+ */
+ PORT_Assert(response->arena != NULL);
+ if (response->arena != NULL) {
+ PORT_FreeArena(response->arena, PR_FALSE);
+ }
+ }
+}
+
+/*
+ * OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
+ */
+
+/*
+ * Pick apart a URL, saving the important things in the passed-in pointers.
+ *
+ * We expect to find "http://<hostname>[:<port>]/[path]", though we will
+ * tolerate that final slash character missing, as well as beginning and
+ * trailing whitespace, and any-case-characters for "http". All of that
+ * tolerance is what complicates this routine. What we want is just to
+ * pick out the hostname, the port, and the path.
+ *
+ * On a successful return, the caller will need to free the output pieces
+ * of hostname and path, which are copies of the values found in the url.
+ */
+static SECStatus
+ocsp_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
+{
+ unsigned short port = 80; /* default, in case not in url */
+ char *hostname = NULL;
+ char *path = NULL;
+ const char *save;
+ char c;
+ int len;
+
+ if (url == NULL)
+ goto loser;
+
+ /*
+ * Skip beginning whitespace.
+ */
+ c = *url;
+ while ((c == ' ' || c == '\t') && c != '\0') {
+ url++;
+ c = *url;
+ }
+ if (c == '\0')
+ goto loser;
+
+ /*
+ * Confirm, then skip, protocol. (Since we only know how to do http,
+ * that is all we will accept).
+ */
+ if (PORT_Strncasecmp(url, "http://", 7) != 0)
+ goto loser;
+ url += 7;
+
+ /*
+ * Whatever comes next is the hostname (or host IP address). We just
+ * save it aside and then search for its end so we can determine its
+ * length and copy it.
+ *
+ * XXX Note that because we treat a ':' as a terminator character
+ * (and below, we expect that to mean there is a port specification
+ * immediately following), we will not handle IPv6 addresses. That is
+ * apparently an acceptable limitation, for the time being. Some day,
+ * when there is a clear way to specify a URL with an IPv6 address that
+ * can be parsed unambiguously, this code should be made to do that.
+ */
+ save = url;
+ c = *url;
+ while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
+ url++;
+ c = *url;
+ }
+ len = url - save;
+ hostname = PORT_Alloc(len + 1);
+ if (hostname == NULL)
+ goto loser;
+ PORT_Memcpy(hostname, save, len);
+ hostname[len] = '\0';
+
+ /*
+ * Now we figure out if there was a port specified or not.
+ * If so, we need to parse it (as a number) and skip it.
+ */
+ if (c == ':') {
+ url++;
+ port = (unsigned short)PORT_Atoi(url);
+ c = *url;
+ while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
+ if (c < '0' || c > '9')
+ goto loser;
+ url++;
+ c = *url;
+ }
+ }
+
+ /*
+ * Last thing to find is a path. There *should* be a slash,
+ * if nothing else -- but if there is not we provide one.
+ */
+ if (c == '/') {
+ save = url;
+ while (c != '\0' && c != ' ' && c != '\t') {
+ url++;
+ c = *url;
+ }
+ len = url - save;
+ path = PORT_Alloc(len + 1);
+ if (path == NULL)
+ goto loser;
+ PORT_Memcpy(path, save, len);
+ path[len] = '\0';
+ } else {
+ path = PORT_Strdup("/");
+ if (path == NULL)
+ goto loser;
+ }
+
+ *pHostname = hostname;
+ *pPort = port;
+ *pPath = path;
+ return SECSuccess;
+
+loser:
+ if (hostname != NULL)
+ PORT_Free(hostname);
+ PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+ return SECFailure;
+}
+
+/*
+ * Open a socket to the specified host on the specified port, and return it.
+ * The host is either a hostname or an IP address.
+ */
+static PRFileDesc *
+ocsp_ConnectToHost(const char *host, PRUint16 port)
+{
+ PRFileDesc *sock = NULL;
+ PRIntervalTime timeout;
+ PRNetAddr addr;
+ char *netdbbuf = NULL;
+
+ sock = PR_NewTCPSocket();
+ if (sock == NULL)
+ goto loser;
+
+ /* XXX Some day need a way to set (and get?) the following value */
+ timeout = PR_SecondsToInterval(30);
+
+ /*
+ * If the following converts an IP address string in "dot notation"
+ * into a PRNetAddr. If it fails, we assume that is because we do not
+ * have such an address, but instead a host *name*. In that case we
+ * then lookup the host by name. Using the NSPR function this way
+ * means we do not have to have our own logic for distinguishing a
+ * valid numerical IP address from a hostname.
+ */
+ if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
+ PRIntn hostIndex;
+ PRHostEnt hostEntry;
+
+ netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
+ if (netdbbuf == NULL)
+ goto loser;
+
+ if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
+ &hostEntry) != PR_SUCCESS)
+ goto loser;
+
+ hostIndex = 0;
+ do {
+ hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
+ if (hostIndex <= 0)
+ goto loser;
+ } while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS);
+
+ PORT_Free(netdbbuf);
+ } else {
+ /*
+ * First put the port into the address, then connect.
+ */
+ if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
+ goto loser;
+ if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
+ goto loser;
+ }
+
+ return sock;
+
+loser:
+ if (sock != NULL)
+ PR_Close(sock);
+ if (netdbbuf != NULL)
+ PORT_Free(netdbbuf);
+ return NULL;
+}
+
+/*
+ * Sends an encoded OCSP request to the server identified by "location",
+ * and returns the socket on which it was sent (so can listen for the reply).
+ * "location" is expected to be a valid URL -- an error parsing it produces
+ * SEC_ERROR_CERT_BAD_ACCESS_LOCATION. Other errors are likely problems
+ * connecting to it, or writing to it, or allocating memory, and the low-level
+ * errors appropriate to the problem will be set.
+ * if (encodedRequest == NULL)
+ * then location MUST already include the full request,
+ * including base64 and urlencode,
+ * and the request will be sent with GET
+ * if (encodedRequest != NULL)
+ * then the request will be sent with POST
+ */
+static PRFileDesc *
+ocsp_SendEncodedRequest(const char *location, const SECItem *encodedRequest)
+{
+ char *hostname = NULL;
+ char *path = NULL;
+ PRUint16 port;
+ SECStatus rv;
+ PRFileDesc *sock = NULL;
+ PRFileDesc *returnSock = NULL;
+ char *header = NULL;
+ char portstr[16];
+
+ /*
+ * Take apart the location, getting the hostname, port, and path.
+ */
+ rv = ocsp_ParseURL(location, &hostname, &port, &path);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_Assert(hostname != NULL);
+ PORT_Assert(path != NULL);
+
+ sock = ocsp_ConnectToHost(hostname, port);
+ if (sock == NULL)
+ goto loser;
+
+ portstr[0] = '\0';
+ if (port != 80) {
+ PR_snprintf(portstr, sizeof(portstr), ":%d", port);
+ }
+
+ if (!encodedRequest) {
+ header = PR_smprintf("GET %s HTTP/1.0\r\n"
+ "Host: %s%s\r\n\r\n",
+ path, hostname, portstr);
+ if (header == NULL)
+ goto loser;
+
+ /*
+ * The NSPR documentation promises that if it can, it will write the full
+ * amount; this will not return a partial value expecting us to loop.
+ */
+ if (PR_Write(sock, header, (PRInt32)PORT_Strlen(header)) < 0)
+ goto loser;
+ } else {
+ header = PR_smprintf("POST %s HTTP/1.0\r\n"
+ "Host: %s%s\r\n"
+ "Content-Type: application/ocsp-request\r\n"
+ "Content-Length: %u\r\n\r\n",
+ path, hostname, portstr, encodedRequest->len);
+ if (header == NULL)
+ goto loser;
+
+ /*
+ * The NSPR documentation promises that if it can, it will write the full
+ * amount; this will not return a partial value expecting us to loop.
+ */
+ if (PR_Write(sock, header, (PRInt32)PORT_Strlen(header)) < 0)
+ goto loser;
+
+ if (PR_Write(sock, encodedRequest->data,
+ (PRInt32)encodedRequest->len) < 0)
+ goto loser;
+ }
+
+ returnSock = sock;
+ sock = NULL;
+
+loser:
+ if (header != NULL)
+ PORT_Free(header);
+ if (sock != NULL)
+ PR_Close(sock);
+ if (path != NULL)
+ PORT_Free(path);
+ if (hostname != NULL)
+ PORT_Free(hostname);
+
+ return returnSock;
+}
+
+/*
+ * Read from "fd" into "buf" -- expect/attempt to read a given number of bytes
+ * Obviously, stop if hit end-of-stream. Timeout is passed in.
+ */
+
+static int
+ocsp_read(PRFileDesc *fd, char *buf, int toread, PRIntervalTime timeout)
+{
+ int total = 0;
+
+ while (total < toread) {
+ PRInt32 got;
+
+ got = PR_Recv(fd, buf + total, (PRInt32)(toread - total), 0, timeout);
+ if (got < 0) {
+ if (0 == total) {
+ total = -1; /* report the error if we didn't read anything yet */
+ }
+ break;
+ } else if (got == 0) { /* EOS */
+ break;
+ }
+
+ total += got;
+ }
+
+ return total;
+}
+
+#define OCSP_BUFSIZE 1024
+
+#define AbortHttpDecode(error) \
+ { \
+ if (inBuffer) \
+ PORT_Free(inBuffer); \
+ PORT_SetError(error); \
+ return NULL; \
+ }
+
+/*
+ * Reads on the given socket and returns an encoded response when received.
+ * Properly formatted HTTP/1.0 response headers are expected to be read
+ * from the socket, preceding a binary-encoded OCSP response. Problems
+ * with parsing cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be
+ * set; any other problems are likely low-level i/o or memory allocation
+ * errors.
+ */
+static SECItem *
+ocsp_GetEncodedResponse(PLArenaPool *arena, PRFileDesc *sock)
+{
+ /* first read HTTP status line and headers */
+
+ char *inBuffer = NULL;
+ PRInt32 offset = 0;
+ PRInt32 inBufsize = 0;
+ const PRInt32 bufSizeIncrement = OCSP_BUFSIZE; /* 1 KB at a time */
+ const PRInt32 maxBufSize = 8 * bufSizeIncrement; /* 8 KB max */
+ const char *CRLF = "\r\n";
+ const PRInt32 CRLFlen = strlen(CRLF);
+ const char *headerEndMark = "\r\n\r\n";
+ const PRInt32 markLen = strlen(headerEndMark);
+ const PRIntervalTime ocsptimeout =
+ PR_SecondsToInterval(30); /* hardcoded to 30s for now */
+ char *headerEnd = NULL;
+ PRBool EOS = PR_FALSE;
+ const char *httpprotocol = "HTTP/";
+ const PRInt32 httplen = strlen(httpprotocol);
+ const char *httpcode = NULL;
+ const char *contenttype = NULL;
+ PRInt32 contentlength = 0;
+ PRInt32 bytesRead = 0;
+ char *statusLineEnd = NULL;
+ char *space = NULL;
+ char *nextHeader = NULL;
+ SECItem *result = NULL;
+
+ /* read up to at least the end of the HTTP headers */
+ do {
+ inBufsize += bufSizeIncrement;
+ inBuffer = PORT_Realloc(inBuffer, inBufsize + 1);
+ if (NULL == inBuffer) {
+ AbortHttpDecode(SEC_ERROR_NO_MEMORY);
+ }
+ bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
+ ocsptimeout);
+ if (bytesRead > 0) {
+ PRInt32 searchOffset = (offset - markLen) > 0 ? offset - markLen : 0;
+ offset += bytesRead;
+ *(inBuffer + offset) = '\0'; /* NULL termination */
+ headerEnd = strstr((const char *)inBuffer + searchOffset, headerEndMark);
+ if (bytesRead < bufSizeIncrement) {
+ /* we read less data than requested, therefore we are at
+ EOS or there was a read error */
+ EOS = PR_TRUE;
+ }
+ } else {
+ /* recv error or EOS */
+ EOS = PR_TRUE;
+ }
+ } while ((!headerEnd) && (PR_FALSE == EOS) &&
+ (inBufsize < maxBufSize));
+
+ if (!headerEnd) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ /* parse the HTTP status line */
+ statusLineEnd = strstr((const char *)inBuffer, CRLF);
+ if (!statusLineEnd) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+ *statusLineEnd = '\0';
+
+ /* check for HTTP/ response */
+ space = strchr((const char *)inBuffer, ' ');
+ if (!space || PORT_Strncasecmp((const char *)inBuffer, httpprotocol, httplen) != 0) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ /* check the HTTP status code of 200 */
+ httpcode = space + 1;
+ space = strchr(httpcode, ' ');
+ if (!space) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+ *space = 0;
+ if (0 != strcmp(httpcode, "200")) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ /* parse the HTTP headers in the buffer . We only care about
+ content-type and content-length
+ */
+
+ nextHeader = statusLineEnd + CRLFlen;
+ *headerEnd = '\0'; /* terminate */
+ do {
+ char *thisHeaderEnd = NULL;
+ char *value = NULL;
+ char *colon = strchr(nextHeader, ':');
+
+ if (!colon) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ *colon = '\0';
+ value = colon + 1;
+
+ /* jpierre - note : the following code will only handle the basic form
+ of HTTP/1.0 response headers, of the form "name: value" . Headers
+ split among multiple lines are not supported. This is not common
+ and should not be an issue, but it could become one in the
+ future */
+
+ if (*value != ' ') {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ value++;
+ thisHeaderEnd = strstr(value, CRLF);
+ if (thisHeaderEnd) {
+ *thisHeaderEnd = '\0';
+ }
+
+ if (0 == PORT_Strcasecmp(nextHeader, "content-type")) {
+ contenttype = value;
+ } else if (0 == PORT_Strcasecmp(nextHeader, "content-length")) {
+ contentlength = atoi(value);
+ }
+
+ if (thisHeaderEnd) {
+ nextHeader = thisHeaderEnd + CRLFlen;
+ } else {
+ nextHeader = NULL;
+ }
+
+ } while (nextHeader && (nextHeader < (headerEnd + CRLFlen)));
+
+ /* check content-type */
+ if (!contenttype ||
+ (0 != PORT_Strcasecmp(contenttype, "application/ocsp-response"))) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ /* read the body of the OCSP response */
+ offset = offset - (PRInt32)(headerEnd - (const char *)inBuffer) - markLen;
+ if (offset) {
+ /* move all data to the beginning of the buffer */
+ PORT_Memmove(inBuffer, headerEnd + markLen, offset);
+ }
+
+ /* resize buffer to only what's needed to hold the current response */
+ inBufsize = (1 + (offset - 1) / bufSizeIncrement) * bufSizeIncrement;
+
+ while ((PR_FALSE == EOS) &&
+ ((contentlength == 0) || (offset < contentlength)) &&
+ (inBufsize < maxBufSize)) {
+ /* we still need to receive more body data */
+ inBufsize += bufSizeIncrement;
+ inBuffer = PORT_Realloc(inBuffer, inBufsize + 1);
+ if (NULL == inBuffer) {
+ AbortHttpDecode(SEC_ERROR_NO_MEMORY);
+ }
+ bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
+ ocsptimeout);
+ if (bytesRead > 0) {
+ offset += bytesRead;
+ if (bytesRead < bufSizeIncrement) {
+ /* we read less data than requested, therefore we are at
+ EOS or there was a read error */
+ EOS = PR_TRUE;
+ }
+ } else {
+ /* recv error or EOS */
+ EOS = PR_TRUE;
+ }
+ }
+
+ if (0 == offset) {
+ AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ }
+
+ /*
+ * Now allocate the item to hold the data.
+ */
+ result = SECITEM_AllocItem(arena, NULL, offset);
+ if (NULL == result) {
+ AbortHttpDecode(SEC_ERROR_NO_MEMORY);
+ }
+
+ /*
+ * And copy the data left in the buffer.
+ */
+ PORT_Memcpy(result->data, inBuffer, offset);
+
+ /* and free the temporary buffer */
+ PORT_Free(inBuffer);
+ return result;
+}
+
+SECStatus
+CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
+{
+ return ocsp_ParseURL(url, pHostname, pPort, pPath);
+}
+
+/*
+ * Limit the size of http responses we are willing to accept.
+ */
+#define MAX_WANTED_OCSP_RESPONSE_LEN 64 * 1024
+
+/* if (encodedRequest == NULL)
+ * then location MUST already include the full request,
+ * including base64 and urlencode,
+ * and the request will be sent with GET
+ * if (encodedRequest != NULL)
+ * then the request will be sent with POST
+ */
+static SECItem *
+fetchOcspHttpClientV1(PLArenaPool *arena,
+ const SEC_HttpClientFcnV1 *hcv1,
+ const char *location,
+ const SECItem *encodedRequest)
+{
+ char *hostname = NULL;
+ char *path = NULL;
+ PRUint16 port;
+ SECItem *encodedResponse = NULL;
+ SEC_HTTP_SERVER_SESSION pServerSession = NULL;
+ SEC_HTTP_REQUEST_SESSION pRequestSession = NULL;
+ PRUint16 myHttpResponseCode;
+ const char *myHttpResponseData;
+ PRUint32 myHttpResponseDataLen;
+
+ if (ocsp_ParseURL(location, &hostname, &port, &path) == SECFailure) {
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
+ goto loser;
+ }
+
+ PORT_Assert(hostname != NULL);
+ PORT_Assert(path != NULL);
+
+ if ((*hcv1->createSessionFcn)(
+ hostname,
+ port,
+ &pServerSession) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+ goto loser;
+ }
+
+ /* We use a non-zero timeout, which means:
+ - the client will use blocking I/O
+ - TryFcn will not return WOULD_BLOCK nor a poll descriptor
+ - it's sufficient to call TryFcn once
+ No lock for accessing OCSP_Global.timeoutSeconds, bug 406120
+ */
+
+ if ((*hcv1->createFcn)(
+ pServerSession,
+ "http",
+ path,
+ encodedRequest ? "POST" : "GET",
+ PR_TicksPerSecond() * OCSP_Global.timeoutSeconds,
+ &pRequestSession) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+ goto loser;
+ }
+
+ if (encodedRequest &&
+ (*hcv1->setPostDataFcn)(
+ pRequestSession,
+ (char *)encodedRequest->data,
+ encodedRequest->len,
+ "application/ocsp-request") != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+ goto loser;
+ }
+
+ /* we don't want result objects larger than this: */
+ myHttpResponseDataLen = MAX_WANTED_OCSP_RESPONSE_LEN;
+
+ OCSP_TRACE(("OCSP trySendAndReceive %s\n", location));
+
+ if ((*hcv1->trySendAndReceiveFcn)(
+ pRequestSession,
+ NULL,
+ &myHttpResponseCode,
+ NULL,
+ NULL,
+ &myHttpResponseData,
+ &myHttpResponseDataLen) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+ goto loser;
+ }
+
+ OCSP_TRACE(("OCSP trySendAndReceive result http %d\n", myHttpResponseCode));
+
+ if (myHttpResponseCode != 200) {
+ PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ goto loser;
+ }
+
+ encodedResponse = SECITEM_AllocItem(arena, NULL, myHttpResponseDataLen);
+
+ if (!encodedResponse) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_Memcpy(encodedResponse->data, myHttpResponseData, myHttpResponseDataLen);
+
+loser:
+ if (pRequestSession != NULL)
+ (*hcv1->freeFcn)(pRequestSession);
+ if (pServerSession != NULL)
+ (*hcv1->freeSessionFcn)(pServerSession);
+ if (path != NULL)
+ PORT_Free(path);
+ if (hostname != NULL)
+ PORT_Free(hostname);
+
+ return encodedResponse;
+}
+
+/*
+ * FUNCTION: CERT_GetEncodedOCSPResponseByMethod
+ * Creates and sends a request to an OCSP responder, then reads and
+ * returns the (encoded) response.
+ * INPUTS:
+ * PLArenaPool *arena
+ * Pointer to arena from which return value will be allocated.
+ * If NULL, result will be allocated from the heap (and thus should
+ * be freed via SECITEM_FreeItem).
+ * CERTCertList *certList
+ * A list of certs for which status will be requested.
+ * Note that all of these certificates should have the same issuer,
+ * or it's expected the response will be signed by a trusted responder.
+ * If the certs need to be broken up into multiple requests, that
+ * must be handled by the caller (and thus by having multiple calls
+ * to this routine), who knows about where the request(s) are being
+ * sent and whether there are any trusted responders in place.
+ * const char *location
+ * The location of the OCSP responder (a URL).
+ * const char *method
+ * The protocol method used when retrieving the OCSP response.
+ * Currently support: "GET" (http GET) and "POST" (http POST).
+ * Additionals methods for http or other protocols might be added
+ * in the future.
+ * PRTime time
+ * Indicates the time for which the certificate status is to be
+ * determined -- this may be used in the search for the cert's issuer
+ * but has no other bearing on the operation.
+ * PRBool addServiceLocator
+ * If true, the Service Locator extension should be added to the
+ * single request(s) for each cert.
+ * CERTCertificate *signerCert
+ * If non-NULL, means sign the request using this cert. Otherwise,
+ * do not sign.
+ * void *pwArg
+ * Pointer to argument for password prompting, if needed. (Definitely
+ * not needed if not signing.)
+ * OUTPUTS:
+ * CERTOCSPRequest **pRequest
+ * Pointer in which to store the OCSP request created for the given
+ * list of certificates. It is only filled in if the entire operation
+ * is successful and the pointer is not null -- and in that case the
+ * caller is then reponsible for destroying it.
+ * RETURN:
+ * Returns a pointer to the SECItem holding the response.
+ * On error, returns null with error set describing the reason:
+ * SEC_ERROR_UNKNOWN_ISSUER
+ * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
+ * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+SECItem *
+CERT_GetEncodedOCSPResponseByMethod(PLArenaPool *arena, CERTCertList *certList,
+ const char *location, const char *method,
+ PRTime time, PRBool addServiceLocator,
+ CERTCertificate *signerCert, void *pwArg,
+ CERTOCSPRequest **pRequest)
+{
+ CERTOCSPRequest *request;
+ request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
+ signerCert);
+ if (!request)
+ return NULL;
+ return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
+ method, time, addServiceLocator,
+ pwArg, pRequest);
+}
+
+/*
+ * FUNCTION: CERT_GetEncodedOCSPResponse
+ * Creates and sends a request to an OCSP responder, then reads and
+ * returns the (encoded) response.
+ *
+ * This is a legacy API that behaves identically to
+ * CERT_GetEncodedOCSPResponseByMethod using the "POST" method.
+ */
+SECItem *
+CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
+ const char *location, PRTime time,
+ PRBool addServiceLocator,
+ CERTCertificate *signerCert, void *pwArg,
+ CERTOCSPRequest **pRequest)
+{
+ return CERT_GetEncodedOCSPResponseByMethod(arena, certList, location,
+ "POST", time, addServiceLocator,
+ signerCert, pwArg, pRequest);
+}
+
+/* URL encode a buffer that consists of base64-characters, only,
+ * which means we can use a simple encoding logic.
+ *
+ * No output buffer size checking is performed.
+ * You should call the function twice, to calculate the required buffer size.
+ *
+ * If the outpufBuf parameter is NULL, the function will calculate the
+ * required size, including the trailing zero termination char.
+ *
+ * The function returns the number of bytes calculated or produced.
+ */
+size_t
+ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf)
+{
+ const char *walkInput = NULL;
+ char *walkOutput = outputBuf;
+ size_t count = 0;
+
+ for (walkInput = base64Buf; *walkInput; ++walkInput) {
+ char c = *walkInput;
+ if (isspace(c))
+ continue;
+ switch (c) {
+ case '+':
+ if (outputBuf) {
+ strcpy(walkOutput, "%2B");
+ walkOutput += 3;
+ }
+ count += 3;
+ break;
+ case '/':
+ if (outputBuf) {
+ strcpy(walkOutput, "%2F");
+ walkOutput += 3;
+ }
+ count += 3;
+ break;
+ case '=':
+ if (outputBuf) {
+ strcpy(walkOutput, "%3D");
+ walkOutput += 3;
+ }
+ count += 3;
+ break;
+ default:
+ if (outputBuf) {
+ *walkOutput = *walkInput;
+ ++walkOutput;
+ }
+ ++count;
+ break;
+ }
+ }
+ if (outputBuf) {
+ *walkOutput = 0;
+ }
+ ++count;
+ return count;
+}
+
+enum { max_get_request_size = 255 }; /* defined by RFC2560 */
+
+static SECItem *
+cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
+ const SECItem *encodedRequest);
+
+static SECItem *
+ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
+ CERTOCSPRequest *request,
+ const char *location,
+ const char *method,
+ PRTime time,
+ PRBool addServiceLocator,
+ void *pwArg,
+ CERTOCSPRequest **pRequest)
+{
+ SECItem *encodedRequest = NULL;
+ SECItem *encodedResponse = NULL;
+ SECStatus rv;
+
+ if (!location || !*location) /* location should be at least one byte */
+ goto loser;
+
+ rv = CERT_AddOCSPAcceptableResponses(request,
+ SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+ if (rv != SECSuccess)
+ goto loser;
+
+ encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
+ if (encodedRequest == NULL)
+ goto loser;
+
+ if (!strcmp(method, "GET")) {
+ encodedResponse = cert_GetOCSPResponse(arena, location, encodedRequest);
+ } else if (!strcmp(method, "POST")) {
+ encodedResponse = CERT_PostOCSPRequest(arena, location, encodedRequest);
+ } else {
+ goto loser;
+ }
+
+ if (encodedResponse != NULL && pRequest != NULL) {
+ *pRequest = request;
+ request = NULL; /* avoid destroying below */
+ }
+
+loser:
+ if (request != NULL)
+ CERT_DestroyOCSPRequest(request);
+ if (encodedRequest != NULL)
+ SECITEM_FreeItem(encodedRequest, PR_TRUE);
+ return encodedResponse;
+}
+
+static SECItem *
+cert_FetchOCSPResponse(PLArenaPool *arena, const char *location,
+ const SECItem *encodedRequest);
+
+/* using HTTP GET method */
+static SECItem *
+cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
+ const SECItem *encodedRequest)
+{
+ char *walkOutput = NULL;
+ char *fullGetPath = NULL;
+ size_t pathLength;
+ PRInt32 urlEncodedBufLength;
+ size_t base64size;
+ char b64ReqBuf[max_get_request_size + 1];
+ size_t slashLengthIfNeeded = 0;
+ size_t getURLLength;
+ SECItem *item;
+
+ if (!location || !*location) {
+ return NULL;
+ }
+
+ pathLength = strlen(location);
+ if (location[pathLength - 1] != '/') {
+ slashLengthIfNeeded = 1;
+ }
+
+ /* Calculation as documented by PL_Base64Encode function.
+ * Use integer conversion to avoid having to use function ceil().
+ */
+ base64size = (((encodedRequest->len + 2) / 3) * 4);
+ if (base64size > max_get_request_size) {
+ return NULL;
+ }
+ memset(b64ReqBuf, 0, sizeof(b64ReqBuf));
+ PL_Base64Encode((const char *)encodedRequest->data, encodedRequest->len,
+ b64ReqBuf);
+
+ urlEncodedBufLength = ocsp_UrlEncodeBase64Buf(b64ReqBuf, NULL);
+ getURLLength = pathLength + urlEncodedBufLength + slashLengthIfNeeded;
+
+ /* urlEncodedBufLength already contains room for the zero terminator.
+ * Add another if we must add the '/' char.
+ */
+ if (arena) {
+ fullGetPath = (char *)PORT_ArenaAlloc(arena, getURLLength);
+ } else {
+ fullGetPath = (char *)PORT_Alloc(getURLLength);
+ }
+ if (!fullGetPath) {
+ return NULL;
+ }
+
+ strcpy(fullGetPath, location);
+ walkOutput = fullGetPath + pathLength;
+
+ if (walkOutput > fullGetPath && slashLengthIfNeeded) {
+ strcpy(walkOutput, "/");
+ ++walkOutput;
+ }
+ ocsp_UrlEncodeBase64Buf(b64ReqBuf, walkOutput);
+
+ item = cert_FetchOCSPResponse(arena, fullGetPath, NULL);
+ if (!arena) {
+ PORT_Free(fullGetPath);
+ }
+ return item;
+}
+
+SECItem *
+CERT_PostOCSPRequest(PLArenaPool *arena, const char *location,
+ const SECItem *encodedRequest)
+{
+ return cert_FetchOCSPResponse(arena, location, encodedRequest);
+}
+
+SECItem *
+cert_FetchOCSPResponse(PLArenaPool *arena, const char *location,
+ const SECItem *encodedRequest)
+{
+ const SEC_HttpClientFcn *registeredHttpClient;
+ SECItem *encodedResponse = NULL;
+
+ registeredHttpClient = SEC_GetRegisteredHttpClient();
+
+ if (registeredHttpClient && registeredHttpClient->version == 1) {
+ encodedResponse = fetchOcspHttpClientV1(
+ arena,
+ &registeredHttpClient->fcnTable.ftable1,
+ location,
+ encodedRequest);
+ } else {
+ /* use internal http client */
+ PRFileDesc *sock = ocsp_SendEncodedRequest(location, encodedRequest);
+ if (sock) {
+ encodedResponse = ocsp_GetEncodedResponse(arena, sock);
+ PR_Close(sock);
+ }
+ }
+
+ return encodedResponse;
+}
+
+static SECItem *
+ocsp_GetEncodedOCSPResponseForSingleCert(PLArenaPool *arena,
+ CERTOCSPCertID *certID,
+ CERTCertificate *singleCert,
+ const char *location,
+ const char *method,
+ PRTime time,
+ PRBool addServiceLocator,
+ void *pwArg,
+ CERTOCSPRequest **pRequest)
+{
+ CERTOCSPRequest *request;
+ request = cert_CreateSingleCertOCSPRequest(certID, singleCert, time,
+ addServiceLocator, NULL);
+ if (!request)
+ return NULL;
+ return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
+ method, time, addServiceLocator,
+ pwArg, pRequest);
+}
+
+/* Checks a certificate for the key usage extension of OCSP signer. */
+static PRBool
+ocsp_CertIsOCSPDesignatedResponder(CERTCertificate *cert)
+{
+ SECStatus rv;
+ SECItem extItem;
+ SECItem **oids;
+ SECItem *oid;
+ SECOidTag oidTag;
+ PRBool retval;
+ CERTOidSequence *oidSeq = NULL;
+
+ extItem.data = NULL;
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ oidSeq = CERT_DecodeOidSequence(&extItem);
+ if (oidSeq == NULL) {
+ goto loser;
+ }
+
+ oids = oidSeq->oids;
+ while (*oids != NULL) {
+ oid = *oids;
+
+ oidTag = SECOID_FindOIDTag(oid);
+
+ if (oidTag == SEC_OID_OCSP_RESPONDER) {
+ goto success;
+ }
+
+ oids++;
+ }
+
+loser:
+ retval = PR_FALSE;
+ PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+ goto done;
+success:
+ retval = PR_TRUE;
+done:
+ if (extItem.data != NULL) {
+ PORT_Free(extItem.data);
+ }
+ if (oidSeq != NULL) {
+ CERT_DestroyOidSequence(oidSeq);
+ }
+
+ return (retval);
+}
+
+#ifdef LATER /* \
+ * XXX This function is not currently used, but will \
+ * be needed later when we do revocation checking of \
+ * the responder certificate. Of course, it may need \
+ * revising then, if the cert extension interface has \
+ * changed. (Hopefully it will!) \
+ */
+
+/* Checks a certificate to see if it has the OCSP no check extension. */
+static PRBool
+ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
+{
+ SECStatus rv;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK,
+ NULL);
+ if (rv == SECSuccess) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+#endif /* LATER */
+
+static PRBool
+ocsp_matchcert(SECItem *certIndex, CERTCertificate *testCert)
+{
+ SECItem item;
+ unsigned char buf[HASH_LENGTH_MAX];
+
+ item.data = buf;
+ item.len = SHA1_LENGTH;
+
+ if (CERT_GetSubjectPublicKeyDigest(NULL, testCert, SEC_OID_SHA1,
+ &item) == NULL) {
+ return PR_FALSE;
+ }
+ if (SECITEM_ItemsAreEqual(certIndex, &item)) {
+ return PR_TRUE;
+ }
+ if (CERT_GetSubjectPublicKeyDigest(NULL, testCert, SEC_OID_MD5,
+ &item) == NULL) {
+ return PR_FALSE;
+ }
+ if (SECITEM_ItemsAreEqual(certIndex, &item)) {
+ return PR_TRUE;
+ }
+ if (CERT_GetSubjectPublicKeyDigest(NULL, testCert, SEC_OID_MD2,
+ &item) == NULL) {
+ return PR_FALSE;
+ }
+ if (SECITEM_ItemsAreEqual(certIndex, &item)) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
+
+static CERTCertificate *
+ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle, CERTOCSPCertID *certID);
+
+CERTCertificate *
+ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData,
+ ocspSignature *signature, CERTCertificate *issuer)
+{
+ CERTCertificate **certs = NULL;
+ CERTCertificate *signerCert = NULL;
+ SECStatus rv = SECFailure;
+ PRBool lookupByName = PR_TRUE;
+ void *certIndex = NULL;
+ int certCount = 0;
+
+ PORT_Assert(tbsData->responderID != NULL);
+ switch (tbsData->responderID->responderIDType) {
+ case ocspResponderID_byName:
+ lookupByName = PR_TRUE;
+ certIndex = &tbsData->derResponderID;
+ break;
+ case ocspResponderID_byKey:
+ lookupByName = PR_FALSE;
+ certIndex = &tbsData->responderID->responderIDValue.keyHash;
+ break;
+ case ocspResponderID_other:
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ return NULL;
+ }
+
+ /*
+ * If the signature contains some certificates as well, temporarily
+ * import them in case they are needed for verification.
+ *
+ * Note that the result of this is that each cert in "certs" needs
+ * to be destroyed.
+ */
+ if (signature->derCerts != NULL) {
+ for (; signature->derCerts[certCount] != NULL; certCount++) {
+ /* just counting */
+ }
+ rv = CERT_ImportCerts(handle, certUsageStatusResponder, certCount,
+ signature->derCerts, &certs,
+ PR_FALSE, PR_FALSE, NULL);
+ if (rv != SECSuccess)
+ goto finish;
+ }
+
+ /*
+ * Now look up the certificate that did the signing.
+ * The signer can be specified either by name or by key hash.
+ */
+ if (lookupByName) {
+ SECItem *crIndex = (SECItem *)certIndex;
+ SECItem encodedName;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena != NULL) {
+
+ rv = SEC_QuickDERDecodeItem(arena, &encodedName,
+ ocsp_ResponderIDDerNameTemplate,
+ crIndex);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ } else {
+ signerCert = CERT_FindCertByName(handle, &encodedName);
+ }
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ } else {
+ /*
+ * The signer is either 1) a known issuer CA we passed in,
+ * 2) the default OCSP responder, or 3) an intermediate CA
+ * passed in the cert list to use. Figure out which it is.
+ */
+ int i;
+ CERTCertificate *responder =
+ ocsp_CertGetDefaultResponder(handle, NULL);
+ if (responder && ocsp_matchcert(certIndex, responder)) {
+ signerCert = CERT_DupCertificate(responder);
+ } else if (issuer && ocsp_matchcert(certIndex, issuer)) {
+ signerCert = CERT_DupCertificate(issuer);
+ }
+ for (i = 0; (signerCert == NULL) && (i < certCount); i++) {
+ if (ocsp_matchcert(certIndex, certs[i])) {
+ signerCert = CERT_DupCertificate(certs[i]);
+ }
+ }
+ if (signerCert == NULL) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_CERT);
+ }
+ }
+
+finish:
+ if (certs != NULL) {
+ CERT_DestroyCertArray(certs, certCount);
+ }
+
+ return signerCert;
+}
+
+SECStatus
+ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
+ ocspSignature *signature,
+ SECItem *tbsResponseDataDER,
+ void *pwArg)
+{
+ SECKEYPublicKey *signerKey = NULL;
+ SECStatus rv = SECFailure;
+ CERTSignedData signedData;
+
+ /*
+ * Now get the public key from the signer's certificate; we need
+ * it to perform the verification.
+ */
+ signerKey = CERT_ExtractPublicKey(signerCert);
+ if (signerKey == NULL) {
+ return SECFailure;
+ }
+
+ /*
+ * We copy the signature data *pointer* and length, so that we can
+ * modify the length without damaging the original copy. This is a
+ * simple copy, not a dup, so no destroy/free is necessary.
+ */
+ signedData.signature = signature->signature;
+ signedData.signatureAlgorithm = signature->signatureAlgorithm;
+ signedData.data = *tbsResponseDataDER;
+
+ rv = CERT_VerifySignedDataWithPublicKey(&signedData, signerKey, pwArg);
+ if (rv != SECSuccess &&
+ (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE ||
+ PORT_GetError() == SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED)) {
+ PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
+ }
+
+ if (signerKey != NULL) {
+ SECKEY_DestroyPublicKey(signerKey);
+ }
+
+ return rv;
+}
+
+/*
+ * FUNCTION: CERT_VerifyOCSPResponseSignature
+ * Check the signature on an OCSP Response. Will also perform a
+ * verification of the signer's certificate. Note, however, that a
+ * successful verification does not make any statement about the
+ * signer's *authority* to provide status for the certificate(s),
+ * that must be checked individually for each certificate.
+ * INPUTS:
+ * CERTOCSPResponse *response
+ * Pointer to response structure with signature to be checked.
+ * CERTCertDBHandle *handle
+ * Pointer to CERTCertDBHandle for certificate DB to use for verification.
+ * void *pwArg
+ * Pointer to argument for password prompting, if needed.
+ * OUTPUTS:
+ * CERTCertificate **pSignerCert
+ * Pointer in which to store signer's certificate; only filled-in if
+ * non-null.
+ * RETURN:
+ * Returns SECSuccess when signature is valid, anything else means invalid.
+ * Possible errors set:
+ * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
+ * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
+ * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
+ * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
+ * Other errors are any of the many possible failures in cert verification
+ * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
+ * verifying the signer's cert, or low-level problems (no memory, etc.)
+ */
+SECStatus
+CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
+ CERTCertDBHandle *handle, void *pwArg,
+ CERTCertificate **pSignerCert,
+ CERTCertificate *issuer)
+{
+ SECItem *tbsResponseDataDER;
+ CERTCertificate *signerCert = NULL;
+ SECStatus rv = SECFailure;
+ PRTime producedAt;
+
+ /* ocsp_DecodeBasicOCSPResponse will fail if asn1 decoder is unable
+ * to properly decode tbsData (see the function and
+ * ocsp_BasicOCSPResponseTemplate). Thus, tbsData can not be
+ * equal to null */
+ ocspResponseData *tbsData = ocsp_GetResponseData(response,
+ &tbsResponseDataDER);
+ ocspSignature *signature = ocsp_GetResponseSignature(response);
+
+ if (!signature) {
+ PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
+ return SECFailure;
+ }
+
+ /*
+ * If this signature has already gone through verification, just
+ * return the cached result.
+ */
+ if (signature->wasChecked) {
+ if (signature->status == SECSuccess) {
+ if (pSignerCert != NULL)
+ *pSignerCert = CERT_DupCertificate(signature->cert);
+ } else {
+ PORT_SetError(signature->failureReason);
+ }
+ return signature->status;
+ }
+
+ signerCert = ocsp_GetSignerCertificate(handle, tbsData,
+ signature, issuer);
+ if (signerCert == NULL) {
+ rv = SECFailure;
+ if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
+ /* Make the error a little more specific. */
+ PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+ }
+ goto finish;
+ }
+
+ /*
+ * We could mark this true at the top of this function, or always
+ * below at "finish", but if the problem was just that we could not
+ * find the signer's cert, leave that as if the signature hasn't
+ * been checked in case a subsequent call might have better luck.
+ */
+ signature->wasChecked = PR_TRUE;
+
+ /*
+ * The function will also verify the signer certificate; we
+ * need to tell it *when* that certificate must be valid -- for our
+ * purposes we expect it to be valid when the response was signed.
+ * The value of "producedAt" is the signing time.
+ */
+ rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
+ if (rv != SECSuccess)
+ goto finish;
+
+ /*
+ * Just because we have a cert does not mean it is any good; check
+ * it for validity, trust and usage.
+ */
+ if (!ocsp_CertIsOCSPDefaultResponder(handle, signerCert)) {
+ SECCertUsage certUsage;
+ if (CERT_IsCACert(signerCert, NULL)) {
+ certUsage = certUsageAnyCA;
+ } else {
+ certUsage = certUsageStatusResponder;
+ }
+ rv = cert_VerifyCertWithFlags(handle, signerCert, PR_TRUE, certUsage,
+ producedAt, CERT_VERIFYCERT_SKIP_OCSP,
+ pwArg, NULL);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+ goto finish;
+ }
+ }
+
+ rv = ocsp_VerifyResponseSignature(signerCert, signature,
+ tbsResponseDataDER,
+ pwArg);
+
+finish:
+ if (signature->wasChecked)
+ signature->status = rv;
+
+ if (rv != SECSuccess) {
+ signature->failureReason = PORT_GetError();
+ if (signerCert != NULL)
+ CERT_DestroyCertificate(signerCert);
+ } else {
+ /*
+ * Save signer's certificate in signature.
+ */
+ signature->cert = signerCert;
+ if (pSignerCert != NULL) {
+ /*
+ * Pass pointer to signer's certificate back to our caller,
+ * who is also now responsible for destroying it.
+ */
+ *pSignerCert = CERT_DupCertificate(signerCert);
+ }
+ }
+
+ return rv;
+}
+
+/*
+ * See if the request's certID and the single response's certID match.
+ * This can be easy or difficult, depending on whether the same hash
+ * algorithm was used.
+ */
+static PRBool
+ocsp_CertIDsMatch(CERTOCSPCertID *requestCertID,
+ CERTOCSPCertID *responseCertID)
+{
+ PRBool match = PR_FALSE;
+ SECOidTag hashAlg;
+ SECItem *keyHash = NULL;
+ SECItem *nameHash = NULL;
+
+ /*
+ * In order to match, they must have the same issuer and the same
+ * serial number.
+ *
+ * We just compare the easier things first.
+ */
+ if (SECITEM_CompareItem(&requestCertID->serialNumber,
+ &responseCertID->serialNumber) != SECEqual) {
+ goto done;
+ }
+
+ /*
+ * Make sure the "parameters" are not too bogus. Since we encoded
+ * requestCertID->hashAlgorithm, we don't need to check it.
+ */
+ if (responseCertID->hashAlgorithm.parameters.len > 2) {
+ goto done;
+ }
+ if (SECITEM_CompareItem(&requestCertID->hashAlgorithm.algorithm,
+ &responseCertID->hashAlgorithm.algorithm) ==
+ SECEqual) {
+ /*
+ * If the hash algorithms match then we can do a simple compare
+ * of the hash values themselves.
+ */
+ if ((SECITEM_CompareItem(&requestCertID->issuerNameHash,
+ &responseCertID->issuerNameHash) == SECEqual) &&
+ (SECITEM_CompareItem(&requestCertID->issuerKeyHash,
+ &responseCertID->issuerKeyHash) == SECEqual)) {
+ match = PR_TRUE;
+ }
+ goto done;
+ }
+
+ hashAlg = SECOID_FindOIDTag(&responseCertID->hashAlgorithm.algorithm);
+ switch (hashAlg) {
+ case SEC_OID_SHA1:
+ keyHash = &requestCertID->issuerSHA1KeyHash;
+ nameHash = &requestCertID->issuerSHA1NameHash;
+ break;
+ case SEC_OID_MD5:
+ keyHash = &requestCertID->issuerMD5KeyHash;
+ nameHash = &requestCertID->issuerMD5NameHash;
+ break;
+ case SEC_OID_MD2:
+ keyHash = &requestCertID->issuerMD2KeyHash;
+ nameHash = &requestCertID->issuerMD2NameHash;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return PR_FALSE;
+ }
+
+ if ((keyHash != NULL) &&
+ (SECITEM_CompareItem(nameHash,
+ &responseCertID->issuerNameHash) == SECEqual) &&
+ (SECITEM_CompareItem(keyHash,
+ &responseCertID->issuerKeyHash) == SECEqual)) {
+ match = PR_TRUE;
+ }
+
+done:
+ return match;
+}
+
+/*
+ * Find the single response for the cert specified by certID.
+ * No copying is done; this just returns a pointer to the appropriate
+ * response within responses, if it is found (and null otherwise).
+ * This is fine, of course, since this function is internal-use only.
+ */
+static CERTOCSPSingleResponse *
+ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
+ CERTCertDBHandle *handle,
+ CERTOCSPCertID *certID)
+{
+ CERTOCSPSingleResponse *single;
+ int i;
+
+ if (responses == NULL)
+ return NULL;
+
+ for (i = 0; responses[i] != NULL; i++) {
+ single = responses[i];
+ if (ocsp_CertIDsMatch(certID, single->certID)) {
+ return single;
+ }
+ }
+
+ /*
+ * The OCSP server should have included a response even if it knew
+ * nothing about the certificate in question. Since it did not,
+ * this will make it look as if it had.
+ *
+ * XXX Should we make this a separate error to notice the server's
+ * bad behavior?
+ */
+ PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
+ return NULL;
+}
+
+static ocspCheckingContext *
+ocsp_GetCheckingContext(CERTCertDBHandle *handle)
+{
+ CERTStatusConfig *statusConfig;
+ ocspCheckingContext *ocspcx = NULL;
+
+ statusConfig = CERT_GetStatusConfig(handle);
+ if (statusConfig != NULL) {
+ ocspcx = statusConfig->statusContext;
+
+ /*
+ * This is actually an internal error, because we should never
+ * have a good statusConfig without a good statusContext, too.
+ * For lack of anything better, though, we just assert and use
+ * the same error as if there were no statusConfig (set below).
+ */
+ PORT_Assert(ocspcx != NULL);
+ }
+
+ if (ocspcx == NULL)
+ PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
+
+ return ocspcx;
+}
+
+/*
+ * Return cert reference if the given signerCert is the default responder for
+ * the given certID. If not, or if any error, return NULL.
+ */
+static CERTCertificate *
+ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle, CERTOCSPCertID *certID)
+{
+ ocspCheckingContext *ocspcx;
+
+ ocspcx = ocsp_GetCheckingContext(handle);
+ if (ocspcx == NULL)
+ goto loser;
+
+ /*
+ * Right now we have only one default responder. It applies to
+ * all certs when it is used, so the check is simple and certID
+ * has no bearing on the answer. Someday in the future we may
+ * allow configuration of different responders for different
+ * issuers, and then we would have to use the issuer specified
+ * in certID to determine if signerCert is the right one.
+ */
+ if (ocspcx->useDefaultResponder) {
+ PORT_Assert(ocspcx->defaultResponderCert != NULL);
+ return ocspcx->defaultResponderCert;
+ }
+
+loser:
+ return NULL;
+}
+
+/*
+ * Return true if the cert is one of the default responders configured for
+ * ocsp context. If not, or if any error, return false.
+ */
+PRBool
+ocsp_CertIsOCSPDefaultResponder(CERTCertDBHandle *handle, CERTCertificate *cert)
+{
+ ocspCheckingContext *ocspcx;
+
+ ocspcx = ocsp_GetCheckingContext(handle);
+ if (ocspcx == NULL)
+ return PR_FALSE;
+
+ /*
+ * Right now we have only one default responder. It applies to
+ * all certs when it is used, so the check is simple and certID
+ * has no bearing on the answer. Someday in the future we may
+ * allow configuration of different responders for different
+ * issuers, and then we would have to use the issuer specified
+ * in certID to determine if signerCert is the right one.
+ */
+ if (ocspcx->useDefaultResponder &&
+ CERT_CompareCerts(ocspcx->defaultResponderCert, cert)) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
+
+/*
+ * Check that the given signer certificate is authorized to sign status
+ * information for the given certID. Return true if it is, false if not
+ * (or if there is any error along the way). If false is returned because
+ * the signer is not authorized, the following error will be set:
+ * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ *
+ * There are three ways to be authorized. In the order in which we check,
+ * using the terms used in the OCSP spec, the signer must be one of:
+ * 1. A "trusted responder" -- it matches a local configuration
+ * of OCSP signing authority for the certificate in question.
+ * 2. The CA who issued the certificate in question.
+ * 3. A "CA designated responder", aka an "authorized responder" -- it
+ * must be represented by a special cert issued by the CA who issued
+ * the certificate in question.
+ */
+static PRBool
+ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
+ CERTCertificate *signerCert,
+ CERTOCSPCertID *certID,
+ PRTime thisUpdate)
+{
+ CERTCertificate *issuerCert = NULL, *defRespCert;
+ SECItem *keyHash = NULL;
+ SECItem *nameHash = NULL;
+ SECOidTag hashAlg;
+ PRBool keyHashEQ = PR_FALSE, nameHashEQ = PR_FALSE;
+
+ /*
+ * Check first for a trusted responder, which overrides everything else.
+ */
+ if ((defRespCert = ocsp_CertGetDefaultResponder(handle, certID)) &&
+ CERT_CompareCerts(defRespCert, signerCert)) {
+ return PR_TRUE;
+ }
+
+ /*
+ * In the other two cases, we need to do an issuer comparison.
+ * How we do it depends on whether the signer certificate has the
+ * special extension (for a designated responder) or not.
+ *
+ * First, lets check if signer of the response is the actual issuer
+ * of the cert. For that we will use signer cert key hash and cert subj
+ * name hash and will compare them with already calculated issuer key
+ * hash and issuer name hash. The hash algorithm is picked from response
+ * certID hash to avoid second hash calculation.
+ */
+
+ hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
+
+ keyHash = CERT_GetSubjectPublicKeyDigest(NULL, signerCert, hashAlg, NULL);
+ if (keyHash != NULL) {
+
+ keyHashEQ =
+ (SECITEM_CompareItem(keyHash,
+ &certID->issuerKeyHash) == SECEqual);
+ SECITEM_FreeItem(keyHash, PR_TRUE);
+ }
+ if (keyHashEQ &&
+ (nameHash = CERT_GetSubjectNameDigest(NULL, signerCert,
+ hashAlg, NULL))) {
+ nameHashEQ =
+ (SECITEM_CompareItem(nameHash,
+ &certID->issuerNameHash) == SECEqual);
+
+ SECITEM_FreeItem(nameHash, PR_TRUE);
+ if (nameHashEQ) {
+ /* The issuer of the cert is the the signer of the response */
+ return PR_TRUE;
+ }
+ }
+
+ keyHashEQ = PR_FALSE;
+ nameHashEQ = PR_FALSE;
+
+ if (!ocsp_CertIsOCSPDesignatedResponder(signerCert)) {
+ PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
+ return PR_FALSE;
+ }
+
+ /*
+ * The signer is a designated responder. Its issuer must match
+ * the issuer of the cert being checked.
+ */
+ issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
+ certUsageAnyCA);
+ if (issuerCert == NULL) {
+ /*
+ * We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
+ * but the following will give slightly more information.
+ * Once we have an error stack, things will be much better.
+ */
+ PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
+ return PR_FALSE;
+ }
+
+ keyHash = CERT_GetSubjectPublicKeyDigest(NULL, issuerCert, hashAlg, NULL);
+ nameHash = CERT_GetSubjectNameDigest(NULL, issuerCert, hashAlg, NULL);
+
+ CERT_DestroyCertificate(issuerCert);
+
+ if (keyHash != NULL && nameHash != NULL) {
+ keyHashEQ =
+ (SECITEM_CompareItem(keyHash,
+ &certID->issuerKeyHash) == SECEqual);
+
+ nameHashEQ =
+ (SECITEM_CompareItem(nameHash,
+ &certID->issuerNameHash) == SECEqual);
+ }
+
+ if (keyHash) {
+ SECITEM_FreeItem(keyHash, PR_TRUE);
+ }
+ if (nameHash) {
+ SECITEM_FreeItem(nameHash, PR_TRUE);
+ }
+
+ if (keyHashEQ && nameHashEQ) {
+ return PR_TRUE;
+ }
+
+ PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
+ return PR_FALSE;
+}
+
+/*
+ * We need to check that a responder gives us "recent" information.
+ * Since a responder can pre-package responses, we need to pick an amount
+ * of time that is acceptable to us, and reject any response that is
+ * older than that.
+ *
+ * XXX This *should* be based on some configuration parameter, so that
+ * different usages could specify exactly what constitutes "sufficiently
+ * recent". But that is not going to happen right away. For now, we
+ * want something from within the last 24 hours. This macro defines that
+ * number in seconds.
+ */
+#define OCSP_ALLOWABLE_LAPSE_SECONDS (24L * 60L * 60L)
+
+static PRBool
+ocsp_TimeIsRecent(PRTime checkTime)
+{
+ PRTime now = PR_Now();
+ PRTime lapse, tmp;
+
+ LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
+ LL_I2L(tmp, PR_USEC_PER_SEC);
+ LL_MUL(lapse, lapse, tmp); /* allowable lapse in microseconds */
+
+ LL_ADD(checkTime, checkTime, lapse);
+ if (LL_CMP(now, >, checkTime))
+ return PR_FALSE;
+
+ return PR_TRUE;
+}
+
+#define OCSP_SLOP (5L * 60L) /* OCSP responses are allowed to be 5 minutes \
+ in the future by default */
+
+static PRUint32 ocspsloptime = OCSP_SLOP; /* seconds */
+
+/*
+ * If an old response contains the revoked certificate status, we want
+ * to return SECSuccess so the response will be used.
+ */
+static SECStatus
+ocsp_HandleOldSingleResponse(CERTOCSPSingleResponse *single, PRTime time)
+{
+ SECStatus rv;
+ ocspCertStatus *status = single->certStatus;
+ if (status->certStatusType == ocspCertStatus_revoked) {
+ rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
+ if (rv != SECSuccess &&
+ PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE) {
+ /*
+ * Return SECSuccess now. The subsequent ocsp_CertRevokedAfter
+ * call in ocsp_CertHasGoodStatus will cause
+ * ocsp_CertHasGoodStatus to fail with
+ * SEC_ERROR_REVOKED_CERTIFICATE.
+ */
+ return SECSuccess;
+ }
+ }
+ PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
+ return SECFailure;
+}
+
+/*
+ * Check that this single response is okay. A return of SECSuccess means:
+ * 1. The signer (represented by "signerCert") is authorized to give status
+ * for the cert represented by the individual response in "single".
+ * 2. The value of thisUpdate is earlier than now.
+ * 3. The value of producedAt is later than or the same as thisUpdate.
+ * 4. If nextUpdate is given:
+ * - The value of nextUpdate is later than now.
+ * - The value of producedAt is earlier than nextUpdate.
+ * Else if no nextUpdate:
+ * - The value of thisUpdate is fairly recent.
+ * - The value of producedAt is fairly recent.
+ * However we do not need to perform an explicit check for this last
+ * constraint because it is already guaranteed by checking that
+ * producedAt is later than thisUpdate and thisUpdate is recent.
+ * Oh, and any responder is "authorized" to say that a cert is unknown to it.
+ *
+ * If any of those checks fail, SECFailure is returned and an error is set:
+ * SEC_ERROR_OCSP_FUTURE_RESPONSE
+ * SEC_ERROR_OCSP_OLD_RESPONSE
+ * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+static SECStatus
+ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
+ CERTCertDBHandle *handle,
+ CERTCertificate *signerCert,
+ PRTime producedAt)
+{
+ CERTOCSPCertID *certID = single->certID;
+ PRTime now, thisUpdate, nextUpdate, tmstamp, tmp;
+ SECStatus rv;
+
+ OCSP_TRACE(("OCSP ocsp_VerifySingleResponse, nextUpdate: %d\n",
+ ((single->nextUpdate) != 0)));
+ /*
+ * If all the responder said was that the given cert was unknown to it,
+ * that is a valid response. Not very interesting to us, of course,
+ * but all this function is concerned with is validity of the response,
+ * not the status of the cert.
+ */
+ PORT_Assert(single->certStatus != NULL);
+ if (single->certStatus->certStatusType == ocspCertStatus_unknown)
+ return SECSuccess;
+
+ /*
+ * We need to extract "thisUpdate" for use below and to pass along
+ * to AuthorizedResponderForCertID in case it needs it for doing an
+ * issuer look-up.
+ */
+ rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * First confirm that signerCert is authorized to give this status.
+ */
+ if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
+ thisUpdate) != PR_TRUE)
+ return SECFailure;
+
+ /*
+ * Now check the time stuff, as described above.
+ */
+ now = PR_Now();
+ /* allow slop time for future response */
+ LL_UI2L(tmstamp, ocspsloptime); /* get slop time in seconds */
+ LL_UI2L(tmp, PR_USEC_PER_SEC);
+ LL_MUL(tmp, tmstamp, tmp); /* convert the slop time to PRTime */
+ LL_ADD(tmstamp, tmp, now); /* add current time to it */
+
+ if (LL_CMP(thisUpdate, >, tmstamp) || LL_CMP(producedAt, <, thisUpdate)) {
+ PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
+ return SECFailure;
+ }
+ if (single->nextUpdate != NULL) {
+ rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
+ if (rv != SECSuccess)
+ return rv;
+
+ LL_ADD(tmp, tmp, nextUpdate);
+ if (LL_CMP(tmp, <, now) || LL_CMP(producedAt, >, nextUpdate))
+ return ocsp_HandleOldSingleResponse(single, now);
+ } else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
+ return ocsp_HandleOldSingleResponse(single, now);
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
+ * Get the value of the URI of the OCSP responder for the given cert.
+ * This is found in the (optional) Authority Information Access extension
+ * in the cert.
+ * INPUTS:
+ * CERTCertificate *cert
+ * The certificate being examined.
+ * RETURN:
+ * char *
+ * A copy of the URI for the OCSP method, if found. If either the
+ * extension is not present or it does not contain an entry for OCSP,
+ * SEC_ERROR_CERT_BAD_ACCESS_LOCATION will be set and a NULL returned.
+ * Any other error will also result in a NULL being returned.
+ *
+ * This result should be freed (via PORT_Free) when no longer in use.
+ */
+char *
+CERT_GetOCSPAuthorityInfoAccessLocation(const CERTCertificate *cert)
+{
+ CERTGeneralName *locname = NULL;
+ SECItem *location = NULL;
+ SECItem *encodedAuthInfoAccess = NULL;
+ CERTAuthInfoAccess **authInfoAccess = NULL;
+ char *locURI = NULL;
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ int i;
+
+ /*
+ * Allocate this one from the heap because it will get filled in
+ * by CERT_FindCertExtension which will also allocate from the heap,
+ * and we can free the entire thing on our way out.
+ */
+ encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
+ if (encodedAuthInfoAccess == NULL)
+ goto loser;
+
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
+ encodedAuthInfoAccess);
+ if (rv == SECFailure) {
+ PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+ goto loser;
+ }
+
+ /*
+ * The rest of the things allocated in the routine will come out of
+ * this arena, which is temporary just for us to decode and get at the
+ * AIA extension. The whole thing will be destroyed on our way out,
+ * after we have copied the location string (url) itself (if found).
+ */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto loser;
+
+ authInfoAccess = CERT_DecodeAuthInfoAccessExtension(arena,
+ encodedAuthInfoAccess);
+ if (authInfoAccess == NULL)
+ goto loser;
+
+ for (i = 0; authInfoAccess[i] != NULL; i++) {
+ if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
+ locname = authInfoAccess[i]->location;
+ }
+
+ /*
+ * If we found an AIA extension, but it did not include an OCSP method,
+ * that should look to our caller as if we did not find the extension
+ * at all, because it is only an OCSP method that we care about.
+ * So set the same error that would be set if the AIA extension was
+ * not there at all.
+ */
+ if (locname == NULL) {
+ PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+ goto loser;
+ }
+
+ /*
+ * The following is just a pointer back into locname (i.e. not a copy);
+ * thus it should not be freed.
+ */
+ location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
+ if (location == NULL) {
+ /*
+ * XXX Appears that CERT_GetGeneralNameByType does not set an
+ * error if there is no name by that type. For lack of anything
+ * better, act as if the extension was not found. In the future
+ * this should probably be something more like the extension was
+ * badly formed.
+ */
+ PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
+ goto loser;
+ }
+
+ /*
+ * That location is really a string, but it has a specified length
+ * without a null-terminator. We need a real string that does have
+ * a null-terminator, and we need a copy of it anyway to return to
+ * our caller -- so allocate and copy.
+ */
+ locURI = PORT_Alloc(location->len + 1);
+ if (locURI == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(locURI, location->data, location->len);
+ locURI[location->len] = '\0';
+
+loser:
+ if (arena != NULL)
+ PORT_FreeArena(arena, PR_FALSE);
+
+ if (encodedAuthInfoAccess != NULL)
+ SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
+
+ return locURI;
+}
+
+/*
+ * Figure out where we should go to find out the status of the given cert
+ * via OCSP. If allowed to use a default responder uri and a default
+ * responder is set up, then that is our answer.
+ * If not, see if the certificate has an Authority Information Access (AIA)
+ * extension for OCSP, and return the value of that. Otherwise return NULL.
+ * We also let our caller know whether or not the responder chosen was
+ * a default responder or not through the output variable isDefault;
+ * its value has no meaning unless a good (non-null) value is returned
+ * for the location.
+ *
+ * The result needs to be freed (PORT_Free) when no longer in use.
+ */
+char *
+ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRBool canUseDefault, PRBool *isDefault)
+{
+ ocspCheckingContext *ocspcx = NULL;
+ char *ocspUrl = NULL;
+
+ if (canUseDefault) {
+ ocspcx = ocsp_GetCheckingContext(handle);
+ }
+ if (ocspcx != NULL && ocspcx->useDefaultResponder) {
+ /*
+ * A default responder wins out, if specified.
+ * XXX Someday this may be a more complicated determination based
+ * on the cert's issuer. (That is, we could have different default
+ * responders configured for different issuers.)
+ */
+ PORT_Assert(ocspcx->defaultResponderURI != NULL);
+ *isDefault = PR_TRUE;
+ return (PORT_Strdup(ocspcx->defaultResponderURI));
+ }
+
+ /*
+ * No default responder set up, so go see if we can find an AIA
+ * extension that has a value for OCSP, and get the url from that.
+ */
+ *isDefault = PR_FALSE;
+ ocspUrl = CERT_GetOCSPAuthorityInfoAccessLocation(cert);
+ if (!ocspUrl) {
+ CERT_StringFromCertFcn altFcn;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ altFcn = OCSP_Global.alternateOCSPAIAFcn;
+ PR_ExitMonitor(OCSP_Global.monitor);
+ if (altFcn) {
+ ocspUrl = (*altFcn)(cert);
+ if (ocspUrl)
+ *isDefault = PR_TRUE;
+ }
+ }
+ return ocspUrl;
+}
+
+/*
+ * Return SECSuccess if the cert was revoked *after* "time",
+ * SECFailure otherwise.
+ */
+static SECStatus
+ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time)
+{
+ PRTime revokedTime;
+ SECStatus rv;
+
+ rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * Set the error even if we will return success; someone might care.
+ */
+ PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
+
+ if (LL_CMP(revokedTime, >, time))
+ return SECSuccess;
+
+ return SECFailure;
+}
+
+/*
+ * See if the cert represented in the single response had a good status
+ * at the specified time.
+ */
+SECStatus
+ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time)
+{
+ SECStatus rv;
+ switch (status->certStatusType) {
+ case ocspCertStatus_good:
+ rv = SECSuccess;
+ break;
+ case ocspCertStatus_revoked:
+ rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
+ break;
+ case ocspCertStatus_unknown:
+ PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
+ rv = SECFailure;
+ break;
+ case ocspCertStatus_other:
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ rv = SECFailure;
+ break;
+ }
+ return rv;
+}
+
+static SECStatus
+ocsp_SingleResponseCertHasGoodStatus(CERTOCSPSingleResponse *single,
+ PRTime time)
+{
+ return ocsp_CertHasGoodStatus(single->certStatus, time);
+}
+
+/* SECFailure means the arguments were invalid.
+ * On SECSuccess, the out parameters contain the OCSP status.
+ * rvOcsp contains the overall result of the OCSP operation.
+ * Depending on input parameter ignoreGlobalOcspFailureSetting,
+ * a soft failure might be converted into *rvOcsp=SECSuccess.
+ * If the cached attempt to obtain OCSP information had resulted
+ * in a failure, missingResponseError shows the error code of
+ * that failure.
+ * cacheFreshness is ocspMissing if no entry was found,
+ * ocspFresh if a fresh entry was found, or
+ * ocspStale if a stale entry was found.
+ */
+SECStatus
+ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID,
+ PRTime time,
+ PRBool ignoreGlobalOcspFailureSetting,
+ SECStatus *rvOcsp,
+ SECErrorCodes *missingResponseError,
+ OCSPFreshness *cacheFreshness)
+{
+ OCSPCacheItem *cacheItem = NULL;
+
+ if (!certID || !missingResponseError || !rvOcsp || !cacheFreshness) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ *rvOcsp = SECFailure;
+ *missingResponseError = 0;
+ *cacheFreshness = ocspMissing;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ cacheItem = ocsp_FindCacheEntry(&OCSP_Global.cache, certID);
+ if (cacheItem) {
+ *cacheFreshness = ocsp_IsCacheItemFresh(cacheItem) ? ocspFresh
+ : ocspStale;
+ /* having an arena means, we have a cached certStatus */
+ if (cacheItem->certStatusArena) {
+ *rvOcsp = ocsp_CertHasGoodStatus(&cacheItem->certStatus, time);
+ if (*rvOcsp != SECSuccess) {
+ *missingResponseError = PORT_GetError();
+ }
+ } else {
+ /*
+ * No status cached, the previous attempt failed.
+ * If OCSP is required, we never decide based on a failed attempt
+ * However, if OCSP is optional, a recent OCSP failure is
+ * an allowed good state.
+ */
+ if (*cacheFreshness == ocspFresh &&
+ !ignoreGlobalOcspFailureSetting &&
+ OCSP_Global.ocspFailureMode ==
+ ocspMode_FailureIsNotAVerificationFailure) {
+ *rvOcsp = SECSuccess;
+ }
+ *missingResponseError = cacheItem->missingResponseError;
+ }
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return SECSuccess;
+}
+
+PRBool
+ocsp_FetchingFailureIsVerificationFailure(void)
+{
+ PRBool isFailure;
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ isFailure =
+ OCSP_Global.ocspFailureMode == ocspMode_FailureIsVerificationFailure;
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return isFailure;
+}
+
+/*
+ * FUNCTION: CERT_CheckOCSPStatus
+ * Checks the status of a certificate via OCSP. Will only check status for
+ * a certificate that has an AIA (Authority Information Access) extension
+ * for OCSP *or* when a "default responder" is specified and enabled.
+ * (If no AIA extension for OCSP and no default responder in place, the
+ * cert is considered to have a good status and SECSuccess is returned.)
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTCertificate *cert
+ * the certificate being checked
+ * XXX in the long term also need a boolean parameter that specifies
+ * whether to check the cert chain, as well; for now we check only
+ * the leaf (the specified certificate)
+ * PRTime time
+ * time for which status is to be determined
+ * void *pwArg
+ * argument for password prompting, if needed
+ * RETURN:
+ * Returns SECSuccess if an approved OCSP responder "knows" the cert
+ * *and* returns a non-revoked status for it; SECFailure otherwise,
+ * with an error set describing the reason:
+ *
+ * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
+ * SEC_ERROR_OCSP_FUTURE_RESPONSE
+ * SEC_ERROR_OCSP_MALFORMED_REQUEST
+ * SEC_ERROR_OCSP_MALFORMED_RESPONSE
+ * SEC_ERROR_OCSP_OLD_RESPONSE
+ * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
+ * SEC_ERROR_OCSP_SERVER_ERROR
+ * SEC_ERROR_OCSP_TRY_SERVER_LATER
+ * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
+ * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+ * SEC_ERROR_OCSP_UNKNOWN_CERT
+ * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
+ * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
+ *
+ * SEC_ERROR_BAD_SIGNATURE
+ * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
+ * SEC_ERROR_INVALID_TIME
+ * SEC_ERROR_REVOKED_CERTIFICATE
+ * SEC_ERROR_UNKNOWN_ISSUER
+ * SEC_ERROR_UNKNOWN_SIGNER
+ *
+ * Other errors are any of the many possible failures in cert verification
+ * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
+ * verifying the signer's cert, or low-level problems (error allocating
+ * memory, error performing ASN.1 decoding, etc.).
+ */
+SECStatus
+CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRTime time, void *pwArg)
+{
+ CERTOCSPCertID *certID;
+ PRBool certIDWasConsumed = PR_FALSE;
+ SECStatus rv;
+ SECStatus rvOcsp;
+ SECErrorCodes cachedErrorCode;
+ OCSPFreshness cachedResponseFreshness;
+
+ OCSP_TRACE_CERT(cert);
+ OCSP_TRACE_TIME("## requested validity time:", time);
+
+ certID = CERT_CreateOCSPCertID(cert, time);
+ if (!certID)
+ return SECFailure;
+ rv = ocsp_GetCachedOCSPResponseStatus(
+ certID, time, PR_FALSE, /* ignoreGlobalOcspFailureSetting */
+ &rvOcsp, &cachedErrorCode, &cachedResponseFreshness);
+ if (rv != SECSuccess) {
+ CERT_DestroyOCSPCertID(certID);
+ return SECFailure;
+ }
+ if (cachedResponseFreshness == ocspFresh) {
+ CERT_DestroyOCSPCertID(certID);
+ if (rvOcsp != SECSuccess) {
+ PORT_SetError(cachedErrorCode);
+ }
+ return rvOcsp;
+ }
+
+ rv = ocsp_GetOCSPStatusFromNetwork(handle, certID, cert, time, pwArg,
+ &certIDWasConsumed,
+ &rvOcsp);
+ if (rv != SECSuccess) {
+ PRErrorCode err = PORT_GetError();
+ if (ocsp_FetchingFailureIsVerificationFailure()) {
+ PORT_SetError(err);
+ rvOcsp = SECFailure;
+ } else if (cachedResponseFreshness == ocspStale &&
+ (cachedErrorCode == SEC_ERROR_OCSP_UNKNOWN_CERT ||
+ cachedErrorCode == SEC_ERROR_REVOKED_CERTIFICATE)) {
+ /* If we couldn't get a response for a certificate that the OCSP
+ * responder previously told us was bad, then assume it is still
+ * bad until we hear otherwise, as it is very unlikely that the
+ * certificate status has changed from "revoked" to "good" and it
+ * is also unlikely that the certificate status has changed from
+ * "unknown" to "good", except for some buggy OCSP responders.
+ */
+ PORT_SetError(cachedErrorCode);
+ rvOcsp = SECFailure;
+ } else {
+ rvOcsp = SECSuccess;
+ }
+ }
+ if (!certIDWasConsumed) {
+ CERT_DestroyOCSPCertID(certID);
+ }
+ return rvOcsp;
+}
+
+/*
+ * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+ * First, this function checks the OCSP cache to see if a good response
+ * for the given certificate already exists. If it does, then the function
+ * returns successfully.
+ *
+ * If not, then it validates that the given OCSP response is a valid,
+ * good response for the given certificate and inserts it into the
+ * cache.
+ *
+ * This function is intended for use when OCSP responses are provided via a
+ * side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
+ *
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTCertificate *cert
+ * the certificate being checked
+ * PRTime time
+ * time for which status is to be determined
+ * SECItem *encodedResponse
+ * the DER encoded bytes of the OCSP response
+ * void *pwArg
+ * argument for password prompting, if needed
+ * RETURN:
+ * SECSuccess if the cert was found in the cache, or if the OCSP response was
+ * found to be valid and inserted into the cache. SECFailure otherwise.
+ */
+SECStatus
+CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRTime time,
+ const SECItem *encodedResponse,
+ void *pwArg)
+{
+ CERTOCSPCertID *certID = NULL;
+ PRBool certIDWasConsumed = PR_FALSE;
+ SECStatus rv = SECFailure;
+ SECStatus rvOcsp = SECFailure;
+ SECErrorCodes dummy_error_code; /* we ignore this */
+ CERTOCSPResponse *decodedResponse = NULL;
+ CERTOCSPSingleResponse *singleResponse = NULL;
+ OCSPFreshness freshness;
+
+ /* The OCSP cache can be in three states regarding this certificate:
+ * + Good (cached, timely, 'good' response, or revoked in the future)
+ * + Revoked (cached, timely, but doesn't fit in the last category)
+ * + Miss (no knowledge)
+ *
+ * Likewise, the side-channel information can be
+ * + Good (timely, 'good' response, or revoked in the future)
+ * + Revoked (timely, but doesn't fit in the last category)
+ * + Invalid (bad syntax, bad signature, not timely etc)
+ *
+ * The common case is that the cache result is Good and so is the
+ * side-channel information. We want to save processing time in this case
+ * so we say that any time we see a Good result from the cache we return
+ * early.
+ *
+ * Cache result
+ * | Good Revoked Miss
+ * ---+--------------------------------------------
+ * G | noop Cache more Cache it
+ * S | recent result
+ * i |
+ * d |
+ * e |
+ * R | noop Cache more Cache it
+ * C | recent result
+ * h |
+ * a |
+ * n |
+ * n I | noop Noop Noop
+ * e |
+ * l |
+ *
+ * When we fetch from the network we might choose to cache a negative
+ * result when the response is invalid. This saves us hammering, uselessly,
+ * at a broken responder. However, side channels are commonly attacker
+ * controlled and so we must not cache a negative result for an Invalid
+ * side channel.
+ */
+
+ if (!cert || !encodedResponse) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ certID = CERT_CreateOCSPCertID(cert, time);
+ if (!certID)
+ return SECFailure;
+
+ /* We pass PR_TRUE for ignoreGlobalOcspFailureSetting so that a cached
+ * error entry is not interpreted as being a 'Good' entry here.
+ */
+ rv = ocsp_GetCachedOCSPResponseStatus(
+ certID, time, PR_TRUE, /* ignoreGlobalOcspFailureSetting */
+ &rvOcsp, &dummy_error_code, &freshness);
+ if (rv == SECSuccess && rvOcsp == SECSuccess && freshness == ocspFresh) {
+ /* The cached value is good. We don't want to waste time validating
+ * this OCSP response. This is the first column in the table above. */
+ CERT_DestroyOCSPCertID(certID);
+ return rv;
+ }
+
+ /* The logic for caching the more recent response is handled in
+ * ocsp_CacheSingleResponse. */
+
+ rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
+ time, pwArg,
+ encodedResponse,
+ &decodedResponse,
+ &singleResponse);
+ if (rv == SECSuccess) {
+ rvOcsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
+ /* Cache any valid singleResponse, regardless of status. */
+ ocsp_CacheSingleResponse(certID, singleResponse, &certIDWasConsumed);
+ }
+ if (decodedResponse) {
+ CERT_DestroyOCSPResponse(decodedResponse);
+ }
+ if (!certIDWasConsumed) {
+ CERT_DestroyOCSPCertID(certID);
+ }
+ return rv == SECSuccess ? rvOcsp : rv;
+}
+
+/*
+ * Status in *certIDWasConsumed will always be correct, regardless of
+ * return value.
+ */
+static SECStatus
+ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
+ CERTOCSPCertID *certID,
+ CERTCertificate *cert,
+ PRTime time,
+ void *pwArg,
+ PRBool *certIDWasConsumed,
+ SECStatus *rv_ocsp)
+{
+ char *location = NULL;
+ PRBool locationIsDefault;
+ SECItem *encodedResponse = NULL;
+ CERTOCSPRequest *request = NULL;
+ SECStatus rv = SECFailure;
+
+ CERTOCSPResponse *decodedResponse = NULL;
+ CERTOCSPSingleResponse *singleResponse = NULL;
+ enum { stageGET,
+ stagePOST } currentStage;
+ PRBool retry = PR_FALSE;
+
+ if (!certIDWasConsumed || !rv_ocsp) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ *certIDWasConsumed = PR_FALSE;
+ *rv_ocsp = SECFailure;
+
+ if (!OCSP_Global.monitor) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (OCSP_Global.forcePost) {
+ currentStage = stagePOST;
+ } else {
+ currentStage = stageGET;
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+
+ /*
+ * The first thing we need to do is find the location of the responder.
+ * This will be the value of the default responder (if enabled), else
+ * it will come out of the AIA extension in the cert (if present).
+ * If we have no such location, then this cert does not "deserve" to
+ * be checked -- that is, we consider it a success and just return.
+ * The way we tell that is by looking at the error number to see if
+ * the problem was no AIA extension was found; any other error was
+ * a true failure that we unfortunately have to treat as an overall
+ * failure here.
+ */
+ location = ocsp_GetResponderLocation(handle, cert, PR_TRUE,
+ &locationIsDefault);
+ if (location == NULL) {
+ int err = PORT_GetError();
+ if (err == SEC_ERROR_EXTENSION_NOT_FOUND ||
+ err == SEC_ERROR_CERT_BAD_ACCESS_LOCATION) {
+ PORT_SetError(0);
+ *rv_ocsp = SECSuccess;
+ return SECSuccess;
+ }
+ return SECFailure;
+ }
+
+ /*
+ * XXX In the fullness of time, we will want/need to handle a
+ * certificate chain. This will be done either when a new parameter
+ * tells us to, or some configuration variable tells us to. In any
+ * case, handling it is complicated because we may need to send as
+ * many requests (and receive as many responses) as we have certs
+ * in the chain. If we are going to talk to a default responder,
+ * and we only support one default responder, we can put all of the
+ * certs together into one request. Otherwise, we must break them up
+ * into multiple requests. (Even if all of the requests will go to
+ * the same location, the signature on each response will be different,
+ * because each issuer is different. Carefully read the OCSP spec
+ * if you do not understand this.)
+ */
+
+ /*
+ * XXX If/when signing of requests is supported, that second NULL
+ * should be changed to be the signer certificate. Not sure if that
+ * should be passed into this function or retrieved via some operation
+ * on the handle/context.
+ */
+
+ do {
+ const char *method;
+ PRBool validResponseWithAccurateInfo = PR_FALSE;
+ retry = PR_FALSE;
+ *rv_ocsp = SECFailure;
+
+ if (currentStage == stageGET) {
+ method = "GET";
+ } else {
+ PORT_Assert(currentStage == stagePOST);
+ method = "POST";
+ }
+
+ encodedResponse =
+ ocsp_GetEncodedOCSPResponseForSingleCert(NULL, certID, cert,
+ location, method,
+ time, locationIsDefault,
+ pwArg, &request);
+
+ if (encodedResponse) {
+ rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
+ time, pwArg,
+ encodedResponse,
+ &decodedResponse,
+ &singleResponse);
+ if (rv == SECSuccess) {
+ switch (singleResponse->certStatus->certStatusType) {
+ case ocspCertStatus_good:
+ case ocspCertStatus_revoked:
+ validResponseWithAccurateInfo = PR_TRUE;
+ break;
+ default:
+ break;
+ }
+ *rv_ocsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
+ }
+ }
+
+ if (currentStage == stageGET) {
+ /* only accept GET response if good or revoked */
+ if (validResponseWithAccurateInfo) {
+ ocsp_CacheSingleResponse(certID, singleResponse,
+ certIDWasConsumed);
+ } else {
+ retry = PR_TRUE;
+ currentStage = stagePOST;
+ }
+ } else {
+ /* cache the POST respone, regardless of status */
+ if (!singleResponse) {
+ cert_RememberOCSPProcessingFailure(certID, certIDWasConsumed);
+ } else {
+ ocsp_CacheSingleResponse(certID, singleResponse,
+ certIDWasConsumed);
+ }
+ }
+
+ if (encodedResponse) {
+ SECITEM_FreeItem(encodedResponse, PR_TRUE);
+ encodedResponse = NULL;
+ }
+ if (request) {
+ CERT_DestroyOCSPRequest(request);
+ request = NULL;
+ }
+ if (decodedResponse) {
+ CERT_DestroyOCSPResponse(decodedResponse);
+ decodedResponse = NULL;
+ }
+ singleResponse = NULL;
+
+ } while (retry);
+
+ PORT_Free(location);
+ return rv;
+}
+
+/*
+ * FUNCTION: ocsp_GetDecodedVerifiedSingleResponseForID
+ * This function decodes an OCSP response and checks for a valid response
+ * concerning the given certificate.
+ *
+ * Note: a 'valid' response is one that parses successfully, is not an OCSP
+ * exception (see RFC 2560 Section 2.3), is correctly signed and is current.
+ * A 'good' response is a valid response that attests that the certificate
+ * is not currently revoked (see RFC 2560 Section 2.2).
+ *
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTOCSPCertID *certID
+ * the cert ID corresponding to |cert|
+ * CERTCertificate *cert
+ * the certificate being checked
+ * PRTime time
+ * time for which status is to be determined
+ * void *pwArg
+ * the opaque argument to the password prompting function.
+ * SECItem *encodedResponse
+ * the DER encoded bytes of the OCSP response
+ * CERTOCSPResponse **pDecodedResponse
+ * (output) The caller must ALWAYS check for this output parameter,
+ * and if it's non-null, must destroy it using CERT_DestroyOCSPResponse.
+ * CERTOCSPSingleResponse **pSingle
+ * (output) on success, this points to the single response that corresponds
+ * to the certID parameter. Points to the inside of pDecodedResponse.
+ * It isn't a copy, don't free it.
+ * RETURN:
+ * SECSuccess iff the response is valid.
+ */
+static SECStatus
+ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
+ CERTOCSPCertID *certID,
+ CERTCertificate *cert,
+ PRTime time,
+ void *pwArg,
+ const SECItem *encodedResponse,
+ CERTOCSPResponse **pDecodedResponse,
+ CERTOCSPSingleResponse **pSingle)
+{
+ CERTCertificate *signerCert = NULL;
+ CERTCertificate *issuerCert = NULL;
+ SECStatus rv = SECFailure;
+
+ if (!pSingle || !pDecodedResponse) {
+ return SECFailure;
+ }
+ *pSingle = NULL;
+ *pDecodedResponse = CERT_DecodeOCSPResponse(encodedResponse);
+ if (!*pDecodedResponse) {
+ return SECFailure;
+ }
+
+ /*
+ * Okay, we at least have a response that *looks* like a response!
+ * Now see if the overall response status value is good or not.
+ * If not, we set an error and give up. (It means that either the
+ * server had a problem, or it didn't like something about our
+ * request. Either way there is nothing to do but give up.)
+ * Otherwise, we continue to find the actual per-cert status
+ * in the response.
+ */
+ if (CERT_GetOCSPResponseStatus(*pDecodedResponse) != SECSuccess) {
+ goto loser;
+ }
+
+ /*
+ * If we've made it this far, we expect a response with a good signature.
+ * So, check for that.
+ */
+ issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
+ rv = CERT_VerifyOCSPResponseSignature(*pDecodedResponse, handle, pwArg,
+ &signerCert, issuerCert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_Assert(signerCert != NULL); /* internal consistency check */
+ /* XXX probably should set error, return failure if signerCert is null */
+
+ /*
+ * Again, we are only doing one request for one cert.
+ * XXX When we handle cert chains, the following code will obviously
+ * have to be modified, in coordation with the code above that will
+ * have to determine how to make multiple requests, etc.
+ */
+ rv = ocsp_GetVerifiedSingleResponseForCertID(handle, *pDecodedResponse, certID,
+ signerCert, time, pSingle);
+loser:
+ if (issuerCert != NULL)
+ CERT_DestroyCertificate(issuerCert);
+ if (signerCert != NULL)
+ CERT_DestroyCertificate(signerCert);
+ return rv;
+}
+
+/*
+ * FUNCTION: ocsp_CacheSingleResponse
+ * This function requires that the caller has checked that the response
+ * is valid and verified.
+ * The (positive or negative) valid response will be used to update the cache.
+ * INPUTS:
+ * CERTOCSPCertID *certID
+ * the cert ID corresponding to |cert|
+ * PRBool *certIDWasConsumed
+ * (output) on return, this is true iff |certID| was consumed by this
+ * function.
+ */
+void
+ocsp_CacheSingleResponse(CERTOCSPCertID *certID,
+ CERTOCSPSingleResponse *single,
+ PRBool *certIDWasConsumed)
+{
+ if (single != NULL) {
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (OCSP_Global.maxCacheEntries >= 0) {
+ ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, single,
+ certIDWasConsumed);
+ /* ignore cache update failures */
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+ }
+}
+
+SECStatus
+ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle,
+ CERTOCSPResponse *response,
+ CERTOCSPCertID *certID,
+ CERTCertificate *signerCert,
+ PRTime time,
+ CERTOCSPSingleResponse
+ **pSingleResponse)
+{
+ SECStatus rv;
+ ocspResponseData *responseData;
+ PRTime producedAt;
+ CERTOCSPSingleResponse *single;
+
+ /*
+ * The ResponseData part is the real guts of the response.
+ */
+ responseData = ocsp_GetResponseData(response, NULL);
+ if (responseData == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /*
+ * There is one producedAt time for the entire response (and a separate
+ * thisUpdate time for each individual single response). We need to
+ * compare them, so get the overall time to pass into the check of each
+ * single response.
+ */
+ rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
+ if (rv != SECSuccess)
+ goto loser;
+
+ single = ocsp_GetSingleResponseForCertID(responseData->responses,
+ handle, certID);
+ if (single == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
+ if (rv != SECSuccess)
+ goto loser;
+ *pSingleResponse = single;
+
+loser:
+ return rv;
+}
+
+SECStatus
+CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
+ CERTOCSPResponse *response,
+ CERTOCSPCertID *certID,
+ CERTCertificate *signerCert,
+ PRTime time)
+{
+ /*
+ * We do not update the cache, because:
+ *
+ * CERT_GetOCSPStatusForCertID is an old exported API that was introduced
+ * before the OCSP cache got implemented.
+ *
+ * The implementation of helper function cert_ProcessOCSPResponse
+ * requires the ability to transfer ownership of the the given certID to
+ * the cache. The external API doesn't allow us to prevent the caller from
+ * destroying the certID. We don't have the original certificate available,
+ * therefore we are unable to produce another certID object (that could
+ * be stored in the cache).
+ *
+ * Should we ever implement code to produce a deep copy of certID,
+ * then this could be changed to allow updating the cache.
+ * The duplication would have to be done in
+ * cert_ProcessOCSPResponse, if the out parameter to indicate
+ * a transfer of ownership is NULL.
+ */
+ return cert_ProcessOCSPResponse(handle, response, certID,
+ signerCert, time,
+ NULL, NULL);
+}
+
+/*
+ * The first 5 parameters match the definition of CERT_GetOCSPStatusForCertID.
+ */
+SECStatus
+cert_ProcessOCSPResponse(CERTCertDBHandle *handle,
+ CERTOCSPResponse *response,
+ CERTOCSPCertID *certID,
+ CERTCertificate *signerCert,
+ PRTime time,
+ PRBool *certIDWasConsumed,
+ SECStatus *cacheUpdateStatus)
+{
+ SECStatus rv;
+ SECStatus rv_cache = SECSuccess;
+ CERTOCSPSingleResponse *single = NULL;
+
+ rv = ocsp_GetVerifiedSingleResponseForCertID(handle, response, certID,
+ signerCert, time, &single);
+ if (rv == SECSuccess) {
+ /*
+ * Check whether the status says revoked, and if so
+ * how that compares to the time value passed into this routine.
+ */
+ rv = ocsp_SingleResponseCertHasGoodStatus(single, time);
+ }
+
+ if (certIDWasConsumed) {
+ /*
+ * We don't have copy-of-certid implemented. In order to update
+ * the cache, the caller must supply an out variable
+ * certIDWasConsumed, allowing us to return ownership status.
+ */
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (OCSP_Global.maxCacheEntries >= 0) {
+ /* single == NULL means: remember response failure */
+ rv_cache =
+ ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID,
+ single, certIDWasConsumed);
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+ if (cacheUpdateStatus) {
+ *cacheUpdateStatus = rv_cache;
+ }
+ }
+
+ return rv;
+}
+
+SECStatus
+cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID,
+ PRBool *certIDWasConsumed)
+{
+ SECStatus rv = SECSuccess;
+ PR_EnterMonitor(OCSP_Global.monitor);
+ if (OCSP_Global.maxCacheEntries >= 0) {
+ rv = ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, NULL,
+ certIDWasConsumed);
+ }
+ PR_ExitMonitor(OCSP_Global.monitor);
+ return rv;
+}
+
+/*
+ * Disable status checking and destroy related structures/data.
+ */
+static SECStatus
+ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
+{
+ ocspCheckingContext *statusContext;
+
+ /*
+ * Disable OCSP checking
+ */
+ statusConfig->statusChecker = NULL;
+
+ statusContext = statusConfig->statusContext;
+ PORT_Assert(statusContext != NULL);
+ if (statusContext == NULL)
+ return SECFailure;
+
+ if (statusContext->defaultResponderURI != NULL)
+ PORT_Free(statusContext->defaultResponderURI);
+ if (statusContext->defaultResponderNickname != NULL)
+ PORT_Free(statusContext->defaultResponderNickname);
+
+ PORT_Free(statusContext);
+ statusConfig->statusContext = NULL;
+
+ PORT_Free(statusConfig);
+
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: CERT_DisableOCSPChecking
+ * Turns off OCSP checking for the given certificate database.
+ * This routine disables OCSP checking. Though it will return
+ * SECFailure if OCSP checking is not enabled, it is "safe" to
+ * call it that way and just ignore the return value, if it is
+ * easier to just call it than to "remember" whether it is enabled.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Certificate database for which OCSP checking will be disabled.
+ * RETURN:
+ * Returns SECFailure if an error occurred (usually means that OCSP
+ * checking was not enabled or status contexts were not initialized --
+ * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
+ */
+SECStatus
+CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
+{
+ CERTStatusConfig *statusConfig;
+ ocspCheckingContext *statusContext;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ statusConfig = CERT_GetStatusConfig(handle);
+ statusContext = ocsp_GetCheckingContext(handle);
+ if (statusContext == NULL)
+ return SECFailure;
+
+ if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
+ /*
+ * Status configuration is present, but either not currently
+ * enabled or not for OCSP.
+ */
+ PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
+ return SECFailure;
+ }
+
+ /* cache no longer necessary */
+ CERT_ClearOCSPCache();
+
+ /*
+ * This is how we disable status checking. Everything else remains
+ * in place in case we are enabled again.
+ */
+ statusConfig->statusChecker = NULL;
+
+ return SECSuccess;
+}
+
+/*
+ * Allocate and initialize the informational structures for status checking.
+ * This is done when some configuration of OCSP is being done or when OCSP
+ * checking is being turned on, whichever comes first.
+ */
+static SECStatus
+ocsp_InitStatusChecking(CERTCertDBHandle *handle)
+{
+ CERTStatusConfig *statusConfig = NULL;
+ ocspCheckingContext *statusContext = NULL;
+
+ PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
+ if (CERT_GetStatusConfig(handle) != NULL) {
+ /* XXX or call statusConfig->statusDestroy and continue? */
+ return SECFailure;
+ }
+
+ statusConfig = PORT_ZNew(CERTStatusConfig);
+ if (statusConfig == NULL)
+ goto loser;
+
+ statusContext = PORT_ZNew(ocspCheckingContext);
+ if (statusContext == NULL)
+ goto loser;
+
+ statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
+ statusConfig->statusContext = statusContext;
+
+ CERT_SetStatusConfig(handle, statusConfig);
+
+ return SECSuccess;
+
+loser:
+ if (statusConfig != NULL)
+ PORT_Free(statusConfig);
+ return SECFailure;
+}
+
+/*
+ * FUNCTION: CERT_EnableOCSPChecking
+ * Turns on OCSP checking for the given certificate database.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Certificate database for which OCSP checking will be enabled.
+ * RETURN:
+ * Returns SECFailure if an error occurred (likely only problem
+ * allocating memory); SECSuccess otherwise.
+ */
+SECStatus
+CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
+{
+ CERTStatusConfig *statusConfig;
+
+ SECStatus rv;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ statusConfig = CERT_GetStatusConfig(handle);
+ if (statusConfig == NULL) {
+ rv = ocsp_InitStatusChecking(handle);
+ if (rv != SECSuccess)
+ return rv;
+
+ /* Get newly established value */
+ statusConfig = CERT_GetStatusConfig(handle);
+ PORT_Assert(statusConfig != NULL);
+ }
+
+ /*
+ * Setting the checker function is what really enables the checking
+ * when each cert verification is done.
+ */
+ statusConfig->statusChecker = CERT_CheckOCSPStatus;
+
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: CERT_SetOCSPDefaultResponder
+ * Specify the location and cert of the default responder.
+ * If OCSP checking is already enabled *and* use of a default responder
+ * is also already enabled, all OCSP checking from now on will go directly
+ * to the specified responder. If OCSP checking is not enabled, or if
+ * it is but use of a default responder is not enabled, the information
+ * will be recorded and take effect whenever both are enabled.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Cert database on which OCSP checking should use the default responder.
+ * char *url
+ * The location of the default responder (e.g. "http://foo.com:80/ocsp")
+ * Note that the location will not be tested until the first attempt
+ * to send a request there.
+ * char *name
+ * The nickname of the cert to trust (expected) to sign the OCSP responses.
+ * If the corresponding cert cannot be found, SECFailure is returned.
+ * RETURN:
+ * Returns SECFailure if an error occurred; SECSuccess otherwise.
+ * The most likely error is that the cert for "name" could not be found
+ * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
+ * bad database, etc.).
+ */
+SECStatus
+CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
+ const char *url, const char *name)
+{
+ CERTCertificate *cert;
+ ocspCheckingContext *statusContext;
+ char *url_copy = NULL;
+ char *name_copy = NULL;
+ SECStatus rv;
+
+ if (handle == NULL || url == NULL || name == NULL) {
+ /*
+ * XXX When interface is exported, probably want better errors;
+ * perhaps different one for each parameter.
+ */
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /*
+ * Find the certificate for the specified nickname. Do this first
+ * because it seems the most likely to fail.
+ *
+ * XXX Shouldn't need that cast if the FindCertByNickname interface
+ * used const to convey that it does not modify the name. Maybe someday.
+ */
+ cert = CERT_FindCertByNickname(handle, (char *)name);
+ if (cert == NULL) {
+ /*
+ * look for the cert on an external token.
+ */
+ cert = PK11_FindCertFromNickname((char *)name, NULL);
+ }
+ if (cert == NULL)
+ return SECFailure;
+
+ /*
+ * Make a copy of the url and nickname.
+ */
+ url_copy = PORT_Strdup(url);
+ name_copy = PORT_Strdup(name);
+ if (url_copy == NULL || name_copy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ statusContext = ocsp_GetCheckingContext(handle);
+
+ /*
+ * Allocate and init the context if it doesn't already exist.
+ */
+ if (statusContext == NULL) {
+ rv = ocsp_InitStatusChecking(handle);
+ if (rv != SECSuccess)
+ goto loser;
+
+ statusContext = ocsp_GetCheckingContext(handle);
+ PORT_Assert(statusContext != NULL); /* extreme paranoia */
+ }
+
+ /*
+ * Note -- we do not touch the status context until after all of
+ * the steps which could cause errors. If something goes wrong,
+ * we want to leave things as they were.
+ */
+
+ /*
+ * Get rid of old url and name if there.
+ */
+ if (statusContext->defaultResponderNickname != NULL)
+ PORT_Free(statusContext->defaultResponderNickname);
+ if (statusContext->defaultResponderURI != NULL)
+ PORT_Free(statusContext->defaultResponderURI);
+
+ /*
+ * And replace them with the new ones.
+ */
+ statusContext->defaultResponderURI = url_copy;
+ statusContext->defaultResponderNickname = name_copy;
+
+ /*
+ * If there was already a cert in place, get rid of it and replace it.
+ * Otherwise, we are not currently enabled, so we don't want to save it;
+ * it will get re-found and set whenever use of a default responder is
+ * enabled.
+ */
+ if (statusContext->defaultResponderCert != NULL) {
+ CERT_DestroyCertificate(statusContext->defaultResponderCert);
+ statusContext->defaultResponderCert = cert;
+ /*OCSP enabled, switching responder: clear cache*/
+ CERT_ClearOCSPCache();
+ } else {
+ PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
+ CERT_DestroyCertificate(cert);
+ /*OCSP currently not enabled, no need to clear cache*/
+ }
+
+ return SECSuccess;
+
+loser:
+ CERT_DestroyCertificate(cert);
+ if (url_copy != NULL)
+ PORT_Free(url_copy);
+ if (name_copy != NULL)
+ PORT_Free(name_copy);
+ return rv;
+}
+
+/*
+ * FUNCTION: CERT_EnableOCSPDefaultResponder
+ * Turns on use of a default responder when OCSP checking.
+ * If OCSP checking is already enabled, this will make subsequent checks
+ * go directly to the default responder. (The location of the responder
+ * and the nickname of the responder cert must already be specified.)
+ * If OCSP checking is not enabled, this will be recorded and take effect
+ * whenever it is enabled.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Cert database on which OCSP checking should use the default responder.
+ * RETURN:
+ * Returns SECFailure if an error occurred; SECSuccess otherwise.
+ * No errors are especially likely unless the caller did not previously
+ * perform a successful call to SetOCSPDefaultResponder (in which case
+ * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
+ */
+SECStatus
+CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
+{
+ ocspCheckingContext *statusContext;
+ CERTCertificate *cert;
+ SECStatus rv;
+ SECCertificateUsage usage;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ statusContext = ocsp_GetCheckingContext(handle);
+
+ if (statusContext == NULL) {
+ /*
+ * Strictly speaking, the error already set is "correct",
+ * but cover over it with one more helpful in this context.
+ */
+ PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
+ return SECFailure;
+ }
+
+ if (statusContext->defaultResponderURI == NULL) {
+ PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
+ return SECFailure;
+ }
+
+ if (statusContext->defaultResponderNickname == NULL) {
+ PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
+ return SECFailure;
+ }
+
+ /*
+ * Find the cert for the nickname.
+ */
+ cert = CERT_FindCertByNickname(handle,
+ statusContext->defaultResponderNickname);
+ if (cert == NULL) {
+ cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname,
+ NULL);
+ }
+ /*
+ * We should never have trouble finding the cert, because its
+ * existence should have been proven by SetOCSPDefaultResponder.
+ */
+ PORT_Assert(cert != NULL);
+ if (cert == NULL)
+ return SECFailure;
+
+ /*
+ * Supplied cert should at least have a signing capability in order for us
+ * to use it as a trusted responder cert. Ability to sign is guaranteed if
+ * cert is validated to have any set of the usages below.
+ */
+ rv = CERT_VerifyCertificateNow(handle, cert, PR_TRUE,
+ certificateUsageCheckAllUsages,
+ NULL, &usage);
+ if (rv != SECSuccess || (usage & (certificateUsageSSLClient | certificateUsageSSLServer | certificateUsageSSLServerWithStepUp | certificateUsageEmailSigner | certificateUsageObjectSigner | certificateUsageStatusResponder | certificateUsageSSLCA)) == 0) {
+ PORT_SetError(SEC_ERROR_OCSP_RESPONDER_CERT_INVALID);
+ return SECFailure;
+ }
+
+ /*
+ * And hang onto it.
+ */
+ statusContext->defaultResponderCert = cert;
+
+ /* we don't allow a mix of cache entries from different responders */
+ CERT_ClearOCSPCache();
+
+ /*
+ * Finally, record the fact that we now have a default responder enabled.
+ */
+ statusContext->useDefaultResponder = PR_TRUE;
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: CERT_DisableOCSPDefaultResponder
+ * Turns off use of a default responder when OCSP checking.
+ * (Does nothing if use of a default responder is not enabled.)
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Cert database on which OCSP checking should stop using a default
+ * responder.
+ * RETURN:
+ * Returns SECFailure if an error occurred; SECSuccess otherwise.
+ * Errors very unlikely (like random memory corruption...).
+ */
+SECStatus
+CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
+{
+ CERTStatusConfig *statusConfig;
+ ocspCheckingContext *statusContext;
+ CERTCertificate *tmpCert;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ statusConfig = CERT_GetStatusConfig(handle);
+ if (statusConfig == NULL)
+ return SECSuccess;
+
+ statusContext = ocsp_GetCheckingContext(handle);
+ PORT_Assert(statusContext != NULL);
+ if (statusContext == NULL)
+ return SECFailure;
+
+ tmpCert = statusContext->defaultResponderCert;
+ if (tmpCert) {
+ statusContext->defaultResponderCert = NULL;
+ CERT_DestroyCertificate(tmpCert);
+ /* we don't allow a mix of cache entries from different responders */
+ CERT_ClearOCSPCache();
+ }
+
+ /*
+ * Finally, record the fact.
+ */
+ statusContext->useDefaultResponder = PR_FALSE;
+ return SECSuccess;
+}
+
+SECStatus
+CERT_ForcePostMethodForOCSP(PRBool forcePost)
+{
+ if (!OCSP_Global.monitor) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ PR_EnterMonitor(OCSP_Global.monitor);
+ OCSP_Global.forcePost = forcePost;
+ PR_ExitMonitor(OCSP_Global.monitor);
+
+ return SECSuccess;
+}
+
+SECStatus
+CERT_GetOCSPResponseStatus(CERTOCSPResponse *response)
+{
+ PORT_Assert(response);
+ if (response->statusValue == ocspResponse_successful)
+ return SECSuccess;
+
+ switch (response->statusValue) {
+ case ocspResponse_malformedRequest:
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
+ break;
+ case ocspResponse_internalError:
+ PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
+ break;
+ case ocspResponse_tryLater:
+ PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
+ break;
+ case ocspResponse_sigRequired:
+ /* XXX We *should* retry with a signature, if possible. */
+ PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
+ break;
+ case ocspResponse_unauthorized:
+ PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
+ break;
+ case ocspResponse_unused:
+ default:
+ PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
+ break;
+ }
+ return SECFailure;
+}
diff --git a/security/nss/lib/certhigh/ocsp.h b/security/nss/lib/certhigh/ocsp.h
new file mode 100644
index 000000000..ac9dd6465
--- /dev/null
+++ b/security/nss/lib/certhigh/ocsp.h
@@ -0,0 +1,723 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Interface to the OCSP implementation.
+ */
+
+#ifndef _OCSP_H_
+#define _OCSP_H_
+
+#include "plarena.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "keyt.h"
+#include "certt.h"
+#include "ocspt.h"
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/*
+ * This function registers the HttpClient with whose functions the
+ * HttpClientFcn structure has been populated as the default Http
+ * client.
+ *
+ * The function table must be a global object.
+ * The caller must ensure that NSS will be able to call
+ * the registered functions for the lifetime of the process.
+ */
+extern SECStatus
+SEC_RegisterDefaultHttpClient(const SEC_HttpClientFcn *fcnTable);
+
+/*
+ * This function obtains the HttpClient which has been registered
+ * by an earlier call to SEC_RegisterDefaultHttpClient.
+ */
+extern const SEC_HttpClientFcn *
+SEC_GetRegisteredHttpClient(void);
+
+/*
+ * Sets parameters that control NSS' internal OCSP cache.
+ * maxCacheEntries, special varlues are:
+ * -1 disable cache
+ * 0 unlimited cache entries
+ * minimumSecondsToNextFetchAttempt:
+ * whenever an OCSP request was attempted or completed over the network,
+ * wait at least this number of seconds before trying to fetch again.
+ * maximumSecondsToNextFetchAttempt:
+ * this is the maximum age of a cached response we allow, until we try
+ * to fetch an updated response, even if the OCSP responder expects
+ * that newer information update will not be available yet.
+ */
+extern SECStatus
+CERT_OCSPCacheSettings(PRInt32 maxCacheEntries,
+ PRUint32 minimumSecondsToNextFetchAttempt,
+ PRUint32 maximumSecondsToNextFetchAttempt);
+
+/*
+ * Set the desired behaviour on OCSP failures.
+ * See definition of ocspFailureMode for allowed choices.
+ */
+extern SECStatus
+CERT_SetOCSPFailureMode(SEC_OcspFailureMode ocspFailureMode);
+
+/*
+ * Configure the maximum time NSS will wait for an OCSP response.
+ */
+extern SECStatus
+CERT_SetOCSPTimeout(PRUint32 seconds);
+
+/*
+ * Removes all items currently stored in the OCSP cache.
+ */
+extern SECStatus
+CERT_ClearOCSPCache(void);
+
+/*
+ * FUNCTION: CERT_EnableOCSPChecking
+ * Turns on OCSP checking for the given certificate database.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Certificate database for which OCSP checking will be enabled.
+ * RETURN:
+ * Returns SECFailure if an error occurred (likely only problem
+ * allocating memory); SECSuccess otherwise.
+ */
+extern SECStatus
+CERT_EnableOCSPChecking(CERTCertDBHandle *handle);
+
+/*
+ * FUNCTION: CERT_DisableOCSPChecking
+ * Turns off OCSP checking for the given certificate database.
+ * This routine disables OCSP checking. Though it will return
+ * SECFailure if OCSP checking is not enabled, it is "safe" to
+ * call it that way and just ignore the return value, if it is
+ * easier to just call it than to "remember" whether it is enabled.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Certificate database for which OCSP checking will be disabled.
+ * RETURN:
+ * Returns SECFailure if an error occurred (usually means that OCSP
+ * checking was not enabled or status contexts were not initialized --
+ * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
+ */
+extern SECStatus
+CERT_DisableOCSPChecking(CERTCertDBHandle *handle);
+
+/*
+ * FUNCTION: CERT_SetOCSPDefaultResponder
+ * Specify the location and cert of the default responder.
+ * If OCSP checking is already enabled *and* use of a default responder
+ * is also already enabled, all OCSP checking from now on will go directly
+ * to the specified responder. If OCSP checking is not enabled, or if
+ * it is but use of a default responder is not enabled, the information
+ * will be recorded and take effect whenever both are enabled.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Cert database on which OCSP checking should use the default responder.
+ * const char *url
+ * The location of the default responder (e.g. "http://foo.com:80/ocsp")
+ * Note that the location will not be tested until the first attempt
+ * to send a request there.
+ * const char *name
+ * The nickname of the cert to trust (expected) to sign the OCSP responses.
+ * If the corresponding cert cannot be found, SECFailure is returned.
+ * RETURN:
+ * Returns SECFailure if an error occurred; SECSuccess otherwise.
+ * The most likely error is that the cert for "name" could not be found
+ * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
+ * bad database, etc.).
+ */
+extern SECStatus
+CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
+ const char *url, const char *name);
+
+/*
+ * FUNCTION: CERT_EnableOCSPDefaultResponder
+ * Turns on use of a default responder when OCSP checking.
+ * If OCSP checking is already enabled, this will make subsequent checks
+ * go directly to the default responder. (The location of the responder
+ * and the nickname of the responder cert must already be specified.)
+ * If OCSP checking is not enabled, this will be recorded and take effect
+ * whenever it is enabled.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Cert database on which OCSP checking should use the default responder.
+ * RETURN:
+ * Returns SECFailure if an error occurred; SECSuccess otherwise.
+ * No errors are especially likely unless the caller did not previously
+ * perform a successful call to SetOCSPDefaultResponder (in which case
+ * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
+ */
+extern SECStatus
+CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle);
+
+/*
+ * FUNCTION: CERT_DisableOCSPDefaultResponder
+ * Turns off use of a default responder when OCSP checking.
+ * (Does nothing if use of a default responder is not enabled.)
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * Cert database on which OCSP checking should stop using a default
+ * responder.
+ * RETURN:
+ * Returns SECFailure if an error occurred; SECSuccess otherwise.
+ * Errors very unlikely (like random memory corruption...).
+ */
+extern SECStatus
+CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle);
+
+/* If forcePost is set, OCSP requests will only be sent using the HTTP POST
+ * method. When forcePost is not set, OCSP requests will be sent using the
+ * HTTP GET method, with a fallback to POST when we fail to receive a response
+ * and/or when we receive an uncacheable response like "Unknown."
+ *
+ * The default is to use GET and fallback to POST.
+ */
+extern SECStatus CERT_ForcePostMethodForOCSP(PRBool forcePost);
+
+/*
+ * -------------------------------------------------------
+ * The Functions above are those expected to be used by a client
+ * providing OCSP status checking along with every cert verification.
+ * The functions below are for OCSP testing, debugging, or clients
+ * or servers performing more specialized OCSP tasks.
+ * -------------------------------------------------------
+ */
+
+/*
+ * FUNCTION: CERT_CreateOCSPRequest
+ * Creates a CERTOCSPRequest, requesting the status of the certs in
+ * the given list.
+ * INPUTS:
+ * CERTCertList *certList
+ * A list of certs for which status will be requested.
+ * Note that all of these certificates should have the same issuer,
+ * or it's expected the response will be signed by a trusted responder.
+ * If the certs need to be broken up into multiple requests, that
+ * must be handled by the caller (and thus by having multiple calls
+ * to this routine), who knows about where the request(s) are being
+ * sent and whether there are any trusted responders in place.
+ * PRTime time
+ * Indicates the time for which the certificate status is to be
+ * determined -- this may be used in the search for the cert's issuer
+ * but has no effect on the request itself.
+ * PRBool addServiceLocator
+ * If true, the Service Locator extension should be added to the
+ * single request(s) for each cert.
+ * CERTCertificate *signerCert
+ * If non-NULL, means sign the request using this cert. Otherwise,
+ * do not sign.
+ * XXX note that request signing is not yet supported; see comment in code
+ * RETURN:
+ * A pointer to a CERTOCSPRequest structure containing an OCSP request
+ * for the cert list. On error, null is returned, with an error set
+ * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
+ * (The issuer is needed to create a request for the certificate.)
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+extern CERTOCSPRequest *
+CERT_CreateOCSPRequest(CERTCertList *certList, PRTime time,
+ PRBool addServiceLocator,
+ CERTCertificate *signerCert);
+
+/*
+ * FUNCTION: CERT_AddOCSPAcceptableResponses
+ * Add the AcceptableResponses extension to an OCSP Request.
+ * INPUTS:
+ * CERTOCSPRequest *request
+ * The request to which the extension should be added.
+ * SECOidTag responseType0, ...
+ * A list (of one or more) of SECOidTag -- each of the response types
+ * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
+ * (This marks the end of the list, and it must be specified because a
+ * client conforming to the OCSP standard is required to handle the basic
+ * response type.) The OIDs are not checked in any way.
+ * RETURN:
+ * SECSuccess if the extension is added; SECFailure if anything goes wrong.
+ * All errors are internal or low-level problems (e.g. no memory).
+ */
+extern SECStatus
+CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
+ SECOidTag responseType0, ...);
+
+/*
+ * FUNCTION: CERT_EncodeOCSPRequest
+ * DER encodes an OCSP Request, possibly adding a signature as well.
+ * XXX Signing is not yet supported, however; see comments in code.
+ * INPUTS:
+ * PLArenaPool *arena
+ * The return value is allocated from here.
+ * If a NULL is passed in, allocation is done from the heap instead.
+ * CERTOCSPRequest *request
+ * The request to be encoded.
+ * void *pwArg
+ * Pointer to argument for password prompting, if needed. (Definitely
+ * not needed if not signing.)
+ * RETURN:
+ * Returns a NULL on error and a pointer to the SECItem with the
+ * encoded value otherwise. Any error is likely to be low-level
+ * (e.g. no memory).
+ */
+extern SECItem *
+CERT_EncodeOCSPRequest(PLArenaPool *arena, CERTOCSPRequest *request,
+ void *pwArg);
+
+/*
+ * FUNCTION: CERT_DecodeOCSPRequest
+ * Decode a DER encoded OCSP Request.
+ * INPUTS:
+ * SECItem *src
+ * Pointer to a SECItem holding DER encoded OCSP Request.
+ * RETURN:
+ * Returns a pointer to a CERTOCSPRequest containing the decoded request.
+ * On error, returns NULL. Most likely error is trouble decoding
+ * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
+ */
+extern CERTOCSPRequest *
+CERT_DecodeOCSPRequest(const SECItem *src);
+
+/*
+ * FUNCTION: CERT_DestroyOCSPRequest
+ * Frees an OCSP Request structure.
+ * INPUTS:
+ * CERTOCSPRequest *request
+ * Pointer to CERTOCSPRequest to be freed.
+ * RETURN:
+ * No return value; no errors.
+ */
+extern void
+CERT_DestroyOCSPRequest(CERTOCSPRequest *request);
+
+/*
+ * FUNCTION: CERT_DecodeOCSPResponse
+ * Decode a DER encoded OCSP Response.
+ * INPUTS:
+ * SECItem *src
+ * Pointer to a SECItem holding DER encoded OCSP Response.
+ * RETURN:
+ * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
+ * the caller is responsible for destroying it. Or NULL if error (either
+ * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
+ * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
+ * or a low-level or internal error occurred).
+ */
+extern CERTOCSPResponse *
+CERT_DecodeOCSPResponse(const SECItem *src);
+
+/*
+ * FUNCTION: CERT_DestroyOCSPResponse
+ * Frees an OCSP Response structure.
+ * INPUTS:
+ * CERTOCSPResponse *request
+ * Pointer to CERTOCSPResponse to be freed.
+ * RETURN:
+ * No return value; no errors.
+ */
+extern void
+CERT_DestroyOCSPResponse(CERTOCSPResponse *response);
+
+/*
+ * FUNCTION: CERT_GetEncodedOCSPResponse
+ * Creates and sends a request to an OCSP responder, then reads and
+ * returns the (encoded) response.
+ * INPUTS:
+ * PLArenaPool *arena
+ * Pointer to arena from which return value will be allocated.
+ * If NULL, result will be allocated from the heap (and thus should
+ * be freed via SECITEM_FreeItem).
+ * CERTCertList *certList
+ * A list of certs for which status will be requested.
+ * Note that all of these certificates should have the same issuer,
+ * or it's expected the response will be signed by a trusted responder.
+ * If the certs need to be broken up into multiple requests, that
+ * must be handled by the caller (and thus by having multiple calls
+ * to this routine), who knows about where the request(s) are being
+ * sent and whether there are any trusted responders in place.
+ * const char *location
+ * The location of the OCSP responder (a URL).
+ * PRTime time
+ * Indicates the time for which the certificate status is to be
+ * determined -- this may be used in the search for the cert's issuer
+ * but has no other bearing on the operation.
+ * PRBool addServiceLocator
+ * If true, the Service Locator extension should be added to the
+ * single request(s) for each cert.
+ * CERTCertificate *signerCert
+ * If non-NULL, means sign the request using this cert. Otherwise,
+ * do not sign.
+ * void *pwArg
+ * Pointer to argument for password prompting, if needed. (Definitely
+ * not needed if not signing.)
+ * OUTPUTS:
+ * CERTOCSPRequest **pRequest
+ * Pointer in which to store the OCSP request created for the given
+ * list of certificates. It is only filled in if the entire operation
+ * is successful and the pointer is not null -- and in that case the
+ * caller is then reponsible for destroying it.
+ * RETURN:
+ * Returns a pointer to the SECItem holding the response.
+ * On error, returns null with error set describing the reason:
+ * SEC_ERROR_UNKNOWN_ISSUER
+ * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
+ * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+extern SECItem *
+CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
+ const char *location, PRTime time,
+ PRBool addServiceLocator,
+ CERTCertificate *signerCert, void *pwArg,
+ CERTOCSPRequest **pRequest);
+
+/*
+ * FUNCTION: CERT_VerifyOCSPResponseSignature
+ * Check the signature on an OCSP Response. Will also perform a
+ * verification of the signer's certificate. Note, however, that a
+ * successful verification does not make any statement about the
+ * signer's *authority* to provide status for the certificate(s),
+ * that must be checked individually for each certificate.
+ * INPUTS:
+ * CERTOCSPResponse *response
+ * Pointer to response structure with signature to be checked.
+ * CERTCertDBHandle *handle
+ * Pointer to CERTCertDBHandle for certificate DB to use for verification.
+ * void *pwArg
+ * Pointer to argument for password prompting, if needed.
+ * CERTCertificate *issuerCert
+ * Issuer of the certificate that generated the OCSP request.
+ * OUTPUTS:
+ * CERTCertificate **pSignerCert
+ * Pointer in which to store signer's certificate; only filled-in if
+ * non-null.
+ * RETURN:
+ * Returns SECSuccess when signature is valid, anything else means invalid.
+ * Possible errors set:
+ * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
+ * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
+ * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
+ * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
+ * Other errors are any of the many possible failures in cert verification
+ * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
+ * verifying the signer's cert, or low-level problems (no memory, etc.)
+ */
+extern SECStatus
+CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
+ CERTCertDBHandle *handle, void *pwArg,
+ CERTCertificate **pSignerCert,
+ CERTCertificate *issuerCert);
+
+/*
+ * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
+ * Get the value of the URI of the OCSP responder for the given cert.
+ * This is found in the (optional) Authority Information Access extension
+ * in the cert.
+ * INPUTS:
+ * CERTCertificate *cert
+ * The certificate being examined.
+ * RETURN:
+ * char *
+ * A copy of the URI for the OCSP method, if found. If either the
+ * extension is not present or it does not contain an entry for OCSP,
+ * SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
+ * Any other error will also result in a NULL being returned.
+ *
+ * This result should be freed (via PORT_Free) when no longer in use.
+ */
+extern char *
+CERT_GetOCSPAuthorityInfoAccessLocation(const CERTCertificate *cert);
+
+/*
+ * FUNCTION: CERT_RegisterAlternateOCSPAIAInfoCallBack
+ * This function serves two purposes.
+ * 1) It registers the address of a callback function that will be
+ * called for certs that have no OCSP AIA extension, to see if the
+ * callback wishes to supply an alternative URL for such an OCSP inquiry.
+ * 2) It outputs the previously registered function's address to the
+ * address supplied by the caller, unless that is NULL.
+ * The registered callback function returns NULL, or an allocated string
+ * that may be subsequently freed by calling PORT_Free().
+ * RETURN:
+ * SECSuccess or SECFailure (if the library is not yet intialized)
+ */
+extern SECStatus
+CERT_RegisterAlternateOCSPAIAInfoCallBack(
+ CERT_StringFromCertFcn newCallback,
+ CERT_StringFromCertFcn *oldCallback);
+
+/*
+ * FUNCTION: CERT_ParseURL
+ * Parse a URI into hostname, port, and path. The scheme in the URI must
+ * be "http".
+ * INPUTS:
+ * const char *url
+ * The URI to be parsed
+ * OUTPUTS:
+ * char **pHostname
+ * Pointer to store the hostname obtained from the URI.
+ * This result should be freed (via PORT_Free) when no longer in use.
+ * PRUint16 *pPort
+ * Pointer to store the port number obtained from the URI.
+ * char **pPath
+ * Pointer to store the path obtained from the URI.
+ * This result should be freed (via PORT_Free) when no longer in use.
+ * RETURN:
+ * Returns SECSuccess when parsing was successful. Returns SECFailure when
+ * problems were encountered.
+ */
+extern SECStatus
+CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath);
+
+/*
+ * FUNCTION: CERT_CheckOCSPStatus
+ * Checks the status of a certificate via OCSP. Will only check status for
+ * a certificate that has an AIA (Authority Information Access) extension
+ * for OCSP *or* when a "default responder" is specified and enabled.
+ * (If no AIA extension for OCSP and no default responder in place, the
+ * cert is considered to have a good status and SECSuccess is returned.)
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTCertificate *cert
+ * the certificate being checked
+ * XXX in the long term also need a boolean parameter that specifies
+ * whether to check the cert chain, as well; for now we check only
+ * the leaf (the specified certificate)
+ * PRTime time
+ * time for which status is to be determined
+ * void *pwArg
+ * argument for password prompting, if needed
+ * RETURN:
+ * Returns SECSuccess if an approved OCSP responder "knows" the cert
+ * *and* returns a non-revoked status for it; SECFailure otherwise,
+ * with an error set describing the reason:
+ *
+ * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
+ * SEC_ERROR_OCSP_FUTURE_RESPONSE
+ * SEC_ERROR_OCSP_MALFORMED_REQUEST
+ * SEC_ERROR_OCSP_MALFORMED_RESPONSE
+ * SEC_ERROR_OCSP_OLD_RESPONSE
+ * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
+ * SEC_ERROR_OCSP_SERVER_ERROR
+ * SEC_ERROR_OCSP_TRY_SERVER_LATER
+ * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
+ * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
+ * SEC_ERROR_OCSP_UNKNOWN_CERT
+ * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
+ * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
+ *
+ * SEC_ERROR_BAD_SIGNATURE
+ * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
+ * SEC_ERROR_INVALID_TIME
+ * SEC_ERROR_REVOKED_CERTIFICATE
+ * SEC_ERROR_UNKNOWN_ISSUER
+ * SEC_ERROR_UNKNOWN_SIGNER
+ *
+ * Other errors are any of the many possible failures in cert verification
+ * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
+ * verifying the signer's cert, or low-level problems (error allocating
+ * memory, error performing ASN.1 decoding, etc.).
+ */
+extern SECStatus
+CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
+ PRTime time, void *pwArg);
+
+/*
+ * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+ * First, this function checks the OCSP cache to see if a good response
+ * for the given certificate already exists. If it does, then the function
+ * returns successfully.
+ *
+ * If not, then it validates that the given OCSP response is a valid,
+ * good response for the given certificate and inserts it into the
+ * cache.
+ *
+ * This function is intended for use when OCSP responses are provided via a
+ * side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
+ *
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTCertificate *cert
+ * the certificate being checked
+ * PRTime time
+ * time for which status is to be determined
+ * SECItem *encodedResponse
+ * the DER encoded bytes of the OCSP response
+ * void *pwArg
+ * argument for password prompting, if needed
+ * RETURN:
+ * SECSuccess if the cert was found in the cache, or if the OCSP response was
+ * found to be valid and inserted into the cache. SECFailure otherwise.
+ */
+extern SECStatus
+CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRTime time,
+ const SECItem *encodedResponse,
+ void *pwArg);
+
+/*
+ * FUNCTION: CERT_GetOCSPStatusForCertID
+ * Returns the OCSP status contained in the passed in parameter response
+ * that corresponds to the certID passed in.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTOCSPResponse *response
+ * the OCSP response we want to retrieve status from.
+ * CERTOCSPCertID *certID
+ * the ID we want to look for from the response.
+ * CERTCertificate *signerCert
+ * the certificate that was used to sign the OCSP response.
+ * must be obtained via a call to CERT_VerifyOCSPResponseSignature.
+ * PRTime time
+ * The time at which we're checking the status for.
+ * RETURN:
+ * Return values are the same as those for CERT_CheckOCSPStatus
+ */
+extern SECStatus
+CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
+ CERTOCSPResponse *response,
+ CERTOCSPCertID *certID,
+ CERTCertificate *signerCert,
+ PRTime time);
+
+/*
+ * FUNCTION CERT_GetOCSPResponseStatus
+ * Returns the response status for the response passed.
+ * INPUTS:
+ * CERTOCSPResponse *response
+ * The response to query for status
+ * RETURN:
+ * Returns SECSuccess if the response has a successful status value.
+ * Otherwise it returns SECFailure and sets one of the following error
+ * codes via PORT_SetError
+ * SEC_ERROR_OCSP_MALFORMED_REQUEST
+ * SEC_ERROR_OCSP_SERVER_ERROR
+ * SEC_ERROR_OCSP_TRY_SERVER_LATER
+ * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
+ * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
+ * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
+ */
+extern SECStatus
+CERT_GetOCSPResponseStatus(CERTOCSPResponse *response);
+
+/*
+ * FUNCTION CERT_CreateOCSPCertID
+ * Returns the OCSP certID for the certificate passed in.
+ * INPUTS:
+ * CERTCertificate *cert
+ * The certificate for which to create the certID for.
+ * PRTime time
+ * The time at which the id is requested for. This is used
+ * to determine the appropriate issuer for the cert since
+ * the issuing CA may be an older expired certificate.
+ * RETURN:
+ * A new copy of a CERTOCSPCertID*. The memory for this certID
+ * should be freed by calling CERT_DestroyOCSPCertID when the
+ * certID is no longer necessary.
+ */
+extern CERTOCSPCertID *
+CERT_CreateOCSPCertID(CERTCertificate *cert, PRTime time);
+
+/*
+ * FUNCTION: CERT_DestroyOCSPCertID
+ * Frees the memory associated with the certID passed in.
+ * INPUTS:
+ * CERTOCSPCertID* certID
+ * The certID that the caller no longer needs and wants to
+ * free the associated memory.
+ * RETURN:
+ * SECSuccess if freeing the memory was successful. Returns
+ * SECFailure if the memory passed in was not allocated with
+ * a call to CERT_CreateOCSPCertID.
+ */
+extern SECStatus
+CERT_DestroyOCSPCertID(CERTOCSPCertID *certID);
+
+extern CERTOCSPSingleResponse *
+CERT_CreateOCSPSingleResponseGood(PLArenaPool *arena,
+ CERTOCSPCertID *id,
+ PRTime thisUpdate,
+ const PRTime *nextUpdate);
+
+extern CERTOCSPSingleResponse *
+CERT_CreateOCSPSingleResponseUnknown(PLArenaPool *arena,
+ CERTOCSPCertID *id,
+ PRTime thisUpdate,
+ const PRTime *nextUpdate);
+
+extern CERTOCSPSingleResponse *
+CERT_CreateOCSPSingleResponseRevoked(
+ PLArenaPool *arena,
+ CERTOCSPCertID *id,
+ PRTime thisUpdate,
+ const PRTime *nextUpdate,
+ PRTime revocationTime,
+ const CERTCRLEntryReasonCode *revocationReason);
+
+extern SECItem *
+CERT_CreateEncodedOCSPSuccessResponse(
+ PLArenaPool *arena,
+ CERTCertificate *responderCert,
+ CERTOCSPResponderIDType responderIDType,
+ PRTime producedAt,
+ CERTOCSPSingleResponse **responses,
+ void *wincx);
+
+/*
+ * FUNCTION: CERT_CreateEncodedOCSPErrorResponse
+ * Creates an encoded OCSP response with an error response status.
+ * INPUTS:
+ * PLArenaPool *arena
+ * The return value is allocated from here.
+ * If a NULL is passed in, allocation is done from the heap instead.
+ * int error
+ * An NSS error code indicating an error response status. The error
+ * code is mapped to an OCSP response status as follows:
+ * SEC_ERROR_OCSP_MALFORMED_REQUEST -> malformedRequest
+ * SEC_ERROR_OCSP_SERVER_ERROR -> internalError
+ * SEC_ERROR_OCSP_TRY_SERVER_LATER -> tryLater
+ * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG -> sigRequired
+ * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST -> unauthorized
+ * where the OCSP response status is an enumerated type defined in
+ * RFC 2560:
+ * OCSPResponseStatus ::= ENUMERATED {
+ * successful (0), --Response has valid confirmations
+ * malformedRequest (1), --Illegal confirmation request
+ * internalError (2), --Internal error in issuer
+ * tryLater (3), --Try again later
+ * --(4) is not used
+ * sigRequired (5), --Must sign the request
+ * unauthorized (6) --Request unauthorized
+ * }
+ * RETURN:
+ * Returns a pointer to the SECItem holding the response.
+ * On error, returns null with error set describing the reason:
+ * SEC_ERROR_INVALID_ARGS
+ * Other errors are low-level problems (no memory, bad database, etc.).
+ */
+extern SECItem *
+CERT_CreateEncodedOCSPErrorResponse(PLArenaPool *arena, int error);
+
+/* Sends an OCSP request using the HTTP POST method to the location addressed
+ * by the URL in |location| parameter. The request body will be
+ * |encodedRequest|, which must be a valid encoded OCSP request. On success,
+ * the server's response is returned and the caller must free it using
+ * SECITEM_FreeItem. On failure, NULL is returned. No parsing or validation of
+ * the HTTP response is done.
+ *
+ * If a default HTTP client has been registered with
+ * SEC_RegisterDefaultHttpClient then that client is used. Otherwise, an
+ * internal HTTP client is used.
+ */
+SECItem *CERT_PostOCSPRequest(PLArenaPool *arena, const char *location,
+ const SECItem *encodedRequest);
+
+/************************************************************************/
+SEC_END_PROTOS
+
+#endif /* _OCSP_H_ */
diff --git a/security/nss/lib/certhigh/ocspi.h b/security/nss/lib/certhigh/ocspi.h
new file mode 100644
index 000000000..c946d9f51
--- /dev/null
+++ b/security/nss/lib/certhigh/ocspi.h
@@ -0,0 +1,166 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * ocspi.h - NSS internal interfaces to OCSP code
+ */
+
+#ifndef _OCSPI_H_
+#define _OCSPI_H_
+
+SECStatus OCSP_InitGlobal(void);
+SECStatus OCSP_ShutdownGlobal(void);
+
+ocspResponseData *
+ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER);
+
+ocspSignature *
+ocsp_GetResponseSignature(CERTOCSPResponse *response);
+
+SECItem *
+ocsp_DigestValue(PLArenaPool *arena, SECOidTag digestAlg,
+ SECItem *fill, const SECItem *src);
+
+PRBool
+ocsp_CertIsOCSPDefaultResponder(CERTCertDBHandle *handle, CERTCertificate *cert);
+
+CERTCertificate *
+ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData,
+ ocspSignature *signature, CERTCertificate *issuer);
+
+SECStatus
+ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
+ ocspSignature *signature,
+ SECItem *tbsResponseDataDER,
+ void *pwArg);
+
+CERTOCSPRequest *
+cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
+ CERTCertificate *singleCert,
+ PRTime time,
+ PRBool addServiceLocator,
+ CERTCertificate *signerCert);
+
+typedef enum { ocspMissing,
+ ocspFresh,
+ ocspStale } OCSPFreshness;
+
+SECStatus
+ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID,
+ PRTime time,
+ PRBool ignoreOcspFailureMode,
+ SECStatus *rvOcsp,
+ SECErrorCodes *missingResponseError,
+ OCSPFreshness *freshness);
+
+/*
+ * FUNCTION: cert_ProcessOCSPResponse
+ * Same behavior and basic parameters as CERT_GetOCSPStatusForCertID.
+ * In addition it can update the OCSP cache (using information
+ * available internally to this function).
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTOCSPResponse *response
+ * the OCSP response we want to retrieve status from.
+ * CERTOCSPCertID *certID
+ * the ID we want to look for from the response.
+ * CERTCertificate *signerCert
+ * the certificate that was used to sign the OCSP response.
+ * must be obtained via a call to CERT_VerifyOCSPResponseSignature.
+ * PRTime time
+ * The time at which we're checking the status for.
+ * PRBool *certIDWasConsumed
+ * In and Out parameter.
+ * If certIDWasConsumed is NULL on input,
+ * this function might produce a deep copy of cert ID
+ * for storing it in the cache.
+ * If out value is true, ownership of parameter certID was
+ * transferred to the OCSP cache.
+ * SECStatus *cacheUpdateStatus
+ * This optional out parameter will contain the result
+ * of the cache update operation (if requested).
+ * RETURN:
+ * The return value is not influenced by the cache operation,
+ * it matches the documentation for CERT_CheckOCSPStatus
+ */
+
+SECStatus
+cert_ProcessOCSPResponse(CERTCertDBHandle *handle,
+ CERTOCSPResponse *response,
+ CERTOCSPCertID *certID,
+ CERTCertificate *signerCert,
+ PRTime time,
+ PRBool *certIDWasConsumed,
+ SECStatus *cacheUpdateStatus);
+
+/*
+ * FUNCTION: cert_RememberOCSPProcessingFailure
+ * If an application notices a failure during OCSP processing,
+ * it should finally call this function. The failure will be recorded
+ * in the OCSP cache in order to avoid repetitive failures.
+ * INPUTS:
+ * CERTOCSPCertID *certID
+ * the ID that was used for the failed OCSP processing
+ * PRBool *certIDWasConsumed
+ * Out parameter, if set to true, ownership of parameter certID was
+ * transferred to the OCSP cache.
+ * RETURN:
+ * Status of the cache update operation.
+ */
+
+SECStatus
+cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID,
+ PRBool *certIDWasConsumed);
+
+/*
+ * FUNCTION: ocsp_GetResponderLocation
+ * Check ocspx context for user-designated responder URI first. If not
+ * found, checks cert AIA extension.
+ * INPUTS:
+ * CERTCertDBHandle *handle
+ * certificate DB of the cert that is being checked
+ * CERTCertificate *cert
+ * The certificate being examined.
+ * PRBool *certIDWasConsumed
+ * Out parameter, if set to true, URI of default responder is
+ * returned.
+ * RETURN:
+ * Responder URI.
+ */
+char *
+ocsp_GetResponderLocation(CERTCertDBHandle *handle,
+ CERTCertificate *cert,
+ PRBool canUseDefaultLocation,
+ PRBool *isDefault);
+
+/* FUNCTION: ocsp_FetchingFailureIsVerificationFailure
+ * The function checks the global ocsp settings and
+ * tells how to treat an ocsp response fetching failure.
+ * RETURNS:
+ * if PR_TRUE is returned, then treat fetching as a
+ * revoked cert status.
+ */
+PRBool
+ocsp_FetchingFailureIsVerificationFailure(void);
+
+size_t
+ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf);
+
+SECStatus
+ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle,
+ CERTOCSPResponse *response,
+ CERTOCSPCertID *certID,
+ CERTCertificate *signerCert,
+ PRTime time,
+ CERTOCSPSingleResponse **pSingleResponse);
+
+SECStatus
+ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time);
+
+void
+ocsp_CacheSingleResponse(CERTOCSPCertID *certID,
+ CERTOCSPSingleResponse *single,
+ PRBool *certIDWasConsumed);
+
+#endif /* _OCSPI_H_ */
diff --git a/security/nss/lib/certhigh/ocspsig.c b/security/nss/lib/certhigh/ocspsig.c
new file mode 100644
index 000000000..94606baf5
--- /dev/null
+++ b/security/nss/lib/certhigh/ocspsig.c
@@ -0,0 +1,597 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secitem.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "cert.h"
+#include "secerr.h"
+#include "secoid.h"
+#include "sechash.h"
+#include "keyhi.h"
+#include "cryptohi.h"
+#include "ocsp.h"
+#include "ocspti.h"
+#include "ocspi.h"
+#include "pk11pub.h"
+
+extern const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[];
+extern const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[];
+extern const SEC_ASN1Template ocsp_OCSPResponseTemplate[];
+
+ocspCertStatus *
+ocsp_CreateCertStatus(PLArenaPool *arena,
+ ocspCertStatusType status,
+ PRTime revocationTime)
+{
+ ocspCertStatus *cs;
+
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ switch (status) {
+ case ocspCertStatus_good:
+ case ocspCertStatus_unknown:
+ case ocspCertStatus_revoked:
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ cs = PORT_ArenaZNew(arena, ocspCertStatus);
+ if (!cs)
+ return NULL;
+ cs->certStatusType = status;
+ switch (status) {
+ case ocspCertStatus_good:
+ cs->certStatusInfo.goodInfo = SECITEM_AllocItem(arena, NULL, 0);
+ if (!cs->certStatusInfo.goodInfo)
+ return NULL;
+ break;
+ case ocspCertStatus_unknown:
+ cs->certStatusInfo.unknownInfo = SECITEM_AllocItem(arena, NULL, 0);
+ if (!cs->certStatusInfo.unknownInfo)
+ return NULL;
+ break;
+ case ocspCertStatus_revoked:
+ cs->certStatusInfo.revokedInfo =
+ PORT_ArenaZNew(arena, ocspRevokedInfo);
+ if (!cs->certStatusInfo.revokedInfo)
+ return NULL;
+ cs->certStatusInfo.revokedInfo->revocationReason =
+ SECITEM_AllocItem(arena, NULL, 0);
+ if (!cs->certStatusInfo.revokedInfo->revocationReason)
+ return NULL;
+ if (DER_TimeToGeneralizedTimeArena(arena,
+ &cs->certStatusInfo.revokedInfo->revocationTime,
+ revocationTime) !=
+ SECSuccess)
+ return NULL;
+ break;
+ default:
+ PORT_Assert(PR_FALSE);
+ }
+ return cs;
+}
+
+static const SEC_ASN1Template mySEC_EnumeratedTemplate[] = {
+ { SEC_ASN1_ENUMERATED, 0, NULL, sizeof(SECItem) }
+};
+
+static const SEC_ASN1Template mySEC_PointerToEnumeratedTemplate[] = {
+ { SEC_ASN1_POINTER, 0, mySEC_EnumeratedTemplate }
+};
+
+static const SEC_ASN1Template ocsp_EncodeRevokedInfoTemplate[] = {
+ { SEC_ASN1_GENERALIZED_TIME,
+ offsetof(ocspRevokedInfo, revocationTime) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(ocspRevokedInfo, revocationReason),
+ mySEC_PointerToEnumeratedTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template ocsp_PointerToEncodeRevokedInfoTemplate[] = {
+ { SEC_ASN1_POINTER, 0,
+ ocsp_EncodeRevokedInfoTemplate }
+};
+
+static const SEC_ASN1Template mySEC_NullTemplate[] = {
+ { SEC_ASN1_NULL, 0, NULL, sizeof(SECItem) }
+};
+
+static const SEC_ASN1Template ocsp_CertStatusTemplate[] = {
+ { SEC_ASN1_CHOICE, offsetof(ocspCertStatus, certStatusType),
+ 0, sizeof(ocspCertStatus) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ 0, mySEC_NullTemplate, ocspCertStatus_good },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
+ ocsp_PointerToEncodeRevokedInfoTemplate, ocspCertStatus_revoked },
+ { SEC_ASN1_CONTEXT_SPECIFIC | 2,
+ 0, mySEC_NullTemplate, ocspCertStatus_unknown },
+ { 0 }
+};
+
+static const SEC_ASN1Template mySECOID_AlgorithmIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SECAlgorithmID) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SECAlgorithmID, algorithm) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+ offsetof(SECAlgorithmID, parameters) },
+ { 0 }
+};
+
+static const SEC_ASN1Template mySEC_AnyTemplate[] = {
+ { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+static const SEC_ASN1Template mySEC_SequenceOfAnyTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, mySEC_AnyTemplate }
+};
+
+static const SEC_ASN1Template mySEC_PointerToSequenceOfAnyTemplate[] = {
+ { SEC_ASN1_POINTER, 0, mySEC_SequenceOfAnyTemplate }
+};
+
+static const SEC_ASN1Template mySEC_IntegerTemplate[] = {
+ { SEC_ASN1_INTEGER, 0, NULL, sizeof(SECItem) }
+};
+
+static const SEC_ASN1Template mySEC_PointerToIntegerTemplate[] = {
+ { SEC_ASN1_POINTER, 0, mySEC_IntegerTemplate }
+};
+
+static const SEC_ASN1Template mySEC_GeneralizedTimeTemplate[] = {
+ { SEC_ASN1_GENERALIZED_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+static const SEC_ASN1Template mySEC_PointerToGeneralizedTimeTemplate[] = {
+ { SEC_ASN1_POINTER, 0, mySEC_GeneralizedTimeTemplate }
+};
+
+static const SEC_ASN1Template ocsp_myCertIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPCertID) },
+ { SEC_ASN1_INLINE,
+ offsetof(CERTOCSPCertID, hashAlgorithm),
+ mySECOID_AlgorithmIDTemplate },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(CERTOCSPCertID, issuerNameHash) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(CERTOCSPCertID, issuerKeyHash) },
+ { SEC_ASN1_INTEGER,
+ offsetof(CERTOCSPCertID, serialNumber) },
+ { 0 }
+};
+
+static const SEC_ASN1Template myCERT_CertExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTCertExtension) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(CERTCertExtension, id) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
+ offsetof(CERTCertExtension, critical) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(CERTCertExtension, value) },
+ { 0 }
+};
+
+static const SEC_ASN1Template myCERT_SequenceOfCertExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, myCERT_CertExtensionTemplate }
+};
+
+static const SEC_ASN1Template myCERT_PointerToSequenceOfCertExtensionTemplate[] = {
+ { SEC_ASN1_POINTER, 0, myCERT_SequenceOfCertExtensionTemplate }
+};
+
+static const SEC_ASN1Template ocsp_mySingleResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPSingleResponse) },
+ { SEC_ASN1_POINTER,
+ offsetof(CERTOCSPSingleResponse, certID),
+ ocsp_myCertIDTemplate },
+ { SEC_ASN1_ANY,
+ offsetof(CERTOCSPSingleResponse, derCertStatus) },
+ { SEC_ASN1_GENERALIZED_TIME,
+ offsetof(CERTOCSPSingleResponse, thisUpdate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(CERTOCSPSingleResponse, nextUpdate),
+ mySEC_PointerToGeneralizedTimeTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(CERTOCSPSingleResponse, singleExtensions),
+ myCERT_PointerToSequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template ocsp_myResponseDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspResponseData) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(ocspResponseData, version),
+ mySEC_PointerToIntegerTemplate },
+ { SEC_ASN1_ANY,
+ offsetof(ocspResponseData, derResponderID) },
+ { SEC_ASN1_GENERALIZED_TIME,
+ offsetof(ocspResponseData, producedAt) },
+ { SEC_ASN1_SEQUENCE_OF,
+ offsetof(ocspResponseData, responses),
+ ocsp_mySingleResponseTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(ocspResponseData, responseExtensions),
+ myCERT_PointerToSequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template ocsp_EncodeBasicOCSPResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ocspBasicOCSPResponse) },
+ { SEC_ASN1_POINTER,
+ offsetof(ocspBasicOCSPResponse, tbsResponseData),
+ ocsp_myResponseDataTemplate },
+ { SEC_ASN1_INLINE,
+ offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
+ mySECOID_AlgorithmIDTemplate },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
+ mySEC_PointerToSequenceOfAnyTemplate },
+ { 0 }
+};
+
+static CERTOCSPSingleResponse *
+ocsp_CreateSingleResponse(PLArenaPool *arena,
+ CERTOCSPCertID *id, ocspCertStatus *status,
+ PRTime thisUpdate, const PRTime *nextUpdate)
+{
+ CERTOCSPSingleResponse *sr;
+
+ if (!arena || !id || !status) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ sr = PORT_ArenaZNew(arena, CERTOCSPSingleResponse);
+ if (!sr)
+ return NULL;
+ sr->arena = arena;
+ sr->certID = id;
+ sr->certStatus = status;
+ if (DER_TimeToGeneralizedTimeArena(arena, &sr->thisUpdate, thisUpdate) !=
+ SECSuccess)
+ return NULL;
+ sr->nextUpdate = NULL;
+ if (nextUpdate) {
+ sr->nextUpdate = SECITEM_AllocItem(arena, NULL, 0);
+ if (!sr->nextUpdate)
+ return NULL;
+ if (DER_TimeToGeneralizedTimeArena(arena, sr->nextUpdate, *nextUpdate) !=
+ SECSuccess)
+ return NULL;
+ }
+
+ sr->singleExtensions = PORT_ArenaNewArray(arena, CERTCertExtension *, 1);
+ if (!sr->singleExtensions)
+ return NULL;
+
+ sr->singleExtensions[0] = NULL;
+
+ if (!SEC_ASN1EncodeItem(arena, &sr->derCertStatus,
+ status, ocsp_CertStatusTemplate))
+ return NULL;
+
+ return sr;
+}
+
+CERTOCSPSingleResponse *
+CERT_CreateOCSPSingleResponseGood(PLArenaPool *arena,
+ CERTOCSPCertID *id,
+ PRTime thisUpdate,
+ const PRTime *nextUpdate)
+{
+ ocspCertStatus *cs;
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ cs = ocsp_CreateCertStatus(arena, ocspCertStatus_good, 0);
+ if (!cs)
+ return NULL;
+ return ocsp_CreateSingleResponse(arena, id, cs, thisUpdate, nextUpdate);
+}
+
+CERTOCSPSingleResponse *
+CERT_CreateOCSPSingleResponseUnknown(PLArenaPool *arena,
+ CERTOCSPCertID *id,
+ PRTime thisUpdate,
+ const PRTime *nextUpdate)
+{
+ ocspCertStatus *cs;
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ cs = ocsp_CreateCertStatus(arena, ocspCertStatus_unknown, 0);
+ if (!cs)
+ return NULL;
+ return ocsp_CreateSingleResponse(arena, id, cs, thisUpdate, nextUpdate);
+}
+
+CERTOCSPSingleResponse *
+CERT_CreateOCSPSingleResponseRevoked(
+ PLArenaPool *arena,
+ CERTOCSPCertID *id,
+ PRTime thisUpdate,
+ const PRTime *nextUpdate,
+ PRTime revocationTime,
+ const CERTCRLEntryReasonCode *revocationReason)
+{
+ ocspCertStatus *cs;
+ /* revocationReason is not yet supported, so it must be NULL. */
+ if (!arena || revocationReason) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ cs = ocsp_CreateCertStatus(arena, ocspCertStatus_revoked, revocationTime);
+ if (!cs)
+ return NULL;
+ return ocsp_CreateSingleResponse(arena, id, cs, thisUpdate, nextUpdate);
+}
+
+/* responderCert == 0 means:
+ * create a response with an invalid signature (for testing purposes) */
+SECItem *
+CERT_CreateEncodedOCSPSuccessResponse(
+ PLArenaPool *arena,
+ CERTCertificate *responderCert,
+ CERTOCSPResponderIDType responderIDType,
+ PRTime producedAt,
+ CERTOCSPSingleResponse **responses,
+ void *wincx)
+{
+ PLArenaPool *tmpArena;
+ ocspResponseData *rd = NULL;
+ ocspResponderID *rid = NULL;
+ const SEC_ASN1Template *responderIDTemplate = NULL;
+ ocspBasicOCSPResponse *br = NULL;
+ ocspResponseBytes *rb = NULL;
+ CERTOCSPResponse *response = NULL;
+
+ SECOidTag algID;
+ SECOidData *od = NULL;
+ SECKEYPrivateKey *privKey = NULL;
+ SECItem *result = NULL;
+
+ if (!arena || !responses) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ if (responderIDType != ocspResponderID_byName &&
+ responderIDType != ocspResponderID_byKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!tmpArena)
+ return NULL;
+
+ rd = PORT_ArenaZNew(tmpArena, ocspResponseData);
+ if (!rd)
+ goto done;
+ rid = PORT_ArenaZNew(tmpArena, ocspResponderID);
+ if (!rid)
+ goto done;
+ br = PORT_ArenaZNew(tmpArena, ocspBasicOCSPResponse);
+ if (!br)
+ goto done;
+ rb = PORT_ArenaZNew(tmpArena, ocspResponseBytes);
+ if (!rb)
+ goto done;
+ response = PORT_ArenaZNew(tmpArena, CERTOCSPResponse);
+ if (!response)
+ goto done;
+
+ rd->version.data = NULL;
+ rd->version.len = 0;
+ rd->responseExtensions = NULL;
+ rd->responses = responses;
+ if (DER_TimeToGeneralizedTimeArena(tmpArena, &rd->producedAt, producedAt) !=
+ SECSuccess)
+ goto done;
+
+ if (!responderCert) {
+ /* use invalid signature for testing purposes */
+ unsigned char dummyChar = 'd';
+ SECItem dummy;
+
+ dummy.len = 1;
+ dummy.data = &dummyChar;
+
+ /* it's easier to produdce a keyHash out of nowhere,
+ * than to produce an encoded subject,
+ * so for our dummy response we always use byKey
+ */
+
+ rid->responderIDType = ocspResponderID_byKey;
+ if (!ocsp_DigestValue(tmpArena, SEC_OID_SHA1, &rid->responderIDValue.keyHash,
+ &dummy))
+ goto done;
+
+ if (!SEC_ASN1EncodeItem(tmpArena, &rd->derResponderID, rid,
+ ocsp_ResponderIDByKeyTemplate))
+ goto done;
+
+ br->tbsResponseData = rd;
+
+ if (!SEC_ASN1EncodeItem(tmpArena, &br->tbsResponseDataDER, br->tbsResponseData,
+ ocsp_myResponseDataTemplate))
+ goto done;
+
+ br->responseSignature.derCerts = PORT_ArenaNewArray(tmpArena, SECItem *, 1);
+ if (!br->responseSignature.derCerts)
+ goto done;
+ br->responseSignature.derCerts[0] = NULL;
+
+ algID = SEC_GetSignatureAlgorithmOidTag(rsaKey, SEC_OID_SHA1);
+ if (algID == SEC_OID_UNKNOWN)
+ goto done;
+
+ /* match the regular signature code, which doesn't use the arena */
+ if (!SECITEM_AllocItem(NULL, &br->responseSignature.signature, 1))
+ goto done;
+ PORT_Memcpy(br->responseSignature.signature.data, &dummyChar, 1);
+
+ /* convert len-in-bytes to len-in-bits */
+ br->responseSignature.signature.len = br->responseSignature.signature.len << 3;
+ } else {
+ rid->responderIDType = responderIDType;
+ if (responderIDType == ocspResponderID_byName) {
+ responderIDTemplate = ocsp_ResponderIDByNameTemplate;
+ if (CERT_CopyName(tmpArena, &rid->responderIDValue.name,
+ &responderCert->subject) != SECSuccess)
+ goto done;
+ } else {
+ responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
+ if (!CERT_GetSubjectPublicKeyDigest(tmpArena, responderCert,
+ SEC_OID_SHA1, &rid->responderIDValue.keyHash))
+ goto done;
+ }
+
+ if (!SEC_ASN1EncodeItem(tmpArena, &rd->derResponderID, rid,
+ responderIDTemplate))
+ goto done;
+
+ br->tbsResponseData = rd;
+
+ if (!SEC_ASN1EncodeItem(tmpArena, &br->tbsResponseDataDER, br->tbsResponseData,
+ ocsp_myResponseDataTemplate))
+ goto done;
+
+ br->responseSignature.derCerts = PORT_ArenaNewArray(tmpArena, SECItem *, 1);
+ if (!br->responseSignature.derCerts)
+ goto done;
+ br->responseSignature.derCerts[0] = NULL;
+
+ privKey = PK11_FindKeyByAnyCert(responderCert, wincx);
+ if (!privKey)
+ goto done;
+
+ algID = SEC_GetSignatureAlgorithmOidTag(privKey->keyType, SEC_OID_SHA1);
+ if (algID == SEC_OID_UNKNOWN)
+ goto done;
+
+ if (SEC_SignData(&br->responseSignature.signature,
+ br->tbsResponseDataDER.data, br->tbsResponseDataDER.len,
+ privKey, algID) !=
+ SECSuccess)
+ goto done;
+
+ /* convert len-in-bytes to len-in-bits */
+ br->responseSignature.signature.len = br->responseSignature.signature.len << 3;
+
+ /* br->responseSignature.signature wasn't allocated from arena,
+ * we must free it when done. */
+ }
+
+ if (SECOID_SetAlgorithmID(tmpArena, &br->responseSignature.signatureAlgorithm, algID, 0) !=
+ SECSuccess)
+ goto done;
+
+ if (!SEC_ASN1EncodeItem(tmpArena, &rb->response, br,
+ ocsp_EncodeBasicOCSPResponseTemplate))
+ goto done;
+
+ rb->responseTypeTag = SEC_OID_PKIX_OCSP_BASIC_RESPONSE;
+
+ od = SECOID_FindOIDByTag(rb->responseTypeTag);
+ if (!od)
+ goto done;
+
+ rb->responseType = od->oid;
+ rb->decodedResponse.basic = br;
+
+ response->arena = tmpArena;
+ response->responseBytes = rb;
+ response->statusValue = ocspResponse_successful;
+
+ if (!SEC_ASN1EncodeInteger(tmpArena, &response->responseStatus,
+ response->statusValue))
+ goto done;
+
+ result = SEC_ASN1EncodeItem(arena, NULL, response, ocsp_OCSPResponseTemplate);
+
+done:
+ if (privKey)
+ SECKEY_DestroyPrivateKey(privKey);
+ if (br && br->responseSignature.signature.data)
+ SECITEM_FreeItem(&br->responseSignature.signature, PR_FALSE);
+ PORT_FreeArena(tmpArena, PR_FALSE);
+
+ return result;
+}
+
+static const SEC_ASN1Template ocsp_OCSPErrorResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTOCSPResponse) },
+ { SEC_ASN1_ENUMERATED,
+ offsetof(CERTOCSPResponse, responseStatus) },
+ { 0, 0,
+ mySEC_NullTemplate },
+ { 0 }
+};
+
+SECItem *
+CERT_CreateEncodedOCSPErrorResponse(PLArenaPool *arena, int error)
+{
+ CERTOCSPResponse response;
+ SECItem *result = NULL;
+
+ switch (error) {
+ case SEC_ERROR_OCSP_MALFORMED_REQUEST:
+ response.statusValue = ocspResponse_malformedRequest;
+ break;
+ case SEC_ERROR_OCSP_SERVER_ERROR:
+ response.statusValue = ocspResponse_internalError;
+ break;
+ case SEC_ERROR_OCSP_TRY_SERVER_LATER:
+ response.statusValue = ocspResponse_tryLater;
+ break;
+ case SEC_ERROR_OCSP_REQUEST_NEEDS_SIG:
+ response.statusValue = ocspResponse_sigRequired;
+ break;
+ case SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST:
+ response.statusValue = ocspResponse_unauthorized;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (!SEC_ASN1EncodeInteger(NULL, &response.responseStatus,
+ response.statusValue))
+ return NULL;
+
+ result = SEC_ASN1EncodeItem(arena, NULL, &response,
+ ocsp_OCSPErrorResponseTemplate);
+
+ SECITEM_FreeItem(&response.responseStatus, PR_FALSE);
+
+ return result;
+}
diff --git a/security/nss/lib/certhigh/ocspt.h b/security/nss/lib/certhigh/ocspt.h
new file mode 100644
index 000000000..db429ff05
--- /dev/null
+++ b/security/nss/lib/certhigh/ocspt.h
@@ -0,0 +1,301 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Public header for exported OCSP types.
+ */
+
+#ifndef _OCSPT_H_
+#define _OCSPT_H_
+
+/*
+ * The following are all opaque types. If someone needs to get at
+ * a field within, then we need to fix the API. Try very hard not
+ * make the type available to them.
+ */
+typedef struct CERTOCSPRequestStr CERTOCSPRequest;
+typedef struct CERTOCSPResponseStr CERTOCSPResponse;
+
+/*
+ * XXX I think only those first two above should need to be exported,
+ * but until I know for certain I am leaving the rest of these here, too.
+ */
+typedef struct CERTOCSPCertIDStr CERTOCSPCertID;
+typedef struct CERTOCSPSingleResponseStr CERTOCSPSingleResponse;
+
+/*
+ * This interface is described in terms of an HttpClient which
+ * supports at least a specified set of functions. (An implementer may
+ * provide HttpClients with additional functionality accessible only to
+ * users with a particular implementation in mind.) The basic behavior
+ * is provided by defining a set of functions, listed in an
+ * SEC_HttpServerFcnStruct. If the implementor of a SpecificHttpClient
+ * registers his SpecificHttpClient as the default HttpClient, then his
+ * functions will be called by the user of an HttpClient, such as an
+ * OCSPChecker.
+ *
+ * The implementer of a specific HttpClient (e.g., the NSS-provided
+ * DefaultHttpClient), populates an SEC_HttpClientFcnStruct, uses it to
+ * register his client, and waits for his functions to be called.
+ *
+ * For future expandability, the SEC_HttpClientFcnStruct is defined as a
+ * union, with the version field acting as a selector. The proposed
+ * initial version of the structure is given following the definition
+ * of the union. The HttpClientState structure is implementation-
+ * dependent, and should be opaque to the user.
+ */
+
+typedef void *SEC_HTTP_SERVER_SESSION;
+typedef void *SEC_HTTP_REQUEST_SESSION;
+
+/*
+ * This function creates a SEC_HTTP_SERVER_SESSION object. The implementer of a
+ * specific HttpClient will allocate the necessary space, when this
+ * function is called, and will free it when the corresponding FreeFcn
+ * is called. The SEC_HTTP_SERVER_SESSION object is passed, as an opaque object,
+ * to subsequent calls.
+ *
+ * If the function returns SECSuccess, the returned SEC_HTTP_SERVER_SESSION
+ * must be cleaned up with a call to SEC_HttpServer_FreeSession,
+ * after processing is finished.
+ */
+typedef SECStatus (*SEC_HttpServer_CreateSessionFcn)(
+ const char *host,
+ PRUint16 portnum,
+ SEC_HTTP_SERVER_SESSION *pSession);
+
+/*
+ * This function is called to allow the implementation to attempt to keep
+ * the connection alive. Depending on the underlying platform, it might
+ * immediately return SECSuccess without having performed any operations.
+ * (If a connection has not been kept alive, a subsequent call to
+ * SEC_HttpRequest_TrySendAndReceiveFcn should reopen the connection
+ * automatically.)
+ *
+ * If the connection uses nonblocking I/O, this function may return
+ * SECWouldBlock and store a nonzero value at "pPollDesc". In that case
+ * the caller may wait on the poll descriptor, and should call this function
+ * again until SECSuccess (and a zero value at "pPollDesc") is obtained.
+ */
+typedef SECStatus (*SEC_HttpServer_KeepAliveSessionFcn)(
+ SEC_HTTP_SERVER_SESSION session,
+ PRPollDesc **pPollDesc);
+
+/*
+ * This function frees the client SEC_HTTP_SERVER_SESSION object, closes all
+ * SEC_HTTP_REQUEST_SESSIONs created for that server, discards all partial results,
+ * frees any memory that was allocated by the client, and invalidates any
+ * response pointers that might have been returned by prior server or request
+ * functions.
+ */
+typedef SECStatus (*SEC_HttpServer_FreeSessionFcn)(
+ SEC_HTTP_SERVER_SESSION session);
+
+/*
+ * This function creates a SEC_HTTP_REQUEST_SESSION object. The implementer of a
+ * specific HttpClient will allocate the necessary space, when this
+ * function is called, and will free it when the corresponding FreeFcn
+ * is called. The SEC_HTTP_REQUEST_SESSION object is passed, as an opaque object,
+ * to subsequent calls.
+ *
+ * An implementation that does not support the requested protocol variant
+ * (usually "http", but could eventually allow "https") or request method
+ * should return SECFailure.
+ *
+ * Timeout values may include the constants PR_INTERVAL_NO_TIMEOUT (wait
+ * forever) or PR_INTERVAL_NO_WAIT (nonblocking I/O).
+ *
+ * If the function returns SECSuccess, the returned SEC_HTTP_REQUEST_SESSION
+ * must be cleaned up with a call to SEC_HttpRequest_FreeSession,
+ * after processing is finished.
+ */
+typedef SECStatus (*SEC_HttpRequest_CreateFcn)(
+ SEC_HTTP_SERVER_SESSION session,
+ const char *http_protocol_variant, /* usually "http" */
+ const char *path_and_query_string,
+ const char *http_request_method,
+ const PRIntervalTime timeout,
+ SEC_HTTP_REQUEST_SESSION *pRequest);
+
+/*
+ * This function sets data to be sent to the server for an HTTP request
+ * of http_request_method == POST. If a particular implementation
+ * supports it, the details for the POST request can be set by calling
+ * this function, prior to activating the request with TrySendAndReceiveFcn.
+ *
+ * An implementation that does not support the POST method should
+ * implement a SetPostDataFcn function that returns immediately.
+ *
+ * Setting http_content_type is optional, the parameter may
+ * by NULL or the empty string.
+ */
+typedef SECStatus (*SEC_HttpRequest_SetPostDataFcn)(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_data,
+ const PRUint32 http_data_len,
+ const char *http_content_type);
+
+/*
+ * This function sets an additional HTTP protocol request header.
+ * If a particular implementation supports it, one or multiple headers
+ * can be added to the request by calling this function once or multiple
+ * times, prior to activating the request with TryFcn.
+ *
+ * An implementation that does not support setting additional headers
+ * should implement an AddRequestHeaderFcn function that returns immediately.
+ */
+typedef SECStatus (*SEC_HttpRequest_AddHeaderFcn)(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_header_name,
+ const char *http_header_value);
+
+/*
+ * This function initiates or continues an HTTP request. After
+ * parameters have been set with the Create function and, optionally,
+ * modified or enhanced with the AddParams function, this call creates
+ * the socket connection and initiates the communication.
+ *
+ * If a timeout value of zero is specified, indicating non-blocking
+ * I/O, the client creates a non-blocking socket, and returns a status
+ * of SECWouldBlock and a non-NULL PRPollDesc if the operation is not
+ * complete. In that case all other return parameters are undefined.
+ * The caller is expected to repeat the call, possibly after using
+ * PRPoll to determine that a completion has occurred, until a return
+ * value of SECSuccess (and a NULL value for pPollDesc) or a return
+ * value of SECFailure (indicating failure on the network level)
+ * is obtained.
+ *
+ * http_response_data_len is both input and output parameter.
+ * If a pointer to a PRUint32 is supplied, the http client is
+ * expected to check the given integer value and always set an out
+ * value, even on failure.
+ * An input value of zero means, the caller will accept any response len.
+ * A different input value indicates the maximum response value acceptable
+ * to the caller.
+ * If data is successfully read and the size is acceptable to the caller,
+ * the function will return SECSuccess and set http_response_data_len to
+ * the size of the block returned in http_response_data.
+ * If the data read from the http server is larger than the acceptable
+ * size, the function will return SECFailure.
+ * http_response_data_len will be set to a value different from zero to
+ * indicate the reason of the failure.
+ * An out value of "0" means, the failure was unrelated to the
+ * acceptable size.
+ * An out value of "1" means, the result data is larger than the
+ * accpeptable size, but the real size is not yet known to the http client
+ * implementation and it stopped retrieving it,
+ * Any other out value combined with a return value of SECFailure
+ * will indicate the actual size of the server data.
+ *
+ * The caller is permitted to provide NULL values for any of the
+ * http_response arguments, indicating the caller is not interested in
+ * those values. If the caller does provide an address, the HttpClient
+ * stores at that address a pointer to the corresponding argument, at
+ * the completion of the operation.
+ *
+ * All returned pointers will be owned by the the HttpClient
+ * implementation and will remain valid until the call to
+ * SEC_HttpRequest_FreeFcn.
+ */
+typedef SECStatus (*SEC_HttpRequest_TrySendAndReceiveFcn)(
+ SEC_HTTP_REQUEST_SESSION request,
+ PRPollDesc **pPollDesc,
+ PRUint16 *http_response_code,
+ const char **http_response_content_type,
+ const char **http_response_headers,
+ const char **http_response_data,
+ PRUint32 *http_response_data_len);
+
+/*
+ * Calling CancelFcn asks for premature termination of the request.
+ *
+ * Future calls to SEC_HttpRequest_TrySendAndReceive should
+ * by avoided, but in this case the HttpClient implementation
+ * is expected to return immediately with SECFailure.
+ *
+ * After calling CancelFcn, a separate call to SEC_HttpRequest_FreeFcn
+ * is still necessary to free resources.
+ */
+typedef SECStatus (*SEC_HttpRequest_CancelFcn)(
+ SEC_HTTP_REQUEST_SESSION request);
+
+/*
+ * Before calling this function, it must be assured the request
+ * has been completed, i.e. either SEC_HttpRequest_TrySendAndReceiveFcn has
+ * returned SECSuccess, or the request has been canceled with
+ * a call to SEC_HttpRequest_CancelFcn.
+ *
+ * This function frees the client state object, closes all sockets,
+ * discards all partial results, frees any memory that was allocated
+ * by the client, and invalidates all response pointers that might
+ * have been returned by SEC_HttpRequest_TrySendAndReceiveFcn
+ */
+typedef SECStatus (*SEC_HttpRequest_FreeFcn)(
+ SEC_HTTP_REQUEST_SESSION request);
+
+typedef struct SEC_HttpClientFcnV1Struct {
+ SEC_HttpServer_CreateSessionFcn createSessionFcn;
+ SEC_HttpServer_KeepAliveSessionFcn keepAliveSessionFcn;
+ SEC_HttpServer_FreeSessionFcn freeSessionFcn;
+ SEC_HttpRequest_CreateFcn createFcn;
+ SEC_HttpRequest_SetPostDataFcn setPostDataFcn;
+ SEC_HttpRequest_AddHeaderFcn addHeaderFcn;
+ SEC_HttpRequest_TrySendAndReceiveFcn trySendAndReceiveFcn;
+ SEC_HttpRequest_CancelFcn cancelFcn;
+ SEC_HttpRequest_FreeFcn freeFcn;
+} SEC_HttpClientFcnV1;
+
+typedef struct SEC_HttpClientFcnStruct {
+ PRInt16 version;
+ union {
+ SEC_HttpClientFcnV1 ftable1;
+ /* SEC_HttpClientFcnV2 ftable2; */
+ /* ... */
+ } fcnTable;
+} SEC_HttpClientFcn;
+
+/*
+ * ocspMode_FailureIsVerificationFailure:
+ * This is the classic behaviour of NSS.
+ * Any OCSP failure is a verification failure (classic mode, default).
+ * Without a good response, OCSP networking will be retried each time
+ * it is required for verifying a cert.
+ *
+ * ocspMode_FailureIsNotAVerificationFailure:
+ * If we fail to obtain a valid OCSP response, consider the
+ * cert as good.
+ * Failed OCSP attempts might get cached and not retried until
+ * minimumSecondsToNextFetchAttempt.
+ * If we are able to obtain a valid response, the cert
+ * will be considered good, if either status is "good"
+ * or the cert was not yet revoked at verification time.
+ *
+ * Additional failure modes might be added in the future.
+ */
+typedef enum {
+ ocspMode_FailureIsVerificationFailure = 0,
+ ocspMode_FailureIsNotAVerificationFailure = 1
+} SEC_OcspFailureMode;
+
+/*
+ * A ResponderID identifies the responder -- or more correctly, the
+ * signer of the response. The ASN.1 definition of a ResponderID is:
+ *
+ * ResponderID ::= CHOICE {
+ * byName [1] EXPLICIT Name,
+ * byKey [2] EXPLICIT KeyHash }
+ *
+ * Because it is CHOICE, the type of identification used and the
+ * identification itself are actually encoded together. To represent
+ * this same information internally, we explicitly define a type and
+ * save it, along with the value, into a data structure.
+ */
+
+typedef enum {
+ ocspResponderID_other = -1, /* unknown kind of responderID */
+ ocspResponderID_byName = 1,
+ ocspResponderID_byKey = 2
+} CERTOCSPResponderIDType;
+
+#endif /* _OCSPT_H_ */
diff --git a/security/nss/lib/certhigh/ocspti.h b/security/nss/lib/certhigh/ocspti.h
new file mode 100644
index 000000000..d9297dba6
--- /dev/null
+++ b/security/nss/lib/certhigh/ocspti.h
@@ -0,0 +1,356 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Private header defining OCSP types.
+ */
+
+#ifndef _OCSPTI_H_
+#define _OCSPTI_H_
+
+#include "ocspt.h"
+
+#include "certt.h"
+#include "plarena.h"
+#include "seccomon.h"
+#include "secoidt.h"
+
+/*
+ * Some notes about naming conventions...
+ *
+ * The public data types all start with "CERTOCSP" (e.g. CERTOCSPRequest).
+ * (Even the public types are opaque, however. Only their names are
+ * "exported".)
+ *
+ * Internal-only data types drop the "CERT" prefix and use only the
+ * lower-case "ocsp" (e.g. ocspTBSRequest), for brevity sake.
+ *
+ * In either case, the base/suffix of the type name usually matches the
+ * name as defined in the OCSP specification. The exceptions to this are:
+ * - When there is overlap between the "OCSP" or "ocsp" prefix and
+ * the name used in the standard. That is, you cannot strip off the
+ * "CERTOCSP" or "ocsp" prefix and necessarily get the name of the
+ * type as it is defined in the standard; the "real" name will be
+ * *either* "OCSPSuffix" or just "Suffix".
+ * - When the name in the standard was a little too generic. (e.g. The
+ * standard defines "Request" but we call it a "SingleRequest".)
+ * In this case a comment above the type definition calls attention
+ * to the difference.
+ *
+ * The definitions laid out in this header file are intended to follow
+ * the same order as the definitions in the OCSP specification itself.
+ * With the OCSP standard in hand, you should be able to move through
+ * this file and follow along. To future modifiers of this file: please
+ * try to keep it that way. The only exceptions are the few cases where
+ * we need to define a type before it is referenced (e.g. enumerations),
+ * whereas in the OCSP specification these are usually defined the other
+ * way around (reference before definition).
+ */
+
+/*
+ * Forward-declarations of internal-only data structures.
+ *
+ * These are in alphabetical order (case-insensitive); please keep it that way!
+ */
+typedef struct ocspBasicOCSPResponseStr ocspBasicOCSPResponse;
+typedef struct ocspCertStatusStr ocspCertStatus;
+typedef struct ocspResponderIDStr ocspResponderID;
+typedef struct ocspResponseBytesStr ocspResponseBytes;
+typedef struct ocspResponseDataStr ocspResponseData;
+typedef struct ocspRevokedInfoStr ocspRevokedInfo;
+typedef struct ocspServiceLocatorStr ocspServiceLocator;
+typedef struct ocspSignatureStr ocspSignature;
+typedef struct ocspSingleRequestStr ocspSingleRequest;
+typedef struct ocspSingleResponseStr ocspSingleResponse;
+typedef struct ocspTBSRequestStr ocspTBSRequest;
+
+/*
+ * An OCSPRequest; this is what is sent (encoded) to an OCSP responder.
+ */
+struct CERTOCSPRequestStr {
+ PLArenaPool *arena; /* local; not part of encoding */
+ ocspTBSRequest *tbsRequest;
+ ocspSignature *optionalSignature;
+};
+
+/*
+ * A TBSRequest; when an OCSPRequest is signed, the encoding of this
+ * is what the signature is actually applied to. ("TBS" == To Be Signed)
+ * Whether signed or not, however, this structure will be present, and
+ * is the "meat" of the OCSPRequest.
+ *
+ * Note that the "requestorName" field cannot be encoded/decoded in the
+ * same pass as the entire request -- it needs to be handled with a special
+ * call to convert to/from our internal form of a GeneralName. Thus the
+ * "derRequestorName" field, which is the actual DER-encoded bytes.
+ *
+ * The "extensionHandle" field is used on creation only; it holds
+ * in-progress extensions as they are optionally added to the request.
+ */
+struct ocspTBSRequestStr {
+ SECItem version; /* an INTEGER */
+ SECItem *derRequestorName; /* encoded GeneralName; see above */
+ CERTGeneralNameList *requestorName; /* local; not part of encoding */
+ ocspSingleRequest **requestList;
+ CERTCertExtension **requestExtensions;
+ void *extensionHandle; /* local; not part of encoding */
+};
+
+/*
+ * This is the actual signature information for an OCSPRequest (applied to
+ * the TBSRequest structure) or for a BasicOCSPResponse (applied to a
+ * ResponseData structure).
+ *
+ * Note that the "signature" field itself is a BIT STRING; operations on
+ * it need to keep that in mind, converting the length to bytes as needed
+ * and back again afterward (so that the length is usually expressing bits).
+ *
+ * The "cert" field is the signer's certificate. In the case of a received
+ * signature, it will be filled in when the signature is verified. In the
+ * case of a created signature, it is filled in on creation and will be the
+ * cert used to create the signature when the signing-and-encoding occurs,
+ * as well as the cert (and its chain) to fill in derCerts if requested.
+ *
+ * The extra fields cache information about the signature after we have
+ * attempted a verification. "wasChecked", if true, means the signature
+ * has been checked against the appropriate data and thus that "status"
+ * contains the result of that verification. If "status" is not SECSuccess,
+ * "failureReason" is a copy of the error code that was set at the time;
+ * presumably it tells why the signature verification failed.
+ */
+struct ocspSignatureStr {
+ SECAlgorithmID signatureAlgorithm;
+ SECItem signature; /* a BIT STRING */
+ SECItem **derCerts; /* a SEQUENCE OF Certificate */
+ CERTCertificate *cert; /* local; not part of encoding */
+ PRBool wasChecked; /* local; not part of encoding */
+ SECStatus status; /* local; not part of encoding */
+ int failureReason; /* local; not part of encoding */
+};
+
+/*
+ * An OCSPRequest contains a SEQUENCE OF these, one for each certificate
+ * whose status is being checked.
+ *
+ * Note that in the OCSP specification this is just called "Request",
+ * but since that seemed confusing (vs. an OCSPRequest) and to be more
+ * consistent with the parallel type "SingleResponse", I called it a
+ * "SingleRequest".
+ *
+ * XXX figure out how to get rid of that arena -- there must be a way
+ */
+struct ocspSingleRequestStr {
+ PLArenaPool *arena; /* just a copy of the response arena,
+ * needed here for extension handling
+ * routines, on creation only */
+ CERTOCSPCertID *reqCert;
+ CERTCertExtension **singleRequestExtensions;
+};
+
+/*
+ * A CertID is the means of identifying a certificate, used both in requests
+ * and in responses.
+ *
+ * When in a SingleRequest it specifies the certificate to be checked.
+ * When in a SingleResponse it is the cert whose status is being given.
+ */
+struct CERTOCSPCertIDStr {
+ SECAlgorithmID hashAlgorithm;
+ SECItem issuerNameHash; /* an OCTET STRING */
+ SECItem issuerKeyHash; /* an OCTET STRING */
+ SECItem serialNumber; /* an INTEGER */
+ SECItem issuerSHA1NameHash; /* keep other hashes around when */
+ SECItem issuerMD5NameHash; /* we have them */
+ SECItem issuerMD2NameHash;
+ SECItem issuerSHA1KeyHash; /* keep other hashes around when */
+ SECItem issuerMD5KeyHash; /* we have them */
+ SECItem issuerMD2KeyHash;
+ PLArenaPool *poolp;
+};
+
+/*
+ * This describes the value of the responseStatus field in an OCSPResponse.
+ * The corresponding ASN.1 definition is:
+ *
+ * OCSPResponseStatus ::= ENUMERATED {
+ * successful (0), --Response has valid confirmations
+ * malformedRequest (1), --Illegal confirmation request
+ * internalError (2), --Internal error in issuer
+ * tryLater (3), --Try again later
+ * --(4) is not used
+ * sigRequired (5), --Must sign the request
+ * unauthorized (6), --Request unauthorized
+ * }
+ */
+typedef enum {
+ ocspResponse_min = 0,
+ ocspResponse_successful = 0,
+ ocspResponse_malformedRequest = 1,
+ ocspResponse_internalError = 2,
+ ocspResponse_tryLater = 3,
+ ocspResponse_unused = 4,
+ ocspResponse_sigRequired = 5,
+ ocspResponse_unauthorized = 6,
+ ocspResponse_max = 6 /* Please update max when adding values.
+ * Remember to also update arrays, e.g.
+ * "responseStatusNames" in ocspclnt.c
+ * and potentially other places. */
+} ocspResponseStatus;
+
+/*
+ * An OCSPResponse is what is sent (encoded) by an OCSP responder.
+ *
+ * The field "responseStatus" is the ASN.1 encoded value; the field
+ * "statusValue" is simply that same value translated into our local
+ * type ocspResponseStatus.
+ */
+struct CERTOCSPResponseStr {
+ PLArenaPool *arena; /* local; not part of encoding */
+ SECItem responseStatus; /* an ENUMERATED, see above */
+ ocspResponseStatus statusValue; /* local; not part of encoding */
+ ocspResponseBytes *responseBytes; /* only when status is successful */
+};
+
+/*
+ * A ResponseBytes (despite appearances) is what contains the meat
+ * of a successful response -- but still in encoded form. The type
+ * given as "responseType" tells you how to decode the string.
+ *
+ * We look at the OID and translate it into our local OID representation
+ * "responseTypeTag", and use that value to tell us how to decode the
+ * actual response itself. For now the only kind of OCSP response we
+ * know about is a BasicOCSPResponse. However, the intention in the
+ * OCSP specification is to allow for other response types, so we are
+ * building in that flexibility from the start and thus put a pointer
+ * to that data structure inside of a union. Whenever OCSP adds more
+ * response types, just add them to the union.
+ */
+struct ocspResponseBytesStr {
+ SECItem responseType; /* an OBJECT IDENTIFIER */
+ SECOidTag responseTypeTag; /* local; not part of encoding */
+ SECItem response; /* an OCTET STRING */
+ union {
+ ocspBasicOCSPResponse *basic; /* when type is id-pkix-ocsp-basic */
+ } decodedResponse; /* local; not part of encoding */
+};
+
+/*
+ * A BasicOCSPResponse -- when the responseType in a ResponseBytes is
+ * id-pkix-ocsp-basic, the "response" OCTET STRING above is the DER
+ * encoding of one of these.
+ *
+ * Note that in the OCSP specification, the signature fields are not
+ * part of a separate sub-structure. But since they are the same fields
+ * as we define for the signature in a request, it made sense to share
+ * the C data structure here and in some shared code to operate on them.
+ */
+struct ocspBasicOCSPResponseStr {
+ SECItem tbsResponseDataDER;
+ ocspResponseData *tbsResponseData; /* "tbs" == To Be Signed */
+ ocspSignature responseSignature;
+};
+
+/*
+ * A ResponseData is the part of a BasicOCSPResponse that is signed
+ * (after it is DER encoded). It contains the real details of the response
+ * (a per-certificate status).
+ */
+struct ocspResponseDataStr {
+ SECItem version; /* an INTEGER */
+ SECItem derResponderID;
+ ocspResponderID *responderID; /* local; not part of encoding */
+ SECItem producedAt; /* a GeneralizedTime */
+ CERTOCSPSingleResponse **responses;
+ CERTCertExtension **responseExtensions;
+};
+
+struct ocspResponderIDStr {
+ CERTOCSPResponderIDType responderIDType; /* local; not part of encoding */
+ union {
+ CERTName name; /* when ocspResponderID_byName */
+ SECItem keyHash; /* when ocspResponderID_byKey */
+ SECItem other; /* when ocspResponderID_other */
+ } responderIDValue;
+};
+
+/*
+ * The ResponseData in a BasicOCSPResponse contains a SEQUENCE OF
+ * SingleResponse -- one for each certificate whose status is being supplied.
+ *
+ * XXX figure out how to get rid of that arena -- there must be a way
+ */
+struct CERTOCSPSingleResponseStr {
+ PLArenaPool *arena; /* just a copy of the response arena,
+ * needed here for extension handling
+ * routines, on creation only */
+ CERTOCSPCertID *certID;
+ SECItem derCertStatus;
+ ocspCertStatus *certStatus; /* local; not part of encoding */
+ SECItem thisUpdate; /* a GeneralizedTime */
+ SECItem *nextUpdate; /* a GeneralizedTime */
+ CERTCertExtension **singleExtensions;
+};
+
+/*
+ * A CertStatus is the actual per-certificate status. Its ASN.1 definition:
+ *
+ * CertStatus ::= CHOICE {
+ * good [0] IMPLICIT NULL,
+ * revoked [1] IMPLICIT RevokedInfo,
+ * unknown [2] IMPLICIT UnknownInfo }
+ *
+ * (where for now UnknownInfo is defined to be NULL but in the
+ * future may be replaced with an enumeration).
+ *
+ * Because it is CHOICE, the status value and its associated information
+ * (if any) are actually encoded together. To represent this same
+ * information internally, we explicitly define a type and save it,
+ * along with the value, into a data structure.
+ */
+
+typedef enum {
+ ocspCertStatus_good, /* cert is not revoked */
+ ocspCertStatus_revoked, /* cert is revoked */
+ ocspCertStatus_unknown, /* cert was unknown to the responder */
+ ocspCertStatus_other /* status was not an expected value */
+} ocspCertStatusType;
+
+/*
+ * This is the actual per-certificate status.
+ *
+ * The "goodInfo" and "unknownInfo" items are only place-holders for a NULL.
+ * (Though someday OCSP may replace UnknownInfo with an enumeration that
+ * gives more detailed information.)
+ */
+struct ocspCertStatusStr {
+ ocspCertStatusType certStatusType; /* local; not part of encoding */
+ union {
+ SECItem *goodInfo; /* when ocspCertStatus_good */
+ ocspRevokedInfo *revokedInfo; /* when ocspCertStatus_revoked */
+ SECItem *unknownInfo; /* when ocspCertStatus_unknown */
+ SECItem *otherInfo; /* when ocspCertStatus_other */
+ } certStatusInfo;
+};
+
+/*
+ * A RevokedInfo gives information about a revoked certificate -- when it
+ * was revoked and why.
+ */
+struct ocspRevokedInfoStr {
+ SECItem revocationTime; /* a GeneralizedTime */
+ SECItem *revocationReason; /* a CRLReason; ignored for now */
+};
+
+/*
+ * ServiceLocator can be included as one of the singleRequestExtensions.
+ * When added, it specifies the (name of the) issuer of the cert being
+ * checked, and optionally the value of the AuthorityInfoAccess extension
+ * if the cert has one.
+ */
+struct ocspServiceLocatorStr {
+ CERTName *issuer;
+ SECItem locator; /* DER encoded authInfoAccess extension from cert */
+};
+
+#endif /* _OCSPTI_H_ */
diff --git a/security/nss/lib/certhigh/xcrldist.c b/security/nss/lib/certhigh/xcrldist.c
new file mode 100644
index 000000000..4f74cdb25
--- /dev/null
+++ b/security/nss/lib/certhigh/xcrldist.c
@@ -0,0 +1,212 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Code for dealing with x.509 v3 CRL Distribution Point extension.
+ */
+#include "genname.h"
+#include "certt.h"
+#include "secerr.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_BitStringTemplate)
+
+extern void PrepareBitStringForEncoding(SECItem *bitMap, SECItem *value);
+
+static const SEC_ASN1Template FullNameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
+ offsetof(CRLDistributionPoint, derFullName),
+ CERT_GeneralNamesTemplate }
+};
+
+static const SEC_ASN1Template RelativeNameTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 1,
+ offsetof(CRLDistributionPoint, distPoint.relativeName),
+ CERT_RDNTemplate }
+};
+
+static const SEC_ASN1Template DistributionPointNameTemplate[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(CRLDistributionPoint, distPointType), NULL,
+ sizeof(CRLDistributionPoint) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
+ offsetof(CRLDistributionPoint, derFullName),
+ CERT_GeneralNamesTemplate, generalName },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 1,
+ offsetof(CRLDistributionPoint, distPoint.relativeName),
+ CERT_RDNTemplate, relativeDistinguishedName },
+ { 0 }
+};
+
+static const SEC_ASN1Template CRLDistributionPointTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRLDistributionPoint) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | 0,
+ offsetof(CRLDistributionPoint, derDistPoint),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(CRLDistributionPoint, bitsmap),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_CONSTRUCTED | 2,
+ offsetof(CRLDistributionPoint, derCrlIssuer),
+ CERT_GeneralNamesTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CERTCRLDistributionPointsTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, CRLDistributionPointTemplate }
+};
+
+SECStatus
+CERT_EncodeCRLDistributionPoints(PLArenaPool *arena,
+ CERTCrlDistributionPoints *value,
+ SECItem *derValue)
+{
+ CRLDistributionPoint **pointList, *point;
+ PLArenaPool *ourPool = NULL;
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(derValue);
+ PORT_Assert(value && value->distPoints);
+
+ do {
+ ourPool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (ourPool == NULL) {
+ rv = SECFailure;
+ break;
+ }
+
+ pointList = value->distPoints;
+ while (*pointList) {
+ point = *pointList;
+ point->derFullName = NULL;
+ point->derDistPoint.data = NULL;
+
+ switch (point->distPointType) {
+ case generalName:
+ point->derFullName = cert_EncodeGeneralNames(ourPool, point->distPoint.fullName);
+
+ if (!point->derFullName ||
+ !SEC_ASN1EncodeItem(ourPool, &point->derDistPoint,
+ point, FullNameTemplate))
+ rv = SECFailure;
+ break;
+
+ case relativeDistinguishedName:
+ if (!SEC_ASN1EncodeItem(ourPool, &point->derDistPoint,
+ point, RelativeNameTemplate))
+ rv = SECFailure;
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ rv = SECFailure;
+ break;
+ }
+
+ if (rv != SECSuccess)
+ break;
+
+ if (point->reasons.data)
+ PrepareBitStringForEncoding(&point->bitsmap, &point->reasons);
+
+ if (point->crlIssuer) {
+ point->derCrlIssuer = cert_EncodeGeneralNames(ourPool, point->crlIssuer);
+ if (!point->derCrlIssuer) {
+ rv = SECFailure;
+ break;
+ }
+ }
+ ++pointList;
+ }
+ if (rv != SECSuccess)
+ break;
+ if (!SEC_ASN1EncodeItem(arena, derValue, value,
+ CERTCRLDistributionPointsTemplate)) {
+ rv = SECFailure;
+ break;
+ }
+ } while (0);
+ PORT_FreeArena(ourPool, PR_FALSE);
+ return rv;
+}
+
+CERTCrlDistributionPoints *
+CERT_DecodeCRLDistributionPoints(PLArenaPool *arena, SECItem *encodedValue)
+{
+ CERTCrlDistributionPoints *value = NULL;
+ CRLDistributionPoint **pointList, *point;
+ SECStatus rv = SECSuccess;
+ SECItem newEncodedValue;
+
+ PORT_Assert(arena);
+ do {
+ value = PORT_ArenaZNew(arena, CERTCrlDistributionPoints);
+ if (value == NULL) {
+ rv = SECFailure;
+ break;
+ }
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue);
+ if (rv != SECSuccess)
+ break;
+
+ rv = SEC_QuickDERDecodeItem(arena, &value->distPoints,
+ CERTCRLDistributionPointsTemplate, &newEncodedValue);
+ if (rv != SECSuccess)
+ break;
+
+ pointList = value->distPoints;
+ while (NULL != (point = *pointList)) {
+
+ /* get the data if the distributionPointName is not omitted */
+ if (point->derDistPoint.data != NULL) {
+ rv = SEC_QuickDERDecodeItem(arena, point,
+ DistributionPointNameTemplate, &(point->derDistPoint));
+ if (rv != SECSuccess)
+ break;
+
+ switch (point->distPointType) {
+ case generalName:
+ point->distPoint.fullName =
+ cert_DecodeGeneralNames(arena, point->derFullName);
+ rv = point->distPoint.fullName ? SECSuccess : SECFailure;
+ break;
+
+ case relativeDistinguishedName:
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
+ rv = SECFailure;
+ break;
+ } /* end switch */
+ if (rv != SECSuccess)
+ break;
+ } /* end if */
+
+ /* Get the reason code if it's not omitted in the encoding */
+ if (point->bitsmap.data != NULL) {
+ SECItem bitsmap = point->bitsmap;
+ DER_ConvertBitString(&bitsmap);
+ rv = SECITEM_CopyItem(arena, &point->reasons, &bitsmap);
+ if (rv != SECSuccess)
+ break;
+ }
+
+ /* Get the crl issuer name if it's not omitted in the encoding */
+ if (point->derCrlIssuer != NULL) {
+ point->crlIssuer = cert_DecodeGeneralNames(arena,
+ point->derCrlIssuer);
+ if (!point->crlIssuer)
+ break;
+ }
+ ++pointList;
+ } /* end while points remain */
+ } while (0);
+ return (rv == SECSuccess ? value : NULL);
+}
diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile
new file mode 100644
index 000000000..484dbb511
--- /dev/null
+++ b/security/nss/lib/ckfw/Makefile
@@ -0,0 +1,39 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+ifdef NOTDEF # was ifdef MOZILLA_CLIENT
+NSS_BUILD_CAPI = 1
+endif
+
+# This'll need some help from a build person.
+
+# The generated files are checked in, and differ from what ckapi.perl
+# will produce. ckapi.perl is currently newer than the targets, so
+# these rules are invoked, causing the wrong files to be generated.
+# Turning off to fix builds.
+#
+# nssckepv.h: ck.api ckapi.perl
+# nssckft.h: ck.api ckapi.perl
+# nssckg.h: ck.api ckapi.perl
+# nssck.api: ck.api ckapi.perl
+# $(PERL) ckapi.perl ck.api
+
+export:: private_export
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))
+ifdef NSS_BUILD_CAPI
+DIRS += capi
+endif
+endif
+
+#ifeq ($(OS_ARCH), Darwin)
+#DIRS += nssmkey
+#endif
diff --git a/security/nss/lib/ckfw/builtins/Makefile b/security/nss/lib/ckfw/builtins/Makefile
new file mode 100644
index 000000000..22726e286
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/Makefile
@@ -0,0 +1,54 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+
+EXTRA_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
+ $(NULL)
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+else
+EXTRA_SHARED_LIBS += \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+else
+
+EXTRA_SHARED_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+endif
+
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+# Generate certdata.c.
+
+# By default, use the unmodified certdata.txt.
+ifndef NSS_CERTDATA_TXT
+NSS_CERTDATA_TXT = certdata.txt
+endif
+
+$(OBJDIR)/certdata.c: $(NSS_CERTDATA_TXT) certdata.perl
+ @$(MAKE_OBJDIR)
+ $(PERL) certdata.perl $(NSS_CERTDATA_TXT) $@
diff --git a/security/nss/lib/ckfw/builtins/README b/security/nss/lib/ckfw/builtins/README
new file mode 100644
index 000000000..fc0393c38
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/README
@@ -0,0 +1,45 @@
+This README file explains how to add a builtin root CA certificate to NSS
+or remove a builtin root CA certificate from NSS.
+
+The builtin root CA certificates in NSS are stored in the nssckbi PKCS #11
+module. The sources to the nssckbi module are in this directory.
+
+I. Adding a Builtin Root CA Certificate
+
+You need to use the addbuiltin command-line tool to add a root CA certificate
+to the nssckbi module. In the procedure described below, we assume that the
+new root CA certificate is distributed in DER format in the file newroot.der.
+
+1. Add the directory where the addbuiltin executable resides to your PATH
+environment variable. Then, add the directory where the NSPR and NSS shared
+libraries (DLLs) reside to the platform-specific environment variable that
+specifies your shared library search path: LD_LIBRARY_PATH (most Unix
+variants), SHLIB_PATH (32-bit HP-UX), LIBPATH (AIX), or PATH (Windows).
+
+2. Copy newroot.der to this directory.
+
+3. In this directory, run addbuiltin to add the new root certificate. The
+argument to the -n option should be replaced by the nickname of the root
+certificate.
+
+ % addbuiltin -n "Nickname of the Root Certificate" -t C,C,C < newroot.der >> certdata.txt
+
+4. Edit nssckbi.h to bump the version of the module.
+
+5. Run gmake in this directory to build the nssckbi module.
+
+6. After you verify that the new nssckbi module is correct, check in
+certdata.txt and nssckbi.h.
+
+II. Removing a Builtin Root CA Certificate
+
+1. Change directory to this directory.
+
+2. Edit certdata.txt and remove the root CA certificate.
+
+3. Edit nssckbi.h to bump the version of the module.
+
+4. Run gmake in this directory to build the nssckbi module.
+
+5. After you verify that the new nssckbi module is correct, check in
+certdata.txt and nssckbi.h.
diff --git a/security/nss/lib/ckfw/builtins/anchor.c b/security/nss/lib/ckfw/builtins/anchor.c
new file mode 100644
index 000000000..af21c6a0b
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/anchor.c
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * builtins/anchor.c
+ *
+ * This file "anchors" the actual cryptoki entry points in this module's
+ * shared library, which is required for dynamic loading. See the
+ * comments in nssck.api for more information.
+ */
+
+#include "builtins.h"
+
+#define MODULE_NAME builtins
+#define INSTANCE_NAME (NSSCKMDInstance *)&nss_builtins_mdInstance
+#include "nssck.api"
diff --git a/security/nss/lib/ckfw/builtins/bfind.c b/security/nss/lib/ckfw/builtins/bfind.c
new file mode 100644
index 000000000..3e5da1a55
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/bfind.c
@@ -0,0 +1,261 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BUILTINS_H
+#include "builtins.h"
+#endif /* BUILTINS_H */
+
+/*
+ * builtins/find.c
+ *
+ * This file implements the NSSCKMDFindObjects object for the
+ * "builtin objects" cryptoki module.
+ */
+
+struct builtinsFOStr {
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ builtinsInternalObject **objs;
+};
+
+static void
+builtins_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+
+ return;
+}
+
+static NSSCKMDObject *
+builtins_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
+ builtinsInternalObject *io;
+
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ io = fo->objs[fo->i];
+ fo->i++;
+
+ return nss_builtins_CreateMDObject(arena, io, pError);
+}
+
+static int
+builtins_derUnwrapInt(unsigned char *src, int size, unsigned char **dest)
+{
+ unsigned char *start = src;
+ int len = 0;
+
+ if (*src++ != 2) {
+ return 0;
+ }
+ len = *src++;
+ if (len & 0x80) {
+ int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return 0;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | *src++;
+ }
+ }
+ if (len + (src - start) != size) {
+ return 0;
+ }
+ *dest = src;
+ return len;
+}
+
+static CK_BBOOL
+builtins_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ const NSSItem *b)
+{
+ PRBool prb;
+
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ int len;
+ unsigned char *data = NULL;
+
+ len = builtins_derUnwrapInt(b->data, b->size, &data);
+ if (data &&
+ (len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
+ }
+
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ } else {
+ return CK_FALSE;
+ }
+}
+
+static CK_BBOOL
+builtins_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ builtinsInternalObject *o)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ CK_ULONG j;
+
+ for (j = 0; j < o->n; j++) {
+ if (o->types[j] == pTemplate[i].type) {
+ if (CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j])) {
+ return CK_FALSE;
+ } else {
+ break;
+ }
+ }
+ }
+
+ if (j == o->n) {
+ /* Loop ran to the end: no matching attribute */
+ return CK_FALSE;
+ }
+ }
+
+ /* Every attribute passed */
+ return CK_TRUE;
+}
+
+NSS_IMPLEMENT NSSCKMDFindObjects *
+nss_builtins_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
+
+/*
+ * 99% of the time we get 0 or 1 matches. So we start with a small
+ * stack-allocated array to hold the matches and switch to a heap-allocated
+ * array later if the number of matches exceeds STACK_BUF_LENGTH.
+ */
+#define STACK_BUF_LENGTH 1
+ builtinsInternalObject *stackTemp[STACK_BUF_LENGTH];
+ builtinsInternalObject **temp = stackTemp;
+ PRBool tempIsHeapAllocated = PR_FALSE;
+ PRUint32 i;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo = nss_ZNEW(arena, struct builtinsFOStr);
+ if ((struct builtinsFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+
+ rv->etc = (void *)fo;
+ rv->Final = builtins_mdFindObjects_Final;
+ rv->Next = builtins_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ for (i = 0; i < nss_builtins_nObjects; i++) {
+ builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
+
+ if (CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o)) {
+ if (fo->n == STACK_BUF_LENGTH) {
+ /* Switch from the small stack array to a heap-allocated array large
+ * enough to handle matches in all remaining cases. */
+ temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
+ fo->n + nss_builtins_nObjects - i);
+ if ((builtinsInternalObject **)NULL == temp) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+ tempIsHeapAllocated = PR_TRUE;
+ (void)nsslibc_memcpy(temp, stackTemp,
+ sizeof(builtinsInternalObject *) * fo->n);
+ }
+
+ temp[fo->n] = o;
+ fo->n++;
+ }
+ }
+
+ fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
+ if ((builtinsInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
+ if (tempIsHeapAllocated) {
+ nss_ZFreeIf(temp);
+ temp = (builtinsInternalObject **)NULL;
+ }
+
+ return rv;
+
+loser:
+ if (tempIsHeapAllocated) {
+ nss_ZFreeIf(temp);
+ }
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}
diff --git a/security/nss/lib/ckfw/builtins/binst.c b/security/nss/lib/ckfw/builtins/binst.c
new file mode 100644
index 000000000..ca1dac89c
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/binst.c
@@ -0,0 +1,87 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "builtins.h"
+
+/*
+ * builtins/instance.c
+ *
+ * This file implements the NSSCKMDInstance object for the
+ * "builtin objects" cryptoki module.
+ */
+
+/*
+ * NSSCKMDInstance methods
+ */
+
+static CK_ULONG
+builtins_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (CK_ULONG)1;
+}
+
+static CK_VERSION
+builtins_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_builtins_CryptokiVersion;
+}
+
+static NSSUTF8 *
+builtins_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_ManufacturerID;
+}
+
+static NSSUTF8 *
+builtins_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_LibraryDescription;
+}
+
+static CK_VERSION
+builtins_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+#define NSS_VERSION_VARIABLE __nss_builtins_version
+#include "verref.h"
+ return nss_builtins_LibraryVersion;
+}
+
+static CK_RV
+builtins_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
+{
+ slots[0] = (NSSCKMDSlot *)&nss_builtins_mdSlot;
+ return CKR_OK;
+}
+
+const NSSCKMDInstance
+ nss_builtins_mdInstance = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Finalize */
+ builtins_mdInstance_GetNSlots,
+ builtins_mdInstance_GetCryptokiVersion,
+ builtins_mdInstance_GetManufacturerID,
+ builtins_mdInstance_GetLibraryDescription,
+ builtins_mdInstance_GetLibraryVersion,
+ NULL, /* ModuleHandlesSessionObjects -- defaults to false */
+ builtins_mdInstance_GetSlots,
+ NULL, /* WaitForSlotEvent */
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/builtins/bobject.c b/security/nss/lib/ckfw/builtins/bobject.c
new file mode 100644
index 000000000..1c0babdd6
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/bobject.c
@@ -0,0 +1,206 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "builtins.h"
+
+/*
+ * builtins/object.c
+ *
+ * This file implements the NSSCKMDObject object for the
+ * "builtin objects" cryptoki module.
+ */
+
+/*
+ * Finalize - unneeded
+ * Destroy - CKR_SESSION_READ_ONLY
+ * IsTokenObject - CK_TRUE
+ * GetAttributeCount
+ * GetAttributeTypes
+ * GetAttributeSize
+ * GetAttribute
+ * SetAttribute - unneeded
+ * GetObjectSize
+ */
+
+static CK_RV
+builtins_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CKR_SESSION_READ_ONLY;
+}
+
+static CK_BBOOL
+builtins_mdObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_ULONG
+builtins_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ return io->n;
+}
+
+static CK_RV
+builtins_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
+
+ if (io->n != ulCount) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ for (i = 0; i < io->n; i++) {
+ typeArray[i] = io->types[i];
+ }
+
+ return CKR_OK;
+}
+
+static CK_ULONG
+builtins_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
+
+ for (i = 0; i < io->n; i++) {
+ if (attribute == io->types[i]) {
+ return (CK_ULONG)(io->items[i].size);
+ }
+ }
+
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return 0;
+}
+
+static NSSCKFWItem
+builtins_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ NSSCKFWItem mdItem;
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
+
+ mdItem.needsFreeing = PR_FALSE;
+ mdItem.item = (NSSItem *)NULL;
+
+ for (i = 0; i < io->n; i++) {
+ if (attribute == io->types[i]) {
+ mdItem.item = (NSSItem *)&io->items[i];
+ return mdItem;
+ }
+ }
+
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return mdItem;
+}
+
+static CK_ULONG
+builtins_mdObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
+ CK_ULONG i;
+ CK_ULONG rv = sizeof(CK_ULONG);
+
+ for (i = 0; i < io->n; i++) {
+ rv += sizeof(CK_ATTRIBUTE_TYPE) + sizeof(NSSItem) + io->items[i].size;
+ }
+
+ return rv;
+}
+
+static const NSSCKMDObject
+ builtins_prototype_mdObject = {
+ (void *)NULL, /* etc */
+ NULL, /* Finalize */
+ builtins_mdObject_Destroy,
+ builtins_mdObject_IsTokenObject,
+ builtins_mdObject_GetAttributeCount,
+ builtins_mdObject_GetAttributeTypes,
+ builtins_mdObject_GetAttributeSize,
+ builtins_mdObject_GetAttribute,
+ NULL, /* FreeAttribute */
+ NULL, /* SetAttribute */
+ builtins_mdObject_GetObjectSize,
+ (void *)NULL /* null terminator */
+ };
+
+NSS_IMPLEMENT NSSCKMDObject *
+nss_builtins_CreateMDObject(
+ NSSArena *arena,
+ builtinsInternalObject *io,
+ CK_RV *pError)
+{
+ if ((void *)NULL == io->mdObject.etc) {
+ (void)nsslibc_memcpy(&io->mdObject, &builtins_prototype_mdObject,
+ sizeof(builtins_prototype_mdObject));
+ io->mdObject.etc = (void *)io;
+ }
+
+ return &io->mdObject;
+}
diff --git a/security/nss/lib/ckfw/builtins/bsession.c b/security/nss/lib/ckfw/builtins/bsession.c
new file mode 100644
index 000000000..6828a49af
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/bsession.c
@@ -0,0 +1,71 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "builtins.h"
+
+/*
+ * builtins/session.c
+ *
+ * This file implements the NSSCKMDSession object for the
+ * "builtin objects" cryptoki module.
+ */
+
+static NSSCKMDFindObjects *
+builtins_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ return nss_builtins_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
+}
+
+NSS_IMPLEMENT NSSCKMDSession *
+nss_builtins_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+ NSSArena *arena;
+ NSSCKMDSession *rv;
+
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+ if ((NSSArena *)NULL == arena) {
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ /*
+ * rv was zeroed when allocated, so we only
+ * need to set the non-zero members.
+ */
+
+ rv->etc = (void *)fwSession;
+ /* rv->Close */
+ /* rv->GetDeviceError */
+ /* rv->Login */
+ /* rv->Logout */
+ /* rv->InitPIN */
+ /* rv->SetPIN */
+ /* rv->GetOperationStateLen */
+ /* rv->GetOperationState */
+ /* rv->SetOperationState */
+ /* rv->CreateObject */
+ /* rv->CopyObject */
+ rv->FindObjectsInit = builtins_mdSession_FindObjectsInit;
+ /* rv->SeedRandom */
+ /* rv->GetRandom */
+ /* rv->null */
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/builtins/bslot.c b/security/nss/lib/ckfw/builtins/bslot.c
new file mode 100644
index 000000000..f2ef1efb9
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/bslot.c
@@ -0,0 +1,81 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "builtins.h"
+
+/*
+ * builtins/slot.c
+ *
+ * This file implements the NSSCKMDSlot object for the
+ * "builtin objects" cryptoki module.
+ */
+
+static NSSUTF8 *
+builtins_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_SlotDescription;
+}
+
+static NSSUTF8 *
+builtins_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_ManufacturerID;
+}
+
+static CK_VERSION
+builtins_mdSlot_GetHardwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_builtins_HardwareVersion;
+}
+
+static CK_VERSION
+builtins_mdSlot_GetFirmwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_builtins_FirmwareVersion;
+}
+
+static NSSCKMDToken *
+builtins_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSCKMDToken *)&nss_builtins_mdToken;
+}
+
+const NSSCKMDSlot
+ nss_builtins_mdSlot = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Destroy */
+ builtins_mdSlot_GetSlotDescription,
+ builtins_mdSlot_GetManufacturerID,
+ NULL, /* GetTokenPresent -- defaults to true */
+ NULL, /* GetRemovableDevice -- defaults to false */
+ NULL, /* GetHardwareSlot -- defaults to false */
+ builtins_mdSlot_GetHardwareVersion,
+ builtins_mdSlot_GetFirmwareVersion,
+ builtins_mdSlot_GetToken,
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/builtins/btoken.c b/security/nss/lib/ckfw/builtins/btoken.c
new file mode 100644
index 000000000..ae1e1380b
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/btoken.c
@@ -0,0 +1,135 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "builtins.h"
+
+/*
+ * builtins/token.c
+ *
+ * This file implements the NSSCKMDToken object for the
+ * "builtin objects" cryptoki module.
+ */
+
+static NSSUTF8 *
+builtins_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_TokenLabel;
+}
+
+static NSSUTF8 *
+builtins_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_ManufacturerID;
+}
+
+static NSSUTF8 *
+builtins_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_TokenModel;
+}
+
+static NSSUTF8 *
+builtins_mdToken_GetSerialNumber(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_builtins_TokenSerialNumber;
+}
+
+static CK_BBOOL
+builtins_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_VERSION
+builtins_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_builtins_HardwareVersion;
+}
+
+static CK_VERSION
+builtins_mdToken_GetFirmwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_builtins_FirmwareVersion;
+}
+
+static NSSCKMDSession *
+builtins_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
+{
+ return nss_builtins_CreateSession(fwSession, pError);
+}
+
+const NSSCKMDToken
+ nss_builtins_mdToken = {
+ (void *)NULL, /* etc */
+ NULL, /* Setup */
+ NULL, /* Invalidate */
+ NULL, /* InitToken -- default errs */
+ builtins_mdToken_GetLabel,
+ builtins_mdToken_GetManufacturerID,
+ builtins_mdToken_GetModel,
+ builtins_mdToken_GetSerialNumber,
+ NULL, /* GetHasRNG -- default is false */
+ builtins_mdToken_GetIsWriteProtected,
+ NULL, /* GetLoginRequired -- default is false */
+ NULL, /* GetUserPinInitialized -- default is false */
+ NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
+ NULL, /* GetHasClockOnToken -- default is false */
+ NULL, /* GetHasProtectedAuthenticationPath -- default is false */
+ NULL, /* GetSupportsDualCryptoOperations -- default is false */
+ NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxPinLen -- irrelevant */
+ NULL, /* GetMinPinLen -- irrelevant */
+ NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ builtins_mdToken_GetHardwareVersion,
+ builtins_mdToken_GetFirmwareVersion,
+ NULL, /* GetUTCTime -- no clock */
+ builtins_mdToken_OpenSession,
+ NULL, /* GetMechanismCount -- default is zero */
+ NULL, /* GetMechanismTypes -- irrelevant */
+ NULL, /* GetMechanism -- irrelevant */
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/builtins/builtins.gyp b/security/nss/lib/ckfw/builtins/builtins.gyp
new file mode 100644
index 000000000..d85442585
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/builtins.gyp
@@ -0,0 +1,61 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nssckbi',
+ 'type': 'shared_library',
+ 'sources': [
+ 'anchor.c',
+ 'bfind.c',
+ 'binst.c',
+ 'bobject.c',
+ 'bsession.c',
+ 'bslot.c',
+ 'btoken.c',
+ 'ckbiver.c',
+ 'constants.c',
+ '<(INTERMEDIATE_DIR)/certdata.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ '<(DEPTH)/lib/ckfw/ckfw.gyp:nssckfw',
+ '<(DEPTH)/lib/base/base.gyp:nssb'
+ ],
+ 'actions': [
+ {
+ 'msvs_cygwin_shell': 0,
+ 'action': [
+ 'perl',
+ 'certdata.perl',
+ 'certdata.txt',
+ '<@(_outputs)',
+ ],
+ 'inputs': [
+ 'certdata.perl',
+ 'certdata.txt'
+ ],
+ 'outputs': [
+ '<(INTERMEDIATE_DIR)/certdata.c'
+ ],
+ 'action_name': 'generate_certdata_c'
+ }
+ ],
+ 'variables': {
+ 'mapfile': 'nssckbi.def'
+ }
+ }
+ ],
+ 'target_defaults': {
+ 'include_dirs': [
+ '.'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss',
+ }
+}
diff --git a/security/nss/lib/ckfw/builtins/builtins.h b/security/nss/lib/ckfw/builtins/builtins.h
new file mode 100644
index 000000000..a1693c29c
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/builtins.h
@@ -0,0 +1,66 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssckmdt.h"
+#include "nssckfw.h"
+
+/*
+ * I'm including this for access to the arena functions.
+ * Looks like we should publish that API.
+ */
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+/*
+ * This is where the Netscape extensions live, at least for now.
+ */
+#ifndef CKT_H
+#include "ckt.h"
+#endif /* CKT_H */
+
+struct builtinsInternalObjectStr {
+ CK_ULONG n;
+ const CK_ATTRIBUTE_TYPE *types;
+ const NSSItem *items;
+ NSSCKMDObject mdObject;
+};
+typedef struct builtinsInternalObjectStr builtinsInternalObject;
+
+extern builtinsInternalObject nss_builtins_data[];
+extern const PRUint32 nss_builtins_nObjects;
+
+extern const CK_VERSION nss_builtins_CryptokiVersion;
+extern const CK_VERSION nss_builtins_LibraryVersion;
+extern const CK_VERSION nss_builtins_HardwareVersion;
+extern const CK_VERSION nss_builtins_FirmwareVersion;
+
+extern const NSSUTF8 nss_builtins_ManufacturerID[];
+extern const NSSUTF8 nss_builtins_LibraryDescription[];
+extern const NSSUTF8 nss_builtins_SlotDescription[];
+extern const NSSUTF8 nss_builtins_TokenLabel[];
+extern const NSSUTF8 nss_builtins_TokenModel[];
+extern const NSSUTF8 nss_builtins_TokenSerialNumber[];
+
+extern const NSSCKMDInstance nss_builtins_mdInstance;
+extern const NSSCKMDSlot nss_builtins_mdSlot;
+extern const NSSCKMDToken nss_builtins_mdToken;
+
+NSS_EXTERN NSSCKMDSession *
+nss_builtins_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDFindObjects *
+nss_builtins_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDObject *
+nss_builtins_CreateMDObject(
+ NSSArena *arena,
+ builtinsInternalObject *io,
+ CK_RV *pError);
diff --git a/security/nss/lib/ckfw/builtins/certdata.perl b/security/nss/lib/ckfw/builtins/certdata.perl
new file mode 100644
index 000000000..502dfb0c5
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/certdata.perl
@@ -0,0 +1,192 @@
+#!perl -w
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+use strict;
+
+my %constants;
+my $count = 0;
+my $o;
+my @objects = ();
+my @objsize;
+
+$constants{CK_TRUE} = "static const CK_BBOOL ck_true = CK_TRUE;\n";
+$constants{CK_FALSE} = "static const CK_BBOOL ck_false = CK_FALSE;\n";
+
+if( scalar @ARGV == 0 ) {
+ print STDERR "Usage: $0 <input-file> [output-file]\n";
+ exit 1;
+}
+
+open(STDIN, '<', $ARGV[0])
+ or die "Could not open input file '$ARGV[0]' $!";
+if( scalar @ARGV > 1 ) {
+ open(STDOUT, '>', $ARGV[1])
+ or die "Could not open output file '$ARGV[1]' $!";
+}
+
+while(<>) {
+ my @fields = ();
+ my $size;
+
+ s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
+ next if (/^\s*$/);
+
+ # This was taken from the perl faq #4.
+ my $text = $_;
+ push(@fields, $+) while $text =~ m{
+ "([^\"\\]*(?:\\.[^\"\\]*)*)"\s? # groups the phrase inside the quotes
+ | ([^\s]+)\s?
+ | \s
+ }gx;
+ push(@fields, undef) if substr($text,-1,1) eq '\s';
+
+ if( $fields[0] =~ /BEGINDATA/ ) {
+ next;
+ }
+
+ if( $fields[1] =~ /MULTILINE/ ) {
+ $fields[2] = "";
+ while(<>) {
+ last if /END/;
+ chomp;
+ $fields[2] .= "\"$_\"\n";
+ }
+ }
+
+ if( $fields[1] =~ /UTF8/ ) {
+ if( $fields[2] =~ /^"/ ) {
+ ;
+ } else {
+ $fields[2] = "\"" . $fields[2] . "\"";
+ }
+
+ my $scratch = eval($fields[2]);
+
+ $size = length($scratch) + 1; # null terminate
+ }
+
+ if( $fields[1] =~ /OCTAL/ ) {
+ if( $fields[2] =~ /^"/ ) {
+ ;
+ } else {
+ $fields[2] = "\"" . $fields[2] . "\"";
+ }
+
+ my $scratch = $fields[2];
+ $size = $scratch =~ tr/\\//;
+ # no null termination
+ }
+
+ if( $fields[1] =~ /^CK_/ ) {
+ my $lcv = $fields[2];
+ $lcv =~ tr/A-Z/a-z/;
+ if( !defined($constants{$fields[2]}) ) {
+ $constants{$fields[2]} = "static const $fields[1] $lcv = $fields[2];\n";
+ }
+
+ $size = "sizeof($fields[1])";
+ $fields[2] = "&$lcv";
+ }
+
+ if( $fields[0] =~ /CKA_CLASS/ ) {
+ $count++;
+ $objsize[$count] = 0;
+ }
+
+ @{$objects[$count][$objsize[$count]++]} = ( "$fields[0]", $fields[2], "$size" );
+
+ # print "$fields[0] | $fields[1] | $size | $fields[2]\n";
+}
+
+doprint();
+
+sub dudump {
+my $i;
+for( $i = 1; $i <= $count; $i++ ) {
+ print "\n";
+ $o = $objects[$i];
+ my @ob = @{$o};
+ my $l;
+ my $j;
+ for( $j = 0; $j < @ob; $j++ ) {
+ $l = $ob[$j];
+ my @a = @{$l};
+ print "$a[0] ! $a[1] ! $a[2]\n";
+ }
+}
+
+}
+
+sub doprint {
+my $i;
+
+print <<EOD
+/* THIS IS A GENERATED FILE */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BUILTINS_H
+#include "builtins.h"
+#endif /* BUILTINS_H */
+
+EOD
+ ;
+
+foreach $b (sort values(%constants)) {
+ print $b;
+}
+
+for( $i = 1; $i <= $count; $i++ ) {
+ print "static const CK_ATTRIBUTE_TYPE nss_builtins_types_$i [] = {\n";
+ $o = $objects[$i];
+ my @ob = @{$o};
+ my $j;
+ for( $j = 0; $j < @ob; $j++ ) {
+ my $l = $ob[$j];
+ my @a = @{$l};
+ print " $a[0]";
+ if( $j+1 != @ob ) {
+ print ", ";
+ }
+ }
+ print "\n};\n";
+}
+
+for( $i = 1; $i <= $count; $i++ ) {
+ print "static const NSSItem nss_builtins_items_$i [] = {\n";
+ $o = $objects[$i];
+ my @ob = @{$o};
+ my $j;
+ for( $j = 0; $j < @ob; $j++ ) {
+ my $l = $ob[$j];
+ my @a = @{$l};
+ print " { (void *)$a[1], (PRUint32)$a[2] }";
+ if( $j+1 != @ob ) {
+ print ",\n";
+ } else {
+ print "\n";
+ }
+ }
+ print "};\n";
+}
+
+print "\nbuiltinsInternalObject\n";
+print "nss_builtins_data[] = {\n";
+
+for( $i = 1; $i <= $count; $i++ ) {
+ print " { $objsize[$i], nss_builtins_types_$i, nss_builtins_items_$i, {NULL} }";
+ if( $i == $count ) {
+ print "\n";
+ } else {
+ print ",\n";
+ }
+}
+
+print "};\n";
+
+print "const PRUint32\n";
+print "nss_builtins_nObjects = $count;\n";
+}
diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt
new file mode 100644
index 000000000..9018179d3
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/certdata.txt
@@ -0,0 +1,29506 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# certdata.txt
+#
+# This file contains the object definitions for the certs and other
+# information "built into" NSS.
+#
+# Object definitions:
+#
+# Certificates
+#
+# -- Attribute -- -- type -- -- value --
+# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+# CKA_TOKEN CK_BBOOL CK_TRUE
+# CKA_PRIVATE CK_BBOOL CK_FALSE
+# CKA_MODIFIABLE CK_BBOOL CK_FALSE
+# CKA_LABEL UTF8 (varies)
+# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+# CKA_SUBJECT DER+base64 (varies)
+# CKA_ID byte array (varies)
+# CKA_ISSUER DER+base64 (varies)
+# CKA_SERIAL_NUMBER DER+base64 (varies)
+# CKA_VALUE DER+base64 (varies)
+# CKA_NSS_EMAIL ASCII7 (unused here)
+#
+# Trust
+#
+# -- Attribute -- -- type -- -- value --
+# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST
+# CKA_TOKEN CK_BBOOL CK_TRUE
+# CKA_PRIVATE CK_BBOOL CK_FALSE
+# CKA_MODIFIABLE CK_BBOOL CK_FALSE
+# CKA_LABEL UTF8 (varies)
+# CKA_ISSUER DER+base64 (varies)
+# CKA_SERIAL_NUMBER DER+base64 (varies)
+# CKA_CERT_HASH binary+base64 (varies)
+# CKA_EXPIRES CK_DATE (not used here)
+# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)
+# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)
+# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)
+# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)
+# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)
+# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)
+# CKA_TRUST_CRL_SIGN CK_TRUST (varies)
+# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)
+# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)
+# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)
+# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)
+# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)
+# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)
+# CKA_TRUST_IPSEC_USER CK_TRUST (varies)
+# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)
+# CKA_TRUST_STEP_UP_APPROVED CK_BBOOL (varies)
+# (other trust attributes can be defined)
+#
+
+#
+# The object to tell NSS that this is a root list and we don't
+# have to go looking for others.
+#
+BEGINDATA
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_BUILTIN_ROOT_LIST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Mozilla Builtin Roots"
+
+# Distrust "Distrust a pb.com certificate that does not comply with the baseline requirements."
+# Issuer: OU=Equifax Secure Certificate Authority,O=Equifax,C=US
+# Serial Number: 1407252 (0x157914)
+# Subject: CN=*.pb.com,OU=Meters,O=Pitney Bowes,L=Danbury,ST=Connecticut,C=US
+# Not Valid Before: Mon Feb 01 14:54:04 2010
+# Not Valid After : Tue Sep 30 00:00:00 2014
+# Fingerprint (MD5): 8F:46:BE:99:47:6F:93:DC:5C:01:54:50:D0:4A:BD:AC
+# Fingerprint (SHA1): 30:F1:82:CA:1A:5E:4E:4F:F3:6E:D0:E6:38:18:B8:B9:41:CB:5F:8C
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Distrust a pb.com certificate that does not comply with the baseline requirements."
+CKA_ISSUER MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
+\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
+\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
+\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\025\171\024
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GlobalSign Root CA"
+#
+# Issuer: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
+# Serial Number:04:00:00:00:00:01:15:4b:5a:c3:94
+# Subject: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
+# Not Valid Before: Tue Sep 01 12:00:00 1998
+# Not Valid After : Fri Jan 28 12:00:00 2028
+# Fingerprint (MD5): 3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A
+# Fingerprint (SHA1): B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
+\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
+\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
+\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
+\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
+\156\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
+\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
+\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
+\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
+\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
+\156\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\025\113\132\303\224
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\004
+\000\000\000\000\001\025\113\132\303\224\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\060\127\061\013\060\011\006
+\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
+\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
+\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
+\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
+\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
+\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060
+\060\060\132\027\015\062\070\060\061\062\070\061\062\060\060\060
+\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102
+\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
+\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016
+\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033
+\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123
+\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231
+\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037
+\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034
+\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351
+\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215
+\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351
+\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351
+\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052
+\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365
+\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106
+\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351
+\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274
+\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011
+\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171
+\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052
+\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174
+\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000
+\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064
+\250\377\374\375\113\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\003\202\001\001\000\326\163\347\174\117\166\320
+\215\277\354\272\242\276\064\305\050\062\265\174\374\154\234\054
+\053\275\011\236\123\277\153\136\252\021\110\266\345\010\243\263
+\312\075\141\115\323\106\011\263\076\303\240\343\143\125\033\362
+\272\357\255\071\341\103\271\070\243\346\057\212\046\073\357\240
+\120\126\371\306\012\375\070\315\304\013\160\121\224\227\230\004
+\337\303\137\224\325\025\311\024\101\234\304\135\165\144\025\015
+\377\125\060\354\206\217\377\015\357\054\271\143\106\366\252\374
+\337\274\151\375\056\022\110\144\232\340\225\360\246\357\051\217
+\001\261\025\265\014\035\245\376\151\054\151\044\170\036\263\247
+\034\161\142\356\312\310\227\254\027\135\212\302\370\107\206\156
+\052\304\126\061\225\320\147\211\205\053\371\154\246\135\106\235
+\014\252\202\344\231\121\335\160\267\333\126\075\141\344\152\341
+\134\326\366\376\075\336\101\314\007\256\143\122\277\123\123\364
+\053\351\307\375\266\367\202\137\205\322\101\030\333\201\263\004
+\034\305\037\244\200\157\025\040\311\336\014\210\012\035\326\146
+\125\342\374\110\311\051\046\151\340
+END
+
+# Trust for Certificate "GlobalSign Root CA"
+# Issuer: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
+# Serial Number:04:00:00:00:00:01:15:4b:5a:c3:94
+# Subject: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
+# Not Valid Before: Tue Sep 01 12:00:00 1998
+# Not Valid After : Fri Jan 28 12:00:00 2028
+# Fingerprint (MD5): 3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A
+# Fingerprint (SHA1): B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\261\274\226\213\324\364\235\142\052\250\232\201\362\025\001\122
+\244\035\202\234
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\076\105\122\025\011\121\222\341\267\135\067\237\261\207\051\212
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
+\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
+\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
+\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
+\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
+\156\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\025\113\132\303\224
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GlobalSign Root CA - R2"
+#
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2
+# Serial Number:04:00:00:00:00:01:0f:86:26:e6:0d
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2
+# Not Valid Before: Fri Dec 15 08:00:00 2006
+# Not Valid After : Wed Dec 15 08:00:00 2021
+# Fingerprint (MD5): 94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30
+# Fingerprint (SHA1): 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign Root CA - R2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\062\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\062\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\017\206\046\346\015
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\272\060\202\002\242\240\003\002\001\002\002\013\004
+\000\000\000\000\001\017\206\046\346\015\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\060\114\061\040\060\036\006
+\003\125\004\013\023\027\107\154\157\142\141\154\123\151\147\156
+\040\122\157\157\164\040\103\101\040\055\040\122\062\061\023\060
+\021\006\003\125\004\012\023\012\107\154\157\142\141\154\123\151
+\147\156\061\023\060\021\006\003\125\004\003\023\012\107\154\157
+\142\141\154\123\151\147\156\060\036\027\015\060\066\061\062\061
+\065\060\070\060\060\060\060\132\027\015\062\061\061\062\061\065
+\060\070\060\060\060\060\132\060\114\061\040\060\036\006\003\125
+\004\013\023\027\107\154\157\142\141\154\123\151\147\156\040\122
+\157\157\164\040\103\101\040\055\040\122\062\061\023\060\021\006
+\003\125\004\012\023\012\107\154\157\142\141\154\123\151\147\156
+\061\023\060\021\006\003\125\004\003\023\012\107\154\157\142\141
+\154\123\151\147\156\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\246\317\044\016\276\056\157\050\231\105
+\102\304\253\076\041\124\233\013\323\177\204\160\372\022\263\313
+\277\207\137\306\177\206\323\262\060\134\326\375\255\361\173\334
+\345\370\140\226\011\222\020\365\320\123\336\373\173\176\163\210
+\254\122\210\173\112\246\312\111\246\136\250\247\214\132\021\274
+\172\202\353\276\214\351\263\254\226\045\007\227\112\231\052\007
+\057\264\036\167\277\212\017\265\002\174\033\226\270\305\271\072
+\054\274\326\022\271\353\131\175\342\320\006\206\137\136\111\152
+\265\071\136\210\064\354\274\170\014\010\230\204\154\250\315\113
+\264\240\175\014\171\115\360\270\055\313\041\312\325\154\133\175
+\341\240\051\204\241\371\323\224\111\313\044\142\221\040\274\335
+\013\325\331\314\371\352\047\012\053\163\221\306\235\033\254\310
+\313\350\340\240\364\057\220\213\115\373\260\066\033\366\031\172
+\205\340\155\362\141\023\210\134\237\340\223\012\121\227\212\132
+\316\257\253\325\367\252\011\252\140\275\334\331\137\337\162\251
+\140\023\136\000\001\311\112\372\077\244\352\007\003\041\002\216
+\202\312\003\302\233\217\002\003\001\000\001\243\201\234\060\201
+\231\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\035\006\003\125\035\016\004\026\004\024\233\342\007
+\127\147\034\036\300\152\006\336\131\264\232\055\337\334\031\206
+\056\060\066\006\003\125\035\037\004\057\060\055\060\053\240\051
+\240\047\206\045\150\164\164\160\072\057\057\143\162\154\056\147
+\154\157\142\141\154\163\151\147\156\056\156\145\164\057\162\157
+\157\164\055\162\062\056\143\162\154\060\037\006\003\125\035\043
+\004\030\060\026\200\024\233\342\007\127\147\034\036\300\152\006
+\336\131\264\232\055\337\334\031\206\056\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\231\201
+\123\207\034\150\227\206\221\354\340\112\270\104\013\253\201\254
+\047\117\326\301\270\034\103\170\263\014\232\374\352\054\074\156
+\141\033\115\113\051\365\237\005\035\046\301\270\351\203\000\142
+\105\266\251\010\223\271\251\063\113\030\232\302\370\207\210\116
+\333\335\161\064\032\301\124\332\106\077\340\323\052\253\155\124
+\042\365\072\142\315\040\157\272\051\211\327\335\221\356\323\134
+\242\076\241\133\101\365\337\345\144\103\055\351\325\071\253\322
+\242\337\267\213\320\300\200\031\034\105\300\055\214\350\370\055
+\244\164\126\111\305\005\265\117\025\336\156\104\170\071\207\250
+\176\273\363\171\030\221\273\364\157\235\301\360\214\065\214\135
+\001\373\303\155\271\357\104\155\171\106\061\176\012\376\251\202
+\301\377\357\253\156\040\304\120\311\137\235\115\233\027\214\014
+\345\001\311\240\101\152\163\123\372\245\120\264\156\045\017\373
+\114\030\364\375\122\331\216\151\261\350\021\017\336\210\330\373
+\035\111\367\252\336\225\317\040\170\302\140\022\333\045\100\214
+\152\374\176\102\070\100\144\022\367\236\201\341\223\056
+END
+
+# Trust for Certificate "GlobalSign Root CA - R2"
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2
+# Serial Number:04:00:00:00:00:01:0f:86:26:e6:0d
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2
+# Not Valid Before: Fri Dec 15 08:00:00 2006
+# Not Valid After : Wed Dec 15 08:00:00 2021
+# Fingerprint (MD5): 94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30
+# Fingerprint (SHA1): 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign Root CA - R2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\165\340\253\266\023\205\022\047\034\004\370\137\335\336\070\344
+\267\044\056\376
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\224\024\167\176\076\136\375\217\060\275\101\260\317\347\320\060
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\062\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\017\206\046\346\015
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
+#
+# Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:00:8b:5b:75:56:84:54:85:0b:00:cf:af:38:48:ce:b1:a4
+# Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Fri Oct 01 00:00:00 1999
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): B1:47:BC:18:57:D1:18:A0:78:2D:EC:71:E8:2A:95:73
+# Fingerprint (SHA1): 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110
+\316\261\244
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204
+\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052
+\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
+\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
+\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
+\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
+\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
+\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
+\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
+\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
+\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
+\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
+\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
+\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
+\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
+\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
+\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
+\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
+\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
+\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
+\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
+\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
+\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
+\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
+\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170
+\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046
+\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033
+\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016
+\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155
+\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116
+\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325
+\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312
+\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114
+\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333
+\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240
+\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170
+\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366
+\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264
+\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301
+\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153
+\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146
+\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132
+\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052
+\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262
+\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370
+\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201
+\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151
+\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367
+\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066
+\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361
+\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354
+\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216
+\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042
+\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170
+\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043
+\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243
+\113\336\006\226\161\054\362\333\266\037\244\357\077\356
+END
+
+# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
+# Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:00:8b:5b:75:56:84:54:85:0b:00:cf:af:38:48:ce:b1:a4
+# Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Fri Oct 01 00:00:00 1999
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): B1:47:BC:18:57:D1:18:A0:78:2D:EC:71:E8:2A:95:73
+# Fingerprint (SHA1): 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321
+\351\216\106\245
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110
+\316\261\244
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
+#
+# Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:61:70:cb:49:8c:5f:98:45:29:e7:b0:a6:d9:50:5b:7a
+# Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Fri Oct 01 00:00:00 1999
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): F8:BE:C4:63:22:C9:A8:46:74:8B:B8:1D:1E:4A:2B:F6
+# Fingerprint (SHA1): 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120
+\133\172
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137
+\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
+\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
+\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162
+\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167
+\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143
+\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054
+\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150
+\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061
+\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151
+\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151
+\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061
+\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062
+\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023
+\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061
+\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151
+\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
+\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156
+\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
+\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103
+\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040
+\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120
+\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055
+\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224
+\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364
+\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301
+\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316
+\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213
+\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040
+\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030
+\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040
+\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262
+\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150
+\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304
+\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366
+\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315
+\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106
+\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131
+\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304
+\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025
+\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336
+\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214
+\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363
+\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256
+\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337
+\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156
+\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224
+\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373
+\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276
+\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110
+\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153
+\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045
+\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317
+\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263
+\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125
+\311\130\020\371\252\357\132\266\317\113\113\337\052
+END
+
+# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
+# Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:61:70:cb:49:8c:5f:98:45:29:e7:b0:a6:d9:50:5b:7a
+# Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Fri Oct 01 00:00:00 1999
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): F8:BE:C4:63:22:C9:A8:46:74:8B:B8:1D:1E:4A:2B:F6
+# Fingerprint (SHA1): 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257
+\237\353\143\021
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120
+\133\172
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
+#
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:00:9b:7e:06:49:a3:3e:62:b9:d5:ee:90:48:71:29:ef:57
+# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Fri Oct 01 00:00:00 1999
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): CD:68:B6:A7:C7:C4:CE:75:E0:1D:4F:57:44:61:92:09
+# Fingerprint (SHA1): 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161
+\051\357\127
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243
+\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052
+\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
+\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
+\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
+\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
+\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
+\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
+\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
+\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
+\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
+\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
+\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
+\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
+\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
+\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
+\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
+\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
+\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
+\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
+\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
+\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
+\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
+\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
+\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033
+\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221
+\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166
+\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255
+\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130
+\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316
+\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256
+\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127
+\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211
+\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146
+\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302
+\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114
+\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311
+\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063
+\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123
+\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256
+\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024
+\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336
+\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177
+\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053
+\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036
+\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107
+\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317
+\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202
+\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112
+\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217
+\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151
+\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246
+\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156
+\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255
+\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126
+\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255
+\153\271\012\172\116\117\113\204\356\113\361\175\335\021
+END
+
+# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:00:9b:7e:06:49:a3:3e:62:b9:d5:ee:90:48:71:29:ef:57
+# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Fri Oct 01 00:00:00 1999
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): CD:68:B6:A7:C7:C4:CE:75:E0:1D:4F:57:44:61:92:09
+# Fingerprint (SHA1): 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166
+\140\233\134\306
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161
+\051\357\127
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Distrust "Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 1/3)"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:4c:00:36:1b:e5:08:2b:a9:aa:ce:74:0a:05:3e:fb:34
+# Subject: CN=Egypt Trust Class 3 Managed PKI Enterprise Administrator CA,OU=Terms of use at https://www.egypttrust.com/repository/rpa (c)08,OU=VeriSign Trust Network,O=Egypt Trust,C=EG
+# Not Valid Before: Sun May 18 00:00:00 2008
+# Not Valid After : Thu May 17 23:59:59 2018
+# Fingerprint (MD5): A7:91:05:96:B1:56:01:26:4E:BF:80:80:08:86:1B:4D
+# Fingerprint (SHA1): 6A:2C:5C:B0:94:D5:E0:B7:57:FB:0F:58:42:AA:C8:13:A5:80:2F:E1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 1/3)"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\114\000\066\033\345\010\053\251\252\316\164\012\005\076
+\373\064
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+
+# Distrust "Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 2/3)"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:3e:0c:9e:87:69:aa:95:5c:ea:23:d8:45:9e:d4:5b:51
+# Subject: CN=Egypt Trust Class 3 Managed PKI Operational Administrator CA,OU=Terms of use at https://www.egypttrust.com/repository/rpa (c)08,OU=VeriSign Trust Network,O=Egypt Trust,C=EG
+# Not Valid Before: Sun May 18 00:00:00 2008
+# Not Valid After : Thu May 17 23:59:59 2018
+# Fingerprint (MD5): D0:C3:71:17:3E:39:80:C6:50:4F:04:22:DF:40:E1:34
+# Fingerprint (SHA1): 9C:65:5E:D5:FA:E3:B8:96:4D:89:72:F6:3A:63:53:59:3F:5E:B4:4E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 2/3)"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\076\014\236\207\151\252\225\134\352\043\330\105\236\324
+\133\121
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Distrust "Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 3/3)"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:12:bd:26:a2:ae:33:c0:7f:24:7b:6a:58:69:f2:0a:76
+# Subject: CN=Egypt Trust Class 3 Managed PKI SCO Administrator CA,OU=Terms of use at https://www.egypttrust.com/repository/rpa (c)08,OU=VeriSign Trust Network,O=Egypt Trust,C=EG
+# Not Valid Before: Sun May 18 00:00:00 2008
+# Not Valid After : Thu May 17 23:59:59 2018
+# Fingerprint (MD5): C2:13:5E:B2:67:8A:5C:F7:91:EF:8F:29:0F:9B:77:6E
+# Fingerprint (SHA1): 83:23:F1:4F:BC:9F:9B:80:B7:9D:ED:14:CD:01:57:CD:FB:08:95:D2
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 3/3)"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\022\275\046\242\256\063\300\177\044\173\152\130\151\362
+\012\166
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Entrust.net Premium 2048 Secure Server CA"
+#
+# Issuer: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
+# Serial Number: 946069240 (0x3863def8)
+# Subject: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
+# Not Valid Before: Fri Dec 24 17:50:51 1999
+# Not Valid After : Tue Jul 24 14:15:12 2029
+# Fingerprint (MD5): EE:29:31:BC:32:7E:9A:E6:E8:B5:F7:51:B4:34:71:90
+# Fingerprint (SHA1): 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\070\143\336\370
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\052\060\202\003\022\240\003\002\001\002\002\004\070
+\143\336\370\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
+\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
+\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
+\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151
+\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
+\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
+\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071
+\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
+\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
+\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061
+\062\062\064\061\067\065\060\065\061\132\027\015\062\071\060\067
+\062\064\061\064\061\065\061\062\132\060\201\264\061\024\060\022
+\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
+\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
+\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123
+\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171
+\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
+\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
+\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056
+\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
+\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
+\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051
+\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
+\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052
+\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100
+\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223
+\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036
+\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245
+\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167
+\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227
+\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211
+\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140
+\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123
+\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316
+\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337
+\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077
+\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220
+\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016
+\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007
+\341\002\003\001\000\001\243\102\060\100\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125
+\035\016\004\026\004\024\125\344\201\321\021\200\276\330\211\271
+\010\243\061\371\241\044\011\026\271\160\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\073\233
+\217\126\233\060\347\123\231\174\172\171\247\115\227\327\031\225
+\220\373\006\037\312\063\174\106\143\217\226\146\044\372\100\033
+\041\047\312\346\162\163\362\117\376\061\231\375\310\014\114\150
+\123\306\200\202\023\230\372\266\255\332\135\075\361\316\156\366
+\025\021\224\202\014\356\077\225\257\021\253\017\327\057\336\037
+\003\217\127\054\036\311\273\232\032\104\225\353\030\117\246\037
+\315\175\127\020\057\233\004\011\132\204\265\156\330\035\072\341
+\326\236\321\154\171\136\171\034\024\305\343\320\114\223\073\145
+\074\355\337\075\276\246\345\225\032\303\265\031\303\275\136\133
+\273\377\043\357\150\031\313\022\223\047\134\003\055\157\060\320
+\036\266\032\254\336\132\367\321\252\250\047\246\376\171\201\304
+\171\231\063\127\272\022\260\251\340\102\154\223\312\126\336\376
+\155\204\013\010\213\176\215\352\327\230\041\306\363\347\074\171
+\057\136\234\321\114\025\215\341\354\042\067\314\232\103\013\227
+\334\200\220\215\263\147\233\157\110\010\025\126\317\277\361\053
+\174\136\232\166\351\131\220\305\174\203\065\021\145\121
+END
+
+# Trust for "Entrust.net Premium 2048 Secure Server CA"
+# Issuer: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
+# Serial Number: 946069240 (0x3863def8)
+# Subject: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
+# Not Valid Before: Fri Dec 24 17:50:51 1999
+# Not Valid After : Tue Jul 24 14:15:12 2029
+# Fingerprint (MD5): EE:29:31:BC:32:7E:9A:E6:E8:B5:F7:51:B4:34:71:90
+# Fingerprint (SHA1): 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\120\060\006\011\035\227\324\365\256\071\367\313\347\222\175\175
+\145\055\064\061
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\356\051\061\274\062\176\232\346\350\265\367\121\264\064\161\220
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\070\143\336\370
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Baltimore CyberTrust Root"
+#
+# Issuer: CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE
+# Serial Number: 33554617 (0x20000b9)
+# Subject: CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE
+# Not Valid Before: Fri May 12 18:46:00 2000
+# Not Valid After : Mon May 12 23:59:00 2025
+# Fingerprint (MD5): AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
+# Fingerprint (SHA1): D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Baltimore CyberTrust Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
+\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
+\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
+\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
+\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
+\145\162\124\162\165\163\164\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
+\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
+\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
+\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
+\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
+\145\162\124\162\165\163\164\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\002\000\000\271
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002
+\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111
+\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
+\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
+\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003
+\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103
+\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036
+\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027
+\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132
+\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060
+\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162
+\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145
+\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023
+\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162
+\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253
+\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200
+\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005
+\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353
+\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271
+\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055
+\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212
+\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033
+\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172
+\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256
+\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230
+\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353
+\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162
+\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077
+\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072
+\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236
+\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001
+\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345
+\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265
+\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060
+\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001
+\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344
+\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144
+\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166
+\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141
+\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215
+\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061
+\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377
+\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300
+\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364
+\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174
+\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275
+\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163
+\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021
+\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017
+\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322
+\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374
+\347\201\035\031\303\044\102\352\143\071\251
+END
+
+# Trust for Certificate "Baltimore CyberTrust Root"
+# Issuer: CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE
+# Serial Number: 33554617 (0x20000b9)
+# Subject: CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE
+# Not Valid Before: Fri May 12 18:46:00 2000
+# Not Valid After : Mon May 12 23:59:00 2025
+# Fingerprint (MD5): AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
+# Fingerprint (SHA1): D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Baltimore CyberTrust Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050
+\122\312\344\164
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
+\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
+\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
+\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
+\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
+\145\162\124\162\165\163\164\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\002\000\000\271
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AddTrust Low-Value Services Root"
+#
+# Issuer: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:38:31 2000
+# Not Valid After : Sat May 30 10:38:31 2020
+# Fingerprint (MD5): 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC
+# Fingerprint (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust Low-Value Services Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
+\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
+\103\101\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
+\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
+\103\101\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
+\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
+\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
+\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
+\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144
+\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103
+\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060
+\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061
+\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004
+\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013
+\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006
+\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124
+\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003
+\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154
+\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226
+\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043
+\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245
+\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003
+\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126
+\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247
+\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242
+\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215
+\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245
+\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373
+\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274
+\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041
+\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232
+\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233
+\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302
+\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061
+\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003
+\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016
+\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011
+\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201
+\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321
+\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145
+\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060
+\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164
+\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144
+\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157
+\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144
+\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101
+\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033
+\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227
+\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105
+\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036
+\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063
+\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043
+\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036
+\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030
+\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256
+\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123
+\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145
+\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030
+\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173
+\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200
+\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317
+\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344
+\065\341\035\026\034\320\274\053\216\326\161\331
+END
+
+# Trust for Certificate "AddTrust Low-Value Services Root"
+# Issuer: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:38:31 2000
+# Not Valid After : Sat May 30 10:38:31 2020
+# Fingerprint (MD5): 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC
+# Fingerprint (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust Low-Value Services Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353
+\044\343\224\235
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
+\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
+\103\101\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AddTrust External Root"
+#
+# Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:48:38 2000
+# Not Valid After : Sat May 30 10:48:38 2020
+# Fingerprint (MD5): 1D:35:54:04:85:78:B0:3F:42:42:4D:BF:20:73:0A:3F
+# Fingerprint (SHA1): 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust External Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
+\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
+\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
+\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
+\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
+\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
+\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
+\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
+\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
+\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
+\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
+\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
+\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101
+\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154
+\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040
+\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040
+\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164
+\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070
+\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132
+\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
+\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
+\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
+\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
+\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
+\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355
+\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244
+\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345
+\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375
+\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117
+\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232
+\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327
+\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023
+\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117
+\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327
+\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171
+\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070
+\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315
+\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043
+\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053
+\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064
+\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006
+\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367
+\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003
+\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125
+\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264
+\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163
+\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123
+\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
+\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013
+\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162
+\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061
+\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165
+\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122
+\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302
+\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331
+\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107
+\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245
+\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065
+\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071
+\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044
+\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030
+\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302
+\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152
+\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247
+\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027
+\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236
+\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163
+\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132
+\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202
+\027\132\173\320\274\307\217\116\206\004
+END
+
+# Trust for Certificate "AddTrust External Root"
+# Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:48:38 2000
+# Not Valid After : Sat May 30 10:48:38 2020
+# Fingerprint (MD5): 1D:35:54:04:85:78:B0:3F:42:42:4D:BF:20:73:0A:3F
+# Fingerprint (SHA1): 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust External Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133
+\150\205\030\150
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
+\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
+\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
+\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
+\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
+\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AddTrust Public Services Root"
+#
+# Issuer: CN=AddTrust Public CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust Public CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:41:50 2000
+# Not Valid After : Sat May 30 10:41:50 2020
+# Fingerprint (MD5): C1:62:3E:23:C5:82:73:9C:03:59:4B:2B:E9:77:49:7F
+# Fingerprint (SHA1): 2A:B6:28:48:5E:78:FB:F3:AD:9E:79:10:DD:6B:DF:99:72:2C:96:E5
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust Public Services Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
+\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
+\101\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
+\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
+\101\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
+\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
+\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
+\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
+\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144
+\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101
+\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061
+\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060
+\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006
+\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101
+\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003
+\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124
+\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125
+\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142
+\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217
+\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151
+\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125
+\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362
+\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305
+\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327
+\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167
+\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325
+\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317
+\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121
+\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136
+\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207
+\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263
+\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320
+\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105
+\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353
+\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000
+\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026
+\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252
+\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003
+\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060
+\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253
+\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013
+\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006
+\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101
+\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124
+\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153
+\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162
+\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157
+\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332
+\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272
+\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332
+\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262
+\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277
+\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175
+\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132
+\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050
+\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307
+\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146
+\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341
+\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266
+\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120
+\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046
+\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035
+\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362
+\116\072\063\014\053\263\055\220\006
+END
+
+# Trust for Certificate "AddTrust Public Services Root"
+# Issuer: CN=AddTrust Public CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust Public CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:41:50 2000
+# Not Valid After : Sat May 30 10:41:50 2020
+# Fingerprint (MD5): C1:62:3E:23:C5:82:73:9C:03:59:4B:2B:E9:77:49:7F
+# Fingerprint (SHA1): 2A:B6:28:48:5E:78:FB:F3:AD:9E:79:10:DD:6B:DF:99:72:2C:96:E5
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust Public Services Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231
+\162\054\226\345
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
+\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
+\101\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AddTrust Qualified Certificates Root"
+#
+# Issuer: CN=AddTrust Qualified CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust Qualified CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:44:50 2000
+# Not Valid After : Sat May 30 10:44:50 2020
+# Fingerprint (MD5): 27:EC:39:47:CD:DA:5A:AF:E2:9A:01:65:21:A9:4C:BB
+# Fingerprint (SHA1): 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
+\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
+\144\040\103\101\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
+\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
+\144\040\103\101\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
+\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
+\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
+\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
+\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144
+\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144
+\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065
+\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063
+\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003
+\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012
+\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060
+\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164
+\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041
+\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040
+\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157
+\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137
+\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052
+\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322
+\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022
+\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106
+\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050
+\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052
+\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042
+\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076
+\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255
+\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024
+\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370
+\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341
+\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065
+\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113
+\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145
+\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006
+\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324
+\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003
+\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125
+\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134
+\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153
+\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123
+\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
+\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013
+\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116
+\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023
+\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146
+\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015
+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001
+\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357
+\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125
+\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263
+\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146
+\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043
+\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152
+\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227
+\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311
+\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262
+\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267
+\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056
+\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033
+\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130
+\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335
+\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336
+\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350
+\306\241
+END
+
+# Trust for Certificate "AddTrust Qualified Certificates Root"
+# Issuer: CN=AddTrust Qualified CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Serial Number: 1 (0x1)
+# Subject: CN=AddTrust Qualified CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
+# Not Valid Before: Tue May 30 10:44:50 2000
+# Not Valid After : Sat May 30 10:44:50 2020
+# Fingerprint (MD5): 27:EC:39:47:CD:DA:5A:AF:E2:9A:01:65:21:A9:4C:BB
+# Fingerprint (SHA1): 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036
+\305\115\213\317
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
+\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
+\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
+\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
+\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
+\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
+\144\040\103\101\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Entrust Root Certification Authority"
+#
+# Issuer: CN=Entrust Root Certification Authority,OU="(c) 2006 Entrust, Inc.",OU=www.entrust.net/CPS is incorporated by reference,O="Entrust, Inc.",C=US
+# Serial Number: 1164660820 (0x456b5054)
+# Subject: CN=Entrust Root Certification Authority,OU="(c) 2006 Entrust, Inc.",OU=www.entrust.net/CPS is incorporated by reference,O="Entrust, Inc.",C=US
+# Not Valid Before: Mon Nov 27 20:23:42 2006
+# Not Valid After : Fri Nov 27 20:53:42 2026
+# Fingerprint (MD5): D6:A5:C3:ED:5D:DD:3E:00:C1:3D:87:92:1F:1D:3F:E4
+# Fingerprint (SHA1): B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust Root Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\260\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\167\167\167\056\145\156\164\162\165\163\164\056\156
+\145\164\057\103\120\123\040\151\163\040\151\156\143\157\162\160
+\157\162\141\164\145\144\040\142\171\040\162\145\146\145\162\145
+\156\143\145\061\037\060\035\006\003\125\004\013\023\026\050\143
+\051\040\062\060\060\066\040\105\156\164\162\165\163\164\054\040
+\111\156\143\056\061\055\060\053\006\003\125\004\003\023\044\105
+\156\164\162\165\163\164\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\260\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\167\167\167\056\145\156\164\162\165\163\164\056\156
+\145\164\057\103\120\123\040\151\163\040\151\156\143\157\162\160
+\157\162\141\164\145\144\040\142\171\040\162\145\146\145\162\145
+\156\143\145\061\037\060\035\006\003\125\004\013\023\026\050\143
+\051\040\062\060\060\066\040\105\156\164\162\165\163\164\054\040
+\111\156\143\056\061\055\060\053\006\003\125\004\003\023\044\105
+\156\164\162\165\163\164\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\105\153\120\124
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\221\060\202\003\171\240\003\002\001\002\002\004\105
+\153\120\124\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\201\260\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\026\060\024\006\003\125\004\012\023\015\105\156\164
+\162\165\163\164\054\040\111\156\143\056\061\071\060\067\006\003
+\125\004\013\023\060\167\167\167\056\145\156\164\162\165\163\164
+\056\156\145\164\057\103\120\123\040\151\163\040\151\156\143\157
+\162\160\157\162\141\164\145\144\040\142\171\040\162\145\146\145
+\162\145\156\143\145\061\037\060\035\006\003\125\004\013\023\026
+\050\143\051\040\062\060\060\066\040\105\156\164\162\165\163\164
+\054\040\111\156\143\056\061\055\060\053\006\003\125\004\003\023
+\044\105\156\164\162\165\163\164\040\122\157\157\164\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171\060\036\027\015\060\066\061\061\062\067\062
+\060\062\063\064\062\132\027\015\062\066\061\061\062\067\062\060
+\065\063\064\062\132\060\201\260\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015
+\105\156\164\162\165\163\164\054\040\111\156\143\056\061\071\060
+\067\006\003\125\004\013\023\060\167\167\167\056\145\156\164\162
+\165\163\164\056\156\145\164\057\103\120\123\040\151\163\040\151
+\156\143\157\162\160\157\162\141\164\145\144\040\142\171\040\162
+\145\146\145\162\145\156\143\145\061\037\060\035\006\003\125\004
+\013\023\026\050\143\051\040\062\060\060\066\040\105\156\164\162
+\165\163\164\054\040\111\156\143\056\061\055\060\053\006\003\125
+\004\003\023\044\105\156\164\162\165\163\164\040\122\157\157\164
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\266\225\266\103\102\372\306
+\155\052\157\110\337\224\114\071\127\005\356\303\171\021\101\150
+\066\355\354\376\232\001\217\241\070\050\374\367\020\106\146\056
+\115\036\032\261\032\116\306\321\300\225\210\260\311\377\061\213
+\063\003\333\267\203\173\076\040\204\136\355\262\126\050\247\370
+\340\271\100\161\067\305\313\107\016\227\052\150\300\042\225\142
+\025\333\107\331\365\320\053\377\202\113\311\255\076\336\114\333
+\220\200\120\077\011\212\204\000\354\060\012\075\030\315\373\375
+\052\131\232\043\225\027\054\105\236\037\156\103\171\155\014\134
+\230\376\110\247\305\043\107\134\136\375\156\347\036\264\366\150
+\105\321\206\203\133\242\212\215\261\343\051\200\376\045\161\210
+\255\276\274\217\254\122\226\113\252\121\215\344\023\061\031\350
+\116\115\237\333\254\263\152\325\274\071\124\161\312\172\172\177
+\220\335\175\035\200\331\201\273\131\046\302\021\376\346\223\342
+\367\200\344\145\373\064\067\016\051\200\160\115\257\070\206\056
+\236\177\127\257\236\027\256\353\034\313\050\041\137\266\034\330
+\347\242\004\042\371\323\332\330\313\002\003\001\000\001\243\201
+\260\060\201\255\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\053\006\003\125\035\020\004\044\060\042
+\200\017\062\060\060\066\061\061\062\067\062\060\062\063\064\062
+\132\201\017\062\060\062\066\061\061\062\067\062\060\065\063\064
+\062\132\060\037\006\003\125\035\043\004\030\060\026\200\024\150
+\220\344\147\244\246\123\200\307\206\146\244\361\367\113\103\373
+\204\275\155\060\035\006\003\125\035\016\004\026\004\024\150\220
+\344\147\244\246\123\200\307\206\146\244\361\367\113\103\373\204
+\275\155\060\035\006\011\052\206\110\206\366\175\007\101\000\004
+\020\060\016\033\010\126\067\056\061\072\064\056\060\003\002\004
+\220\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\003\202\001\001\000\223\324\060\260\327\003\040\052\320\371\143
+\350\221\014\005\040\251\137\031\312\173\162\116\324\261\333\320
+\226\373\124\132\031\054\014\010\367\262\274\205\250\235\177\155
+\073\122\263\052\333\347\324\204\214\143\366\017\313\046\001\221
+\120\154\364\137\024\342\223\164\300\023\236\060\072\120\343\264
+\140\305\034\360\042\104\215\161\107\254\310\032\311\351\233\232
+\000\140\023\377\160\176\137\021\115\111\033\263\025\122\173\311
+\124\332\277\235\225\257\153\232\330\236\351\361\344\103\215\342
+\021\104\072\277\257\275\203\102\163\122\213\252\273\247\051\317
+\365\144\034\012\115\321\274\252\254\237\052\320\377\177\177\332
+\175\352\261\355\060\045\301\204\332\064\322\133\170\203\126\354
+\234\066\303\046\342\021\366\147\111\035\222\253\214\373\353\377
+\172\356\205\112\247\120\200\360\247\134\112\224\056\137\005\231
+\074\122\101\340\315\264\143\317\001\103\272\234\203\334\217\140
+\073\363\132\264\264\173\256\332\013\220\070\165\357\201\035\146
+\322\367\127\160\066\263\277\374\050\257\161\045\205\133\023\376
+\036\177\132\264\074
+END
+
+# Trust for Certificate "Entrust Root Certification Authority"
+# Issuer: CN=Entrust Root Certification Authority,OU="(c) 2006 Entrust, Inc.",OU=www.entrust.net/CPS is incorporated by reference,O="Entrust, Inc.",C=US
+# Serial Number: 1164660820 (0x456b5054)
+# Subject: CN=Entrust Root Certification Authority,OU="(c) 2006 Entrust, Inc.",OU=www.entrust.net/CPS is incorporated by reference,O="Entrust, Inc.",C=US
+# Not Valid Before: Mon Nov 27 20:23:42 2006
+# Not Valid After : Fri Nov 27 20:53:42 2026
+# Fingerprint (MD5): D6:A5:C3:ED:5D:DD:3E:00:C1:3D:87:92:1F:1D:3F:E4
+# Fingerprint (SHA1): B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust Root Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\263\036\261\267\100\343\154\204\002\332\334\067\324\115\365\324
+\147\111\122\371
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\326\245\303\355\135\335\076\000\301\075\207\222\037\035\077\344
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\260\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\167\167\167\056\145\156\164\162\165\163\164\056\156
+\145\164\057\103\120\123\040\151\163\040\151\156\143\157\162\160
+\157\162\141\164\145\144\040\142\171\040\162\145\146\145\162\145
+\156\143\145\061\037\060\035\006\003\125\004\013\023\026\050\143
+\051\040\062\060\060\066\040\105\156\164\162\165\163\164\054\040
+\111\156\143\056\061\055\060\053\006\003\125\004\003\023\044\105
+\156\164\162\165\163\164\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\105\153\120\124
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Global CA"
+#
+# Issuer: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US
+# Serial Number: 144470 (0x23456)
+# Subject: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US
+# Not Valid Before: Tue May 21 04:00:00 2002
+# Not Valid After : Sat May 21 04:00:00 2022
+# Fingerprint (MD5): F7:75:AB:29:FB:51:4E:B7:77:5E:FF:05:3C:99:8E:F5
+# Fingerprint (SHA1): DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Global CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
+\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
+\154\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
+\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
+\154\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\002\064\126
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\124\060\202\002\074\240\003\002\001\002\002\003\002
+\064\126\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004
+\003\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142
+\141\154\040\103\101\060\036\027\015\060\062\060\065\062\061\060
+\064\060\060\060\060\132\027\015\062\062\060\065\062\061\060\064
+\060\060\060\060\132\060\102\061\013\060\011\006\003\125\004\006
+\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015\107
+\145\157\124\162\165\163\164\040\111\156\143\056\061\033\060\031
+\006\003\125\004\003\023\022\107\145\157\124\162\165\163\164\040
+\107\154\157\142\141\154\040\103\101\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\332\314\030\143\060\375
+\364\027\043\032\126\176\133\337\074\154\070\344\161\267\170\221
+\324\274\241\330\114\370\250\103\266\003\351\115\041\007\010\210
+\332\130\057\146\071\051\275\005\170\213\235\070\350\005\267\152
+\176\161\244\346\304\140\246\260\357\200\344\211\050\017\236\045
+\326\355\203\363\255\246\221\307\230\311\102\030\065\024\235\255
+\230\106\222\056\117\312\361\207\103\301\026\225\127\055\120\357
+\211\055\200\172\127\255\362\356\137\153\322\000\215\271\024\370
+\024\025\065\331\300\106\243\173\162\310\221\277\311\125\053\315
+\320\227\076\234\046\144\314\337\316\203\031\161\312\116\346\324
+\325\173\251\031\315\125\336\310\354\322\136\070\123\345\134\117
+\214\055\376\120\043\066\374\146\346\313\216\244\071\031\000\267
+\225\002\071\221\013\016\376\070\056\321\035\005\232\366\115\076
+\157\017\007\035\257\054\036\217\140\071\342\372\066\123\023\071
+\324\136\046\053\333\075\250\024\275\062\353\030\003\050\122\004
+\161\345\253\063\075\341\070\273\007\066\204\142\234\171\352\026
+\060\364\137\300\053\350\161\153\344\371\002\003\001\000\001\243
+\123\060\121\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\300
+\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145\270
+\312\314\116\060\037\006\003\125\035\043\004\030\060\026\200\024
+\300\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145
+\270\312\314\116\060\015\006\011\052\206\110\206\367\015\001\001
+\005\005\000\003\202\001\001\000\065\343\051\152\345\057\135\124
+\216\051\120\224\237\231\032\024\344\217\170\052\142\224\242\047
+\147\236\320\317\032\136\107\351\301\262\244\317\335\101\032\005
+\116\233\113\356\112\157\125\122\263\044\241\067\012\353\144\166
+\052\056\054\363\375\073\165\220\277\372\161\330\307\075\067\322
+\265\005\225\142\271\246\336\211\075\066\173\070\167\110\227\254
+\246\040\217\056\246\311\014\302\262\231\105\000\307\316\021\121
+\042\042\340\245\352\266\025\110\011\144\352\136\117\164\367\005
+\076\307\212\122\014\333\025\264\275\155\233\345\306\261\124\150
+\251\343\151\220\266\232\245\017\270\271\077\040\175\256\112\265
+\270\234\344\035\266\253\346\224\245\301\307\203\255\333\365\047
+\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002
+\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115
+\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325
+\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013
+\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355
+\302\005\146\200\241\313\346\063
+END
+
+# Trust for Certificate "GeoTrust Global CA"
+# Issuer: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US
+# Serial Number: 144470 (0x23456)
+# Subject: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US
+# Not Valid Before: Tue May 21 04:00:00 2002
+# Not Valid After : Sat May 21 04:00:00 2022
+# Fingerprint (MD5): F7:75:AB:29:FB:51:4E:B7:77:5E:FF:05:3C:99:8E:F5
+# Fingerprint (SHA1): DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Global CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\336\050\364\244\377\345\271\057\243\305\003\321\243\111\247\371
+\226\052\202\022
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\367\165\253\051\373\121\116\267\167\136\377\005\074\231\216\365
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
+\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
+\154\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\002\064\126
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Global CA 2"
+#
+# Issuer: CN=GeoTrust Global CA 2,O=GeoTrust Inc.,C=US
+# Serial Number: 1 (0x1)
+# Subject: CN=GeoTrust Global CA 2,O=GeoTrust Inc.,C=US
+# Not Valid Before: Thu Mar 04 05:00:00 2004
+# Not Valid After : Mon Mar 04 05:00:00 2019
+# Fingerprint (MD5): 0E:40:A7:6C:DE:03:5D:8F:D1:0F:E4:D1:8D:F9:6C:A9
+# Fingerprint (SHA1): A9:E9:78:08:14:37:58:88:F2:05:19:B0:6D:2B:0D:2B:60:16:90:7D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Global CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\035\060\033\006\003\125\004\003
+\023\024\107\145\157\124\162\165\163\164\040\107\154\157\142\141
+\154\040\103\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\035\060\033\006\003\125\004\003
+\023\024\107\145\157\124\162\165\163\164\040\107\154\157\142\141
+\154\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\146\060\202\002\116\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061\026
+\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165\163
+\164\040\111\156\143\056\061\035\060\033\006\003\125\004\003\023
+\024\107\145\157\124\162\165\163\164\040\107\154\157\142\141\154
+\040\103\101\040\062\060\036\027\015\060\064\060\063\060\064\060
+\065\060\060\060\060\132\027\015\061\071\060\063\060\064\060\065
+\060\060\060\060\132\060\104\061\013\060\011\006\003\125\004\006
+\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015\107
+\145\157\124\162\165\163\164\040\111\156\143\056\061\035\060\033
+\006\003\125\004\003\023\024\107\145\157\124\162\165\163\164\040
+\107\154\157\142\141\154\040\103\101\040\062\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\357\074\115\100
+\075\020\337\073\123\000\341\147\376\224\140\025\076\205\210\361
+\211\015\220\310\050\043\231\005\350\053\040\235\306\363\140\106
+\330\301\262\325\214\061\331\334\040\171\044\201\277\065\062\374
+\143\151\333\261\052\153\356\041\130\362\010\351\170\313\157\313
+\374\026\122\310\221\304\377\075\163\336\261\076\247\302\175\146
+\301\365\176\122\044\032\342\325\147\221\320\202\020\327\170\113
+\117\053\102\071\275\144\055\100\240\260\020\323\070\110\106\210
+\241\014\273\072\063\052\142\230\373\000\235\023\131\177\157\073
+\162\252\356\246\017\206\371\005\141\352\147\177\014\067\226\213
+\346\151\026\107\021\302\047\131\003\263\246\140\302\041\100\126
+\372\240\307\175\072\023\343\354\127\307\263\326\256\235\211\200
+\367\001\347\054\366\226\053\023\015\171\054\331\300\344\206\173
+\113\214\014\162\202\212\373\027\315\000\154\072\023\074\260\204
+\207\113\026\172\051\262\117\333\035\324\013\363\146\067\275\330
+\366\127\273\136\044\172\270\074\213\271\372\222\032\032\204\236
+\330\164\217\252\033\177\136\364\376\105\042\041\002\003\001\000
+\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\161\070\066\362\002\061\123\107\053\156\272\145\106\251\020
+\025\130\040\005\011\060\037\006\003\125\035\043\004\030\060\026
+\200\024\161\070\066\362\002\061\123\107\053\156\272\145\106\251
+\020\025\130\040\005\011\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\001\001\000\003\367\265\053\253\135
+\020\374\173\262\262\136\254\233\016\176\123\170\131\076\102\004
+\376\165\243\255\254\201\116\327\002\213\136\304\055\310\122\166
+\307\054\037\374\201\062\230\321\113\306\222\223\063\065\061\057
+\374\330\035\104\335\340\201\177\235\351\213\341\144\221\142\013
+\071\010\214\254\164\235\131\331\172\131\122\227\021\271\026\173
+\157\105\323\226\331\061\175\002\066\017\234\073\156\317\054\015
+\003\106\105\353\240\364\177\110\104\306\010\100\314\336\033\160
+\265\051\255\272\213\073\064\145\165\033\161\041\035\054\024\012
+\260\226\225\270\326\352\362\145\373\051\272\117\352\221\223\164
+\151\266\362\377\341\032\320\014\321\166\205\313\212\045\275\227
+\136\054\157\025\231\046\347\266\051\377\042\354\311\002\307\126
+\000\315\111\271\263\154\173\123\004\032\342\250\311\252\022\005
+\043\302\316\347\273\004\002\314\300\107\242\344\304\051\057\133
+\105\127\211\121\356\074\353\122\010\377\007\065\036\237\065\152
+\107\112\126\230\321\132\205\037\214\365\042\277\253\316\203\363
+\342\042\051\256\175\203\100\250\272\154
+END
+
+# Trust for Certificate "GeoTrust Global CA 2"
+# Issuer: CN=GeoTrust Global CA 2,O=GeoTrust Inc.,C=US
+# Serial Number: 1 (0x1)
+# Subject: CN=GeoTrust Global CA 2,O=GeoTrust Inc.,C=US
+# Not Valid Before: Thu Mar 04 05:00:00 2004
+# Not Valid After : Mon Mar 04 05:00:00 2019
+# Fingerprint (MD5): 0E:40:A7:6C:DE:03:5D:8F:D1:0F:E4:D1:8D:F9:6C:A9
+# Fingerprint (SHA1): A9:E9:78:08:14:37:58:88:F2:05:19:B0:6D:2B:0D:2B:60:16:90:7D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Global CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\251\351\170\010\024\067\130\210\362\005\031\260\155\053\015\053
+\140\026\220\175
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\016\100\247\154\336\003\135\217\321\017\344\321\215\371\154\251
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\035\060\033\006\003\125\004\003
+\023\024\107\145\157\124\162\165\163\164\040\107\154\157\142\141
+\154\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Universal CA"
+#
+# Issuer: CN=GeoTrust Universal CA,O=GeoTrust Inc.,C=US
+# Serial Number: 1 (0x1)
+# Subject: CN=GeoTrust Universal CA,O=GeoTrust Inc.,C=US
+# Not Valid Before: Thu Mar 04 05:00:00 2004
+# Not Valid After : Sun Mar 04 05:00:00 2029
+# Fingerprint (MD5): 92:65:58:8B:A2:1A:31:72:73:68:5C:B4:A5:7A:07:48
+# Fingerprint (SHA1): E6:21:F3:35:43:79:05:9A:4B:68:30:9D:8A:2F:74:22:15:87:EC:79
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Universal CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\036\060\034\006\003\125\004\003
+\023\025\107\145\157\124\162\165\163\164\040\125\156\151\166\145
+\162\163\141\154\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\036\060\034\006\003\125\004\003
+\023\025\107\145\157\124\162\165\163\164\040\125\156\151\166\145
+\162\163\141\154\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\150\060\202\003\120\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061\026
+\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165\163
+\164\040\111\156\143\056\061\036\060\034\006\003\125\004\003\023
+\025\107\145\157\124\162\165\163\164\040\125\156\151\166\145\162
+\163\141\154\040\103\101\060\036\027\015\060\064\060\063\060\064
+\060\065\060\060\060\060\132\027\015\062\071\060\063\060\064\060
+\065\060\060\060\060\132\060\105\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015
+\107\145\157\124\162\165\163\164\040\111\156\143\056\061\036\060
+\034\006\003\125\004\003\023\025\107\145\157\124\162\165\163\164
+\040\125\156\151\166\145\162\163\141\154\040\103\101\060\202\002
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\002\017\000\060\202\002\012\002\202\002\001\000\246\025
+\125\240\243\306\340\037\214\235\041\120\327\301\276\053\133\265
+\244\236\241\331\162\130\275\000\033\114\277\141\311\024\035\105
+\202\253\306\035\200\326\075\353\020\234\072\257\155\044\370\274
+\161\001\236\006\365\174\137\036\301\016\125\312\203\232\131\060
+\256\031\313\060\110\225\355\042\067\215\364\112\232\162\146\076
+\255\225\300\340\026\000\340\020\037\053\061\016\327\224\124\323
+\102\063\240\064\035\036\105\166\335\117\312\030\067\354\205\025
+\172\031\010\374\325\307\234\360\362\251\056\020\251\222\346\075
+\130\075\251\026\150\074\057\165\041\030\177\050\167\245\341\141
+\027\267\246\351\370\036\231\333\163\156\364\012\242\041\154\356
+\332\252\205\222\146\257\366\172\153\202\332\272\042\010\065\017
+\317\102\361\065\372\152\356\176\053\045\314\072\021\344\155\257
+\163\262\166\035\255\320\262\170\147\032\244\071\034\121\013\147
+\126\203\375\070\135\015\316\335\360\273\053\226\037\336\173\062
+\122\375\035\273\265\006\241\262\041\136\245\326\225\150\177\360
+\231\236\334\105\010\076\347\322\011\015\065\224\335\200\116\123
+\227\327\265\011\104\040\144\026\027\003\002\114\123\015\150\336
+\325\252\162\115\223\155\202\016\333\234\275\317\264\363\134\135
+\124\172\151\011\226\326\333\021\301\215\165\250\264\317\071\310
+\316\074\274\044\174\346\142\312\341\275\175\247\275\127\145\013
+\344\376\045\355\266\151\020\334\050\032\106\275\001\035\320\227
+\265\341\230\073\300\067\144\326\075\224\356\013\341\365\050\256
+\013\126\277\161\213\043\051\101\216\206\305\113\122\173\330\161
+\253\037\212\025\246\073\203\132\327\130\001\121\306\114\101\331
+\177\330\101\147\162\242\050\337\140\203\251\236\310\173\374\123
+\163\162\131\365\223\172\027\166\016\316\367\345\134\331\013\125
+\064\242\252\133\265\152\124\347\023\312\127\354\227\155\364\136
+\006\057\105\213\130\324\043\026\222\344\026\156\050\143\131\060
+\337\120\001\234\143\211\032\237\333\027\224\202\160\067\303\044
+\236\232\107\326\132\312\116\250\151\211\162\037\221\154\333\176
+\236\033\255\307\037\163\335\054\117\031\145\375\177\223\100\020
+\056\322\360\355\074\236\056\050\076\151\046\063\305\173\002\003
+\001\000\001\243\143\060\141\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004
+\026\004\024\332\273\056\252\260\014\270\210\046\121\164\134\155
+\003\323\300\330\217\172\326\060\037\006\003\125\035\043\004\030
+\060\026\200\024\332\273\056\252\260\014\270\210\046\121\164\134
+\155\003\323\300\330\217\172\326\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\206\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\002\001\000\061\170\346\307
+\265\337\270\224\100\311\161\304\250\065\354\106\035\302\205\363
+\050\130\206\260\013\374\216\262\071\217\104\125\253\144\204\134
+\151\251\320\232\070\074\372\345\037\065\345\104\343\200\171\224
+\150\244\273\304\237\075\341\064\315\060\106\213\124\053\225\245
+\357\367\077\231\204\375\065\346\317\061\306\334\152\277\247\327
+\043\010\341\230\136\303\132\010\166\251\246\257\167\057\267\140
+\275\104\106\152\357\227\377\163\225\301\216\350\223\373\375\061
+\267\354\127\021\021\105\233\060\361\032\210\071\301\117\074\247
+\000\325\307\374\253\155\200\042\160\245\014\340\135\004\051\002
+\373\313\240\221\321\174\326\303\176\120\325\235\130\276\101\070
+\353\271\165\074\025\331\233\311\112\203\131\300\332\123\375\063
+\273\066\030\233\205\017\025\335\356\055\254\166\223\271\331\001
+\215\110\020\250\373\365\070\206\361\333\012\306\275\204\243\043
+\101\336\326\167\157\205\324\205\034\120\340\256\121\212\272\215
+\076\166\342\271\312\047\362\137\237\357\156\131\015\006\330\053
+\027\244\322\174\153\273\137\024\032\110\217\032\114\347\263\107
+\034\216\114\105\053\040\356\110\337\347\335\011\216\030\250\332
+\100\215\222\046\021\123\141\163\135\353\275\347\304\115\051\067
+\141\353\254\071\055\147\056\026\326\365\000\203\205\241\314\177
+\166\304\175\344\267\113\146\357\003\105\140\151\266\014\122\226
+\222\204\136\246\243\265\244\076\053\331\314\330\033\107\252\362
+\104\332\117\371\003\350\360\024\313\077\363\203\336\320\301\124
+\343\267\350\012\067\115\213\040\131\003\060\031\241\054\310\275
+\021\037\337\256\311\112\305\363\047\146\146\206\254\150\221\377
+\331\346\123\034\017\213\134\151\145\012\046\310\036\064\303\135
+\121\173\327\251\234\006\241\066\335\325\211\224\274\331\344\055
+\014\136\011\154\010\227\174\243\075\174\223\377\077\241\024\247
+\317\265\135\353\333\333\034\304\166\337\210\271\275\105\005\225
+\033\256\374\106\152\114\257\110\343\316\256\017\322\176\353\346
+\154\234\117\201\152\172\144\254\273\076\325\347\313\166\056\305
+\247\110\301\134\220\017\313\310\077\372\346\062\341\215\033\157
+\244\346\216\330\371\051\110\212\316\163\376\054
+END
+
+# Trust for Certificate "GeoTrust Universal CA"
+# Issuer: CN=GeoTrust Universal CA,O=GeoTrust Inc.,C=US
+# Serial Number: 1 (0x1)
+# Subject: CN=GeoTrust Universal CA,O=GeoTrust Inc.,C=US
+# Not Valid Before: Thu Mar 04 05:00:00 2004
+# Not Valid After : Sun Mar 04 05:00:00 2029
+# Fingerprint (MD5): 92:65:58:8B:A2:1A:31:72:73:68:5C:B4:A5:7A:07:48
+# Fingerprint (SHA1): E6:21:F3:35:43:79:05:9A:4B:68:30:9D:8A:2F:74:22:15:87:EC:79
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Universal CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\346\041\363\065\103\171\005\232\113\150\060\235\212\057\164\042
+\025\207\354\171
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\222\145\130\213\242\032\061\162\163\150\134\264\245\172\007\110
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\036\060\034\006\003\125\004\003
+\023\025\107\145\157\124\162\165\163\164\040\125\156\151\166\145
+\162\163\141\154\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Universal CA 2"
+#
+# Issuer: CN=GeoTrust Universal CA 2,O=GeoTrust Inc.,C=US
+# Serial Number: 1 (0x1)
+# Subject: CN=GeoTrust Universal CA 2,O=GeoTrust Inc.,C=US
+# Not Valid Before: Thu Mar 04 05:00:00 2004
+# Not Valid After : Sun Mar 04 05:00:00 2029
+# Fingerprint (MD5): 34:FC:B8:D0:36:DB:9E:14:B3:C2:F2:DB:8F:E4:94:C7
+# Fingerprint (SHA1): 37:9A:19:7B:41:85:45:35:0C:A6:03:69:F3:3C:2E:AF:47:4F:20:79
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Universal CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\040\060\036\006\003\125\004\003
+\023\027\107\145\157\124\162\165\163\164\040\125\156\151\166\145
+\162\163\141\154\040\103\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\040\060\036\006\003\125\004\003
+\023\027\107\145\157\124\162\165\163\164\040\125\156\151\166\145
+\162\163\141\154\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\154\060\202\003\124\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061\026
+\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165\163
+\164\040\111\156\143\056\061\040\060\036\006\003\125\004\003\023
+\027\107\145\157\124\162\165\163\164\040\125\156\151\166\145\162
+\163\141\154\040\103\101\040\062\060\036\027\015\060\064\060\063
+\060\064\060\065\060\060\060\060\132\027\015\062\071\060\063\060
+\064\060\065\060\060\060\060\132\060\107\061\013\060\011\006\003
+\125\004\006\023\002\125\123\061\026\060\024\006\003\125\004\012
+\023\015\107\145\157\124\162\165\163\164\040\111\156\143\056\061
+\040\060\036\006\003\125\004\003\023\027\107\145\157\124\162\165
+\163\164\040\125\156\151\166\145\162\163\141\154\040\103\101\040
+\062\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
+\001\000\263\124\122\301\311\076\362\331\334\261\123\032\131\051
+\347\261\303\105\050\345\327\321\355\305\305\113\241\252\164\173
+\127\257\112\046\374\330\365\136\247\156\031\333\164\014\117\065
+\133\062\013\001\343\333\353\172\167\065\352\252\132\340\326\350
+\241\127\224\360\220\243\164\126\224\104\060\003\036\134\116\053
+\205\046\164\202\172\014\166\240\157\115\316\101\055\240\025\006
+\024\137\267\102\315\173\217\130\141\064\334\052\010\371\056\303
+\001\246\042\104\034\114\007\202\346\133\316\320\112\174\004\323
+\031\163\047\360\252\230\177\056\257\116\353\207\036\044\167\152
+\135\266\350\133\105\272\334\303\241\005\157\126\216\217\020\046
+\245\111\303\056\327\101\207\042\340\117\206\312\140\265\352\241
+\143\300\001\227\020\171\275\000\074\022\155\053\025\261\254\113
+\261\356\030\271\116\226\334\334\166\377\073\276\317\137\003\300
+\374\073\350\276\106\033\377\332\100\302\122\367\376\343\072\367
+\152\167\065\320\332\215\353\136\030\152\061\307\036\272\074\033
+\050\326\153\124\306\252\133\327\242\054\033\031\314\242\002\366
+\233\131\275\067\153\206\265\155\202\272\330\352\311\126\274\251
+\066\130\375\076\031\363\355\014\046\251\223\070\370\117\301\135
+\042\006\320\227\352\341\255\306\125\340\201\053\050\203\072\372
+\364\173\041\121\000\276\122\070\316\315\146\171\250\364\201\126
+\342\320\203\011\107\121\133\120\152\317\333\110\032\135\076\367
+\313\366\145\367\154\361\225\370\002\073\062\126\202\071\172\133
+\275\057\211\033\277\241\264\350\377\177\215\214\337\003\361\140
+\116\130\021\114\353\243\077\020\053\203\232\001\163\331\224\155
+\204\000\047\146\254\360\160\100\011\102\222\255\117\223\015\141
+\011\121\044\330\222\325\013\224\141\262\207\262\355\377\232\065
+\377\205\124\312\355\104\103\254\033\074\026\153\110\112\012\034
+\100\210\037\222\302\013\000\005\377\362\310\002\112\244\252\251
+\314\231\226\234\057\130\340\175\341\276\273\007\334\137\004\162
+\134\061\064\303\354\137\055\340\075\144\220\042\346\321\354\270
+\056\335\131\256\331\241\067\277\124\065\334\163\062\117\214\004
+\036\063\262\311\106\361\330\134\310\125\120\311\150\275\250\272
+\066\011\002\003\001\000\001\243\143\060\141\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
+\125\035\016\004\026\004\024\166\363\125\341\372\244\066\373\360
+\237\134\142\161\355\074\364\107\070\020\053\060\037\006\003\125
+\035\043\004\030\060\026\200\024\166\363\125\341\372\244\066\373
+\360\237\134\142\161\355\074\364\107\070\020\053\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\206\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\002\001\000
+\146\301\306\043\363\331\340\056\156\137\350\317\256\260\260\045
+\115\053\370\073\130\233\100\044\067\132\313\253\026\111\377\263
+\165\171\063\241\057\155\160\027\064\221\376\147\176\217\354\233
+\345\136\202\251\125\037\057\334\324\121\007\022\376\254\026\076
+\054\065\306\143\374\334\020\353\015\243\252\320\174\314\321\320
+\057\121\056\304\024\132\336\350\031\341\076\306\314\244\051\347
+\056\204\252\006\060\170\166\124\163\050\230\131\070\340\000\015
+\142\323\102\175\041\237\256\075\072\214\325\372\167\015\030\053
+\026\016\137\066\341\374\052\265\060\044\317\340\143\014\173\130
+\032\376\231\272\102\022\261\221\364\174\150\342\310\350\257\054
+\352\311\176\256\273\052\075\015\025\334\064\225\266\030\164\250
+\152\017\307\264\364\023\304\344\133\355\012\322\244\227\114\052
+\355\057\154\022\211\075\361\047\160\252\152\003\122\041\237\100
+\250\147\120\362\363\132\037\337\337\043\366\334\170\116\346\230
+\117\125\072\123\343\357\362\364\237\307\174\330\130\257\051\042
+\227\270\340\275\221\056\260\166\354\127\021\317\357\051\104\363
+\351\205\172\140\143\344\135\063\211\027\331\061\252\332\326\363
+\030\065\162\317\207\053\057\143\043\204\135\204\214\077\127\240
+\210\374\231\221\050\046\151\231\324\217\227\104\276\216\325\110
+\261\244\050\051\361\025\264\341\345\236\335\370\217\246\157\046
+\327\011\074\072\034\021\016\246\154\067\367\255\104\207\054\050
+\307\330\164\202\263\320\157\112\127\273\065\051\047\240\213\350
+\041\247\207\144\066\135\314\330\026\254\307\262\047\100\222\125
+\070\050\215\121\156\335\024\147\123\154\161\134\046\204\115\165
+\132\266\176\140\126\251\115\255\373\233\036\227\363\015\331\322
+\227\124\167\332\075\022\267\340\036\357\010\006\254\371\205\207
+\351\242\334\257\176\030\022\203\375\126\027\101\056\325\051\202
+\175\231\364\061\366\161\251\317\054\001\047\245\005\271\252\262
+\110\116\052\357\237\223\122\121\225\074\122\163\216\126\114\027
+\100\300\011\050\344\213\152\110\123\333\354\315\125\125\361\306
+\370\351\242\054\114\246\321\046\137\176\257\132\114\332\037\246
+\362\034\054\176\256\002\026\322\126\320\057\127\123\107\350\222
+END
+
+# Trust for Certificate "GeoTrust Universal CA 2"
+# Issuer: CN=GeoTrust Universal CA 2,O=GeoTrust Inc.,C=US
+# Serial Number: 1 (0x1)
+# Subject: CN=GeoTrust Universal CA 2,O=GeoTrust Inc.,C=US
+# Not Valid Before: Thu Mar 04 05:00:00 2004
+# Not Valid After : Sun Mar 04 05:00:00 2029
+# Fingerprint (MD5): 34:FC:B8:D0:36:DB:9E:14:B3:C2:F2:DB:8F:E4:94:C7
+# Fingerprint (SHA1): 37:9A:19:7B:41:85:45:35:0C:A6:03:69:F3:3C:2E:AF:47:4F:20:79
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Universal CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\067\232\031\173\101\205\105\065\014\246\003\151\363\074\056\257
+\107\117\040\171
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\064\374\270\320\066\333\236\024\263\302\362\333\217\344\224\307
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\040\060\036\006\003\125\004\003
+\023\027\107\145\157\124\162\165\163\164\040\125\156\151\166\145
+\162\163\141\154\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Visa eCommerce Root"
+#
+# Issuer: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
+# Serial Number:13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62
+# Subject: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
+# Not Valid Before: Wed Jun 26 02:18:36 2002
+# Not Valid After : Fri Jun 24 00:16:12 2022
+# Fingerprint (MD5): FC:11:B8:D8:08:93:30:00:6D:23:F9:7E:EB:52:1E:02
+# Fingerprint (SHA1): 70:17:9B:86:8C:00:A4:FA:60:91:52:22:3F:9F:3E:32:BD:E0:05:62
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Visa eCommerce Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
+\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
+\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
+\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
+\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
+\103\157\155\155\145\162\143\145\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
+\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
+\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
+\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
+\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
+\103\157\155\155\145\162\143\145\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220
+\034\142
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\242\060\202\002\212\240\003\002\001\002\002\020\023
+\206\065\115\035\077\006\362\301\371\145\005\325\220\034\142\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\153
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015\060
+\013\006\003\125\004\012\023\004\126\111\123\101\061\057\060\055
+\006\003\125\004\013\023\046\126\151\163\141\040\111\156\164\145
+\162\156\141\164\151\157\156\141\154\040\123\145\162\166\151\143
+\145\040\101\163\163\157\143\151\141\164\151\157\156\061\034\060
+\032\006\003\125\004\003\023\023\126\151\163\141\040\145\103\157
+\155\155\145\162\143\145\040\122\157\157\164\060\036\027\015\060
+\062\060\066\062\066\060\062\061\070\063\066\132\027\015\062\062
+\060\066\062\064\060\060\061\066\061\062\132\060\153\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\015\060\013\006\003
+\125\004\012\023\004\126\111\123\101\061\057\060\055\006\003\125
+\004\013\023\046\126\151\163\141\040\111\156\164\145\162\156\141
+\164\151\157\156\141\154\040\123\145\162\166\151\143\145\040\101
+\163\163\157\143\151\141\164\151\157\156\061\034\060\032\006\003
+\125\004\003\023\023\126\151\163\141\040\145\103\157\155\155\145
+\162\143\145\040\122\157\157\164\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\257\127\336\126\036\156\241
+\332\140\261\224\047\313\027\333\007\077\200\205\117\310\234\266
+\320\364\157\117\317\231\330\341\333\302\110\134\072\254\071\063
+\307\037\152\213\046\075\053\065\365\110\261\221\301\002\116\004
+\226\221\173\260\063\360\261\024\116\021\157\265\100\257\033\105
+\245\112\357\176\266\254\362\240\037\130\077\022\106\140\074\215
+\241\340\175\317\127\076\063\036\373\107\361\252\025\227\007\125
+\146\245\265\055\056\330\200\131\262\247\015\267\106\354\041\143
+\377\065\253\245\002\317\052\364\114\376\173\365\224\135\204\115
+\250\362\140\217\333\016\045\074\237\163\161\317\224\337\112\352
+\333\337\162\070\214\363\226\275\361\027\274\322\272\073\105\132
+\306\247\366\306\027\213\001\235\374\031\250\052\203\026\270\072
+\110\376\116\076\240\253\006\031\351\123\363\200\023\007\355\055
+\277\077\012\074\125\040\071\054\054\000\151\164\225\112\274\040
+\262\251\171\345\030\211\221\250\334\034\115\357\273\176\067\013
+\135\376\071\245\210\122\214\000\154\354\030\174\101\275\366\213
+\165\167\272\140\235\204\347\376\055\002\003\001\000\001\243\102
+\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\035\006\003\125\035\016\004\026\004\024\025\070
+\203\017\077\054\077\160\063\036\315\106\376\007\214\040\340\327
+\303\267\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\202\001\001\000\137\361\101\175\174\134\010\271\053\340
+\325\222\107\372\147\134\245\023\303\003\041\233\053\114\211\106
+\317\131\115\311\376\245\100\266\143\315\335\161\050\225\147\021
+\314\044\254\323\104\154\161\256\001\040\153\003\242\217\030\267
+\051\072\175\345\026\140\123\170\074\300\257\025\203\367\217\122
+\063\044\275\144\223\227\356\213\367\333\030\250\155\161\263\367
+\054\027\320\164\045\151\367\376\153\074\224\276\115\113\101\214
+\116\342\163\320\343\220\042\163\103\315\363\357\352\163\316\105
+\212\260\246\111\377\114\175\235\161\210\304\166\035\220\133\035
+\356\375\314\367\356\375\140\245\261\172\026\161\321\026\320\174
+\022\074\154\151\227\333\256\137\071\232\160\057\005\074\031\106
+\004\231\040\066\320\140\156\141\006\273\026\102\214\160\367\060
+\373\340\333\146\243\000\001\275\346\054\332\221\137\240\106\213
+\115\152\234\075\075\335\005\106\376\166\277\240\012\074\344\000
+\346\047\267\377\204\055\336\272\042\047\226\020\161\353\042\355
+\337\337\063\234\317\343\255\256\216\324\216\346\117\121\257\026
+\222\340\134\366\007\017
+END
+
+# Trust for Certificate "Visa eCommerce Root"
+# Issuer: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
+# Serial Number:13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62
+# Subject: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
+# Not Valid Before: Wed Jun 26 02:18:36 2002
+# Not Valid After : Fri Jun 24 00:16:12 2022
+# Fingerprint (MD5): FC:11:B8:D8:08:93:30:00:6D:23:F9:7E:EB:52:1E:02
+# Fingerprint (SHA1): 70:17:9B:86:8C:00:A4:FA:60:91:52:22:3F:9F:3E:32:BD:E0:05:62
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Visa eCommerce Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\160\027\233\206\214\000\244\372\140\221\122\042\077\237\076\062
+\275\340\005\142
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\374\021\270\330\010\223\060\000\155\043\371\176\353\122\036\002
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
+\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
+\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
+\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
+\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
+\103\157\155\155\145\162\143\145\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220
+\034\142
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certum Root CA"
+#
+# Issuer: CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL
+# Serial Number: 65568 (0x10020)
+# Subject: CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL
+# Not Valid Before: Tue Jun 11 10:46:39 2002
+# Not Valid After : Fri Jun 11 10:46:39 2027
+# Fingerprint (MD5): 2C:8F:9F:66:1D:18:90:B1:47:26:9D:8E:86:82:8C:A9
+# Fingerprint (SHA1): 62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certum Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164
+\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020
+\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164
+\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020
+\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\001\000\040
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\014\060\202\001\364\240\003\002\001\002\002\003\001
+\000\040\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145
+\164\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060
+\020\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103
+\101\060\036\027\015\060\062\060\066\061\061\061\060\064\066\063
+\071\132\027\015\062\067\060\066\061\061\061\060\064\066\063\071
+\132\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145
+\164\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060
+\020\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103
+\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\316\261\301\056\323\117\174\315\045\316\030\076\117\304
+\214\157\200\152\163\310\133\121\370\233\322\334\273\000\134\261
+\240\374\165\003\356\201\360\210\356\043\122\351\346\025\063\215
+\254\055\011\305\166\371\053\071\200\211\344\227\113\220\245\250
+\170\370\163\103\173\244\141\260\330\130\314\341\154\146\176\234
+\363\011\136\125\143\204\325\250\357\363\261\056\060\150\263\304
+\074\330\254\156\215\231\132\220\116\064\334\066\232\217\201\210
+\120\267\155\226\102\011\363\327\225\203\015\101\113\260\152\153
+\370\374\017\176\142\237\147\304\355\046\137\020\046\017\010\117
+\360\244\127\050\316\217\270\355\105\366\156\356\045\135\252\156
+\071\276\344\223\057\331\107\240\162\353\372\246\133\257\312\123
+\077\342\016\306\226\126\021\156\367\351\146\251\046\330\177\225
+\123\355\012\205\210\272\117\051\245\102\214\136\266\374\205\040
+\000\252\150\013\241\032\205\001\234\304\106\143\202\210\266\042
+\261\356\376\252\106\131\176\317\065\054\325\266\332\135\367\110
+\063\024\124\266\353\331\157\316\315\210\326\253\033\332\226\073
+\035\131\002\003\001\000\001\243\023\060\021\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
+\270\215\316\357\347\024\272\317\356\260\104\222\154\264\071\076
+\242\204\156\255\270\041\167\322\324\167\202\207\346\040\101\201
+\356\342\370\021\267\143\321\027\067\276\031\166\044\034\004\032
+\114\353\075\252\147\157\055\324\315\376\145\061\160\305\033\246
+\002\012\272\140\173\155\130\302\232\111\376\143\062\013\153\343
+\072\300\254\253\073\260\350\323\011\121\214\020\203\306\064\340
+\305\053\340\032\266\140\024\047\154\062\167\214\274\262\162\230
+\317\315\314\077\271\310\044\102\024\326\127\374\346\046\103\251
+\035\345\200\220\316\003\124\050\076\367\077\323\370\115\355\152
+\012\072\223\023\233\073\024\043\023\143\234\077\321\207\047\171
+\345\114\121\343\001\255\205\135\032\073\261\325\163\020\244\323
+\362\274\156\144\365\132\126\220\250\307\016\114\164\017\056\161
+\073\367\310\107\364\151\157\025\362\021\136\203\036\234\174\122
+\256\375\002\332\022\250\131\147\030\333\274\160\335\233\261\151
+\355\200\316\211\100\110\152\016\065\312\051\146\025\041\224\054
+\350\140\052\233\205\112\100\363\153\212\044\354\006\026\054\163
+END
+
+# Trust for Certificate "Certum Root CA"
+# Issuer: CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL
+# Serial Number: 65568 (0x10020)
+# Subject: CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL
+# Not Valid Before: Tue Jun 11 10:46:39 2002
+# Not Valid After : Fri Jun 11 10:46:39 2027
+# Fingerprint (MD5): 2C:8F:9F:66:1D:18:90:B1:47:26:9D:8E:86:82:8C:A9
+# Fingerprint (SHA1): 62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certum Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\142\122\334\100\367\021\103\242\057\336\236\367\064\216\006\102
+\121\261\201\030
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\054\217\237\146\035\030\220\261\107\046\235\216\206\202\214\251
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164
+\157\040\123\160\056\040\172\040\157\056\157\056\061\022\060\020
+\006\003\125\004\003\023\011\103\145\162\164\165\155\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\001\000\040
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Comodo AAA Services root"
+#
+# Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number: 1 (0x1)
+# Subject: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Jan 01 00:00:00 2004
+# Not Valid After : Sun Dec 31 23:59:59 2028
+# Fingerprint (MD5): 49:79:04:B0:EB:87:19:AC:47:B0:BC:11:51:9B:74:D0
+# Fingerprint (SHA1): D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Comodo AAA Services root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003
+\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151
+\143\141\164\145\040\123\145\162\166\151\143\145\163
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003
+\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151
+\143\141\164\145\040\123\145\162\166\151\143\145\163
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\062\060\202\003\032\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033
+\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162
+\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006
+\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060
+\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103
+\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003\125
+\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151\143
+\141\164\145\040\123\145\162\166\151\143\145\163\060\036\027\015
+\060\064\060\061\060\061\060\060\060\060\060\060\132\027\015\062
+\070\061\062\063\061\062\063\065\071\065\071\132\060\173\061\013
+\060\011\006\003\125\004\006\023\002\107\102\061\033\060\031\006
+\003\125\004\010\014\022\107\162\145\141\164\145\162\040\115\141
+\156\143\150\145\163\164\145\162\061\020\060\016\006\003\125\004
+\007\014\007\123\141\154\146\157\162\144\061\032\060\030\006\003
+\125\004\012\014\021\103\157\155\157\144\157\040\103\101\040\114
+\151\155\151\164\145\144\061\041\060\037\006\003\125\004\003\014
+\030\101\101\101\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\276\100\235\364\156\341
+\352\166\207\034\115\105\104\216\276\106\310\203\006\235\301\052
+\376\030\037\216\344\002\372\363\253\135\120\212\026\061\013\232
+\006\320\305\160\042\315\111\055\124\143\314\266\156\150\106\013
+\123\352\313\114\044\300\274\162\116\352\361\025\256\364\124\232
+\022\012\303\172\262\063\140\342\332\211\125\363\042\130\363\336
+\334\317\357\203\206\242\214\224\117\237\150\362\230\220\106\204
+\047\307\166\277\343\314\065\054\213\136\007\144\145\202\300\110
+\260\250\221\371\141\237\166\040\120\250\221\307\146\265\353\170
+\142\003\126\360\212\032\023\352\061\243\036\240\231\375\070\366
+\366\047\062\130\157\007\365\153\270\373\024\053\257\267\252\314
+\326\143\137\163\214\332\005\231\250\070\250\313\027\170\066\121
+\254\351\236\364\170\072\215\317\017\331\102\342\230\014\253\057
+\237\016\001\336\357\237\231\111\361\055\337\254\164\115\033\230
+\265\107\305\345\051\321\371\220\030\307\142\234\276\203\307\046
+\173\076\212\045\307\300\335\235\346\065\150\020\040\235\217\330
+\336\322\303\204\234\015\136\350\057\311\002\003\001\000\001\243
+\201\300\060\201\275\060\035\006\003\125\035\016\004\026\004\024
+\240\021\012\043\076\226\361\007\354\342\257\051\357\202\245\177
+\320\060\244\264\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\173\006\003\125\035\037\004\164\060\162
+\060\070\240\066\240\064\206\062\150\164\164\160\072\057\057\143
+\162\154\056\143\157\155\157\144\157\143\141\056\143\157\155\057
+\101\101\101\103\145\162\164\151\146\151\143\141\164\145\123\145
+\162\166\151\143\145\163\056\143\162\154\060\066\240\064\240\062
+\206\060\150\164\164\160\072\057\057\143\162\154\056\143\157\155
+\157\144\157\056\156\145\164\057\101\101\101\103\145\162\164\151
+\146\151\143\141\164\145\123\145\162\166\151\143\145\163\056\143
+\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\202\001\001\000\010\126\374\002\360\233\350\377\244\372
+\326\173\306\104\200\316\117\304\305\366\000\130\314\246\266\274
+\024\111\150\004\166\350\346\356\135\354\002\017\140\326\215\120
+\030\117\046\116\001\343\346\260\245\356\277\274\164\124\101\277
+\375\374\022\270\307\117\132\364\211\140\005\177\140\267\005\112
+\363\366\361\302\277\304\271\164\206\266\055\175\153\314\322\363
+\106\335\057\306\340\152\303\303\064\003\054\175\226\335\132\302
+\016\247\012\231\301\005\213\253\014\057\363\134\072\317\154\067
+\125\011\207\336\123\100\154\130\357\374\266\253\145\156\004\366
+\033\334\074\340\132\025\306\236\331\361\131\110\060\041\145\003
+\154\354\351\041\163\354\233\003\241\340\067\255\240\025\030\217
+\372\272\002\316\247\054\251\020\023\054\324\345\010\046\253\042
+\227\140\370\220\136\164\324\242\232\123\275\362\251\150\340\242
+\156\302\327\154\261\243\017\236\277\353\150\347\126\362\256\362
+\343\053\070\072\011\201\265\153\205\327\276\055\355\077\032\267
+\262\143\342\365\142\054\202\324\152\000\101\120\361\071\203\237
+\225\351\066\226\230\156
+END
+
+# Trust for Certificate "Comodo AAA Services root"
+# Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number: 1 (0x1)
+# Subject: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Jan 01 00:00:00 2004
+# Not Valid After : Sun Dec 31 23:59:59 2028
+# Fingerprint (MD5): 49:79:04:B0:EB:87:19:AC:47:B0:BC:11:51:9B:74:D0
+# Fingerprint (SHA1): D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Comodo AAA Services root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\321\353\043\244\155\027\326\217\331\045\144\302\361\361\140\027
+\144\330\343\111
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\111\171\004\260\353\207\031\254\107\260\274\021\121\233\164\320
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\041\060\037\006\003
+\125\004\003\014\030\101\101\101\040\103\145\162\164\151\146\151
+\143\141\164\145\040\123\145\162\166\151\143\145\163
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Comodo Secure Services root"
+#
+# Issuer: CN=Secure Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number: 1 (0x1)
+# Subject: CN=Secure Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Jan 01 00:00:00 2004
+# Not Valid After : Sun Dec 31 23:59:59 2028
+# Fingerprint (MD5): D3:D9:BD:AE:9F:AC:67:24:B3:C8:1B:52:E1:B9:A9:BD
+# Fingerprint (SHA1): 4A:65:D5:F4:1D:EF:39:B8:B8:90:4A:4A:D3:64:81:33:CF:C7:A1:D1
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Comodo Secure Services root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003
+\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164
+\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003
+\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164
+\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\077\060\202\003\047\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033
+\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162
+\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006
+\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060
+\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103
+\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003\125
+\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164\151
+\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163\060
+\036\027\015\060\064\060\061\060\061\060\060\060\060\060\060\132
+\027\015\062\070\061\062\063\061\062\063\065\071\065\071\132\060
+\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033
+\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162
+\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006
+\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060
+\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103
+\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003\125
+\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164\151
+\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163\060
+\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
+\300\161\063\202\212\320\160\353\163\207\202\100\325\035\344\313
+\311\016\102\220\371\336\064\271\241\272\021\364\045\205\363\314
+\162\155\362\173\227\153\263\007\361\167\044\221\137\045\217\366
+\164\075\344\200\302\370\074\015\363\277\100\352\367\310\122\321
+\162\157\357\310\253\101\270\156\056\027\052\225\151\014\315\322
+\036\224\173\055\224\035\252\165\327\263\230\313\254\274\144\123
+\100\274\217\254\254\066\313\134\255\273\335\340\224\027\354\321
+\134\320\277\357\245\225\311\220\305\260\254\373\033\103\337\172
+\010\135\267\270\362\100\033\053\047\236\120\316\136\145\202\210
+\214\136\323\116\014\172\352\010\221\266\066\252\053\102\373\352
+\302\243\071\345\333\046\070\255\213\012\356\031\143\307\034\044
+\337\003\170\332\346\352\301\107\032\013\013\106\011\335\002\374
+\336\313\207\137\327\060\143\150\241\256\334\062\241\272\276\376
+\104\253\150\266\245\027\025\375\275\325\247\247\232\344\104\063
+\351\210\216\374\355\121\353\223\161\116\255\001\347\104\216\253
+\055\313\250\376\001\111\110\360\300\335\307\150\330\222\376\075
+\002\003\001\000\001\243\201\307\060\201\304\060\035\006\003\125
+\035\016\004\026\004\024\074\330\223\210\302\300\202\011\314\001
+\231\006\223\040\351\236\160\011\143\117\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\201\201\006\003
+\125\035\037\004\172\060\170\060\073\240\071\240\067\206\065\150
+\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157
+\143\141\056\143\157\155\057\123\145\143\165\162\145\103\145\162
+\164\151\146\151\143\141\164\145\123\145\162\166\151\143\145\163
+\056\143\162\154\060\071\240\067\240\065\206\063\150\164\164\160
+\072\057\057\143\162\154\056\143\157\155\157\144\157\056\156\145
+\164\057\123\145\143\165\162\145\103\145\162\164\151\146\151\143
+\141\164\145\123\145\162\166\151\143\145\163\056\143\162\154\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\001\001\000\207\001\155\043\035\176\133\027\175\301\141\062\317
+\217\347\363\212\224\131\146\340\236\050\250\136\323\267\364\064
+\346\252\071\262\227\026\305\202\157\062\244\351\214\347\257\375
+\357\302\350\271\113\252\243\364\346\332\215\145\041\373\272\200
+\353\046\050\205\032\376\071\214\336\133\004\004\264\124\371\243
+\147\236\101\372\011\122\314\005\110\250\311\077\041\004\036\316
+\110\153\374\205\350\302\173\257\177\267\314\370\137\072\375\065
+\306\015\357\227\334\114\253\021\341\153\313\061\321\154\373\110
+\200\253\334\234\067\270\041\024\113\015\161\075\354\203\063\156
+\321\156\062\026\354\230\307\026\213\131\246\064\253\005\127\055
+\223\367\252\023\313\322\023\342\267\056\073\315\153\120\027\011
+\150\076\265\046\127\356\266\340\266\335\271\051\200\171\175\217
+\243\360\244\050\244\025\304\205\364\047\324\153\277\345\134\344
+\145\002\166\124\264\343\067\146\044\323\031\141\310\122\020\345
+\213\067\232\271\251\371\035\277\352\231\222\141\226\377\001\315
+\241\137\015\274\161\274\016\254\013\035\107\105\035\301\354\174
+\354\375\051
+END
+
+# Trust for Certificate "Comodo Secure Services root"
+# Issuer: CN=Secure Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number: 1 (0x1)
+# Subject: CN=Secure Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Jan 01 00:00:00 2004
+# Not Valid After : Sun Dec 31 23:59:59 2028
+# Fingerprint (MD5): D3:D9:BD:AE:9F:AC:67:24:B3:C8:1B:52:E1:B9:A9:BD
+# Fingerprint (SHA1): 4A:65:D5:F4:1D:EF:39:B8:B8:90:4A:4A:D3:64:81:33:CF:C7:A1:D1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Comodo Secure Services root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\112\145\325\364\035\357\071\270\270\220\112\112\323\144\201\063
+\317\307\241\321
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\323\331\275\256\237\254\147\044\263\310\033\122\341\271\251\275
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\044\060\042\006\003
+\125\004\003\014\033\123\145\143\165\162\145\040\103\145\162\164
+\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Comodo Trusted Services root"
+#
+# Issuer: CN=Trusted Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number: 1 (0x1)
+# Subject: CN=Trusted Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Jan 01 00:00:00 2004
+# Not Valid After : Sun Dec 31 23:59:59 2028
+# Fingerprint (MD5): 91:1B:3F:6E:CD:9E:AB:EE:07:FE:1F:71:D2:B3:61:27
+# Fingerprint (SHA1): E1:9F:E3:0E:8B:84:60:9E:80:9B:17:0D:72:A8:C5:BA:6E:14:09:BD
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Comodo Trusted Services root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162
+\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145
+\163
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162
+\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145
+\163
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\103\060\202\003\053\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033
+\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145\162
+\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006
+\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032\060
+\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040\103
+\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003\125
+\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162\164
+\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145\163
+\060\036\027\015\060\064\060\061\060\061\060\060\060\060\060\060
+\132\027\015\062\070\061\062\063\061\062\063\065\071\065\071\132
+\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162
+\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145
+\163\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\337\161\157\066\130\123\132\362\066\124\127\200\304\164
+\010\040\355\030\177\052\035\346\065\232\036\045\254\234\345\226
+\176\162\122\240\025\102\333\131\335\144\172\032\320\270\173\335
+\071\025\274\125\110\304\355\072\000\352\061\021\272\362\161\164
+\032\147\270\317\063\314\250\061\257\243\343\327\177\277\063\055
+\114\152\074\354\213\303\222\322\123\167\044\164\234\007\156\160
+\374\275\013\133\166\272\137\362\377\327\067\113\112\140\170\367
+\360\372\312\160\264\352\131\252\243\316\110\057\251\303\262\013
+\176\027\162\026\014\246\007\014\033\070\317\311\142\267\077\240
+\223\245\207\101\362\267\160\100\167\330\276\024\174\343\250\300
+\172\216\351\143\152\321\017\232\306\322\364\213\072\024\004\126
+\324\355\270\314\156\365\373\342\054\130\275\177\117\153\053\367
+\140\044\130\044\316\046\357\064\221\072\325\343\201\320\262\360
+\004\002\327\133\267\076\222\254\153\022\212\371\344\005\260\073
+\221\111\134\262\353\123\352\370\237\107\206\356\277\225\300\300
+\006\237\322\133\136\021\033\364\307\004\065\051\322\125\134\344
+\355\353\002\003\001\000\001\243\201\311\060\201\306\060\035\006
+\003\125\035\016\004\026\004\024\305\173\130\275\355\332\045\151
+\322\367\131\026\250\263\062\300\173\047\133\364\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\201\203
+\006\003\125\035\037\004\174\060\172\060\074\240\072\240\070\206
+\066\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157
+\144\157\143\141\056\143\157\155\057\124\162\165\163\164\145\144
+\103\145\162\164\151\146\151\143\141\164\145\123\145\162\166\151
+\143\145\163\056\143\162\154\060\072\240\070\240\066\206\064\150
+\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157
+\056\156\145\164\057\124\162\165\163\164\145\144\103\145\162\164
+\151\146\151\143\141\164\145\123\145\162\166\151\143\145\163\056
+\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\003\202\001\001\000\310\223\201\073\211\264\257\270\204
+\022\114\215\322\360\333\160\272\127\206\025\064\020\271\057\177
+\036\260\250\211\140\241\212\302\167\014\120\112\233\000\213\330
+\213\364\101\342\320\203\212\112\034\024\006\260\243\150\005\160
+\061\060\247\123\233\016\351\112\240\130\151\147\016\256\235\366
+\245\054\101\277\074\006\153\344\131\314\155\020\361\226\157\037
+\337\364\004\002\244\237\105\076\310\330\372\066\106\104\120\077
+\202\227\221\037\050\333\030\021\214\052\344\145\203\127\022\022
+\214\027\077\224\066\376\135\260\300\004\167\023\270\364\025\325
+\077\070\314\224\072\125\320\254\230\365\272\000\137\340\206\031
+\201\170\057\050\300\176\323\314\102\012\365\256\120\240\321\076
+\306\241\161\354\077\240\040\214\146\072\211\264\216\324\330\261
+\115\045\107\356\057\210\310\265\341\005\105\300\276\024\161\336
+\172\375\216\173\175\115\010\226\245\022\163\360\055\312\067\047
+\164\022\047\114\313\266\227\351\331\256\010\155\132\071\100\335
+\005\107\165\152\132\041\263\243\030\317\116\367\056\127\267\230
+\160\136\310\304\170\260\142
+END
+
+# Trust for Certificate "Comodo Trusted Services root"
+# Issuer: CN=Trusted Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number: 1 (0x1)
+# Subject: CN=Trusted Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Jan 01 00:00:00 2004
+# Not Valid After : Sun Dec 31 23:59:59 2028
+# Fingerprint (MD5): 91:1B:3F:6E:CD:9E:AB:EE:07:FE:1F:71:D2:B3:61:27
+# Fingerprint (SHA1): E1:9F:E3:0E:8B:84:60:9E:80:9B:17:0D:72:A8:C5:BA:6E:14:09:BD
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Comodo Trusted Services root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\341\237\343\016\213\204\140\236\200\233\027\015\162\250\305\272
+\156\024\011\275
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\221\033\077\156\315\236\253\356\007\376\037\161\322\263\141\047
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145
+\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016
+\006\003\125\004\007\014\007\123\141\154\146\157\162\144\061\032
+\060\030\006\003\125\004\012\014\021\103\157\155\157\144\157\040
+\103\101\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\003\014\034\124\162\165\163\164\145\144\040\103\145\162
+\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145
+\163
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "QuoVadis Root CA"
+#
+# Issuer: CN=QuoVadis Root Certification Authority,OU=Root Certification Authority,O=QuoVadis Limited,C=BM
+# Serial Number: 985026699 (0x3ab6508b)
+# Subject: CN=QuoVadis Root Certification Authority,OU=Root Certification Authority,O=QuoVadis Limited,C=BM
+# Not Valid Before: Mon Mar 19 18:33:33 2001
+# Not Valid After : Wed Mar 17 18:33:33 2021
+# Fingerprint (MD5): 27:DE:36:FE:72:B7:00:03:00:9D:F4:F0:1E:6C:04:24
+# Fingerprint (SHA1): DE:3F:40:BD:50:93:D3:9B:6C:60:F6:DA:BC:07:62:01:00:89:76:C9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\013\023\034\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\061\056\060\054\006\003\125\004\003\023\045\121\165\157\126
+\141\144\151\163\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\013\023\034\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\061\056\060\054\006\003\125\004\003\023\045\121\165\157\126
+\141\144\151\163\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\072\266\120\213
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\320\060\202\004\270\240\003\002\001\002\002\004\072
+\266\120\213\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\177\061\013\060\011\006\003\125\004\006\023\002\102
+\115\061\031\060\027\006\003\125\004\012\023\020\121\165\157\126
+\141\144\151\163\040\114\151\155\151\164\145\144\061\045\060\043
+\006\003\125\004\013\023\034\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\061\056\060\054\006\003\125\004\003\023\045\121\165
+\157\126\141\144\151\163\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\060\036\027\015\060\061\060\063\061\071\061\070\063
+\063\063\063\132\027\015\062\061\060\063\061\067\061\070\063\063
+\063\063\132\060\177\061\013\060\011\006\003\125\004\006\023\002
+\102\115\061\031\060\027\006\003\125\004\012\023\020\121\165\157
+\126\141\144\151\163\040\114\151\155\151\164\145\144\061\045\060
+\043\006\003\125\004\013\023\034\122\157\157\164\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\061\056\060\054\006\003\125\004\003\023\045\121
+\165\157\126\141\144\151\163\040\122\157\157\164\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\277\141\265\225\123\272\127\374\372\362\147
+\013\072\032\337\021\200\144\225\264\321\274\315\172\317\366\051
+\226\056\044\124\100\044\070\367\032\205\334\130\114\313\244\047
+\102\227\320\237\203\212\303\344\006\003\133\000\245\121\036\160
+\004\164\342\301\324\072\253\327\255\073\007\030\005\216\375\203
+\254\352\146\331\030\033\150\212\365\127\032\230\272\365\355\166
+\075\174\331\336\224\152\073\113\027\301\325\217\275\145\070\072
+\225\320\075\125\066\116\337\171\127\061\052\036\330\131\145\111
+\130\040\230\176\253\137\176\237\351\326\115\354\203\164\251\307
+\154\330\356\051\112\205\052\006\024\371\124\346\323\332\145\007
+\213\143\067\022\327\320\354\303\173\040\101\104\243\355\313\240
+\027\341\161\145\316\035\146\061\367\166\001\031\310\175\003\130
+\266\225\111\035\246\022\046\350\306\014\166\340\343\146\313\352
+\135\246\046\356\345\314\137\275\147\247\001\047\016\242\312\124
+\305\261\172\225\035\161\036\112\051\212\003\334\152\105\301\244
+\031\136\157\066\315\303\242\260\267\376\134\070\342\122\274\370
+\104\103\346\220\273\002\003\001\000\001\243\202\002\122\060\202
+\002\116\060\075\006\010\053\006\001\005\005\007\001\001\004\061
+\060\057\060\055\006\010\053\006\001\005\005\007\060\001\206\041
+\150\164\164\160\163\072\057\057\157\143\163\160\056\161\165\157
+\166\141\144\151\163\157\146\146\163\150\157\162\145\056\143\157
+\155\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\202\001\032\006\003\125\035\040\004\202\001\021\060
+\202\001\015\060\202\001\011\006\011\053\006\001\004\001\276\130
+\000\001\060\201\373\060\201\324\006\010\053\006\001\005\005\007
+\002\002\060\201\307\032\201\304\122\145\154\151\141\156\143\145
+\040\157\156\040\164\150\145\040\121\165\157\126\141\144\151\163
+\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
+\145\040\142\171\040\141\156\171\040\160\141\162\164\171\040\141
+\163\163\165\155\145\163\040\141\143\143\145\160\164\141\156\143
+\145\040\157\146\040\164\150\145\040\164\150\145\156\040\141\160
+\160\154\151\143\141\142\154\145\040\163\164\141\156\144\141\162
+\144\040\164\145\162\155\163\040\141\156\144\040\143\157\156\144
+\151\164\151\157\156\163\040\157\146\040\165\163\145\054\040\143
+\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162\141
+\143\164\151\143\145\163\054\040\141\156\144\040\164\150\145\040
+\121\165\157\126\141\144\151\163\040\103\145\162\164\151\146\151
+\143\141\164\145\040\120\157\154\151\143\171\056\060\042\006\010
+\053\006\001\005\005\007\002\001\026\026\150\164\164\160\072\057
+\057\167\167\167\056\161\165\157\166\141\144\151\163\056\142\155
+\060\035\006\003\125\035\016\004\026\004\024\213\113\155\355\323
+\051\271\006\031\354\071\071\251\360\227\204\152\313\357\337\060
+\201\256\006\003\125\035\043\004\201\246\060\201\243\200\024\213
+\113\155\355\323\051\271\006\031\354\071\071\251\360\227\204\152
+\313\357\337\241\201\204\244\201\201\060\177\061\013\060\011\006
+\003\125\004\006\023\002\102\115\061\031\060\027\006\003\125\004
+\012\023\020\121\165\157\126\141\144\151\163\040\114\151\155\151
+\164\145\144\061\045\060\043\006\003\125\004\013\023\034\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\061\056\060\054\006\003
+\125\004\003\023\045\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\202\004\072\266\120\213
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\212\324\024\265\376\364\232\222\247\031\324\244
+\176\162\030\217\331\150\174\122\044\335\147\157\071\172\304\252
+\136\075\342\130\260\115\160\230\204\141\350\033\343\151\030\016
+\316\373\107\120\240\116\377\360\044\037\275\262\316\365\047\374
+\354\057\123\252\163\173\003\075\164\156\346\026\236\353\245\056
+\304\277\126\047\120\053\142\272\276\113\034\074\125\134\101\035
+\044\276\202\040\107\135\325\104\176\172\026\150\337\175\115\121
+\160\170\127\035\063\036\375\002\231\234\014\315\012\005\117\307
+\273\216\244\165\372\112\155\261\200\216\011\126\271\234\032\140
+\376\135\301\327\172\334\021\170\320\326\135\301\267\325\255\062
+\231\003\072\212\314\124\045\071\061\201\173\023\042\121\272\106
+\154\241\273\236\372\004\154\111\046\164\217\322\163\353\314\060
+\242\346\352\131\042\207\370\227\365\016\375\352\314\222\244\026
+\304\122\030\352\041\316\261\361\346\204\201\345\272\251\206\050
+\362\103\132\135\022\235\254\036\331\250\345\012\152\247\177\240
+\207\051\317\362\211\115\324\354\305\342\346\172\320\066\043\212
+\112\164\066\371
+END
+
+# Trust for Certificate "QuoVadis Root CA"
+# Issuer: CN=QuoVadis Root Certification Authority,OU=Root Certification Authority,O=QuoVadis Limited,C=BM
+# Serial Number: 985026699 (0x3ab6508b)
+# Subject: CN=QuoVadis Root Certification Authority,OU=Root Certification Authority,O=QuoVadis Limited,C=BM
+# Not Valid Before: Mon Mar 19 18:33:33 2001
+# Not Valid After : Wed Mar 17 18:33:33 2021
+# Fingerprint (MD5): 27:DE:36:FE:72:B7:00:03:00:9D:F4:F0:1E:6C:04:24
+# Fingerprint (SHA1): DE:3F:40:BD:50:93:D3:9B:6C:60:F6:DA:BC:07:62:01:00:89:76:C9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\336\077\100\275\120\223\323\233\154\140\366\332\274\007\142\001
+\000\211\166\311
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\047\336\066\376\162\267\000\003\000\235\364\360\036\154\004\044
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\045\060\043\006\003
+\125\004\013\023\034\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\061\056\060\054\006\003\125\004\003\023\045\121\165\157\126
+\141\144\151\163\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\072\266\120\213
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "QuoVadis Root CA 2"
+#
+# Issuer: CN=QuoVadis Root CA 2,O=QuoVadis Limited,C=BM
+# Serial Number: 1289 (0x509)
+# Subject: CN=QuoVadis Root CA 2,O=QuoVadis Limited,C=BM
+# Not Valid Before: Fri Nov 24 18:27:00 2006
+# Not Valid After : Mon Nov 24 18:23:33 2031
+# Fingerprint (MD5): 5E:39:7B:DD:F8:BA:EC:82:E9:AC:62:BA:0C:54:00:2B
+# Fingerprint (SHA1): CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\005\011
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\267\060\202\003\237\240\003\002\001\002\002\002\005
+\011\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062\060\036\027\015\060\066\061\061\062
+\064\061\070\062\067\060\060\132\027\015\063\061\061\061\062\064
+\061\070\062\063\063\063\132\060\105\061\013\060\011\006\003\125
+\004\006\023\002\102\115\061\031\060\027\006\003\125\004\012\023
+\020\121\165\157\126\141\144\151\163\040\114\151\155\151\164\145
+\144\061\033\060\031\006\003\125\004\003\023\022\121\165\157\126
+\141\144\151\163\040\122\157\157\164\040\103\101\040\062\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\232
+\030\312\113\224\015\000\055\257\003\051\212\360\017\201\310\256
+\114\031\205\035\010\237\253\051\104\205\363\057\201\255\062\036
+\220\106\277\243\206\046\032\036\376\176\034\030\072\134\234\140
+\027\052\072\164\203\063\060\175\141\124\021\313\355\253\340\346
+\322\242\176\365\153\157\030\267\012\013\055\375\351\076\357\012
+\306\263\020\351\334\302\106\027\370\135\375\244\332\377\236\111
+\132\234\346\063\346\044\226\367\077\272\133\053\034\172\065\302
+\326\147\376\253\146\120\213\155\050\140\053\357\327\140\303\307
+\223\274\215\066\221\363\177\370\333\021\023\304\234\167\166\301
+\256\267\002\152\201\172\251\105\203\342\005\346\271\126\301\224
+\067\217\110\161\143\042\354\027\145\007\225\212\113\337\217\306
+\132\012\345\260\343\137\136\153\021\253\014\371\205\353\104\351
+\370\004\163\362\351\376\134\230\214\365\163\257\153\264\176\315
+\324\134\002\053\114\071\341\262\225\225\055\102\207\327\325\263
+\220\103\267\154\023\361\336\335\366\304\370\211\077\321\165\365
+\222\303\221\325\212\210\320\220\354\334\155\336\211\302\145\161
+\226\213\015\003\375\234\277\133\026\254\222\333\352\376\171\174
+\255\353\257\367\026\313\333\315\045\053\345\037\373\232\237\342
+\121\314\072\123\014\110\346\016\275\311\264\166\006\122\346\021
+\023\205\162\143\003\004\340\004\066\053\040\031\002\350\164\247
+\037\266\311\126\146\360\165\045\334\147\301\016\141\140\210\263
+\076\321\250\374\243\332\035\260\321\261\043\124\337\104\166\155
+\355\101\330\301\262\042\266\123\034\337\065\035\334\241\167\052
+\061\344\055\365\345\345\333\310\340\377\345\200\327\013\143\240
+\377\063\241\017\272\054\025\025\352\227\263\322\242\265\276\362
+\214\226\036\032\217\035\154\244\141\067\271\206\163\063\327\227
+\226\236\043\175\202\244\114\201\342\241\321\272\147\137\225\007
+\243\047\021\356\026\020\173\274\105\112\114\262\004\322\253\357
+\325\375\014\121\316\120\152\010\061\371\221\332\014\217\144\134
+\003\303\072\213\040\077\156\215\147\075\072\326\376\175\133\210
+\311\136\373\314\141\334\213\063\167\323\104\062\065\011\142\004
+\222\026\020\330\236\047\107\373\073\041\343\370\353\035\133\002
+\003\001\000\001\243\201\260\060\201\255\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\013\006\003\125
+\035\017\004\004\003\002\001\006\060\035\006\003\125\035\016\004
+\026\004\024\032\204\142\274\110\114\063\045\004\324\356\320\366
+\003\304\031\106\321\224\153\060\156\006\003\125\035\043\004\147
+\060\145\200\024\032\204\142\274\110\114\063\045\004\324\356\320
+\366\003\304\031\106\321\224\153\241\111\244\107\060\105\061\013
+\060\011\006\003\125\004\006\023\002\102\115\061\031\060\027\006
+\003\125\004\012\023\020\121\165\157\126\141\144\151\163\040\114
+\151\155\151\164\145\144\061\033\060\031\006\003\125\004\003\023
+\022\121\165\157\126\141\144\151\163\040\122\157\157\164\040\103
+\101\040\062\202\002\005\011\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\003\202\002\001\000\076\012\026\115\237
+\006\133\250\256\161\135\057\005\057\147\346\023\105\203\304\066
+\366\363\300\046\014\015\265\107\144\135\370\264\162\311\106\245
+\003\030\047\125\211\170\175\166\352\226\064\200\027\040\334\347
+\203\370\215\374\007\270\332\137\115\056\147\262\204\375\331\104
+\374\167\120\201\346\174\264\311\015\013\162\123\370\166\007\007
+\101\107\226\014\373\340\202\046\223\125\214\376\042\037\140\145
+\174\137\347\046\263\367\062\220\230\120\324\067\161\125\366\222
+\041\170\367\225\171\372\370\055\046\207\146\126\060\167\246\067
+\170\063\122\020\130\256\077\141\216\362\152\261\357\030\176\112
+\131\143\312\215\242\126\325\247\057\274\126\037\317\071\301\342
+\373\012\250\025\054\175\115\172\143\306\154\227\104\074\322\157
+\303\112\027\012\370\220\322\127\242\031\121\245\055\227\101\332
+\007\117\251\120\332\220\215\224\106\341\076\360\224\375\020\000
+\070\365\073\350\100\341\264\156\126\032\040\314\157\130\215\355
+\056\105\217\326\351\223\077\347\261\054\337\072\326\042\214\334
+\204\273\042\157\320\370\344\306\071\351\004\210\074\303\272\353
+\125\172\155\200\231\044\365\154\001\373\370\227\260\224\133\353
+\375\322\157\361\167\150\015\065\144\043\254\270\125\241\003\321
+\115\102\031\334\370\165\131\126\243\371\250\111\171\370\257\016
+\271\021\240\174\267\152\355\064\320\266\046\142\070\032\207\014
+\370\350\375\056\323\220\177\007\221\052\035\326\176\134\205\203
+\231\260\070\010\077\351\136\371\065\007\344\311\142\156\127\177
+\247\120\225\367\272\310\233\346\216\242\001\305\326\146\277\171
+\141\363\074\034\341\271\202\134\135\240\303\351\330\110\275\031
+\242\021\024\031\156\262\206\033\150\076\110\067\032\210\267\135
+\226\136\234\307\357\047\142\010\342\221\031\134\322\361\041\335
+\272\027\102\202\227\161\201\123\061\251\237\366\175\142\277\162
+\341\243\223\035\314\212\046\132\011\070\320\316\327\015\200\026
+\264\170\245\072\207\114\215\212\245\325\106\227\362\054\020\271
+\274\124\042\300\001\120\151\103\236\364\262\357\155\370\354\332
+\361\343\261\357\337\221\217\124\052\013\045\301\046\031\304\122
+\020\005\145\325\202\020\352\302\061\315\056
+END
+
+# Trust for Certificate "QuoVadis Root CA 2"
+# Issuer: CN=QuoVadis Root CA 2,O=QuoVadis Limited,C=BM
+# Serial Number: 1289 (0x509)
+# Subject: CN=QuoVadis Root CA 2,O=QuoVadis Limited,C=BM
+# Not Valid Before: Fri Nov 24 18:27:00 2006
+# Not Valid After : Mon Nov 24 18:23:33 2031
+# Fingerprint (MD5): 5E:39:7B:DD:F8:BA:EC:82:E9:AC:62:BA:0C:54:00:2B
+# Fingerprint (SHA1): CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\312\072\373\317\022\100\066\113\104\262\026\040\210\200\110\071
+\031\223\174\367
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\136\071\173\335\370\272\354\202\351\254\142\272\014\124\000\053
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\005\011
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "QuoVadis Root CA 3"
+#
+# Issuer: CN=QuoVadis Root CA 3,O=QuoVadis Limited,C=BM
+# Serial Number: 1478 (0x5c6)
+# Subject: CN=QuoVadis Root CA 3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Fri Nov 24 19:11:23 2006
+# Not Valid After : Mon Nov 24 19:06:44 2031
+# Fingerprint (MD5): 31:85:3C:62:94:97:63:B9:AA:FD:89:4E:AF:6F:E0:CF
+# Fingerprint (SHA1): 1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\005\306
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\235\060\202\004\205\240\003\002\001\002\002\002\005
+\306\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063\060\036\027\015\060\066\061\061\062
+\064\061\071\061\061\062\063\132\027\015\063\061\061\061\062\064
+\061\071\060\066\064\064\132\060\105\061\013\060\011\006\003\125
+\004\006\023\002\102\115\061\031\060\027\006\003\125\004\012\023
+\020\121\165\157\126\141\144\151\163\040\114\151\155\151\164\145
+\144\061\033\060\031\006\003\125\004\003\023\022\121\165\157\126
+\141\144\151\163\040\122\157\157\164\040\103\101\040\063\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\314
+\127\102\026\124\234\346\230\323\323\115\356\376\355\307\237\103
+\071\112\145\263\350\026\210\064\333\015\131\221\164\317\222\270
+\004\100\255\002\113\061\253\274\215\221\150\330\040\016\032\001
+\342\032\173\116\027\135\342\212\267\077\231\032\315\353\141\253
+\302\145\246\037\267\267\275\267\217\374\375\160\217\013\240\147
+\276\001\242\131\317\161\346\017\051\166\377\261\126\171\105\053
+\037\236\172\124\350\243\051\065\150\244\001\117\017\244\056\067
+\357\033\277\343\217\020\250\162\253\130\127\347\124\206\310\311
+\363\133\332\054\332\135\216\156\074\243\076\332\373\202\345\335
+\362\134\262\005\063\157\212\066\316\320\023\116\377\277\112\014
+\064\114\246\303\041\275\120\004\125\353\261\273\235\373\105\036
+\144\025\336\125\001\214\002\166\265\313\241\077\102\151\274\057
+\275\150\103\026\126\211\052\067\141\221\375\246\256\116\300\313
+\024\145\224\067\113\222\006\357\004\320\310\234\210\333\013\173
+\201\257\261\075\052\304\145\072\170\266\356\334\200\261\322\323
+\231\234\072\356\153\132\153\263\215\267\325\316\234\302\276\245
+\113\057\026\261\236\150\073\006\157\256\175\237\370\336\354\314
+\051\247\230\243\045\103\057\357\361\137\046\341\210\115\370\136
+\156\327\331\024\156\031\063\151\247\073\204\211\223\304\123\125
+\023\241\121\170\100\370\270\311\242\356\173\272\122\102\203\236
+\024\355\005\122\132\131\126\247\227\374\235\077\012\051\330\334
+\117\221\016\023\274\336\225\244\337\213\231\276\254\233\063\210
+\357\265\201\257\033\306\042\123\310\366\307\356\227\024\260\305
+\174\170\122\310\360\316\156\167\140\204\246\351\052\166\040\355
+\130\001\027\060\223\351\032\213\340\163\143\331\152\222\224\111
+\116\264\255\112\205\304\243\042\060\374\011\355\150\042\163\246
+\210\014\125\041\130\305\341\072\237\052\335\312\341\220\340\331
+\163\253\154\200\270\350\013\144\223\240\234\214\031\377\263\322
+\014\354\221\046\207\212\263\242\341\160\217\054\012\345\315\155
+\150\121\353\332\077\005\177\213\062\346\023\134\153\376\137\100
+\342\042\310\264\264\144\117\326\272\175\110\076\250\151\014\327
+\273\206\161\311\163\270\077\073\235\045\113\332\377\100\353\002
+\003\001\000\001\243\202\001\225\060\202\001\221\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\201\341
+\006\003\125\035\040\004\201\331\060\201\326\060\201\323\006\011
+\053\006\001\004\001\276\130\000\003\060\201\305\060\201\223\006
+\010\053\006\001\005\005\007\002\002\060\201\206\032\201\203\101
+\156\171\040\165\163\145\040\157\146\040\164\150\151\163\040\103
+\145\162\164\151\146\151\143\141\164\145\040\143\157\156\163\164
+\151\164\165\164\145\163\040\141\143\143\145\160\164\141\156\143
+\145\040\157\146\040\164\150\145\040\121\165\157\126\141\144\151
+\163\040\122\157\157\164\040\103\101\040\063\040\103\145\162\164
+\151\146\151\143\141\164\145\040\120\157\154\151\143\171\040\057
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\120
+\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145\156
+\164\056\060\055\006\010\053\006\001\005\005\007\002\001\026\041
+\150\164\164\160\072\057\057\167\167\167\056\161\165\157\166\141
+\144\151\163\147\154\157\142\141\154\056\143\157\155\057\143\160
+\163\060\013\006\003\125\035\017\004\004\003\002\001\006\060\035
+\006\003\125\035\016\004\026\004\024\362\300\023\340\202\103\076
+\373\356\057\147\062\226\065\134\333\270\313\002\320\060\156\006
+\003\125\035\043\004\147\060\145\200\024\362\300\023\340\202\103
+\076\373\356\057\147\062\226\065\134\333\270\313\002\320\241\111
+\244\107\060\105\061\013\060\011\006\003\125\004\006\023\002\102
+\115\061\031\060\027\006\003\125\004\012\023\020\121\165\157\126
+\141\144\151\163\040\114\151\155\151\164\145\144\061\033\060\031
+\006\003\125\004\003\023\022\121\165\157\126\141\144\151\163\040
+\122\157\157\164\040\103\101\040\063\202\002\005\306\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\002\001
+\000\117\255\240\054\114\372\300\362\157\367\146\125\253\043\064
+\356\347\051\332\303\133\266\260\203\331\320\320\342\041\373\363
+\140\247\073\135\140\123\047\242\233\366\010\042\052\347\277\240
+\162\345\234\044\152\061\261\220\172\047\333\204\021\211\047\246
+\167\132\070\327\277\254\206\374\356\135\203\274\006\306\321\167
+\153\017\155\044\057\113\172\154\247\007\226\312\343\204\237\255
+\210\213\035\253\026\215\133\146\027\331\026\364\213\200\322\335
+\370\262\166\303\374\070\023\252\014\336\102\151\053\156\363\074
+\353\200\047\333\365\246\104\015\237\132\125\131\013\325\015\122
+\110\305\256\237\362\057\200\305\352\062\120\065\022\227\056\301
+\341\377\361\043\210\121\070\237\362\146\126\166\347\017\121\227
+\245\122\014\115\111\121\225\066\075\277\242\113\014\020\035\206
+\231\114\252\363\162\021\223\344\352\366\233\332\250\135\247\115
+\267\236\002\256\163\000\310\332\043\003\350\371\352\031\164\142
+\000\224\313\042\040\276\224\247\131\265\202\152\276\231\171\172
+\251\362\112\044\122\367\164\375\272\116\346\250\035\002\156\261
+\015\200\104\301\256\323\043\067\137\273\205\174\053\222\056\350
+\176\245\213\335\231\341\277\047\157\055\135\252\173\207\376\012
+\335\113\374\216\365\046\344\156\160\102\156\063\354\061\236\173
+\223\301\344\311\151\032\075\300\153\116\042\155\356\253\130\115
+\306\320\101\301\053\352\117\022\207\136\353\105\330\154\365\230
+\002\323\240\330\125\212\006\231\031\242\240\167\321\060\236\254
+\314\165\356\203\365\260\142\071\317\154\127\342\114\322\221\013
+\016\165\050\033\232\277\375\032\103\361\312\167\373\073\217\141
+\270\151\050\026\102\004\136\160\052\034\041\330\217\341\275\043
+\133\055\164\100\222\331\143\031\015\163\335\151\274\142\107\274
+\340\164\053\262\353\175\276\101\033\265\300\106\305\241\042\313
+\137\116\301\050\222\336\030\272\325\052\050\273\021\213\027\223
+\230\231\140\224\134\043\317\132\047\227\136\013\005\006\223\067
+\036\073\151\066\353\251\236\141\035\217\062\332\216\014\326\164
+\076\173\011\044\332\001\167\107\304\073\315\064\214\231\365\312
+\341\045\141\063\262\131\033\342\156\327\067\127\266\015\251\022
+\332
+END
+
+# Trust for Certificate "QuoVadis Root CA 3"
+# Issuer: CN=QuoVadis Root CA 3,O=QuoVadis Limited,C=BM
+# Serial Number: 1478 (0x5c6)
+# Subject: CN=QuoVadis Root CA 3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Fri Nov 24 19:11:23 2006
+# Not Valid After : Mon Nov 24 19:06:44 2031
+# Fingerprint (MD5): 31:85:3C:62:94:97:63:B9:AA:FD:89:4E:AF:6F:E0:CF
+# Fingerprint (SHA1): 1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\037\111\024\367\330\164\225\035\335\256\002\300\276\375\072\055
+\202\165\121\205
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\061\205\074\142\224\227\143\271\252\375\211\116\257\157\340\317
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\033\060\031\006\003
+\125\004\003\023\022\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\005\306
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Security Communication Root CA"
+#
+# Issuer: OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP
+# Serial Number: 0 (0x0)
+# Subject: OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP
+# Not Valid Before: Tue Sep 30 04:20:49 2003
+# Not Valid After : Sat Sep 30 04:20:49 2023
+# Fingerprint (MD5): F1:BC:63:6A:54:E0:B5:27:F5:CD:E7:1A:E3:4D:6E:4A
+# Fingerprint (SHA1): 36:B1:2B:49:F9:81:9E:D7:4C:9E:BC:38:0F:C6:56:8F:5D:AC:B2:F7
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Security Communication Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\120\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\030\060\026\006\003\125\004\012\023\017\123\105\103\117\115\040
+\124\162\165\163\164\056\156\145\164\061\047\060\045\006\003\125
+\004\013\023\036\123\145\143\165\162\151\164\171\040\103\157\155
+\155\165\156\151\143\141\164\151\157\156\040\122\157\157\164\103
+\101\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\030\060\026\006\003\125\004\012\023\017\123\105\103\117\115\040
+\124\162\165\163\164\056\156\145\164\061\047\060\045\006\003\125
+\004\013\023\036\123\145\143\165\162\151\164\171\040\103\157\155
+\155\165\156\151\143\141\164\151\157\156\040\122\157\157\164\103
+\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\132\060\202\002\102\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\120\061\013\060\011\006\003\125\004\006\023\002\112\120\061\030
+\060\026\006\003\125\004\012\023\017\123\105\103\117\115\040\124
+\162\165\163\164\056\156\145\164\061\047\060\045\006\003\125\004
+\013\023\036\123\145\143\165\162\151\164\171\040\103\157\155\155
+\165\156\151\143\141\164\151\157\156\040\122\157\157\164\103\101
+\061\060\036\027\015\060\063\060\071\063\060\060\064\062\060\064
+\071\132\027\015\062\063\060\071\063\060\060\064\062\060\064\071
+\132\060\120\061\013\060\011\006\003\125\004\006\023\002\112\120
+\061\030\060\026\006\003\125\004\012\023\017\123\105\103\117\115
+\040\124\162\165\163\164\056\156\145\164\061\047\060\045\006\003
+\125\004\013\023\036\123\145\143\165\162\151\164\171\040\103\157
+\155\155\165\156\151\143\141\164\151\157\156\040\122\157\157\164
+\103\101\061\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\263\263\376\177\323\155\261\357\026\174\127\245
+\014\155\166\212\057\113\277\144\373\114\356\212\360\363\051\174
+\365\377\356\052\340\351\351\272\133\144\042\232\232\157\054\072
+\046\151\121\005\231\046\334\325\034\152\161\306\232\175\036\235
+\335\174\154\306\214\147\147\112\076\370\161\260\031\047\251\011
+\014\246\225\277\113\214\014\372\125\230\073\330\350\042\241\113
+\161\070\171\254\227\222\151\263\211\176\352\041\150\006\230\024
+\226\207\322\141\066\274\155\047\126\236\127\356\300\300\126\375
+\062\317\244\331\216\302\043\327\215\250\363\330\045\254\227\344
+\160\070\364\266\072\264\235\073\227\046\103\243\241\274\111\131
+\162\114\043\060\207\001\130\366\116\276\034\150\126\146\257\315
+\101\135\310\263\115\052\125\106\253\037\332\036\342\100\075\333
+\315\175\271\222\200\234\067\335\014\226\144\235\334\042\367\144
+\213\337\141\336\025\224\122\025\240\175\122\311\113\250\041\311
+\306\261\355\313\303\225\140\321\017\360\253\160\370\337\313\115
+\176\354\326\372\253\331\275\177\124\362\245\351\171\372\331\326
+\166\044\050\163\002\003\001\000\001\243\077\060\075\060\035\006
+\003\125\035\016\004\026\004\024\240\163\111\231\150\334\205\133
+\145\343\233\050\057\127\237\275\063\274\007\110\060\013\006\003
+\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\150\100
+\251\250\273\344\117\135\171\263\005\265\027\263\140\023\353\306
+\222\135\340\321\323\152\376\373\276\233\155\277\307\005\155\131
+\040\304\034\360\267\332\204\130\002\143\372\110\026\357\117\245
+\013\367\112\230\362\077\236\033\255\107\153\143\316\010\107\353
+\122\077\170\234\257\115\256\370\325\117\317\232\230\052\020\101
+\071\122\304\335\331\233\016\357\223\001\256\262\056\312\150\102
+\044\102\154\260\263\072\076\315\351\332\110\304\025\313\351\371
+\007\017\222\120\111\212\335\061\227\137\311\351\067\252\073\131
+\145\227\224\062\311\263\237\076\072\142\130\305\111\255\142\016
+\161\245\062\252\057\306\211\166\103\100\023\023\147\075\242\124
+\045\020\313\361\072\362\331\372\333\111\126\273\246\376\247\101
+\065\303\340\210\141\311\210\307\337\066\020\042\230\131\352\260
+\112\373\126\026\163\156\254\115\367\042\241\117\255\035\172\055
+\105\047\345\060\301\136\362\332\023\313\045\102\121\225\107\003
+\214\154\041\314\164\102\355\123\377\063\213\217\017\127\001\026
+\057\317\246\356\311\160\042\024\275\375\276\154\013\003
+END
+
+# Trust for Certificate "Security Communication Root CA"
+# Issuer: OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP
+# Serial Number: 0 (0x0)
+# Subject: OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP
+# Not Valid Before: Tue Sep 30 04:20:49 2003
+# Not Valid After : Sat Sep 30 04:20:49 2023
+# Fingerprint (MD5): F1:BC:63:6A:54:E0:B5:27:F5:CD:E7:1A:E3:4D:6E:4A
+# Fingerprint (SHA1): 36:B1:2B:49:F9:81:9E:D7:4C:9E:BC:38:0F:C6:56:8F:5D:AC:B2:F7
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Security Communication Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\066\261\053\111\371\201\236\327\114\236\274\070\017\306\126\217
+\135\254\262\367
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\361\274\143\152\124\340\265\047\365\315\347\032\343\115\156\112
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\030\060\026\006\003\125\004\012\023\017\123\105\103\117\115\040
+\124\162\165\163\164\056\156\145\164\061\047\060\045\006\003\125
+\004\013\023\036\123\145\143\165\162\151\164\171\040\103\157\155
+\155\165\156\151\143\141\164\151\157\156\040\122\157\157\164\103
+\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Sonera Class 2 Root CA"
+#
+# Issuer: CN=Sonera Class2 CA,O=Sonera,C=FI
+# Serial Number: 29 (0x1d)
+# Subject: CN=Sonera Class2 CA,O=Sonera,C=FI
+# Not Valid Before: Fri Apr 06 07:29:40 2001
+# Not Valid After : Tue Apr 06 07:29:40 2021
+# Fingerprint (MD5): A3:EC:75:0F:2E:88:DF:FA:48:01:4E:0B:5C:48:6F:FB
+# Fingerprint (SHA1): 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Sonera Class 2 Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\106\111\061
+\017\060\015\006\003\125\004\012\023\006\123\157\156\145\162\141
+\061\031\060\027\006\003\125\004\003\023\020\123\157\156\145\162
+\141\040\103\154\141\163\163\062\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\106\111\061
+\017\060\015\006\003\125\004\012\023\006\123\157\156\145\162\141
+\061\031\060\027\006\003\125\004\003\023\020\123\157\156\145\162
+\141\040\103\154\141\163\163\062\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\035
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\040\060\202\002\010\240\003\002\001\002\002\001\035
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\071\061\013\060\011\006\003\125\004\006\023\002\106\111\061\017
+\060\015\006\003\125\004\012\023\006\123\157\156\145\162\141\061
+\031\060\027\006\003\125\004\003\023\020\123\157\156\145\162\141
+\040\103\154\141\163\163\062\040\103\101\060\036\027\015\060\061
+\060\064\060\066\060\067\062\071\064\060\132\027\015\062\061\060
+\064\060\066\060\067\062\071\064\060\132\060\071\061\013\060\011
+\006\003\125\004\006\023\002\106\111\061\017\060\015\006\003\125
+\004\012\023\006\123\157\156\145\162\141\061\031\060\027\006\003
+\125\004\003\023\020\123\157\156\145\162\141\040\103\154\141\163
+\163\062\040\103\101\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\220\027\112\065\235\312\360\015\226\307
+\104\372\026\067\374\110\275\275\177\200\055\065\073\341\157\250
+\147\251\277\003\034\115\214\157\062\107\325\101\150\244\023\004
+\301\065\014\232\204\103\374\134\035\377\211\263\350\027\030\315
+\221\137\373\211\343\352\277\116\135\174\033\046\323\165\171\355
+\346\204\343\127\345\255\051\304\364\072\050\347\245\173\204\066
+\151\263\375\136\166\275\243\055\231\323\220\116\043\050\175\030
+\143\361\124\073\046\235\166\133\227\102\262\377\256\360\116\354
+\335\071\225\116\203\006\177\347\111\100\310\305\001\262\124\132
+\146\035\075\374\371\351\074\012\236\201\270\160\360\001\213\344
+\043\124\174\310\256\370\220\036\000\226\162\324\124\317\141\043
+\274\352\373\235\002\225\321\266\271\161\072\151\010\077\017\264
+\341\102\307\210\365\077\230\250\247\272\034\340\161\161\357\130
+\127\201\120\172\134\153\164\106\016\203\003\230\303\216\250\156
+\362\166\062\156\047\203\302\163\363\334\030\350\264\223\352\165
+\104\153\004\140\040\161\127\207\235\363\276\240\220\043\075\212
+\044\341\332\041\333\303\002\003\001\000\001\243\063\060\061\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\021\006\003\125\035\016\004\012\004\010\112\240\252\130\204
+\323\136\074\060\013\006\003\125\035\017\004\004\003\002\001\006
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\132\316\207\371\026\162\025\127\113\035\331\233
+\347\242\046\060\354\223\147\337\326\055\322\064\257\367\070\245
+\316\253\026\271\253\057\174\065\313\254\320\017\264\114\053\374
+\200\357\153\214\221\137\066\166\367\333\263\033\031\352\364\262
+\021\375\141\161\104\277\050\263\072\035\277\263\103\350\237\277
+\334\061\010\161\260\235\215\326\064\107\062\220\306\145\044\367
+\240\112\174\004\163\217\071\157\027\214\162\265\275\113\310\172
+\370\173\203\303\050\116\234\011\352\147\077\262\147\004\033\303
+\024\332\370\347\111\044\221\320\035\152\372\141\071\357\153\347
+\041\165\006\007\330\022\264\041\040\160\102\161\201\332\074\232
+\066\276\246\133\015\152\154\232\037\221\173\371\371\357\102\272
+\116\116\236\314\014\215\224\334\331\105\234\136\354\102\120\143
+\256\364\135\304\261\022\334\312\073\250\056\235\024\132\005\165
+\267\354\327\143\342\272\065\266\004\010\221\350\332\235\234\366
+\146\265\030\254\012\246\124\046\064\063\322\033\301\324\177\032
+\072\216\013\252\062\156\333\374\117\045\237\331\062\307\226\132
+\160\254\337\114
+END
+
+# Trust for Certificate "Sonera Class 2 Root CA"
+# Issuer: CN=Sonera Class2 CA,O=Sonera,C=FI
+# Serial Number: 29 (0x1d)
+# Subject: CN=Sonera Class2 CA,O=Sonera,C=FI
+# Not Valid Before: Fri Apr 06 07:29:40 2001
+# Not Valid After : Tue Apr 06 07:29:40 2021
+# Fingerprint (MD5): A3:EC:75:0F:2E:88:DF:FA:48:01:4E:0B:5C:48:6F:FB
+# Fingerprint (SHA1): 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Sonera Class 2 Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\067\367\155\346\007\174\220\305\261\076\223\032\267\101\020\264
+\362\344\232\047
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\243\354\165\017\056\210\337\372\110\001\116\013\134\110\157\373
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\106\111\061
+\017\060\015\006\003\125\004\012\023\006\123\157\156\145\162\141
+\061\031\060\027\006\003\125\004\003\023\020\123\157\156\145\162
+\141\040\103\154\141\163\163\062\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\035
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "UTN USERFirst Email Root CA"
+#
+# Issuer: CN=UTN-USERFirst-Client Authentication and Email,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:25:25:67:c9:89
+# Subject: CN=UTN-USERFirst-Client Authentication and Email,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Not Valid Before: Fri Jul 09 17:28:50 1999
+# Not Valid After : Tue Jul 09 17:36:58 2019
+# Fingerprint (MD5): D7:34:3D:EF:1D:27:09:28:E1:31:02:5B:13:2B:DD:F7
+# Fingerprint (SHA1): B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UTN USERFirst Email Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\066\060\064\006\003\125
+\004\003\023\055\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\103\154\151\145\156\164\040\101\165\164\150\145\156\164
+\151\143\141\164\151\157\156\040\141\156\144\040\105\155\141\151
+\154
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\066\060\064\006\003\125
+\004\003\023\055\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\103\154\151\145\156\164\040\101\165\164\150\145\156\164
+\151\143\141\164\151\157\156\040\141\156\144\040\105\155\141\151
+\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\276\014\213\120\000\044\264\021\323\066\045\045\147
+\311\211
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\242\060\202\003\212\240\003\002\001\002\002\020\104
+\276\014\213\120\000\044\264\021\323\066\045\045\147\311\211\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\256\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
+\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
+\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
+\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
+\165\163\164\056\143\157\155\061\066\060\064\006\003\125\004\003
+\023\055\125\124\116\055\125\123\105\122\106\151\162\163\164\055
+\103\154\151\145\156\164\040\101\165\164\150\145\156\164\151\143
+\141\164\151\157\156\040\141\156\144\040\105\155\141\151\154\060
+\036\027\015\071\071\060\067\060\071\061\067\062\070\065\060\132
+\027\015\061\071\060\067\060\071\061\067\063\066\065\070\132\060
+\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\066\060\064\006\003\125\004
+\003\023\055\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\103\154\151\145\156\164\040\101\165\164\150\145\156\164\151
+\143\141\164\151\157\156\040\141\156\144\040\105\155\141\151\154
+\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
+\000\262\071\205\244\362\175\253\101\073\142\106\067\256\315\301
+\140\165\274\071\145\371\112\032\107\242\271\314\110\314\152\230
+\325\115\065\031\271\244\102\345\316\111\342\212\057\036\174\322
+\061\007\307\116\264\203\144\235\056\051\325\242\144\304\205\275
+\205\121\065\171\244\116\150\220\173\034\172\244\222\250\027\362
+\230\025\362\223\314\311\244\062\225\273\014\117\060\275\230\240
+\013\213\345\156\033\242\106\372\170\274\242\157\253\131\136\245
+\057\317\312\332\155\252\057\353\254\241\263\152\252\267\056\147
+\065\213\171\341\036\151\210\342\346\106\315\240\245\352\276\013
+\316\166\072\172\016\233\352\374\332\047\133\075\163\037\042\346
+\110\141\306\114\363\151\261\250\056\033\266\324\061\040\054\274
+\202\212\216\244\016\245\327\211\103\374\026\132\257\035\161\327
+\021\131\332\272\207\015\257\372\363\341\302\360\244\305\147\214
+\326\326\124\072\336\012\244\272\003\167\263\145\310\375\036\323
+\164\142\252\030\312\150\223\036\241\205\176\365\107\145\313\370
+\115\127\050\164\322\064\377\060\266\356\366\142\060\024\214\054
+\353\002\003\001\000\001\243\201\271\060\201\266\060\013\006\003
+\125\035\017\004\004\003\002\001\306\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
+\016\004\026\004\024\211\202\147\175\304\235\046\160\000\113\264
+\120\110\174\336\075\256\004\156\175\060\130\006\003\125\035\037
+\004\121\060\117\060\115\240\113\240\111\206\107\150\164\164\160
+\072\057\057\143\162\154\056\165\163\145\162\164\162\165\163\164
+\056\143\157\155\057\125\124\116\055\125\123\105\122\106\151\162
+\163\164\055\103\154\151\145\156\164\101\165\164\150\145\156\164
+\151\143\141\164\151\157\156\141\156\144\105\155\141\151\154\056
+\143\162\154\060\035\006\003\125\035\045\004\026\060\024\006\010
+\053\006\001\005\005\007\003\002\006\010\053\006\001\005\005\007
+\003\004\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\202\001\001\000\261\155\141\135\246\032\177\174\253\112
+\344\060\374\123\157\045\044\306\312\355\342\061\134\053\016\356
+\356\141\125\157\004\076\317\071\336\305\033\111\224\344\353\040
+\114\264\346\236\120\056\162\331\215\365\252\243\263\112\332\126
+\034\140\227\200\334\202\242\255\112\275\212\053\377\013\011\264
+\306\327\040\004\105\344\315\200\001\272\272\053\156\316\252\327
+\222\376\344\257\353\364\046\035\026\052\177\154\060\225\067\057
+\063\022\254\177\335\307\321\021\214\121\230\262\320\243\221\320
+\255\366\237\236\203\223\036\035\102\270\106\257\153\146\360\233
+\177\352\343\003\002\345\002\121\301\252\325\065\235\162\100\003
+\211\272\061\035\305\020\150\122\236\337\242\205\305\134\010\246
+\170\346\123\117\261\350\267\323\024\236\223\246\303\144\343\254
+\176\161\315\274\237\351\003\033\314\373\351\254\061\301\257\174
+\025\164\002\231\303\262\107\246\302\062\141\327\307\157\110\044
+\121\047\241\325\207\125\362\173\217\230\075\026\236\356\165\266
+\370\320\216\362\363\306\256\050\133\247\360\363\066\027\374\303
+\005\323\312\003\112\124
+END
+
+# Trust for Certificate "UTN USERFirst Email Root CA"
+# Issuer: CN=UTN-USERFirst-Client Authentication and Email,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:25:25:67:c9:89
+# Subject: CN=UTN-USERFirst-Client Authentication and Email,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Not Valid Before: Fri Jul 09 17:28:50 1999
+# Not Valid After : Tue Jul 09 17:36:58 2019
+# Fingerprint (MD5): D7:34:3D:EF:1D:27:09:28:E1:31:02:5B:13:2B:DD:F7
+# Fingerprint (SHA1): B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UTN USERFirst Email Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\261\162\261\245\155\225\371\037\345\002\207\341\115\067\352\152
+\104\143\166\212
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\327\064\075\357\035\047\011\050\341\061\002\133\023\053\335\367
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\066\060\064\006\003\125
+\004\003\023\055\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\103\154\151\145\156\164\040\101\165\164\150\145\156\164
+\151\143\141\164\151\157\156\040\141\156\144\040\105\155\141\151
+\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\276\014\213\120\000\044\264\021\323\066\045\045\147
+\311\211
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "UTN USERFirst Hardware Root CA"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
+# Subject: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Not Valid Before: Fri Jul 09 18:10:42 1999
+# Not Valid After : Tue Jul 09 18:19:22 2019
+# Fingerprint (MD5): 4C:56:41:E5:0D:BB:2B:E8:CA:A3:ED:18:08:AD:43:39
+# Fingerprint (SHA1): 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UTN USERFirst Hardware Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\276\014\213\120\000\044\264\021\323\066\052\376\145
+\012\375
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\164\060\202\003\134\240\003\002\001\002\002\020\104
+\276\014\213\120\000\044\264\021\323\066\052\376\145\012\375\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
+\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
+\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
+\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
+\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004\003
+\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164\055
+\110\141\162\144\167\141\162\145\060\036\027\015\071\071\060\067
+\060\071\061\070\061\060\064\062\132\027\015\061\071\060\067\060
+\071\061\070\061\071\062\062\132\060\201\227\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\013\060\011\006\003\125\004
+\010\023\002\125\124\061\027\060\025\006\003\125\004\007\023\016
+\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\036
+\060\034\006\003\125\004\012\023\025\124\150\145\040\125\123\105
+\122\124\122\125\123\124\040\116\145\164\167\157\162\153\061\041
+\060\037\006\003\125\004\013\023\030\150\164\164\160\072\057\057
+\167\167\167\056\165\163\145\162\164\162\165\163\164\056\143\157
+\155\061\037\060\035\006\003\125\004\003\023\026\125\124\116\055
+\125\123\105\122\106\151\162\163\164\055\110\141\162\144\167\141
+\162\145\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\261\367\303\070\077\264\250\177\317\071\202\121\147
+\320\155\237\322\377\130\363\347\237\053\354\015\211\124\231\271
+\070\231\026\367\340\041\171\110\302\273\141\164\022\226\035\074
+\152\162\325\074\020\147\072\071\355\053\023\315\146\353\225\011
+\063\244\154\227\261\350\306\354\301\165\171\234\106\136\215\253
+\320\152\375\271\052\125\027\020\124\263\031\360\232\366\361\261
+\135\266\247\155\373\340\161\027\153\242\210\373\000\337\376\032
+\061\167\014\232\001\172\261\062\343\053\001\007\070\156\303\245
+\136\043\274\105\233\173\120\301\311\060\217\333\345\053\172\323
+\133\373\063\100\036\240\325\230\027\274\213\207\303\211\323\135
+\240\216\262\252\252\366\216\151\210\006\305\372\211\041\363\010
+\235\151\056\011\063\233\051\015\106\017\214\314\111\064\260\151
+\121\275\371\006\315\150\255\146\114\274\076\254\141\275\012\210
+\016\310\337\075\356\174\004\114\235\012\136\153\221\326\356\307
+\355\050\215\253\115\207\211\163\320\156\244\320\036\026\213\024
+\341\166\104\003\177\143\254\344\315\111\234\305\222\364\253\062
+\241\110\133\002\003\001\000\001\243\201\271\060\201\266\060\013
+\006\003\125\035\017\004\004\003\002\001\306\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
+\125\035\016\004\026\004\024\241\162\137\046\033\050\230\103\225
+\135\007\067\325\205\226\235\113\322\303\105\060\104\006\003\125
+\035\037\004\075\060\073\060\071\240\067\240\065\206\063\150\164
+\164\160\072\057\057\143\162\154\056\165\163\145\162\164\162\165
+\163\164\056\143\157\155\057\125\124\116\055\125\123\105\122\106
+\151\162\163\164\055\110\141\162\144\167\141\162\145\056\143\162
+\154\060\061\006\003\125\035\045\004\052\060\050\006\010\053\006
+\001\005\005\007\003\001\006\010\053\006\001\005\005\007\003\005
+\006\010\053\006\001\005\005\007\003\006\006\010\053\006\001\005
+\005\007\003\007\060\015\006\011\052\206\110\206\367\015\001\001
+\005\005\000\003\202\001\001\000\107\031\017\336\164\306\231\227
+\257\374\255\050\136\165\216\353\055\147\356\116\173\053\327\014
+\377\366\336\313\125\242\012\341\114\124\145\223\140\153\237\022
+\234\255\136\203\054\353\132\256\300\344\055\364\000\143\035\270
+\300\154\362\317\111\273\115\223\157\006\246\012\042\262\111\142
+\010\116\377\310\310\024\262\210\026\135\347\001\344\022\225\345
+\105\064\263\213\151\275\317\264\205\217\165\121\236\175\072\070
+\072\024\110\022\306\373\247\073\032\215\015\202\100\007\350\004
+\010\220\241\211\313\031\120\337\312\034\001\274\035\004\031\173
+\020\166\227\073\356\220\220\312\304\016\037\026\156\165\357\063
+\370\323\157\133\036\226\343\340\164\167\164\173\212\242\156\055
+\335\166\326\071\060\202\360\253\234\122\362\052\307\257\111\136
+\176\307\150\345\202\201\310\152\047\371\047\210\052\325\130\120
+\225\037\360\073\034\127\273\175\024\071\142\053\232\311\224\222
+\052\243\042\014\377\211\046\175\137\043\053\107\327\025\035\251
+\152\236\121\015\052\121\236\201\371\324\073\136\160\022\177\020
+\062\234\036\273\235\370\146\250
+END
+
+# Trust for Certificate "UTN USERFirst Hardware Root CA"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
+# Subject: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Not Valid Before: Fri Jul 09 18:10:42 1999
+# Not Valid After : Tue Jul 09 18:19:22 2019
+# Fingerprint (MD5): 4C:56:41:E5:0D:BB:2B:E8:CA:A3:ED:18:08:AD:43:39
+# Fingerprint (SHA1): 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UTN USERFirst Hardware Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\004\203\355\063\231\254\066\010\005\207\042\355\274\136\106\000
+\343\276\371\327
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\114\126\101\345\015\273\053\350\312\243\355\030\010\255\103\071
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\276\014\213\120\000\044\264\021\323\066\052\376\145
+\012\375
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "UTN USERFirst Object Root CA"
+#
+# Issuer: CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
+# Subject: CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Not Valid Before: Fri Jul 09 18:31:20 1999
+# Not Valid After : Tue Jul 09 18:40:36 2019
+# Fingerprint (MD5): A7:F2:E4:16:06:41:11:50:30:6B:9C:E3:B4:9C:B0:C9
+# Fingerprint (SHA1): E1:2D:FB:4B:41:D7:D9:C3:2B:30:51:4B:AC:1D:81:D8:38:5E:2D:46
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UTN USERFirst Object Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\225\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\035\060\033\006\003\125
+\004\003\023\024\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\117\142\152\145\143\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\225\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\035\060\033\006\003\125
+\004\003\023\024\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\117\142\152\145\143\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\276\014\213\120\000\044\264\021\323\066\055\340\263
+\137\033
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\146\060\202\003\116\240\003\002\001\002\002\020\104
+\276\014\213\120\000\044\264\021\323\066\055\340\263\137\033\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\225\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
+\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
+\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
+\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
+\165\163\164\056\143\157\155\061\035\060\033\006\003\125\004\003
+\023\024\125\124\116\055\125\123\105\122\106\151\162\163\164\055
+\117\142\152\145\143\164\060\036\027\015\071\071\060\067\060\071
+\061\070\063\061\062\060\132\027\015\061\071\060\067\060\071\061
+\070\064\060\063\066\132\060\201\225\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\013\060\011\006\003\125\004\010\023
+\002\125\124\061\027\060\025\006\003\125\004\007\023\016\123\141
+\154\164\040\114\141\153\145\040\103\151\164\171\061\036\060\034
+\006\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124
+\122\125\123\124\040\116\145\164\167\157\162\153\061\041\060\037
+\006\003\125\004\013\023\030\150\164\164\160\072\057\057\167\167
+\167\056\165\163\145\162\164\162\165\163\164\056\143\157\155\061
+\035\060\033\006\003\125\004\003\023\024\125\124\116\055\125\123
+\105\122\106\151\162\163\164\055\117\142\152\145\143\164\060\202
+\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\316
+\252\201\077\243\243\141\170\252\061\000\125\225\021\236\047\017
+\037\034\337\072\233\202\150\060\300\112\141\035\361\057\016\372
+\276\171\367\245\043\357\125\121\226\204\315\333\343\271\156\076
+\061\330\012\040\147\307\364\331\277\224\353\107\004\076\002\316
+\052\242\135\207\004\011\366\060\235\030\212\227\262\252\034\374
+\101\322\241\066\313\373\075\221\272\347\331\160\065\372\344\347
+\220\303\233\243\233\323\074\365\022\231\167\261\267\011\340\150
+\346\034\270\363\224\143\210\152\152\376\013\166\311\276\364\042
+\344\147\271\253\032\136\167\301\205\007\335\015\154\277\356\006
+\307\167\152\101\236\247\017\327\373\356\224\027\267\374\205\276
+\244\253\304\034\061\335\327\266\321\344\360\357\337\026\217\262
+\122\223\327\241\324\211\241\007\056\277\341\001\022\102\036\032
+\341\330\225\064\333\144\171\050\377\272\056\021\302\345\350\133
+\222\110\373\107\013\302\154\332\255\062\203\101\363\245\345\101
+\160\375\145\220\155\372\372\121\304\371\275\226\053\031\004\054
+\323\155\247\334\360\177\157\203\145\342\152\253\207\206\165\002
+\003\001\000\001\243\201\257\060\201\254\060\013\006\003\125\035
+\017\004\004\003\002\001\306\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004
+\026\004\024\332\355\144\164\024\234\024\074\253\335\231\251\275
+\133\050\115\213\074\311\330\060\102\006\003\125\035\037\004\073
+\060\071\060\067\240\065\240\063\206\061\150\164\164\160\072\057
+\057\143\162\154\056\165\163\145\162\164\162\165\163\164\056\143
+\157\155\057\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\117\142\152\145\143\164\056\143\162\154\060\051\006\003\125
+\035\045\004\042\060\040\006\010\053\006\001\005\005\007\003\003
+\006\010\053\006\001\005\005\007\003\010\006\012\053\006\001\004
+\001\202\067\012\003\004\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\001\001\000\010\037\122\261\067\104
+\170\333\375\316\271\332\225\226\230\252\125\144\200\265\132\100
+\335\041\245\305\301\363\137\054\114\310\107\132\151\352\350\360
+\065\065\364\320\045\363\310\246\244\207\112\275\033\261\163\010
+\275\324\303\312\266\065\273\131\206\167\061\315\247\200\024\256
+\023\357\374\261\110\371\153\045\045\055\121\266\054\155\105\301
+\230\310\212\126\135\076\356\103\116\076\153\047\216\320\072\113
+\205\013\137\323\355\152\247\165\313\321\132\207\057\071\165\023
+\132\162\260\002\201\237\276\360\017\204\124\040\142\154\151\324
+\341\115\306\015\231\103\001\015\022\226\214\170\235\277\120\242
+\261\104\252\152\317\027\172\317\157\017\324\370\044\125\137\360
+\064\026\111\146\076\120\106\311\143\161\070\061\142\270\142\271
+\363\123\255\154\265\053\242\022\252\031\117\011\332\136\347\223
+\306\216\024\010\376\360\060\200\030\240\206\205\115\310\175\327
+\213\003\376\156\325\367\235\026\254\222\054\240\043\345\234\221
+\122\037\224\337\027\224\163\303\263\301\301\161\005\040\000\170
+\275\023\122\035\250\076\315\000\037\310
+END
+
+# Trust for Certificate "UTN USERFirst Object Root CA"
+# Issuer: CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
+# Subject: CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Not Valid Before: Fri Jul 09 18:31:20 1999
+# Not Valid After : Tue Jul 09 18:40:36 2019
+# Fingerprint (MD5): A7:F2:E4:16:06:41:11:50:30:6B:9C:E3:B4:9C:B0:C9
+# Fingerprint (SHA1): E1:2D:FB:4B:41:D7:D9:C3:2B:30:51:4B:AC:1D:81:D8:38:5E:2D:46
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UTN USERFirst Object Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\341\055\373\113\101\327\331\303\053\060\121\113\254\035\201\330
+\070\136\055\106
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\247\362\344\026\006\101\021\120\060\153\234\343\264\234\260\311
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\225\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\035\060\033\006\003\125
+\004\003\023\024\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\117\142\152\145\143\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\276\014\213\120\000\044\264\021\323\066\055\340\263
+\137\033
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Camerfirma Chambers of Commerce Root"
+#
+# Issuer: CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Serial Number: 0 (0x0)
+# Subject: CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Not Valid Before: Tue Sep 30 16:13:43 2003
+# Not Valid After : Wed Sep 30 16:13:44 2037
+# Fingerprint (MD5): B0:01:EE:14:D9:AF:29:18:94:76:8E:F1:69:33:2A:84
+# Fingerprint (SHA1): 6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Camerfirma Chambers of Commerce Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\042\060
+\040\006\003\125\004\003\023\031\103\150\141\155\142\145\162\163
+\040\157\146\040\103\157\155\155\145\162\143\145\040\122\157\157
+\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\042\060
+\040\006\003\125\004\003\023\031\103\150\141\155\142\145\162\163
+\040\157\146\040\103\157\155\155\145\162\143\145\040\122\157\157
+\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\275\060\202\003\245\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\177\061\013\060\011\006\003\125\004\006\023\002\105\125\061\047
+\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155\145
+\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101\070
+\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004\013
+\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150\141
+\155\142\145\162\163\151\147\156\056\157\162\147\061\042\060\040
+\006\003\125\004\003\023\031\103\150\141\155\142\145\162\163\040
+\157\146\040\103\157\155\155\145\162\143\145\040\122\157\157\164
+\060\036\027\015\060\063\060\071\063\060\061\066\061\063\064\063
+\132\027\015\063\067\060\071\063\060\061\066\061\063\064\064\132
+\060\177\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\042\060
+\040\006\003\125\004\003\023\031\103\150\141\155\142\145\162\163
+\040\157\146\040\103\157\155\155\145\162\143\145\040\122\157\157
+\164\060\202\001\040\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\015\000\060\202\001\010\002\202\001
+\001\000\267\066\125\345\245\135\030\060\340\332\211\124\221\374
+\310\307\122\370\057\120\331\357\261\165\163\145\107\175\033\133
+\272\165\305\374\241\210\044\372\057\355\312\010\112\071\124\304
+\121\172\265\332\140\352\070\074\201\262\313\361\273\331\221\043
+\077\110\001\160\165\251\005\052\255\037\161\363\311\124\075\035
+\006\152\100\076\263\014\205\356\134\033\171\302\142\304\270\066
+\216\065\135\001\014\043\004\107\065\252\233\140\116\240\146\075
+\313\046\012\234\100\241\364\135\230\277\161\253\245\000\150\052
+\355\203\172\017\242\024\265\324\042\263\200\260\074\014\132\121
+\151\055\130\030\217\355\231\236\361\256\342\225\346\366\107\250
+\326\014\017\260\130\130\333\303\146\067\236\233\221\124\063\067
+\322\224\034\152\110\311\311\362\245\332\245\014\043\367\043\016
+\234\062\125\136\161\234\204\005\121\232\055\375\346\116\052\064
+\132\336\312\100\067\147\014\124\041\125\167\332\012\014\314\227
+\256\200\334\224\066\112\364\076\316\066\023\036\123\344\254\116
+\072\005\354\333\256\162\234\070\213\320\071\073\211\012\076\167
+\376\165\002\001\003\243\202\001\104\060\202\001\100\060\022\006
+\003\125\035\023\001\001\377\004\010\060\006\001\001\377\002\001
+\014\060\074\006\003\125\035\037\004\065\060\063\060\061\240\057
+\240\055\206\053\150\164\164\160\072\057\057\143\162\154\056\143
+\150\141\155\142\145\162\163\151\147\156\056\157\162\147\057\143
+\150\141\155\142\145\162\163\162\157\157\164\056\143\162\154\060
+\035\006\003\125\035\016\004\026\004\024\343\224\365\261\115\351
+\333\241\051\133\127\213\115\166\006\166\341\321\242\212\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\021
+\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000
+\007\060\047\006\003\125\035\021\004\040\060\036\201\034\143\150
+\141\155\142\145\162\163\162\157\157\164\100\143\150\141\155\142
+\145\162\163\151\147\156\056\157\162\147\060\047\006\003\125\035
+\022\004\040\060\036\201\034\143\150\141\155\142\145\162\163\162
+\157\157\164\100\143\150\141\155\142\145\162\163\151\147\156\056
+\157\162\147\060\130\006\003\125\035\040\004\121\060\117\060\115
+\006\013\053\006\001\004\001\201\207\056\012\003\001\060\076\060
+\074\006\010\053\006\001\005\005\007\002\001\026\060\150\164\164
+\160\072\057\057\143\160\163\056\143\150\141\155\142\145\162\163
+\151\147\156\056\157\162\147\057\143\160\163\057\143\150\141\155
+\142\145\162\163\162\157\157\164\056\150\164\155\154\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
+\000\014\101\227\302\032\206\300\042\174\237\373\220\363\032\321
+\003\261\357\023\371\041\137\004\234\332\311\245\215\047\154\226
+\207\221\276\101\220\001\162\223\347\036\175\137\366\211\306\135
+\247\100\011\075\254\111\105\105\334\056\215\060\150\262\011\272
+\373\303\057\314\272\013\337\077\167\173\106\175\072\022\044\216
+\226\217\074\005\012\157\322\224\050\035\155\014\300\056\210\042
+\325\330\317\035\023\307\360\110\327\327\005\247\317\307\107\236
+\073\074\064\310\200\117\324\024\273\374\015\120\367\372\263\354
+\102\137\251\335\155\310\364\165\317\173\301\162\046\261\001\034
+\134\054\375\172\116\264\001\305\005\127\271\347\074\252\005\331
+\210\351\007\106\101\316\357\101\201\256\130\337\203\242\256\312
+\327\167\037\347\000\074\235\157\216\344\062\011\035\115\170\064
+\170\064\074\224\233\046\355\117\161\306\031\172\275\040\042\110
+\132\376\113\175\003\267\347\130\276\306\062\116\164\036\150\335
+\250\150\133\263\076\356\142\175\331\200\350\012\165\172\267\356
+\264\145\232\041\220\340\252\320\230\274\070\265\163\074\213\370
+\334
+END
+
+# Trust for Certificate "Camerfirma Chambers of Commerce Root"
+# Issuer: CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Serial Number: 0 (0x0)
+# Subject: CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Not Valid Before: Tue Sep 30 16:13:43 2003
+# Not Valid After : Wed Sep 30 16:13:44 2037
+# Fingerprint (MD5): B0:01:EE:14:D9:AF:29:18:94:76:8E:F1:69:33:2A:84
+# Fingerprint (SHA1): 6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Camerfirma Chambers of Commerce Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\156\072\125\244\031\014\031\134\223\204\074\300\333\162\056\061
+\060\141\360\261
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\260\001\356\024\331\257\051\030\224\166\216\361\151\063\052\204
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\177\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\042\060
+\040\006\003\125\004\003\023\031\103\150\141\155\142\145\162\163
+\040\157\146\040\103\157\155\155\145\162\143\145\040\122\157\157
+\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Camerfirma Global Chambersign Root"
+#
+# Issuer: CN=Global Chambersign Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Serial Number: 0 (0x0)
+# Subject: CN=Global Chambersign Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Not Valid Before: Tue Sep 30 16:14:18 2003
+# Not Valid After : Wed Sep 30 16:14:18 2037
+# Fingerprint (MD5): C5:E6:7B:BF:06:D0:4F:43:ED:C4:7A:65:8A:FB:6B:19
+# Fingerprint (SHA1): 33:9B:6B:14:50:24:9B:55:7A:01:87:72:84:D9:E0:2F:C3:D2:D8:E9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Camerfirma Global Chambersign Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\040\060
+\036\006\003\125\004\003\023\027\107\154\157\142\141\154\040\103
+\150\141\155\142\145\162\163\151\147\156\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\040\060
+\036\006\003\125\004\003\023\027\107\154\157\142\141\154\040\103
+\150\141\155\142\145\162\163\151\147\156\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\305\060\202\003\255\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\175\061\013\060\011\006\003\125\004\006\023\002\105\125\061\047
+\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155\145
+\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101\070
+\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004\013
+\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150\141
+\155\142\145\162\163\151\147\156\056\157\162\147\061\040\060\036
+\006\003\125\004\003\023\027\107\154\157\142\141\154\040\103\150
+\141\155\142\145\162\163\151\147\156\040\122\157\157\164\060\036
+\027\015\060\063\060\071\063\060\061\066\061\064\061\070\132\027
+\015\063\067\060\071\063\060\061\066\061\064\061\070\132\060\175
+\061\013\060\011\006\003\125\004\006\023\002\105\125\061\047\060
+\045\006\003\125\004\012\023\036\101\103\040\103\141\155\145\162
+\146\151\162\155\141\040\123\101\040\103\111\106\040\101\070\062
+\067\064\063\062\070\067\061\043\060\041\006\003\125\004\013\023
+\032\150\164\164\160\072\057\057\167\167\167\056\143\150\141\155
+\142\145\162\163\151\147\156\056\157\162\147\061\040\060\036\006
+\003\125\004\003\023\027\107\154\157\142\141\154\040\103\150\141
+\155\142\145\162\163\151\147\156\040\122\157\157\164\060\202\001
+\040\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\001\015\000\060\202\001\010\002\202\001\001\000\242\160
+\242\320\237\102\256\133\027\307\330\175\317\024\203\374\117\311
+\241\267\023\257\212\327\236\076\004\012\222\213\140\126\372\264
+\062\057\210\115\241\140\010\364\267\011\116\240\111\057\111\326
+\323\337\235\227\132\237\224\004\160\354\077\131\331\267\314\146
+\213\230\122\050\011\002\337\305\057\204\215\172\227\167\277\354
+\100\235\045\162\253\265\077\062\230\373\267\267\374\162\204\345
+\065\207\371\125\372\243\037\016\157\056\050\335\151\240\331\102
+\020\306\370\265\104\302\320\103\177\333\274\344\242\074\152\125
+\170\012\167\251\330\352\031\062\267\057\376\134\077\033\356\261
+\230\354\312\255\172\151\105\343\226\017\125\366\346\355\165\352
+\145\350\062\126\223\106\211\250\045\212\145\006\356\153\277\171
+\007\320\361\267\257\355\054\115\222\273\300\250\137\247\147\175
+\004\362\025\010\160\254\222\326\175\004\322\063\373\114\266\013
+\013\373\032\311\304\215\003\251\176\134\362\120\253\022\245\241
+\317\110\120\245\357\322\310\032\023\372\260\177\261\202\034\167
+\152\017\137\334\013\225\217\357\103\176\346\105\011\045\002\001
+\003\243\202\001\120\060\202\001\114\060\022\006\003\125\035\023
+\001\001\377\004\010\060\006\001\001\377\002\001\014\060\077\006
+\003\125\035\037\004\070\060\066\060\064\240\062\240\060\206\056
+\150\164\164\160\072\057\057\143\162\154\056\143\150\141\155\142
+\145\162\163\151\147\156\056\157\162\147\057\143\150\141\155\142
+\145\162\163\151\147\156\162\157\157\164\056\143\162\154\060\035
+\006\003\125\035\016\004\026\004\024\103\234\066\237\260\236\060
+\115\306\316\137\255\020\253\345\003\245\372\251\024\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\021\006
+\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007
+\060\052\006\003\125\035\021\004\043\060\041\201\037\143\150\141
+\155\142\145\162\163\151\147\156\162\157\157\164\100\143\150\141
+\155\142\145\162\163\151\147\156\056\157\162\147\060\052\006\003
+\125\035\022\004\043\060\041\201\037\143\150\141\155\142\145\162
+\163\151\147\156\162\157\157\164\100\143\150\141\155\142\145\162
+\163\151\147\156\056\157\162\147\060\133\006\003\125\035\040\004
+\124\060\122\060\120\006\013\053\006\001\004\001\201\207\056\012
+\001\001\060\101\060\077\006\010\053\006\001\005\005\007\002\001
+\026\063\150\164\164\160\072\057\057\143\160\163\056\143\150\141
+\155\142\145\162\163\151\147\156\056\157\162\147\057\143\160\163
+\057\143\150\141\155\142\145\162\163\151\147\156\162\157\157\164
+\056\150\164\155\154\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\003\202\001\001\000\074\073\160\221\371\004\124
+\047\221\341\355\355\376\150\177\141\135\345\101\145\117\062\361
+\030\005\224\152\034\336\037\160\333\076\173\062\002\064\265\014
+\154\241\212\174\245\364\217\377\324\330\255\027\325\055\004\321
+\077\130\200\342\201\131\210\276\300\343\106\223\044\376\220\275
+\046\242\060\055\350\227\046\127\065\211\164\226\030\366\025\342
+\257\044\031\126\002\002\262\272\017\024\352\306\212\146\301\206
+\105\125\213\276\222\276\234\244\004\307\111\074\236\350\051\172
+\211\327\376\257\377\150\365\245\027\220\275\254\231\314\245\206
+\127\011\147\106\333\326\026\302\106\361\344\251\120\365\217\321
+\222\025\323\137\076\306\000\111\072\156\130\262\321\321\047\015
+\045\310\062\370\040\021\315\175\062\063\110\224\124\114\335\334
+\171\304\060\237\353\216\270\125\265\327\210\134\305\152\044\075
+\262\323\005\003\121\306\007\357\314\024\162\164\075\156\162\316
+\030\050\214\112\240\167\345\011\053\105\104\107\254\267\147\177
+\001\212\005\132\223\276\241\301\377\370\347\016\147\244\107\111
+\166\135\165\220\032\365\046\217\360
+END
+
+# Trust for Certificate "Camerfirma Global Chambersign Root"
+# Issuer: CN=Global Chambersign Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Serial Number: 0 (0x0)
+# Subject: CN=Global Chambersign Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
+# Not Valid Before: Tue Sep 30 16:14:18 2003
+# Not Valid After : Wed Sep 30 16:14:18 2037
+# Fingerprint (MD5): C5:E6:7B:BF:06:D0:4F:43:ED:C4:7A:65:8A:FB:6B:19
+# Fingerprint (SHA1): 33:9B:6B:14:50:24:9B:55:7A:01:87:72:84:D9:E0:2F:C3:D2:D8:E9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Camerfirma Global Chambersign Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\063\233\153\024\120\044\233\125\172\001\207\162\204\331\340\057
+\303\322\330\351
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\305\346\173\277\006\320\117\103\355\304\172\145\212\373\153\031
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\105\125\061
+\047\060\045\006\003\125\004\012\023\036\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\101\040\103\111\106\040\101
+\070\062\067\064\063\062\070\067\061\043\060\041\006\003\125\004
+\013\023\032\150\164\164\160\072\057\057\167\167\167\056\143\150
+\141\155\142\145\162\163\151\147\156\056\157\162\147\061\040\060
+\036\006\003\125\004\003\023\027\107\154\157\142\141\154\040\103
+\150\141\155\142\145\162\163\151\147\156\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "XRamp Global CA Root"
+#
+# Issuer: CN=XRamp Global Certification Authority,O=XRamp Security Services Inc,OU=www.xrampsecurity.com,C=US
+# Serial Number:50:94:6c:ec:18:ea:d5:9c:4d:d5:97:ef:75:8f:a0:ad
+# Subject: CN=XRamp Global Certification Authority,O=XRamp Security Services Inc,OU=www.xrampsecurity.com,C=US
+# Not Valid Before: Mon Nov 01 17:14:04 2004
+# Not Valid After : Mon Jan 01 05:37:19 2035
+# Fingerprint (MD5): A1:0B:44:B3:CA:10:D8:00:6E:9D:0F:D8:0F:92:0A:D1
+# Fingerprint (SHA1): B8:01:86:D1:EB:9C:86:A5:41:04:CF:30:54:F3:4C:52:B7:E5:58:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "XRamp Global CA Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\036\060\034\006\003\125\004\013\023\025\167\167\167\056\170
+\162\141\155\160\163\145\143\165\162\151\164\171\056\143\157\155
+\061\044\060\042\006\003\125\004\012\023\033\130\122\141\155\160
+\040\123\145\143\165\162\151\164\171\040\123\145\162\166\151\143
+\145\163\040\111\156\143\061\055\060\053\006\003\125\004\003\023
+\044\130\122\141\155\160\040\107\154\157\142\141\154\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\036\060\034\006\003\125\004\013\023\025\167\167\167\056\170
+\162\141\155\160\163\145\143\165\162\151\164\171\056\143\157\155
+\061\044\060\042\006\003\125\004\012\023\033\130\122\141\155\160
+\040\123\145\143\165\162\151\164\171\040\123\145\162\166\151\143
+\145\163\040\111\156\143\061\055\060\053\006\003\125\004\003\023
+\044\130\122\141\155\160\040\107\154\157\142\141\154\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\120\224\154\354\030\352\325\234\115\325\227\357\165\217
+\240\255
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\060\060\202\003\030\240\003\002\001\002\002\020\120
+\224\154\354\030\352\325\234\115\325\227\357\165\217\240\255\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\202\061\013\060\011\006\003\125\004\006\023\002\125\123\061\036
+\060\034\006\003\125\004\013\023\025\167\167\167\056\170\162\141
+\155\160\163\145\143\165\162\151\164\171\056\143\157\155\061\044
+\060\042\006\003\125\004\012\023\033\130\122\141\155\160\040\123
+\145\143\165\162\151\164\171\040\123\145\162\166\151\143\145\163
+\040\111\156\143\061\055\060\053\006\003\125\004\003\023\044\130
+\122\141\155\160\040\107\154\157\142\141\154\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\060\036\027\015\060\064\061\061\060\061\061\067\061
+\064\060\064\132\027\015\063\065\060\061\060\061\060\065\063\067
+\061\071\132\060\201\202\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\036\060\034\006\003\125\004\013\023\025\167\167
+\167\056\170\162\141\155\160\163\145\143\165\162\151\164\171\056
+\143\157\155\061\044\060\042\006\003\125\004\012\023\033\130\122
+\141\155\160\040\123\145\143\165\162\151\164\171\040\123\145\162
+\166\151\143\145\163\040\111\156\143\061\055\060\053\006\003\125
+\004\003\023\044\130\122\141\155\160\040\107\154\157\142\141\154
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\230\044\036\275\025\264\272
+\337\307\214\245\047\266\070\013\151\363\266\116\250\054\056\041
+\035\134\104\337\041\135\176\043\164\376\136\176\264\112\267\246
+\255\037\256\340\006\026\342\233\133\331\147\164\153\135\200\217
+\051\235\206\033\331\234\015\230\155\166\020\050\130\344\145\260
+\177\112\230\171\237\340\303\061\176\200\053\265\214\300\100\073
+\021\206\320\313\242\206\066\140\244\325\060\202\155\331\156\320
+\017\022\004\063\227\137\117\141\132\360\344\371\221\253\347\035
+\073\274\350\317\364\153\055\064\174\342\110\141\034\216\363\141
+\104\314\157\240\112\251\224\260\115\332\347\251\064\172\162\070
+\250\101\314\074\224\021\175\353\310\246\214\267\206\313\312\063
+\073\331\075\067\213\373\172\076\206\054\347\163\327\012\127\254
+\144\233\031\353\364\017\004\010\212\254\003\027\031\144\364\132
+\045\042\215\064\054\262\366\150\035\022\155\323\212\036\024\332
+\304\217\246\342\043\205\325\172\015\275\152\340\351\354\354\027
+\273\102\033\147\252\045\355\105\203\041\374\301\311\174\325\142
+\076\372\362\305\055\323\375\324\145\002\003\001\000\001\243\201
+\237\060\201\234\060\023\006\011\053\006\001\004\001\202\067\024
+\002\004\006\036\004\000\103\000\101\060\013\006\003\125\035\017
+\004\004\003\002\001\206\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\306\117\242\075\006\143\204\011\234\316\142\344\004\254
+\215\134\265\351\266\033\060\066\006\003\125\035\037\004\057\060
+\055\060\053\240\051\240\047\206\045\150\164\164\160\072\057\057
+\143\162\154\056\170\162\141\155\160\163\145\143\165\162\151\164
+\171\056\143\157\155\057\130\107\103\101\056\143\162\154\060\020
+\006\011\053\006\001\004\001\202\067\025\001\004\003\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\221\025\071\003\001\033\147\373\112\034\371\012
+\140\133\241\332\115\227\142\371\044\123\047\327\202\144\116\220
+\056\303\111\033\053\232\334\374\250\170\147\065\361\035\360\021
+\275\267\110\343\020\366\015\337\077\322\311\266\252\125\244\110
+\272\002\333\336\131\056\025\133\073\235\026\175\107\327\067\352
+\137\115\166\022\066\273\037\327\241\201\004\106\040\243\054\155
+\251\236\001\176\077\051\316\000\223\337\375\311\222\163\211\211
+\144\236\347\053\344\034\221\054\322\271\316\175\316\157\061\231
+\323\346\276\322\036\220\360\011\024\171\134\043\253\115\322\332
+\041\037\115\231\171\235\341\317\047\237\020\233\034\210\015\260
+\212\144\101\061\270\016\154\220\044\244\233\134\161\217\272\273
+\176\034\033\333\152\200\017\041\274\351\333\246\267\100\364\262
+\213\251\261\344\357\232\032\320\075\151\231\356\250\050\243\341
+\074\263\360\262\021\234\317\174\100\346\335\347\103\175\242\330
+\072\265\251\215\362\064\231\304\324\020\341\006\375\011\204\020
+\073\356\304\114\364\354\047\174\102\302\164\174\202\212\011\311
+\264\003\045\274
+END
+
+# Trust for Certificate "XRamp Global CA Root"
+# Issuer: CN=XRamp Global Certification Authority,O=XRamp Security Services Inc,OU=www.xrampsecurity.com,C=US
+# Serial Number:50:94:6c:ec:18:ea:d5:9c:4d:d5:97:ef:75:8f:a0:ad
+# Subject: CN=XRamp Global Certification Authority,O=XRamp Security Services Inc,OU=www.xrampsecurity.com,C=US
+# Not Valid Before: Mon Nov 01 17:14:04 2004
+# Not Valid After : Mon Jan 01 05:37:19 2035
+# Fingerprint (MD5): A1:0B:44:B3:CA:10:D8:00:6E:9D:0F:D8:0F:92:0A:D1
+# Fingerprint (SHA1): B8:01:86:D1:EB:9C:86:A5:41:04:CF:30:54:F3:4C:52:B7:E5:58:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "XRamp Global CA Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\270\001\206\321\353\234\206\245\101\004\317\060\124\363\114\122
+\267\345\130\306
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\241\013\104\263\312\020\330\000\156\235\017\330\017\222\012\321
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\036\060\034\006\003\125\004\013\023\025\167\167\167\056\170
+\162\141\155\160\163\145\143\165\162\151\164\171\056\143\157\155
+\061\044\060\042\006\003\125\004\012\023\033\130\122\141\155\160
+\040\123\145\143\165\162\151\164\171\040\123\145\162\166\151\143
+\145\163\040\111\156\143\061\055\060\053\006\003\125\004\003\023
+\044\130\122\141\155\160\040\107\154\157\142\141\154\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\120\224\154\354\030\352\325\234\115\325\227\357\165\217
+\240\255
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Go Daddy Class 2 CA"
+#
+# Issuer: OU=Go Daddy Class 2 Certification Authority,O="The Go Daddy Group, Inc.",C=US
+# Serial Number: 0 (0x0)
+# Subject: OU=Go Daddy Class 2 Certification Authority,O="The Go Daddy Group, Inc.",C=US
+# Not Valid Before: Tue Jun 29 17:06:20 2004
+# Not Valid After : Thu Jun 29 17:06:20 2034
+# Fingerprint (MD5): 91:DE:06:25:AB:DA:FD:32:17:0C:BB:25:17:2A:84:67
+# Fingerprint (SHA1): 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Go Daddy Class 2 CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\041\060\037\006\003\125\004\012\023\030\124\150\145\040\107\157
+\040\104\141\144\144\171\040\107\162\157\165\160\054\040\111\156
+\143\056\061\061\060\057\006\003\125\004\013\023\050\107\157\040
+\104\141\144\144\171\040\103\154\141\163\163\040\062\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\041\060\037\006\003\125\004\012\023\030\124\150\145\040\107\157
+\040\104\141\144\144\171\040\107\162\157\165\160\054\040\111\156
+\143\056\061\061\060\057\006\003\125\004\013\023\050\107\157\040
+\104\141\144\144\171\040\103\154\141\163\163\040\062\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\000\060\202\002\350\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061\041
+\060\037\006\003\125\004\012\023\030\124\150\145\040\107\157\040
+\104\141\144\144\171\040\107\162\157\165\160\054\040\111\156\143
+\056\061\061\060\057\006\003\125\004\013\023\050\107\157\040\104
+\141\144\144\171\040\103\154\141\163\163\040\062\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\060\036\027\015\060\064\060\066\062\071\061\067
+\060\066\062\060\132\027\015\063\064\060\066\062\071\061\067\060
+\066\062\060\132\060\143\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\041\060\037\006\003\125\004\012\023\030\124\150
+\145\040\107\157\040\104\141\144\144\171\040\107\162\157\165\160
+\054\040\111\156\143\056\061\061\060\057\006\003\125\004\013\023
+\050\107\157\040\104\141\144\144\171\040\103\154\141\163\163\040
+\062\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\101\165\164\150\157\162\151\164\171\060\202\001\040\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\015
+\000\060\202\001\010\002\202\001\001\000\336\235\327\352\127\030
+\111\241\133\353\327\137\110\206\352\276\335\377\344\357\147\034
+\364\145\150\263\127\161\240\136\167\273\355\233\111\351\160\200
+\075\126\030\143\010\157\332\362\314\320\077\177\002\124\042\124
+\020\330\262\201\324\300\165\075\113\177\307\167\303\076\170\253
+\032\003\265\040\153\057\152\053\261\305\210\176\304\273\036\260
+\301\330\105\047\157\252\067\130\367\207\046\327\330\055\366\251
+\027\267\037\162\066\116\246\027\077\145\230\222\333\052\156\135
+\242\376\210\340\013\336\177\345\215\025\341\353\313\072\325\342
+\022\242\023\055\330\216\257\137\022\075\240\010\005\010\266\134
+\245\145\070\004\105\231\036\243\140\140\164\305\101\245\162\142
+\033\142\305\037\157\137\032\102\276\002\121\145\250\256\043\030
+\152\374\170\003\251\115\177\200\303\372\253\132\374\241\100\244
+\312\031\026\376\262\310\357\136\163\015\356\167\275\232\366\171
+\230\274\261\007\147\242\025\015\335\240\130\306\104\173\012\076
+\142\050\137\272\101\007\123\130\317\021\176\070\164\305\370\377
+\265\151\220\217\204\164\352\227\033\257\002\001\003\243\201\300
+\060\201\275\060\035\006\003\125\035\016\004\026\004\024\322\304
+\260\322\221\324\114\021\161\263\141\313\075\241\376\335\250\152
+\324\343\060\201\215\006\003\125\035\043\004\201\205\060\201\202
+\200\024\322\304\260\322\221\324\114\021\161\263\141\313\075\241
+\376\335\250\152\324\343\241\147\244\145\060\143\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\041\060\037\006\003\125
+\004\012\023\030\124\150\145\040\107\157\040\104\141\144\144\171
+\040\107\162\157\165\160\054\040\111\156\143\056\061\061\060\057
+\006\003\125\004\013\023\050\107\157\040\104\141\144\144\171\040
+\103\154\141\163\163\040\062\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\202
+\001\000\060\014\006\003\125\035\023\004\005\060\003\001\001\377
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\062\113\363\262\312\076\221\374\022\306\241\007
+\214\216\167\240\063\006\024\134\220\036\030\367\010\246\075\012
+\031\371\207\200\021\156\151\344\226\027\060\377\064\221\143\162
+\070\356\314\034\001\243\035\224\050\244\061\366\172\304\124\327
+\366\345\061\130\003\242\314\316\142\333\224\105\163\265\277\105
+\311\044\265\325\202\002\255\043\171\151\215\270\266\115\316\317
+\114\312\063\043\350\034\210\252\235\213\101\156\026\311\040\345
+\211\236\315\073\332\160\367\176\231\046\040\024\124\045\253\156
+\163\205\346\233\041\235\012\154\202\016\250\370\302\014\372\020
+\036\154\226\357\207\015\304\017\141\213\255\356\203\053\225\370
+\216\222\204\162\071\353\040\352\203\355\203\315\227\156\010\274
+\353\116\046\266\163\053\344\323\366\114\376\046\161\342\141\021
+\164\112\377\127\032\207\017\165\110\056\317\121\151\027\240\002
+\022\141\225\325\321\100\262\020\114\356\304\254\020\103\246\245
+\236\012\325\225\142\232\015\317\210\202\305\062\014\344\053\237
+\105\346\015\237\050\234\261\271\052\132\127\255\067\017\257\035
+\177\333\275\237
+END
+
+# Trust for Certificate "Go Daddy Class 2 CA"
+# Issuer: OU=Go Daddy Class 2 Certification Authority,O="The Go Daddy Group, Inc.",C=US
+# Serial Number: 0 (0x0)
+# Subject: OU=Go Daddy Class 2 Certification Authority,O="The Go Daddy Group, Inc.",C=US
+# Not Valid Before: Tue Jun 29 17:06:20 2004
+# Not Valid After : Thu Jun 29 17:06:20 2034
+# Fingerprint (MD5): 91:DE:06:25:AB:DA:FD:32:17:0C:BB:25:17:2A:84:67
+# Fingerprint (SHA1): 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Go Daddy Class 2 CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\047\226\272\346\077\030\001\342\167\046\033\240\327\167\160\002
+\217\040\356\344
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\221\336\006\045\253\332\375\062\027\014\273\045\027\052\204\147
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\041\060\037\006\003\125\004\012\023\030\124\150\145\040\107\157
+\040\104\141\144\144\171\040\107\162\157\165\160\054\040\111\156
+\143\056\061\061\060\057\006\003\125\004\013\023\050\107\157\040
+\104\141\144\144\171\040\103\154\141\163\163\040\062\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Starfield Class 2 CA"
+#
+# Issuer: OU=Starfield Class 2 Certification Authority,O="Starfield Technologies, Inc.",C=US
+# Serial Number: 0 (0x0)
+# Subject: OU=Starfield Class 2 Certification Authority,O="Starfield Technologies, Inc.",C=US
+# Not Valid Before: Tue Jun 29 17:39:16 2004
+# Not Valid After : Thu Jun 29 17:39:16 2034
+# Fingerprint (MD5): 32:4A:4B:BB:C8:63:69:9B:BE:74:9A:C6:DD:1D:46:24
+# Fingerprint (SHA1): AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Starfield Class 2 CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\150\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\045\060\043\006\003\125\004\012\023\034\123\164\141\162\146\151
+\145\154\144\040\124\145\143\150\156\157\154\157\147\151\145\163
+\054\040\111\156\143\056\061\062\060\060\006\003\125\004\013\023
+\051\123\164\141\162\146\151\145\154\144\040\103\154\141\163\163
+\040\062\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\150\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\045\060\043\006\003\125\004\012\023\034\123\164\141\162\146\151
+\145\154\144\040\124\145\143\150\156\157\154\157\147\151\145\163
+\054\040\111\156\143\056\061\062\060\060\006\003\125\004\013\023
+\051\123\164\141\162\146\151\145\154\144\040\103\154\141\163\163
+\040\062\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\017\060\202\002\367\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\150\061\013\060\011\006\003\125\004\006\023\002\125\123\061\045
+\060\043\006\003\125\004\012\023\034\123\164\141\162\146\151\145
+\154\144\040\124\145\143\150\156\157\154\157\147\151\145\163\054
+\040\111\156\143\056\061\062\060\060\006\003\125\004\013\023\051
+\123\164\141\162\146\151\145\154\144\040\103\154\141\163\163\040
+\062\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\101\165\164\150\157\162\151\164\171\060\036\027\015\060\064\060
+\066\062\071\061\067\063\071\061\066\132\027\015\063\064\060\066
+\062\071\061\067\063\071\061\066\132\060\150\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\045\060\043\006\003\125\004
+\012\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143
+\150\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061
+\062\060\060\006\003\125\004\013\023\051\123\164\141\162\146\151
+\145\154\144\040\103\154\141\163\163\040\062\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\060\202\001\040\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\015\000\060\202\001\010\002
+\202\001\001\000\267\062\310\376\351\161\246\004\205\255\014\021
+\144\337\316\115\357\310\003\030\207\077\241\253\373\074\246\237
+\360\303\241\332\324\330\156\053\123\220\373\044\244\076\204\360
+\236\350\137\354\345\047\104\365\050\246\077\173\336\340\052\360
+\310\257\123\057\236\312\005\001\223\036\217\146\034\071\247\115
+\372\132\266\163\004\045\146\353\167\177\347\131\306\112\231\045
+\024\124\353\046\307\363\177\031\325\060\160\217\257\260\106\052
+\377\255\353\051\355\327\237\252\004\207\243\324\371\211\245\064
+\137\333\103\221\202\066\331\146\074\261\270\271\202\375\234\072
+\076\020\310\073\357\006\145\146\172\233\031\030\075\377\161\121
+\074\060\056\137\276\075\167\163\262\135\006\154\303\043\126\232
+\053\205\046\222\034\247\002\263\344\077\015\257\010\171\202\270
+\066\075\352\234\323\065\263\274\151\312\365\314\235\350\375\144
+\215\027\200\063\156\136\112\135\231\311\036\207\264\235\032\300
+\325\156\023\065\043\136\337\233\137\075\357\326\367\166\302\352
+\076\273\170\015\034\102\147\153\004\330\370\326\332\157\213\362
+\104\240\001\253\002\001\003\243\201\305\060\201\302\060\035\006
+\003\125\035\016\004\026\004\024\277\137\267\321\316\335\037\206
+\364\133\125\254\334\327\020\302\016\251\210\347\060\201\222\006
+\003\125\035\043\004\201\212\060\201\207\200\024\277\137\267\321
+\316\335\037\206\364\133\125\254\334\327\020\302\016\251\210\347
+\241\154\244\152\060\150\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\045\060\043\006\003\125\004\012\023\034\123\164
+\141\162\146\151\145\154\144\040\124\145\143\150\156\157\154\157
+\147\151\145\163\054\040\111\156\143\056\061\062\060\060\006\003
+\125\004\013\023\051\123\164\141\162\146\151\145\154\144\040\103
+\154\141\163\163\040\062\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\202\001
+\000\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\001\001\000\005\235\077\210\235\321\311\032\125\241\254\151\363
+\363\131\332\233\001\207\032\117\127\251\241\171\011\052\333\367
+\057\262\036\314\307\136\152\330\203\207\241\227\357\111\065\076
+\167\006\101\130\142\277\216\130\270\012\147\077\354\263\335\041
+\146\037\311\124\372\162\314\075\114\100\330\201\257\167\236\203
+\172\273\242\307\365\064\027\216\331\021\100\364\374\054\052\115
+\025\177\247\142\135\056\045\323\000\013\040\032\035\150\371\027
+\270\364\275\213\355\050\131\335\115\026\213\027\203\310\262\145
+\307\055\172\245\252\274\123\206\155\335\127\244\312\370\040\101
+\013\150\360\364\373\164\276\126\135\172\171\365\371\035\205\343
+\055\225\276\365\161\220\103\314\215\037\232\000\012\207\051\351
+\125\042\130\000\043\352\343\022\103\051\133\107\010\335\214\101
+\152\145\006\250\345\041\252\101\264\225\041\225\271\175\321\064
+\253\023\326\255\274\334\342\075\071\315\275\076\165\160\241\030
+\131\003\311\042\264\217\234\325\136\052\327\245\266\324\012\155
+\370\267\100\021\106\232\037\171\016\142\277\017\227\354\340\057
+\037\027\224
+END
+
+# Trust for Certificate "Starfield Class 2 CA"
+# Issuer: OU=Starfield Class 2 Certification Authority,O="Starfield Technologies, Inc.",C=US
+# Serial Number: 0 (0x0)
+# Subject: OU=Starfield Class 2 Certification Authority,O="Starfield Technologies, Inc.",C=US
+# Not Valid Before: Tue Jun 29 17:39:16 2004
+# Not Valid After : Thu Jun 29 17:39:16 2034
+# Fingerprint (MD5): 32:4A:4B:BB:C8:63:69:9B:BE:74:9A:C6:DD:1D:46:24
+# Fingerprint (SHA1): AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Starfield Class 2 CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\255\176\034\050\260\144\357\217\140\003\100\040\024\303\320\343
+\067\016\265\212
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\062\112\113\273\310\143\151\233\276\164\232\306\335\035\106\044
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\150\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\045\060\043\006\003\125\004\012\023\034\123\164\141\162\146\151
+\145\154\144\040\124\145\143\150\156\157\154\157\147\151\145\163
+\054\040\111\156\143\056\061\062\060\060\006\003\125\004\013\023
+\051\123\164\141\162\146\151\145\154\144\040\103\154\141\163\163
+\040\062\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "StartCom Certification Authority"
+#
+# Issuer: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Serial Number: 1 (0x1)
+# Subject: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Not Valid Before: Sun Sep 17 19:46:36 2006
+# Not Valid After : Wed Sep 17 19:46:36 2036
+# Fingerprint (MD5): 22:4D:8F:8A:FC:F7:35:C2:BB:57:34:90:7B:8B:22:16
+# Fingerprint (SHA1): 3E:2B:F7:F2:03:1B:96:F3:8C:E6:C4:D8:A8:5D:3E:2D:58:47:6A:0F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "StartCom Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013
+\023\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154
+\040\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147
+\156\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123
+\164\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013
+\023\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154
+\040\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147
+\156\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123
+\164\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\007\311\060\202\005\261\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061\026
+\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103\157
+\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013\023
+\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154\040
+\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147\156
+\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123\164
+\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
+\027\015\060\066\060\071\061\067\061\071\064\066\063\066\132\027
+\015\063\066\060\071\061\067\061\071\064\066\063\066\132\060\175
+\061\013\060\011\006\003\125\004\006\023\002\111\114\061\026\060
+\024\006\003\125\004\012\023\015\123\164\141\162\164\103\157\155
+\040\114\164\144\056\061\053\060\051\006\003\125\004\013\023\042
+\123\145\143\165\162\145\040\104\151\147\151\164\141\154\040\103
+\145\162\164\151\146\151\143\141\164\145\040\123\151\147\156\151
+\156\147\061\051\060\047\006\003\125\004\003\023\040\123\164\141
+\162\164\103\157\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\060\202\002
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\002\017\000\060\202\002\012\002\202\002\001\000\301\210
+\333\011\274\154\106\174\170\237\225\173\265\063\220\362\162\142
+\326\301\066\040\042\044\136\316\351\167\362\103\012\242\006\144
+\244\314\216\066\370\070\346\043\360\156\155\261\074\335\162\243
+\205\034\241\323\075\264\063\053\323\057\257\376\352\260\101\131
+\147\266\304\006\175\012\236\164\205\326\171\114\200\067\172\337
+\071\005\122\131\367\364\033\106\103\244\322\205\205\322\303\161
+\363\165\142\064\272\054\212\177\036\217\356\355\064\320\021\307
+\226\315\122\075\272\063\326\335\115\336\013\073\112\113\237\302
+\046\057\372\265\026\034\162\065\167\312\074\135\346\312\341\046
+\213\032\066\166\134\001\333\164\024\045\376\355\265\240\210\017
+\335\170\312\055\037\007\227\060\001\055\162\171\372\106\326\023
+\052\250\271\246\253\203\111\035\345\362\357\335\344\001\216\030
+\012\217\143\123\026\205\142\251\016\031\072\314\265\146\246\302
+\153\164\007\344\053\341\166\076\264\155\330\366\104\341\163\142
+\037\073\304\276\240\123\126\045\154\121\011\367\252\253\312\277
+\166\375\155\233\363\235\333\277\075\146\274\014\126\252\257\230
+\110\225\072\113\337\247\130\120\331\070\165\251\133\352\103\014
+\002\377\231\353\350\154\115\160\133\051\145\234\335\252\135\314
+\257\001\061\354\014\353\322\215\350\352\234\173\346\156\367\047
+\146\014\032\110\327\156\102\343\077\336\041\076\173\341\015\160
+\373\143\252\250\154\032\124\264\134\045\172\311\242\311\213\026
+\246\273\054\176\027\136\005\115\130\156\022\035\001\356\022\020
+\015\306\062\177\030\377\374\364\372\315\156\221\350\066\111\276
+\032\110\151\213\302\226\115\032\022\262\151\027\301\012\220\326
+\372\171\042\110\277\272\173\151\370\160\307\372\172\067\330\330
+\015\322\166\117\127\377\220\267\343\221\322\335\357\302\140\267
+\147\072\335\376\252\234\360\324\213\177\162\042\316\306\237\227
+\266\370\257\212\240\020\250\331\373\030\306\266\265\134\122\074
+\211\266\031\052\163\001\012\017\003\263\022\140\362\172\057\201
+\333\243\156\377\046\060\227\365\213\335\211\127\266\255\075\263
+\257\053\305\267\166\002\360\245\326\053\232\206\024\052\162\366
+\343\063\214\135\011\113\023\337\273\214\164\023\122\113\002\003
+\001\000\001\243\202\002\122\060\202\002\116\060\014\006\003\125
+\035\023\004\005\060\003\001\001\377\060\013\006\003\125\035\017
+\004\004\003\002\001\256\060\035\006\003\125\035\016\004\026\004
+\024\116\013\357\032\244\100\133\245\027\151\207\060\312\064\150
+\103\320\101\256\362\060\144\006\003\125\035\037\004\135\060\133
+\060\054\240\052\240\050\206\046\150\164\164\160\072\057\057\143
+\145\162\164\056\163\164\141\162\164\143\157\155\056\157\162\147
+\057\163\146\163\143\141\055\143\162\154\056\143\162\154\060\053
+\240\051\240\047\206\045\150\164\164\160\072\057\057\143\162\154
+\056\163\164\141\162\164\143\157\155\056\157\162\147\057\163\146
+\163\143\141\055\143\162\154\056\143\162\154\060\202\001\135\006
+\003\125\035\040\004\202\001\124\060\202\001\120\060\202\001\114
+\006\013\053\006\001\004\001\201\265\067\001\001\001\060\202\001
+\073\060\057\006\010\053\006\001\005\005\007\002\001\026\043\150
+\164\164\160\072\057\057\143\145\162\164\056\163\164\141\162\164
+\143\157\155\056\157\162\147\057\160\157\154\151\143\171\056\160
+\144\146\060\065\006\010\053\006\001\005\005\007\002\001\026\051
+\150\164\164\160\072\057\057\143\145\162\164\056\163\164\141\162
+\164\143\157\155\056\157\162\147\057\151\156\164\145\162\155\145
+\144\151\141\164\145\056\160\144\146\060\201\320\006\010\053\006
+\001\005\005\007\002\002\060\201\303\060\047\026\040\123\164\141
+\162\164\040\103\157\155\155\145\162\143\151\141\154\040\050\123
+\164\141\162\164\103\157\155\051\040\114\164\144\056\060\003\002
+\001\001\032\201\227\114\151\155\151\164\145\144\040\114\151\141
+\142\151\154\151\164\171\054\040\162\145\141\144\040\164\150\145
+\040\163\145\143\164\151\157\156\040\052\114\145\147\141\154\040
+\114\151\155\151\164\141\164\151\157\156\163\052\040\157\146\040
+\164\150\145\040\123\164\141\162\164\103\157\155\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\120\157\154\151\143\171\040\141\166\141\151
+\154\141\142\154\145\040\141\164\040\150\164\164\160\072\057\057
+\143\145\162\164\056\163\164\141\162\164\143\157\155\056\157\162
+\147\057\160\157\154\151\143\171\056\160\144\146\060\021\006\011
+\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060
+\070\006\011\140\206\110\001\206\370\102\001\015\004\053\026\051
+\123\164\141\162\164\103\157\155\040\106\162\145\145\040\123\123
+\114\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\101\165\164\150\157\162\151\164\171\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\002\001\000\026\154\231
+\364\146\014\064\365\320\205\136\175\012\354\332\020\116\070\034
+\136\337\246\045\005\113\221\062\301\350\073\361\075\335\104\011
+\133\007\111\212\051\313\146\002\267\261\232\367\045\230\011\074
+\216\033\341\335\066\207\053\113\273\150\323\071\146\075\240\046
+\307\362\071\221\035\121\253\202\173\176\325\316\132\344\342\003
+\127\160\151\227\010\371\136\130\246\012\337\214\006\232\105\026
+\026\070\012\136\127\366\142\307\172\002\005\346\274\036\265\362
+\236\364\251\051\203\370\262\024\343\156\050\207\104\303\220\032
+\336\070\251\074\254\103\115\144\105\316\335\050\251\134\362\163
+\173\004\370\027\350\253\261\363\056\134\144\156\163\061\072\022
+\270\274\263\021\344\175\217\201\121\232\073\215\211\364\115\223
+\146\173\074\003\355\323\232\035\232\363\145\120\365\240\320\165
+\237\057\257\360\352\202\103\230\370\151\234\211\171\304\103\216
+\106\162\343\144\066\022\257\367\045\036\070\211\220\167\176\303
+\153\152\271\303\313\104\113\254\170\220\213\347\307\054\036\113
+\021\104\310\064\122\047\315\012\135\237\205\301\211\325\032\170
+\362\225\020\123\062\335\200\204\146\165\331\265\150\050\373\141
+\056\276\204\250\070\300\231\022\206\245\036\147\144\255\006\056
+\057\251\160\205\307\226\017\174\211\145\365\216\103\124\016\253
+\335\245\200\071\224\140\300\064\311\226\160\054\243\022\365\037
+\110\173\275\034\176\153\267\235\220\364\042\073\256\370\374\052
+\312\372\202\122\240\357\257\113\125\223\353\301\265\360\042\213
+\254\064\116\046\042\004\241\207\054\165\112\267\345\175\023\327
+\270\014\144\300\066\322\311\057\206\022\214\043\011\301\033\202
+\073\163\111\243\152\127\207\224\345\326\170\305\231\103\143\343
+\115\340\167\055\341\145\231\162\151\004\032\107\011\346\017\001
+\126\044\373\037\277\016\171\251\130\056\271\304\011\001\176\225
+\272\155\000\006\076\262\352\112\020\071\330\320\053\365\277\354
+\165\277\227\002\305\011\033\010\334\125\067\342\201\373\067\204
+\103\142\040\312\347\126\113\145\352\376\154\301\044\223\044\241
+\064\353\005\377\232\042\256\233\175\077\361\145\121\012\246\060
+\152\263\364\210\034\200\015\374\162\212\350\203\136
+END
+
+# Trust for Certificate "StartCom Certification Authority"
+# Issuer: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Serial Number: 1 (0x1)
+# Subject: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Not Valid Before: Sun Sep 17 19:46:36 2006
+# Not Valid After : Wed Sep 17 19:46:36 2036
+# Fingerprint (MD5): 22:4D:8F:8A:FC:F7:35:C2:BB:57:34:90:7B:8B:22:16
+# Fingerprint (SHA1): 3E:2B:F7:F2:03:1B:96:F3:8C:E6:C4:D8:A8:5D:3E:2D:58:47:6A:0F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "StartCom Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\076\053\367\362\003\033\226\363\214\346\304\330\250\135\076\055
+\130\107\152\017
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\042\115\217\212\374\367\065\302\273\127\064\220\173\213\042\026
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013
+\023\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154
+\040\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147
+\156\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123
+\164\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Taiwan GRCA"
+#
+# Issuer: O=Government Root Certification Authority,C=TW
+# Serial Number:1f:9d:59:5a:d7:2f:c2:06:44:a5:80:08:69:e3:5e:f6
+# Subject: O=Government Root Certification Authority,C=TW
+# Not Valid Before: Thu Dec 05 13:23:33 2002
+# Not Valid After : Sun Dec 05 13:23:33 2032
+# Fingerprint (MD5): 37:85:44:53:32:45:1F:20:F0:F3:95:E1:25:C4:43:4E
+# Fingerprint (SHA1): F4:8B:11:BF:DE:AB:BE:94:54:20:71:E6:41:DE:6B:BE:88:2B:40:B9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Taiwan GRCA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\077\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\060\060\056\006\003\125\004\012\014\047\107\157\166\145\162\156
+\155\145\156\164\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\077\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\060\060\056\006\003\125\004\012\014\047\107\157\166\145\162\156
+\155\145\156\164\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\037\235\131\132\327\057\302\006\104\245\200\010\151\343
+\136\366
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\162\060\202\003\132\240\003\002\001\002\002\020\037
+\235\131\132\327\057\302\006\104\245\200\010\151\343\136\366\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\077
+\061\013\060\011\006\003\125\004\006\023\002\124\127\061\060\060
+\056\006\003\125\004\012\014\047\107\157\166\145\162\156\155\145
+\156\164\040\122\157\157\164\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
+\036\027\015\060\062\061\062\060\065\061\063\062\063\063\063\132
+\027\015\063\062\061\062\060\065\061\063\062\063\063\063\132\060
+\077\061\013\060\011\006\003\125\004\006\023\002\124\127\061\060
+\060\056\006\003\125\004\012\014\047\107\157\166\145\162\156\155
+\145\156\164\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\232\045\270\354\314\242\165\250\173\367\316\133\131\212\311
+\321\206\022\010\124\354\234\362\347\106\366\210\363\174\351\245
+\337\114\107\066\244\033\001\034\177\036\127\212\215\303\305\321
+\041\343\332\044\077\110\053\373\237\056\241\224\347\054\034\223
+\321\277\033\001\207\123\231\316\247\365\012\041\166\167\377\251
+\267\306\163\224\117\106\367\020\111\067\372\250\131\111\135\152
+\201\007\126\362\212\371\006\320\367\160\042\115\264\267\101\271
+\062\270\261\360\261\303\234\077\160\375\123\335\201\252\330\143
+\170\366\330\123\156\241\254\152\204\044\162\124\206\306\322\262
+\312\034\016\171\201\326\265\160\142\010\001\056\116\117\016\325
+\021\257\251\257\345\232\277\334\314\207\155\046\344\311\127\242
+\373\226\371\314\341\077\123\214\154\114\176\233\123\010\013\154
+\027\373\147\310\302\255\261\315\200\264\227\334\166\001\026\025
+\351\152\327\244\341\170\107\316\206\325\373\061\363\372\061\276
+\064\252\050\373\160\114\035\111\307\257\054\235\155\146\246\266
+\215\144\176\265\040\152\235\073\201\266\217\100\000\147\113\211
+\206\270\314\145\376\025\123\351\004\301\326\137\035\104\327\012
+\057\047\232\106\175\241\015\165\255\124\206\025\334\111\073\361
+\226\316\017\233\240\354\243\172\135\276\325\052\165\102\345\173
+\336\245\266\252\257\050\254\254\220\254\070\267\325\150\065\046
+\172\334\367\073\363\375\105\233\321\273\103\170\156\157\361\102
+\124\152\230\360\015\255\227\351\122\136\351\325\152\162\336\152
+\367\033\140\024\364\245\344\266\161\147\252\037\352\342\115\301
+\102\100\376\147\106\027\070\057\107\077\161\234\256\345\041\312
+\141\055\155\007\250\204\174\055\356\121\045\361\143\220\236\375
+\341\127\210\153\357\212\043\155\261\346\275\077\255\321\075\226
+\013\205\215\315\153\047\273\267\005\233\354\273\221\251\012\007
+\022\002\227\116\040\220\360\377\015\036\342\101\073\323\100\072
+\347\215\135\332\146\344\002\260\007\122\230\134\016\216\063\234
+\302\246\225\373\125\031\156\114\216\256\113\017\275\301\070\115
+\136\217\204\035\146\315\305\140\226\264\122\132\005\211\216\225
+\172\230\301\221\074\225\043\262\016\364\171\264\311\174\301\112
+\041\002\003\001\000\001\243\152\060\150\060\035\006\003\125\035
+\016\004\026\004\024\314\314\357\314\051\140\244\073\261\222\266
+\074\372\062\142\217\254\045\025\073\060\014\006\003\125\035\023
+\004\005\060\003\001\001\377\060\071\006\004\147\052\007\000\004
+\061\060\057\060\055\002\001\000\060\011\006\005\053\016\003\002
+\032\005\000\060\007\006\005\147\052\003\000\000\004\024\003\233
+\360\042\023\377\225\050\066\323\334\236\300\062\373\061\072\212
+\121\145\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\202\002\001\000\100\200\112\372\046\311\316\136\060\335
+\117\206\164\166\130\365\256\263\203\063\170\244\172\164\027\031
+\116\351\122\265\271\340\012\164\142\252\150\312\170\240\114\232
+\216\054\043\056\325\152\022\044\277\324\150\323\212\320\330\234
+\237\264\037\014\336\070\176\127\070\374\215\342\117\136\014\237
+\253\073\322\377\165\227\313\244\343\147\010\377\345\300\026\265
+\110\001\175\351\371\012\377\033\345\152\151\277\170\041\250\302
+\247\043\251\206\253\166\126\350\016\014\366\023\335\052\146\212
+\144\111\075\032\030\207\220\004\237\102\122\267\117\313\376\107
+\101\166\065\357\377\000\166\066\105\062\233\306\106\205\135\342
+\044\260\036\343\110\226\230\127\107\224\125\172\017\101\261\104
+\044\363\301\376\032\153\277\210\375\301\246\332\223\140\136\201
+\112\231\040\234\110\146\031\265\000\171\124\017\270\054\057\113
+\274\251\135\133\140\177\214\207\245\340\122\143\052\276\330\073
+\205\100\025\376\036\266\145\077\305\113\332\176\265\172\065\051
+\243\056\172\230\140\042\243\364\175\047\116\055\352\264\164\074
+\351\017\244\063\017\020\021\274\023\001\326\345\016\323\277\265
+\022\242\341\105\043\300\314\010\156\141\267\211\253\203\343\044
+\036\346\135\007\347\037\040\076\317\147\310\347\254\060\155\047
+\113\150\156\113\052\134\002\010\064\333\370\166\344\147\243\046
+\234\077\242\062\302\112\305\201\030\061\020\126\252\204\357\055
+\012\377\270\037\167\322\277\245\130\240\142\344\327\113\221\165
+\215\211\200\230\176\155\313\123\116\136\257\366\262\227\205\227
+\271\332\125\006\271\044\356\327\306\070\036\143\033\022\073\225
+\341\130\254\362\337\204\325\137\231\057\015\125\133\346\070\333
+\056\077\162\351\110\205\313\273\051\023\217\036\070\125\271\363
+\262\304\060\231\043\116\135\362\110\241\022\014\334\022\220\011
+\220\124\221\003\074\107\345\325\311\145\340\267\113\175\354\107
+\323\263\013\076\255\236\320\164\000\016\353\275\121\255\300\336
+\054\300\303\152\376\357\334\013\247\372\106\337\140\333\234\246
+\131\120\165\043\151\163\223\262\371\374\002\323\107\346\161\316
+\020\002\356\047\214\204\377\254\105\015\023\134\203\062\340\045
+\245\206\054\174\364\022
+END
+
+# Trust for Certificate "Taiwan GRCA"
+# Issuer: O=Government Root Certification Authority,C=TW
+# Serial Number:1f:9d:59:5a:d7:2f:c2:06:44:a5:80:08:69:e3:5e:f6
+# Subject: O=Government Root Certification Authority,C=TW
+# Not Valid Before: Thu Dec 05 13:23:33 2002
+# Not Valid After : Sun Dec 05 13:23:33 2032
+# Fingerprint (MD5): 37:85:44:53:32:45:1F:20:F0:F3:95:E1:25:C4:43:4E
+# Fingerprint (SHA1): F4:8B:11:BF:DE:AB:BE:94:54:20:71:E6:41:DE:6B:BE:88:2B:40:B9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Taiwan GRCA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\364\213\021\277\336\253\276\224\124\040\161\346\101\336\153\276
+\210\053\100\271
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\067\205\104\123\062\105\037\040\360\363\225\341\045\304\103\116
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\077\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\060\060\056\006\003\125\004\012\014\047\107\157\166\145\162\156
+\155\145\156\164\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\037\235\131\132\327\057\302\006\104\245\200\010\151\343
+\136\366
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Swisscom Root CA 1"
+#
+# Issuer: CN=Swisscom Root CA 1,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Serial Number:5c:0b:85:5c:0b:e7:59:41:df:57:cc:3f:7f:9d:a8:36
+# Subject: CN=Swisscom Root CA 1,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Not Valid Before: Thu Aug 18 12:06:20 2005
+# Not Valid After : Mon Aug 18 22:06:20 2025
+# Fingerprint (MD5): F8:38:7C:77:88:DF:2C:16:68:2E:C2:E2:52:4B:B8:F9
+# Fingerprint (SHA1): 5F:3A:FC:0A:8B:64:F6:86:67:34:74:DF:7E:A9:A2:FE:F9:FA:7A:51
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Swisscom Root CA 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\033\060\031\006\003\125
+\004\003\023\022\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\103\101\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\033\060\031\006\003\125
+\004\003\023\022\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\134\013\205\134\013\347\131\101\337\127\314\077\177\235
+\250\066
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\331\060\202\003\301\240\003\002\001\002\002\020\134
+\013\205\134\013\347\131\101\337\127\314\077\177\235\250\066\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\144
+\061\013\060\011\006\003\125\004\006\023\002\143\150\061\021\060
+\017\006\003\125\004\012\023\010\123\167\151\163\163\143\157\155
+\061\045\060\043\006\003\125\004\013\023\034\104\151\147\151\164
+\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040\123
+\145\162\166\151\143\145\163\061\033\060\031\006\003\125\004\003
+\023\022\123\167\151\163\163\143\157\155\040\122\157\157\164\040
+\103\101\040\061\060\036\027\015\060\065\060\070\061\070\061\062
+\060\066\062\060\132\027\015\062\065\060\070\061\070\062\062\060
+\066\062\060\132\060\144\061\013\060\011\006\003\125\004\006\023
+\002\143\150\061\021\060\017\006\003\125\004\012\023\010\123\167
+\151\163\163\143\157\155\061\045\060\043\006\003\125\004\013\023
+\034\104\151\147\151\164\141\154\040\103\145\162\164\151\146\151
+\143\141\164\145\040\123\145\162\166\151\143\145\163\061\033\060
+\031\006\003\125\004\003\023\022\123\167\151\163\163\143\157\155
+\040\122\157\157\164\040\103\101\040\061\060\202\002\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
+\017\000\060\202\002\012\002\202\002\001\000\320\271\260\250\014
+\331\273\077\041\370\033\325\063\223\200\026\145\040\165\262\075
+\233\140\155\106\310\214\061\157\027\303\372\232\154\126\355\074
+\305\221\127\303\315\253\226\111\220\052\031\113\036\243\155\127
+\335\361\053\142\050\165\105\136\252\326\133\372\013\045\330\241
+\026\371\034\304\056\346\225\052\147\314\320\051\156\074\205\064
+\070\141\111\261\000\237\326\072\161\137\115\155\316\137\271\251
+\344\211\177\152\122\372\312\233\362\334\251\371\235\231\107\077
+\116\051\137\264\246\215\135\173\013\231\021\003\003\376\347\333
+\333\243\377\035\245\315\220\036\001\037\065\260\177\000\333\220
+\157\306\176\173\321\356\172\172\247\252\014\127\157\244\155\305
+\023\073\260\245\331\355\062\034\264\136\147\213\124\334\163\207
+\345\323\027\174\146\120\162\135\324\032\130\301\331\317\330\211
+\002\157\247\111\264\066\135\320\244\336\007\054\266\165\267\050
+\221\326\227\276\050\365\230\036\352\133\046\311\275\260\227\163
+\332\256\221\046\353\150\301\371\071\025\326\147\113\012\155\117
+\313\317\260\344\102\161\214\123\171\347\356\341\333\035\240\156
+\035\214\032\167\065\134\026\036\053\123\037\064\213\321\154\374
+\362\147\007\172\365\255\355\326\232\253\241\261\113\341\314\067
+\137\375\177\315\115\256\270\037\234\103\371\052\130\125\103\105
+\274\226\315\160\016\374\311\343\146\272\116\215\073\201\313\025
+\144\173\271\224\350\135\063\122\205\161\056\117\216\242\006\021
+\121\311\343\313\241\156\061\010\144\014\302\322\074\365\066\350
+\327\320\016\170\043\040\221\311\044\052\145\051\133\042\367\041
+\316\203\136\244\363\336\113\323\150\217\106\165\134\203\011\156
+\051\153\304\160\214\365\235\327\040\057\377\106\322\053\070\302
+\057\165\034\075\176\332\245\357\036\140\205\151\102\323\314\370
+\143\376\036\103\071\205\246\266\143\101\020\263\163\036\274\323
+\372\312\175\026\107\342\247\325\320\243\212\012\010\226\142\126
+\156\064\333\331\002\271\060\165\343\004\322\347\217\302\260\021
+\100\012\254\325\161\002\142\213\061\276\335\306\043\130\061\102
+\103\055\164\371\306\236\246\212\017\351\376\277\203\346\103\127
+\044\272\357\106\064\252\327\022\001\070\355\002\003\001\000\001
+\243\201\206\060\201\203\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\206\060\035\006\003\125\035\041\004\026\060
+\024\060\022\006\007\140\205\164\001\123\000\001\006\007\140\205
+\164\001\123\000\001\060\022\006\003\125\035\023\001\001\377\004
+\010\060\006\001\001\377\002\001\007\060\037\006\003\125\035\043
+\004\030\060\026\200\024\003\045\057\336\157\202\001\072\134\054
+\334\053\241\151\265\147\324\214\323\375\060\035\006\003\125\035
+\016\004\026\004\024\003\045\057\336\157\202\001\072\134\054\334
+\053\241\151\265\147\324\214\323\375\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\002\001\000\065\020\313
+\354\246\004\015\015\017\315\300\333\253\250\362\210\227\014\337
+\223\057\115\174\100\126\061\172\353\244\017\140\315\172\363\276
+\303\047\216\003\076\244\335\022\357\176\036\164\006\074\077\061
+\362\034\173\221\061\041\264\360\320\154\227\324\351\227\262\044
+\126\036\126\303\065\275\210\005\017\133\020\032\144\341\307\202
+\060\371\062\255\236\120\054\347\170\005\320\061\261\132\230\212
+\165\116\220\134\152\024\052\340\122\107\202\140\346\036\332\201
+\261\373\024\013\132\361\237\322\225\272\076\320\033\326\025\035
+\243\276\206\325\333\017\300\111\144\273\056\120\031\113\322\044
+\370\335\036\007\126\320\070\240\225\160\040\166\214\327\335\036
+\336\237\161\304\043\357\203\023\134\243\044\025\115\051\100\074
+\152\304\251\330\267\246\104\245\015\364\340\235\167\036\100\160
+\046\374\332\331\066\344\171\344\265\077\274\233\145\276\273\021
+\226\317\333\306\050\071\072\010\316\107\133\123\132\305\231\376
+\135\251\335\357\114\324\306\245\255\002\346\214\007\022\036\157
+\003\321\157\240\243\363\051\275\022\307\120\242\260\177\210\251
+\231\167\232\261\300\245\071\056\134\174\151\342\054\260\352\067
+\152\244\341\132\341\365\120\345\203\357\245\273\052\210\347\214
+\333\375\155\136\227\031\250\176\146\165\153\161\352\277\261\307
+\157\240\364\216\244\354\064\121\133\214\046\003\160\241\167\325
+\001\022\127\000\065\333\043\336\016\212\050\231\375\261\020\157
+\113\377\070\055\140\116\054\234\353\147\265\255\111\356\113\037
+\254\257\373\015\220\132\146\140\160\135\252\315\170\324\044\356
+\310\101\240\223\001\222\234\152\236\374\271\044\305\263\025\202
+\176\276\256\225\053\353\261\300\332\343\001\140\013\136\151\254
+\204\126\141\276\161\027\376\035\023\017\376\306\207\105\351\376
+\062\240\032\015\023\244\224\125\161\245\026\213\272\312\211\260
+\262\307\374\217\330\124\265\223\142\235\316\317\131\373\075\030
+\316\052\313\065\025\202\135\377\124\042\133\161\122\373\267\311
+\376\140\233\000\101\144\360\252\052\354\266\102\103\316\211\146
+\201\310\213\237\071\124\003\045\323\026\065\216\204\320\137\372
+\060\032\365\232\154\364\016\123\371\072\133\321\034
+END
+
+# Trust for Certificate "Swisscom Root CA 1"
+# Issuer: CN=Swisscom Root CA 1,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Serial Number:5c:0b:85:5c:0b:e7:59:41:df:57:cc:3f:7f:9d:a8:36
+# Subject: CN=Swisscom Root CA 1,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Not Valid Before: Thu Aug 18 12:06:20 2005
+# Not Valid After : Mon Aug 18 22:06:20 2025
+# Fingerprint (MD5): F8:38:7C:77:88:DF:2C:16:68:2E:C2:E2:52:4B:B8:F9
+# Fingerprint (SHA1): 5F:3A:FC:0A:8B:64:F6:86:67:34:74:DF:7E:A9:A2:FE:F9:FA:7A:51
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Swisscom Root CA 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\137\072\374\012\213\144\366\206\147\064\164\337\176\251\242\376
+\371\372\172\121
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\370\070\174\167\210\337\054\026\150\056\302\342\122\113\270\371
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\033\060\031\006\003\125
+\004\003\023\022\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\134\013\205\134\013\347\131\101\337\127\314\077\177\235
+\250\066
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Assured ID Root CA"
+#
+# Issuer: CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
+# Subject: CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Fri Nov 10 00:00:00 2006
+# Not Valid After : Mon Nov 10 00:00:00 2031
+# Fingerprint (MD5): 87:CE:0B:7B:2A:0E:49:00:E1:58:71:9B:37:A8:93:72
+# Fingerprint (SHA1): 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Assured ID Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\014\347\340\345\027\330\106\376\217\345\140\374\033\360
+\060\071
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\267\060\202\002\237\240\003\002\001\002\002\020\014
+\347\340\345\027\330\106\376\217\345\140\374\033\360\060\071\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\145
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\044\060\042\006\003\125\004\003\023\033\104\151\147\151\103\145
+\162\164\040\101\163\163\165\162\145\144\040\111\104\040\122\157
+\157\164\040\103\101\060\036\027\015\060\066\061\061\061\060\060
+\060\060\060\060\060\132\027\015\063\061\061\061\061\060\060\060
+\060\060\060\060\132\060\145\061\013\060\011\006\003\125\004\006
+\023\002\125\123\061\025\060\023\006\003\125\004\012\023\014\104
+\151\147\151\103\145\162\164\040\111\156\143\061\031\060\027\006
+\003\125\004\013\023\020\167\167\167\056\144\151\147\151\143\145
+\162\164\056\143\157\155\061\044\060\042\006\003\125\004\003\023
+\033\104\151\147\151\103\145\162\164\040\101\163\163\165\162\145
+\144\040\111\104\040\122\157\157\164\040\103\101\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\255\016\025
+\316\344\103\200\134\261\207\363\267\140\371\161\022\245\256\334
+\046\224\210\252\364\316\365\040\071\050\130\140\014\370\200\332
+\251\025\225\062\141\074\265\261\050\204\212\212\334\237\012\014
+\203\027\172\217\220\254\212\347\171\123\134\061\204\052\366\017
+\230\062\066\166\314\336\335\074\250\242\357\152\373\041\362\122
+\141\337\237\040\327\037\342\261\331\376\030\144\322\022\133\137
+\371\130\030\065\274\107\315\241\066\371\153\177\324\260\070\076
+\301\033\303\214\063\331\330\057\030\376\050\017\263\247\203\326
+\303\156\104\300\141\065\226\026\376\131\234\213\166\155\327\361
+\242\113\015\053\377\013\162\332\236\140\320\216\220\065\306\170
+\125\207\040\241\317\345\155\012\310\111\174\061\230\063\154\042
+\351\207\320\062\132\242\272\023\202\021\355\071\027\235\231\072
+\162\241\346\372\244\331\325\027\061\165\256\205\175\042\256\077
+\001\106\206\366\050\171\310\261\332\344\127\027\304\176\034\016
+\260\264\222\246\126\263\275\262\227\355\252\247\360\267\305\250
+\077\225\026\320\377\241\226\353\010\137\030\167\117\002\003\001
+\000\001\243\143\060\141\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\206\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\105\353\242\257\364\222\313\202\061\055\121\213\247\247
+\041\235\363\155\310\017\060\037\006\003\125\035\043\004\030\060
+\026\200\024\105\353\242\257\364\222\313\202\061\055\121\213\247
+\247\041\235\363\155\310\017\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\003\202\001\001\000\242\016\274\337\342
+\355\360\343\162\163\172\144\224\277\367\162\146\330\062\344\102
+\165\142\256\207\353\362\325\331\336\126\263\237\314\316\024\050
+\271\015\227\140\134\022\114\130\344\323\075\203\111\105\130\227
+\065\151\032\250\107\352\126\306\171\253\022\330\147\201\204\337
+\177\011\074\224\346\270\046\054\040\275\075\263\050\211\367\137
+\377\042\342\227\204\037\351\145\357\207\340\337\301\147\111\263
+\135\353\262\011\052\353\046\355\170\276\175\077\053\363\267\046
+\065\155\137\211\001\266\111\133\237\001\005\233\253\075\045\301
+\314\266\177\302\361\157\206\306\372\144\150\353\201\055\224\353
+\102\267\372\214\036\335\142\361\276\120\147\267\154\275\363\361
+\037\153\014\066\007\026\177\067\174\251\133\155\172\361\022\106
+\140\203\327\047\004\276\113\316\227\276\303\147\052\150\021\337
+\200\347\014\063\146\277\023\015\024\156\363\177\037\143\020\036
+\372\215\033\045\155\154\217\245\267\141\001\261\322\243\046\241
+\020\161\235\255\342\303\371\303\231\121\267\053\007\010\316\056
+\346\120\262\247\372\012\105\057\242\360\362
+END
+
+# Trust for Certificate "DigiCert Assured ID Root CA"
+# Issuer: CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
+# Subject: CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Fri Nov 10 00:00:00 2006
+# Not Valid After : Mon Nov 10 00:00:00 2031
+# Fingerprint (MD5): 87:CE:0B:7B:2A:0E:49:00:E1:58:71:9B:37:A8:93:72
+# Fingerprint (SHA1): 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Assured ID Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\005\143\270\143\015\142\327\132\273\310\253\036\113\337\265\250
+\231\262\115\103
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\207\316\013\173\052\016\111\000\341\130\161\233\067\250\223\162
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\014\347\340\345\027\330\106\376\217\345\140\374\033\360
+\060\071
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Global Root CA"
+#
+# Issuer: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:08:3b:e0:56:90:42:46:b1:a1:75:6a:c9:59:91:c7:4a
+# Subject: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Fri Nov 10 00:00:00 2006
+# Not Valid After : Mon Nov 10 00:00:00 2031
+# Fingerprint (MD5): 79:E4:A9:84:0D:7D:3A:96:D7:C0:4F:E2:43:4C:89:2E
+# Fingerprint (SHA1): A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Global Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\010\073\340\126\220\102\106\261\241\165\152\311\131\221
+\307\112
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\257\060\202\002\227\240\003\002\001\002\002\020\010
+\073\340\126\220\102\106\261\241\165\152\311\131\221\307\112\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\141
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\040\060\036\006\003\125\004\003\023\027\104\151\147\151\103\145
+\162\164\040\107\154\157\142\141\154\040\122\157\157\164\040\103
+\101\060\036\027\015\060\066\061\061\061\060\060\060\060\060\060
+\060\132\027\015\063\061\061\061\061\060\060\060\060\060\060\060
+\132\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103
+\145\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013
+\023\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143
+\157\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147
+\151\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157
+\164\040\103\101\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\342\073\341\021\162\336\250\244\323\243\127
+\252\120\242\217\013\167\220\311\242\245\356\022\316\226\133\001
+\011\040\314\001\223\247\116\060\267\123\367\103\304\151\000\127
+\235\342\215\042\335\207\006\100\000\201\011\316\316\033\203\277
+\337\315\073\161\106\342\326\146\307\005\263\166\047\026\217\173
+\236\036\225\175\356\267\110\243\010\332\326\257\172\014\071\006
+\145\177\112\135\037\274\027\370\253\276\356\050\327\164\177\172
+\170\231\131\205\150\156\134\043\062\113\277\116\300\350\132\155
+\343\160\277\167\020\277\374\001\366\205\331\250\104\020\130\062
+\251\165\030\325\321\242\276\107\342\047\152\364\232\063\370\111
+\010\140\213\324\137\264\072\204\277\241\252\112\114\175\076\317
+\117\137\154\166\136\240\113\067\221\236\334\042\346\155\316\024
+\032\216\152\313\376\315\263\024\144\027\307\133\051\236\062\277
+\362\356\372\323\013\102\324\253\267\101\062\332\014\324\357\370
+\201\325\273\215\130\077\265\033\350\111\050\242\160\332\061\004
+\335\367\262\026\362\114\012\116\007\250\355\112\075\136\265\177
+\243\220\303\257\047\002\003\001\000\001\243\143\060\141\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\035\006\003\125\035\016\004\026\004\024\003\336\120\065\126\321
+\114\273\146\360\243\342\033\033\303\227\262\075\321\125\060\037
+\006\003\125\035\043\004\030\060\026\200\024\003\336\120\065\126
+\321\114\273\146\360\243\342\033\033\303\227\262\075\321\125\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\001\001\000\313\234\067\252\110\023\022\012\372\335\104\234\117
+\122\260\364\337\256\004\365\171\171\010\243\044\030\374\113\053
+\204\300\055\271\325\307\376\364\301\037\130\313\270\155\234\172
+\164\347\230\051\253\021\265\343\160\240\241\315\114\210\231\223
+\214\221\160\342\253\017\034\276\223\251\377\143\325\344\007\140
+\323\243\277\235\133\011\361\325\216\343\123\364\216\143\372\077
+\247\333\264\146\337\142\146\326\321\156\101\215\362\055\265\352
+\167\112\237\235\130\342\053\131\300\100\043\355\055\050\202\105
+\076\171\124\222\046\230\340\200\110\250\067\357\360\326\171\140
+\026\336\254\350\016\315\156\254\104\027\070\057\111\332\341\105
+\076\052\271\066\123\317\072\120\006\367\056\350\304\127\111\154
+\141\041\030\325\004\255\170\074\054\072\200\153\247\353\257\025
+\024\351\330\211\301\271\070\154\342\221\154\212\377\144\271\167
+\045\127\060\300\033\044\243\341\334\351\337\107\174\265\264\044
+\010\005\060\354\055\275\013\277\105\277\120\271\251\363\353\230
+\001\022\255\310\210\306\230\064\137\215\012\074\306\351\325\225
+\225\155\336
+END
+
+# Trust for Certificate "DigiCert Global Root CA"
+# Issuer: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:08:3b:e0:56:90:42:46:b1:a1:75:6a:c9:59:91:c7:4a
+# Subject: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Fri Nov 10 00:00:00 2006
+# Not Valid After : Mon Nov 10 00:00:00 2031
+# Fingerprint (MD5): 79:E4:A9:84:0D:7D:3A:96:D7:C0:4F:E2:43:4C:89:2E
+# Fingerprint (SHA1): A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Global Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\250\230\135\072\145\345\345\304\262\327\326\155\100\306\335\057
+\261\234\124\066
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\171\344\251\204\015\175\072\226\327\300\117\342\103\114\211\056
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\010\073\340\126\220\102\106\261\241\165\152\311\131\221
+\307\112
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert High Assurance EV Root CA"
+#
+# Issuer: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
+# Subject: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Fri Nov 10 00:00:00 2006
+# Not Valid After : Mon Nov 10 00:00:00 2031
+# Fingerprint (MD5): D4:74:DE:57:5C:39:B2:D3:9C:85:83:C5:C0:65:49:8A
+# Fingerprint (SHA1): 5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert High Assurance EV Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\154\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\053\060\051\006\003\125\004\003\023\042\104\151\147\151
+\103\145\162\164\040\110\151\147\150\040\101\163\163\165\162\141
+\156\143\145\040\105\126\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\154\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\053\060\051\006\003\125\004\003\023\042\104\151\147\151
+\103\145\162\164\040\110\151\147\150\040\101\163\163\165\162\141
+\156\143\145\040\105\126\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\002\254\134\046\152\013\100\233\217\013\171\362\256\106
+\045\167
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\305\060\202\002\255\240\003\002\001\002\002\020\002
+\254\134\046\152\013\100\233\217\013\171\362\256\106\045\167\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\154
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\053\060\051\006\003\125\004\003\023\042\104\151\147\151\103\145
+\162\164\040\110\151\147\150\040\101\163\163\165\162\141\156\143
+\145\040\105\126\040\122\157\157\164\040\103\101\060\036\027\015
+\060\066\061\061\061\060\060\060\060\060\060\060\132\027\015\063
+\061\061\061\061\060\060\060\060\060\060\060\132\060\154\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\025\060\023\006
+\003\125\004\012\023\014\104\151\147\151\103\145\162\164\040\111
+\156\143\061\031\060\027\006\003\125\004\013\023\020\167\167\167
+\056\144\151\147\151\143\145\162\164\056\143\157\155\061\053\060
+\051\006\003\125\004\003\023\042\104\151\147\151\103\145\162\164
+\040\110\151\147\150\040\101\163\163\165\162\141\156\143\145\040
+\105\126\040\122\157\157\164\040\103\101\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\306\314\345\163\346
+\373\324\273\345\055\055\062\246\337\345\201\077\311\315\045\111
+\266\161\052\303\325\224\064\147\242\012\034\260\137\151\246\100
+\261\304\267\262\217\320\230\244\251\101\131\072\323\334\224\326
+\074\333\164\070\244\112\314\115\045\202\367\112\245\123\022\070
+\356\363\111\155\161\221\176\143\266\253\246\137\303\244\204\370
+\117\142\121\276\370\305\354\333\070\222\343\006\345\010\221\014
+\304\050\101\125\373\313\132\211\025\176\161\350\065\277\115\162
+\011\075\276\072\070\120\133\167\061\033\215\263\307\044\105\232
+\247\254\155\000\024\132\004\267\272\023\353\121\012\230\101\101
+\042\116\145\141\207\201\101\120\246\171\134\211\336\031\112\127
+\325\056\346\135\034\123\054\176\230\315\032\006\026\244\150\163
+\320\064\004\023\134\241\161\323\132\174\125\333\136\144\341\067
+\207\060\126\004\345\021\264\051\200\022\361\171\071\210\242\002
+\021\174\047\146\267\210\267\170\362\312\012\250\070\253\012\144
+\302\277\146\135\225\204\301\241\045\036\207\135\032\120\013\040
+\022\314\101\273\156\013\121\070\270\113\313\002\003\001\000\001
+\243\143\060\141\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\206\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024
+\261\076\303\151\003\370\277\107\001\324\230\046\032\010\002\357
+\143\144\053\303\060\037\006\003\125\035\043\004\030\060\026\200
+\024\261\076\303\151\003\370\277\107\001\324\230\046\032\010\002
+\357\143\144\053\303\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\003\202\001\001\000\034\032\006\227\334\327\234
+\237\074\210\146\006\010\127\041\333\041\107\370\052\147\252\277
+\030\062\166\100\020\127\301\212\363\172\331\021\145\216\065\372
+\236\374\105\265\236\331\114\061\113\270\221\350\103\054\216\263
+\170\316\333\343\123\171\161\326\345\041\224\001\332\125\207\232
+\044\144\366\212\146\314\336\234\067\315\250\064\261\151\233\043
+\310\236\170\042\053\160\103\343\125\107\061\141\031\357\130\305
+\205\057\116\060\366\240\061\026\043\310\347\342\145\026\063\313
+\277\032\033\240\075\370\312\136\213\061\213\140\010\211\055\014
+\006\134\122\267\304\371\012\230\321\025\137\237\022\276\174\066
+\143\070\275\104\244\177\344\046\053\012\304\227\151\015\351\214
+\342\300\020\127\270\310\166\022\221\125\362\110\151\330\274\052
+\002\133\017\104\324\040\061\333\364\272\160\046\135\220\140\236
+\274\113\027\011\057\264\313\036\103\150\311\007\047\301\322\134
+\367\352\041\271\150\022\234\074\234\277\236\374\200\134\233\143
+\315\354\107\252\045\047\147\240\067\363\000\202\175\124\327\251
+\370\351\056\023\243\167\350\037\112
+END
+
+# Trust for Certificate "DigiCert High Assurance EV Root CA"
+# Issuer: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
+# Subject: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Fri Nov 10 00:00:00 2006
+# Not Valid After : Mon Nov 10 00:00:00 2031
+# Fingerprint (MD5): D4:74:DE:57:5C:39:B2:D3:9C:85:83:C5:C0:65:49:8A
+# Fingerprint (SHA1): 5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert High Assurance EV Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\137\267\356\006\063\342\131\333\255\014\114\232\346\323\217\032
+\141\307\334\045
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\324\164\336\127\134\071\262\323\234\205\203\305\300\145\111\212
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\154\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\053\060\051\006\003\125\004\003\023\042\104\151\147\151
+\103\145\162\164\040\110\151\147\150\040\101\163\163\165\162\141
+\156\143\145\040\105\126\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\002\254\134\046\152\013\100\233\217\013\171\362\256\106
+\045\167
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certplus Class 2 Primary CA"
+#
+# Issuer: CN=Class 2 Primary CA,O=Certplus,C=FR
+# Serial Number:00:85:bd:4b:f3:d8:da:e3:69:f6:94:d7:5f:c3:a5:44:23
+# Subject: CN=Class 2 Primary CA,O=Certplus,C=FR
+# Not Valid Before: Wed Jul 07 17:05:00 1999
+# Not Valid After : Sat Jul 06 23:59:59 2019
+# Fingerprint (MD5): 88:2C:8C:52:B8:A2:3C:F3:F7:BB:03:EA:AE:AC:42:0B
+# Fingerprint (SHA1): 74:20:74:41:72:9C:DD:92:EC:79:31:D8:23:10:8D:C2:81:92:E2:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certplus Class 2 Primary CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\075\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\023\010\103\145\162\164\160\154
+\165\163\061\033\060\031\006\003\125\004\003\023\022\103\154\141
+\163\163\040\062\040\120\162\151\155\141\162\171\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\075\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\023\010\103\145\162\164\160\154
+\165\163\061\033\060\031\006\003\125\004\003\023\022\103\154\141
+\163\163\040\062\040\120\162\151\155\141\162\171\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\205\275\113\363\330\332\343\151\366\224\327\137\303
+\245\104\043
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\222\060\202\002\172\240\003\002\001\002\002\021\000
+\205\275\113\363\330\332\343\151\366\224\327\137\303\245\104\043
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\075\061\013\060\011\006\003\125\004\006\023\002\106\122\061\021
+\060\017\006\003\125\004\012\023\010\103\145\162\164\160\154\165
+\163\061\033\060\031\006\003\125\004\003\023\022\103\154\141\163
+\163\040\062\040\120\162\151\155\141\162\171\040\103\101\060\036
+\027\015\071\071\060\067\060\067\061\067\060\065\060\060\132\027
+\015\061\071\060\067\060\066\062\063\065\071\065\071\132\060\075
+\061\013\060\011\006\003\125\004\006\023\002\106\122\061\021\060
+\017\006\003\125\004\012\023\010\103\145\162\164\160\154\165\163
+\061\033\060\031\006\003\125\004\003\023\022\103\154\141\163\163
+\040\062\040\120\162\151\155\141\162\171\040\103\101\060\202\001
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\001\017\000\060\202\001\012\002\202\001\001\000\334\120
+\226\320\022\370\065\322\010\170\172\266\122\160\375\157\356\317
+\271\021\313\135\167\341\354\351\176\004\215\326\314\157\163\103
+\127\140\254\063\012\104\354\003\137\034\200\044\221\345\250\221
+\126\022\202\367\340\053\364\333\256\141\056\211\020\215\153\154
+\272\263\002\275\325\066\305\110\067\043\342\360\132\067\122\063
+\027\022\342\321\140\115\276\057\101\021\343\366\027\045\014\213
+\221\300\033\231\173\231\126\015\257\356\322\274\107\127\343\171
+\111\173\064\211\047\044\204\336\261\354\351\130\116\376\116\337
+\132\276\101\255\254\010\305\030\016\357\322\123\356\154\320\235
+\022\001\023\215\334\200\142\367\225\251\104\210\112\161\116\140
+\125\236\333\043\031\171\126\007\014\077\143\013\134\260\342\276
+\176\025\374\224\063\130\101\070\164\304\341\217\213\337\046\254
+\037\265\213\073\267\103\131\153\260\044\246\155\220\213\304\162
+\352\135\063\230\267\313\336\136\173\357\224\361\033\076\312\311
+\041\301\305\230\002\252\242\366\133\167\233\365\176\226\125\064
+\034\147\151\300\361\102\343\107\254\374\050\034\146\125\002\003
+\001\000\001\243\201\214\060\201\211\060\017\006\003\125\035\023
+\004\010\060\006\001\001\377\002\001\012\060\013\006\003\125\035
+\017\004\004\003\002\001\006\060\035\006\003\125\035\016\004\026
+\004\024\343\163\055\337\313\016\050\014\336\335\263\244\312\171
+\270\216\273\350\060\211\060\021\006\011\140\206\110\001\206\370
+\102\001\001\004\004\003\002\001\006\060\067\006\003\125\035\037
+\004\060\060\056\060\054\240\052\240\050\206\046\150\164\164\160
+\072\057\057\167\167\167\056\143\145\162\164\160\154\165\163\056
+\143\157\155\057\103\122\114\057\143\154\141\163\163\062\056\143
+\162\154\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\202\001\001\000\247\124\317\210\104\031\313\337\324\177
+\000\337\126\063\142\265\367\121\001\220\353\303\077\321\210\104
+\351\044\135\357\347\024\275\040\267\232\074\000\376\155\237\333
+\220\334\327\364\142\326\213\160\135\347\345\004\110\251\150\174
+\311\361\102\363\154\177\305\172\174\035\121\210\272\322\012\076
+\047\135\336\055\121\116\323\023\144\151\344\056\343\323\347\233
+\011\231\246\340\225\233\316\032\327\177\276\074\316\122\263\021
+\025\301\017\027\315\003\273\234\045\025\272\242\166\211\374\006
+\361\030\320\223\113\016\174\202\267\245\364\366\137\376\355\100
+\246\235\204\164\071\271\334\036\205\026\332\051\033\206\043\000
+\311\273\211\176\156\200\210\036\057\024\264\003\044\250\062\157
+\003\232\107\054\060\276\126\306\247\102\002\160\033\352\100\330
+\272\005\003\160\007\244\226\377\375\110\063\012\341\334\245\201
+\220\233\115\335\175\347\347\262\315\134\310\152\225\370\245\366
+\215\304\135\170\010\276\173\006\326\111\317\031\066\120\043\056
+\010\346\236\005\115\107\030\325\026\351\261\326\266\020\325\273
+\227\277\242\216\264\124
+END
+
+# Trust for Certificate "Certplus Class 2 Primary CA"
+# Issuer: CN=Class 2 Primary CA,O=Certplus,C=FR
+# Serial Number:00:85:bd:4b:f3:d8:da:e3:69:f6:94:d7:5f:c3:a5:44:23
+# Subject: CN=Class 2 Primary CA,O=Certplus,C=FR
+# Not Valid Before: Wed Jul 07 17:05:00 1999
+# Not Valid After : Sat Jul 06 23:59:59 2019
+# Fingerprint (MD5): 88:2C:8C:52:B8:A2:3C:F3:F7:BB:03:EA:AE:AC:42:0B
+# Fingerprint (SHA1): 74:20:74:41:72:9C:DD:92:EC:79:31:D8:23:10:8D:C2:81:92:E2:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certplus Class 2 Primary CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\164\040\164\101\162\234\335\222\354\171\061\330\043\020\215\302
+\201\222\342\273
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\210\054\214\122\270\242\074\363\367\273\003\352\256\254\102\013
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\075\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\023\010\103\145\162\164\160\154
+\165\163\061\033\060\031\006\003\125\004\003\023\022\103\154\141
+\163\163\040\062\040\120\162\151\155\141\162\171\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\205\275\113\363\330\332\343\151\366\224\327\137\303
+\245\104\043
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DST Root CA X3"
+#
+# Issuer: CN=DST Root CA X3,O=Digital Signature Trust Co.
+# Serial Number:44:af:b0:80:d6:a3:27:ba:89:30:39:86:2e:f8:40:6b
+# Subject: CN=DST Root CA X3,O=Digital Signature Trust Co.
+# Not Valid Before: Sat Sep 30 21:12:19 2000
+# Not Valid After : Thu Sep 30 14:01:15 2021
+# Fingerprint (MD5): 41:03:52:DC:0F:F7:50:1B:16:F0:02:8E:BA:6F:45:C5
+# Fingerprint (SHA1): DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DST Root CA X3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\077\061\044\060\042\006\003\125\004\012\023\033\104\151\147
+\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
+\162\165\163\164\040\103\157\056\061\027\060\025\006\003\125\004
+\003\023\016\104\123\124\040\122\157\157\164\040\103\101\040\130
+\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\077\061\044\060\042\006\003\125\004\012\023\033\104\151\147
+\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
+\162\165\163\164\040\103\157\056\061\027\060\025\006\003\125\004
+\003\023\016\104\123\124\040\122\157\157\164\040\103\101\040\130
+\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\257\260\200\326\243\047\272\211\060\071\206\056\370
+\100\153
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\112\060\202\002\062\240\003\002\001\002\002\020\104
+\257\260\200\326\243\047\272\211\060\071\206\056\370\100\153\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\077
+\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164
+\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165
+\163\164\040\103\157\056\061\027\060\025\006\003\125\004\003\023
+\016\104\123\124\040\122\157\157\164\040\103\101\040\130\063\060
+\036\027\015\060\060\060\071\063\060\062\061\061\062\061\071\132
+\027\015\062\061\060\071\063\060\061\064\060\061\061\065\132\060
+\077\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
+\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
+\165\163\164\040\103\157\056\061\027\060\025\006\003\125\004\003
+\023\016\104\123\124\040\122\157\157\164\040\103\101\040\130\063
+\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
+\000\337\257\351\227\120\010\203\127\264\314\142\145\366\220\202
+\354\307\323\054\153\060\312\133\354\331\303\175\307\100\301\030
+\024\213\340\350\063\166\111\052\343\077\041\111\223\254\116\016
+\257\076\110\313\145\356\374\323\041\017\145\322\052\331\062\217
+\214\345\367\167\260\022\173\265\225\300\211\243\251\272\355\163
+\056\172\014\006\062\203\242\176\212\024\060\315\021\240\341\052
+\070\271\171\012\061\375\120\275\200\145\337\267\121\143\203\310
+\342\210\141\352\113\141\201\354\122\153\271\242\342\113\032\050
+\237\110\243\236\014\332\011\216\076\027\056\036\335\040\337\133
+\306\052\212\253\056\275\160\255\305\013\032\045\220\164\162\305
+\173\152\253\064\326\060\211\377\345\150\023\173\124\013\310\326
+\256\354\132\234\222\036\075\144\263\214\306\337\277\311\101\160
+\354\026\162\325\046\354\070\125\071\103\320\374\375\030\134\100
+\361\227\353\325\232\233\215\035\272\332\045\271\306\330\337\301
+\025\002\072\253\332\156\361\076\056\365\134\010\234\074\326\203
+\151\344\020\233\031\052\266\051\127\343\345\075\233\237\360\002
+\135\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125
+\035\016\004\026\004\024\304\247\261\244\173\054\161\372\333\341
+\113\220\165\377\304\025\140\205\211\020\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\243\032
+\054\233\027\000\134\251\036\356\050\146\067\072\277\203\307\077
+\113\303\011\240\225\040\135\343\331\131\104\322\076\015\076\275
+\212\113\240\164\037\316\020\202\234\164\032\035\176\230\032\335
+\313\023\113\263\040\104\344\221\351\314\374\175\245\333\152\345
+\376\346\375\340\116\335\267\000\072\265\160\111\257\362\345\353
+\002\361\321\002\213\031\313\224\072\136\110\304\030\036\130\031
+\137\036\002\132\360\014\361\261\255\251\334\131\206\213\156\351
+\221\365\206\312\372\271\146\063\252\131\133\316\342\247\026\163
+\107\313\053\314\231\260\067\110\317\343\126\113\365\317\017\014
+\162\062\207\306\360\104\273\123\162\155\103\365\046\110\232\122
+\147\267\130\253\376\147\166\161\170\333\015\242\126\024\023\071
+\044\061\205\242\250\002\132\060\107\341\335\120\007\274\002\011
+\220\000\353\144\143\140\233\026\274\210\311\022\346\322\175\221
+\213\371\075\062\215\145\264\351\174\261\127\166\352\305\266\050
+\071\277\025\145\034\310\366\167\226\152\012\215\167\013\330\221
+\013\004\216\007\333\051\266\012\356\235\202\065\065\020
+END
+
+# Trust for Certificate "DST Root CA X3"
+# Issuer: CN=DST Root CA X3,O=Digital Signature Trust Co.
+# Serial Number:44:af:b0:80:d6:a3:27:ba:89:30:39:86:2e:f8:40:6b
+# Subject: CN=DST Root CA X3,O=Digital Signature Trust Co.
+# Not Valid Before: Sat Sep 30 21:12:19 2000
+# Not Valid After : Thu Sep 30 14:01:15 2021
+# Fingerprint (MD5): 41:03:52:DC:0F:F7:50:1B:16:F0:02:8E:BA:6F:45:C5
+# Fingerprint (SHA1): DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DST Root CA X3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\332\311\002\117\124\330\366\337\224\223\137\261\163\046\070\312
+\152\327\174\023
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\101\003\122\334\017\367\120\033\026\360\002\216\272\157\105\305
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\077\061\044\060\042\006\003\125\004\012\023\033\104\151\147
+\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
+\162\165\163\164\040\103\157\056\061\027\060\025\006\003\125\004
+\003\023\016\104\123\124\040\122\157\157\164\040\103\101\040\130
+\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\104\257\260\200\326\243\047\272\211\060\071\206\056\370
+\100\153
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DST ACES CA X6"
+#
+# Issuer: CN=DST ACES CA X6,OU=DST ACES,O=Digital Signature Trust,C=US
+# Serial Number:0d:5e:99:0a:d6:9d:b7:78:ec:d8:07:56:3b:86:15:d9
+# Subject: CN=DST ACES CA X6,OU=DST ACES,O=Digital Signature Trust,C=US
+# Not Valid Before: Thu Nov 20 21:19:58 2003
+# Not Valid After : Mon Nov 20 21:19:58 2017
+# Fingerprint (MD5): 21:D8:4C:82:2B:99:09:33:A2:EB:14:24:8D:8E:5F:E8
+# Fingerprint (SHA1): 40:54:DA:6F:1C:3F:40:74:AC:ED:0F:EC:CD:DB:79:D1:53:FB:90:1D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DST ACES CA X6"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\133\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\104\151\147\151\164\141
+\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
+\164\061\021\060\017\006\003\125\004\013\023\010\104\123\124\040
+\101\103\105\123\061\027\060\025\006\003\125\004\003\023\016\104
+\123\124\040\101\103\105\123\040\103\101\040\130\066
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\133\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\104\151\147\151\164\141
+\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
+\164\061\021\060\017\006\003\125\004\013\023\010\104\123\124\040
+\101\103\105\123\061\027\060\025\006\003\125\004\003\023\016\104
+\123\124\040\101\103\105\123\040\103\101\040\130\066
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\015\136\231\012\326\235\267\170\354\330\007\126\073\206
+\025\331
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\011\060\202\002\361\240\003\002\001\002\002\020\015
+\136\231\012\326\235\267\170\354\330\007\126\073\206\025\331\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\133
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040\060
+\036\006\003\125\004\012\023\027\104\151\147\151\164\141\154\040
+\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164\061
+\021\060\017\006\003\125\004\013\023\010\104\123\124\040\101\103
+\105\123\061\027\060\025\006\003\125\004\003\023\016\104\123\124
+\040\101\103\105\123\040\103\101\040\130\066\060\036\027\015\060
+\063\061\061\062\060\062\061\061\071\065\070\132\027\015\061\067
+\061\061\062\060\062\061\061\071\065\070\132\060\133\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003
+\125\004\012\023\027\104\151\147\151\164\141\154\040\123\151\147
+\156\141\164\165\162\145\040\124\162\165\163\164\061\021\060\017
+\006\003\125\004\013\023\010\104\123\124\040\101\103\105\123\061
+\027\060\025\006\003\125\004\003\023\016\104\123\124\040\101\103
+\105\123\040\103\101\040\130\066\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\271\075\365\054\311\224\334
+\165\212\225\135\143\350\204\167\166\146\271\131\221\134\106\335
+\222\076\237\371\016\003\264\075\141\222\275\043\046\265\143\356
+\222\322\236\326\074\310\015\220\137\144\201\261\250\010\015\114
+\330\371\323\005\050\122\264\001\045\305\225\034\014\176\076\020
+\204\165\317\301\031\221\143\317\350\250\221\210\271\103\122\273
+\200\261\125\211\213\061\372\320\267\166\276\101\075\060\232\244
+\042\045\027\163\350\036\342\323\254\052\275\133\070\041\325\052
+\113\327\125\175\343\072\125\275\327\155\153\002\127\153\346\107
+\174\010\310\202\272\336\247\207\075\241\155\270\060\126\302\263
+\002\201\137\055\365\342\232\060\030\050\270\146\323\313\001\226
+\157\352\212\105\125\326\340\235\377\147\053\027\002\246\116\032
+\152\021\013\176\267\173\347\230\326\214\166\157\301\073\333\120
+\223\176\345\320\216\037\067\270\275\272\306\237\154\351\174\063
+\362\062\074\046\107\372\047\044\002\311\176\035\133\210\102\023
+\152\065\174\175\065\351\056\146\221\162\223\325\062\046\304\164
+\365\123\243\263\135\232\366\011\313\002\003\001\000\001\243\201
+\310\060\201\305\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\306\060\037\006\003\125\035\021\004\030\060\026
+\201\024\160\153\151\055\157\160\163\100\164\162\165\163\164\144
+\163\164\056\143\157\155\060\142\006\003\125\035\040\004\133\060
+\131\060\127\006\012\140\206\110\001\145\003\002\001\001\001\060
+\111\060\107\006\010\053\006\001\005\005\007\002\001\026\073\150
+\164\164\160\072\057\057\167\167\167\056\164\162\165\163\164\144
+\163\164\056\143\157\155\057\143\145\162\164\151\146\151\143\141
+\164\145\163\057\160\157\154\151\143\171\057\101\103\105\123\055
+\151\156\144\145\170\056\150\164\155\154\060\035\006\003\125\035
+\016\004\026\004\024\011\162\006\116\030\103\017\345\326\314\303
+\152\213\061\173\170\217\250\203\270\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\001\001\000\243\330\216
+\326\262\333\316\005\347\062\315\001\323\004\003\345\166\344\126
+\053\234\231\220\350\010\060\154\337\175\075\356\345\277\265\044
+\100\204\111\341\321\050\256\304\302\072\123\060\210\361\365\167
+\156\121\312\372\377\231\257\044\137\033\240\375\362\254\204\312
+\337\251\360\137\004\056\255\026\277\041\227\020\201\075\343\377
+\207\215\062\334\224\345\107\212\136\152\023\311\224\225\075\322
+\356\310\064\225\320\200\324\255\062\010\200\124\074\340\275\122
+\123\327\122\174\262\151\077\177\172\317\152\164\312\372\004\052
+\234\114\132\006\245\351\040\255\105\146\017\151\361\335\277\351
+\343\062\213\372\340\301\206\115\162\074\056\330\223\170\012\052
+\370\330\322\047\075\031\211\137\132\173\212\073\314\014\332\121
+\256\307\013\367\053\260\067\005\354\274\127\043\342\070\322\233
+\150\363\126\022\210\117\102\174\270\061\304\265\333\344\310\041
+\064\351\110\021\065\356\372\307\222\127\305\237\064\344\307\366
+\367\016\013\114\234\150\170\173\161\061\307\353\036\340\147\101
+\363\267\240\247\315\345\172\063\066\152\372\232\053
+END
+
+# Trust for Certificate "DST ACES CA X6"
+# Issuer: CN=DST ACES CA X6,OU=DST ACES,O=Digital Signature Trust,C=US
+# Serial Number:0d:5e:99:0a:d6:9d:b7:78:ec:d8:07:56:3b:86:15:d9
+# Subject: CN=DST ACES CA X6,OU=DST ACES,O=Digital Signature Trust,C=US
+# Not Valid Before: Thu Nov 20 21:19:58 2003
+# Not Valid After : Mon Nov 20 21:19:58 2017
+# Fingerprint (MD5): 21:D8:4C:82:2B:99:09:33:A2:EB:14:24:8D:8E:5F:E8
+# Fingerprint (SHA1): 40:54:DA:6F:1C:3F:40:74:AC:ED:0F:EC:CD:DB:79:D1:53:FB:90:1D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DST ACES CA X6"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\100\124\332\157\034\077\100\164\254\355\017\354\315\333\171\321
+\123\373\220\035
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\041\330\114\202\053\231\011\063\242\353\024\044\215\216\137\350
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\133\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\104\151\147\151\164\141
+\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
+\164\061\021\060\017\006\003\125\004\013\023\010\104\123\124\040
+\101\103\105\123\061\027\060\025\006\003\125\004\003\023\016\104
+\123\124\040\101\103\105\123\040\103\101\040\130\066
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\015\136\231\012\326\235\267\170\354\330\007\126\073\206
+\025\331
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SwissSign Platinum CA - G2"
+#
+# Issuer: CN=SwissSign Platinum CA - G2,O=SwissSign AG,C=CH
+# Serial Number:4e:b2:00:67:0c:03:5d:4f
+# Subject: CN=SwissSign Platinum CA - G2,O=SwissSign AG,C=CH
+# Not Valid Before: Wed Oct 25 08:36:00 2006
+# Not Valid After : Sat Oct 25 08:36:00 2036
+# Fingerprint (MD5): C9:98:27:77:28:1E:3D:0E:15:3C:84:00:B8:85:03:E6
+# Fingerprint (SHA1): 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SwissSign Platinum CA - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\111\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\043\060\041\006\003\125\004\003\023
+\032\123\167\151\163\163\123\151\147\156\040\120\154\141\164\151
+\156\165\155\040\103\101\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\111\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\043\060\041\006\003\125\004\003\023
+\032\123\167\151\163\163\123\151\147\156\040\120\154\141\164\151
+\156\165\155\040\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\116\262\000\147\014\003\135\117
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\301\060\202\003\251\240\003\002\001\002\002\010\116
+\262\000\147\014\003\135\117\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\060\111\061\013\060\011\006\003\125\004
+\006\023\002\103\110\061\025\060\023\006\003\125\004\012\023\014
+\123\167\151\163\163\123\151\147\156\040\101\107\061\043\060\041
+\006\003\125\004\003\023\032\123\167\151\163\163\123\151\147\156
+\040\120\154\141\164\151\156\165\155\040\103\101\040\055\040\107
+\062\060\036\027\015\060\066\061\060\062\065\060\070\063\066\060
+\060\132\027\015\063\066\061\060\062\065\060\070\063\066\060\060
+\132\060\111\061\013\060\011\006\003\125\004\006\023\002\103\110
+\061\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163
+\123\151\147\156\040\101\107\061\043\060\041\006\003\125\004\003
+\023\032\123\167\151\163\163\123\151\147\156\040\120\154\141\164
+\151\156\165\155\040\103\101\040\055\040\107\062\060\202\002\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\002\017\000\060\202\002\012\002\202\002\001\000\312\337\242
+\002\342\332\370\374\007\026\261\336\140\252\336\226\134\144\037
+\307\057\176\317\147\372\104\102\326\166\143\225\256\353\257\162
+\040\212\105\107\206\142\170\206\326\040\071\046\364\256\243\375
+\043\347\245\234\265\042\041\031\267\067\223\042\300\120\234\202
+\173\324\325\004\104\134\313\264\302\237\222\276\044\330\173\147
+\042\342\151\137\345\005\170\324\207\331\161\160\063\045\123\264
+\207\073\051\220\050\066\232\125\104\060\150\244\203\227\177\015
+\036\234\166\377\025\235\140\227\000\215\212\205\003\354\200\276
+\352\054\156\020\121\222\314\176\325\243\063\330\326\111\336\130
+\052\257\366\026\353\113\173\220\062\227\271\272\235\130\361\370
+\127\111\004\036\242\135\006\160\335\161\333\371\335\213\232\033
+\214\317\075\243\115\316\313\174\366\273\234\240\372\011\316\043
+\142\262\351\015\037\342\162\050\217\237\254\150\040\175\157\073
+\250\205\061\011\177\013\307\350\145\351\343\170\016\011\147\060
+\213\064\202\373\135\340\314\235\201\155\142\356\010\036\004\054
+\116\233\354\376\251\117\137\375\151\170\357\011\037\241\264\277
+\372\363\357\220\036\114\005\213\036\352\172\221\172\303\327\345
+\373\060\274\154\033\020\130\230\367\032\137\320\051\062\003\023
+\106\115\141\152\205\114\122\164\057\006\037\173\021\342\204\227
+\306\231\363\155\177\327\147\203\176\023\150\330\161\050\132\330
+\316\335\350\020\024\232\376\155\043\207\156\216\132\160\074\325
+\215\011\000\247\252\274\260\061\067\155\310\204\024\036\133\275
+\105\143\040\153\113\164\214\275\333\072\016\301\317\132\026\217
+\245\230\362\166\211\262\023\022\073\013\167\167\254\273\345\074
+\051\112\222\162\312\141\032\053\136\114\342\203\164\167\372\065
+\110\172\205\115\215\232\123\304\337\170\312\227\221\110\053\105
+\053\001\367\034\032\242\355\030\272\012\275\203\372\157\274\215
+\127\223\073\324\324\246\316\036\361\240\261\316\253\375\053\050
+\232\117\033\327\303\162\333\244\304\277\135\114\365\335\173\226
+\151\356\150\200\346\347\230\272\066\267\376\156\355\053\275\040
+\370\145\031\332\125\011\176\045\334\376\141\142\162\371\176\030
+\002\357\143\264\320\373\257\345\073\143\214\147\217\002\003\001
+\000\001\243\201\254\060\201\251\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001
+\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016
+\004\026\004\024\120\257\314\007\207\025\107\157\070\305\264\145
+\321\336\225\252\351\337\234\314\060\037\006\003\125\035\043\004
+\030\060\026\200\024\120\257\314\007\207\025\107\157\070\305\264
+\145\321\336\225\252\351\337\234\314\060\106\006\003\125\035\040
+\004\077\060\075\060\073\006\011\140\205\164\001\131\001\001\001
+\001\060\056\060\054\006\010\053\006\001\005\005\007\002\001\026
+\040\150\164\164\160\072\057\057\162\145\160\157\163\151\164\157
+\162\171\056\163\167\151\163\163\163\151\147\156\056\143\157\155
+\057\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\003\202\002\001\000\010\205\246\365\026\014\374\104\032\301\143
+\340\371\125\106\010\374\160\034\102\050\226\216\267\305\301\101
+\165\116\011\161\171\345\155\226\312\113\245\210\140\320\060\164
+\270\312\010\334\264\060\236\100\007\026\153\145\225\167\001\256
+\244\267\065\013\201\332\161\025\251\164\027\070\173\130\312\371
+\057\373\300\145\166\215\133\001\271\175\336\202\075\144\270\276
+\024\164\243\012\124\323\054\225\030\027\065\365\121\153\077\217
+\242\226\141\071\170\153\113\345\246\240\370\123\337\121\020\223
+\142\347\200\057\342\321\340\274\216\066\106\167\063\354\270\373
+\216\232\054\211\115\061\021\017\046\236\004\273\267\004\215\013
+\362\271\374\132\235\073\026\267\057\310\230\253\376\212\120\131
+\056\243\073\374\051\135\213\301\113\311\342\212\023\035\261\277
+\273\102\035\122\335\116\330\024\136\020\306\061\007\357\161\047
+\367\033\071\011\334\202\352\213\263\225\206\136\375\365\332\135
+\061\246\340\061\266\224\346\104\111\164\305\026\345\367\037\003
+\141\050\305\310\313\022\240\102\113\371\153\210\010\215\264\062
+\030\363\165\237\304\177\000\117\005\225\234\243\027\002\303\263
+\123\233\252\040\071\051\053\146\372\235\257\136\263\222\322\265
+\246\341\032\371\055\101\151\201\024\264\264\265\355\211\075\316
+\373\251\235\065\102\104\261\034\024\163\201\317\052\001\065\232
+\061\325\055\217\155\204\337\200\115\127\343\077\305\204\165\332
+\211\306\060\273\353\217\313\042\010\240\256\252\361\003\154\072
+\113\115\011\245\016\162\306\126\153\041\102\116\043\045\024\150
+\256\166\012\174\014\007\160\144\371\232\057\366\005\071\046\306
+\014\217\031\177\103\136\156\364\133\025\057\333\141\135\346\147
+\057\077\010\224\371\140\264\230\061\332\164\361\204\223\161\115
+\137\373\140\130\321\373\304\301\155\211\242\273\040\037\235\161
+\221\313\062\233\023\075\076\175\222\122\065\254\222\224\242\323
+\030\302\174\307\352\257\166\005\026\335\147\047\302\176\034\007
+\042\041\363\100\012\033\064\007\104\023\302\204\152\216\337\031
+\132\277\177\353\035\342\032\070\321\134\257\107\222\153\200\265
+\060\245\311\215\330\253\061\201\037\337\302\146\067\323\223\251
+\205\206\171\145\322
+END
+
+# Trust for Certificate "SwissSign Platinum CA - G2"
+# Issuer: CN=SwissSign Platinum CA - G2,O=SwissSign AG,C=CH
+# Serial Number:4e:b2:00:67:0c:03:5d:4f
+# Subject: CN=SwissSign Platinum CA - G2,O=SwissSign AG,C=CH
+# Not Valid Before: Wed Oct 25 08:36:00 2006
+# Not Valid After : Sat Oct 25 08:36:00 2036
+# Fingerprint (MD5): C9:98:27:77:28:1E:3D:0E:15:3C:84:00:B8:85:03:E6
+# Fingerprint (SHA1): 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SwissSign Platinum CA - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\126\340\372\300\073\217\030\043\125\030\345\323\021\312\350\302
+\103\061\253\146
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\311\230\047\167\050\036\075\016\025\074\204\000\270\205\003\346
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\111\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\043\060\041\006\003\125\004\003\023
+\032\123\167\151\163\163\123\151\147\156\040\120\154\141\164\151
+\156\165\155\040\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\116\262\000\147\014\003\135\117
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SwissSign Gold CA - G2"
+#
+# Issuer: CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
+# Serial Number:00:bb:40:1c:43:f5:5e:4f:b0
+# Subject: CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
+# Not Valid Before: Wed Oct 25 08:30:35 2006
+# Not Valid After : Sat Oct 25 08:30:35 2036
+# Fingerprint (MD5): 24:77:D9:A8:91:D1:3B:FA:88:2D:C2:FF:F8:CD:33:93
+# Fingerprint (SHA1): D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SwissSign Gold CA - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\037\060\035\006\003\125\004\003\023
+\026\123\167\151\163\163\123\151\147\156\040\107\157\154\144\040
+\103\101\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\037\060\035\006\003\125\004\003\023
+\026\123\167\151\163\163\123\151\147\156\040\107\157\154\144\040
+\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\273\100\034\103\365\136\117\260
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\272\060\202\003\242\240\003\002\001\002\002\011\000
+\273\100\034\103\365\136\117\260\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\060\105\061\013\060\011\006\003\125
+\004\006\023\002\103\110\061\025\060\023\006\003\125\004\012\023
+\014\123\167\151\163\163\123\151\147\156\040\101\107\061\037\060
+\035\006\003\125\004\003\023\026\123\167\151\163\163\123\151\147
+\156\040\107\157\154\144\040\103\101\040\055\040\107\062\060\036
+\027\015\060\066\061\060\062\065\060\070\063\060\063\065\132\027
+\015\063\066\061\060\062\065\060\070\063\060\063\065\132\060\105
+\061\013\060\011\006\003\125\004\006\023\002\103\110\061\025\060
+\023\006\003\125\004\012\023\014\123\167\151\163\163\123\151\147
+\156\040\101\107\061\037\060\035\006\003\125\004\003\023\026\123
+\167\151\163\163\123\151\147\156\040\107\157\154\144\040\103\101
+\040\055\040\107\062\060\202\002\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002
+\012\002\202\002\001\000\257\344\356\176\213\044\016\022\156\251
+\120\055\026\104\073\222\222\134\312\270\135\204\222\102\023\052
+\274\145\127\202\100\076\127\044\315\120\213\045\052\267\157\374
+\357\242\320\300\037\002\044\112\023\226\217\043\023\346\050\130
+\000\243\107\307\006\247\204\043\053\273\275\226\053\177\125\314
+\213\301\127\037\016\142\145\017\335\075\126\212\163\332\256\176
+\155\272\201\034\176\102\214\040\065\331\103\115\204\372\204\333
+\122\054\363\016\047\167\013\153\277\021\057\162\170\237\056\330
+\076\346\030\067\132\052\162\371\332\142\220\222\225\312\037\234
+\351\263\074\053\313\363\001\023\277\132\317\301\265\012\140\275
+\335\265\231\144\123\270\240\226\263\157\342\046\167\221\214\340
+\142\020\002\237\064\017\244\325\222\063\121\336\276\215\272\204
+\172\140\074\152\333\237\053\354\336\336\001\077\156\115\345\120
+\206\313\264\257\355\104\100\305\312\132\214\332\322\053\174\250
+\356\276\246\345\012\252\016\245\337\005\122\267\125\307\042\135
+\062\152\227\227\143\023\333\311\333\171\066\173\205\072\112\305
+\122\211\371\044\347\235\167\251\202\377\125\034\245\161\151\053
+\321\002\044\362\263\046\324\153\332\004\125\345\301\012\307\155
+\060\067\220\052\344\236\024\063\136\026\027\125\305\133\265\313
+\064\211\222\361\235\046\217\241\007\324\306\262\170\120\333\014
+\014\013\174\013\214\101\327\271\351\335\214\210\367\243\115\262
+\062\314\330\027\332\315\267\316\146\235\324\375\136\377\275\227
+\076\051\165\347\176\247\142\130\257\045\064\245\101\307\075\274
+\015\120\312\003\003\017\010\132\037\225\163\170\142\277\257\162
+\024\151\016\245\345\003\016\170\216\046\050\102\360\007\013\142
+\040\020\147\071\106\372\251\003\314\004\070\172\146\357\040\203
+\265\214\112\126\216\221\000\374\216\134\202\336\210\240\303\342
+\150\156\175\215\357\074\335\145\364\135\254\121\357\044\200\256
+\252\126\227\157\371\255\175\332\141\077\230\167\074\245\221\266
+\034\214\046\332\145\242\011\155\301\342\124\343\271\312\114\114
+\200\217\167\173\140\232\036\337\266\362\110\036\016\272\116\124
+\155\230\340\341\242\032\242\167\120\317\304\143\222\354\107\031
+\235\353\346\153\316\301\002\003\001\000\001\243\201\254\060\201
+\251\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\035\006\003\125\035\016\004\026\004\024\133\045\173
+\226\244\145\121\176\270\071\363\300\170\146\136\350\072\347\360
+\356\060\037\006\003\125\035\043\004\030\060\026\200\024\133\045
+\173\226\244\145\121\176\270\071\363\300\170\146\136\350\072\347
+\360\356\060\106\006\003\125\035\040\004\077\060\075\060\073\006
+\011\140\205\164\001\131\001\002\001\001\060\056\060\054\006\010
+\053\006\001\005\005\007\002\001\026\040\150\164\164\160\072\057
+\057\162\145\160\157\163\151\164\157\162\171\056\163\167\151\163
+\163\163\151\147\156\056\143\157\155\057\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\002\001\000\047\272
+\343\224\174\361\256\300\336\027\346\345\330\325\365\124\260\203
+\364\273\315\136\005\173\117\237\165\146\257\074\350\126\176\374
+\162\170\070\003\331\053\142\033\000\271\370\351\140\315\314\316
+\121\212\307\120\061\156\341\112\176\030\057\151\131\266\075\144
+\201\053\343\203\204\346\042\207\216\175\340\356\002\231\141\270
+\036\364\270\053\210\022\026\204\302\061\223\070\226\061\246\271
+\073\123\077\303\044\223\126\133\151\222\354\305\301\273\070\000
+\343\354\027\251\270\334\307\174\001\203\237\062\107\272\122\042
+\064\035\062\172\011\126\247\174\045\066\251\075\113\332\300\202
+\157\012\273\022\310\207\113\047\021\371\036\055\307\223\077\236
+\333\137\046\153\122\331\056\212\361\024\306\104\215\025\251\267
+\277\275\336\246\032\356\256\055\373\110\167\027\376\273\354\257
+\030\365\052\121\360\071\204\227\225\154\156\033\303\053\304\164
+\140\171\045\260\012\047\337\337\136\322\071\317\105\175\102\113
+\337\263\054\036\305\306\135\312\125\072\240\234\151\232\217\332
+\357\262\260\074\237\207\154\022\053\145\160\025\122\061\032\044
+\317\157\061\043\120\037\214\117\217\043\303\164\101\143\034\125
+\250\024\335\076\340\121\120\317\361\033\060\126\016\222\260\202
+\205\330\203\313\042\144\274\055\270\045\325\124\242\270\006\352
+\255\222\244\044\240\301\206\265\112\023\152\107\317\056\013\126
+\225\124\313\316\232\333\152\264\246\262\333\101\010\206\047\167
+\367\152\240\102\154\013\070\316\327\165\120\062\222\302\337\053
+\060\042\110\320\325\101\070\045\135\244\351\135\237\306\224\165
+\320\105\375\060\227\103\217\220\253\012\307\206\163\140\112\151
+\055\336\245\170\327\006\332\152\236\113\076\167\072\040\023\042
+\001\320\277\150\236\143\140\153\065\115\013\155\272\241\075\300
+\223\340\177\043\263\125\255\162\045\116\106\371\322\026\357\260
+\144\301\001\236\351\312\240\152\230\016\317\330\140\362\057\111
+\270\344\102\341\070\065\026\364\310\156\117\367\201\126\350\272
+\243\276\043\257\256\375\157\003\340\002\073\060\166\372\033\155
+\101\317\001\261\351\270\311\146\364\333\046\363\072\244\164\362
+\111\044\133\311\260\320\127\301\372\076\172\341\227\311
+END
+
+# Trust for Certificate "SwissSign Gold CA - G2"
+# Issuer: CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
+# Serial Number:00:bb:40:1c:43:f5:5e:4f:b0
+# Subject: CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
+# Not Valid Before: Wed Oct 25 08:30:35 2006
+# Not Valid After : Sat Oct 25 08:30:35 2036
+# Fingerprint (MD5): 24:77:D9:A8:91:D1:3B:FA:88:2D:C2:FF:F8:CD:33:93
+# Fingerprint (SHA1): D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SwissSign Gold CA - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\330\305\070\212\267\060\033\033\156\324\172\346\105\045\072\157
+\237\032\047\141
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\044\167\331\250\221\321\073\372\210\055\302\377\370\315\063\223
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\037\060\035\006\003\125\004\003\023
+\026\123\167\151\163\163\123\151\147\156\040\107\157\154\144\040
+\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\273\100\034\103\365\136\117\260
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SwissSign Silver CA - G2"
+#
+# Issuer: CN=SwissSign Silver CA - G2,O=SwissSign AG,C=CH
+# Serial Number:4f:1b:d4:2f:54:bb:2f:4b
+# Subject: CN=SwissSign Silver CA - G2,O=SwissSign AG,C=CH
+# Not Valid Before: Wed Oct 25 08:32:46 2006
+# Not Valid After : Sat Oct 25 08:32:46 2036
+# Fingerprint (MD5): E0:06:A1:C9:7D:CF:C9:FC:0D:C0:56:75:96:D8:62:13
+# Fingerprint (SHA1): 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SwissSign Silver CA - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\041\060\037\006\003\125\004\003\023
+\030\123\167\151\163\163\123\151\147\156\040\123\151\154\166\145
+\162\040\103\101\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\041\060\037\006\003\125\004\003\023
+\030\123\167\151\163\163\123\151\147\156\040\123\151\154\166\145
+\162\040\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\117\033\324\057\124\273\057\113
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\275\060\202\003\245\240\003\002\001\002\002\010\117
+\033\324\057\124\273\057\113\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\060\107\061\013\060\011\006\003\125\004
+\006\023\002\103\110\061\025\060\023\006\003\125\004\012\023\014
+\123\167\151\163\163\123\151\147\156\040\101\107\061\041\060\037
+\006\003\125\004\003\023\030\123\167\151\163\163\123\151\147\156
+\040\123\151\154\166\145\162\040\103\101\040\055\040\107\062\060
+\036\027\015\060\066\061\060\062\065\060\070\063\062\064\066\132
+\027\015\063\066\061\060\062\065\060\070\063\062\064\066\132\060
+\107\061\013\060\011\006\003\125\004\006\023\002\103\110\061\025
+\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123\151
+\147\156\040\101\107\061\041\060\037\006\003\125\004\003\023\030
+\123\167\151\163\163\123\151\147\156\040\123\151\154\166\145\162
+\040\103\101\040\055\040\107\062\060\202\002\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000
+\060\202\002\012\002\202\002\001\000\304\361\207\177\323\170\061
+\367\070\311\370\303\231\103\274\307\367\274\067\347\116\161\272
+\113\217\245\163\035\134\156\230\256\003\127\256\070\067\103\057
+\027\075\037\310\316\150\020\301\170\256\031\003\053\020\372\054
+\171\203\366\350\271\150\271\125\362\004\104\247\071\371\374\004
+\213\036\361\242\115\047\371\141\173\272\267\345\242\023\266\353
+\141\076\320\154\321\346\373\372\136\355\035\264\236\240\065\133
+\241\222\313\360\111\222\376\205\012\005\076\346\331\013\342\117
+\273\334\225\067\374\221\351\062\065\042\321\037\072\116\047\205
+\235\260\025\224\062\332\141\015\107\115\140\102\256\222\107\350
+\203\132\120\130\351\212\213\271\135\241\334\335\231\112\037\066
+\147\273\110\344\203\266\067\353\110\072\257\017\147\217\027\007
+\350\004\312\357\152\061\207\324\300\266\371\224\161\173\147\144
+\270\266\221\112\102\173\145\056\060\152\014\365\220\356\225\346
+\362\315\202\354\331\241\112\354\366\262\113\345\105\205\346\155
+\170\223\004\056\234\202\155\066\251\304\061\144\037\206\203\013
+\052\364\065\012\170\311\125\317\101\260\107\351\060\237\231\276
+\141\250\006\204\271\050\172\137\070\331\033\251\070\260\203\177
+\163\301\303\073\110\052\202\017\041\233\270\314\250\065\303\204
+\033\203\263\076\276\244\225\151\001\072\211\000\170\004\331\311
+\364\231\031\253\126\176\133\213\206\071\025\221\244\020\054\011
+\062\200\140\263\223\300\052\266\030\013\235\176\215\111\362\020
+\112\177\371\325\106\057\031\222\243\231\247\046\254\273\214\074
+\346\016\274\107\007\334\163\121\361\160\144\057\010\371\264\107
+\035\060\154\104\352\051\067\205\222\150\146\274\203\070\376\173
+\071\056\323\120\360\037\373\136\140\266\251\246\372\047\101\361
+\233\030\162\362\365\204\164\112\311\147\304\124\256\110\144\337
+\214\321\156\260\035\341\007\217\010\036\231\234\161\351\114\330
+\245\367\107\022\037\164\321\121\236\206\363\302\242\043\100\013
+\163\333\113\246\347\163\006\214\301\240\351\301\131\254\106\372
+\346\057\370\317\161\234\106\155\271\304\025\215\070\171\003\105
+\110\357\304\135\327\010\356\207\071\042\206\262\015\017\130\103
+\367\161\251\110\056\375\352\326\037\002\003\001\000\001\243\201
+\254\060\201\251\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024
+\027\240\315\301\344\101\266\072\133\073\313\105\235\275\034\302
+\230\372\206\130\060\037\006\003\125\035\043\004\030\060\026\200
+\024\027\240\315\301\344\101\266\072\133\073\313\105\235\275\034
+\302\230\372\206\130\060\106\006\003\125\035\040\004\077\060\075
+\060\073\006\011\140\205\164\001\131\001\003\001\001\060\056\060
+\054\006\010\053\006\001\005\005\007\002\001\026\040\150\164\164
+\160\072\057\057\162\145\160\157\163\151\164\157\162\171\056\163
+\167\151\163\163\163\151\147\156\056\143\157\155\057\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\002\001
+\000\163\306\201\340\047\322\055\017\340\225\060\342\232\101\177
+\120\054\137\137\142\141\251\206\152\151\030\014\164\111\326\135
+\204\352\101\122\030\157\130\255\120\126\040\152\306\275\050\151
+\130\221\334\221\021\065\251\072\035\274\032\245\140\236\330\037
+\177\105\221\151\331\176\273\170\162\301\006\017\052\316\217\205
+\160\141\254\240\315\013\270\071\051\126\204\062\116\206\273\075
+\304\052\331\327\037\162\356\376\121\241\042\101\261\161\002\143
+\032\202\260\142\253\136\127\022\037\337\313\335\165\240\300\135
+\171\220\214\033\340\120\346\336\061\376\230\173\160\137\245\220
+\330\255\370\002\266\157\323\140\335\100\113\042\305\075\255\072
+\172\237\032\032\107\221\171\063\272\202\334\062\151\003\226\156
+\037\113\360\161\376\343\147\162\240\261\277\134\213\344\372\231
+\042\307\204\271\033\215\043\227\077\355\045\340\317\145\273\365
+\141\004\357\335\036\262\132\101\042\132\241\237\135\054\350\133
+\311\155\251\014\014\170\252\140\306\126\217\001\132\014\150\274
+\151\031\171\304\037\176\227\005\277\305\351\044\121\136\324\325
+\113\123\355\331\043\132\066\003\145\243\301\003\255\101\060\363
+\106\033\205\220\257\145\265\325\261\344\026\133\170\165\035\227
+\172\155\131\251\052\217\173\336\303\207\211\020\231\111\163\170
+\310\075\275\121\065\164\052\325\361\176\151\033\052\273\073\275
+\045\270\232\132\075\162\141\220\146\207\356\014\326\115\324\021
+\164\013\152\376\013\003\374\243\125\127\211\376\112\313\256\133
+\027\005\310\362\215\043\061\123\070\322\055\152\077\202\271\215
+\010\152\367\136\101\164\156\303\021\176\007\254\051\140\221\077
+\070\312\127\020\015\275\060\057\307\245\346\101\240\332\256\005
+\207\232\240\244\145\154\114\011\014\211\272\270\323\271\300\223
+\212\060\372\215\345\232\153\025\001\116\147\252\332\142\126\076
+\204\010\146\322\304\066\175\247\076\020\374\210\340\324\200\345
+\000\275\252\363\116\006\243\172\152\371\142\162\343\011\117\353
+\233\016\001\043\361\237\273\174\334\334\154\021\227\045\262\362
+\264\143\024\322\006\052\147\214\203\365\316\352\007\330\232\152
+\036\354\344\012\273\052\114\353\011\140\071\316\312\142\330\056
+\156
+END
+
+# Trust for Certificate "SwissSign Silver CA - G2"
+# Issuer: CN=SwissSign Silver CA - G2,O=SwissSign AG,C=CH
+# Serial Number:4f:1b:d4:2f:54:bb:2f:4b
+# Subject: CN=SwissSign Silver CA - G2,O=SwissSign AG,C=CH
+# Not Valid Before: Wed Oct 25 08:32:46 2006
+# Not Valid After : Sat Oct 25 08:32:46 2036
+# Fingerprint (MD5): E0:06:A1:C9:7D:CF:C9:FC:0D:C0:56:75:96:D8:62:13
+# Fingerprint (SHA1): 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SwissSign Silver CA - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\233\252\345\237\126\356\041\313\103\132\276\045\223\337\247\360
+\100\321\035\313
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\340\006\241\311\175\317\311\374\015\300\126\165\226\330\142\023
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\025\060\023\006\003\125\004\012\023\014\123\167\151\163\163\123
+\151\147\156\040\101\107\061\041\060\037\006\003\125\004\003\023
+\030\123\167\151\163\163\123\151\147\156\040\123\151\154\166\145
+\162\040\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\117\033\324\057\124\273\057\113
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Primary Certification Authority"
+#
+# Issuer: CN=GeoTrust Primary Certification Authority,O=GeoTrust Inc.,C=US
+# Serial Number:18:ac:b5:6a:fd:69:b6:15:3a:63:6c:af:da:fa:c4:a1
+# Subject: CN=GeoTrust Primary Certification Authority,O=GeoTrust Inc.,C=US
+# Not Valid Before: Mon Nov 27 00:00:00 2006
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): 02:26:C3:01:5E:08:30:37:43:A9:D0:7D:CF:37:E6:BF
+# Fingerprint (SHA1): 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Primary Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\061\060\057\006\003\125\004\003
+\023\050\107\145\157\124\162\165\163\164\040\120\162\151\155\141
+\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\061\060\057\006\003\125\004\003
+\023\050\107\145\157\124\162\165\163\164\040\120\162\151\155\141
+\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\030\254\265\152\375\151\266\025\072\143\154\257\332\372
+\304\241
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\174\060\202\002\144\240\003\002\001\002\002\020\030
+\254\265\152\375\151\266\025\072\143\154\257\332\372\304\241\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\130
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\026\060
+\024\006\003\125\004\012\023\015\107\145\157\124\162\165\163\164
+\040\111\156\143\056\061\061\060\057\006\003\125\004\003\023\050
+\107\145\157\124\162\165\163\164\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\060\036\027\015\060\066\061\061
+\062\067\060\060\060\060\060\060\132\027\015\063\066\060\067\061
+\066\062\063\065\071\065\071\132\060\130\061\013\060\011\006\003
+\125\004\006\023\002\125\123\061\026\060\024\006\003\125\004\012
+\023\015\107\145\157\124\162\165\163\164\040\111\156\143\056\061
+\061\060\057\006\003\125\004\003\023\050\107\145\157\124\162\165
+\163\164\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\276\270\025\173\377\324\174\175\147\255\203\144\173
+\310\102\123\055\337\366\204\010\040\141\326\001\131\152\234\104
+\021\257\357\166\375\225\176\316\141\060\273\172\203\137\002\275
+\001\146\312\356\025\215\157\241\060\234\275\241\205\236\224\072
+\363\126\210\000\061\317\330\356\152\226\002\331\355\003\214\373
+\165\155\347\352\270\125\026\005\026\232\364\340\136\261\210\300
+\144\205\134\025\115\210\307\267\272\340\165\351\255\005\075\235
+\307\211\110\340\273\050\310\003\341\060\223\144\136\122\300\131
+\160\042\065\127\210\212\361\225\012\203\327\274\061\163\001\064
+\355\357\106\161\340\153\002\250\065\162\153\227\233\146\340\313
+\034\171\137\330\032\004\150\036\107\002\346\235\140\342\066\227
+\001\337\316\065\222\337\276\147\307\155\167\131\073\217\235\326
+\220\025\224\274\102\064\020\301\071\371\261\047\076\176\326\212
+\165\305\262\257\226\323\242\336\233\344\230\276\175\341\351\201
+\255\266\157\374\327\016\332\340\064\260\015\032\167\347\343\010
+\230\357\130\372\234\204\267\066\257\302\337\254\322\364\020\006
+\160\161\065\002\003\001\000\001\243\102\060\100\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\035\006
+\003\125\035\016\004\026\004\024\054\325\120\101\227\025\213\360
+\217\066\141\133\112\373\153\331\231\311\063\222\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
+\132\160\177\054\335\267\064\117\365\206\121\251\046\276\113\270
+\252\361\161\015\334\141\307\240\352\064\036\172\167\017\004\065
+\350\047\217\154\220\277\221\026\044\106\076\112\116\316\053\026
+\325\013\122\035\374\037\147\242\002\105\061\117\316\363\372\003
+\247\171\235\123\152\331\332\143\072\370\200\327\323\231\341\245
+\341\276\324\125\161\230\065\072\276\223\352\256\255\102\262\220
+\157\340\374\041\115\065\143\063\211\111\326\233\116\312\307\347
+\116\011\000\367\332\307\357\231\142\231\167\266\225\042\136\212
+\240\253\364\270\170\230\312\070\031\231\311\162\236\170\315\113
+\254\257\031\240\163\022\055\374\302\101\272\201\221\332\026\132
+\061\267\371\264\161\200\022\110\231\162\163\132\131\123\301\143
+\122\063\355\247\311\322\071\002\160\372\340\261\102\146\051\252
+\233\121\355\060\124\042\024\137\331\253\035\301\344\224\360\370
+\365\053\367\352\312\170\106\326\270\221\375\246\015\053\032\024
+\001\076\200\360\102\240\225\007\136\155\315\314\113\244\105\215
+\253\022\350\263\336\132\345\240\174\350\017\042\035\132\351\131
+END
+
+# Trust for Certificate "GeoTrust Primary Certification Authority"
+# Issuer: CN=GeoTrust Primary Certification Authority,O=GeoTrust Inc.,C=US
+# Serial Number:18:ac:b5:6a:fd:69:b6:15:3a:63:6c:af:da:fa:c4:a1
+# Subject: CN=GeoTrust Primary Certification Authority,O=GeoTrust Inc.,C=US
+# Not Valid Before: Mon Nov 27 00:00:00 2006
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): 02:26:C3:01:5E:08:30:37:43:A9:D0:7D:CF:37:E6:BF
+# Fingerprint (SHA1): 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Primary Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\062\074\021\216\033\367\270\266\122\124\342\342\020\015\326\002
+\220\067\360\226
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\002\046\303\001\136\010\060\067\103\251\320\175\317\067\346\277
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
+\163\164\040\111\156\143\056\061\061\060\057\006\003\125\004\003
+\023\050\107\145\157\124\162\165\163\164\040\120\162\151\155\141
+\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\030\254\265\152\375\151\266\025\072\143\154\257\332\372
+\304\241
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "thawte Primary Root CA"
+#
+# Issuer: CN=thawte Primary Root CA,OU="(c) 2006 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Serial Number:34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
+# Subject: CN=thawte Primary Root CA,OU="(c) 2006 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Not Valid Before: Fri Nov 17 00:00:00 2006
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): 8C:CA:DC:0B:22:CE:F5:BE:72:AC:41:1A:11:A8:D8:12
+# Fingerprint (SHA1): 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "thawte Primary Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\251\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013
+\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
+\156\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040
+\062\060\060\066\040\164\150\141\167\164\145\054\040\111\156\143
+\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172
+\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035\006
+\003\125\004\003\023\026\164\150\141\167\164\145\040\120\162\151
+\155\141\162\171\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\251\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013
+\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
+\156\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040
+\062\060\060\066\040\164\150\141\167\164\145\054\040\111\156\143
+\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172
+\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035\006
+\003\125\004\003\023\026\164\150\141\167\164\145\040\120\162\151
+\155\141\162\171\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\064\116\325\127\040\325\355\354\111\364\057\316\067\333
+\053\155
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\040\060\202\003\010\240\003\002\001\002\002\020\064
+\116\325\127\040\325\355\354\111\364\057\316\067\333\053\155\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\251\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025
+\060\023\006\003\125\004\012\023\014\164\150\141\167\164\145\054
+\040\111\156\143\056\061\050\060\046\006\003\125\004\013\023\037
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145
+\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061
+\070\060\066\006\003\125\004\013\023\057\050\143\051\040\062\060
+\060\066\040\164\150\141\167\164\145\054\040\111\156\143\056\040
+\055\040\106\157\162\040\141\165\164\150\157\162\151\172\145\144
+\040\165\163\145\040\157\156\154\171\061\037\060\035\006\003\125
+\004\003\023\026\164\150\141\167\164\145\040\120\162\151\155\141
+\162\171\040\122\157\157\164\040\103\101\060\036\027\015\060\066
+\061\061\061\067\060\060\060\060\060\060\132\027\015\063\066\060
+\067\061\066\062\063\065\071\065\071\132\060\201\251\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\025\060\023\006\003
+\125\004\012\023\014\164\150\141\167\164\145\054\040\111\156\143
+\056\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143
+\145\163\040\104\151\166\151\163\151\157\156\061\070\060\066\006
+\003\125\004\013\023\057\050\143\051\040\062\060\060\066\040\164
+\150\141\167\164\145\054\040\111\156\143\056\040\055\040\106\157
+\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163\145
+\040\157\156\154\171\061\037\060\035\006\003\125\004\003\023\026
+\164\150\141\167\164\145\040\120\162\151\155\141\162\171\040\122
+\157\157\164\040\103\101\060\202\001\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
+\001\012\002\202\001\001\000\254\240\360\373\200\131\324\234\307
+\244\317\235\241\131\163\011\020\105\014\015\054\156\150\361\154
+\133\110\150\111\131\067\374\013\063\031\302\167\177\314\020\055
+\225\064\034\346\353\115\011\247\034\322\270\311\227\066\002\267
+\211\324\044\137\006\300\314\104\224\224\215\002\142\157\353\132
+\335\021\215\050\232\134\204\220\020\172\015\275\164\146\057\152
+\070\240\342\325\124\104\353\035\007\237\007\272\157\356\351\375
+\116\013\051\365\076\204\240\001\361\234\253\370\034\176\211\244
+\350\241\330\161\145\015\243\121\173\356\274\322\042\140\015\271
+\133\235\337\272\374\121\133\013\257\230\262\351\056\351\004\350
+\142\207\336\053\310\327\116\301\114\144\036\335\317\207\130\272
+\112\117\312\150\007\035\034\235\112\306\325\057\221\314\174\161
+\162\034\305\300\147\353\062\375\311\222\134\224\332\205\300\233
+\277\123\175\053\011\364\214\235\221\037\227\152\122\313\336\011
+\066\244\167\330\173\207\120\104\325\076\156\051\151\373\071\111
+\046\036\011\245\200\173\100\055\353\350\047\205\311\376\141\375
+\176\346\174\227\035\325\235\002\003\001\000\001\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\035\006\003\125\035\016\004\026\004\024\173\133\105\317
+\257\316\313\172\375\061\222\032\152\266\363\106\353\127\110\120
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\171\021\300\113\263\221\266\374\360\351\147\324
+\015\156\105\276\125\350\223\322\316\003\077\355\332\045\260\035
+\127\313\036\072\166\240\114\354\120\166\350\144\162\014\244\251
+\361\270\213\326\326\207\204\273\062\345\101\021\300\167\331\263
+\140\235\353\033\325\321\156\104\104\251\246\001\354\125\142\035
+\167\270\134\216\110\111\174\234\073\127\021\254\255\163\067\216
+\057\170\134\220\150\107\331\140\140\346\374\007\075\042\040\027
+\304\367\026\351\304\330\162\371\310\163\174\337\026\057\025\251
+\076\375\152\047\266\241\353\132\272\230\037\325\343\115\144\012
+\235\023\310\141\272\365\071\034\207\272\270\275\173\042\177\366
+\376\254\100\171\345\254\020\157\075\217\033\171\166\213\304\067
+\263\041\030\204\345\066\000\353\143\040\231\271\351\376\063\004
+\273\101\310\301\002\371\104\143\040\236\201\316\102\323\326\077
+\054\166\323\143\234\131\335\217\246\341\016\240\056\101\367\056
+\225\107\317\274\375\063\363\366\013\141\176\176\221\053\201\107
+\302\047\060\356\247\020\135\067\217\134\071\053\344\004\360\173
+\215\126\214\150
+END
+
+# Trust for Certificate "thawte Primary Root CA"
+# Issuer: CN=thawte Primary Root CA,OU="(c) 2006 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Serial Number:34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
+# Subject: CN=thawte Primary Root CA,OU="(c) 2006 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Not Valid Before: Fri Nov 17 00:00:00 2006
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): 8C:CA:DC:0B:22:CE:F5:BE:72:AC:41:1A:11:A8:D8:12
+# Fingerprint (SHA1): 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "thawte Primary Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\221\306\326\356\076\212\310\143\204\345\110\302\231\051\134\165
+\154\201\173\201
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\214\312\334\013\042\316\365\276\162\254\101\032\021\250\330\022
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\251\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013
+\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
+\156\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040
+\062\060\060\066\040\164\150\141\167\164\145\054\040\111\156\143
+\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172
+\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035\006
+\003\125\004\003\023\026\164\150\141\167\164\145\040\120\162\151
+\155\141\162\171\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\064\116\325\127\040\325\355\354\111\364\057\316\067\333
+\053\155
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
+#
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
+# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Wed Nov 08 00:00:00 2006
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): CB:17:E4:31:67:3E:E2:09:FE:45:57:93:F3:0A:FA:1C
+# Fingerprint (SHA1): 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign Class 3 Public Primary Certification Authority - G5"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\066\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\065
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\066\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\030\332\321\236\046\175\350\273\112\041\130\315\314\153
+\073\112
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\323\060\202\003\273\240\003\002\001\002\002\020\030
+\332\321\236\046\175\350\273\112\041\130\315\314\153\073\112\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\312\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
+\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
+\156\054\040\111\156\143\056\061\037\060\035\006\003\125\004\013
+\023\026\126\145\162\151\123\151\147\156\040\124\162\165\163\164
+\040\116\145\164\167\157\162\153\061\072\060\070\006\003\125\004
+\013\023\061\050\143\051\040\062\060\060\066\040\126\145\162\151
+\123\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162
+\040\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040
+\157\156\154\171\061\105\060\103\006\003\125\004\003\023\074\126
+\145\162\151\123\151\147\156\040\103\154\141\163\163\040\063\040
+\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\065\060\036\027\015\060
+\066\061\061\060\070\060\060\060\060\060\060\132\027\015\063\066
+\060\067\061\066\062\063\065\071\065\071\132\060\201\312\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006
+\003\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040
+\111\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126
+\145\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061
+\050\143\051\040\062\060\060\066\040\126\145\162\151\123\151\147
+\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
+\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
+\171\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151
+\123\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142
+\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\040\055\040\107\065\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\257\044\010\010\051\172\065
+\236\140\014\252\347\113\073\116\334\174\274\074\105\034\273\053
+\340\376\051\002\371\127\010\243\144\205\025\047\365\361\255\310
+\061\211\135\042\350\052\252\246\102\263\217\370\271\125\267\261
+\267\113\263\376\217\176\007\127\354\357\103\333\146\142\025\141
+\317\140\015\244\330\336\370\340\303\142\010\075\124\023\353\111
+\312\131\124\205\046\345\053\217\033\237\353\365\241\221\302\063
+\111\330\103\143\152\122\113\322\217\350\160\121\115\321\211\151
+\173\307\160\366\263\334\022\164\333\173\135\113\126\323\226\277
+\025\167\241\260\364\242\045\362\257\034\222\147\030\345\364\006
+\004\357\220\271\344\000\344\335\072\265\031\377\002\272\364\074
+\356\340\213\353\067\213\354\364\327\254\362\366\360\075\257\335
+\165\221\063\031\035\034\100\313\164\044\031\041\223\331\024\376
+\254\052\122\307\217\325\004\111\344\215\143\107\210\074\151\203
+\313\376\107\275\053\176\117\305\225\256\016\235\324\321\103\300
+\147\163\343\024\010\176\345\077\237\163\270\063\012\317\135\077
+\064\207\226\212\356\123\350\045\025\002\003\001\000\001\243\201
+\262\060\201\257\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\155\006\010\053\006\001\005\005\007\001
+\014\004\141\060\137\241\135\240\133\060\131\060\127\060\125\026
+\011\151\155\141\147\145\057\147\151\146\060\041\060\037\060\007
+\006\005\053\016\003\002\032\004\024\217\345\323\032\206\254\215
+\216\153\303\317\200\152\324\110\030\054\173\031\056\060\045\026
+\043\150\164\164\160\072\057\057\154\157\147\157\056\166\145\162
+\151\163\151\147\156\056\143\157\155\057\166\163\154\157\147\157
+\056\147\151\146\060\035\006\003\125\035\016\004\026\004\024\177
+\323\145\247\302\335\354\273\360\060\011\363\103\071\372\002\257
+\063\061\063\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\003\202\001\001\000\223\044\112\060\137\142\317\330\032
+\230\057\075\352\334\231\055\275\167\366\245\171\042\070\354\304
+\247\240\170\022\255\142\016\105\160\144\305\347\227\146\055\230
+\011\176\137\257\326\314\050\145\362\001\252\010\032\107\336\371
+\371\174\222\132\010\151\040\015\331\076\155\156\074\015\156\330
+\346\006\221\100\030\271\370\301\355\337\333\101\252\340\226\040
+\311\315\144\025\070\201\311\224\356\242\204\051\013\023\157\216
+\333\014\335\045\002\333\244\213\031\104\322\101\172\005\151\112
+\130\117\140\312\176\202\152\013\002\252\045\027\071\265\333\177
+\347\204\145\052\225\212\275\206\336\136\201\026\203\055\020\314
+\336\375\250\202\052\155\050\037\015\013\304\345\347\032\046\031
+\341\364\021\157\020\265\225\374\347\102\005\062\333\316\235\121
+\136\050\266\236\205\323\133\357\245\175\105\100\162\216\267\016
+\153\016\006\373\063\065\110\161\270\235\047\213\304\145\137\015
+\206\166\234\104\172\366\225\134\366\135\062\010\063\244\124\266
+\030\077\150\134\362\102\112\205\070\124\203\137\321\350\054\362
+\254\021\326\250\355\143\152
+END
+
+# Trust for Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
+# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Wed Nov 08 00:00:00 2006
+# Not Valid After : Wed Jul 16 23:59:59 2036
+# Fingerprint (MD5): CB:17:E4:31:67:3E:E2:09:FE:45:57:93:F3:0A:FA:1C
+# Fingerprint (SHA1): 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign Class 3 Public Primary Certification Authority - G5"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\116\266\325\170\111\233\034\317\137\130\036\255\126\276\075\233
+\147\104\245\345
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\313\027\344\061\147\076\342\011\376\105\127\223\363\012\372\034
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\066\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\030\332\321\236\046\175\350\273\112\041\130\315\314\153
+\073\112
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SecureTrust CA"
+#
+# Issuer: CN=SecureTrust CA,O=SecureTrust Corporation,C=US
+# Serial Number:0c:f0:8e:5c:08:16:a5:ad:42:7f:f0:eb:27:18:59:d0
+# Subject: CN=SecureTrust CA,O=SecureTrust Corporation,C=US
+# Not Valid Before: Tue Nov 07 19:31:18 2006
+# Not Valid After : Mon Dec 31 19:40:55 2029
+# Fingerprint (MD5): DC:32:C3:A7:6D:25:57:C7:68:09:9D:EA:2D:A9:A2:D1
+# Fingerprint (SHA1): 87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SecureTrust CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\123\145\143\165\162\145
+\124\162\165\163\164\040\103\157\162\160\157\162\141\164\151\157
+\156\061\027\060\025\006\003\125\004\003\023\016\123\145\143\165
+\162\145\124\162\165\163\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\123\145\143\165\162\145
+\124\162\165\163\164\040\103\157\162\160\157\162\141\164\151\157
+\156\061\027\060\025\006\003\125\004\003\023\016\123\145\143\165
+\162\145\124\162\165\163\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\014\360\216\134\010\026\245\255\102\177\360\353\047\030
+\131\320
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\270\060\202\002\240\240\003\002\001\002\002\020\014
+\360\216\134\010\026\245\255\102\177\360\353\047\030\131\320\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\110
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040\060
+\036\006\003\125\004\012\023\027\123\145\143\165\162\145\124\162
+\165\163\164\040\103\157\162\160\157\162\141\164\151\157\156\061
+\027\060\025\006\003\125\004\003\023\016\123\145\143\165\162\145
+\124\162\165\163\164\040\103\101\060\036\027\015\060\066\061\061
+\060\067\061\071\063\061\061\070\132\027\015\062\071\061\062\063
+\061\061\071\064\060\065\065\132\060\110\061\013\060\011\006\003
+\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004\012
+\023\027\123\145\143\165\162\145\124\162\165\163\164\040\103\157
+\162\160\157\162\141\164\151\157\156\061\027\060\025\006\003\125
+\004\003\023\016\123\145\143\165\162\145\124\162\165\163\164\040
+\103\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\253\244\201\345\225\315\365\366\024\216\302\117\312
+\324\342\170\225\130\234\101\341\015\231\100\044\027\071\221\063
+\146\351\276\341\203\257\142\134\211\321\374\044\133\141\263\340
+\021\021\101\034\035\156\360\270\273\370\336\247\201\272\246\110
+\306\237\035\275\276\216\251\101\076\270\224\355\051\032\324\216
+\322\003\035\003\357\155\015\147\034\127\327\006\255\312\310\365
+\376\016\257\146\045\110\004\226\013\135\243\272\026\303\010\117
+\321\106\370\024\134\362\310\136\001\231\155\375\210\314\206\250
+\301\157\061\102\154\122\076\150\313\363\031\064\337\273\207\030
+\126\200\046\304\320\334\300\157\337\336\240\302\221\026\240\144
+\021\113\104\274\036\366\347\372\143\336\146\254\166\244\161\243
+\354\066\224\150\172\167\244\261\347\016\057\201\172\342\265\162
+\206\357\242\153\213\360\017\333\323\131\077\272\162\274\104\044
+\234\343\163\263\367\257\127\057\102\046\235\251\164\272\000\122
+\362\113\315\123\174\107\013\066\205\016\146\251\010\227\026\064
+\127\301\146\367\200\343\355\160\124\307\223\340\056\050\025\131
+\207\272\273\002\003\001\000\001\243\201\235\060\201\232\060\023
+\006\011\053\006\001\004\001\202\067\024\002\004\006\036\004\000
+\103\000\101\060\013\006\003\125\035\017\004\004\003\002\001\206
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\035\006\003\125\035\016\004\026\004\024\102\062\266\026
+\372\004\375\376\135\113\172\303\375\367\114\100\035\132\103\257
+\060\064\006\003\125\035\037\004\055\060\053\060\051\240\047\240
+\045\206\043\150\164\164\160\072\057\057\143\162\154\056\163\145
+\143\165\162\145\164\162\165\163\164\056\143\157\155\057\123\124
+\103\101\056\143\162\154\060\020\006\011\053\006\001\004\001\202
+\067\025\001\004\003\002\001\000\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\001\001\000\060\355\117\112
+\341\130\072\122\162\133\265\246\243\145\030\246\273\121\073\167
+\351\235\352\323\237\134\340\105\145\173\015\312\133\342\160\120
+\262\224\005\024\256\111\307\215\101\007\022\163\224\176\014\043
+\041\375\274\020\177\140\020\132\162\365\230\016\254\354\271\177
+\335\172\157\135\323\034\364\377\210\005\151\102\251\005\161\310
+\267\254\046\350\056\264\214\152\377\161\334\270\261\337\231\274
+\174\041\124\053\344\130\242\273\127\051\256\236\251\243\031\046
+\017\231\056\010\260\357\375\151\317\231\032\011\215\343\247\237
+\053\311\066\064\173\044\263\170\114\225\027\244\006\046\036\266
+\144\122\066\137\140\147\331\234\305\005\164\013\347\147\043\322
+\010\374\210\351\256\213\177\341\060\364\067\176\375\306\062\332
+\055\236\104\060\060\154\356\007\336\322\064\374\322\377\100\366
+\113\364\146\106\006\124\246\362\062\012\143\046\060\153\233\321
+\334\213\107\272\341\271\325\142\320\242\240\364\147\005\170\051
+\143\032\157\004\326\370\306\114\243\232\261\067\264\215\345\050
+\113\035\236\054\302\270\150\274\355\002\356\061
+END
+
+# Trust for Certificate "SecureTrust CA"
+# Issuer: CN=SecureTrust CA,O=SecureTrust Corporation,C=US
+# Serial Number:0c:f0:8e:5c:08:16:a5:ad:42:7f:f0:eb:27:18:59:d0
+# Subject: CN=SecureTrust CA,O=SecureTrust Corporation,C=US
+# Not Valid Before: Tue Nov 07 19:31:18 2006
+# Not Valid After : Mon Dec 31 19:40:55 2029
+# Fingerprint (MD5): DC:32:C3:A7:6D:25:57:C7:68:09:9D:EA:2D:A9:A2:D1
+# Fingerprint (SHA1): 87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SecureTrust CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\207\202\306\303\004\065\073\317\322\226\222\322\131\076\175\104
+\331\064\377\021
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\334\062\303\247\155\045\127\307\150\011\235\352\055\251\242\321
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\123\145\143\165\162\145
+\124\162\165\163\164\040\103\157\162\160\157\162\141\164\151\157
+\156\061\027\060\025\006\003\125\004\003\023\016\123\145\143\165
+\162\145\124\162\165\163\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\014\360\216\134\010\026\245\255\102\177\360\353\047\030
+\131\320
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Secure Global CA"
+#
+# Issuer: CN=Secure Global CA,O=SecureTrust Corporation,C=US
+# Serial Number:07:56:22:a4:e8:d4:8a:89:4d:f4:13:c8:f0:f8:ea:a5
+# Subject: CN=Secure Global CA,O=SecureTrust Corporation,C=US
+# Not Valid Before: Tue Nov 07 19:42:28 2006
+# Not Valid After : Mon Dec 31 19:52:06 2029
+# Fingerprint (MD5): CF:F4:27:0D:D4:ED:DC:65:16:49:6D:3D:DA:BF:6E:DE
+# Fingerprint (SHA1): 3A:44:73:5A:E5:81:90:1F:24:86:61:46:1E:3B:9C:C4:5F:F5:3A:1B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Secure Global CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\112\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\123\145\143\165\162\145
+\124\162\165\163\164\040\103\157\162\160\157\162\141\164\151\157
+\156\061\031\060\027\006\003\125\004\003\023\020\123\145\143\165
+\162\145\040\107\154\157\142\141\154\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\112\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\123\145\143\165\162\145
+\124\162\165\163\164\040\103\157\162\160\157\162\141\164\151\157
+\156\061\031\060\027\006\003\125\004\003\023\020\123\145\143\165
+\162\145\040\107\154\157\142\141\154\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\007\126\042\244\350\324\212\211\115\364\023\310\360\370
+\352\245
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\274\060\202\002\244\240\003\002\001\002\002\020\007
+\126\042\244\350\324\212\211\115\364\023\310\360\370\352\245\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\112
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040\060
+\036\006\003\125\004\012\023\027\123\145\143\165\162\145\124\162
+\165\163\164\040\103\157\162\160\157\162\141\164\151\157\156\061
+\031\060\027\006\003\125\004\003\023\020\123\145\143\165\162\145
+\040\107\154\157\142\141\154\040\103\101\060\036\027\015\060\066
+\061\061\060\067\061\071\064\062\062\070\132\027\015\062\071\061
+\062\063\061\061\071\065\062\060\066\132\060\112\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125
+\004\012\023\027\123\145\143\165\162\145\124\162\165\163\164\040
+\103\157\162\160\157\162\141\164\151\157\156\061\031\060\027\006
+\003\125\004\003\023\020\123\145\143\165\162\145\040\107\154\157
+\142\141\154\040\103\101\060\202\001\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
+\001\012\002\202\001\001\000\257\065\056\330\254\154\125\151\006
+\161\345\023\150\044\263\117\330\314\041\107\370\361\140\070\211
+\211\003\351\275\352\136\106\123\011\334\134\365\132\350\367\105
+\052\002\353\061\141\327\051\063\114\316\307\174\012\067\176\017
+\272\062\230\341\035\227\257\217\307\334\311\070\226\363\333\032
+\374\121\355\150\306\320\156\244\174\044\321\256\102\310\226\120
+\143\056\340\376\165\376\230\247\137\111\056\225\343\071\063\144
+\216\036\244\137\220\322\147\074\262\331\376\101\271\125\247\011
+\216\162\005\036\213\335\104\205\202\102\320\111\300\035\140\360
+\321\027\054\225\353\366\245\301\222\243\305\302\247\010\140\015
+\140\004\020\226\171\236\026\064\346\251\266\372\045\105\071\310
+\036\145\371\223\365\252\361\122\334\231\230\075\245\206\032\014
+\065\063\372\113\245\004\006\025\034\061\200\357\252\030\153\302
+\173\327\332\316\371\063\040\325\365\275\152\063\055\201\004\373
+\260\134\324\234\243\342\134\035\343\251\102\165\136\173\324\167
+\357\071\124\272\311\012\030\033\022\231\111\057\210\113\375\120
+\142\321\163\347\217\172\103\002\003\001\000\001\243\201\235\060
+\201\232\060\023\006\011\053\006\001\004\001\202\067\024\002\004
+\006\036\004\000\103\000\101\060\013\006\003\125\035\017\004\004
+\003\002\001\206\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024
+\257\104\004\302\101\176\110\203\333\116\071\002\354\354\204\172
+\346\316\311\244\060\064\006\003\125\035\037\004\055\060\053\060
+\051\240\047\240\045\206\043\150\164\164\160\072\057\057\143\162
+\154\056\163\145\143\165\162\145\164\162\165\163\164\056\143\157
+\155\057\123\107\103\101\056\143\162\154\060\020\006\011\053\006
+\001\004\001\202\067\025\001\004\003\002\001\000\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
+\143\032\010\100\175\244\136\123\015\167\330\172\256\037\015\013
+\121\026\003\357\030\174\310\343\257\152\130\223\024\140\221\262
+\204\334\210\116\276\071\212\072\363\346\202\211\135\001\067\263
+\253\044\244\025\016\222\065\132\112\104\136\116\127\372\165\316
+\037\110\316\146\364\074\100\046\222\230\154\033\356\044\106\014
+\027\263\122\245\333\245\221\221\317\067\323\157\347\047\010\072
+\116\031\037\072\247\130\134\027\317\171\077\213\344\247\323\046
+\043\235\046\017\130\151\374\107\176\262\320\215\213\223\277\051
+\117\103\151\164\166\147\113\317\007\214\346\002\367\265\341\264
+\103\265\113\055\024\237\371\334\046\015\277\246\107\164\006\330
+\210\321\072\051\060\204\316\322\071\200\142\033\250\307\127\111
+\274\152\125\121\147\025\112\276\065\007\344\325\165\230\067\171
+\060\024\333\051\235\154\305\151\314\107\125\242\060\367\314\134
+\177\302\303\230\034\153\116\026\200\353\172\170\145\105\242\000
+\032\257\014\015\125\144\064\110\270\222\271\361\264\120\051\362
+\117\043\037\332\154\254\037\104\341\335\043\170\121\133\307\026
+END
+
+# Trust for Certificate "Secure Global CA"
+# Issuer: CN=Secure Global CA,O=SecureTrust Corporation,C=US
+# Serial Number:07:56:22:a4:e8:d4:8a:89:4d:f4:13:c8:f0:f8:ea:a5
+# Subject: CN=Secure Global CA,O=SecureTrust Corporation,C=US
+# Not Valid Before: Tue Nov 07 19:42:28 2006
+# Not Valid After : Mon Dec 31 19:52:06 2029
+# Fingerprint (MD5): CF:F4:27:0D:D4:ED:DC:65:16:49:6D:3D:DA:BF:6E:DE
+# Fingerprint (SHA1): 3A:44:73:5A:E5:81:90:1F:24:86:61:46:1E:3B:9C:C4:5F:F5:3A:1B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Secure Global CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\072\104\163\132\345\201\220\037\044\206\141\106\036\073\234\304
+\137\365\072\033
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\317\364\047\015\324\355\334\145\026\111\155\075\332\277\156\336
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\112\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\040\060\036\006\003\125\004\012\023\027\123\145\143\165\162\145
+\124\162\165\163\164\040\103\157\162\160\157\162\141\164\151\157
+\156\061\031\060\027\006\003\125\004\003\023\020\123\145\143\165
+\162\145\040\107\154\157\142\141\154\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\007\126\042\244\350\324\212\211\115\364\023\310\360\370
+\352\245
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "COMODO Certification Authority"
+#
+# Issuer: CN=COMODO Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number:4e:81:2d:8a:82:65:e0:0b:02:ee:3e:35:02:46:e5:3d
+# Subject: CN=COMODO Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Fri Dec 01 00:00:00 2006
+# Not Valid After : Mon Dec 31 23:59:59 2029
+# Fingerprint (MD5): 5C:48:DC:F7:42:72:EC:56:94:6D:1C:CC:71:35:80:75
+# Fingerprint (SHA1): 66:31:BF:9E:F7:4F:9E:B6:C9:D5:A6:0C:BA:6A:BE:D1:F7:BD:EF:7B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "COMODO Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\201\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\047\060\045\006
+\003\125\004\003\023\036\103\117\115\117\104\117\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\201\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\047\060\045\006
+\003\125\004\003\023\036\103\117\115\117\104\117\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\116\201\055\212\202\145\340\013\002\356\076\065\002\106
+\345\075
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\035\060\202\003\005\240\003\002\001\002\002\020\116
+\201\055\212\202\145\340\013\002\356\076\065\002\106\345\075\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\201\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033
+\060\031\006\003\125\004\010\023\022\107\162\145\141\164\145\162
+\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006
+\003\125\004\007\023\007\123\141\154\146\157\162\144\061\032\060
+\030\006\003\125\004\012\023\021\103\117\115\117\104\117\040\103
+\101\040\114\151\155\151\164\145\144\061\047\060\045\006\003\125
+\004\003\023\036\103\117\115\117\104\117\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\060\036\027\015\060\066\061\062\060\061\060\060\060\060
+\060\060\132\027\015\062\071\061\062\063\061\062\063\065\071\065
+\071\132\060\201\201\061\013\060\011\006\003\125\004\006\023\002
+\107\102\061\033\060\031\006\003\125\004\010\023\022\107\162\145
+\141\164\145\162\040\115\141\156\143\150\145\163\164\145\162\061
+\020\060\016\006\003\125\004\007\023\007\123\141\154\146\157\162
+\144\061\032\060\030\006\003\125\004\012\023\021\103\117\115\117
+\104\117\040\103\101\040\114\151\155\151\164\145\144\061\047\060
+\045\006\003\125\004\003\023\036\103\117\115\117\104\117\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\060\202\001\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
+\001\012\002\202\001\001\000\320\100\213\213\162\343\221\033\367
+\121\301\033\124\004\230\323\251\277\301\346\212\135\073\207\373
+\273\210\316\015\343\057\077\006\226\360\242\051\120\231\256\333
+\073\241\127\260\164\121\161\315\355\102\221\115\101\376\251\310
+\330\152\206\167\104\273\131\146\227\120\136\264\324\054\160\104
+\317\332\067\225\102\151\074\060\304\161\263\122\360\041\115\241
+\330\272\071\174\034\236\243\044\235\362\203\026\230\252\026\174
+\103\233\025\133\267\256\064\221\376\324\142\046\030\106\232\077
+\353\301\371\361\220\127\353\254\172\015\213\333\162\060\152\146
+\325\340\106\243\160\334\150\331\377\004\110\211\167\336\265\351
+\373\147\155\101\351\274\071\275\062\331\142\002\361\261\250\075
+\156\067\234\342\057\342\323\242\046\213\306\270\125\103\210\341
+\043\076\245\322\044\071\152\107\253\000\324\241\263\251\045\376
+\015\077\247\035\272\323\121\301\013\244\332\254\070\357\125\120
+\044\005\145\106\223\064\117\055\215\255\306\324\041\031\322\216
+\312\005\141\161\007\163\107\345\212\031\022\275\004\115\316\116
+\234\245\110\254\273\046\367\002\003\001\000\001\243\201\216\060
+\201\213\060\035\006\003\125\035\016\004\026\004\024\013\130\345
+\213\306\114\025\067\244\100\251\060\251\041\276\107\066\132\126
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\111\006\003\125\035\037\004\102\060\100\060\076\240
+\074\240\072\206\070\150\164\164\160\072\057\057\143\162\154\056
+\143\157\155\157\144\157\143\141\056\143\157\155\057\103\117\115
+\117\104\117\103\145\162\164\151\146\151\143\141\164\151\157\156
+\101\165\164\150\157\162\151\164\171\056\143\162\154\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
+\000\076\230\236\233\366\033\351\327\071\267\170\256\035\162\030
+\111\323\207\344\103\202\353\077\311\252\365\250\265\357\125\174
+\041\122\145\371\325\015\341\154\364\076\214\223\163\221\056\002
+\304\116\007\161\157\300\217\070\141\010\250\036\201\012\300\057
+\040\057\101\213\221\334\110\105\274\361\306\336\272\166\153\063
+\310\000\055\061\106\114\355\347\235\317\210\224\377\063\300\126
+\350\044\206\046\270\330\070\070\337\052\153\335\022\314\307\077
+\107\027\114\242\302\006\226\011\326\333\376\077\074\106\101\337
+\130\342\126\017\074\073\301\034\223\065\331\070\122\254\356\310
+\354\056\060\116\224\065\264\044\037\113\170\151\332\362\002\070
+\314\225\122\223\360\160\045\131\234\040\147\304\356\371\213\127
+\141\364\222\166\175\077\204\215\125\267\350\345\254\325\361\365
+\031\126\246\132\373\220\034\257\223\353\345\034\324\147\227\135
+\004\016\276\013\203\246\027\203\271\060\022\240\305\063\025\005
+\271\015\373\307\005\166\343\330\112\215\374\064\027\243\306\041
+\050\276\060\105\061\036\307\170\276\130\141\070\254\073\342\001
+\145
+END
+
+# Trust for Certificate "COMODO Certification Authority"
+# Issuer: CN=COMODO Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number:4e:81:2d:8a:82:65:e0:0b:02:ee:3e:35:02:46:e5:3d
+# Subject: CN=COMODO Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Fri Dec 01 00:00:00 2006
+# Not Valid After : Mon Dec 31 23:59:59 2029
+# Fingerprint (MD5): 5C:48:DC:F7:42:72:EC:56:94:6D:1C:CC:71:35:80:75
+# Fingerprint (SHA1): 66:31:BF:9E:F7:4F:9E:B6:C9:D5:A6:0C:BA:6A:BE:D1:F7:BD:EF:7B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "COMODO Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\146\061\277\236\367\117\236\266\311\325\246\014\272\152\276\321
+\367\275\357\173
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\134\110\334\367\102\162\354\126\224\155\034\314\161\065\200\165
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\201\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\047\060\045\006
+\003\125\004\003\023\036\103\117\115\117\104\117\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\116\201\055\212\202\145\340\013\002\356\076\065\002\106
+\345\075
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Network Solutions Certificate Authority"
+#
+# Issuer: CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US
+# Serial Number:57:cb:33:6f:c2:5c:16:e6:47:16:17:e3:90:31:68:e0
+# Subject: CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US
+# Not Valid Before: Fri Dec 01 00:00:00 2006
+# Not Valid After : Mon Dec 31 23:59:59 2029
+# Fingerprint (MD5): D3:F3:A6:16:C0:FA:6B:1D:59:B1:2D:96:4D:0E:11:2E
+# Fingerprint (SHA1): 74:F8:A3:C3:EF:E7:B3:90:06:4B:83:90:3C:21:64:60:20:E5:DF:CE
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Network Solutions Certificate Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\142\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\041\060\037\006\003\125\004\012\023\030\116\145\164\167\157\162
+\153\040\123\157\154\165\164\151\157\156\163\040\114\056\114\056
+\103\056\061\060\060\056\006\003\125\004\003\023\047\116\145\164
+\167\157\162\153\040\123\157\154\165\164\151\157\156\163\040\103
+\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157
+\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\142\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\041\060\037\006\003\125\004\012\023\030\116\145\164\167\157\162
+\153\040\123\157\154\165\164\151\157\156\163\040\114\056\114\056
+\103\056\061\060\060\056\006\003\125\004\003\023\047\116\145\164
+\167\157\162\153\040\123\157\154\165\164\151\157\156\163\040\103
+\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157
+\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\127\313\063\157\302\134\026\346\107\026\027\343\220\061
+\150\340
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\346\060\202\002\316\240\003\002\001\002\002\020\127
+\313\063\157\302\134\026\346\107\026\027\343\220\061\150\340\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\142
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\041\060
+\037\006\003\125\004\012\023\030\116\145\164\167\157\162\153\040
+\123\157\154\165\164\151\157\156\163\040\114\056\114\056\103\056
+\061\060\060\056\006\003\125\004\003\023\047\116\145\164\167\157
+\162\153\040\123\157\154\165\164\151\157\156\163\040\103\145\162
+\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
+\164\171\060\036\027\015\060\066\061\062\060\061\060\060\060\060
+\060\060\132\027\015\062\071\061\062\063\061\062\063\065\071\065
+\071\132\060\142\061\013\060\011\006\003\125\004\006\023\002\125
+\123\061\041\060\037\006\003\125\004\012\023\030\116\145\164\167
+\157\162\153\040\123\157\154\165\164\151\157\156\163\040\114\056
+\114\056\103\056\061\060\060\056\006\003\125\004\003\023\047\116
+\145\164\167\157\162\153\040\123\157\154\165\164\151\157\156\163
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\060\202\001\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
+\001\012\002\202\001\001\000\344\274\176\222\060\155\306\330\216
+\053\013\274\106\316\340\047\226\336\336\371\372\022\323\074\063
+\163\263\004\057\274\161\214\345\237\266\042\140\076\137\135\316
+\011\377\202\014\033\232\121\120\032\046\211\335\325\141\135\031
+\334\022\017\055\012\242\103\135\027\320\064\222\040\352\163\317
+\070\054\006\046\011\172\162\367\372\120\062\370\302\223\323\151
+\242\043\316\101\261\314\344\325\037\066\321\212\072\370\214\143
+\342\024\131\151\355\015\323\177\153\350\270\003\345\117\152\345
+\230\143\151\110\005\276\056\377\063\266\351\227\131\151\370\147
+\031\256\223\141\226\104\025\323\162\260\077\274\152\175\354\110
+\177\215\303\253\252\161\053\123\151\101\123\064\265\260\271\305
+\006\012\304\260\105\365\101\135\156\211\105\173\075\073\046\214
+\164\302\345\322\321\175\262\021\324\373\130\062\042\232\200\311
+\334\375\014\351\177\136\003\227\316\073\000\024\207\047\160\070
+\251\216\156\263\047\166\230\121\340\005\343\041\253\032\325\205
+\042\074\051\265\232\026\305\200\250\364\273\153\060\217\057\106
+\002\242\261\014\042\340\323\002\003\001\000\001\243\201\227\060
+\201\224\060\035\006\003\125\035\016\004\026\004\024\041\060\311
+\373\000\327\116\230\332\207\252\052\320\247\056\261\100\061\247
+\114\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\122\006\003\125\035\037\004\113\060\111\060\107\240
+\105\240\103\206\101\150\164\164\160\072\057\057\143\162\154\056
+\156\145\164\163\157\154\163\163\154\056\143\157\155\057\116\145
+\164\167\157\162\153\123\157\154\165\164\151\157\156\163\103\145
+\162\164\151\146\151\143\141\164\145\101\165\164\150\157\162\151
+\164\171\056\143\162\154\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\001\001\000\273\256\113\347\267\127
+\353\177\252\055\267\163\107\205\152\301\344\245\035\344\347\074
+\351\364\131\145\167\265\172\133\132\215\045\066\340\172\227\056
+\070\300\127\140\203\230\006\203\237\271\166\172\156\120\340\272
+\210\054\374\105\314\030\260\231\225\121\016\354\035\270\210\377
+\207\120\034\202\302\343\340\062\200\277\240\013\107\310\303\061
+\357\231\147\062\200\117\027\041\171\014\151\134\336\136\064\256
+\002\265\046\352\120\337\177\030\145\054\311\362\143\341\251\007
+\376\174\161\037\153\063\044\152\036\005\367\005\150\300\152\022
+\313\056\136\141\313\256\050\323\176\302\264\146\221\046\137\074
+\056\044\137\313\130\017\353\050\354\257\021\226\363\334\173\157
+\300\247\210\362\123\167\263\140\136\256\256\050\332\065\054\157
+\064\105\323\046\341\336\354\133\117\047\153\026\174\275\104\004
+\030\202\263\211\171\027\020\161\075\172\242\026\116\365\001\315
+\244\154\145\150\241\111\166\134\103\311\330\274\066\147\154\245
+\224\265\324\314\271\275\152\065\126\041\336\330\303\353\373\313
+\244\140\114\260\125\240\240\173\127\262
+END
+
+# Trust for Certificate "Network Solutions Certificate Authority"
+# Issuer: CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US
+# Serial Number:57:cb:33:6f:c2:5c:16:e6:47:16:17:e3:90:31:68:e0
+# Subject: CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US
+# Not Valid Before: Fri Dec 01 00:00:00 2006
+# Not Valid After : Mon Dec 31 23:59:59 2029
+# Fingerprint (MD5): D3:F3:A6:16:C0:FA:6B:1D:59:B1:2D:96:4D:0E:11:2E
+# Fingerprint (SHA1): 74:F8:A3:C3:EF:E7:B3:90:06:4B:83:90:3C:21:64:60:20:E5:DF:CE
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Network Solutions Certificate Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\164\370\243\303\357\347\263\220\006\113\203\220\074\041\144\140
+\040\345\337\316
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\323\363\246\026\300\372\153\035\131\261\055\226\115\016\021\056
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\142\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\041\060\037\006\003\125\004\012\023\030\116\145\164\167\157\162
+\153\040\123\157\154\165\164\151\157\156\163\040\114\056\114\056
+\103\056\061\060\060\056\006\003\125\004\003\023\047\116\145\164
+\167\157\162\153\040\123\157\154\165\164\151\157\156\163\040\103
+\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157
+\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\127\313\063\157\302\134\026\346\107\026\027\343\220\061
+\150\340
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "COMODO ECC Certification Authority"
+#
+# Issuer: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number:1f:47:af:aa:62:00:70:50:54:4c:01:9e:9b:63:99:2a
+# Subject: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Mar 06 00:00:00 2008
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 7C:62:FF:74:9D:31:53:5E:68:4A:D5:78:AA:1E:BF:23
+# Fingerprint (SHA1): 9F:74:4E:9F:2B:4D:BA:EC:0F:31:2C:50:B6:56:3B:8E:2D:93:C3:11
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "COMODO ECC Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\053\060\051\006
+\003\125\004\003\023\042\103\117\115\117\104\117\040\105\103\103
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\053\060\051\006
+\003\125\004\003\023\042\103\117\115\117\104\117\040\105\103\103
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\037\107\257\252\142\000\160\120\124\114\001\236\233\143
+\231\052
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\211\060\202\002\017\240\003\002\001\002\002\020\037
+\107\257\252\142\000\160\120\124\114\001\236\233\143\231\052\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\205\061\013
+\060\011\006\003\125\004\006\023\002\107\102\061\033\060\031\006
+\003\125\004\010\023\022\107\162\145\141\164\145\162\040\115\141
+\156\143\150\145\163\164\145\162\061\020\060\016\006\003\125\004
+\007\023\007\123\141\154\146\157\162\144\061\032\060\030\006\003
+\125\004\012\023\021\103\117\115\117\104\117\040\103\101\040\114
+\151\155\151\164\145\144\061\053\060\051\006\003\125\004\003\023
+\042\103\117\115\117\104\117\040\105\103\103\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\060\036\027\015\060\070\060\063\060\066\060\060\060
+\060\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071
+\065\071\132\060\201\205\061\013\060\011\006\003\125\004\006\023
+\002\107\102\061\033\060\031\006\003\125\004\010\023\022\107\162
+\145\141\164\145\162\040\115\141\156\143\150\145\163\164\145\162
+\061\020\060\016\006\003\125\004\007\023\007\123\141\154\146\157
+\162\144\061\032\060\030\006\003\125\004\012\023\021\103\117\115
+\117\104\117\040\103\101\040\114\151\155\151\164\145\144\061\053
+\060\051\006\003\125\004\003\023\042\103\117\115\117\104\117\040
+\105\103\103\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\060\166\060\020\006
+\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042\003
+\142\000\004\003\107\173\057\165\311\202\025\205\373\165\344\221
+\026\324\253\142\231\365\076\122\013\006\316\101\000\177\227\341
+\012\044\074\035\001\004\356\075\322\215\011\227\014\340\165\344
+\372\373\167\212\052\365\003\140\113\066\213\026\043\026\255\011
+\161\364\112\364\050\120\264\376\210\034\156\077\154\057\057\011
+\131\133\245\133\013\063\231\342\303\075\211\371\152\054\357\262
+\323\006\351\243\102\060\100\060\035\006\003\125\035\016\004\026
+\004\024\165\161\247\031\110\031\274\235\235\352\101\107\337\224
+\304\110\167\231\323\171\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\012\006\010\052\206\110\316\075
+\004\003\003\003\150\000\060\145\002\061\000\357\003\133\172\254
+\267\170\012\162\267\210\337\377\265\106\024\011\012\372\240\346
+\175\010\306\032\207\275\030\250\163\275\046\312\140\014\235\316
+\231\237\317\134\017\060\341\276\024\061\352\002\060\024\364\223
+\074\111\247\063\172\220\106\107\263\143\175\023\233\116\267\157
+\030\067\200\123\376\335\040\340\065\232\066\321\307\001\271\346
+\334\335\363\377\035\054\072\026\127\331\222\071\326
+END
+
+# Trust for Certificate "COMODO ECC Certification Authority"
+# Issuer: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number:1f:47:af:aa:62:00:70:50:54:4c:01:9e:9b:63:99:2a
+# Subject: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Thu Mar 06 00:00:00 2008
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 7C:62:FF:74:9D:31:53:5E:68:4A:D5:78:AA:1E:BF:23
+# Fingerprint (SHA1): 9F:74:4E:9F:2B:4D:BA:EC:0F:31:2C:50:B6:56:3B:8E:2D:93:C3:11
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "COMODO ECC Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\237\164\116\237\053\115\272\354\017\061\054\120\266\126\073\216
+\055\223\303\021
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\174\142\377\164\235\061\123\136\150\112\325\170\252\036\277\043
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\053\060\051\006
+\003\125\004\003\023\042\103\117\115\117\104\117\040\105\103\103
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\037\107\257\252\142\000\160\120\124\114\001\236\233\143
+\231\052
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "MD5 Collisions Forged Rogue CA 25c3"
+#
+# Issuer: CN=Equifax Secure Global eBusiness CA-1,O=Equifax Secure Inc.,C=US
+# Serial Number: 66 (0x42)
+# Subject: CN=MD5 Collisions Inc. (http://www.phreedom.org/md5)
+# Not Valid Before: Sat Jul 31 00:00:01 2004
+# Not Valid After : Thu Sep 02 00:00:01 2004
+# Fingerprint (MD5): 16:7A:13:15:B9:17:39:A3:F1:05:6A:E6:3E:D9:3A:38
+# Fingerprint (SHA1): 64:23:13:7E:5C:53:D6:4A:A6:64:85:ED:36:54:F5:AB:05:5A:8B:8A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "MD5 Collisions Forged Rogue CA 25c3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\074\061\072\060\070\006\003\125\004\003\023\061\115\104\065
+\040\103\157\154\154\151\163\151\157\156\163\040\111\156\143\056
+\040\050\150\164\164\160\072\057\057\167\167\167\056\160\150\162
+\145\145\144\157\155\056\157\162\147\057\155\144\065\051
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
+\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
+\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
+\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
+\165\163\151\156\145\163\163\040\103\101\055\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\102
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\062\060\202\003\233\240\003\002\001\002\002\001\102
+\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
+\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
+\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
+\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053
+\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123
+\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165
+\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\060
+\064\060\067\063\061\060\060\060\060\060\061\132\027\015\060\064
+\060\071\060\062\060\060\060\060\060\061\132\060\074\061\072\060
+\070\006\003\125\004\003\023\061\115\104\065\040\103\157\154\154
+\151\163\151\157\156\163\040\111\156\143\056\040\050\150\164\164
+\160\072\057\057\167\167\167\056\160\150\162\145\145\144\157\155
+\056\157\162\147\057\155\144\065\051\060\201\237\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
+\201\211\002\201\201\000\272\246\131\311\054\050\326\052\260\370
+\355\237\106\244\244\067\356\016\031\150\131\321\263\003\231\121
+\326\026\232\136\067\153\025\340\016\113\365\204\144\370\243\333
+\101\157\065\325\233\025\037\333\304\070\122\160\201\227\136\217
+\240\265\367\176\071\360\062\254\036\255\104\322\263\372\110\303
+\316\221\233\354\364\234\174\341\132\365\310\067\153\232\203\336
+\347\312\040\227\061\102\163\025\221\150\364\210\257\371\050\050
+\305\351\017\163\260\027\113\023\114\231\165\320\104\346\176\010
+\154\032\362\117\033\101\002\003\001\000\001\243\202\002\044\060
+\202\002\040\060\013\006\003\125\035\017\004\004\003\002\001\306
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\035\006\003\125\035\016\004\026\004\024\247\004\140\037
+\253\162\103\010\305\177\010\220\125\126\034\326\316\346\070\353
+\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250\240
+\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150
+\154\060\202\001\276\006\011\140\206\110\001\206\370\102\001\015
+\004\202\001\257\026\202\001\253\063\000\000\000\047\136\071\340
+\211\141\017\116\243\305\105\013\066\273\001\321\123\252\303\010
+\217\157\370\117\076\207\207\104\021\334\140\340\337\222\125\371
+\270\163\033\124\223\305\237\320\106\304\140\266\065\142\315\271
+\257\034\250\151\032\311\133\074\226\067\300\355\147\357\273\376
+\300\213\234\120\057\051\275\203\042\236\216\010\372\254\023\160
+\242\130\177\142\142\212\021\367\211\366\337\266\147\131\163\026
+\373\143\026\212\264\221\070\316\056\365\266\276\114\244\224\111
+\344\145\021\012\102\025\311\301\060\342\151\325\105\175\245\046
+\273\271\141\354\142\144\360\071\341\347\274\150\330\120\121\236
+\035\140\323\321\243\247\012\370\003\040\241\160\001\027\221\066
+\117\002\160\061\206\203\335\367\017\330\007\035\021\263\023\004
+\245\334\360\256\120\261\050\016\143\151\052\014\202\157\217\107
+\063\337\154\242\006\222\361\117\105\276\331\060\066\243\053\214
+\326\167\256\065\143\177\116\114\232\223\110\066\331\237\002\003
+\001\000\001\243\201\275\060\201\272\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\004\360\060\035\006\003\125\035\016
+\004\026\004\024\315\246\203\372\245\140\067\367\226\067\027\051
+\336\101\170\361\207\211\125\347\060\073\006\003\125\035\037\004
+\064\060\062\060\060\240\056\240\054\206\052\150\164\164\160\072
+\057\057\143\162\154\056\147\145\157\164\162\165\163\164\056\143
+\157\155\057\143\162\154\163\057\147\154\157\142\141\154\143\141
+\061\056\143\162\154\060\037\006\003\125\035\043\004\030\060\026
+\200\024\276\250\240\164\162\120\153\104\267\311\043\330\373\250
+\377\263\127\153\150\154\060\035\006\003\125\035\045\004\026\060
+\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\002\060\014\006\003\125\035\023\001\001\377\004
+\002\060\000\060\015\006\011\052\206\110\206\367\015\001\001\004
+\005\000\003\201\201\000\247\041\002\215\321\016\242\200\167\045
+\375\103\140\025\217\354\357\220\107\324\204\102\025\046\021\034
+\315\302\074\020\051\251\266\337\253\127\165\221\332\345\053\263
+\220\105\034\060\143\126\077\212\331\120\372\355\130\154\300\145
+\254\146\127\336\034\306\166\073\365\000\016\216\105\316\177\114
+\220\354\053\306\315\263\264\217\142\320\376\267\305\046\162\104
+\355\366\230\133\256\313\321\225\365\332\010\276\150\106\261\165
+\310\354\035\217\036\172\224\361\252\123\170\242\105\256\124\352
+\321\236\164\310\166\147
+END
+
+# Trust for Certificate "MD5 Collisions Forged Rogue CA 25c3"
+# Issuer: CN=Equifax Secure Global eBusiness CA-1,O=Equifax Secure Inc.,C=US
+# Serial Number: 66 (0x42)
+# Subject: CN=MD5 Collisions Inc. (http://www.phreedom.org/md5)
+# Not Valid Before: Sat Jul 31 00:00:01 2004
+# Not Valid After : Thu Sep 02 00:00:01 2004
+# Fingerprint (MD5): 16:7A:13:15:B9:17:39:A3:F1:05:6A:E6:3E:D9:3A:38
+# Fingerprint (SHA1): 64:23:13:7E:5C:53:D6:4A:A6:64:85:ED:36:54:F5:AB:05:5A:8B:8A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "MD5 Collisions Forged Rogue CA 25c3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\144\043\023\176\134\123\326\112\246\144\205\355\066\124\365\253
+\005\132\213\212
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\026\172\023\025\271\027\071\243\361\005\152\346\076\331\072\070
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
+\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
+\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
+\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
+\165\163\151\156\145\163\163\040\103\101\055\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\102
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Distrust "Distrusted AC DG Tresor SSL"
+# Issuer: CN=AC DGTPE Signature Authentification,O=DGTPE,C=FR
+# Serial Number: 204199 (0x31da7)
+# Subject: CN=AC DG Tr..sor SSL,O=DG Tr..sor,C=FR
+# Not Valid Before: Thu Jul 18 10:05:28 2013
+# Not Valid After : Fri Jul 18 10:05:28 2014
+# Fingerprint (MD5): 3A:EA:9E:FC:00:0C:E2:06:6C:E0:AC:39:C1:31:DE:C8
+# Fingerprint (SHA1): 5C:E3:39:46:5F:41:A1:E4:23:14:9F:65:54:40:95:40:4D:E6:EB:E2
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Distrusted AC DG Tresor SSL"
+CKA_ISSUER MULTILINE_OCTAL
+\060\113\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\016\060\014\006\003\125\004\012\023\005\104\107\124\120\105\061
+\054\060\052\006\003\125\004\003\023\043\101\103\040\104\107\124
+\120\105\040\123\151\147\156\141\164\165\162\145\040\101\165\164
+\150\145\156\164\151\146\151\143\141\164\151\157\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\003\035\247
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Security Communication EV RootCA1"
+#
+# Issuer: OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Serial Number: 0 (0x0)
+# Subject: OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Not Valid Before: Wed Jun 06 02:12:32 2007
+# Not Valid After : Sat Jun 06 02:12:32 2037
+# Fingerprint (MD5): 22:2D:A6:01:EA:7C:0A:F7:F0:6C:56:43:3F:77:76:D3
+# Fingerprint (SHA1): FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Security Communication EV RootCA1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\140\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040
+\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117
+\056\054\114\124\104\056\061\052\060\050\006\003\125\004\013\023
+\041\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156
+\151\143\141\164\151\157\156\040\105\126\040\122\157\157\164\103
+\101\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\140\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040
+\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117
+\056\054\114\124\104\056\061\052\060\050\006\003\125\004\013\023
+\041\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156
+\151\143\141\164\151\157\156\040\105\126\040\122\157\157\164\103
+\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\175\060\202\002\145\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\140\061\013\060\011\006\003\125\004\006\023\002\112\120\061\045
+\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040\124
+\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117\056
+\054\114\124\104\056\061\052\060\050\006\003\125\004\013\023\041
+\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156\151
+\143\141\164\151\157\156\040\105\126\040\122\157\157\164\103\101
+\061\060\036\027\015\060\067\060\066\060\066\060\062\061\062\063
+\062\132\027\015\063\067\060\066\060\066\060\062\061\062\063\062
+\132\060\140\061\013\060\011\006\003\125\004\006\023\002\112\120
+\061\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115
+\040\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103
+\117\056\054\114\124\104\056\061\052\060\050\006\003\125\004\013
+\023\041\123\145\143\165\162\151\164\171\040\103\157\155\155\165
+\156\151\143\141\164\151\157\156\040\105\126\040\122\157\157\164
+\103\101\061\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\274\177\354\127\233\044\340\376\234\272\102\171
+\251\210\212\372\200\340\365\007\051\103\352\216\012\064\066\215
+\034\372\247\265\071\170\377\227\165\367\057\344\252\153\004\204
+\104\312\246\342\150\216\375\125\120\142\017\244\161\016\316\007
+\070\055\102\205\120\255\074\226\157\213\325\242\016\317\336\111
+\211\075\326\144\056\070\345\036\154\265\127\212\236\357\110\016
+\315\172\151\026\207\104\265\220\344\006\235\256\241\004\227\130
+\171\357\040\112\202\153\214\042\277\354\037\017\351\204\161\355
+\361\016\344\270\030\023\314\126\066\135\321\232\036\121\153\071
+\156\140\166\210\064\013\363\263\321\260\235\312\141\342\144\035
+\301\106\007\270\143\335\036\063\145\263\216\011\125\122\075\265
+\275\377\007\353\255\141\125\030\054\251\151\230\112\252\100\305
+\063\024\145\164\000\371\221\336\257\003\110\305\100\124\334\017
+\204\220\150\040\305\222\226\334\056\345\002\105\252\300\137\124
+\370\155\352\111\317\135\154\113\257\357\232\302\126\134\306\065
+\126\102\152\060\137\302\253\366\342\075\077\263\311\021\217\061
+\114\327\237\111\002\003\001\000\001\243\102\060\100\060\035\006
+\003\125\035\016\004\026\004\024\065\112\365\115\257\077\327\202
+\070\254\253\161\145\027\165\214\235\125\223\346\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
+\000\250\207\351\354\370\100\147\135\303\301\146\307\100\113\227
+\374\207\023\220\132\304\357\240\312\137\213\267\247\267\361\326
+\265\144\267\212\263\270\033\314\332\373\254\146\210\101\316\350
+\374\344\333\036\210\246\355\047\120\033\002\060\044\106\171\376
+\004\207\160\227\100\163\321\300\301\127\031\232\151\245\047\231
+\253\235\142\204\366\121\301\054\311\043\025\330\050\267\253\045
+\023\265\106\341\206\002\377\046\214\304\210\222\035\126\376\031
+\147\362\125\344\200\243\153\234\253\167\341\121\161\015\040\333
+\020\232\333\275\166\171\007\167\231\050\255\232\136\332\261\117
+\104\054\065\216\245\226\307\375\203\360\130\306\171\326\230\174
+\250\215\376\206\076\007\026\222\341\173\347\035\354\063\166\176
+\102\056\112\205\371\221\211\150\204\003\201\245\233\232\276\343
+\067\305\124\253\126\073\030\055\101\244\014\370\102\333\231\240
+\340\162\157\273\135\341\026\117\123\012\144\371\116\364\277\116
+\124\275\170\154\210\352\277\234\023\044\302\160\151\242\177\017
+\310\074\255\010\311\260\230\100\243\052\347\210\203\355\167\217
+\164
+END
+
+# Trust for Certificate "Security Communication EV RootCA1"
+# Issuer: OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Serial Number: 0 (0x0)
+# Subject: OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Not Valid Before: Wed Jun 06 02:12:32 2007
+# Not Valid After : Sat Jun 06 02:12:32 2037
+# Fingerprint (MD5): 22:2D:A6:01:EA:7C:0A:F7:F0:6C:56:43:3F:77:76:D3
+# Fingerprint (SHA1): FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Security Communication EV RootCA1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\376\270\304\062\334\371\166\232\316\256\075\330\220\217\375\050
+\206\145\144\175
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\042\055\246\001\352\174\012\367\360\154\126\103\077\167\166\323
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\140\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040
+\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117
+\056\054\114\124\104\056\061\052\060\050\006\003\125\004\013\023
+\041\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156
+\151\143\141\164\151\157\156\040\105\126\040\122\157\157\164\103
+\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "OISTE WISeKey Global Root GA CA"
+#
+# Issuer: CN=OISTE WISeKey Global Root GA CA,OU=OISTE Foundation Endorsed,OU=Copyright (c) 2005,O=WISeKey,C=CH
+# Serial Number:41:3d:72:c7:f4:6b:1f:81:43:7d:f1:d2:28:54:df:9a
+# Subject: CN=OISTE WISeKey Global Root GA CA,OU=OISTE Foundation Endorsed,OU=Copyright (c) 2005,O=WISeKey,C=CH
+# Not Valid Before: Sun Dec 11 16:03:44 2005
+# Not Valid After : Fri Dec 11 16:09:51 2037
+# Fingerprint (MD5): BC:6C:51:33:A7:E9:D3:66:63:54:15:72:1B:21:92:93
+# Fingerprint (SHA1): 59:22:A1:E1:5A:EA:16:35:21:F8:98:39:6A:46:46:B0:44:1B:0F:A9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OISTE WISeKey Global Root GA CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\212\061\013\060\011\006\003\125\004\006\023\002\103\110
+\061\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113
+\145\171\061\033\060\031\006\003\125\004\013\023\022\103\157\160
+\171\162\151\147\150\164\040\050\143\051\040\062\060\060\065\061
+\042\060\040\006\003\125\004\013\023\031\117\111\123\124\105\040
+\106\157\165\156\144\141\164\151\157\156\040\105\156\144\157\162
+\163\145\144\061\050\060\046\006\003\125\004\003\023\037\117\111
+\123\124\105\040\127\111\123\145\113\145\171\040\107\154\157\142
+\141\154\040\122\157\157\164\040\107\101\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\212\061\013\060\011\006\003\125\004\006\023\002\103\110
+\061\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113
+\145\171\061\033\060\031\006\003\125\004\013\023\022\103\157\160
+\171\162\151\147\150\164\040\050\143\051\040\062\060\060\065\061
+\042\060\040\006\003\125\004\013\023\031\117\111\123\124\105\040
+\106\157\165\156\144\141\164\151\157\156\040\105\156\144\157\162
+\163\145\144\061\050\060\046\006\003\125\004\003\023\037\117\111
+\123\124\105\040\127\111\123\145\113\145\171\040\107\154\157\142
+\141\154\040\122\157\157\164\040\107\101\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\101\075\162\307\364\153\037\201\103\175\361\322\050\124
+\337\232
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\361\060\202\002\331\240\003\002\001\002\002\020\101
+\075\162\307\364\153\037\201\103\175\361\322\050\124\337\232\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\212\061\013\060\011\006\003\125\004\006\023\002\103\110\061\020
+\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145\171
+\061\033\060\031\006\003\125\004\013\023\022\103\157\160\171\162
+\151\147\150\164\040\050\143\051\040\062\060\060\065\061\042\060
+\040\006\003\125\004\013\023\031\117\111\123\124\105\040\106\157
+\165\156\144\141\164\151\157\156\040\105\156\144\157\162\163\145
+\144\061\050\060\046\006\003\125\004\003\023\037\117\111\123\124
+\105\040\127\111\123\145\113\145\171\040\107\154\157\142\141\154
+\040\122\157\157\164\040\107\101\040\103\101\060\036\027\015\060
+\065\061\062\061\061\061\066\060\063\064\064\132\027\015\063\067
+\061\062\061\061\061\066\060\071\065\061\132\060\201\212\061\013
+\060\011\006\003\125\004\006\023\002\103\110\061\020\060\016\006
+\003\125\004\012\023\007\127\111\123\145\113\145\171\061\033\060
+\031\006\003\125\004\013\023\022\103\157\160\171\162\151\147\150
+\164\040\050\143\051\040\062\060\060\065\061\042\060\040\006\003
+\125\004\013\023\031\117\111\123\124\105\040\106\157\165\156\144
+\141\164\151\157\156\040\105\156\144\157\162\163\145\144\061\050
+\060\046\006\003\125\004\003\023\037\117\111\123\124\105\040\127
+\111\123\145\113\145\171\040\107\154\157\142\141\154\040\122\157
+\157\164\040\107\101\040\103\101\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\313\117\263\000\233\075\066
+\335\371\321\111\152\153\020\111\037\354\330\053\262\306\370\062
+\201\051\103\225\114\232\031\043\041\025\105\336\343\310\034\121
+\125\133\256\223\350\067\377\053\153\351\324\352\276\052\335\250
+\121\053\327\146\303\141\134\140\002\310\365\316\162\173\073\270
+\362\116\145\010\232\315\244\152\031\301\001\273\163\246\327\366
+\303\335\315\274\244\213\265\231\141\270\001\242\243\324\115\324
+\005\075\221\255\370\264\010\161\144\257\160\361\034\153\176\366
+\303\167\235\044\163\173\344\014\214\341\331\066\341\231\213\005
+\231\013\355\105\061\011\312\302\000\333\367\162\240\226\252\225
+\207\320\216\307\266\141\163\015\166\146\214\334\033\264\143\242
+\237\177\223\023\060\361\241\047\333\331\377\054\125\210\221\240
+\340\117\007\260\050\126\214\030\033\227\104\216\211\335\340\027
+\156\347\052\357\217\071\012\061\204\202\330\100\024\111\056\172
+\101\344\247\376\343\144\314\301\131\161\113\054\041\247\133\175
+\340\035\321\056\201\233\303\330\150\367\275\226\033\254\160\261
+\026\024\013\333\140\271\046\001\005\002\003\001\000\001\243\121
+\060\117\060\013\006\003\125\035\017\004\004\003\002\001\206\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\035\006\003\125\035\016\004\026\004\024\263\003\176\256\066
+\274\260\171\321\334\224\046\266\021\276\041\262\151\206\224\060
+\020\006\011\053\006\001\004\001\202\067\025\001\004\003\002\001
+\000\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\003\202\001\001\000\113\241\377\013\207\156\263\371\301\103\261
+\110\363\050\300\035\056\311\011\101\372\224\000\034\244\244\253
+\111\117\217\075\036\357\115\157\275\274\244\366\362\046\060\311
+\020\312\035\210\373\164\031\037\205\105\275\260\154\121\371\066
+\176\333\365\114\062\072\101\117\133\107\317\350\013\055\266\304
+\031\235\164\305\107\306\073\152\017\254\024\333\074\364\163\234
+\251\005\337\000\334\164\170\372\370\065\140\131\002\023\030\174
+\274\373\115\260\040\155\103\273\140\060\172\147\063\134\305\231
+\321\370\055\071\122\163\373\214\252\227\045\134\162\331\010\036
+\253\116\074\343\201\061\237\003\246\373\300\376\051\210\125\332
+\204\325\120\003\266\342\204\243\246\066\252\021\072\001\341\030
+\113\326\104\150\263\075\371\123\164\204\263\106\221\106\226\000
+\267\200\054\266\341\343\020\342\333\242\347\050\217\001\226\142
+\026\076\000\343\034\245\066\201\030\242\114\122\166\300\021\243
+\156\346\035\272\343\132\276\066\123\305\076\165\217\206\151\051
+\130\123\265\234\273\157\237\134\305\030\354\335\057\341\230\311
+\374\276\337\012\015
+END
+
+# Trust for Certificate "OISTE WISeKey Global Root GA CA"
+# Issuer: CN=OISTE WISeKey Global Root GA CA,OU=OISTE Foundation Endorsed,OU=Copyright (c) 2005,O=WISeKey,C=CH
+# Serial Number:41:3d:72:c7:f4:6b:1f:81:43:7d:f1:d2:28:54:df:9a
+# Subject: CN=OISTE WISeKey Global Root GA CA,OU=OISTE Foundation Endorsed,OU=Copyright (c) 2005,O=WISeKey,C=CH
+# Not Valid Before: Sun Dec 11 16:03:44 2005
+# Not Valid After : Fri Dec 11 16:09:51 2037
+# Fingerprint (MD5): BC:6C:51:33:A7:E9:D3:66:63:54:15:72:1B:21:92:93
+# Fingerprint (SHA1): 59:22:A1:E1:5A:EA:16:35:21:F8:98:39:6A:46:46:B0:44:1B:0F:A9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OISTE WISeKey Global Root GA CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\131\042\241\341\132\352\026\065\041\370\230\071\152\106\106\260
+\104\033\017\251
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\274\154\121\063\247\351\323\146\143\124\025\162\033\041\222\223
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\212\061\013\060\011\006\003\125\004\006\023\002\103\110
+\061\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113
+\145\171\061\033\060\031\006\003\125\004\013\023\022\103\157\160
+\171\162\151\147\150\164\040\050\143\051\040\062\060\060\065\061
+\042\060\040\006\003\125\004\013\023\031\117\111\123\124\105\040
+\106\157\165\156\144\141\164\151\157\156\040\105\156\144\157\162
+\163\145\144\061\050\060\046\006\003\125\004\003\023\037\117\111
+\123\124\105\040\127\111\123\145\113\145\171\040\107\154\157\142
+\141\154\040\122\157\157\164\040\107\101\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\101\075\162\307\364\153\037\201\103\175\361\322\050\124
+\337\232
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certigna"
+#
+# Issuer: CN=Certigna,O=Dhimyotis,C=FR
+# Serial Number:00:fe:dc:e3:01:0f:c9:48:ff
+# Subject: CN=Certigna,O=Dhimyotis,C=FR
+# Not Valid Before: Fri Jun 29 15:13:05 2007
+# Not Valid After : Tue Jun 29 15:13:05 2027
+# Fingerprint (MD5): AB:57:A6:5B:7D:42:82:19:B5:D8:58:26:28:5E:FD:FF
+# Fingerprint (SHA1): B1:2E:13:63:45:86:A4:6F:1A:B2:60:68:37:58:2D:C4:AC:FD:94:97
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certigna"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\064\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157
+\164\151\163\061\021\060\017\006\003\125\004\003\014\010\103\145
+\162\164\151\147\156\141
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\064\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157
+\164\151\163\061\021\060\017\006\003\125\004\003\014\010\103\145
+\162\164\151\147\156\141
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\376\334\343\001\017\311\110\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\250\060\202\002\220\240\003\002\001\002\002\011\000
+\376\334\343\001\017\311\110\377\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\060\064\061\013\060\011\006\003\125
+\004\006\023\002\106\122\061\022\060\020\006\003\125\004\012\014
+\011\104\150\151\155\171\157\164\151\163\061\021\060\017\006\003
+\125\004\003\014\010\103\145\162\164\151\147\156\141\060\036\027
+\015\060\067\060\066\062\071\061\065\061\063\060\065\132\027\015
+\062\067\060\066\062\071\061\065\061\063\060\065\132\060\064\061
+\013\060\011\006\003\125\004\006\023\002\106\122\061\022\060\020
+\006\003\125\004\012\014\011\104\150\151\155\171\157\164\151\163
+\061\021\060\017\006\003\125\004\003\014\010\103\145\162\164\151
+\147\156\141\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\310\150\361\311\326\326\263\064\165\046\202\036
+\354\264\276\352\134\341\046\355\021\107\141\341\242\174\026\170
+\100\041\344\140\236\132\310\143\341\304\261\226\222\377\030\155
+\151\043\341\053\142\367\335\342\066\057\221\007\271\110\317\016
+\354\171\266\054\347\064\113\160\010\045\243\074\207\033\031\362
+\201\007\017\070\220\031\323\021\376\206\264\362\321\136\036\036
+\226\315\200\154\316\073\061\223\266\362\240\320\251\225\022\175
+\245\232\314\153\310\204\126\212\063\251\347\042\025\123\026\360
+\314\027\354\127\137\351\242\012\230\011\336\343\137\234\157\334
+\110\343\205\013\025\132\246\272\237\254\110\343\011\262\367\364
+\062\336\136\064\276\034\170\135\102\133\316\016\042\217\115\220
+\327\175\062\030\263\013\054\152\277\216\077\024\021\211\040\016
+\167\024\265\075\224\010\207\367\045\036\325\262\140\000\354\157
+\052\050\045\156\052\076\030\143\027\045\077\076\104\040\026\366
+\046\310\045\256\005\112\264\347\143\054\363\214\026\123\176\134
+\373\021\032\010\301\106\142\237\042\270\361\302\215\151\334\372
+\072\130\006\337\002\003\001\000\001\243\201\274\060\201\271\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\035\006\003\125\035\016\004\026\004\024\032\355\376\101\071
+\220\264\044\131\276\001\362\122\325\105\366\132\071\334\021\060
+\144\006\003\125\035\043\004\135\060\133\200\024\032\355\376\101
+\071\220\264\044\131\276\001\362\122\325\105\366\132\071\334\021
+\241\070\244\066\060\064\061\013\060\011\006\003\125\004\006\023
+\002\106\122\061\022\060\020\006\003\125\004\012\014\011\104\150
+\151\155\171\157\164\151\163\061\021\060\017\006\003\125\004\003
+\014\010\103\145\162\164\151\147\156\141\202\011\000\376\334\343
+\001\017\311\110\377\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\021\006\011\140\206\110\001\206\370\102
+\001\001\004\004\003\002\000\007\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\001\001\000\205\003\036\222
+\161\366\102\257\341\243\141\236\353\363\300\017\362\245\324\332
+\225\346\326\276\150\066\075\176\156\037\114\212\357\321\017\041
+\155\136\245\122\143\316\022\370\357\052\332\157\353\067\376\023
+\002\307\313\073\076\042\153\332\141\056\177\324\162\075\335\060
+\341\036\114\100\031\214\017\327\234\321\203\060\173\230\131\334
+\175\306\271\014\051\114\241\063\242\353\147\072\145\204\323\226
+\342\355\166\105\160\217\265\053\336\371\043\326\111\156\074\024
+\265\306\237\065\036\120\320\301\217\152\160\104\002\142\313\256
+\035\150\101\247\252\127\350\123\252\007\322\006\366\325\024\006
+\013\221\003\165\054\154\162\265\141\225\232\015\213\271\015\347
+\365\337\124\315\336\346\330\326\011\010\227\143\345\301\056\260
+\267\104\046\300\046\300\257\125\060\236\073\325\066\052\031\004
+\364\134\036\377\317\054\267\377\320\375\207\100\021\325\021\043
+\273\110\300\041\251\244\050\055\375\025\370\260\116\053\364\060
+\133\041\374\021\221\064\276\101\357\173\235\227\165\377\227\225
+\300\226\130\057\352\273\106\327\273\344\331\056
+END
+
+# Trust for Certificate "Certigna"
+# Issuer: CN=Certigna,O=Dhimyotis,C=FR
+# Serial Number:00:fe:dc:e3:01:0f:c9:48:ff
+# Subject: CN=Certigna,O=Dhimyotis,C=FR
+# Not Valid Before: Fri Jun 29 15:13:05 2007
+# Not Valid After : Tue Jun 29 15:13:05 2027
+# Fingerprint (MD5): AB:57:A6:5B:7D:42:82:19:B5:D8:58:26:28:5E:FD:FF
+# Fingerprint (SHA1): B1:2E:13:63:45:86:A4:6F:1A:B2:60:68:37:58:2D:C4:AC:FD:94:97
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certigna"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\261\056\023\143\105\206\244\157\032\262\140\150\067\130\055\304
+\254\375\224\227
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\253\127\246\133\175\102\202\031\265\330\130\046\050\136\375\377
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\064\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157
+\164\151\163\061\021\060\017\006\003\125\004\003\014\010\103\145
+\162\164\151\147\156\141
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\376\334\343\001\017\311\110\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AC Raiz Certicamara S.A."
+#
+# Issuer: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
+# Serial Number:07:7e:52:93:7b:e0:15:e3:57:f0:69:8c:cb:ec:0c
+# Subject: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
+# Not Valid Before: Mon Nov 27 20:46:29 2006
+# Not Valid After : Tue Apr 02 21:42:02 2030
+# Fingerprint (MD5): 93:2A:3E:F6:FD:23:69:0D:71:20:D4:2B:47:99:2B:A6
+# Fingerprint (SHA1): CB:A1:C5:F8:B0:E3:5E:B8:B9:45:12:D3:F9:34:A2:E9:06:10:D3:36
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AC Ra\xC3\xADz Certic\xC3\xA1mara S.A."
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\173\061\013\060\011\006\003\125\004\006\023\002\103\117\061
+\107\060\105\006\003\125\004\012\014\076\123\157\143\151\145\144
+\141\144\040\103\141\155\145\162\141\154\040\144\145\040\103\145
+\162\164\151\146\151\143\141\143\151\303\263\156\040\104\151\147
+\151\164\141\154\040\055\040\103\145\162\164\151\143\303\241\155
+\141\162\141\040\123\056\101\056\061\043\060\041\006\003\125\004
+\003\014\032\101\103\040\122\141\303\255\172\040\103\145\162\164
+\151\143\303\241\155\141\162\141\040\123\056\101\056
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\173\061\013\060\011\006\003\125\004\006\023\002\103\117\061
+\107\060\105\006\003\125\004\012\014\076\123\157\143\151\145\144
+\141\144\040\103\141\155\145\162\141\154\040\144\145\040\103\145
+\162\164\151\146\151\143\141\143\151\303\263\156\040\104\151\147
+\151\164\141\154\040\055\040\103\145\162\164\151\143\303\241\155
+\141\162\141\040\123\056\101\056\061\043\060\041\006\003\125\004
+\003\014\032\101\103\040\122\141\303\255\172\040\103\145\162\164
+\151\143\303\241\155\141\162\141\040\123\056\101\056
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\017\007\176\122\223\173\340\025\343\127\360\151\214\313\354
+\014
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\146\060\202\004\116\240\003\002\001\002\002\017\007
+\176\122\223\173\340\025\343\127\360\151\214\313\354\014\060\015
+\006\011\052\206\110\206\367\015\001\001\005\005\000\060\173\061
+\013\060\011\006\003\125\004\006\023\002\103\117\061\107\060\105
+\006\003\125\004\012\014\076\123\157\143\151\145\144\141\144\040
+\103\141\155\145\162\141\154\040\144\145\040\103\145\162\164\151
+\146\151\143\141\143\151\303\263\156\040\104\151\147\151\164\141
+\154\040\055\040\103\145\162\164\151\143\303\241\155\141\162\141
+\040\123\056\101\056\061\043\060\041\006\003\125\004\003\014\032
+\101\103\040\122\141\303\255\172\040\103\145\162\164\151\143\303
+\241\155\141\162\141\040\123\056\101\056\060\036\027\015\060\066
+\061\061\062\067\062\060\064\066\062\071\132\027\015\063\060\060
+\064\060\062\062\061\064\062\060\062\132\060\173\061\013\060\011
+\006\003\125\004\006\023\002\103\117\061\107\060\105\006\003\125
+\004\012\014\076\123\157\143\151\145\144\141\144\040\103\141\155
+\145\162\141\154\040\144\145\040\103\145\162\164\151\146\151\143
+\141\143\151\303\263\156\040\104\151\147\151\164\141\154\040\055
+\040\103\145\162\164\151\143\303\241\155\141\162\141\040\123\056
+\101\056\061\043\060\041\006\003\125\004\003\014\032\101\103\040
+\122\141\303\255\172\040\103\145\162\164\151\143\303\241\155\141
+\162\141\040\123\056\101\056\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\253\153\211\243\123\314\110\043
+\010\373\303\317\121\226\010\056\270\010\172\155\074\220\027\206
+\251\351\355\056\023\064\107\262\320\160\334\311\074\320\215\312
+\356\113\027\253\320\205\260\247\043\004\313\250\242\374\345\165
+\333\100\312\142\211\217\120\236\001\075\046\133\030\204\034\313
+\174\067\267\175\354\323\177\163\031\260\152\262\330\210\212\055
+\105\164\250\367\263\270\300\324\332\315\042\211\164\115\132\025
+\071\163\030\164\117\265\353\231\247\301\036\210\264\302\223\220
+\143\227\363\247\247\022\262\011\042\007\063\331\221\315\016\234
+\037\016\040\307\356\273\063\215\217\302\322\130\247\137\375\145
+\067\342\210\302\330\217\206\165\136\371\055\247\207\063\362\170
+\067\057\213\274\035\206\067\071\261\224\362\330\274\112\234\203
+\030\132\006\374\363\324\324\272\214\025\011\045\360\371\266\215
+\004\176\027\022\063\153\127\110\114\117\333\046\036\353\314\220
+\347\213\371\150\174\160\017\243\052\320\072\070\337\067\227\342
+\133\336\200\141\323\200\330\221\203\102\132\114\004\211\150\021
+\074\254\137\150\200\101\314\140\102\316\015\132\052\014\017\233
+\060\300\246\360\206\333\253\111\327\227\155\110\213\371\003\300
+\122\147\233\022\367\302\362\056\230\145\102\331\326\232\343\320
+\031\061\014\255\207\325\127\002\172\060\350\206\046\373\217\043
+\212\124\207\344\277\074\356\353\303\165\110\137\036\071\157\201
+\142\154\305\055\304\027\124\031\267\067\215\234\067\221\310\366
+\013\325\352\143\157\203\254\070\302\363\077\336\232\373\341\043
+\141\360\310\046\313\066\310\241\363\060\217\244\243\242\241\335
+\123\263\336\360\232\062\037\203\221\171\060\301\251\037\123\233
+\123\242\025\123\077\335\235\263\020\073\110\175\211\017\374\355
+\003\365\373\045\144\165\016\027\031\015\217\000\026\147\171\172
+\100\374\055\131\007\331\220\372\232\255\075\334\200\212\346\134
+\065\242\147\114\021\153\261\370\200\144\000\055\157\042\141\305
+\254\113\046\345\132\020\202\233\244\203\173\064\367\236\211\221
+\040\227\216\267\102\307\146\303\320\351\244\326\365\040\215\304
+\303\225\254\104\012\235\133\163\074\046\075\057\112\276\247\311
+\247\020\036\373\237\120\151\363\002\003\001\000\001\243\201\346
+\060\201\343\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\321
+\011\320\351\327\316\171\164\124\371\072\060\263\364\155\054\003
+\003\033\150\060\201\240\006\003\125\035\040\004\201\230\060\201
+\225\060\201\222\006\004\125\035\040\000\060\201\211\060\053\006
+\010\053\006\001\005\005\007\002\001\026\037\150\164\164\160\072
+\057\057\167\167\167\056\143\145\162\164\151\143\141\155\141\162
+\141\056\143\157\155\057\144\160\143\057\060\132\006\010\053\006
+\001\005\005\007\002\002\060\116\032\114\114\151\155\151\164\141
+\143\151\157\156\145\163\040\144\145\040\147\141\162\141\156\164
+\355\141\163\040\144\145\040\145\163\164\145\040\143\145\162\164
+\151\146\151\143\141\144\157\040\163\145\040\160\165\145\144\145
+\156\040\145\156\143\157\156\164\162\141\162\040\145\156\040\154
+\141\040\104\120\103\056\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\002\001\000\134\224\265\270\105\221
+\115\216\141\037\003\050\017\123\174\346\244\131\251\263\212\172
+\305\260\377\010\174\054\243\161\034\041\023\147\241\225\022\100
+\065\203\203\217\164\333\063\134\360\111\166\012\201\122\335\111
+\324\232\062\063\357\233\247\313\165\345\172\313\227\022\220\134
+\272\173\305\233\337\273\071\043\310\377\230\316\012\115\042\001
+\110\007\176\212\300\325\040\102\224\104\357\277\167\242\211\147
+\110\033\100\003\005\241\211\354\317\142\343\075\045\166\146\277
+\046\267\273\042\276\157\377\071\127\164\272\172\311\001\225\301
+\225\121\350\253\054\370\261\206\040\351\077\313\065\133\322\027
+\351\052\376\203\023\027\100\356\210\142\145\133\325\073\140\351
+\173\074\270\311\325\177\066\002\045\252\150\302\061\025\267\060
+\145\353\177\035\110\171\261\317\071\342\102\200\026\323\365\223
+\043\374\114\227\311\132\067\154\174\042\330\112\315\322\216\066
+\203\071\221\220\020\310\361\311\065\176\077\270\323\201\306\040
+\144\032\266\120\302\041\244\170\334\320\057\073\144\223\164\360
+\226\220\361\357\373\011\132\064\100\226\360\066\022\301\243\164
+\214\223\176\101\336\167\213\354\206\331\322\017\077\055\321\314
+\100\242\211\146\110\036\040\263\234\043\131\163\251\104\163\274
+\044\171\220\126\067\263\306\051\176\243\017\361\051\071\357\176
+\134\050\062\160\065\254\332\270\310\165\146\374\233\114\071\107
+\216\033\157\233\115\002\124\042\063\357\141\272\236\051\204\357
+\116\113\063\107\166\227\152\313\176\137\375\025\246\236\102\103
+\133\146\132\212\210\015\367\026\271\077\121\145\053\146\152\213
+\321\070\122\242\326\106\021\372\374\232\034\164\236\217\227\013
+\002\117\144\306\365\150\323\113\055\377\244\067\036\213\077\277
+\104\276\141\106\241\204\075\010\047\114\201\040\167\211\010\352
+\147\100\136\154\010\121\137\064\132\214\226\150\315\327\367\211
+\302\034\323\062\000\257\122\313\323\140\133\052\072\107\176\153
+\060\063\241\142\051\177\112\271\341\055\347\024\043\016\016\030
+\107\341\171\374\025\125\320\261\374\045\161\143\165\063\034\043
+\053\257\134\331\355\107\167\140\016\073\017\036\322\300\334\144
+\005\211\374\170\326\134\054\046\103\251
+END
+
+# Trust for Certificate "AC Raiz Certicamara S.A."
+# Issuer: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
+# Serial Number:07:7e:52:93:7b:e0:15:e3:57:f0:69:8c:cb:ec:0c
+# Subject: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
+# Not Valid Before: Mon Nov 27 20:46:29 2006
+# Not Valid After : Tue Apr 02 21:42:02 2030
+# Fingerprint (MD5): 93:2A:3E:F6:FD:23:69:0D:71:20:D4:2B:47:99:2B:A6
+# Fingerprint (SHA1): CB:A1:C5:F8:B0:E3:5E:B8:B9:45:12:D3:F9:34:A2:E9:06:10:D3:36
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AC Ra\xC3\xADz Certic\xC3\xA1mara S.A."
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\313\241\305\370\260\343\136\270\271\105\022\323\371\064\242\351
+\006\020\323\066
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\223\052\076\366\375\043\151\015\161\040\324\053\107\231\053\246
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\173\061\013\060\011\006\003\125\004\006\023\002\103\117\061
+\107\060\105\006\003\125\004\012\014\076\123\157\143\151\145\144
+\141\144\040\103\141\155\145\162\141\154\040\144\145\040\103\145
+\162\164\151\146\151\143\141\143\151\303\263\156\040\104\151\147
+\151\164\141\154\040\055\040\103\145\162\164\151\143\303\241\155
+\141\162\141\040\123\056\101\056\061\043\060\041\006\003\125\004
+\003\014\032\101\103\040\122\141\303\255\172\040\103\145\162\164
+\151\143\303\241\155\141\162\141\040\123\056\101\056
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\017\007\176\122\223\173\340\025\343\127\360\151\214\313\354
+\014
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TC TrustCenter Class 3 CA II"
+#
+# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE
+# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf
+# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE
+# Not Valid Before: Thu Jan 12 14:41:57 2006
+# Not Valid After : Wed Dec 31 22:59:59 2025
+# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E
+# Fingerprint (SHA1): 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TC TrustCenter Class 3 CA II"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165
+\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060
+\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164
+\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103
+\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124
+\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163
+\040\063\040\103\101\040\111\111
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165
+\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060
+\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164
+\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103
+\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124
+\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163
+\040\063\040\103\101\040\111\111
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\016\112\107\000\001\000\002\345\240\135\326\077\000\121\277
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\252\060\202\003\222\240\003\002\001\002\002\016\112
+\107\000\001\000\002\345\240\135\326\077\000\121\277\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\060\166\061\013
+\060\011\006\003\125\004\006\023\002\104\105\061\034\060\032\006
+\003\125\004\012\023\023\124\103\040\124\162\165\163\164\103\145
+\156\164\145\162\040\107\155\142\110\061\042\060\040\006\003\125
+\004\013\023\031\124\103\040\124\162\165\163\164\103\145\156\164
+\145\162\040\103\154\141\163\163\040\063\040\103\101\061\045\060
+\043\006\003\125\004\003\023\034\124\103\040\124\162\165\163\164
+\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103
+\101\040\111\111\060\036\027\015\060\066\060\061\061\062\061\064
+\064\061\065\067\132\027\015\062\065\061\062\063\061\062\062\065
+\071\065\071\132\060\166\061\013\060\011\006\003\125\004\006\023
+\002\104\105\061\034\060\032\006\003\125\004\012\023\023\124\103
+\040\124\162\165\163\164\103\145\156\164\145\162\040\107\155\142
+\110\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124
+\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163
+\040\063\040\103\101\061\045\060\043\006\003\125\004\003\023\034
+\124\103\040\124\162\165\163\164\103\145\156\164\145\162\040\103
+\154\141\163\163\040\063\040\103\101\040\111\111\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\264\340\273
+\121\273\071\134\213\004\305\114\171\034\043\206\061\020\143\103
+\125\047\077\306\105\307\244\075\354\011\015\032\036\040\302\126
+\036\336\033\067\007\060\042\057\157\361\006\361\253\255\326\310
+\253\141\243\057\103\304\260\262\055\374\303\226\151\173\176\212
+\344\314\300\071\022\220\102\140\311\314\065\150\356\332\137\220
+\126\137\315\034\115\133\130\111\353\016\001\117\144\372\054\074
+\211\130\330\057\056\342\260\150\351\042\073\165\211\326\104\032
+\145\362\033\227\046\035\050\155\254\350\275\131\035\053\044\366
+\326\204\003\146\210\044\000\170\140\361\370\253\376\002\262\153
+\373\042\373\065\346\026\321\255\366\056\022\344\372\065\152\345
+\031\271\135\333\073\036\032\373\323\377\025\024\010\330\011\152
+\272\105\235\024\171\140\175\257\100\212\007\163\263\223\226\323
+\164\064\215\072\067\051\336\134\354\365\356\056\061\302\040\334
+\276\361\117\177\043\122\331\133\342\144\331\234\252\007\010\265
+\105\275\321\320\061\301\253\124\237\251\322\303\142\140\003\361
+\273\071\112\222\112\075\012\271\235\305\240\376\067\002\003\001
+\000\001\243\202\001\064\060\202\001\060\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125
+\035\016\004\026\004\024\324\242\374\237\263\303\330\003\323\127
+\134\007\244\320\044\247\300\362\000\324\060\201\355\006\003\125
+\035\037\004\201\345\060\201\342\060\201\337\240\201\334\240\201
+\331\206\065\150\164\164\160\072\057\057\167\167\167\056\164\162
+\165\163\164\143\145\156\164\145\162\056\144\145\057\143\162\154
+\057\166\062\057\164\143\137\143\154\141\163\163\137\063\137\143
+\141\137\111\111\056\143\162\154\206\201\237\154\144\141\160\072
+\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
+\162\056\144\145\057\103\116\075\124\103\045\062\060\124\162\165
+\163\164\103\145\156\164\145\162\045\062\060\103\154\141\163\163
+\045\062\060\063\045\062\060\103\101\045\062\060\111\111\054\117
+\075\124\103\045\062\060\124\162\165\163\164\103\145\156\164\145
+\162\045\062\060\107\155\142\110\054\117\125\075\162\157\157\164
+\143\145\162\164\163\054\104\103\075\164\162\165\163\164\143\145
+\156\164\145\162\054\104\103\075\144\145\077\143\145\162\164\151
+\146\151\143\141\164\145\122\145\166\157\143\141\164\151\157\156
+\114\151\163\164\077\142\141\163\145\077\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\001\001\000\066\140
+\344\160\367\006\040\103\331\043\032\102\362\370\243\262\271\115
+\212\264\363\302\232\125\061\174\304\073\147\232\264\337\115\016
+\212\223\112\027\213\033\215\312\211\341\317\072\036\254\035\361
+\234\062\264\216\131\166\242\101\205\045\067\240\023\320\365\174
+\116\325\352\226\342\156\162\301\273\052\376\154\156\370\221\230
+\106\374\311\033\127\133\352\310\032\073\077\260\121\230\074\007
+\332\054\131\001\332\213\104\350\341\164\375\247\150\335\124\272
+\203\106\354\310\106\265\370\257\227\300\073\011\034\217\316\162
+\226\075\063\126\160\274\226\313\330\325\175\040\232\203\237\032
+\334\071\361\305\162\243\021\003\375\073\102\122\051\333\350\001
+\367\233\136\214\326\215\206\116\031\372\274\034\276\305\041\245
+\207\236\170\056\066\333\011\161\243\162\064\370\154\343\006\011
+\362\136\126\245\323\335\230\372\324\346\006\364\360\266\040\143
+\113\352\051\275\252\202\146\036\373\201\252\247\067\255\023\030
+\346\222\303\201\301\063\273\210\036\241\347\342\264\275\061\154
+\016\121\075\157\373\226\126\200\342\066\027\321\334\344
+END
+
+# Trust for Certificate "TC TrustCenter Class 3 CA II"
+# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE
+# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf
+# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE
+# Not Valid Before: Thu Jan 12 14:41:57 2006
+# Not Valid After : Wed Dec 31 22:59:59 2025
+# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E
+# Fingerprint (SHA1): 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TC TrustCenter Class 3 CA II"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\200\045\357\364\156\160\310\324\162\044\145\204\376\100\073\212
+\215\152\333\365
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\126\137\252\200\141\022\027\366\147\041\346\053\155\141\126\216
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165
+\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060
+\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164
+\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103
+\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124
+\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163
+\040\063\040\103\101\040\111\111
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\016\112\107\000\001\000\002\345\240\135\326\077\000\121\277
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Deutsche Telekom Root CA 2"
+#
+# Issuer: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE
+# Serial Number: 38 (0x26)
+# Subject: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE
+# Not Valid Before: Fri Jul 09 12:11:00 1999
+# Not Valid After : Tue Jul 09 23:59:00 2019
+# Fingerprint (MD5): 74:01:4A:91:B1:08:C4:58:CE:47:CD:F0:DD:11:53:08
+# Fingerprint (SHA1): 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Deutsche Telekom Root CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\161\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143
+\150\145\040\124\145\154\145\153\157\155\040\101\107\061\037\060
+\035\006\003\125\004\013\023\026\124\055\124\145\154\145\123\145
+\143\040\124\162\165\163\164\040\103\145\156\164\145\162\061\043
+\060\041\006\003\125\004\003\023\032\104\145\165\164\163\143\150
+\145\040\124\145\154\145\153\157\155\040\122\157\157\164\040\103
+\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\161\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143
+\150\145\040\124\145\154\145\153\157\155\040\101\107\061\037\060
+\035\006\003\125\004\013\023\026\124\055\124\145\154\145\123\145
+\143\040\124\162\165\163\164\040\103\145\156\164\145\162\061\043
+\060\041\006\003\125\004\003\023\032\104\145\165\164\163\143\150
+\145\040\124\145\154\145\153\157\155\040\122\157\157\164\040\103
+\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\046
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\237\060\202\002\207\240\003\002\001\002\002\001\046
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\161\061\013\060\011\006\003\125\004\006\023\002\104\105\061\034
+\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143\150
+\145\040\124\145\154\145\153\157\155\040\101\107\061\037\060\035
+\006\003\125\004\013\023\026\124\055\124\145\154\145\123\145\143
+\040\124\162\165\163\164\040\103\145\156\164\145\162\061\043\060
+\041\006\003\125\004\003\023\032\104\145\165\164\163\143\150\145
+\040\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101
+\040\062\060\036\027\015\071\071\060\067\060\071\061\062\061\061
+\060\060\132\027\015\061\071\060\067\060\071\062\063\065\071\060
+\060\132\060\161\061\013\060\011\006\003\125\004\006\023\002\104
+\105\061\034\060\032\006\003\125\004\012\023\023\104\145\165\164
+\163\143\150\145\040\124\145\154\145\153\157\155\040\101\107\061
+\037\060\035\006\003\125\004\013\023\026\124\055\124\145\154\145
+\123\145\143\040\124\162\165\163\164\040\103\145\156\164\145\162
+\061\043\060\041\006\003\125\004\003\023\032\104\145\165\164\163
+\143\150\145\040\124\145\154\145\153\157\155\040\122\157\157\164
+\040\103\101\040\062\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\253\013\243\065\340\213\051\024\261\024
+\205\257\074\020\344\071\157\065\135\112\256\335\352\141\215\225
+\111\364\157\144\243\032\140\146\244\251\100\042\204\331\324\245
+\345\170\223\016\150\001\255\271\115\134\072\316\323\270\250\102
+\100\337\317\243\272\202\131\152\222\033\254\034\232\332\010\053
+\045\047\371\151\043\107\361\340\353\054\172\233\365\023\002\320
+\176\064\174\302\236\074\000\131\253\365\332\014\365\062\074\053
+\254\120\332\326\303\336\203\224\312\250\014\231\062\016\010\110
+\126\133\152\373\332\341\130\130\001\111\137\162\101\074\025\006
+\001\216\135\255\252\270\223\264\315\236\353\247\350\152\055\122
+\064\333\072\357\134\165\121\332\333\363\061\371\356\161\230\062
+\304\124\025\104\014\371\233\125\355\255\337\030\010\240\243\206
+\212\111\356\123\005\217\031\114\325\336\130\171\233\322\152\034
+\102\253\305\325\247\317\150\017\226\344\341\141\230\166\141\310
+\221\174\326\076\000\342\221\120\207\341\235\012\346\255\227\322
+\035\306\072\175\313\274\332\003\064\325\216\133\001\365\152\007
+\267\026\266\156\112\177\002\003\001\000\001\243\102\060\100\060
+\035\006\003\125\035\016\004\026\004\024\061\303\171\033\272\365
+\123\327\027\340\211\172\055\027\154\012\263\053\235\063\060\017
+\006\003\125\035\023\004\010\060\006\001\001\377\002\001\005\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\001\001\000\224\144\131\255\071\144\347\051\353\023\376\132\303
+\213\023\127\310\004\044\360\164\167\300\140\343\147\373\351\211
+\246\203\277\226\202\174\156\324\303\075\357\236\200\156\273\051
+\264\230\172\261\073\124\353\071\027\107\176\032\216\013\374\037
+\061\131\061\004\262\316\027\363\054\307\142\066\125\342\042\330
+\211\125\264\230\110\252\144\372\326\034\066\330\104\170\132\132
+\043\072\127\227\365\172\060\117\256\237\152\114\113\053\216\240
+\003\343\076\340\251\324\322\173\322\263\250\342\162\074\255\236
+\377\200\131\344\233\105\264\366\073\260\315\071\031\230\062\345
+\352\041\141\220\344\061\041\216\064\261\367\057\065\112\205\020
+\332\347\212\067\041\276\131\143\340\362\205\210\061\123\324\124
+\024\205\160\171\364\056\006\167\047\165\057\037\270\212\371\376
+\305\272\330\066\344\203\354\347\145\267\277\143\132\363\106\257
+\201\224\067\324\101\214\326\043\326\036\317\365\150\033\104\143
+\242\132\272\247\065\131\241\345\160\005\233\016\043\127\231\224
+\012\155\272\071\143\050\206\222\363\030\204\330\373\321\317\005
+\126\144\127
+END
+
+# Trust for Certificate "Deutsche Telekom Root CA 2"
+# Issuer: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE
+# Serial Number: 38 (0x26)
+# Subject: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE
+# Not Valid Before: Fri Jul 09 12:11:00 1999
+# Not Valid After : Tue Jul 09 23:59:00 2019
+# Fingerprint (MD5): 74:01:4A:91:B1:08:C4:58:CE:47:CD:F0:DD:11:53:08
+# Fingerprint (SHA1): 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Deutsche Telekom Root CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\205\244\010\300\234\031\076\135\121\130\175\315\326\023\060\375
+\214\336\067\277
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\164\001\112\221\261\010\304\130\316\107\315\360\335\021\123\010
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\161\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143
+\150\145\040\124\145\154\145\153\157\155\040\101\107\061\037\060
+\035\006\003\125\004\013\023\026\124\055\124\145\154\145\123\145
+\143\040\124\162\165\163\164\040\103\145\156\164\145\162\061\043
+\060\041\006\003\125\004\003\023\032\104\145\165\164\163\143\150
+\145\040\124\145\154\145\153\157\155\040\122\157\157\164\040\103
+\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\046
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "ComSign CA"
+#
+# Issuer: C=IL,O=ComSign,CN=ComSign CA
+# Serial Number:14:13:96:83:14:55:8c:ea:7b:63:e5:fc:34:87:77:44
+# Subject: C=IL,O=ComSign,CN=ComSign CA
+# Not Valid Before: Wed Mar 24 11:32:18 2004
+# Not Valid After : Mon Mar 19 15:02:18 2029
+# Fingerprint (MD5): CD:F4:39:F3:B5:18:50:D7:3E:A4:C5:91:A0:3E:21:4B
+# Fingerprint (SHA1): E1:A4:5B:14:1A:21:DA:1A:79:F4:1A:42:A9:61:D6:69:CD:06:34:C1
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ComSign CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\064\061\023\060\021\006\003\125\004\003\023\012\103\157\155
+\123\151\147\156\040\103\101\061\020\060\016\006\003\125\004\012
+\023\007\103\157\155\123\151\147\156\061\013\060\011\006\003\125
+\004\006\023\002\111\114
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\064\061\023\060\021\006\003\125\004\003\023\012\103\157\155
+\123\151\147\156\040\103\101\061\020\060\016\006\003\125\004\012
+\023\007\103\157\155\123\151\147\156\061\013\060\011\006\003\125
+\004\006\023\002\111\114
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\024\023\226\203\024\125\214\352\173\143\345\374\064\207
+\167\104
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\223\060\202\002\173\240\003\002\001\002\002\020\024
+\023\226\203\024\125\214\352\173\143\345\374\064\207\167\104\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\064
+\061\023\060\021\006\003\125\004\003\023\012\103\157\155\123\151
+\147\156\040\103\101\061\020\060\016\006\003\125\004\012\023\007
+\103\157\155\123\151\147\156\061\013\060\011\006\003\125\004\006
+\023\002\111\114\060\036\027\015\060\064\060\063\062\064\061\061
+\063\062\061\070\132\027\015\062\071\060\063\061\071\061\065\060
+\062\061\070\132\060\064\061\023\060\021\006\003\125\004\003\023
+\012\103\157\155\123\151\147\156\040\103\101\061\020\060\016\006
+\003\125\004\012\023\007\103\157\155\123\151\147\156\061\013\060
+\011\006\003\125\004\006\023\002\111\114\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\360\344\124\151\053
+\323\307\217\152\104\344\176\130\047\370\013\320\344\224\022\212
+\361\033\070\070\057\037\061\234\006\324\054\247\336\013\052\256
+\032\240\343\236\152\277\237\074\307\156\242\371\213\144\154\072
+\255\205\125\121\124\245\070\125\270\253\203\004\362\077\144\066
+\367\300\215\103\103\152\146\321\367\027\052\325\357\066\372\060
+\020\102\327\123\315\371\372\063\163\114\263\351\204\040\212\326
+\101\047\065\344\070\372\224\233\270\172\344\171\037\063\373\033
+\330\041\011\050\174\115\030\151\136\144\212\172\031\223\312\176
+\354\363\162\347\067\007\130\131\050\254\102\371\305\377\315\077
+\347\245\372\070\261\320\014\307\331\122\032\123\326\201\314\102
+\172\065\133\355\113\072\172\366\265\216\314\377\017\174\344\140
+\066\207\057\255\360\241\045\175\377\322\113\021\210\160\124\246
+\101\250\147\123\122\102\136\344\064\236\344\276\243\354\252\142
+\135\335\303\114\246\202\101\344\063\013\254\311\063\017\144\202
+\127\052\375\014\255\066\341\014\256\113\305\357\073\231\331\043
+\263\133\135\264\127\354\164\160\014\052\117\002\003\001\000\001
+\243\201\240\060\201\235\060\014\006\003\125\035\023\004\005\060
+\003\001\001\377\060\075\006\003\125\035\037\004\066\060\064\060
+\062\240\060\240\056\206\054\150\164\164\160\072\057\057\146\145
+\144\151\162\056\143\157\155\163\151\147\156\056\143\157\056\151
+\154\057\143\162\154\057\103\157\155\123\151\147\156\103\101\056
+\143\162\154\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\206\060\037\006\003\125\035\043\004\030\060\026\200\024
+\113\001\233\076\126\032\145\066\166\313\173\227\252\222\005\356
+\062\347\050\061\060\035\006\003\125\035\016\004\026\004\024\113
+\001\233\076\126\032\145\066\166\313\173\227\252\222\005\356\062
+\347\050\061\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\003\202\001\001\000\320\331\245\176\376\051\140\105\235
+\176\203\317\156\274\107\156\365\032\236\124\166\102\161\264\074
+\130\077\055\100\045\102\366\201\234\361\211\020\310\016\252\170
+\117\070\011\127\260\074\300\010\374\065\216\361\110\121\215\014
+\161\164\272\204\304\327\162\233\204\174\070\116\144\006\047\052
+\341\247\265\354\010\231\264\012\015\324\205\163\310\022\341\065
+\355\361\005\061\035\163\231\014\353\226\312\335\323\346\205\252
+\360\212\373\165\301\362\011\074\145\145\144\363\114\330\255\313
+\210\151\363\344\203\267\014\275\027\132\226\027\312\133\377\255
+\273\034\351\055\204\200\330\041\276\205\122\331\324\164\271\151
+\205\272\115\355\050\062\353\371\141\112\344\304\066\036\031\334
+\157\204\021\037\225\365\203\050\030\250\063\222\103\047\335\135
+\023\004\105\117\207\325\106\315\075\250\272\360\363\270\126\044
+\105\353\067\307\341\166\117\162\071\030\337\176\164\162\307\163
+\055\071\352\140\346\255\021\242\126\207\173\303\150\232\376\370
+\214\160\250\337\145\062\364\244\100\214\241\302\104\003\016\224
+\000\147\240\161\000\202\110
+END
+
+# Trust for Certificate "ComSign CA"
+# Issuer: C=IL,O=ComSign,CN=ComSign CA
+# Serial Number:14:13:96:83:14:55:8c:ea:7b:63:e5:fc:34:87:77:44
+# Subject: C=IL,O=ComSign,CN=ComSign CA
+# Not Valid Before: Wed Mar 24 11:32:18 2004
+# Not Valid After : Mon Mar 19 15:02:18 2029
+# Fingerprint (MD5): CD:F4:39:F3:B5:18:50:D7:3E:A4:C5:91:A0:3E:21:4B
+# Fingerprint (SHA1): E1:A4:5B:14:1A:21:DA:1A:79:F4:1A:42:A9:61:D6:69:CD:06:34:C1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ComSign CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\341\244\133\024\032\041\332\032\171\364\032\102\251\141\326\151
+\315\006\064\301
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\315\364\071\363\265\030\120\327\076\244\305\221\240\076\041\113
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\064\061\023\060\021\006\003\125\004\003\023\012\103\157\155
+\123\151\147\156\040\103\101\061\020\060\016\006\003\125\004\012
+\023\007\103\157\155\123\151\147\156\061\013\060\011\006\003\125
+\004\006\023\002\111\114
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\024\023\226\203\024\125\214\352\173\143\345\374\064\207
+\167\104
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "ComSign Secured CA"
+#
+# Issuer: C=IL,O=ComSign,CN=ComSign Secured CA
+# Serial Number:00:c7:28:47:09:b3:b8:6c:45:8c:1d:fa:24:f5:36:4e:e9
+# Subject: C=IL,O=ComSign,CN=ComSign Secured CA
+# Not Valid Before: Wed Mar 24 11:37:20 2004
+# Not Valid After : Fri Mar 16 15:04:56 2029
+# Fingerprint (MD5): 40:01:25:06:8D:21:43:6A:0E:43:00:9C:E7:43:F3:D5
+# Fingerprint (SHA1): F9:CD:0E:2C:DA:76:24:C1:8F:BD:F0:F0:AB:B6:45:B8:F7:FE:D5:7A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ComSign Secured CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\074\061\033\060\031\006\003\125\004\003\023\022\103\157\155
+\123\151\147\156\040\123\145\143\165\162\145\144\040\103\101\061
+\020\060\016\006\003\125\004\012\023\007\103\157\155\123\151\147
+\156\061\013\060\011\006\003\125\004\006\023\002\111\114
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\074\061\033\060\031\006\003\125\004\003\023\022\103\157\155
+\123\151\147\156\040\123\145\143\165\162\145\144\040\103\101\061
+\020\060\016\006\003\125\004\012\023\007\103\157\155\123\151\147
+\156\061\013\060\011\006\003\125\004\006\023\002\111\114
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\307\050\107\011\263\270\154\105\214\035\372\044\365
+\066\116\351
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\253\060\202\002\223\240\003\002\001\002\002\021\000
+\307\050\107\011\263\270\154\105\214\035\372\044\365\066\116\351
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\074\061\033\060\031\006\003\125\004\003\023\022\103\157\155\123
+\151\147\156\040\123\145\143\165\162\145\144\040\103\101\061\020
+\060\016\006\003\125\004\012\023\007\103\157\155\123\151\147\156
+\061\013\060\011\006\003\125\004\006\023\002\111\114\060\036\027
+\015\060\064\060\063\062\064\061\061\063\067\062\060\132\027\015
+\062\071\060\063\061\066\061\065\060\064\065\066\132\060\074\061
+\033\060\031\006\003\125\004\003\023\022\103\157\155\123\151\147
+\156\040\123\145\143\165\162\145\144\040\103\101\061\020\060\016
+\006\003\125\004\012\023\007\103\157\155\123\151\147\156\061\013
+\060\011\006\003\125\004\006\023\002\111\114\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\306\265\150\137
+\035\224\025\303\244\010\125\055\343\240\127\172\357\351\164\052
+\273\271\174\127\111\032\021\136\117\051\207\014\110\326\152\347
+\217\324\176\127\044\271\006\211\344\034\074\352\254\343\332\041
+\200\163\041\012\357\171\230\154\037\010\377\241\120\175\362\230
+\033\311\124\157\076\245\050\354\041\004\017\105\273\007\075\241
+\300\372\052\230\035\116\006\223\373\365\210\073\253\137\313\026
+\277\346\363\236\112\207\355\031\352\302\237\103\344\361\201\245
+\177\020\117\076\321\112\142\255\123\033\313\203\377\007\145\245
+\222\055\146\251\133\270\132\364\035\264\041\221\112\027\173\236
+\062\376\126\044\071\262\124\204\103\365\204\302\330\274\101\220
+\314\235\326\150\332\351\202\120\251\073\150\317\265\135\002\224
+\140\026\261\103\331\103\135\335\135\207\156\352\273\263\311\153
+\366\003\224\011\160\336\026\021\172\053\350\166\217\111\020\230
+\167\271\143\134\213\063\227\165\366\013\214\262\253\133\336\164
+\040\045\077\343\363\021\371\207\150\206\065\161\303\035\214\055
+\353\345\032\254\017\163\325\202\131\100\200\323\002\003\001\000
+\001\243\201\247\060\201\244\060\014\006\003\125\035\023\004\005
+\060\003\001\001\377\060\104\006\003\125\035\037\004\075\060\073
+\060\071\240\067\240\065\206\063\150\164\164\160\072\057\057\146
+\145\144\151\162\056\143\157\155\163\151\147\156\056\143\157\056
+\151\154\057\143\162\154\057\103\157\155\123\151\147\156\123\145
+\143\165\162\145\144\103\101\056\143\162\154\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\206\060\037\006\003\125
+\035\043\004\030\060\026\200\024\301\113\355\160\266\367\076\174
+\000\073\000\217\307\076\016\105\237\036\135\354\060\035\006\003
+\125\035\016\004\026\004\024\301\113\355\160\266\367\076\174\000
+\073\000\217\307\076\016\105\237\036\135\354\060\015\006\011\052
+\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000\026
+\317\356\222\023\120\253\173\024\236\063\266\102\040\152\324\025
+\275\011\253\374\162\350\357\107\172\220\254\121\301\144\116\351
+\210\275\103\105\201\343\146\043\077\022\206\115\031\344\005\260
+\346\067\302\215\332\006\050\311\017\211\244\123\251\165\077\260
+\226\373\253\114\063\125\371\170\046\106\157\033\066\230\373\102
+\166\301\202\271\216\336\373\105\371\143\033\142\073\071\006\312
+\167\172\250\074\011\317\154\066\075\017\012\105\113\151\026\032
+\105\175\063\003\145\371\122\161\220\046\225\254\114\014\365\213
+\223\077\314\165\164\205\230\272\377\142\172\115\037\211\376\256
+\275\224\000\231\277\021\245\334\340\171\305\026\013\175\002\141
+\035\352\205\371\002\025\117\347\132\211\116\024\157\343\067\113
+\205\365\301\074\141\340\375\005\101\262\222\177\303\035\240\320
+\256\122\144\140\153\030\306\046\234\330\365\144\344\066\032\142
+\237\212\017\076\377\155\116\031\126\116\040\221\154\237\064\063
+\072\064\127\120\072\157\201\136\006\306\365\076\174\116\216\053
+\316\145\006\056\135\322\052\123\164\136\323\156\047\236\217
+END
+
+# Trust for Certificate "ComSign Secured CA"
+# Issuer: C=IL,O=ComSign,CN=ComSign Secured CA
+# Serial Number:00:c7:28:47:09:b3:b8:6c:45:8c:1d:fa:24:f5:36:4e:e9
+# Subject: C=IL,O=ComSign,CN=ComSign Secured CA
+# Not Valid Before: Wed Mar 24 11:37:20 2004
+# Not Valid After : Fri Mar 16 15:04:56 2029
+# Fingerprint (MD5): 40:01:25:06:8D:21:43:6A:0E:43:00:9C:E7:43:F3:D5
+# Fingerprint (SHA1): F9:CD:0E:2C:DA:76:24:C1:8F:BD:F0:F0:AB:B6:45:B8:F7:FE:D5:7A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ComSign Secured CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\371\315\016\054\332\166\044\301\217\275\360\360\253\266\105\270
+\367\376\325\172
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\100\001\045\006\215\041\103\152\016\103\000\234\347\103\363\325
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\074\061\033\060\031\006\003\125\004\003\023\022\103\157\155
+\123\151\147\156\040\123\145\143\165\162\145\144\040\103\101\061
+\020\060\016\006\003\125\004\012\023\007\103\157\155\123\151\147
+\156\061\013\060\011\006\003\125\004\006\023\002\111\114
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\307\050\107\011\263\270\154\105\214\035\372\044\365
+\066\116\351
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Cybertrust Global Root"
+#
+# Issuer: CN=Cybertrust Global Root,O="Cybertrust, Inc"
+# Serial Number:04:00:00:00:00:01:0f:85:aa:2d:48
+# Subject: CN=Cybertrust Global Root,O="Cybertrust, Inc"
+# Not Valid Before: Fri Dec 15 08:00:00 2006
+# Not Valid After : Wed Dec 15 08:00:00 2021
+# Fingerprint (MD5): 72:E4:4A:87:E3:69:40:80:77:EA:BC:E3:F4:FF:F0:E1
+# Fingerprint (SHA1): 5F:43:E5:B1:BF:F8:78:8C:AC:1C:C7:CA:4A:9A:C6:22:2B:CC:34:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Cybertrust Global Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\073\061\030\060\026\006\003\125\004\012\023\017\103\171\142
+\145\162\164\162\165\163\164\054\040\111\156\143\061\037\060\035
+\006\003\125\004\003\023\026\103\171\142\145\162\164\162\165\163
+\164\040\107\154\157\142\141\154\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\073\061\030\060\026\006\003\125\004\012\023\017\103\171\142
+\145\162\164\162\165\163\164\054\040\111\156\143\061\037\060\035
+\006\003\125\004\003\023\026\103\171\142\145\162\164\162\165\163
+\164\040\107\154\157\142\141\154\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\017\205\252\055\110
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\241\060\202\002\211\240\003\002\001\002\002\013\004
+\000\000\000\000\001\017\205\252\055\110\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\060\073\061\030\060\026\006
+\003\125\004\012\023\017\103\171\142\145\162\164\162\165\163\164
+\054\040\111\156\143\061\037\060\035\006\003\125\004\003\023\026
+\103\171\142\145\162\164\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\060\036\027\015\060\066\061\062\061\065
+\060\070\060\060\060\060\132\027\015\062\061\061\062\061\065\060
+\070\060\060\060\060\132\060\073\061\030\060\026\006\003\125\004
+\012\023\017\103\171\142\145\162\164\162\165\163\164\054\040\111
+\156\143\061\037\060\035\006\003\125\004\003\023\026\103\171\142
+\145\162\164\162\165\163\164\040\107\154\157\142\141\154\040\122
+\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\370\310\274\275\024\120\146\023\377\360\323\171
+\354\043\362\267\032\307\216\205\361\022\163\246\031\252\020\333
+\234\242\145\164\132\167\076\121\175\126\366\334\043\266\324\355
+\137\130\261\067\115\325\111\016\156\365\152\207\326\322\214\322
+\047\306\342\377\066\237\230\145\240\023\116\306\052\144\233\325
+\220\022\317\024\006\364\073\343\324\050\276\350\016\370\253\116
+\110\224\155\216\225\061\020\134\355\242\055\275\325\072\155\262
+\034\273\140\300\106\113\001\365\111\256\176\106\212\320\164\215
+\241\014\002\316\356\374\347\217\270\153\146\363\177\104\000\277
+\146\045\024\053\335\020\060\035\007\226\077\115\366\153\270\217
+\267\173\014\245\070\353\336\107\333\325\135\071\374\210\247\363
+\327\052\164\361\350\132\242\073\237\120\272\246\214\105\065\302
+\120\145\225\334\143\202\357\335\277\167\115\234\142\311\143\163
+\026\320\051\017\111\251\110\360\263\252\267\154\305\247\060\071
+\100\135\256\304\342\135\046\123\360\316\034\043\010\141\250\224
+\031\272\004\142\100\354\037\070\160\167\022\006\161\247\060\030
+\135\045\047\245\002\003\001\000\001\243\201\245\060\201\242\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\035\006\003\125\035\016\004\026\004\024\266\010\173\015\172
+\314\254\040\114\206\126\062\136\317\253\156\205\055\160\127\060
+\077\006\003\125\035\037\004\070\060\066\060\064\240\062\240\060
+\206\056\150\164\164\160\072\057\057\167\167\167\062\056\160\165
+\142\154\151\143\055\164\162\165\163\164\056\143\157\155\057\143
+\162\154\057\143\164\057\143\164\162\157\157\164\056\143\162\154
+\060\037\006\003\125\035\043\004\030\060\026\200\024\266\010\173
+\015\172\314\254\040\114\206\126\062\136\317\253\156\205\055\160
+\127\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\003\202\001\001\000\126\357\012\043\240\124\116\225\227\311\370
+\211\332\105\301\324\243\000\045\364\037\023\253\267\243\205\130
+\151\302\060\255\330\025\212\055\343\311\315\201\132\370\163\043
+\132\247\174\005\363\375\042\073\016\321\006\304\333\066\114\163
+\004\216\345\260\042\344\305\363\056\245\331\043\343\270\116\112
+\040\247\156\002\044\237\042\140\147\173\213\035\162\011\305\061
+\134\351\171\237\200\107\075\255\241\013\007\024\075\107\377\003
+\151\032\014\013\104\347\143\045\247\177\262\311\270\166\204\355
+\043\366\175\007\253\105\176\323\337\263\277\351\212\266\315\250
+\242\147\053\122\325\267\145\360\071\114\143\240\221\171\223\122
+\017\124\335\203\273\237\321\217\247\123\163\303\313\377\060\354
+\174\004\270\330\104\037\223\137\161\011\042\267\156\076\352\034
+\003\116\235\032\040\141\373\201\067\354\136\374\012\105\253\327
+\347\027\125\320\240\352\140\233\246\366\343\214\133\051\302\006
+\140\024\235\055\227\114\251\223\025\235\141\304\001\137\110\326
+\130\275\126\061\022\116\021\310\041\340\263\021\221\145\333\264
+\246\210\070\316\125
+END
+
+# Trust for Certificate "Cybertrust Global Root"
+# Issuer: CN=Cybertrust Global Root,O="Cybertrust, Inc"
+# Serial Number:04:00:00:00:00:01:0f:85:aa:2d:48
+# Subject: CN=Cybertrust Global Root,O="Cybertrust, Inc"
+# Not Valid Before: Fri Dec 15 08:00:00 2006
+# Not Valid After : Wed Dec 15 08:00:00 2021
+# Fingerprint (MD5): 72:E4:4A:87:E3:69:40:80:77:EA:BC:E3:F4:FF:F0:E1
+# Fingerprint (SHA1): 5F:43:E5:B1:BF:F8:78:8C:AC:1C:C7:CA:4A:9A:C6:22:2B:CC:34:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Cybertrust Global Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\137\103\345\261\277\370\170\214\254\034\307\312\112\232\306\042
+\053\314\064\306
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\162\344\112\207\343\151\100\200\167\352\274\343\364\377\360\341
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\073\061\030\060\026\006\003\125\004\012\023\017\103\171\142
+\145\162\164\162\165\163\164\054\040\111\156\143\061\037\060\035
+\006\003\125\004\003\023\026\103\171\142\145\162\164\162\165\163
+\164\040\107\154\157\142\141\154\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\017\205\252\055\110
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "ePKI Root Certification Authority"
+#
+# Issuer: OU=ePKI Root Certification Authority,O="Chunghwa Telecom Co., Ltd.",C=TW
+# Serial Number:15:c8:bd:65:47:5c:af:b8:97:00:5e:e4:06:d2:bc:9d
+# Subject: OU=ePKI Root Certification Authority,O="Chunghwa Telecom Co., Ltd.",C=TW
+# Not Valid Before: Mon Dec 20 02:31:27 2004
+# Not Valid After : Wed Dec 20 02:31:27 2034
+# Fingerprint (MD5): 1B:2E:00:CA:26:06:90:3D:AD:FE:6F:15:68:D3:6B:B3
+# Fingerprint (SHA1): 67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ePKI Root Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\136\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\043\060\041\006\003\125\004\012\014\032\103\150\165\156\147\150
+\167\141\040\124\145\154\145\143\157\155\040\103\157\056\054\040
+\114\164\144\056\061\052\060\050\006\003\125\004\013\014\041\145
+\120\113\111\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\136\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\043\060\041\006\003\125\004\012\014\032\103\150\165\156\147\150
+\167\141\040\124\145\154\145\143\157\155\040\103\157\056\054\040
+\114\164\144\056\061\052\060\050\006\003\125\004\013\014\041\145
+\120\113\111\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\025\310\275\145\107\134\257\270\227\000\136\344\006\322
+\274\235
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\260\060\202\003\230\240\003\002\001\002\002\020\025
+\310\275\145\107\134\257\270\227\000\136\344\006\322\274\235\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\136
+\061\013\060\011\006\003\125\004\006\023\002\124\127\061\043\060
+\041\006\003\125\004\012\014\032\103\150\165\156\147\150\167\141
+\040\124\145\154\145\143\157\155\040\103\157\056\054\040\114\164
+\144\056\061\052\060\050\006\003\125\004\013\014\041\145\120\113
+\111\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
+\027\015\060\064\061\062\062\060\060\062\063\061\062\067\132\027
+\015\063\064\061\062\062\060\060\062\063\061\062\067\132\060\136
+\061\013\060\011\006\003\125\004\006\023\002\124\127\061\043\060
+\041\006\003\125\004\012\014\032\103\150\165\156\147\150\167\141
+\040\124\145\154\145\143\157\155\040\103\157\056\054\040\114\164
+\144\056\061\052\060\050\006\003\125\004\013\014\041\145\120\113
+\111\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\341
+\045\017\356\215\333\210\063\165\147\315\255\037\175\072\116\155
+\235\323\057\024\363\143\164\313\001\041\152\067\352\204\120\007
+\113\046\133\011\103\154\041\236\152\310\325\003\365\140\151\217
+\314\360\042\344\037\347\367\152\042\061\267\054\025\362\340\376
+\000\152\103\377\207\145\306\265\032\301\247\114\155\042\160\041
+\212\061\362\227\164\211\011\022\046\034\236\312\331\022\242\225
+\074\332\351\147\277\010\240\144\343\326\102\267\105\357\227\364
+\366\365\327\265\112\025\002\130\175\230\130\113\140\274\315\327
+\015\232\023\063\123\321\141\371\172\325\327\170\263\232\063\367
+\000\206\316\035\115\224\070\257\250\354\170\121\160\212\134\020
+\203\121\041\367\021\075\064\206\136\345\110\315\227\201\202\065
+\114\031\354\145\366\153\305\005\241\356\107\023\326\263\041\047
+\224\020\012\331\044\073\272\276\104\023\106\060\077\227\074\330
+\327\327\152\356\073\070\343\053\324\227\016\271\033\347\007\111
+\177\067\052\371\167\170\317\124\355\133\106\235\243\200\016\221
+\103\301\326\133\137\024\272\237\246\215\044\107\100\131\277\162
+\070\262\066\154\067\377\231\321\135\016\131\012\253\151\367\300
+\262\004\105\172\124\000\256\276\123\366\265\347\341\370\074\243
+\061\322\251\376\041\122\144\305\246\147\360\165\007\006\224\024
+\201\125\306\047\344\001\217\027\301\152\161\327\276\113\373\224
+\130\175\176\021\063\261\102\367\142\154\030\326\317\011\150\076
+\177\154\366\036\217\142\255\245\143\333\011\247\037\042\102\101
+\036\157\231\212\076\327\371\077\100\172\171\260\245\001\222\322
+\235\075\010\025\245\020\001\055\263\062\166\250\225\015\263\172
+\232\373\007\020\170\021\157\341\217\307\272\017\045\032\164\052
+\345\034\230\101\231\337\041\207\350\225\006\152\012\263\152\107
+\166\145\366\072\317\217\142\027\031\173\012\050\315\032\322\203
+\036\041\307\054\277\276\377\141\150\267\147\033\273\170\115\215
+\316\147\345\344\301\216\267\043\146\342\235\220\165\064\230\251
+\066\053\212\232\224\271\235\354\314\212\261\370\045\211\134\132
+\266\057\214\037\155\171\044\247\122\150\303\204\065\342\146\215
+\143\016\045\115\325\031\262\346\171\067\247\042\235\124\061\002
+\003\001\000\001\243\152\060\150\060\035\006\003\125\035\016\004
+\026\004\024\036\014\367\266\147\362\341\222\046\011\105\300\125
+\071\056\167\077\102\112\242\060\014\006\003\125\035\023\004\005
+\060\003\001\001\377\060\071\006\004\147\052\007\000\004\061\060
+\057\060\055\002\001\000\060\011\006\005\053\016\003\002\032\005
+\000\060\007\006\005\147\052\003\000\000\004\024\105\260\302\307
+\012\126\174\356\133\170\014\225\371\030\123\301\246\034\330\020
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\002\001\000\011\263\203\123\131\001\076\225\111\271\361\201
+\272\371\166\040\043\265\047\140\164\324\152\231\064\136\154\000
+\123\331\237\362\246\261\044\007\104\152\052\306\245\216\170\022
+\350\107\331\130\033\023\052\136\171\233\237\012\052\147\246\045
+\077\006\151\126\163\303\212\146\110\373\051\201\127\164\006\312
+\234\352\050\350\070\147\046\053\361\325\265\077\145\223\370\066
+\135\216\215\215\100\040\207\031\352\357\047\300\075\264\071\017
+\045\173\150\120\164\125\234\014\131\175\132\075\101\224\045\122
+\010\340\107\054\025\061\031\325\277\007\125\306\273\022\265\227
+\364\137\203\205\272\161\301\331\154\201\021\166\012\012\260\277
+\202\227\367\352\075\372\372\354\055\251\050\224\073\126\335\322
+\121\056\256\300\275\010\025\214\167\122\064\226\326\233\254\323
+\035\216\141\017\065\173\233\256\071\151\013\142\140\100\040\066
+\217\257\373\066\356\055\010\112\035\270\277\233\134\370\352\245
+\033\240\163\246\330\370\156\340\063\004\137\150\252\047\207\355
+\331\301\220\234\355\275\343\152\065\257\143\337\253\030\331\272
+\346\351\112\352\120\212\017\141\223\036\342\055\031\342\060\224
+\065\222\135\016\266\007\257\031\200\217\107\220\121\113\056\115
+\335\205\342\322\012\122\012\027\232\374\032\260\120\002\345\001
+\243\143\067\041\114\104\304\233\121\231\021\016\163\234\006\217
+\124\056\247\050\136\104\071\207\126\055\067\275\205\104\224\341
+\014\113\054\234\303\222\205\064\141\313\017\270\233\112\103\122
+\376\064\072\175\270\351\051\334\166\251\310\060\370\024\161\200
+\306\036\066\110\164\042\101\134\207\202\350\030\161\213\101\211
+\104\347\176\130\133\250\270\215\023\351\247\154\303\107\355\263
+\032\235\142\256\215\202\352\224\236\335\131\020\303\255\335\342
+\115\343\061\325\307\354\350\362\260\376\222\036\026\012\032\374
+\331\363\370\047\266\311\276\035\264\154\144\220\177\364\344\304
+\133\327\067\256\102\016\335\244\032\157\174\210\124\305\026\156
+\341\172\150\056\370\072\277\015\244\074\211\073\170\247\116\143
+\203\004\041\010\147\215\362\202\111\320\133\375\261\315\017\203
+\204\324\076\040\205\367\112\075\053\234\375\052\012\011\115\352
+\201\370\021\234
+END
+
+# Trust for Certificate "ePKI Root Certification Authority"
+# Issuer: OU=ePKI Root Certification Authority,O="Chunghwa Telecom Co., Ltd.",C=TW
+# Serial Number:15:c8:bd:65:47:5c:af:b8:97:00:5e:e4:06:d2:bc:9d
+# Subject: OU=ePKI Root Certification Authority,O="Chunghwa Telecom Co., Ltd.",C=TW
+# Not Valid Before: Mon Dec 20 02:31:27 2004
+# Not Valid After : Wed Dec 20 02:31:27 2034
+# Fingerprint (MD5): 1B:2E:00:CA:26:06:90:3D:AD:FE:6F:15:68:D3:6B:B3
+# Fingerprint (SHA1): 67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ePKI Root Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\147\145\015\361\176\216\176\133\202\100\244\364\126\113\317\342
+\075\151\306\360
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\033\056\000\312\046\006\220\075\255\376\157\025\150\323\153\263
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\136\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\043\060\041\006\003\125\004\012\014\032\103\150\165\156\147\150
+\167\141\040\124\145\154\145\143\157\155\040\103\157\056\054\040
+\114\164\144\056\061\052\060\050\006\003\125\004\013\014\041\145
+\120\113\111\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\025\310\275\145\107\134\257\270\227\000\136\344\006\322
+\274\235
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3"
+#
+# Issuer: CN=T..B..TAK UEKAE K..k Sertifika Hizmet Sa..lay..c..s.. - S..r..m ...,OU=Kamu Sertifikasyon Merkezi,OU=Ulusal Elektronik ve Kriptoloji Ara..t..rma Enstit..s.. - UEKAE,O=T..rkiye Bilimsel ve Teknolojik Ara..t..rma Kurumu - T..B..TAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 17 (0x11)
+# Subject: CN=T..B..TAK UEKAE K..k Sertifika Hizmet Sa..lay..c..s.. - S..r..m ...,OU=Kamu Sertifikasyon Merkezi,OU=Ulusal Elektronik ve Kriptoloji Ara..t..rma Enstit..s.. - UEKAE,O=T..rkiye Bilimsel ve Teknolojik Ara..t..rma Kurumu - T..B..TAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Fri Aug 24 11:37:07 2007
+# Not Valid After : Mon Aug 21 11:37:07 2017
+# Fingerprint (MD5): ED:41:F5:8C:50:C5:2B:9C:73:E6:EE:6C:EB:C2:A8:26
+# Fingerprint (SHA1): 1B:4B:39:61:26:27:6B:64:91:A2:68:6D:D7:02:43:21:2D:1F:1D:96
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\202\001\053\061\013\060\011\006\003\125\004\006\023\002\124
+\122\061\030\060\026\006\003\125\004\007\014\017\107\145\142\172
+\145\040\055\040\113\157\143\141\145\154\151\061\107\060\105\006
+\003\125\004\012\014\076\124\303\274\162\153\151\171\145\040\102
+\151\154\151\155\163\145\154\040\166\145\040\124\145\153\156\157
+\154\157\152\151\153\040\101\162\141\305\237\164\304\261\162\155
+\141\040\113\165\162\165\155\165\040\055\040\124\303\234\102\304
+\260\124\101\113\061\110\060\106\006\003\125\004\013\014\077\125
+\154\165\163\141\154\040\105\154\145\153\164\162\157\156\151\153
+\040\166\145\040\113\162\151\160\164\157\154\157\152\151\040\101
+\162\141\305\237\164\304\261\162\155\141\040\105\156\163\164\151
+\164\303\274\163\303\274\040\055\040\125\105\113\101\105\061\043
+\060\041\006\003\125\004\013\014\032\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\061\112\060\110\006\003\125\004\003\014\101\124\303
+\234\102\304\260\124\101\113\040\125\105\113\101\105\040\113\303
+\266\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172
+\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261
+\163\304\261\040\055\040\123\303\274\162\303\274\155\040\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\202\001\053\061\013\060\011\006\003\125\004\006\023\002\124
+\122\061\030\060\026\006\003\125\004\007\014\017\107\145\142\172
+\145\040\055\040\113\157\143\141\145\154\151\061\107\060\105\006
+\003\125\004\012\014\076\124\303\274\162\153\151\171\145\040\102
+\151\154\151\155\163\145\154\040\166\145\040\124\145\153\156\157
+\154\157\152\151\153\040\101\162\141\305\237\164\304\261\162\155
+\141\040\113\165\162\165\155\165\040\055\040\124\303\234\102\304
+\260\124\101\113\061\110\060\106\006\003\125\004\013\014\077\125
+\154\165\163\141\154\040\105\154\145\153\164\162\157\156\151\153
+\040\166\145\040\113\162\151\160\164\157\154\157\152\151\040\101
+\162\141\305\237\164\304\261\162\155\141\040\105\156\163\164\151
+\164\303\274\163\303\274\040\055\040\125\105\113\101\105\061\043
+\060\041\006\003\125\004\013\014\032\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\061\112\060\110\006\003\125\004\003\014\101\124\303
+\234\102\304\260\124\101\113\040\125\105\113\101\105\040\113\303
+\266\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172
+\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261
+\163\304\261\040\055\040\123\303\274\162\303\274\155\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\021
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\027\060\202\003\377\240\003\002\001\002\002\001\021
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\202\001\053\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\014\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\107\060\105\006\003
+\125\004\012\014\076\124\303\274\162\153\151\171\145\040\102\151
+\154\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154
+\157\152\151\153\040\101\162\141\305\237\164\304\261\162\155\141
+\040\113\165\162\165\155\165\040\055\040\124\303\234\102\304\260
+\124\101\113\061\110\060\106\006\003\125\004\013\014\077\125\154
+\165\163\141\154\040\105\154\145\153\164\162\157\156\151\153\040
+\166\145\040\113\162\151\160\164\157\154\157\152\151\040\101\162
+\141\305\237\164\304\261\162\155\141\040\105\156\163\164\151\164
+\303\274\163\303\274\040\055\040\125\105\113\101\105\061\043\060
+\041\006\003\125\004\013\014\032\113\141\155\165\040\123\145\162
+\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145
+\172\151\061\112\060\110\006\003\125\004\003\014\101\124\303\234
+\102\304\260\124\101\113\040\125\105\113\101\105\040\113\303\266
+\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155
+\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163
+\304\261\040\055\040\123\303\274\162\303\274\155\040\063\060\036
+\027\015\060\067\060\070\062\064\061\061\063\067\060\067\132\027
+\015\061\067\060\070\062\061\061\061\063\067\060\067\132\060\202
+\001\053\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\030\060\026\006\003\125\004\007\014\017\107\145\142\172\145\040
+\055\040\113\157\143\141\145\154\151\061\107\060\105\006\003\125
+\004\012\014\076\124\303\274\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\305\237\164\304\261\162\155\141\040
+\113\165\162\165\155\165\040\055\040\124\303\234\102\304\260\124
+\101\113\061\110\060\106\006\003\125\004\013\014\077\125\154\165
+\163\141\154\040\105\154\145\153\164\162\157\156\151\153\040\166
+\145\040\113\162\151\160\164\157\154\157\152\151\040\101\162\141
+\305\237\164\304\261\162\155\141\040\105\156\163\164\151\164\303
+\274\163\303\274\040\055\040\125\105\113\101\105\061\043\060\041
+\006\003\125\004\013\014\032\113\141\155\165\040\123\145\162\164
+\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145\172
+\151\061\112\060\110\006\003\125\004\003\014\101\124\303\234\102
+\304\260\124\101\113\040\125\105\113\101\105\040\113\303\266\153
+\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
+\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
+\261\040\055\040\123\303\274\162\303\274\155\040\063\060\202\001
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\001\017\000\060\202\001\012\002\202\001\001\000\212\155
+\113\377\020\210\072\303\366\176\224\350\352\040\144\160\256\041
+\201\276\072\173\074\333\361\035\122\177\131\372\363\042\114\225
+\240\220\274\110\116\021\253\373\267\265\215\172\203\050\214\046
+\106\330\116\225\100\207\141\237\305\236\155\201\207\127\154\212
+\073\264\146\352\314\100\374\343\252\154\262\313\001\333\062\277
+\322\353\205\317\241\015\125\303\133\070\127\160\270\165\306\171
+\321\024\060\355\033\130\133\153\357\065\362\241\041\116\305\316
+\174\231\137\154\271\270\042\223\120\247\315\114\160\152\276\152
+\005\177\023\234\053\036\352\376\107\316\004\245\157\254\223\056
+\174\053\237\236\171\023\221\350\352\236\312\070\165\216\142\260
+\225\223\052\345\337\351\136\227\156\040\137\137\204\172\104\071
+\031\100\034\272\125\053\373\060\262\201\357\204\343\334\354\230
+\070\071\003\205\010\251\124\003\005\051\360\311\217\213\352\013
+\206\145\031\021\323\351\011\043\336\150\223\003\311\066\034\041
+\156\316\214\146\361\231\060\330\327\263\303\035\370\201\056\250
+\275\202\013\146\376\202\313\341\340\032\202\303\100\201\002\003
+\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026
+\004\024\275\210\207\311\217\366\244\012\013\252\353\305\376\221
+\043\235\253\112\212\062\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\003\202\001\001\000\035\174\372\111\217
+\064\351\267\046\222\026\232\005\164\347\113\320\155\071\154\303
+\046\366\316\270\061\274\304\337\274\052\370\067\221\030\334\004
+\310\144\231\053\030\155\200\003\131\311\256\370\130\320\076\355
+\303\043\237\151\074\206\070\034\236\357\332\047\170\321\204\067
+\161\212\074\113\071\317\176\105\006\326\055\330\212\115\170\022
+\326\255\302\323\313\322\320\101\363\046\066\112\233\225\154\014
+\356\345\321\103\047\146\301\210\367\172\263\040\154\352\260\151
+\053\307\040\350\014\003\304\101\005\231\342\077\344\153\370\240
+\206\201\307\204\306\037\325\113\201\022\262\026\041\054\023\241
+\200\262\136\014\112\023\236\040\330\142\100\253\220\352\144\112
+\057\254\015\001\022\171\105\250\057\207\031\150\310\342\205\307
+\060\262\165\371\070\077\262\300\223\264\153\342\003\104\316\147
+\240\337\211\326\255\214\166\243\023\303\224\141\053\153\331\154
+\301\007\012\042\007\205\154\205\044\106\251\276\077\213\170\204
+\202\176\044\014\235\375\201\067\343\045\250\355\066\116\225\054
+\311\234\220\332\354\251\102\074\255\266\002
+END
+
+# Trust for Certificate "TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3"
+# Issuer: CN=T..B..TAK UEKAE K..k Sertifika Hizmet Sa..lay..c..s.. - S..r..m ...,OU=Kamu Sertifikasyon Merkezi,OU=Ulusal Elektronik ve Kriptoloji Ara..t..rma Enstit..s.. - UEKAE,O=T..rkiye Bilimsel ve Teknolojik Ara..t..rma Kurumu - T..B..TAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 17 (0x11)
+# Subject: CN=T..B..TAK UEKAE K..k Sertifika Hizmet Sa..lay..c..s.. - S..r..m ...,OU=Kamu Sertifikasyon Merkezi,OU=Ulusal Elektronik ve Kriptoloji Ara..t..rma Enstit..s.. - UEKAE,O=T..rkiye Bilimsel ve Teknolojik Ara..t..rma Kurumu - T..B..TAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Fri Aug 24 11:37:07 2007
+# Not Valid After : Mon Aug 21 11:37:07 2017
+# Fingerprint (MD5): ED:41:F5:8C:50:C5:2B:9C:73:E6:EE:6C:EB:C2:A8:26
+# Fingerprint (SHA1): 1B:4B:39:61:26:27:6B:64:91:A2:68:6D:D7:02:43:21:2D:1F:1D:96
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\033\113\071\141\046\047\153\144\221\242\150\155\327\002\103\041
+\055\037\035\226
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\355\101\365\214\120\305\053\234\163\346\356\154\353\302\250\046
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\202\001\053\061\013\060\011\006\003\125\004\006\023\002\124
+\122\061\030\060\026\006\003\125\004\007\014\017\107\145\142\172
+\145\040\055\040\113\157\143\141\145\154\151\061\107\060\105\006
+\003\125\004\012\014\076\124\303\274\162\153\151\171\145\040\102
+\151\154\151\155\163\145\154\040\166\145\040\124\145\153\156\157
+\154\157\152\151\153\040\101\162\141\305\237\164\304\261\162\155
+\141\040\113\165\162\165\155\165\040\055\040\124\303\234\102\304
+\260\124\101\113\061\110\060\106\006\003\125\004\013\014\077\125
+\154\165\163\141\154\040\105\154\145\153\164\162\157\156\151\153
+\040\166\145\040\113\162\151\160\164\157\154\157\152\151\040\101
+\162\141\305\237\164\304\261\162\155\141\040\105\156\163\164\151
+\164\303\274\163\303\274\040\055\040\125\105\113\101\105\061\043
+\060\041\006\003\125\004\013\014\032\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\061\112\060\110\006\003\125\004\003\014\101\124\303
+\234\102\304\260\124\101\113\040\125\105\113\101\105\040\113\303
+\266\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172
+\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261
+\163\304\261\040\055\040\123\303\274\162\303\274\155\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\021
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "certSIGN ROOT CA"
+#
+# Issuer: OU=certSIGN ROOT CA,O=certSIGN,C=RO
+# Serial Number:20:06:05:16:70:02
+# Subject: OU=certSIGN ROOT CA,O=certSIGN,C=RO
+# Not Valid Before: Tue Jul 04 17:20:04 2006
+# Not Valid After : Fri Jul 04 17:20:04 2031
+# Fingerprint (MD5): 18:98:C0:D6:E9:3A:FC:F9:B0:F5:0C:F7:4B:01:44:17
+# Fingerprint (SHA1): FA:B7:EE:36:97:26:62:FB:2D:B0:2A:F6:BF:03:FD:E8:7C:4B:2F:9B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "certSIGN ROOT CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\073\061\013\060\011\006\003\125\004\006\023\002\122\117\061
+\021\060\017\006\003\125\004\012\023\010\143\145\162\164\123\111
+\107\116\061\031\060\027\006\003\125\004\013\023\020\143\145\162
+\164\123\111\107\116\040\122\117\117\124\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\073\061\013\060\011\006\003\125\004\006\023\002\122\117\061
+\021\060\017\006\003\125\004\012\023\010\143\145\162\164\123\111
+\107\116\061\031\060\027\006\003\125\004\013\023\020\143\145\162
+\164\123\111\107\116\040\122\117\117\124\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\040\006\005\026\160\002
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\070\060\202\002\040\240\003\002\001\002\002\006\040
+\006\005\026\160\002\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\060\073\061\013\060\011\006\003\125\004\006\023
+\002\122\117\061\021\060\017\006\003\125\004\012\023\010\143\145
+\162\164\123\111\107\116\061\031\060\027\006\003\125\004\013\023
+\020\143\145\162\164\123\111\107\116\040\122\117\117\124\040\103
+\101\060\036\027\015\060\066\060\067\060\064\061\067\062\060\060
+\064\132\027\015\063\061\060\067\060\064\061\067\062\060\060\064
+\132\060\073\061\013\060\011\006\003\125\004\006\023\002\122\117
+\061\021\060\017\006\003\125\004\012\023\010\143\145\162\164\123
+\111\107\116\061\031\060\027\006\003\125\004\013\023\020\143\145
+\162\164\123\111\107\116\040\122\117\117\124\040\103\101\060\202
+\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\267
+\063\271\176\310\045\112\216\265\333\264\050\033\252\127\220\350
+\321\042\323\144\272\323\223\350\324\254\206\141\100\152\140\127
+\150\124\204\115\274\152\124\002\005\377\337\233\232\052\256\135
+\007\217\112\303\050\177\357\373\053\372\171\361\307\255\360\020
+\123\044\220\213\146\311\250\210\253\257\132\243\000\351\276\272
+\106\356\133\163\173\054\027\202\201\136\142\054\241\002\145\263
+\275\305\053\000\176\304\374\003\063\127\015\355\342\372\316\135
+\105\326\070\315\065\266\262\301\320\234\201\112\252\344\262\001
+\134\035\217\137\231\304\261\255\333\210\041\353\220\010\202\200
+\363\060\243\103\346\220\202\256\125\050\111\355\133\327\251\020
+\070\016\376\217\114\133\233\106\352\101\365\260\010\164\303\320
+\210\063\266\174\327\164\337\334\204\321\103\016\165\071\241\045
+\100\050\352\170\313\016\054\056\071\235\214\213\156\026\034\057
+\046\202\020\342\343\145\224\012\004\300\136\367\135\133\370\020
+\342\320\272\172\113\373\336\067\000\000\032\133\050\343\322\234
+\163\076\062\207\230\241\311\121\057\327\336\254\063\263\117\002
+\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023\001
+\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\306\060\035\006\003\125\035\016
+\004\026\004\024\340\214\233\333\045\111\263\361\174\206\326\262
+\102\207\013\320\153\240\331\344\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\001\001\000\076\322\034\211
+\056\065\374\370\165\335\346\177\145\210\364\162\114\311\054\327
+\062\116\363\335\031\171\107\275\216\073\133\223\017\120\111\044
+\023\153\024\006\162\357\011\323\241\241\343\100\204\311\347\030
+\062\164\074\110\156\017\237\113\324\367\036\323\223\206\144\124
+\227\143\162\120\325\125\317\372\040\223\002\242\233\303\043\223
+\116\026\125\166\240\160\171\155\315\041\037\317\057\055\274\031
+\343\210\061\370\131\032\201\011\310\227\246\164\307\140\304\133
+\314\127\216\262\165\375\033\002\011\333\131\157\162\223\151\367
+\061\101\326\210\070\277\207\262\275\026\171\371\252\344\276\210
+\045\335\141\047\043\034\265\061\007\004\066\264\032\220\275\240
+\164\161\120\211\155\274\024\343\017\206\256\361\253\076\307\240
+\011\314\243\110\321\340\333\144\347\222\265\317\257\162\103\160
+\213\371\303\204\074\023\252\176\222\233\127\123\223\372\160\302
+\221\016\061\371\233\147\135\351\226\070\136\137\263\163\116\210
+\025\147\336\236\166\020\142\040\276\125\151\225\103\000\071\115
+\366\356\260\132\116\111\104\124\130\137\102\203
+END
+
+# Trust for Certificate "certSIGN ROOT CA"
+# Issuer: OU=certSIGN ROOT CA,O=certSIGN,C=RO
+# Serial Number:20:06:05:16:70:02
+# Subject: OU=certSIGN ROOT CA,O=certSIGN,C=RO
+# Not Valid Before: Tue Jul 04 17:20:04 2006
+# Not Valid After : Fri Jul 04 17:20:04 2031
+# Fingerprint (MD5): 18:98:C0:D6:E9:3A:FC:F9:B0:F5:0C:F7:4B:01:44:17
+# Fingerprint (SHA1): FA:B7:EE:36:97:26:62:FB:2D:B0:2A:F6:BF:03:FD:E8:7C:4B:2F:9B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "certSIGN ROOT CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\372\267\356\066\227\046\142\373\055\260\052\366\277\003\375\350
+\174\113\057\233
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\030\230\300\326\351\072\374\371\260\365\014\367\113\001\104\027
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\073\061\013\060\011\006\003\125\004\006\023\002\122\117\061
+\021\060\017\006\003\125\004\012\023\010\143\145\162\164\123\111
+\107\116\061\031\060\027\006\003\125\004\013\023\020\143\145\162
+\164\123\111\107\116\040\122\117\117\124\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\040\006\005\026\160\002
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "CNNIC ROOT"
+#
+# Issuer: CN=CNNIC ROOT,O=CNNIC,C=CN
+# Serial Number: 1228079105 (0x49330001)
+# Subject: CN=CNNIC ROOT,O=CNNIC,C=CN
+# Not Valid Before: Mon Apr 16 07:09:14 2007
+# Not Valid After : Fri Apr 16 07:09:14 2027
+# Fingerprint (MD5): 21:BC:82:AB:49:C4:13:3B:4B:B2:2B:5C:6B:90:9C:19
+# Fingerprint (SHA1): 8B:AF:4C:9B:1D:F0:2A:92:F7:DA:12:8E:B9:1B:AC:F4:98:60:4B:6F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CNNIC ROOT"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\062\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\016\060\014\006\003\125\004\012\023\005\103\116\116\111\103\061
+\023\060\021\006\003\125\004\003\023\012\103\116\116\111\103\040
+\122\117\117\124
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\062\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\016\060\014\006\003\125\004\012\023\005\103\116\116\111\103\061
+\023\060\021\006\003\125\004\003\023\012\103\116\116\111\103\040
+\122\117\117\124
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\111\063\000\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\125\060\202\002\075\240\003\002\001\002\002\004\111
+\063\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\062\061\013\060\011\006\003\125\004\006\023\002\103
+\116\061\016\060\014\006\003\125\004\012\023\005\103\116\116\111
+\103\061\023\060\021\006\003\125\004\003\023\012\103\116\116\111
+\103\040\122\117\117\124\060\036\027\015\060\067\060\064\061\066
+\060\067\060\071\061\064\132\027\015\062\067\060\064\061\066\060
+\067\060\071\061\064\132\060\062\061\013\060\011\006\003\125\004
+\006\023\002\103\116\061\016\060\014\006\003\125\004\012\023\005
+\103\116\116\111\103\061\023\060\021\006\003\125\004\003\023\012
+\103\116\116\111\103\040\122\117\117\124\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\323\065\367\077\163
+\167\255\350\133\163\027\302\321\157\355\125\274\156\352\350\244
+\171\262\154\303\243\357\341\237\261\073\110\205\365\232\134\041
+\042\020\054\305\202\316\332\343\232\156\067\341\207\054\334\271
+\014\132\272\210\125\337\375\252\333\037\061\352\001\361\337\071
+\001\301\023\375\110\122\041\304\125\337\332\330\263\124\166\272
+\164\261\267\175\327\300\350\366\131\305\115\310\275\255\037\024
+\332\337\130\104\045\062\031\052\307\176\176\216\256\070\260\060
+\173\107\162\011\061\360\060\333\303\033\166\051\273\151\166\116
+\127\371\033\144\242\223\126\267\157\231\156\333\012\004\234\021
+\343\200\037\313\143\224\020\012\251\341\144\202\061\371\214\047
+\355\246\231\000\366\160\223\030\370\241\064\206\243\335\172\302
+\030\171\366\172\145\065\317\220\353\275\063\223\237\123\253\163
+\073\346\233\064\040\057\035\357\251\035\143\032\240\200\333\003
+\057\371\046\032\206\322\215\273\251\276\122\072\207\147\110\015
+\277\264\240\330\046\276\043\137\163\067\177\046\346\222\004\243
+\177\317\040\247\267\363\072\312\313\231\313\002\003\001\000\001
+\243\163\060\161\060\021\006\011\140\206\110\001\206\370\102\001
+\001\004\004\003\002\000\007\060\037\006\003\125\035\043\004\030
+\060\026\200\024\145\362\061\255\052\367\367\335\122\226\012\307
+\002\301\016\357\246\325\073\021\060\017\006\003\125\035\023\001
+\001\377\004\005\060\003\001\001\377\060\013\006\003\125\035\017
+\004\004\003\002\001\376\060\035\006\003\125\035\016\004\026\004
+\024\145\362\061\255\052\367\367\335\122\226\012\307\002\301\016
+\357\246\325\073\021\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\003\202\001\001\000\113\065\356\314\344\256\277
+\303\156\255\237\225\073\113\077\133\036\337\127\051\242\131\312
+\070\342\271\032\377\236\346\156\062\335\036\256\352\065\267\365
+\223\221\116\332\102\341\303\027\140\120\362\321\134\046\271\202
+\267\352\155\344\234\204\347\003\171\027\257\230\075\224\333\307
+\272\000\347\270\277\001\127\301\167\105\062\014\073\361\264\034
+\010\260\375\121\240\241\335\232\035\023\066\232\155\267\307\074
+\271\341\305\331\027\372\203\325\075\025\240\074\273\036\013\342
+\310\220\077\250\206\014\374\371\213\136\205\313\117\133\113\142
+\021\107\305\105\174\005\057\101\261\236\020\151\033\231\226\340
+\125\171\373\116\206\231\270\224\332\206\070\152\223\243\347\313
+\156\345\337\352\041\125\211\234\175\175\177\230\365\000\211\356
+\343\204\300\134\226\265\305\106\352\106\340\205\125\266\033\311
+\022\326\301\315\315\200\363\002\001\074\310\151\313\105\110\143
+\330\224\320\354\205\016\073\116\021\145\364\202\214\246\075\256
+\056\042\224\011\310\134\352\074\201\135\026\052\003\227\026\125
+\011\333\212\101\202\236\146\233\021
+END
+
+# Trust for Certificate "CNNIC ROOT"
+# Issuer: CN=CNNIC ROOT,O=CNNIC,C=CN
+# Serial Number: 1228079105 (0x49330001)
+# Subject: CN=CNNIC ROOT,O=CNNIC,C=CN
+# Not Valid Before: Mon Apr 16 07:09:14 2007
+# Not Valid After : Fri Apr 16 07:09:14 2027
+# Fingerprint (MD5): 21:BC:82:AB:49:C4:13:3B:4B:B2:2B:5C:6B:90:9C:19
+# Fingerprint (SHA1): 8B:AF:4C:9B:1D:F0:2A:92:F7:DA:12:8E:B9:1B:AC:F4:98:60:4B:6F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CNNIC ROOT"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\213\257\114\233\035\360\052\222\367\332\022\216\271\033\254\364
+\230\140\113\157
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\041\274\202\253\111\304\023\073\113\262\053\134\153\220\234\031
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\062\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\016\060\014\006\003\125\004\012\023\005\103\116\116\111\103\061
+\023\060\021\006\003\125\004\003\023\012\103\116\116\111\103\040
+\122\117\117\124
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\111\063\000\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Primary Certification Authority - G3"
+#
+# Issuer: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Serial Number:15:ac:6e:94:19:b2:79:4b:41:f6:27:a9:c3:18:0f:1f
+# Subject: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Not Valid Before: Wed Apr 02 00:00:00 2008
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (MD5): B5:E8:34:36:C9:10:44:58:48:70:6D:2E:83:D4:B8:05
+# Fingerprint (SHA1): 03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Primary Certification Authority - G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\050\143\051\040\062\060\060\070\040\107\145\157\124
+\162\165\163\164\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\066\060\064\006\003\125\004\003\023\055\107\145
+\157\124\162\165\163\164\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\050\143\051\040\062\060\060\070\040\107\145\157\124
+\162\165\163\164\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\066\060\064\006\003\125\004\003\023\055\107\145
+\157\124\162\165\163\164\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\025\254\156\224\031\262\171\113\101\366\047\251\303\030
+\017\037
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\376\060\202\002\346\240\003\002\001\002\002\020\025
+\254\156\224\031\262\171\113\101\366\047\251\303\030\017\037\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\230\061\013\060\011\006\003\125\004\006\023\002\125\123\061\026
+\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165\163
+\164\040\111\156\143\056\061\071\060\067\006\003\125\004\013\023
+\060\050\143\051\040\062\060\060\070\040\107\145\157\124\162\165
+\163\164\040\111\156\143\056\040\055\040\106\157\162\040\141\165
+\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
+\171\061\066\060\064\006\003\125\004\003\023\055\107\145\157\124
+\162\165\163\164\040\120\162\151\155\141\162\171\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\055\040\107\063\060\036\027\015\060\070\060
+\064\060\062\060\060\060\060\060\060\132\027\015\063\067\061\062
+\060\061\062\063\065\071\065\071\132\060\201\230\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\026\060\024\006\003\125
+\004\012\023\015\107\145\157\124\162\165\163\164\040\111\156\143
+\056\061\071\060\067\006\003\125\004\013\023\060\050\143\051\040
+\062\060\060\070\040\107\145\157\124\162\165\163\164\040\111\156
+\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
+\172\145\144\040\165\163\145\040\157\156\154\171\061\066\060\064
+\006\003\125\004\003\023\055\107\145\157\124\162\165\163\164\040
+\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
+\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\334\342\136\142\130\035\063\127\071\062\063
+\372\353\313\207\214\247\324\112\335\006\210\352\144\216\061\230
+\245\070\220\036\230\317\056\143\053\360\106\274\104\262\211\241
+\300\050\014\111\160\041\225\237\144\300\246\223\022\002\145\046
+\206\306\245\211\360\372\327\204\240\160\257\117\032\227\077\006
+\104\325\311\353\162\020\175\344\061\050\373\034\141\346\050\007
+\104\163\222\042\151\247\003\210\154\235\143\310\122\332\230\047
+\347\010\114\160\076\264\311\022\301\305\147\203\135\063\363\003
+\021\354\152\320\123\342\321\272\066\140\224\200\273\141\143\154
+\133\027\176\337\100\224\036\253\015\302\041\050\160\210\377\326
+\046\154\154\140\004\045\116\125\176\175\357\277\224\110\336\267
+\035\335\160\215\005\137\210\245\233\362\302\356\352\321\100\101
+\155\142\070\035\126\006\305\003\107\121\040\031\374\173\020\013
+\016\142\256\166\125\277\137\167\276\076\111\001\123\075\230\045
+\003\166\044\132\035\264\333\211\352\171\345\266\263\073\077\272
+\114\050\101\177\006\254\152\216\301\320\366\005\035\175\346\102
+\206\343\245\325\107\002\003\001\000\001\243\102\060\100\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060
+\035\006\003\125\035\016\004\026\004\024\304\171\312\216\241\116
+\003\035\034\334\153\333\061\133\224\076\077\060\177\055\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
+\001\000\055\305\023\317\126\200\173\172\170\275\237\256\054\231
+\347\357\332\337\224\136\011\151\247\347\156\150\214\275\162\276
+\107\251\016\227\022\270\112\361\144\323\071\337\045\064\324\301
+\315\116\201\360\017\004\304\044\263\064\226\306\246\252\060\337
+\150\141\163\327\371\216\205\211\357\016\136\225\050\112\052\047
+\217\020\216\056\174\206\304\002\236\332\014\167\145\016\104\015
+\222\375\375\263\026\066\372\021\015\035\214\016\007\211\152\051
+\126\367\162\364\335\025\234\167\065\146\127\253\023\123\330\216
+\301\100\305\327\023\026\132\162\307\267\151\001\304\172\261\203
+\001\150\175\215\101\241\224\030\301\045\134\374\360\376\203\002
+\207\174\015\015\317\056\010\134\112\100\015\076\354\201\141\346
+\044\333\312\340\016\055\007\262\076\126\334\215\365\101\205\007
+\110\233\014\013\313\111\077\175\354\267\375\313\215\147\211\032
+\253\355\273\036\243\000\010\010\027\052\202\134\061\135\106\212
+\055\017\206\233\164\331\105\373\324\100\261\172\252\150\055\206
+\262\231\042\341\301\053\307\234\370\363\137\250\202\022\353\031
+\021\055
+END
+
+# Trust for Certificate "GeoTrust Primary Certification Authority - G3"
+# Issuer: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Serial Number:15:ac:6e:94:19:b2:79:4b:41:f6:27:a9:c3:18:0f:1f
+# Subject: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Not Valid Before: Wed Apr 02 00:00:00 2008
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (MD5): B5:E8:34:36:C9:10:44:58:48:70:6D:2E:83:D4:B8:05
+# Fingerprint (SHA1): 03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Primary Certification Authority - G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\003\236\355\270\013\347\240\074\151\123\211\073\040\322\331\062
+\072\114\052\375
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\265\350\064\066\311\020\104\130\110\160\155\056\203\324\270\005
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\050\143\051\040\062\060\060\070\040\107\145\157\124
+\162\165\163\164\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\066\060\064\006\003\125\004\003\023\055\107\145
+\157\124\162\165\163\164\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\025\254\156\224\031\262\171\113\101\366\047\251\303\030
+\017\037
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "thawte Primary Root CA - G2"
+#
+# Issuer: CN=thawte Primary Root CA - G2,OU="(c) 2007 thawte, Inc. - For authorized use only",O="thawte, Inc.",C=US
+# Serial Number:35:fc:26:5c:d9:84:4f:c9:3d:26:3d:57:9b:ae:d7:56
+# Subject: CN=thawte Primary Root CA - G2,OU="(c) 2007 thawte, Inc. - For authorized use only",O="thawte, Inc.",C=US
+# Not Valid Before: Mon Nov 05 00:00:00 2007
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 74:9D:EA:60:24:C4:FD:22:53:3E:CC:3A:72:D9:29:4F
+# Fingerprint (SHA1): AA:DB:BC:22:23:8F:C4:01:A1:27:BB:38:DD:F4:1D:DB:08:9E:F0:12
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "thawte Primary Root CA - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\204\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\070\060\066\006\003\125\004\013
+\023\057\050\143\051\040\062\060\060\067\040\164\150\141\167\164
+\145\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
+\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
+\171\061\044\060\042\006\003\125\004\003\023\033\164\150\141\167
+\164\145\040\120\162\151\155\141\162\171\040\122\157\157\164\040
+\103\101\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\204\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\070\060\066\006\003\125\004\013
+\023\057\050\143\051\040\062\060\060\067\040\164\150\141\167\164
+\145\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
+\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
+\171\061\044\060\042\006\003\125\004\003\023\033\164\150\141\167
+\164\145\040\120\162\151\155\141\162\171\040\122\157\157\164\040
+\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\065\374\046\134\331\204\117\311\075\046\075\127\233\256
+\327\126
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\210\060\202\002\015\240\003\002\001\002\002\020\065
+\374\046\134\331\204\117\311\075\046\075\127\233\256\327\126\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\204\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\025\060\023\006
+\003\125\004\012\023\014\164\150\141\167\164\145\054\040\111\156
+\143\056\061\070\060\066\006\003\125\004\013\023\057\050\143\051
+\040\062\060\060\067\040\164\150\141\167\164\145\054\040\111\156
+\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
+\172\145\144\040\165\163\145\040\157\156\154\171\061\044\060\042
+\006\003\125\004\003\023\033\164\150\141\167\164\145\040\120\162
+\151\155\141\162\171\040\122\157\157\164\040\103\101\040\055\040
+\107\062\060\036\027\015\060\067\061\061\060\065\060\060\060\060
+\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
+\071\132\060\201\204\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\025\060\023\006\003\125\004\012\023\014\164\150\141
+\167\164\145\054\040\111\156\143\056\061\070\060\066\006\003\125
+\004\013\023\057\050\143\051\040\062\060\060\067\040\164\150\141
+\167\164\145\054\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\044\060\042\006\003\125\004\003\023\033\164\150
+\141\167\164\145\040\120\162\151\155\141\162\171\040\122\157\157
+\164\040\103\101\040\055\040\107\062\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\242\325\234\202\173\225\235\361\122\170\207\376\212\026\277
+\005\346\337\243\002\117\015\007\306\000\121\272\014\002\122\055
+\042\244\102\071\304\376\217\352\311\301\276\324\115\377\237\172
+\236\342\261\174\232\255\247\206\011\163\207\321\347\232\343\172
+\245\252\156\373\272\263\160\300\147\210\242\065\324\243\232\261
+\375\255\302\357\061\372\250\271\363\373\010\306\221\321\373\051
+\225\243\102\060\100\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\035\006\003\125\035\016\004\026\004
+\024\232\330\000\060\000\347\153\177\205\030\356\213\266\316\212
+\014\370\021\341\273\060\012\006\010\052\206\110\316\075\004\003
+\003\003\151\000\060\146\002\061\000\335\370\340\127\107\133\247
+\346\012\303\275\365\200\212\227\065\015\033\211\074\124\206\167
+\050\312\241\364\171\336\265\346\070\260\360\145\160\214\177\002
+\124\302\277\377\330\241\076\331\317\002\061\000\304\215\224\374
+\334\123\322\334\235\170\026\037\025\063\043\123\122\343\132\061
+\135\235\312\256\275\023\051\104\015\047\133\250\347\150\234\022
+\367\130\077\056\162\002\127\243\217\241\024\056
+END
+
+# Trust for Certificate "thawte Primary Root CA - G2"
+# Issuer: CN=thawte Primary Root CA - G2,OU="(c) 2007 thawte, Inc. - For authorized use only",O="thawte, Inc.",C=US
+# Serial Number:35:fc:26:5c:d9:84:4f:c9:3d:26:3d:57:9b:ae:d7:56
+# Subject: CN=thawte Primary Root CA - G2,OU="(c) 2007 thawte, Inc. - For authorized use only",O="thawte, Inc.",C=US
+# Not Valid Before: Mon Nov 05 00:00:00 2007
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 74:9D:EA:60:24:C4:FD:22:53:3E:CC:3A:72:D9:29:4F
+# Fingerprint (SHA1): AA:DB:BC:22:23:8F:C4:01:A1:27:BB:38:DD:F4:1D:DB:08:9E:F0:12
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "thawte Primary Root CA - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\252\333\274\042\043\217\304\001\241\047\273\070\335\364\035\333
+\010\236\360\022
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\164\235\352\140\044\304\375\042\123\076\314\072\162\331\051\117
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\204\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\070\060\066\006\003\125\004\013
+\023\057\050\143\051\040\062\060\060\067\040\164\150\141\167\164
+\145\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
+\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
+\171\061\044\060\042\006\003\125\004\003\023\033\164\150\141\167
+\164\145\040\120\162\151\155\141\162\171\040\122\157\157\164\040
+\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\065\374\046\134\331\204\117\311\075\046\075\127\233\256
+\327\126
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "thawte Primary Root CA - G3"
+#
+# Issuer: CN=thawte Primary Root CA - G3,OU="(c) 2008 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Serial Number:60:01:97:b7:46:a7:ea:b4:b4:9a:d6:4b:2f:f7:90:fb
+# Subject: CN=thawte Primary Root CA - G3,OU="(c) 2008 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Not Valid Before: Wed Apr 02 00:00:00 2008
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (MD5): FB:1B:5D:43:8A:94:CD:44:C6:76:F2:43:4B:47:E7:31
+# Fingerprint (SHA1): F1:8B:53:8D:1B:E9:03:B6:A6:F0:56:43:5B:17:15:89:CA:F3:6B:F2
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "thawte Primary Root CA - G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013
+\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
+\156\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040
+\062\060\060\070\040\164\150\141\167\164\145\054\040\111\156\143
+\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172
+\145\144\040\165\163\145\040\157\156\154\171\061\044\060\042\006
+\003\125\004\003\023\033\164\150\141\167\164\145\040\120\162\151
+\155\141\162\171\040\122\157\157\164\040\103\101\040\055\040\107
+\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013
+\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
+\156\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040
+\062\060\060\070\040\164\150\141\167\164\145\054\040\111\156\143
+\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172
+\145\144\040\165\163\145\040\157\156\154\171\061\044\060\042\006
+\003\125\004\003\023\033\164\150\141\167\164\145\040\120\162\151
+\155\141\162\171\040\122\157\157\164\040\103\101\040\055\040\107
+\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\140\001\227\267\106\247\352\264\264\232\326\113\057\367
+\220\373
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\052\060\202\003\022\240\003\002\001\002\002\020\140
+\001\227\267\106\247\352\264\264\232\326\113\057\367\220\373\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\256\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025
+\060\023\006\003\125\004\012\023\014\164\150\141\167\164\145\054
+\040\111\156\143\056\061\050\060\046\006\003\125\004\013\023\037
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145
+\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061
+\070\060\066\006\003\125\004\013\023\057\050\143\051\040\062\060
+\060\070\040\164\150\141\167\164\145\054\040\111\156\143\056\040
+\055\040\106\157\162\040\141\165\164\150\157\162\151\172\145\144
+\040\165\163\145\040\157\156\154\171\061\044\060\042\006\003\125
+\004\003\023\033\164\150\141\167\164\145\040\120\162\151\155\141
+\162\171\040\122\157\157\164\040\103\101\040\055\040\107\063\060
+\036\027\015\060\070\060\064\060\062\060\060\060\060\060\060\132
+\027\015\063\067\061\062\060\061\062\063\065\071\065\071\132\060
+\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164\145
+\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013\023
+\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
+\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
+\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040\062
+\060\060\070\040\164\150\141\167\164\145\054\040\111\156\143\056
+\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172\145
+\144\040\165\163\145\040\157\156\154\171\061\044\060\042\006\003
+\125\004\003\023\033\164\150\141\167\164\145\040\120\162\151\155
+\141\162\171\040\122\157\157\164\040\103\101\040\055\040\107\063
+\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
+\000\262\277\047\054\373\333\330\133\335\170\173\033\236\167\146
+\201\313\076\274\174\256\363\246\047\232\064\243\150\061\161\070
+\063\142\344\363\161\146\171\261\251\145\243\245\213\325\217\140
+\055\077\102\314\252\153\062\300\043\313\054\101\335\344\337\374
+\141\234\342\163\262\042\225\021\103\030\137\304\266\037\127\154
+\012\005\130\042\310\066\114\072\174\245\321\317\206\257\210\247
+\104\002\023\164\161\163\012\102\131\002\370\033\024\153\102\337
+\157\137\272\153\202\242\235\133\347\112\275\036\001\162\333\113
+\164\350\073\177\177\175\037\004\264\046\233\340\264\132\254\107
+\075\125\270\327\260\046\122\050\001\061\100\146\330\331\044\275
+\366\052\330\354\041\111\134\233\366\172\351\177\125\065\176\226
+\153\215\223\223\047\313\222\273\352\254\100\300\237\302\370\200
+\317\135\364\132\334\316\164\206\246\076\154\013\123\312\275\222
+\316\031\006\162\346\014\134\070\151\307\004\326\274\154\316\133
+\366\367\150\234\334\045\025\110\210\241\351\251\370\230\234\340
+\363\325\061\050\141\021\154\147\226\215\071\231\313\302\105\044
+\071\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125
+\035\016\004\026\004\024\255\154\252\224\140\234\355\344\377\372
+\076\012\164\053\143\003\367\266\131\277\060\015\006\011\052\206
+\110\206\367\015\001\001\013\005\000\003\202\001\001\000\032\100
+\330\225\145\254\011\222\211\306\071\364\020\345\251\016\146\123
+\135\170\336\372\044\221\273\347\104\121\337\306\026\064\012\357
+\152\104\121\352\053\007\212\003\172\303\353\077\012\054\122\026
+\240\053\103\271\045\220\077\160\251\063\045\155\105\032\050\073
+\047\317\252\303\051\102\033\337\073\114\300\063\064\133\101\210
+\277\153\053\145\257\050\357\262\365\303\252\146\316\173\126\356
+\267\310\313\147\301\311\234\032\030\270\304\303\111\003\361\140
+\016\120\315\106\305\363\167\171\367\266\025\340\070\333\307\057
+\050\240\014\077\167\046\164\331\045\022\332\061\332\032\036\334
+\051\101\221\042\074\151\247\273\002\362\266\134\047\003\211\364
+\006\352\233\344\162\202\343\241\011\301\351\000\031\323\076\324
+\160\153\272\161\246\252\130\256\364\273\351\154\266\357\207\314
+\233\273\377\071\346\126\141\323\012\247\304\134\114\140\173\005
+\167\046\172\277\330\007\122\054\142\367\160\143\331\071\274\157
+\034\302\171\334\166\051\257\316\305\054\144\004\136\210\066\156
+\061\324\100\032\142\064\066\077\065\001\256\254\143\240
+END
+
+# Trust for Certificate "thawte Primary Root CA - G3"
+# Issuer: CN=thawte Primary Root CA - G3,OU="(c) 2008 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Serial Number:60:01:97:b7:46:a7:ea:b4:b4:9a:d6:4b:2f:f7:90:fb
+# Subject: CN=thawte Primary Root CA - G3,OU="(c) 2008 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
+# Not Valid Before: Wed Apr 02 00:00:00 2008
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (MD5): FB:1B:5D:43:8A:94:CD:44:C6:76:F2:43:4B:47:E7:31
+# Fingerprint (SHA1): F1:8B:53:8D:1B:E9:03:B6:A6:F0:56:43:5B:17:15:89:CA:F3:6B:F2
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "thawte Primary Root CA - G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\361\213\123\215\033\351\003\266\246\360\126\103\133\027\025\211
+\312\363\153\362
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\373\033\135\103\212\224\315\104\306\166\362\103\113\107\347\061
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\164\150\141\167\164
+\145\054\040\111\156\143\056\061\050\060\046\006\003\125\004\013
+\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
+\156\061\070\060\066\006\003\125\004\013\023\057\050\143\051\040
+\062\060\060\070\040\164\150\141\167\164\145\054\040\111\156\143
+\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151\172
+\145\144\040\165\163\145\040\157\156\154\171\061\044\060\042\006
+\003\125\004\003\023\033\164\150\141\167\164\145\040\120\162\151
+\155\141\162\171\040\122\157\157\164\040\103\101\040\055\040\107
+\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\140\001\227\267\106\247\352\264\264\232\326\113\057\367
+\220\373
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GeoTrust Primary Certification Authority - G2"
+#
+# Issuer: CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Serial Number:3c:b2:f4:48:0a:00:e2:fe:eb:24:3b:5e:60:3e:c3:6b
+# Subject: CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Not Valid Before: Mon Nov 05 00:00:00 2007
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 01:5E:D8:6B:BD:6F:3D:8E:A1:31:F8:12:E0:98:73:6A
+# Fingerprint (SHA1): 8D:17:84:D5:37:F3:03:7D:EC:70:FE:57:8B:51:9A:99:E6:10:D7:B0
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Primary Certification Authority - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\050\143\051\040\062\060\060\067\040\107\145\157\124
+\162\165\163\164\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\066\060\064\006\003\125\004\003\023\055\107\145
+\157\124\162\165\163\164\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\050\143\051\040\062\060\060\067\040\107\145\157\124
+\162\165\163\164\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\066\060\064\006\003\125\004\003\023\055\107\145
+\157\124\162\165\163\164\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\074\262\364\110\012\000\342\376\353\044\073\136\140\076
+\303\153
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\256\060\202\002\065\240\003\002\001\002\002\020\074
+\262\364\110\012\000\342\376\353\044\073\136\140\076\303\153\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\230\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\026\060\024\006
+\003\125\004\012\023\015\107\145\157\124\162\165\163\164\040\111
+\156\143\056\061\071\060\067\006\003\125\004\013\023\060\050\143
+\051\040\062\060\060\067\040\107\145\157\124\162\165\163\164\040
+\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157
+\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061\066
+\060\064\006\003\125\004\003\023\055\107\145\157\124\162\165\163
+\164\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\040\055\040\107\062\060\036\027\015\060\067\061\061\060\065
+\060\060\060\060\060\060\132\027\015\063\070\060\061\061\070\062
+\063\065\071\065\071\132\060\201\230\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\026\060\024\006\003\125\004\012\023
+\015\107\145\157\124\162\165\163\164\040\111\156\143\056\061\071
+\060\067\006\003\125\004\013\023\060\050\143\051\040\062\060\060
+\067\040\107\145\157\124\162\165\163\164\040\111\156\143\056\040
+\055\040\106\157\162\040\141\165\164\150\157\162\151\172\145\144
+\040\165\163\145\040\157\156\154\171\061\066\060\064\006\003\125
+\004\003\023\055\107\145\157\124\162\165\163\164\040\120\162\151
+\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
+\062\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005
+\053\201\004\000\042\003\142\000\004\025\261\350\375\003\025\103
+\345\254\353\207\067\021\142\357\322\203\066\122\175\105\127\013
+\112\215\173\124\073\072\156\137\025\002\300\120\246\317\045\057
+\175\312\110\270\307\120\143\034\052\041\010\174\232\066\330\013
+\376\321\046\305\130\061\060\050\045\363\135\135\243\270\266\245
+\264\222\355\154\054\237\353\335\103\211\242\074\113\110\221\035
+\120\354\046\337\326\140\056\275\041\243\102\060\100\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\035
+\006\003\125\035\016\004\026\004\024\025\137\065\127\121\125\373
+\045\262\255\003\151\374\001\243\372\276\021\125\325\060\012\006
+\010\052\206\110\316\075\004\003\003\003\147\000\060\144\002\060
+\144\226\131\246\350\011\336\213\272\372\132\210\210\360\037\221
+\323\106\250\362\112\114\002\143\373\154\137\070\333\056\101\223
+\251\016\346\235\334\061\034\262\240\247\030\034\171\341\307\066
+\002\060\072\126\257\232\164\154\366\373\203\340\063\323\010\137
+\241\234\302\133\237\106\326\266\313\221\006\143\242\006\347\063
+\254\076\250\201\022\320\313\272\320\222\013\266\236\226\252\004
+\017\212
+END
+
+# Trust for Certificate "GeoTrust Primary Certification Authority - G2"
+# Issuer: CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Serial Number:3c:b2:f4:48:0a:00:e2:fe:eb:24:3b:5e:60:3e:c3:6b
+# Subject: CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
+# Not Valid Before: Mon Nov 05 00:00:00 2007
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 01:5E:D8:6B:BD:6F:3D:8E:A1:31:F8:12:E0:98:73:6A
+# Fingerprint (SHA1): 8D:17:84:D5:37:F3:03:7D:EC:70:FE:57:8B:51:9A:99:E6:10:D7:B0
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GeoTrust Primary Certification Authority - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\215\027\204\325\067\363\003\175\354\160\376\127\213\121\232\231
+\346\020\327\260
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\001\136\330\153\275\157\075\216\241\061\370\022\340\230\163\152
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
+\165\163\164\040\111\156\143\056\061\071\060\067\006\003\125\004
+\013\023\060\050\143\051\040\062\060\060\067\040\107\145\157\124
+\162\165\163\164\040\111\156\143\056\040\055\040\106\157\162\040
+\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
+\156\154\171\061\066\060\064\006\003\125\004\003\023\055\107\145
+\157\124\162\165\163\164\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\074\262\364\110\012\000\342\376\353\044\073\136\140\076
+\303\153
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "VeriSign Universal Root Certification Authority"
+#
+# Issuer: CN=VeriSign Universal Root Certification Authority,OU="(c) 2008 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:40:1a:c4:64:21:b3:13:21:03:0e:bb:e4:12:1a:c5:1d
+# Subject: CN=VeriSign Universal Root Certification Authority,OU="(c) 2008 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Wed Apr 02 00:00:00 2008
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (MD5): 8E:AD:B5:01:AA:4D:81:E4:8C:1D:D1:E1:14:00:95:19
+# Fingerprint (SHA1): 36:79:CA:35:66:87:72:30:4D:30:A5:FB:87:3B:0F:A7:7B:B7:0D:54
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign Universal Root Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\275\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\070\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\070\060\066\006\003\125\004\003\023
+\057\126\145\162\151\123\151\147\156\040\125\156\151\166\145\162
+\163\141\154\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\275\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\070\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\070\060\066\006\003\125\004\003\023
+\057\126\145\162\151\123\151\147\156\040\125\156\151\166\145\162
+\163\141\154\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\100\032\304\144\041\263\023\041\003\016\273\344\022\032
+\305\035
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\271\060\202\003\241\240\003\002\001\002\002\020\100
+\032\304\144\041\263\023\041\003\016\273\344\022\032\305\035\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\275\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
+\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
+\156\054\040\111\156\143\056\061\037\060\035\006\003\125\004\013
+\023\026\126\145\162\151\123\151\147\156\040\124\162\165\163\164
+\040\116\145\164\167\157\162\153\061\072\060\070\006\003\125\004
+\013\023\061\050\143\051\040\062\060\060\070\040\126\145\162\151
+\123\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162
+\040\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040
+\157\156\154\171\061\070\060\066\006\003\125\004\003\023\057\126
+\145\162\151\123\151\147\156\040\125\156\151\166\145\162\163\141
+\154\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
+\027\015\060\070\060\064\060\062\060\060\060\060\060\060\132\027
+\015\063\067\061\062\060\061\062\063\065\071\065\071\132\060\201
+\275\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
+\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
+\156\054\040\111\156\143\056\061\037\060\035\006\003\125\004\013
+\023\026\126\145\162\151\123\151\147\156\040\124\162\165\163\164
+\040\116\145\164\167\157\162\153\061\072\060\070\006\003\125\004
+\013\023\061\050\143\051\040\062\060\060\070\040\126\145\162\151
+\123\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162
+\040\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040
+\157\156\154\171\061\070\060\066\006\003\125\004\003\023\057\126
+\145\162\151\123\151\147\156\040\125\156\151\166\145\162\163\141
+\154\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\202
+\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\307
+\141\067\136\261\001\064\333\142\327\025\233\377\130\132\214\043
+\043\326\140\216\221\327\220\230\203\172\346\130\031\070\214\305
+\366\345\144\205\264\242\161\373\355\275\271\332\315\115\000\264
+\310\055\163\245\307\151\161\225\037\071\074\262\104\007\234\350
+\016\372\115\112\304\041\337\051\141\217\062\042\141\202\305\207
+\037\156\214\174\137\026\040\121\104\321\160\117\127\352\343\034
+\343\314\171\356\130\330\016\302\263\105\223\300\054\347\232\027
+\053\173\000\067\172\101\063\170\341\063\342\363\020\032\177\207
+\054\276\366\365\367\102\342\345\277\207\142\211\137\000\113\337
+\305\335\344\165\104\062\101\072\036\161\156\151\313\013\165\106
+\010\321\312\322\053\225\320\317\373\271\100\153\144\214\127\115
+\374\023\021\171\204\355\136\124\366\064\237\010\001\363\020\045
+\006\027\112\332\361\035\172\146\153\230\140\146\244\331\357\322
+\056\202\361\360\357\011\352\104\311\025\152\342\003\156\063\323
+\254\237\125\000\307\366\010\152\224\271\137\334\340\063\361\204
+\140\371\133\047\021\264\374\026\362\273\126\152\200\045\215\002
+\003\001\000\001\243\201\262\060\201\257\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\155\006\010\053
+\006\001\005\005\007\001\014\004\141\060\137\241\135\240\133\060
+\131\060\127\060\125\026\011\151\155\141\147\145\057\147\151\146
+\060\041\060\037\060\007\006\005\053\016\003\002\032\004\024\217
+\345\323\032\206\254\215\216\153\303\317\200\152\324\110\030\054
+\173\031\056\060\045\026\043\150\164\164\160\072\057\057\154\157
+\147\157\056\166\145\162\151\163\151\147\156\056\143\157\155\057
+\166\163\154\157\147\157\056\147\151\146\060\035\006\003\125\035
+\016\004\026\004\024\266\167\372\151\110\107\237\123\022\325\302
+\352\007\062\166\007\321\227\007\031\060\015\006\011\052\206\110
+\206\367\015\001\001\013\005\000\003\202\001\001\000\112\370\370
+\260\003\346\054\147\173\344\224\167\143\314\156\114\371\175\016
+\015\334\310\271\065\271\160\117\143\372\044\372\154\203\214\107
+\235\073\143\363\232\371\166\062\225\221\261\167\274\254\232\276
+\261\344\061\041\306\201\225\126\132\016\261\302\324\261\246\131
+\254\361\143\313\270\114\035\131\220\112\357\220\026\050\037\132
+\256\020\373\201\120\070\014\154\314\361\075\303\365\143\343\263
+\343\041\311\044\071\351\375\025\146\106\364\033\021\320\115\163
+\243\175\106\371\075\355\250\137\142\324\361\077\370\340\164\127
+\053\030\235\201\264\304\050\332\224\227\245\160\353\254\035\276
+\007\021\360\325\333\335\345\214\360\325\062\260\203\346\127\342
+\217\277\276\241\252\277\075\035\265\324\070\352\327\260\134\072
+\117\152\077\217\300\146\154\143\252\351\331\244\026\364\201\321
+\225\024\016\175\315\225\064\331\322\217\160\163\201\173\234\176
+\275\230\141\330\105\207\230\220\305\353\206\060\306\065\277\360
+\377\303\125\210\203\113\357\005\222\006\161\362\270\230\223\267
+\354\315\202\141\361\070\346\117\227\230\052\132\215
+END
+
+# Trust for Certificate "VeriSign Universal Root Certification Authority"
+# Issuer: CN=VeriSign Universal Root Certification Authority,OU="(c) 2008 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:40:1a:c4:64:21:b3:13:21:03:0e:bb:e4:12:1a:c5:1d
+# Subject: CN=VeriSign Universal Root Certification Authority,OU="(c) 2008 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Wed Apr 02 00:00:00 2008
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (MD5): 8E:AD:B5:01:AA:4D:81:E4:8C:1D:D1:E1:14:00:95:19
+# Fingerprint (SHA1): 36:79:CA:35:66:87:72:30:4D:30:A5:FB:87:3B:0F:A7:7B:B7:0D:54
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign Universal Root Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\066\171\312\065\146\207\162\060\115\060\245\373\207\073\017\247
+\173\267\015\124
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\216\255\265\001\252\115\201\344\214\035\321\341\024\000\225\031
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\275\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\070\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\070\060\066\006\003\125\004\003\023
+\057\126\145\162\151\123\151\147\156\040\125\156\151\166\145\162
+\163\141\154\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\100\032\304\144\041\263\023\041\003\016\273\344\022\032
+\305\035
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
+#
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU="(c) 2007 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:2f:80:fe:23:8c:0e:22:0f:48:67:12:28:91:87:ac:b3
+# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU="(c) 2007 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Mon Nov 05 00:00:00 2007
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 3A:52:E1:E7:FD:6F:3A:E3:6F:F3:6F:99:1B:F9:22:41
+# Fingerprint (SHA1): 22:D5:D8:DF:8F:02:31:D1:8D:F7:9D:B7:CF:8A:2D:64:C9:3F:6C:3A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign Class 3 Public Primary Certification Authority - G4"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\067\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\064
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\067\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\057\200\376\043\214\016\042\017\110\147\022\050\221\207
+\254\263
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\204\060\202\003\012\240\003\002\001\002\002\020\057
+\200\376\043\214\016\042\017\110\147\022\050\221\207\254\263\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\312\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006
+\003\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040
+\111\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126
+\145\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061
+\050\143\051\040\062\060\060\067\040\126\145\162\151\123\151\147
+\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
+\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
+\171\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151
+\123\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142
+\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\040\055\040\107\064\060\036\027\015\060\067\061\061
+\060\065\060\060\060\060\060\060\132\027\015\063\070\060\061\061
+\070\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
+\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
+\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
+\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
+\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051
+\040\062\060\060\067\040\126\145\162\151\123\151\147\156\054\040
+\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157
+\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105
+\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147
+\156\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143
+\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\064\060\166\060\020\006\007\052\206\110\316\075
+\002\001\006\005\053\201\004\000\042\003\142\000\004\247\126\172
+\174\122\332\144\233\016\055\134\330\136\254\222\075\376\001\346
+\031\112\075\024\003\113\372\140\047\040\331\203\211\151\372\124
+\306\232\030\136\125\052\144\336\006\366\215\112\073\255\020\074
+\145\075\220\210\004\211\340\060\141\263\256\135\001\247\173\336
+\174\262\276\312\145\141\000\206\256\332\217\173\320\211\255\115
+\035\131\232\101\261\274\107\200\334\236\142\303\371\243\201\262
+\060\201\257\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\155\006\010\053\006\001\005\005\007\001\014
+\004\141\060\137\241\135\240\133\060\131\060\127\060\125\026\011
+\151\155\141\147\145\057\147\151\146\060\041\060\037\060\007\006
+\005\053\016\003\002\032\004\024\217\345\323\032\206\254\215\216
+\153\303\317\200\152\324\110\030\054\173\031\056\060\045\026\043
+\150\164\164\160\072\057\057\154\157\147\157\056\166\145\162\151
+\163\151\147\156\056\143\157\155\057\166\163\154\157\147\157\056
+\147\151\146\060\035\006\003\125\035\016\004\026\004\024\263\026
+\221\375\356\246\156\344\265\056\111\217\207\170\201\200\354\345
+\261\265\060\012\006\010\052\206\110\316\075\004\003\003\003\150
+\000\060\145\002\060\146\041\014\030\046\140\132\070\173\126\102
+\340\247\374\066\204\121\221\040\054\166\115\103\075\304\035\204
+\043\320\254\326\174\065\006\316\315\151\275\220\015\333\154\110
+\102\035\016\252\102\002\061\000\234\075\110\071\043\071\130\032
+\025\022\131\152\236\357\325\131\262\035\122\054\231\161\315\307
+\051\337\033\052\141\173\161\321\336\363\300\345\015\072\112\252
+\055\247\330\206\052\335\056\020
+END
+
+# Trust for Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU="(c) 2007 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:2f:80:fe:23:8c:0e:22:0f:48:67:12:28:91:87:ac:b3
+# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU="(c) 2007 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Mon Nov 05 00:00:00 2007
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (MD5): 3A:52:E1:E7:FD:6F:3A:E3:6F:F3:6F:99:1B:F9:22:41
+# Fingerprint (SHA1): 22:D5:D8:DF:8F:02:31:D1:8D:F7:9D:B7:CF:8A:2D:64:C9:3F:6C:3A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign Class 3 Public Primary Certification Authority - G4"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\042\325\330\337\217\002\061\321\215\367\235\267\317\212\055\144
+\311\077\154\072
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\072\122\341\347\375\157\072\343\157\363\157\231\033\371\042\101
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\067\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\057\200\376\043\214\016\042\017\110\147\022\050\221\207
+\254\263
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "NetLock Arany (Class Gold) Főtanúsítvány"
+#
+# Issuer: CN=NetLock Arany (Class Gold) F..tan..s..tv..ny,OU=Tan..s..tv..nykiad..k (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
+# Serial Number:49:41:2c:e4:00:10
+# Subject: CN=NetLock Arany (Class Gold) F..tan..s..tv..ny,OU=Tan..s..tv..nykiad..k (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
+# Not Valid Before: Thu Dec 11 15:08:21 2008
+# Not Valid After : Wed Dec 06 15:08:21 2028
+# Fingerprint (MD5): C5:A1:B7:FF:73:DD:D6:D7:34:32:18:DF:FC:3C:AD:88
+# Fingerprint (SHA1): 06:08:3F:59:3F:15:A1:04:A0:69:A4:6B:A9:03:D0:06:B7:97:09:91
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "NetLock Arany (Class Gold) Főtanúsítvány"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\247\061\013\060\011\006\003\125\004\006\023\002\110\125
+\061\021\060\017\006\003\125\004\007\014\010\102\165\144\141\160
+\145\163\164\061\025\060\023\006\003\125\004\012\014\014\116\145
+\164\114\157\143\153\040\113\146\164\056\061\067\060\065\006\003
+\125\004\013\014\056\124\141\156\303\272\163\303\255\164\166\303
+\241\156\171\153\151\141\144\303\263\153\040\050\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143
+\145\163\051\061\065\060\063\006\003\125\004\003\014\054\116\145
+\164\114\157\143\153\040\101\162\141\156\171\040\050\103\154\141
+\163\163\040\107\157\154\144\051\040\106\305\221\164\141\156\303
+\272\163\303\255\164\166\303\241\156\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\247\061\013\060\011\006\003\125\004\006\023\002\110\125
+\061\021\060\017\006\003\125\004\007\014\010\102\165\144\141\160
+\145\163\164\061\025\060\023\006\003\125\004\012\014\014\116\145
+\164\114\157\143\153\040\113\146\164\056\061\067\060\065\006\003
+\125\004\013\014\056\124\141\156\303\272\163\303\255\164\166\303
+\241\156\171\153\151\141\144\303\263\153\040\050\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143
+\145\163\051\061\065\060\063\006\003\125\004\003\014\054\116\145
+\164\114\157\143\153\040\101\162\141\156\171\040\050\103\154\141
+\163\163\040\107\157\154\144\051\040\106\305\221\164\141\156\303
+\272\163\303\255\164\166\303\241\156\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\111\101\054\344\000\020
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\025\060\202\002\375\240\003\002\001\002\002\006\111
+\101\054\344\000\020\060\015\006\011\052\206\110\206\367\015\001
+\001\013\005\000\060\201\247\061\013\060\011\006\003\125\004\006
+\023\002\110\125\061\021\060\017\006\003\125\004\007\014\010\102
+\165\144\141\160\145\163\164\061\025\060\023\006\003\125\004\012
+\014\014\116\145\164\114\157\143\153\040\113\146\164\056\061\067
+\060\065\006\003\125\004\013\014\056\124\141\156\303\272\163\303
+\255\164\166\303\241\156\171\153\151\141\144\303\263\153\040\050
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145
+\162\166\151\143\145\163\051\061\065\060\063\006\003\125\004\003
+\014\054\116\145\164\114\157\143\153\040\101\162\141\156\171\040
+\050\103\154\141\163\163\040\107\157\154\144\051\040\106\305\221
+\164\141\156\303\272\163\303\255\164\166\303\241\156\171\060\036
+\027\015\060\070\061\062\061\061\061\065\060\070\062\061\132\027
+\015\062\070\061\062\060\066\061\065\060\070\062\061\132\060\201
+\247\061\013\060\011\006\003\125\004\006\023\002\110\125\061\021
+\060\017\006\003\125\004\007\014\010\102\165\144\141\160\145\163
+\164\061\025\060\023\006\003\125\004\012\014\014\116\145\164\114
+\157\143\153\040\113\146\164\056\061\067\060\065\006\003\125\004
+\013\014\056\124\141\156\303\272\163\303\255\164\166\303\241\156
+\171\153\151\141\144\303\263\153\040\050\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145\163
+\051\061\065\060\063\006\003\125\004\003\014\054\116\145\164\114
+\157\143\153\040\101\162\141\156\171\040\050\103\154\141\163\163
+\040\107\157\154\144\051\040\106\305\221\164\141\156\303\272\163
+\303\255\164\166\303\241\156\171\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\304\044\136\163\276\113\155
+\024\303\241\364\343\227\220\156\322\060\105\036\074\356\147\331
+\144\340\032\212\177\312\060\312\203\343\040\301\343\364\072\323
+\224\137\032\174\133\155\277\060\117\204\047\366\237\037\111\274
+\306\231\012\220\362\017\365\177\103\204\067\143\121\213\172\245
+\160\374\172\130\315\216\233\355\303\106\154\204\160\135\332\363
+\001\220\043\374\116\060\251\176\341\047\143\347\355\144\074\240
+\270\311\063\143\376\026\220\377\260\270\375\327\250\300\300\224
+\103\013\266\325\131\246\236\126\320\044\037\160\171\257\333\071
+\124\015\145\165\331\025\101\224\001\257\136\354\366\215\361\377
+\255\144\376\040\232\327\134\353\376\246\037\010\144\243\213\166
+\125\255\036\073\050\140\056\207\045\350\252\257\037\306\144\106
+\040\267\160\177\074\336\110\333\226\123\267\071\167\344\032\342
+\307\026\204\166\227\133\057\273\031\025\205\370\151\205\365\231
+\247\251\362\064\247\251\266\246\003\374\157\206\075\124\174\166
+\004\233\153\371\100\135\000\064\307\056\231\165\235\345\210\003
+\252\115\370\003\322\102\166\300\033\002\003\000\250\213\243\105
+\060\103\060\022\006\003\125\035\023\001\001\377\004\010\060\006
+\001\001\377\002\001\004\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\035\006\003\125\035\016\004\026\004
+\024\314\372\147\223\360\266\270\320\245\300\036\363\123\375\214
+\123\337\203\327\226\060\015\006\011\052\206\110\206\367\015\001
+\001\013\005\000\003\202\001\001\000\253\177\356\034\026\251\234
+\074\121\000\240\300\021\010\005\247\231\346\157\001\210\124\141
+\156\361\271\030\255\112\255\376\201\100\043\224\057\373\165\174
+\057\050\113\142\044\201\202\013\365\141\361\034\156\270\141\070
+\353\201\372\142\241\073\132\142\323\224\145\304\341\346\155\202
+\370\057\045\160\262\041\046\301\162\121\037\214\054\303\204\220
+\303\132\217\272\317\364\247\145\245\353\230\321\373\005\262\106
+\165\025\043\152\157\205\143\060\200\360\325\236\037\051\034\302
+\154\260\120\131\135\220\133\073\250\015\060\317\277\175\177\316
+\361\235\203\275\311\106\156\040\246\371\141\121\272\041\057\173
+\276\245\025\143\241\324\225\207\361\236\271\363\211\363\075\205
+\270\270\333\276\265\271\051\371\332\067\005\000\111\224\003\204
+\104\347\277\103\061\317\165\213\045\321\364\246\144\365\222\366
+\253\005\353\075\351\245\013\066\142\332\314\006\137\066\213\266
+\136\061\270\052\373\136\366\161\337\104\046\236\304\346\015\221
+\264\056\165\225\200\121\152\113\060\246\260\142\241\223\361\233
+\330\316\304\143\165\077\131\107\261
+END
+
+# Trust for Certificate "NetLock Arany (Class Gold) Főtanúsítvány"
+# Issuer: CN=NetLock Arany (Class Gold) F..tan..s..tv..ny,OU=Tan..s..tv..nykiad..k (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
+# Serial Number:49:41:2c:e4:00:10
+# Subject: CN=NetLock Arany (Class Gold) F..tan..s..tv..ny,OU=Tan..s..tv..nykiad..k (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
+# Not Valid Before: Thu Dec 11 15:08:21 2008
+# Not Valid After : Wed Dec 06 15:08:21 2028
+# Fingerprint (MD5): C5:A1:B7:FF:73:DD:D6:D7:34:32:18:DF:FC:3C:AD:88
+# Fingerprint (SHA1): 06:08:3F:59:3F:15:A1:04:A0:69:A4:6B:A9:03:D0:06:B7:97:09:91
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "NetLock Arany (Class Gold) Főtanúsítvány"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\006\010\077\131\077\025\241\004\240\151\244\153\251\003\320\006
+\267\227\011\221
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\305\241\267\377\163\335\326\327\064\062\030\337\374\074\255\210
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\247\061\013\060\011\006\003\125\004\006\023\002\110\125
+\061\021\060\017\006\003\125\004\007\014\010\102\165\144\141\160
+\145\163\164\061\025\060\023\006\003\125\004\012\014\014\116\145
+\164\114\157\143\153\040\113\146\164\056\061\067\060\065\006\003
+\125\004\013\014\056\124\141\156\303\272\163\303\255\164\166\303
+\241\156\171\153\151\141\144\303\263\153\040\050\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143
+\145\163\051\061\065\060\063\006\003\125\004\003\014\054\116\145
+\164\114\157\143\153\040\101\162\141\156\171\040\050\103\154\141
+\163\163\040\107\157\154\144\051\040\106\305\221\164\141\156\303
+\272\163\303\255\164\166\303\241\156\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\111\101\054\344\000\020
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Staat der Nederlanden Root CA - G2"
+#
+# Issuer: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
+# Serial Number: 10000012 (0x98968c)
+# Subject: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
+# Not Valid Before: Wed Mar 26 11:18:17 2008
+# Not Valid After : Wed Mar 25 11:03:10 2020
+# Fingerprint (MD5): 7C:A5:0F:F8:5B:9A:7D:6D:30:AE:54:5A:E3:42:A2:8A
+# Fingerprint (SHA1): 59:AF:82:79:91:86:C7:B4:75:07:CB:CF:03:57:46:EB:04:DD:B7:16
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Staat der Nederlanden Root CA - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\053\060\051\006\003\125\004\003\014\042\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\122\157\157\164\040\103\101\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\053\060\051\006\003\125\004\003\014\042\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\122\157\157\164\040\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\000\230\226\214
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\312\060\202\003\262\240\003\002\001\002\002\004\000
+\230\226\214\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\036\060\034\006\003\125\004\012\014\025\123\164\141\141
+\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144\145
+\156\061\053\060\051\006\003\125\004\003\014\042\123\164\141\141
+\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144\145
+\156\040\122\157\157\164\040\103\101\040\055\040\107\062\060\036
+\027\015\060\070\060\063\062\066\061\061\061\070\061\067\132\027
+\015\062\060\060\063\062\065\061\061\060\063\061\060\132\060\132
+\061\013\060\011\006\003\125\004\006\023\002\116\114\061\036\060
+\034\006\003\125\004\012\014\025\123\164\141\141\164\040\144\145
+\162\040\116\145\144\145\162\154\141\156\144\145\156\061\053\060
+\051\006\003\125\004\003\014\042\123\164\141\141\164\040\144\145
+\162\040\116\145\144\145\162\154\141\156\144\145\156\040\122\157
+\157\164\040\103\101\040\055\040\107\062\060\202\002\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
+\017\000\060\202\002\012\002\202\002\001\000\305\131\347\157\165
+\252\076\113\234\265\270\254\236\013\344\371\331\312\253\135\217
+\265\071\020\202\327\257\121\340\073\341\000\110\152\317\332\341
+\006\103\021\231\252\024\045\022\255\042\350\000\155\103\304\251
+\270\345\037\211\113\147\275\141\110\357\375\322\340\140\210\345
+\271\030\140\050\303\167\053\255\260\067\252\067\336\144\131\052
+\106\127\344\113\271\370\067\174\325\066\347\200\301\266\363\324
+\147\233\226\350\316\327\306\012\123\320\153\111\226\363\243\013
+\005\167\110\367\045\345\160\254\060\024\040\045\343\177\165\132
+\345\110\370\116\173\003\007\004\372\202\141\207\156\360\073\304
+\244\307\320\365\164\076\245\135\032\010\362\233\045\322\366\254
+\004\046\076\125\072\142\050\245\173\262\060\257\370\067\302\321
+\272\326\070\375\364\357\111\060\067\231\046\041\110\205\001\251
+\345\026\347\334\220\125\337\017\350\070\315\231\067\041\117\135
+\365\042\157\152\305\022\026\140\027\125\362\145\146\246\247\060
+\221\070\301\070\035\206\004\204\272\032\045\170\136\235\257\314
+\120\140\326\023\207\122\355\143\037\155\145\175\302\025\030\164
+\312\341\176\144\051\214\162\330\026\023\175\013\111\112\361\050
+\033\040\164\153\305\075\335\260\252\110\011\075\056\202\224\315
+\032\145\331\053\210\232\231\274\030\176\237\356\175\146\174\076
+\275\224\270\201\316\315\230\060\170\301\157\147\320\276\137\340
+\150\355\336\342\261\311\054\131\170\222\252\337\053\140\143\362
+\345\136\271\343\312\372\177\120\206\076\242\064\030\014\011\150
+\050\021\034\344\341\271\134\076\107\272\062\077\030\314\133\204
+\365\363\153\164\304\162\164\341\343\213\240\112\275\215\146\057
+\352\255\065\332\040\323\210\202\141\360\022\042\266\274\320\325
+\244\354\257\124\210\045\044\074\247\155\261\162\051\077\076\127
+\246\177\125\257\156\046\306\376\347\314\100\134\121\104\201\012
+\170\336\112\316\125\277\035\325\331\267\126\357\360\166\377\013
+\171\265\257\275\373\251\151\221\106\227\150\200\024\066\035\263
+\177\273\051\230\066\245\040\372\202\140\142\063\244\354\326\272
+\007\247\156\305\317\024\246\347\326\222\064\330\201\365\374\035
+\135\252\134\036\366\243\115\073\270\367\071\002\003\001\000\001
+\243\201\227\060\201\224\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\122\006\003\125\035\040\004\113
+\060\111\060\107\006\004\125\035\040\000\060\077\060\075\006\010
+\053\006\001\005\005\007\002\001\026\061\150\164\164\160\072\057
+\057\167\167\167\056\160\153\151\157\166\145\162\150\145\151\144
+\056\156\154\057\160\157\154\151\143\151\145\163\057\162\157\157
+\164\055\160\157\154\151\143\171\055\107\062\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125
+\035\016\004\026\004\024\221\150\062\207\025\035\211\342\265\361
+\254\066\050\064\215\013\174\142\210\353\060\015\006\011\052\206
+\110\206\367\015\001\001\013\005\000\003\202\002\001\000\250\101
+\112\147\052\222\201\202\120\156\341\327\330\263\071\073\363\002
+\025\011\120\121\357\055\275\044\173\210\206\073\371\264\274\222
+\011\226\271\366\300\253\043\140\006\171\214\021\116\121\322\171
+\200\063\373\235\110\276\354\101\103\201\037\176\107\100\034\345
+\172\010\312\252\213\165\255\024\304\302\350\146\074\202\007\247
+\346\047\202\133\030\346\017\156\331\120\076\212\102\030\051\306
+\264\126\374\126\020\240\005\027\275\014\043\177\364\223\355\234
+\032\121\276\335\105\101\277\221\044\264\037\214\351\137\317\173
+\041\231\237\225\237\071\072\106\034\154\371\315\173\234\220\315
+\050\251\307\251\125\273\254\142\064\142\065\023\113\024\072\125
+\203\271\206\215\222\246\306\364\007\045\124\314\026\127\022\112
+\202\170\310\024\331\027\202\046\055\135\040\037\171\256\376\324
+\160\026\026\225\203\330\065\071\377\122\135\165\034\026\305\023
+\125\317\107\314\165\145\122\112\336\360\260\247\344\012\226\013
+\373\255\302\342\045\204\262\335\344\275\176\131\154\233\360\360
+\330\347\312\362\351\227\070\176\211\276\314\373\071\027\141\077
+\162\333\072\221\330\145\001\031\035\255\120\244\127\012\174\113
+\274\234\161\163\052\105\121\031\205\314\216\375\107\247\164\225
+\035\250\321\257\116\027\261\151\046\302\252\170\127\133\305\115
+\247\345\236\005\027\224\312\262\137\240\111\030\215\064\351\046
+\154\110\036\252\150\222\005\341\202\163\132\233\334\007\133\010
+\155\175\235\327\215\041\331\374\024\040\252\302\105\337\077\347
+\000\262\121\344\302\370\005\271\171\032\214\064\363\236\133\344
+\067\133\153\112\337\054\127\212\100\132\066\272\335\165\104\010
+\067\102\160\014\376\334\136\041\240\243\212\300\220\234\150\332
+\120\346\105\020\107\170\266\116\322\145\311\303\067\337\341\102
+\143\260\127\067\105\055\173\212\234\277\005\352\145\125\063\367
+\071\020\305\050\052\041\172\033\212\304\044\371\077\025\310\232
+\025\040\365\125\142\226\355\155\223\120\274\344\252\170\255\331
+\313\012\145\207\246\146\301\304\201\243\167\072\130\036\013\356
+\203\213\235\036\322\122\244\314\035\157\260\230\155\224\061\265
+\370\161\012\334\271\374\175\062\140\346\353\257\212\001
+END
+
+# Trust for Certificate "Staat der Nederlanden Root CA - G2"
+# Issuer: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
+# Serial Number: 10000012 (0x98968c)
+# Subject: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
+# Not Valid Before: Wed Mar 26 11:18:17 2008
+# Not Valid After : Wed Mar 25 11:03:10 2020
+# Fingerprint (MD5): 7C:A5:0F:F8:5B:9A:7D:6D:30:AE:54:5A:E3:42:A2:8A
+# Fingerprint (SHA1): 59:AF:82:79:91:86:C7:B4:75:07:CB:CF:03:57:46:EB:04:DD:B7:16
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Staat der Nederlanden Root CA - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\131\257\202\171\221\206\307\264\165\007\313\317\003\127\106\353
+\004\335\267\026
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\174\245\017\370\133\232\175\155\060\256\124\132\343\102\242\212
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\053\060\051\006\003\125\004\003\014\042\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\122\157\157\164\040\103\101\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\000\230\226\214
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Hongkong Post Root CA 1"
+#
+# Issuer: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK
+# Serial Number: 1000 (0x3e8)
+# Subject: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK
+# Not Valid Before: Thu May 15 05:13:14 2003
+# Not Valid After : Mon May 15 04:52:29 2023
+# Fingerprint (MD5): A8:0D:6F:39:78:B9:43:6D:77:42:6D:98:5A:CC:23:CA
+# Fingerprint (SHA1): D6:DA:A8:20:8D:09:D2:15:4D:24:B5:2F:CB:34:6E:B2:58:B2:8A:58
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hongkong Post Root CA 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\110\113\061
+\026\060\024\006\003\125\004\012\023\015\110\157\156\147\153\157
+\156\147\040\120\157\163\164\061\040\060\036\006\003\125\004\003
+\023\027\110\157\156\147\153\157\156\147\040\120\157\163\164\040
+\122\157\157\164\040\103\101\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\110\113\061
+\026\060\024\006\003\125\004\012\023\015\110\157\156\147\153\157
+\156\147\040\120\157\163\164\061\040\060\036\006\003\125\004\003
+\023\027\110\157\156\147\153\157\156\147\040\120\157\163\164\040
+\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\003\350
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\060\060\202\002\030\240\003\002\001\002\002\002\003
+\350\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\060\107\061\013\060\011\006\003\125\004\006\023\002\110\113\061
+\026\060\024\006\003\125\004\012\023\015\110\157\156\147\153\157
+\156\147\040\120\157\163\164\061\040\060\036\006\003\125\004\003
+\023\027\110\157\156\147\153\157\156\147\040\120\157\163\164\040
+\122\157\157\164\040\103\101\040\061\060\036\027\015\060\063\060
+\065\061\065\060\065\061\063\061\064\132\027\015\062\063\060\065
+\061\065\060\064\065\062\062\071\132\060\107\061\013\060\011\006
+\003\125\004\006\023\002\110\113\061\026\060\024\006\003\125\004
+\012\023\015\110\157\156\147\153\157\156\147\040\120\157\163\164
+\061\040\060\036\006\003\125\004\003\023\027\110\157\156\147\153
+\157\156\147\040\120\157\163\164\040\122\157\157\164\040\103\101
+\040\061\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\254\377\070\266\351\146\002\111\343\242\264\341\220
+\371\100\217\171\371\342\275\171\376\002\275\356\044\222\035\042
+\366\332\205\162\151\376\327\077\011\324\335\221\265\002\234\320
+\215\132\341\125\303\120\206\271\051\046\302\343\331\240\361\151
+\003\050\040\200\105\042\055\126\247\073\124\225\126\042\131\037
+\050\337\037\040\075\155\242\066\276\043\240\261\156\265\261\047
+\077\071\123\011\352\253\152\350\164\262\302\145\134\216\277\174
+\303\170\204\315\236\026\374\365\056\117\040\052\010\237\167\363
+\305\036\304\232\122\146\036\110\136\343\020\006\217\042\230\341
+\145\216\033\135\043\146\073\270\245\062\121\310\206\252\241\251
+\236\177\166\224\302\246\154\267\101\360\325\310\006\070\346\324
+\014\342\363\073\114\155\120\214\304\203\047\301\023\204\131\075
+\236\165\164\266\330\002\136\072\220\172\300\102\066\162\354\152
+\115\334\357\304\000\337\023\030\127\137\046\170\310\326\012\171
+\167\277\367\257\267\166\271\245\013\204\027\135\020\352\157\341
+\253\225\021\137\155\074\243\134\115\203\133\362\263\031\212\200
+\213\013\207\002\003\001\000\001\243\046\060\044\060\022\006\003
+\125\035\023\001\001\377\004\010\060\006\001\001\377\002\001\003
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\306
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\016\106\325\074\256\342\207\331\136\201\213\002
+\230\101\010\214\114\274\332\333\356\047\033\202\347\152\105\354
+\026\213\117\205\240\363\262\160\275\132\226\272\312\156\155\356
+\106\213\156\347\052\056\226\263\031\063\353\264\237\250\262\067
+\356\230\250\227\266\056\266\147\047\324\246\111\375\034\223\145
+\166\236\102\057\334\042\154\232\117\362\132\025\071\261\161\327
+\053\121\350\155\034\230\300\331\052\364\241\202\173\325\311\101
+\242\043\001\164\070\125\213\017\271\056\147\242\040\004\067\332
+\234\013\323\027\041\340\217\227\171\064\157\204\110\002\040\063
+\033\346\064\104\237\221\160\364\200\136\204\103\302\051\322\154
+\022\024\344\141\215\254\020\220\236\204\120\273\360\226\157\105
+\237\212\363\312\154\117\372\021\072\025\025\106\303\315\037\203
+\133\055\101\022\355\120\147\101\023\075\041\253\224\212\252\116
+\174\301\261\373\247\326\265\047\057\227\253\156\340\035\342\321
+\034\054\037\104\342\374\276\221\241\234\373\326\051\123\163\206
+\237\123\330\103\016\135\326\143\202\161\035\200\164\312\366\342
+\002\153\331\132
+END
+
+# Trust for Certificate "Hongkong Post Root CA 1"
+# Issuer: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK
+# Serial Number: 1000 (0x3e8)
+# Subject: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK
+# Not Valid Before: Thu May 15 05:13:14 2003
+# Not Valid After : Mon May 15 04:52:29 2023
+# Fingerprint (MD5): A8:0D:6F:39:78:B9:43:6D:77:42:6D:98:5A:CC:23:CA
+# Fingerprint (SHA1): D6:DA:A8:20:8D:09:D2:15:4D:24:B5:2F:CB:34:6E:B2:58:B2:8A:58
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hongkong Post Root CA 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\326\332\250\040\215\011\322\025\115\044\265\057\313\064\156\262
+\130\262\212\130
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\250\015\157\071\170\271\103\155\167\102\155\230\132\314\043\312
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\110\113\061
+\026\060\024\006\003\125\004\012\023\015\110\157\156\147\153\157
+\156\147\040\120\157\163\164\061\040\060\036\006\003\125\004\003
+\023\027\110\157\156\147\153\157\156\147\040\120\157\163\164\040
+\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\003\350
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SecureSign RootCA11"
+#
+# Issuer: CN=SecureSign RootCA11,O="Japan Certification Services, Inc.",C=JP
+# Serial Number: 1 (0x1)
+# Subject: CN=SecureSign RootCA11,O="Japan Certification Services, Inc.",C=JP
+# Not Valid Before: Wed Apr 08 04:56:47 2009
+# Not Valid After : Sun Apr 08 04:56:47 2029
+# Fingerprint (MD5): B7:52:74:E2:92:B4:80:93:F2:75:E4:CC:D7:F2:EA:26
+# Fingerprint (SHA1): 3B:C4:9F:48:F8:F3:73:A0:9C:1E:BD:F8:5B:B1:C3:65:C7:D8:11:B3
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SecureSign RootCA11"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\053\060\051\006\003\125\004\012\023\042\112\141\160\141\156\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145
+\162\166\151\143\145\163\054\040\111\156\143\056\061\034\060\032
+\006\003\125\004\003\023\023\123\145\143\165\162\145\123\151\147
+\156\040\122\157\157\164\103\101\061\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\053\060\051\006\003\125\004\012\023\042\112\141\160\141\156\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145
+\162\166\151\143\145\163\054\040\111\156\143\056\061\034\060\032
+\006\003\125\004\003\023\023\123\145\143\165\162\145\123\151\147
+\156\040\122\157\157\164\103\101\061\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\155\060\202\002\125\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\130\061\013\060\011\006\003\125\004\006\023\002\112\120\061\053
+\060\051\006\003\125\004\012\023\042\112\141\160\141\156\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162
+\166\151\143\145\163\054\040\111\156\143\056\061\034\060\032\006
+\003\125\004\003\023\023\123\145\143\165\162\145\123\151\147\156
+\040\122\157\157\164\103\101\061\061\060\036\027\015\060\071\060
+\064\060\070\060\064\065\066\064\067\132\027\015\062\071\060\064
+\060\070\060\064\065\066\064\067\132\060\130\061\013\060\011\006
+\003\125\004\006\023\002\112\120\061\053\060\051\006\003\125\004
+\012\023\042\112\141\160\141\156\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\123\145\162\166\151\143\145\163\054
+\040\111\156\143\056\061\034\060\032\006\003\125\004\003\023\023
+\123\145\143\165\162\145\123\151\147\156\040\122\157\157\164\103
+\101\061\061\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\375\167\252\245\034\220\005\073\313\114\233\063
+\213\132\024\105\244\347\220\026\321\337\127\322\041\020\244\027
+\375\337\254\326\037\247\344\333\174\367\354\337\270\003\332\224
+\130\375\135\162\174\214\077\137\001\147\164\025\226\343\002\074
+\207\333\256\313\001\216\302\363\146\306\205\105\364\002\306\072
+\265\142\262\257\372\234\277\244\346\324\200\060\230\363\015\266
+\223\217\251\324\330\066\362\260\374\212\312\054\241\025\063\225
+\061\332\300\033\362\356\142\231\206\143\077\277\335\223\052\203
+\250\166\271\023\037\267\316\116\102\205\217\042\347\056\032\362
+\225\011\262\005\265\104\116\167\241\040\275\251\362\116\012\175
+\120\255\365\005\015\105\117\106\161\375\050\076\123\373\004\330
+\055\327\145\035\112\033\372\317\073\260\061\232\065\156\310\213
+\006\323\000\221\362\224\010\145\114\261\064\006\000\172\211\342
+\360\307\003\131\317\325\326\350\247\062\263\346\230\100\206\305
+\315\047\022\213\314\173\316\267\021\074\142\140\007\043\076\053
+\100\156\224\200\011\155\266\263\157\167\157\065\010\120\373\002
+\207\305\076\211\002\003\001\000\001\243\102\060\100\060\035\006
+\003\125\035\016\004\026\004\024\133\370\115\117\262\245\206\324
+\072\322\361\143\232\240\276\011\366\127\267\336\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
+\000\240\241\070\026\146\056\247\126\037\041\234\006\372\035\355
+\271\042\305\070\046\330\116\117\354\243\177\171\336\106\041\241
+\207\167\217\007\010\232\262\244\305\257\017\062\230\013\174\146
+\051\266\233\175\045\122\111\103\253\114\056\053\156\172\160\257
+\026\016\343\002\154\373\102\346\030\235\105\330\125\310\350\073
+\335\347\341\364\056\013\034\064\134\154\130\112\373\214\210\120
+\137\225\034\277\355\253\042\265\145\263\205\272\236\017\270\255
+\345\172\033\212\120\072\035\275\015\274\173\124\120\013\271\102
+\257\125\240\030\201\255\145\231\357\276\344\234\277\304\205\253
+\101\262\124\157\334\045\315\355\170\342\216\014\215\011\111\335
+\143\173\132\151\226\002\041\250\275\122\131\351\175\065\313\310
+\122\312\177\201\376\331\153\323\367\021\355\045\337\370\347\371
+\244\372\162\227\204\123\015\245\320\062\030\121\166\131\024\154
+\017\353\354\137\200\214\165\103\203\303\205\230\377\114\236\055
+\015\344\167\203\223\116\265\226\007\213\050\023\233\214\031\215
+\101\047\111\100\356\336\346\043\104\071\334\241\042\326\272\003
+\362
+END
+
+# Trust for Certificate "SecureSign RootCA11"
+# Issuer: CN=SecureSign RootCA11,O="Japan Certification Services, Inc.",C=JP
+# Serial Number: 1 (0x1)
+# Subject: CN=SecureSign RootCA11,O="Japan Certification Services, Inc.",C=JP
+# Not Valid Before: Wed Apr 08 04:56:47 2009
+# Not Valid After : Sun Apr 08 04:56:47 2029
+# Fingerprint (MD5): B7:52:74:E2:92:B4:80:93:F2:75:E4:CC:D7:F2:EA:26
+# Fingerprint (SHA1): 3B:C4:9F:48:F8:F3:73:A0:9C:1E:BD:F8:5B:B1:C3:65:C7:D8:11:B3
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SecureSign RootCA11"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\073\304\237\110\370\363\163\240\234\036\275\370\133\261\303\145
+\307\330\021\263
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\267\122\164\342\222\264\200\223\362\165\344\314\327\362\352\046
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\053\060\051\006\003\125\004\012\023\042\112\141\160\141\156\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145
+\162\166\151\143\145\163\054\040\111\156\143\056\061\034\060\032
+\006\003\125\004\003\023\023\123\145\143\165\162\145\123\151\147
+\156\040\122\157\157\164\103\101\061\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "ACEDICOM Root"
+#
+# Issuer: C=ES,O=EDICOM,OU=PKI,CN=ACEDICOM Root
+# Serial Number:61:8d:c7:86:3b:01:82:05
+# Subject: C=ES,O=EDICOM,OU=PKI,CN=ACEDICOM Root
+# Not Valid Before: Fri Apr 18 16:24:22 2008
+# Not Valid After : Thu Apr 13 16:24:22 2028
+# Fingerprint (MD5): 42:81:A0:E2:1C:E3:55:10:DE:55:89:42:65:96:22:E6
+# Fingerprint (SHA1): E0:B4:32:2E:B2:F6:A5:68:B6:54:53:84:48:18:4A:50:36:87:43:84
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ACEDICOM Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\104\061\026\060\024\006\003\125\004\003\014\015\101\103\105
+\104\111\103\117\115\040\122\157\157\164\061\014\060\012\006\003
+\125\004\013\014\003\120\113\111\061\017\060\015\006\003\125\004
+\012\014\006\105\104\111\103\117\115\061\013\060\011\006\003\125
+\004\006\023\002\105\123
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\026\060\024\006\003\125\004\003\014\015\101\103\105
+\104\111\103\117\115\040\122\157\157\164\061\014\060\012\006\003
+\125\004\013\014\003\120\113\111\061\017\060\015\006\003\125\004
+\012\014\006\105\104\111\103\117\115\061\013\060\011\006\003\125
+\004\006\023\002\105\123
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\141\215\307\206\073\001\202\005
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\265\060\202\003\235\240\003\002\001\002\002\010\141
+\215\307\206\073\001\202\005\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\060\104\061\026\060\024\006\003\125\004
+\003\014\015\101\103\105\104\111\103\117\115\040\122\157\157\164
+\061\014\060\012\006\003\125\004\013\014\003\120\113\111\061\017
+\060\015\006\003\125\004\012\014\006\105\104\111\103\117\115\061
+\013\060\011\006\003\125\004\006\023\002\105\123\060\036\027\015
+\060\070\060\064\061\070\061\066\062\064\062\062\132\027\015\062
+\070\060\064\061\063\061\066\062\064\062\062\132\060\104\061\026
+\060\024\006\003\125\004\003\014\015\101\103\105\104\111\103\117
+\115\040\122\157\157\164\061\014\060\012\006\003\125\004\013\014
+\003\120\113\111\061\017\060\015\006\003\125\004\012\014\006\105
+\104\111\103\117\115\061\013\060\011\006\003\125\004\006\023\002
+\105\123\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\377\222\225\341\150\006\166\264\054\310\130\110\312
+\375\200\124\051\125\143\044\377\220\145\233\020\165\173\303\152
+\333\142\002\001\362\030\206\265\174\132\070\261\344\130\271\373
+\323\330\055\237\275\062\067\277\054\025\155\276\265\364\041\322
+\023\221\331\007\255\001\005\326\363\275\167\316\137\102\201\012
+\371\152\343\203\000\250\053\056\125\023\143\201\312\107\034\173
+\134\026\127\172\033\203\140\004\072\076\145\303\315\001\336\336
+\244\326\014\272\216\336\331\004\356\027\126\042\233\217\143\375
+\115\026\013\267\173\167\214\371\045\265\321\155\231\022\056\117
+\032\270\346\352\004\222\256\075\021\271\121\102\075\207\260\061
+\205\257\171\132\234\376\347\116\136\222\117\103\374\253\072\255
+\245\022\046\146\271\342\014\327\230\316\324\130\245\225\100\012
+\267\104\235\023\164\053\302\245\353\042\025\230\020\330\213\305
+\004\237\035\217\140\345\006\033\233\317\271\171\240\075\242\043
+\077\102\077\153\372\034\003\173\060\215\316\154\300\277\346\033
+\137\277\147\270\204\031\325\025\357\173\313\220\066\061\142\311
+\274\002\253\106\137\233\376\032\150\224\064\075\220\216\255\366
+\344\035\011\177\112\210\070\077\276\147\375\064\226\365\035\274
+\060\164\313\070\356\325\154\253\324\374\364\000\267\000\133\205
+\062\026\166\063\351\330\243\231\235\005\000\252\026\346\363\201
+\175\157\175\252\206\155\255\025\164\323\304\242\161\252\364\024
+\175\347\062\270\037\274\325\361\116\275\157\027\002\071\327\016
+\225\102\072\307\000\076\351\046\143\021\352\013\321\112\377\030
+\235\262\327\173\057\072\331\226\373\350\036\222\256\023\125\310
+\331\047\366\334\110\033\260\044\301\205\343\167\235\232\244\363
+\014\021\035\015\310\264\024\356\265\202\127\011\277\040\130\177
+\057\042\043\330\160\313\171\154\311\113\362\251\052\310\374\207
+\053\327\032\120\370\047\350\057\103\343\072\275\330\127\161\375
+\316\246\122\133\371\335\115\355\345\366\157\211\355\273\223\234
+\166\041\165\360\222\114\051\367\057\234\001\056\376\120\106\236
+\144\014\024\263\007\133\305\302\163\154\361\007\134\105\044\024
+\065\256\203\361\152\115\211\172\372\263\330\055\146\360\066\207
+\365\053\123\002\003\001\000\001\243\201\252\060\201\247\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\037\006\003\125\035\043\004\030\060\026\200\024\246\263\341\053
+\053\111\266\327\163\241\252\224\365\001\347\163\145\114\254\120
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206
+\060\035\006\003\125\035\016\004\026\004\024\246\263\341\053\053
+\111\266\327\163\241\252\224\365\001\347\163\145\114\254\120\060
+\104\006\003\125\035\040\004\075\060\073\060\071\006\004\125\035
+\040\000\060\061\060\057\006\010\053\006\001\005\005\007\002\001
+\026\043\150\164\164\160\072\057\057\141\143\145\144\151\143\157
+\155\056\145\144\151\143\157\155\147\162\157\165\160\056\143\157
+\155\057\144\157\143\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\003\202\002\001\000\316\054\013\122\121\142\046
+\175\014\047\203\217\305\366\332\240\150\173\117\222\136\352\244
+\163\062\021\123\104\262\104\313\235\354\017\171\102\263\020\246
+\307\015\235\313\266\372\077\072\174\352\277\210\123\033\074\367
+\202\372\005\065\063\341\065\250\127\300\347\375\215\117\077\223
+\062\117\170\146\003\167\007\130\351\225\310\176\076\320\171\000
+\214\362\033\121\063\233\274\224\351\072\173\156\122\055\062\236
+\043\244\105\373\266\056\023\260\213\030\261\335\316\325\035\247
+\102\177\125\276\373\133\273\107\324\374\044\315\004\256\226\005
+\025\326\254\316\060\363\312\013\305\272\342\042\340\246\255\042
+\344\002\356\164\021\177\114\377\170\035\065\332\346\002\064\353
+\030\022\141\167\006\011\026\143\352\030\255\242\207\037\362\307
+\200\011\011\165\116\020\250\217\075\206\270\165\021\300\044\142
+\212\226\173\112\105\351\354\131\305\276\153\203\346\341\350\254
+\265\060\036\376\005\007\200\371\341\043\015\120\217\005\230\377
+\054\137\350\073\266\255\317\201\265\041\207\312\010\052\043\047
+\060\040\053\317\355\224\133\254\262\172\322\307\050\241\212\013
+\233\115\112\054\155\205\077\011\162\074\147\342\331\334\007\272
+\353\145\173\132\001\143\326\220\133\117\027\146\075\177\013\031
+\243\223\143\020\122\052\237\024\026\130\342\334\245\364\241\026
+\213\016\221\213\201\312\233\131\372\330\153\221\007\145\125\137
+\122\037\257\072\373\220\335\151\245\133\234\155\016\054\266\372
+\316\254\245\174\062\112\147\100\334\060\064\043\335\327\004\043
+\146\360\374\125\200\247\373\146\031\202\065\147\142\160\071\136
+\157\307\352\220\100\104\010\036\270\262\326\333\356\131\247\015
+\030\171\064\274\124\030\136\123\312\064\121\355\105\012\346\216
+\307\202\066\076\247\070\143\251\060\054\027\020\140\222\237\125
+\207\022\131\020\302\017\147\151\021\314\116\036\176\112\232\255
+\257\100\250\165\254\126\220\164\270\240\234\245\171\157\334\351
+\032\310\151\005\351\272\372\003\263\174\344\340\116\302\316\235
+\350\266\106\015\156\176\127\072\147\224\302\313\037\234\167\112
+\147\116\151\206\103\223\070\373\266\333\117\203\221\324\140\176
+\113\076\053\070\007\125\230\136\244
+END
+
+# Trust for Certificate "ACEDICOM Root"
+# Issuer: C=ES,O=EDICOM,OU=PKI,CN=ACEDICOM Root
+# Serial Number:61:8d:c7:86:3b:01:82:05
+# Subject: C=ES,O=EDICOM,OU=PKI,CN=ACEDICOM Root
+# Not Valid Before: Fri Apr 18 16:24:22 2008
+# Not Valid After : Thu Apr 13 16:24:22 2028
+# Fingerprint (MD5): 42:81:A0:E2:1C:E3:55:10:DE:55:89:42:65:96:22:E6
+# Fingerprint (SHA1): E0:B4:32:2E:B2:F6:A5:68:B6:54:53:84:48:18:4A:50:36:87:43:84
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ACEDICOM Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\340\264\062\056\262\366\245\150\266\124\123\204\110\030\112\120
+\066\207\103\204
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\102\201\240\342\034\343\125\020\336\125\211\102\145\226\042\346
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\026\060\024\006\003\125\004\003\014\015\101\103\105
+\104\111\103\117\115\040\122\157\157\164\061\014\060\012\006\003
+\125\004\013\014\003\120\113\111\061\017\060\015\006\003\125\004
+\012\014\006\105\104\111\103\117\115\061\013\060\011\006\003\125
+\004\006\023\002\105\123
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\141\215\307\206\073\001\202\005
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+
+#
+# Certificate "Microsec e-Szigno Root CA 2009"
+#
+# Issuer: E=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
+# Serial Number:00:c2:7e:43:04:4e:47:3f:19
+# Subject: E=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
+# Not Valid Before: Tue Jun 16 11:30:18 2009
+# Not Valid After : Sun Dec 30 11:30:18 2029
+# Fingerprint (MD5): F8:49:F4:03:BC:44:2D:83:BE:48:69:7D:29:64:FC:B1
+# Fingerprint (SHA1): 89:DF:74:FE:5C:F4:0F:4A:80:F9:E3:37:7D:54:DA:91:E1:01:31:8E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Microsec e-Szigno Root CA 2009"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\110\125
+\061\021\060\017\006\003\125\004\007\014\010\102\165\144\141\160
+\145\163\164\061\026\060\024\006\003\125\004\012\014\015\115\151
+\143\162\157\163\145\143\040\114\164\144\056\061\047\060\045\006
+\003\125\004\003\014\036\115\151\143\162\157\163\145\143\040\145
+\055\123\172\151\147\156\157\040\122\157\157\164\040\103\101\040
+\062\060\060\071\061\037\060\035\006\011\052\206\110\206\367\015
+\001\011\001\026\020\151\156\146\157\100\145\055\163\172\151\147
+\156\157\056\150\165
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\110\125
+\061\021\060\017\006\003\125\004\007\014\010\102\165\144\141\160
+\145\163\164\061\026\060\024\006\003\125\004\012\014\015\115\151
+\143\162\157\163\145\143\040\114\164\144\056\061\047\060\045\006
+\003\125\004\003\014\036\115\151\143\162\157\163\145\143\040\145
+\055\123\172\151\147\156\157\040\122\157\157\164\040\103\101\040
+\062\060\060\071\061\037\060\035\006\011\052\206\110\206\367\015
+\001\011\001\026\020\151\156\146\157\100\145\055\163\172\151\147
+\156\157\056\150\165
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\302\176\103\004\116\107\077\031
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\012\060\202\002\362\240\003\002\001\002\002\011\000
+\302\176\103\004\116\107\077\031\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\060\201\202\061\013\060\011\006\003
+\125\004\006\023\002\110\125\061\021\060\017\006\003\125\004\007
+\014\010\102\165\144\141\160\145\163\164\061\026\060\024\006\003
+\125\004\012\014\015\115\151\143\162\157\163\145\143\040\114\164
+\144\056\061\047\060\045\006\003\125\004\003\014\036\115\151\143
+\162\157\163\145\143\040\145\055\123\172\151\147\156\157\040\122
+\157\157\164\040\103\101\040\062\060\060\071\061\037\060\035\006
+\011\052\206\110\206\367\015\001\011\001\026\020\151\156\146\157
+\100\145\055\163\172\151\147\156\157\056\150\165\060\036\027\015
+\060\071\060\066\061\066\061\061\063\060\061\070\132\027\015\062
+\071\061\062\063\060\061\061\063\060\061\070\132\060\201\202\061
+\013\060\011\006\003\125\004\006\023\002\110\125\061\021\060\017
+\006\003\125\004\007\014\010\102\165\144\141\160\145\163\164\061
+\026\060\024\006\003\125\004\012\014\015\115\151\143\162\157\163
+\145\143\040\114\164\144\056\061\047\060\045\006\003\125\004\003
+\014\036\115\151\143\162\157\163\145\143\040\145\055\123\172\151
+\147\156\157\040\122\157\157\164\040\103\101\040\062\060\060\071
+\061\037\060\035\006\011\052\206\110\206\367\015\001\011\001\026
+\020\151\156\146\157\100\145\055\163\172\151\147\156\157\056\150
+\165\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\351\370\217\363\143\255\332\206\330\247\340\102\373\317
+\221\336\246\046\370\231\245\143\160\255\233\256\312\063\100\175
+\155\226\156\241\016\104\356\341\023\235\224\102\122\232\275\165
+\205\164\054\250\016\035\223\266\030\267\214\054\250\317\373\134
+\161\271\332\354\376\350\176\217\344\057\035\262\250\165\207\330
+\267\241\345\073\317\231\112\106\320\203\031\175\300\241\022\034
+\225\155\112\364\330\307\245\115\063\056\205\071\100\165\176\024
+\174\200\022\230\120\307\101\147\270\240\200\141\124\246\154\116
+\037\340\235\016\007\351\311\272\063\347\376\300\125\050\054\002
+\200\247\031\365\236\334\125\123\003\227\173\007\110\377\231\373
+\067\212\044\304\131\314\120\020\143\216\252\251\032\260\204\032
+\206\371\137\273\261\120\156\244\321\012\314\325\161\176\037\247
+\033\174\365\123\156\042\137\313\053\346\324\174\135\256\326\302
+\306\114\345\005\001\331\355\127\374\301\043\171\374\372\310\044
+\203\225\363\265\152\121\001\320\167\326\351\022\241\371\032\203
+\373\202\033\271\260\227\364\166\006\063\103\111\240\377\013\265
+\372\265\002\003\001\000\001\243\201\200\060\176\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\035\006
+\003\125\035\016\004\026\004\024\313\017\306\337\102\103\314\075
+\313\265\110\043\241\032\172\246\052\273\064\150\060\037\006\003
+\125\035\043\004\030\060\026\200\024\313\017\306\337\102\103\314
+\075\313\265\110\043\241\032\172\246\052\273\064\150\060\033\006
+\003\125\035\021\004\024\060\022\201\020\151\156\146\157\100\145
+\055\163\172\151\147\156\157\056\150\165\060\015\006\011\052\206
+\110\206\367\015\001\001\013\005\000\003\202\001\001\000\311\321
+\016\136\056\325\314\263\174\076\313\374\075\377\015\050\225\223
+\004\310\277\332\315\171\270\103\220\360\244\276\357\362\357\041
+\230\274\324\324\135\006\366\356\102\354\060\154\240\252\251\312
+\361\257\212\372\077\013\163\152\076\352\056\100\176\037\256\124
+\141\171\353\056\010\067\327\043\363\214\237\276\035\261\341\244
+\165\333\240\342\124\024\261\272\034\051\244\030\366\022\272\242
+\024\024\343\061\065\310\100\377\267\340\005\166\127\301\034\131
+\362\370\277\344\355\045\142\134\204\360\176\176\037\263\276\371
+\267\041\021\314\003\001\126\160\247\020\222\036\033\064\201\036
+\255\234\032\303\004\074\355\002\141\326\036\006\363\137\072\207
+\362\053\361\105\207\345\075\254\321\307\127\204\275\153\256\334
+\330\371\266\033\142\160\013\075\066\311\102\362\062\327\172\141
+\346\322\333\075\317\310\251\311\233\334\333\130\104\327\157\070
+\257\177\170\323\243\255\032\165\272\034\301\066\174\217\036\155
+\034\303\165\106\256\065\005\246\366\134\075\041\356\126\360\311
+\202\042\055\172\124\253\160\303\175\042\145\202\160\226
+END
+
+# Trust for Certificate "Microsec e-Szigno Root CA 2009"
+# Issuer: E=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
+# Serial Number:00:c2:7e:43:04:4e:47:3f:19
+# Subject: E=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
+# Not Valid Before: Tue Jun 16 11:30:18 2009
+# Not Valid After : Sun Dec 30 11:30:18 2029
+# Fingerprint (MD5): F8:49:F4:03:BC:44:2D:83:BE:48:69:7D:29:64:FC:B1
+# Fingerprint (SHA1): 89:DF:74:FE:5C:F4:0F:4A:80:F9:E3:37:7D:54:DA:91:E1:01:31:8E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Microsec e-Szigno Root CA 2009"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\211\337\164\376\134\364\017\112\200\371\343\067\175\124\332\221
+\341\001\061\216
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\370\111\364\003\274\104\055\203\276\110\151\175\051\144\374\261
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\110\125
+\061\021\060\017\006\003\125\004\007\014\010\102\165\144\141\160
+\145\163\164\061\026\060\024\006\003\125\004\012\014\015\115\151
+\143\162\157\163\145\143\040\114\164\144\056\061\047\060\045\006
+\003\125\004\003\014\036\115\151\143\162\157\163\145\143\040\145
+\055\123\172\151\147\156\157\040\122\157\157\164\040\103\101\040
+\062\060\060\071\061\037\060\035\006\011\052\206\110\206\367\015
+\001\011\001\026\020\151\156\146\157\100\145\055\163\172\151\147
+\156\157\056\150\165
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\302\176\103\004\116\107\077\031
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GlobalSign Root CA - R3"
+#
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3
+# Serial Number:04:00:00:00:00:01:21:58:53:08:a2
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3
+# Not Valid Before: Wed Mar 18 10:00:00 2009
+# Not Valid After : Sun Mar 18 10:00:00 2029
+# Fingerprint (MD5): C5:DF:B8:49:CA:05:13:55:EE:2D:BA:1A:C3:3E:B0:28
+# Fingerprint (SHA1): D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign Root CA - R3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\063\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\063\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\041\130\123\010\242
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\137\060\202\002\107\240\003\002\001\002\002\013\004
+\000\000\000\000\001\041\130\123\010\242\060\015\006\011\052\206
+\110\206\367\015\001\001\013\005\000\060\114\061\040\060\036\006
+\003\125\004\013\023\027\107\154\157\142\141\154\123\151\147\156
+\040\122\157\157\164\040\103\101\040\055\040\122\063\061\023\060
+\021\006\003\125\004\012\023\012\107\154\157\142\141\154\123\151
+\147\156\061\023\060\021\006\003\125\004\003\023\012\107\154\157
+\142\141\154\123\151\147\156\060\036\027\015\060\071\060\063\061
+\070\061\060\060\060\060\060\132\027\015\062\071\060\063\061\070
+\061\060\060\060\060\060\132\060\114\061\040\060\036\006\003\125
+\004\013\023\027\107\154\157\142\141\154\123\151\147\156\040\122
+\157\157\164\040\103\101\040\055\040\122\063\061\023\060\021\006
+\003\125\004\012\023\012\107\154\157\142\141\154\123\151\147\156
+\061\023\060\021\006\003\125\004\003\023\012\107\154\157\142\141
+\154\123\151\147\156\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\314\045\166\220\171\006\170\042\026\365
+\300\203\266\204\312\050\236\375\005\166\021\305\255\210\162\374
+\106\002\103\307\262\212\235\004\137\044\313\056\113\341\140\202
+\106\341\122\253\014\201\107\160\154\335\144\321\353\365\054\243
+\017\202\075\014\053\256\227\327\266\024\206\020\171\273\073\023
+\200\167\214\010\341\111\322\152\142\057\037\136\372\226\150\337
+\211\047\225\070\237\006\327\076\311\313\046\131\015\163\336\260
+\310\351\046\016\203\025\306\357\133\213\322\004\140\312\111\246
+\050\366\151\073\366\313\310\050\221\345\235\212\141\127\067\254
+\164\024\334\164\340\072\356\162\057\056\234\373\320\273\277\365
+\075\000\341\006\063\350\202\053\256\123\246\072\026\163\214\335
+\101\016\040\072\300\264\247\241\351\262\117\220\056\062\140\351
+\127\313\271\004\222\150\150\345\070\046\140\165\262\237\167\377
+\221\024\357\256\040\111\374\255\100\025\110\321\002\061\141\031
+\136\270\227\357\255\167\267\144\232\172\277\137\301\023\357\233
+\142\373\015\154\340\124\151\026\251\003\332\156\351\203\223\161
+\166\306\151\205\202\027\002\003\001\000\001\243\102\060\100\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\035\006\003\125\035\016\004\026\004\024\217\360\113\177\250
+\056\105\044\256\115\120\372\143\232\213\336\342\335\033\274\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202
+\001\001\000\113\100\333\300\120\252\376\310\014\357\367\226\124
+\105\111\273\226\000\011\101\254\263\023\206\206\050\007\063\312
+\153\346\164\271\272\000\055\256\244\012\323\365\361\361\017\212
+\277\163\147\112\203\307\104\173\170\340\257\156\154\157\003\051
+\216\063\071\105\303\216\344\271\127\154\252\374\022\226\354\123
+\306\055\344\044\154\271\224\143\373\334\123\150\147\126\076\203
+\270\317\065\041\303\311\150\376\316\332\302\123\252\314\220\212
+\351\360\135\106\214\225\335\172\130\050\032\057\035\336\315\000
+\067\101\217\355\104\155\327\123\050\227\176\363\147\004\036\025
+\327\212\226\264\323\336\114\047\244\114\033\163\163\166\364\027
+\231\302\037\172\016\343\055\010\255\012\034\054\377\074\253\125
+\016\017\221\176\066\353\303\127\111\276\341\056\055\174\140\213
+\303\101\121\023\043\235\316\367\062\153\224\001\250\231\347\054
+\063\037\072\073\045\322\206\100\316\073\054\206\170\311\141\057
+\024\272\356\333\125\157\337\204\356\005\011\115\275\050\330\162
+\316\323\142\120\145\036\353\222\227\203\061\331\263\265\312\107
+\130\077\137
+END
+
+# Trust for Certificate "GlobalSign Root CA - R3"
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3
+# Serial Number:04:00:00:00:00:01:21:58:53:08:a2
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3
+# Not Valid Before: Wed Mar 18 10:00:00 2009
+# Not Valid After : Sun Mar 18 10:00:00 2029
+# Fingerprint (MD5): C5:DF:B8:49:CA:05:13:55:EE:2D:BA:1A:C3:3E:B0:28
+# Fingerprint (SHA1): D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign Root CA - R3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\326\233\126\021\110\360\034\167\305\105\170\301\011\046\337\133
+\205\151\166\255
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\305\337\270\111\312\005\023\125\356\055\272\032\303\076\260\050
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\063\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\013\004\000\000\000\000\001\041\130\123\010\242
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
+#
+# Issuer: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068,C=ES
+# Serial Number:53:ec:3b:ee:fb:b2:48:5f
+# Subject: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068,C=ES
+# Not Valid Before: Wed May 20 08:38:15 2009
+# Not Valid After : Tue Dec 31 08:38:15 2030
+# Fingerprint (MD5): 73:3A:74:7A:EC:BB:A3:96:A6:C2:E4:E2:C8:9B:C0:C3
+# Fingerprint (SHA1): AE:C5:FB:3F:C8:E1:BF:C4:E5:4F:03:07:5A:9A:E8:00:B7:F7:B6:FA
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Autoridad de Certificacion Firmaprofesional CIF A62634068"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\102\060\100\006\003\125\004\003\014\071\101\165\164\157\162\151
+\144\141\144\040\144\145\040\103\145\162\164\151\146\151\143\141
+\143\151\157\156\040\106\151\162\155\141\160\162\157\146\145\163
+\151\157\156\141\154\040\103\111\106\040\101\066\062\066\063\064
+\060\066\070
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\102\060\100\006\003\125\004\003\014\071\101\165\164\157\162\151
+\144\141\144\040\144\145\040\103\145\162\164\151\146\151\143\141
+\143\151\157\156\040\106\151\162\155\141\160\162\157\146\145\163
+\151\157\156\141\154\040\103\111\106\040\101\066\062\066\063\064
+\060\066\070
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\123\354\073\356\373\262\110\137
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\024\060\202\003\374\240\003\002\001\002\002\010\123
+\354\073\356\373\262\110\137\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\060\121\061\013\060\011\006\003\125\004
+\006\023\002\105\123\061\102\060\100\006\003\125\004\003\014\071
+\101\165\164\157\162\151\144\141\144\040\144\145\040\103\145\162
+\164\151\146\151\143\141\143\151\157\156\040\106\151\162\155\141
+\160\162\157\146\145\163\151\157\156\141\154\040\103\111\106\040
+\101\066\062\066\063\064\060\066\070\060\036\027\015\060\071\060
+\065\062\060\060\070\063\070\061\065\132\027\015\063\060\061\062
+\063\061\060\070\063\070\061\065\132\060\121\061\013\060\011\006
+\003\125\004\006\023\002\105\123\061\102\060\100\006\003\125\004
+\003\014\071\101\165\164\157\162\151\144\141\144\040\144\145\040
+\103\145\162\164\151\146\151\143\141\143\151\157\156\040\106\151
+\162\155\141\160\162\157\146\145\163\151\157\156\141\154\040\103
+\111\106\040\101\066\062\066\063\064\060\066\070\060\202\002\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\002\017\000\060\202\002\012\002\202\002\001\000\312\226\153
+\216\352\370\373\361\242\065\340\177\114\332\340\303\122\327\175
+\266\020\310\002\136\263\103\052\304\117\152\262\312\034\135\050
+\232\170\021\032\151\131\127\257\265\040\102\344\213\017\346\337
+\133\246\003\222\057\365\021\344\142\327\062\161\070\331\004\014
+\161\253\075\121\176\017\007\337\143\005\134\351\277\224\157\301
+\051\202\300\264\332\121\260\301\074\273\255\067\112\134\312\361
+\113\066\016\044\253\277\303\204\167\375\250\120\364\261\347\306
+\057\322\055\131\215\172\012\116\226\151\122\002\252\066\230\354
+\374\372\024\203\014\067\037\311\222\067\177\327\201\055\345\304
+\271\340\076\064\376\147\364\076\146\321\323\364\100\317\136\142
+\064\017\160\006\076\040\030\132\316\367\162\033\045\154\223\164
+\024\223\243\163\261\016\252\207\020\043\131\137\040\005\031\107
+\355\150\216\222\022\312\135\374\326\053\262\222\074\040\317\341
+\137\257\040\276\240\166\177\166\345\354\032\206\141\063\076\347
+\173\264\077\240\017\216\242\271\152\157\271\207\046\157\101\154
+\210\246\120\375\152\143\013\365\223\026\033\031\217\262\355\233
+\233\311\220\365\001\014\337\031\075\017\076\070\043\311\057\217
+\014\321\002\376\033\125\326\116\320\215\074\257\117\244\363\376
+\257\052\323\005\235\171\010\241\313\127\061\264\234\310\220\262
+\147\364\030\026\223\072\374\107\330\321\170\226\061\037\272\053
+\014\137\135\231\255\143\211\132\044\040\166\330\337\375\253\116
+\246\042\252\235\136\346\047\212\175\150\051\243\347\212\270\332
+\021\273\027\055\231\235\023\044\106\367\305\342\330\237\216\177
+\307\217\164\155\132\262\350\162\365\254\356\044\020\255\057\024
+\332\377\055\232\106\161\107\276\102\337\273\001\333\364\177\323
+\050\217\061\131\133\323\311\002\246\264\122\312\156\227\373\103
+\305\010\046\157\212\364\273\375\237\050\252\015\325\105\363\023
+\072\035\330\300\170\217\101\147\074\036\224\144\256\173\013\305
+\350\331\001\210\071\032\227\206\144\101\325\073\207\014\156\372
+\017\306\275\110\024\277\071\115\324\236\101\266\217\226\035\143
+\226\223\331\225\006\170\061\150\236\067\006\073\200\211\105\141
+\071\043\307\033\104\243\025\345\034\370\222\060\273\002\003\001
+\000\001\243\201\357\060\201\354\060\022\006\003\125\035\023\001
+\001\377\004\010\060\006\001\001\377\002\001\001\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003
+\125\035\016\004\026\004\024\145\315\353\253\065\036\000\076\176
+\325\164\300\034\264\163\107\016\032\144\057\060\201\246\006\003
+\125\035\040\004\201\236\060\201\233\060\201\230\006\004\125\035
+\040\000\060\201\217\060\057\006\010\053\006\001\005\005\007\002
+\001\026\043\150\164\164\160\072\057\057\167\167\167\056\146\151
+\162\155\141\160\162\157\146\145\163\151\157\156\141\154\056\143
+\157\155\057\143\160\163\060\134\006\010\053\006\001\005\005\007
+\002\002\060\120\036\116\000\120\000\141\000\163\000\145\000\157
+\000\040\000\144\000\145\000\040\000\154\000\141\000\040\000\102
+\000\157\000\156\000\141\000\156\000\157\000\166\000\141\000\040
+\000\064\000\067\000\040\000\102\000\141\000\162\000\143\000\145
+\000\154\000\157\000\156\000\141\000\040\000\060\000\070\000\060
+\000\061\000\067\060\015\006\011\052\206\110\206\367\015\001\001
+\005\005\000\003\202\002\001\000\027\175\240\371\264\335\305\305
+\353\255\113\044\265\241\002\253\335\245\210\112\262\017\125\113
+\053\127\214\073\345\061\335\376\304\062\361\347\133\144\226\066
+\062\030\354\245\062\167\327\343\104\266\300\021\052\200\271\075
+\152\156\174\233\323\255\374\303\326\243\346\144\051\174\321\341
+\070\036\202\053\377\047\145\257\373\026\025\304\056\161\204\345
+\265\377\372\244\107\275\144\062\273\366\045\204\242\047\102\365
+\040\260\302\023\020\021\315\020\025\272\102\220\052\322\104\341
+\226\046\353\061\110\022\375\052\332\311\006\317\164\036\251\113
+\325\207\050\371\171\064\222\076\056\104\350\366\217\117\217\065
+\077\045\263\071\334\143\052\220\153\040\137\304\122\022\116\227
+\054\052\254\235\227\336\110\362\243\146\333\302\322\203\225\246
+\146\247\236\045\017\351\013\063\221\145\012\132\303\331\124\022
+\335\257\303\116\016\037\046\136\015\334\263\215\354\325\201\160
+\336\322\117\044\005\363\154\116\365\114\111\146\215\321\377\322
+\013\045\101\110\376\121\204\306\102\257\200\004\317\320\176\144
+\111\344\362\337\242\354\261\114\300\052\035\347\264\261\145\242
+\304\274\361\230\364\252\160\007\143\264\270\332\073\114\372\100
+\042\060\133\021\246\360\005\016\306\002\003\110\253\206\233\205
+\335\333\335\352\242\166\200\163\175\365\234\004\304\105\215\347
+\271\034\213\236\352\327\165\321\162\261\336\165\104\347\102\175
+\342\127\153\175\334\231\274\075\203\050\352\200\223\215\305\114
+\145\301\160\201\270\070\374\103\061\262\366\003\064\107\262\254
+\373\042\006\313\036\335\027\107\034\137\146\271\323\032\242\332
+\021\261\244\274\043\311\344\276\207\377\271\224\266\370\135\040
+\112\324\137\347\275\150\173\145\362\025\036\322\072\251\055\351
+\330\153\044\254\227\130\104\107\255\131\030\361\041\145\160\336
+\316\064\140\250\100\361\363\074\244\303\050\043\214\376\047\063
+\103\100\240\027\074\353\352\073\260\162\246\243\271\112\113\136
+\026\110\364\262\274\310\214\222\305\235\237\254\162\066\274\064
+\200\064\153\251\213\222\300\270\027\355\354\166\123\365\044\001
+\214\263\042\350\113\174\125\306\235\372\243\024\273\145\205\156
+\156\117\022\176\012\074\235\225
+END
+
+# Trust for Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
+# Issuer: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068,C=ES
+# Serial Number:53:ec:3b:ee:fb:b2:48:5f
+# Subject: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068,C=ES
+# Not Valid Before: Wed May 20 08:38:15 2009
+# Not Valid After : Tue Dec 31 08:38:15 2030
+# Fingerprint (MD5): 73:3A:74:7A:EC:BB:A3:96:A6:C2:E4:E2:C8:9B:C0:C3
+# Fingerprint (SHA1): AE:C5:FB:3F:C8:E1:BF:C4:E5:4F:03:07:5A:9A:E8:00:B7:F7:B6:FA
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Autoridad de Certificacion Firmaprofesional CIF A62634068"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\256\305\373\077\310\341\277\304\345\117\003\007\132\232\350\000
+\267\367\266\372
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\163\072\164\172\354\273\243\226\246\302\344\342\310\233\300\303
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\102\060\100\006\003\125\004\003\014\071\101\165\164\157\162\151
+\144\141\144\040\144\145\040\103\145\162\164\151\146\151\143\141
+\143\151\157\156\040\106\151\162\155\141\160\162\157\146\145\163
+\151\157\156\141\154\040\103\111\106\040\101\066\062\066\063\064
+\060\066\070
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\123\354\073\356\373\262\110\137
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Izenpe.com"
+#
+# Issuer: CN=Izenpe.com,O=IZENPE S.A.,C=ES
+# Serial Number:00:b0:b7:5a:16:48:5f:bf:e1:cb:f5:8b:d7:19:e6:7d
+# Subject: CN=Izenpe.com,O=IZENPE S.A.,C=ES
+# Not Valid Before: Thu Dec 13 13:08:28 2007
+# Not Valid After : Sun Dec 13 08:27:25 2037
+# Fingerprint (MD5): A6:B0:CD:85:80:DA:5C:50:34:A3:39:90:2F:55:67:73
+# Fingerprint (SHA1): 2F:78:3D:25:52:18:A7:4A:65:39:71:B5:2C:A2:9C:45:15:6F:E9:19
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Izenpe.com"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\070\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\024\060\022\006\003\125\004\012\014\013\111\132\105\116\120\105
+\040\123\056\101\056\061\023\060\021\006\003\125\004\003\014\012
+\111\172\145\156\160\145\056\143\157\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\070\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\024\060\022\006\003\125\004\012\014\013\111\132\105\116\120\105
+\040\123\056\101\056\061\023\060\021\006\003\125\004\003\014\012
+\111\172\145\156\160\145\056\143\157\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\000\260\267\132\026\110\137\277\341\313\365\213\327\031
+\346\175
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\361\060\202\003\331\240\003\002\001\002\002\020\000
+\260\267\132\026\110\137\277\341\313\365\213\327\031\346\175\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\070
+\061\013\060\011\006\003\125\004\006\023\002\105\123\061\024\060
+\022\006\003\125\004\012\014\013\111\132\105\116\120\105\040\123
+\056\101\056\061\023\060\021\006\003\125\004\003\014\012\111\172
+\145\156\160\145\056\143\157\155\060\036\027\015\060\067\061\062
+\061\063\061\063\060\070\062\070\132\027\015\063\067\061\062\061
+\063\060\070\062\067\062\065\132\060\070\061\013\060\011\006\003
+\125\004\006\023\002\105\123\061\024\060\022\006\003\125\004\012
+\014\013\111\132\105\116\120\105\040\123\056\101\056\061\023\060
+\021\006\003\125\004\003\014\012\111\172\145\156\160\145\056\143
+\157\155\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\311\323\172\312\017\036\254\247\206\350\026\145\152
+\261\302\033\105\062\161\225\331\376\020\133\314\257\347\245\171
+\001\217\211\303\312\362\125\161\367\167\276\167\224\363\162\244
+\054\104\330\236\222\233\024\072\241\347\044\220\012\012\126\216
+\305\330\046\224\341\331\110\341\055\076\332\012\162\335\243\231
+\025\332\201\242\207\364\173\156\046\167\211\130\255\326\353\014
+\262\101\172\163\156\155\333\172\170\101\351\010\210\022\176\207
+\056\146\021\143\154\124\373\074\235\162\300\274\056\377\302\267
+\335\015\166\343\072\327\367\264\150\276\242\365\343\201\156\301
+\106\157\135\215\340\115\306\124\125\211\032\063\061\012\261\127
+\271\243\212\230\303\354\073\064\305\225\101\151\176\165\302\074
+\040\305\141\272\121\107\240\040\220\223\241\220\113\363\116\174
+\205\105\124\232\321\005\046\101\260\265\115\035\063\276\304\003
+\310\045\174\301\160\333\073\364\011\055\124\047\110\254\057\341
+\304\254\076\310\313\222\114\123\071\067\043\354\323\001\371\340
+\011\104\115\115\144\300\341\015\132\207\042\274\255\033\243\376
+\046\265\025\363\247\374\204\031\351\354\241\210\264\104\151\204
+\203\363\211\321\164\006\251\314\013\326\302\336\047\205\120\046
+\312\027\270\311\172\207\126\054\032\001\036\154\276\023\255\020
+\254\265\044\365\070\221\241\326\113\332\361\273\322\336\107\265
+\361\274\201\366\131\153\317\031\123\351\215\025\313\112\313\251
+\157\104\345\033\101\317\341\206\247\312\320\152\237\274\114\215
+\006\063\132\242\205\345\220\065\240\142\134\026\116\360\343\242
+\372\003\032\264\054\161\263\130\054\336\173\013\333\032\017\353
+\336\041\037\006\167\006\003\260\311\357\231\374\300\271\117\013
+\206\050\376\322\271\352\343\332\245\303\107\151\022\340\333\360
+\366\031\213\355\173\160\327\002\326\355\207\030\050\054\004\044
+\114\167\344\110\212\032\306\073\232\324\017\312\372\165\322\001
+\100\132\215\171\277\213\317\113\317\252\026\301\225\344\255\114
+\212\076\027\221\324\261\142\345\202\345\200\004\244\003\176\215
+\277\332\177\242\017\227\117\014\323\015\373\327\321\345\162\176
+\034\310\167\377\133\232\017\267\256\005\106\345\361\250\026\354
+\107\244\027\002\003\001\000\001\243\201\366\060\201\363\060\201
+\260\006\003\125\035\021\004\201\250\060\201\245\201\017\151\156
+\146\157\100\151\172\145\156\160\145\056\143\157\155\244\201\221
+\060\201\216\061\107\060\105\006\003\125\004\012\014\076\111\132
+\105\116\120\105\040\123\056\101\056\040\055\040\103\111\106\040
+\101\060\061\063\063\067\062\066\060\055\122\115\145\162\143\056
+\126\151\164\157\162\151\141\055\107\141\163\164\145\151\172\040
+\124\061\060\065\065\040\106\066\062\040\123\070\061\103\060\101
+\006\003\125\004\011\014\072\101\166\144\141\040\144\145\154\040
+\115\145\144\151\164\145\162\162\141\156\145\157\040\105\164\157
+\162\142\151\144\145\141\040\061\064\040\055\040\060\061\060\061
+\060\040\126\151\164\157\162\151\141\055\107\141\163\164\145\151
+\172\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\006\060\035\006\003\125\035\016\004\026\004\024\035\034\145
+\016\250\362\045\173\264\221\317\344\261\261\346\275\125\164\154
+\005\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
+\003\202\002\001\000\170\246\014\026\112\237\114\210\072\300\313
+\016\245\026\175\237\271\110\137\030\217\015\142\066\366\315\031
+\153\254\253\325\366\221\175\256\161\363\077\263\016\170\205\233
+\225\244\047\041\107\102\112\174\110\072\365\105\174\263\014\216
+\121\170\254\225\023\336\306\375\175\270\032\220\114\253\222\003
+\307\355\102\001\316\017\330\261\372\242\222\341\140\155\256\172
+\153\011\252\306\051\356\150\111\147\060\200\044\172\061\026\071
+\133\176\361\034\056\335\154\011\255\362\061\301\202\116\271\273
+\371\276\277\052\205\077\300\100\243\072\131\374\131\113\074\050
+\044\333\264\025\165\256\015\210\272\056\163\300\275\130\207\345
+\102\362\353\136\356\036\060\042\231\313\067\321\304\041\154\201
+\354\276\155\046\346\034\344\102\040\236\107\260\254\203\131\160
+\054\065\326\257\066\064\264\315\073\370\062\250\357\343\170\211
+\373\215\105\054\332\234\270\176\100\034\141\347\076\242\222\054
+\113\362\315\372\230\266\051\377\363\362\173\251\037\056\240\223
+\127\053\336\205\003\371\151\067\313\236\170\152\005\264\305\061
+\170\211\354\172\247\205\341\271\173\074\336\276\036\171\204\316
+\237\160\016\131\302\065\056\220\052\061\331\344\105\172\101\244
+\056\023\233\064\016\146\173\111\253\144\227\320\106\303\171\235
+\162\120\143\246\230\133\006\275\110\155\330\071\203\160\350\065
+\360\005\321\252\274\343\333\310\002\352\174\375\202\332\302\133
+\122\065\256\230\072\255\272\065\223\043\247\037\110\335\065\106
+\230\262\020\150\344\245\061\302\012\130\056\031\201\020\311\120
+\165\374\352\132\026\316\021\327\356\357\120\210\055\141\377\077
+\102\163\005\224\103\325\216\074\116\001\072\031\245\037\106\116
+\167\320\135\345\201\042\041\207\376\224\175\204\330\223\255\326
+\150\103\110\262\333\353\163\044\347\221\177\124\244\266\200\076
+\235\243\074\114\162\302\127\304\240\324\314\070\047\316\325\006
+\236\242\110\331\351\237\316\202\160\066\223\232\073\337\226\041
+\343\131\267\014\332\221\067\360\375\131\132\263\231\310\151\154
+\103\046\001\065\143\140\125\211\003\072\165\330\272\112\331\124
+\377\356\336\200\330\055\321\070\325\136\055\013\230\175\076\154
+\333\374\046\210\307
+END
+
+# Trust for Certificate "Izenpe.com"
+# Issuer: CN=Izenpe.com,O=IZENPE S.A.,C=ES
+# Serial Number:00:b0:b7:5a:16:48:5f:bf:e1:cb:f5:8b:d7:19:e6:7d
+# Subject: CN=Izenpe.com,O=IZENPE S.A.,C=ES
+# Not Valid Before: Thu Dec 13 13:08:28 2007
+# Not Valid After : Sun Dec 13 08:27:25 2037
+# Fingerprint (MD5): A6:B0:CD:85:80:DA:5C:50:34:A3:39:90:2F:55:67:73
+# Fingerprint (SHA1): 2F:78:3D:25:52:18:A7:4A:65:39:71:B5:2C:A2:9C:45:15:6F:E9:19
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Izenpe.com"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\057\170\075\045\122\030\247\112\145\071\161\265\054\242\234\105
+\025\157\351\031
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\246\260\315\205\200\332\134\120\064\243\071\220\057\125\147\163
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\070\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\024\060\022\006\003\125\004\012\014\013\111\132\105\116\120\105
+\040\123\056\101\056\061\023\060\021\006\003\125\004\003\014\012
+\111\172\145\156\160\145\056\143\157\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\000\260\267\132\026\110\137\277\341\313\365\213\327\031
+\346\175
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Chambers of Commerce Root - 2008"
+#
+# Issuer: CN=Chambers of Commerce Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Serial Number:00:a3:da:42:7e:a4:b1:ae:da
+# Subject: CN=Chambers of Commerce Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Not Valid Before: Fri Aug 01 12:29:50 2008
+# Not Valid After : Sat Jul 31 12:29:50 2038
+# Fingerprint (MD5): 5E:80:9E:84:5A:0E:65:0B:17:02:F3:55:18:2A:3E:D7
+# Fingerprint (SHA1): 78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Chambers of Commerce Root - 2008"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\051\060\047\006\003\125\004\003\023
+\040\103\150\141\155\142\145\162\163\040\157\146\040\103\157\155
+\155\145\162\143\145\040\122\157\157\164\040\055\040\062\060\060
+\070
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\051\060\047\006\003\125\004\003\023
+\040\103\150\141\155\142\145\162\163\040\157\146\040\103\157\155
+\155\145\162\143\145\040\122\157\157\164\040\055\040\062\060\060
+\070
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\243\332\102\176\244\261\256\332
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\007\117\060\202\005\067\240\003\002\001\002\002\011\000
+\243\332\102\176\244\261\256\332\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\060\201\256\061\013\060\011\006\003
+\125\004\006\023\002\105\125\061\103\060\101\006\003\125\004\007
+\023\072\115\141\144\162\151\144\040\050\163\145\145\040\143\165
+\162\162\145\156\164\040\141\144\144\162\145\163\163\040\141\164
+\040\167\167\167\056\143\141\155\145\162\146\151\162\155\141\056
+\143\157\155\057\141\144\144\162\145\163\163\051\061\022\060\020
+\006\003\125\004\005\023\011\101\070\062\067\064\063\062\070\067
+\061\033\060\031\006\003\125\004\012\023\022\101\103\040\103\141
+\155\145\162\146\151\162\155\141\040\123\056\101\056\061\051\060
+\047\006\003\125\004\003\023\040\103\150\141\155\142\145\162\163
+\040\157\146\040\103\157\155\155\145\162\143\145\040\122\157\157
+\164\040\055\040\062\060\060\070\060\036\027\015\060\070\060\070
+\060\061\061\062\062\071\065\060\132\027\015\063\070\060\067\063
+\061\061\062\062\071\065\060\132\060\201\256\061\013\060\011\006
+\003\125\004\006\023\002\105\125\061\103\060\101\006\003\125\004
+\007\023\072\115\141\144\162\151\144\040\050\163\145\145\040\143
+\165\162\162\145\156\164\040\141\144\144\162\145\163\163\040\141
+\164\040\167\167\167\056\143\141\155\145\162\146\151\162\155\141
+\056\143\157\155\057\141\144\144\162\145\163\163\051\061\022\060
+\020\006\003\125\004\005\023\011\101\070\062\067\064\063\062\070
+\067\061\033\060\031\006\003\125\004\012\023\022\101\103\040\103
+\141\155\145\162\146\151\162\155\141\040\123\056\101\056\061\051
+\060\047\006\003\125\004\003\023\040\103\150\141\155\142\145\162
+\163\040\157\146\040\103\157\155\155\145\162\143\145\040\122\157
+\157\164\040\055\040\062\060\060\070\060\202\002\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017
+\000\060\202\002\012\002\202\002\001\000\257\000\313\160\067\053
+\200\132\112\072\154\170\224\175\243\177\032\037\366\065\325\275
+\333\313\015\104\162\076\046\262\220\122\272\143\073\050\130\157
+\245\263\155\224\246\363\335\144\014\125\366\366\347\362\042\042
+\200\136\341\142\306\266\051\341\201\154\362\277\345\175\062\152
+\124\240\062\031\131\376\037\213\327\075\140\206\205\044\157\343
+\021\263\167\076\040\226\065\041\153\263\010\331\160\056\144\367
+\204\222\123\326\016\260\220\212\212\343\207\215\006\323\275\220
+\016\342\231\241\033\206\016\332\232\012\273\013\141\120\006\122
+\361\236\177\166\354\313\017\320\036\015\317\231\060\075\034\304
+\105\020\130\254\326\323\350\327\345\352\305\001\007\167\326\121
+\346\003\177\212\110\245\115\150\165\271\351\274\236\116\031\161
+\365\062\113\234\155\140\031\013\373\314\235\165\334\277\046\315
+\217\223\170\071\171\163\136\045\016\312\134\353\167\022\007\313
+\144\101\107\162\223\253\120\303\353\011\166\144\064\322\071\267
+\166\021\011\015\166\105\304\251\256\075\152\257\265\175\145\057
+\224\130\020\354\134\174\257\176\342\266\030\331\320\233\116\132
+\111\337\251\146\013\314\074\306\170\174\247\234\035\343\316\216
+\123\276\005\336\140\017\153\345\032\333\077\343\341\041\311\051
+\301\361\353\007\234\122\033\001\104\121\074\173\045\327\304\345
+\122\124\135\045\007\312\026\040\270\255\344\101\356\172\010\376
+\231\157\203\246\221\002\260\154\066\125\152\347\175\365\226\346
+\312\201\326\227\361\224\203\351\355\260\261\153\022\151\036\254
+\373\135\251\305\230\351\264\133\130\172\276\075\242\104\072\143
+\131\324\013\045\336\033\117\275\345\001\236\315\322\051\325\237
+\027\031\012\157\277\014\220\323\011\137\331\343\212\065\314\171
+\132\115\031\067\222\267\304\301\255\257\364\171\044\232\262\001
+\013\261\257\134\226\363\200\062\373\134\075\230\361\240\077\112
+\336\276\257\224\056\331\125\232\027\156\140\235\143\154\270\143
+\311\256\201\134\030\065\340\220\273\276\074\117\067\042\271\176
+\353\317\236\167\041\246\075\070\201\373\110\332\061\075\053\343
+\211\365\320\265\275\176\340\120\304\022\211\263\043\232\020\061
+\205\333\256\157\357\070\063\030\166\021\002\003\001\000\001\243
+\202\001\154\060\202\001\150\060\022\006\003\125\035\023\001\001
+\377\004\010\060\006\001\001\377\002\001\014\060\035\006\003\125
+\035\016\004\026\004\024\371\044\254\017\262\265\370\171\300\372
+\140\210\033\304\331\115\002\236\027\031\060\201\343\006\003\125
+\035\043\004\201\333\060\201\330\200\024\371\044\254\017\262\265
+\370\171\300\372\140\210\033\304\331\115\002\236\027\031\241\201
+\264\244\201\261\060\201\256\061\013\060\011\006\003\125\004\006
+\023\002\105\125\061\103\060\101\006\003\125\004\007\023\072\115
+\141\144\162\151\144\040\050\163\145\145\040\143\165\162\162\145
+\156\164\040\141\144\144\162\145\163\163\040\141\164\040\167\167
+\167\056\143\141\155\145\162\146\151\162\155\141\056\143\157\155
+\057\141\144\144\162\145\163\163\051\061\022\060\020\006\003\125
+\004\005\023\011\101\070\062\067\064\063\062\070\067\061\033\060
+\031\006\003\125\004\012\023\022\101\103\040\103\141\155\145\162
+\146\151\162\155\141\040\123\056\101\056\061\051\060\047\006\003
+\125\004\003\023\040\103\150\141\155\142\145\162\163\040\157\146
+\040\103\157\155\155\145\162\143\145\040\122\157\157\164\040\055
+\040\062\060\060\070\202\011\000\243\332\102\176\244\261\256\332
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\075\006\003\125\035\040\004\066\060\064\060\062\006\004\125
+\035\040\000\060\052\060\050\006\010\053\006\001\005\005\007\002
+\001\026\034\150\164\164\160\072\057\057\160\157\154\151\143\171
+\056\143\141\155\145\162\146\151\162\155\141\056\143\157\155\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\002\001\000\220\022\257\042\065\302\243\071\360\056\336\351\265
+\351\170\174\110\276\077\175\105\222\136\351\332\261\031\374\026
+\074\237\264\133\146\236\152\347\303\271\135\210\350\017\255\317
+\043\017\336\045\072\136\314\117\245\301\265\055\254\044\322\130
+\007\336\242\317\151\204\140\063\350\020\015\023\251\043\320\205
+\345\216\173\246\236\075\162\023\162\063\365\252\175\306\143\037
+\010\364\376\001\177\044\317\053\054\124\011\336\342\053\155\222
+\306\071\117\026\352\074\176\172\106\324\105\152\106\250\353\165
+\202\126\247\253\240\174\150\023\063\366\235\060\360\157\047\071
+\044\043\052\220\375\220\051\065\362\223\337\064\245\306\367\370
+\357\214\017\142\112\174\256\323\365\124\370\215\266\232\126\207
+\026\202\072\063\253\132\042\010\367\202\272\352\056\340\107\232
+\264\265\105\243\005\073\331\334\056\105\100\073\352\334\177\350
+\073\353\321\354\046\330\065\244\060\305\072\254\127\236\263\166
+\245\040\173\371\036\112\005\142\001\246\050\165\140\227\222\015
+\156\076\115\067\103\015\222\025\234\030\042\315\121\231\240\051
+\032\074\137\212\062\063\133\060\307\211\057\107\230\017\243\003
+\306\366\361\254\337\062\360\331\201\032\344\234\275\366\200\024
+\360\321\054\271\205\365\330\243\261\310\245\041\345\034\023\227
+\356\016\275\337\051\251\357\064\123\133\323\344\152\023\204\006
+\266\062\002\304\122\256\042\322\334\262\041\102\032\332\100\360
+\051\311\354\012\014\134\342\320\272\314\110\323\067\012\314\022
+\012\212\171\260\075\003\177\151\113\364\064\040\175\263\064\352
+\216\113\144\365\076\375\263\043\147\025\015\004\270\360\055\301
+\011\121\074\262\154\025\360\245\043\327\203\164\344\345\056\311
+\376\230\047\102\306\253\306\236\260\320\133\070\245\233\120\336
+\176\030\230\265\105\073\366\171\264\350\367\032\173\006\203\373
+\320\213\332\273\307\275\030\253\010\157\074\200\153\100\077\031
+\031\272\145\212\346\276\325\134\323\066\327\357\100\122\044\140
+\070\147\004\061\354\217\363\202\306\336\271\125\363\073\061\221
+\132\334\265\010\025\255\166\045\012\015\173\056\207\342\014\246
+\006\274\046\020\155\067\235\354\335\170\214\174\200\305\360\331
+\167\110\320
+END
+
+# Trust for Certificate "Chambers of Commerce Root - 2008"
+# Issuer: CN=Chambers of Commerce Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Serial Number:00:a3:da:42:7e:a4:b1:ae:da
+# Subject: CN=Chambers of Commerce Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Not Valid Before: Fri Aug 01 12:29:50 2008
+# Not Valid After : Sat Jul 31 12:29:50 2038
+# Fingerprint (MD5): 5E:80:9E:84:5A:0E:65:0B:17:02:F3:55:18:2A:3E:D7
+# Fingerprint (SHA1): 78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Chambers of Commerce Root - 2008"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\170\152\164\254\166\253\024\177\234\152\060\120\272\236\250\176
+\376\232\316\074
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\136\200\236\204\132\016\145\013\027\002\363\125\030\052\076\327
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\256\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\051\060\047\006\003\125\004\003\023
+\040\103\150\141\155\142\145\162\163\040\157\146\040\103\157\155
+\155\145\162\143\145\040\122\157\157\164\040\055\040\062\060\060
+\070
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\243\332\102\176\244\261\256\332
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Global Chambersign Root - 2008"
+#
+# Issuer: CN=Global Chambersign Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Serial Number:00:c9:cd:d3:e9:d5:7d:23:ce
+# Subject: CN=Global Chambersign Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Not Valid Before: Fri Aug 01 12:31:40 2008
+# Not Valid After : Sat Jul 31 12:31:40 2038
+# Fingerprint (MD5): 9E:80:FF:78:01:0C:2E:C1:36:BD:FE:96:90:6E:08:F3
+# Fingerprint (SHA1): 4A:BD:EE:EC:95:0D:35:9C:89:AE:C7:52:A1:2C:5B:29:F6:D6:AA:0C
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Global Chambersign Root - 2008"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\254\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\047\060\045\006\003\125\004\003\023
+\036\107\154\157\142\141\154\040\103\150\141\155\142\145\162\163
+\151\147\156\040\122\157\157\164\040\055\040\062\060\060\070
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\047\060\045\006\003\125\004\003\023
+\036\107\154\157\142\141\154\040\103\150\141\155\142\145\162\163
+\151\147\156\040\122\157\157\164\040\055\040\062\060\060\070
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\311\315\323\351\325\175\043\316
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\007\111\060\202\005\061\240\003\002\001\002\002\011\000
+\311\315\323\351\325\175\043\316\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\060\201\254\061\013\060\011\006\003
+\125\004\006\023\002\105\125\061\103\060\101\006\003\125\004\007
+\023\072\115\141\144\162\151\144\040\050\163\145\145\040\143\165
+\162\162\145\156\164\040\141\144\144\162\145\163\163\040\141\164
+\040\167\167\167\056\143\141\155\145\162\146\151\162\155\141\056
+\143\157\155\057\141\144\144\162\145\163\163\051\061\022\060\020
+\006\003\125\004\005\023\011\101\070\062\067\064\063\062\070\067
+\061\033\060\031\006\003\125\004\012\023\022\101\103\040\103\141
+\155\145\162\146\151\162\155\141\040\123\056\101\056\061\047\060
+\045\006\003\125\004\003\023\036\107\154\157\142\141\154\040\103
+\150\141\155\142\145\162\163\151\147\156\040\122\157\157\164\040
+\055\040\062\060\060\070\060\036\027\015\060\070\060\070\060\061
+\061\062\063\061\064\060\132\027\015\063\070\060\067\063\061\061
+\062\063\061\064\060\132\060\201\254\061\013\060\011\006\003\125
+\004\006\023\002\105\125\061\103\060\101\006\003\125\004\007\023
+\072\115\141\144\162\151\144\040\050\163\145\145\040\143\165\162
+\162\145\156\164\040\141\144\144\162\145\163\163\040\141\164\040
+\167\167\167\056\143\141\155\145\162\146\151\162\155\141\056\143
+\157\155\057\141\144\144\162\145\163\163\051\061\022\060\020\006
+\003\125\004\005\023\011\101\070\062\067\064\063\062\070\067\061
+\033\060\031\006\003\125\004\012\023\022\101\103\040\103\141\155
+\145\162\146\151\162\155\141\040\123\056\101\056\061\047\060\045
+\006\003\125\004\003\023\036\107\154\157\142\141\154\040\103\150
+\141\155\142\145\162\163\151\147\156\040\122\157\157\164\040\055
+\040\062\060\060\070\060\202\002\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002
+\012\002\202\002\001\000\300\337\126\323\344\072\233\166\105\264
+\023\333\377\301\266\031\213\067\101\030\225\122\107\353\027\235
+\051\210\216\065\154\006\062\056\107\142\363\111\004\277\175\104
+\066\261\161\314\275\132\011\163\325\331\205\104\377\221\127\045
+\337\136\066\216\160\321\134\161\103\035\331\332\357\134\322\373
+\033\275\072\265\313\255\243\314\104\247\015\256\041\025\077\271
+\172\133\222\165\330\244\022\070\211\031\212\267\200\322\342\062
+\157\126\234\221\326\210\020\013\263\164\144\222\164\140\363\366
+\317\030\117\140\262\043\320\307\073\316\141\113\231\217\302\014
+\320\100\262\230\334\015\250\116\243\271\012\256\140\240\255\105
+\122\143\272\146\275\150\340\371\276\032\250\201\273\036\101\170
+\165\323\301\376\000\125\260\207\124\350\047\220\065\035\114\063
+\255\227\374\227\056\230\204\277\054\311\243\277\321\230\021\024
+\355\143\370\312\230\210\130\027\231\355\105\003\227\176\074\206
+\036\210\214\276\362\221\204\217\145\064\330\000\114\175\267\061
+\027\132\051\172\012\030\044\060\243\067\265\172\251\001\175\046
+\326\371\016\216\131\361\375\033\063\265\051\073\027\073\101\266
+\041\335\324\300\075\245\237\237\037\103\120\311\273\274\154\172
+\227\230\356\315\214\037\373\234\121\256\213\160\275\047\237\161
+\300\153\254\175\220\146\350\327\135\072\015\260\325\302\215\325
+\310\235\235\301\155\320\320\277\121\344\343\370\303\070\066\256
+\326\247\165\346\257\204\103\135\223\222\014\152\007\336\073\035
+\230\042\326\254\301\065\333\243\240\045\377\162\265\166\035\336
+\155\351\054\146\054\122\204\320\105\222\316\034\345\345\063\035
+\334\007\123\124\243\252\202\073\232\067\057\334\335\240\144\351
+\346\335\275\256\374\144\205\035\074\247\311\006\336\204\377\153
+\350\153\032\074\305\242\263\102\373\213\011\076\137\010\122\307
+\142\304\324\005\161\277\304\144\344\370\241\203\350\076\022\233
+\250\036\324\066\115\057\161\366\215\050\366\203\251\023\322\141
+\301\221\273\110\300\064\217\101\214\113\114\333\151\022\377\120
+\224\234\040\203\131\163\355\174\241\362\361\375\335\367\111\323
+\103\130\240\126\143\312\075\075\345\065\126\131\351\016\312\040
+\314\053\113\223\051\017\002\003\001\000\001\243\202\001\152\060
+\202\001\146\060\022\006\003\125\035\023\001\001\377\004\010\060
+\006\001\001\377\002\001\014\060\035\006\003\125\035\016\004\026
+\004\024\271\011\312\234\036\333\323\154\072\153\256\355\124\361
+\133\223\006\065\056\136\060\201\341\006\003\125\035\043\004\201
+\331\060\201\326\200\024\271\011\312\234\036\333\323\154\072\153
+\256\355\124\361\133\223\006\065\056\136\241\201\262\244\201\257
+\060\201\254\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\047\060\045\006\003\125\004\003\023
+\036\107\154\157\142\141\154\040\103\150\141\155\142\145\162\163
+\151\147\156\040\122\157\157\164\040\055\040\062\060\060\070\202
+\011\000\311\315\323\351\325\175\043\316\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\075\006\003\125\035
+\040\004\066\060\064\060\062\006\004\125\035\040\000\060\052\060
+\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164\164
+\160\072\057\057\160\157\154\151\143\171\056\143\141\155\145\162
+\146\151\162\155\141\056\143\157\155\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\002\001\000\200\210\177
+\160\336\222\050\331\005\224\106\377\220\127\251\361\057\337\032
+\015\153\372\174\016\034\111\044\171\047\330\106\252\157\051\131
+\122\210\160\022\352\335\075\365\233\123\124\157\341\140\242\250
+\011\271\354\353\131\174\306\065\361\334\030\351\361\147\345\257
+\272\105\340\011\336\312\104\017\302\027\016\167\221\105\172\063
+\137\137\226\054\150\213\301\107\217\230\233\075\300\354\313\365
+\325\202\222\204\065\321\276\066\070\126\162\061\133\107\055\252
+\027\244\143\121\353\012\001\255\177\354\165\236\313\241\037\361
+\177\022\261\271\344\144\177\147\326\043\052\364\270\071\135\230
+\350\041\247\341\275\075\102\032\164\232\160\257\150\154\120\135
+\111\317\377\373\016\135\346\054\107\327\201\072\131\000\265\163
+\153\143\040\366\061\105\010\071\016\364\160\176\100\160\132\077
+\320\153\102\251\164\075\050\057\002\155\165\162\225\011\215\110
+\143\306\306\043\127\222\223\136\065\301\215\371\012\367\054\235
+\142\034\366\255\174\335\246\061\036\266\261\307\176\205\046\372
+\244\152\265\332\143\060\321\357\223\067\262\146\057\175\005\367
+\347\267\113\230\224\065\300\331\072\051\301\235\262\120\063\035
+\112\251\132\246\311\003\357\355\364\347\250\156\212\264\127\204
+\353\244\077\320\356\252\252\207\133\143\350\223\342\153\250\324
+\270\162\170\153\033\355\071\344\135\313\233\252\207\325\117\116
+\000\376\331\152\237\074\061\017\050\002\001\175\230\350\247\260
+\242\144\236\171\370\110\362\025\251\314\346\310\104\353\077\170
+\231\362\173\161\076\074\361\230\247\305\030\022\077\346\273\050
+\063\102\351\105\012\174\155\362\206\171\057\305\202\031\175\011
+\211\174\262\124\166\210\256\336\301\363\314\341\156\333\061\326
+\223\256\231\240\357\045\152\163\230\211\133\072\056\023\210\036
+\277\300\222\224\064\033\343\047\267\213\036\157\102\377\347\351
+\067\233\120\035\055\242\371\002\356\313\130\130\072\161\274\150
+\343\252\301\257\034\050\037\242\334\043\145\077\201\352\256\231
+\323\330\060\317\023\015\117\025\311\204\274\247\110\055\370\060
+\043\167\330\106\113\171\155\366\214\355\072\177\140\021\170\364
+\351\233\256\325\124\300\164\200\321\013\102\237\301
+END
+
+# Trust for Certificate "Global Chambersign Root - 2008"
+# Issuer: CN=Global Chambersign Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Serial Number:00:c9:cd:d3:e9:d5:7d:23:ce
+# Subject: CN=Global Chambersign Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
+# Not Valid Before: Fri Aug 01 12:31:40 2008
+# Not Valid After : Sat Jul 31 12:31:40 2038
+# Fingerprint (MD5): 9E:80:FF:78:01:0C:2E:C1:36:BD:FE:96:90:6E:08:F3
+# Fingerprint (SHA1): 4A:BD:EE:EC:95:0D:35:9C:89:AE:C7:52:A1:2C:5B:29:F6:D6:AA:0C
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Global Chambersign Root - 2008"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\112\275\356\354\225\015\065\234\211\256\307\122\241\054\133\051
+\366\326\252\014
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\236\200\377\170\001\014\056\301\066\275\376\226\220\156\010\363
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\013\060\011\006\003\125\004\006\023\002\105\125
+\061\103\060\101\006\003\125\004\007\023\072\115\141\144\162\151
+\144\040\050\163\145\145\040\143\165\162\162\145\156\164\040\141
+\144\144\162\145\163\163\040\141\164\040\167\167\167\056\143\141
+\155\145\162\146\151\162\155\141\056\143\157\155\057\141\144\144
+\162\145\163\163\051\061\022\060\020\006\003\125\004\005\023\011
+\101\070\062\067\064\063\062\070\067\061\033\060\031\006\003\125
+\004\012\023\022\101\103\040\103\141\155\145\162\146\151\162\155
+\141\040\123\056\101\056\061\047\060\045\006\003\125\004\003\023
+\036\107\154\157\142\141\154\040\103\150\141\155\142\145\162\163
+\151\147\156\040\122\157\157\164\040\055\040\062\060\060\070
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\311\315\323\351\325\175\043\316
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Mozilla Addons"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43
+# Subject: CN=addons.mozilla.org,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 84:C5:18:67:1F:2A:1A:90:BE:E2:B1:18:4F:03:00:32
+# Fingerprint (SHA1): 30:5F:8B:D1:7A:A2:CB:C4:83:A4:C4:1B:19:A3:9A:0C:75:DA:39:D6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Mozilla Addons"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\342\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\033\060\031\006\003\125\004
+\003\023\022\141\144\144\157\156\163\056\155\157\172\151\154\154
+\141\056\157\162\147
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\222\071\325\064\217\100\321\151\132\164\124\160\341
+\362\077\103
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\370\060\202\004\340\240\003\002\001\002\002\021\000
+\222\071\325\064\217\100\321\151\132\164\124\160\341\362\077\103
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004
+\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060
+\063\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063
+\061\064\062\063\065\071\065\071\132\060\201\342\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125
+\004\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125
+\004\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006
+\003\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060
+\025\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154
+\141\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023
+\013\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021
+\006\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164
+\056\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164
+\145\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040
+\103\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006
+\003\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123
+\114\061\033\060\031\006\003\125\004\003\023\022\141\144\144\157
+\156\163\056\155\157\172\151\154\154\141\056\157\162\147\060\202
+\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\253
+\306\155\066\363\025\163\170\203\163\316\164\205\325\256\354\262
+\360\340\044\037\023\203\270\040\254\273\232\376\210\273\253\241
+\035\013\037\105\000\252\111\267\065\067\014\152\357\107\114\271
+\321\276\343\127\022\004\215\222\307\266\354\001\274\266\332\307
+\201\070\040\255\162\205\346\016\374\201\154\007\255\150\166\070
+\305\104\327\314\306\112\305\227\076\144\364\121\346\360\176\262
+\354\126\367\045\202\115\111\230\313\026\230\335\043\361\211\221
+\321\027\227\100\231\046\326\342\242\053\136\337\275\211\362\033
+\032\123\055\314\120\101\172\320\075\052\014\125\160\024\001\351
+\130\111\020\172\013\223\202\213\341\036\355\072\200\020\202\316
+\226\212\064\360\314\327\323\271\264\120\207\125\124\011\270\235
+\102\050\125\000\345\214\065\124\277\335\045\221\106\267\015\345
+\135\203\250\345\213\373\204\344\074\256\166\332\304\103\053\133
+\164\013\370\276\135\150\361\170\133\265\316\175\361\135\231\100
+\332\312\356\070\201\120\276\230\241\154\270\044\255\363\257\214
+\017\327\021\050\054\204\030\114\175\265\331\217\060\265\033\002
+\003\001\000\001\243\202\001\360\060\202\001\354\060\037\006\003
+\125\035\043\004\030\060\026\200\024\241\162\137\046\033\050\230
+\103\225\135\007\067\325\205\226\235\113\322\303\105\060\035\006
+\003\125\035\016\004\026\004\024\335\200\322\124\075\367\114\160
+\312\243\260\335\064\172\062\344\350\073\132\073\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\005\240\060\014\006\003
+\125\035\023\001\001\377\004\002\060\000\060\035\006\003\125\035
+\045\004\026\060\024\006\010\053\006\001\005\005\007\003\001\006
+\010\053\006\001\005\005\007\003\002\060\106\006\003\125\035\040
+\004\077\060\075\060\073\006\014\053\006\001\004\001\262\061\001
+\002\001\003\004\060\053\060\051\006\010\053\006\001\005\005\007
+\002\001\026\035\150\164\164\160\163\072\057\057\163\145\143\165
+\162\145\056\143\157\155\157\144\157\056\143\157\155\057\103\120
+\123\060\173\006\003\125\035\037\004\164\060\162\060\070\240\066
+\240\064\206\062\150\164\164\160\072\057\057\143\162\154\056\143
+\157\155\157\144\157\143\141\056\143\157\155\057\125\124\116\055
+\125\123\105\122\106\151\162\163\164\055\110\141\162\144\167\141
+\162\145\056\143\162\154\060\066\240\064\240\062\206\060\150\164
+\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157\056
+\156\145\164\057\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145\056\143\162\154\060\161
+\006\010\053\006\001\005\005\007\001\001\004\145\060\143\060\073
+\006\010\053\006\001\005\005\007\060\002\206\057\150\164\164\160
+\072\057\057\143\162\164\056\143\157\155\157\144\157\143\141\056
+\143\157\155\057\125\124\116\101\144\144\124\162\165\163\164\123
+\145\162\166\145\162\103\101\056\143\162\164\060\044\006\010\053
+\006\001\005\005\007\060\001\206\030\150\164\164\160\072\057\057
+\157\143\163\160\056\143\157\155\157\144\157\143\141\056\143\157
+\155\060\065\006\003\125\035\021\004\056\060\054\202\022\141\144
+\144\157\156\163\056\155\157\172\151\154\154\141\056\157\162\147
+\202\026\167\167\167\056\141\144\144\157\156\163\056\155\157\172
+\151\154\154\141\056\157\162\147\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\001\001\000\063\073\143\025
+\374\261\354\024\054\223\335\165\224\336\201\132\331\116\231\276
+\373\112\244\071\125\115\241\100\172\336\023\052\207\251\067\317
+\350\325\373\255\321\173\155\157\214\040\207\202\124\346\127\111
+\274\040\050\204\315\326\001\331\223\213\027\156\043\146\345\204
+\310\200\077\306\241\160\200\344\354\115\035\371\374\221\132\163
+\142\051\232\367\040\034\141\340\213\071\237\312\274\176\215\335
+\274\331\261\343\237\236\337\025\123\221\041\122\013\331\032\043
+\017\146\066\333\254\223\226\112\243\245\042\317\051\367\242\231
+\250\366\266\331\100\256\331\176\266\366\130\056\233\254\066\312
+\144\217\145\122\334\206\234\202\253\156\120\113\332\137\372\005
+\000\210\060\016\336\215\126\277\201\107\215\075\006\342\262\142
+\222\147\217\236\310\232\262\345\006\270\160\044\270\167\174\043
+\012\070\303\171\010\330\261\121\235\254\225\021\307\100\027\236
+\243\034\217\362\021\247\150\047\332\111\005\204\030\174\130\055
+\001\147\134\345\237\241\051\273\112\071\105\057\277\021\252\171
+\242\355\264\324\265\145\103\267\223\106\212\323
+END
+
+# Trust for Certificate "Bogus Mozilla Addons"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43
+# Subject: CN=addons.mozilla.org,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 84:C5:18:67:1F:2A:1A:90:BE:E2:B1:18:4F:03:00:32
+# Fingerprint (SHA1): 30:5F:8B:D1:7A:A2:CB:C4:83:A4:C4:1B:19:A3:9A:0C:75:DA:39:D6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Mozilla Addons"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\060\137\213\321\172\242\313\304\203\244\304\033\031\243\232\014
+\165\332\071\326
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\204\305\030\147\037\052\032\220\276\342\261\030\117\003\000\062
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\222\071\325\064\217\100\321\151\132\164\124\160\341
+\362\077\103
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Global Trustee"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0
+# Subject: CN=global trustee,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Global Trustee,O=Global Trustee,STREET=Sea Village 10,L=Tampa,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): FE:0D:01:6E:71:CB:8C:D8:3F:0E:0C:CD:49:35:B8:57
+# Fingerprint (SHA1): 61:79:3F:CB:FA:4F:90:08:30:9B:BA:5F:F1:2D:2C:B2:9C:D4:15:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Global Trustee"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\343\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\016\060\014\006\003\125\004\007\023\005\124\141\155
+\160\141\061\027\060\025\006\003\125\004\011\023\016\123\145\141
+\040\126\151\154\154\141\147\145\040\061\060\061\027\060\025\006
+\003\125\004\012\023\016\107\154\157\142\141\154\040\124\162\165
+\163\164\145\145\061\027\060\025\006\003\125\004\013\023\016\107
+\154\157\142\141\154\040\124\162\165\163\164\145\145\061\050\060
+\046\006\003\125\004\013\023\037\110\157\163\164\145\144\040\142
+\171\040\107\124\111\040\107\162\157\165\160\040\103\157\162\160
+\157\162\141\164\151\157\156\061\024\060\022\006\003\125\004\013
+\023\013\120\154\141\164\151\156\165\155\123\123\114\061\027\060
+\025\006\003\125\004\003\023\016\147\154\157\142\141\154\040\164
+\162\165\163\164\145\145
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\330\363\137\116\267\207\053\055\253\006\222\343\025
+\070\057\260
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\335\060\202\005\305\240\003\002\001\002\002\021\000
+\330\363\137\116\267\207\053\055\253\006\222\343\025\070\057\260
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004
+\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060
+\063\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063
+\061\064\062\063\065\071\065\071\132\060\201\343\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125
+\004\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125
+\004\010\023\007\106\154\157\162\151\144\141\061\016\060\014\006
+\003\125\004\007\023\005\124\141\155\160\141\061\027\060\025\006
+\003\125\004\011\023\016\123\145\141\040\126\151\154\154\141\147
+\145\040\061\060\061\027\060\025\006\003\125\004\012\023\016\107
+\154\157\142\141\154\040\124\162\165\163\164\145\145\061\027\060
+\025\006\003\125\004\013\023\016\107\154\157\142\141\154\040\124
+\162\165\163\164\145\145\061\050\060\046\006\003\125\004\013\023
+\037\110\157\163\164\145\144\040\142\171\040\107\124\111\040\107
+\162\157\165\160\040\103\157\162\160\157\162\141\164\151\157\156
+\061\024\060\022\006\003\125\004\013\023\013\120\154\141\164\151
+\156\165\155\123\123\114\061\027\060\025\006\003\125\004\003\023
+\016\147\154\157\142\141\154\040\164\162\165\163\164\145\145\060
+\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000
+\331\164\362\252\101\035\337\365\302\026\103\111\134\051\277\266
+\211\164\051\274\234\215\014\106\117\131\176\262\101\027\146\064
+\014\145\211\341\154\045\343\206\012\236\042\105\042\214\335\235
+\346\243\225\336\334\210\002\125\134\343\133\221\165\353\046\151
+\143\271\056\306\312\056\047\337\210\272\002\040\156\376\271\013
+\051\327\247\326\327\110\032\034\316\335\037\251\047\016\142\117
+\241\226\036\335\124\072\064\143\112\166\365\167\175\131\147\330
+\020\324\265\017\072\103\042\230\333\364\011\304\012\160\316\335
+\220\324\057\357\164\023\303\315\302\211\071\142\025\235\346\164
+\250\350\233\360\143\156\234\211\266\016\255\233\367\314\202\350
+\350\055\270\013\332\042\354\111\205\007\210\231\230\077\364\164
+\251\011\367\201\174\227\013\131\231\030\162\213\333\224\202\053
+\247\350\252\153\227\277\210\176\165\260\213\105\105\014\307\250
+\011\352\033\101\130\060\073\137\170\145\025\064\322\344\074\064
+\015\035\330\144\074\212\245\126\111\231\050\055\113\362\317\315
+\331\156\111\144\233\251\171\220\167\125\251\010\033\255\032\164
+\236\340\003\223\012\011\267\255\247\264\134\357\203\154\267\232
+\264\306\150\100\200\035\102\321\156\171\233\251\031\041\232\234
+\371\206\055\000\321\064\376\340\266\371\125\266\365\046\305\225
+\026\245\174\163\237\012\051\211\254\072\230\367\233\164\147\267
+\220\267\135\011\043\152\152\355\054\020\356\123\012\020\360\026
+\037\127\263\261\015\171\221\031\260\353\315\060\077\240\024\137
+\263\306\375\134\063\247\260\377\230\260\125\214\271\245\362\157
+\107\044\111\041\151\314\102\242\121\000\100\205\214\202\202\253
+\062\245\313\232\334\320\331\030\015\337\031\364\257\203\015\301
+\076\061\333\044\110\266\165\200\241\341\311\167\144\036\247\345
+\213\177\025\115\113\247\302\320\355\171\225\136\221\061\354\030
+\377\116\237\110\024\352\165\272\041\316\051\166\351\037\116\121
+\207\056\263\314\004\140\272\043\037\037\145\262\012\270\325\156
+\217\113\102\211\107\251\201\220\133\053\262\266\256\346\240\160
+\173\170\220\012\172\305\345\347\305\373\012\366\057\151\214\214
+\037\127\340\006\231\377\021\325\122\062\040\227\047\230\356\145
+\002\003\001\000\001\243\202\001\324\060\202\001\320\060\037\006
+\003\125\035\043\004\030\060\026\200\024\241\162\137\046\033\050
+\230\103\225\135\007\067\325\205\226\235\113\322\303\105\060\035
+\006\003\125\035\016\004\026\004\024\267\303\336\032\103\355\101
+\227\251\217\051\170\234\003\271\254\100\102\000\254\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\005\240\060\014\006
+\003\125\035\023\001\001\377\004\002\060\000\060\035\006\003\125
+\035\045\004\026\060\024\006\010\053\006\001\005\005\007\003\001
+\006\010\053\006\001\005\005\007\003\002\060\106\006\003\125\035
+\040\004\077\060\075\060\073\006\014\053\006\001\004\001\262\061
+\001\002\001\003\004\060\053\060\051\006\010\053\006\001\005\005
+\007\002\001\026\035\150\164\164\160\163\072\057\057\163\145\143
+\165\162\145\056\143\157\155\157\144\157\056\143\157\155\057\103
+\120\123\060\173\006\003\125\035\037\004\164\060\162\060\070\240
+\066\240\064\206\062\150\164\164\160\072\057\057\143\162\154\056
+\143\157\155\157\144\157\143\141\056\143\157\155\057\125\124\116
+\055\125\123\105\122\106\151\162\163\164\055\110\141\162\144\167
+\141\162\145\056\143\162\154\060\066\240\064\240\062\206\060\150
+\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144\157
+\056\156\145\164\057\125\124\116\055\125\123\105\122\106\151\162
+\163\164\055\110\141\162\144\167\141\162\145\056\143\162\154\060
+\161\006\010\053\006\001\005\005\007\001\001\004\145\060\143\060
+\073\006\010\053\006\001\005\005\007\060\002\206\057\150\164\164
+\160\072\057\057\143\162\164\056\143\157\155\157\144\157\143\141
+\056\143\157\155\057\125\124\116\101\144\144\124\162\165\163\164
+\123\145\162\166\145\162\103\101\056\143\162\164\060\044\006\010
+\053\006\001\005\005\007\060\001\206\030\150\164\164\160\072\057
+\057\157\143\163\160\056\143\157\155\157\144\157\143\141\056\143
+\157\155\060\031\006\003\125\035\021\004\022\060\020\202\016\147
+\154\157\142\141\154\040\164\162\165\163\164\145\145\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
+\000\217\272\165\272\071\324\046\323\160\017\304\263\002\247\305
+\022\043\161\311\376\143\351\243\142\170\044\104\117\324\271\021
+\076\037\307\050\347\125\153\356\364\341\000\221\206\212\311\011
+\153\237\056\244\105\071\321\141\142\136\223\245\005\105\170\237
+\140\022\054\364\154\145\145\015\314\106\064\213\050\272\240\306
+\364\231\161\144\363\042\166\254\117\363\142\311\247\063\132\007
+\037\075\311\206\200\334\333\004\057\207\047\350\277\110\104\201
+\300\360\111\043\156\037\345\344\003\206\044\023\242\205\142\174
+\130\004\312\346\215\023\162\012\272\126\104\242\017\274\373\240
+\075\015\052\177\373\236\251\011\075\267\132\324\212\215\341\045
+\350\244\011\204\160\255\022\104\271\317\271\063\172\272\134\346
+\113\246\273\005\006\230\377\362\230\122\173\167\200\047\112\331
+\342\372\271\122\324\373\373\346\326\055\236\217\301\025\104\215
+\233\164\057\356\224\132\116\323\304\213\212\254\103\235\163\366
+\256\014\207\211\255\207\311\311\307\335\272\024\140\172\370\265
+\065\235\302\215\306\226\201\015\251\122\212\051\100\004\351\031
+\264
+END
+
+# Trust for Certificate "Bogus Global Trustee"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0
+# Subject: CN=global trustee,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Global Trustee,O=Global Trustee,STREET=Sea Village 10,L=Tampa,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): FE:0D:01:6E:71:CB:8C:D8:3F:0E:0C:CD:49:35:B8:57
+# Fingerprint (SHA1): 61:79:3F:CB:FA:4F:90:08:30:9B:BA:5F:F1:2D:2C:B2:9C:D4:15:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Global Trustee"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\141\171\077\313\372\117\220\010\060\233\272\137\361\055\054\262
+\234\324\025\032
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\376\015\001\156\161\313\214\330\077\016\014\315\111\065\270\127
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\330\363\137\116\267\207\053\055\253\006\222\343\025
+\070\057\260
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus GMail"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e
+# Subject: CN=mail.google.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 4C:77:1F:EB:CA:31:C1:29:98:E9:2C:10:B3:AF:49:1C
+# Fingerprint (SHA1): 64:31:72:30:36:FD:26:DE:A5:02:79:2F:A5:95:92:24:93:03:0F:97
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus GMail"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\337\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\030\060\026\006\003\125\004
+\003\023\017\155\141\151\154\056\147\157\157\147\154\145\056\143
+\157\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\004\176\313\351\374\245\137\173\320\236\256\066\341\014
+\256\036
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\356\060\202\004\326\240\003\002\001\002\002\020\004
+\176\313\351\374\245\137\173\320\236\256\066\341\014\256\036\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
+\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
+\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
+\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
+\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004\003
+\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164\055
+\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060\063
+\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063\061
+\064\062\063\065\071\065\071\132\060\201\337\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125\004
+\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125\004
+\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006\003
+\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060\025
+\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154\141
+\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023\013
+\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021\006
+\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164\056
+\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164\145
+\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040\103
+\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006\003
+\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123\114
+\061\030\060\026\006\003\125\004\003\023\017\155\141\151\154\056
+\147\157\157\147\154\145\056\143\157\155\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\260\163\360\362\004
+\356\302\242\106\312\064\052\252\273\140\043\321\021\166\037\037
+\072\320\145\203\116\232\105\250\103\160\205\166\360\037\207\000
+\002\037\156\073\027\027\304\265\351\031\106\242\222\045\215\142
+\052\264\143\060\037\271\205\370\065\341\026\132\166\111\314\120
+\110\123\071\131\211\326\204\002\373\232\354\033\307\121\325\166
+\225\220\324\072\052\270\246\336\002\115\006\373\315\355\245\106
+\101\137\125\164\345\354\176\100\334\120\234\265\344\065\135\036
+\150\040\370\351\336\243\152\050\277\101\322\241\263\342\045\215
+\014\033\312\075\223\014\030\256\337\305\274\375\274\202\272\150
+\000\327\026\062\161\237\145\265\021\332\150\131\320\246\127\144
+\033\311\376\230\345\365\245\145\352\341\333\356\364\263\235\263
+\216\352\207\256\026\322\036\240\174\174\151\077\051\026\205\001
+\123\247\154\361\140\253\335\242\374\045\107\324\062\321\022\335
+\367\110\022\340\374\234\242\167\230\351\211\231\270\370\070\361
+\214\006\302\172\043\066\155\233\235\315\060\310\307\064\027\036
+\273\175\102\310\253\347\025\026\366\163\265\002\003\001\000\001
+\243\202\001\352\060\202\001\346\060\037\006\003\125\035\043\004
+\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135\007
+\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035\016
+\004\026\004\024\030\052\242\310\324\172\077\173\255\004\213\275
+\157\236\020\106\023\170\161\235\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023\001
+\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026\060
+\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060\075
+\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003\004
+\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026\035
+\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056\143
+\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173\006
+\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206\062
+\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144
+\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105\122
+\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056\143
+\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072\057
+\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164\057
+\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110\141
+\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053\006
+\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053\006
+\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057\143
+\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155\057
+\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166\145
+\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005\005
+\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163\160
+\056\143\157\155\157\144\157\143\141\056\143\157\155\060\057\006
+\003\125\035\021\004\050\060\046\202\017\155\141\151\154\056\147
+\157\157\147\154\145\056\143\157\155\202\023\167\167\167\056\155
+\141\151\154\056\147\157\157\147\154\145\056\143\157\155\060\015
+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001
+\001\000\147\006\010\012\047\305\223\156\002\362\336\027\077\320
+\323\033\174\377\265\315\172\307\167\307\276\337\022\312\031\336
+\260\023\127\014\003\221\304\171\122\317\177\267\136\125\040\204
+\111\335\365\320\051\057\016\004\332\131\236\016\023\237\364\300
+\062\233\377\241\021\044\052\227\243\362\077\075\052\153\250\255
+\214\031\165\225\016\035\045\375\117\304\172\025\303\035\307\023
+\100\310\015\276\227\140\162\246\376\045\276\217\354\325\246\206
+\303\041\134\131\122\331\152\013\134\237\113\336\265\371\354\342
+\364\305\314\142\123\166\211\145\344\051\332\267\277\226\340\140
+\215\015\267\011\125\326\100\125\035\301\362\226\041\165\257\211
+\206\037\135\201\227\051\050\036\051\327\226\301\040\003\062\173
+\000\073\152\067\027\132\243\263\032\157\062\073\156\361\243\135
+\253\253\314\052\313\060\014\037\065\043\213\151\104\134\352\254
+\050\140\355\253\153\143\236\366\222\274\275\232\132\046\114\305
+\230\270\016\031\076\374\005\061\343\026\331\375\220\005\003\206
+\306\127\001\037\177\170\240\317\063\152\252\146\153\042\320\247
+\111\043
+END
+
+# Trust for Certificate "Bogus GMail"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e
+# Subject: CN=mail.google.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 4C:77:1F:EB:CA:31:C1:29:98:E9:2C:10:B3:AF:49:1C
+# Fingerprint (SHA1): 64:31:72:30:36:FD:26:DE:A5:02:79:2F:A5:95:92:24:93:03:0F:97
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus GMail"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\144\061\162\060\066\375\046\336\245\002\171\057\245\225\222\044
+\223\003\017\227
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\114\167\037\353\312\061\301\051\230\351\054\020\263\257\111\034
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\004\176\313\351\374\245\137\173\320\236\256\066\341\014
+\256\036
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Google"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06
+# Subject: CN=www.google.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 01:73:A9:58:F0:BC:C9:BE:94:2B:1A:4C:98:24:E3:B8
+# Fingerprint (SHA1): 19:16:A2:AF:34:6D:39:9F:50:31:3C:39:32:00:F1:41:40:45:66:16
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Google"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\336\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\027\060\025\006\003\125\004
+\003\023\016\167\167\167\056\147\157\157\147\154\145\056\143\157
+\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\365\310\152\363\141\142\361\072\144\365\117\155\311
+\130\174\006
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\344\060\202\004\314\240\003\002\001\002\002\021\000
+\365\310\152\363\141\142\361\072\144\365\117\155\311\130\174\006
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004
+\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060
+\063\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063
+\061\064\062\063\065\071\065\071\132\060\201\336\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125
+\004\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125
+\004\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006
+\003\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060
+\025\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154
+\141\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023
+\013\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021
+\006\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164
+\056\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164
+\145\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040
+\103\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006
+\003\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123
+\114\061\027\060\025\006\003\125\004\003\023\016\167\167\167\056
+\147\157\157\147\154\145\056\143\157\155\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\260\163\360\362\004
+\356\302\242\106\312\064\052\252\273\140\043\321\021\166\037\037
+\072\320\145\203\116\232\105\250\103\160\205\166\360\037\207\000
+\002\037\156\073\027\027\304\265\351\031\106\242\222\045\215\142
+\052\264\143\060\037\271\205\370\065\341\026\132\166\111\314\120
+\110\123\071\131\211\326\204\002\373\232\354\033\307\121\325\166
+\225\220\324\072\052\270\246\336\002\115\006\373\315\355\245\106
+\101\137\125\164\345\354\176\100\334\120\234\265\344\065\135\036
+\150\040\370\351\336\243\152\050\277\101\322\241\263\342\045\215
+\014\033\312\075\223\014\030\256\337\305\274\375\274\202\272\150
+\000\327\026\062\161\237\145\265\021\332\150\131\320\246\127\144
+\033\311\376\230\345\365\245\145\352\341\333\356\364\263\235\263
+\216\352\207\256\026\322\036\240\174\174\151\077\051\026\205\001
+\123\247\154\361\140\253\335\242\374\045\107\324\062\321\022\335
+\367\110\022\340\374\234\242\167\230\351\211\231\270\370\070\361
+\214\006\302\172\043\066\155\233\235\315\060\310\307\064\027\036
+\273\175\102\310\253\347\025\026\366\163\265\002\003\001\000\001
+\243\202\001\340\060\202\001\334\060\037\006\003\125\035\043\004
+\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135\007
+\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035\016
+\004\026\004\024\030\052\242\310\324\172\077\173\255\004\213\275
+\157\236\020\106\023\170\161\235\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023\001
+\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026\060
+\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060\075
+\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003\004
+\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026\035
+\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056\143
+\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173\006
+\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206\062
+\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144
+\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105\122
+\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056\143
+\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072\057
+\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164\057
+\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110\141
+\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053\006
+\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053\006
+\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057\143
+\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155\057
+\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166\145
+\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005\005
+\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163\160
+\056\143\157\155\157\144\157\143\141\056\143\157\155\060\045\006
+\003\125\035\021\004\036\060\034\202\016\167\167\167\056\147\157
+\157\147\154\145\056\143\157\155\202\012\147\157\157\147\154\145
+\056\143\157\155\060\015\006\011\052\206\110\206\367\015\001\001
+\005\005\000\003\202\001\001\000\161\300\231\077\136\366\275\063
+\377\236\026\313\250\277\335\160\371\322\123\073\066\256\311\027
+\310\256\136\115\335\142\367\267\323\076\167\243\376\300\173\062
+\265\311\224\005\122\120\362\137\075\171\204\111\117\135\154\260
+\327\131\275\324\154\210\372\374\305\145\206\353\050\122\242\102
+\366\174\274\152\307\007\056\045\321\220\142\040\306\215\121\302
+\054\105\071\116\003\332\367\030\350\314\012\072\331\105\330\154
+\156\064\213\142\234\116\025\371\103\356\345\227\300\077\255\065
+\023\305\053\006\307\101\375\342\367\176\105\255\233\321\341\146
+\355\370\172\113\224\071\172\057\353\350\077\103\330\065\326\126
+\372\164\347\155\346\355\254\145\204\376\320\115\006\022\336\332
+\131\000\074\011\134\317\210\113\350\075\264\025\041\222\314\155
+\246\121\342\216\227\361\364\202\106\313\304\123\136\332\134\235
+\145\222\001\145\211\000\345\266\231\377\046\100\361\057\031\061
+\010\032\261\147\125\206\015\256\065\063\206\274\227\110\222\327
+\226\140\370\316\374\226\353\207\304\163\314\224\233\130\133\363
+\172\244\047\023\326\117\364\151
+END
+
+# Trust for Certificate "Bogus Google"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06
+# Subject: CN=www.google.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 01:73:A9:58:F0:BC:C9:BE:94:2B:1A:4C:98:24:E3:B8
+# Fingerprint (SHA1): 19:16:A2:AF:34:6D:39:9F:50:31:3C:39:32:00:F1:41:40:45:66:16
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Google"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\031\026\242\257\064\155\071\237\120\061\074\071\062\000\361\101
+\100\105\146\026
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\001\163\251\130\360\274\311\276\224\053\032\114\230\044\343\270
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\365\310\152\363\141\142\361\072\144\365\117\155\311
+\130\174\006
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Skype"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47
+# Subject: CN=login.skype.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 85:A4:B4:C4:69:21:DF:A1:6A:0D:58:56:58:4B:33:44
+# Fingerprint (SHA1): 47:1C:94:9A:81:43:DB:5A:D5:CD:F1:C9:72:86:4A:25:04:FA:23:C9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Skype"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\337\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\030\060\026\006\003\125\004
+\003\023\017\154\157\147\151\156\056\163\153\171\160\145\056\143
+\157\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\351\002\213\225\170\344\025\334\032\161\012\053\210
+\025\104\107
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\357\060\202\004\327\240\003\002\001\002\002\021\000
+\351\002\213\225\170\344\025\334\032\161\012\053\210\025\104\107
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004
+\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060
+\063\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063
+\061\064\062\063\065\071\065\071\132\060\201\337\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125
+\004\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125
+\004\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006
+\003\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060
+\025\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154
+\141\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023
+\013\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021
+\006\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164
+\056\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164
+\145\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040
+\103\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006
+\003\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123
+\114\061\030\060\026\006\003\125\004\003\023\017\154\157\147\151
+\156\056\163\153\171\160\145\056\143\157\155\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\260\170\231\206
+\016\242\163\043\324\132\303\111\353\261\066\214\174\312\204\256
+\074\257\070\210\050\231\215\055\130\023\261\227\170\076\122\040
+\147\254\133\163\230\154\062\125\311\160\321\331\252\025\350\056
+\046\205\201\274\126\344\274\200\143\333\116\327\365\002\276\121
+\143\036\074\333\337\327\000\135\132\271\345\173\152\352\070\040
+\262\073\266\356\165\124\204\371\246\312\070\160\335\277\260\377
+\245\205\135\264\101\376\335\075\331\052\341\060\103\032\230\171
+\223\240\137\340\147\154\225\372\076\172\256\161\173\343\155\210
+\102\077\045\324\356\276\150\150\254\255\254\140\340\040\243\071
+\203\271\133\050\243\223\155\241\275\166\012\343\353\256\207\047
+\016\124\217\264\110\014\232\124\364\135\216\067\120\334\136\244
+\213\153\113\334\246\363\064\276\167\131\042\210\377\031\053\155
+\166\144\163\332\014\207\007\053\232\067\072\320\342\214\366\066
+\062\153\232\171\314\322\073\223\157\032\115\154\346\301\235\100
+\254\055\164\303\276\352\134\163\145\001\051\261\052\277\160\131
+\301\316\306\303\242\310\105\137\272\147\075\017\002\003\001\000
+\001\243\202\001\352\060\202\001\346\060\037\006\003\125\035\043
+\004\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135
+\007\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035
+\016\004\026\004\024\325\216\132\121\023\264\051\015\061\266\034
+\215\076\121\121\061\012\063\252\201\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023
+\001\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026
+\060\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006
+\001\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060
+\075\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003
+\004\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026
+\035\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056
+\143\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173
+\006\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206
+\062\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157
+\144\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105
+\122\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056
+\143\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072
+\057\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164
+\057\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110
+\141\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053
+\006\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053
+\006\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057
+\143\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155
+\057\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166
+\145\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005
+\005\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163
+\160\056\143\157\155\157\144\157\143\141\056\143\157\155\060\057
+\006\003\125\035\021\004\050\060\046\202\017\154\157\147\151\156
+\056\163\153\171\160\145\056\143\157\155\202\023\167\167\167\056
+\154\157\147\151\156\056\163\153\171\160\145\056\143\157\155\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\001\001\000\010\362\201\165\221\273\316\022\004\030\302\115\132
+\373\106\220\012\124\104\364\362\335\007\201\360\037\246\172\157
+\237\317\270\016\054\117\234\304\232\365\250\366\272\244\311\172
+\135\261\342\132\312\074\372\140\250\150\076\313\272\055\342\315
+\326\266\344\222\074\151\255\127\352\250\057\070\020\204\162\345
+\150\161\355\276\353\156\030\357\143\172\276\347\044\377\300\143
+\375\130\073\114\201\222\330\051\253\216\065\135\327\323\011\153
+\205\323\325\163\005\104\342\345\273\203\123\020\313\362\317\267
+\156\341\151\267\241\222\144\305\317\315\202\273\066\240\070\255
+\327\044\337\123\374\077\142\267\267\325\307\127\343\223\061\160
+\216\044\211\206\312\143\053\071\272\135\331\152\140\354\241\116
+\212\376\123\370\136\222\337\057\134\046\027\155\003\175\002\017
+\017\252\103\147\155\260\142\277\176\123\335\314\354\170\163\225
+\345\245\366\000\243\004\375\077\004\052\263\230\305\267\003\034
+\333\311\120\253\260\005\035\036\276\126\264\317\076\102\023\224
+\236\371\347\001\201\245\170\157\014\172\166\254\005\206\354\254
+\302\021\254
+END
+
+# Trust for Certificate "Bogus Skype"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47
+# Subject: CN=login.skype.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 85:A4:B4:C4:69:21:DF:A1:6A:0D:58:56:58:4B:33:44
+# Fingerprint (SHA1): 47:1C:94:9A:81:43:DB:5A:D5:CD:F1:C9:72:86:4A:25:04:FA:23:C9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Skype"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\107\034\224\232\201\103\333\132\325\315\361\311\162\206\112\045
+\004\372\043\311
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\205\244\264\304\151\041\337\241\152\015\130\126\130\113\063\104
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\351\002\213\225\170\344\025\334\032\161\012\053\210
+\025\104\107
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Yahoo 1"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3
+# Subject: CN=login.yahoo.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 0C:1F:BE:D3:FC:09:6E:E6:6E:C2:66:39:75:86:6B:EB
+# Fingerprint (SHA1): 63:FE:AE:96:0B:AA:91:E3:43:CE:2B:D8:B7:17:98:C7:6B:DB:77:D0
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Yahoo 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\337\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\030\060\026\006\003\125\004
+\003\023\017\154\157\147\151\156\056\171\141\150\157\157\056\143
+\157\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\327\125\217\332\365\361\020\133\262\023\050\053\160
+\167\051\243
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\357\060\202\004\327\240\003\002\001\002\002\021\000
+\327\125\217\332\365\361\020\133\262\023\050\053\160\167\051\243
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004
+\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060
+\063\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063
+\061\064\062\063\065\071\065\071\132\060\201\337\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125
+\004\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125
+\004\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006
+\003\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060
+\025\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154
+\141\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023
+\013\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021
+\006\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164
+\056\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164
+\145\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040
+\103\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006
+\003\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123
+\114\061\030\060\026\006\003\125\004\003\023\017\154\157\147\151
+\156\056\171\141\150\157\157\056\143\157\155\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\241\244\005\075
+\355\205\105\223\212\030\115\306\003\000\127\342\100\167\360\034
+\353\320\031\337\042\135\010\177\321\007\074\101\211\106\027\243
+\011\372\374\370\251\004\321\226\217\253\327\117\074\371\255\030
+\251\164\201\304\127\012\072\046\026\316\142\076\274\077\154\041
+\356\223\215\313\015\240\037\232\226\320\217\255\365\223\223\202
+\356\162\014\241\165\025\243\173\204\126\270\255\377\122\021\161
+\204\274\072\060\013\176\230\250\341\250\077\067\122\320\361\174
+\157\220\330\105\012\254\071\162\152\141\325\273\303\214\371\302
+\314\337\375\072\161\271\257\274\334\072\334\014\266\261\322\321
+\211\273\101\266\362\336\127\325\025\337\374\375\342\061\305\337
+\312\301\330\217\054\277\360\016\133\161\340\064\161\303\305\115
+\175\172\324\372\355\060\113\057\352\266\056\236\223\074\342\072
+\370\102\242\032\356\334\337\315\017\251\366\171\204\032\216\154
+\002\266\206\345\277\121\152\146\370\363\234\323\131\014\173\245
+\231\170\315\174\231\372\306\226\107\330\062\324\164\166\016\167
+\113\040\164\244\267\211\165\222\112\264\133\125\002\003\001\000
+\001\243\202\001\352\060\202\001\346\060\037\006\003\125\035\043
+\004\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135
+\007\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035
+\016\004\026\004\024\206\111\105\374\063\031\063\324\004\355\047
+\141\356\350\001\311\014\177\057\176\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023
+\001\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026
+\060\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006
+\001\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060
+\075\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003
+\004\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026
+\035\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056
+\143\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173
+\006\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206
+\062\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157
+\144\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105
+\122\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056
+\143\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072
+\057\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164
+\057\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110
+\141\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053
+\006\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053
+\006\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057
+\143\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155
+\057\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166
+\145\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005
+\005\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163
+\160\056\143\157\155\157\144\157\143\141\056\143\157\155\060\057
+\006\003\125\035\021\004\050\060\046\202\017\154\157\147\151\156
+\056\171\141\150\157\157\056\143\157\155\202\023\167\167\167\056
+\154\157\147\151\156\056\171\141\150\157\157\056\143\157\155\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
+\001\001\000\075\127\311\110\044\134\356\144\201\365\256\276\125
+\051\026\377\052\057\204\355\331\370\243\003\310\060\146\273\310
+\324\201\055\041\367\010\367\254\226\102\232\101\165\172\272\135
+\020\043\313\222\102\141\372\212\332\155\145\064\031\345\251\326
+\055\023\170\327\201\104\222\251\156\200\143\025\313\376\065\037
+\002\321\212\024\260\250\314\224\040\073\250\032\360\135\066\120
+\333\015\256\351\144\344\366\215\151\175\060\310\024\027\000\112
+\345\246\065\373\175\015\042\235\171\166\122\054\274\227\006\210
+\232\025\364\163\346\361\365\230\245\315\007\104\221\270\247\150
+\147\105\322\162\021\140\342\161\267\120\125\342\212\251\015\326
+\222\356\004\052\213\060\240\242\005\106\064\155\222\306\073\252
+\115\240\320\253\001\031\012\062\267\350\343\317\361\322\227\111
+\173\254\244\227\367\360\127\256\143\167\232\177\226\332\115\375
+\276\334\007\066\343\045\275\211\171\216\051\022\023\213\210\007
+\373\153\333\244\315\263\055\047\351\324\312\140\327\205\123\373
+\164\306\134\065\214\160\037\371\262\267\222\047\040\307\224\325
+\147\024\060
+END
+
+# Trust for Certificate "Bogus Yahoo 1"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3
+# Subject: CN=login.yahoo.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 0C:1F:BE:D3:FC:09:6E:E6:6E:C2:66:39:75:86:6B:EB
+# Fingerprint (SHA1): 63:FE:AE:96:0B:AA:91:E3:43:CE:2B:D8:B7:17:98:C7:6B:DB:77:D0
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Yahoo 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\143\376\256\226\013\252\221\343\103\316\053\330\267\027\230\307
+\153\333\167\320
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\014\037\276\323\374\011\156\346\156\302\146\071\165\206\153\353
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\327\125\217\332\365\361\020\133\262\023\050\053\160
+\167\051\243
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Yahoo 2"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29
+# Subject: CN=login.yahoo.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 72:DC:C8:72:6C:53:3B:B2:FD:CC:5D:19:BD:AF:A6:31
+# Fingerprint (SHA1): D0:18:B6:2D:C5:18:90:72:47:DF:50:92:5B:B0:9A:CF:4A:5C:B3:AD
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Yahoo 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\337\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\030\060\026\006\003\125\004
+\003\023\017\154\157\147\151\156\056\171\141\150\157\157\056\143
+\157\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\071\052\103\117\016\007\337\037\212\243\005\336\064\340
+\302\051
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\331\060\202\004\301\240\003\002\001\002\002\020\071
+\052\103\117\016\007\337\037\212\243\005\336\064\340\302\051\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
+\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
+\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
+\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
+\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004\003
+\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164\055
+\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060\063
+\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063\061
+\064\062\063\065\071\065\071\132\060\201\337\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125\004
+\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125\004
+\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006\003
+\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060\025
+\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154\141
+\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023\013
+\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021\006
+\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164\056
+\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164\145
+\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040\103
+\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006\003
+\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123\114
+\061\030\060\026\006\003\125\004\003\023\017\154\157\147\151\156
+\056\171\141\150\157\157\056\143\157\155\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\241\244\005\075\355
+\205\105\223\212\030\115\306\003\000\127\342\100\167\360\034\353
+\320\031\337\042\135\010\177\321\007\074\101\211\106\027\243\011
+\372\374\370\251\004\321\226\217\253\327\117\074\371\255\030\251
+\164\201\304\127\012\072\046\026\316\142\076\274\077\154\041\356
+\223\215\313\015\240\037\232\226\320\217\255\365\223\223\202\356
+\162\014\241\165\025\243\173\204\126\270\255\377\122\021\161\204
+\274\072\060\013\176\230\250\341\250\077\067\122\320\361\174\157
+\220\330\105\012\254\071\162\152\141\325\273\303\214\371\302\314
+\337\375\072\161\271\257\274\334\072\334\014\266\261\322\321\211
+\273\101\266\362\336\127\325\025\337\374\375\342\061\305\337\312
+\301\330\217\054\277\360\016\133\161\340\064\161\303\305\115\175
+\172\324\372\355\060\113\057\352\266\056\236\223\074\342\072\370
+\102\242\032\356\334\337\315\017\251\366\171\204\032\216\154\002
+\266\206\345\277\121\152\146\370\363\234\323\131\014\173\245\231
+\170\315\174\231\372\306\226\107\330\062\324\164\166\016\167\113
+\040\164\244\267\211\165\222\112\264\133\125\002\003\001\000\001
+\243\202\001\325\060\202\001\321\060\037\006\003\125\035\043\004
+\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135\007
+\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035\016
+\004\026\004\024\206\111\105\374\063\031\063\324\004\355\047\141
+\356\350\001\311\014\177\057\176\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023\001
+\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026\060
+\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060\075
+\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003\004
+\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026\035
+\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056\143
+\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173\006
+\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206\062
+\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144
+\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105\122
+\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056\143
+\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072\057
+\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164\057
+\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110\141
+\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053\006
+\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053\006
+\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057\143
+\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155\057
+\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166\145
+\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005\005
+\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163\160
+\056\143\157\155\157\144\157\143\141\056\143\157\155\060\032\006
+\003\125\035\021\004\023\060\021\202\017\154\157\147\151\156\056
+\171\141\150\157\157\056\143\157\155\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\001\001\000\127\142\341
+\167\353\374\037\277\210\123\257\130\323\324\326\155\147\060\027
+\100\276\340\037\144\336\207\025\314\340\244\126\251\321\237\371
+\001\376\002\261\261\352\342\137\356\161\026\061\371\010\325\302
+\327\232\233\262\132\070\327\251\177\351\207\153\061\371\013\254
+\331\375\120\161\340\333\202\222\017\201\234\215\167\351\353\056
+\352\324\043\101\207\354\055\262\170\263\216\261\147\322\356\161
+\003\010\022\231\263\002\051\157\336\213\336\301\251\003\012\132
+\063\034\075\021\003\306\110\014\230\234\025\056\331\246\205\122
+\347\005\212\256\060\043\353\355\050\154\140\351\055\177\217\107
+\213\057\320\334\346\273\017\176\137\362\110\201\216\120\004\143
+\261\121\200\165\232\251\266\020\034\020\137\157\030\157\340\016
+\226\105\316\356\361\265\040\333\357\332\156\310\225\343\366\105
+\375\312\374\245\137\111\155\006\036\322\336\141\075\025\175\067
+\345\034\065\216\006\302\153\367\264\250\050\054\061\313\252\264
+\247\227\117\235\212\366\257\176\067\271\173\075\337\222\146\213
+\217\116\235\306\066\347\134\246\253\022\017\326\317
+END
+
+# Trust for Certificate "Bogus Yahoo 2"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29
+# Subject: CN=login.yahoo.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 72:DC:C8:72:6C:53:3B:B2:FD:CC:5D:19:BD:AF:A6:31
+# Fingerprint (SHA1): D0:18:B6:2D:C5:18:90:72:47:DF:50:92:5B:B0:9A:CF:4A:5C:B3:AD
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Yahoo 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\320\030\266\055\305\030\220\162\107\337\120\222\133\260\232\317
+\112\134\263\255
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\162\334\310\162\154\123\073\262\375\314\135\031\275\257\246\061
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\071\052\103\117\016\007\337\037\212\243\005\336\064\340
+\302\051
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus Yahoo 3"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71
+# Subject: CN=login.yahoo.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 4A:DC:3C:67:ED:21:CD:5B:CE:5D:C8:11:E4:9E:CF:3D
+# Fingerprint (SHA1): 80:96:2A:E4:D6:C5:B4:42:89:4E:95:A1:3E:4A:69:9E:07:D6:94:CF
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Yahoo 3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\337\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\030\060\026\006\003\125\004
+\003\023\017\154\157\147\151\156\056\171\141\150\157\157\056\143
+\157\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\076\165\316\324\153\151\060\041\041\210\060\256\206\250
+\052\161
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\331\060\202\004\301\240\003\002\001\002\002\020\076
+\165\316\324\153\151\060\041\041\210\060\256\206\250\052\161\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
+\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
+\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
+\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
+\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004\003
+\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164\055
+\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060\063
+\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063\061
+\064\062\063\065\071\065\071\132\060\201\337\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125\004
+\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125\004
+\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006\003
+\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060\025
+\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154\141
+\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023\013
+\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021\006
+\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164\056
+\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164\145
+\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040\103
+\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006\003
+\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123\114
+\061\030\060\026\006\003\125\004\003\023\017\154\157\147\151\156
+\056\171\141\150\157\157\056\143\157\155\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\241\244\005\075\355
+\205\105\223\212\030\115\306\003\000\127\342\100\167\360\034\353
+\320\031\337\042\135\010\177\321\007\074\101\211\106\027\243\011
+\372\374\370\251\004\321\226\217\253\327\117\074\371\255\030\251
+\164\201\304\127\012\072\046\026\316\142\076\274\077\154\041\356
+\223\215\313\015\240\037\232\226\320\217\255\365\223\223\202\356
+\162\014\241\165\025\243\173\204\126\270\255\377\122\021\161\204
+\274\072\060\013\176\230\250\341\250\077\067\122\320\361\174\157
+\220\330\105\012\254\071\162\152\141\325\273\303\214\371\302\314
+\337\375\072\161\271\257\274\334\072\334\014\266\261\322\321\211
+\273\101\266\362\336\127\325\025\337\374\375\342\061\305\337\312
+\301\330\217\054\277\360\016\133\161\340\064\161\303\305\115\175
+\172\324\372\355\060\113\057\352\266\056\236\223\074\342\072\370
+\102\242\032\356\334\337\315\017\251\366\171\204\032\216\154\002
+\266\206\345\277\121\152\146\370\363\234\323\131\014\173\245\231
+\170\315\174\231\372\306\226\107\330\062\324\164\166\016\167\113
+\040\164\244\267\211\165\222\112\264\133\125\002\003\001\000\001
+\243\202\001\325\060\202\001\321\060\037\006\003\125\035\043\004
+\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135\007
+\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035\016
+\004\026\004\024\206\111\105\374\063\031\063\324\004\355\047\141
+\356\350\001\311\014\177\057\176\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023\001
+\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026\060
+\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060\075
+\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003\004
+\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026\035
+\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056\143
+\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173\006
+\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206\062
+\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144
+\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105\122
+\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056\143
+\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072\057
+\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164\057
+\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110\141
+\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053\006
+\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053\006
+\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057\143
+\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155\057
+\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166\145
+\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005\005
+\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163\160
+\056\143\157\155\157\144\157\143\141\056\143\157\155\060\032\006
+\003\125\035\021\004\023\060\021\202\017\154\157\147\151\156\056
+\171\141\150\157\157\056\143\157\155\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\001\001\000\123\151\230
+\216\050\116\234\053\133\035\314\153\167\050\075\273\372\245\116
+\176\126\051\244\352\020\342\364\346\055\006\321\204\333\043\316
+\227\363\150\266\017\072\336\025\013\044\035\221\343\154\056\060
+\267\351\160\260\303\106\200\360\323\261\121\277\117\326\170\240
+\374\254\306\317\061\004\143\342\064\125\005\112\075\366\060\272
+\363\063\345\272\322\226\363\325\261\266\223\211\032\244\150\276
+\176\355\143\264\032\110\300\123\344\243\360\071\014\062\222\307
+\103\015\032\161\355\320\106\223\277\223\142\154\063\113\315\066
+\015\151\136\273\154\226\231\041\151\304\113\147\162\333\154\152
+\270\367\150\355\305\217\255\143\145\225\012\114\340\371\017\176
+\067\075\252\324\223\272\147\011\303\245\244\015\003\132\155\325
+\013\376\360\100\024\264\366\270\151\174\155\302\062\113\237\265
+\032\347\106\256\114\132\053\252\172\136\220\127\225\372\333\146
+\002\040\036\152\151\146\025\234\302\266\365\274\120\265\375\105
+\307\037\150\264\107\131\254\304\033\050\223\116\122\123\022\003
+\130\113\161\203\237\146\346\254\171\110\376\376\107
+END
+
+# Trust for Certificate "Bogus Yahoo 3"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71
+# Subject: CN=login.yahoo.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): 4A:DC:3C:67:ED:21:CD:5B:CE:5D:C8:11:E4:9E:CF:3D
+# Fingerprint (SHA1): 80:96:2A:E4:D6:C5:B4:42:89:4E:95:A1:3E:4A:69:9E:07:D6:94:CF
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus Yahoo 3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\200\226\052\344\326\305\264\102\211\116\225\241\076\112\151\236
+\007\326\224\317
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\112\334\074\147\355\041\315\133\316\135\310\021\344\236\317\075
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\076\165\316\324\153\151\060\041\041\210\060\256\206\250
+\052\161
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Bogus live.com"
+#
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0
+# Subject: CN=login.live.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): D0:D4:39:E3:CC:5C:52:DD:08:CD:E9:AB:E8:11:59:D4
+# Fingerprint (SHA1): CE:A5:86:B2:CE:59:3E:C7:D9:39:89:83:37:C5:78:14:70:8A:B2:BE
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus live.com"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\336\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\021\023\005\063\070\064\067\067
+\061\020\060\016\006\003\125\004\010\023\007\106\154\157\162\151
+\144\141\061\020\060\016\006\003\125\004\007\023\007\105\156\147
+\154\151\163\150\061\027\060\025\006\003\125\004\011\023\016\123
+\145\141\040\126\151\154\154\141\147\145\040\061\060\061\024\060
+\022\006\003\125\004\012\023\013\107\157\157\147\154\145\040\114
+\164\144\056\061\023\060\021\006\003\125\004\013\023\012\124\145
+\143\150\040\104\145\160\164\056\061\050\060\046\006\003\125\004
+\013\023\037\110\157\163\164\145\144\040\142\171\040\107\124\111
+\040\107\162\157\165\160\040\103\157\162\160\157\162\141\164\151
+\157\156\061\024\060\022\006\003\125\004\013\023\013\120\154\141
+\164\151\156\165\155\123\123\114\061\027\060\025\006\003\125\004
+\003\023\016\154\157\147\151\156\056\154\151\166\145\056\143\157
+\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\260\267\023\076\320\226\371\265\157\256\221\310\164
+\275\072\300
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\354\060\202\004\324\240\003\002\001\002\002\021\000
+\260\267\023\076\320\226\371\265\157\256\221\310\164\275\072\300
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025
+\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145
+\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025
+\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145
+\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030
+\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164
+\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125\004
+\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163\164
+\055\110\141\162\144\167\141\162\145\060\036\027\015\061\061\060
+\063\061\065\060\060\060\060\060\060\132\027\015\061\064\060\063
+\061\064\062\063\065\071\065\071\132\060\201\336\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\016\060\014\006\003\125
+\004\021\023\005\063\070\064\067\067\061\020\060\016\006\003\125
+\004\010\023\007\106\154\157\162\151\144\141\061\020\060\016\006
+\003\125\004\007\023\007\105\156\147\154\151\163\150\061\027\060
+\025\006\003\125\004\011\023\016\123\145\141\040\126\151\154\154
+\141\147\145\040\061\060\061\024\060\022\006\003\125\004\012\023
+\013\107\157\157\147\154\145\040\114\164\144\056\061\023\060\021
+\006\003\125\004\013\023\012\124\145\143\150\040\104\145\160\164
+\056\061\050\060\046\006\003\125\004\013\023\037\110\157\163\164
+\145\144\040\142\171\040\107\124\111\040\107\162\157\165\160\040
+\103\157\162\160\157\162\141\164\151\157\156\061\024\060\022\006
+\003\125\004\013\023\013\120\154\141\164\151\156\165\155\123\123
+\114\061\027\060\025\006\003\125\004\003\023\016\154\157\147\151
+\156\056\154\151\166\145\056\143\157\155\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\363\374\053\057\357
+\341\255\131\360\102\074\302\361\202\277\054\101\223\321\366\230
+\063\225\114\274\142\361\225\130\010\266\351\173\167\110\260\323
+\334\027\077\274\156\346\354\036\354\215\027\376\034\044\306\076
+\147\075\222\225\242\060\300\247\127\040\317\160\210\227\112\005
+\223\171\223\102\227\057\076\377\304\024\024\050\242\023\066\264
+\370\356\276\035\274\170\135\141\223\137\353\210\327\321\344\053
+\232\315\130\342\007\105\237\117\270\271\100\152\063\054\133\041
+\003\132\112\224\362\172\227\131\033\250\265\102\330\203\000\252
+\064\314\247\166\320\107\003\137\005\257\073\341\271\241\064\045
+\267\154\137\232\060\204\230\302\302\327\362\270\102\112\020\125
+\275\372\123\201\135\215\150\146\105\054\122\176\345\304\004\303
+\124\347\303\071\332\172\112\305\271\230\202\040\341\054\140\127
+\277\272\362\106\000\274\137\072\334\343\063\227\370\112\230\271
+\354\063\117\055\140\154\025\222\246\201\112\013\351\354\166\160
+\064\061\027\160\346\160\113\216\213\323\165\313\170\111\253\146
+\233\206\237\217\251\304\001\350\312\033\347\002\003\001\000\001
+\243\202\001\350\060\202\001\344\060\037\006\003\125\035\043\004
+\030\060\026\200\024\241\162\137\046\033\050\230\103\225\135\007
+\067\325\205\226\235\113\322\303\105\060\035\006\003\125\035\016
+\004\026\004\024\324\144\366\251\350\245\176\327\277\143\122\003
+\203\123\333\305\101\215\352\200\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\005\240\060\014\006\003\125\035\023\001
+\001\377\004\002\060\000\060\035\006\003\125\035\045\004\026\060
+\024\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\002\060\106\006\003\125\035\040\004\077\060\075
+\060\073\006\014\053\006\001\004\001\262\061\001\002\001\003\004
+\060\053\060\051\006\010\053\006\001\005\005\007\002\001\026\035
+\150\164\164\160\163\072\057\057\163\145\143\165\162\145\056\143
+\157\155\157\144\157\056\143\157\155\057\103\120\123\060\173\006
+\003\125\035\037\004\164\060\162\060\070\240\066\240\064\206\062
+\150\164\164\160\072\057\057\143\162\154\056\143\157\155\157\144
+\157\143\141\056\143\157\155\057\125\124\116\055\125\123\105\122
+\106\151\162\163\164\055\110\141\162\144\167\141\162\145\056\143
+\162\154\060\066\240\064\240\062\206\060\150\164\164\160\072\057
+\057\143\162\154\056\143\157\155\157\144\157\056\156\145\164\057
+\125\124\116\055\125\123\105\122\106\151\162\163\164\055\110\141
+\162\144\167\141\162\145\056\143\162\154\060\161\006\010\053\006
+\001\005\005\007\001\001\004\145\060\143\060\073\006\010\053\006
+\001\005\005\007\060\002\206\057\150\164\164\160\072\057\057\143
+\162\164\056\143\157\155\157\144\157\143\141\056\143\157\155\057
+\125\124\116\101\144\144\124\162\165\163\164\123\145\162\166\145
+\162\103\101\056\143\162\164\060\044\006\010\053\006\001\005\005
+\007\060\001\206\030\150\164\164\160\072\057\057\157\143\163\160
+\056\143\157\155\157\144\157\143\141\056\143\157\155\060\055\006
+\003\125\035\021\004\046\060\044\202\016\154\157\147\151\156\056
+\154\151\166\145\056\143\157\155\202\022\167\167\167\056\154\157
+\147\151\156\056\154\151\166\145\056\143\157\155\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
+\124\343\244\232\044\322\363\035\102\255\033\360\036\253\373\332
+\325\252\351\317\132\263\036\127\173\061\362\156\127\113\061\257
+\063\273\266\015\025\307\136\131\001\316\104\265\267\277\011\311
+\325\334\151\204\351\305\032\267\360\076\324\300\044\275\051\137
+\264\351\326\130\353\105\021\211\064\064\323\021\353\064\316\052
+\117\000\075\366\162\357\151\146\300\237\232\254\176\160\120\254
+\125\107\332\276\103\133\354\213\310\305\043\204\311\237\266\122
+\010\317\221\033\057\200\151\346\064\063\346\263\237\244\345\015
+\232\025\371\127\374\013\251\101\013\365\377\130\101\222\042\047
+\146\022\006\307\052\330\131\247\306\337\104\022\117\300\250\177
+\247\101\310\310\151\377\272\005\056\227\255\073\320\353\363\025
+\155\176\033\345\272\335\064\276\042\021\354\150\230\063\201\002
+\152\013\023\125\171\061\165\116\072\310\266\023\275\227\157\067
+\012\013\055\210\016\336\147\220\302\263\312\040\312\232\121\364
+\144\076\333\364\056\105\362\307\107\027\250\364\372\220\132\177
+\200\246\202\254\344\154\201\106\273\122\205\040\044\370\200\352
+END
+
+# Trust for Certificate "Bogus live.com"
+# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
+# Serial Number:00:b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0
+# Subject: CN=login.live.com,OU=PlatinumSSL,OU=Hosted by GTI Group Corporation,OU=Tech Dept.,O=Google Ltd.,STREET=Sea Village 10,L=English,ST=Florida,postalCode=38477,C=US
+# Not Valid Before: Tue Mar 15 00:00:00 2011
+# Not Valid After : Fri Mar 14 23:59:59 2014
+# Fingerprint (MD5): D0:D4:39:E3:CC:5C:52:DD:08:CD:E9:AB:E8:11:59:D4
+# Fingerprint (SHA1): CE:A5:86:B2:CE:59:3E:C7:D9:39:89:83:37:C5:78:14:70:8A:B2:BE
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Bogus live.com"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\316\245\206\262\316\131\076\307\331\071\211\203\067\305\170\024
+\160\212\262\276
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\320\324\071\343\314\134\122\335\010\315\351\253\350\021\131\324
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\227\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
+\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
+\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
+\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
+\164\162\165\163\164\056\143\157\155\061\037\060\035\006\003\125
+\004\003\023\026\125\124\116\055\125\123\105\122\106\151\162\163
+\164\055\110\141\162\144\167\141\162\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\260\267\023\076\320\226\371\265\157\256\221\310\164
+\275\072\300
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Go Daddy Root Certificate Authority - G2"
+#
+# Issuer: CN=Go Daddy Root Certificate Authority - G2,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Serial Number: 0 (0x0)
+# Subject: CN=Go Daddy Root Certificate Authority - G2,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Not Valid Before: Tue Sep 01 00:00:00 2009
+# Not Valid After : Thu Dec 31 23:59:59 2037
+# Fingerprint (MD5): 80:3A:BC:22:C1:E6:FB:8D:9B:3B:27:4A:32:1B:9A:01
+# Fingerprint (SHA1): 47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Go Daddy Root Certificate Authority - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\032\060\030\006\003\125\004\012
+\023\021\107\157\104\141\144\144\171\056\143\157\155\054\040\111
+\156\143\056\061\061\060\057\006\003\125\004\003\023\050\107\157
+\040\104\141\144\144\171\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
+\171\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\032\060\030\006\003\125\004\012
+\023\021\107\157\104\141\144\144\171\056\143\157\155\054\040\111
+\156\143\056\061\061\060\057\006\003\125\004\003\023\050\107\157
+\040\104\141\144\144\171\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
+\171\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\305\060\202\002\255\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157\156
+\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157\164
+\164\163\144\141\154\145\061\032\060\030\006\003\125\004\012\023
+\021\107\157\104\141\144\144\171\056\143\157\155\054\040\111\156
+\143\056\061\061\060\057\006\003\125\004\003\023\050\107\157\040
+\104\141\144\144\171\040\122\157\157\164\040\103\145\162\164\151
+\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\062\060\036\027\015\060\071\060\071\060\061\060
+\060\060\060\060\060\132\027\015\063\067\061\062\063\061\062\063
+\065\071\065\071\132\060\201\203\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\020\060\016\006\003\125\004\010\023\007
+\101\162\151\172\157\156\141\061\023\060\021\006\003\125\004\007
+\023\012\123\143\157\164\164\163\144\141\154\145\061\032\060\030
+\006\003\125\004\012\023\021\107\157\104\141\144\144\171\056\143
+\157\155\054\040\111\156\143\056\061\061\060\057\006\003\125\004
+\003\023\050\107\157\040\104\141\144\144\171\040\122\157\157\164
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062\060\202\001\042\060
+\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
+\001\017\000\060\202\001\012\002\202\001\001\000\277\161\142\010
+\361\372\131\064\367\033\311\030\243\367\200\111\130\351\042\203
+\023\246\305\040\103\001\073\204\361\346\205\111\237\047\352\366
+\204\033\116\240\264\333\160\230\307\062\001\261\005\076\007\116
+\356\364\372\117\057\131\060\042\347\253\031\126\153\342\200\007
+\374\363\026\165\200\071\121\173\345\371\065\266\164\116\251\215
+\202\023\344\266\077\251\003\203\372\242\276\212\025\152\177\336
+\013\303\266\031\024\005\312\352\303\250\004\224\073\106\174\062
+\015\363\000\146\042\310\215\151\155\066\214\021\030\267\323\262
+\034\140\264\070\372\002\214\316\323\335\106\007\336\012\076\353
+\135\174\310\174\373\260\053\123\244\222\142\151\121\045\005\141
+\032\104\201\214\054\251\103\226\043\337\254\072\201\232\016\051
+\305\034\251\351\135\036\266\236\236\060\012\071\316\361\210\200
+\373\113\135\314\062\354\205\142\103\045\064\002\126\047\001\221
+\264\073\160\052\077\156\261\350\234\210\001\175\237\324\371\333
+\123\155\140\235\277\054\347\130\253\270\137\106\374\316\304\033
+\003\074\011\353\111\061\134\151\106\263\340\107\002\003\001\000
+\001\243\102\060\100\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\035\006\003\125\035\016\004\026\004
+\024\072\232\205\007\020\147\050\266\357\366\275\005\101\156\040
+\301\224\332\017\336\060\015\006\011\052\206\110\206\367\015\001
+\001\013\005\000\003\202\001\001\000\231\333\135\171\325\371\227
+\131\147\003\141\361\176\073\006\061\165\055\241\040\216\117\145
+\207\264\367\246\234\274\330\351\057\320\333\132\356\317\164\214
+\163\264\070\102\332\005\173\370\002\165\270\375\245\261\327\256
+\366\327\336\023\313\123\020\176\212\106\321\227\372\267\056\053
+\021\253\220\260\047\200\371\350\237\132\351\067\237\253\344\337
+\154\263\205\027\235\075\331\044\117\171\221\065\326\137\004\353
+\200\203\253\232\002\055\265\020\364\330\220\307\004\163\100\355
+\162\045\240\251\237\354\236\253\150\022\231\127\306\217\022\072
+\011\244\275\104\375\006\025\067\301\233\344\062\243\355\070\350
+\330\144\363\054\176\024\374\002\352\237\315\377\007\150\027\333
+\042\220\070\055\172\215\321\124\361\151\343\137\063\312\172\075
+\173\012\343\312\177\137\071\345\342\165\272\305\166\030\063\316
+\054\360\057\114\255\367\261\347\316\117\250\304\233\112\124\006
+\305\177\175\325\010\017\342\034\376\176\027\270\254\136\366\324
+\026\262\103\011\014\115\366\247\153\264\231\204\145\312\172\210
+\342\342\104\276\134\367\352\034\365
+END
+
+# Trust for Certificate "Go Daddy Root Certificate Authority - G2"
+# Issuer: CN=Go Daddy Root Certificate Authority - G2,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Serial Number: 0 (0x0)
+# Subject: CN=Go Daddy Root Certificate Authority - G2,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Not Valid Before: Tue Sep 01 00:00:00 2009
+# Not Valid After : Thu Dec 31 23:59:59 2037
+# Fingerprint (MD5): 80:3A:BC:22:C1:E6:FB:8D:9B:3B:27:4A:32:1B:9A:01
+# Fingerprint (SHA1): 47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Go Daddy Root Certificate Authority - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\107\276\253\311\042\352\350\016\170\170\064\142\247\237\105\302
+\124\375\346\213
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\200\072\274\042\301\346\373\215\233\073\047\112\062\033\232\001
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\032\060\030\006\003\125\004\012
+\023\021\107\157\104\141\144\144\171\056\143\157\155\054\040\111
+\156\143\056\061\061\060\057\006\003\125\004\003\023\050\107\157
+\040\104\141\144\144\171\040\122\157\157\164\040\103\145\162\164
+\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
+\171\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Starfield Root Certificate Authority - G2"
+#
+# Issuer: CN=Starfield Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Serial Number: 0 (0x0)
+# Subject: CN=Starfield Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Not Valid Before: Tue Sep 01 00:00:00 2009
+# Not Valid After : Thu Dec 31 23:59:59 2037
+# Fingerprint (MD5): D6:39:81:C6:52:7E:96:69:FC:FC:CA:66:ED:05:F2:96
+# Fingerprint (SHA1): B5:1C:06:7C:EE:2B:0C:3D:F8:55:AB:2D:92:F4:FE:39:D4:E7:0F:0E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Starfield Root Certificate Authority - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012
+\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150
+\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061\062
+\060\060\006\003\125\004\003\023\051\123\164\141\162\146\151\145
+\154\144\040\122\157\157\164\040\103\145\162\164\151\146\151\143
+\141\164\145\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012
+\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150
+\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061\062
+\060\060\006\003\125\004\003\023\051\123\164\141\162\146\151\145
+\154\144\040\122\157\157\164\040\103\145\162\164\151\146\151\143
+\141\164\145\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157\156
+\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157\164
+\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012\023
+\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150\156
+\157\154\157\147\151\145\163\054\040\111\156\143\056\061\062\060
+\060\006\003\125\004\003\023\051\123\164\141\162\146\151\145\154
+\144\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\145\040\101\165\164\150\157\162\151\164\171\040\055\040\107
+\062\060\036\027\015\060\071\060\071\060\061\060\060\060\060\060
+\060\132\027\015\063\067\061\062\063\061\062\063\065\071\065\071
+\132\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125
+\123\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172
+\157\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143
+\157\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004
+\012\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143
+\150\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061
+\062\060\060\006\003\125\004\003\023\051\123\164\141\162\146\151
+\145\154\144\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\145\040\101\165\164\150\157\162\151\164\171\040\055
+\040\107\062\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\275\355\301\003\374\366\217\374\002\261\157\133
+\237\110\331\235\171\342\242\267\003\141\126\030\303\107\266\327
+\312\075\065\056\211\103\367\241\151\233\336\212\032\375\023\040
+\234\264\111\167\062\051\126\375\271\354\214\335\042\372\162\334
+\047\141\227\356\366\132\204\354\156\031\271\211\054\334\204\133
+\325\164\373\153\137\305\211\245\020\122\211\106\125\364\270\165
+\034\346\177\344\124\256\113\370\125\162\127\002\031\370\027\161
+\131\353\036\050\007\164\305\235\110\276\154\264\364\244\260\363
+\144\067\171\222\300\354\106\136\177\341\155\123\114\142\257\315
+\037\013\143\273\072\235\373\374\171\000\230\141\164\317\046\202
+\100\143\363\262\162\152\031\015\231\312\324\016\165\314\067\373
+\213\211\301\131\361\142\177\137\263\137\145\060\370\247\267\115
+\166\132\036\166\136\064\300\350\226\126\231\212\263\360\177\244
+\315\275\334\062\061\174\221\317\340\137\021\370\153\252\111\134
+\321\231\224\321\242\343\143\133\011\166\265\126\142\341\113\164
+\035\226\324\046\324\010\004\131\320\230\016\016\346\336\374\303
+\354\037\220\361\002\003\001\000\001\243\102\060\100\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\035
+\006\003\125\035\016\004\026\004\024\174\014\062\037\247\331\060
+\177\304\175\150\243\142\250\241\316\253\007\133\047\060\015\006
+\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001\001
+\000\021\131\372\045\117\003\157\224\231\073\232\037\202\205\071
+\324\166\005\224\136\341\050\223\155\142\135\011\302\240\250\324
+\260\165\070\361\064\152\235\344\237\212\206\046\121\346\054\321
+\306\055\156\225\040\112\222\001\354\270\212\147\173\061\342\147
+\056\214\225\003\046\056\103\235\112\061\366\016\265\014\273\267
+\342\067\177\042\272\000\243\016\173\122\373\153\273\073\304\323
+\171\121\116\315\220\364\147\007\031\310\074\106\172\015\001\175
+\305\130\347\155\346\205\060\027\232\044\304\020\340\004\367\340
+\362\177\324\252\012\377\102\035\067\355\224\345\144\131\022\040
+\167\070\323\062\076\070\201\165\226\163\372\150\217\261\313\316
+\037\305\354\372\234\176\317\176\261\361\007\055\266\374\277\312
+\244\277\320\227\005\112\274\352\030\050\002\220\275\124\170\011
+\041\161\323\321\175\035\331\026\260\251\141\075\320\012\000\042
+\374\307\173\313\011\144\105\013\073\100\201\367\175\174\062\365
+\230\312\130\216\175\052\356\220\131\163\144\371\066\164\136\045
+\241\365\146\005\056\177\071\025\251\052\373\120\213\216\205\151
+\364
+END
+
+# Trust for Certificate "Starfield Root Certificate Authority - G2"
+# Issuer: CN=Starfield Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Serial Number: 0 (0x0)
+# Subject: CN=Starfield Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Not Valid Before: Tue Sep 01 00:00:00 2009
+# Not Valid After : Thu Dec 31 23:59:59 2037
+# Fingerprint (MD5): D6:39:81:C6:52:7E:96:69:FC:FC:CA:66:ED:05:F2:96
+# Fingerprint (SHA1): B5:1C:06:7C:EE:2B:0C:3D:F8:55:AB:2D:92:F4:FE:39:D4:E7:0F:0E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Starfield Root Certificate Authority - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\265\034\006\174\356\053\014\075\370\125\253\055\222\364\376\071
+\324\347\017\016
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\326\071\201\306\122\176\226\151\374\374\312\146\355\005\362\226
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012
+\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150
+\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061\062
+\060\060\006\003\125\004\003\023\051\123\164\141\162\146\151\145
+\154\144\040\122\157\157\164\040\103\145\162\164\151\146\151\143
+\141\164\145\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Starfield Services Root Certificate Authority - G2"
+#
+# Issuer: CN=Starfield Services Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Serial Number: 0 (0x0)
+# Subject: CN=Starfield Services Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Not Valid Before: Tue Sep 01 00:00:00 2009
+# Not Valid After : Thu Dec 31 23:59:59 2037
+# Fingerprint (MD5): 17:35:74:AF:7B:61:1C:EB:F4:F9:3C:E2:EE:40:F9:A2
+# Fingerprint (SHA1): 92:5A:8F:8D:2C:6D:04:E0:66:5F:59:6A:FF:22:D8:63:E8:25:6F:3F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Starfield Services Root Certificate Authority - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012
+\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150
+\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061\073
+\060\071\006\003\125\004\003\023\062\123\164\141\162\146\151\145
+\154\144\040\123\145\162\166\151\143\145\163\040\122\157\157\164
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012
+\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150
+\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061\073
+\060\071\006\003\125\004\003\023\062\123\164\141\162\146\151\145
+\154\144\040\123\145\162\166\151\143\145\163\040\122\157\157\164
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\357\060\202\002\327\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157\156
+\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157\164
+\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012\023
+\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150\156
+\157\154\157\147\151\145\163\054\040\111\156\143\056\061\073\060
+\071\006\003\125\004\003\023\062\123\164\141\162\146\151\145\154
+\144\040\123\145\162\166\151\143\145\163\040\122\157\157\164\040
+\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150
+\157\162\151\164\171\040\055\040\107\062\060\036\027\015\060\071
+\060\071\060\061\060\060\060\060\060\060\132\027\015\063\067\061
+\062\063\061\062\063\065\071\065\071\132\060\201\230\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\020\060\016\006\003
+\125\004\010\023\007\101\162\151\172\157\156\141\061\023\060\021
+\006\003\125\004\007\023\012\123\143\157\164\164\163\144\141\154
+\145\061\045\060\043\006\003\125\004\012\023\034\123\164\141\162
+\146\151\145\154\144\040\124\145\143\150\156\157\154\157\147\151
+\145\163\054\040\111\156\143\056\061\073\060\071\006\003\125\004
+\003\023\062\123\164\141\162\146\151\145\154\144\040\123\145\162
+\166\151\143\145\163\040\122\157\157\164\040\103\145\162\164\151
+\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\062\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\325\014\072\304\052\371\116\342\365\276
+\031\227\137\216\210\123\261\037\077\313\317\237\040\023\155\051
+\072\310\017\175\074\367\153\166\070\143\331\066\140\250\233\136
+\134\000\200\262\057\131\177\366\207\371\045\103\206\347\151\033
+\122\232\220\341\161\343\330\055\015\116\157\366\310\111\331\266
+\363\032\126\256\053\266\164\024\353\317\373\046\343\032\272\035
+\226\056\152\073\130\224\211\107\126\377\045\240\223\160\123\203
+\332\204\164\024\303\147\236\004\150\072\337\216\100\132\035\112
+\116\317\103\221\073\347\126\326\000\160\313\122\356\173\175\256
+\072\347\274\061\371\105\366\302\140\317\023\131\002\053\200\314
+\064\107\337\271\336\220\145\155\002\317\054\221\246\246\347\336
+\205\030\111\174\146\116\243\072\155\251\265\356\064\056\272\015
+\003\270\063\337\107\353\261\153\215\045\331\233\316\201\321\105
+\106\062\226\160\207\336\002\016\111\103\205\266\154\163\273\144
+\352\141\101\254\311\324\124\337\207\057\307\042\262\046\314\237
+\131\124\150\237\374\276\052\057\304\125\034\165\100\140\027\205
+\002\125\071\213\177\005\002\003\001\000\001\243\102\060\100\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\035\006\003\125\035\016\004\026\004\024\234\137\000\337\252
+\001\327\060\053\070\210\242\270\155\112\234\362\021\221\203\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202
+\001\001\000\113\066\246\204\167\151\335\073\031\237\147\043\010
+\157\016\141\311\375\204\334\137\330\066\201\315\330\033\101\055
+\237\140\335\307\032\150\331\321\156\206\341\210\043\317\023\336
+\103\317\342\064\263\004\235\037\051\325\277\370\136\310\325\301
+\275\356\222\157\062\164\362\221\202\057\275\202\102\172\255\052
+\267\040\175\115\274\172\125\022\302\025\352\275\367\152\225\056
+\154\164\237\317\034\264\362\305\001\243\205\320\162\076\255\163
+\253\013\233\165\014\155\105\267\216\224\254\226\067\265\240\320
+\217\025\107\016\343\350\203\335\217\375\357\101\001\167\314\047
+\251\142\205\063\362\067\010\357\161\317\167\006\336\310\031\035
+\210\100\317\175\106\035\377\036\307\341\316\377\043\333\306\372
+\215\125\116\251\002\347\107\021\106\076\364\375\275\173\051\046
+\273\251\141\142\067\050\266\055\052\366\020\206\144\311\160\247
+\322\255\267\051\160\171\352\074\332\143\045\237\375\150\267\060
+\354\160\373\165\212\267\155\140\147\262\036\310\271\351\330\250
+\157\002\213\147\015\115\046\127\161\332\040\374\301\112\120\215
+\261\050\272
+END
+
+# Trust for Certificate "Starfield Services Root Certificate Authority - G2"
+# Issuer: CN=Starfield Services Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Serial Number: 0 (0x0)
+# Subject: CN=Starfield Services Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
+# Not Valid Before: Tue Sep 01 00:00:00 2009
+# Not Valid After : Thu Dec 31 23:59:59 2037
+# Fingerprint (MD5): 17:35:74:AF:7B:61:1C:EB:F4:F9:3C:E2:EE:40:F9:A2
+# Fingerprint (SHA1): 92:5A:8F:8D:2C:6D:04:E0:66:5F:59:6A:FF:22:D8:63:E8:25:6F:3F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Starfield Services Root Certificate Authority - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\222\132\217\215\054\155\004\340\146\137\131\152\377\042\330\143
+\350\045\157\077
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\027\065\164\257\173\141\034\353\364\371\074\342\356\100\371\242
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\230\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\020\060\016\006\003\125\004\010\023\007\101\162\151\172\157
+\156\141\061\023\060\021\006\003\125\004\007\023\012\123\143\157
+\164\164\163\144\141\154\145\061\045\060\043\006\003\125\004\012
+\023\034\123\164\141\162\146\151\145\154\144\040\124\145\143\150
+\156\157\154\157\147\151\145\163\054\040\111\156\143\056\061\073
+\060\071\006\003\125\004\003\023\062\123\164\141\162\146\151\145
+\154\144\040\123\145\162\166\151\143\145\163\040\122\157\157\164
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AffirmTrust Commercial"
+#
+# Issuer: CN=AffirmTrust Commercial,O=AffirmTrust,C=US
+# Serial Number:77:77:06:27:26:a9:b1:7c
+# Subject: CN=AffirmTrust Commercial,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:06:06 2010
+# Not Valid After : Tue Dec 31 14:06:06 2030
+# Fingerprint (MD5): 82:92:BA:5B:EF:CD:8A:6F:A6:3D:55:F9:84:F6:D6:B7
+# Fingerprint (SHA1): F9:B5:B6:32:45:5F:9C:BE:EC:57:5F:80:DC:E9:6E:2C:C7:B2:78:B7
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Commercial"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\037\060\035\006\003\125\004\003\014\026
+\101\146\146\151\162\155\124\162\165\163\164\040\103\157\155\155
+\145\162\143\151\141\154
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\037\060\035\006\003\125\004\003\014\026
+\101\146\146\151\162\155\124\162\165\163\164\040\103\157\155\155
+\145\162\143\151\141\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\167\167\006\047\046\251\261\174
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\114\060\202\002\064\240\003\002\001\002\002\010\167
+\167\006\047\046\251\261\174\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\104\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\024\060\022\006\003\125\004\012\014\013
+\101\146\146\151\162\155\124\162\165\163\164\061\037\060\035\006
+\003\125\004\003\014\026\101\146\146\151\162\155\124\162\165\163
+\164\040\103\157\155\155\145\162\143\151\141\154\060\036\027\015
+\061\060\060\061\062\071\061\064\060\066\060\066\132\027\015\063
+\060\061\062\063\061\061\064\060\066\060\066\132\060\104\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\024\060\022\006
+\003\125\004\012\014\013\101\146\146\151\162\155\124\162\165\163
+\164\061\037\060\035\006\003\125\004\003\014\026\101\146\146\151
+\162\155\124\162\165\163\164\040\103\157\155\155\145\162\143\151
+\141\154\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\366\033\117\147\007\053\241\025\365\006\042\313\037
+\001\262\343\163\105\006\104\111\054\273\111\045\024\326\316\303
+\267\253\054\117\306\101\062\224\127\372\022\247\133\016\342\217
+\037\036\206\031\247\252\265\055\271\137\015\212\302\257\205\065
+\171\062\055\273\034\142\067\362\261\133\112\075\312\315\161\137
+\351\102\276\224\350\310\336\371\042\110\144\306\345\253\306\053
+\155\255\005\360\372\325\013\317\232\345\360\120\244\213\073\107
+\245\043\133\172\172\370\063\077\270\357\231\227\343\040\301\326
+\050\211\317\224\373\271\105\355\343\100\027\021\324\164\360\013
+\061\342\053\046\152\233\114\127\256\254\040\076\272\105\172\005
+\363\275\233\151\025\256\175\116\040\143\304\065\166\072\007\002
+\311\067\375\307\107\356\350\361\166\035\163\025\362\227\244\265
+\310\172\171\331\102\252\053\177\134\376\316\046\117\243\146\201
+\065\257\104\272\124\036\034\060\062\145\235\346\074\223\136\120
+\116\172\343\072\324\156\314\032\373\371\322\067\256\044\052\253
+\127\003\042\050\015\111\165\177\267\050\332\165\277\216\343\334
+\016\171\061\002\003\001\000\001\243\102\060\100\060\035\006\003
+\125\035\016\004\026\004\024\235\223\306\123\213\136\312\257\077
+\237\036\017\345\231\225\274\044\366\224\217\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011
+\052\206\110\206\367\015\001\001\013\005\000\003\202\001\001\000
+\130\254\364\004\016\315\300\015\377\012\375\324\272\026\137\051
+\275\173\150\231\130\111\322\264\035\067\115\177\047\175\106\006
+\135\103\306\206\056\076\163\262\046\175\117\223\251\266\304\052
+\232\253\041\227\024\261\336\214\323\253\211\025\330\153\044\324
+\361\026\256\330\244\134\324\177\121\216\355\030\001\261\223\143
+\275\274\370\141\200\232\236\261\316\102\160\342\251\175\006\045
+\175\047\241\376\157\354\263\036\044\332\343\113\125\032\000\073
+\065\264\073\331\327\135\060\375\201\023\211\362\302\006\053\355
+\147\304\216\311\103\262\134\153\025\211\002\274\142\374\116\362
+\265\063\252\262\157\323\012\242\120\343\366\073\350\056\104\302
+\333\146\070\251\063\126\110\361\155\033\063\215\015\214\077\140
+\067\235\323\312\155\176\064\176\015\237\162\166\213\033\237\162
+\375\122\065\101\105\002\226\057\034\262\232\163\111\041\261\111
+\107\105\107\264\357\152\064\021\311\115\232\314\131\267\326\002
+\236\132\116\145\265\224\256\033\337\051\260\026\361\277\000\236
+\007\072\027\144\265\004\265\043\041\231\012\225\073\227\174\357
+END
+
+# Trust for Certificate "AffirmTrust Commercial"
+# Issuer: CN=AffirmTrust Commercial,O=AffirmTrust,C=US
+# Serial Number:77:77:06:27:26:a9:b1:7c
+# Subject: CN=AffirmTrust Commercial,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:06:06 2010
+# Not Valid After : Tue Dec 31 14:06:06 2030
+# Fingerprint (MD5): 82:92:BA:5B:EF:CD:8A:6F:A6:3D:55:F9:84:F6:D6:B7
+# Fingerprint (SHA1): F9:B5:B6:32:45:5F:9C:BE:EC:57:5F:80:DC:E9:6E:2C:C7:B2:78:B7
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Commercial"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\371\265\266\062\105\137\234\276\354\127\137\200\334\351\156\054
+\307\262\170\267
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\202\222\272\133\357\315\212\157\246\075\125\371\204\366\326\267
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\037\060\035\006\003\125\004\003\014\026
+\101\146\146\151\162\155\124\162\165\163\164\040\103\157\155\155
+\145\162\143\151\141\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\167\167\006\047\046\251\261\174
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AffirmTrust Networking"
+#
+# Issuer: CN=AffirmTrust Networking,O=AffirmTrust,C=US
+# Serial Number:7c:4f:04:39:1c:d4:99:2d
+# Subject: CN=AffirmTrust Networking,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:08:24 2010
+# Not Valid After : Tue Dec 31 14:08:24 2030
+# Fingerprint (MD5): 42:65:CA:BE:01:9A:9A:4C:A9:8C:41:49:CD:C0:D5:7F
+# Fingerprint (SHA1): 29:36:21:02:8B:20:ED:02:F5:66:C5:32:D1:D6:ED:90:9F:45:00:2F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Networking"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\037\060\035\006\003\125\004\003\014\026
+\101\146\146\151\162\155\124\162\165\163\164\040\116\145\164\167
+\157\162\153\151\156\147
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\037\060\035\006\003\125\004\003\014\026
+\101\146\146\151\162\155\124\162\165\163\164\040\116\145\164\167
+\157\162\153\151\156\147
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\174\117\004\071\034\324\231\055
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\114\060\202\002\064\240\003\002\001\002\002\010\174
+\117\004\071\034\324\231\055\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\060\104\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\024\060\022\006\003\125\004\012\014\013
+\101\146\146\151\162\155\124\162\165\163\164\061\037\060\035\006
+\003\125\004\003\014\026\101\146\146\151\162\155\124\162\165\163
+\164\040\116\145\164\167\157\162\153\151\156\147\060\036\027\015
+\061\060\060\061\062\071\061\064\060\070\062\064\132\027\015\063
+\060\061\062\063\061\061\064\060\070\062\064\132\060\104\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\024\060\022\006
+\003\125\004\012\014\013\101\146\146\151\162\155\124\162\165\163
+\164\061\037\060\035\006\003\125\004\003\014\026\101\146\146\151
+\162\155\124\162\165\163\164\040\116\145\164\167\157\162\153\151
+\156\147\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\264\204\314\063\027\056\153\224\154\153\141\122\240
+\353\243\317\171\224\114\345\224\200\231\313\125\144\104\145\217
+\147\144\342\006\343\134\067\111\366\057\233\204\204\036\055\362
+\140\235\060\116\314\204\205\342\054\317\036\236\376\066\253\063
+\167\065\104\330\065\226\032\075\066\350\172\016\330\325\107\241
+\152\151\213\331\374\273\072\256\171\132\325\364\326\161\273\232
+\220\043\153\232\267\210\164\207\014\036\137\271\236\055\372\253
+\123\053\334\273\166\076\223\114\010\010\214\036\242\043\034\324
+\152\255\042\272\231\001\056\155\145\313\276\044\146\125\044\113
+\100\104\261\033\327\341\302\205\300\336\020\077\075\355\270\374
+\361\361\043\123\334\277\145\227\157\331\371\100\161\215\175\275
+\225\324\316\276\240\136\047\043\336\375\246\320\046\016\000\051
+\353\074\106\360\075\140\277\077\120\322\334\046\101\121\236\024
+\067\102\004\243\160\127\250\033\207\355\055\372\173\356\214\012
+\343\251\146\211\031\313\101\371\335\104\066\141\317\342\167\106
+\310\175\366\364\222\201\066\375\333\064\361\162\176\363\014\026
+\275\264\025\002\003\001\000\001\243\102\060\100\060\035\006\003
+\125\035\016\004\026\004\024\007\037\322\347\234\332\302\156\242
+\100\264\260\172\120\020\120\164\304\310\275\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
+\211\127\262\026\172\250\302\375\326\331\233\233\064\302\234\264
+\062\024\115\247\244\337\354\276\247\276\370\103\333\221\067\316
+\264\062\056\120\125\032\065\116\166\103\161\040\357\223\167\116
+\025\160\056\207\303\301\035\155\334\313\265\047\324\054\126\321
+\122\123\072\104\322\163\310\304\033\005\145\132\142\222\234\356
+\101\215\061\333\347\064\352\131\041\325\001\172\327\144\270\144
+\071\315\311\355\257\355\113\003\110\247\240\231\001\200\334\145
+\243\066\256\145\131\110\117\202\113\310\145\361\127\035\345\131
+\056\012\077\154\330\321\365\345\011\264\154\124\000\012\340\025
+\115\207\165\155\267\130\226\132\335\155\322\000\240\364\233\110
+\276\303\067\244\272\066\340\174\207\205\227\032\025\242\336\056
+\242\133\275\257\030\371\220\120\315\160\131\370\047\147\107\313
+\307\240\007\072\175\321\054\135\154\031\072\146\265\175\375\221
+\157\202\261\276\010\223\333\024\107\361\242\067\307\105\236\074
+\307\167\257\144\250\223\337\366\151\203\202\140\362\111\102\064
+\355\132\000\124\205\034\026\066\222\014\134\372\246\255\277\333
+END
+
+# Trust for Certificate "AffirmTrust Networking"
+# Issuer: CN=AffirmTrust Networking,O=AffirmTrust,C=US
+# Serial Number:7c:4f:04:39:1c:d4:99:2d
+# Subject: CN=AffirmTrust Networking,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:08:24 2010
+# Not Valid After : Tue Dec 31 14:08:24 2030
+# Fingerprint (MD5): 42:65:CA:BE:01:9A:9A:4C:A9:8C:41:49:CD:C0:D5:7F
+# Fingerprint (SHA1): 29:36:21:02:8B:20:ED:02:F5:66:C5:32:D1:D6:ED:90:9F:45:00:2F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Networking"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\051\066\041\002\213\040\355\002\365\146\305\062\321\326\355\220
+\237\105\000\057
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\102\145\312\276\001\232\232\114\251\214\101\111\315\300\325\177
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\037\060\035\006\003\125\004\003\014\026
+\101\146\146\151\162\155\124\162\165\163\164\040\116\145\164\167
+\157\162\153\151\156\147
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\174\117\004\071\034\324\231\055
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AffirmTrust Premium"
+#
+# Issuer: CN=AffirmTrust Premium,O=AffirmTrust,C=US
+# Serial Number:6d:8c:14:46:b1:a6:0a:ee
+# Subject: CN=AffirmTrust Premium,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:10:36 2010
+# Not Valid After : Mon Dec 31 14:10:36 2040
+# Fingerprint (MD5): C4:5D:0E:48:B6:AC:28:30:4E:0A:BC:F9:38:16:87:57
+# Fingerprint (SHA1): D8:A6:33:2C:E0:03:6F:B1:85:F6:63:4F:7D:6A:06:65:26:32:28:27
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Premium"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\101\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\034\060\032\006\003\125\004\003\014\023
+\101\146\146\151\162\155\124\162\165\163\164\040\120\162\145\155
+\151\165\155
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\101\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\034\060\032\006\003\125\004\003\014\023
+\101\146\146\151\162\155\124\162\165\163\164\040\120\162\145\155
+\151\165\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\155\214\024\106\261\246\012\356
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\106\060\202\003\056\240\003\002\001\002\002\010\155
+\214\024\106\261\246\012\356\060\015\006\011\052\206\110\206\367
+\015\001\001\014\005\000\060\101\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\024\060\022\006\003\125\004\012\014\013
+\101\146\146\151\162\155\124\162\165\163\164\061\034\060\032\006
+\003\125\004\003\014\023\101\146\146\151\162\155\124\162\165\163
+\164\040\120\162\145\155\151\165\155\060\036\027\015\061\060\060
+\061\062\071\061\064\061\060\063\066\132\027\015\064\060\061\062
+\063\061\061\064\061\060\063\066\132\060\101\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004
+\012\014\013\101\146\146\151\162\155\124\162\165\163\164\061\034
+\060\032\006\003\125\004\003\014\023\101\146\146\151\162\155\124
+\162\165\163\164\040\120\162\145\155\151\165\155\060\202\002\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\002\017\000\060\202\002\012\002\202\002\001\000\304\022\337
+\251\137\376\101\335\335\365\237\212\343\366\254\341\074\170\232
+\274\330\360\177\172\240\063\052\334\215\040\133\256\055\157\347
+\223\331\066\160\152\150\317\216\121\243\205\133\147\004\240\020
+\044\157\135\050\202\301\227\127\330\110\051\023\266\341\276\221
+\115\337\205\014\123\030\232\036\044\242\117\217\360\242\205\013
+\313\364\051\177\322\244\130\356\046\115\311\252\250\173\232\331
+\372\070\336\104\127\025\345\370\214\310\331\110\342\015\026\047
+\035\036\310\203\205\045\267\272\252\125\101\314\003\042\113\055
+\221\215\213\346\211\257\146\307\351\377\053\351\074\254\332\322
+\263\303\341\150\234\211\370\172\000\126\336\364\125\225\154\373
+\272\144\335\142\213\337\013\167\062\353\142\314\046\232\233\273
+\252\142\203\114\264\006\172\060\310\051\277\355\006\115\227\271
+\034\304\061\053\325\137\274\123\022\027\234\231\127\051\146\167
+\141\041\061\007\056\045\111\235\030\362\356\363\053\161\214\265
+\272\071\007\111\167\374\357\056\222\220\005\215\055\057\167\173
+\357\103\277\065\273\232\330\371\163\247\054\362\320\127\356\050
+\116\046\137\217\220\150\011\057\270\370\334\006\351\056\232\076
+\121\247\321\042\304\012\247\070\110\154\263\371\377\175\253\206
+\127\343\272\326\205\170\167\272\103\352\110\177\366\330\276\043
+\155\036\277\321\066\154\130\134\361\356\244\031\124\032\365\003
+\322\166\346\341\214\275\074\263\323\110\113\342\310\370\177\222
+\250\166\106\234\102\145\076\244\036\301\007\003\132\106\055\270
+\227\363\267\325\262\125\041\357\272\334\114\000\227\373\024\225
+\047\063\277\350\103\107\106\322\010\231\026\140\073\232\176\322
+\346\355\070\352\354\001\036\074\110\126\111\011\307\114\067\000
+\236\210\016\300\163\341\157\146\351\162\107\060\076\020\345\013
+\003\311\232\102\000\154\305\224\176\141\304\212\337\177\202\032
+\013\131\304\131\062\167\263\274\140\151\126\071\375\264\006\173
+\054\326\144\066\331\275\110\355\204\037\176\245\042\217\052\270
+\102\364\202\267\324\123\220\170\116\055\032\375\201\157\104\327
+\073\001\164\226\102\340\000\342\056\153\352\305\356\162\254\273
+\277\376\352\252\250\370\334\366\262\171\212\266\147\002\003\001
+\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026\004
+\024\235\300\147\246\014\042\331\046\365\105\253\246\145\122\021
+\047\330\105\254\143\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015
+\001\001\014\005\000\003\202\002\001\000\263\127\115\020\142\116
+\072\344\254\352\270\034\257\062\043\310\263\111\132\121\234\166
+\050\215\171\252\127\106\027\325\365\122\366\267\104\350\010\104
+\277\030\204\322\013\200\315\305\022\375\000\125\005\141\207\101
+\334\265\044\236\074\304\330\310\373\160\236\057\170\226\203\040
+\066\336\174\017\151\023\210\245\165\066\230\010\246\306\337\254
+\316\343\130\326\267\076\336\272\363\353\064\100\330\242\201\365
+\170\077\057\325\245\374\331\242\324\136\004\016\027\255\376\101
+\360\345\262\162\372\104\202\063\102\350\055\130\367\126\214\142
+\077\272\102\260\234\014\134\176\056\145\046\134\123\117\000\262
+\170\176\241\015\231\055\215\270\035\216\242\304\260\375\140\320
+\060\244\216\310\004\142\251\304\355\065\336\172\227\355\016\070
+\136\222\057\223\160\245\251\234\157\247\175\023\035\176\306\010
+\110\261\136\147\353\121\010\045\351\346\045\153\122\051\221\234
+\322\071\163\010\127\336\231\006\264\133\235\020\006\341\302\000
+\250\270\034\112\002\012\024\320\301\101\312\373\214\065\041\175
+\202\070\362\251\124\221\031\065\223\224\155\152\072\305\262\320
+\273\211\206\223\350\233\311\017\072\247\172\270\241\360\170\106
+\372\374\067\057\345\212\204\363\337\376\004\331\241\150\240\057
+\044\342\011\225\006\325\225\312\341\044\226\353\174\366\223\005
+\273\355\163\351\055\321\165\071\327\347\044\333\330\116\137\103
+\217\236\320\024\071\277\125\160\110\231\127\061\264\234\356\112
+\230\003\226\060\037\140\006\356\033\043\376\201\140\043\032\107
+\142\205\245\314\031\064\200\157\263\254\032\343\237\360\173\110
+\255\325\001\331\147\266\251\162\223\352\055\146\265\262\270\344
+\075\074\262\357\114\214\352\353\007\277\253\065\232\125\206\274
+\030\246\265\250\136\264\203\154\153\151\100\323\237\334\361\303
+\151\153\271\341\155\011\364\361\252\120\166\012\172\175\172\027
+\241\125\226\102\231\061\011\335\140\021\215\005\060\176\346\216
+\106\321\235\024\332\307\027\344\005\226\214\304\044\265\033\317
+\024\007\262\100\370\243\236\101\206\274\004\320\153\226\310\052
+\200\064\375\277\357\006\243\335\130\305\205\075\076\217\376\236
+\051\340\266\270\011\150\031\034\030\103
+END
+
+# Trust for Certificate "AffirmTrust Premium"
+# Issuer: CN=AffirmTrust Premium,O=AffirmTrust,C=US
+# Serial Number:6d:8c:14:46:b1:a6:0a:ee
+# Subject: CN=AffirmTrust Premium,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:10:36 2010
+# Not Valid After : Mon Dec 31 14:10:36 2040
+# Fingerprint (MD5): C4:5D:0E:48:B6:AC:28:30:4E:0A:BC:F9:38:16:87:57
+# Fingerprint (SHA1): D8:A6:33:2C:E0:03:6F:B1:85:F6:63:4F:7D:6A:06:65:26:32:28:27
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Premium"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\330\246\063\054\340\003\157\261\205\366\143\117\175\152\006\145
+\046\062\050\047
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\304\135\016\110\266\254\050\060\116\012\274\371\070\026\207\127
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\101\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\034\060\032\006\003\125\004\003\014\023
+\101\146\146\151\162\155\124\162\165\163\164\040\120\162\145\155
+\151\165\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\155\214\024\106\261\246\012\356
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AffirmTrust Premium ECC"
+#
+# Issuer: CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
+# Serial Number:74:97:25:8a:c7:3f:7a:54
+# Subject: CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:20:24 2010
+# Not Valid After : Mon Dec 31 14:20:24 2040
+# Fingerprint (MD5): 64:B0:09:55:CF:B1:D5:99:E2:BE:13:AB:A6:5D:EA:4D
+# Fingerprint (SHA1): B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Premium ECC"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\040\060\036\006\003\125\004\003\014\027
+\101\146\146\151\162\155\124\162\165\163\164\040\120\162\145\155
+\151\165\155\040\105\103\103
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\040\060\036\006\003\125\004\003\014\027
+\101\146\146\151\162\155\124\162\165\163\164\040\120\162\145\155
+\151\165\155\040\105\103\103
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\164\227\045\212\307\077\172\124
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\001\376\060\202\001\205\240\003\002\001\002\002\010\164
+\227\045\212\307\077\172\124\060\012\006\010\052\206\110\316\075
+\004\003\003\060\105\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\024\060\022\006\003\125\004\012\014\013\101\146\146
+\151\162\155\124\162\165\163\164\061\040\060\036\006\003\125\004
+\003\014\027\101\146\146\151\162\155\124\162\165\163\164\040\120
+\162\145\155\151\165\155\040\105\103\103\060\036\027\015\061\060
+\060\061\062\071\061\064\062\060\062\064\132\027\015\064\060\061
+\062\063\061\061\064\062\060\062\064\132\060\105\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125
+\004\012\014\013\101\146\146\151\162\155\124\162\165\163\164\061
+\040\060\036\006\003\125\004\003\014\027\101\146\146\151\162\155
+\124\162\165\163\164\040\120\162\145\155\151\165\155\040\105\103
+\103\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005
+\053\201\004\000\042\003\142\000\004\015\060\136\033\025\235\003
+\320\241\171\065\267\072\074\222\172\312\025\034\315\142\363\234
+\046\134\007\075\345\124\372\243\326\314\022\352\364\024\137\350
+\216\031\253\057\056\110\346\254\030\103\170\254\320\067\303\275
+\262\315\054\346\107\342\032\346\143\270\075\056\057\170\304\117
+\333\364\017\244\150\114\125\162\153\225\035\116\030\102\225\170
+\314\067\074\221\342\233\145\053\051\243\102\060\100\060\035\006
+\003\125\035\016\004\026\004\024\232\257\051\172\300\021\065\065
+\046\121\060\000\303\152\376\100\325\256\326\074\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\012\006
+\010\052\206\110\316\075\004\003\003\003\147\000\060\144\002\060
+\027\011\363\207\210\120\132\257\310\300\102\277\107\137\365\154
+\152\206\340\304\047\164\344\070\123\327\005\177\033\064\343\306
+\057\263\312\011\074\067\235\327\347\270\106\361\375\241\342\161
+\002\060\102\131\207\103\324\121\337\272\323\011\062\132\316\210
+\176\127\075\234\137\102\153\365\007\055\265\360\202\223\371\131
+\157\256\144\372\130\345\213\036\343\143\276\265\201\315\157\002
+\214\171
+END
+
+# Trust for Certificate "AffirmTrust Premium ECC"
+# Issuer: CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
+# Serial Number:74:97:25:8a:c7:3f:7a:54
+# Subject: CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
+# Not Valid Before: Fri Jan 29 14:20:24 2010
+# Not Valid After : Mon Dec 31 14:20:24 2040
+# Fingerprint (MD5): 64:B0:09:55:CF:B1:D5:99:E2:BE:13:AB:A6:5D:EA:4D
+# Fingerprint (SHA1): B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AffirmTrust Premium ECC"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\270\043\153\000\057\035\026\206\123\001\125\154\021\244\067\312
+\353\377\303\273
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\144\260\011\125\317\261\325\231\342\276\023\253\246\135\352\115
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\024\060\022\006\003\125\004\012\014\013\101\146\146\151\162\155
+\124\162\165\163\164\061\040\060\036\006\003\125\004\003\014\027
+\101\146\146\151\162\155\124\162\165\163\164\040\120\162\145\155
+\151\165\155\040\105\103\103
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\164\227\045\212\307\077\172\124
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certum Trusted Network CA"
+#
+# Issuer: CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Serial Number: 279744 (0x444c0)
+# Subject: CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Not Valid Before: Wed Oct 22 12:07:37 2008
+# Not Valid After : Mon Dec 31 12:07:37 2029
+# Fingerprint (MD5): D5:E9:81:40:C5:18:69:FC:46:2C:89:75:62:0F:AA:78
+# Fingerprint (SHA1): 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certum Trusted Network CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\176\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145\164
+\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040\123
+\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103\145
+\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\061\042\060\040
+\006\003\125\004\003\023\031\103\145\162\164\165\155\040\124\162
+\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\176\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145\164
+\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040\123
+\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103\145
+\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\061\042\060\040
+\006\003\125\004\003\023\031\103\145\162\164\165\155\040\124\162
+\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\004\104\300
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\273\060\202\002\243\240\003\002\001\002\002\003\004
+\104\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\060\176\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145
+\164\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040
+\123\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103
+\145\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\061\042\060
+\040\006\003\125\004\003\023\031\103\145\162\164\165\155\040\124
+\162\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103
+\101\060\036\027\015\060\070\061\060\062\062\061\062\060\067\063
+\067\132\027\015\062\071\061\062\063\061\061\062\060\067\063\067
+\132\060\176\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145
+\164\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040
+\123\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103
+\145\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\061\042\060
+\040\006\003\125\004\003\023\031\103\145\162\164\165\155\040\124
+\162\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103
+\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\343\373\175\243\162\272\302\360\311\024\207\365\153\001
+\116\341\156\100\007\272\155\047\135\177\367\133\055\263\132\307
+\121\137\253\244\062\246\141\207\266\156\017\206\322\060\002\227
+\370\327\151\127\241\030\071\135\152\144\171\306\001\131\254\074
+\061\112\070\174\322\004\322\113\050\350\040\137\073\007\242\314
+\115\163\333\363\256\117\307\126\325\132\247\226\211\372\363\253
+\150\324\043\206\131\047\317\011\047\274\254\156\162\203\034\060
+\162\337\340\242\351\322\341\164\165\031\275\052\236\173\025\124
+\004\033\327\103\071\255\125\050\305\342\032\273\364\300\344\256
+\070\111\063\314\166\205\237\071\105\322\244\236\362\022\214\121
+\370\174\344\055\177\365\254\137\353\026\237\261\055\321\272\314
+\221\102\167\114\045\311\220\070\157\333\360\314\373\216\036\227
+\131\076\325\140\116\346\005\050\355\111\171\023\113\272\110\333
+\057\371\162\323\071\312\376\037\330\064\162\365\264\100\317\061
+\001\303\354\336\021\055\027\135\037\270\120\321\136\031\247\151
+\336\007\063\050\312\120\225\371\247\124\313\124\206\120\105\251
+\371\111\002\003\001\000\001\243\102\060\100\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
+\125\035\016\004\026\004\024\010\166\315\313\007\377\044\366\305
+\315\355\273\220\274\342\204\067\106\165\367\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052
+\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000\246
+\250\255\042\316\001\075\246\243\377\142\320\110\235\213\136\162
+\260\170\104\343\334\034\257\011\375\043\110\372\275\052\304\271
+\125\004\265\020\243\215\047\336\013\202\143\320\356\336\014\067
+\171\101\133\042\262\260\232\101\134\246\160\340\324\320\167\313
+\043\323\000\340\154\126\057\341\151\015\015\331\252\277\041\201
+\120\331\006\245\250\377\225\067\320\252\376\342\263\365\231\055
+\105\204\212\345\102\011\327\164\002\057\367\211\330\231\351\274
+\047\324\107\215\272\015\106\034\167\317\024\244\034\271\244\061
+\304\234\050\164\003\064\377\063\031\046\245\351\015\164\267\076
+\227\306\166\350\047\226\243\146\335\341\256\362\101\133\312\230
+\126\203\163\160\344\206\032\322\061\101\272\057\276\055\023\132
+\166\157\116\350\116\201\016\077\133\003\042\240\022\276\146\130
+\021\112\313\003\304\264\052\052\055\226\027\340\071\124\274\110
+\323\166\047\235\232\055\006\246\311\354\071\322\253\333\237\232
+\013\047\002\065\051\261\100\225\347\371\350\234\125\210\031\106
+\326\267\064\365\176\316\071\232\331\070\361\121\367\117\054
+END
+
+# Trust for Certificate "Certum Trusted Network CA"
+# Issuer: CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Serial Number: 279744 (0x444c0)
+# Subject: CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Not Valid Before: Wed Oct 22 12:07:37 2008
+# Not Valid After : Mon Dec 31 12:07:37 2029
+# Fingerprint (MD5): D5:E9:81:40:C5:18:69:FC:46:2C:89:75:62:0F:AA:78
+# Fingerprint (SHA1): 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certum Trusted Network CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\007\340\062\340\040\267\054\077\031\057\006\050\242\131\072\031
+\247\017\006\236
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\325\351\201\100\305\030\151\374\106\054\211\165\142\017\252\170
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\176\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145\164
+\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040\123
+\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103\145
+\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\061\042\060\040
+\006\003\125\004\003\023\031\103\145\162\164\165\155\040\124\162
+\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\004\104\300
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certinomis - Autorité Racine"
+#
+# Issuer: CN=Certinomis - Autorit.. Racine,OU=0002 433998903,O=Certinomis,C=FR
+# Serial Number: 1 (0x1)
+# Subject: CN=Certinomis - Autorit.. Racine,OU=0002 433998903,O=Certinomis,C=FR
+# Not Valid Before: Wed Sep 17 08:28:59 2008
+# Not Valid After : Sun Sep 17 08:28:59 2028
+# Fingerprint (MD5): 7F:30:78:8C:03:E3:CA:C9:0A:E2:C9:EA:1E:AA:55:1A
+# Fingerprint (SHA1): 2E:14:DA:EC:28:F0:FA:1E:8E:38:9A:4E:AB:EB:26:C0:0A:D3:83:C3
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certinomis - Autorité Racine"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\023\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156
+\157\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060
+\060\060\062\040\064\063\063\071\071\070\071\060\063\061\046\060
+\044\006\003\125\004\003\014\035\103\145\162\164\151\156\157\155
+\151\163\040\055\040\101\165\164\157\162\151\164\303\251\040\122
+\141\143\151\156\145
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\023\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156
+\157\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060
+\060\060\062\040\064\063\063\071\071\070\071\060\063\061\046\060
+\044\006\003\125\004\003\014\035\103\145\162\164\151\156\157\155
+\151\163\040\055\040\101\165\164\157\162\151\164\303\251\040\122
+\141\143\151\156\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\234\060\202\003\204\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\143\061\013\060\011\006\003\125\004\006\023\002\106\122\061\023
+\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156\157
+\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060\060
+\060\062\040\064\063\063\071\071\070\071\060\063\061\046\060\044
+\006\003\125\004\003\014\035\103\145\162\164\151\156\157\155\151
+\163\040\055\040\101\165\164\157\162\151\164\303\251\040\122\141
+\143\151\156\145\060\036\027\015\060\070\060\071\061\067\060\070
+\062\070\065\071\132\027\015\062\070\060\071\061\067\060\070\062
+\070\065\071\132\060\143\061\013\060\011\006\003\125\004\006\023
+\002\106\122\061\023\060\021\006\003\125\004\012\023\012\103\145
+\162\164\151\156\157\155\151\163\061\027\060\025\006\003\125\004
+\013\023\016\060\060\060\062\040\064\063\063\071\071\070\071\060
+\063\061\046\060\044\006\003\125\004\003\014\035\103\145\162\164
+\151\156\157\155\151\163\040\055\040\101\165\164\157\162\151\164
+\303\251\040\122\141\143\151\156\145\060\202\002\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017
+\000\060\202\002\012\002\202\002\001\000\235\205\237\206\323\343
+\257\307\262\153\156\063\340\236\267\102\064\125\235\371\201\276
+\143\330\043\166\016\227\124\315\231\114\032\361\071\307\210\330
+\027\120\014\236\141\332\300\116\125\336\347\132\270\172\116\167
+\207\015\345\270\353\372\236\136\173\036\304\317\050\164\307\223
+\365\024\306\042\050\004\371\221\303\253\047\163\152\016\056\115
+\363\056\050\037\160\337\125\057\116\355\307\161\157\011\162\056
+\355\325\062\227\320\361\130\167\321\140\274\116\136\333\232\204
+\366\107\141\105\053\366\120\246\177\152\161\047\110\204\065\236
+\254\376\151\251\236\172\136\065\045\372\264\247\111\065\167\226
+\247\066\133\341\315\337\043\160\330\135\114\245\010\203\361\246
+\044\070\023\250\354\057\250\241\147\307\246\055\206\107\356\212
+\374\354\233\016\164\364\053\111\002\173\220\165\214\374\231\071
+\001\071\326\112\211\345\236\166\253\076\226\050\070\046\213\335
+\215\214\300\366\001\036\157\245\061\022\070\175\225\302\161\356
+\355\164\256\344\066\242\103\165\325\361\000\233\342\344\327\314
+\102\003\113\170\172\345\175\273\270\256\056\040\223\323\344\141
+\337\161\341\166\147\227\077\266\337\152\163\132\144\042\345\102
+\333\317\201\003\223\330\364\343\020\340\162\366\000\160\254\360
+\301\172\017\005\177\317\064\151\105\265\223\344\031\333\122\026
+\043\005\211\016\215\110\344\045\157\263\170\277\142\365\007\372
+\225\044\302\226\262\350\243\043\302\135\003\374\303\323\345\174
+\311\165\043\327\364\365\274\336\344\337\315\200\277\221\210\175
+\247\023\264\071\272\054\272\275\321\153\314\363\245\050\355\104
+\236\175\122\243\157\226\056\031\176\034\363\133\307\026\216\273
+\140\175\167\146\107\124\202\000\021\140\154\062\301\250\070\033
+\353\156\230\023\326\356\070\365\360\237\016\357\376\061\201\301
+\322\044\225\057\123\172\151\242\360\017\206\105\216\130\202\053
+\114\042\324\136\240\347\175\046\047\110\337\045\106\215\112\050
+\174\206\236\371\233\032\131\271\145\277\005\335\266\102\135\075
+\346\000\110\202\136\040\367\021\202\336\312\330\237\346\067\107
+\046\036\353\170\367\141\303\101\144\130\002\101\371\332\340\321
+\370\371\350\375\122\070\266\365\211\337\002\003\001\000\001\243
+\133\060\131\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\015
+\214\266\141\332\104\270\321\024\175\303\276\175\136\110\360\316
+\312\152\260\060\027\006\003\125\035\040\004\020\060\016\060\014
+\006\012\052\201\172\001\126\002\002\000\001\001\060\015\006\011
+\052\206\110\206\367\015\001\001\005\005\000\003\202\002\001\000
+\044\076\140\006\176\035\357\072\076\333\352\257\034\232\054\001
+\013\364\305\265\331\111\061\364\135\101\215\211\014\116\377\154
+\242\375\377\342\006\310\071\237\361\132\251\335\042\130\025\250
+\212\323\261\346\062\011\202\003\154\327\077\010\307\370\271\272
+\000\155\271\326\374\122\062\135\244\177\244\061\224\273\266\114
+\070\177\050\060\065\377\237\043\123\267\266\356\024\160\000\100
+\053\332\107\253\064\176\136\247\126\060\141\053\213\103\254\375
+\266\210\050\365\153\266\076\140\112\272\102\220\064\147\215\352
+\353\137\105\124\073\027\254\213\344\306\145\017\356\320\214\135
+\146\071\316\062\247\330\020\227\300\176\064\234\237\224\363\366
+\206\037\317\033\163\255\224\171\207\150\160\303\063\245\160\347
+\330\325\070\224\157\143\171\353\277\012\016\010\347\305\057\017
+\102\240\053\024\100\377\041\340\005\305\047\341\204\021\023\272
+\326\206\035\101\013\023\043\211\323\311\013\350\212\272\172\243
+\243\163\067\065\200\175\022\270\063\167\100\070\300\372\136\060
+\322\362\266\243\261\326\242\225\227\201\233\122\355\151\114\377
+\200\344\123\333\124\133\003\155\124\137\261\270\357\044\275\157
+\237\021\303\307\144\302\017\050\142\205\146\136\032\173\262\267
+\357\256\065\311\031\063\250\270\047\333\063\125\277\150\341\165
+\110\104\126\373\315\323\110\273\107\211\072\254\151\365\200\306
+\344\104\120\057\124\304\252\103\305\061\061\130\275\226\305\352
+\165\154\232\165\261\115\370\367\227\377\226\026\362\227\115\350
+\366\363\021\371\072\175\212\070\156\004\313\341\323\105\025\252
+\245\321\035\235\135\143\350\044\346\066\024\342\207\255\033\131
+\365\104\233\373\327\167\174\037\001\160\142\241\040\032\242\305
+\032\050\364\041\003\356\056\331\301\200\352\271\331\202\326\133
+\166\302\313\073\265\322\000\360\243\016\341\255\156\100\367\333
+\240\264\320\106\256\025\327\104\302\115\065\371\322\013\362\027
+\366\254\146\325\044\262\117\321\034\231\300\156\365\175\353\164
+\004\270\371\115\167\011\327\264\317\007\060\011\361\270\000\126
+\331\027\026\026\012\053\206\337\217\001\031\032\345\273\202\143
+\377\276\013\166\026\136\067\067\346\330\164\227\242\231\105\171
+END
+
+# Trust for Certificate "Certinomis - Autorité Racine"
+# Issuer: CN=Certinomis - Autorit.. Racine,OU=0002 433998903,O=Certinomis,C=FR
+# Serial Number: 1 (0x1)
+# Subject: CN=Certinomis - Autorit.. Racine,OU=0002 433998903,O=Certinomis,C=FR
+# Not Valid Before: Wed Sep 17 08:28:59 2008
+# Not Valid After : Sun Sep 17 08:28:59 2028
+# Fingerprint (MD5): 7F:30:78:8C:03:E3:CA:C9:0A:E2:C9:EA:1E:AA:55:1A
+# Fingerprint (SHA1): 2E:14:DA:EC:28:F0:FA:1E:8E:38:9A:4E:AB:EB:26:C0:0A:D3:83:C3
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certinomis - Autorité Racine"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\056\024\332\354\050\360\372\036\216\070\232\116\253\353\046\300
+\012\323\203\303
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\177\060\170\214\003\343\312\311\012\342\311\352\036\252\125\032
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\023\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156
+\157\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060
+\060\060\062\040\064\063\063\071\071\070\071\060\063\061\046\060
+\044\006\003\125\004\003\014\035\103\145\162\164\151\156\157\155
+\151\163\040\055\040\101\165\164\157\162\151\164\303\251\040\122
+\141\143\151\156\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TWCA Root Certification Authority"
+#
+# Issuer: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW
+# Serial Number: 1 (0x1)
+# Subject: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW
+# Not Valid Before: Thu Aug 28 07:24:33 2008
+# Not Valid After : Tue Dec 31 15:59:59 2030
+# Fingerprint (MD5): AA:08:8F:F6:F9:7B:B7:F2:B1:A7:1E:9B:EA:EA:BD:79
+# Fingerprint (SHA1): CF:9E:87:6D:D3:EB:FC:42:26:97:A3:B5:A3:7A:A0:76:A9:06:23:48
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TWCA Root Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\014\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\014\007\122\157
+\157\164\040\103\101\061\052\060\050\006\003\125\004\003\014\041
+\124\127\103\101\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\014\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\014\007\122\157
+\157\164\040\103\101\061\052\060\050\006\003\125\004\003\014\041
+\124\127\103\101\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\173\060\202\002\143\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\137\061\013\060\011\006\003\125\004\006\023\002\124\127\061\022
+\060\020\006\003\125\004\012\014\011\124\101\111\127\101\116\055
+\103\101\061\020\060\016\006\003\125\004\013\014\007\122\157\157
+\164\040\103\101\061\052\060\050\006\003\125\004\003\014\041\124
+\127\103\101\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\060\036\027\015\060\070\060\070\062\070\060\067\062\064\063\063
+\132\027\015\063\060\061\062\063\061\061\065\065\071\065\071\132
+\060\137\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\014\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\014\007\122\157
+\157\164\040\103\101\061\052\060\050\006\003\125\004\003\014\041
+\124\127\103\101\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
+\001\000\260\176\162\270\244\003\224\346\247\336\011\070\221\112
+\021\100\207\247\174\131\144\024\173\265\021\020\335\376\277\325
+\300\273\126\342\205\045\364\065\162\017\370\123\320\101\341\104
+\001\302\264\034\303\061\102\026\107\205\063\042\166\262\012\157
+\017\345\045\120\117\205\206\276\277\230\056\020\147\036\276\021
+\005\206\005\220\304\131\320\174\170\020\260\200\134\267\341\307
+\053\165\313\174\237\256\265\321\235\043\067\143\247\334\102\242
+\055\222\004\033\120\301\173\270\076\033\311\126\004\213\057\122
+\233\255\251\126\351\301\377\255\251\130\207\060\266\201\367\227
+\105\374\031\127\073\053\157\344\107\364\231\105\376\035\361\370
+\227\243\210\035\067\034\134\217\340\166\045\232\120\370\240\124
+\377\104\220\166\043\322\062\306\303\253\006\277\374\373\277\363
+\255\175\222\142\002\133\051\323\065\243\223\232\103\144\140\135
+\262\372\062\377\073\004\257\115\100\152\371\307\343\357\043\375
+\153\313\345\017\213\070\015\356\012\374\376\017\230\237\060\061
+\335\154\122\145\371\213\201\276\042\341\034\130\003\272\221\033
+\211\007\002\003\001\000\001\243\102\060\100\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
+\125\035\016\004\026\004\024\152\070\133\046\215\336\213\132\362
+\117\172\124\203\031\030\343\010\065\246\272\060\015\006\011\052
+\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000\074
+\325\167\075\332\337\211\272\207\014\010\124\152\040\120\222\276
+\260\101\075\271\046\144\203\012\057\350\100\300\227\050\047\202
+\060\112\311\223\377\152\347\246\000\177\211\102\232\326\021\345
+\123\316\057\314\362\332\005\304\376\342\120\304\072\206\175\314
+\332\176\020\011\073\222\065\052\123\262\376\353\053\005\331\154
+\135\346\320\357\323\152\146\236\025\050\205\172\350\202\000\254
+\036\247\011\151\126\102\323\150\121\030\276\124\232\277\104\101
+\272\111\276\040\272\151\134\356\270\167\315\316\154\037\255\203
+\226\030\175\016\265\024\071\204\361\050\351\055\243\236\173\036
+\172\162\132\203\263\171\157\357\264\374\320\012\245\130\117\106
+\337\373\155\171\131\362\204\042\122\256\017\314\373\174\073\347
+\152\312\107\141\303\172\370\323\222\004\037\270\040\204\341\066
+\124\026\307\100\336\073\212\163\334\337\306\011\114\337\354\332
+\377\324\123\102\241\311\362\142\035\042\203\074\227\305\371\031
+\142\047\254\145\042\327\323\074\306\345\216\262\123\314\111\316
+\274\060\376\173\016\063\220\373\355\322\024\221\037\007\257
+END
+
+# Trust for Certificate "TWCA Root Certification Authority"
+# Issuer: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW
+# Serial Number: 1 (0x1)
+# Subject: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW
+# Not Valid Before: Thu Aug 28 07:24:33 2008
+# Not Valid After : Tue Dec 31 15:59:59 2030
+# Fingerprint (MD5): AA:08:8F:F6:F9:7B:B7:F2:B1:A7:1E:9B:EA:EA:BD:79
+# Fingerprint (SHA1): CF:9E:87:6D:D3:EB:FC:42:26:97:A3:B5:A3:7A:A0:76:A9:06:23:48
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TWCA Root Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\317\236\207\155\323\353\374\102\046\227\243\265\243\172\240\166
+\251\006\043\110
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\252\010\217\366\371\173\267\362\261\247\036\233\352\352\275\171
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\014\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\014\007\122\157
+\157\164\040\103\101\061\052\060\050\006\003\125\004\003\014\041
+\124\127\103\101\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrust DigiNotar Root CA"
+#
+# Issuer: E=info@diginotar.nl,CN=DigiNotar Root CA,O=DigiNotar,C=NL
+# Serial Number:0f:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff
+# Subject: E=info@diginotar.nl,CN=DigiNotar Root CA,O=DigiNotar,C=NL
+# Not Valid Before: Fri Jul 27 17:19:37 2007
+# Not Valid After : Mon Mar 31 18:19:22 2025
+# Fingerprint (MD5): 0A:A4:D5:CC:BA:B4:FB:A3:59:E3:E6:01:DD:53:D9:4E
+# Fingerprint (SHA1): C1:77:CB:4B:E0:B4:26:8E:F5:C7:CF:45:99:22:B9:B0:CE:BA:21:2F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\032\060\030\006\003\125\004\003\023\021\104\151
+\147\151\116\157\164\141\162\040\122\157\157\164\040\103\101\061
+\040\060\036\006\011\052\206\110\206\367\015\001\011\001\026\021
+\151\156\146\157\100\144\151\147\151\156\157\164\141\162\056\156
+\154
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\032\060\030\006\003\125\004\003\023\021\104\151
+\147\151\116\157\164\141\162\040\122\157\157\164\040\103\101\061
+\040\060\036\006\011\052\206\110\206\367\015\001\011\001\026\021
+\151\156\146\157\100\144\151\147\151\156\157\164\141\162\056\156
+\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\017\377\377\377\377\377\377\377\377\377\377\377\377\377
+\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\212\060\202\003\162\240\003\002\001\002\002\020\017
+\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
+\061\013\060\011\006\003\125\004\006\023\002\116\114\061\022\060
+\020\006\003\125\004\012\023\011\104\151\147\151\116\157\164\141
+\162\061\032\060\030\006\003\125\004\003\023\021\104\151\147\151
+\116\157\164\141\162\040\122\157\157\164\040\103\101\061\040\060
+\036\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156
+\146\157\100\144\151\147\151\156\157\164\141\162\056\156\154\060
+\036\027\015\060\067\060\067\062\067\061\067\061\071\063\067\132
+\027\015\062\065\060\063\063\061\061\070\061\071\062\062\132\060
+\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061\022
+\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157\164
+\141\162\061\032\060\030\006\003\125\004\003\023\021\104\151\147
+\151\116\157\164\141\162\040\122\157\157\164\040\103\101\061\040
+\060\036\006\011\052\206\110\206\367\015\001\011\001\026\021\151
+\156\146\157\100\144\151\147\151\156\157\164\141\162\056\156\154
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\254\260\130\301\000\275\330\041\010\013\053\232\376\156\126
+\060\005\237\033\167\220\020\101\134\303\015\207\021\167\216\201
+\361\312\174\351\214\152\355\070\164\065\273\332\337\371\273\300
+\011\067\264\226\163\201\175\063\032\230\071\367\223\157\225\177
+\075\271\261\165\207\272\121\110\350\213\160\076\225\004\305\330
+\266\303\026\331\210\260\261\207\035\160\332\206\264\017\024\213
+\172\317\020\321\164\066\242\022\173\167\206\112\171\346\173\337
+\002\021\150\245\116\206\256\064\130\233\044\023\170\126\042\045
+\036\001\213\113\121\161\373\202\314\131\226\151\210\132\150\123
+\305\271\015\002\067\313\113\274\146\112\220\176\052\013\005\007
+\355\026\137\125\220\165\330\106\311\033\203\342\010\276\361\043
+\314\231\035\326\052\017\203\040\025\130\047\202\056\372\342\042
+\302\111\261\271\001\201\152\235\155\235\100\167\150\166\116\041
+\052\155\204\100\205\116\166\231\174\202\363\363\267\002\131\324
+\046\001\033\216\337\255\123\006\321\256\030\335\342\262\072\313
+\327\210\070\216\254\133\051\271\031\323\230\371\030\003\317\110
+\202\206\146\013\033\151\017\311\353\070\210\172\046\032\005\114
+\222\327\044\324\226\362\254\122\055\243\107\325\122\366\077\376
+\316\204\006\160\246\252\076\242\362\266\126\064\030\127\242\344
+\201\155\347\312\360\152\323\307\221\153\002\203\101\174\025\357
+\153\232\144\136\343\320\074\345\261\353\173\135\206\373\313\346
+\167\111\315\243\145\334\367\271\234\270\344\013\137\223\317\314
+\060\032\062\034\316\034\143\225\245\371\352\341\164\213\236\351
+\053\251\060\173\240\030\037\016\030\013\345\133\251\323\321\154
+\036\007\147\217\221\113\251\212\274\322\146\252\223\001\210\262
+\221\372\061\134\325\246\301\122\010\011\315\012\143\242\323\042
+\246\350\241\331\071\006\227\365\156\215\002\220\214\024\173\077
+\200\315\033\234\272\304\130\162\043\257\266\126\237\306\172\102
+\063\051\007\077\202\311\346\037\005\015\315\114\050\066\213\323
+\310\076\034\306\210\357\136\356\211\144\351\035\353\332\211\176
+\062\246\151\321\335\314\210\237\321\320\311\146\041\334\006\147
+\305\224\172\232\155\142\114\175\314\340\144\200\262\236\107\216
+\243\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125
+\035\016\004\026\004\024\210\150\277\340\216\065\304\073\070\153
+\142\367\050\073\204\201\310\014\327\115\060\015\006\011\052\206
+\110\206\367\015\001\001\005\005\000\003\202\002\001\000\073\002
+\215\313\074\060\350\156\240\255\362\163\263\137\236\045\023\004
+\005\323\366\343\213\273\013\171\316\123\336\344\226\305\321\257
+\163\274\325\303\320\100\125\174\100\177\315\033\137\011\325\362
+\174\237\150\035\273\135\316\172\071\302\214\326\230\173\305\203
+\125\250\325\175\100\312\340\036\367\211\136\143\135\241\023\302
+\135\212\266\212\174\000\363\043\303\355\205\137\161\166\360\150
+\143\252\105\041\071\110\141\170\066\334\361\103\223\324\045\307
+\362\200\145\341\123\002\165\121\374\172\072\357\067\253\204\050
+\127\014\330\324\324\231\126\154\343\242\376\131\204\264\061\350
+\063\370\144\224\224\121\227\253\071\305\113\355\332\335\200\013
+\157\174\051\015\304\216\212\162\015\347\123\024\262\140\101\075
+\204\221\061\150\075\047\104\333\345\336\364\372\143\105\310\114
+\076\230\365\077\101\272\116\313\067\015\272\146\230\361\335\313
+\237\134\367\124\066\202\153\054\274\023\141\227\102\370\170\273
+\314\310\242\237\312\360\150\275\153\035\262\337\215\157\007\235
+\332\216\147\307\107\036\312\271\277\052\102\221\267\143\123\146
+\361\102\243\341\364\132\115\130\153\265\344\244\063\255\134\160
+\035\334\340\362\353\163\024\221\232\003\301\352\000\145\274\007
+\374\317\022\021\042\054\256\240\275\072\340\242\052\330\131\351
+\051\323\030\065\244\254\021\137\031\265\265\033\377\042\112\134
+\306\172\344\027\357\040\251\247\364\077\255\212\247\232\004\045
+\235\016\312\067\346\120\375\214\102\051\004\232\354\271\317\113
+\162\275\342\010\066\257\043\057\142\345\312\001\323\160\333\174
+\202\043\054\026\061\014\306\066\007\220\172\261\037\147\130\304
+\073\130\131\211\260\214\214\120\263\330\206\313\150\243\304\012
+\347\151\113\040\316\301\036\126\113\225\251\043\150\330\060\330
+\303\353\260\125\121\315\345\375\053\270\365\273\021\237\123\124
+\366\064\031\214\171\011\066\312\141\027\045\027\013\202\230\163
+\014\167\164\303\325\015\307\250\022\114\307\247\124\161\107\056
+\054\032\175\311\343\053\073\110\336\047\204\247\143\066\263\175
+\217\240\144\071\044\015\075\173\207\257\146\134\164\033\113\163
+\262\345\214\360\206\231\270\345\305\337\204\301\267\353
+END
+
+# Trust for Certificate "Explicitly Distrust DigiNotar Root CA"
+# Issuer: E=info@diginotar.nl,CN=DigiNotar Root CA,O=DigiNotar,C=NL
+# Serial Number:0f:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff
+# Subject: E=info@diginotar.nl,CN=DigiNotar Root CA,O=DigiNotar,C=NL
+# Not Valid Before: Fri Jul 27 17:19:37 2007
+# Not Valid After : Mon Mar 31 18:19:22 2025
+# Fingerprint (MD5): 0A:A4:D5:CC:BA:B4:FB:A3:59:E3:E6:01:DD:53:D9:4E
+# Fingerprint (SHA1): C1:77:CB:4B:E0:B4:26:8E:F5:C7:CF:45:99:22:B9:B0:CE:BA:21:2F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\301\167\313\113\340\264\046\216\365\307\317\105\231\042\271\260
+\316\272\041\057
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\012\244\325\314\272\264\373\243\131\343\346\001\335\123\331\116
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\032\060\030\006\003\125\004\003\023\021\104\151
+\147\151\116\157\164\141\162\040\122\157\157\164\040\103\101\061
+\040\060\036\006\011\052\206\110\206\367\015\001\011\001\026\021
+\151\156\146\157\100\144\151\147\151\156\157\164\141\162\056\156
+\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\017\377\377\377\377\377\377\377\377\377\377\377\377\377
+\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrust DigiNotar Services 1024 CA"
+#
+# Issuer: E=info@diginotar.nl,CN=DigiNotar Services 1024 CA,O=DigiNotar,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: E=info@diginotar.nl,CN=DigiNotar Services 1024 CA,O=DigiNotar,C=NL
+# Not Valid Before: Thu Jul 26 15:59:01 2007
+# Not Valid After : Mon Aug 26 16:29:01 2013
+# Fingerprint (MD5): 2F:16:68:97:4C:68:4F:CE:52:8A:EC:53:8F:93:49:F8
+# Fingerprint (SHA1): 12:3B:EA:CA:66:67:77:61:E0:EB:68:F2:FE:ED:A2:0F:20:05:55:70
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Services 1024 CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\150\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\043\060\041\006\003\125\004\003\023\032\104\151
+\147\151\116\157\164\141\162\040\123\145\162\166\151\143\145\163
+\040\061\060\062\064\040\103\101\061\040\060\036\006\011\052\206
+\110\206\367\015\001\011\001\026\021\151\156\146\157\100\144\151
+\147\151\156\157\164\141\162\056\156\154
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\150\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\043\060\041\006\003\125\004\003\023\032\104\151
+\147\151\116\157\164\141\162\040\123\145\162\166\151\143\145\163
+\040\061\060\062\064\040\103\101\061\040\060\036\006\011\052\206
+\110\206\367\015\001\011\001\026\021\151\156\146\157\100\144\151
+\147\151\156\157\164\141\162\056\156\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\161\060\202\002\332\240\003\002\001\002\002\004\017
+\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\150\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\022\060\020\006\003\125\004\012\023\011\104\151\147\151
+\116\157\164\141\162\061\043\060\041\006\003\125\004\003\023\032
+\104\151\147\151\116\157\164\141\162\040\123\145\162\166\151\143
+\145\163\040\061\060\062\064\040\103\101\061\040\060\036\006\011
+\052\206\110\206\367\015\001\011\001\026\021\151\156\146\157\100
+\144\151\147\151\156\157\164\141\162\056\156\154\060\036\027\015
+\060\067\060\067\062\066\061\065\065\071\060\061\132\027\015\061
+\063\060\070\062\066\061\066\062\071\060\061\132\060\150\061\013
+\060\011\006\003\125\004\006\023\002\116\114\061\022\060\020\006
+\003\125\004\012\023\011\104\151\147\151\116\157\164\141\162\061
+\043\060\041\006\003\125\004\003\023\032\104\151\147\151\116\157
+\164\141\162\040\123\145\162\166\151\143\145\163\040\061\060\062
+\064\040\103\101\061\040\060\036\006\011\052\206\110\206\367\015
+\001\011\001\026\021\151\156\146\157\100\144\151\147\151\156\157
+\164\141\162\056\156\154\060\201\237\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
+\201\201\000\332\233\115\135\074\371\321\342\213\306\306\010\040
+\305\331\036\110\354\146\130\147\171\142\053\101\143\364\211\215
+\150\332\257\270\224\066\213\031\044\244\240\223\322\231\017\262
+\255\055\065\115\315\057\152\341\371\233\031\053\274\004\032\176
+\055\075\122\144\315\361\076\147\017\211\056\350\362\117\256\246
+\010\241\205\376\241\251\011\346\306\253\076\103\374\257\172\003
+\221\332\246\071\246\141\356\230\117\030\250\323\263\257\146\202
+\351\237\274\335\162\371\006\004\275\022\331\030\044\347\253\223
+\123\213\131\002\003\001\000\001\243\202\001\046\060\202\001\042
+\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001
+\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006
+\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005
+\007\003\002\006\010\053\006\001\005\005\007\003\004\060\021\006
+\003\125\035\040\004\012\060\010\060\006\006\004\125\035\040\000
+\060\063\006\010\053\006\001\005\005\007\001\001\004\047\060\045
+\060\043\006\010\053\006\001\005\005\007\060\001\206\027\150\164
+\164\160\072\057\057\157\143\163\160\056\145\156\164\162\165\163
+\164\056\156\145\164\060\063\006\003\125\035\037\004\054\060\052
+\060\050\240\046\240\044\206\042\150\164\164\160\072\057\057\143
+\162\154\056\145\156\164\162\165\163\164\056\156\145\164\057\163
+\145\162\166\145\162\061\056\143\162\154\060\035\006\003\125\035
+\016\004\026\004\024\376\334\224\111\014\157\357\134\177\306\361
+\022\231\117\026\111\255\373\202\145\060\013\006\003\125\035\017
+\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060
+\026\200\024\360\027\142\023\125\075\263\377\012\000\153\373\120
+\204\227\363\355\142\320\032\060\031\006\011\052\206\110\206\366
+\175\007\101\000\004\014\060\012\033\004\126\067\056\061\003\002
+\000\201\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\201\201\000\143\164\152\067\251\077\226\234\146\310\130
+\254\011\311\357\365\145\224\177\243\002\304\070\061\275\135\043
+\207\354\324\126\262\311\262\156\344\005\006\374\354\365\372\210
+\160\131\324\356\346\335\265\172\240\243\140\057\002\014\253\336
+\022\135\257\360\065\113\252\212\107\221\032\365\205\054\102\307
+\035\357\225\103\263\136\270\225\223\245\332\305\050\252\255\162
+\055\061\255\231\153\154\377\214\041\047\257\255\232\221\053\307
+\335\130\303\156\007\305\237\171\322\307\214\125\277\114\307\047
+\136\121\026\053\076
+END
+
+# Trust for Certificate "Explicitly Distrust DigiNotar Services 1024 CA"
+# Issuer: E=info@diginotar.nl,CN=DigiNotar Services 1024 CA,O=DigiNotar,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: E=info@diginotar.nl,CN=DigiNotar Services 1024 CA,O=DigiNotar,C=NL
+# Not Valid Before: Thu Jul 26 15:59:01 2007
+# Not Valid After : Mon Aug 26 16:29:01 2013
+# Fingerprint (MD5): 2F:16:68:97:4C:68:4F:CE:52:8A:EC:53:8F:93:49:F8
+# Fingerprint (SHA1): 12:3B:EA:CA:66:67:77:61:E0:EB:68:F2:FE:ED:A2:0F:20:05:55:70
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Services 1024 CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\022\073\352\312\146\147\167\141\340\353\150\362\376\355\242\017
+\040\005\125\160
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\057\026\150\227\114\150\117\316\122\212\354\123\217\223\111\370
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\150\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\043\060\041\006\003\125\004\003\023\032\104\151
+\147\151\116\157\164\141\162\040\123\145\162\166\151\143\145\163
+\040\061\060\062\064\040\103\101\061\040\060\036\006\011\052\206
+\110\206\367\015\001\011\001\026\021\151\156\146\157\100\144\151
+\147\151\156\157\164\141\162\056\156\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrust DigiNotar Cyber CA"
+#
+# Issuer: E=info@diginotar.nl,CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: E=info@diginotar.nl,CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Not Valid Before: Wed Oct 04 10:54:12 2006
+# Not Valid After : Tue Oct 04 10:53:12 2011
+# Fingerprint (MD5): BC:BD:89:12:B4:FF:E5:F9:26:47:C8:60:36:5B:D9:54
+# Fingerprint (SHA1): A5:8E:A0:EC:F6:44:56:35:19:1D:68:5B:C7:A0:E4:1C:B0:4D:79:2E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Cyber CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\140\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\033\060\031\006\003\125\004\003\023\022\104\151
+\147\151\116\157\164\141\162\040\103\171\142\145\162\040\103\101
+\061\040\060\036\006\011\052\206\110\206\367\015\001\011\001\026
+\021\151\156\146\157\100\144\151\147\151\156\157\164\141\162\056
+\156\154
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\140\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\033\060\031\006\003\125\004\003\023\022\104\151
+\147\151\116\157\164\141\162\040\103\171\142\145\162\040\103\101
+\061\040\060\036\006\011\052\206\110\206\367\015\001\011\001\026
+\021\151\156\146\157\100\144\151\147\151\156\157\164\141\162\056
+\156\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\105\060\202\004\256\240\003\002\001\002\002\004\017
+\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\140\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\022\060\020\006\003\125\004\012\023\011\104\151\147\151
+\116\157\164\141\162\061\033\060\031\006\003\125\004\003\023\022
+\104\151\147\151\116\157\164\141\162\040\103\171\142\145\162\040
+\103\101\061\040\060\036\006\011\052\206\110\206\367\015\001\011
+\001\026\021\151\156\146\157\100\144\151\147\151\156\157\164\141
+\162\056\156\154\060\036\027\015\060\066\061\060\060\064\061\060
+\065\064\061\062\132\027\015\061\061\061\060\060\064\061\060\065
+\063\061\062\132\060\140\061\013\060\011\006\003\125\004\006\023
+\002\116\114\061\022\060\020\006\003\125\004\012\023\011\104\151
+\147\151\116\157\164\141\162\061\033\060\031\006\003\125\004\003
+\023\022\104\151\147\151\116\157\164\141\162\040\103\171\142\145
+\162\040\103\101\061\040\060\036\006\011\052\206\110\206\367\015
+\001\011\001\026\021\151\156\146\157\100\144\151\147\151\156\157
+\164\141\162\056\156\154\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\322\316\025\012\055\250\136\204\147
+\255\375\276\357\106\307\310\271\317\163\374\364\064\271\371\054
+\103\347\140\023\075\172\343\262\317\073\147\154\220\255\300\271
+\077\204\122\360\065\102\334\164\334\050\073\275\122\264\247\254
+\162\105\027\306\360\211\353\264\252\045\362\135\113\136\321\331
+\207\272\326\175\174\365\316\062\237\020\063\305\261\112\273\136
+\221\061\302\320\351\101\302\221\144\176\011\101\073\333\213\010
+\067\152\252\312\122\336\265\071\036\300\210\003\245\077\213\231
+\023\141\103\265\233\202\263\356\040\157\317\241\104\242\352\057
+\153\100\237\217\053\127\255\241\123\302\205\042\151\235\240\077
+\121\337\013\101\221\015\245\341\250\252\134\111\010\135\275\336
+\160\101\261\017\311\143\153\323\177\064\164\002\057\064\132\170
+\165\034\150\172\201\147\212\363\332\100\360\140\143\364\222\040
+\327\003\246\075\243\036\147\304\204\033\101\245\311\214\346\275
+\352\110\266\005\026\010\263\067\022\132\367\141\074\367\070\157
+\056\227\340\157\126\070\124\323\050\265\255\024\156\056\113\144
+\265\047\145\267\165\045\011\266\007\075\225\126\002\012\202\140
+\262\163\105\340\063\046\121\164\232\271\324\120\034\366\115\133
+\133\122\122\023\132\246\177\247\016\341\350\101\124\147\230\214
+\207\325\311\323\154\313\323\124\222\006\011\064\101\367\201\157
+\077\236\311\174\165\125\260\347\301\263\167\350\303\304\000\065
+\225\100\160\020\112\005\336\045\273\237\131\245\144\274\107\140
+\277\140\343\166\213\023\125\335\341\164\172\271\317\044\246\152
+\177\336\144\042\104\130\150\202\152\020\371\075\345\076\033\271
+\275\374\042\364\140\004\211\273\125\155\050\125\372\336\216\215
+\033\041\024\327\067\213\064\173\115\366\262\262\020\317\063\261
+\175\034\142\231\110\313\053\154\166\226\125\277\031\015\035\037
+\273\145\252\033\216\231\265\306\050\220\345\202\055\170\120\040
+\232\375\171\057\044\177\360\211\051\151\364\175\315\163\276\263
+\355\116\301\321\355\122\136\217\367\270\327\215\207\255\262\331
+\033\121\022\377\126\263\341\257\064\175\134\244\170\210\020\236
+\235\003\306\245\252\242\044\121\367\111\024\305\261\356\131\103
+\225\337\253\150\050\060\077\002\003\001\000\001\243\202\001\206
+\060\202\001\202\060\022\006\003\125\035\023\001\001\377\004\010
+\060\006\001\001\377\002\001\001\060\123\006\003\125\035\040\004
+\114\060\112\060\110\006\011\053\006\001\004\001\261\076\001\000
+\060\073\060\071\006\010\053\006\001\005\005\007\002\001\026\055
+\150\164\164\160\072\057\057\167\167\167\056\160\165\142\154\151
+\143\055\164\162\165\163\164\056\143\157\155\057\103\120\123\057
+\117\155\156\151\122\157\157\164\056\150\164\155\154\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\240
+\006\003\125\035\043\004\201\230\060\201\225\200\024\246\014\035
+\237\141\377\007\027\265\277\070\106\333\103\060\325\216\260\122
+\006\241\171\244\167\060\165\061\013\060\011\006\003\125\004\006
+\023\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107
+\124\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047
+\060\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142
+\145\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156
+\163\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003
+\023\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164
+\040\107\154\157\142\141\154\040\122\157\157\164\202\002\001\245
+\060\105\006\003\125\035\037\004\076\060\074\060\072\240\070\240
+\066\206\064\150\164\164\160\072\057\057\167\167\167\056\160\165
+\142\154\151\143\055\164\162\165\163\164\056\143\157\155\057\143
+\147\151\055\142\151\156\057\103\122\114\057\062\060\061\070\057
+\143\144\160\056\143\162\154\060\035\006\003\125\035\016\004\026
+\004\024\253\371\150\337\317\112\067\327\173\105\214\137\162\336
+\100\104\303\145\273\302\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\201\201\000\217\150\153\245\133\007\272
+\104\146\016\034\250\134\060\173\063\344\012\046\004\374\357\236
+\032\070\326\056\241\037\320\231\107\302\165\144\044\375\236\073
+\050\166\271\046\050\141\221\014\155\054\370\004\237\174\120\001
+\325\343\151\257\357\025\322\105\233\044\011\052\146\005\117\045
+\201\312\135\276\252\301\131\047\256\063\216\202\367\337\164\260
+\125\263\216\370\347\067\310\156\252\126\104\366\275\123\201\043
+\226\075\264\372\062\212\123\146\104\045\242\045\306\246\074\045
+\214\360\340\050\006\042\267\046\101
+END
+
+# Trust for Certificate "Explicitly Distrust DigiNotar Cyber CA"
+# Issuer: E=info@diginotar.nl,CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: E=info@diginotar.nl,CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Not Valid Before: Wed Oct 04 10:54:12 2006
+# Not Valid After : Tue Oct 04 10:53:12 2011
+# Fingerprint (MD5): BC:BD:89:12:B4:FF:E5:F9:26:47:C8:60:36:5B:D9:54
+# Fingerprint (SHA1): A5:8E:A0:EC:F6:44:56:35:19:1D:68:5B:C7:A0:E4:1C:B0:4D:79:2E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Cyber CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\245\216\240\354\366\104\126\065\031\035\150\133\307\240\344\034
+\260\115\171\056
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\274\275\211\022\264\377\345\371\046\107\310\140\066\133\331\124
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\140\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\033\060\031\006\003\125\004\003\023\022\104\151
+\147\151\116\157\164\141\162\040\103\171\142\145\162\040\103\101
+\061\040\060\036\006\011\052\206\110\206\367\015\001\011\001\026
+\021\151\156\146\157\100\144\151\147\151\156\157\164\141\162\056
+\156\154
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrust DigiNotar Cyber CA 2nd"
+#
+# Issuer: CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Not Valid Before: Wed Sep 27 10:53:53 2006
+# Not Valid After : Fri Sep 20 09:44:07 2013
+# Fingerprint (MD5): F0:AE:A9:3D:F2:2C:88:DC:7C:85:1B:96:7D:5A:1C:11
+# Fingerprint (SHA1): 88:1E:45:05:0F:98:D9:59:FB:0A:35:F9:4C:0E:28:97:55:16:29:B3
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Cyber CA 2nd"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\033\060\031\006\003\125\004\003\023\022\104\151
+\147\151\116\157\164\141\162\040\103\171\142\145\162\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\033\060\031\006\003\125\004\003\023\022\104\151
+\147\151\116\157\164\141\162\040\103\171\142\145\162\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\001\060\202\004\152\240\003\002\001\002\002\004\017
+\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\076\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\022\060\020\006\003\125\004\012\023\011\104\151\147\151
+\116\157\164\141\162\061\033\060\031\006\003\125\004\003\023\022
+\104\151\147\151\116\157\164\141\162\040\103\171\142\145\162\040
+\103\101\060\036\027\015\060\066\060\071\062\067\061\060\065\063
+\065\063\132\027\015\061\063\060\071\062\060\060\071\064\064\060
+\067\132\060\076\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\022\060\020\006\003\125\004\012\023\011\104\151\147\151
+\116\157\164\141\162\061\033\060\031\006\003\125\004\003\023\022
+\104\151\147\151\116\157\164\141\162\040\103\171\142\145\162\040
+\103\101\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\322\316\025\012\055\250\136\204\147\255\375\276\357
+\106\307\310\271\317\163\374\364\064\271\371\054\103\347\140\023
+\075\172\343\262\317\073\147\154\220\255\300\271\077\204\122\360
+\065\102\334\164\334\050\073\275\122\264\247\254\162\105\027\306
+\360\211\353\264\252\045\362\135\113\136\321\331\207\272\326\175
+\174\365\316\062\237\020\063\305\261\112\273\136\221\061\302\320
+\351\101\302\221\144\176\011\101\073\333\213\010\067\152\252\312
+\122\336\265\071\036\300\210\003\245\077\213\231\023\141\103\265
+\233\202\263\356\040\157\317\241\104\242\352\057\153\100\237\217
+\053\127\255\241\123\302\205\042\151\235\240\077\121\337\013\101
+\221\015\245\341\250\252\134\111\010\135\275\336\160\101\261\017
+\311\143\153\323\177\064\164\002\057\064\132\170\165\034\150\172
+\201\147\212\363\332\100\360\140\143\364\222\040\327\003\246\075
+\243\036\147\304\204\033\101\245\311\214\346\275\352\110\266\005
+\026\010\263\067\022\132\367\141\074\367\070\157\056\227\340\157
+\126\070\124\323\050\265\255\024\156\056\113\144\265\047\145\267
+\165\045\011\266\007\075\225\126\002\012\202\140\262\163\105\340
+\063\046\121\164\232\271\324\120\034\366\115\133\133\122\122\023
+\132\246\177\247\016\341\350\101\124\147\230\214\207\325\311\323
+\154\313\323\124\222\006\011\064\101\367\201\157\077\236\311\174
+\165\125\260\347\301\263\167\350\303\304\000\065\225\100\160\020
+\112\005\336\045\273\237\131\245\144\274\107\140\277\140\343\166
+\213\023\125\335\341\164\172\271\317\044\246\152\177\336\144\042
+\104\130\150\202\152\020\371\075\345\076\033\271\275\374\042\364
+\140\004\211\273\125\155\050\125\372\336\216\215\033\041\024\327
+\067\213\064\173\115\366\262\262\020\317\063\261\175\034\142\231
+\110\313\053\154\166\226\125\277\031\015\035\037\273\145\252\033
+\216\231\265\306\050\220\345\202\055\170\120\040\232\375\171\057
+\044\177\360\211\051\151\364\175\315\163\276\263\355\116\301\321
+\355\122\136\217\367\270\327\215\207\255\262\331\033\121\022\377
+\126\263\341\257\064\175\134\244\170\210\020\236\235\003\306\245
+\252\242\044\121\367\111\024\305\261\356\131\103\225\337\253\150
+\050\060\077\002\003\001\000\001\243\202\001\206\060\202\001\202
+\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001
+\377\002\001\001\060\123\006\003\125\035\040\004\114\060\112\060
+\110\006\011\053\006\001\004\001\261\076\001\000\060\073\060\071
+\006\010\053\006\001\005\005\007\002\001\026\055\150\164\164\160
+\072\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162
+\165\163\164\056\143\157\155\057\103\120\123\057\117\155\156\151
+\122\157\157\164\056\150\164\155\154\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\201\240\006\003\125\035
+\043\004\201\230\060\201\225\200\024\246\014\035\237\141\377\007
+\027\265\277\070\106\333\103\060\325\216\260\122\006\241\171\244
+\167\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103
+\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003
+\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162
+\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111
+\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124
+\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157
+\142\141\154\040\122\157\157\164\202\002\001\245\060\105\006\003
+\125\035\037\004\076\060\074\060\072\240\070\240\066\206\064\150
+\164\164\160\072\057\057\167\167\167\056\160\165\142\154\151\143
+\055\164\162\165\163\164\056\143\157\155\057\143\147\151\055\142
+\151\156\057\103\122\114\057\062\060\061\070\057\143\144\160\056
+\143\162\154\060\035\006\003\125\035\016\004\026\004\024\253\371
+\150\337\317\112\067\327\173\105\214\137\162\336\100\104\303\145
+\273\302\060\015\006\011\052\206\110\206\367\015\001\001\005\005
+\000\003\201\201\000\011\312\142\017\215\273\112\340\324\172\065
+\053\006\055\321\050\141\266\254\001\373\203\111\274\256\324\057
+\055\206\256\031\203\245\326\035\023\342\027\276\376\062\164\351
+\172\024\070\312\224\136\367\051\001\151\161\033\221\032\375\243
+\273\252\035\312\173\342\026\375\241\243\016\363\014\137\262\341
+\040\061\224\053\136\222\166\355\372\351\265\043\246\277\012\073
+\003\251\157\122\140\124\315\137\351\267\057\174\242\047\375\101
+\203\165\266\015\373\170\046\363\261\105\351\062\225\052\032\065
+\041\225\305\242\165
+END
+
+# Trust for Certificate "Explicitly Distrust DigiNotar Cyber CA 2nd"
+# Issuer: CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar Cyber CA,O=DigiNotar,C=NL
+# Not Valid Before: Wed Sep 27 10:53:53 2006
+# Not Valid After : Fri Sep 20 09:44:07 2013
+# Fingerprint (MD5): F0:AE:A9:3D:F2:2C:88:DC:7C:85:1B:96:7D:5A:1C:11
+# Fingerprint (SHA1): 88:1E:45:05:0F:98:D9:59:FB:0A:35:F9:4C:0E:28:97:55:16:29:B3
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrust DigiNotar Cyber CA 2nd"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\210\036\105\005\017\230\331\131\373\012\065\371\114\016\050\227
+\125\026\051\263
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\360\256\251\075\362\054\210\334\174\205\033\226\175\132\034\021
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\022\060\020\006\003\125\004\012\023\011\104\151\147\151\116\157
+\164\141\162\061\033\060\031\006\003\125\004\003\023\022\104\151
+\147\151\116\157\164\141\162\040\103\171\142\145\162\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted DigiNotar PKIoverheid"
+#
+# Issuer: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,O=DigiNotar B.V.,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,O=DigiNotar B.V.,C=NL
+# Not Valid Before: Thu Jul 05 08:42:08 2007
+# Not Valid After : Mon Jul 27 08:39:47 2015
+# Fingerprint (MD5): A3:CF:B3:FF:F9:4F:A7:B1:EB:3A:75:58:4E:2E:9F:EA
+# Fingerprint (SHA1): A7:A8:C9:AC:F4:5F:90:92:76:86:B8:C0:A2:0E:93:58:7D:DE:30:E4
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\023\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\067\060\065\006\003\125\004
+\003\023\056\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\166\145\162
+\150\145\151\144\040\145\156\040\102\145\144\162\151\152\166\145
+\156
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\023\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\067\060\065\006\003\125\004
+\003\023\056\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\166\145\162
+\150\145\151\144\040\145\156\040\102\145\144\162\151\152\166\145
+\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\216\060\202\003\166\240\003\002\001\002\002\004\017
+\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\137\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\027\060\025\006\003\125\004\012\023\016\104\151\147\151
+\116\157\164\141\162\040\102\056\126\056\061\067\060\065\006\003
+\125\004\003\023\056\104\151\147\151\116\157\164\141\162\040\120
+\113\111\157\166\145\162\150\145\151\144\040\103\101\040\117\166
+\145\162\150\145\151\144\040\145\156\040\102\145\144\162\151\152
+\166\145\156\060\036\027\015\060\067\060\067\060\065\060\070\064
+\062\060\070\132\027\015\061\065\060\067\062\067\060\070\063\071
+\064\067\132\060\137\061\013\060\011\006\003\125\004\006\023\002
+\116\114\061\027\060\025\006\003\125\004\012\023\016\104\151\147
+\151\116\157\164\141\162\040\102\056\126\056\061\067\060\065\006
+\003\125\004\003\023\056\104\151\147\151\116\157\164\141\162\040
+\120\113\111\157\166\145\162\150\145\151\144\040\103\101\040\117
+\166\145\162\150\145\151\144\040\145\156\040\102\145\144\162\151
+\152\166\145\156\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\334\275\322\247\116\152\012\273\073\242\205
+\341\177\000\255\276\264\060\150\230\007\315\240\172\304\224\317
+\161\371\212\067\344\123\353\127\166\314\213\346\154\376\356\207
+\125\310\076\273\004\071\000\247\200\170\254\133\117\176\364\275
+\270\124\270\161\073\007\061\111\071\223\124\174\040\073\171\053
+\217\273\141\220\175\261\254\346\037\220\056\235\105\001\251\144
+\055\115\303\057\271\347\120\325\116\052\134\253\166\166\067\106
+\327\171\354\102\231\367\242\354\244\211\160\334\070\053\207\246
+\252\044\346\235\222\044\033\276\366\375\324\057\031\027\172\346
+\062\007\224\124\005\123\103\351\154\274\257\107\313\274\313\375
+\275\073\104\022\201\361\153\113\273\355\264\317\253\045\117\030
+\322\314\002\374\243\117\265\102\063\313\131\315\011\334\323\120
+\375\240\166\214\254\176\146\212\102\366\255\034\222\363\266\373
+\024\106\353\115\327\057\060\340\155\356\133\066\276\104\164\267
+\040\005\127\205\115\350\000\031\242\366\014\346\256\241\300\102
+\337\247\254\202\135\307\150\267\030\346\211\113\232\153\372\316
+\171\371\363\054\247\002\003\001\000\001\243\202\001\120\060\202
+\001\114\060\110\006\003\125\035\040\004\101\060\077\060\075\006
+\004\125\035\040\000\060\065\060\063\006\010\053\006\001\005\005
+\007\002\001\026\047\150\164\164\160\072\057\057\167\167\167\056
+\144\151\147\151\156\157\164\141\162\056\156\154\057\143\160\163
+\057\160\153\151\157\166\145\162\150\145\151\144\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\200
+\006\003\125\035\043\004\171\060\167\200\024\013\206\326\017\167
+\243\150\261\373\144\011\303\210\156\134\004\034\127\351\075\241
+\131\244\127\060\125\061\013\060\011\006\003\125\004\006\023\002
+\116\114\061\036\060\034\006\003\125\004\012\023\025\123\164\141
+\141\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144
+\145\156\061\046\060\044\006\003\125\004\003\023\035\123\164\141
+\141\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144
+\145\156\040\122\157\157\164\040\103\101\202\004\000\230\232\171
+\060\075\006\003\125\035\037\004\066\060\064\060\062\240\060\240
+\056\206\054\150\164\164\160\072\057\057\143\162\154\056\160\153
+\151\157\166\145\162\150\145\151\144\056\156\154\057\104\157\155
+\117\166\114\141\164\145\163\164\103\122\114\056\143\162\154\060
+\035\006\003\125\035\016\004\026\004\024\114\010\311\215\166\361
+\230\307\076\337\074\327\057\165\015\261\166\171\227\314\060\015
+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001
+\001\000\014\224\207\032\277\115\343\205\342\356\327\330\143\171
+\016\120\337\306\204\133\322\273\331\365\061\012\032\065\227\164
+\337\024\372\052\017\076\355\240\343\010\366\325\116\133\257\246
+\256\045\342\105\153\042\017\267\124\050\176\222\336\215\024\154
+\321\034\345\156\164\004\234\267\357\064\104\105\337\311\203\035
+\031\037\300\051\151\337\211\325\077\302\260\123\155\345\116\027
+\344\163\141\043\023\046\161\103\375\114\131\313\303\337\042\252
+\041\053\331\277\225\021\032\212\244\342\253\247\135\113\157\051
+\365\122\321\344\322\025\261\213\376\360\003\317\247\175\351\231
+\207\070\263\015\163\024\344\162\054\341\316\365\255\006\110\144
+\372\323\051\271\242\330\273\364\325\013\245\100\104\103\216\240
+\277\316\132\245\122\114\144\323\027\061\141\314\350\244\212\350
+\344\210\373\351\345\057\006\063\063\233\224\146\146\261\253\120
+\072\241\011\201\164\123\132\047\271\246\322\045\317\323\303\247
+\377\226\320\057\352\340\036\215\122\351\030\034\040\012\107\240
+\226\126\016\100\220\121\104\254\032\375\361\356\205\037\367\102
+\132\145
+END
+
+# Trust for Certificate "Explicitly Distrusted DigiNotar PKIoverheid"
+# Issuer: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,O=DigiNotar B.V.,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,O=DigiNotar B.V.,C=NL
+# Not Valid Before: Thu Jul 05 08:42:08 2007
+# Not Valid After : Mon Jul 27 08:39:47 2015
+# Fingerprint (MD5): A3:CF:B3:FF:F9:4F:A7:B1:EB:3A:75:58:4E:2E:9F:EA
+# Fingerprint (SHA1): A7:A8:C9:AC:F4:5F:90:92:76:86:B8:C0:A2:0E:93:58:7D:DE:30:E4
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\247\250\311\254\364\137\220\222\166\206\270\300\242\016\223\130
+\175\336\060\344
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\243\317\263\377\371\117\247\261\353\072\165\130\116\056\237\352
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\137\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\023\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\067\060\065\006\003\125\004
+\003\023\056\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\166\145\162
+\150\145\151\144\040\145\156\040\102\145\144\162\151\152\166\145
+\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
+#
+# Issuer: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Not Valid Before: Wed May 12 08:51:39 2010
+# Not Valid After : Mon Mar 23 09:50:05 2020
+# Fingerprint (MD5): 2E:61:A2:D1:78:CE:EE:BF:59:33:B0:23:14:0F:94:1C
+# Fingerprint (SHA1): D5:F2:57:A9:BF:2D:D0:3F:8B:46:57:F9:2B:C9:A4:C6:92:E1:42:42
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
+\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
+\156\151\163\141\164\151\145\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
+\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
+\156\151\163\141\164\151\145\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\225\060\202\004\175\240\003\002\001\002\002\004\017
+\377\377\377\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\027\060\025\006\003\125\004\012\014\016\104\151\147\151
+\116\157\164\141\162\040\102\056\126\056\061\062\060\060\006\003
+\125\004\003\014\051\104\151\147\151\116\157\164\141\162\040\120
+\113\111\157\166\145\162\150\145\151\144\040\103\101\040\117\162
+\147\141\156\151\163\141\164\151\145\040\055\040\107\062\060\036
+\027\015\061\060\060\065\061\062\060\070\065\061\063\071\132\027
+\015\062\060\060\063\062\063\060\071\065\060\060\065\132\060\132
+\061\013\060\011\006\003\125\004\006\023\002\116\114\061\027\060
+\025\006\003\125\004\012\014\016\104\151\147\151\116\157\164\141
+\162\040\102\056\126\056\061\062\060\060\006\003\125\004\003\014
+\051\104\151\147\151\116\157\164\141\162\040\120\113\111\157\166
+\145\162\150\145\151\144\040\103\101\040\117\162\147\141\156\151
+\163\141\164\151\145\040\055\040\107\062\060\202\002\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
+\017\000\060\202\002\012\002\202\002\001\000\261\023\031\017\047
+\346\154\324\125\206\113\320\354\211\212\105\221\170\254\107\275
+\107\053\344\374\105\353\117\264\046\163\133\067\323\303\177\366
+\343\336\327\243\370\055\150\305\010\076\113\224\326\344\207\045
+\066\153\204\265\030\164\363\050\130\163\057\233\152\317\274\004
+\036\366\336\335\257\374\113\252\365\333\146\142\045\001\045\202
+\336\362\227\132\020\156\335\135\251\042\261\004\251\043\163\072
+\370\161\255\035\317\204\104\353\107\321\257\155\310\174\050\253
+\307\362\067\172\164\137\137\305\002\024\212\243\132\343\033\154
+\001\343\135\216\331\150\326\364\011\033\062\334\221\265\054\365
+\040\353\214\003\155\046\111\270\223\304\205\135\330\322\233\257
+\126\152\314\005\063\314\240\102\236\064\125\104\234\153\240\324
+\022\320\053\124\315\267\211\015\345\366\353\350\373\205\001\063
+\117\172\153\361\235\162\063\226\016\367\262\204\245\245\047\304
+\047\361\121\163\051\167\272\147\156\376\114\334\264\342\241\241
+\201\057\071\111\215\103\070\023\316\320\245\134\302\207\072\000
+\147\145\102\043\361\066\131\012\035\243\121\310\274\243\224\052
+\061\337\343\074\362\235\032\074\004\260\357\261\012\060\023\163
+\266\327\363\243\114\001\165\024\205\170\300\327\212\071\130\205
+\120\372\056\346\305\276\317\213\077\257\217\066\324\045\011\055
+\322\017\254\162\223\362\277\213\324\120\263\371\025\120\233\231
+\365\024\331\373\213\221\243\062\046\046\240\370\337\073\140\201
+\206\203\171\133\053\353\023\075\051\072\301\155\335\275\236\216
+\207\326\112\256\064\227\005\356\024\246\366\334\070\176\112\351
+\044\124\007\075\227\150\067\106\153\015\307\250\041\257\023\124
+\344\011\152\361\115\106\012\311\135\373\233\117\275\336\373\267
+\124\313\270\070\234\247\071\373\152\055\300\173\215\253\245\247
+\127\354\112\222\212\063\305\341\040\134\163\330\220\222\053\200
+\325\017\206\030\151\174\071\117\204\206\274\367\114\133\363\325
+\264\312\240\302\360\067\042\312\171\122\037\123\346\252\363\220
+\260\073\335\362\050\375\254\353\305\006\044\240\311\324\057\017
+\130\375\265\236\354\017\317\262\131\320\242\004\172\070\152\256
+\162\373\275\360\045\142\224\011\247\005\013\002\003\001\000\001
+\243\202\001\141\060\202\001\135\060\110\006\003\125\035\040\004
+\101\060\077\060\075\006\004\125\035\040\000\060\065\060\063\006
+\010\053\006\001\005\005\007\002\001\026\047\150\164\164\160\072
+\057\057\167\167\167\056\144\151\147\151\156\157\164\141\162\056
+\156\154\057\143\160\163\057\160\153\151\157\166\145\162\150\145
+\151\144\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\201\205\006\003\125\035\043\004\176\060\174\200
+\024\071\020\213\111\222\134\333\141\022\040\315\111\235\032\216
+\332\234\147\100\271\241\136\244\134\060\132\061\013\060\011\006
+\003\125\004\006\023\002\116\114\061\036\060\034\006\003\125\004
+\012\014\025\123\164\141\141\164\040\144\145\162\040\116\145\144
+\145\162\154\141\156\144\145\156\061\053\060\051\006\003\125\004
+\003\014\042\123\164\141\141\164\040\144\145\162\040\116\145\144
+\145\162\154\141\156\144\145\156\040\122\157\157\164\040\103\101
+\040\055\040\107\062\202\004\000\230\226\364\060\111\006\003\125
+\035\037\004\102\060\100\060\076\240\074\240\072\206\070\150\164
+\164\160\072\057\057\143\162\154\056\160\153\151\157\166\145\162
+\150\145\151\144\056\156\154\057\104\157\155\117\162\147\141\156
+\151\163\141\164\151\145\114\141\164\145\163\164\103\122\114\055
+\107\062\056\143\162\154\060\035\006\003\125\035\016\004\026\004
+\024\274\135\224\073\331\253\173\003\045\163\141\302\333\055\356
+\374\253\217\145\241\060\015\006\011\052\206\110\206\367\015\001
+\001\013\005\000\003\202\002\001\000\217\374\055\114\267\331\055
+\325\037\275\357\313\364\267\150\027\165\235\116\325\367\335\234
+\361\052\046\355\237\242\266\034\003\325\123\263\354\010\317\064
+\342\343\303\364\265\026\057\310\303\276\327\323\163\253\000\066
+\371\032\112\176\326\143\351\136\106\272\245\266\216\025\267\243
+\052\330\103\035\357\135\310\037\201\205\263\213\367\377\074\364
+\331\364\106\010\077\234\274\035\240\331\250\114\315\045\122\116
+\012\261\040\367\037\351\103\331\124\106\201\023\232\300\136\164
+\154\052\230\062\352\374\167\273\015\245\242\061\230\042\176\174
+\174\347\332\244\255\354\267\056\032\031\161\370\110\120\332\103
+\217\054\204\335\301\100\047\343\265\360\025\116\226\324\370\134
+\343\206\051\106\053\327\073\007\353\070\177\310\206\127\227\323
+\357\052\063\304\027\120\325\144\151\153\053\153\105\136\135\057
+\027\312\132\116\317\303\327\071\074\365\073\237\106\271\233\347
+\016\111\227\235\326\325\343\033\017\352\217\001\116\232\023\224
+\131\012\002\007\110\113\032\140\253\177\117\355\013\330\125\015
+\150\157\125\234\151\145\025\102\354\300\334\335\154\254\303\026
+\316\013\035\126\233\244\304\304\322\056\340\017\342\104\047\053
+\120\151\244\334\142\350\212\041\051\102\154\314\000\072\226\166
+\233\357\100\300\244\136\167\204\062\154\046\052\071\146\256\135
+\343\271\271\262\054\150\037\036\232\220\003\071\360\252\263\244
+\314\111\213\030\064\351\067\311\173\051\307\204\174\157\104\025
+\057\354\141\131\004\311\105\313\242\326\122\242\174\177\051\222
+\326\112\305\213\102\250\324\376\352\330\307\207\043\030\344\235
+\172\175\163\100\122\230\240\256\156\343\005\077\005\017\340\245
+\306\155\115\355\203\067\210\234\307\363\334\102\232\152\266\327
+\041\111\066\167\362\357\030\117\305\160\331\236\351\336\267\053
+\213\364\274\176\050\337\015\100\311\205\134\256\235\305\061\377
+\320\134\016\265\250\176\360\351\057\272\257\210\256\345\265\321
+\130\245\257\234\161\247\051\001\220\203\151\067\202\005\272\374
+\011\301\010\156\214\170\073\303\063\002\200\077\104\205\010\035
+\337\125\126\010\255\054\205\055\135\261\003\341\256\252\164\305
+\244\363\116\272\067\230\173\202\271
+END
+
+# Trust for Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
+# Issuer: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Serial Number: 268435455 (0xfffffff)
+# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,O=DigiNotar B.V.,C=NL
+# Not Valid Before: Wed May 12 08:51:39 2010
+# Not Valid After : Mon Mar 23 09:50:05 2020
+# Fingerprint (MD5): 2E:61:A2:D1:78:CE:EE:BF:59:33:B0:23:14:0F:94:1C
+# Fingerprint (SHA1): D5:F2:57:A9:BF:2D:D0:3F:8B:46:57:F9:2B:C9:A4:C6:92:E1:42:42
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted DigiNotar PKIoverheid G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\325\362\127\251\277\055\320\077\213\106\127\371\053\311\244\306
+\222\341\102\102
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\056\141\242\321\170\316\356\277\131\063\260\043\024\017\224\034
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\027\060\025\006\003\125\004\012\014\016\104\151\147\151\116\157
+\164\141\162\040\102\056\126\056\061\062\060\060\006\003\125\004
+\003\014\051\104\151\147\151\116\157\164\141\162\040\120\113\111
+\157\166\145\162\150\145\151\144\040\103\101\040\117\162\147\141
+\156\151\163\141\164\151\145\040\055\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\017\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+#
+# Issuer: CN=GTE CyberTrust Global Root,OU="GTE CyberTrust Solutions, Inc.",O=GTE Corporation,C=US
+# Serial Number:07:ff:ff:ff:ff:ff
+# Subject: CN=Digisign Server ID (Enrich),OU=457608-K,O=Digicert Sdn. Bhd.,C=MY
+# Not Valid Before: Tue Jul 17 15:17:49 2007
+# Not Valid After : Tue Jul 17 15:16:55 2012
+# Fingerprint (MD5): D2:DE:AE:50:A4:98:2D:6F:37:B7:86:52:C8:2D:4B:6A
+# Fingerprint (SHA1): 55:50:AF:EC:BF:E8:C3:AD:C4:0B:E3:AD:0C:A7:E4:15:8C:39:59:4F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061
+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145
+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017
+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061
+\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151
+\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156
+\162\151\143\150\051
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
+\141\154\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007
+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124
+\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060
+\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145
+\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163
+\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023
+\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040
+\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060
+\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062
+\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060
+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003
+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144
+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013
+\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003
+\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145
+\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051
+\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144
+\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376
+\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312
+\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225
+\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152
+\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173
+\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335
+\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177
+\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001
+\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035
+\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134
+\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001
+\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005
+\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142
+\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164
+\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056
+\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006
+\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061
+\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026
+\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157
+\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023
+\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040
+\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061
+\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171
+\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040
+\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004
+\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072
+\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165
+\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103
+\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060
+\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027
+\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015
+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
+\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005
+\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325
+\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377
+\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222
+\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113
+\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362
+\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305
+\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143
+\131
+END
+
+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+# Issuer: CN=GTE CyberTrust Global Root,OU="GTE CyberTrust Solutions, Inc.",O=GTE Corporation,C=US
+# Serial Number:07:ff:ff:ff:ff:ff
+# Subject: CN=Digisign Server ID (Enrich),OU=457608-K,O=Digicert Sdn. Bhd.,C=MY
+# Not Valid Before: Tue Jul 17 15:17:49 2007
+# Not Valid After : Tue Jul 17 15:16:55 2012
+# Fingerprint (MD5): D2:DE:AE:50:A4:98:2D:6F:37:B7:86:52:C8:2D:4B:6A
+# Fingerprint (SHA1): 55:50:AF:EC:BF:E8:C3:AD:C4:0B:E3:AD:0C:A7:E4:15:8C:39:59:4F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025
+\214\071\131\117
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
+\141\154\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+#
+# Issuer: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
+# Serial Number:07:ff:ff:ff:ff:ff
+# Subject: CN=Digisign Server ID - (Enrich),OU=457608-K,O=Digicert Sdn. Bhd.,C=MY
+# Not Valid Before: Fri Jul 16 17:23:38 2010
+# Not Valid After : Thu Jul 16 17:53:38 2015
+# Fingerprint (MD5): D7:69:61:7F:35:0F:9C:46:A3:AA:EB:F8:55:FC:84:F2
+# Fingerprint (SHA1): 6B:3C:3B:80:AD:CA:A6:BA:8A:9F:54:A6:7A:ED:12:69:05:6D:31:26
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061
+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145
+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017
+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061
+\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151
+\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050
+\105\156\162\151\143\150\051
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007
+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012
+\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060
+\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162
+\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070
+\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056
+\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061
+\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071
+\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114
+\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023
+\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061
+\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065
+\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060
+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003
+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144
+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013
+\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003
+\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145
+\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143
+\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065
+\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140
+\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026
+\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313
+\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336
+\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245
+\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044
+\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167
+\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026
+\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166
+\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063
+\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312
+\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364
+\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046
+\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150
+\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205
+\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001
+\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006
+\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005
+\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006
+\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006
+\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072
+\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156
+\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006
+\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005
+\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167
+\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171
+\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004
+\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072
+\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145
+\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003
+\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060
+\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321
+\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153
+\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003
+\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001
+\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014
+\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063
+\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142
+\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264
+\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251
+\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330
+\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327
+\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013
+\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113
+\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227
+\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100
+\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247
+\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011
+\355\020\342\305
+END
+
+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+# Issuer: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
+# Serial Number:07:ff:ff:ff:ff:ff
+# Subject: CN=Digisign Server ID - (Enrich),OU=457608-K,O=Digicert Sdn. Bhd.,C=MY
+# Not Valid Before: Fri Jul 16 17:23:38 2010
+# Not Valid After : Thu Jul 16 17:53:38 2015
+# Fingerprint (MD5): D7:69:61:7F:35:0F:9C:46:A3:AA:EB:F8:55:FC:84:F2
+# Fingerprint (SHA1): 6B:3C:3B:80:AD:CA:A6:BA:8A:9F:54:A6:7A:ED:12:69:05:6D:31:26
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151
+\005\155\061\046
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+
+#
+# Certificate "Security Communication RootCA2"
+#
+# Issuer: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Serial Number: 0 (0x0)
+# Subject: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Not Valid Before: Fri May 29 05:00:39 2009
+# Not Valid After : Tue May 29 05:00:39 2029
+# Fingerprint (MD5): 6C:39:7D:A4:0E:55:59:B2:3F:D6:41:B1:12:50:DE:43
+# Fingerprint (SHA1): 5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Security Communication RootCA2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\135\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040
+\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117
+\056\054\114\124\104\056\061\047\060\045\006\003\125\004\013\023
+\036\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156
+\151\143\141\164\151\157\156\040\122\157\157\164\103\101\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\135\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040
+\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117
+\056\054\114\124\104\056\061\047\060\045\006\003\125\004\013\023
+\036\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156
+\151\143\141\164\151\157\156\040\122\157\157\164\103\101\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\167\060\202\002\137\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\135\061\013\060\011\006\003\125\004\006\023\002\112\120\061\045
+\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040\124
+\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117\056
+\054\114\124\104\056\061\047\060\045\006\003\125\004\013\023\036
+\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156\151
+\143\141\164\151\157\156\040\122\157\157\164\103\101\062\060\036
+\027\015\060\071\060\065\062\071\060\065\060\060\063\071\132\027
+\015\062\071\060\065\062\071\060\065\060\060\063\071\132\060\135
+\061\013\060\011\006\003\125\004\006\023\002\112\120\061\045\060
+\043\006\003\125\004\012\023\034\123\105\103\117\115\040\124\162
+\165\163\164\040\123\171\163\164\145\155\163\040\103\117\056\054
+\114\124\104\056\061\047\060\045\006\003\125\004\013\023\036\123
+\145\143\165\162\151\164\171\040\103\157\155\155\165\156\151\143
+\141\164\151\157\156\040\122\157\157\164\103\101\062\060\202\001
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\001\017\000\060\202\001\012\002\202\001\001\000\320\025
+\071\122\261\122\263\272\305\131\202\304\135\122\256\072\103\145
+\200\113\307\362\226\274\333\066\227\326\246\144\214\250\136\360
+\343\012\034\367\337\227\075\113\256\366\135\354\041\265\101\253
+\315\271\176\166\237\276\371\076\066\064\240\073\301\366\061\021
+\105\164\223\075\127\200\305\371\211\231\312\345\253\152\324\265
+\332\101\220\020\301\326\326\102\211\302\277\364\070\022\225\114
+\124\005\367\066\344\105\203\173\024\145\326\334\014\115\321\336
+\176\014\253\073\304\025\276\072\126\246\132\157\166\151\122\251
+\172\271\310\353\152\232\135\122\320\055\012\153\065\026\011\020
+\204\320\152\312\072\006\000\067\107\344\176\127\117\077\213\353
+\147\270\210\252\305\276\123\125\262\221\304\175\271\260\205\031
+\006\170\056\333\141\032\372\205\365\112\221\241\347\026\325\216
+\242\071\337\224\270\160\037\050\077\213\374\100\136\143\203\074
+\203\052\032\231\153\317\336\131\152\073\374\157\026\327\037\375
+\112\020\353\116\202\026\072\254\047\014\123\361\255\325\044\260
+\153\003\120\301\055\074\026\335\104\064\047\032\165\373\002\003
+\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026
+\004\024\012\205\251\167\145\005\230\174\100\201\370\017\227\054
+\070\361\012\354\074\317\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\003\202\001\001\000\114\072\243\104\254
+\271\105\261\307\223\176\310\013\012\102\337\144\352\034\356\131
+\154\010\272\211\137\152\312\112\225\236\172\217\007\305\332\105
+\162\202\161\016\072\322\314\157\247\264\241\043\273\366\044\237
+\313\027\376\214\246\316\302\322\333\314\215\374\161\374\003\051
+\301\154\135\063\137\144\266\145\073\211\157\030\166\170\365\334
+\242\110\037\031\077\216\223\353\361\372\027\356\315\116\343\004
+\022\125\326\345\344\335\373\076\005\174\342\035\136\306\247\274
+\227\117\150\072\365\351\056\012\103\266\257\127\134\142\150\174
+\267\375\243\212\204\240\254\142\276\053\011\207\064\360\152\001
+\273\233\051\126\074\376\000\067\317\043\154\361\116\252\266\164
+\106\022\154\221\356\064\325\354\232\221\347\104\276\220\061\162
+\325\111\002\366\002\345\364\037\353\174\331\226\125\251\377\354
+\212\371\231\107\377\065\132\002\252\004\313\212\133\207\161\051
+\221\275\244\264\172\015\275\232\365\127\043\000\007\041\027\077
+\112\071\321\005\111\013\247\266\067\201\245\135\214\252\063\136
+\201\050\174\247\175\047\353\000\256\215\067
+END
+
+# Trust for Certificate "Security Communication RootCA2"
+# Issuer: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Serial Number: 0 (0x0)
+# Subject: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
+# Not Valid Before: Fri May 29 05:00:39 2009
+# Not Valid After : Tue May 29 05:00:39 2029
+# Fingerprint (MD5): 6C:39:7D:A4:0E:55:59:B2:3F:D6:41:B1:12:50:DE:43
+# Fingerprint (SHA1): 5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Security Communication RootCA2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\137\073\214\362\370\020\263\175\170\264\316\354\031\031\303\163
+\064\271\307\164
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\154\071\175\244\016\125\131\262\077\326\101\261\022\120\336\103
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\135\061\013\060\011\006\003\125\004\006\023\002\112\120\061
+\045\060\043\006\003\125\004\012\023\034\123\105\103\117\115\040
+\124\162\165\163\164\040\123\171\163\164\145\155\163\040\103\117
+\056\054\114\124\104\056\061\047\060\045\006\003\125\004\013\023
+\036\123\145\143\165\162\151\164\171\040\103\157\155\155\165\156
+\151\143\141\164\151\157\156\040\122\157\157\164\103\101\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "EC-ACC"
+#
+# Issuer: CN=EC-ACC,OU=Jerarquia Entitats de Certificacio Catalanes,OU=Vegeu https://www.catcert.net/verarrel (c)03,OU=Serveis Publics de Certificacio,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES
+# Serial Number:ee:2b:3d:eb:d4:21:de:14:a8:62:ac:04:f3:dd:c4:01
+# Subject: CN=EC-ACC,OU=Jerarquia Entitats de Certificacio Catalanes,OU=Vegeu https://www.catcert.net/verarrel (c)03,OU=Serveis Publics de Certificacio,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES
+# Not Valid Before: Tue Jan 07 23:00:00 2003
+# Not Valid After : Tue Jan 07 22:59:59 2031
+# Fingerprint (MD5): EB:F5:9D:29:0D:61:F9:42:1F:7C:C2:BA:6D:E3:15:09
+# Fingerprint (SHA1): 28:90:3A:63:5B:52:80:FA:E6:77:4C:0B:6D:A7:D6:BA:A6:4A:F2:E8
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "EC-ACC"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\363\061\013\060\011\006\003\125\004\006\023\002\105\123
+\061\073\060\071\006\003\125\004\012\023\062\101\147\145\156\143
+\151\141\040\103\141\164\141\154\141\156\141\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\040\050\116\111\106
+\040\121\055\060\070\060\061\061\067\066\055\111\051\061\050\060
+\046\006\003\125\004\013\023\037\123\145\162\166\145\151\163\040
+\120\165\142\154\151\143\163\040\144\145\040\103\145\162\164\151
+\146\151\143\141\143\151\157\061\065\060\063\006\003\125\004\013
+\023\054\126\145\147\145\165\040\150\164\164\160\163\072\057\057
+\167\167\167\056\143\141\164\143\145\162\164\056\156\145\164\057
+\166\145\162\141\162\162\145\154\040\050\143\051\060\063\061\065
+\060\063\006\003\125\004\013\023\054\112\145\162\141\162\161\165
+\151\141\040\105\156\164\151\164\141\164\163\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\040\103\141\164\141
+\154\141\156\145\163\061\017\060\015\006\003\125\004\003\023\006
+\105\103\055\101\103\103
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\363\061\013\060\011\006\003\125\004\006\023\002\105\123
+\061\073\060\071\006\003\125\004\012\023\062\101\147\145\156\143
+\151\141\040\103\141\164\141\154\141\156\141\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\040\050\116\111\106
+\040\121\055\060\070\060\061\061\067\066\055\111\051\061\050\060
+\046\006\003\125\004\013\023\037\123\145\162\166\145\151\163\040
+\120\165\142\154\151\143\163\040\144\145\040\103\145\162\164\151
+\146\151\143\141\143\151\157\061\065\060\063\006\003\125\004\013
+\023\054\126\145\147\145\165\040\150\164\164\160\163\072\057\057
+\167\167\167\056\143\141\164\143\145\162\164\056\156\145\164\057
+\166\145\162\141\162\162\145\154\040\050\143\051\060\063\061\065
+\060\063\006\003\125\004\013\023\054\112\145\162\141\162\161\165
+\151\141\040\105\156\164\151\164\141\164\163\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\040\103\141\164\141
+\154\141\156\145\163\061\017\060\015\006\003\125\004\003\023\006
+\105\103\055\101\103\103
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\356\053\075\353\324\041\336\024\250\142\254\004\363\335
+\304\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\126\060\202\004\076\240\003\002\001\002\002\020\356
+\053\075\353\324\041\336\024\250\142\254\004\363\335\304\001\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\363\061\013\060\011\006\003\125\004\006\023\002\105\123\061\073
+\060\071\006\003\125\004\012\023\062\101\147\145\156\143\151\141
+\040\103\141\164\141\154\141\156\141\040\144\145\040\103\145\162
+\164\151\146\151\143\141\143\151\157\040\050\116\111\106\040\121
+\055\060\070\060\061\061\067\066\055\111\051\061\050\060\046\006
+\003\125\004\013\023\037\123\145\162\166\145\151\163\040\120\165
+\142\154\151\143\163\040\144\145\040\103\145\162\164\151\146\151
+\143\141\143\151\157\061\065\060\063\006\003\125\004\013\023\054
+\126\145\147\145\165\040\150\164\164\160\163\072\057\057\167\167
+\167\056\143\141\164\143\145\162\164\056\156\145\164\057\166\145
+\162\141\162\162\145\154\040\050\143\051\060\063\061\065\060\063
+\006\003\125\004\013\023\054\112\145\162\141\162\161\165\151\141
+\040\105\156\164\151\164\141\164\163\040\144\145\040\103\145\162
+\164\151\146\151\143\141\143\151\157\040\103\141\164\141\154\141
+\156\145\163\061\017\060\015\006\003\125\004\003\023\006\105\103
+\055\101\103\103\060\036\027\015\060\063\060\061\060\067\062\063
+\060\060\060\060\132\027\015\063\061\060\061\060\067\062\062\065
+\071\065\071\132\060\201\363\061\013\060\011\006\003\125\004\006
+\023\002\105\123\061\073\060\071\006\003\125\004\012\023\062\101
+\147\145\156\143\151\141\040\103\141\164\141\154\141\156\141\040
+\144\145\040\103\145\162\164\151\146\151\143\141\143\151\157\040
+\050\116\111\106\040\121\055\060\070\060\061\061\067\066\055\111
+\051\061\050\060\046\006\003\125\004\013\023\037\123\145\162\166
+\145\151\163\040\120\165\142\154\151\143\163\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\061\065\060\063\006
+\003\125\004\013\023\054\126\145\147\145\165\040\150\164\164\160
+\163\072\057\057\167\167\167\056\143\141\164\143\145\162\164\056
+\156\145\164\057\166\145\162\141\162\162\145\154\040\050\143\051
+\060\063\061\065\060\063\006\003\125\004\013\023\054\112\145\162
+\141\162\161\165\151\141\040\105\156\164\151\164\141\164\163\040
+\144\145\040\103\145\162\164\151\146\151\143\141\143\151\157\040
+\103\141\164\141\154\141\156\145\163\061\017\060\015\006\003\125
+\004\003\023\006\105\103\055\101\103\103\060\202\001\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
+\017\000\060\202\001\012\002\202\001\001\000\263\042\307\117\342
+\227\102\225\210\107\203\100\366\035\027\363\203\163\044\036\121
+\363\230\212\303\222\270\377\100\220\005\160\207\140\311\000\251
+\265\224\145\031\042\025\027\302\103\154\146\104\232\015\004\076
+\071\157\245\113\172\252\143\267\212\104\235\331\143\221\204\146
+\340\050\017\272\102\343\156\216\367\024\047\223\151\356\221\016
+\243\137\016\261\353\146\242\162\117\022\023\206\145\172\076\333
+\117\007\364\247\011\140\332\072\102\231\307\262\177\263\026\225
+\034\307\371\064\265\224\205\325\231\136\240\110\240\176\347\027
+\145\270\242\165\270\036\363\345\102\175\257\355\363\212\110\144
+\135\202\024\223\330\300\344\377\263\120\162\362\166\366\263\135
+\102\120\171\320\224\076\153\014\000\276\330\153\016\116\052\354
+\076\322\314\202\242\030\145\063\023\167\236\232\135\032\023\330
+\303\333\075\310\227\172\356\160\355\247\346\174\333\161\317\055
+\224\142\337\155\326\365\070\276\077\245\205\012\031\270\250\330
+\011\165\102\160\304\352\357\313\016\310\064\250\022\042\230\014
+\270\023\224\266\113\354\360\320\220\347\047\002\003\001\000\001
+\243\201\343\060\201\340\060\035\006\003\125\035\021\004\026\060
+\024\201\022\145\143\137\141\143\143\100\143\141\164\143\145\162
+\164\056\156\145\164\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\035\006\003\125\035\016\004\026\004
+\024\240\303\213\104\252\067\245\105\277\227\200\132\321\361\170
+\242\233\351\135\215\060\177\006\003\125\035\040\004\170\060\166
+\060\164\006\013\053\006\001\004\001\365\170\001\003\001\012\060
+\145\060\054\006\010\053\006\001\005\005\007\002\001\026\040\150
+\164\164\160\163\072\057\057\167\167\167\056\143\141\164\143\145
+\162\164\056\156\145\164\057\166\145\162\141\162\162\145\154\060
+\065\006\010\053\006\001\005\005\007\002\002\060\051\032\047\126
+\145\147\145\165\040\150\164\164\160\163\072\057\057\167\167\167
+\056\143\141\164\143\145\162\164\056\156\145\164\057\166\145\162
+\141\162\162\145\154\040\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\001\001\000\240\110\133\202\001\366
+\115\110\270\071\125\065\234\200\172\123\231\325\132\377\261\161
+\073\314\071\011\224\136\326\332\357\276\001\133\135\323\036\330
+\375\175\117\315\240\101\340\064\223\277\313\342\206\234\067\222
+\220\126\034\334\353\051\005\345\304\236\307\065\337\212\014\315
+\305\041\103\351\252\210\345\065\300\031\102\143\132\002\136\244
+\110\030\072\205\157\334\235\274\077\235\234\301\207\270\172\141
+\010\351\167\013\177\160\253\172\335\331\227\054\144\036\205\277
+\274\164\226\241\303\172\022\354\014\032\156\203\014\074\350\162
+\106\237\373\110\325\136\227\346\261\241\370\344\357\106\045\224
+\234\211\333\151\070\276\354\134\016\126\307\145\121\345\120\210
+\210\277\102\325\053\075\345\371\272\236\056\263\312\364\163\222
+\002\013\276\114\146\353\040\376\271\313\265\231\177\346\266\023
+\372\312\113\115\331\356\123\106\006\073\306\116\255\223\132\201
+\176\154\052\113\152\005\105\214\362\041\244\061\220\207\154\145
+\234\235\245\140\225\072\122\177\365\321\253\010\156\363\356\133
+\371\210\075\176\270\157\156\003\344\102
+END
+
+# Trust for Certificate "EC-ACC"
+# Issuer: CN=EC-ACC,OU=Jerarquia Entitats de Certificacio Catalanes,OU=Vegeu https://www.catcert.net/verarrel (c)03,OU=Serveis Publics de Certificacio,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES
+# Serial Number:ee:2b:3d:eb:d4:21:de:14:a8:62:ac:04:f3:dd:c4:01
+# Subject: CN=EC-ACC,OU=Jerarquia Entitats de Certificacio Catalanes,OU=Vegeu https://www.catcert.net/verarrel (c)03,OU=Serveis Publics de Certificacio,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES
+# Not Valid Before: Tue Jan 07 23:00:00 2003
+# Not Valid After : Tue Jan 07 22:59:59 2031
+# Fingerprint (MD5): EB:F5:9D:29:0D:61:F9:42:1F:7C:C2:BA:6D:E3:15:09
+# Fingerprint (SHA1): 28:90:3A:63:5B:52:80:FA:E6:77:4C:0B:6D:A7:D6:BA:A6:4A:F2:E8
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "EC-ACC"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\050\220\072\143\133\122\200\372\346\167\114\013\155\247\326\272
+\246\112\362\350
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\353\365\235\051\015\141\371\102\037\174\302\272\155\343\025\011
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\363\061\013\060\011\006\003\125\004\006\023\002\105\123
+\061\073\060\071\006\003\125\004\012\023\062\101\147\145\156\143
+\151\141\040\103\141\164\141\154\141\156\141\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\040\050\116\111\106
+\040\121\055\060\070\060\061\061\067\066\055\111\051\061\050\060
+\046\006\003\125\004\013\023\037\123\145\162\166\145\151\163\040
+\120\165\142\154\151\143\163\040\144\145\040\103\145\162\164\151
+\146\151\143\141\143\151\157\061\065\060\063\006\003\125\004\013
+\023\054\126\145\147\145\165\040\150\164\164\160\163\072\057\057
+\167\167\167\056\143\141\164\143\145\162\164\056\156\145\164\057
+\166\145\162\141\162\162\145\154\040\050\143\051\060\063\061\065
+\060\063\006\003\125\004\013\023\054\112\145\162\141\162\161\165
+\151\141\040\105\156\164\151\164\141\164\163\040\144\145\040\103
+\145\162\164\151\146\151\143\141\143\151\157\040\103\141\164\141
+\154\141\156\145\163\061\017\060\015\006\003\125\004\003\023\006
+\105\103\055\101\103\103
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\356\053\075\353\324\041\336\024\250\142\254\004\363\335
+\304\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Hellenic Academic and Research Institutions RootCA 2011"
+#
+# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2011,O=Hellenic Academic and Research Institutions Cert. Authority,C=GR
+# Serial Number: 0 (0x0)
+# Subject: CN=Hellenic Academic and Research Institutions RootCA 2011,O=Hellenic Academic and Research Institutions Cert. Authority,C=GR
+# Not Valid Before: Tue Dec 06 13:49:52 2011
+# Not Valid After : Mon Dec 01 13:49:52 2031
+# Fingerprint (MD5): 73:9F:4C:4B:73:5B:79:E9:FA:BA:1C:EF:6E:CB:D5:C9
+# Fingerprint (SHA1): FE:45:65:9B:79:03:5B:98:A1:61:B5:51:2E:AC:DA:58:09:48:22:4D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hellenic Academic and Research Institutions RootCA 2011"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\225\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154\145
+\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144
+\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164
+\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165\164
+\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003\023
+\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145\155
+\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150\040
+\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157\157
+\164\103\101\040\062\060\061\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\225\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154\145
+\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144
+\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164
+\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165\164
+\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003\023
+\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145\155
+\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150\040
+\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157\157
+\164\103\101\040\062\060\061\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\061\060\202\003\031\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\225\061\013\060\011\006\003\125\004\006\023\002\107\122\061
+\104\060\102\006\003\125\004\012\023\073\110\145\154\154\145\156
+\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144\040
+\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164\165
+\164\151\157\156\163\040\103\145\162\164\056\040\101\165\164\150
+\157\162\151\164\171\061\100\060\076\006\003\125\004\003\023\067
+\110\145\154\154\145\156\151\143\040\101\143\141\144\145\155\151
+\143\040\141\156\144\040\122\145\163\145\141\162\143\150\040\111
+\156\163\164\151\164\165\164\151\157\156\163\040\122\157\157\164
+\103\101\040\062\060\061\061\060\036\027\015\061\061\061\062\060
+\066\061\063\064\071\065\062\132\027\015\063\061\061\062\060\061
+\061\063\064\071\065\062\132\060\201\225\061\013\060\011\006\003
+\125\004\006\023\002\107\122\061\104\060\102\006\003\125\004\012
+\023\073\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\103\145
+\162\164\056\040\101\165\164\150\157\162\151\164\171\061\100\060
+\076\006\003\125\004\003\023\067\110\145\154\154\145\156\151\143
+\040\101\143\141\144\145\155\151\143\040\141\156\144\040\122\145
+\163\145\141\162\143\150\040\111\156\163\164\151\164\165\164\151
+\157\156\163\040\122\157\157\164\103\101\040\062\060\061\061\060
+\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
+\251\123\000\343\056\246\366\216\372\140\330\055\225\076\370\054
+\052\124\116\315\271\204\141\224\130\117\217\075\213\344\103\363
+\165\211\215\121\344\303\067\322\212\210\115\171\036\267\022\335
+\103\170\112\212\222\346\327\110\325\017\244\072\051\104\065\270
+\007\366\150\035\125\315\070\121\360\214\044\061\205\257\203\311
+\175\351\167\257\355\032\173\235\027\371\263\235\070\120\017\246
+\132\171\221\200\257\067\256\246\323\061\373\265\046\011\235\074
+\132\357\121\305\053\337\226\135\353\062\036\002\332\160\111\354
+\156\014\310\232\067\215\367\361\066\140\113\046\054\202\236\320
+\170\363\015\017\143\244\121\060\341\371\053\047\022\007\330\352
+\275\030\142\230\260\131\067\175\276\356\363\040\121\102\132\203
+\357\223\272\151\025\361\142\235\237\231\071\202\241\267\164\056
+\213\324\305\013\173\057\360\310\012\332\075\171\012\232\223\034
+\245\050\162\163\221\103\232\247\321\115\205\204\271\251\164\217
+\024\100\307\334\336\254\101\144\154\264\031\233\002\143\155\044
+\144\217\104\262\045\352\316\135\164\014\143\062\134\215\207\345
+\002\003\001\000\001\243\201\211\060\201\206\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\013\006\003
+\125\035\017\004\004\003\002\001\006\060\035\006\003\125\035\016
+\004\026\004\024\246\221\102\375\023\141\112\043\236\010\244\051
+\345\330\023\004\043\356\101\045\060\107\006\003\125\035\036\004
+\100\060\076\240\074\060\005\202\003\056\147\162\060\005\202\003
+\056\145\165\060\006\202\004\056\145\144\165\060\006\202\004\056
+\157\162\147\060\005\201\003\056\147\162\060\005\201\003\056\145
+\165\060\006\201\004\056\145\144\165\060\006\201\004\056\157\162
+\147\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
+\003\202\001\001\000\037\357\171\101\341\173\156\077\262\214\206
+\067\102\112\116\034\067\036\215\146\272\044\201\311\117\022\017
+\041\300\003\227\206\045\155\135\323\042\051\250\154\242\015\251
+\353\075\006\133\231\072\307\314\303\232\064\177\253\016\310\116
+\034\341\372\344\334\315\015\276\277\044\376\154\347\153\302\015
+\310\006\236\116\215\141\050\246\152\375\345\366\142\352\030\074
+\116\240\123\235\262\072\234\353\245\234\221\026\266\115\202\340
+\014\005\110\251\154\365\314\370\313\235\111\264\360\002\245\375
+\160\003\355\212\041\245\256\023\206\111\303\063\163\276\207\073
+\164\213\027\105\046\114\026\221\203\376\147\175\315\115\143\147
+\372\363\003\022\226\170\006\215\261\147\355\216\077\276\237\117
+\002\365\263\011\057\363\114\207\337\052\313\225\174\001\314\254
+\066\172\277\242\163\172\367\217\301\265\232\241\024\262\217\063
+\237\015\357\042\334\146\173\204\275\105\027\006\075\074\312\271
+\167\064\217\312\352\317\077\061\076\343\210\343\200\111\045\310
+\227\265\235\232\231\115\260\074\370\112\000\233\144\335\237\071
+\113\321\047\327\270
+END
+
+# Trust for Certificate "Hellenic Academic and Research Institutions RootCA 2011"
+# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2011,O=Hellenic Academic and Research Institutions Cert. Authority,C=GR
+# Serial Number: 0 (0x0)
+# Subject: CN=Hellenic Academic and Research Institutions RootCA 2011,O=Hellenic Academic and Research Institutions Cert. Authority,C=GR
+# Not Valid Before: Tue Dec 06 13:49:52 2011
+# Not Valid After : Mon Dec 01 13:49:52 2031
+# Fingerprint (MD5): 73:9F:4C:4B:73:5B:79:E9:FA:BA:1C:EF:6E:CB:D5:C9
+# Fingerprint (SHA1): FE:45:65:9B:79:03:5B:98:A1:61:B5:51:2E:AC:DA:58:09:48:22:4D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hellenic Academic and Research Institutions RootCA 2011"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\376\105\145\233\171\003\133\230\241\141\265\121\056\254\332\130
+\011\110\042\115
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\163\237\114\113\163\133\171\351\372\272\034\357\156\313\325\311
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\225\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154\145
+\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144
+\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164
+\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165\164
+\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003\023
+\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145\155
+\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150\040
+\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157\157
+\164\103\101\040\062\060\061\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "MITM subCA 1 issued by Trustwave", Bug 724929
+# Issuer: E=ca@trustwave.com,CN="Trustwave Organization Issuing CA, Level 2",O="Trustwave Holdings, Inc.",L=Chicago,ST=Illinois,C=US
+# Serial Number: 1800000005 (0x6b49d205)
+# Not Before: Apr 7 15:37:15 2011 GMT
+# Not After : Apr 4 15:37:15 2021 GMT
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "MITM subCA 1 issued by Trustwave"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\253\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\021\060\017\006\003\125\004\010\023\010\111\154\154\151\156
+\157\151\163\061\020\060\016\006\003\125\004\007\023\007\103\150
+\151\143\141\147\157\061\041\060\037\006\003\125\004\012\023\030
+\124\162\165\163\164\167\141\166\145\040\110\157\154\144\151\156
+\147\163\054\040\111\156\143\056\061\063\060\061\006\003\125\004
+\003\023\052\124\162\165\163\164\167\141\166\145\040\117\162\147
+\141\156\151\172\141\164\151\157\156\040\111\163\163\165\151\156
+\147\040\103\101\054\040\114\145\166\145\154\040\062\061\037\060
+\035\006\011\052\206\110\206\367\015\001\011\001\026\020\143\141
+\100\164\162\165\163\164\167\141\166\145\056\143\157\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\153\111\322\005
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "MITM subCA 2 issued by Trustwave", Bug 724929
+# Issuer: E=ca@trustwave.com,CN="Trustwave Organization Issuing CA, Level 2",O="Trustwave Holdings, Inc.",L=Chicago,ST=Illinois,C=US
+# Serial Number: 1800000006 (0x6b49d206)
+# Not Before: Apr 18 21:09:30 2011 GMT
+# Not After : Apr 15 21:09:30 2021 GMT
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "MITM subCA 2 issued by Trustwave"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\253\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\021\060\017\006\003\125\004\010\023\010\111\154\154\151\156
+\157\151\163\061\020\060\016\006\003\125\004\007\023\007\103\150
+\151\143\141\147\157\061\041\060\037\006\003\125\004\012\023\030
+\124\162\165\163\164\167\141\166\145\040\110\157\154\144\151\156
+\147\163\054\040\111\156\143\056\061\063\060\061\006\003\125\004
+\003\023\052\124\162\165\163\164\167\141\166\145\040\117\162\147
+\141\156\151\172\141\164\151\157\156\040\111\163\163\165\151\156
+\147\040\103\101\054\040\114\145\166\145\154\040\062\061\037\060
+\035\006\011\052\206\110\206\367\015\001\011\001\026\020\143\141
+\100\164\162\165\163\164\167\141\166\145\056\143\157\155
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\153\111\322\006
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Actalis Authentication Root CA"
+#
+# Issuer: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
+# Serial Number:57:0a:11:97:42:c4:e3:cc
+# Subject: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
+# Not Valid Before: Thu Sep 22 11:22:02 2011
+# Not Valid After : Sun Sep 22 11:22:02 2030
+# Fingerprint (MD5): 69:C1:0D:4F:07:A3:1B:C3:FE:56:3D:04:BC:11:F6:A6
+# Fingerprint (SHA1): F3:73:B3:87:06:5A:28:84:8A:F2:F3:4A:CE:19:2B:DD:C7:8E:9C:AC
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Actalis Authentication Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\153\061\013\060\011\006\003\125\004\006\023\002\111\124\061
+\016\060\014\006\003\125\004\007\014\005\115\151\154\141\156\061
+\043\060\041\006\003\125\004\012\014\032\101\143\164\141\154\151
+\163\040\123\056\160\056\101\056\057\060\063\063\065\070\065\062
+\060\071\066\067\061\047\060\045\006\003\125\004\003\014\036\101
+\143\164\141\154\151\163\040\101\165\164\150\145\156\164\151\143
+\141\164\151\157\156\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\153\061\013\060\011\006\003\125\004\006\023\002\111\124\061
+\016\060\014\006\003\125\004\007\014\005\115\151\154\141\156\061
+\043\060\041\006\003\125\004\012\014\032\101\143\164\141\154\151
+\163\040\123\056\160\056\101\056\057\060\063\063\065\070\065\062
+\060\071\066\067\061\047\060\045\006\003\125\004\003\014\036\101
+\143\164\141\154\151\163\040\101\165\164\150\145\156\164\151\143
+\141\164\151\157\156\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\127\012\021\227\102\304\343\314
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\273\060\202\003\243\240\003\002\001\002\002\010\127
+\012\021\227\102\304\343\314\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\153\061\013\060\011\006\003\125\004
+\006\023\002\111\124\061\016\060\014\006\003\125\004\007\014\005
+\115\151\154\141\156\061\043\060\041\006\003\125\004\012\014\032
+\101\143\164\141\154\151\163\040\123\056\160\056\101\056\057\060
+\063\063\065\070\065\062\060\071\066\067\061\047\060\045\006\003
+\125\004\003\014\036\101\143\164\141\154\151\163\040\101\165\164
+\150\145\156\164\151\143\141\164\151\157\156\040\122\157\157\164
+\040\103\101\060\036\027\015\061\061\060\071\062\062\061\061\062
+\062\060\062\132\027\015\063\060\060\071\062\062\061\061\062\062
+\060\062\132\060\153\061\013\060\011\006\003\125\004\006\023\002
+\111\124\061\016\060\014\006\003\125\004\007\014\005\115\151\154
+\141\156\061\043\060\041\006\003\125\004\012\014\032\101\143\164
+\141\154\151\163\040\123\056\160\056\101\056\057\060\063\063\065
+\070\065\062\060\071\066\067\061\047\060\045\006\003\125\004\003
+\014\036\101\143\164\141\154\151\163\040\101\165\164\150\145\156
+\164\151\143\141\164\151\157\156\040\122\157\157\164\040\103\101
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\247\306\304\245\051\244\054\357\345\030\305\260\120\243\157
+\121\073\237\012\132\311\302\110\070\012\302\034\240\030\177\221
+\265\207\271\100\077\335\035\150\037\010\203\325\055\036\210\240
+\370\217\126\217\155\231\002\222\220\026\325\137\010\154\211\327
+\341\254\274\040\302\261\340\203\121\212\151\115\000\226\132\157
+\057\300\104\176\243\016\344\221\315\130\356\334\373\307\036\105
+\107\335\047\271\010\001\237\246\041\035\365\101\055\057\114\375
+\050\255\340\212\255\042\264\126\145\216\206\124\217\223\103\051
+\336\071\106\170\243\060\043\272\315\360\175\023\127\300\135\322
+\203\153\110\114\304\253\237\200\132\133\072\275\311\247\042\077
+\200\047\063\133\016\267\212\014\135\007\067\010\313\154\322\172
+\107\042\104\065\305\314\314\056\216\335\052\355\267\175\146\015
+\137\141\121\042\125\033\343\106\343\343\075\320\065\142\232\333
+\257\024\310\133\241\314\211\033\341\060\046\374\240\233\037\201
+\247\107\037\004\353\243\071\222\006\237\231\323\277\323\352\117
+\120\234\031\376\226\207\036\074\145\366\243\030\044\203\206\020
+\347\124\076\250\072\166\044\117\201\041\305\343\017\002\370\223
+\224\107\040\273\376\324\016\323\150\271\335\304\172\204\202\343
+\123\124\171\335\333\234\322\362\007\233\056\266\274\076\355\205
+\155\357\045\021\362\227\032\102\141\367\112\227\350\213\261\020
+\007\372\145\201\262\242\071\317\367\074\377\030\373\306\361\132
+\213\131\342\002\254\173\222\320\116\024\117\131\105\366\014\136
+\050\137\260\350\077\105\317\317\257\233\157\373\204\323\167\132
+\225\157\254\224\204\236\356\274\300\112\217\112\223\370\104\041
+\342\061\105\141\120\116\020\330\343\065\174\114\031\264\336\005
+\277\243\006\237\310\265\315\344\037\327\027\006\015\172\225\164
+\125\015\150\032\374\020\033\142\144\235\155\340\225\240\303\224
+\007\127\015\024\346\275\005\373\270\237\346\337\213\342\306\347
+\176\226\366\123\305\200\064\120\050\130\360\022\120\161\027\060
+\272\346\170\143\274\364\262\255\233\053\262\376\341\071\214\136
+\272\013\040\224\336\173\203\270\377\343\126\215\267\021\351\073
+\214\362\261\301\135\235\244\013\114\053\331\262\030\365\265\237
+\113\002\003\001\000\001\243\143\060\141\060\035\006\003\125\035
+\016\004\026\004\024\122\330\210\072\310\237\170\146\355\211\363
+\173\070\160\224\311\002\002\066\320\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125\035
+\043\004\030\060\026\200\024\122\330\210\072\310\237\170\146\355
+\211\363\173\070\160\224\311\002\002\066\320\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\013
+\173\162\207\300\140\246\111\114\210\130\346\035\210\367\024\144
+\110\246\330\130\012\016\117\023\065\337\065\035\324\355\006\061
+\310\201\076\152\325\335\073\032\062\356\220\075\021\322\056\364
+\216\303\143\056\043\146\260\147\276\157\266\300\023\071\140\252
+\242\064\045\223\165\122\336\247\235\255\016\207\211\122\161\152
+\026\074\031\035\203\370\232\051\145\276\364\077\232\331\360\363
+\132\207\041\161\200\115\313\340\070\233\077\273\372\340\060\115
+\317\206\323\145\020\031\030\321\227\002\261\053\162\102\150\254
+\240\275\116\132\332\030\277\153\230\201\320\375\232\276\136\025
+\110\315\021\025\271\300\051\134\264\350\210\367\076\066\256\267
+\142\375\036\142\336\160\170\020\034\110\133\332\274\244\070\272
+\147\355\125\076\136\127\337\324\003\100\114\201\244\322\117\143
+\247\011\102\011\024\374\000\251\302\200\163\117\056\300\100\331
+\021\173\110\352\172\002\300\323\353\050\001\046\130\164\301\300
+\163\042\155\223\225\375\071\175\273\052\343\366\202\343\054\227
+\137\116\037\221\224\372\376\054\243\330\166\032\270\115\262\070
+\117\233\372\035\110\140\171\046\342\363\375\251\320\232\350\160
+\217\111\172\326\345\275\012\016\333\055\363\215\277\353\343\244
+\175\313\307\225\161\350\332\243\174\305\302\370\164\222\004\033
+\206\254\244\042\123\100\266\254\376\114\166\317\373\224\062\300
+\065\237\166\077\156\345\220\156\240\246\046\242\270\054\276\321
+\053\205\375\247\150\310\272\001\053\261\154\164\035\270\163\225
+\347\356\267\307\045\360\000\114\000\262\176\266\013\213\034\363
+\300\120\236\045\271\340\010\336\066\146\377\067\245\321\273\124
+\144\054\311\047\265\113\222\176\145\377\323\055\341\271\116\274
+\177\244\101\041\220\101\167\246\071\037\352\236\343\237\320\146
+\157\005\354\252\166\176\277\153\026\240\353\265\307\374\222\124
+\057\053\021\047\045\067\170\114\121\152\260\363\314\130\135\024
+\361\152\110\025\377\302\007\266\261\215\017\216\134\120\106\263
+\075\277\001\230\117\262\131\124\107\076\064\173\170\155\126\223
+\056\163\352\146\050\170\315\035\024\277\240\217\057\056\270\056
+\216\362\024\212\314\351\265\174\373\154\235\014\245\341\226
+END
+
+# Trust for "Actalis Authentication Root CA"
+# Issuer: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
+# Serial Number:57:0a:11:97:42:c4:e3:cc
+# Subject: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
+# Not Valid Before: Thu Sep 22 11:22:02 2011
+# Not Valid After : Sun Sep 22 11:22:02 2030
+# Fingerprint (MD5): 69:C1:0D:4F:07:A3:1B:C3:FE:56:3D:04:BC:11:F6:A6
+# Fingerprint (SHA1): F3:73:B3:87:06:5A:28:84:8A:F2:F3:4A:CE:19:2B:DD:C7:8E:9C:AC
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Actalis Authentication Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\363\163\263\207\006\132\050\204\212\362\363\112\316\031\053\335
+\307\216\234\254
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\151\301\015\117\007\243\033\303\376\126\075\004\274\021\366\246
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\153\061\013\060\011\006\003\125\004\006\023\002\111\124\061
+\016\060\014\006\003\125\004\007\014\005\115\151\154\141\156\061
+\043\060\041\006\003\125\004\012\014\032\101\143\164\141\154\151
+\163\040\123\056\160\056\101\056\057\060\063\063\065\070\065\062
+\060\071\066\067\061\047\060\045\006\003\125\004\003\014\036\101
+\143\164\141\154\151\163\040\101\165\164\150\145\156\164\151\143
+\141\164\151\157\156\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\127\012\021\227\102\304\343\314
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Trustis FPS Root CA"
+#
+# Issuer: OU=Trustis FPS Root CA,O=Trustis Limited,C=GB
+# Serial Number:1b:1f:ad:b6:20:f9:24:d3:36:6b:f7:c7:f1:8c:a0:59
+# Subject: OU=Trustis FPS Root CA,O=Trustis Limited,C=GB
+# Not Valid Before: Tue Dec 23 12:14:06 2003
+# Not Valid After : Sun Jan 21 11:36:54 2024
+# Fingerprint (MD5): 30:C9:E7:1E:6B:E6:14:EB:65:B2:16:69:20:31:67:4D
+# Fingerprint (SHA1): 3B:C0:38:0B:33:C3:F6:A6:0C:86:15:22:93:D9:DF:F5:4B:81:C0:04
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Trustis FPS Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\030\060\026\006\003\125\004\012\023\017\124\162\165\163\164\151
+\163\040\114\151\155\151\164\145\144\061\034\060\032\006\003\125
+\004\013\023\023\124\162\165\163\164\151\163\040\106\120\123\040
+\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\030\060\026\006\003\125\004\012\023\017\124\162\165\163\164\151
+\163\040\114\151\155\151\164\145\144\061\034\060\032\006\003\125
+\004\013\023\023\124\162\165\163\164\151\163\040\106\120\123\040
+\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\033\037\255\266\040\371\044\323\066\153\367\307\361\214
+\240\131
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\147\060\202\002\117\240\003\002\001\002\002\020\033
+\037\255\266\040\371\044\323\066\153\367\307\361\214\240\131\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\105
+\061\013\060\011\006\003\125\004\006\023\002\107\102\061\030\060
+\026\006\003\125\004\012\023\017\124\162\165\163\164\151\163\040
+\114\151\155\151\164\145\144\061\034\060\032\006\003\125\004\013
+\023\023\124\162\165\163\164\151\163\040\106\120\123\040\122\157
+\157\164\040\103\101\060\036\027\015\060\063\061\062\062\063\061
+\062\061\064\060\066\132\027\015\062\064\060\061\062\061\061\061
+\063\066\065\064\132\060\105\061\013\060\011\006\003\125\004\006
+\023\002\107\102\061\030\060\026\006\003\125\004\012\023\017\124
+\162\165\163\164\151\163\040\114\151\155\151\164\145\144\061\034
+\060\032\006\003\125\004\013\023\023\124\162\165\163\164\151\163
+\040\106\120\123\040\122\157\157\164\040\103\101\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\305\120\173
+\236\073\065\320\337\304\214\315\216\233\355\243\300\066\231\364
+\102\352\247\076\200\203\017\246\247\131\207\311\220\105\103\176
+\000\352\206\171\052\003\275\075\067\231\211\146\267\345\212\126
+\206\223\234\150\113\150\004\214\223\223\002\076\060\322\067\072
+\042\141\211\034\205\116\175\217\325\257\173\065\366\176\050\107
+\211\061\334\016\171\144\037\231\322\133\272\376\177\140\277\255
+\353\347\074\070\051\152\057\345\221\013\125\377\354\157\130\325
+\055\311\336\114\146\161\217\014\327\004\332\007\346\036\030\343
+\275\051\002\250\372\034\341\133\271\203\250\101\110\274\032\161
+\215\347\142\345\055\262\353\337\174\317\333\253\132\312\061\361
+\114\042\363\005\023\367\202\371\163\171\014\276\327\113\034\300
+\321\025\074\223\101\144\321\346\276\043\027\042\000\211\136\037
+\153\245\254\156\247\113\214\355\243\162\346\257\143\115\057\205
+\322\024\065\232\056\116\214\352\062\230\050\206\241\221\011\101
+\072\264\341\343\362\372\360\311\012\242\101\335\251\343\003\307
+\210\025\073\034\324\032\224\327\237\144\131\022\155\002\003\001
+\000\001\243\123\060\121\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004\030
+\060\026\200\024\272\372\161\045\171\213\127\101\045\041\206\013
+\161\353\262\144\016\213\041\147\060\035\006\003\125\035\016\004
+\026\004\024\272\372\161\045\171\213\127\101\045\041\206\013\161
+\353\262\144\016\213\041\147\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\003\202\001\001\000\176\130\377\375\065
+\031\175\234\030\117\236\260\053\274\216\214\024\377\054\240\332
+\107\133\303\357\201\055\257\005\352\164\110\133\363\076\116\007
+\307\155\305\263\223\317\042\065\134\266\077\165\047\137\011\226
+\315\240\376\276\100\014\134\022\125\370\223\202\312\051\351\136
+\077\126\127\213\070\066\367\105\032\114\050\315\236\101\270\355
+\126\114\204\244\100\310\270\260\245\053\151\160\004\152\303\370
+\324\022\062\371\016\303\261\334\062\204\104\054\157\313\106\017
+\352\146\101\017\117\361\130\245\246\015\015\017\141\336\245\236
+\135\175\145\241\074\027\347\250\125\116\357\240\307\355\306\104
+\177\124\365\243\340\217\360\174\125\042\217\051\266\201\243\341
+\155\116\054\033\200\147\354\255\040\237\014\142\141\325\227\377
+\103\355\055\301\332\135\051\052\205\077\254\145\356\206\017\005
+\215\220\137\337\356\237\364\277\356\035\373\230\344\177\220\053
+\204\170\020\016\154\111\123\357\025\133\145\106\112\135\257\272
+\373\072\162\035\315\366\045\210\036\227\314\041\234\051\001\015
+\145\353\127\331\363\127\226\273\110\315\201
+END
+
+# Trust for "Trustis FPS Root CA"
+# Issuer: OU=Trustis FPS Root CA,O=Trustis Limited,C=GB
+# Serial Number:1b:1f:ad:b6:20:f9:24:d3:36:6b:f7:c7:f1:8c:a0:59
+# Subject: OU=Trustis FPS Root CA,O=Trustis Limited,C=GB
+# Not Valid Before: Tue Dec 23 12:14:06 2003
+# Not Valid After : Sun Jan 21 11:36:54 2024
+# Fingerprint (MD5): 30:C9:E7:1E:6B:E6:14:EB:65:B2:16:69:20:31:67:4D
+# Fingerprint (SHA1): 3B:C0:38:0B:33:C3:F6:A6:0C:86:15:22:93:D9:DF:F5:4B:81:C0:04
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Trustis FPS Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\073\300\070\013\063\303\366\246\014\206\025\042\223\331\337\365
+\113\201\300\004
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\060\311\347\036\153\346\024\353\145\262\026\151\040\061\147\115
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\107\102\061
+\030\060\026\006\003\125\004\012\023\017\124\162\165\163\164\151
+\163\040\114\151\155\151\164\145\144\061\034\060\032\006\003\125
+\004\013\023\023\124\162\165\163\164\151\163\040\106\120\123\040
+\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\033\037\255\266\040\371\044\323\066\153\367\307\361\214
+\240\131
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "StartCom Certification Authority"
+#
+# Issuer: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Serial Number: 45 (0x2d)
+# Subject: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Not Valid Before: Sun Sep 17 19:46:37 2006
+# Not Valid After : Wed Sep 17 19:46:36 2036
+# Fingerprint (MD5): C9:3B:0D:84:41:FC:A4:76:79:23:08:57:DE:10:19:16
+# Fingerprint (SHA1): A3:F1:33:3F:E2:42:BF:CF:C5:D1:4E:8F:39:42:98:40:68:10:D1:A0
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "StartCom Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013
+\023\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154
+\040\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147
+\156\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123
+\164\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013
+\023\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154
+\040\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147
+\156\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123
+\164\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\055
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\007\207\060\202\005\157\240\003\002\001\002\002\001\055
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061\026
+\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103\157
+\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013\023
+\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154\040
+\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147\156
+\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123\164
+\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
+\027\015\060\066\060\071\061\067\061\071\064\066\063\067\132\027
+\015\063\066\060\071\061\067\061\071\064\066\063\066\132\060\175
+\061\013\060\011\006\003\125\004\006\023\002\111\114\061\026\060
+\024\006\003\125\004\012\023\015\123\164\141\162\164\103\157\155
+\040\114\164\144\056\061\053\060\051\006\003\125\004\013\023\042
+\123\145\143\165\162\145\040\104\151\147\151\164\141\154\040\103
+\145\162\164\151\146\151\143\141\164\145\040\123\151\147\156\151
+\156\147\061\051\060\047\006\003\125\004\003\023\040\123\164\141
+\162\164\103\157\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\060\202\002
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\002\017\000\060\202\002\012\002\202\002\001\000\301\210
+\333\011\274\154\106\174\170\237\225\173\265\063\220\362\162\142
+\326\301\066\040\042\044\136\316\351\167\362\103\012\242\006\144
+\244\314\216\066\370\070\346\043\360\156\155\261\074\335\162\243
+\205\034\241\323\075\264\063\053\323\057\257\376\352\260\101\131
+\147\266\304\006\175\012\236\164\205\326\171\114\200\067\172\337
+\071\005\122\131\367\364\033\106\103\244\322\205\205\322\303\161
+\363\165\142\064\272\054\212\177\036\217\356\355\064\320\021\307
+\226\315\122\075\272\063\326\335\115\336\013\073\112\113\237\302
+\046\057\372\265\026\034\162\065\167\312\074\135\346\312\341\046
+\213\032\066\166\134\001\333\164\024\045\376\355\265\240\210\017
+\335\170\312\055\037\007\227\060\001\055\162\171\372\106\326\023
+\052\250\271\246\253\203\111\035\345\362\357\335\344\001\216\030
+\012\217\143\123\026\205\142\251\016\031\072\314\265\146\246\302
+\153\164\007\344\053\341\166\076\264\155\330\366\104\341\163\142
+\037\073\304\276\240\123\126\045\154\121\011\367\252\253\312\277
+\166\375\155\233\363\235\333\277\075\146\274\014\126\252\257\230
+\110\225\072\113\337\247\130\120\331\070\165\251\133\352\103\014
+\002\377\231\353\350\154\115\160\133\051\145\234\335\252\135\314
+\257\001\061\354\014\353\322\215\350\352\234\173\346\156\367\047
+\146\014\032\110\327\156\102\343\077\336\041\076\173\341\015\160
+\373\143\252\250\154\032\124\264\134\045\172\311\242\311\213\026
+\246\273\054\176\027\136\005\115\130\156\022\035\001\356\022\020
+\015\306\062\177\030\377\374\364\372\315\156\221\350\066\111\276
+\032\110\151\213\302\226\115\032\022\262\151\027\301\012\220\326
+\372\171\042\110\277\272\173\151\370\160\307\372\172\067\330\330
+\015\322\166\117\127\377\220\267\343\221\322\335\357\302\140\267
+\147\072\335\376\252\234\360\324\213\177\162\042\316\306\237\227
+\266\370\257\212\240\020\250\331\373\030\306\266\265\134\122\074
+\211\266\031\052\163\001\012\017\003\263\022\140\362\172\057\201
+\333\243\156\377\046\060\227\365\213\335\211\127\266\255\075\263
+\257\053\305\267\166\002\360\245\326\053\232\206\024\052\162\366
+\343\063\214\135\011\113\023\337\273\214\164\023\122\113\002\003
+\001\000\001\243\202\002\020\060\202\002\014\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003
+\125\035\016\004\026\004\024\116\013\357\032\244\100\133\245\027
+\151\207\060\312\064\150\103\320\101\256\362\060\037\006\003\125
+\035\043\004\030\060\026\200\024\116\013\357\032\244\100\133\245
+\027\151\207\060\312\064\150\103\320\101\256\362\060\202\001\132
+\006\003\125\035\040\004\202\001\121\060\202\001\115\060\202\001
+\111\006\013\053\006\001\004\001\201\265\067\001\001\001\060\202
+\001\070\060\056\006\010\053\006\001\005\005\007\002\001\026\042
+\150\164\164\160\072\057\057\167\167\167\056\163\164\141\162\164
+\163\163\154\056\143\157\155\057\160\157\154\151\143\171\056\160
+\144\146\060\064\006\010\053\006\001\005\005\007\002\001\026\050
+\150\164\164\160\072\057\057\167\167\167\056\163\164\141\162\164
+\163\163\154\056\143\157\155\057\151\156\164\145\162\155\145\144
+\151\141\164\145\056\160\144\146\060\201\317\006\010\053\006\001
+\005\005\007\002\002\060\201\302\060\047\026\040\123\164\141\162
+\164\040\103\157\155\155\145\162\143\151\141\154\040\050\123\164
+\141\162\164\103\157\155\051\040\114\164\144\056\060\003\002\001
+\001\032\201\226\114\151\155\151\164\145\144\040\114\151\141\142
+\151\154\151\164\171\054\040\162\145\141\144\040\164\150\145\040
+\163\145\143\164\151\157\156\040\052\114\145\147\141\154\040\114
+\151\155\151\164\141\164\151\157\156\163\052\040\157\146\040\164
+\150\145\040\123\164\141\162\164\103\157\155\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\040\120\157\154\151\143\171\040\141\166\141\151\154
+\141\142\154\145\040\141\164\040\150\164\164\160\072\057\057\167
+\167\167\056\163\164\141\162\164\163\163\154\056\143\157\155\057
+\160\157\154\151\143\171\056\160\144\146\060\021\006\011\140\206
+\110\001\206\370\102\001\001\004\004\003\002\000\007\060\070\006
+\011\140\206\110\001\206\370\102\001\015\004\053\026\051\123\164
+\141\162\164\103\157\155\040\106\162\145\145\040\123\123\114\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
+\164\150\157\162\151\164\171\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\003\202\002\001\000\216\217\347\334\224
+\171\174\361\205\177\237\111\157\153\312\135\373\214\376\004\305
+\301\142\321\175\102\212\274\123\267\224\003\146\060\077\261\347
+\012\247\120\040\125\045\177\166\172\024\015\353\004\016\100\346
+\076\330\210\253\007\047\203\251\165\246\067\163\307\375\113\322
+\115\255\027\100\310\106\276\073\177\121\374\303\266\005\061\334
+\315\205\042\116\161\267\362\161\136\260\032\306\272\223\213\170
+\222\112\205\370\170\017\203\376\057\255\054\367\344\244\273\055
+\320\347\015\072\270\076\316\366\170\366\256\107\044\312\243\065
+\066\316\307\306\207\230\332\354\373\351\262\316\047\233\210\303
+\004\241\366\013\131\150\257\311\333\020\017\115\366\144\143\134
+\245\022\157\222\262\223\224\307\210\027\016\223\266\176\142\213
+\220\177\253\116\237\374\343\165\024\117\052\062\337\133\015\340
+\365\173\223\015\253\241\317\207\341\245\004\105\350\074\022\245
+\011\305\260\321\267\123\363\140\024\272\205\151\152\041\174\037
+\165\141\027\040\027\173\154\073\101\051\134\341\254\132\321\315
+\214\233\353\140\035\031\354\367\345\260\332\371\171\030\245\105
+\077\111\103\127\322\335\044\325\054\243\375\221\215\047\265\345
+\353\024\006\232\114\173\041\273\072\255\060\006\030\300\330\301
+\153\054\177\131\134\135\221\261\160\042\127\353\212\153\110\112
+\325\017\051\354\306\100\300\057\210\114\150\001\027\167\364\044
+\031\117\275\372\341\262\040\041\113\335\032\330\051\175\252\270
+\336\124\354\041\125\200\154\036\365\060\310\243\020\345\262\346
+\052\024\061\303\205\055\214\230\261\206\132\117\211\131\055\271
+\307\367\034\310\212\177\300\235\005\112\346\102\117\142\243\155
+\051\244\037\205\253\333\345\201\310\255\052\075\114\135\133\204
+\046\161\304\205\136\161\044\312\245\033\154\330\141\323\032\340
+\124\333\316\272\251\062\265\042\366\163\101\011\135\270\027\135
+\016\017\231\220\326\107\332\157\012\072\142\050\024\147\202\331
+\361\320\200\131\233\313\061\330\233\017\214\167\116\265\150\212
+\362\154\366\044\016\055\154\160\305\163\321\336\024\320\161\217
+\266\323\173\002\366\343\270\324\011\156\153\236\165\204\071\346
+\177\045\245\362\110\000\300\244\001\332\077
+END
+
+# Trust for "StartCom Certification Authority"
+# Issuer: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Serial Number: 45 (0x2d)
+# Subject: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+# Not Valid Before: Sun Sep 17 19:46:37 2006
+# Not Valid After : Wed Sep 17 19:46:36 2036
+# Fingerprint (MD5): C9:3B:0D:84:41:FC:A4:76:79:23:08:57:DE:10:19:16
+# Fingerprint (SHA1): A3:F1:33:3F:E2:42:BF:CF:C5:D1:4E:8F:39:42:98:40:68:10:D1:A0
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "StartCom Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\243\361\063\077\342\102\277\317\305\321\116\217\071\102\230\100
+\150\020\321\240
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\311\073\015\204\101\374\244\166\171\043\010\127\336\020\031\026
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\175\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\053\060\051\006\003\125\004\013
+\023\042\123\145\143\165\162\145\040\104\151\147\151\164\141\154
+\040\103\145\162\164\151\146\151\143\141\164\145\040\123\151\147
+\156\151\156\147\061\051\060\047\006\003\125\004\003\023\040\123
+\164\141\162\164\103\157\155\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\055
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "StartCom Certification Authority G2"
+#
+# Issuer: CN=StartCom Certification Authority G2,O=StartCom Ltd.,C=IL
+# Serial Number: 59 (0x3b)
+# Subject: CN=StartCom Certification Authority G2,O=StartCom Ltd.,C=IL
+# Not Valid Before: Fri Jan 01 01:00:01 2010
+# Not Valid After : Sat Dec 31 23:59:01 2039
+# Fingerprint (MD5): 78:4B:FB:9E:64:82:0A:D3:B8:4C:62:F3:64:F2:90:64
+# Fingerprint (SHA1): 31:F1:FD:68:22:63:20:EE:C6:3B:3F:9D:EA:4A:3E:53:7C:7C:39:17
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "StartCom Certification Authority G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\123\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\054\060\052\006\003\125\004\003
+\023\043\123\164\141\162\164\103\157\155\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\123\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\054\060\052\006\003\125\004\003
+\023\043\123\164\141\162\164\103\157\155\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\073
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\143\060\202\003\113\240\003\002\001\002\002\001\073
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\123\061\013\060\011\006\003\125\004\006\023\002\111\114\061\026
+\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103\157
+\155\040\114\164\144\056\061\054\060\052\006\003\125\004\003\023
+\043\123\164\141\162\164\103\157\155\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\040\107\062\060\036\027\015\061\060\060\061\060\061\060\061
+\060\060\060\061\132\027\015\063\071\061\062\063\061\062\063\065
+\071\060\061\132\060\123\061\013\060\011\006\003\125\004\006\023
+\002\111\114\061\026\060\024\006\003\125\004\012\023\015\123\164
+\141\162\164\103\157\155\040\114\164\144\056\061\054\060\052\006
+\003\125\004\003\023\043\123\164\141\162\164\103\157\155\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\107\062\060\202\002\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017
+\000\060\202\002\012\002\202\002\001\000\266\211\066\133\007\267
+\040\066\275\202\273\341\026\040\003\225\172\257\016\243\125\311
+\045\231\112\305\320\126\101\207\220\115\041\140\244\024\207\073
+\315\375\262\076\264\147\003\152\355\341\017\113\300\221\205\160
+\105\340\102\236\336\051\043\324\001\015\240\020\171\270\333\003
+\275\363\251\057\321\306\340\017\313\236\212\024\012\270\275\366
+\126\142\361\305\162\266\062\045\331\262\363\275\145\305\015\054
+\156\325\222\157\030\213\000\101\024\202\157\100\040\046\172\050
+\017\365\036\177\047\367\224\261\067\075\267\307\221\367\342\001
+\354\375\224\211\341\314\156\323\066\326\012\031\171\256\327\064
+\202\145\377\174\102\273\266\335\013\246\064\257\113\140\376\177
+\103\111\006\213\214\103\270\126\362\331\177\041\103\027\352\247
+\110\225\001\165\165\352\053\245\103\225\352\025\204\235\010\215
+\046\156\125\233\253\334\322\071\322\061\035\140\342\254\314\126
+\105\044\365\034\124\253\356\206\335\226\062\205\370\114\117\350
+\225\166\266\005\335\066\043\147\274\377\025\342\312\073\346\246
+\354\073\354\046\021\064\110\215\366\200\053\032\043\002\353\212
+\034\072\166\052\173\126\026\034\162\052\263\252\343\140\245\000
+\237\004\233\342\157\036\024\130\133\245\154\213\130\074\303\272
+\116\072\134\367\341\226\053\076\357\007\274\244\345\135\314\115
+\237\015\341\334\252\273\341\156\032\354\217\341\266\114\115\171
+\162\135\027\065\013\035\327\301\107\332\226\044\340\320\162\250
+\132\137\146\055\020\334\057\052\023\256\046\376\012\034\031\314
+\320\076\013\234\310\011\056\371\133\226\172\107\234\351\172\363
+\005\120\164\225\163\236\060\011\363\227\202\136\346\217\071\010
+\036\131\345\065\024\102\023\377\000\234\367\276\252\120\317\342
+\121\110\327\270\157\257\370\116\176\063\230\222\024\142\072\165
+\143\317\173\372\336\202\073\251\273\071\342\304\275\054\000\016
+\310\027\254\023\357\115\045\216\330\263\220\057\251\332\051\175
+\035\257\164\072\262\047\300\301\036\076\165\243\026\251\257\172
+\042\135\237\023\032\317\247\240\353\343\206\012\323\375\346\226
+\225\327\043\310\067\335\304\174\252\066\254\230\032\022\261\340
+\116\350\261\073\365\326\157\361\060\327\002\003\001\000\001\243
+\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\113
+\305\264\100\153\255\034\263\245\034\145\156\106\066\211\207\005
+\014\016\266\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\002\001\000\163\127\077\054\325\225\062\176\067
+\333\226\222\353\031\136\176\123\347\101\354\021\266\107\357\265
+\336\355\164\134\305\361\216\111\340\374\156\231\023\315\237\212
+\332\315\072\012\330\072\132\011\077\137\064\320\057\003\322\146
+\035\032\275\234\220\067\310\014\216\007\132\224\105\106\052\346
+\276\172\332\241\251\244\151\022\222\260\175\066\324\104\207\327
+\121\361\051\143\326\165\315\026\344\047\211\035\370\302\062\110
+\375\333\231\320\217\137\124\164\314\254\147\064\021\142\331\014
+\012\067\207\321\243\027\110\216\322\027\035\366\327\375\333\145
+\353\375\250\324\365\326\117\244\133\165\350\305\322\140\262\333
+\011\176\045\213\173\272\122\222\236\076\350\305\167\241\074\340
+\112\163\153\141\317\206\334\103\377\377\041\376\043\135\044\112
+\365\323\155\017\142\004\005\127\202\332\156\244\063\045\171\113
+\056\124\031\213\314\054\075\060\351\321\006\377\350\062\106\276
+\265\063\166\167\250\001\135\226\301\301\325\276\256\045\300\311
+\036\012\011\040\210\241\016\311\363\157\115\202\124\000\040\247
+\322\217\344\071\124\027\056\215\036\270\033\273\033\275\232\116
+\073\020\064\334\234\210\123\357\242\061\133\130\117\221\142\310
+\302\232\232\315\025\135\070\251\326\276\370\023\265\237\022\151
+\362\120\142\254\373\027\067\364\356\270\165\147\140\020\373\203
+\120\371\104\265\165\234\100\027\262\376\375\171\135\156\130\130
+\137\060\374\000\256\257\063\301\016\116\154\272\247\246\241\177
+\062\333\070\340\261\162\027\012\053\221\354\152\143\046\355\211
+\324\170\314\164\036\005\370\153\376\214\152\166\071\051\256\145
+\043\022\225\010\042\034\227\316\133\006\356\014\342\273\274\037
+\104\223\366\330\070\105\005\041\355\344\255\253\022\266\003\244
+\102\056\055\304\011\072\003\147\151\204\232\341\131\220\212\050
+\205\325\135\164\261\321\016\040\130\233\023\245\260\143\246\355
+\173\107\375\105\125\060\244\356\232\324\346\342\207\357\230\311
+\062\202\021\051\042\274\000\012\061\136\055\017\300\216\351\153
+\262\217\056\006\330\321\221\307\306\022\364\114\375\060\027\303
+\301\332\070\133\343\251\352\346\241\272\171\357\163\330\266\123
+\127\055\366\320\341\327\110
+END
+
+# Trust for "StartCom Certification Authority G2"
+# Issuer: CN=StartCom Certification Authority G2,O=StartCom Ltd.,C=IL
+# Serial Number: 59 (0x3b)
+# Subject: CN=StartCom Certification Authority G2,O=StartCom Ltd.,C=IL
+# Not Valid Before: Fri Jan 01 01:00:01 2010
+# Not Valid After : Sat Dec 31 23:59:01 2039
+# Fingerprint (MD5): 78:4B:FB:9E:64:82:0A:D3:B8:4C:62:F3:64:F2:90:64
+# Fingerprint (SHA1): 31:F1:FD:68:22:63:20:EE:C6:3B:3F:9D:EA:4A:3E:53:7C:7C:39:17
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "StartCom Certification Authority G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\061\361\375\150\042\143\040\356\306\073\077\235\352\112\076\123
+\174\174\071\027
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\170\113\373\236\144\202\012\323\270\114\142\363\144\362\220\144
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\123\061\013\060\011\006\003\125\004\006\023\002\111\114\061
+\026\060\024\006\003\125\004\012\023\015\123\164\141\162\164\103
+\157\155\040\114\164\144\056\061\054\060\052\006\003\125\004\003
+\023\043\123\164\141\162\164\103\157\155\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\073
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Buypass Class 2 Root CA"
+#
+# Issuer: CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO
+# Serial Number: 2 (0x2)
+# Subject: CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO
+# Not Valid Before: Tue Oct 26 08:38:03 2010
+# Not Valid After : Fri Oct 26 08:38:03 2040
+# Fingerprint (MD5): 46:A7:D2:FE:45:FB:64:5A:A8:59:90:9B:78:44:9B:29
+# Fingerprint (SHA1): 49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Buypass Class 2 Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061
+\035\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163
+\163\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040
+\060\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163
+\040\103\154\141\163\163\040\062\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061
+\035\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163
+\163\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040
+\060\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163
+\040\103\154\141\163\163\040\062\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\002
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\131\060\202\003\101\240\003\002\001\002\002\001\002
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061\035
+\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163\163
+\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040\060
+\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163\040
+\103\154\141\163\163\040\062\040\122\157\157\164\040\103\101\060
+\036\027\015\061\060\061\060\062\066\060\070\063\070\060\063\132
+\027\015\064\060\061\060\062\066\060\070\063\070\060\063\132\060
+\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061\035
+\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163\163
+\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040\060
+\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163\040
+\103\154\141\163\163\040\062\040\122\157\157\164\040\103\101\060
+\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000
+\327\307\136\367\301\007\324\167\373\103\041\364\364\365\151\344
+\356\062\001\333\243\206\037\344\131\015\272\347\165\203\122\353
+\352\034\141\025\110\273\035\007\312\214\256\260\334\226\235\352
+\303\140\222\206\202\050\163\234\126\006\377\113\144\360\014\052
+\067\111\265\345\317\014\174\356\361\112\273\163\060\145\363\325
+\057\203\266\176\343\347\365\236\253\140\371\323\361\235\222\164
+\212\344\034\226\254\133\200\351\265\364\061\207\243\121\374\307
+\176\241\157\216\123\167\324\227\301\125\063\222\076\030\057\165
+\324\255\206\111\313\225\257\124\006\154\330\006\023\215\133\377
+\341\046\031\131\300\044\272\201\161\171\220\104\120\150\044\224
+\137\270\263\021\361\051\101\141\243\101\313\043\066\325\301\361
+\062\120\020\116\177\364\206\223\354\204\323\216\274\113\277\134
+\001\116\007\075\334\024\212\224\012\244\352\163\373\013\121\350
+\023\007\030\372\016\361\053\321\124\025\175\074\341\367\264\031
+\102\147\142\136\167\340\242\125\354\266\331\151\027\325\072\257
+\104\355\112\305\236\344\172\047\174\345\165\327\252\313\045\347
+\337\153\012\333\017\115\223\116\250\240\315\173\056\362\131\001
+\152\267\015\270\007\201\176\213\070\033\070\346\012\127\231\075
+\356\041\350\243\365\014\026\335\213\354\064\216\234\052\034\000
+\025\027\215\150\203\322\160\237\030\010\315\021\150\325\311\153
+\122\315\304\106\217\334\265\363\330\127\163\036\351\224\071\004
+\277\323\336\070\336\264\123\354\151\034\242\176\304\217\344\033
+\160\255\362\242\371\373\367\026\144\146\151\237\111\121\242\342
+\025\030\147\006\112\177\325\154\265\115\263\063\340\141\353\135
+\276\351\230\017\062\327\035\113\074\056\132\001\122\221\011\362
+\337\352\215\330\006\100\143\252\021\344\376\303\067\236\024\122
+\077\364\342\314\362\141\223\321\375\147\153\327\122\256\277\150
+\253\100\103\240\127\065\123\170\360\123\370\141\102\007\144\306
+\327\157\233\114\070\015\143\254\142\257\066\213\242\163\012\015
+\365\041\275\164\252\115\352\162\003\111\333\307\137\035\142\143
+\307\375\335\221\354\063\356\365\155\264\156\060\150\336\310\326
+\046\260\165\136\173\264\007\040\230\241\166\062\270\115\154\117
+\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
+\016\004\026\004\024\311\200\167\340\142\222\202\365\106\234\363
+\272\367\114\303\336\270\243\255\071\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206\110
+\206\367\015\001\001\013\005\000\003\202\002\001\000\123\137\041
+\365\272\260\072\122\071\054\222\260\154\000\311\357\316\040\357
+\006\362\226\236\351\244\164\177\172\026\374\267\365\266\373\025
+\033\077\253\246\300\162\135\020\261\161\356\274\117\343\255\254
+\003\155\056\161\056\257\304\343\255\243\275\014\021\247\264\377
+\112\262\173\020\020\037\247\127\101\262\300\256\364\054\131\326
+\107\020\210\363\041\121\051\060\312\140\206\257\106\253\035\355
+\072\133\260\224\336\104\343\101\010\242\301\354\035\326\375\117
+\266\326\107\320\024\013\312\346\312\265\173\167\176\101\037\136
+\203\307\266\214\071\226\260\077\226\201\101\157\140\220\342\350
+\371\373\042\161\331\175\263\075\106\277\264\204\257\220\034\017
+\217\022\152\257\357\356\036\172\256\002\112\212\027\053\166\376
+\254\124\211\044\054\117\077\266\262\247\116\214\250\221\227\373
+\051\306\173\134\055\271\313\146\266\267\250\133\022\121\205\265
+\011\176\142\170\160\376\251\152\140\266\035\016\171\014\375\312
+\352\044\200\162\303\227\077\362\167\253\103\042\012\307\353\266
+\014\204\202\054\200\153\101\212\010\300\353\245\153\337\231\022
+\313\212\325\136\200\014\221\340\046\010\066\110\305\372\070\021
+\065\377\045\203\055\362\172\277\332\375\216\376\245\313\105\054
+\037\304\210\123\256\167\016\331\232\166\305\216\054\035\243\272
+\325\354\062\256\300\252\254\367\321\172\115\353\324\007\342\110
+\367\042\216\260\244\237\152\316\216\262\262\140\364\243\042\320
+\043\353\224\132\172\151\335\017\277\100\127\254\153\131\120\331
+\243\231\341\156\376\215\001\171\047\043\025\336\222\235\173\011
+\115\132\347\113\110\060\132\030\346\012\155\346\217\340\322\273
+\346\337\174\156\041\202\301\150\071\115\264\230\130\146\142\314
+\112\220\136\303\372\047\004\261\171\025\164\231\314\276\255\040
+\336\046\140\034\353\126\121\246\243\352\344\243\077\247\377\141
+\334\361\132\115\154\062\043\103\356\254\250\356\356\112\022\011
+\074\135\161\302\276\171\372\302\207\150\035\013\375\134\151\314
+\006\320\232\175\124\231\052\311\071\032\031\257\113\052\103\363
+\143\135\132\130\342\057\343\035\344\251\326\320\012\320\236\277
+\327\201\011\361\311\307\046\015\254\230\026\126\240
+END
+
+# Trust for "Buypass Class 2 Root CA"
+# Issuer: CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO
+# Serial Number: 2 (0x2)
+# Subject: CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO
+# Not Valid Before: Tue Oct 26 08:38:03 2010
+# Not Valid After : Fri Oct 26 08:38:03 2040
+# Fingerprint (MD5): 46:A7:D2:FE:45:FB:64:5A:A8:59:90:9B:78:44:9B:29
+# Fingerprint (SHA1): 49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Buypass Class 2 Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\111\012\165\164\336\207\012\107\376\130\356\366\307\153\353\306
+\013\022\100\231
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\106\247\322\376\105\373\144\132\250\131\220\233\170\104\233\051
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061
+\035\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163
+\163\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040
+\060\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163
+\040\103\154\141\163\163\040\062\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\002
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Buypass Class 3 Root CA"
+#
+# Issuer: CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO
+# Serial Number: 2 (0x2)
+# Subject: CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO
+# Not Valid Before: Tue Oct 26 08:28:58 2010
+# Not Valid After : Fri Oct 26 08:28:58 2040
+# Fingerprint (MD5): 3D:3B:18:9E:2C:64:5A:E8:D5:88:CE:0E:F9:37:C2:EC
+# Fingerprint (SHA1): DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Buypass Class 3 Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061
+\035\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163
+\163\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040
+\060\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163
+\040\103\154\141\163\163\040\063\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061
+\035\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163
+\163\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040
+\060\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163
+\040\103\154\141\163\163\040\063\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\002
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\131\060\202\003\101\240\003\002\001\002\002\001\002
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061\035
+\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163\163
+\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040\060
+\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163\040
+\103\154\141\163\163\040\063\040\122\157\157\164\040\103\101\060
+\036\027\015\061\060\061\060\062\066\060\070\062\070\065\070\132
+\027\015\064\060\061\060\062\066\060\070\062\070\065\070\132\060
+\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061\035
+\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163\163
+\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040\060
+\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163\040
+\103\154\141\163\163\040\063\040\122\157\157\164\040\103\101\060
+\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000
+\245\332\012\225\026\120\343\225\362\136\235\166\061\006\062\172
+\233\361\020\166\270\000\232\265\122\066\315\044\107\260\237\030
+\144\274\232\366\372\325\171\330\220\142\114\042\057\336\070\075
+\326\340\250\351\034\054\333\170\021\351\216\150\121\025\162\307
+\363\063\207\344\240\135\013\134\340\127\007\052\060\365\315\304
+\067\167\050\115\030\221\346\277\325\122\375\161\055\160\076\347
+\306\304\212\343\360\050\013\364\166\230\241\213\207\125\262\072
+\023\374\267\076\047\067\216\042\343\250\117\052\357\140\273\075
+\267\071\303\016\001\107\231\135\022\117\333\103\372\127\241\355
+\371\235\276\021\107\046\133\023\230\253\135\026\212\260\067\034
+\127\235\105\377\210\226\066\277\273\312\007\173\157\207\143\327
+\320\062\152\326\135\154\014\361\263\156\071\342\153\061\056\071
+\000\047\024\336\070\300\354\031\146\206\022\350\235\162\026\023
+\144\122\307\251\067\034\375\202\060\355\204\030\035\364\256\134
+\377\160\023\000\353\261\365\063\172\113\326\125\370\005\215\113
+\151\260\365\263\050\066\134\024\304\121\163\115\153\013\361\064
+\007\333\027\071\327\334\050\173\153\365\237\363\056\301\117\027
+\052\020\363\314\312\350\353\375\153\253\056\232\237\055\202\156
+\004\324\122\001\223\055\075\206\374\176\374\337\357\102\035\246
+\153\357\271\040\306\367\275\240\247\225\375\247\346\211\044\330
+\314\214\064\154\342\043\057\331\022\032\041\271\125\221\157\013
+\221\171\031\014\255\100\210\013\160\342\172\322\016\330\150\110
+\273\202\023\071\020\130\351\330\052\007\306\022\333\130\333\322
+\073\125\020\107\005\025\147\142\176\030\143\246\106\077\011\016
+\124\062\136\277\015\142\172\047\357\200\350\333\331\113\006\132
+\067\132\045\320\010\022\167\324\157\011\120\227\075\310\035\303
+\337\214\105\060\126\306\323\144\253\146\363\300\136\226\234\303
+\304\357\303\174\153\213\072\171\177\263\111\317\075\342\211\237
+\240\060\113\205\271\234\224\044\171\217\175\153\251\105\150\017
+\053\320\361\332\034\313\151\270\312\111\142\155\310\320\143\142
+\335\140\017\130\252\217\241\274\005\245\146\242\317\033\166\262
+\204\144\261\114\071\122\300\060\272\360\214\113\002\260\266\267
+\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
+\016\004\026\004\024\107\270\315\377\345\157\356\370\262\354\057
+\116\016\371\045\260\216\074\153\303\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206\110
+\206\367\015\001\001\013\005\000\003\202\002\001\000\000\040\043
+\101\065\004\220\302\100\142\140\357\342\065\114\327\077\254\342
+\064\220\270\241\157\166\372\026\026\244\110\067\054\351\220\302
+\362\074\370\012\237\330\201\345\273\133\332\045\054\244\247\125
+\161\044\062\366\310\013\362\274\152\370\223\254\262\007\302\137
+\237\333\314\310\212\252\276\152\157\341\111\020\314\061\327\200
+\273\273\310\330\242\016\144\127\352\242\365\302\251\061\025\322
+\040\152\354\374\042\001\050\317\206\270\200\036\251\314\021\245
+\074\362\026\263\107\235\374\322\200\041\304\313\320\107\160\101
+\241\312\203\031\010\054\155\362\135\167\234\212\024\023\324\066
+\034\222\360\345\006\067\334\246\346\220\233\070\217\134\153\033
+\106\206\103\102\137\076\001\007\123\124\135\145\175\367\212\163
+\241\232\124\132\037\051\103\024\047\302\205\017\265\210\173\032
+\073\224\267\035\140\247\265\234\347\051\151\127\132\233\223\172
+\103\060\033\003\327\142\310\100\246\252\374\144\344\112\327\221
+\123\001\250\040\210\156\234\137\104\271\313\140\201\064\354\157
+\323\175\332\110\137\353\264\220\274\055\251\034\013\254\034\325
+\242\150\040\200\004\326\374\261\217\057\273\112\061\015\112\206
+\034\353\342\066\051\046\365\332\330\304\362\165\141\317\176\256
+\166\143\112\172\100\145\223\207\370\036\200\214\206\345\206\326
+\217\016\374\123\054\140\350\026\141\032\242\076\103\173\315\071
+\140\124\152\365\362\211\046\001\150\203\110\242\063\350\311\004
+\221\262\021\064\021\076\352\320\103\031\037\003\223\220\014\377
+\121\075\127\364\101\156\341\313\240\276\353\311\143\315\155\314
+\344\370\066\252\150\235\355\275\135\227\160\104\015\266\016\065
+\334\341\014\135\273\240\121\224\313\176\026\353\021\057\243\222
+\105\310\114\161\331\274\311\231\122\127\106\057\120\317\275\065
+\151\364\075\025\316\006\245\054\017\076\366\201\272\224\273\303
+\273\277\145\170\322\206\171\377\111\073\032\203\014\360\336\170
+\354\310\362\115\114\032\336\202\051\370\301\132\332\355\356\346
+\047\136\350\105\320\235\034\121\250\150\253\104\343\320\213\152
+\343\370\073\273\334\115\327\144\362\121\276\346\252\253\132\351
+\061\356\006\274\163\277\023\142\012\237\307\271\227
+END
+
+# Trust for "Buypass Class 3 Root CA"
+# Issuer: CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO
+# Serial Number: 2 (0x2)
+# Subject: CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO
+# Not Valid Before: Tue Oct 26 08:28:58 2010
+# Not Valid After : Fri Oct 26 08:28:58 2040
+# Fingerprint (MD5): 3D:3B:18:9E:2C:64:5A:E8:D5:88:CE:0E:F9:37:C2:EC
+# Fingerprint (SHA1): DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Buypass Class 3 Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\332\372\367\372\146\204\354\006\217\024\120\275\307\302\201\245
+\274\251\144\127
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\075\073\030\236\054\144\132\350\325\210\316\016\371\067\302\354
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\116\061\013\060\011\006\003\125\004\006\023\002\116\117\061
+\035\060\033\006\003\125\004\012\014\024\102\165\171\160\141\163
+\163\040\101\123\055\071\070\063\061\066\063\063\062\067\061\040
+\060\036\006\003\125\004\003\014\027\102\165\171\160\141\163\163
+\040\103\154\141\163\163\040\063\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\002
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "T-TeleSec GlobalRoot Class 3"
+#
+# Issuer: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Serial Number: 1 (0x1)
+# Subject: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Not Valid Before: Wed Oct 01 10:29:56 2008
+# Not Valid After : Sat Oct 01 23:59:59 2033
+# Fingerprint (MD5): CA:FB:40:A8:4E:39:92:8A:1D:FE:8E:2F:C4:27:EA:EF
+# Fingerprint (SHA1): 55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "T-TeleSec GlobalRoot Class 3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163
+\164\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040
+\123\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060
+\035\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155
+\163\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045
+\060\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123
+\145\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154
+\141\163\163\040\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163
+\164\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040
+\123\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060
+\035\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155
+\163\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045
+\060\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123
+\145\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154
+\141\163\163\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\303\060\202\002\253\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163\164
+\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040\123
+\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060\035
+\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155\163
+\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045\060
+\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123\145
+\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154\141
+\163\163\040\063\060\036\027\015\060\070\061\060\060\061\061\060
+\062\071\065\066\132\027\015\063\063\061\060\060\061\062\063\065
+\071\065\071\132\060\201\202\061\013\060\011\006\003\125\004\006
+\023\002\104\105\061\053\060\051\006\003\125\004\012\014\042\124
+\055\123\171\163\164\145\155\163\040\105\156\164\145\162\160\162
+\151\163\145\040\123\145\162\166\151\143\145\163\040\107\155\142
+\110\061\037\060\035\006\003\125\004\013\014\026\124\055\123\171
+\163\164\145\155\163\040\124\162\165\163\164\040\103\145\156\164
+\145\162\061\045\060\043\006\003\125\004\003\014\034\124\055\124
+\145\154\145\123\145\143\040\107\154\157\142\141\154\122\157\157
+\164\040\103\154\141\163\163\040\063\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\275\165\223\360\142\042
+\157\044\256\340\172\166\254\175\275\331\044\325\270\267\374\315
+\360\102\340\353\170\210\126\136\233\232\124\035\115\014\212\366
+\323\317\160\364\122\265\330\223\004\343\106\206\161\101\112\053
+\360\052\054\125\003\326\110\303\340\071\070\355\362\134\074\077
+\104\274\223\075\141\253\116\315\015\276\360\040\047\130\016\104
+\177\004\032\207\245\327\226\024\066\220\320\111\173\241\165\373
+\032\153\163\261\370\316\251\011\054\362\123\325\303\024\104\270
+\206\245\366\213\053\071\332\243\063\124\331\372\162\032\367\042
+\025\034\210\221\153\177\146\345\303\152\200\260\044\363\337\206
+\105\210\375\031\177\165\207\037\037\261\033\012\163\044\133\271
+\145\340\054\124\310\140\323\146\027\077\341\314\124\063\163\221
+\002\072\246\177\173\166\071\242\037\226\266\070\256\265\310\223
+\164\035\236\271\264\345\140\235\057\126\321\340\353\136\133\114
+\022\160\014\154\104\040\253\021\330\364\031\366\322\234\122\067
+\347\372\266\302\061\073\112\324\024\231\255\307\032\365\135\137
+\372\007\270\174\015\037\326\203\036\263\002\003\001\000\001\243
+\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\265
+\003\367\166\073\141\202\152\022\252\030\123\353\003\041\224\277
+\376\316\312\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\126\075\357\224\325\275\332\163\262
+\130\276\256\220\255\230\047\227\376\001\261\260\122\000\270\115
+\344\033\041\164\033\176\300\356\136\151\052\045\257\134\326\035
+\332\322\171\311\363\227\051\340\206\207\336\004\131\017\361\131
+\324\144\205\113\231\257\045\004\036\311\106\251\227\336\202\262
+\033\160\237\234\366\257\161\061\335\173\005\245\054\323\271\312
+\107\366\312\362\366\347\255\271\110\077\274\026\267\301\155\364
+\352\011\257\354\363\265\347\005\236\246\036\212\123\121\326\223
+\201\314\164\223\366\271\332\246\045\005\164\171\132\176\100\076
+\202\113\046\021\060\156\341\077\101\307\107\000\065\325\365\323
+\367\124\076\201\075\332\111\152\232\263\357\020\075\346\353\157
+\321\310\042\107\313\314\317\001\061\222\331\030\343\042\276\011
+\036\032\076\132\262\344\153\014\124\172\175\103\116\270\211\245
+\173\327\242\075\226\206\314\362\046\064\055\152\222\235\232\032
+\320\060\342\135\116\004\260\137\213\040\176\167\301\075\225\202
+\321\106\232\073\074\170\270\157\241\320\015\144\242\170\036\051
+\116\223\303\244\124\024\133
+END
+
+# Trust for "T-TeleSec GlobalRoot Class 3"
+# Issuer: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Serial Number: 1 (0x1)
+# Subject: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Not Valid Before: Wed Oct 01 10:29:56 2008
+# Not Valid After : Sat Oct 01 23:59:59 2033
+# Fingerprint (MD5): CA:FB:40:A8:4E:39:92:8A:1D:FE:8E:2F:C4:27:EA:EF
+# Fingerprint (SHA1): 55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "T-TeleSec GlobalRoot Class 3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\125\246\162\076\313\362\354\315\303\043\164\160\031\235\052\276
+\021\343\201\321
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\312\373\100\250\116\071\222\212\035\376\216\057\304\047\352\357
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163
+\164\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040
+\123\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060
+\035\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155
+\163\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045
+\060\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123
+\145\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154
+\141\163\163\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "EE Certification Centre Root CA"
+#
+# Issuer: E=pki@sk.ee,CN=EE Certification Centre Root CA,O=AS Sertifitseerimiskeskus,C=EE
+# Serial Number:54:80:f9:a0:73:ed:3f:00:4c:ca:89:d8:e3:71:e6:4a
+# Subject: E=pki@sk.ee,CN=EE Certification Centre Root CA,O=AS Sertifitseerimiskeskus,C=EE
+# Not Valid Before: Sat Oct 30 10:10:30 2010
+# Not Valid After : Tue Dec 17 23:59:59 2030
+# Fingerprint (MD5): 43:5E:88:D4:7D:1A:4A:7E:FD:84:2E:52:EB:01:D4:6F
+# Fingerprint (SHA1): C9:A8:B9:E7:55:80:5E:58:E3:53:77:A7:25:EB:AF:C3:7B:27:CC:D7
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "EE Certification Centre Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\105\105\061
+\042\060\040\006\003\125\004\012\014\031\101\123\040\123\145\162
+\164\151\146\151\164\163\145\145\162\151\155\151\163\153\145\163
+\153\165\163\061\050\060\046\006\003\125\004\003\014\037\105\105
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\103
+\145\156\164\162\145\040\122\157\157\164\040\103\101\061\030\060
+\026\006\011\052\206\110\206\367\015\001\011\001\026\011\160\153
+\151\100\163\153\056\145\145
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\105\105\061
+\042\060\040\006\003\125\004\012\014\031\101\123\040\123\145\162
+\164\151\146\151\164\163\145\145\162\151\155\151\163\153\145\163
+\153\165\163\061\050\060\046\006\003\125\004\003\014\037\105\105
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\103
+\145\156\164\162\145\040\122\157\157\164\040\103\101\061\030\060
+\026\006\011\052\206\110\206\367\015\001\011\001\026\011\160\153
+\151\100\163\153\056\145\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\124\200\371\240\163\355\077\000\114\312\211\330\343\161
+\346\112
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\003\060\202\002\353\240\003\002\001\002\002\020\124
+\200\371\240\163\355\077\000\114\312\211\330\343\161\346\112\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\165
+\061\013\060\011\006\003\125\004\006\023\002\105\105\061\042\060
+\040\006\003\125\004\012\014\031\101\123\040\123\145\162\164\151
+\146\151\164\163\145\145\162\151\155\151\163\153\145\163\153\165
+\163\061\050\060\046\006\003\125\004\003\014\037\105\105\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\103\145\156
+\164\162\145\040\122\157\157\164\040\103\101\061\030\060\026\006
+\011\052\206\110\206\367\015\001\011\001\026\011\160\153\151\100
+\163\153\056\145\145\060\042\030\017\062\060\061\060\061\060\063
+\060\061\060\061\060\063\060\132\030\017\062\060\063\060\061\062
+\061\067\062\063\065\071\065\071\132\060\165\061\013\060\011\006
+\003\125\004\006\023\002\105\105\061\042\060\040\006\003\125\004
+\012\014\031\101\123\040\123\145\162\164\151\146\151\164\163\145
+\145\162\151\155\151\163\153\145\163\153\165\163\061\050\060\046
+\006\003\125\004\003\014\037\105\105\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\103\145\156\164\162\145\040\122
+\157\157\164\040\103\101\061\030\060\026\006\011\052\206\110\206
+\367\015\001\011\001\026\011\160\153\151\100\163\153\056\145\145
+\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
+\000\310\040\300\354\340\305\113\253\007\170\225\363\104\356\373
+\013\014\377\164\216\141\273\261\142\352\043\330\253\241\145\062
+\172\353\216\027\117\226\330\012\173\221\242\143\154\307\214\114
+\056\171\277\251\005\374\151\134\225\215\142\371\271\160\355\303
+\121\175\320\223\346\154\353\060\113\341\274\175\277\122\233\316
+\156\173\145\362\070\261\300\242\062\357\142\262\150\340\141\123
+\301\066\225\377\354\224\272\066\256\234\034\247\062\017\345\174
+\264\306\157\164\375\173\030\350\254\127\355\006\040\113\062\060
+\130\133\375\315\250\346\241\374\160\274\216\222\163\333\227\247
+\174\041\256\075\301\365\110\207\154\047\275\237\045\164\201\125
+\260\367\165\366\075\244\144\153\326\117\347\316\100\255\017\335
+\062\323\274\212\022\123\230\311\211\373\020\035\115\176\315\176
+\037\126\015\041\160\205\366\040\203\037\366\272\037\004\217\352
+\167\210\065\304\377\352\116\241\213\115\077\143\033\104\303\104
+\324\045\166\312\267\215\327\036\112\146\144\315\134\305\234\203
+\341\302\010\210\232\354\116\243\361\076\034\054\331\154\035\241
+\113\002\003\001\000\001\243\201\212\060\201\207\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\035\006
+\003\125\035\016\004\026\004\024\022\362\132\076\352\126\034\277
+\315\006\254\361\361\045\311\251\113\324\024\231\060\105\006\003
+\125\035\045\004\076\060\074\006\010\053\006\001\005\005\007\003
+\002\006\010\053\006\001\005\005\007\003\001\006\010\053\006\001
+\005\005\007\003\003\006\010\053\006\001\005\005\007\003\004\006
+\010\053\006\001\005\005\007\003\010\006\010\053\006\001\005\005
+\007\003\011\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\003\202\001\001\000\173\366\344\300\015\252\031\107\267
+\115\127\243\376\255\273\261\152\325\017\236\333\344\143\305\216
+\241\120\126\223\226\270\070\300\044\042\146\274\123\024\141\225
+\277\320\307\052\226\071\077\175\050\263\020\100\041\152\304\257
+\260\122\167\030\341\226\330\126\135\343\335\066\136\035\247\120
+\124\240\305\052\344\252\214\224\212\117\235\065\377\166\244\006
+\023\221\242\242\175\000\104\077\125\323\202\074\032\325\133\274
+\126\114\042\056\106\103\212\044\100\055\363\022\270\073\160\032
+\244\226\271\032\257\207\101\032\152\030\015\006\117\307\076\156
+\271\051\115\015\111\211\021\207\062\133\346\113\004\310\344\134
+\346\164\163\224\135\026\230\023\225\376\373\333\261\104\345\072
+\160\254\067\153\346\263\063\162\050\311\263\127\240\366\002\026
+\210\006\013\266\246\113\040\050\324\336\075\213\255\067\005\123
+\164\376\156\314\274\103\027\161\136\371\305\314\032\251\141\356
+\367\166\014\363\162\364\162\255\317\162\002\066\007\107\317\357
+\031\120\211\140\314\351\044\225\017\302\313\035\362\157\166\220
+\307\314\165\301\226\305\235
+END
+
+# Trust for "EE Certification Centre Root CA"
+# Issuer: E=pki@sk.ee,CN=EE Certification Centre Root CA,O=AS Sertifitseerimiskeskus,C=EE
+# Serial Number:54:80:f9:a0:73:ed:3f:00:4c:ca:89:d8:e3:71:e6:4a
+# Subject: E=pki@sk.ee,CN=EE Certification Centre Root CA,O=AS Sertifitseerimiskeskus,C=EE
+# Not Valid Before: Sat Oct 30 10:10:30 2010
+# Not Valid After : Tue Dec 17 23:59:59 2030
+# Fingerprint (MD5): 43:5E:88:D4:7D:1A:4A:7E:FD:84:2E:52:EB:01:D4:6F
+# Fingerprint (SHA1): C9:A8:B9:E7:55:80:5E:58:E3:53:77:A7:25:EB:AF:C3:7B:27:CC:D7
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "EE Certification Centre Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\311\250\271\347\125\200\136\130\343\123\167\247\045\353\257\303
+\173\047\314\327
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\103\136\210\324\175\032\112\176\375\204\056\122\353\001\324\157
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\105\105\061
+\042\060\040\006\003\125\004\012\014\031\101\123\040\123\145\162
+\164\151\146\151\164\163\145\145\162\151\155\151\163\153\145\163
+\153\165\163\061\050\060\046\006\003\125\004\003\014\037\105\105
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\103
+\145\156\164\162\145\040\122\157\157\164\040\103\101\061\030\060
+\026\006\011\052\206\110\206\367\015\001\011\001\026\011\160\153
+\151\100\163\153\056\145\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\124\200\371\240\163\355\077\000\114\312\211\330\343\161
+\346\112
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 1", Bug 825022
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
+# Serial Number: 2087 (0x827)
+# Subject: CN=*.EGO.GOV.TR,OU=EGO BILGI ISLEM,O=EGO,L=ANKARA,ST=ANKARA,C=TR
+# Not Valid Before: Mon Aug 08 07:07:51 2011
+# Not Valid After : Tue Jul 06 07:07:51 2021
+# Fingerprint (MD5): F8:F5:25:FF:0C:31:CF:85:E1:0C:86:17:C1:CE:1F:8E
+# Fingerprint (SHA1): C6:9F:28:C8:25:13:9E:65:A6:46:C4:34:AC:A5:A1:D2:00:29:5D:B1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 1"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\010\047
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 2", Bug 825022
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
+# Serial Number: 2148 (0x864)
+# Subject: E=ileti@kktcmerkezbankasi.org,CN=e-islem.kktcmerkezbankasi.org,O=KKTC Merkez Bankasi,L=Lefkosa,ST=Lefkosa,C=TR
+# Not Valid Before: Mon Aug 08 07:07:51 2011
+# Not Valid After : Thu Aug 05 07:07:51 2021
+# Fingerprint (MD5): BF:C3:EC:AD:0F:42:4F:B4:B5:38:DB:35:BF:AD:84:A2
+# Fingerprint (SHA1): F9:2B:E5:26:6C:C0:5D:B2:DC:0D:C3:F2:DC:74:E0:2D:EF:D9:49:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 2"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\010\144
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TURKTRUST Certificate Services Provider Root 2007"
+#
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
+# Serial Number: 1 (0x1)
+# Subject: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
+# Not Valid Before: Tue Dec 25 18:37:19 2007
+# Not Valid After : Fri Dec 22 18:37:19 2017
+# Fingerprint (MD5): 2B:70:20:56:86:82:A0:18:C8:07:53:12:28:70:21:72
+# Fingerprint (SHA1): F1:7F:6F:B6:31:DC:99:E3:A3:C8:7F:FE:1C:F1:81:10:88:D9:60:33
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Certificate Services Provider Root 2007"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151
+\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304
+\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124
+\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141
+\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234
+\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260
+\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151
+\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151
+\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236
+\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060
+\060\067
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151
+\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304
+\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124
+\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141
+\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234
+\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260
+\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151
+\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151
+\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236
+\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060
+\060\067
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\075\060\202\003\045\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303\234
+\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157\156
+\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172
+\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261
+\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234\122
+\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
+\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
+\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
+\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
+\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060\060
+\067\060\036\027\015\060\067\061\062\062\065\061\070\063\067\061
+\071\132\027\015\061\067\061\062\062\062\061\070\063\067\061\071
+\132\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124
+\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162
+\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110
+\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143
+\304\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002
+\124\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153
+\141\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303
+\234\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304
+\260\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154
+\151\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237
+\151\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305
+\236\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062
+\060\060\067\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\253\267\076\012\214\310\245\130\025\346\212\357
+\047\075\112\264\350\045\323\315\063\302\040\334\031\356\210\077
+\115\142\360\335\023\167\217\141\251\052\265\324\362\271\061\130
+\051\073\057\077\152\234\157\163\166\045\356\064\040\200\356\352
+\267\360\304\012\315\053\206\224\311\343\140\261\104\122\262\132
+\051\264\221\227\203\330\267\246\024\057\051\111\242\363\005\006
+\373\264\117\332\241\154\232\146\237\360\103\011\312\352\162\217
+\353\000\327\065\071\327\126\027\107\027\060\364\276\277\077\302
+\150\257\066\100\301\251\364\251\247\350\020\153\010\212\367\206
+\036\334\232\052\025\006\366\243\360\364\340\307\024\324\121\177
+\317\264\333\155\257\107\226\027\233\167\161\330\247\161\235\044
+\014\366\224\077\205\061\022\117\272\356\116\202\270\271\076\217
+\043\067\136\314\242\252\165\367\030\157\011\323\256\247\124\050
+\064\373\341\340\073\140\175\240\276\171\211\206\310\237\055\371
+\012\113\304\120\242\347\375\171\026\307\172\013\030\317\316\114
+\357\175\326\007\157\230\361\257\261\301\172\327\201\065\270\252
+\027\264\340\313\002\003\001\000\001\243\102\060\100\060\035\006
+\003\125\035\016\004\026\004\024\051\305\220\253\045\257\021\344
+\141\277\243\377\210\141\221\346\016\376\234\201\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006
+\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
+\000\020\015\332\370\072\354\050\321\024\225\202\261\022\054\121
+\172\101\045\066\114\237\354\077\037\204\235\145\124\134\250\026
+\002\100\372\156\032\067\204\357\162\235\206\012\125\235\126\050
+\254\146\054\320\072\126\223\064\007\045\255\010\260\217\310\017
+\011\131\312\235\230\034\345\124\370\271\105\177\152\227\157\210
+\150\115\112\006\046\067\210\002\016\266\306\326\162\231\316\153
+\167\332\142\061\244\126\037\256\137\215\167\332\135\366\210\374
+\032\331\236\265\201\360\062\270\343\210\320\234\363\152\240\271
+\233\024\131\065\066\117\317\363\216\136\135\027\255\025\225\330
+\335\262\325\025\156\000\116\263\113\317\146\224\344\340\315\265
+\005\332\143\127\213\345\263\252\333\300\056\034\220\104\333\032
+\135\030\244\356\276\004\133\231\325\161\137\125\145\144\142\325
+\242\233\004\131\206\310\142\167\347\174\202\105\152\075\027\277
+\354\235\165\014\256\243\157\132\323\057\230\066\364\360\365\031
+\253\021\135\310\246\343\052\130\152\102\011\303\275\222\046\146
+\062\015\135\010\125\164\377\214\230\320\012\246\204\152\321\071
+\175
+END
+
+# Trust for "TURKTRUST Certificate Services Provider Root 2007"
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
+# Serial Number: 1 (0x1)
+# Subject: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
+# Not Valid Before: Tue Dec 25 18:37:19 2007
+# Not Valid After : Fri Dec 22 18:37:19 2017
+# Fingerprint (MD5): 2B:70:20:56:86:82:A0:18:C8:07:53:12:28:70:21:72
+# Fingerprint (SHA1): F1:7F:6F:B6:31:DC:99:E3:A3:C8:7F:FE:1C:F1:81:10:88:D9:60:33
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Certificate Services Provider Root 2007"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\361\177\157\266\061\334\231\343\243\310\177\376\034\361\201\020
+\210\331\140\063
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\053\160\040\126\206\202\240\030\310\007\123\022\050\160\041\162
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151
+\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304
+\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124
+\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141
+\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234
+\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260
+\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151
+\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151
+\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236
+\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060
+\060\067
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "D-TRUST Root Class 3 CA 2 2009"
+#
+# Issuer: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
+# Serial Number: 623603 (0x983f3)
+# Subject: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
+# Not Valid Before: Thu Nov 05 08:35:58 2009
+# Not Valid After : Mon Nov 05 08:35:58 2029
+# Fingerprint (MD5): CD:E0:25:69:8D:47:AC:9C:89:35:90:F7:FD:51:3D:2F
+# Fingerprint (SHA1): 58:E8:AB:B0:36:15:33:FB:80:F7:9B:1B:6D:29:D3:FF:8D:5F:00:F0
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root Class 3 CA 2 2009"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\115\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\047\060\045\006\003\125\004\003\014
+\036\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\062\060\060\071
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\115\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\047\060\045\006\003\125\004\003\014
+\036\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\062\060\060\071
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\011\203\363
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\063\060\202\003\033\240\003\002\001\002\002\003\011
+\203\363\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\115\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165
+\163\164\040\107\155\142\110\061\047\060\045\006\003\125\004\003
+\014\036\104\055\124\122\125\123\124\040\122\157\157\164\040\103
+\154\141\163\163\040\063\040\103\101\040\062\040\062\060\060\071
+\060\036\027\015\060\071\061\061\060\065\060\070\063\065\065\070
+\132\027\015\062\071\061\061\060\065\060\070\063\065\065\070\132
+\060\115\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\047\060\045\006\003\125\004\003\014
+\036\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\062\060\060\071\060
+\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
+\323\262\112\317\172\107\357\165\233\043\372\072\057\326\120\105
+\211\065\072\306\153\333\376\333\000\150\250\340\003\021\035\067
+\120\010\237\115\112\150\224\065\263\123\321\224\143\247\040\126
+\257\336\121\170\354\052\075\363\110\110\120\076\012\337\106\125
+\213\047\155\303\020\115\015\221\122\103\330\207\340\135\116\066
+\265\041\312\137\071\100\004\137\133\176\314\243\306\053\251\100
+\036\331\066\204\326\110\363\222\036\064\106\040\044\301\244\121
+\216\112\032\357\120\077\151\135\031\177\105\303\307\001\217\121
+\311\043\350\162\256\264\274\126\011\177\022\313\034\261\257\051
+\220\012\311\125\314\017\323\264\032\355\107\065\132\112\355\234
+\163\004\041\320\252\275\014\023\265\000\312\046\154\304\153\014
+\224\132\225\224\332\120\232\361\377\245\053\146\061\244\311\070
+\240\337\035\037\270\011\056\363\247\350\147\122\253\225\037\340
+\106\076\330\244\303\312\132\305\061\200\350\110\232\237\224\151
+\376\031\335\330\163\174\201\312\226\336\216\355\263\062\005\145
+\204\064\346\346\375\127\020\265\137\166\277\057\260\020\015\305
+\002\003\001\000\001\243\202\001\032\060\202\001\026\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
+\006\003\125\035\016\004\026\004\024\375\332\024\304\237\060\336
+\041\275\036\102\071\374\253\143\043\111\340\361\204\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\323
+\006\003\125\035\037\004\201\313\060\201\310\060\201\200\240\176
+\240\174\206\172\154\144\141\160\072\057\057\144\151\162\145\143
+\164\157\162\171\056\144\055\164\162\165\163\164\056\156\145\164
+\057\103\116\075\104\055\124\122\125\123\124\045\062\060\122\157
+\157\164\045\062\060\103\154\141\163\163\045\062\060\063\045\062
+\060\103\101\045\062\060\062\045\062\060\062\060\060\071\054\117
+\075\104\055\124\162\165\163\164\045\062\060\107\155\142\110\054
+\103\075\104\105\077\143\145\162\164\151\146\151\143\141\164\145
+\162\145\166\157\143\141\164\151\157\156\154\151\163\164\060\103
+\240\101\240\077\206\075\150\164\164\160\072\057\057\167\167\167
+\056\144\055\164\162\165\163\164\056\156\145\164\057\143\162\154
+\057\144\055\164\162\165\163\164\137\162\157\157\164\137\143\154
+\141\163\163\137\063\137\143\141\137\062\137\062\060\060\071\056
+\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\177\227\333\060\310\337\244\234\175
+\041\172\200\160\316\024\022\151\210\024\225\140\104\001\254\262
+\351\060\117\233\120\302\146\330\176\215\060\265\160\061\351\342
+\151\307\363\160\333\040\025\206\320\015\360\276\254\001\165\204
+\316\176\237\115\277\267\140\073\234\363\312\035\342\136\150\330
+\243\235\227\345\100\140\322\066\041\376\320\264\270\027\332\164
+\243\177\324\337\260\230\002\254\157\153\153\054\045\044\162\241
+\145\356\045\132\345\346\062\347\362\337\253\111\372\363\220\151
+\043\333\004\331\347\134\130\374\145\324\227\276\314\374\056\012
+\314\045\052\065\004\370\140\221\025\165\075\101\377\043\037\031
+\310\154\353\202\123\004\246\344\114\042\115\215\214\272\316\133
+\163\354\144\124\120\155\321\234\125\373\151\303\066\303\214\274
+\074\205\246\153\012\046\015\340\223\230\140\256\176\306\044\227
+\212\141\137\221\216\146\222\011\207\066\315\213\233\055\076\366
+\121\324\120\324\131\050\275\203\362\314\050\173\123\206\155\330
+\046\210\160\327\352\221\315\076\271\312\300\220\156\132\306\136
+\164\145\327\134\376\243\342
+END
+
+# Trust for "D-TRUST Root Class 3 CA 2 2009"
+# Issuer: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
+# Serial Number: 623603 (0x983f3)
+# Subject: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
+# Not Valid Before: Thu Nov 05 08:35:58 2009
+# Not Valid After : Mon Nov 05 08:35:58 2029
+# Fingerprint (MD5): CD:E0:25:69:8D:47:AC:9C:89:35:90:F7:FD:51:3D:2F
+# Fingerprint (SHA1): 58:E8:AB:B0:36:15:33:FB:80:F7:9B:1B:6D:29:D3:FF:8D:5F:00:F0
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root Class 3 CA 2 2009"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\130\350\253\260\066\025\063\373\200\367\233\033\155\051\323\377
+\215\137\000\360
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\315\340\045\151\215\107\254\234\211\065\220\367\375\121\075\057
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\115\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\047\060\045\006\003\125\004\003\014
+\036\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\062\060\060\071
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\011\203\363
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "D-TRUST Root Class 3 CA 2 EV 2009"
+#
+# Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009,O=D-Trust GmbH,C=DE
+# Serial Number: 623604 (0x983f4)
+# Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009,O=D-Trust GmbH,C=DE
+# Not Valid Before: Thu Nov 05 08:50:46 2009
+# Not Valid After : Mon Nov 05 08:50:46 2029
+# Fingerprint (MD5): AA:C6:43:2C:5E:2D:CD:C4:34:C0:50:4F:11:02:4F:B6
+# Fingerprint (SHA1): 96:C9:1B:0B:95:B4:10:98:42:FA:D0:D8:22:79:FE:60:FA:B9:16:83
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root Class 3 CA 2 EV 2009"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\120\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\052\060\050\006\003\125\004\003\014
+\041\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\105\126\040\062\060
+\060\071
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\052\060\050\006\003\125\004\003\014
+\041\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\105\126\040\062\060
+\060\071
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\011\203\364
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\103\060\202\003\053\240\003\002\001\002\002\003\011
+\203\364\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\120\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165
+\163\164\040\107\155\142\110\061\052\060\050\006\003\125\004\003
+\014\041\104\055\124\122\125\123\124\040\122\157\157\164\040\103
+\154\141\163\163\040\063\040\103\101\040\062\040\105\126\040\062
+\060\060\071\060\036\027\015\060\071\061\061\060\065\060\070\065
+\060\064\066\132\027\015\062\071\061\061\060\065\060\070\065\060
+\064\066\132\060\120\061\013\060\011\006\003\125\004\006\023\002
+\104\105\061\025\060\023\006\003\125\004\012\014\014\104\055\124
+\162\165\163\164\040\107\155\142\110\061\052\060\050\006\003\125
+\004\003\014\041\104\055\124\122\125\123\124\040\122\157\157\164
+\040\103\154\141\163\163\040\063\040\103\101\040\062\040\105\126
+\040\062\060\060\071\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\231\361\204\064\160\272\057\267\060\240
+\216\275\174\004\317\276\142\274\231\375\202\227\322\172\012\147
+\226\070\011\366\020\116\225\042\163\231\215\332\025\055\347\005
+\374\031\163\042\267\216\230\000\274\074\075\254\241\154\373\326
+\171\045\113\255\360\314\144\332\210\076\051\270\017\011\323\064
+\335\063\365\142\321\341\315\031\351\356\030\117\114\130\256\342
+\036\326\014\133\025\132\330\072\270\304\030\144\036\343\063\262
+\265\211\167\116\014\277\331\224\153\023\227\157\022\243\376\231
+\251\004\314\025\354\140\150\066\355\010\173\267\365\277\223\355
+\146\061\203\214\306\161\064\207\116\027\352\257\213\221\215\034
+\126\101\256\042\067\136\067\362\035\331\321\055\015\057\151\121
+\247\276\146\246\212\072\052\275\307\032\261\341\024\360\276\072
+\035\271\317\133\261\152\376\264\261\106\040\242\373\036\073\160
+\357\223\230\175\214\163\226\362\305\357\205\160\255\051\046\374
+\036\004\076\034\240\330\017\313\122\203\142\174\356\213\123\225
+\220\251\127\242\352\141\005\330\371\115\304\047\372\156\255\355
+\371\327\121\367\153\245\002\003\001\000\001\243\202\001\044\060
+\202\001\040\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\323
+\224\212\114\142\023\052\031\056\314\257\162\212\175\066\327\232
+\034\334\147\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\201\335\006\003\125\035\037\004\201\325\060\201
+\322\060\201\207\240\201\204\240\201\201\206\177\154\144\141\160
+\072\057\057\144\151\162\145\143\164\157\162\171\056\144\055\164
+\162\165\163\164\056\156\145\164\057\103\116\075\104\055\124\122
+\125\123\124\045\062\060\122\157\157\164\045\062\060\103\154\141
+\163\163\045\062\060\063\045\062\060\103\101\045\062\060\062\045
+\062\060\105\126\045\062\060\062\060\060\071\054\117\075\104\055
+\124\162\165\163\164\045\062\060\107\155\142\110\054\103\075\104
+\105\077\143\145\162\164\151\146\151\143\141\164\145\162\145\166
+\157\143\141\164\151\157\156\154\151\163\164\060\106\240\104\240
+\102\206\100\150\164\164\160\072\057\057\167\167\167\056\144\055
+\164\162\165\163\164\056\156\145\164\057\143\162\154\057\144\055
+\164\162\165\163\164\137\162\157\157\164\137\143\154\141\163\163
+\137\063\137\143\141\137\062\137\145\166\137\062\060\060\071\056
+\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\064\355\173\132\074\244\224\210\357
+\032\021\165\007\057\263\376\074\372\036\121\046\353\207\366\051
+\336\340\361\324\306\044\011\351\301\317\125\033\264\060\331\316
+\032\376\006\121\246\025\244\055\357\262\113\277\040\050\045\111
+\321\246\066\167\064\350\144\337\122\261\021\307\163\172\315\071
+\236\302\255\214\161\041\362\132\153\257\337\074\116\125\257\262
+\204\145\024\211\271\167\313\052\061\276\317\243\155\317\157\110
+\224\062\106\157\347\161\214\240\246\204\031\067\007\362\003\105
+\011\053\206\165\174\337\137\151\127\000\333\156\330\246\162\042
+\113\120\324\165\230\126\337\267\030\377\103\103\120\256\172\104
+\173\360\171\121\327\103\075\247\323\201\323\360\311\117\271\332
+\306\227\206\320\202\303\344\102\155\376\260\342\144\116\016\046
+\347\100\064\046\265\010\211\327\010\143\143\070\047\165\036\063
+\352\156\250\335\237\231\117\164\115\201\211\200\113\335\232\227
+\051\134\057\276\201\101\271\214\377\352\175\140\006\236\315\327
+\075\323\056\243\025\274\250\346\046\345\157\303\334\270\003\041
+\352\237\026\361\054\124\265
+END
+
+# Trust for "D-TRUST Root Class 3 CA 2 EV 2009"
+# Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009,O=D-Trust GmbH,C=DE
+# Serial Number: 623604 (0x983f4)
+# Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009,O=D-Trust GmbH,C=DE
+# Not Valid Before: Thu Nov 05 08:50:46 2009
+# Not Valid After : Mon Nov 05 08:50:46 2029
+# Fingerprint (MD5): AA:C6:43:2C:5E:2D:CD:C4:34:C0:50:4F:11:02:4F:B6
+# Fingerprint (SHA1): 96:C9:1B:0B:95:B4:10:98:42:FA:D0:D8:22:79:FE:60:FA:B9:16:83
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root Class 3 CA 2 EV 2009"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\226\311\033\013\225\264\020\230\102\372\320\330\042\171\376\140
+\372\271\026\203
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\252\306\103\054\136\055\315\304\064\300\120\117\021\002\117\266
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\052\060\050\006\003\125\004\003\014
+\041\104\055\124\122\125\123\124\040\122\157\157\164\040\103\154
+\141\163\163\040\063\040\103\101\040\062\040\105\126\040\062\060
+\060\071
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\011\203\364
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "PSCProcert"
+#
+# Issuer: E=acraiz@suscerte.gob.ve,OU=Superintendencia de Servicios de Certificacion Electronica,O=Sistema Nacional de Certificacion Electronica,ST=Distrito Capital,L=Caracas,C=VE,CN=Autoridad de Certificacion Raiz del Estado Venezolano
+# Serial Number: 11 (0xb)
+# Subject: CN=PSCProcert,C=VE,O=Sistema Nacional de Certificacion Electronica,OU=Proveedor de Certificados PROCERT,ST=Miranda,L=Chacao,E=contacto@procert.net.ve
+# Not Valid Before: Tue Dec 28 16:51:00 2010
+# Not Valid After : Fri Dec 25 23:59:59 2020
+# Fingerprint (MD5): E6:24:E9:12:01:AE:0C:DE:8E:85:C4:CE:A3:12:DD:EC
+# Fingerprint (SHA1): 70:C1:8D:74:B4:28:81:0A:E4:FD:A5:75:D7:01:9F:99:B0:3D:50:74
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "PSCProcert"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\321\061\046\060\044\006\011\052\206\110\206\367\015\001
+\011\001\026\027\143\157\156\164\141\143\164\157\100\160\162\157
+\143\145\162\164\056\156\145\164\056\166\145\061\017\060\015\006
+\003\125\004\007\023\006\103\150\141\143\141\157\061\020\060\016
+\006\003\125\004\010\023\007\115\151\162\141\156\144\141\061\052
+\060\050\006\003\125\004\013\023\041\120\162\157\166\145\145\144
+\157\162\040\144\145\040\103\145\162\164\151\146\151\143\141\144
+\157\163\040\120\122\117\103\105\122\124\061\066\060\064\006\003
+\125\004\012\023\055\123\151\163\164\145\155\141\040\116\141\143
+\151\157\156\141\154\040\144\145\040\103\145\162\164\151\146\151
+\143\141\143\151\157\156\040\105\154\145\143\164\162\157\156\151
+\143\141\061\013\060\011\006\003\125\004\006\023\002\126\105\061
+\023\060\021\006\003\125\004\003\023\012\120\123\103\120\162\157
+\143\145\162\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\202\001\036\061\076\060\074\006\003\125\004\003\023\065\101
+\165\164\157\162\151\144\141\144\040\144\145\040\103\145\162\164
+\151\146\151\143\141\143\151\157\156\040\122\141\151\172\040\144
+\145\154\040\105\163\164\141\144\157\040\126\145\156\145\172\157
+\154\141\156\157\061\013\060\011\006\003\125\004\006\023\002\126
+\105\061\020\060\016\006\003\125\004\007\023\007\103\141\162\141
+\143\141\163\061\031\060\027\006\003\125\004\010\023\020\104\151
+\163\164\162\151\164\157\040\103\141\160\151\164\141\154\061\066
+\060\064\006\003\125\004\012\023\055\123\151\163\164\145\155\141
+\040\116\141\143\151\157\156\141\154\040\144\145\040\103\145\162
+\164\151\146\151\143\141\143\151\157\156\040\105\154\145\143\164
+\162\157\156\151\143\141\061\103\060\101\006\003\125\004\013\023
+\072\123\165\160\145\162\151\156\164\145\156\144\145\156\143\151
+\141\040\144\145\040\123\145\162\166\151\143\151\157\163\040\144
+\145\040\103\145\162\164\151\146\151\143\141\143\151\157\156\040
+\105\154\145\143\164\162\157\156\151\143\141\061\045\060\043\006
+\011\052\206\110\206\367\015\001\011\001\026\026\141\143\162\141
+\151\172\100\163\165\163\143\145\162\164\145\056\147\157\142\056
+\166\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\013
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\011\206\060\202\007\156\240\003\002\001\002\002\001\013
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\202\001\036\061\076\060\074\006\003\125\004\003\023\065\101\165
+\164\157\162\151\144\141\144\040\144\145\040\103\145\162\164\151
+\146\151\143\141\143\151\157\156\040\122\141\151\172\040\144\145
+\154\040\105\163\164\141\144\157\040\126\145\156\145\172\157\154
+\141\156\157\061\013\060\011\006\003\125\004\006\023\002\126\105
+\061\020\060\016\006\003\125\004\007\023\007\103\141\162\141\143
+\141\163\061\031\060\027\006\003\125\004\010\023\020\104\151\163
+\164\162\151\164\157\040\103\141\160\151\164\141\154\061\066\060
+\064\006\003\125\004\012\023\055\123\151\163\164\145\155\141\040
+\116\141\143\151\157\156\141\154\040\144\145\040\103\145\162\164
+\151\146\151\143\141\143\151\157\156\040\105\154\145\143\164\162
+\157\156\151\143\141\061\103\060\101\006\003\125\004\013\023\072
+\123\165\160\145\162\151\156\164\145\156\144\145\156\143\151\141
+\040\144\145\040\123\145\162\166\151\143\151\157\163\040\144\145
+\040\103\145\162\164\151\146\151\143\141\143\151\157\156\040\105
+\154\145\143\164\162\157\156\151\143\141\061\045\060\043\006\011
+\052\206\110\206\367\015\001\011\001\026\026\141\143\162\141\151
+\172\100\163\165\163\143\145\162\164\145\056\147\157\142\056\166
+\145\060\036\027\015\061\060\061\062\062\070\061\066\065\061\060
+\060\132\027\015\062\060\061\062\062\065\062\063\065\071\065\071
+\132\060\201\321\061\046\060\044\006\011\052\206\110\206\367\015
+\001\011\001\026\027\143\157\156\164\141\143\164\157\100\160\162
+\157\143\145\162\164\056\156\145\164\056\166\145\061\017\060\015
+\006\003\125\004\007\023\006\103\150\141\143\141\157\061\020\060
+\016\006\003\125\004\010\023\007\115\151\162\141\156\144\141\061
+\052\060\050\006\003\125\004\013\023\041\120\162\157\166\145\145
+\144\157\162\040\144\145\040\103\145\162\164\151\146\151\143\141
+\144\157\163\040\120\122\117\103\105\122\124\061\066\060\064\006
+\003\125\004\012\023\055\123\151\163\164\145\155\141\040\116\141
+\143\151\157\156\141\154\040\144\145\040\103\145\162\164\151\146
+\151\143\141\143\151\157\156\040\105\154\145\143\164\162\157\156
+\151\143\141\061\013\060\011\006\003\125\004\006\023\002\126\105
+\061\023\060\021\006\003\125\004\003\023\012\120\123\103\120\162
+\157\143\145\162\164\060\202\002\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002
+\012\002\202\002\001\000\325\267\364\243\224\063\241\106\251\125
+\141\111\015\250\207\163\136\221\055\160\301\006\032\224\332\075
+\354\025\102\301\365\214\256\152\027\361\212\255\374\200\225\352
+\203\104\242\133\172\125\316\117\247\245\325\272\270\037\240\047
+\300\120\123\076\215\271\300\016\270\025\334\326\154\370\236\370
+\004\045\337\200\217\020\205\335\175\057\173\200\335\127\000\144
+\043\370\156\311\276\225\117\341\165\354\340\176\136\225\315\261
+\357\276\172\102\330\311\054\323\353\032\032\042\213\267\177\006
+\211\345\074\365\022\300\273\323\013\231\137\220\174\216\055\057
+\167\063\222\112\041\106\250\251\010\254\361\366\021\002\331\225
+\026\236\215\057\226\346\002\335\165\302\024\052\132\326\311\175
+\045\302\301\374\252\147\205\342\354\276\321\174\074\372\257\325
+\156\377\123\101\324\365\062\070\261\342\137\304\371\216\020\357
+\006\251\002\211\377\343\014\156\227\340\337\235\333\041\320\364
+\076\010\151\154\330\324\344\066\370\203\266\262\066\217\234\357
+\072\067\026\175\277\242\151\327\073\133\162\320\257\252\077\134
+\146\223\254\012\042\141\266\322\240\231\310\124\223\135\250\266
+\321\275\135\012\136\167\224\242\055\300\202\216\274\312\003\052
+\064\256\163\361\324\265\014\275\276\147\233\124\353\341\372\240
+\132\354\070\176\076\301\314\242\307\104\061\165\352\077\345\007
+\322\253\241\045\226\366\346\344\240\135\067\030\071\141\000\063
+\135\106\324\000\304\264\312\074\361\242\243\076\363\072\377\151
+\060\056\100\335\366\237\234\046\311\226\067\255\347\071\242\277
+\352\151\333\125\042\225\123\052\224\265\337\255\026\070\201\165
+\146\343\307\054\033\223\234\252\214\243\312\331\154\074\027\155
+\234\334\174\123\340\040\047\103\066\371\022\341\074\134\275\146
+\277\242\151\043\070\270\231\140\231\016\126\123\072\234\176\024
+\214\260\006\157\361\206\166\220\257\375\257\376\220\306\217\237
+\177\213\222\043\234\347\025\166\217\325\213\224\023\162\151\373
+\053\141\143\210\357\346\244\136\346\243\027\152\130\107\313\161
+\117\024\013\136\310\002\010\046\242\313\351\257\153\212\031\307
+\313\024\126\365\341\332\265\331\374\277\163\070\332\371\347\257
+\156\244\067\342\007\047\002\003\001\000\001\243\202\003\027\060
+\202\003\023\060\022\006\003\125\035\023\001\001\377\004\010\060
+\006\001\001\377\002\001\001\060\067\006\003\125\035\022\004\060
+\060\056\202\017\163\165\163\143\145\162\164\145\056\147\157\142
+\056\166\145\240\033\006\005\140\206\136\002\002\240\022\014\020
+\122\111\106\055\107\055\062\060\060\060\064\060\063\066\055\060
+\060\035\006\003\125\035\016\004\026\004\024\101\017\031\070\252
+\231\177\102\013\244\327\047\230\124\242\027\114\055\121\124\060
+\202\001\120\006\003\125\035\043\004\202\001\107\060\202\001\103
+\200\024\255\273\042\035\306\340\322\001\250\375\166\120\122\223
+\355\230\301\115\256\323\241\202\001\046\244\202\001\042\060\202
+\001\036\061\076\060\074\006\003\125\004\003\023\065\101\165\164
+\157\162\151\144\141\144\040\144\145\040\103\145\162\164\151\146
+\151\143\141\143\151\157\156\040\122\141\151\172\040\144\145\154
+\040\105\163\164\141\144\157\040\126\145\156\145\172\157\154\141
+\156\157\061\013\060\011\006\003\125\004\006\023\002\126\105\061
+\020\060\016\006\003\125\004\007\023\007\103\141\162\141\143\141
+\163\061\031\060\027\006\003\125\004\010\023\020\104\151\163\164
+\162\151\164\157\040\103\141\160\151\164\141\154\061\066\060\064
+\006\003\125\004\012\023\055\123\151\163\164\145\155\141\040\116
+\141\143\151\157\156\141\154\040\144\145\040\103\145\162\164\151
+\146\151\143\141\143\151\157\156\040\105\154\145\143\164\162\157
+\156\151\143\141\061\103\060\101\006\003\125\004\013\023\072\123
+\165\160\145\162\151\156\164\145\156\144\145\156\143\151\141\040
+\144\145\040\123\145\162\166\151\143\151\157\163\040\144\145\040
+\103\145\162\164\151\146\151\143\141\143\151\157\156\040\105\154
+\145\143\164\162\157\156\151\143\141\061\045\060\043\006\011\052
+\206\110\206\367\015\001\011\001\026\026\141\143\162\141\151\172
+\100\163\165\163\143\145\162\164\145\056\147\157\142\056\166\145
+\202\001\012\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\115\006\003\125\035\021\004\106\060\104\202\016
+\160\162\157\143\145\162\164\056\156\145\164\056\166\145\240\025
+\006\005\140\206\136\002\001\240\014\014\012\120\123\103\055\060
+\060\060\060\060\062\240\033\006\005\140\206\136\002\002\240\022
+\014\020\122\111\106\055\112\055\063\061\066\063\065\063\067\063
+\055\067\060\166\006\003\125\035\037\004\157\060\155\060\106\240
+\104\240\102\206\100\150\164\164\160\072\057\057\167\167\167\056
+\163\165\163\143\145\162\164\145\056\147\157\142\056\166\145\057
+\154\143\162\057\103\105\122\124\111\106\111\103\101\104\117\055
+\122\101\111\132\055\123\110\101\063\070\064\103\122\114\104\105
+\122\056\143\162\154\060\043\240\041\240\037\206\035\154\144\141
+\160\072\057\057\141\143\162\141\151\172\056\163\165\163\143\145
+\162\164\145\056\147\157\142\056\166\145\060\067\006\010\053\006
+\001\005\005\007\001\001\004\053\060\051\060\047\006\010\053\006
+\001\005\005\007\060\001\206\033\150\164\164\160\072\057\057\157
+\143\163\160\056\163\165\163\143\145\162\164\145\056\147\157\142
+\056\166\145\060\101\006\003\125\035\040\004\072\060\070\060\066
+\006\006\140\206\136\003\001\002\060\054\060\052\006\010\053\006
+\001\005\005\007\002\001\026\036\150\164\164\160\072\057\057\167
+\167\167\056\163\165\163\143\145\162\164\145\056\147\157\142\056
+\166\145\057\144\160\143\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\002\001\000\053\131\353\042\231\273
+\204\252\117\336\220\306\321\206\161\043\236\113\003\221\107\160
+\273\300\222\140\354\340\324\347\155\306\323\355\147\203\167\122
+\325\362\345\167\247\066\262\343\124\276\331\273\012\233\021\357
+\141\364\306\231\063\231\365\257\000\071\215\203\277\246\275\065
+\176\054\134\061\064\157\154\333\363\144\001\230\252\224\054\101
+\335\025\206\312\153\051\116\026\300\111\374\327\203\110\023\007
+\121\204\061\122\210\273\206\027\307\153\057\212\040\255\305\013
+\217\160\076\052\273\033\161\217\271\244\240\375\330\225\331\257
+\131\277\045\053\230\351\143\223\057\140\036\304\252\370\167\365
+\213\154\057\355\176\056\265\117\100\015\356\274\127\167\347\331
+\266\324\077\225\047\072\040\325\345\256\253\154\065\237\301\241
+\035\131\334\204\201\356\115\007\342\110\266\236\113\225\055\101
+\261\341\350\336\176\057\005\036\150\356\277\273\220\145\072\310
+\356\352\261\030\067\034\142\223\244\240\061\354\161\154\221\346
+\244\171\211\132\024\247\024\120\005\114\244\000\127\060\054\301
+\265\141\226\334\076\036\204\257\071\102\317\345\320\054\261\044
+\274\337\100\303\355\177\143\112\275\341\117\022\144\206\225\363
+\260\347\310\267\341\123\275\222\346\363\014\226\271\353\350\346
+\222\355\247\201\011\024\013\374\225\172\317\217\326\064\117\066
+\022\334\136\321\064\165\306\106\200\057\225\004\214\307\206\304
+\250\046\211\250\077\031\233\201\273\121\244\112\206\253\013\021
+\017\261\256\143\123\155\050\352\335\063\126\070\034\262\255\200
+\323\327\162\275\232\154\231\143\350\000\273\101\166\005\267\133
+\231\030\212\303\270\022\134\126\317\126\014\175\350\342\317\355
+\274\164\107\373\356\323\027\116\042\117\126\377\120\363\056\346
+\071\246\202\326\161\312\336\267\325\272\150\010\355\231\314\375
+\242\222\313\151\270\235\371\012\244\246\076\117\223\050\052\141
+\154\007\046\000\377\226\137\150\206\270\270\316\312\125\340\253
+\261\075\177\230\327\063\016\132\075\330\170\302\304\140\057\307
+\142\360\141\221\322\070\260\366\236\125\333\100\200\005\022\063
+\316\035\222\233\321\151\263\377\277\361\222\012\141\065\077\335
+\376\206\364\274\340\032\161\263\142\246
+END
+
+# Trust for "PSCProcert"
+# Issuer: E=acraiz@suscerte.gob.ve,OU=Superintendencia de Servicios de Certificacion Electronica,O=Sistema Nacional de Certificacion Electronica,ST=Distrito Capital,L=Caracas,C=VE,CN=Autoridad de Certificacion Raiz del Estado Venezolano
+# Serial Number: 11 (0xb)
+# Subject: CN=PSCProcert,C=VE,O=Sistema Nacional de Certificacion Electronica,OU=Proveedor de Certificados PROCERT,ST=Miranda,L=Chacao,E=contacto@procert.net.ve
+# Not Valid Before: Tue Dec 28 16:51:00 2010
+# Not Valid After : Fri Dec 25 23:59:59 2020
+# Fingerprint (MD5): E6:24:E9:12:01:AE:0C:DE:8E:85:C4:CE:A3:12:DD:EC
+# Fingerprint (SHA1): 70:C1:8D:74:B4:28:81:0A:E4:FD:A5:75:D7:01:9F:99:B0:3D:50:74
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "PSCProcert"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\160\301\215\164\264\050\201\012\344\375\245\165\327\001\237\231
+\260\075\120\164
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\346\044\351\022\001\256\014\336\216\205\304\316\243\022\335\354
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\202\001\036\061\076\060\074\006\003\125\004\003\023\065\101
+\165\164\157\162\151\144\141\144\040\144\145\040\103\145\162\164
+\151\146\151\143\141\143\151\157\156\040\122\141\151\172\040\144
+\145\154\040\105\163\164\141\144\157\040\126\145\156\145\172\157
+\154\141\156\157\061\013\060\011\006\003\125\004\006\023\002\126
+\105\061\020\060\016\006\003\125\004\007\023\007\103\141\162\141
+\143\141\163\061\031\060\027\006\003\125\004\010\023\020\104\151
+\163\164\162\151\164\157\040\103\141\160\151\164\141\154\061\066
+\060\064\006\003\125\004\012\023\055\123\151\163\164\145\155\141
+\040\116\141\143\151\157\156\141\154\040\144\145\040\103\145\162
+\164\151\146\151\143\141\143\151\157\156\040\105\154\145\143\164
+\162\157\156\151\143\141\061\103\060\101\006\003\125\004\013\023
+\072\123\165\160\145\162\151\156\164\145\156\144\145\156\143\151
+\141\040\144\145\040\123\145\162\166\151\143\151\157\163\040\144
+\145\040\103\145\162\164\151\146\151\143\141\143\151\157\156\040
+\105\154\145\143\164\162\157\156\151\143\141\061\045\060\043\006
+\011\052\206\110\206\367\015\001\011\001\026\026\141\143\162\141
+\151\172\100\163\165\163\143\145\162\164\145\056\147\157\142\056
+\166\145
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\013
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "China Internet Network Information Center EV Certificates Root"
+#
+# Issuer: CN=China Internet Network Information Center EV Certificates Root,O=China Internet Network Information Center,C=CN
+# Serial Number: 1218379777 (0x489f0001)
+# Subject: CN=China Internet Network Information Center EV Certificates Root,O=China Internet Network Information Center,C=CN
+# Not Valid Before: Tue Aug 31 07:11:25 2010
+# Not Valid After : Sat Aug 31 07:11:25 2030
+# Fingerprint (MD5): 55:5D:63:00:97:BD:6A:97:F5:67:AB:4B:FB:6E:63:15
+# Fingerprint (SHA1): 4F:99:AA:93:FB:2B:D1:37:26:A1:99:4A:CE:7F:F0:05:F2:93:5D:1E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "China Internet Network Information Center EV Certificates Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\212\061\013\060\011\006\003\125\004\006\023\002\103\116
+\061\062\060\060\006\003\125\004\012\014\051\103\150\151\156\141
+\040\111\156\164\145\162\156\145\164\040\116\145\164\167\157\162
+\153\040\111\156\146\157\162\155\141\164\151\157\156\040\103\145
+\156\164\145\162\061\107\060\105\006\003\125\004\003\014\076\103
+\150\151\156\141\040\111\156\164\145\162\156\145\164\040\116\145
+\164\167\157\162\153\040\111\156\146\157\162\155\141\164\151\157
+\156\040\103\145\156\164\145\162\040\105\126\040\103\145\162\164
+\151\146\151\143\141\164\145\163\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\212\061\013\060\011\006\003\125\004\006\023\002\103\116
+\061\062\060\060\006\003\125\004\012\014\051\103\150\151\156\141
+\040\111\156\164\145\162\156\145\164\040\116\145\164\167\157\162
+\153\040\111\156\146\157\162\155\141\164\151\157\156\040\103\145
+\156\164\145\162\061\107\060\105\006\003\125\004\003\014\076\103
+\150\151\156\141\040\111\156\164\145\162\156\145\164\040\116\145
+\164\167\157\162\153\040\111\156\146\157\162\155\141\164\151\157
+\156\040\103\145\156\164\145\162\040\105\126\040\103\145\162\164
+\151\146\151\143\141\164\145\163\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\110\237\000\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\367\060\202\002\337\240\003\002\001\002\002\004\110
+\237\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\060\201\212\061\013\060\011\006\003\125\004\006\023\002
+\103\116\061\062\060\060\006\003\125\004\012\014\051\103\150\151
+\156\141\040\111\156\164\145\162\156\145\164\040\116\145\164\167
+\157\162\153\040\111\156\146\157\162\155\141\164\151\157\156\040
+\103\145\156\164\145\162\061\107\060\105\006\003\125\004\003\014
+\076\103\150\151\156\141\040\111\156\164\145\162\156\145\164\040
+\116\145\164\167\157\162\153\040\111\156\146\157\162\155\141\164
+\151\157\156\040\103\145\156\164\145\162\040\105\126\040\103\145
+\162\164\151\146\151\143\141\164\145\163\040\122\157\157\164\060
+\036\027\015\061\060\060\070\063\061\060\067\061\061\062\065\132
+\027\015\063\060\060\070\063\061\060\067\061\061\062\065\132\060
+\201\212\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\062\060\060\006\003\125\004\012\014\051\103\150\151\156\141\040
+\111\156\164\145\162\156\145\164\040\116\145\164\167\157\162\153
+\040\111\156\146\157\162\155\141\164\151\157\156\040\103\145\156
+\164\145\162\061\107\060\105\006\003\125\004\003\014\076\103\150
+\151\156\141\040\111\156\164\145\162\156\145\164\040\116\145\164
+\167\157\162\153\040\111\156\146\157\162\155\141\164\151\157\156
+\040\103\145\156\164\145\162\040\105\126\040\103\145\162\164\151
+\146\151\143\141\164\145\163\040\122\157\157\164\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\233\176\163
+\356\275\073\170\252\144\103\101\365\120\337\224\362\056\262\215
+\112\216\106\124\322\041\022\310\071\062\102\006\351\203\325\237
+\122\355\345\147\003\073\124\301\214\231\231\314\351\300\017\377
+\015\331\204\021\262\270\321\313\133\334\036\371\150\061\144\341
+\233\372\164\353\150\271\040\225\367\306\017\215\107\254\132\006
+\335\141\253\342\354\330\237\027\055\234\312\074\065\227\125\161
+\315\103\205\261\107\026\365\054\123\200\166\317\323\000\144\275
+\100\231\335\314\330\333\304\237\326\023\137\101\203\213\371\015
+\207\222\126\064\154\032\020\013\027\325\132\034\227\130\204\074
+\204\032\056\134\221\064\156\031\137\177\027\151\305\145\357\153
+\041\306\325\120\072\277\141\271\005\215\357\157\064\072\262\157
+\024\143\277\026\073\233\251\052\375\267\053\070\146\006\305\054
+\342\252\147\036\105\247\215\004\146\102\366\217\053\357\210\040
+\151\217\062\214\024\163\332\053\206\221\143\042\232\362\247\333
+\316\211\213\253\135\307\024\301\133\060\152\037\261\267\236\056
+\201\001\002\355\317\226\136\143\333\250\346\070\267\002\003\001
+\000\001\243\143\060\141\060\037\006\003\125\035\043\004\030\060
+\026\200\024\174\162\113\071\307\300\333\142\245\117\233\252\030
+\064\222\242\312\203\202\131\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\006\060\035\006\003\125\035\016\004
+\026\004\024\174\162\113\071\307\300\333\142\245\117\233\252\030
+\064\222\242\312\203\202\131\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\003\202\001\001\000\052\303\307\103\067
+\217\335\255\244\262\014\356\334\024\155\217\050\244\230\111\313
+\014\200\352\363\355\043\146\165\175\305\323\041\147\171\321\163
+\305\265\003\267\130\254\014\124\057\306\126\023\017\061\332\006
+\347\145\073\035\157\066\333\310\035\371\375\200\006\312\243\075
+\146\026\250\235\114\026\175\300\225\106\265\121\344\342\037\327
+\352\006\115\143\215\226\214\357\347\063\127\102\072\353\214\301
+\171\310\115\166\175\336\366\261\267\201\340\240\371\241\170\106
+\027\032\126\230\360\116\075\253\034\355\354\071\334\007\110\367
+\143\376\006\256\302\244\134\152\133\062\210\305\307\063\205\254
+\146\102\107\302\130\044\231\341\345\076\345\165\054\216\103\326
+\135\074\170\036\250\225\202\051\120\321\321\026\272\357\301\276
+\172\331\264\330\314\036\114\106\341\167\261\061\253\275\052\310
+\316\217\156\241\135\177\003\165\064\344\255\211\105\124\136\276
+\256\050\245\273\077\170\171\353\163\263\012\015\375\276\311\367
+\126\254\366\267\355\057\233\041\051\307\070\266\225\304\004\362
+\303\055\375\024\052\220\231\271\007\314\237
+END
+
+# Trust for "China Internet Network Information Center EV Certificates Root"
+# Issuer: CN=China Internet Network Information Center EV Certificates Root,O=China Internet Network Information Center,C=CN
+# Serial Number: 1218379777 (0x489f0001)
+# Subject: CN=China Internet Network Information Center EV Certificates Root,O=China Internet Network Information Center,C=CN
+# Not Valid Before: Tue Aug 31 07:11:25 2010
+# Not Valid After : Sat Aug 31 07:11:25 2030
+# Fingerprint (MD5): 55:5D:63:00:97:BD:6A:97:F5:67:AB:4B:FB:6E:63:15
+# Fingerprint (SHA1): 4F:99:AA:93:FB:2B:D1:37:26:A1:99:4A:CE:7F:F0:05:F2:93:5D:1E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "China Internet Network Information Center EV Certificates Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\117\231\252\223\373\053\321\067\046\241\231\112\316\177\360\005
+\362\223\135\036
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\125\135\143\000\227\275\152\227\365\147\253\113\373\156\143\025
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\212\061\013\060\011\006\003\125\004\006\023\002\103\116
+\061\062\060\060\006\003\125\004\012\014\051\103\150\151\156\141
+\040\111\156\164\145\162\156\145\164\040\116\145\164\167\157\162
+\153\040\111\156\146\157\162\155\141\164\151\157\156\040\103\145
+\156\164\145\162\061\107\060\105\006\003\125\004\003\014\076\103
+\150\151\156\141\040\111\156\164\145\162\156\145\164\040\116\145
+\164\167\157\162\153\040\111\156\146\157\162\155\141\164\151\157
+\156\040\103\145\156\164\145\162\040\105\126\040\103\145\162\164
+\151\146\151\143\141\164\145\163\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\110\237\000\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Swisscom Root CA 2"
+#
+# Issuer: CN=Swisscom Root CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Serial Number:1e:9e:28:e8:48:f2:e5:ef:c3:7c:4a:1e:5a:18:67:b6
+# Subject: CN=Swisscom Root CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Not Valid Before: Fri Jun 24 08:38:14 2011
+# Not Valid After : Wed Jun 25 07:38:14 2031
+# Fingerprint (MD5): 5B:04:69:EC:A5:83:94:63:18:A7:86:D0:E4:F2:6E:19
+# Fingerprint (SHA1): 77:47:4F:C6:30:E4:0F:4C:47:64:3F:84:BA:B8:C6:95:4A:8A:41:EC
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Swisscom Root CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\033\060\031\006\003\125
+\004\003\023\022\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\103\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\033\060\031\006\003\125
+\004\003\023\022\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\036\236\050\350\110\362\345\357\303\174\112\036\132\030
+\147\266
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\331\060\202\003\301\240\003\002\001\002\002\020\036
+\236\050\350\110\362\345\357\303\174\112\036\132\030\147\266\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\144
+\061\013\060\011\006\003\125\004\006\023\002\143\150\061\021\060
+\017\006\003\125\004\012\023\010\123\167\151\163\163\143\157\155
+\061\045\060\043\006\003\125\004\013\023\034\104\151\147\151\164
+\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040\123
+\145\162\166\151\143\145\163\061\033\060\031\006\003\125\004\003
+\023\022\123\167\151\163\163\143\157\155\040\122\157\157\164\040
+\103\101\040\062\060\036\027\015\061\061\060\066\062\064\060\070
+\063\070\061\064\132\027\015\063\061\060\066\062\065\060\067\063
+\070\061\064\132\060\144\061\013\060\011\006\003\125\004\006\023
+\002\143\150\061\021\060\017\006\003\125\004\012\023\010\123\167
+\151\163\163\143\157\155\061\045\060\043\006\003\125\004\013\023
+\034\104\151\147\151\164\141\154\040\103\145\162\164\151\146\151
+\143\141\164\145\040\123\145\162\166\151\143\145\163\061\033\060
+\031\006\003\125\004\003\023\022\123\167\151\163\163\143\157\155
+\040\122\157\157\164\040\103\101\040\062\060\202\002\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
+\017\000\060\202\002\012\002\202\002\001\000\225\102\116\204\235
+\121\346\323\011\350\162\132\043\151\333\170\160\216\026\361\053
+\217\015\003\316\223\314\056\000\010\173\253\063\214\364\351\100
+\346\027\114\253\236\270\107\024\062\167\062\335\050\014\336\030
+\113\137\166\237\370\071\073\374\116\211\330\174\305\147\357\253
+\322\271\064\137\153\072\363\144\066\316\302\260\317\023\150\312
+\310\313\353\265\342\075\056\041\337\352\054\324\340\371\160\226
+\114\377\152\130\230\267\027\344\033\122\345\176\007\000\035\137
+\332\346\076\225\004\267\151\210\071\241\101\140\045\141\113\225
+\071\150\142\034\261\013\005\211\300\066\202\024\041\077\256\333
+\241\375\274\157\034\140\206\266\123\224\111\271\053\106\305\117
+\000\053\277\241\273\313\077\340\307\127\034\127\350\326\151\370
+\301\044\122\235\210\125\335\302\207\056\164\043\320\024\375\052
+\107\132\273\246\235\375\224\344\321\212\245\137\206\143\166\205
+\313\257\377\111\050\374\200\355\114\171\322\273\344\300\357\001
+\356\120\101\010\065\043\160\053\251\026\264\214\156\205\351\266
+\021\317\061\335\123\046\033\337\055\132\112\002\100\374\304\300
+\266\351\061\032\010\050\345\140\303\037\304\220\216\020\142\140
+\104\015\354\012\276\125\030\161\054\245\364\262\274\025\142\377
+\034\343\276\035\332\036\127\263\074\176\315\202\035\221\343\113
+\353\054\122\064\260\212\375\022\116\226\260\353\160\177\236\071
+\367\146\102\261\253\254\122\332\166\100\127\173\052\275\350\156
+\003\262\013\200\205\210\235\014\307\302\167\260\232\232\127\364
+\270\372\023\134\150\223\072\147\244\227\320\033\231\267\206\062
+\113\140\330\316\357\320\014\177\225\237\157\207\117\207\212\216
+\137\010\174\252\133\374\132\276\241\221\237\125\175\116\260\013
+\151\314\260\224\250\247\207\362\323\112\120\334\137\162\260\026
+\165\036\313\264\030\142\232\260\247\071\252\233\237\146\330\215
+\246\154\226\025\343\346\362\370\361\203\142\154\273\125\351\141
+\223\243\075\365\261\127\213\117\043\260\233\345\224\152\057\337
+\214\337\225\121\051\140\241\013\051\344\134\125\130\267\250\374
+\231\356\045\115\114\016\263\323\114\217\204\350\051\017\375\020
+\124\002\205\310\371\345\303\213\317\347\017\002\003\001\000\001
+\243\201\206\060\201\203\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\206\060\035\006\003\125\035\041\004\026\060
+\024\060\022\006\007\140\205\164\001\123\002\001\006\007\140\205
+\164\001\123\002\001\060\022\006\003\125\035\023\001\001\377\004
+\010\060\006\001\001\377\002\001\007\060\035\006\003\125\035\016
+\004\026\004\024\115\046\040\042\211\113\323\325\244\012\241\157
+\336\342\022\201\305\361\074\056\060\037\006\003\125\035\043\004
+\030\060\026\200\024\115\046\040\042\211\113\323\325\244\012\241
+\157\336\342\022\201\305\361\074\056\060\015\006\011\052\206\110
+\206\367\015\001\001\013\005\000\003\202\002\001\000\062\012\262
+\244\033\313\175\276\202\127\211\271\152\177\363\364\301\056\021
+\175\270\031\076\171\267\250\250\162\067\146\233\032\355\254\023
+\073\016\277\142\360\234\337\236\173\241\123\110\016\101\172\312
+\040\247\027\033\266\170\354\100\221\363\102\255\020\303\134\357
+\377\140\131\177\315\205\243\213\075\110\034\045\002\074\147\175
+\365\062\351\057\060\345\175\245\172\070\320\363\146\052\146\036
+\215\063\203\212\157\174\156\250\132\165\232\270\327\332\130\110
+\104\107\250\114\372\114\111\012\112\302\022\067\250\100\014\303
+\310\341\320\127\015\227\062\225\307\072\237\227\323\127\370\013
+\336\345\162\363\243\333\377\265\330\131\262\163\335\115\052\161
+\262\272\111\365\313\034\325\365\171\310\231\263\374\301\114\164
+\343\264\275\051\067\025\004\050\036\336\105\106\160\354\257\272
+\170\016\212\052\316\000\171\334\300\137\031\147\054\153\113\357
+\150\150\013\103\343\254\301\142\011\357\246\335\145\141\240\257
+\204\125\110\221\122\034\306\045\221\052\320\301\042\043\141\131
+\257\105\021\205\035\001\044\064\217\317\263\377\027\162\040\023
+\302\200\252\041\054\161\071\016\320\217\134\301\323\321\216\042
+\162\106\114\035\226\256\117\161\261\341\005\051\226\131\364\273
+\236\165\075\317\015\067\015\142\333\046\214\143\251\043\337\147
+\006\074\174\072\332\064\102\341\146\264\106\004\336\306\226\230
+\017\113\110\172\044\062\165\221\237\254\367\150\351\052\271\125
+\145\316\135\141\323\047\160\330\067\376\237\271\257\240\056\126
+\267\243\145\121\355\073\253\024\277\114\121\003\350\137\212\005
+\233\356\212\156\234\357\277\150\372\310\332\013\343\102\311\320
+\027\024\234\267\112\340\257\223\047\041\125\046\265\144\057\215
+\361\377\246\100\005\205\005\134\312\007\031\134\013\023\050\114
+\130\177\302\245\357\105\332\140\323\256\145\141\235\123\203\164
+\302\256\362\134\302\026\355\222\076\204\076\163\140\210\274\166
+\364\054\317\320\175\175\323\270\136\321\221\022\020\351\315\335
+\312\045\343\325\355\231\057\276\165\201\113\044\371\105\106\224
+\311\051\041\123\234\046\105\252\023\027\344\347\315\170\342\071
+\301\053\022\236\246\236\033\305\346\016\331\061\331
+END
+
+# Trust for "Swisscom Root CA 2"
+# Issuer: CN=Swisscom Root CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Serial Number:1e:9e:28:e8:48:f2:e5:ef:c3:7c:4a:1e:5a:18:67:b6
+# Subject: CN=Swisscom Root CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Not Valid Before: Fri Jun 24 08:38:14 2011
+# Not Valid After : Wed Jun 25 07:38:14 2031
+# Fingerprint (MD5): 5B:04:69:EC:A5:83:94:63:18:A7:86:D0:E4:F2:6E:19
+# Fingerprint (SHA1): 77:47:4F:C6:30:E4:0F:4C:47:64:3F:84:BA:B8:C6:95:4A:8A:41:EC
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Swisscom Root CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\167\107\117\306\060\344\017\114\107\144\077\204\272\270\306\225
+\112\212\101\354
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\133\004\151\354\245\203\224\143\030\247\206\320\344\362\156\031
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\144\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\033\060\031\006\003\125
+\004\003\023\022\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\036\236\050\350\110\362\345\357\303\174\112\036\132\030
+\147\266
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Swisscom Root EV CA 2"
+#
+# Issuer: CN=Swisscom Root EV CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Serial Number:00:f2:fa:64:e2:74:63:d3:8d:fd:10:1d:04:1f:76:ca:58
+# Subject: CN=Swisscom Root EV CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Not Valid Before: Fri Jun 24 09:45:08 2011
+# Not Valid After : Wed Jun 25 08:45:08 2031
+# Fingerprint (MD5): 7B:30:34:9F:DD:0A:4B:6B:35:CA:31:51:28:5D:AE:EC
+# Fingerprint (SHA1): E7:A1:90:29:D3:D5:52:DC:0D:0F:C6:92:D3:EA:88:0D:15:2E:1A:6B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Swisscom Root EV CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\147\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\036\060\034\006\003\125
+\004\003\023\025\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\105\126\040\103\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\147\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\036\060\034\006\003\125
+\004\003\023\025\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\105\126\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\362\372\144\342\164\143\323\215\375\020\035\004\037
+\166\312\130
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\340\060\202\003\310\240\003\002\001\002\002\021\000
+\362\372\144\342\164\143\323\215\375\020\035\004\037\166\312\130
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\147\061\013\060\011\006\003\125\004\006\023\002\143\150\061\021
+\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143\157
+\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147\151
+\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040
+\123\145\162\166\151\143\145\163\061\036\060\034\006\003\125\004
+\003\023\025\123\167\151\163\163\143\157\155\040\122\157\157\164
+\040\105\126\040\103\101\040\062\060\036\027\015\061\061\060\066
+\062\064\060\071\064\065\060\070\132\027\015\063\061\060\066\062
+\065\060\070\064\065\060\070\132\060\147\061\013\060\011\006\003
+\125\004\006\023\002\143\150\061\021\060\017\006\003\125\004\012
+\023\010\123\167\151\163\163\143\157\155\061\045\060\043\006\003
+\125\004\013\023\034\104\151\147\151\164\141\154\040\103\145\162
+\164\151\146\151\143\141\164\145\040\123\145\162\166\151\143\145
+\163\061\036\060\034\006\003\125\004\003\023\025\123\167\151\163
+\163\143\157\155\040\122\157\157\164\040\105\126\040\103\101\040
+\062\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
+\001\000\304\367\035\057\127\352\127\154\367\160\135\143\260\161
+\122\011\140\104\050\063\243\172\116\012\372\330\352\154\213\121
+\026\032\125\256\124\046\304\314\105\007\101\117\020\171\177\161
+\322\172\116\077\070\116\263\000\306\225\312\133\315\301\052\203
+\327\047\037\061\016\043\026\267\045\313\034\264\271\200\062\136
+\032\235\223\361\350\074\140\054\247\136\127\031\130\121\136\274
+\054\126\013\270\330\357\213\202\264\074\270\302\044\250\023\307
+\240\041\066\033\172\127\051\050\247\056\277\161\045\220\363\104
+\203\151\120\244\344\341\033\142\031\224\011\243\363\303\274\357
+\364\275\354\333\023\235\317\235\110\011\122\147\300\067\051\021
+\036\373\322\021\247\205\030\164\171\344\117\205\024\353\122\067
+\342\261\105\330\314\015\103\177\256\023\322\153\053\077\247\302
+\342\250\155\166\133\103\237\276\264\235\263\046\206\073\037\177
+\345\362\350\146\050\026\045\320\113\227\070\247\344\317\011\321
+\066\303\013\276\332\073\104\130\215\276\361\236\011\153\076\363
+\062\307\053\207\306\354\136\234\366\207\145\255\063\051\304\057
+\211\331\271\313\311\003\235\373\154\224\121\227\020\033\206\013
+\032\033\077\366\002\176\173\324\305\121\144\050\235\365\323\254
+\203\201\210\323\164\264\131\235\301\353\141\063\132\105\321\313
+\071\320\006\152\123\140\035\257\366\373\151\274\152\334\001\317
+\275\371\217\331\275\133\301\072\137\216\332\017\113\251\233\235
+\052\050\153\032\012\174\074\253\042\013\345\167\055\161\366\202
+\065\201\256\370\173\201\346\352\376\254\364\032\233\164\134\350
+\217\044\366\135\235\106\304\054\322\036\053\041\152\203\047\147
+\125\112\244\343\310\062\227\146\220\162\332\343\324\144\056\137
+\343\241\152\366\140\324\347\065\315\312\304\150\215\327\161\310
+\323\044\063\163\261\154\371\152\341\050\333\137\306\075\350\276
+\125\346\067\033\355\044\331\017\031\217\137\143\030\130\120\201
+\121\145\157\362\237\176\152\004\347\064\044\161\272\166\113\130
+\036\031\275\025\140\105\252\014\022\100\001\235\020\342\307\070
+\007\162\012\145\300\266\273\045\051\332\026\236\213\065\213\141
+\355\345\161\127\203\265\074\161\237\343\117\277\176\036\201\237
+\101\227\002\003\001\000\001\243\201\206\060\201\203\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\206\060\035\006
+\003\125\035\041\004\026\060\024\060\022\006\007\140\205\164\001
+\123\002\002\006\007\140\205\164\001\123\002\002\060\022\006\003
+\125\035\023\001\001\377\004\010\060\006\001\001\377\002\001\003
+\060\035\006\003\125\035\016\004\026\004\024\105\331\245\201\156
+\075\210\115\215\161\322\106\301\156\105\036\363\304\200\235\060
+\037\006\003\125\035\043\004\030\060\026\200\024\105\331\245\201
+\156\075\210\115\215\161\322\106\301\156\105\036\363\304\200\235
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\002\001\000\224\072\163\006\237\122\113\060\134\324\376\261
+\134\045\371\327\216\157\365\207\144\237\355\024\216\270\004\216
+\050\113\217\252\173\216\071\264\331\130\366\173\241\065\012\241
+\235\212\367\143\345\353\275\071\202\324\343\172\055\157\337\023
+\074\272\376\176\126\230\013\363\124\237\315\104\116\156\074\341
+\076\025\277\006\046\235\344\360\220\266\324\302\236\060\056\037
+\357\307\172\304\120\307\352\173\332\120\313\172\046\313\000\264
+\132\253\265\223\037\200\211\204\004\225\215\215\177\011\223\277
+\324\250\250\344\143\155\331\144\344\270\051\132\010\277\120\341
+\204\017\125\173\137\010\042\033\365\275\231\036\024\366\316\364
+\130\020\202\263\012\075\031\301\277\133\253\252\231\330\362\061
+\275\345\070\146\334\130\005\307\355\143\032\056\012\227\174\207
+\223\053\262\212\343\361\354\030\345\165\266\051\207\347\334\213
+\032\176\264\330\311\323\212\027\154\175\051\104\276\212\252\365
+\176\072\056\150\061\223\271\152\332\232\340\333\351\056\245\204
+\315\034\012\270\112\010\371\234\361\141\046\230\223\267\173\146
+\354\221\136\335\121\077\333\163\017\255\004\130\011\335\004\002
+\225\012\076\323\166\337\246\020\036\200\075\350\315\244\144\321
+\063\307\222\307\342\116\104\343\011\311\116\302\135\207\016\022
+\236\277\017\311\005\020\336\172\243\261\074\362\077\245\252\047
+\171\255\061\175\037\375\374\031\151\305\335\271\077\174\315\306
+\264\302\060\036\176\156\222\327\177\141\166\132\217\353\225\115
+\274\021\156\041\174\131\067\231\320\006\274\371\006\155\062\026
+\245\331\151\250\341\334\074\200\036\140\121\334\327\124\041\036
+\312\142\167\117\372\330\217\263\053\072\015\170\162\311\150\101
+\132\107\112\302\243\353\032\327\012\253\074\062\125\310\012\021
+\234\337\164\326\360\100\025\035\310\271\217\265\066\305\257\370
+\042\270\312\035\363\326\266\031\017\237\141\145\152\352\164\310
+\174\217\303\117\135\145\202\037\331\015\211\332\165\162\373\357
+\361\107\147\023\263\310\321\031\210\047\046\232\231\171\177\036
+\344\054\077\173\356\361\336\115\213\226\227\303\325\077\174\033
+\043\355\244\263\035\026\162\103\113\040\341\131\176\302\350\255
+\046\277\242\367
+END
+
+# Trust for "Swisscom Root EV CA 2"
+# Issuer: CN=Swisscom Root EV CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Serial Number:00:f2:fa:64:e2:74:63:d3:8d:fd:10:1d:04:1f:76:ca:58
+# Subject: CN=Swisscom Root EV CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
+# Not Valid Before: Fri Jun 24 09:45:08 2011
+# Not Valid After : Wed Jun 25 08:45:08 2031
+# Fingerprint (MD5): 7B:30:34:9F:DD:0A:4B:6B:35:CA:31:51:28:5D:AE:EC
+# Fingerprint (SHA1): E7:A1:90:29:D3:D5:52:DC:0D:0F:C6:92:D3:EA:88:0D:15:2E:1A:6B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Swisscom Root EV CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\347\241\220\051\323\325\122\334\015\017\306\222\323\352\210\015
+\025\056\032\153
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\173\060\064\237\335\012\113\153\065\312\061\121\050\135\256\354
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\147\061\013\060\011\006\003\125\004\006\023\002\143\150\061
+\021\060\017\006\003\125\004\012\023\010\123\167\151\163\163\143
+\157\155\061\045\060\043\006\003\125\004\013\023\034\104\151\147
+\151\164\141\154\040\103\145\162\164\151\146\151\143\141\164\145
+\040\123\145\162\166\151\143\145\163\061\036\060\034\006\003\125
+\004\003\023\025\123\167\151\163\163\143\157\155\040\122\157\157
+\164\040\105\126\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\362\372\144\342\164\143\323\215\375\020\035\004\037
+\166\312\130
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "CA Disig Root R1"
+#
+# Issuer: CN=CA Disig Root R1,O=Disig a.s.,L=Bratislava,C=SK
+# Serial Number:00:c3:03:9a:ee:50:90:6e:28
+# Subject: CN=CA Disig Root R1,O=Disig a.s.,L=Bratislava,C=SK
+# Not Valid Before: Thu Jul 19 09:06:56 2012
+# Not Valid After : Sat Jul 19 09:06:56 2042
+# Fingerprint (MD5): BE:EC:11:93:9A:F5:69:21:BC:D7:C1:C0:67:89:CC:2A
+# Fingerprint (SHA1): 8E:1C:74:F8:A6:20:B9:E5:8A:F4:61:FA:EC:2B:47:56:51:1A:52:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CA Disig Root R1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\122\061\013\060\011\006\003\125\004\006\023\002\123\113\061
+\023\060\021\006\003\125\004\007\023\012\102\162\141\164\151\163
+\154\141\166\141\061\023\060\021\006\003\125\004\012\023\012\104
+\151\163\151\147\040\141\056\163\056\061\031\060\027\006\003\125
+\004\003\023\020\103\101\040\104\151\163\151\147\040\122\157\157
+\164\040\122\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\122\061\013\060\011\006\003\125\004\006\023\002\123\113\061
+\023\060\021\006\003\125\004\007\023\012\102\162\141\164\151\163
+\154\141\166\141\061\023\060\021\006\003\125\004\012\023\012\104
+\151\163\151\147\040\141\056\163\056\061\031\060\027\006\003\125
+\004\003\023\020\103\101\040\104\151\163\151\147\040\122\157\157
+\164\040\122\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\303\003\232\356\120\220\156\050
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\151\060\202\003\121\240\003\002\001\002\002\011\000
+\303\003\232\356\120\220\156\050\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\060\122\061\013\060\011\006\003\125
+\004\006\023\002\123\113\061\023\060\021\006\003\125\004\007\023
+\012\102\162\141\164\151\163\154\141\166\141\061\023\060\021\006
+\003\125\004\012\023\012\104\151\163\151\147\040\141\056\163\056
+\061\031\060\027\006\003\125\004\003\023\020\103\101\040\104\151
+\163\151\147\040\122\157\157\164\040\122\061\060\036\027\015\061
+\062\060\067\061\071\060\071\060\066\065\066\132\027\015\064\062
+\060\067\061\071\060\071\060\066\065\066\132\060\122\061\013\060
+\011\006\003\125\004\006\023\002\123\113\061\023\060\021\006\003
+\125\004\007\023\012\102\162\141\164\151\163\154\141\166\141\061
+\023\060\021\006\003\125\004\012\023\012\104\151\163\151\147\040
+\141\056\163\056\061\031\060\027\006\003\125\004\003\023\020\103
+\101\040\104\151\163\151\147\040\122\157\157\164\040\122\061\060
+\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000
+\252\303\170\367\334\230\243\247\132\136\167\030\262\335\004\144
+\017\143\375\233\226\011\200\325\350\252\245\342\234\046\224\072
+\350\231\163\214\235\337\327\337\203\363\170\117\100\341\177\322
+\247\322\345\312\023\223\347\355\306\167\137\066\265\224\257\350
+\070\216\333\233\345\174\273\314\215\353\165\163\341\044\315\346
+\247\055\031\056\330\326\212\153\024\353\010\142\012\330\334\263
+\000\115\303\043\174\137\103\010\043\062\022\334\355\014\255\300
+\175\017\245\172\102\331\132\160\331\277\247\327\001\034\366\233
+\253\216\267\112\206\170\240\036\126\061\256\357\202\012\200\101
+\367\033\311\256\253\062\046\324\054\153\355\175\153\344\342\136
+\042\012\105\313\204\061\115\254\376\333\321\107\272\371\140\227
+\071\261\145\307\336\373\231\344\012\042\261\055\115\345\110\046
+\151\253\342\252\363\373\374\222\051\062\351\263\076\115\037\047
+\241\315\216\271\027\373\045\076\311\156\363\167\332\015\022\366
+\135\307\273\066\020\325\124\326\363\340\342\107\110\346\336\024
+\332\141\122\257\046\264\365\161\117\311\327\322\006\337\143\312
+\377\041\350\131\006\340\010\325\204\025\123\367\103\345\174\305
+\240\211\230\153\163\306\150\316\145\336\275\177\005\367\261\356
+\366\127\241\140\225\305\314\352\223\072\276\231\256\233\002\243
+\255\311\026\265\316\335\136\231\170\176\032\071\176\262\300\005
+\244\300\202\245\243\107\236\214\352\134\266\274\147\333\346\052
+\115\322\004\334\243\256\105\367\274\213\234\034\247\326\325\003
+\334\010\313\056\026\312\134\100\063\350\147\303\056\347\246\104
+\352\021\105\034\065\145\055\036\105\141\044\033\202\056\245\235
+\063\135\145\370\101\371\056\313\224\077\037\243\014\061\044\104
+\355\307\136\255\120\272\306\101\233\254\360\027\145\300\370\135
+\157\133\240\012\064\074\356\327\352\210\237\230\371\257\116\044
+\372\227\262\144\166\332\253\364\355\343\303\140\357\325\371\002
+\310\055\237\203\257\147\151\006\247\061\125\325\317\113\157\377
+\004\005\307\130\254\137\026\033\345\322\243\353\061\333\037\063
+\025\115\320\362\245\123\365\313\341\075\116\150\055\330\022\335
+\252\362\346\115\233\111\345\305\050\241\272\260\132\306\240\265
+\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125\035
+\016\004\026\004\024\211\012\264\070\223\032\346\253\356\233\221
+\030\371\365\074\076\065\320\323\202\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\002\001\000\062\213\366
+\235\112\311\276\024\345\214\254\070\312\072\011\324\033\316\206
+\263\335\353\324\272\050\276\022\256\105\054\004\164\254\023\121
+\305\130\030\146\115\202\332\325\334\223\300\047\341\276\174\237
+\122\236\022\126\366\325\234\251\364\165\234\372\067\022\217\034
+\223\354\127\376\007\017\253\325\022\367\017\256\141\136\126\200
+\111\365\374\060\365\233\117\037\101\057\034\204\323\211\307\342
+\332\002\166\355\011\317\154\301\270\034\203\034\026\372\224\315
+\175\240\310\030\322\310\235\156\365\275\151\324\155\075\065\350
+\036\242\117\140\327\007\051\374\262\243\244\235\156\025\222\126
+\031\114\012\260\351\174\322\031\115\102\106\354\275\375\366\127
+\133\335\230\176\244\115\314\162\003\203\130\135\357\223\072\101
+\172\143\252\174\072\250\365\254\244\321\335\242\055\266\052\374
+\237\001\216\342\020\261\304\312\344\147\333\125\045\031\077\375
+\350\066\176\263\341\341\201\257\021\026\213\120\227\140\031\202
+\000\300\153\115\163\270\321\023\007\076\352\266\061\117\360\102
+\232\155\342\021\164\345\224\254\215\204\225\074\041\257\305\332
+\107\310\337\071\142\142\313\133\120\013\327\201\100\005\234\233
+\355\272\266\213\036\004\157\226\040\071\355\244\175\051\333\110
+\316\202\334\324\002\215\035\004\061\132\307\113\360\154\141\122
+\327\264\121\302\201\154\315\341\373\247\241\322\222\166\317\261
+\017\067\130\244\362\122\161\147\077\014\210\170\200\211\301\310
+\265\037\222\143\276\247\172\212\126\054\032\250\246\234\265\135
+\263\143\320\023\040\241\353\221\154\320\215\175\257\337\013\344
+\027\271\206\236\070\261\224\014\130\214\340\125\252\073\143\155
+\232\211\140\270\144\052\222\306\067\364\176\103\103\267\163\350
+\001\347\177\227\017\327\362\173\031\375\032\327\217\311\372\205
+\153\172\235\236\211\266\246\050\231\223\210\100\367\076\315\121
+\243\312\352\357\171\107\041\265\376\062\342\307\303\121\157\276
+\200\164\360\244\303\072\362\117\351\137\337\031\012\362\073\023
+\103\254\061\244\263\347\353\374\030\326\001\251\363\052\217\066
+\016\353\264\261\274\267\114\311\153\277\241\363\331\364\355\342
+\360\343\355\144\236\075\057\226\122\117\200\123\213
+END
+
+# Trust for "CA Disig Root R1"
+# Issuer: CN=CA Disig Root R1,O=Disig a.s.,L=Bratislava,C=SK
+# Serial Number:00:c3:03:9a:ee:50:90:6e:28
+# Subject: CN=CA Disig Root R1,O=Disig a.s.,L=Bratislava,C=SK
+# Not Valid Before: Thu Jul 19 09:06:56 2012
+# Not Valid After : Sat Jul 19 09:06:56 2042
+# Fingerprint (MD5): BE:EC:11:93:9A:F5:69:21:BC:D7:C1:C0:67:89:CC:2A
+# Fingerprint (SHA1): 8E:1C:74:F8:A6:20:B9:E5:8A:F4:61:FA:EC:2B:47:56:51:1A:52:C6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CA Disig Root R1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\216\034\164\370\246\040\271\345\212\364\141\372\354\053\107\126
+\121\032\122\306
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\276\354\021\223\232\365\151\041\274\327\301\300\147\211\314\052
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\122\061\013\060\011\006\003\125\004\006\023\002\123\113\061
+\023\060\021\006\003\125\004\007\023\012\102\162\141\164\151\163
+\154\141\166\141\061\023\060\021\006\003\125\004\012\023\012\104
+\151\163\151\147\040\141\056\163\056\061\031\060\027\006\003\125
+\004\003\023\020\103\101\040\104\151\163\151\147\040\122\157\157
+\164\040\122\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\303\003\232\356\120\220\156\050
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "CA Disig Root R2"
+#
+# Issuer: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
+# Serial Number:00:92:b8:88:db:b0:8a:c1:63
+# Subject: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
+# Not Valid Before: Thu Jul 19 09:15:30 2012
+# Not Valid After : Sat Jul 19 09:15:30 2042
+# Fingerprint (MD5): 26:01:FB:D8:27:A7:17:9A:45:54:38:1A:43:01:3B:03
+# Fingerprint (SHA1): B5:61:EB:EA:A4:DE:E4:25:4B:69:1A:98:A5:57:47:C2:34:C7:D9:71
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CA Disig Root R2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\122\061\013\060\011\006\003\125\004\006\023\002\123\113\061
+\023\060\021\006\003\125\004\007\023\012\102\162\141\164\151\163
+\154\141\166\141\061\023\060\021\006\003\125\004\012\023\012\104
+\151\163\151\147\040\141\056\163\056\061\031\060\027\006\003\125
+\004\003\023\020\103\101\040\104\151\163\151\147\040\122\157\157
+\164\040\122\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\122\061\013\060\011\006\003\125\004\006\023\002\123\113\061
+\023\060\021\006\003\125\004\007\023\012\102\162\141\164\151\163
+\154\141\166\141\061\023\060\021\006\003\125\004\012\023\012\104
+\151\163\151\147\040\141\056\163\056\061\031\060\027\006\003\125
+\004\003\023\020\103\101\040\104\151\163\151\147\040\122\157\157
+\164\040\122\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\222\270\210\333\260\212\301\143
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\151\060\202\003\121\240\003\002\001\002\002\011\000
+\222\270\210\333\260\212\301\143\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\060\122\061\013\060\011\006\003\125
+\004\006\023\002\123\113\061\023\060\021\006\003\125\004\007\023
+\012\102\162\141\164\151\163\154\141\166\141\061\023\060\021\006
+\003\125\004\012\023\012\104\151\163\151\147\040\141\056\163\056
+\061\031\060\027\006\003\125\004\003\023\020\103\101\040\104\151
+\163\151\147\040\122\157\157\164\040\122\062\060\036\027\015\061
+\062\060\067\061\071\060\071\061\065\063\060\132\027\015\064\062
+\060\067\061\071\060\071\061\065\063\060\132\060\122\061\013\060
+\011\006\003\125\004\006\023\002\123\113\061\023\060\021\006\003
+\125\004\007\023\012\102\162\141\164\151\163\154\141\166\141\061
+\023\060\021\006\003\125\004\012\023\012\104\151\163\151\147\040
+\141\056\163\056\061\031\060\027\006\003\125\004\003\023\020\103
+\101\040\104\151\163\151\147\040\122\157\157\164\040\122\062\060
+\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000
+\242\243\304\000\011\326\205\135\055\155\024\366\302\303\163\236
+\065\302\161\125\176\201\373\253\106\120\340\301\174\111\170\346
+\253\171\130\074\332\377\174\034\237\330\227\002\170\076\153\101
+\004\351\101\275\276\003\054\105\366\057\144\324\253\135\243\107
+\075\144\233\351\150\232\306\314\033\077\272\276\262\213\064\002
+\056\230\125\031\374\214\157\252\137\332\114\316\115\003\041\243
+\330\322\064\223\126\226\313\114\014\000\026\074\137\032\315\310
+\307\154\246\255\323\061\247\274\350\345\341\146\326\322\373\003
+\264\101\145\311\020\256\016\005\143\306\200\152\151\060\375\322
+\356\220\357\015\047\337\237\225\163\364\341\045\332\154\026\336
+\101\070\064\352\213\374\321\350\004\024\141\055\101\176\254\307
+\167\116\313\121\124\373\136\222\030\033\004\132\150\306\311\304
+\372\267\023\240\230\267\021\053\267\326\127\314\174\236\027\321
+\313\045\376\206\116\044\056\126\014\170\115\236\001\022\246\053
+\247\001\145\156\174\142\035\204\204\337\352\300\153\265\245\052
+\225\203\303\123\021\014\163\035\013\262\106\220\321\102\072\316
+\100\156\225\255\377\306\224\255\156\227\204\216\175\157\236\212
+\200\015\111\155\163\342\173\222\036\303\363\301\363\353\056\005
+\157\331\033\317\067\166\004\310\264\132\344\027\247\313\335\166
+\037\320\031\166\350\054\005\263\326\234\064\330\226\334\141\207
+\221\005\344\104\010\063\301\332\271\010\145\324\256\262\066\015
+\353\272\070\272\014\345\233\236\353\215\146\335\231\317\326\211
+\101\366\004\222\212\051\051\155\153\072\034\347\165\175\002\161
+\016\363\300\347\275\313\031\335\235\140\262\302\146\140\266\261
+\004\356\311\346\206\271\232\146\100\250\347\021\355\201\105\003
+\213\366\147\131\350\301\006\021\275\335\317\200\002\117\145\100
+\170\134\107\120\310\233\346\037\201\173\344\104\250\133\205\232
+\342\336\132\325\307\371\072\104\146\113\344\062\124\174\344\154
+\234\263\016\075\027\242\262\064\022\326\176\262\250\111\273\321
+\172\050\100\276\242\026\037\337\344\067\037\021\163\373\220\012
+\145\103\242\015\174\370\006\001\125\063\175\260\015\270\364\365
+\256\245\102\127\174\066\021\214\173\136\304\003\235\214\171\235
+\002\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125\035
+\016\004\026\004\024\265\231\370\257\260\224\365\343\040\326\012
+\255\316\116\126\244\056\156\102\355\060\015\006\011\052\206\110
+\206\367\015\001\001\013\005\000\003\202\002\001\000\046\006\136
+\160\347\145\063\310\202\156\331\234\027\072\033\172\146\262\001
+\366\170\073\151\136\057\352\377\116\371\050\303\230\052\141\114
+\264\044\022\212\175\155\021\024\367\234\265\312\346\274\236\047
+\216\114\031\310\251\275\172\300\327\066\016\155\205\162\156\250
+\306\242\155\366\372\163\143\177\274\156\171\010\034\235\212\237
+\032\212\123\246\330\273\331\065\125\261\021\305\251\003\263\126
+\073\271\204\223\042\136\176\301\366\022\122\213\352\054\147\274
+\376\066\114\365\270\317\321\263\111\222\073\323\051\016\231\033
+\226\367\141\270\073\304\053\266\170\154\264\043\157\360\375\323
+\262\136\165\037\231\225\250\254\366\332\341\305\061\173\373\321
+\106\263\322\274\147\264\142\124\272\011\367\143\260\223\242\232
+\371\351\122\056\213\140\022\253\374\365\140\126\357\020\134\213
+\304\032\102\334\203\133\144\016\313\265\274\326\117\301\174\074
+\156\215\023\155\373\173\353\060\320\334\115\257\305\325\266\245
+\114\133\161\311\350\061\276\350\070\006\110\241\032\342\352\322
+\336\022\071\130\032\377\200\016\202\165\346\267\311\007\154\016
+\357\377\070\361\230\161\304\267\177\016\025\320\045\151\275\042
+\235\053\355\005\366\106\107\254\355\300\360\324\073\342\354\356
+\226\133\220\023\116\036\126\072\353\260\357\226\273\226\043\021
+\272\362\103\206\164\144\225\310\050\165\337\035\065\272\322\067
+\203\070\123\070\066\073\317\154\351\371\153\016\320\373\004\350
+\117\167\327\145\001\170\206\014\172\076\041\142\361\177\143\161
+\014\311\237\104\333\250\047\242\165\276\156\201\076\327\300\353
+\033\230\017\160\134\064\262\212\314\300\205\030\353\156\172\263
+\367\132\241\007\277\251\102\222\363\140\042\227\344\024\241\007
+\233\116\166\300\216\175\375\244\045\307\107\355\377\037\163\254
+\314\303\245\351\157\012\216\233\145\302\120\205\265\243\240\123
+\022\314\125\207\141\363\201\256\020\106\141\275\104\041\270\302
+\075\164\317\176\044\065\372\034\007\016\233\075\042\312\357\061
+\057\214\254\022\275\357\100\050\374\051\147\237\262\023\117\146
+\044\304\123\031\351\036\051\025\357\346\155\260\177\055\147\375
+\363\154\033\165\106\243\345\112\027\351\244\327\013
+END
+
+# Trust for "CA Disig Root R2"
+# Issuer: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
+# Serial Number:00:92:b8:88:db:b0:8a:c1:63
+# Subject: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
+# Not Valid Before: Thu Jul 19 09:15:30 2012
+# Not Valid After : Sat Jul 19 09:15:30 2042
+# Fingerprint (MD5): 26:01:FB:D8:27:A7:17:9A:45:54:38:1A:43:01:3B:03
+# Fingerprint (SHA1): B5:61:EB:EA:A4:DE:E4:25:4B:69:1A:98:A5:57:47:C2:34:C7:D9:71
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CA Disig Root R2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\265\141\353\352\244\336\344\045\113\151\032\230\245\127\107\302
+\064\307\331\161
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\046\001\373\330\047\247\027\232\105\124\070\032\103\001\073\003
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\122\061\013\060\011\006\003\125\004\006\023\002\123\113\061
+\023\060\021\006\003\125\004\007\023\012\102\162\141\164\151\163
+\154\141\166\141\061\023\060\021\006\003\125\004\012\023\012\104
+\151\163\151\147\040\141\056\163\056\061\031\060\027\006\003\125
+\004\003\023\020\103\101\040\104\151\163\151\147\040\122\157\157
+\164\040\122\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\011\000\222\270\210\333\260\212\301\143
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "ACCVRAIZ1"
+#
+# Issuer: C=ES,O=ACCV,OU=PKIACCV,CN=ACCVRAIZ1
+# Serial Number:5e:c3:b7:a6:43:7f:a4:e0
+# Subject: C=ES,O=ACCV,OU=PKIACCV,CN=ACCVRAIZ1
+# Not Valid Before: Thu May 05 09:37:37 2011
+# Not Valid After : Tue Dec 31 09:37:37 2030
+# Fingerprint (MD5): D0:A0:5A:EE:05:B6:09:94:21:A1:7D:F1:B2:29:82:02
+# Fingerprint (SHA1): 93:05:7A:88:15:C6:4F:CE:88:2F:FA:91:16:52:28:78:BC:53:64:17
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ACCVRAIZ1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\102\061\022\060\020\006\003\125\004\003\014\011\101\103\103
+\126\122\101\111\132\061\061\020\060\016\006\003\125\004\013\014
+\007\120\113\111\101\103\103\126\061\015\060\013\006\003\125\004
+\012\014\004\101\103\103\126\061\013\060\011\006\003\125\004\006
+\023\002\105\123
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\102\061\022\060\020\006\003\125\004\003\014\011\101\103\103
+\126\122\101\111\132\061\061\020\060\016\006\003\125\004\013\014
+\007\120\113\111\101\103\103\126\061\015\060\013\006\003\125\004
+\012\014\004\101\103\103\126\061\013\060\011\006\003\125\004\006
+\023\002\105\123
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\136\303\267\246\103\177\244\340
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\007\323\060\202\005\273\240\003\002\001\002\002\010\136
+\303\267\246\103\177\244\340\060\015\006\011\052\206\110\206\367
+\015\001\001\005\005\000\060\102\061\022\060\020\006\003\125\004
+\003\014\011\101\103\103\126\122\101\111\132\061\061\020\060\016
+\006\003\125\004\013\014\007\120\113\111\101\103\103\126\061\015
+\060\013\006\003\125\004\012\014\004\101\103\103\126\061\013\060
+\011\006\003\125\004\006\023\002\105\123\060\036\027\015\061\061
+\060\065\060\065\060\071\063\067\063\067\132\027\015\063\060\061
+\062\063\061\060\071\063\067\063\067\132\060\102\061\022\060\020
+\006\003\125\004\003\014\011\101\103\103\126\122\101\111\132\061
+\061\020\060\016\006\003\125\004\013\014\007\120\113\111\101\103
+\103\126\061\015\060\013\006\003\125\004\012\014\004\101\103\103
+\126\061\013\060\011\006\003\125\004\006\023\002\105\123\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\233
+\251\253\277\141\112\227\257\057\227\146\232\164\137\320\331\226
+\375\317\342\344\146\357\037\037\107\063\302\104\243\337\232\336
+\037\265\124\335\025\174\151\065\021\157\273\310\014\216\152\030
+\036\330\217\331\026\274\020\110\066\134\360\143\263\220\132\134
+\044\067\327\243\326\313\011\161\271\361\001\162\204\260\175\333
+\115\200\315\374\323\157\311\370\332\266\016\202\322\105\205\250
+\033\150\250\075\350\364\104\154\275\241\302\313\003\276\214\076
+\023\000\204\337\112\110\300\343\042\012\350\351\067\247\030\114
+\261\011\015\043\126\177\004\115\331\027\204\030\245\310\332\100
+\224\163\353\316\016\127\074\003\201\072\235\012\241\127\103\151
+\254\127\155\171\220\170\345\265\264\073\330\274\114\215\050\241
+\247\243\247\272\002\116\045\321\052\256\355\256\003\042\270\153
+\040\017\060\050\124\225\177\340\356\316\012\146\235\321\100\055
+\156\042\257\235\032\301\005\031\322\157\300\362\237\370\173\263
+\002\102\373\120\251\035\055\223\017\043\253\306\301\017\222\377
+\320\242\025\365\123\011\161\034\377\105\023\204\346\046\136\370
+\340\210\034\012\374\026\266\250\163\006\270\360\143\204\002\240
+\306\132\354\347\164\337\160\256\243\203\045\352\326\307\227\207
+\223\247\306\212\212\063\227\140\067\020\076\227\076\156\051\025
+\326\241\017\321\210\054\022\237\157\252\244\306\102\353\101\242
+\343\225\103\323\001\205\155\216\273\073\363\043\066\307\376\073
+\340\241\045\007\110\253\311\211\164\377\010\217\200\277\300\226
+\145\363\356\354\113\150\275\235\210\303\061\263\100\361\350\317
+\366\070\273\234\344\321\177\324\345\130\233\174\372\324\363\016
+\233\165\221\344\272\122\056\031\176\321\365\315\132\031\374\272
+\006\366\373\122\250\113\231\004\335\370\371\264\213\120\243\116
+\142\211\360\207\044\372\203\102\301\207\372\325\055\051\052\132
+\161\172\144\152\327\047\140\143\015\333\316\111\365\215\037\220
+\211\062\027\370\163\103\270\322\132\223\206\141\326\341\165\012
+\352\171\146\166\210\117\161\353\004\045\326\012\132\172\223\345
+\271\113\027\100\017\261\266\271\365\336\117\334\340\263\254\073
+\021\160\140\204\112\103\156\231\040\300\051\161\012\300\145\002
+\003\001\000\001\243\202\002\313\060\202\002\307\060\175\006\010
+\053\006\001\005\005\007\001\001\004\161\060\157\060\114\006\010
+\053\006\001\005\005\007\060\002\206\100\150\164\164\160\072\057
+\057\167\167\167\056\141\143\143\166\056\145\163\057\146\151\154
+\145\141\144\155\151\156\057\101\162\143\150\151\166\157\163\057
+\143\145\162\164\151\146\151\143\141\144\157\163\057\162\141\151
+\172\141\143\143\166\061\056\143\162\164\060\037\006\010\053\006
+\001\005\005\007\060\001\206\023\150\164\164\160\072\057\057\157
+\143\163\160\056\141\143\143\166\056\145\163\060\035\006\003\125
+\035\016\004\026\004\024\322\207\264\343\337\067\047\223\125\366
+\126\352\201\345\066\314\214\036\077\275\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125
+\035\043\004\030\060\026\200\024\322\207\264\343\337\067\047\223
+\125\366\126\352\201\345\066\314\214\036\077\275\060\202\001\163
+\006\003\125\035\040\004\202\001\152\060\202\001\146\060\202\001
+\142\006\004\125\035\040\000\060\202\001\130\060\202\001\042\006
+\010\053\006\001\005\005\007\002\002\060\202\001\024\036\202\001
+\020\000\101\000\165\000\164\000\157\000\162\000\151\000\144\000
+\141\000\144\000\040\000\144\000\145\000\040\000\103\000\145\000
+\162\000\164\000\151\000\146\000\151\000\143\000\141\000\143\000
+\151\000\363\000\156\000\040\000\122\000\141\000\355\000\172\000
+\040\000\144\000\145\000\040\000\154\000\141\000\040\000\101\000
+\103\000\103\000\126\000\040\000\050\000\101\000\147\000\145\000
+\156\000\143\000\151\000\141\000\040\000\144\000\145\000\040\000
+\124\000\145\000\143\000\156\000\157\000\154\000\157\000\147\000
+\355\000\141\000\040\000\171\000\040\000\103\000\145\000\162\000
+\164\000\151\000\146\000\151\000\143\000\141\000\143\000\151\000
+\363\000\156\000\040\000\105\000\154\000\145\000\143\000\164\000
+\162\000\363\000\156\000\151\000\143\000\141\000\054\000\040\000
+\103\000\111\000\106\000\040\000\121\000\064\000\066\000\060\000
+\061\000\061\000\065\000\066\000\105\000\051\000\056\000\040\000
+\103\000\120\000\123\000\040\000\145\000\156\000\040\000\150\000
+\164\000\164\000\160\000\072\000\057\000\057\000\167\000\167\000
+\167\000\056\000\141\000\143\000\143\000\166\000\056\000\145\000
+\163\060\060\006\010\053\006\001\005\005\007\002\001\026\044\150
+\164\164\160\072\057\057\167\167\167\056\141\143\143\166\056\145
+\163\057\154\145\147\151\163\154\141\143\151\157\156\137\143\056
+\150\164\155\060\125\006\003\125\035\037\004\116\060\114\060\112
+\240\110\240\106\206\104\150\164\164\160\072\057\057\167\167\167
+\056\141\143\143\166\056\145\163\057\146\151\154\145\141\144\155
+\151\156\057\101\162\143\150\151\166\157\163\057\143\145\162\164
+\151\146\151\143\141\144\157\163\057\162\141\151\172\141\143\143
+\166\061\137\144\145\162\056\143\162\154\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\027\006\003\125\035
+\021\004\020\060\016\201\014\141\143\143\166\100\141\143\143\166
+\056\145\163\060\015\006\011\052\206\110\206\367\015\001\001\005
+\005\000\003\202\002\001\000\227\061\002\237\347\375\103\147\110
+\104\024\344\051\207\355\114\050\146\320\217\065\332\115\141\267
+\112\227\115\265\333\220\340\005\056\016\306\171\320\362\227\151
+\017\275\004\107\331\276\333\265\051\332\233\331\256\251\231\325
+\323\074\060\223\365\215\241\250\374\006\215\104\364\312\026\225
+\174\063\334\142\213\250\067\370\047\330\011\055\033\357\310\024
+\047\040\251\144\104\377\056\326\165\252\154\115\140\100\031\111
+\103\124\143\332\342\314\272\146\345\117\104\172\133\331\152\201
+\053\100\325\177\371\001\047\130\054\310\355\110\221\174\077\246
+\000\317\304\051\163\021\066\336\206\031\076\235\356\031\212\033
+\325\260\355\216\075\234\052\300\015\330\075\146\343\074\015\275
+\325\224\134\342\342\247\065\033\004\000\366\077\132\215\352\103
+\275\137\211\035\251\301\260\314\231\342\115\000\012\332\311\047
+\133\347\023\220\134\344\365\063\242\125\155\334\340\011\115\057
+\261\046\133\047\165\000\011\304\142\167\051\010\137\236\131\254
+\266\176\255\237\124\060\042\003\301\036\161\144\376\371\070\012
+\226\030\335\002\024\254\043\313\006\034\036\244\175\215\015\336
+\047\101\350\255\332\025\267\260\043\335\053\250\323\332\045\207
+\355\350\125\104\115\210\364\066\176\204\232\170\254\367\016\126
+\111\016\326\063\045\326\204\120\102\154\040\022\035\052\325\276
+\274\362\160\201\244\160\140\276\005\265\233\236\004\104\276\141
+\043\254\351\245\044\214\021\200\224\132\242\242\271\111\322\301
+\334\321\247\355\061\021\054\236\031\246\356\341\125\341\300\352
+\317\015\204\344\027\267\242\174\245\336\125\045\006\356\314\300
+\207\134\100\332\314\225\077\125\340\065\307\270\204\276\264\135
+\315\172\203\001\162\356\207\346\137\035\256\265\205\306\046\337
+\346\301\232\351\036\002\107\237\052\250\155\251\133\317\354\105
+\167\177\230\047\232\062\135\052\343\204\356\305\230\146\057\226
+\040\035\335\330\303\047\327\260\371\376\331\175\315\320\237\217
+\013\024\130\121\237\057\213\303\070\055\336\350\217\326\215\207
+\244\365\126\103\026\231\054\364\244\126\264\064\270\141\067\311
+\302\130\200\033\240\227\241\374\131\215\351\021\366\321\017\113
+\125\064\106\052\213\206\073
+END
+
+# Trust for "ACCVRAIZ1"
+# Issuer: C=ES,O=ACCV,OU=PKIACCV,CN=ACCVRAIZ1
+# Serial Number:5e:c3:b7:a6:43:7f:a4:e0
+# Subject: C=ES,O=ACCV,OU=PKIACCV,CN=ACCVRAIZ1
+# Not Valid Before: Thu May 05 09:37:37 2011
+# Not Valid After : Tue Dec 31 09:37:37 2030
+# Fingerprint (MD5): D0:A0:5A:EE:05:B6:09:94:21:A1:7D:F1:B2:29:82:02
+# Fingerprint (SHA1): 93:05:7A:88:15:C6:4F:CE:88:2F:FA:91:16:52:28:78:BC:53:64:17
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ACCVRAIZ1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\223\005\172\210\025\306\117\316\210\057\372\221\026\122\050\170
+\274\123\144\027
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\320\240\132\356\005\266\011\224\041\241\175\361\262\051\202\002
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\102\061\022\060\020\006\003\125\004\003\014\011\101\103\103
+\126\122\101\111\132\061\061\020\060\016\006\003\125\004\013\014
+\007\120\113\111\101\103\103\126\061\015\060\013\006\003\125\004
+\012\014\004\101\103\103\126\061\013\060\011\006\003\125\004\006
+\023\002\105\123
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\136\303\267\246\103\177\244\340
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TWCA Global Root CA"
+#
+# Issuer: CN=TWCA Global Root CA,OU=Root CA,O=TAIWAN-CA,C=TW
+# Serial Number: 3262 (0xcbe)
+# Subject: CN=TWCA Global Root CA,OU=Root CA,O=TAIWAN-CA,C=TW
+# Not Valid Before: Wed Jun 27 06:28:33 2012
+# Not Valid After : Tue Dec 31 15:59:59 2030
+# Fingerprint (MD5): F9:03:7E:CF:E6:9E:3C:73:7A:2A:90:07:69:FF:2B:96
+# Fingerprint (SHA1): 9C:BB:48:53:F6:A4:F6:D3:52:A4:E8:32:52:55:60:13:F5:AD:AF:65
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TWCA Global Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\023\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\023\007\122\157
+\157\164\040\103\101\061\034\060\032\006\003\125\004\003\023\023
+\124\127\103\101\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\023\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\023\007\122\157
+\157\164\040\103\101\061\034\060\032\006\003\125\004\003\023\023
+\124\127\103\101\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\014\276
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\101\060\202\003\051\240\003\002\001\002\002\002\014
+\276\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
+\060\121\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\023\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\023\007\122\157
+\157\164\040\103\101\061\034\060\032\006\003\125\004\003\023\023
+\124\127\103\101\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101\060\036\027\015\061\062\060\066\062\067\060\066\062
+\070\063\063\132\027\015\063\060\061\062\063\061\061\065\065\071
+\065\071\132\060\121\061\013\060\011\006\003\125\004\006\023\002
+\124\127\061\022\060\020\006\003\125\004\012\023\011\124\101\111
+\127\101\116\055\103\101\061\020\060\016\006\003\125\004\013\023
+\007\122\157\157\164\040\103\101\061\034\060\032\006\003\125\004
+\003\023\023\124\127\103\101\040\107\154\157\142\141\154\040\122
+\157\157\164\040\103\101\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\260\005\333\310\353\214\304\156\212
+\041\357\216\115\234\161\012\037\122\160\355\155\202\234\227\305
+\327\114\116\105\111\313\100\102\265\022\064\154\031\302\164\244
+\061\137\205\002\227\354\103\063\012\123\322\234\214\216\267\270
+\171\333\053\325\152\362\216\146\304\356\053\001\007\222\324\263
+\320\002\337\120\366\125\257\146\016\313\340\107\140\057\053\062
+\071\065\122\072\050\203\370\173\026\306\030\270\142\326\107\045
+\221\316\360\031\022\115\255\143\365\323\077\165\137\051\360\241
+\060\034\052\240\230\246\025\275\356\375\031\066\360\342\221\103
+\217\372\312\326\020\047\111\114\357\335\301\361\205\160\233\312
+\352\250\132\103\374\155\206\157\163\351\067\105\251\360\066\307
+\314\210\165\036\273\154\006\377\233\153\076\027\354\141\252\161
+\174\306\035\242\367\111\351\025\265\074\326\241\141\365\021\367
+\005\157\035\375\021\276\320\060\007\302\051\260\011\116\046\334
+\343\242\250\221\152\037\302\221\105\210\134\345\230\270\161\245
+\025\031\311\174\165\021\314\160\164\117\055\233\035\221\104\375
+\126\050\240\376\273\206\152\310\372\134\013\130\334\306\113\166
+\310\253\042\331\163\017\245\364\132\002\211\077\117\236\042\202
+\356\242\164\123\052\075\123\047\151\035\154\216\062\054\144\000
+\046\143\141\066\116\243\106\267\077\175\263\055\254\155\220\242
+\225\242\316\317\332\202\347\007\064\031\226\351\270\041\252\051
+\176\246\070\276\216\051\112\041\146\171\037\263\303\265\011\147
+\336\326\324\007\106\363\052\332\346\042\067\140\313\201\266\017
+\240\017\351\310\225\177\277\125\221\005\172\317\075\025\300\157
+\336\011\224\001\203\327\064\033\314\100\245\360\270\233\147\325
+\230\221\073\247\204\170\225\046\244\132\010\370\053\164\264\000
+\004\074\337\270\024\216\350\337\251\215\154\147\222\063\035\300
+\267\322\354\222\310\276\011\277\054\051\005\157\002\153\236\357
+\274\277\052\274\133\300\120\217\101\160\161\207\262\115\267\004
+\251\204\243\062\257\256\356\153\027\213\262\261\376\154\341\220
+\214\210\250\227\110\316\310\115\313\363\006\317\137\152\012\102
+\261\036\036\167\057\216\240\346\222\016\006\374\005\042\322\046
+\341\061\121\175\062\334\017\002\003\001\000\001\243\043\060\041
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
+\003\202\002\001\000\137\064\201\166\357\226\035\325\345\265\331
+\002\143\204\026\301\256\240\160\121\247\367\114\107\065\310\013
+\327\050\075\211\161\331\252\063\101\352\024\033\154\041\000\300
+\154\102\031\176\237\151\133\040\102\337\242\322\332\304\174\227
+\113\215\260\350\254\310\356\245\151\004\231\012\222\246\253\047
+\056\032\115\201\277\204\324\160\036\255\107\376\375\112\235\063
+\340\362\271\304\105\010\041\012\332\151\151\163\162\015\276\064
+\376\224\213\255\303\036\065\327\242\203\357\345\070\307\245\205
+\037\253\317\064\354\077\050\376\014\361\127\206\116\311\125\367
+\034\324\330\245\175\006\172\157\325\337\020\337\201\116\041\145
+\261\266\341\027\171\225\105\006\316\137\314\334\106\211\143\150
+\104\215\223\364\144\160\240\075\235\050\005\303\071\160\270\142
+\173\040\375\344\333\351\010\241\270\236\075\011\307\117\373\054
+\370\223\166\101\336\122\340\341\127\322\235\003\274\167\236\376
+\236\051\136\367\301\121\140\037\336\332\013\262\055\165\267\103
+\110\223\347\366\171\306\204\135\200\131\140\224\374\170\230\217
+\074\223\121\355\100\220\007\337\144\143\044\313\116\161\005\241
+\327\224\032\210\062\361\042\164\042\256\245\246\330\022\151\114
+\140\243\002\356\053\354\324\143\222\013\136\276\057\166\153\243
+\266\046\274\217\003\330\012\362\114\144\106\275\071\142\345\226
+\353\064\143\021\050\314\225\361\255\357\357\334\200\130\110\351
+\113\270\352\145\254\351\374\200\265\265\310\105\371\254\301\237
+\331\271\352\142\210\216\304\361\113\203\022\255\346\213\204\326
+\236\302\353\203\030\237\152\273\033\044\140\063\160\314\354\367
+\062\363\134\331\171\175\357\236\244\376\311\043\303\044\356\025
+\222\261\075\221\117\046\206\275\146\163\044\023\352\244\256\143
+\301\255\175\204\003\074\020\170\206\033\171\343\304\363\362\004
+\225\040\256\043\202\304\263\072\000\142\277\346\066\044\341\127
+\272\307\036\220\165\325\137\077\225\141\053\301\073\315\345\263
+\150\141\320\106\046\251\041\122\151\055\353\056\307\353\167\316
+\246\072\265\003\063\117\166\321\347\134\124\001\135\313\170\364
+\311\014\277\317\022\216\027\055\043\150\224\347\253\376\251\262
+\053\006\320\004\315
+END
+
+# Trust for "TWCA Global Root CA"
+# Issuer: CN=TWCA Global Root CA,OU=Root CA,O=TAIWAN-CA,C=TW
+# Serial Number: 3262 (0xcbe)
+# Subject: CN=TWCA Global Root CA,OU=Root CA,O=TAIWAN-CA,C=TW
+# Not Valid Before: Wed Jun 27 06:28:33 2012
+# Not Valid After : Tue Dec 31 15:59:59 2030
+# Fingerprint (MD5): F9:03:7E:CF:E6:9E:3C:73:7A:2A:90:07:69:FF:2B:96
+# Fingerprint (SHA1): 9C:BB:48:53:F6:A4:F6:D3:52:A4:E8:32:52:55:60:13:F5:AD:AF:65
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TWCA Global Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\234\273\110\123\366\244\366\323\122\244\350\062\122\125\140\023
+\365\255\257\145
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\371\003\176\317\346\236\074\163\172\052\220\007\151\377\053\226
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\124\127\061
+\022\060\020\006\003\125\004\012\023\011\124\101\111\127\101\116
+\055\103\101\061\020\060\016\006\003\125\004\013\023\007\122\157
+\157\164\040\103\101\061\034\060\032\006\003\125\004\003\023\023
+\124\127\103\101\040\107\154\157\142\141\154\040\122\157\157\164
+\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\014\276
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TeliaSonera Root CA v1"
+#
+# Issuer: CN=TeliaSonera Root CA v1,O=TeliaSonera
+# Serial Number:00:95:be:16:a0:f7:2e:46:f1:7b:39:82:72:fa:8b:cd:96
+# Subject: CN=TeliaSonera Root CA v1,O=TeliaSonera
+# Not Valid Before: Thu Oct 18 12:00:50 2007
+# Not Valid After : Mon Oct 18 12:00:50 2032
+# Fingerprint (MD5): 37:41:49:1B:18:56:9A:26:F5:AD:C2:66:FB:40:A5:4C
+# Fingerprint (SHA1): 43:13:BB:96:F1:D5:86:9B:C1:4E:6A:92:F6:CF:F6:34:69:87:82:37
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TeliaSonera Root CA v1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\067\061\024\060\022\006\003\125\004\012\014\013\124\145\154
+\151\141\123\157\156\145\162\141\061\037\060\035\006\003\125\004
+\003\014\026\124\145\154\151\141\123\157\156\145\162\141\040\122
+\157\157\164\040\103\101\040\166\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\067\061\024\060\022\006\003\125\004\012\014\013\124\145\154
+\151\141\123\157\156\145\162\141\061\037\060\035\006\003\125\004
+\003\014\026\124\145\154\151\141\123\157\156\145\162\141\040\122
+\157\157\164\040\103\101\040\166\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\225\276\026\240\367\056\106\361\173\071\202\162\372
+\213\315\226
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\070\060\202\003\040\240\003\002\001\002\002\021\000
+\225\276\026\240\367\056\106\361\173\071\202\162\372\213\315\226
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
+\067\061\024\060\022\006\003\125\004\012\014\013\124\145\154\151
+\141\123\157\156\145\162\141\061\037\060\035\006\003\125\004\003
+\014\026\124\145\154\151\141\123\157\156\145\162\141\040\122\157
+\157\164\040\103\101\040\166\061\060\036\027\015\060\067\061\060
+\061\070\061\062\060\060\065\060\132\027\015\063\062\061\060\061
+\070\061\062\060\060\065\060\132\060\067\061\024\060\022\006\003
+\125\004\012\014\013\124\145\154\151\141\123\157\156\145\162\141
+\061\037\060\035\006\003\125\004\003\014\026\124\145\154\151\141
+\123\157\156\145\162\141\040\122\157\157\164\040\103\101\040\166
+\061\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
+\001\000\302\276\353\047\360\041\243\363\151\046\125\176\235\305
+\125\026\221\134\375\357\041\277\123\200\172\055\322\221\214\143
+\061\360\354\044\360\303\245\322\162\174\020\155\364\067\267\345
+\346\174\171\352\214\265\202\213\256\110\266\254\000\334\145\165
+\354\052\115\137\301\207\365\040\145\053\201\250\107\076\211\043
+\225\060\026\220\177\350\127\007\110\347\031\256\277\105\147\261
+\067\033\006\052\376\336\371\254\175\203\373\136\272\344\217\227
+\147\276\113\216\215\144\007\127\070\125\151\064\066\075\023\110
+\357\117\342\323\146\036\244\317\032\267\136\066\063\324\264\006
+\275\030\001\375\167\204\120\000\105\365\214\135\350\043\274\176
+\376\065\341\355\120\173\251\060\215\031\323\011\216\150\147\135
+\277\074\227\030\123\273\051\142\305\312\136\162\301\307\226\324
+\333\055\240\264\037\151\003\354\352\342\120\361\014\074\360\254
+\363\123\055\360\034\365\355\154\071\071\163\200\026\310\122\260
+\043\315\340\076\334\335\074\107\240\273\065\212\342\230\150\213
+\276\345\277\162\356\322\372\245\355\022\355\374\230\030\251\046
+\166\334\050\113\020\040\034\323\177\026\167\055\355\157\200\367
+\111\273\123\005\273\135\150\307\324\310\165\026\077\211\132\213
+\367\027\107\324\114\361\322\211\171\076\115\075\230\250\141\336
+\072\036\322\370\136\003\340\301\311\034\214\323\215\115\323\225
+\066\263\067\137\143\143\233\063\024\360\055\046\153\123\174\211
+\214\062\302\156\354\075\041\000\071\311\241\150\342\120\203\056
+\260\072\053\363\066\240\254\057\344\157\141\302\121\011\071\076
+\213\123\271\273\147\332\334\123\271\166\131\066\235\103\345\040
+\340\075\062\140\205\042\121\267\307\063\273\335\025\057\244\170
+\246\007\173\201\106\066\004\206\335\171\065\307\225\054\073\260
+\243\027\065\345\163\037\264\134\131\357\332\352\020\145\173\172
+\320\177\237\263\264\052\067\073\160\213\233\133\271\053\267\354
+\262\121\022\227\123\051\132\324\360\022\020\334\117\002\273\022
+\222\057\142\324\077\151\103\174\015\326\374\130\165\001\210\235
+\130\026\113\336\272\220\377\107\001\211\006\152\366\137\262\220
+\152\263\002\246\002\210\277\263\107\176\052\331\325\372\150\170
+\065\115\002\003\001\000\001\243\077\060\075\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\013\006\003
+\125\035\017\004\004\003\002\001\006\060\035\006\003\125\035\016
+\004\026\004\024\360\217\131\070\000\263\365\217\232\226\014\325
+\353\372\173\252\027\350\023\022\060\015\006\011\052\206\110\206
+\367\015\001\001\005\005\000\003\202\002\001\000\276\344\134\142
+\116\044\364\014\010\377\360\323\014\150\344\223\111\042\077\104
+\047\157\273\155\336\203\146\316\250\314\015\374\365\232\006\345
+\167\024\221\353\235\101\173\231\052\204\345\377\374\041\301\135
+\360\344\037\127\267\165\251\241\137\002\046\377\327\307\367\116
+\336\117\370\367\034\106\300\172\117\100\054\042\065\360\031\261
+\320\153\147\054\260\250\340\300\100\067\065\366\204\134\134\343
+\257\102\170\376\247\311\015\120\352\015\204\166\366\121\357\203
+\123\306\172\377\016\126\111\056\217\172\326\014\346\047\124\343
+\115\012\140\162\142\315\221\007\326\245\277\310\231\153\355\304
+\031\346\253\114\021\070\305\157\061\342\156\111\310\077\166\200
+\046\003\046\051\340\066\366\366\040\123\343\027\160\064\027\235
+\143\150\036\153\354\303\115\206\270\023\060\057\135\106\015\107
+\103\325\033\252\131\016\271\134\215\006\110\255\164\207\137\307
+\374\061\124\101\023\342\307\041\016\236\340\036\015\341\300\173
+\103\205\220\305\212\130\306\145\012\170\127\362\306\043\017\001
+\331\040\113\336\017\373\222\205\165\052\134\163\215\155\173\045
+\221\312\356\105\256\006\113\000\314\323\261\131\120\332\072\210
+\073\051\103\106\136\227\053\124\316\123\157\215\112\347\226\372
+\277\161\016\102\213\174\375\050\240\320\110\312\332\304\201\114
+\273\242\163\223\046\310\353\014\326\046\210\266\300\044\317\273
+\275\133\353\165\175\351\010\216\206\063\054\171\167\011\151\245
+\211\374\263\160\220\207\166\217\323\042\273\102\316\275\163\013
+\040\046\052\320\233\075\160\036\044\154\315\207\166\251\027\226
+\267\317\015\222\373\216\030\251\230\111\321\236\376\140\104\162
+\041\271\031\355\302\365\061\361\071\110\210\220\044\165\124\026
+\255\316\364\370\151\024\144\071\373\243\270\272\160\100\307\047
+\034\277\304\126\123\372\143\145\320\363\034\016\026\365\153\206
+\130\115\030\324\344\015\216\245\235\133\221\334\166\044\120\077
+\306\052\373\331\267\234\265\326\346\320\331\350\031\213\025\161
+\110\255\267\352\330\131\210\324\220\277\026\263\331\351\254\131
+\141\124\310\034\272\312\301\312\341\271\040\114\217\072\223\211
+\245\240\314\277\323\366\165\244\165\226\155\126
+END
+
+# Trust for "TeliaSonera Root CA v1"
+# Issuer: CN=TeliaSonera Root CA v1,O=TeliaSonera
+# Serial Number:00:95:be:16:a0:f7:2e:46:f1:7b:39:82:72:fa:8b:cd:96
+# Subject: CN=TeliaSonera Root CA v1,O=TeliaSonera
+# Not Valid Before: Thu Oct 18 12:00:50 2007
+# Not Valid After : Mon Oct 18 12:00:50 2032
+# Fingerprint (MD5): 37:41:49:1B:18:56:9A:26:F5:AD:C2:66:FB:40:A5:4C
+# Fingerprint (SHA1): 43:13:BB:96:F1:D5:86:9B:C1:4E:6A:92:F6:CF:F6:34:69:87:82:37
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TeliaSonera Root CA v1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\103\023\273\226\361\325\206\233\301\116\152\222\366\317\366\064
+\151\207\202\067
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\067\101\111\033\030\126\232\046\365\255\302\146\373\100\245\114
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\067\061\024\060\022\006\003\125\004\012\014\013\124\145\154
+\151\141\123\157\156\145\162\141\061\037\060\035\006\003\125\004
+\003\014\026\124\145\154\151\141\123\157\156\145\162\141\040\122
+\157\157\164\040\103\101\040\166\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\225\276\026\240\367\056\106\361\173\071\202\162\372
+\213\315\226
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "E-Tugra Certification Authority"
+#
+# Issuer: CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi,O=E-Tu..ra EBG Bili..im Teknolojileri ve Hizmetleri A....,L=Ankara,C=TR
+# Serial Number:6a:68:3e:9c:51:9b:cb:53
+# Subject: CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi,O=E-Tu..ra EBG Bili..im Teknolojileri ve Hizmetleri A....,L=Ankara,C=TR
+# Not Valid Before: Tue Mar 05 12:09:48 2013
+# Not Valid After : Fri Mar 03 12:09:48 2023
+# Fingerprint (MD5): B8:A1:03:63:B0:BD:21:71:70:8A:6F:13:3A:BB:79:49
+# Fingerprint (SHA1): 51:C6:E7:08:49:06:6E:F3:92:D4:5C:A0:0D:6D:A3:62:8F:C3:52:39
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "E-Tugra Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\262\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\100\060\076\006\003\125\004\012\014\067\105\055\124\165
+\304\237\162\141\040\105\102\107\040\102\151\154\151\305\237\151
+\155\040\124\145\153\156\157\154\157\152\151\154\145\162\151\040
+\166\145\040\110\151\172\155\145\164\154\145\162\151\040\101\056
+\305\236\056\061\046\060\044\006\003\125\004\013\014\035\105\055
+\124\165\147\162\141\040\123\145\162\164\151\146\151\153\141\163
+\171\157\156\040\115\145\162\153\145\172\151\061\050\060\046\006
+\003\125\004\003\014\037\105\055\124\165\147\162\141\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\262\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\100\060\076\006\003\125\004\012\014\067\105\055\124\165
+\304\237\162\141\040\105\102\107\040\102\151\154\151\305\237\151
+\155\040\124\145\153\156\157\154\157\152\151\154\145\162\151\040
+\166\145\040\110\151\172\155\145\164\154\145\162\151\040\101\056
+\305\236\056\061\046\060\044\006\003\125\004\013\014\035\105\055
+\124\165\147\162\141\040\123\145\162\164\151\146\151\153\141\163
+\171\157\156\040\115\145\162\153\145\172\151\061\050\060\046\006
+\003\125\004\003\014\037\105\055\124\165\147\162\141\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\152\150\076\234\121\233\313\123
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\113\060\202\004\063\240\003\002\001\002\002\010\152
+\150\076\234\121\233\313\123\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\201\262\061\013\060\011\006\003\125
+\004\006\023\002\124\122\061\017\060\015\006\003\125\004\007\014
+\006\101\156\153\141\162\141\061\100\060\076\006\003\125\004\012
+\014\067\105\055\124\165\304\237\162\141\040\105\102\107\040\102
+\151\154\151\305\237\151\155\040\124\145\153\156\157\154\157\152
+\151\154\145\162\151\040\166\145\040\110\151\172\155\145\164\154
+\145\162\151\040\101\056\305\236\056\061\046\060\044\006\003\125
+\004\013\014\035\105\055\124\165\147\162\141\040\123\145\162\164
+\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145\172
+\151\061\050\060\046\006\003\125\004\003\014\037\105\055\124\165
+\147\162\141\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\061
+\063\060\063\060\065\061\062\060\071\064\070\132\027\015\062\063
+\060\063\060\063\061\062\060\071\064\070\132\060\201\262\061\013
+\060\011\006\003\125\004\006\023\002\124\122\061\017\060\015\006
+\003\125\004\007\014\006\101\156\153\141\162\141\061\100\060\076
+\006\003\125\004\012\014\067\105\055\124\165\304\237\162\141\040
+\105\102\107\040\102\151\154\151\305\237\151\155\040\124\145\153
+\156\157\154\157\152\151\154\145\162\151\040\166\145\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\061\046
+\060\044\006\003\125\004\013\014\035\105\055\124\165\147\162\141
+\040\123\145\162\164\151\146\151\153\141\163\171\157\156\040\115
+\145\162\153\145\172\151\061\050\060\046\006\003\125\004\003\014
+\037\105\055\124\165\147\162\141\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\342\365\077\223\005\121\036\205\142\124\136\172\013\365\030
+\007\203\256\176\257\174\367\324\212\153\245\143\103\071\271\113
+\367\303\306\144\211\075\224\056\124\200\122\071\071\007\113\113
+\335\205\007\166\207\314\277\057\225\114\314\175\247\075\274\107
+\017\230\160\370\214\205\036\164\216\222\155\033\100\321\231\015
+\273\165\156\310\251\153\232\300\204\061\257\312\103\313\353\053
+\064\350\217\227\153\001\233\325\016\112\010\252\133\222\164\205
+\103\323\200\256\241\210\133\256\263\352\136\313\026\232\167\104
+\310\241\366\124\150\316\336\217\227\053\272\133\100\002\014\144
+\027\300\265\223\315\341\361\023\146\316\014\171\357\321\221\050
+\253\137\240\022\122\060\163\031\216\217\341\214\007\242\303\273
+\112\360\352\037\025\250\356\045\314\244\106\370\033\042\357\263
+\016\103\272\054\044\270\305\054\134\324\034\370\135\144\275\303
+\223\136\050\247\077\047\361\216\036\323\052\120\005\243\125\331
+\313\347\071\123\300\230\236\214\124\142\213\046\260\367\175\215
+\174\344\306\236\146\102\125\202\107\347\262\130\215\146\367\007
+\174\056\066\346\120\034\077\333\103\044\305\277\206\107\171\263
+\171\034\367\132\364\023\354\154\370\077\342\131\037\225\356\102
+\076\271\255\250\062\205\111\227\106\376\113\061\217\132\313\255
+\164\107\037\351\221\267\337\050\004\042\240\324\017\135\342\171
+\117\352\154\205\206\275\250\246\316\344\372\303\341\263\256\336
+\074\121\356\313\023\174\001\177\204\016\135\121\224\236\023\014
+\266\056\245\114\371\071\160\066\157\226\312\056\014\104\125\305
+\312\372\135\002\243\337\326\144\214\132\263\001\012\251\265\012
+\107\027\377\357\221\100\052\216\241\106\072\061\230\345\021\374
+\314\273\111\126\212\374\271\320\141\232\157\145\154\346\303\313
+\076\165\111\376\217\247\342\211\305\147\327\235\106\023\116\061
+\166\073\044\263\236\021\145\206\253\177\357\035\324\370\274\347
+\254\132\134\267\132\107\134\125\316\125\264\042\161\133\133\013
+\360\317\334\240\141\144\352\251\327\150\012\143\247\340\015\077
+\240\257\323\252\322\176\357\121\240\346\121\053\125\222\025\027
+\123\313\267\146\016\146\114\370\371\165\114\220\347\022\160\307
+\105\002\003\001\000\001\243\143\060\141\060\035\006\003\125\035
+\016\004\026\004\024\056\343\333\262\111\320\234\124\171\134\372
+\047\052\376\314\116\322\350\116\124\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125\035
+\043\004\030\060\026\200\024\056\343\333\262\111\320\234\124\171
+\134\372\047\052\376\314\116\322\350\116\124\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\005
+\067\072\364\115\267\105\342\105\165\044\217\266\167\122\350\034
+\330\020\223\145\363\362\131\006\244\076\036\051\354\135\321\320
+\253\174\340\012\220\110\170\355\116\230\003\231\376\050\140\221
+\035\060\035\270\143\174\250\346\065\265\372\323\141\166\346\326
+\007\113\312\151\232\262\204\172\167\223\105\027\025\237\044\320
+\230\023\022\377\273\240\056\375\116\114\207\370\316\134\252\230
+\033\005\340\000\106\112\202\200\245\063\213\050\334\355\070\323
+\337\345\076\351\376\373\131\335\141\204\117\322\124\226\023\141
+\023\076\217\200\151\276\223\107\265\065\103\322\132\273\075\134
+\357\263\102\107\315\073\125\023\006\260\011\333\375\143\366\072
+\210\012\231\157\176\341\316\033\123\152\104\146\043\121\010\173
+\274\133\122\242\375\006\067\070\100\141\217\112\226\270\220\067
+\370\146\307\170\220\000\025\056\213\255\121\065\123\007\250\153
+\150\256\371\116\074\007\046\315\010\005\160\314\071\077\166\275
+\245\323\147\046\001\206\246\123\322\140\073\174\103\177\125\212
+\274\225\032\301\050\071\114\037\103\322\221\364\162\131\212\271
+\126\374\077\264\235\332\160\234\166\132\214\103\120\356\216\060
+\162\115\337\377\111\367\306\251\147\331\155\254\002\021\342\072
+\026\045\247\130\010\313\157\123\101\234\110\070\107\150\063\321
+\327\307\217\324\164\041\324\303\005\220\172\377\316\226\210\261
+\025\051\135\043\253\320\140\241\022\117\336\364\027\315\062\345
+\311\277\310\103\255\375\056\216\361\257\342\364\230\372\022\037
+\040\330\300\247\014\205\305\220\364\073\055\226\046\261\054\276
+\114\253\353\261\322\212\311\333\170\023\017\036\011\235\155\217
+\000\237\002\332\301\372\037\172\172\011\304\112\346\210\052\227
+\237\211\213\375\067\137\137\072\316\070\131\206\113\257\161\013
+\264\330\362\160\117\237\062\023\343\260\247\127\345\332\332\103
+\313\204\064\362\050\304\352\155\364\052\357\301\153\166\332\373
+\176\273\205\074\322\123\302\115\276\161\341\105\321\375\043\147
+\015\023\165\373\317\145\147\042\235\256\260\011\321\011\377\035
+\064\277\376\043\227\067\322\071\372\075\015\006\013\264\333\073
+\243\253\157\134\035\266\176\350\263\202\064\355\006\134\044
+END
+
+# Trust for "E-Tugra Certification Authority"
+# Issuer: CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi,O=E-Tu..ra EBG Bili..im Teknolojileri ve Hizmetleri A....,L=Ankara,C=TR
+# Serial Number:6a:68:3e:9c:51:9b:cb:53
+# Subject: CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi,O=E-Tu..ra EBG Bili..im Teknolojileri ve Hizmetleri A....,L=Ankara,C=TR
+# Not Valid Before: Tue Mar 05 12:09:48 2013
+# Not Valid After : Fri Mar 03 12:09:48 2023
+# Fingerprint (MD5): B8:A1:03:63:B0:BD:21:71:70:8A:6F:13:3A:BB:79:49
+# Fingerprint (SHA1): 51:C6:E7:08:49:06:6E:F3:92:D4:5C:A0:0D:6D:A3:62:8F:C3:52:39
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "E-Tugra Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\121\306\347\010\111\006\156\363\222\324\134\240\015\155\243\142
+\217\303\122\071
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\270\241\003\143\260\275\041\161\160\212\157\023\072\273\171\111
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\262\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\100\060\076\006\003\125\004\012\014\067\105\055\124\165
+\304\237\162\141\040\105\102\107\040\102\151\154\151\305\237\151
+\155\040\124\145\153\156\157\154\157\152\151\154\145\162\151\040
+\166\145\040\110\151\172\155\145\164\154\145\162\151\040\101\056
+\305\236\056\061\046\060\044\006\003\125\004\013\014\035\105\055
+\124\165\147\162\141\040\123\145\162\164\151\146\151\153\141\163
+\171\157\156\040\115\145\162\153\145\172\151\061\050\060\046\006
+\003\125\004\003\014\037\105\055\124\165\147\162\141\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\152\150\076\234\121\233\313\123
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "T-TeleSec GlobalRoot Class 2"
+#
+# Issuer: CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Serial Number: 1 (0x1)
+# Subject: CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Not Valid Before: Wed Oct 01 10:40:14 2008
+# Not Valid After : Sat Oct 01 23:59:59 2033
+# Fingerprint (MD5): 2B:9B:9E:E4:7B:6C:1F:00:72:1A:CC:C1:77:79:DF:6A
+# Fingerprint (SHA1): 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "T-TeleSec GlobalRoot Class 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163
+\164\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040
+\123\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060
+\035\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155
+\163\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045
+\060\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123
+\145\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154
+\141\163\163\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163
+\164\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040
+\123\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060
+\035\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155
+\163\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045
+\060\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123
+\145\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154
+\141\163\163\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\303\060\202\002\253\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163\164
+\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040\123
+\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060\035
+\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155\163
+\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045\060
+\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123\145
+\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154\141
+\163\163\040\062\060\036\027\015\060\070\061\060\060\061\061\060
+\064\060\061\064\132\027\015\063\063\061\060\060\061\062\063\065
+\071\065\071\132\060\201\202\061\013\060\011\006\003\125\004\006
+\023\002\104\105\061\053\060\051\006\003\125\004\012\014\042\124
+\055\123\171\163\164\145\155\163\040\105\156\164\145\162\160\162
+\151\163\145\040\123\145\162\166\151\143\145\163\040\107\155\142
+\110\061\037\060\035\006\003\125\004\013\014\026\124\055\123\171
+\163\164\145\155\163\040\124\162\165\163\164\040\103\145\156\164
+\145\162\061\045\060\043\006\003\125\004\003\014\034\124\055\124
+\145\154\145\123\145\143\040\107\154\157\142\141\154\122\157\157
+\164\040\103\154\141\163\163\040\062\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\252\137\332\033\137\350
+\163\221\345\332\134\364\242\346\107\345\363\150\125\140\005\035
+\002\244\263\233\131\363\036\212\257\064\255\374\015\302\331\110
+\031\356\151\217\311\040\374\041\252\007\031\355\260\134\254\145
+\307\137\355\002\174\173\174\055\033\326\272\271\200\302\030\202
+\026\204\372\146\260\010\306\124\043\201\344\315\271\111\077\366
+\117\156\067\110\050\070\017\305\276\347\150\160\375\071\227\115
+\322\307\230\221\120\252\304\104\263\043\175\071\107\351\122\142
+\326\022\223\136\267\061\226\102\005\373\166\247\036\243\365\302
+\374\351\172\305\154\251\161\117\352\313\170\274\140\257\307\336
+\364\331\313\276\176\063\245\156\224\203\360\064\372\041\253\352
+\216\162\240\077\244\336\060\133\357\206\115\152\225\133\103\104
+\250\020\025\034\345\001\127\305\230\361\346\006\050\221\252\040
+\305\267\123\046\121\103\262\013\021\225\130\341\300\017\166\331
+\300\215\174\201\363\162\160\236\157\376\032\216\331\137\065\306
+\262\157\064\174\276\110\117\342\132\071\327\330\235\170\236\237
+\206\076\003\136\031\213\104\242\325\307\002\003\001\000\001\243
+\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\277
+\131\040\066\000\171\240\240\042\153\214\325\362\141\322\270\054
+\313\202\112\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\061\003\242\141\013\037\164\350\162
+\066\306\155\371\115\236\372\042\250\341\201\126\317\315\273\237
+\352\253\221\031\070\257\252\174\025\115\363\266\243\215\245\364
+\216\366\104\251\247\350\041\225\255\076\000\142\026\210\360\002
+\272\374\141\043\346\063\233\060\172\153\066\142\173\255\004\043
+\204\130\145\342\333\053\212\347\045\123\067\142\123\137\274\332
+\001\142\051\242\246\047\161\346\072\042\176\301\157\035\225\160
+\040\112\007\064\337\352\377\025\200\345\272\327\172\330\133\165
+\174\005\172\051\107\176\100\250\061\023\167\315\100\073\264\121
+\107\172\056\021\343\107\021\336\235\146\320\213\325\124\146\372
+\203\125\352\174\302\051\211\033\351\157\263\316\342\005\204\311
+\057\076\170\205\142\156\311\137\301\170\143\164\130\300\110\030
+\014\231\071\353\244\314\032\265\171\132\215\025\234\330\024\015
+\366\172\007\127\307\042\203\005\055\074\233\045\046\075\030\263
+\251\103\174\310\310\253\144\217\016\243\277\234\033\235\060\333
+\332\320\031\056\252\074\361\373\063\200\166\344\315\255\031\117
+\005\047\216\023\241\156\302
+END
+
+# Trust for "T-TeleSec GlobalRoot Class 2"
+# Issuer: CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Serial Number: 1 (0x1)
+# Subject: CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
+# Not Valid Before: Wed Oct 01 10:40:14 2008
+# Not Valid After : Sat Oct 01 23:59:59 2033
+# Fingerprint (MD5): 2B:9B:9E:E4:7B:6C:1F:00:72:1A:CC:C1:77:79:DF:6A
+# Fingerprint (SHA1): 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "T-TeleSec GlobalRoot Class 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\131\015\055\175\210\117\100\056\141\176\245\142\062\027\145\317
+\027\330\224\351
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\053\233\236\344\173\154\037\000\162\032\314\301\167\171\337\152
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\053\060\051\006\003\125\004\012\014\042\124\055\123\171\163
+\164\145\155\163\040\105\156\164\145\162\160\162\151\163\145\040
+\123\145\162\166\151\143\145\163\040\107\155\142\110\061\037\060
+\035\006\003\125\004\013\014\026\124\055\123\171\163\164\145\155
+\163\040\124\162\165\163\164\040\103\145\156\164\145\162\061\045
+\060\043\006\003\125\004\003\014\034\124\055\124\145\154\145\123
+\145\143\040\107\154\157\142\141\154\122\157\157\164\040\103\154
+\141\163\163\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Atos TrustedRoot 2011"
+#
+# Issuer: C=DE,O=Atos,CN=Atos TrustedRoot 2011
+# Serial Number:5c:33:cb:62:2c:5f:b3:32
+# Subject: C=DE,O=Atos,CN=Atos TrustedRoot 2011
+# Not Valid Before: Thu Jul 07 14:58:30 2011
+# Not Valid After : Tue Dec 31 23:59:59 2030
+# Fingerprint (MD5): AE:B9:C4:32:4B:AC:7F:5D:66:CC:77:94:BB:2A:77:56
+# Fingerprint (SHA1): 2B:B1:F5:3E:55:0C:1D:C5:F1:D4:E6:B7:6A:46:4B:55:06:02:AC:21
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Atos TrustedRoot 2011"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\074\061\036\060\034\006\003\125\004\003\014\025\101\164\157
+\163\040\124\162\165\163\164\145\144\122\157\157\164\040\062\060
+\061\061\061\015\060\013\006\003\125\004\012\014\004\101\164\157
+\163\061\013\060\011\006\003\125\004\006\023\002\104\105
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\074\061\036\060\034\006\003\125\004\003\014\025\101\164\157
+\163\040\124\162\165\163\164\145\144\122\157\157\164\040\062\060
+\061\061\061\015\060\013\006\003\125\004\012\014\004\101\164\157
+\163\061\013\060\011\006\003\125\004\006\023\002\104\105
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\134\063\313\142\054\137\263\062
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\167\060\202\002\137\240\003\002\001\002\002\010\134
+\063\313\142\054\137\263\062\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\074\061\036\060\034\006\003\125\004
+\003\014\025\101\164\157\163\040\124\162\165\163\164\145\144\122
+\157\157\164\040\062\060\061\061\061\015\060\013\006\003\125\004
+\012\014\004\101\164\157\163\061\013\060\011\006\003\125\004\006
+\023\002\104\105\060\036\027\015\061\061\060\067\060\067\061\064
+\065\070\063\060\132\027\015\063\060\061\062\063\061\062\063\065
+\071\065\071\132\060\074\061\036\060\034\006\003\125\004\003\014
+\025\101\164\157\163\040\124\162\165\163\164\145\144\122\157\157
+\164\040\062\060\061\061\061\015\060\013\006\003\125\004\012\014
+\004\101\164\157\163\061\013\060\011\006\003\125\004\006\023\002
+\104\105\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\225\205\073\227\157\052\073\056\073\317\246\363\051
+\065\276\317\030\254\076\252\331\370\115\240\076\032\107\271\274
+\232\337\362\376\314\076\107\350\172\226\302\044\216\065\364\251
+\014\374\202\375\155\301\162\142\047\275\352\153\353\347\212\314
+\124\076\220\120\317\200\324\225\373\350\265\202\324\024\305\266
+\251\125\045\127\333\261\120\366\260\140\144\131\172\151\317\003
+\267\157\015\276\312\076\157\164\162\352\252\060\052\163\142\276
+\111\221\141\310\021\376\016\003\052\367\152\040\334\002\025\015
+\136\025\152\374\343\202\301\265\305\235\144\011\154\243\131\230
+\007\047\307\033\226\053\141\164\161\154\103\361\367\065\211\020
+\340\236\354\125\241\067\042\242\207\004\005\054\107\175\264\034
+\271\142\051\146\050\312\267\341\223\365\244\224\003\231\271\160
+\205\265\346\110\352\215\120\374\331\336\314\157\007\016\335\013
+\162\235\200\060\026\007\225\077\050\016\375\305\165\117\123\326
+\164\232\264\044\056\216\002\221\317\166\305\233\036\125\164\234
+\170\041\261\360\055\361\013\237\302\325\226\030\037\360\124\042
+\172\214\007\002\003\001\000\001\243\175\060\173\060\035\006\003
+\125\035\016\004\026\004\024\247\245\006\261\054\246\011\140\356
+\321\227\351\160\256\274\073\031\154\333\041\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003
+\125\035\043\004\030\060\026\200\024\247\245\006\261\054\246\011
+\140\356\321\227\351\160\256\274\073\031\154\333\041\060\030\006
+\003\125\035\040\004\021\060\017\060\015\006\013\053\006\001\004
+\001\260\055\003\004\001\001\060\016\006\003\125\035\017\001\001
+\377\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\003\202\001\001\000\046\167\064\333\224
+\110\206\052\101\235\054\076\006\220\140\304\214\254\013\124\270
+\037\271\173\323\007\071\344\372\076\173\262\075\116\355\237\043
+\275\227\363\153\134\357\356\375\100\246\337\241\223\241\012\206
+\254\357\040\320\171\001\275\170\367\031\330\044\061\064\004\001
+\246\272\025\232\303\047\334\330\117\017\314\030\143\377\231\017
+\016\221\153\165\026\341\041\374\330\046\307\107\267\246\317\130
+\162\161\176\272\341\115\225\107\073\311\257\155\241\264\301\354
+\211\366\264\017\070\265\342\144\334\045\317\246\333\353\232\134
+\231\241\305\010\336\375\346\332\325\326\132\105\014\304\267\302
+\265\024\357\264\021\377\016\025\265\365\365\333\306\275\353\132
+\247\360\126\042\251\074\145\124\306\025\250\275\206\236\315\203
+\226\150\172\161\201\211\341\013\341\352\021\033\150\010\314\151
+\236\354\236\101\236\104\062\046\172\342\207\012\161\075\353\344
+\132\244\322\333\305\315\306\336\140\177\271\363\117\104\222\357
+\052\267\030\076\247\031\331\013\175\261\067\101\102\260\272\140
+\035\362\376\011\021\260\360\207\173\247\235
+END
+
+# Trust for "Atos TrustedRoot 2011"
+# Issuer: C=DE,O=Atos,CN=Atos TrustedRoot 2011
+# Serial Number:5c:33:cb:62:2c:5f:b3:32
+# Subject: C=DE,O=Atos,CN=Atos TrustedRoot 2011
+# Not Valid Before: Thu Jul 07 14:58:30 2011
+# Not Valid After : Tue Dec 31 23:59:59 2030
+# Fingerprint (MD5): AE:B9:C4:32:4B:AC:7F:5D:66:CC:77:94:BB:2A:77:56
+# Fingerprint (SHA1): 2B:B1:F5:3E:55:0C:1D:C5:F1:D4:E6:B7:6A:46:4B:55:06:02:AC:21
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Atos TrustedRoot 2011"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\053\261\365\076\125\014\035\305\361\324\346\267\152\106\113\125
+\006\002\254\041
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\256\271\304\062\113\254\177\135\146\314\167\224\273\052\167\126
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\074\061\036\060\034\006\003\125\004\003\014\025\101\164\157
+\163\040\124\162\165\163\164\145\144\122\157\157\164\040\062\060
+\061\061\061\015\060\013\006\003\125\004\012\014\004\101\164\157
+\163\061\013\060\011\006\003\125\004\006\023\002\104\105
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\134\063\313\142\054\137\263\062
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "QuoVadis Root CA 1 G3"
+#
+# Issuer: CN=QuoVadis Root CA 1 G3,O=QuoVadis Limited,C=BM
+# Serial Number:78:58:5f:2e:ad:2c:19:4b:e3:37:07:35:34:13:28:b5:96:d4:65:93
+# Subject: CN=QuoVadis Root CA 1 G3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Thu Jan 12 17:27:44 2012
+# Not Valid After : Sun Jan 12 17:27:44 2042
+# Fingerprint (SHA-256): 8A:86:6F:D1:B2:76:B5:7E:57:8E:92:1C:65:82:8A:2B:ED:58:E9:F2:F2:88:05:41:34:B7:F1:F4:BF:C9:CC:74
+# Fingerprint (SHA1): 1B:8E:EA:57:96:29:1A:C9:39:EA:B8:0A:81:1A:73:73:C0:93:79:67
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 1 G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\061\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\061\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\170\130\137\056\255\054\031\113\343\067\007\065\064\023
+\050\265\226\324\145\223
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\140\060\202\003\110\240\003\002\001\002\002\024\170
+\130\137\056\255\054\031\113\343\067\007\065\064\023\050\265\226
+\324\145\223\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\110\061\013\060\011\006\003\125\004\006\023\002\102
+\115\061\031\060\027\006\003\125\004\012\023\020\121\165\157\126
+\141\144\151\163\040\114\151\155\151\164\145\144\061\036\060\034
+\006\003\125\004\003\023\025\121\165\157\126\141\144\151\163\040
+\122\157\157\164\040\103\101\040\061\040\107\063\060\036\027\015
+\061\062\060\061\061\062\061\067\062\067\064\064\132\027\015\064
+\062\060\061\061\062\061\067\062\067\064\064\132\060\110\061\013
+\060\011\006\003\125\004\006\023\002\102\115\061\031\060\027\006
+\003\125\004\012\023\020\121\165\157\126\141\144\151\163\040\114
+\151\155\151\164\145\144\061\036\060\034\006\003\125\004\003\023
+\025\121\165\157\126\141\144\151\163\040\122\157\157\164\040\103
+\101\040\061\040\107\063\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\240\276\120\020\216\351\362\154\100
+\264\004\234\205\271\061\312\334\055\344\021\251\004\074\033\125
+\301\347\130\060\035\044\264\303\357\205\336\214\054\341\301\075
+\337\202\346\117\255\107\207\154\354\133\111\301\112\325\273\217
+\354\207\254\177\202\232\206\354\075\003\231\122\001\322\065\236
+\254\332\360\123\311\146\074\324\254\002\001\332\044\323\073\250
+\002\106\257\244\034\343\370\163\130\166\267\366\016\220\015\265
+\360\317\314\372\371\306\114\345\303\206\060\012\215\027\176\065
+\353\305\337\273\016\234\300\215\207\343\210\070\205\147\372\076
+\307\253\340\023\234\005\030\230\317\223\365\261\222\264\374\043
+\323\317\325\304\047\111\340\236\074\233\010\243\213\135\052\041
+\340\374\071\252\123\332\175\176\317\032\011\123\274\135\005\004
+\317\241\112\217\213\166\202\015\241\370\322\307\024\167\133\220
+\066\007\201\233\076\006\372\122\136\143\305\246\000\376\245\351
+\122\033\122\265\222\071\162\003\011\142\275\260\140\026\156\246
+\335\045\302\003\146\335\363\004\321\100\342\116\213\206\364\157
+\345\203\240\047\204\136\004\301\365\220\275\060\075\304\357\250
+\151\274\070\233\244\244\226\321\142\332\151\300\001\226\256\313
+\304\121\064\352\014\252\377\041\216\131\217\112\134\344\141\232
+\247\322\351\052\170\215\121\075\072\025\356\242\131\216\251\134
+\336\305\371\220\042\345\210\105\161\335\221\231\154\172\237\075
+\075\230\174\136\366\276\026\150\240\136\256\013\043\374\132\017
+\252\042\166\055\311\241\020\035\344\323\104\043\220\210\237\306
+\052\346\327\365\232\263\130\036\057\060\211\010\033\124\242\265
+\230\043\354\010\167\034\225\135\141\321\313\211\234\137\242\112
+\221\232\357\041\252\111\026\010\250\275\141\050\061\311\164\255
+\205\366\331\305\261\213\321\345\020\062\115\137\213\040\072\074
+\111\037\063\205\131\015\333\313\011\165\103\151\163\373\153\161
+\175\360\337\304\114\175\306\243\056\310\225\171\313\163\242\216
+\116\115\044\373\136\344\004\276\162\033\246\047\055\111\132\231
+\172\327\134\011\040\267\177\224\271\117\361\015\034\136\210\102
+\033\021\267\347\221\333\236\154\364\152\337\214\006\230\003\255
+\314\050\357\245\107\363\123\002\003\001\000\001\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\035\006\003\125\035\016\004\026\004\024\243\227\326\363
+\136\242\020\341\253\105\237\074\027\144\074\356\001\160\234\314
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\002\001\000\030\372\133\165\374\076\172\307\137\167\307\312
+\337\317\137\303\022\304\100\135\324\062\252\270\152\327\325\025
+\025\106\230\043\245\346\220\133\030\231\114\343\255\102\243\202
+\061\066\210\315\351\373\304\004\226\110\213\001\307\215\001\317
+\133\063\006\226\106\146\164\035\117\355\301\266\271\264\015\141
+\314\143\176\327\056\167\214\226\034\052\043\150\153\205\127\166
+\160\063\023\376\341\117\246\043\167\030\372\032\214\350\275\145
+\311\317\077\364\311\027\334\353\307\274\300\004\056\055\106\057
+\151\146\303\033\217\376\354\076\323\312\224\277\166\012\045\015
+\251\173\002\034\251\320\073\137\013\300\201\072\075\144\341\277
+\247\055\116\275\115\304\330\051\306\042\030\320\305\254\162\002
+\202\077\252\072\242\072\042\227\061\335\010\143\303\165\024\271
+\140\050\055\133\150\340\026\251\146\202\043\121\365\353\123\330
+\061\233\173\351\267\235\113\353\210\026\317\371\135\070\212\111
+\060\217\355\361\353\031\364\167\032\061\030\115\147\124\154\057
+\157\145\371\333\075\354\041\354\136\364\364\213\312\140\145\124
+\321\161\144\364\371\246\243\201\063\066\063\161\360\244\170\137
+\116\255\203\041\336\064\111\215\350\131\254\235\362\166\132\066
+\362\023\364\257\340\011\307\141\052\154\367\340\235\256\273\206
+\112\050\157\056\356\264\171\315\220\063\303\263\166\372\365\360
+\154\235\001\220\372\236\220\366\234\162\317\107\332\303\037\344
+\065\040\123\362\124\321\337\141\203\246\002\342\045\070\336\205
+\062\055\136\163\220\122\135\102\304\316\075\113\341\371\031\204
+\035\325\242\120\314\101\373\101\024\303\275\326\311\132\243\143
+\146\002\200\275\005\072\073\107\234\354\000\046\114\365\210\121
+\277\250\043\177\030\007\260\013\355\213\046\241\144\323\141\112
+\353\134\237\336\263\257\147\003\263\037\335\155\135\151\150\151
+\253\136\072\354\174\151\274\307\073\205\116\236\025\271\264\025
+\117\303\225\172\130\327\311\154\351\154\271\363\051\143\136\264
+\054\360\055\075\355\132\145\340\251\133\100\302\110\231\201\155
+\236\037\006\052\074\022\264\213\017\233\242\044\360\246\215\326
+\172\340\113\266\144\226\143\225\204\302\112\315\034\056\044\207
+\063\140\345\303
+END
+
+# Trust for "QuoVadis Root CA 1 G3"
+# Issuer: CN=QuoVadis Root CA 1 G3,O=QuoVadis Limited,C=BM
+# Serial Number:78:58:5f:2e:ad:2c:19:4b:e3:37:07:35:34:13:28:b5:96:d4:65:93
+# Subject: CN=QuoVadis Root CA 1 G3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Thu Jan 12 17:27:44 2012
+# Not Valid After : Sun Jan 12 17:27:44 2042
+# Fingerprint (SHA-256): 8A:86:6F:D1:B2:76:B5:7E:57:8E:92:1C:65:82:8A:2B:ED:58:E9:F2:F2:88:05:41:34:B7:F1:F4:BF:C9:CC:74
+# Fingerprint (SHA1): 1B:8E:EA:57:96:29:1A:C9:39:EA:B8:0A:81:1A:73:73:C0:93:79:67
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 1 G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\033\216\352\127\226\051\032\311\071\352\270\012\201\032\163\163
+\300\223\171\147
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\244\274\133\077\376\067\232\372\144\360\342\372\005\075\013\253
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\061\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\170\130\137\056\255\054\031\113\343\067\007\065\064\023
+\050\265\226\324\145\223
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "QuoVadis Root CA 2 G3"
+#
+# Issuer: CN=QuoVadis Root CA 2 G3,O=QuoVadis Limited,C=BM
+# Serial Number:44:57:34:24:5b:81:89:9b:35:f2:ce:b8:2b:3b:5b:a7:26:f0:75:28
+# Subject: CN=QuoVadis Root CA 2 G3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Thu Jan 12 18:59:32 2012
+# Not Valid After : Sun Jan 12 18:59:32 2042
+# Fingerprint (SHA-256): 8F:E4:FB:0A:F9:3A:4D:0D:67:DB:0B:EB:B2:3E:37:C7:1B:F3:25:DC:BC:DD:24:0E:A0:4D:AF:58:B4:7E:18:40
+# Fingerprint (SHA1): 09:3C:61:F3:8B:8B:DC:7D:55:DF:75:38:02:05:00:E1:25:F5:C8:36
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 2 G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\104\127\064\044\133\201\211\233\065\362\316\270\053\073
+\133\247\046\360\165\050
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\140\060\202\003\110\240\003\002\001\002\002\024\104
+\127\064\044\133\201\211\233\065\362\316\270\053\073\133\247\046
+\360\165\050\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\110\061\013\060\011\006\003\125\004\006\023\002\102
+\115\061\031\060\027\006\003\125\004\012\023\020\121\165\157\126
+\141\144\151\163\040\114\151\155\151\164\145\144\061\036\060\034
+\006\003\125\004\003\023\025\121\165\157\126\141\144\151\163\040
+\122\157\157\164\040\103\101\040\062\040\107\063\060\036\027\015
+\061\062\060\061\061\062\061\070\065\071\063\062\132\027\015\064
+\062\060\061\061\062\061\070\065\071\063\062\132\060\110\061\013
+\060\011\006\003\125\004\006\023\002\102\115\061\031\060\027\006
+\003\125\004\012\023\020\121\165\157\126\141\144\151\163\040\114
+\151\155\151\164\145\144\061\036\060\034\006\003\125\004\003\023
+\025\121\165\157\126\141\144\151\163\040\122\157\157\164\040\103
+\101\040\062\040\107\063\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\241\256\045\262\001\030\334\127\210
+\077\106\353\371\257\342\353\043\161\342\232\321\141\146\041\137
+\252\257\047\121\345\156\033\026\324\055\175\120\260\123\167\275
+\170\072\140\342\144\002\233\174\206\233\326\032\216\255\377\037
+\025\177\325\225\036\022\313\346\024\204\004\301\337\066\263\026
+\237\212\343\311\333\230\064\316\330\063\027\050\106\374\247\311
+\360\322\264\325\115\011\162\111\371\362\207\343\251\332\175\241
+\175\153\262\072\045\251\155\122\104\254\370\276\156\373\334\246
+\163\221\220\141\246\003\024\040\362\347\207\243\210\255\255\240
+\214\377\246\013\045\122\045\347\026\001\325\313\270\065\201\014
+\243\073\360\341\341\374\132\135\316\200\161\155\370\111\253\076
+\073\272\270\327\200\001\373\245\353\133\263\305\136\140\052\061
+\240\257\067\350\040\072\237\250\062\054\014\314\011\035\323\236
+\216\135\274\114\230\356\305\032\150\173\354\123\246\351\024\065
+\243\337\315\200\237\014\110\373\034\364\361\277\112\270\372\325
+\214\161\112\307\037\255\376\101\232\263\203\135\362\204\126\357
+\245\127\103\316\051\255\214\253\125\277\304\373\133\001\335\043
+\041\241\130\000\216\303\320\152\023\355\023\343\022\053\200\334
+\147\346\225\262\315\036\042\156\052\370\101\324\362\312\024\007
+\215\212\125\022\306\151\365\270\206\150\057\123\136\260\322\252
+\041\301\230\346\060\343\147\125\307\233\156\254\031\250\125\246
+\105\006\320\043\072\333\353\145\135\052\021\021\360\073\117\312
+\155\364\064\304\161\344\377\000\132\366\134\256\043\140\205\163
+\361\344\020\261\045\256\325\222\273\023\301\014\340\071\332\264
+\071\127\265\253\065\252\162\041\073\203\065\347\061\337\172\041
+\156\270\062\010\175\035\062\221\025\112\142\162\317\343\167\241
+\274\325\021\033\166\001\147\010\340\101\013\303\353\025\156\370
+\244\031\331\242\253\257\342\047\122\126\053\002\212\054\024\044
+\371\277\102\002\277\046\310\306\217\340\156\070\175\123\055\345
+\355\230\263\225\143\150\177\371\065\364\337\210\305\140\065\222
+\300\174\151\034\141\225\026\320\353\336\013\257\076\004\020\105
+\145\130\120\070\257\110\362\131\266\026\362\074\015\220\002\306
+\160\056\001\255\074\025\327\002\003\001\000\001\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\035\006\003\125\035\016\004\026\004\024\355\347\157\166
+\132\277\140\354\111\133\306\245\167\273\162\026\161\233\304\075
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\002\001\000\221\337\200\077\103\011\176\161\302\367\353\263
+\210\217\341\121\262\274\075\165\371\050\135\310\274\231\233\173
+\135\252\345\312\341\012\367\350\262\323\237\335\147\061\176\272
+\001\252\307\152\101\073\220\324\010\134\262\140\152\220\360\310
+\316\003\142\371\213\355\373\156\052\334\006\115\074\051\017\211
+\026\212\130\114\110\017\350\204\141\352\074\162\246\167\344\102
+\256\210\243\103\130\171\176\256\312\245\123\015\251\075\160\275
+\040\031\141\244\154\070\374\103\062\341\301\107\377\370\354\361
+\021\042\062\226\234\302\366\133\151\226\173\040\014\103\101\232
+\133\366\131\031\210\336\125\210\067\121\013\170\134\012\036\243
+\102\375\307\235\210\017\300\362\170\002\044\124\223\257\211\207
+\210\311\112\200\035\352\320\156\076\141\056\066\273\065\016\047
+\226\375\146\064\073\141\162\163\361\026\134\107\006\124\111\000
+\172\130\022\260\012\357\205\375\261\270\063\165\152\223\034\022
+\346\140\136\157\035\177\311\037\043\313\204\141\237\036\202\104
+\371\137\255\142\125\044\232\122\230\355\121\347\241\176\227\072
+\346\057\037\021\332\123\200\054\205\236\253\065\020\333\042\137
+\152\305\136\227\123\362\062\002\011\060\243\130\360\015\001\325
+\162\306\261\174\151\173\303\365\066\105\314\141\156\136\114\224
+\305\136\256\350\016\136\213\277\367\315\340\355\241\016\033\063
+\356\124\030\376\017\276\357\176\204\153\103\343\160\230\333\135
+\165\262\015\131\007\205\025\043\071\326\361\337\251\046\017\326
+\110\307\263\246\042\365\063\067\132\225\107\237\173\272\030\025
+\157\377\326\024\144\203\111\322\012\147\041\333\017\065\143\140
+\050\042\343\261\225\203\315\205\246\335\057\017\347\147\122\156
+\273\057\205\174\365\112\163\347\305\076\300\275\041\022\005\077
+\374\267\003\111\002\133\310\045\346\342\124\070\365\171\207\214
+\035\123\262\116\205\173\006\070\307\054\370\370\260\162\215\045
+\345\167\122\364\003\034\110\246\120\137\210\040\060\156\362\202
+\103\253\075\227\204\347\123\373\041\301\117\017\042\232\206\270
+\131\052\366\107\075\031\210\055\350\205\341\236\354\205\010\152
+\261\154\064\311\035\354\110\053\073\170\355\146\304\216\171\151
+\203\336\177\214
+END
+
+# Trust for "QuoVadis Root CA 2 G3"
+# Issuer: CN=QuoVadis Root CA 2 G3,O=QuoVadis Limited,C=BM
+# Serial Number:44:57:34:24:5b:81:89:9b:35:f2:ce:b8:2b:3b:5b:a7:26:f0:75:28
+# Subject: CN=QuoVadis Root CA 2 G3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Thu Jan 12 18:59:32 2012
+# Not Valid After : Sun Jan 12 18:59:32 2042
+# Fingerprint (SHA-256): 8F:E4:FB:0A:F9:3A:4D:0D:67:DB:0B:EB:B2:3E:37:C7:1B:F3:25:DC:BC:DD:24:0E:A0:4D:AF:58:B4:7E:18:40
+# Fingerprint (SHA1): 09:3C:61:F3:8B:8B:DC:7D:55:DF:75:38:02:05:00:E1:25:F5:C8:36
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 2 G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\011\074\141\363\213\213\334\175\125\337\165\070\002\005\000\341
+\045\365\310\066
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\257\014\206\156\277\100\055\177\013\076\022\120\272\022\075\006
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\062\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\104\127\064\044\133\201\211\233\065\362\316\270\053\073
+\133\247\046\360\165\050
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "QuoVadis Root CA 3 G3"
+#
+# Issuer: CN=QuoVadis Root CA 3 G3,O=QuoVadis Limited,C=BM
+# Serial Number:2e:f5:9b:02:28:a7:db:7a:ff:d5:a3:a9:ee:bd:03:a0:cf:12:6a:1d
+# Subject: CN=QuoVadis Root CA 3 G3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Thu Jan 12 20:26:32 2012
+# Not Valid After : Sun Jan 12 20:26:32 2042
+# Fingerprint (SHA-256): 88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8:B8:69:0F:46
+# Fingerprint (SHA1): 48:12:BD:92:3C:A8:C4:39:06:E7:30:6D:27:96:E6:A4:CF:22:2E:7D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 3 G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\056\365\233\002\050\247\333\172\377\325\243\251\356\275
+\003\240\317\022\152\035
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\140\060\202\003\110\240\003\002\001\002\002\024\056
+\365\233\002\050\247\333\172\377\325\243\251\356\275\003\240\317
+\022\152\035\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\110\061\013\060\011\006\003\125\004\006\023\002\102
+\115\061\031\060\027\006\003\125\004\012\023\020\121\165\157\126
+\141\144\151\163\040\114\151\155\151\164\145\144\061\036\060\034
+\006\003\125\004\003\023\025\121\165\157\126\141\144\151\163\040
+\122\157\157\164\040\103\101\040\063\040\107\063\060\036\027\015
+\061\062\060\061\061\062\062\060\062\066\063\062\132\027\015\064
+\062\060\061\061\062\062\060\062\066\063\062\132\060\110\061\013
+\060\011\006\003\125\004\006\023\002\102\115\061\031\060\027\006
+\003\125\004\012\023\020\121\165\157\126\141\144\151\163\040\114
+\151\155\151\164\145\144\061\036\060\034\006\003\125\004\003\023
+\025\121\165\157\126\141\144\151\163\040\122\157\157\164\040\103
+\101\040\063\040\107\063\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\263\313\016\020\147\216\352\024\227
+\247\062\052\012\126\066\177\150\114\307\263\157\072\043\024\221
+\377\031\177\245\312\254\356\263\166\235\172\351\213\033\253\153
+\061\333\372\013\123\114\257\305\245\032\171\074\212\114\377\254
+\337\045\336\116\331\202\062\013\104\336\312\333\214\254\243\156
+\026\203\073\246\144\113\062\211\373\026\026\070\176\353\103\342
+\323\164\112\302\142\012\163\012\335\111\263\127\322\260\012\205
+\235\161\074\336\243\313\300\062\363\001\071\040\103\033\065\321
+\123\263\261\356\305\223\151\202\076\026\265\050\106\241\336\352
+\211\011\355\103\270\005\106\212\206\365\131\107\276\033\157\001
+\041\020\271\375\251\322\050\312\020\071\011\312\023\066\317\234
+\255\255\100\164\171\053\002\077\064\377\372\040\151\175\323\356
+\141\365\272\263\347\060\320\067\043\206\162\141\105\051\110\131
+\150\157\167\246\056\201\276\007\115\157\257\316\304\105\023\221
+\024\160\006\217\037\237\370\207\151\261\016\357\303\211\031\353
+\352\034\141\374\172\154\212\334\326\003\013\236\046\272\022\335
+\324\124\071\253\046\243\063\352\165\201\332\055\315\017\117\344
+\003\321\357\025\227\033\153\220\305\002\220\223\146\002\041\261
+\107\336\213\232\112\200\271\125\217\265\242\057\300\326\063\147
+\332\176\304\247\264\004\104\353\107\373\346\130\271\367\014\360
+\173\053\261\300\160\051\303\100\142\055\073\110\151\334\043\074
+\110\353\173\011\171\251\155\332\250\060\230\317\200\162\003\210
+\246\133\106\256\162\171\174\010\003\041\145\256\267\341\034\245
+\261\052\242\061\336\146\004\367\300\164\350\161\336\377\075\131
+\314\226\046\022\213\205\225\127\032\253\153\165\013\104\075\021
+\050\074\173\141\267\342\217\147\117\345\354\074\114\140\200\151
+\127\070\036\001\133\215\125\350\307\337\300\314\167\043\064\111
+\165\174\366\230\021\353\055\336\355\101\056\024\005\002\177\340
+\376\040\353\065\347\021\254\042\316\127\075\336\311\060\155\020
+\003\205\315\361\377\214\026\265\301\262\076\210\154\140\177\220
+\117\225\367\366\055\255\001\071\007\004\372\165\200\175\277\111
+\120\355\357\311\304\174\034\353\200\176\333\266\320\335\023\376
+\311\323\234\327\262\227\251\002\003\001\000\001\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\035\006\003\125\035\016\004\026\004\024\306\027\320\274
+\250\352\002\103\362\033\006\231\135\053\220\040\271\327\234\344
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\002\001\000\064\141\331\126\265\022\207\125\115\335\243\065
+\061\106\273\244\007\162\274\137\141\142\350\245\373\013\067\261
+\074\266\263\372\051\235\177\002\365\244\311\250\223\267\172\161
+\050\151\217\163\341\122\220\332\325\276\072\345\267\166\152\126
+\200\041\337\135\346\351\072\236\345\076\366\242\151\307\052\012
+\260\030\107\334\040\160\175\122\243\076\131\174\301\272\311\310
+\025\100\141\312\162\326\160\254\322\267\360\034\344\206\051\360
+\316\357\150\143\320\265\040\212\025\141\232\176\206\230\264\311
+\302\166\373\314\272\060\026\314\243\141\306\164\023\345\153\357
+\243\025\352\003\376\023\213\144\344\323\301\322\350\204\373\111
+\321\020\115\171\146\353\252\375\364\215\061\036\160\024\255\334
+\336\147\023\114\201\025\141\274\267\331\221\167\161\031\201\140
+\273\360\130\245\265\234\013\367\217\042\125\047\300\113\001\155
+\073\231\015\324\035\233\143\147\057\320\356\015\312\146\274\224
+\117\246\255\355\374\356\143\254\127\077\145\045\317\262\206\217
+\320\010\377\270\166\024\156\336\345\047\354\253\170\265\123\271
+\266\077\350\040\371\322\250\276\141\106\312\207\214\204\363\371
+\361\240\150\233\042\036\201\046\233\020\004\221\161\300\006\037
+\334\240\323\271\126\247\343\230\055\177\203\235\337\214\053\234
+\062\216\062\224\360\001\074\042\052\237\103\302\056\303\230\071
+\007\070\173\374\136\000\102\037\363\062\046\171\203\204\366\345
+\360\301\121\022\300\013\036\004\043\014\124\245\114\057\111\305
+\112\321\266\156\140\015\153\374\153\213\205\044\144\267\211\016
+\253\045\107\133\074\317\176\111\275\307\351\012\306\332\367\176
+\016\027\010\323\110\227\320\161\222\360\017\071\076\064\152\034
+\175\330\362\042\256\273\151\364\063\264\246\110\125\321\017\016
+\046\350\354\266\013\055\247\205\065\315\375\131\310\237\321\315
+\076\132\051\064\271\075\204\316\261\145\324\131\221\221\126\165
+\041\301\167\236\371\172\341\140\235\323\255\004\030\364\174\353
+\136\223\217\123\112\042\051\370\110\053\076\115\206\254\133\177
+\313\006\231\131\140\330\130\145\225\215\104\321\367\177\176\047
+\177\175\256\200\365\007\114\266\076\234\161\124\231\004\113\375
+\130\371\230\364
+END
+
+# Trust for "QuoVadis Root CA 3 G3"
+# Issuer: CN=QuoVadis Root CA 3 G3,O=QuoVadis Limited,C=BM
+# Serial Number:2e:f5:9b:02:28:a7:db:7a:ff:d5:a3:a9:ee:bd:03:a0:cf:12:6a:1d
+# Subject: CN=QuoVadis Root CA 3 G3,O=QuoVadis Limited,C=BM
+# Not Valid Before: Thu Jan 12 20:26:32 2012
+# Not Valid After : Sun Jan 12 20:26:32 2042
+# Fingerprint (SHA-256): 88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8:B8:69:0F:46
+# Fingerprint (SHA1): 48:12:BD:92:3C:A8:C4:39:06:E7:30:6D:27:96:E6:A4:CF:22:2E:7D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "QuoVadis Root CA 3 G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\110\022\275\222\074\250\304\071\006\347\060\155\047\226\346\244
+\317\042\056\175
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\337\175\271\255\124\157\150\241\337\211\127\003\227\103\260\327
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\110\061\013\060\011\006\003\125\004\006\023\002\102\115\061
+\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144
+\151\163\040\114\151\155\151\164\145\144\061\036\060\034\006\003
+\125\004\003\023\025\121\165\157\126\141\144\151\163\040\122\157
+\157\164\040\103\101\040\063\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\056\365\233\002\050\247\333\172\377\325\243\251\356\275
+\003\240\317\022\152\035
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Assured ID Root G2"
+#
+# Issuer: CN=DigiCert Assured ID Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:0b:93:1c:3a:d6:39:67:ea:67:23:bf:c3:af:9a:f4:4b
+# Subject: CN=DigiCert Assured ID Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 7D:05:EB:B6:82:33:9F:8C:94:51:EE:09:4E:EB:FE:FA:79:53:A1:14:ED:B2:F4:49:49:45:2F:AB:7D:2F:C1:85
+# Fingerprint (SHA1): A1:4B:48:D9:43:EE:0A:0E:40:90:4F:3C:E0:A4:C0:91:93:51:5D:3F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Assured ID Root G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\013\223\034\072\326\071\147\352\147\043\277\303\257\232
+\364\113
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\226\060\202\002\176\240\003\002\001\002\002\020\013
+\223\034\072\326\071\147\352\147\043\277\303\257\232\364\113\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\145
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\044\060\042\006\003\125\004\003\023\033\104\151\147\151\103\145
+\162\164\040\101\163\163\165\162\145\144\040\111\104\040\122\157
+\157\164\040\107\062\060\036\027\015\061\063\060\070\060\061\061
+\062\060\060\060\060\132\027\015\063\070\060\061\061\065\061\062
+\060\060\060\060\132\060\145\061\013\060\011\006\003\125\004\006
+\023\002\125\123\061\025\060\023\006\003\125\004\012\023\014\104
+\151\147\151\103\145\162\164\040\111\156\143\061\031\060\027\006
+\003\125\004\013\023\020\167\167\167\056\144\151\147\151\143\145
+\162\164\056\143\157\155\061\044\060\042\006\003\125\004\003\023
+\033\104\151\147\151\103\145\162\164\040\101\163\163\165\162\145
+\144\040\111\104\040\122\157\157\164\040\107\062\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\331\347\050
+\057\122\077\066\162\111\210\223\064\363\370\152\036\061\124\200
+\237\255\124\101\265\107\337\226\250\324\257\200\055\271\012\317
+\165\375\211\245\175\044\372\343\042\014\053\274\225\027\013\063
+\277\031\115\101\006\220\000\275\014\115\020\376\007\265\347\034
+\156\042\125\061\145\227\275\323\027\322\036\142\363\333\352\154
+\120\214\077\204\014\226\317\267\313\003\340\312\155\241\024\114
+\033\211\335\355\000\260\122\174\257\221\154\261\070\023\321\351
+\022\010\300\000\260\034\053\021\332\167\160\066\233\256\316\171
+\207\334\202\160\346\011\164\160\125\151\257\243\150\237\277\335
+\266\171\263\362\235\160\051\125\364\253\377\225\141\363\311\100
+\157\035\321\276\223\273\323\210\052\273\235\277\162\132\126\161
+\073\077\324\363\321\012\376\050\357\243\356\331\231\257\003\323
+\217\140\267\362\222\241\261\275\211\211\037\060\315\303\246\056
+\142\063\256\026\002\167\104\132\347\201\012\074\247\104\056\171
+\270\077\004\274\134\240\207\341\033\257\121\216\315\354\054\372
+\370\376\155\360\072\174\252\213\344\147\225\061\215\002\003\001
+\000\001\243\102\060\100\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001
+\377\004\004\003\002\001\206\060\035\006\003\125\035\016\004\026
+\004\024\316\303\112\271\231\125\362\270\333\140\277\251\176\275
+\126\265\227\066\247\326\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\001\001\000\312\245\125\214\343\310
+\101\156\151\047\247\165\021\357\074\206\066\157\322\235\306\170
+\070\035\151\226\242\222\151\056\070\154\233\175\004\324\211\245
+\261\061\067\212\311\041\314\253\154\315\213\034\232\326\277\110
+\322\062\146\301\212\300\363\057\072\357\300\343\324\221\206\321
+\120\343\003\333\163\167\157\112\071\123\355\336\046\307\265\175
+\257\053\102\321\165\142\343\112\053\002\307\120\113\340\151\342
+\226\154\016\104\146\020\104\217\255\005\353\370\171\254\246\033
+\350\067\064\235\123\311\141\252\242\122\257\112\160\026\206\302
+\072\310\261\023\160\066\330\317\356\364\012\064\325\133\114\375
+\007\234\242\272\331\001\162\134\363\115\301\335\016\261\034\015
+\304\143\276\255\364\024\373\211\354\242\101\016\114\314\310\127
+\100\320\156\003\252\315\014\216\211\231\231\154\360\074\060\257
+\070\337\157\274\243\276\051\040\047\253\164\377\023\042\170\336
+\227\122\125\036\203\265\124\040\003\356\256\300\117\126\336\067
+\314\303\177\252\004\047\273\323\167\270\142\333\027\174\234\050
+\042\023\163\154\317\046\365\212\051\347
+END
+
+# Trust for "DigiCert Assured ID Root G2"
+# Issuer: CN=DigiCert Assured ID Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:0b:93:1c:3a:d6:39:67:ea:67:23:bf:c3:af:9a:f4:4b
+# Subject: CN=DigiCert Assured ID Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 7D:05:EB:B6:82:33:9F:8C:94:51:EE:09:4E:EB:FE:FA:79:53:A1:14:ED:B2:F4:49:49:45:2F:AB:7D:2F:C1:85
+# Fingerprint (SHA1): A1:4B:48:D9:43:EE:0A:0E:40:90:4F:3C:E0:A4:C0:91:93:51:5D:3F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Assured ID Root G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\241\113\110\331\103\356\012\016\100\220\117\074\340\244\300\221
+\223\121\135\077
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\222\070\271\370\143\044\202\145\054\127\063\346\376\201\217\235
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\013\223\034\072\326\071\147\352\147\043\277\303\257\232
+\364\113
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Assured ID Root G3"
+#
+# Issuer: CN=DigiCert Assured ID Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:0b:a1:5a:fa:1d:df:a0:b5:49:44:af:cd:24:a0:6c:ec
+# Subject: CN=DigiCert Assured ID Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2
+# Fingerprint (SHA1): F5:17:A2:4F:9A:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:30:89
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Assured ID Root G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\013\241\132\372\035\337\240\265\111\104\257\315\044\240
+\154\354
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\106\060\202\001\315\240\003\002\001\002\002\020\013
+\241\132\372\035\337\240\265\111\104\257\315\044\240\154\354\060
+\012\006\010\052\206\110\316\075\004\003\003\060\145\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\025\060\023\006\003
+\125\004\012\023\014\104\151\147\151\103\145\162\164\040\111\156
+\143\061\031\060\027\006\003\125\004\013\023\020\167\167\167\056
+\144\151\147\151\143\145\162\164\056\143\157\155\061\044\060\042
+\006\003\125\004\003\023\033\104\151\147\151\103\145\162\164\040
+\101\163\163\165\162\145\144\040\111\104\040\122\157\157\164\040
+\107\063\060\036\027\015\061\063\060\070\060\061\061\062\060\060
+\060\060\132\027\015\063\070\060\061\061\065\061\062\060\060\060
+\060\132\060\145\061\013\060\011\006\003\125\004\006\023\002\125
+\123\061\025\060\023\006\003\125\004\012\023\014\104\151\147\151
+\103\145\162\164\040\111\156\143\061\031\060\027\006\003\125\004
+\013\023\020\167\167\167\056\144\151\147\151\143\145\162\164\056
+\143\157\155\061\044\060\042\006\003\125\004\003\023\033\104\151
+\147\151\103\145\162\164\040\101\163\163\165\162\145\144\040\111
+\104\040\122\157\157\164\040\107\063\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\031\347\274\254\104\145\355\315\270\077\130\373\215\261\127
+\251\104\055\005\025\362\357\013\377\020\164\237\265\142\122\137
+\146\176\037\345\334\033\105\171\013\314\306\123\012\235\215\135
+\002\331\251\131\336\002\132\366\225\052\016\215\070\112\212\111
+\306\274\306\003\070\007\137\125\332\176\011\156\342\177\136\320
+\105\040\017\131\166\020\326\240\044\360\055\336\066\362\154\051
+\071\243\102\060\100\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\206\060\035\006\003\125\035\016\004\026\004
+\024\313\320\275\251\341\230\005\121\241\115\067\242\203\171\316
+\215\035\052\344\204\060\012\006\010\052\206\110\316\075\004\003
+\003\003\147\000\060\144\002\060\045\244\201\105\002\153\022\113
+\165\164\117\310\043\343\160\362\165\162\336\174\211\360\317\221
+\162\141\236\136\020\222\131\126\271\203\307\020\347\070\351\130
+\046\066\175\325\344\064\206\071\002\060\174\066\123\360\060\345
+\142\143\072\231\342\266\243\073\233\064\372\036\332\020\222\161
+\136\221\023\247\335\244\156\222\314\062\326\365\041\146\307\057
+\352\226\143\152\145\105\222\225\001\264
+END
+
+# Trust for "DigiCert Assured ID Root G3"
+# Issuer: CN=DigiCert Assured ID Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:0b:a1:5a:fa:1d:df:a0:b5:49:44:af:cd:24:a0:6c:ec
+# Subject: CN=DigiCert Assured ID Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2
+# Fingerprint (SHA1): F5:17:A2:4F:9A:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:30:89
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Assured ID Root G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\365\027\242\117\232\110\306\311\370\242\000\046\237\334\017\110
+\054\253\060\211
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\174\177\145\061\014\201\337\215\272\076\231\342\134\255\156\373
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\044\060\042\006\003\125\004\003\023\033\104\151\147\151
+\103\145\162\164\040\101\163\163\165\162\145\144\040\111\104\040
+\122\157\157\164\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\013\241\132\372\035\337\240\265\111\104\257\315\044\240
+\154\354
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Global Root G2"
+#
+# Issuer: CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5
+# Subject: CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A:5A:B1:CB:5F
+# Fingerprint (SHA1): DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Global Root G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\003\072\361\346\247\021\251\240\273\050\144\261\035\011
+\372\345
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\216\060\202\002\166\240\003\002\001\002\002\020\003
+\072\361\346\247\021\251\240\273\050\144\261\035\011\372\345\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\141
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\040\060\036\006\003\125\004\003\023\027\104\151\147\151\103\145
+\162\164\040\107\154\157\142\141\154\040\122\157\157\164\040\107
+\062\060\036\027\015\061\063\060\070\060\061\061\062\060\060\060
+\060\132\027\015\063\070\060\061\061\065\061\062\060\060\060\060
+\132\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103
+\145\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013
+\023\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143
+\157\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147
+\151\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157
+\164\040\107\062\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\273\067\315\064\334\173\153\311\262\150\220
+\255\112\165\377\106\272\041\012\010\215\365\031\124\311\373\210
+\333\363\256\362\072\211\221\074\172\346\253\006\032\153\317\254
+\055\350\136\011\044\104\272\142\232\176\326\243\250\176\340\124
+\165\040\005\254\120\267\234\143\032\154\060\334\332\037\031\261
+\327\036\336\375\327\340\313\224\203\067\256\354\037\103\116\335
+\173\054\322\275\056\245\057\344\251\270\255\072\324\231\244\266
+\045\351\233\153\000\140\222\140\377\117\041\111\030\367\147\220
+\253\141\006\234\217\362\272\351\264\351\222\062\153\265\363\127
+\350\135\033\315\214\035\253\225\004\225\111\363\065\055\226\343
+\111\155\335\167\343\373\111\113\264\254\125\007\251\217\225\263
+\264\043\273\114\155\105\360\366\251\262\225\060\264\375\114\125
+\214\047\112\127\024\174\202\235\315\163\222\323\026\112\006\014
+\214\120\321\217\036\011\276\027\241\346\041\312\375\203\345\020
+\274\203\245\012\304\147\050\366\163\024\024\075\106\166\303\207
+\024\211\041\064\115\257\017\105\014\246\111\241\272\273\234\305
+\261\063\203\051\205\002\003\001\000\001\243\102\060\100\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060
+\035\006\003\125\035\016\004\026\004\024\116\042\124\040\030\225
+\346\343\156\346\017\372\372\271\022\355\006\027\217\071\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
+\001\000\140\147\050\224\157\016\110\143\353\061\335\352\147\030
+\325\211\175\074\305\213\112\177\351\276\333\053\027\337\260\137
+\163\167\052\062\023\071\201\147\102\204\043\362\105\147\065\354
+\210\277\370\217\260\141\014\064\244\256\040\114\204\306\333\370
+\065\341\166\331\337\246\102\273\307\104\010\206\177\066\164\044
+\132\332\154\015\024\131\065\275\362\111\335\266\037\311\263\015
+\107\052\075\231\057\273\134\273\265\324\040\341\231\137\123\106
+\025\333\150\233\360\363\060\325\076\061\342\215\204\236\343\212
+\332\332\226\076\065\023\245\137\360\371\160\120\160\107\101\021
+\127\031\116\300\217\256\006\304\225\023\027\057\033\045\237\165
+\362\261\216\231\241\157\023\261\101\161\376\210\052\310\117\020
+\040\125\327\363\024\105\345\340\104\364\352\207\225\062\223\016
+\376\123\106\372\054\235\377\213\042\271\113\331\011\105\244\336
+\244\270\232\130\335\033\175\122\237\216\131\103\210\201\244\236
+\046\325\157\255\335\015\306\067\175\355\003\222\033\345\167\137
+\166\356\074\215\304\135\126\133\242\331\146\156\263\065\067\345
+\062\266
+END
+
+# Trust for "DigiCert Global Root G2"
+# Issuer: CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5
+# Subject: CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A:5A:B1:CB:5F
+# Fingerprint (SHA1): DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Global Root G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\337\074\044\371\277\326\146\166\033\046\200\163\376\006\321\314
+\215\117\202\244
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\344\246\212\310\124\254\122\102\106\012\375\162\110\033\052\104
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\003\072\361\346\247\021\251\240\273\050\144\261\035\011
+\372\345
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Global Root G3"
+#
+# Issuer: CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:05:55:56:bc:f2:5e:a4:35:35:c3:a4:0f:d5:ab:45:72
+# Subject: CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 31:AD:66:48:F8:10:41:38:C7:38:F3:9E:A4:32:01:33:39:3E:3A:18:CC:02:29:6E:F9:7C:2A:C9:EF:67:31:D0
+# Fingerprint (SHA1): 7E:04:DE:89:6A:3E:66:6D:00:E6:87:D3:3F:FA:D9:3B:E8:3D:34:9E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Global Root G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\005\125\126\274\362\136\244\065\065\303\244\017\325\253
+\105\162
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\077\060\202\001\305\240\003\002\001\002\002\020\005
+\125\126\274\362\136\244\065\065\303\244\017\325\253\105\162\060
+\012\006\010\052\206\110\316\075\004\003\003\060\141\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\025\060\023\006\003
+\125\004\012\023\014\104\151\147\151\103\145\162\164\040\111\156
+\143\061\031\060\027\006\003\125\004\013\023\020\167\167\167\056
+\144\151\147\151\143\145\162\164\056\143\157\155\061\040\060\036
+\006\003\125\004\003\023\027\104\151\147\151\103\145\162\164\040
+\107\154\157\142\141\154\040\122\157\157\164\040\107\063\060\036
+\027\015\061\063\060\070\060\061\061\062\060\060\060\060\132\027
+\015\063\070\060\061\061\065\061\062\060\060\060\060\132\060\141
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\040\060\036\006\003\125\004\003\023\027\104\151\147\151\103\145
+\162\164\040\107\154\157\142\141\154\040\122\157\157\164\040\107
+\063\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005
+\053\201\004\000\042\003\142\000\004\335\247\331\273\212\270\013
+\373\013\177\041\322\360\276\276\163\363\063\135\032\274\064\352
+\336\306\233\274\320\225\366\360\314\320\013\272\141\133\121\106
+\176\236\055\237\356\216\143\014\027\354\007\160\365\317\204\056
+\100\203\234\350\077\101\155\073\255\323\244\024\131\066\170\235
+\003\103\356\020\023\154\162\336\256\210\247\241\153\265\103\316
+\147\334\043\377\003\034\243\342\076\243\102\060\100\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\035
+\006\003\125\035\016\004\026\004\024\263\333\110\244\371\241\305
+\330\256\066\101\314\021\143\151\142\051\274\113\306\060\012\006
+\010\052\206\110\316\075\004\003\003\003\150\000\060\145\002\061
+\000\255\274\362\154\077\022\112\321\055\071\303\012\011\227\163
+\364\210\066\214\210\047\273\346\210\215\120\205\247\143\371\236
+\062\336\146\223\017\361\314\261\011\217\335\154\253\372\153\177
+\240\002\060\071\146\133\302\144\215\270\236\120\334\250\325\111
+\242\355\307\334\321\111\177\027\001\270\310\206\217\116\214\210
+\053\250\232\251\212\305\321\000\275\370\124\342\232\345\133\174
+\263\047\027
+END
+
+# Trust for "DigiCert Global Root G3"
+# Issuer: CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:05:55:56:bc:f2:5e:a4:35:35:c3:a4:0f:d5:ab:45:72
+# Subject: CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 31:AD:66:48:F8:10:41:38:C7:38:F3:9E:A4:32:01:33:39:3E:3A:18:CC:02:29:6E:F9:7C:2A:C9:EF:67:31:D0
+# Fingerprint (SHA1): 7E:04:DE:89:6A:3E:66:6D:00:E6:87:D3:3F:FA:D9:3B:E8:3D:34:9E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Global Root G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\176\004\336\211\152\076\146\155\000\346\207\323\077\372\331\073
+\350\075\064\236
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\365\135\244\120\245\373\050\176\036\017\015\314\226\127\126\312
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\040\060\036\006\003\125\004\003\023\027\104\151\147\151
+\103\145\162\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\005\125\126\274\362\136\244\065\065\303\244\017\325\253
+\105\162
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "DigiCert Trusted Root G4"
+#
+# Issuer: CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
+# Subject: CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 55:2F:7B:DC:F1:A7:AF:9E:6C:E6:72:01:7F:4F:12:AB:F7:72:40:C7:8E:76:1A:C2:03:D1:D9:D2:0A:C8:99:88
+# Fingerprint (SHA1): DD:FB:16:CD:49:31:C9:73:A2:03:7D:3F:C8:3A:4D:7D:77:5D:05:E4
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Trusted Root G4"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\142\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\041\060\037\006\003\125\004\003\023\030\104\151\147\151
+\103\145\162\164\040\124\162\165\163\164\145\144\040\122\157\157
+\164\040\107\064
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\142\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\041\060\037\006\003\125\004\003\023\030\104\151\147\151
+\103\145\162\164\040\124\162\165\163\164\145\144\040\122\157\157
+\164\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\005\233\033\127\236\216\041\062\342\071\007\275\247\167
+\165\134
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\220\060\202\003\170\240\003\002\001\002\002\020\005
+\233\033\127\236\216\041\062\342\071\007\275\247\167\165\134\060
+\015\006\011\052\206\110\206\367\015\001\001\014\005\000\060\142
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\025\060
+\023\006\003\125\004\012\023\014\104\151\147\151\103\145\162\164
+\040\111\156\143\061\031\060\027\006\003\125\004\013\023\020\167
+\167\167\056\144\151\147\151\143\145\162\164\056\143\157\155\061
+\041\060\037\006\003\125\004\003\023\030\104\151\147\151\103\145
+\162\164\040\124\162\165\163\164\145\144\040\122\157\157\164\040
+\107\064\060\036\027\015\061\063\060\070\060\061\061\062\060\060
+\060\060\132\027\015\063\070\060\061\061\065\061\062\060\060\060
+\060\132\060\142\061\013\060\011\006\003\125\004\006\023\002\125
+\123\061\025\060\023\006\003\125\004\012\023\014\104\151\147\151
+\103\145\162\164\040\111\156\143\061\031\060\027\006\003\125\004
+\013\023\020\167\167\167\056\144\151\147\151\143\145\162\164\056
+\143\157\155\061\041\060\037\006\003\125\004\003\023\030\104\151
+\147\151\103\145\162\164\040\124\162\165\163\164\145\144\040\122
+\157\157\164\040\107\064\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\277\346\220\163\150\336\273\344\135
+\112\074\060\042\060\151\063\354\302\247\045\056\311\041\075\362
+\212\330\131\302\341\051\247\075\130\253\166\232\315\256\173\033
+\204\015\304\060\037\363\033\244\070\026\353\126\306\227\155\035
+\253\262\171\362\312\021\322\344\137\326\005\074\122\017\122\037
+\306\236\025\245\176\276\237\251\127\026\131\125\162\257\150\223
+\160\302\262\272\165\231\152\163\062\224\321\020\104\020\056\337
+\202\363\007\204\346\164\073\155\161\342\055\014\033\356\040\325
+\311\040\035\143\051\055\316\354\136\116\310\223\370\041\141\233
+\064\353\005\306\136\354\133\032\274\353\311\317\315\254\064\100
+\137\261\172\146\356\167\310\110\250\146\127\127\237\124\130\216
+\014\053\267\117\247\060\331\126\356\312\173\135\343\255\311\117
+\136\345\065\347\061\313\332\223\136\334\216\217\200\332\266\221
+\230\100\220\171\303\170\307\266\261\304\265\152\030\070\003\020
+\215\330\324\067\244\056\005\175\210\365\202\076\020\221\160\253
+\125\202\101\062\327\333\004\163\052\156\221\001\174\041\114\324
+\274\256\033\003\165\135\170\146\331\072\061\104\232\063\100\277
+\010\327\132\111\244\302\346\251\240\147\335\244\047\274\241\117
+\071\265\021\130\027\367\044\134\106\217\144\367\301\151\210\166
+\230\166\075\131\135\102\166\207\211\227\151\172\110\360\340\242
+\022\033\146\232\164\312\336\113\036\347\016\143\256\346\324\357
+\222\222\072\236\075\334\000\344\105\045\211\266\232\104\031\053
+\176\300\224\264\322\141\155\353\063\331\305\337\113\004\000\314
+\175\034\225\303\217\367\041\262\262\021\267\273\177\362\325\214
+\160\054\101\140\252\261\143\030\104\225\032\166\142\176\366\200
+\260\373\350\144\246\063\321\211\007\341\275\267\346\103\244\030
+\270\246\167\001\341\017\224\014\041\035\262\124\051\045\211\154
+\345\016\122\121\107\164\276\046\254\266\101\165\336\172\254\137
+\215\077\311\274\323\101\021\022\133\345\020\120\353\061\305\312
+\162\026\042\011\337\174\114\165\077\143\354\041\137\304\040\121
+\153\157\261\253\206\213\117\302\326\105\137\235\040\374\241\036
+\305\300\217\242\261\176\012\046\231\365\344\151\057\230\035\055
+\365\331\251\262\035\345\033\002\003\001\000\001\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\206\060\035\006\003\125\035\016\004\026\004\024\354\327\343\202
+\322\161\135\144\114\337\056\147\077\347\272\230\256\034\017\117
+\060\015\006\011\052\206\110\206\367\015\001\001\014\005\000\003
+\202\002\001\000\273\141\331\175\251\154\276\027\304\221\033\303
+\241\242\000\215\343\144\150\017\126\317\167\256\160\371\375\232
+\112\231\271\311\170\134\014\014\137\344\346\024\051\126\013\066
+\111\135\104\143\340\255\234\226\030\146\033\043\015\075\171\351
+\155\153\326\124\370\322\074\301\103\100\256\035\120\365\122\374
+\220\073\273\230\231\151\153\307\301\247\250\150\244\047\334\235
+\371\047\256\060\205\271\366\147\115\072\076\217\131\071\042\123
+\104\353\310\135\003\312\355\120\172\175\142\041\012\200\310\163
+\146\321\240\005\140\137\350\245\264\247\257\250\367\155\065\234
+\174\132\212\326\242\070\231\363\170\213\364\115\322\040\013\336
+\004\356\214\233\107\201\162\015\300\024\062\357\060\131\056\256
+\340\161\362\126\344\152\227\157\222\120\155\226\215\150\172\232
+\262\066\024\172\006\362\044\271\011\021\120\327\010\261\270\211
+\172\204\043\141\102\051\345\243\315\242\040\101\327\321\234\144
+\331\352\046\241\213\024\327\114\031\262\120\101\161\075\077\115
+\160\043\206\014\112\334\201\322\314\062\224\204\015\010\011\227
+\034\117\300\356\153\040\164\060\322\340\071\064\020\205\041\025
+\001\010\350\125\062\336\161\111\331\050\027\120\115\346\276\115
+\321\165\254\320\312\373\101\270\103\245\252\323\303\005\104\117
+\054\066\233\342\372\342\105\270\043\123\154\006\157\147\125\177
+\106\265\114\077\156\050\132\171\046\322\244\250\142\227\322\036
+\342\355\112\213\274\033\375\107\112\015\337\147\146\176\262\133
+\101\320\073\344\364\073\364\004\143\351\357\302\124\000\121\240
+\212\052\311\316\170\314\325\352\207\004\030\263\316\257\111\210
+\257\363\222\231\266\263\346\141\017\322\205\000\347\120\032\344
+\033\225\235\031\241\271\234\261\233\261\000\036\357\320\017\117
+\102\154\311\012\274\356\103\372\072\161\245\310\115\046\245\065
+\375\211\135\274\205\142\035\062\322\240\053\124\355\232\127\301
+\333\372\020\317\031\267\213\112\033\217\001\266\047\225\123\350
+\266\211\155\133\274\150\324\043\350\213\121\242\126\371\360\246
+\200\240\326\036\263\274\017\017\123\165\051\252\352\023\167\344
+\336\214\201\041\255\007\020\107\021\255\207\075\007\321\165\274
+\317\363\146\176
+END
+
+# Trust for "DigiCert Trusted Root G4"
+# Issuer: CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Serial Number:05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
+# Subject: CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
+# Not Valid Before: Thu Aug 01 12:00:00 2013
+# Not Valid After : Fri Jan 15 12:00:00 2038
+# Fingerprint (SHA-256): 55:2F:7B:DC:F1:A7:AF:9E:6C:E6:72:01:7F:4F:12:AB:F7:72:40:C7:8E:76:1A:C2:03:D1:D9:D2:0A:C8:99:88
+# Fingerprint (SHA1): DD:FB:16:CD:49:31:C9:73:A2:03:7D:3F:C8:3A:4D:7D:77:5D:05:E4
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "DigiCert Trusted Root G4"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\335\373\026\315\111\061\311\163\242\003\175\077\310\072\115\175
+\167\135\005\344
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\170\362\374\252\140\037\057\264\353\311\067\272\123\056\165\111
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\142\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\025\060\023\006\003\125\004\012\023\014\104\151\147\151\103\145
+\162\164\040\111\156\143\061\031\060\027\006\003\125\004\013\023
+\020\167\167\167\056\144\151\147\151\143\145\162\164\056\143\157
+\155\061\041\060\037\006\003\125\004\003\023\030\104\151\147\151
+\103\145\162\164\040\124\162\165\163\164\145\144\040\122\157\157
+\164\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\005\233\033\127\236\216\041\062\342\071\007\275\247\167
+\165\134
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "WoSign"
+#
+# Issuer: CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN
+# Serial Number:5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
+# Subject: CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Aug 08 01:00:01 2009
+# Not Valid After : Mon Aug 08 01:00:01 2039
+# Fingerprint (SHA-256): 4B:22:D5:A6:AE:C9:9F:3C:DB:79:AA:5E:C0:68:38:47:9C:D5:EC:BA:71:64:F7:F2:2D:C1:D6:5F:63:D8:57:08
+# Fingerprint (SHA1): B9:42:94:BF:91:EA:8F:B6:4B:E6:10:97:C7:FB:00:13:59:B6:76:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "WoSign"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\125\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\052\060\050\006
+\003\125\004\003\023\041\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\157\146
+\040\127\157\123\151\147\156
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\125\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\052\060\050\006
+\003\125\004\003\023\041\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\157\146
+\040\127\157\123\151\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\136\150\326\021\161\224\143\120\126\000\150\363\076\311
+\305\221
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\166\060\202\003\136\240\003\002\001\002\002\020\136
+\150\326\021\161\224\143\120\126\000\150\363\076\311\305\221\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\125
+\061\013\060\011\006\003\125\004\006\023\002\103\116\061\032\060
+\030\006\003\125\004\012\023\021\127\157\123\151\147\156\040\103
+\101\040\114\151\155\151\164\145\144\061\052\060\050\006\003\125
+\004\003\023\041\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\040\157\146\040\127
+\157\123\151\147\156\060\036\027\015\060\071\060\070\060\070\060
+\061\060\060\060\061\132\027\015\063\071\060\070\060\070\060\061
+\060\060\060\061\132\060\125\061\013\060\011\006\003\125\004\006
+\023\002\103\116\061\032\060\030\006\003\125\004\012\023\021\127
+\157\123\151\147\156\040\103\101\040\114\151\155\151\164\145\144
+\061\052\060\050\006\003\125\004\003\023\041\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\157\146\040\127\157\123\151\147\156\060\202\002\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\002\017\000\060\202\002\012\002\202\002\001\000\275\312\215
+\254\270\221\025\126\227\173\153\134\172\302\336\153\331\241\260
+\303\020\043\372\247\241\262\314\061\372\076\331\246\051\157\026
+\075\340\153\370\270\100\137\333\071\250\000\172\213\240\115\124
+\175\302\042\170\374\216\011\270\250\205\327\314\225\227\113\164
+\330\236\176\360\000\344\016\211\256\111\050\104\032\020\231\062
+\017\045\210\123\244\015\263\017\022\010\026\013\003\161\047\034
+\177\341\333\322\375\147\150\304\005\135\012\016\135\160\327\330
+\227\240\274\123\101\232\221\215\364\236\066\146\172\176\126\301
+\220\137\346\261\150\040\066\244\214\044\054\054\107\013\131\166
+\146\060\265\276\336\355\217\370\235\323\273\001\060\346\362\363
+\016\340\054\222\200\363\205\371\050\212\264\124\056\232\355\367
+\166\374\025\150\026\353\112\154\353\056\022\217\324\317\376\014
+\307\134\035\013\176\005\062\276\136\260\011\052\102\325\311\116
+\220\263\131\015\273\172\176\315\325\010\132\264\177\330\034\151
+\021\371\047\017\173\006\257\124\203\030\173\341\335\124\172\121
+\150\156\167\374\306\277\122\112\146\106\241\262\147\032\273\243
+\117\167\240\276\135\377\374\126\013\103\162\167\220\312\236\371
+\362\071\365\015\251\364\352\327\347\263\020\057\060\102\067\041
+\314\060\160\311\206\230\017\314\130\115\203\273\175\345\032\245
+\067\215\266\254\062\227\000\072\143\161\044\036\236\067\304\377
+\164\324\067\300\342\376\210\106\140\021\335\010\077\120\066\253
+\270\172\244\225\142\152\156\260\312\152\041\132\151\363\363\373
+\035\160\071\225\363\247\156\246\201\211\241\210\305\073\161\312
+\243\122\356\203\273\375\240\167\364\344\157\347\102\333\155\112
+\231\212\064\110\274\027\334\344\200\010\042\266\362\061\300\077
+\004\076\353\237\040\171\326\270\006\144\144\002\061\327\251\315
+\122\373\204\105\151\011\000\052\334\125\213\304\006\106\113\300
+\112\035\011\133\071\050\375\251\253\316\000\371\056\110\113\046
+\346\060\114\245\130\312\264\104\202\117\347\221\036\063\303\260
+\223\377\021\374\201\322\312\037\161\051\335\166\117\222\045\257
+\035\201\267\017\057\214\303\006\314\057\047\243\112\344\016\231
+\272\174\036\105\037\177\252\031\105\226\375\374\075\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\341\146\317\016\321\361\263\113\267\006\040\024\376\207
+\022\325\366\376\373\076\060\015\006\011\052\206\110\206\367\015
+\001\001\005\005\000\003\202\002\001\000\250\313\162\100\262\166
+\301\176\173\374\255\144\343\062\173\314\074\266\135\106\323\365
+\054\342\160\135\310\056\330\006\175\230\321\013\041\240\211\131
+\044\001\235\371\257\011\175\012\043\202\064\325\374\174\162\231
+\271\243\327\124\364\352\122\160\016\305\365\326\073\341\072\011
+\062\346\041\071\223\275\263\025\352\117\152\364\365\213\077\057
+\174\215\130\056\305\341\071\240\076\307\075\112\163\236\100\172
+\300\053\141\251\147\311\363\044\271\263\155\125\054\132\035\236
+\045\162\316\013\255\252\307\125\142\013\276\373\143\263\141\104
+\043\243\313\341\032\016\367\232\006\115\336\324\043\116\041\226
+\133\071\133\127\035\057\135\010\136\011\171\377\174\227\265\115
+\203\256\015\326\346\243\171\340\063\320\231\226\002\060\247\076
+\377\322\243\103\077\005\132\006\352\104\002\332\174\370\110\320
+\063\251\371\007\307\225\341\365\076\365\135\161\272\362\225\251
+\164\210\141\131\343\277\312\132\023\272\162\264\214\135\066\207
+\351\246\305\074\023\277\336\320\104\046\356\267\354\056\160\372
+\327\235\267\254\345\305\100\132\346\327\154\173\054\303\126\233
+\107\315\013\316\372\033\264\041\327\267\146\270\364\045\060\213
+\134\015\271\352\147\262\364\155\256\325\241\236\117\330\237\351
+\047\002\260\035\006\326\217\343\373\110\022\237\177\021\241\020
+\076\114\121\072\226\260\321\023\361\307\330\046\256\072\312\221
+\304\151\235\337\001\051\144\121\157\150\332\024\354\010\101\227
+\220\215\320\262\200\362\317\302\075\277\221\150\305\200\147\036
+\304\140\023\125\325\141\231\127\174\272\225\017\141\111\072\312
+\165\274\311\012\223\077\147\016\022\362\050\342\061\033\300\127
+\026\337\010\174\031\301\176\017\037\205\036\012\066\174\133\176
+\047\274\172\277\340\333\364\332\122\275\336\014\124\160\061\221
+\103\225\310\274\360\076\335\011\176\060\144\120\355\177\001\244
+\063\147\115\150\117\276\025\357\260\366\002\021\242\033\023\045
+\072\334\302\131\361\343\134\106\273\147\054\002\106\352\036\110
+\246\346\133\331\265\274\121\242\222\226\333\252\306\067\042\246
+\376\314\040\164\243\055\251\056\153\313\300\202\021\041\265\223
+\171\356\104\206\276\327\036\344\036\373
+END
+
+# Trust for "WoSign"
+# Issuer: CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN
+# Serial Number:5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
+# Subject: CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Aug 08 01:00:01 2009
+# Not Valid After : Mon Aug 08 01:00:01 2039
+# Fingerprint (SHA-256): 4B:22:D5:A6:AE:C9:9F:3C:DB:79:AA:5E:C0:68:38:47:9C:D5:EC:BA:71:64:F7:F2:2D:C1:D6:5F:63:D8:57:08
+# Fingerprint (SHA1): B9:42:94:BF:91:EA:8F:B6:4B:E6:10:97:C7:FB:00:13:59:B6:76:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "WoSign"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\271\102\224\277\221\352\217\266\113\346\020\227\307\373\000\023
+\131\266\166\313
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\241\362\371\265\322\310\172\164\270\363\005\361\327\341\204\215
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\125\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\052\060\050\006
+\003\125\004\003\023\041\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\157\146
+\040\127\157\123\151\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\136\150\326\021\161\224\143\120\126\000\150\363\076\311
+\305\221
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "WoSign China"
+#
+# Issuer: CN=CA ...............,O=WoSign CA Limited,C=CN
+# Serial Number:50:70:6b:cd:d8:13:fc:1b:4e:3b:33:72:d2:11:48:8d
+# Subject: CN=CA ...............,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Aug 08 01:00:01 2009
+# Not Valid After : Mon Aug 08 01:00:01 2039
+# Fingerprint (SHA-256): D6:F0:34:BD:94:AA:23:3F:02:97:EC:A4:24:5B:28:39:73:E4:47:AA:59:0F:31:0C:77:F4:8F:DF:83:11:22:54
+# Fingerprint (SHA1): 16:32:47:8D:89:F9:21:3A:92:00:85:63:F5:A4:A7:D3:12:40:8A:D6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "WoSign China"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\033\060\031\006
+\003\125\004\003\014\022\103\101\040\346\262\203\351\200\232\346
+\240\271\350\257\201\344\271\246
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\033\060\031\006
+\003\125\004\003\014\022\103\101\040\346\262\203\351\200\232\346
+\240\271\350\257\201\344\271\246
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\120\160\153\315\330\023\374\033\116\073\063\162\322\021
+\110\215
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\130\060\202\003\100\240\003\002\001\002\002\020\120
+\160\153\315\330\023\374\033\116\073\063\162\322\021\110\215\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\106
+\061\013\060\011\006\003\125\004\006\023\002\103\116\061\032\060
+\030\006\003\125\004\012\023\021\127\157\123\151\147\156\040\103
+\101\040\114\151\155\151\164\145\144\061\033\060\031\006\003\125
+\004\003\014\022\103\101\040\346\262\203\351\200\232\346\240\271
+\350\257\201\344\271\246\060\036\027\015\060\071\060\070\060\070
+\060\061\060\060\060\061\132\027\015\063\071\060\070\060\070\060
+\061\060\060\060\061\132\060\106\061\013\060\011\006\003\125\004
+\006\023\002\103\116\061\032\060\030\006\003\125\004\012\023\021
+\127\157\123\151\147\156\040\103\101\040\114\151\155\151\164\145
+\144\061\033\060\031\006\003\125\004\003\014\022\103\101\040\346
+\262\203\351\200\232\346\240\271\350\257\201\344\271\246\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\320
+\111\041\036\045\374\207\301\052\302\254\333\166\206\006\116\347
+\320\164\064\334\355\145\065\374\120\326\210\077\244\360\177\353
+\017\137\171\057\211\261\375\274\143\130\067\223\233\070\370\267
+\133\251\372\330\161\307\264\274\200\227\215\154\113\361\120\325
+\052\051\252\250\031\172\226\346\225\216\164\355\227\012\127\165
+\364\005\333\155\013\071\271\001\177\252\366\326\332\154\346\005
+\340\244\115\122\374\333\320\164\267\021\214\173\215\117\377\207
+\203\256\377\005\003\023\127\120\067\376\214\226\122\020\114\137
+\277\224\161\151\331\226\076\014\103\117\276\060\300\237\071\164
+\117\006\105\135\243\326\126\071\150\007\314\207\117\120\167\223
+\161\331\104\010\261\212\064\351\211\254\333\233\116\341\331\344
+\122\105\214\056\024\037\221\153\031\035\150\051\054\126\304\342
+\036\023\127\144\360\141\343\271\021\337\260\341\127\240\033\255
+\327\137\321\257\333\053\055\077\320\150\216\017\352\237\017\213
+\065\130\033\023\034\364\336\065\241\012\135\326\352\337\022\157
+\300\373\151\007\106\162\334\201\366\004\043\027\340\115\165\341
+\162\157\260\050\353\233\341\341\203\241\237\112\135\257\314\233
+\372\002\040\266\030\142\167\221\073\243\325\145\255\334\174\220
+\167\034\104\101\244\112\213\353\225\162\351\366\011\144\334\250
+\055\237\164\170\350\301\242\011\143\234\357\240\333\117\235\225
+\253\040\117\267\260\367\207\134\246\240\344\067\070\307\134\343
+\065\017\054\255\243\200\242\354\056\135\300\317\355\213\005\302
+\346\163\156\366\211\325\365\322\106\216\352\155\143\033\036\212
+\311\175\246\370\234\353\345\325\143\205\115\163\146\151\021\376
+\310\016\364\301\307\146\111\123\176\344\031\153\361\351\172\131
+\243\155\176\305\027\346\047\306\357\033\333\157\374\015\115\006
+\001\264\016\134\060\106\125\140\257\070\145\072\312\107\272\254
+\054\314\106\037\262\106\226\077\363\355\046\005\356\167\241\152
+\153\176\055\155\130\134\112\324\216\147\270\361\332\325\106\212
+\047\371\021\362\311\102\376\116\336\337\037\134\304\244\206\207
+\026\063\241\247\027\030\245\015\344\005\345\053\302\053\013\242
+\225\220\271\375\140\074\116\211\076\347\234\356\037\273\001\002
+\003\001\000\001\243\102\060\100\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001
+\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016
+\004\026\004\024\340\115\277\334\233\101\135\023\350\144\360\247
+\351\025\244\341\201\301\272\061\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\003\202\002\001\000\152\212\160\070
+\131\266\332\213\030\310\276\052\323\266\031\325\146\051\172\135
+\315\133\057\163\034\046\116\243\175\157\253\267\051\115\246\351
+\245\021\203\247\071\163\257\020\104\222\346\045\135\117\141\372
+\310\006\276\116\113\357\376\363\061\376\306\174\160\012\101\130
+\332\350\231\113\226\311\170\274\230\174\002\051\355\011\200\346
+\012\072\202\002\052\342\311\057\310\126\031\046\356\170\034\043
+\375\367\223\145\116\347\363\230\230\257\315\335\331\236\100\210
+\061\050\072\253\056\013\260\254\014\044\372\172\046\230\363\022
+\141\020\364\135\027\367\176\342\170\227\124\342\214\350\051\272
+\214\020\062\275\335\063\153\070\206\176\071\075\016\003\162\247
+\135\171\217\105\212\131\256\133\041\156\061\106\325\131\215\317
+\025\137\335\061\045\317\333\140\326\201\104\162\051\002\127\366
+\226\324\326\377\352\051\333\071\305\270\054\212\032\215\316\313
+\347\102\061\206\005\150\016\236\024\335\000\220\272\151\105\010
+\333\156\220\201\206\247\052\005\077\346\204\071\370\267\371\127
+\137\114\244\171\132\020\014\136\325\153\377\065\137\005\121\036
+\154\243\165\251\317\120\203\323\174\364\146\367\202\215\075\014
+\175\350\337\173\250\016\033\054\234\256\100\160\207\332\355\247
+\026\202\132\276\065\154\040\116\042\141\331\274\121\172\315\172
+\141\334\113\021\371\376\147\064\317\056\004\146\141\134\127\227
+\043\214\363\206\033\110\337\052\257\247\301\377\330\216\076\003
+\273\330\052\260\372\024\045\262\121\153\206\103\205\056\007\043
+\026\200\215\114\373\264\143\073\314\303\164\355\033\243\036\376
+\065\017\137\174\035\026\206\365\016\303\225\361\057\257\135\045
+\073\121\346\327\166\101\070\321\113\003\071\050\245\036\221\162
+\324\175\253\227\063\304\323\076\340\151\266\050\171\240\011\215
+\034\321\377\101\162\110\006\374\232\056\347\040\371\233\242\336
+\211\355\256\074\011\257\312\127\263\222\211\160\100\344\057\117
+\302\160\203\100\327\044\054\153\347\011\037\323\325\307\301\010
+\364\333\016\073\034\007\013\103\021\204\041\206\351\200\324\165
+\330\253\361\002\142\301\261\176\125\141\317\023\327\046\260\327
+\234\313\051\213\070\112\013\016\220\215\272\241
+END
+
+# Trust for "WoSign China"
+# Issuer: CN=CA ...............,O=WoSign CA Limited,C=CN
+# Serial Number:50:70:6b:cd:d8:13:fc:1b:4e:3b:33:72:d2:11:48:8d
+# Subject: CN=CA ...............,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Aug 08 01:00:01 2009
+# Not Valid After : Mon Aug 08 01:00:01 2039
+# Fingerprint (SHA-256): D6:F0:34:BD:94:AA:23:3F:02:97:EC:A4:24:5B:28:39:73:E4:47:AA:59:0F:31:0C:77:F4:8F:DF:83:11:22:54
+# Fingerprint (SHA1): 16:32:47:8D:89:F9:21:3A:92:00:85:63:F5:A4:A7:D3:12:40:8A:D6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "WoSign China"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\026\062\107\215\211\371\041\072\222\000\205\143\365\244\247\323
+\022\100\212\326
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\170\203\133\122\026\166\304\044\073\203\170\350\254\332\232\223
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\033\060\031\006
+\003\125\004\003\014\022\103\101\040\346\262\203\351\200\232\346
+\240\271\350\257\201\344\271\246
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\120\160\153\315\330\023\374\033\116\073\063\162\322\021
+\110\215
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "COMODO RSA Certification Authority"
+#
+# Issuer: CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number:4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
+# Subject: CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Tue Jan 19 00:00:00 2010
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 52:F0:E1:C4:E5:8E:C6:29:29:1B:60:31:7F:07:46:71:B8:5D:7E:A8:0D:5B:07:27:34:63:53:4B:32:B4:02:34
+# Fingerprint (SHA1): AF:E5:D2:44:A8:D1:19:42:30:FF:47:9F:E2:F8:97:BB:CD:7A:8C:B4
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "COMODO RSA Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\053\060\051\006
+\003\125\004\003\023\042\103\117\115\117\104\117\040\122\123\101
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\053\060\051\006
+\003\125\004\003\023\042\103\117\115\117\104\117\040\122\123\101
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\114\252\371\312\333\143\157\340\037\367\116\330\133\003
+\206\235
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\330\060\202\003\300\240\003\002\001\002\002\020\114
+\252\371\312\333\143\157\340\037\367\116\330\133\003\206\235\060
+\015\006\011\052\206\110\206\367\015\001\001\014\005\000\060\201
+\205\061\013\060\011\006\003\125\004\006\023\002\107\102\061\033
+\060\031\006\003\125\004\010\023\022\107\162\145\141\164\145\162
+\040\115\141\156\143\150\145\163\164\145\162\061\020\060\016\006
+\003\125\004\007\023\007\123\141\154\146\157\162\144\061\032\060
+\030\006\003\125\004\012\023\021\103\117\115\117\104\117\040\103
+\101\040\114\151\155\151\164\145\144\061\053\060\051\006\003\125
+\004\003\023\042\103\117\115\117\104\117\040\122\123\101\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\060\036\027\015\061\060\060\061\061\071
+\060\060\060\060\060\060\132\027\015\063\070\060\061\061\070\062
+\063\065\071\065\071\132\060\201\205\061\013\060\011\006\003\125
+\004\006\023\002\107\102\061\033\060\031\006\003\125\004\010\023
+\022\107\162\145\141\164\145\162\040\115\141\156\143\150\145\163
+\164\145\162\061\020\060\016\006\003\125\004\007\023\007\123\141
+\154\146\157\162\144\061\032\060\030\006\003\125\004\012\023\021
+\103\117\115\117\104\117\040\103\101\040\114\151\155\151\164\145
+\144\061\053\060\051\006\003\125\004\003\023\042\103\117\115\117
+\104\117\040\122\123\101\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\221
+\350\124\222\322\012\126\261\254\015\044\335\305\317\104\147\164
+\231\053\067\243\175\043\160\000\161\274\123\337\304\372\052\022
+\217\113\177\020\126\275\237\160\162\267\141\177\311\113\017\027
+\247\075\343\260\004\141\356\377\021\227\307\364\206\076\012\372
+\076\134\371\223\346\064\172\331\024\153\347\234\263\205\240\202
+\172\166\257\161\220\327\354\375\015\372\234\154\372\337\260\202
+\364\024\176\371\276\304\246\057\117\177\231\177\265\374\147\103
+\162\275\014\000\326\211\353\153\054\323\355\217\230\034\024\253
+\176\345\343\156\374\330\250\344\222\044\332\103\153\142\270\125
+\375\352\301\274\154\266\213\363\016\215\232\344\233\154\151\231
+\370\170\110\060\105\325\255\341\015\074\105\140\374\062\226\121
+\047\274\147\303\312\056\266\153\352\106\307\307\040\240\261\037
+\145\336\110\010\272\244\116\251\362\203\106\067\204\353\350\314
+\201\110\103\147\116\162\052\233\134\275\114\033\050\212\134\042
+\173\264\253\230\331\356\340\121\203\303\011\106\116\155\076\231
+\372\225\027\332\174\063\127\101\074\215\121\355\013\266\134\257
+\054\143\032\337\127\310\077\274\351\135\304\233\257\105\231\342
+\243\132\044\264\272\251\126\075\317\157\252\377\111\130\276\360
+\250\377\364\270\255\351\067\373\272\270\364\013\072\371\350\103
+\102\036\211\330\204\313\023\361\331\273\341\211\140\270\214\050
+\126\254\024\035\234\012\347\161\353\317\016\335\075\251\226\241
+\110\275\074\367\257\265\015\042\114\300\021\201\354\126\073\366
+\323\242\342\133\267\262\004\042\122\225\200\223\151\350\216\114
+\145\361\221\003\055\160\164\002\352\213\147\025\051\151\122\002
+\273\327\337\120\152\125\106\277\240\243\050\141\177\160\320\303
+\242\252\054\041\252\107\316\050\234\006\105\166\277\202\030\047
+\264\325\256\264\313\120\346\153\364\114\206\161\060\351\246\337
+\026\206\340\330\377\100\335\373\320\102\210\177\243\063\072\056
+\134\036\101\021\201\143\316\030\161\153\053\354\246\212\267\061
+\134\072\152\107\340\303\171\131\326\040\032\257\362\152\230\252
+\162\274\127\112\322\113\235\273\020\374\260\114\101\345\355\035
+\075\136\050\235\234\314\277\263\121\332\247\107\345\204\123\002
+\003\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004
+\026\004\024\273\257\176\002\075\372\246\361\074\204\216\255\356
+\070\230\354\331\062\062\324\060\016\006\003\125\035\017\001\001
+\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206
+\367\015\001\001\014\005\000\003\202\002\001\000\012\361\325\106
+\204\267\256\121\273\154\262\115\101\024\000\223\114\234\313\345
+\300\124\317\240\045\216\002\371\375\260\242\015\365\040\230\074
+\023\055\254\126\242\260\326\176\021\222\351\056\272\236\056\232
+\162\261\275\031\104\154\141\065\242\232\264\026\022\151\132\214
+\341\327\076\244\032\350\057\003\364\256\141\035\020\033\052\244
+\213\172\305\376\005\246\341\300\326\310\376\236\256\217\053\272
+\075\231\370\330\163\011\130\106\156\246\234\364\327\047\323\225
+\332\067\203\162\034\323\163\340\242\107\231\003\070\135\325\111
+\171\000\051\034\307\354\233\040\034\007\044\151\127\170\262\071
+\374\072\204\240\265\234\174\215\277\056\223\142\047\267\071\332
+\027\030\256\275\074\011\150\377\204\233\074\325\326\013\003\343
+\127\236\024\367\321\353\117\310\275\207\043\267\266\111\103\171
+\205\134\272\353\222\013\241\306\350\150\250\114\026\261\032\231
+\012\350\123\054\222\273\241\011\030\165\014\145\250\173\313\043
+\267\032\302\050\205\303\033\377\320\053\142\357\244\173\011\221
+\230\147\214\024\001\315\150\006\152\143\041\165\003\200\210\212
+\156\201\306\205\362\251\244\055\347\364\245\044\020\107\203\312
+\315\364\215\171\130\261\006\233\347\032\052\331\235\001\327\224
+\175\355\003\112\312\360\333\350\251\001\076\365\126\231\311\036
+\216\111\075\273\345\011\271\340\117\111\222\075\026\202\100\314
+\314\131\306\346\072\355\022\056\151\074\154\225\261\375\252\035
+\173\177\206\276\036\016\062\106\373\373\023\217\165\177\114\213
+\113\106\143\376\000\064\100\160\301\303\271\241\335\246\160\342
+\004\263\101\274\351\200\221\352\144\234\172\341\042\003\251\234
+\156\157\016\145\117\154\207\207\136\363\156\240\371\165\245\233
+\100\350\123\262\047\235\112\271\300\167\041\215\377\207\362\336
+\274\214\357\027\337\267\111\013\321\362\156\060\013\032\016\116
+\166\355\021\374\365\351\126\262\175\277\307\155\012\223\214\245
+\320\300\266\035\276\072\116\224\242\327\156\154\013\302\212\174
+\372\040\363\304\344\345\315\015\250\313\221\222\261\174\205\354
+\265\024\151\146\016\202\347\315\316\310\055\246\121\177\041\301
+\065\123\205\006\112\135\237\255\273\033\137\164
+END
+
+# Trust for "COMODO RSA Certification Authority"
+# Issuer: CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Serial Number:4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
+# Subject: CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
+# Not Valid Before: Tue Jan 19 00:00:00 2010
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 52:F0:E1:C4:E5:8E:C6:29:29:1B:60:31:7F:07:46:71:B8:5D:7E:A8:0D:5B:07:27:34:63:53:4B:32:B4:02:34
+# Fingerprint (SHA1): AF:E5:D2:44:A8:D1:19:42:30:FF:47:9F:E2:F8:97:BB:CD:7A:8C:B4
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "COMODO RSA Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\257\345\322\104\250\321\031\102\060\377\107\237\342\370\227\273
+\315\172\214\264
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\033\061\260\161\100\066\314\024\066\221\255\304\076\375\354\030
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\107\102
+\061\033\060\031\006\003\125\004\010\023\022\107\162\145\141\164
+\145\162\040\115\141\156\143\150\145\163\164\145\162\061\020\060
+\016\006\003\125\004\007\023\007\123\141\154\146\157\162\144\061
+\032\060\030\006\003\125\004\012\023\021\103\117\115\117\104\117
+\040\103\101\040\114\151\155\151\164\145\144\061\053\060\051\006
+\003\125\004\003\023\042\103\117\115\117\104\117\040\122\123\101
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\114\252\371\312\333\143\157\340\037\367\116\330\133\003
+\206\235
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "USERTrust RSA Certification Authority"
+#
+# Issuer: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Serial Number:01:fd:6d:30:fc:a3:ca:51:a8:1b:bc:64:0e:35:03:2d
+# Subject: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Not Valid Before: Mon Feb 01 00:00:00 2010
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
+# Fingerprint (SHA1): 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "USERTrust RSA Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\210\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\023\060\021\006\003\125\004\010\023\012\116\145\167\040\112
+\145\162\163\145\171\061\024\060\022\006\003\125\004\007\023\013
+\112\145\162\163\145\171\040\103\151\164\171\061\036\060\034\006
+\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122
+\125\123\124\040\116\145\164\167\157\162\153\061\056\060\054\006
+\003\125\004\003\023\045\125\123\105\122\124\162\165\163\164\040
+\122\123\101\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\210\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\023\060\021\006\003\125\004\010\023\012\116\145\167\040\112
+\145\162\163\145\171\061\024\060\022\006\003\125\004\007\023\013
+\112\145\162\163\145\171\040\103\151\164\171\061\036\060\034\006
+\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122
+\125\123\124\040\116\145\164\167\157\162\153\061\056\060\054\006
+\003\125\004\003\023\045\125\123\105\122\124\162\165\163\164\040
+\122\123\101\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\001\375\155\060\374\243\312\121\250\033\274\144\016\065
+\003\055
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\336\060\202\003\306\240\003\002\001\002\002\020\001
+\375\155\060\374\243\312\121\250\033\274\144\016\065\003\055\060
+\015\006\011\052\206\110\206\367\015\001\001\014\005\000\060\201
+\210\061\013\060\011\006\003\125\004\006\023\002\125\123\061\023
+\060\021\006\003\125\004\010\023\012\116\145\167\040\112\145\162
+\163\145\171\061\024\060\022\006\003\125\004\007\023\013\112\145
+\162\163\145\171\040\103\151\164\171\061\036\060\034\006\003\125
+\004\012\023\025\124\150\145\040\125\123\105\122\124\122\125\123
+\124\040\116\145\164\167\157\162\153\061\056\060\054\006\003\125
+\004\003\023\045\125\123\105\122\124\162\165\163\164\040\122\123
+\101\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\101\165\164\150\157\162\151\164\171\060\036\027\015\061\060\060
+\062\060\061\060\060\060\060\060\060\132\027\015\063\070\060\061
+\061\070\062\063\065\071\065\071\132\060\201\210\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\023\060\021\006\003\125
+\004\010\023\012\116\145\167\040\112\145\162\163\145\171\061\024
+\060\022\006\003\125\004\007\023\013\112\145\162\163\145\171\040
+\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
+\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
+\167\157\162\153\061\056\060\054\006\003\125\004\003\023\045\125
+\123\105\122\124\162\165\163\164\040\122\123\101\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\060\202\002\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
+\002\202\002\001\000\200\022\145\027\066\016\303\333\010\263\320
+\254\127\015\166\355\315\047\323\114\255\120\203\141\342\252\040
+\115\011\055\144\011\334\316\211\237\314\075\251\354\366\317\301
+\334\361\323\261\326\173\067\050\021\053\107\332\071\306\274\072
+\031\264\137\246\275\175\235\243\143\102\266\166\362\251\073\053
+\221\370\342\157\320\354\026\040\220\011\076\342\350\164\311\030
+\264\221\324\142\144\333\177\243\006\361\210\030\152\220\042\074
+\274\376\023\360\207\024\173\366\344\037\216\324\344\121\306\021
+\147\106\010\121\313\206\024\124\077\274\063\376\176\154\234\377
+\026\235\030\275\121\216\065\246\247\146\310\162\147\333\041\146
+\261\324\233\170\003\300\120\072\350\314\360\334\274\236\114\376
+\257\005\226\065\037\127\132\267\377\316\371\075\267\054\266\366
+\124\335\310\347\022\072\115\256\114\212\267\134\232\264\267\040
+\075\312\177\042\064\256\176\073\150\146\001\104\347\001\116\106
+\123\233\063\140\367\224\276\123\067\220\163\103\363\062\303\123
+\357\333\252\376\164\116\151\307\153\214\140\223\336\304\307\014
+\337\341\062\256\314\223\073\121\170\225\147\213\356\075\126\376
+\014\320\151\017\033\017\363\045\046\153\063\155\367\156\107\372
+\163\103\345\176\016\245\146\261\051\174\062\204\143\125\211\304
+\015\301\223\124\060\031\023\254\323\175\067\247\353\135\072\154
+\065\134\333\101\327\022\332\251\111\013\337\330\200\212\011\223
+\142\216\265\146\317\045\210\315\204\270\261\077\244\071\017\331
+\002\236\353\022\114\225\174\363\153\005\251\136\026\203\314\270
+\147\342\350\023\235\314\133\202\323\114\263\355\133\377\336\345
+\163\254\043\073\055\000\277\065\125\164\011\111\330\111\130\032
+\177\222\066\346\121\222\016\363\046\175\034\115\027\274\311\354
+\103\046\320\277\101\137\100\251\104\104\364\231\347\127\207\236
+\120\037\127\124\250\076\375\164\143\057\261\120\145\011\346\130
+\102\056\103\032\114\264\360\045\107\131\372\004\036\223\324\046
+\106\112\120\201\262\336\276\170\267\374\147\025\341\311\127\204
+\036\017\143\326\351\142\272\326\137\125\056\352\134\306\050\010
+\004\045\071\270\016\053\251\362\114\227\034\007\077\015\122\365
+\355\357\057\202\017\002\003\001\000\001\243\102\060\100\060\035
+\006\003\125\035\016\004\026\004\024\123\171\277\132\252\053\112
+\317\124\200\341\330\233\300\235\362\262\003\146\313\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015
+\006\011\052\206\110\206\367\015\001\001\014\005\000\003\202\002
+\001\000\134\324\174\015\317\367\001\175\101\231\145\014\163\305
+\122\237\313\370\317\231\006\177\033\332\103\025\237\236\002\125
+\127\226\024\361\122\074\047\207\224\050\355\037\072\001\067\242
+\166\374\123\120\300\204\233\306\153\116\272\214\041\117\242\216
+\125\142\221\363\151\025\330\274\210\343\304\252\013\375\357\250
+\351\113\125\052\006\040\155\125\170\051\031\356\137\060\134\113
+\044\021\125\377\044\232\156\136\052\053\356\013\115\237\177\367
+\001\070\224\024\225\103\007\011\373\140\251\356\034\253\022\214
+\240\232\136\247\230\152\131\155\213\077\010\373\310\321\105\257
+\030\025\144\220\022\017\163\050\056\305\342\044\116\374\130\354
+\360\364\105\376\042\263\353\057\216\322\331\105\141\005\301\227
+\157\250\166\162\217\213\214\066\257\277\015\005\316\161\215\346
+\246\157\037\154\246\161\142\305\330\320\203\162\014\361\147\021
+\211\014\234\023\114\162\064\337\274\325\161\337\252\161\335\341
+\271\154\214\074\022\135\145\332\275\127\022\266\103\153\377\345
+\336\115\146\021\121\317\231\256\354\027\266\350\161\221\214\336
+\111\376\335\065\161\242\025\047\224\034\317\141\343\046\273\157
+\243\147\045\041\135\346\335\035\013\056\150\033\073\202\257\354
+\203\147\205\324\230\121\164\261\271\231\200\211\377\177\170\031
+\134\171\112\140\056\222\100\256\114\067\052\054\311\307\142\310
+\016\135\367\066\133\312\340\045\045\001\264\335\032\007\234\167
+\000\077\320\334\325\354\075\324\372\273\077\314\205\326\157\177
+\251\055\337\271\002\367\365\227\232\265\065\332\303\147\260\207
+\112\251\050\236\043\216\377\134\047\153\341\260\117\363\007\356
+\000\056\324\131\207\313\122\101\225\352\364\107\327\356\144\101
+\125\174\215\131\002\225\335\142\235\302\271\356\132\050\164\204
+\245\233\267\220\307\014\007\337\365\211\066\164\062\326\050\301
+\260\260\013\340\234\114\303\034\326\374\343\151\265\107\106\201
+\057\242\202\253\323\143\104\160\304\215\377\055\063\272\255\217
+\173\265\160\210\256\076\031\317\100\050\330\374\310\220\273\135
+\231\042\365\122\346\130\305\037\210\061\103\356\210\035\327\306
+\216\074\103\152\035\247\030\336\175\075\026\361\142\371\312\220
+\250\375
+END
+
+# Trust for "USERTrust RSA Certification Authority"
+# Issuer: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Serial Number:01:fd:6d:30:fc:a3:ca:51:a8:1b:bc:64:0e:35:03:2d
+# Subject: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Not Valid Before: Mon Feb 01 00:00:00 2010
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
+# Fingerprint (SHA1): 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "USERTrust RSA Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\053\217\033\127\063\015\273\242\320\172\154\121\367\016\351\015
+\332\271\255\216
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\033\376\151\321\221\267\031\063\243\162\250\017\341\125\345\265
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\210\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\023\060\021\006\003\125\004\010\023\012\116\145\167\040\112
+\145\162\163\145\171\061\024\060\022\006\003\125\004\007\023\013
+\112\145\162\163\145\171\040\103\151\164\171\061\036\060\034\006
+\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122
+\125\123\124\040\116\145\164\167\157\162\153\061\056\060\054\006
+\003\125\004\003\023\045\125\123\105\122\124\162\165\163\164\040
+\122\123\101\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\001\375\155\060\374\243\312\121\250\033\274\144\016\065
+\003\055
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "USERTrust ECC Certification Authority"
+#
+# Issuer: CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Serial Number:5c:8b:99:c5:5a:94:c5:d2:71:56:de:cd:89:80:cc:26
+# Subject: CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Not Valid Before: Mon Feb 01 00:00:00 2010
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 4F:F4:60:D5:4B:9C:86:DA:BF:BC:FC:57:12:E0:40:0D:2B:ED:3F:BC:4D:4F:BD:AA:86:E0:6A:DC:D2:A9:AD:7A
+# Fingerprint (SHA1): D1:CB:CA:5D:B2:D5:2A:7F:69:3B:67:4D:E5:F0:5A:1D:0C:95:7D:F0
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "USERTrust ECC Certification Authority"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\210\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\023\060\021\006\003\125\004\010\023\012\116\145\167\040\112
+\145\162\163\145\171\061\024\060\022\006\003\125\004\007\023\013
+\112\145\162\163\145\171\040\103\151\164\171\061\036\060\034\006
+\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122
+\125\123\124\040\116\145\164\167\157\162\153\061\056\060\054\006
+\003\125\004\003\023\045\125\123\105\122\124\162\165\163\164\040
+\105\103\103\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\210\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\023\060\021\006\003\125\004\010\023\012\116\145\167\040\112
+\145\162\163\145\171\061\024\060\022\006\003\125\004\007\023\013
+\112\145\162\163\145\171\040\103\151\164\171\061\036\060\034\006
+\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122
+\125\123\124\040\116\145\164\167\157\162\153\061\056\060\054\006
+\003\125\004\003\023\045\125\123\105\122\124\162\165\163\164\040
+\105\103\103\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\134\213\231\305\132\224\305\322\161\126\336\315\211\200
+\314\046
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\217\060\202\002\025\240\003\002\001\002\002\020\134
+\213\231\305\132\224\305\322\161\126\336\315\211\200\314\046\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\210\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\023\060\021\006
+\003\125\004\010\023\012\116\145\167\040\112\145\162\163\145\171
+\061\024\060\022\006\003\125\004\007\023\013\112\145\162\163\145
+\171\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
+\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
+\145\164\167\157\162\153\061\056\060\054\006\003\125\004\003\023
+\045\125\123\105\122\124\162\165\163\164\040\105\103\103\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\060\036\027\015\061\060\060\062\060\061
+\060\060\060\060\060\060\132\027\015\063\070\060\061\061\070\062
+\063\065\071\065\071\132\060\201\210\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\023\060\021\006\003\125\004\010\023
+\012\116\145\167\040\112\145\162\163\145\171\061\024\060\022\006
+\003\125\004\007\023\013\112\145\162\163\145\171\040\103\151\164
+\171\061\036\060\034\006\003\125\004\012\023\025\124\150\145\040
+\125\123\105\122\124\122\125\123\124\040\116\145\164\167\157\162
+\153\061\056\060\054\006\003\125\004\003\023\045\125\123\105\122
+\124\162\165\163\164\040\105\103\103\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005
+\053\201\004\000\042\003\142\000\004\032\254\124\132\251\371\150
+\043\347\172\325\044\157\123\306\132\330\113\253\306\325\266\321
+\346\163\161\256\335\234\326\014\141\375\333\240\211\003\270\005
+\024\354\127\316\356\135\077\342\041\263\316\367\324\212\171\340
+\243\203\176\055\227\320\141\304\361\231\334\045\221\143\253\177
+\060\243\264\160\342\307\241\063\234\363\277\056\134\123\261\137
+\263\175\062\177\212\064\343\171\171\243\102\060\100\060\035\006
+\003\125\035\016\004\026\004\024\072\341\011\206\324\317\031\302
+\226\166\164\111\166\334\340\065\306\143\143\232\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\012\006
+\010\052\206\110\316\075\004\003\003\003\150\000\060\145\002\060
+\066\147\241\026\010\334\344\227\000\101\035\116\276\341\143\001
+\317\073\252\102\021\144\240\235\224\071\002\021\171\134\173\035
+\372\144\271\356\026\102\263\277\212\302\011\304\354\344\261\115
+\002\061\000\351\052\141\107\214\122\112\113\116\030\160\366\326
+\104\326\156\365\203\272\155\130\275\044\331\126\110\352\357\304
+\242\106\201\210\152\072\106\321\251\233\115\311\141\332\321\135
+\127\152\030
+END
+
+# Trust for "USERTrust ECC Certification Authority"
+# Issuer: CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Serial Number:5c:8b:99:c5:5a:94:c5:d2:71:56:de:cd:89:80:cc:26
+# Subject: CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
+# Not Valid Before: Mon Feb 01 00:00:00 2010
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 4F:F4:60:D5:4B:9C:86:DA:BF:BC:FC:57:12:E0:40:0D:2B:ED:3F:BC:4D:4F:BD:AA:86:E0:6A:DC:D2:A9:AD:7A
+# Fingerprint (SHA1): D1:CB:CA:5D:B2:D5:2A:7F:69:3B:67:4D:E5:F0:5A:1D:0C:95:7D:F0
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "USERTrust ECC Certification Authority"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\321\313\312\135\262\325\052\177\151\073\147\115\345\360\132\035
+\014\225\175\360
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\372\150\274\331\265\177\255\375\311\035\006\203\050\314\044\301
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\210\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\023\060\021\006\003\125\004\010\023\012\116\145\167\040\112
+\145\162\163\145\171\061\024\060\022\006\003\125\004\007\023\013
+\112\145\162\163\145\171\040\103\151\164\171\061\036\060\034\006
+\003\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122
+\125\123\124\040\116\145\164\167\157\162\153\061\056\060\054\006
+\003\125\004\003\023\045\125\123\105\122\124\162\165\163\164\040
+\105\103\103\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\134\213\231\305\132\224\305\322\161\126\336\315\211\200
+\314\046
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GlobalSign ECC Root CA - R4"
+#
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R4
+# Serial Number:2a:38:a4:1c:96:0a:04:de:42:b2:28:a5:0b:e8:34:98:02
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R4
+# Not Valid Before: Tue Nov 13 00:00:00 2012
+# Not Valid After : Tue Jan 19 03:14:07 2038
+# Fingerprint (SHA-256): BE:C9:49:11:C2:95:56:76:DB:6C:0A:55:09:86:D7:6E:3B:A0:05:66:7C:44:2C:97:62:B4:FB:B7:73:DE:22:8C
+# Fingerprint (SHA1): 69:69:56:2E:40:80:F4:24:A1:E7:19:9F:14:BA:F3:EE:58:AB:6A:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign ECC Root CA - R4"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\120\061\044\060\042\006\003\125\004\013\023\033\107\154\157
+\142\141\154\123\151\147\156\040\105\103\103\040\122\157\157\164
+\040\103\101\040\055\040\122\064\061\023\060\021\006\003\125\004
+\012\023\012\107\154\157\142\141\154\123\151\147\156\061\023\060
+\021\006\003\125\004\003\023\012\107\154\157\142\141\154\123\151
+\147\156
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\044\060\042\006\003\125\004\013\023\033\107\154\157
+\142\141\154\123\151\147\156\040\105\103\103\040\122\157\157\164
+\040\103\101\040\055\040\122\064\061\023\060\021\006\003\125\004
+\012\023\012\107\154\157\142\141\154\123\151\147\156\061\023\060
+\021\006\003\125\004\003\023\012\107\154\157\142\141\154\123\151
+\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\052\070\244\034\226\012\004\336\102\262\050\245\013\350
+\064\230\002
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\001\341\060\202\001\207\240\003\002\001\002\002\021\052
+\070\244\034\226\012\004\336\102\262\050\245\013\350\064\230\002
+\060\012\006\010\052\206\110\316\075\004\003\002\060\120\061\044
+\060\042\006\003\125\004\013\023\033\107\154\157\142\141\154\123
+\151\147\156\040\105\103\103\040\122\157\157\164\040\103\101\040
+\055\040\122\064\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156\060\036
+\027\015\061\062\061\061\061\063\060\060\060\060\060\060\132\027
+\015\063\070\060\061\061\071\060\063\061\064\060\067\132\060\120
+\061\044\060\042\006\003\125\004\013\023\033\107\154\157\142\141
+\154\123\151\147\156\040\105\103\103\040\122\157\157\164\040\103
+\101\040\055\040\122\064\061\023\060\021\006\003\125\004\012\023
+\012\107\154\157\142\141\154\123\151\147\156\061\023\060\021\006
+\003\125\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+\060\131\060\023\006\007\052\206\110\316\075\002\001\006\010\052
+\206\110\316\075\003\001\007\003\102\000\004\270\306\171\323\217
+\154\045\016\237\056\071\031\034\003\244\256\232\345\071\007\011
+\026\312\143\261\271\206\370\212\127\301\127\316\102\372\163\241
+\367\145\102\377\036\301\000\262\156\163\016\377\307\041\345\030
+\244\252\331\161\077\250\324\271\316\214\035\243\102\060\100\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\035\006\003\125\035\016\004\026\004\024\124\260\173\255\105
+\270\342\100\177\373\012\156\373\276\063\311\074\243\204\325\060
+\012\006\010\052\206\110\316\075\004\003\002\003\110\000\060\105
+\002\041\000\334\222\241\240\023\246\317\003\260\346\304\041\227
+\220\372\024\127\055\003\354\356\074\323\156\312\250\154\166\274
+\242\336\273\002\040\047\250\205\047\065\233\126\306\243\362\107
+\322\267\156\033\002\000\027\252\147\246\025\221\336\372\224\354
+\173\013\370\237\204
+END
+
+# Trust for "GlobalSign ECC Root CA - R4"
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R4
+# Serial Number:2a:38:a4:1c:96:0a:04:de:42:b2:28:a5:0b:e8:34:98:02
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R4
+# Not Valid Before: Tue Nov 13 00:00:00 2012
+# Not Valid After : Tue Jan 19 03:14:07 2038
+# Fingerprint (SHA-256): BE:C9:49:11:C2:95:56:76:DB:6C:0A:55:09:86:D7:6E:3B:A0:05:66:7C:44:2C:97:62:B4:FB:B7:73:DE:22:8C
+# Fingerprint (SHA1): 69:69:56:2E:40:80:F4:24:A1:E7:19:9F:14:BA:F3:EE:58:AB:6A:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign ECC Root CA - R4"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\151\151\126\056\100\200\364\044\241\347\031\237\024\272\363\356
+\130\253\152\273
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\040\360\047\150\321\176\240\235\016\346\052\312\337\134\211\216
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\044\060\042\006\003\125\004\013\023\033\107\154\157
+\142\141\154\123\151\147\156\040\105\103\103\040\122\157\157\164
+\040\103\101\040\055\040\122\064\061\023\060\021\006\003\125\004
+\012\023\012\107\154\157\142\141\154\123\151\147\156\061\023\060
+\021\006\003\125\004\003\023\012\107\154\157\142\141\154\123\151
+\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\052\070\244\034\226\012\004\336\102\262\050\245\013\350
+\064\230\002
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GlobalSign ECC Root CA - R5"
+#
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R5
+# Serial Number:60:59:49:e0:26:2e:bb:55:f9:0a:77:8a:71:f9:4a:d8:6c
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R5
+# Not Valid Before: Tue Nov 13 00:00:00 2012
+# Not Valid After : Tue Jan 19 03:14:07 2038
+# Fingerprint (SHA-256): 17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC:10:0C:89:24
+# Fingerprint (SHA1): 1F:24:C6:30:CD:A4:18:EF:20:69:FF:AD:4F:DD:5F:46:3A:1B:69:AA
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign ECC Root CA - R5"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\120\061\044\060\042\006\003\125\004\013\023\033\107\154\157
+\142\141\154\123\151\147\156\040\105\103\103\040\122\157\157\164
+\040\103\101\040\055\040\122\065\061\023\060\021\006\003\125\004
+\012\023\012\107\154\157\142\141\154\123\151\147\156\061\023\060
+\021\006\003\125\004\003\023\012\107\154\157\142\141\154\123\151
+\147\156
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\044\060\042\006\003\125\004\013\023\033\107\154\157
+\142\141\154\123\151\147\156\040\105\103\103\040\122\157\157\164
+\040\103\101\040\055\040\122\065\061\023\060\021\006\003\125\004
+\012\023\012\107\154\157\142\141\154\123\151\147\156\061\023\060
+\021\006\003\125\004\003\023\012\107\154\157\142\141\154\123\151
+\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\140\131\111\340\046\056\273\125\371\012\167\212\161\371
+\112\330\154
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\036\060\202\001\244\240\003\002\001\002\002\021\140
+\131\111\340\046\056\273\125\371\012\167\212\161\371\112\330\154
+\060\012\006\010\052\206\110\316\075\004\003\003\060\120\061\044
+\060\042\006\003\125\004\013\023\033\107\154\157\142\141\154\123
+\151\147\156\040\105\103\103\040\122\157\157\164\040\103\101\040
+\055\040\122\065\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156\060\036
+\027\015\061\062\061\061\061\063\060\060\060\060\060\060\132\027
+\015\063\070\060\061\061\071\060\063\061\064\060\067\132\060\120
+\061\044\060\042\006\003\125\004\013\023\033\107\154\157\142\141
+\154\123\151\147\156\040\105\103\103\040\122\157\157\164\040\103
+\101\040\055\040\122\065\061\023\060\021\006\003\125\004\012\023
+\012\107\154\157\142\141\154\123\151\147\156\061\023\060\021\006
+\003\125\004\003\023\012\107\154\157\142\141\154\123\151\147\156
+\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005\053
+\201\004\000\042\003\142\000\004\107\105\016\226\373\175\135\277
+\351\071\321\041\370\237\013\266\325\173\036\222\072\110\131\034
+\360\142\061\055\300\172\050\376\032\247\134\263\266\314\227\347
+\105\324\130\372\321\167\155\103\242\300\207\145\064\012\037\172
+\335\353\074\063\241\305\235\115\244\157\101\225\070\177\311\036
+\204\353\321\236\111\222\207\224\207\014\072\205\112\146\237\235
+\131\223\115\227\141\006\206\112\243\102\060\100\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006
+\003\125\035\016\004\026\004\024\075\346\051\110\233\352\007\312
+\041\104\112\046\336\156\336\322\203\320\237\131\060\012\006\010
+\052\206\110\316\075\004\003\003\003\150\000\060\145\002\061\000
+\345\151\022\311\156\333\306\061\272\011\101\341\227\370\373\375
+\232\342\175\022\311\355\174\144\323\313\005\045\213\126\331\240
+\347\136\135\116\013\203\234\133\166\051\240\011\046\041\152\142
+\002\060\161\322\265\217\134\352\073\341\170\011\205\250\165\222
+\073\310\134\375\110\357\015\164\042\250\010\342\156\305\111\316
+\307\014\274\247\141\151\361\367\073\341\052\313\371\053\363\146
+\220\067
+END
+
+# Trust for "GlobalSign ECC Root CA - R5"
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R5
+# Serial Number:60:59:49:e0:26:2e:bb:55:f9:0a:77:8a:71:f9:4a:d8:6c
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R5
+# Not Valid Before: Tue Nov 13 00:00:00 2012
+# Not Valid After : Tue Jan 19 03:14:07 2038
+# Fingerprint (SHA-256): 17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC:10:0C:89:24
+# Fingerprint (SHA1): 1F:24:C6:30:CD:A4:18:EF:20:69:FF:AD:4F:DD:5F:46:3A:1B:69:AA
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GlobalSign ECC Root CA - R5"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\037\044\306\060\315\244\030\357\040\151\377\255\117\335\137\106
+\072\033\151\252
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\237\255\073\034\002\036\212\272\027\164\070\201\014\242\274\010
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\120\061\044\060\042\006\003\125\004\013\023\033\107\154\157
+\142\141\154\123\151\147\156\040\105\103\103\040\122\157\157\164
+\040\103\101\040\055\040\122\065\061\023\060\021\006\003\125\004
+\012\023\012\107\154\157\142\141\154\123\151\147\156\061\023\060
+\021\006\003\125\004\003\023\012\107\154\157\142\141\154\123\151
+\147\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\140\131\111\340\046\056\273\125\371\012\167\212\161\371
+\112\330\154
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal"
+#
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:2f:00:6e:cd:17:70:66:e7:5f:a3:82:0a:79:1f:05:ae
+# Subject: CN=VeriSign Class 3 Secure Server CA - G2,OU=Terms of use at https://www.verisign.com/rpa (c)09,OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Thu Mar 26 00:00:00 2009
+# Not Valid After : Sun Mar 24 23:59:59 2019
+# Fingerprint (SHA-256): 0A:41:51:D5:E5:8B:84:B8:AC:E5:3A:5C:12:12:2A:C9:59:CD:69:91:FB:B3:8E:99:B5:76:C0:AB:DA:C3:58:14
+# Fingerprint (SHA1): 76:44:59:78:1B:AC:B0:47:63:A5:D0:A1:58:91:65:26:1F:29:8E:3B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\265\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\073\060\071\006\003
+\125\004\013\023\062\124\145\162\155\163\040\157\146\040\165\163
+\145\040\141\164\040\150\164\164\160\163\072\057\057\167\167\167
+\056\166\145\162\151\163\151\147\156\056\143\157\155\057\162\160
+\141\040\050\143\051\060\071\061\057\060\055\006\003\125\004\003
+\023\046\126\145\162\151\123\151\147\156\040\103\154\141\163\163
+\040\063\040\123\145\143\165\162\145\040\123\145\162\166\145\162
+\040\103\101\040\055\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\066\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\057\000\156\315\027\160\146\347\137\243\202\012\171\037
+\005\256
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\071\060\202\004\041\240\003\002\001\002\002\020\057
+\000\156\315\027\160\146\347\137\243\202\012\171\037\005\256\060
+\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
+\312\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
+\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
+\156\054\040\111\156\143\056\061\037\060\035\006\003\125\004\013
+\023\026\126\145\162\151\123\151\147\156\040\124\162\165\163\164
+\040\116\145\164\167\157\162\153\061\072\060\070\006\003\125\004
+\013\023\061\050\143\051\040\062\060\060\066\040\126\145\162\151
+\123\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162
+\040\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040
+\157\156\154\171\061\105\060\103\006\003\125\004\003\023\074\126
+\145\162\151\123\151\147\156\040\103\154\141\163\163\040\063\040
+\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\107\065\060\036\027\015\060
+\071\060\063\062\066\060\060\060\060\060\060\132\027\015\061\071
+\060\063\062\064\062\063\065\071\065\071\132\060\201\265\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006
+\003\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040
+\111\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126
+\145\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\073\060\071\006\003\125\004\013\023\062
+\124\145\162\155\163\040\157\146\040\165\163\145\040\141\164\040
+\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151
+\163\151\147\156\056\143\157\155\057\162\160\141\040\050\143\051
+\060\071\061\057\060\055\006\003\125\004\003\023\046\126\145\162
+\151\123\151\147\156\040\103\154\141\163\163\040\063\040\123\145
+\143\165\162\145\040\123\145\162\166\145\162\040\103\101\040\055
+\040\107\062\060\202\001\042\060\015\006\011\052\206\110\206\367
+\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
+\202\001\001\000\324\126\217\127\073\067\050\246\100\143\322\225
+\325\005\164\332\265\031\152\226\326\161\127\057\342\300\064\214
+\240\225\263\214\341\067\044\363\056\355\103\105\005\216\211\327
+\372\332\112\265\370\076\215\116\307\371\111\120\105\067\100\237
+\164\252\240\121\125\141\361\140\204\211\245\236\200\215\057\260
+\041\252\105\202\304\317\264\024\177\107\025\040\050\202\260\150
+\022\300\256\134\007\327\366\131\314\313\142\126\134\115\111\377
+\046\210\253\124\121\072\057\112\332\016\230\342\211\162\271\374
+\367\150\074\304\037\071\172\313\027\201\363\014\255\017\334\141
+\142\033\020\013\004\036\051\030\161\136\142\313\103\336\276\061
+\272\161\002\031\116\046\251\121\332\214\144\151\003\336\234\375
+\175\375\173\141\274\374\204\174\210\134\264\303\173\355\137\053
+\106\022\361\375\000\001\232\213\133\351\243\005\056\217\056\133
+\336\363\033\170\370\146\221\010\300\136\316\325\260\066\312\324
+\250\173\240\175\371\060\172\277\370\335\031\121\053\040\272\376
+\247\317\241\116\260\147\365\200\252\053\203\056\322\216\124\211
+\216\036\051\013\002\003\001\000\001\243\202\001\054\060\202\001
+\050\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001
+\001\377\002\001\000\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\051\006\003\125\035\021\004\042\060\040
+\244\036\060\034\061\032\060\030\006\003\125\004\003\023\021\103
+\154\141\163\163\063\103\101\062\060\064\070\055\061\055\065\062
+\060\035\006\003\125\035\016\004\026\004\024\245\357\013\021\316
+\300\101\003\243\112\145\220\110\262\034\340\127\055\175\107\060
+\146\006\003\125\035\040\004\137\060\135\060\133\006\013\140\206
+\110\001\206\370\105\001\007\027\003\060\114\060\043\006\010\053
+\006\001\005\005\007\002\001\026\027\150\164\164\160\163\072\057
+\057\144\056\163\171\155\143\142\056\143\157\155\057\143\160\163
+\060\045\006\010\053\006\001\005\005\007\002\002\060\031\032\027
+\150\164\164\160\163\072\057\057\144\056\163\171\155\143\142\056
+\143\157\155\057\162\160\141\060\057\006\003\125\035\037\004\050
+\060\046\060\044\240\042\240\040\206\036\150\164\164\160\072\057
+\057\163\056\163\171\155\143\142\056\143\157\155\057\160\143\141
+\063\055\147\065\056\143\162\154\060\037\006\003\125\035\043\004
+\030\060\026\200\024\177\323\145\247\302\335\354\273\360\060\011
+\363\103\071\372\002\257\063\061\063\060\015\006\011\052\206\110
+\206\367\015\001\001\005\005\000\003\202\001\001\000\053\216\024
+\314\354\206\010\140\067\213\154\145\211\045\041\336\057\122\242
+\007\236\130\323\263\026\170\001\231\121\225\264\023\167\314\167
+\335\013\134\201\067\326\276\366\142\326\004\067\013\030\163\232
+\323\366\301\242\036\155\234\273\214\021\346\076\022\136\007\137
+\013\203\134\164\002\340\120\364\261\046\033\155\306\350\351\277
+\115\271\001\025\031\354\120\232\371\021\360\201\130\103\054\115
+\021\100\263\132\106\010\246\136\163\241\210\022\065\214\377\003
+\072\275\326\235\372\347\334\226\271\032\144\076\304\375\331\012
+\266\145\236\272\245\250\130\374\073\042\360\242\127\356\212\127
+\107\234\167\307\045\341\254\064\005\115\363\202\176\101\043\272
+\264\127\363\347\306\001\145\327\115\211\231\034\151\115\136\170
+\366\353\162\161\075\262\304\225\001\237\135\014\267\057\045\246
+\134\171\101\357\236\304\147\074\241\235\177\161\072\320\225\227
+\354\170\102\164\230\156\276\076\150\114\127\074\250\223\101\207
+\013\344\271\257\221\373\120\114\014\272\300\044\047\321\025\333
+\145\110\041\012\057\327\334\176\240\314\145\176\171
+END
+
+# Trust for "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal"
+# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Serial Number:2f:00:6e:cd:17:70:66:e7:5f:a3:82:0a:79:1f:05:ae
+# Subject: CN=VeriSign Class 3 Secure Server CA - G2,OU=Terms of use at https://www.verisign.com/rpa (c)09,OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
+# Not Valid Before: Thu Mar 26 00:00:00 2009
+# Not Valid After : Sun Mar 24 23:59:59 2019
+# Fingerprint (SHA-256): 0A:41:51:D5:E5:8B:84:B8:AC:E5:3A:5C:12:12:2A:C9:59:CD:69:91:FB:B3:8E:99:B5:76:C0:AB:DA:C3:58:14
+# Fingerprint (SHA1): 76:44:59:78:1B:AC:B0:47:63:A5:D0:A1:58:91:65:26:1F:29:8E:3B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\166\104\131\170\033\254\260\107\143\245\320\241\130\221\145\046
+\037\051\216\073
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\277\022\155\372\174\325\133\046\171\072\215\252\021\357\057\134
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
+\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
+\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
+\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
+\125\004\013\023\061\050\143\051\040\062\060\060\066\040\126\145
+\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
+\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
+\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
+\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
+\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
+\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
+\165\164\150\157\162\151\164\171\040\055\040\107\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\057\000\156\315\027\160\146\347\137\243\202\012\171\037
+\005\256
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Staat der Nederlanden Root CA - G3"
+#
+# Issuer: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
+# Serial Number: 10003001 (0x98a239)
+# Subject: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
+# Not Valid Before: Thu Nov 14 11:28:42 2013
+# Not Valid After : Mon Nov 13 23:00:00 2028
+# Fingerprint (SHA-256): 3C:4F:B0:B9:5A:B8:B3:00:32:F4:32:B8:6F:53:5F:E1:72:C1:85:D0:FD:39:86:58:37:CF:36:18:7F:A6:F4:28
+# Fingerprint (SHA1): D8:EB:6B:41:51:92:59:E0:F3:E7:85:00:C0:3D:B6:88:97:C9:EE:FC
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Staat der Nederlanden Root CA - G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\053\060\051\006\003\125\004\003\014\042\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\122\157\157\164\040\103\101\040\055\040\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\053\060\051\006\003\125\004\003\014\042\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\122\157\157\164\040\103\101\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\000\230\242\071
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\164\060\202\003\134\240\003\002\001\002\002\004\000
+\230\242\071\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\036\060\034\006\003\125\004\012\014\025\123\164\141\141
+\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144\145
+\156\061\053\060\051\006\003\125\004\003\014\042\123\164\141\141
+\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144\145
+\156\040\122\157\157\164\040\103\101\040\055\040\107\063\060\036
+\027\015\061\063\061\061\061\064\061\061\062\070\064\062\132\027
+\015\062\070\061\061\061\063\062\063\060\060\060\060\132\060\132
+\061\013\060\011\006\003\125\004\006\023\002\116\114\061\036\060
+\034\006\003\125\004\012\014\025\123\164\141\141\164\040\144\145
+\162\040\116\145\144\145\162\154\141\156\144\145\156\061\053\060
+\051\006\003\125\004\003\014\042\123\164\141\141\164\040\144\145
+\162\040\116\145\144\145\162\154\141\156\144\145\156\040\122\157
+\157\164\040\103\101\040\055\040\107\063\060\202\002\042\060\015
+\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002
+\017\000\060\202\002\012\002\202\002\001\000\276\062\242\124\017
+\160\373\054\134\131\353\154\304\244\121\350\205\052\263\314\112
+\064\362\260\137\363\016\307\034\075\123\036\210\010\150\330\157
+\075\255\302\236\314\202\147\007\047\207\150\161\072\237\165\226
+\042\106\005\260\355\255\307\133\236\052\336\234\374\072\306\225
+\247\365\027\147\030\347\057\111\010\014\134\317\346\314\064\355
+\170\373\120\261\334\153\062\360\242\376\266\074\344\354\132\227
+\307\077\036\160\010\060\240\334\305\263\155\157\320\202\162\021
+\253\322\201\150\131\202\027\267\170\222\140\372\314\336\077\204
+\353\215\070\063\220\012\162\043\372\065\314\046\161\061\321\162
+\050\222\331\133\043\155\146\265\155\007\102\353\246\063\316\222
+\333\300\366\154\143\170\315\312\116\075\265\345\122\233\361\276
+\073\346\124\140\260\146\036\011\253\007\376\124\211\021\102\321
+\367\044\272\140\170\032\230\367\311\021\375\026\301\065\032\124
+\165\357\103\323\345\256\116\316\347\173\303\306\116\141\121\113
+\253\232\105\113\241\037\101\275\110\123\025\161\144\013\206\263
+\345\056\276\316\244\033\301\051\204\242\265\313\010\043\166\103
+\042\044\037\027\004\324\156\234\306\374\177\053\146\032\354\212
+\345\326\317\115\365\143\011\267\025\071\326\173\254\353\343\174
+\351\116\374\165\102\310\355\130\225\014\006\102\242\234\367\344
+\160\263\337\162\157\132\067\100\211\330\205\244\327\361\013\336
+\103\031\324\112\130\054\214\212\071\236\277\204\207\361\026\073
+\066\014\351\323\264\312\154\031\101\122\011\241\035\260\152\277
+\202\357\160\121\041\062\334\005\166\214\313\367\144\344\003\120
+\257\214\221\147\253\305\362\356\130\330\336\276\367\347\061\317
+\154\311\073\161\301\325\210\265\145\274\300\350\027\027\007\022
+\265\134\322\253\040\223\264\346\202\203\160\066\305\315\243\215
+\255\213\354\243\301\103\207\346\103\342\064\276\225\213\065\355
+\007\071\332\250\035\172\237\066\236\022\260\014\145\022\220\025
+\140\331\046\100\104\343\126\140\245\020\324\152\074\375\101\334
+\016\132\107\266\357\227\141\165\117\331\376\307\262\035\324\355
+\135\111\263\251\152\313\146\204\023\325\134\240\334\337\156\167
+\006\321\161\165\310\127\157\257\017\167\133\002\003\001\000\001
+\243\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005
+\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024
+\124\255\372\307\222\127\256\312\065\234\056\022\373\344\272\135
+\040\334\224\127\060\015\006\011\052\206\110\206\367\015\001\001
+\013\005\000\003\202\002\001\000\060\231\235\005\062\310\136\016
+\073\230\001\072\212\244\347\007\367\172\370\347\232\337\120\103
+\123\227\052\075\312\074\107\230\056\341\025\173\361\222\363\141
+\332\220\045\026\145\300\237\124\135\016\003\073\133\167\002\234
+\204\266\015\230\137\064\335\073\143\302\303\050\201\302\234\051
+\056\051\342\310\303\001\362\063\352\052\252\314\011\010\367\145
+\147\306\315\337\323\266\053\247\275\314\321\016\160\137\270\043
+\321\313\221\116\012\364\310\172\345\331\143\066\301\324\337\374
+\042\227\367\140\135\352\051\057\130\262\275\130\275\215\226\117
+\020\165\277\110\173\075\121\207\241\074\164\042\302\374\007\177
+\200\334\304\254\376\152\301\160\060\260\351\216\151\342\054\151
+\201\224\011\272\335\376\115\300\203\214\224\130\300\106\040\257
+\234\037\002\370\065\125\111\057\106\324\300\360\240\226\002\017
+\063\305\161\363\236\043\175\224\267\375\072\323\011\203\006\041
+\375\140\075\256\062\300\322\356\215\246\360\347\264\202\174\012
+\314\160\311\171\200\370\376\114\367\065\204\031\212\061\373\012
+\331\327\177\233\360\242\232\153\303\005\112\355\101\140\024\060
+\321\252\021\102\156\323\043\002\004\013\306\145\335\335\122\167
+\332\201\153\262\250\372\001\070\271\226\352\052\154\147\227\211
+\224\236\274\341\124\325\344\152\170\357\112\275\053\232\075\100
+\176\306\300\165\322\156\373\150\060\354\354\213\235\371\111\065
+\232\032\054\331\263\225\071\325\036\222\367\246\271\145\057\345
+\075\155\072\110\114\010\334\344\050\022\050\276\175\065\134\352
+\340\026\176\023\033\152\327\076\327\236\374\055\165\262\301\024
+\325\043\003\333\133\157\013\076\170\057\015\336\063\215\026\267
+\110\347\203\232\201\017\173\301\103\115\125\004\027\070\112\121
+\325\131\242\211\164\323\237\276\036\113\327\306\155\267\210\044
+\157\140\221\244\202\205\133\126\101\274\320\104\253\152\023\276
+\321\054\130\267\022\063\130\262\067\143\334\023\365\224\035\077
+\100\121\365\117\365\072\355\310\305\353\302\036\035\026\225\172
+\307\176\102\161\223\156\113\025\267\060\337\252\355\127\205\110
+\254\035\152\335\071\151\344\341\171\170\276\316\005\277\241\014
+\367\200\173\041\147\047\060\131
+END
+
+# Trust for "Staat der Nederlanden Root CA - G3"
+# Issuer: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
+# Serial Number: 10003001 (0x98a239)
+# Subject: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
+# Not Valid Before: Thu Nov 14 11:28:42 2013
+# Not Valid After : Mon Nov 13 23:00:00 2028
+# Fingerprint (SHA-256): 3C:4F:B0:B9:5A:B8:B3:00:32:F4:32:B8:6F:53:5F:E1:72:C1:85:D0:FD:39:86:58:37:CF:36:18:7F:A6:F4:28
+# Fingerprint (SHA1): D8:EB:6B:41:51:92:59:E0:F3:E7:85:00:C0:3D:B6:88:97:C9:EE:FC
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Staat der Nederlanden Root CA - G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\330\353\153\101\121\222\131\340\363\347\205\000\300\075\266\210
+\227\311\356\374
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\013\106\147\007\333\020\057\031\214\065\120\140\321\013\364\067
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\053\060\051\006\003\125\004\003\014\042\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\122\157\157\164\040\103\101\040\055\040\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\000\230\242\071
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Staat der Nederlanden EV Root CA"
+#
+# Issuer: CN=Staat der Nederlanden EV Root CA,O=Staat der Nederlanden,C=NL
+# Serial Number: 10000013 (0x98968d)
+# Subject: CN=Staat der Nederlanden EV Root CA,O=Staat der Nederlanden,C=NL
+# Not Valid Before: Wed Dec 08 11:19:29 2010
+# Not Valid After : Thu Dec 08 11:10:28 2022
+# Fingerprint (SHA-256): 4D:24:91:41:4C:FE:95:67:46:EC:4C:EF:A6:CF:6F:72:E2:8A:13:29:43:2F:9D:8A:90:7A:C4:CB:5D:AD:C1:5A
+# Fingerprint (SHA1): 76:E2:7E:C1:4F:DB:82:C1:C0:A6:75:B5:05:BE:3D:29:B4:ED:DB:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Staat der Nederlanden EV Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\051\060\047\006\003\125\004\003\014\040\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\105\126\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\051\060\047\006\003\125\004\003\014\040\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\105\126\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\000\230\226\215
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\160\060\202\003\130\240\003\002\001\002\002\004\000
+\230\226\215\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\130\061\013\060\011\006\003\125\004\006\023\002\116
+\114\061\036\060\034\006\003\125\004\012\014\025\123\164\141\141
+\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144\145
+\156\061\051\060\047\006\003\125\004\003\014\040\123\164\141\141
+\164\040\144\145\162\040\116\145\144\145\162\154\141\156\144\145
+\156\040\105\126\040\122\157\157\164\040\103\101\060\036\027\015
+\061\060\061\062\060\070\061\061\061\071\062\071\132\027\015\062
+\062\061\062\060\070\061\061\061\060\062\070\132\060\130\061\013
+\060\011\006\003\125\004\006\023\002\116\114\061\036\060\034\006
+\003\125\004\012\014\025\123\164\141\141\164\040\144\145\162\040
+\116\145\144\145\162\154\141\156\144\145\156\061\051\060\047\006
+\003\125\004\003\014\040\123\164\141\141\164\040\144\145\162\040
+\116\145\144\145\162\154\141\156\144\145\156\040\105\126\040\122
+\157\157\164\040\103\101\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\343\307\176\211\371\044\113\072\322
+\063\203\065\054\151\354\334\011\244\343\121\250\045\053\171\270
+\010\075\340\221\272\204\205\306\205\244\312\346\311\056\123\244
+\311\044\036\375\125\146\161\135\054\305\140\150\004\267\331\302
+\122\046\070\210\244\326\073\100\246\302\315\077\315\230\223\263
+\124\024\130\226\125\325\120\376\206\255\244\143\177\134\207\366
+\216\346\047\222\147\027\222\002\003\054\334\326\146\164\355\335
+\147\377\301\141\215\143\117\017\233\155\027\060\046\357\253\322
+\037\020\240\371\305\177\026\151\201\003\107\355\036\150\215\162
+\241\115\262\046\306\272\154\137\155\326\257\321\261\023\216\251
+\255\363\136\151\165\046\030\076\101\053\041\177\356\213\135\007
+\006\235\103\304\051\012\053\374\052\076\206\313\074\203\072\371
+\311\015\332\305\231\342\274\170\101\063\166\341\277\057\135\345
+\244\230\120\014\025\335\340\372\234\177\070\150\320\262\246\172
+\247\321\061\275\176\212\130\047\103\263\272\063\221\323\247\230
+\025\134\232\346\323\017\165\331\374\101\230\227\076\252\045\333
+\217\222\056\260\173\014\137\361\143\251\067\371\233\165\151\114
+\050\046\045\332\325\362\022\160\105\125\343\337\163\136\067\365
+\041\154\220\216\065\132\311\323\043\353\323\300\276\170\254\102
+\050\130\146\245\106\155\160\002\327\020\371\113\124\374\135\206
+\112\207\317\177\312\105\254\021\132\265\040\121\215\057\210\107
+\227\071\300\317\272\300\102\001\100\231\110\041\013\153\247\322
+\375\226\325\321\276\106\235\111\340\013\246\240\042\116\070\320
+\301\074\060\274\160\217\054\165\314\320\305\214\121\073\075\224
+\010\144\046\141\175\271\303\145\217\024\234\041\320\252\375\027
+\162\003\217\275\233\214\346\136\123\236\271\235\357\202\273\341
+\274\342\162\101\133\041\224\323\105\067\224\321\337\011\071\135
+\347\043\252\232\035\312\155\250\012\206\205\212\202\276\102\007
+\326\362\070\202\163\332\207\133\345\074\323\236\076\247\073\236
+\364\003\263\371\361\175\023\164\002\377\273\241\345\372\000\171
+\034\246\146\101\210\134\140\127\246\056\011\304\272\375\232\317
+\247\037\100\303\273\314\132\012\125\113\073\070\166\121\270\143
+\213\204\224\026\346\126\363\002\003\001\000\001\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\035\006\003\125\035\016\004\026\004\024\376\253\000\220
+\230\236\044\374\251\314\032\212\373\047\270\277\060\156\250\073
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\002\001\000\317\167\054\156\126\276\116\263\266\204\000\224
+\253\107\311\015\322\166\307\206\237\035\007\323\266\264\273\010
+\170\257\151\322\013\111\336\063\305\254\255\302\210\002\175\006
+\267\065\002\301\140\311\277\304\350\224\336\324\323\251\023\045
+\132\376\156\242\256\175\005\334\175\363\154\360\176\246\215\356
+\331\327\316\130\027\350\251\051\256\163\110\207\347\233\312\156
+\051\241\144\137\031\023\367\256\006\020\377\121\306\233\115\125
+\045\117\223\231\020\001\123\165\361\023\316\307\246\101\101\322
+\277\210\245\177\105\374\254\270\245\265\063\014\202\304\373\007
+\366\152\345\045\204\137\006\312\301\206\071\021\333\130\315\167
+\073\054\302\114\017\136\232\343\360\253\076\141\033\120\044\302
+\300\364\361\031\360\021\051\266\245\030\002\233\327\143\114\160
+\214\107\243\003\103\134\271\135\106\240\015\157\377\131\216\276
+\335\237\162\303\133\053\337\214\133\316\345\014\106\154\222\262
+\012\243\114\124\102\030\025\022\030\275\332\374\272\164\156\377
+\301\266\240\144\330\251\137\125\256\237\134\152\166\226\330\163
+\147\207\373\115\177\134\356\151\312\163\020\373\212\251\375\236
+\275\066\070\111\111\207\364\016\024\360\351\207\270\077\247\117
+\172\132\216\171\324\223\344\273\150\122\204\254\154\351\363\230
+\160\125\162\062\371\064\253\053\111\265\315\040\142\344\072\172
+\147\143\253\226\334\155\256\227\354\374\237\166\126\210\056\146
+\317\133\266\311\244\260\327\005\272\341\047\057\223\273\046\052
+\242\223\260\033\363\216\276\035\100\243\271\066\217\076\202\032
+\032\136\210\352\120\370\131\342\203\106\051\013\343\104\134\341
+\225\266\151\220\232\024\157\227\256\201\317\150\357\231\232\276
+\265\347\341\177\370\372\023\107\026\114\314\155\010\100\347\213
+\170\157\120\202\104\120\077\146\006\212\253\103\204\126\112\017
+\040\055\206\016\365\322\333\322\172\212\113\315\245\350\116\361
+\136\046\045\001\131\043\240\176\322\366\176\041\127\327\047\274
+\025\127\114\244\106\301\340\203\036\014\114\115\037\117\006\031
+\342\371\250\364\072\202\241\262\171\103\171\326\255\157\172\047
+\220\003\244\352\044\207\077\331\275\331\351\362\137\120\111\034
+\356\354\327\056
+END
+
+# Trust for "Staat der Nederlanden EV Root CA"
+# Issuer: CN=Staat der Nederlanden EV Root CA,O=Staat der Nederlanden,C=NL
+# Serial Number: 10000013 (0x98968d)
+# Subject: CN=Staat der Nederlanden EV Root CA,O=Staat der Nederlanden,C=NL
+# Not Valid Before: Wed Dec 08 11:19:29 2010
+# Not Valid After : Thu Dec 08 11:10:28 2022
+# Fingerprint (SHA-256): 4D:24:91:41:4C:FE:95:67:46:EC:4C:EF:A6:CF:6F:72:E2:8A:13:29:43:2F:9D:8A:90:7A:C4:CB:5D:AD:C1:5A
+# Fingerprint (SHA1): 76:E2:7E:C1:4F:DB:82:C1:C0:A6:75:B5:05:BE:3D:29:B4:ED:DB:BB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Staat der Nederlanden EV Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\166\342\176\301\117\333\202\301\300\246\165\265\005\276\075\051
+\264\355\333\273
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\374\006\257\173\350\032\361\232\264\350\322\160\037\300\365\272
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\116\114\061
+\036\060\034\006\003\125\004\012\014\025\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\061
+\051\060\047\006\003\125\004\003\014\040\123\164\141\141\164\040
+\144\145\162\040\116\145\144\145\162\154\141\156\144\145\156\040
+\105\126\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\000\230\226\215
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "IdenTrust Commercial Root CA 1"
+#
+# Issuer: CN=IdenTrust Commercial Root CA 1,O=IdenTrust,C=US
+# Serial Number:0a:01:42:80:00:00:01:45:23:c8:44:b5:00:00:00:02
+# Subject: CN=IdenTrust Commercial Root CA 1,O=IdenTrust,C=US
+# Not Valid Before: Thu Jan 16 18:12:23 2014
+# Not Valid After : Mon Jan 16 18:12:23 2034
+# Fingerprint (SHA-256): 5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30:19:E5:28:AE
+# Fingerprint (SHA1): DF:71:7E:AA:4A:D9:4E:C9:55:84:99:60:2D:48:DE:5F:BC:F0:3A:25
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "IdenTrust Commercial Root CA 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\112\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\022\060\020\006\003\125\004\012\023\011\111\144\145\156\124\162
+\165\163\164\061\047\060\045\006\003\125\004\003\023\036\111\144
+\145\156\124\162\165\163\164\040\103\157\155\155\145\162\143\151
+\141\154\040\122\157\157\164\040\103\101\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\112\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\022\060\020\006\003\125\004\012\023\011\111\144\145\156\124\162
+\165\163\164\061\047\060\045\006\003\125\004\003\023\036\111\144
+\145\156\124\162\165\163\164\040\103\157\155\155\145\162\143\151
+\141\154\040\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\012\001\102\200\000\000\001\105\043\310\104\265\000\000
+\000\002
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\140\060\202\003\110\240\003\002\001\002\002\020\012
+\001\102\200\000\000\001\105\043\310\104\265\000\000\000\002\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\112
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\022\060
+\020\006\003\125\004\012\023\011\111\144\145\156\124\162\165\163
+\164\061\047\060\045\006\003\125\004\003\023\036\111\144\145\156
+\124\162\165\163\164\040\103\157\155\155\145\162\143\151\141\154
+\040\122\157\157\164\040\103\101\040\061\060\036\027\015\061\064
+\060\061\061\066\061\070\061\062\062\063\132\027\015\063\064\060
+\061\061\066\061\070\061\062\062\063\132\060\112\061\013\060\011
+\006\003\125\004\006\023\002\125\123\061\022\060\020\006\003\125
+\004\012\023\011\111\144\145\156\124\162\165\163\164\061\047\060
+\045\006\003\125\004\003\023\036\111\144\145\156\124\162\165\163
+\164\040\103\157\155\155\145\162\143\151\141\154\040\122\157\157
+\164\040\103\101\040\061\060\202\002\042\060\015\006\011\052\206
+\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202
+\002\012\002\202\002\001\000\247\120\031\336\077\231\075\324\063
+\106\361\157\121\141\202\262\251\117\217\147\211\135\204\331\123
+\335\014\050\331\327\360\377\256\225\103\162\231\371\265\135\174
+\212\301\102\341\061\120\164\321\201\015\174\315\233\041\253\103
+\342\254\255\136\206\156\363\011\212\037\132\062\275\242\353\224
+\371\350\134\012\354\377\230\322\257\161\263\264\123\237\116\207
+\357\222\274\275\354\117\062\060\210\113\027\136\127\304\123\302
+\366\002\227\215\331\142\053\277\044\037\142\215\337\303\270\051
+\113\111\170\074\223\140\210\042\374\231\332\066\310\302\242\324
+\054\124\000\147\065\156\163\277\002\130\360\244\335\345\260\242
+\046\172\312\340\066\245\031\026\365\375\267\357\256\077\100\365
+\155\132\004\375\316\064\312\044\334\164\043\033\135\063\023\022
+\135\304\001\045\366\060\335\002\135\237\340\325\107\275\264\353
+\033\241\273\111\111\330\237\133\002\363\212\344\044\220\344\142
+\117\117\301\257\213\016\164\027\250\321\162\210\152\172\001\111
+\314\264\106\171\306\027\261\332\230\036\007\131\372\165\041\205
+\145\335\220\126\316\373\253\245\140\235\304\235\371\122\260\213
+\275\207\371\217\053\043\012\043\166\073\367\063\341\311\000\363
+\151\371\113\242\340\116\274\176\223\071\204\007\367\104\160\176
+\376\007\132\345\261\254\321\030\314\362\065\345\111\111\010\312
+\126\311\075\373\017\030\175\213\073\301\023\302\115\217\311\117
+\016\067\351\037\241\016\152\337\142\056\313\065\006\121\171\054
+\310\045\070\364\372\113\247\211\134\234\322\343\015\071\206\112
+\164\174\325\131\207\302\077\116\014\134\122\364\075\367\122\202
+\361\352\243\254\375\111\064\032\050\363\101\210\072\023\356\350
+\336\377\231\035\137\272\313\350\036\362\271\120\140\300\061\323
+\163\345\357\276\240\355\063\013\164\276\040\040\304\147\154\360
+\010\003\172\125\200\177\106\116\226\247\364\036\076\341\366\330
+\011\341\063\144\053\143\327\062\136\237\371\300\173\017\170\157
+\227\274\223\232\371\234\022\220\170\172\200\207\025\327\162\164
+\234\125\164\170\261\272\341\156\160\004\272\117\240\272\150\303
+\173\377\061\360\163\075\075\224\052\261\013\101\016\240\376\115
+\210\145\153\171\063\264\327\002\003\001\000\001\243\102\060\100
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\035\006\003\125\035\016\004\026\004\024\355\104\031\300
+\323\360\006\213\356\244\173\276\102\347\046\124\310\216\066\166
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\002\001\000\015\256\220\062\366\246\113\174\104\166\031\141
+\036\047\050\315\136\124\357\045\274\343\010\220\371\051\327\256
+\150\010\341\224\000\130\357\056\056\176\123\122\214\266\134\007
+\352\210\272\231\213\120\224\327\202\200\337\141\011\000\223\255
+\015\024\346\316\301\362\067\224\170\260\137\234\263\242\163\270
+\217\005\223\070\315\215\076\260\270\373\300\317\261\362\354\055
+\055\033\314\354\252\232\263\252\140\202\033\055\073\303\204\075
+\127\212\226\036\234\165\270\323\060\315\140\010\203\220\323\216
+\124\361\115\146\300\135\164\003\100\243\356\205\176\302\037\167
+\234\006\350\301\247\030\135\122\225\355\311\335\045\236\155\372
+\251\355\243\072\064\320\131\173\332\355\120\363\065\277\355\353
+\024\115\061\307\140\364\332\361\207\234\342\110\342\306\305\067
+\373\006\020\372\165\131\146\061\107\051\332\166\232\034\351\202
+\256\357\232\271\121\367\210\043\232\151\225\142\074\345\125\200
+\066\327\124\002\377\361\271\135\316\324\043\157\330\105\204\112
+\133\145\357\211\014\335\024\247\040\313\030\245\045\264\015\371
+\001\360\242\322\364\000\310\164\216\241\052\110\216\145\333\023
+\304\342\045\027\175\353\276\207\133\027\040\124\121\223\112\123
+\003\013\354\135\312\063\355\142\375\105\307\057\133\334\130\240
+\200\071\346\372\327\376\023\024\246\355\075\224\112\102\164\324
+\303\167\131\163\315\217\106\276\125\070\357\372\350\221\062\352
+\227\130\004\042\336\070\303\314\274\155\311\063\072\152\012\151
+\077\240\310\352\162\217\214\143\206\043\275\155\074\226\236\225
+\340\111\114\252\242\271\052\033\234\066\201\170\355\303\350\106
+\342\046\131\104\165\036\331\165\211\121\315\020\204\235\141\140
+\313\135\371\227\042\115\216\230\346\343\177\366\133\273\256\315
+\312\112\201\153\136\013\363\121\341\164\053\351\176\047\247\331
+\231\111\116\370\245\200\333\045\017\034\143\142\212\311\063\147
+\153\074\020\203\306\255\336\250\315\026\216\215\360\007\067\161
+\237\362\253\374\101\365\301\213\354\000\067\135\011\345\116\200
+\357\372\261\134\070\006\245\033\112\341\334\070\055\074\334\253
+\037\220\032\325\112\234\356\321\160\154\314\356\364\127\370\030
+\272\204\156\207
+END
+
+# Trust for "IdenTrust Commercial Root CA 1"
+# Issuer: CN=IdenTrust Commercial Root CA 1,O=IdenTrust,C=US
+# Serial Number:0a:01:42:80:00:00:01:45:23:c8:44:b5:00:00:00:02
+# Subject: CN=IdenTrust Commercial Root CA 1,O=IdenTrust,C=US
+# Not Valid Before: Thu Jan 16 18:12:23 2014
+# Not Valid After : Mon Jan 16 18:12:23 2034
+# Fingerprint (SHA-256): 5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30:19:E5:28:AE
+# Fingerprint (SHA1): DF:71:7E:AA:4A:D9:4E:C9:55:84:99:60:2D:48:DE:5F:BC:F0:3A:25
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "IdenTrust Commercial Root CA 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\337\161\176\252\112\331\116\311\125\204\231\140\055\110\336\137
+\274\360\072\045
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\263\076\167\163\165\356\240\323\343\176\111\143\111\131\273\307
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\112\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\022\060\020\006\003\125\004\012\023\011\111\144\145\156\124\162
+\165\163\164\061\047\060\045\006\003\125\004\003\023\036\111\144
+\145\156\124\162\165\163\164\040\103\157\155\155\145\162\143\151
+\141\154\040\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\012\001\102\200\000\000\001\105\043\310\104\265\000\000
+\000\002
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "IdenTrust Public Sector Root CA 1"
+#
+# Issuer: CN=IdenTrust Public Sector Root CA 1,O=IdenTrust,C=US
+# Serial Number:0a:01:42:80:00:00:01:45:23:cf:46:7c:00:00:00:02
+# Subject: CN=IdenTrust Public Sector Root CA 1,O=IdenTrust,C=US
+# Not Valid Before: Thu Jan 16 17:53:32 2014
+# Not Valid After : Mon Jan 16 17:53:32 2034
+# Fingerprint (SHA-256): 30:D0:89:5A:9A:44:8A:26:20:91:63:55:22:D1:F5:20:10:B5:86:7A:CA:E1:2C:78:EF:95:8F:D4:F4:38:9F:2F
+# Fingerprint (SHA1): BA:29:41:60:77:98:3F:F4:F3:EF:F2:31:05:3B:2E:EA:6D:4D:45:FD
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "IdenTrust Public Sector Root CA 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\022\060\020\006\003\125\004\012\023\011\111\144\145\156\124\162
+\165\163\164\061\052\060\050\006\003\125\004\003\023\041\111\144
+\145\156\124\162\165\163\164\040\120\165\142\154\151\143\040\123
+\145\143\164\157\162\040\122\157\157\164\040\103\101\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\022\060\020\006\003\125\004\012\023\011\111\144\145\156\124\162
+\165\163\164\061\052\060\050\006\003\125\004\003\023\041\111\144
+\145\156\124\162\165\163\164\040\120\165\142\154\151\143\040\123
+\145\143\164\157\162\040\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\012\001\102\200\000\000\001\105\043\317\106\174\000\000
+\000\002
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\146\060\202\003\116\240\003\002\001\002\002\020\012
+\001\102\200\000\000\001\105\043\317\106\174\000\000\000\002\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\115
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\022\060
+\020\006\003\125\004\012\023\011\111\144\145\156\124\162\165\163
+\164\061\052\060\050\006\003\125\004\003\023\041\111\144\145\156
+\124\162\165\163\164\040\120\165\142\154\151\143\040\123\145\143
+\164\157\162\040\122\157\157\164\040\103\101\040\061\060\036\027
+\015\061\064\060\061\061\066\061\067\065\063\063\062\132\027\015
+\063\064\060\061\061\066\061\067\065\063\063\062\132\060\115\061
+\013\060\011\006\003\125\004\006\023\002\125\123\061\022\060\020
+\006\003\125\004\012\023\011\111\144\145\156\124\162\165\163\164
+\061\052\060\050\006\003\125\004\003\023\041\111\144\145\156\124
+\162\165\163\164\040\120\165\142\154\151\143\040\123\145\143\164
+\157\162\040\122\157\157\164\040\103\101\040\061\060\202\002\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\002\017\000\060\202\002\012\002\202\002\001\000\266\042\224
+\374\244\110\257\350\107\153\012\373\047\166\344\362\077\212\073
+\172\112\054\061\052\214\215\260\251\303\061\153\250\167\166\204
+\046\266\254\201\102\015\010\353\125\130\273\172\370\274\145\175
+\362\240\155\213\250\107\351\142\166\036\021\356\010\024\321\262
+\104\026\364\352\320\372\036\057\136\333\313\163\101\256\274\000
+\260\112\053\100\262\254\341\073\113\302\055\235\344\241\233\354
+\032\072\036\360\010\263\320\344\044\065\007\237\234\264\311\122
+\155\333\007\312\217\265\133\360\203\363\117\307\055\245\310\255
+\313\225\040\244\061\050\127\130\132\344\215\033\232\253\236\015
+\014\362\012\063\071\042\071\012\227\056\363\123\167\271\104\105
+\375\204\313\066\040\201\131\055\232\157\155\110\110\141\312\114
+\337\123\321\257\122\274\104\237\253\057\153\203\162\357\165\200
+\332\006\063\033\135\310\332\143\306\115\315\254\146\061\315\321
+\336\076\207\020\066\341\271\244\172\357\140\120\262\313\312\246
+\126\340\067\257\253\064\023\071\045\350\071\146\344\230\172\252
+\022\230\234\131\146\206\076\255\361\260\312\076\006\017\173\360
+\021\113\067\240\104\155\173\313\250\214\161\364\325\265\221\066
+\314\360\025\306\053\336\121\027\261\227\114\120\075\261\225\131
+\174\005\175\055\041\325\000\277\001\147\242\136\173\246\134\362
+\367\042\361\220\015\223\333\252\104\121\146\314\175\166\003\353
+\152\250\052\070\031\227\166\015\153\212\141\371\274\366\356\166
+\375\160\053\335\051\074\370\012\036\133\102\034\213\126\057\125
+\033\034\241\056\265\307\026\346\370\252\074\222\216\151\266\001
+\301\265\206\235\211\017\013\070\224\124\350\352\334\236\075\045
+\274\123\046\355\325\253\071\252\305\100\114\124\253\262\264\331
+\331\370\327\162\333\034\274\155\275\145\137\357\210\065\052\146
+\057\356\366\263\145\360\063\215\174\230\101\151\106\017\103\034
+\151\372\233\265\320\141\152\315\312\113\331\114\220\106\253\025
+\131\241\107\124\051\056\203\050\137\034\302\242\253\162\027\000
+\006\216\105\354\213\342\063\075\177\332\031\104\344\142\162\303
+\337\042\306\362\126\324\335\137\225\162\355\155\137\367\110\003
+\133\375\305\052\240\366\163\043\204\020\033\001\347\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\343\161\340\236\330\247\102\331\333\161\221\153\224\223
+\353\303\243\321\024\243\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\002\001\000\107\372\335\012\260\021
+\221\070\255\115\135\367\345\016\227\124\031\202\110\207\124\214
+\252\144\231\330\132\376\210\001\305\130\245\231\261\043\124\043
+\267\152\035\040\127\345\001\142\101\027\323\011\333\165\313\156
+\124\220\165\376\032\237\201\012\302\335\327\367\011\320\133\162
+\025\344\036\011\152\075\063\363\041\232\346\025\176\255\121\325
+\015\020\355\175\102\300\217\356\300\232\010\325\101\326\134\016
+\041\151\156\200\141\016\025\300\270\317\305\111\022\122\314\276
+\072\314\324\056\070\005\336\065\375\037\157\270\200\150\230\075
+\115\240\312\100\145\322\163\174\365\213\331\012\225\077\330\077
+\043\155\032\321\052\044\031\331\205\263\027\357\170\156\251\130
+\321\043\323\307\023\355\162\045\177\135\261\163\160\320\177\006
+\227\011\204\051\200\141\035\372\136\377\163\254\240\343\211\270
+\034\161\025\306\336\061\177\022\334\341\155\233\257\347\350\237
+\165\170\114\253\106\073\232\316\277\005\030\135\115\025\074\026
+\232\031\120\004\232\262\232\157\145\213\122\137\074\130\004\050
+\045\300\146\141\061\176\271\340\165\271\032\250\201\326\162\027
+\263\305\003\061\065\021\170\170\242\340\351\060\214\177\200\337
+\130\337\074\272\047\226\342\200\064\155\343\230\323\144\047\254
+\110\176\050\167\134\306\045\141\045\370\205\014\145\372\304\062
+\057\245\230\005\344\370\013\147\026\026\306\202\270\062\031\371
+\371\271\171\334\037\315\353\257\253\016\335\033\333\105\344\172
+\347\002\342\225\135\374\151\360\123\151\141\225\165\171\013\136
+\125\346\070\034\224\251\131\063\236\310\161\164\171\177\121\211
+\266\310\152\270\060\310\152\070\303\156\236\341\067\026\352\005
+\142\114\133\022\107\355\247\264\263\130\126\307\111\363\177\022
+\150\011\061\161\360\155\370\116\107\373\326\205\356\305\130\100
+\031\244\035\247\371\113\103\067\334\150\132\117\317\353\302\144
+\164\336\264\025\331\364\124\124\032\057\034\327\227\161\124\220
+\216\331\040\235\123\053\177\253\217\342\352\060\274\120\067\357
+\361\107\265\175\174\054\004\354\150\235\264\111\104\020\364\162
+\113\034\144\347\374\346\153\220\335\151\175\151\375\000\126\245
+\267\254\266\255\267\312\076\001\357\234
+END
+
+# Trust for "IdenTrust Public Sector Root CA 1"
+# Issuer: CN=IdenTrust Public Sector Root CA 1,O=IdenTrust,C=US
+# Serial Number:0a:01:42:80:00:00:01:45:23:cf:46:7c:00:00:00:02
+# Subject: CN=IdenTrust Public Sector Root CA 1,O=IdenTrust,C=US
+# Not Valid Before: Thu Jan 16 17:53:32 2014
+# Not Valid After : Mon Jan 16 17:53:32 2034
+# Fingerprint (SHA-256): 30:D0:89:5A:9A:44:8A:26:20:91:63:55:22:D1:F5:20:10:B5:86:7A:CA:E1:2C:78:EF:95:8F:D4:F4:38:9F:2F
+# Fingerprint (SHA1): BA:29:41:60:77:98:3F:F4:F3:EF:F2:31:05:3B:2E:EA:6D:4D:45:FD
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "IdenTrust Public Sector Root CA 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\272\051\101\140\167\230\077\364\363\357\362\061\005\073\056\352
+\155\115\105\375
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\067\006\245\260\374\211\235\272\364\153\214\032\144\315\325\272
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\022\060\020\006\003\125\004\012\023\011\111\144\145\156\124\162
+\165\163\164\061\052\060\050\006\003\125\004\003\023\041\111\144
+\145\156\124\162\165\163\164\040\120\165\142\154\151\143\040\123
+\145\143\164\157\162\040\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\012\001\102\200\000\000\001\105\043\317\106\174\000\000
+\000\002
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "S-TRUST Universal Root CA"
+#
+# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE
+# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e
+# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE
+# Not Valid Before: Tue Oct 22 00:00:00 2013
+# Not Valid After : Thu Oct 21 23:59:59 2038
+# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31
+# Fingerprint (SHA1): 1B:3D:11:14:EA:7A:0F:95:58:54:41:95:BF:6B:25:82:AB:40:CE:9A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "S-TRUST Universal Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163
+\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040
+\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006
+\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166
+\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123
+\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154
+\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163
+\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040
+\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006
+\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166
+\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123
+\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154
+\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\140\126\305\113\043\100\133\144\324\355\045\332\331\326
+\036\036
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\330\060\202\002\300\240\003\002\001\002\002\020\140
+\126\305\113\043\100\133\144\324\355\045\332\331\326\036\036\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\205\061\013\060\011\006\003\125\004\006\023\002\104\105\061\051
+\060\047\006\003\125\004\012\023\040\104\145\165\164\163\143\150
+\145\162\040\123\160\141\162\153\141\163\163\145\156\040\126\145
+\162\154\141\147\040\107\155\142\110\061\047\060\045\006\003\125
+\004\013\023\036\123\055\124\122\125\123\124\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143
+\145\163\061\042\060\040\006\003\125\004\003\023\031\123\055\124
+\122\125\123\124\040\125\156\151\166\145\162\163\141\154\040\122
+\157\157\164\040\103\101\060\036\027\015\061\063\061\060\062\062
+\060\060\060\060\060\060\132\027\015\063\070\061\060\062\061\062
+\063\065\071\065\071\132\060\201\205\061\013\060\011\006\003\125
+\004\006\023\002\104\105\061\051\060\047\006\003\125\004\012\023
+\040\104\145\165\164\163\143\150\145\162\040\123\160\141\162\153
+\141\163\163\145\156\040\126\145\162\154\141\147\040\107\155\142
+\110\061\047\060\045\006\003\125\004\013\023\036\123\055\124\122
+\125\123\124\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\123\145\162\166\151\143\145\163\061\042\060\040\006\003
+\125\004\003\023\031\123\055\124\122\125\123\124\040\125\156\151
+\166\145\162\163\141\154\040\122\157\157\164\040\103\101\060\202
+\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\250
+\343\013\337\021\067\205\202\232\265\154\146\174\141\077\300\107
+\032\035\106\343\260\125\144\345\270\202\071\050\007\176\027\377
+\364\233\212\360\221\201\352\070\077\041\170\154\110\354\153\057
+\242\323\212\162\262\247\327\331\352\177\264\300\111\153\060\045
+\211\214\353\267\325\100\141\230\342\334\074\040\222\315\145\112
+\162\237\032\216\214\372\045\025\277\363\041\203\050\015\213\257
+\131\021\202\103\134\233\115\045\121\177\130\030\143\140\073\263
+\265\212\213\130\143\067\110\110\220\104\302\100\335\135\367\103
+\151\051\230\134\022\145\136\253\220\222\113\146\337\325\165\022
+\123\124\030\246\336\212\326\273\127\003\071\131\231\030\005\014
+\371\375\025\306\220\144\106\027\202\327\302\112\101\075\375\000
+\276\127\162\030\224\167\033\123\132\211\001\366\063\162\016\223
+\072\334\350\036\375\005\005\326\274\163\340\210\334\253\117\354
+\265\030\206\117\171\204\016\110\052\146\052\335\062\310\170\145
+\310\013\235\130\001\005\161\355\201\365\150\027\156\313\015\264
+\113\330\241\354\256\070\353\034\130\057\241\145\003\064\057\002
+\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023\001
+\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\035\006\003\125\035\016
+\004\026\004\024\232\175\327\353\353\177\124\230\105\051\264\040
+\253\155\013\226\043\031\244\302\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\003\202\001\001\000\116\226\022\333
+\176\167\136\222\047\236\041\027\030\202\166\330\077\274\245\011
+\004\146\210\211\255\333\125\263\063\152\306\145\304\217\115\363
+\062\066\334\171\004\226\251\167\062\321\227\365\030\153\214\272
+\355\316\021\320\104\307\222\361\264\104\216\355\210\122\110\236
+\325\375\131\370\243\036\121\373\001\122\345\137\345\172\335\252
+\044\117\042\213\335\166\106\366\245\240\017\065\330\312\017\230
+\271\060\135\040\157\302\201\036\275\275\300\376\025\323\070\052
+\011\223\230\047\033\223\173\320\053\064\136\150\245\025\117\321
+\122\303\240\312\240\203\105\035\365\365\267\131\163\135\131\001
+\217\252\302\107\057\024\161\325\051\343\020\265\107\223\045\314
+\043\051\332\267\162\330\221\324\354\033\110\212\042\344\301\052
+\367\072\150\223\237\105\031\156\103\267\314\376\270\221\232\141
+\032\066\151\143\144\222\050\363\157\141\222\205\023\237\311\007
+\054\213\127\334\353\236\171\325\302\336\010\325\124\262\127\116
+\052\062\215\241\342\072\321\020\040\042\071\175\064\105\157\161
+\073\303\035\374\377\262\117\250\342\366\060\036
+END
+
+# Trust for "S-TRUST Universal Root CA"
+# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE
+# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e
+# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE
+# Not Valid Before: Tue Oct 22 00:00:00 2013
+# Not Valid After : Thu Oct 21 23:59:59 2038
+# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31
+# Fingerprint (SHA1): 1B:3D:11:14:EA:7A:0F:95:58:54:41:95:BF:6B:25:82:AB:40:CE:9A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "S-TRUST Universal Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\033\075\021\024\352\172\017\225\130\124\101\225\277\153\045\202
+\253\100\316\232
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\130\366\101\001\256\365\133\121\231\116\134\041\350\117\324\146
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163
+\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040
+\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006
+\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166
+\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123
+\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154
+\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\140\126\305\113\043\100\133\144\324\355\045\332\331\326
+\036\036
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Entrust Root Certification Authority - G2"
+#
+# Issuer: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Serial Number: 1246989352 (0x4a538c28)
+# Subject: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Not Valid Before: Tue Jul 07 17:25:54 2009
+# Not Valid After : Sat Dec 07 17:55:54 2030
+# Fingerprint (SHA-256): 43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39
+# Fingerprint (SHA1): 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust Root Certification Authority - G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\276\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\050\060\046\006\003\125\004
+\013\023\037\123\145\145\040\167\167\167\056\145\156\164\162\165
+\163\164\056\156\145\164\057\154\145\147\141\154\055\164\145\162
+\155\163\061\071\060\067\006\003\125\004\013\023\060\050\143\051
+\040\062\060\060\071\040\105\156\164\162\165\163\164\054\040\111
+\156\143\056\040\055\040\146\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\062\060
+\060\006\003\125\004\003\023\051\105\156\164\162\165\163\164\040
+\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
+\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\276\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\050\060\046\006\003\125\004
+\013\023\037\123\145\145\040\167\167\167\056\145\156\164\162\165
+\163\164\056\156\145\164\057\154\145\147\141\154\055\164\145\162
+\155\163\061\071\060\067\006\003\125\004\013\023\060\050\143\051
+\040\062\060\060\071\040\105\156\164\162\165\163\164\054\040\111
+\156\143\056\040\055\040\146\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\062\060
+\060\006\003\125\004\003\023\051\105\156\164\162\165\163\164\040
+\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
+\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\112\123\214\050
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\076\060\202\003\046\240\003\002\001\002\002\004\112
+\123\214\050\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\201\276\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\026\060\024\006\003\125\004\012\023\015\105\156\164
+\162\165\163\164\054\040\111\156\143\056\061\050\060\046\006\003
+\125\004\013\023\037\123\145\145\040\167\167\167\056\145\156\164
+\162\165\163\164\056\156\145\164\057\154\145\147\141\154\055\164
+\145\162\155\163\061\071\060\067\006\003\125\004\013\023\060\050
+\143\051\040\062\060\060\071\040\105\156\164\162\165\163\164\054
+\040\111\156\143\056\040\055\040\146\157\162\040\141\165\164\150
+\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061
+\062\060\060\006\003\125\004\003\023\051\105\156\164\162\165\163
+\164\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055
+\040\107\062\060\036\027\015\060\071\060\067\060\067\061\067\062
+\065\065\064\132\027\015\063\060\061\062\060\067\061\067\065\065
+\065\064\132\060\201\276\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\026\060\024\006\003\125\004\012\023\015\105\156
+\164\162\165\163\164\054\040\111\156\143\056\061\050\060\046\006
+\003\125\004\013\023\037\123\145\145\040\167\167\167\056\145\156
+\164\162\165\163\164\056\156\145\164\057\154\145\147\141\154\055
+\164\145\162\155\163\061\071\060\067\006\003\125\004\013\023\060
+\050\143\051\040\062\060\060\071\040\105\156\164\162\165\163\164
+\054\040\111\156\143\056\040\055\040\146\157\162\040\141\165\164
+\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
+\061\062\060\060\006\003\125\004\003\023\051\105\156\164\162\165
+\163\164\040\122\157\157\164\040\103\145\162\164\151\146\151\143
+\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
+\055\040\107\062\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\272\204\266\162\333\236\014\153\342\231\351
+\060\001\247\166\352\062\270\225\101\032\311\332\141\116\130\162
+\317\376\366\202\171\277\163\141\006\012\245\047\330\263\137\323
+\105\116\034\162\326\116\062\362\162\212\017\367\203\031\320\152
+\200\200\000\105\036\260\307\347\232\277\022\127\047\034\243\150
+\057\012\207\275\152\153\016\136\145\363\034\167\325\324\205\215
+\160\041\264\263\062\347\213\242\325\206\071\002\261\270\322\107
+\316\344\311\111\304\073\247\336\373\124\175\127\276\360\350\156
+\302\171\262\072\013\125\342\120\230\026\062\023\134\057\170\126
+\301\302\224\263\362\132\344\047\232\237\044\327\306\354\320\233
+\045\202\343\314\302\304\105\305\214\227\172\006\153\052\021\237
+\251\012\156\110\073\157\333\324\021\031\102\367\217\007\277\365
+\123\137\234\076\364\027\054\346\151\254\116\062\114\142\167\352
+\267\350\345\273\064\274\031\213\256\234\121\347\267\176\265\123
+\261\063\042\345\155\317\160\074\032\372\342\233\147\266\203\364
+\215\245\257\142\114\115\340\130\254\144\064\022\003\370\266\215
+\224\143\044\244\161\002\003\001\000\001\243\102\060\100\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\035\006\003\125\035\016\004\026\004\024\152\162\046\172\320\036
+\357\175\347\073\151\121\324\154\215\237\220\022\146\253\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
+\001\000\171\237\035\226\306\266\171\077\042\215\207\323\207\003
+\004\140\152\153\232\056\131\211\163\021\254\103\321\365\023\377
+\215\071\053\300\362\275\117\160\214\251\057\352\027\304\013\124
+\236\324\033\226\230\063\074\250\255\142\242\000\166\253\131\151
+\156\006\035\176\304\271\104\215\230\257\022\324\141\333\012\031
+\106\107\363\353\367\143\301\100\005\100\245\322\267\364\265\232
+\066\277\251\210\166\210\004\125\004\053\234\207\177\032\067\074
+\176\055\245\032\330\324\211\136\312\275\254\075\154\330\155\257
+\325\363\166\017\315\073\210\070\042\235\154\223\232\304\075\277
+\202\033\145\077\246\017\135\252\374\345\262\025\312\265\255\306
+\274\075\320\204\350\352\006\162\260\115\071\062\170\277\076\021
+\234\013\244\235\232\041\363\360\233\013\060\170\333\301\334\207
+\103\376\274\143\232\312\305\302\034\311\307\215\377\073\022\130
+\010\346\266\075\354\172\054\116\373\203\226\316\014\074\151\207
+\124\163\244\163\302\223\377\121\020\254\025\124\001\330\374\005
+\261\211\241\177\164\203\232\111\327\334\116\173\212\110\157\213
+\105\366
+END
+
+# Trust for "Entrust Root Certification Authority - G2"
+# Issuer: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Serial Number: 1246989352 (0x4a538c28)
+# Subject: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Not Valid Before: Tue Jul 07 17:25:54 2009
+# Not Valid After : Sat Dec 07 17:55:54 2030
+# Fingerprint (SHA-256): 43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39
+# Fingerprint (SHA1): 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust Root Certification Authority - G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\214\364\047\375\171\014\072\321\146\006\215\350\036\127\357\273
+\223\042\162\324
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\113\342\311\221\226\145\014\364\016\132\223\222\240\012\376\262
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\276\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\050\060\046\006\003\125\004
+\013\023\037\123\145\145\040\167\167\167\056\145\156\164\162\165
+\163\164\056\156\145\164\057\154\145\147\141\154\055\164\145\162
+\155\163\061\071\060\067\006\003\125\004\013\023\060\050\143\051
+\040\062\060\060\071\040\105\156\164\162\165\163\164\054\040\111
+\156\143\056\040\055\040\146\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\062\060
+\060\006\003\125\004\003\023\051\105\156\164\162\165\163\164\040
+\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
+\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\112\123\214\050
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Entrust Root Certification Authority - EC1"
+#
+# Issuer: CN=Entrust Root Certification Authority - EC1,OU="(c) 2012 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Serial Number:00:a6:8b:79:29:00:00:00:00:50:d0:91:f9
+# Subject: CN=Entrust Root Certification Authority - EC1,OU="(c) 2012 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Not Valid Before: Tue Dec 18 15:25:36 2012
+# Not Valid After : Fri Dec 18 15:55:36 2037
+# Fingerprint (SHA-256): 02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5
+# Fingerprint (SHA1): 20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust Root Certification Authority - EC1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\277\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\050\060\046\006\003\125\004
+\013\023\037\123\145\145\040\167\167\167\056\145\156\164\162\165
+\163\164\056\156\145\164\057\154\145\147\141\154\055\164\145\162
+\155\163\061\071\060\067\006\003\125\004\013\023\060\050\143\051
+\040\062\060\061\062\040\105\156\164\162\165\163\164\054\040\111
+\156\143\056\040\055\040\146\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\063\060
+\061\006\003\125\004\003\023\052\105\156\164\162\165\163\164\040
+\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\105
+\103\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\277\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\050\060\046\006\003\125\004
+\013\023\037\123\145\145\040\167\167\167\056\145\156\164\162\165
+\163\164\056\156\145\164\057\154\145\147\141\154\055\164\145\162
+\155\163\061\071\060\067\006\003\125\004\013\023\060\050\143\051
+\040\062\060\061\062\040\105\156\164\162\165\163\164\054\040\111
+\156\143\056\040\055\040\146\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\063\060
+\061\006\003\125\004\003\023\052\105\156\164\162\165\163\164\040
+\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\105
+\103\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\015\000\246\213\171\051\000\000\000\000\120\320\221\371
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\371\060\202\002\200\240\003\002\001\002\002\015\000
+\246\213\171\051\000\000\000\000\120\320\221\371\060\012\006\010
+\052\206\110\316\075\004\003\003\060\201\277\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\026\060\024\006\003\125\004
+\012\023\015\105\156\164\162\165\163\164\054\040\111\156\143\056
+\061\050\060\046\006\003\125\004\013\023\037\123\145\145\040\167
+\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\154
+\145\147\141\154\055\164\145\162\155\163\061\071\060\067\006\003
+\125\004\013\023\060\050\143\051\040\062\060\061\062\040\105\156
+\164\162\165\163\164\054\040\111\156\143\056\040\055\040\146\157
+\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163\145
+\040\157\156\154\171\061\063\060\061\006\003\125\004\003\023\052
+\105\156\164\162\165\163\164\040\122\157\157\164\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\055\040\105\103\061\060\036\027\015\061\062
+\061\062\061\070\061\065\062\065\063\066\132\027\015\063\067\061
+\062\061\070\061\065\065\065\063\066\132\060\201\277\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\026\060\024\006\003
+\125\004\012\023\015\105\156\164\162\165\163\164\054\040\111\156
+\143\056\061\050\060\046\006\003\125\004\013\023\037\123\145\145
+\040\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
+\057\154\145\147\141\154\055\164\145\162\155\163\061\071\060\067
+\006\003\125\004\013\023\060\050\143\051\040\062\060\061\062\040
+\105\156\164\162\165\163\164\054\040\111\156\143\056\040\055\040
+\146\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165
+\163\145\040\157\156\154\171\061\063\060\061\006\003\125\004\003
+\023\052\105\156\164\162\165\163\164\040\122\157\157\164\040\103
+\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
+\150\157\162\151\164\171\040\055\040\105\103\061\060\166\060\020
+\006\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042
+\003\142\000\004\204\023\311\320\272\155\101\173\342\154\320\353
+\125\137\146\002\032\044\364\133\211\151\107\343\270\302\175\361
+\362\002\305\237\240\366\133\325\213\006\031\206\117\123\020\155
+\007\044\047\241\240\370\325\107\031\141\114\175\312\223\047\352
+\164\014\357\157\226\011\376\143\354\160\135\066\255\147\167\256
+\311\235\174\125\104\072\242\143\121\037\365\343\142\324\251\107
+\007\076\314\040\243\102\060\100\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001
+\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016
+\004\026\004\024\267\143\347\032\335\215\351\010\246\125\203\244
+\340\152\120\101\145\021\102\111\060\012\006\010\052\206\110\316
+\075\004\003\003\003\147\000\060\144\002\060\141\171\330\345\102
+\107\337\034\256\123\231\027\266\157\034\175\341\277\021\224\321
+\003\210\165\344\215\211\244\212\167\106\336\155\141\357\002\365
+\373\265\337\314\376\116\377\376\251\346\247\002\060\133\231\327
+\205\067\006\265\173\010\375\353\047\213\112\224\371\341\372\247
+\216\046\010\350\174\222\150\155\163\330\157\046\254\041\002\270
+\231\267\046\101\133\045\140\256\320\110\032\356\006
+END
+
+# Trust for "Entrust Root Certification Authority - EC1"
+# Issuer: CN=Entrust Root Certification Authority - EC1,OU="(c) 2012 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Serial Number:00:a6:8b:79:29:00:00:00:00:50:d0:91:f9
+# Subject: CN=Entrust Root Certification Authority - EC1,OU="(c) 2012 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
+# Not Valid Before: Tue Dec 18 15:25:36 2012
+# Not Valid After : Fri Dec 18 15:55:36 2037
+# Fingerprint (SHA-256): 02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5
+# Fingerprint (SHA1): 20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Entrust Root Certification Authority - EC1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\040\330\006\100\337\233\045\365\022\045\072\021\352\367\131\212
+\353\024\265\107
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\266\176\035\360\130\305\111\154\044\073\075\355\230\030\355\274
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\277\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165
+\163\164\054\040\111\156\143\056\061\050\060\046\006\003\125\004
+\013\023\037\123\145\145\040\167\167\167\056\145\156\164\162\165
+\163\164\056\156\145\164\057\154\145\147\141\154\055\164\145\162
+\155\163\061\071\060\067\006\003\125\004\013\023\060\050\143\051
+\040\062\060\061\062\040\105\156\164\162\165\163\164\054\040\111
+\156\143\056\040\055\040\146\157\162\040\141\165\164\150\157\162
+\151\172\145\144\040\165\163\145\040\157\156\154\171\061\063\060
+\061\006\003\125\004\003\023\052\105\156\164\162\165\163\164\040
+\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151
+\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\105
+\103\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\015\000\246\213\171\051\000\000\000\000\120\320\221\371
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "CFCA EV ROOT"
+#
+# Issuer: CN=CFCA EV ROOT,O=China Financial Certification Authority,C=CN
+# Serial Number: 407555286 (0x184accd6)
+# Subject: CN=CFCA EV ROOT,O=China Financial Certification Authority,C=CN
+# Not Valid Before: Wed Aug 08 03:07:01 2012
+# Not Valid After : Mon Dec 31 03:07:01 2029
+# Fingerprint (SHA-256): 5C:C3:D7:8E:4E:1D:5E:45:54:7A:04:E6:87:3E:64:F9:0C:F9:53:6D:1C:CC:2E:F8:00:F3:55:C4:C5:FD:70:FD
+# Fingerprint (SHA1): E2:B8:29:4B:55:84:AB:6B:58:C2:90:46:6C:AC:3F:B8:39:8F:84:83
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CFCA EV ROOT"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\126\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\060\060\056\006\003\125\004\012\014\047\103\150\151\156\141\040
+\106\151\156\141\156\143\151\141\154\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\061\025\060\023\006\003\125\004\003\014\014\103\106\103\101
+\040\105\126\040\122\117\117\124
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\126\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\060\060\056\006\003\125\004\012\014\047\103\150\151\156\141\040
+\106\151\156\141\156\143\151\141\154\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\061\025\060\023\006\003\125\004\003\014\014\103\106\103\101
+\040\105\126\040\122\117\117\124
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\030\112\314\326
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\215\060\202\003\165\240\003\002\001\002\002\004\030
+\112\314\326\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\126\061\013\060\011\006\003\125\004\006\023\002\103
+\116\061\060\060\056\006\003\125\004\012\014\047\103\150\151\156
+\141\040\106\151\156\141\156\143\151\141\154\040\103\145\162\164
+\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
+\151\164\171\061\025\060\023\006\003\125\004\003\014\014\103\106
+\103\101\040\105\126\040\122\117\117\124\060\036\027\015\061\062
+\060\070\060\070\060\063\060\067\060\061\132\027\015\062\071\061
+\062\063\061\060\063\060\067\060\061\132\060\126\061\013\060\011
+\006\003\125\004\006\023\002\103\116\061\060\060\056\006\003\125
+\004\012\014\047\103\150\151\156\141\040\106\151\156\141\156\143
+\151\141\154\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\061\025\060\023\006
+\003\125\004\003\014\014\103\106\103\101\040\105\126\040\122\117
+\117\124\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\327\135\153\315\020\077\037\005\131\325\005\115\067
+\261\016\354\230\053\216\025\035\372\223\113\027\202\041\161\020
+\122\327\121\144\160\026\302\125\151\115\216\025\155\237\277\014
+\033\302\340\243\147\326\014\254\317\042\256\257\167\124\052\113
+\114\212\123\122\172\303\356\056\336\263\161\045\301\351\135\075
+\356\241\057\243\367\052\074\311\043\035\152\253\035\241\247\361
+\363\354\240\325\104\317\025\317\162\057\035\143\227\350\231\371
+\375\223\244\124\200\114\122\324\122\253\056\111\337\220\315\270
+\137\276\077\336\241\312\115\040\324\045\350\204\051\123\267\261
+\210\037\377\372\332\220\237\012\251\055\101\077\261\361\030\051
+\356\026\131\054\064\111\032\250\006\327\250\210\322\003\162\172
+\062\342\352\150\115\156\054\226\145\173\312\131\372\362\342\335
+\356\060\054\373\314\106\254\304\143\353\157\177\066\053\064\163
+\022\224\177\337\314\046\236\361\162\135\120\145\131\217\151\263
+\207\136\062\157\303\030\212\265\225\217\260\172\067\336\132\105
+\073\307\066\341\357\147\321\071\323\227\133\163\142\031\110\055
+\207\034\006\373\164\230\040\111\163\360\005\322\033\261\240\243
+\267\033\160\323\210\151\271\132\326\070\364\142\334\045\213\170
+\277\370\350\176\270\134\311\225\117\137\247\055\271\040\153\317
+\153\335\365\015\364\202\267\364\262\146\056\020\050\366\227\132
+\173\226\026\217\001\031\055\154\156\177\071\130\006\144\203\001
+\203\203\303\115\222\335\062\306\207\244\067\351\026\316\252\055
+\150\257\012\201\145\072\160\301\233\255\115\155\124\312\052\055
+\113\205\033\263\200\346\160\105\015\153\136\065\360\177\073\270
+\234\344\004\160\211\022\045\223\332\012\231\042\140\152\143\140
+\116\166\006\230\116\275\203\255\035\130\212\045\205\322\307\145
+\036\055\216\306\337\266\306\341\177\212\004\041\025\051\164\360
+\076\234\220\235\014\056\361\212\076\132\252\014\011\036\307\325
+\074\243\355\227\303\036\064\372\070\371\010\016\343\300\135\053
+\203\321\126\152\311\266\250\124\123\056\170\062\147\075\202\177
+\164\320\373\341\266\005\140\271\160\333\216\013\371\023\130\157
+\161\140\020\122\020\271\301\101\011\357\162\037\147\061\170\377
+\226\005\215\002\003\001\000\001\243\143\060\141\060\037\006\003
+\125\035\043\004\030\060\026\200\024\343\376\055\375\050\320\013
+\265\272\266\242\304\277\006\252\005\214\223\373\057\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\035
+\006\003\125\035\016\004\026\004\024\343\376\055\375\050\320\013
+\265\272\266\242\304\277\006\252\005\214\223\373\057\060\015\006
+\011\052\206\110\206\367\015\001\001\013\005\000\003\202\002\001
+\000\045\306\272\153\353\207\313\336\202\071\226\075\360\104\247
+\153\204\163\003\336\235\053\117\272\040\177\274\170\262\317\227
+\260\033\234\363\327\171\056\365\110\266\322\373\027\210\346\323
+\172\077\355\123\023\320\342\057\152\171\313\000\043\050\346\036
+\067\127\065\211\204\302\166\117\064\066\255\147\303\316\101\006
+\210\305\367\356\330\032\270\326\013\177\120\377\223\252\027\113
+\214\354\355\122\140\262\244\006\352\116\353\364\153\031\375\353
+\365\032\340\045\052\232\334\307\101\066\367\310\164\005\204\071
+\225\071\326\013\073\244\047\372\010\330\134\036\370\004\140\122
+\021\050\050\003\377\357\123\146\000\245\112\064\026\146\174\375
+\011\244\256\236\147\032\157\101\013\153\006\023\233\217\206\161
+\005\264\057\215\211\146\063\051\166\124\232\021\370\047\372\262
+\077\221\340\316\015\033\363\060\032\255\277\042\135\033\323\277
+\045\005\115\341\222\032\177\231\237\074\104\223\312\324\100\111
+\154\200\207\327\004\072\303\062\122\065\016\126\370\245\335\175
+\304\213\015\021\037\123\313\036\262\027\266\150\167\132\340\324
+\313\310\007\256\365\072\056\216\067\267\320\001\113\103\051\167
+\214\071\227\217\202\132\370\121\345\211\240\030\347\150\177\135
+\012\056\373\243\107\016\075\246\043\172\306\001\307\217\310\136
+\277\155\200\126\276\212\044\272\063\352\237\341\062\021\236\361
+\322\117\200\366\033\100\257\070\236\021\120\171\163\022\022\315
+\346\154\235\054\210\162\074\060\201\006\221\042\352\131\255\332
+\031\056\042\302\215\271\214\207\340\146\274\163\043\137\041\144
+\143\200\110\365\240\074\030\075\224\310\110\101\035\100\272\136
+\376\376\126\071\241\310\317\136\236\031\144\106\020\332\027\221
+\267\005\200\254\213\231\222\175\347\242\330\007\013\066\047\347
+\110\171\140\212\303\327\023\134\370\162\100\337\112\313\317\231
+\000\012\000\013\021\225\332\126\105\003\210\012\237\147\320\325
+\171\261\250\215\100\155\015\302\172\100\372\363\137\144\107\222
+\313\123\271\273\131\316\117\375\320\025\123\001\330\337\353\331
+\346\166\357\320\043\273\073\251\171\263\325\002\051\315\211\243
+\226\017\112\065\347\116\102\300\165\315\007\317\346\054\353\173
+\056
+END
+
+# Trust for "CFCA EV ROOT"
+# Issuer: CN=CFCA EV ROOT,O=China Financial Certification Authority,C=CN
+# Serial Number: 407555286 (0x184accd6)
+# Subject: CN=CFCA EV ROOT,O=China Financial Certification Authority,C=CN
+# Not Valid Before: Wed Aug 08 03:07:01 2012
+# Not Valid After : Mon Dec 31 03:07:01 2029
+# Fingerprint (SHA-256): 5C:C3:D7:8E:4E:1D:5E:45:54:7A:04:E6:87:3E:64:F9:0C:F9:53:6D:1C:CC:2E:F8:00:F3:55:C4:C5:FD:70:FD
+# Fingerprint (SHA1): E2:B8:29:4B:55:84:AB:6B:58:C2:90:46:6C:AC:3F:B8:39:8F:84:83
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CFCA EV ROOT"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\342\270\051\113\125\204\253\153\130\302\220\106\154\254\077\270
+\071\217\204\203
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\164\341\266\355\046\172\172\104\060\063\224\253\173\047\201\060
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\126\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\060\060\056\006\003\125\004\012\014\047\103\150\151\156\141\040
+\106\151\156\141\156\143\151\141\154\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\061\025\060\023\006\003\125\004\003\014\014\103\106\103\101
+\040\105\126\040\122\117\117\124
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\030\112\314\326
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted MCSHOLDING CA"
+#
+# Issuer: CN=CNNIC ROOT,O=CNNIC,C=CN
+# Serial Number: 1228079246 (0x4933008e)
+# Subject: CN=MCSHOLDING TEST,O=MCSHOLDING,C=EG
+# Not Valid Before: Thu Mar 19 06:20:09 2015
+# Not Valid After : Fri Apr 03 06:20:09 2015
+# Fingerprint (SHA-256): 27:40:D9:56:B1:12:7B:79:1A:A1:B3:CC:64:4A:4D:BE:DB:A7:61:86:A2:36:38:B9:51:02:35:1A:83:4E:A8:61
+# Fingerprint (SHA1): E1:F3:59:1E:76:98:65:C4:E4:47:AC:C3:7E:AF:C9:E2:BF:E4:C5:76
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted MCSHOLDING CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\074\061\013\060\011\006\003\125\004\006\023\002\105\107\061
+\023\060\021\006\003\125\004\012\014\012\115\103\123\110\117\114
+\104\111\116\107\061\030\060\026\006\003\125\004\003\014\017\115
+\103\123\110\117\114\104\111\116\107\040\124\105\123\124
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\062\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\016\060\014\006\003\125\004\012\023\005\103\116\116\111\103\061
+\023\060\021\006\003\125\004\003\023\012\103\116\116\111\103\040
+\122\117\117\124
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\111\063\000\216
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\222\060\202\003\172\240\003\002\001\002\002\004\111
+\063\000\216\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\062\061\013\060\011\006\003\125\004\006\023\002\103
+\116\061\016\060\014\006\003\125\004\012\023\005\103\116\116\111
+\103\061\023\060\021\006\003\125\004\003\023\012\103\116\116\111
+\103\040\122\117\117\124\060\036\027\015\061\065\060\063\061\071
+\060\066\062\060\060\071\132\027\015\061\065\060\064\060\063\060
+\066\062\060\060\071\132\060\074\061\013\060\011\006\003\125\004
+\006\023\002\105\107\061\023\060\021\006\003\125\004\012\014\012
+\115\103\123\110\117\114\104\111\116\107\061\030\060\026\006\003
+\125\004\003\014\017\115\103\123\110\117\114\104\111\116\107\040
+\124\105\123\124\060\202\001\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
+\002\202\001\001\000\245\371\165\014\006\256\356\014\021\315\226
+\063\115\153\316\300\112\014\075\135\353\322\113\011\177\347\107
+\054\254\161\000\371\010\257\064\361\243\152\307\374\346\253\316
+\320\276\312\315\052\230\230\271\320\216\063\111\007\141\040\321
+\132\064\316\203\024\006\171\216\032\277\333\344\240\070\072\356
+\224\271\243\240\130\072\211\024\254\140\076\003\324\307\315\073
+\034\260\232\210\032\111\020\251\260\262\375\345\350\341\004\342
+\352\202\155\376\014\121\105\221\255\165\042\256\377\117\220\013
+\300\123\145\167\076\036\302\126\265\066\306\326\205\314\016\203
+\032\063\037\166\231\133\053\227\053\213\327\321\024\025\114\235
+\131\327\200\057\244\242\205\325\210\066\002\140\125\312\130\337
+\223\374\112\142\007\226\323\304\372\277\215\001\047\227\057\246
+\134\164\361\072\102\156\135\171\024\060\061\032\074\331\262\127
+\115\340\270\077\017\151\061\242\235\145\231\331\326\061\207\265
+\230\046\337\360\313\273\025\300\044\023\142\122\032\153\313\105
+\007\227\343\304\224\136\311\015\107\054\351\317\351\364\217\376
+\065\341\062\347\061\002\003\001\000\001\243\202\001\244\060\202
+\001\240\060\166\006\010\053\006\001\005\005\007\001\001\004\152
+\060\150\060\051\006\010\053\006\001\005\005\007\060\001\206\035
+\150\164\164\160\072\057\057\157\143\163\160\143\156\156\151\143
+\162\157\157\164\056\143\156\156\151\143\056\143\156\060\073\006
+\010\053\006\001\005\005\007\060\002\206\057\150\164\164\160\072
+\057\057\167\167\167\056\143\156\156\151\143\056\143\156\057\144
+\157\167\156\154\157\141\144\057\143\145\162\164\057\103\116\116
+\111\103\122\117\117\124\056\143\145\162\060\037\006\003\125\035
+\043\004\030\060\026\200\024\145\362\061\255\052\367\367\335\122
+\226\012\307\002\301\016\357\246\325\073\021\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\077\006\003
+\125\035\040\004\070\060\066\060\064\006\012\053\006\001\004\001
+\201\351\014\001\006\060\046\060\044\006\010\053\006\001\005\005
+\007\002\001\026\030\150\164\164\160\072\057\057\167\167\167\056
+\143\156\156\151\143\056\143\156\057\143\160\163\057\060\201\206
+\006\003\125\035\037\004\177\060\175\060\102\240\100\240\076\244
+\074\060\072\061\013\060\011\006\003\125\004\006\023\002\103\116
+\061\016\060\014\006\003\125\004\012\014\005\103\116\116\111\103
+\061\014\060\012\006\003\125\004\013\014\003\143\162\154\061\015
+\060\013\006\003\125\004\003\014\004\143\162\154\061\060\067\240
+\065\240\063\206\061\150\164\164\160\072\057\057\143\162\154\056
+\143\156\156\151\143\056\143\156\057\144\157\167\156\154\157\141
+\144\057\162\157\157\164\163\150\141\062\143\162\154\057\103\122
+\114\061\056\143\162\154\060\013\006\003\125\035\017\004\004\003
+\002\001\006\060\035\006\003\125\035\016\004\026\004\024\104\244
+\211\253\024\137\075\157\040\074\252\174\372\031\256\364\110\140
+\005\265\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\003\202\001\001\000\134\264\365\123\233\117\271\340\204\211
+\061\276\236\056\352\236\041\113\245\217\155\241\246\363\057\110
+\353\351\333\255\036\061\200\320\171\073\020\357\232\044\367\223
+\033\065\363\032\302\307\302\054\012\177\157\133\361\137\163\221
+\004\373\015\171\015\351\032\006\326\203\375\116\140\235\154\222
+\103\114\352\144\230\104\253\327\373\107\320\257\037\144\114\342
+\335\167\150\026\302\054\241\240\201\227\000\102\037\176\040\170
+\350\306\120\035\013\177\025\223\131\130\100\024\204\360\247\220
+\153\066\005\147\352\177\042\155\273\321\245\046\115\263\060\244
+\130\324\133\265\032\214\120\214\270\015\341\240\007\263\017\130
+\316\327\005\265\175\065\171\157\242\333\014\000\052\150\044\214
+\176\234\301\166\111\272\174\146\021\336\362\107\316\376\320\316
+\125\276\010\332\362\171\046\052\025\071\316\153\030\246\337\330
+\207\050\231\224\016\055\150\241\232\316\122\066\234\053\354\264
+\150\263\154\025\254\313\160\102\362\304\101\245\310\374\041\170
+\123\167\062\040\251\041\114\162\342\323\262\311\166\033\030\130
+\102\013\102\222\263\344
+END
+
+# Distrust "Explicitly Distrusted MCSHOLDING CA"
+# Issuer: CN=CNNIC ROOT,O=CNNIC,C=CN
+# Serial Number: 1228079246 (0x4933008e)
+# Subject: CN=MCSHOLDING TEST,O=MCSHOLDING,C=EG
+# Not Valid Before: Thu Mar 19 06:20:09 2015
+# Not Valid After : Fri Apr 03 06:20:09 2015
+# Fingerprint (SHA-256): 27:40:D9:56:B1:12:7B:79:1A:A1:B3:CC:64:4A:4D:BE:DB:A7:61:86:A2:36:38:B9:51:02:35:1A:83:4E:A8:61
+# Fingerprint (SHA1): E1:F3:59:1E:76:98:65:C4:E4:47:AC:C3:7E:AF:C9:E2:BF:E4:C5:76
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted MCSHOLDING CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\341\363\131\036\166\230\145\304\344\107\254\303\176\257\311\342
+\277\344\305\166
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\366\212\253\024\076\326\060\045\267\111\015\167\205\160\231\313
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\062\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\016\060\014\006\003\125\004\012\023\005\103\116\116\111\103\061
+\023\060\021\006\003\125\004\003\023\012\103\116\116\111\103\040
+\122\117\117\124
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\004\111\063\000\216
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
+#
+# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
+# Serial Number:00:8e:17:fe:24:20:81
+# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
+# Not Valid Before: Tue Apr 30 08:07:01 2013
+# Not Valid After : Fri Apr 28 08:07:01 2023
+# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78
+# Fingerprint (SHA1): C4:18:F6:4D:46:D1:DF:00:3D:27:30:13:72:43:A9:12:11:C6:75:FB
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122
+\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
+\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
+\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
+\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
+\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113
+\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153
+\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
+\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
+\261\040\110\065
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122
+\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
+\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
+\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
+\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
+\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113
+\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153
+\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
+\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
+\261\040\110\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\007\000\216\027\376\044\040\201
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\047\060\202\003\017\240\003\002\001\002\002\007\000
+\216\027\376\044\040\201\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\060\201\261\061\013\060\011\006\003\125\004
+\006\023\002\124\122\061\017\060\015\006\003\125\004\007\014\006
+\101\156\153\141\162\141\061\115\060\113\006\003\125\004\012\014
+\104\124\303\234\122\113\124\122\125\123\124\040\102\151\154\147
+\151\040\304\260\154\145\164\151\305\237\151\155\040\166\145\040
+\102\151\154\151\305\237\151\155\040\107\303\274\166\145\156\154
+\151\304\237\151\040\110\151\172\155\145\164\154\145\162\151\040
+\101\056\305\236\056\061\102\060\100\006\003\125\004\003\014\071
+\124\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164
+\162\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040
+\110\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261
+\143\304\261\163\304\261\040\110\065\060\036\027\015\061\063\060
+\064\063\060\060\070\060\067\060\061\132\027\015\062\063\060\064
+\062\070\060\070\060\067\060\061\132\060\201\261\061\013\060\011
+\006\003\125\004\006\023\002\124\122\061\017\060\015\006\003\125
+\004\007\014\006\101\156\153\141\162\141\061\115\060\113\006\003
+\125\004\012\014\104\124\303\234\122\113\124\122\125\123\124\040
+\102\151\154\147\151\040\304\260\154\145\164\151\305\237\151\155
+\040\166\145\040\102\151\154\151\305\237\151\155\040\107\303\274
+\166\145\156\154\151\304\237\151\040\110\151\172\155\145\164\154
+\145\162\151\040\101\056\305\236\056\061\102\060\100\006\003\125
+\004\003\014\071\124\303\234\122\113\124\122\125\123\124\040\105
+\154\145\153\164\162\157\156\151\153\040\123\145\162\164\151\146
+\151\153\141\040\110\151\172\155\145\164\040\123\141\304\237\154
+\141\171\304\261\143\304\261\163\304\261\040\110\065\060\202\001
+\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
+\003\202\001\017\000\060\202\001\012\002\202\001\001\000\244\045
+\031\341\145\236\353\110\041\120\112\010\345\021\360\132\272\046
+\377\203\131\316\104\052\057\376\341\316\140\003\374\215\003\245
+\355\377\153\250\272\314\064\006\237\131\065\366\354\054\273\235
+\373\215\122\151\343\234\047\020\123\363\244\002\305\247\371\021
+\032\151\165\156\303\035\213\321\230\215\223\207\247\161\227\015
+\041\307\231\371\122\323\054\143\135\125\274\350\037\001\110\271
+\140\376\102\112\366\310\200\256\315\146\172\236\105\212\150\167
+\342\110\150\237\242\332\361\341\301\020\237\353\074\051\201\247
+\341\062\010\324\240\005\261\214\373\215\226\000\016\076\045\337
+\123\206\042\073\374\364\275\363\011\176\167\354\206\353\017\063
+\345\103\117\364\124\165\155\051\231\056\146\132\103\337\313\134
+\312\310\345\070\361\176\073\065\235\017\364\305\132\241\314\363
+\040\200\044\323\127\354\025\272\165\045\233\350\144\113\263\064
+\204\357\004\270\366\311\154\252\002\076\266\125\342\062\067\137
+\374\146\227\137\315\326\236\307\040\277\115\306\254\077\165\137
+\034\355\062\234\174\151\000\151\221\343\043\030\123\351\002\003
+\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026
+\004\024\126\231\007\036\323\254\014\151\144\264\014\120\107\336
+\103\054\276\040\300\373\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\003\202\001\001\000\236\105\166\173\027
+\110\062\362\070\213\051\275\356\226\112\116\201\030\261\121\107
+\040\315\320\144\261\016\311\331\001\331\011\316\310\231\334\150
+\045\023\324\134\362\243\350\004\376\162\011\307\013\252\035\045
+\125\176\226\232\127\267\272\305\021\172\031\346\247\176\075\205
+\016\365\371\056\051\057\347\371\154\130\026\127\120\045\366\076
+\056\076\252\355\167\161\252\252\231\226\106\012\256\216\354\052
+\121\026\260\136\315\352\147\004\034\130\060\365\140\212\275\246
+\275\115\345\226\264\374\102\211\001\153\366\160\310\120\071\014
+\055\325\146\331\310\322\263\062\267\033\031\155\313\063\371\337
+\245\346\025\204\067\360\302\362\145\226\222\220\167\360\255\364
+\220\351\021\170\327\223\211\300\075\013\272\051\364\350\231\235
+\162\216\355\235\057\356\222\175\241\361\377\135\272\063\140\205
+\142\376\007\002\241\204\126\106\276\226\012\232\023\327\041\114
+\267\174\007\237\116\116\077\221\164\373\047\235\021\314\335\346
+\261\312\161\115\023\027\071\046\305\051\041\053\223\051\152\226
+\372\253\101\341\113\266\065\013\300\233\025
+END
+
+# Trust for "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
+# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
+# Serial Number:00:8e:17:fe:24:20:81
+# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
+# Not Valid Before: Tue Apr 30 08:07:01 2013
+# Not Valid After : Fri Apr 28 08:07:01 2023
+# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78
+# Fingerprint (SHA1): C4:18:F6:4D:46:D1:DF:00:3D:27:30:13:72:43:A9:12:11:C6:75:FB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\304\030\366\115\106\321\337\000\075\047\060\023\162\103\251\022
+\021\306\165\373
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\332\160\216\360\042\337\223\046\366\137\237\323\025\006\122\116
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
+\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122
+\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
+\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
+\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
+\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
+\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113
+\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153
+\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
+\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
+\261\040\110\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\007\000\216\027\376\044\040\201
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certinomis - Root CA"
+#
+# Issuer: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
+# Serial Number: 1 (0x1)
+# Subject: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
+# Not Valid Before: Mon Oct 21 09:17:18 2013
+# Not Valid After : Fri Oct 21 09:17:18 2033
+# Fingerprint (SHA-256): 2A:99:F5:BC:11:74:B7:3C:BB:1D:62:08:84:E0:1C:34:E5:1C:CB:39:78:DA:12:5F:0E:33:26:88:83:BF:41:58
+# Fingerprint (SHA1): 9D:70:BB:01:A5:A4:A0:18:11:2E:F7:1C:01:B9:32:C5:34:E7:88:A8
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certinomis - Root CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\023\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156
+\157\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060
+\060\060\062\040\064\063\063\071\071\070\071\060\063\061\035\060
+\033\006\003\125\004\003\023\024\103\145\162\164\151\156\157\155
+\151\163\040\055\040\122\157\157\164\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\023\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156
+\157\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060
+\060\060\062\040\064\063\063\071\071\070\071\060\063\061\035\060
+\033\006\003\125\004\003\023\024\103\145\162\164\151\156\157\155
+\151\163\040\055\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\222\060\202\003\172\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061\023
+\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156\157
+\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060\060
+\060\062\040\064\063\063\071\071\070\071\060\063\061\035\060\033
+\006\003\125\004\003\023\024\103\145\162\164\151\156\157\155\151
+\163\040\055\040\122\157\157\164\040\103\101\060\036\027\015\061
+\063\061\060\062\061\060\071\061\067\061\070\132\027\015\063\063
+\061\060\062\061\060\071\061\067\061\070\132\060\132\061\013\060
+\011\006\003\125\004\006\023\002\106\122\061\023\060\021\006\003
+\125\004\012\023\012\103\145\162\164\151\156\157\155\151\163\061
+\027\060\025\006\003\125\004\013\023\016\060\060\060\062\040\064
+\063\063\071\071\070\071\060\063\061\035\060\033\006\003\125\004
+\003\023\024\103\145\162\164\151\156\157\155\151\163\040\055\040
+\122\157\157\164\040\103\101\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\324\314\011\012\054\077\222\366
+\177\024\236\013\234\232\152\035\100\060\144\375\252\337\016\036
+\006\133\237\120\205\352\315\215\253\103\147\336\260\372\176\200
+\226\236\204\170\222\110\326\343\071\356\316\344\131\130\227\345
+\056\047\230\352\223\250\167\233\112\360\357\164\200\055\353\060
+\037\265\331\307\200\234\142\047\221\210\360\112\211\335\334\210
+\346\024\371\325\003\057\377\225\333\275\237\354\054\372\024\025
+\131\225\012\306\107\174\151\030\271\247\003\371\312\166\251\317
+\307\157\264\136\005\376\356\301\122\262\165\062\207\354\355\051
+\146\073\363\112\026\202\366\326\232\333\162\230\351\336\360\305
+\114\245\253\265\352\001\342\214\056\144\177\144\157\375\243\045
+\223\213\310\242\016\111\215\064\360\037\354\130\105\056\064\252
+\204\120\275\347\262\112\023\270\260\017\256\070\135\260\251\033
+\346\163\311\132\241\331\146\100\252\251\115\246\064\002\255\204
+\176\262\043\301\373\052\306\147\364\064\266\260\225\152\063\117
+\161\104\265\255\300\171\063\210\340\277\355\243\240\024\264\234
+\011\260\012\343\140\276\370\370\146\210\315\133\361\167\005\340
+\265\163\156\301\175\106\056\216\113\047\246\315\065\012\375\345
+\115\175\252\052\243\051\307\132\150\004\350\345\326\223\244\142
+\302\305\346\364\117\306\371\237\032\215\202\111\031\212\312\131
+\103\072\350\015\062\301\364\114\023\003\157\156\246\077\221\163
+\313\312\163\157\022\040\213\356\300\202\170\336\113\056\302\111
+\303\035\355\026\366\044\364\047\033\134\127\061\334\125\356\250
+\036\157\154\254\342\105\314\127\127\212\165\127\031\340\265\130
+\231\111\066\061\074\063\001\155\026\112\315\270\052\203\204\206
+\233\371\140\322\037\155\221\003\323\140\246\325\075\232\335\167
+\220\075\065\244\237\017\136\365\122\104\151\271\300\272\334\317
+\175\337\174\331\304\254\206\042\062\274\173\153\221\357\172\370
+\027\150\260\342\123\125\140\055\257\076\302\203\330\331\011\053
+\360\300\144\333\207\213\221\314\221\353\004\375\166\264\225\232
+\346\024\006\033\325\064\035\276\330\377\164\034\123\205\231\340
+\131\122\112\141\355\210\236\153\111\211\106\176\040\132\331\347
+\112\345\152\356\322\145\021\103\002\003\001\000\001\243\143\060
+\141\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\035\006\003\125\035\016\004\026\004\024\357\221\114
+\365\245\303\060\350\057\010\352\323\161\042\244\222\150\170\164
+\331\060\037\006\003\125\035\043\004\030\060\026\200\024\357\221
+\114\365\245\303\060\350\057\010\352\323\161\042\244\222\150\170
+\164\331\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\003\202\002\001\000\176\075\124\332\042\135\032\130\076\073
+\124\047\272\272\314\310\343\032\152\352\076\371\022\353\126\137
+\075\120\316\340\352\110\046\046\317\171\126\176\221\034\231\077
+\320\241\221\034\054\017\117\230\225\131\123\275\320\042\330\210
+\135\234\067\374\373\144\301\170\214\213\232\140\011\352\325\372
+\041\137\320\164\145\347\120\305\277\056\271\013\013\255\265\260
+\027\246\022\214\324\142\170\352\126\152\354\012\322\100\303\074
+\005\060\076\115\224\267\237\112\003\323\175\047\113\266\376\104
+\316\372\031\063\032\155\244\102\321\335\314\310\310\327\026\122
+\203\117\065\224\263\022\125\175\345\342\102\353\344\234\223\011
+\300\114\133\007\253\307\155\021\240\120\027\224\043\250\265\012
+\222\017\262\172\301\140\054\070\314\032\246\133\377\362\014\343
+\252\037\034\334\270\240\223\047\336\143\343\177\041\237\072\345
+\236\372\340\023\152\165\353\226\134\142\221\224\216\147\123\266
+\211\370\022\011\313\157\122\133\003\162\206\120\225\010\324\215
+\207\206\025\037\225\044\330\244\157\232\316\244\235\233\155\322
+\262\166\006\206\306\126\010\305\353\011\332\066\302\033\133\101
+\276\141\052\343\160\346\270\246\370\266\132\304\275\041\367\377
+\252\137\241\154\166\071\146\326\352\114\125\341\000\063\233\023
+\230\143\311\157\320\001\040\011\067\122\347\014\117\076\315\274
+\365\137\226\047\247\040\002\225\340\056\350\007\101\005\037\025
+\156\326\260\344\031\340\017\002\223\000\047\162\305\213\321\124
+\037\135\112\303\100\227\176\125\246\174\301\063\004\024\001\035
+\111\040\151\013\031\223\235\156\130\042\367\100\014\106\014\043
+\143\363\071\322\177\166\121\247\364\310\241\361\014\166\042\043
+\106\122\051\055\342\243\101\007\126\151\230\322\005\011\274\151
+\307\132\141\315\217\201\140\025\115\200\335\220\342\175\304\120
+\362\214\073\156\112\307\306\346\200\053\074\201\274\021\200\026
+\020\047\327\360\315\077\171\314\163\052\303\176\123\221\326\156
+\370\365\363\307\320\121\115\216\113\245\133\346\031\027\073\326
+\201\011\334\042\334\356\216\271\304\217\123\341\147\273\063\270
+\210\025\106\317\355\151\065\377\165\015\106\363\316\161\341\305
+\153\206\102\006\271\101
+END
+
+# Trust for "Certinomis - Root CA"
+# Issuer: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
+# Serial Number: 1 (0x1)
+# Subject: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
+# Not Valid Before: Mon Oct 21 09:17:18 2013
+# Not Valid After : Fri Oct 21 09:17:18 2033
+# Fingerprint (SHA-256): 2A:99:F5:BC:11:74:B7:3C:BB:1D:62:08:84:E0:1C:34:E5:1C:CB:39:78:DA:12:5F:0E:33:26:88:83:BF:41:58
+# Fingerprint (SHA1): 9D:70:BB:01:A5:A4:A0:18:11:2E:F7:1C:01:B9:32:C5:34:E7:88:A8
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certinomis - Root CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\235\160\273\001\245\244\240\030\021\056\367\034\001\271\062\305
+\064\347\210\250
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\024\012\375\215\250\050\265\070\151\333\126\176\141\042\003\077
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\023\060\021\006\003\125\004\012\023\012\103\145\162\164\151\156
+\157\155\151\163\061\027\060\025\006\003\125\004\013\023\016\060
+\060\060\062\040\064\063\063\071\071\070\071\060\063\061\035\060
+\033\006\003\125\004\003\023\024\103\145\162\164\151\156\157\155
+\151\163\040\055\040\122\157\157\164\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "OISTE WISeKey Global Root GB CA"
+#
+# Issuer: CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Serial Number:76:b1:20:52:74:f0:85:87:46:b3:f8:23:1a:f6:c2:c0
+# Subject: CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Not Valid Before: Mon Dec 01 15:00:32 2014
+# Not Valid After : Thu Dec 01 15:10:31 2039
+# Fingerprint (SHA-256): 6B:9C:08:E8:6E:B0:F7:67:CF:AD:65:CD:98:B6:21:49:E5:49:4A:67:F5:84:5E:7B:D1:ED:01:9F:27:B8:6B:D6
+# Fingerprint (SHA1): 0F:F9:40:76:18:D3:D7:6A:4B:98:F0:A8:35:9E:0C:FD:27:AC:CC:ED
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OISTE WISeKey Global Root GB CA"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\155\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145
+\171\061\042\060\040\006\003\125\004\013\023\031\117\111\123\124
+\105\040\106\157\165\156\144\141\164\151\157\156\040\105\156\144
+\157\162\163\145\144\061\050\060\046\006\003\125\004\003\023\037
+\117\111\123\124\105\040\127\111\123\145\113\145\171\040\107\154
+\157\142\141\154\040\122\157\157\164\040\107\102\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\155\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145
+\171\061\042\060\040\006\003\125\004\013\023\031\117\111\123\124
+\105\040\106\157\165\156\144\141\164\151\157\156\040\105\156\144
+\157\162\163\145\144\061\050\060\046\006\003\125\004\003\023\037
+\117\111\123\124\105\040\127\111\123\145\113\145\171\040\107\154
+\157\142\141\154\040\122\157\157\164\040\107\102\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\166\261\040\122\164\360\205\207\106\263\370\043\032\366
+\302\300
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\265\060\202\002\235\240\003\002\001\002\002\020\166
+\261\040\122\164\360\205\207\106\263\370\043\032\366\302\300\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\155
+\061\013\060\011\006\003\125\004\006\023\002\103\110\061\020\060
+\016\006\003\125\004\012\023\007\127\111\123\145\113\145\171\061
+\042\060\040\006\003\125\004\013\023\031\117\111\123\124\105\040
+\106\157\165\156\144\141\164\151\157\156\040\105\156\144\157\162
+\163\145\144\061\050\060\046\006\003\125\004\003\023\037\117\111
+\123\124\105\040\127\111\123\145\113\145\171\040\107\154\157\142
+\141\154\040\122\157\157\164\040\107\102\040\103\101\060\036\027
+\015\061\064\061\062\060\061\061\065\060\060\063\062\132\027\015
+\063\071\061\062\060\061\061\065\061\060\063\061\132\060\155\061
+\013\060\011\006\003\125\004\006\023\002\103\110\061\020\060\016
+\006\003\125\004\012\023\007\127\111\123\145\113\145\171\061\042
+\060\040\006\003\125\004\013\023\031\117\111\123\124\105\040\106
+\157\165\156\144\141\164\151\157\156\040\105\156\144\157\162\163
+\145\144\061\050\060\046\006\003\125\004\003\023\037\117\111\123
+\124\105\040\127\111\123\145\113\145\171\040\107\154\157\142\141
+\154\040\122\157\157\164\040\107\102\040\103\101\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\330\027\267
+\034\112\044\052\326\227\261\312\342\036\373\175\070\357\230\365
+\262\071\230\116\047\270\021\135\173\322\045\224\210\202\025\046
+\152\033\061\273\250\133\041\041\053\330\017\116\237\132\361\261
+\132\344\171\326\062\043\053\341\123\314\231\105\134\173\117\255
+\274\277\207\112\013\113\227\132\250\366\110\354\175\173\015\315
+\041\006\337\236\025\375\101\212\110\267\040\364\241\172\033\127
+\324\135\120\377\272\147\330\043\231\037\310\077\343\336\377\157
+\133\167\261\153\156\270\311\144\367\341\312\101\106\016\051\161
+\320\271\043\374\311\201\137\116\367\157\337\277\204\255\163\144
+\273\267\102\216\151\366\324\166\035\176\235\247\270\127\212\121
+\147\162\327\324\250\270\225\124\100\163\003\366\352\364\353\376
+\050\102\167\077\235\043\033\262\266\075\200\024\007\114\056\117
+\367\325\012\026\015\275\146\103\067\176\043\103\171\303\100\206
+\365\114\051\332\216\232\255\015\245\004\207\210\036\205\343\351
+\123\325\233\310\213\003\143\170\353\340\031\112\156\273\057\153
+\063\144\130\223\255\151\277\217\033\357\202\110\307\002\003\001
+\000\001\243\121\060\117\060\013\006\003\125\035\017\004\004\003
+\002\001\206\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\065
+\017\310\066\143\136\342\243\354\371\073\146\025\316\121\122\343
+\221\232\075\060\020\006\011\053\006\001\004\001\202\067\025\001
+\004\003\002\001\000\060\015\006\011\052\206\110\206\367\015\001
+\001\013\005\000\003\202\001\001\000\100\114\373\207\262\231\201
+\220\176\235\305\260\260\046\315\210\173\053\062\215\156\270\041
+\161\130\227\175\256\067\024\257\076\347\367\232\342\175\366\161
+\230\231\004\252\103\164\170\243\343\111\141\076\163\214\115\224
+\340\371\161\304\266\026\016\123\170\037\326\242\207\057\002\071
+\201\051\074\257\025\230\041\060\376\050\220\000\214\321\341\313
+\372\136\310\375\370\020\106\073\242\170\102\221\027\164\125\012
+\336\120\147\115\146\321\247\377\375\331\300\265\250\243\212\316
+\146\365\017\103\315\247\053\127\173\143\106\152\252\056\122\330
+\364\355\341\155\255\051\220\170\110\272\341\043\252\243\211\354
+\265\253\226\300\264\113\242\035\227\236\172\362\156\100\161\337
+\150\361\145\115\316\174\005\337\123\145\251\245\360\261\227\004
+\160\025\106\003\230\324\322\277\124\264\240\130\175\122\157\332
+\126\046\142\324\330\333\211\061\157\034\360\042\302\323\142\034
+\065\315\114\151\025\124\032\220\230\336\353\036\137\312\167\307
+\313\216\075\103\151\234\232\130\320\044\073\337\033\100\226\176
+\065\255\201\307\116\161\272\210\023
+END
+
+# Trust for "OISTE WISeKey Global Root GB CA"
+# Issuer: CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Serial Number:76:b1:20:52:74:f0:85:87:46:b3:f8:23:1a:f6:c2:c0
+# Subject: CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Not Valid Before: Mon Dec 01 15:00:32 2014
+# Not Valid After : Thu Dec 01 15:10:31 2039
+# Fingerprint (SHA-256): 6B:9C:08:E8:6E:B0:F7:67:CF:AD:65:CD:98:B6:21:49:E5:49:4A:67:F5:84:5E:7B:D1:ED:01:9F:27:B8:6B:D6
+# Fingerprint (SHA1): 0F:F9:40:76:18:D3:D7:6A:4B:98:F0:A8:35:9E:0C:FD:27:AC:CC:ED
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OISTE WISeKey Global Root GB CA"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\017\371\100\166\030\323\327\152\113\230\360\250\065\236\014\375
+\047\254\314\355
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\244\353\271\141\050\056\267\057\230\260\065\046\220\231\121\035
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\155\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145
+\171\061\042\060\040\006\003\125\004\013\023\031\117\111\123\124
+\105\040\106\157\165\156\144\141\164\151\157\156\040\105\156\144
+\157\162\163\145\144\061\050\060\046\006\003\125\004\003\023\037
+\117\111\123\124\105\040\127\111\123\145\113\145\171\040\107\154
+\157\142\141\154\040\122\157\157\164\040\107\102\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\166\261\040\122\164\360\205\207\106\263\370\043\032\366
+\302\300
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certification Authority of WoSign G2"
+#
+# Issuer: CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
+# Serial Number:6b:25:da:8a:88:9d:7c:bc:0f:05:b3:b1:7a:61:45:44
+# Subject: CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Nov 08 00:58:58 2014
+# Not Valid After : Tue Nov 08 00:58:58 2044
+# Fingerprint (SHA-256): D4:87:A5:6F:83:B0:74:82:E8:5E:96:33:94:C1:EC:C2:C9:E5:1D:09:03:EE:94:6B:02:C3:01:58:1E:D9:9E:16
+# Fingerprint (SHA1): FB:ED:DC:90:65:B7:27:20:37:BC:55:0C:9C:56:DE:BB:F2:78:94:E1
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certification Authority of WoSign G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\055\060\053\006
+\003\125\004\003\023\044\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\157\146
+\040\127\157\123\151\147\156\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\055\060\053\006
+\003\125\004\003\023\044\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\157\146
+\040\127\157\123\151\147\156\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\153\045\332\212\210\235\174\274\017\005\263\261\172\141
+\105\104
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\174\060\202\002\144\240\003\002\001\002\002\020\153
+\045\332\212\210\235\174\274\017\005\263\261\172\141\105\104\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\130
+\061\013\060\011\006\003\125\004\006\023\002\103\116\061\032\060
+\030\006\003\125\004\012\023\021\127\157\123\151\147\156\040\103
+\101\040\114\151\155\151\164\145\144\061\055\060\053\006\003\125
+\004\003\023\044\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\040\157\146\040\127
+\157\123\151\147\156\040\107\062\060\036\027\015\061\064\061\061
+\060\070\060\060\065\070\065\070\132\027\015\064\064\061\061\060
+\070\060\060\065\070\065\070\132\060\130\061\013\060\011\006\003
+\125\004\006\023\002\103\116\061\032\060\030\006\003\125\004\012
+\023\021\127\157\123\151\147\156\040\103\101\040\114\151\155\151
+\164\145\144\061\055\060\053\006\003\125\004\003\023\044\103\145
+\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
+\157\162\151\164\171\040\157\146\040\127\157\123\151\147\156\040
+\107\062\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\276\305\304\240\042\200\111\117\277\331\207\021\306
+\123\341\273\017\275\140\177\257\366\202\016\037\334\260\216\075
+\227\340\120\074\217\072\357\146\073\105\007\233\040\370\343\327
+\045\206\065\220\026\242\135\157\060\031\010\207\013\177\006\262
+\235\142\217\336\257\222\245\140\324\053\200\232\122\077\365\232
+\203\351\064\132\313\331\325\142\134\346\016\340\337\006\230\016
+\200\174\312\264\035\023\210\153\016\250\044\167\003\320\356\133
+\363\312\151\221\065\071\126\305\155\343\367\075\117\136\223\070
+\044\312\030\351\044\313\222\003\335\314\034\075\011\160\344\040
+\344\361\256\254\273\163\151\243\143\072\017\105\017\241\112\232
+\302\321\143\254\313\020\370\075\346\116\050\267\353\304\225\261
+\254\375\136\253\372\101\313\135\235\113\334\364\174\166\357\147
+\177\000\172\215\322\240\032\134\115\042\341\265\332\335\166\263
+\324\166\337\136\270\213\230\310\024\124\314\153\027\222\267\340
+\112\277\111\224\141\013\070\220\217\135\044\154\045\173\073\171
+\331\342\176\235\255\237\230\241\006\374\170\024\140\127\370\356
+\200\167\261\002\003\001\000\001\243\102\060\100\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
+\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006
+\003\125\035\016\004\026\004\024\372\140\251\353\145\305\335\026
+\024\010\116\014\017\215\233\340\367\144\257\147\060\015\006\011
+\052\206\110\206\367\015\001\001\013\005\000\003\202\001\001\000
+\127\303\172\066\202\234\215\230\342\253\100\252\107\217\307\247
+\133\355\174\347\075\146\132\073\061\273\337\363\026\063\221\374
+\174\173\245\302\246\146\343\252\260\267\047\230\077\111\327\140
+\147\147\077\066\117\112\313\361\024\372\132\207\050\034\355\217
+\101\062\306\225\371\175\332\275\173\133\302\260\041\343\217\106
+\334\041\070\103\164\114\373\060\370\027\162\301\062\374\310\221
+\027\304\314\130\067\116\013\314\132\367\041\065\050\203\154\140
+\055\104\353\122\214\120\075\265\154\022\327\372\011\273\154\262
+\112\261\305\211\344\374\323\122\330\141\027\376\172\224\204\217
+\171\266\063\131\272\017\304\013\342\160\240\113\170\056\372\310
+\237\375\257\221\145\012\170\070\025\345\227\027\024\335\371\340
+\054\064\370\070\320\204\042\000\300\024\121\030\053\002\334\060
+\132\360\350\001\174\065\072\043\257\010\344\257\252\216\050\102
+\111\056\360\365\231\064\276\355\017\113\030\341\322\044\074\273
+\135\107\267\041\362\215\321\012\231\216\343\156\076\255\160\340
+\217\271\312\314\156\201\061\366\173\234\172\171\344\147\161\030
+END
+
+# Trust for "Certification Authority of WoSign G2"
+# Issuer: CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
+# Serial Number:6b:25:da:8a:88:9d:7c:bc:0f:05:b3:b1:7a:61:45:44
+# Subject: CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Nov 08 00:58:58 2014
+# Not Valid After : Tue Nov 08 00:58:58 2044
+# Fingerprint (SHA-256): D4:87:A5:6F:83:B0:74:82:E8:5E:96:33:94:C1:EC:C2:C9:E5:1D:09:03:EE:94:6B:02:C3:01:58:1E:D9:9E:16
+# Fingerprint (SHA1): FB:ED:DC:90:65:B7:27:20:37:BC:55:0C:9C:56:DE:BB:F2:78:94:E1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certification Authority of WoSign G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\373\355\334\220\145\267\047\040\067\274\125\014\234\126\336\273
+\362\170\224\341
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\310\034\175\031\252\313\161\223\362\120\370\122\250\036\272\140
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\130\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\055\060\053\006
+\003\125\004\003\023\044\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\157\146
+\040\127\157\123\151\147\156\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\153\045\332\212\210\235\174\274\017\005\263\261\172\141
+\105\104
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "CA WoSign ECC Root"
+#
+# Issuer: CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
+# Serial Number:68:4a:58:70:80:6b:f0:8f:02:fa:f6:de:e8:b0:90:90
+# Subject: CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Nov 08 00:58:58 2014
+# Not Valid After : Tue Nov 08 00:58:58 2044
+# Fingerprint (SHA-256): 8B:45:DA:1C:06:F7:91:EB:0C:AB:F2:6B:E5:88:F5:FB:23:16:5C:2E:61:4B:F8:85:56:2D:0D:CE:50:B2:9B:02
+# Fingerprint (SHA1): D2:7A:D2:BE:ED:94:C0:A1:3C:C7:25:21:EA:5D:71:BE:81:19:F3:2B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CA WoSign ECC Root"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\033\060\031\006
+\003\125\004\003\023\022\103\101\040\127\157\123\151\147\156\040
+\105\103\103\040\122\157\157\164
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\033\060\031\006
+\003\125\004\003\023\022\103\101\040\127\157\123\151\147\156\040
+\105\103\103\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\150\112\130\160\200\153\360\217\002\372\366\336\350\260
+\220\220
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\011\060\202\001\217\240\003\002\001\002\002\020\150
+\112\130\160\200\153\360\217\002\372\366\336\350\260\220\220\060
+\012\006\010\052\206\110\316\075\004\003\003\060\106\061\013\060
+\011\006\003\125\004\006\023\002\103\116\061\032\060\030\006\003
+\125\004\012\023\021\127\157\123\151\147\156\040\103\101\040\114
+\151\155\151\164\145\144\061\033\060\031\006\003\125\004\003\023
+\022\103\101\040\127\157\123\151\147\156\040\105\103\103\040\122
+\157\157\164\060\036\027\015\061\064\061\061\060\070\060\060\065
+\070\065\070\132\027\015\064\064\061\061\060\070\060\060\065\070
+\065\070\132\060\106\061\013\060\011\006\003\125\004\006\023\002
+\103\116\061\032\060\030\006\003\125\004\012\023\021\127\157\123
+\151\147\156\040\103\101\040\114\151\155\151\164\145\144\061\033
+\060\031\006\003\125\004\003\023\022\103\101\040\127\157\123\151
+\147\156\040\105\103\103\040\122\157\157\164\060\166\060\020\006
+\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042\003
+\142\000\004\341\375\216\270\103\044\253\226\173\205\302\272\013
+\255\215\340\072\343\044\271\322\261\276\210\072\312\277\112\270
+\371\357\054\057\257\121\120\074\107\165\154\370\224\267\233\374
+\050\036\305\124\314\143\235\026\113\123\301\347\040\253\315\254
+\045\322\177\217\302\301\132\202\136\060\213\172\124\316\003\265
+\221\177\252\224\320\321\212\110\314\202\005\046\241\325\121\022
+\326\173\066\243\102\060\100\060\016\006\003\125\035\017\001\001
+\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004
+\026\004\024\252\375\325\132\243\366\207\213\062\205\375\321\062
+\133\200\105\223\363\003\270\060\012\006\010\052\206\110\316\075
+\004\003\003\003\150\000\060\145\002\061\000\344\244\204\260\201
+\325\075\260\164\254\224\244\350\016\075\000\164\114\241\227\153
+\371\015\121\074\241\331\073\364\015\253\251\237\276\116\162\312
+\205\324\331\354\265\062\105\030\157\253\255\002\060\175\307\367
+\151\143\057\241\341\230\357\023\020\321\171\077\321\376\352\073
+\177\336\126\364\220\261\025\021\330\262\042\025\320\057\303\046
+\056\153\361\221\262\220\145\364\232\346\220\356\112
+END
+
+# Trust for "CA WoSign ECC Root"
+# Issuer: CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
+# Serial Number:68:4a:58:70:80:6b:f0:8f:02:fa:f6:de:e8:b0:90:90
+# Subject: CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
+# Not Valid Before: Sat Nov 08 00:58:58 2014
+# Not Valid After : Tue Nov 08 00:58:58 2044
+# Fingerprint (SHA-256): 8B:45:DA:1C:06:F7:91:EB:0C:AB:F2:6B:E5:88:F5:FB:23:16:5C:2E:61:4B:F8:85:56:2D:0D:CE:50:B2:9B:02
+# Fingerprint (SHA1): D2:7A:D2:BE:ED:94:C0:A1:3C:C7:25:21:EA:5D:71:BE:81:19:F3:2B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "CA WoSign ECC Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\322\172\322\276\355\224\300\241\074\307\045\041\352\135\161\276
+\201\031\363\053
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\200\306\123\356\141\202\050\162\360\377\041\271\027\312\262\040
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\032\060\030\006\003\125\004\012\023\021\127\157\123\151\147\156
+\040\103\101\040\114\151\155\151\164\145\144\061\033\060\031\006
+\003\125\004\003\023\022\103\101\040\127\157\123\151\147\156\040
+\105\103\103\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\150\112\130\160\200\153\360\217\002\372\366\336\350\260
+\220\220
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SZAFIR ROOT CA2"
+#
+# Issuer: CN=SZAFIR ROOT CA2,O=Krajowa Izba Rozliczeniowa S.A.,C=PL
+# Serial Number:3e:8a:5d:07:ec:55:d2:32:d5:b7:e3:b6:5f:01:eb:2d:dc:e4:d6:e4
+# Subject: CN=SZAFIR ROOT CA2,O=Krajowa Izba Rozliczeniowa S.A.,C=PL
+# Not Valid Before: Mon Oct 19 07:43:30 2015
+# Not Valid After : Fri Oct 19 07:43:30 2035
+# Fingerprint (SHA-256): A1:33:9D:33:28:1A:0B:56:E5:57:D3:D3:2B:1C:E7:F9:36:7E:B0:94:BD:5F:A7:2A:7E:50:04:C8:DE:D7:CA:FE
+# Fingerprint (SHA1): E2:52:FA:95:3F:ED:DB:24:60:BD:6E:28:F3:9C:CC:CF:5E:B3:3F:DE
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SZAFIR ROOT CA2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\050\060\046\006\003\125\004\012\014\037\113\162\141\152\157\167
+\141\040\111\172\142\141\040\122\157\172\154\151\143\172\145\156
+\151\157\167\141\040\123\056\101\056\061\030\060\026\006\003\125
+\004\003\014\017\123\132\101\106\111\122\040\122\117\117\124\040
+\103\101\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\050\060\046\006\003\125\004\012\014\037\113\162\141\152\157\167
+\141\040\111\172\142\141\040\122\157\172\154\151\143\172\145\156
+\151\157\167\141\040\123\056\101\056\061\030\060\026\006\003\125
+\004\003\014\017\123\132\101\106\111\122\040\122\117\117\124\040
+\103\101\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\076\212\135\007\354\125\322\062\325\267\343\266\137\001
+\353\055\334\344\326\344
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\162\060\202\002\132\240\003\002\001\002\002\024\076
+\212\135\007\354\125\322\062\325\267\343\266\137\001\353\055\334
+\344\326\344\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\121\061\013\060\011\006\003\125\004\006\023\002\120
+\114\061\050\060\046\006\003\125\004\012\014\037\113\162\141\152
+\157\167\141\040\111\172\142\141\040\122\157\172\154\151\143\172
+\145\156\151\157\167\141\040\123\056\101\056\061\030\060\026\006
+\003\125\004\003\014\017\123\132\101\106\111\122\040\122\117\117
+\124\040\103\101\062\060\036\027\015\061\065\061\060\061\071\060
+\067\064\063\063\060\132\027\015\063\065\061\060\061\071\060\067
+\064\063\063\060\132\060\121\061\013\060\011\006\003\125\004\006
+\023\002\120\114\061\050\060\046\006\003\125\004\012\014\037\113
+\162\141\152\157\167\141\040\111\172\142\141\040\122\157\172\154
+\151\143\172\145\156\151\157\167\141\040\123\056\101\056\061\030
+\060\026\006\003\125\004\003\014\017\123\132\101\106\111\122\040
+\122\117\117\124\040\103\101\062\060\202\001\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
+\060\202\001\012\002\202\001\001\000\267\274\076\120\250\113\315
+\100\265\316\141\347\226\312\264\241\332\014\042\260\372\265\173
+\166\000\167\214\013\317\175\250\206\314\046\121\344\040\075\205
+\014\326\130\343\347\364\052\030\235\332\321\256\046\356\353\123
+\334\364\220\326\023\112\014\220\074\303\364\332\322\216\015\222
+\072\334\261\261\377\070\336\303\272\055\137\200\271\002\275\112
+\235\033\017\264\303\302\301\147\003\335\334\033\234\075\263\260
+\336\000\036\250\064\107\273\232\353\376\013\024\275\066\204\332
+\015\040\277\372\133\313\251\026\040\255\071\140\356\057\165\266
+\347\227\234\371\076\375\176\115\157\115\057\357\210\015\152\372
+\335\361\075\156\040\245\240\022\264\115\160\271\316\327\162\073
+\211\223\247\200\204\034\047\111\162\111\265\377\073\225\236\301
+\314\310\001\354\350\016\212\012\226\347\263\246\207\345\326\371
+\005\053\015\227\100\160\074\272\254\165\132\234\325\115\235\002
+\012\322\113\233\146\113\106\007\027\145\255\237\154\210\000\334
+\042\211\340\341\144\324\147\274\061\171\141\074\273\312\101\315
+\134\152\000\310\074\070\216\130\257\002\003\001\000\001\243\102
+\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\035\006\003\125\035\016\004\026\004\024\056\026
+\251\112\030\265\313\314\365\157\120\363\043\137\370\135\347\254
+\360\310\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\003\202\001\001\000\265\163\370\003\334\131\133\035\166\351
+\243\052\173\220\050\262\115\300\063\117\252\232\261\324\270\344
+\047\377\251\226\231\316\106\340\155\174\114\242\070\244\006\160
+\360\364\101\021\354\077\107\215\077\162\207\371\073\375\244\157
+\053\123\000\340\377\071\271\152\007\016\353\035\034\366\242\162
+\220\313\202\075\021\202\213\322\273\237\052\257\041\346\143\206
+\235\171\031\357\367\273\014\065\220\303\212\355\117\017\365\314
+\022\331\244\076\273\240\374\040\225\137\117\046\057\021\043\203
+\116\165\007\017\277\233\321\264\035\351\020\004\376\312\140\217
+\242\114\270\255\317\341\220\017\315\256\012\307\135\173\267\120
+\322\324\141\372\325\025\333\327\237\207\121\124\353\245\343\353
+\311\205\240\045\040\067\373\216\316\014\064\204\341\074\201\262
+\167\116\103\245\210\137\206\147\241\075\346\264\134\141\266\076
+\333\376\267\050\305\242\007\256\265\312\312\215\052\022\357\227
+\355\302\060\244\311\052\172\373\363\115\043\033\231\063\064\240
+\056\365\251\013\077\324\135\341\317\204\237\342\031\302\137\212
+\326\040\036\343\163\267
+END
+
+# Trust for "SZAFIR ROOT CA2"
+# Issuer: CN=SZAFIR ROOT CA2,O=Krajowa Izba Rozliczeniowa S.A.,C=PL
+# Serial Number:3e:8a:5d:07:ec:55:d2:32:d5:b7:e3:b6:5f:01:eb:2d:dc:e4:d6:e4
+# Subject: CN=SZAFIR ROOT CA2,O=Krajowa Izba Rozliczeniowa S.A.,C=PL
+# Not Valid Before: Mon Oct 19 07:43:30 2015
+# Not Valid After : Fri Oct 19 07:43:30 2035
+# Fingerprint (SHA-256): A1:33:9D:33:28:1A:0B:56:E5:57:D3:D3:2B:1C:E7:F9:36:7E:B0:94:BD:5F:A7:2A:7E:50:04:C8:DE:D7:CA:FE
+# Fingerprint (SHA1): E2:52:FA:95:3F:ED:DB:24:60:BD:6E:28:F3:9C:CC:CF:5E:B3:3F:DE
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SZAFIR ROOT CA2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\342\122\372\225\077\355\333\044\140\275\156\050\363\234\314\317
+\136\263\077\336
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\021\144\301\211\260\044\261\214\261\007\176\211\236\121\236\231
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\121\061\013\060\011\006\003\125\004\006\023\002\120\114\061
+\050\060\046\006\003\125\004\012\014\037\113\162\141\152\157\167
+\141\040\111\172\142\141\040\122\157\172\154\151\143\172\145\156
+\151\157\167\141\040\123\056\101\056\061\030\060\026\006\003\125
+\004\003\014\017\123\132\101\106\111\122\040\122\117\117\124\040
+\103\101\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\076\212\135\007\354\125\322\062\325\267\343\266\137\001
+\353\055\334\344\326\344
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certum Trusted Network CA 2"
+#
+# Issuer: CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Serial Number:21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9
+# Subject: CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Not Valid Before: Thu Oct 06 08:39:56 2011
+# Not Valid After : Sat Oct 06 08:39:56 2046
+# Fingerprint (SHA-256): B6:76:F2:ED:DA:E8:77:5C:D3:6C:B0:F6:3C:D1:D4:60:39:61:F4:9E:62:65:BA:01:3A:2F:03:07:B6:D0:B8:04
+# Fingerprint (SHA1): D3:DD:48:3E:2B:BF:4C:05:E8:AF:10:F5:FA:76:26:CF:D3:DC:30:92
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certum Trusted Network CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\200\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145
+\164\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040
+\123\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103
+\145\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\061\044\060
+\042\006\003\125\004\003\023\033\103\145\162\164\165\155\040\124
+\162\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103
+\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\200\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145
+\164\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040
+\123\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103
+\145\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\061\044\060
+\042\006\003\125\004\003\023\033\103\145\162\164\165\155\040\124
+\162\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103
+\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\041\326\320\112\117\045\017\311\062\067\374\252\136\022
+\215\351
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\322\060\202\003\272\240\003\002\001\002\002\020\041
+\326\320\112\117\045\017\311\062\067\374\252\136\022\215\351\060
+\015\006\011\052\206\110\206\367\015\001\001\015\005\000\060\201
+\200\061\013\060\011\006\003\125\004\006\023\002\120\114\061\042
+\060\040\006\003\125\004\012\023\031\125\156\151\172\145\164\157
+\040\124\145\143\150\156\157\154\157\147\151\145\163\040\123\056
+\101\056\061\047\060\045\006\003\125\004\013\023\036\103\145\162
+\164\165\155\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\061\044\060\042\006
+\003\125\004\003\023\033\103\145\162\164\165\155\040\124\162\165
+\163\164\145\144\040\116\145\164\167\157\162\153\040\103\101\040
+\062\060\042\030\017\062\060\061\061\061\060\060\066\060\070\063
+\071\065\066\132\030\017\062\060\064\066\061\060\060\066\060\070
+\063\071\065\066\132\060\201\200\061\013\060\011\006\003\125\004
+\006\023\002\120\114\061\042\060\040\006\003\125\004\012\023\031
+\125\156\151\172\145\164\157\040\124\145\143\150\156\157\154\157
+\147\151\145\163\040\123\056\101\056\061\047\060\045\006\003\125
+\004\013\023\036\103\145\162\164\165\155\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\061\044\060\042\006\003\125\004\003\023\033\103\145\162
+\164\165\155\040\124\162\165\163\164\145\144\040\116\145\164\167
+\157\162\153\040\103\101\040\062\060\202\002\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000
+\060\202\002\012\002\202\002\001\000\275\371\170\370\346\325\200
+\014\144\235\206\033\226\144\147\077\042\072\036\165\001\175\357
+\373\134\147\214\311\314\134\153\251\221\346\271\102\345\040\113
+\233\332\233\173\271\231\135\331\233\200\113\327\204\100\053\047
+\323\350\272\060\273\076\011\032\247\111\225\357\053\100\044\302
+\227\307\247\356\233\045\357\250\012\000\227\205\132\252\235\334
+\051\311\342\065\007\353\160\115\112\326\301\263\126\270\241\101
+\070\233\321\373\061\177\217\340\137\341\261\077\017\216\026\111
+\140\327\006\215\030\371\252\046\020\253\052\323\320\321\147\215
+\033\106\276\107\060\325\056\162\321\305\143\332\347\143\171\104
+\176\113\143\044\211\206\056\064\077\051\114\122\213\052\247\300
+\342\221\050\211\271\300\133\371\035\331\347\047\255\377\232\002
+\227\301\306\120\222\233\002\054\275\251\271\064\131\012\277\204
+\112\377\337\376\263\237\353\331\236\340\230\043\354\246\153\167
+\026\052\333\314\255\073\034\244\207\334\106\163\136\031\142\150
+\105\127\344\220\202\102\273\102\326\360\141\340\301\243\075\146
+\243\135\364\030\356\210\311\215\027\105\051\231\062\165\002\061
+\356\051\046\310\153\002\346\265\142\105\177\067\025\132\043\150
+\211\324\076\336\116\047\260\360\100\014\274\115\027\313\115\242
+\263\036\320\006\132\335\366\223\317\127\165\231\365\372\206\032
+\147\170\263\277\226\376\064\334\275\347\122\126\345\263\345\165
+\173\327\101\221\005\334\135\151\343\225\015\103\271\374\203\226
+\071\225\173\154\200\132\117\023\162\306\327\175\051\172\104\272
+\122\244\052\325\101\106\011\040\376\042\240\266\133\060\215\274
+\211\014\325\327\160\370\207\122\375\332\357\254\121\056\007\263
+\116\376\320\011\332\160\357\230\372\126\346\155\333\265\127\113
+\334\345\054\045\025\310\236\056\170\116\370\332\234\236\206\054
+\312\127\363\032\345\310\222\213\032\202\226\172\303\274\120\022
+\151\330\016\132\106\213\072\353\046\372\043\311\266\260\201\276
+\102\000\244\370\326\376\060\056\307\322\106\366\345\216\165\375
+\362\314\271\320\207\133\314\006\020\140\273\203\065\267\136\147
+\336\107\354\231\110\361\244\241\025\376\255\214\142\216\071\125
+\117\071\026\271\261\143\235\377\267\002\003\001\000\001\243\102
+\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\035\006\003\125\035\016\004\026\004\024\266\241
+\124\071\002\303\240\077\216\212\274\372\324\370\034\246\321\072
+\016\375\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\006\060\015\006\011\052\206\110\206\367\015\001\001\015\005
+\000\003\202\002\001\000\161\245\016\316\344\351\277\077\070\325
+\211\132\304\002\141\373\114\305\024\027\055\213\117\123\153\020
+\027\374\145\204\307\020\111\220\336\333\307\046\223\210\046\157
+\160\326\002\136\071\240\367\217\253\226\265\245\023\134\201\024
+\155\016\201\202\021\033\212\116\306\117\245\335\142\036\104\337
+\011\131\364\133\167\013\067\351\213\040\306\370\012\116\056\130
+\034\353\063\320\317\206\140\311\332\373\200\057\236\114\140\204
+\170\075\041\144\326\373\101\037\030\017\347\311\165\161\275\275
+\134\336\064\207\076\101\260\016\366\271\326\077\011\023\226\024
+\057\336\232\035\132\271\126\316\065\072\260\137\160\115\136\343
+\051\361\043\050\162\131\266\253\302\214\146\046\034\167\054\046
+\166\065\213\050\247\151\240\371\073\365\043\335\205\020\164\311
+\220\003\126\221\347\257\272\107\324\022\227\021\042\343\242\111
+\224\154\347\267\224\113\272\055\244\332\063\213\114\246\104\377
+\132\074\306\035\144\330\265\061\344\246\074\172\250\127\013\333
+\355\141\032\313\361\316\163\167\143\244\207\157\114\121\070\326
+\344\137\307\237\266\201\052\344\205\110\171\130\136\073\370\333
+\002\202\147\301\071\333\303\164\113\075\066\036\371\051\223\210
+\150\133\250\104\031\041\360\247\350\201\015\054\350\223\066\264
+\067\262\312\260\033\046\172\232\045\037\232\232\200\236\113\052
+\077\373\243\232\376\163\062\161\302\236\306\162\341\212\150\047
+\361\344\017\264\304\114\245\141\223\370\227\020\007\052\060\045
+\251\271\310\161\270\357\150\314\055\176\365\340\176\017\202\250
+\157\266\272\154\203\103\167\315\212\222\027\241\236\133\170\026
+\075\105\342\063\162\335\341\146\312\231\323\311\305\046\375\015
+\150\004\106\256\266\331\233\214\276\031\276\261\306\362\031\343
+\134\002\312\054\330\157\112\007\331\311\065\332\100\165\362\304
+\247\031\157\236\102\020\230\165\346\225\213\140\274\355\305\022
+\327\212\316\325\230\134\126\226\003\305\356\167\006\065\377\317
+\344\356\077\023\141\356\333\332\055\205\360\315\256\235\262\030
+\011\105\303\222\241\162\027\374\107\266\240\013\054\361\304\336
+\103\150\010\152\137\073\360\166\143\373\314\006\054\246\306\342
+\016\265\271\276\044\217
+END
+
+# Trust for "Certum Trusted Network CA 2"
+# Issuer: CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Serial Number:21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9
+# Subject: CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
+# Not Valid Before: Thu Oct 06 08:39:56 2011
+# Not Valid After : Sat Oct 06 08:39:56 2046
+# Fingerprint (SHA-256): B6:76:F2:ED:DA:E8:77:5C:D3:6C:B0:F6:3C:D1:D4:60:39:61:F4:9E:62:65:BA:01:3A:2F:03:07:B6:D0:B8:04
+# Fingerprint (SHA1): D3:DD:48:3E:2B:BF:4C:05:E8:AF:10:F5:FA:76:26:CF:D3:DC:30:92
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certum Trusted Network CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\323\335\110\076\053\277\114\005\350\257\020\365\372\166\046\317
+\323\334\060\222
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\155\106\236\331\045\155\010\043\133\136\164\175\036\047\333\362
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\200\061\013\060\011\006\003\125\004\006\023\002\120\114
+\061\042\060\040\006\003\125\004\012\023\031\125\156\151\172\145
+\164\157\040\124\145\143\150\156\157\154\157\147\151\145\163\040
+\123\056\101\056\061\047\060\045\006\003\125\004\013\023\036\103
+\145\162\164\165\155\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\061\044\060
+\042\006\003\125\004\003\023\033\103\145\162\164\165\155\040\124
+\162\165\163\164\145\144\040\116\145\164\167\157\162\153\040\103
+\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\041\326\320\112\117\045\017\311\062\067\374\252\136\022
+\215\351
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Hellenic Academic and Research Institutions RootCA 2015"
+#
+# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Serial Number: 0 (0x0)
+# Subject: CN=Hellenic Academic and Research Institutions RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Not Valid Before: Tue Jul 07 10:11:21 2015
+# Not Valid After : Sat Jun 30 10:11:21 2040
+# Fingerprint (SHA-256): A0:40:92:9A:02:CE:53:B4:AC:F4:F2:FF:C6:98:1C:E4:49:6F:75:5E:6D:45:FE:0B:2A:69:2B:CD:52:52:3F:36
+# Fingerprint (SHA1): 01:0C:06:95:A6:98:19:14:FF:BF:5F:C6:B0:B6:95:EA:29:E9:12:A6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hellenic Academic and Research Institutions RootCA 2015"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\246\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156
+\163\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154
+\145\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156
+\144\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151
+\164\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165
+\164\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003
+\023\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157
+\157\164\103\101\040\062\060\061\065
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\246\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156
+\163\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154
+\145\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156
+\144\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151
+\164\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165
+\164\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003
+\023\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157
+\157\164\103\101\040\062\060\061\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\006\013\060\202\003\363\240\003\002\001\002\002\001\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\246\061\013\060\011\006\003\125\004\006\023\002\107\122\061
+\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156\163
+\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154\145
+\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144
+\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164
+\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165\164
+\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003\023
+\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145\155
+\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150\040
+\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157\157
+\164\103\101\040\062\060\061\065\060\036\027\015\061\065\060\067
+\060\067\061\060\061\061\062\061\132\027\015\064\060\060\066\063
+\060\061\060\061\061\062\061\132\060\201\246\061\013\060\011\006
+\003\125\004\006\023\002\107\122\061\017\060\015\006\003\125\004
+\007\023\006\101\164\150\145\156\163\061\104\060\102\006\003\125
+\004\012\023\073\110\145\154\154\145\156\151\143\040\101\143\141
+\144\145\155\151\143\040\141\156\144\040\122\145\163\145\141\162
+\143\150\040\111\156\163\164\151\164\165\164\151\157\156\163\040
+\103\145\162\164\056\040\101\165\164\150\157\162\151\164\171\061
+\100\060\076\006\003\125\004\003\023\067\110\145\154\154\145\156
+\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144\040
+\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164\165
+\164\151\157\156\163\040\122\157\157\164\103\101\040\062\060\061
+\065\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
+\001\000\302\370\251\077\033\211\374\074\074\004\135\075\220\066
+\260\221\072\171\074\146\132\357\155\071\001\111\032\264\267\317
+\177\115\043\123\267\220\000\343\023\052\050\246\061\361\221\000
+\343\050\354\256\041\101\316\037\332\375\175\022\133\001\203\017
+\271\260\137\231\341\362\022\203\200\115\006\076\337\254\257\347
+\241\210\153\061\257\360\213\320\030\063\270\333\105\152\064\364
+\002\200\044\050\012\002\025\225\136\166\052\015\231\072\024\133
+\366\313\313\123\274\023\115\001\210\067\224\045\033\102\274\042
+\330\216\243\226\136\072\331\062\333\076\350\360\020\145\355\164
+\341\057\247\174\257\047\064\273\051\175\233\266\317\011\310\345
+\323\012\374\210\145\145\164\012\334\163\034\134\315\100\261\034
+\324\266\204\214\114\120\317\150\216\250\131\256\302\047\116\202
+\242\065\335\024\364\037\377\262\167\325\207\057\252\156\175\044
+\047\347\306\313\046\346\345\376\147\007\143\330\105\015\335\072
+\131\145\071\130\172\222\231\162\075\234\204\136\210\041\270\325
+\364\054\374\331\160\122\117\170\270\275\074\053\213\225\230\365
+\263\321\150\317\040\024\176\114\134\137\347\213\345\365\065\201
+\031\067\327\021\010\267\146\276\323\112\316\203\127\000\072\303
+\201\370\027\313\222\066\135\321\243\330\165\033\341\213\047\352
+\172\110\101\375\105\031\006\255\047\231\116\301\160\107\335\265
+\237\201\123\022\345\261\214\110\135\061\103\027\343\214\306\172
+\143\226\113\051\060\116\204\116\142\031\136\074\316\227\220\245
+\177\001\353\235\340\370\213\211\335\045\230\075\222\266\176\357
+\331\361\121\121\175\055\046\310\151\131\141\340\254\152\270\052
+\066\021\004\172\120\275\062\204\276\057\334\162\325\327\035\026
+\107\344\107\146\040\077\364\226\305\257\216\001\172\245\017\172
+\144\365\015\030\207\331\256\210\325\372\204\301\072\300\151\050
+\055\362\015\150\121\252\343\245\167\306\244\220\016\241\067\213
+\061\043\107\301\011\010\353\156\367\170\233\327\202\374\204\040
+\231\111\031\266\022\106\261\373\105\125\026\251\243\145\254\234
+\007\017\352\153\334\037\056\006\162\354\206\210\022\344\055\333
+\137\005\057\344\360\003\323\046\063\347\200\302\315\102\241\027
+\064\013\002\003\001\000\001\243\102\060\100\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003
+\125\035\016\004\026\004\024\161\025\147\310\310\311\275\165\135
+\162\320\070\030\152\235\363\161\044\124\013\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\165
+\273\155\124\113\252\020\130\106\064\362\142\327\026\066\135\010
+\136\325\154\310\207\275\264\056\106\362\061\370\174\352\102\265
+\223\026\125\334\241\014\022\240\332\141\176\017\130\130\163\144
+\162\307\350\105\216\334\251\362\046\077\306\171\214\261\123\010
+\063\201\260\126\023\276\346\121\134\330\233\012\117\113\234\126
+\123\002\351\117\366\015\140\352\115\102\125\350\174\033\041\041
+\323\033\072\314\167\362\270\220\361\150\307\371\132\376\372\055
+\364\277\311\365\105\033\316\070\020\052\067\212\171\243\264\343
+\011\154\205\206\223\377\211\226\047\170\201\217\147\343\106\164
+\124\216\331\015\151\342\112\364\115\164\003\377\262\167\355\225
+\147\227\344\261\305\253\277\152\043\350\324\224\342\104\050\142
+\304\113\342\360\330\342\051\153\032\160\176\044\141\223\173\117
+\003\062\045\015\105\044\053\226\264\106\152\277\112\013\367\232
+\217\301\254\032\305\147\363\157\064\322\372\163\143\214\357\026
+\260\250\244\106\052\370\353\022\354\162\264\357\370\053\176\214
+\122\300\213\204\124\371\057\076\343\125\250\334\146\261\331\341
+\137\330\263\214\131\064\131\244\253\117\154\273\037\030\333\165
+\253\330\313\222\315\224\070\141\016\007\006\037\113\106\020\361
+\025\276\215\205\134\073\112\053\201\171\017\264\151\237\111\120
+\227\115\367\016\126\135\300\225\152\302\066\303\033\150\311\365
+\052\334\107\232\276\262\316\305\045\350\372\003\271\332\371\026
+\156\221\204\365\034\050\310\374\046\314\327\034\220\126\247\137
+\157\072\004\274\315\170\211\013\216\017\057\243\252\117\242\033
+\022\075\026\010\100\017\361\106\114\327\252\173\010\301\012\365
+\155\047\336\002\217\312\303\265\053\312\351\353\310\041\123\070
+\245\314\073\330\167\067\060\242\117\331\157\321\362\100\255\101
+\172\027\305\326\112\065\211\267\101\325\174\206\177\125\115\203
+\112\245\163\040\300\072\257\220\361\232\044\216\331\216\161\312
+\173\270\206\332\262\217\231\076\035\023\015\022\021\356\324\253
+\360\351\025\166\002\344\340\337\252\040\036\133\141\205\144\100
+\251\220\227\015\255\123\322\132\035\207\152\000\227\145\142\264
+\276\157\152\247\365\054\102\355\062\255\266\041\236\276\274
+END
+
+# Trust for "Hellenic Academic and Research Institutions RootCA 2015"
+# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Serial Number: 0 (0x0)
+# Subject: CN=Hellenic Academic and Research Institutions RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Not Valid Before: Tue Jul 07 10:11:21 2015
+# Not Valid After : Sat Jun 30 10:11:21 2040
+# Fingerprint (SHA-256): A0:40:92:9A:02:CE:53:B4:AC:F4:F2:FF:C6:98:1C:E4:49:6F:75:5E:6D:45:FE:0B:2A:69:2B:CD:52:52:3F:36
+# Fingerprint (SHA1): 01:0C:06:95:A6:98:19:14:FF:BF:5F:C6:B0:B6:95:EA:29:E9:12:A6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hellenic Academic and Research Institutions RootCA 2015"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\001\014\006\225\246\230\031\024\377\277\137\306\260\266\225\352
+\051\351\022\246
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\312\377\342\333\003\331\313\113\351\017\255\204\375\173\030\316
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\246\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156
+\163\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154
+\145\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156
+\144\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151
+\164\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165
+\164\150\157\162\151\164\171\061\100\060\076\006\003\125\004\003
+\023\067\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\122\157
+\157\164\103\101\040\062\060\061\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Hellenic Academic and Research Institutions ECC RootCA 2015"
+#
+# Issuer: CN=Hellenic Academic and Research Institutions ECC RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Serial Number: 0 (0x0)
+# Subject: CN=Hellenic Academic and Research Institutions ECC RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Not Valid Before: Tue Jul 07 10:37:12 2015
+# Not Valid After : Sat Jun 30 10:37:12 2040
+# Fingerprint (SHA-256): 44:B5:45:AA:8A:25:E6:5A:73:CA:15:DC:27:FC:36:D2:4C:1C:B9:95:3A:06:65:39:B1:15:82:DC:48:7B:48:33
+# Fingerprint (SHA1): 9F:F1:71:8D:92:D5:9A:F3:7D:74:97:B4:BC:6F:84:68:0B:BA:B6:66
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hellenic Academic and Research Institutions ECC RootCA 2015"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\252\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156
+\163\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154
+\145\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156
+\144\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151
+\164\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165
+\164\150\157\162\151\164\171\061\104\060\102\006\003\125\004\003
+\023\073\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\105\103
+\103\040\122\157\157\164\103\101\040\062\060\061\065
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\252\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156
+\163\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154
+\145\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156
+\144\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151
+\164\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165
+\164\150\157\162\151\164\171\061\104\060\102\006\003\125\004\003
+\023\073\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\105\103
+\103\040\122\157\157\164\103\101\040\062\060\061\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\303\060\202\002\112\240\003\002\001\002\002\001\000
+\060\012\006\010\052\206\110\316\075\004\003\002\060\201\252\061
+\013\060\011\006\003\125\004\006\023\002\107\122\061\017\060\015
+\006\003\125\004\007\023\006\101\164\150\145\156\163\061\104\060
+\102\006\003\125\004\012\023\073\110\145\154\154\145\156\151\143
+\040\101\143\141\144\145\155\151\143\040\141\156\144\040\122\145
+\163\145\141\162\143\150\040\111\156\163\164\151\164\165\164\151
+\157\156\163\040\103\145\162\164\056\040\101\165\164\150\157\162
+\151\164\171\061\104\060\102\006\003\125\004\003\023\073\110\145
+\154\154\145\156\151\143\040\101\143\141\144\145\155\151\143\040
+\141\156\144\040\122\145\163\145\141\162\143\150\040\111\156\163
+\164\151\164\165\164\151\157\156\163\040\105\103\103\040\122\157
+\157\164\103\101\040\062\060\061\065\060\036\027\015\061\065\060
+\067\060\067\061\060\063\067\061\062\132\027\015\064\060\060\066
+\063\060\061\060\063\067\061\062\132\060\201\252\061\013\060\011
+\006\003\125\004\006\023\002\107\122\061\017\060\015\006\003\125
+\004\007\023\006\101\164\150\145\156\163\061\104\060\102\006\003
+\125\004\012\023\073\110\145\154\154\145\156\151\143\040\101\143
+\141\144\145\155\151\143\040\141\156\144\040\122\145\163\145\141
+\162\143\150\040\111\156\163\164\151\164\165\164\151\157\156\163
+\040\103\145\162\164\056\040\101\165\164\150\157\162\151\164\171
+\061\104\060\102\006\003\125\004\003\023\073\110\145\154\154\145
+\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156\144
+\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151\164
+\165\164\151\157\156\163\040\105\103\103\040\122\157\157\164\103
+\101\040\062\060\061\065\060\166\060\020\006\007\052\206\110\316
+\075\002\001\006\005\053\201\004\000\042\003\142\000\004\222\240
+\101\350\113\202\204\134\342\370\061\021\231\206\144\116\011\045
+\057\235\101\057\012\256\065\117\164\225\262\121\144\153\215\153
+\346\077\160\225\360\005\104\107\246\162\070\120\166\225\002\132
+\216\256\050\236\371\055\116\231\357\054\110\157\114\045\051\350
+\321\161\133\337\035\301\165\067\264\327\372\173\172\102\234\152
+\012\126\132\174\151\013\252\200\011\044\154\176\301\106\243\102
+\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\035\006\003\125\035\016\004\026\004\024\264\042
+\013\202\231\044\001\016\234\273\344\016\375\277\373\227\040\223
+\231\052\060\012\006\010\052\206\110\316\075\004\003\002\003\147
+\000\060\144\002\060\147\316\026\142\070\242\254\142\105\247\251
+\225\044\300\032\047\234\062\073\300\300\325\272\251\347\370\004
+\103\123\205\356\122\041\336\235\365\045\203\076\236\130\113\057
+\327\147\023\016\041\002\060\005\341\165\001\336\150\355\052\037
+\115\114\011\010\015\354\113\255\144\027\050\347\165\316\105\145
+\162\041\027\313\042\101\016\214\023\230\070\232\124\155\233\312
+\342\174\352\002\130\042\221
+END
+
+# Trust for "Hellenic Academic and Research Institutions ECC RootCA 2015"
+# Issuer: CN=Hellenic Academic and Research Institutions ECC RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Serial Number: 0 (0x0)
+# Subject: CN=Hellenic Academic and Research Institutions ECC RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
+# Not Valid Before: Tue Jul 07 10:37:12 2015
+# Not Valid After : Sat Jun 30 10:37:12 2040
+# Fingerprint (SHA-256): 44:B5:45:AA:8A:25:E6:5A:73:CA:15:DC:27:FC:36:D2:4C:1C:B9:95:3A:06:65:39:B1:15:82:DC:48:7B:48:33
+# Fingerprint (SHA1): 9F:F1:71:8D:92:D5:9A:F3:7D:74:97:B4:BC:6F:84:68:0B:BA:B6:66
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Hellenic Academic and Research Institutions ECC RootCA 2015"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\237\361\161\215\222\325\232\363\175\164\227\264\274\157\204\150
+\013\272\266\146
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\201\345\264\027\353\302\365\341\113\015\101\173\111\222\376\357
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\252\061\013\060\011\006\003\125\004\006\023\002\107\122
+\061\017\060\015\006\003\125\004\007\023\006\101\164\150\145\156
+\163\061\104\060\102\006\003\125\004\012\023\073\110\145\154\154
+\145\156\151\143\040\101\143\141\144\145\155\151\143\040\141\156
+\144\040\122\145\163\145\141\162\143\150\040\111\156\163\164\151
+\164\165\164\151\157\156\163\040\103\145\162\164\056\040\101\165
+\164\150\157\162\151\164\171\061\104\060\102\006\003\125\004\003
+\023\073\110\145\154\154\145\156\151\143\040\101\143\141\144\145
+\155\151\143\040\141\156\144\040\122\145\163\145\141\162\143\150
+\040\111\156\163\164\151\164\165\164\151\157\156\163\040\105\103
+\103\040\122\157\157\164\103\101\040\062\060\061\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certplus Root CA G1"
+#
+# Issuer: CN=Certplus Root CA G1,O=Certplus,C=FR
+# Serial Number:11:20:55:83:e4:2d:3e:54:56:85:2d:83:37:b7:2c:dc:46:11
+# Subject: CN=Certplus Root CA G1,O=Certplus,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 15:2A:40:2B:FC:DF:2C:D5:48:05:4D:22:75:B3:9C:7F:CA:3E:C0:97:80:78:B0:F0:EA:76:E5:61:A6:C7:43:3E
+# Fingerprint (SHA1): 22:FD:D0:B7:FD:A2:4E:0D:AC:49:2C:A0:AC:A6:7B:6A:1F:E3:F7:66
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certplus Root CA G1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\125\203\344\055\076\124\126\205\055\203\067\267
+\054\334\106\021
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\153\060\202\003\123\240\003\002\001\002\002\022\021
+\040\125\203\344\055\076\124\126\205\055\203\067\267\054\334\106
+\021\060\015\006\011\052\206\110\206\367\015\001\001\015\005\000
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+\060\036\027\015\061\064\060\065\062\066\060\060\060\060\060\060
+\132\027\015\063\070\060\061\061\065\060\060\060\060\060\060\132
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\332\120\207\266\332\270\251\076\235\144\372\126\063\232\126
+\075\026\345\003\225\262\064\034\232\155\142\005\324\330\217\347
+\211\144\237\272\333\144\213\144\346\171\052\141\315\257\217\132
+\211\221\145\271\130\374\264\003\137\221\077\055\020\025\340\176
+\317\274\374\177\103\147\250\255\136\066\043\330\230\263\115\363
+\103\236\071\174\052\374\354\210\325\210\356\160\275\205\026\055
+\352\113\211\074\243\161\102\376\034\375\323\034\055\020\270\206
+\124\352\103\270\333\306\207\332\250\256\200\045\317\172\046\035
+\252\221\260\110\157\256\265\336\236\330\327\372\000\375\306\217
+\320\121\273\142\175\244\261\214\262\377\040\021\272\065\143\005
+\206\107\140\103\063\220\366\107\242\003\117\226\115\235\117\301
+\352\352\234\242\376\064\056\336\267\312\033\166\244\267\255\237
+\351\250\324\170\077\170\376\362\070\011\066\035\322\026\002\310
+\354\052\150\257\365\216\224\357\055\023\172\036\102\112\035\025
+\061\256\014\004\127\374\141\163\363\061\126\206\061\200\240\304
+\021\156\060\166\343\224\360\137\004\304\254\207\162\211\230\305
+\235\314\127\010\232\364\014\374\175\172\005\072\372\107\200\071
+\266\317\204\023\167\157\047\352\377\226\147\027\010\155\351\015
+\326\043\120\060\260\025\164\023\076\345\057\377\016\315\304\013
+\112\135\360\330\000\063\111\146\353\241\030\174\131\056\075\050
+\271\141\161\313\265\245\272\270\352\334\342\160\157\010\152\334
+\207\147\064\357\337\060\162\335\363\311\077\043\377\065\341\276
+\041\051\040\060\201\344\031\245\040\351\045\312\163\061\164\051
+\276\342\102\325\363\262\046\146\307\150\375\031\263\347\040\223
+\231\350\135\340\136\207\347\106\350\045\234\012\051\044\324\315
+\130\206\122\100\044\262\173\017\230\022\040\044\366\220\154\107
+\310\015\273\030\040\056\331\375\374\213\362\051\352\207\164\225
+\340\102\120\170\204\004\101\141\260\364\041\043\217\055\313\050
+\041\362\152\154\364\032\246\305\024\264\067\145\117\225\375\200
+\310\370\162\345\045\153\304\140\261\173\155\216\112\212\163\316
+\131\373\160\172\163\006\023\331\323\164\067\044\101\012\021\157
+\227\334\347\344\176\241\275\025\362\272\207\017\075\150\212\026
+\007\002\003\001\000\001\243\143\060\141\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125
+\035\016\004\026\004\024\250\301\300\233\221\250\103\025\174\135
+\006\047\264\052\121\330\227\013\201\261\060\037\006\003\125\035
+\043\004\030\060\026\200\024\250\301\300\233\221\250\103\025\174
+\135\006\047\264\052\121\330\227\013\201\261\060\015\006\011\052
+\206\110\206\367\015\001\001\015\005\000\003\202\002\001\000\234
+\126\157\001\176\321\275\114\365\212\306\360\046\037\344\340\070
+\030\314\062\303\051\073\235\101\051\064\141\306\327\360\000\241
+\353\244\162\217\224\027\274\023\054\165\264\127\356\012\174\011
+\172\334\325\312\241\320\064\023\370\167\253\237\345\376\330\036
+\164\212\205\007\217\177\314\171\172\312\226\315\315\375\117\373
+\375\043\015\220\365\364\136\323\306\141\175\236\021\340\002\356
+\011\004\331\007\335\246\212\267\014\203\044\273\203\120\222\376
+\140\165\021\076\330\235\260\212\172\265\340\235\233\313\220\122
+\113\260\223\052\324\076\026\063\345\236\306\145\025\076\144\073
+\004\077\333\014\217\137\134\035\151\037\257\363\351\041\214\363
+\357\227\366\232\267\031\266\204\164\234\243\124\265\160\116\143
+\330\127\135\123\041\233\100\222\103\372\326\167\125\063\117\144
+\325\373\320\054\152\216\155\045\246\357\205\350\002\304\123\076
+\271\236\207\274\314\065\032\336\241\351\212\143\207\145\036\021
+\052\333\143\167\227\024\276\232\024\231\021\262\300\356\260\117
+\370\024\041\062\103\117\237\253\242\313\250\017\252\073\006\125
+\306\022\051\127\010\324\067\327\207\047\255\111\131\247\221\253
+\104\172\136\215\160\333\227\316\110\120\261\163\223\366\360\203
+\140\371\315\361\341\061\375\133\174\161\041\143\024\024\252\257
+\305\336\223\176\150\261\354\042\242\252\220\165\236\265\103\162
+\352\144\243\204\113\375\014\250\046\153\161\227\356\126\143\146
+\350\102\124\371\307\035\337\320\217\133\337\310\060\157\210\376
+\015\304\063\034\123\250\243\375\110\020\362\344\012\116\341\025
+\127\374\156\144\060\302\125\021\334\352\251\315\112\124\254\051
+\143\104\317\112\100\240\326\150\131\033\063\371\357\072\213\333
+\040\222\334\102\204\277\001\253\207\300\325\040\202\333\306\271
+\203\205\102\134\017\103\073\152\111\065\325\230\364\025\277\372
+\141\201\014\011\040\030\322\320\027\014\313\110\000\120\351\166
+\202\214\144\327\072\240\007\125\314\036\061\300\357\072\264\145
+\373\343\277\102\153\236\017\250\275\153\230\334\330\333\313\213
+\244\335\327\131\364\156\335\376\252\303\221\320\056\102\007\300
+\014\115\123\315\044\261\114\133\036\121\364\337\351\222\372
+END
+
+# Trust for "Certplus Root CA G1"
+# Issuer: CN=Certplus Root CA G1,O=Certplus,C=FR
+# Serial Number:11:20:55:83:e4:2d:3e:54:56:85:2d:83:37:b7:2c:dc:46:11
+# Subject: CN=Certplus Root CA G1,O=Certplus,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 15:2A:40:2B:FC:DF:2C:D5:48:05:4D:22:75:B3:9C:7F:CA:3E:C0:97:80:78:B0:F0:EA:76:E5:61:A6:C7:43:3E
+# Fingerprint (SHA1): 22:FD:D0:B7:FD:A2:4E:0D:AC:49:2C:A0:AC:A6:7B:6A:1F:E3:F7:66
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certplus Root CA G1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\042\375\320\267\375\242\116\015\254\111\054\240\254\246\173\152
+\037\343\367\146
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\177\011\234\367\331\271\134\151\151\126\325\067\076\024\015\102
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\125\203\344\055\076\124\126\205\055\203\067\267
+\054\334\106\021
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Certplus Root CA G2"
+#
+# Issuer: CN=Certplus Root CA G2,O=Certplus,C=FR
+# Serial Number:11:20:d9:91:ce:ae:a3:e8:c5:e7:ff:e9:02:af:cf:73:bc:55
+# Subject: CN=Certplus Root CA G2,O=Certplus,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 6C:C0:50:41:E6:44:5E:74:69:6C:4C:FB:C9:F8:0F:54:3B:7E:AB:BB:44:B4:CE:6F:78:7C:6A:99:71:C4:2F:17
+# Fingerprint (SHA1): 4F:65:8E:1F:E9:06:D8:28:02:E9:54:47:41:C9:54:25:5D:69:CC:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certplus Root CA G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\331\221\316\256\243\350\305\347\377\351\002\257
+\317\163\274\125
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\034\060\202\001\242\240\003\002\001\002\002\022\021
+\040\331\221\316\256\243\350\305\347\377\351\002\257\317\163\274
+\125\060\012\006\010\052\206\110\316\075\004\003\003\060\076\061
+\013\060\011\006\003\125\004\006\023\002\106\122\061\021\060\017
+\006\003\125\004\012\014\010\103\145\162\164\160\154\165\163\061
+\034\060\032\006\003\125\004\003\014\023\103\145\162\164\160\154
+\165\163\040\122\157\157\164\040\103\101\040\107\062\060\036\027
+\015\061\064\060\065\062\066\060\060\060\060\060\060\132\027\015
+\063\070\060\061\061\065\060\060\060\060\060\060\132\060\076\061
+\013\060\011\006\003\125\004\006\023\002\106\122\061\021\060\017
+\006\003\125\004\012\014\010\103\145\162\164\160\154\165\163\061
+\034\060\032\006\003\125\004\003\014\023\103\145\162\164\160\154
+\165\163\040\122\157\157\164\040\103\101\040\107\062\060\166\060
+\020\006\007\052\206\110\316\075\002\001\006\005\053\201\004\000
+\042\003\142\000\004\315\017\133\126\202\337\360\105\032\326\255
+\367\171\360\035\311\254\226\326\236\116\234\037\264\102\021\312
+\206\277\155\373\205\243\305\345\031\134\327\356\246\077\151\147
+\330\170\342\246\311\304\333\055\171\056\347\213\215\002\157\061
+\042\115\006\343\140\162\105\235\016\102\167\236\316\317\345\177
+\205\233\030\344\374\314\056\162\323\026\223\116\312\231\143\134
+\241\005\052\154\006\243\143\060\141\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
+\016\004\026\004\024\332\203\143\002\171\216\332\114\306\074\043
+\024\330\217\303\040\253\050\140\131\060\037\006\003\125\035\043
+\004\030\060\026\200\024\332\203\143\002\171\216\332\114\306\074
+\043\024\330\217\303\040\253\050\140\131\060\012\006\010\052\206
+\110\316\075\004\003\003\003\150\000\060\145\002\060\160\376\260
+\013\331\367\203\227\354\363\125\035\324\334\263\006\016\376\063
+\230\235\213\071\220\153\224\041\355\266\327\135\326\114\327\041
+\247\347\277\041\017\053\315\367\052\334\205\007\235\002\061\000
+\206\024\026\345\334\260\145\302\300\216\024\237\277\044\026\150
+\345\274\371\171\151\334\255\105\053\367\266\061\163\314\006\245
+\123\223\221\032\223\256\160\152\147\272\327\236\345\141\032\137
+END
+
+# Trust for "Certplus Root CA G2"
+# Issuer: CN=Certplus Root CA G2,O=Certplus,C=FR
+# Serial Number:11:20:d9:91:ce:ae:a3:e8:c5:e7:ff:e9:02:af:cf:73:bc:55
+# Subject: CN=Certplus Root CA G2,O=Certplus,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 6C:C0:50:41:E6:44:5E:74:69:6C:4C:FB:C9:F8:0F:54:3B:7E:AB:BB:44:B4:CE:6F:78:7C:6A:99:71:C4:2F:17
+# Fingerprint (SHA1): 4F:65:8E:1F:E9:06:D8:28:02:E9:54:47:41:C9:54:25:5D:69:CC:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Certplus Root CA G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\117\145\216\037\351\006\330\050\002\351\124\107\101\311\124\045
+\135\151\314\032
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\247\356\304\170\055\033\356\055\271\051\316\326\247\226\062\061
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
+\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
+\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\331\221\316\256\243\350\305\347\377\351\002\257
+\317\163\274\125
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "OpenTrust Root CA G1"
+#
+# Issuer: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
+# Serial Number:11:20:b3:90:55:39:7d:7f:36:6d:64:c2:a7:9f:6b:63:8e:67
+# Subject: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
+# Not Valid Before: Mon May 26 08:45:50 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 56:C7:71:28:D9:8C:18:D9:1B:4C:FD:FF:BC:25:EE:91:03:D4:75:8E:A2:AB:AD:82:6A:90:F3:45:7D:46:0E:B4
+# Fingerprint (SHA1): 79:91:E8:34:F7:E2:EE:DD:08:95:01:52:E9:55:2D:14:E9:58:D5:7E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OpenTrust Root CA G1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\263\220\125\071\175\177\066\155\144\302\247\237
+\153\143\216\147
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\157\060\202\003\127\240\003\002\001\002\002\022\021
+\040\263\220\125\071\175\177\066\155\144\302\247\237\153\143\216
+\147\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\061\060\036\027\015\061\064\060\065\062\066\060\070\064\065
+\065\060\132\027\015\063\070\060\061\061\065\060\060\060\060\060
+\060\132\060\100\061\013\060\011\006\003\125\004\006\023\002\106
+\122\061\022\060\020\006\003\125\004\012\014\011\117\160\145\156
+\124\162\165\163\164\061\035\060\033\006\003\125\004\003\014\024
+\117\160\145\156\124\162\165\163\164\040\122\157\157\164\040\103
+\101\040\107\061\060\202\002\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
+\002\202\002\001\000\370\171\106\332\226\305\060\136\212\161\003
+\055\160\244\273\260\305\010\334\315\346\065\300\200\244\021\055
+\335\346\207\256\135\075\221\322\207\154\067\267\332\142\236\233
+\302\044\327\217\361\333\246\246\337\106\157\121\246\161\313\076
+\033\061\147\142\367\021\133\064\047\325\171\116\214\233\130\275
+\042\020\015\134\047\014\335\060\345\250\323\135\041\070\164\027
+\376\343\037\266\117\073\153\055\333\175\140\037\214\175\114\005
+\302\353\001\026\025\230\024\216\321\220\167\042\077\354\302\071
+\270\171\072\360\111\044\342\225\221\334\141\064\222\214\124\164
+\357\261\175\214\001\342\070\175\301\137\152\137\044\262\216\142
+\027\255\171\040\255\253\035\267\340\264\226\110\117\146\103\020
+\006\026\044\003\341\340\234\216\306\106\117\216\032\231\341\217
+\271\216\063\154\151\336\130\255\240\016\247\144\124\021\151\104
+\146\117\114\022\247\216\054\175\304\324\133\305\000\064\060\301
+\331\231\376\062\316\007\204\264\116\315\012\377\066\115\142\361
+\247\143\127\344\333\152\247\256\277\053\271\311\346\262\047\211
+\345\176\232\034\115\150\306\301\030\336\063\053\121\106\113\034
+\216\367\075\014\371\212\064\024\304\373\063\065\043\361\314\361
+\052\307\245\273\260\242\316\376\123\153\115\101\033\146\050\262
+\226\372\247\256\012\116\271\071\063\104\234\164\301\223\034\370
+\340\236\044\045\103\361\233\043\202\252\337\054\040\260\334\066
+\116\003\263\174\002\324\346\173\032\252\207\023\277\076\241\164
+\273\233\016\341\300\223\237\327\244\146\312\273\033\073\343\060
+\364\063\131\212\007\162\003\125\347\163\152\003\061\156\157\226
+\033\343\242\237\257\222\307\355\365\102\267\045\114\073\023\004
+\317\034\226\257\034\042\243\320\253\005\262\114\022\043\122\334
+\375\031\133\047\234\036\073\172\375\102\043\333\043\200\023\360
+\274\121\025\124\224\246\167\076\320\164\121\275\121\024\010\071
+\067\313\037\064\251\060\235\122\204\056\125\220\261\272\337\125
+\000\013\330\126\055\261\111\111\162\200\251\142\327\300\366\030
+\021\004\125\315\164\173\317\141\160\171\364\173\054\134\134\222
+\374\345\270\132\253\114\223\225\241\047\356\245\276\317\161\043
+\102\272\233\166\055\002\003\001\000\001\243\143\060\141\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\035\006\003\125\035\016\004\026\004\024\227\106\041\127\041\065
+\332\066\125\307\363\361\067\160\345\010\366\223\051\266\060\037
+\006\003\125\035\043\004\030\060\026\200\024\227\106\041\127\041
+\065\332\066\125\307\363\361\067\160\345\010\366\223\051\266\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202
+\002\001\000\035\335\002\140\174\340\065\247\346\230\173\352\104
+\316\147\100\117\362\223\156\146\324\071\211\046\254\323\115\004
+\074\273\207\041\077\067\364\161\045\332\113\272\253\226\202\201
+\221\266\355\331\261\244\145\227\342\157\144\131\244\226\356\140
+\312\037\043\373\105\272\377\217\044\360\312\251\061\177\171\037
+\200\263\055\062\272\144\147\140\257\271\131\315\337\232\111\323
+\250\202\261\371\230\224\212\314\340\273\340\004\033\231\140\261
+\106\145\334\010\242\262\106\236\104\210\352\223\176\127\026\322
+\025\162\137\056\113\253\324\235\143\270\343\110\345\376\204\056
+\130\012\237\103\035\376\267\030\222\206\103\113\016\234\062\206
+\054\140\365\351\110\352\225\355\160\051\361\325\057\375\065\264
+\127\317\333\205\110\231\271\302\157\154\217\315\170\225\254\144
+\050\375\126\260\303\157\303\276\131\122\341\137\204\217\200\362
+\364\015\066\255\166\263\243\265\341\144\166\072\130\334\175\117
+\136\126\154\345\125\131\127\245\337\361\212\146\060\214\324\122
+\142\070\167\264\276\050\327\312\066\304\233\005\360\370\025\333
+\333\361\357\064\235\035\170\112\210\126\147\156\140\377\217\310
+\213\341\216\275\102\251\063\012\131\102\022\022\052\372\261\235
+\103\216\005\233\231\332\142\255\127\066\263\035\266\015\171\055
+\226\270\353\362\014\113\014\245\224\306\060\247\046\031\055\355
+\114\006\120\060\361\375\130\075\271\113\027\137\031\264\152\204
+\124\264\070\117\071\242\015\226\150\303\050\224\375\355\055\037
+\112\153\103\226\056\220\001\020\373\070\246\201\013\320\277\165
+\323\324\271\316\361\077\157\016\034\036\067\161\345\030\207\165
+\031\077\120\271\136\244\105\064\255\260\312\346\345\023\166\017
+\061\024\251\216\055\224\326\325\205\115\163\025\117\113\362\262
+\076\355\154\275\375\016\235\146\163\260\075\264\367\277\250\340
+\021\244\304\256\165\011\112\143\000\110\040\246\306\235\013\011
+\212\264\340\346\316\076\307\076\046\070\351\053\336\246\010\111
+\003\004\220\212\351\217\277\350\266\264\052\243\043\215\034\034
+\262\071\222\250\217\002\134\100\071\165\324\163\101\002\167\336
+\315\340\103\207\326\344\272\112\303\154\022\177\376\052\346\043
+\326\214\161
+END
+
+# Trust for "OpenTrust Root CA G1"
+# Issuer: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
+# Serial Number:11:20:b3:90:55:39:7d:7f:36:6d:64:c2:a7:9f:6b:63:8e:67
+# Subject: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
+# Not Valid Before: Mon May 26 08:45:50 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 56:C7:71:28:D9:8C:18:D9:1B:4C:FD:FF:BC:25:EE:91:03:D4:75:8E:A2:AB:AD:82:6A:90:F3:45:7D:46:0E:B4
+# Fingerprint (SHA1): 79:91:E8:34:F7:E2:EE:DD:08:95:01:52:E9:55:2D:14:E9:58:D5:7E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OpenTrust Root CA G1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\171\221\350\064\367\342\356\335\010\225\001\122\351\125\055\024
+\351\130\325\176
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\166\000\314\201\051\315\125\136\210\152\172\056\367\115\071\332
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\263\220\125\071\175\177\066\155\144\302\247\237
+\153\143\216\147
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "OpenTrust Root CA G2"
+#
+# Issuer: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
+# Serial Number:11:20:a1:69:1b:bf:bd:b9:bd:52:96:8f:23:e8:48:bf:26:11
+# Subject: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 27:99:58:29:FE:6A:75:15:C1:BF:E8:48:F9:C4:76:1D:B1:6C:22:59:29:25:7B:F4:0D:08:94:F2:9E:A8:BA:F2
+# Fingerprint (SHA1): 79:5F:88:60:C5:AB:7C:3D:92:E6:CB:F4:8D:E1:45:CD:11:EF:60:0B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OpenTrust Root CA G2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\241\151\033\277\275\271\275\122\226\217\043\350
+\110\277\046\021
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\157\060\202\003\127\240\003\002\001\002\002\022\021
+\040\241\151\033\277\275\271\275\122\226\217\043\350\110\277\046
+\021\060\015\006\011\052\206\110\206\367\015\001\001\015\005\000
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\062\060\036\027\015\061\064\060\065\062\066\060\060\060\060
+\060\060\132\027\015\063\070\060\061\061\065\060\060\060\060\060
+\060\132\060\100\061\013\060\011\006\003\125\004\006\023\002\106
+\122\061\022\060\020\006\003\125\004\012\014\011\117\160\145\156
+\124\162\165\163\164\061\035\060\033\006\003\125\004\003\014\024
+\117\160\145\156\124\162\165\163\164\040\122\157\157\164\040\103
+\101\040\107\062\060\202\002\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
+\002\202\002\001\000\314\266\127\245\063\224\020\201\062\123\337
+\141\176\017\166\071\317\134\302\123\165\035\111\172\226\070\335
+\242\163\152\361\157\336\136\242\132\271\161\041\276\066\331\241
+\374\274\356\154\250\174\064\032\161\032\350\032\330\137\016\104
+\006\355\247\340\363\322\141\013\340\062\242\226\321\070\360\302
+\332\001\027\374\344\254\117\350\356\211\036\164\253\117\277\036
+\011\266\066\152\126\363\341\356\226\211\146\044\006\344\315\102
+\072\112\335\340\232\260\304\202\105\263\376\311\253\134\174\076
+\311\353\027\057\014\175\156\256\245\217\310\254\045\012\157\372
+\325\105\230\322\065\011\366\003\103\224\376\331\277\040\225\171
+\200\230\212\331\211\065\273\121\033\244\067\175\374\231\073\253
+\377\277\254\015\217\103\261\231\173\026\020\176\035\157\107\304
+\025\217\004\226\010\006\102\004\370\204\326\035\274\221\246\102
+\276\111\325\152\210\077\274\055\121\321\236\215\340\122\314\127
+\335\065\065\130\333\264\217\044\210\344\213\337\334\153\124\322
+\201\053\262\316\222\113\034\037\106\372\035\330\222\313\166\147
+\265\011\231\011\345\254\027\024\125\160\306\074\240\126\012\003
+\263\334\142\031\337\310\265\060\177\365\074\046\165\021\275\327
+\033\263\207\236\007\257\145\161\345\240\317\032\247\011\020\035
+\223\211\146\133\350\074\142\062\265\265\072\156\351\205\001\213
+\236\103\214\147\163\050\131\133\353\343\334\054\314\245\046\162
+\142\022\264\346\234\203\104\366\121\244\342\300\172\044\127\312
+\016\245\077\072\265\073\213\345\166\356\160\346\222\336\026\134
+\050\133\227\031\047\222\376\172\222\124\316\223\071\012\026\207
+\274\143\263\365\261\223\134\340\156\267\320\352\371\142\062\210
+\104\373\277\047\050\266\060\225\135\022\050\271\225\276\217\123
+\030\345\242\030\026\342\126\244\262\054\020\365\035\067\246\370
+\267\366\320\131\134\211\367\302\325\265\224\164\321\325\376\033
+\266\360\346\326\036\173\322\074\313\250\343\365\030\363\041\037
+\156\357\115\150\006\173\055\135\156\103\211\246\300\371\240\277
+\202\036\317\123\177\264\353\054\333\135\366\152\175\100\044\005
+\162\211\070\001\223\313\161\302\071\135\006\021\366\157\170\370
+\067\015\071\204\047\002\003\001\000\001\243\143\060\141\060\016
+\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\035\006\003\125\035\016\004\026\004\024\152\071\372\102\042\367
+\346\211\000\115\136\175\063\203\313\270\156\167\206\257\060\037
+\006\003\125\035\043\004\030\060\026\200\024\152\071\372\102\042
+\367\346\211\000\115\136\175\063\203\313\270\156\167\206\257\060
+\015\006\011\052\206\110\206\367\015\001\001\015\005\000\003\202
+\002\001\000\230\313\253\100\074\345\063\002\227\177\055\207\246
+\217\324\136\112\257\270\036\347\273\161\373\200\144\045\251\263
+\032\076\150\135\047\046\247\272\052\341\360\127\203\012\144\117
+\036\042\164\033\351\220\137\360\254\317\377\117\150\172\070\244
+\020\154\015\261\307\244\167\200\030\266\242\050\104\166\247\064
+\235\161\204\057\312\131\322\107\210\231\101\042\311\060\230\141
+\156\075\250\250\005\155\321\037\300\121\104\126\177\047\065\002
+\335\136\230\012\102\353\060\277\215\241\233\121\252\073\352\223
+\106\144\305\000\171\336\041\153\366\127\240\206\327\006\162\354
+\160\106\113\213\163\335\240\041\165\076\334\035\300\217\323\117
+\163\034\205\331\376\177\142\310\225\157\266\323\173\214\272\123
+\302\157\233\104\114\171\320\035\160\263\327\237\002\364\262\007
+\260\307\345\370\255\043\016\246\126\311\051\022\167\110\331\057
+\106\375\073\360\374\164\160\222\245\216\070\010\037\144\060\266
+\267\113\373\066\254\020\216\240\122\063\143\235\003\065\126\305
+\151\275\306\043\132\047\224\366\244\022\370\055\063\074\241\126
+\245\137\326\031\351\355\174\010\275\167\315\047\144\314\224\332
+\116\106\120\207\340\371\301\123\200\036\273\255\373\107\122\213
+\033\375\242\371\336\016\042\267\075\063\131\154\324\336\365\225
+\006\062\015\121\031\101\134\076\117\006\367\271\053\200\047\366
+\243\252\172\174\006\341\103\303\023\071\142\032\066\275\340\050
+\056\224\002\344\051\056\140\125\256\100\075\260\164\222\136\360
+\040\144\226\077\137\105\135\210\265\212\332\002\240\133\105\124
+\336\070\075\011\300\250\112\145\106\026\374\252\277\124\116\115
+\133\276\070\103\267\050\312\213\063\252\032\045\272\045\134\051
+\057\133\112\156\214\352\055\234\052\366\005\166\340\167\227\200
+\210\335\147\023\157\035\150\044\213\117\267\164\201\345\364\140
+\237\172\125\327\076\067\332\026\153\076\167\254\256\030\160\225
+\010\171\051\003\212\376\301\073\263\077\032\017\244\073\136\037
+\130\241\225\311\253\057\163\112\320\055\156\232\131\017\125\030
+\170\055\074\121\246\227\213\346\273\262\160\252\114\021\336\377
+\174\053\067\324\172\321\167\064\217\347\371\102\367\074\201\014
+\113\122\012
+END
+
+# Trust for "OpenTrust Root CA G2"
+# Issuer: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
+# Serial Number:11:20:a1:69:1b:bf:bd:b9:bd:52:96:8f:23:e8:48:bf:26:11
+# Subject: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): 27:99:58:29:FE:6A:75:15:C1:BF:E8:48:F9:C4:76:1D:B1:6C:22:59:29:25:7B:F4:0D:08:94:F2:9E:A8:BA:F2
+# Fingerprint (SHA1): 79:5F:88:60:C5:AB:7C:3D:92:E6:CB:F4:8D:E1:45:CD:11:EF:60:0B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OpenTrust Root CA G2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\171\137\210\140\305\253\174\075\222\346\313\364\215\341\105\315
+\021\357\140\013
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\127\044\266\131\044\153\256\310\376\034\014\040\362\300\116\353
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\241\151\033\277\275\271\275\122\226\217\043\350
+\110\277\046\021
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "OpenTrust Root CA G3"
+#
+# Issuer: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
+# Serial Number:11:20:e6:f8:4c:fc:24:b0:be:05:40:ac:da:83:1b:34:60:3f
+# Subject: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): B7:C3:62:31:70:6E:81:07:8C:36:7C:B8:96:19:8F:1E:32:08:DD:92:69:49:DD:8F:57:09:A4:10:F7:5B:62:92
+# Fingerprint (SHA1): 6E:26:64:F3:56:BF:34:55:BF:D1:93:3F:7C:01:DE:D8:13:DA:8A:A6
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OpenTrust Root CA G3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\346\370\114\374\044\260\276\005\100\254\332\203
+\033\064\140\077
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\041\060\202\001\246\240\003\002\001\002\002\022\021
+\040\346\370\114\374\044\260\276\005\100\254\332\203\033\064\140
+\077\060\012\006\010\052\206\110\316\075\004\003\003\060\100\061
+\013\060\011\006\003\125\004\006\023\002\106\122\061\022\060\020
+\006\003\125\004\012\014\011\117\160\145\156\124\162\165\163\164
+\061\035\060\033\006\003\125\004\003\014\024\117\160\145\156\124
+\162\165\163\164\040\122\157\157\164\040\103\101\040\107\063\060
+\036\027\015\061\064\060\065\062\066\060\060\060\060\060\060\132
+\027\015\063\070\060\061\061\065\060\060\060\060\060\060\132\060
+\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061\022
+\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162\165
+\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160\145
+\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040\107
+\063\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005
+\053\201\004\000\042\003\142\000\004\112\356\130\256\115\312\146
+\336\006\072\243\021\374\340\030\360\156\034\272\055\060\014\211
+\331\326\356\233\163\203\251\043\025\214\057\131\212\132\335\024
+\352\235\131\053\103\267\006\354\062\266\272\356\101\265\255\135
+\241\205\314\352\035\024\146\243\147\176\106\342\224\363\347\266
+\126\241\025\131\241\117\067\227\271\042\036\275\021\353\364\262
+\037\136\303\024\232\345\331\227\231\243\143\060\141\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
+\006\003\125\035\016\004\026\004\024\107\167\303\024\213\142\071
+\014\311\157\341\120\115\320\020\130\334\225\210\155\060\037\006
+\003\125\035\043\004\030\060\026\200\024\107\167\303\024\213\142
+\071\014\311\157\341\120\115\320\020\130\334\225\210\155\060\012
+\006\010\052\206\110\316\075\004\003\003\003\151\000\060\146\002
+\061\000\217\250\334\235\272\014\004\027\372\025\351\075\057\051
+\001\227\277\201\026\063\100\223\154\374\371\355\200\160\157\252
+\217\333\204\302\213\365\065\312\006\334\144\157\150\026\341\217
+\221\271\002\061\000\330\113\245\313\302\320\010\154\351\030\373
+\132\335\115\137\044\013\260\000\041\045\357\217\247\004\046\161
+\342\174\151\345\135\232\370\101\037\073\071\223\223\235\125\352
+\315\215\361\373\301
+END
+
+# Trust for "OpenTrust Root CA G3"
+# Issuer: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
+# Serial Number:11:20:e6:f8:4c:fc:24:b0:be:05:40:ac:da:83:1b:34:60:3f
+# Subject: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
+# Not Valid Before: Mon May 26 00:00:00 2014
+# Not Valid After : Fri Jan 15 00:00:00 2038
+# Fingerprint (SHA-256): B7:C3:62:31:70:6E:81:07:8C:36:7C:B8:96:19:8F:1E:32:08:DD:92:69:49:DD:8F:57:09:A4:10:F7:5B:62:92
+# Fingerprint (SHA1): 6E:26:64:F3:56:BF:34:55:BF:D1:93:3F:7C:01:DE:D8:13:DA:8A:A6
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "OpenTrust Root CA G3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\156\046\144\363\126\277\064\125\277\321\223\077\174\001\336\330
+\023\332\212\246
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\041\067\264\027\026\222\173\147\106\160\251\226\327\250\023\044
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
+\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
+\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
+\107\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\022\021\040\346\370\114\374\044\260\276\005\100\254\332\203
+\033\064\140\077
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "ISRG Root X1"
+#
+# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
+# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Not Valid Before: Thu Jun 04 11:04:38 2015
+# Not Valid After : Mon Jun 04 11:04:38 2035
+# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
+# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ISRG Root X1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\202\020\317\260\322\100\343\131\104\143\340\273\143
+\202\213\000
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\153\060\202\003\123\240\003\002\001\002\002\021\000
+\202\020\317\260\322\100\343\131\104\143\340\273\143\202\213\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061\051
+\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156\145
+\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145\141
+\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003\125
+\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130\061
+\060\036\027\015\061\065\060\066\060\064\061\061\060\064\063\070
+\132\027\015\063\065\060\066\060\064\061\061\060\064\063\070\132
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
+\001\000\255\350\044\163\364\024\067\363\233\236\053\127\050\034
+\207\276\334\267\337\070\220\214\156\074\346\127\240\170\367\165
+\302\242\376\365\152\156\366\000\117\050\333\336\150\206\154\104
+\223\266\261\143\375\024\022\153\277\037\322\352\061\233\041\176
+\321\063\074\272\110\365\335\171\337\263\270\377\022\361\041\232
+\113\301\212\206\161\151\112\146\146\154\217\176\074\160\277\255
+\051\042\006\363\344\300\346\200\256\342\113\217\267\231\176\224
+\003\237\323\107\227\174\231\110\043\123\350\070\256\117\012\157
+\203\056\321\111\127\214\200\164\266\332\057\320\070\215\173\003
+\160\041\033\165\362\060\074\372\217\256\335\332\143\253\353\026
+\117\302\216\021\113\176\317\013\350\377\265\167\056\364\262\173
+\112\340\114\022\045\014\160\215\003\051\240\341\123\044\354\023
+\331\356\031\277\020\263\112\214\077\211\243\141\121\336\254\207
+\007\224\364\143\161\354\056\342\157\133\230\201\341\211\134\064
+\171\154\166\357\073\220\142\171\346\333\244\232\057\046\305\320
+\020\341\016\336\331\020\216\026\373\267\367\250\367\307\345\002
+\007\230\217\066\010\225\347\342\067\226\015\066\165\236\373\016
+\162\261\035\233\274\003\371\111\005\330\201\335\005\264\052\326
+\101\351\254\001\166\225\012\017\330\337\325\275\022\037\065\057
+\050\027\154\322\230\301\250\011\144\167\156\107\067\272\316\254
+\131\136\150\235\177\162\326\211\305\006\101\051\076\131\076\335
+\046\365\044\311\021\247\132\243\114\100\037\106\241\231\265\247
+\072\121\156\206\073\236\175\162\247\022\005\170\131\355\076\121
+\170\025\013\003\217\215\320\057\005\262\076\173\112\034\113\163
+\005\022\374\306\352\340\120\023\174\103\223\164\263\312\164\347
+\216\037\001\010\320\060\324\133\161\066\264\007\272\301\060\060
+\134\110\267\202\073\230\246\175\140\212\242\243\051\202\314\272
+\275\203\004\033\242\203\003\101\241\326\005\361\033\302\266\360
+\250\174\206\073\106\250\110\052\210\334\166\232\166\277\037\152
+\245\075\031\217\353\070\363\144\336\310\053\015\012\050\377\367
+\333\342\025\102\324\042\320\047\135\341\171\376\030\347\160\210
+\255\116\346\331\213\072\306\335\047\121\156\377\274\144\365\063
+\103\117\002\003\001\000\001\243\102\060\100\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
+\125\035\016\004\026\004\024\171\264\131\346\173\266\345\344\001
+\163\200\010\210\310\032\130\366\351\233\156\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\125
+\037\130\251\274\262\250\120\320\014\261\330\032\151\040\047\051
+\010\254\141\165\134\212\156\370\202\345\151\057\325\366\126\113
+\271\270\163\020\131\323\041\227\176\347\114\161\373\262\322\140
+\255\071\250\013\352\027\041\126\205\361\120\016\131\353\316\340
+\131\351\272\311\025\357\206\235\217\204\200\366\344\351\221\220
+\334\027\233\142\033\105\360\146\225\322\174\157\302\352\073\357
+\037\317\313\326\256\047\361\251\260\310\256\375\175\176\232\372
+\042\004\353\377\331\177\352\221\053\042\261\027\016\217\362\212
+\064\133\130\330\374\001\311\124\271\270\046\314\212\210\063\211
+\114\055\204\074\202\337\356\226\127\005\272\054\273\367\304\267
+\307\116\073\202\276\061\310\042\163\163\222\321\302\200\244\071
+\071\020\063\043\202\114\074\237\206\262\125\230\035\276\051\206
+\214\042\233\236\342\153\073\127\072\202\160\115\334\011\307\211
+\313\012\007\115\154\350\135\216\311\357\316\253\307\273\265\053
+\116\105\326\112\320\046\314\345\162\312\010\152\245\225\343\025
+\241\367\244\355\311\054\137\245\373\377\254\050\002\056\276\327
+\173\273\343\161\173\220\026\323\007\136\106\123\174\067\007\102
+\214\323\304\226\234\325\231\265\052\340\225\032\200\110\256\114
+\071\007\316\314\107\244\122\225\053\272\270\373\255\322\063\123
+\175\345\035\115\155\325\241\261\307\102\157\346\100\047\065\134
+\243\050\267\007\215\347\215\063\220\347\043\237\373\120\234\171
+\154\106\325\264\025\263\226\156\176\233\014\226\072\270\122\055
+\077\326\133\341\373\010\302\204\376\044\250\243\211\332\254\152
+\341\030\052\261\250\103\141\133\323\037\334\073\215\166\362\055
+\350\215\165\337\027\063\154\075\123\373\173\313\101\137\377\334
+\242\320\141\070\341\226\270\254\135\213\067\327\165\325\063\300
+\231\021\256\235\101\301\162\165\204\276\002\101\102\137\147\044
+\110\224\321\233\047\276\007\077\271\270\117\201\164\121\341\172
+\267\355\235\043\342\276\340\325\050\004\023\074\061\003\236\335
+\172\154\217\306\007\030\306\177\336\107\216\077\050\236\004\006
+\317\245\124\064\167\275\354\211\233\351\027\103\337\133\333\137
+\376\216\036\127\242\315\100\235\176\142\042\332\336\030\047
+END
+
+# Trust for "ISRG Root X1"
+# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
+# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Not Valid Before: Thu Jun 04 11:04:38 2015
+# Not Valid After : Mon Jun 04 11:04:38 2035
+# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
+# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "ISRG Root X1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\312\275\052\171\241\007\152\061\362\035\045\066\065\313\003\235
+\103\051\245\350
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\014\322\371\340\332\027\163\351\355\206\115\245\343\160\347\116
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\021\000\202\020\317\260\322\100\343\131\104\143\340\273\143
+\202\213\000
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "AC RAIZ FNMT-RCM"
+#
+# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
+# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Not Valid Before: Wed Oct 29 15:59:56 2008
+# Not Valid After : Tue Jan 01 00:00:00 2030
+# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
+# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AC RAIZ FNMT-RCM"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
+\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
+\122\101\111\132\040\106\116\115\124\055\122\103\115
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
+\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
+\122\101\111\132\040\106\116\115\124\055\122\103\115
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\017\135\223\215\060\147\066\310\006\035\032\307\124\204\151
+\007
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\203\060\202\003\153\240\003\002\001\002\002\017\135
+\223\215\060\147\066\310\006\035\032\307\124\204\151\007\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\060\073\061
+\013\060\011\006\003\125\004\006\023\002\105\123\061\021\060\017
+\006\003\125\004\012\014\010\106\116\115\124\055\122\103\115\061
+\031\060\027\006\003\125\004\013\014\020\101\103\040\122\101\111
+\132\040\106\116\115\124\055\122\103\115\060\036\027\015\060\070
+\061\060\062\071\061\065\065\071\065\066\132\027\015\063\060\060
+\061\060\061\060\060\060\060\060\060\132\060\073\061\013\060\011
+\006\003\125\004\006\023\002\105\123\061\021\060\017\006\003\125
+\004\012\014\010\106\116\115\124\055\122\103\115\061\031\060\027
+\006\003\125\004\013\014\020\101\103\040\122\101\111\132\040\106
+\116\115\124\055\122\103\115\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\272\161\200\172\114\206\156\177
+\310\023\155\300\306\175\034\000\227\217\054\014\043\273\020\232
+\100\251\032\267\207\210\370\233\126\152\373\346\173\216\213\222
+\216\247\045\135\131\021\333\066\056\267\121\027\037\251\010\037
+\004\027\044\130\252\067\112\030\337\345\071\324\127\375\327\301
+\054\221\001\221\342\042\324\003\300\130\374\167\107\354\217\076
+\164\103\272\254\064\215\115\070\166\147\216\260\310\157\060\063
+\130\161\134\264\365\153\156\324\001\120\270\023\176\154\112\243
+\111\321\040\031\356\274\300\051\030\145\247\336\376\357\335\012
+\220\041\347\032\147\222\102\020\230\137\117\060\274\076\034\105
+\264\020\327\150\100\024\300\100\372\347\167\027\172\346\013\217
+\145\133\074\331\232\122\333\265\275\236\106\317\075\353\221\005
+\002\300\226\262\166\114\115\020\226\073\222\372\234\177\017\231
+\337\276\043\065\105\036\002\134\376\265\250\233\231\045\332\136
+\363\042\303\071\365\344\052\056\323\306\037\304\154\252\305\034
+\152\001\005\112\057\322\305\301\250\064\046\135\146\245\322\002
+\041\371\030\267\006\365\116\231\157\250\253\114\121\350\317\120
+\030\305\167\310\071\011\054\111\222\062\231\250\273\027\027\171
+\260\132\305\346\243\304\131\145\107\065\203\136\251\350\065\013
+\231\273\344\315\040\306\233\112\006\071\265\150\374\042\272\356
+\125\214\053\116\352\363\261\343\374\266\231\232\325\102\372\161
+\115\010\317\207\036\152\161\175\371\323\264\351\245\161\201\173
+\302\116\107\226\245\366\166\205\243\050\217\351\200\156\201\123
+\245\155\137\270\110\371\302\371\066\246\056\111\377\270\226\302
+\214\007\263\233\210\130\374\353\033\034\336\055\160\342\227\222
+\060\241\211\343\274\125\250\047\326\113\355\220\255\213\372\143
+\045\131\055\250\065\335\312\227\063\274\345\315\307\235\321\354
+\357\136\016\112\220\006\046\143\255\271\331\065\055\007\272\166
+\145\054\254\127\217\175\364\007\224\327\201\002\226\135\243\007
+\111\325\172\320\127\371\033\347\123\106\165\252\260\171\102\313
+\150\161\010\351\140\275\071\151\316\364\257\303\126\100\307\255
+\122\242\011\344\157\206\107\212\037\353\050\047\135\203\040\257
+\004\311\154\126\232\213\106\365\002\003\001\000\001\243\201\203
+\060\201\200\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\367
+\175\305\375\304\350\232\033\167\144\247\365\035\240\314\277\207
+\140\232\155\060\076\006\003\125\035\040\004\067\060\065\060\063
+\006\004\125\035\040\000\060\053\060\051\006\010\053\006\001\005
+\005\007\002\001\026\035\150\164\164\160\072\057\057\167\167\167
+\056\143\145\162\164\056\146\156\155\164\056\145\163\057\144\160
+\143\163\057\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\002\001\000\007\220\112\337\363\043\116\360\303
+\234\121\145\233\234\042\242\212\014\205\363\163\051\153\115\376
+\001\342\251\014\143\001\277\004\147\245\235\230\137\375\001\023
+\372\354\232\142\351\206\376\266\142\322\156\114\224\373\300\165
+\105\174\145\014\370\262\067\317\254\017\317\215\157\371\031\367
+\217\354\036\362\160\236\360\312\270\357\267\377\166\067\166\133
+\366\156\210\363\257\142\062\042\223\015\072\152\216\024\146\014
+\055\123\164\127\145\036\325\262\335\043\201\073\245\146\043\047
+\147\011\217\341\167\252\103\315\145\121\010\355\121\130\376\346
+\071\371\313\107\204\244\025\361\166\273\244\356\244\073\304\137
+\357\262\063\226\021\030\267\311\145\276\030\341\243\244\334\372
+\030\371\323\274\023\233\071\172\064\272\323\101\373\372\062\212
+\052\267\053\206\013\151\203\070\276\315\212\056\013\160\255\215
+\046\222\356\036\365\001\053\012\331\326\227\233\156\340\250\031
+\034\072\041\213\014\036\100\255\003\347\335\146\176\365\271\040
+\015\003\350\226\371\202\105\324\071\340\240\000\135\327\230\346
+\175\236\147\163\303\232\052\367\253\213\241\072\024\357\064\274
+\122\016\211\230\232\004\100\204\035\176\105\151\223\127\316\353
+\316\370\120\174\117\034\156\004\103\233\371\326\073\043\030\351
+\352\216\321\115\106\215\361\073\344\152\312\272\373\043\267\233
+\372\231\001\051\132\130\132\055\343\371\324\155\016\046\255\301
+\156\064\274\062\370\014\005\372\145\243\333\073\067\203\042\351
+\326\334\162\063\375\135\362\040\275\166\074\043\332\050\367\371
+\033\353\131\144\325\334\137\162\176\040\374\315\211\265\220\147
+\115\142\172\077\116\255\035\303\071\376\172\364\050\026\337\101
+\366\110\200\005\327\017\121\171\254\020\253\324\354\003\146\346
+\152\260\272\061\222\102\100\152\276\072\323\162\341\152\067\125
+\274\254\035\225\267\151\141\362\103\221\164\346\240\323\012\044
+\106\241\010\257\326\332\105\031\226\324\123\035\133\204\171\360
+\300\367\107\357\213\217\305\006\256\235\114\142\235\377\106\004
+\370\323\311\266\020\045\100\165\376\026\252\311\112\140\206\057
+\272\357\060\167\344\124\342\270\204\231\130\200\252\023\213\121
+\072\117\110\366\213\266\263
+END
+
+# Trust for "AC RAIZ FNMT-RCM"
+# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
+# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Not Valid Before: Wed Oct 29 15:59:56 2008
+# Not Valid After : Tue Jan 01 00:00:00 2030
+# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
+# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "AC RAIZ FNMT-RCM"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\354\120\065\007\262\025\304\225\142\031\342\250\232\133\102\231
+\054\114\054\040
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\342\011\004\264\323\275\321\240\024\375\032\322\107\304\127\035
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
+\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
+\122\101\111\132\040\106\116\115\124\055\122\103\115
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\017\135\223\215\060\147\066\310\006\035\032\307\124\204\151
+\007
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Amazon Root CA 1"
+#
+# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
+# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
+# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sun Jan 17 00:00:00 2038
+# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
+# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\317\231\277\214\012\071\342\360\170\212\103
+\346\226\066\133\312
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\101\060\202\002\051\240\003\002\001\002\002\023\006
+\154\237\317\231\277\214\012\071\342\360\170\212\103\346\226\066
+\133\312\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157
+\156\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172
+\157\156\040\122\157\157\164\040\103\101\040\061\060\036\027\015
+\061\065\060\065\062\066\060\060\060\060\060\060\132\027\015\063
+\070\060\061\061\067\060\060\060\060\060\060\132\060\071\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\017\060\015\006
+\003\125\004\012\023\006\101\155\141\172\157\156\061\031\060\027
+\006\003\125\004\003\023\020\101\155\141\172\157\156\040\122\157
+\157\164\040\103\101\040\061\060\202\001\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
+\202\001\012\002\202\001\001\000\262\170\200\161\312\170\325\343
+\161\257\107\200\120\164\175\156\330\327\210\166\364\231\150\367
+\130\041\140\371\164\204\001\057\254\002\055\206\323\240\103\172
+\116\262\244\320\066\272\001\276\215\333\110\310\007\027\066\114
+\364\356\210\043\307\076\353\067\365\265\031\370\111\150\260\336
+\327\271\166\070\035\141\236\244\376\202\066\245\345\112\126\344
+\105\341\371\375\264\026\372\164\332\234\233\065\071\057\372\260
+\040\120\006\154\172\320\200\262\246\371\257\354\107\031\217\120
+\070\007\334\242\207\071\130\370\272\325\251\371\110\147\060\226
+\356\224\170\136\157\211\243\121\300\060\206\146\241\105\146\272
+\124\353\243\303\221\371\110\334\377\321\350\060\055\175\055\164
+\160\065\327\210\044\367\236\304\131\156\273\163\207\027\362\062
+\106\050\270\103\372\267\035\252\312\264\362\237\044\016\055\113
+\367\161\134\136\151\377\352\225\002\313\070\212\256\120\070\157
+\333\373\055\142\033\305\307\036\124\341\167\340\147\310\017\234
+\207\043\326\077\100\040\177\040\200\304\200\114\076\073\044\046
+\216\004\256\154\232\310\252\015\002\003\001\000\001\243\102\060
+\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\206\060\035\006\003\125\035\016\004\026\004\024\204\030\314
+\205\064\354\274\014\224\224\056\010\131\234\307\262\020\116\012
+\010\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
+\003\202\001\001\000\230\362\067\132\101\220\241\032\305\166\121
+\050\040\066\043\016\256\346\050\273\252\370\224\256\110\244\060
+\177\033\374\044\215\113\264\310\241\227\366\266\361\172\160\310
+\123\223\314\010\050\343\230\045\317\043\244\371\336\041\323\174
+\205\011\255\116\232\165\072\302\013\152\211\170\166\104\107\030
+\145\154\215\101\216\073\177\232\313\364\265\247\120\327\005\054
+\067\350\003\113\255\351\141\240\002\156\365\362\360\305\262\355
+\133\267\334\372\224\134\167\236\023\245\177\122\255\225\362\370
+\223\073\336\213\134\133\312\132\122\133\140\257\024\367\113\357
+\243\373\237\100\225\155\061\124\374\102\323\307\106\037\043\255
+\331\017\110\160\232\331\165\170\161\321\162\103\064\165\156\127
+\131\302\002\134\046\140\051\317\043\031\026\216\210\103\245\324
+\344\313\010\373\043\021\103\350\103\051\162\142\241\251\135\136
+\010\324\220\256\270\330\316\024\302\320\125\362\206\366\304\223
+\103\167\146\141\300\271\350\101\327\227\170\140\003\156\112\162
+\256\245\321\175\272\020\236\206\154\033\212\271\131\063\370\353
+\304\220\276\361\271
+END
+
+# Trust for "Amazon Root CA 1"
+# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
+# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
+# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sun Jan 17 00:00:00 2038
+# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
+# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\215\247\371\145\354\136\374\067\221\017\034\156\131\375\301\314
+\152\156\336\026
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\103\306\277\256\354\376\255\057\030\306\210\150\060\374\310\346
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\317\231\277\214\012\071\342\360\170\212\103
+\346\226\066\133\312
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Amazon Root CA 2"
+#
+# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
+# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
+# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
+# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\322\226\065\206\237\012\017\345\206\170\370
+\133\046\273\212\067
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\101\060\202\003\051\240\003\002\001\002\002\023\006
+\154\237\322\226\065\206\237\012\017\345\206\170\370\133\046\273
+\212\067\060\015\006\011\052\206\110\206\367\015\001\001\014\005
+\000\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157
+\156\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172
+\157\156\040\122\157\157\164\040\103\101\040\062\060\036\027\015
+\061\065\060\065\062\066\060\060\060\060\060\060\132\027\015\064
+\060\060\065\062\066\060\060\060\060\060\060\132\060\071\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\017\060\015\006
+\003\125\004\012\023\006\101\155\141\172\157\156\061\031\060\027
+\006\003\125\004\003\023\020\101\155\141\172\157\156\040\122\157
+\157\164\040\103\101\040\062\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\255\226\237\055\234\112\114\112
+\201\171\121\231\354\212\313\153\140\121\023\274\115\155\006\374
+\260\010\215\335\031\020\152\307\046\014\065\330\300\157\040\204
+\351\224\261\233\205\003\303\133\333\112\350\310\370\220\166\331
+\133\117\343\114\350\006\066\115\314\232\254\075\014\220\053\222
+\324\006\031\140\254\067\104\171\205\201\202\255\132\067\340\015
+\314\235\246\114\122\166\352\103\235\267\004\321\120\366\125\340
+\325\322\246\111\205\351\067\351\312\176\256\134\225\115\110\232
+\077\256\040\132\155\210\225\331\064\270\122\032\103\220\260\277
+\154\005\271\266\170\267\352\320\344\072\074\022\123\142\377\112
+\362\173\276\065\005\251\022\064\343\363\144\164\142\054\075\000
+\111\132\050\376\062\104\273\207\335\145\047\002\161\073\332\112
+\367\037\332\315\367\041\125\220\117\017\354\256\202\341\237\153
+\331\105\323\273\360\137\207\355\074\054\071\206\332\077\336\354
+\162\125\353\171\243\255\333\335\174\260\272\034\316\374\336\117
+\065\166\317\017\370\170\037\152\066\121\106\047\141\133\351\236
+\317\360\242\125\175\174\045\212\157\057\264\305\317\204\056\053
+\375\015\121\020\154\373\137\033\274\033\176\305\256\073\230\001
+\061\222\377\013\127\364\232\262\271\127\351\253\357\015\166\321
+\360\356\364\316\206\247\340\156\351\264\151\241\337\151\366\063
+\306\151\056\227\023\236\245\207\260\127\020\201\067\311\123\263
+\273\177\366\222\321\234\320\030\364\222\156\332\203\117\246\143
+\231\114\245\373\136\357\041\144\172\040\137\154\144\205\025\313
+\067\351\142\014\013\052\026\334\001\056\062\332\076\113\365\236
+\072\366\027\100\224\357\236\221\010\206\372\276\143\250\132\063
+\354\313\164\103\225\371\154\151\122\066\307\051\157\374\125\003
+\134\037\373\237\275\107\353\347\111\107\225\013\116\211\042\011
+\111\340\365\141\036\361\277\056\212\162\156\200\131\377\127\072
+\371\165\062\243\116\137\354\355\050\142\331\115\163\362\314\201
+\027\140\355\315\353\334\333\247\312\305\176\002\275\362\124\010
+\124\375\264\055\011\054\027\124\112\230\321\124\341\121\147\010
+\322\355\156\176\157\077\322\055\201\131\051\146\313\220\071\225
+\021\036\164\047\376\335\353\257\002\003\001\000\001\243\102\060
+\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\206\060\035\006\003\125\035\016\004\026\004\024\260\014\360
+\114\060\364\005\130\002\110\375\063\345\122\257\113\204\343\146
+\122\060\015\006\011\052\206\110\206\367\015\001\001\014\005\000
+\003\202\002\001\000\252\250\200\217\016\170\243\340\242\324\315
+\346\365\230\172\073\352\000\003\260\227\016\223\274\132\250\366
+\054\214\162\207\251\261\374\177\163\375\143\161\170\245\207\131
+\317\060\341\015\020\262\023\132\155\202\365\152\346\200\237\240
+\005\013\150\344\107\153\307\152\337\266\375\167\062\162\345\030
+\372\011\364\240\223\054\135\322\214\165\205\166\145\220\014\003
+\171\267\061\043\143\255\170\203\011\206\150\204\312\377\371\317
+\046\232\222\171\347\315\113\305\347\141\247\027\313\363\251\022
+\223\223\153\247\350\057\123\222\304\140\130\260\314\002\121\030
+\133\205\215\142\131\143\266\255\264\336\232\373\046\367\000\047
+\300\135\125\067\164\231\311\120\177\343\131\056\104\343\054\045
+\356\354\114\062\167\264\237\032\351\113\135\040\305\332\375\034
+\207\026\306\103\350\324\273\046\232\105\160\136\251\013\067\123
+\342\106\173\047\375\340\106\362\211\267\314\102\266\313\050\046
+\156\331\245\311\072\310\101\023\140\367\120\214\025\256\262\155
+\032\025\032\127\170\346\222\052\331\145\220\202\077\154\002\257
+\256\022\072\047\226\066\004\327\035\242\200\143\251\233\361\345
+\272\264\174\024\260\116\311\261\037\164\137\070\366\121\352\233
+\372\054\242\021\324\251\055\047\032\105\261\257\262\116\161\015
+\300\130\106\326\151\006\313\123\313\263\376\153\101\315\101\176
+\175\114\017\174\162\171\172\131\315\136\112\016\254\233\251\230
+\163\171\174\264\364\314\271\270\007\014\262\164\134\270\307\157
+\210\241\220\247\364\252\371\277\147\072\364\032\025\142\036\267
+\237\276\075\261\051\257\147\241\022\362\130\020\031\123\003\060
+\033\270\032\211\366\234\275\227\003\216\243\011\363\035\213\041
+\361\264\337\344\034\321\237\145\002\006\352\134\326\023\263\204
+\357\242\245\134\214\167\051\247\150\300\153\256\100\322\250\264
+\352\315\360\215\113\070\234\031\232\033\050\124\270\211\220\357
+\312\165\201\076\036\362\144\044\307\030\257\116\377\107\236\007
+\366\065\145\244\323\012\126\377\365\027\144\154\357\250\042\045
+\111\223\266\337\000\027\332\130\176\135\356\305\033\260\321\321
+\137\041\020\307\371\363\272\002\012\047\007\305\361\326\307\323
+\340\373\011\140\154
+END
+
+# Trust for "Amazon Root CA 2"
+# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
+# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
+# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
+# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\132\214\357\105\327\246\230\131\166\172\214\213\104\226\265\170
+\317\107\113\032
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\310\345\215\316\250\102\342\172\300\052\134\174\236\046\277\146
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\322\226\065\206\237\012\017\345\206\170\370
+\133\046\273\212\067
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Amazon Root CA 3"
+#
+# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
+# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
+# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
+# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\325\164\227\066\146\077\073\013\232\331\350
+\236\166\003\362\112
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\001\266\060\202\001\133\240\003\002\001\002\002\023\006
+\154\237\325\164\227\066\146\077\073\013\232\331\350\236\166\003
+\362\112\060\012\006\010\052\206\110\316\075\004\003\002\060\071
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\017\060
+\015\006\003\125\004\012\023\006\101\155\141\172\157\156\061\031
+\060\027\006\003\125\004\003\023\020\101\155\141\172\157\156\040
+\122\157\157\164\040\103\101\040\063\060\036\027\015\061\065\060
+\065\062\066\060\060\060\060\060\060\132\027\015\064\060\060\065
+\062\066\060\060\060\060\060\060\132\060\071\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\017\060\015\006\003\125\004
+\012\023\006\101\155\141\172\157\156\061\031\060\027\006\003\125
+\004\003\023\020\101\155\141\172\157\156\040\122\157\157\164\040
+\103\101\040\063\060\131\060\023\006\007\052\206\110\316\075\002
+\001\006\010\052\206\110\316\075\003\001\007\003\102\000\004\051
+\227\247\306\101\177\300\015\233\350\001\033\126\306\362\122\245
+\272\055\262\022\350\322\056\327\372\311\305\330\252\155\037\163
+\201\073\073\230\153\071\174\063\245\305\116\206\216\200\027\150
+\142\105\127\175\104\130\035\263\067\345\147\010\353\146\336\243
+\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\206\060\035\006\003\125\035\016\004\026\004\024\253
+\266\333\327\006\236\067\254\060\206\007\221\160\307\234\304\031
+\261\170\300\060\012\006\010\052\206\110\316\075\004\003\002\003
+\111\000\060\106\002\041\000\340\205\222\243\027\267\215\371\053
+\006\245\223\254\032\230\150\141\162\372\341\241\320\373\034\170
+\140\246\103\231\305\270\304\002\041\000\234\002\357\361\224\234
+\263\226\371\353\306\052\370\266\054\376\072\220\024\026\327\214
+\143\044\110\034\337\060\175\325\150\073
+END
+
+# Trust for "Amazon Root CA 3"
+# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
+# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
+# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
+# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\015\104\335\214\074\214\032\032\130\165\144\201\351\017\056\052
+\377\263\322\156
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\240\324\357\013\367\265\330\111\225\052\354\365\304\374\201\207
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\325\164\227\066\146\077\073\013\232\331\350
+\236\166\003\362\112
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Amazon Root CA 4"
+#
+# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
+# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
+# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
+# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 4"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\064
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\327\301\273\020\114\051\103\345\161\173\173
+\054\310\032\301\016
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\001\362\060\202\001\170\240\003\002\001\002\002\023\006
+\154\237\327\301\273\020\114\051\103\345\161\173\173\054\310\032
+\301\016\060\012\006\010\052\206\110\316\075\004\003\003\060\071
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\017\060
+\015\006\003\125\004\012\023\006\101\155\141\172\157\156\061\031
+\060\027\006\003\125\004\003\023\020\101\155\141\172\157\156\040
+\122\157\157\164\040\103\101\040\064\060\036\027\015\061\065\060
+\065\062\066\060\060\060\060\060\060\132\027\015\064\060\060\065
+\062\066\060\060\060\060\060\060\132\060\071\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\017\060\015\006\003\125\004
+\012\023\006\101\155\141\172\157\156\061\031\060\027\006\003\125
+\004\003\023\020\101\155\141\172\157\156\040\122\157\157\164\040
+\103\101\040\064\060\166\060\020\006\007\052\206\110\316\075\002
+\001\006\005\053\201\004\000\042\003\142\000\004\322\253\212\067
+\117\243\123\015\376\301\212\173\113\250\173\106\113\143\260\142
+\366\055\033\333\010\161\041\322\000\350\143\275\232\047\373\360
+\071\156\135\352\075\245\311\201\252\243\133\040\230\105\135\026
+\333\375\350\020\155\343\234\340\343\275\137\204\142\363\160\144
+\063\240\313\044\057\160\272\210\241\052\240\165\370\201\256\142
+\006\304\201\333\071\156\051\260\036\372\056\134\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\206\060\035\006\003\125\035\016\004\026\004\024\323\354\307\072
+\145\156\314\341\332\166\232\126\373\234\363\206\155\127\345\201
+\060\012\006\010\052\206\110\316\075\004\003\003\003\150\000\060
+\145\002\060\072\213\041\361\275\176\021\255\320\357\130\226\057
+\326\353\235\176\220\215\053\317\146\125\303\054\343\050\251\160
+\012\107\016\360\067\131\022\377\055\231\224\050\116\052\117\065
+\115\063\132\002\061\000\352\165\000\116\073\304\072\224\022\221
+\311\130\106\235\041\023\162\247\210\234\212\344\114\112\333\226
+\324\254\213\153\153\111\022\123\063\255\327\344\276\044\374\265
+\012\166\324\245\274\020
+END
+
+# Trust for "Amazon Root CA 4"
+# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
+# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
+# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
+# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 4"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\366\020\204\007\326\370\273\147\230\014\302\342\104\302\353\256
+\034\357\143\276
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\211\274\047\325\353\027\215\006\152\151\325\375\211\107\264\315
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\327\301\273\020\114\051\103\345\161\173\173
+\054\310\032\301\016
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "LuxTrust Global Root 2"
+#
+# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
+# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Not Valid Before: Thu Mar 05 13:21:57 2015
+# Not Valid After : Mon Mar 05 13:21:57 2035
+# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
+# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "LuxTrust Global Root 2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
+\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
+\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
+\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\040\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
+\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
+\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
+\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\012\176\246\337\113\104\236\332\152\044\205\236\346\270
+\025\323\026\177\273\261
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\303\060\202\003\253\240\003\002\001\002\002\024\012
+\176\246\337\113\104\236\332\152\044\205\236\346\270\025\323\026
+\177\273\261\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\114
+\125\061\026\060\024\006\003\125\004\012\014\015\114\165\170\124
+\162\165\163\164\040\123\056\101\056\061\037\060\035\006\003\125
+\004\003\014\026\114\165\170\124\162\165\163\164\040\107\154\157
+\142\141\154\040\122\157\157\164\040\062\060\036\027\015\061\065
+\060\063\060\065\061\063\062\061\065\067\132\027\015\063\065\060
+\063\060\065\061\063\062\061\065\067\132\060\106\061\013\060\011
+\006\003\125\004\006\023\002\114\125\061\026\060\024\006\003\125
+\004\012\014\015\114\165\170\124\162\165\163\164\040\123\056\101
+\056\061\037\060\035\006\003\125\004\003\014\026\114\165\170\124
+\162\165\163\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\062\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\327\205\227\277\021\230\351\360\142\203\114\074\207
+\371\123\152\067\013\362\017\074\207\316\157\334\046\051\275\305
+\211\272\311\203\075\367\356\312\133\306\155\111\163\264\311\106
+\243\033\064\023\077\301\211\105\127\364\331\261\373\066\145\113
+\373\010\342\110\161\021\310\156\073\236\235\337\211\145\067\246
+\205\366\073\104\030\266\306\067\060\142\104\222\227\151\175\102
+\060\044\344\015\014\211\153\143\336\305\341\337\116\251\024\154
+\123\340\141\316\366\027\057\035\074\275\346\042\114\035\223\365
+\020\304\241\166\354\152\336\305\154\337\226\264\126\100\102\300
+\142\222\060\241\055\025\224\240\322\040\006\011\156\152\155\345
+\353\267\276\324\360\361\025\174\213\346\116\272\023\314\113\047
+\136\231\074\027\135\217\201\177\063\075\117\323\077\033\354\134
+\077\360\074\114\165\156\362\246\325\235\332\055\007\143\002\306
+\162\351\224\274\114\111\225\117\210\122\310\333\350\151\202\370
+\314\064\133\042\360\206\247\211\275\110\012\155\146\201\155\310
+\310\144\373\001\341\364\341\336\331\236\335\333\133\324\052\231
+\046\025\033\036\114\222\051\202\236\325\222\201\222\101\160\031
+\367\244\345\223\113\274\167\147\061\335\034\375\061\160\015\027
+\231\014\371\014\071\031\052\027\265\060\161\125\325\017\256\130
+\341\075\057\064\233\317\237\366\170\205\302\223\172\162\076\146
+\217\234\026\021\140\217\236\211\157\147\276\340\107\132\073\014
+\232\147\213\317\106\306\256\070\243\362\247\274\346\326\205\153
+\063\044\160\042\113\313\010\233\273\310\370\002\051\035\276\040
+\014\106\277\153\207\233\263\052\146\102\065\106\154\252\272\255
+\371\230\173\351\120\125\024\061\277\261\332\055\355\200\255\150
+\044\373\151\253\330\161\023\060\346\147\263\207\100\375\211\176
+\362\103\321\021\337\057\145\057\144\316\137\024\271\261\277\061
+\275\207\170\132\131\145\210\252\374\131\062\110\206\326\114\271
+\051\113\225\323\166\363\167\045\155\102\034\070\203\115\375\243
+\137\233\177\055\254\171\033\016\102\061\227\143\244\373\212\151
+\325\042\015\064\220\060\056\250\264\340\155\266\224\254\274\213
+\116\327\160\374\305\070\216\144\045\341\115\071\220\316\311\207
+\204\130\161\002\003\001\000\001\243\201\250\060\201\245\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\102\006\003\125\035\040\004\073\060\071\060\067\006\007\053\201
+\053\001\001\001\012\060\054\060\052\006\010\053\006\001\005\005
+\007\002\001\026\036\150\164\164\160\163\072\057\057\162\145\160
+\157\163\151\164\157\162\171\056\154\165\170\164\162\165\163\164
+\056\154\165\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200\024
+\377\030\050\166\371\110\005\054\241\256\361\053\033\053\262\123
+\370\113\174\263\060\035\006\003\125\035\016\004\026\004\024\377
+\030\050\166\371\110\005\054\241\256\361\053\033\053\262\123\370
+\113\174\263\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\002\001\000\152\031\024\355\156\171\301\054\207
+\324\015\160\176\327\366\170\311\013\004\116\304\261\316\223\160
+\376\260\124\300\062\315\231\060\144\027\277\017\345\342\063\375
+\007\066\100\162\016\032\266\152\131\326\000\345\150\040\335\056
+\162\015\037\152\144\061\040\204\175\111\246\132\067\353\105\311
+\205\365\324\307\027\231\007\346\233\125\344\014\350\251\264\316
+\214\133\265\021\134\317\212\016\015\326\254\167\201\376\062\234
+\044\236\162\316\124\363\320\157\242\126\326\354\303\067\054\145
+\130\276\127\000\032\362\065\372\353\173\061\135\302\301\022\075
+\226\201\210\226\211\301\131\134\172\346\177\160\064\347\203\342
+\261\341\341\270\130\357\324\225\344\140\234\360\226\227\162\214
+\353\204\002\056\145\217\244\267\322\177\147\335\310\323\236\134
+\252\251\244\240\045\024\006\233\354\117\176\055\013\177\035\165
+\361\063\330\355\316\270\165\155\076\133\271\230\035\061\015\126
+\330\103\017\060\221\262\004\153\335\126\276\225\200\125\147\276
+\330\315\203\331\030\356\056\017\206\055\222\236\160\023\354\336
+\121\311\103\170\002\245\115\310\371\137\304\221\130\106\026\167
+\132\164\252\100\274\007\237\060\271\261\367\022\027\335\343\377
+\044\100\035\172\152\321\117\030\012\252\220\035\353\100\036\337
+\241\036\104\222\020\232\362\215\341\321\113\106\236\350\105\102
+\227\352\105\231\363\354\146\325\002\372\362\246\112\044\252\336
+\316\271\312\371\077\223\157\371\243\272\352\245\076\231\255\375
+\377\173\231\365\145\356\360\131\050\147\327\220\225\244\023\204
+\251\204\301\350\316\316\165\223\143\032\274\074\352\325\144\037
+\055\052\022\071\306\303\132\062\355\107\221\026\016\274\070\301
+\120\336\217\312\052\220\064\034\356\101\224\234\136\031\056\370
+\105\111\231\164\221\260\004\157\343\004\132\261\253\052\253\376
+\307\320\226\266\332\341\112\144\006\156\140\115\275\102\116\377
+\170\332\044\312\033\264\327\226\071\154\256\361\016\252\247\175
+\110\213\040\114\317\144\326\270\227\106\260\116\321\052\126\072
+\240\223\275\257\200\044\340\012\176\347\312\325\312\350\205\125
+\334\066\052\341\224\150\223\307\146\162\104\017\200\041\062\154
+\045\307\043\200\203\012\353
+END
+
+# Trust for "LuxTrust Global Root 2"
+# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
+# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Not Valid Before: Thu Mar 05 13:21:57 2015
+# Not Valid After : Mon Mar 05 13:21:57 2035
+# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
+# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "LuxTrust Global Root 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\036\016\126\031\012\321\213\045\230\262\004\104\377\146\212\004
+\027\231\137\077
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\262\341\011\000\141\257\367\361\221\157\304\255\215\136\073\174
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
+\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
+\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
+\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\024\012\176\246\337\113\104\236\332\152\044\205\236\346\270
+\025\323\026\177\273\261
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
+#
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
+# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G6"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\044\062\165\362\035\057\322\011\063\367\264\152\312\320
+\363\230
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\366\060\202\002\336\240\003\002\001\002\002\020\044
+\062\165\362\035\057\322\011\063\367\264\152\312\320\363\230\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\224\061\013\060\011\006\003\125\004\006\023\002\125\123\061\035
+\060\033\006\003\125\004\012\023\024\123\171\155\141\156\164\145
+\143\040\103\157\162\160\157\162\141\164\151\157\156\061\037\060
+\035\006\003\125\004\013\023\026\123\171\155\141\156\164\145\143
+\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061\105
+\060\103\006\003\125\004\003\023\074\123\171\155\141\156\164\145
+\143\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143
+\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\066\060\036\027\015\061\061\061\060\061\070\060
+\060\060\060\060\060\132\027\015\063\067\061\062\060\061\062\063
+\065\071\065\071\132\060\201\224\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
+\123\171\155\141\156\164\145\143\040\103\157\162\160\157\162\141
+\164\151\157\156\061\037\060\035\006\003\125\004\013\023\026\123
+\171\155\141\156\164\145\143\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\105\060\103\006\003\125\004\003\023\074
+\123\171\155\141\156\164\145\143\040\103\154\141\163\163\040\061
+\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
+\164\150\157\162\151\164\171\040\055\040\107\066\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\307\071\327
+\111\144\251\231\202\042\114\352\105\331\007\026\343\173\364\203
+\350\231\163\372\153\261\066\340\232\167\240\100\302\201\215\001
+\307\314\214\275\217\175\367\171\343\172\114\003\115\331\373\375
+\207\070\050\054\335\232\213\124\010\333\147\373\033\214\376\050
+\222\057\276\267\262\110\247\201\241\330\136\210\303\314\071\100
+\101\132\321\334\345\332\020\237\057\332\001\115\375\056\106\174
+\371\056\047\012\151\067\356\221\243\033\152\314\104\277\033\307
+\303\324\021\262\120\140\227\011\275\056\042\365\101\204\146\237
+\315\100\246\251\000\200\301\037\225\222\237\336\363\110\357\333
+\035\167\141\374\177\337\356\226\244\162\320\266\076\377\170\047
+\257\313\222\025\151\010\333\143\020\342\346\227\254\156\334\254
+\366\242\316\036\107\231\271\211\267\022\346\241\324\315\131\021
+\147\303\157\205\330\102\116\050\276\131\125\131\004\225\253\217
+\067\200\277\015\360\374\037\072\144\061\130\201\170\327\342\065
+\366\040\077\051\270\217\026\156\076\110\334\265\114\007\341\362
+\032\352\176\012\171\326\250\275\353\135\206\053\115\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\063\101\350\310\071\022\025\223\110\362\226\062\056\132
+\365\332\224\137\123\140\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\001\001\000\025\343\163\127\261\027
+\266\137\111\151\104\246\366\136\172\147\254\322\336\165\111\253
+\376\045\125\307\072\311\104\025\020\156\277\061\153\313\331\007
+\223\177\034\205\143\000\343\062\022\340\314\313\373\071\154\217
+\342\123\342\074\100\063\331\244\214\107\346\255\130\373\211\257
+\343\336\206\051\126\064\054\105\270\022\372\104\211\156\055\024
+\045\050\044\001\145\326\352\122\254\005\156\126\022\011\075\320
+\164\364\327\275\006\312\250\072\215\126\102\372\215\162\076\164
+\361\003\162\337\207\033\136\016\172\125\226\054\070\267\230\205
+\315\115\063\104\311\224\217\132\061\060\067\113\243\072\022\263
+\347\066\321\041\150\113\055\070\346\123\256\034\045\126\010\126
+\003\147\204\235\306\303\316\044\142\307\114\066\317\260\006\104
+\267\365\137\002\335\331\124\351\057\220\116\172\310\116\203\100
+\014\232\227\074\067\277\277\354\366\360\264\205\167\050\301\013
+\310\147\202\020\027\070\242\267\006\352\233\277\072\370\351\043
+\007\277\164\340\230\070\025\125\170\356\162\000\134\031\243\364
+\322\063\340\377\275\321\124\071\051\017
+END
+
+# Trust for "Symantec Class 1 Public Primary Certification Authority - G6"
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
+# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G6"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\121\177\141\036\051\221\153\123\202\373\162\347\104\331\215\303
+\314\123\155\144
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\057\250\264\332\366\144\113\036\202\371\106\075\124\032\174\260
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\044\062\165\362\035\057\322\011\063\367\264\152\312\320
+\363\230
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
+#
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
+# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G6"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\144\202\236\374\067\036\164\135\374\227\377\227\310\261
+\377\101
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\366\060\202\002\336\240\003\002\001\002\002\020\144
+\202\236\374\067\036\164\135\374\227\377\227\310\261\377\101\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\224\061\013\060\011\006\003\125\004\006\023\002\125\123\061\035
+\060\033\006\003\125\004\012\023\024\123\171\155\141\156\164\145
+\143\040\103\157\162\160\157\162\141\164\151\157\156\061\037\060
+\035\006\003\125\004\013\023\026\123\171\155\141\156\164\145\143
+\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061\105
+\060\103\006\003\125\004\003\023\074\123\171\155\141\156\164\145
+\143\040\103\154\141\163\163\040\062\040\120\165\142\154\151\143
+\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\066\060\036\027\015\061\061\061\060\061\070\060
+\060\060\060\060\060\132\027\015\063\067\061\062\060\061\062\063
+\065\071\065\071\132\060\201\224\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
+\123\171\155\141\156\164\145\143\040\103\157\162\160\157\162\141
+\164\151\157\156\061\037\060\035\006\003\125\004\013\023\026\123
+\171\155\141\156\164\145\143\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\105\060\103\006\003\125\004\003\023\074
+\123\171\155\141\156\164\145\143\040\103\154\141\163\163\040\062
+\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
+\164\150\157\162\151\164\171\040\055\040\107\066\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\315\314\351
+\005\310\143\205\313\077\100\143\027\275\030\372\065\346\004\147
+\127\145\230\051\244\117\311\134\217\017\064\322\370\332\250\023
+\142\252\270\036\120\147\170\260\026\114\240\071\251\025\172\256
+\355\322\242\300\360\220\067\051\030\046\134\350\015\074\266\154
+\111\077\301\340\334\331\113\266\024\031\013\246\323\226\341\326
+\011\343\031\046\034\371\037\145\113\371\032\103\034\000\203\326
+\320\252\111\242\324\333\346\142\070\272\120\024\103\155\371\061
+\370\126\026\331\070\002\221\317\353\154\335\273\071\116\231\341
+\060\147\105\361\324\360\215\303\337\376\362\070\007\041\175\000
+\136\126\104\263\344\140\275\221\053\234\253\133\004\162\017\262
+\050\331\162\253\005\040\102\045\251\133\003\152\040\020\314\061
+\360\053\332\065\054\320\373\232\227\116\360\202\113\053\330\137
+\066\243\013\055\257\143\015\035\045\177\241\156\134\142\241\215
+\050\076\241\374\034\040\370\001\057\272\125\232\021\260\031\322
+\310\120\171\153\016\152\005\327\252\004\066\262\243\362\341\137
+\167\247\167\234\345\036\334\351\337\152\301\145\135\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\207\214\040\225\310\230\112\321\326\200\006\112\220\064
+\104\337\034\115\277\260\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\001\001\000\201\216\262\245\146\226
+\267\041\245\266\357\157\043\132\137\333\201\305\102\245\170\301
+\151\375\364\074\327\371\134\153\160\162\032\374\132\227\115\000
+\200\210\210\202\212\303\161\015\216\305\211\233\054\355\215\013
+\322\162\124\365\175\324\134\103\127\351\363\256\245\002\021\366
+\166\053\201\127\335\175\332\164\060\375\124\107\366\340\026\156
+\246\264\012\110\346\347\165\007\017\051\031\071\316\171\364\266
+\154\305\137\231\325\037\113\372\337\155\054\074\015\124\200\160
+\360\210\013\200\317\306\150\242\270\035\160\331\166\214\374\356
+\245\311\317\255\035\317\231\045\127\132\142\105\313\026\153\275
+\111\315\245\243\214\151\171\045\256\270\114\154\213\100\146\113
+\026\077\317\002\032\335\341\154\153\007\141\152\166\025\051\231
+\177\033\335\210\200\301\277\265\217\163\305\246\226\043\204\246
+\050\206\044\063\152\001\056\127\163\045\266\136\277\217\346\035
+\141\250\100\051\147\035\207\233\035\177\233\237\231\315\061\326
+\124\276\142\273\071\254\150\022\110\221\040\245\313\261\335\376
+\157\374\132\344\202\125\131\257\061\251
+END
+
+# Trust for "Symantec Class 2 Public Primary Certification Authority - G6"
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
+# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G6"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\100\263\061\240\351\277\350\125\274\071\223\312\160\117\116\302
+\121\324\035\217
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\175\013\203\345\373\174\255\007\117\040\251\265\337\143\355\171
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\144\202\236\374\067\036\164\135\374\227\377\227\310\261
+\377\101
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
+#
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
+# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G4"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\041\156\063\245\313\323\210\244\157\051\007\264\047\074
+\304\330
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\250\060\202\002\055\240\003\002\001\002\002\020\041
+\156\063\245\313\323\210\244\157\051\007\264\047\074\304\330\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\224\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\035\060\033\006
+\003\125\004\012\023\024\123\171\155\141\156\164\145\143\040\103
+\157\162\160\157\162\141\164\151\157\156\061\037\060\035\006\003
+\125\004\013\023\026\123\171\155\141\156\164\145\143\040\124\162
+\165\163\164\040\116\145\164\167\157\162\153\061\105\060\103\006
+\003\125\004\003\023\074\123\171\155\141\156\164\145\143\040\103
+\154\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162
+\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\064\060\036\027\015\061\061\061\060\060\065\060\060\060\060
+\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
+\071\132\060\201\224\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\035\060\033\006\003\125\004\012\023\024\123\171\155
+\141\156\164\145\143\040\103\157\162\160\157\162\141\164\151\157
+\156\061\037\060\035\006\003\125\004\013\023\026\123\171\155\141
+\156\164\145\143\040\124\162\165\163\164\040\116\145\164\167\157
+\162\153\061\105\060\103\006\003\125\004\003\023\074\123\171\155
+\141\156\164\145\143\040\103\154\141\163\163\040\061\040\120\165
+\142\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\055\040\107\064\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\327\146\265\033\333\256\263\140\356\106\352\210\143\165\073
+\052\224\155\363\137\022\366\343\017\236\266\012\024\123\110\122
+\310\334\072\263\313\110\040\046\022\116\372\211\204\324\337\221
+\344\051\175\050\001\331\333\030\103\151\241\037\265\323\206\026
+\334\307\177\147\043\337\337\061\061\203\003\065\160\261\113\267
+\310\027\273\121\313\334\224\027\333\352\011\073\166\022\336\252
+\265\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\145\300\215\045\365\014\272\227\167\220\077\236\056\340\132
+\365\316\325\341\344\060\012\006\010\052\206\110\316\075\004\003
+\003\003\151\000\060\146\002\061\000\245\256\343\106\123\370\230
+\066\343\042\372\056\050\111\015\356\060\176\063\363\354\077\161
+\136\314\125\211\170\231\254\262\375\334\034\134\063\216\051\271
+\153\027\310\021\150\265\334\203\007\002\061\000\234\310\104\332
+\151\302\066\303\124\031\020\205\002\332\235\107\357\101\347\154
+\046\235\011\075\367\155\220\321\005\104\057\260\274\203\223\150
+\362\014\105\111\071\277\231\004\034\323\020\240
+END
+
+# Trust for "Symantec Class 1 Public Primary Certification Authority - G4"
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
+# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G4"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\204\362\343\335\203\023\076\251\035\031\122\177\002\327\051\277
+\301\137\346\147
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\004\345\200\077\125\377\131\207\244\062\322\025\245\345\252\346
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\041\156\063\245\313\323\210\244\157\051\007\264\047\074
+\304\330
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
+#
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
+# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G4"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
+\246\036
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\250\060\202\002\055\240\003\002\001\002\002\020\064
+\027\145\022\100\073\267\126\200\055\200\313\171\125\246\036\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\224\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\035\060\033\006
+\003\125\004\012\023\024\123\171\155\141\156\164\145\143\040\103
+\157\162\160\157\162\141\164\151\157\156\061\037\060\035\006\003
+\125\004\013\023\026\123\171\155\141\156\164\145\143\040\124\162
+\165\163\164\040\116\145\164\167\157\162\153\061\105\060\103\006
+\003\125\004\003\023\074\123\171\155\141\156\164\145\143\040\103
+\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162
+\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\064\060\036\027\015\061\061\061\060\060\065\060\060\060\060
+\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
+\071\132\060\201\224\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\035\060\033\006\003\125\004\012\023\024\123\171\155
+\141\156\164\145\143\040\103\157\162\160\157\162\141\164\151\157
+\156\061\037\060\035\006\003\125\004\013\023\026\123\171\155\141
+\156\164\145\143\040\124\162\165\163\164\040\116\145\164\167\157
+\162\153\061\105\060\103\006\003\125\004\003\023\074\123\171\155
+\141\156\164\145\143\040\103\154\141\163\163\040\062\040\120\165
+\142\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\055\040\107\064\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\321\331\112\216\114\015\204\112\121\272\174\357\323\314\372
+\072\232\265\247\143\023\075\001\340\111\076\372\301\107\311\222
+\263\072\327\376\157\234\367\232\072\017\365\016\012\012\303\077
+\310\347\022\024\216\325\325\155\230\054\263\161\062\012\353\052
+\275\366\327\152\040\013\147\105\234\322\262\277\123\042\146\011
+\135\333\021\363\361\005\063\130\243\342\270\317\174\315\202\233
+\275\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\075\062\363\072\251\014\220\204\371\242\214\151\006\141\124
+\057\207\162\376\005\060\012\006\010\052\206\110\316\075\004\003
+\003\003\151\000\060\146\002\061\000\310\246\251\257\101\177\265
+\311\021\102\026\150\151\114\134\270\047\030\266\230\361\300\177
+\220\155\207\323\214\106\027\360\076\117\374\352\260\010\304\172
+\113\274\010\057\307\342\247\157\145\002\061\000\326\131\336\206
+\316\137\016\312\124\325\306\320\025\016\374\213\224\162\324\216
+\000\130\123\317\176\261\113\015\345\120\206\353\236\153\337\377
+\051\246\330\107\331\240\226\030\333\362\105\263
+END
+
+# Trust for "Symantec Class 2 Public Primary Certification Authority - G4"
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
+# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G4"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\147\044\220\056\110\001\260\042\226\100\020\106\264\261\147\054
+\251\165\375\053
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\160\325\060\361\332\224\227\324\327\164\337\276\355\150\336\226
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
+\246\036
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "D-TRUST Root CA 3 2013"
+#
+# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Serial Number: 1039788 (0xfddac)
+# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Not Valid Before: Fri Sep 20 08:25:51 2013
+# Not Valid After : Wed Sep 20 08:25:51 2028
+# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
+# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\017\335\254
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\016\060\202\002\366\240\003\002\001\002\002\003\017
+\335\254\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165
+\163\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003
+\014\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103
+\101\040\063\040\062\060\061\063\060\036\027\015\061\063\060\071
+\062\060\060\070\062\065\065\061\132\027\015\062\070\060\071\062
+\060\060\070\062\065\065\061\132\060\105\061\013\060\011\006\003
+\125\004\006\023\002\104\105\061\025\060\023\006\003\125\004\012
+\014\014\104\055\124\162\165\163\164\040\107\155\142\110\061\037
+\060\035\006\003\125\004\003\014\026\104\055\124\122\125\123\124
+\040\122\157\157\164\040\103\101\040\063\040\062\060\061\063\060
+\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
+\304\173\102\222\202\037\354\355\124\230\216\022\300\312\011\337
+\223\156\072\223\134\033\344\020\167\236\116\151\210\154\366\341
+\151\362\366\233\242\141\261\275\007\040\164\230\145\361\214\046
+\010\315\250\065\312\200\066\321\143\155\350\104\172\202\303\154
+\136\336\273\350\066\322\304\150\066\214\237\062\275\204\042\340
+\334\302\356\020\106\071\155\257\223\071\256\207\346\303\274\011
+\311\054\153\147\133\331\233\166\165\114\013\340\273\305\327\274
+\076\171\362\137\276\321\220\127\371\256\366\146\137\061\277\323
+\155\217\247\272\112\363\043\145\273\267\357\243\045\327\012\352
+\130\266\357\210\372\372\171\262\122\130\325\360\254\214\241\121
+\164\051\225\252\121\073\220\062\003\237\034\162\164\220\336\075
+\355\141\322\345\343\375\144\107\345\271\267\112\251\367\037\256
+\226\206\004\254\057\343\244\201\167\267\132\026\377\330\017\077
+\366\267\170\314\244\257\372\133\074\022\133\250\122\211\162\357
+\210\363\325\104\201\206\225\043\237\173\335\274\331\064\357\174
+\224\074\252\300\101\302\343\235\120\032\300\344\031\042\374\263
+\002\003\001\000\001\243\202\001\005\060\202\001\001\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
+\006\003\125\035\016\004\026\004\024\077\220\310\175\307\025\157
+\363\044\217\251\303\057\113\242\017\041\262\057\347\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\276
+\006\003\125\035\037\004\201\266\060\201\263\060\164\240\162\240
+\160\206\156\154\144\141\160\072\057\057\144\151\162\145\143\164
+\157\162\171\056\144\055\164\162\165\163\164\056\156\145\164\057
+\103\116\075\104\055\124\122\125\123\124\045\062\060\122\157\157
+\164\045\062\060\103\101\045\062\060\063\045\062\060\062\060\061
+\063\054\117\075\104\055\124\162\165\163\164\045\062\060\107\155
+\142\110\054\103\075\104\105\077\143\145\162\164\151\146\151\143
+\141\164\145\162\145\166\157\143\141\164\151\157\156\154\151\163
+\164\060\073\240\071\240\067\206\065\150\164\164\160\072\057\057
+\143\162\154\056\144\055\164\162\165\163\164\056\156\145\164\057
+\143\162\154\057\144\055\164\162\165\163\164\137\162\157\157\164
+\137\143\141\137\063\137\062\060\061\063\056\143\162\154\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
+\001\000\016\131\016\130\344\164\110\043\104\317\064\041\265\234
+\024\032\255\232\113\267\263\210\155\134\251\027\160\360\052\237
+\215\173\371\173\205\372\307\071\350\020\010\260\065\053\137\317
+\002\322\323\234\310\013\036\356\005\124\256\067\223\004\011\175
+\154\217\302\164\274\370\034\224\276\061\001\100\055\363\044\040
+\267\204\125\054\134\310\365\164\112\020\031\213\243\307\355\065
+\326\011\110\323\016\300\272\071\250\260\106\002\260\333\306\210
+\131\302\276\374\173\261\053\317\176\142\207\125\226\314\001\157
+\233\147\041\225\065\213\370\020\374\161\033\267\113\067\151\246
+\073\326\354\213\356\301\260\363\045\311\217\222\175\241\352\303
+\312\104\277\046\245\164\222\234\343\164\353\235\164\331\313\115
+\207\330\374\264\151\154\213\240\103\007\140\170\227\351\331\223
+\174\302\106\274\233\067\122\243\355\212\074\023\251\173\123\113
+\111\232\021\005\054\013\156\126\254\037\056\202\154\340\151\147
+\265\016\155\055\331\344\300\025\361\077\372\030\162\341\025\155
+\047\133\055\060\050\053\237\110\232\144\053\231\357\362\165\111
+\137\134
+END
+
+# Trust for "D-TRUST Root CA 3 2013"
+# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Serial Number: 1039788 (0xfddac)
+# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Not Valid Before: Fri Sep 20 08:25:51 2013
+# Not Valid After : Wed Sep 20 08:25:51 2028
+# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
+# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\154\174\314\347\324\256\121\137\231\010\315\077\366\350\303\170
+\337\157\357\227
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\267\042\146\230\176\326\003\340\301\161\346\165\315\126\105\277
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\017\335\254
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+#
+# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 1 (0x1)
+# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Mon Nov 25 08:25:55 2013
+# Not Valid After : Sun Oct 25 08:25:55 2043
+# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
+# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\143\060\202\003\113\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145\040
+\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003\125
+\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154\151
+\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157\152
+\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165\162
+\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055\060
+\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145\162
+\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145
+\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060\064
+\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040\113
+\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040\123
+\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165\162
+\165\155\040\061\060\036\027\015\061\063\061\061\062\065\060\070
+\062\065\065\065\132\027\015\064\063\061\060\062\065\060\070\062
+\065\065\065\132\060\201\322\061\013\060\011\006\003\125\004\006
+\023\002\124\122\061\030\060\026\006\003\125\004\007\023\017\107
+\145\142\172\145\040\055\040\113\157\143\141\145\154\151\061\102
+\060\100\006\003\125\004\012\023\071\124\165\162\153\151\171\145
+\040\102\151\154\151\155\163\145\154\040\166\145\040\124\145\153
+\156\157\154\157\152\151\153\040\101\162\141\163\164\151\162\155
+\141\040\113\165\162\165\155\165\040\055\040\124\125\102\111\124
+\101\113\061\055\060\053\006\003\125\004\013\023\044\113\141\155
+\165\040\123\145\162\164\151\146\151\153\141\163\171\157\156\040
+\115\145\162\153\145\172\151\040\055\040\113\141\155\165\040\123
+\115\061\066\060\064\006\003\125\004\003\023\055\124\125\102\111
+\124\101\113\040\113\141\155\165\040\123\115\040\123\123\114\040
+\113\157\153\040\123\145\162\164\151\146\151\153\141\163\151\040
+\055\040\123\165\162\165\155\040\061\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\257\165\060\063\252\273
+\153\323\231\054\022\067\204\331\215\173\227\200\323\156\347\377
+\233\120\225\076\220\225\126\102\327\031\174\046\204\215\222\372
+\001\035\072\017\342\144\070\267\214\274\350\210\371\213\044\253
+\056\243\365\067\344\100\216\030\045\171\203\165\037\073\377\154
+\250\305\306\126\370\264\355\212\104\243\253\154\114\374\035\320
+\334\357\150\275\317\344\252\316\360\125\367\242\064\324\203\153
+\067\174\034\302\376\265\003\354\127\316\274\264\265\305\355\000
+\017\123\067\052\115\364\117\014\203\373\206\317\313\376\214\116
+\275\207\371\247\213\041\127\234\172\337\003\147\211\054\235\227
+\141\247\020\270\125\220\177\016\055\047\070\164\337\347\375\332
+\116\022\343\115\025\042\002\310\340\340\374\017\255\212\327\311
+\124\120\314\073\017\312\026\200\204\320\121\126\303\216\126\177
+\211\042\063\057\346\205\012\275\245\250\033\066\336\323\334\054
+\155\073\307\023\275\131\043\054\346\345\244\367\330\013\355\352
+\220\100\104\250\225\273\223\325\320\200\064\266\106\170\016\037
+\000\223\106\341\356\351\371\354\117\027\002\003\001\000\001\243
+\102\060\100\060\035\006\003\125\035\016\004\026\004\024\145\077
+\307\212\206\306\074\335\074\124\134\065\370\072\355\122\014\107
+\127\310\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\052\077\341\361\062\216\256\341\230
+\134\113\136\317\153\036\152\011\322\042\251\022\307\136\127\175
+\163\126\144\200\204\172\223\344\011\271\020\315\237\052\047\341
+\000\167\276\110\310\065\250\201\237\344\270\054\311\177\016\260
+\322\113\067\135\352\271\325\013\136\064\275\364\163\051\303\355
+\046\025\234\176\010\123\212\130\215\320\113\050\337\301\263\337
+\040\363\371\343\343\072\337\314\234\224\330\116\117\303\153\027
+\267\367\162\350\255\146\063\265\045\123\253\340\370\114\251\235
+\375\362\015\272\256\271\331\252\306\153\371\223\273\256\253\270
+\227\074\003\032\272\103\306\226\271\105\162\070\263\247\241\226
+\075\221\173\176\300\041\123\114\207\355\362\013\124\225\121\223
+\325\042\245\015\212\361\223\016\076\124\016\260\330\311\116\334
+\362\061\062\126\352\144\371\352\265\235\026\146\102\162\363\177
+\323\261\061\103\374\244\216\027\361\155\043\253\224\146\370\255
+\373\017\010\156\046\055\177\027\007\011\262\214\373\120\300\237
+\226\215\317\266\375\000\235\132\024\232\277\002\104\365\301\302
+\237\042\136\242\017\241\343
+END
+
+# Trust for "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 1 (0x1)
+# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Mon Nov 25 08:25:55 2013
+# Not Valid After : Sun Oct 25 08:25:55 2043
+# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
+# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\061\103\144\233\354\316\047\354\355\072\077\013\217\015\344\350
+\221\335\356\312
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\334\000\201\334\151\057\076\057\260\073\366\075\132\221\216\111
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
diff --git a/security/nss/lib/ckfw/builtins/ckbiver.c b/security/nss/lib/ckfw/builtins/ckbiver.c
new file mode 100644
index 000000000..208066ca3
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/ckbiver.c
@@ -0,0 +1,18 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Library identity and versioning */
+
+#include "nssckbi.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_builtins_version[] = "Version: NSS Builtin Trusted Root CAs " NSS_BUILTINS_LIBRARY_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/ckfw/builtins/config.mk b/security/nss/lib/ckfw/builtins/config.mk
new file mode 100644
index 000000000..6bd62f155
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/config.mk
@@ -0,0 +1,38 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only shared libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(SHARED_LIBRARY)
+LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+ SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+ RES = $(OBJDIR)/$(LIBRARY_NAME).res
+ RESNAME = $(LIBRARY_NAME).rc
+endif
+
+ifdef BUILD_IDG
+ DEFINES += -DNSSDEBUG
+endif
+
+# Needed for compilation of $(OBJDIR)/certdata.c
+INCLUDES += -I.
+
+#
+# To create a loadable module on Darwin, we must use -bundle.
+#
+ifeq ($(OS_TARGET),Darwin)
+DSO_LDOPTS = -bundle
+endif
+
+ifdef USE_GCOV
+DSO_LDOPTS += --coverage
+endif
diff --git a/security/nss/lib/ckfw/builtins/constants.c b/security/nss/lib/ckfw/builtins/constants.c
new file mode 100644
index 000000000..f5d267b3d
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/constants.c
@@ -0,0 +1,64 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * builtins/constants.c
+ *
+ * Identification and other constants, all collected here in one place.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKBI_H
+#include "nssckbi.h"
+#endif /* NSSCKBI_H */
+
+const CK_VERSION
+ nss_builtins_CryptokiVersion = {
+ NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR,
+ NSS_BUILTINS_CRYPTOKI_VERSION_MINOR
+ };
+
+const CK_VERSION
+ nss_builtins_LibraryVersion = {
+ NSS_BUILTINS_LIBRARY_VERSION_MAJOR,
+ NSS_BUILTINS_LIBRARY_VERSION_MINOR
+ };
+
+const CK_VERSION
+ nss_builtins_HardwareVersion = {
+ NSS_BUILTINS_HARDWARE_VERSION_MAJOR,
+ NSS_BUILTINS_HARDWARE_VERSION_MINOR
+ };
+
+const CK_VERSION
+ nss_builtins_FirmwareVersion = {
+ NSS_BUILTINS_FIRMWARE_VERSION_MAJOR,
+ NSS_BUILTINS_FIRMWARE_VERSION_MINOR
+ };
+
+const NSSUTF8
+ nss_builtins_ManufacturerID[] = { "Mozilla Foundation" };
+
+const NSSUTF8
+ nss_builtins_LibraryDescription[] = { "NSS Builtin Object Cryptoki Module" };
+
+const NSSUTF8
+ nss_builtins_SlotDescription[] = { "NSS Builtin Objects" };
+
+const NSSUTF8
+ nss_builtins_TokenLabel[] = { "Builtin Object Token" };
+
+const NSSUTF8
+ nss_builtins_TokenModel[] = { "1" };
+
+/* should this be e.g. the certdata.txt RCS revision number? */
+const NSSUTF8
+ nss_builtins_TokenSerialNumber[] = { "1" };
diff --git a/security/nss/lib/ckfw/builtins/exports.gyp b/security/nss/lib/ckfw/builtins/exports.gyp
new file mode 100644
index 000000000..6a5c38fb8
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/exports.gyp
@@ -0,0 +1,25 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_ckfw_builtins_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'nssckbi.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/ckfw/builtins/manifest.mn b/security/nss/lib/ckfw/builtins/manifest.mn
new file mode 100644
index 000000000..7ac64bf0d
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/manifest.mn
@@ -0,0 +1,30 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../../..
+
+MODULE = nss
+MAPFILE = $(OBJDIR)/nssckbi.def
+
+EXPORTS = \
+ nssckbi.h \
+ $(NULL)
+
+CSRCS = \
+ anchor.c \
+ constants.c \
+ bfind.c \
+ binst.c \
+ bobject.c \
+ bsession.c \
+ bslot.c \
+ btoken.c \
+ certdata.c \
+ ckbiver.c \
+ $(NULL)
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nssckbi
diff --git a/security/nss/lib/ckfw/builtins/nssckbi.def b/security/nss/lib/ckfw/builtins/nssckbi.def
new file mode 100644
index 000000000..8692d4cb6
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/nssckbi.def
@@ -0,0 +1,26 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSS_3.1 { # NSS 3.1 release
+;+ global:
+LIBRARY nssckbi ;-
+EXPORTS ;-
+C_GetFunctionList;
+;+ local:
+;+*;
+;+};
diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h
new file mode 100644
index 000000000..6e7aa2b61
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/nssckbi.h
@@ -0,0 +1,61 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSCKBI_H
+#define NSSCKBI_H
+
+/*
+ * NSS BUILTINS Version numbers.
+ *
+ * These are the version numbers for the builtins module packaged with
+ * this release on NSS. To determine the version numbers of the builtin
+ * module you are using, use the appropriate PKCS #11 calls.
+ *
+ * These version numbers detail changes to the PKCS #11 interface. They map
+ * to the PKCS #11 spec versions.
+ */
+#define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2
+#define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 20
+
+/* These version numbers detail the changes
+ * to the list of trusted certificates.
+ *
+ * The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped
+ * whenever we change the list of trusted certificates.
+ *
+ * Please use the following rules when increasing the version number:
+ *
+ * - starting with version 2.14, NSS_BUILTINS_LIBRARY_VERSION_MINOR
+ * must always be an EVEN number (e.g. 16, 18, 20 etc.)
+ *
+ * - whenever possible, if older branches require a modification to the
+ * list, these changes should be made on the main line of development (trunk),
+ * and the older branches should update to the most recent list.
+ *
+ * - ODD minor version numbers are reserved to indicate a snapshot that has
+ * deviated from the main line of development, e.g. if it was necessary
+ * to modify the list on a stable branch.
+ * Once the version has been changed to an odd number (e.g. 2.13) on a branch,
+ * it should remain unchanged on that branch, even if further changes are
+ * made on that branch.
+ *
+ * NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
+ * whether we may use its full range (0-255) or only 0-99 because
+ * of the comment in the CK_VERSION type definition.
+ * It's recommend to switch back to 0 after having reached version 98/99.
+ */
+#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 14
+#define NSS_BUILTINS_LIBRARY_VERSION "2.14"
+
+/* These version numbers detail the semantic changes to the ckfw engine. */
+#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
+#define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0
+
+/* These version numbers detail the semantic changes to ckbi itself
+ * (new PKCS #11 objects), etc. */
+#define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1
+#define NSS_BUILTINS_FIRMWARE_VERSION_MINOR 0
+
+#endif /* NSSCKBI_H */
diff --git a/security/nss/lib/ckfw/builtins/nssckbi.rc b/security/nss/lib/ckfw/builtins/nssckbi.rc
new file mode 100644
index 000000000..315149beb
--- /dev/null
+++ b/security/nss/lib/ckfw/builtins/nssckbi.rc
@@ -0,0 +1,64 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssckbi.h"
+#include <winver.h>
+
+#define MY_LIBNAME "nssckbi"
+#define MY_FILEDESCRIPTION "NSS Builtin Trusted Root CAs"
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if NSS_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION NSS_BUILTINS_LIBRARY_VERSION_MAJOR,NSS_BUILTINS_LIBRARY_VERSION_MINOR,0,0
+ PRODUCTVERSION NSS_BUILTINS_LIBRARY_VERSION_MAJOR,NSS_BUILTINS_LIBRARY_VERSION_MINOR,0,0
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", NSS_BUILTINS_LIBRARY_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", NSS_BUILTINS_LIBRARY_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/ckfw/capi/Makefile b/security/nss/lib/ckfw/capi/Makefile
new file mode 100644
index 000000000..81780d2f3
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/Makefile
@@ -0,0 +1,75 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+
+EXTRA_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
+ $(NULL)
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+ifdef NS_USE_GCC
+EXTRA_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ -lcrypt32 \
+ -ladvapi32 \
+ -lrpcrt4 \
+ $(NULL)
+else
+EXTRA_SHARED_LIBS += \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ crypt32.lib \
+ advapi32.lib \
+ rpcrt4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+else
+
+EXTRA_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+endif
+
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+# Generate certdata.c.
+generate:
+ $(PERL) certdata.perl < certdata.txt
+
+# This'll need some help from a build person.
+
+
+ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
+DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
+EXTRA_DSO_LDOPTS = -lc
+MKSHLIB = xlC $(DSO_LDOPTS)
+
+$(SHARED_LIBRARY): $(OBJS)
+ @$(MAKE_OBJDIR)
+ rm -f $@
+ $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
+ chmod +x $@
+
+endif
+
+ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
+LD += -G
+endif
+
+
diff --git a/security/nss/lib/ckfw/capi/README b/security/nss/lib/ckfw/capi/README
new file mode 100644
index 000000000..9fc5720a9
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/README
@@ -0,0 +1,7 @@
+This Cryptoki module provides acces to certs and keys stored in
+Microsofts CAPI certificate store.
+
+It does not import or export CA Root trust from the CAPI.
+It does not import or export CRLs from the CAPI.
+It does not handle S/MIME objects (pkcs #7 in capi terms?).
+It does not yet handle it's own PIN. (CAPI does all the pin prompting).
diff --git a/security/nss/lib/ckfw/capi/anchor.c b/security/nss/lib/ckfw/capi/anchor.c
new file mode 100644
index 000000000..2d1523e4c
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/anchor.c
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * capi/canchor.c
+ *
+ * This file "anchors" the actual cryptoki entry points in this module's
+ * shared library, which is required for dynamic loading. See the
+ * comments in nssck.api for more information.
+ */
+
+#include "ckcapi.h"
+
+#define MODULE_NAME ckcapi
+#define INSTANCE_NAME (NSSCKMDInstance *)&nss_ckcapi_mdInstance
+#include "nssck.api"
diff --git a/security/nss/lib/ckfw/capi/cfind.c b/security/nss/lib/ckfw/capi/cfind.c
new file mode 100644
index 000000000..9ea7fca61
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/cfind.c
@@ -0,0 +1,562 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKCAPI_H
+#include "ckcapi.h"
+#endif /* CKCAPI_H */
+
+/*
+ * ckcapi/cfind.c
+ *
+ * This file implements the NSSCKMDFindObjects object for the
+ * "capi" cryptoki module.
+ */
+
+struct ckcapiFOStr {
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ ckcapiInternalObject **objs;
+};
+
+static void
+ckcapi_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+ PRUint32 i;
+
+ /* walk down an free the unused 'objs' */
+ for (i = fo->i; i < fo->n; i++) {
+ nss_ckcapi_DestroyInternalObject(fo->objs[i]);
+ }
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+
+ return;
+}
+
+static NSSCKMDObject *
+ckcapi_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
+ ckcapiInternalObject *io;
+
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ io = fo->objs[fo->i];
+ fo->i++;
+
+ return nss_ckcapi_CreateMDObject(arena, io, pError);
+}
+
+static CK_BBOOL
+ckcapi_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ ckcapiInternalObject *o)
+{
+ PRBool prb;
+ const NSSItem *b;
+
+ b = nss_ckcapi_FetchAttribute(o, a->type);
+ if (b == NULL) {
+ return CK_FALSE;
+ }
+
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ unsigned int len;
+ unsigned char *data;
+
+ data = nss_ckcapi_DERUnwrap(b->data, b->size, &len, NULL);
+ if ((len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
+ }
+
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ } else {
+ return CK_FALSE;
+ }
+}
+
+static CK_BBOOL
+ckcapi_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject *o)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CK_FALSE == ckcapi_attrmatch(&pTemplate[i], o)) {
+ return CK_FALSE;
+ }
+ }
+
+ /* Every attribute passed */
+ return CK_TRUE;
+}
+
+#define CKAPI_ITEM_CHUNK 20
+
+#define PUT_Object(obj, err) \
+ { \
+ if (count >= size) { \
+ *listp = *listp ? nss_ZREALLOCARRAY(*listp, ckcapiInternalObject *, \
+ (size + \
+ CKAPI_ITEM_CHUNK)) \
+ : nss_ZNEWARRAY(NULL, ckcapiInternalObject *, \
+ (size + \
+ CKAPI_ITEM_CHUNK)); \
+ if ((ckcapiInternalObject **)NULL == *listp) { \
+ err = CKR_HOST_MEMORY; \
+ goto loser; \
+ } \
+ size += CKAPI_ITEM_CHUNK; \
+ } \
+ (*listp)[count] = (obj); \
+ count++; \
+ }
+
+/*
+ * pass parameters back through the callback.
+ */
+typedef struct BareCollectParamsStr {
+ CK_OBJECT_CLASS objClass;
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulAttributeCount;
+ ckcapiInternalObject ***listp;
+ PRUint32 size;
+ PRUint32 count;
+} BareCollectParams;
+
+/* collect_bare's callback. Called for each object that
+ * supposedly has a PROVINDER_INFO property */
+static BOOL WINAPI
+doBareCollect(
+ const CRYPT_HASH_BLOB *msKeyID,
+ DWORD flags,
+ void *reserved,
+ void *args,
+ DWORD cProp,
+ DWORD *propID,
+ void **propData,
+ DWORD *propSize)
+{
+ BareCollectParams *bcp = (BareCollectParams *)args;
+ PRUint32 size = bcp->size;
+ PRUint32 count = bcp->count;
+ ckcapiInternalObject ***listp = bcp->listp;
+ ckcapiInternalObject *io = NULL;
+ DWORD i;
+ CRYPT_KEY_PROV_INFO *keyProvInfo = NULL;
+ void *idData;
+ CK_RV error;
+
+ /* make sure there is a Key Provider Info property */
+ for (i = 0; i < cProp; i++) {
+ if (CERT_KEY_PROV_INFO_PROP_ID == propID[i]) {
+ keyProvInfo = (CRYPT_KEY_PROV_INFO *)propData[i];
+ break;
+ }
+ }
+ if ((CRYPT_KEY_PROV_INFO *)NULL == keyProvInfo) {
+ return 1;
+ }
+
+ /* copy the key ID */
+ idData = nss_ZNEWARRAY(NULL, char, msKeyID->cbData);
+ if ((void *)NULL == idData) {
+ goto loser;
+ }
+ nsslibc_memcpy(idData, msKeyID->pbData, msKeyID->cbData);
+
+ /* build a bare internal object */
+ io = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == io) {
+ goto loser;
+ }
+ io->type = ckcapiBareKey;
+ io->objClass = bcp->objClass;
+ io->u.key.provInfo = *keyProvInfo;
+ io->u.key.provInfo.pwszContainerName =
+ nss_ckcapi_WideDup(keyProvInfo->pwszContainerName);
+ io->u.key.provInfo.pwszProvName =
+ nss_ckcapi_WideDup(keyProvInfo->pwszProvName);
+ io->u.key.provName = nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
+ io->u.key.containerName =
+ nss_ckcapi_WideToUTF8(keyProvInfo->pwszContainerName);
+ io->u.key.hProv = 0;
+ io->idData = idData;
+ io->id.data = idData;
+ io->id.size = msKeyID->cbData;
+ idData = NULL;
+
+ /* see if it matches */
+ if (CK_FALSE == ckcapi_match(bcp->pTemplate, bcp->ulAttributeCount, io)) {
+ goto loser;
+ }
+ PUT_Object(io, error);
+ bcp->size = size;
+ bcp->count = count;
+ return 1;
+
+loser:
+ if (io) {
+ nss_ckcapi_DestroyInternalObject(io);
+ }
+ nss_ZFreeIf(idData);
+ return 1;
+}
+
+/*
+ * collect the bare keys running around
+ */
+static PRUint32
+collect_bare(
+ CK_OBJECT_CLASS objClass,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
+{
+ BOOL rc;
+ BareCollectParams bareCollectParams;
+
+ bareCollectParams.objClass = objClass;
+ bareCollectParams.pTemplate = pTemplate;
+ bareCollectParams.ulAttributeCount = ulAttributeCount;
+ bareCollectParams.listp = listp;
+ bareCollectParams.size = *sizep;
+ bareCollectParams.count = count;
+
+ rc = CryptEnumKeyIdentifierProperties(NULL, CERT_KEY_PROV_INFO_PROP_ID, 0,
+ NULL, NULL, &bareCollectParams, doBareCollect);
+
+ *sizep = bareCollectParams.size;
+ return bareCollectParams.count;
+}
+
+/* find all the certs that represent the appropriate object (cert, priv key, or
+ * pub key) in the cert store.
+ */
+static PRUint32
+collect_class(
+ CK_OBJECT_CLASS objClass,
+ LPCSTR storeStr,
+ PRBool hasID,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
+{
+ PRUint32 size = *sizep;
+ ckcapiInternalObject *next = NULL;
+ HCERTSTORE hStore;
+ PCCERT_CONTEXT certContext = NULL;
+ PRBool isKey =
+ (objClass == CKO_PUBLIC_KEY) | (objClass == CKO_PRIVATE_KEY);
+
+ hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
+ if (NULL == hStore) {
+ return count; /* none found does not imply an error */
+ }
+
+ /* FUTURE: use CertFindCertificateInStore to filter better -- so we don't
+ * have to enumerate all the certificates */
+ while ((PCERT_CONTEXT)NULL !=
+ (certContext = CertEnumCertificatesInStore(hStore, certContext))) {
+ /* first filter out non user certs if we are looking for keys */
+ if (isKey) {
+ /* make sure there is a Key Provider Info property */
+ CRYPT_KEY_PROV_INFO *keyProvInfo;
+ DWORD size = 0;
+ BOOL rv;
+ rv = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_PROV_INFO_PROP_ID, NULL, &size);
+ if (!rv) {
+ int reason = GetLastError();
+ /* we only care if it exists, we don't really need to fetch it yet */
+ if (reason == CRYPT_E_NOT_FOUND) {
+ continue;
+ }
+ }
+ /* filter out the non-microsoft providers */
+ keyProvInfo = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
+ if (keyProvInfo) {
+ rv = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_PROV_INFO_PROP_ID, keyProvInfo, &size);
+ if (rv) {
+ char *provName =
+ nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
+ nss_ZFreeIf(keyProvInfo);
+
+ if (provName &&
+ (strncmp(provName, "Microsoft", sizeof("Microsoft") -
+ 1) != 0)) {
+ continue;
+ }
+ } else {
+ int reason =
+ GetLastError();
+ /* we only care if it exists, we don't really need to fetch it yet */
+ nss_ZFreeIf(keyProvInfo);
+ if (reason ==
+ CRYPT_E_NOT_FOUND) {
+ continue;
+ }
+ }
+ }
+ }
+
+ if ((ckcapiInternalObject *)NULL == next) {
+ next = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == next) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+ next->type = ckcapiCert;
+ next->objClass = objClass;
+ next->u.cert.certContext = certContext;
+ next->u.cert.hasID = hasID;
+ next->u.cert.certStore = storeStr;
+ if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, next)) {
+ /* clear cached values that may be dependent on our old certContext */
+ memset(&next->u.cert, 0, sizeof(next->u.cert));
+ /* get a 'permanent' context */
+ next->u.cert.certContext = CertDuplicateCertificateContext(certContext);
+ next->objClass = objClass;
+ next->u.cert.certContext = certContext;
+ next->u.cert.hasID = hasID;
+ next->u.cert.certStore = storeStr;
+ PUT_Object(next, *pError);
+ next = NULL; /* need to allocate a new one now */
+ } else {
+ /* don't cache the values we just loaded */
+ memset(&next->u.cert, 0, sizeof(next->u.cert));
+ }
+ }
+loser:
+ CertCloseStore(hStore, 0);
+ nss_ZFreeIf(next);
+ *sizep = size;
+ return count;
+}
+
+NSS_IMPLEMENT PRUint32
+nss_ckcapi_collect_all_certs(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
+{
+ count = collect_class(CKO_CERTIFICATE, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ /*count = collect_class(CKO_CERTIFICATE, "AddressBook", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError); */
+ count = collect_class(CKO_CERTIFICATE, "CA", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "Root", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "Trust", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "TrustedPeople", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ count = collect_class(CKO_CERTIFICATE, "AuthRoot", PR_FALSE, pTemplate,
+ ulAttributeCount, listp, sizep, count, pError);
+ return count;
+}
+
+CK_OBJECT_CLASS
+ckcapi_GetObjectClass(CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (pTemplate[i].type == CKA_CLASS) {
+ return *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
+ }
+ }
+ /* need to return a value that says 'fetch them all' */
+ return CK_INVALID_HANDLE;
+}
+
+static PRUint32
+collect_objects(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ CK_RV *pError)
+{
+ PRUint32 i;
+ PRUint32 count = 0;
+ PRUint32 size = 0;
+ CK_OBJECT_CLASS objClass;
+
+ /*
+ * first handle the static build in objects (if any)
+ */
+ for (i = 0; i < nss_ckcapi_nObjects; i++) {
+ ckcapiInternalObject *o = (ckcapiInternalObject *)&nss_ckcapi_data[i];
+
+ if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, o)) {
+ PUT_Object(o, *pError);
+ }
+ }
+
+ /*
+ * now handle the various object types
+ */
+ objClass = ckcapi_GetObjectClass(pTemplate, ulAttributeCount);
+ *pError = CKR_OK;
+ switch (objClass) {
+ case CKO_CERTIFICATE:
+ count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PUBLIC_KEY:
+ count = collect_class(objClass, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PRIVATE_KEY:
+ count = collect_class(objClass, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ /* all of them */
+ case CK_INVALID_HANDLE:
+ count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PUBLIC_KEY, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(CKO_PUBLIC_KEY, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PRIVATE_KEY, "My", PR_TRUE, pTemplate,
+ ulAttributeCount, listp, &size, count, pError);
+ count = collect_bare(CKO_PRIVATE_KEY, pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ default:
+ goto done; /* no other object types we understand in this module */
+ }
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+done:
+ return count;
+loser:
+ nss_ZFreeIf(*listp);
+ return 0;
+}
+
+NSS_IMPLEMENT NSSCKMDFindObjects *
+nss_ckcapi_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct ckcapiFOStr *fo = (struct ckcapiFOStr *)NULL;
+ ckcapiInternalObject **temp = (ckcapiInternalObject **)NULL;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo = nss_ZNEW(arena, struct ckcapiFOStr);
+ if ((struct ckcapiFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+
+ rv->etc = (void *)fo;
+ rv->Final = ckcapi_mdFindObjects_Final;
+ rv->Next = ckcapi_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
+ if (*pError != CKR_OK) {
+ goto loser;
+ }
+
+ fo->objs = nss_ZNEWARRAY(arena, ckcapiInternalObject *, fo->n);
+ if ((ckcapiInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckcapiInternalObject *) * fo->n);
+ nss_ZFreeIf(temp);
+ temp = (ckcapiInternalObject **)NULL;
+
+ return rv;
+
+loser:
+ nss_ZFreeIf(temp);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}
diff --git a/security/nss/lib/ckfw/capi/cinst.c b/security/nss/lib/ckfw/capi/cinst.c
new file mode 100644
index 000000000..937c289a1
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/cinst.c
@@ -0,0 +1,97 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckcapi.h"
+
+/*
+ * ckcapi/cinstance.c
+ *
+ * This file implements the NSSCKMDInstance object for the
+ * "capi" cryptoki module.
+ */
+
+/*
+ * NSSCKMDInstance methods
+ */
+
+static CK_ULONG
+ckcapi_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (CK_ULONG)1;
+}
+
+static CK_VERSION
+ckcapi_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckcapi_CryptokiVersion;
+}
+
+static NSSUTF8 *
+ckcapi_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
+}
+
+static NSSUTF8 *
+ckcapi_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_LibraryDescription;
+}
+
+static CK_VERSION
+ckcapi_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckcapi_LibraryVersion;
+}
+
+static CK_RV
+ckcapi_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
+{
+ slots[0] = (NSSCKMDSlot *)&nss_ckcapi_mdSlot;
+ return CKR_OK;
+}
+
+static CK_BBOOL
+ckcapi_mdInstance_ModuleHandlesSessionObjects(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ /* we don't want to allow any session object creation, at least
+ * until we can investigate whether or not we can use those objects
+ */
+ return CK_TRUE;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDInstance
+ nss_ckcapi_mdInstance = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Finalize */
+ ckcapi_mdInstance_GetNSlots,
+ ckcapi_mdInstance_GetCryptokiVersion,
+ ckcapi_mdInstance_GetManufacturerID,
+ ckcapi_mdInstance_GetLibraryDescription,
+ ckcapi_mdInstance_GetLibraryVersion,
+ ckcapi_mdInstance_ModuleHandlesSessionObjects,
+ /*NULL, /* HandleSessionObjects */
+ ckcapi_mdInstance_GetSlots,
+ NULL, /* WaitForSlotEvent */
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/capi/ckcapi.h b/security/nss/lib/ckfw/capi/ckcapi.h
new file mode 100644
index 000000000..2c4b12aac
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/ckcapi.h
@@ -0,0 +1,242 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKCAPI_H
+#define CKCAPI_H 1
+
+#include "nssckmdt.h"
+#include "nssckfw.h"
+
+/*
+ * I'm including this for access to the arena functions.
+ * Looks like we should publish that API.
+ */
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+/*
+ * This is where the Netscape extensions live, at least for now.
+ */
+#ifndef CKT_H
+#include "ckt.h"
+#endif /* CKT_H */
+
+#include "wtypes.h"
+#include "wincrypt.h"
+
+/*
+ * statically defined raw objects. Allows us to data description objects
+ * to this PKCS #11 module.
+ */
+struct ckcapiRawObjectStr {
+ CK_ULONG n;
+ const CK_ATTRIBUTE_TYPE *types;
+ const NSSItem *items;
+};
+typedef struct ckcapiRawObjectStr ckcapiRawObject;
+
+/*
+ * common values needed for both bare keys and cert referenced keys.
+ */
+struct ckcapiKeyParamsStr {
+ NSSItem modulus;
+ NSSItem exponent;
+ NSSItem privateExponent;
+ NSSItem prime1;
+ NSSItem prime2;
+ NSSItem exponent1;
+ NSSItem exponent2;
+ NSSItem coefficient;
+ unsigned char publicExponentData[sizeof(CK_ULONG)];
+ void *privateKey;
+ void *pubKey;
+};
+typedef struct ckcapiKeyParamsStr ckcapiKeyParams;
+
+/*
+ * Key objects. Handles bare keys which do not yet have certs associated
+ * with them. These are usually short lived, but may exist for several days
+ * while the CA is issuing the certificate.
+ */
+struct ckcapiKeyObjectStr {
+ CRYPT_KEY_PROV_INFO provInfo;
+ char *provName;
+ char *containerName;
+ HCRYPTPROV hProv;
+ ckcapiKeyParams key;
+};
+typedef struct ckcapiKeyObjectStr ckcapiKeyObject;
+
+/*
+ * Certificate and certificate referenced keys.
+ */
+struct ckcapiCertObjectStr {
+ PCCERT_CONTEXT certContext;
+ PRBool hasID;
+ const char *certStore;
+ NSSItem label;
+ NSSItem subject;
+ NSSItem issuer;
+ NSSItem serial;
+ NSSItem derCert;
+ ckcapiKeyParams key;
+ unsigned char *labelData;
+ /* static data: to do, make this dynamic like labelData */
+ unsigned char derSerial[128];
+};
+typedef struct ckcapiCertObjectStr ckcapiCertObject;
+
+typedef enum {
+ ckcapiRaw,
+ ckcapiCert,
+ ckcapiBareKey
+} ckcapiObjectType;
+
+/*
+ * all the various types of objects are abstracted away in cobject and
+ * cfind as ckcapiInternalObjects.
+ */
+struct ckcapiInternalObjectStr {
+ ckcapiObjectType type;
+ union {
+ ckcapiRawObject raw;
+ ckcapiCertObject cert;
+ ckcapiKeyObject key;
+ } u;
+ CK_OBJECT_CLASS objClass;
+ NSSItem hashKey;
+ NSSItem id;
+ void *idData;
+ unsigned char hashKeyData[128];
+ NSSCKMDObject mdObject;
+};
+typedef struct ckcapiInternalObjectStr ckcapiInternalObject;
+
+/* our raw object data array */
+NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
+NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;
+
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_ManufacturerID;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_LibraryDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_SlotDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
+NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenLabel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenModel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenSerialNumber;
+
+NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
+NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
+NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
+NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;
+
+NSS_EXTERN NSSCKMDSession *
+nss_ckcapi_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDFindObjects *
+nss_ckcapi_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * Object Utilities
+ */
+NSS_EXTERN NSSCKMDObject *
+nss_ckcapi_CreateMDObject(
+ NSSArena *arena,
+ ckcapiInternalObject *io,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDObject *
+nss_ckcapi_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+NSS_EXTERN const NSSItem *
+nss_ckcapi_FetchAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type);
+
+NSS_EXTERN void
+nss_ckcapi_DestroyInternalObject(
+ ckcapiInternalObject *io);
+
+NSS_EXTERN CK_RV
+nss_ckcapi_FetchKeyContainer(
+ ckcapiInternalObject *iKey,
+ HCRYPTPROV *hProv,
+ DWORD *keySpec,
+ HCRYPTKEY *hKey);
+
+/*
+ * generic utilities
+ */
+
+/*
+ * So everyone else in the worlds stores their bignum data MSB first, but not
+ * Microsoft, we need to byte swap everything coming into and out of CAPI.
+ */
+void
+ckcapi_ReverseData(
+ NSSItem *item);
+
+/*
+ * unwrap a single DER value
+ */
+unsigned char *
+nss_ckcapi_DERUnwrap(
+ unsigned char *src,
+ unsigned int size,
+ unsigned int *outSize,
+ unsigned char **next);
+
+/*
+ * Return the size in bytes of a wide string
+ */
+int
+nss_ckcapi_WideSize(
+ LPCWSTR wide);
+
+/*
+ * Covert a Unicode wide character string to a UTF8 string
+ */
+char *
+nss_ckcapi_WideToUTF8(
+ LPCWSTR wide);
+
+/*
+ * Return a Wide String duplicated with nss allocated memory.
+ */
+LPWSTR
+nss_ckcapi_WideDup(
+ LPCWSTR wide);
+
+/*
+ * Covert a UTF8 string to Unicode wide character
+ */
+LPWSTR
+nss_ckcapi_UTF8ToWide(
+ char *buf);
+
+NSS_EXTERN PRUint32
+nss_ckcapi_collect_all_certs(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckcapiInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError);
+
+#define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0])))
+
+#endif
diff --git a/security/nss/lib/ckfw/capi/ckcapiver.c b/security/nss/lib/ckfw/capi/ckcapiver.c
new file mode 100644
index 000000000..825b63074
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/ckcapiver.c
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* Library identity and versioning */
+
+#include "nsscapi.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_ckcapi_version[] = "Version: NSS Access to Microsoft Certificate Store " NSS_CKCAPI_LIBRARY_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/ckfw/capi/cobject.c b/security/nss/lib/ckfw/capi/cobject.c
new file mode 100644
index 000000000..c4b77d27a
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/cobject.c
@@ -0,0 +1,2226 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckcapi.h"
+#include "nssbase.h"
+
+/*
+ * ckcapi/cobject.c
+ *
+ * This file implements the NSSCKMDObject object for the
+ * "nss to capi objects" cryptoki module.
+ */
+
+const CK_ATTRIBUTE_TYPE certAttrs[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_PRIVATE,
+ CKA_MODIFIABLE,
+ CKA_LABEL,
+ CKA_CERTIFICATE_TYPE,
+ CKA_SUBJECT,
+ CKA_ISSUER,
+ CKA_SERIAL_NUMBER,
+ CKA_VALUE
+};
+const PRUint32 certAttrsCount = NSS_CKCAPI_ARRAY_SIZE(certAttrs);
+
+/* private keys, for now only support RSA */
+const CK_ATTRIBUTE_TYPE privKeyAttrs[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_PRIVATE,
+ CKA_MODIFIABLE,
+ CKA_LABEL,
+ CKA_KEY_TYPE,
+ CKA_DERIVE,
+ CKA_LOCAL,
+ CKA_SUBJECT,
+ CKA_SENSITIVE,
+ CKA_DECRYPT,
+ CKA_SIGN,
+ CKA_SIGN_RECOVER,
+ CKA_UNWRAP,
+ CKA_EXTRACTABLE,
+ CKA_ALWAYS_SENSITIVE,
+ CKA_NEVER_EXTRACTABLE,
+ CKA_MODULUS,
+ CKA_PUBLIC_EXPONENT,
+};
+const PRUint32 privKeyAttrsCount = NSS_CKCAPI_ARRAY_SIZE(privKeyAttrs);
+
+/* public keys, for now only support RSA */
+const CK_ATTRIBUTE_TYPE pubKeyAttrs[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_PRIVATE,
+ CKA_MODIFIABLE,
+ CKA_LABEL,
+ CKA_KEY_TYPE,
+ CKA_DERIVE,
+ CKA_LOCAL,
+ CKA_SUBJECT,
+ CKA_ENCRYPT,
+ CKA_VERIFY,
+ CKA_VERIFY_RECOVER,
+ CKA_WRAP,
+ CKA_MODULUS,
+ CKA_PUBLIC_EXPONENT,
+};
+const PRUint32 pubKeyAttrsCount = NSS_CKCAPI_ARRAY_SIZE(pubKeyAttrs);
+static const CK_BBOOL ck_true = CK_TRUE;
+static const CK_BBOOL ck_false = CK_FALSE;
+static const CK_CERTIFICATE_TYPE ckc_x509 = CKC_X_509;
+static const CK_KEY_TYPE ckk_rsa = CKK_RSA;
+static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
+static const CK_OBJECT_CLASS cko_private_key = CKO_PRIVATE_KEY;
+static const CK_OBJECT_CLASS cko_public_key = CKO_PUBLIC_KEY;
+static const NSSItem ckcapi_trueItem = {
+ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckcapi_falseItem = {
+ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckcapi_x509Item = {
+ (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE)
+};
+static const NSSItem ckcapi_rsaItem = {
+ (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE)
+};
+static const NSSItem ckcapi_certClassItem = {
+ (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckcapi_privKeyClassItem = {
+ (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckcapi_pubKeyClassItem = {
+ (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckcapi_emptyItem = {
+ (void *)&ck_true, 0
+};
+
+/*
+ * these are utilities. The chould be moved to a new utilities file.
+ */
+
+/*
+ * unwrap a single DER value
+ */
+unsigned char *
+nss_ckcapi_DERUnwrap(
+ unsigned char *src,
+ unsigned int size,
+ unsigned int *outSize,
+ unsigned char **next)
+{
+ unsigned char *start = src;
+ unsigned char *end = src + size;
+ unsigned int len = 0;
+
+ /* initialize error condition return values */
+ *outSize = 0;
+ if (next) {
+ *next = src;
+ }
+
+ if (size < 2) {
+ return start;
+ }
+ src++; /* skip the tag -- should check it against an expected value! */
+ len = (unsigned)*src++;
+ if (len & 0x80) {
+ unsigned int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return start;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | (unsigned)*src++;
+ }
+ }
+ if (len + (src - start) > size) {
+ return start;
+ }
+ if (next) {
+ *next = src + len;
+ }
+ *outSize = len;
+
+ return src;
+}
+
+/*
+ * convert a PKCS #11 bytestrin into a CK_ULONG, the byte stream must be
+ * less than sizeof (CK_ULONG).
+ */
+CK_ULONG
+nss_ckcapi_DataToInt(
+ NSSItem *data,
+ CK_RV *pError)
+{
+ CK_ULONG value = 0;
+ unsigned long count = data->size;
+ unsigned char *dataPtr = data->data;
+ unsigned long size = 0;
+
+ *pError = CKR_OK;
+
+ while (count--) {
+ value = value << 8;
+ value = value + *dataPtr++;
+ if (size || value) {
+ size++;
+ }
+ }
+ if (size > sizeof(CK_ULONG)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ return value;
+}
+
+/*
+ * convert a CK_ULONG to a bytestream. Data is stored in the buffer 'buf'
+ * and must be at least CK_ULONG. Caller must provide buf.
+ */
+CK_ULONG
+nss_ckcapi_IntToData(
+ CK_ULONG value,
+ NSSItem *data,
+ unsigned char *dataPtr,
+ CK_RV *pError)
+{
+ unsigned long count = 0;
+ unsigned long i;
+#define SHIFT ((sizeof(CK_ULONG) - 1) * 8)
+ PRBool first = 0;
+
+ *pError = CKR_OK;
+
+ data->data = dataPtr;
+ for (i = 0; i < sizeof(CK_ULONG); i++) {
+ unsigned char digit = (unsigned char)((value >> SHIFT) & 0xff);
+
+ value = value << 8;
+
+ /* drop leading zero bytes */
+ if (first && (0 == digit)) {
+ continue;
+ }
+ *dataPtr++ = digit;
+ count++;
+ }
+ data->size = count;
+ return count;
+}
+
+/*
+ * get an attribute from a template. Value is returned in NSS item.
+ * data for the item is owned by the template.
+ */
+CK_RV
+nss_ckcapi_GetAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ NSSItem *item)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < templateSize; i++) {
+ if (template[i].type == type) {
+ item->data = template[i].pValue;
+ item->size = template[i].ulValueLen;
+ return CKR_OK;
+ }
+ }
+ return CKR_TEMPLATE_INCOMPLETE;
+}
+
+/*
+ * get an attribute which is type CK_ULONG.
+ */
+CK_ULONG
+nss_ckcapi_GetULongAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
+{
+ NSSItem item;
+
+ *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+ if (item.size != sizeof(CK_ULONG)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (CK_ULONG)0;
+ }
+ return *(CK_ULONG *)item.data;
+}
+
+/*
+ * get an attribute which is type CK_BBOOL.
+ */
+CK_BBOOL
+nss_ckcapi_GetBoolAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
+{
+ NSSItem item;
+
+ *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (CK_BBOOL)0;
+ }
+ if (item.size != sizeof(CK_BBOOL)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (CK_BBOOL)0;
+ }
+ return *(CK_BBOOL *)item.data;
+}
+
+/*
+ * get an attribute which is type CK_BBOOL.
+ */
+char *
+nss_ckcapi_GetStringAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
+{
+ NSSItem item;
+ char *str;
+
+ /* get the attribute */
+ *pError = nss_ckcapi_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (char *)NULL;
+ }
+ /* make sure it is null terminated */
+ str = nss_ZNEWARRAY(NULL, char, item.size + 1);
+ if ((char *)NULL == str) {
+ *pError = CKR_HOST_MEMORY;
+ return (char *)NULL;
+ }
+
+ nsslibc_memcpy(str, item.data, item.size);
+ str[item.size] = 0;
+
+ return str;
+}
+
+/*
+ * Return the size in bytes of a wide string, including the terminating null
+ * character
+ */
+int
+nss_ckcapi_WideSize(
+ LPCWSTR wide)
+{
+ DWORD size;
+
+ if ((LPWSTR)NULL == wide) {
+ return 0;
+ }
+ size = wcslen(wide) + 1;
+ return size * sizeof(WCHAR);
+}
+
+/*
+ * Covert a Unicode wide character string to a UTF8 string
+ */
+char *
+nss_ckcapi_WideToUTF8(
+ LPCWSTR wide)
+{
+ DWORD size;
+ char *buf;
+
+ if ((LPWSTR)NULL == wide) {
+ return (char *)NULL;
+ }
+
+ size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, NULL, 0, NULL, 0);
+ if (size == 0) {
+ return (char *)NULL;
+ }
+ buf = nss_ZNEWARRAY(NULL, char, size);
+ size = WideCharToMultiByte(CP_UTF8, 0, wide, -1, buf, size, NULL, 0);
+ if (size == 0) {
+ nss_ZFreeIf(buf);
+ return (char *)NULL;
+ }
+ return buf;
+}
+
+/*
+ * Return a Wide String duplicated with nss allocated memory.
+ */
+LPWSTR
+nss_ckcapi_WideDup(
+ LPCWSTR wide)
+{
+ DWORD len;
+ LPWSTR buf;
+
+ if ((LPWSTR)NULL == wide) {
+ return (LPWSTR)NULL;
+ }
+
+ len = wcslen(wide) + 1;
+
+ buf = nss_ZNEWARRAY(NULL, WCHAR, len);
+ if ((LPWSTR)NULL == buf) {
+ return buf;
+ }
+ nsslibc_memcpy(buf, wide, len * sizeof(WCHAR));
+ return buf;
+}
+
+/*
+ * Covert a UTF8 string to Unicode wide character
+ */
+LPWSTR
+nss_ckcapi_UTF8ToWide(
+ char *buf)
+{
+ DWORD size;
+ LPWSTR wide;
+
+ if ((char *)NULL == buf) {
+ return (LPWSTR)NULL;
+ }
+
+ size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, NULL, 0);
+ if (size == 0) {
+ return (LPWSTR)NULL;
+ }
+ wide = nss_ZNEWARRAY(NULL, WCHAR, size);
+ size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, wide, size);
+ if (size == 0) {
+ nss_ZFreeIf(wide);
+ return (LPWSTR)NULL;
+ }
+ return wide;
+}
+
+/*
+ * keep all the knowlege of how the internalObject is laid out in this function
+ *
+ * nss_ckcapi_FetchKeyContainer
+ *
+ * fetches the Provider container and info as well as a key handle for a
+ * private key. If something other than a private key is passed in,
+ * this function fails with CKR_KEY_TYPE_INCONSISTENT
+ */
+NSS_EXTERN CK_RV
+nss_ckcapi_FetchKeyContainer(
+ ckcapiInternalObject *iKey,
+ HCRYPTPROV *hProv,
+ DWORD *keySpec,
+ HCRYPTKEY *hKey)
+{
+ ckcapiCertObject *co;
+ ckcapiKeyObject *ko;
+ BOOL rc, dummy;
+ DWORD msError;
+
+ switch (iKey->type) {
+ default:
+ case ckcapiRaw:
+ /* can't have raw private keys */
+ return CKR_KEY_TYPE_INCONSISTENT;
+ case ckcapiCert:
+ if (iKey->objClass != CKO_PRIVATE_KEY) {
+ /* Only private keys have private key provider handles */
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ co = &iKey->u.cert;
+
+ /* OK, get the Provider */
+ rc = CryptAcquireCertificatePrivateKey(co->certContext,
+ CRYPT_ACQUIRE_CACHE_FLAG |
+ CRYPT_ACQUIRE_COMPARE_KEY_FLAG,
+ NULL, hProv,
+ keySpec, &dummy);
+ if (!rc) {
+ goto loser;
+ }
+ break;
+ case ckcapiBareKey:
+ if (iKey->objClass != CKO_PRIVATE_KEY) {
+ /* Only private keys have private key provider handles */
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ ko = &iKey->u.key;
+
+ /* OK, get the Provider */
+ if (0 == ko->hProv) {
+ rc =
+ CryptAcquireContext(hProv,
+ ko->containerName,
+ ko->provName,
+ ko->provInfo.dwProvType, 0);
+ if (!rc) {
+ goto loser;
+ }
+ } else {
+ *hProv =
+ ko->hProv;
+ }
+ *keySpec = ko->provInfo.dwKeySpec;
+ break;
+ }
+
+ /* and get the crypto handle */
+ rc = CryptGetUserKey(*hProv, *keySpec, hKey);
+ if (!rc) {
+ goto loser;
+ }
+ return CKR_OK;
+loser:
+ /* map the microsoft error before leaving */
+ msError = GetLastError();
+ switch (msError) {
+ case ERROR_INVALID_HANDLE:
+ case ERROR_INVALID_PARAMETER:
+ case NTE_BAD_KEY:
+ case NTE_NO_KEY:
+ case NTE_BAD_PUBLIC_KEY:
+ case NTE_BAD_KEYSET:
+ case NTE_KEYSET_NOT_DEF:
+ return CKR_KEY_TYPE_INCONSISTENT;
+ case NTE_BAD_UID:
+ case NTE_KEYSET_ENTRY_BAD:
+ return CKR_DEVICE_ERROR;
+ }
+ return CKR_GENERAL_ERROR;
+}
+
+/*
+ * take a DER PUBLIC Key block and return the modulus and exponent
+ */
+static void
+ckcapi_CertPopulateModulusExponent(
+ ckcapiInternalObject *io)
+{
+ ckcapiKeyParams *kp = &io->u.cert.key;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ unsigned char *pkData =
+ certContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData;
+ unsigned int size =
+ certContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData;
+ unsigned int newSize;
+ unsigned char *ptr, *newptr;
+
+ /* find the start of the modulus -- this will not give good results if
+ * the key isn't an rsa key! */
+ ptr = nss_ckcapi_DERUnwrap(pkData, size, &newSize, NULL);
+ kp->modulus.data = nss_ckcapi_DERUnwrap(ptr, newSize,
+ &kp->modulus.size, &newptr);
+ /* changed from signed to unsigned int */
+ if (0 == *(char *)kp->modulus.data) {
+ kp->modulus.data = ((char *)kp->modulus.data) + 1;
+ kp->modulus.size = kp->modulus.size - 1;
+ }
+ /* changed from signed to unsigned int */
+ kp->exponent.data = nss_ckcapi_DERUnwrap(newptr, (newptr - ptr) + newSize,
+ &kp->exponent.size, NULL);
+ if (0 == *(char *)kp->exponent.data) {
+ kp->exponent.data = ((char *)kp->exponent.data) + 1;
+ kp->exponent.size = kp->exponent.size - 1;
+ }
+ return;
+}
+
+typedef struct _CAPI_RSA_KEY_BLOB {
+ PUBLICKEYSTRUC header;
+ RSAPUBKEY rsa;
+ char data[1];
+} CAPI_RSA_KEY_BLOB;
+
+#define CAPI_MODULUS_OFFSET(modSize) 0
+#define CAPI_PRIME_1_OFFSET(modSize) (modSize)
+#define CAPI_PRIME_2_OFFSET(modSize) ((modSize) + (modSize) / 2)
+#define CAPI_EXPONENT_1_OFFSET(modSize) ((modSize)*2)
+#define CAPI_EXPONENT_2_OFFSET(modSize) ((modSize)*2 + (modSize) / 2)
+#define CAPI_COEFFICIENT_OFFSET(modSize) ((modSize)*3)
+#define CAPI_PRIVATE_EXP_OFFSET(modSize) ((modSize)*3 + (modSize) / 2)
+
+void
+ckcapi_FetchPublicKey(
+ ckcapiInternalObject *io)
+{
+ ckcapiKeyParams *kp;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey = 0;
+ CK_RV error;
+ DWORD bufLen;
+ BOOL rc;
+ unsigned long modulus;
+ char *buf = NULL;
+ CAPI_RSA_KEY_BLOB *blob;
+
+ error = nss_ckcapi_FetchKeyContainer(io, &hProv, &keySpec, &hKey);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ kp = (ckcapiCert == io->type) ? &io->u.cert.key : &io->u.key.key;
+
+ rc = CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ buf = nss_ZNEWARRAY(NULL, char, bufLen);
+ rc = CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ /* validate the blob */
+ blob = (CAPI_RSA_KEY_BLOB *)buf;
+ if ((PUBLICKEYBLOB != blob->header.bType) ||
+ (0x02 != blob->header.bVersion) ||
+ (0x31415352 != blob->rsa.magic)) {
+ goto loser;
+ }
+ modulus = blob->rsa.bitlen / 8;
+ kp->pubKey = buf;
+ buf = NULL;
+
+ kp->modulus.data = &blob->data[CAPI_MODULUS_OFFSET(modulus)];
+ kp->modulus.size = modulus;
+ ckcapi_ReverseData(&kp->modulus);
+ nss_ckcapi_IntToData(blob->rsa.pubexp, &kp->exponent,
+ kp->publicExponentData, &error);
+
+loser:
+ nss_ZFreeIf(buf);
+ if (0 != hKey) {
+ CryptDestroyKey(hKey);
+ }
+ return;
+}
+
+void
+ckcapi_FetchPrivateKey(
+ ckcapiInternalObject *io)
+{
+ ckcapiKeyParams *kp;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey = 0;
+ CK_RV error;
+ DWORD bufLen;
+ BOOL rc;
+ unsigned long modulus;
+ char *buf = NULL;
+ CAPI_RSA_KEY_BLOB *blob;
+
+ error = nss_ckcapi_FetchKeyContainer(io, &hProv, &keySpec, &hKey);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ kp = (ckcapiCert == io->type) ? &io->u.cert.key : &io->u.key.key;
+
+ rc = CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ buf = nss_ZNEWARRAY(NULL, char, bufLen);
+ rc = CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, buf, &bufLen);
+ if (!rc) {
+ goto loser;
+ }
+ /* validate the blob */
+ blob = (CAPI_RSA_KEY_BLOB *)buf;
+ if ((PRIVATEKEYBLOB != blob->header.bType) ||
+ (0x02 != blob->header.bVersion) ||
+ (0x32415352 != blob->rsa.magic)) {
+ goto loser;
+ }
+ modulus = blob->rsa.bitlen / 8;
+ kp->privateKey = buf;
+ buf = NULL;
+
+ kp->privateExponent.data = &blob->data[CAPI_PRIVATE_EXP_OFFSET(modulus)];
+ kp->privateExponent.size = modulus;
+ ckcapi_ReverseData(&kp->privateExponent);
+ kp->prime1.data = &blob->data[CAPI_PRIME_1_OFFSET(modulus)];
+ kp->prime1.size = modulus / 2;
+ ckcapi_ReverseData(&kp->prime1);
+ kp->prime2.data = &blob->data[CAPI_PRIME_2_OFFSET(modulus)];
+ kp->prime2.size = modulus / 2;
+ ckcapi_ReverseData(&kp->prime2);
+ kp->exponent1.data = &blob->data[CAPI_EXPONENT_1_OFFSET(modulus)];
+ kp->exponent1.size = modulus / 2;
+ ckcapi_ReverseData(&kp->exponent1);
+ kp->exponent2.data = &blob->data[CAPI_EXPONENT_2_OFFSET(modulus)];
+ kp->exponent2.size = modulus / 2;
+ ckcapi_ReverseData(&kp->exponent2);
+ kp->coefficient.data = &blob->data[CAPI_COEFFICIENT_OFFSET(modulus)];
+ kp->coefficient.size = modulus / 2;
+ ckcapi_ReverseData(&kp->coefficient);
+
+loser:
+ nss_ZFreeIf(buf);
+ if (0 != hKey) {
+ CryptDestroyKey(hKey);
+ }
+ return;
+}
+
+void
+ckcapi_PopulateModulusExponent(
+ ckcapiInternalObject *io)
+{
+ if (ckcapiCert == io->type) {
+ ckcapi_CertPopulateModulusExponent(io);
+ } else {
+ ckcapi_FetchPublicKey(io);
+ }
+ return;
+}
+
+/*
+ * fetch the friendly name attribute.
+ * can only be called with ckcapiCert type objects!
+ */
+void
+ckcapi_FetchLabel(
+ ckcapiInternalObject *io)
+{
+ ckcapiCertObject *co = &io->u.cert;
+ char *label;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ char labelDataUTF16[128];
+ DWORD size = sizeof(labelDataUTF16);
+ DWORD size8 = sizeof(co->labelData);
+ BOOL rv;
+
+ rv = CertGetCertificateContextProperty(certContext,
+ CERT_FRIENDLY_NAME_PROP_ID, labelDataUTF16, &size);
+ if (rv) {
+ co->labelData = nss_ckcapi_WideToUTF8((LPCWSTR)labelDataUTF16);
+ if ((CHAR *)NULL == co->labelData) {
+ rv = 0;
+ } else {
+ size = strlen(co->labelData);
+ }
+ }
+ label = co->labelData;
+ /* we are presuming a user cert, make sure it has a nickname, even if
+ * Microsoft never gave it one */
+ if (!rv && co->hasID) {
+ DWORD mserror = GetLastError();
+#define DEFAULT_NICKNAME "no Microsoft nickname"
+ label = DEFAULT_NICKNAME;
+ size = sizeof(DEFAULT_NICKNAME);
+ rv = 1;
+ }
+
+ if (rv) {
+ co->label.data = label;
+ co->label.size = size;
+ }
+ return;
+}
+
+void
+ckcapi_FetchSerial(
+ ckcapiInternalObject *io)
+{
+ ckcapiCertObject *co = &io->u.cert;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ DWORD size = sizeof(co->derSerial);
+
+ BOOL rc = CryptEncodeObject(X509_ASN_ENCODING,
+ X509_MULTI_BYTE_INTEGER,
+ &certContext->pCertInfo->SerialNumber,
+ co->derSerial,
+ &size);
+ if (rc) {
+ co->serial.data = co->derSerial;
+ co->serial.size = size;
+ }
+ return;
+}
+
+/*
+ * fetch the key ID.
+ */
+void
+ckcapi_FetchID(
+ ckcapiInternalObject *io)
+{
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ DWORD size = 0;
+ BOOL rc;
+
+ rc = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
+ if (!rc) {
+ return;
+ }
+ io->idData = nss_ZNEWARRAY(NULL, char, size);
+ if (io->idData == NULL) {
+ return;
+ }
+
+ rc = CertGetCertificateContextProperty(certContext,
+ CERT_KEY_IDENTIFIER_PROP_ID, io->idData, &size);
+ if (!rc) {
+ nss_ZFreeIf(io->idData);
+ io->idData = NULL;
+ return;
+ }
+ io->id.data = io->idData;
+ io->id.size = size;
+ return;
+}
+
+/*
+ * fetch the hash key.
+ */
+void
+ckcapi_CertFetchHashKey(
+ ckcapiInternalObject *io)
+{
+ ckcapiCertObject *co = &io->u.cert;
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ DWORD size = certContext->cbCertEncoded;
+ DWORD max = sizeof(io->hashKeyData) - 1;
+ DWORD offset = 0;
+
+ /* make sure we don't over flow. NOTE: cutting the top of a cert is
+ * not a big issue because the signature for will be unique for the cert */
+ if (size > max) {
+ offset = size - max;
+ size = max;
+ }
+
+ nsslibc_memcpy(io->hashKeyData, certContext->pbCertEncoded + offset, size);
+ io->hashKeyData[size] = (char)(io->objClass & 0xff);
+
+ io->hashKey.data = io->hashKeyData;
+ io->hashKey.size = size + 1;
+ return;
+}
+
+/*
+ * fetch the hash key.
+ */
+void
+ckcapi_KeyFetchHashKey(
+ ckcapiInternalObject *io)
+{
+ ckcapiKeyObject *ko = &io->u.key;
+ DWORD size;
+ DWORD max = sizeof(io->hashKeyData) - 2;
+ DWORD offset = 0;
+ DWORD provLen = strlen(ko->provName);
+ DWORD containerLen = strlen(ko->containerName);
+
+ size = provLen + containerLen;
+
+ /* make sure we don't overflow, try to keep things unique */
+ if (size > max) {
+ DWORD diff = ((size - max) + 1) / 2;
+ provLen -= diff;
+ containerLen -= diff;
+ size = provLen + containerLen;
+ }
+
+ nsslibc_memcpy(io->hashKeyData, ko->provName, provLen);
+ nsslibc_memcpy(&io->hashKeyData[provLen],
+ ko->containerName,
+ containerLen);
+ io->hashKeyData[size] = (char)(io->objClass & 0xff);
+ io->hashKeyData[size + 1] = (char)(ko->provInfo.dwKeySpec & 0xff);
+
+ io->hashKey.data = io->hashKeyData;
+ io->hashKey.size = size + 2;
+ return;
+}
+
+/*
+ * fetch the hash key.
+ */
+void
+ckcapi_FetchHashKey(
+ ckcapiInternalObject *io)
+{
+ if (ckcapiCert == io->type) {
+ ckcapi_CertFetchHashKey(io);
+ } else {
+ ckcapi_KeyFetchHashKey(io);
+ }
+ return;
+}
+
+const NSSItem *
+ckcapi_FetchCertAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
+{
+ PCCERT_CONTEXT certContext = io->u.cert.certContext;
+ switch (type) {
+ case CKA_CLASS:
+ return &ckcapi_certClassItem;
+ case CKA_TOKEN:
+ return &ckcapi_trueItem;
+ case CKA_MODIFIABLE:
+ case CKA_PRIVATE:
+ return &ckcapi_falseItem;
+ case CKA_CERTIFICATE_TYPE:
+ return &ckcapi_x509Item;
+ case CKA_LABEL:
+ if (0 == io->u.cert.label.size) {
+ ckcapi_FetchLabel(io);
+ }
+ return &io->u.cert.label;
+ case CKA_SUBJECT:
+ if (0 == io->u.cert.subject.size) {
+ io->u.cert.subject.data =
+ certContext->pCertInfo->Subject.pbData;
+ io->u.cert.subject.size =
+ certContext->pCertInfo->Subject.cbData;
+ }
+ return &io->u.cert.subject;
+ case CKA_ISSUER:
+ if (0 == io->u.cert.issuer.size) {
+ io->u.cert.issuer.data =
+ certContext->pCertInfo->Issuer.pbData;
+ io->u.cert.issuer.size =
+ certContext->pCertInfo->Issuer.cbData;
+ }
+ return &io->u.cert.issuer;
+ case CKA_SERIAL_NUMBER:
+ if (0 == io->u.cert.serial.size) {
+ /* not exactly right. This should be the encoded serial number, but
+ * it's the decoded serial number! */
+ ckcapi_FetchSerial(io);
+ }
+ return &io->u.cert.serial;
+ case CKA_VALUE:
+ if (0 == io->u.cert.derCert.size) {
+ io->u.cert.derCert.data =
+ io->u.cert.certContext->pbCertEncoded;
+ io->u.cert.derCert.size =
+ io->u.cert.certContext->cbCertEncoded;
+ }
+ return &io->u.cert.derCert;
+ case CKA_ID:
+ if (!io->u.cert.hasID) {
+ return NULL;
+ }
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+ return &io->id;
+ default:
+ break;
+ }
+ return NULL;
+}
+
+const NSSItem *
+ckcapi_FetchPubKeyAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
+{
+ PRBool isCertType = (ckcapiCert == io->type);
+ ckcapiKeyParams *kp = isCertType ? &io->u.cert.key : &io->u.key.key;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckcapi_pubKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ case CKA_ENCRYPT:
+ case CKA_VERIFY:
+ case CKA_VERIFY_RECOVER:
+ return &ckcapi_trueItem;
+ case CKA_PRIVATE:
+ case CKA_MODIFIABLE:
+ case CKA_DERIVE:
+ case CKA_WRAP:
+ return &ckcapi_falseItem;
+ case CKA_KEY_TYPE:
+ return &ckcapi_rsaItem;
+ case CKA_LABEL:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.label.size) {
+ ckcapi_FetchLabel(io);
+ }
+ return &io->u.cert.label;
+ case CKA_SUBJECT:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.subject.size) {
+ PCCERT_CONTEXT certContext =
+ io->u.cert.certContext;
+ io->u.cert.subject.data =
+ certContext->pCertInfo->Subject.pbData;
+ io->u.cert.subject.size =
+ certContext->pCertInfo->Subject.cbData;
+ }
+ return &io->u.cert.subject;
+ case CKA_MODULUS:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->modulus;
+ case CKA_PUBLIC_EXPONENT:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->exponent;
+ case CKA_ID:
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+ return &io->id;
+ default:
+ break;
+ }
+ return NULL;
+}
+
+const NSSItem *
+ckcapi_FetchPrivKeyAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
+{
+ PRBool isCertType = (ckcapiCert == io->type);
+ ckcapiKeyParams *kp = isCertType ? &io->u.cert.key : &io->u.key.key;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckcapi_privKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ case CKA_SIGN:
+ case CKA_DECRYPT:
+ case CKA_SIGN_RECOVER:
+ return &ckcapi_trueItem;
+ case CKA_SENSITIVE:
+ case CKA_PRIVATE: /* should move in the future */
+ case CKA_MODIFIABLE:
+ case CKA_DERIVE:
+ case CKA_UNWRAP:
+ case CKA_EXTRACTABLE: /* will probably move in the future */
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_NEVER_EXTRACTABLE:
+ return &ckcapi_falseItem;
+ case CKA_KEY_TYPE:
+ return &ckcapi_rsaItem;
+ case CKA_LABEL:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.label.size) {
+ ckcapi_FetchLabel(io);
+ }
+ return &io->u.cert.label;
+ case CKA_SUBJECT:
+ if (!isCertType) {
+ return &ckcapi_emptyItem;
+ }
+ if (0 == io->u.cert.subject.size) {
+ PCCERT_CONTEXT certContext =
+ io->u.cert.certContext;
+ io->u.cert.subject.data =
+ certContext->pCertInfo->Subject.pbData;
+ io->u.cert.subject.size =
+ certContext->pCertInfo->Subject.cbData;
+ }
+ return &io->u.cert.subject;
+ case CKA_MODULUS:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->modulus;
+ case CKA_PUBLIC_EXPONENT:
+ if (0 == kp->modulus.size) {
+ ckcapi_PopulateModulusExponent(io);
+ }
+ return &kp->exponent;
+ case CKA_PRIVATE_EXPONENT:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->privateExponent;
+ case CKA_PRIME_1:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->prime1;
+ case CKA_PRIME_2:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->prime2;
+ case CKA_EXPONENT_1:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->exponent1;
+ case CKA_EXPONENT_2:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->exponent2;
+ case CKA_COEFFICIENT:
+ if (0 == kp->privateExponent.size) {
+ ckcapi_FetchPrivateKey(io);
+ }
+ return &kp->coefficient;
+ case CKA_ID:
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+ return &io->id;
+ default:
+ return NULL;
+ }
+}
+
+const NSSItem *
+nss_ckcapi_FetchAttribute(
+ ckcapiInternalObject *io,
+ CK_ATTRIBUTE_TYPE type)
+{
+ CK_ULONG i;
+
+ if (io->type == ckcapiRaw) {
+ for (i = 0; i < io->u.raw.n; i++) {
+ if (type == io->u.raw.types[i]) {
+ return &io->u.raw.items[i];
+ }
+ }
+ return NULL;
+ }
+ /* deal with the common attributes */
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ return ckcapi_FetchCertAttribute(io, type);
+ case CKO_PRIVATE_KEY:
+ return ckcapi_FetchPrivKeyAttribute(io, type);
+ case CKO_PUBLIC_KEY:
+ return ckcapi_FetchPubKeyAttribute(io, type);
+ }
+ return NULL;
+}
+
+/*
+ * check to see if the certificate already exists
+ */
+static PRBool
+ckcapi_cert_exists(
+ NSSItem *value,
+ ckcapiInternalObject **io)
+{
+ int count, i;
+ PRUint32 size = 0;
+ ckcapiInternalObject **listp = NULL;
+ CK_ATTRIBUTE myTemplate[2];
+ CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE;
+ CK_ULONG templateCount = 2;
+ CK_RV error;
+ PRBool found = PR_FALSE;
+
+ myTemplate[0].type = CKA_CLASS;
+ myTemplate[0].pValue = &cert_class;
+ myTemplate[0].ulValueLen = sizeof(cert_class);
+ myTemplate[1].type = CKA_VALUE;
+ myTemplate[1].pValue = value->data;
+ myTemplate[1].ulValueLen = value->size;
+
+ count = nss_ckcapi_collect_all_certs(myTemplate, templateCount, &listp,
+ &size, 0, &error);
+
+ /* free them */
+ if (count > 1) {
+ *io = listp[0];
+ found = PR_TRUE;
+ }
+
+ for (i = 1; i < count; i++) {
+ nss_ckcapi_DestroyInternalObject(listp[i]);
+ }
+ nss_ZFreeIf(listp);
+ return found;
+}
+
+static PRBool
+ckcapi_cert_hasEmail(
+ PCCERT_CONTEXT certContext)
+{
+ int count;
+
+ count = CertGetNameString(certContext, CERT_NAME_EMAIL_TYPE,
+ 0, NULL, NULL, 0);
+
+ return count > 1 ? PR_TRUE : PR_FALSE;
+}
+
+static PRBool
+ckcapi_cert_isRoot(
+ PCCERT_CONTEXT certContext)
+{
+ return CertCompareCertificateName(certContext->dwCertEncodingType,
+ &certContext->pCertInfo->Issuer, &certContext->pCertInfo->Subject);
+}
+
+static PRBool
+ckcapi_cert_isCA(
+ PCCERT_CONTEXT certContext)
+{
+ PCERT_EXTENSION extension;
+ CERT_BASIC_CONSTRAINTS2_INFO basicInfo;
+ DWORD size = sizeof(basicInfo);
+ BOOL rc;
+
+ extension = CertFindExtension(szOID_BASIC_CONSTRAINTS,
+ certContext->pCertInfo->cExtension,
+ certContext->pCertInfo->rgExtension);
+ if ((PCERT_EXTENSION)NULL == extension) {
+ return PR_FALSE;
+ }
+ rc = CryptDecodeObject(X509_ASN_ENCODING, szOID_BASIC_CONSTRAINTS2,
+ extension->Value.pbData, extension->Value.cbData,
+ 0, &basicInfo, &size);
+ if (!rc) {
+ return PR_FALSE;
+ }
+ return (PRBool)basicInfo.fCA;
+}
+
+static CRYPT_KEY_PROV_INFO *
+ckcapi_cert_getPrivateKeyInfo(
+ PCCERT_CONTEXT certContext,
+ NSSItem *keyID)
+{
+ BOOL rc;
+ CRYPT_HASH_BLOB msKeyID;
+ DWORD size = 0;
+ CRYPT_KEY_PROV_INFO *prov = NULL;
+
+ msKeyID.cbData = keyID->size;
+ msKeyID.pbData = keyID->data;
+
+ rc = CryptGetKeyIdentifierProperty(
+ &msKeyID,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ 0, NULL, NULL, NULL, &size);
+ if (!rc) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ prov = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
+ if ((CRYPT_KEY_PROV_INFO *)prov == NULL) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ rc = CryptGetKeyIdentifierProperty(
+ &msKeyID,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ 0, NULL, NULL, prov, &size);
+ if (!rc) {
+ nss_ZFreeIf(prov);
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+
+ return prov;
+}
+
+static CRYPT_KEY_PROV_INFO *
+ckcapi_cert_getProvInfo(
+ ckcapiInternalObject *io)
+{
+ BOOL rc;
+ DWORD size = 0;
+ CRYPT_KEY_PROV_INFO *prov = NULL;
+
+ rc = CertGetCertificateContextProperty(
+ io->u.cert.certContext,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ NULL, &size);
+ if (!rc) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ prov = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
+ if ((CRYPT_KEY_PROV_INFO *)prov == NULL) {
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+ rc = CertGetCertificateContextProperty(
+ io->u.cert.certContext,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ prov, &size);
+ if (!rc) {
+ nss_ZFreeIf(prov);
+ return (CRYPT_KEY_PROV_INFO *)NULL;
+ }
+
+ return prov;
+}
+
+/* forward declaration */
+static void
+ckcapi_removeObjectFromHash(
+ ckcapiInternalObject *io);
+
+/*
+ * Finalize - unneeded
+ * Destroy
+ * IsTokenObject - CK_TRUE
+ * GetAttributeCount
+ * GetAttributeTypes
+ * GetAttributeSize
+ * GetAttribute
+ * SetAttribute
+ * GetObjectSize
+ */
+
+static CK_RV
+ckcapi_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ CK_OBJECT_CLASS objClass;
+ BOOL rc;
+ DWORD provType;
+ DWORD msError;
+ PRBool isCertType = (PRBool)(ckcapiCert == io->type);
+ HCERTSTORE hStore = 0;
+
+ if (ckcapiRaw == io->type) {
+ /* there is not 'object write protected' error, use the next best thing */
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ objClass = io->objClass;
+ if (CKO_CERTIFICATE == objClass) {
+ PCCERT_CONTEXT certContext;
+
+ /* get the store */
+ hStore = CertOpenSystemStore(0, io->u.cert.certStore);
+ if (0 == hStore) {
+ rc = 0;
+ goto loser;
+ }
+ certContext = CertFindCertificateInStore(hStore, X509_ASN_ENCODING, 0,
+ CERT_FIND_EXISTING, io->u.cert.certContext, NULL);
+ if ((PCCERT_CONTEXT)NULL == certContext) {
+ rc = 0;
+ goto loser;
+ }
+ rc = CertDeleteCertificateFromStore(certContext);
+ } else {
+ char *provName = NULL;
+ char *containerName = NULL;
+ HCRYPTPROV hProv;
+ CRYPT_HASH_BLOB msKeyID;
+
+ if (0 == io->id.size) {
+ ckcapi_FetchID(io);
+ }
+
+ if (isCertType) {
+ CRYPT_KEY_PROV_INFO *provInfo = ckcapi_cert_getProvInfo(io);
+ provName = nss_ckcapi_WideToUTF8(provInfo->pwszProvName);
+ containerName = nss_ckcapi_WideToUTF8(provInfo->pwszContainerName);
+ provType = provInfo->dwProvType;
+ nss_ZFreeIf(provInfo);
+ } else {
+ provName = io->u.key.provName;
+ containerName = io->u.key.containerName;
+ provType = io->u.key.provInfo.dwProvType;
+ io->u.key.provName = NULL;
+ io->u.key.containerName = NULL;
+ }
+ /* first remove the key id pointer */
+ msKeyID.cbData = io->id.size;
+ msKeyID.pbData = io->id.data;
+ rc = CryptSetKeyIdentifierProperty(&msKeyID,
+ CERT_KEY_PROV_INFO_PROP_ID, CRYPT_KEYID_DELETE_FLAG, NULL, NULL, NULL);
+ if (rc) {
+ rc = CryptAcquireContext(&hProv, containerName, provName, provType,
+ CRYPT_DELETEKEYSET);
+ }
+ nss_ZFreeIf(provName);
+ nss_ZFreeIf(containerName);
+ }
+loser:
+
+ if (hStore) {
+ CertCloseStore(hStore, 0);
+ }
+ if (!rc) {
+ msError = GetLastError();
+ return CKR_GENERAL_ERROR;
+ }
+
+ /* remove it from the hash */
+ ckcapi_removeObjectFromHash(io);
+
+ /* free the puppy.. */
+ nss_ckcapi_DestroyInternalObject(io);
+ return CKR_OK;
+}
+
+static CK_BBOOL
+ckcapi_mdObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_ULONG
+ckcapi_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+
+ if (ckcapiRaw == io->type) {
+ return io->u.raw.n;
+ }
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ return certAttrsCount;
+ case CKO_PUBLIC_KEY:
+ return pubKeyAttrsCount;
+ case CKO_PRIVATE_KEY:
+ return privKeyAttrsCount;
+ default:
+ break;
+ }
+ return 0;
+}
+
+static CK_RV
+ckcapi_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ CK_ULONG i;
+ CK_RV error = CKR_OK;
+ const CK_ATTRIBUTE_TYPE *attrs = NULL;
+ CK_ULONG size = ckcapi_mdObject_GetAttributeCount(
+ mdObject, fwObject, mdSession, fwSession,
+ mdToken, fwToken, mdInstance, fwInstance, &error);
+
+ if (size != ulCount) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ if (io->type == ckcapiRaw) {
+ attrs = io->u.raw.types;
+ } else
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ attrs =
+ certAttrs;
+ break;
+ case CKO_PUBLIC_KEY:
+ attrs =
+ pubKeyAttrs;
+ break;
+ case CKO_PRIVATE_KEY:
+ attrs =
+ privKeyAttrs;
+ break;
+ default:
+ return CKR_OK;
+ }
+
+ for (i = 0; i < size; i++) {
+ typeArray[i] = attrs[i];
+ }
+
+ return CKR_OK;
+}
+
+static CK_ULONG
+ckcapi_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+
+ const NSSItem *b;
+
+ b = nss_ckcapi_FetchAttribute(io, attribute);
+
+ if ((const NSSItem *)NULL == b) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return 0;
+ }
+ return b->size;
+}
+
+static CK_RV
+ckcapi_mdObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
+{
+ return CKR_OK;
+}
+
+static NSSCKFWItem
+ckcapi_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ NSSCKFWItem mdItem;
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+
+ mdItem.needsFreeing = PR_FALSE;
+ mdItem.item = (NSSItem *)nss_ckcapi_FetchAttribute(io, attribute);
+
+ if ((NSSItem *)NULL == mdItem.item) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ }
+
+ return mdItem;
+}
+
+static CK_ULONG
+ckcapi_mdObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ ckcapiInternalObject *io = (ckcapiInternalObject *)mdObject->etc;
+ CK_ULONG rv = 1;
+
+ /* size is irrelevant to this token */
+ return rv;
+}
+
+static const NSSCKMDObject
+ ckcapi_prototype_mdObject = {
+ (void *)NULL, /* etc */
+ NULL, /* Finalize */
+ ckcapi_mdObject_Destroy,
+ ckcapi_mdObject_IsTokenObject,
+ ckcapi_mdObject_GetAttributeCount,
+ ckcapi_mdObject_GetAttributeTypes,
+ ckcapi_mdObject_GetAttributeSize,
+ ckcapi_mdObject_GetAttribute,
+ NULL, /* FreeAttribute */
+ ckcapi_mdObject_SetAttribute,
+ ckcapi_mdObject_GetObjectSize,
+ (void *)NULL /* null terminator */
+ };
+
+static nssHash *ckcapiInternalObjectHash = NULL;
+
+NSS_IMPLEMENT NSSCKMDObject *
+nss_ckcapi_CreateMDObject(
+ NSSArena *arena,
+ ckcapiInternalObject *io,
+ CK_RV *pError)
+{
+ if ((nssHash *)NULL == ckcapiInternalObjectHash) {
+ ckcapiInternalObjectHash = nssHash_CreateItem(NULL, 10);
+ }
+ if (ckcapiCert == io->type) {
+ /* the hash key, not a cryptographic key */
+ NSSItem *key = &io->hashKey;
+ ckcapiInternalObject *old_o = NULL;
+
+ if (key->size == 0) {
+ ckcapi_FetchHashKey(io);
+ }
+ old_o = (ckcapiInternalObject *)
+ nssHash_Lookup(ckcapiInternalObjectHash, key);
+ if (!old_o) {
+ nssHash_Add(ckcapiInternalObjectHash, key, io);
+ } else if (old_o != io) {
+ nss_ckcapi_DestroyInternalObject(io);
+ io = old_o;
+ }
+ }
+
+ if ((void *)NULL == io->mdObject.etc) {
+ (void)nsslibc_memcpy(&io->mdObject, &ckcapi_prototype_mdObject,
+ sizeof(ckcapi_prototype_mdObject));
+ io->mdObject.etc = (void *)io;
+ }
+ return &io->mdObject;
+}
+
+static void
+ckcapi_removeObjectFromHash(
+ ckcapiInternalObject *io)
+{
+ NSSItem *key = &io->hashKey;
+
+ if ((nssHash *)NULL == ckcapiInternalObjectHash) {
+ return;
+ }
+ if (key->size == 0) {
+ ckcapi_FetchHashKey(io);
+ }
+ nssHash_Remove(ckcapiInternalObjectHash, key);
+ return;
+}
+
+void
+nss_ckcapi_DestroyInternalObject(
+ ckcapiInternalObject *io)
+{
+ switch (io->type) {
+ case ckcapiRaw:
+ return;
+ case ckcapiCert:
+ CertFreeCertificateContext(io->u.cert.certContext);
+ nss_ZFreeIf(io->u.cert.labelData);
+ nss_ZFreeIf(io->u.cert.key.privateKey);
+ nss_ZFreeIf(io->u.cert.key.pubKey);
+ nss_ZFreeIf(io->idData);
+ break;
+ case ckcapiBareKey:
+ nss_ZFreeIf(io->u.key.provInfo.pwszContainerName);
+ nss_ZFreeIf(io->u.key.provInfo.pwszProvName);
+ nss_ZFreeIf(io->u.key.provName);
+ nss_ZFreeIf(io->u.key.containerName);
+ nss_ZFreeIf(io->u.key.key.privateKey);
+ nss_ZFreeIf(io->u.key.key.pubKey);
+ if (0 != io->u.key.hProv) {
+ CryptReleaseContext(io->u.key.hProv, 0);
+ }
+ nss_ZFreeIf(io->idData);
+ break;
+ }
+ nss_ZFreeIf(io);
+ return;
+}
+
+static ckcapiInternalObject *
+nss_ckcapi_CreateCertificate(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSItem value;
+ NSSItem keyID;
+ char *storeStr;
+ ckcapiInternalObject *io = NULL;
+ PCCERT_CONTEXT certContext = NULL;
+ PCCERT_CONTEXT storedCertContext = NULL;
+ CRYPT_KEY_PROV_INFO *prov_info = NULL;
+ char *nickname = NULL;
+ HCERTSTORE hStore = 0;
+ DWORD msError = 0;
+ PRBool hasID;
+ CK_RV dummy;
+ BOOL rc;
+
+ *pError = nss_ckcapi_GetAttribute(CKA_VALUE, pTemplate,
+ ulAttributeCount, &value);
+
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+
+ *pError = nss_ckcapi_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
+
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+
+ if (ckcapi_cert_exists(&value, &io)) {
+ return io;
+ }
+
+ /* OK, we are creating a new one, figure out what store it belongs to..
+ * first get a certContext handle.. */
+ certContext = CertCreateCertificateContext(X509_ASN_ENCODING,
+ value.data, value.size);
+ if ((PCCERT_CONTEXT)NULL == certContext) {
+ msError = GetLastError();
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ /* do we have a private key laying around... */
+ prov_info = ckcapi_cert_getPrivateKeyInfo(certContext, &keyID);
+ if (prov_info) {
+ CRYPT_DATA_BLOB msKeyID;
+ storeStr = "My";
+ hasID = PR_TRUE;
+ rc = CertSetCertificateContextProperty(certContext,
+ CERT_KEY_PROV_INFO_PROP_ID,
+ 0, prov_info);
+ nss_ZFreeIf(prov_info);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+ msKeyID.cbData = keyID.size;
+ msKeyID.pbData = keyID.data;
+ rc = CertSetCertificateContextProperty(certContext,
+ CERT_KEY_IDENTIFIER_PROP_ID,
+ 0, &msKeyID);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ /* does it look like a CA */
+ } else if (ckcapi_cert_isCA(certContext)) {
+ storeStr = ckcapi_cert_isRoot(certContext) ? "CA" : "Root";
+ /* does it look like an S/MIME cert */
+ } else if (ckcapi_cert_hasEmail(certContext)) {
+ storeStr = "AddressBook";
+ } else {
+ /* just pick a store */
+ storeStr = "CA";
+ }
+
+ /* get the nickname, not an error if we can't find it */
+ nickname = nss_ckcapi_GetStringAttribute(CKA_LABEL, pTemplate,
+ ulAttributeCount, &dummy);
+ if (nickname) {
+ LPWSTR nicknameUTF16 = NULL;
+ CRYPT_DATA_BLOB nicknameBlob;
+
+ nicknameUTF16 = nss_ckcapi_UTF8ToWide(nickname);
+ nss_ZFreeIf(nickname);
+ nickname = NULL;
+ if ((LPWSTR)NULL == nicknameUTF16) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nicknameBlob.cbData = nss_ckcapi_WideSize(nicknameUTF16);
+ nicknameBlob.pbData = (BYTE *)nicknameUTF16;
+ rc = CertSetCertificateContextProperty(certContext,
+ CERT_FRIENDLY_NAME_PROP_ID, 0, &nicknameBlob);
+ nss_ZFreeIf(nicknameUTF16);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+ }
+
+ hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
+ if (0 == hStore) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ rc = CertAddCertificateContextToStore(hStore, certContext,
+ CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES, &storedCertContext);
+ CertFreeCertificateContext(certContext);
+ certContext = NULL;
+ CertCloseStore(hStore, 0);
+ hStore = 0;
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ io = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == io) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ io->type = ckcapiCert;
+ io->objClass = CKO_CERTIFICATE;
+ io->u.cert.certContext = storedCertContext;
+ io->u.cert.hasID = hasID;
+ return io;
+
+loser:
+ if (certContext) {
+ CertFreeCertificateContext(certContext);
+ certContext = NULL;
+ }
+ if (storedCertContext) {
+ CertFreeCertificateContext(storedCertContext);
+ storedCertContext = NULL;
+ }
+ if (0 != hStore) {
+ CertCloseStore(hStore, 0);
+ }
+ return (ckcapiInternalObject *)NULL;
+}
+
+static char *
+ckcapi_getDefaultProvider(
+ CK_RV *pError)
+{
+ char *name = NULL;
+ BOOL rc;
+ DWORD nameLength = 0;
+
+ rc = CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_USER_DEFAULT, NULL,
+ &nameLength);
+ if (!rc) {
+ return (char *)NULL;
+ }
+
+ name = nss_ZNEWARRAY(NULL, char, nameLength);
+ if ((char *)NULL == name) {
+ return (char *)NULL;
+ }
+ rc = CryptGetDefaultProvider(PROV_RSA_FULL, NULL, CRYPT_USER_DEFAULT, name,
+ &nameLength);
+ if (!rc) {
+ nss_ZFreeIf(name);
+ return (char *)NULL;
+ }
+
+ return name;
+}
+
+static char *
+ckcapi_getContainer(
+ CK_RV *pError,
+ NSSItem *id)
+{
+ RPC_STATUS rstat;
+ UUID uuid;
+ char *uuidStr;
+ char *container;
+
+ rstat = UuidCreate(&uuid);
+ rstat = UuidToString(&uuid, &uuidStr);
+
+ /* convert it from rcp memory to our own */
+ container = nssUTF8_Duplicate(uuidStr, NULL);
+ RpcStringFree(&uuidStr);
+
+ return container;
+}
+
+static CK_RV
+ckcapi_buildPrivateKeyBlob(
+ NSSItem *keyBlob,
+ NSSItem *modulus,
+ NSSItem *publicExponent,
+ NSSItem *privateExponent,
+ NSSItem *prime1,
+ NSSItem *prime2,
+ NSSItem *exponent1,
+ NSSItem *exponent2,
+ NSSItem *coefficient,
+ PRBool isKeyExchange)
+{
+ CAPI_RSA_KEY_BLOB *keyBlobData = NULL;
+ unsigned char *target;
+ unsigned long modSize = modulus->size;
+ unsigned long dataSize;
+ CK_RV error = CKR_OK;
+
+ /* validate extras */
+ if (privateExponent->size != modSize) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (prime1->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (prime2->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (exponent1->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (exponent2->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ if (coefficient->size != modSize / 2) {
+ error = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ dataSize = (modSize * 4) + (modSize / 2) + sizeof(CAPI_RSA_KEY_BLOB);
+ keyBlobData = (CAPI_RSA_KEY_BLOB *)nss_ZAlloc(NULL, dataSize);
+ if ((CAPI_RSA_KEY_BLOB *)NULL == keyBlobData) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ keyBlobData->header.bType = PRIVATEKEYBLOB;
+ keyBlobData->header.bVersion = 0x02;
+ keyBlobData->header.reserved = 0x00;
+ keyBlobData->header.aiKeyAlg = isKeyExchange ? CALG_RSA_KEYX : CALG_RSA_SIGN;
+ keyBlobData->rsa.magic = 0x32415352;
+ keyBlobData->rsa.bitlen = modSize * 8;
+ keyBlobData->rsa.pubexp = nss_ckcapi_DataToInt(publicExponent, &error);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ target = &keyBlobData->data[CAPI_MODULUS_OFFSET(modSize)];
+ nsslibc_memcpy(target, modulus->data, modulus->size);
+ modulus->data = target;
+ ckcapi_ReverseData(modulus);
+
+ target = &keyBlobData->data[CAPI_PRIVATE_EXP_OFFSET(modSize)];
+ nsslibc_memcpy(target, privateExponent->data, privateExponent->size);
+ privateExponent->data = target;
+ ckcapi_ReverseData(privateExponent);
+
+ target = &keyBlobData->data[CAPI_PRIME_1_OFFSET(modSize)];
+ nsslibc_memcpy(target, prime1->data, prime1->size);
+ prime1->data = target;
+ ckcapi_ReverseData(prime1);
+
+ target = &keyBlobData->data[CAPI_PRIME_2_OFFSET(modSize)];
+ nsslibc_memcpy(target, prime2->data, prime2->size);
+ prime2->data = target;
+ ckcapi_ReverseData(prime2);
+
+ target = &keyBlobData->data[CAPI_EXPONENT_1_OFFSET(modSize)];
+ nsslibc_memcpy(target, exponent1->data, exponent1->size);
+ exponent1->data = target;
+ ckcapi_ReverseData(exponent1);
+
+ target = &keyBlobData->data[CAPI_EXPONENT_2_OFFSET(modSize)];
+ nsslibc_memcpy(target, exponent2->data, exponent2->size);
+ exponent2->data = target;
+ ckcapi_ReverseData(exponent2);
+
+ target = &keyBlobData->data[CAPI_COEFFICIENT_OFFSET(modSize)];
+ nsslibc_memcpy(target, coefficient->data, coefficient->size);
+ coefficient->data = target;
+ ckcapi_ReverseData(coefficient);
+
+ keyBlob->data = keyBlobData;
+ keyBlob->size = dataSize;
+
+ return CKR_OK;
+
+loser:
+ nss_ZFreeIf(keyBlobData);
+ return error;
+}
+
+static ckcapiInternalObject *
+nss_ckcapi_CreatePrivateKey(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSItem modulus;
+ NSSItem publicExponent;
+ NSSItem privateExponent;
+ NSSItem exponent1;
+ NSSItem exponent2;
+ NSSItem prime1;
+ NSSItem prime2;
+ NSSItem coefficient;
+ NSSItem keyID;
+ NSSItem keyBlob;
+ ckcapiInternalObject *io = NULL;
+ char *providerName = NULL;
+ char *containerName = NULL;
+ char *idData = NULL;
+ CRYPT_KEY_PROV_INFO provInfo;
+ CRYPT_HASH_BLOB msKeyID;
+ CK_KEY_TYPE keyType;
+ HCRYPTPROV hProv = 0;
+ HCRYPTKEY hKey = 0;
+ PRBool decrypt;
+ DWORD keySpec;
+ DWORD msError;
+ BOOL rc;
+
+ keyType = nss_ckcapi_GetULongAttribute(CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ if (CKK_RSA != keyType) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (ckcapiInternalObject *)NULL;
+ }
+
+ decrypt = nss_ckcapi_GetBoolAttribute(CKA_DECRYPT,
+ pTemplate, ulAttributeCount, pError);
+ if (CKR_TEMPLATE_INCOMPLETE == *pError) {
+ decrypt = PR_TRUE; /* default to true */
+ }
+ decrypt = decrypt || nss_ckcapi_GetBoolAttribute(CKA_UNWRAP,
+ pTemplate, ulAttributeCount, pError);
+ if (CKR_TEMPLATE_INCOMPLETE == *pError) {
+ decrypt = PR_TRUE; /* default to true */
+ }
+ keySpec = decrypt ? AT_KEYEXCHANGE : AT_SIGNATURE;
+
+ *pError = nss_ckcapi_GetAttribute(CKA_MODULUS, pTemplate,
+ ulAttributeCount, &modulus);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate,
+ ulAttributeCount, &publicExponent);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate,
+ ulAttributeCount, &privateExponent);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PRIME_1, pTemplate,
+ ulAttributeCount, &prime1);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_PRIME_2, pTemplate,
+ ulAttributeCount, &prime2);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_EXPONENT_1, pTemplate,
+ ulAttributeCount, &exponent1);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_EXPONENT_2, pTemplate,
+ ulAttributeCount, &exponent2);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_COEFFICIENT, pTemplate,
+ ulAttributeCount, &coefficient);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ *pError = nss_ckcapi_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
+ if (CKR_OK != *pError) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ providerName = ckcapi_getDefaultProvider(pError);
+ if ((char *)NULL == providerName) {
+ return (ckcapiInternalObject *)NULL;
+ }
+ containerName = ckcapi_getContainer(pError, &keyID);
+ if ((char *)NULL == containerName) {
+ goto loser;
+ }
+ rc = CryptAcquireContext(&hProv, containerName, providerName,
+ PROV_RSA_FULL, CRYPT_NEWKEYSET);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ *pError = ckcapi_buildPrivateKeyBlob(
+ &keyBlob,
+ &modulus,
+ &publicExponent,
+ &privateExponent,
+ &prime1,
+ &prime2,
+ &exponent1,
+ &exponent2,
+ &coefficient,
+ decrypt);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ rc = CryptImportKey(hProv, keyBlob.data, keyBlob.size,
+ 0, CRYPT_EXPORTABLE, &hKey);
+ if (!rc) {
+ msError = GetLastError();
+ *pError = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ idData = nss_ZNEWARRAY(NULL, char, keyID.size);
+ if ((void *)NULL == idData) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nsslibc_memcpy(idData, keyID.data, keyID.size);
+
+ provInfo.pwszContainerName = nss_ckcapi_UTF8ToWide(containerName);
+ provInfo.pwszProvName = nss_ckcapi_UTF8ToWide(providerName);
+ provInfo.dwProvType = PROV_RSA_FULL;
+ provInfo.dwFlags = 0;
+ provInfo.cProvParam = 0;
+ provInfo.rgProvParam = NULL;
+ provInfo.dwKeySpec = keySpec;
+
+ msKeyID.cbData = keyID.size;
+ msKeyID.pbData = keyID.data;
+
+ rc = CryptSetKeyIdentifierProperty(&msKeyID, CERT_KEY_PROV_INFO_PROP_ID,
+ 0, NULL, NULL, &provInfo);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* handle error here */
+ io = nss_ZNEW(NULL, ckcapiInternalObject);
+ if ((ckcapiInternalObject *)NULL == io) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ io->type = ckcapiBareKey;
+ io->objClass = CKO_PRIVATE_KEY;
+ io->u.key.provInfo = provInfo;
+ io->u.key.provName = providerName;
+ io->u.key.containerName = containerName;
+ io->u.key.hProv = hProv; /* save the handle */
+ io->idData = idData;
+ io->id.data = idData;
+ io->id.size = keyID.size;
+ /* done with the key handle */
+ CryptDestroyKey(hKey);
+ return io;
+
+loser:
+ nss_ZFreeIf(containerName);
+ nss_ZFreeIf(providerName);
+ nss_ZFreeIf(idData);
+ if (0 != hProv) {
+ CryptReleaseContext(hProv, 0);
+ }
+ if (0 != hKey) {
+ CryptDestroyKey(hKey);
+ }
+ return (ckcapiInternalObject *)NULL;
+}
+
+NSS_EXTERN NSSCKMDObject *
+nss_ckcapi_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ CK_OBJECT_CLASS objClass;
+ ckcapiInternalObject *io = NULL;
+ CK_BBOOL isToken;
+
+ /*
+ * only create token objects
+ */
+ isToken = nss_ckcapi_GetBoolAttribute(CKA_TOKEN, pTemplate,
+ ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
+ if (!isToken) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ /*
+ * only create keys and certs.
+ */
+ objClass = nss_ckcapi_GetULongAttribute(CKA_CLASS, pTemplate,
+ ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
+#ifdef notdef
+ if (objClass == CKO_PUBLIC_KEY) {
+ return CKR_OK; /* fake public key creation, happens as a side effect of
+ * private key creation */
+ }
+#endif
+ if (objClass == CKO_CERTIFICATE) {
+ io = nss_ckcapi_CreateCertificate(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ } else if (objClass == CKO_PRIVATE_KEY) {
+ io = nss_ckcapi_CreatePrivateKey(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ } else {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ if ((ckcapiInternalObject *)NULL == io) {
+ return (NSSCKMDObject *)NULL;
+ }
+ return nss_ckcapi_CreateMDObject(NULL, io, pError);
+}
diff --git a/security/nss/lib/ckfw/capi/config.mk b/security/nss/lib/ckfw/capi/config.mk
new file mode 100644
index 000000000..ec0a86271
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/config.mk
@@ -0,0 +1,31 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only shared libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(SHARED_LIBRARY)
+LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+ SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+ RES = $(OBJDIR)/$(LIBRARY_NAME).res
+ RESNAME = $(LIBRARY_NAME).rc
+endif
+
+ifdef BUILD_IDG
+ DEFINES += -DNSSDEBUG
+endif
+
+#
+# To create a loadable module on Darwin, we must use -bundle.
+#
+ifeq ($(OS_TARGET),Darwin)
+DSO_LDOPTS = -bundle
+endif
diff --git a/security/nss/lib/ckfw/capi/constants.c b/security/nss/lib/ckfw/capi/constants.c
new file mode 100644
index 000000000..0d4b70110
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/constants.c
@@ -0,0 +1,63 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * ckcapi/constants.c
+ *
+ * Identification and other constants, all collected here in one place.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCAPI_H
+#include "nsscapi.h"
+#endif /* NSSCAPI_H */
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckcapi_CryptokiVersion = {
+ NSS_CKCAPI_CRYPTOKI_VERSION_MAJOR,
+ NSS_CKCAPI_CRYPTOKI_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckcapi_ManufacturerID = (NSSUTF8 *)"Mozilla Foundation";
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckcapi_LibraryDescription = (NSSUTF8 *)"NSS Access to Microsoft Certificate Store";
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckcapi_LibraryVersion = {
+ NSS_CKCAPI_LIBRARY_VERSION_MAJOR,
+ NSS_CKCAPI_LIBRARY_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckcapi_SlotDescription = (NSSUTF8 *)"Microsoft Certificate Store";
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckcapi_HardwareVersion = {
+ NSS_CKCAPI_HARDWARE_VERSION_MAJOR,
+ NSS_CKCAPI_HARDWARE_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckcapi_FirmwareVersion = {
+ NSS_CKCAPI_FIRMWARE_VERSION_MAJOR,
+ NSS_CKCAPI_FIRMWARE_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckcapi_TokenLabel = (NSSUTF8 *)"Microsoft Certificate Store";
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckcapi_TokenModel = (NSSUTF8 *)"1";
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckcapi_TokenSerialNumber = (NSSUTF8 *)"1";
diff --git a/security/nss/lib/ckfw/capi/crsa.c b/security/nss/lib/ckfw/capi/crsa.c
new file mode 100644
index 000000000..62f90acb6
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/crsa.c
@@ -0,0 +1,687 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckcapi.h"
+#include "secdert.h"
+
+#define SSL3_SHAMD5_HASH_SIZE 36 /* LEN_MD5 (16) + LEN_SHA1 (20) */
+
+/*
+ * ckcapi/crsa.c
+ *
+ * This file implements the NSSCKMDMechnaism and NSSCKMDCryptoOperation objects
+ * for the RSA operation on the CAPI cryptoki module.
+ */
+
+/*
+ * write a Decimal value to a string
+ */
+
+static char *
+putDecimalString(char *cstr, unsigned long value)
+{
+ unsigned long tenpower;
+ int first = 1;
+
+ for (tenpower = 10000000; tenpower; tenpower /= 10) {
+ unsigned char digit = (unsigned char)(value / tenpower);
+ value = value % tenpower;
+
+ /* drop leading zeros */
+ if (first && (0 == digit)) {
+ continue;
+ }
+ first = 0;
+ *cstr++ = digit + '0';
+ }
+
+ /* if value was zero, put one of them out */
+ if (first) {
+ *cstr++ = '0';
+ }
+ return cstr;
+}
+
+/*
+ * Create a Capi OID string value from a DER OID
+ */
+static char *
+nss_ckcapi_GetOidString(
+ unsigned char *oidTag,
+ unsigned int oidTagSize,
+ CK_RV *pError)
+{
+ unsigned char *oid;
+ char *oidStr;
+ char *cstr;
+ unsigned long value;
+ unsigned int oidSize;
+
+ if (DER_OBJECT_ID != *oidTag) {
+ /* wasn't an oid */
+ *pError = CKR_DATA_INVALID;
+ return NULL;
+ }
+ oid = nss_ckcapi_DERUnwrap(oidTag, oidTagSize, &oidSize, NULL);
+
+ if (oidSize < 2) {
+ *pError = CKR_DATA_INVALID;
+ return NULL;
+ }
+
+ oidStr = nss_ZNEWARRAY(NULL, char, oidSize * 4);
+ if ((char *)NULL == oidStr) {
+ *pError = CKR_HOST_MEMORY;
+ return NULL;
+ }
+ cstr = oidStr;
+ cstr = putDecimalString(cstr, (*oid) / 40);
+ *cstr++ = '.';
+ cstr = putDecimalString(cstr, (*oid) % 40);
+ oidSize--;
+
+ value = 0;
+ while (oidSize--) {
+ oid++;
+ value = (value << 7) + (*oid & 0x7f);
+ if (0 == (*oid & 0x80)) {
+ *cstr++ = '.';
+ cstr = putDecimalString(cstr, value);
+ value = 0;
+ }
+ }
+
+ *cstr = 0; /* NULL terminate */
+
+ if (value != 0) {
+ nss_ZFreeIf(oidStr);
+ *pError = CKR_DATA_INVALID;
+ return NULL;
+ }
+ return oidStr;
+}
+
+/*
+ * PKCS #11 sign for RSA expects to take a fully DER-encoded hash value,
+ * which includes the hash OID. CAPI expects to take a Hash Context. While
+ * CAPI does have the capability of setting a raw hash value, it does not
+ * have the ability to sign an arbitrary value. This function tries to
+ * reduce the passed in data into something that CAPI could actually sign.
+ */
+static CK_RV
+ckcapi_GetRawHash(
+ const NSSItem *input,
+ NSSItem *hash,
+ ALG_ID *hashAlg)
+{
+ unsigned char *current;
+ unsigned char *algid;
+ unsigned char *oid;
+ unsigned char *hashData;
+ char *oidStr;
+ CK_RV error;
+ unsigned int oidSize;
+ unsigned int size;
+ /*
+ * there are 2 types of hashes NSS typically tries to sign, regular
+ * RSA signature format (with encoded DER_OIDS), and SSL3 Signed hashes.
+ * CAPI knows not to add any oids to SSL3_Signed hashes, so if we have any
+ * random hash that is exactly the same size as an SSL3 hash, then we can
+ * just pass the data through. CAPI has know way of knowing if the value
+ * is really a combined hash or some other arbitrary data, so it's safe to
+ * handle this case first.
+ */
+ if (SSL3_SHAMD5_HASH_SIZE == input->size) {
+ hash->data = input->data;
+ hash->size = input->size;
+ *hashAlg = CALG_SSL3_SHAMD5;
+ return CKR_OK;
+ }
+
+ current = (unsigned char *)input->data;
+
+ /* make sure we have a sequence tag */
+ if ((DER_SEQUENCE | DER_CONSTRUCTED) != *current) {
+ return CKR_DATA_INVALID;
+ }
+
+ /* parse the input block to get 1) the hash oid, and 2) the raw hash value.
+ * unfortunatly CAPI doesn't have a builtin function to do this work, so
+ * we go ahead and do it by hand here.
+ *
+ * format is:
+ * SEQUENCE {
+ * SECQUENCE { // algid
+ * OID {} // oid
+ * ANY {} // optional params
+ * }
+ * OCTECT {} // hash
+ */
+
+ /* unwrap */
+ algid = nss_ckcapi_DERUnwrap(current, input->size, &size, NULL);
+
+ if (algid + size != current + input->size) {
+ /* make sure there is not extra data at the end */
+ return CKR_DATA_INVALID;
+ }
+
+ if ((DER_SEQUENCE | DER_CONSTRUCTED) != *algid) {
+ /* wasn't an algid */
+ return CKR_DATA_INVALID;
+ }
+ oid = nss_ckcapi_DERUnwrap(algid, size, &oidSize, &hashData);
+
+ if (DER_OCTET_STRING != *hashData) {
+ /* wasn't a hash */
+ return CKR_DATA_INVALID;
+ }
+
+ /* get the real hash */
+ current = hashData;
+ size = size - (hashData - algid);
+ hash->data = nss_ckcapi_DERUnwrap(current, size, &hash->size, NULL);
+
+ /* get the real oid as a string. Again, Microsoft does not
+ * export anything that does this for us */
+ oidStr = nss_ckcapi_GetOidString(oid, oidSize, &error);
+ if ((char *)NULL == oidStr) {
+ return error;
+ }
+
+ /* look up the hash alg from the oid (fortunately CAPI does to this) */
+ *hashAlg = CertOIDToAlgId(oidStr);
+ nss_ZFreeIf(oidStr);
+ if (0 == *hashAlg) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* hash looks reasonably consistent, we should be able to sign it now */
+ return CKR_OK;
+}
+
+/*
+ * So everyone else in the worlds stores their bignum data MSB first, but not
+ * Microsoft, we need to byte swap everything coming into and out of CAPI.
+ */
+void
+ckcapi_ReverseData(NSSItem *item)
+{
+ int end = (item->size) - 1;
+ int middle = (item->size) / 2;
+ unsigned char *buf = item->data;
+ int i;
+
+ for (i = 0; i < middle; i++) {
+ unsigned char tmp = buf[i];
+ buf[i] = buf[end - i];
+ buf[end - i] = tmp;
+ }
+ return;
+}
+
+typedef struct ckcapiInternalCryptoOperationRSAPrivStr
+ ckcapiInternalCryptoOperationRSAPriv;
+struct ckcapiInternalCryptoOperationRSAPrivStr {
+ NSSCKMDCryptoOperation mdOperation;
+ NSSCKMDMechanism *mdMechanism;
+ ckcapiInternalObject *iKey;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey;
+ NSSItem *buffer;
+};
+
+/*
+ * ckcapi_mdCryptoOperationRSAPriv_Create
+ */
+static NSSCKMDCryptoOperation *
+ckcapi_mdCryptoOperationRSAPriv_Create(
+ const NSSCKMDCryptoOperation *proto,
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDObject *mdKey,
+ CK_RV *pError)
+{
+ ckcapiInternalObject *iKey = (ckcapiInternalObject *)mdKey->etc;
+ const NSSItem *classItem = nss_ckcapi_FetchAttribute(iKey, CKA_CLASS);
+ const NSSItem *keyType = nss_ckcapi_FetchAttribute(iKey, CKA_KEY_TYPE);
+ ckcapiInternalCryptoOperationRSAPriv *iOperation;
+ CK_RV error;
+ HCRYPTPROV hProv;
+ DWORD keySpec;
+ HCRYPTKEY hKey;
+
+ /* make sure we have the right objects */
+ if (((const NSSItem *)NULL == classItem) ||
+ (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
+ (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
+ ((const NSSItem *)NULL == keyType) ||
+ (sizeof(CK_KEY_TYPE) != keyType->size) ||
+ (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
+ *pError = CKR_KEY_TYPE_INCONSISTENT;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ error = nss_ckcapi_FetchKeyContainer(iKey, &hProv, &keySpec, &hKey);
+ if (error != CKR_OK) {
+ *pError = error;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ iOperation = nss_ZNEW(NULL, ckcapiInternalCryptoOperationRSAPriv);
+ if ((ckcapiInternalCryptoOperationRSAPriv *)NULL == iOperation) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ iOperation->mdMechanism = mdMechanism;
+ iOperation->iKey = iKey;
+ iOperation->hProv = hProv;
+ iOperation->keySpec = keySpec;
+ iOperation->hKey = hKey;
+
+ nsslibc_memcpy(&iOperation->mdOperation,
+ proto, sizeof(NSSCKMDCryptoOperation));
+ iOperation->mdOperation.etc = iOperation;
+
+ return &iOperation->mdOperation;
+}
+
+static CK_RV
+ckcapi_mdCryptoOperationRSAPriv_Destroy(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+
+ if (iOperation->hKey) {
+ CryptDestroyKey(iOperation->hKey);
+ }
+ if (iOperation->buffer) {
+ nssItem_Destroy(iOperation->buffer);
+ }
+ nss_ZFreeIf(iOperation);
+ return CKR_OK;
+}
+
+static CK_ULONG
+ckcapi_mdCryptoOperationRSA_GetFinalLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ const NSSItem *modulus =
+ nss_ckcapi_FetchAttribute(iOperation->iKey, CKA_MODULUS);
+
+ return modulus->size;
+}
+
+/*
+ * ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength
+ * we won't know the length until we actually decrypt the
+ * input block. Since we go to all the work to decrypt the
+ * the block, we'll save if for when the block is asked for
+ */
+static CK_ULONG
+ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ CK_RV *pError)
+{
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ BOOL rc;
+
+ /* Microsoft's Decrypt operation works in place. Since we don't want
+ * to trash our input buffer, we make a copy of it */
+ iOperation->buffer = nssItem_Duplicate((NSSItem *)input, NULL, NULL);
+ if ((NSSItem *)NULL == iOperation->buffer) {
+ *pError = CKR_HOST_MEMORY;
+ return 0;
+ }
+ /* Sigh, reverse it */
+ ckcapi_ReverseData(iOperation->buffer);
+
+ rc = CryptDecrypt(iOperation->hKey, 0, TRUE, 0,
+ iOperation->buffer->data, &iOperation->buffer->size);
+ if (!rc) {
+ DWORD msError = GetLastError();
+ switch (msError) {
+ case NTE_BAD_DATA:
+ *pError =
+ CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ case NTE_FAIL:
+ case NTE_BAD_UID:
+ *pError =
+ CKR_DEVICE_ERROR;
+ break;
+ default:
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ return 0;
+ }
+
+ return iOperation->buffer->size;
+}
+
+/*
+ * ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal
+ *
+ * NOTE: ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
+ * have been called previously.
+ */
+static CK_RV
+ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
+{
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ NSSItem *buffer = iOperation->buffer;
+
+ if ((NSSItem *)NULL == buffer) {
+ return CKR_GENERAL_ERROR;
+ }
+ nsslibc_memcpy(output->data, buffer->data, buffer->size);
+ output->size = buffer->size;
+ return CKR_OK;
+}
+
+/*
+ * ckcapi_mdCryptoOperationRSASign_UpdateFinal
+ *
+ */
+static CK_RV
+ckcapi_mdCryptoOperationRSASign_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
+{
+ ckcapiInternalCryptoOperationRSAPriv *iOperation =
+ (ckcapiInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ CK_RV error = CKR_OK;
+ DWORD msError;
+ NSSItem hash;
+ HCRYPTHASH hHash = 0;
+ ALG_ID hashAlg;
+ DWORD hashSize;
+ DWORD len; /* temp length value we throw away */
+ BOOL rc;
+
+ /*
+ * PKCS #11 sign for RSA expects to take a fully DER-encoded hash value,
+ * which includes the hash OID. CAPI expects to take a Hash Context. While
+ * CAPI does have the capability of setting a raw hash value, it does not
+ * have the ability to sign an arbitrary value. This function tries to
+ * reduce the passed in data into something that CAPI could actually sign.
+ */
+ error = ckcapi_GetRawHash(input, &hash, &hashAlg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ rc = CryptCreateHash(iOperation->hProv, hashAlg, 0, 0, &hHash);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* make sure the hash lens match before we set it */
+ len = sizeof(DWORD);
+ rc = CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE *)&hashSize, &len, 0);
+ if (!rc) {
+ goto loser;
+ }
+
+ if (hash.size != hashSize) {
+ /* The input must have been bad for this to happen */
+ error = CKR_DATA_INVALID;
+ goto loser;
+ }
+
+ /* we have an explicit hash, set it, note that the length is
+ * implicit by the hashAlg used in create */
+ rc = CryptSetHashParam(hHash, HP_HASHVAL, hash.data, 0);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* OK, we have the data in a hash structure, sign it! */
+ rc = CryptSignHash(hHash, iOperation->keySpec, NULL, 0,
+ output->data, &output->size);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* Don't return a signature that might have been broken because of a cosmic
+ * ray, or a broken processor, verify that it is valid... */
+ rc = CryptVerifySignature(hHash, output->data, output->size,
+ iOperation->hKey, NULL, 0);
+ if (!rc) {
+ goto loser;
+ }
+
+ /* OK, Microsoft likes to do things completely differently than anyone
+ * else. We need to reverse the data we received here */
+ ckcapi_ReverseData(output);
+ CryptDestroyHash(hHash);
+ return CKR_OK;
+
+loser:
+ /* map the microsoft error */
+ if (CKR_OK == error) {
+ msError = GetLastError();
+ switch (msError) {
+ case ERROR_NOT_ENOUGH_MEMORY:
+ error =
+ CKR_HOST_MEMORY;
+ break;
+ case NTE_NO_MEMORY:
+ error =
+ CKR_DEVICE_MEMORY;
+ break;
+ case ERROR_MORE_DATA:
+ return CKR_BUFFER_TOO_SMALL;
+ case ERROR_INVALID_PARAMETER: /* these params were derived from the */
+ case ERROR_INVALID_HANDLE: /* inputs, so if they are bad, the input */
+ case NTE_BAD_ALGID: /* data is bad */
+ case NTE_BAD_HASH:
+ error =
+ CKR_DATA_INVALID;
+ break;
+ case ERROR_BUSY:
+ case NTE_FAIL:
+ case NTE_BAD_UID:
+ error =
+ CKR_DEVICE_ERROR;
+ break;
+ default:
+ error =
+ CKR_GENERAL_ERROR;
+ break;
+ }
+ }
+ if (hHash) {
+ CryptDestroyHash(hHash);
+ }
+ return error;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
+ ckcapi_mdCryptoOperationRSADecrypt_proto = {
+ NULL, /* etc */
+ ckcapi_mdCryptoOperationRSAPriv_Destroy,
+ NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
+ ckcapi_mdCryptoOperationRSADecrypt_GetOperationLength,
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckcapi_mdCryptoOperationRSADecrypt_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
+
+NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
+ ckcapi_mdCryptoOperationRSASign_proto = {
+ NULL, /* etc */
+ ckcapi_mdCryptoOperationRSAPriv_Destroy,
+ ckcapi_mdCryptoOperationRSA_GetFinalLength,
+ NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckcapi_mdCryptoOperationRSASign_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
+
+/********** NSSCKMDMechansim functions ***********************/
+/*
+ * ckcapi_mdMechanismRSA_Destroy
+ */
+static void
+ckcapi_mdMechanismRSA_Destroy(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_ZFreeIf(fwMechanism);
+}
+
+/*
+ * ckcapi_mdMechanismRSA_GetMinKeySize
+ */
+static CK_ULONG
+ckcapi_mdMechanismRSA_GetMinKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return 384;
+}
+
+/*
+ * ckcapi_mdMechanismRSA_GetMaxKeySize
+ */
+static CK_ULONG
+ckcapi_mdMechanismRSA_GetMaxKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return 16384;
+}
+
+/*
+ * ckcapi_mdMechanismRSA_DecryptInit
+ */
+static NSSCKMDCryptoOperation *
+ckcapi_mdMechanismRSA_DecryptInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
+{
+ return ckcapi_mdCryptoOperationRSAPriv_Create(
+ &ckcapi_mdCryptoOperationRSADecrypt_proto,
+ mdMechanism, mdKey, pError);
+}
+
+/*
+ * ckcapi_mdMechanismRSA_SignInit
+ */
+static NSSCKMDCryptoOperation *
+ckcapi_mdMechanismRSA_SignInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
+{
+ return ckcapi_mdCryptoOperationRSAPriv_Create(
+ &ckcapi_mdCryptoOperationRSASign_proto,
+ mdMechanism, mdKey, pError);
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDMechanism
+ nss_ckcapi_mdMechanismRSA = {
+ (void *)NULL, /* etc */
+ ckcapi_mdMechanismRSA_Destroy,
+ ckcapi_mdMechanismRSA_GetMinKeySize,
+ ckcapi_mdMechanismRSA_GetMaxKeySize,
+ NULL, /* GetInHardware - default false */
+ NULL, /* EncryptInit - default errs */
+ ckcapi_mdMechanismRSA_DecryptInit,
+ NULL, /* DigestInit - default errs*/
+ ckcapi_mdMechanismRSA_SignInit,
+ NULL, /* VerifyInit - default errs */
+ ckcapi_mdMechanismRSA_SignInit, /* SignRecoverInit */
+ NULL, /* VerifyRecoverInit - default errs */
+ NULL, /* GenerateKey - default errs */
+ NULL, /* GenerateKeyPair - default errs */
+ NULL, /* GetWrapKeyLength - default errs */
+ NULL, /* WrapKey - default errs */
+ NULL, /* UnwrapKey - default errs */
+ NULL, /* DeriveKey - default errs */
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/capi/csession.c b/security/nss/lib/ckfw/capi/csession.c
new file mode 100644
index 000000000..5b268ead1
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/csession.c
@@ -0,0 +1,87 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckcapi.h"
+
+/*
+ * ckcapi/csession.c
+ *
+ * This file implements the NSSCKMDSession object for the
+ * "nss to capi" cryptoki module.
+ */
+
+static NSSCKMDFindObjects *
+ckcapi_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ return nss_ckcapi_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
+}
+
+static NSSCKMDObject *
+ckcapi_mdSession_CreateObject(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ return nss_ckcapi_CreateObject(fwSession, pTemplate, ulAttributeCount, pError);
+}
+
+NSS_IMPLEMENT NSSCKMDSession *
+nss_ckcapi_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+ NSSArena *arena;
+ NSSCKMDSession *rv;
+
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+ if ((NSSArena *)NULL == arena) {
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ /*
+ * rv was zeroed when allocated, so we only
+ * need to set the non-zero members.
+ */
+
+ rv->etc = (void *)fwSession;
+ /* rv->Close */
+ /* rv->GetDeviceError */
+ /* rv->Login */
+ /* rv->Logout */
+ /* rv->InitPIN */
+ /* rv->SetPIN */
+ /* rv->GetOperationStateLen */
+ /* rv->GetOperationState */
+ /* rv->SetOperationState */
+ rv->CreateObject = ckcapi_mdSession_CreateObject;
+ /* rv->CopyObject */
+ rv->FindObjectsInit = ckcapi_mdSession_FindObjectsInit;
+ /* rv->SeedRandom */
+ /* rv->GetRandom */
+ /* rv->null */
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/capi/cslot.c b/security/nss/lib/ckfw/capi/cslot.c
new file mode 100644
index 000000000..8a39b7888
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/cslot.c
@@ -0,0 +1,81 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckcapi.h"
+
+/*
+ * ckcapi/cslot.c
+ *
+ * This file implements the NSSCKMDSlot object for the
+ * "nss to capi" cryptoki module.
+ */
+
+static NSSUTF8 *
+ckcapi_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_SlotDescription;
+}
+
+static NSSUTF8 *
+ckcapi_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
+}
+
+static CK_VERSION
+ckcapi_mdSlot_GetHardwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckcapi_HardwareVersion;
+}
+
+static CK_VERSION
+ckcapi_mdSlot_GetFirmwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckcapi_FirmwareVersion;
+}
+
+static NSSCKMDToken *
+ckcapi_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSCKMDToken *)&nss_ckcapi_mdToken;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDSlot
+ nss_ckcapi_mdSlot = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Destroy */
+ ckcapi_mdSlot_GetSlotDescription,
+ ckcapi_mdSlot_GetManufacturerID,
+ NULL, /* GetTokenPresent -- defaults to true */
+ NULL, /* GetRemovableDevice -- defaults to false */
+ NULL, /* GetHardwareSlot -- defaults to false */
+ ckcapi_mdSlot_GetHardwareVersion,
+ ckcapi_mdSlot_GetFirmwareVersion,
+ ckcapi_mdSlot_GetToken,
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/capi/ctoken.c b/security/nss/lib/ckfw/capi/ctoken.c
new file mode 100644
index 000000000..cc95c17b6
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/ctoken.c
@@ -0,0 +1,184 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckcapi.h"
+
+/*
+ * ckcapi/ctoken.c
+ *
+ * This file implements the NSSCKMDToken object for the
+ * "nss to capi" cryptoki module.
+ */
+
+static NSSUTF8 *
+ckcapi_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_TokenLabel;
+}
+
+static NSSUTF8 *
+ckcapi_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_ManufacturerID;
+}
+
+static NSSUTF8 *
+ckcapi_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_TokenModel;
+}
+
+static NSSUTF8 *
+ckcapi_mdToken_GetSerialNumber(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckcapi_TokenSerialNumber;
+}
+
+static CK_BBOOL
+ckcapi_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_FALSE;
+}
+
+/* fake out Mozilla so we don't try to initialize the token */
+static CK_BBOOL
+ckcapi_mdToken_GetUserPinInitialized(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_VERSION
+ckcapi_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckcapi_HardwareVersion;
+}
+
+static CK_VERSION
+ckcapi_mdToken_GetFirmwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckcapi_FirmwareVersion;
+}
+
+static NSSCKMDSession *
+ckcapi_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
+{
+ return nss_ckcapi_CreateSession(fwSession, pError);
+}
+
+static CK_ULONG
+ckcapi_mdToken_GetMechanismCount(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return (CK_ULONG)1;
+}
+
+static CK_RV
+ckcapi_mdToken_GetMechanismTypes(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE types[])
+{
+ types[0] = CKM_RSA_PKCS;
+ return CKR_OK;
+}
+
+static NSSCKMDMechanism *
+ckcapi_mdToken_GetMechanism(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError)
+{
+ if (which != CKM_RSA_PKCS) {
+ *pError = CKR_MECHANISM_INVALID;
+ return (NSSCKMDMechanism *)NULL;
+ }
+ return (NSSCKMDMechanism *)&nss_ckcapi_mdMechanismRSA;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDToken
+ nss_ckcapi_mdToken = {
+ (void *)NULL, /* etc */
+ NULL, /* Setup */
+ NULL, /* Invalidate */
+ NULL, /* InitToken -- default errs */
+ ckcapi_mdToken_GetLabel,
+ ckcapi_mdToken_GetManufacturerID,
+ ckcapi_mdToken_GetModel,
+ ckcapi_mdToken_GetSerialNumber,
+ NULL, /* GetHasRNG -- default is false */
+ ckcapi_mdToken_GetIsWriteProtected,
+ NULL, /* GetLoginRequired -- default is false */
+ ckcapi_mdToken_GetUserPinInitialized,
+ NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
+ NULL, /* GetHasClockOnToken -- default is false */
+ NULL, /* GetHasProtectedAuthenticationPath -- default is false */
+ NULL, /* GetSupportsDualCryptoOperations -- default is false */
+ NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxPinLen -- irrelevant */
+ NULL, /* GetMinPinLen -- irrelevant */
+ NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ ckcapi_mdToken_GetHardwareVersion,
+ ckcapi_mdToken_GetFirmwareVersion,
+ NULL, /* GetUTCTime -- no clock */
+ ckcapi_mdToken_OpenSession,
+ ckcapi_mdToken_GetMechanismCount,
+ ckcapi_mdToken_GetMechanismTypes,
+ ckcapi_mdToken_GetMechanism,
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/capi/manifest.mn b/security/nss/lib/ckfw/capi/manifest.mn
new file mode 100644
index 000000000..38effd759
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/manifest.mn
@@ -0,0 +1,33 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../../../..
+
+MODULE = nss
+MAPFILE = $(OBJDIR)/nsscapi.def
+
+EXPORTS = \
+ nsscapi.h \
+ $(NULL)
+
+CSRCS = \
+ anchor.c \
+ constants.c \
+ cfind.c \
+ cinst.c \
+ cobject.c \
+ crsa.c \
+ csession.c \
+ cslot.c \
+ ctoken.c \
+ ckcapiver.c \
+ staticobj.c \
+ $(NULL)
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nsscapi
+
+#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/capi/nsscapi.def b/security/nss/lib/ckfw/capi/nsscapi.def
new file mode 100644
index 000000000..d7e68c7f4
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/nsscapi.def
@@ -0,0 +1,26 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSS_3.1 { # NSS 3.1 release
+;+ global:
+LIBRARY nsscapi ;-
+EXPORTS ;-
+C_GetFunctionList;
+;+ local:
+;+*;
+;+};
diff --git a/security/nss/lib/ckfw/capi/nsscapi.h b/security/nss/lib/ckfw/capi/nsscapi.h
new file mode 100644
index 000000000..78bf38b28
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/nsscapi.h
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSCAPI_H
+#define NSSCAPI_H
+
+/*
+ * NSS CKCAPI Version numbers.
+ *
+ * These are the version numbers for the capi module packaged with
+ * this release on NSS. To determine the version numbers of the builtin
+ * module you are using, use the appropriate PKCS #11 calls.
+ *
+ * These version numbers detail changes to the PKCS #11 interface. They map
+ * to the PKCS #11 spec versions.
+ */
+#define NSS_CKCAPI_CRYPTOKI_VERSION_MAJOR 2
+#define NSS_CKCAPI_CRYPTOKI_VERSION_MINOR 20
+
+/* These version numbers detail the changes
+ * to the list of trusted certificates.
+ *
+ * NSS_CKCAPI_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
+ * whether we may use its full range (0-255) or only 0-99 because
+ * of the comment in the CK_VERSION type definition.
+ */
+#define NSS_CKCAPI_LIBRARY_VERSION_MAJOR 1
+#define NSS_CKCAPI_LIBRARY_VERSION_MINOR 1
+#define NSS_CKCAPI_LIBRARY_VERSION "1.1"
+
+/* These version numbers detail the semantic changes to the ckfw engine. */
+#define NSS_CKCAPI_HARDWARE_VERSION_MAJOR 1
+#define NSS_CKCAPI_HARDWARE_VERSION_MINOR 0
+
+/* These version numbers detail the semantic changes to ckbi itself
+ * (new PKCS #11 objects), etc. */
+#define NSS_CKCAPI_FIRMWARE_VERSION_MAJOR 1
+#define NSS_CKCAPI_FIRMWARE_VERSION_MINOR 0
+
+#endif /* NSSCKBI_H */
diff --git a/security/nss/lib/ckfw/capi/nsscapi.rc b/security/nss/lib/ckfw/capi/nsscapi.rc
new file mode 100644
index 000000000..27912009b
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/nsscapi.rc
@@ -0,0 +1,64 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsscapi.h"
+#include <winver.h>
+
+#define MY_LIBNAME "nsscapi"
+#define MY_FILEDESCRIPTION "NSS Access to Microsoft CAPI"
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if NSS_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION NSS_CKCAPI_LIBRARY_VERSION_MAJOR,NSS_CKCAPI_LIBRARY_VERSION_MINOR,0,0
+ PRODUCTVERSION NSS_CKCAPI_LIBRARY_VERSION_MAJOR,NSS_CKCAPI_LIBRARY_VERSION_MINOR,0,0
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", NSS_CKCAPI_LIBRARY_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", NSS_CKCAPI_LIBRARY_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/ckfw/capi/staticobj.c b/security/nss/lib/ckfw/capi/staticobj.c
new file mode 100644
index 000000000..2d67a34b3
--- /dev/null
+++ b/security/nss/lib/ckfw/capi/staticobj.c
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKCAPI_H
+#include "ckcapi.h"
+#endif /* CKCAPI_H */
+
+static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID;
+static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
+static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR;
+static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST;
+static const CK_BBOOL ck_true = CK_TRUE;
+static const CK_OBJECT_CLASS cko_data = CKO_DATA;
+static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509;
+static const CK_BBOOL ck_false = CK_FALSE;
+static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
+
+/* example of a static object */
+static const CK_ATTRIBUTE_TYPE nss_ckcapi_types_1[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
+};
+
+static const NSSItem nss_ckcapi_items_1[] = {
+ { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Mozilla CAPI Access", (PRUint32)20 }
+};
+
+ckcapiInternalObject nss_ckcapi_data[] = {
+ {
+ ckcapiRaw,
+ { 5, nss_ckcapi_types_1, nss_ckcapi_items_1 },
+ },
+
+};
+
+const PRUint32 nss_ckcapi_nObjects = 1;
diff --git a/security/nss/lib/ckfw/ck.api b/security/nss/lib/ckfw/ck.api
new file mode 100644
index 000000000..810e3db5c
--- /dev/null
+++ b/security/nss/lib/ckfw/ck.api
@@ -0,0 +1,541 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# This file is in part derived from a file "pkcs11f.h" made available
+# by RSA Security at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/pkcs11f.h
+
+# Fields
+# FUNCTION introduces a Cryptoki function
+# CK_type specifies and introduces an argument
+#
+
+# General-purpose
+
+# C_Initialize initializes the Cryptoki library.
+FUNCTION C_Initialize
+CK_VOID_PTR pInitArgs # if this is not NULL_PTR, it gets
+ # cast to CK_C_INITIALIZE_ARGS_PTR
+ # and dereferenced
+
+# C_Finalize indicates that an application is done with the
+# Cryptoki library.
+FUNCTION C_Finalize
+CK_VOID_PTR pReserved # reserved. Should be NULL_PTR
+
+# C_GetInfo returns general information about Cryptoki.
+FUNCTION C_GetInfo
+CK_INFO_PTR pInfo # location that receives information
+
+# C_GetFunctionList returns the function list.
+FUNCTION C_GetFunctionList
+CK_FUNCTION_LIST_PTR_PTR ppFunctionList # receives pointer to function
+ # list
+
+
+# Slot and token management
+
+# C_GetSlotList obtains a list of slots in the system.
+FUNCTION C_GetSlotList
+CK_BBOOL tokenPresent # only slots with tokens?
+CK_SLOT_ID_PTR pSlotList # receives array of slot IDs
+CK_ULONG_PTR pulCount # receives number of slots
+
+# C_GetSlotInfo obtains information about a particular slot in the
+# system.
+FUNCTION C_GetSlotInfo
+CK_SLOT_ID slotID # the ID of the slot
+CK_SLOT_INFO_PTR pInfo # receives the slot information
+
+# C_GetTokenInfo obtains information about a particular token in the
+# system.
+FUNCTION C_GetTokenInfo
+CK_SLOT_ID slotID # ID of the token's slot
+CK_TOKEN_INFO_PTR pInfo # receives the token information
+
+# C_GetMechanismList obtains a list of mechanism types supported by a
+# token.
+FUNCTION C_GetMechanismList
+CK_SLOT_ID slotID # ID of token's slot
+CK_MECHANISM_TYPE_PTR pMechanismList # gets mech. array
+CK_ULONG_PTR pulCount # gets # of mechs.
+
+# C_GetMechanismInfo obtains information about a particular mechanism
+# possibly supported by a token.
+FUNCTION C_GetMechanismInfo
+CK_SLOT_ID slotID # ID of the token's slot
+CK_MECHANISM_TYPE type # type of mechanism
+CK_MECHANISM_INFO_PTR pInfo # receives mechanism info
+
+# C_InitToken initializes a token.
+FUNCTION C_InitToken
+CK_SLOT_ID slotID # ID of the token's slot
+CK_CHAR_PTR pPin # the SO's initial PIN
+CK_ULONG ulPinLen # length in bytes of the PIN
+CK_CHAR_PTR pLabel # 32-byte token label (blank padded)
+
+# C_InitPIN initializes the normal user's PIN.
+FUNCTION C_InitPIN
+CK_SESSION_HANDLE hSession # the session's handle
+CK_CHAR_PTR pPin # the normal user's PIN
+CK_ULONG ulPinLen # length in bytes of the PIN
+
+# C_SetPIN modifies the PIN of the user who is logged in.
+FUNCTION C_SetPIN
+CK_SESSION_HANDLE hSession # the session's handle
+CK_CHAR_PTR pOldPin # the old PIN
+CK_ULONG ulOldLen # length of the old PIN
+CK_CHAR_PTR pNewPin # the new PIN
+CK_ULONG ulNewLen # length of the new PIN
+
+
+# Session management
+
+# C_OpenSession opens a session between an application and a token.
+FUNCTION C_OpenSession
+CK_SLOT_ID slotID # the slot's ID
+CK_FLAGS flags # from CK_SESSION_INFO
+CK_VOID_PTR pApplication # passed to callback
+CK_NOTIFY Notify # callback function
+CK_SESSION_HANDLE_PTR phSession # gets session handle
+
+# C_CloseSession closes a session between an application and a token.
+FUNCTION C_CloseSession
+CK_SESSION_HANDLE hSession # the session's handle
+
+# C_CloseAllSessions closes all sessions with a token.
+FUNCTION C_CloseAllSessions
+CK_SLOT_ID slotID # the token's slot
+
+# C_GetSessionInfo obtains information about the session.
+FUNCTION C_GetSessionInfo
+CK_SESSION_HANDLE hSession # the session's handle
+CK_SESSION_INFO_PTR pInfo # receives session info
+
+# C_GetOperationState obtains the state of the cryptographic
+# operation in a session.
+FUNCTION C_GetOperationState
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pOperationState # gets state
+CK_ULONG_PTR pulOperationStateLen # gets state length
+
+# C_SetOperationState restores the state of the cryptographic
+# operation in a session.
+FUNCTION C_SetOperationState
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pOperationState # holds state
+CK_ULONG ulOperationStateLen # holds state length
+CK_OBJECT_HANDLE hEncryptionKey # en/decryption key
+CK_OBJECT_HANDLE hAuthenticationKey # sign/verify key
+
+# C_Login logs a user into a token.
+FUNCTION C_Login
+CK_SESSION_HANDLE hSession # the session's handle
+CK_USER_TYPE userType # the user type
+CK_CHAR_PTR pPin # the user's PIN
+CK_ULONG ulPinLen # the length of the PIN
+
+# C_Logout logs a user out from a token.
+FUNCTION C_Logout
+CK_SESSION_HANDLE hSession # the session's handle
+
+
+# Object management
+
+# C_CreateObject creates a new object.
+FUNCTION C_CreateObject
+CK_SESSION_HANDLE hSession # the session's handle
+CK_ATTRIBUTE_PTR pTemplate # the object's template
+CK_ULONG ulCount # attributes in template
+CK_OBJECT_HANDLE_PTR phObject # gets new object's handle.
+
+# C_CopyObject copies an object, creating a new object for the copy.
+FUNCTION C_CopyObject
+CK_SESSION_HANDLE hSession # the session's handle
+CK_OBJECT_HANDLE hObject # the object's handle
+CK_ATTRIBUTE_PTR pTemplate # template for new object
+CK_ULONG ulCount # attributes in template
+CK_OBJECT_HANDLE_PTR phNewObject # receives handle of copy
+
+# C_DestroyObject destroys an object.
+FUNCTION C_DestroyObject
+CK_SESSION_HANDLE hSession # the session's handle
+CK_OBJECT_HANDLE hObject # the object's handle
+
+# C_GetObjectSize gets the size of an object in bytes.
+FUNCTION C_GetObjectSize
+CK_SESSION_HANDLE hSession # the session's handle
+CK_OBJECT_HANDLE hObject # the object's handle
+CK_ULONG_PTR pulSize # receives size of object
+
+# C_GetAttributeValue obtains the value of one or more object
+# attributes.
+FUNCTION C_GetAttributeValue
+CK_SESSION_HANDLE hSession # the session's handle
+CK_OBJECT_HANDLE hObject # the object's handle
+CK_ATTRIBUTE_PTR pTemplate # specifies attrs; gets vals
+CK_ULONG ulCount # attributes in template
+
+# C_SetAttributeValue modifies the value of one or more object
+# attributes
+FUNCTION C_SetAttributeValue
+CK_SESSION_HANDLE hSession # the session's handle
+CK_OBJECT_HANDLE hObject # the object's handle
+CK_ATTRIBUTE_PTR pTemplate # specifies attrs and values
+CK_ULONG ulCount # attributes in template
+
+# C_FindObjectsInit initializes a search for token and session
+# objects that match a template.
+FUNCTION C_FindObjectsInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_ATTRIBUTE_PTR pTemplate # attribute values to match
+CK_ULONG ulCount # attrs in search template
+
+# C_FindObjects continues a search for token and session objects that
+# match a template, obtaining additional object handles.
+FUNCTION C_FindObjects
+CK_SESSION_HANDLE hSession # session's handle
+CK_OBJECT_HANDLE_PTR phObject # gets obj. handles
+CK_ULONG ulMaxObjectCount # max handles to get
+CK_ULONG_PTR pulObjectCount # actual # returned
+
+# C_FindObjectsFinal finishes a search for token and session objects.
+FUNCTION C_FindObjectsFinal
+CK_SESSION_HANDLE hSession # the session's handle
+
+
+# Encryption and decryption
+
+# C_EncryptInit initializes an encryption operation.
+FUNCTION C_EncryptInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the encryption mechanism
+CK_OBJECT_HANDLE hKey # handle of encryption key
+
+# C_Encrypt encrypts single-part data.
+FUNCTION C_Encrypt
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pData # the plaintext data
+CK_ULONG ulDataLen # bytes of plaintext
+CK_BYTE_PTR pEncryptedData # gets ciphertext
+CK_ULONG_PTR pulEncryptedDataLen # gets c-text size
+
+# C_EncryptUpdate continues a multiple-part encryption operation.
+FUNCTION C_EncryptUpdate
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pPart # the plaintext data
+CK_ULONG ulPartLen # plaintext data len
+CK_BYTE_PTR pEncryptedPart # gets ciphertext
+CK_ULONG_PTR pulEncryptedPartLen # gets c-text size
+
+# C_EncryptFinal finishes a multiple-part encryption operation.
+FUNCTION C_EncryptFinal
+CK_SESSION_HANDLE hSession # session handle
+CK_BYTE_PTR pLastEncryptedPart # last c-text
+CK_ULONG_PTR pulLastEncryptedPartLen # gets last size
+
+# C_DecryptInit initializes a decryption operation.
+FUNCTION C_DecryptInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the decryption mechanism
+CK_OBJECT_HANDLE hKey # handle of decryption key
+
+# C_Decrypt decrypts encrypted data in a single part.
+FUNCTION C_Decrypt
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pEncryptedData # ciphertext
+CK_ULONG ulEncryptedDataLen # ciphertext length
+CK_BYTE_PTR pData # gets plaintext
+CK_ULONG_PTR pulDataLen # gets p-text size
+
+# C_DecryptUpdate continues a multiple-part decryption operation.
+FUNCTION C_DecryptUpdate
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pEncryptedPart # encrypted data
+CK_ULONG ulEncryptedPartLen # input length
+CK_BYTE_PTR pPart # gets plaintext
+CK_ULONG_PTR pulPartLen # p-text size
+
+# C_DecryptFinal finishes a multiple-part decryption operation.
+FUNCTION C_DecryptFinal
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pLastPart # gets plaintext
+CK_ULONG_PTR pulLastPartLen # p-text size
+
+
+# Message digesting
+
+# C_DigestInit initializes a message-digesting operation.
+FUNCTION C_DigestInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the digesting mechanism
+
+# C_Digest digests data in a single part.
+FUNCTION C_Digest
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pData # data to be digested
+CK_ULONG ulDataLen # bytes of data to digest
+CK_BYTE_PTR pDigest # gets the message digest
+CK_ULONG_PTR pulDigestLen # gets digest length
+
+# C_DigestUpdate continues a multiple-part message-digesting operation.
+FUNCTION C_DigestUpdate
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pPart # data to be digested
+CK_ULONG ulPartLen # bytes of data to be digested
+
+# C_DigestKey continues a multi-part message-digesting operation, by
+# digesting the value of a secret key as part of the data already
+# digested.
+FUNCTION C_DigestKey
+CK_SESSION_HANDLE hSession # the session's handle
+CK_OBJECT_HANDLE hKey # secret key to digest
+
+# C_DigestFinal finishes a multiple-part message-digesting operation.
+FUNCTION C_DigestFinal
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pDigest # gets the message digest
+CK_ULONG_PTR pulDigestLen # gets byte count of digest
+
+
+# Signing and MACing
+
+# C_SignInit initializes a signature (private key encryption)
+# operation, where the signature is (will be) an appendix to the
+# data, and plaintext cannot be recovered from the signature.
+FUNCTION C_SignInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the signature mechanism
+CK_OBJECT_HANDLE hKey # handle of signature key
+
+# C_Sign signs (encrypts with private key) data in a single part,
+# where the signature is (will be) an appendix to the data, and
+# plaintext cannot be recovered from the signature.
+FUNCTION C_Sign
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pData # the data to sign
+CK_ULONG ulDataLen # count of bytes to sign
+CK_BYTE_PTR pSignature # gets the signature
+CK_ULONG_PTR pulSignatureLen # gets signature length
+
+# C_SignUpdate continues a multiple-part signature operation, where
+# the signature is (will be) an appendix to the data, and plaintext
+# cannot be recovered from the signature.
+FUNCTION C_SignUpdate
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pPart # the data to sign
+CK_ULONG ulPartLen # count of bytes to sign
+
+# C_SignFinal finishes a multiple-part signature operation, returning
+# the signature.
+FUNCTION C_SignFinal
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pSignature # gets the signature
+CK_ULONG_PTR pulSignatureLen # gets signature length
+
+# C_SignRecoverInit initializes a signature operation, where the data
+# can be recovered from the signature.
+FUNCTION C_SignRecoverInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the signature mechanism
+CK_OBJECT_HANDLE hKey # handle of the signature key
+
+# C_SignRecover signs data in a single operation, where the data can
+# be recovered from the signature.
+FUNCTION C_SignRecover
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pData # the data to sign
+CK_ULONG ulDataLen # count of bytes to sign
+CK_BYTE_PTR pSignature # gets the signature
+CK_ULONG_PTR pulSignatureLen # gets signature length
+
+
+# Verifying signatures and MACs
+
+# C_VerifyInit initializes a verification operation, where the
+# signature is an appendix to the data, and plaintext cannot cannot
+# be recovered from the signature (e.g. DSA).
+FUNCTION C_VerifyInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the verification mechanism
+CK_OBJECT_HANDLE hKey # verification key
+
+# C_Verify verifies a signature in a single-part operation, where the
+# signature is an appendix to the data, and plaintext cannot be
+# recovered from the signature.
+FUNCTION C_Verify
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pData # signed data
+CK_ULONG ulDataLen # length of signed data
+CK_BYTE_PTR pSignature # signature
+CK_ULONG ulSignatureLen # signature length
+
+# C_VerifyUpdate continues a multiple-part verification operation,
+# where the signature is an appendix to the data, and plaintext cannot be
+# recovered from the signature.
+FUNCTION C_VerifyUpdate
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pPart # signed data
+CK_ULONG ulPartLen # length of signed data
+
+# C_VerifyFinal finishes a multiple-part verification operation,
+# checking the signature.
+FUNCTION C_VerifyFinal
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pSignature # signature to verify
+CK_ULONG ulSignatureLen # signature length
+
+# C_VerifyRecoverInit initializes a signature verification operation,
+# where the data is recovered from the signature.
+FUNCTION C_VerifyRecoverInit
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the verification mechanism
+CK_OBJECT_HANDLE hKey # verification key
+
+# C_VerifyRecover verifies a signature in a single-part operation,
+# where the data is recovered from the signature.
+FUNCTION C_VerifyRecover
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pSignature # signature to verify
+CK_ULONG ulSignatureLen # signature length
+CK_BYTE_PTR pData # gets signed data
+CK_ULONG_PTR pulDataLen # gets signed data len
+
+
+# Dual-function cryptographic operations
+
+# C_DigestEncryptUpdate continues a multiple-part digesting and
+# encryption operation.
+FUNCTION C_DigestEncryptUpdate
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pPart # the plaintext data
+CK_ULONG ulPartLen # plaintext length
+CK_BYTE_PTR pEncryptedPart # gets ciphertext
+CK_ULONG_PTR pulEncryptedPartLen # gets c-text length
+
+# C_DecryptDigestUpdate continues a multiple-part decryption and
+# digesting operation.
+FUNCTION C_DecryptDigestUpdate
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pEncryptedPart # ciphertext
+CK_ULONG ulEncryptedPartLen # ciphertext length
+CK_BYTE_PTR pPart # gets plaintext
+CK_ULONG_PTR pulPartLen # gets plaintext len
+
+# C_SignEncryptUpdate continues a multiple-part signing and
+# encryption operation.
+FUNCTION C_SignEncryptUpdate
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pPart # the plaintext data
+CK_ULONG ulPartLen # plaintext length
+CK_BYTE_PTR pEncryptedPart # gets ciphertext
+CK_ULONG_PTR pulEncryptedPartLen # gets c-text length
+
+# C_DecryptVerifyUpdate continues a multiple-part decryption and
+# verify operation.
+FUNCTION C_DecryptVerifyUpdate
+CK_SESSION_HANDLE hSession # session's handle
+CK_BYTE_PTR pEncryptedPart # ciphertext
+CK_ULONG ulEncryptedPartLen # ciphertext length
+CK_BYTE_PTR pPart # gets plaintext
+CK_ULONG_PTR pulPartLen # gets p-text length
+
+
+# Key management
+
+# C_GenerateKey generates a secret key, creating a new key object.
+FUNCTION C_GenerateKey
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # key generation mech.
+CK_ATTRIBUTE_PTR pTemplate # template for new key
+CK_ULONG ulCount # # of attrs in template
+CK_OBJECT_HANDLE_PTR phKey # gets handle of new key
+
+# C_GenerateKeyPair generates a public-key/private-key pair, creating
+# new key objects.
+FUNCTION C_GenerateKeyPair
+CK_SESSION_HANDLE hSession # session handle
+CK_MECHANISM_PTR pMechanism # key-gen mech.
+CK_ATTRIBUTE_PTR pPublicKeyTemplate # template for pub. key
+CK_ULONG ulPublicKeyAttributeCount # # pub. attrs.
+CK_ATTRIBUTE_PTR pPrivateKeyTemplate # template for priv. key
+CK_ULONG ulPrivateKeyAttributeCount # # priv. attrs.
+CK_OBJECT_HANDLE_PTR phPublicKey # gets pub. key handle
+CK_OBJECT_HANDLE_PTR phPrivateKey # gets priv. key handle
+
+# C_WrapKey wraps (i.e., encrypts) a key.
+FUNCTION C_WrapKey
+CK_SESSION_HANDLE hSession # the session's handle
+CK_MECHANISM_PTR pMechanism # the wrapping mechanism
+CK_OBJECT_HANDLE hWrappingKey # wrapping key
+CK_OBJECT_HANDLE hKey # key to be wrapped
+CK_BYTE_PTR pWrappedKey # gets wrapped key
+CK_ULONG_PTR pulWrappedKeyLen # gets wrapped key size
+
+# C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key
+# object.
+FUNCTION C_UnwrapKey
+CK_SESSION_HANDLE hSession # session's handle
+CK_MECHANISM_PTR pMechanism # unwrapping mech.
+CK_OBJECT_HANDLE hUnwrappingKey # unwrapping key
+CK_BYTE_PTR pWrappedKey # the wrapped key
+CK_ULONG ulWrappedKeyLen # wrapped key len
+CK_ATTRIBUTE_PTR pTemplate # new key template
+CK_ULONG ulAttributeCount # template length
+CK_OBJECT_HANDLE_PTR phKey # gets new handle
+
+# C_DeriveKey derives a key from a base key, creating a new key object.
+FUNCTION C_DeriveKey
+CK_SESSION_HANDLE hSession # session's handle
+CK_MECHANISM_PTR pMechanism # key deriv. mech.
+CK_OBJECT_HANDLE hBaseKey # base key
+CK_ATTRIBUTE_PTR pTemplate # new key template
+CK_ULONG ulAttributeCount # template length
+CK_OBJECT_HANDLE_PTR phKey # gets new handle
+
+
+# Random number generation
+
+# C_SeedRandom mixes additional seed material into the token's random
+# number generator.
+FUNCTION C_SeedRandom
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR pSeed # the seed material
+CK_ULONG ulSeedLen # length of seed material
+
+# C_GenerateRandom generates random data.
+FUNCTION C_GenerateRandom
+CK_SESSION_HANDLE hSession # the session's handle
+CK_BYTE_PTR RandomData # receives the random data
+CK_ULONG ulRandomLen # # of bytes to generate
+
+
+# Parallel function management
+
+# C_GetFunctionStatus is a legacy function; it obtains an updated
+# status of a function running in parallel with an application.
+FUNCTION C_GetFunctionStatus
+CK_SESSION_HANDLE hSession # the session's handle
+
+# C_CancelFunction is a legacy function; it cancels a function running
+# in parallel.
+FUNCTION C_CancelFunction
+CK_SESSION_HANDLE hSession # the session's handle
+
+
+# Functions added in for Cryptoki Version 2.01 or later
+
+# C_WaitForSlotEvent waits for a slot event (token insertion, removal,
+# etc.) to occur.
+FUNCTION C_WaitForSlotEvent
+CK_FLAGS flags # blocking/nonblocking flag
+CK_SLOT_ID_PTR pSlot # location that receives the slot ID
+CK_VOID_PTR pRserved # reserved. Should be NULL_PTR
+
+## C_ConfigureSlot passes an installation-specified bytestring to a
+## slot.
+#FUNCTION C_ConfigureSlot
+#CK_SLOT_ID slotID # the slot to configure
+#CK_BYTE_PTR pConfig # the configuration string
+#CK_ULONG ulConfigLen # length of the config string
diff --git a/security/nss/lib/ckfw/ck.h b/security/nss/lib/ckfw/ck.h
new file mode 100644
index 000000000..1f0237bf8
--- /dev/null
+++ b/security/nss/lib/ckfw/ck.h
@@ -0,0 +1,88 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CK_H
+#define CK_H
+
+/*
+ * ck.h
+ *
+ * This header file consolidates all header files needed by the source
+ * files implementing the NSS Cryptoki Framework. This makes managing
+ * the source files a bit easier.
+ */
+
+/* Types */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFT_H
+#include "nssckft.h"
+#endif /* NSSCKFT_H */
+
+#ifndef NSSCKEPV_H
+#include "nssckepv.h"
+#endif /* NSSCKEPV_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+#ifndef NSSCKMDT_H
+#include "nssckmdt.h"
+#endif /* NSSCKMDT_H */
+
+#ifndef CKT_H
+#include "ckt.h"
+#endif /* CKT_H */
+
+#ifndef CKFWTM_H
+#include "ckfwtm.h"
+#endif /* CKFWTM_H */
+
+/* Prototypes */
+
+#ifndef NSSBASE_H
+#include "nssbase.h"
+#endif /* NSSBASE_H */
+
+#ifndef NSSCKG_H
+#include "nssckg.h"
+#endif /* NSSCKG_H */
+
+#ifndef NSSCKFW_H
+#include "nssckfw.h"
+#endif /* NSSCKFW_H */
+
+#ifndef NSSCKFWC_H
+#include "nssckfwc.h"
+#endif /* NSSCKFWC_H */
+
+#ifndef CKFW_H
+#include "ckfw.h"
+#endif /* CKFW_H */
+
+#ifndef CKFWM_H
+#include "ckfwm.h"
+#endif /* CKFWM_H */
+
+#ifndef CKMD_H
+#include "ckmd.h"
+#endif /* CKMD_H */
+
+/* NSS-private */
+
+/* nss_ZNEW and the like. We might want to publish the memory APIs.. */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#endif /* CK_H */
diff --git a/security/nss/lib/ckfw/ckapi.perl b/security/nss/lib/ckfw/ckapi.perl
new file mode 100644
index 000000000..f294ba79d
--- /dev/null
+++ b/security/nss/lib/ckfw/ckapi.perl
@@ -0,0 +1,434 @@
+#!perl
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+$copyright = '/* THIS IS A GENERATED FILE */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+';
+
+$count = -1;
+$i = 0;
+
+open(INPUT, "<$ARGV[0]") || die "Can't open $ARGV[0]: $!";
+
+while(<INPUT>) {
+ s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
+ next if (/^\s*$/);
+
+# print;
+
+ /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
+ $name = $1;
+ $value = $2;
+
+ if( ($name =~ "FUNCTION") && !($name =~ "CK_FUNCTION") ) {
+ $count++;
+ $x[$count]{name} = $value;
+ $i = 0;
+ } else {
+ if( $count < 0 ) {
+ $value =~ s/"//g;
+ $g{$name} = $value;
+ } else {
+ $x[$count]{args}[$i]{type} = $name;
+ $x[$count]{args}[$i]{name} = $value;
+ $i++;
+ $x[$count]{nargs} = $i; # rewritten each time, oh well
+ }
+ }
+}
+
+close INPUT;
+
+# dodump();
+doprint();
+
+sub dodump {
+ for( $j = 0; $j <= $count; $j++ ) {
+ print "CK_RV CK_ENTRY $x[$j]{name}\n";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print "\n";
+ } else {
+ print ",\n";
+ }
+ }
+ }
+}
+
+sub doprint {
+open(PROTOTYPE, ">nssckg.h") || die "Can't open nssckg.h: $!";
+open(TYPEDEF, ">nssckft.h") || die "Can't open nssckft.h: $!";
+open(EPV, ">nssckepv.h") || die "Can't open nssckepv.h: $!";
+open(API, ">nssck.api") || die "Can't open nssck.api: $!";
+
+select PROTOTYPE;
+
+print $copyright;
+print <<EOD
+#ifndef NSSCKG_H
+#define NSSCKG_H
+
+/*
+ * nssckg.h
+ *
+ * This automatically-generated header file prototypes the Cryptoki
+ * functions specified by PKCS#11.
+ */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+EOD
+ ;
+
+for( $j = 0; $j <= $count; $j++ ) {
+ print "CK_RV CK_ENTRY $x[$j]{name}\n";
+ print "(\n";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print "\n";
+ } else {
+ print ",\n";
+ }
+ }
+ print ");\n\n";
+}
+
+print <<EOD
+#endif /* NSSCKG_H */
+EOD
+ ;
+
+select TYPEDEF;
+
+print $copyright;
+print <<EOD
+#ifndef NSSCKFT_H
+#define NSSCKFT_H
+
+/*
+ * nssckft.h
+ *
+ * The automatically-generated header file declares a typedef
+ * each of the Cryptoki functions specified by PKCS#11.
+ */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+EOD
+ ;
+
+for( $j = 0; $j <= $count; $j++ ) {
+# print "typedef CK_RV (CK_ENTRY *CK_$x[$j]{name})(\n";
+ print "typedef CK_CALLBACK_FUNCTION(CK_RV, CK_$x[$j]{name})(\n";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print "\n";
+ } else {
+ print ",\n";
+ }
+ }
+ print ");\n\n";
+}
+
+print <<EOD
+#endif /* NSSCKFT_H */
+EOD
+ ;
+
+select EPV;
+
+print $copyright;
+print <<EOD
+#ifndef NSSCKEPV_H
+#define NSSCKEPV_H
+
+/*
+ * nssckepv.h
+ *
+ * This automatically-generated header file defines the type
+ * CK_FUNCTION_LIST specified by PKCS#11.
+ */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFT_H
+#include "nssckft.h"
+#endif /* NSSCKFT_H */
+
+#include "nssckp.h"
+
+struct CK_FUNCTION_LIST {
+ CK_VERSION version;
+EOD
+ ;
+
+for( $j = 0; $j <= $count; $j++ ) {
+ print " CK_$x[$j]{name} $x[$j]{name};\n";
+}
+
+print <<EOD
+};
+
+#include "nsscku.h"
+
+#endif /* NSSCKEPV_H */
+EOD
+ ;
+
+select API;
+
+print $copyright;
+print <<EOD
+
+/*
+ * nssck.api
+ *
+ * This automatically-generated file is used to generate a set of
+ * Cryptoki entry points within the object space of a Module using
+ * the NSS Cryptoki Framework.
+ *
+ * The Module should have a .c file with the following:
+ *
+ * #define MODULE_NAME name
+ * #define INSTANCE_NAME instance
+ * #include "nssck.api"
+ *
+ * where "name" is some module-specific name that can be used to
+ * disambiguate various modules. This included file will then
+ * define the actual Cryptoki routines which pass through to the
+ * Framework calls. All routines, except C_GetFunctionList, will
+ * be prefixed with the name; C_GetFunctionList will be generated
+ * to return an entry-point vector with these routines. The
+ * instance specified should be the basic instance of NSSCKMDInstance.
+ *
+ * If, prior to including nssck.api, the .c file also specifies
+ *
+ * #define DECLARE_STRICT_CRYTPOKI_NAMES
+ *
+ * Then a set of "stub" routines not prefixed with the name will
+ * be included. This would allow the combined module and framework
+ * to be used in applications which are hard-coded to use the
+ * PKCS#11 names (instead of going through the EPV). Please note
+ * that such applications should be careful resolving symbols when
+ * more than one PKCS#11 module is loaded.
+ */
+
+#ifndef MODULE_NAME
+#error "Error: MODULE_NAME must be defined."
+#endif /* MODULE_NAME */
+
+#ifndef INSTANCE_NAME
+#error "Error: INSTANCE_NAME must be defined."
+#endif /* INSTANCE_NAME */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+#ifndef NSSCKFWC_H
+#include "nssckfwc.h"
+#endif /* NSSCKFWC_H */
+
+#ifndef NSSCKEPV_H
+#include "nssckepv.h"
+#endif /* NSSCKEPV_H */
+
+#define ADJOIN(x,y) x##y
+
+#define __ADJOIN(x,y) ADJOIN(x,y)
+
+/*
+ * The anchor. This object is used to store an "anchor" pointer in
+ * the Module's object space, so the wrapper functions can relate
+ * back to this instance.
+ */
+
+static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Initialize)
+(
+ CK_VOID_PTR pInitArgs
+)
+{
+ return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Initialize
+(
+ CK_VOID_PTR pInitArgs
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Finalize)
+(
+ CK_VOID_PTR pReserved
+)
+{
+ return NSSCKFWC_Finalize(&fwInstance);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Finalize
+(
+ CK_VOID_PTR pReserved
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetInfo)
+(
+ CK_INFO_PTR pInfo
+)
+{
+ return NSSCKFWC_GetInfo(fwInstance, pInfo);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetInfo
+(
+ CK_INFO_PTR pInfo
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+/*
+ * C_GetFunctionList is defined at the end.
+ */
+
+EOD
+ ;
+
+for( $j = 4; $j <= $count; $j++ ) {
+ print "static CK_RV CK_ENTRY\n";
+ print "__ADJOIN(MODULE_NAME,$x[$j]{name})\n";
+ print "(\n";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print "\n";
+ } else {
+ print ",\n";
+ }
+ }
+ print ")\n";
+ print "{\n";
+ print " return NSSCKFW$x[$j]{name}(fwInstance, ";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print "$x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print ");\n";
+ } else {
+ print ", ";
+ }
+ }
+ print "}\n\n";
+
+ print "#ifdef DECLARE_STRICT_CRYPTOKI_NAMES\n";
+ print "CK_RV CK_ENTRY\n";
+ print "$x[$j]{name}\n";
+ print "(\n";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print "\n";
+ } else {
+ print ",\n";
+ }
+ }
+ print ")\n";
+ print "{\n";
+ print " return __ADJOIN(MODULE_NAME,$x[$j]{name})(";
+ for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
+ print "$x[$j]{args}[$i]{name}";
+ if( $i == ($x[$j]{nargs} - 1) ) {
+ print ");\n";
+ } else {
+ print ", ";
+ }
+ }
+ print "}\n";
+ print "#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */\n\n";
+}
+
+print <<EOD
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetFunctionList)
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList
+);
+
+static CK_FUNCTION_LIST FunctionList = {
+ { 2, 1 },
+EOD
+ ;
+
+for( $j = 0; $j <= $count; $j++ ) {
+ print "__ADJOIN(MODULE_NAME,$x[$j]{name})";
+ if( $j < $count ) {
+ print ",\n";
+ } else {
+ print "\n};\n\n";
+ }
+}
+
+print <<EOD
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetFunctionList)
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList
+)
+{
+ *ppFunctionList = &FunctionList;
+ return CKR_OK;
+}
+
+/* This one is always present */
+CK_RV CK_ENTRY
+C_GetFunctionList
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
+}
+
+#undef __ADJOIN
+
+EOD
+ ;
+
+select STDOUT;
+
+}
diff --git a/security/nss/lib/ckfw/ckfw.gyp b/security/nss/lib/ckfw/ckfw.gyp
new file mode 100644
index 000000000..40da8d856
--- /dev/null
+++ b/security/nss/lib/ckfw/ckfw.gyp
@@ -0,0 +1,34 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nssckfw',
+ 'type': 'static_library',
+ 'sources': [
+ 'crypto.c',
+ 'find.c',
+ 'hash.c',
+ 'instance.c',
+ 'mechanism.c',
+ 'mutex.c',
+ 'object.c',
+ 'session.c',
+ 'sessobj.c',
+ 'slot.c',
+ 'token.c',
+ 'wrap.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/ckfw/ckfw.h b/security/nss/lib/ckfw/ckfw.h
new file mode 100644
index 000000000..d4a2ead99
--- /dev/null
+++ b/security/nss/lib/ckfw/ckfw.h
@@ -0,0 +1,2049 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKFW_H
+#define CKFW_H
+
+/*
+ * ckfw.h
+ *
+ * This file prototypes the private calls of the NSS Cryptoki Framework.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+#ifndef NSSCKMDT_H
+#include "nssckmdt.h"
+#endif /* NSSCKMDT_H */
+
+/*
+ * NSSCKFWInstance
+ *
+ * -- create/destroy --
+ * nssCKFWInstance_Create
+ * nssCKFWInstance_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWInstance_GetMDInstance
+ * nssCKFWInstance_GetArena
+ * nssCKFWInstance_MayCreatePthreads
+ * nssCKFWInstance_CreateMutex
+ * nssCKFWInstance_GetConfigurationData
+ * nssCKFWInstance_GetInitArgs
+ *
+ * -- private accessors --
+ * nssCKFWInstance_CreateSessionHandle
+ * nssCKFWInstance_ResolveSessionHandle
+ * nssCKFWInstance_DestroySessionHandle
+ * nssCKFWInstance_FindSessionHandle
+ * nssCKFWInstance_CreateObjectHandle
+ * nssCKFWInstance_ResolveObjectHandle
+ * nssCKFWInstance_DestroyObjectHandle
+ * nssCKFWInstance_FindObjectHandle
+ *
+ * -- module fronts --
+ * nssCKFWInstance_GetNSlots
+ * nssCKFWInstance_GetCryptokiVersion
+ * nssCKFWInstance_GetManufacturerID
+ * nssCKFWInstance_GetFlags
+ * nssCKFWInstance_GetLibraryDescription
+ * nssCKFWInstance_GetLibraryVersion
+ * nssCKFWInstance_GetModuleHandlesSessionObjects
+ * nssCKFWInstance_GetSlots
+ * nssCKFWInstance_WaitForSlotEvent
+ *
+ * -- debugging versions only --
+ * nssCKFWInstance_verifyPointer
+ */
+
+/*
+ * nssCKFWInstance_Create
+ *
+ */
+NSS_EXTERN NSSCKFWInstance *
+nssCKFWInstance_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSCKMDInstance *mdInstance,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWInstance_Destroy(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetMDInstance
+ *
+ */
+NSS_EXTERN NSSCKMDInstance *
+nssCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetArena
+ *
+ */
+NSS_EXTERN NSSArena *
+nssCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_MayCreatePthreads
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_CreateMutex
+ *
+ */
+NSS_EXTERN NSSCKFWMutex *
+nssCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_GetConfigurationData
+ *
+ */
+NSS_EXTERN NSSUTF8 *
+nssCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetInitArgs
+ *
+ */
+NSS_EXTERN CK_C_INITIALIZE_ARGS_PTR
+nssCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_CreateSessionHandle
+ *
+ */
+NSS_EXTERN CK_SESSION_HANDLE
+nssCKFWInstance_CreateSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_ResolveSessionHandle
+ *
+ */
+NSS_EXTERN NSSCKFWSession *
+nssCKFWInstance_ResolveSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * nssCKFWInstance_DestroySessionHandle
+ *
+ */
+NSS_EXTERN void
+nssCKFWInstance_DestroySessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * nssCKFWInstance_FindSessionHandle
+ *
+ */
+NSS_EXTERN CK_SESSION_HANDLE
+nssCKFWInstance_FindSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWInstance_CreateObjectHandle
+ *
+ */
+NSS_EXTERN CK_OBJECT_HANDLE
+nssCKFWInstance_CreateObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_ResolveObjectHandle
+ *
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWInstance_ResolveObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject);
+
+/*
+ * nssCKFWInstance_ReassignObjectHandle
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWInstance_ReassignObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWInstance_DestroyObjectHandle
+ *
+ */
+NSS_EXTERN void
+nssCKFWInstance_DestroyObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject);
+
+/*
+ * nssCKFWInstance_FindObjectHandle
+ *
+ */
+NSS_EXTERN CK_OBJECT_HANDLE
+nssCKFWInstance_FindObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWInstance_GetNSlots
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWInstance_GetNSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_GetCryptokiVersion
+ *
+ */
+NSS_EXTERN CK_VERSION
+nssCKFWInstance_GetCryptokiVersion(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetManufacturerID
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWInstance_GetManufacturerID(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR manufacturerID[32]);
+
+/*
+ * nssCKFWInstance_GetFlags
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWInstance_GetFlags(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetLibraryDescription
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWInstance_GetLibraryDescription(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR libraryDescription[32]);
+
+/*
+ * nssCKFWInstance_GetLibraryVersion
+ *
+ */
+NSS_EXTERN CK_VERSION
+nssCKFWInstance_GetLibraryVersion(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetModuleHandlesSessionObjects
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWInstance_GetModuleHandlesSessionObjects(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_GetSlots
+ *
+ */
+NSS_EXTERN NSSCKFWSlot **
+nssCKFWInstance_GetSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_WaitForSlotEvent
+ *
+ */
+NSS_EXTERN NSSCKFWSlot *
+nssCKFWInstance_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL block,
+ CK_RV *pError);
+
+/*
+ * nssCKFWInstance_verifyPointer
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWInstance_verifyPointer(
+ const NSSCKFWInstance *fwInstance);
+
+/*
+ * NSSCKFWSlot
+ *
+ * -- create/destroy --
+ * nssCKFWSlot_Create
+ * nssCKFWSlot_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWSlot_GetMDSlot
+ * nssCKFWSlot_GetFWInstance
+ * nssCKFWSlot_GetMDInstance
+ *
+ * -- private accessors --
+ * nssCKFWSlot_GetSlotID
+ *
+ * -- module fronts --
+ * nssCKFWSlot_GetSlotDescription
+ * nssCKFWSlot_GetManufacturerID
+ * nssCKFWSlot_GetTokenPresent
+ * nssCKFWSlot_GetRemovableDevice
+ * nssCKFWSlot_GetHardwareSlot
+ * nssCKFWSlot_GetHardwareVersion
+ * nssCKFWSlot_GetFirmwareVersion
+ * nssCKFWSlot_GetToken
+ */
+
+/*
+ * nssCKFWSlot_Create
+ *
+ */
+NSS_EXTERN NSSCKFWSlot *
+nssCKFWSlot_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *mdSlot,
+ CK_SLOT_ID slotID,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSlot_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSlot_Destroy(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetMDSlot
+ *
+ */
+NSS_EXTERN NSSCKMDSlot *
+nssCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetFWInstance
+ *
+ */
+
+NSS_EXTERN NSSCKFWInstance *
+nssCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetMDInstance
+ *
+ */
+
+NSS_EXTERN NSSCKMDInstance *
+nssCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetSlotID
+ *
+ */
+NSS_EXTERN CK_SLOT_ID
+nssCKFWSlot_GetSlotID(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetSlotDescription
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSlot_GetSlotDescription(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR slotDescription[64]);
+
+/*
+ * nssCKFWSlot_GetManufacturerID
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSlot_GetManufacturerID(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR manufacturerID[32]);
+
+/*
+ * nssCKFWSlot_GetTokenPresent
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWSlot_GetTokenPresent(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetRemovableDevice
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWSlot_GetRemovableDevice(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetHardwareSlot
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWSlot_GetHardwareSlot(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetHardwareVersion
+ *
+ */
+NSS_EXTERN CK_VERSION
+nssCKFWSlot_GetHardwareVersion(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetFirmwareVersion
+ *
+ */
+NSS_EXTERN CK_VERSION
+nssCKFWSlot_GetFirmwareVersion(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * nssCKFWSlot_GetToken
+ *
+ */
+NSS_EXTERN NSSCKFWToken *
+nssCKFWSlot_GetToken(
+ NSSCKFWSlot *fwSlot,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSlot_ClearToken
+ *
+ */
+NSS_EXTERN void
+nssCKFWSlot_ClearToken(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * NSSCKFWToken
+ *
+ * -- create/destroy --
+ * nssCKFWToken_Create
+ * nssCKFWToken_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWToken_GetMDToken
+ * nssCKFWToken_GetFWSlot
+ * nssCKFWToken_GetMDSlot
+ * nssCKFWToken_GetSessionState
+ *
+ * -- private accessors --
+ * nssCKFWToken_SetSessionState
+ * nssCKFWToken_RemoveSession
+ * nssCKFWToken_CloseAllSessions
+ * nssCKFWToken_GetSessionCount
+ * nssCKFWToken_GetRwSessionCount
+ * nssCKFWToken_GetRoSessionCount
+ * nssCKFWToken_GetSessionObjectHash
+ * nssCKFWToken_GetMDObjectHash
+ * nssCKFWToken_GetObjectHandleHash
+ *
+ * -- module fronts --
+ * nssCKFWToken_InitToken
+ * nssCKFWToken_GetLabel
+ * nssCKFWToken_GetManufacturerID
+ * nssCKFWToken_GetModel
+ * nssCKFWToken_GetSerialNumber
+ * nssCKFWToken_GetHasRNG
+ * nssCKFWToken_GetIsWriteProtected
+ * nssCKFWToken_GetLoginRequired
+ * nssCKFWToken_GetUserPinInitialized
+ * nssCKFWToken_GetRestoreKeyNotNeeded
+ * nssCKFWToken_GetHasClockOnToken
+ * nssCKFWToken_GetHasProtectedAuthenticationPath
+ * nssCKFWToken_GetSupportsDualCryptoOperations
+ * nssCKFWToken_GetMaxSessionCount
+ * nssCKFWToken_GetMaxRwSessionCount
+ * nssCKFWToken_GetMaxPinLen
+ * nssCKFWToken_GetMinPinLen
+ * nssCKFWToken_GetTotalPublicMemory
+ * nssCKFWToken_GetFreePublicMemory
+ * nssCKFWToken_GetTotalPrivateMemory
+ * nssCKFWToken_GetFreePrivateMemory
+ * nssCKFWToken_GetHardwareVersion
+ * nssCKFWToken_GetFirmwareVersion
+ * nssCKFWToken_GetUTCTime
+ * nssCKFWToken_OpenSession
+ * nssCKFWToken_GetMechanismCount
+ * nssCKFWToken_GetMechanismTypes
+ * nssCKFWToken_GetMechanism
+ */
+
+/*
+ * nssCKFWToken_Create
+ *
+ */
+NSS_EXTERN NSSCKFWToken *
+nssCKFWToken_Create(
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDToken *mdToken,
+ CK_RV *pError);
+
+/*
+ * nssCKFWToken_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_Destroy(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMDToken
+ *
+ */
+NSS_EXTERN NSSCKMDToken *
+nssCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetArena
+ *
+ */
+NSS_EXTERN NSSArena *
+nssCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError);
+
+/*
+ * nssCKFWToken_GetFWSlot
+ *
+ */
+NSS_EXTERN NSSCKFWSlot *
+nssCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMDSlot
+ *
+ */
+NSS_EXTERN NSSCKMDSlot *
+nssCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetSessionState
+ *
+ */
+NSS_EXTERN CK_STATE
+nssCKFWToken_GetSessionState(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_InitToken
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_InitToken(
+ NSSCKFWToken *fwToken,
+ NSSItem *pin,
+ NSSUTF8 *label);
+
+/*
+ * nssCKFWToken_GetLabel
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_GetLabel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR label[32]);
+
+/*
+ * nssCKFWToken_GetManufacturerID
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_GetManufacturerID(
+ NSSCKFWToken *fwToken,
+ CK_CHAR manufacturerID[32]);
+
+/*
+ * nssCKFWToken_GetModel
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_GetModel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR model[16]);
+
+/*
+ * nssCKFWToken_GetSerialNumber
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_GetSerialNumber(
+ NSSCKFWToken *fwToken,
+ CK_CHAR serialNumber[16]);
+
+/*
+ * nssCKFWToken_GetHasRNG
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetHasRNG(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetIsWriteProtected
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetIsWriteProtected(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetLoginRequired
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetLoginRequired(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetUserPinInitialized
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetUserPinInitialized(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetRestoreKeyNotNeeded
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetRestoreKeyNotNeeded(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetHasClockOnToken
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetHasClockOnToken(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetHasProtectedAuthenticationPath
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetHasProtectedAuthenticationPath(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetSupportsDualCryptoOperations
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWToken_GetSupportsDualCryptoOperations(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMaxSessionCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetMaxSessionCount(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMaxRwSessionCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetMaxRwSessionCount(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMaxPinLen
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetMaxPinLen(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMinPinLen
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetMinPinLen(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetTotalPublicMemory
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetTotalPublicMemory(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetFreePublicMemory
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetFreePublicMemory(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetTotalPrivateMemory
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetTotalPrivateMemory(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetFreePrivateMemory
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetFreePrivateMemory(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetHardwareVersion
+ *
+ */
+NSS_EXTERN CK_VERSION
+nssCKFWToken_GetHardwareVersion(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetFirmwareVersion
+ *
+ */
+NSS_EXTERN CK_VERSION
+nssCKFWToken_GetFirmwareVersion(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetUTCTime
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_GetUTCTime(
+ NSSCKFWToken *fwToken,
+ CK_CHAR utcTime[16]);
+
+/*
+ * nssCKFWToken_OpenSession
+ *
+ */
+NSS_EXTERN NSSCKFWSession *
+nssCKFWToken_OpenSession(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError);
+
+/*
+ * nssCKFWToken_GetMechanismCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetMechanismCount(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMechanismTypes
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_GetMechanismTypes(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE types[]);
+
+/*
+ * nssCKFWToken_GetMechanism
+ *
+ */
+NSS_EXTERN NSSCKFWMechanism *
+nssCKFWToken_GetMechanism(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError);
+
+/*
+ * nssCKFWToken_SetSessionState
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_SetSessionState(
+ NSSCKFWToken *fwToken,
+ CK_STATE newState);
+
+/*
+ * nssCKFWToken_RemoveSession
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_RemoveSession(
+ NSSCKFWToken *fwToken,
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWToken_CloseAllSessions
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWToken_CloseAllSessions(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetSessionCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetSessionCount(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetRwSessionCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetRwSessionCount(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetRoSessionCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWToken_GetRoSessionCount(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetSessionObjectHash
+ *
+ */
+NSS_EXTERN nssCKFWHash *
+nssCKFWToken_GetSessionObjectHash(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetMDObjectHash
+ *
+ */
+NSS_EXTERN nssCKFWHash *
+nssCKFWToken_GetMDObjectHash(
+ NSSCKFWToken *fwToken);
+
+/*
+ * nssCKFWToken_GetObjectHandleHash
+ *
+ */
+NSS_EXTERN nssCKFWHash *
+nssCKFWToken_GetObjectHandleHash(
+ NSSCKFWToken *fwToken);
+
+/*
+ * NSSCKFWMechanism
+ *
+ * -- create/destroy --
+ * nssCKFWMechanism_Create
+ * nssCKFWMechanism_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWMechanism_GetMDMechanism
+ *
+ * -- private accessors --
+ *
+ * -- module fronts --
+ * nssCKFWMechanism_GetMinKeySize
+ * nssCKFWMechanism_GetMaxKeySize
+ * nssCKFWMechanism_GetInHardware
+ * nssCKFWMechanism_GetCanEncrypt
+ * nssCKFWMechanism_GetCanDecrypt
+ * nssCKFWMechanism_GetCanDigest
+ * nssCKFWMechanism_GetCanSignRecover
+ * nssCKFWMechanism_GetCanVerify
+ * nssCKFWMechanism_GetCanVerifyRecover
+ * nssCKFWMechanism_GetCanGenerate
+ * nssCKFWMechanism_GetCanGenerateKeyPair
+ * nssCKFWMechanism_GetCanWrap
+ * nssCKFWMechanism_GetCanUnwrap
+ * nssCKFWMechanism_GetCanDerive
+ * nssCKFWMechanism_EncryptInit
+ * nssCKFWMechanism_DecryptInit
+ * nssCKFWMechanism_DigestInit
+ * nssCKFWMechanism_SignInit
+ * nssCKFWMechanism_SignRecoverInit
+ * nssCKFWMechanism_VerifyInit
+ * nssCKFWMechanism_VerifyRecoverInit
+ * nssCKFWMechanism_GenerateKey
+ * nssCKFWMechanism_GenerateKeyPair
+ * nssCKFWMechanism_GetWrapKeyLength
+ * nssCKFWMechanism_WrapKey
+ * nssCKFWMechanism_UnwrapKey
+ * nssCKFWMechanism_DeriveKey
+ */
+
+/*
+ * nssCKFWMechanism_Create
+ *
+ */
+NSS_EXTERN NSSCKFWMechanism *
+nssCKFWMechanism_Create(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWMechanism_Destroy
+ *
+ */
+NSS_EXTERN void
+nssCKFWMechanism_Destroy(
+ NSSCKFWMechanism *fwMechanism);
+
+/*
+ * nssCKFWMechanism_GetMDMechanism
+ *
+ */
+
+NSS_EXTERN NSSCKMDMechanism *
+nssCKFWMechanism_GetMDMechanism(
+ NSSCKFWMechanism *fwMechanism);
+
+/*
+ * nssCKFWMechanism_GetMinKeySize
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWMechanism_GetMinKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetMaxKeySize
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWMechanism_GetMaxKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetInHardware
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetInHardware(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * the following are determined automatically by which of the cryptographic
+ * functions are defined for this mechanism.
+ */
+/*
+ * nssCKFWMechanism_GetCanEncrypt
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanEncrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanDecrypt
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanDecrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanDigest
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanDigest(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanSign
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanSign(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanSignRecover
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanSignRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanVerify
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanVerify(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanVerifyRecover
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanVerifyRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanGenerate
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanGenerate(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanGenerateKeyPair
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanGenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanWrap
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanWrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanUnwrap
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanUnwrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GetCanDerive
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanDerive(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_EncryptInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_EncryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWMechanism_DecryptInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_DecryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWMechanism_DigestInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_DigestInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWMechanism_SignInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_SignInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWMechanism_SignRecoverInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_SignRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWMechanism_VerifyInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_VerifyInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWMechanism_VerifyRecoverInit
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_VerifyRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWMechanism_GenerateKey
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWMechanism_GenerateKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_GenerateKeyPair
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_GenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ NSSCKFWObject **fwPublicKeyObject,
+ NSSCKFWObject **fwPrivateKeyObject);
+
+/*
+ * nssCKFWMechanism_GetWrapKeyLength
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWMechanism_GetWrapKeyLength(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_WrapKey
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_WrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwObject,
+ NSSItem *wrappedKey);
+
+/*
+ * nssCKFWMechanism_UnwrapKey
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWMechanism_UnwrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSItem *wrappedKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMechanism_DeriveKey
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWMechanism_DeriveKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwBaseKeyObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWCryptoOperation
+ *
+ * -- create/destroy --
+ * nssCKFWCryptoOperation_Create
+ * nssCKFWCryptoOperation_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWCryptoOperation_GetMDCryptoOperation
+ * nssCKFWCryptoOperation_GetType
+ *
+ * -- private accessors --
+ *
+ * -- module fronts --
+ * nssCKFWCryptoOperation_GetFinalLength
+ * nssCKFWCryptoOperation_GetOperationLength
+ * nssCKFWCryptoOperation_Final
+ * nssCKFWCryptoOperation_Update
+ * nssCKFWCryptoOperation_DigestUpdate
+ * nssCKFWCryptoOperation_DigestKey
+ * nssCKFWCryptoOperation_UpdateFinal
+ */
+
+/*
+ * nssCKFWCrytoOperation_Create
+ */
+NSS_EXTERN NSSCKFWCryptoOperation *
+nssCKFWCryptoOperation_Create(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWCryptoOperationType type,
+ CK_RV *pError);
+
+/*
+ * nssCKFWCryptoOperation_Destroy
+ */
+NSS_EXTERN void
+nssCKFWCryptoOperation_Destroy(
+ NSSCKFWCryptoOperation *fwOperation);
+
+/*
+ * nssCKFWCryptoOperation_GetMDCryptoOperation
+ */
+NSS_EXTERN NSSCKMDCryptoOperation *
+nssCKFWCryptoOperation_GetMDCryptoOperation(
+ NSSCKFWCryptoOperation *fwOperation);
+
+/*
+ * nssCKFWCryptoOperation_GetType
+ */
+NSS_EXTERN NSSCKFWCryptoOperationType
+nssCKFWCryptoOperation_GetType(
+ NSSCKFWCryptoOperation *fwOperation);
+
+/*
+ * nssCKFWCryptoOperation_GetFinalLength
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWCryptoOperation_GetFinalLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ CK_RV *pError);
+
+/*
+ * nssCKFWCryptoOperation_GetOperationLength
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWCryptoOperation_GetOperationLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ CK_RV *pError);
+
+/*
+ * nssCKFWCryptoOperation_Final
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_Final(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *outputBuffer);
+
+/*
+ * nssCKFWCryptoOperation_Update
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_Update(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+/*
+ * nssCKFWCryptoOperation_DigestUpdate
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_DigestUpdate(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer);
+
+/*
+ * nssCKFWCryptoOperation_DigestKey
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_DigestKey(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWObject *fwKey);
+
+/*
+ * nssCKFWCryptoOperation_UpdateFinal
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_UpdateFinal(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+/*
+ * nssCKFWCryptoOperation_UpdateCombo
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_UpdateCombo(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperation *fwPeerOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+/*
+ * NSSCKFWSession
+ *
+ * -- create/destroy --
+ * nssCKFWSession_Create
+ * nssCKFWSession_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWSession_GetMDSession
+ * nssCKFWSession_GetArena
+ * nssCKFWSession_CallNotification
+ * nssCKFWSession_IsRWSession
+ * nssCKFWSession_IsSO
+ * nssCKFWSession_GetCurrentCryptoOperation
+ *
+ * -- private accessors --
+ * nssCKFWSession_GetFWSlot
+ * nssCKFWSession_GetSessionState
+ * nssCKFWSession_SetFWFindObjects
+ * nssCKFWSession_GetFWFindObjects
+ * nssCKFWSession_SetMDSession
+ * nssCKFWSession_SetHandle
+ * nssCKFWSession_GetHandle
+ * nssCKFWSession_RegisterSessionObject
+ * nssCKFWSession_DeregisterSessionObject
+ * nssCKFWSession_SetCurrentCryptoOperation
+ *
+ * -- module fronts --
+ * nssCKFWSession_GetDeviceError
+ * nssCKFWSession_Login
+ * nssCKFWSession_Logout
+ * nssCKFWSession_InitPIN
+ * nssCKFWSession_SetPIN
+ * nssCKFWSession_GetOperationStateLen
+ * nssCKFWSession_GetOperationState
+ * nssCKFWSession_SetOperationState
+ * nssCKFWSession_CreateObject
+ * nssCKFWSession_CopyObject
+ * nssCKFWSession_FindObjectsInit
+ * nssCKFWSession_SeedRandom
+ * nssCKFWSession_GetRandom
+ * nssCKFWSession_Final
+ * nssCKFWSession_Update
+ * nssCKFWSession_DigestUpdate
+ * nssCKFWSession_DigestKey
+ * nssCKFWSession_UpdateFinal
+ * nssCKFWSession_UpdateCombo
+ */
+
+/*
+ * nssCKFWSession_Create
+ *
+ */
+NSS_EXTERN NSSCKFWSession *
+nssCKFWSession_Create(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_Destroy(
+ NSSCKFWSession *fwSession,
+ CK_BBOOL removeFromTokenHash);
+
+/*
+ * nssCKFWSession_GetMDSession
+ *
+ */
+NSS_EXTERN NSSCKMDSession *
+nssCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_GetArena
+ *
+ */
+NSS_EXTERN NSSArena *
+nssCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_CallNotification
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event);
+
+/*
+ * nssCKFWSession_IsRWSession
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_IsSO
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWSession_IsSO(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_GetFWSlot
+ *
+ */
+NSS_EXTERN NSSCKFWSlot *
+nssCKFWSession_GetFWSlot(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCFKWSession_GetSessionState
+ *
+ */
+NSS_EXTERN CK_STATE
+nssCKFWSession_GetSessionState(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_SetFWFindObjects
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_SetFWFindObjects(
+ NSSCKFWSession *fwSession,
+ NSSCKFWFindObjects *fwFindObjects);
+
+/*
+ * nssCKFWSession_GetFWFindObjects
+ *
+ */
+NSS_EXTERN NSSCKFWFindObjects *
+nssCKFWSession_GetFWFindObjects(
+ NSSCKFWSession *fwSesssion,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_SetMDSession
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_SetMDSession(
+ NSSCKFWSession *fwSession,
+ NSSCKMDSession *mdSession);
+
+/*
+ * nssCKFWSession_SetHandle
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_SetHandle(
+ NSSCKFWSession *fwSession,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * nssCKFWSession_GetHandle
+ *
+ */
+NSS_EXTERN CK_SESSION_HANDLE
+nssCKFWSession_GetHandle(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_RegisterSessionObject
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_RegisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWSession_DeregisterSessionObject
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_DeregisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWSession_GetDeviceError
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWSession_GetDeviceError(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_Login
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_Login(
+ NSSCKFWSession *fwSession,
+ CK_USER_TYPE userType,
+ NSSItem *pin);
+
+/*
+ * nssCKFWSession_Logout
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_Logout(
+ NSSCKFWSession *fwSession);
+
+/*
+ * nssCKFWSession_InitPIN
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_InitPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *pin);
+
+/*
+ * nssCKFWSession_SetPIN
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_SetPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *newPin,
+ NSSItem *oldPin);
+
+/*
+ * nssCKFWSession_GetOperationStateLen
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWSession_GetOperationStateLen(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_GetOperationState
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_GetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer);
+
+/*
+ * nssCKFWSession_SetOperationState
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_SetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *state,
+ NSSCKFWObject *encryptionKey,
+ NSSCKFWObject *authenticationKey);
+
+/*
+ * nssCKFWSession_CreateObject
+ *
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWSession_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_CopyObject
+ *
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWSession_CopyObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *object,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_FindObjectsInit
+ *
+ */
+NSS_EXTERN NSSCKFWFindObjects *
+nssCKFWSession_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * nssCKFWSession_SetCurrentCryptoOperation
+ */
+NSS_IMPLEMENT void
+nssCKFWSession_SetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperationState state);
+
+/*
+ * nssCKFWSession_GetCurrentCryptoOperation
+ */
+NSS_IMPLEMENT NSSCKFWCryptoOperation *
+nssCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state);
+
+/*
+ * nssCKFWSession_Final
+ * (terminate a cryptographic operation and get the result)
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Final(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
+
+/*
+ * nssCKFWSession_Update
+ * (get the next step of an encrypt/decrypt operation)
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Update(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
+
+/*
+ * nssCKFWSession_DigestUpdate
+ * (do the next step of an digest/sign/verify operation)
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_DigestUpdate(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen);
+
+/*
+ * nssCKFWSession_DigestKey
+ * (do the next step of an digest/sign/verify operation)
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_DigestKey(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwKey);
+
+/*
+ * nssCKFWSession_UpdateFinal
+ * (do a single-step of a cryptographic operation and get the result)
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_UpdateFinal(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
+
+/*
+ * nssCKFWSession_UpdateCombo
+ * (do a combination encrypt/decrypt and sign/digest/verify operation)
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_UpdateCombo(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType encryptType,
+ NSSCKFWCryptoOperationType digestType,
+ NSSCKFWCryptoOperationState digestState,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen);
+
+/*
+ * nssCKFWSession_SeedRandom
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_SeedRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *seed);
+
+/*
+ * nssCKFWSession_GetRandom
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWSession_GetRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer);
+
+/*
+ * NSSCKFWObject
+ *
+ * -- create/destroy --
+ * nssCKFWObject_Create
+ * nssCKFWObject_Finalize
+ * nssCKFWObject_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWObject_GetMDObject
+ * nssCKFWObject_GetArena
+ *
+ * -- private accessors --
+ * nssCKFWObject_SetHandle
+ * nssCKFWObject_GetHandle
+ *
+ * -- module fronts --
+ * nssCKFWObject_IsTokenObject
+ * nssCKFWObject_GetAttributeCount
+ * nssCKFWObject_GetAttributeTypes
+ * nssCKFWObject_GetAttributeSize
+ * nssCKFWObject_GetAttribute
+ * nssCKFWObject_SetAttribute
+ * nssCKFWObject_GetObjectSize
+ */
+
+/*
+ * nssCKFWObject_Create
+ *
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWObject_Create(
+ NSSArena *arena,
+ NSSCKMDObject *mdObject,
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+/*
+ * nssCKFWObject_Finalize
+ *
+ */
+NSS_EXTERN void
+nssCKFWObject_Finalize(
+ NSSCKFWObject *fwObject,
+ PRBool removeFromHash);
+
+/*
+ * nssCKFWObject_Destroy
+ *
+ */
+NSS_EXTERN void
+nssCKFWObject_Destroy(
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWObject_GetMDObject
+ *
+ */
+NSS_EXTERN NSSCKMDObject *
+nssCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWObject_GetArena
+ *
+ */
+NSS_EXTERN NSSArena *
+nssCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * nssCKFWObject_SetHandle
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWObject_SetHandle(
+ NSSCKFWObject *fwObject,
+ CK_OBJECT_HANDLE hObject);
+
+/*
+ * nssCKFWObject_GetHandle
+ *
+ */
+NSS_EXTERN CK_OBJECT_HANDLE
+nssCKFWObject_GetHandle(
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWObject_IsTokenObject
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject);
+
+/*
+ * nssCKFWObject_GetAttributeCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * nssCKFWObject_GetAttributeTypes
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
+
+/*
+ * nssCKFWObject_GetAttributeSize
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+/*
+ * nssCKFWObject_GetAttribute
+ *
+ * Usual NSS allocation rules:
+ * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
+ * will be allocated. If itemOpt is not NULL but itemOpt->data is,
+ * the buffer will be allocated; otherwise, the buffer will be used.
+ * Any allocations will come from the optional arena, if one is
+ * specified.
+ */
+NSS_EXTERN NSSItem *
+nssCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError);
+
+/*
+ * nssCKFWObject_SetAttribute
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWObject_SetAttribute(
+ NSSCKFWObject *fwObject,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value);
+
+/*
+ * nssCKFWObject_GetObjectSize
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWFindObjects
+ *
+ * -- create/destroy --
+ * nssCKFWFindObjects_Create
+ * nssCKFWFindObjects_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWFindObjects_GetMDFindObjects
+ *
+ * -- private accessors --
+ *
+ * -- module fronts --
+ * nssCKFWFindObjects_Next
+ */
+
+/*
+ * nssCKFWFindObjects_Create
+ *
+ */
+NSS_EXTERN NSSCKFWFindObjects *
+nssCKFWFindObjects_Create(
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDFindObjects *mdFindObjects1,
+ NSSCKMDFindObjects *mdFindObjects2,
+ CK_RV *pError);
+
+/*
+ * nssCKFWFindObjects_Destroy
+ *
+ */
+NSS_EXTERN void
+nssCKFWFindObjects_Destroy(
+ NSSCKFWFindObjects *fwFindObjects);
+
+/*
+ * nssCKFWFindObjects_GetMDFindObjects
+ *
+ */
+NSS_EXTERN NSSCKMDFindObjects *
+nssCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *fwFindObjects);
+
+/*
+ * nssCKFWFindObjects_Next
+ *
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWFindObjects_Next(
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSArena *arenaOpt,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWMutex
+ *
+ * nssCKFWMutex_Create
+ * nssCKFWMutex_Destroy
+ * nssCKFWMutex_Lock
+ * nssCKFWMutex_Unlock
+ *
+ */
+
+/*
+ * nssCKFWMutex_Create
+ *
+ */
+NSS_EXTERN NSSCKFWMutex *
+nssCKFWMutex_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSArena *arena,
+ CK_RV *pError);
+
+/*
+ * nssCKFWMutex_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex);
+
+/*
+ * nssCKFWMutex_Lock
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWMutex_Lock(
+ NSSCKFWMutex *mutex);
+
+/*
+ * nssCKFWMutex_Unlock
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex);
+
+#endif /* CKFW_H */
diff --git a/security/nss/lib/ckfw/ckfwm.h b/security/nss/lib/ckfw/ckfwm.h
new file mode 100644
index 000000000..7b14d209e
--- /dev/null
+++ b/security/nss/lib/ckfw/ckfwm.h
@@ -0,0 +1,112 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKFWM_H
+#define CKFWM_H
+
+/*
+ * ckfwm.h
+ *
+ * This file prototypes the module-private calls of the NSS Cryptoki Framework.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+/*
+ * nssCKFWHash
+ *
+ * nssCKFWHash_Create
+ * nssCKFWHash_Destroy
+ * nssCKFWHash_Add
+ * nssCKFWHash_Remove
+ * nssCKFWHash_Count
+ * nssCKFWHash_Exists
+ * nssCKFWHash_Lookup
+ * nssCKFWHash_Iterate
+ */
+
+/*
+ * nssCKFWHash_Create
+ *
+ */
+NSS_EXTERN nssCKFWHash *
+nssCKFWHash_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
+
+/*
+ * nssCKFWHash_Destroy
+ *
+ */
+NSS_EXTERN void
+nssCKFWHash_Destroy(
+ nssCKFWHash *hash);
+
+/*
+ * nssCKFWHash_Add
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWHash_Add(
+ nssCKFWHash *hash,
+ const void *key,
+ const void *value);
+
+/*
+ * nssCKFWHash_Remove
+ *
+ */
+NSS_EXTERN void
+nssCKFWHash_Remove(
+ nssCKFWHash *hash,
+ const void *it);
+
+/*
+ * nssCKFWHash_Count
+ *
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWHash_Count(
+ nssCKFWHash *hash);
+
+/*
+ * nssCKFWHash_Exists
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWHash_Exists(
+ nssCKFWHash *hash,
+ const void *it);
+
+/*
+ * nssCKFWHash_Lookup
+ *
+ */
+NSS_EXTERN void *
+nssCKFWHash_Lookup(
+ nssCKFWHash *hash,
+ const void *it);
+
+/*
+ * nssCKFWHash_Iterate
+ *
+ */
+NSS_EXTERN void
+nssCKFWHash_Iterate(
+ nssCKFWHash *hash,
+ nssCKFWHashIterator fcn,
+ void *closure);
+
+#endif /* CKFWM_H */
diff --git a/security/nss/lib/ckfw/ckfwtm.h b/security/nss/lib/ckfw/ckfwtm.h
new file mode 100644
index 000000000..670298463
--- /dev/null
+++ b/security/nss/lib/ckfw/ckfwtm.h
@@ -0,0 +1,23 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKFWTM_H
+#define CKFWTM_H
+
+/*
+ * ckfwtm.h
+ *
+ * This file declares the module-private types of the NSS Cryptoki Framework.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+struct nssCKFWHashStr;
+typedef struct nssCKFWHashStr nssCKFWHash;
+
+typedef void(PR_CALLBACK *nssCKFWHashIterator)(const void *key, void *value, void *closure);
+
+#endif /* CKFWTM_H */
diff --git a/security/nss/lib/ckfw/ckmd.h b/security/nss/lib/ckfw/ckmd.h
new file mode 100644
index 000000000..820cf9021
--- /dev/null
+++ b/security/nss/lib/ckfw/ckmd.h
@@ -0,0 +1,28 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKMD_H
+#define CKMD_H
+
+/*
+ * ckmd.h
+ *
+ */
+
+NSS_EXTERN NSSCKMDObject *
+nssCKMDSessionObject_Create(
+ NSSCKFWToken *fwToken,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR attributes,
+ CK_ULONG ulCount,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDFindObjects *
+nssCKMDFindSessionObjects_Create(
+ NSSCKFWToken *fwToken,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_RV *pError);
+
+#endif /* CKMD_H */
diff --git a/security/nss/lib/ckfw/ckt.h b/security/nss/lib/ckfw/ckt.h
new file mode 100644
index 000000000..05c43a5db
--- /dev/null
+++ b/security/nss/lib/ckfw/ckt.h
@@ -0,0 +1,8 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* get back to just one set of PKCS #11 headers. Use the onese that
+ * are easiest to maintain from the RSA website */
+/* this one is the one that defines NSS specific data */
+#include "pkcs11n.h"
diff --git a/security/nss/lib/ckfw/config.mk b/security/nss/lib/ckfw/config.mk
new file mode 100644
index 000000000..a3ed5aed2
--- /dev/null
+++ b/security/nss/lib/ckfw/config.mk
@@ -0,0 +1,25 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef BUILD_IDG
+DEFINES += -DNSSDEBUG
+endif
+
+#
+# Hack to see if everything still builds
+#
+
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+
diff --git a/security/nss/lib/ckfw/crypto.c b/security/nss/lib/ckfw/crypto.c
new file mode 100644
index 000000000..66afb773a
--- /dev/null
+++ b/security/nss/lib/ckfw/crypto.c
@@ -0,0 +1,318 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * crypto.c
+ *
+ * This file implements the NSSCKFWCryptoOperation type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWCryptoOperation
+ *
+ * -- create/destroy --
+ * nssCKFWCrytoOperation_Create
+ * nssCKFWCryptoOperation_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWCryptoOperation_GetMDCryptoOperation
+ * nssCKFWCryptoOperation_GetType
+ *
+ * -- private accessors --
+ *
+ * -- module fronts --
+ * nssCKFWCryptoOperation_GetFinalLength
+ * nssCKFWCryptoOperation_GetOperationLength
+ * nssCKFWCryptoOperation_Final
+ * nssCKFWCryptoOperation_Update
+ * nssCKFWCryptoOperation_DigestUpdate
+ * nssCKFWCryptoOperation_UpdateFinal
+ */
+
+struct NSSCKFWCryptoOperationStr {
+ /* NSSArena *arena; */
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKFWSession *fwSession;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+ NSSCKMDInstance *mdInstance;
+ NSSCKFWInstance *fwInstance;
+ NSSCKFWCryptoOperationType type;
+};
+
+/*
+ * nssCKFWCrytoOperation_Create
+ */
+NSS_EXTERN NSSCKFWCryptoOperation *
+nssCKFWCryptoOperation_Create(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWCryptoOperationType type,
+ CK_RV *pError)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ fwOperation = nss_ZNEW(NULL, NSSCKFWCryptoOperation);
+ if (!fwOperation) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+ fwOperation->mdOperation = mdOperation;
+ fwOperation->mdSession = mdSession;
+ fwOperation->fwSession = fwSession;
+ fwOperation->mdToken = mdToken;
+ fwOperation->fwToken = fwToken;
+ fwOperation->mdInstance = mdInstance;
+ fwOperation->fwInstance = fwInstance;
+ fwOperation->type = type;
+ return fwOperation;
+}
+
+/*
+ * nssCKFWCryptoOperation_Destroy
+ */
+NSS_EXTERN void
+nssCKFWCryptoOperation_Destroy(
+ NSSCKFWCryptoOperation *fwOperation)
+{
+ if ((NSSCKMDCryptoOperation *)NULL != fwOperation->mdOperation) {
+ if (fwOperation->mdOperation->Destroy) {
+ fwOperation->mdOperation->Destroy(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance);
+ }
+ }
+ nss_ZFreeIf(fwOperation);
+}
+
+/*
+ * nssCKFWCryptoOperation_GetMDCryptoOperation
+ */
+NSS_EXTERN NSSCKMDCryptoOperation *
+nssCKFWCryptoOperation_GetMDCryptoOperation(
+ NSSCKFWCryptoOperation *fwOperation)
+{
+ return fwOperation->mdOperation;
+}
+
+/*
+ * nssCKFWCryptoOperation_GetType
+ */
+NSS_EXTERN NSSCKFWCryptoOperationType
+nssCKFWCryptoOperation_GetType(
+ NSSCKFWCryptoOperation *fwOperation)
+{
+ return fwOperation->type;
+}
+
+/*
+ * nssCKFWCryptoOperation_GetFinalLength
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWCryptoOperation_GetFinalLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ CK_RV *pError)
+{
+ if (!fwOperation->mdOperation->GetFinalLength) {
+ *pError = CKR_FUNCTION_FAILED;
+ return 0;
+ }
+ return fwOperation->mdOperation->GetFinalLength(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ pError);
+}
+
+/*
+ * nssCKFWCryptoOperation_GetOperationLength
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWCryptoOperation_GetOperationLength(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ CK_RV *pError)
+{
+ if (!fwOperation->mdOperation->GetOperationLength) {
+ *pError = CKR_FUNCTION_FAILED;
+ return 0;
+ }
+ return fwOperation->mdOperation->GetOperationLength(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ pError);
+}
+
+/*
+ * nssCKFWCryptoOperation_Final
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_Final(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *outputBuffer)
+{
+ if (!fwOperation->mdOperation->Final) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->Final(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ outputBuffer);
+}
+
+/*
+ * nssCKFWCryptoOperation_Update
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_Update(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer)
+{
+ if (!fwOperation->mdOperation->Update) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->Update(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ outputBuffer);
+}
+
+/*
+ * nssCKFWCryptoOperation_DigestUpdate
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_DigestUpdate(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer)
+{
+ if (!fwOperation->mdOperation->DigestUpdate) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->DigestUpdate(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer);
+}
+
+/*
+ * nssCKFWCryptoOperation_DigestKey
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_DigestKey(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWObject *fwObject /* Key */
+ )
+{
+ NSSCKMDObject *mdObject;
+
+ if (!fwOperation->mdOperation->DigestKey) {
+ return CKR_FUNCTION_FAILED;
+ }
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ return fwOperation->mdOperation->DigestKey(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ mdObject,
+ fwObject);
+}
+
+/*
+ * nssCKFWCryptoOperation_UpdateFinal
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_UpdateFinal(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer)
+{
+ if (!fwOperation->mdOperation->UpdateFinal) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->UpdateFinal(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ outputBuffer);
+}
+
+/*
+ * nssCKFWCryptoOperation_UpdateCombo
+ */
+NSS_EXTERN CK_RV
+nssCKFWCryptoOperation_UpdateCombo(
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperation *fwPeerOperation,
+ NSSItem *inputBuffer,
+ NSSItem *outputBuffer)
+{
+ if (!fwOperation->mdOperation->UpdateCombo) {
+ return CKR_FUNCTION_FAILED;
+ }
+ return fwOperation->mdOperation->UpdateCombo(
+ fwOperation->mdOperation,
+ fwOperation,
+ fwPeerOperation->mdOperation,
+ fwPeerOperation,
+ fwOperation->mdSession,
+ fwOperation->fwSession,
+ fwOperation->mdToken,
+ fwOperation->fwToken,
+ fwOperation->mdInstance,
+ fwOperation->fwInstance,
+ inputBuffer,
+ outputBuffer);
+}
diff --git a/security/nss/lib/ckfw/dbm/Makefile b/security/nss/lib/ckfw/dbm/Makefile
new file mode 100644
index 000000000..07ae9676a
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/Makefile
@@ -0,0 +1,9 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include config.mk
+include $(CORE_DEPTH)/coreconf/config.mk
+include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/security/nss/lib/ckfw/dbm/anchor.c b/security/nss/lib/ckfw/dbm/anchor.c
new file mode 100644
index 000000000..c904d25ae
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/anchor.c
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * dbm/anchor.c
+ *
+ * This file "anchors" the actual cryptoki entry points in this module's
+ * shared library, which is required for dynamic loading. See the
+ * comments in nssck.api for more information.
+ */
+
+#include "ckdbm.h"
+
+#define MODULE_NAME dbm
+#define INSTANCE_NAME (NSSCKMDInstance *)&nss_dbm_mdInstance
+#include "nssck.api"
diff --git a/security/nss/lib/ckfw/dbm/ckdbm.h b/security/nss/lib/ckfw/dbm/ckdbm.h
new file mode 100644
index 000000000..8c2607cb3
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/ckdbm.h
@@ -0,0 +1,210 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKDBM_H
+#define CKDBM_H
+
+#include "nssckmdt.h"
+#include "nssckfw.h"
+
+/*
+ * I'm including this for access to the arena functions.
+ * Looks like we should publish that API.
+ */
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+/*
+ * This is where the Netscape extensions live, at least for now.
+ */
+#ifndef CKT_H
+#include "ckt.h"
+#endif /* CKT_H */
+
+#include "mcom_db.h"
+
+NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance;
+
+typedef struct nss_dbm_db_struct nss_dbm_db_t;
+struct nss_dbm_db_struct {
+ DB *db;
+ NSSCKFWMutex *crustylock;
+};
+
+typedef struct nss_dbm_dbt_struct nss_dbm_dbt_t;
+struct nss_dbm_dbt_struct {
+ DBT dbt;
+ nss_dbm_db_t *my_db;
+};
+
+typedef struct nss_dbm_instance_struct nss_dbm_instance_t;
+struct nss_dbm_instance_struct {
+ NSSArena *arena;
+ CK_ULONG nSlots;
+ char **filenames;
+ int *flags; /* e.g. O_RDONLY, O_RDWR */
+};
+
+typedef struct nss_dbm_slot_struct nss_dbm_slot_t;
+struct nss_dbm_slot_struct {
+ nss_dbm_instance_t *instance;
+ char *filename;
+ int flags;
+ nss_dbm_db_t *token_db;
+};
+
+typedef struct nss_dbm_token_struct nss_dbm_token_t;
+struct nss_dbm_token_struct {
+ NSSArena *arena;
+ nss_dbm_slot_t *slot;
+ nss_dbm_db_t *session_db;
+ NSSUTF8 *label;
+};
+
+struct nss_dbm_dbt_node {
+ struct nss_dbm_dbt_node *next;
+ nss_dbm_dbt_t *dbt;
+};
+
+typedef struct nss_dbm_session_struct nss_dbm_session_t;
+struct nss_dbm_session_struct {
+ NSSArena *arena;
+ nss_dbm_token_t *token;
+ CK_ULONG deviceError;
+ struct nss_dbm_dbt_node *session_objects;
+ NSSCKFWMutex *list_lock;
+};
+
+typedef struct nss_dbm_object_struct nss_dbm_object_t;
+struct nss_dbm_object_struct {
+ NSSArena *arena; /* token or session */
+ nss_dbm_dbt_t *handle;
+};
+
+typedef struct nss_dbm_find_struct nss_dbm_find_t;
+struct nss_dbm_find_struct {
+ NSSArena *arena;
+ struct nss_dbm_dbt_node *found;
+ NSSCKFWMutex *list_lock;
+};
+
+NSS_EXTERN NSSCKMDSlot *
+nss_dbm_mdSlot_factory(
+ nss_dbm_instance_t *instance,
+ char *filename,
+ int flags,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDToken *
+nss_dbm_mdToken_factory(
+ nss_dbm_slot_t *slot,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDSession *
+nss_dbm_mdSession_factory(
+ nss_dbm_token_t *token,
+ NSSCKFWSession *fwSession,
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL rw,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDObject *
+nss_dbm_mdObject_factory(
+ nss_dbm_object_t *object,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDFindObjects *
+nss_dbm_mdFindObjects_factory(
+ nss_dbm_find_t *find,
+ CK_RV *pError);
+
+NSS_EXTERN nss_dbm_db_t *
+nss_dbm_db_open(
+ NSSArena *arena,
+ NSSCKFWInstance *fwInstance,
+ char *filename,
+ int flags,
+ CK_RV *pError);
+
+NSS_EXTERN void
+nss_dbm_db_close(
+ nss_dbm_db_t *db);
+
+NSS_EXTERN CK_VERSION
+nss_dbm_db_get_format_version(
+ nss_dbm_db_t *db);
+
+NSS_EXTERN CK_RV
+nss_dbm_db_set_label(
+ nss_dbm_db_t *db,
+ NSSUTF8 *label);
+
+NSS_EXTERN NSSUTF8 *
+nss_dbm_db_get_label(
+ nss_dbm_db_t *db,
+ NSSArena *arena,
+ CK_RV *pError);
+
+NSS_EXTERN CK_RV
+nss_dbm_db_delete_object(
+ nss_dbm_dbt_t *dbt);
+
+NSS_EXTERN nss_dbm_dbt_t *
+nss_dbm_db_create_object(
+ NSSArena *arena,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
+
+NSS_EXTERN CK_RV
+nss_dbm_db_find_objects(
+ nss_dbm_find_t *find,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_ULONG *pdbrv);
+
+NSS_EXTERN CK_BBOOL
+nss_dbm_db_object_still_exists(
+ nss_dbm_dbt_t *dbt);
+
+NSS_EXTERN CK_ULONG
+nss_dbm_db_get_object_attribute_count(
+ nss_dbm_dbt_t *dbt,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
+
+NSS_EXTERN CK_RV
+nss_dbm_db_get_object_attribute_types(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount,
+ CK_ULONG *pdbrv);
+
+NSS_EXTERN CK_ULONG
+nss_dbm_db_get_object_attribute_size(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
+
+NSS_EXTERN NSSItem *
+nss_dbm_db_get_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ NSSArena *arena,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv);
+
+NSS_EXTERN CK_RV
+nss_dbm_db_set_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ NSSItem *value,
+ CK_ULONG *pdbrv);
+
+#endif /* CKDBM_H */
diff --git a/security/nss/lib/ckfw/dbm/config.mk b/security/nss/lib/ckfw/dbm/config.mk
new file mode 100644
index 000000000..a1991e5f4
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/config.mk
@@ -0,0 +1,8 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef BUILD_IDG
+DEFINES += -DNSSDEBUG
+endif
diff --git a/security/nss/lib/ckfw/dbm/db.c b/security/nss/lib/ckfw/dbm/db.c
new file mode 100644
index 000000000..bbf2b9510
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/db.c
@@ -0,0 +1,1069 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+#define PREFIX_METADATA "0000"
+#define PREFIX_OBJECT "0001"
+#define PREFIX_INDEX "0002"
+
+static CK_VERSION nss_dbm_db_format_version = { 1, 0 };
+struct handle {
+ char prefix[4];
+ CK_ULONG id;
+};
+
+NSS_IMPLEMENT nss_dbm_db_t *
+nss_dbm_db_open(
+ NSSArena *arena,
+ NSSCKFWInstance *fwInstance,
+ char *filename,
+ int flags,
+ CK_RV *pError)
+{
+ nss_dbm_db_t *rv;
+ CK_VERSION db_version;
+
+ rv = nss_ZNEW(arena, nss_dbm_db_t);
+ if ((nss_dbm_db_t *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ rv->db = dbopen(filename, flags, 0600, DB_HASH, (const void *)NULL);
+ if ((DB *)NULL == rv->db) {
+ *pError = CKR_TOKEN_NOT_PRESENT;
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ rv->crustylock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if ((NSSCKFWMutex *)NULL == rv->crustylock) {
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ db_version = nss_dbm_db_get_format_version(rv);
+ if (db_version.major != nss_dbm_db_format_version.major) {
+ nss_dbm_db_close(rv);
+ *pError = CKR_TOKEN_NOT_RECOGNIZED;
+ return (nss_dbm_db_t *)NULL;
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT void
+nss_dbm_db_close(
+ nss_dbm_db_t *db)
+{
+ if ((NSSCKFWMutex *)NULL != db->crustylock) {
+ (void)NSSCKFWMutex_Destroy(db->crustylock);
+ }
+
+ if ((DB *)NULL != db->db) {
+ (void)db->db->close(db->db);
+ }
+
+ nss_ZFreeIf(db);
+}
+
+NSS_IMPLEMENT CK_VERSION
+nss_dbm_db_get_format_version(
+ nss_dbm_db_t *db)
+{
+ CK_VERSION rv;
+ DBT k, v;
+ int dbrv;
+ char buffer[64];
+
+ rv.major = rv.minor = 0;
+
+ k.data = PREFIX_METADATA "FormatVersion";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ (void)memset(&v, 0, sizeof(v));
+
+ /* Locked region */
+ {
+ if (CKR_OK != NSSCKFWMutex_Lock(db->crustylock)) {
+ return rv;
+ }
+
+ dbrv = db->db->get(db->db, &k, &v, 0);
+ if (dbrv == 0) {
+ CK_ULONG major = 0, minor = 0;
+ (void)PR_sscanf(v.data, "%ld.%ld", &major, &minor);
+ rv.major = major;
+ rv.minor = minor;
+ } else if (dbrv > 0) {
+ (void)PR_snprintf(buffer, sizeof(buffer), "%ld.%ld", nss_dbm_db_format_version.major,
+ nss_dbm_db_format_version.minor);
+ v.data = buffer;
+ v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
+ dbrv = db->db->put(db->db, &k, &v, 0);
+ (void)db->db->sync(db->db, 0);
+ rv = nss_dbm_db_format_version;
+ } else {
+ /* No error return.. */
+ ;
+ }
+
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_RV
+nss_dbm_db_set_label(
+ nss_dbm_db_t *db,
+ NSSUTF8 *label)
+{
+ CK_RV rv;
+ DBT k, v;
+ int dbrv;
+
+ k.data = PREFIX_METADATA "Label";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ v.data = label;
+ v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
+
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+
+ dbrv = db->db->put(db->db, &k, &v, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ }
+
+ dbrv = db->db->sync(db->db, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ }
+
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nss_dbm_db_get_label(
+ nss_dbm_db_t *db,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ NSSUTF8 *rv = (NSSUTF8 *)NULL;
+ DBT k, v;
+ int dbrv;
+
+ k.data = PREFIX_METADATA "Label";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+
+ /* Locked region */
+ {
+ if (CKR_OK != NSSCKFWMutex_Lock(db->crustylock)) {
+ return rv;
+ }
+
+ dbrv = db->db->get(db->db, &k, &v, 0);
+ if (0 == dbrv) {
+ rv = nssUTF8_Duplicate((NSSUTF8 *)v.data, arena);
+ if ((NSSUTF8 *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ } else if (dbrv > 0) {
+ /* Just return null */
+ ;
+ } else {
+ *pError = CKR_DEVICE_ERROR;
+ ;
+ }
+
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_RV
+nss_dbm_db_delete_object(
+ nss_dbm_dbt_t *dbt)
+{
+ CK_RV rv;
+ int dbrv;
+
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+
+ dbrv = dbt->my_db->db->del(dbt->my_db->db, &dbt->dbt, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ dbrv = dbt->my_db->db->sync(dbt->my_db->db, 0);
+ if (0 != dbrv) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+ return rv;
+}
+
+static CK_ULONG
+nss_dbm_db_new_handle(
+ nss_dbm_db_t *db,
+ DBT *dbt, /* pre-allocated */
+ CK_RV *pError)
+{
+ CK_ULONG rv;
+ DBT k, v;
+ CK_ULONG align = 0, id, myid;
+ struct handle *hp;
+
+ if (sizeof(struct handle) != dbt->size) {
+ return EINVAL;
+ }
+
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != *pError) {
+ return EINVAL;
+ }
+
+ k.data = PREFIX_METADATA "LastID";
+ k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
+ (void)memset(&v, 0, sizeof(v));
+
+ rv = db->db->get(db->db, &k, &v, 0);
+ if (0 == rv) {
+ (void)memcpy(&align, v.data, sizeof(CK_ULONG));
+ id = ntohl(align);
+ } else if (rv > 0) {
+ id = 0;
+ } else {
+ goto done;
+ }
+
+ myid = id;
+ id++;
+ align = htonl(id);
+ v.data = &align;
+ v.size = sizeof(CK_ULONG);
+
+ rv = db->db->put(db->db, &k, &v, 0);
+ if (0 != rv) {
+ goto done;
+ }
+
+ rv = db->db->sync(db->db, 0);
+ if (0 != rv) {
+ goto done;
+ }
+
+ done:
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+ if (0 != rv) {
+ return rv;
+ }
+
+ hp = (struct handle *)dbt->data;
+ (void)memcpy(&hp->prefix[0], PREFIX_OBJECT, 4);
+ hp->id = myid;
+
+ return 0;
+}
+
+/*
+ * This attribute-type-dependent swapping should probably
+ * be in the Framework, because it'll be a concern of just
+ * about every Module. Of course any Framework implementation
+ * will have to be augmentable or overridable by a Module.
+ */
+
+enum swap_type { type_byte,
+ type_short,
+ type_long,
+ type_opaque };
+
+static enum swap_type
+nss_dbm_db_swap_type(
+ CK_ATTRIBUTE_TYPE type)
+{
+ switch (type) {
+ case CKA_CLASS:
+ return type_long;
+ case CKA_TOKEN:
+ return type_byte;
+ case CKA_PRIVATE:
+ return type_byte;
+ case CKA_LABEL:
+ return type_opaque;
+ case CKA_APPLICATION:
+ return type_opaque;
+ case CKA_VALUE:
+ return type_opaque;
+ case CKA_CERTIFICATE_TYPE:
+ return type_long;
+ case CKA_ISSUER:
+ return type_opaque;
+ case CKA_SERIAL_NUMBER:
+ return type_opaque;
+ case CKA_KEY_TYPE:
+ return type_long;
+ case CKA_SUBJECT:
+ return type_opaque;
+ case CKA_ID:
+ return type_opaque;
+ case CKA_SENSITIVE:
+ return type_byte;
+ case CKA_ENCRYPT:
+ return type_byte;
+ case CKA_DECRYPT:
+ return type_byte;
+ case CKA_WRAP:
+ return type_byte;
+ case CKA_UNWRAP:
+ return type_byte;
+ case CKA_SIGN:
+ return type_byte;
+ case CKA_SIGN_RECOVER:
+ return type_byte;
+ case CKA_VERIFY:
+ return type_byte;
+ case CKA_VERIFY_RECOVER:
+ return type_byte;
+ case CKA_DERIVE:
+ return type_byte;
+ case CKA_START_DATE:
+ return type_opaque;
+ case CKA_END_DATE:
+ return type_opaque;
+ case CKA_MODULUS:
+ return type_opaque;
+ case CKA_MODULUS_BITS:
+ return type_long;
+ case CKA_PUBLIC_EXPONENT:
+ return type_opaque;
+ case CKA_PRIVATE_EXPONENT:
+ return type_opaque;
+ case CKA_PRIME_1:
+ return type_opaque;
+ case CKA_PRIME_2:
+ return type_opaque;
+ case CKA_EXPONENT_1:
+ return type_opaque;
+ case CKA_EXPONENT_2:
+ return type_opaque;
+ case CKA_COEFFICIENT:
+ return type_opaque;
+ case CKA_PRIME:
+ return type_opaque;
+ case CKA_SUBPRIME:
+ return type_opaque;
+ case CKA_BASE:
+ return type_opaque;
+ case CKA_VALUE_BITS:
+ return type_long;
+ case CKA_VALUE_LEN:
+ return type_long;
+ case CKA_EXTRACTABLE:
+ return type_byte;
+ case CKA_LOCAL:
+ return type_byte;
+ case CKA_NEVER_EXTRACTABLE:
+ return type_byte;
+ case CKA_ALWAYS_SENSITIVE:
+ return type_byte;
+ case CKA_MODIFIABLE:
+ return type_byte;
+ case CKA_NETSCAPE_URL:
+ return type_opaque;
+ case CKA_NETSCAPE_EMAIL:
+ return type_opaque;
+ case CKA_NETSCAPE_SMIME_INFO:
+ return type_opaque;
+ case CKA_NETSCAPE_SMIME_TIMESTAMP:
+ return type_opaque;
+ case CKA_NETSCAPE_PKCS8_SALT:
+ return type_opaque;
+ case CKA_NETSCAPE_PASSWORD_CHECK:
+ return type_opaque;
+ case CKA_NETSCAPE_EXPIRES:
+ return type_opaque;
+ case CKA_TRUST_DIGITAL_SIGNATURE:
+ return type_long;
+ case CKA_TRUST_NON_REPUDIATION:
+ return type_long;
+ case CKA_TRUST_KEY_ENCIPHERMENT:
+ return type_long;
+ case CKA_TRUST_DATA_ENCIPHERMENT:
+ return type_long;
+ case CKA_TRUST_KEY_AGREEMENT:
+ return type_long;
+ case CKA_TRUST_KEY_CERT_SIGN:
+ return type_long;
+ case CKA_TRUST_CRL_SIGN:
+ return type_long;
+ case CKA_TRUST_SERVER_AUTH:
+ return type_long;
+ case CKA_TRUST_CLIENT_AUTH:
+ return type_long;
+ case CKA_TRUST_CODE_SIGNING:
+ return type_long;
+ case CKA_TRUST_EMAIL_PROTECTION:
+ return type_long;
+ case CKA_TRUST_IPSEC_END_SYSTEM:
+ return type_long;
+ case CKA_TRUST_IPSEC_TUNNEL:
+ return type_long;
+ case CKA_TRUST_IPSEC_USER:
+ return type_long;
+ case CKA_TRUST_TIME_STAMPING:
+ return type_long;
+ case CKA_NETSCAPE_DB:
+ return type_opaque;
+ case CKA_NETSCAPE_TRUST:
+ return type_opaque;
+ default:
+ return type_opaque;
+ }
+}
+
+static void
+nss_dbm_db_swap_copy(
+ CK_ATTRIBUTE_TYPE type,
+ void *dest,
+ void *src,
+ CK_ULONG len)
+{
+ switch (nss_dbm_db_swap_type(type)) {
+ case type_byte:
+ case type_opaque:
+ (void)memcpy(dest, src, len);
+ break;
+ case type_short: {
+ CK_USHORT s, d;
+ (void)memcpy(&s, src, sizeof(CK_USHORT));
+ d = htons(s);
+ (void)memcpy(dest, &d, sizeof(CK_USHORT));
+ break;
+ }
+ case type_long: {
+ CK_ULONG s, d;
+ (void)memcpy(&s, src, sizeof(CK_ULONG));
+ d = htonl(s);
+ (void)memcpy(dest, &d, sizeof(CK_ULONG));
+ break;
+ }
+ }
+}
+
+static CK_RV
+nss_dbm_db_wrap_object(
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ DBT *object)
+{
+ CK_ULONG object_size;
+ CK_ULONG i;
+ CK_ULONG *pulData;
+ char *pcData;
+ CK_ULONG offset;
+
+ object_size = (1 + ulAttributeCount * 3) * sizeof(CK_ULONG);
+ offset = object_size;
+ for (i = 0; i < ulAttributeCount; i++) {
+ object_size += pTemplate[i].ulValueLen;
+ }
+
+ object->size = object_size;
+ object->data = nss_ZAlloc(arena, object_size);
+ if ((void *)NULL == object->data) {
+ return CKR_HOST_MEMORY;
+ }
+
+ pulData = (CK_ULONG *)object->data;
+ pcData = (char *)object->data;
+
+ pulData[0] = htonl(ulAttributeCount);
+ for (i = 0; i < ulAttributeCount; i++) {
+ CK_ULONG len = pTemplate[i].ulValueLen;
+ pulData[1 + i * 3] = htonl(pTemplate[i].type);
+ pulData[2 + i * 3] = htonl(len);
+ pulData[3 + i * 3] = htonl(offset);
+ nss_dbm_db_swap_copy(pTemplate[i].type, &pcData[offset], pTemplate[i].pValue, len);
+ offset += len;
+ }
+
+ return CKR_OK;
+}
+
+static CK_RV
+nss_dbm_db_unwrap_object(
+ NSSArena *arena,
+ DBT *object,
+ CK_ATTRIBUTE_PTR *ppTemplate,
+ CK_ULONG *pulAttributeCount)
+{
+ CK_ULONG *pulData;
+ char *pcData;
+ CK_ULONG n, i;
+ CK_ATTRIBUTE_PTR pTemplate;
+
+ pulData = (CK_ULONG *)object->data;
+ pcData = (char *)object->data;
+
+ n = ntohl(pulData[0]);
+ *pulAttributeCount = n;
+ pTemplate = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, n);
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ return CKR_HOST_MEMORY;
+ }
+
+ for (i = 0; i < n; i++) {
+ CK_ULONG len;
+ CK_ULONG offset;
+ void *p;
+
+ pTemplate[i].type = ntohl(pulData[1 + i * 3]);
+ len = ntohl(pulData[2 + i * 3]);
+ offset = ntohl(pulData[3 + i * 3]);
+
+ p = nss_ZAlloc(arena, len);
+ if ((void *)NULL == p) {
+ return CKR_HOST_MEMORY;
+ }
+
+ nss_dbm_db_swap_copy(pTemplate[i].type, p, &pcData[offset], len);
+ pTemplate[i].ulValueLen = len;
+ pTemplate[i].pValue = p;
+ }
+
+ *ppTemplate = pTemplate;
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT nss_dbm_dbt_t *
+nss_dbm_db_create_object(
+ NSSArena *arena,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
+{
+ NSSArena *tmparena = (NSSArena *)NULL;
+ nss_dbm_dbt_t *rv = (nss_dbm_dbt_t *)NULL;
+ DBT object;
+
+ rv = nss_ZNEW(arena, nss_dbm_dbt_t);
+ if ((nss_dbm_dbt_t *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_dbt_t *)NULL;
+ }
+
+ rv->my_db = db;
+ rv->dbt.size = sizeof(struct handle);
+ rv->dbt.data = nss_ZAlloc(arena, rv->dbt.size);
+ if ((void *)NULL == rv->dbt.data) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_dbt_t *)NULL;
+ }
+
+ *pdbrv = nss_dbm_db_new_handle(db, &rv->dbt, pError);
+ if (0 != *pdbrv) {
+ return (nss_dbm_dbt_t *)NULL;
+ }
+
+ tmparena = NSSArena_Create();
+ if ((NSSArena *)NULL == tmparena) {
+ *pError = CKR_HOST_MEMORY;
+ return (nss_dbm_dbt_t *)NULL;
+ }
+
+ *pError = nss_dbm_db_wrap_object(tmparena, pTemplate, ulAttributeCount, &object);
+ if (CKR_OK != *pError) {
+ return (nss_dbm_dbt_t *)NULL;
+ }
+
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ *pdbrv = db->db->put(db->db, &rv->dbt, &object, 0);
+ if (0 != *pdbrv) {
+ *pError = CKR_DEVICE_ERROR;
+ }
+
+ (void)db->db->sync(db->db, 0);
+
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+loser:
+ if ((NSSArena *)NULL != tmparena) {
+ (void)NSSArena_Destroy(tmparena);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_RV
+nss_dbm_db_find_objects(
+ nss_dbm_find_t *find,
+ nss_dbm_db_t *db,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_ULONG *pdbrv)
+{
+ CK_RV rv = CKR_OK;
+
+ if ((nss_dbm_db_t *)NULL != db) {
+ DBT k, v;
+
+ rv = NSSCKFWMutex_Lock(db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+
+ *pdbrv = db->db->seq(db->db, &k, &v, R_FIRST);
+ while (0 == *pdbrv) {
+ CK_ULONG i, j;
+ NSSArena *tmparena = (NSSArena *)NULL;
+ CK_ULONG ulac;
+ CK_ATTRIBUTE_PTR pt;
+
+ if ((k.size < 4) || (0 != memcmp(k.data, PREFIX_OBJECT, 4))) {
+ goto nomatch;
+ }
+
+ tmparena = NSSArena_Create();
+
+ rv = nss_dbm_db_unwrap_object(tmparena, &v, &pt, &ulac);
+ if (CKR_OK != rv) {
+ goto loser;
+ }
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ for (j = 0; j < ulac; j++) {
+ if (pTemplate[i].type ==
+ pt[j].type) {
+ if (pTemplate[i].ulValueLen !=
+ pt[j].ulValueLen) {
+ goto nomatch;
+ }
+ if (0 !=
+ memcmp(pTemplate[i].pValue, pt[j].pValue, pt[j].ulValueLen)) {
+ goto nomatch;
+ }
+ break;
+ }
+ }
+ if (j == ulac) {
+ goto nomatch;
+ }
+ }
+
+ /* entire template matches */
+ {
+ struct nss_dbm_dbt_node *node;
+
+ node = nss_ZNEW(find->arena, struct nss_dbm_dbt_node);
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ rv =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ node->dbt = nss_ZNEW(find->arena, nss_dbm_dbt_t);
+ if ((nss_dbm_dbt_t *)NULL == node->dbt) {
+ rv =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ node->dbt->dbt.size = k.size;
+ node->dbt->dbt.data = nss_ZAlloc(find->arena, k.size);
+ if ((void *)NULL == node->dbt->dbt.data) {
+ rv =
+ CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)memcpy(node->dbt->dbt.data, k.data, k.size);
+
+ node->dbt->my_db = db;
+
+ node->next = find->found;
+ find->found = node;
+ }
+
+ nomatch:
+ if ((NSSArena *)NULL != tmparena) {
+ (void)NSSArena_Destroy(tmparena);
+ }
+ *pdbrv = db->db->seq(db->db, &k, &v, R_NEXT);
+ }
+
+ if (*pdbrv < 0) {
+ rv = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ rv = CKR_OK;
+
+ loser:
+ (void)NSSCKFWMutex_Unlock(db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_BBOOL
+nss_dbm_db_object_still_exists(
+ nss_dbm_dbt_t *dbt)
+{
+ CK_BBOOL rv;
+ CK_RV ckrv;
+ int dbrv;
+ DBT object;
+
+ ckrv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != ckrv) {
+ return CK_FALSE;
+ }
+
+ dbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == dbrv) {
+ rv = CK_TRUE;
+ } else {
+ rv = CK_FALSE;
+ }
+
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_ULONG
+nss_dbm_db_get_object_attribute_count(
+ nss_dbm_dbt_t *dbt,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
+{
+ CK_ULONG rv = 0;
+ DBT object;
+ CK_ULONG *pulData;
+
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != *pError) {
+ return rv;
+ }
+
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ } else if (*pdbrv > 0) {
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ } else {
+ *pError = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ pulData = (CK_ULONG *)object.data;
+ rv = ntohl(pulData[0]);
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_RV
+nss_dbm_db_get_object_attribute_types(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount,
+ CK_ULONG *pdbrv)
+{
+ CK_RV rv = CKR_OK;
+ DBT object;
+ CK_ULONG *pulData;
+ CK_ULONG n, i;
+
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ } else if (*pdbrv > 0) {
+ rv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ } else {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ pulData = (CK_ULONG *)object.data;
+ n = ntohl(pulData[0]);
+
+ if (ulCount < n) {
+ rv = CKR_BUFFER_TOO_SMALL;
+ goto done;
+ }
+
+ for (i = 0; i < n; i++) {
+ typeArray[i] = ntohl(pulData[1 + i * 3]);
+ }
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_ULONG
+nss_dbm_db_get_object_attribute_size(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
+{
+ CK_ULONG rv = 0;
+ DBT object;
+ CK_ULONG *pulData;
+ CK_ULONG n, i;
+
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != *pError) {
+ return rv;
+ }
+
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ } else if (*pdbrv > 0) {
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ } else {
+ *pError = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ pulData = (CK_ULONG *)object.data;
+ n = ntohl(pulData[0]);
+
+ for (i = 0; i < n; i++) {
+ if (type == ntohl(pulData[1 + i * 3])) {
+ rv = ntohl(pulData[2 + i * 3]);
+ }
+ }
+
+ if (i == n) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto done;
+ }
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT NSSItem *
+nss_dbm_db_get_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ NSSArena *arena,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError,
+ CK_ULONG *pdbrv)
+{
+ NSSItem *rv = (NSSItem *)NULL;
+ DBT object;
+ CK_ULONG i;
+ NSSArena *tmp = NSSArena_Create();
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulAttributeCount;
+
+ /* Locked region */
+ {
+ *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ } else if (*pdbrv > 0) {
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ } else {
+ *pError = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ *pError = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (type == pTemplate[i].type) {
+ rv = nss_ZNEW(arena, NSSItem);
+ if ((NSSItem *)NULL == rv) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto done;
+ }
+ rv->size = pTemplate[i].ulValueLen;
+ rv->data = nss_ZAlloc(arena, rv->size);
+ if ((void *)NULL == rv->data) {
+ *pError =
+ CKR_HOST_MEMORY;
+ goto done;
+ }
+ (void)memcpy(rv->data, pTemplate[i].pValue, rv->size);
+ break;
+ }
+ }
+ if (ulAttributeCount == i) {
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto done;
+ }
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+loser:
+ if ((NSSArena *)NULL != tmp) {
+ NSSArena_Destroy(tmp);
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT CK_RV
+nss_dbm_db_set_object_attribute(
+ nss_dbm_dbt_t *dbt,
+ CK_ATTRIBUTE_TYPE type,
+ NSSItem *value,
+ CK_ULONG *pdbrv)
+{
+ CK_RV rv = CKR_OK;
+ DBT object;
+ CK_ULONG i;
+ NSSArena *tmp = NSSArena_Create();
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulAttributeCount;
+
+ /* Locked region */
+ {
+ rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
+ if (CKR_OK != rv) {
+ goto loser;
+ }
+
+ *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 == *pdbrv) {
+ ;
+ } else if (*pdbrv > 0) {
+ rv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ } else {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ rv = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
+ if (CKR_OK != rv) {
+ goto done;
+ }
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (type == pTemplate[i].type) {
+ /* Replacing an existing attribute */
+ pTemplate[i].ulValueLen = value->size;
+ pTemplate[i].pValue = value->data;
+ break;
+ }
+ }
+
+ if (i == ulAttributeCount) {
+ /* Adding a new attribute */
+ CK_ATTRIBUTE_PTR npt = nss_ZNEWARRAY(tmp, CK_ATTRIBUTE, ulAttributeCount + 1);
+ if ((CK_ATTRIBUTE_PTR)NULL == npt) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ npt[i] = pTemplate[i];
+ }
+
+ npt[ulAttributeCount].type = type;
+ npt[ulAttributeCount].ulValueLen = value->size;
+ npt[ulAttributeCount].pValue = value->data;
+
+ pTemplate = npt;
+ ulAttributeCount++;
+ }
+
+ rv = nss_dbm_db_wrap_object(tmp, pTemplate, ulAttributeCount, &object);
+ if (CKR_OK != rv) {
+ goto done;
+ }
+
+ *pdbrv = dbt->my_db->db->put(dbt->my_db->db, &dbt->dbt, &object, 0);
+ if (0 != *pdbrv) {
+ rv = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ (void)dbt->my_db->db->sync(dbt->my_db->db, 0);
+
+ done:
+ (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
+ }
+
+loser:
+ if ((NSSArena *)NULL != tmp) {
+ NSSArena_Destroy(tmp);
+ }
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/dbm/find.c b/security/nss/lib/ckfw/dbm/find.c
new file mode 100644
index 000000000..8a03855c3
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/find.c
@@ -0,0 +1,126 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+static void
+nss_dbm_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
+
+ /* Locks might have system resources associated */
+ (void)NSSCKFWMutex_Destroy(find->list_lock);
+ (void)NSSArena_Destroy(find->arena);
+}
+
+static NSSCKMDObject *
+nss_dbm_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
+ struct nss_dbm_dbt_node *node;
+ nss_dbm_object_t *object;
+ NSSCKMDObject *rv;
+
+ while (1) {
+ /* Lock */
+ {
+ *pError = NSSCKFWMutex_Lock(find->list_lock);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ node = find->found;
+ if ((struct nss_dbm_dbt_node *)NULL != node) {
+ find->found = node->next;
+ }
+
+ *pError = NSSCKFWMutex_Unlock(find->list_lock);
+ if (CKR_OK != *pError) {
+ /* screwed now */
+ return (NSSCKMDObject *)NULL;
+ }
+ }
+
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ break;
+ }
+
+ if (nss_dbm_db_object_still_exists(node->dbt)) {
+ break;
+ }
+ }
+
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ object = nss_ZNEW(arena, nss_dbm_object_t);
+ if ((nss_dbm_object_t *)NULL == object) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ object->arena = arena;
+ object->handle = nss_ZNEW(arena, nss_dbm_dbt_t);
+ if ((nss_dbm_dbt_t *)NULL == object->handle) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ object->handle->my_db = node->dbt->my_db;
+ object->handle->dbt.size = node->dbt->dbt.size;
+ object->handle->dbt.data = nss_ZAlloc(arena, node->dbt->dbt.size);
+ if ((void *)NULL == object->handle->dbt.data) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ (void)memcpy(object->handle->dbt.data, node->dbt->dbt.data, node->dbt->dbt.size);
+
+ rv = nss_dbm_mdObject_factory(object, pError);
+ if ((NSSCKMDObject *)NULL == rv) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ return rv;
+}
+
+NSS_IMPLEMENT NSSCKMDFindObjects *
+nss_dbm_mdFindObjects_factory(
+ nss_dbm_find_t *find,
+ CK_RV *pError)
+{
+ NSSCKMDFindObjects *rv;
+
+ rv = nss_ZNEW(find->arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ rv->etc = (void *)find;
+ rv->Final = nss_dbm_mdFindObjects_Final;
+ rv->Next = nss_dbm_mdFindObjects_Next;
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/dbm/instance.c b/security/nss/lib/ckfw/dbm/instance.c
new file mode 100644
index 000000000..fbb11722d
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/instance.c
@@ -0,0 +1,147 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+static CK_RV
+nss_dbm_mdInstance_Initialize(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSUTF8 *configurationData)
+{
+ CK_RV rv = CKR_OK;
+ NSSArena *arena;
+ nss_dbm_instance_t *instance;
+
+ arena = NSSCKFWInstance_GetArena(fwInstance, &rv);
+ if (((NSSArena *)NULL == arena) && (CKR_OK != rv)) {
+ return rv;
+ }
+
+ instance = nss_ZNEW(arena, nss_dbm_instance_t);
+ if ((nss_dbm_instance_t *)NULL == instance) {
+ return CKR_HOST_MEMORY;
+ }
+
+ instance->arena = arena;
+
+ /*
+ * This should parse the configuration data for information on
+ * number and locations of databases, modes (e.g. readonly), etc.
+ * But for now, we'll have one slot with a creatable read-write
+ * database called "cert8.db."
+ */
+
+ instance->nSlots = 1;
+ instance->filenames = nss_ZNEWARRAY(arena, char *, instance->nSlots);
+ if ((char **)NULL == instance->filenames) {
+ return CKR_HOST_MEMORY;
+ }
+
+ instance->flags = nss_ZNEWARRAY(arena, int, instance->nSlots);
+ if ((int *)NULL == instance->flags) {
+ return CKR_HOST_MEMORY;
+ }
+
+ instance->filenames[0] = "cert8.db";
+ instance->flags[0] = O_RDWR | O_CREAT;
+
+ mdInstance->etc = (void *)instance;
+ return CKR_OK;
+}
+
+/* nss_dbm_mdInstance_Finalize is not required */
+
+static CK_ULONG
+nss_dbm_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ return instance->nSlots;
+}
+
+static CK_VERSION
+nss_dbm_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ static CK_VERSION rv = { 2, 1 };
+ return rv;
+}
+
+static NSSUTF8 *
+nss_dbm_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return "Mozilla Foundation";
+}
+
+static NSSUTF8 *
+nss_dbm_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return "Berkeley Database Module";
+}
+
+static CK_VERSION
+nss_dbm_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ static CK_VERSION rv = { 1, 0 }; /* My own version number */
+ return rv;
+}
+
+static CK_BBOOL
+nss_dbm_mdInstance_ModuleHandlesSessionObjects(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_RV
+nss_dbm_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
+{
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ CK_ULONG i;
+ CK_RV rv = CKR_OK;
+
+ for (i = 0; i < instance->nSlots; i++) {
+ slots[i] = nss_dbm_mdSlot_factory(instance, instance->filenames[i],
+ instance->flags[i], &rv);
+ if ((NSSCKMDSlot *)NULL == slots[i]) {
+ return rv;
+ }
+ }
+
+ return rv;
+}
+
+/* nss_dbm_mdInstance_WaitForSlotEvent is not relevant */
+
+NSS_IMPLEMENT_DATA NSSCKMDInstance
+ nss_dbm_mdInstance = {
+ NULL, /* etc; filled in later */
+ nss_dbm_mdInstance_Initialize,
+ NULL, /* nss_dbm_mdInstance_Finalize */
+ nss_dbm_mdInstance_GetNSlots,
+ nss_dbm_mdInstance_GetCryptokiVersion,
+ nss_dbm_mdInstance_GetManufacturerID,
+ nss_dbm_mdInstance_GetLibraryDescription,
+ nss_dbm_mdInstance_GetLibraryVersion,
+ nss_dbm_mdInstance_ModuleHandlesSessionObjects,
+ nss_dbm_mdInstance_GetSlots,
+ NULL, /* nss_dbm_mdInstance_WaitForSlotEvent */
+ NULL /* terminator */
+ };
diff --git a/security/nss/lib/ckfw/dbm/manifest.mn b/security/nss/lib/ckfw/dbm/manifest.mn
new file mode 100644
index 000000000..1f87f4353
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/manifest.mn
@@ -0,0 +1,25 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../../../..
+
+MODULE = nss
+
+CSRCS = \
+ anchor.c \
+ instance.c \
+ slot.c \
+ token.c \
+ session.c \
+ object.c \
+ find.c \
+ db.c \
+ $(NULL)
+
+REQUIRES = dbm nspr
+
+LIBRARY_NAME = nssckdbm
+
+EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -ldbm -lnspr4 -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/dbm/object.c b/security/nss/lib/ckfw/dbm/object.c
new file mode 100644
index 000000000..4f6e4d409
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/object.c
@@ -0,0 +1,155 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+static void
+nss_dbm_mdObject_Finalize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ ;
+}
+
+static CK_RV
+nss_dbm_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ return nss_dbm_db_delete_object(object->handle);
+}
+
+static CK_ULONG
+nss_dbm_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute_count(object->handle, pError,
+ &session->deviceError);
+}
+
+static CK_RV
+nss_dbm_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute_types(object->handle, typeArray,
+ ulCount, &session->deviceError);
+}
+
+static CK_ULONG
+nss_dbm_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute_size(object->handle, attribute, pError,
+ &session->deviceError);
+}
+
+static NSSItem *
+nss_dbm_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_get_object_attribute(object->handle, object->arena, attribute,
+ pError, &session->deviceError);
+}
+
+static CK_RV
+nss_dbm_mdObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
+{
+ nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return nss_dbm_db_set_object_attribute(object->handle, attribute, value,
+ &session->deviceError);
+}
+
+NSS_IMPLEMENT NSSCKMDObject *
+nss_dbm_mdObject_factory(
+ nss_dbm_object_t *object,
+ CK_RV *pError)
+{
+ NSSCKMDObject *rv;
+
+ rv = nss_ZNEW(object->arena, NSSCKMDObject);
+ if ((NSSCKMDObject *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ rv->etc = (void *)object;
+ rv->Finalize = nss_dbm_mdObject_Finalize;
+ rv->Destroy = nss_dbm_mdObject_Destroy;
+ /* IsTokenObject can be deferred */
+ rv->GetAttributeCount = nss_dbm_mdObject_GetAttributeCount;
+ rv->GetAttributeTypes = nss_dbm_mdObject_GetAttributeTypes;
+ rv->GetAttributeSize = nss_dbm_mdObject_GetAttributeSize;
+ rv->GetAttribute = nss_dbm_mdObject_GetAttribute;
+ rv->SetAttribute = nss_dbm_mdObject_SetAttribute;
+ /* GetObjectSize can be deferred */
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/dbm/session.c b/security/nss/lib/ckfw/dbm/session.c
new file mode 100644
index 000000000..a1c2ee5fa
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/session.c
@@ -0,0 +1,255 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+static void
+nss_dbm_mdSession_Close(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+
+ struct nss_dbm_dbt_node *w;
+
+ /* Lock */
+ {
+ if (CKR_OK != NSSCKFWMutex_Lock(session->list_lock)) {
+ return;
+ }
+
+ w = session->session_objects;
+ session->session_objects = (struct nss_dbm_dbt_node *)NULL; /* sanity */
+
+ (void)NSSCKFWMutex_Unlock(session->list_lock);
+ }
+
+ for (; (struct nss_dbm_dbt_node *)NULL != w; w = w->next) {
+ (void)nss_dbm_db_delete_object(w->dbt);
+ }
+}
+
+static CK_ULONG
+nss_dbm_mdSession_GetDeviceError(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ return session->deviceError;
+}
+
+/* Login isn't needed */
+/* Logout isn't needed */
+/* InitPIN is irrelevant */
+/* SetPIN is irrelevant */
+/* GetOperationStateLen is irrelevant */
+/* GetOperationState is irrelevant */
+/* SetOperationState is irrelevant */
+
+static NSSCKMDObject *
+nss_dbm_mdSession_CreateObject(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *handyArenaPointer,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ CK_ULONG i;
+ CK_BBOOL isToken = CK_FALSE; /* defaults to false */
+ NSSCKMDObject *rv;
+ struct nss_dbm_dbt_node *node = (struct nss_dbm_dbt_node *)NULL;
+ nss_dbm_object_t *object;
+ nss_dbm_db_t *which_db;
+
+ /* This framework should really pass this to me */
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ isToken = *(CK_BBOOL *)pTemplate[i].pValue;
+ break;
+ }
+ }
+
+ object = nss_ZNEW(handyArenaPointer, nss_dbm_object_t);
+ if ((nss_dbm_object_t *)NULL == object) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ object->arena = handyArenaPointer;
+ which_db = isToken ? token->slot->token_db : token->session_db;
+
+ /* Do this before the actual database call; it's easier to recover from */
+ rv = nss_dbm_mdObject_factory(object, pError);
+ if ((NSSCKMDObject *)NULL == rv) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ if (CK_FALSE == isToken) {
+ node = nss_ZNEW(session->arena, struct nss_dbm_dbt_node);
+ if ((struct nss_dbm_dbt_node *)NULL == node) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDObject *)NULL;
+ }
+ }
+
+ object->handle = nss_dbm_db_create_object(handyArenaPointer, which_db,
+ pTemplate, ulAttributeCount,
+ pError, &session->deviceError);
+ if ((nss_dbm_dbt_t *)NULL == object->handle) {
+ return (NSSCKMDObject *)NULL;
+ }
+
+ if (CK_FALSE == isToken) {
+ node->dbt = object->handle;
+ /* Lock */
+ {
+ *pError = NSSCKFWMutex_Lock(session->list_lock);
+ if (CKR_OK != *pError) {
+ (void)nss_dbm_db_delete_object(object->handle);
+ return (NSSCKMDObject *)NULL;
+ }
+
+ node->next = session->session_objects;
+ session->session_objects = node;
+
+ *pError = NSSCKFWMutex_Unlock(session->list_lock);
+ }
+ }
+
+ return rv;
+}
+
+/* CopyObject isn't needed; the framework will use CreateObject */
+
+static NSSCKMDFindObjects *
+nss_dbm_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ NSSArena *arena;
+ nss_dbm_find_t *find;
+ NSSCKMDFindObjects *rv;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ find = nss_ZNEW(arena, nss_dbm_find_t);
+ if ((nss_dbm_find_t *)NULL == find) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ find->arena = arena;
+ find->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if ((NSSCKFWMutex *)NULL == find->list_lock) {
+ goto loser;
+ }
+
+ *pError = nss_dbm_db_find_objects(find, token->slot->token_db, pTemplate,
+ ulAttributeCount, &session->deviceError);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ *pError = nss_dbm_db_find_objects(find, token->session_db, pTemplate,
+ ulAttributeCount, &session->deviceError);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ rv = nss_dbm_mdFindObjects_factory(find, pError);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ goto loser;
+ }
+
+ return rv;
+
+loser:
+ if ((NSSArena *)NULL != arena) {
+ (void)NSSArena_Destroy(arena);
+ }
+
+ return (NSSCKMDFindObjects *)NULL;
+}
+
+/* SeedRandom is irrelevant */
+/* GetRandom is irrelevant */
+
+NSS_IMPLEMENT NSSCKMDSession *
+nss_dbm_mdSession_factory(
+ nss_dbm_token_t *token,
+ NSSCKFWSession *fwSession,
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL rw,
+ CK_RV *pError)
+{
+ NSSArena *arena;
+ nss_dbm_session_t *session;
+ NSSCKMDSession *rv;
+
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+
+ session = nss_ZNEW(arena, nss_dbm_session_t);
+ if ((nss_dbm_session_t *)NULL == session) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ session->arena = arena;
+ session->token = token;
+ session->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if ((NSSCKFWMutex *)NULL == session->list_lock) {
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv->etc = (void *)session;
+ rv->Close = nss_dbm_mdSession_Close;
+ rv->GetDeviceError = nss_dbm_mdSession_GetDeviceError;
+ /* Login isn't needed */
+ /* Logout isn't needed */
+ /* InitPIN is irrelevant */
+ /* SetPIN is irrelevant */
+ /* GetOperationStateLen is irrelevant */
+ /* GetOperationState is irrelevant */
+ /* SetOperationState is irrelevant */
+ rv->CreateObject = nss_dbm_mdSession_CreateObject;
+ /* CopyObject isn't needed; the framework will use CreateObject */
+ rv->FindObjectsInit = nss_dbm_mdSession_FindObjectsInit;
+ rv->null = NULL;
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/dbm/slot.c b/security/nss/lib/ckfw/dbm/slot.c
new file mode 100644
index 000000000..06824d59e
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/slot.c
@@ -0,0 +1,165 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+static CK_RV
+nss_dbm_mdSlot_Initialize(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ CK_RV rv = CKR_OK;
+
+ slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, slot->filename,
+ slot->flags, &rv);
+ if ((nss_dbm_db_t *)NULL == slot->token_db) {
+ if (CKR_TOKEN_NOT_PRESENT == rv) {
+ /* This is not an error-- just means "the token isn't there" */
+ rv = CKR_OK;
+ }
+ }
+
+ return rv;
+}
+
+static void
+nss_dbm_mdSlot_Destroy(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+
+ if ((nss_dbm_db_t *)NULL != slot->token_db) {
+ nss_dbm_db_close(slot->token_db);
+ slot->token_db = (nss_dbm_db_t *)NULL;
+ }
+}
+
+static NSSUTF8 *
+nss_dbm_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return "Database";
+}
+
+static NSSUTF8 *
+nss_dbm_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return "Berkeley";
+}
+
+static CK_BBOOL
+nss_dbm_mdSlot_GetTokenPresent(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+
+ if ((nss_dbm_db_t *)NULL == slot->token_db) {
+ return CK_FALSE;
+ } else {
+ return CK_TRUE;
+ }
+}
+
+static CK_BBOOL
+nss_dbm_mdSlot_GetRemovableDevice(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ /*
+ * Well, this supports "tokens" (databases) that aren't there, so in
+ * that sense they're removable. It'd be nice to handle databases
+ * that suddenly disappear (NFS-mounted home directories and network
+ * errors, for instance) but that's a harder problem. We'll say
+ * we support removable devices, badly.
+ */
+
+ return CK_TRUE;
+}
+
+/* nss_dbm_mdSlot_GetHardwareSlot defaults to CK_FALSE */
+/*
+ * nss_dbm_mdSlot_GetHardwareVersion
+ * nss_dbm_mdSlot_GetFirmwareVersion
+ *
+ * These are kinda fuzzy concepts here. I suppose we could return the
+ * Berkeley DB version for one of them, if we had an actual number we
+ * were confident in. But mcom's "dbm" has been hacked enough that I
+ * don't really know from what "real" version it stems..
+ */
+
+static NSSCKMDToken *
+nss_dbm_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
+ return nss_dbm_mdToken_factory(slot, pError);
+}
+
+NSS_IMPLEMENT NSSCKMDSlot *
+nss_dbm_mdSlot_factory(
+ nss_dbm_instance_t *instance,
+ char *filename,
+ int flags,
+ CK_RV *pError)
+{
+ nss_dbm_slot_t *slot;
+ NSSCKMDSlot *rv;
+
+ slot = nss_ZNEW(instance->arena, nss_dbm_slot_t);
+ if ((nss_dbm_slot_t *)NULL == slot) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSlot *)NULL;
+ }
+
+ slot->instance = instance;
+ slot->filename = filename;
+ slot->flags = flags;
+ slot->token_db = (nss_dbm_db_t *)NULL;
+
+ rv = nss_ZNEW(instance->arena, NSSCKMDSlot);
+ if ((NSSCKMDSlot *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSlot *)NULL;
+ }
+
+ rv->etc = (void *)slot;
+ rv->Initialize = nss_dbm_mdSlot_Initialize;
+ rv->Destroy = nss_dbm_mdSlot_Destroy;
+ rv->GetSlotDescription = nss_dbm_mdSlot_GetSlotDescription;
+ rv->GetManufacturerID = nss_dbm_mdSlot_GetManufacturerID;
+ rv->GetTokenPresent = nss_dbm_mdSlot_GetTokenPresent;
+ rv->GetRemovableDevice = nss_dbm_mdSlot_GetRemovableDevice;
+ /* GetHardwareSlot */
+ /* GetHardwareVersion */
+ /* GetFirmwareVersion */
+ rv->GetToken = nss_dbm_mdSlot_GetToken;
+ rv->null = (void *)NULL;
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/dbm/token.c b/security/nss/lib/ckfw/dbm/token.c
new file mode 100644
index 000000000..6873bf0ec
--- /dev/null
+++ b/security/nss/lib/ckfw/dbm/token.c
@@ -0,0 +1,260 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckdbm.h"
+
+static CK_RV
+nss_dbm_mdToken_Setup(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ CK_RV rv = CKR_OK;
+
+ token->arena = NSSCKFWToken_GetArena(fwToken, &rv);
+ token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
+ O_RDWR | O_CREAT, &rv);
+ if ((nss_dbm_db_t *)NULL == token->session_db) {
+ return rv;
+ }
+
+ /* Add a label record if there isn't one? */
+
+ return CKR_OK;
+}
+
+static void
+nss_dbm_mdToken_Invalidate(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+
+ if ((nss_dbm_db_t *)NULL != token->session_db) {
+ nss_dbm_db_close(token->session_db);
+ token->session_db = (nss_dbm_db_t *)NULL;
+ }
+}
+
+static CK_RV
+nss_dbm_mdToken_InitToken(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *pin,
+ NSSUTF8 *label)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
+ CK_RV rv;
+
+ /* Wipe the session object data */
+
+ if ((nss_dbm_db_t *)NULL != token->session_db) {
+ nss_dbm_db_close(token->session_db);
+ }
+
+ token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
+ O_RDWR | O_CREAT, &rv);
+ if ((nss_dbm_db_t *)NULL == token->session_db) {
+ return rv;
+ }
+
+ /* Wipe the token object data */
+
+ if (token->slot->flags & O_RDWR) {
+ if ((nss_dbm_db_t *)NULL != token->slot->token_db) {
+ nss_dbm_db_close(token->slot->token_db);
+ }
+
+ token->slot->token_db = nss_dbm_db_open(instance->arena, fwInstance,
+ token->slot->filename,
+ token->slot->flags | O_CREAT | O_TRUNC,
+ &rv);
+ if ((nss_dbm_db_t *)NULL == token->slot->token_db) {
+ return rv;
+ }
+
+ /* PIN is irrelevant */
+
+ rv = nss_dbm_db_set_label(token->slot->token_db, label);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+ }
+
+ return CKR_OK;
+}
+
+static NSSUTF8 *
+nss_dbm_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+
+ if ((NSSUTF8 *)NULL == token->label) {
+ token->label = nss_dbm_db_get_label(token->slot->token_db, token->arena, pError);
+ }
+
+ /* If no label has been set, return *something* */
+ if ((NSSUTF8 *)NULL == token->label) {
+ return token->slot->filename;
+ }
+
+ return token->label;
+}
+
+static NSSUTF8 *
+nss_dbm_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return "mozilla.org NSS";
+}
+
+static NSSUTF8 *
+nss_dbm_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return "dbm";
+}
+
+/* GetSerialNumber is irrelevant */
+/* GetHasRNG defaults to CK_FALSE */
+
+static CK_BBOOL
+nss_dbm_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+
+ if (token->slot->flags & O_RDWR) {
+ return CK_FALSE;
+ } else {
+ return CK_TRUE;
+ }
+}
+
+/* GetLoginRequired defaults to CK_FALSE */
+/* GetUserPinInitialized defaults to CK_FALSE */
+/* GetRestoreKeyNotNeeded is irrelevant */
+/* GetHasClockOnToken defaults to CK_FALSE */
+/* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
+/* GetSupportsDualCryptoOperations is irrelevant */
+
+static CK_ULONG
+nss_dbm_mdToken_effectively_infinite(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_EFFECTIVELY_INFINITE;
+}
+
+static CK_VERSION
+nss_dbm_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ return nss_dbm_db_get_format_version(token->slot->token_db);
+}
+
+/* GetFirmwareVersion is irrelevant */
+/* GetUTCTime is irrelevant */
+
+static NSSCKMDSession *
+nss_dbm_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
+{
+ nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
+ return nss_dbm_mdSession_factory(token, fwSession, fwInstance, rw, pError);
+}
+
+/* GetMechanismCount defaults to zero */
+/* GetMechanismTypes is irrelevant */
+/* GetMechanism is irrelevant */
+
+NSS_IMPLEMENT NSSCKMDToken *
+nss_dbm_mdToken_factory(
+ nss_dbm_slot_t *slot,
+ CK_RV *pError)
+{
+ nss_dbm_token_t *token;
+ NSSCKMDToken *rv;
+
+ token = nss_ZNEW(slot->instance->arena, nss_dbm_token_t);
+ if ((nss_dbm_token_t *)NULL == token) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDToken *)NULL;
+ }
+
+ rv = nss_ZNEW(slot->instance->arena, NSSCKMDToken);
+ if ((NSSCKMDToken *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDToken *)NULL;
+ }
+
+ token->slot = slot;
+
+ rv->etc = (void *)token;
+ rv->Setup = nss_dbm_mdToken_Setup;
+ rv->Invalidate = nss_dbm_mdToken_Invalidate;
+ rv->InitToken = nss_dbm_mdToken_InitToken;
+ rv->GetLabel = nss_dbm_mdToken_GetLabel;
+ rv->GetManufacturerID = nss_dbm_mdToken_GetManufacturerID;
+ rv->GetModel = nss_dbm_mdToken_GetModel;
+ /* GetSerialNumber is irrelevant */
+ /* GetHasRNG defaults to CK_FALSE */
+ rv->GetIsWriteProtected = nss_dbm_mdToken_GetIsWriteProtected;
+ /* GetLoginRequired defaults to CK_FALSE */
+ /* GetUserPinInitialized defaults to CK_FALSE */
+ /* GetRestoreKeyNotNeeded is irrelevant */
+ /* GetHasClockOnToken defaults to CK_FALSE */
+ /* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
+ /* GetSupportsDualCryptoOperations is irrelevant */
+ rv->GetMaxSessionCount = nss_dbm_mdToken_effectively_infinite;
+ rv->GetMaxRwSessionCount = nss_dbm_mdToken_effectively_infinite;
+ /* GetMaxPinLen is irrelevant */
+ /* GetMinPinLen is irrelevant */
+ /* GetTotalPublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ /* GetFreePublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ /* GetTotalPrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ /* GetFreePrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
+ rv->GetHardwareVersion = nss_dbm_mdToken_GetHardwareVersion;
+ /* GetFirmwareVersion is irrelevant */
+ /* GetUTCTime is irrelevant */
+ rv->OpenSession = nss_dbm_mdToken_OpenSession;
+ rv->null = NULL;
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/exports.gyp b/security/nss/lib/ckfw/exports.gyp
new file mode 100644
index 000000000..b986fd807
--- /dev/null
+++ b/security/nss/lib/ckfw/exports.gyp
@@ -0,0 +1,44 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_ckfw_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'nssck.api',
+ 'nssckepv.h',
+ 'nssckft.h',
+ 'nssckfw.h',
+ 'nssckfwc.h',
+ 'nssckfwt.h',
+ 'nssckg.h',
+ 'nssckmdt.h',
+ 'nssckt.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'ck.h',
+ 'ckfw.h',
+ 'ckfwm.h',
+ 'ckfwtm.h',
+ 'ckmd.h',
+ 'ckt.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/ckfw/find.c b/security/nss/lib/ckfw/find.c
new file mode 100644
index 000000000..55732e626
--- /dev/null
+++ b/security/nss/lib/ckfw/find.c
@@ -0,0 +1,362 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * find.c
+ *
+ * This file implements the nssCKFWFindObjects type and methods.
+ */
+
+#ifndef CK_H
+#include "ck.h"
+#endif /* CK_H */
+
+/*
+ * NSSCKFWFindObjects
+ *
+ * -- create/destroy --
+ * nssCKFWFindObjects_Create
+ * nssCKFWFindObjects_Destroy
+ *
+ * -- public accessors --
+ * NSSCKFWFindObjects_GetMDFindObjects
+ *
+ * -- implement public accessors --
+ * nssCKFWFindObjects_GetMDFindObjects
+ *
+ * -- private accessors --
+ *
+ * -- module fronts --
+ * nssCKFWFindObjects_Next
+ */
+
+struct NSSCKFWFindObjectsStr {
+ NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
+ NSSCKMDFindObjects *mdfo1;
+ NSSCKMDFindObjects *mdfo2;
+ NSSCKFWSession *fwSession;
+ NSSCKMDSession *mdSession;
+ NSSCKFWToken *fwToken;
+ NSSCKMDToken *mdToken;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+
+ NSSCKMDFindObjects *mdFindObjects; /* varies */
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do these routines as no-ops.
+ */
+
+static CK_RV
+findObjects_add_pointer(
+ const NSSCKFWFindObjects *fwFindObjects)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+findObjects_remove_pointer(
+ const NSSCKFWFindObjects *fwFindObjects)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWFindObjects_verifyPointer(
+ const NSSCKFWFindObjects *fwFindObjects)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWFindObjects_Create
+ *
+ */
+NSS_EXTERN NSSCKFWFindObjects *
+nssCKFWFindObjects_Create(
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDFindObjects *mdFindObjects1,
+ NSSCKMDFindObjects *mdFindObjects2,
+ CK_RV *pError)
+{
+ NSSCKFWFindObjects *fwFindObjects = NULL;
+ NSSCKMDSession *mdSession;
+ NSSCKMDToken *mdToken;
+ NSSCKMDInstance *mdInstance;
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdToken = nssCKFWToken_GetMDToken(fwToken);
+ mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
+
+ fwFindObjects = nss_ZNEW(NULL, NSSCKFWFindObjects);
+ if (!fwFindObjects) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fwFindObjects->mdfo1 = mdFindObjects1;
+ fwFindObjects->mdfo2 = mdFindObjects2;
+ fwFindObjects->fwSession = fwSession;
+ fwFindObjects->mdSession = mdSession;
+ fwFindObjects->fwToken = fwToken;
+ fwFindObjects->mdToken = mdToken;
+ fwFindObjects->fwInstance = fwInstance;
+ fwFindObjects->mdInstance = mdInstance;
+
+ fwFindObjects->mutex = nssCKFWInstance_CreateMutex(fwInstance, NULL, pError);
+ if (!fwFindObjects->mutex) {
+ goto loser;
+ }
+
+#ifdef DEBUG
+ *pError = findObjects_add_pointer(fwFindObjects);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+#endif /* DEBUG */
+
+ return fwFindObjects;
+
+loser:
+ if (fwFindObjects) {
+ if (NULL != mdFindObjects1) {
+ if (NULL != mdFindObjects1->Final) {
+ fwFindObjects->mdFindObjects = mdFindObjects1;
+ mdFindObjects1->Final(mdFindObjects1, fwFindObjects, mdSession,
+ fwSession, mdToken, fwToken, mdInstance, fwInstance);
+ }
+ }
+
+ if (NULL != mdFindObjects2) {
+ if (NULL != mdFindObjects2->Final) {
+ fwFindObjects->mdFindObjects = mdFindObjects2;
+ mdFindObjects2->Final(mdFindObjects2, fwFindObjects, mdSession,
+ fwSession, mdToken, fwToken, mdInstance, fwInstance);
+ }
+ }
+
+ nss_ZFreeIf(fwFindObjects);
+ }
+
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+
+ return (NSSCKFWFindObjects *)NULL;
+}
+
+/*
+ * nssCKFWFindObjects_Destroy
+ *
+ */
+NSS_EXTERN void
+nssCKFWFindObjects_Destroy(
+ NSSCKFWFindObjects *fwFindObjects)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ (void)nssCKFWMutex_Destroy(fwFindObjects->mutex);
+
+ if (fwFindObjects->mdfo1) {
+ if (fwFindObjects->mdfo1->Final) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
+ fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ }
+ }
+
+ if (fwFindObjects->mdfo2) {
+ if (fwFindObjects->mdfo2->Final) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
+ fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ }
+ }
+
+ nss_ZFreeIf(fwFindObjects);
+
+#ifdef DEBUG
+ (void)findObjects_remove_pointer(fwFindObjects);
+#endif /* DEBUG */
+
+ return;
+}
+
+/*
+ * nssCKFWFindObjects_GetMDFindObjects
+ *
+ */
+NSS_EXTERN NSSCKMDFindObjects *
+nssCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *fwFindObjects)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects)) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwFindObjects->mdFindObjects;
+}
+
+/*
+ * nssCKFWFindObjects_Next
+ *
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWFindObjects_Next(
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSArena *arenaOpt,
+ CK_RV *pError)
+{
+ NSSCKMDObject *mdObject;
+ NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
+ NSSArena *objArena;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (fwFindObjects->mdfo1) {
+ if (fwFindObjects->mdfo1->Next) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
+ mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
+ fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance,
+ arenaOpt, pError);
+ if (!mdObject) {
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ /* All done. */
+ fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
+ } else {
+ goto wrap;
+ }
+ }
+ }
+
+ if (fwFindObjects->mdfo2) {
+ if (fwFindObjects->mdfo2->Next) {
+ fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
+ mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
+ fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance,
+ arenaOpt, pError);
+ if (!mdObject) {
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ /* All done. */
+ fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
+ fwFindObjects->mdSession, fwFindObjects->fwSession,
+ fwFindObjects->mdToken, fwFindObjects->fwToken,
+ fwFindObjects->mdInstance, fwFindObjects->fwInstance);
+ fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
+ } else {
+ goto wrap;
+ }
+ }
+ }
+
+ /* No more objects */
+ *pError = CKR_OK;
+ goto done;
+
+wrap:
+ /*
+ * This seems is less than ideal-- we should determine if it's a token
+ * object or a session object, and use the appropriate arena.
+ * But that duplicates logic in nssCKFWObject_IsTokenObject.
+ * Also we should lookup the real session the object was created on
+ * if the object was a session object... however this code is actually
+ * correct because nssCKFWObject_Create will return a cached version of
+ * the object from it's hash. This is necessary because 1) we don't want
+ * to create an arena style leak (where our arena grows with every search),
+ * and 2) we want the same object to always have the same ID. This means
+ * the only case the nssCKFWObject_Create() will need the objArena and the
+ * Session is in the case of token objects (session objects should already
+ * exist in the cache from their initial creation). So this code is correct,
+ * but it depends on nssCKFWObject_Create caching all objects.
+ */
+ objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
+ if (!objArena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ goto done;
+ }
+
+ fwObject = nssCKFWObject_Create(objArena, mdObject,
+ NULL, fwFindObjects->fwToken,
+ fwFindObjects->fwInstance, pError);
+ if (!fwObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
+ return fwObject;
+}
+
+/*
+ * NSSCKFWFindObjects_GetMDFindObjects
+ *
+ */
+
+NSS_EXTERN NSSCKMDFindObjects *
+NSSCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *fwFindObjects)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects)) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWFindObjects_GetMDFindObjects(fwFindObjects);
+}
diff --git a/security/nss/lib/ckfw/hash.c b/security/nss/lib/ckfw/hash.c
new file mode 100644
index 000000000..50de4ce14
--- /dev/null
+++ b/security/nss/lib/ckfw/hash.c
@@ -0,0 +1,280 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * hash.c
+ *
+ * This is merely a couple wrappers around NSPR's PLHashTable, using
+ * the identity hash and arena-aware allocators. The reason I did
+ * this is that hash tables are used in a few places throughout the
+ * NSS Cryptoki Framework in a fairly stereotyped way, and this allows
+ * me to pull the commonalities into one place. Should we ever want
+ * to change the implementation, it's all right here.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * nssCKFWHash
+ *
+ * nssCKFWHash_Create
+ * nssCKFWHash_Destroy
+ * nssCKFWHash_Add
+ * nssCKFWHash_Remove
+ * nssCKFWHash_Count
+ * nssCKFWHash_Exists
+ * nssCKFWHash_Lookup
+ * nssCKFWHash_Iterate
+ */
+
+struct nssCKFWHashStr {
+ NSSCKFWMutex *mutex;
+
+ /*
+ * The invariant that mutex protects is:
+ * The count accurately reflects the hashtable state.
+ */
+
+ PLHashTable *plHashTable;
+ CK_ULONG count;
+};
+
+static PLHashNumber
+nss_ckfw_identity_hash(
+ const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+/*
+ * nssCKFWHash_Create
+ *
+ */
+NSS_IMPLEMENT nssCKFWHash *
+nssCKFWHash_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ nssCKFWHash *rv;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (nssCKFWHash *)NULL;
+ }
+
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (nssCKFWHash *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ rv = nss_ZNEW(arena, nssCKFWHash);
+ if (!rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (nssCKFWHash *)NULL;
+ }
+
+ rv->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if (!rv->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ (void)nss_ZFreeIf(rv);
+ return (nssCKFWHash *)NULL;
+ }
+
+ rv->plHashTable = PL_NewHashTable(0, nss_ckfw_identity_hash,
+ PL_CompareValues, PL_CompareValues, &nssArenaHashAllocOps, arena);
+ if (!rv->plHashTable) {
+ (void)nssCKFWMutex_Destroy(rv->mutex);
+ (void)nss_ZFreeIf(rv);
+ *pError = CKR_HOST_MEMORY;
+ return (nssCKFWHash *)NULL;
+ }
+
+ rv->count = 0;
+
+ return rv;
+}
+
+/*
+ * nssCKFWHash_Destroy
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWHash_Destroy(
+ nssCKFWHash *hash)
+{
+ (void)nssCKFWMutex_Destroy(hash->mutex);
+ PL_HashTableDestroy(hash->plHashTable);
+ (void)nss_ZFreeIf(hash);
+}
+
+/*
+ * nssCKFWHash_Add
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWHash_Add(
+ nssCKFWHash *hash,
+ const void *key,
+ const void *value)
+{
+ CK_RV error = CKR_OK;
+ PLHashEntry *he;
+
+ error = nssCKFWMutex_Lock(hash->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
+ if (!he) {
+ error = CKR_HOST_MEMORY;
+ } else {
+ hash->count++;
+ }
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+
+ return error;
+}
+
+/*
+ * nssCKFWHash_Remove
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWHash_Remove(
+ nssCKFWHash *hash,
+ const void *it)
+{
+ PRBool found;
+
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return;
+ }
+
+ found = PL_HashTableRemove(hash->plHashTable, it);
+ if (found) {
+ hash->count--;
+ }
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+ return;
+}
+
+/*
+ * nssCKFWHash_Count
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWHash_Count(
+ nssCKFWHash *hash)
+{
+ CK_ULONG count;
+
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return (CK_ULONG)0;
+ }
+
+ count = hash->count;
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+
+ return count;
+}
+
+/*
+ * nssCKFWHash_Exists
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWHash_Exists(
+ nssCKFWHash *hash,
+ const void *it)
+{
+ void *value;
+
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return CK_FALSE;
+ }
+
+ value = PL_HashTableLookup(hash->plHashTable, it);
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+
+ if (!value) {
+ return CK_FALSE;
+ } else {
+ return CK_TRUE;
+ }
+}
+
+/*
+ * nssCKFWHash_Lookup
+ *
+ */
+NSS_IMPLEMENT void *
+nssCKFWHash_Lookup(
+ nssCKFWHash *hash,
+ const void *it)
+{
+ void *rv;
+
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return (void *)NULL;
+ }
+
+ rv = PL_HashTableLookup(hash->plHashTable, it);
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+
+ return rv;
+}
+
+struct arg_str {
+ nssCKFWHashIterator fcn;
+ void *closure;
+};
+
+static PRIntn
+nss_ckfwhash_enumerator(
+ PLHashEntry *he,
+ PRIntn index,
+ void *arg)
+{
+ struct arg_str *as = (struct arg_str *)arg;
+ as->fcn(he->key, he->value, as->closure);
+ return HT_ENUMERATE_NEXT;
+}
+
+/*
+ * nssCKFWHash_Iterate
+ *
+ * NOTE that the iteration function will be called with the hashtable locked.
+ */
+NSS_IMPLEMENT void
+nssCKFWHash_Iterate(
+ nssCKFWHash *hash,
+ nssCKFWHashIterator fcn,
+ void *closure)
+{
+ struct arg_str as;
+ as.fcn = fcn;
+ as.closure = closure;
+
+ if (CKR_OK != nssCKFWMutex_Lock(hash->mutex)) {
+ return;
+ }
+
+ PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
+
+ (void)nssCKFWMutex_Unlock(hash->mutex);
+
+ return;
+}
diff --git a/security/nss/lib/ckfw/instance.c b/security/nss/lib/ckfw/instance.c
new file mode 100644
index 000000000..cee56c97c
--- /dev/null
+++ b/security/nss/lib/ckfw/instance.c
@@ -0,0 +1,1294 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * instance.c
+ *
+ * This file implements the NSSCKFWInstance type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWInstance
+ *
+ * -- create/destroy --
+ * nssCKFWInstance_Create
+ * nssCKFWInstance_Destroy
+ *
+ * -- public accessors --
+ * NSSCKFWInstance_GetMDInstance
+ * NSSCKFWInstance_GetArena
+ * NSSCKFWInstance_MayCreatePthreads
+ * NSSCKFWInstance_CreateMutex
+ * NSSCKFWInstance_GetConfigurationData
+ * NSSCKFWInstance_GetInitArgs
+ * NSSCKFWInstance_DestroySessionHandle
+ * NSSCKFWInstance_FindSessionHandle
+ *
+ * -- implement public accessors --
+ * nssCKFWInstance_GetMDInstance
+ * nssCKFWInstance_GetArena
+ * nssCKFWInstance_MayCreatePthreads
+ * nssCKFWInstance_CreateMutex
+ * nssCKFWInstance_GetConfigurationData
+ * nssCKFWInstance_GetInitArgs
+ * nssCKFWInstance_DestroySessionHandle
+ * nssCKFWInstance_FindSessionHandle
+ *
+ * -- private accessors --
+ * nssCKFWInstance_CreateSessionHandle
+ * nssCKFWInstance_ResolveSessionHandle
+ * nssCKFWInstance_CreateObjectHandle
+ * nssCKFWInstance_ResolveObjectHandle
+ * nssCKFWInstance_DestroyObjectHandle
+ *
+ * -- module fronts --
+ * nssCKFWInstance_GetNSlots
+ * nssCKFWInstance_GetCryptokiVersion
+ * nssCKFWInstance_GetManufacturerID
+ * nssCKFWInstance_GetFlags
+ * nssCKFWInstance_GetLibraryDescription
+ * nssCKFWInstance_GetLibraryVersion
+ * nssCKFWInstance_GetModuleHandlesSessionObjects
+ * nssCKFWInstance_GetSlots
+ * nssCKFWInstance_WaitForSlotEvent
+ *
+ * -- debugging versions only --
+ * nssCKFWInstance_verifyPointer
+ */
+
+struct NSSCKFWInstanceStr {
+ NSSCKFWMutex *mutex;
+ NSSArena *arena;
+ NSSCKMDInstance *mdInstance;
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs;
+ CK_C_INITIALIZE_ARGS initArgs;
+ CryptokiLockingState LockingState;
+ CK_BBOOL mayCreatePthreads;
+ NSSUTF8 *configurationData;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **fwSlotList;
+ NSSCKMDSlot **mdSlotList;
+ CK_BBOOL moduleHandlesSessionObjects;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The invariants the mutex protects are:
+ *
+ * 1) Each of the cached descriptions (versions, etc.) are in an
+ * internally consistant state.
+ *
+ * 2) The session handle hashes and count are consistant
+ *
+ * 3) The object handle hashes and count are consistant.
+ *
+ * I could use multiple locks, but let's wait to see if that's
+ * really necessary.
+ *
+ * Note that the calls accessing the cached descriptions will
+ * call the NSSCKMDInstance methods with the mutex locked. Those
+ * methods may then call the public NSSCKFWInstance routines.
+ * Those public routines only access the constant data above, so
+ * there's no problem. But be careful if you add to this object;
+ * mutexes are in general not reentrant, so don't create deadlock
+ * situations.
+ */
+
+ CK_VERSION cryptokiVersion;
+ NSSUTF8 *manufacturerID;
+ NSSUTF8 *libraryDescription;
+ CK_VERSION libraryVersion;
+
+ CK_ULONG lastSessionHandle;
+ nssCKFWHash *sessionHandleHash;
+
+ CK_ULONG lastObjectHandle;
+ nssCKFWHash *objectHandleHash;
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+instance_add_pointer(
+ const NSSCKFWInstance *fwInstance)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+instance_remove_pointer(
+ const NSSCKFWInstance *fwInstance)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWInstance_verifyPointer(
+ const NSSCKFWInstance *fwInstance)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWInstance_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKFWInstance *
+nssCKFWInstance_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSCKMDInstance *mdInstance,
+ CK_RV *pError)
+{
+ NSSCKFWInstance *fwInstance;
+ NSSArena *arena = (NSSArena *)NULL;
+ CK_ULONG i;
+ CK_BBOOL called_Initialize = CK_FALSE;
+
+#ifdef NSSDEBUG
+ if ((CK_RV)NULL == pError) {
+ return (NSSCKFWInstance *)NULL;
+ }
+
+ if (!mdInstance) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWInstance *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWInstance *)NULL;
+ }
+
+ fwInstance = nss_ZNEW(arena, NSSCKFWInstance);
+ if (!fwInstance) {
+ goto nomem;
+ }
+
+ fwInstance->arena = arena;
+ fwInstance->mdInstance = mdInstance;
+
+ fwInstance->LockingState = LockingState;
+ if ((CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs) {
+ fwInstance->initArgs = *pInitArgs;
+ fwInstance->pInitArgs = &fwInstance->initArgs;
+ if (pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS) {
+ fwInstance->mayCreatePthreads = CK_FALSE;
+ } else {
+ fwInstance->mayCreatePthreads = CK_TRUE;
+ }
+ fwInstance->configurationData = (NSSUTF8 *)(pInitArgs->pReserved);
+ } else {
+ fwInstance->mayCreatePthreads = CK_TRUE;
+ }
+
+ fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, LockingState, arena,
+ pError);
+ if (!fwInstance->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ if (mdInstance->Initialize) {
+ *pError = mdInstance->Initialize(mdInstance, fwInstance, fwInstance->configurationData);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ called_Initialize = CK_TRUE;
+ }
+
+ if (mdInstance->ModuleHandlesSessionObjects) {
+ fwInstance->moduleHandlesSessionObjects =
+ mdInstance->ModuleHandlesSessionObjects(mdInstance, fwInstance);
+ } else {
+ fwInstance->moduleHandlesSessionObjects = CK_FALSE;
+ }
+
+ if (!mdInstance->GetNSlots) {
+ /* That routine is required */
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ fwInstance->nSlots = mdInstance->GetNSlots(mdInstance, fwInstance, pError);
+ if ((CK_ULONG)0 == fwInstance->nSlots) {
+ if (CKR_OK == *pError) {
+ /* Zero is not a legitimate answer */
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ fwInstance->fwSlotList = nss_ZNEWARRAY(arena, NSSCKFWSlot *, fwInstance->nSlots);
+ if ((NSSCKFWSlot **)NULL == fwInstance->fwSlotList) {
+ goto nomem;
+ }
+
+ fwInstance->mdSlotList = nss_ZNEWARRAY(arena, NSSCKMDSlot *, fwInstance->nSlots);
+ if ((NSSCKMDSlot **)NULL == fwInstance->mdSlotList) {
+ goto nomem;
+ }
+
+ fwInstance->sessionHandleHash = nssCKFWHash_Create(fwInstance,
+ fwInstance->arena, pError);
+ if (!fwInstance->sessionHandleHash) {
+ goto loser;
+ }
+
+ fwInstance->objectHandleHash = nssCKFWHash_Create(fwInstance,
+ fwInstance->arena, pError);
+ if (!fwInstance->objectHandleHash) {
+ goto loser;
+ }
+
+ if (!mdInstance->GetSlots) {
+ /* That routine is required */
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ *pError = mdInstance->GetSlots(mdInstance, fwInstance, fwInstance->mdSlotList);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ for (i = 0; i < fwInstance->nSlots; i++) {
+ NSSCKMDSlot *mdSlot = fwInstance->mdSlotList[i];
+
+ if (!mdSlot) {
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ fwInstance->fwSlotList[i] = nssCKFWSlot_Create(fwInstance, mdSlot, i, pError);
+ if (CKR_OK != *pError) {
+ CK_ULONG j;
+
+ for (j = 0; j < i; j++) {
+ (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[j]);
+ }
+
+ for (j = i; j < fwInstance->nSlots; j++) {
+ NSSCKMDSlot *mds = fwInstance->mdSlotList[j];
+ if (mds->Destroy) {
+ mds->Destroy(mds, (NSSCKFWSlot *)NULL, mdInstance, fwInstance);
+ }
+ }
+
+ goto loser;
+ }
+ }
+
+#ifdef DEBUG
+ *pError = instance_add_pointer(fwInstance);
+ if (CKR_OK != *pError) {
+ for (i = 0; i < fwInstance->nSlots; i++) {
+ (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
+ }
+
+ goto loser;
+ }
+#endif /* DEBUG */
+
+ *pError = CKR_OK;
+ return fwInstance;
+
+nomem:
+ *pError = CKR_HOST_MEMORY;
+/*FALLTHROUGH*/
+loser:
+
+ if (CK_TRUE == called_Initialize) {
+ if (mdInstance->Finalize) {
+ mdInstance->Finalize(mdInstance, fwInstance);
+ }
+ }
+
+ if (fwInstance && fwInstance->mutex) {
+ nssCKFWMutex_Destroy(fwInstance->mutex);
+ }
+
+ if (arena) {
+ (void)NSSArena_Destroy(arena);
+ }
+ return (NSSCKFWInstance *)NULL;
+}
+
+/*
+ * nssCKFWInstance_Destroy
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWInstance_Destroy(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+ CK_ULONG i;
+
+#ifdef NSSDEBUG
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ nssCKFWMutex_Destroy(fwInstance->mutex);
+
+ for (i = 0; i < fwInstance->nSlots; i++) {
+ (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
+ }
+
+ if (fwInstance->mdInstance->Finalize) {
+ fwInstance->mdInstance->Finalize(fwInstance->mdInstance, fwInstance);
+ }
+
+ if (fwInstance->sessionHandleHash) {
+ nssCKFWHash_Destroy(fwInstance->sessionHandleHash);
+ }
+
+ if (fwInstance->objectHandleHash) {
+ nssCKFWHash_Destroy(fwInstance->objectHandleHash);
+ }
+
+#ifdef DEBUG
+ (void)instance_remove_pointer(fwInstance);
+#endif /* DEBUG */
+
+ (void)NSSArena_Destroy(fwInstance->arena);
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWInstance_GetMDInstance
+ *
+ */
+NSS_IMPLEMENT NSSCKMDInstance *
+nssCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKMDInstance *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwInstance->mdInstance;
+}
+
+/*
+ * nssCKFWInstance_GetArena
+ *
+ */
+NSS_IMPLEMENT NSSArena *
+nssCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = CKR_OK;
+ return fwInstance->arena;
+}
+
+/*
+ * nssCKFWInstance_MayCreatePthreads
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ return fwInstance->mayCreatePthreads;
+}
+
+/*
+ * nssCKFWInstance_CreateMutex
+ *
+ */
+NSS_IMPLEMENT NSSCKFWMutex *
+nssCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ NSSCKFWMutex *mutex;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, fwInstance->LockingState,
+ arena, pError);
+ if (!mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+
+ return (NSSCKFWMutex *)NULL;
+ }
+
+ return mutex;
+}
+
+/*
+ * nssCKFWInstance_GetConfigurationData
+ *
+ */
+NSS_IMPLEMENT NSSUTF8 *
+nssCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSUTF8 *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwInstance->configurationData;
+}
+
+/*
+ * nssCKFWInstance_GetInitArgs
+ *
+ */
+CK_C_INITIALIZE_ARGS_PTR
+nssCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_C_INITIALIZE_ARGS_PTR)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwInstance->pInitArgs;
+}
+
+/*
+ * nssCKFWInstance_CreateSessionHandle
+ *
+ */
+NSS_IMPLEMENT CK_SESSION_HANDLE
+nssCKFWInstance_CreateSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+ CK_SESSION_HANDLE hSession;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_SESSION_HANDLE)0;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (CK_SESSION_HANDLE)0;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_SESSION_HANDLE)0;
+ }
+
+ hSession = ++(fwInstance->lastSessionHandle);
+
+ /* Alan would say I should unlock for this call. */
+
+ *pError = nssCKFWSession_SetHandle(fwSession, hSession);
+ if (CKR_OK != *pError) {
+ goto done;
+ }
+
+ *pError = nssCKFWHash_Add(fwInstance->sessionHandleHash,
+ (const void *)hSession, (const void *)fwSession);
+ if (CKR_OK != *pError) {
+ hSession = (CK_SESSION_HANDLE)0;
+ goto done;
+ }
+
+done:
+ nssCKFWMutex_Unlock(fwInstance->mutex);
+ return hSession;
+}
+
+/*
+ * nssCKFWInstance_ResolveSessionHandle
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSession *
+nssCKFWInstance_ResolveSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ NSSCKFWSession *fwSession;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKFWSession *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
+ fwInstance->sessionHandleHash, (const void *)hSession);
+
+ /* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
+
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+
+ return fwSession;
+}
+
+/*
+ * nssCKFWInstance_DestroySessionHandle
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWInstance_DestroySessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ NSSCKFWSession *fwSession;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return;
+ }
+
+ fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
+ fwInstance->sessionHandleHash, (const void *)hSession);
+ if (fwSession) {
+ nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
+ nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
+ }
+
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+
+ return;
+}
+
+/*
+ * nssCKFWInstance_FindSessionHandle
+ *
+ */
+NSS_IMPLEMENT CK_SESSION_HANDLE
+nssCKFWInstance_FindSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_SESSION_HANDLE)0;
+ }
+
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (CK_SESSION_HANDLE)0;
+ }
+#endif /* NSSDEBUG */
+
+ return nssCKFWSession_GetHandle(fwSession);
+ /* look it up and assert? */
+}
+
+/*
+ * nssCKFWInstance_CreateObjectHandle
+ *
+ */
+NSS_IMPLEMENT CK_OBJECT_HANDLE
+nssCKFWInstance_CreateObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+ CK_OBJECT_HANDLE hObject;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+
+ hObject = ++(fwInstance->lastObjectHandle);
+
+ *pError = nssCKFWObject_SetHandle(fwObject, hObject);
+ if (CKR_OK != *pError) {
+ hObject = (CK_OBJECT_HANDLE)0;
+ goto done;
+ }
+
+ *pError = nssCKFWHash_Add(fwInstance->objectHandleHash,
+ (const void *)hObject, (const void *)fwObject);
+ if (CKR_OK != *pError) {
+ hObject = (CK_OBJECT_HANDLE)0;
+ goto done;
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return hObject;
+}
+
+/*
+ * nssCKFWInstance_ResolveObjectHandle
+ *
+ */
+NSS_IMPLEMENT NSSCKFWObject *
+nssCKFWInstance_ResolveObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject)
+{
+ NSSCKFWObject *fwObject;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
+ fwInstance->objectHandleHash, (const void *)hObject);
+
+ /* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
+
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return fwObject;
+}
+
+/*
+ * nssCKFWInstance_ReassignObjectHandle
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWInstance_ReassignObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject,
+ NSSCKFWObject *fwObject)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWObject *oldObject;
+
+#ifdef NSSDEBUG
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
+ fwInstance->objectHandleHash, (const void *)hObject);
+ if (oldObject) {
+ /* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
+ (void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
+ nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
+ }
+
+ error = nssCKFWObject_SetHandle(fwObject, hObject);
+ if (CKR_OK != error) {
+ goto done;
+ }
+ error = nssCKFWHash_Add(fwInstance->objectHandleHash,
+ (const void *)hObject, (const void *)fwObject);
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWInstance_DestroyObjectHandle
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWInstance_DestroyObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_OBJECT_HANDLE hObject)
+{
+ NSSCKFWObject *fwObject;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ return;
+ }
+
+ fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
+ fwInstance->objectHandleHash, (const void *)hObject);
+ if (fwObject) {
+ /* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
+ nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
+ (void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
+ }
+
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return;
+}
+
+/*
+ * nssCKFWInstance_FindObjectHandle
+ *
+ */
+NSS_IMPLEMENT CK_OBJECT_HANDLE
+nssCKFWInstance_FindObjectHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWObject *fwObject)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+#endif /* NSSDEBUG */
+
+ return nssCKFWObject_GetHandle(fwObject);
+}
+
+/*
+ * nssCKFWInstance_GetNSlots
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWInstance_GetNSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = CKR_OK;
+ return fwInstance->nSlots;
+}
+
+/*
+ * nssCKFWInstance_GetCryptokiVersion
+ *
+ */
+NSS_IMPLEMENT CK_VERSION
+nssCKFWInstance_GetCryptokiVersion(
+ NSSCKFWInstance *fwInstance)
+{
+ CK_VERSION rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwInstance->cryptokiVersion.major) ||
+ (0 != fwInstance->cryptokiVersion.minor)) {
+ rv = fwInstance->cryptokiVersion;
+ goto done;
+ }
+
+ if (fwInstance->mdInstance->GetCryptokiVersion) {
+ fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
+ fwInstance->mdInstance, fwInstance);
+ } else {
+ fwInstance->cryptokiVersion.major = 2;
+ fwInstance->cryptokiVersion.minor = 1;
+ }
+
+ rv = fwInstance->cryptokiVersion;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWInstance_GetManufacturerID
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWInstance_GetManufacturerID(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR manufacturerID[32])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == manufacturerID) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwInstance->manufacturerID) {
+ if (fwInstance->mdInstance->GetManufacturerID) {
+ fwInstance->manufacturerID = fwInstance->mdInstance->GetManufacturerID(
+ fwInstance->mdInstance, fwInstance, &error);
+ if ((!fwInstance->manufacturerID) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwInstance->manufacturerID = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->manufacturerID, (char *)manufacturerID, 32, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWInstance_GetFlags
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWInstance_GetFlags(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ /* No "instance flags" are yet defined by Cryptoki. */
+ return (CK_ULONG)0;
+}
+
+/*
+ * nssCKFWInstance_GetLibraryDescription
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWInstance_GetLibraryDescription(
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR libraryDescription[32])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == libraryDescription) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwInstance->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwInstance->libraryDescription) {
+ if (fwInstance->mdInstance->GetLibraryDescription) {
+ fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
+ fwInstance->mdInstance, fwInstance, &error);
+ if ((!fwInstance->libraryDescription) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwInstance->libraryDescription = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWInstance_GetLibraryVersion
+ *
+ */
+NSS_IMPLEMENT CK_VERSION
+nssCKFWInstance_GetLibraryVersion(
+ NSSCKFWInstance *fwInstance)
+{
+ CK_VERSION rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwInstance->libraryVersion.major) ||
+ (0 != fwInstance->libraryVersion.minor)) {
+ rv = fwInstance->libraryVersion;
+ goto done;
+ }
+
+ if (fwInstance->mdInstance->GetLibraryVersion) {
+ fwInstance->libraryVersion = fwInstance->mdInstance->GetLibraryVersion(
+ fwInstance->mdInstance, fwInstance);
+ } else {
+ fwInstance->libraryVersion.major = 0;
+ fwInstance->libraryVersion.minor = 3;
+ }
+
+ rv = fwInstance->libraryVersion;
+done:
+ (void)nssCKFWMutex_Unlock(fwInstance->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWInstance_GetModuleHandlesSessionObjects
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWInstance_GetModuleHandlesSessionObjects(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ return fwInstance->moduleHandlesSessionObjects;
+}
+
+/*
+ * nssCKFWInstance_GetSlots
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSlot **
+nssCKFWInstance_GetSlots(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWSlot **)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSlot **)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwInstance->fwSlotList;
+}
+
+/*
+ * nssCKFWInstance_WaitForSlotEvent
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSlot *
+nssCKFWInstance_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL block,
+ CK_RV *pError)
+{
+ NSSCKFWSlot *fwSlot = (NSSCKFWSlot *)NULL;
+ NSSCKMDSlot *mdSlot;
+ CK_ULONG i, n;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ switch (block) {
+ case CK_TRUE:
+ case CK_FALSE:
+ break;
+ default:
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwInstance->mdInstance->WaitForSlotEvent) {
+ *pError = CKR_NO_EVENT;
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ mdSlot = fwInstance->mdInstance->WaitForSlotEvent(
+ fwInstance->mdInstance,
+ fwInstance,
+ block,
+ pError);
+
+ if (!mdSlot) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ n = nssCKFWInstance_GetNSlots(fwInstance, pError);
+ if (((CK_ULONG)0 == n) && (CKR_OK != *pError)) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ for (i = 0; i < n; i++) {
+ if (fwInstance->mdSlotList[i] == mdSlot) {
+ fwSlot = fwInstance->fwSlotList[i];
+ break;
+ }
+ }
+
+ if (!fwSlot) {
+ /* Internal error */
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ return fwSlot;
+}
+
+/*
+ * NSSCKFWInstance_GetMDInstance
+ *
+ */
+NSS_IMPLEMENT NSSCKMDInstance *
+NSSCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSCKMDInstance *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWInstance_GetMDInstance(fwInstance);
+}
+
+/*
+ * NSSCKFWInstance_GetArena
+ *
+ */
+NSS_IMPLEMENT NSSArena *
+NSSCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWInstance_GetArena(fwInstance, pError);
+}
+
+/*
+ * NSSCKFWInstance_MayCreatePthreads
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+NSSCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return CK_FALSE;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWInstance_MayCreatePthreads(fwInstance);
+}
+
+/*
+ * NSSCKFWInstance_CreateMutex
+ *
+ */
+NSS_IMPLEMENT NSSCKFWMutex *
+NSSCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWMutex *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+}
+
+/*
+ * NSSCKFWInstance_GetConfigurationData
+ *
+ */
+NSS_IMPLEMENT NSSUTF8 *
+NSSCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (NSSUTF8 *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWInstance_GetConfigurationData(fwInstance);
+}
+
+/*
+ * NSSCKFWInstance_GetInitArgs
+ *
+ */
+NSS_IMPLEMENT CK_C_INITIALIZE_ARGS_PTR
+NSSCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWInstance_verifyPointer(fwInstance)) {
+ return (CK_C_INITIALIZE_ARGS_PTR)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWInstance_GetInitArgs(fwInstance);
+}
+
+/*
+ * nssCKFWInstance_DestroySessionHandle
+ *
+ */
+NSS_IMPLEMENT void
+NSSCKFWInstance_DestroySessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
+}
+
+/*
+ * nssCKFWInstance_FindSessionHandle
+ *
+ */
+NSS_IMPLEMENT CK_SESSION_HANDLE
+NSSCKFWInstance_FindSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession)
+{
+ return nssCKFWInstance_FindSessionHandle(fwInstance, fwSession);
+}
diff --git a/security/nss/lib/ckfw/manifest.mn b/security/nss/lib/ckfw/manifest.mn
new file mode 100644
index 000000000..20bebeb31
--- /dev/null
+++ b/security/nss/lib/ckfw/manifest.mn
@@ -0,0 +1,53 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+DIRS = builtins
+
+PRIVATE_EXPORTS = \
+ ck.h \
+ ckfw.h \
+ ckfwm.h \
+ ckfwtm.h \
+ ckmd.h \
+ ckt.h \
+ $(NULL)
+
+EXPORTS = \
+ nssck.api \
+ nssckepv.h \
+ nssckft.h \
+ nssckfw.h \
+ nssckfwc.h \
+ nssckfwt.h \
+ nssckg.h \
+ nssckmdt.h \
+ nssckt.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ crypto.c \
+ find.c \
+ hash.c \
+ instance.c \
+ mutex.c \
+ object.c \
+ session.c \
+ sessobj.c \
+ slot.c \
+ token.c \
+ wrap.c \
+ mechanism.c \
+ $(NULL)
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nssckfw
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/ckfw/mechanism.c b/security/nss/lib/ckfw/mechanism.c
new file mode 100644
index 000000000..fe20aa94a
--- /dev/null
+++ b/security/nss/lib/ckfw/mechanism.c
@@ -0,0 +1,1102 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * mechanism.c
+ *
+ * This file implements the NSSCKFWMechanism type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWMechanism
+ *
+ * -- create/destroy --
+ * nssCKFWMechanism_Create
+ * nssCKFWMechanism_Destroy
+ *
+ * -- implement public accessors --
+ * nssCKFWMechanism_GetMDMechanism
+ * nssCKFWMechanism_GetParameter
+ *
+ * -- private accessors --
+ *
+ * -- module fronts --
+ * nssCKFWMechanism_GetMinKeySize
+ * nssCKFWMechanism_GetMaxKeySize
+ * nssCKFWMechanism_GetInHardware
+ * nssCKFWMechanism_GetCanEncrypt
+ * nssCKFWMechanism_GetCanDecrypt
+ * nssCKFWMechanism_GetCanDigest
+ * nssCKFWMechanism_GetCanSign
+ * nssCKFWMechanism_GetCanSignRecover
+ * nssCKFWMechanism_GetCanVerify
+ * nssCKFWMechanism_GetCanGenerate
+ * nssCKFWMechanism_GetCanGenerateKeyPair
+ * nssCKFWMechanism_GetCanUnwrap
+ * nssCKFWMechanism_GetCanWrap
+ * nssCKFWMechanism_GetCanDerive
+ * nssCKFWMechanism_EncryptInit
+ * nssCKFWMechanism_DecryptInit
+ * nssCKFWMechanism_DigestInit
+ * nssCKFWMechanism_SignInit
+ * nssCKFWMechanism_VerifyInit
+ * nssCKFWMechanism_SignRecoverInit
+ * nssCKFWMechanism_VerifyRecoverInit
+ * nssCKFWMechanism_GenerateKey
+ * nssCKFWMechanism_GenerateKeyPair
+ * nssCKFWMechanism_GetWrapKeyLength
+ * nssCKFWMechanism_WrapKey
+ * nssCKFWMechanism_UnwrapKey
+ * nssCKFWMechanism_DeriveKey
+ */
+
+struct NSSCKFWMechanismStr {
+ NSSCKMDMechanism *mdMechanism;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+ NSSCKMDInstance *mdInstance;
+ NSSCKFWInstance *fwInstance;
+};
+
+/*
+ * nssCKFWMechanism_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKFWMechanism *
+nssCKFWMechanism_Create(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ NSSCKFWMechanism *fwMechanism;
+
+ fwMechanism = nss_ZNEW(NULL, NSSCKFWMechanism);
+ if (!fwMechanism) {
+ return (NSSCKFWMechanism *)NULL;
+ }
+ fwMechanism->mdMechanism = mdMechanism;
+ fwMechanism->mdToken = mdToken;
+ fwMechanism->fwToken = fwToken;
+ fwMechanism->mdInstance = mdInstance;
+ fwMechanism->fwInstance = fwInstance;
+ return fwMechanism;
+}
+
+/*
+ * nssCKFWMechanism_Destroy
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWMechanism_Destroy(
+ NSSCKFWMechanism *fwMechanism)
+{
+ /* destroy any fw resources held by nssCKFWMechanism (currently none) */
+
+ if (fwMechanism->mdMechanism->Destroy) {
+ /* destroys it's parent as well */
+ fwMechanism->mdMechanism->Destroy(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance);
+ }
+ /* if the Destroy function wasn't supplied, then the mechanism is 'static',
+ * and there is nothing to destroy */
+ return;
+}
+
+/*
+ * nssCKFWMechanism_GetMDMechanism
+ *
+ */
+NSS_IMPLEMENT NSSCKMDMechanism *
+nssCKFWMechanism_GetMDMechanism(
+ NSSCKFWMechanism *fwMechanism)
+{
+ return fwMechanism->mdMechanism;
+}
+
+/*
+ * nssCKFWMechanism_GetMinKeySize
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWMechanism_GetMinKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->GetMinKeySize) {
+ return 0;
+ }
+
+ return fwMechanism->mdMechanism->GetMinKeySize(fwMechanism->mdMechanism,
+ fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
+}
+
+/*
+ * nssCKFWMechanism_GetMaxKeySize
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWMechanism_GetMaxKeySize(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->GetMaxKeySize) {
+ return 0;
+ }
+
+ return fwMechanism->mdMechanism->GetMaxKeySize(fwMechanism->mdMechanism,
+ fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
+}
+
+/*
+ * nssCKFWMechanism_GetInHardware
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWMechanism_GetInHardware(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->GetInHardware) {
+ return CK_FALSE;
+ }
+
+ return fwMechanism->mdMechanism->GetInHardware(fwMechanism->mdMechanism,
+ fwMechanism, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance, pError);
+}
+
+/*
+ * the following are determined automatically by which of the cryptographic
+ * functions are defined for this mechanism.
+ */
+/*
+ * nssCKFWMechanism_GetCanEncrypt
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanEncrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->EncryptInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanDecrypt
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanDecrypt(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->DecryptInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanDigest
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanDigest(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->DigestInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanSign
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanSign(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->SignInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanSignRecover
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanSignRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->SignRecoverInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanVerify
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanVerify(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->VerifyInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanVerifyRecover
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanVerifyRecover(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->VerifyRecoverInit) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanGenerate
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanGenerate(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->GenerateKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanGenerateKeyPair
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanGenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->GenerateKeyPair) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanUnwrap
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanUnwrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->UnwrapKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanWrap
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanWrap(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->WrapKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * nssCKFWMechanism_GetCanDerive
+ *
+ */
+NSS_EXTERN CK_BBOOL
+nssCKFWMechanism_GetCanDerive(
+ NSSCKFWMechanism *fwMechanism,
+ CK_RV *pError)
+{
+ if (!fwMechanism->mdMechanism->DeriveKey) {
+ return CK_FALSE;
+ }
+ return CK_TRUE;
+}
+
+/*
+ * These are the actual crypto operations
+ */
+
+/*
+ * nssCKFWMechanism_EncryptInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_EncryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->EncryptInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->EncryptInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdObject,
+ fwObject,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Encrypt, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_DecryptInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_DecryptInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->DecryptInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->DecryptInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdObject,
+ fwObject,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Decrypt, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_DigestInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_DigestInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_Digest);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->DigestInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdOperation = fwMechanism->mdMechanism->DigestInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Digest, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_Digest);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_SignInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_SignInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->SignInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->SignInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdObject,
+ fwObject,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Sign, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_VerifyInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_VerifyInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->VerifyInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->VerifyInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdObject,
+ fwObject,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_Verify, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_SignRecoverInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_SignRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->SignRecoverInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->SignRecoverInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdObject,
+ fwObject,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_SignRecover, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_VerifyRecoverInit
+ * Start an encryption session.
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_VerifyRecoverInit(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKMDCryptoOperation *mdOperation;
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ CK_RV error = CKR_OK;
+
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_SignVerify);
+ if (fwOperation) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ if (!fwMechanism->mdMechanism->VerifyRecoverInit) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = nssCKFWObject_GetMDObject(fwObject);
+ mdOperation = fwMechanism->mdMechanism->VerifyRecoverInit(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdObject,
+ fwObject,
+ &error);
+ if (!mdOperation) {
+ goto loser;
+ }
+
+ fwOperation = nssCKFWCryptoOperation_Create(mdOperation,
+ mdSession, fwSession, fwMechanism->mdToken, fwMechanism->fwToken,
+ fwMechanism->mdInstance, fwMechanism->fwInstance,
+ NSSCKFWCryptoOperationType_VerifyRecover, &error);
+ if (fwOperation) {
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, fwOperation,
+ NSSCKFWCryptoOperationState_SignVerify);
+ }
+
+loser:
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_GenerateKey
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWMechanism_GenerateKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ NSSCKFWObject *fwObject = NULL;
+ NSSArena *arena;
+
+ if (!fwMechanism->mdMechanism->GenerateKey) {
+ *pError = CKR_FUNCTION_FAILED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdObject = fwMechanism->mdMechanism->GenerateKey(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ pTemplate,
+ ulAttributeCount,
+ pError);
+
+ if (!mdObject) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
+
+ return fwObject;
+}
+
+/*
+ * nssCKFWMechanism_GenerateKeyPair
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_GenerateKeyPair(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ NSSCKFWObject **fwPublicKeyObject,
+ NSSCKFWObject **fwPrivateKeyObject)
+{
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdPublicKeyObject;
+ NSSCKMDObject *mdPrivateKeyObject;
+ NSSArena *arena;
+ CK_RV error = CKR_OK;
+
+ if (!fwMechanism->mdMechanism->GenerateKeyPair) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, &error);
+ if (!arena) {
+ if (CKR_OK == error) {
+ error = CKR_GENERAL_ERROR;
+ }
+ return error;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ error = fwMechanism->mdMechanism->GenerateKeyPair(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ pPublicKeyTemplate,
+ ulPublicKeyAttributeCount,
+ pPrivateKeyTemplate,
+ ulPrivateKeyAttributeCount,
+ &mdPublicKeyObject,
+ &mdPrivateKeyObject);
+
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ *fwPublicKeyObject = nssCKFWObject_Create(arena, mdPublicKeyObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error);
+ if (!*fwPublicKeyObject) {
+ return error;
+ }
+ *fwPrivateKeyObject = nssCKFWObject_Create(arena, mdPrivateKeyObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, &error);
+
+ return error;
+}
+
+/*
+ * nssCKFWMechanism_GetWrapKeyLength
+ */
+NSS_EXTERN CK_ULONG
+nssCKFWMechanism_GetWrapKeyLength(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwKeyObject,
+ CK_RV *pError)
+{
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdWrappingKeyObject;
+ NSSCKMDObject *mdKeyObject;
+
+ if (!fwMechanism->mdMechanism->WrapKey) {
+ *pError = CKR_FUNCTION_FAILED;
+ return (CK_ULONG)0;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
+ mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject);
+ return fwMechanism->mdMechanism->GetWrapKeyLength(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdWrappingKeyObject,
+ fwWrappingKeyObject,
+ mdKeyObject,
+ fwKeyObject,
+ pError);
+}
+
+/*
+ * nssCKFWMechanism_WrapKey
+ */
+NSS_EXTERN CK_RV
+nssCKFWMechanism_WrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSCKFWObject *fwKeyObject,
+ NSSItem *wrappedKey)
+{
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdWrappingKeyObject;
+ NSSCKMDObject *mdKeyObject;
+
+ if (!fwMechanism->mdMechanism->WrapKey) {
+ return CKR_FUNCTION_FAILED;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
+ mdKeyObject = nssCKFWObject_GetMDObject(fwKeyObject);
+ return fwMechanism->mdMechanism->WrapKey(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdWrappingKeyObject,
+ fwWrappingKeyObject,
+ mdKeyObject,
+ fwKeyObject,
+ wrappedKey);
+}
+
+/*
+ * nssCKFWMechanism_UnwrapKey
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWMechanism_UnwrapKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwWrappingKeyObject,
+ NSSItem *wrappedKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ NSSCKMDObject *mdWrappingKeyObject;
+ NSSCKFWObject *fwObject = NULL;
+ NSSArena *arena;
+
+ if (!fwMechanism->mdMechanism->UnwrapKey) {
+ /* we could simulate UnwrapKey using Decrypt and Create object, but
+ * 1) it's not clear that would work well, and 2) the low level token
+ * may want to restrict unwrap key for a reason, so just fail it it
+ * can't be done */
+ *pError = CKR_FUNCTION_FAILED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdWrappingKeyObject = nssCKFWObject_GetMDObject(fwWrappingKeyObject);
+ mdObject = fwMechanism->mdMechanism->UnwrapKey(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdWrappingKeyObject,
+ fwWrappingKeyObject,
+ wrappedKey,
+ pTemplate,
+ ulAttributeCount,
+ pError);
+
+ if (!mdObject) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
+
+ return fwObject;
+}
+
+/*
+ * nssCKFWMechanism_DeriveKey
+ */
+NSS_EXTERN NSSCKFWObject *
+nssCKFWMechanism_DeriveKey(
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwBaseKeyObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSCKMDSession *mdSession;
+ NSSCKMDObject *mdObject;
+ NSSCKMDObject *mdBaseKeyObject;
+ NSSCKFWObject *fwObject = NULL;
+ NSSArena *arena;
+
+ if (!fwMechanism->mdMechanism->DeriveKey) {
+ *pError = CKR_FUNCTION_FAILED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwMechanism->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ mdSession = nssCKFWSession_GetMDSession(fwSession);
+ mdBaseKeyObject = nssCKFWObject_GetMDObject(fwBaseKeyObject);
+ mdObject = fwMechanism->mdMechanism->DeriveKey(
+ fwMechanism->mdMechanism,
+ fwMechanism,
+ pMechanism,
+ mdSession,
+ fwSession,
+ fwMechanism->mdToken,
+ fwMechanism->fwToken,
+ fwMechanism->mdInstance,
+ fwMechanism->fwInstance,
+ mdBaseKeyObject,
+ fwBaseKeyObject,
+ pTemplate,
+ ulAttributeCount,
+ pError);
+
+ if (!mdObject) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ fwSession, fwMechanism->fwToken, fwMechanism->fwInstance, pError);
+
+ return fwObject;
+}
diff --git a/security/nss/lib/ckfw/mutex.c b/security/nss/lib/ckfw/mutex.c
new file mode 100644
index 000000000..be569e196
--- /dev/null
+++ b/security/nss/lib/ckfw/mutex.c
@@ -0,0 +1,248 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * mutex.c
+ *
+ * This file implements a mutual-exclusion locking facility for Modules
+ * using the NSS Cryptoki Framework.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWMutex
+ *
+ * NSSCKFWMutex_Destroy
+ * NSSCKFWMutex_Lock
+ * NSSCKFWMutex_Unlock
+ *
+ * nssCKFWMutex_Create
+ * nssCKFWMutex_Destroy
+ * nssCKFWMutex_Lock
+ * nssCKFWMutex_Unlock
+ *
+ * -- debugging versions only --
+ * nssCKFWMutex_verifyPointer
+ *
+ */
+
+struct NSSCKFWMutexStr {
+ PRLock *lock;
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+mutex_add_pointer(
+ const NSSCKFWMutex *fwMutex)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+mutex_remove_pointer(
+ const NSSCKFWMutex *fwMutex)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWMutex_verifyPointer(
+ const NSSCKFWMutex *fwMutex)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWMutex_Create
+ *
+ */
+NSS_EXTERN NSSCKFWMutex *
+nssCKFWMutex_Create(
+ CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState LockingState,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ NSSCKFWMutex *mutex;
+
+ mutex = nss_ZNEW(arena, NSSCKFWMutex);
+ if (!mutex) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWMutex *)NULL;
+ }
+ *pError = CKR_OK;
+ mutex->lock = NULL;
+ if (LockingState == MultiThreaded) {
+ mutex->lock = PR_NewLock();
+ if (!mutex->lock) {
+ *pError = CKR_HOST_MEMORY; /* we couldn't get the resource */
+ }
+ }
+
+ if (CKR_OK != *pError) {
+ (void)nss_ZFreeIf(mutex);
+ return (NSSCKFWMutex *)NULL;
+ }
+
+#ifdef DEBUG
+ *pError = mutex_add_pointer(mutex);
+ if (CKR_OK != *pError) {
+ if (mutex->lock) {
+ PR_DestroyLock(mutex->lock);
+ }
+ (void)nss_ZFreeIf(mutex);
+ return (NSSCKFWMutex *)NULL;
+ }
+#endif /* DEBUG */
+
+ return mutex;
+}
+
+/*
+ * nssCKFWMutex_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex)
+{
+ CK_RV rv = CKR_OK;
+
+#ifdef NSSDEBUG
+ rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (mutex->lock) {
+ PR_DestroyLock(mutex->lock);
+ }
+
+#ifdef DEBUG
+ (void)mutex_remove_pointer(mutex);
+#endif /* DEBUG */
+
+ (void)nss_ZFreeIf(mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWMutex_Lock
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWMutex_Lock(
+ NSSCKFWMutex *mutex)
+{
+#ifdef NSSDEBUG
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+#endif /* NSSDEBUG */
+ if (mutex->lock) {
+ PR_Lock(mutex->lock);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWMutex_Unlock
+ *
+ */
+NSS_EXTERN CK_RV
+nssCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex)
+{
+ PRStatus nrv;
+#ifdef NSSDEBUG
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+
+ if (CKR_OK != rv) {
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (!mutex->lock)
+ return CKR_OK;
+
+ nrv = PR_Unlock(mutex->lock);
+
+ /* if unlock fails, either we have a programming error, or we have
+ * some sort of hardware failure... in either case return CKR_DEVICE_ERROR.
+ */
+ return nrv == PR_SUCCESS ? CKR_OK : CKR_DEVICE_ERROR;
+}
+
+/*
+ * NSSCKFWMutex_Destroy
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex)
+{
+#ifdef DEBUG
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWMutex_Destroy(mutex);
+}
+
+/*
+ * NSSCKFWMutex_Lock
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWMutex_Lock(
+ NSSCKFWMutex *mutex)
+{
+#ifdef DEBUG
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWMutex_Lock(mutex);
+}
+
+/*
+ * NSSCKFWMutex_Unlock
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex)
+{
+#ifdef DEBUG
+ CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
+ if (CKR_OK != rv) {
+ return rv;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWMutex_Unlock(mutex);
+}
diff --git a/security/nss/lib/ckfw/nssck.api b/security/nss/lib/ckfw/nssck.api
new file mode 100644
index 000000000..55b43512a
--- /dev/null
+++ b/security/nss/lib/ckfw/nssck.api
@@ -0,0 +1,1854 @@
+/* THIS IS A GENERATED FILE */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * nssck.api
+ *
+ * This automatically-generated file is used to generate a set of
+ * Cryptoki entry points within the object space of a Module using
+ * the NSS Cryptoki Framework.
+ *
+ * The Module should have a .c file with the following:
+ *
+ * #define MODULE_NAME name
+ * #define INSTANCE_NAME instance
+ * #include "nssck.api"
+ *
+ * where "name" is some module-specific name that can be used to
+ * disambiguate various modules. This included file will then
+ * define the actual Cryptoki routines which pass through to the
+ * Framework calls. All routines, except C_GetFunctionList, will
+ * be prefixed with the name; C_GetFunctionList will be generated
+ * to return an entry-point vector with these routines. The
+ * instance specified should be the basic instance of NSSCKMDInstance.
+ *
+ * If, prior to including nssck.api, the .c file also specifies
+ *
+ * #define DECLARE_STRICT_CRYTPOKI_NAMES
+ *
+ * Then a set of "stub" routines not prefixed with the name will
+ * be included. This would allow the combined module and framework
+ * to be used in applications which are hard-coded to use the
+ * PKCS#11 names (instead of going through the EPV). Please note
+ * that such applications should be careful resolving symbols when
+ * more than one PKCS#11 module is loaded.
+ */
+
+#ifndef MODULE_NAME
+#error "Error: MODULE_NAME must be defined."
+#endif /* MODULE_NAME */
+
+#ifndef INSTANCE_NAME
+#error "Error: INSTANCE_NAME must be defined."
+#endif /* INSTANCE_NAME */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+#ifndef NSSCKFWC_H
+#include "nssckfwc.h"
+#endif /* NSSCKFWC_H */
+
+#ifndef NSSCKEPV_H
+#include "nssckepv.h"
+#endif /* NSSCKEPV_H */
+
+#define ADJOIN(x,y) x##y
+
+#define __ADJOIN(x,y) ADJOIN(x,y)
+
+/*
+ * The anchor. This object is used to store an "anchor" pointer in
+ * the Module's object space, so the wrapper functions can relate
+ * back to this instance.
+ */
+
+static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Initialize)
+(
+ CK_VOID_PTR pInitArgs
+)
+{
+ return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Initialize
+(
+ CK_VOID_PTR pInitArgs
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Finalize)
+(
+ CK_VOID_PTR pReserved
+)
+{
+ return NSSCKFWC_Finalize(&fwInstance);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Finalize
+(
+ CK_VOID_PTR pReserved
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetInfo)
+(
+ CK_INFO_PTR pInfo
+)
+{
+ return NSSCKFWC_GetInfo(fwInstance, pInfo);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetInfo
+(
+ CK_INFO_PTR pInfo
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+/*
+ * C_GetFunctionList is defined at the end.
+ */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetSlotList)
+(
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount
+)
+{
+ return NSSCKFWC_GetSlotList(fwInstance, tokenPresent, pSlotList, pulCount);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetSlotList
+(
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetSlotList)(tokenPresent, pSlotList, pulCount);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetSlotInfo)
+(
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo
+)
+{
+ return NSSCKFWC_GetSlotInfo(fwInstance, slotID, pInfo);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetSlotInfo
+(
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetSlotInfo)(slotID, pInfo);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetTokenInfo)
+(
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo
+)
+{
+ return NSSCKFWC_GetTokenInfo(fwInstance, slotID, pInfo);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetTokenInfo
+(
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetTokenInfo)(slotID, pInfo);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetMechanismList)
+(
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount
+)
+{
+ return NSSCKFWC_GetMechanismList(fwInstance, slotID, pMechanismList, pulCount);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetMechanismList
+(
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetMechanismList)(slotID, pMechanismList, pulCount);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetMechanismInfo)
+(
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo
+)
+{
+ return NSSCKFWC_GetMechanismInfo(fwInstance, slotID, type, pInfo);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetMechanismInfo
+(
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetMechanismInfo)(slotID, type, pInfo);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_InitToken)
+(
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel
+)
+{
+ return NSSCKFWC_InitToken(fwInstance, slotID, pPin, ulPinLen, pLabel);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_InitToken
+(
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel
+)
+{
+ return __ADJOIN(MODULE_NAME,C_InitToken)(slotID, pPin, ulPinLen, pLabel);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_InitPIN)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen
+)
+{
+ return NSSCKFWC_InitPIN(fwInstance, hSession, pPin, ulPinLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_InitPIN
+(
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_InitPIN)(hSession, pPin, ulPinLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SetPIN)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen
+)
+{
+ return NSSCKFWC_SetPIN(fwInstance, hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SetPIN
+(
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SetPIN)(hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_OpenSession)
+(
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession
+)
+{
+ return NSSCKFWC_OpenSession(fwInstance, slotID, flags, pApplication, Notify, phSession);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_OpenSession
+(
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession
+)
+{
+ return __ADJOIN(MODULE_NAME,C_OpenSession)(slotID, flags, pApplication, Notify, phSession);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_CloseSession)
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return NSSCKFWC_CloseSession(fwInstance, hSession);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_CloseSession
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return __ADJOIN(MODULE_NAME,C_CloseSession)(hSession);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_CloseAllSessions)
+(
+ CK_SLOT_ID slotID
+)
+{
+ return NSSCKFWC_CloseAllSessions(fwInstance, slotID);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_CloseAllSessions
+(
+ CK_SLOT_ID slotID
+)
+{
+ return __ADJOIN(MODULE_NAME,C_CloseAllSessions)(slotID);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetSessionInfo)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo
+)
+{
+ return NSSCKFWC_GetSessionInfo(fwInstance, hSession, pInfo);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetSessionInfo
+(
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetSessionInfo)(hSession, pInfo);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetOperationState)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen
+)
+{
+ return NSSCKFWC_GetOperationState(fwInstance, hSession, pOperationState, pulOperationStateLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetOperationState
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetOperationState)(hSession, pOperationState, pulOperationStateLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SetOperationState)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey
+)
+{
+ return NSSCKFWC_SetOperationState(fwInstance, hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SetOperationState
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SetOperationState)(hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Login)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen
+)
+{
+ return NSSCKFWC_Login(fwInstance, hSession, userType, pPin, ulPinLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Login
+(
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Login)(hSession, userType, pPin, ulPinLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Logout)
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return NSSCKFWC_Logout(fwInstance, hSession);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Logout
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Logout)(hSession);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_CreateObject)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject
+)
+{
+ return NSSCKFWC_CreateObject(fwInstance, hSession, pTemplate, ulCount, phObject);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_CreateObject
+(
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject
+)
+{
+ return __ADJOIN(MODULE_NAME,C_CreateObject)(hSession, pTemplate, ulCount, phObject);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_CopyObject)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject
+)
+{
+ return NSSCKFWC_CopyObject(fwInstance, hSession, hObject, pTemplate, ulCount, phNewObject);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_CopyObject
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject
+)
+{
+ return __ADJOIN(MODULE_NAME,C_CopyObject)(hSession, hObject, pTemplate, ulCount, phNewObject);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DestroyObject)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject
+)
+{
+ return NSSCKFWC_DestroyObject(fwInstance, hSession, hObject);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DestroyObject
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DestroyObject)(hSession, hObject);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetObjectSize)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize
+)
+{
+ return NSSCKFWC_GetObjectSize(fwInstance, hSession, hObject, pulSize);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetObjectSize
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetObjectSize)(hSession, hObject, pulSize);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetAttributeValue)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount
+)
+{
+ return NSSCKFWC_GetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetAttributeValue
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetAttributeValue)(hSession, hObject, pTemplate, ulCount);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SetAttributeValue)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount
+)
+{
+ return NSSCKFWC_SetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SetAttributeValue
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SetAttributeValue)(hSession, hObject, pTemplate, ulCount);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_FindObjectsInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount
+)
+{
+ return NSSCKFWC_FindObjectsInit(fwInstance, hSession, pTemplate, ulCount);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_FindObjectsInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount
+)
+{
+ return __ADJOIN(MODULE_NAME,C_FindObjectsInit)(hSession, pTemplate, ulCount);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_FindObjects)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount
+)
+{
+ return NSSCKFWC_FindObjects(fwInstance, hSession, phObject, ulMaxObjectCount, pulObjectCount);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_FindObjects
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount
+)
+{
+ return __ADJOIN(MODULE_NAME,C_FindObjects)(hSession, phObject, ulMaxObjectCount, pulObjectCount);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_FindObjectsFinal)
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return NSSCKFWC_FindObjectsFinal(fwInstance, hSession);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_FindObjectsFinal
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return __ADJOIN(MODULE_NAME,C_FindObjectsFinal)(hSession);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_EncryptInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_EncryptInit(fwInstance, hSession, pMechanism, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_EncryptInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_EncryptInit)(hSession, pMechanism, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Encrypt)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen
+)
+{
+ return NSSCKFWC_Encrypt(fwInstance, hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Encrypt
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Encrypt)(hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_EncryptUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen
+)
+{
+ return NSSCKFWC_EncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_EncryptUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_EncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_EncryptFinal)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen
+)
+{
+ return NSSCKFWC_EncryptFinal(fwInstance, hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_EncryptFinal
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_EncryptFinal)(hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DecryptInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_DecryptInit(fwInstance, hSession, pMechanism, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DecryptInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DecryptInit)(hSession, pMechanism, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Decrypt)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen
+)
+{
+ return NSSCKFWC_Decrypt(fwInstance, hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Decrypt
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Decrypt)(hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DecryptUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen
+)
+{
+ return NSSCKFWC_DecryptUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DecryptUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DecryptUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DecryptFinal)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen
+)
+{
+ return NSSCKFWC_DecryptFinal(fwInstance, hSession, pLastPart, pulLastPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DecryptFinal
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DecryptFinal)(hSession, pLastPart, pulLastPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DigestInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism
+)
+{
+ return NSSCKFWC_DigestInit(fwInstance, hSession, pMechanism);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DigestInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DigestInit)(hSession, pMechanism);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Digest)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen
+)
+{
+ return NSSCKFWC_Digest(fwInstance, hSession, pData, ulDataLen, pDigest, pulDigestLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Digest
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Digest)(hSession, pData, ulDataLen, pDigest, pulDigestLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DigestUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen
+)
+{
+ return NSSCKFWC_DigestUpdate(fwInstance, hSession, pPart, ulPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DigestUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DigestUpdate)(hSession, pPart, ulPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DigestKey)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_DigestKey(fwInstance, hSession, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DigestKey
+(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DigestKey)(hSession, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DigestFinal)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen
+)
+{
+ return NSSCKFWC_DigestFinal(fwInstance, hSession, pDigest, pulDigestLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DigestFinal
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DigestFinal)(hSession, pDigest, pulDigestLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SignInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_SignInit(fwInstance, hSession, pMechanism, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SignInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SignInit)(hSession, pMechanism, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Sign)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen
+)
+{
+ return NSSCKFWC_Sign(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Sign
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Sign)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SignUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen
+)
+{
+ return NSSCKFWC_SignUpdate(fwInstance, hSession, pPart, ulPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SignUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SignUpdate)(hSession, pPart, ulPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SignFinal)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen
+)
+{
+ return NSSCKFWC_SignFinal(fwInstance, hSession, pSignature, pulSignatureLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SignFinal
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SignFinal)(hSession, pSignature, pulSignatureLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SignRecoverInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_SignRecoverInit(fwInstance, hSession, pMechanism, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SignRecoverInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SignRecoverInit)(hSession, pMechanism, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SignRecover)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen
+)
+{
+ return NSSCKFWC_SignRecover(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SignRecover
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SignRecover)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_VerifyInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_VerifyInit(fwInstance, hSession, pMechanism, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_VerifyInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_VerifyInit)(hSession, pMechanism, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_Verify)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen
+)
+{
+ return NSSCKFWC_Verify(fwInstance, hSession, pData, ulDataLen, pSignature, ulSignatureLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_Verify
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_Verify)(hSession, pData, ulDataLen, pSignature, ulSignatureLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_VerifyUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen
+)
+{
+ return NSSCKFWC_VerifyUpdate(fwInstance, hSession, pPart, ulPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_VerifyUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_VerifyUpdate)(hSession, pPart, ulPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_VerifyFinal)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen
+)
+{
+ return NSSCKFWC_VerifyFinal(fwInstance, hSession, pSignature, ulSignatureLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_VerifyFinal
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_VerifyFinal)(hSession, pSignature, ulSignatureLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_VerifyRecoverInit)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return NSSCKFWC_VerifyRecoverInit(fwInstance, hSession, pMechanism, hKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_VerifyRecoverInit
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_VerifyRecoverInit)(hSession, pMechanism, hKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_VerifyRecover)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen
+)
+{
+ return NSSCKFWC_VerifyRecover(fwInstance, hSession, pSignature, ulSignatureLen, pData, pulDataLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_VerifyRecover
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_VerifyRecover)(hSession, pSignature, ulSignatureLen, pData, pulDataLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen
+)
+{
+ return NSSCKFWC_DigestEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DigestEncryptUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen
+)
+{
+ return NSSCKFWC_DecryptDigestUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DecryptDigestUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SignEncryptUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen
+)
+{
+ return NSSCKFWC_SignEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SignEncryptUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SignEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen
+)
+{
+ return NSSCKFWC_DecryptVerifyUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DecryptVerifyUpdate
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GenerateKey)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey
+)
+{
+ return NSSCKFWC_GenerateKey(fwInstance, hSession, pMechanism, pTemplate, ulCount, phKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GenerateKey
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GenerateKey)(hSession, pMechanism, pTemplate, ulCount, phKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GenerateKeyPair)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey
+)
+{
+ return NSSCKFWC_GenerateKeyPair(fwInstance, hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GenerateKeyPair
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GenerateKeyPair)(hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_WrapKey)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen
+)
+{
+ return NSSCKFWC_WrapKey(fwInstance, hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_WrapKey
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_WrapKey)(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_UnwrapKey)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey
+)
+{
+ return NSSCKFWC_UnwrapKey(fwInstance, hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_UnwrapKey
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_UnwrapKey)(hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_DeriveKey)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey
+)
+{
+ return NSSCKFWC_DeriveKey(fwInstance, hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_DeriveKey
+(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey
+)
+{
+ return __ADJOIN(MODULE_NAME,C_DeriveKey)(hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_SeedRandom)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen
+)
+{
+ return NSSCKFWC_SeedRandom(fwInstance, hSession, pSeed, ulSeedLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_SeedRandom
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_SeedRandom)(hSession, pSeed, ulSeedLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GenerateRandom)
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR RandomData,
+ CK_ULONG ulRandomLen
+)
+{
+ return NSSCKFWC_GenerateRandom(fwInstance, hSession, RandomData, ulRandomLen);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GenerateRandom
+(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR RandomData,
+ CK_ULONG ulRandomLen
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GenerateRandom)(hSession, RandomData, ulRandomLen);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetFunctionStatus)
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return NSSCKFWC_GetFunctionStatus(fwInstance, hSession);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_GetFunctionStatus
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetFunctionStatus)(hSession);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_CancelFunction)
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return NSSCKFWC_CancelFunction(fwInstance, hSession);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_CancelFunction
+(
+ CK_SESSION_HANDLE hSession
+)
+{
+ return __ADJOIN(MODULE_NAME,C_CancelFunction)(hSession);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
+(
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pRserved
+)
+{
+ return NSSCKFWC_WaitForSlotEvent(fwInstance, flags, pSlot, pRserved);
+}
+
+#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
+CK_RV CK_ENTRY
+C_WaitForSlotEvent
+(
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pRserved
+)
+{
+ return __ADJOIN(MODULE_NAME,C_WaitForSlotEvent)(flags, pSlot, pRserved);
+}
+#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetFunctionList)
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList
+);
+
+static CK_FUNCTION_LIST FunctionList = {
+ { 2, 1 },
+__ADJOIN(MODULE_NAME,C_Initialize),
+__ADJOIN(MODULE_NAME,C_Finalize),
+__ADJOIN(MODULE_NAME,C_GetInfo),
+__ADJOIN(MODULE_NAME,C_GetFunctionList),
+__ADJOIN(MODULE_NAME,C_GetSlotList),
+__ADJOIN(MODULE_NAME,C_GetSlotInfo),
+__ADJOIN(MODULE_NAME,C_GetTokenInfo),
+__ADJOIN(MODULE_NAME,C_GetMechanismList),
+__ADJOIN(MODULE_NAME,C_GetMechanismInfo),
+__ADJOIN(MODULE_NAME,C_InitToken),
+__ADJOIN(MODULE_NAME,C_InitPIN),
+__ADJOIN(MODULE_NAME,C_SetPIN),
+__ADJOIN(MODULE_NAME,C_OpenSession),
+__ADJOIN(MODULE_NAME,C_CloseSession),
+__ADJOIN(MODULE_NAME,C_CloseAllSessions),
+__ADJOIN(MODULE_NAME,C_GetSessionInfo),
+__ADJOIN(MODULE_NAME,C_GetOperationState),
+__ADJOIN(MODULE_NAME,C_SetOperationState),
+__ADJOIN(MODULE_NAME,C_Login),
+__ADJOIN(MODULE_NAME,C_Logout),
+__ADJOIN(MODULE_NAME,C_CreateObject),
+__ADJOIN(MODULE_NAME,C_CopyObject),
+__ADJOIN(MODULE_NAME,C_DestroyObject),
+__ADJOIN(MODULE_NAME,C_GetObjectSize),
+__ADJOIN(MODULE_NAME,C_GetAttributeValue),
+__ADJOIN(MODULE_NAME,C_SetAttributeValue),
+__ADJOIN(MODULE_NAME,C_FindObjectsInit),
+__ADJOIN(MODULE_NAME,C_FindObjects),
+__ADJOIN(MODULE_NAME,C_FindObjectsFinal),
+__ADJOIN(MODULE_NAME,C_EncryptInit),
+__ADJOIN(MODULE_NAME,C_Encrypt),
+__ADJOIN(MODULE_NAME,C_EncryptUpdate),
+__ADJOIN(MODULE_NAME,C_EncryptFinal),
+__ADJOIN(MODULE_NAME,C_DecryptInit),
+__ADJOIN(MODULE_NAME,C_Decrypt),
+__ADJOIN(MODULE_NAME,C_DecryptUpdate),
+__ADJOIN(MODULE_NAME,C_DecryptFinal),
+__ADJOIN(MODULE_NAME,C_DigestInit),
+__ADJOIN(MODULE_NAME,C_Digest),
+__ADJOIN(MODULE_NAME,C_DigestUpdate),
+__ADJOIN(MODULE_NAME,C_DigestKey),
+__ADJOIN(MODULE_NAME,C_DigestFinal),
+__ADJOIN(MODULE_NAME,C_SignInit),
+__ADJOIN(MODULE_NAME,C_Sign),
+__ADJOIN(MODULE_NAME,C_SignUpdate),
+__ADJOIN(MODULE_NAME,C_SignFinal),
+__ADJOIN(MODULE_NAME,C_SignRecoverInit),
+__ADJOIN(MODULE_NAME,C_SignRecover),
+__ADJOIN(MODULE_NAME,C_VerifyInit),
+__ADJOIN(MODULE_NAME,C_Verify),
+__ADJOIN(MODULE_NAME,C_VerifyUpdate),
+__ADJOIN(MODULE_NAME,C_VerifyFinal),
+__ADJOIN(MODULE_NAME,C_VerifyRecoverInit),
+__ADJOIN(MODULE_NAME,C_VerifyRecover),
+__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate),
+__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate),
+__ADJOIN(MODULE_NAME,C_SignEncryptUpdate),
+__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate),
+__ADJOIN(MODULE_NAME,C_GenerateKey),
+__ADJOIN(MODULE_NAME,C_GenerateKeyPair),
+__ADJOIN(MODULE_NAME,C_WrapKey),
+__ADJOIN(MODULE_NAME,C_UnwrapKey),
+__ADJOIN(MODULE_NAME,C_DeriveKey),
+__ADJOIN(MODULE_NAME,C_SeedRandom),
+__ADJOIN(MODULE_NAME,C_GenerateRandom),
+__ADJOIN(MODULE_NAME,C_GetFunctionStatus),
+__ADJOIN(MODULE_NAME,C_CancelFunction),
+__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
+};
+
+static CK_RV CK_ENTRY
+__ADJOIN(MODULE_NAME,C_GetFunctionList)
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList
+)
+{
+ *ppFunctionList = &FunctionList;
+ return CKR_OK;
+}
+
+/* This one is always present */
+CK_RV CK_ENTRY
+C_GetFunctionList
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList
+)
+{
+ return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
+}
+
+#undef __ADJOIN
+
diff --git a/security/nss/lib/ckfw/nssckepv.h b/security/nss/lib/ckfw/nssckepv.h
new file mode 100644
index 000000000..042845d31
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckepv.h
@@ -0,0 +1,10 @@
+/* THIS IS A GENERATED FILE */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef NSSCKEPV_H
+#define NSSCKEPV_H
+
+#include "pkcs11.h"
+
+#endif /* NSSCKEPV_H */
diff --git a/security/nss/lib/ckfw/nssckft.h b/security/nss/lib/ckfw/nssckft.h
new file mode 100644
index 000000000..80ee29245
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckft.h
@@ -0,0 +1,11 @@
+/* THIS IS A GENERATED FILE */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _NSSCKFT_H_
+#define _NSSCKFT_H_ 1
+
+#include "pkcs11t.h"
+
+#endif /* _NSSCKFT_H_ */
diff --git a/security/nss/lib/ckfw/nssckfw.h b/security/nss/lib/ckfw/nssckfw.h
new file mode 100644
index 000000000..0f93eaa09
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckfw.h
@@ -0,0 +1,462 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSCKFW_H
+#define NSSCKFW_H
+
+/*
+ * nssckfw.h
+ *
+ * This file prototypes the publicly available calls of the
+ * NSS Cryptoki Framework.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+/*
+ * NSSCKFWInstance
+ *
+ * NSSCKFWInstance_GetMDInstance
+ * NSSCKFWInstance_GetArena
+ * NSSCKFWInstance_MayCreatePthreads
+ * NSSCKFWInstance_CreateMutex
+ * NSSCKFWInstance_GetConfigurationData
+ * NSSCKFWInstance_GetInitArgs
+ * NSSCKFWInstance_DestroySessionHandle
+ * NSSCKFWInstance_FindSessionHandle
+ */
+
+/*
+ * NSSCKFWInstance_GetMDInstance
+ *
+ */
+
+NSS_EXTERN NSSCKMDInstance *
+NSSCKFWInstance_GetMDInstance(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * NSSCKFWInstance_GetArena
+ *
+ */
+
+NSS_EXTERN NSSArena *
+NSSCKFWInstance_GetArena(
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWInstance_MayCreatePthreads
+ *
+ */
+
+NSS_EXTERN CK_BBOOL
+NSSCKFWInstance_MayCreatePthreads(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * NSSCKFWInstance_CreateMutex
+ *
+ */
+
+NSS_EXTERN NSSCKFWMutex *
+NSSCKFWInstance_CreateMutex(
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWInstance_GetConfigurationData
+ *
+ */
+
+NSS_EXTERN NSSUTF8 *
+NSSCKFWInstance_GetConfigurationData(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * NSSCKFWInstance_GetInitArgs
+ *
+ */
+
+NSS_EXTERN CK_C_INITIALIZE_ARGS_PTR
+NSSCKFWInstance_GetInitArgs(
+ NSSCKFWInstance *fwInstance);
+
+/*
+ * nssCKFWInstance_DestroySessionHandle
+ *
+ */
+NSS_EXTERN void
+NSSCKFWInstance_DestroySessionHandle(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * nssCKFWInstance_FindSessionHandle
+ *
+ */
+NSS_EXTERN CK_SESSION_HANDLE
+NSSCKFWInstance_FindSessionHandle(
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession);
+
+/*
+ * NSSCKFWSlot
+ *
+ * NSSCKFWSlot_GetMDSlot
+ * NSSCKFWSlot_GetFWInstance
+ * NSSCKFWSlot_GetMDInstance
+ * NSSCKFWSlot_GetSlotID
+ *
+ */
+
+/*
+ * NSSCKFWSlot_GetMDSlot
+ *
+ */
+
+NSS_EXTERN NSSCKMDSlot *
+NSSCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * NSSCKFWSlot_GetFWInstance
+ *
+ */
+
+NSS_EXTERN NSSCKFWInstance *
+NSSCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * NSSCKFWSlot_GetMDInstance
+ *
+ */
+
+NSS_EXTERN NSSCKMDInstance *
+NSSCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * NSSCKFWSlot_GetSlotID
+ *
+ */
+
+NSS_EXTERN CK_SLOT_ID
+NSSCKFWSlot_GetSlotID(
+ NSSCKFWSlot *fwSlot);
+
+/*
+ * NSSCKFWToken
+ *
+ * NSSCKFWToken_GetMDToken
+ * NSSCKFWToken_GetFWSlot
+ * NSSCKFWToken_GetMDSlot
+ * NSSCKFWToken_GetSessionState
+ *
+ */
+
+/*
+ * NSSCKFWToken_GetMDToken
+ *
+ */
+
+NSS_EXTERN NSSCKMDToken *
+NSSCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken);
+
+/*
+ * NSSCKFWToken_GetArena
+ *
+ */
+
+NSS_EXTERN NSSArena *
+NSSCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWToken_GetFWSlot
+ *
+ */
+
+NSS_EXTERN NSSCKFWSlot *
+NSSCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken);
+
+/*
+ * NSSCKFWToken_GetMDSlot
+ *
+ */
+
+NSS_EXTERN NSSCKMDSlot *
+NSSCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken);
+
+/*
+ * NSSCKFWToken_GetSessionState
+ *
+ */
+
+NSS_EXTERN CK_STATE
+NSSCKFWToken_GetSessionState(
+ NSSCKFWToken *fwToken);
+
+/*
+ * NSSCKFWMechanism
+ *
+ * NSSKCFWMechanism_GetMDMechanism
+ * NSSCKFWMechanism_GetParameter
+ *
+ */
+
+/*
+ * NSSKCFWMechanism_GetMDMechanism
+ *
+ */
+
+NSS_EXTERN NSSCKMDMechanism *
+NSSCKFWMechanism_GetMDMechanism(
+ NSSCKFWMechanism *fwMechanism);
+
+/*
+ * NSSCKFWMechanism_GetParameter
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCKFWMechanism_GetParameter(
+ NSSCKFWMechanism *fwMechanism);
+
+/*
+ * NSSCKFWSession
+ *
+ * NSSCKFWSession_GetMDSession
+ * NSSCKFWSession_GetArena
+ * NSSCKFWSession_CallNotification
+ * NSSCKFWSession_IsRWSession
+ * NSSCKFWSession_IsSO
+ * NSSCKFWSession_GetCurrentCryptoOperation
+ * NSSCKFWSession_GetFWSlot
+ *
+ */
+
+/*
+ * NSSCKFWSession_GetMDSession
+ *
+ */
+
+NSS_EXTERN NSSCKMDSession *
+NSSCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession);
+
+/*
+ * NSSCKFWSession_GetArena
+ *
+ */
+
+NSS_EXTERN NSSArena *
+NSSCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWSession_CallNotification
+ *
+ */
+
+NSS_EXTERN CK_RV
+NSSCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event);
+
+/*
+ * NSSCKFWSession_IsRWSession
+ *
+ */
+
+NSS_EXTERN CK_BBOOL
+NSSCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession);
+
+/*
+ * NSSCKFWSession_IsSO
+ *
+ */
+
+NSS_EXTERN CK_BBOOL
+NSSCKFWSession_IsSO(
+ NSSCKFWSession *fwSession);
+
+/*
+ * NSSCKFWSession_GetCurrentCryptoOperation
+ *
+ */
+
+NSS_EXTERN NSSCKFWCryptoOperation *
+NSSCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state);
+
+/*
+ * NSSCKFWSession_GetFWSlot
+ *
+ */
+
+NSS_EXTERN NSSCKFWSlot *
+NSSCKFWSession_GetFWSlot(
+ NSSCKFWSession *fwSession);
+
+/*
+ * NSSCKFWObject
+ *
+ * NSSCKFWObject_GetMDObject
+ * NSSCKFWObject_GetArena
+ * NSSCKFWObject_IsTokenObject
+ * NSSCKFWObject_GetAttributeCount
+ * NSSCKFWObject_GetAttributeTypes
+ * NSSCKFWObject_GetAttributeSize
+ * NSSCKFWObject_GetAttribute
+ * NSSCKFWObject_GetObjectSize
+ */
+
+/*
+ * NSSCKFWObject_GetMDObject
+ *
+ */
+NSS_EXTERN NSSCKMDObject *
+NSSCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject);
+
+/*
+ * NSSCKFWObject_GetArena
+ *
+ */
+NSS_EXTERN NSSArena *
+NSSCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWObject_IsTokenObject
+ *
+ */
+NSS_EXTERN CK_BBOOL
+NSSCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject);
+
+/*
+ * NSSCKFWObject_GetAttributeCount
+ *
+ */
+NSS_EXTERN CK_ULONG
+NSSCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWObject_GetAttributeTypes
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
+
+/*
+ * NSSCKFWObject_GetAttributeSize
+ *
+ */
+NSS_EXTERN CK_ULONG
+NSSCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWObject_GetAttribute
+ *
+ */
+NSS_EXTERN NSSItem *
+NSSCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWObject_GetObjectSize
+ *
+ */
+NSS_EXTERN CK_ULONG
+NSSCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError);
+
+/*
+ * NSSCKFWFindObjects
+ *
+ * NSSCKFWFindObjects_GetMDFindObjects
+ *
+ */
+
+/*
+ * NSSCKFWFindObjects_GetMDFindObjects
+ *
+ */
+
+NSS_EXTERN NSSCKMDFindObjects *
+NSSCKFWFindObjects_GetMDFindObjects(
+ NSSCKFWFindObjects *);
+
+/*
+ * NSSCKFWMutex
+ *
+ * NSSCKFWMutex_Destroy
+ * NSSCKFWMutex_Lock
+ * NSSCKFWMutex_Unlock
+ *
+ */
+
+/*
+ * NSSCKFWMutex_Destroy
+ *
+ */
+
+NSS_EXTERN CK_RV
+NSSCKFWMutex_Destroy(
+ NSSCKFWMutex *mutex);
+
+/*
+ * NSSCKFWMutex_Lock
+ *
+ */
+
+NSS_EXTERN CK_RV
+NSSCKFWMutex_Lock(
+ NSSCKFWMutex *mutex);
+
+/*
+ * NSSCKFWMutex_Unlock
+ *
+ */
+
+NSS_EXTERN CK_RV
+NSSCKFWMutex_Unlock(
+ NSSCKFWMutex *mutex);
+
+#endif /* NSSCKFW_H */
diff --git a/security/nss/lib/ckfw/nssckfwc.h b/security/nss/lib/ckfw/nssckfwc.h
new file mode 100644
index 000000000..734a67cf8
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckfwc.h
@@ -0,0 +1,879 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSCKFWC_H
+#define NSSCKFWC_H
+
+/*
+ * nssckfwc.h
+ *
+ * This file prototypes all of the NSS Cryptoki Framework "wrapper"
+ * which implement the PKCS#11 API. Technically, these are public
+ * routines (with capital "NSS" prefixes), since they are called
+ * from (generated) code within a Module using the Framework.
+ * However, they should not be called except from those generated
+ * calls. Hence, the prototypes have been split out into this file.
+ */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+#ifndef NSSCKMDT_H
+#include "nssckmdt.h"
+#endif /* NSSCKMDT_H */
+
+/*
+ * NSSCKFWC_Initialize
+ * NSSCKFWC_Finalize
+ * NSSCKFWC_GetInfo
+ * -- NSSCKFWC_GetFunctionList -- see the API insert file
+ * NSSCKFWC_GetSlotList
+ * NSSCKFWC_GetSlotInfo
+ * NSSCKFWC_GetTokenInfo
+ * NSSCKFWC_WaitForSlotEvent
+ * NSSCKFWC_GetMechanismList
+ * NSSCKFWC_GetMechanismInfo
+ * NSSCKFWC_InitToken
+ * NSSCKFWC_InitPIN
+ * NSSCKFWC_SetPIN
+ * NSSCKFWC_OpenSession
+ * NSSCKFWC_CloseSession
+ * NSSCKFWC_CloseAllSessions
+ * NSSCKFWC_GetSessionInfo
+ * NSSCKFWC_GetOperationState
+ * NSSCKFWC_SetOperationState
+ * NSSCKFWC_Login
+ * NSSCKFWC_Logout
+ * NSSCKFWC_CreateObject
+ * NSSCKFWC_CopyObject
+ * NSSCKFWC_DestroyObject
+ * NSSCKFWC_GetObjectSize
+ * NSSCKFWC_GetAttributeValue
+ * NSSCKFWC_SetAttributeValue
+ * NSSCKFWC_FindObjectsInit
+ * NSSCKFWC_FindObjects
+ * NSSCKFWC_FindObjectsFinal
+ * NSSCKFWC_EncryptInit
+ * NSSCKFWC_Encrypt
+ * NSSCKFWC_EncryptUpdate
+ * NSSCKFWC_EncryptFinal
+ * NSSCKFWC_DecryptInit
+ * NSSCKFWC_Decrypt
+ * NSSCKFWC_DecryptUpdate
+ * NSSCKFWC_DecryptFinal
+ * NSSCKFWC_DigestInit
+ * NSSCKFWC_Digest
+ * NSSCKFWC_DigestUpdate
+ * NSSCKFWC_DigestKey
+ * NSSCKFWC_DigestFinal
+ * NSSCKFWC_SignInit
+ * NSSCKFWC_Sign
+ * NSSCKFWC_SignUpdate
+ * NSSCKFWC_SignFinal
+ * NSSCKFWC_SignRecoverInit
+ * NSSCKFWC_SignRecover
+ * NSSCKFWC_VerifyInit
+ * NSSCKFWC_Verify
+ * NSSCKFWC_VerifyUpdate
+ * NSSCKFWC_VerifyFinal
+ * NSSCKFWC_VerifyRecoverInit
+ * NSSCKFWC_VerifyRecover
+ * NSSCKFWC_DigestEncryptUpdate
+ * NSSCKFWC_DecryptDigestUpdate
+ * NSSCKFWC_SignEncryptUpdate
+ * NSSCKFWC_DecryptVerifyUpdate
+ * NSSCKFWC_GenerateKey
+ * NSSCKFWC_GenerateKeyPair
+ * NSSCKFWC_WrapKey
+ * NSSCKFWC_UnwrapKey
+ * NSSCKFWC_DeriveKey
+ * NSSCKFWC_SeedRandom
+ * NSSCKFWC_GenerateRandom
+ * NSSCKFWC_GetFunctionStatus
+ * NSSCKFWC_CancelFunction
+ */
+
+/*
+ * NSSCKFWC_Initialize
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Initialize(
+ NSSCKFWInstance **pFwInstance,
+ NSSCKMDInstance *mdInstance,
+ CK_VOID_PTR pInitArgs);
+
+/*
+ * NSSCKFWC_Finalize
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Finalize(
+ NSSCKFWInstance **pFwInstance);
+
+/*
+ * NSSCKFWC_GetInfo
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_INFO_PTR pInfo);
+
+/*
+ * C_GetFunctionList is implemented entirely in the Module's file which
+ * includes the Framework API insert file. It requires no "actual"
+ * NSSCKFW routine.
+ */
+
+/*
+ * NSSCKFWC_GetSlotList
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetSlotList(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount);
+
+/*
+ * NSSCKFWC_GetSlotInfo
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetSlotInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo);
+
+/*
+ * NSSCKFWC_GetTokenInfo
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetTokenInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo);
+
+/*
+ * NSSCKFWC_WaitForSlotEvent
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved);
+
+/*
+ * NSSCKFWC_GetMechanismList
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetMechanismList(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount);
+
+/*
+ * NSSCKFWC_GetMechanismInfo
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetMechanismInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo);
+
+/*
+ * NSSCKFWC_InitToken
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_InitToken(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel);
+
+/*
+ * NSSCKFWC_InitPIN
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_InitPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen);
+
+/*
+ * NSSCKFWC_SetPIN
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SetPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen);
+
+/*
+ * NSSCKFWC_OpenSession
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_OpenSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession);
+
+/*
+ * NSSCKFWC_CloseSession
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_CloseSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * NSSCKFWC_CloseAllSessions
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_CloseAllSessions(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID);
+
+/*
+ * NSSCKFWC_GetSessionInfo
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetSessionInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo);
+
+/*
+ * NSSCKFWC_GetOperationState
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen);
+
+/*
+ * NSSCKFWC_SetOperationState
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey);
+
+/*
+ * NSSCKFWC_Login
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Login(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen);
+
+/*
+ * NSSCKFWC_Logout
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Logout(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * NSSCKFWC_CreateObject
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_CreateObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject);
+
+/*
+ * NSSCKFWC_CopyObject
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_CopyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject);
+
+/*
+ * NSSCKFWC_DestroyObject
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DestroyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject);
+
+/*
+ * NSSCKFWC_GetObjectSize
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetObjectSize(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize);
+
+/*
+ * NSSCKFWC_GetAttributeValue
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount);
+
+/*
+ * NSSCKFWC_SetAttributeValue
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount);
+
+/*
+ * NSSCKFWC_FindObjectsInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_FindObjectsInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount);
+
+/*
+ * NSSCKFWC_FindObjects
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_FindObjects(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount);
+
+/*
+ * NSSCKFWC_FindObjectsFinal
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_FindObjectsFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * NSSCKFWC_EncryptInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_EncryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_Encrypt
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Encrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen);
+
+/*
+ * NSSCKFWC_EncryptUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_EncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen);
+
+/*
+ * NSSCKFWC_EncryptFinal
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_EncryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen);
+
+/*
+ * NSSCKFWC_DecryptInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DecryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_Decrypt
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Decrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen);
+
+/*
+ * NSSCKFWC_DecryptUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DecryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen);
+
+/*
+ * NSSCKFWC_DecryptFinal
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DecryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen);
+
+/*
+ * NSSCKFWC_DigestInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DigestInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism);
+
+/*
+ * NSSCKFWC_Digest
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Digest(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen);
+
+/*
+ * NSSCKFWC_DigestUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen);
+
+/*
+ * NSSCKFWC_DigestKey
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DigestKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_DigestFinal
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DigestFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen);
+
+/*
+ * NSSCKFWC_SignInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SignInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_Sign
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Sign(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen);
+
+/*
+ * NSSCKFWC_SignUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SignUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen);
+
+/*
+ * NSSCKFWC_SignFinal
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SignFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen);
+
+/*
+ * NSSCKFWC_SignRecoverInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SignRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_SignRecover
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SignRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen);
+
+/*
+ * NSSCKFWC_VerifyInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_VerifyInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_Verify
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_Verify(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen);
+
+/*
+ * NSSCKFWC_VerifyUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_VerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen);
+
+/*
+ * NSSCKFWC_VerifyFinal
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_VerifyFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen);
+
+/*
+ * NSSCKFWC_VerifyRecoverInit
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_VerifyRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey);
+
+/*
+ * NSSCKFWC_VerifyRecover
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_VerifyRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen);
+
+/*
+ * NSSCKFWC_DigestEncryptUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DigestEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen);
+
+/*
+ * NSSCKFWC_DecryptDigestUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DecryptDigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen);
+
+/*
+ * NSSCKFWC_SignEncryptUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SignEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen);
+
+/*
+ * NSSCKFWC_DecryptVerifyUpdate
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DecryptVerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen);
+
+/*
+ * NSSCKFWC_GenerateKey
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GenerateKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey);
+
+/*
+ * NSSCKFWC_GenerateKeyPair
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GenerateKeyPair(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey);
+
+/*
+ * NSSCKFWC_WrapKey
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_WrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen);
+
+/*
+ * NSSCKFWC_UnwrapKey
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_UnwrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey);
+
+/*
+ * NSSCKFWC_DeriveKey
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_DeriveKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey);
+
+/*
+ * NSSCKFWC_SeedRandom
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_SeedRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen);
+
+/*
+ * NSSCKFWC_GenerateRandom
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GenerateRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pRandomData,
+ CK_ULONG ulRandomLen);
+
+/*
+ * NSSCKFWC_GetFunctionStatus
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_GetFunctionStatus(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+/*
+ * NSSCKFWC_CancelFunction
+ *
+ */
+NSS_EXTERN CK_RV
+NSSCKFWC_CancelFunction(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession);
+
+#endif /* NSSCKFWC_H */
diff --git a/security/nss/lib/ckfw/nssckfwt.h b/security/nss/lib/ckfw/nssckfwt.h
new file mode 100644
index 000000000..cd015d515
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckfwt.h
@@ -0,0 +1,109 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSCKFWT_H
+#define NSSCKFWT_H
+
+/*
+ * nssckfwt.h
+ *
+ * This file declares the public types used by the NSS Cryptoki Framework.
+ */
+
+/*
+ * NSSCKFWInstance
+ *
+ */
+
+struct NSSCKFWInstanceStr;
+typedef struct NSSCKFWInstanceStr NSSCKFWInstance;
+
+/*
+ * NSSCKFWSlot
+ *
+ */
+
+struct NSSCKFWSlotStr;
+typedef struct NSSCKFWSlotStr NSSCKFWSlot;
+
+/*
+ * NSSCKFWToken
+ *
+ */
+
+struct NSSCKFWTokenStr;
+typedef struct NSSCKFWTokenStr NSSCKFWToken;
+
+/*
+ * NSSCKFWMechanism
+ *
+ */
+
+struct NSSCKFWMechanismStr;
+typedef struct NSSCKFWMechanismStr NSSCKFWMechanism;
+
+/*
+ * NSSCKFWCryptoOperation
+ *
+ */
+
+struct NSSCKFWCryptoOperationStr;
+typedef struct NSSCKFWCryptoOperationStr NSSCKFWCryptoOperation;
+
+/*
+ * NSSCKFWSession
+ *
+ */
+
+struct NSSCKFWSessionStr;
+typedef struct NSSCKFWSessionStr NSSCKFWSession;
+
+/*
+ * NSSCKFWObject
+ *
+ */
+
+struct NSSCKFWObjectStr;
+typedef struct NSSCKFWObjectStr NSSCKFWObject;
+
+/*
+ * NSSCKFWFindObjects
+ *
+ */
+
+struct NSSCKFWFindObjectsStr;
+typedef struct NSSCKFWFindObjectsStr NSSCKFWFindObjects;
+
+/*
+ * NSSCKFWMutex
+ *
+ */
+
+struct NSSCKFWMutexStr;
+typedef struct NSSCKFWMutexStr NSSCKFWMutex;
+
+typedef enum {
+ SingleThreaded,
+ MultiThreaded
+} CryptokiLockingState;
+
+/* used as an index into an array, make sure it starts at '0' */
+typedef enum {
+ NSSCKFWCryptoOperationState_EncryptDecrypt = 0,
+ NSSCKFWCryptoOperationState_SignVerify,
+ NSSCKFWCryptoOperationState_Digest,
+ NSSCKFWCryptoOperationState_Max
+} NSSCKFWCryptoOperationState;
+
+typedef enum {
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationType_SignRecover,
+ NSSCKFWCryptoOperationType_VerifyRecover
+} NSSCKFWCryptoOperationType;
+
+#endif /* NSSCKFWT_H */
diff --git a/security/nss/lib/ckfw/nssckg.h b/security/nss/lib/ckfw/nssckg.h
new file mode 100644
index 000000000..bf0d43fb0
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckg.h
@@ -0,0 +1,10 @@
+/* THIS IS A GENERATED FILE */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef NSSCKG_H
+#define NSSCKG_H
+
+#include "pkcs11.h"
+
+#endif /* NSSCKG_H */
diff --git a/security/nss/lib/ckfw/nssckmdt.h b/security/nss/lib/ckfw/nssckmdt.h
new file mode 100644
index 000000000..d98f9b02a
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckmdt.h
@@ -0,0 +1,1904 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSCKMDT_H
+#define NSSCKMDT_H
+
+/*
+ * nssckmdt.h
+ *
+ * This file specifies the basic types that must be implemented by
+ * any Module using the NSS Cryptoki Framework.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#ifndef NSSCKFWT_H
+#include "nssckfwt.h"
+#endif /* NSSCKFWT_H */
+
+typedef struct NSSCKMDInstanceStr NSSCKMDInstance;
+typedef struct NSSCKMDSlotStr NSSCKMDSlot;
+typedef struct NSSCKMDTokenStr NSSCKMDToken;
+typedef struct NSSCKMDSessionStr NSSCKMDSession;
+typedef struct NSSCKMDCryptoOperationStr NSSCKMDCryptoOperation;
+typedef struct NSSCKMDFindObjectsStr NSSCKMDFindObjects;
+typedef struct NSSCKMDMechanismStr NSSCKMDMechanism;
+typedef struct NSSCKMDObjectStr NSSCKMDObject;
+
+/*
+ * NSSCKFWItem
+ *
+ * This is a structure used by modules to return object attributes.
+ * The needsFreeing bit indicates whether the object needs to be freed.
+ * If so, the framework will call the FreeAttribute function on the item
+ * after it is done using it.
+ *
+ */
+
+typedef struct {
+ PRBool needsFreeing;
+ NSSItem *item;
+} NSSCKFWItem;
+
+/*
+ * NSSCKMDInstance
+ *
+ * This is the basic handle for an instance of a PKCS#11 Module.
+ * It is returned by the Module's CreateInstance routine, and
+ * may be obtained from the corresponding NSSCKFWInstance object.
+ * It contains a pointer for use by the Module, to store any
+ * instance-related data, and it contains the EPV for a set of
+ * routines which the Module may implement for use by the Framework.
+ * Some of these routines are optional; others are mandatory.
+ */
+
+struct NSSCKMDInstanceStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework to initialize
+ * the Module. This routine is optional; if unimplemented,
+ * it won't be called. If this routine returns an error,
+ * then the initialization will fail.
+ */
+ CK_RV(PR_CALLBACK *Initialize)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSUTF8 *configurationData);
+
+ /*
+ * This routine is called when the Framework is finalizing
+ * the PKCS#11 Module. It is the last thing called before
+ * the NSSCKFWInstance's NSSArena is destroyed. This routine
+ * is optional; if unimplemented, it merely won't be called.
+ */
+ void(PR_CALLBACK *Finalize)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine gets the number of slots. This value must
+ * never change, once the instance is initialized. This
+ * routine must be implemented. It may return zero on error.
+ */
+ CK_ULONG(PR_CALLBACK *GetNSlots)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the version of the Cryptoki standard
+ * to which this Module conforms. This routine is optional;
+ * if unimplemented, the Framework uses the version to which
+ * ~it~ was implemented.
+ */
+ CK_VERSION(PR_CALLBACK *GetCryptokiVersion)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing the manufacturer ID for this Module. Only
+ * the characters completely encoded in the first thirty-
+ * two bytes are significant. This routine is optional.
+ * The string returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing a description of this Module library. Only
+ * the characters completely encoded in the first thirty-
+ * two bytes are significant. This routine is optional.
+ * The string returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetLibraryDescription)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the version of this Module library.
+ * This routine is optional; if unimplemented, the Framework
+ * will assume a Module library version of 0.1.
+ */
+ CK_VERSION(PR_CALLBACK *GetLibraryVersion)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the Module wishes to
+ * handle session objects. This routine is optional.
+ * If this routine is NULL, or if it exists but returns
+ * CK_FALSE, the Framework will assume responsibility
+ * for managing session objects.
+ */
+ CK_BBOOL(PR_CALLBACK *ModuleHandlesSessionObjects)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine stuffs pointers to NSSCKMDSlot objects into
+ * the specified array; one for each slot supported by this
+ * instance. The Framework will determine the size needed
+ * for the array by calling GetNSlots. This routine is
+ * required.
+ */
+ CK_RV(PR_CALLBACK *GetSlots)
+ (
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[]);
+
+ /*
+ * This call returns a pointer to the slot in which an event
+ * has occurred. If the block argument is CK_TRUE, the call
+ * should block until a slot event occurs; if CK_FALSE, it
+ * should check to see if an event has occurred, occurred,
+ * but return NULL (and set *pError to CK_NO_EVENT) if one
+ * hasn't. This routine is optional; if unimplemented, the
+ * Framework will assume that no event has happened. This
+ * routine may return NULL upon error.
+ */
+ NSSCKMDSlot *(PR_CALLBACK *WaitForSlotEvent)(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL block,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDSlot
+ *
+ * This is the basic handle for a PKCS#11 Module Slot. It is
+ * created by the NSSCKMDInstance->GetSlots call, and may be
+ * obtained from the Framework's corresponding NSSCKFWSlot
+ * object. It contains a pointer for use by the Module, to
+ * store any slot-related data, and it contains the EPV for
+ * a set of routines which the Module may implement for use
+ * by the Framework. Some of these routines are optional.
+ */
+
+struct NSSCKMDSlotStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called during the Framework initialization
+ * step, after the Framework Instance has obtained the list
+ * of slots (by calling NSSCKMDInstance->GetSlots). Any slot-
+ * specific initialization can be done here. This routine is
+ * optional; if unimplemented, it won't be called. Note that
+ * if this routine returns an error, the entire Framework
+ * initialization for this Module will fail.
+ */
+ CK_RV(PR_CALLBACK *Initialize)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is called when the Framework is finalizing
+ * the PKCS#11 Module. This call (for each of the slots)
+ * is the last thing called before NSSCKMDInstance->Finalize.
+ * This routine is optional; if unimplemented, it merely
+ * won't be called. Note: In the rare circumstance that
+ * the Framework initialization cannot complete (due to,
+ * for example, memory limitations), this can be called with
+ * a NULL value for fwSlot.
+ */
+ void(PR_CALLBACK *Destroy)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing a description of this slot. Only the characters
+ * completely encoded in the first sixty-four bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetSlotDescription)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing a description of the manufacturer of this slot.
+ * Only the characters completely encoded in the first thirty-
+ * two bytes are significant. This routine is optional.
+ * The string returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns CK_TRUE if a token is present in this
+ * slot. This routine is optional; if unimplemented, CK_TRUE
+ * is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetTokenPresent)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the slot supports removable
+ * tokens. This routine is optional; if unimplemented, CK_FALSE
+ * is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetRemovableDevice)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if this slot is a hardware
+ * device, or CK_FALSE if this slot is a software device. This
+ * routine is optional; if unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHardwareSlot)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version of this slot's hardware.
+ * This routine is optional; if unimplemented, the Framework
+ * will assume a hardware version of 0.1.
+ */
+ CK_VERSION(PR_CALLBACK *GetHardwareVersion)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version of this slot's firmware.
+ * This routine is optional; if unimplemented, the Framework
+ * will assume a hardware version of 0.1.
+ */
+ CK_VERSION(PR_CALLBACK *GetFirmwareVersion)
+ (
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine should return a pointer to an NSSCKMDToken
+ * object corresponding to the token in the specified slot.
+ * The NSSCKFWToken object passed in has an NSSArena
+ * available which is dedicated for this token. This routine
+ * must be implemented. This routine may return NULL upon
+ * error.
+ */
+ NSSCKMDToken *(PR_CALLBACK *GetToken)(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDToken
+ *
+ * This is the basic handle for a PKCS#11 Token. It is created by
+ * the NSSCKMDSlot->GetToken call, and may be obtained from the
+ * Framework's corresponding NSSCKFWToken object. It contains a
+ * pointer for use by the Module, to store any token-related
+ * data, and it contains the EPV for a set of routines which the
+ * Module may implement for use by the Framework. Some of these
+ * routines are optional.
+ */
+
+struct NSSCKMDTokenStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is used to prepare a Module token object for
+ * use. It is called after the NSSCKMDToken object is obtained
+ * from NSSCKMDSlot->GetToken. It is named "Setup" here because
+ * Cryptoki already defines "InitToken" to do the process of
+ * wiping out any existing state on a token and preparing it for
+ * a new use. This routine is optional; if unimplemented, it
+ * merely won't be called.
+ */
+ CK_RV(PR_CALLBACK *Setup)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is called by the Framework whenever it notices
+ * that the token object is invalid. (Typically this is when a
+ * routine indicates an error such as CKR_DEVICE_REMOVED). This
+ * call is the last thing called before the NSSArena in the
+ * corresponding NSSCKFWToken is destroyed. This routine is
+ * optional; if unimplemented, it merely won't be called.
+ */
+ void(PR_CALLBACK *Invalidate)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine initialises the token in the specified slot.
+ * This routine is optional; if unimplemented, the Framework
+ * will fail this operation with an error of CKR_DEVICE_ERROR.
+ */
+
+ CK_RV(PR_CALLBACK *InitToken)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *pin,
+ NSSUTF8 *label);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's label. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetLabel)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's manufacturer ID. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's model name. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetModel)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns a pointer to a UTF8-encoded string
+ * containing this token's serial number. Only the characters
+ * completely encoded in the first thirty-two bytes are
+ * significant. This routine is optional. The string
+ * returned is never freed; if dynamically generated,
+ * the space for it should be allocated from the NSSArena
+ * that may be obtained from the NSSCKFWInstance. This
+ * routine may return NULL upon error; however if *pError
+ * is CKR_OK, the NULL will be considered the valid response.
+ */
+ NSSUTF8 *(PR_CALLBACK *GetSerialNumber)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns CK_TRUE if the token has its own
+ * random number generator. This routine is optional; if
+ * unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHasRNG)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if this token is write-protected.
+ * This routine is optional; if unimplemented, CK_FALSE is
+ * assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetIsWriteProtected)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if this token requires a login.
+ * This routine is optional; if unimplemented, CK_FALSE is
+ * assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetLoginRequired)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the normal user's PIN on this
+ * token has been initialised. This routine is optional; if
+ * unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetUserPinInitialized)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if a successful save of a
+ * session's cryptographic operations state ~always~ contains
+ * all keys needed to restore the state of the session. This
+ * routine is optional; if unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetRestoreKeyNotNeeded)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the token has its own
+ * hardware clock. This routine is optional; if unimplemented,
+ * CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHasClockOnToken)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the token has a protected
+ * authentication path. This routine is optional; if
+ * unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetHasProtectedAuthenticationPath)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns CK_TRUE if the token supports dual
+ * cryptographic operations within a single session. This
+ * routine is optional; if unimplemented, CK_FALSE is assumed.
+ */
+ CK_BBOOL(PR_CALLBACK *GetSupportsDualCryptoOperations)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * XXX fgmr-- should we have a call to return all the flags
+ * at once, for folks who already know about Cryptoki?
+ */
+
+ /*
+ * This routine returns the maximum number of sessions that
+ * may be opened on this token. This routine is optional;
+ * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
+ * is assumed. XXX fgmr-- or CK_EFFECTIVELY_INFINITE?
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxSessionCount)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the maximum number of read/write
+ * sesisons that may be opened on this token. This routine
+ * is optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed. XXX fgmr-- or
+ * CK_EFFECTIVELY_INFINITE?
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxRwSessionCount)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the maximum PIN code length that is
+ * supported on this token. This routine is optional;
+ * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
+ * is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxPinLen)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the minimum PIN code length that is
+ * supported on this token. This routine is optional; if
+ * unimplemented, the special value CK_UNAVAILABLE_INFORMATION
+ * is assumed. XXX fgmr-- or 0?
+ */
+ CK_ULONG(PR_CALLBACK *GetMinPinLen)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the total amount of memory on the token
+ * in which public objects may be stored. This routine is
+ * optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetTotalPublicMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the amount of unused memory on the
+ * token in which public objects may be stored. This routine
+ * is optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetFreePublicMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the total amount of memory on the token
+ * in which private objects may be stored. This routine is
+ * optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetTotalPrivateMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the amount of unused memory on the
+ * token in which private objects may be stored. This routine
+ * is optional; if unimplemented, the special value
+ * CK_UNAVAILABLE_INFORMATION is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetFreePrivateMemory)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version number of this token's
+ * hardware. This routine is optional; if unimplemented,
+ * the value 0.1 is assumed.
+ */
+ CK_VERSION(PR_CALLBACK *GetHardwareVersion)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the version number of this token's
+ * firmware. This routine is optional; if unimplemented,
+ * the value 0.1 is assumed.
+ */
+ CK_VERSION(PR_CALLBACK *GetFirmwareVersion)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine stuffs the current UTC time, as obtained from
+ * the token, into the sixteen-byte buffer in the form
+ * YYYYMMDDhhmmss00. This routine need only be implemented
+ * by token which indicate that they have a real-time clock.
+ * XXX fgmr-- think about time formats.
+ */
+ CK_RV(PR_CALLBACK *GetUTCTime)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_CHAR utcTime[16]);
+
+ /*
+ * This routine creates a session on the token, and returns
+ * the corresponding NSSCKMDSession object. The value of
+ * rw will be CK_TRUE if the session is to be a read/write
+ * session, or CK_FALSE otherwise. An NSSArena dedicated to
+ * the new session is available from the specified NSSCKFWSession.
+ * This routine may return NULL upon error.
+ */
+ NSSCKMDSession *(PR_CALLBACK *OpenSession)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the number of PKCS#11 Mechanisms
+ * supported by this token. This routine is optional; if
+ * unimplemented, zero is assumed.
+ */
+ CK_ULONG(PR_CALLBACK *GetMechanismCount)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine stuffs into the specified array the types
+ * of the mechanisms supported by this token. The Framework
+ * determines the size of the array by calling GetMechanismCount.
+ */
+ CK_RV(PR_CALLBACK *GetMechanismTypes)
+ (
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE types[]);
+
+ /*
+ * This routine returns a pointer to a Module mechanism
+ * object corresponding to a specified type. This routine
+ * need only exist for tokens implementing at least one
+ * mechanism.
+ */
+ NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDSession
+ *
+ * This is the basic handle for a session on a PKCS#11 Token. It
+ * is created by NSSCKMDToken->OpenSession, and may be obtained
+ * from the Framework's corresponding NSSCKFWSession object. It
+ * contains a pointer for use by the Module, to store any session-
+ * realted data, and it contains the EPV for a set of routines
+ * which the Module may implement for use by the Framework. Some
+ * of these routines are optional.
+ */
+
+struct NSSCKMDSessionStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework when a session is
+ * closed. This call is the last thing called before the
+ * NSSArena in the correspoinding NSSCKFWSession is destroyed.
+ * This routine is optional; if unimplemented, it merely won't
+ * be called.
+ */
+ void(PR_CALLBACK *Close)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to get any device-specific error.
+ * This routine is optional.
+ */
+ CK_ULONG(PR_CALLBACK *GetDeviceError)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to log in a user to the token. This
+ * routine is optional, since the Framework's NSSCKFWSession
+ * object keeps track of the login state.
+ */
+ CK_RV(PR_CALLBACK *Login)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_USER_TYPE userType,
+ NSSItem *pin,
+ CK_STATE oldState,
+ CK_STATE newState);
+
+ /*
+ * This routine is used to log out a user from the token. This
+ * routine is optional, since the Framework's NSSCKFWSession
+ * object keeps track of the login state.
+ */
+ CK_RV(PR_CALLBACK *Logout)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_STATE oldState,
+ CK_STATE newState);
+
+ /*
+ * This routine is used to initialize the normal user's PIN or
+ * password. This will only be called in the "read/write
+ * security officer functions" state. If this token has a
+ * protected authentication path, then the pin argument will
+ * be NULL. This routine is optional; if unimplemented, the
+ * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
+ */
+ CK_RV(PR_CALLBACK *InitPIN)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *pin);
+
+ /*
+ * This routine is used to modify a user's PIN or password. This
+ * routine will only be called in the "read/write security officer
+ * functions" or "read/write user functions" state. If this token
+ * has a protected authentication path, then the pin arguments
+ * will be NULL. This routine is optional; if unimplemented, the
+ * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
+ */
+ CK_RV(PR_CALLBACK *SetPIN)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *oldPin,
+ NSSItem *newPin);
+
+ /*
+ * This routine is used to find out how much space would be required
+ * to save the current operational state. This routine is optional;
+ * if unimplemented, the Framework will reject any attempts to save
+ * the operational state with the error CKR_STATE_UNSAVEABLE. This
+ * routine may return zero on error.
+ */
+ CK_ULONG(PR_CALLBACK *GetOperationStateLen)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine is used to store the current operational state. This
+ * routine is only required if GetOperationStateLen is implemented
+ * and can return a nonzero value. The buffer in the specified item
+ * will be pre-allocated, and the length will specify the amount of
+ * space available (which may be more than GetOperationStateLen
+ * asked for, but which will not be smaller).
+ */
+ CK_RV(PR_CALLBACK *GetOperationState)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *buffer);
+
+ /*
+ * This routine is used to restore an operational state previously
+ * obtained with GetOperationState. The Framework will take pains
+ * to be sure that the state is (or was at one point) valid; if the
+ * Module notices that the state is invalid, it should return an
+ * error, but it is not required to be paranoid about the issue.
+ * [XXX fgmr-- should (can?) the framework verify the keys match up?]
+ * This routine is required only if GetOperationState is implemented.
+ */
+ CK_RV(PR_CALLBACK *SetOperationState)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *state,
+ NSSCKMDObject *mdEncryptionKey,
+ NSSCKFWObject *fwEncryptionKey,
+ NSSCKMDObject *mdAuthenticationKey,
+ NSSCKFWObject *fwAuthenticationKey);
+
+ /*
+ * This routine is used to create an object. The specified template
+ * will only specify a session object if the Module has indicated
+ * that it wishes to handle its own session objects. This routine
+ * is optional; if unimplemented, the Framework will reject the
+ * operation with the error CKR_TOKEN_WRITE_PROTECTED. Space for
+ * token objects should come from the NSSArena available from the
+ * NSSCKFWToken object; space for session objects (if supported)
+ * should come from the NSSArena available from the NSSCKFWSession
+ * object. The appropriate NSSArena pointer will, as a convenience,
+ * be passed as the handyArenaPointer argument. This routine may
+ * return NULL upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *CreateObject)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *handyArenaPointer,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine is used to make a copy of an object. It is entirely
+ * optional; if unimplemented, the Framework will try to use
+ * CreateObject instead. If the Module has indicated that it does
+ * not wish to handle session objects, then this routine will only
+ * be called to copy a token object to another token object.
+ * Otherwise, either the original object or the new may be of
+ * either the token or session variety. As with CreateObject, the
+ * handyArenaPointer will point to the appropriate arena for the
+ * new object. This routine may return NULL upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *CopyObject)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdOldObject,
+ NSSCKFWObject *fwOldObject,
+ NSSArena *handyArenaPointer,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine is used to begin an object search. This routine may
+ * be unimplemented only if the Module does not handle session
+ * objects, and if none of its tokens have token objects. The
+ * NSSCKFWFindObjects pointer has an NSSArena that may be used for
+ * storage for the life of this "find" operation. This routine may
+ * return NULL upon error. If the Module can determine immediately
+ * that the search will not find any matching objects, it may return
+ * NULL, and specify CKR_OK as the error.
+ */
+ NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine seeds the random-number generator. It is
+ * optional, even if GetRandom is implemented. If unimplemented,
+ * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED.
+ */
+ CK_RV(PR_CALLBACK *SeedRandom)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *seed);
+
+ /*
+ * This routine gets random data. It is optional. If unimplemented,
+ * the Framework will issue the error CKR_RANDOM_NO_RNG.
+ */
+ CK_RV(PR_CALLBACK *GetRandom)
+ (
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *buffer);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDFindObjects
+ *
+ * This is the basic handle for an object search. It is
+ * created by NSSCKMDSession->FindObjectsInit, and may be
+ * obtained from the Framework's corresponding object.
+ * It contains a pointer for use by the Module, to store
+ * any search-related data, and it contains the EPV for a
+ * set of routines which the Module may implement for use
+ * by the Framework. Some of these routines are optional.
+ */
+
+struct NSSCKMDFindObjectsStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework to finish a
+ * search operation. Note that the Framework may finish
+ * a search before it has completed. This routine is
+ * optional; if unimplemented, it merely won't be called.
+ */
+ void(PR_CALLBACK *Final)(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to obtain another pointer to an
+ * object matching the search criteria. This routine is
+ * required. If no (more) objects match the search, it
+ * should return NULL and set the error to CKR_OK.
+ */
+ NSSCKMDObject *(PR_CALLBACK *Next)(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDCryptoOperaion
+ *
+ * This is the basic handle for an encryption, decryption,
+ * sign, verify, or hash opertion.
+ * created by NSSCKMDMechanism->XXXXInit, and may be
+ * obtained from the Framework's corresponding object.
+ * It contains a pointer for use by the Module, to store
+ * any intermediate data, and it contains the EPV for a
+ * set of routines which the Module may implement for use
+ * by the Framework. Some of these routines are optional.
+ */
+
+struct NSSCKMDCryptoOperationStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework clean up the mdCryptoOperation
+ * structure.
+ * This routine is optional; if unimplemented, it will be ignored.
+ */
+ void(PR_CALLBACK *Destroy)(
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * how many bytes do we need to finish this buffer?
+ * must be implemented if Final is implemented.
+ */
+ CK_ULONG(PR_CALLBACK *GetFinalLength)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * how many bytes do we need to complete the next operation.
+ * used in both Update and UpdateFinal.
+ */
+ CK_ULONG(PR_CALLBACK *GetOperationLength)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ CK_RV *pError);
+
+ /*
+ * This routine is called by the Framework to finish a
+ * search operation. Note that the Framework may finish
+ * a search before it has completed. This routine is
+ * optional; if unimplemented, it merely won't be called.
+ * The respective final call with fail with CKR_FUNCTION_FAILED
+ * Final should not free the mdCryptoOperation.
+ */
+ CK_RV(PR_CALLBACK *Final)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSItem *outputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete the
+ * next step in an encryption/decryption operation.
+ * This routine is optional; if unimplemented, the respective
+ * update call with fail with CKR_FUNCTION_FAILED.
+ * Update should not be implemented for signing/verification/digest
+ * mechanisms.
+ */
+ CK_RV(PR_CALLBACK *Update)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete the
+ * next step in a signing/verification/digest operation.
+ * This routine is optional; if unimplemented, the respective
+ * update call with fail with CKR_FUNCTION_FAILED
+ * Update should not be implemented for encryption/decryption
+ * mechanisms.
+ */
+ CK_RV(PR_CALLBACK *DigestUpdate)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete a
+ * single step operation. This routine is optional; if unimplemented,
+ * the framework will use the Update and Final functions to complete
+ * the operation.
+ */
+ CK_RV(PR_CALLBACK *UpdateFinal)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+ /*
+ * This routine is called by the Framework to complete next
+ * step in a combined operation. The Decrypt/Encrypt mechanism
+ * should define and drive the combo step.
+ * This routine is optional; if unimplemented,
+ * the framework will use the appropriate Update functions to complete
+ * the operation.
+ */
+ CK_RV(PR_CALLBACK *UpdateCombo)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDCryptoOperation *mdPeerCryptoOperation,
+ NSSCKFWCryptoOperation *fwPeerCryptoOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *inputBuffer,
+ NSSItem *outputBuffer);
+
+ /*
+ * Hash a key directly into the digest
+ */
+ CK_RV(PR_CALLBACK *DigestKey)
+ (
+ NSSCKMDCryptoOperation *mdCryptoOperation,
+ NSSCKFWCryptoOperation *fwCryptoOperation,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDMechanism
+ *
+ */
+
+struct NSSCKMDMechanismStr {
+ /*
+ * The Module may use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This also frees the fwMechanism if appropriate.
+ * If it is not supplied, the Framework will assume that the Token
+ * Manages a static list of mechanisms and the function will not be called.
+ */
+ void(PR_CALLBACK *Destroy)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the minimum key size allowed for
+ * this mechanism. This routine is optional; if unimplemented,
+ * zero will be assumed. This routine may return zero on
+ * error; if the error is CKR_OK, zero will be accepted as
+ * a valid response.
+ */
+ CK_ULONG(PR_CALLBACK *GetMinKeySize)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine returns the maximum key size allowed for
+ * this mechanism. This routine is optional; if unimplemented,
+ * zero will be assumed. This routine may return zero on
+ * error; if the error is CKR_OK, zero will be accepted as
+ * a valid response.
+ */
+ CK_ULONG(PR_CALLBACK *GetMaxKeySize)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine is called to determine if the mechanism is
+ * implemented in hardware or software. It returns CK_TRUE
+ * if it is done in hardware.
+ */
+ CK_BBOOL(PR_CALLBACK *GetInHardware)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * The crypto routines themselves. Most crypto operations may
+ * be performed in two ways, streaming and single-part. The
+ * streaming operations involve the use of (typically) three
+ * calls-- an Init method to set up the operation, an Update
+ * method to feed data to the operation, and a Final method to
+ * obtain the final result. Single-part operations involve
+ * one method, to perform the crypto operation all at once.
+ *
+ * The NSS Cryptoki Framework can implement the single-part
+ * operations in terms of the streaming operations on behalf
+ * of the Module. There are a few variances.
+ *
+ * Only the Init Functions are defined by the mechanism. Each
+ * init function will return a NSSCKFWCryptoOperation which
+ * can supply update, final, the single part updateFinal, and
+ * the combo updateCombo functions.
+ *
+ * For simplicity, the routines are listed in summary here:
+ *
+ * EncryptInit,
+ * DecryptInit,
+ * DigestInit,
+ * SignInit,
+ * SignRecoverInit;
+ * VerifyInit,
+ * VerifyRecoverInit;
+ *
+ * The key-management routines are
+ *
+ * GenerateKey
+ * GenerateKeyPair
+ * WrapKey
+ * UnwrapKey
+ * DeriveKey
+ *
+ * All of these routines based on the Cryptoki API;
+ * see PKCS#11 for further information.
+ */
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *EncryptInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *DecryptInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *DigestInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *SignInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *VerifyInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *SignRecoverInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ */
+ NSSCKMDCryptoOperation *(PR_CALLBACK *VerifyRecoverInit)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError);
+
+ /*
+ * Key management operations.
+ */
+
+ /*
+ * This routine generates a key. This routine may return NULL
+ * upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *GenerateKey)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine generates a key pair.
+ */
+ CK_RV(PR_CALLBACK *GenerateKeyPair)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ NSSCKMDObject **pPublicKey,
+ NSSCKMDObject **pPrivateKey);
+
+ /*
+ * This routine wraps a key.
+ */
+ CK_ULONG(PR_CALLBACK *GetWrapKeyLength)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdWrappingKey,
+ NSSCKFWObject *fwWrappingKey,
+ NSSCKMDObject *mdWrappedKey,
+ NSSCKFWObject *fwWrappedKey,
+ CK_RV *pError);
+
+ /*
+ * This routine wraps a key.
+ */
+ CK_RV(PR_CALLBACK *WrapKey)
+ (
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdWrappingKey,
+ NSSCKFWObject *fwWrappingKey,
+ NSSCKMDObject *mdKeyObject,
+ NSSCKFWObject *fwKeyObject,
+ NSSItem *wrappedKey);
+
+ /*
+ * This routine unwraps a key. This routine may return NULL
+ * upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *UnwrapKey)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdWrappingKey,
+ NSSCKFWObject *fwWrappingKey,
+ NSSItem *wrappedKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This routine derives a key. This routine may return NULL
+ * upon error.
+ */
+ NSSCKMDObject *(PR_CALLBACK *DeriveKey)(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM_PTR pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdBaseKey,
+ NSSCKFWObject *fwBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+/*
+ * NSSCKMDObject
+ *
+ * This is the basic handle for any object used by a PKCS#11 Module.
+ * Modules must implement it if they support their own objects, and
+ * the Framework supports it for Modules that do not handle session
+ * objects. This type contains a pointer for use by the implementor,
+ * to store any object-specific data, and it contains an EPV for a
+ * set of routines used to access the object.
+ */
+
+struct NSSCKMDObjectStr {
+ /*
+ * The implementation my use this pointer for its own purposes.
+ */
+ void *etc;
+
+ /*
+ * This routine is called by the Framework when it is letting
+ * go of an object handle. It can be used by the Module to
+ * free any resources tied up by an object "in use." It is
+ * optional.
+ */
+ void(PR_CALLBACK *Finalize)(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine is used to completely destroy an object.
+ * It is optional. The parameter fwObject might be NULL
+ * if the framework runs out of memory at the wrong moment.
+ */
+ CK_RV(PR_CALLBACK *Destroy)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This helper routine is used by the Framework, and is especially
+ * useful when it is managing session objects on behalf of the
+ * Module. This routine is optional; if unimplemented, the
+ * Framework will actually look up the CKA_TOKEN attribute. In the
+ * event of an error, just make something up-- the Framework will
+ * find out soon enough anyway.
+ */
+ CK_BBOOL(PR_CALLBACK *IsTokenObject)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+ /*
+ * This routine returns the number of attributes of which this
+ * object consists. It is mandatory. It can return zero on
+ * error.
+ */
+ CK_ULONG(PR_CALLBACK *GetAttributeCount)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This routine stuffs the attribute types into the provided array.
+ * The array size (as obtained from GetAttributeCount) is passed in
+ * as a check; return CKR_BUFFER_TOO_SMALL if the count is wrong
+ * (either too big or too small).
+ */
+ CK_RV(PR_CALLBACK *GetAttributeTypes)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
+
+ /*
+ * This routine returns the size (in bytes) of the specified
+ * attribute. It can return zero on error.
+ */
+ CK_ULONG(PR_CALLBACK *GetAttributeSize)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+ /*
+ * This routine returns an NSSCKFWItem structure.
+ * The item pointer points to an NSSItem containing the attribute value.
+ * The needsFreeing bit tells the framework whether to call the
+ * FreeAttribute function . Upon error, an NSSCKFWItem structure
+ * with a NULL NSSItem item pointer will be returned
+ */
+ NSSCKFWItem(PR_CALLBACK *GetAttribute)(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+ /*
+ * This routine returns CKR_OK if the attribute could be freed.
+ */
+ CK_RV(PR_CALLBACK *FreeAttribute)
+ (
+ NSSCKFWItem *item);
+
+ /*
+ * This routine changes the specified attribute. If unimplemented,
+ * the object will be considered read-only.
+ */
+ CK_RV(PR_CALLBACK *SetAttribute)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value);
+
+ /*
+ * This routine returns the storage requirements of this object,
+ * in bytes. Cryptoki doesn't strictly define the definition,
+ * but it should relate to the values returned by the "Get Memory"
+ * routines of the NSSCKMDToken. This routine is optional; if
+ * unimplemented, the Framework will consider this information
+ * sensitive. This routine may return zero on error. If the
+ * specified error is CKR_OK, zero will be accepted as a valid
+ * response.
+ */
+ CK_ULONG(PR_CALLBACK *GetObjectSize)
+ (
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+ /*
+ * This object may be extended in future versions of the
+ * NSS Cryptoki Framework. To allow for some flexibility
+ * in the area of binary compatibility, this field should
+ * be NULL.
+ */
+ void *null;
+};
+
+#endif /* NSSCKMDT_H */
diff --git a/security/nss/lib/ckfw/nssckt.h b/security/nss/lib/ckfw/nssckt.h
new file mode 100644
index 000000000..b50a88f7b
--- /dev/null
+++ b/security/nss/lib/ckfw/nssckt.h
@@ -0,0 +1,12 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _NSSCKT_H_
+#define _NSSCKT_H_ 1
+
+#include "pkcs11t.h"
+
+typedef CK_ATTRIBUTE_TYPE CK_PTR CK_ATTRIBUTE_TYPE_PTR;
+#define CK_ENTRY
+
+#endif /* _NSSCKT_H_ */
diff --git a/security/nss/lib/ckfw/nssmkey/Makefile b/security/nss/lib/ckfw/nssmkey/Makefile
new file mode 100644
index 000000000..e630e84b0
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/Makefile
@@ -0,0 +1,72 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+
+EXTRA_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
+ $(NULL)
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+ifdef NS_USE_GCC
+EXTRA_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+else
+EXTRA_SHARED_LIBS += \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+else
+
+EXTRA_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ -framework Security \
+ -framework CoreServices \
+ $(NULL)
+endif
+
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+# Generate certdata.c.
+generate:
+ perl certdata.perl < certdata.txt
+
+# This'll need some help from a build person.
+
+
+ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
+DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
+EXTRA_DSO_LDOPTS = -lc
+MKSHLIB = xlC $(DSO_LDOPTS)
+
+$(SHARED_LIBRARY): $(OBJS)
+ @$(MAKE_OBJDIR)
+ rm -f $@
+ $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
+ chmod +x $@
+
+endif
+
+ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
+LD += -G
+endif
+
+
diff --git a/security/nss/lib/ckfw/nssmkey/README b/security/nss/lib/ckfw/nssmkey/README
new file mode 100644
index 000000000..c060d9c3c
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/README
@@ -0,0 +1,21 @@
+This Cryptoki module provides acces to certs and keys stored in
+Macintosh key Ring.
+
+- It does not yet export PKCS #12 keys. To get this to work should be
+ implemented using exporting the key object in PKCS #8 wrapped format.
+ PSM work needs to happen before this can be completed.
+- It does not import or export CA Root trust from the mac keychain.
+- It does not handle S/MIME objects (pkcs #7 in mac keychain terms?).
+- The AuthRoots don't show up on the default list.
+- Only RSA keys are supported currently.
+
+There are a number of things that have not been tested that other PKCS #11
+apps may need:
+- reading Modulus and Public Exponents from private keys and public keys.
+- storing public keys.
+- setting attributes other than CKA_ID and CKA_LABEL.
+
+Other TODOs:
+- Check for and plug memory leaks.
+- Need to map mac errors into something more intellegible than
+ CKR_GENERAL_ERROR.
diff --git a/security/nss/lib/ckfw/nssmkey/ckmk.h b/security/nss/lib/ckfw/nssmkey/ckmk.h
new file mode 100644
index 000000000..4f3ab82d7
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/ckmk.h
@@ -0,0 +1,182 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKMK_H
+#define CKMK_H 1
+
+#include <Security/SecKeychainSearch.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/SecKeychain.h>
+#include <Security/cssmtype.h>
+#include <Security/cssmapi.h>
+#include <Security/SecKey.h>
+#include <Security/SecCertificate.h>
+
+#define NTO
+
+#include "nssckmdt.h"
+#include "nssckfw.h"
+/*
+ * I'm including this for access to the arena functions.
+ * Looks like we should publish that API.
+ */
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+/*
+ * This is where the Netscape extensions live, at least for now.
+ */
+#ifndef CKT_H
+#include "ckt.h"
+#endif /* CKT_H */
+
+/*
+ * statically defined raw objects. Allows us to data description objects
+ * to this PKCS #11 module.
+ */
+struct ckmkRawObjectStr {
+ CK_ULONG n;
+ const CK_ATTRIBUTE_TYPE *types;
+ const NSSItem *items;
+};
+typedef struct ckmkRawObjectStr ckmkRawObject;
+
+/*
+ * Key/Cert Items
+ */
+struct ckmkItemObjectStr {
+ SecKeychainItemRef itemRef;
+ SecItemClass itemClass;
+ PRBool hasID;
+ NSSItem modify;
+ NSSItem private;
+ NSSItem encrypt;
+ NSSItem decrypt;
+ NSSItem derive;
+ NSSItem sign;
+ NSSItem signRecover;
+ NSSItem verify;
+ NSSItem verifyRecover;
+ NSSItem wrap;
+ NSSItem unwrap;
+ NSSItem label;
+ NSSItem subject;
+ NSSItem issuer;
+ NSSItem serial;
+ NSSItem derCert;
+ NSSItem id;
+ NSSItem modulus;
+ NSSItem exponent;
+ NSSItem privateExponent;
+ NSSItem prime1;
+ NSSItem prime2;
+ NSSItem exponent1;
+ NSSItem exponent2;
+ NSSItem coefficient;
+};
+typedef struct ckmkItemObjectStr ckmkItemObject;
+
+typedef enum {
+ ckmkRaw,
+ ckmkItem,
+} ckmkObjectType;
+
+/*
+ * all the various types of objects are abstracted away in cobject and
+ * cfind as ckmkInternalObjects.
+ */
+struct ckmkInternalObjectStr {
+ ckmkObjectType type;
+ union {
+ ckmkRawObject raw;
+ ckmkItemObject item;
+ } u;
+ CK_OBJECT_CLASS objClass;
+ NSSItem hashKey;
+ unsigned char hashKeyData[128];
+ NSSCKMDObject mdObject;
+};
+typedef struct ckmkInternalObjectStr ckmkInternalObject;
+
+/* our raw object data array */
+NSS_EXTERN_DATA ckmkInternalObject nss_ckmk_data[];
+NSS_EXTERN_DATA const PRUint32 nss_ckmk_nObjects;
+
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_CryptokiVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_ManufacturerID;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_LibraryDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_LibraryVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_SlotDescription;
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_HardwareVersion;
+NSS_EXTERN_DATA const CK_VERSION nss_ckmk_FirmwareVersion;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenLabel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenModel;
+NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenSerialNumber;
+
+NSS_EXTERN_DATA const NSSCKMDInstance nss_ckmk_mdInstance;
+NSS_EXTERN_DATA const NSSCKMDSlot nss_ckmk_mdSlot;
+NSS_EXTERN_DATA const NSSCKMDToken nss_ckmk_mdToken;
+NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckmk_mdMechanismRSA;
+
+NSS_EXTERN NSSCKMDSession *
+nss_ckmk_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDFindObjects *
+nss_ckmk_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+/*
+ * Object Utilities
+ */
+NSS_EXTERN NSSCKMDObject *
+nss_ckmk_CreateMDObject(
+ NSSArena *arena,
+ ckmkInternalObject *io,
+ CK_RV *pError);
+
+NSS_EXTERN NSSCKMDObject *
+nss_ckmk_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError);
+
+NSS_EXTERN const NSSItem *
+nss_ckmk_FetchAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError);
+
+NSS_EXTERN void
+nss_ckmk_DestroyInternalObject(
+ ckmkInternalObject *io);
+
+unsigned char *
+nss_ckmk_DERUnwrap(
+ unsigned char *src,
+ int size,
+ int *outSize,
+ unsigned char **next);
+
+CK_ULONG
+nss_ckmk_GetULongAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError);
+
+#define NSS_CKMK_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0])))
+
+#ifdef DEBUG
+#define CKMK_MACERR(str, err) cssmPerror(str, err)
+#else
+#define CKMK_MACERR(str, err)
+#endif
+
+#endif
diff --git a/security/nss/lib/ckfw/nssmkey/ckmkver.c b/security/nss/lib/ckfw/nssmkey/ckmkver.c
new file mode 100644
index 000000000..2b99f1e22
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/ckmkver.c
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* Library identity and versioning */
+
+#include "nssmkey.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_ckmk_version[] = "Version: NSS Access to the MAC OS X Key Ring " NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/ckfw/nssmkey/config.mk b/security/nss/lib/ckfw/nssmkey/config.mk
new file mode 100644
index 000000000..709691067
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/config.mk
@@ -0,0 +1,24 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef BUILD_IDG
+DEFINES += -DNSSDEBUG
+endif
+
+ifdef NS_USE_CKFW_TRACE
+DEFINES += -DTRACE
+endif
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+
diff --git a/security/nss/lib/ckfw/nssmkey/manchor.c b/security/nss/lib/ckfw/nssmkey/manchor.c
new file mode 100644
index 000000000..3b8bc2dbb
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/manchor.c
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * nssmkey/manchor.c
+ *
+ * This file "anchors" the actual cryptoki entry points in this module's
+ * shared library, which is required for dynamic loading. See the
+ * comments in nssck.api for more information.
+ */
+
+#include "ckmk.h"
+
+#define MODULE_NAME ckmk
+#define INSTANCE_NAME (NSSCKMDInstance *)&nss_ckmk_mdInstance
+#include "nssck.api"
diff --git a/security/nss/lib/ckfw/nssmkey/manifest.mn b/security/nss/lib/ckfw/nssmkey/manifest.mn
new file mode 100644
index 000000000..036d9bc3f
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/manifest.mn
@@ -0,0 +1,33 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../../../..
+
+MODULE = nss
+MAPFILE = $(OBJDIR)/nssmkey.def
+
+EXPORTS = \
+ nssmkey.h \
+ $(NULL)
+
+CSRCS = \
+ manchor.c \
+ mconstants.c \
+ mfind.c \
+ minst.c \
+ mobject.c \
+ mrsa.c \
+ msession.c \
+ mslot.c \
+ mtoken.c \
+ ckmkver.c \
+ staticobj.c \
+ $(NULL)
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nssmkey
+
+#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/nssmkey/mconstants.c b/security/nss/lib/ckfw/nssmkey/mconstants.c
new file mode 100644
index 000000000..c26298ada
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/mconstants.c
@@ -0,0 +1,61 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * nssmkey/constants.c
+ *
+ * Identification and other constants, all collected here in one place.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSCKT_H
+#include "nssckt.h"
+#endif /* NSSCKT_H */
+
+#include "nssmkey.h"
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckmk_CryptokiVersion = {
+ NSS_CKMK_CRYPTOKI_VERSION_MAJOR,
+ NSS_CKMK_CRYPTOKI_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckmk_ManufacturerID = (NSSUTF8 *)"Mozilla Foundation";
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckmk_LibraryDescription = (NSSUTF8 *)"NSS Access to Mac OS X Key Ring";
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckmk_LibraryVersion = {
+ NSS_CKMK_LIBRARY_VERSION_MAJOR,
+ NSS_CKMK_LIBRARY_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckmk_SlotDescription = (NSSUTF8 *)"Mac OS X Key Ring";
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckmk_HardwareVersion = {
+ NSS_CKMK_HARDWARE_VERSION_MAJOR,
+ NSS_CKMK_HARDWARE_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const CK_VERSION
+ nss_ckmk_FirmwareVersion = {
+ NSS_CKMK_FIRMWARE_VERSION_MAJOR,
+ NSS_CKMK_FIRMWARE_VERSION_MINOR
+ };
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckmk_TokenLabel = (NSSUTF8 *)"Mac OS X Key Ring";
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckmk_TokenModel = (NSSUTF8 *)"1";
+
+NSS_IMPLEMENT_DATA const NSSUTF8 *
+ nss_ckmk_TokenSerialNumber = (NSSUTF8 *)"1";
diff --git a/security/nss/lib/ckfw/nssmkey/mfind.c b/security/nss/lib/ckfw/nssmkey/mfind.c
new file mode 100644
index 000000000..d193a8de7
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/mfind.c
@@ -0,0 +1,352 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKMK_H
+#include "ckmk.h"
+#endif /* CKMK_H */
+
+/*
+ * nssmkey/mfind.c
+ *
+ * This file implements the NSSCKMDFindObjects object for the
+ * "nssmkey" cryptoki module.
+ */
+
+struct ckmkFOStr {
+ NSSArena *arena;
+ CK_ULONG n;
+ CK_ULONG i;
+ ckmkInternalObject **objs;
+};
+
+static void
+ckmk_mdFindObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc;
+ NSSArena *arena = fo->arena;
+ PRUint32 i;
+
+ /* walk down an free the unused 'objs' */
+ for (i = fo->i; i < fo->n; i++) {
+ nss_ckmk_DestroyInternalObject(fo->objs[i]);
+ }
+
+ nss_ZFreeIf(fo->objs);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(mdFindObjects);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+
+ return;
+}
+
+static NSSCKMDObject *
+ckmk_mdFindObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc;
+ ckmkInternalObject *io;
+
+ if (fo->i == fo->n) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ io = fo->objs[fo->i];
+ fo->i++;
+
+ return nss_ckmk_CreateMDObject(arena, io, pError);
+}
+
+static CK_BBOOL
+ckmk_attrmatch(
+ CK_ATTRIBUTE_PTR a,
+ ckmkInternalObject *o)
+{
+ PRBool prb;
+ const NSSItem *b;
+ CK_RV error;
+
+ b = nss_ckmk_FetchAttribute(o, a->type, &error);
+ if (b == NULL) {
+ return CK_FALSE;
+ }
+
+ if (a->ulValueLen != b->size) {
+ /* match a decoded serial number */
+ if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
+ int len;
+ unsigned char *data;
+
+ data = nss_ckmk_DERUnwrap(b->data, b->size, &len, NULL);
+ if ((len == a->ulValueLen) &&
+ nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ }
+ }
+ return CK_FALSE;
+ }
+
+ prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
+
+ if (PR_TRUE == prb) {
+ return CK_TRUE;
+ } else {
+ return CK_FALSE;
+ }
+}
+
+static CK_BBOOL
+ckmk_match(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckmkInternalObject *o)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CK_FALSE == ckmk_attrmatch(&pTemplate[i], o)) {
+ return CK_FALSE;
+ }
+ }
+
+ /* Every attribute passed */
+ return CK_TRUE;
+}
+
+#define CKMK_ITEM_CHUNK 20
+
+#define PUT_OBJECT(obj, err, size, count, list) \
+ { \
+ if (count >= size) { \
+ (list) = (list) ? nss_ZREALLOCARRAY(list, ckmkInternalObject *, \
+ ((size) + \
+ CKMK_ITEM_CHUNK)) \
+ : nss_ZNEWARRAY(NULL, ckmkInternalObject *, \
+ ((size) + \
+ CKMK_ITEM_CHUNK)); \
+ if ((ckmkInternalObject **)NULL == list) { \
+ err = CKR_HOST_MEMORY; \
+ goto loser; \
+ } \
+ (size) += CKMK_ITEM_CHUNK; \
+ } \
+ (list)[count] = (obj); \
+ count++; \
+ }
+
+/* find all the certs that represent the appropriate object (cert, priv key, or
+ * pub key) in the cert store.
+ */
+static PRUint32
+collect_class(
+ CK_OBJECT_CLASS objClass,
+ SecItemClass itemClass,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckmkInternalObject ***listp,
+ PRUint32 *sizep,
+ PRUint32 count,
+ CK_RV *pError)
+{
+ ckmkInternalObject *next = NULL;
+ SecKeychainSearchRef searchRef = 0;
+ SecKeychainItemRef itemRef = 0;
+ OSStatus error;
+
+ /* future, build the attribute list based on the template
+ * so we can refine the search */
+ error = SecKeychainSearchCreateFromAttributes(
+ NULL, itemClass, NULL, &searchRef);
+
+ while (noErr == SecKeychainSearchCopyNext(searchRef, &itemRef)) {
+ /* if we don't have an internal object structure, get one */
+ if ((ckmkInternalObject *)NULL == next) {
+ next = nss_ZNEW(NULL, ckmkInternalObject);
+ if ((ckmkInternalObject *)NULL == next) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+ /* fill in the relevant object data */
+ next->type = ckmkItem;
+ next->objClass = objClass;
+ next->u.item.itemRef = itemRef;
+ next->u.item.itemClass = itemClass;
+
+ /* see if this is one of the objects we are looking for */
+ if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, next)) {
+ /* yes, put it on the list */
+ PUT_OBJECT(next, *pError, *sizep, count, *listp);
+ next = NULL; /* this one is on the list, need to allocate a new one now */
+ } else {
+ /* no , release the current item and clear out the structure for reuse */
+ CFRelease(itemRef);
+ /* don't cache the values we just loaded */
+ nsslibc_memset(next, 0, sizeof(*next));
+ }
+ }
+loser:
+ if (searchRef) {
+ CFRelease(searchRef);
+ }
+ nss_ZFreeIf(next);
+ return count;
+}
+
+static PRUint32
+collect_objects(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ ckmkInternalObject ***listp,
+ CK_RV *pError)
+{
+ PRUint32 i;
+ PRUint32 count = 0;
+ PRUint32 size = 0;
+ CK_OBJECT_CLASS objClass;
+
+ /*
+ * first handle the static build in objects (if any)
+ */
+ for (i = 0; i < nss_ckmk_nObjects; i++) {
+ ckmkInternalObject *o = (ckmkInternalObject *)&nss_ckmk_data[i];
+
+ if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, o)) {
+ PUT_OBJECT(o, *pError, size, count, *listp);
+ }
+ }
+
+ /*
+ * now handle the various object types
+ */
+ objClass = nss_ckmk_GetULongAttribute(CKA_CLASS,
+ pTemplate, ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ objClass = CK_INVALID_HANDLE;
+ }
+ *pError = CKR_OK;
+ switch (objClass) {
+ case CKO_CERTIFICATE:
+ count = collect_class(objClass, kSecCertificateItemClass,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PUBLIC_KEY:
+ count = collect_class(objClass, CSSM_DL_DB_RECORD_PUBLIC_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ case CKO_PRIVATE_KEY:
+ count = collect_class(objClass, CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ /* all of them */
+ case CK_INVALID_HANDLE:
+ count = collect_class(CKO_CERTIFICATE, kSecCertificateItemClass,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PUBLIC_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ pTemplate, ulAttributeCount, listp,
+ &size, count, pError);
+ break;
+ default:
+ break;
+ }
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ return count;
+loser:
+ nss_ZFreeIf(*listp);
+ return 0;
+}
+
+NSS_IMPLEMENT NSSCKMDFindObjects *
+nss_ckmk_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ /* This could be made more efficient. I'm rather rushed. */
+ NSSArena *arena;
+ NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
+ struct ckmkFOStr *fo = (struct ckmkFOStr *)NULL;
+ ckmkInternalObject **temp = (ckmkInternalObject **)NULL;
+
+ arena = NSSArena_Create();
+ if ((NSSArena *)NULL == arena) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if ((NSSCKMDFindObjects *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo = nss_ZNEW(arena, struct ckmkFOStr);
+ if ((struct ckmkFOStr *)NULL == fo) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fo->arena = arena;
+ /* fo->n and fo->i are already zero */
+
+ rv->etc = (void *)fo;
+ rv->Final = ckmk_mdFindObjects_Final;
+ rv->Next = ckmk_mdFindObjects_Next;
+ rv->null = (void *)NULL;
+
+ fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
+ if (*pError != CKR_OK) {
+ goto loser;
+ }
+
+ fo->objs = nss_ZNEWARRAY(arena, ckmkInternalObject *, fo->n);
+ if ((ckmkInternalObject **)NULL == fo->objs) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckmkInternalObject *) * fo->n);
+ nss_ZFreeIf(temp);
+ temp = (ckmkInternalObject **)NULL;
+
+ return rv;
+
+loser:
+ nss_ZFreeIf(temp);
+ nss_ZFreeIf(fo);
+ nss_ZFreeIf(rv);
+ if ((NSSArena *)NULL != arena) {
+ NSSArena_Destroy(arena);
+ }
+ return (NSSCKMDFindObjects *)NULL;
+}
diff --git a/security/nss/lib/ckfw/nssmkey/minst.c b/security/nss/lib/ckfw/nssmkey/minst.c
new file mode 100644
index 000000000..fcb96c652
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/minst.c
@@ -0,0 +1,97 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckmk.h"
+
+/*
+ * nssmkey/minstance.c
+ *
+ * This file implements the NSSCKMDInstance object for the
+ * "nssmkey" cryptoki module.
+ */
+
+/*
+ * NSSCKMDInstance methods
+ */
+
+static CK_ULONG
+ckmk_mdInstance_GetNSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (CK_ULONG)1;
+}
+
+static CK_VERSION
+ckmk_mdInstance_GetCryptokiVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckmk_CryptokiVersion;
+}
+
+static NSSUTF8 *
+ckmk_mdInstance_GetManufacturerID(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_ManufacturerID;
+}
+
+static NSSUTF8 *
+ckmk_mdInstance_GetLibraryDescription(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_LibraryDescription;
+}
+
+static CK_VERSION
+ckmk_mdInstance_GetLibraryVersion(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckmk_LibraryVersion;
+}
+
+static CK_RV
+ckmk_mdInstance_GetSlots(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *slots[])
+{
+ slots[0] = (NSSCKMDSlot *)&nss_ckmk_mdSlot;
+ return CKR_OK;
+}
+
+static CK_BBOOL
+ckmk_mdInstance_ModuleHandlesSessionObjects(
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ /* we don't want to allow any session object creation, at least
+ * until we can investigate whether or not we can use those objects
+ */
+ return CK_TRUE;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDInstance
+ nss_ckmk_mdInstance = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Finalize */
+ ckmk_mdInstance_GetNSlots,
+ ckmk_mdInstance_GetCryptokiVersion,
+ ckmk_mdInstance_GetManufacturerID,
+ ckmk_mdInstance_GetLibraryDescription,
+ ckmk_mdInstance_GetLibraryVersion,
+ ckmk_mdInstance_ModuleHandlesSessionObjects,
+ /*NULL, /* HandleSessionObjects */
+ ckmk_mdInstance_GetSlots,
+ NULL, /* WaitForSlotEvent */
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/nssmkey/mobject.c b/security/nss/lib/ckfw/nssmkey/mobject.c
new file mode 100644
index 000000000..b19a8fdbd
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/mobject.c
@@ -0,0 +1,1861 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckmk.h"
+#include "nssbase.h"
+
+#include "secdert.h" /* for DER_INTEGER */
+#include "string.h"
+
+/* asn1 encoder (to build pkcs#8 blobs) */
+#include <seccomon.h>
+#include <secitem.h>
+#include <blapit.h>
+#include <secoid.h>
+#include <secasn1.h>
+
+/* for importing the keys */
+#include <CoreFoundation/CoreFoundation.h>
+#include <security/SecImportExport.h>
+
+/*
+ * nssmkey/mobject.c
+ *
+ * This file implements the NSSCKMDObject object for the
+ * "nssmkey" cryptoki module.
+ */
+
+const CK_ATTRIBUTE_TYPE certAttrs[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_PRIVATE,
+ CKA_MODIFIABLE,
+ CKA_LABEL,
+ CKA_CERTIFICATE_TYPE,
+ CKA_SUBJECT,
+ CKA_ISSUER,
+ CKA_SERIAL_NUMBER,
+ CKA_VALUE
+};
+const PRUint32 certAttrsCount = NSS_CKMK_ARRAY_SIZE(certAttrs);
+
+/* private keys, for now only support RSA */
+const CK_ATTRIBUTE_TYPE privKeyAttrs[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_PRIVATE,
+ CKA_MODIFIABLE,
+ CKA_LABEL,
+ CKA_KEY_TYPE,
+ CKA_DERIVE,
+ CKA_LOCAL,
+ CKA_SUBJECT,
+ CKA_SENSITIVE,
+ CKA_DECRYPT,
+ CKA_SIGN,
+ CKA_SIGN_RECOVER,
+ CKA_UNWRAP,
+ CKA_EXTRACTABLE,
+ CKA_ALWAYS_SENSITIVE,
+ CKA_NEVER_EXTRACTABLE,
+ CKA_MODULUS,
+ CKA_PUBLIC_EXPONENT,
+};
+const PRUint32 privKeyAttrsCount = NSS_CKMK_ARRAY_SIZE(privKeyAttrs);
+
+/* public keys, for now only support RSA */
+const CK_ATTRIBUTE_TYPE pubKeyAttrs[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_PRIVATE,
+ CKA_MODIFIABLE,
+ CKA_LABEL,
+ CKA_KEY_TYPE,
+ CKA_DERIVE,
+ CKA_LOCAL,
+ CKA_SUBJECT,
+ CKA_ENCRYPT,
+ CKA_VERIFY,
+ CKA_VERIFY_RECOVER,
+ CKA_WRAP,
+ CKA_MODULUS,
+ CKA_PUBLIC_EXPONENT,
+};
+const PRUint32 pubKeyAttrsCount = NSS_CKMK_ARRAY_SIZE(pubKeyAttrs);
+static const CK_BBOOL ck_true = CK_TRUE;
+static const CK_BBOOL ck_false = CK_FALSE;
+static const CK_CERTIFICATE_TYPE ckc_x509 = CKC_X_509;
+static const CK_KEY_TYPE ckk_rsa = CKK_RSA;
+static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
+static const CK_OBJECT_CLASS cko_private_key = CKO_PRIVATE_KEY;
+static const CK_OBJECT_CLASS cko_public_key = CKO_PUBLIC_KEY;
+static const NSSItem ckmk_trueItem = {
+ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckmk_falseItem = {
+ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL)
+};
+static const NSSItem ckmk_x509Item = {
+ (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE)
+};
+static const NSSItem ckmk_rsaItem = {
+ (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE)
+};
+static const NSSItem ckmk_certClassItem = {
+ (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckmk_privKeyClassItem = {
+ (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckmk_pubKeyClassItem = {
+ (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS)
+};
+static const NSSItem ckmk_emptyItem = {
+ (void *)&ck_true, 0
+};
+
+/*
+ * these are utilities. The chould be moved to a new utilities file.
+ */
+#ifdef DEBUG
+static void
+itemdump(char *str, void *data, int size, CK_RV error)
+{
+ unsigned char *ptr = (unsigned char *)data;
+ int i;
+ fprintf(stderr, str);
+ for (i = 0; i < size; i++) {
+ fprintf(stderr, "%02x ", (unsigned int)ptr[i]);
+ }
+ fprintf(stderr, " (error = %d)\n", (int)error);
+}
+#endif
+
+/*
+ * unwrap a single DER value
+ * now that we have util linked in, we should probably use
+ * the ANS1_Decoder for this work...
+ */
+unsigned char *
+nss_ckmk_DERUnwrap(
+ unsigned char *src,
+ int size,
+ int *outSize,
+ unsigned char **next)
+{
+ unsigned char *start = src;
+ unsigned int len = 0;
+
+ /* initialize error condition return values */
+ *outSize = 0;
+ if (next) {
+ *next = src;
+ }
+
+ if (size < 2) {
+ return start;
+ }
+ src++; /* skip the tag -- should check it against an expected value! */
+ len = (unsigned)*src++;
+ if (len & 0x80) {
+ int count = len & 0x7f;
+ len = 0;
+
+ if (count + 2 > size) {
+ return start;
+ }
+ while (count-- > 0) {
+ len = (len << 8) | (unsigned)*src++;
+ }
+ }
+ if (len + (src - start) > (unsigned int)size) {
+ return start;
+ }
+ if (next) {
+ *next = src + len;
+ }
+ *outSize = len;
+
+ return src;
+}
+
+/*
+ * get an attribute from a template. Value is returned in NSS item.
+ * data for the item is owned by the template.
+ */
+CK_RV
+nss_ckmk_GetAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ NSSItem *item)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < templateSize; i++) {
+ if (template[i].type == type) {
+ item->data = template[i].pValue;
+ item->size = template[i].ulValueLen;
+ return CKR_OK;
+ }
+ }
+ return CKR_TEMPLATE_INCOMPLETE;
+}
+
+/*
+ * get an attribute which is type CK_ULONG.
+ */
+CK_ULONG
+nss_ckmk_GetULongAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
+{
+ NSSItem item;
+
+ *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+ if (item.size != sizeof(CK_ULONG)) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (CK_ULONG)0;
+ }
+ return *(CK_ULONG *)item.data;
+}
+
+/*
+ * get an attribute which is type CK_BBOOL.
+ */
+CK_BBOOL
+nss_ckmk_GetBoolAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_BBOOL defaultBool)
+{
+ NSSItem item;
+ CK_RV error;
+
+ error = nss_ckmk_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != error) {
+ return defaultBool;
+ }
+ if (item.size != sizeof(CK_BBOOL)) {
+ return defaultBool;
+ }
+ return *(CK_BBOOL *)item.data;
+}
+
+/*
+ * get an attribute as a NULL terminated string. Caller is responsible to
+ * free the string.
+ */
+char *
+nss_ckmk_GetStringAttribute(
+ CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *template,
+ CK_ULONG templateSize,
+ CK_RV *pError)
+{
+ NSSItem item;
+ char *str;
+
+ /* get the attribute */
+ *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item);
+ if (CKR_OK != *pError) {
+ return (char *)NULL;
+ }
+ /* make sure it is null terminated */
+ str = nss_ZNEWARRAY(NULL, char, item.size + 1);
+ if ((char *)NULL == str) {
+ *pError = CKR_HOST_MEMORY;
+ return (char *)NULL;
+ }
+
+ nsslibc_memcpy(str, item.data, item.size);
+ str[item.size] = 0;
+
+ return str;
+}
+
+/*
+ * Apple doesn't seem to have a public interface to the DER encoder,
+ * wip out a quick one for integers only (anything more complicated,
+ * we should use one of the 3 in lib/util). -- especially since we
+ * now link with it.
+ */
+static CK_RV
+ckmk_encodeInt(NSSItem *dest, void *src, int srcLen)
+{
+ int dataLen = srcLen;
+ int lenLen = 1;
+ int encLen;
+ int isSigned = 0;
+ int offset = 0;
+ unsigned char *data = NULL;
+ int i;
+
+ if (*(unsigned char *)src & 0x80) {
+ dataLen++;
+ isSigned = 1;
+ }
+
+ /* calculate the length of the length specifier */
+ /* (NOTE: destroys dataLen value) */
+ if (dataLen > 0x7f) {
+ do {
+ lenLen++;
+ dataLen >>= 8;
+ } while (dataLen);
+ }
+
+ /* calculate our total length */
+ dataLen = isSigned + srcLen;
+ encLen = 1 + lenLen + dataLen;
+ data = nss_ZNEWARRAY(NULL, unsigned char, encLen);
+ if ((unsigned char *)NULL == data) {
+ return CKR_HOST_MEMORY;
+ }
+ data[0] = DER_INTEGER;
+ if (1 == lenLen) {
+ data[1] = dataLen;
+ } else {
+ data[1] = 0x80 + lenLen;
+ for (i = 0; i < lenLen; i++) {
+ data[i + 1] = ((dataLen >> ((lenLen -
+ i - 1) *
+ 8)) &
+ 0xff);
+ }
+ }
+ offset = lenLen + 1;
+
+ if (isSigned) {
+ data[offset++] = 0;
+ }
+ nsslibc_memcpy(&data[offset], src, srcLen);
+ dest->data = data;
+ dest->size = encLen;
+ return CKR_OK;
+}
+
+/*
+ * Get a Keyring attribute. If content is set to true, then we get the
+ * content, not the attribute.
+ */
+static CK_RV
+ckmk_GetCommonAttribute(
+ ckmkInternalObject *io,
+ SecItemAttr itemAttr,
+ PRBool content,
+ NSSItem *item,
+ char *dbString)
+{
+ SecKeychainAttributeList *attrList = NULL;
+ SecKeychainAttributeInfo attrInfo;
+ PRUint32 len = 0;
+ PRUint32 dataLen = 0;
+ PRUint32 attrFormat = 0;
+ void *dataVal = 0;
+ void *out = NULL;
+ CK_RV error = CKR_OK;
+ OSStatus macErr;
+
+ attrInfo.count = 1;
+ attrInfo.tag = &itemAttr;
+ attrInfo.format = &attrFormat;
+
+ macErr = SecKeychainItemCopyAttributesAndData(io->u.item.itemRef,
+ &attrInfo, NULL, &attrList, &len, &out);
+ if (noErr != macErr) {
+ CKMK_MACERR(dbString, macErr);
+ return CKR_ATTRIBUTE_TYPE_INVALID;
+ }
+ dataLen = content ? len : attrList->attr->length;
+ dataVal = content ? out : attrList->attr->data;
+
+ /* Apple's documentation says this value is DER Encoded, but it clearly isn't
+ * der encode it before we ship it back off to NSS
+ */
+ if (kSecSerialNumberItemAttr == itemAttr) {
+ error = ckmk_encodeInt(item, dataVal, dataLen);
+ goto loser; /* logically 'done' if error == CKR_OK */
+ }
+ item->data = nss_ZNEWARRAY(NULL, char, dataLen);
+ if (NULL == item->data) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nsslibc_memcpy(item->data, dataVal, dataLen);
+ item->size = dataLen;
+
+loser:
+ SecKeychainItemFreeAttributesAndData(attrList, out);
+ return error;
+}
+
+/*
+ * change an attribute (does not operate on the content).
+ */
+static CK_RV
+ckmk_updateAttribute(
+ SecKeychainItemRef itemRef,
+ SecItemAttr itemAttr,
+ void *data,
+ PRUint32 len,
+ char *dbString)
+{
+ SecKeychainAttributeList attrList;
+ SecKeychainAttribute attrAttr;
+ OSStatus macErr;
+ CK_RV error = CKR_OK;
+
+ attrList.count = 1;
+ attrList.attr = &attrAttr;
+ attrAttr.tag = itemAttr;
+ attrAttr.data = data;
+ attrAttr.length = len;
+ macErr = SecKeychainItemModifyAttributesAndData(itemRef, &attrList, 0, NULL);
+ if (noErr != macErr) {
+ CKMK_MACERR(dbString, macErr);
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ }
+ return error;
+}
+
+/*
+ * get an attribute (does not operate on the content)
+ */
+static CK_RV
+ckmk_GetDataAttribute(
+ ckmkInternalObject *io,
+ SecItemAttr itemAttr,
+ NSSItem *item,
+ char *dbString)
+{
+ return ckmk_GetCommonAttribute(io, itemAttr, PR_FALSE, item, dbString);
+}
+
+/*
+ * get an attribute we know is a BOOL.
+ */
+static CK_RV
+ckmk_GetBoolAttribute(
+ ckmkInternalObject *io,
+ SecItemAttr itemAttr,
+ NSSItem *item,
+ char *dbString)
+{
+ SecKeychainAttribute attr;
+ SecKeychainAttributeList attrList;
+ CK_BBOOL *boolp = NULL;
+ PRUint32 len = 0;
+ ;
+ void *out = NULL;
+ CK_RV error = CKR_OK;
+ OSStatus macErr;
+
+ attr.tag = itemAttr;
+ attr.length = 0;
+ attr.data = NULL;
+ attrList.count = 1;
+ attrList.attr = &attr;
+
+ boolp = nss_ZNEW(NULL, CK_BBOOL);
+ if ((CK_BBOOL *)NULL == boolp) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ macErr = SecKeychainItemCopyContent(io->u.item.itemRef, NULL,
+ &attrList, &len, &out);
+ if (noErr != macErr) {
+ CKMK_MACERR(dbString, macErr);
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+ if (sizeof(PRUint32) != attr.length) {
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+ *boolp = *(PRUint32 *)attr.data ? 1 : 0;
+ item->data = boolp;
+ boolp = NULL;
+ item->size = sizeof(CK_BBOOL);
+
+loser:
+ nss_ZFreeIf(boolp);
+ SecKeychainItemFreeContent(&attrList, out);
+ return error;
+}
+
+/*
+ * macros for fetching attributes into a cache and returning the
+ * appropriate value. These operate inside switch statements
+ */
+#define CKMK_HANDLE_ITEM(func, io, type, loc, item, error, str) \
+ if (0 == (item)->loc.size) { \
+ error = func(io, type, &(item)->loc, str); \
+ } \
+ return (CKR_OK == (error)) ? &(item)->loc : NULL;
+
+#define CKMK_HANDLE_OPT_ITEM(func, io, type, loc, item, error, str) \
+ if (0 == (item)->loc.size) { \
+ (void)func(io, type, &(item)->loc, str); \
+ } \
+ return &(item)->loc;
+
+#define CKMK_HANDLE_BOOL_ITEM(io, type, loc, item, error, str) \
+ CKMK_HANDLE_ITEM(ckmk_GetBoolAttribute, io, type, loc, item, error, str)
+#define CKMK_HANDLE_DATA_ITEM(io, type, loc, item, error, str) \
+ CKMK_HANDLE_ITEM(ckmk_GetDataAttribute, io, type, loc, item, error, str)
+#define CKMK_HANDLE_OPT_DATA_ITEM(io, type, loc, item, error, str) \
+ CKMK_HANDLE_OPT_ITEM(ckmk_GetDataAttribute, io, type, loc, item, error, str)
+
+/*
+ * fetch the unique identifier for each object type.
+ */
+static void
+ckmk_FetchHashKey(
+ ckmkInternalObject *io)
+{
+ NSSItem *key = &io->hashKey;
+
+ if (io->objClass == CKO_CERTIFICATE) {
+ ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr,
+ PR_TRUE, key, "Fetching HashKey (cert)");
+ } else {
+ ckmk_GetCommonAttribute(io, kSecKeyLabel,
+ PR_FALSE, key, "Fetching HashKey (key)");
+ }
+}
+
+/*
+ * Apple mucks with the actual subject and issuer, so go fetch
+ * the real ones ourselves.
+ */
+static void
+ckmk_fetchCert(
+ ckmkInternalObject *io)
+{
+ CK_RV error;
+ unsigned char *cert, *next;
+ int certSize, thisEntrySize;
+
+ error = ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, PR_TRUE,
+ &io->u.item.derCert, "Fetching Value (cert)");
+ if (CKR_OK != error) {
+ return;
+ }
+ /* unwrap the cert bundle */
+ cert = nss_ckmk_DERUnwrap((unsigned char *)io->u.item.derCert.data,
+ io->u.item.derCert.size,
+ &certSize, NULL);
+ /* unwrap the cert itself */
+ /* cert == certdata */
+ cert = nss_ckmk_DERUnwrap(cert, certSize, &certSize, NULL);
+
+ /* skip the optional version */
+ if ((cert[0] & 0xa0) == 0xa0) {
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
+ }
+ /* skip the serial number */
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
+
+ /* skip the OID */
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
+
+ /* save the (wrapped) issuer */
+ io->u.item.issuer.data = cert;
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ io->u.item.issuer.size = next - cert;
+ certSize -= io->u.item.issuer.size;
+ cert = next;
+
+ /* skip the OID */
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ certSize -= next - cert;
+ cert = next;
+
+ /* save the (wrapped) subject */
+ io->u.item.subject.data = cert;
+ nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next);
+ io->u.item.subject.size = next - cert;
+ certSize -= io->u.item.subject.size;
+ cert = next;
+}
+
+static void
+ckmk_fetchModulus(
+ ckmkInternalObject *io)
+{
+ NSSItem item;
+ PRInt32 modLen;
+ CK_RV error;
+
+ /* we can't reliably get the modulus for private keys through CSSM (sigh).
+ * For NSS this is OK because we really only use this to get the modulus
+ * length (unless we are trying to get a public key from a private keys,
+ * something CSSM ALSO does not do!).
+ */
+ error = ckmk_GetDataAttribute(io, kSecKeyKeySizeInBits, &item,
+ "Key Fetch Modulus");
+ if (CKR_OK != error) {
+ return;
+ }
+
+ modLen = *(PRInt32 *)item.data;
+ modLen = modLen / 8; /* convert from bits to bytes */
+
+ nss_ZFreeIf(item.data);
+ io->u.item.modulus.data = nss_ZNEWARRAY(NULL, char, modLen);
+ if (NULL == io->u.item.modulus.data) {
+ return;
+ }
+ *(char *)io->u.item.modulus.data = 0x80; /* fake NSS out or it will
+ * drop the first byte */
+ io->u.item.modulus.size = modLen;
+ return;
+}
+
+const NSSItem *
+ckmk_FetchCertAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
+{
+ ckmkItemObject *item = &io->u.item;
+ *pError = CKR_OK;
+ switch (type) {
+ case CKA_CLASS:
+ return &ckmk_certClassItem;
+ case CKA_TOKEN:
+ case CKA_MODIFIABLE:
+ return &ckmk_trueItem;
+ case CKA_PRIVATE:
+ return &ckmk_falseItem;
+ case CKA_CERTIFICATE_TYPE:
+ return &ckmk_x509Item;
+ case CKA_LABEL:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecLabelItemAttr, label, item, *pError,
+ "Cert:Label attr")
+ case CKA_SUBJECT:
+ /* OK, well apple does provide an subject and issuer attribute, but they
+ * decided to cannonicalize that value. Probably a good move for them,
+ * but makes it useless for most users of PKCS #11.. Get the real subject
+ * from the certificate */
+ if (0 == item->derCert.size) {
+ ckmk_fetchCert(io);
+ }
+ return &item->subject;
+ case CKA_ISSUER:
+ if (0 == item->derCert.size) {
+ ckmk_fetchCert(io);
+ }
+ return &item->issuer;
+ case CKA_SERIAL_NUMBER:
+ CKMK_HANDLE_DATA_ITEM(io, kSecSerialNumberItemAttr, serial, item, *pError,
+ "Cert:Serial Number attr")
+ case CKA_VALUE:
+ if (0 == item->derCert.size) {
+ ckmk_fetchCert(io);
+ }
+ return &item->derCert;
+ case CKA_ID:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecPublicKeyHashItemAttr, id, item, *pError,
+ "Cert:ID attr")
+ default:
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ return NULL;
+}
+
+const NSSItem *
+ckmk_FetchPubKeyAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
+{
+ ckmkItemObject *item = &io->u.item;
+ *pError = CKR_OK;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckmk_pubKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ return &ckmk_trueItem;
+ case CKA_KEY_TYPE:
+ return &ckmk_rsaItem;
+ case CKA_LABEL:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError,
+ "PubKey:Label attr")
+ case CKA_ENCRYPT:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyEncrypt, encrypt, item, *pError,
+ "PubKey:Encrypt attr")
+ case CKA_VERIFY:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerify, verify, item, *pError,
+ "PubKey:Verify attr")
+ case CKA_VERIFY_RECOVER:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerifyRecover, verifyRecover,
+ item, *pError, "PubKey:VerifyRecover attr")
+ case CKA_PRIVATE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError,
+ "PubKey:Private attr")
+ case CKA_MODIFIABLE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError,
+ "PubKey:Modify attr")
+ case CKA_DERIVE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError,
+ "PubKey:Derive attr")
+ case CKA_WRAP:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyWrap, wrap, item, *pError,
+ "PubKey:Wrap attr")
+ case CKA_SUBJECT:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError,
+ "PubKey:Subect attr")
+ case CKA_MODULUS:
+ return &ckmk_emptyItem;
+ case CKA_PUBLIC_EXPONENT:
+ return &ckmk_emptyItem;
+ case CKA_ID:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError,
+ "PubKey:ID attr")
+ default:
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ return NULL;
+}
+
+const NSSItem *
+ckmk_FetchPrivKeyAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
+{
+ ckmkItemObject *item = &io->u.item;
+ *pError = CKR_OK;
+
+ switch (type) {
+ case CKA_CLASS:
+ return &ckmk_privKeyClassItem;
+ case CKA_TOKEN:
+ case CKA_LOCAL:
+ return &ckmk_trueItem;
+ case CKA_SENSITIVE:
+ case CKA_EXTRACTABLE: /* will probably move in the future */
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_NEVER_EXTRACTABLE:
+ return &ckmk_falseItem;
+ case CKA_KEY_TYPE:
+ return &ckmk_rsaItem;
+ case CKA_LABEL:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError,
+ "PrivateKey:Label attr")
+ case CKA_DECRYPT:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDecrypt, decrypt, item, *pError,
+ "PrivateKey:Decrypt attr")
+ case CKA_SIGN:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeySign, sign, item, *pError,
+ "PrivateKey:Sign attr")
+ case CKA_SIGN_RECOVER:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeySignRecover, signRecover, item, *pError,
+ "PrivateKey:Sign Recover attr")
+ case CKA_PRIVATE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError,
+ "PrivateKey:Private attr")
+ case CKA_MODIFIABLE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError,
+ "PrivateKey:Modify attr")
+ case CKA_DERIVE:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError,
+ "PrivateKey:Derive attr")
+ case CKA_UNWRAP:
+ CKMK_HANDLE_BOOL_ITEM(io, kSecKeyUnwrap, unwrap, item, *pError,
+ "PrivateKey:Unwrap attr")
+ case CKA_SUBJECT:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError,
+ "PrivateKey:Subject attr")
+ case CKA_MODULUS:
+ if (0 == item->modulus.size) {
+ ckmk_fetchModulus(io);
+ }
+ return &item->modulus;
+ case CKA_PUBLIC_EXPONENT:
+ return &ckmk_emptyItem;
+#ifdef notdef
+ /* the following are sensitive attributes. We could implement them for
+ * sensitive keys using the key export function, but it's better to
+ * just support wrap through this token. That will more reliably allow us
+ * to export any private key that is truly exportable.
+ */
+ case CKA_PRIVATE_EXPONENT:
+ CKMK_HANDLE_DATA_ITEM(io, kSecPrivateExponentItemAttr, privateExponent,
+ item, *pError)
+ case CKA_PRIME_1:
+ CKMK_HANDLE_DATA_ITEM(io, kSecPrime1ItemAttr, prime1, item, *pError)
+ case CKA_PRIME_2:
+ CKMK_HANDLE_DATA_ITEM(io, kSecPrime2ItemAttr, prime2, item, *pError)
+ case CKA_EXPONENT_1:
+ CKMK_HANDLE_DATA_ITEM(io, kSecExponent1ItemAttr, exponent1, item, *pError)
+ case CKA_EXPONENT_2:
+ CKMK_HANDLE_DATA_ITEM(io, kSecExponent2ItemAttr, exponent2, item, *pError)
+ case CKA_COEFFICIENT:
+ CKMK_HANDLE_DATA_ITEM(io, kSecCoefficientItemAttr, coefficient,
+ item, *pError)
+#endif
+ case CKA_ID:
+ CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError,
+ "PrivateKey:ID attr")
+ default:
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return NULL;
+ }
+}
+
+const NSSItem *
+nss_ckmk_FetchAttribute(
+ ckmkInternalObject *io,
+ CK_ATTRIBUTE_TYPE type,
+ CK_RV *pError)
+{
+ CK_ULONG i;
+ const NSSItem *value = NULL;
+
+ if (io->type == ckmkRaw) {
+ for (i = 0; i < io->u.raw.n; i++) {
+ if (type == io->u.raw.types[i]) {
+ return &io->u.raw.items[i];
+ }
+ }
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return NULL;
+ }
+ /* deal with the common attributes */
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ value = ckmk_FetchCertAttribute(io, type, pError);
+ break;
+ case CKO_PRIVATE_KEY:
+ value = ckmk_FetchPrivKeyAttribute(io, type, pError);
+ break;
+ case CKO_PUBLIC_KEY:
+ value = ckmk_FetchPubKeyAttribute(io, type, pError);
+ break;
+ default:
+ *pError = CKR_OBJECT_HANDLE_INVALID;
+ return NULL;
+ }
+
+#ifdef DEBUG
+ if (CKA_ID == type) {
+ itemdump("id: ", value->data, value->size, *pError);
+ }
+#endif
+ return value;
+}
+
+static void
+ckmk_removeObjectFromHash(
+ ckmkInternalObject *io);
+
+/*
+ *
+ * These are the MSObject functions we need to implement
+ *
+ * Finalize - unneeded (actually we should clean up the hashtables)
+ * Destroy
+ * IsTokenObject - CK_TRUE
+ * GetAttributeCount
+ * GetAttributeTypes
+ * GetAttributeSize
+ * GetAttribute
+ * SetAttribute
+ * GetObjectSize
+ */
+
+static CK_RV
+ckmk_mdObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ OSStatus macErr;
+
+ if (ckmkRaw == io->type) {
+ /* there is not 'object write protected' error, use the next best thing */
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* This API is done well. The following 4 lines are the complete apple
+ * specific part of this implementation */
+ macErr = SecKeychainItemDelete(io->u.item.itemRef);
+ if (noErr != macErr) {
+ CKMK_MACERR("Delete object", macErr);
+ }
+
+ /* remove it from the hash */
+ ckmk_removeObjectFromHash(io);
+
+ /* free the puppy.. */
+ nss_ckmk_DestroyInternalObject(io);
+
+ return CKR_OK;
+}
+
+static CK_BBOOL
+ckmk_mdObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_ULONG
+ckmk_mdObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+
+ if (ckmkRaw == io->type) {
+ return io->u.raw.n;
+ }
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ return certAttrsCount;
+ case CKO_PUBLIC_KEY:
+ return pubKeyAttrsCount;
+ case CKO_PRIVATE_KEY:
+ return privKeyAttrsCount;
+ default:
+ break;
+ }
+ return 0;
+}
+
+static CK_RV
+ckmk_mdObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ CK_ULONG i;
+ CK_RV error = CKR_OK;
+ const CK_ATTRIBUTE_TYPE *attrs = NULL;
+ CK_ULONG size = ckmk_mdObject_GetAttributeCount(
+ mdObject, fwObject, mdSession, fwSession,
+ mdToken, fwToken, mdInstance, fwInstance, &error);
+
+ if (size != ulCount) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ if (io->type == ckmkRaw) {
+ attrs = io->u.raw.types;
+ } else
+ switch (io->objClass) {
+ case CKO_CERTIFICATE:
+ attrs =
+ certAttrs;
+ break;
+ case CKO_PUBLIC_KEY:
+ attrs =
+ pubKeyAttrs;
+ break;
+ case CKO_PRIVATE_KEY:
+ attrs =
+ privKeyAttrs;
+ break;
+ default:
+ return CKR_OK;
+ }
+
+ for (i = 0; i < size; i++) {
+ typeArray[i] = attrs[i];
+ }
+
+ return CKR_OK;
+}
+
+static CK_ULONG
+ckmk_mdObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+
+ const NSSItem *b;
+
+ b = nss_ckmk_FetchAttribute(io, attribute, pError);
+
+ if ((const NSSItem *)NULL == b) {
+ return 0;
+ }
+ return b->size;
+}
+
+static CK_RV
+ckmk_mdObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
+{
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+ SecKeychainItemRef itemRef;
+
+ if (io->type == ckmkRaw) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ itemRef = io->u.item.itemRef;
+
+ switch (io->objClass) {
+ case CKO_PRIVATE_KEY:
+ case CKO_PUBLIC_KEY:
+ switch (attribute) {
+ case CKA_ID:
+ ckmk_updateAttribute(itemRef, kSecKeyLabel,
+ value->data, value->size, "Set Attr Key ID");
+#ifdef DEBUG
+ itemdump("key id: ", value->data, value->size, CKR_OK);
+#endif
+ break;
+ case CKA_LABEL:
+ ckmk_updateAttribute(itemRef, kSecKeyPrintName, value->data,
+ value->size, "Set Attr Key Label");
+ break;
+ default:
+ break;
+ }
+ break;
+
+ case CKO_CERTIFICATE:
+ switch (attribute) {
+ case CKA_ID:
+ ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr,
+ value->data, value->size, "Set Attr Cert ID");
+ break;
+ case CKA_LABEL:
+ ckmk_updateAttribute(itemRef, kSecLabelItemAttr, value->data,
+ value->size, "Set Attr Cert Label");
+ break;
+ default:
+ break;
+ }
+ break;
+
+ default:
+ break;
+ }
+ return CKR_OK;
+}
+
+static NSSCKFWItem
+ckmk_mdObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ NSSCKFWItem mdItem;
+ ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc;
+
+ mdItem.needsFreeing = PR_FALSE;
+ mdItem.item = (NSSItem *)nss_ckmk_FetchAttribute(io, attribute, pError);
+
+ return mdItem;
+}
+
+static CK_ULONG
+ckmk_mdObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ CK_ULONG rv = 1;
+
+ /* size is irrelevant to this token */
+ return rv;
+}
+
+static const NSSCKMDObject
+ ckmk_prototype_mdObject = {
+ (void *)NULL, /* etc */
+ NULL, /* Finalize */
+ ckmk_mdObject_Destroy,
+ ckmk_mdObject_IsTokenObject,
+ ckmk_mdObject_GetAttributeCount,
+ ckmk_mdObject_GetAttributeTypes,
+ ckmk_mdObject_GetAttributeSize,
+ ckmk_mdObject_GetAttribute,
+ NULL, /* FreeAttribute */
+ ckmk_mdObject_SetAttribute,
+ ckmk_mdObject_GetObjectSize,
+ (void *)NULL /* null terminator */
+ };
+
+static nssHash *ckmkInternalObjectHash = NULL;
+
+NSS_IMPLEMENT NSSCKMDObject *
+nss_ckmk_CreateMDObject(
+ NSSArena *arena,
+ ckmkInternalObject *io,
+ CK_RV *pError)
+{
+ if ((nssHash *)NULL == ckmkInternalObjectHash) {
+ ckmkInternalObjectHash = nssHash_CreateItem(NULL, 10);
+ }
+ if (ckmkItem == io->type) {
+ /* the hash key, not a cryptographic key */
+ NSSItem *key = &io->hashKey;
+ ckmkInternalObject *old_o = NULL;
+
+ if (key->size == 0) {
+ ckmk_FetchHashKey(io);
+ }
+ old_o = (ckmkInternalObject *)
+ nssHash_Lookup(ckmkInternalObjectHash, key);
+ if (!old_o) {
+ nssHash_Add(ckmkInternalObjectHash, key, io);
+ } else if (old_o != io) {
+ nss_ckmk_DestroyInternalObject(io);
+ io = old_o;
+ }
+ }
+
+ if ((void *)NULL == io->mdObject.etc) {
+ (void)nsslibc_memcpy(&io->mdObject, &ckmk_prototype_mdObject,
+ sizeof(ckmk_prototype_mdObject));
+ io->mdObject.etc = (void *)io;
+ }
+ return &io->mdObject;
+}
+
+static void
+ckmk_removeObjectFromHash(
+ ckmkInternalObject *io)
+{
+ NSSItem *key = &io->hashKey;
+
+ if ((nssHash *)NULL == ckmkInternalObjectHash) {
+ return;
+ }
+ if (key->size == 0) {
+ ckmk_FetchHashKey(io);
+ }
+ nssHash_Remove(ckmkInternalObjectHash, key);
+ return;
+}
+
+void
+nss_ckmk_DestroyInternalObject(
+ ckmkInternalObject *io)
+{
+ switch (io->type) {
+ case ckmkRaw:
+ return;
+ case ckmkItem:
+ nss_ZFreeIf(io->u.item.modify.data);
+ nss_ZFreeIf(io->u.item.private.data);
+ nss_ZFreeIf(io->u.item.encrypt.data);
+ nss_ZFreeIf(io->u.item.decrypt.data);
+ nss_ZFreeIf(io->u.item.derive.data);
+ nss_ZFreeIf(io->u.item.sign.data);
+ nss_ZFreeIf(io->u.item.signRecover.data);
+ nss_ZFreeIf(io->u.item.verify.data);
+ nss_ZFreeIf(io->u.item.verifyRecover.data);
+ nss_ZFreeIf(io->u.item.wrap.data);
+ nss_ZFreeIf(io->u.item.unwrap.data);
+ nss_ZFreeIf(io->u.item.label.data);
+ /*nss_ZFreeIf(io->u.item.subject.data); */
+ /*nss_ZFreeIf(io->u.item.issuer.data); */
+ nss_ZFreeIf(io->u.item.serial.data);
+ nss_ZFreeIf(io->u.item.modulus.data);
+ nss_ZFreeIf(io->u.item.exponent.data);
+ nss_ZFreeIf(io->u.item.privateExponent.data);
+ nss_ZFreeIf(io->u.item.prime1.data);
+ nss_ZFreeIf(io->u.item.prime2.data);
+ nss_ZFreeIf(io->u.item.exponent1.data);
+ nss_ZFreeIf(io->u.item.exponent2.data);
+ nss_ZFreeIf(io->u.item.coefficient.data);
+ break;
+ }
+ nss_ZFreeIf(io);
+ return;
+}
+
+static ckmkInternalObject *
+nss_ckmk_NewInternalObject(
+ CK_OBJECT_CLASS objClass,
+ SecKeychainItemRef itemRef,
+ SecItemClass itemClass,
+ CK_RV *pError)
+{
+ ckmkInternalObject *io = nss_ZNEW(NULL, ckmkInternalObject);
+
+ if ((ckmkInternalObject *)NULL == io) {
+ *pError = CKR_HOST_MEMORY;
+ return io;
+ }
+ io->type = ckmkItem;
+ io->objClass = objClass;
+ io->u.item.itemRef = itemRef;
+ io->u.item.itemClass = itemClass;
+ return io;
+}
+
+/*
+ * Apple doesn't alway have a default keyChain set by the OS, use the
+ * SearchList to try to find one.
+ */
+static CK_RV
+ckmk_GetSafeDefaultKeychain(
+ SecKeychainRef *keychainRef)
+{
+ OSStatus macErr;
+ CFArrayRef searchList = 0;
+ CK_RV error = CKR_OK;
+
+ macErr = SecKeychainCopyDefault(keychainRef);
+ if (noErr != macErr) {
+ int searchCount = 0;
+ if (errSecNoDefaultKeychain != macErr) {
+ CKMK_MACERR("Getting default key chain", macErr);
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+ /* ok, we don't have a default key chain, find one */
+ macErr = SecKeychainCopySearchList(&searchList);
+ if (noErr != macErr) {
+ CKMK_MACERR("failed to find a keyring searchList", macErr);
+ error = CKR_DEVICE_REMOVED;
+ goto loser;
+ }
+ searchCount = CFArrayGetCount(searchList);
+ if (searchCount < 1) {
+ error = CKR_DEVICE_REMOVED;
+ goto loser;
+ }
+ *keychainRef =
+ (SecKeychainRef)CFRetain(CFArrayGetValueAtIndex(searchList, 0));
+ if (0 == *keychainRef) {
+ error = CKR_DEVICE_REMOVED;
+ goto loser;
+ }
+ /* should we set it as default? */
+ }
+loser:
+ if (0 != searchList) {
+ CFRelease(searchList);
+ }
+ return error;
+}
+static ckmkInternalObject *
+nss_ckmk_CreateCertificate(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSItem value;
+ ckmkInternalObject *io = NULL;
+ OSStatus macErr;
+ SecCertificateRef certRef;
+ SecKeychainItemRef itemRef;
+ SecKeychainRef keychainRef;
+ CSSM_DATA certData;
+
+ *pError = nss_ckmk_GetAttribute(CKA_VALUE, pTemplate,
+ ulAttributeCount, &value);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ certData.Data = value.data;
+ certData.Length = value.size;
+ macErr = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3,
+ CSSM_CERT_ENCODING_BER, &certRef);
+ if (noErr != macErr) {
+ CKMK_MACERR("Create cert from data Failed", macErr);
+ *pError = CKR_GENERAL_ERROR; /* need to map macErr */
+ goto loser;
+ }
+
+ *pError = ckmk_GetSafeDefaultKeychain(&keychainRef);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ macErr = SecCertificateAddToKeychain(certRef, keychainRef);
+ itemRef = (SecKeychainItemRef)certRef;
+ if (errSecDuplicateItem != macErr) {
+ NSSItem keyID = { NULL, 0 };
+ char *nickname = NULL;
+ CK_RV dummy;
+
+ if (noErr != macErr) {
+ CKMK_MACERR("Add cert to keychain Failed", macErr);
+ *pError = CKR_GENERAL_ERROR; /* need to map macErr */
+ goto loser;
+ }
+ /* these two are optional */
+ nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate,
+ ulAttributeCount, &dummy);
+ /* we've added a new one, update the attributes in the key ring */
+ if (nickname) {
+ ckmk_updateAttribute(itemRef, kSecLabelItemAttr, nickname,
+ strlen(nickname) + 1, "Modify Cert Label");
+ nss_ZFreeIf(nickname);
+ }
+ dummy = nss_ckmk_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
+ if (CKR_OK == dummy) {
+ dummy = ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr,
+ keyID.data, keyID.size, "Modify Cert ID");
+ }
+ }
+
+ io = nss_ckmk_NewInternalObject(CKO_CERTIFICATE, itemRef,
+ kSecCertificateItemClass, pError);
+ if ((ckmkInternalObject *)NULL != io) {
+ itemRef = 0;
+ }
+
+loser:
+ if (0 != itemRef) {
+ CFRelease(itemRef);
+ }
+ if (0 != keychainRef) {
+ CFRelease(keychainRef);
+ }
+
+ return io;
+}
+
+/*
+ * PKCS #8 attributes
+ */
+struct ckmk_AttributeStr {
+ SECItem attrType;
+ SECItem *attrValue;
+};
+typedef struct ckmk_AttributeStr ckmk_Attribute;
+
+/*
+ ** A PKCS#8 private key info object
+ */
+struct PrivateKeyInfoStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECAlgorithmID algorithm;
+ SECItem privateKey;
+ ckmk_Attribute **attributes;
+};
+typedef struct PrivateKeyInfoStr PrivateKeyInfo;
+
+const SEC_ASN1Template ckmk_RSAPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(RSAPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, version) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, modulus) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, publicExponent) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, privateExponent) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime1) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime2) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent1) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent2) },
+ { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, coefficient) },
+ { 0 }
+};
+
+const SEC_ASN1Template ckmk_AttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ckmk_Attribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(ckmk_Attribute, attrType) },
+ { SEC_ASN1_SET_OF, offsetof(ckmk_Attribute, attrValue),
+ SEC_AnyTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template ckmk_SetOfAttributeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, ckmk_AttributeTemplate },
+};
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+/* ASN1 Templates for new decoder/encoder */
+const SEC_ASN1Template ckmk_PrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PrivateKeyInfo) },
+ { SEC_ASN1_INTEGER, offsetof(PrivateKeyInfo, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(PrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING, offsetof(PrivateKeyInfo, privateKey) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(PrivateKeyInfo, attributes), ckmk_SetOfAttributeTemplate },
+ { 0 }
+};
+
+#define CKMK_PRIVATE_KEY_INFO_VERSION 0
+static CK_RV
+ckmk_CreateRSAKeyBlob(
+ RSAPrivateKey *lk,
+ NSSItem *keyBlob)
+{
+ PrivateKeyInfo *pki = NULL;
+ PLArenaPool *arena = NULL;
+ SECOidTag algorithm = SEC_OID_UNKNOWN;
+ void *dummy;
+ SECStatus rv;
+ SECItem *encodedKey = NULL;
+ CK_RV error = CKR_OK;
+
+ arena = PORT_NewArena(2048); /* XXX different size? */
+ if (!arena) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ pki = (PrivateKeyInfo *)PORT_ArenaZAlloc(arena, sizeof(PrivateKeyInfo));
+ if (!pki) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ pki->arena = arena;
+
+ dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
+ ckmk_RSAPrivateKeyTemplate);
+ algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
+
+ if (!dummy) {
+ error = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm,
+ (SECItem *)NULL);
+ if (rv != SECSuccess) {
+ error = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ goto loser;
+ }
+
+ dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
+ CKMK_PRIVATE_KEY_INFO_VERSION);
+ if (!dummy) {
+ error = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ goto loser;
+ }
+
+ encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki,
+ ckmk_PrivateKeyInfoTemplate);
+ if (!encodedKey) {
+ error = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ keyBlob->data = nss_ZNEWARRAY(NULL, char, encodedKey->len);
+ if (NULL == keyBlob->data) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nsslibc_memcpy(keyBlob->data, encodedKey->data, encodedKey->len);
+ keyBlob->size = encodedKey->len;
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ if (encodedKey) {
+ SECITEM_FreeItem(encodedKey, PR_TRUE);
+ }
+
+ return error;
+}
+/*
+ * There MUST be a better way to do this. For now, find the key based on the
+ * default name Apple gives it once we import.
+ */
+#define IMPORTED_NAME "Imported Private Key"
+static CK_RV
+ckmk_FindImportedKey(
+ SecKeychainRef keychainRef,
+ SecItemClass itemClass,
+ SecKeychainItemRef *outItemRef)
+{
+ OSStatus macErr;
+ SecKeychainSearchRef searchRef = 0;
+ SecKeychainItemRef newItemRef;
+
+ macErr = SecKeychainSearchCreateFromAttributes(keychainRef, itemClass,
+ NULL, &searchRef);
+ if (noErr != macErr) {
+ CKMK_MACERR("Can't search for Key", macErr);
+ return CKR_GENERAL_ERROR;
+ }
+ while (noErr == SecKeychainSearchCopyNext(searchRef, &newItemRef)) {
+ SecKeychainAttributeList *attrList = NULL;
+ SecKeychainAttributeInfo attrInfo;
+ SecItemAttr itemAttr = kSecKeyPrintName;
+ PRUint32 attrFormat = 0;
+ OSStatus macErr;
+
+ attrInfo.count = 1;
+ attrInfo.tag = &itemAttr;
+ attrInfo.format = &attrFormat;
+
+ macErr = SecKeychainItemCopyAttributesAndData(newItemRef,
+ &attrInfo, NULL, &attrList, NULL, NULL);
+ if (noErr == macErr) {
+ if (nsslibc_memcmp(attrList->attr->data, IMPORTED_NAME,
+ attrList->attr->length, NULL) == 0) {
+ *outItemRef = newItemRef;
+ CFRelease(searchRef);
+ SecKeychainItemFreeAttributesAndData(attrList, NULL);
+ return CKR_OK;
+ }
+ SecKeychainItemFreeAttributesAndData(attrList, NULL);
+ }
+ CFRelease(newItemRef);
+ }
+ CFRelease(searchRef);
+ return CKR_GENERAL_ERROR; /* we can come up with something better! */
+}
+
+static ckmkInternalObject *
+nss_ckmk_CreatePrivateKey(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSItem attribute;
+ RSAPrivateKey lk;
+ NSSItem keyID;
+ char *nickname = NULL;
+ ckmkInternalObject *io = NULL;
+ CK_KEY_TYPE keyType;
+ OSStatus macErr;
+ SecKeychainItemRef itemRef = 0;
+ NSSItem keyBlob = { NULL, 0 };
+ CFDataRef dataRef = 0;
+ SecExternalFormat inputFormat = kSecFormatBSAFE;
+ /*SecExternalFormat inputFormat = kSecFormatOpenSSL; */
+ SecExternalItemType itemType = kSecItemTypePrivateKey;
+ SecKeyImportExportParameters keyParams;
+ SecKeychainRef targetKeychain = 0;
+ unsigned char zero = 0;
+ CK_RV error;
+
+ keyParams.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION;
+ keyParams.flags = 0;
+ keyParams.passphrase = 0;
+ keyParams.alertTitle = 0;
+ keyParams.alertPrompt = 0;
+ keyParams.accessRef = 0; /* default */
+ keyParams.keyUsage = 0; /* will get filled in */
+ keyParams.keyAttributes = CSSM_KEYATTR_PERMANENT; /* will get filled in */
+ keyType = nss_ckmk_GetULongAttribute(CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ if (CKK_RSA != keyType) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (ckmkInternalObject *)NULL;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_DECRYPT,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_DECRYPT;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_UNWRAP,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_UNWRAP;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_SIGN,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_SIGN;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_DERIVE,
+ pTemplate, ulAttributeCount, CK_FALSE)) {
+ keyParams.keyUsage |= CSSM_KEYUSE_DERIVE;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_SENSITIVE,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyAttributes |= CSSM_KEYATTR_SENSITIVE;
+ }
+ if (nss_ckmk_GetBoolAttribute(CKA_EXTRACTABLE,
+ pTemplate, ulAttributeCount, CK_TRUE)) {
+ keyParams.keyAttributes |= CSSM_KEYATTR_EXTRACTABLE;
+ }
+
+ lk.version.type = siUnsignedInteger;
+ lk.version.data = &zero;
+ lk.version.len = 1;
+
+ *pError = nss_ckmk_GetAttribute(CKA_MODULUS, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.modulus.type = siUnsignedInteger;
+ lk.modulus.data = attribute.data;
+ lk.modulus.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.publicExponent.type = siUnsignedInteger;
+ lk.publicExponent.data = attribute.data;
+ lk.publicExponent.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.privateExponent.type = siUnsignedInteger;
+ lk.privateExponent.data = attribute.data;
+ lk.privateExponent.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PRIME_1, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.prime1.type = siUnsignedInteger;
+ lk.prime1.data = attribute.data;
+ lk.prime1.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_PRIME_2, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.prime2.type = siUnsignedInteger;
+ lk.prime2.data = attribute.data;
+ lk.prime2.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_1, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.exponent1.type = siUnsignedInteger;
+ lk.exponent1.data = attribute.data;
+ lk.exponent1.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_2, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.exponent2.type = siUnsignedInteger;
+ lk.exponent2.data = attribute.data;
+ lk.exponent2.len = attribute.size;
+
+ *pError = nss_ckmk_GetAttribute(CKA_COEFFICIENT, pTemplate,
+ ulAttributeCount, &attribute);
+ if (CKR_OK != *pError) {
+ return (ckmkInternalObject *)NULL;
+ }
+ lk.coefficient.type = siUnsignedInteger;
+ lk.coefficient.data = attribute.data;
+ lk.coefficient.len = attribute.size;
+
+ /* ASN1 Encode the pkcs8 structure... look at softoken to see how this
+ * is done... */
+ error = ckmk_CreateRSAKeyBlob(&lk, &keyBlob);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ dataRef = CFDataCreate(NULL, (UInt8 *)keyBlob.data, keyBlob.size);
+ if (0 == dataRef) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ *pError == ckmk_GetSafeDefaultKeychain(&targetKeychain);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+ /* the itemArray that is returned is useless. the item does not
+ * is 'not on the key chain' so none of the modify calls work on it.
+ * It also has a key that isn't the same key as the one in the actual
+ * key chain. In short it isn't the item we want, and it gives us zero
+ * information about the item we want, so don't even bother with it...
+ */
+ macErr = SecKeychainItemImport(dataRef, NULL, &inputFormat, &itemType, 0,
+ &keyParams, targetKeychain, NULL);
+ if (noErr != macErr) {
+ CKMK_MACERR("Import Private Key", macErr);
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ *pError = ckmk_FindImportedKey(targetKeychain,
+ CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ &itemRef);
+ if (CKR_OK != *pError) {
+#ifdef DEBUG
+ fprintf(stderr, "couldn't find key in keychain \n");
+#endif
+ goto loser;
+ }
+
+ /* set the CKA_ID and the CKA_LABEL */
+ error = nss_ckmk_GetAttribute(CKA_ID, pTemplate,
+ ulAttributeCount, &keyID);
+ if (CKR_OK == error) {
+ error = ckmk_updateAttribute(itemRef, kSecKeyLabel,
+ keyID.data, keyID.size, "Modify Key ID");
+#ifdef DEBUG
+ itemdump("key id: ", keyID.data, keyID.size, error);
+#endif
+ }
+ nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate,
+ ulAttributeCount, &error);
+ if (nickname) {
+ ckmk_updateAttribute(itemRef, kSecKeyPrintName, nickname,
+ strlen(nickname) + 1, "Modify Key Label");
+ } else {
+#define DEFAULT_NICKNAME "NSS Imported Key"
+ ckmk_updateAttribute(itemRef, kSecKeyPrintName, DEFAULT_NICKNAME,
+ sizeof(DEFAULT_NICKNAME), "Modify Key Label");
+ }
+
+ io = nss_ckmk_NewInternalObject(CKO_PRIVATE_KEY, itemRef,
+ CSSM_DL_DB_RECORD_PRIVATE_KEY, pError);
+ if ((ckmkInternalObject *)NULL == io) {
+ CFRelease(itemRef);
+ }
+
+ return io;
+
+loser:
+ /* free the key blob */
+ if (keyBlob.data) {
+ nss_ZFreeIf(keyBlob.data);
+ }
+ if (0 != targetKeychain) {
+ CFRelease(targetKeychain);
+ }
+ if (0 != dataRef) {
+ CFRelease(dataRef);
+ }
+ return io;
+}
+
+NSS_EXTERN NSSCKMDObject *
+nss_ckmk_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ CK_OBJECT_CLASS objClass;
+ ckmkInternalObject *io = NULL;
+ CK_BBOOL isToken;
+
+ /*
+ * only create token objects
+ */
+ isToken = nss_ckmk_GetBoolAttribute(CKA_TOKEN, pTemplate,
+ ulAttributeCount, CK_FALSE);
+ if (!isToken) {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ /*
+ * only create keys and certs.
+ */
+ objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, pTemplate,
+ ulAttributeCount, pError);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDObject *)NULL;
+ }
+#ifdef notdef
+ if (objClass == CKO_PUBLIC_KEY) {
+ return CKR_OK; /* fake public key creation, happens as a side effect of
+ * private key creation */
+ }
+#endif
+ if (objClass == CKO_CERTIFICATE) {
+ io = nss_ckmk_CreateCertificate(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ } else if (objClass == CKO_PRIVATE_KEY) {
+ io = nss_ckmk_CreatePrivateKey(fwSession, pTemplate,
+ ulAttributeCount, pError);
+ } else {
+ *pError = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ if ((ckmkInternalObject *)NULL == io) {
+ return (NSSCKMDObject *)NULL;
+ }
+ return nss_ckmk_CreateMDObject(NULL, io, pError);
+}
diff --git a/security/nss/lib/ckfw/nssmkey/mrsa.c b/security/nss/lib/ckfw/nssmkey/mrsa.c
new file mode 100644
index 000000000..00175b47a
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/mrsa.c
@@ -0,0 +1,479 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckmk.h"
+
+/* Sigh, For all the talk about 'ease of use', apple has hidden the interfaces
+ * needed to be able to truly use CSSM. These came from their modification
+ * to NSS's S/MIME code. The following two functions currently are not
+ * part of the SecKey.h interface.
+ */
+OSStatus
+SecKeyGetCredentials(
+ SecKeyRef keyRef,
+ CSSM_ACL_AUTHORIZATION_TAG authTag,
+ int type,
+ const CSSM_ACCESS_CREDENTIALS **creds);
+
+/* this function could be implemented using 'SecKeychainItemCopyKeychain' and
+ * 'SecKeychainGetCSPHandle' */
+OSStatus
+SecKeyGetCSPHandle(
+ SecKeyRef keyRef,
+ CSSM_CSP_HANDLE *cspHandle);
+
+typedef struct ckmkInternalCryptoOperationRSAPrivStr
+ ckmkInternalCryptoOperationRSAPriv;
+struct ckmkInternalCryptoOperationRSAPrivStr {
+ NSSCKMDCryptoOperation mdOperation;
+ NSSCKMDMechanism *mdMechanism;
+ ckmkInternalObject *iKey;
+ NSSItem *buffer;
+ CSSM_CC_HANDLE cssmContext;
+};
+
+typedef enum {
+ CKMK_DECRYPT,
+ CKMK_SIGN
+} ckmkRSAOpType;
+
+/*
+ * ckmk_mdCryptoOperationRSAPriv_Create
+ */
+static NSSCKMDCryptoOperation *
+ckmk_mdCryptoOperationRSAPriv_Create(
+ const NSSCKMDCryptoOperation *proto,
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKMDObject *mdKey,
+ ckmkRSAOpType type,
+ CK_RV *pError)
+{
+ ckmkInternalObject *iKey = (ckmkInternalObject *)mdKey->etc;
+ const NSSItem *classItem = nss_ckmk_FetchAttribute(iKey, CKA_CLASS, pError);
+ const NSSItem *keyType = nss_ckmk_FetchAttribute(iKey, CKA_KEY_TYPE, pError);
+ ckmkInternalCryptoOperationRSAPriv *iOperation;
+ SecKeyRef privateKey;
+ OSStatus macErr;
+ CSSM_RETURN cssmErr;
+ const CSSM_KEY *cssmKey;
+ CSSM_CSP_HANDLE cspHandle;
+ const CSSM_ACCESS_CREDENTIALS *creds = NULL;
+ CSSM_CC_HANDLE cssmContext;
+ CSSM_ACL_AUTHORIZATION_TAG authType;
+
+ /* make sure we have the right objects */
+ if (((const NSSItem *)NULL == classItem) ||
+ (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
+ (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
+ ((const NSSItem *)NULL == keyType) ||
+ (sizeof(CK_KEY_TYPE) != keyType->size) ||
+ (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
+ *pError = CKR_KEY_TYPE_INCONSISTENT;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ privateKey = (SecKeyRef)iKey->u.item.itemRef;
+ macErr = SecKeyGetCSSMKey(privateKey, &cssmKey);
+ if (noErr != macErr) {
+ CKMK_MACERR("Getting CSSM Key", macErr);
+ *pError = CKR_KEY_HANDLE_INVALID;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ macErr = SecKeyGetCSPHandle(privateKey, &cspHandle);
+ if (noErr != macErr) {
+ CKMK_MACERR("Getting CSP for Key", macErr);
+ *pError = CKR_KEY_HANDLE_INVALID;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ switch (type) {
+ case CKMK_DECRYPT:
+ authType = CSSM_ACL_AUTHORIZATION_DECRYPT;
+ break;
+ case CKMK_SIGN:
+ authType = CSSM_ACL_AUTHORIZATION_SIGN;
+ break;
+ default:
+ *pError = CKR_GENERAL_ERROR;
+#ifdef DEBUG
+ fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type);
+#endif
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ macErr = SecKeyGetCredentials(privateKey, authType, 0, &creds);
+ if (noErr != macErr) {
+ CKMK_MACERR("Getting Credentials for Key", macErr);
+ *pError = CKR_KEY_HANDLE_INVALID;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ switch (type) {
+ case CKMK_DECRYPT:
+ cssmErr = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA,
+ creds, cssmKey, CSSM_PADDING_PKCS1, &cssmContext);
+ break;
+ case CKMK_SIGN:
+ cssmErr = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA,
+ creds, cssmKey, &cssmContext);
+ break;
+ default:
+ *pError = CKR_GENERAL_ERROR;
+#ifdef DEBUG
+ fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type);
+#endif
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ if (noErr != cssmErr) {
+ CKMK_MACERR("Getting Context for Key", cssmErr);
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+
+ iOperation = nss_ZNEW(NULL, ckmkInternalCryptoOperationRSAPriv);
+ if ((ckmkInternalCryptoOperationRSAPriv *)NULL == iOperation) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDCryptoOperation *)NULL;
+ }
+ iOperation->mdMechanism = mdMechanism;
+ iOperation->iKey = iKey;
+ iOperation->cssmContext = cssmContext;
+
+ nsslibc_memcpy(&iOperation->mdOperation,
+ proto, sizeof(NSSCKMDCryptoOperation));
+ iOperation->mdOperation.etc = iOperation;
+
+ return &iOperation->mdOperation;
+}
+
+static void
+ckmk_mdCryptoOperationRSAPriv_Destroy(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+
+ if (iOperation->buffer) {
+ nssItem_Destroy(iOperation->buffer);
+ }
+ if (iOperation->cssmContext) {
+ CSSM_DeleteContext(iOperation->cssmContext);
+ }
+ nss_ZFreeIf(iOperation);
+ return;
+}
+
+static CK_ULONG
+ckmk_mdCryptoOperationRSA_GetFinalLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ const NSSItem *modulus =
+ nss_ckmk_FetchAttribute(iOperation->iKey, CKA_MODULUS, pError);
+
+ return modulus->size;
+}
+
+/*
+ * ckmk_mdCryptoOperationRSADecrypt_GetOperationLength
+ * we won't know the length until we actually decrypt the
+ * input block. Since we go to all the work to decrypt the
+ * the block, we'll save if for when the block is asked for
+ */
+static CK_ULONG
+ckmk_mdCryptoOperationRSADecrypt_GetOperationLength(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ CK_RV *pError)
+{
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ CSSM_DATA cssmInput;
+ CSSM_DATA cssmOutput = { 0, NULL };
+ PRUint32 bytesDecrypted;
+ CSSM_DATA remainder = { 0, NULL };
+ NSSItem output;
+ CSSM_RETURN cssmErr;
+
+ if (iOperation->buffer) {
+ return iOperation->buffer->size;
+ }
+
+ cssmInput.Data = input->data;
+ cssmInput.Length = input->size;
+
+ cssmErr = CSSM_DecryptData(iOperation->cssmContext,
+ &cssmInput, 1, &cssmOutput, 1,
+ &bytesDecrypted, &remainder);
+ if (CSSM_OK != cssmErr) {
+ CKMK_MACERR("Decrypt Failed", cssmErr);
+ *pError = CKR_DATA_INVALID;
+ return 0;
+ }
+ /* we didn't suppy any buffers, so it should all be in remainder */
+ output.data = nss_ZNEWARRAY(NULL, char, bytesDecrypted + remainder.Length);
+ if (NULL == output.data) {
+ free(cssmOutput.Data);
+ free(remainder.Data);
+ *pError = CKR_HOST_MEMORY;
+ return 0;
+ }
+ output.size = bytesDecrypted + remainder.Length;
+
+ if (0 != bytesDecrypted) {
+ nsslibc_memcpy(output.data, cssmOutput.Data, bytesDecrypted);
+ free(cssmOutput.Data);
+ }
+ if (0 != remainder.Length) {
+ nsslibc_memcpy(((char *)output.data) + bytesDecrypted,
+ remainder.Data, remainder.Length);
+ free(remainder.Data);
+ }
+
+ iOperation->buffer = nssItem_Duplicate(&output, NULL, NULL);
+ nss_ZFreeIf(output.data);
+ if ((NSSItem *)NULL == iOperation->buffer) {
+ *pError = CKR_HOST_MEMORY;
+ return 0;
+ }
+
+ return iOperation->buffer->size;
+}
+
+/*
+ * ckmk_mdCryptoOperationRSADecrypt_UpdateFinal
+ *
+ * NOTE: ckmk_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
+ * have been called previously.
+ */
+static CK_RV
+ckmk_mdCryptoOperationRSADecrypt_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
+{
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ NSSItem *buffer = iOperation->buffer;
+
+ if ((NSSItem *)NULL == buffer) {
+ return CKR_GENERAL_ERROR;
+ }
+ nsslibc_memcpy(output->data, buffer->data, buffer->size);
+ output->size = buffer->size;
+ return CKR_OK;
+}
+
+/*
+ * ckmk_mdCryptoOperationRSASign_UpdateFinal
+ *
+ */
+static CK_RV
+ckmk_mdCryptoOperationRSASign_UpdateFinal(
+ NSSCKMDCryptoOperation *mdOperation,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ const NSSItem *input,
+ NSSItem *output)
+{
+ ckmkInternalCryptoOperationRSAPriv *iOperation =
+ (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
+ CSSM_DATA cssmInput;
+ CSSM_DATA cssmOutput = { 0, NULL };
+ CSSM_RETURN cssmErr;
+
+ cssmInput.Data = input->data;
+ cssmInput.Length = input->size;
+
+ cssmErr = CSSM_SignData(iOperation->cssmContext, &cssmInput, 1,
+ CSSM_ALGID_NONE, &cssmOutput);
+ if (CSSM_OK != cssmErr) {
+ CKMK_MACERR("Signed Failed", cssmErr);
+ return CKR_FUNCTION_FAILED;
+ }
+ if (cssmOutput.Length > output->size) {
+ free(cssmOutput.Data);
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ nsslibc_memcpy(output->data, cssmOutput.Data, cssmOutput.Length);
+ free(cssmOutput.Data);
+ output->size = cssmOutput.Length;
+
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
+ ckmk_mdCryptoOperationRSADecrypt_proto = {
+ NULL, /* etc */
+ ckmk_mdCryptoOperationRSAPriv_Destroy,
+ NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
+ ckmk_mdCryptoOperationRSADecrypt_GetOperationLength,
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckmk_mdCryptoOperationRSADecrypt_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
+
+NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
+ ckmk_mdCryptoOperationRSASign_proto = {
+ NULL, /* etc */
+ ckmk_mdCryptoOperationRSAPriv_Destroy,
+ ckmk_mdCryptoOperationRSA_GetFinalLength,
+ NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
+ NULL, /* Final - not needed for one shot operation */
+ NULL, /* Update - not needed for one shot operation */
+ NULL, /* DigetUpdate - not needed for one shot operation */
+ ckmk_mdCryptoOperationRSASign_UpdateFinal,
+ NULL, /* UpdateCombo - not needed for one shot operation */
+ NULL, /* DigetKey - not needed for one shot operation */
+ (void *)NULL /* null terminator */
+ };
+
+/********** NSSCKMDMechansim functions ***********************/
+/*
+ * ckmk_mdMechanismRSA_Destroy
+ */
+static void
+ckmk_mdMechanismRSA_Destroy(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nss_ZFreeIf(fwMechanism);
+}
+
+/*
+ * ckmk_mdMechanismRSA_GetMinKeySize
+ */
+static CK_ULONG
+ckmk_mdMechanismRSA_GetMinKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return 384;
+}
+
+/*
+ * ckmk_mdMechanismRSA_GetMaxKeySize
+ */
+static CK_ULONG
+ckmk_mdMechanismRSA_GetMaxKeySize(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return 16384;
+}
+
+/*
+ * ckmk_mdMechanismRSA_DecryptInit
+ */
+static NSSCKMDCryptoOperation *
+ckmk_mdMechanismRSA_DecryptInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
+{
+ return ckmk_mdCryptoOperationRSAPriv_Create(
+ &ckmk_mdCryptoOperationRSADecrypt_proto,
+ mdMechanism, mdKey, CKMK_DECRYPT, pError);
+}
+
+/*
+ * ckmk_mdMechanismRSA_SignInit
+ */
+static NSSCKMDCryptoOperation *
+ckmk_mdMechanismRSA_SignInit(
+ NSSCKMDMechanism *mdMechanism,
+ NSSCKFWMechanism *fwMechanism,
+ CK_MECHANISM *pMechanism,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDObject *mdKey,
+ NSSCKFWObject *fwKey,
+ CK_RV *pError)
+{
+ return ckmk_mdCryptoOperationRSAPriv_Create(
+ &ckmk_mdCryptoOperationRSASign_proto,
+ mdMechanism, mdKey, CKMK_SIGN, pError);
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDMechanism
+ nss_ckmk_mdMechanismRSA = {
+ (void *)NULL, /* etc */
+ ckmk_mdMechanismRSA_Destroy,
+ ckmk_mdMechanismRSA_GetMinKeySize,
+ ckmk_mdMechanismRSA_GetMaxKeySize,
+ NULL, /* GetInHardware - default false */
+ NULL, /* EncryptInit - default errs */
+ ckmk_mdMechanismRSA_DecryptInit,
+ NULL, /* DigestInit - default errs*/
+ ckmk_mdMechanismRSA_SignInit,
+ NULL, /* VerifyInit - default errs */
+ ckmk_mdMechanismRSA_SignInit, /* SignRecoverInit */
+ NULL, /* VerifyRecoverInit - default errs */
+ NULL, /* GenerateKey - default errs */
+ NULL, /* GenerateKeyPair - default errs */
+ NULL, /* GetWrapKeyLength - default errs */
+ NULL, /* WrapKey - default errs */
+ NULL, /* UnwrapKey - default errs */
+ NULL, /* DeriveKey - default errs */
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/nssmkey/msession.c b/security/nss/lib/ckfw/nssmkey/msession.c
new file mode 100644
index 000000000..e6a29244a
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/msession.c
@@ -0,0 +1,87 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckmk.h"
+
+/*
+ * nssmkey/msession.c
+ *
+ * This file implements the NSSCKMDSession object for the
+ * "nssmkey" cryptoki module.
+ */
+
+static NSSCKMDFindObjects *
+ckmk_mdSession_FindObjectsInit(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ return nss_ckmk_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
+}
+
+static NSSCKMDObject *
+ckmk_mdSession_CreateObject(
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ return nss_ckmk_CreateObject(fwSession, pTemplate, ulAttributeCount, pError);
+}
+
+NSS_IMPLEMENT NSSCKMDSession *
+nss_ckmk_CreateSession(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+ NSSArena *arena;
+ NSSCKMDSession *rv;
+
+ arena = NSSCKFWSession_GetArena(fwSession, pError);
+ if ((NSSArena *)NULL == arena) {
+ return (NSSCKMDSession *)NULL;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDSession);
+ if ((NSSCKMDSession *)NULL == rv) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDSession *)NULL;
+ }
+
+ /*
+ * rv was zeroed when allocated, so we only
+ * need to set the non-zero members.
+ */
+
+ rv->etc = (void *)fwSession;
+ /* rv->Close */
+ /* rv->GetDeviceError */
+ /* rv->Login */
+ /* rv->Logout */
+ /* rv->InitPIN */
+ /* rv->SetPIN */
+ /* rv->GetOperationStateLen */
+ /* rv->GetOperationState */
+ /* rv->SetOperationState */
+ rv->CreateObject = ckmk_mdSession_CreateObject;
+ /* rv->CopyObject */
+ rv->FindObjectsInit = ckmk_mdSession_FindObjectsInit;
+ /* rv->SeedRandom */
+ /* rv->GetRandom */
+ /* rv->null */
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/nssmkey/mslot.c b/security/nss/lib/ckfw/nssmkey/mslot.c
new file mode 100644
index 000000000..b2747ff7b
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/mslot.c
@@ -0,0 +1,81 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckmk.h"
+
+/*
+ * nssmkey/mslot.c
+ *
+ * This file implements the NSSCKMDSlot object for the
+ * "nssmkey" cryptoki module.
+ */
+
+static NSSUTF8 *
+ckmk_mdSlot_GetSlotDescription(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_SlotDescription;
+}
+
+static NSSUTF8 *
+ckmk_mdSlot_GetManufacturerID(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_ManufacturerID;
+}
+
+static CK_VERSION
+ckmk_mdSlot_GetHardwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckmk_HardwareVersion;
+}
+
+static CK_VERSION
+ckmk_mdSlot_GetFirmwareVersion(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckmk_FirmwareVersion;
+}
+
+static NSSCKMDToken *
+ckmk_mdSlot_GetToken(
+ NSSCKMDSlot *mdSlot,
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSCKMDToken *)&nss_ckmk_mdToken;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDSlot
+ nss_ckmk_mdSlot = {
+ (void *)NULL, /* etc */
+ NULL, /* Initialize */
+ NULL, /* Destroy */
+ ckmk_mdSlot_GetSlotDescription,
+ ckmk_mdSlot_GetManufacturerID,
+ NULL, /* GetTokenPresent -- defaults to true */
+ NULL, /* GetRemovableDevice -- defaults to false */
+ NULL, /* GetHardwareSlot -- defaults to false */
+ ckmk_mdSlot_GetHardwareVersion,
+ ckmk_mdSlot_GetFirmwareVersion,
+ ckmk_mdSlot_GetToken,
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/nssmkey/mtoken.c b/security/nss/lib/ckfw/nssmkey/mtoken.c
new file mode 100644
index 000000000..e18d61240
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/mtoken.c
@@ -0,0 +1,184 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ckmk.h"
+
+/*
+ * nssmkey/mtoken.c
+ *
+ * This file implements the NSSCKMDToken object for the
+ * "nssmkey" cryptoki module.
+ */
+
+static NSSUTF8 *
+ckmk_mdToken_GetLabel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_TokenLabel;
+}
+
+static NSSUTF8 *
+ckmk_mdToken_GetManufacturerID(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_ManufacturerID;
+}
+
+static NSSUTF8 *
+ckmk_mdToken_GetModel(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_TokenModel;
+}
+
+static NSSUTF8 *
+ckmk_mdToken_GetSerialNumber(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ return (NSSUTF8 *)nss_ckmk_TokenSerialNumber;
+}
+
+static CK_BBOOL
+ckmk_mdToken_GetIsWriteProtected(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_FALSE;
+}
+
+/* fake out Mozilla so we don't try to initialize the token */
+static CK_BBOOL
+ckmk_mdToken_GetUserPinInitialized(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return CK_TRUE;
+}
+
+static CK_VERSION
+ckmk_mdToken_GetHardwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckmk_HardwareVersion;
+}
+
+static CK_VERSION
+ckmk_mdToken_GetFirmwareVersion(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return nss_ckmk_FirmwareVersion;
+}
+
+static NSSCKMDSession *
+ckmk_mdToken_OpenSession(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSCKFWSession *fwSession,
+ CK_BBOOL rw,
+ CK_RV *pError)
+{
+ return nss_ckmk_CreateSession(fwSession, pError);
+}
+
+static CK_ULONG
+ckmk_mdToken_GetMechanismCount(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ return (CK_ULONG)1;
+}
+
+static CK_RV
+ckmk_mdToken_GetMechanismTypes(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE types[])
+{
+ types[0] = CKM_RSA_PKCS;
+ return CKR_OK;
+}
+
+static NSSCKMDMechanism *
+ckmk_mdToken_GetMechanism(
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError)
+{
+ if (which != CKM_RSA_PKCS) {
+ *pError = CKR_MECHANISM_INVALID;
+ return (NSSCKMDMechanism *)NULL;
+ }
+ return (NSSCKMDMechanism *)&nss_ckmk_mdMechanismRSA;
+}
+
+NSS_IMPLEMENT_DATA const NSSCKMDToken
+ nss_ckmk_mdToken = {
+ (void *)NULL, /* etc */
+ NULL, /* Setup */
+ NULL, /* Invalidate */
+ NULL, /* InitToken -- default errs */
+ ckmk_mdToken_GetLabel,
+ ckmk_mdToken_GetManufacturerID,
+ ckmk_mdToken_GetModel,
+ ckmk_mdToken_GetSerialNumber,
+ NULL, /* GetHasRNG -- default is false */
+ ckmk_mdToken_GetIsWriteProtected,
+ NULL, /* GetLoginRequired -- default is false */
+ ckmk_mdToken_GetUserPinInitialized,
+ NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
+ NULL, /* GetHasClockOnToken -- default is false */
+ NULL, /* GetHasProtectedAuthenticationPath -- default is false */
+ NULL, /* GetSupportsDualCryptoOperations -- default is false */
+ NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetMaxPinLen -- irrelevant */
+ NULL, /* GetMinPinLen -- irrelevant */
+ NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
+ ckmk_mdToken_GetHardwareVersion,
+ ckmk_mdToken_GetFirmwareVersion,
+ NULL, /* GetUTCTime -- no clock */
+ ckmk_mdToken_OpenSession,
+ ckmk_mdToken_GetMechanismCount,
+ ckmk_mdToken_GetMechanismTypes,
+ ckmk_mdToken_GetMechanism,
+ (void *)NULL /* null terminator */
+ };
diff --git a/security/nss/lib/ckfw/nssmkey/nssmkey.def b/security/nss/lib/ckfw/nssmkey/nssmkey.def
new file mode 100644
index 000000000..45d307ff0
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/nssmkey.def
@@ -0,0 +1,26 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSSMKEY_3.0 { # First release of nssmkey
+;+ global:
+LIBRARY nssmkey ;-
+EXPORTS ;-
+C_GetFunctionList;
+;+ local:
+;+*;
+;+};
diff --git a/security/nss/lib/ckfw/nssmkey/nssmkey.h b/security/nss/lib/ckfw/nssmkey/nssmkey.h
new file mode 100644
index 000000000..ba58233e6
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/nssmkey.h
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSMKEY_H
+#define NSSMKEY_H
+
+/*
+ * NSS CKMK Version numbers.
+ *
+ * These are the version numbers for the nssmkey module packaged with
+ * this release on NSS. To determine the version numbers of the builtin
+ * module you are using, use the appropriate PKCS #11 calls.
+ *
+ * These version numbers detail changes to the PKCS #11 interface. They map
+ * to the PKCS #11 spec versions.
+ */
+#define NSS_CKMK_CRYPTOKI_VERSION_MAJOR 2
+#define NSS_CKMK_CRYPTOKI_VERSION_MINOR 20
+
+/* These version numbers detail the changes
+ * to the list of trusted certificates.
+ *
+ * NSS_CKMK_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
+ * whether we may use its full range (0-255) or only 0-99 because
+ * of the comment in the CK_VERSION type definition.
+ */
+#define NSS_CKMK_LIBRARY_VERSION_MAJOR 1
+#define NSS_CKMK_LIBRARY_VERSION_MINOR 1
+#define NSS_CKMK_LIBRARY_VERSION "1.1"
+
+/* These version numbers detail the semantic changes to the ckfw engine. */
+#define NSS_CKMK_HARDWARE_VERSION_MAJOR 1
+#define NSS_CKMK_HARDWARE_VERSION_MINOR 0
+
+/* These version numbers detail the semantic changes to ckbi itself
+ * (new PKCS #11 objects), etc. */
+#define NSS_CKMK_FIRMWARE_VERSION_MAJOR 1
+#define NSS_CKMK_FIRMWARE_VERSION_MINOR 0
+
+#endif /* NSSMKEY_H */
diff --git a/security/nss/lib/ckfw/nssmkey/staticobj.c b/security/nss/lib/ckfw/nssmkey/staticobj.c
new file mode 100644
index 000000000..5f3bb7c72
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/staticobj.c
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CKMK_H
+#include "ckmk.h"
+#endif /* CKMK_H */
+
+static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID;
+static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
+static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR;
+static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST;
+static const CK_BBOOL ck_true = CK_TRUE;
+static const CK_OBJECT_CLASS cko_data = CKO_DATA;
+static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509;
+static const CK_BBOOL ck_false = CK_FALSE;
+static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
+
+/* example of a static object */
+static const CK_ATTRIBUTE_TYPE nss_ckmk_types_1[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
+};
+
+static const NSSItem nss_ckmk_items_1[] = {
+ { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Mozilla Mac Key Ring Access", (PRUint32)28 }
+};
+
+ckmkInternalObject nss_ckmk_data[] = {
+ { ckmkRaw, { { 5, nss_ckmk_types_1, nss_ckmk_items_1 } }, CKO_DATA, { NULL } },
+};
+
+const PRUint32 nss_ckmk_nObjects = 1;
diff --git a/security/nss/lib/ckfw/object.c b/security/nss/lib/ckfw/object.c
new file mode 100644
index 000000000..ff0542ee4
--- /dev/null
+++ b/security/nss/lib/ckfw/object.c
@@ -0,0 +1,973 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * object.c
+ *
+ * This file implements the NSSCKFWObject type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWObject
+ *
+ * -- create/destroy --
+ * nssCKFWObject_Create
+ * nssCKFWObject_Finalize
+ * nssCKFWObject_Destroy
+ *
+ * -- public accessors --
+ * NSSCKFWObject_GetMDObject
+ * NSSCKFWObject_GetArena
+ * NSSCKFWObject_IsTokenObject
+ * NSSCKFWObject_GetAttributeCount
+ * NSSCKFWObject_GetAttributeTypes
+ * NSSCKFWObject_GetAttributeSize
+ * NSSCKFWObject_GetAttribute
+ * NSSCKFWObject_SetAttribute
+ * NSSCKFWObject_GetObjectSize
+ *
+ * -- implement public accessors --
+ * nssCKFWObject_GetMDObject
+ * nssCKFWObject_GetArena
+ *
+ * -- private accessors --
+ * nssCKFWObject_SetHandle
+ * nssCKFWObject_GetHandle
+ *
+ * -- module fronts --
+ * nssCKFWObject_IsTokenObject
+ * nssCKFWObject_GetAttributeCount
+ * nssCKFWObject_GetAttributeTypes
+ * nssCKFWObject_GetAttributeSize
+ * nssCKFWObject_GetAttribute
+ * nssCKFWObject_SetAttribute
+ * nssCKFWObject_GetObjectSize
+ */
+
+struct NSSCKFWObjectStr {
+ NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
+ NSSArena *arena;
+ NSSCKMDObject *mdObject;
+ NSSCKMDSession *mdSession;
+ NSSCKFWSession *fwSession;
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+ NSSCKMDInstance *mdInstance;
+ NSSCKFWInstance *fwInstance;
+ CK_OBJECT_HANDLE hObject;
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+object_add_pointer(
+ const NSSCKFWObject *fwObject)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+object_remove_pointer(
+ const NSSCKFWObject *fwObject)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWObject_verifyPointer(
+ const NSSCKFWObject *fwObject)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWObject_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKFWObject *
+nssCKFWObject_Create(
+ NSSArena *arena,
+ NSSCKMDObject *mdObject,
+ NSSCKFWSession *fwSession,
+ NSSCKFWToken *fwToken,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ NSSCKFWObject *fwObject;
+ nssCKFWHash *mdObjectHash;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
+ mdObjectHash = nssCKFWToken_GetMDObjectHash(fwToken);
+ if (!mdObjectHash) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (nssCKFWHash_Exists(mdObjectHash, mdObject)) {
+ fwObject = nssCKFWHash_Lookup(mdObjectHash, mdObject);
+ return fwObject;
+ }
+
+ fwObject = nss_ZNEW(arena, NSSCKFWObject);
+ if (!fwObject) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject->arena = arena;
+ fwObject->mdObject = mdObject;
+ fwObject->fwSession = fwSession;
+
+ if (fwSession) {
+ fwObject->mdSession = nssCKFWSession_GetMDSession(fwSession);
+ }
+
+ fwObject->fwToken = fwToken;
+ fwObject->mdToken = nssCKFWToken_GetMDToken(fwToken);
+ fwObject->fwInstance = fwInstance;
+ fwObject->mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
+ fwObject->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if (!fwObject->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ nss_ZFreeIf(fwObject);
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWHash_Add(mdObjectHash, mdObject, fwObject);
+ if (CKR_OK != *pError) {
+ nss_ZFreeIf(fwObject);
+ return (NSSCKFWObject *)NULL;
+ }
+
+#ifdef DEBUG
+ *pError = object_add_pointer(fwObject);
+ if (CKR_OK != *pError) {
+ nssCKFWHash_Remove(mdObjectHash, mdObject);
+ nss_ZFreeIf(fwObject);
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* DEBUG */
+
+ *pError = CKR_OK;
+ return fwObject;
+}
+
+/*
+ * nssCKFWObject_Finalize
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWObject_Finalize(
+ NSSCKFWObject *fwObject,
+ PRBool removeFromHash)
+{
+ nssCKFWHash *mdObjectHash;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ (void)nssCKFWMutex_Destroy(fwObject->mutex);
+
+ if (fwObject->mdObject->Finalize) {
+ fwObject->mdObject->Finalize(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
+ }
+
+ if (removeFromHash) {
+ mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
+ if (mdObjectHash) {
+ nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
+ }
+ }
+
+ if (fwObject->fwSession) {
+ nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
+ }
+ nss_ZFreeIf(fwObject);
+
+#ifdef DEBUG
+ (void)object_remove_pointer(fwObject);
+#endif /* DEBUG */
+
+ return;
+}
+
+/*
+ * nssCKFWObject_Destroy
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWObject_Destroy(
+ NSSCKFWObject *fwObject)
+{
+ nssCKFWHash *mdObjectHash;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ (void)nssCKFWMutex_Destroy(fwObject->mutex);
+
+ if (fwObject->mdObject->Destroy) {
+ fwObject->mdObject->Destroy(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
+ }
+
+ mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
+ if (mdObjectHash) {
+ nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
+ }
+
+ if (fwObject->fwSession) {
+ nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
+ }
+ nss_ZFreeIf(fwObject);
+
+#ifdef DEBUG
+ (void)object_remove_pointer(fwObject);
+#endif /* DEBUG */
+
+ return;
+}
+
+/*
+ * nssCKFWObject_GetMDObject
+ *
+ */
+NSS_IMPLEMENT NSSCKMDObject *
+nssCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (NSSCKMDObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwObject->mdObject;
+}
+
+/*
+ * nssCKFWObject_GetArena
+ *
+ */
+NSS_IMPLEMENT NSSArena *
+nssCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwObject->arena;
+}
+
+/*
+ * nssCKFWObject_SetHandle
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWObject_SetHandle(
+ NSSCKFWObject *fwObject,
+ CK_OBJECT_HANDLE hObject)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+
+#ifdef NSSDEBUG
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ if ((CK_OBJECT_HANDLE)0 != fwObject->hObject) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ fwObject->hObject = hObject;
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWObject_GetHandle
+ *
+ */
+NSS_IMPLEMENT CK_OBJECT_HANDLE
+nssCKFWObject_GetHandle(
+ NSSCKFWObject *fwObject)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (CK_OBJECT_HANDLE)0;
+ }
+#endif /* NSSDEBUG */
+
+ return fwObject->hObject;
+}
+
+/*
+ * nssCKFWObject_IsTokenObject
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject)
+{
+ CK_BBOOL b = CK_FALSE;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwObject->mdObject->IsTokenObject) {
+ NSSItem item;
+ NSSItem *pItem;
+ CK_RV rv = CKR_OK;
+
+ item.data = (void *)&b;
+ item.size = sizeof(b);
+
+ pItem = nssCKFWObject_GetAttribute(fwObject, CKA_TOKEN, &item,
+ (NSSArena *)NULL, &rv);
+ if (!pItem) {
+ /* Error of some type */
+ b = CK_FALSE;
+ goto done;
+ }
+
+ goto done;
+ }
+
+ b = fwObject->mdObject->IsTokenObject(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
+
+done:
+ return b;
+}
+
+/*
+ * nssCKFWObject_GetAttributeCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+ CK_ULONG rv;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwObject->mdObject->GetAttributeCount) {
+ *pError = CKR_GENERAL_ERROR;
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+
+ rv = fwObject->mdObject->GetAttributeCount(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ pError);
+
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWObject_GetAttributeTypes
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if ((CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray) {
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwObject->mdObject->GetAttributeTypes) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ error = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ typeArray, ulCount);
+
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWObject_GetAttributeSize
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ CK_ULONG rv;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwObject->mdObject->GetAttributeSize) {
+ *pError = CKR_GENERAL_ERROR;
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+
+ rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ attribute, pError);
+
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWObject_GetAttribute
+ *
+ * Usual NSS allocation rules:
+ * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
+ * will be allocated. If itemOpt is not NULL but itemOpt->data is,
+ * the buffer will be allocated; otherwise, the buffer will be used.
+ * Any allocations will come from the optional arena, if one is
+ * specified.
+ */
+NSS_IMPLEMENT NSSItem *
+nssCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError)
+{
+ NSSItem *rv = (NSSItem *)NULL;
+ NSSCKFWItem mdItem;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSItem *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSItem *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwObject->mdObject->GetAttribute) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSItem *)NULL;
+ }
+
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSItem *)NULL;
+ }
+
+ mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ attribute, pError);
+
+ if (!mdItem.item) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+
+ goto done;
+ }
+
+ if (!itemOpt) {
+ rv = nss_ZNEW(arenaOpt, NSSItem);
+ if (!rv) {
+ *pError = CKR_HOST_MEMORY;
+ goto done;
+ }
+ } else {
+ rv = itemOpt;
+ }
+
+ if (!rv->data) {
+ rv->size = mdItem.item->size;
+ rv->data = nss_ZAlloc(arenaOpt, rv->size);
+ if (!rv->data) {
+ *pError = CKR_HOST_MEMORY;
+ if (!itemOpt) {
+ nss_ZFreeIf(rv);
+ }
+ rv = (NSSItem *)NULL;
+ goto done;
+ }
+ } else {
+ if (rv->size >= mdItem.item->size) {
+ rv->size = mdItem.item->size;
+ } else {
+ *pError = CKR_BUFFER_TOO_SMALL;
+ /* Should we set rv->size to mdItem->size? */
+ /* rv can't have been allocated */
+ rv = (NSSItem *)NULL;
+ goto done;
+ }
+ }
+
+ (void)nsslibc_memcpy(rv->data, mdItem.item->data, rv->size);
+
+ if (PR_TRUE == mdItem.needsFreeing) {
+ PR_ASSERT(fwObject->mdObject->FreeAttribute);
+ if (fwObject->mdObject->FreeAttribute) {
+ *pError = fwObject->mdObject->FreeAttribute(&mdItem);
+ }
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWObject_SetAttribute
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWObject_SetAttribute(
+ NSSCKFWObject *fwObject,
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKA_TOKEN == attribute) {
+ /*
+ * We're changing from a session object to a token object or
+ * vice-versa.
+ */
+
+ CK_ATTRIBUTE a;
+ NSSCKFWObject *newFwObject;
+ NSSCKFWObject swab;
+
+ a.type = CKA_TOKEN;
+ a.pValue = value->data;
+ a.ulValueLen = value->size;
+
+ newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject,
+ &a, 1, &error);
+ if (!newFwObject) {
+ if (CKR_OK == error) {
+ error = CKR_GENERAL_ERROR;
+ }
+ return error;
+ }
+
+ /*
+ * Actually, I bet the locking is worse than this.. this part of
+ * the code could probably use some scrutiny and reworking.
+ */
+ error = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != error) {
+ nssCKFWObject_Destroy(newFwObject);
+ return error;
+ }
+
+ error = nssCKFWMutex_Lock(newFwObject->mutex);
+ if (CKR_OK != error) {
+ nssCKFWMutex_Unlock(fwObject->mutex);
+ nssCKFWObject_Destroy(newFwObject);
+ return error;
+ }
+
+ /*
+ * Now, we have our new object, but it has a new fwObject pointer,
+ * while we have to keep the existing one. So quick swap the contents.
+ */
+ swab = *fwObject;
+ *fwObject = *newFwObject;
+ *newFwObject = swab;
+
+ /* But keep the mutexes the same */
+ swab.mutex = fwObject->mutex;
+ fwObject->mutex = newFwObject->mutex;
+ newFwObject->mutex = swab.mutex;
+
+ (void)nssCKFWMutex_Unlock(newFwObject->mutex);
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+
+ /*
+ * Either remove or add this to the list of session objects
+ */
+
+ if (CK_FALSE == *(CK_BBOOL *)value->data) {
+ /*
+ * New one is a session object, except since we "stole" the fwObject, it's
+ * not in the list. Add it.
+ */
+ nssCKFWSession_RegisterSessionObject(fwSession, fwObject);
+ } else {
+ /*
+ * New one is a token object, except since we "stole" the fwObject, it's
+ * in the list. Remove it.
+ */
+ if (fwObject->fwSession) {
+ nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
+ }
+ }
+
+ /*
+ * Now delete the old object. Remember the names have changed.
+ */
+ nssCKFWObject_Destroy(newFwObject);
+
+ return CKR_OK;
+ } else {
+ /*
+ * An "ordinary" change.
+ */
+ if (!fwObject->mdObject->SetAttribute) {
+ /* We could fake it with copying, like above.. later */
+ return CKR_ATTRIBUTE_READ_ONLY;
+ }
+
+ error = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ attribute, value);
+
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+
+ return error;
+ }
+}
+
+/*
+ * nssCKFWObject_GetObjectSize
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+ CK_ULONG rv;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwObject->mdObject->GetObjectSize) {
+ *pError = CKR_INFORMATION_SENSITIVE;
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWMutex_Lock(fwObject->mutex);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+
+ rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
+ fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
+ fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
+ pError);
+
+ (void)nssCKFWMutex_Unlock(fwObject->mutex);
+ return rv;
+}
+
+/*
+ * NSSCKFWObject_GetMDObject
+ *
+ */
+NSS_IMPLEMENT NSSCKMDObject *
+NSSCKFWObject_GetMDObject(
+ NSSCKFWObject *fwObject)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return (NSSCKMDObject *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetMDObject(fwObject);
+}
+
+/*
+ * NSSCKFWObject_GetArena
+ *
+ */
+NSS_IMPLEMENT NSSArena *
+NSSCKFWObject_GetArena(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetArena(fwObject, pError);
+}
+
+/*
+ * NSSCKFWObject_IsTokenObject
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+NSSCKFWObject_IsTokenObject(
+ NSSCKFWObject *fwObject)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWObject_verifyPointer(fwObject)) {
+ return CK_FALSE;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_IsTokenObject(fwObject);
+}
+
+/*
+ * NSSCKFWObject_GetAttributeCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+NSSCKFWObject_GetAttributeCount(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetAttributeCount(fwObject, pError);
+}
+
+/*
+ * NSSCKFWObject_GetAttributeTypes
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWObject_GetAttributeTypes(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+#ifdef DEBUG
+ CK_RV error = CKR_OK;
+
+ error = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if ((CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray) {
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetAttributeTypes(fwObject, typeArray, ulCount);
+}
+
+/*
+ * NSSCKFWObject_GetAttributeSize
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+NSSCKFWObject_GetAttributeSize(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetAttributeSize(fwObject, attribute, pError);
+}
+
+/*
+ * NSSCKFWObject_GetAttribute
+ *
+ */
+NSS_IMPLEMENT NSSItem *
+NSSCKFWObject_GetAttribute(
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *itemOpt,
+ NSSArena *arenaOpt,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (NSSItem *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSItem *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetAttribute(fwObject, attribute, itemOpt, arenaOpt, pError);
+}
+
+/*
+ * NSSCKFWObject_GetObjectSize
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+NSSCKFWObject_GetObjectSize(
+ NSSCKFWObject *fwObject,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWObject_GetObjectSize(fwObject, pError);
+}
diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c
new file mode 100644
index 000000000..a3119345c
--- /dev/null
+++ b/security/nss/lib/ckfw/session.c
@@ -0,0 +1,2390 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * session.c
+ *
+ * This file implements the NSSCKFWSession type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWSession
+ *
+ * -- create/destroy --
+ * nssCKFWSession_Create
+ * nssCKFWSession_Destroy
+ *
+ * -- public accessors --
+ * NSSCKFWSession_GetMDSession
+ * NSSCKFWSession_GetArena
+ * NSSCKFWSession_CallNotification
+ * NSSCKFWSession_IsRWSession
+ * NSSCKFWSession_IsSO
+ * NSSCKFWSession_GetFWSlot
+ *
+ * -- implement public accessors --
+ * nssCKFWSession_GetMDSession
+ * nssCKFWSession_GetArena
+ * nssCKFWSession_CallNotification
+ * nssCKFWSession_IsRWSession
+ * nssCKFWSession_IsSO
+ * nssCKFWSession_GetFWSlot
+ *
+ * -- private accessors --
+ * nssCKFWSession_GetSessionState
+ * nssCKFWSession_SetFWFindObjects
+ * nssCKFWSession_GetFWFindObjects
+ * nssCKFWSession_SetMDSession
+ * nssCKFWSession_SetHandle
+ * nssCKFWSession_GetHandle
+ * nssCKFWSession_RegisterSessionObject
+ * nssCKFWSession_DeegisterSessionObject
+ *
+ * -- module fronts --
+ * nssCKFWSession_GetDeviceError
+ * nssCKFWSession_Login
+ * nssCKFWSession_Logout
+ * nssCKFWSession_InitPIN
+ * nssCKFWSession_SetPIN
+ * nssCKFWSession_GetOperationStateLen
+ * nssCKFWSession_GetOperationState
+ * nssCKFWSession_SetOperationState
+ * nssCKFWSession_CreateObject
+ * nssCKFWSession_CopyObject
+ * nssCKFWSession_FindObjectsInit
+ * nssCKFWSession_SeedRandom
+ * nssCKFWSession_GetRandom
+ */
+
+struct NSSCKFWSessionStr {
+ NSSArena *arena;
+ NSSCKMDSession *mdSession;
+ NSSCKFWToken *fwToken;
+ NSSCKMDToken *mdToken;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+ CK_VOID_PTR pApplication;
+ CK_NOTIFY Notify;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The items below are atomic. No locking required. If we fear
+ * about pointer-copies being nonatomic, we'll lock fwFindObjects.
+ */
+
+ CK_BBOOL rw;
+ NSSCKFWFindObjects *fwFindObjects;
+ NSSCKFWCryptoOperation *fwOperationArray[NSSCKFWCryptoOperationState_Max];
+ nssCKFWHash *sessionObjectHash;
+ CK_SESSION_HANDLE hSession;
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+session_add_pointer(
+ const NSSCKFWSession *fwSession)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+session_remove_pointer(
+ const NSSCKFWSession *fwSession)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_verifyPointer(
+ const NSSCKFWSession *fwSession)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWSession_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSession *
+nssCKFWSession_Create(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError)
+{
+ NSSArena *arena = (NSSArena *)NULL;
+ NSSCKFWSession *fwSession;
+ NSSCKFWSlot *fwSlot;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWSession *)NULL;
+ }
+
+ fwSession = nss_ZNEW(arena, NSSCKFWSession);
+ if (!fwSession) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fwSession->arena = arena;
+ fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
+ fwSession->fwToken = fwToken;
+ fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
+
+ fwSlot = nssCKFWToken_GetFWSlot(fwToken);
+ fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
+ fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
+
+ fwSession->rw = rw;
+ fwSession->pApplication = pApplication;
+ fwSession->Notify = Notify;
+
+ fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
+
+ fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
+ if (!fwSession->sessionObjectHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+#ifdef DEBUG
+ *pError = session_add_pointer(fwSession);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+#endif /* DEBUG */
+
+ return fwSession;
+
+loser:
+ if (arena) {
+ if (fwSession && fwSession->sessionObjectHash) {
+ (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
+ }
+ NSSArena_Destroy(arena);
+ }
+
+ return (NSSCKFWSession *)NULL;
+}
+
+static void
+nss_ckfw_session_object_destroy_iterator(
+ const void *key,
+ void *value,
+ void *closure)
+{
+ NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
+ nssCKFWObject_Finalize(fwObject, PR_TRUE);
+}
+
+/*
+ * nssCKFWSession_Destroy
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Destroy(
+ NSSCKFWSession *fwSession,
+ CK_BBOOL removeFromTokenHash)
+{
+ CK_RV error = CKR_OK;
+ nssCKFWHash *sessionObjectHash;
+ NSSCKFWCryptoOperationState i;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ if (removeFromTokenHash) {
+ error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
+ }
+
+ /*
+ * Invalidate session objects
+ */
+
+ sessionObjectHash = fwSession->sessionObjectHash;
+ fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
+
+ nssCKFWHash_Iterate(sessionObjectHash,
+ nss_ckfw_session_object_destroy_iterator,
+ (void *)NULL);
+
+ for (i = 0; i < NSSCKFWCryptoOperationState_Max; i++) {
+ if (fwSession->fwOperationArray[i]) {
+ nssCKFWCryptoOperation_Destroy(fwSession->fwOperationArray[i]);
+ }
+ }
+
+#ifdef DEBUG
+ (void)session_remove_pointer(fwSession);
+#endif /* DEBUG */
+ (void)nssCKFWHash_Destroy(sessionObjectHash);
+ NSSArena_Destroy(fwSession->arena);
+
+ return error;
+}
+
+/*
+ * nssCKFWSession_GetMDSession
+ *
+ */
+NSS_IMPLEMENT NSSCKMDSession *
+nssCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (NSSCKMDSession *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSession->mdSession;
+}
+
+/*
+ * nssCKFWSession_GetArena
+ *
+ */
+NSS_IMPLEMENT NSSArena *
+nssCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSession->arena;
+}
+
+/*
+ * nssCKFWSession_CallNotification
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event)
+{
+ CK_RV error = CKR_OK;
+ CK_SESSION_HANDLE handle;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ if ((CK_NOTIFY)NULL == fwSession->Notify) {
+ return CKR_OK;
+ }
+
+ handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
+ if ((CK_SESSION_HANDLE)0 == handle) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ error = fwSession->Notify(handle, event, fwSession->pApplication);
+
+ return error;
+}
+
+/*
+ * nssCKFWSession_IsRWSession
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSession->rw;
+}
+
+/*
+ * nssCKFWSession_IsSO
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWSession_IsSO(
+ NSSCKFWSession *fwSession)
+{
+ CK_STATE state;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ state = nssCKFWToken_GetSessionState(fwSession->fwToken);
+ switch (state) {
+ case CKS_RO_PUBLIC_SESSION:
+ case CKS_RO_USER_FUNCTIONS:
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RW_USER_FUNCTIONS:
+ return CK_FALSE;
+ case CKS_RW_SO_FUNCTIONS:
+ return CK_TRUE;
+ default:
+ return CK_FALSE;
+ }
+}
+
+/*
+ * nssCKFWSession_GetFWSlot
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSlot *
+nssCKFWSession_GetFWSlot(
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return nssCKFWToken_GetFWSlot(fwSession->fwToken);
+}
+
+/*
+ * nssCFKWSession_GetSessionState
+ *
+ */
+NSS_IMPLEMENT CK_STATE
+nssCKFWSession_GetSessionState(
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CKS_RO_PUBLIC_SESSION; /* whatever */
+ }
+#endif /* NSSDEBUG */
+
+ return nssCKFWToken_GetSessionState(fwSession->fwToken);
+}
+
+/*
+ * nssCKFWSession_SetFWFindObjects
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_SetFWFindObjects(
+ NSSCKFWSession *fwSession,
+ NSSCKFWFindObjects *fwFindObjects)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+/* fwFindObjects may be null */
+#endif /* NSSDEBUG */
+
+ if ((fwSession->fwFindObjects) &&
+ (fwFindObjects)) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ fwSession->fwFindObjects = fwFindObjects;
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWSession_GetFWFindObjects
+ *
+ */
+NSS_IMPLEMENT NSSCKFWFindObjects *
+nssCKFWSession_GetFWFindObjects(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSession->fwFindObjects) {
+ *pError = CKR_OPERATION_NOT_INITIALIZED;
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ return fwSession->fwFindObjects;
+}
+
+/*
+ * nssCKFWSession_SetMDSession
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_SetMDSession(
+ NSSCKFWSession *fwSession,
+ NSSCKMDSession *mdSession)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!mdSession) {
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* NSSDEBUG */
+
+ if (fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ fwSession->mdSession = mdSession;
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWSession_SetHandle
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_SetHandle(
+ NSSCKFWSession *fwSession,
+ CK_SESSION_HANDLE hSession)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ if ((CK_SESSION_HANDLE)0 != fwSession->hSession) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ fwSession->hSession = hSession;
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWSession_GetHandle
+ *
+ */
+NSS_IMPLEMENT CK_SESSION_HANDLE
+nssCKFWSession_GetHandle(
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSession->hSession;
+}
+
+/*
+ * nssCKFWSession_RegisterSessionObject
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_RegisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+ CK_RV rv = CKR_OK;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ if (fwSession->sessionObjectHash) {
+ rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
+ }
+
+ return rv;
+}
+
+/*
+ * nssCKFWSession_DeregisterSessionObject
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_DeregisterSessionObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ if (fwSession->sessionObjectHash) {
+ nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWSession_GetDeviceError
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWSession_GetDeviceError(
+ NSSCKFWSession *fwSession)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (CK_ULONG)0;
+ }
+
+ if (!fwSession->mdSession) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSession->mdSession->GetDeviceError) {
+ return (CK_ULONG)0;
+ }
+
+ return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance);
+}
+
+/*
+ * nssCKFWSession_Login
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Login(
+ NSSCKFWSession *fwSession,
+ CK_USER_TYPE userType,
+ NSSItem *pin)
+{
+ CK_RV error = CKR_OK;
+ CK_STATE oldState;
+ CK_STATE newState;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ switch (userType) {
+ case CKU_SO:
+ case CKU_USER:
+ break;
+ default:
+ return CKR_USER_TYPE_INVALID;
+ }
+
+ if (!pin) {
+ if (CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken)) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
+
+ /*
+ * It's not clear what happens when you're already logged in.
+ * I'll just fail; but if we decide to change, the logic is
+ * all right here.
+ */
+
+ if (CKU_SO == userType) {
+ switch (oldState) {
+ case CKS_RO_PUBLIC_SESSION:
+ /*
+ * There's no such thing as a read-only security officer
+ * session, so fail. The error should be CKR_SESSION_READ_ONLY,
+ * except that C_Login isn't defined to return that. So we'll
+ * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
+ */
+ return CKR_SESSION_READ_ONLY_EXISTS;
+ case CKS_RO_USER_FUNCTIONS:
+ return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
+ case CKS_RW_PUBLIC_SESSION:
+ newState =
+ CKS_RW_SO_FUNCTIONS;
+ break;
+ case CKS_RW_USER_FUNCTIONS:
+ return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
+ case CKS_RW_SO_FUNCTIONS:
+ return CKR_USER_ALREADY_LOGGED_IN;
+ default:
+ return CKR_GENERAL_ERROR;
+ }
+ } else /* CKU_USER == userType */ {
+ switch (oldState) {
+ case CKS_RO_PUBLIC_SESSION:
+ newState =
+ CKS_RO_USER_FUNCTIONS;
+ break;
+ case CKS_RO_USER_FUNCTIONS:
+ return CKR_USER_ALREADY_LOGGED_IN;
+ case CKS_RW_PUBLIC_SESSION:
+ newState =
+ CKS_RW_USER_FUNCTIONS;
+ break;
+ case CKS_RW_USER_FUNCTIONS:
+ return CKR_USER_ALREADY_LOGGED_IN;
+ case CKS_RW_SO_FUNCTIONS:
+ return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
+ default:
+ return CKR_GENERAL_ERROR;
+ }
+ }
+
+ /*
+ * So now we're in one of three cases:
+ *
+ * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
+ * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
+ * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
+ */
+
+ if (!fwSession->mdSession->Login) {
+ /*
+ * The Module doesn't want to be informed (or check the pin)
+ * it'll just rely on the Framework as needed.
+ */
+ ;
+ } else {
+ error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, userType, pin, oldState, newState);
+ if (CKR_OK != error) {
+ return error;
+ }
+ }
+
+ (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWSession_Logout
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Logout(
+ NSSCKFWSession *fwSession)
+{
+ CK_RV error = CKR_OK;
+ CK_STATE oldState;
+ CK_STATE newState;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
+
+ switch (oldState) {
+ case CKS_RO_PUBLIC_SESSION:
+ return CKR_USER_NOT_LOGGED_IN;
+ case CKS_RO_USER_FUNCTIONS:
+ newState = CKS_RO_PUBLIC_SESSION;
+ break;
+ case CKS_RW_PUBLIC_SESSION:
+ return CKR_USER_NOT_LOGGED_IN;
+ case CKS_RW_USER_FUNCTIONS:
+ newState = CKS_RW_PUBLIC_SESSION;
+ break;
+ case CKS_RW_SO_FUNCTIONS:
+ newState = CKS_RW_PUBLIC_SESSION;
+ break;
+ default:
+ return CKR_GENERAL_ERROR;
+ }
+
+ /*
+ * So now we're in one of three cases:
+ *
+ * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
+ * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
+ * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
+ */
+
+ if (!fwSession->mdSession->Logout) {
+ /*
+ * The Module doesn't want to be informed. Okay.
+ */
+ ;
+ } else {
+ error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, oldState, newState);
+ if (CKR_OK != error) {
+ /*
+ * Now what?! A failure really should end up with the Framework
+ * considering it logged out, right?
+ */
+ ;
+ }
+ }
+
+ (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
+ return error;
+}
+
+/*
+ * nssCKFWSession_InitPIN
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_InitPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *pin)
+{
+ CK_RV error = CKR_OK;
+ CK_STATE state;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ state = nssCKFWToken_GetSessionState(fwSession->fwToken);
+ if (CKS_RW_SO_FUNCTIONS != state) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ if (!pin) {
+ CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
+ if (CK_TRUE != has) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ }
+
+ if (!fwSession->mdSession->InitPIN) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, pin);
+
+ return error;
+}
+
+/*
+ * nssCKFWSession_SetPIN
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_SetPIN(
+ NSSCKFWSession *fwSession,
+ NSSItem *oldPin,
+ NSSItem *newPin)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ if (!newPin) {
+ CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
+ if (CK_TRUE != has) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ }
+
+ if (!oldPin) {
+ CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
+ if (CK_TRUE != has) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ }
+
+ if (!fwSession->mdSession->SetPIN) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, oldPin, newPin);
+
+ return error;
+}
+
+/*
+ * nssCKFWSession_GetOperationStateLen
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWSession_GetOperationStateLen(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+ CK_ULONG mdAmt;
+ CK_ULONG fwAmt;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (CK_ULONG)0;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (CK_ULONG)0;
+ }
+
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSession->mdSession->GetOperationStateLen) {
+ *pError = CKR_STATE_UNSAVEABLE;
+ return (CK_ULONG)0;
+ }
+
+ /*
+ * We could check that the session is actually in some state..
+ */
+
+ mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, pError);
+
+ if (((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError)) {
+ return (CK_ULONG)0;
+ }
+
+ /*
+ * Add a bit of sanity-checking
+ */
+ fwAmt = mdAmt + 2 * sizeof(CK_ULONG);
+
+ return fwAmt;
+}
+
+/*
+ * nssCKFWSession_GetOperationState
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_GetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG fwAmt;
+ CK_ULONG *ulBuffer;
+ NSSItem i2;
+ CK_ULONG n, i;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!buffer) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!buffer->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSession->mdSession->GetOperationState) {
+ return CKR_STATE_UNSAVEABLE;
+ }
+
+ /*
+ * Sanity-check the caller's buffer.
+ */
+
+ error = CKR_OK;
+ fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
+ if (((CK_ULONG)0 == fwAmt) && (CKR_OK != error)) {
+ return error;
+ }
+
+ if (buffer->size < fwAmt) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ ulBuffer = (CK_ULONG *)buffer->data;
+
+ i2.size = buffer->size - 2 * sizeof(CK_ULONG);
+ i2.data = (void *)&ulBuffer[2];
+
+ error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance, &i2);
+
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ /*
+ * Add a little integrety/identity check.
+ * NOTE: right now, it's pretty stupid.
+ * A CRC or something would be better.
+ */
+
+ ulBuffer[0] = 0x434b4657; /* CKFW */
+ ulBuffer[1] = 0;
+ n = i2.size / sizeof(CK_ULONG);
+ for (i = 0; i < n; i++) {
+ ulBuffer[1] ^= ulBuffer[2 + i];
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWSession_SetOperationState
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_SetOperationState(
+ NSSCKFWSession *fwSession,
+ NSSItem *state,
+ NSSCKFWObject *encryptionKey,
+ NSSCKFWObject *authenticationKey)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG *ulBuffer;
+ CK_ULONG n, i;
+ CK_ULONG x;
+ NSSItem s;
+ NSSCKMDObject *mdek;
+ NSSCKMDObject *mdak;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!state) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!state->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (encryptionKey) {
+ error = nssCKFWObject_verifyPointer(encryptionKey);
+ if (CKR_OK != error) {
+ return error;
+ }
+ }
+
+ if (authenticationKey) {
+ error = nssCKFWObject_verifyPointer(authenticationKey);
+ if (CKR_OK != error) {
+ return error;
+ }
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ ulBuffer = (CK_ULONG *)state->data;
+ if (0x43b4657 != ulBuffer[0]) {
+ return CKR_SAVED_STATE_INVALID;
+ }
+ n = (state->size / sizeof(CK_ULONG)) - 2;
+ x = (CK_ULONG)0;
+ for (i = 0; i < n; i++) {
+ x ^= ulBuffer[2 + i];
+ }
+
+ if (x != ulBuffer[1]) {
+ return CKR_SAVED_STATE_INVALID;
+ }
+
+ if (!fwSession->mdSession->SetOperationState) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ s.size = state->size - 2 * sizeof(CK_ULONG);
+ s.data = (void *)&ulBuffer[2];
+
+ if (encryptionKey) {
+ mdek = nssCKFWObject_GetMDObject(encryptionKey);
+ } else {
+ mdek = (NSSCKMDObject *)NULL;
+ }
+
+ if (authenticationKey) {
+ mdak = nssCKFWObject_GetMDObject(authenticationKey);
+ } else {
+ mdak = (NSSCKMDObject *)NULL;
+ }
+
+ error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
+
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ /*
+ * Here'd we restore any session data
+ */
+
+ return CKR_OK;
+}
+
+static CK_BBOOL
+nss_attributes_form_token_object(
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount)
+{
+ CK_ULONG i;
+ CK_BBOOL rv;
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ /* If we sanity-check, we can remove this sizeof check */
+ if (sizeof(CK_BBOOL) == pTemplate[i].ulValueLen) {
+ (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
+ return rv;
+ } else {
+ return CK_FALSE;
+ }
+ }
+ }
+
+ return CK_FALSE;
+}
+
+/*
+ * nssCKFWSession_CreateObject
+ *
+ */
+NSS_IMPLEMENT NSSCKFWObject *
+nssCKFWSession_CreateObject(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSArena *arena;
+ NSSCKMDObject *mdObject;
+ NSSCKFWObject *fwObject;
+ CK_BBOOL isTokenObject;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ /*
+ * Here would be an excellent place to sanity-check the object.
+ */
+
+ isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
+ if (CK_TRUE == isTokenObject) {
+ /* === TOKEN OBJECT === */
+
+ if (!fwSession->mdSession->CreateObject) {
+ *pError = CKR_TOKEN_WRITE_PROTECTED;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ goto callmdcreateobject;
+ } else {
+ /* === SESSION OBJECT === */
+
+ arena = nssCKFWSession_GetArena(fwSession, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwSession->fwInstance)) {
+ /* --- module handles the session object -- */
+
+ if (!fwSession->mdSession->CreateObject) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ goto callmdcreateobject;
+ } else {
+ /* --- framework handles the session object -- */
+ mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
+ arena, pTemplate, ulAttributeCount, pError);
+ goto gotmdobject;
+ }
+ }
+
+callmdcreateobject:
+ mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
+ ulAttributeCount, pError);
+
+gotmdobject:
+ if (!mdObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ fwObject = nssCKFWObject_Create(arena, mdObject,
+ isTokenObject ? NULL
+ : fwSession,
+ fwSession->fwToken, fwSession->fwInstance, pError);
+ if (!fwObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+
+ if (mdObject->Destroy) {
+ (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
+ fwSession->mdSession, fwSession, fwSession->mdToken,
+ fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
+ }
+
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (CK_FALSE == isTokenObject) {
+ if (CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject)) {
+ *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
+ if (CKR_OK != *pError) {
+ nssCKFWObject_Finalize(fwObject, PR_TRUE);
+ return (NSSCKFWObject *)NULL;
+ }
+ }
+ }
+
+ return fwObject;
+}
+
+/*
+ * nssCKFWSession_CopyObject
+ *
+ */
+NSS_IMPLEMENT NSSCKFWObject *
+nssCKFWSession_CopyObject(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ CK_BBOOL oldIsToken;
+ CK_BBOOL newIsToken;
+ CK_ULONG i;
+ NSSCKFWObject *rv;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWObject_verifyPointer(fwObject);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ /*
+ * Sanity-check object
+ */
+
+ if (!fwObject) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
+
+ newIsToken = oldIsToken;
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ /* Since we sanity-checked the object, we know this is the right size. */
+ (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
+ break;
+ }
+ }
+
+ /*
+ * If the Module handles its session objects, or if both the new
+ * and old object are token objects, use CopyObject if it exists.
+ */
+
+ if ((fwSession->mdSession->CopyObject) &&
+ (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
+ (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwSession->fwInstance)))) {
+ /* use copy object */
+ NSSArena *arena;
+ NSSCKMDObject *mdOldObject;
+ NSSCKMDObject *mdObject;
+
+ mdOldObject = nssCKFWObject_GetMDObject(fwObject);
+
+ if (CK_TRUE == newIsToken) {
+ arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
+ } else {
+ arena = nssCKFWSession_GetArena(fwSession, pError);
+ }
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
+ fwObject, arena, pTemplate, ulAttributeCount, pError);
+ if (!mdObject) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWObject *)NULL;
+ }
+
+ rv = nssCKFWObject_Create(arena, mdObject,
+ newIsToken ? NULL
+ : fwSession,
+ fwSession->fwToken, fwSession->fwInstance, pError);
+
+ if (CK_FALSE == newIsToken) {
+ if (CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv)) {
+ *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
+ if (CKR_OK != *pError) {
+ nssCKFWObject_Finalize(rv, PR_TRUE);
+ return (NSSCKFWObject *)NULL;
+ }
+ }
+ }
+
+ return rv;
+ } else {
+ /* use create object */
+ NSSArena *tmpArena;
+ CK_ATTRIBUTE_PTR newTemplate;
+ CK_ULONG i, j, n, newLength, k;
+ CK_ATTRIBUTE_TYPE_PTR oldTypes;
+ NSSCKFWObject *rv;
+
+ n = nssCKFWObject_GetAttributeCount(fwObject, pError);
+ if ((0 == n) && (CKR_OK != *pError)) {
+ return (NSSCKFWObject *)NULL;
+ }
+
+ tmpArena = NSSArena_Create();
+ if (!tmpArena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
+ if ((CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes) {
+ NSSArena_Destroy(tmpArena);
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
+ if (CKR_OK != *pError) {
+ NSSArena_Destroy(tmpArena);
+ return (NSSCKFWObject *)NULL;
+ }
+
+ newLength = n;
+ for (i = 0; i < ulAttributeCount; i++) {
+ for (j = 0; j < n; j++) {
+ if (oldTypes[j] == pTemplate[i].type) {
+ if ((CK_VOID_PTR)NULL ==
+ pTemplate[i].pValue) {
+ /* Removing the attribute */
+ newLength--;
+ }
+ break;
+ }
+ }
+ if (j == n) {
+ /* Not found */
+ newLength++;
+ }
+ }
+
+ newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
+ if ((CK_ATTRIBUTE_PTR)NULL == newTemplate) {
+ NSSArena_Destroy(tmpArena);
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWObject *)NULL;
+ }
+
+ k = 0;
+ for (j = 0; j < n; j++) {
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (oldTypes[j] == pTemplate[i].type) {
+ if ((CK_VOID_PTR)NULL ==
+ pTemplate[i].pValue) {
+ /* This attribute is being deleted */
+ ;
+ } else {
+ /* This attribute is being replaced */
+ newTemplate[k].type =
+ pTemplate[i].type;
+ newTemplate[k].pValue =
+ pTemplate[i].pValue;
+ newTemplate[k].ulValueLen =
+ pTemplate[i].ulValueLen;
+ k++;
+ }
+ break;
+ }
+ }
+ if (i == ulAttributeCount) {
+ /* This attribute is being copied over from the old object */
+ NSSItem item, *it;
+ item.size = 0;
+ item.data = (void *)NULL;
+ it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
+ &item, tmpArena, pError);
+ if (!it) {
+ if (CKR_OK ==
+ *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ NSSArena_Destroy(tmpArena);
+ return (NSSCKFWObject *)NULL;
+ }
+ newTemplate[k].type = oldTypes[j];
+ newTemplate[k].pValue = it->data;
+ newTemplate[k].ulValueLen = it->size;
+ k++;
+ }
+ }
+ /* assert that k == newLength */
+
+ rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
+ if (!rv) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ NSSArena_Destroy(tmpArena);
+ return (NSSCKFWObject *)NULL;
+ }
+
+ NSSArena_Destroy(tmpArena);
+ return rv;
+ }
+}
+
+/*
+ * nssCKFWSession_FindObjectsInit
+ *
+ */
+NSS_IMPLEMENT NSSCKFWFindObjects *
+nssCKFWSession_FindObjectsInit(
+ NSSCKFWSession *fwSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_RV *pError)
+{
+ NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
+ NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ if (((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ if (!fwSession->mdSession) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWFindObjects *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ if (CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwSession->fwInstance)) {
+ CK_ULONG i;
+
+ /*
+ * Does the search criteria restrict us to token or session
+ * objects?
+ */
+
+ for (i = 0; i < ulAttributeCount; i++) {
+ if (CKA_TOKEN == pTemplate[i].type) {
+ /* Yes, it does. */
+ CK_BBOOL isToken;
+ if (sizeof(CK_BBOOL) != pTemplate[i].ulValueLen) {
+ *pError =
+ CKR_ATTRIBUTE_VALUE_INVALID;
+ return (NSSCKFWFindObjects *)NULL;
+ }
+ (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
+
+ if (CK_TRUE == isToken) {
+ /* Pass it on to the module's search routine */
+ if (!fwSession->mdSession->FindObjectsInit) {
+ goto wrap;
+ }
+
+ mdfo1 =
+ fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance,
+ pTemplate, ulAttributeCount, pError);
+ } else {
+ /* Do the search ourselves */
+ mdfo1 =
+ nssCKMDFindSessionObjects_Create(fwSession->fwToken,
+ pTemplate, ulAttributeCount, pError);
+ }
+
+ if (!mdfo1) {
+ if (CKR_OK ==
+ *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ goto wrap;
+ }
+ }
+
+ if (i == ulAttributeCount) {
+ /* No, it doesn't. Do a hybrid search. */
+ mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance,
+ pTemplate, ulAttributeCount, pError);
+
+ if (!mdfo1) {
+ if (CKR_OK == *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
+ pTemplate, ulAttributeCount, pError);
+ if (!mdfo2) {
+ if (CKR_OK == *pError) {
+ *pError =
+ CKR_GENERAL_ERROR;
+ }
+ if (mdfo1->Final) {
+ mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance);
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ goto wrap;
+ }
+ /*NOTREACHED*/
+ } else {
+ /* Module handles all its own objects. Pass on to module's search */
+ mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
+ fwSession, fwSession->mdToken, fwSession->fwToken,
+ fwSession->mdInstance, fwSession->fwInstance,
+ pTemplate, ulAttributeCount, pError);
+
+ if (!mdfo1) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWFindObjects *)NULL;
+ }
+
+ goto wrap;
+ }
+
+wrap:
+ return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
+ fwSession->fwInstance, mdfo1, mdfo2, pError);
+}
+
+/*
+ * nssCKFWSession_SeedRandom
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_SeedRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *seed)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!seed) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!seed->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (0 == seed->size) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSession->mdSession->SeedRandom) {
+ return CKR_RANDOM_SEED_NOT_SUPPORTED;
+ }
+
+ error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, seed);
+
+ return error;
+}
+
+/*
+ * nssCKFWSession_GetRandom
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_GetRandom(
+ NSSCKFWSession *fwSession,
+ NSSItem *buffer)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!buffer) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!buffer->data) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSession->mdSession->GetRandom) {
+ if (CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken)) {
+ return CKR_GENERAL_ERROR;
+ } else {
+ return CKR_RANDOM_NO_RNG;
+ }
+ }
+
+ if (0 == buffer->size) {
+ return CKR_OK;
+ }
+
+ error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
+ fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
+ fwSession->fwInstance, buffer);
+
+ return error;
+}
+
+/*
+ * nssCKFWSession_SetCurrentCryptoOperation
+ */
+NSS_IMPLEMENT void
+nssCKFWSession_SetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperation *fwOperation,
+ NSSCKFWCryptoOperationState state)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return;
+ }
+
+ if (state >= NSSCKFWCryptoOperationState_Max) {
+ return;
+ }
+
+ if (!fwSession->mdSession) {
+ return;
+ }
+#endif /* NSSDEBUG */
+ fwSession->fwOperationArray[state] = fwOperation;
+ return;
+}
+
+/*
+ * nssCKFWSession_GetCurrentCryptoOperation
+ */
+NSS_IMPLEMENT NSSCKFWCryptoOperation *
+nssCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+
+ if (state >= NSSCKFWCryptoOperationState_Max) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+
+ if (!fwSession->mdSession) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+#endif /* NSSDEBUG */
+ return fwSession->fwOperationArray[state];
+}
+
+/*
+ * nssCKFWSession_Final
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Final(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem outputBuffer;
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* handle buffer issues, note for Verify, the type is an input buffer. */
+ if (NSSCKFWCryptoOperationType_Verify == type) {
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ error = CKR_ARGUMENTS_BAD;
+ goto done;
+ }
+ } else {
+ CK_ULONG len = nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error);
+ CK_ULONG maxBufLen = *outBufLen;
+
+ if (CKR_OK != error) {
+ goto done;
+ }
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
+
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ }
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
+
+ error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
+done:
+ if (CKR_BUFFER_TOO_SMALL == error) {
+ return error;
+ }
+ /* clean up our state */
+ nssCKFWCryptoOperation_Destroy(fwOperation);
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
+ return error;
+}
+
+/*
+ * nssCKFWSession_Update
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_Update(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem inputBuffer;
+ NSSItem outputBuffer;
+ CK_ULONG len;
+ CK_ULONG maxBufLen;
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
+
+ /* handle buffer issues, note for Verify, the type is an input buffer. */
+ len = nssCKFWCryptoOperation_GetOperationLength(fwOperation, &inputBuffer,
+ &error);
+ if (CKR_OK != error) {
+ return error;
+ }
+ maxBufLen = *outBufLen;
+
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
+
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
+
+ return nssCKFWCryptoOperation_Update(fwOperation,
+ &inputBuffer, &outputBuffer);
+}
+
+/*
+ * nssCKFWSession_DigestUpdate
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_DigestUpdate(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem inputBuffer;
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
+
+ error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
+ return error;
+}
+
+/*
+ * nssCKFWSession_DigestUpdate
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_DigestKey(
+ NSSCKFWSession *fwSession,
+ NSSCKFWObject *fwKey)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem *inputBuffer;
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_Digest);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (NSSCKFWCryptoOperationType_Digest !=
+ nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ error = nssCKFWCryptoOperation_DigestKey(fwOperation, fwKey);
+ if (CKR_FUNCTION_FAILED != error) {
+ return error;
+ }
+
+ /* no machine depended way for this to happen, do it by hand */
+ inputBuffer = nssCKFWObject_GetAttribute(fwKey, CKA_VALUE, NULL, NULL, &error);
+ if (!inputBuffer) {
+ /* couldn't get the value, just fail then */
+ return error;
+ }
+ error = nssCKFWCryptoOperation_DigestUpdate(fwOperation, inputBuffer);
+ nssItem_Destroy(inputBuffer);
+ return error;
+}
+
+/*
+ * nssCKFWSession_UpdateFinal
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_UpdateFinal(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType type,
+ NSSCKFWCryptoOperationState state,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSItem inputBuffer;
+ NSSItem outputBuffer;
+ PRBool isEncryptDecrypt;
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (type != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
+ isEncryptDecrypt = (PRBool)((NSSCKFWCryptoOperationType_Encrypt == type) ||
+ (NSSCKFWCryptoOperationType_Decrypt == type));
+
+ /* handle buffer issues, note for Verify, the type is an input buffer. */
+ if (NSSCKFWCryptoOperationType_Verify == type) {
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ error = CKR_ARGUMENTS_BAD;
+ goto done;
+ }
+ } else {
+ CK_ULONG maxBufLen = *outBufLen;
+ CK_ULONG len;
+
+ len = (isEncryptDecrypt) ? nssCKFWCryptoOperation_GetOperationLength(fwOperation,
+ &inputBuffer, &error)
+ : nssCKFWCryptoOperation_GetFinalLength(fwOperation, &error);
+
+ if (CKR_OK != error) {
+ goto done;
+ }
+
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
+
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ }
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
+
+ error = nssCKFWCryptoOperation_UpdateFinal(fwOperation,
+ &inputBuffer, &outputBuffer);
+
+ /* UpdateFinal isn't support, manually use Update and Final */
+ if (CKR_FUNCTION_FAILED == error) {
+ error = isEncryptDecrypt ? nssCKFWCryptoOperation_Update(fwOperation, &inputBuffer, &outputBuffer)
+ : nssCKFWCryptoOperation_DigestUpdate(fwOperation, &inputBuffer);
+
+ if (CKR_OK == error) {
+ error = nssCKFWCryptoOperation_Final(fwOperation, &outputBuffer);
+ }
+ }
+
+done:
+ if (CKR_BUFFER_TOO_SMALL == error) {
+ /* if we return CKR_BUFFER_TOO_SMALL, we the caller is not expecting.
+ * the crypto state to be freed */
+ return error;
+ }
+
+ /* clean up our state */
+ nssCKFWCryptoOperation_Destroy(fwOperation);
+ nssCKFWSession_SetCurrentCryptoOperation(fwSession, NULL, state);
+ return error;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWSession_UpdateCombo(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationType encryptType,
+ NSSCKFWCryptoOperationType digestType,
+ NSSCKFWCryptoOperationState digestState,
+ CK_BYTE_PTR inBuf,
+ CK_ULONG inBufLen,
+ CK_BYTE_PTR outBuf,
+ CK_ULONG_PTR outBufLen)
+{
+ NSSCKFWCryptoOperation *fwOperation;
+ NSSCKFWCryptoOperation *fwPeerOperation;
+ NSSItem inputBuffer;
+ NSSItem outputBuffer;
+ CK_ULONG maxBufLen = *outBufLen;
+ CK_ULONG len;
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSession->mdSession) {
+ return CKR_GENERAL_ERROR;
+ }
+#endif /* NSSDEBUG */
+
+ /* make sure we have a valid operation initialized */
+ fwOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ NSSCKFWCryptoOperationState_EncryptDecrypt);
+ if (!fwOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (encryptType != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+ /* make sure we have a valid operation initialized */
+ fwPeerOperation = nssCKFWSession_GetCurrentCryptoOperation(fwSession,
+ digestState);
+ if (!fwPeerOperation) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* make sure it's the correct type */
+ if (digestType != nssCKFWCryptoOperation_GetType(fwOperation)) {
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ inputBuffer.data = inBuf;
+ inputBuffer.size = inBufLen;
+ len = nssCKFWCryptoOperation_GetOperationLength(fwOperation,
+ &inputBuffer, &error);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ *outBufLen = len;
+ if ((CK_BYTE_PTR)NULL == outBuf) {
+ return CKR_OK;
+ }
+
+ if (len > maxBufLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ outputBuffer.data = outBuf;
+ outputBuffer.size = *outBufLen;
+
+ error = nssCKFWCryptoOperation_UpdateCombo(fwOperation, fwPeerOperation,
+ &inputBuffer, &outputBuffer);
+ if (CKR_FUNCTION_FAILED == error) {
+ PRBool isEncrypt =
+ (PRBool)(NSSCKFWCryptoOperationType_Encrypt == encryptType);
+
+ if (isEncrypt) {
+ error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
+ &inputBuffer);
+ if (CKR_OK != error) {
+ return error;
+ }
+ }
+ error = nssCKFWCryptoOperation_Update(fwOperation,
+ &inputBuffer, &outputBuffer);
+ if (CKR_OK != error) {
+ return error;
+ }
+ if (!isEncrypt) {
+ error = nssCKFWCryptoOperation_DigestUpdate(fwPeerOperation,
+ &outputBuffer);
+ }
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWSession_GetMDSession
+ *
+ */
+
+NSS_IMPLEMENT NSSCKMDSession *
+NSSCKFWSession_GetMDSession(
+ NSSCKFWSession *fwSession)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return (NSSCKMDSession *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSession_GetMDSession(fwSession);
+}
+
+/*
+ * NSSCKFWSession_GetArena
+ *
+ */
+
+NSS_IMPLEMENT NSSArena *
+NSSCKFWSession_GetArena(
+ NSSCKFWSession *fwSession,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSession_GetArena(fwSession, pError);
+}
+
+/*
+ * NSSCKFWSession_CallNotification
+ *
+ */
+
+NSS_IMPLEMENT CK_RV
+NSSCKFWSession_CallNotification(
+ NSSCKFWSession *fwSession,
+ CK_NOTIFICATION event)
+{
+#ifdef DEBUG
+ CK_RV error = CKR_OK;
+
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSession_CallNotification(fwSession, event);
+}
+
+/*
+ * NSSCKFWSession_IsRWSession
+ *
+ */
+
+NSS_IMPLEMENT CK_BBOOL
+NSSCKFWSession_IsRWSession(
+ NSSCKFWSession *fwSession)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSession_IsRWSession(fwSession);
+}
+
+/*
+ * NSSCKFWSession_IsSO
+ *
+ */
+
+NSS_IMPLEMENT CK_BBOOL
+NSSCKFWSession_IsSO(
+ NSSCKFWSession *fwSession)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWSession_verifyPointer(fwSession)) {
+ return CK_FALSE;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSession_IsSO(fwSession);
+}
+
+NSS_IMPLEMENT NSSCKFWCryptoOperation *
+NSSCKFWSession_GetCurrentCryptoOperation(
+ NSSCKFWSession *fwSession,
+ NSSCKFWCryptoOperationState state)
+{
+#ifdef DEBUG
+ CK_RV error = CKR_OK;
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+
+ if (state >= NSSCKFWCryptoOperationState_Max) {
+ return (NSSCKFWCryptoOperation *)NULL;
+ }
+#endif /* DEBUG */
+ return nssCKFWSession_GetCurrentCryptoOperation(fwSession, state);
+}
+
+/*
+ * NSSCKFWSession_GetFWSlot
+ *
+ */
+
+NSS_IMPLEMENT NSSCKFWSlot *
+NSSCKFWSession_GetFWSlot(
+ NSSCKFWSession *fwSession)
+{
+ return nssCKFWSession_GetFWSlot(fwSession);
+}
diff --git a/security/nss/lib/ckfw/sessobj.c b/security/nss/lib/ckfw/sessobj.c
new file mode 100644
index 000000000..11721b8aa
--- /dev/null
+++ b/security/nss/lib/ckfw/sessobj.c
@@ -0,0 +1,1012 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * sessobj.c
+ *
+ * This file contains an NSSCKMDObject implementation for session
+ * objects. The framework uses this implementation to manage
+ * session objects when a Module doesn't wish to be bothered.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * nssCKMDSessionObject
+ *
+ * -- create --
+ * nssCKMDSessionObject_Create
+ *
+ * -- EPV calls --
+ * nss_ckmdSessionObject_Finalize
+ * nss_ckmdSessionObject_IsTokenObject
+ * nss_ckmdSessionObject_GetAttributeCount
+ * nss_ckmdSessionObject_GetAttributeTypes
+ * nss_ckmdSessionObject_GetAttributeSize
+ * nss_ckmdSessionObject_GetAttribute
+ * nss_ckmdSessionObject_SetAttribute
+ * nss_ckmdSessionObject_GetObjectSize
+ */
+
+struct nssCKMDSessionObjectStr {
+ CK_ULONG n;
+ NSSArena *arena;
+ NSSItem *attributes;
+ CK_ATTRIBUTE_TYPE_PTR types;
+ nssCKFWHash *hash;
+};
+typedef struct nssCKMDSessionObjectStr nssCKMDSessionObject;
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+nss_ckmdSessionObject_add_pointer(
+ const NSSCKMDObject *mdObject)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+nss_ckmdSessionObject_remove_pointer(
+ const NSSCKMDObject *mdObject)
+{
+ return CKR_OK;
+}
+
+#ifdef NSS_DEBUG
+static CK_RV
+nss_ckmdSessionObject_verifyPointer(
+ const NSSCKMDObject *mdObject)
+{
+ return CKR_OK;
+}
+#endif
+
+#endif /* DEBUG */
+
+/*
+ * We must forward-declare these routines
+ */
+static void
+nss_ckmdSessionObject_Finalize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+static CK_RV
+nss_ckmdSessionObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+static CK_BBOOL
+nss_ckmdSessionObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+static CK_ULONG
+nss_ckmdSessionObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+static CK_RV
+nss_ckmdSessionObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount);
+
+static CK_ULONG
+nss_ckmdSessionObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+static NSSCKFWItem
+nss_ckmdSessionObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError);
+
+static CK_RV
+nss_ckmdSessionObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value);
+
+static CK_ULONG
+nss_ckmdSessionObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError);
+
+/*
+ * nssCKMDSessionObject_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKMDObject *
+nssCKMDSessionObject_Create(
+ NSSCKFWToken *fwToken,
+ NSSArena *arena,
+ CK_ATTRIBUTE_PTR attributes,
+ CK_ULONG ulCount,
+ CK_RV *pError)
+{
+ NSSCKMDObject *mdObject = (NSSCKMDObject *)NULL;
+ nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)NULL;
+ CK_ULONG i;
+ nssCKFWHash *hash;
+
+ *pError = CKR_OK;
+
+ mdso = nss_ZNEW(arena, nssCKMDSessionObject);
+ if (!mdso) {
+ goto loser;
+ }
+
+ mdso->arena = arena;
+ mdso->n = ulCount;
+ mdso->attributes = nss_ZNEWARRAY(arena, NSSItem, ulCount);
+ if (!mdso->attributes) {
+ goto loser;
+ }
+
+ mdso->types = nss_ZNEWARRAY(arena, CK_ATTRIBUTE_TYPE, ulCount);
+ if (!mdso->types) {
+ goto loser;
+ }
+ for (i = 0; i < ulCount; i++) {
+ mdso->types[i] = attributes[i].type;
+ mdso->attributes[i].size = attributes[i].ulValueLen;
+ mdso->attributes[i].data = nss_ZAlloc(arena, attributes[i].ulValueLen);
+ if (!mdso->attributes[i].data) {
+ goto loser;
+ }
+ (void)nsslibc_memcpy(mdso->attributes[i].data, attributes[i].pValue,
+ attributes[i].ulValueLen);
+ }
+
+ mdObject = nss_ZNEW(arena, NSSCKMDObject);
+ if (!mdObject) {
+ goto loser;
+ }
+
+ mdObject->etc = (void *)mdso;
+ mdObject->Finalize = nss_ckmdSessionObject_Finalize;
+ mdObject->Destroy = nss_ckmdSessionObject_Destroy;
+ mdObject->IsTokenObject = nss_ckmdSessionObject_IsTokenObject;
+ mdObject->GetAttributeCount = nss_ckmdSessionObject_GetAttributeCount;
+ mdObject->GetAttributeTypes = nss_ckmdSessionObject_GetAttributeTypes;
+ mdObject->GetAttributeSize = nss_ckmdSessionObject_GetAttributeSize;
+ mdObject->GetAttribute = nss_ckmdSessionObject_GetAttribute;
+ mdObject->SetAttribute = nss_ckmdSessionObject_SetAttribute;
+ mdObject->GetObjectSize = nss_ckmdSessionObject_GetObjectSize;
+
+ hash = nssCKFWToken_GetSessionObjectHash(fwToken);
+ if (!hash) {
+ *pError = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ mdso->hash = hash;
+
+ *pError = nssCKFWHash_Add(hash, mdObject, mdObject);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+
+#ifdef DEBUG
+ if ((*pError = nss_ckmdSessionObject_add_pointer(mdObject)) != CKR_OK) {
+ goto loser;
+ }
+#endif /* DEBUG */
+
+ return mdObject;
+
+loser:
+ if (mdso) {
+ if (mdso->attributes) {
+ for (i = 0; i < ulCount; i++) {
+ nss_ZFreeIf(mdso->attributes[i].data);
+ }
+ nss_ZFreeIf(mdso->attributes);
+ }
+ nss_ZFreeIf(mdso->types);
+ nss_ZFreeIf(mdso);
+ }
+
+ nss_ZFreeIf(mdObject);
+ if (*pError == CKR_OK) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ return (NSSCKMDObject *)NULL;
+}
+
+/*
+ * nss_ckmdSessionObject_Finalize
+ *
+ */
+static void
+nss_ckmdSessionObject_Finalize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ /* This shouldn't ever be called */
+ return;
+}
+
+/*
+ * nss_ckmdSessionObject_Destroy
+ *
+ */
+
+static CK_RV
+nss_ckmdSessionObject_Destroy(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+ nssCKMDSessionObject *mdso;
+ CK_ULONG i;
+
+#ifdef NSSDEBUG
+ error = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ mdso = (nssCKMDSessionObject *)mdObject->etc;
+
+ nssCKFWHash_Remove(mdso->hash, mdObject);
+
+ for (i = 0; i < mdso->n; i++) {
+ nss_ZFreeIf(mdso->attributes[i].data);
+ }
+ nss_ZFreeIf(mdso->attributes);
+ nss_ZFreeIf(mdso->types);
+ nss_ZFreeIf(mdso);
+ nss_ZFreeIf(mdObject);
+
+#ifdef DEBUG
+ (void)nss_ckmdSessionObject_remove_pointer(mdObject);
+#endif /* DEBUG */
+
+ return CKR_OK;
+}
+
+/*
+ * nss_ckmdSessionObject_IsTokenObject
+ *
+ */
+
+static CK_BBOOL
+nss_ckmdSessionObject_IsTokenObject(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nss_ckmdSessionObject_verifyPointer(mdObject)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ /*
+ * This implementation is only ever used for session objects.
+ */
+ return CK_FALSE;
+}
+
+/*
+ * nss_ckmdSessionObject_GetAttributeCount
+ *
+ */
+static CK_ULONG
+nss_ckmdSessionObject_GetAttributeCount(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ nssCKMDSessionObject *obj;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return 0;
+ }
+
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return 0;
+ }
+
+/* We could even check all the other arguments, for sanity. */
+#endif /* NSSDEBUG */
+
+ obj = (nssCKMDSessionObject *)mdObject->etc;
+
+ return obj->n;
+}
+
+/*
+ * nss_ckmdSessionObject_GetAttributeTypes
+ *
+ */
+static CK_RV
+nss_ckmdSessionObject_GetAttributeTypes(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE_PTR typeArray,
+ CK_ULONG ulCount)
+{
+#ifdef NSSDEBUG
+ CK_RV error = CKR_OK;
+#endif /* NSSDEBUG */
+ nssCKMDSessionObject *obj;
+
+#ifdef NSSDEBUG
+ error = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+/* We could even check all the other arguments, for sanity. */
+#endif /* NSSDEBUG */
+
+ obj = (nssCKMDSessionObject *)mdObject->etc;
+
+ if (ulCount < obj->n) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ (void)nsslibc_memcpy(typeArray, obj->types,
+ sizeof(CK_ATTRIBUTE_TYPE) *
+ obj->n);
+
+ return CKR_OK;
+}
+
+/*
+ * nss_ckmdSessionObject_GetAttributeSize
+ *
+ */
+static CK_ULONG
+nss_ckmdSessionObject_GetAttributeSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return 0;
+ }
+
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return 0;
+ }
+
+/* We could even check all the other arguments, for sanity. */
+#endif /* NSSDEBUG */
+
+ obj = (nssCKMDSessionObject *)mdObject->etc;
+
+ for (i = 0; i < obj->n; i++) {
+ if (attribute == obj->types[i]) {
+ return (CK_ULONG)(obj->attributes[i].size);
+ }
+ }
+
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return 0;
+}
+
+/*
+ * nss_ckmdSessionObject_GetAttribute
+ *
+ */
+static NSSCKFWItem
+nss_ckmdSessionObject_GetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ CK_RV *pError)
+{
+ NSSCKFWItem item;
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
+
+ item.needsFreeing = PR_FALSE;
+ item.item = NULL;
+#ifdef NSSDEBUG
+ if (!pError) {
+ return item;
+ }
+
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return item;
+ }
+
+/* We could even check all the other arguments, for sanity. */
+#endif /* NSSDEBUG */
+
+ obj = (nssCKMDSessionObject *)mdObject->etc;
+
+ for (i = 0; i < obj->n; i++) {
+ if (attribute == obj->types[i]) {
+ item.item = &obj->attributes[i];
+ return item;
+ }
+ }
+
+ *pError = CKR_ATTRIBUTE_TYPE_INVALID;
+ return item;
+}
+
+/*
+ * nss_ckmdSessionObject_SetAttribute
+ *
+ */
+
+/*
+ * Okay, so this implementation sucks. It doesn't support removing
+ * an attribute (if value == NULL), and could be more graceful about
+ * memory. It should allow "blank" slots in the arrays, with some
+ * invalid attribute type, and then it could support removal much
+ * more easily. Do this later.
+ */
+static CK_RV
+nss_ckmdSessionObject_SetAttribute(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSItem *value)
+{
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
+ NSSItem n;
+ NSSItem *ra;
+ CK_ATTRIBUTE_TYPE_PTR rt;
+#ifdef NSSDEBUG
+ CK_RV error;
+#endif /* NSSDEBUG */
+
+#ifdef NSSDEBUG
+ error = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != error) {
+ return 0;
+ }
+
+/* We could even check all the other arguments, for sanity. */
+#endif /* NSSDEBUG */
+
+ obj = (nssCKMDSessionObject *)mdObject->etc;
+
+ n.size = value->size;
+ n.data = nss_ZAlloc(obj->arena, n.size);
+ if (!n.data) {
+ return CKR_HOST_MEMORY;
+ }
+ (void)nsslibc_memcpy(n.data, value->data, n.size);
+
+ for (i = 0; i < obj->n; i++) {
+ if (attribute == obj->types[i]) {
+ nss_ZFreeIf(obj->attributes[i].data);
+ obj->attributes[i] = n;
+ return CKR_OK;
+ }
+ }
+
+ /*
+ * It's new.
+ */
+
+ ra = (NSSItem *)nss_ZRealloc(obj->attributes, sizeof(NSSItem) * (obj->n + 1));
+ if (!ra) {
+ nss_ZFreeIf(n.data);
+ return CKR_HOST_MEMORY;
+ }
+ obj->attributes = ra;
+
+ rt = (CK_ATTRIBUTE_TYPE_PTR)nss_ZRealloc(obj->types,
+ sizeof(CK_ATTRIBUTE_TYPE) * (obj->n + 1));
+ if (!rt) {
+ nss_ZFreeIf(n.data);
+ return CKR_HOST_MEMORY;
+ }
+
+ obj->types = rt;
+ obj->attributes[obj->n] = n;
+ obj->types[obj->n] = attribute;
+ obj->n++;
+
+ return CKR_OK;
+}
+
+/*
+ * nss_ckmdSessionObject_GetObjectSize
+ *
+ */
+static CK_ULONG
+nss_ckmdSessionObject_GetObjectSize(
+ NSSCKMDObject *mdObject,
+ NSSCKFWObject *fwObject,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ CK_RV *pError)
+{
+ nssCKMDSessionObject *obj;
+ CK_ULONG i;
+ CK_ULONG rv = (CK_ULONG)0;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return 0;
+ }
+
+ *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
+ if (CKR_OK != *pError) {
+ return 0;
+ }
+
+/* We could even check all the other arguments, for sanity. */
+#endif /* NSSDEBUG */
+
+ obj = (nssCKMDSessionObject *)mdObject->etc;
+
+ for (i = 0; i < obj->n; i++) {
+ rv += obj->attributes[i].size;
+ }
+
+ rv += sizeof(NSSItem) * obj->n;
+ rv += sizeof(CK_ATTRIBUTE_TYPE) * obj->n;
+ rv += sizeof(nssCKMDSessionObject);
+
+ return rv;
+}
+
+/*
+ * nssCKMDFindSessionObjects
+ *
+ * -- create --
+ * nssCKMDFindSessionObjects_Create
+ *
+ * -- EPV calls --
+ * nss_ckmdFindSessionObjects_Final
+ * nss_ckmdFindSessionObjects_Next
+ */
+
+struct nodeStr {
+ struct nodeStr *next;
+ NSSCKMDObject *mdObject;
+};
+
+struct nssCKMDFindSessionObjectsStr {
+ NSSArena *arena;
+ CK_RV error;
+ CK_ATTRIBUTE_PTR pTemplate;
+ CK_ULONG ulCount;
+ struct nodeStr *list;
+ nssCKFWHash *hash;
+};
+typedef struct nssCKMDFindSessionObjectsStr nssCKMDFindSessionObjects;
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+nss_ckmdFindSessionObjects_add_pointer(
+ const NSSCKMDFindObjects *mdFindObjects)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+nss_ckmdFindSessionObjects_remove_pointer(
+ const NSSCKMDFindObjects *mdFindObjects)
+{
+ return CKR_OK;
+}
+
+#ifdef NSS_DEBUG
+static CK_RV
+nss_ckmdFindSessionObjects_verifyPointer(
+ const NSSCKMDFindObjects *mdFindObjects)
+{
+ return CKR_OK;
+}
+#endif
+
+#endif /* DEBUG */
+
+/*
+ * We must forward-declare these routines.
+ */
+static void
+nss_ckmdFindSessionObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance);
+
+static NSSCKMDObject *
+nss_ckmdFindSessionObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError);
+
+static CK_BBOOL
+items_match(
+ NSSItem *a,
+ CK_VOID_PTR pValue,
+ CK_ULONG ulValueLen)
+{
+ if (a->size != ulValueLen) {
+ return CK_FALSE;
+ }
+
+ if (PR_TRUE == nsslibc_memequal(a->data, pValue, ulValueLen, (PRStatus *)NULL)) {
+ return CK_TRUE;
+ } else {
+ return CK_FALSE;
+ }
+}
+
+/*
+ * Our hashtable iterator
+ */
+static void
+findfcn(
+ const void *key,
+ void *value,
+ void *closure)
+{
+ NSSCKMDObject *mdObject = (NSSCKMDObject *)value;
+ nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)mdObject->etc;
+ nssCKMDFindSessionObjects *mdfso = (nssCKMDFindSessionObjects *)closure;
+ CK_ULONG i, j;
+ struct nodeStr *node;
+
+ if (CKR_OK != mdfso->error) {
+ return;
+ }
+
+ for (i = 0; i < mdfso->ulCount; i++) {
+ CK_ATTRIBUTE_PTR p = &mdfso->pTemplate[i];
+
+ for (j = 0; j < mdso->n; j++) {
+ if (mdso->types[j] == p->type) {
+ if (!items_match(&mdso->attributes[j], p->pValue, p->ulValueLen)) {
+ return;
+ } else {
+ break;
+ }
+ }
+ }
+
+ if (j == mdso->n) {
+ /* Attribute not found */
+ return;
+ }
+ }
+
+ /* Matches */
+ node = nss_ZNEW(mdfso->arena, struct nodeStr);
+ if ((struct nodeStr *)NULL == node) {
+ mdfso->error = CKR_HOST_MEMORY;
+ return;
+ }
+
+ node->mdObject = mdObject;
+ node->next = mdfso->list;
+ mdfso->list = node;
+
+ return;
+}
+
+/*
+ * nssCKMDFindSessionObjects_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKMDFindObjects *
+nssCKMDFindSessionObjects_Create(
+ NSSCKFWToken *fwToken,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_RV *pError)
+{
+ NSSArena *arena;
+ nssCKMDFindSessionObjects *mdfso;
+ nssCKFWHash *hash;
+ NSSCKMDFindObjects *rv;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKMDFindObjects *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = CKR_OK;
+
+ hash = nssCKFWToken_GetSessionObjectHash(fwToken);
+ if (!hash) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKMDFindObjects *)NULL;
+ }
+
+ mdfso = nss_ZNEW(arena, nssCKMDFindSessionObjects);
+ if (!mdfso) {
+ goto loser;
+ }
+
+ rv = nss_ZNEW(arena, NSSCKMDFindObjects);
+ if (rv == NULL) {
+ goto loser;
+ }
+
+ mdfso->error = CKR_OK;
+ mdfso->pTemplate = pTemplate;
+ mdfso->ulCount = ulCount;
+ mdfso->hash = hash;
+
+ nssCKFWHash_Iterate(hash, findfcn, mdfso);
+
+ if (CKR_OK != mdfso->error) {
+ goto loser;
+ }
+
+ rv->etc = (void *)mdfso;
+ rv->Final = nss_ckmdFindSessionObjects_Final;
+ rv->Next = nss_ckmdFindSessionObjects_Next;
+
+#ifdef DEBUG
+ if ((*pError = nss_ckmdFindSessionObjects_add_pointer(rv)) != CKR_OK) {
+ goto loser;
+ }
+#endif /* DEBUG */
+ mdfso->arena = arena;
+
+ return rv;
+
+loser:
+ if (arena) {
+ NSSArena_Destroy(arena);
+ }
+ if (*pError == CKR_OK) {
+ *pError = CKR_HOST_MEMORY;
+ }
+ return NULL;
+}
+
+static void
+nss_ckmdFindSessionObjects_Final(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance)
+{
+ nssCKMDFindSessionObjects *mdfso;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
+ if (mdfso->arena)
+ NSSArena_Destroy(mdfso->arena);
+
+#ifdef DEBUG
+ (void)nss_ckmdFindSessionObjects_remove_pointer(mdFindObjects);
+#endif /* DEBUG */
+
+ return;
+}
+
+static NSSCKMDObject *
+nss_ckmdFindSessionObjects_Next(
+ NSSCKMDFindObjects *mdFindObjects,
+ NSSCKFWFindObjects *fwFindObjects,
+ NSSCKMDSession *mdSession,
+ NSSCKFWSession *fwSession,
+ NSSCKMDToken *mdToken,
+ NSSCKFWToken *fwToken,
+ NSSCKMDInstance *mdInstance,
+ NSSCKFWInstance *fwInstance,
+ NSSArena *arena,
+ CK_RV *pError)
+{
+ nssCKMDFindSessionObjects *mdfso;
+ NSSCKMDObject *rv = (NSSCKMDObject *)NULL;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects)) {
+ return (NSSCKMDObject *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
+
+ while (!rv) {
+ if ((struct nodeStr *)NULL == mdfso->list) {
+ *pError = CKR_OK;
+ return (NSSCKMDObject *)NULL;
+ }
+
+ if (nssCKFWHash_Exists(mdfso->hash, mdfso->list->mdObject)) {
+ rv = mdfso->list->mdObject;
+ }
+
+ mdfso->list = mdfso->list->next;
+ }
+
+ return rv;
+}
diff --git a/security/nss/lib/ckfw/slot.c b/security/nss/lib/ckfw/slot.c
new file mode 100644
index 000000000..43d4f0d57
--- /dev/null
+++ b/security/nss/lib/ckfw/slot.c
@@ -0,0 +1,694 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * slot.c
+ *
+ * This file implements the NSSCKFWSlot type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWSlot
+ *
+ * -- create/destroy --
+ * nssCKFWSlot_Create
+ * nssCKFWSlot_Destroy
+ *
+ * -- public accessors --
+ * NSSCKFWSlot_GetMDSlot
+ * NSSCKFWSlot_GetFWInstance
+ * NSSCKFWSlot_GetMDInstance
+ * NSSCKFWSlot_GetSlotID
+ *
+ * -- implement public accessors --
+ * nssCKFWSlot_GetMDSlot
+ * nssCKFWSlot_GetFWInstance
+ * nssCKFWSlot_GetMDInstance
+ * nssCKFWSlot_GetSlotID
+ *
+ * -- private accessors --
+ * nssCKFWSlot_ClearToken
+ *
+ * -- module fronts --
+ * nssCKFWSlot_GetSlotDescription
+ * nssCKFWSlot_GetManufacturerID
+ * nssCKFWSlot_GetTokenPresent
+ * nssCKFWSlot_GetRemovableDevice
+ * nssCKFWSlot_GetHardwareSlot
+ * nssCKFWSlot_GetHardwareVersion
+ * nssCKFWSlot_GetFirmwareVersion
+ * nssCKFWSlot_InitToken
+ * nssCKFWSlot_GetToken
+ */
+
+struct NSSCKFWSlotStr {
+ NSSCKFWMutex *mutex;
+ NSSCKMDSlot *mdSlot;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+ CK_SLOT_ID slotID;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The invariants the mutex protects are:
+ *
+ * 1) Each of the cached descriptions (versions, etc.) are in an
+ * internally consistant state.
+ *
+ * 2) The fwToken points to the token currently in the slot, and
+ * it is in a consistant state.
+ *
+ * Note that the calls accessing the cached descriptions will
+ * call the NSSCKMDSlot methods with the mutex locked. Those
+ * methods may then call the public NSSCKFWSlot routines. Those
+ * public routines only access the constant data above, so there's
+ * no problem. But be careful if you add to this object; mutexes
+ * are in general not reentrant, so don't create deadlock situations.
+ */
+
+ NSSUTF8 *slotDescription;
+ NSSUTF8 *manufacturerID;
+ CK_VERSION hardwareVersion;
+ CK_VERSION firmwareVersion;
+ NSSCKFWToken *fwToken;
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+slot_add_pointer(
+ const NSSCKFWSlot *fwSlot)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+slot_remove_pointer(
+ const NSSCKFWSlot *fwSlot)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWSlot_verifyPointer(
+ const NSSCKFWSlot *fwSlot)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWSlot_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSlot *
+nssCKFWSlot_Create(
+ NSSCKFWInstance *fwInstance,
+ NSSCKMDSlot *mdSlot,
+ CK_SLOT_ID slotID,
+ CK_RV *pError)
+{
+ NSSCKFWSlot *fwSlot;
+ NSSCKMDInstance *mdInstance;
+ NSSArena *arena;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ *pError = nssCKFWInstance_verifyPointer(fwInstance);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
+ if (!mdInstance) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ arena = nssCKFWInstance_GetArena(fwInstance, pError);
+ if (!arena) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ }
+
+ fwSlot = nss_ZNEW(arena, NSSCKFWSlot);
+ if (!fwSlot) {
+ *pError = CKR_HOST_MEMORY;
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ fwSlot->mdSlot = mdSlot;
+ fwSlot->fwInstance = fwInstance;
+ fwSlot->mdInstance = mdInstance;
+ fwSlot->slotID = slotID;
+
+ fwSlot->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
+ if (!fwSlot->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ (void)nss_ZFreeIf(fwSlot);
+ return (NSSCKFWSlot *)NULL;
+ }
+
+ if (mdSlot->Initialize) {
+ *pError = CKR_OK;
+ *pError = mdSlot->Initialize(mdSlot, fwSlot, mdInstance, fwInstance);
+ if (CKR_OK != *pError) {
+ (void)nssCKFWMutex_Destroy(fwSlot->mutex);
+ (void)nss_ZFreeIf(fwSlot);
+ return (NSSCKFWSlot *)NULL;
+ }
+ }
+
+#ifdef DEBUG
+ *pError = slot_add_pointer(fwSlot);
+ if (CKR_OK != *pError) {
+ if (mdSlot->Destroy) {
+ mdSlot->Destroy(mdSlot, fwSlot, mdInstance, fwInstance);
+ }
+
+ (void)nssCKFWMutex_Destroy(fwSlot->mutex);
+ (void)nss_ZFreeIf(fwSlot);
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* DEBUG */
+
+ return fwSlot;
+}
+
+/*
+ * nssCKFWSlot_Destroy
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSlot_Destroy(
+ NSSCKFWSlot *fwSlot)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+ if (fwSlot->fwToken) {
+ nssCKFWToken_Destroy(fwSlot->fwToken);
+ }
+
+ (void)nssCKFWMutex_Destroy(fwSlot->mutex);
+
+ if (fwSlot->mdSlot->Destroy) {
+ fwSlot->mdSlot->Destroy(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
+ }
+
+#ifdef DEBUG
+ error = slot_remove_pointer(fwSlot);
+#endif /* DEBUG */
+ (void)nss_ZFreeIf(fwSlot);
+ return error;
+}
+
+/*
+ * nssCKFWSlot_GetMDSlot
+ *
+ */
+NSS_IMPLEMENT NSSCKMDSlot *
+nssCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSlot->mdSlot;
+}
+
+/*
+ * nssCKFWSlot_GetFWInstance
+ *
+ */
+
+NSS_IMPLEMENT NSSCKFWInstance *
+nssCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKFWInstance *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSlot->fwInstance;
+}
+
+/*
+ * nssCKFWSlot_GetMDInstance
+ *
+ */
+
+NSS_IMPLEMENT NSSCKMDInstance *
+nssCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDInstance *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSlot->mdInstance;
+}
+
+/*
+ * nssCKFWSlot_GetSlotID
+ *
+ */
+NSS_IMPLEMENT CK_SLOT_ID
+nssCKFWSlot_GetSlotID(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (CK_SLOT_ID)0;
+ }
+#endif /* NSSDEBUG */
+
+ return fwSlot->slotID;
+}
+
+/*
+ * nssCKFWSlot_GetSlotDescription
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSlot_GetSlotDescription(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR slotDescription[64])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == slotDescription) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwSlot->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSlot->slotDescription) {
+ if (fwSlot->mdSlot->GetSlotDescription) {
+ fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
+ fwSlot->fwInstance, &error);
+ if ((!fwSlot->slotDescription) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwSlot->slotDescription = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWSlot_GetManufacturerID
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWSlot_GetManufacturerID(
+ NSSCKFWSlot *fwSlot,
+ CK_CHAR manufacturerID[32])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == manufacturerID) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwSlot->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwSlot->manufacturerID) {
+ if (fwSlot->mdSlot->GetManufacturerID) {
+ fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
+ fwSlot->fwInstance, &error);
+ if ((!fwSlot->manufacturerID) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwSlot->manufacturerID = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWSlot_GetTokenPresent
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWSlot_GetTokenPresent(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSlot->mdSlot->GetTokenPresent) {
+ return CK_TRUE;
+ }
+
+ return fwSlot->mdSlot->GetTokenPresent(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
+}
+
+/*
+ * nssCKFWSlot_GetRemovableDevice
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWSlot_GetRemovableDevice(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSlot->mdSlot->GetRemovableDevice) {
+ return CK_FALSE;
+ }
+
+ return fwSlot->mdSlot->GetRemovableDevice(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
+}
+
+/*
+ * nssCKFWSlot_GetHardwareSlot
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWSlot_GetHardwareSlot(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwSlot->mdSlot->GetHardwareSlot) {
+ return CK_FALSE;
+ }
+
+ return fwSlot->mdSlot->GetHardwareSlot(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance);
+}
+
+/*
+ * nssCKFWSlot_GetHardwareVersion
+ *
+ */
+NSS_IMPLEMENT CK_VERSION
+nssCKFWSlot_GetHardwareVersion(
+ NSSCKFWSlot *fwSlot)
+{
+ CK_VERSION rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwSlot->hardwareVersion.major) ||
+ (0 != fwSlot->hardwareVersion.minor)) {
+ rv = fwSlot->hardwareVersion;
+ goto done;
+ }
+
+ if (fwSlot->mdSlot->GetHardwareVersion) {
+ fwSlot->hardwareVersion = fwSlot->mdSlot->GetHardwareVersion(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
+ } else {
+ fwSlot->hardwareVersion.major = 0;
+ fwSlot->hardwareVersion.minor = 1;
+ }
+
+ rv = fwSlot->hardwareVersion;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWSlot_GetFirmwareVersion
+ *
+ */
+NSS_IMPLEMENT CK_VERSION
+nssCKFWSlot_GetFirmwareVersion(
+ NSSCKFWSlot *fwSlot)
+{
+ CK_VERSION rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwSlot->firmwareVersion.major) ||
+ (0 != fwSlot->firmwareVersion.minor)) {
+ rv = fwSlot->firmwareVersion;
+ goto done;
+ }
+
+ if (fwSlot->mdSlot->GetFirmwareVersion) {
+ fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
+ fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
+ } else {
+ fwSlot->firmwareVersion.major = 0;
+ fwSlot->firmwareVersion.minor = 1;
+ }
+
+ rv = fwSlot->firmwareVersion;
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWSlot_GetToken
+ *
+ */
+NSS_IMPLEMENT NSSCKFWToken *
+nssCKFWSlot_GetToken(
+ NSSCKFWSlot *fwSlot,
+ CK_RV *pError)
+{
+ NSSCKMDToken *mdToken;
+ NSSCKFWToken *fwToken;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWToken *)NULL;
+ }
+
+ *pError = nssCKFWSlot_verifyPointer(fwSlot);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWToken *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = nssCKFWMutex_Lock(fwSlot->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWToken *)NULL;
+ }
+
+ if (!fwSlot->fwToken) {
+ if (!fwSlot->mdSlot->GetToken) {
+ *pError = CKR_GENERAL_ERROR;
+ fwToken = (NSSCKFWToken *)NULL;
+ goto done;
+ }
+
+ mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
+ fwSlot->mdInstance, fwSlot->fwInstance, pError);
+ if (!mdToken) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ return (NSSCKFWToken *)NULL;
+ }
+
+ fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
+ fwSlot->fwToken = fwToken;
+ } else {
+ fwToken = fwSlot->fwToken;
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return fwToken;
+}
+
+/*
+ * nssCKFWSlot_ClearToken
+ *
+ */
+NSS_IMPLEMENT void
+nssCKFWSlot_ClearToken(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex)) {
+ /* Now what? */
+ return;
+ }
+
+ fwSlot->fwToken = (NSSCKFWToken *)NULL;
+ (void)nssCKFWMutex_Unlock(fwSlot->mutex);
+ return;
+}
+
+/*
+ * NSSCKFWSlot_GetMDSlot
+ *
+ */
+
+NSS_IMPLEMENT NSSCKMDSlot *
+NSSCKFWSlot_GetMDSlot(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDSlot *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSlot_GetMDSlot(fwSlot);
+}
+
+/*
+ * NSSCKFWSlot_GetFWInstance
+ *
+ */
+
+NSS_IMPLEMENT NSSCKFWInstance *
+NSSCKFWSlot_GetFWInstance(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKFWInstance *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSlot_GetFWInstance(fwSlot);
+}
+
+/*
+ * NSSCKFWSlot_GetMDInstance
+ *
+ */
+
+NSS_IMPLEMENT NSSCKMDInstance *
+NSSCKFWSlot_GetMDInstance(
+ NSSCKFWSlot *fwSlot)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWSlot_verifyPointer(fwSlot)) {
+ return (NSSCKMDInstance *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWSlot_GetMDInstance(fwSlot);
+}
+
+/*
+ * NSSCKFWSlot_GetSlotID
+ *
+ */
+
+NSS_IMPLEMENT CK_SLOT_ID
+NSSCKFWSlot_GetSlotID(
+ NSSCKFWSlot *fwSlot)
+{
+ return nssCKFWSlot_GetSlotID(fwSlot);
+}
diff --git a/security/nss/lib/ckfw/token.c b/security/nss/lib/ckfw/token.c
new file mode 100644
index 000000000..4483bb5c9
--- /dev/null
+++ b/security/nss/lib/ckfw/token.c
@@ -0,0 +1,1791 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * token.c
+ *
+ * This file implements the NSSCKFWToken type and methods.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWToken
+ *
+ * -- create/destroy --
+ * nssCKFWToken_Create
+ * nssCKFWToken_Destroy
+ *
+ * -- public accessors --
+ * NSSCKFWToken_GetMDToken
+ * NSSCKFWToken_GetFWSlot
+ * NSSCKFWToken_GetMDSlot
+ * NSSCKFWToken_GetSessionState
+ *
+ * -- implement public accessors --
+ * nssCKFWToken_GetMDToken
+ * nssCKFWToken_GetFWSlot
+ * nssCKFWToken_GetMDSlot
+ * nssCKFWToken_GetSessionState
+ * nssCKFWToken_SetSessionState
+ *
+ * -- private accessors --
+ * nssCKFWToken_SetSessionState
+ * nssCKFWToken_RemoveSession
+ * nssCKFWToken_CloseAllSessions
+ * nssCKFWToken_GetSessionCount
+ * nssCKFWToken_GetRwSessionCount
+ * nssCKFWToken_GetRoSessionCount
+ * nssCKFWToken_GetSessionObjectHash
+ * nssCKFWToken_GetMDObjectHash
+ * nssCKFWToken_GetObjectHandleHash
+ *
+ * -- module fronts --
+ * nssCKFWToken_InitToken
+ * nssCKFWToken_GetLabel
+ * nssCKFWToken_GetManufacturerID
+ * nssCKFWToken_GetModel
+ * nssCKFWToken_GetSerialNumber
+ * nssCKFWToken_GetHasRNG
+ * nssCKFWToken_GetIsWriteProtected
+ * nssCKFWToken_GetLoginRequired
+ * nssCKFWToken_GetUserPinInitialized
+ * nssCKFWToken_GetRestoreKeyNotNeeded
+ * nssCKFWToken_GetHasClockOnToken
+ * nssCKFWToken_GetHasProtectedAuthenticationPath
+ * nssCKFWToken_GetSupportsDualCryptoOperations
+ * nssCKFWToken_GetMaxSessionCount
+ * nssCKFWToken_GetMaxRwSessionCount
+ * nssCKFWToken_GetMaxPinLen
+ * nssCKFWToken_GetMinPinLen
+ * nssCKFWToken_GetTotalPublicMemory
+ * nssCKFWToken_GetFreePublicMemory
+ * nssCKFWToken_GetTotalPrivateMemory
+ * nssCKFWToken_GetFreePrivateMemory
+ * nssCKFWToken_GetHardwareVersion
+ * nssCKFWToken_GetFirmwareVersion
+ * nssCKFWToken_GetUTCTime
+ * nssCKFWToken_OpenSession
+ * nssCKFWToken_GetMechanismCount
+ * nssCKFWToken_GetMechanismTypes
+ * nssCKFWToken_GetMechanism
+ */
+
+struct NSSCKFWTokenStr {
+ NSSCKFWMutex *mutex;
+ NSSArena *arena;
+ NSSCKMDToken *mdToken;
+ NSSCKFWSlot *fwSlot;
+ NSSCKMDSlot *mdSlot;
+ NSSCKFWInstance *fwInstance;
+ NSSCKMDInstance *mdInstance;
+
+ /*
+ * Everything above is set at creation time, and then not modified.
+ * The invariants the mutex protects are:
+ *
+ * 1) Each of the cached descriptions (versions, etc.) are in an
+ * internally consistant state.
+ *
+ * 2) The session counts and hashes are consistant.
+ *
+ * 3) The object hashes are consistant.
+ *
+ * Note that the calls accessing the cached descriptions will call
+ * the NSSCKMDToken methods with the mutex locked. Those methods
+ * may then call the public NSSCKFWToken routines. Those public
+ * routines only access the constant data above and the atomic
+ * CK_STATE session state variable below, so there's no problem.
+ * But be careful if you add to this object; mutexes are in
+ * general not reentrant, so don't create deadlock situations.
+ */
+
+ NSSUTF8 *label;
+ NSSUTF8 *manufacturerID;
+ NSSUTF8 *model;
+ NSSUTF8 *serialNumber;
+ CK_VERSION hardwareVersion;
+ CK_VERSION firmwareVersion;
+
+ CK_ULONG sessionCount;
+ CK_ULONG rwSessionCount;
+ nssCKFWHash *sessions;
+ nssCKFWHash *sessionObjectHash;
+ nssCKFWHash *mdObjectHash;
+ nssCKFWHash *mdMechanismHash;
+
+ CK_STATE state;
+};
+
+#ifdef DEBUG
+/*
+ * But first, the pointer-tracking stuff.
+ *
+ * NOTE: the pointer-tracking support in NSS/base currently relies
+ * upon NSPR's CallOnce support. That, however, relies upon NSPR's
+ * locking, which is tied into the runtime. We need a pointer-tracker
+ * implementation that uses the locks supplied through C_Initialize.
+ * That support, however, can be filled in later. So for now, I'll
+ * just do this routines as no-ops.
+ */
+
+static CK_RV
+token_add_pointer(
+ const NSSCKFWToken *fwToken)
+{
+ return CKR_OK;
+}
+
+static CK_RV
+token_remove_pointer(
+ const NSSCKFWToken *fwToken)
+{
+ return CKR_OK;
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_verifyPointer(
+ const NSSCKFWToken *fwToken)
+{
+ return CKR_OK;
+}
+
+#endif /* DEBUG */
+
+/*
+ * nssCKFWToken_Create
+ *
+ */
+NSS_IMPLEMENT NSSCKFWToken *
+nssCKFWToken_Create(
+ NSSCKFWSlot *fwSlot,
+ NSSCKMDToken *mdToken,
+ CK_RV *pError)
+{
+ NSSArena *arena = (NSSArena *)NULL;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ CK_BBOOL called_setup = CK_FALSE;
+
+ /*
+ * We have already verified the arguments in nssCKFWSlot_GetToken.
+ */
+
+ arena = NSSArena_Create();
+ if (!arena) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fwToken = nss_ZNEW(arena, NSSCKFWToken);
+ if (!fwToken) {
+ *pError = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ fwToken->arena = arena;
+ fwToken->mdToken = mdToken;
+ fwToken->fwSlot = fwSlot;
+ fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
+ fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
+ fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
+ fwToken->sessionCount = 0;
+ fwToken->rwSessionCount = 0;
+
+ fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
+ if (!fwToken->mutex) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
+ if (!fwToken->sessions) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
+ fwToken->fwInstance)) {
+ fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
+ arena, pError);
+ if (!fwToken->sessionObjectHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+ }
+
+ fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
+ arena, pError);
+ if (!fwToken->mdObjectHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ fwToken->mdMechanismHash = nssCKFWHash_Create(fwToken->fwInstance,
+ arena, pError);
+ if (!fwToken->mdMechanismHash) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto loser;
+ }
+
+ /* More here */
+
+ if (mdToken->Setup) {
+ *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+ }
+
+ called_setup = CK_TRUE;
+
+#ifdef DEBUG
+ *pError = token_add_pointer(fwToken);
+ if (CKR_OK != *pError) {
+ goto loser;
+ }
+#endif /* DEBUG */
+
+ *pError = CKR_OK;
+ return fwToken;
+
+loser:
+
+ if (CK_TRUE == called_setup) {
+ if (mdToken->Invalidate) {
+ mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ }
+ }
+
+ if (arena) {
+ (void)NSSArena_Destroy(arena);
+ }
+
+ return (NSSCKFWToken *)NULL;
+}
+
+static void
+nss_ckfwtoken_session_iterator(
+ const void *key,
+ void *value,
+ void *closure)
+{
+ /*
+ * Remember that the fwToken->mutex is locked
+ */
+ NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ return;
+}
+
+static void
+nss_ckfwtoken_object_iterator(
+ const void *key,
+ void *value,
+ void *closure)
+{
+ /*
+ * Remember that the fwToken->mutex is locked
+ */
+ NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
+ (void)nssCKFWObject_Finalize(fwObject, CK_FALSE);
+ return;
+}
+
+/*
+ * nssCKFWToken_Destroy
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_Destroy(
+ NSSCKFWToken *fwToken)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ (void)nssCKFWMutex_Destroy(fwToken->mutex);
+
+ if (fwToken->mdToken->Invalidate) {
+ fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+ }
+ /* we can destroy the list without locking now because no one else is
+ * referencing us (or _Destroy was invalidly called!)
+ */
+ nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator,
+ (void *)NULL);
+ nssCKFWHash_Destroy(fwToken->sessions);
+
+ /* session objects go away when their sessions are removed */
+ if (fwToken->sessionObjectHash) {
+ nssCKFWHash_Destroy(fwToken->sessionObjectHash);
+ }
+
+ /* free up the token objects */
+ if (fwToken->mdObjectHash) {
+ nssCKFWHash_Iterate(fwToken->mdObjectHash, nss_ckfwtoken_object_iterator,
+ (void *)NULL);
+ nssCKFWHash_Destroy(fwToken->mdObjectHash);
+ }
+ if (fwToken->mdMechanismHash) {
+ nssCKFWHash_Destroy(fwToken->mdMechanismHash);
+ }
+
+ nssCKFWSlot_ClearToken(fwToken->fwSlot);
+
+#ifdef DEBUG
+ error = token_remove_pointer(fwToken);
+#endif /* DEBUG */
+
+ (void)NSSArena_Destroy(fwToken->arena);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetMDToken
+ *
+ */
+NSS_IMPLEMENT NSSCKMDToken *
+nssCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDToken *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->mdToken;
+}
+
+/*
+ * nssCKFWToken_GetArena
+ *
+ */
+NSS_IMPLEMENT NSSArena *
+nssCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError)
+{
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSArena *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->arena;
+}
+
+/*
+ * nssCKFWToken_GetFWSlot
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSlot *
+nssCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->fwSlot;
+}
+
+/*
+ * nssCKFWToken_GetMDSlot
+ *
+ */
+NSS_IMPLEMENT NSSCKMDSlot *
+nssCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDSlot *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->mdSlot;
+}
+
+/*
+ * nssCKFWToken_GetSessionState
+ *
+ */
+NSS_IMPLEMENT CK_STATE
+nssCKFWToken_GetSessionState(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CKS_RO_PUBLIC_SESSION; /* whatever */
+ }
+#endif /* NSSDEBUG */
+
+ /*
+ * BTW, do not lock the token in this method.
+ */
+
+ /*
+ * Theoretically, there is no state if there aren't any
+ * sessions open. But then we'd need to worry about
+ * reporting an error, etc. What the heck-- let's just
+ * revert to CKR_RO_PUBLIC_SESSION as the "default."
+ */
+
+ return fwToken->state;
+}
+
+/*
+ * nssCKFWToken_InitToken
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_InitToken(
+ NSSCKFWToken *fwToken,
+ NSSItem *pin,
+ NSSUTF8 *label)
+{
+ CK_RV error;
+
+#ifdef NSSDEBUG
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (fwToken->sessionCount > 0) {
+ error = CKR_SESSION_EXISTS;
+ goto done;
+ }
+
+ if (!fwToken->mdToken->InitToken) {
+ error = CKR_DEVICE_ERROR;
+ goto done;
+ }
+
+ if (!pin) {
+ if (nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken)) {
+ ; /* okay */
+ } else {
+ error = CKR_PIN_INCORRECT;
+ goto done;
+ }
+ }
+
+ if (!label) {
+ label = (NSSUTF8 *)"";
+ }
+
+ error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, pin, label);
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetLabel
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_GetLabel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR label[32])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == label) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwToken->label) {
+ if (fwToken->mdToken->GetLabel) {
+ fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->label) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwToken->label = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetManufacturerID
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_GetManufacturerID(
+ NSSCKFWToken *fwToken,
+ CK_CHAR manufacturerID[32])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == manufacturerID) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwToken->manufacturerID) {
+ if (fwToken->mdToken->GetManufacturerID) {
+ fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->manufacturerID) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwToken->manufacturerID = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetModel
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_GetModel(
+ NSSCKFWToken *fwToken,
+ CK_CHAR model[16])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == model) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwToken->model) {
+ if (fwToken->mdToken->GetModel) {
+ fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->model) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwToken->model = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetSerialNumber
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_GetSerialNumber(
+ NSSCKFWToken *fwToken,
+ CK_CHAR serialNumber[16])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ if ((CK_CHAR_PTR)NULL == serialNumber) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (!fwToken->serialNumber) {
+ if (fwToken->mdToken->GetSerialNumber) {
+ fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
+ if ((!fwToken->serialNumber) && (CKR_OK != error)) {
+ goto done;
+ }
+ } else {
+ fwToken->serialNumber = (NSSUTF8 *)"";
+ }
+ }
+
+ (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetHasRNG
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetHasRNG(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetHasRNG) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetIsWriteProtected
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetIsWriteProtected(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetIsWriteProtected) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetLoginRequired
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetLoginRequired(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetLoginRequired) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetUserPinInitialized
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetUserPinInitialized(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetUserPinInitialized) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetRestoreKeyNotNeeded
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetRestoreKeyNotNeeded(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetRestoreKeyNotNeeded) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetHasClockOnToken
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetHasClockOnToken(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetHasClockOnToken) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetHasProtectedAuthenticationPath
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetHasProtectedAuthenticationPath(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetHasProtectedAuthenticationPath) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetSupportsDualCryptoOperations
+ *
+ */
+NSS_IMPLEMENT CK_BBOOL
+nssCKFWToken_GetSupportsDualCryptoOperations(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_FALSE;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetSupportsDualCryptoOperations) {
+ return CK_FALSE;
+ }
+
+ return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
+ fwToken, fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetMaxSessionCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetMaxSessionCount(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetMaxSessionCount) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetMaxRwSessionCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetMaxRwSessionCount(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetMaxRwSessionCount) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetMaxPinLen
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetMaxPinLen(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetMaxPinLen) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetMinPinLen
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetMinPinLen(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetMinPinLen) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetTotalPublicMemory
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetTotalPublicMemory(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetTotalPublicMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetFreePublicMemory
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetFreePublicMemory(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetFreePublicMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetTotalPrivateMemory
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetTotalPrivateMemory(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetTotalPrivateMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetFreePrivateMemory
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetFreePrivateMemory(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetFreePrivateMemory) {
+ return CK_UNAVAILABLE_INFORMATION;
+ }
+
+ return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetHardwareVersion
+ *
+ */
+NSS_IMPLEMENT CK_VERSION
+nssCKFWToken_GetHardwareVersion(
+ NSSCKFWToken *fwToken)
+{
+ CK_VERSION rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwToken->hardwareVersion.major) ||
+ (0 != fwToken->hardwareVersion.minor)) {
+ rv = fwToken->hardwareVersion;
+ goto done;
+ }
+
+ if (fwToken->mdToken->GetHardwareVersion) {
+ fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
+ fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ } else {
+ fwToken->hardwareVersion.major = 0;
+ fwToken->hardwareVersion.minor = 1;
+ }
+
+ rv = fwToken->hardwareVersion;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWToken_GetFirmwareVersion
+ *
+ */
+NSS_IMPLEMENT CK_VERSION
+nssCKFWToken_GetFirmwareVersion(
+ NSSCKFWToken *fwToken)
+{
+ CK_VERSION rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ rv.major = rv.minor = 0;
+ return rv;
+ }
+
+ if ((0 != fwToken->firmwareVersion.major) ||
+ (0 != fwToken->firmwareVersion.minor)) {
+ rv = fwToken->firmwareVersion;
+ goto done;
+ }
+
+ if (fwToken->mdToken->GetFirmwareVersion) {
+ fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
+ fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
+ } else {
+ fwToken->firmwareVersion.major = 0;
+ fwToken->firmwareVersion.minor = 1;
+ }
+
+ rv = fwToken->firmwareVersion;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWToken_GetUTCTime
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_GetUTCTime(
+ NSSCKFWToken *fwToken,
+ CK_CHAR utcTime[16])
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if ((CK_CHAR_PTR)NULL == utcTime) {
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* DEBUG */
+
+ if (CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken)) {
+ /* return CKR_DEVICE_ERROR; */
+ (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
+ return CKR_OK;
+ }
+
+ if (!fwToken->mdToken->GetUTCTime) {
+ /* It said it had one! */
+ return CKR_GENERAL_ERROR;
+ }
+
+ error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, utcTime);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ /* Sanity-check the data */
+ {
+ /* Format is YYYYMMDDhhmmss00 */
+ int i;
+ int Y, M, D, h, m, s;
+ static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
+
+ for (i = 0; i < 16; i++) {
+ if ((utcTime[i] < '0') || (utcTime[i] > '9')) {
+ goto badtime;
+ }
+ }
+
+ Y = ((utcTime[0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
+ ((utcTime[2] - '0') * 10) + (utcTime[3] - '0');
+ M = ((utcTime[4] - '0') * 10) + (utcTime[5] - '0');
+ D = ((utcTime[6] - '0') * 10) + (utcTime[7] - '0');
+ h = ((utcTime[8] - '0') * 10) + (utcTime[9] - '0');
+ m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
+ s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
+
+ if ((Y < 1990) || (Y > 3000))
+ goto badtime; /* Y3K problem. heh heh heh */
+ if ((M < 1) || (M > 12))
+ goto badtime;
+ if ((D < 1) || (D > 31))
+ goto badtime;
+
+ if (D > dims[M - 1])
+ goto badtime; /* per-month check */
+ if ((2 == M) && (((Y % 4) || !(Y % 100)) &&
+ (Y % 400)) &&
+ (D > 28))
+ goto badtime; /* leap years */
+
+ if ((h < 0) || (h > 23))
+ goto badtime;
+ if ((m < 0) || (m > 60))
+ goto badtime;
+ if ((s < 0) || (s > 61))
+ goto badtime;
+
+ /* 60m and 60 or 61s is only allowed for leap seconds. */
+ if ((60 == m) || (s >= 60)) {
+ if ((23 != h) || (60 != m) || (s < 60))
+ goto badtime;
+ /* leap seconds can only happen on June 30 or Dec 31.. I think */
+ /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
+ }
+ }
+
+ return CKR_OK;
+
+badtime:
+ return CKR_GENERAL_ERROR;
+}
+
+/*
+ * nssCKFWToken_OpenSession
+ *
+ */
+NSS_IMPLEMENT NSSCKFWSession *
+nssCKFWToken_OpenSession(
+ NSSCKFWToken *fwToken,
+ CK_BBOOL rw,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_RV *pError)
+{
+ NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
+ NSSCKMDSession *mdSession;
+
+#ifdef NSSDEBUG
+ if (!pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ *pError = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ switch (rw) {
+ case CK_TRUE:
+ case CK_FALSE:
+ break;
+ default:
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSCKFWSession *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ *pError = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != *pError) {
+ return (NSSCKFWSession *)NULL;
+ }
+
+ if (CK_TRUE == rw) {
+ /* Read-write session desired */
+ if (CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken)) {
+ *pError = CKR_TOKEN_WRITE_PROTECTED;
+ goto done;
+ }
+ } else {
+ /* Read-only session desired */
+ if (CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken)) {
+ *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
+ goto done;
+ }
+ }
+
+ /* We could compare sesion counts to any limits we know of, I guess.. */
+
+ if (!fwToken->mdToken->OpenSession) {
+ /*
+ * I'm not sure that the Module actually needs to implement
+ * mdSessions -- the Framework can keep track of everything
+ * needed, really. But I'll sort out that detail later..
+ */
+ *pError = CKR_GENERAL_ERROR;
+ goto done;
+ }
+
+ fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
+ if (!fwSession) {
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto done;
+ }
+
+ mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, fwSession,
+ rw, pError);
+ if (!mdSession) {
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ if (CKR_OK == *pError) {
+ *pError = CKR_GENERAL_ERROR;
+ }
+ goto done;
+ }
+
+ *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
+ if (CKR_OK != *pError) {
+ if (mdSession->Close) {
+ mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+ }
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ goto done;
+ }
+
+ *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
+ if (CKR_OK != *pError) {
+ (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
+ fwSession = (NSSCKFWSession *)NULL;
+ goto done;
+ }
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return fwSession;
+}
+
+/*
+ * nssCKFWToken_GetMechanismCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetMechanismCount(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return 0;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetMechanismCount) {
+ return 0;
+ }
+
+ return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+/*
+ * nssCKFWToken_GetMechanismTypes
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_GetMechanismTypes(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE types[])
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ if (!types) {
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* NSSDEBUG */
+
+ if (!fwToken->mdToken->GetMechanismTypes) {
+ /*
+ * This should only be called with a sufficiently-large
+ * "types" array, which can only be done if GetMechanismCount
+ * is implemented. If that's implemented (and returns nonzero),
+ * then this should be too. So return an error.
+ */
+ return CKR_GENERAL_ERROR;
+ }
+
+ return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, types);
+}
+
+/*
+ * nssCKFWToken_GetMechanism
+ *
+ */
+NSS_IMPLEMENT NSSCKFWMechanism *
+nssCKFWToken_GetMechanism(
+ NSSCKFWToken *fwToken,
+ CK_MECHANISM_TYPE which,
+ CK_RV *pError)
+{
+ NSSCKMDMechanism *mdMechanism;
+ if (!fwToken->mdMechanismHash) {
+ *pError = CKR_GENERAL_ERROR;
+ return (NSSCKFWMechanism *)NULL;
+ }
+
+ if (!fwToken->mdToken->GetMechanism) {
+ /*
+ * If we don't implement any GetMechanism function, then we must
+ * not support any.
+ */
+ *pError = CKR_MECHANISM_INVALID;
+ return (NSSCKFWMechanism *)NULL;
+ }
+
+ /* lookup in hash table */
+ mdMechanism = fwToken->mdToken->GetMechanism(fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance, which, pError);
+ if (!mdMechanism) {
+ return (NSSCKFWMechanism *)NULL;
+ }
+ /* store in hash table */
+ return nssCKFWMechanism_Create(mdMechanism, fwToken->mdToken, fwToken,
+ fwToken->mdInstance, fwToken->fwInstance);
+}
+
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_SetSessionState(
+ NSSCKFWToken *fwToken,
+ CK_STATE newState)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ switch (newState) {
+ case CKS_RO_PUBLIC_SESSION:
+ case CKS_RO_USER_FUNCTIONS:
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RW_USER_FUNCTIONS:
+ case CKS_RW_SO_FUNCTIONS:
+ break;
+ default:
+ return CKR_ARGUMENTS_BAD;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ fwToken->state = newState;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return CKR_OK;
+}
+
+/*
+ * nssCKFWToken_RemoveSession
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_RemoveSession(
+ NSSCKFWToken *fwToken,
+ NSSCKFWSession *fwSession)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ error = nssCKFWSession_verifyPointer(fwSession);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ if (CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession)) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto done;
+ }
+
+ nssCKFWHash_Remove(fwToken->sessions, fwSession);
+ fwToken->sessionCount--;
+
+ if (nssCKFWSession_IsRWSession(fwSession)) {
+ fwToken->rwSessionCount--;
+ }
+
+ if (0 == fwToken->sessionCount) {
+ fwToken->rwSessionCount = 0; /* sanity */
+ fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
+ }
+
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_CloseAllSessions
+ *
+ */
+NSS_IMPLEMENT CK_RV
+nssCKFWToken_CloseAllSessions(
+ NSSCKFWToken *fwToken)
+{
+ CK_RV error = CKR_OK;
+
+#ifdef NSSDEBUG
+ error = nssCKFWToken_verifyPointer(fwToken);
+ if (CKR_OK != error) {
+ return error;
+ }
+#endif /* NSSDEBUG */
+
+ error = nssCKFWMutex_Lock(fwToken->mutex);
+ if (CKR_OK != error) {
+ return error;
+ }
+
+ nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
+
+ nssCKFWHash_Destroy(fwToken->sessions);
+
+ fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
+ if (!fwToken->sessions) {
+ if (CKR_OK == error) {
+ error = CKR_GENERAL_ERROR;
+ }
+ goto done;
+ }
+
+ fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
+ fwToken->sessionCount = 0;
+ fwToken->rwSessionCount = 0;
+
+ error = CKR_OK;
+
+done:
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return error;
+}
+
+/*
+ * nssCKFWToken_GetSessionCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetSessionCount(
+ NSSCKFWToken *fwToken)
+{
+ CK_ULONG rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ return (CK_ULONG)0;
+ }
+
+ rv = fwToken->sessionCount;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWToken_GetRwSessionCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetRwSessionCount(
+ NSSCKFWToken *fwToken)
+{
+ CK_ULONG rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ return (CK_ULONG)0;
+ }
+
+ rv = fwToken->rwSessionCount;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWToken_GetRoSessionCount
+ *
+ */
+NSS_IMPLEMENT CK_ULONG
+nssCKFWToken_GetRoSessionCount(
+ NSSCKFWToken *fwToken)
+{
+ CK_ULONG rv;
+
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (CK_ULONG)0;
+ }
+#endif /* NSSDEBUG */
+
+ if (CKR_OK != nssCKFWMutex_Lock(fwToken->mutex)) {
+ return (CK_ULONG)0;
+ }
+
+ rv = fwToken->sessionCount - fwToken->rwSessionCount;
+ (void)nssCKFWMutex_Unlock(fwToken->mutex);
+ return rv;
+}
+
+/*
+ * nssCKFWToken_GetSessionObjectHash
+ *
+ */
+NSS_IMPLEMENT nssCKFWHash *
+nssCKFWToken_GetSessionObjectHash(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (nssCKFWHash *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->sessionObjectHash;
+}
+
+/*
+ * nssCKFWToken_GetMDObjectHash
+ *
+ */
+NSS_IMPLEMENT nssCKFWHash *
+nssCKFWToken_GetMDObjectHash(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (nssCKFWHash *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->mdObjectHash;
+}
+
+/*
+ * nssCKFWToken_GetObjectHandleHash
+ *
+ */
+NSS_IMPLEMENT nssCKFWHash *
+nssCKFWToken_GetObjectHandleHash(
+ NSSCKFWToken *fwToken)
+{
+#ifdef NSSDEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (nssCKFWHash *)NULL;
+ }
+#endif /* NSSDEBUG */
+
+ return fwToken->mdObjectHash;
+}
+
+/*
+ * NSSCKFWToken_GetMDToken
+ *
+ */
+
+NSS_IMPLEMENT NSSCKMDToken *
+NSSCKFWToken_GetMDToken(
+ NSSCKFWToken *fwToken)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDToken *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWToken_GetMDToken(fwToken);
+}
+
+/*
+ * NSSCKFWToken_GetArena
+ *
+ */
+
+NSS_IMPLEMENT NSSArena *
+NSSCKFWToken_GetArena(
+ NSSCKFWToken *fwToken,
+ CK_RV *pError)
+{
+#ifdef DEBUG
+ if (!pError) {
+ return (NSSArena *)NULL;
+ }
+
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ *pError = CKR_ARGUMENTS_BAD;
+ return (NSSArena *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWToken_GetArena(fwToken, pError);
+}
+
+/*
+ * NSSCKFWToken_GetFWSlot
+ *
+ */
+
+NSS_IMPLEMENT NSSCKFWSlot *
+NSSCKFWToken_GetFWSlot(
+ NSSCKFWToken *fwToken)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKFWSlot *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWToken_GetFWSlot(fwToken);
+}
+
+/*
+ * NSSCKFWToken_GetMDSlot
+ *
+ */
+
+NSS_IMPLEMENT NSSCKMDSlot *
+NSSCKFWToken_GetMDSlot(
+ NSSCKFWToken *fwToken)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return (NSSCKMDSlot *)NULL;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWToken_GetMDSlot(fwToken);
+}
+
+/*
+ * NSSCKFWToken_GetSessionState
+ *
+ */
+
+NSS_IMPLEMENT CK_STATE
+NSSCKFWSession_GetSessionState(
+ NSSCKFWToken *fwToken)
+{
+#ifdef DEBUG
+ if (CKR_OK != nssCKFWToken_verifyPointer(fwToken)) {
+ return CKS_RO_PUBLIC_SESSION;
+ }
+#endif /* DEBUG */
+
+ return nssCKFWToken_GetSessionState(fwToken);
+}
diff --git a/security/nss/lib/ckfw/wrap.c b/security/nss/lib/ckfw/wrap.c
new file mode 100644
index 000000000..44c2e8e5b
--- /dev/null
+++ b/security/nss/lib/ckfw/wrap.c
@@ -0,0 +1,5550 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * wrap.c
+ *
+ * This file contains the routines that actually implement the cryptoki
+ * API, using the internal APIs of the NSS Cryptoki Framework. There is
+ * one routine here for every cryptoki routine. For linking reasons
+ * the actual entry points passed back with C_GetFunctionList have to
+ * exist in one of the Module's source files; however, those are merely
+ * simple wrappers that call these routines. The intelligence of the
+ * implementations is here.
+ */
+
+#ifndef CK_T
+#include "ck.h"
+#endif /* CK_T */
+
+/*
+ * NSSCKFWC_Initialize
+ * NSSCKFWC_Finalize
+ * NSSCKFWC_GetInfo
+ * -- NSSCKFWC_GetFunctionList -- see the API insert file
+ * NSSCKFWC_GetSlotList
+ * NSSCKFWC_GetSlotInfo
+ * NSSCKFWC_GetTokenInfo
+ * NSSCKFWC_WaitForSlotEvent
+ * NSSCKFWC_GetMechanismList
+ * NSSCKFWC_GetMechanismInfo
+ * NSSCKFWC_InitToken
+ * NSSCKFWC_InitPIN
+ * NSSCKFWC_SetPIN
+ * NSSCKFWC_OpenSession
+ * NSSCKFWC_CloseSession
+ * NSSCKFWC_CloseAllSessions
+ * NSSCKFWC_GetSessionInfo
+ * NSSCKFWC_GetOperationState
+ * NSSCKFWC_SetOperationState
+ * NSSCKFWC_Login
+ * NSSCKFWC_Logout
+ * NSSCKFWC_CreateObject
+ * NSSCKFWC_CopyObject
+ * NSSCKFWC_DestroyObject
+ * NSSCKFWC_GetObjectSize
+ * NSSCKFWC_GetAttributeValue
+ * NSSCKFWC_SetAttributeValue
+ * NSSCKFWC_FindObjectsInit
+ * NSSCKFWC_FindObjects
+ * NSSCKFWC_FindObjectsFinal
+ * NSSCKFWC_EncryptInit
+ * NSSCKFWC_Encrypt
+ * NSSCKFWC_EncryptUpdate
+ * NSSCKFWC_EncryptFinal
+ * NSSCKFWC_DecryptInit
+ * NSSCKFWC_Decrypt
+ * NSSCKFWC_DecryptUpdate
+ * NSSCKFWC_DecryptFinal
+ * NSSCKFWC_DigestInit
+ * NSSCKFWC_Digest
+ * NSSCKFWC_DigestUpdate
+ * NSSCKFWC_DigestKey
+ * NSSCKFWC_DigestFinal
+ * NSSCKFWC_SignInit
+ * NSSCKFWC_Sign
+ * NSSCKFWC_SignUpdate
+ * NSSCKFWC_SignFinal
+ * NSSCKFWC_SignRecoverInit
+ * NSSCKFWC_SignRecover
+ * NSSCKFWC_VerifyInit
+ * NSSCKFWC_Verify
+ * NSSCKFWC_VerifyUpdate
+ * NSSCKFWC_VerifyFinal
+ * NSSCKFWC_VerifyRecoverInit
+ * NSSCKFWC_VerifyRecover
+ * NSSCKFWC_DigestEncryptUpdate
+ * NSSCKFWC_DecryptDigestUpdate
+ * NSSCKFWC_SignEncryptUpdate
+ * NSSCKFWC_DecryptVerifyUpdate
+ * NSSCKFWC_GenerateKey
+ * NSSCKFWC_GenerateKeyPair
+ * NSSCKFWC_WrapKey
+ * NSSCKFWC_UnwrapKey
+ * NSSCKFWC_DeriveKey
+ * NSSCKFWC_SeedRandom
+ * NSSCKFWC_GenerateRandom
+ * NSSCKFWC_GetFunctionStatus
+ * NSSCKFWC_CancelFunction
+ */
+
+/* figure out out locking semantics */
+static CK_RV
+nssCKFW_GetThreadSafeState(CK_C_INITIALIZE_ARGS_PTR pInitArgs,
+ CryptokiLockingState *pLocking_state)
+{
+ int functionCount = 0;
+
+ /* parsed according to (PKCS #11 Section 11.4) */
+ /* no args, the degenerate version of case 1 */
+ if (!pInitArgs) {
+ *pLocking_state = SingleThreaded;
+ return CKR_OK;
+ }
+
+ /* CKF_OS_LOCKING_OK set, Cases 2 and 4 */
+ if (pInitArgs->flags & CKF_OS_LOCKING_OK) {
+ *pLocking_state = MultiThreaded;
+ return CKR_OK;
+ }
+ if ((CK_CREATEMUTEX)NULL != pInitArgs->CreateMutex)
+ functionCount++;
+ if ((CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex)
+ functionCount++;
+ if ((CK_LOCKMUTEX)NULL != pInitArgs->LockMutex)
+ functionCount++;
+ if ((CK_UNLOCKMUTEX)NULL != pInitArgs->UnlockMutex)
+ functionCount++;
+
+ /* CKF_OS_LOCKING_OK is not set, and not functions supplied,
+ * explicit case 1 */
+ if (0 == functionCount) {
+ *pLocking_state = SingleThreaded;
+ return CKR_OK;
+ }
+
+ /* OS_LOCKING_OK is not set and functions have been supplied. Since
+ * ckfw uses nssbase library which explicitly calls NSPR, and since
+ * there is no way to reliably override these explicit calls to NSPR,
+ * therefore we can't support applications which have their own threading
+ * module. Return CKR_CANT_LOCK if they supplied the correct number of
+ * arguments, or CKR_ARGUMENTS_BAD if they did not in either case we will
+ * fail the initialize */
+ return (4 == functionCount) ? CKR_CANT_LOCK : CKR_ARGUMENTS_BAD;
+}
+
+static PRInt32 liveInstances;
+
+/*
+ * NSSCKFWC_Initialize
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Initialize(
+ NSSCKFWInstance **pFwInstance,
+ NSSCKMDInstance *mdInstance,
+ CK_VOID_PTR pInitArgs)
+{
+ CK_RV error = CKR_OK;
+ CryptokiLockingState locking_state;
+
+ if ((NSSCKFWInstance **)NULL == pFwInstance) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ if (*pFwInstance) {
+ error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
+ goto loser;
+ }
+
+ if (!mdInstance) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ error = nssCKFW_GetThreadSafeState(pInitArgs, &locking_state);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ *pFwInstance = nssCKFWInstance_Create(pInitArgs, locking_state, mdInstance, &error);
+ if (!*pFwInstance) {
+ goto loser;
+ }
+ PR_ATOMIC_INCREMENT(&liveInstances);
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CANT_LOCK:
+ case CKR_CRYPTOKI_ALREADY_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_NEED_TO_CREATE_THREADS:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_Finalize
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Finalize(
+ NSSCKFWInstance **pFwInstance)
+{
+ CK_RV error = CKR_OK;
+
+ if ((NSSCKFWInstance **)NULL == pFwInstance) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ if (!*pFwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ error = nssCKFWInstance_Destroy(*pFwInstance);
+
+ /* In any case */
+ *pFwInstance = (NSSCKFWInstance *)NULL;
+
+loser:
+ switch (error) {
+ PRInt32 remainingInstances;
+ case CKR_OK:
+ remainingInstances = PR_ATOMIC_DECREMENT(&liveInstances);
+ if (!remainingInstances) {
+ nssArena_Shutdown();
+ }
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ break;
+ default:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ /*
+ * A thread's error stack is automatically destroyed when the thread
+ * terminates or, for the primordial thread, by PR_Cleanup. On
+ * Windows with MinGW, the thread private data destructor PR_Free
+ * registered by this module is actually a thunk for PR_Free defined
+ * in this module. When the thread that unloads this module terminates
+ * or calls PR_Cleanup, the thunk for PR_Free is already gone with the
+ * module. Therefore we need to destroy the error stack before the
+ * module is unloaded.
+ */
+ nss_DestroyErrorStack();
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetInfo
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_INFO_PTR pInfo)
+{
+ CK_RV error = CKR_OK;
+
+ if ((CK_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here means a caller error
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
+
+ pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
+
+ error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
+
+ error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ break;
+ default:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * C_GetFunctionList is implemented entirely in the Module's file which
+ * includes the Framework API insert file. It requires no "actual"
+ * NSSCKFW routine.
+ */
+
+/*
+ * NSSCKFWC_GetSlotList
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetSlotList(
+ NSSCKFWInstance *fwInstance,
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ switch (tokenPresent) {
+ case CK_TRUE:
+ case CK_FALSE:
+ break;
+ default:
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulCount) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList) {
+ *pulCount = nSlots;
+ return CKR_OK;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
+
+ if (*pulCount < nSlots) {
+ *pulCount = nSlots;
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ } else {
+ CK_ULONG i;
+ *pulCount = nSlots;
+
+ /*
+ * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
+ * just index one when we need it.
+ */
+
+ for (i = 0; i < nSlots; i++) {
+ pSlotList[i] = i + 1;
+ }
+
+ return CKR_OK;
+ }
+
+loser:
+ switch (error) {
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetSlotInfo
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetSlotInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if ((CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ if (nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ pInfo->flags |= CKF_TOKEN_PRESENT;
+ }
+
+ if (nssCKFWSlot_GetRemovableDevice(fwSlot)) {
+ pInfo->flags |= CKF_REMOVABLE_DEVICE;
+ }
+
+ if (nssCKFWSlot_GetHardwareSlot(fwSlot)) {
+ pInfo->flags |= CKF_HW_SLOT;
+ }
+
+ pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
+ pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetTokenInfo
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetTokenInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if ((CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetModel(fwToken, pInfo->model);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ if (nssCKFWToken_GetHasRNG(fwToken)) {
+ pInfo->flags |= CKF_RNG;
+ }
+
+ if (nssCKFWToken_GetIsWriteProtected(fwToken)) {
+ pInfo->flags |= CKF_WRITE_PROTECTED;
+ }
+
+ if (nssCKFWToken_GetLoginRequired(fwToken)) {
+ pInfo->flags |= CKF_LOGIN_REQUIRED;
+ }
+
+ if (nssCKFWToken_GetUserPinInitialized(fwToken)) {
+ pInfo->flags |= CKF_USER_PIN_INITIALIZED;
+ }
+
+ if (nssCKFWToken_GetRestoreKeyNotNeeded(fwToken)) {
+ pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
+ }
+
+ if (nssCKFWToken_GetHasClockOnToken(fwToken)) {
+ pInfo->flags |= CKF_CLOCK_ON_TOKEN;
+ }
+
+ if (nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken)) {
+ pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
+ }
+
+ if (nssCKFWToken_GetSupportsDualCryptoOperations(fwToken)) {
+ pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
+ }
+
+ pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
+ pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
+ pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
+ pInfo->ulRwSessionCount = nssCKFWToken_GetRwSessionCount(fwToken);
+ pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
+ pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
+ pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
+ pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
+ pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
+ pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
+ pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
+ pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
+
+ error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_WaitForSlotEvent
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_WaitForSlotEvent(
+ NSSCKFWInstance *fwInstance,
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ CK_BBOOL block;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ if (flags & ~CKF_DONT_BLOCK) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ if ((CK_VOID_PTR)CK_NULL_PTR != pReserved) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
+ if (!fwSlot) {
+ goto loser;
+ }
+
+ for (i = 0; i < nSlots; i++) {
+ if (fwSlot == slots[i]) {
+ *pSlot = (CK_SLOT_ID)(CK_ULONG)(i + 1);
+ return CKR_OK;
+ }
+ }
+
+ error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
+
+loser:
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_NO_EVENT:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetMechanismList
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetMechanismList(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ CK_ULONG count;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulCount) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ count = nssCKFWToken_GetMechanismCount(fwToken);
+
+ if ((CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList) {
+ *pulCount = count;
+ return CKR_OK;
+ }
+
+ if (*pulCount < count) {
+ *pulCount = count;
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
+
+ *pulCount = count;
+
+ if (0 != count) {
+ error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
+ } else {
+ error = CKR_OK;
+ }
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetMechanismInfo
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetMechanismInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ if ((CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism, &error);
+ pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism, &error);
+
+ if (nssCKFWMechanism_GetInHardware(fwMechanism, &error)) {
+ pInfo->flags |= CKF_HW;
+ }
+ if (nssCKFWMechanism_GetCanEncrypt(fwMechanism, &error)) {
+ pInfo->flags |= CKF_ENCRYPT;
+ }
+ if (nssCKFWMechanism_GetCanDecrypt(fwMechanism, &error)) {
+ pInfo->flags |= CKF_DECRYPT;
+ }
+ if (nssCKFWMechanism_GetCanDigest(fwMechanism, &error)) {
+ pInfo->flags |= CKF_DIGEST;
+ }
+ if (nssCKFWMechanism_GetCanSign(fwMechanism, &error)) {
+ pInfo->flags |= CKF_SIGN;
+ }
+ if (nssCKFWMechanism_GetCanSignRecover(fwMechanism, &error)) {
+ pInfo->flags |= CKF_SIGN_RECOVER;
+ }
+ if (nssCKFWMechanism_GetCanVerify(fwMechanism, &error)) {
+ pInfo->flags |= CKF_VERIFY;
+ }
+ if (nssCKFWMechanism_GetCanVerifyRecover(fwMechanism, &error)) {
+ pInfo->flags |= CKF_VERIFY_RECOVER;
+ }
+ if (nssCKFWMechanism_GetCanGenerate(fwMechanism, &error)) {
+ pInfo->flags |= CKF_GENERATE;
+ }
+ if (nssCKFWMechanism_GetCanGenerateKeyPair(fwMechanism, &error)) {
+ pInfo->flags |= CKF_GENERATE_KEY_PAIR;
+ }
+ if (nssCKFWMechanism_GetCanWrap(fwMechanism, &error)) {
+ pInfo->flags |= CKF_WRAP;
+ }
+ if (nssCKFWMechanism_GetCanUnwrap(fwMechanism, &error)) {
+ pInfo->flags |= CKF_UNWRAP;
+ }
+ if (nssCKFWMechanism_GetCanDerive(fwMechanism, &error)) {
+ pInfo->flags |= CKF_DERIVE;
+ }
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ return error;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_InitToken
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_InitToken(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ NSSItem pin;
+ NSSUTF8 *label;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ pin.size = (PRUint32)ulPinLen;
+ pin.data = (void *)pPin;
+ label = (NSSUTF8 *)pLabel; /* identity conversion */
+
+ error = nssCKFWToken_InitToken(fwToken, &pin, label);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ case CKR_TOKEN_NOT_PRESENT:
+ if (fwToken)
+ nssCKFWToken_Destroy(fwToken);
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_INCORRECT:
+ case CKR_PIN_LOCKED:
+ case CKR_SESSION_EXISTS:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_InitPIN
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_InitPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem pin, *arg;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pPin) {
+ arg = (NSSItem *)NULL;
+ } else {
+ arg = &pin;
+ pin.size = (PRUint32)ulPinLen;
+ pin.data = (void *)pPin;
+ }
+
+ error = nssCKFWSession_InitPIN(fwSession, arg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_INVALID:
+ case CKR_PIN_LEN_RANGE:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_SetPIN
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SetPIN(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem oldPin, newPin, *oldArg, *newArg;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pOldPin) {
+ oldArg = (NSSItem *)NULL;
+ } else {
+ oldArg = &oldPin;
+ oldPin.size = (PRUint32)ulOldLen;
+ oldPin.data = (void *)pOldPin;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pNewPin) {
+ newArg = (NSSItem *)NULL;
+ } else {
+ newArg = &newPin;
+ newPin.size = (PRUint32)ulNewLen;
+ newPin.data = (void *)pNewPin;
+ }
+
+ error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_INCORRECT:
+ case CKR_PIN_INVALID:
+ case CKR_PIN_LEN_RANGE:
+ case CKR_PIN_LOCKED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_OpenSession
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_OpenSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+ NSSCKFWSession *fwSession;
+ CK_BBOOL rw;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ if (flags & CKF_RW_SESSION) {
+ rw = CK_TRUE;
+ } else {
+ rw = CK_FALSE;
+ }
+
+ if (flags & CKF_SERIAL_SESSION) {
+ ;
+ } else {
+ error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
+ goto loser;
+ }
+
+ if (flags & ~(CKF_RW_SESSION | CKF_SERIAL_SESSION)) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ if ((CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *phSession = (CK_SESSION_HANDLE)0;
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
+ Notify, &error);
+ if (!fwSession) {
+ goto loser;
+ }
+
+ *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
+ fwSession, &error);
+ if ((CK_SESSION_HANDLE)0 == *phSession) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_COUNT:
+ case CKR_SESSION_EXISTS:
+ case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
+ case CKR_SESSION_READ_WRITE_SO_EXISTS:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_PRESENT:
+ case CKR_TOKEN_NOT_RECOGNIZED:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_CloseSession
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_CloseSession(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
+ error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_CloseAllSessions
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_CloseAllSessions(
+ NSSCKFWInstance *fwInstance,
+ CK_SLOT_ID slotID)
+{
+ CK_RV error = CKR_OK;
+ CK_ULONG nSlots;
+ NSSCKFWSlot **slots;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
+ if ((CK_ULONG)0 == nSlots) {
+ goto loser;
+ }
+
+ if ((slotID < 1) || (slotID > nSlots)) {
+ error = CKR_SLOT_ID_INVALID;
+ goto loser;
+ }
+
+ slots = nssCKFWInstance_GetSlots(fwInstance, &error);
+ if ((NSSCKFWSlot **)NULL == slots) {
+ goto loser;
+ }
+
+ fwSlot = slots[slotID - 1];
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ error = nssCKFWToken_CloseAllSessions(fwToken);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SLOT_ID_INVALID:
+ case CKR_TOKEN_NOT_PRESENT:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetSessionInfo
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetSessionInfo(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWSlot *fwSlot;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR;
+ goto loser;
+ }
+
+ pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
+ pInfo->state = nssCKFWSession_GetSessionState(fwSession);
+
+ if (CK_TRUE == nssCKFWSession_IsRWSession(fwSession)) {
+ pInfo->flags |= CKF_RW_SESSION;
+ }
+
+ pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
+
+ pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetOperationState
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ CK_ULONG len;
+ NSSItem buf;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
+ if (((CK_ULONG)0 == len) && (CKR_OK != error)) {
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pOperationState) {
+ *pulOperationStateLen = len;
+ return CKR_OK;
+ }
+
+ if (*pulOperationStateLen < len) {
+ *pulOperationStateLen = len;
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ buf.size = (PRUint32)*pulOperationStateLen;
+ buf.data = (void *)pOperationState;
+ *pulOperationStateLen = len;
+ error = nssCKFWSession_GetOperationState(fwSession, &buf);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_STATE_UNSAVEABLE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_SetOperationState
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SetOperationState(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *eKey;
+ NSSCKFWObject *aKey;
+ NSSItem state;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pOperationState) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * We could loop through the buffer, to catch any purify errors
+ * in a place with a "user error" note.
+ */
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE)0 == hEncryptionKey) {
+ eKey = (NSSCKFWObject *)NULL;
+ } else {
+ eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
+ if (!eKey) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+ }
+
+ if ((CK_OBJECT_HANDLE)0 == hAuthenticationKey) {
+ aKey = (NSSCKFWObject *)NULL;
+ } else {
+ aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
+ if (!aKey) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+ }
+
+ state.data = pOperationState;
+ state.size = ulOperationStateLen;
+
+ error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_CHANGED:
+ case CKR_KEY_NEEDED:
+ case CKR_KEY_NOT_NEEDED:
+ case CKR_SAVED_STATE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_Login
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Login(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem pin, *arg;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_CHAR_PTR)CK_NULL_PTR == pPin) {
+ arg = (NSSItem *)NULL;
+ } else {
+ arg = &pin;
+ pin.size = (PRUint32)ulPinLen;
+ pin.data = (void *)pPin;
+ }
+
+ error = nssCKFWSession_Login(fwSession, userType, arg);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_PIN_EXPIRED:
+ case CKR_PIN_INCORRECT:
+ case CKR_PIN_LOCKED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY_EXISTS:
+ case CKR_USER_ALREADY_LOGGED_IN:
+ case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
+ case CKR_USER_PIN_NOT_INITIALIZED:
+ case CKR_USER_TOO_MANY_TYPES:
+ case CKR_USER_TYPE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_Logout
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Logout(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Logout(fwSession);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_CreateObject
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_CreateObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *phObject = (CK_OBJECT_HANDLE)0;
+
+ fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
+ ulCount, &error);
+ if (!fwObject) {
+ goto loser;
+ }
+
+ *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+ if ((CK_OBJECT_HANDLE)0 == *phObject) {
+ nssCKFWObject_Destroy(fwObject);
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_CopyObject
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_CopyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwNewObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *phNewObject = (CK_OBJECT_HANDLE)0;
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
+ pTemplate, ulCount, &error);
+ if (!fwNewObject) {
+ goto loser;
+ }
+
+ *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
+ fwNewObject, &error);
+ if ((CK_OBJECT_HANDLE)0 == *phNewObject) {
+ nssCKFWObject_Destroy(fwNewObject);
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_DestroyObject
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DestroyObject(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
+ nssCKFWObject_Destroy(fwObject);
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetObjectSize
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetObjectSize(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ULONG_PTR)CK_NULL_PTR == pulSize) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ *pulSize = (CK_ULONG)0;
+
+ *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
+ if (((CK_ULONG)0 == *pulSize) && (CKR_OK != error)) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_INFORMATION_SENSITIVE:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetAttributeValue
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ CK_BBOOL sensitive = CK_FALSE;
+ CK_BBOOL invalid = CK_FALSE;
+ CK_BBOOL tooSmall = CK_FALSE;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ for (i = 0; i < ulCount; i++) {
+ CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
+ pTemplate[i].type, &error);
+ if ((CK_ULONG)0 == size) {
+ switch (error) {
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_INFORMATION_SENSITIVE:
+ sensitive =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ invalid =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ case CKR_OK:
+ break;
+ default:
+ goto loser;
+ }
+ }
+
+ if ((CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue) {
+ pTemplate[i].ulValueLen = size;
+ } else {
+ NSSItem it, *p;
+
+ if (pTemplate[i].ulValueLen < size) {
+ tooSmall = CK_TRUE;
+ continue;
+ }
+
+ it.size = (PRUint32)pTemplate[i].ulValueLen;
+ it.data = (void *)pTemplate[i].pValue;
+ p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
+ (NSSArena *)NULL, &error);
+ if (!p) {
+ switch (error) {
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_INFORMATION_SENSITIVE:
+ sensitive =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ invalid =
+ CK_TRUE;
+ pTemplate[i].ulValueLen =
+ (CK_ULONG)(-1);
+ continue;
+ default:
+ goto loser;
+ }
+ }
+
+ pTemplate[i].ulValueLen = size;
+ }
+ }
+
+ if (sensitive) {
+ error = CKR_ATTRIBUTE_SENSITIVE;
+ goto loser;
+ } else if (invalid) {
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ } else if (tooSmall) {
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_SetAttributeValue
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SetAttributeValue(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
+ if (!fwObject) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ for (i = 0; i < ulCount; i++) {
+ NSSItem value;
+
+ value.data = pTemplate[i].pValue;
+ value.size = pTemplate[i].ulValueLen;
+
+ error = nssCKFWObject_SetAttribute(fwObject, fwSession,
+ pTemplate[i].type, &value);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OBJECT_HANDLE_INVALID:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_FindObjectsInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_FindObjectsInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWFindObjects *fwFindObjects;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if (((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0)) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
+ if (fwFindObjects) {
+ error = CKR_OPERATION_ACTIVE;
+ goto loser;
+ }
+
+ if (CKR_OPERATION_NOT_INITIALIZED != error) {
+ goto loser;
+ }
+
+ fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
+ pTemplate, ulCount, &error);
+ if (!fwFindObjects) {
+ goto loser;
+ }
+
+ error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
+
+ if (CKR_OK != error) {
+ nssCKFWFindObjects_Destroy(fwFindObjects);
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_FindObjects
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_FindObjects(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWFindObjects *fwFindObjects;
+ CK_ULONG i;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
+ *pulObjectCount = (CK_ULONG)0;
+
+ fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
+ if (!fwFindObjects) {
+ goto loser;
+ }
+
+ for (i = 0; i < ulMaxObjectCount; i++) {
+ NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
+ NULL, &error);
+ if (!fwObject) {
+ break;
+ }
+
+ phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
+ if ((CK_OBJECT_HANDLE)0 == phObject[i]) {
+ phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+ }
+ if ((CK_OBJECT_HANDLE)0 == phObject[i]) {
+ /* This isn't right either, is it? */
+ nssCKFWObject_Destroy(fwObject);
+ goto loser;
+ }
+ }
+
+ *pulObjectCount = i;
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_FindObjectsFinal
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_FindObjectsFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWFindObjects *fwFindObjects;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
+ if (!fwFindObjects) {
+ error = CKR_OPERATION_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ nssCKFWFindObjects_Destroy(fwFindObjects);
+ error = nssCKFWSession_SetFWFindObjects(fwSession,
+ (NSSCKFWFindObjects *)NULL);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_EncryptInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_EncryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_EncryptInit(fwMechanism, pMechanism,
+ fwSession, fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_Encrypt
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Encrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_CLOSED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_EncryptUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_EncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Update(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_EncryptFinal
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_EncryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pLastEncryptedPart, pulLastEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DecryptInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DecryptInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_DecryptInit(fwMechanism, pMechanism,
+ fwSession, fwObject);
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_Decrypt
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Decrypt(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DecryptUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DecryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Update(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DecryptFinal
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DecryptFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationState_EncryptDecrypt,
+ pLastPart, pulLastPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DigestInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DigestInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_DigestInit(fwMechanism, pMechanism, fwSession);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_Digest
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Digest(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pData, ulDataLen, pDigest, pulDigestLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DigestUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestUpdate(fwSession,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pData, ulDataLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DigestKey
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DigestKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestKey(fwSession, fwObject);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_INDIGESTIBLE:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DigestFinal
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DigestFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pDigest, pulDigestLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SignInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SignInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_SignInit(fwMechanism, pMechanism, fwSession,
+ fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_Sign
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Sign(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pData, ulDataLen, pSignature, pulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ case CKR_FUNCTION_REJECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SignUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SignUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestUpdate(fwSession,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pPart, ulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SignFinal
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SignFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pSignature, pulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ case CKR_FUNCTION_REJECTED:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SignRecoverInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SignRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_SignRecoverInit(fwMechanism, pMechanism, fwSession,
+ fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SignRecover
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SignRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_SignRecover,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pData, ulDataLen, pSignature, pulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_VerifyInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_VerifyInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_VerifyInit(fwMechanism, pMechanism, fwSession,
+ fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_Verify
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_Verify(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pData, ulDataLen, pSignature, &ulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SIGNATURE_INVALID:
+ case CKR_SIGNATURE_LEN_RANGE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_VerifyUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_VerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_DigestUpdate(fwSession,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pPart, ulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_VerifyFinal
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_VerifyFinal(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_Final(fwSession,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pSignature, &ulSignatureLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SIGNATURE_INVALID:
+ case CKR_SIGNATURE_LEN_RANGE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_VerifyRecoverInit
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_VerifyRecoverInit(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_VerifyRecoverInit(fwMechanism, pMechanism,
+ fwSession, fwObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_FUNCTION_NOT_PERMITTED:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_CLOSED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_VerifyRecover
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_VerifyRecover(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateFinal(fwSession,
+ NSSCKFWCryptoOperationType_VerifyRecover,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pSignature, ulSignatureLen, pData, pulDataLen);
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_INVALID:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SIGNATURE_INVALID:
+ case CKR_SIGNATURE_LEN_RANGE:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DigestEncryptUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DigestEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DecryptDigestUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DecryptDigestUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationType_Digest,
+ NSSCKFWCryptoOperationState_Digest,
+ pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ case CKR_DATA_LEN_RANGE:
+ error = CKR_ENCRYPTED_DATA_LEN_RANGE;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SignEncryptUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SignEncryptUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Encrypt,
+ NSSCKFWCryptoOperationType_Sign,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DecryptVerifyUpdate
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DecryptVerifyUpdate(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ error = nssCKFWSession_UpdateCombo(fwSession,
+ NSSCKFWCryptoOperationType_Decrypt,
+ NSSCKFWCryptoOperationType_Verify,
+ NSSCKFWCryptoOperationState_SignVerify,
+ pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DATA_LEN_RANGE:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_ENCRYPTED_DATA_INVALID:
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_NOT_INITIALIZED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ break;
+ case CKR_DATA_INVALID:
+ error = CKR_ENCRYPTED_DATA_INVALID;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_GenerateKey
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GenerateKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ fwObject = nssCKFWMechanism_GenerateKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ pTemplate,
+ ulCount,
+ &error);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (!fwObject) {
+ goto loser;
+ }
+ *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_GenerateKeyPair
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GenerateKeyPair(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwPrivateKeyObject;
+ NSSCKFWObject *fwPublicKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ error = nssCKFWMechanism_GenerateKeyPair(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ pPublicKeyTemplate,
+ ulPublicKeyAttributeCount,
+ pPublicKeyTemplate,
+ ulPublicKeyAttributeCount,
+ &fwPublicKeyObject,
+ &fwPrivateKeyObject);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ *phPublicKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
+ fwPublicKeyObject,
+ &error);
+ if (CKR_OK != error) {
+ goto loser;
+ }
+ *phPrivateKey = nssCKFWInstance_CreateObjectHandle(fwInstance,
+ fwPrivateKeyObject,
+ &error);
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_DOMAIN_PARAMS_INVALID:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_WrapKey
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_WrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwKeyObject;
+ NSSCKFWObject *fwWrappingKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+ NSSItem wrappedKey;
+ CK_ULONG wrappedKeyLength = 0;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
+ hWrappingKey);
+ if (!fwWrappingKeyObject) {
+ error = CKR_WRAPPING_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hKey);
+ if (!fwKeyObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ /*
+ * first get the length...
+ */
+ wrappedKeyLength = nssCKFWMechanism_GetWrapKeyLength(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwWrappingKeyObject,
+ fwKeyObject,
+ &error);
+ if ((CK_ULONG)0 == wrappedKeyLength) {
+ nssCKFWMechanism_Destroy(fwMechanism);
+ goto loser;
+ }
+ if ((CK_BYTE_PTR)NULL == pWrappedKey) {
+ *pulWrappedKeyLen = wrappedKeyLength;
+ nssCKFWMechanism_Destroy(fwMechanism);
+ return CKR_OK;
+ }
+ if (wrappedKeyLength > *pulWrappedKeyLen) {
+ *pulWrappedKeyLen = wrappedKeyLength;
+ nssCKFWMechanism_Destroy(fwMechanism);
+ error = CKR_BUFFER_TOO_SMALL;
+ goto loser;
+ }
+
+ wrappedKey.data = pWrappedKey;
+ wrappedKey.size = wrappedKeyLength;
+
+ error = nssCKFWMechanism_WrapKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwWrappingKeyObject,
+ fwKeyObject,
+ &wrappedKey);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ *pulWrappedKeyLen = wrappedKey.size;
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_NOT_WRAPPABLE:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_UNEXTRACTABLE:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_WRAPPING_KEY_HANDLE_INVALID:
+ case CKR_WRAPPING_KEY_SIZE_RANGE:
+ case CKR_WRAPPING_KEY_TYPE_INCONSISTENT:
+ break;
+ case CKR_KEY_TYPE_INCONSISTENT:
+ error = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_UnwrapKey
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_UnwrapKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwWrappingKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+ NSSItem wrappedKey;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwWrappingKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance,
+ hUnwrappingKey);
+ if (!fwWrappingKeyObject) {
+ error = CKR_WRAPPING_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ wrappedKey.data = pWrappedKey;
+ wrappedKey.size = ulWrappedKeyLen;
+
+ fwObject = nssCKFWMechanism_UnwrapKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwWrappingKeyObject,
+ &wrappedKey,
+ pTemplate,
+ ulAttributeCount,
+ &error);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (!fwObject) {
+ goto loser;
+ }
+ *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_BUFFER_TOO_SMALL:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_DOMAIN_PARAMS_INVALID:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_UNWRAPPING_KEY_HANDLE_INVALID:
+ case CKR_UNWRAPPING_KEY_SIZE_RANGE:
+ case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT:
+ case CKR_USER_NOT_LOGGED_IN:
+ case CKR_WRAPPED_KEY_INVALID:
+ case CKR_WRAPPED_KEY_LEN_RANGE:
+ break;
+ case CKR_KEY_HANDLE_INVALID:
+ error = CKR_UNWRAPPING_KEY_HANDLE_INVALID;
+ break;
+ case CKR_KEY_SIZE_RANGE:
+ error = CKR_UNWRAPPING_KEY_SIZE_RANGE;
+ break;
+ case CKR_KEY_TYPE_INCONSISTENT:
+ error = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT;
+ break;
+ case CKR_ENCRYPTED_DATA_INVALID:
+ error = CKR_WRAPPED_KEY_INVALID;
+ break;
+ case CKR_ENCRYPTED_DATA_LEN_RANGE:
+ error = CKR_WRAPPED_KEY_LEN_RANGE;
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_DeriveKey
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_DeriveKey(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSCKFWObject *fwObject;
+ NSSCKFWObject *fwBaseKeyObject;
+ NSSCKFWSlot *fwSlot;
+ NSSCKFWToken *fwToken;
+ NSSCKFWMechanism *fwMechanism;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwBaseKeyObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hBaseKey);
+ if (!fwBaseKeyObject) {
+ error = CKR_KEY_HANDLE_INVALID;
+ goto loser;
+ }
+
+ fwSlot = nssCKFWSession_GetFWSlot(fwSession);
+ if (!fwSlot) {
+ error = CKR_GENERAL_ERROR; /* should never happen! */
+ goto loser;
+ }
+
+ if (CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot)) {
+ error = CKR_TOKEN_NOT_PRESENT;
+ goto loser;
+ }
+
+ fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
+ if (!fwToken) {
+ goto loser;
+ }
+
+ fwMechanism = nssCKFWToken_GetMechanism(fwToken, pMechanism->mechanism, &error);
+ if (!fwMechanism) {
+ goto loser;
+ }
+
+ fwObject = nssCKFWMechanism_DeriveKey(
+ fwMechanism,
+ pMechanism,
+ fwSession,
+ fwBaseKeyObject,
+ pTemplate,
+ ulAttributeCount,
+ &error);
+
+ nssCKFWMechanism_Destroy(fwMechanism);
+ if (!fwObject) {
+ goto loser;
+ }
+ *phKey = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
+
+ if (CKR_OK == error) {
+ return CKR_OK;
+ }
+
+loser:
+ /* verify error */
+ switch (error) {
+ case CKR_ARGUMENTS_BAD:
+ case CKR_ATTRIBUTE_READ_ONLY:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_ATTRIBUTE_VALUE_INVALID:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_DEVICE_REMOVED:
+ case CKR_DOMAIN_PARAMS_INVALID:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_KEY_HANDLE_INVALID:
+ case CKR_KEY_SIZE_RANGE:
+ case CKR_KEY_TYPE_INCONSISTENT:
+ case CKR_MECHANISM_INVALID:
+ case CKR_MECHANISM_PARAM_INVALID:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_PIN_EXPIRED:
+ case CKR_SESSION_CLOSED:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_READ_ONLY:
+ case CKR_TEMPLATE_INCOMPLETE:
+ case CKR_TEMPLATE_INCONSISTENT:
+ case CKR_TOKEN_WRITE_PROTECTED:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+ return error;
+}
+
+/*
+ * NSSCKFWC_SeedRandom
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_SeedRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem seed;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pSeed) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /* We could read through the buffer in a Purify trap */
+
+ seed.size = (PRUint32)ulSeedLen;
+ seed.data = (void *)pSeed;
+
+ error = nssCKFWSession_SeedRandom(fwSession, &seed);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_RANDOM_SEED_NOT_SUPPORTED:
+ case CKR_RANDOM_NO_RNG:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GenerateRandom
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GenerateRandom(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pRandomData,
+ CK_ULONG ulRandomLen)
+{
+ CK_RV error = CKR_OK;
+ NSSCKFWSession *fwSession;
+ NSSItem buffer;
+
+ if (!fwInstance) {
+ error = CKR_CRYPTOKI_NOT_INITIALIZED;
+ goto loser;
+ }
+
+ fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
+ if (!fwSession) {
+ error = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ if ((CK_BYTE_PTR)CK_NULL_PTR == pRandomData) {
+ error = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ /*
+ * A purify error here indicates caller error.
+ */
+ (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
+
+ buffer.size = (PRUint32)ulRandomLen;
+ buffer.data = (void *)pRandomData;
+
+ error = nssCKFWSession_GetRandom(fwSession, &buffer);
+
+ if (CKR_OK != error) {
+ goto loser;
+ }
+
+ return CKR_OK;
+
+loser:
+ switch (error) {
+ case CKR_SESSION_CLOSED:
+ /* destroy session? */
+ break;
+ case CKR_DEVICE_REMOVED:
+ /* (void)nssCKFWToken_Destroy(fwToken); */
+ break;
+ case CKR_ARGUMENTS_BAD:
+ case CKR_CRYPTOKI_NOT_INITIALIZED:
+ case CKR_DEVICE_ERROR:
+ case CKR_DEVICE_MEMORY:
+ case CKR_FUNCTION_CANCELED:
+ case CKR_FUNCTION_FAILED:
+ case CKR_GENERAL_ERROR:
+ case CKR_HOST_MEMORY:
+ case CKR_OPERATION_ACTIVE:
+ case CKR_RANDOM_NO_RNG:
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_USER_NOT_LOGGED_IN:
+ break;
+ default:
+ case CKR_OK:
+ error = CKR_GENERAL_ERROR;
+ break;
+ }
+
+ return error;
+}
+
+/*
+ * NSSCKFWC_GetFunctionStatus
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_GetFunctionStatus(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ return CKR_FUNCTION_NOT_PARALLEL;
+}
+
+/*
+ * NSSCKFWC_CancelFunction
+ *
+ */
+NSS_IMPLEMENT CK_RV
+NSSCKFWC_CancelFunction(
+ NSSCKFWInstance *fwInstance,
+ CK_SESSION_HANDLE hSession)
+{
+ return CKR_FUNCTION_NOT_PARALLEL;
+}
diff --git a/security/nss/lib/crmf/Makefile b/security/nss/lib/crmf/Makefile
new file mode 100644
index 000000000..a774a9566
--- /dev/null
+++ b/security/nss/lib/crmf/Makefile
@@ -0,0 +1,49 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+export:: private_export
diff --git a/security/nss/lib/crmf/asn1cmn.c b/security/nss/lib/crmf/asn1cmn.c
new file mode 100644
index 000000000..6cf469fb4
--- /dev/null
+++ b/security/nss/lib/crmf/asn1cmn.c
@@ -0,0 +1,216 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
+
+static const SEC_ASN1Template CMMFCertResponseTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse) },
+ { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId) },
+ { SEC_ASN1_INLINE, offsetof(CMMFCertResponse, status),
+ CMMFPKIStatusInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER,
+ offsetof(CMMFCertResponse, certifiedKeyPair),
+ CMMFCertifiedKeyPairTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template CMMFCertOrEncCertTemplate[] = {
+ { SEC_ASN1_ANY, offsetof(CMMFCertOrEncCert, derValue), NULL,
+ sizeof(CMMFCertOrEncCert) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertifiedKeyPair) },
+ { SEC_ASN1_INLINE, offsetof(CMMFCertifiedKeyPair, certOrEncCert),
+ CMMFCertOrEncCertTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0,
+ offsetof(CMMFCertifiedKeyPair, privateKey),
+ CRMFEncryptedValueTemplate },
+ { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(CMMFCertifiedKeyPair, derPublicationInfo),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFPKIStatusInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFPKIStatusInfo) },
+ { SEC_ASN1_INTEGER, offsetof(CMMFPKIStatusInfo, status) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_UTF8_STRING,
+ offsetof(CMMFPKIStatusInfo, statusString) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
+ offsetof(CMMFPKIStatusInfo, failInfo) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFSequenceOfCertsTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0,
+ SEC_ASN1_SUB(SEC_SignedCertificateTemplate) }
+};
+
+const SEC_ASN1Template CMMFRandTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFRand) },
+ { SEC_ASN1_INTEGER, offsetof(CMMFRand, integer) },
+ { SEC_ASN1_OCTET_STRING, offsetof(CMMFRand, senderHash) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN,
+ offsetof(CMMFPOPODecKeyRespContent, responses),
+ SEC_ASN1_SUB(SEC_IntegerTemplate),
+ sizeof(CMMFPOPODecKeyRespContent) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ 0,
+ CRMFEncryptedValueTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ 0,
+ SEC_ASN1_SUB(SEC_SignedCertificateTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFCertRepContentTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertRepContent) },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
+ SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(CMMFCertRepContent, caPubs),
+ CMMFSequenceOfCertsTemplate },
+ { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFCertRepContent, response),
+ CMMFCertResponseTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template CMMFChallengeTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge) },
+ { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN,
+ offsetof(CMMFChallenge, owf),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, witness) },
+ { SEC_ASN1_ANY, offsetof(CMMFChallenge, senderDER) },
+ { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, key) },
+ { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, challenge) },
+ { 0 }
+};
+
+const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFPOPODecKeyChallContent, challenges),
+ CMMFChallengeTemplate, sizeof(CMMFPOPODecKeyChallContent) },
+ { 0 }
+};
+
+SECStatus
+cmmf_decode_process_cert_response(PLArenaPool *poolp,
+ CERTCertDBHandle *db,
+ CMMFCertResponse *inCertResp)
+{
+ SECStatus rv = SECSuccess;
+
+ if (inCertResp->certifiedKeyPair != NULL) {
+ rv = cmmf_decode_process_certified_key_pair(poolp,
+ db,
+ inCertResp->certifiedKeyPair);
+ }
+ return rv;
+}
+
+static CERTCertificate *
+cmmf_DecodeDERCertificate(CERTCertDBHandle *db, SECItem *derCert)
+{
+ CERTCertificate *newCert;
+
+ newCert = CERT_NewTempCertificate(db, derCert, NULL, PR_FALSE, PR_TRUE);
+ return newCert;
+}
+
+static CMMFCertOrEncCertChoice
+cmmf_get_certorenccertchoice_from_der(SECItem *der)
+{
+ CMMFCertOrEncCertChoice retChoice;
+
+ switch (der->data[0] & 0x0f) {
+ case 0:
+ retChoice = cmmfCertificate;
+ break;
+ case 1:
+ retChoice = cmmfEncryptedCert;
+ break;
+ default:
+ retChoice = cmmfNoCertOrEncCert;
+ break;
+ }
+ return retChoice;
+}
+
+static SECStatus
+cmmf_decode_process_certorenccert(PLArenaPool *poolp,
+ CERTCertDBHandle *db,
+ CMMFCertOrEncCert *inCertOrEncCert)
+{
+ SECStatus rv = SECSuccess;
+
+ inCertOrEncCert->choice =
+ cmmf_get_certorenccertchoice_from_der(&inCertOrEncCert->derValue);
+
+ switch (inCertOrEncCert->choice) {
+ case cmmfCertificate: {
+ /* The DER has implicit tagging, so we gotta switch it to
+ * un-tagged in order for the ASN1 parser to understand it.
+ * Saving the bits that were changed.
+ */
+ inCertOrEncCert->derValue.data[0] = 0x30;
+ inCertOrEncCert->cert.certificate =
+ cmmf_DecodeDERCertificate(db, &inCertOrEncCert->derValue);
+ if (inCertOrEncCert->cert.certificate == NULL) {
+ rv = SECFailure;
+ }
+
+ } break;
+ case cmmfEncryptedCert:
+ PORT_Assert(poolp);
+ if (!poolp) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+ inCertOrEncCert->cert.encryptedCert =
+ PORT_ArenaZNew(poolp, CRMFEncryptedValue);
+ if (inCertOrEncCert->cert.encryptedCert == NULL) {
+ rv = SECFailure;
+ break;
+ }
+ rv = SEC_ASN1Decode(poolp, inCertOrEncCert->cert.encryptedCert,
+ CMMFCertOrEncCertEncryptedCertTemplate,
+ (const char *)inCertOrEncCert->derValue.data,
+ inCertOrEncCert->derValue.len);
+ break;
+ default:
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+SECStatus
+cmmf_decode_process_certified_key_pair(PLArenaPool *poolp,
+ CERTCertDBHandle *db,
+ CMMFCertifiedKeyPair *inCertKeyPair)
+{
+ return cmmf_decode_process_certorenccert(poolp,
+ db,
+ &inCertKeyPair->certOrEncCert);
+}
diff --git a/security/nss/lib/crmf/challcli.c b/security/nss/lib/crmf/challcli.c
new file mode 100644
index 000000000..a92843894
--- /dev/null
+++ b/security/nss/lib/crmf/challcli.c
@@ -0,0 +1,238 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "secitem.h"
+#include "pk11func.h"
+#include "secder.h"
+#include "sechash.h"
+
+CMMFPOPODecKeyChallContent *
+CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len)
+{
+ PLArenaPool *poolp;
+ CMMFPOPODecKeyChallContent *challContent;
+ SECStatus rv;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
+ if (challContent == NULL) {
+ goto loser;
+ }
+ challContent->poolp = poolp;
+ rv = SEC_ASN1Decode(poolp, challContent,
+ CMMFPOPODecKeyChallContentTemplate, buf, len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (challContent->challenges) {
+ while (challContent->challenges[challContent->numChallenges] != NULL) {
+ challContent->numChallenges++;
+ }
+ challContent->numAllocated = challContent->numChallenges;
+ }
+ return challContent;
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+int
+CMMF_POPODecKeyChallContentGetNumChallenges(CMMFPOPODecKeyChallContent *inKeyChallCont)
+{
+ PORT_Assert(inKeyChallCont != NULL);
+ if (inKeyChallCont == NULL) {
+ return 0;
+ }
+ return inKeyChallCont->numChallenges;
+}
+
+SECItem *
+CMMF_POPODecKeyChallContentGetPublicValue(CMMFPOPODecKeyChallContent *inKeyChallCont,
+ int inIndex)
+{
+ PORT_Assert(inKeyChallCont != NULL);
+ if (inKeyChallCont == NULL || (inIndex > inKeyChallCont->numChallenges - 1) ||
+ inIndex < 0) {
+ return NULL;
+ }
+ return SECITEM_DupItem(&inKeyChallCont->challenges[inIndex]->key);
+}
+
+static SECAlgorithmID *
+cmmf_get_owf(CMMFPOPODecKeyChallContent *inChalCont,
+ int inIndex)
+{
+ int i;
+
+ for (i = inIndex; i >= 0; i--) {
+ if (inChalCont->challenges[i]->owf != NULL) {
+ return inChalCont->challenges[i]->owf;
+ }
+ }
+ return NULL;
+}
+
+SECStatus
+CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
+ int inIndex,
+ SECKEYPrivateKey *inPrivKey)
+{
+ CMMFChallenge *challenge;
+ SECItem *decryptedRand = NULL;
+ PLArenaPool *poolp = NULL;
+ SECAlgorithmID *owf;
+ SECStatus rv = SECFailure;
+ SECOidTag tag;
+ CMMFRand randStr;
+ SECItem hashItem;
+ unsigned char hash[HASH_LENGTH_MAX];
+
+ PORT_Assert(inChalCont != NULL && inPrivKey != NULL);
+ if (inChalCont == NULL || inIndex < 0 || inIndex > inChalCont->numChallenges ||
+ inPrivKey == NULL) {
+ return SECFailure;
+ }
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ goto loser;
+ }
+
+ challenge = inChalCont->challenges[inIndex];
+ decryptedRand = SECITEM_AllocItem(poolp, NULL, challenge->challenge.len);
+ if (decryptedRand == NULL) {
+ goto loser;
+ }
+ rv = PK11_PrivDecryptPKCS1(inPrivKey, decryptedRand->data,
+ &decryptedRand->len, decryptedRand->len,
+ challenge->challenge.data, challenge->challenge.len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SEC_ASN1DecodeItem(poolp, &randStr, CMMFRandTemplate,
+ decryptedRand);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECFailure; /* Just so that when we do go to loser,
+ * I won't have to set it again.
+ */
+ owf = cmmf_get_owf(inChalCont, inIndex);
+ if (owf == NULL) {
+ /* No hashing algorithm came with the challenges. Can't verify */
+ goto loser;
+ }
+ /* Verify the hashes in the challenge */
+ tag = SECOID_FindOIDTag(&owf->algorithm);
+ hashItem.len = HASH_ResultLenByOidTag(tag);
+ if (!hashItem.len)
+ goto loser; /* error code has been set */
+
+ rv = PK11_HashBuf(tag, hash, randStr.integer.data, randStr.integer.len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ hashItem.data = hash;
+ if (SECITEM_CompareItem(&hashItem, &challenge->witness) != SECEqual) {
+ /* The hash for the data we decrypted doesn't match the hash provided
+ * in the challenge. Bail out.
+ */
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ rv = SECFailure;
+ goto loser;
+ }
+ rv = PK11_HashBuf(tag, hash, challenge->senderDER.data,
+ challenge->senderDER.len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (SECITEM_CompareItem(&hashItem, &randStr.senderHash) != SECEqual) {
+ /* The hash for the data we decrypted doesn't match the hash provided
+ * in the challenge. Bail out.
+ */
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ rv = SECFailure;
+ goto loser;
+ }
+ /* All of the hashes have verified, so we can now store the integer away.*/
+ rv = SECITEM_CopyItem(inChalCont->poolp, &challenge->randomNumber,
+ &randStr.integer);
+loser:
+ if (poolp) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return rv;
+}
+
+SECStatus
+CMMF_POPODecKeyChallContentGetRandomNumber(CMMFPOPODecKeyChallContent *inKeyChallCont,
+ int inIndex,
+ long *inDest)
+{
+ CMMFChallenge *challenge;
+
+ PORT_Assert(inKeyChallCont != NULL);
+ if (inKeyChallCont == NULL || inIndex > 0 || inIndex >= inKeyChallCont->numChallenges) {
+ return SECFailure;
+ }
+ challenge = inKeyChallCont->challenges[inIndex];
+ if (challenge->randomNumber.data == NULL) {
+ /* There is no random number here, nothing to see. */
+ return SECFailure;
+ }
+ *inDest = DER_GetInteger(&challenge->randomNumber);
+ return (*inDest == -1) ? SECFailure : SECSuccess;
+}
+
+SECStatus
+CMMF_EncodePOPODecKeyRespContent(long *inDecodedRand,
+ int inNumRand,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg)
+{
+ PLArenaPool *poolp;
+ CMMFPOPODecKeyRespContent *response;
+ SECItem *currItem;
+ SECStatus rv = SECFailure;
+ int i;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return SECFailure;
+ }
+ response = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
+ if (response == NULL) {
+ goto loser;
+ }
+ response->responses = PORT_ArenaZNewArray(poolp, SECItem *, inNumRand + 1);
+ if (response->responses == NULL) {
+ goto loser;
+ }
+ for (i = 0; i < inNumRand; i++) {
+ currItem = response->responses[i] = PORT_ArenaZNew(poolp, SECItem);
+ if (currItem == NULL) {
+ goto loser;
+ }
+ currItem = SEC_ASN1EncodeInteger(poolp, currItem, inDecodedRand[i]);
+ if (currItem == NULL) {
+ goto loser;
+ }
+ }
+ rv = cmmf_user_encode(response, inCallback, inArg,
+ CMMFPOPODecKeyRespContentTemplate);
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return rv;
+}
diff --git a/security/nss/lib/crmf/cmmf.h b/security/nss/lib/crmf/cmmf.h
new file mode 100644
index 000000000..1e39a8d2d
--- /dev/null
+++ b/security/nss/lib/crmf/cmmf.h
@@ -0,0 +1,1082 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CMMF_H_
+#define _CMMF_H_
+/*
+ * These are the functions exported by the security library for
+ * implementing Certificate Management Message Formats (CMMF).
+ *
+ * This API is designed against July 1998 CMMF draft. Please read this
+ * draft before trying to use this API in an application that use CMMF.
+ */
+#include "seccomon.h"
+#include "cmmft.h"
+#include "crmf.h"
+
+SEC_BEGIN_PROTOS
+
+/******************* Creation Functions *************************/
+
+/*
+ * FUNCTION: CMMF_CreateCertRepContent
+ * INPUTS:
+ * NONE
+ * NOTES:
+ * This function will create an empty CMMFCertRepContent Structure.
+ * The client of the library must set the CMMFCertResponses.
+ * Call CMMF_CertRepContentSetCertResponse to accomplish this task.
+ * If the client of the library also wants to include the chain of
+ * CA certs required to make the certificates in CMMFCertResponse valid,
+ * then the user must also set the caPubs field of CMMFCertRepContent.
+ * Call CMMF_CertRepContentSetCAPubs to accomplish this. After setting
+ * the desired fields, the user can then call CMMF_EncodeCertRepContent
+ * to DER-encode the CertRepContent.
+ * RETURN:
+ * A pointer to the CMMFCertRepContent. A NULL return value indicates
+ * an error in allocating memory or failure to initialize the structure.
+ */
+extern CMMFCertRepContent *CMMF_CreateCertRepContent(void);
+
+/*
+ * FUNCTION: CMMF_CreateCertRepContentFromDER
+ * INPUTS
+ * db
+ * The certificate database where the certificates will be placed.
+ * The certificates will be placed in the temporary database associated
+ * with the handle.
+ * buf
+ * A buffer to the DER-encoded CMMFCertRepContent
+ * len
+ * The length in bytes of the buffer 'buf'
+ * NOTES:
+ * This function passes the buffer to the ASN1 decoder and creates a
+ * CMMFCertRepContent structure. The user must call
+ * CMMF_DestroyCertRepContent after the return value is no longer needed.
+ *
+ * RETURN:
+ * A pointer to the CMMFCertRepContent structure. A NULL return
+ * value indicates the library was unable to parse the DER.
+ */
+extern CMMFCertRepContent *
+CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db,
+ const char *buf,
+ long len);
+
+/*
+ * FUNCTION: CMMF_CreateCertResponse
+ * INPUTS:
+ * inCertReqId
+ * The Certificate Request Id this response is for.
+ * NOTES:
+ * This creates a CMMFCertResponse. This response should correspond
+ * to a request that was received via CRMF. From the CRMF message you
+ * can get the Request Id to pass in as inCertReqId, in essence binding
+ * a CMRFCertRequest message to the CMMFCertResponse created by this
+ * function. If no requuest id is associated with the response to create
+ * then the user should pass in -1 for 'inCertReqId'.
+ *
+ * RETURN:
+ * A pointer to the new CMMFCertResponse corresponding to the request id
+ * passed in. A NULL return value indicates an error while trying to
+ * create the CMMFCertResponse.
+ */
+extern CMMFCertResponse *CMMF_CreateCertResponse(long inCertReqId);
+
+/*
+ * FUNCTION: CMMF_CreateKeyRecRepContent
+ * INPUTS:
+ * NONE
+ * NOTES:
+ * This function creates a new empty CMMFKeyRecRepContent structure.
+ * At the very minimum, the user must call
+ * CMMF_KeyRecRepContentSetPKIStatusInfoStatus field to have an
+ * encodable structure. Depending on what the response is, the user may
+ * have to set other fields as well to properly build up the structure so
+ * that it can be encoded. Refer to the CMMF draft for how to properly
+ * set up a CMMFKeyRecRepContent. This is the structure that an RA returns
+ * to an end entity when doing key recovery.
+
+ * The user must call CMMF_DestroyKeyRecRepContent when the return value
+ * is no longer needed.
+ * RETURN:
+ * A pointer to the empty CMMFKeyRecRepContent. A return value of NULL
+ * indicates an error in allocating memory or initializing the structure.
+ */
+extern CMMFKeyRecRepContent *CMMF_CreateKeyRecRepContent(void);
+
+/*
+ * FUNCTION: CMMF_CreateKeyRecRepContentFromDER
+ * INPUTS:
+ * db
+ * The handle for the certificate database where the decoded
+ * certificates will be placed. The decoded certificates will
+ * be placed in the temporary database associated with the
+ * handle.
+ * buf
+ * A buffer contatining the DER-encoded CMMFKeyRecRepContent
+ * len
+ * The length in bytes of the buffer 'buf'
+ * NOTES
+ * This function passes the buffer to the ASN1 decoder and creates a
+ * CMMFKeyRecRepContent structure.
+ *
+ * RETURN:
+ * A pointer to the CMMFKeyRecRepContent structure. A NULL return
+ * value indicates the library was unable to parse the DER.
+ */
+extern CMMFKeyRecRepContent *
+CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db,
+ const char *buf,
+ long len);
+
+/*
+ * FUNCTION: CMMF_CreatePOPODecKeyChallContent
+ * INPUTS:
+ * NONE
+ * NOTES:
+ * This function creates an empty CMMFPOPODecKeyChallContent. The user
+ * must add the challenges individually specifying the random number to
+ * be used and the public key to be used when creating each individual
+ * challenge. User can accomplish this by calling the function
+ * CMMF_POPODecKeyChallContentSetNextChallenge.
+ * RETURN:
+ * A pointer to a CMMFPOPODecKeyChallContent structure. Ther user can
+ * then call CMMF_EncodePOPODecKeyChallContent passing in the return
+ * value from this function after setting all of the challenges. A
+ * return value of NULL indicates an error while creating the
+ * CMMFPOPODecKeyChallContent structure.
+ */
+extern CMMFPOPODecKeyChallContent *
+CMMF_CreatePOPODecKeyChallContent(void);
+
+/*
+ * FUNCTION: CMMF_CreatePOPODecKeyChallContentFromDER
+ * INPUTS
+ * buf
+ * A buffer containing the DER-encoded CMMFPOPODecKeyChallContent
+ * len
+ * The length in bytes of the buffer 'buf'
+ * NOTES:
+ * This function passes the buffer to the ASN1 decoder and creates a
+ * CMMFPOPODecKeyChallContent structure.
+ *
+ * RETURN:
+ * A pointer to the CMMFPOPODecKeyChallContent structure. A NULL return
+ * value indicates the library was unable to parse the DER.
+ */
+extern CMMFPOPODecKeyChallContent *
+CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len);
+
+/*
+ * FUNCTION: CMMF_CreatePOPODecKeyRespContentFromDER
+ * INPUTS:
+ * buf
+ * A buffer contatining the DER-encoded CMMFPOPODecKeyRespContent
+ * len
+ * The length in bytes of the buffer 'buf'
+ * NOTES
+ * This function passes the buffer to the ASN1 decoder and creates a
+ * CMMFPOPODecKeyRespContent structure.
+ *
+ * RETURN:
+ * A pointer to the CMMFPOPODecKeyRespContent structure. A NULL return
+ * value indicates the library was unable to parse the DER.
+ */
+extern CMMFPOPODecKeyRespContent *
+CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len);
+
+/************************** Set Functions *************************/
+
+/*
+ * FUNCTION: CMMF_CertRepContentSetCertResponses
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to operate on.
+ * inCertResponses
+ * An array of pointers to CMMFCertResponse structures to
+ * add to the CMMFCertRepContent structure.
+ * inNumResponses
+ * The length of the array 'inCertResponses'
+ * NOTES:
+ * This function will add the CMMFCertResponse structure to the
+ * CMMFCertRepContent passed in. The CMMFCertResponse field of
+ * CMMFCertRepContent is required, so the client must call this function
+ * before calling CMMF_EncodeCertRepContent. If the user calls
+ * CMMF_EncodeCertRepContent before calling this function,
+ * CMMF_EncodeCertRepContent will fail.
+ *
+ * RETURN:
+ * SECSuccess if adding the CMMFCertResponses to the CMMFCertRepContent
+ * structure was successful. Any other return value indicates an error
+ * while trying to add the CMMFCertResponses.
+ */
+extern SECStatus
+CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
+ CMMFCertResponse **inCertResponses,
+ int inNumResponses);
+
+/*
+ * FUNCTION: CMMF_CertRepContentSetCAPubs
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to operate on.
+ * inCAPubs
+ * The certificate list which makes up the chain of CA certificates
+ * required to make the issued cert valid.
+ * NOTES:
+ * This function will set the the certificates in the CA chain as part
+ * of the CMMFCertRepContent. This field is an optional member of the
+ * CMMFCertRepContent structure, so the client is not required to call
+ * this function before calling CMMF_EncodeCertRepContent.
+ *
+ * RETURN:
+ * SECSuccess if adding the 'inCAPubs' to the CERTRepContent was successful.
+ * Any other return value indicates an error while adding 'inCAPubs' to the
+ * CMMFCertRepContent structure.
+ *
+ */
+extern SECStatus
+CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
+ CERTCertList *inCAPubs);
+
+/*
+ * FUNCTION: CMMF_CertResponseSetPKIStatusInfoStatus
+ * INPUTS:
+ * inCertResp
+ * The CMMFCertResponse to operate on.
+ * inPKIStatus
+ * The value to set for the PKIStatusInfo.status field.
+ * NOTES:
+ * This function will set the CertResponse.status.status field of
+ * the CMMFCertResponse structure. (View the definition of CertResponse
+ * in the CMMF draft to see exactly which value this talks about.) This
+ * field is a required member of the structure, so the user must call this
+ * function in order to have a CMMFCertResponse that can be encoded.
+ *
+ * RETURN:
+ * SECSuccess if setting the field with the passed in value was successful.
+ * Any other return value indicates an error while trying to set the field.
+ */
+extern SECStatus
+CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
+ CMMFPKIStatus inPKIStatus);
+
+/*
+ * FUNCTION: CMMF_CertResponseSetCertificate
+ * INPUTS:
+ * inCertResp
+ * The CMMFCertResponse to operate on.
+ * inCertificate
+ * The certificate to add to the
+ * CertResponse.CertifiedKeyPair.certOrEncCert.certificate field.
+ * NOTES:
+ * This function will take the certificate and make it a member of the
+ * CMMFCertResponse. The certificate should be the actual certificate
+ * being issued via the response.
+ *
+ * RETURN:
+ * SECSuccess if adding the certificate to the response was successful.
+ * Any other return value indicates an error in adding the certificate to
+ * the CertResponse.
+ */
+extern SECStatus
+CMMF_CertResponseSetCertificate(CMMFCertResponse *inCertResp,
+ CERTCertificate *inCertificate);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentSetPKIStatusInfoStatus
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * inPKIStatus
+ * The value to set the PKIStatusInfo.status field to.
+ * NOTES:
+ * This function sets the only required field for the KeyRecRepContent.
+ * In most cases, the user will set this field and other fields of the
+ * structure to properly create the CMMFKeyRecRepContent structure.
+ * Refer to the CMMF draft to see which fields need to be set in order
+ * to create the desired CMMFKeyRecRepContent.
+ *
+ * RETURN:
+ * SECSuccess if setting the PKIStatusInfo.status field was successful.
+ * Any other return value indicates an error in setting the field.
+ */
+extern SECStatus
+CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
+ CMMFPKIStatus inPKIStatus);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentSetNewSignCert
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * inNewSignCert
+ * The new signing cert to add to the CMMFKeyRecRepContent structure.
+ * NOTES:
+ * This function sets the new signeing cert in the CMMFKeyRecRepContent
+ * structure.
+ *
+ * RETURN:
+ * SECSuccess if setting the new signing cert was successful. Any other
+ * return value indicates an error occurred while trying to add the
+ * new signing certificate.
+ */
+extern SECStatus
+CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
+ CERTCertificate *inNewSignCert);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentSetCACerts
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * inCACerts
+ * The list of CA certificates required to construct a valid
+ * certificate chain with the certificates that will be returned
+ * to the end user via this KeyRecRepContent.
+ * NOTES:
+ * This function sets the caCerts that are required to form a chain with the
+ * end entity certificates that are being re-issued in this
+ * CMMFKeyRecRepContent structure.
+ *
+ * RETURN:
+ * SECSuccess if adding the caCerts was successful. Any other return value
+ * indicates an error while tring to add the caCerts.
+ */
+extern SECStatus
+CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
+ CERTCertList *inCACerts);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentSetCertifiedKeyPair
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * inCert
+ * The certificate to add to the CMMFKeyRecRepContent structure.
+ * inPrivKey
+ * The private key associated with the certificate above passed in.
+ * inPubKey
+ * The public key to use for wrapping the private key.
+ * NOTES:
+ * This function adds another certificate-key pair to the
+ * CMMFKeyRecRepcontent structure. There may be more than one
+ * certificate-key pair in the structure, so the user must call this
+ * function multiple times to add more than one cert-key pair.
+ *
+ * RETURN:
+ * SECSuccess if adding the certified key pair was successful. Any other
+ * return value indicates an error in adding certified key pair to
+ * CMMFKeyRecRepContent structure.
+ */
+extern SECStatus
+CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
+ CERTCertificate *inCert,
+ SECKEYPrivateKey *inPrivKey,
+ SECKEYPublicKey *inPubKey);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
+ * INPUTS:
+ * inDecKeyChall
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * inRandom
+ * The random number to use when generating the challenge,
+ * inSender
+ * The GeneralName representation of the sender of the challenge.
+ * inPubKey
+ * The public key to use when encrypting the challenge.
+ * passwdArg
+ * This value will be passed to the function used for getting a
+ * password. The password for getting a password should be registered
+ * by calling PK11_SetPasswordFunc before this function is called.
+ * If no password callback is registered and the library needs to
+ * authenticate to the slot for any reason, this function will fail.
+ * NOTES:
+ * This function adds a challenge to the end of the list of challenges
+ * contained by 'inDecKeyChall'. Refer to the CMMF draft on how the
+ * the random number passed in and the sender's GeneralName are used
+ * to generate the challenge and witness fields of the challenge. This
+ * library will use SHA1 as the one-way function for generating the
+ * witess field of the challenge.
+ *
+ * RETURN:
+ * SECSuccess if generating the challenge and adding to the end of list
+ * of challenges was successful. Any other return value indicates an error
+ * while trying to generate the challenge.
+ */
+extern SECStatus
+CMMF_POPODecKeyChallContentSetNextChallenge(CMMFPOPODecKeyChallContent *inDecKeyChall,
+ long inRandom,
+ CERTGeneralName *inSender,
+ SECKEYPublicKey *inPubKey,
+ void *passwdArg);
+
+/************************** Encoding Functions *************************/
+
+/*
+ * FUNCTION: CMMF_EncodeCertRepContent
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to DER-encode.
+ * inCallback
+ * A callback function that the ASN1 encoder will call whenever it
+ * wants to write out DER-encoded bytes. Look at the defintion of
+ * CRMFEncoderOutputCallback in crmft.h for a description of the
+ * parameters to the function.
+ * inArg
+ * An opaque pointer to a user-supplied argument that will be passed
+ * to the callback funtion whenever the function is called.
+ * NOTES:
+ * The CMMF library will use the same DER-encoding scheme as the CRMF
+ * library. In other words, when reading CRMF comments that pertain to
+ * encoding, those comments apply to the CMMF libray as well.
+ * The callback function will be called multiple times, each time supplying
+ * the next chunk of DER-encoded bytes. The user must concatenate the
+ * output of each successive call to the callback in order to get the
+ * entire DER-encoded CMMFCertRepContent structure.
+ *
+ * RETURN:
+ * SECSuccess if encoding the CMMFCertRepContent was successful. Any
+ * other return value indicates an error while decoding the structure.
+ */
+extern SECStatus
+CMMF_EncodeCertRepContent(CMMFCertRepContent *inCertRepContent,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg);
+
+/*
+ * FUNCTION: CMMF_EncodeKeyRecRepContent
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRepContent to DER-encode.
+ * inCallback
+ * A callback function that the ASN1 encoder will call whenever it
+ * wants to write out DER-encoded bytes. Look at the defintion of
+ * CRMFEncoderOutputCallback in crmft.h for a description of the
+ * parameters to the function.
+ * inArg
+ * An opaque pointer to a user-supplied argument that will be passed
+ * to the callback funtion whenever the function is called.
+ * NOTES:
+ * The CMMF library will use the same DER-encoding scheme as the CRMF
+ * library. In other words, when reading CRMF comments that pertain to
+ * encoding, those comments apply to the CMMF libray as well.
+ * The callback function will be called multiple times, each time supplying
+ * the next chunk of DER-encoded bytes. The user must concatenate the
+ * output of each successive call to the callback in order to get the
+ * entire DER-encoded CMMFCertRepContent structure.
+ *
+ * RETURN:
+ * SECSuccess if encoding the CMMFKeyRecRepContent was successful. Any
+ * other return value indicates an error while decoding the structure.
+ */
+extern SECStatus
+CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg);
+
+/*
+ * FUNCTION: CMMF_EncodePOPODecKeyChallContent
+ * INPUTS:
+ * inDecKeyChall
+ * The CMMFDecKeyChallContent to operate on.
+ * inCallback
+ * A callback function that the ASN1 encoder will call whenever it
+ * wants to write out DER-encoded bytes. Look at the defintion of
+ * CRMFEncoderOutputCallback in crmft.h for a description of the
+ * parameters to the function.
+ * inArg
+ * An opaque pointer to a user-supplied argument that will be passed
+ * to the callback function whenever the function is called.
+ * NOTES:
+ * The CMMF library will use the same DER-encoding scheme as the CRMF
+ * library. In other words, when reading CRMF comments that pertain to
+ * encoding, those comments apply to the CMMF libray as well.
+ * The callback function will be called multiple times, each time supplying
+ * the next chunk of DER-encoded bytes. The user must concatenate the
+ * output of each successive call to the callback in order to get the
+ * entire DER-encoded CMMFCertRepContent structure.
+ * The DER will be an encoding of the type POPODecKeyChallContents, which
+ * is just a sequence of challenges.
+ *
+ * RETURN:
+ * SECSuccess if encoding was successful. Any other return value indicates
+ * an error in trying to encode the Challenges.
+ */
+extern SECStatus
+CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg);
+
+/*
+ * FUNCTION: CMMF_EncodePOPODecKeyRespContent
+ * INPUTS:
+ * inDecodedRand
+ * An array of integers to encode as the responses to
+ * CMMFPOPODecKeyChallContent. The integers must be in the same order
+ * as the challenges extracted from CMMFPOPODecKeyChallContent.
+ * inNumRand
+ * The number of random integers contained in the array 'inDecodedRand'
+ * inCallback
+ * A callback function that the ASN1 encoder will call whenever it
+ * wants to write out DER-encoded bytes. Look at the defintion of
+ * CRMFEncoderOutputCallback in crmft.h for a description of the
+ * parameters to the function.
+ * inArg
+ * An opaque pointer to a user-supplied argument that will be passed
+ * to the callback funtion whenever the function is called.
+ * NOTES:
+ * The CMMF library will use the same DER-encoding scheme as the CRMF
+ * library. In other words, when reading CRMF comments that pertain to
+ * encoding, those comments apply to the CMMF libray as well.
+ * The callback function will be called multiple times, each time supplying
+ * the next chunk of DER-encoded bytes. The user must concatenate the
+ * output of each successive call to the callback in order to get the
+ * entire DER-encoded POPODecKeyRespContent.
+ *
+ * RETURN:
+ * SECSuccess if encoding was successful. Any other return value indicates
+ * an error in trying to encode the Challenges.
+ */
+extern SECStatus
+CMMF_EncodePOPODecKeyRespContent(long *inDecodedRand,
+ int inNumRand,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg);
+
+/*************** Accessor function ***********************************/
+
+/*
+ * FUNCTION: CMMF_CertRepContentGetCAPubs
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to extract the caPubs from.
+ * NOTES:
+ * This function will return a copy of the list of certificates that
+ * make up the chain of CA's required to make the cert issued valid.
+ * The user must call CERT_DestroyCertList on the return value when
+ * done using the return value.
+ *
+ * Only call this function on a CertRepContent that has been decoded.
+ * The client must call CERT_DestroyCertList when the certificate list
+ * is no longer needed.
+ *
+ * The certs in the list will not be in the temporary database. In order
+ * to make these certificates a part of the permanent CA internal database,
+ * the user must collect the der for all of these certs and call
+ * CERT_ImportCAChain. Afterwards the certs will be part of the permanent
+ * database.
+ *
+ * RETURN:
+ * A pointer to the CERTCertList representing the CA chain associated
+ * with the issued cert. A NULL return value indicates that no CA Pubs
+ * were available in the CMMFCertRepContent structure.
+ */
+extern CERTCertList *
+CMMF_CertRepContentGetCAPubs(CMMFCertRepContent *inCertRepContent);
+
+/*
+ * FUNCTION: CMMF_CertRepContentGetNumResponses
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to operate on.
+ * NOTES:
+ * This function will return the number of CertResponses that are contained
+ * by the CMMFCertRepContent passed in.
+ *
+ * RETURN:
+ * The number of CMMFCertResponses contained in the structure passed in.
+ */
+extern int
+CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent);
+
+/*
+ * FUNCTION: CMMF_CertRepContentGetResponseAtIndex
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to operate on.
+ * inIndex
+ * The index of the CMMFCertResponse the user wants a copy of.
+ * NOTES:
+ * This function creates a copy of the CMMFCertResponse at the index
+ * corresponding to the parameter 'inIndex'. Indexing is done like a
+ * traditional C array, ie the valid indexes are (0...numResponses-1).
+ * The user must call CMMF_DestroyCertResponse after the return value is
+ * no longer needed.
+ *
+ * RETURN:
+ * A pointer to the CMMFCertResponse at the index corresponding to
+ * 'inIndex'. A return value of NULL indicates an error in copying
+ * the CMMFCertResponse.
+ */
+extern CMMFCertResponse *
+CMMF_CertRepContentGetResponseAtIndex(CMMFCertRepContent *inCertRepContent,
+ int inIndex);
+
+/*
+ * FUNCTION: CMMF_CertResponseGetCertReqId
+ * INPUTS:
+ * inCertResp
+ * The CMMFCertResponse to operate on.
+ * NOTES:
+ * This function returns the CertResponse.certReqId from the
+ * CMMFCertResponse structure passed in. If the return value is -1, that
+ * means there is no associated certificate request with the CertResponse.
+ * RETURN:
+ * A long representing the id of the certificate request this
+ * CMMFCertResponse corresponds to. A return value of -1 indicates an
+ * error in extracting the value of the integer.
+ */
+extern long CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp);
+
+/*
+ * FUNCTION: CMMF_CertResponseGetPKIStatusInfoStatus
+ * INPUTS:
+ * inCertResp
+ * The CMMFCertResponse to operate on.
+ * NOTES:
+ * This function returns the CertResponse.status.status field of the
+ * CMMFCertResponse structure.
+ *
+ * RETURN:
+ * The enumerated value corresponding to the PKIStatus defined in the CMMF
+ * draft. See the CMMF draft for the definition of PKIStatus. See crmft.h
+ * for the definition of CMMFPKIStatus.
+ */
+extern CMMFPKIStatus
+CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp);
+
+/*
+ * FUNCTION: CMMF_CertResponseGetCertificate
+ * INPUTS:
+ * inCertResp
+ * The Certificate Response to operate on.
+ * inCertdb
+ * This is the certificate database where the function will place the
+ * newly issued certificate.
+ * NOTES:
+ * This function retrieves the CertResponse.certifiedKeyPair.certificate
+ * from the CMMFCertResponse. The user will get a copy of that certificate
+ * so the user must call CERT_DestroyCertificate when the return value is
+ * no longer needed. The certificate returned will be in the temporary
+ * certificate database.
+ *
+ * RETURN:
+ * A pointer to a copy of the certificate contained within the
+ * CMMFCertResponse. A return value of NULL indicates an error while trying
+ * to make a copy of the certificate.
+ */
+extern CERTCertificate *
+CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
+ CERTCertDBHandle *inCertdb);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentGetPKIStatusInfoStatus
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent structure to operate on.
+ * NOTES:
+ * This function retrieves the KeyRecRepContent.status.status field of
+ * the CMMFKeyRecRepContent structure.
+ * RETURN:
+ * The CMMFPKIStatus corresponding to the value held in the
+ * CMMFKeyRecRepContent structure.
+ */
+extern CMMFPKIStatus
+CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentGetNewSignCert
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * NOTES:
+ * This function retrieves the KeyRecRepContent.newSignCert field of the
+ * CMMFKeyRecRepContent structure. The user must call
+ * CERT_DestroyCertificate when the return value is no longer needed. The
+ * returned certificate will be in the temporary database. The user
+ * must then place the certificate permanently in whatever token the
+ * user determines is the proper destination. A return value of NULL
+ * indicates the newSigCert field was not present.
+ */
+extern CERTCertificate *
+CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentGetCACerts
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * NOTES:
+ * This function returns a CERTCertList which contains all of the
+ * certficates that are in the sequence KeyRecRepContent.caCerts
+ * User must call CERT_DestroyCertList when the return value is no longer
+ * needed. All of these certificates will be placed in the tempoaray
+ * database.
+ *
+ * RETURN:
+ * A pointer to the list of caCerts contained in the CMMFKeyRecRepContent
+ * structure. A return value of NULL indicates the library was not able to
+ * make a copy of the certifcates. This may be because there are no caCerts
+ * included in the CMMFKeyRecRepContent strucure or an internal error. Call
+ * CMMF_KeyRecRepContentHasCACerts to find out if there are any caCerts
+ * included in 'inKeyRecRep'.
+ */
+extern CERTCertList *
+CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentGetNumKeyPairs
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to operate on.
+ * RETURN:
+ * This function returns the number of CMMFCertifiedKeyPair structures that
+ * that are stored in the KeyRecRepContent structure.
+ */
+extern int
+CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentGetCertKeyAtIndex
+ * INPUTS:
+ * inKeyRecRepContent
+ * The CMMFKeyRecRepContent to operate on.
+ * inIndex
+ * The index of the desired CMMFCertifiedKeyPair
+ * NOTES:
+ * This function retrieves the CMMFCertifiedKeyPair structure at the index
+ * 'inIndex'. Valid indexes are 0...(numKeyPairs-1) The user must call
+ * CMMF_DestroyCertifiedKeyPair when the return value is no longer needed.
+ *
+ * RETURN:
+ * A pointer to the Certified Key Pair at the desired index. A return value
+ * of NULL indicates an error in extracting the Certified Key Pair at the
+ * desired index.
+ */
+extern CMMFCertifiedKeyPair *
+CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
+ int inIndex);
+
+/*
+ * FUNCTION: CMMF_CertifiedKeyPairGetCertificate
+ * INPUTS:
+ * inCertKeyPair
+ * The CMMFCertifiedKeyPair to operate on.
+ * inCertdb
+ * The database handle for the database you want this certificate
+ * to wind up in.
+ * NOTES:
+ * This function retrieves the certificate at
+ * CertifiedKeyPair.certOrEncCert.certificate
+ * The user must call CERT_DestroyCertificate when the return value is no
+ * longer needed. The user must import this certificate as a token object
+ * onto PKCS#11 slot in order to make it a permanent object. The returned
+ * certificate will be in the temporary database.
+ *
+ * RETURN:
+ * A pointer to the certificate contained within the certified key pair.
+ * A return value of NULL indicates an error in creating the copy of the
+ * certificate.
+ */
+extern CERTCertificate *
+CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
+ CERTCertDBHandle *inCertdb);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
+ * INPUTS:
+ * inKeyChallCont
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * RETURN:
+ * This function returns the number of CMMFChallenges are contained in
+ * the CMMFPOPODecKeyChallContent structure.
+ */
+extern int CMMF_POPODecKeyChallContentGetNumChallenges(CMMFPOPODecKeyChallContent *inKeyChallCont);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContentGetPublicValue
+ * ---------------------------------------------------
+ * INPUTS:
+ * inKeyChallCont
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * inIndex
+ * The index of the Challenge within inKeyChallCont to operate on.
+ * Indexes start from 0, ie the Nth Challenge corresponds to index
+ * N-1.
+ * NOTES:
+ * This function retrieves the public value stored away in the Challenge at
+ * index inIndex of inKeyChallCont.
+ * RETURN:
+ * A pointer to a SECItem containing the public value. User must call
+ * SECITEM_FreeItem on the return value when the value is no longer necessary.
+ * A return value of NULL indicates an error while retrieving the public value.
+ */
+extern SECItem *CMMF_POPODecKeyChallContentGetPublicValue(CMMFPOPODecKeyChallContent *inKeyChallCont,
+ int inIndex);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContentGetRandomNumber
+ * INPUTS:
+ * inChallContent
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * inIndex
+ * The index of the challenge to look at. Valid indexes are 0 through
+ * (CMMF_POPODecKeyChallContentGetNumChallenges(inChallContent) - 1).
+ * inDest
+ * A pointer to a user supplied buffer where the library
+ * can place a copy of the random integer contatained in the
+ * challenge.
+ * NOTES:
+ * This function returns the value held in the decrypted Rand structure
+ * corresponding to the random integer. The user must call
+ * CMMF_POPODecKeyChallContentDecryptChallenge before calling this function. Call
+ * CMMF_ChallengeIsDecrypted to find out if the challenge has been
+ * decrypted.
+ *
+ * RETURN:
+ * SECSuccess indicates the witness field has been previously decrypted
+ * and the value for the random integer was successfully placed at *inDest.
+ * Any other return value indicates an error and that the value at *inDest
+ * is not a valid value.
+ */
+extern SECStatus CMMF_POPODecKeyChallContentGetRandomNumber(CMMFPOPODecKeyChallContent *inKeyChallCont,
+ int inIndex,
+ long *inDest);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyRespContentGetNumResponses
+ * INPUTS:
+ * inRespCont
+ * The POPODecKeyRespContent to operate on.
+ * RETURN:
+ * This function returns the number of responses contained in inRespContent.
+ */
+extern int
+CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyRespContentGetResponse
+ * INPUTS:
+ * inRespCont
+ * The POPODecKeyRespContent to operate on.
+ * inIndex
+ * The index of the response to retrieve.
+ * The Nth response is at index N-1, ie the 1st response is at index 0,
+ * the 2nd response is at index 1, and so on.
+ * inDest
+ * A pointer to a pre-allocated buffer where the library can put the
+ * value of the response located at inIndex.
+ * NOTES:
+ * The function returns the response contained at index inIndex.
+ * CMMFPOPODecKeyRespContent is a structure that the server will generally
+ * get in response to a CMMFPOPODecKeyChallContent. The server will expect
+ * to see the responses in the same order as it constructed them in
+ * the CMMFPOPODecKeyChallContent structure.
+ * RETURN:
+ * SECSuccess if getting the response at the desired index was successful. Any
+ * other return value indicates an errror.
+ */
+extern SECStatus
+CMMF_POPODecKeyRespContentGetResponse(CMMFPOPODecKeyRespContent *inRespCont,
+ int inIndex,
+ long *inDest);
+
+/************************* Destructor Functions ******************************/
+
+/*
+ * FUNCTION: CMMF_DestroyCertResponse
+ * INPUTS:
+ * inCertResp
+ * The CMMFCertResponse to destroy.
+ * NOTES:
+ * This function frees all the memory associated with the CMMFCertResponse
+ * passed in.
+ * RETURN:
+ * SECSuccess if freeing the memory was successful. Any other return value
+ * indicates an error while freeing the memory.
+ */
+extern SECStatus CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp);
+
+/*
+ * FUNCTION: CMMF_DestroyCertRepContent
+ * INPUTS:
+ * inCertRepContent
+ * The CMMFCertRepContent to destroy
+ * NOTES:
+ * This function frees the memory associated with the CMMFCertRepContent
+ * passed in.
+ * RETURN:
+ * SECSuccess if freeing all the memory associated with the
+ * CMMFCertRepContent passed in is successful. Any other return value
+ * indicates an error while freeing the memory.
+ */
+extern SECStatus
+CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent);
+
+/*
+ * FUNCTION: CMMF_DestroyKeyRecRepContent
+ * INPUTS:
+ * inKeyRecRep
+ * The CMMFKeyRecRepContent to destroy.
+ * NOTES:
+ * This function destroys all the memory associated with the
+ * CMMFKeyRecRepContent passed in.
+ *
+ * RETURN:
+ * SECSuccess if freeing all the memory is successful. Any other return
+ * value indicates an error in freeing the memory.
+ */
+extern SECStatus
+CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep);
+
+/*
+ * FUNCTION: CMMF_DestroyCertifiedKeyPair
+ * INPUTS:
+ * inCertKeyPair
+ * The CMMFCertifiedKeyPair to operate on.
+ * NOTES:
+ * This function frees up all the memory associated with 'inCertKeyPair'
+ *
+ * RETURN:
+ * SECSuccess if freeing all the memory associated with 'inCertKeyPair'
+ * is successful. Any other return value indicates an error while trying
+ * to free the memory.
+ */
+extern SECStatus
+CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair);
+
+/*
+ * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
+ * INPUTS:
+ * inDecKeyResp
+ * The CMMFPOPODecKeyRespContent structure to free.
+ * NOTES:
+ * This function frees up all the memory associate with the
+ * CMMFPOPODecKeyRespContent.
+ *
+ * RETURN:
+ * SECSuccess if freeing up all the memory associated with the
+ * CMMFPOPODecKeyRespContent structure is successful. Any other
+ * return value indicates an error while freeing the memory.
+ */
+extern SECStatus
+CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
+
+/************************** Miscellaneous Functions *************************/
+
+/*
+ * FUNCTION: CMMF_CertifiedKeyPairUnwrapPrivKey
+ * INPUTS:
+ * inCertKeyPair
+ * The CMMFCertifiedKeyPair to operate on.
+ * inPrivKey
+ * The private key to use to un-wrap the private key
+ * inNickName
+ * This is the nickname that will be associated with the private key
+ * to be unwrapped.
+ * inSlot
+ * The PKCS11 slot where the unwrapped private key should end up.
+ * inCertdb
+ * The Certificate database with which the new key will be associated.
+ * destPrivKey
+ * A pointer to memory where the library can place a pointer to the
+ * private key after importing the key onto the specified slot.
+ * wincx
+ * An opaque pointer that the library will use in a callback function
+ * to get the password if necessary.
+ *
+ * NOTES:
+ * This function uses the private key passed in to unwrap the private key
+ * contained within the CMMFCertifiedKeyPair structure. After this
+ * function successfully returns, the private key has been unwrapped and
+ * placed in the specified slot.
+ *
+ * RETURN:
+ * SECSuccess if unwrapping the private key was successful. Any other
+ * return value indicates an error while trying to un-wrap the private key.
+ */
+extern SECStatus
+CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
+ SECKEYPrivateKey *inPrivKey,
+ SECItem *inNickName,
+ PK11SlotInfo *inSlot,
+ CERTCertDBHandle *inCertdb,
+ SECKEYPrivateKey **destPrivKey,
+ void *wincx);
+
+/*
+ * FUNCTION: CMMF_KeyRecRepContentHasCACerts
+ * INPUTS:
+ * inKeyRecRecp
+ * The CMMFKeyRecRepContent to operate on.
+ * RETURN:
+ * This function returns PR_TRUE if there are one or more certificates in
+ * the sequence KeyRecRepContent.caCerts within the CMMFKeyRecRepContent
+ * structure. The function will return PR_FALSE if there are 0 certificate
+ * in the above mentioned sequence.
+ */
+extern PRBool
+CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContDecryptChallenge
+ * INPUTS:
+ * inChalCont
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * inIndex
+ * The index of the Challenge to operate on. The 1st Challenge is
+ * at index 0, the second at index 1 and so forth.
+ * inPrivKey
+ * The private key to use to decrypt the witness field.
+ * NOTES:
+ * This function uses the private key to decrypt the challenge field
+ * contained in the appropriate challenge. Make sure the private key matches
+ * the public key that was used to encrypt the witness. Use
+ * CMMF_POPODecKeyChallContentGetPublicValue to get the public value of
+ * the key used to encrypt the witness and then use that to determine the
+ * appropriate private key. This can be done by calling PK11_MakeIDFromPubKey
+ * and then passing that return value to PK11_FindKeyByKeyID. The creator of
+ * the challenge will most likely be an RA that has the public key
+ * from a Cert request. So the private key should be the private key
+ * associated with public key in that request. This function will also
+ * verify the witness field of the challenge. This function also verifies
+ * that the sender and witness hashes match within the challenge.
+ *
+ * RETURN:
+ * SECSuccess if decrypting the witness field was successful. This does
+ * not indicate that the decrypted data is valid, since the private key
+ * passed in may not be the actual key needed to properly decrypt the
+ * witness field. Meaning that there is a decrypted structure now, but
+ * may be garbage because the private key was incorrect.
+ * Any other return value indicates the function could not complete the
+ * decryption process.
+ */
+extern SECStatus
+CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
+ int inIndex,
+ SECKEYPrivateKey *inPrivKey);
+
+/*
+ * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
+ * INPUTS:
+ * inDecKeyCont
+ * The CMMFPOPODecKeyChallContent to free
+ * NOTES:
+ * This function frees up all the memory associated with the
+ * CMMFPOPODecKeyChallContent
+ * RETURN:
+ * SECSuccess if freeing up all the memory associatd with the
+ * CMMFPOPODecKeyChallContent is successful. Any other return value
+ * indicates an error while freeing the memory.
+ *
+ */
+extern SECStatus
+CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont);
+
+SEC_END_PROTOS
+#endif /* _CMMF_H_ */
diff --git a/security/nss/lib/crmf/cmmfasn1.c b/security/nss/lib/crmf/cmmfasn1.c
new file mode 100644
index 000000000..64915b339
--- /dev/null
+++ b/security/nss/lib/crmf/cmmfasn1.c
@@ -0,0 +1,131 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "secasn1.h"
+#include "secitem.h"
+
+SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
+
+static const SEC_ASN1Template CMMFSequenceOfCertifiedKeyPairsTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, CMMFCertifiedKeyPairTemplate }
+};
+
+static const SEC_ASN1Template CMMFKeyRecRepContentTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFKeyRecRepContent) },
+ { SEC_ASN1_INLINE, offsetof(CMMFKeyRecRepContent, status),
+ CMMFPKIStatusInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
+ SEC_ASN1_XTRN | 0,
+ offsetof(CMMFKeyRecRepContent, newSigCert),
+ SEC_ASN1_SUB(SEC_SignedCertificateTemplate) },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(CMMFKeyRecRepContent, caCerts),
+ CMMFSequenceOfCertsTemplate },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
+ offsetof(CMMFKeyRecRepContent, keyPairHist),
+ CMMFSequenceOfCertifiedKeyPairsTemplate },
+ { 0 }
+};
+
+SECStatus
+CMMF_EncodeCertRepContent(CMMFCertRepContent *inCertRepContent,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg)
+{
+ return cmmf_user_encode(inCertRepContent, inCallback, inArg,
+ CMMFCertRepContentTemplate);
+}
+
+SECStatus
+CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg)
+{
+ return cmmf_user_encode(inDecKeyChall, inCallback, inArg,
+ CMMFPOPODecKeyChallContentTemplate);
+}
+
+CMMFPOPODecKeyRespContent *
+CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len)
+{
+ PLArenaPool *poolp;
+ CMMFPOPODecKeyRespContent *decKeyResp;
+ SECStatus rv;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ decKeyResp = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
+ if (decKeyResp == NULL) {
+ goto loser;
+ }
+ decKeyResp->poolp = poolp;
+ rv = SEC_ASN1Decode(poolp, decKeyResp, CMMFPOPODecKeyRespContentTemplate,
+ buf, len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return decKeyResp;
+
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECStatus
+CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep,
+ CRMFEncoderOutputCallback inCallback,
+ void *inArg)
+{
+ return cmmf_user_encode(inKeyRecRep, inCallback, inArg,
+ CMMFKeyRecRepContentTemplate);
+}
+
+CMMFKeyRecRepContent *
+CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db, const char *buf,
+ long len)
+{
+ PLArenaPool *poolp;
+ CMMFKeyRecRepContent *keyRecContent;
+ SECStatus rv;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
+ if (keyRecContent == NULL) {
+ goto loser;
+ }
+ keyRecContent->poolp = poolp;
+ rv = SEC_ASN1Decode(poolp, keyRecContent, CMMFKeyRecRepContentTemplate,
+ buf, len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (keyRecContent->keyPairHist != NULL) {
+ while (keyRecContent->keyPairHist[keyRecContent->numKeyPairs] != NULL) {
+ rv = cmmf_decode_process_certified_key_pair(poolp, db,
+ keyRecContent->keyPairHist[keyRecContent->numKeyPairs]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ keyRecContent->numKeyPairs++;
+ }
+ keyRecContent->allocKeyPairs = keyRecContent->numKeyPairs;
+ }
+ keyRecContent->isDecoded = PR_TRUE;
+ return keyRecContent;
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
diff --git a/security/nss/lib/crmf/cmmfchal.c b/security/nss/lib/crmf/cmmfchal.c
new file mode 100644
index 000000000..2fee983c9
--- /dev/null
+++ b/security/nss/lib/crmf/cmmfchal.c
@@ -0,0 +1,289 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "sechash.h"
+#include "genname.h"
+#include "pk11func.h"
+#include "cert.h"
+#include "secitem.h"
+#include "secmod.h"
+#include "keyhi.h"
+
+static int
+cmmf_create_witness_and_challenge(PLArenaPool *poolp,
+ CMMFChallenge *challenge,
+ long inRandom,
+ SECItem *senderDER,
+ SECKEYPublicKey *inPubKey,
+ void *passwdArg)
+{
+ SECItem *encodedRandNum;
+ SECItem encodedRandStr = { siBuffer, NULL, 0 };
+ SECItem *dummy;
+ unsigned char *randHash, *senderHash, *encChal = NULL;
+ unsigned modulusLen = 0;
+ SECStatus rv = SECFailure;
+ CMMFRand randStr = { { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 } };
+ PK11SlotInfo *slot;
+ PK11SymKey *symKey = NULL;
+ CERTSubjectPublicKeyInfo *spki = NULL;
+
+ encodedRandNum = SEC_ASN1EncodeInteger(poolp, &challenge->randomNumber,
+ inRandom);
+ if (!encodedRandNum) {
+ goto loser;
+ }
+ randHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
+ senderHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
+ if (randHash == NULL) {
+ goto loser;
+ }
+ rv = PK11_HashBuf(SEC_OID_SHA1, randHash, encodedRandNum->data,
+ (PRUint32)encodedRandNum->len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = PK11_HashBuf(SEC_OID_SHA1, senderHash, senderDER->data,
+ (PRUint32)senderDER->len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ challenge->witness.data = randHash;
+ challenge->witness.len = SHA1_LENGTH;
+
+ randStr.integer = *encodedRandNum;
+ randStr.senderHash.data = senderHash;
+ randStr.senderHash.len = SHA1_LENGTH;
+ dummy = SEC_ASN1EncodeItem(NULL, &encodedRandStr, &randStr,
+ CMMFRandTemplate);
+ if (dummy != &encodedRandStr) {
+ rv = SECFailure;
+ goto loser;
+ }
+ /* XXXX Now I have to encrypt encodedRandStr and stash it away. */
+ modulusLen = SECKEY_PublicKeyStrength(inPubKey);
+ encChal = PORT_ArenaNewArray(poolp, unsigned char, modulusLen);
+ if (encChal == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ slot = PK11_GetBestSlotWithAttributes(CKM_RSA_PKCS, CKF_WRAP, 0, passwdArg);
+ if (slot == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ (void)PK11_ImportPublicKey(slot, inPubKey, PR_FALSE);
+ /* In order to properly encrypt the data, we import as a symmetric
+ * key, and then wrap that key. That in essence encrypts the data.
+ * This is the method recommended in the PK11 world in order
+ * to prevent threading issues as well as breaking any other semantics
+ * the PK11 libraries depend on.
+ */
+ symKey = PK11_ImportSymKey(slot, CKM_RSA_PKCS, PK11_OriginGenerated,
+ CKA_VALUE, &encodedRandStr, passwdArg);
+ if (symKey == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ challenge->challenge.data = encChal;
+ challenge->challenge.len = modulusLen;
+ rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, inPubKey, symKey,
+ &challenge->challenge);
+ PK11_FreeSlot(slot);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(poolp, &challenge->senderDER, senderDER);
+ crmf_get_public_value(inPubKey, &challenge->key);
+/* Fall through */
+loser:
+ if (spki != NULL) {
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ }
+ if (encodedRandStr.data != NULL) {
+ PORT_Free(encodedRandStr.data);
+ }
+ if (encodedRandNum != NULL) {
+ SECITEM_FreeItem(encodedRandNum, PR_TRUE);
+ }
+ if (symKey != NULL) {
+ PK11_FreeSymKey(symKey);
+ }
+ return rv;
+}
+
+static SECStatus
+cmmf_create_first_challenge(CMMFPOPODecKeyChallContent *challContent,
+ long inRandom,
+ SECItem *senderDER,
+ SECKEYPublicKey *inPubKey,
+ void *passwdArg)
+{
+ SECOidData *oidData;
+ CMMFChallenge *challenge;
+ SECAlgorithmID *algId;
+ PLArenaPool *poolp;
+ SECStatus rv;
+
+ oidData = SECOID_FindOIDByTag(SEC_OID_SHA1);
+ if (oidData == NULL) {
+ return SECFailure;
+ }
+ poolp = challContent->poolp;
+ challenge = PORT_ArenaZNew(poolp, CMMFChallenge);
+ if (challenge == NULL) {
+ return SECFailure;
+ }
+ algId = challenge->owf = PORT_ArenaZNew(poolp, SECAlgorithmID);
+ if (algId == NULL) {
+ return SECFailure;
+ }
+ rv = SECITEM_CopyItem(poolp, &algId->algorithm, &oidData->oid);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = cmmf_create_witness_and_challenge(poolp, challenge, inRandom,
+ senderDER, inPubKey, passwdArg);
+ challContent->challenges[0] = (rv == SECSuccess) ? challenge : NULL;
+ challContent->numChallenges++;
+ return rv;
+}
+
+CMMFPOPODecKeyChallContent *
+CMMF_CreatePOPODecKeyChallContent(void)
+{
+ PLArenaPool *poolp;
+ CMMFPOPODecKeyChallContent *challContent;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
+ if (challContent == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+ challContent->poolp = poolp;
+ return challContent;
+}
+
+SECStatus
+CMMF_POPODecKeyChallContentSetNextChallenge(CMMFPOPODecKeyChallContent *inDecKeyChall,
+ long inRandom,
+ CERTGeneralName *inSender,
+ SECKEYPublicKey *inPubKey,
+ void *passwdArg)
+{
+ CMMFChallenge *curChallenge;
+ PLArenaPool *genNamePool = NULL, *poolp;
+ SECStatus rv;
+ SECItem *genNameDER;
+ void *mark;
+
+ PORT_Assert(inDecKeyChall != NULL &&
+ inSender != NULL &&
+ inPubKey != NULL);
+
+ if (inDecKeyChall == NULL ||
+ inSender == NULL || inPubKey == NULL) {
+ return SECFailure;
+ }
+ poolp = inDecKeyChall->poolp;
+ mark = PORT_ArenaMark(poolp);
+
+ genNamePool = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ genNameDER = CERT_EncodeGeneralName(inSender, NULL, genNamePool);
+ if (genNameDER == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ if (inDecKeyChall->challenges == NULL) {
+ inDecKeyChall->challenges =
+ PORT_ArenaZNewArray(poolp, CMMFChallenge *, (CMMF_MAX_CHALLENGES + 1));
+ inDecKeyChall->numAllocated = CMMF_MAX_CHALLENGES;
+ }
+
+ if (inDecKeyChall->numChallenges >= inDecKeyChall->numAllocated) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ if (inDecKeyChall->numChallenges == 0) {
+ rv = cmmf_create_first_challenge(inDecKeyChall, inRandom,
+ genNameDER, inPubKey, passwdArg);
+ } else {
+ curChallenge = PORT_ArenaZNew(poolp, CMMFChallenge);
+ if (curChallenge == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ rv = cmmf_create_witness_and_challenge(poolp, curChallenge, inRandom,
+ genNameDER, inPubKey,
+ passwdArg);
+ if (rv == SECSuccess) {
+ inDecKeyChall->challenges[inDecKeyChall->numChallenges] =
+ curChallenge;
+ inDecKeyChall->numChallenges++;
+ }
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ PORT_FreeArena(genNamePool, PR_FALSE);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ if (genNamePool != NULL) {
+ PORT_FreeArena(genNamePool, PR_FALSE);
+ }
+ PORT_Assert(rv != SECSuccess);
+ return rv;
+}
+
+SECStatus
+CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp)
+{
+ PORT_Assert(inDecKeyResp != NULL);
+ if (inDecKeyResp != NULL && inDecKeyResp->poolp != NULL) {
+ PORT_FreeArena(inDecKeyResp->poolp, PR_FALSE);
+ }
+ return SECSuccess;
+}
+
+int
+CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont)
+{
+ int numResponses = 0;
+
+ PORT_Assert(inRespCont != NULL);
+ if (inRespCont == NULL) {
+ return 0;
+ }
+
+ while (inRespCont->responses[numResponses] != NULL) {
+ numResponses++;
+ }
+ return numResponses;
+}
+
+SECStatus
+CMMF_POPODecKeyRespContentGetResponse(CMMFPOPODecKeyRespContent *inRespCont,
+ int inIndex,
+ long *inDest)
+{
+ PORT_Assert(inRespCont != NULL);
+
+ if (inRespCont == NULL || inIndex < 0 ||
+ inIndex >= CMMF_POPODecKeyRespContentGetNumResponses(inRespCont)) {
+ return SECFailure;
+ }
+ *inDest = DER_GetInteger(inRespCont->responses[inIndex]);
+ return (*inDest == -1) ? SECFailure : SECSuccess;
+}
diff --git a/security/nss/lib/crmf/cmmfi.h b/security/nss/lib/crmf/cmmfi.h
new file mode 100644
index 000000000..9336ccfc2
--- /dev/null
+++ b/security/nss/lib/crmf/cmmfi.h
@@ -0,0 +1,92 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * These are the definitions needed by the library internally to implement
+ * CMMF. Most of these will be helper utilities for manipulating internal
+ * data strucures.
+ */
+#ifndef _CMMFI_H_
+#define _CMMFI_H_
+#include "cmmfit.h"
+#include "crmfi.h"
+
+#define CMMF_MAX_CHALLENGES 10
+#define CMMF_MAX_KEY_PAIRS 50
+
+/*
+ * Some templates that the code will need to implement CMMF.
+ */
+extern const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[];
+extern const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[];
+extern const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[];
+extern const SEC_ASN1Template CMMFRandTemplate[];
+extern const SEC_ASN1Template CMMFSequenceOfCertsTemplate[];
+extern const SEC_ASN1Template CMMFPKIStatusInfoTemplate[];
+extern const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[];
+
+/*
+ * Some utility functions that are shared by multiple files in this
+ * implementation.
+ */
+
+extern SECStatus cmmf_CopyCertResponse(PLArenaPool *poolp,
+ CMMFCertResponse *dest,
+ CMMFCertResponse *src);
+
+extern SECStatus cmmf_CopyPKIStatusInfo(PLArenaPool *poolp,
+ CMMFPKIStatusInfo *dest,
+ CMMFPKIStatusInfo *src);
+
+extern SECStatus cmmf_CopyCertifiedKeyPair(PLArenaPool *poolp,
+ CMMFCertifiedKeyPair *dest,
+ CMMFCertifiedKeyPair *src);
+
+extern SECStatus cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info,
+ PRBool freeit);
+
+extern SECStatus cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert,
+ PRBool freeit);
+
+extern SECStatus cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
+ PLArenaPool *poolp,
+ CMMFPKIStatus inStatus);
+
+extern SECStatus cmmf_ExtractCertsFromList(CERTCertList *inCertList,
+ PLArenaPool *poolp,
+ CERTCertificate ***certArray);
+
+extern SECStatus
+cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
+ PLArenaPool *poolp,
+ CERTCertificate *inCert);
+
+extern CMMFPKIStatus
+cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus);
+
+extern CERTCertList *
+cmmf_MakeCertList(CERTCertificate **inCerts);
+
+extern CERTCertificate *
+cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
+ CERTCertDBHandle *certdb);
+
+extern SECStatus
+cmmf_decode_process_cert_response(PLArenaPool *poolp,
+ CERTCertDBHandle *db,
+ CMMFCertResponse *inCertResp);
+
+extern SECStatus
+cmmf_decode_process_certified_key_pair(PLArenaPool *poolp,
+ CERTCertDBHandle *db,
+ CMMFCertifiedKeyPair *inCertKeyPair);
+
+extern SECStatus
+cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
+ const SEC_ASN1Template *inTemplate);
+
+extern SECStatus
+cmmf_copy_secitem(PLArenaPool *poolp, SECItem *dest, SECItem *src);
+#endif /*_CMMFI_H_*/
diff --git a/security/nss/lib/crmf/cmmfit.h b/security/nss/lib/crmf/cmmfit.h
new file mode 100644
index 000000000..014413f07
--- /dev/null
+++ b/security/nss/lib/crmf/cmmfit.h
@@ -0,0 +1,115 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CMMFIT_H_
+#define _CMMFIT_H_
+
+/*
+ * All fields marked by a PKIStausInfo in comments is an integer
+ * with the following possible values.
+ *
+ * Integer Value Meaning
+ * ------------- -------
+ * 0 granted- got exactly what you asked for.
+ *
+ * 1 grantedWithMods-got something like what you asked
+ * for;requester is responsible for ascertainging the
+ * differences.
+ *
+ * 2 rejection-you don't get what you asked for; more
+ * information elsewhere in the message
+ *
+ * 3 waiting-the request body part has not yet been
+ * processed, expect to hear more later.
+ *
+ * 4 revocationWarning-this message contains a warning
+ * that a revocation is imminent.
+ *
+ * 5 revocationNotification-notification that a
+ * revocation has occurred.
+ *
+ * 6 keyUpdateWarning-update already done for the
+ * oldCertId specified in FullCertTemplate.
+ */
+
+struct CMMFPKIStatusInfoStr {
+ SECItem status;
+ SECItem statusString;
+ SECItem failInfo;
+};
+
+struct CMMFCertOrEncCertStr {
+ union {
+ CERTCertificate *certificate;
+ CRMFEncryptedValue *encryptedCert;
+ } cert;
+ CMMFCertOrEncCertChoice choice;
+ SECItem derValue;
+};
+
+struct CMMFCertifiedKeyPairStr {
+ CMMFCertOrEncCert certOrEncCert;
+ CRMFEncryptedValue *privateKey;
+ SECItem derPublicationInfo; /* We aren't creating
+ * PKIPublicationInfo's, so
+ * we'll store away the der
+ * here if we decode one that
+ * does have pubInfo.
+ */
+ SECItem unwrappedPrivKey;
+};
+
+struct CMMFCertResponseStr {
+ SECItem certReqId;
+ CMMFPKIStatusInfo status; /*PKIStatusInfo*/
+ CMMFCertifiedKeyPair *certifiedKeyPair;
+};
+
+struct CMMFCertRepContentStr {
+ CERTCertificate **caPubs;
+ CMMFCertResponse **response;
+ PLArenaPool *poolp;
+ PRBool isDecoded;
+};
+
+struct CMMFChallengeStr {
+ SECAlgorithmID *owf;
+ SECItem witness;
+ SECItem senderDER;
+ SECItem key;
+ SECItem challenge;
+ SECItem randomNumber;
+};
+
+struct CMMFRandStr {
+ SECItem integer;
+ SECItem senderHash;
+ CERTGeneralName *sender;
+};
+
+struct CMMFPOPODecKeyChallContentStr {
+ CMMFChallenge **challenges;
+ PLArenaPool *poolp;
+ int numChallenges;
+ int numAllocated;
+};
+
+struct CMMFPOPODecKeyRespContentStr {
+ SECItem **responses;
+ PLArenaPool *poolp;
+};
+
+struct CMMFKeyRecRepContentStr {
+ CMMFPKIStatusInfo status; /* PKIStatusInfo */
+ CERTCertificate *newSigCert;
+ CERTCertificate **caCerts;
+ CMMFCertifiedKeyPair **keyPairHist;
+ PLArenaPool *poolp;
+ int numKeyPairs;
+ int allocKeyPairs;
+ PRBool isDecoded;
+};
+
+#endif /* _CMMFIT_H_ */
diff --git a/security/nss/lib/crmf/cmmfrec.c b/security/nss/lib/crmf/cmmfrec.c
new file mode 100644
index 000000000..5dfe1fcca
--- /dev/null
+++ b/security/nss/lib/crmf/cmmfrec.c
@@ -0,0 +1,316 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * This file will implement the functions related to key recovery in
+ * CMMF
+ */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "secitem.h"
+#include "keyhi.h"
+
+CMMFKeyRecRepContent *
+CMMF_CreateKeyRecRepContent(void)
+{
+ PLArenaPool *poolp;
+ CMMFKeyRecRepContent *keyRecContent;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
+ if (keyRecContent == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+ keyRecContent->poolp = poolp;
+ return keyRecContent;
+}
+
+SECStatus
+CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep)
+{
+ PORT_Assert(inKeyRecRep != NULL);
+ if (inKeyRecRep != NULL && inKeyRecRep->poolp != NULL) {
+ int i;
+
+ if (!inKeyRecRep->isDecoded && inKeyRecRep->newSigCert != NULL) {
+ CERT_DestroyCertificate(inKeyRecRep->newSigCert);
+ }
+ if (inKeyRecRep->caCerts != NULL) {
+ for (i = 0; inKeyRecRep->caCerts[i] != NULL; i++) {
+ CERT_DestroyCertificate(inKeyRecRep->caCerts[i]);
+ }
+ }
+ if (inKeyRecRep->keyPairHist != NULL) {
+ for (i = 0; inKeyRecRep->keyPairHist[i] != NULL; i++) {
+ if (inKeyRecRep->keyPairHist[i]->certOrEncCert.choice ==
+ cmmfCertificate) {
+ CERT_DestroyCertificate(inKeyRecRep->keyPairHist[i]->certOrEncCert.cert.certificate);
+ }
+ }
+ }
+ PORT_FreeArena(inKeyRecRep->poolp, PR_TRUE);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
+ CMMFPKIStatus inPKIStatus)
+{
+ PORT_Assert(inKeyRecRep != NULL && inPKIStatus >= cmmfGranted &&
+ inPKIStatus < cmmfNumPKIStatus);
+ if (inKeyRecRep == NULL) {
+ return SECFailure;
+ }
+
+ return cmmf_PKIStatusInfoSetStatus(&inKeyRecRep->status,
+ inKeyRecRep->poolp,
+ inPKIStatus);
+}
+
+SECStatus
+CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
+ CERTCertificate *inNewSignCert)
+{
+ PORT_Assert(inKeyRecRep != NULL && inNewSignCert != NULL);
+ if (inKeyRecRep == NULL || inNewSignCert == NULL) {
+ return SECFailure;
+ }
+ if (!inKeyRecRep->isDecoded && inKeyRecRep->newSigCert) {
+ CERT_DestroyCertificate(inKeyRecRep->newSigCert);
+ }
+ inKeyRecRep->isDecoded = PR_FALSE;
+ inKeyRecRep->newSigCert = CERT_DupCertificate(inNewSignCert);
+ return (inKeyRecRep->newSigCert == NULL) ? SECFailure : SECSuccess;
+}
+
+SECStatus
+CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
+ CERTCertList *inCACerts)
+{
+ SECStatus rv;
+ void *mark;
+
+ PORT_Assert(inKeyRecRep != NULL && inCACerts != NULL);
+ if (inKeyRecRep == NULL || inCACerts == NULL) {
+ return SECFailure;
+ }
+ mark = PORT_ArenaMark(inKeyRecRep->poolp);
+ rv = cmmf_ExtractCertsFromList(inCACerts, inKeyRecRep->poolp,
+ &inKeyRecRep->caCerts);
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(inKeyRecRep->poolp, mark);
+ } else {
+ PORT_ArenaUnmark(inKeyRecRep->poolp, mark);
+ }
+ return rv;
+}
+
+SECStatus
+CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
+ CERTCertificate *inCert,
+ SECKEYPrivateKey *inPrivKey,
+ SECKEYPublicKey *inPubKey)
+{
+ CMMFCertifiedKeyPair *keyPair;
+ CRMFEncryptedValue *dummy;
+ PLArenaPool *poolp;
+ void *mark;
+ SECStatus rv;
+
+ PORT_Assert(inKeyRecRep != NULL &&
+ inCert != NULL &&
+ inPrivKey != NULL &&
+ inPubKey != NULL);
+ if (inKeyRecRep == NULL ||
+ inCert == NULL ||
+ inPrivKey == NULL ||
+ inPubKey == NULL) {
+ return SECFailure;
+ }
+ poolp = inKeyRecRep->poolp;
+ mark = PORT_ArenaMark(poolp);
+ if (inKeyRecRep->keyPairHist == NULL) {
+ inKeyRecRep->keyPairHist = PORT_ArenaNewArray(poolp,
+ CMMFCertifiedKeyPair *,
+ (CMMF_MAX_KEY_PAIRS + 1));
+ if (inKeyRecRep->keyPairHist == NULL) {
+ goto loser;
+ }
+ inKeyRecRep->allocKeyPairs = CMMF_MAX_KEY_PAIRS;
+ inKeyRecRep->numKeyPairs = 0;
+ }
+
+ if (inKeyRecRep->allocKeyPairs == inKeyRecRep->numKeyPairs) {
+ goto loser;
+ }
+
+ keyPair = PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
+ if (keyPair == NULL) {
+ goto loser;
+ }
+ rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert,
+ poolp, inCert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ keyPair->privateKey = PORT_ArenaZNew(poolp, CRMFEncryptedValue);
+ if (keyPair->privateKey == NULL) {
+ goto loser;
+ }
+ dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey, inPubKey,
+ keyPair->privateKey);
+ PORT_Assert(dummy == keyPair->privateKey);
+ if (dummy != keyPair->privateKey) {
+ crmf_destroy_encrypted_value(dummy, PR_TRUE);
+ goto loser;
+ }
+ inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = keyPair;
+ inKeyRecRep->numKeyPairs++;
+ inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = NULL;
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+CMMFPKIStatus
+CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep)
+{
+ PORT_Assert(inKeyRecRep != NULL);
+ if (inKeyRecRep == NULL) {
+ return cmmfNoPKIStatus;
+ }
+ return cmmf_PKIStatusInfoGetStatus(&inKeyRecRep->status);
+}
+
+CERTCertificate *
+CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep)
+{
+ PORT_Assert(inKeyRecRep != NULL);
+ if (inKeyRecRep == NULL ||
+ inKeyRecRep->newSigCert == NULL) {
+ return NULL;
+ }
+ /* newSigCert may not be a real certificate, it may be a hand decoded
+ * cert structure. This code makes sure we hand off a real, fully formed
+ * CERTCertificate to the caller. TODO: This should move into the decode
+ * portion so that we never wind up with a half formed CERTCertificate
+ * here. In this case the call would be to CERT_DupCertificate.
+ */
+ return CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ &inKeyRecRep->newSigCert->signatureWrap.data,
+ NULL, PR_FALSE, PR_TRUE);
+}
+
+CERTCertList *
+CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep)
+{
+ PORT_Assert(inKeyRecRep != NULL);
+ if (inKeyRecRep == NULL || inKeyRecRep->caCerts == NULL) {
+ return NULL;
+ }
+ return cmmf_MakeCertList(inKeyRecRep->caCerts);
+}
+
+int
+CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep)
+{
+ PORT_Assert(inKeyRecRep != NULL);
+ return (inKeyRecRep == NULL) ? 0 : inKeyRecRep->numKeyPairs;
+}
+
+PRBool
+cmmf_KeyRecRepContentIsValidIndex(CMMFKeyRecRepContent *inKeyRecRep,
+ int inIndex)
+{
+ int numKeyPairs = CMMF_KeyRecRepContentGetNumKeyPairs(inKeyRecRep);
+
+ return (PRBool)(inIndex >= 0 && inIndex < numKeyPairs);
+}
+
+CMMFCertifiedKeyPair *
+CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
+ int inIndex)
+{
+ CMMFCertifiedKeyPair *newKeyPair;
+ SECStatus rv;
+
+ PORT_Assert(inKeyRecRep != NULL &&
+ cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex));
+ if (inKeyRecRep == NULL ||
+ !cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex)) {
+ return NULL;
+ }
+ newKeyPair = PORT_ZNew(CMMFCertifiedKeyPair);
+ if (newKeyPair == NULL) {
+ return NULL;
+ }
+ rv = cmmf_CopyCertifiedKeyPair(NULL, newKeyPair,
+ inKeyRecRep->keyPairHist[inIndex]);
+ if (rv != SECSuccess) {
+ CMMF_DestroyCertifiedKeyPair(newKeyPair);
+ newKeyPair = NULL;
+ }
+ return newKeyPair;
+}
+
+SECStatus
+CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
+ SECKEYPrivateKey *inPrivKey,
+ SECItem *inNickName,
+ PK11SlotInfo *inSlot,
+ CERTCertDBHandle *inCertdb,
+ SECKEYPrivateKey **destPrivKey,
+ void *wincx)
+{
+ CERTCertificate *cert;
+ SECItem keyUsageValue = { siBuffer, NULL, 0 };
+ unsigned char keyUsage = 0x0;
+ SECKEYPublicKey *pubKey;
+ SECStatus rv;
+
+ PORT_Assert(inKeyPair != NULL &&
+ inPrivKey != NULL && inCertdb != NULL);
+ if (inKeyPair == NULL ||
+ inPrivKey == NULL ||
+ inKeyPair->privateKey == NULL ||
+ inCertdb == NULL) {
+ return SECFailure;
+ }
+
+ cert = CMMF_CertifiedKeyPairGetCertificate(inKeyPair, inCertdb);
+ CERT_FindKeyUsageExtension(cert, &keyUsageValue);
+ if (keyUsageValue.data != NULL) {
+ keyUsage = keyUsageValue.data[3];
+ PORT_Free(keyUsageValue.data);
+ }
+ pubKey = CERT_ExtractPublicKey(cert);
+ rv = crmf_encrypted_value_unwrap_priv_key(NULL, inKeyPair->privateKey,
+ inPrivKey, pubKey,
+ inNickName, inSlot, keyUsage,
+ destPrivKey, wincx);
+ SECKEY_DestroyPublicKey(pubKey);
+ CERT_DestroyCertificate(cert);
+ return rv;
+}
+
+PRBool
+CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep)
+{
+ PORT_Assert(inKeyRecRep != NULL);
+ if (inKeyRecRep == NULL) {
+ return PR_FALSE;
+ }
+ return (PRBool)(inKeyRecRep->caCerts != NULL &&
+ inKeyRecRep->caCerts[0] != NULL);
+}
diff --git a/security/nss/lib/crmf/cmmfresp.c b/security/nss/lib/crmf/cmmfresp.c
new file mode 100644
index 000000000..c4b59b8e9
--- /dev/null
+++ b/security/nss/lib/crmf/cmmfresp.c
@@ -0,0 +1,280 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * This file will contain all routines dealing with creating a
+ * CMMFCertRepContent structure through Create/Set functions.
+ */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "crmf.h"
+#include "crmfi.h"
+#include "secitem.h"
+#include "secder.h"
+
+CMMFCertRepContent *
+CMMF_CreateCertRepContent(void)
+{
+ CMMFCertRepContent *retCertRep;
+ PLArenaPool *poolp;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ goto loser;
+ }
+ retCertRep = PORT_ArenaZNew(poolp, CMMFCertRepContent);
+ if (retCertRep == NULL) {
+ goto loser;
+ }
+ retCertRep->poolp = poolp;
+ return retCertRep;
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECStatus
+cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
+ PLArenaPool *poolp,
+ CERTCertificate *inCert)
+{
+ SECItem *derDest = NULL;
+ SECStatus rv = SECFailure;
+
+ if (inCert->derCert.data == NULL) {
+ derDest = SEC_ASN1EncodeItem(NULL, NULL, inCert,
+ CMMFCertOrEncCertCertificateTemplate);
+ if (derDest == NULL) {
+ goto loser;
+ }
+ } else {
+ derDest = SECITEM_DupItem(&inCert->derCert);
+ if (derDest == NULL) {
+ goto loser;
+ }
+ }
+ PORT_Assert(certOrEncCert->cert.certificate == NULL);
+ certOrEncCert->cert.certificate = CERT_DupCertificate(inCert);
+ certOrEncCert->choice = cmmfCertificate;
+ if (poolp != NULL) {
+ rv = SECITEM_CopyItem(poolp, &certOrEncCert->derValue, derDest);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ certOrEncCert->derValue = *derDest;
+ }
+ PORT_Free(derDest);
+ return SECSuccess;
+loser:
+ if (derDest != NULL) {
+ SECITEM_FreeItem(derDest, PR_TRUE);
+ }
+ return rv;
+}
+
+SECStatus
+cmmf_ExtractCertsFromList(CERTCertList *inCertList,
+ PLArenaPool *poolp,
+ CERTCertificate ***certArray)
+{
+ CERTCertificate **arrayLocalCopy;
+ CERTCertListNode *node;
+ int numNodes = 0, i;
+
+ for (node = CERT_LIST_HEAD(inCertList); !CERT_LIST_END(node, inCertList);
+ node = CERT_LIST_NEXT(node)) {
+ numNodes++;
+ }
+
+ arrayLocalCopy = *certArray = (poolp == NULL) ? PORT_NewArray(CERTCertificate *, (numNodes + 1)) : PORT_ArenaNewArray(poolp, CERTCertificate *, (numNodes + 1));
+ if (arrayLocalCopy == NULL) {
+ return SECFailure;
+ }
+ for (node = CERT_LIST_HEAD(inCertList), i = 0;
+ !CERT_LIST_END(node, inCertList);
+ node = CERT_LIST_NEXT(node), i++) {
+ arrayLocalCopy[i] = CERT_DupCertificate(node->cert);
+ if (arrayLocalCopy[i] == NULL) {
+ int j;
+
+ for (j = 0; j < i; j++) {
+ CERT_DestroyCertificate(arrayLocalCopy[j]);
+ }
+ if (poolp == NULL) {
+ PORT_Free(arrayLocalCopy);
+ }
+ *certArray = NULL;
+ return SECFailure;
+ }
+ }
+ arrayLocalCopy[numNodes] = NULL;
+ return SECSuccess;
+}
+
+SECStatus
+CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
+ CMMFCertResponse **inCertResponses,
+ int inNumResponses)
+{
+ PLArenaPool *poolp;
+ CMMFCertResponse **respArr, *newResp;
+ void *mark;
+ SECStatus rv;
+ int i;
+
+ PORT_Assert(inCertRepContent != NULL &&
+ inCertResponses != NULL &&
+ inNumResponses > 0);
+ if (inCertRepContent == NULL ||
+ inCertResponses == NULL ||
+ inCertRepContent->response != NULL) {
+ return SECFailure;
+ }
+ poolp = inCertRepContent->poolp;
+ mark = PORT_ArenaMark(poolp);
+ respArr = inCertRepContent->response =
+ PORT_ArenaZNewArray(poolp, CMMFCertResponse *, (inNumResponses + 1));
+ if (respArr == NULL) {
+ goto loser;
+ }
+ for (i = 0; i < inNumResponses; i++) {
+ newResp = PORT_ArenaZNew(poolp, CMMFCertResponse);
+ if (newResp == NULL) {
+ goto loser;
+ }
+ rv = cmmf_CopyCertResponse(poolp, newResp, inCertResponses[i]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ respArr[i] = newResp;
+ }
+ respArr[inNumResponses] = NULL;
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+CMMFCertResponse *
+CMMF_CreateCertResponse(long inCertReqId)
+{
+ SECItem *dummy;
+ CMMFCertResponse *newResp;
+
+ newResp = PORT_ZNew(CMMFCertResponse);
+ if (newResp == NULL) {
+ goto loser;
+ }
+ dummy = SEC_ASN1EncodeInteger(NULL, &newResp->certReqId, inCertReqId);
+ if (dummy != &newResp->certReqId) {
+ goto loser;
+ }
+ return newResp;
+
+loser:
+ if (newResp != NULL) {
+ CMMF_DestroyCertResponse(newResp);
+ }
+ return NULL;
+}
+
+SECStatus
+CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
+ CMMFPKIStatus inPKIStatus)
+{
+ PORT_Assert(inCertResp != NULL && inPKIStatus >= cmmfGranted &&
+ inPKIStatus < cmmfNumPKIStatus);
+
+ if (inCertResp == NULL) {
+ return SECFailure;
+ }
+ return cmmf_PKIStatusInfoSetStatus(&inCertResp->status, NULL,
+ inPKIStatus);
+}
+
+SECStatus
+CMMF_CertResponseSetCertificate(CMMFCertResponse *inCertResp,
+ CERTCertificate *inCertificate)
+{
+ CMMFCertifiedKeyPair *keyPair = NULL;
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(inCertResp != NULL && inCertificate != NULL);
+ if (inCertResp == NULL || inCertificate == NULL) {
+ return SECFailure;
+ }
+ if (inCertResp->certifiedKeyPair == NULL) {
+ keyPair = inCertResp->certifiedKeyPair =
+ PORT_ZNew(CMMFCertifiedKeyPair);
+ } else {
+ keyPair = inCertResp->certifiedKeyPair;
+ }
+ if (keyPair == NULL) {
+ goto loser;
+ }
+ rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert, NULL,
+ inCertificate);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return SECSuccess;
+loser:
+ if (keyPair) {
+ if (keyPair->certOrEncCert.derValue.data) {
+ PORT_Free(keyPair->certOrEncCert.derValue.data);
+ }
+ PORT_Free(keyPair);
+ }
+ return rv;
+}
+
+SECStatus
+CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
+ CERTCertList *inCAPubs)
+{
+ PLArenaPool *poolp;
+ void *mark;
+ SECStatus rv;
+
+ PORT_Assert(inCertRepContent != NULL &&
+ inCAPubs != NULL &&
+ inCertRepContent->caPubs == NULL);
+
+ if (inCertRepContent == NULL ||
+ inCAPubs == NULL || inCertRepContent == NULL) {
+ return SECFailure;
+ }
+
+ poolp = inCertRepContent->poolp;
+ mark = PORT_ArenaMark(poolp);
+
+ rv = cmmf_ExtractCertsFromList(inCAPubs, poolp,
+ &inCertRepContent->caPubs);
+
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(poolp, mark);
+ } else {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+ return rv;
+}
+
+CERTCertificate *
+CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
+ CERTCertDBHandle *inCertdb)
+{
+ PORT_Assert(inCertKeyPair != NULL);
+ if (inCertKeyPair == NULL) {
+ return NULL;
+ }
+ return cmmf_CertOrEncCertGetCertificate(&inCertKeyPair->certOrEncCert,
+ inCertdb);
+}
diff --git a/security/nss/lib/crmf/cmmft.h b/security/nss/lib/crmf/cmmft.h
new file mode 100644
index 000000000..e39f19ed3
--- /dev/null
+++ b/security/nss/lib/crmf/cmmft.h
@@ -0,0 +1,73 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CMMFT_H_
+#define _CMMFT_H_
+
+#include "secasn1.h"
+
+/*
+ * These are the enumerations used to distinguish between the different
+ * choices available for the CMMFCertOrEncCert structure.
+ */
+typedef enum {
+ cmmfNoCertOrEncCert = 0,
+ cmmfCertificate = 1,
+ cmmfEncryptedCert = 2
+} CMMFCertOrEncCertChoice;
+
+/*
+ * This is the enumeration and the corresponding values used to
+ * represent the CMMF type PKIStatus
+ */
+typedef enum {
+ cmmfNoPKIStatus = -1,
+ cmmfGranted = 0,
+ cmmfGrantedWithMods = 1,
+ cmmfRejection = 2,
+ cmmfWaiting = 3,
+ cmmfRevocationWarning = 4,
+ cmmfRevocationNotification = 5,
+ cmmfKeyUpdateWarning = 6,
+ cmmfNumPKIStatus
+} CMMFPKIStatus;
+
+/*
+ * These enumerations are used to represent the corresponding values
+ * in PKIFailureInfo defined in CMMF.
+ */
+typedef enum {
+ cmmfBadAlg = 0,
+ cmmfBadMessageCheck = 1,
+ cmmfBadRequest = 2,
+ cmmfBadTime = 3,
+ cmmfBadCertId = 4,
+ cmmfBadDataFormat = 5,
+ cmmfWrongAuthority = 6,
+ cmmfIncorrectData = 7,
+ cmmfMissingTimeStamp = 8,
+ cmmfNoFailureInfo = 9
+} CMMFPKIFailureInfo;
+
+typedef struct CMMFPKIStatusInfoStr CMMFPKIStatusInfo;
+typedef struct CMMFCertOrEncCertStr CMMFCertOrEncCert;
+typedef struct CMMFCertifiedKeyPairStr CMMFCertifiedKeyPair;
+typedef struct CMMFCertResponseStr CMMFCertResponse;
+typedef struct CMMFCertResponseSeqStr CMMFCertResponseSeq;
+typedef struct CMMFPOPODecKeyChallContentStr CMMFPOPODecKeyChallContent;
+typedef struct CMMFChallengeStr CMMFChallenge;
+typedef struct CMMFRandStr CMMFRand;
+typedef struct CMMFPOPODecKeyRespContentStr CMMFPOPODecKeyRespContent;
+typedef struct CMMFKeyRecRepContentStr CMMFKeyRecRepContent;
+typedef struct CMMFCertRepContentStr CMMFCertRepContent;
+
+/* Export this so people can call SEC_ASN1EncodeItem instead of having to
+ * write callbacks that are passed in to the high level encode function
+ * for CMMFCertRepContent.
+ */
+extern const SEC_ASN1Template CMMFCertRepContentTemplate[];
+extern const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[];
+
+#endif /*_CMMFT_H_*/
diff --git a/security/nss/lib/crmf/config.mk b/security/nss/lib/crmf/config.mk
new file mode 100644
index 000000000..dc39ee4d6
--- /dev/null
+++ b/security/nss/lib/crmf/config.mk
@@ -0,0 +1,16 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/crmf/crmf.gyp b/security/nss/lib/crmf/crmf.gyp
new file mode 100644
index 000000000..f8fa8a48d
--- /dev/null
+++ b/security/nss/lib/crmf/crmf.gyp
@@ -0,0 +1,43 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'crmf',
+ 'type': 'static_library',
+ 'sources': [
+ 'asn1cmn.c',
+ 'challcli.c',
+ 'cmmfasn1.c',
+ 'cmmfchal.c',
+ 'cmmfrec.c',
+ 'cmmfresp.c',
+ 'crmfcont.c',
+ 'crmfdec.c',
+ 'crmfenc.c',
+ 'crmfget.c',
+ 'crmfpop.c',
+ 'crmfreq.c',
+ 'crmftmpl.c',
+ 'encutil.c',
+ 'respcli.c',
+ 'respcmn.c',
+ 'servget.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ],
+ 'variables': {
+ # This is purely for the use of the Mozilla build system.
+ 'no_expand_libs': 1,
+ },
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/crmf/crmf.h b/security/nss/lib/crmf/crmf.h
new file mode 100644
index 000000000..c56e28913
--- /dev/null
+++ b/security/nss/lib/crmf/crmf.h
@@ -0,0 +1,1741 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CRMF_H_
+#define _CRMF_H_
+
+#include "seccomon.h"
+#include "cert.h"
+#include "crmft.h"
+#include "secoid.h"
+#include "secpkcs7.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+ * FUNCTION: CRMF_EncodeCertReqMsg
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to be encoded.
+ * fn
+ * A Callback function that the ASN1 encoder calls whenever
+ * the encoder wants to write out some DER encoded bytes.
+ * arg
+ * An opaque pointer that gets passed to the function fn
+ * OUTPUT:
+ * The function fn will be called multiple times. Look at the
+ * comments in crmft.h where the CRMFEncoderOutputCallback type is
+ * defined for information on proper behavior of the function fn.
+ * RETURN:
+ * SECSuccess if encoding was successful. Any other return value
+ * indicates an error occurred during encoding.
+ */
+extern SECStatus
+CRMF_EncodeCertReqMsg(CRMFCertReqMsg *inCertReqMsg,
+ CRMFEncoderOutputCallback fn,
+ void *arg);
+
+/*
+ * FUNCTION: CRMF_EncoderCertRequest
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to be encoded.
+ * fn
+ * A Callback function that the ASN1 encoder calls whenever
+ * the encoder wants to write out some DER encoded bytes.
+ * arg
+ * An opaque pointer that gets passed to the function fn.
+ * OUTPUT:
+ * The function fn will be called, probably multiple times whenever
+ * the ASN1 encoder wants to write out DER-encoded bytes. Look at the
+ * comments in crmft.h where the CRMFEncoderOutputCallback type is
+ * defined for information on proper behavior of the function fn.
+ * RETURN:
+ * SECSuccess if encoding was successful. Any other return value
+ * indicates an error occurred during encoding.
+ */
+extern SECStatus CRMF_EncodeCertRequest(CRMFCertRequest *inCertReq,
+ CRMFEncoderOutputCallback fn,
+ void *arg);
+/*
+ * FUNCTION: CRMF_EncodeCertReqMessages
+ * INPUTS:
+ * inCertReqMsgs
+ * An array of pointers to the Certificate Request Messages
+ * to encode. The user must place a NULL pointer in the index
+ * after the last message to be encoded. When the library runs
+ * into the NULL pointer, the library assumes there are no more
+ * messages to encode.
+ * fn
+ * A Callback function that the ASN1 encoder calls whenever
+ * the encoder wants to write out some DER encoded byts.
+ * arg
+ * An opaque pointer that gets passed to the function fn.
+ *
+ * NOTES:
+ * The parameter inCertReqMsgs needs to be an array with a NULL pointer
+ * to signal the end of messages. An array in the form of
+ * {m1, m2, m3, NULL, m4, ...} will only encode the messages m1, m2, and
+ * m3. All messages from m4 on will not be looked at by the library.
+ *
+ * OUTPUT:
+ * The function fn will be called, probably multiple times. Look at the
+ * comments in crmft.h where the CRMFEncoderOutputCallback type is
+ * defined for information on proper behavior of the function fn.
+ *
+ * RETURN:
+ * SECSuccess if encoding the Certificate Request Messages was successful.
+ * Any other return value indicates an error occurred while encoding the
+ * certificate request messages.
+ */
+extern SECStatus
+CRMF_EncodeCertReqMessages(CRMFCertReqMsg **inCertReqMsgs,
+ CRMFEncoderOutputCallback fn,
+ void *arg);
+
+/*
+ * FUNCTION: CRMF_CreateCertReqMsg
+ * INPUTS:
+ * NONE
+ * OUTPUT:
+ * An empty CRMF Certificate Request Message.
+ * Before encoding this message, the user must set
+ * the ProofOfPossession field and the certificate
+ * request which are necessary for the full message.
+ * After the user no longer needs this CertReqMsg,
+ * the user must call CRMF_DestroyCertReqMsg to free
+ * all memory associated with the Certificate Request
+ * Message.
+ * RETURN:
+ * A pointer to a Certificate Request Message. The user
+ * must pass the return value of this function to
+ * CRMF_DestroyCertReqMsg after the Certificate Request
+ * Message is no longer necessary.
+ */
+extern CRMFCertReqMsg *CRMF_CreateCertReqMsg(void);
+
+/*
+ * FUNCTION: CRMF_DestroyCertReqMsg
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to destroy.
+ * NOTES:
+ * This function frees all the memory used for the Certificate
+ * Request Message and all the memory used in making copies of
+ * fields of elelments of the message, eg. the Proof Of Possession
+ * filed and the Cetificate Request.
+ * RETURN:
+ * SECSuccess if destruction was successful. Any other return value
+ * indicates an error while trying to free the memory associated
+ * with inCertReqMsg.
+ *
+ */
+extern SECStatus CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgSetCertRequest
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message that the function will set
+ * the certificate request for.
+ * inCertReq
+ * The Certificate Request that will be added to the Certificate
+ * Request Message.
+ * NOTES:
+ * This function will make a copy of the Certificate Request passed in
+ * and store it as part of the Certificate Request Message. Therefore,
+ * the user must not call this function until the Certificate Request
+ * has been fully built and is ready to be encoded.
+ * RETURN:
+ * SECSuccess
+ * If copying the Certificate as a member of the Certificate
+ * request message was successful.
+ * Any other return value indicates a failure to copy the Certificate
+ * Request and make it a part of the Certificate Request Message.
+ */
+extern SECStatus CRMF_CertReqMsgSetCertRequest(CRMFCertReqMsg *inCertReqMsg,
+ CRMFCertRequest *inCertReq);
+
+/*
+ * FUNCTION: CRMF_CreateCertRequest
+ * INPUTS:
+ * inRequestID
+ * The ID that will be associated with this certificate request.
+ * OUTPUTS:
+ * A certificate request which only has the requestID set.
+ * NOTES:
+ * The user must call the function CRMF_DestroyCertRequest when
+ * the returned value is no longer needed. This is usually the
+ * case after fully constructing the Certificate Request and then
+ * calling the function CRMF_CertReqMsgSetCertRequest.
+ * RETURN:
+ * A pointer to the new Certificate Request. A NULL return value
+ * indicates an error in creating the Certificate Request.
+ */
+extern CRMFCertRequest *CRMF_CreateCertRequest(PRUint32 inRequestID);
+
+/*
+ * FUNCTION: CRMF_DestroyCertRequest
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request that will be destroyed.
+ * RETURN:
+ * SECSuccess
+ * If freeing the memory associated with the certificate request
+ * was successful.
+ * Any other return value indicates an error while trying to free the
+ * memory.
+ */
+extern SECStatus CRMF_DestroyCertRequest(CRMFCertRequest *inCertReq);
+
+/*
+ * FUNCTION: CRMF_CreateCertExtension
+ * INPUTS:
+ * id
+ * The SECOidTag to associate with this CertExtension. This must
+ * correspond to a valid Certificate Extension, if not the function
+ * will fail.
+ * isCritical
+ * A boolean value stating if the extension value is crtical. PR_TRUE
+ * means the value is crtical. PR_FALSE indicates the value is not
+ * critical.
+ * data
+ * This is the data associated with the extension. The user of the
+ * library is responsible for making sure the value passed in is a
+ * valid interpretation of the certificate extension.
+ * NOTES:
+ * Use this function to create CRMFCertExtension Structures which will
+ * then be passed to CRMF_AddFieldToCertTemplate as part of the
+ * CRMFCertCreationInfo.extensions The user must call
+ * CRMF_DestroyCertExtension after the extension has been added to a certifcate
+ * and the extension is no longer needed.
+ *
+ * RETURN:
+ * A pointer to a newly created CertExtension. A return value of NULL
+ * indicates the id passed in was an invalid certificate extension.
+ */
+extern CRMFCertExtension *CRMF_CreateCertExtension(SECOidTag id,
+ PRBool isCritical,
+ SECItem *data);
+
+/*
+ * FUNCTION: CMRF_DestroyCertExtension
+ * INPUTS:
+ * inExtension
+ * The Cert Extension to destroy
+ * NOTES:
+ * Destroy a structure allocated by CRMF_CreateCertExtension.
+ *
+ * RETURN:
+ * SECSuccess if freeing the memory associated with the certificate extension
+ * was successful. Any other error indicates an error while freeing the
+ * memory.
+ */
+extern SECStatus CRMF_DestroyCertExtension(CRMFCertExtension *inExtension);
+
+/*
+ * FUNCTION: CRMF_CertRequestSetTemplateField
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * inTemplateField
+ * An enumeration that indicates which field of the Certificate
+ * template to add.
+ * data
+ * A generic pointer that will be type cast according to the
+ * table under NOTES and used as the key for adding to the
+ * certificate template;
+ * NOTES:
+ *
+ * Below is a table that tells what type to pass in as data
+ * depending on the template field one wants to set.
+ *
+ * Look in crmft.h for the definition of CRMFCertTemplateField.
+ *
+ * In all cases, the library makes copies of the data passed in.
+ *
+ * CRMFCertTemplateField Type of data What data means
+ * --------------------- ------------ ---------------
+ * crmfVersion long * The version of
+ * the certificate
+ * to be created.
+ *
+ * crmfSerialNumber long * The serial number
+ * for the cert to be
+ * created.
+ *
+ * crmfSigningAlg SECAlgorithm * The ASN.1 object ID for
+ * the algorithm used in encoding
+ * the certificate.
+ *
+ * crmfIssuer CERTName * Certificate Library
+ * representation of the ASN1 type
+ * Name from X.509
+ *
+ * crmfValidity CRMFValidityCreationInfo * At least one of the two
+ * fields in the structure must
+ * be present. A NULL pointer
+ * in the structure indicates
+ * that member should not be
+ * added.
+ *
+ * crmfSubject CERTName * Certificate Library
+ * representation of the ASN1 type
+ * Name from X.509
+ *
+ * crmfPublicKey CERTSubjectPublicKeyInfo * The public key info for the
+ * certificate being requested.
+ *
+ * crmfIssuerUID SECItem * A bit string representation
+ * of the issuer UID. NOTE: The
+ * length is the number of bits
+ * and not the number of bytes.
+ *
+ * crmfSubjectUID SECItem* A bit string representation
+ * of the subject UID. NOTE: The
+ * length is the number of bits
+ * and not the number of bytes.
+ *
+ * crmfExtension CRMFCertExtCreationInfo * A pointer to the structure
+ * populated with an array of
+ * of certificate extensions
+ * and an integer that tells
+ * how many elements are in the
+ * array. Look in crmft.h for
+ * the definition of
+ * CRMFCertExtCreationInfo
+ * RETURN:
+ * SECSuccess if adding the desired field to the template was successful.
+ * Any other return value indicates failure when trying to add the field
+ * to the template.
+ *
+ */
+extern SECStatus
+CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
+ CRMFCertTemplateField inTemplateField,
+ void *data);
+
+/*
+ * FUNCTION: CRMF_CertRequestIsFieldPresent
+ * INPUTS:
+ * inCertReq
+ * The certificate request to operate on.
+ * inTemplateField
+ * The enumeration for the template field the user wants to query
+ * about.
+ * NOTES:
+ * This function checks to see if the the field associated with inTemplateField
+ * enumeration is already present in the certificate request passed in.
+ *
+ * RETURN:
+ * The function returns PR_TRUE if the field associated with inTemplateField
+ * is already present in the certificate request. If the field is not present
+ * the function returns PR_FALSE.
+ */
+extern PRBool
+CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
+ CRMFCertTemplateField inTemplateField);
+
+/*
+ * FUNCTION: CRMF_CertRequestIsControlPresent
+ * INPUTS:
+ * inCertReq
+ * The certificate request to operate on.
+ * inControlType
+ * The type of control to look for.
+ * NOTES:
+ * This function looks at the control present in the certificate request
+ * and returns PR_TRUE iff a control of type inControlType already exists.
+ * The CRMF draft does not explicitly state that two controls of the same
+ * type can not exist within the same request. So the library will not
+ * cause an error if you try to add a control and one of the same type
+ * already exists. It is up to the application to ensure that multiple
+ * controls of the same type do not exist, if that is the desired behavior
+ * by the application.
+ *
+ * RETURN:
+ * The function returns PR_TRUE if a control of type inControlType already
+ * exists in the certificate request. If a control of type inControlType
+ * does not exist, the function will return PR_FALSE.
+ */
+extern PRBool
+CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
+ CRMFControlType inControlType);
+
+/*
+ * FUNCTION: CRMF_CertRequestSetRegTokenControl
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * value
+ * The UTF8 value which will be the Registration Token Control
+ * for this Certificate Request.
+ * NOTES:
+ * The library does no verification that the value passed in is
+ * a valid UTF8 value. The caller must make sure of this in order
+ * to get an encoding that is valid. The library will ultimately
+ * encode this value as it was passed in.
+ * RETURN:
+ * SECSucces on successful addition of the Registration Token Control.
+ * Any other return value indicates an unsuccessful attempt to add the
+ * control.
+ *
+ */
+extern SECStatus CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq,
+ SECItem *value);
+
+/*
+ * FUNCTION: CRMF_CertRequestSetAuthenticatorControl
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * value
+ * The UTF8 value that will become the Authenticator Control
+ * for the passed in Certificate Request.
+ * NOTES:
+ * The library does no verification that the value passed in is
+ * a valid UTF8 value. The caller must make sure of this in order
+ * to get an encoding that is valid. The library will ultimately
+ * encode this value as it was passed in.
+ * RETURN:
+ * SECSucces on successful addition of the Authenticator Control.
+ * Any other return value indicates an unsuccessful attempt to add the
+ * control.
+ */
+extern SECStatus
+CRMF_CertRequestSetAuthenticatorControl(CRMFCertRequest *inCertReq,
+ SECItem *value);
+
+/*
+ * FUNCTION: CRMF_CreateEncryptedKeyWithencryptedValue
+ * INPUTS:
+ * inPrivKey
+ * This is the private key associated with a certificate that is
+ * being requested. This structure will eventually wind up as
+ * a part of the PKIArchiveOptions Control.
+ * inCACert
+ * This is the certificate for the CA that will be receiving the
+ * certificate request for the private key passed in.
+ * OUTPUT:
+ * A CRMFEncryptedKey that can ultimately be used as part of the
+ * PKIArchiveOptions Control.
+ *
+ * RETURN:
+ * A pointer to a CRMFEncyptedKey. A NULL return value indicates an erro
+ * during the creation of the encrypted key.
+ */
+extern CRMFEncryptedKey *
+CRMF_CreateEncryptedKeyWithEncryptedValue(SECKEYPrivateKey *inPrivKey,
+ CERTCertificate *inCACert);
+
+/*
+ * FUNCTION: CRMF_DestroyEncryptedKey
+ * INPUTS:
+ * inEncrKey
+ * The CRMFEncryptedKey to be destroyed.
+ * NOTES:
+ * Frees all memory associated with the CRMFEncryptedKey passed in.
+ * RETURN:
+ * SECSuccess if freeing the memory was successful. Any other return
+ * value indicates an error while freeig the memroy.
+ */
+extern SECStatus CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey);
+
+/*
+ * FUNCTION: CRMF_CreatePKIArchiveOptions
+ * INPUTS:
+ * inType
+ * An enumeration value indicating which option for
+ * PKIArchiveOptions to use.
+ * data
+ * A pointer that will be type-cast and de-referenced according
+ * to the table under NOTES.
+ * NOTES:
+ * A table listing what should be passed in as data
+ * ------------------------------------------------
+ *
+ * inType data
+ * ------ ----
+ * crmfEncryptedPrivateKey CRMFEncryptedKey*
+ * crmfKeyGenParameters SECItem*(This needs to be an octet string)
+ * crmfArchiveRemGenPrivKey PRBool*
+ *
+ * RETURN:
+ * A pointer the a CRMFPKIArchiveOptions that can be added to a Certificate
+ * Request. A NULL pointer indicates an error occurred while creating
+ * the CRMFPKIArchiveOptions Structure.
+ */
+extern CRMFPKIArchiveOptions *
+CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType,
+ void *data);
+/*
+ * FUNCTION: CRMF_DestroyPKIArchiveOptions
+ * INPUTS:
+ * inArchOpt
+ * A pointer to the CRMFPKIArchiveOptions structure to free.
+ * NOTES:
+ * Will free all memory associated with 'inArchOpt'.
+ * RETURN:
+ * SECSuccess if successful in freeing the memory used by 'inArchOpt'
+ * Any other return value indicates an error while freeing the memory.
+ */
+extern SECStatus
+CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOpt);
+
+/*
+ * FUNCTION: CRMF_CertRequestSetPKIArchiveOptions
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to add the the options to.
+ * inOptions
+ * The Archive Options to add to the Certificate Request.
+ * NOTES:
+ * Adds the PKIArchiveOption to the Certificate Request. This is what
+ * enables Key Escrow to take place through CRMF. The library makes
+ * its own copy of the information.
+ * RETURN:
+ * SECSuccess if successful in adding the ArchiveOptions to the Certificate
+ * request. Any other return value indicates an error when trying to add
+ * the Archive Options to the Certificate Request.
+ */
+extern SECStatus
+CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq,
+ CRMFPKIArchiveOptions *inOptions);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgGetPOPType
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to operate on.
+ * NOTES:
+ * Returns an enumeration value indicating the method of Proof
+ * of Possession that was used for the passed in Certificate Request
+ * Message.
+ * RETURN:
+ * An enumeration indicating what method for Proof Of Possession is
+ * being used in this Certificate Request Message. Look in the file
+ * crmft.h for the definition of CRMFPOPChoice for the possible return
+ * values.
+ */
+extern CRMFPOPChoice CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgSetRAVerifiedPOP
+ * INPUT:
+ * InCertReqMsg
+ * The Certificate Request Message to operate on.
+ * NOTES:
+ * This function will set the method of Proof Of Possession to
+ * crmfRAVerified which means the RA has already verified the
+ * requester does possess the private key.
+ * RETURN:
+ * SECSuccess if adding RAVerified to the message is successful.
+ * Any other message indicates an error while trying to add RAVerified
+ * as the Proof of Possession.
+ */
+extern SECStatus CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgSetSignaturePOP
+ * INPUT:
+ * inCertReqMsg
+ * The Certificate Request Message to add the SignaturePOP to.
+ * inPrivKey
+ * The Private Key which corresponds to the the Certificate Request
+ * Message.
+ * inPubKey
+ * The Public Key which corresponds to the Private Key passed in.
+ * inCertForInput
+ * A Certificate that in the future may be used to create
+ * POPOSigningKeyInput.
+ * fn
+ * A callback for retrieving a password which may be used in the
+ * future to generate POPOSigningKeyInput.
+ * arg
+ * An opaque pointer that would be passed to fn whenever it is
+ * called.
+ * NOTES:
+ * Adds Proof Of Possession to the CertRequest using the signature field
+ * of the ProofOfPossession field. NOTE: In order to use this option,
+ * the certificate template must contain the publicKey at the very minimum.
+ *
+ * If you don't want the function to generate POPOSigningKeyInput, then
+ * make sure the cert template already contains the subject and public key
+ * values. Currently creating POPOSigningKeyInput is not supported, so
+ * a Message passed to this function must have the publicKey and the subject
+ * as part of the template
+ *
+ * This will take care of creating the entire POPOSigningKey structure
+ * that will become part of the message.
+ *
+ * inPrivKey is the key to be used in the signing operation when creating
+ * POPOSigningKey structure. This should be the key corresponding to
+ * the certificate being requested.
+ *
+ * inCertForInput will be used if POPOSigningKeyInput needs to be generated.
+ * It will be used in generating the authInfo.sender field. If the parameter
+ * is not passed in then authInfo.publicKeyMAC will be generated instead.
+ * If passed in, this certificate needs to be a valid certificate.
+ *
+ * The last 3 arguments are for future compatibility in case we ever want to
+ * support generating POPOSigningKeyInput. Pass in NULL for all 3 if you
+ * definitely don't want the function to even try to generate
+ * POPOSigningKeyInput. If you try to use POPOSigningKeyInput, the function
+ * will fail.
+ *
+ * RETURN:
+ * SECSuccess if adding the Signature Proof Of Possession worked.
+ * Any other return value indicates an error in trying to add
+ * the Signature Proof Of Possession.
+ */
+extern SECStatus
+CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg *inCertReqMsg,
+ SECKEYPrivateKey *inPrivKey,
+ SECKEYPublicKey *inPubKey,
+ CERTCertificate *inCertForInput,
+ CRMFMACPasswordCallback fn,
+ void *arg);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgSetKeyEnciphermentPOP
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to operate on.
+ * inKeyChoice
+ * An enumeration indicating which POPOPrivKey Choice to use
+ * in constructing the KeyEnciphermentPOP.
+ * subseqMess
+ * This parameter must be provided iff inKeyChoice is
+ * crmfSubsequentMessage. This details how the RA is to respond
+ * in order to perform Proof Of Possession. Look in crmft.h under
+ * the definition of CRMFSubseqMessOptions for possible values.
+ * encPrivKey
+ * This parameter only needs to be provided if inKeyChoice is
+ * crmfThisMessage. The item should contain the encrypted private
+ * key.
+ *
+ * NOTES:
+ * Adds Proof Of Possession using the keyEncipherment field of
+ * ProofOfPossession.
+ *
+ * The function looks at the the inKeyChoice parameter and interprets it in
+ * in the following manner.
+ *
+ * If a parameter is not mentioned under interpretation, the function will not
+ * look at its value when implementing that case.
+ *
+ * inKeyChoice Interpretation
+ * ----------- --------------
+ * crmfThisMessage This options requires that the encrypted private key
+ * be included in the thisMessage field of POPOPrivKey.
+ * We don't support this yet, so any clients who want
+ * to use this feature have to implement a wrapping
+ * function and agree with the server on how to properly
+ * wrap the key. That encrypted key must be passed in
+ * as the encPrivKey parameter.
+ *
+ * crmfSubequentMessage Must pass in a value for subseqMess. The value must
+ * be either CRMFEncrCert or CRMFChallengeResp. The
+ * parameter encPrivKey will not be looked at in this
+ * case.
+ *
+ * crmfDHMAC This is not a valid option for this function. Passing
+ * in this value will result in the function returning
+ * SECFailure.
+ * RETURN:
+ * SECSuccess if adding KeyEnciphermentPOP was successful. Any other return
+ * value indicates an error in adding KeyEnciphermentPOP.
+ */
+extern SECStatus
+CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKeyChoice inKeyChoice,
+ CRMFSubseqMessOptions subseqMess,
+ SECItem *encPrivKey);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgSetKeyAgreementPOP
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to operate on.
+ * inKeyChoice
+ * An enumeration indicating which POPOPrivKey Choice to use
+ * in constructing the KeyAgreementPOP.
+ * subseqMess
+ * This parameter must be provided iff inKeyChoice is
+ * crmfSubsequentMessage. This details how the RA is to respond
+ * in order to perform Proof Of Possession. Look in crmft.h under
+ * the definition of CRMFSubseqMessOptions for possible values.
+ * encPrivKey
+ * This parameter only needs to be provided if inKeyChoice is
+ * crmfThisMessage. The item should contain the encrypted private
+ * key.
+ * Adds Proof Of Possession using the keyAgreement field of
+ * ProofOfPossession.
+ *
+ * The function looks at the the inKeyChoice parameter and interprets it in
+ * in the following manner.
+ *
+ * If a parameter is not mentioned under interpretation, the function will not
+ * look at its value when implementing that case.
+ *
+ * inKeyChoice Interpretation
+ * ----------- --------------
+ * crmfThisMessage This options requires that the encrypted private key
+ * be included in the thisMessage field of POPOPrivKey.
+ * We don't support this yet, so any clients who want
+ * to use this feature have to implement a wrapping
+ * function and agree with the server on how to properly
+ * wrap the key. That encrypted key must be passed in
+ * as the encPrivKey parameter.
+ *
+ * crmfSubequentMessage Must pass in a value for subseqMess. The value must
+ * be either crmfEncrCert or crmfChallengeResp. The
+ * parameter encPrivKey will not be looked at in this
+ * case.
+ *
+ * crmfDHMAC This option is not supported.
+ */
+extern SECStatus
+CRMF_CertReqMsgSetKeyAgreementPOP(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKeyChoice inKeyChoice,
+ CRMFSubseqMessOptions subseqMess,
+ SECItem *encPrivKey);
+
+/*
+ * FUNCTION: CRMF_CreateCertReqMsgFromDER
+ * INPUTS:
+ * buf
+ * A buffer to the DER-encoded Certificate Request Message.
+ * len
+ * The length in bytes of the buffer 'buf'
+ * NOTES:
+ * This function passes the buffer to the ASN1 decoder and creates a
+ * CRMFCertReqMsg structure. Do not try adding any fields to a message
+ * returned from this function. Specifically adding more Controls or
+ * Extensions may cause your program to crash.
+ *
+ * RETURN:
+ * A pointer to the Certificate Request Message structure. A NULL return
+ * value indicates the library was unable to parse the DER.
+ */
+extern CRMFCertReqMsg *CRMF_CreateCertReqMsgFromDER(const char *buf, long len);
+
+/*
+ * FUNCTION: CRMF_CreateCertReqMessagesFromDER
+ * INPUTS:
+ * buf
+ * A buffer to the DER-encoded Certificate Request Messages.
+ * len
+ * The length in bytes of buf
+ * NOTES:
+ * This function passes the buffer to the ASN1 decoder and creates a
+ * CRMFCertReqMessages structure. Do not try adding any fields to a message
+ * derived from this function. Specifically adding more Controls or
+ * Extensions may cause your program to crash.
+ * The user must call CRMF_DestroyCertReqMessages after the return value is
+ * no longer needed, ie when all individual messages have been extracted.
+ *
+ * RETURN:
+ * A pointer to the Certificate Request Messages structure. A NULL return
+ * value indicates the library was unable to parse the DER.
+ */
+extern CRMFCertReqMessages *
+CRMF_CreateCertReqMessagesFromDER(const char *buf, long len);
+
+/*
+ * FUNCTION: CRMF_DestroyCertReqMessages
+ * INPUTS
+ * inCertReqMsgs
+ * The Messages to destroy.
+ * RETURN:
+ * SECSuccess if freeing the memory was done successfully. Any other
+ * return value indicates an error in freeing up memory.
+ */
+extern SECStatus
+CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs);
+
+/*
+ * FUNCTION: CRMF_CertReqMessagesGetNumMessages
+ * INPUTS:
+ * inCertReqMsgs
+ * The Request Messages to operate on.
+ * RETURN:
+ * The number of messages contained in the in the Request Messages
+ * strucure.
+ */
+extern int
+CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs);
+
+/*
+ * FUNCTION: CRMF_CertReqMessagesGetCertReqMsgAtIndex
+ * INPUTS:
+ * inReqMsgs
+ * The Certificate Request Messages to operate on.
+ * index
+ * The index of the single message the user wants a copy of.
+ * NOTES:
+ * This function returns a copy of the request messages stored at the
+ * index corresponding to the parameter 'index'. Indexing of the messages
+ * is done in the same manner as a C array. Meaning the valid index are
+ * 0...numMessages-1. User must call CRMF_DestroyCertReqMsg when done using
+ * the return value of this function.
+ *
+ * RETURN:
+ * SECSuccess if copying the message at the requested index was successful.
+ * Any other return value indicates an invalid index or error while copying
+ * the single request message.
+ */
+extern CRMFCertReqMsg *
+CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
+ int index);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgGetID
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to get the ID from.
+ * destID
+ * A pointer to where the library can place the ID of the Message.
+ * RETURN:
+ * SECSuccess if the function was able to retrieve the ID and place it
+ * at *destID. Any other return value indicates an error meaning the value
+ * in *destId is un-reliable and should not be used by the caller of this
+ * function.
+ *
+ */
+extern SECStatus CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg,
+ long *destID);
+
+/*
+ * FUNCTION: CRMF_DoesRequestHaveField
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * inField
+ * An enumeration indicating which filed of the certificate template
+ * to look for.
+ * NOTES:
+ * All the fields in a certificate template are optional. This function
+ * checks to see if the requested field is present. Look in crmft.h at the
+ * definition of CRMFCertTemplateField for possible values for possible
+ * querying.
+ *
+ * RETURN:
+ * PR_TRUE iff the field corresponding to 'inField' has been specified as part
+ * of 'inCertReq'
+ * PR_FALSE iff the field corresponding to 'inField' has not been speicified
+ * as part of 'inCertReq'
+ *
+ */
+extern PRBool CRMF_DoesRequestHaveField(CRMFCertRequest *inCertReq,
+ CRMFCertTemplateField inField);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgGetCertRequest
+ * INPUTS:
+ * inCertReqMsg
+ * The Certificate Request Message to operate on.
+ * NOTES:
+ * This function returns a copy of the Certificate Request to the user.
+ * The user can keep adding to this request and then making it a part
+ * of another message. After the user no longer wants to use the
+ * returned request, the user must call CRMF_DestroyCertRequest and
+ * pass it the request returned by this function.
+ * RETURN:
+ * A pointer to a copy of the certificate request contained by the message.
+ * A NULL return value indicates an error occurred while copying the
+ * certificate request.
+ */
+extern CRMFCertRequest *
+CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateVersion
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * version
+ * A pointer to where the library can store the version contatined
+ * in the certificate template within the certifcate request.
+ * RETURN:
+ * SECSuccess if the Certificate template contains the version field. In
+ * this case, *version will hold the value of the certificate template
+ * version.
+ * SECFailure indicates that version field was not present as part of
+ * of the certificate template.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
+ long *version);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateSerialNumber
+ * INPUTS:
+ * inCertReq
+ * The certificate request to operate on.
+ * serialNumber
+ * A pointer where the library can put the serial number contained
+ * in the certificate request's certificate template.
+ * RETURN:
+ * If a serial number exists in the CertTemplate of the request, the function
+ * returns SECSuccess and the value at *serialNumber contains the serial
+ * number.
+ * If no serial number is present, then the function returns SECFailure and
+ * the value at *serialNumber is un-changed.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
+ long *serialNumber);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateSigningAlg
+ * INPUT:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * destAlg
+ * A Pointer to where the library can place a copy of the signing alg
+ * used in the cert request's cert template.
+ * RETURN:
+ * If the signingAlg is present in the CertRequest's CertTemplate, then
+ * the function returns SECSuccess and places a copy of sigingAlg in
+ * *destAlg.
+ * If no signingAlg is present, then the function returns SECFailure and
+ * the value at *destAlg is un-changed
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
+ SECAlgorithmID *destAlg);
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateIssuer
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * destIssuer
+ * A pointer to where the library can place a copy of the cert
+ * request's cert template issuer field.
+ * RETURN:
+ * If the issuer is present in the cert request cert template, the function
+ * returns SECSuccess and places a copy of the issuer in *destIssuer.
+ * If there is no issuer present, the function returns SECFailure and the
+ * value at *destIssuer is unchanged.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
+ CERTName *destIssuer);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateValidity
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * destValdity
+ * A pointer to where the library can place a copy of the validity
+ * info in the cert request cert template.
+ * NOTES:
+ * Pass the pointer to
+ * RETURN:
+ * If there is an OptionalValidity field, the function will return SECSuccess
+ * and place the appropriate values in *destValidity->notBefore and
+ * *destValidity->notAfter. (Each field is optional, but at least one will
+ * be present if the function returns SECSuccess)
+ *
+ * If there is no OptionalValidity field, the function will return SECFailure
+ * and the values at *destValidity will be un-changed.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
+ CRMFGetValidity *destValidity);
+/*
+ * FUNCTION: CRMF_DestroyGetValidity
+ * INPUTS:
+ * inValidity
+ * A pointer to the memroy to be freed.
+ * NOTES:
+ * The function will free the memory allocated by the function
+ * CRMF_CertRequestGetCertTemplateValidity. That means only memory pointed
+ * to within the CRMFGetValidity structure. Since
+ * CRMF_CertRequestGetCertTemplateValidity does not allocate memory for the
+ * structure passed into it, it will not free it. Meaning this function will
+ * free the memory at inValidity->notBefore and inValidity->notAfter, but not
+ * the memory directly at inValdity.
+ *
+ * RETURN:
+ * SECSuccess if freeing the memory was successful. Any other return value
+ * indicates an error while freeing the memory.
+ */
+extern SECStatus
+CRMF_DestroyGetValidity(CRMFGetValidity *inValidity);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateSubject
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * destSubject
+ * A pointer to where the library can place a copy of the subject
+ * contained in the request's cert template.
+ * RETURN:
+ * If there is a subject in the CertTemplate, then the function returns
+ * SECSuccess and a copy of the subject is placed in *destSubject.
+ *
+ * If there is no subject, the function returns SECFailure and the values at
+ * *destSubject is unchanged.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateSubject(CRMFCertRequest *inCertReq,
+ CERTName *destSubject);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplatePublicKey
+ * INPUTS:
+ * inCertReq
+ * The Cert request to operate on.
+ * destPublicKey
+ * A pointer to where the library can place a copy of the request's
+ * cert template public key.
+ * RETURN:
+ * If there is a publicKey parameter in the CertRequest, the function returns
+ * SECSuccess, and places a copy of the publicKey in *destPublicKey.
+ *
+ * If there is no publicKey, the function returns SECFailure and the value
+ * at *destPublicKey is un-changed.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
+ CERTSubjectPublicKeyInfo *destPublicKey);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateIssuerUID
+ * INPUTS:
+ * inCertReq
+ * The Cert request to operate on.
+ * destIssuerUID
+ * A pointer to where the library can store a copy of the request's
+ * cert template destIssuerUID.
+ *
+ * NOTES:
+ * destIssuerUID is a bit string and will be returned in a SECItem as
+ * a bit string. Meaning the len field contains the number of valid bits as
+ * opposed to the number of bytes allocated.
+ *
+ * RETURN:
+ * If the CertTemplate has an issuerUID, the function returns SECSuccess and
+ * places a copy of the issuerUID in *destIssuerUID.
+ *
+ * If there is no issuerUID, the function returns SECFailure and the value
+ * *destIssuerUID is unchanged.
+ */
+extern SECStatus
+CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
+ SECItem *destIssuerUID);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetCertTemplateSubjectUID
+ * inCertReq
+ * The Cert request to operate on.
+ * destSubjectUID
+ * A pointer to where the library can store a copy of the request's
+ * cert template destIssuerUID.
+ *
+ * NOTES:
+ * destSubjectUID is a bit string and will be returned in a SECItem as
+ * a bit string. Meaning the len field contains the number of valid bits as
+ * opposed to the number of bytes allocated.
+ *
+ * RETURN:
+ * If the CertTemplate has an issuerUID, the function returns SECSuccess and
+ * places a copy of the issuerUID in *destIssuerUID.
+ *
+ * If there is no issuerUID, the function returns SECSuccess and the value
+ * *destIssuerUID is unchanged.
+ */
+extern SECStatus CRMF_GetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
+ SECItem *destSubjectUID);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetNumberOfExtensions
+ * INPUTS:
+ * inCertReq
+ * The cert request to operate on.
+ * RETURN:
+ * Returns the number of extensions contained by the Cert Request.
+ */
+extern int CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetExtensionAtIndex
+ * INPUTS:
+ * inCertReq
+ * The Certificate request to operate on.
+ * index
+ * The index of the extension array whihc the user wants to access.
+ * NOTES:
+ * This function retrieves the extension at the index corresponding to the
+ * parameter "index" indicates. Indexing is done like a C array.
+ * (0 ... numElements-1)
+ *
+ * Call CRMF_DestroyCertExtension when done using the return value.
+ *
+ * RETURN:
+ * A pointer to a copy of the extension at the desired index. A NULL
+ * return value indicates an invalid index or an error while copying
+ * the extension.
+ */
+extern CRMFCertExtension *
+CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
+ int index);
+/*
+ * FUNCTION: CRMF_CertExtensionGetOidTag
+ * INPUTS:
+ * inExtension
+
+ * The extension to operate on.
+ * RETURN:
+ * Returns the SECOidTag associated with the cert extension passed in.
+ */
+extern SECOidTag CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension);
+
+/*
+ * FUNCTION: CRMF_CertExtensionGetIsCritical
+ * INPUT:
+ * inExt
+ * The cert extension to operate on.
+ *
+ * RETURN:
+ * PR_TRUE if the extension is critical.
+ * PR_FALSE if the extension is not critical.
+ */
+extern PRBool CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt);
+
+/*
+ * FUNCTION: CRMF_CertExtensionGetValue
+ * INPUT:
+ * inExtension
+ * The extension to operate on.
+ * NOTES:
+ * Caller is responsible for freeing the memory associated with the return
+ * value. Call SECITEM_FreeItem(retVal, PR_TRUE) when done using the return
+ * value.
+ *
+ * RETURN:
+ * A pointer to an item containig the value for the certificate extension.
+ * A NULL return value indicates an error in copying the information.
+ */
+extern SECItem *CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgGetPOPOSigningKey
+ * INPUTS:
+ * inCertReqMsg
+ * The certificate request message to operate on.
+ * destKey
+ * A pointer to where the library can place a pointer to
+ * a copy of the Proof Of Possession Signing Key used
+ * by the message.
+ *
+ * RETURN:
+ * Get the POPOSigningKey associated with this CRMFCertReqMsg.
+ * If the CertReqMsg does not have a pop, the function returns
+ * SECFailure and the value at *destKey is un-changed..
+ *
+ * If the CertReqMsg does have a pop, then the CertReqMsg's
+ * POPOSigningKey will be placed at *destKey.
+ */
+extern SECStatus
+CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOSigningKey **destKey);
+
+/*
+ * FUNCTION: CRMF_DestroyPOPOSigningKey
+ * INPUTS:
+ * inKey
+ * The signing key to free.
+ *
+ * RETURN:
+ * SECSuccess if freeing the memory was successful. Any other return value
+ * indicates an error while freeing memory.
+ */
+extern SECStatus CRMF_DestroyPOPOSigningKey(CRMFPOPOSigningKey *inKey);
+
+/*
+ * FUNCTION: CRMF_POPOSigningKeyGetAlgID
+ * INPUTS:
+ * inSignKey
+ * The Signing Key to operate on.
+ * RETURN:
+ * Return the algorithmID used by the CRMFPOPOSigningKey. User must
+ * call SECOID_DestroyAlgorithmID(destID, PR_TRUE) when done using the
+ * return value.
+ */
+extern SECAlgorithmID *
+CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey);
+
+/*
+ * FUNCTION: CRMF_POPOSigningKeyGetSignature
+ * INPUTS:
+ * inSignKey
+ * The Signing Key to operate on.
+ *
+ * RETURN:
+ * Get the actual signature stored away in the CRMFPOPOSigningKey. SECItem
+ * returned is a BIT STRING, so the len field is the number of bits as opposed
+ * to the total number of bytes allocatd. User must call
+ * SECITEM_FreeItem(retVal,PR_TRUE) when done using the return value.
+ */
+extern SECItem *CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey);
+
+/*
+ * FUNCTION: CRMF_POPOSigningKeyGetInput
+ * INPUTS:
+ * inSignKey
+ * The Signing Key to operate on.
+ * NOTES:
+ * This function will return the der encoded input that was read in while
+ * decoding. The API does not support this option when creating, so you
+ * cannot add this field.
+ *
+ * RETURN:
+ * Get the poposkInput that is part of the of the POPOSigningKey. If the
+ * optional field is not part of the POPOSigningKey, the function returns
+ * NULL.
+ *
+ * If the optional field is part of the POPOSingingKey, the function will
+ * return a copy of the der encoded poposkInput.
+ */
+extern SECItem *CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgGetPOPKeyEncipherment
+ * INPUTS:
+ * inCertReqMsg
+ * The certificate request message to operate on.
+ * destKey
+ * A pointer to where the library can place a pointer to a
+ * copy of the POPOPrivKey representing Key Encipherment
+ * Proof of Possession.
+ *NOTES:
+ * This function gets the POPOPrivKey associated with this CRMFCertReqMsg
+ * for Key Encipherment.
+ *
+ * RETURN:
+ * If the CertReqMsg did not use Key Encipherment for Proof Of Possession, the
+ * function returns SECFailure and the value at *destKey is un-changed.
+ *
+ * If the CertReqMsg did use Key Encipherment for ProofOfPossession, the
+ * function returns SECSuccess and places the POPOPrivKey representing the
+ * Key Encipherment Proof Of Possessin at *destKey.
+ */
+extern SECStatus
+CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKey **destKey);
+
+/*
+ * FUNCTION: CRMF_CertReqMsgGetPOPKeyAgreement
+ * INPUTS:
+ * inCertReqMsg
+ * The certificate request message to operate on.
+ * destKey
+ * A pointer to where the library can place a pointer to a
+ * copy of the POPOPrivKey representing Key Agreement
+ * Proof of Possession.
+ * NOTES:
+ * This function gets the POPOPrivKey associated with this CRMFCertReqMsg for
+ * Key Agreement.
+ *
+ * RETURN:
+ * If the CertReqMsg used Key Agreement for Proof Of Possession, the
+ * function returns SECSuccess and the POPOPrivKey for Key Agreement
+ * is placed at *destKey.
+ *
+ * If the CertReqMsg did not use Key Agreement for Proof Of Possession, the
+ * function return SECFailure and the value at *destKey is unchanged.
+ */
+extern SECStatus
+CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKey **destKey);
+
+/*
+ * FUNCTION: CRMF_DestroyPOPOPrivKey
+ * INPUTS:
+ * inPrivKey
+ * The POPOPrivKey to destroy.
+ * NOTES:
+ * Destroy a structure allocated by CRMF_GetPOPKeyEncipherment or
+ * CRMF_GetPOPKeyAgreement.
+ *
+ * RETURN:
+ * SECSuccess on successful destruction of the POPOPrivKey.
+ * Any other return value indicates an error in freeing the
+ * memory.
+ */
+extern SECStatus CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey);
+
+/*
+ * FUNCTION: CRMF_POPOPrivKeyGetChoice
+ * INPUT:
+ * inKey
+ * The POPOPrivKey to operate on.
+ * RETURN:
+ * Returns which choice was used in constructing the POPPOPrivKey. Look at
+ * the definition of CRMFPOPOPrivKeyChoice in crmft.h for the possible return
+ * values.
+ */
+extern CRMFPOPOPrivKeyChoice CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inKey);
+
+/*
+ * FUNCTION: CRMF_POPOPrivKeyGetThisMessage
+ * INPUTS:
+ * inKey
+ * The POPOPrivKey to operate on.
+ * destString
+ * A pointer to where the library can place a copy of the This Message
+ * field stored in the POPOPrivKey
+ *
+ * RETURN:
+ * Returns the field thisMessage from the POPOPrivKey.
+ * If the POPOPrivKey did not use the field thisMessage, the function
+ * returns SECFailure and the value at *destString is unchanged.
+ *
+ * If the POPOPrivKey did use the field thisMessage, the function returns
+ * SECSuccess and the BIT STRING representing thisMessage is placed
+ * at *destString. BIT STRING representation means the len field is the
+ * number of valid bits as opposed to the total number of bytes.
+ */
+extern SECStatus CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
+ SECItem *destString);
+
+/*
+ * FUNCTION: CRMF_POPOPrivKeyGetSubseqMess
+ * INPUTS:
+ * inKey
+ * The POPOPrivKey to operate on.
+ * destOpt
+ * A pointer to where the library can place the value of the
+ * Subsequent Message option used by POPOPrivKey.
+ *
+ * RETURN:
+ * Retrieves the field subsequentMessage from the POPOPrivKey.
+ * If the POPOPrivKey used the subsequentMessage option, the function
+ * returns SECSuccess and places the appropriate enumerated value at
+ * *destMessageOption.
+ *
+ * If the POPOPrivKey did not use the subsequenMessage option, the function
+ * returns SECFailure and the value at *destOpt is un-changed.
+ */
+extern SECStatus CRMF_POPOPrivKeyGetSubseqMess(CRMFPOPOPrivKey *inKey,
+ CRMFSubseqMessOptions *destOpt);
+
+/*
+ * FUNCTION: CRMF_POPOPrivKeyGetDHMAC
+ * INPUTS:
+ * inKey
+ * The POPOPrivKey to operate on.
+ * destMAC
+ * A pointer to where the library can place a copy of the dhMAC
+ * field of the POPOPrivKey.
+ *
+ * NOTES:
+ * Returns the field dhMAC from the POPOPrivKey. The populated SECItem
+ * is in BIT STRING format.
+ *
+ * RETURN:
+ * If the POPOPrivKey used the dhMAC option, the function returns SECSuccess
+ * and the BIT STRING for dhMAC will be placed at *destMAC. The len field in
+ * destMAC (ie destMAC->len) will be the valid number of bits as opposed to
+ * the number of allocated bytes.
+ *
+ * If the POPOPrivKey did not use the dhMAC option, the function returns
+ * SECFailure and the value at *destMAC is unchanged.
+ *
+ */
+extern SECStatus CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey,
+ SECItem *destMAC);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetNumControls
+ * INPUTS:
+ * inCertReq
+ * The Certificate Request to operate on.
+ * RETURN:
+ * Returns the number of Controls registered with this CertRequest.
+ */
+extern int CRMF_CertRequestGetNumControls(CRMFCertRequest *inCertReq);
+
+/*
+ * FUNCTION: CRMF_CertRequestGetControlAtIndex
+ * INPUTS:
+ * inCertReq
+ * The certificate request to operate on.
+ * index
+ * The index of the control the user wants a copy of.
+ * NOTES:
+ * Function retrieves the Control at located at index. The Controls
+ * are numbered like a traditional C array (0 ... numElements-1)
+ *
+ * RETURN:
+ * Returns a copy of the control at the index specified. This is a copy
+ * so the user must call CRMF_DestroyControl after the return value is no
+ * longer needed. A return value of NULL indicates an error while copying
+ * the control or that the index was invalid.
+ */
+extern CRMFControl *
+CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq,
+ int index);
+
+/*
+ * FUNCTION: CRMF_DestroyControl
+ * INPUTS:
+ * inControl
+ * The Control to destroy.
+ * NOTES:
+ * Destroy a CRMFControl allocated by CRMF_GetControlAtIndex.
+ *
+ * RETURN:
+ * SECSuccess if freeing the memory was successful. Any other return
+ * value indicates an error while freeing the memory.
+ */
+extern SECStatus CRMF_DestroyControl(CRMFControl *inControl);
+
+/*
+ * FUNCTION: CRMF_ControlGetControlType
+ * INPUTS:
+ * inControl
+ * The control to operate on.
+ * NOTES:
+ * The function returns an enumertion which indicates the type of control
+ * 'inControl'.
+ *
+ * RETURN:
+ * Look in crmft.h at the definition of the enumerated type CRMFControlType
+ * for the possible return values.
+ */
+extern CRMFControlType CRMF_ControlGetControlType(CRMFControl *inControl);
+
+/*
+ * FUNCTION: CRMF_ControlGetRegTokenControlValue
+ * INPUTS:
+ * inControl
+ * The Control to operate on.
+ * NOTES:
+ * The user must call SECITEM_FreeItem passing in the return value
+ * after the returnvalue is no longer needed.
+
+ * RETURN:
+ * Return the value for a Registration Token Control.
+ * The SECItem returned should be in UTF8 format. A NULL
+ * return value indicates there was no Registration Control associated
+ * with the Control.
+ * (This library will not verify format. It assumes the client properly
+ * formatted the strings when adding it or the message decoded was properly
+ * formatted. The library will just give back the bytes it was given.)
+ */
+extern SECItem *CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl);
+
+/*
+ * FUNCTION: CRMF_ControlGetAuthenticatorControlValue
+ * INPUTS:
+ * inControl
+ * The Control to operate on.
+ * NOTES:
+ * The user must call SECITEM_FreeItem passing in the return value
+ * after the returnvalue is no longer needed.
+ *
+ * RETURN:
+ * Return the value for the Authenticator Control.
+ * The SECItem returned should be in UTF8 format. A NULL
+ * return value indicates there was no Authenticator Control associated
+ * with the CRMFControl..
+ * (This library will not verify format. It assumes the client properly
+ * formatted the strings when adding it or the message decoded was properly
+ * formatted. The library will just give back the bytes it was given.)
+ */
+extern SECItem *CRMF_ControlGetAuthicatorControlValue(CRMFControl *inControl);
+
+/*
+ * FUNCTION: CRMF_ControlGetPKIArchiveOptions
+ * INPUTS:inControl
+ * The Control tooperate on.
+ * NOTES:
+ * This function returns a copy of the PKIArchiveOptions. The user must call
+ * the function CRMF_DestroyPKIArchiveOptions when the return value is no
+ * longer needed.
+ *
+ * RETURN:
+ * Get the PKIArchiveOptions associated with the Control. A return
+ * value of NULL indicates the Control was not a PKIArchiveOptions
+ * Control.
+ */
+extern CRMFPKIArchiveOptions *
+CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl);
+
+/*
+ * FUNCTION: CMRF_DestroyPKIArchiveOptions
+ * INPUTS:
+ * inOptions
+ * The ArchiveOptions to destroy.
+ * NOTE:
+ * Destroy the CRMFPKIArchiveOptions structure.
+ *
+ * RETURN:
+ * SECSuccess if successful in freeing all the memory associated with
+ * the PKIArchiveOptions. Any other return value indicates an error while
+ * freeing the PKIArchiveOptions.
+ */
+extern SECStatus
+CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inOptions);
+
+/*
+ * FUNCTION: CRMF_PKIArchiveOptionsGetOptionType
+ * INPUTS:
+ * inOptions
+ * The PKIArchiveOptions to operate on.
+ * RETURN:
+ * Returns the choice used for the PKIArchiveOptions. Look at the definition
+ * of CRMFPKIArchiveOptionsType in crmft.h for possible return values.
+ */
+extern CRMFPKIArchiveOptionsType
+CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions);
+
+/*
+ * FUNCTION: CRMF_PKIArchiveOptionsGetEncryptedPrivKey
+ * INPUTS:
+ * inOpts
+ * The PKIArchiveOptions to operate on.
+ *
+ * NOTES:
+ * The user must call CRMF_DestroyEncryptedKey when done using this return
+ * value.
+ *
+ * RETURN:
+ * Get the encryptedPrivKey field of the PKIArchiveOptions structure.
+ * A return value of NULL indicates that encryptedPrivKey was not used as
+ * the choice for this PKIArchiveOptions.
+ */
+extern CRMFEncryptedKey *
+CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts);
+
+/*
+ * FUNCTION: CRMF_EncryptedKeyGetChoice
+ * INPUTS:
+ * inEncrKey
+ * The EncryptedKey to operate on.
+ *
+ * NOTES:
+ * Get the choice used for representing the EncryptedKey.
+ *
+ * RETURN:
+ * Returns the Choice used in representing the EncryptedKey. Look in
+ * crmft.h at the definition of CRMFEncryptedKeyChoice for possible return
+ * values.
+ */
+extern CRMFEncryptedKeyChoice
+CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey);
+
+/*
+ * FUNCTION: CRMF_EncryptedKeyGetEncryptedValue
+ * INPUTS:
+ * inKey
+ * The EncryptedKey to operate on.
+ *
+ * NOTES:
+ * The user must call CRMF_DestroyEncryptedValue passing in
+ * CRMF_GetEncryptedValue's return value.
+ *
+ * RETURN:
+ * A pointer to a copy of the EncryptedValue contained as a member of
+ * the EncryptedKey.
+ */
+extern CRMFEncryptedValue *
+CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inKey);
+
+/*
+ * FUNCTION: CRMF_DestroyEncryptedValue
+ * INPUTS:
+ * inEncrValue
+ * The EncryptedValue to destroy.
+ *
+ * NOTES:
+ * Free up all memory associated with 'inEncrValue'.
+ *
+ * RETURN:
+ * SECSuccess if freeing up the memory associated with the EncryptedValue
+ * is successful. Any other return value indicates an error while freeing the
+ * memory.
+ */
+extern SECStatus CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue);
+
+/*
+ * FUNCTION: CRMF_EncryptedValueGetEncValue
+ * INPUTS:
+ * inEncValue
+ * The EncryptedValue to operate on.
+ * NOTES:
+ * Function retrieves the encValue from an EncryptedValue structure.
+ *
+ * RETURN:
+ * A poiner to a SECItem containing the encValue of the EncryptedValue
+ * structure. The return value is in BIT STRING format, meaning the
+ * len field of the return structure represents the number of valid bits
+ * as opposed to the allocated number of bytes.
+ * ANULL return value indicates an error in copying the encValue field.
+ */
+extern SECItem *CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncValue);
+
+/*
+ * FUNCTION: CRMF_EncryptedValueGetIntendedAlg
+ * INPUTS
+ * inEncValue
+ * The EncryptedValue to operate on.
+ * NOTES:
+ * Retrieve the IntendedAlg field from the EncryptedValue structure.
+ * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
+ * the return value. When present, this alogorithm is the alogrithm for
+ * which the private key will be used.
+ *
+ * RETURN:
+ * A Copy of the intendedAlg field. A NULL return value indicates the
+ * optional field was not present in the structure.
+ */
+extern SECAlgorithmID *
+CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue);
+
+/*
+ * FUNCTION: CRMF_EncryptedValueGetSymmAlg
+ * INPUTS
+ * inEncValue
+ * The EncryptedValue to operate on.
+ * NOTES:
+ * Retrieve the symmAlg field from the EncryptedValue structure.
+ * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
+ * the return value. When present, this is algorithm used to
+ * encrypt the encValue of the EncryptedValue.
+ *
+ * RETURN:
+ * A Copy of the symmAlg field. A NULL return value indicates the
+ * optional field was not present in the structure.
+ */
+extern SECAlgorithmID *
+CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue);
+
+/*
+ * FUNCTION: CRMF_EncryptedValueGetKeyAlg
+ * INPUTS
+ * inEncValue
+ * The EncryptedValue to operate on.
+ * NOTES:
+ * Retrieve the keyAlg field from the EncryptedValue structure.
+ * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
+ * the return value. When present, this is the algorithm used to encrypt
+ * the symmetric key in the encSymmKey field of the EncryptedValue structure.
+ *
+ * RETURN:
+ * A Copy of the keyAlg field. A NULL return value indicates the
+ * optional field was not present in the structure.
+ */
+extern SECAlgorithmID *
+CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue);
+
+/*
+ * FUNCTION: CRMF_EncryptedValueGetValueHint
+ * INPUTS:
+ * inEncValue
+ * The EncryptedValue to operate on.
+ *
+ * NOTES:
+ * Return a copy of the der-encoded value hint.
+ * User must call SECITEM_FreeItem(retVal, PR_TRUE) when done using the
+ * return value. When, present, this is a value that the client which
+ * originally issued a certificate request can use to reproduce any data
+ * it wants. The RA does not know how to interpret this data.
+ *
+ * RETURN:
+ * A copy of the valueHint field of the EncryptedValue. A NULL return
+ * value indicates the optional valueHint field is not present in the
+ * EncryptedValue.
+ */
+extern SECItem *
+CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue);
+
+/*
+ * FUNCTION: CRMF_EncrypteValueGetEncSymmKey
+ * INPUTS:
+ * inEncValue
+ * The EncryptedValue to operate on.
+ *
+ * NOTES:
+ * Return a copy of the encSymmKey field. This field is the encrypted
+ * symmetric key that the client uses in doing Public Key wrap of a private
+ * key. When present, this is the symmetric key that was used to wrap the
+ * private key. (The encrypted private key will be stored in encValue
+ * of the same EncryptedValue structure.) The user must call
+ * SECITEM_FreeItem(retVal, PR_TRUE) when the return value is no longer
+ * needed.
+ *
+ * RETURN:
+ * A copy of the optional encSymmKey field of the EncryptedValue structure.
+ * The return value will be in BIT STRING format, meaning the len field will
+ * be the number of valid bits as opposed to the number of bytes. A return
+ * value of NULL means the optional encSymmKey field was not present in
+ * the EncryptedValue structure.
+ */
+extern SECItem *
+CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue);
+
+/*
+ * FUNCTION: CRMF_PKIArchiveOptionsGetKeyGenParameters
+ * INPUTS:
+ * inOptions
+ * The PKiArchiveOptions to operate on.
+ *
+ * NOTES:
+ * User must call SECITEM_FreeItem(retVal, PR_TRUE) after the return
+ * value is no longer needed.
+ *
+ * RETURN:
+ * Get the keyGenParameters field of the PKIArchiveOptions.
+ * A NULL return value indicates that keyGenParameters was not
+ * used as the choice for this PKIArchiveOptions.
+ *
+ * The SECItem returned is in BIT STRING format (ie, the len field indicates
+ * number of valid bits as opposed to allocated number of bytes.)
+ */
+extern SECItem *
+CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions);
+
+/*
+ * FUNCTION: CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey
+ * INPUTS:
+ * inOpt
+ * The PKIArchiveOptions to operate on.
+ * destVal
+ * A pointer to where the library can place the value for
+ * arciveRemGenPrivKey
+ * RETURN:
+ * If the PKIArchiveOptions used the archiveRemGenPrivKey field, the
+ * function returns SECSuccess and fills the value at *destValue with either
+ * PR_TRUE or PR_FALSE, depending on what the PKIArchiveOptions has as a
+ * value.
+ *
+ * If the PKIArchiveOptions does not use the archiveRemGenPrivKey field, the
+ * function returns SECFailure and the value at *destValue is unchanged.
+ */
+extern SECStatus
+CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
+ PRBool *destVal);
+
+/* Helper functions that can be used by other libraries. */
+/*
+ * A quick helper function to get the best wrap mechanism.
+ */
+extern CK_MECHANISM_TYPE CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot);
+
+/*
+ * A helper function to get a randomly generated IV from a mechanism
+ * type.
+ */
+extern SECItem *CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType);
+
+SEC_END_PROTOS
+#endif /*_CRMF_H_*/
diff --git a/security/nss/lib/crmf/crmfcont.c b/security/nss/lib/crmf/crmfcont.c
new file mode 100644
index 000000000..5df2bd828
--- /dev/null
+++ b/security/nss/lib/crmf/crmfcont.c
@@ -0,0 +1,1161 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+#include "pk11func.h"
+#include "keyhi.h"
+#include "secoid.h"
+
+static SECStatus
+crmf_modify_control_array(CRMFCertRequest *inCertReq, int count)
+{
+ if (count > 0) {
+ void *dummy = PORT_Realloc(inCertReq->controls,
+ sizeof(CRMFControl *) * (count + 2));
+ if (dummy == NULL) {
+ return SECFailure;
+ }
+ inCertReq->controls = dummy;
+ } else {
+ inCertReq->controls = PORT_ZNewArray(CRMFControl *, 2);
+ }
+ return (inCertReq->controls == NULL) ? SECFailure : SECSuccess;
+}
+
+static SECStatus
+crmf_add_new_control(CRMFCertRequest *inCertReq, SECOidTag inTag,
+ CRMFControl **destControl)
+{
+ SECOidData *oidData;
+ SECStatus rv;
+ PLArenaPool *poolp;
+ int numControls = 0;
+ CRMFControl *newControl;
+ CRMFControl **controls;
+ void *mark;
+
+ poolp = inCertReq->poolp;
+ if (poolp == NULL) {
+ return SECFailure;
+ }
+ mark = PORT_ArenaMark(poolp);
+ if (inCertReq->controls != NULL) {
+ while (inCertReq->controls[numControls] != NULL)
+ numControls++;
+ }
+ rv = crmf_modify_control_array(inCertReq, numControls);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ controls = inCertReq->controls;
+ oidData = SECOID_FindOIDByTag(inTag);
+ newControl = *destControl = PORT_ArenaZNew(poolp, CRMFControl);
+ if (newControl == NULL) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(poolp, &newControl->derTag, &oidData->oid);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ newControl->tag = inTag;
+ controls[numControls] = newControl;
+ controls[numControls + 1] = NULL;
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ *destControl = NULL;
+ return SECFailure;
+}
+
+static SECStatus
+crmf_add_secitem_control(CRMFCertRequest *inCertReq, SECItem *value,
+ SECOidTag inTag)
+{
+ SECStatus rv;
+ CRMFControl *newControl;
+ void *mark;
+
+ rv = crmf_add_new_control(inCertReq, inTag, &newControl);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ mark = PORT_ArenaMark(inCertReq->poolp);
+ rv = SECITEM_CopyItem(inCertReq->poolp, &newControl->derValue, value);
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(inCertReq->poolp, mark);
+ return rv;
+ }
+ PORT_ArenaUnmark(inCertReq->poolp, mark);
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq, SECItem *value)
+{
+ return crmf_add_secitem_control(inCertReq, value,
+ SEC_OID_PKIX_REGCTRL_REGTOKEN);
+}
+
+SECStatus
+CRMF_CertRequestSetAuthenticatorControl(CRMFCertRequest *inCertReq,
+ SECItem *value)
+{
+ return crmf_add_secitem_control(inCertReq, value,
+ SEC_OID_PKIX_REGCTRL_AUTHENTICATOR);
+}
+
+SECStatus
+crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue, PRBool freeit)
+{
+ if (inEncrValue != NULL) {
+ if (inEncrValue->intendedAlg) {
+ SECOID_DestroyAlgorithmID(inEncrValue->intendedAlg, PR_TRUE);
+ inEncrValue->intendedAlg = NULL;
+ }
+ if (inEncrValue->symmAlg) {
+ SECOID_DestroyAlgorithmID(inEncrValue->symmAlg, PR_TRUE);
+ inEncrValue->symmAlg = NULL;
+ }
+ if (inEncrValue->encSymmKey.data) {
+ PORT_Free(inEncrValue->encSymmKey.data);
+ inEncrValue->encSymmKey.data = NULL;
+ }
+ if (inEncrValue->keyAlg) {
+ SECOID_DestroyAlgorithmID(inEncrValue->keyAlg, PR_TRUE);
+ inEncrValue->keyAlg = NULL;
+ }
+ if (inEncrValue->valueHint.data) {
+ PORT_Free(inEncrValue->valueHint.data);
+ inEncrValue->valueHint.data = NULL;
+ }
+ if (inEncrValue->encValue.data) {
+ PORT_Free(inEncrValue->encValue.data);
+ inEncrValue->encValue.data = NULL;
+ }
+ if (freeit) {
+ PORT_Free(inEncrValue);
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue)
+{
+ return crmf_destroy_encrypted_value(inEncrValue, PR_TRUE);
+}
+
+SECStatus
+crmf_copy_encryptedvalue_secalg(PLArenaPool *poolp,
+ SECAlgorithmID *srcAlgId,
+ SECAlgorithmID **destAlgId)
+{
+ SECAlgorithmID *newAlgId;
+ SECStatus rv;
+
+ newAlgId = (poolp != NULL) ? PORT_ArenaZNew(poolp, SECAlgorithmID) : PORT_ZNew(SECAlgorithmID);
+ if (newAlgId == NULL) {
+ return SECFailure;
+ }
+
+ rv = SECOID_CopyAlgorithmID(poolp, newAlgId, srcAlgId);
+ if (rv != SECSuccess) {
+ if (!poolp) {
+ SECOID_DestroyAlgorithmID(newAlgId, PR_TRUE);
+ }
+ return rv;
+ }
+ *destAlgId = newAlgId;
+
+ return rv;
+}
+
+SECStatus
+crmf_copy_encryptedvalue(PLArenaPool *poolp,
+ CRMFEncryptedValue *srcValue,
+ CRMFEncryptedValue *destValue)
+{
+ SECStatus rv;
+
+ if (srcValue->intendedAlg != NULL) {
+ rv = crmf_copy_encryptedvalue_secalg(poolp,
+ srcValue->intendedAlg,
+ &destValue->intendedAlg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcValue->symmAlg != NULL) {
+ rv = crmf_copy_encryptedvalue_secalg(poolp,
+ srcValue->symmAlg,
+ &destValue->symmAlg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcValue->encSymmKey.data != NULL) {
+ rv = crmf_make_bitstring_copy(poolp,
+ &destValue->encSymmKey,
+ &srcValue->encSymmKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcValue->keyAlg != NULL) {
+ rv = crmf_copy_encryptedvalue_secalg(poolp,
+ srcValue->keyAlg,
+ &destValue->keyAlg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcValue->valueHint.data != NULL) {
+ rv = SECITEM_CopyItem(poolp,
+ &destValue->valueHint,
+ &srcValue->valueHint);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcValue->encValue.data != NULL) {
+ rv = crmf_make_bitstring_copy(poolp,
+ &destValue->encValue,
+ &srcValue->encValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ return SECSuccess;
+loser:
+ if (poolp == NULL && destValue != NULL) {
+ crmf_destroy_encrypted_value(destValue, PR_FALSE);
+ }
+ return SECFailure;
+}
+
+SECStatus
+crmf_copy_encryptedkey(PLArenaPool *poolp,
+ CRMFEncryptedKey *srcEncrKey,
+ CRMFEncryptedKey *destEncrKey)
+{
+ SECStatus rv;
+ void *mark = NULL;
+
+ if (poolp != NULL) {
+ mark = PORT_ArenaMark(poolp);
+ }
+
+ switch (srcEncrKey->encKeyChoice) {
+ case crmfEncryptedValueChoice:
+ rv = crmf_copy_encryptedvalue(poolp,
+ &srcEncrKey->value.encryptedValue,
+ &destEncrKey->value.encryptedValue);
+ break;
+ case crmfEnvelopedDataChoice:
+ destEncrKey->value.envelopedData =
+ SEC_PKCS7CopyContentInfo(srcEncrKey->value.envelopedData);
+ rv = (destEncrKey->value.envelopedData != NULL) ? SECSuccess : SECFailure;
+ break;
+ default:
+ rv = SECFailure;
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ destEncrKey->encKeyChoice = srcEncrKey->encKeyChoice;
+ if (mark) {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+ return SECSuccess;
+
+loser:
+ if (mark) {
+ PORT_ArenaRelease(poolp, mark);
+ }
+ return SECFailure;
+}
+
+static CRMFPKIArchiveOptions *
+crmf_create_encr_pivkey_option(CRMFEncryptedKey *inEncryptedKey)
+{
+ CRMFPKIArchiveOptions *newArchOpt;
+ SECStatus rv;
+
+ newArchOpt = PORT_ZNew(CRMFPKIArchiveOptions);
+ if (newArchOpt == NULL) {
+ goto loser;
+ }
+
+ rv = crmf_copy_encryptedkey(NULL, inEncryptedKey,
+ &newArchOpt->option.encryptedKey);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ newArchOpt->archOption = crmfEncryptedPrivateKey;
+ return newArchOpt;
+loser:
+ if (newArchOpt != NULL) {
+ CRMF_DestroyPKIArchiveOptions(newArchOpt);
+ }
+ return NULL;
+}
+
+static CRMFPKIArchiveOptions *
+crmf_create_keygen_param_option(SECItem *inKeyGenParams)
+{
+ CRMFPKIArchiveOptions *newArchOptions;
+ SECStatus rv;
+
+ newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
+ if (newArchOptions == NULL) {
+ goto loser;
+ }
+ newArchOptions->archOption = crmfKeyGenParameters;
+ rv = SECITEM_CopyItem(NULL, &newArchOptions->option.keyGenParameters,
+ inKeyGenParams);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newArchOptions;
+loser:
+ if (newArchOptions != NULL) {
+ CRMF_DestroyPKIArchiveOptions(newArchOptions);
+ }
+ return NULL;
+}
+
+static CRMFPKIArchiveOptions *
+crmf_create_arch_rem_gen_privkey(PRBool archiveRemGenPrivKey)
+{
+ unsigned char value;
+ SECItem *dummy;
+ CRMFPKIArchiveOptions *newArchOptions;
+
+ value = (archiveRemGenPrivKey) ? hexTrue : hexFalse;
+ newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
+ if (newArchOptions == NULL) {
+ goto loser;
+ }
+ dummy = SEC_ASN1EncodeItem(NULL,
+ &newArchOptions->option.archiveRemGenPrivKey,
+ &value, SEC_ASN1_GET(SEC_BooleanTemplate));
+ PORT_Assert(dummy == &newArchOptions->option.archiveRemGenPrivKey);
+ if (dummy != &newArchOptions->option.archiveRemGenPrivKey) {
+ SECITEM_FreeItem(dummy, PR_TRUE);
+ goto loser;
+ }
+ newArchOptions->archOption = crmfArchiveRemGenPrivKey;
+ return newArchOptions;
+loser:
+ if (newArchOptions != NULL) {
+ CRMF_DestroyPKIArchiveOptions(newArchOptions);
+ }
+ return NULL;
+}
+
+CRMFPKIArchiveOptions *
+CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType, void *data)
+{
+ CRMFPKIArchiveOptions *retOptions;
+
+ PORT_Assert(data != NULL);
+ if (data == NULL) {
+ return NULL;
+ }
+ switch (inType) {
+ case crmfEncryptedPrivateKey:
+ retOptions = crmf_create_encr_pivkey_option((CRMFEncryptedKey *)data);
+ break;
+ case crmfKeyGenParameters:
+ retOptions = crmf_create_keygen_param_option((SECItem *)data);
+ break;
+ case crmfArchiveRemGenPrivKey:
+ retOptions = crmf_create_arch_rem_gen_privkey(*(PRBool *)data);
+ break;
+ default:
+ retOptions = NULL;
+ }
+ return retOptions;
+}
+
+static SECStatus
+crmf_destroy_encrypted_key(CRMFEncryptedKey *inEncrKey, PRBool freeit)
+{
+ PORT_Assert(inEncrKey != NULL);
+ if (inEncrKey != NULL) {
+ switch (inEncrKey->encKeyChoice) {
+ case crmfEncryptedValueChoice:
+ crmf_destroy_encrypted_value(&inEncrKey->value.encryptedValue,
+ PR_FALSE);
+ break;
+ case crmfEnvelopedDataChoice:
+ SEC_PKCS7DestroyContentInfo(inEncrKey->value.envelopedData);
+ break;
+ default:
+ break;
+ }
+ if (freeit) {
+ PORT_Free(inEncrKey);
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
+ PRBool freeit)
+{
+ PORT_Assert(inArchOptions != NULL);
+ if (inArchOptions != NULL) {
+ switch (inArchOptions->archOption) {
+ case crmfEncryptedPrivateKey:
+ crmf_destroy_encrypted_key(&inArchOptions->option.encryptedKey,
+ PR_FALSE);
+ break;
+ case crmfKeyGenParameters:
+ case crmfArchiveRemGenPrivKey:
+ /* This is a union, so having a pointer to one is like
+ * having a pointer to both.
+ */
+ SECITEM_FreeItem(&inArchOptions->option.keyGenParameters,
+ PR_FALSE);
+ break;
+ case crmfNoArchiveOptions:
+ break;
+ }
+ if (freeit) {
+ PORT_Free(inArchOptions);
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOptions)
+{
+ return crmf_destroy_pkiarchiveoptions(inArchOptions, PR_TRUE);
+}
+
+static CK_MECHANISM_TYPE
+crmf_get_non_pad_mechanism(CK_MECHANISM_TYPE type)
+{
+ switch (type) {
+ case CKM_DES3_CBC_PAD:
+ return CKM_DES3_CBC;
+ case CKM_CAST5_CBC_PAD:
+ return CKM_CAST5_CBC;
+ case CKM_DES_CBC_PAD:
+ return CKM_DES_CBC;
+ case CKM_IDEA_CBC_PAD:
+ return CKM_IDEA_CBC;
+ case CKM_CAST3_CBC_PAD:
+ return CKM_CAST3_CBC;
+ case CKM_CAST_CBC_PAD:
+ return CKM_CAST_CBC;
+ case CKM_RC5_CBC_PAD:
+ return CKM_RC5_CBC;
+ case CKM_RC2_CBC_PAD:
+ return CKM_RC2_CBC;
+ case CKM_CDMF_CBC_PAD:
+ return CKM_CDMF_CBC;
+ }
+ return type;
+}
+
+static CK_MECHANISM_TYPE
+crmf_get_pad_mech_from_tag(SECOidTag oidTag)
+{
+ CK_MECHANISM_TYPE mechType;
+ SECOidData *oidData;
+
+ oidData = SECOID_FindOIDByTag(oidTag);
+ mechType = (CK_MECHANISM_TYPE)oidData->mechanism;
+ return PK11_GetPadMechanism(mechType);
+}
+
+static CK_MECHANISM_TYPE
+crmf_get_best_privkey_wrap_mechanism(PK11SlotInfo *slot)
+{
+ CK_MECHANISM_TYPE privKeyPadMechs[] = { CKM_DES3_CBC_PAD,
+ CKM_CAST5_CBC_PAD,
+ CKM_DES_CBC_PAD,
+ CKM_IDEA_CBC_PAD,
+ CKM_CAST3_CBC_PAD,
+ CKM_CAST_CBC_PAD,
+ CKM_RC5_CBC_PAD,
+ CKM_RC2_CBC_PAD,
+ CKM_CDMF_CBC_PAD };
+ int mechCount = sizeof(privKeyPadMechs) / sizeof(privKeyPadMechs[0]);
+ int i;
+
+ for (i = 0; i < mechCount; i++) {
+ if (PK11_DoesMechanism(slot, privKeyPadMechs[i])) {
+ return privKeyPadMechs[i];
+ }
+ }
+ return CKM_INVALID_MECHANISM;
+}
+
+CK_MECHANISM_TYPE
+CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot)
+{
+ return crmf_get_best_privkey_wrap_mechanism(slot);
+}
+
+static SECItem *
+crmf_get_iv(CK_MECHANISM_TYPE mechType)
+{
+ int iv_size = PK11_GetIVLength(mechType);
+ SECItem *iv;
+ SECStatus rv;
+
+ iv = PORT_ZNew(SECItem);
+ if (iv == NULL) {
+ return NULL;
+ }
+ if (iv_size == 0) {
+ iv->data = NULL;
+ iv->len = 0;
+ return iv;
+ }
+ iv->data = PORT_NewArray(unsigned char, iv_size);
+ if (iv->data == NULL) {
+ iv->len = 0;
+ return iv;
+ }
+ iv->len = iv_size;
+ rv = PK11_GenerateRandom(iv->data, iv->len);
+ if (rv != SECSuccess) {
+ PORT_Free(iv->data);
+ iv->data = NULL;
+ iv->len = 0;
+ }
+ return iv;
+}
+
+SECItem *
+CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType)
+{
+ return crmf_get_iv(mechType);
+}
+
+CK_MECHANISM_TYPE
+crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey)
+{
+ CERTSubjectPublicKeyInfo *spki = NULL;
+ SECOidTag tag;
+
+ spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
+ if (spki == NULL) {
+ return CKM_INVALID_MECHANISM;
+ }
+ tag = SECOID_FindOIDTag(&spki->algorithm.algorithm);
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ spki = NULL;
+ return PK11_AlgtagToMechanism(tag);
+}
+
+SECItem *
+crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest)
+{
+ SECItem *src;
+
+ switch (pubKey->keyType) {
+ case dsaKey:
+ src = &pubKey->u.dsa.publicValue;
+ break;
+ case rsaKey:
+ src = &pubKey->u.rsa.modulus;
+ break;
+ case dhKey:
+ src = &pubKey->u.dh.publicValue;
+ break;
+ default:
+ src = NULL;
+ break;
+ }
+ if (!src) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (dest != NULL) {
+ SECStatus rv = SECITEM_CopyItem(NULL, dest, src);
+ if (rv != SECSuccess) {
+ dest = NULL;
+ }
+ } else {
+ dest = SECITEM_ArenaDupItem(NULL, src);
+ }
+ return dest;
+}
+
+static SECItem *
+crmf_decode_params(SECItem *inParams)
+{
+ SECItem *params;
+ SECStatus rv = SECFailure;
+ PLArenaPool *poolp;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+
+ params = PORT_ArenaZNew(poolp, SECItem);
+ if (params) {
+ rv = SEC_ASN1DecodeItem(poolp, params,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ inParams);
+ }
+ params = (rv == SECSuccess) ? SECITEM_ArenaDupItem(NULL, params) : NULL;
+ PORT_FreeArena(poolp, PR_FALSE);
+ return params;
+}
+
+static int
+crmf_get_key_size_from_mech(CK_MECHANISM_TYPE mechType)
+{
+ CK_MECHANISM_TYPE keyGen = PK11_GetKeyGen(mechType);
+
+ switch (keyGen) {
+ case CKM_CDMF_KEY_GEN:
+ case CKM_DES_KEY_GEN:
+ return 8;
+ case CKM_DES2_KEY_GEN:
+ return 16;
+ case CKM_DES3_KEY_GEN:
+ return 24;
+ }
+ return 0;
+}
+
+SECStatus
+crmf_encrypted_value_unwrap_priv_key(PLArenaPool *poolp,
+ CRMFEncryptedValue *encValue,
+ SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *newPubKey,
+ SECItem *nickname,
+ PK11SlotInfo *slot,
+ unsigned char keyUsage,
+ SECKEYPrivateKey **unWrappedKey,
+ void *wincx)
+{
+ PK11SymKey *wrappingKey = NULL;
+ CK_MECHANISM_TYPE wrapMechType;
+ SECOidTag oidTag;
+ SECItem *params = NULL, *publicValue = NULL;
+ int keySize, origLen;
+ CK_KEY_TYPE keyType;
+ CK_ATTRIBUTE_TYPE *usage = NULL;
+ CK_ATTRIBUTE_TYPE rsaUsage[] = {
+ CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER
+ };
+ CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
+ CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
+ int usageCount = 0;
+
+ oidTag = SECOID_GetAlgorithmTag(encValue->symmAlg);
+ wrapMechType = crmf_get_pad_mech_from_tag(oidTag);
+ keySize = crmf_get_key_size_from_mech(wrapMechType);
+ wrappingKey = PK11_PubUnwrapSymKey(privKey, &encValue->encSymmKey,
+ wrapMechType, CKA_UNWRAP, keySize);
+ if (wrappingKey == NULL) {
+ goto loser;
+ } /* Make the length a byte length instead of bit length*/
+ params = (encValue->symmAlg != NULL) ? crmf_decode_params(&encValue->symmAlg->parameters)
+ : NULL;
+ origLen = encValue->encValue.len;
+ encValue->encValue.len = CRMF_BITS_TO_BYTES(origLen);
+ publicValue = crmf_get_public_value(newPubKey, NULL);
+ switch (newPubKey->keyType) {
+ default:
+ case rsaKey:
+ keyType = CKK_RSA;
+ switch (keyUsage & (KU_KEY_ENCIPHERMENT | KU_DIGITAL_SIGNATURE)) {
+ case KU_KEY_ENCIPHERMENT:
+ usage = rsaUsage;
+ usageCount = 2;
+ break;
+ case KU_DIGITAL_SIGNATURE:
+ usage = &rsaUsage[2];
+ usageCount = 2;
+ break;
+ case KU_KEY_ENCIPHERMENT |
+ KU_DIGITAL_SIGNATURE:
+ case 0: /* default to everything */
+ usage = rsaUsage;
+ usageCount = 4;
+ break;
+ }
+ break;
+ case dhKey:
+ keyType = CKK_DH;
+ usage = dhUsage;
+ usageCount = sizeof(dhUsage) / sizeof(dhUsage[0]);
+ break;
+ case dsaKey:
+ keyType = CKK_DSA;
+ usage = dsaUsage;
+ usageCount = sizeof(dsaUsage) / sizeof(dsaUsage[0]);
+ break;
+ }
+ PORT_Assert(usage != NULL);
+ PORT_Assert(usageCount != 0);
+ *unWrappedKey = PK11_UnwrapPrivKey(slot, wrappingKey, wrapMechType, params,
+ &encValue->encValue, nickname,
+ publicValue, PR_TRUE, PR_TRUE,
+ keyType, usage, usageCount, wincx);
+ encValue->encValue.len = origLen;
+ if (*unWrappedKey == NULL) {
+ goto loser;
+ }
+ SECITEM_FreeItem(publicValue, PR_TRUE);
+ if (params != NULL) {
+ SECITEM_FreeItem(params, PR_TRUE);
+ }
+ PK11_FreeSymKey(wrappingKey);
+ return SECSuccess;
+loser:
+ *unWrappedKey = NULL;
+ return SECFailure;
+}
+
+CRMFEncryptedValue *
+crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
+ SECKEYPublicKey *inCAKey,
+ CRMFEncryptedValue *destValue)
+{
+ SECItem wrappedPrivKey, wrappedSymKey;
+ SECItem encodedParam, *dummy;
+ SECStatus rv;
+ CK_MECHANISM_TYPE pubMechType, symKeyType;
+ unsigned char *wrappedSymKeyBits;
+ unsigned char *wrappedPrivKeyBits;
+ SECItem *iv = NULL;
+ SECOidTag tag;
+ PK11SymKey *symKey;
+ PK11SlotInfo *slot;
+ SECAlgorithmID *symmAlg;
+ CRMFEncryptedValue *myEncrValue = NULL;
+
+ encodedParam.data = NULL;
+ wrappedSymKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
+ wrappedPrivKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
+ if (wrappedSymKeyBits == NULL || wrappedPrivKeyBits == NULL) {
+ goto loser;
+ }
+ if (destValue == NULL) {
+ myEncrValue = destValue = PORT_ZNew(CRMFEncryptedValue);
+ if (destValue == NULL) {
+ goto loser;
+ }
+ }
+
+ pubMechType = crmf_get_mechanism_from_public_key(inCAKey);
+ if (pubMechType == CKM_INVALID_MECHANISM) {
+ /* XXX I should probably do something here for non-RSA
+ * keys that are in certs. (ie DSA)
+ * XXX or at least SET AN ERROR CODE.
+ */
+ goto loser;
+ }
+ slot = inPrivKey->pkcs11Slot;
+ PORT_Assert(slot != NULL);
+ symKeyType = crmf_get_best_privkey_wrap_mechanism(slot);
+ symKey = PK11_KeyGen(slot, symKeyType, NULL, 0, NULL);
+ if (symKey == NULL) {
+ goto loser;
+ }
+
+ wrappedSymKey.data = wrappedSymKeyBits;
+ wrappedSymKey.len = MAX_WRAPPED_KEY_LEN;
+ rv = PK11_PubWrapSymKey(pubMechType, inCAKey, symKey, &wrappedSymKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* Make the length of the result a Bit String length. */
+ wrappedSymKey.len <<= 3;
+
+ wrappedPrivKey.data = wrappedPrivKeyBits;
+ wrappedPrivKey.len = MAX_WRAPPED_KEY_LEN;
+ iv = crmf_get_iv(symKeyType);
+ rv = PK11_WrapPrivKey(slot, symKey, inPrivKey, symKeyType, iv,
+ &wrappedPrivKey, NULL);
+ PK11_FreeSymKey(symKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* Make the length of the result a Bit String length. */
+ wrappedPrivKey.len <<= 3;
+ rv = crmf_make_bitstring_copy(NULL,
+ &destValue->encValue,
+ &wrappedPrivKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = crmf_make_bitstring_copy(NULL,
+ &destValue->encSymmKey,
+ &wrappedSymKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ destValue->symmAlg = symmAlg = PORT_ZNew(SECAlgorithmID);
+ if (symmAlg == NULL) {
+ goto loser;
+ }
+
+ dummy = SEC_ASN1EncodeItem(NULL, &encodedParam, iv,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (dummy != &encodedParam) {
+ SECITEM_FreeItem(dummy, PR_TRUE);
+ goto loser;
+ }
+
+ symKeyType = crmf_get_non_pad_mechanism(symKeyType);
+ tag = PK11_MechanismToAlgtag(symKeyType);
+ rv = SECOID_SetAlgorithmID(NULL, symmAlg, tag, &encodedParam);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ SECITEM_FreeItem(&encodedParam, PR_FALSE);
+ PORT_Free(wrappedPrivKeyBits);
+ PORT_Free(wrappedSymKeyBits);
+ SECITEM_FreeItem(iv, PR_TRUE);
+ return destValue;
+loser:
+ if (iv != NULL) {
+ SECITEM_FreeItem(iv, PR_TRUE);
+ }
+ if (myEncrValue != NULL) {
+ crmf_destroy_encrypted_value(myEncrValue, PR_TRUE);
+ }
+ if (wrappedSymKeyBits != NULL) {
+ PORT_Free(wrappedSymKeyBits);
+ }
+ if (wrappedPrivKeyBits != NULL) {
+ PORT_Free(wrappedPrivKeyBits);
+ }
+ if (encodedParam.data != NULL) {
+ SECITEM_FreeItem(&encodedParam, PR_FALSE);
+ }
+ return NULL;
+}
+
+CRMFEncryptedKey *
+CRMF_CreateEncryptedKeyWithEncryptedValue(SECKEYPrivateKey *inPrivKey,
+ CERTCertificate *inCACert)
+{
+ SECKEYPublicKey *caPubKey = NULL;
+ CRMFEncryptedKey *encKey = NULL;
+
+ PORT_Assert(inPrivKey != NULL && inCACert != NULL);
+ if (inPrivKey == NULL || inCACert == NULL) {
+ return NULL;
+ }
+
+ caPubKey = CERT_ExtractPublicKey(inCACert);
+ if (caPubKey == NULL) {
+ goto loser;
+ }
+
+ encKey = PORT_ZNew(CRMFEncryptedKey);
+ if (encKey == NULL) {
+ goto loser;
+ }
+#ifdef DEBUG
+ {
+ CRMFEncryptedValue *dummy =
+ crmf_create_encrypted_value_wrapped_privkey(
+ inPrivKey, caPubKey, &encKey->value.encryptedValue);
+ PORT_Assert(dummy == &encKey->value.encryptedValue);
+ }
+#else
+ crmf_create_encrypted_value_wrapped_privkey(
+ inPrivKey, caPubKey, &encKey->value.encryptedValue);
+#endif
+ /* We won't add the der value here, but rather when it
+ * becomes part of a certificate request.
+ */
+ SECKEY_DestroyPublicKey(caPubKey);
+ encKey->encKeyChoice = crmfEncryptedValueChoice;
+ return encKey;
+loser:
+ if (encKey != NULL) {
+ CRMF_DestroyEncryptedKey(encKey);
+ }
+ if (caPubKey != NULL) {
+ SECKEY_DestroyPublicKey(caPubKey);
+ }
+ return NULL;
+}
+
+SECStatus
+CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey)
+{
+ return crmf_destroy_encrypted_key(inEncrKey, PR_TRUE);
+}
+
+SECStatus
+crmf_copy_pkiarchiveoptions(PLArenaPool *poolp,
+ CRMFPKIArchiveOptions *destOpt,
+ CRMFPKIArchiveOptions *srcOpt)
+{
+ SECStatus rv;
+ destOpt->archOption = srcOpt->archOption;
+ switch (srcOpt->archOption) {
+ case crmfEncryptedPrivateKey:
+ rv = crmf_copy_encryptedkey(poolp,
+ &srcOpt->option.encryptedKey,
+ &destOpt->option.encryptedKey);
+ break;
+ case crmfKeyGenParameters:
+ case crmfArchiveRemGenPrivKey:
+ /* We've got a union, so having a pointer to one is just
+ * like having a pointer to the other one.
+ */
+ rv = SECITEM_CopyItem(poolp,
+ &destOpt->option.keyGenParameters,
+ &srcOpt->option.keyGenParameters);
+ break;
+ default:
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+static SECStatus
+crmf_check_and_adjust_archoption(CRMFControl *inControl)
+{
+ CRMFPKIArchiveOptions *options;
+
+ options = &inControl->value.archiveOptions;
+ if (options->archOption == crmfNoArchiveOptions) {
+ /* It hasn't been set, so figure it out from the
+ * der.
+ */
+ switch (inControl->derValue.data[0] & 0x0f) {
+ case 0:
+ options->archOption = crmfEncryptedPrivateKey;
+ break;
+ case 1:
+ options->archOption = crmfKeyGenParameters;
+ break;
+ case 2:
+ options->archOption = crmfArchiveRemGenPrivKey;
+ break;
+ default:
+ /* We've got bad DER. Return an error. */
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+static const SEC_ASN1Template *
+crmf_get_pkiarchive_subtemplate(CRMFControl *inControl)
+{
+ const SEC_ASN1Template *retTemplate;
+ SECStatus rv;
+ /*
+ * We could be in the process of decoding, in which case the
+ * archOption field will not be set. Let's check it and set
+ * it accordingly.
+ */
+
+ rv = crmf_check_and_adjust_archoption(inControl);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ switch (inControl->value.archiveOptions.archOption) {
+ case crmfEncryptedPrivateKey:
+ retTemplate = CRMFEncryptedKeyWithEncryptedValueTemplate;
+ inControl->value.archiveOptions.option.encryptedKey.encKeyChoice =
+ crmfEncryptedValueChoice;
+ break;
+ default:
+ retTemplate = NULL;
+ }
+ return retTemplate;
+}
+
+const SEC_ASN1Template *
+crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl)
+{
+ const SEC_ASN1Template *retTemplate;
+
+ switch (inControl->tag) {
+ case SEC_OID_PKIX_REGCTRL_REGTOKEN:
+ case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
+ retTemplate = SEC_ASN1_GET(SEC_UTF8StringTemplate);
+ break;
+ case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
+ retTemplate = crmf_get_pkiarchive_subtemplate(inControl);
+ break;
+ case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
+ case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
+ case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
+ /* We don't support these controls, so we fail for now.*/
+ retTemplate = NULL;
+ break;
+ default:
+ retTemplate = NULL;
+ }
+ return retTemplate;
+}
+
+static SECStatus
+crmf_encode_pkiarchiveoptions(PLArenaPool *poolp, CRMFControl *inControl)
+{
+ const SEC_ASN1Template *asn1Template;
+
+ asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
+ /* We've got a union, so passing a pointer to one element of the
+ * union, is the same as passing a pointer to any of the other
+ * members of the union.
+ */
+ SEC_ASN1EncodeItem(poolp, &inControl->derValue,
+ &inControl->value.archiveOptions, asn1Template);
+
+ if (inControl->derValue.data == NULL) {
+ goto loser;
+ }
+ return SECSuccess;
+loser:
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq,
+ CRMFPKIArchiveOptions *inOptions)
+{
+ CRMFControl *newControl;
+ PLArenaPool *poolp;
+ SECStatus rv;
+ void *mark;
+
+ PORT_Assert(inCertReq != NULL && inOptions != NULL);
+ if (inCertReq == NULL || inOptions == NULL) {
+ return SECFailure;
+ }
+ poolp = inCertReq->poolp;
+ mark = PORT_ArenaMark(poolp);
+ rv = crmf_add_new_control(inCertReq,
+ SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
+ &newControl);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = crmf_copy_pkiarchiveoptions(poolp,
+ &newControl->value.archiveOptions,
+ inOptions);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = crmf_encode_pkiarchiveoptions(poolp, newControl);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+static SECStatus
+crmf_destroy_control(CRMFControl *inControl, PRBool freeit)
+{
+ PORT_Assert(inControl != NULL);
+ if (inControl != NULL) {
+ SECITEM_FreeItem(&inControl->derTag, PR_FALSE);
+ SECITEM_FreeItem(&inControl->derValue, PR_FALSE);
+ /* None of the other tags require special processing at
+ * the moment when freeing because they are not supported,
+ * but if/when they are, add the necessary routines here.
+ * If all controls are supported, then every member of the
+ * union inControl->value will have a case that deals with
+ * it in the following switch statement.
+ */
+ switch (inControl->tag) {
+ case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
+ crmf_destroy_pkiarchiveoptions(&inControl->value.archiveOptions,
+ PR_FALSE);
+ break;
+ default:
+ /* Put this here to get rid of all those annoying warnings.*/
+ break;
+ }
+ if (freeit) {
+ PORT_Free(inControl);
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_DestroyControl(CRMFControl *inControl)
+{
+ return crmf_destroy_control(inControl, PR_TRUE);
+}
+
+static SECOidTag
+crmf_controltype_to_tag(CRMFControlType inControlType)
+{
+ SECOidTag retVal;
+
+ switch (inControlType) {
+ case crmfRegTokenControl:
+ retVal = SEC_OID_PKIX_REGCTRL_REGTOKEN;
+ break;
+ case crmfAuthenticatorControl:
+ retVal = SEC_OID_PKIX_REGCTRL_AUTHENTICATOR;
+ break;
+ case crmfPKIPublicationInfoControl:
+ retVal = SEC_OID_PKIX_REGCTRL_PKIPUBINFO;
+ break;
+ case crmfPKIArchiveOptionsControl:
+ retVal = SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS;
+ break;
+ case crmfOldCertIDControl:
+ retVal = SEC_OID_PKIX_REGCTRL_OLD_CERT_ID;
+ break;
+ case crmfProtocolEncrKeyControl:
+ retVal = SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY;
+ break;
+ default:
+ retVal = SEC_OID_UNKNOWN;
+ break;
+ }
+ return retVal;
+}
+
+PRBool
+CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
+ CRMFControlType inControlType)
+{
+ SECOidTag controlTag;
+ int i;
+
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL || inCertReq->controls == NULL) {
+ return PR_FALSE;
+ }
+ controlTag = crmf_controltype_to_tag(inControlType);
+ for (i = 0; inCertReq->controls[i] != NULL; i++) {
+ if (inCertReq->controls[i]->tag == controlTag) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
diff --git a/security/nss/lib/crmf/crmfdec.c b/security/nss/lib/crmf/crmfdec.c
new file mode 100644
index 000000000..ac6e87268
--- /dev/null
+++ b/security/nss/lib/crmf/crmfdec.c
@@ -0,0 +1,360 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+#include "secitem.h"
+
+static CRMFPOPChoice
+crmf_get_popchoice_from_der(SECItem *derPOP)
+{
+ CRMFPOPChoice retChoice;
+
+ switch (derPOP->data[0] & 0x0f) {
+ case 0:
+ retChoice = crmfRAVerified;
+ break;
+ case 1:
+ retChoice = crmfSignature;
+ break;
+ case 2:
+ retChoice = crmfKeyEncipherment;
+ break;
+ case 3:
+ retChoice = crmfKeyAgreement;
+ break;
+ default:
+ retChoice = crmfNoPOPChoice;
+ break;
+ }
+ return retChoice;
+}
+
+static SECStatus
+crmf_decode_process_raverified(CRMFCertReqMsg *inCertReqMsg)
+{
+ CRMFProofOfPossession *pop;
+ /* Just set up the structure so that the message structure
+ * looks like one that was created using the API
+ */
+ pop = inCertReqMsg->pop;
+ pop->popChoice.raVerified.data = NULL;
+ pop->popChoice.raVerified.len = 0;
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_decode_process_signature(CRMFCertReqMsg *inCertReqMsg)
+{
+ PORT_Assert(inCertReqMsg->poolp);
+ if (!inCertReqMsg->poolp) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return SEC_ASN1Decode(inCertReqMsg->poolp,
+ &inCertReqMsg->pop->popChoice.signature,
+ CRMFPOPOSigningKeyTemplate,
+ (const char *)inCertReqMsg->derPOP.data,
+ inCertReqMsg->derPOP.len);
+}
+
+static CRMFPOPOPrivKeyChoice
+crmf_get_messagechoice_from_der(SECItem *derPOP)
+{
+ CRMFPOPOPrivKeyChoice retChoice;
+
+ switch (derPOP->data[2] & 0x0f) {
+ case 0:
+ retChoice = crmfThisMessage;
+ break;
+ case 1:
+ retChoice = crmfSubsequentMessage;
+ break;
+ case 2:
+ retChoice = crmfDHMAC;
+ break;
+ default:
+ retChoice = crmfNoMessage;
+ }
+ return retChoice;
+}
+
+static SECStatus
+crmf_decode_process_popoprivkey(CRMFCertReqMsg *inCertReqMsg)
+{
+ /* We've got a union, so a pointer to one POPOPrivKey
+ * struct is the same as having a pointer to the other
+ * one.
+ */
+ CRMFPOPOPrivKey *popoPrivKey =
+ &inCertReqMsg->pop->popChoice.keyEncipherment;
+ SECItem *derPOP, privKeyDer;
+ SECStatus rv;
+
+ derPOP = &inCertReqMsg->derPOP;
+ popoPrivKey->messageChoice = crmf_get_messagechoice_from_der(derPOP);
+ if (popoPrivKey->messageChoice == crmfNoMessage) {
+ return SECFailure;
+ }
+ /* If we ever encounter BER encodings of this, we'll get in trouble*/
+ switch (popoPrivKey->messageChoice) {
+ case crmfThisMessage:
+ case crmfDHMAC:
+ privKeyDer.type = derPOP->type;
+ privKeyDer.data = &derPOP->data[5];
+ privKeyDer.len = derPOP->len - 5;
+ break;
+ case crmfSubsequentMessage:
+ privKeyDer.type = derPOP->type;
+ privKeyDer.data = &derPOP->data[4];
+ privKeyDer.len = derPOP->len - 4;
+ break;
+ default:
+ return SECFailure;
+ }
+
+ rv = SECITEM_CopyItem(inCertReqMsg->poolp,
+ &popoPrivKey->message.subsequentMessage,
+ &privKeyDer);
+
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ if (popoPrivKey->messageChoice == crmfThisMessage ||
+ popoPrivKey->messageChoice == crmfDHMAC) {
+
+ popoPrivKey->message.thisMessage.len =
+ CRMF_BYTES_TO_BITS(privKeyDer.len) - (int)derPOP->data[4];
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_decode_process_keyagreement(CRMFCertReqMsg *inCertReqMsg)
+{
+ return crmf_decode_process_popoprivkey(inCertReqMsg);
+}
+
+static SECStatus
+crmf_decode_process_keyencipherment(CRMFCertReqMsg *inCertReqMsg)
+{
+ SECStatus rv;
+
+ rv = crmf_decode_process_popoprivkey(inCertReqMsg);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (inCertReqMsg->pop->popChoice.keyEncipherment.messageChoice ==
+ crmfDHMAC) {
+ /* Key Encipherment can not use the dhMAC option for
+ * POPOPrivKey.
+ */
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_decode_process_pop(CRMFCertReqMsg *inCertReqMsg)
+{
+ SECItem *derPOP;
+ PLArenaPool *poolp;
+ CRMFProofOfPossession *pop;
+ void *mark;
+ SECStatus rv;
+
+ derPOP = &inCertReqMsg->derPOP;
+ poolp = inCertReqMsg->poolp;
+ if (derPOP->data == NULL) {
+ /* There is no Proof of Possession field in this message. */
+ return SECSuccess;
+ }
+ mark = PORT_ArenaMark(poolp);
+ pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (pop == NULL) {
+ goto loser;
+ }
+ pop->popUsed = crmf_get_popchoice_from_der(derPOP);
+ if (pop->popUsed == crmfNoPOPChoice) {
+ /* A bad encoding of CRMF. Not a valid tag was given to the
+ * Proof Of Possession field.
+ */
+ goto loser;
+ }
+ inCertReqMsg->pop = pop;
+ switch (pop->popUsed) {
+ case crmfRAVerified:
+ rv = crmf_decode_process_raverified(inCertReqMsg);
+ break;
+ case crmfSignature:
+ rv = crmf_decode_process_signature(inCertReqMsg);
+ break;
+ case crmfKeyEncipherment:
+ rv = crmf_decode_process_keyencipherment(inCertReqMsg);
+ break;
+ case crmfKeyAgreement:
+ rv = crmf_decode_process_keyagreement(inCertReqMsg);
+ break;
+ default:
+ rv = SECFailure;
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ inCertReqMsg->pop = NULL;
+ return SECFailure;
+}
+
+static SECStatus
+crmf_decode_process_single_control(PLArenaPool *poolp,
+ CRMFControl *inControl)
+{
+ const SEC_ASN1Template *asn1Template = NULL;
+
+ inControl->tag = SECOID_FindOIDTag(&inControl->derTag);
+ asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
+
+ PORT_Assert(asn1Template != NULL);
+ PORT_Assert(poolp != NULL);
+ if (!asn1Template || !poolp) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* We've got a union, so passing a pointer to one element of the
+ * union is the same as passing a pointer to any of the other
+ * members of the union.
+ */
+ return SEC_ASN1Decode(poolp, &inControl->value.archiveOptions,
+ asn1Template, (const char *)inControl->derValue.data,
+ inControl->derValue.len);
+}
+
+static SECStatus
+crmf_decode_process_controls(CRMFCertReqMsg *inCertReqMsg)
+{
+ int i, numControls;
+ SECStatus rv;
+ PLArenaPool *poolp;
+ CRMFControl **controls;
+
+ numControls = CRMF_CertRequestGetNumControls(inCertReqMsg->certReq);
+ controls = inCertReqMsg->certReq->controls;
+ poolp = inCertReqMsg->poolp;
+ for (i = 0; i < numControls; i++) {
+ rv = crmf_decode_process_single_control(poolp, controls[i]);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_decode_process_single_reqmsg(CRMFCertReqMsg *inCertReqMsg)
+{
+ SECStatus rv;
+
+ rv = crmf_decode_process_pop(inCertReqMsg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = crmf_decode_process_controls(inCertReqMsg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ inCertReqMsg->certReq->certTemplate.numExtensions =
+ CRMF_CertRequestGetNumberOfExtensions(inCertReqMsg->certReq);
+ inCertReqMsg->isDecoded = PR_TRUE;
+ rv = SECSuccess;
+loser:
+ return rv;
+}
+
+CRMFCertReqMsg *
+CRMF_CreateCertReqMsgFromDER(const char *buf, long len)
+{
+ PLArenaPool *poolp;
+ CRMFCertReqMsg *certReqMsg;
+ SECStatus rv;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ goto loser;
+ }
+ certReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
+ if (certReqMsg == NULL) {
+ goto loser;
+ }
+ certReqMsg->poolp = poolp;
+ rv = SEC_ASN1Decode(poolp, certReqMsg, CRMFCertReqMsgTemplate, buf, len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = crmf_decode_process_single_reqmsg(certReqMsg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return certReqMsg;
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+CRMFCertReqMessages *
+CRMF_CreateCertReqMessagesFromDER(const char *buf, long len)
+{
+ long arenaSize;
+ int i;
+ SECStatus rv;
+ PLArenaPool *poolp;
+ CRMFCertReqMessages *certReqMsgs;
+
+ PORT_Assert(buf != NULL);
+ /* Wanna make sure the arena is big enough to store all of the requests
+ * coming in. We'll guestimate according to the length of the buffer.
+ */
+ arenaSize = len + len / 2;
+ poolp = PORT_NewArena(arenaSize);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ certReqMsgs = PORT_ArenaZNew(poolp, CRMFCertReqMessages);
+ if (certReqMsgs == NULL) {
+ goto loser;
+ }
+ certReqMsgs->poolp = poolp;
+ rv = SEC_ASN1Decode(poolp, certReqMsgs, CRMFCertReqMessagesTemplate,
+ buf, len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ for (i = 0; certReqMsgs->messages[i] != NULL; i++) {
+ /* The sub-routines expect the individual messages to have
+ * an arena. We'll give them one temporarily.
+ */
+ certReqMsgs->messages[i]->poolp = poolp;
+ rv = crmf_decode_process_single_reqmsg(certReqMsgs->messages[i]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ certReqMsgs->messages[i]->poolp = NULL;
+ }
+ return certReqMsgs;
+
+loser:
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+}
diff --git a/security/nss/lib/crmf/crmfenc.c b/security/nss/lib/crmf/crmfenc.c
new file mode 100644
index 000000000..6d01a45ce
--- /dev/null
+++ b/security/nss/lib/crmf/crmfenc.c
@@ -0,0 +1,48 @@
+/* -*- Mode: C; tab-width: 8 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+
+SECStatus
+CRMF_EncodeCertReqMsg(CRMFCertReqMsg *inCertReqMsg,
+ CRMFEncoderOutputCallback fn,
+ void *arg)
+{
+ struct crmfEncoderOutput output;
+
+ output.fn = fn;
+ output.outputArg = arg;
+ return SEC_ASN1Encode(inCertReqMsg, CRMFCertReqMsgTemplate,
+ crmf_encoder_out, &output);
+}
+
+SECStatus
+CRMF_EncodeCertRequest(CRMFCertRequest *inCertReq,
+ CRMFEncoderOutputCallback fn,
+ void *arg)
+{
+ struct crmfEncoderOutput output;
+
+ output.fn = fn;
+ output.outputArg = arg;
+ return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate,
+ crmf_encoder_out, &output);
+}
+
+SECStatus
+CRMF_EncodeCertReqMessages(CRMFCertReqMsg **inCertReqMsgs,
+ CRMFEncoderOutputCallback fn,
+ void *arg)
+{
+ struct crmfEncoderOutput output;
+ CRMFCertReqMessages msgs;
+
+ output.fn = fn;
+ output.outputArg = arg;
+ msgs.messages = inCertReqMsgs;
+ return SEC_ASN1Encode(&msgs, CRMFCertReqMessagesTemplate,
+ crmf_encoder_out, &output);
+}
diff --git a/security/nss/lib/crmf/crmffut.h b/security/nss/lib/crmf/crmffut.h
new file mode 100644
index 000000000..d6f937438
--- /dev/null
+++ b/security/nss/lib/crmf/crmffut.h
@@ -0,0 +1,357 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * These functions to be implemented in the future if the features
+ * which these functions would implement wind up being needed.
+ */
+
+/*
+ * Use this function to create the CRMFSinglePubInfo* variables that will
+ * populate the inPubInfoArray parameter for the function
+ * CRMF_CreatePKIPublicationInfo.
+ *
+ * "inPubMethod" specifies which publication method will be used
+ * "pubLocation" is a representation of the location where
+ */
+extern CRMFSinglePubInfo *
+CRMF_CreateSinglePubInfo(CRMFPublicationMethod inPubMethod,
+ CRMFGeneralName *pubLocation);
+
+/*
+ * Create a PKIPublicationInfo that can later be passed to the function
+ * CRMFAddPubInfoControl.
+ */
+extern CRMFPKIPublicationInfo *
+CRMF_CreatePKIPublicationInfo(CRMFPublicationAction inAction,
+ CRMFSinglePubInfo **inPubInfoArray,
+ int numPubInfo);
+
+/*
+ * Only call this function on a CRMFPublicationInfo that was created by
+ * CRMF_CreatePKIPublicationInfo that was passed in NULL for arena.
+ */
+
+extern SECStatus
+CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
+
+extern SECStatus CRMF_AddPubInfoControl(CRMFCertRequest *inCertReq,
+ CRMFPKIPublicationInfo *inPubInfo);
+
+/*
+ * This is to create a Cert ID Control which can later be added to
+ * a certificate request.
+ */
+extern CRMFCertID *CRMF_CreateCertID(CRMFGeneralName *issuer,
+ long serialNumber);
+
+extern SECStatus CRMF_DestroyCertID(CRMFCertID *certID);
+
+extern SECStatus CRMF_AddCertIDControl(CRMFCertRequest *inCertReq,
+ CRMFCertID *certID);
+
+extern SECStatus
+CRMF_AddProtocolEncryptioKeyControl(CRMFCertRequest *inCertReq,
+ CERTSubjectPublicKeyInfo *spki);
+
+/*
+ * Add the ASCII Pairs Registration Info to the Certificate Request.
+ * The SECItem must be an OCTET string representation.
+ */
+extern SECStatus
+CRMF_AddUTF8PairsRegInfo(CRMFCertRequest *inCertReq,
+ SECItem *asciiPairs);
+
+/*
+ * This takes a CertRequest and adds it to another CertRequest.
+ */
+extern SECStatus
+CRMF_AddCertReqToRegInfo(CRMFCertRequest *certReqToAddTo,
+ CRMFCertRequest *certReqBeingAdded);
+
+/*
+ * Returns which option was used for the authInfo field of POPOSigningKeyInput
+ */
+extern CRMFPOPOSkiInputAuthChoice
+CRMF_GetSignKeyInputAuthChoice(CRMFPOPOSigningKeyInput *inKeyInput);
+
+/*
+ * Gets the PKMACValue associated with the POPOSigningKeyInput.
+ * If the POPOSigningKeyInput did not use authInfo.publicKeyMAC
+ * the function returns SECFailure and the value at *destValue is unchanged.
+ *
+ * If the POPOSigningKeyInput did use authInfo.publicKeyMAC, the function
+ * returns SECSuccess and places the PKMACValue at *destValue.
+ */
+extern SECStatus
+CRMF_GetSignKeyInputPKMACValue(CRMFPOPOSigningKeyInput *inKeyInput,
+ CRMFPKMACValue **destValue);
+/*
+ * Gets the SubjectPublicKeyInfo from the POPOSigningKeyInput
+ */
+extern CERTSubjectPublicKeyInfo *
+CRMF_GetSignKeyInputPublicKey(CRMFPOPOSigningKeyInput *inKeyInput);
+
+/*
+ * Return the value for the PKIPublicationInfo Control.
+ * A return value of NULL indicates that the Control was
+ * not a PKIPublicationInfo Control. Call
+ * CRMF_DestroyPKIPublicationInfo on the return value when done
+ * using the pointer.
+ */
+extern CRMFPKIPublicationInfo *CRMF_GetPKIPubInfo(CRMFControl *inControl);
+
+/*
+ * Free up a CRMFPKIPublicationInfo structure.
+ */
+extern SECStatus
+CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
+
+/*
+ * Get the choice used for action in this PKIPublicationInfo.
+ */
+extern CRMFPublicationAction
+CRMF_GetPublicationAction(CRMFPKIPublicationInfo *inPubInfo);
+
+/*
+ * Get the number of pubInfos are stored in the PKIPubicationInfo.
+ */
+extern int CRMF_GetNumPubInfos(CRMFPKIPublicationInfo *inPubInfo);
+
+/*
+ * Get the pubInfo at index for the given PKIPubicationInfo.
+ * Indexing is done like a traditional C Array. (0 .. numElements-1)
+ */
+extern CRMFSinglePubInfo *
+CRMF_GetPubInfoAtIndex(CRMFPKIPublicationInfo *inPubInfo,
+ int index);
+
+/*
+ * Destroy the CRMFSinglePubInfo.
+ */
+extern SECStatus CRMF_DestroySinglePubInfo(CRMFSinglePubInfo *inPubInfo);
+
+/*
+ * Get the pubMethod used by the SinglePubInfo.
+ */
+extern CRMFPublicationMethod
+CRMF_GetPublicationMethod(CRMFSinglePubInfo *inPubInfo);
+
+/*
+ * Get the pubLocation associated with the SinglePubInfo.
+ * A NULL return value indicates there was no pubLocation associated
+ * with the SinglePuInfo.
+ */
+extern CRMFGeneralName *CRMF_GetPubLocation(CRMFSinglePubInfo *inPubInfo);
+
+/*
+ * Get the authInfo.sender field out of the POPOSigningKeyInput.
+ * If the POPOSigningKeyInput did not use the authInfo the function
+ * returns SECFailure and the value at *destName is unchanged.
+ *
+ * If the POPOSigningKeyInput did use authInfo.sender, the function returns
+ * SECSuccess and puts the authInfo.sender at *destName/
+ */
+extern SECStatus CRMF_GetSignKeyInputSender(CRMFPOPOSigningKeyInput *keyInput,
+ CRMFGeneralName **destName);
+
+/**************** CMMF Functions that need to be added. **********************/
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
+ * INPUTS:
+ * inDecKeyChall
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * inRandom
+ * The random number to use when generating the challenge,
+ * inSender
+ * The GeneralName representation of the sender of the challenge.
+ * inPubKey
+ * The public key to use when encrypting the challenge.
+ * NOTES:
+ * This function adds a challenge to the end of the list of challenges
+ * contained by 'inDecKeyChall'. Refer to the CMMF draft on how the
+ * the random number passed in and the sender's GeneralName are used
+ * to generate the challenge and witness fields of the challenge. This
+ * library will use SHA1 as the one-way function for generating the
+ * witess field of the challenge.
+ *
+ * RETURN:
+ * SECSuccess if generating the challenge and adding to the end of list
+ * of challenges was successful. Any other return value indicates an error
+ * while trying to generate the challenge.
+ */
+extern SECStatus
+CMMF_POPODecKeyChallContentSetNextChallenge(CMMFPOPODecKeyChallContent *inDecKeyChall,
+ long inRandom,
+ CERTGeneralName *inSender,
+ SECKEYPublicKey *inPubKey);
+
+/*
+ * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
+ * INPUTS:
+ * inKeyChallCont
+ * The CMMFPOPODecKeyChallContent to operate on.
+ * RETURN:
+ * This function returns the number of CMMFChallenges are contained in
+ * the CMMFPOPODecKeyChallContent structure.
+ */
+extern int CMMF_POPODecKeyChallContentGetNumChallenges(CMMFPOPODecKeyChallContent *inKeyChallCont);
+
+/*
+ * FUNCTION: CMMF_ChallengeGetRandomNumber
+ * INPUTS:
+ * inChallenge
+ * The CMMFChallenge to operate on.
+ * inDest
+ * A pointer to a user supplied buffer where the library
+ * can place a copy of the random integer contatained in the
+ * challenge.
+ * NOTES:
+ * This function returns the value held in the decrypted Rand structure
+ * corresponding to the random integer. The user must call
+ * CMMF_ChallengeDecryptWitness before calling this function. Call
+ * CMMF_ChallengeIsDecrypted to find out if the challenge has been
+ * decrypted.
+ *
+ * RETURN:
+ * SECSuccess indicates the witness field has been previously decrypted
+ * and the value for the random integer was successfully placed at *inDest.
+ * Any other return value indicates an error and that the value at *inDest
+ * is not a valid value.
+ */
+extern SECStatus CMMF_ChallengeGetRandomNumber(CMMFChallenge *inChallenge,
+ long *inDest);
+
+/*
+ * FUNCTION: CMMF_ChallengeGetSender
+ * INPUTS:
+ * inChallenge
+ * the CMMFChallenge to operate on.
+ * NOTES:
+ * This function returns the value held in the decrypted Rand structure
+ * corresponding to the sender. The user must call
+ * CMMF_ChallengeDecryptWitness before calling this function. Call
+ * CMMF_ChallengeIsDecrypted to find out if the witness field has been
+ * decrypted. The user must call CERT_DestroyGeneralName after the return
+ * value is no longer needed.
+ *
+ * RETURN:
+ * A pointer to a copy of the sender CERTGeneralName. A return value of
+ * NULL indicates an error in trying to copy the information or that the
+ * witness field has not been decrypted.
+ */
+extern CERTGeneralName *CMMF_ChallengeGetSender(CMMFChallenge *inChallenge);
+
+/*
+ * FUNCTION: CMMF_ChallengeGetAlgId
+ * INPUTS:
+ * inChallenge
+ * The CMMFChallenge to operate on.
+ * inDestAlgId
+ * A pointer to memory where a pointer to a copy of the algorithm
+ * id can be placed.
+ * NOTES:
+ * This function retrieves the one way function algorithm identifier
+ * contained within the CMMFChallenge if the optional field is present.
+ *
+ * RETURN:
+ * SECSucces indicates the function was able to place a pointer to a copy of
+ * the alogrithm id at *inAlgId. If the value at *inDestAlgId is NULL,
+ * that means there was no algorithm identifier present in the
+ * CMMFChallenge. Any other return value indicates the function was not
+ * able to make a copy of the algorithm identifier. In this case the value
+ * at *inDestAlgId is not valid.
+ */
+extern SECStatus CMMF_ChallengeGetAlgId(CMMFChallenge *inChallenge,
+ SECAlgorithmID *inAlgId);
+
+/*
+ * FUNCTION: CMMF_DestroyChallenge
+ * INPUTS:
+ * inChallenge
+ * The CMMFChallenge to free up.
+ * NOTES:
+ * This function frees up all the memory associated with the CMMFChallenge
+ * passed in.
+ * RETURN:
+ * SECSuccess if freeing all the memory associated with the CMMFChallenge
+ * passed in is successful. Any other return value indicates an error
+ * while freeing the memory.
+ */
+extern SECStatus CMMF_DestroyChallenge(CMMFChallenge *inChallenge);
+
+/*
+ * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
+ * INPUTS:
+ * inDecKeyResp
+ * The CMMFPOPODecKeyRespContent structure to free.
+ * NOTES:
+ * This function frees up all the memory associate with the
+ * CMMFPOPODecKeyRespContent.
+ *
+ * RETURN:
+ * SECSuccess if freeint up all the memory associated with the
+ * CMMFPOPODecKeyRespContent structure is successful. Any other
+ * return value indicates an error while freeing the memory.
+ */
+extern SECStatus
+CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
+
+/*
+ * FUNCTION: CMMF_ChallengeDecryptWitness
+ * INPUTS:
+ * inChallenge
+ * The CMMFChallenge to operate on.
+ * inPrivKey
+ * The private key to use to decrypt the witness field.
+ * NOTES:
+ * This function uses the private key to decrypt the challenge field
+ * contained in the CMMFChallenge. Make sure the private key matches the
+ * public key that was used to encrypt the witness. The creator of
+ * the challenge will most likely be an RA that has the public key
+ * from a Cert request. So the private key should be the private key
+ * associated with public key in that request. This function will also
+ * verify the witness field of the challenge.
+ *
+ * RETURN:
+ * SECSuccess if decrypting the witness field was successful. This does
+ * not indicate that the decrypted data is valid, since the private key
+ * passed in may not be the actual key needed to properly decrypt the
+ * witness field. Meaning that there is a decrypted structure now, but
+ * may be garbage because the private key was incorrect.
+ * Any other return value indicates the function could not complete the
+ * decryption process.
+ */
+extern SECStatus CMMF_ChallengeDecryptWitness(CMMFChallenge *inChallenge,
+ SECKEYPrivateKey *inPrivKey);
+
+/*
+ * FUNCTION: CMMF_ChallengeIsDecrypted
+ * INPUTS:
+ * inChallenge
+ * The CMMFChallenge to operate on.
+ * RETURN:
+ * This is a predicate function that returns PR_TRUE if the decryption
+ * process has already been performed. The function return PR_FALSE if
+ * the decryption process has not been performed yet.
+ */
+extern PRBool CMMF_ChallengeIsDecrypted(CMMFChallenge *inChallenge);
+
+/*
+ * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
+ * INPUTS:
+ * inDecKeyCont
+ * The CMMFPOPODecKeyChallContent to free
+ * NOTES:
+ * This function frees up all the memory associated with the
+ * CMMFPOPODecKeyChallContent
+ * RETURN:
+ * SECSuccess if freeing up all the memory associatd with the
+ * CMMFPOPODecKeyChallContent is successful. Any other return value
+ * indicates an error while freeing the memory.
+ *
+ */
+extern SECStatus
+CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont);
diff --git a/security/nss/lib/crmf/crmfget.c b/security/nss/lib/crmf/crmfget.c
new file mode 100644
index 000000000..5c1d2aa19
--- /dev/null
+++ b/security/nss/lib/crmf/crmfget.c
@@ -0,0 +1,443 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+#include "keyhi.h"
+#include "secder.h"
+
+CRMFPOPChoice
+CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg)
+{
+ PORT_Assert(inCertReqMsg != NULL);
+ if (inCertReqMsg != NULL && inCertReqMsg->pop != NULL) {
+ return inCertReqMsg->pop->popUsed;
+ }
+ return crmfNoPOPChoice;
+}
+
+static SECStatus
+crmf_destroy_validity(CRMFOptionalValidity *inValidity, PRBool freeit)
+{
+ if (inValidity != NULL) {
+ if (inValidity->notBefore.data != NULL) {
+ PORT_Free(inValidity->notBefore.data);
+ }
+ if (inValidity->notAfter.data != NULL) {
+ PORT_Free(inValidity->notAfter.data);
+ }
+ if (freeit) {
+ PORT_Free(inValidity);
+ }
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_copy_cert_request_validity(PLArenaPool *poolp,
+ CRMFOptionalValidity **destValidity,
+ CRMFOptionalValidity *srcValidity)
+{
+ CRMFOptionalValidity *myValidity = NULL;
+ SECStatus rv;
+
+ *destValidity = myValidity = (poolp == NULL) ? PORT_ZNew(CRMFOptionalValidity)
+ : PORT_ArenaZNew(poolp, CRMFOptionalValidity);
+ if (myValidity == NULL) {
+ goto loser;
+ }
+ if (srcValidity->notBefore.data != NULL) {
+ rv = SECITEM_CopyItem(poolp, &myValidity->notBefore,
+ &srcValidity->notBefore);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcValidity->notAfter.data != NULL) {
+ rv = SECITEM_CopyItem(poolp, &myValidity->notAfter,
+ &srcValidity->notAfter);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ return SECSuccess;
+loser:
+ if (myValidity != NULL && poolp == NULL) {
+ crmf_destroy_validity(myValidity, PR_TRUE);
+ }
+ return SECFailure;
+}
+
+static SECStatus
+crmf_copy_extensions(PLArenaPool *poolp,
+ CRMFCertTemplate *destTemplate,
+ CRMFCertExtension **srcExt)
+{
+ int numExt = 0, i;
+ CRMFCertExtension **myExtArray = NULL;
+
+ while (srcExt[numExt] != NULL) {
+ numExt++;
+ }
+ if (numExt == 0) {
+ /*No extensions to copy.*/
+ destTemplate->extensions = NULL;
+ destTemplate->numExtensions = 0;
+ return SECSuccess;
+ }
+ destTemplate->extensions = myExtArray =
+ PORT_NewArray(CRMFCertExtension *, numExt + 1);
+ if (myExtArray == NULL) {
+ goto loser;
+ }
+
+ for (i = 0; i < numExt; i++) {
+ myExtArray[i] = crmf_copy_cert_extension(poolp, srcExt[i]);
+ if (myExtArray[i] == NULL) {
+ goto loser;
+ }
+ }
+ destTemplate->numExtensions = numExt;
+ myExtArray[numExt] = NULL;
+ return SECSuccess;
+loser:
+ if (myExtArray != NULL) {
+ if (poolp == NULL) {
+ for (i = 0; myExtArray[i] != NULL; i++) {
+ CRMF_DestroyCertExtension(myExtArray[i]);
+ }
+ }
+ PORT_Free(myExtArray);
+ }
+ destTemplate->extensions = NULL;
+ destTemplate->numExtensions = 0;
+ return SECFailure;
+}
+
+static SECStatus
+crmf_copy_cert_request_template(PLArenaPool *poolp,
+ CRMFCertTemplate *destTemplate,
+ CRMFCertTemplate *srcTemplate)
+{
+ SECStatus rv;
+
+ if (srcTemplate->version.data != NULL) {
+ rv = SECITEM_CopyItem(poolp, &destTemplate->version,
+ &srcTemplate->version);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->serialNumber.data != NULL) {
+ rv = SECITEM_CopyItem(poolp, &destTemplate->serialNumber,
+ &srcTemplate->serialNumber);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->signingAlg != NULL) {
+ rv = crmf_template_copy_secalg(poolp, &destTemplate->signingAlg,
+ srcTemplate->signingAlg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->issuer != NULL) {
+ rv = crmf_copy_cert_name(poolp, &destTemplate->issuer,
+ srcTemplate->issuer);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->validity != NULL) {
+ rv = crmf_copy_cert_request_validity(poolp, &destTemplate->validity,
+ srcTemplate->validity);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->subject != NULL) {
+ rv = crmf_copy_cert_name(poolp, &destTemplate->subject,
+ srcTemplate->subject);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->publicKey != NULL) {
+ rv = crmf_template_add_public_key(poolp, &destTemplate->publicKey,
+ srcTemplate->publicKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->issuerUID.data != NULL) {
+ rv = crmf_make_bitstring_copy(poolp, &destTemplate->issuerUID,
+ &srcTemplate->issuerUID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->subjectUID.data != NULL) {
+ rv = crmf_make_bitstring_copy(poolp, &destTemplate->subjectUID,
+ &srcTemplate->subjectUID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (srcTemplate->extensions != NULL) {
+ rv = crmf_copy_extensions(poolp, destTemplate,
+ srcTemplate->extensions);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ return SECSuccess;
+loser:
+ return SECFailure;
+}
+
+static CRMFControl *
+crmf_copy_control(PLArenaPool *poolp, CRMFControl *srcControl)
+{
+ CRMFControl *newControl;
+ SECStatus rv;
+
+ newControl = (poolp == NULL) ? PORT_ZNew(CRMFControl) : PORT_ArenaZNew(poolp, CRMFControl);
+ if (newControl == NULL) {
+ goto loser;
+ }
+ newControl->tag = srcControl->tag;
+ rv = SECITEM_CopyItem(poolp, &newControl->derTag, &srcControl->derTag);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(poolp, &newControl->derValue, &srcControl->derValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* We only handle PKIArchiveOptions Control right now. But if in
+ * the future, more controls that are part of the union are added,
+ * then they need to be handled here as well.
+ */
+ switch (newControl->tag) {
+ case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
+ rv = crmf_copy_pkiarchiveoptions(poolp,
+ &newControl->value.archiveOptions,
+ &srcControl->value.archiveOptions);
+ break;
+ default:
+ rv = SECSuccess;
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newControl;
+
+loser:
+ if (poolp == NULL && newControl != NULL) {
+ CRMF_DestroyControl(newControl);
+ }
+ return NULL;
+}
+
+static SECStatus
+crmf_copy_cert_request_controls(PLArenaPool *poolp,
+ CRMFCertRequest *destReq,
+ CRMFCertRequest *srcReq)
+{
+ int numControls, i;
+ CRMFControl **myControls = NULL;
+
+ numControls = CRMF_CertRequestGetNumControls(srcReq);
+ if (numControls == 0) {
+ /* No Controls To Copy*/
+ return SECSuccess;
+ }
+ myControls = destReq->controls = PORT_NewArray(CRMFControl *,
+ numControls + 1);
+ if (myControls == NULL) {
+ goto loser;
+ }
+ for (i = 0; i < numControls; i++) {
+ myControls[i] = crmf_copy_control(poolp, srcReq->controls[i]);
+ if (myControls[i] == NULL) {
+ goto loser;
+ }
+ }
+ myControls[numControls] = NULL;
+ return SECSuccess;
+loser:
+ if (myControls != NULL) {
+ if (poolp == NULL) {
+ for (i = 0; myControls[i] != NULL; i++) {
+ CRMF_DestroyControl(myControls[i]);
+ }
+ }
+ PORT_Free(myControls);
+ }
+ return SECFailure;
+}
+
+CRMFCertRequest *
+crmf_copy_cert_request(PLArenaPool *poolp, CRMFCertRequest *srcReq)
+{
+ CRMFCertRequest *newReq = NULL;
+ SECStatus rv;
+
+ if (srcReq == NULL) {
+ return NULL;
+ }
+ newReq = (poolp == NULL) ? PORT_ZNew(CRMFCertRequest) : PORT_ArenaZNew(poolp, CRMFCertRequest);
+ if (newReq == NULL) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(poolp, &newReq->certReqId, &srcReq->certReqId);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = crmf_copy_cert_request_template(poolp, &newReq->certTemplate,
+ &srcReq->certTemplate);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = crmf_copy_cert_request_controls(poolp, newReq, srcReq);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newReq;
+loser:
+ if (newReq != NULL && poolp == NULL) {
+ CRMF_DestroyCertRequest(newReq);
+ PORT_Free(newReq);
+ }
+ return NULL;
+}
+
+SECStatus
+CRMF_DestroyGetValidity(CRMFGetValidity *inValidity)
+{
+ PORT_Assert(inValidity != NULL);
+ if (inValidity != NULL) {
+ if (inValidity->notAfter) {
+ PORT_Free(inValidity->notAfter);
+ inValidity->notAfter = NULL;
+ }
+ if (inValidity->notBefore) {
+ PORT_Free(inValidity->notBefore);
+ inValidity->notBefore = NULL;
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+crmf_make_bitstring_copy(PLArenaPool *arena, SECItem *dest, SECItem *src)
+{
+ int origLenBits;
+ int bytesToCopy;
+ SECStatus rv;
+
+ origLenBits = src->len;
+ bytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
+ src->len = bytesToCopy;
+ rv = SECITEM_CopyItem(arena, dest, src);
+ src->len = origLenBits;
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ dest->len = origLenBits;
+ return SECSuccess;
+}
+
+int
+CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq)
+{
+ CRMFCertTemplate *certTemplate;
+ int count = 0;
+
+ certTemplate = &inCertReq->certTemplate;
+ if (certTemplate->extensions) {
+ while (certTemplate->extensions[count] != NULL)
+ count++;
+ }
+ return count;
+}
+
+SECOidTag
+CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension)
+{
+ PORT_Assert(inExtension != NULL);
+ if (inExtension == NULL) {
+ return SEC_OID_UNKNOWN;
+ }
+ return SECOID_FindOIDTag(&inExtension->id);
+}
+
+PRBool
+CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt)
+{
+ PORT_Assert(inExt != NULL);
+ if (inExt == NULL) {
+ return PR_FALSE;
+ }
+ return inExt->critical.data != NULL;
+}
+
+SECItem *
+CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension)
+{
+ PORT_Assert(inExtension != NULL);
+ if (inExtension == NULL) {
+ return NULL;
+ }
+
+ return SECITEM_DupItem(&inExtension->value);
+}
+
+SECStatus
+CRMF_DestroyPOPOSigningKey(CRMFPOPOSigningKey *inKey)
+{
+ PORT_Assert(inKey != NULL);
+ if (inKey != NULL) {
+ if (inKey->derInput.data != NULL) {
+ SECITEM_FreeItem(&inKey->derInput, PR_FALSE);
+ }
+ if (inKey->algorithmIdentifier != NULL) {
+ SECOID_DestroyAlgorithmID(inKey->algorithmIdentifier, PR_TRUE);
+ }
+ if (inKey->signature.data != NULL) {
+ SECITEM_FreeItem(&inKey->signature, PR_FALSE);
+ }
+ PORT_Free(inKey);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey)
+{
+ PORT_Assert(inPrivKey != NULL);
+ if (inPrivKey != NULL) {
+ SECITEM_FreeItem(&inPrivKey->message.thisMessage, PR_FALSE);
+ PORT_Free(inPrivKey);
+ }
+ return SECSuccess;
+}
+
+int
+CRMF_CertRequestGetNumControls(CRMFCertRequest *inCertReq)
+{
+ int count = 0;
+
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return 0;
+ }
+ if (inCertReq->controls) {
+ while (inCertReq->controls[count] != NULL)
+ count++;
+ }
+ return count;
+}
diff --git a/security/nss/lib/crmf/crmfi.h b/security/nss/lib/crmf/crmfi.h
new file mode 100644
index 000000000..badfd2b05
--- /dev/null
+++ b/security/nss/lib/crmf/crmfi.h
@@ -0,0 +1,185 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CRMFI_H_
+#define _CRMFI_H_
+/* This file will contain all declarations common to both
+ * encoding and decoding of CRMF Cert Requests. This header
+ * file should only be included internally by CRMF implementation
+ * files.
+ */
+#include "secasn1.h"
+#include "crmfit.h"
+#include "secerr.h"
+#include "blapit.h"
+
+#define CRMF_DEFAULT_ARENA_SIZE 1024
+
+/*
+ * Explanation for the definition of MAX_WRAPPED_KEY_LEN:
+ *
+ * It's used for internal buffers to transport a wrapped private key.
+ * The value is in BYTES.
+ * We want to define a reasonable upper bound for this value.
+ * Ideally this could be calculated, but in order to simplify the code
+ * we want to estimate the maximum requires size.
+ * See also bug 655850 for the full explanation.
+ *
+ * We know the largest wrapped keys are RSA keys.
+ * We'll estimate the maximum size needed for wrapped RSA keys,
+ * and assume it's sufficient for wrapped keys of any type we support.
+ *
+ * The maximum size of RSA keys in bits is defined elsewhere as
+ * RSA_MAX_MODULUS_BITS
+ *
+ * The idea is to define MAX_WRAPPED_KEY_LEN based on the above.
+ *
+ * A wrapped RSA key requires about
+ * ( ( RSA_MAX_MODULUS_BITS / 8 ) * 5.5) + 65
+ * bytes.
+ *
+ * Therefore, a safe upper bound is:
+ * ( ( RSA_MAX_MODULUS_BITS / 8 ) *8 ) = RSA_MAX_MODULUS_BITS
+ *
+ */
+#define MAX_WRAPPED_KEY_LEN RSA_MAX_MODULUS_BITS
+
+#define CRMF_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
+
+struct crmfEncoderArg {
+ SECItem *buffer;
+ unsigned long allocatedLen;
+};
+
+struct crmfEncoderOutput {
+ CRMFEncoderOutputCallback fn;
+ void *outputArg;
+};
+
+/*
+ * This function is used by the API for encoding functions that are
+ * exposed through the API, ie all of the CMMF_Encode* and CRMF_Encode*
+ * functions.
+ */
+extern void
+crmf_encoder_out(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind);
+
+/*
+ * This function is used when we want to encode something locally within
+ * the library, ie the CertRequest so that we can produce its signature.
+ */
+extern SECStatus
+crmf_init_encoder_callback_arg(struct crmfEncoderArg *encoderArg,
+ SECItem *derDest);
+
+/*
+ * This is the callback function we feed to the ASN1 encoder when doing
+ * internal DER-encodings. ie, encoding the cert request so we can
+ * produce a signature.
+ */
+extern void
+crmf_generic_encoder_callback(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind);
+
+/* The ASN1 templates that need to be seen by internal files
+ * in order to implement CRMF.
+ */
+extern const SEC_ASN1Template CRMFCertReqMsgTemplate[];
+extern const SEC_ASN1Template CRMFRAVerifiedTemplate[];
+extern const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[];
+extern const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[];
+extern const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[];
+extern const SEC_ASN1Template CRMFThisMessageTemplate[];
+extern const SEC_ASN1Template CRMFSubsequentMessageTemplate[];
+extern const SEC_ASN1Template CRMFDHMACTemplate[];
+extern const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[];
+extern const SEC_ASN1Template CRMFEncryptedValueTemplate[];
+
+/*
+ * Use these two values for encoding Boolean values.
+ */
+extern const unsigned char hexTrue;
+extern const unsigned char hexFalse;
+/*
+ * Prototypes for helper routines used internally by multiple files.
+ */
+extern SECStatus crmf_encode_integer(PLArenaPool *poolp, SECItem *dest,
+ long value);
+extern SECStatus crmf_make_bitstring_copy(PLArenaPool *arena, SECItem *dest,
+ SECItem *src);
+
+extern SECStatus crmf_copy_pkiarchiveoptions(PLArenaPool *poolp,
+ CRMFPKIArchiveOptions *destOpt,
+ CRMFPKIArchiveOptions *srcOpt);
+extern SECStatus
+crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
+ PRBool freeit);
+extern const SEC_ASN1Template *
+crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl);
+
+extern SECStatus crmf_copy_encryptedkey(PLArenaPool *poolp,
+ CRMFEncryptedKey *srcEncrKey,
+ CRMFEncryptedKey *destEncrKey);
+extern SECStatus
+crmf_copy_encryptedvalue(PLArenaPool *poolp,
+ CRMFEncryptedValue *srcValue,
+ CRMFEncryptedValue *destValue);
+
+extern SECStatus
+crmf_copy_encryptedvalue_secalg(PLArenaPool *poolp,
+ SECAlgorithmID *srcAlgId,
+ SECAlgorithmID **destAlgId);
+
+extern SECStatus crmf_template_copy_secalg(PLArenaPool *poolp,
+ SECAlgorithmID **dest,
+ SECAlgorithmID *src);
+
+extern SECStatus crmf_copy_cert_name(PLArenaPool *poolp, CERTName **dest,
+ CERTName *src);
+
+extern SECStatus crmf_template_add_public_key(PLArenaPool *poolp,
+ CERTSubjectPublicKeyInfo **dest,
+ CERTSubjectPublicKeyInfo *pubKey);
+
+extern CRMFCertExtension *crmf_create_cert_extension(PLArenaPool *poolp,
+ SECOidTag tag,
+ PRBool isCritical,
+ SECItem *data);
+extern CRMFCertRequest *
+crmf_copy_cert_request(PLArenaPool *poolp, CRMFCertRequest *srcReq);
+
+extern SECStatus crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue,
+ PRBool freeit);
+
+extern CRMFEncryptedValue *
+crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
+ SECKEYPublicKey *inPubKey,
+ CRMFEncryptedValue *destValue);
+
+extern CK_MECHANISM_TYPE
+crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey);
+
+extern SECStatus
+crmf_encrypted_value_unwrap_priv_key(PLArenaPool *poolp,
+ CRMFEncryptedValue *encValue,
+ SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *newPubKey,
+ SECItem *nickname,
+ PK11SlotInfo *slot,
+ unsigned char keyUsage,
+ SECKEYPrivateKey **unWrappedKey,
+ void *wincx);
+
+extern SECItem *
+crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest);
+
+extern CRMFCertExtension *
+crmf_copy_cert_extension(PLArenaPool *poolp, CRMFCertExtension *inExtension);
+
+extern SECStatus
+crmf_create_prtime(SECItem *src, PRTime **dest);
+#endif /*_CRMFI_H_*/
diff --git a/security/nss/lib/crmf/crmfit.h b/security/nss/lib/crmf/crmfit.h
new file mode 100644
index 000000000..c5c4b96e9
--- /dev/null
+++ b/security/nss/lib/crmf/crmfit.h
@@ -0,0 +1,185 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CRMFIT_H_
+#define _CRMFIT_H_
+
+struct CRMFCertReqMessagesStr {
+ CRMFCertReqMsg **messages;
+ PLArenaPool *poolp;
+};
+
+struct CRMFCertExtensionStr {
+ SECItem id;
+ SECItem critical;
+ SECItem value;
+};
+
+struct CRMFOptionalValidityStr {
+ SECItem notBefore;
+ SECItem notAfter;
+};
+
+struct CRMFCertTemplateStr {
+ SECItem version;
+ SECItem serialNumber;
+ SECAlgorithmID *signingAlg;
+ CERTName *issuer;
+ CRMFOptionalValidity *validity;
+ CERTName *subject;
+ CERTSubjectPublicKeyInfo *publicKey;
+ SECItem issuerUID;
+ SECItem subjectUID;
+ CRMFCertExtension **extensions;
+ int numExtensions;
+};
+
+struct CRMFCertIDStr {
+ SECItem issuer; /* General Name */
+ SECItem serialNumber; /*INTEGER*/
+};
+
+struct CRMFEncryptedValueStr {
+ SECAlgorithmID *intendedAlg;
+ SECAlgorithmID *symmAlg;
+ SECItem encSymmKey; /*BIT STRING */
+ SECAlgorithmID *keyAlg;
+ SECItem valueHint; /*OCTET STRING */
+ SECItem encValue; /*BIT STRING */
+};
+
+/*
+ * The field derValue will contain the actual der
+ * to include in the encoding or that was read in
+ * from a der blob.
+ */
+struct CRMFEncryptedKeyStr {
+ union {
+ SEC_PKCS7ContentInfo *envelopedData;
+ CRMFEncryptedValue encryptedValue;
+ } value;
+ CRMFEncryptedKeyChoice encKeyChoice;
+ SECItem derValue;
+};
+
+/* ASN1 must only have one of the following 3 options. */
+struct CRMFPKIArchiveOptionsStr {
+ union {
+ CRMFEncryptedKey encryptedKey;
+ SECItem keyGenParameters;
+ SECItem archiveRemGenPrivKey; /* BOOLEAN */
+ } option;
+ CRMFPKIArchiveOptionsType archOption;
+};
+
+struct CRMFPKIPublicationInfoStr {
+ SECItem action; /* Possible values */
+ /* dontPublish (0), pleasePublish (1) */
+ CRMFSinglePubInfo **pubInfos;
+};
+
+struct CRMFControlStr {
+ SECOidTag tag;
+ SECItem derTag;
+ SECItem derValue;
+ /* These will be C structures used to represent the various
+ * options. Values that can't be stored as der right away.
+ * After creating these structures, we'll place their der
+ * encoding in derValue so the encoder knows how to get to
+ * it.
+ */
+ union {
+ CRMFCertID oldCertId;
+ CRMFPKIArchiveOptions archiveOptions;
+ CRMFPKIPublicationInfo pubInfo;
+ CRMFProtocolEncrKey protEncrKey;
+ } value;
+};
+
+struct CRMFCertRequestStr {
+ SECItem certReqId;
+ CRMFCertTemplate certTemplate;
+ CRMFControl **controls;
+ /* The following members are used by the internal implementation, but
+ * are not part of the encoding.
+ */
+ PLArenaPool *poolp;
+ PRUint32 requestID; /* This is the value that will be encoded into
+ * the certReqId field.
+ */
+};
+
+struct CRMFAttributeStr {
+ SECItem derTag;
+ SECItem derValue;
+};
+
+struct CRMFCertReqMsgStr {
+ CRMFCertRequest *certReq;
+ CRMFProofOfPossession *pop;
+ CRMFAttribute **regInfo;
+ SECItem derPOP;
+ /* This arena will be used for allocating memory when decoding.
+ */
+ PLArenaPool *poolp;
+ PRBool isDecoded;
+};
+
+struct CRMFPOPOSigningKeyInputStr {
+ /* ASN1 must have only one of the next 2 options */
+ union {
+ SECItem sender; /*General Name*/
+ CRMFPKMACValue *publicKeyMAC;
+ } authInfo;
+ CERTSubjectPublicKeyInfo publicKey;
+};
+
+struct CRMFPOPOSigningKeyStr {
+ SECItem derInput; /*If in the future we support
+ *POPOSigningKeyInput, this will
+ *a C structure representation
+ *instead.
+ */
+ SECAlgorithmID *algorithmIdentifier;
+ SECItem signature; /* This is a BIT STRING. Remember */
+}; /* that when interpreting. */
+
+/* ASN1 must only choose one of these members */
+struct CRMFPOPOPrivKeyStr {
+ union {
+ SECItem thisMessage; /* BIT STRING */
+ SECItem subsequentMessage; /*INTEGER*/
+ SECItem dhMAC; /*BIT STRING*/
+ } message;
+ CRMFPOPOPrivKeyChoice messageChoice;
+};
+
+/* ASN1 must only have one of these options. */
+struct CRMFProofOfPossessionStr {
+ union {
+ SECItem raVerified;
+ CRMFPOPOSigningKey signature;
+ CRMFPOPOPrivKey keyEncipherment;
+ CRMFPOPOPrivKey keyAgreement;
+ } popChoice;
+ CRMFPOPChoice popUsed; /*Not part of encoding*/
+};
+
+struct CRMFPKMACValueStr {
+ SECAlgorithmID algID;
+ SECItem value; /*BIT STRING*/
+};
+
+struct CRMFSinglePubInfoStr {
+ SECItem pubMethod; /* Possible Values:
+ * dontCare (0)
+ * x500 (1)
+ * web (2)
+ * ldap (3)
+ */
+ CERTGeneralName *pubLocation; /* General Name */
+};
+
+#endif /* _CRMFIT_H_ */
diff --git a/security/nss/lib/crmf/crmfpop.c b/security/nss/lib/crmf/crmfpop.c
new file mode 100644
index 000000000..725f8c730
--- /dev/null
+++ b/security/nss/lib/crmf/crmfpop.c
@@ -0,0 +1,598 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+#include "secasn1.h"
+#include "keyhi.h"
+#include "cryptohi.h"
+
+#define CRMF_DEFAULT_ALLOC_SIZE 1024U
+
+SECStatus
+crmf_init_encoder_callback_arg(struct crmfEncoderArg *encoderArg,
+ SECItem *derDest)
+{
+ derDest->data = PORT_ZNewArray(unsigned char, CRMF_DEFAULT_ALLOC_SIZE);
+ if (derDest->data == NULL) {
+ return SECFailure;
+ }
+ derDest->len = 0;
+ encoderArg->allocatedLen = CRMF_DEFAULT_ALLOC_SIZE;
+ encoderArg->buffer = derDest;
+ return SECSuccess;
+}
+
+/* Caller should release or unmark the pool, instead of doing it here.
+** But there are NO callers of this function at present...
+*/
+SECStatus
+CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg)
+{
+ CRMFProofOfPossession *pop;
+ PLArenaPool *poolp;
+ void *mark;
+
+ PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
+ poolp = inCertReqMsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+ if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
+ return SECFailure;
+ }
+ pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (pop == NULL) {
+ goto loser;
+ }
+ pop->popUsed = crmfRAVerified;
+ pop->popChoice.raVerified.data = NULL;
+ pop->popChoice.raVerified.len = 0;
+ inCertReqMsg->pop = pop;
+ (void)SEC_ASN1EncodeItem(poolp, &(inCertReqMsg->derPOP),
+ &(pop->popChoice.raVerified),
+ CRMFRAVerifiedTemplate);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+static SECOidTag
+crmf_get_key_sign_tag(SECKEYPublicKey *inPubKey)
+{
+ /* maintain backward compatibility with older
+ * implementations */
+ if (inPubKey->keyType == rsaKey) {
+ return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
+ }
+ return SEC_GetSignatureAlgorithmOidTag(inPubKey->keyType, SEC_OID_UNKNOWN);
+}
+
+static SECAlgorithmID *
+crmf_create_poposignkey_algid(PLArenaPool *poolp,
+ SECKEYPublicKey *inPubKey)
+{
+ SECAlgorithmID *algID;
+ SECOidTag tag;
+ SECStatus rv;
+ void *mark;
+
+ mark = PORT_ArenaMark(poolp);
+ algID = PORT_ArenaZNew(poolp, SECAlgorithmID);
+ if (algID == NULL) {
+ goto loser;
+ }
+ tag = crmf_get_key_sign_tag(inPubKey);
+ if (tag == SEC_OID_UNKNOWN) {
+ goto loser;
+ }
+ rv = SECOID_SetAlgorithmID(poolp, algID, tag, NULL);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return algID;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+static CRMFPOPOSigningKeyInput *
+crmf_create_poposigningkeyinput(PLArenaPool *poolp, CERTCertificate *inCert,
+ CRMFMACPasswordCallback fn, void *arg)
+{
+ /* PSM isn't going to do this, so we'll fail here for now.*/
+ return NULL;
+}
+
+void
+crmf_generic_encoder_callback(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ struct crmfEncoderArg *encoderArg = (struct crmfEncoderArg *)arg;
+ unsigned char *cursor;
+
+ if (encoderArg->buffer->len + len > encoderArg->allocatedLen) {
+ int newSize = encoderArg->buffer->len + CRMF_DEFAULT_ALLOC_SIZE;
+ void *dummy = PORT_Realloc(encoderArg->buffer->data, newSize);
+ if (dummy == NULL) {
+ /* I really want to return an error code here */
+ PORT_Assert(0);
+ return;
+ }
+ encoderArg->buffer->data = dummy;
+ encoderArg->allocatedLen = newSize;
+ }
+ cursor = &(encoderArg->buffer->data[encoderArg->buffer->len]);
+ if (len) {
+ PORT_Memcpy(cursor, buf, len);
+ }
+ encoderArg->buffer->len += len;
+}
+
+static SECStatus
+crmf_encode_certreq(CRMFCertRequest *inCertReq, SECItem *derDest)
+{
+ struct crmfEncoderArg encoderArg;
+ SECStatus rv;
+
+ rv = crmf_init_encoder_callback_arg(&encoderArg, derDest);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate,
+ crmf_generic_encoder_callback, &encoderArg);
+}
+
+static SECStatus
+crmf_sign_certreq(PLArenaPool *poolp,
+ CRMFPOPOSigningKey *crmfSignKey,
+ CRMFCertRequest *certReq,
+ SECKEYPrivateKey *inKey,
+ SECAlgorithmID *inAlgId)
+{
+ SECItem derCertReq = { siBuffer, NULL, 0 };
+ SECItem certReqSig = { siBuffer, NULL, 0 };
+ SECStatus rv = SECSuccess;
+
+ rv = crmf_encode_certreq(certReq, &derCertReq);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SEC_SignData(&certReqSig, derCertReq.data, derCertReq.len,
+ inKey, SECOID_GetAlgorithmTag(inAlgId));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Now make it a part of the POPOSigningKey */
+ rv = SECITEM_CopyItem(poolp, &(crmfSignKey->signature), &certReqSig);
+ /* Convert this length to number of bits */
+ crmfSignKey->signature.len <<= 3;
+
+loser:
+ if (derCertReq.data != NULL) {
+ PORT_Free(derCertReq.data);
+ }
+ if (certReqSig.data != NULL) {
+ PORT_Free(certReqSig.data);
+ }
+ return rv;
+}
+
+static SECStatus
+crmf_create_poposignkey(PLArenaPool *poolp,
+ CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOSigningKeyInput *signKeyInput,
+ SECKEYPrivateKey *inPrivKey,
+ SECAlgorithmID *inAlgID,
+ CRMFPOPOSigningKey *signKey)
+{
+ CRMFCertRequest *certReq;
+ void *mark;
+ PRBool useSignKeyInput;
+ SECStatus rv;
+
+ PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL);
+ mark = PORT_ArenaMark(poolp);
+ if (signKey == NULL) {
+ goto loser;
+ }
+ certReq = inCertReqMsg->certReq;
+ useSignKeyInput = !(CRMF_DoesRequestHaveField(certReq, crmfSubject) &&
+ CRMF_DoesRequestHaveField(certReq, crmfPublicKey));
+
+ if (useSignKeyInput) {
+ goto loser;
+ } else {
+ rv = crmf_sign_certreq(poolp, signKey, certReq, inPrivKey, inAlgID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg *inCertReqMsg,
+ SECKEYPrivateKey *inPrivKey,
+ SECKEYPublicKey *inPubKey,
+ CERTCertificate *inCertForInput,
+ CRMFMACPasswordCallback fn,
+ void *arg)
+{
+ SECAlgorithmID *algID;
+ PLArenaPool *poolp;
+ SECItem derTemp = { siBuffer, NULL, 0 };
+ void *mark;
+ SECStatus rv;
+ CRMFPOPOSigningKeyInput *signKeyInput = NULL;
+ CRMFCertRequest *certReq;
+ CRMFProofOfPossession *pop;
+ struct crmfEncoderArg encoderArg;
+
+ PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL &&
+ inCertReqMsg->pop == NULL);
+ certReq = inCertReqMsg->certReq;
+ if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice ||
+ !CRMF_DoesRequestHaveField(certReq, crmfPublicKey)) {
+ return SECFailure;
+ }
+ poolp = inCertReqMsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+ algID = crmf_create_poposignkey_algid(poolp, inPubKey);
+
+ if (!CRMF_DoesRequestHaveField(certReq, crmfSubject)) {
+ signKeyInput = crmf_create_poposigningkeyinput(poolp, inCertForInput,
+ fn, arg);
+ if (signKeyInput == NULL) {
+ goto loser;
+ }
+ }
+
+ pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (pop == NULL) {
+ goto loser;
+ }
+
+ rv = crmf_create_poposignkey(poolp, inCertReqMsg,
+ signKeyInput, inPrivKey, algID,
+ &(pop->popChoice.signature));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ pop->popUsed = crmfSignature;
+ pop->popChoice.signature.algorithmIdentifier = algID;
+ inCertReqMsg->pop = pop;
+
+ rv = crmf_init_encoder_callback_arg(&encoderArg, &derTemp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SEC_ASN1Encode(&pop->popChoice.signature,
+ CRMFPOPOSigningKeyTemplate,
+ crmf_generic_encoder_callback, &encoderArg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(poolp, &(inCertReqMsg->derPOP), &derTemp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_Free(derTemp.data);
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ if (derTemp.data != NULL) {
+ PORT_Free(derTemp.data);
+ }
+ return SECFailure;
+}
+
+static const SEC_ASN1Template *
+crmf_get_popoprivkey_subtemplate(CRMFPOPOPrivKey *inPrivKey)
+{
+ const SEC_ASN1Template *retTemplate = NULL;
+
+ switch (inPrivKey->messageChoice) {
+ case crmfThisMessage:
+ retTemplate = CRMFThisMessageTemplate;
+ break;
+ case crmfSubsequentMessage:
+ retTemplate = CRMFSubsequentMessageTemplate;
+ break;
+ case crmfDHMAC:
+ retTemplate = CRMFDHMACTemplate;
+ break;
+ default:
+ retTemplate = NULL;
+ }
+ return retTemplate;
+}
+
+static SECStatus
+crmf_encode_popoprivkey(PLArenaPool *poolp,
+ CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKey *popoPrivKey,
+ const SEC_ASN1Template *privKeyTemplate)
+{
+ struct crmfEncoderArg encoderArg;
+ SECItem derTemp = { siBuffer, NULL, 0 };
+ SECStatus rv;
+ void *mark;
+ const SEC_ASN1Template *subDerTemplate;
+
+ mark = PORT_ArenaMark(poolp);
+ rv = crmf_init_encoder_callback_arg(&encoderArg, &derTemp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ subDerTemplate = crmf_get_popoprivkey_subtemplate(popoPrivKey);
+ /* We've got a union, so a pointer to one item is a pointer to
+ * all the items in the union.
+ */
+ rv = SEC_ASN1Encode(&popoPrivKey->message.thisMessage,
+ subDerTemplate,
+ crmf_generic_encoder_callback, &encoderArg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (encoderArg.allocatedLen > derTemp.len + 2) {
+ void *dummy = PORT_Realloc(derTemp.data, derTemp.len + 2);
+ if (dummy == NULL) {
+ goto loser;
+ }
+ derTemp.data = dummy;
+ }
+ PORT_Memmove(&derTemp.data[2], &derTemp.data[0], derTemp.len);
+ /* I couldn't figure out how to get the ASN1 encoder to implicitly
+ * tag an implicitly tagged der blob. So I'm putting in the outter-
+ * most tag myself. -javi
+ */
+ derTemp.data[0] = (unsigned char)privKeyTemplate->kind;
+ derTemp.data[1] = (unsigned char)derTemp.len;
+ derTemp.len += 2;
+ rv = SECITEM_CopyItem(poolp, &inCertReqMsg->derPOP, &derTemp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_Free(derTemp.data);
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ if (derTemp.data) {
+ PORT_Free(derTemp.data);
+ }
+ return SECFailure;
+}
+
+static const SEC_ASN1Template *
+crmf_get_template_for_privkey(CRMFPOPChoice inChoice)
+{
+ switch (inChoice) {
+ case crmfKeyAgreement:
+ return CRMFPOPOKeyAgreementTemplate;
+ case crmfKeyEncipherment:
+ return CRMFPOPOKeyEnciphermentTemplate;
+ default:
+ break;
+ }
+ return NULL;
+}
+
+static SECStatus
+crmf_add_privkey_thismessage(CRMFCertReqMsg *inCertReqMsg, SECItem *encPrivKey,
+ CRMFPOPChoice inChoice)
+{
+ PLArenaPool *poolp;
+ void *mark;
+ CRMFPOPOPrivKey *popoPrivKey;
+ CRMFProofOfPossession *pop;
+ SECStatus rv;
+
+ PORT_Assert(inCertReqMsg != NULL && encPrivKey != NULL);
+ poolp = inCertReqMsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+ pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (pop == NULL) {
+ goto loser;
+ }
+ pop->popUsed = inChoice;
+ /* popChoice is a union, so getting a pointer to one
+ * field gives me a pointer to the other fields as
+ * well. This in essence points to both
+ * pop->popChoice.keyEncipherment and
+ * pop->popChoice.keyAgreement
+ */
+ popoPrivKey = &pop->popChoice.keyEncipherment;
+
+ rv = SECITEM_CopyItem(poolp, &(popoPrivKey->message.thisMessage),
+ encPrivKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ popoPrivKey->message.thisMessage.len <<= 3;
+ popoPrivKey->messageChoice = crmfThisMessage;
+ inCertReqMsg->pop = pop;
+ rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
+ crmf_get_template_for_privkey(inChoice));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+static SECStatus
+crmf_add_privkey_dhmac(CRMFCertReqMsg *inCertReqMsg, SECItem *dhmac,
+ CRMFPOPChoice inChoice)
+{
+ PLArenaPool *poolp;
+ void *mark;
+ CRMFPOPOPrivKey *popoPrivKey;
+ CRMFProofOfPossession *pop;
+ SECStatus rv;
+
+ PORT_Assert(inCertReqMsg != NULL && dhmac != NULL);
+ poolp = inCertReqMsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+ pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (pop == NULL) {
+ goto loser;
+ }
+ pop->popUsed = inChoice;
+ popoPrivKey = &pop->popChoice.keyAgreement;
+
+ rv = SECITEM_CopyItem(poolp, &(popoPrivKey->message.dhMAC),
+ dhmac);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ popoPrivKey->message.dhMAC.len <<= 3;
+ popoPrivKey->messageChoice = crmfDHMAC;
+ inCertReqMsg->pop = pop;
+ rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
+ crmf_get_template_for_privkey(inChoice));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+static SECStatus
+crmf_add_privkey_subseqmessage(CRMFCertReqMsg *inCertReqMsg,
+ CRMFSubseqMessOptions subsequentMessage,
+ CRMFPOPChoice inChoice)
+{
+ void *mark;
+ PLArenaPool *poolp;
+ CRMFProofOfPossession *pop;
+ CRMFPOPOPrivKey *popoPrivKey;
+ SECStatus rv;
+ const SEC_ASN1Template *privKeyTemplate;
+
+ if (subsequentMessage == crmfNoSubseqMess) {
+ return SECFailure;
+ }
+ poolp = inCertReqMsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+ pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (pop == NULL) {
+ goto loser;
+ }
+
+ pop->popUsed = inChoice;
+ /*
+ * We have a union, so a pointer to one member of the union
+ * is also a member to another member of that same union.
+ */
+ popoPrivKey = &pop->popChoice.keyEncipherment;
+
+ switch (subsequentMessage) {
+ case crmfEncrCert:
+ rv = crmf_encode_integer(poolp,
+ &(popoPrivKey->message.subsequentMessage),
+ 0);
+ break;
+ case crmfChallengeResp:
+ rv = crmf_encode_integer(poolp,
+ &(popoPrivKey->message.subsequentMessage),
+ 1);
+ break;
+ default:
+ goto loser;
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ popoPrivKey->messageChoice = crmfSubsequentMessage;
+ privKeyTemplate = crmf_get_template_for_privkey(inChoice);
+ inCertReqMsg->pop = pop;
+ rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
+ privKeyTemplate);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKeyChoice inKeyChoice,
+ CRMFSubseqMessOptions subseqMess,
+ SECItem *encPrivKey)
+{
+ SECStatus rv;
+
+ PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
+ if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
+ return SECFailure;
+ }
+ switch (inKeyChoice) {
+ case crmfThisMessage:
+ rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
+ crmfKeyEncipherment);
+ break;
+ case crmfSubsequentMessage:
+ rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess,
+ crmfKeyEncipherment);
+ break;
+ case crmfDHMAC:
+ default:
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+SECStatus
+CRMF_CertReqMsgSetKeyAgreementPOP(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKeyChoice inKeyChoice,
+ CRMFSubseqMessOptions subseqMess,
+ SECItem *encPrivKey)
+{
+ SECStatus rv;
+
+ PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
+ switch (inKeyChoice) {
+ case crmfThisMessage:
+ rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
+ crmfKeyAgreement);
+ break;
+ case crmfSubsequentMessage:
+ rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess,
+ crmfKeyAgreement);
+ break;
+ case crmfDHMAC:
+ /* In this case encPrivKey should be the calculated dhMac
+ * as specified in RFC 2511 */
+ rv = crmf_add_privkey_dhmac(inCertReqMsg, encPrivKey,
+ crmfKeyAgreement);
+ break;
+ default:
+ rv = SECFailure;
+ }
+ return rv;
+}
diff --git a/security/nss/lib/crmf/crmfreq.c b/security/nss/lib/crmf/crmfreq.c
new file mode 100644
index 000000000..e89f18228
--- /dev/null
+++ b/security/nss/lib/crmf/crmfreq.c
@@ -0,0 +1,663 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+#include "keyhi.h"
+#include "secder.h"
+
+/*
+ * Macro that returns PR_TRUE if the pointer is not NULL.
+ * If the pointer is NULL, then the macro will return PR_FALSE.
+ */
+#define IS_NOT_NULL(ptr) ((ptr) == NULL) ? PR_FALSE : PR_TRUE
+
+const unsigned char hexTrue = 0xff;
+const unsigned char hexFalse = 0x00;
+
+SECStatus
+crmf_encode_integer(PLArenaPool *poolp, SECItem *dest, long value)
+{
+ SECItem *dummy;
+
+ dummy = SEC_ASN1EncodeInteger(poolp, dest, value);
+ PORT_Assert(dummy == dest);
+ if (dummy == NULL) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+crmf_encode_unsigned_integer(PLArenaPool *poolp, SECItem *dest,
+ unsigned long value)
+{
+ SECItem *dummy;
+
+ dummy = SEC_ASN1EncodeUnsignedInteger(poolp, dest, value);
+ PORT_Assert(dummy == dest);
+ if (dummy != dest) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_copy_secitem(PLArenaPool *poolp, SECItem *dest, SECItem *src)
+{
+ return SECITEM_CopyItem(poolp, dest, src);
+}
+
+PRBool
+CRMF_DoesRequestHaveField(CRMFCertRequest *inCertReq,
+ CRMFCertTemplateField inField)
+{
+
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return PR_FALSE;
+ }
+ switch (inField) {
+ case crmfVersion:
+ return inCertReq->certTemplate.version.data != NULL;
+ case crmfSerialNumber:
+ return inCertReq->certTemplate.serialNumber.data != NULL;
+ case crmfSigningAlg:
+ return inCertReq->certTemplate.signingAlg != NULL;
+ case crmfIssuer:
+ return inCertReq->certTemplate.issuer != NULL;
+ case crmfValidity:
+ return inCertReq->certTemplate.validity != NULL;
+ case crmfSubject:
+ return inCertReq->certTemplate.subject != NULL;
+ case crmfPublicKey:
+ return inCertReq->certTemplate.publicKey != NULL;
+ case crmfIssuerUID:
+ return inCertReq->certTemplate.issuerUID.data != NULL;
+ case crmfSubjectUID:
+ return inCertReq->certTemplate.subjectUID.data != NULL;
+ case crmfExtension:
+ return CRMF_CertRequestGetNumberOfExtensions(inCertReq) != 0;
+ }
+ return PR_FALSE;
+}
+
+CRMFCertRequest *
+CRMF_CreateCertRequest(PRUint32 inRequestID)
+{
+ PLArenaPool *poolp;
+ CRMFCertRequest *certReq;
+ SECStatus rv;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ goto loser;
+ }
+
+ certReq = PORT_ArenaZNew(poolp, CRMFCertRequest);
+ if (certReq == NULL) {
+ goto loser;
+ }
+
+ certReq->poolp = poolp;
+ certReq->requestID = inRequestID;
+
+ rv = crmf_encode_unsigned_integer(poolp, &(certReq->certReqId),
+ inRequestID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return certReq;
+loser:
+ if (poolp) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECStatus
+CRMF_DestroyCertRequest(CRMFCertRequest *inCertReq)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq != NULL) {
+ if (inCertReq->certTemplate.extensions) {
+ PORT_Free(inCertReq->certTemplate.extensions);
+ }
+ if (inCertReq->controls) {
+ /* Right now we don't support EnveloppedData option,
+ * so we won't go through and delete each occurrence of
+ * an EnveloppedData in the control.
+ */
+ PORT_Free(inCertReq->controls);
+ }
+ if (inCertReq->poolp) {
+ PORT_FreeArena(inCertReq->poolp, PR_TRUE);
+ }
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+crmf_template_add_version(PLArenaPool *poolp, SECItem *dest, long version)
+{
+ return (crmf_encode_integer(poolp, dest, version));
+}
+
+static SECStatus
+crmf_template_add_serialnumber(PLArenaPool *poolp, SECItem *dest, long serial)
+{
+ return (crmf_encode_integer(poolp, dest, serial));
+}
+
+SECStatus
+crmf_template_copy_secalg(PLArenaPool *poolp, SECAlgorithmID **dest,
+ SECAlgorithmID *src)
+{
+ SECStatus rv;
+ void *mark = NULL;
+ SECAlgorithmID *mySecAlg;
+
+ if (!poolp) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(poolp);
+ *dest = mySecAlg = PORT_ArenaZNew(poolp, SECAlgorithmID);
+ if (mySecAlg == NULL) {
+ goto loser;
+ }
+ rv = SECOID_CopyAlgorithmID(poolp, mySecAlg, src);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (mark) {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+ return SECSuccess;
+
+loser:
+ *dest = NULL;
+ if (mark) {
+ PORT_ArenaRelease(poolp, mark);
+ }
+ return SECFailure;
+}
+
+SECStatus
+crmf_copy_cert_name(PLArenaPool *poolp, CERTName **dest,
+ CERTName *src)
+{
+ CERTName *newName;
+ SECStatus rv;
+ void *mark;
+
+ mark = PORT_ArenaMark(poolp);
+ *dest = newName = PORT_ArenaZNew(poolp, CERTName);
+ if (newName == NULL) {
+ goto loser;
+ }
+
+ rv = CERT_CopyName(poolp, newName, src);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ *dest = NULL;
+ return SECFailure;
+}
+
+static SECStatus
+crmf_template_add_issuer(PLArenaPool *poolp, CERTName **dest,
+ CERTName *issuerName)
+{
+ return crmf_copy_cert_name(poolp, dest, issuerName);
+}
+
+static SECStatus
+crmf_template_add_validity(PLArenaPool *poolp, CRMFOptionalValidity **dest,
+ CRMFValidityCreationInfo *info)
+{
+ SECStatus rv;
+ void *mark;
+ CRMFOptionalValidity *myValidity;
+
+ /*First off, let's make sure at least one of the two fields is present*/
+ if (!info || (!info->notBefore && !info->notAfter)) {
+ return SECFailure;
+ }
+ mark = PORT_ArenaMark(poolp);
+ *dest = myValidity = PORT_ArenaZNew(poolp, CRMFOptionalValidity);
+ if (myValidity == NULL) {
+ goto loser;
+ }
+
+ if (info->notBefore) {
+ rv = DER_EncodeTimeChoice(poolp, &myValidity->notBefore,
+ *info->notBefore);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ if (info->notAfter) {
+ rv = DER_EncodeTimeChoice(poolp, &myValidity->notAfter,
+ *info->notAfter);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ *dest = NULL;
+ return SECFailure;
+}
+
+static SECStatus
+crmf_template_add_subject(PLArenaPool *poolp, CERTName **dest,
+ CERTName *subject)
+{
+ return crmf_copy_cert_name(poolp, dest, subject);
+}
+
+SECStatus
+crmf_template_add_public_key(PLArenaPool *poolp,
+ CERTSubjectPublicKeyInfo **dest,
+ CERTSubjectPublicKeyInfo *pubKey)
+{
+ CERTSubjectPublicKeyInfo *spki;
+ SECStatus rv;
+
+ *dest = spki = (poolp == NULL) ? PORT_ZNew(CERTSubjectPublicKeyInfo) : PORT_ArenaZNew(poolp, CERTSubjectPublicKeyInfo);
+ if (spki == NULL) {
+ goto loser;
+ }
+ rv = SECKEY_CopySubjectPublicKeyInfo(poolp, spki, pubKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return SECSuccess;
+loser:
+ if (poolp == NULL && spki != NULL) {
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ }
+ *dest = NULL;
+ return SECFailure;
+}
+
+static SECStatus
+crmf_copy_bitstring(PLArenaPool *poolp, SECItem *dest, const SECItem *src)
+{
+ SECStatus rv;
+ SECItem byteSrc;
+
+ byteSrc = *src;
+ byteSrc.len = CRMF_BITS_TO_BYTES(byteSrc.len);
+ rv = crmf_copy_secitem(poolp, dest, &byteSrc);
+ dest->len = src->len;
+ return rv;
+}
+
+static SECStatus
+crmf_template_add_issuer_uid(PLArenaPool *poolp, SECItem *dest,
+ const SECItem *issuerUID)
+{
+ return crmf_copy_bitstring(poolp, dest, issuerUID);
+}
+
+static SECStatus
+crmf_template_add_subject_uid(PLArenaPool *poolp, SECItem *dest,
+ const SECItem *subjectUID)
+{
+ return crmf_copy_bitstring(poolp, dest, subjectUID);
+}
+
+static void
+crmf_zeroize_new_extensions(CRMFCertExtension **extensions,
+ int numToZeroize)
+{
+ PORT_Memset((void *)extensions, 0, sizeof(CERTCertExtension *) * numToZeroize);
+}
+
+/*
+ * The strategy for adding templates will differ from all the other
+ * attributes in the template. First, we want to allow the client
+ * of this API to set extensions more than just once. So we will
+ * need the ability grow the array of extensions. Since arenas don't
+ * give us the realloc function, we'll use the generic PORT_* functions
+ * to allocate the array of pointers *ONLY*. Then we will allocate each
+ * individual extension from the arena that comes along with the certReq
+ * structure that owns this template.
+ */
+static SECStatus
+crmf_template_add_extensions(PLArenaPool *poolp, CRMFCertTemplate *inTemplate,
+ CRMFCertExtCreationInfo *extensions)
+{
+ void *mark;
+ int newSize, oldSize, i;
+ SECStatus rv;
+ CRMFCertExtension **extArray;
+ CRMFCertExtension *newExt, *currExt;
+
+ mark = PORT_ArenaMark(poolp);
+ if (inTemplate->extensions == NULL) {
+ newSize = extensions->numExtensions;
+ extArray = PORT_ZNewArray(CRMFCertExtension *, newSize + 1);
+ } else {
+ newSize = inTemplate->numExtensions + extensions->numExtensions;
+ extArray = PORT_Realloc(inTemplate->extensions,
+ sizeof(CRMFCertExtension *) * (newSize + 1));
+ }
+ if (extArray == NULL) {
+ goto loser;
+ }
+ oldSize = inTemplate->numExtensions;
+ inTemplate->extensions = extArray;
+ inTemplate->numExtensions = newSize;
+ for (i = oldSize; i < newSize; i++) {
+ newExt = PORT_ArenaZNew(poolp, CRMFCertExtension);
+ if (newExt == NULL) {
+ goto loser2;
+ }
+ currExt = extensions->extensions[i - oldSize];
+ rv = crmf_copy_secitem(poolp, &(newExt->id), &(currExt->id));
+ if (rv != SECSuccess) {
+ goto loser2;
+ }
+ rv = crmf_copy_secitem(poolp, &(newExt->critical),
+ &(currExt->critical));
+ if (rv != SECSuccess) {
+ goto loser2;
+ }
+ rv = crmf_copy_secitem(poolp, &(newExt->value), &(currExt->value));
+ if (rv != SECSuccess) {
+ goto loser2;
+ }
+ extArray[i] = newExt;
+ }
+ extArray[newSize] = NULL;
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+loser2:
+ crmf_zeroize_new_extensions(&(inTemplate->extensions[oldSize]),
+ extensions->numExtensions);
+ inTemplate->numExtensions = oldSize;
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
+ CRMFCertTemplateField inTemplateField,
+ void *data)
+{
+ CRMFCertTemplate *certTemplate;
+ PLArenaPool *poolp;
+ SECStatus rv = SECFailure;
+ void *mark;
+
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+
+ certTemplate = &(inCertReq->certTemplate);
+
+ poolp = inCertReq->poolp;
+ mark = PORT_ArenaMark(poolp);
+ switch (inTemplateField) {
+ case crmfVersion:
+ rv = crmf_template_add_version(poolp, &(certTemplate->version),
+ *(long *)data);
+ break;
+ case crmfSerialNumber:
+ rv = crmf_template_add_serialnumber(poolp,
+ &(certTemplate->serialNumber),
+ *(long *)data);
+ break;
+ case crmfSigningAlg:
+ rv = crmf_template_copy_secalg(poolp, &(certTemplate->signingAlg),
+ (SECAlgorithmID *)data);
+ break;
+ case crmfIssuer:
+ rv = crmf_template_add_issuer(poolp, &(certTemplate->issuer),
+ (CERTName *)data);
+ break;
+ case crmfValidity:
+ rv = crmf_template_add_validity(poolp, &(certTemplate->validity),
+ (CRMFValidityCreationInfo *)data);
+ break;
+ case crmfSubject:
+ rv = crmf_template_add_subject(poolp, &(certTemplate->subject),
+ (CERTName *)data);
+ break;
+ case crmfPublicKey:
+ rv = crmf_template_add_public_key(poolp, &(certTemplate->publicKey),
+ (CERTSubjectPublicKeyInfo *)data);
+ break;
+ case crmfIssuerUID:
+ rv = crmf_template_add_issuer_uid(poolp, &(certTemplate->issuerUID),
+ (SECItem *)data);
+ break;
+ case crmfSubjectUID:
+ rv = crmf_template_add_subject_uid(poolp, &(certTemplate->subjectUID),
+ (SECItem *)data);
+ break;
+ case crmfExtension:
+ rv = crmf_template_add_extensions(poolp, certTemplate,
+ (CRMFCertExtCreationInfo *)data);
+ break;
+ }
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(poolp, mark);
+ } else {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+ return rv;
+}
+
+SECStatus
+CRMF_CertReqMsgSetCertRequest(CRMFCertReqMsg *inCertReqMsg,
+ CRMFCertRequest *inCertReq)
+{
+ PORT_Assert(inCertReqMsg != NULL && inCertReq != NULL);
+ if (inCertReqMsg == NULL || inCertReq == NULL) {
+ return SECFailure;
+ }
+ inCertReqMsg->certReq = crmf_copy_cert_request(inCertReqMsg->poolp,
+ inCertReq);
+ return (inCertReqMsg->certReq == NULL) ? SECFailure : SECSuccess;
+}
+
+CRMFCertReqMsg *
+CRMF_CreateCertReqMsg(void)
+{
+ PLArenaPool *poolp;
+ CRMFCertReqMsg *reqMsg;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ goto loser;
+ }
+ reqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
+ if (reqMsg == NULL) {
+ goto loser;
+ }
+ reqMsg->poolp = poolp;
+ return reqMsg;
+
+loser:
+ if (poolp) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECStatus
+CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg)
+{
+ PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->poolp != NULL);
+ if (!inCertReqMsg->isDecoded) {
+ if (inCertReqMsg->certReq->certTemplate.extensions != NULL) {
+ PORT_Free(inCertReqMsg->certReq->certTemplate.extensions);
+ }
+ if (inCertReqMsg->certReq->controls != NULL) {
+ PORT_Free(inCertReqMsg->certReq->controls);
+ }
+ }
+ PORT_FreeArena(inCertReqMsg->poolp, PR_TRUE);
+ return SECSuccess;
+}
+
+CRMFCertExtension *
+crmf_create_cert_extension(PLArenaPool *poolp,
+ SECOidTag id,
+ PRBool isCritical,
+ SECItem *data)
+{
+ CRMFCertExtension *newExt;
+ SECOidData *oidData;
+ SECStatus rv;
+
+ newExt = (poolp == NULL) ? PORT_ZNew(CRMFCertExtension) : PORT_ArenaZNew(poolp, CRMFCertExtension);
+ if (newExt == NULL) {
+ goto loser;
+ }
+ oidData = SECOID_FindOIDByTag(id);
+ if (oidData == NULL ||
+ oidData->supportedExtension != SUPPORTED_CERT_EXTENSION) {
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(poolp, &(newExt->id), &(oidData->oid));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(poolp, &(newExt->value), data);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (isCritical) {
+ newExt->critical.data = (poolp == NULL) ? PORT_New(unsigned char)
+ : PORT_ArenaNew(poolp, unsigned char);
+ if (newExt->critical.data == NULL) {
+ goto loser;
+ }
+ newExt->critical.data[0] = hexTrue;
+ newExt->critical.len = 1;
+ }
+ return newExt;
+loser:
+ if (newExt != NULL && poolp == NULL) {
+ CRMF_DestroyCertExtension(newExt);
+ }
+ return NULL;
+}
+
+CRMFCertExtension *
+CRMF_CreateCertExtension(SECOidTag id,
+ PRBool isCritical,
+ SECItem *data)
+{
+ return crmf_create_cert_extension(NULL, id, isCritical, data);
+}
+
+static SECStatus
+crmf_destroy_cert_extension(CRMFCertExtension *inExtension, PRBool freeit)
+{
+ if (inExtension != NULL) {
+ SECITEM_FreeItem(&(inExtension->id), PR_FALSE);
+ SECITEM_FreeItem(&(inExtension->value), PR_FALSE);
+ SECITEM_FreeItem(&(inExtension->critical), PR_FALSE);
+ if (freeit) {
+ PORT_Free(inExtension);
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_DestroyCertExtension(CRMFCertExtension *inExtension)
+{
+ return crmf_destroy_cert_extension(inExtension, PR_TRUE);
+}
+
+SECStatus
+CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs)
+{
+ PORT_Assert(inCertReqMsgs != NULL);
+ if (inCertReqMsgs != NULL) {
+ PORT_FreeArena(inCertReqMsgs->poolp, PR_TRUE);
+ }
+ return SECSuccess;
+}
+
+static PRBool
+crmf_item_has_data(SECItem *item)
+{
+ if (item != NULL && item->data != NULL) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+PRBool
+CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
+ CRMFCertTemplateField inTemplateField)
+{
+ PRBool retVal;
+ CRMFCertTemplate *certTemplate;
+
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ /* This is probably some kind of error, but this is
+ * the safest return value for this function.
+ */
+ return PR_FALSE;
+ }
+ certTemplate = &inCertReq->certTemplate;
+ switch (inTemplateField) {
+ case crmfVersion:
+ retVal = crmf_item_has_data(&certTemplate->version);
+ break;
+ case crmfSerialNumber:
+ retVal = crmf_item_has_data(&certTemplate->serialNumber);
+ break;
+ case crmfSigningAlg:
+ retVal = IS_NOT_NULL(certTemplate->signingAlg);
+ break;
+ case crmfIssuer:
+ retVal = IS_NOT_NULL(certTemplate->issuer);
+ break;
+ case crmfValidity:
+ retVal = IS_NOT_NULL(certTemplate->validity);
+ break;
+ case crmfSubject:
+ retVal = IS_NOT_NULL(certTemplate->subject);
+ break;
+ case crmfPublicKey:
+ retVal = IS_NOT_NULL(certTemplate->publicKey);
+ break;
+ case crmfIssuerUID:
+ retVal = crmf_item_has_data(&certTemplate->issuerUID);
+ break;
+ case crmfSubjectUID:
+ retVal = crmf_item_has_data(&certTemplate->subjectUID);
+ break;
+ case crmfExtension:
+ retVal = IS_NOT_NULL(certTemplate->extensions);
+ break;
+ default:
+ retVal = PR_FALSE;
+ }
+ return retVal;
+}
diff --git a/security/nss/lib/crmf/crmft.h b/security/nss/lib/crmf/crmft.h
new file mode 100644
index 000000000..8d83cf1e6
--- /dev/null
+++ b/security/nss/lib/crmf/crmft.h
@@ -0,0 +1,186 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Header file with all of the structures and types that will be exported
+ * by the security library for implementation of CRMF.
+ */
+
+#ifndef _CRMFT_H_
+#define _CRMFT_H_
+
+/* Use these enumerated values for adding fields to the certificate request */
+typedef enum {
+ crmfVersion = 0,
+ crmfSerialNumber = 1,
+ crmfSigningAlg = 2,
+ crmfIssuer = 3,
+ crmfValidity = 4,
+ crmfSubject = 5,
+ crmfPublicKey = 6,
+ crmfIssuerUID = 7,
+ crmfSubjectUID = 8,
+ crmfExtension = 9
+} CRMFCertTemplateField;
+
+/*
+ * An enumeration for the different types of controls.
+ */
+typedef enum {
+ crmfNoControl = 0,
+ crmfRegTokenControl = 1,
+ crmfAuthenticatorControl = 2,
+ crmfPKIPublicationInfoControl = 3,
+ crmfPKIArchiveOptionsControl = 4,
+ crmfOldCertIDControl = 5,
+ crmfProtocolEncrKeyControl = 6
+} CRMFControlType;
+
+/*
+ * The possible values that are passed into CRMF_CreatePKIPublicationInfo
+ */
+typedef enum {
+ crmfDontPublish = 0,
+ crmfPleasePublish = 1
+} CRMFPublicationAction;
+
+/*
+ * An enumeration for the possible for pubMethod which is a part of
+ * the SinglePubInfo ASN1 type.
+ */
+typedef enum {
+ crmfDontCare = 0,
+ crmfX500 = 1,
+ crmfWeb = 2,
+ crmfLdap = 3
+} CRMFPublicationMethod;
+
+/*
+ * An enumeration for the different options for PKIArchiveOptions type.
+ */
+typedef enum {
+ crmfNoArchiveOptions = 0,
+ crmfEncryptedPrivateKey = 1,
+ crmfKeyGenParameters = 2,
+ crmfArchiveRemGenPrivKey = 3
+} CRMFPKIArchiveOptionsType;
+
+/*
+ * An enumeration for the different options for ProofOfPossession
+ */
+typedef enum {
+ crmfNoPOPChoice = 0,
+ crmfRAVerified = 1,
+ crmfSignature = 2,
+ crmfKeyEncipherment = 3,
+ crmfKeyAgreement = 4
+} CRMFPOPChoice;
+
+/*
+ * An enumertion type for options for the authInfo field of the
+ * CRMFPOPOSigningKeyInput structure.
+ */
+typedef enum {
+ crmfSender = 0,
+ crmfPublicKeyMAC = 1
+} CRMFPOPOSkiInputAuthChoice;
+
+/*
+ * An enumeration for the SubsequentMessage Options.
+ */
+typedef enum {
+ crmfNoSubseqMess = 0,
+ crmfEncrCert = 1,
+ crmfChallengeResp = 2
+} CRMFSubseqMessOptions;
+
+/*
+ * An enumeration for the choice used by POPOPrivKey.
+ */
+typedef enum {
+ crmfNoMessage = 0,
+ crmfThisMessage = 1,
+ crmfSubsequentMessage = 2,
+ crmfDHMAC = 3
+} CRMFPOPOPrivKeyChoice;
+
+/*
+ * An enumeration for the choices for the EncryptedKey type.
+ */
+typedef enum {
+ crmfNoEncryptedKeyChoice = 0,
+ crmfEncryptedValueChoice = 1,
+ crmfEnvelopedDataChoice = 2
+} CRMFEncryptedKeyChoice;
+
+/*
+ * TYPE: CRMFEncoderOutputCallback
+ * This function type defines a prototype for a function that the CRMF
+ * library expects when encoding is performed.
+ *
+ * ARGUMENTS:
+ * arg
+ * This will be a pointer the user passed into an encoding function.
+ * The user of the library is free to use this pointer in any way.
+ * The most common use is to keep around a buffer for writing out
+ * the DER encoded bytes.
+ * buf
+ * The DER encoded bytes that should be written out.
+ * len
+ * The number of DER encoded bytes to write out.
+ *
+ */
+typedef void (*CRMFEncoderOutputCallback)(void *arg,
+ const char *buf,
+ unsigned long len);
+
+/*
+ * Type for the function that gets a password. Just in case we ever
+ * need to support publicKeyMAC for POPOSigningKeyInput
+ */
+typedef SECItem *(*CRMFMACPasswordCallback)(void *arg);
+
+typedef struct CRMFOptionalValidityStr CRMFOptionalValidity;
+typedef struct CRMFValidityCreationInfoStr CRMFGetValidity;
+typedef struct CRMFCertTemplateStr CRMFCertTemplate;
+typedef struct CRMFCertRequestStr CRMFCertRequest;
+typedef struct CRMFCertReqMsgStr CRMFCertReqMsg;
+typedef struct CRMFCertReqMessagesStr CRMFCertReqMessages;
+typedef struct CRMFProofOfPossessionStr CRMFProofOfPossession;
+typedef struct CRMFPOPOSigningKeyStr CRMFPOPOSigningKey;
+typedef struct CRMFPOPOSigningKeyInputStr CRMFPOPOSigningKeyInput;
+typedef struct CRMFPOPOPrivKeyStr CRMFPOPOPrivKey;
+typedef struct CRMFPKIPublicationInfoStr CRMFPKIPublicationInfo;
+typedef struct CRMFSinglePubInfoStr CRMFSinglePubInfo;
+typedef struct CRMFPKIArchiveOptionsStr CRMFPKIArchiveOptions;
+typedef struct CRMFEncryptedKeyStr CRMFEncryptedKey;
+typedef struct CRMFEncryptedValueStr CRMFEncryptedValue;
+typedef struct CRMFCertIDStr CRMFCertID;
+typedef struct CRMFCertIDStr CRMFOldCertID;
+typedef CERTSubjectPublicKeyInfo CRMFProtocolEncrKey;
+typedef struct CRMFValidityCreationInfoStr CRMFValidityCreationInfo;
+typedef struct CRMFCertExtCreationInfoStr CRMFCertExtCreationInfo;
+typedef struct CRMFPKMACValueStr CRMFPKMACValue;
+typedef struct CRMFAttributeStr CRMFAttribute;
+typedef struct CRMFControlStr CRMFControl;
+typedef CERTGeneralName CRMFGeneralName;
+typedef struct CRMFCertExtensionStr CRMFCertExtension;
+
+struct CRMFValidityCreationInfoStr {
+ PRTime *notBefore;
+ PRTime *notAfter;
+};
+
+struct CRMFCertExtCreationInfoStr {
+ CRMFCertExtension **extensions;
+ int numExtensions;
+};
+
+/*
+ * Some ASN1 Templates that may be needed.
+ */
+extern const SEC_ASN1Template CRMFCertReqMessagesTemplate[];
+extern const SEC_ASN1Template CRMFCertRequestTemplate[];
+
+#endif /*_CRMFT_H_*/
diff --git a/security/nss/lib/crmf/crmftmpl.c b/security/nss/lib/crmf/crmftmpl.c
new file mode 100644
index 000000000..265a15dd5
--- /dev/null
+++ b/security/nss/lib/crmf/crmftmpl.c
@@ -0,0 +1,240 @@
+/* -*- Mode: C; tab-width: 8 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "crmf.h"
+#include "crmfi.h"
+#include "secoid.h"
+#include "secasn1.h"
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_NullTemplate)
+SEC_ASN1_MKSUB(SEC_BitStringTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+SEC_ASN1_MKSUB(CERT_TimeChoiceTemplate)
+SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate)
+SEC_ASN1_MKSUB(CERT_NameTemplate)
+
+/*
+ * It's all implicit tagging.
+ */
+
+const SEC_ASN1Template CRMFControlTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag) },
+ { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) },
+ { 0 }
+};
+
+static const SEC_ASN1Template CRMFCertExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CRMFCertExtension) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(CRMFCertExtension, id) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
+ offsetof(CRMFCertExtension, critical) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(CRMFCertExtension, value) },
+ { 0 }
+};
+
+static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate }
+};
+
+static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFOptionalValidity) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0,
+ offsetof(CRMFOptionalValidity, notBefore),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1,
+ offsetof(CRMFOptionalValidity, notAfter),
+ SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template crmfPointerToNameTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template CRMFCertTemplateTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(CRMFCertTemplate, version),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1,
+ offsetof(CRMFCertTemplate, serialNumber),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
+ SEC_ASN1_XTRN | 2,
+ offsetof(CRMFCertTemplate, signingAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3,
+ offsetof(CRMFCertTemplate, issuer), crmfPointerToNameTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4,
+ offsetof(CRMFCertTemplate, validity),
+ CRMFOptionalValidityTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5,
+ offsetof(CRMFCertTemplate, subject), crmfPointerToNameTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
+ SEC_ASN1_XTRN | 6,
+ offsetof(CRMFCertTemplate, publicKey),
+ SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
+ { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
+ SEC_ASN1_XTRN | 7,
+ offsetof(CRMFCertTemplate, issuerUID),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
+ SEC_ASN1_XTRN | 8,
+ offsetof(CRMFCertTemplate, subjectUID),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
+ SEC_ASN1_CONTEXT_SPECIFIC | 9,
+ offsetof(CRMFCertTemplate, extensions),
+ CRMFSequenceOfCertExtensionTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template CRMFAttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag) },
+ { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFCertRequestTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertRequest) },
+ { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId) },
+ { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate),
+ CRMFCertTemplateTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
+ offsetof(CRMFCertRequest, controls),
+ CRMFControlTemplate }, /* SEQUENCE SIZE (1...MAX)*/
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFCertReqMsgTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) },
+ { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq),
+ CRMFCertRequestTemplate },
+ { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
+ offsetof(CRMFCertReqMsg, derPOP) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
+ offsetof(CRMFCertReqMsg, regInfo),
+ CRMFAttributeTemplate }, /* SEQUENCE SIZE (1...MAX)*/
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages),
+ CRMFCertReqMsgTemplate, sizeof(CRMFCertReqMessages) }
+};
+
+const SEC_ASN1Template CRMFRAVerifiedTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN,
+ 0,
+ SEC_ASN1_SUB(SEC_NullTemplate) },
+ { 0 }
+};
+
+/* This template will need to add POPOSigningKeyInput eventually, maybe*/
+static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) },
+ { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(CRMFPOPOSigningKey, derInput),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(CRMFPOPOSigningKey, algorithmIdentifier),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN,
+ offsetof(CRMFPOPOSigningKey, signature),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ 0,
+ crmfPOPOSigningKeyTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFThisMessageTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ 0,
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ 0,
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFDHMACTemplate[] = {
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ 0,
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ 0,
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3,
+ 0,
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFEncryptedValueTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
+ SEC_ASN1_XTRN | 0,
+ offsetof(CRMFEncryptedValue, intendedAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
+ SEC_ASN1_XTRN | 1,
+ offsetof(CRMFEncryptedValue, symmAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
+ SEC_ASN1_XTRN | 2,
+ offsetof(CRMFEncryptedValue, encSymmKey),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
+ SEC_ASN1_XTRN | 3,
+ offsetof(CRMFEncryptedValue, keyAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 4,
+ offsetof(CRMFEncryptedValue, valueHint),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate) },
+ { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ 0,
+ CRMFEncryptedValueTemplate },
+ { 0 }
+};
diff --git a/security/nss/lib/crmf/encutil.c b/security/nss/lib/crmf/encutil.c
new file mode 100644
index 000000000..8ca7007b6
--- /dev/null
+++ b/security/nss/lib/crmf/encutil.c
@@ -0,0 +1,33 @@
+/* -*- Mode: C; tab-width: 8 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secasn1.h"
+#include "crmf.h"
+#include "crmfi.h"
+
+void
+crmf_encoder_out(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ struct crmfEncoderOutput *output;
+
+ output = (struct crmfEncoderOutput *)arg;
+ output->fn(output->outputArg, buf, len);
+}
+
+SECStatus
+cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
+ const SEC_ASN1Template *inTemplate)
+{
+ struct crmfEncoderOutput output;
+
+ PORT_Assert(src != NULL);
+ if (src == NULL) {
+ return SECFailure;
+ }
+ output.fn = inCallback;
+ output.outputArg = inArg;
+ return SEC_ASN1Encode(src, inTemplate, crmf_encoder_out, &output);
+}
diff --git a/security/nss/lib/crmf/exports.gyp b/security/nss/lib/crmf/exports.gyp
new file mode 100644
index 000000000..fca009756
--- /dev/null
+++ b/security/nss/lib/crmf/exports.gyp
@@ -0,0 +1,37 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_crmf_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'cmmf.h',
+ 'cmmft.h',
+ 'crmf.h',
+ 'crmft.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'cmmfi.h',
+ 'cmmfit.h',
+ 'crmfi.h',
+ 'crmfit.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/crmf/manifest.mn b/security/nss/lib/crmf/manifest.mn
new file mode 100644
index 000000000..9f177b9ca
--- /dev/null
+++ b/security/nss/lib/crmf/manifest.mn
@@ -0,0 +1,46 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+MODULE = nss
+
+EXPORTS = \
+ crmf.h \
+ crmft.h \
+ cmmf.h \
+ cmmft.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ crmfi.h \
+ crmfit.h \
+ cmmfi.h \
+ cmmfit.h \
+ $(NULL)
+
+CSRCS = crmfenc.c \
+ crmftmpl.c \
+ crmfreq.c \
+ crmfpop.c \
+ crmfdec.c \
+ crmfget.c \
+ crmfcont.c \
+ cmmfasn1.c \
+ cmmfresp.c \
+ cmmfrec.c \
+ cmmfchal.c \
+ servget.c \
+ encutil.c \
+ respcli.c \
+ respcmn.c \
+ challcli.c \
+ asn1cmn.c \
+ $(NULL)
+
+LIBRARY_NAME = crmf
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/crmf/respcli.c b/security/nss/lib/crmf/respcli.c
new file mode 100644
index 000000000..aaec0136f
--- /dev/null
+++ b/security/nss/lib/crmf/respcli.c
@@ -0,0 +1,136 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * This file will contain all routines needed by a client that has
+ * to parse a CMMFCertRepContent structure and retirieve the appropriate
+ * data.
+ */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "crmf.h"
+#include "crmfi.h"
+#include "secitem.h"
+#include "secder.h"
+#include "secasn1.h"
+
+CMMFCertRepContent *
+CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db, const char *buf,
+ long len)
+{
+ PLArenaPool *poolp;
+ CMMFCertRepContent *certRepContent;
+ SECStatus rv;
+ int i;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ certRepContent = PORT_ArenaZNew(poolp, CMMFCertRepContent);
+ if (certRepContent == NULL) {
+ goto loser;
+ }
+ certRepContent->poolp = poolp;
+ rv = SEC_ASN1Decode(poolp, certRepContent, CMMFCertRepContentTemplate,
+ buf, len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (certRepContent->response != NULL) {
+ for (i = 0; certRepContent->response[i] != NULL; i++) {
+ rv = cmmf_decode_process_cert_response(poolp, db,
+ certRepContent->response[i]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ }
+ certRepContent->isDecoded = PR_TRUE;
+ return certRepContent;
+loser:
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+}
+
+long
+CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp)
+{
+ PORT_Assert(inCertResp != NULL);
+ if (inCertResp == NULL) {
+ return -1;
+ }
+ return DER_GetInteger(&inCertResp->certReqId);
+}
+
+PRBool
+cmmf_CertRepContentIsIndexValid(CMMFCertRepContent *inCertRepContent,
+ int inIndex)
+{
+ int numResponses;
+
+ PORT_Assert(inCertRepContent != NULL);
+ numResponses = CMMF_CertRepContentGetNumResponses(inCertRepContent);
+ return (PRBool)(inIndex >= 0 && inIndex < numResponses);
+}
+
+CMMFCertResponse *
+CMMF_CertRepContentGetResponseAtIndex(CMMFCertRepContent *inCertRepContent,
+ int inIndex)
+{
+ CMMFCertResponse *certResponse;
+ SECStatus rv;
+
+ PORT_Assert(inCertRepContent != NULL &&
+ cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex));
+ if (inCertRepContent == NULL ||
+ !cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex)) {
+ return NULL;
+ }
+ certResponse = PORT_ZNew(CMMFCertResponse);
+ if (certResponse) {
+ rv = cmmf_CopyCertResponse(NULL, certResponse,
+ inCertRepContent->response[inIndex]);
+ if (rv != SECSuccess) {
+ CMMF_DestroyCertResponse(certResponse);
+ certResponse = NULL;
+ }
+ }
+ return certResponse;
+}
+
+CMMFPKIStatus
+CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp)
+{
+ PORT_Assert(inCertResp != NULL);
+ if (inCertResp == NULL) {
+ return cmmfNoPKIStatus;
+ }
+ return cmmf_PKIStatusInfoGetStatus(&inCertResp->status);
+}
+
+CERTCertificate *
+CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
+ CERTCertDBHandle *inCertdb)
+{
+ PORT_Assert(inCertResp != NULL);
+ if (inCertResp == NULL || inCertResp->certifiedKeyPair == NULL) {
+ return NULL;
+ }
+
+ return cmmf_CertOrEncCertGetCertificate(
+ &inCertResp->certifiedKeyPair->certOrEncCert, inCertdb);
+}
+
+CERTCertList *
+CMMF_CertRepContentGetCAPubs(CMMFCertRepContent *inCertRepContent)
+{
+ PORT_Assert(inCertRepContent != NULL);
+ if (inCertRepContent == NULL || inCertRepContent->caPubs == NULL) {
+ return NULL;
+ }
+ return cmmf_MakeCertList(inCertRepContent->caPubs);
+}
diff --git a/security/nss/lib/crmf/respcmn.c b/security/nss/lib/crmf/respcmn.c
new file mode 100644
index 000000000..f9e4155a3
--- /dev/null
+++ b/security/nss/lib/crmf/respcmn.c
@@ -0,0 +1,399 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "secitem.h"
+#include "secder.h"
+
+SECStatus
+cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info, PRBool freeit)
+{
+ if (info->status.data != NULL) {
+ PORT_Free(info->status.data);
+ info->status.data = NULL;
+ }
+ if (info->statusString.data != NULL) {
+ PORT_Free(info->statusString.data);
+ info->statusString.data = NULL;
+ }
+ if (info->failInfo.data != NULL) {
+ PORT_Free(info->failInfo.data);
+ info->failInfo.data = NULL;
+ }
+ if (freeit) {
+ PORT_Free(info);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
+{
+ PORT_Assert(inCertResp != NULL);
+ if (inCertResp != NULL) {
+ if (inCertResp->certReqId.data != NULL) {
+ PORT_Free(inCertResp->certReqId.data);
+ }
+ cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
+ if (inCertResp->certifiedKeyPair != NULL) {
+ CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
+ }
+ PORT_Free(inCertResp);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
+{
+ PORT_Assert(inCertRepContent != NULL);
+ if (inCertRepContent != NULL) {
+ CMMFCertResponse **pResponse = inCertRepContent->response;
+ if (pResponse != NULL) {
+ for (; *pResponse != NULL; pResponse++) {
+ CMMFCertifiedKeyPair *certKeyPair = (*pResponse)->certifiedKeyPair;
+ /* XXX Why not call CMMF_DestroyCertifiedKeyPair or
+ ** XXX cmmf_DestroyCertOrEncCert ?
+ */
+ if (certKeyPair != NULL &&
+ certKeyPair->certOrEncCert.choice == cmmfCertificate &&
+ certKeyPair->certOrEncCert.cert.certificate != NULL) {
+ CERT_DestroyCertificate(certKeyPair->certOrEncCert.cert.certificate);
+ certKeyPair->certOrEncCert.cert.certificate = NULL;
+ }
+ }
+ }
+ if (inCertRepContent->caPubs) {
+ CERTCertificate **caPubs = inCertRepContent->caPubs;
+ for (; *caPubs; ++caPubs) {
+ CERT_DestroyCertificate(*caPubs);
+ *caPubs = NULL;
+ }
+ }
+ if (inCertRepContent->poolp != NULL) {
+ PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
+{
+ PORT_Assert(inDecKeyCont != NULL);
+ if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
+ PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+crmf_create_prtime(SECItem *src, PRTime **dest)
+{
+ *dest = PORT_ZNew(PRTime);
+ return DER_DecodeTimeChoice(*dest, src);
+}
+
+CRMFCertExtension *
+crmf_copy_cert_extension(PLArenaPool *poolp, CRMFCertExtension *inExtension)
+{
+ PRBool isCritical;
+ SECOidTag id;
+ SECItem *data;
+ CRMFCertExtension *newExt;
+
+ PORT_Assert(inExtension != NULL);
+ if (inExtension == NULL) {
+ return NULL;
+ }
+ id = CRMF_CertExtensionGetOidTag(inExtension);
+ isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
+ data = CRMF_CertExtensionGetValue(inExtension);
+ newExt = crmf_create_cert_extension(poolp, id,
+ isCritical,
+ data);
+ SECITEM_FreeItem(data, PR_TRUE);
+ return newExt;
+}
+
+static SECItem *
+cmmf_encode_certificate(CERTCertificate *inCert)
+{
+ return SEC_ASN1EncodeItem(NULL, NULL, inCert,
+ SEC_ASN1_GET(SEC_SignedCertificateTemplate));
+}
+
+CERTCertList *
+cmmf_MakeCertList(CERTCertificate **inCerts)
+{
+ CERTCertList *certList;
+ CERTCertificate *currCert;
+ SECItem *derCert, *freeCert = NULL;
+ SECStatus rv;
+ int i;
+
+ certList = CERT_NewCertList();
+ if (certList == NULL) {
+ return NULL;
+ }
+ for (i = 0; inCerts[i] != NULL; i++) {
+ derCert = &inCerts[i]->derCert;
+ if (derCert->data == NULL) {
+ derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
+ }
+ currCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ derCert, NULL, PR_FALSE, PR_TRUE);
+ if (freeCert != NULL) {
+ SECITEM_FreeItem(freeCert, PR_TRUE);
+ freeCert = NULL;
+ }
+ if (currCert == NULL) {
+ goto loser;
+ }
+ rv = CERT_AddCertToListTail(certList, currCert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ return certList;
+loser:
+ CERT_DestroyCertList(certList);
+ return NULL;
+}
+
+CMMFPKIStatus
+cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
+{
+ long derVal;
+
+ derVal = DER_GetInteger(&inStatus->status);
+ if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
+ return cmmfNoPKIStatus;
+ }
+ return (CMMFPKIStatus)derVal;
+}
+
+int
+CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
+{
+ int numResponses = 0;
+ PORT_Assert(inCertRepContent != NULL);
+ if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
+ while (inCertRepContent->response[numResponses] != NULL) {
+ numResponses++;
+ }
+ }
+ return numResponses;
+}
+
+SECStatus
+cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
+{
+ switch (certOrEncCert->choice) {
+ case cmmfCertificate:
+ CERT_DestroyCertificate(certOrEncCert->cert.certificate);
+ certOrEncCert->cert.certificate = NULL;
+ break;
+ case cmmfEncryptedCert:
+ crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
+ PR_TRUE);
+ certOrEncCert->cert.encryptedCert = NULL;
+ break;
+ default:
+ break;
+ }
+ if (freeit) {
+ PORT_Free(certOrEncCert);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+cmmf_copy_secitem(PLArenaPool *poolp, SECItem *dest, SECItem *src)
+{
+ SECStatus rv;
+
+ if (src->data != NULL) {
+ rv = SECITEM_CopyItem(poolp, dest, src);
+ } else {
+ dest->data = NULL;
+ dest->len = 0;
+ rv = SECSuccess;
+ }
+ return rv;
+}
+
+SECStatus
+CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
+{
+ PORT_Assert(inCertKeyPair != NULL);
+ if (inCertKeyPair != NULL) {
+ cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
+ if (inCertKeyPair->privateKey) {
+ crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
+ }
+ if (inCertKeyPair->derPublicationInfo.data) {
+ PORT_Free(inCertKeyPair->derPublicationInfo.data);
+ }
+ PORT_Free(inCertKeyPair);
+ }
+ return SECSuccess;
+}
+
+SECStatus
+cmmf_CopyCertResponse(PLArenaPool *poolp,
+ CMMFCertResponse *dest,
+ CMMFCertResponse *src)
+{
+ SECStatus rv;
+
+ if (src->certReqId.data != NULL) {
+ rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (src->certifiedKeyPair != NULL) {
+ CMMFCertifiedKeyPair *destKeyPair;
+
+ destKeyPair = (poolp == NULL) ? PORT_ZNew(CMMFCertifiedKeyPair) : PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
+ if (!destKeyPair) {
+ return SECFailure;
+ }
+ rv = cmmf_CopyCertifiedKeyPair(poolp, destKeyPair,
+ src->certifiedKeyPair);
+ if (rv != SECSuccess) {
+ if (!poolp) {
+ CMMF_DestroyCertifiedKeyPair(destKeyPair);
+ }
+ return rv;
+ }
+ dest->certifiedKeyPair = destKeyPair;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+cmmf_CopyCertOrEncCert(PLArenaPool *poolp, CMMFCertOrEncCert *dest,
+ CMMFCertOrEncCert *src)
+{
+ SECStatus rv = SECSuccess;
+ CRMFEncryptedValue *encVal;
+
+ dest->choice = src->choice;
+ rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
+ switch (src->choice) {
+ case cmmfCertificate:
+ dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
+ break;
+ case cmmfEncryptedCert:
+ encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) : PORT_ArenaZNew(poolp, CRMFEncryptedValue);
+ if (encVal == NULL) {
+ return SECFailure;
+ }
+ rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
+ if (rv != SECSuccess) {
+ if (!poolp) {
+ crmf_destroy_encrypted_value(encVal, PR_TRUE);
+ }
+ return rv;
+ }
+ dest->cert.encryptedCert = encVal;
+ break;
+ default:
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+SECStatus
+cmmf_CopyCertifiedKeyPair(PLArenaPool *poolp, CMMFCertifiedKeyPair *dest,
+ CMMFCertifiedKeyPair *src)
+{
+ SECStatus rv;
+
+ rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert,
+ &src->certOrEncCert);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ if (src->privateKey != NULL) {
+ CRMFEncryptedValue *encVal;
+
+ encVal = (poolp == NULL) ? PORT_ZNew(CRMFEncryptedValue) : PORT_ArenaZNew(poolp, CRMFEncryptedValue);
+ if (encVal == NULL) {
+ return SECFailure;
+ }
+ rv = crmf_copy_encryptedvalue(poolp, src->privateKey,
+ encVal);
+ if (rv != SECSuccess) {
+ if (!poolp) {
+ crmf_destroy_encrypted_value(encVal, PR_TRUE);
+ }
+ return rv;
+ }
+ dest->privateKey = encVal;
+ }
+ rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo,
+ &src->derPublicationInfo);
+ return rv;
+}
+
+SECStatus
+cmmf_CopyPKIStatusInfo(PLArenaPool *poolp, CMMFPKIStatusInfo *dest,
+ CMMFPKIStatusInfo *src)
+{
+ SECStatus rv;
+
+ rv = cmmf_copy_secitem(poolp, &dest->status, &src->status);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ rv = cmmf_copy_secitem(poolp, &dest->statusString, &src->statusString);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ rv = cmmf_copy_secitem(poolp, &dest->failInfo, &src->failInfo);
+ return rv;
+}
+
+CERTCertificate *
+cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
+ CERTCertDBHandle *certdb)
+{
+ if (certOrEncCert->choice != cmmfCertificate ||
+ certOrEncCert->cert.certificate == NULL) {
+ return NULL;
+ }
+ return CERT_NewTempCertificate(certdb,
+ &certOrEncCert->cert.certificate->derCert,
+ NULL, PR_FALSE, PR_TRUE);
+}
+
+SECStatus
+cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
+ PLArenaPool *poolp,
+ CMMFPKIStatus inStatus)
+{
+ SECItem *dummy;
+
+ if (inStatus < cmmfGranted || inStatus >= cmmfNumPKIStatus) {
+ return SECFailure;
+ }
+
+ dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus);
+ PORT_Assert(dummy == &statusInfo->status);
+ if (dummy != &statusInfo->status) {
+ SECITEM_FreeItem(dummy, PR_TRUE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/crmf/servget.c b/security/nss/lib/crmf/servget.c
new file mode 100644
index 000000000..6d576f8f1
--- /dev/null
+++ b/security/nss/lib/crmf/servget.c
@@ -0,0 +1,974 @@
+/* -*- Mode: C; tab-width: 8 -*-*/
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cmmf.h"
+#include "cmmfi.h"
+#include "secitem.h"
+#include "keyhi.h"
+#include "secder.h"
+
+CRMFEncryptedKeyChoice
+CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey)
+{
+ PORT_Assert(inEncrKey != NULL);
+ if (inEncrKey == NULL) {
+ return crmfNoEncryptedKeyChoice;
+ }
+ return inEncrKey->encKeyChoice;
+}
+
+CRMFEncryptedValue *
+CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inEncrKey)
+{
+ CRMFEncryptedValue *newEncrValue = NULL;
+ SECStatus rv;
+
+ PORT_Assert(inEncrKey != NULL);
+ if (inEncrKey == NULL ||
+ CRMF_EncryptedKeyGetChoice(inEncrKey) != crmfEncryptedValueChoice) {
+ goto loser;
+ }
+ newEncrValue = PORT_ZNew(CRMFEncryptedValue);
+ if (newEncrValue == NULL) {
+ goto loser;
+ }
+ rv = crmf_copy_encryptedvalue(NULL, &inEncrKey->value.encryptedValue,
+ newEncrValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newEncrValue;
+loser:
+ if (newEncrValue != NULL) {
+ CRMF_DestroyEncryptedValue(newEncrValue);
+ }
+ return NULL;
+}
+
+static SECItem *
+crmf_get_encvalue_bitstring(SECItem *srcItem)
+{
+ SECItem *newItem = NULL;
+ SECStatus rv;
+
+ if (srcItem->data == NULL) {
+ return NULL;
+ }
+ newItem = PORT_ZNew(SECItem);
+ if (newItem == NULL) {
+ goto loser;
+ }
+ rv = crmf_make_bitstring_copy(NULL, newItem, srcItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newItem;
+loser:
+ if (newItem != NULL) {
+ SECITEM_FreeItem(newItem, PR_TRUE);
+ }
+ return NULL;
+}
+
+SECItem *
+CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue)
+{
+ if (inEncValue == NULL) {
+ return NULL;
+ }
+ return crmf_get_encvalue_bitstring(&inEncValue->encSymmKey);
+}
+
+SECItem *
+CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncrValue)
+{
+ if (inEncrValue == NULL || inEncrValue->encValue.data == NULL) {
+ return NULL;
+ }
+ return crmf_get_encvalue_bitstring(&inEncrValue->encValue);
+}
+
+static SECAlgorithmID *
+crmf_get_encvalue_algid(SECAlgorithmID *srcAlg)
+{
+ SECStatus rv;
+ SECAlgorithmID *newAlgID;
+
+ if (srcAlg == NULL) {
+ return NULL;
+ }
+ rv = crmf_copy_encryptedvalue_secalg(NULL, srcAlg, &newAlgID);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ return newAlgID;
+}
+
+SECAlgorithmID *
+CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue)
+{
+ if (inEncValue == NULL) {
+ return NULL;
+ }
+ return crmf_get_encvalue_algid(inEncValue->intendedAlg);
+}
+
+SECAlgorithmID *
+CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue)
+{
+ if (inEncValue == NULL) {
+ return NULL;
+ }
+ return crmf_get_encvalue_algid(inEncValue->keyAlg);
+}
+
+SECAlgorithmID *
+CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue)
+{
+ if (inEncValue == NULL) {
+ return NULL;
+ }
+ return crmf_get_encvalue_algid(inEncValue->symmAlg);
+}
+
+SECItem *
+CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue)
+{
+ if (inEncValue == NULL || inEncValue->valueHint.data == NULL) {
+ return NULL;
+ }
+ return SECITEM_DupItem(&inEncValue->valueHint);
+}
+
+SECStatus
+CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
+ PRBool *destVal)
+{
+ if (inOpt == NULL || destVal == NULL ||
+ CRMF_PKIArchiveOptionsGetOptionType(inOpt) != crmfArchiveRemGenPrivKey) {
+ return SECFailure;
+ }
+ *destVal = (inOpt->option.archiveRemGenPrivKey.data[0] == hexFalse)
+ ? PR_FALSE
+ : PR_TRUE;
+ return SECSuccess;
+}
+
+CRMFEncryptedKey *
+CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts)
+{
+ CRMFEncryptedKey *newEncrKey = NULL;
+ SECStatus rv;
+
+ PORT_Assert(inOpts != NULL);
+ if (inOpts == NULL ||
+ CRMF_PKIArchiveOptionsGetOptionType(inOpts) != crmfEncryptedPrivateKey) {
+ return NULL;
+ }
+ newEncrKey = PORT_ZNew(CRMFEncryptedKey);
+ if (newEncrKey == NULL) {
+ goto loser;
+ }
+ rv = crmf_copy_encryptedkey(NULL, &inOpts->option.encryptedKey,
+ newEncrKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newEncrKey;
+loser:
+ if (newEncrKey != NULL) {
+ CRMF_DestroyEncryptedKey(newEncrKey);
+ }
+ return NULL;
+}
+
+SECItem *
+CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions)
+{
+ if (inOptions == NULL ||
+ CRMF_PKIArchiveOptionsGetOptionType(inOptions) != crmfKeyGenParameters ||
+ inOptions->option.keyGenParameters.data == NULL) {
+ return NULL;
+ }
+ return SECITEM_DupItem(&inOptions->option.keyGenParameters);
+}
+
+CRMFPKIArchiveOptionsType
+CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions)
+{
+ PORT_Assert(inOptions != NULL);
+ if (inOptions == NULL) {
+ return crmfNoArchiveOptions;
+ }
+ return inOptions->archOption;
+}
+
+static SECStatus
+crmf_extract_long_from_item(SECItem *intItem, long *destLong)
+{
+ *destLong = DER_GetInteger(intItem);
+ return (*destLong == -1) ? SECFailure : SECSuccess;
+}
+
+SECStatus
+CRMF_POPOPrivGetKeySubseqMess(CRMFPOPOPrivKey *inKey,
+ CRMFSubseqMessOptions *destOpt)
+{
+ long value;
+ SECStatus rv;
+
+ PORT_Assert(inKey != NULL);
+ if (inKey == NULL ||
+ inKey->messageChoice != crmfSubsequentMessage) {
+ return SECFailure;
+ }
+ rv = crmf_extract_long_from_item(&inKey->message.subsequentMessage, &value);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ switch (value) {
+ case 0:
+ *destOpt = crmfEncrCert;
+ break;
+ case 1:
+ *destOpt = crmfChallengeResp;
+ break;
+ default:
+ rv = SECFailure;
+ }
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return SECSuccess;
+}
+
+CRMFPOPOPrivKeyChoice
+CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inPrivKey)
+{
+ PORT_Assert(inPrivKey != NULL);
+ if (inPrivKey != NULL) {
+ return inPrivKey->messageChoice;
+ }
+ return crmfNoMessage;
+}
+
+SECStatus
+CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey, SECItem *destMAC)
+{
+ PORT_Assert(inKey != NULL);
+ if (inKey == NULL || inKey->message.dhMAC.data == NULL) {
+ return SECFailure;
+ }
+ return crmf_make_bitstring_copy(NULL, destMAC, &inKey->message.dhMAC);
+}
+
+SECStatus
+CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
+ SECItem *destString)
+{
+ PORT_Assert(inKey != NULL);
+ if (inKey == NULL ||
+ inKey->messageChoice != crmfThisMessage) {
+ return SECFailure;
+ }
+
+ return crmf_make_bitstring_copy(NULL, destString,
+ &inKey->message.thisMessage);
+}
+
+SECAlgorithmID *
+CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey)
+{
+ SECAlgorithmID *newAlgId = NULL;
+ SECStatus rv;
+
+ PORT_Assert(inSignKey != NULL);
+ if (inSignKey == NULL) {
+ return NULL;
+ }
+ newAlgId = PORT_ZNew(SECAlgorithmID);
+ if (newAlgId == NULL) {
+ goto loser;
+ }
+ rv = SECOID_CopyAlgorithmID(NULL, newAlgId,
+ inSignKey->algorithmIdentifier);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newAlgId;
+
+loser:
+ if (newAlgId != NULL) {
+ SECOID_DestroyAlgorithmID(newAlgId, PR_TRUE);
+ }
+ return NULL;
+}
+
+SECItem *
+CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey)
+{
+ PORT_Assert(inSignKey != NULL);
+ if (inSignKey == NULL || inSignKey->derInput.data == NULL) {
+ return NULL;
+ }
+ return SECITEM_DupItem(&inSignKey->derInput);
+}
+
+SECItem *
+CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey)
+{
+ SECItem *newSig = NULL;
+ SECStatus rv;
+
+ PORT_Assert(inSignKey != NULL);
+ if (inSignKey == NULL) {
+ return NULL;
+ }
+ newSig = PORT_ZNew(SECItem);
+ if (newSig == NULL) {
+ goto loser;
+ }
+ rv = crmf_make_bitstring_copy(NULL, newSig, &inSignKey->signature);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newSig;
+loser:
+ if (newSig != NULL) {
+ SECITEM_FreeItem(newSig, PR_TRUE);
+ }
+ return NULL;
+}
+
+static SECStatus
+crmf_copy_poposigningkey(PLArenaPool *poolp,
+ CRMFPOPOSigningKey *inPopoSignKey,
+ CRMFPOPOSigningKey *destPopoSignKey)
+{
+ SECStatus rv;
+
+ /* We don't support use of the POPOSigningKeyInput, so we'll only
+ * store away the DER encoding.
+ */
+ if (inPopoSignKey->derInput.data != NULL) {
+ rv = SECITEM_CopyItem(poolp, &destPopoSignKey->derInput,
+ &inPopoSignKey->derInput);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ destPopoSignKey->algorithmIdentifier = (poolp == NULL) ? PORT_ZNew(SECAlgorithmID)
+ : PORT_ArenaZNew(poolp, SECAlgorithmID);
+
+ if (destPopoSignKey->algorithmIdentifier == NULL) {
+ goto loser;
+ }
+ rv = SECOID_CopyAlgorithmID(poolp, destPopoSignKey->algorithmIdentifier,
+ inPopoSignKey->algorithmIdentifier);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = crmf_make_bitstring_copy(poolp, &destPopoSignKey->signature,
+ &inPopoSignKey->signature);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return SECSuccess;
+loser:
+ if (poolp == NULL) {
+ CRMF_DestroyPOPOSigningKey(destPopoSignKey);
+ }
+ return SECFailure;
+}
+
+static SECStatus
+crmf_copy_popoprivkey(PLArenaPool *poolp,
+ CRMFPOPOPrivKey *srcPrivKey,
+ CRMFPOPOPrivKey *destPrivKey)
+{
+ SECStatus rv;
+
+ destPrivKey->messageChoice = srcPrivKey->messageChoice;
+ switch (destPrivKey->messageChoice) {
+ case crmfThisMessage:
+ case crmfDHMAC:
+ /* I've got a union, so taking the address of one, will also give
+ * me a pointer to the other (eg, message.dhMAC)
+ */
+ rv = crmf_make_bitstring_copy(poolp, &destPrivKey->message.thisMessage,
+ &srcPrivKey->message.thisMessage);
+ break;
+ case crmfSubsequentMessage:
+ rv = SECITEM_CopyItem(poolp, &destPrivKey->message.subsequentMessage,
+ &srcPrivKey->message.subsequentMessage);
+ break;
+ default:
+ rv = SECFailure;
+ }
+
+ if (rv != SECSuccess && poolp == NULL) {
+ CRMF_DestroyPOPOPrivKey(destPrivKey);
+ }
+ return rv;
+}
+
+static CRMFProofOfPossession *
+crmf_copy_pop(PLArenaPool *poolp, CRMFProofOfPossession *srcPOP)
+{
+ CRMFProofOfPossession *newPOP;
+ SECStatus rv;
+
+ /*
+ * Proof Of Possession structures are always part of the Request
+ * message, so there will always be an arena for allocating memory.
+ */
+ if (poolp == NULL) {
+ return NULL;
+ }
+ newPOP = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
+ if (newPOP == NULL) {
+ return NULL;
+ }
+ switch (srcPOP->popUsed) {
+ case crmfRAVerified:
+ newPOP->popChoice.raVerified.data = NULL;
+ newPOP->popChoice.raVerified.len = 0;
+ break;
+ case crmfSignature:
+ rv = crmf_copy_poposigningkey(poolp, &srcPOP->popChoice.signature,
+ &newPOP->popChoice.signature);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ break;
+ case crmfKeyEncipherment:
+ case crmfKeyAgreement:
+ /* We've got a union, so a pointer to one, is a pointer to the
+ * other one.
+ */
+ rv = crmf_copy_popoprivkey(poolp, &srcPOP->popChoice.keyEncipherment,
+ &newPOP->popChoice.keyEncipherment);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ break;
+ default:
+ goto loser;
+ }
+ newPOP->popUsed = srcPOP->popUsed;
+ return newPOP;
+
+loser:
+ return NULL;
+}
+
+static CRMFCertReqMsg *
+crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg)
+{
+ CRMFCertReqMsg *newReqMsg;
+ PLArenaPool *poolp;
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ return NULL;
+ }
+ newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
+ if (newReqMsg == NULL) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ return NULL;
+ }
+
+ newReqMsg->poolp = poolp;
+ newReqMsg->certReq = crmf_copy_cert_request(poolp, srcReqMsg->certReq);
+ if (newReqMsg->certReq == NULL) {
+ goto loser;
+ }
+ newReqMsg->pop = crmf_copy_pop(poolp, srcReqMsg->pop);
+ if (newReqMsg->pop == NULL) {
+ goto loser;
+ }
+ /* None of my set/get routines operate on the regInfo field, so
+ * for now, that won't get copied over.
+ */
+ return newReqMsg;
+
+loser:
+ CRMF_DestroyCertReqMsg(newReqMsg);
+ return NULL;
+}
+
+CRMFCertReqMsg *
+CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
+ int index)
+{
+ int numMsgs;
+
+ PORT_Assert(inReqMsgs != NULL && index >= 0);
+ if (inReqMsgs == NULL) {
+ return NULL;
+ }
+ numMsgs = CRMF_CertReqMessagesGetNumMessages(inReqMsgs);
+ if (index < 0 || index >= numMsgs) {
+ return NULL;
+ }
+ return crmf_copy_cert_req_msg(inReqMsgs->messages[index]);
+}
+
+int
+CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs)
+{
+ int numMessages = 0;
+
+ PORT_Assert(inCertReqMsgs != NULL);
+ if (inCertReqMsgs == NULL) {
+ return 0;
+ }
+ while (inCertReqMsgs->messages[numMessages] != NULL) {
+ numMessages++;
+ }
+ return numMessages;
+}
+
+CRMFCertRequest *
+CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg)
+{
+ PLArenaPool *poolp = NULL;
+ CRMFCertRequest *newCertReq = NULL;
+
+ PORT_Assert(inCertReqMsg != NULL);
+
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ goto loser;
+ }
+ newCertReq = crmf_copy_cert_request(poolp, inCertReqMsg->certReq);
+ if (newCertReq == NULL) {
+ goto loser;
+ }
+ newCertReq->poolp = poolp;
+ return newCertReq;
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECStatus
+CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg, long *destID)
+{
+ PORT_Assert(inCertReqMsg != NULL && destID != NULL);
+ if (inCertReqMsg == NULL || inCertReqMsg->certReq == NULL) {
+ return SECFailure;
+ }
+ return crmf_extract_long_from_item(&inCertReqMsg->certReq->certReqId,
+ destID);
+}
+
+SECStatus
+CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKey **destKey)
+{
+ PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
+ if (inCertReqMsg == NULL || destKey == NULL ||
+ CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyAgreement) {
+ return SECFailure;
+ }
+ *destKey = PORT_ZNew(CRMFPOPOPrivKey);
+ if (*destKey == NULL) {
+ return SECFailure;
+ }
+ return crmf_copy_popoprivkey(NULL,
+ &inCertReqMsg->pop->popChoice.keyAgreement,
+ *destKey);
+}
+
+SECStatus
+CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOPrivKey **destKey)
+{
+ PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
+ if (inCertReqMsg == NULL || destKey == NULL ||
+ CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyEncipherment) {
+ return SECFailure;
+ }
+ *destKey = PORT_ZNew(CRMFPOPOPrivKey);
+ if (*destKey == NULL) {
+ return SECFailure;
+ }
+ return crmf_copy_popoprivkey(NULL,
+ &inCertReqMsg->pop->popChoice.keyEncipherment,
+ *destKey);
+}
+
+SECStatus
+CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
+ CRMFPOPOSigningKey **destKey)
+{
+ CRMFProofOfPossession *pop;
+ PORT_Assert(inCertReqMsg != NULL);
+ if (inCertReqMsg == NULL) {
+ return SECFailure;
+ }
+ pop = inCertReqMsg->pop;
+ ;
+ if (pop->popUsed != crmfSignature) {
+ return SECFailure;
+ }
+ *destKey = PORT_ZNew(CRMFPOPOSigningKey);
+ if (*destKey == NULL) {
+ return SECFailure;
+ }
+ return crmf_copy_poposigningkey(NULL, &pop->popChoice.signature, *destKey);
+}
+
+static SECStatus
+crmf_copy_name(CERTName *destName, CERTName *srcName)
+{
+ PLArenaPool *poolp = NULL;
+ SECStatus rv;
+
+ if (destName->arena != NULL) {
+ poolp = destName->arena;
+ } else {
+ poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
+ }
+ if (poolp == NULL) {
+ return SECFailure;
+ }
+ /* Need to do this so that CERT_CopyName doesn't free out
+ * the arena from underneath us.
+ */
+ destName->arena = NULL;
+ rv = CERT_CopyName(poolp, destName, srcName);
+ destName->arena = poolp;
+ return rv;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
+ CERTName *destIssuer)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuer)) {
+ return crmf_copy_name(destIssuer,
+ inCertReq->certTemplate.issuer);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
+ SECItem *destIssuerUID)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuerUID)) {
+ return crmf_make_bitstring_copy(NULL, destIssuerUID,
+ &inCertReq->certTemplate.issuerUID);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
+ CERTSubjectPublicKeyInfo *destPublicKey)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfPublicKey)) {
+ return SECKEY_CopySubjectPublicKeyInfo(NULL, destPublicKey,
+ inCertReq->certTemplate.publicKey);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
+ long *serialNumber)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfSerialNumber)) {
+ return crmf_extract_long_from_item(&inCertReq->certTemplate.serialNumber,
+ serialNumber);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
+ SECAlgorithmID *destAlg)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfSigningAlg)) {
+ return SECOID_CopyAlgorithmID(NULL, destAlg,
+ inCertReq->certTemplate.signingAlg);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateSubject(CRMFCertRequest *inCertReq,
+ CERTName *destSubject)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfSubject)) {
+ return crmf_copy_name(destSubject, inCertReq->certTemplate.subject);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
+ SECItem *destSubjectUID)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfSubjectUID)) {
+ return crmf_make_bitstring_copy(NULL, destSubjectUID,
+ &inCertReq->certTemplate.subjectUID);
+ }
+ return SECFailure;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
+ long *version)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfVersion)) {
+ return crmf_extract_long_from_item(&inCertReq->certTemplate.version,
+ version);
+ }
+ return SECFailure;
+}
+
+static SECStatus
+crmf_copy_validity(CRMFGetValidity *destValidity,
+ CRMFOptionalValidity *src)
+{
+ SECStatus rv;
+
+ destValidity->notBefore = destValidity->notAfter = NULL;
+ if (src->notBefore.data != NULL) {
+ rv = crmf_create_prtime(&src->notBefore,
+ &destValidity->notBefore);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ if (src->notAfter.data != NULL) {
+ rv = crmf_create_prtime(&src->notAfter,
+ &destValidity->notAfter);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
+ CRMFGetValidity *destValidity)
+{
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return SECFailure;
+ }
+ if (CRMF_DoesRequestHaveField(inCertReq, crmfValidity)) {
+ return crmf_copy_validity(destValidity,
+ inCertReq->certTemplate.validity);
+ }
+ return SECFailure;
+}
+
+CRMFControl *
+CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, int index)
+{
+ CRMFControl *newControl, *srcControl;
+ int numControls;
+ SECStatus rv;
+
+ PORT_Assert(inCertReq != NULL);
+ if (inCertReq == NULL) {
+ return NULL;
+ }
+ numControls = CRMF_CertRequestGetNumControls(inCertReq);
+ if (index >= numControls || index < 0) {
+ return NULL;
+ }
+ newControl = PORT_ZNew(CRMFControl);
+ if (newControl == NULL) {
+ return NULL;
+ }
+ srcControl = inCertReq->controls[index];
+ newControl->tag = srcControl->tag;
+ rv = SECITEM_CopyItem(NULL, &newControl->derTag, &srcControl->derTag);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(NULL, &newControl->derValue,
+ &srcControl->derValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* Copy over the PKIArchiveOptions stuff */
+ switch (srcControl->tag) {
+ case SEC_OID_PKIX_REGCTRL_REGTOKEN:
+ case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
+ /* No further processing necessary for these types. */
+ rv = SECSuccess;
+ break;
+ case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
+ case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
+ case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
+ /* These aren't supported yet, so no post-processing will
+ * be done at this time. But we don't want to fail in case
+ * we read in DER that has one of these options.
+ */
+ rv = SECSuccess;
+ break;
+ case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
+ rv = crmf_copy_pkiarchiveoptions(NULL,
+ &newControl->value.archiveOptions,
+ &srcControl->value.archiveOptions);
+ break;
+ default:
+ rv = SECFailure;
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return newControl;
+loser:
+ CRMF_DestroyControl(newControl);
+ return NULL;
+}
+
+static SECItem *
+crmf_copy_control_value(CRMFControl *inControl)
+{
+ return SECITEM_DupItem(&inControl->derValue);
+}
+
+SECItem *
+CRMF_ControlGetAuthenticatorControlValue(CRMFControl *inControl)
+{
+ PORT_Assert(inControl != NULL);
+ if (inControl == NULL ||
+ CRMF_ControlGetControlType(inControl) != crmfAuthenticatorControl) {
+ return NULL;
+ }
+ return crmf_copy_control_value(inControl);
+}
+
+CRMFControlType
+CRMF_ControlGetControlType(CRMFControl *inControl)
+{
+ CRMFControlType retType;
+
+ PORT_Assert(inControl != NULL);
+ switch (inControl->tag) {
+ case SEC_OID_PKIX_REGCTRL_REGTOKEN:
+ retType = crmfRegTokenControl;
+ break;
+ case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
+ retType = crmfAuthenticatorControl;
+ break;
+ case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
+ retType = crmfPKIPublicationInfoControl;
+ break;
+ case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
+ retType = crmfPKIArchiveOptionsControl;
+ break;
+ case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
+ retType = crmfOldCertIDControl;
+ break;
+ case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
+ retType = crmfProtocolEncrKeyControl;
+ break;
+ default:
+ retType = crmfNoControl;
+ }
+ return retType;
+}
+
+CRMFPKIArchiveOptions *
+CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl)
+{
+ CRMFPKIArchiveOptions *newOpt = NULL;
+ SECStatus rv;
+
+ PORT_Assert(inControl != NULL);
+ if (inControl == NULL ||
+ CRMF_ControlGetControlType(inControl) != crmfPKIArchiveOptionsControl) {
+ goto loser;
+ }
+ newOpt = PORT_ZNew(CRMFPKIArchiveOptions);
+ if (newOpt == NULL) {
+ goto loser;
+ }
+ rv = crmf_copy_pkiarchiveoptions(NULL, newOpt,
+ &inControl->value.archiveOptions);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+loser:
+ if (newOpt != NULL) {
+ CRMF_DestroyPKIArchiveOptions(newOpt);
+ }
+ return NULL;
+}
+
+SECItem *
+CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl)
+{
+ PORT_Assert(inControl != NULL);
+ if (inControl == NULL ||
+ CRMF_ControlGetControlType(inControl) != crmfRegTokenControl) {
+ return NULL;
+ }
+ return crmf_copy_control_value(inControl);
+ ;
+}
+
+CRMFCertExtension *
+CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
+ int index)
+{
+ int numExtensions;
+
+ PORT_Assert(inCertReq != NULL);
+ numExtensions = CRMF_CertRequestGetNumberOfExtensions(inCertReq);
+ if (index >= numExtensions || index < 0) {
+ return NULL;
+ }
+ return crmf_copy_cert_extension(NULL,
+ inCertReq->certTemplate.extensions[index]);
+}
diff --git a/security/nss/lib/cryptohi/Makefile b/security/nss/lib/cryptohi/Makefile
new file mode 100644
index 000000000..71ae761e4
--- /dev/null
+++ b/security/nss/lib/cryptohi/Makefile
@@ -0,0 +1,49 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+-include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+export:: private_export
+
diff --git a/security/nss/lib/cryptohi/config.mk b/security/nss/lib/cryptohi/config.mk
new file mode 100644
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/cryptohi/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/cryptohi/cryptohi.gyp b/security/nss/lib/cryptohi/cryptohi.gyp
new file mode 100644
index 000000000..ef9e63fbf
--- /dev/null
+++ b/security/nss/lib/cryptohi/cryptohi.gyp
@@ -0,0 +1,27 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'cryptohi',
+ 'type': 'static_library',
+ 'sources': [
+ 'dsautil.c',
+ 'sechash.c',
+ 'seckey.c',
+ 'secsign.c',
+ 'secvfy.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/cryptohi/cryptohi.h b/security/nss/lib/cryptohi/cryptohi.h
new file mode 100644
index 000000000..f658daa9e
--- /dev/null
+++ b/security/nss/lib/cryptohi/cryptohi.h
@@ -0,0 +1,364 @@
+/*
+ * cryptohi.h - public prototypes for the crypto library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CRYPTOHI_H_
+#define _CRYPTOHI_H_
+
+#include "blapit.h"
+
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secdert.h"
+#include "cryptoht.h"
+#include "keyt.h"
+#include "certt.h"
+
+SEC_BEGIN_PROTOS
+
+/****************************************/
+/*
+** DER encode/decode (EC)DSA signatures
+*/
+
+/* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA1 code (and
+ * most of the rest of the world) just generates 40 bytes of raw data. These
+ * functions convert between formats.
+ */
+extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
+extern SECItem *DSAU_DecodeDerSig(const SECItem *item);
+
+/*
+ * Unlike DSA1, raw DSA2 and ECDSA signatures do not have a fixed length.
+ * Rather they contain two integers r and s whose length depends
+ * on the size of q or the EC key used for signing.
+ *
+ * We can reuse the DSAU_EncodeDerSig interface to DER encode
+ * raw ECDSA signature keeping in mind that the length of r
+ * is the same as that of s and exactly half of src->len.
+ *
+ * For decoding, we need to pass the length of the desired
+ * raw signature (twice the key size) explicitly.
+ */
+extern SECStatus DSAU_EncodeDerSigWithLen(SECItem *dest, SECItem *src,
+ unsigned int len);
+extern SECItem *DSAU_DecodeDerSigToLen(const SECItem *item, unsigned int len);
+
+/****************************************/
+/*
+** Signature creation operations
+*/
+
+/*
+** Create a new signature context used for signing a data stream.
+** "alg" the signature algorithm to use (e.g. SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION)
+** "privKey" the private key to use
+*/
+extern SGNContext *SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *privKey);
+
+/*
+** Destroy a signature-context object
+** "cx" the object
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void SGN_DestroyContext(SGNContext *cx, PRBool freeit);
+
+/*
+** Reset the signing context "cx" to its initial state, preparing it for
+** another stream of data.
+*/
+extern SECStatus SGN_Begin(SGNContext *cx);
+
+/*
+** Update the signing context with more data to sign.
+** "cx" the context
+** "input" the input data to sign
+** "inputLen" the length of the input data
+*/
+extern SECStatus SGN_Update(SGNContext *cx, const unsigned char *input,
+ unsigned int inputLen);
+
+/*
+** Finish the signature process. Use either k0 or k1 to sign the data
+** stream that was input using SGN_Update. The resulting signature is
+** formatted using PKCS#1 and then encrypted using RSA private or public
+** encryption.
+** "cx" the context
+** "result" the final signature data (memory is allocated)
+*/
+extern SECStatus SGN_End(SGNContext *cx, SECItem *result);
+
+/*
+** Sign a single block of data using private key encryption and given
+** signature/hash algorithm.
+** "result" the final signature data (memory is allocated)
+** "buf" the input data to sign
+** "len" the amount of data to sign
+** "pk" the private key to encrypt with
+** "algid" the signature/hash algorithm to sign with
+** (must be compatible with the key type).
+*/
+extern SECStatus SEC_SignData(SECItem *result,
+ const unsigned char *buf, int len,
+ SECKEYPrivateKey *pk, SECOidTag algid);
+
+/*
+** Sign a pre-digested block of data using private key encryption, encoding
+** The given signature/hash algorithm.
+** "result" the final signature data (memory is allocated)
+** "digest" the digest to sign
+** "privKey" the private key to encrypt with
+** "algtag" The algorithm tag to encode (need for RSA only)
+*/
+extern SECStatus SGN_Digest(SECKEYPrivateKey *privKey,
+ SECOidTag algtag, SECItem *result, SECItem *digest);
+
+/*
+** DER sign a single block of data using private key encryption and the
+** MD5 hashing algorithm. This routine first computes a digital signature
+** using SEC_SignData, then wraps it with an CERTSignedData and then der
+** encodes the result.
+** "arena" is the memory arena to use to allocate data from
+** "result" the final der encoded data (memory is allocated)
+** "buf" the input data to sign
+** "len" the amount of data to sign
+** "pk" the private key to encrypt with
+*/
+extern SECStatus SEC_DerSignData(PLArenaPool *arena, SECItem *result,
+ const unsigned char *buf, int len,
+ SECKEYPrivateKey *pk, SECOidTag algid);
+
+/*
+** Destroy a signed-data object.
+** "sd" the object
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void SEC_DestroySignedData(CERTSignedData *sd, PRBool freeit);
+
+/*
+** Get the signature algorithm tag number for the given key type and hash
+** algorithm tag. Returns SEC_OID_UNKNOWN if key type and hash algorithm
+** do not match or are not supported.
+*/
+extern SECOidTag SEC_GetSignatureAlgorithmOidTag(KeyType keyType,
+ SECOidTag hashAlgTag);
+
+/****************************************/
+/*
+** Signature verification operations
+*/
+
+/*
+** Create a signature verification context. This version is deprecated,
+** This function is deprecated. Use VFY_CreateContextDirect or
+** VFY_CreateContextWithAlgorithmID instead.
+** "key" the public key to verify with
+** "sig" the encrypted signature data if sig is NULL then
+** VFY_EndWithSignature must be called with the correct signature at
+** the end of the processing.
+** "sigAlg" specifies the signing algorithm to use (including the
+** hash algorthim). This must match the key type.
+** "wincx" void pointer to the window context
+*/
+extern VFYContext *VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig,
+ SECOidTag sigAlg, void *wincx);
+/*
+** Create a signature verification context.
+** "key" the public key to verify with
+** "sig" the encrypted signature data if sig is NULL then
+** VFY_EndWithSignature must be called with the correct signature at
+** the end of the processing.
+** "pubkAlg" specifies the cryptographic signing algorithm to use (the
+** raw algorithm without any hash specified. This must match the key
+** type.
+** "hashAlg" specifies the hashing algorithm used. If the key is an
+** RSA key, and sig is not NULL, then hashAlg can be SEC_OID_UNKNOWN.
+** the hash is selected from data in the sig.
+** "hash" optional pointer to return the actual hash algorithm used.
+** in practice this should always match the passed in hashAlg (the
+** exception is the case where hashAlg is SEC_OID_UNKNOWN above).
+** If this value is NULL no, hash oid is returned.
+** "wincx" void pointer to the window context
+*/
+extern VFYContext *VFY_CreateContextDirect(const SECKEYPublicKey *key,
+ const SECItem *sig,
+ SECOidTag pubkAlg,
+ SECOidTag hashAlg,
+ SECOidTag *hash, void *wincx);
+/*
+** Create a signature verification context from a algorithm ID.
+** "key" the public key to verify with
+** "sig" the encrypted signature data if sig is NULL then
+** VFY_EndWithSignature must be called with the correct signature at
+** the end of the processing.
+** "algid" specifies the signing algorithm and parameters to use.
+** This must match the key type.
+** "hash" optional pointer to return the oid of the actual hash used in
+** the signature. If this value is NULL no, hash oid is returned.
+** "wincx" void pointer to the window context
+*/
+extern VFYContext *VFY_CreateContextWithAlgorithmID(const SECKEYPublicKey *key,
+ const SECItem *sig,
+ const SECAlgorithmID *algid,
+ SECOidTag *hash,
+ void *wincx);
+
+/*
+** Destroy a verification-context object.
+** "cx" the context to destroy
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void VFY_DestroyContext(VFYContext *cx, PRBool freeit);
+
+extern SECStatus VFY_Begin(VFYContext *cx);
+
+/*
+** Update a verification context with more input data. The input data
+** is fed to a secure hash function (depending on what was in the
+** encrypted signature data).
+** "cx" the context
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus VFY_Update(VFYContext *cx, const unsigned char *input,
+ unsigned int inputLen);
+
+/*
+** Finish the verification process. The return value is a status which
+** indicates success or failure. On success, the SECSuccess value is
+** returned. Otherwise, SECFailure is returned and the error code found
+** using PORT_GetError() indicates what failure occurred.
+** "cx" the context
+*/
+extern SECStatus VFY_End(VFYContext *cx);
+
+/*
+** Finish the verification process. The return value is a status which
+** indicates success or failure. On success, the SECSuccess value is
+** returned. Otherwise, SECFailure is returned and the error code found
+** using PORT_GetError() indicates what failure occurred. If signature is
+** supplied the verification uses this signature to verify, otherwise the
+** signature passed in VFY_CreateContext() is used.
+** VFY_EndWithSignature(cx,NULL); is identical to VFY_End(cx);.
+** "cx" the context
+** "sig" the encrypted signature data
+*/
+extern SECStatus VFY_EndWithSignature(VFYContext *cx, SECItem *sig);
+
+/*
+** Verify the signature on a block of data for which we already have
+** the digest. The signature data is an RSA private key encrypted
+** block of data formatted according to PKCS#1.
+** This function is deprecated. Use VFY_VerifyDigestDirect or
+** VFY_VerifyDigestWithAlgorithmID instead.
+** "dig" the digest
+** "key" the public key to check the signature with
+** "sig" the encrypted signature data
+** "sigAlg" specifies the signing algorithm to use. This must match
+** the key type.
+** "wincx" void pointer to the window context
+**/
+extern SECStatus VFY_VerifyDigest(SECItem *dig, SECKEYPublicKey *key,
+ SECItem *sig, SECOidTag sigAlg, void *wincx);
+/*
+** Verify the signature on a block of data for which we already have
+** the digest. The signature data is an RSA private key encrypted
+** block of data formatted according to PKCS#1.
+** "dig" the digest
+** "key" the public key to check the signature with
+** "sig" the encrypted signature data
+** "pubkAlg" specifies the cryptographic signing algorithm to use (the
+** raw algorithm without any hash specified. This must match the key
+** type.
+** "hashAlg" specifies the hashing algorithm used.
+** "wincx" void pointer to the window context
+**/
+extern SECStatus VFY_VerifyDigestDirect(const SECItem *dig,
+ const SECKEYPublicKey *key,
+ const SECItem *sig, SECOidTag pubkAlg,
+ SECOidTag hashAlg, void *wincx);
+/*
+** Verify the signature on a block of data for which we already have
+** the digest. The signature data is an RSA private key encrypted
+** block of data formatted according to PKCS#1.
+** "key" the public key to verify with
+** "sig" the encrypted signature data if sig is NULL then
+** VFY_EndWithSignature must be called with the correct signature at
+** the end of the processing.
+** "algid" specifies the signing algorithm and parameters to use.
+** This must match the key type.
+** "hash" oid of the actual hash used to create digest. If this value is
+** not set to SEC_OID_UNKNOWN, it must match the hash of the signature.
+** "wincx" void pointer to the window context
+*/
+extern SECStatus VFY_VerifyDigestWithAlgorithmID(const SECItem *dig,
+ const SECKEYPublicKey *key, const SECItem *sig,
+ const SECAlgorithmID *algid, SECOidTag hash,
+ void *wincx);
+
+/*
+** Verify the signature on a block of data. The signature data is an RSA
+** private key encrypted block of data formatted according to PKCS#1.
+** This function is deprecated. Use VFY_VerifyDataDirect or
+** VFY_VerifyDataWithAlgorithmID instead.
+** "buf" the input data
+** "len" the length of the input data
+** "key" the public key to check the signature with
+** "sig" the encrypted signature data
+** "sigAlg" specifies the signing algorithm to use. This must match
+** the key type.
+** "wincx" void pointer to the window context
+*/
+extern SECStatus VFY_VerifyData(const unsigned char *buf, int len,
+ const SECKEYPublicKey *key, const SECItem *sig,
+ SECOidTag sigAlg, void *wincx);
+/*
+** Verify the signature on a block of data. The signature data is an RSA
+** private key encrypted block of data formatted according to PKCS#1.
+** "buf" the input data
+** "len" the length of the input data
+** "key" the public key to check the signature with
+** "sig" the encrypted signature data
+** "pubkAlg" specifies the cryptographic signing algorithm to use (the
+** raw algorithm without any hash specified. This must match the key
+** type.
+** "hashAlg" specifies the hashing algorithm used. If the key is an
+** RSA key, and sig is not NULL, then hashAlg can be SEC_OID_UNKNOWN.
+** the hash is selected from data in the sig.
+** "hash" optional pointer to return the actual hash algorithm used.
+** in practice this should always match the passed in hashAlg (the
+** exception is the case where hashAlg is SEC_OID_UNKNOWN above).
+** If this value is NULL no, hash oid is returned.
+** "wincx" void pointer to the window context
+*/
+extern SECStatus VFY_VerifyDataDirect(const unsigned char *buf, int len,
+ const SECKEYPublicKey *key,
+ const SECItem *sig,
+ SECOidTag pubkAlg, SECOidTag hashAlg,
+ SECOidTag *hash, void *wincx);
+
+/*
+** Verify the signature on a block of data. The signature data is an RSA
+** private key encrypted block of data formatted according to PKCS#1.
+** "buf" the input data
+** "len" the length of the input data
+** "key" the public key to check the signature with
+** "sig" the encrypted signature data
+** "algid" specifies the signing algorithm and parameters to use.
+** This must match the key type.
+** "hash" optional pointer to return the oid of the actual hash used in
+** the signature. If this value is NULL no, hash oid is returned.
+** "wincx" void pointer to the window context
+*/
+extern SECStatus VFY_VerifyDataWithAlgorithmID(const unsigned char *buf,
+ int len, const SECKEYPublicKey *key,
+ const SECItem *sig,
+ const SECAlgorithmID *algid, SECOidTag *hash,
+ void *wincx);
+
+SEC_END_PROTOS
+
+#endif /* _CRYPTOHI_H_ */
diff --git a/security/nss/lib/cryptohi/cryptoht.h b/security/nss/lib/cryptohi/cryptoht.h
new file mode 100644
index 000000000..5780bf47a
--- /dev/null
+++ b/security/nss/lib/cryptohi/cryptoht.h
@@ -0,0 +1,14 @@
+/*
+ * cryptoht.h - public data structures for the crypto library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CRYPTOHT_H_
+#define _CRYPTOHT_H_
+
+typedef struct SGNContextStr SGNContext;
+typedef struct VFYContextStr VFYContext;
+
+#endif /* _CRYPTOHT_H_ */
diff --git a/security/nss/lib/cryptohi/dsautil.c b/security/nss/lib/cryptohi/dsautil.c
new file mode 100644
index 000000000..db397dfd5
--- /dev/null
+++ b/security/nss/lib/cryptohi/dsautil.c
@@ -0,0 +1,271 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "cryptohi.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "prerr.h"
+
+#ifndef DSA1_SUBPRIME_LEN
+#define DSA1_SUBPRIME_LEN 20 /* bytes */
+#endif
+
+typedef struct {
+ SECItem r;
+ SECItem s;
+} DSA_ASN1Signature;
+
+const SEC_ASN1Template DSA_SignatureTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(DSA_ASN1Signature) },
+ { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature, r) },
+ { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature, s) },
+ { 0 }
+ };
+
+/* Input is variable length multi-byte integer, MSB first (big endian).
+** Most signficant bit of first byte is NOT treated as a sign bit.
+** May be one or more leading bytes of zeros.
+** Output is variable length multi-byte integer, MSB first (big endian).
+** Most significant bit of first byte will be zero (positive sign bit)
+** No more than one leading zero byte.
+** Caller supplies dest buffer, and assures that it is long enough,
+** e.g. at least one byte longer that src's buffer.
+*/
+void
+DSAU_ConvertUnsignedToSigned(SECItem *dest, SECItem *src)
+{
+ unsigned char *pSrc = src->data;
+ unsigned char *pDst = dest->data;
+ unsigned int cntSrc = src->len;
+
+ /* skip any leading zeros. */
+ while (cntSrc && !(*pSrc)) {
+ pSrc++;
+ cntSrc--;
+ }
+ if (!cntSrc) {
+ *pDst = 0;
+ dest->len = 1;
+ return;
+ }
+
+ if (*pSrc & 0x80)
+ *pDst++ = 0;
+
+ PORT_Memcpy(pDst, pSrc, cntSrc);
+ dest->len = (pDst - dest->data) + cntSrc;
+}
+
+/*
+** src is a buffer holding a signed variable length integer.
+** dest is a buffer which will be filled with an unsigned integer,
+** MSB first (big endian) with leading zeros, so that the last byte
+** of src will be the LSB of the integer. The result will be exactly
+** the length specified by the caller in dest->len.
+** src can be shorter than dest. src can be longer than dst, but only
+** if the extra leading bytes are zeros.
+*/
+SECStatus
+DSAU_ConvertSignedToFixedUnsigned(SECItem *dest, SECItem *src)
+{
+ unsigned char *pSrc = src->data;
+ unsigned char *pDst = dest->data;
+ unsigned int cntSrc = src->len;
+ unsigned int cntDst = dest->len;
+ int zCount = cntDst - cntSrc;
+
+ if (zCount > 0) {
+ PORT_Memset(pDst, 0, zCount);
+ PORT_Memcpy(pDst + zCount, pSrc, cntSrc);
+ return SECSuccess;
+ }
+ if (zCount <= 0) {
+ /* Source is longer than destination. Check for leading zeros. */
+ while (zCount++ < 0) {
+ if (*pSrc++ != 0)
+ goto loser;
+ }
+ }
+ PORT_Memcpy(pDst, pSrc, cntDst);
+ return SECSuccess;
+
+loser:
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+}
+
+/* src is a "raw" ECDSA or DSA signature, the first half contains r
+ * and the second half contains s. dest is the DER encoded signature.
+*/
+static SECStatus
+common_EncodeDerSig(SECItem *dest, SECItem *src)
+{
+ SECItem *item;
+ SECItem srcItem;
+ DSA_ASN1Signature sig;
+ unsigned char *signedR;
+ unsigned char *signedS;
+ unsigned int len;
+
+ /* Allocate memory with room for an extra byte that
+ * may be required if the top bit in the first byte
+ * is already set.
+ */
+ len = src->len / 2;
+ signedR = (unsigned char *)PORT_Alloc(len + 1);
+ if (!signedR)
+ return SECFailure;
+ signedS = (unsigned char *)PORT_ZAlloc(len + 1);
+ if (!signedS) {
+ if (signedR)
+ PORT_Free(signedR);
+ return SECFailure;
+ }
+
+ PORT_Memset(&sig, 0, sizeof(sig));
+
+ /* Must convert r and s from "unsigned" integers to "signed" integers.
+ ** If the high order bit of the first byte (MSB) is 1, then must
+ ** prepend with leading zero.
+ ** Must remove all but one leading zero byte from numbers.
+ */
+ sig.r.type = siUnsignedInteger;
+ sig.r.data = signedR;
+ sig.r.len = sizeof signedR;
+ sig.s.type = siUnsignedInteger;
+ sig.s.data = signedS;
+ sig.s.len = sizeof signedR;
+
+ srcItem.data = src->data;
+ srcItem.len = len;
+
+ DSAU_ConvertUnsignedToSigned(&sig.r, &srcItem);
+ srcItem.data += len;
+ DSAU_ConvertUnsignedToSigned(&sig.s, &srcItem);
+
+ item = SEC_ASN1EncodeItem(NULL, dest, &sig, DSA_SignatureTemplate);
+ if (signedR)
+ PORT_Free(signedR);
+ if (signedS)
+ PORT_Free(signedS);
+ if (item == NULL)
+ return SECFailure;
+
+ /* XXX leak item? */
+ return SECSuccess;
+}
+
+/* src is a DER-encoded ECDSA or DSA signature.
+** Returns a newly-allocated SECItem structure, pointing at a newly allocated
+** buffer containing the "raw" signature, which is len bytes of r,
+** followed by len bytes of s. For DSA, len is the length of q.
+** For ECDSA, len depends on the key size used to create the signature.
+*/
+static SECItem *
+common_DecodeDerSig(const SECItem *item, unsigned int len)
+{
+ SECItem *result = NULL;
+ SECStatus status;
+ DSA_ASN1Signature sig;
+ SECItem dst;
+
+ PORT_Memset(&sig, 0, sizeof(sig));
+
+ result = PORT_ZNew(SECItem);
+ if (result == NULL)
+ goto loser;
+
+ result->len = 2 * len;
+ result->data = (unsigned char *)PORT_Alloc(2 * len);
+ if (result->data == NULL)
+ goto loser;
+
+ sig.r.type = siUnsignedInteger;
+ sig.s.type = siUnsignedInteger;
+ status = SEC_ASN1DecodeItem(NULL, &sig, DSA_SignatureTemplate, item);
+ if (status != SECSuccess)
+ goto loser;
+
+ /* Convert sig.r and sig.s from variable length signed integers to
+ ** fixed length unsigned integers.
+ */
+ dst.data = result->data;
+ dst.len = len;
+ status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.r);
+ if (status != SECSuccess)
+ goto loser;
+
+ dst.data += len;
+ status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.s);
+ if (status != SECSuccess)
+ goto loser;
+
+done:
+ if (sig.r.data != NULL)
+ PORT_Free(sig.r.data);
+ if (sig.s.data != NULL)
+ PORT_Free(sig.s.data);
+
+ return result;
+
+loser:
+ if (result != NULL) {
+ SECITEM_FreeItem(result, PR_TRUE);
+ result = NULL;
+ }
+ goto done;
+}
+
+/* src is a "raw" DSA1 signature, 20 bytes of r followed by 20 bytes of s.
+** dest is the signature DER encoded. ?
+*/
+SECStatus
+DSAU_EncodeDerSig(SECItem *dest, SECItem *src)
+{
+ PORT_Assert(src->len == 2 * DSA1_SUBPRIME_LEN);
+ if (src->len != 2 * DSA1_SUBPRIME_LEN) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ return common_EncodeDerSig(dest, src);
+}
+
+/* src is a "raw" DSA signature of length len (len/2 bytes of r followed
+** by len/2 bytes of s). dest is the signature DER encoded.
+*/
+SECStatus
+DSAU_EncodeDerSigWithLen(SECItem *dest, SECItem *src, unsigned int len)
+{
+
+ PORT_Assert((src->len == len) && (len % 2 == 0));
+ if ((src->len != len) || (src->len % 2 != 0)) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ return common_EncodeDerSig(dest, src);
+}
+
+/* src is a DER-encoded DSA signature.
+** Returns a newly-allocated SECItem structure, pointing at a newly allocated
+** buffer containing the "raw" DSA1 signature, which is 20 bytes of r,
+** followed by 20 bytes of s.
+*/
+SECItem *
+DSAU_DecodeDerSig(const SECItem *item)
+{
+ return common_DecodeDerSig(item, DSA1_SUBPRIME_LEN);
+}
+
+/* src is a DER-encoded ECDSA signature.
+** Returns a newly-allocated SECItem structure, pointing at a newly allocated
+** buffer containing the "raw" ECDSA signature of length len containing
+** r followed by s (both padded to take up exactly len/2 bytes).
+*/
+SECItem *
+DSAU_DecodeDerSigToLen(const SECItem *item, unsigned int len)
+{
+ return common_DecodeDerSig(item, len / 2);
+}
diff --git a/security/nss/lib/cryptohi/exports.gyp b/security/nss/lib/cryptohi/exports.gyp
new file mode 100644
index 000000000..bb910592c
--- /dev/null
+++ b/security/nss/lib/cryptohi/exports.gyp
@@ -0,0 +1,37 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'variables': {
+ 'module': 'nss'
+ },
+ 'targets': [
+ {
+ 'target_name': 'lib_cryptohi_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'cryptohi.h',
+ 'cryptoht.h',
+ 'key.h',
+ 'keyhi.h',
+ 'keyt.h',
+ 'keythi.h',
+ 'sechash.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'keyi.h',
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+}
diff --git a/security/nss/lib/cryptohi/key.h b/security/nss/lib/cryptohi/key.h
new file mode 100644
index 000000000..3e89b74cb
--- /dev/null
+++ b/security/nss/lib/cryptohi/key.h
@@ -0,0 +1,12 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This header is deprecated. Please include keyhi.h instead. */
+
+#ifndef _KEY_H_
+#define _KEY_H_
+
+#include "keyhi.h"
+
+#endif /* _KEY_H_ */
diff --git a/security/nss/lib/cryptohi/keyhi.h b/security/nss/lib/cryptohi/keyhi.h
new file mode 100644
index 000000000..180990049
--- /dev/null
+++ b/security/nss/lib/cryptohi/keyhi.h
@@ -0,0 +1,271 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _KEYHI_H_
+#define _KEYHI_H_
+
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secdert.h"
+#include "keythi.h"
+#include "certt.h"
+/*#include "secpkcs5.h" */
+
+SEC_BEGIN_PROTOS
+
+/*
+** Destroy a subject-public-key-info object.
+*/
+extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki);
+
+/*
+** Copy subject-public-key-info "src" to "dst". "dst" is filled in
+** appropriately (memory is allocated for each of the sub objects).
+*/
+extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PLArenaPool *arena,
+ CERTSubjectPublicKeyInfo *dst,
+ CERTSubjectPublicKeyInfo *src);
+
+/*
+** Update the PQG parameters for a cert's public key.
+** Only done for DSA certs
+*/
+extern SECStatus
+SECKEY_UpdateCertPQG(CERTCertificate *subjectCert);
+
+/*
+** Return the number of bits in the provided big integer. This assumes that the
+** SECItem contains a big-endian number and counts from the first non-zero bit.
+*/
+extern unsigned SECKEY_BigIntegerBitLength(const SECItem *number);
+
+/*
+** Return the strength of the public key in bytes
+*/
+extern unsigned SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk);
+
+/*
+** Return the strength of the public key in bits
+*/
+extern unsigned SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk);
+
+/*
+** Return the length of the signature in bytes
+*/
+extern unsigned SECKEY_SignatureLen(const SECKEYPublicKey *pubk);
+
+/*
+** Make a copy of the private key "privKey"
+*/
+extern SECKEYPrivateKey *SECKEY_CopyPrivateKey(const SECKEYPrivateKey *privKey);
+
+/*
+** Make a copy of the public key "pubKey"
+*/
+extern SECKEYPublicKey *SECKEY_CopyPublicKey(const SECKEYPublicKey *pubKey);
+
+/*
+** Convert a private key "privateKey" into a public key
+*/
+extern SECKEYPublicKey *SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privateKey);
+
+/*
+ * create a new RSA key pair. The private Key is returned...
+ */
+SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits,
+ SECKEYPublicKey **pubk, void *cx);
+
+/*
+ * create a new DH key pair. The private Key is returned...
+ */
+SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param,
+ SECKEYPublicKey **pubk, void *cx);
+
+/*
+ * create a new EC key pair. The private Key is returned...
+ */
+SECKEYPrivateKey *SECKEY_CreateECPrivateKey(SECKEYECParams *param,
+ SECKEYPublicKey **pubk, void *cx);
+
+/*
+** Create a subject-public-key-info based on a public key.
+*/
+extern CERTSubjectPublicKeyInfo *
+SECKEY_CreateSubjectPublicKeyInfo(const SECKEYPublicKey *k);
+
+/*
+** Convert a base64 ascii encoded DER public key and challenge to spki,
+** and verify the signature and challenge data are correct
+*/
+extern CERTSubjectPublicKeyInfo *
+SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
+ void *cx);
+
+/*
+** Encode a CERTSubjectPublicKeyInfo structure. into a
+** DER encoded subject public key info.
+*/
+SECItem *
+SECKEY_EncodeDERSubjectPublicKeyInfo(const SECKEYPublicKey *pubk);
+
+/*
+** Decode a DER encoded subject public key info into a
+** CERTSubjectPublicKeyInfo structure.
+*/
+extern CERTSubjectPublicKeyInfo *
+SECKEY_DecodeDERSubjectPublicKeyInfo(const SECItem *spkider);
+
+/*
+** Convert a base64 ascii encoded DER subject public key info to our
+** internal format.
+*/
+extern CERTSubjectPublicKeyInfo *
+SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(const char *spkistr);
+
+/*
+ * extract the public key from a subject Public Key info structure.
+ * (used by JSS).
+ */
+extern SECKEYPublicKey *
+SECKEY_ExtractPublicKey(const CERTSubjectPublicKeyInfo *);
+
+/*
+** Destroy a private key object.
+** "key" the object
+*/
+extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key);
+
+/*
+** Destroy a public key object.
+** "key" the object
+*/
+extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key);
+
+/* Destroy and zero out a private key info structure. for now this
+ * function zero's out memory allocated in an arena for the key
+ * since PORT_FreeArena does not currently do this.
+ *
+ * NOTE -- If a private key info is allocated in an arena, one should
+ * not call this function with freeit = PR_FALSE. The function should
+ * destroy the arena.
+ */
+extern void
+SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit);
+
+/* Destroy and zero out an encrypted private key info.
+ *
+ * NOTE -- If a encrypted private key info is allocated in an arena, one should
+ * not call this function with freeit = PR_FALSE. The function should
+ * destroy the arena.
+ */
+extern void
+SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
+ PRBool freeit);
+
+/* Copy private key info structure.
+ * poolp is the arena into which the contents of from is to be copied.
+ * NULL is a valid entry.
+ * to is the destination private key info
+ * from is the source private key info
+ * if either from or to is NULL or an error occurs, SECFailure is
+ * returned. otherwise, SECSuccess is returned.
+ */
+extern SECStatus
+SECKEY_CopyPrivateKeyInfo(PLArenaPool *poolp,
+ SECKEYPrivateKeyInfo *to,
+ const SECKEYPrivateKeyInfo *from);
+
+extern SECStatus
+SECKEY_CacheStaticFlags(SECKEYPrivateKey *key);
+
+/* Copy encrypted private key info structure.
+ * poolp is the arena into which the contents of from is to be copied.
+ * NULL is a valid entry.
+ * to is the destination encrypted private key info
+ * from is the source encrypted private key info
+ * if either from or to is NULL or an error occurs, SECFailure is
+ * returned. otherwise, SECSuccess is returned.
+ */
+extern SECStatus
+SECKEY_CopyEncryptedPrivateKeyInfo(PLArenaPool *poolp,
+ SECKEYEncryptedPrivateKeyInfo *to,
+ const SECKEYEncryptedPrivateKeyInfo *from);
+/*
+ * Accessor functions for key type of public and private keys.
+ */
+KeyType SECKEY_GetPrivateKeyType(const SECKEYPrivateKey *privKey);
+KeyType SECKEY_GetPublicKeyType(const SECKEYPublicKey *pubKey);
+
+/*
+ * Creates a PublicKey from its DER encoding.
+ * Currently only supports RSA, DSA, and DH keys.
+ */
+SECKEYPublicKey *
+SECKEY_ImportDERPublicKey(const SECItem *derKey, CK_KEY_TYPE type);
+
+SECKEYPrivateKeyList *
+SECKEY_NewPrivateKeyList(void);
+
+void
+SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
+
+void
+SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
+
+SECStatus
+SECKEY_AddPrivateKeyToListTail(SECKEYPrivateKeyList *list,
+ SECKEYPrivateKey *key);
+
+#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode *)PR_LIST_HEAD(&l->list))
+#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
+#define PRIVKEY_LIST_END(n, l) (((void *)n) == ((void *)&l->list))
+
+SECKEYPublicKeyList *
+SECKEY_NewPublicKeyList(void);
+
+void
+SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys);
+
+void
+SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node);
+
+SECStatus
+SECKEY_AddPublicKeyToListTail(SECKEYPublicKeyList *list,
+ SECKEYPublicKey *key);
+
+#define PUBKEY_LIST_HEAD(l) ((SECKEYPublicKeyListNode *)PR_LIST_HEAD(&l->list))
+#define PUBKEY_LIST_NEXT(n) ((SECKEYPublicKeyListNode *)n->links.next)
+#define PUBKEY_LIST_END(n, l) (((void *)n) == ((void *)&l->list))
+
+/*
+ * Length in bits of the EC's field size. This is also the length of
+ * the x and y coordinates of EC points, such as EC public keys and
+ * base points.
+ *
+ * Return 0 on failure (unknown EC domain parameters).
+ */
+extern int SECKEY_ECParamsToKeySize(const SECItem *params);
+
+/*
+ * Length in bits of the EC base point order, usually denoted n. This
+ * is also the length of EC private keys and ECDSA signature components
+ * r and s.
+ *
+ * Return 0 on failure (unknown EC domain parameters).
+ */
+extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params);
+
+/*
+ * Returns the object identifier of the curve, of the provided
+ * elliptic curve parameters structures.
+ *
+ * Return 0 on failure (unknown EC domain parameters).
+ */
+SECOidTag SECKEY_GetECCOid(const SECKEYECParams *params);
+
+SEC_END_PROTOS
+
+#endif /* _KEYHI_H_ */
diff --git a/security/nss/lib/cryptohi/keyi.h b/security/nss/lib/cryptohi/keyi.h
new file mode 100644
index 000000000..f8f5f7f7d
--- /dev/null
+++ b/security/nss/lib/cryptohi/keyi.h
@@ -0,0 +1,22 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _KEYI_H_
+#define _KEYI_H_
+
+SEC_BEGIN_PROTOS
+/* NSS private functions */
+/* map an oid to a keytype... actually this function and it's converse
+ * are good candidates for public functions.. */
+KeyType seckey_GetKeyType(SECOidTag pubKeyOid);
+
+/* extract the 'encryption' (could be signing) and hash oids from and
+ * algorithm, key and parameters (parameters is the parameters field
+ * of a algorithm ID structure (SECAlgorithmID)*/
+SECStatus sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
+ const SECItem *param, SECOidTag *encalg, SECOidTag *hashalg);
+
+SEC_END_PROTOS
+
+#endif /* _KEYHI_H_ */
diff --git a/security/nss/lib/cryptohi/keyt.h b/security/nss/lib/cryptohi/keyt.h
new file mode 100644
index 000000000..99da312f6
--- /dev/null
+++ b/security/nss/lib/cryptohi/keyt.h
@@ -0,0 +1,10 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _KEYT_H_
+#define _KEYT_H_
+
+#include "keythi.h"
+
+#endif /* _KEYT_H_ */
diff --git a/security/nss/lib/cryptohi/keythi.h b/security/nss/lib/cryptohi/keythi.h
new file mode 100644
index 000000000..36896540f
--- /dev/null
+++ b/security/nss/lib/cryptohi/keythi.h
@@ -0,0 +1,247 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _KEYTHI_H_
+#define _KEYTHI_H_ 1
+
+#include "eccutil.h"
+#include "plarena.h"
+#include "pkcs11t.h"
+#include "secmodt.h"
+#include "prclist.h"
+
+/*
+** RFC 4055 Section 1.2 specifies three different RSA key types.
+**
+** rsaKey maps to keys with SEC_OID_PKCS1_RSA_ENCRYPTION and can be used for
+** both encryption and signatures with old (PKCS #1 v1.5) and new (PKCS #1
+** v2.1) padding schemes.
+**
+** rsaPssKey maps to keys with SEC_OID_PKCS1_RSA_PSS_SIGNATURE and may only
+** be used for signatures with PSS padding (PKCS #1 v2.1).
+**
+** rsaOaepKey maps to keys with SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION and may only
+** be used for encryption with OAEP padding (PKCS #1 v2.1).
+*/
+
+typedef enum {
+ nullKey = 0,
+ rsaKey = 1,
+ dsaKey = 2,
+ fortezzaKey = 3, /* deprecated */
+ dhKey = 4,
+ keaKey = 5, /* deprecated */
+ ecKey = 6,
+ rsaPssKey = 7,
+ rsaOaepKey = 8
+} KeyType;
+
+/*
+** Template Definitions
+**/
+
+SEC_BEGIN_PROTOS
+extern const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[];
+extern const SEC_ASN1Template SECKEY_RSAPSSParamsTemplate[];
+extern const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[];
+extern const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[];
+extern const SEC_ASN1Template SECKEY_DHParamKeyTemplate[];
+extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[];
+extern const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[];
+
+/* Windows DLL accessor functions */
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_DSAPublicKeyTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_RSAPublicKeyTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_RSAPSSParamsTemplate)
+SEC_END_PROTOS
+
+/*
+** RSA Public Key structures
+** member names from PKCS#1, section 7.1
+*/
+
+struct SECKEYRSAPublicKeyStr {
+ PLArenaPool *arena;
+ SECItem modulus;
+ SECItem publicExponent;
+};
+typedef struct SECKEYRSAPublicKeyStr SECKEYRSAPublicKey;
+
+/*
+** RSA-PSS parameters
+*/
+struct SECKEYRSAPSSParamsStr {
+ SECAlgorithmID *hashAlg;
+ SECAlgorithmID *maskAlg;
+ SECItem saltLength;
+ SECItem trailerField;
+};
+typedef struct SECKEYRSAPSSParamsStr SECKEYRSAPSSParams;
+
+/*
+** DSA Public Key and related structures
+*/
+
+struct SECKEYPQGParamsStr {
+ PLArenaPool *arena;
+ SECItem prime; /* p */
+ SECItem subPrime; /* q */
+ SECItem base; /* g */
+ /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
+};
+typedef struct SECKEYPQGParamsStr SECKEYPQGParams;
+
+struct SECKEYDSAPublicKeyStr {
+ SECKEYPQGParams params;
+ SECItem publicValue;
+};
+typedef struct SECKEYDSAPublicKeyStr SECKEYDSAPublicKey;
+
+/*
+** Diffie-Hellman Public Key structure
+** Structure member names suggested by PKCS#3.
+*/
+struct SECKEYDHParamsStr {
+ PLArenaPool *arena;
+ SECItem prime; /* p */
+ SECItem base; /* g */
+};
+typedef struct SECKEYDHParamsStr SECKEYDHParams;
+
+struct SECKEYDHPublicKeyStr {
+ PLArenaPool *arena;
+ SECItem prime;
+ SECItem base;
+ SECItem publicValue;
+};
+typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
+
+/*
+** Elliptic curve Public Key structure
+** The PKCS#11 layer needs DER encoding of ANSI X9.62
+** parameters value
+*/
+typedef SECItem SECKEYECParams;
+
+struct SECKEYECPublicKeyStr {
+ SECKEYECParams DEREncodedParams;
+ int size; /* size in bits */
+ SECItem publicValue; /* encoded point */
+ ECPointEncoding encoding; /* deprecated, ignored */
+};
+typedef struct SECKEYECPublicKeyStr SECKEYECPublicKey;
+
+/*
+** FORTEZZA Public Key structures
+*/
+struct SECKEYFortezzaPublicKeyStr {
+ int KEAversion;
+ int DSSversion;
+ unsigned char KMID[8];
+ SECItem clearance;
+ SECItem KEApriviledge;
+ SECItem DSSpriviledge;
+ SECItem KEAKey;
+ SECItem DSSKey;
+ SECKEYPQGParams params;
+ SECKEYPQGParams keaParams;
+};
+typedef struct SECKEYFortezzaPublicKeyStr SECKEYFortezzaPublicKey;
+#define KEAprivilege KEApriviledge /* corrected spelling */
+#define DSSprivilege DSSpriviledge /* corrected spelling */
+
+struct SECKEYDiffPQGParamsStr {
+ SECKEYPQGParams DiffKEAParams;
+ SECKEYPQGParams DiffDSAParams;
+};
+typedef struct SECKEYDiffPQGParamsStr SECKEYDiffPQGParams;
+
+struct SECKEYPQGDualParamsStr {
+ SECKEYPQGParams CommParams;
+ SECKEYDiffPQGParams DiffParams;
+};
+typedef struct SECKEYPQGDualParamsStr SECKEYPQGDualParams;
+
+struct SECKEYKEAParamsStr {
+ PLArenaPool *arena;
+ SECItem hash;
+};
+typedef struct SECKEYKEAParamsStr SECKEYKEAParams;
+
+struct SECKEYKEAPublicKeyStr {
+ SECKEYKEAParams params;
+ SECItem publicValue;
+};
+typedef struct SECKEYKEAPublicKeyStr SECKEYKEAPublicKey;
+
+/*
+** A Generic public key object.
+*/
+struct SECKEYPublicKeyStr {
+ PLArenaPool *arena;
+ KeyType keyType;
+ PK11SlotInfo *pkcs11Slot;
+ CK_OBJECT_HANDLE pkcs11ID;
+ union {
+ SECKEYRSAPublicKey rsa;
+ SECKEYDSAPublicKey dsa;
+ SECKEYDHPublicKey dh;
+ SECKEYKEAPublicKey kea;
+ SECKEYFortezzaPublicKey fortezza;
+ SECKEYECPublicKey ec;
+ } u;
+};
+typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
+
+/* bit flag definitions for staticflags */
+#define SECKEY_Attributes_Cached 0x1 /* bit 0 states \
+ whether attributes are cached */
+#define SECKEY_CKA_PRIVATE (1U << 1) /* bit 1 is the value of CKA_PRIVATE */
+#define SECKEY_CKA_ALWAYS_AUTHENTICATE (1U << 2)
+
+#define SECKEY_ATTRIBUTES_CACHED(key) \
+ (0 != (key->staticflags & SECKEY_Attributes_Cached))
+
+#define SECKEY_ATTRIBUTE_VALUE(key, attribute) \
+ (0 != (key->staticflags & SECKEY_##attribute))
+
+#define SECKEY_HAS_ATTRIBUTE_SET(key, attribute) \
+ (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, PR_FALSE)
+
+#define SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, attribute, haslock) \
+ (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, haslock)
+
+/*
+** A generic key structure
+*/
+struct SECKEYPrivateKeyStr {
+ PLArenaPool *arena;
+ KeyType keyType;
+ PK11SlotInfo *pkcs11Slot; /* pkcs11 slot this key lives in */
+ CK_OBJECT_HANDLE pkcs11ID; /* ID of pkcs11 object */
+ PRBool pkcs11IsTemp; /* temp pkcs11 object, delete it when done */
+ void *wincx; /* context for errors and pw prompts */
+ PRUint32 staticflags; /* bit flag of cached PKCS#11 attributes */
+};
+typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
+
+typedef struct {
+ PRCList links;
+ SECKEYPrivateKey *key;
+} SECKEYPrivateKeyListNode;
+
+typedef struct {
+ PRCList list;
+ PLArenaPool *arena;
+} SECKEYPrivateKeyList;
+
+typedef struct {
+ PRCList links;
+ SECKEYPublicKey *key;
+} SECKEYPublicKeyListNode;
+
+typedef struct {
+ PRCList list;
+ PLArenaPool *arena;
+} SECKEYPublicKeyList;
+#endif /* _KEYTHI_H_ */
diff --git a/security/nss/lib/cryptohi/manifest.mn b/security/nss/lib/cryptohi/manifest.mn
new file mode 100644
index 000000000..896c7ad12
--- /dev/null
+++ b/security/nss/lib/cryptohi/manifest.mn
@@ -0,0 +1,36 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+MODULE = nss
+
+REQUIRES = nssutil
+
+LIBRARY_NAME = cryptohi
+
+EXPORTS = \
+ cryptohi.h \
+ cryptoht.h \
+ key.h \
+ keyhi.h \
+ keyt.h \
+ keythi.h \
+ sechash.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ keyi.h \
+ $(NULL)
+
+CSRCS = \
+ sechash.c \
+ seckey.c \
+ secsign.c \
+ secvfy.c \
+ dsautil.c \
+ $(NULL)
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/cryptohi/sechash.c b/security/nss/lib/cryptohi/sechash.c
new file mode 100644
index 000000000..b12621100
--- /dev/null
+++ b/security/nss/lib/cryptohi/sechash.c
@@ -0,0 +1,438 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "sechash.h"
+#include "secoidt.h"
+#include "secerr.h"
+#include "blapi.h"
+#include "pk11func.h" /* for the PK11_ calls below. */
+
+static void *
+null_hash_new_context(void)
+{
+ return NULL;
+}
+
+static void *
+null_hash_clone_context(void *v)
+{
+ PORT_Assert(v == NULL);
+ return NULL;
+}
+
+static void
+null_hash_begin(void *v)
+{
+}
+
+static void
+null_hash_update(void *v, const unsigned char *input, unsigned int length)
+{
+}
+
+static void
+null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
+ unsigned int maxOut)
+{
+ *outLen = 0;
+}
+
+static void
+null_hash_destroy_context(void *v, PRBool b)
+{
+ PORT_Assert(v == NULL);
+}
+
+static void *
+md2_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_MD2);
+}
+
+static void *
+md5_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_MD5);
+}
+
+static void *
+sha1_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_SHA1);
+}
+
+static void *
+sha224_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_SHA224);
+}
+
+static void *
+sha256_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_SHA256);
+}
+
+static void *
+sha384_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_SHA384);
+}
+
+static void *
+sha512_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_SHA512);
+}
+
+const SECHashObject SECHashObjects[] = {
+ { 0,
+ (void *(*)(void))null_hash_new_context,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))null_hash_destroy_context,
+ (void (*)(void *))null_hash_begin,
+ (void (*)(void *, const unsigned char *, unsigned int))null_hash_update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))null_hash_end,
+ 0,
+ HASH_AlgNULL },
+ { MD2_LENGTH,
+ (void *(*)(void))md2_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ MD2_BLOCK_LENGTH,
+ HASH_AlgMD2 },
+ { MD5_LENGTH,
+ (void *(*)(void))md5_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ MD5_BLOCK_LENGTH,
+ HASH_AlgMD5 },
+ { SHA1_LENGTH,
+ (void *(*)(void))sha1_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ SHA1_BLOCK_LENGTH,
+ HASH_AlgSHA1 },
+ { SHA256_LENGTH,
+ (void *(*)(void))sha256_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ SHA256_BLOCK_LENGTH,
+ HASH_AlgSHA256 },
+ { SHA384_LENGTH,
+ (void *(*)(void))sha384_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ SHA384_BLOCK_LENGTH,
+ HASH_AlgSHA384 },
+ { SHA512_LENGTH,
+ (void *(*)(void))sha512_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ SHA512_BLOCK_LENGTH,
+ HASH_AlgSHA512 },
+ { SHA224_LENGTH,
+ (void *(*)(void))sha224_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ SHA224_BLOCK_LENGTH,
+ HASH_AlgSHA224 },
+};
+
+const SECHashObject *
+HASH_GetHashObject(HASH_HashType type)
+{
+ return &SECHashObjects[type];
+}
+
+HASH_HashType
+HASH_GetHashTypeByOidTag(SECOidTag hashOid)
+{
+ HASH_HashType ht = HASH_AlgNULL;
+
+ switch (hashOid) {
+ case SEC_OID_MD2:
+ ht = HASH_AlgMD2;
+ break;
+ case SEC_OID_MD5:
+ ht = HASH_AlgMD5;
+ break;
+ case SEC_OID_SHA1:
+ ht = HASH_AlgSHA1;
+ break;
+ case SEC_OID_SHA224:
+ ht = HASH_AlgSHA224;
+ break;
+ case SEC_OID_SHA256:
+ ht = HASH_AlgSHA256;
+ break;
+ case SEC_OID_SHA384:
+ ht = HASH_AlgSHA384;
+ break;
+ case SEC_OID_SHA512:
+ ht = HASH_AlgSHA512;
+ break;
+ default:
+ ht = HASH_AlgNULL;
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ break;
+ }
+ return ht;
+}
+
+SECOidTag
+HASH_GetHashOidTagByHMACOidTag(SECOidTag hmacOid)
+{
+ SECOidTag hashOid = SEC_OID_UNKNOWN;
+
+ switch (hmacOid) {
+ /* no oid exists for HMAC_MD2 */
+ /* NSS does not define a oid for HMAC_MD4 */
+ case SEC_OID_HMAC_SHA1:
+ hashOid = SEC_OID_SHA1;
+ break;
+ case SEC_OID_HMAC_SHA224:
+ hashOid = SEC_OID_SHA224;
+ break;
+ case SEC_OID_HMAC_SHA256:
+ hashOid = SEC_OID_SHA256;
+ break;
+ case SEC_OID_HMAC_SHA384:
+ hashOid = SEC_OID_SHA384;
+ break;
+ case SEC_OID_HMAC_SHA512:
+ hashOid = SEC_OID_SHA512;
+ break;
+ default:
+ hashOid = SEC_OID_UNKNOWN;
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ break;
+ }
+ return hashOid;
+}
+
+SECOidTag
+HASH_GetHMACOidTagByHashOidTag(SECOidTag hashOid)
+{
+ SECOidTag hmacOid = SEC_OID_UNKNOWN;
+
+ switch (hashOid) {
+ /* no oid exists for HMAC_MD2 */
+ /* NSS does not define a oid for HMAC_MD4 */
+ case SEC_OID_SHA1:
+ hmacOid = SEC_OID_HMAC_SHA1;
+ break;
+ case SEC_OID_SHA224:
+ hmacOid = SEC_OID_HMAC_SHA224;
+ break;
+ case SEC_OID_SHA256:
+ hmacOid = SEC_OID_HMAC_SHA256;
+ break;
+ case SEC_OID_SHA384:
+ hmacOid = SEC_OID_HMAC_SHA384;
+ break;
+ case SEC_OID_SHA512:
+ hmacOid = SEC_OID_HMAC_SHA512;
+ break;
+ default:
+ hmacOid = SEC_OID_UNKNOWN;
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ break;
+ }
+ return hmacOid;
+}
+
+const SECHashObject *
+HASH_GetHashObjectByOidTag(SECOidTag hashOid)
+{
+ HASH_HashType ht = HASH_GetHashTypeByOidTag(hashOid);
+
+ return (ht == HASH_AlgNULL) ? NULL : &SECHashObjects[ht];
+}
+
+/* returns zero for unknown hash OID */
+unsigned int
+HASH_ResultLenByOidTag(SECOidTag hashOid)
+{
+ const SECHashObject *hashObject = HASH_GetHashObjectByOidTag(hashOid);
+ unsigned int resultLen = 0;
+
+ if (hashObject)
+ resultLen = hashObject->length;
+ return resultLen;
+}
+
+/* returns zero if hash type invalid. */
+unsigned int
+HASH_ResultLen(HASH_HashType type)
+{
+ if ((type < HASH_AlgNULL) || (type >= HASH_AlgTOTAL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return (0);
+ }
+
+ return (SECHashObjects[type].length);
+}
+
+unsigned int
+HASH_ResultLenContext(HASHContext *context)
+{
+ return (context->hashobj->length);
+}
+
+SECStatus
+HASH_HashBuf(HASH_HashType type,
+ unsigned char *dest,
+ const unsigned char *src,
+ PRUint32 src_len)
+{
+ HASHContext *cx;
+ unsigned int part;
+
+ if ((type < HASH_AlgNULL) || (type >= HASH_AlgTOTAL)) {
+ return (SECFailure);
+ }
+
+ cx = HASH_Create(type);
+ if (cx == NULL) {
+ return (SECFailure);
+ }
+ HASH_Begin(cx);
+ HASH_Update(cx, src, src_len);
+ HASH_End(cx, dest, &part, HASH_ResultLenContext(cx));
+ HASH_Destroy(cx);
+
+ return (SECSuccess);
+}
+
+HASHContext *
+HASH_Create(HASH_HashType type)
+{
+ void *hash_context = NULL;
+ HASHContext *ret = NULL;
+
+ if ((type < HASH_AlgNULL) || (type >= HASH_AlgTOTAL)) {
+ return (NULL);
+ }
+
+ hash_context = (*SECHashObjects[type].create)();
+ if (hash_context == NULL) {
+ goto loser;
+ }
+
+ ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
+ if (ret == NULL) {
+ goto loser;
+ }
+
+ ret->hash_context = hash_context;
+ ret->hashobj = &SECHashObjects[type];
+
+ return (ret);
+
+loser:
+ if (hash_context != NULL) {
+ (*SECHashObjects[type].destroy)(hash_context, PR_TRUE);
+ }
+
+ return (NULL);
+}
+
+HASHContext *
+HASH_Clone(HASHContext *context)
+{
+ void *hash_context = NULL;
+ HASHContext *ret = NULL;
+
+ hash_context = (*context->hashobj->clone)(context->hash_context);
+ if (hash_context == NULL) {
+ goto loser;
+ }
+
+ ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
+ if (ret == NULL) {
+ goto loser;
+ }
+
+ ret->hash_context = hash_context;
+ ret->hashobj = context->hashobj;
+
+ return (ret);
+
+loser:
+ if (hash_context != NULL) {
+ (*context->hashobj->destroy)(hash_context, PR_TRUE);
+ }
+
+ return (NULL);
+}
+
+void
+HASH_Destroy(HASHContext *context)
+{
+ (*context->hashobj->destroy)(context->hash_context, PR_TRUE);
+ PORT_Free(context);
+ return;
+}
+
+void
+HASH_Begin(HASHContext *context)
+{
+ (*context->hashobj->begin)(context->hash_context);
+ return;
+}
+
+void
+HASH_Update(HASHContext *context,
+ const unsigned char *src,
+ unsigned int len)
+{
+ (*context->hashobj->update)(context->hash_context, src, len);
+ return;
+}
+
+void
+HASH_End(HASHContext *context,
+ unsigned char *result,
+ unsigned int *result_len,
+ unsigned int max_result_len)
+{
+ (*context->hashobj->end)(context->hash_context, result, result_len,
+ max_result_len);
+ return;
+}
+
+HASH_HashType
+HASH_GetType(HASHContext *context)
+{
+ return (context->hashobj->type);
+}
diff --git a/security/nss/lib/cryptohi/sechash.h b/security/nss/lib/cryptohi/sechash.h
new file mode 100644
index 000000000..94ff7ed3d
--- /dev/null
+++ b/security/nss/lib/cryptohi/sechash.h
@@ -0,0 +1,58 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _HASH_H_
+#define _HASH_H_
+
+#include "seccomon.h"
+#include "hasht.h"
+#include "secoidt.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+** Generic hash api.
+*/
+
+extern unsigned int HASH_ResultLen(HASH_HashType type);
+
+extern unsigned int HASH_ResultLenContext(HASHContext *context);
+
+extern unsigned int HASH_ResultLenByOidTag(SECOidTag hashOid);
+
+extern SECStatus HASH_HashBuf(HASH_HashType type,
+ unsigned char *dest,
+ const unsigned char *src,
+ PRUint32 src_len);
+
+extern HASHContext *HASH_Create(HASH_HashType type);
+
+extern HASHContext *HASH_Clone(HASHContext *context);
+
+extern void HASH_Destroy(HASHContext *context);
+
+extern void HASH_Begin(HASHContext *context);
+
+extern void HASH_Update(HASHContext *context,
+ const unsigned char *src,
+ unsigned int len);
+
+extern void HASH_End(HASHContext *context,
+ unsigned char *result,
+ unsigned int *result_len,
+ unsigned int max_result_len);
+
+extern HASH_HashType HASH_GetType(HASHContext *context);
+
+extern const SECHashObject *HASH_GetHashObject(HASH_HashType type);
+
+extern const SECHashObject *HASH_GetHashObjectByOidTag(SECOidTag hashOid);
+
+extern HASH_HashType HASH_GetHashTypeByOidTag(SECOidTag hashOid);
+extern SECOidTag HASH_GetHashOidTagByHMACOidTag(SECOidTag hmacOid);
+extern SECOidTag HASH_GetHMACOidTagByHashOidTag(SECOidTag hashOid);
+
+SEC_END_PROTOS
+
+#endif /* _HASH_H_ */
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
new file mode 100644
index 000000000..359de8e46
--- /dev/null
+++ b/security/nss/lib/cryptohi/seckey.c
@@ -0,0 +1,1963 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "cryptohi.h"
+#include "keyhi.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "secder.h"
+#include "base64.h"
+#include "secasn1.h"
+#include "cert.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "secdig.h"
+#include "prtime.h"
+#include "keyi.h"
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_IntegerTemplate)
+
+const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTSubjectPublicKeyInfo) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTSubjectPublicKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(CERTSubjectPublicKeyInfo, subjectPublicKey) },
+ { 0 }
+};
+
+const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPublicKeyAndChallenge) },
+ { SEC_ASN1_ANY, offsetof(CERTPublicKeyAndChallenge, spki) },
+ { SEC_ASN1_IA5_STRING, offsetof(CERTPublicKeyAndChallenge, challenge) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey, u.rsa.modulus) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey, u.rsa.publicExponent) },
+ { 0 }
+};
+
+static const SEC_ASN1Template seckey_PointerToAlgorithmIDTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0,
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }
+};
+
+/* Parameters for SEC_OID_PKCS1_RSA_PSS_SIGNATURE */
+const SEC_ASN1Template SECKEY_RSAPSSParamsTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRSAPSSParams) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SECKEYRSAPSSParams, hashAlg),
+ seckey_PointerToAlgorithmIDTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(SECKEYRSAPSSParams, maskAlg),
+ seckey_PointerToAlgorithmIDTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_XTRN | SEC_ASN1_CONTEXT_SPECIFIC | 2,
+ offsetof(SECKEYRSAPSSParams, saltLength),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_XTRN | SEC_ASN1_CONTEXT_SPECIFIC | 3,
+ offsetof(SECKEYRSAPSSParams, trailerField),
+ SEC_ASN1_SUB(SEC_IntegerTemplate) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey, u.dsa.publicValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams, prime) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams, subPrime) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams, base) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey, u.dh.publicValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_DHParamKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey, u.dh.prime) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey, u.dh.base) },
+ /* XXX chrisk: this needs to be expanded for decoding of j and validationParms (RFC2459 7.3.2) */
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPSSParamsTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SubjectPublicKeyInfoTemplate)
+
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+static void
+prepare_rsa_pub_key_for_asn1(SECKEYPublicKey *pubk)
+{
+ pubk->u.rsa.modulus.type = siUnsignedInteger;
+ pubk->u.rsa.publicExponent.type = siUnsignedInteger;
+}
+
+static void
+prepare_dsa_pub_key_for_asn1(SECKEYPublicKey *pubk)
+{
+ pubk->u.dsa.publicValue.type = siUnsignedInteger;
+}
+
+static void
+prepare_pqg_params_for_asn1(SECKEYPQGParams *params)
+{
+ params->prime.type = siUnsignedInteger;
+ params->subPrime.type = siUnsignedInteger;
+ params->base.type = siUnsignedInteger;
+}
+
+static void
+prepare_dh_pub_key_for_asn1(SECKEYPublicKey *pubk)
+{
+ pubk->u.dh.prime.type = siUnsignedInteger;
+ pubk->u.dh.base.type = siUnsignedInteger;
+ pubk->u.dh.publicValue.type = siUnsignedInteger;
+}
+
+/* Create an RSA key pair is any slot able to do so.
+** The created keys are "session" (temporary), not "token" (permanent),
+** and they are "sensitive", which makes them costly to move to another token.
+*/
+SECKEYPrivateKey *
+SECKEY_CreateRSAPrivateKey(int keySizeInBits, SECKEYPublicKey **pubk, void *cx)
+{
+ SECKEYPrivateKey *privk;
+ PK11RSAGenParams param;
+ PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN, cx);
+ if (!slot) {
+ return NULL;
+ }
+
+ param.keySizeInBits = keySizeInBits;
+ param.pe = 65537L;
+
+ privk = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &param, pubk,
+ PR_FALSE, PR_TRUE, cx);
+ PK11_FreeSlot(slot);
+ return (privk);
+}
+
+/* Create a DH key pair in any slot able to do so,
+** This is a "session" (temporary), not "token" (permanent) key.
+** Because of the high probability that this key will need to be moved to
+** another token, and the high cost of moving "sensitive" keys, we attempt
+** to create this key pair without the "sensitive" attribute, but revert to
+** creating a "sensitive" key if necessary.
+*/
+SECKEYPrivateKey *
+SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx)
+{
+ SECKEYPrivateKey *privk;
+ PK11SlotInfo *slot;
+
+ if (!param || !param->base.data || !param->prime.data ||
+ SECKEY_BigIntegerBitLength(&param->prime) < DH_MIN_P_BITS ||
+ param->base.len == 0 || param->base.len > param->prime.len + 1 ||
+ (param->base.len == 1 && param->base.data[0] == 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN, cx);
+ if (!slot) {
+ return NULL;
+ }
+
+ privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param,
+ pubk, PR_FALSE, PR_FALSE, cx);
+ if (!privk)
+ privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param,
+ pubk, PR_FALSE, PR_TRUE, cx);
+
+ PK11_FreeSlot(slot);
+ return (privk);
+}
+
+/* Create an EC key pair in any slot able to do so,
+** This is a "session" (temporary), not "token" (permanent) key.
+** Because of the high probability that this key will need to be moved to
+** another token, and the high cost of moving "sensitive" keys, we attempt
+** to create this key pair without the "sensitive" attribute, but revert to
+** creating a "sensitive" key if necessary.
+*/
+SECKEYPrivateKey *
+SECKEY_CreateECPrivateKey(SECKEYECParams *param, SECKEYPublicKey **pubk, void *cx)
+{
+ SECKEYPrivateKey *privk;
+ PK11SlotInfo *slot = PK11_GetBestSlot(CKM_EC_KEY_PAIR_GEN, cx);
+ if (!slot) {
+ return NULL;
+ }
+
+ privk = PK11_GenerateKeyPairWithOpFlags(slot, CKM_EC_KEY_PAIR_GEN,
+ param, pubk,
+ PK11_ATTR_SESSION |
+ PK11_ATTR_INSENSITIVE |
+ PK11_ATTR_PUBLIC,
+ CKF_DERIVE, CKF_DERIVE |
+ CKF_SIGN,
+ cx);
+ if (!privk)
+ privk = PK11_GenerateKeyPairWithOpFlags(slot, CKM_EC_KEY_PAIR_GEN,
+ param, pubk,
+ PK11_ATTR_SESSION |
+ PK11_ATTR_SENSITIVE |
+ PK11_ATTR_PRIVATE,
+ CKF_DERIVE, CKF_DERIVE |
+ CKF_SIGN,
+ cx);
+
+ PK11_FreeSlot(slot);
+ return (privk);
+}
+
+void
+SECKEY_DestroyPrivateKey(SECKEYPrivateKey *privk)
+{
+ if (privk) {
+ if (privk->pkcs11Slot) {
+ if (privk->pkcs11IsTemp) {
+ PK11_DestroyObject(privk->pkcs11Slot, privk->pkcs11ID);
+ }
+ PK11_FreeSlot(privk->pkcs11Slot);
+ }
+ if (privk->arena) {
+ PORT_FreeArena(privk->arena, PR_TRUE);
+ }
+ }
+}
+
+void
+SECKEY_DestroyPublicKey(SECKEYPublicKey *pubk)
+{
+ if (pubk) {
+ if (pubk->pkcs11Slot) {
+ if (!PK11_IsPermObject(pubk->pkcs11Slot, pubk->pkcs11ID)) {
+ PK11_DestroyObject(pubk->pkcs11Slot, pubk->pkcs11ID);
+ }
+ PK11_FreeSlot(pubk->pkcs11Slot);
+ }
+ if (pubk->arena) {
+ PORT_FreeArena(pubk->arena, PR_FALSE);
+ }
+ }
+}
+
+SECStatus
+SECKEY_CopySubjectPublicKeyInfo(PLArenaPool *arena,
+ CERTSubjectPublicKeyInfo *to,
+ CERTSubjectPublicKeyInfo *from)
+{
+ SECStatus rv;
+ SECItem spk;
+
+ rv = SECOID_CopyAlgorithmID(arena, &to->algorithm, &from->algorithm);
+ if (rv == SECSuccess) {
+ /*
+ * subjectPublicKey is a bit string, whose length is in bits.
+ * Convert the length from bits to bytes for SECITEM_CopyItem.
+ */
+ spk = from->subjectPublicKey;
+ DER_ConvertBitString(&spk);
+ rv = SECITEM_CopyItem(arena, &to->subjectPublicKey, &spk);
+ /* Set the length back to bits. */
+ if (rv == SECSuccess) {
+ to->subjectPublicKey.len = from->subjectPublicKey.len;
+ }
+ }
+
+ return rv;
+}
+
+/* Procedure to update the pqg parameters for a cert's public key.
+ * pqg parameters only need to be updated for DSA certificates.
+ * The procedure uses calls to itself recursively to update a certificate
+ * issuer's pqg parameters. Some important rules are:
+ * - Do nothing if the cert already has PQG parameters.
+ * - If the cert does not have PQG parameters, obtain them from the issuer.
+ * - A valid cert chain cannot have a DSA cert without
+ * pqg parameters that has a parent that is not a DSA cert. */
+
+static SECStatus
+seckey_UpdateCertPQGChain(CERTCertificate *subjectCert, int count)
+{
+ SECStatus rv;
+ SECOidData *oid = NULL;
+ int tag;
+ CERTSubjectPublicKeyInfo *subjectSpki = NULL;
+ CERTSubjectPublicKeyInfo *issuerSpki = NULL;
+ CERTCertificate *issuerCert = NULL;
+
+ /* increment cert chain length counter*/
+ count++;
+
+ /* check if cert chain length exceeds the maximum length*/
+ if (count > CERT_MAX_CERT_CHAIN) {
+ return SECFailure;
+ }
+
+ oid = SECOID_FindOID(&subjectCert->subjectPublicKeyInfo.algorithm.algorithm);
+ if (oid != NULL) {
+ tag = oid->offset;
+
+ /* Check if cert has a DSA or EC public key. If not, return
+ * success since no PQG params need to be updated.
+ *
+ * Question: do we really need to do this for EC keys. They don't have
+ * PQG parameters, but they do have parameters. The question is does
+ * the child cert inherit thost parameters for EC from the parent, or
+ * do we always include those parameters in each cert.
+ */
+
+ if ((tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
+ (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
+ (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST) &&
+ (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST) &&
+ (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
+ (tag != SEC_OID_SDN702_DSA_SIGNATURE) &&
+ (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
+
+ return SECSuccess;
+ }
+ } else {
+ return SECFailure; /* return failure if oid is NULL */
+ }
+
+ /* if cert has PQG parameters, return success */
+
+ subjectSpki = &subjectCert->subjectPublicKeyInfo;
+
+ if (subjectSpki->algorithm.parameters.len != 0) {
+ return SECSuccess;
+ }
+
+ /* check if the cert is self-signed */
+ if (subjectCert->isRoot) {
+ /* fail since cert is self-signed and has no pqg params. */
+ return SECFailure;
+ }
+
+ /* get issuer cert */
+ issuerCert = CERT_FindCertIssuer(subjectCert, PR_Now(), certUsageAnyCA);
+ if (!issuerCert) {
+ return SECFailure;
+ }
+
+ /* if parent is not DSA, return failure since
+ we don't allow this case. */
+
+ oid = SECOID_FindOID(&issuerCert->subjectPublicKeyInfo.algorithm.algorithm);
+ if (oid != NULL) {
+ tag = oid->offset;
+
+ /* Check if issuer cert has a DSA public key. If not,
+ * return failure. */
+
+ if ((tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
+ (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
+ (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST) &&
+ (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST) &&
+ (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
+ (tag != SEC_OID_SDN702_DSA_SIGNATURE) &&
+ (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
+ rv = SECFailure;
+ goto loser;
+ }
+ } else {
+ rv = SECFailure; /* return failure if oid is NULL */
+ goto loser;
+ }
+
+ /* at this point the subject cert has no pqg parameters and the
+ * issuer cert has a DSA public key. Update the issuer's
+ * pqg parameters with a recursive call to this same function. */
+
+ rv = seckey_UpdateCertPQGChain(issuerCert, count);
+ if (rv != SECSuccess) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* ensure issuer has pqg parameters */
+
+ issuerSpki = &issuerCert->subjectPublicKeyInfo;
+ if (issuerSpki->algorithm.parameters.len == 0) {
+ rv = SECFailure;
+ }
+
+ /* if update was successful and pqg params present, then copy the
+ * parameters to the subject cert's key. */
+
+ if (rv == SECSuccess) {
+ rv = SECITEM_CopyItem(subjectCert->arena,
+ &subjectSpki->algorithm.parameters,
+ &issuerSpki->algorithm.parameters);
+ }
+
+loser:
+ if (issuerCert) {
+ CERT_DestroyCertificate(issuerCert);
+ }
+ return rv;
+}
+
+SECStatus
+SECKEY_UpdateCertPQG(CERTCertificate *subjectCert)
+{
+ if (!subjectCert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return seckey_UpdateCertPQGChain(subjectCert, 0);
+}
+
+/* Decode the DSA PQG parameters. The params could be stored in two
+ * possible formats, the old fortezza-only wrapped format or
+ * the normal standard format. Store the decoded parameters in
+ * a V3 certificate data structure. */
+
+static SECStatus
+seckey_DSADecodePQG(PLArenaPool *arena, SECKEYPublicKey *pubk,
+ const SECItem *params)
+{
+ SECStatus rv;
+ SECItem newparams;
+
+ if (params == NULL)
+ return SECFailure;
+
+ if (params->data == NULL)
+ return SECFailure;
+
+ PORT_Assert(arena);
+
+ /* make a copy of the data into the arena so QuickDER output is valid */
+ rv = SECITEM_CopyItem(arena, &newparams, params);
+
+ /* Check if params use the standard format.
+ * The value 0xa1 will appear in the first byte of the parameter data
+ * if the PQG parameters are not using the standard format. This
+ * code should be changed to use a better method to detect non-standard
+ * parameters. */
+
+ if ((newparams.data[0] != 0xa1) &&
+ (newparams.data[0] != 0xa0)) {
+
+ if (SECSuccess == rv) {
+ /* PQG params are in the standard format */
+ prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
+ rv = SEC_QuickDERDecodeItem(arena, &pubk->u.dsa.params,
+ SECKEY_PQGParamsTemplate,
+ &newparams);
+ }
+ } else {
+
+ if (SECSuccess == rv) {
+ /* else the old fortezza-only wrapped format is used. */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ }
+ }
+ return rv;
+}
+
+/* Function used to make an oid tag to a key type */
+KeyType
+seckey_GetKeyType(SECOidTag tag)
+{
+ KeyType keyType;
+
+ switch (tag) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ keyType = rsaKey;
+ break;
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ keyType = rsaPssKey;
+ break;
+ case SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION:
+ keyType = rsaOaepKey;
+ break;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ keyType = dsaKey;
+ break;
+ case SEC_OID_MISSI_KEA_DSS_OLD:
+ case SEC_OID_MISSI_KEA_DSS:
+ case SEC_OID_MISSI_DSS_OLD:
+ case SEC_OID_MISSI_DSS:
+ keyType = fortezzaKey;
+ break;
+ case SEC_OID_MISSI_KEA:
+ case SEC_OID_MISSI_ALT_KEA:
+ keyType = keaKey;
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ keyType = dhKey;
+ break;
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ keyType = ecKey;
+ break;
+ /* accommodate applications that hand us a signature type when they
+ * should be handing us a cipher type */
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ keyType = rsaKey;
+ break;
+ default:
+ keyType = nullKey;
+ }
+ return keyType;
+}
+
+/* Function used to determine what kind of cert we are dealing with. */
+KeyType
+CERT_GetCertKeyType(const CERTSubjectPublicKeyInfo *spki)
+{
+ return seckey_GetKeyType(SECOID_GetAlgorithmTag(&spki->algorithm));
+}
+
+/* Ensure pubKey contains an OID */
+static SECStatus
+seckey_HasCurveOID(const SECKEYPublicKey *pubKey)
+{
+ SECItem oid;
+ SECStatus rv;
+ PORTCheapArenaPool tmpArena;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+ /* If we can decode it, an OID is available. */
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &oid,
+ SEC_ASN1_GET(SEC_ObjectIDTemplate),
+ &pubKey->u.ec.DEREncodedParams);
+ PORT_DestroyCheapArena(&tmpArena);
+ return rv;
+}
+
+static SECKEYPublicKey *
+seckey_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki)
+{
+ SECKEYPublicKey *pubk;
+ SECItem os, newOs, newParms;
+ SECStatus rv;
+ PLArenaPool *arena;
+ SECOidTag tag;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ return NULL;
+
+ pubk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
+ if (pubk == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ pubk->arena = arena;
+ pubk->pkcs11Slot = 0;
+ pubk->pkcs11ID = CK_INVALID_HANDLE;
+
+ /* Convert bit string length from bits to bytes */
+ os = spki->subjectPublicKey;
+ DER_ConvertBitString(&os);
+
+ tag = SECOID_GetAlgorithmTag(&spki->algorithm);
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newOs, &os);
+ if (rv == SECSuccess)
+ switch (tag) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ pubk->keyType = rsaKey;
+ prepare_rsa_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, &newOs);
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ case SEC_OID_SDN702_DSA_SIGNATURE:
+ pubk->keyType = dsaKey;
+ prepare_dsa_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &newOs);
+ if (rv != SECSuccess)
+ break;
+
+ rv = seckey_DSADecodePQG(arena, pubk,
+ &spki->algorithm.parameters);
+
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ pubk->keyType = dhKey;
+ prepare_dh_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &newOs);
+ if (rv != SECSuccess)
+ break;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newParms, &spki->algorithm.parameters);
+ if (rv != SECSuccess)
+ break;
+
+ rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHParamKeyTemplate,
+ &newParms);
+
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ pubk->keyType = ecKey;
+ pubk->u.ec.size = 0;
+
+ /* Since PKCS#11 directly takes the DER encoding of EC params
+ * and public value, we don't need any decoding here.
+ */
+ rv = SECITEM_CopyItem(arena, &pubk->u.ec.DEREncodedParams,
+ &spki->algorithm.parameters);
+ if (rv != SECSuccess) {
+ break;
+ }
+ rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, &newOs);
+ if (rv != SECSuccess) {
+ break;
+ }
+ pubk->u.ec.encoding = ECPoint_Undefined;
+ rv = seckey_HasCurveOID(pubk);
+ if (rv == SECSuccess) {
+ return pubk;
+ }
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+ break;
+ }
+
+ SECKEY_DestroyPublicKey(pubk);
+ return NULL;
+}
+
+/* required for JSS */
+SECKEYPublicKey *
+SECKEY_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki)
+{
+ return seckey_ExtractPublicKey(spki);
+}
+
+SECKEYPublicKey *
+CERT_ExtractPublicKey(CERTCertificate *cert)
+{
+ return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
+}
+
+int
+SECKEY_ECParamsToKeySize(const SECItem *encodedParams)
+{
+ SECOidTag tag;
+ SECItem oid = { siBuffer, NULL, 0 };
+
+ /* The encodedParams data contains 0x06 (SEC_ASN1_OBJECT_ID),
+ * followed by the length of the curve oid and the curve oid.
+ */
+ oid.len = encodedParams->data[1];
+ oid.data = encodedParams->data + 2;
+ if ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)
+ return 0;
+
+ switch (tag) {
+ case SEC_OID_SECG_EC_SECP112R1:
+ case SEC_OID_SECG_EC_SECP112R2:
+ return 112;
+
+ case SEC_OID_SECG_EC_SECT113R1:
+ case SEC_OID_SECG_EC_SECT113R2:
+ return 113;
+
+ case SEC_OID_SECG_EC_SECP128R1:
+ case SEC_OID_SECG_EC_SECP128R2:
+ return 128;
+
+ case SEC_OID_SECG_EC_SECT131R1:
+ case SEC_OID_SECG_EC_SECT131R2:
+ return 131;
+
+ case SEC_OID_SECG_EC_SECP160K1:
+ case SEC_OID_SECG_EC_SECP160R1:
+ case SEC_OID_SECG_EC_SECP160R2:
+ return 160;
+
+ case SEC_OID_SECG_EC_SECT163K1:
+ case SEC_OID_SECG_EC_SECT163R1:
+ case SEC_OID_SECG_EC_SECT163R2:
+ case SEC_OID_ANSIX962_EC_C2PNB163V1:
+ case SEC_OID_ANSIX962_EC_C2PNB163V2:
+ case SEC_OID_ANSIX962_EC_C2PNB163V3:
+ return 163;
+
+ case SEC_OID_ANSIX962_EC_C2PNB176V1:
+ return 176;
+
+ case SEC_OID_ANSIX962_EC_C2TNB191V1:
+ case SEC_OID_ANSIX962_EC_C2TNB191V2:
+ case SEC_OID_ANSIX962_EC_C2TNB191V3:
+ case SEC_OID_ANSIX962_EC_C2ONB191V4:
+ case SEC_OID_ANSIX962_EC_C2ONB191V5:
+ return 191;
+
+ case SEC_OID_SECG_EC_SECP192K1:
+ case SEC_OID_ANSIX962_EC_PRIME192V1:
+ case SEC_OID_ANSIX962_EC_PRIME192V2:
+ case SEC_OID_ANSIX962_EC_PRIME192V3:
+ return 192;
+
+ case SEC_OID_SECG_EC_SECT193R1:
+ case SEC_OID_SECG_EC_SECT193R2:
+ return 193;
+
+ case SEC_OID_ANSIX962_EC_C2PNB208W1:
+ return 208;
+
+ case SEC_OID_SECG_EC_SECP224K1:
+ case SEC_OID_SECG_EC_SECP224R1:
+ return 224;
+
+ case SEC_OID_SECG_EC_SECT233K1:
+ case SEC_OID_SECG_EC_SECT233R1:
+ return 233;
+
+ case SEC_OID_SECG_EC_SECT239K1:
+ case SEC_OID_ANSIX962_EC_C2TNB239V1:
+ case SEC_OID_ANSIX962_EC_C2TNB239V2:
+ case SEC_OID_ANSIX962_EC_C2TNB239V3:
+ case SEC_OID_ANSIX962_EC_C2ONB239V4:
+ case SEC_OID_ANSIX962_EC_C2ONB239V5:
+ case SEC_OID_ANSIX962_EC_PRIME239V1:
+ case SEC_OID_ANSIX962_EC_PRIME239V2:
+ case SEC_OID_ANSIX962_EC_PRIME239V3:
+ return 239;
+
+ case SEC_OID_SECG_EC_SECP256K1:
+ case SEC_OID_ANSIX962_EC_PRIME256V1:
+ return 256;
+
+ case SEC_OID_ANSIX962_EC_C2PNB272W1:
+ return 272;
+
+ case SEC_OID_SECG_EC_SECT283K1:
+ case SEC_OID_SECG_EC_SECT283R1:
+ return 283;
+
+ case SEC_OID_ANSIX962_EC_C2PNB304W1:
+ return 304;
+
+ case SEC_OID_ANSIX962_EC_C2TNB359V1:
+ return 359;
+
+ case SEC_OID_ANSIX962_EC_C2PNB368W1:
+ return 368;
+
+ case SEC_OID_SECG_EC_SECP384R1:
+ return 384;
+
+ case SEC_OID_SECG_EC_SECT409K1:
+ case SEC_OID_SECG_EC_SECT409R1:
+ return 409;
+
+ case SEC_OID_ANSIX962_EC_C2TNB431R1:
+ return 431;
+
+ case SEC_OID_SECG_EC_SECP521R1:
+ return 521;
+
+ case SEC_OID_SECG_EC_SECT571K1:
+ case SEC_OID_SECG_EC_SECT571R1:
+ return 571;
+
+ case SEC_OID_CURVE25519:
+ return 255;
+
+ default:
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return 0;
+ }
+}
+
+int
+SECKEY_ECParamsToBasePointOrderLen(const SECItem *encodedParams)
+{
+ SECOidTag tag;
+ SECItem oid = { siBuffer, NULL, 0 };
+
+ /* The encodedParams data contains 0x06 (SEC_ASN1_OBJECT_ID),
+ * followed by the length of the curve oid and the curve oid.
+ */
+ oid.len = encodedParams->data[1];
+ oid.data = encodedParams->data + 2;
+ if ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)
+ return 0;
+
+ switch (tag) {
+ case SEC_OID_SECG_EC_SECP112R1:
+ return 112;
+ case SEC_OID_SECG_EC_SECP112R2:
+ return 110;
+
+ case SEC_OID_SECG_EC_SECT113R1:
+ case SEC_OID_SECG_EC_SECT113R2:
+ return 113;
+
+ case SEC_OID_SECG_EC_SECP128R1:
+ return 128;
+ case SEC_OID_SECG_EC_SECP128R2:
+ return 126;
+
+ case SEC_OID_SECG_EC_SECT131R1:
+ case SEC_OID_SECG_EC_SECT131R2:
+ return 131;
+
+ case SEC_OID_SECG_EC_SECP160K1:
+ case SEC_OID_SECG_EC_SECP160R1:
+ case SEC_OID_SECG_EC_SECP160R2:
+ return 161;
+
+ case SEC_OID_SECG_EC_SECT163K1:
+ return 163;
+ case SEC_OID_SECG_EC_SECT163R1:
+ return 162;
+ case SEC_OID_SECG_EC_SECT163R2:
+ case SEC_OID_ANSIX962_EC_C2PNB163V1:
+ return 163;
+ case SEC_OID_ANSIX962_EC_C2PNB163V2:
+ case SEC_OID_ANSIX962_EC_C2PNB163V3:
+ return 162;
+
+ case SEC_OID_ANSIX962_EC_C2PNB176V1:
+ return 161;
+
+ case SEC_OID_ANSIX962_EC_C2TNB191V1:
+ return 191;
+ case SEC_OID_ANSIX962_EC_C2TNB191V2:
+ return 190;
+ case SEC_OID_ANSIX962_EC_C2TNB191V3:
+ return 189;
+ case SEC_OID_ANSIX962_EC_C2ONB191V4:
+ return 191;
+ case SEC_OID_ANSIX962_EC_C2ONB191V5:
+ return 188;
+
+ case SEC_OID_SECG_EC_SECP192K1:
+ case SEC_OID_ANSIX962_EC_PRIME192V1:
+ case SEC_OID_ANSIX962_EC_PRIME192V2:
+ case SEC_OID_ANSIX962_EC_PRIME192V3:
+ return 192;
+
+ case SEC_OID_SECG_EC_SECT193R1:
+ case SEC_OID_SECG_EC_SECT193R2:
+ return 193;
+
+ case SEC_OID_ANSIX962_EC_C2PNB208W1:
+ return 193;
+
+ case SEC_OID_SECG_EC_SECP224K1:
+ return 225;
+ case SEC_OID_SECG_EC_SECP224R1:
+ return 224;
+
+ case SEC_OID_SECG_EC_SECT233K1:
+ return 232;
+ case SEC_OID_SECG_EC_SECT233R1:
+ return 233;
+
+ case SEC_OID_SECG_EC_SECT239K1:
+ case SEC_OID_ANSIX962_EC_C2TNB239V1:
+ return 238;
+ case SEC_OID_ANSIX962_EC_C2TNB239V2:
+ return 237;
+ case SEC_OID_ANSIX962_EC_C2TNB239V3:
+ return 236;
+ case SEC_OID_ANSIX962_EC_C2ONB239V4:
+ return 238;
+ case SEC_OID_ANSIX962_EC_C2ONB239V5:
+ return 237;
+ case SEC_OID_ANSIX962_EC_PRIME239V1:
+ case SEC_OID_ANSIX962_EC_PRIME239V2:
+ case SEC_OID_ANSIX962_EC_PRIME239V3:
+ return 239;
+
+ case SEC_OID_SECG_EC_SECP256K1:
+ case SEC_OID_ANSIX962_EC_PRIME256V1:
+ return 256;
+
+ case SEC_OID_ANSIX962_EC_C2PNB272W1:
+ return 257;
+
+ case SEC_OID_SECG_EC_SECT283K1:
+ return 281;
+ case SEC_OID_SECG_EC_SECT283R1:
+ return 282;
+
+ case SEC_OID_ANSIX962_EC_C2PNB304W1:
+ return 289;
+
+ case SEC_OID_ANSIX962_EC_C2TNB359V1:
+ return 353;
+
+ case SEC_OID_ANSIX962_EC_C2PNB368W1:
+ return 353;
+
+ case SEC_OID_SECG_EC_SECP384R1:
+ return 384;
+
+ case SEC_OID_SECG_EC_SECT409K1:
+ return 407;
+ case SEC_OID_SECG_EC_SECT409R1:
+ return 409;
+
+ case SEC_OID_ANSIX962_EC_C2TNB431R1:
+ return 418;
+
+ case SEC_OID_SECG_EC_SECP521R1:
+ return 521;
+
+ case SEC_OID_SECG_EC_SECT571K1:
+ case SEC_OID_SECG_EC_SECT571R1:
+ return 570;
+
+ case SEC_OID_CURVE25519:
+ return 255;
+
+ default:
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return 0;
+ }
+}
+
+/* The number of bits in the number from the first non-zero bit onward. */
+unsigned
+SECKEY_BigIntegerBitLength(const SECItem *number)
+{
+ const unsigned char *p;
+ unsigned octets;
+ unsigned bits;
+
+ if (!number || !number->data) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+ }
+
+ p = number->data;
+ octets = number->len;
+ while (octets > 0 && !*p) {
+ ++p;
+ --octets;
+ }
+ if (octets == 0) {
+ return 0;
+ }
+ /* bits = 7..1 because we know at least one bit is set already */
+ /* Note: This could do a binary search, but this is faster for keys if we
+ * assume that good keys will have the MSB set. */
+ for (bits = 7; bits > 0; --bits) {
+ if (*p & (1 << bits)) {
+ break;
+ }
+ }
+ return octets * 8 + bits - 7;
+}
+
+/* returns key strength in bytes (not bits) */
+unsigned
+SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk)
+{
+ return (SECKEY_PublicKeyStrengthInBits(pubk) + 7) / 8;
+}
+
+/* returns key strength in bits */
+unsigned
+SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk)
+{
+ unsigned bitSize = 0;
+
+ if (!pubk) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+ }
+
+ /* interpret modulus length as key strength */
+ switch (pubk->keyType) {
+ case rsaKey:
+ bitSize = SECKEY_BigIntegerBitLength(&pubk->u.rsa.modulus);
+ break;
+ case dsaKey:
+ bitSize = SECKEY_BigIntegerBitLength(&pubk->u.dsa.params.prime);
+ break;
+ case dhKey:
+ bitSize = SECKEY_BigIntegerBitLength(&pubk->u.dh.prime);
+ break;
+ case ecKey:
+ bitSize = SECKEY_ECParamsToKeySize(&pubk->u.ec.DEREncodedParams);
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ break;
+ }
+ return bitSize;
+}
+
+/* returns signature length in bytes (not bits) */
+unsigned
+SECKEY_SignatureLen(const SECKEYPublicKey *pubk)
+{
+ unsigned char b0;
+ unsigned size;
+
+ switch (pubk->keyType) {
+ case rsaKey:
+ b0 = pubk->u.rsa.modulus.data[0];
+ return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
+ case dsaKey:
+ return pubk->u.dsa.params.subPrime.len * 2;
+ case ecKey:
+ /* Get the base point order length in bits and adjust */
+ size = SECKEY_ECParamsToBasePointOrderLen(
+ &pubk->u.ec.DEREncodedParams);
+ return ((size + 7) / 8) * 2;
+ default:
+ break;
+ }
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+}
+
+SECKEYPrivateKey *
+SECKEY_CopyPrivateKey(const SECKEYPrivateKey *privk)
+{
+ SECKEYPrivateKey *copyk;
+ PLArenaPool *arena;
+
+ if (!privk || !privk->pkcs11Slot) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ copyk = (SECKEYPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPrivateKey));
+ if (copyk) {
+ copyk->arena = arena;
+ copyk->keyType = privk->keyType;
+
+ /* copy the PKCS #11 parameters */
+ copyk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot);
+ /* if the key we're referencing was a temparary key we have just
+ * created, that we want to go away when we're through, we need
+ * to make a copy of it */
+ if (privk->pkcs11IsTemp) {
+ copyk->pkcs11ID =
+ PK11_CopyKey(privk->pkcs11Slot, privk->pkcs11ID);
+ if (copyk->pkcs11ID == CK_INVALID_HANDLE)
+ goto fail;
+ } else {
+ copyk->pkcs11ID = privk->pkcs11ID;
+ }
+ copyk->pkcs11IsTemp = privk->pkcs11IsTemp;
+ copyk->wincx = privk->wincx;
+ copyk->staticflags = privk->staticflags;
+ return copyk;
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+fail:
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+SECKEYPublicKey *
+SECKEY_CopyPublicKey(const SECKEYPublicKey *pubk)
+{
+ SECKEYPublicKey *copyk;
+ PLArenaPool *arena;
+ SECStatus rv = SECSuccess;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ copyk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
+ if (!copyk) {
+ PORT_FreeArena(arena, PR_FALSE);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ copyk->arena = arena;
+ copyk->keyType = pubk->keyType;
+ if (pubk->pkcs11Slot &&
+ PK11_IsPermObject(pubk->pkcs11Slot, pubk->pkcs11ID)) {
+ copyk->pkcs11Slot = PK11_ReferenceSlot(pubk->pkcs11Slot);
+ copyk->pkcs11ID = pubk->pkcs11ID;
+ } else {
+ copyk->pkcs11Slot = NULL; /* go get own reference */
+ copyk->pkcs11ID = CK_INVALID_HANDLE;
+ }
+ switch (pubk->keyType) {
+ case rsaKey:
+ rv = SECITEM_CopyItem(arena, &copyk->u.rsa.modulus,
+ &pubk->u.rsa.modulus);
+ if (rv == SECSuccess) {
+ rv = SECITEM_CopyItem(arena, &copyk->u.rsa.publicExponent,
+ &pubk->u.rsa.publicExponent);
+ if (rv == SECSuccess)
+ return copyk;
+ }
+ break;
+ case dsaKey:
+ rv = SECITEM_CopyItem(arena, &copyk->u.dsa.publicValue,
+ &pubk->u.dsa.publicValue);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.prime,
+ &pubk->u.dsa.params.prime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.subPrime,
+ &pubk->u.dsa.params.subPrime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.base,
+ &pubk->u.dsa.params.base);
+ break;
+ case dhKey:
+ rv = SECITEM_CopyItem(arena, &copyk->u.dh.prime, &pubk->u.dh.prime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &copyk->u.dh.base, &pubk->u.dh.base);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &copyk->u.dh.publicValue,
+ &pubk->u.dh.publicValue);
+ break;
+ case ecKey:
+ copyk->u.ec.size = pubk->u.ec.size;
+ rv = seckey_HasCurveOID(pubk);
+ if (rv != SECSuccess) {
+ break;
+ }
+ rv = SECITEM_CopyItem(arena, &copyk->u.ec.DEREncodedParams,
+ &pubk->u.ec.DEREncodedParams);
+ if (rv != SECSuccess) {
+ break;
+ }
+ copyk->u.ec.encoding = ECPoint_Undefined;
+ rv = SECITEM_CopyItem(arena, &copyk->u.ec.publicValue,
+ &pubk->u.ec.publicValue);
+ break;
+ case nullKey:
+ return copyk;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ rv = SECFailure;
+ break;
+ }
+ if (rv == SECSuccess)
+ return copyk;
+
+ SECKEY_DestroyPublicKey(copyk);
+ return NULL;
+}
+
+SECKEYPublicKey *
+SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk)
+{
+ SECKEYPublicKey *pubk;
+ PLArenaPool *arena;
+ CERTCertificate *cert;
+ SECStatus rv;
+
+ /*
+ * First try to look up the cert.
+ */
+ cert = PK11_GetCertFromPrivateKey(privk);
+ if (cert) {
+ pubk = CERT_ExtractPublicKey(cert);
+ CERT_DestroyCertificate(cert);
+ return pubk;
+ }
+
+ /* couldn't find the cert, build pub key by hand */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ pubk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(SECKEYPublicKey));
+ if (pubk == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ pubk->keyType = privk->keyType;
+ pubk->pkcs11Slot = NULL;
+ pubk->pkcs11ID = CK_INVALID_HANDLE;
+ pubk->arena = arena;
+
+ switch (privk->keyType) {
+ case nullKey:
+ case dhKey:
+ case dsaKey:
+ /* Nothing to query, if the cert isn't there, we're done -- no way
+ * to get the public key */
+ break;
+ case rsaKey:
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
+ CKA_MODULUS, arena, &pubk->u.rsa.modulus);
+ if (rv != SECSuccess)
+ break;
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
+ CKA_PUBLIC_EXPONENT, arena, &pubk->u.rsa.publicExponent);
+ if (rv != SECSuccess)
+ break;
+ return pubk;
+ break;
+ default:
+ break;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+static CERTSubjectPublicKeyInfo *
+seckey_CreateSubjectPublicKeyInfo_helper(SECKEYPublicKey *pubk)
+{
+ CERTSubjectPublicKeyInfo *spki;
+ PLArenaPool *arena;
+ SECItem params = { siBuffer, NULL, 0 };
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ spki = (CERTSubjectPublicKeyInfo *)PORT_ArenaZAlloc(arena, sizeof(*spki));
+ if (spki != NULL) {
+ SECStatus rv;
+ SECItem *rv_item;
+
+ spki->arena = arena;
+ switch (pubk->keyType) {
+ case rsaKey:
+ rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
+ SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
+ if (rv == SECSuccess) {
+ /*
+ * DER encode the public key into the subjectPublicKeyInfo.
+ */
+ prepare_rsa_pub_key_for_asn1(pubk);
+ rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
+ pubk, SECKEY_RSAPublicKeyTemplate);
+ if (rv_item != NULL) {
+ /*
+ * The stored value is supposed to be a BIT_STRING,
+ * so convert the length.
+ */
+ spki->subjectPublicKey.len <<= 3;
+ /*
+ * We got a good one; return it.
+ */
+ return spki;
+ }
+ }
+ break;
+ case dsaKey:
+ /* DER encode the params. */
+ prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
+ rv_item = SEC_ASN1EncodeItem(arena, &params, &pubk->u.dsa.params,
+ SECKEY_PQGParamsTemplate);
+ if (rv_item != NULL) {
+ rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
+ SEC_OID_ANSIX9_DSA_SIGNATURE,
+ &params);
+ if (rv == SECSuccess) {
+ /*
+ * DER encode the public key into the subjectPublicKeyInfo.
+ */
+ prepare_dsa_pub_key_for_asn1(pubk);
+ rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
+ pubk,
+ SECKEY_DSAPublicKeyTemplate);
+ if (rv_item != NULL) {
+ /*
+ * The stored value is supposed to be a BIT_STRING,
+ * so convert the length.
+ */
+ spki->subjectPublicKey.len <<= 3;
+ /*
+ * We got a good one; return it.
+ */
+ return spki;
+ }
+ }
+ }
+ SECITEM_FreeItem(&params, PR_FALSE);
+ break;
+ case ecKey:
+ rv = SECITEM_CopyItem(arena, &params,
+ &pubk->u.ec.DEREncodedParams);
+ if (rv != SECSuccess)
+ break;
+
+ rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
+ SEC_OID_ANSIX962_EC_PUBLIC_KEY,
+ &params);
+ if (rv != SECSuccess)
+ break;
+
+ rv = SECITEM_CopyItem(arena, &spki->subjectPublicKey,
+ &pubk->u.ec.publicValue);
+
+ if (rv == SECSuccess) {
+ /*
+ * The stored value is supposed to be a BIT_STRING,
+ * so convert the length.
+ */
+ spki->subjectPublicKey.len <<= 3;
+ /*
+ * We got a good one; return it.
+ */
+ return spki;
+ }
+ break;
+ case dhKey: /* later... */
+
+ break;
+ default:
+ break;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+CERTSubjectPublicKeyInfo *
+SECKEY_CreateSubjectPublicKeyInfo(const SECKEYPublicKey *pubk)
+{
+ CERTSubjectPublicKeyInfo *spki;
+ SECKEYPublicKey *tempKey;
+
+ if (!pubk) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ tempKey = SECKEY_CopyPublicKey(pubk);
+ if (!tempKey) {
+ return NULL;
+ }
+ spki = seckey_CreateSubjectPublicKeyInfo_helper(tempKey);
+ SECKEY_DestroyPublicKey(tempKey);
+ return spki;
+}
+
+void
+SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki)
+{
+ if (spki && spki->arena) {
+ PORT_FreeArena(spki->arena, PR_FALSE);
+ }
+}
+
+SECItem *
+SECKEY_EncodeDERSubjectPublicKeyInfo(const SECKEYPublicKey *pubk)
+{
+ CERTSubjectPublicKeyInfo *spki = NULL;
+ SECItem *spkiDER = NULL;
+
+ /* get the subjectpublickeyinfo */
+ spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
+ if (spki == NULL) {
+ goto finish;
+ }
+
+ /* DER-encode the subjectpublickeyinfo */
+ spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL /*dest*/, spki,
+ CERT_SubjectPublicKeyInfoTemplate);
+
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+
+finish:
+ return spkiDER;
+}
+
+CERTSubjectPublicKeyInfo *
+SECKEY_DecodeDERSubjectPublicKeyInfo(const SECItem *spkider)
+{
+ PLArenaPool *arena;
+ CERTSubjectPublicKeyInfo *spki;
+ SECStatus rv;
+ SECItem newSpkider;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ spki = (CERTSubjectPublicKeyInfo *)
+ PORT_ArenaZAlloc(arena, sizeof(CERTSubjectPublicKeyInfo));
+ if (spki != NULL) {
+ spki->arena = arena;
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newSpkider, spkider);
+ if (rv == SECSuccess) {
+ rv = SEC_QuickDERDecodeItem(arena, spki,
+ CERT_SubjectPublicKeyInfoTemplate, &newSpkider);
+ }
+ if (rv == SECSuccess)
+ return spki;
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+/*
+ * Decode a base64 ascii encoded DER encoded subject public key info.
+ */
+CERTSubjectPublicKeyInfo *
+SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(const char *spkistr)
+{
+ CERTSubjectPublicKeyInfo *spki;
+ SECStatus rv;
+ SECItem der;
+
+ rv = ATOB_ConvertAsciiToItem(&der, spkistr);
+ if (rv != SECSuccess)
+ return NULL;
+
+ spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
+
+ PORT_Free(der.data);
+ return spki;
+}
+
+/*
+ * Decode a base64 ascii encoded DER encoded public key and challenge
+ * Verify digital signature and make sure challenge matches
+ */
+CERTSubjectPublicKeyInfo *
+SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
+ void *wincx)
+{
+ CERTSubjectPublicKeyInfo *spki = NULL;
+ CERTPublicKeyAndChallenge pkac;
+ SECStatus rv;
+ SECItem signedItem;
+ PLArenaPool *arena = NULL;
+ CERTSignedData sd;
+ SECItem sig;
+ SECKEYPublicKey *pubKey = NULL;
+ unsigned int len;
+
+ signedItem.data = NULL;
+
+ /* convert the base64 encoded data to binary */
+ rv = ATOB_ConvertAsciiToItem(&signedItem, pkacstr);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* create an arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ /* decode the outer wrapping of signed data */
+ PORT_Memset(&sd, 0, sizeof(CERTSignedData));
+ rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, &signedItem);
+ if (rv) {
+ goto loser;
+ }
+
+ /* decode the public key and challenge wrapper */
+ PORT_Memset(&pkac, 0, sizeof(CERTPublicKeyAndChallenge));
+ rv = SEC_QuickDERDecodeItem(arena, &pkac, CERT_PublicKeyAndChallengeTemplate,
+ &sd.data);
+ if (rv) {
+ goto loser;
+ }
+
+ /* decode the subject public key info */
+ spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&pkac.spki);
+ if (spki == NULL) {
+ goto loser;
+ }
+
+ /* get the public key */
+ pubKey = seckey_ExtractPublicKey(spki);
+ if (pubKey == NULL) {
+ goto loser;
+ }
+
+ /* check the signature */
+ sig = sd.signature;
+ DER_ConvertBitString(&sig);
+ rv = VFY_VerifyDataWithAlgorithmID(sd.data.data, sd.data.len, pubKey, &sig,
+ &(sd.signatureAlgorithm), NULL, wincx);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* check the challenge */
+ if (challenge) {
+ len = PORT_Strlen(challenge);
+ /* length is right */
+ if (len != pkac.challenge.len) {
+ goto loser;
+ }
+ /* actual data is right */
+ if (PORT_Memcmp(challenge, pkac.challenge.data, len) != 0) {
+ goto loser;
+ }
+ }
+ goto done;
+
+loser:
+ /* make sure that we return null if we got an error */
+ if (spki) {
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ }
+ spki = NULL;
+
+done:
+ if (signedItem.data) {
+ PORT_Free(signedItem.data);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ if (pubKey) {
+ SECKEY_DestroyPublicKey(pubKey);
+ }
+
+ return spki;
+}
+
+void
+SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk,
+ PRBool freeit)
+{
+ PLArenaPool *poolp;
+
+ if (pvk != NULL) {
+ if (pvk->arena) {
+ poolp = pvk->arena;
+ /* zero structure since PORT_FreeArena does not support
+ * this yet.
+ */
+ PORT_Memset(pvk->privateKey.data, 0, pvk->privateKey.len);
+ PORT_Memset(pvk, 0, sizeof(*pvk));
+ if (freeit == PR_TRUE) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ } else {
+ pvk->arena = poolp;
+ }
+ } else {
+ SECITEM_ZfreeItem(&pvk->version, PR_FALSE);
+ SECITEM_ZfreeItem(&pvk->privateKey, PR_FALSE);
+ SECOID_DestroyAlgorithmID(&pvk->algorithm, PR_FALSE);
+ PORT_Memset(pvk, 0, sizeof(*pvk));
+ if (freeit == PR_TRUE) {
+ PORT_Free(pvk);
+ }
+ }
+ }
+}
+
+void
+SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
+ PRBool freeit)
+{
+ PLArenaPool *poolp;
+
+ if (epki != NULL) {
+ if (epki->arena) {
+ poolp = epki->arena;
+ /* zero structure since PORT_FreeArena does not support
+ * this yet.
+ */
+ PORT_Memset(epki->encryptedData.data, 0, epki->encryptedData.len);
+ PORT_Memset(epki, 0, sizeof(*epki));
+ if (freeit == PR_TRUE) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ } else {
+ epki->arena = poolp;
+ }
+ } else {
+ SECITEM_ZfreeItem(&epki->encryptedData, PR_FALSE);
+ SECOID_DestroyAlgorithmID(&epki->algorithm, PR_FALSE);
+ PORT_Memset(epki, 0, sizeof(*epki));
+ if (freeit == PR_TRUE) {
+ PORT_Free(epki);
+ }
+ }
+ }
+}
+
+SECStatus
+SECKEY_CopyPrivateKeyInfo(PLArenaPool *poolp,
+ SECKEYPrivateKeyInfo *to,
+ const SECKEYPrivateKeyInfo *from)
+{
+ SECStatus rv = SECFailure;
+
+ if ((to == NULL) || (from == NULL)) {
+ return SECFailure;
+ }
+
+ rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = SECITEM_CopyItem(poolp, &to->privateKey, &from->privateKey);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = SECITEM_CopyItem(poolp, &to->version, &from->version);
+
+ return rv;
+}
+
+SECStatus
+SECKEY_CopyEncryptedPrivateKeyInfo(PLArenaPool *poolp,
+ SECKEYEncryptedPrivateKeyInfo *to,
+ const SECKEYEncryptedPrivateKeyInfo *from)
+{
+ SECStatus rv = SECFailure;
+
+ if ((to == NULL) || (from == NULL)) {
+ return SECFailure;
+ }
+
+ rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = SECITEM_CopyItem(poolp, &to->encryptedData, &from->encryptedData);
+
+ return rv;
+}
+
+KeyType
+SECKEY_GetPrivateKeyType(const SECKEYPrivateKey *privKey)
+{
+ return privKey->keyType;
+}
+
+KeyType
+SECKEY_GetPublicKeyType(const SECKEYPublicKey *pubKey)
+{
+ return pubKey->keyType;
+}
+
+SECKEYPublicKey *
+SECKEY_ImportDERPublicKey(const SECItem *derKey, CK_KEY_TYPE type)
+{
+ SECKEYPublicKey *pubk = NULL;
+ SECStatus rv = SECFailure;
+ SECItem newDerKey;
+ PLArenaPool *arena = NULL;
+
+ if (!derKey) {
+ return NULL;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto finish;
+ }
+
+ pubk = PORT_ArenaZNew(arena, SECKEYPublicKey);
+ if (pubk == NULL) {
+ goto finish;
+ }
+ pubk->arena = arena;
+
+ rv = SECITEM_CopyItem(pubk->arena, &newDerKey, derKey);
+ if (SECSuccess != rv) {
+ goto finish;
+ }
+
+ pubk->pkcs11Slot = NULL;
+ pubk->pkcs11ID = CK_INVALID_HANDLE;
+
+ switch (type) {
+ case CKK_RSA:
+ prepare_rsa_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(pubk->arena, pubk, SECKEY_RSAPublicKeyTemplate, &newDerKey);
+ pubk->keyType = rsaKey;
+ break;
+ case CKK_DSA:
+ prepare_dsa_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(pubk->arena, pubk, SECKEY_DSAPublicKeyTemplate, &newDerKey);
+ pubk->keyType = dsaKey;
+ break;
+ case CKK_DH:
+ prepare_dh_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(pubk->arena, pubk, SECKEY_DHPublicKeyTemplate, &newDerKey);
+ pubk->keyType = dhKey;
+ break;
+ default:
+ rv = SECFailure;
+ break;
+ }
+
+finish:
+ if (rv != SECSuccess) {
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ pubk = NULL;
+ }
+ return pubk;
+}
+
+SECKEYPrivateKeyList *
+SECKEY_NewPrivateKeyList(void)
+{
+ PLArenaPool *arena = NULL;
+ SECKEYPrivateKeyList *ret = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ ret = (SECKEYPrivateKeyList *)PORT_ArenaZAlloc(arena,
+ sizeof(SECKEYPrivateKeyList));
+ if (ret == NULL) {
+ goto loser;
+ }
+
+ ret->arena = arena;
+
+ PR_INIT_CLIST(&ret->list);
+
+ return (ret);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+void
+SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys)
+{
+ while (!PR_CLIST_IS_EMPTY(&keys->list)) {
+ SECKEY_RemovePrivateKeyListNode(
+ (SECKEYPrivateKeyListNode *)(PR_LIST_HEAD(&keys->list)));
+ }
+
+ PORT_FreeArena(keys->arena, PR_FALSE);
+
+ return;
+}
+
+void
+SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node)
+{
+ PR_ASSERT(node->key);
+ SECKEY_DestroyPrivateKey(node->key);
+ node->key = NULL;
+ PR_REMOVE_LINK(&node->links);
+ return;
+}
+
+SECStatus
+SECKEY_AddPrivateKeyToListTail(SECKEYPrivateKeyList *list,
+ SECKEYPrivateKey *key)
+{
+ SECKEYPrivateKeyListNode *node;
+
+ node = (SECKEYPrivateKeyListNode *)PORT_ArenaZAlloc(list->arena,
+ sizeof(SECKEYPrivateKeyListNode));
+ if (node == NULL) {
+ goto loser;
+ }
+
+ PR_INSERT_BEFORE(&node->links, &list->list);
+ node->key = key;
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+SECKEYPublicKeyList *
+SECKEY_NewPublicKeyList(void)
+{
+ PLArenaPool *arena = NULL;
+ SECKEYPublicKeyList *ret = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ ret = (SECKEYPublicKeyList *)PORT_ArenaZAlloc(arena,
+ sizeof(SECKEYPublicKeyList));
+ if (ret == NULL) {
+ goto loser;
+ }
+
+ ret->arena = arena;
+
+ PR_INIT_CLIST(&ret->list);
+
+ return (ret);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+void
+SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys)
+{
+ while (!PR_CLIST_IS_EMPTY(&keys->list)) {
+ SECKEY_RemovePublicKeyListNode(
+ (SECKEYPublicKeyListNode *)(PR_LIST_HEAD(&keys->list)));
+ }
+
+ PORT_FreeArena(keys->arena, PR_FALSE);
+
+ return;
+}
+
+void
+SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node)
+{
+ PR_ASSERT(node->key);
+ SECKEY_DestroyPublicKey(node->key);
+ node->key = NULL;
+ PR_REMOVE_LINK(&node->links);
+ return;
+}
+
+SECStatus
+SECKEY_AddPublicKeyToListTail(SECKEYPublicKeyList *list,
+ SECKEYPublicKey *key)
+{
+ SECKEYPublicKeyListNode *node;
+
+ node = (SECKEYPublicKeyListNode *)PORT_ArenaZAlloc(list->arena,
+ sizeof(SECKEYPublicKeyListNode));
+ if (node == NULL) {
+ goto loser;
+ }
+
+ PR_INSERT_BEFORE(&node->links, &list->list);
+ node->key = key;
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+#define SECKEY_CacheAttribute(key, attribute) \
+ if (CK_TRUE == PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, PR_FALSE)) { \
+ key->staticflags |= SECKEY_##attribute; \
+ } else { \
+ key->staticflags &= (~SECKEY_##attribute); \
+ }
+
+SECStatus
+SECKEY_CacheStaticFlags(SECKEYPrivateKey *key)
+{
+ SECStatus rv = SECFailure;
+ if (key && key->pkcs11Slot && key->pkcs11ID) {
+ key->staticflags |= SECKEY_Attributes_Cached;
+ SECKEY_CacheAttribute(key, CKA_PRIVATE);
+ SECKEY_CacheAttribute(key, CKA_ALWAYS_AUTHENTICATE);
+ rv = SECSuccess;
+ }
+ return rv;
+}
+
+SECOidTag
+SECKEY_GetECCOid(const SECKEYECParams *params)
+{
+ SECItem oid = { siBuffer, NULL, 0 };
+ SECOidData *oidData = NULL;
+
+ /*
+ * params->data needs to contain the ASN encoding of an object ID (OID)
+ * representing a named curve. Here, we strip away everything
+ * before the actual OID and use the OID to look up a named curve.
+ */
+ if (params->data[0] != SEC_ASN1_OBJECT_ID)
+ return 0;
+ oid.len = params->len - 2;
+ oid.data = params->data + 2;
+ if ((oidData = SECOID_FindOID(&oid)) == NULL)
+ return 0;
+
+ return oidData->offset;
+}
diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c
new file mode 100644
index 000000000..1bbdd5384
--- /dev/null
+++ b/security/nss/lib/cryptohi/secsign.c
@@ -0,0 +1,510 @@
+/*
+ * Signature stuff.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include "cryptohi.h"
+#include "sechash.h"
+#include "secder.h"
+#include "keyhi.h"
+#include "secoid.h"
+#include "secdig.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "keyi.h"
+
+struct SGNContextStr {
+ SECOidTag signalg;
+ SECOidTag hashalg;
+ void *hashcx;
+ const SECHashObject *hashobj;
+ SECKEYPrivateKey *key;
+};
+
+SGNContext *
+SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *key)
+{
+ SGNContext *cx;
+ SECOidTag hashalg, signalg;
+ KeyType keyType;
+ SECStatus rv;
+
+ /* OK, map a PKCS #7 hash and encrypt algorithm into
+ * a standard hashing algorithm. Why did we pass in the whole
+ * PKCS #7 algTag if we were just going to change here you might
+ * ask. Well the answer is for some cards we may have to do the
+ * hashing on card. It may not support CKM_RSA_PKCS sign algorithm,
+ * it may just support CKM_SHA1_RSA_PKCS and/or CKM_MD5_RSA_PKCS.
+ */
+ /* we have a private key, not a public key, so don't pass it in */
+ rv = sec_DecodeSigAlg(NULL, alg, NULL, &signalg, &hashalg);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return 0;
+ }
+ keyType = seckey_GetKeyType(signalg);
+
+ /* verify our key type */
+ if (key->keyType != keyType &&
+ !((key->keyType == dsaKey) && (keyType == fortezzaKey))) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return 0;
+ }
+
+ cx = (SGNContext *)PORT_ZAlloc(sizeof(SGNContext));
+ if (cx) {
+ cx->hashalg = hashalg;
+ cx->signalg = signalg;
+ cx->key = key;
+ }
+ return cx;
+}
+
+void
+SGN_DestroyContext(SGNContext *cx, PRBool freeit)
+{
+ if (cx) {
+ if (cx->hashcx != NULL) {
+ (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
+ cx->hashcx = NULL;
+ }
+ if (freeit) {
+ PORT_ZFree(cx, sizeof(SGNContext));
+ }
+ }
+}
+
+SECStatus
+SGN_Begin(SGNContext *cx)
+{
+ if (cx->hashcx != NULL) {
+ (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
+ cx->hashcx = NULL;
+ }
+
+ cx->hashobj = HASH_GetHashObjectByOidTag(cx->hashalg);
+ if (!cx->hashobj)
+ return SECFailure; /* error code is already set */
+
+ cx->hashcx = (*cx->hashobj->create)();
+ if (cx->hashcx == NULL)
+ return SECFailure;
+
+ (*cx->hashobj->begin)(cx->hashcx);
+ return SECSuccess;
+}
+
+SECStatus
+SGN_Update(SGNContext *cx, const unsigned char *input, unsigned int inputLen)
+{
+ if (cx->hashcx == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ (*cx->hashobj->update)(cx->hashcx, input, inputLen);
+ return SECSuccess;
+}
+
+/* XXX Old template; want to expunge it eventually. */
+static DERTemplate SECAlgorithmIDTemplate[] = {
+ { DER_SEQUENCE,
+ 0, NULL, sizeof(SECAlgorithmID) },
+ { DER_OBJECT_ID,
+ offsetof(SECAlgorithmID, algorithm) },
+ { DER_OPTIONAL | DER_ANY,
+ offsetof(SECAlgorithmID, parameters) },
+ { 0 }
+};
+
+/*
+ * XXX OLD Template. Once all uses have been switched over to new one,
+ * remove this.
+ */
+static DERTemplate SGNDigestInfoTemplate[] = {
+ { DER_SEQUENCE,
+ 0, NULL, sizeof(SGNDigestInfo) },
+ { DER_INLINE,
+ offsetof(SGNDigestInfo, digestAlgorithm),
+ SECAlgorithmIDTemplate },
+ { DER_OCTET_STRING,
+ offsetof(SGNDigestInfo, digest) },
+ { 0 }
+};
+
+SECStatus
+SGN_End(SGNContext *cx, SECItem *result)
+{
+ unsigned char digest[HASH_LENGTH_MAX];
+ unsigned part1;
+ int signatureLen;
+ SECStatus rv;
+ SECItem digder, sigitem;
+ PLArenaPool *arena = 0;
+ SECKEYPrivateKey *privKey = cx->key;
+ SGNDigestInfo *di = 0;
+
+ result->data = 0;
+ digder.data = 0;
+
+ /* Finish up digest function */
+ if (cx->hashcx == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ (*cx->hashobj->end)(cx->hashcx, digest, &part1, sizeof(digest));
+
+ if (privKey->keyType == rsaKey) {
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Construct digest info */
+ di = SGN_CreateDigestInfo(cx->hashalg, digest, part1);
+ if (!di) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Der encode the digest as a DigestInfo */
+ rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate,
+ di);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ digder.data = digest;
+ digder.len = part1;
+ }
+
+ /*
+ ** Encrypt signature after constructing appropriate PKCS#1 signature
+ ** block
+ */
+ signatureLen = PK11_SignatureLen(privKey);
+ if (signatureLen <= 0) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ rv = SECFailure;
+ goto loser;
+ }
+ sigitem.len = signatureLen;
+ sigitem.data = (unsigned char *)PORT_Alloc(signatureLen);
+
+ if (sigitem.data == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = PK11_Sign(privKey, &sigitem, &digder);
+ if (rv != SECSuccess) {
+ PORT_Free(sigitem.data);
+ sigitem.data = NULL;
+ goto loser;
+ }
+
+ if ((cx->signalg == SEC_OID_ANSIX9_DSA_SIGNATURE) ||
+ (cx->signalg == SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
+ /* DSAU_EncodeDerSigWithLen works for DSA and ECDSA */
+ rv = DSAU_EncodeDerSigWithLen(result, &sigitem, sigitem.len);
+ PORT_Free(sigitem.data);
+ if (rv != SECSuccess)
+ goto loser;
+ } else {
+ result->len = sigitem.len;
+ result->data = sigitem.data;
+ }
+
+loser:
+ SGN_DestroyDigestInfo(di);
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/************************************************************************/
+
+/*
+** Sign a block of data returning in result a bunch of bytes that are the
+** signature. Returns zero on success, an error code on failure.
+*/
+SECStatus
+SEC_SignData(SECItem *res, const unsigned char *buf, int len,
+ SECKEYPrivateKey *pk, SECOidTag algid)
+{
+ SECStatus rv;
+ SGNContext *sgn;
+
+ sgn = SGN_NewContext(algid, pk);
+
+ if (sgn == NULL)
+ return SECFailure;
+
+ rv = SGN_Begin(sgn);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = SGN_Update(sgn, buf, len);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = SGN_End(sgn, res);
+
+loser:
+ SGN_DestroyContext(sgn, PR_TRUE);
+ return rv;
+}
+
+/************************************************************************/
+
+DERTemplate CERTSignedDataTemplate[] =
+ {
+ { DER_SEQUENCE,
+ 0, NULL, sizeof(CERTSignedData) },
+ { DER_ANY,
+ offsetof(CERTSignedData, data) },
+ { DER_INLINE,
+ offsetof(CERTSignedData, signatureAlgorithm),
+ SECAlgorithmIDTemplate },
+ { DER_BIT_STRING,
+ offsetof(CERTSignedData, signature) },
+ { 0 }
+ };
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+const SEC_ASN1Template CERT_SignedDataTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTSignedData) },
+ { SEC_ASN1_ANY,
+ offsetof(CERTSignedData, data) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(CERTSignedData, signatureAlgorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(CERTSignedData, signature) },
+ { 0 }
+ };
+
+SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedDataTemplate)
+
+SECStatus
+SEC_DerSignData(PLArenaPool *arena, SECItem *result,
+ const unsigned char *buf, int len, SECKEYPrivateKey *pk,
+ SECOidTag algID)
+{
+ SECItem it;
+ CERTSignedData sd;
+ SECStatus rv;
+
+ it.data = 0;
+
+ /* XXX We should probably have some asserts here to make sure the key type
+ * and algID match
+ */
+
+ if (algID == SEC_OID_UNKNOWN) {
+ switch (pk->keyType) {
+ case rsaKey:
+ algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
+ break;
+ case dsaKey:
+ /* get Signature length (= q_len*2) and work from there */
+ switch (PK11_SignatureLen(pk)) {
+ case 448:
+ algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
+ break;
+ case 512:
+ algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
+ break;
+ default:
+ algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
+ break;
+ }
+ break;
+ case ecKey:
+ algID = SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+ }
+
+ /* Sign input buffer */
+ rv = SEC_SignData(&it, buf, len, pk, algID);
+ if (rv)
+ goto loser;
+
+ /* Fill out SignedData object */
+ PORT_Memset(&sd, 0, sizeof(sd));
+ sd.data.data = (unsigned char *)buf;
+ sd.data.len = len;
+ sd.signature.data = it.data;
+ sd.signature.len = it.len << 3; /* convert to bit string */
+ rv = SECOID_SetAlgorithmID(arena, &sd.signatureAlgorithm, algID, 0);
+ if (rv)
+ goto loser;
+
+ /* DER encode the signed data object */
+ rv = DER_Encode(arena, result, CERTSignedDataTemplate, &sd);
+/* FALL THROUGH */
+
+loser:
+ PORT_Free(it.data);
+ return rv;
+}
+
+SECStatus
+SGN_Digest(SECKEYPrivateKey *privKey,
+ SECOidTag algtag, SECItem *result, SECItem *digest)
+{
+ int modulusLen;
+ SECStatus rv;
+ SECItem digder;
+ PLArenaPool *arena = 0;
+ SGNDigestInfo *di = 0;
+
+ result->data = 0;
+
+ if (privKey->keyType == rsaKey) {
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Construct digest info */
+ di = SGN_CreateDigestInfo(algtag, digest->data, digest->len);
+ if (!di) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Der encode the digest as a DigestInfo */
+ rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate,
+ di);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ digder.data = digest->data;
+ digder.len = digest->len;
+ }
+
+ /*
+ ** Encrypt signature after constructing appropriate PKCS#1 signature
+ ** block
+ */
+ modulusLen = PK11_SignatureLen(privKey);
+ if (modulusLen <= 0) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ rv = SECFailure;
+ goto loser;
+ }
+ result->len = modulusLen;
+ result->data = (unsigned char *)PORT_Alloc(modulusLen);
+ result->type = siBuffer;
+
+ if (result->data == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = PK11_Sign(privKey, result, &digder);
+ if (rv != SECSuccess) {
+ PORT_Free(result->data);
+ result->data = NULL;
+ }
+
+loser:
+ SGN_DestroyDigestInfo(di);
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+SECOidTag
+SEC_GetSignatureAlgorithmOidTag(KeyType keyType, SECOidTag hashAlgTag)
+{
+ SECOidTag sigTag = SEC_OID_UNKNOWN;
+
+ switch (keyType) {
+ case rsaKey:
+ switch (hashAlgTag) {
+ case SEC_OID_MD2:
+ sigTag = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_MD5:
+ sigTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_SHA1:
+ sigTag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_SHA224:
+ sigTag = SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_UNKNOWN: /* default for RSA if not specified */
+ case SEC_OID_SHA256:
+ sigTag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_SHA384:
+ sigTag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_SHA512:
+ sigTag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
+ break;
+ default:
+ break;
+ }
+ break;
+ case dsaKey:
+ switch (hashAlgTag) {
+ case SEC_OID_UNKNOWN: /* default for DSA if not specified */
+ case SEC_OID_SHA1:
+ sigTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
+ break;
+ case SEC_OID_SHA224:
+ sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
+ break;
+ case SEC_OID_SHA256:
+ sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
+ break;
+ default:
+ break;
+ }
+ break;
+ case ecKey:
+ switch (hashAlgTag) {
+ case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
+ case SEC_OID_SHA1:
+ sigTag = SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE;
+ break;
+ case SEC_OID_SHA224:
+ sigTag = SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE;
+ break;
+ case SEC_OID_SHA256:
+ sigTag = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE;
+ break;
+ case SEC_OID_SHA384:
+ sigTag = SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE;
+ break;
+ case SEC_OID_SHA512:
+ sigTag = SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE;
+ break;
+ default:
+ break;
+ }
+ default:
+ break;
+ }
+ return sigTag;
+}
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c
new file mode 100644
index 000000000..2ac21abd4
--- /dev/null
+++ b/security/nss/lib/cryptohi/secvfy.c
@@ -0,0 +1,781 @@
+/*
+ * Verification stuff.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include "cryptohi.h"
+#include "sechash.h"
+#include "keyhi.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "pkcs1sig.h"
+#include "secdig.h"
+#include "secerr.h"
+#include "keyi.h"
+
+/*
+** Recover the DigestInfo from an RSA PKCS#1 signature.
+**
+** If givenDigestAlg != SEC_OID_UNKNOWN, copy givenDigestAlg to digestAlgOut.
+** Otherwise, parse the DigestInfo structure and store the decoded digest
+** algorithm into digestAlgOut.
+**
+** Store the encoded DigestInfo into digestInfo.
+** Store the DigestInfo length into digestInfoLen.
+**
+** This function does *not* verify that the AlgorithmIdentifier in the
+** DigestInfo identifies givenDigestAlg or that the DigestInfo is encoded
+** correctly; verifyPKCS1DigestInfo does that.
+**
+** XXX this is assuming that the signature algorithm has WITH_RSA_ENCRYPTION
+*/
+static SECStatus
+recoverPKCS1DigestInfo(SECOidTag givenDigestAlg,
+ /*out*/ SECOidTag *digestAlgOut,
+ /*out*/ unsigned char **digestInfo,
+ /*out*/ unsigned int *digestInfoLen,
+ SECKEYPublicKey *key,
+ const SECItem *sig, void *wincx)
+{
+ SGNDigestInfo *di = NULL;
+ SECItem it;
+ PRBool rv = SECSuccess;
+
+ PORT_Assert(digestAlgOut);
+ PORT_Assert(digestInfo);
+ PORT_Assert(digestInfoLen);
+ PORT_Assert(key);
+ PORT_Assert(key->keyType == rsaKey);
+ PORT_Assert(sig);
+
+ it.data = NULL;
+ it.len = SECKEY_PublicKeyStrength(key);
+ if (it.len != 0) {
+ it.data = (unsigned char *)PORT_Alloc(it.len);
+ }
+ if (it.len == 0 || it.data == NULL) {
+ rv = SECFailure;
+ }
+
+ if (rv == SECSuccess) {
+ /* decrypt the block */
+ rv = PK11_VerifyRecover(key, sig, &it, wincx);
+ }
+
+ if (rv == SECSuccess) {
+ if (givenDigestAlg != SEC_OID_UNKNOWN) {
+ /* We don't need to parse the DigestInfo if the caller gave us the
+ * digest algorithm to use. Later verifyPKCS1DigestInfo will verify
+ * that the DigestInfo identifies the given digest algorithm and
+ * that the DigestInfo is encoded absolutely correctly.
+ */
+ *digestInfoLen = it.len;
+ *digestInfo = (unsigned char *)it.data;
+ *digestAlgOut = givenDigestAlg;
+ return SECSuccess;
+ }
+ }
+
+ if (rv == SECSuccess) {
+ /* The caller didn't specify a digest algorithm to use, so choose the
+ * digest algorithm by parsing the AlgorithmIdentifier within the
+ * DigestInfo.
+ */
+ di = SGN_DecodeDigestInfo(&it);
+ if (!di) {
+ rv = SECFailure;
+ }
+ }
+
+ if (rv == SECSuccess) {
+ *digestAlgOut = SECOID_GetAlgorithmTag(&di->digestAlgorithm);
+ if (*digestAlgOut == SEC_OID_UNKNOWN) {
+ rv = SECFailure;
+ }
+ }
+
+ if (di) {
+ SGN_DestroyDigestInfo(di);
+ }
+
+ if (rv == SECSuccess) {
+ *digestInfoLen = it.len;
+ *digestInfo = (unsigned char *)it.data;
+ } else {
+ if (it.data) {
+ PORT_Free(it.data);
+ }
+ *digestInfo = NULL;
+ *digestInfoLen = 0;
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ }
+
+ return rv;
+}
+
+struct VFYContextStr {
+ SECOidTag hashAlg; /* the hash algorithm */
+ SECKEYPublicKey *key;
+ /*
+ * This buffer holds either the digest or the full signature
+ * depending on the type of the signature (key->keyType). It is
+ * defined as a union to make sure it always has enough space.
+ *
+ * Use the "buffer" union member to reference the buffer.
+ * Note: do not take the size of the "buffer" union member. Take
+ * the size of the union or some other union member instead.
+ */
+ union {
+ unsigned char buffer[1];
+
+ /* the full DSA signature... 40 bytes */
+ unsigned char dsasig[DSA_MAX_SIGNATURE_LEN];
+ /* the full ECDSA signature */
+ unsigned char ecdsasig[2 * MAX_ECKEY_LEN];
+ } u;
+ unsigned int pkcs1RSADigestInfoLen;
+ /* the encoded DigestInfo from a RSA PKCS#1 signature */
+ unsigned char *pkcs1RSADigestInfo;
+ void *wincx;
+ void *hashcx;
+ const SECHashObject *hashobj;
+ SECOidTag encAlg; /* enc alg */
+ PRBool hasSignature; /* true if the signature was provided in the
+ * VFY_CreateContext call. If false, the
+ * signature must be provided with a
+ * VFY_EndWithSignature call. */
+};
+
+static SECStatus
+verifyPKCS1DigestInfo(const VFYContext *cx, const SECItem *digest)
+{
+ SECItem pkcs1DigestInfo;
+ pkcs1DigestInfo.data = cx->pkcs1RSADigestInfo;
+ pkcs1DigestInfo.len = cx->pkcs1RSADigestInfoLen;
+ return _SGN_VerifyPKCS1DigestInfo(
+ cx->hashAlg, digest, &pkcs1DigestInfo,
+ PR_TRUE /*XXX: unsafeAllowMissingParameters*/);
+}
+
+/*
+ * decode the ECDSA or DSA signature from it's DER wrapping.
+ * The unwrapped/raw signature is placed in the buffer pointed
+ * to by dsig and has enough room for len bytes.
+ */
+static SECStatus
+decodeECorDSASignature(SECOidTag algid, const SECItem *sig, unsigned char *dsig,
+ unsigned int len)
+{
+ SECItem *dsasig = NULL; /* also used for ECDSA */
+ SECStatus rv = SECSuccess;
+
+ if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
+ (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
+ if (sig->len != len) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+
+ PORT_Memcpy(dsig, sig->data, sig->len);
+ return SECSuccess;
+ }
+
+ if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
+ if (len > MAX_ECKEY_LEN * 2) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+ }
+ dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
+
+ if ((dsasig == NULL) || (dsasig->len != len)) {
+ rv = SECFailure;
+ } else {
+ PORT_Memcpy(dsig, dsasig->data, dsasig->len);
+ }
+
+ if (dsasig != NULL)
+ SECITEM_FreeItem(dsasig, PR_TRUE);
+ if (rv == SECFailure)
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return rv;
+}
+
+const SEC_ASN1Template hashParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECItem) },
+ { SEC_ASN1_OBJECT_ID, 0 },
+ { SEC_ASN1_SKIP_REST },
+ { 0 }
+ };
+
+/*
+ * Pulls the hash algorithm, signing algorithm, and key type out of a
+ * composite algorithm.
+ *
+ * sigAlg: the composite algorithm to dissect.
+ * hashalg: address of a SECOidTag which will be set with the hash algorithm.
+ * encalg: address of a SECOidTag which will be set with the signing alg.
+ *
+ * Returns: SECSuccess if the algorithm was acceptable, SECFailure if the
+ * algorithm was not found or was not a signing algorithm.
+ */
+SECStatus
+sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
+ const SECItem *param, SECOidTag *encalg, SECOidTag *hashalg)
+{
+ int len;
+ PLArenaPool *arena;
+ SECStatus rv;
+ SECItem oid;
+
+ PR_ASSERT(hashalg != NULL);
+ PR_ASSERT(encalg != NULL);
+
+ switch (sigAlg) {
+ /* We probably shouldn't be generating MD2 signatures either */
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ *hashalg = SEC_OID_MD2;
+ break;
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ *hashalg = SEC_OID_MD5;
+ break;
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
+ case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
+ *hashalg = SEC_OID_SHA1;
+ break;
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ *hashalg = SEC_OID_UNKNOWN; /* get it from the RSA signature */
+ break;
+
+ case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+ case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION:
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST:
+ *hashalg = SEC_OID_SHA224;
+ break;
+ case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST:
+ *hashalg = SEC_OID_SHA256;
+ break;
+ case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ *hashalg = SEC_OID_SHA384;
+ break;
+ case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ *hashalg = SEC_OID_SHA512;
+ break;
+
+ /* what about normal DSA? */
+ case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+ *hashalg = SEC_OID_SHA1;
+ break;
+ case SEC_OID_MISSI_DSS:
+ case SEC_OID_MISSI_KEA_DSS:
+ case SEC_OID_MISSI_KEA_DSS_OLD:
+ case SEC_OID_MISSI_DSS_OLD:
+ *hashalg = SEC_OID_SHA1;
+ break;
+ case SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST:
+ /* This is an EC algorithm. Recommended means the largest
+ * hash algorithm that is not reduced by the keysize of
+ * the EC algorithm. Note that key strength is in bytes and
+ * algorithms are specified in bits. Never use an algorithm
+ * weaker than sha1. */
+ len = SECKEY_PublicKeyStrength(key);
+ if (len < 28) { /* 28 bytes == 224 bits */
+ *hashalg = SEC_OID_SHA1;
+ } else if (len < 32) { /* 32 bytes == 256 bits */
+ *hashalg = SEC_OID_SHA224;
+ } else if (len < 48) { /* 48 bytes == 384 bits */
+ *hashalg = SEC_OID_SHA256;
+ } else if (len < 64) { /* 48 bytes == 512 bits */
+ *hashalg = SEC_OID_SHA384;
+ } else {
+ /* use the largest in this case */
+ *hashalg = SEC_OID_SHA512;
+ }
+ break;
+ case SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST:
+ if (param == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return SECFailure;
+ }
+ rv = SEC_QuickDERDecodeItem(arena, &oid, hashParameterTemplate, param);
+ if (rv == SECSuccess) {
+ *hashalg = SECOID_FindOIDTag(&oid);
+ }
+ PORT_FreeArena(arena, PR_FALSE);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ /* only accept hash algorithms */
+ if (HASH_GetHashTypeByOidTag(*hashalg) == HASH_AlgNULL) {
+ /* error set by HASH_GetHashTypeByOidTag */
+ return SECFailure;
+ }
+ break;
+ /* we don't implement MD4 hashes */
+ case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+ /* get the "encryption" algorithm */
+ switch (sigAlg) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
+ case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
+ case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ *encalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
+ break;
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ *encalg = SEC_OID_PKCS1_RSA_PSS_SIGNATURE;
+ break;
+
+ /* what about normal DSA? */
+ case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST:
+ case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST:
+ *encalg = SEC_OID_ANSIX9_DSA_SIGNATURE;
+ break;
+ case SEC_OID_MISSI_DSS:
+ case SEC_OID_MISSI_KEA_DSS:
+ case SEC_OID_MISSI_KEA_DSS_OLD:
+ case SEC_OID_MISSI_DSS_OLD:
+ *encalg = SEC_OID_MISSI_DSS;
+ break;
+ case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST:
+ case SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST:
+ *encalg = SEC_OID_ANSIX962_EC_PUBLIC_KEY;
+ break;
+ /* we don't implement MD4 hashes */
+ case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * we can verify signatures that come from 2 different sources:
+ * one in with the signature contains a signature oid, and the other
+ * in which the signature is managed by a Public key (encAlg) oid
+ * and a hash oid. The latter is the more basic, so that's what
+ * our base vfyCreate function takes.
+ *
+ * There is one noteworthy corner case, if we are using an RSA key, and the
+ * signature block is provided, then the hashAlg can be specified as
+ * SEC_OID_UNKNOWN. In this case, verify will use the hash oid supplied
+ * in the RSA signature block.
+ */
+static VFYContext *
+vfy_CreateContext(const SECKEYPublicKey *key, const SECItem *sig,
+ SECOidTag encAlg, SECOidTag hashAlg, SECOidTag *hash, void *wincx)
+{
+ VFYContext *cx;
+ SECStatus rv;
+ unsigned int sigLen;
+ KeyType type;
+
+ /* make sure the encryption algorithm matches the key type */
+ /* RSA-PSS algorithm can be used with both rsaKey and rsaPssKey */
+ type = seckey_GetKeyType(encAlg);
+ if ((key->keyType != type) &&
+ ((key->keyType != rsaKey) || (type != rsaPssKey))) {
+ PORT_SetError(SEC_ERROR_PKCS7_KEYALG_MISMATCH);
+ return NULL;
+ }
+
+ cx = (VFYContext *)PORT_ZAlloc(sizeof(VFYContext));
+ if (cx == NULL) {
+ goto loser;
+ }
+
+ cx->wincx = wincx;
+ cx->hasSignature = (sig != NULL);
+ cx->encAlg = encAlg;
+ cx->hashAlg = hashAlg;
+ cx->key = SECKEY_CopyPublicKey(key);
+ cx->pkcs1RSADigestInfo = NULL;
+ rv = SECSuccess;
+ if (sig) {
+ switch (type) {
+ case rsaKey:
+ rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
+ &cx->pkcs1RSADigestInfo,
+ &cx->pkcs1RSADigestInfoLen,
+ cx->key,
+ sig, wincx);
+ break;
+ case dsaKey:
+ case ecKey:
+ sigLen = SECKEY_SignatureLen(key);
+ if (sigLen == 0) {
+ /* error set by SECKEY_SignatureLen */
+ rv = SECFailure;
+ break;
+ }
+ rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
+ break;
+ default:
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+ break;
+ }
+ }
+
+ if (rv)
+ goto loser;
+
+ /* check hash alg again, RSA may have changed it.*/
+ if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) {
+ /* error set by HASH_GetHashTypeByOidTag */
+ goto loser;
+ }
+
+ if (hash) {
+ *hash = cx->hashAlg;
+ }
+ return cx;
+
+loser:
+ if (cx) {
+ VFY_DestroyContext(cx, PR_TRUE);
+ }
+ return 0;
+}
+
+VFYContext *
+VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig, SECOidTag sigAlg,
+ void *wincx)
+{
+ SECOidTag encAlg, hashAlg;
+ SECStatus rv = sec_DecodeSigAlg(key, sigAlg, NULL, &encAlg, &hashAlg);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ return vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx);
+}
+
+VFYContext *
+VFY_CreateContextDirect(const SECKEYPublicKey *key, const SECItem *sig,
+ SECOidTag encAlg, SECOidTag hashAlg,
+ SECOidTag *hash, void *wincx)
+{
+ return vfy_CreateContext(key, sig, encAlg, hashAlg, hash, wincx);
+}
+
+VFYContext *
+VFY_CreateContextWithAlgorithmID(const SECKEYPublicKey *key, const SECItem *sig,
+ const SECAlgorithmID *sigAlgorithm, SECOidTag *hash, void *wincx)
+{
+ SECOidTag encAlg, hashAlg;
+ SECStatus rv = sec_DecodeSigAlg(key,
+ SECOID_GetAlgorithmTag((SECAlgorithmID *)sigAlgorithm),
+ &sigAlgorithm->parameters, &encAlg, &hashAlg);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ return vfy_CreateContext(key, sig, encAlg, hashAlg, hash, wincx);
+}
+
+void
+VFY_DestroyContext(VFYContext *cx, PRBool freeit)
+{
+ if (cx) {
+ if (cx->hashcx != NULL) {
+ (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
+ cx->hashcx = NULL;
+ }
+ if (cx->key) {
+ SECKEY_DestroyPublicKey(cx->key);
+ }
+ if (cx->pkcs1RSADigestInfo) {
+ PORT_Free(cx->pkcs1RSADigestInfo);
+ }
+ if (freeit) {
+ PORT_ZFree(cx, sizeof(VFYContext));
+ }
+ }
+}
+
+SECStatus
+VFY_Begin(VFYContext *cx)
+{
+ if (cx->hashcx != NULL) {
+ (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
+ cx->hashcx = NULL;
+ }
+
+ cx->hashobj = HASH_GetHashObjectByOidTag(cx->hashAlg);
+ if (!cx->hashobj)
+ return SECFailure; /* error code is set */
+
+ cx->hashcx = (*cx->hashobj->create)();
+ if (cx->hashcx == NULL)
+ return SECFailure;
+
+ (*cx->hashobj->begin)(cx->hashcx);
+ return SECSuccess;
+}
+
+SECStatus
+VFY_Update(VFYContext *cx, const unsigned char *input, unsigned inputLen)
+{
+ if (cx->hashcx == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ (*cx->hashobj->update)(cx->hashcx, input, inputLen);
+ return SECSuccess;
+}
+
+SECStatus
+VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
+{
+ unsigned char final[HASH_LENGTH_MAX];
+ unsigned part;
+ SECItem hash, dsasig; /* dsasig is also used for ECDSA */
+ SECStatus rv;
+
+ if ((cx->hasSignature == PR_FALSE) && (sig == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (cx->hashcx == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ (*cx->hashobj->end)(cx->hashcx, final, &part, sizeof(final));
+ switch (cx->key->keyType) {
+ case ecKey:
+ case dsaKey:
+ dsasig.data = cx->u.buffer;
+ dsasig.len = SECKEY_SignatureLen(cx->key);
+ if (dsasig.len == 0) {
+ return SECFailure;
+ }
+ if (sig) {
+ rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data,
+ dsasig.len);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+ }
+ hash.data = final;
+ hash.len = part;
+ if (PK11_Verify(cx->key, &dsasig, &hash, cx->wincx) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+ break;
+ case rsaKey: {
+ SECItem digest;
+ digest.data = final;
+ digest.len = part;
+ if (sig) {
+ SECOidTag hashid;
+ PORT_Assert(cx->hashAlg != SEC_OID_UNKNOWN);
+ rv = recoverPKCS1DigestInfo(cx->hashAlg, &hashid,
+ &cx->pkcs1RSADigestInfo,
+ &cx->pkcs1RSADigestInfoLen,
+ cx->key,
+ sig, cx->wincx);
+ PORT_Assert(cx->hashAlg == hashid);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ return verifyPKCS1DigestInfo(cx, &digest);
+ }
+ default:
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure; /* shouldn't happen */
+ }
+ return SECSuccess;
+}
+
+SECStatus
+VFY_End(VFYContext *cx)
+{
+ return VFY_EndWithSignature(cx, NULL);
+}
+
+/************************************************************************/
+/*
+ * Verify that a previously-computed digest matches a signature.
+ */
+static SECStatus
+vfy_VerifyDigest(const SECItem *digest, const SECKEYPublicKey *key,
+ const SECItem *sig, SECOidTag encAlg, SECOidTag hashAlg,
+ void *wincx)
+{
+ SECStatus rv;
+ VFYContext *cx;
+ SECItem dsasig; /* also used for ECDSA */
+
+ rv = SECFailure;
+
+ cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx);
+ if (cx != NULL) {
+ switch (key->keyType) {
+ case rsaKey:
+ rv = verifyPKCS1DigestInfo(cx, digest);
+ break;
+ case dsaKey:
+ case ecKey:
+ dsasig.data = cx->u.buffer;
+ dsasig.len = SECKEY_SignatureLen(cx->key);
+ if (dsasig.len == 0) {
+ break;
+ }
+ if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) !=
+ SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ } else {
+ rv = SECSuccess;
+ }
+ break;
+ default:
+ break;
+ }
+ VFY_DestroyContext(cx, PR_TRUE);
+ }
+ return rv;
+}
+
+SECStatus
+VFY_VerifyDigestDirect(const SECItem *digest, const SECKEYPublicKey *key,
+ const SECItem *sig, SECOidTag encAlg,
+ SECOidTag hashAlg, void *wincx)
+{
+ return vfy_VerifyDigest(digest, key, sig, encAlg, hashAlg, wincx);
+}
+
+SECStatus
+VFY_VerifyDigest(SECItem *digest, SECKEYPublicKey *key, SECItem *sig,
+ SECOidTag algid, void *wincx)
+{
+ SECOidTag encAlg, hashAlg;
+ SECStatus rv = sec_DecodeSigAlg(key, algid, NULL, &encAlg, &hashAlg);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ return vfy_VerifyDigest(digest, key, sig, encAlg, hashAlg, wincx);
+}
+
+/*
+ * this function takes an optional hash oid, which the digest function
+ * will be compared with our target hash value.
+ */
+SECStatus
+VFY_VerifyDigestWithAlgorithmID(const SECItem *digest,
+ const SECKEYPublicKey *key, const SECItem *sig,
+ const SECAlgorithmID *sigAlgorithm,
+ SECOidTag hashCmp, void *wincx)
+{
+ SECOidTag encAlg, hashAlg;
+ SECStatus rv = sec_DecodeSigAlg(key,
+ SECOID_GetAlgorithmTag((SECAlgorithmID *)sigAlgorithm),
+ &sigAlgorithm->parameters, &encAlg, &hashAlg);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (hashCmp != SEC_OID_UNKNOWN &&
+ hashAlg != SEC_OID_UNKNOWN &&
+ hashCmp != hashAlg) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+ return vfy_VerifyDigest(digest, key, sig, encAlg, hashAlg, wincx);
+}
+
+static SECStatus
+vfy_VerifyData(const unsigned char *buf, int len, const SECKEYPublicKey *key,
+ const SECItem *sig, SECOidTag encAlg, SECOidTag hashAlg,
+ SECOidTag *hash, void *wincx)
+{
+ SECStatus rv;
+ VFYContext *cx;
+
+ cx = vfy_CreateContext(key, sig, encAlg, hashAlg, hash, wincx);
+ if (cx == NULL)
+ return SECFailure;
+
+ rv = VFY_Begin(cx);
+ if (rv == SECSuccess) {
+ rv = VFY_Update(cx, (unsigned char *)buf, len);
+ if (rv == SECSuccess)
+ rv = VFY_End(cx);
+ }
+
+ VFY_DestroyContext(cx, PR_TRUE);
+ return rv;
+}
+
+SECStatus
+VFY_VerifyDataDirect(const unsigned char *buf, int len,
+ const SECKEYPublicKey *key, const SECItem *sig,
+ SECOidTag encAlg, SECOidTag hashAlg,
+ SECOidTag *hash, void *wincx)
+{
+ return vfy_VerifyData(buf, len, key, sig, encAlg, hashAlg, hash, wincx);
+}
+
+SECStatus
+VFY_VerifyData(const unsigned char *buf, int len, const SECKEYPublicKey *key,
+ const SECItem *sig, SECOidTag algid, void *wincx)
+{
+ SECOidTag encAlg, hashAlg;
+ SECStatus rv = sec_DecodeSigAlg(key, algid, NULL, &encAlg, &hashAlg);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return vfy_VerifyData(buf, len, key, sig, encAlg, hashAlg, NULL, wincx);
+}
+
+SECStatus
+VFY_VerifyDataWithAlgorithmID(const unsigned char *buf, int len,
+ const SECKEYPublicKey *key,
+ const SECItem *sig,
+ const SECAlgorithmID *sigAlgorithm,
+ SECOidTag *hash, void *wincx)
+{
+ SECOidTag encAlg, hashAlg;
+ SECOidTag sigAlg = SECOID_GetAlgorithmTag((SECAlgorithmID *)sigAlgorithm);
+ SECStatus rv = sec_DecodeSigAlg(key, sigAlg,
+ &sigAlgorithm->parameters, &encAlg, &hashAlg);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return vfy_VerifyData(buf, len, key, sig, encAlg, hashAlg, hash, wincx);
+}
diff --git a/security/nss/lib/dbm/Makefile b/security/nss/lib/dbm/Makefile
new file mode 100644
index 000000000..a4df914b2
--- /dev/null
+++ b/security/nss/lib/dbm/Makefile
@@ -0,0 +1,52 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+coreconf_hack:
+ cd ../coreconf; gmake
+ gmake import
+
+RelEng_bld: coreconf_hack
+ gmake
diff --git a/security/nss/lib/dbm/config/config.mk b/security/nss/lib/dbm/config/config.mk
new file mode 100644
index 000000000..9ad98af82
--- /dev/null
+++ b/security/nss/lib/dbm/config/config.mk
@@ -0,0 +1,35 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# These macros are defined by mozilla's configure script.
+# We define them manually here.
+#
+
+DEFINES += -DSTDC_HEADERS -DHAVE_STRERROR
+
+#
+# Most platforms have snprintf, so it's simpler to list the exceptions.
+#
+HAVE_SNPRINTF = 1
+#
+# OSF1 V4.0D doesn't have snprintf but V5.0A does.
+#
+ifeq ($(OS_TARGET)$(OS_RELEASE),OSF1V4.0D)
+HAVE_SNPRINTF =
+endif
+ifdef HAVE_SNPRINTF
+DEFINES += -DHAVE_SNPRINTF
+endif
+
+ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET)))
+DEFINES += -DHAVE_SYS_BYTEORDER_H
+endif
+
+#
+# None of the platforms that we are interested in need to
+# define HAVE_MEMORY_H.
+#
diff --git a/security/nss/lib/dbm/include/Makefile b/security/nss/lib/dbm/include/Makefile
new file mode 100644
index 000000000..4c9e4e939
--- /dev/null
+++ b/security/nss/lib/dbm/include/Makefile
@@ -0,0 +1,47 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
diff --git a/security/nss/lib/dbm/include/exports.gyp b/security/nss/lib/dbm/include/exports.gyp
new file mode 100644
index 000000000..e80d769ca
--- /dev/null
+++ b/security/nss/lib/dbm/include/exports.gyp
@@ -0,0 +1,38 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_dbm_include_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'mcom_db.h',
+ 'ncompat.h',
+ 'winfile.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'extern.h',
+ 'hash.h',
+ 'hsearch.h',
+ 'page.h',
+ 'queue.h',
+ 'search.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'dbm'
+ }
+}
diff --git a/security/nss/lib/dbm/include/extern.h b/security/nss/lib/dbm/include/extern.h
new file mode 100644
index 000000000..897369fb8
--- /dev/null
+++ b/security/nss/lib/dbm/include/extern.h
@@ -0,0 +1,63 @@
+/*-
+ * Copyright (c) 1991, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)extern.h 8.4 (Berkeley) 6/16/94
+ */
+
+BUFHEAD *__add_ovflpage(HTAB *, BUFHEAD *);
+int __addel(HTAB *, BUFHEAD *, const DBT *, const DBT *);
+int __big_delete(HTAB *, BUFHEAD *);
+int __big_insert(HTAB *, BUFHEAD *, const DBT *, const DBT *);
+int __big_keydata(HTAB *, BUFHEAD *, DBT *, DBT *, int);
+int __big_return(HTAB *, BUFHEAD *, int, DBT *, int);
+int __big_split(HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *,
+ uint32, uint32, SPLIT_RETURN *);
+int __buf_free(HTAB *, int, int);
+void __buf_init(HTAB *, int);
+uint32 __call_hash(HTAB *, char *, size_t);
+int __delpair(HTAB *, BUFHEAD *, int);
+int __expand_table(HTAB *);
+int __find_bigpair(HTAB *, BUFHEAD *, int, char *, int);
+uint16 __find_last_page(HTAB *, BUFHEAD **);
+void __free_ovflpage(HTAB *, BUFHEAD *);
+BUFHEAD *__get_buf(HTAB *, uint32, BUFHEAD *, int);
+int __get_page(HTAB *, char *, uint32, int, int, int);
+int __ibitmap(HTAB *, int, int, int);
+uint32 __log2(uint32);
+int __put_page(HTAB *, char *, uint32, int, int);
+void __reclaim_buf(HTAB *, BUFHEAD *);
+int __split_page(HTAB *, uint32, uint32);
+
+/* Default hash routine. */
+extern uint32 (*__default_hash)(const void *, size_t);
+
+#ifdef HASH_STATISTICS
+extern int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
+#endif
diff --git a/security/nss/lib/dbm/include/hash.h b/security/nss/lib/dbm/include/hash.h
new file mode 100644
index 000000000..7da51dc64
--- /dev/null
+++ b/security/nss/lib/dbm/include/hash.h
@@ -0,0 +1,341 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)hash.h 8.3 (Berkeley) 5/31/94
+ */
+
+/* Operations */
+
+#include <stdio.h>
+#include "mcom_db.h"
+typedef enum {
+ HASH_GET,
+ HASH_PUT,
+ HASH_PUTNEW,
+ HASH_DELETE,
+ HASH_FIRST,
+ HASH_NEXT
+} ACTION;
+
+/* Buffer Management structures */
+typedef struct _bufhead BUFHEAD;
+
+struct _bufhead {
+ BUFHEAD *prev; /* LRU links */
+ BUFHEAD *next; /* LRU links */
+ BUFHEAD *ovfl; /* Overflow page buffer header */
+ uint32 addr; /* Address of this page */
+ char *page; /* Actual page data */
+ char is_disk;
+ char flags;
+#define BUF_MOD 0x0001
+#define BUF_DISK 0x0002
+#define BUF_BUCKET 0x0004
+#define BUF_PIN 0x0008
+};
+
+#define IS_BUCKET(X) ((X)&BUF_BUCKET)
+
+typedef BUFHEAD **SEGMENT;
+
+typedef int DBFILE_PTR;
+#define NO_FILE -1
+#ifdef macintosh
+#define DBFILE_OPEN(path, flag, mode) open((path), flag)
+#define EXISTS(path)
+#else
+#define DBFILE_OPEN(path, flag, mode) open((path), (flag), (mode))
+#endif
+/* Hash Table Information */
+typedef struct hashhdr { /* Disk resident portion */
+ int32 magic; /* Magic NO for hash tables */
+ int32 version; /* Version ID */
+ uint32 lorder; /* Byte Order */
+ int32 bsize; /* Bucket/Page Size */
+ int32 bshift; /* Bucket shift */
+ int32 dsize; /* Directory Size */
+ int32 ssize; /* Segment Size */
+ int32 sshift; /* Segment shift */
+ int32 ovfl_point; /* Where overflow pages are being
+ * allocated */
+ int32 last_freed; /* Last overflow page freed */
+ int32 max_bucket; /* ID of Maximum bucket in use */
+ int32 high_mask; /* Mask to modulo into entire table */
+ int32 low_mask; /* Mask to modulo into lower half of
+ * table */
+ int32 ffactor; /* Fill factor */
+ int32 nkeys; /* Number of keys in hash table */
+ int32 hdrpages; /* Size of table header */
+ uint32 h_charkey; /* value of hash(CHARKEY) */
+#define NCACHED 32 /* number of bit maps and spare \
+ * points */
+ int32 spares[NCACHED]; /* spare pages for overflow */
+ uint16 bitmaps[NCACHED]; /* address of overflow page
+ * bitmaps */
+} HASHHDR;
+
+typedef struct htab { /* Memory resident data structure */
+ HASHHDR hdr; /* Header */
+ int nsegs; /* Number of allocated segments */
+ int exsegs; /* Number of extra allocated
+ * segments */
+ uint32 /* Hash function */
+ (*hash)(const void *, size_t);
+ int flags; /* Flag values */
+ DBFILE_PTR fp; /* File pointer */
+ char *filename;
+ char *tmp_buf; /* Temporary Buffer for BIG data */
+ char *tmp_key; /* Temporary Buffer for BIG keys */
+ BUFHEAD *cpage; /* Current page */
+ int cbucket; /* Current bucket */
+ int cndx; /* Index of next item on cpage */
+ int dbmerrno; /* Error Number -- for DBM
+ * compatability */
+ int new_file; /* Indicates if fd is backing store
+ * or no */
+ int save_file; /* Indicates whether we need to flush
+ * file at
+ * exit */
+ uint32 *mapp[NCACHED]; /* Pointers to page maps */
+ int nmaps; /* Initial number of bitmaps */
+ int nbufs; /* Number of buffers left to
+ * allocate */
+ BUFHEAD bufhead; /* Header of buffer lru list */
+ SEGMENT *dir; /* Hash Bucket directory */
+ off_t file_size; /* in bytes */
+ char is_temp; /* unlink file on close */
+ char updateEOF; /* force EOF update on flush */
+} HTAB;
+
+/*
+ * Constants
+ */
+#define DATABASE_CORRUPTED_ERROR -999 /* big ugly abort, delete database */
+#define OLD_MAX_BSIZE 65536 /* 2^16 */
+#define MAX_BSIZE 32l * 1024l /* 2^15 */
+#define MIN_BUFFERS 6
+#define MINHDRSIZE 512
+#define DEF_BUFSIZE 65536l /* 64 K */
+#define DEF_BUCKET_SIZE 4096
+#define DEF_BUCKET_SHIFT 12 /* log2(BUCKET) */
+#define DEF_SEGSIZE 256
+#define DEF_SEGSIZE_SHIFT 8 /* log2(SEGSIZE) */
+#define DEF_DIRSIZE 256
+#define DEF_FFACTOR 65536l
+#define MIN_FFACTOR 4
+#define SPLTMAX 8
+#define CHARKEY "%$sniglet^&"
+#define NUMKEY 1038583l
+#define BYTE_SHIFT 3
+#define INT_TO_BYTE 2
+#define INT_BYTE_SHIFT 5
+#define ALL_SET ((uint32)0xFFFFFFFF)
+#define ALL_CLEAR 0
+
+#define PTROF(X) ((ptrdiff_t)(X) == BUF_DISK ? 0 : (X))
+#define ISDISK(X) ((X) ? ((ptrdiff_t)(X) == BUF_DISK ? BUF_DISK \
+ : (X)->is_disk) \
+ : 0)
+
+#define BITS_PER_MAP 32
+
+/* Given the address of the beginning of a big map, clear/set the nth bit */
+#define CLRBIT(A, N) ((A)[(N) / BITS_PER_MAP] &= ~(1 << ((N) % BITS_PER_MAP)))
+#define SETBIT(A, N) ((A)[(N) / BITS_PER_MAP] |= (1 << ((N) % BITS_PER_MAP)))
+#define ISSET(A, N) ((A)[(N) / BITS_PER_MAP] & (1 << ((N) % BITS_PER_MAP)))
+
+/* Overflow management */
+/*
+ * Overflow page numbers are allocated per split point. At each doubling of
+ * the table, we can allocate extra pages. So, an overflow page number has
+ * the top 5 bits indicate which split point and the lower 11 bits indicate
+ * which page at that split point is indicated (pages within split points are
+ * numberered starting with 1).
+ */
+
+#define SPLITSHIFT 11
+#define SPLITMASK 0x7FF
+#define SPLITNUM(N) (((uint32)(N)) >> SPLITSHIFT)
+#define OPAGENUM(N) ((N)&SPLITMASK)
+#define OADDR_OF(S, O) ((uint32)((uint32)(S) << SPLITSHIFT) + (O))
+
+#define BUCKET_TO_PAGE(B) \
+ (B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[__log2((uint32)((B) + 1)) - 1] : 0)
+#define OADDR_TO_PAGE(B) \
+ BUCKET_TO_PAGE((1 << SPLITNUM((B))) - 1) + OPAGENUM((B));
+
+/*
+ * page.h contains a detailed description of the page format.
+ *
+ * Normally, keys and data are accessed from offset tables in the top of
+ * each page which point to the beginning of the key and data. There are
+ * four flag values which may be stored in these offset tables which indicate
+ * the following:
+ *
+ *
+ * OVFLPAGE Rather than a key data pair, this pair contains
+ * the address of an overflow page. The format of
+ * the pair is:
+ * OVERFLOW_PAGE_NUMBER OVFLPAGE
+ *
+ * PARTIAL_KEY This must be the first key/data pair on a page
+ * and implies that page contains only a partial key.
+ * That is, the key is too big to fit on a single page
+ * so it starts on this page and continues on the next.
+ * The format of the page is:
+ * KEY_OFF PARTIAL_KEY OVFL_PAGENO OVFLPAGE
+ *
+ * KEY_OFF -- offset of the beginning of the key
+ * PARTIAL_KEY -- 1
+ * OVFL_PAGENO - page number of the next overflow page
+ * OVFLPAGE -- 0
+ *
+ * FULL_KEY This must be the first key/data pair on the page. It
+ * is used in two cases.
+ *
+ * Case 1:
+ * There is a complete key on the page but no data
+ * (because it wouldn't fit). The next page contains
+ * the data.
+ *
+ * Page format it:
+ * KEY_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
+ *
+ * KEY_OFF -- offset of the beginning of the key
+ * FULL_KEY -- 2
+ * OVFL_PAGENO - page number of the next overflow page
+ * OVFLPAGE -- 0
+ *
+ * Case 2:
+ * This page contains no key, but part of a large
+ * data field, which is continued on the next page.
+ *
+ * Page format it:
+ * DATA_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
+ *
+ * KEY_OFF -- offset of the beginning of the data on
+ * this page
+ * FULL_KEY -- 2
+ * OVFL_PAGENO - page number of the next overflow page
+ * OVFLPAGE -- 0
+ *
+ * FULL_KEY_DATA
+ * This must be the first key/data pair on the page.
+ * There are two cases:
+ *
+ * Case 1:
+ * This page contains a key and the beginning of the
+ * data field, but the data field is continued on the
+ * next page.
+ *
+ * Page format is:
+ * KEY_OFF FULL_KEY_DATA OVFL_PAGENO DATA_OFF
+ *
+ * KEY_OFF -- offset of the beginning of the key
+ * FULL_KEY_DATA -- 3
+ * OVFL_PAGENO - page number of the next overflow page
+ * DATA_OFF -- offset of the beginning of the data
+ *
+ * Case 2:
+ * This page contains the last page of a big data pair.
+ * There is no key, only the tail end of the data
+ * on this page.
+ *
+ * Page format is:
+ * DATA_OFF FULL_KEY_DATA <OVFL_PAGENO> <OVFLPAGE>
+ *
+ * DATA_OFF -- offset of the beginning of the data on
+ * this page
+ * FULL_KEY_DATA -- 3
+ * OVFL_PAGENO - page number of the next overflow page
+ * OVFLPAGE -- 0
+ *
+ * OVFL_PAGENO and OVFLPAGE are optional (they are
+ * not present if there is no next page).
+ */
+
+#define OVFLPAGE 0
+#define PARTIAL_KEY 1
+#define FULL_KEY 2
+#define FULL_KEY_DATA 3
+#define REAL_KEY 4
+
+/* Short hands for accessing structure */
+#undef BSIZE
+#define BSIZE hdr.bsize
+#undef BSHIFT
+#define BSHIFT hdr.bshift
+#define DSIZE hdr.dsize
+#define SGSIZE hdr.ssize
+#define SSHIFT hdr.sshift
+#define LORDER hdr.lorder
+#define OVFL_POINT hdr.ovfl_point
+#define LAST_FREED hdr.last_freed
+#define MAX_BUCKET hdr.max_bucket
+#define FFACTOR hdr.ffactor
+#define HIGH_MASK hdr.high_mask
+#define LOW_MASK hdr.low_mask
+#define NKEYS hdr.nkeys
+#define HDRPAGES hdr.hdrpages
+#define SPARES hdr.spares
+#define BITMAPS hdr.bitmaps
+#define VERSION hdr.version
+#define MAGIC hdr.magic
+#define NEXT_FREE hdr.next_free
+#define H_CHARKEY hdr.h_charkey
+
+extern uint32 (*__default_hash)(const void *, size_t);
+void __buf_init(HTAB *hashp, int32 nbytes);
+int __big_delete(HTAB *hashp, BUFHEAD *bufp);
+BUFHEAD *__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage);
+uint32 __call_hash(HTAB *hashp, char *k, size_t len);
+#include "page.h"
+extern int __big_split(HTAB *hashp, BUFHEAD *op, BUFHEAD *np,
+ BUFHEAD *big_keyp, uint32 addr, uint32 obucket, SPLIT_RETURN *ret);
+void __free_ovflpage(HTAB *hashp, BUFHEAD *obufp);
+BUFHEAD *__add_ovflpage(HTAB *hashp, BUFHEAD *bufp);
+int __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val);
+int __expand_table(HTAB *hashp);
+uint32 __log2(uint32 num);
+void __reclaim_buf(HTAB *hashp, BUFHEAD *bp);
+int __get_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap);
+int __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap);
+int __ibitmap(HTAB *hashp, int pnum, int nbits, int ndx);
+int __buf_free(HTAB *hashp, int do_free, int to_disk);
+int __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size);
+uint16 __find_last_page(HTAB *hashp, BUFHEAD **bpp);
+int __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val);
+int __big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current);
+int __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx);
+int __big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set);
+int __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket);
diff --git a/security/nss/lib/dbm/include/hsearch.h b/security/nss/lib/dbm/include/hsearch.h
new file mode 100644
index 000000000..d6fe0d93d
--- /dev/null
+++ b/security/nss/lib/dbm/include/hsearch.h
@@ -0,0 +1,50 @@
+/*-
+ * Copyright (c) 1990, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)search.h 8.1 (Berkeley) 6/4/93
+ */
+
+/* Backward compatibility to hsearch interface. */
+typedef struct entry {
+ char *key;
+ char *data;
+} ENTRY;
+
+typedef enum {
+ FIND,
+ ENTER
+} ACTION;
+
+int hcreate(unsigned int);
+void hdestroy(void);
+ENTRY *hsearch(ENTRY, ACTION);
diff --git a/security/nss/lib/dbm/include/include.gyp b/security/nss/lib/dbm/include/include.gyp
new file mode 100644
index 000000000..69f9c883d
--- /dev/null
+++ b/security/nss/lib/dbm/include/include.gyp
@@ -0,0 +1,12 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [],
+ 'variables': {
+ 'module': 'dbm'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/dbm/include/manifest.mn b/security/nss/lib/dbm/include/manifest.mn
new file mode 100644
index 000000000..64b6fdac0
--- /dev/null
+++ b/security/nss/lib/dbm/include/manifest.mn
@@ -0,0 +1,23 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../../..
+
+MODULE = dbm
+
+EXPORTS = mcom_db.h \
+ ncompat.h \
+ winfile.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = hsearch.h \
+ page.h \
+ extern.h \
+ queue.h \
+ hash.h \
+ search.h \
+ $(NULL)
+
diff --git a/security/nss/lib/dbm/include/mcom_db.h b/security/nss/lib/dbm/include/mcom_db.h
new file mode 100644
index 000000000..0a4f6dc14
--- /dev/null
+++ b/security/nss/lib/dbm/include/mcom_db.h
@@ -0,0 +1,423 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)db.h 8.7 (Berkeley) 6/16/94
+ */
+
+#ifndef _DB_H_
+#define _DB_H_
+
+#ifndef macintosh
+#include <sys/types.h>
+#endif
+#include "prtypes.h"
+
+#if !defined(XP_BEOS) && !defined(XP_OS2) && !defined(XP_UNIX) || defined(NTO)
+typedef PRUintn uint;
+#endif
+typedef PRUint8 uint8;
+typedef PRUint16 uint16;
+/* On AIX 5.2, sys/inttypes.h (which is included by sys/types.h)
+ * defines the types int8, int16, int32, and int64. */
+#if !defined(AIX)
+typedef PRInt32 int32;
+#endif
+typedef PRUint32 uint32;
+
+#include <limits.h>
+
+#ifdef __DBINTERFACE_PRIVATE
+
+#ifdef HAVE_SYS_BYTEORDER_H
+#include <sys/byteorder.h>
+#endif
+
+#if defined(__linux) || defined(__BEOS__)
+#include <endian.h>
+#ifndef BYTE_ORDER
+#define BYTE_ORDER __BYTE_ORDER
+#define BIG_ENDIAN __BIG_ENDIAN
+#define LITTLE_ENDIAN __LITTLE_ENDIAN
+#endif
+#endif /* __linux */
+
+#ifdef __sgi
+#define BYTE_ORDER BIG_ENDIAN
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
+#endif
+
+#ifdef __sun
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
+
+#ifndef __SVR4
+/* compat.h is only in 4.1.3 machines. - dp */
+#include <compat.h>
+#endif
+
+/* XXX - dp
+ * Need to find a general way of defining endian-ness in SunOS 5.3
+ * SunOS 5.4 defines _BIG_ENDIAN and _LITTLE_ENDIAN
+ * SunOS 5.3 does nothing like this.
+ */
+
+#ifndef BYTE_ORDER
+
+#if defined(_BIG_ENDIAN)
+#define BYTE_ORDER BIG_ENDIAN
+#elif defined(_LITTLE_ENDIAN)
+#define BYTE_ORDER LITTLE_ENDIAN
+#elif !defined(__SVR4)
+/* 4.1.3 is always BIG_ENDIAN as it was released only on sparc platforms. */
+#define BYTE_ORDER BIG_ENDIAN
+#elif !defined(vax) && !defined(ntohl) && !defined(lint) && !defined(i386)
+/* 5.3 big endian. Copied this above line from sys/byteorder.h */
+/* Now we are in a 5.3 SunOS rather non 5.4 or above SunOS */
+#define BYTE_ORDER BIG_ENDIAN
+#else
+#define BYTE_ORDER LITTLE_ENDIAN
+#endif
+
+#endif /* !BYTE_ORDER */
+#endif /* __sun */
+
+#if defined(__hpux) || defined(__hppa)
+#define BYTE_ORDER BIG_ENDIAN
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
+#endif
+
+#if defined(AIXV3) || defined(AIX)
+/* BYTE_ORDER, LITTLE_ENDIAN, BIG_ENDIAN are all defined here */
+#include <sys/machine.h>
+#endif
+
+/* Digital Unix */
+#ifdef __osf__
+#include <machine/endian.h>
+#endif
+
+#ifdef __alpha
+#ifndef WIN32
+#else
+/* Alpha NT */
+#define BYTE_ORDER LITTLE_ENDIAN
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234
+#endif
+#endif
+
+#ifdef NCR
+#include <sys/endian.h>
+#endif
+
+#ifdef __QNX__
+#ifdef __QNXNTO__
+#include <sys/param.h>
+#else
+#define LITTLE_ENDIAN 1234
+#define BIG_ENDIAN 4321
+#define BYTE_ORDER LITTLE_ENDIAN
+#endif
+#endif
+
+#ifdef SNI
+/* #include <sys/hetero.h> */
+#define BYTE_ORDER BIG_ENDIAN
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234
+#endif
+
+#ifdef _WINDOWS
+#ifdef BYTE_ORDER
+#undef BYTE_ORDER
+#endif
+
+#define BYTE_ORDER LITTLE_ENDIAN
+#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
+#define BIG_ENDIAN 4321
+#endif
+
+#ifdef macintosh
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234
+#define BYTE_ORDER BIG_ENDIAN
+#endif
+
+#endif /* __DBINTERFACE_PRIVATE */
+
+#ifdef SCO
+#define MAXPATHLEN 1024
+#endif
+
+#include <fcntl.h>
+
+#if defined(_WINDOWS) || defined(XP_OS2)
+#include <stdio.h>
+#include <io.h>
+
+#ifndef XP_OS2
+#define MAXPATHLEN 1024
+#endif
+
+#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
+
+#ifndef STDERR_FILENO
+#define STDIN_FILENO 0 /* ANSI C #defines */
+#define STDOUT_FILENO 1
+#define STDERR_FILENO 2
+#endif
+
+#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */
+#define O_ACCMODE (O_RDONLY | O_WRONLY | O_RDWR)
+#endif
+#endif
+
+#ifdef macintosh
+#include <stdio.h>
+#include "xp_mcom.h"
+#define O_ACCMODE 3 /* Mask for file access modes */
+#define EFTYPE 2000
+PR_BEGIN_EXTERN_C
+int mkstemp(const char *path);
+PR_END_EXTERN_C
+#endif /* MACINTOSH */
+
+#if !defined(_WINDOWS) && !defined(macintosh)
+#include <sys/stat.h>
+#include <errno.h>
+#endif
+
+/* define EFTYPE since most don't */
+#ifndef EFTYPE
+#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
+#endif
+
+#define RET_ERROR -1 /* Return values. */
+#define RET_SUCCESS 0
+#define RET_SPECIAL 1
+
+#define MAX_PAGE_NUMBER 0xffffffff /* >= # of pages in a file */
+
+#ifndef __sgi
+typedef uint32 pgno_t;
+#endif
+
+#define MAX_PAGE_OFFSET 65535 /* >= # of bytes in a page */
+typedef uint16 indx_t;
+#define MAX_REC_NUMBER 0xffffffff /* >= # of records in a tree */
+typedef uint32 recno_t;
+
+/* Key/data structure -- a Data-Base Thang. */
+typedef struct {
+ void *data; /* data */
+ size_t size; /* data length */
+} DBT;
+
+/* Routine flags. */
+#define R_CURSOR 1 /* del, put, seq */
+#define __R_UNUSED 2 /* UNUSED */
+#define R_FIRST 3 /* seq */
+#define R_IAFTER 4 /* put (RECNO) */
+#define R_IBEFORE 5 /* put (RECNO) */
+#define R_LAST 6 /* seq (BTREE, RECNO) */
+#define R_NEXT 7 /* seq */
+#define R_NOOVERWRITE 8 /* put */
+#define R_PREV 9 /* seq (BTREE, RECNO) */
+#define R_SETCURSOR 10 /* put (RECNO) */
+#define R_RECNOSYNC 11 /* sync (RECNO) */
+
+typedef enum { DB_BTREE,
+ DB_HASH,
+ DB_RECNO } DBTYPE;
+
+typedef enum { LockOutDatabase,
+ UnlockDatabase } DBLockFlagEnum;
+
+/*
+ * !!!
+ * The following flags are included in the dbopen(3) call as part of the
+ * open(2) flags. In order to avoid conflicts with the open flags, start
+ * at the top of the 16 or 32-bit number space and work our way down. If
+ * the open flags were significantly expanded in the future, it could be
+ * a problem. Wish I'd left another flags word in the dbopen call.
+ *
+ * !!!
+ * None of this stuff is implemented yet. The only reason that it's here
+ * is so that the access methods can skip copying the key/data pair when
+ * the DB_LOCK flag isn't set.
+ */
+#if UINT_MAX > 65535
+#define DB_LOCK 0x20000000 /* Do locking. */
+#define DB_SHMEM 0x40000000 /* Use shared memory. */
+#define DB_TXN 0x80000000 /* Do transactions. */
+#else
+#define DB_LOCK 0x2000 /* Do locking. */
+#define DB_SHMEM 0x4000 /* Use shared memory. */
+#define DB_TXN 0x8000 /* Do transactions. */
+#endif
+
+/* Access method description structure. */
+typedef struct __db {
+ DBTYPE type; /* Underlying db type. */
+ int (*close)(struct __db *);
+ int (*del)(const struct __db *, const DBT *, uint);
+ int (*get)(const struct __db *, const DBT *, DBT *, uint);
+ int (*put)(const struct __db *, DBT *, const DBT *, uint);
+ int (*seq)(const struct __db *, DBT *, DBT *, uint);
+ int (*sync)(const struct __db *, uint);
+ void *internal; /* Access method private. */
+ int (*fd)(const struct __db *);
+} DB;
+
+#define BTREEMAGIC 0x053162
+#define BTREEVERSION 3
+
+/* Structure used to pass parameters to the btree routines. */
+typedef struct {
+#define R_DUP 0x01 /* duplicate keys */
+ uint32 flags;
+ uint cachesize; /* bytes to cache */
+ int maxkeypage; /* maximum keys per page */
+ int minkeypage; /* minimum keys per page */
+ uint psize; /* page size */
+ int(*compare) /* comparison function */
+ (const DBT *, const DBT *);
+ size_t(*prefix) /* prefix function */
+ (const DBT *, const DBT *);
+ int lorder; /* byte order */
+} BTREEINFO;
+
+#define HASHMAGIC 0x061561
+#define HASHVERSION 2
+
+/* Structure used to pass parameters to the hashing routines. */
+typedef struct {
+ uint bsize; /* bucket size */
+ uint ffactor; /* fill factor */
+ uint nelem; /* number of elements */
+ uint cachesize; /* bytes to cache */
+ uint32 /* hash function */
+ (*hash)(const void *, size_t);
+ int lorder; /* byte order */
+} HASHINFO;
+
+/* Structure used to pass parameters to the record routines. */
+typedef struct {
+#define R_FIXEDLEN 0x01 /* fixed-length records */
+#define R_NOKEY 0x02 /* key not required */
+#define R_SNAPSHOT 0x04 /* snapshot the input */
+ uint32 flags;
+ uint cachesize; /* bytes to cache */
+ uint psize; /* page size */
+ int lorder; /* byte order */
+ size_t reclen; /* record length (fixed-length records) */
+ uint8 bval; /* delimiting byte (variable-length records */
+ char *bfname; /* btree file name */
+} RECNOINFO;
+
+#ifdef __DBINTERFACE_PRIVATE
+/*
+ * Little endian <==> big endian 32-bit swap macros.
+ * M_32_SWAP swap a memory location
+ * P_32_SWAP swap a referenced memory location
+ * P_32_COPY swap from one location to another
+ */
+#define M_32_SWAP(a) \
+ { \
+ uint32 _tmp = a; \
+ ((char *)&a)[0] = ((char *)&_tmp)[3]; \
+ ((char *)&a)[1] = ((char *)&_tmp)[2]; \
+ ((char *)&a)[2] = ((char *)&_tmp)[1]; \
+ ((char *)&a)[3] = ((char *)&_tmp)[0]; \
+ }
+#define P_32_SWAP(a) \
+ { \
+ uint32 _tmp = *(uint32 *)a; \
+ ((char *)a)[0] = ((char *)&_tmp)[3]; \
+ ((char *)a)[1] = ((char *)&_tmp)[2]; \
+ ((char *)a)[2] = ((char *)&_tmp)[1]; \
+ ((char *)a)[3] = ((char *)&_tmp)[0]; \
+ }
+#define P_32_COPY(a, b) \
+ { \
+ ((char *)&(b))[0] = ((char *)&(a))[3]; \
+ ((char *)&(b))[1] = ((char *)&(a))[2]; \
+ ((char *)&(b))[2] = ((char *)&(a))[1]; \
+ ((char *)&(b))[3] = ((char *)&(a))[0]; \
+ }
+
+/*
+ * Little endian <==> big endian 16-bit swap macros.
+ * M_16_SWAP swap a memory location
+ * P_16_SWAP swap a referenced memory location
+ * P_16_COPY swap from one location to another
+ */
+#define M_16_SWAP(a) \
+ { \
+ uint16 _tmp = a; \
+ ((char *)&a)[0] = ((char *)&_tmp)[1]; \
+ ((char *)&a)[1] = ((char *)&_tmp)[0]; \
+ }
+#define P_16_SWAP(a) \
+ { \
+ uint16 _tmp = *(uint16 *)a; \
+ ((char *)a)[0] = ((char *)&_tmp)[1]; \
+ ((char *)a)[1] = ((char *)&_tmp)[0]; \
+ }
+#define P_16_COPY(a, b) \
+ { \
+ ((char *)&(b))[0] = ((char *)&(a))[1]; \
+ ((char *)&(b))[1] = ((char *)&(a))[0]; \
+ }
+#endif
+
+PR_BEGIN_EXTERN_C
+
+extern DB *
+dbopen(const char *, int, int, DBTYPE, const void *);
+
+/* set or unset a global lock flag to disable the
+ * opening of any DBM file
+ */
+void dbSetOrClearDBLock(DBLockFlagEnum type);
+
+#ifdef __DBINTERFACE_PRIVATE
+DB *__bt_open(const char *, int, int, const BTREEINFO *, int);
+DB *__hash_open(const char *, int, int, const HASHINFO *, int);
+DB *__rec_open(const char *, int, int, const RECNOINFO *, int);
+void __dbpanic(DB *dbp);
+#endif
+
+PR_END_EXTERN_C
+
+#endif /* !_DB_H_ */
diff --git a/security/nss/lib/dbm/include/ncompat.h b/security/nss/lib/dbm/include/ncompat.h
new file mode 100644
index 000000000..9fd434799
--- /dev/null
+++ b/security/nss/lib/dbm/include/ncompat.h
@@ -0,0 +1,224 @@
+/*-
+ * Copyright (c) 1991, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)compat.h 8.13 (Berkeley) 2/21/94
+ */
+
+#ifndef _COMPAT_H_
+#define _COMPAT_H_
+
+#include <sys/types.h>
+
+/*
+ * If your system doesn't typedef u_long, u_short, or u_char, change
+ * the 0 to a 1.
+ */
+#if 0
+typedef unsigned char u_char; /* 4.[34]BSD names. */
+typedef unsigned int u_int;
+typedef unsigned long u_long;
+typedef unsigned short u_short;
+#endif
+
+/* If your system doesn't typedef size_t, change the 0 to a 1. */
+#if 0
+typedef unsigned int size_t; /* POSIX, 4.[34]BSD names. */
+#endif
+
+/* If your system doesn't typedef ssize_t, change the 0 to a 1. */
+#if 0
+typedef int ssize_t; /* POSIX names. */
+#endif
+
+/*
+ * If your system doesn't have the POSIX type for a signal mask,
+ * change the 0 to a 1.
+ */
+#if 0 /* POSIX 1003.1 signal mask type. */
+typedef unsigned int sigset_t;
+#endif
+
+/*
+ * If your system's vsprintf returns a char *, not an int,
+ * change the 0 to a 1.
+ */
+#if defined(__sun) && !defined(__SVR4) /* SUNOS */
+#define VSPRINTF_CHARSTAR
+#endif
+/*
+ * If you don't have POSIX 1003.1 signals, the signal code surrounding the
+ * temporary file creation is intended to block all of the possible signals
+ * long enough to create the file and unlink it. All of this stuff is
+ * intended to use old-style BSD calls to fake POSIX 1003.1 calls.
+ */
+#ifdef NO_POSIX_SIGNALS
+#define sigemptyset(set) (*(set) = 0)
+#define sigfillset(set) (*(set) = ~(sigset_t)0, 0)
+#define sigaddset(set, signo) (*(set) |= sigmask(signo), 0)
+#define sigdelset(set, signo) (*(set) &= ~sigmask(signo), 0)
+#define sigismember(set, signo) ((*(set)&sigmask(signo)) != 0)
+
+#define SIG_BLOCK 1
+#define SIG_UNBLOCK 2
+#define SIG_SETMASK 3
+
+static int __sigtemp; /* For the use of sigprocmask */
+
+/* Repeated test of oset != NULL is to avoid "*0". */
+#define sigprocmask(how, set, oset) \
+ ((__sigtemp = \
+ (((how) == SIG_BLOCK) ? sigblock(0) | *(set) : (((how) == SIG_UNBLOCK) ? sigblock(0) & ~(*(set)) : ((how) == SIG_SETMASK ? *(set) : sigblock(0))))), \
+ ((oset) ? (*(oset ? oset : set) = sigsetmask(__sigtemp)) : sigsetmask(__sigtemp)), 0)
+#endif
+
+/*
+ * If your system doesn't have an include file with the appropriate
+ * byte order set, make sure you specify the correct one.
+ */
+#ifndef BYTE_ORDER
+#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax */
+#define BIG_ENDIAN 4321 /* MSB first: 68000, ibm, net */
+#define BYTE_ORDER BIG_ENDIAN /* Set for your system. */
+#endif
+
+#if defined(SYSV) || defined(SYSTEM5) || defined(__sun)
+#define index(a, b) strchr(a, b)
+#define rindex(a, b) strrchr(a, b)
+#define bzero(a, b) memset(a, 0, b)
+#define bcmp(a, b, n) memcmp(a, b, n)
+#define bcopy(a, b, n) memmove(b, a, n)
+#endif
+
+#if defined(BSD) || defined(BSD4_3)
+#define strchr(a, b) index(a, b)
+#define strrchr(a, b) rindex(a, b)
+#define memcmp(a, b, n) bcmp(a, b, n)
+#define memmove(a, b, n) bcopy(b, a, n)
+#endif
+
+/*
+ * 32-bit machine. The db routines are theoretically independent of
+ * the size of u_shorts and u_longs, but I don't know that anyone has
+ * ever actually tried it. At a minimum, change the following #define's
+ * if you are trying to compile on a different type of system.
+ */
+#ifndef USHRT_MAX
+#define USHRT_MAX 0xFFFF
+#define ULONG_MAX 0xFFFFFFFF
+#endif
+
+#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */
+#define O_ACCMODE (O_RDONLY | O_WRONLY | O_RDWR)
+#endif
+
+#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 RE limit. */
+#define _POSIX2_RE_DUP_MAX 255
+#endif
+
+/*
+ * If you can't provide lock values in the open(2) call. Note, this
+ * allows races to happen.
+ */
+#ifndef O_EXLOCK /* 4.4BSD extension. */
+#define O_EXLOCK 0
+#endif
+
+#ifndef O_SHLOCK /* 4.4BSD extension. */
+#define O_SHLOCK 0
+#endif
+
+#ifndef EFTYPE
+#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
+#endif
+
+#ifndef WCOREDUMP /* 4.4BSD extension */
+#define WCOREDUMP(a) 0
+#endif
+
+#ifndef STDERR_FILENO
+#define STDIN_FILENO 0 /* ANSI C #defines */
+#define STDOUT_FILENO 1
+#define STDERR_FILENO 2
+#endif
+
+#ifndef SEEK_END
+#define SEEK_SET 0 /* POSIX 1003.1 seek values */
+#define SEEK_CUR 1
+#define SEEK_END 2
+#endif
+
+#ifndef _POSIX_VDISABLE /* POSIX 1003.1 disabling char. */
+#define _POSIX_VDISABLE 0 /* Some systems used 0. */
+#endif
+
+#ifndef TCSASOFT /* 4.4BSD extension. */
+#define TCSASOFT 0
+#endif
+
+#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 values. */
+#define _POSIX2_RE_DUP_MAX 255
+#endif
+
+#ifndef NULL /* ANSI C #defines NULL everywhere. */
+#define NULL 0
+#endif
+
+#ifndef MAX /* Usually found in <sys/param.h>. */
+#define MAX(_a, _b) ((_a) < (_b) ? (_b) : (_a))
+#endif
+#ifndef MIN /* Usually found in <sys/param.h>. */
+#define MIN(_a, _b) ((_a) < (_b) ? (_a) : (_b))
+#endif
+
+/* Default file permissions. */
+#ifndef DEFFILEMODE /* 4.4BSD extension. */
+#define DEFFILEMODE (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH)
+#endif
+
+#ifndef __sun
+#ifndef S_ISDIR /* POSIX 1003.1 file type tests. */
+#define S_ISDIR(m) ((m & 0170000) == 0040000) /* directory */
+#define S_ISCHR(m) ((m & 0170000) == 0020000) /* char special */
+#define S_ISBLK(m) ((m & 0170000) == 0060000) /* block special */
+#define S_ISREG(m) ((m & 0170000) == 0100000) /* regular file */
+#define S_ISFIFO(m) ((m & 0170000) == 0010000) /* fifo */
+#endif
+#ifndef S_ISLNK /* BSD POSIX 1003.1 extensions */
+#define S_ISLNK(m) ((m & 0170000) == 0120000) /* symbolic link */
+#define S_ISSOCK(m) ((m & 0170000) == 0140000) /* socket */
+#endif
+#endif /* __sun */
+
+/* The type of a va_list. */
+#ifndef _BSD_VA_LIST_ /* 4.4BSD #define. */
+#define _BSD_VA_LIST_ char*
+#endif
+
+#endif /* !_COMPAT_H_ */
diff --git a/security/nss/lib/dbm/include/page.h b/security/nss/lib/dbm/include/page.h
new file mode 100644
index 000000000..1ece42bed
--- /dev/null
+++ b/security/nss/lib/dbm/include/page.h
@@ -0,0 +1,93 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)page.h 8.2 (Berkeley) 5/31/94
+ */
+
+/*
+ * Definitions for hashing page file format.
+ */
+
+/*
+ * routines dealing with a data page
+ *
+ * page format:
+ * +------------------------------+
+ * p | n | keyoff | datoff | keyoff |
+ * +------------+--------+--------+
+ * | datoff | free | ptr | --> |
+ * +--------+---------------------+
+ * | F R E E A R E A |
+ * +--------------+---------------+
+ * | <---- - - - | data |
+ * +--------+-----+----+----------+
+ * | key | data | key |
+ * +--------+----------+----------+
+ *
+ * Pointer to the free space is always: p[p[0] + 2]
+ * Amount of free space on the page is: p[p[0] + 1]
+ */
+
+/*
+ * How many bytes required for this pair?
+ * 2 shorts in the table at the top of the page + room for the
+ * key and room for the data
+ *
+ * We prohibit entering a pair on a page unless there is also room to append
+ * an overflow page. The reason for this it that you can get in a situation
+ * where a single key/data pair fits on a page, but you can't append an
+ * overflow page and later you'd have to split the key/data and handle like
+ * a big pair.
+ * You might as well do this up front.
+ */
+#ifndef PAGE_H
+#define PAGE_H
+
+#define PAIRSIZE(K, D) (2 * sizeof(uint16) + (K)->size + (D)->size)
+#define BIGOVERHEAD (4 * sizeof(uint16))
+#define KEYSIZE(K) (4 * sizeof(uint16) + (K)->size);
+#define OVFLSIZE (2 * sizeof(uint16))
+#define FREESPACE(P) ((P)[(P)[0] + 1])
+#define OFFSET(P) ((P)[(P)[0] + 2])
+#define PAIRFITS(P, K, D) \
+ (((P)[2] >= REAL_KEY) && \
+ (PAIRSIZE((K), (D)) + OVFLSIZE) <= FREESPACE((P)))
+#define PAGE_META(N) (((N) + 3) * sizeof(uint16))
+
+typedef struct {
+ BUFHEAD *newp;
+ BUFHEAD *oldp;
+ BUFHEAD *nextp;
+ uint16 next_addr;
+} SPLIT_RETURN;
+#endif
diff --git a/security/nss/lib/dbm/include/queue.h b/security/nss/lib/dbm/include/queue.h
new file mode 100644
index 000000000..adc2c524d
--- /dev/null
+++ b/security/nss/lib/dbm/include/queue.h
@@ -0,0 +1,258 @@
+/*
+ * Copyright (c) 1991, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)queue.h 8.3 (Berkeley) 12/13/93
+ */
+
+#ifndef _QUEUE_H_
+#define _QUEUE_H_
+
+/*
+ * This file defines three types of data structures: lists, tail queues,
+ * and circular queues.
+ *
+ * A list is headed by a single forward pointer (or an array of forward
+ * pointers for a hash table header). The elements are doubly linked
+ * so that an arbitrary element can be removed without a need to
+ * traverse the list. New elements can be added to the list after
+ * an existing element or at the head of the list. A list may only be
+ * traversed in the forward direction.
+ *
+ * A tail queue is headed by a pair of pointers, one to the head of the
+ * list and the other to the tail of the list. The elements are doubly
+ * linked so that an arbitrary element can be removed without a need to
+ * traverse the list. New elements can be added to the list after
+ * an existing element, at the head of the list, or at the end of the
+ * list. A tail queue may only be traversed in the forward direction.
+ *
+ * A circle queue is headed by a pair of pointers, one to the head of the
+ * list and the other to the tail of the list. The elements are doubly
+ * linked so that an arbitrary element can be removed without a need to
+ * traverse the list. New elements can be added to the list before or after
+ * an existing element, at the head of the list, or at the end of the list.
+ * A circle queue may be traversed in either direction, but has a more
+ * complex end of list detection.
+ *
+ * For details on the use of these macros, see the queue(3) manual page.
+ */
+
+/*
+ * List definitions.
+ */
+#define LIST_HEAD(name, type) \
+ struct name { \
+ struct type *lh_first; /* first element */ \
+ }
+
+#define LIST_ENTRY(type) \
+ struct { \
+ struct type *le_next; /* next element */ \
+ struct type **le_prev; /* address of previous next element */ \
+ }
+
+/*
+ * List functions.
+ */
+#define LIST_INIT(head) \
+ { \
+ (head)->lh_first = NULL; \
+ }
+
+#define LIST_INSERT_AFTER(listelm, elm, field) \
+ { \
+ if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \
+ (listelm)->field.le_next->field.le_prev = \
+ &(elm)->field.le_next; \
+ (listelm)->field.le_next = (elm); \
+ (elm)->field.le_prev = &(listelm)->field.le_next; \
+ }
+
+#define LIST_INSERT_HEAD(head, elm, field) \
+ { \
+ if (((elm)->field.le_next = (head)->lh_first) != NULL) \
+ (head)->lh_first->field.le_prev = &(elm)->field.le_next; \
+ (head)->lh_first = (elm); \
+ (elm)->field.le_prev = &(head)->lh_first; \
+ }
+
+#define LIST_REMOVE(elm, field) \
+ { \
+ if ((elm)->field.le_next != NULL) \
+ (elm)->field.le_next->field.le_prev = \
+ (elm)->field.le_prev; \
+ *(elm)->field.le_prev = (elm)->field.le_next; \
+ }
+
+/*
+ * Tail queue definitions.
+ */
+#define TAILQ_HEAD(name, type) \
+ struct name { \
+ struct type *tqh_first; /* first element */ \
+ struct type **tqh_last; /* addr of last next element */ \
+ }
+
+#define TAILQ_ENTRY(type) \
+ struct { \
+ struct type *tqe_next; /* next element */ \
+ struct type **tqe_prev; /* address of previous next element */ \
+ }
+
+/*
+ * Tail queue functions.
+ */
+#define TAILQ_INIT(head) \
+ { \
+ (head)->tqh_first = NULL; \
+ (head)->tqh_last = &(head)->tqh_first; \
+ }
+
+#define TAILQ_INSERT_HEAD(head, elm, field) \
+ { \
+ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \
+ (elm)->field.tqe_next->field.tqe_prev = \
+ &(elm)->field.tqe_next; \
+ else \
+ (head)->tqh_last = &(elm)->field.tqe_next; \
+ (head)->tqh_first = (elm); \
+ (elm)->field.tqe_prev = &(head)->tqh_first; \
+ }
+
+#define TAILQ_INSERT_TAIL(head, elm, field) \
+ { \
+ (elm)->field.tqe_next = NULL; \
+ (elm)->field.tqe_prev = (head)->tqh_last; \
+ *(head)->tqh_last = (elm); \
+ (head)->tqh_last = &(elm)->field.tqe_next; \
+ }
+
+#define TAILQ_INSERT_AFTER(head, listelm, elm, field) \
+ { \
+ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL) \
+ (elm)->field.tqe_next->field.tqe_prev = \
+ &(elm)->field.tqe_next; \
+ else \
+ (head)->tqh_last = &(elm)->field.tqe_next; \
+ (listelm)->field.tqe_next = (elm); \
+ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \
+ }
+
+#define TAILQ_REMOVE(head, elm, field) \
+ { \
+ if (((elm)->field.tqe_next) != NULL) \
+ (elm)->field.tqe_next->field.tqe_prev = \
+ (elm)->field.tqe_prev; \
+ else \
+ (head)->tqh_last = (elm)->field.tqe_prev; \
+ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \
+ }
+
+/*
+ * Circular queue definitions.
+ */
+#define CIRCLEQ_HEAD(name, type) \
+ struct name { \
+ struct type *cqh_first; /* first element */ \
+ struct type *cqh_last; /* last element */ \
+ }
+
+#define CIRCLEQ_ENTRY(type) \
+ struct { \
+ struct type *cqe_next; /* next element */ \
+ struct type *cqe_prev; /* previous element */ \
+ }
+
+/*
+ * Circular queue functions.
+ */
+#define CIRCLEQ_INIT(head) \
+ { \
+ (head)->cqh_first = (void *)(head); \
+ (head)->cqh_last = (void *)(head); \
+ }
+
+#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) \
+ { \
+ (elm)->field.cqe_next = (listelm)->field.cqe_next; \
+ (elm)->field.cqe_prev = (listelm); \
+ if ((listelm)->field.cqe_next == (void *)(head)) \
+ (head)->cqh_last = (elm); \
+ else \
+ (listelm)->field.cqe_next->field.cqe_prev = (elm); \
+ (listelm)->field.cqe_next = (elm); \
+ }
+
+#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) \
+ { \
+ (elm)->field.cqe_next = (listelm); \
+ (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \
+ if ((listelm)->field.cqe_prev == (void *)(head)) \
+ (head)->cqh_first = (elm); \
+ else \
+ (listelm)->field.cqe_prev->field.cqe_next = (elm); \
+ (listelm)->field.cqe_prev = (elm); \
+ }
+
+#define CIRCLEQ_INSERT_HEAD(head, elm, field) \
+ { \
+ (elm)->field.cqe_next = (head)->cqh_first; \
+ (elm)->field.cqe_prev = (void *)(head); \
+ if ((head)->cqh_last == (void *)(head)) \
+ (head)->cqh_last = (elm); \
+ else \
+ (head)->cqh_first->field.cqe_prev = (elm); \
+ (head)->cqh_first = (elm); \
+ }
+
+#define CIRCLEQ_INSERT_TAIL(head, elm, field) \
+ { \
+ (elm)->field.cqe_next = (void *)(head); \
+ (elm)->field.cqe_prev = (head)->cqh_last; \
+ if ((head)->cqh_first == (void *)(head)) \
+ (head)->cqh_first = (elm); \
+ else \
+ (head)->cqh_last->field.cqe_next = (elm); \
+ (head)->cqh_last = (elm); \
+ }
+
+#define CIRCLEQ_REMOVE(head, elm, field) \
+ { \
+ if ((elm)->field.cqe_next == (void *)(head)) \
+ (head)->cqh_last = (elm)->field.cqe_prev; \
+ else \
+ (elm)->field.cqe_next->field.cqe_prev = \
+ (elm)->field.cqe_prev; \
+ if ((elm)->field.cqe_prev == (void *)(head)) \
+ (head)->cqh_first = (elm)->field.cqe_next; \
+ else \
+ (elm)->field.cqe_prev->field.cqe_next = \
+ (elm)->field.cqe_next; \
+ }
+#endif /* !_QUEUE_H_ */
diff --git a/security/nss/lib/dbm/include/search.h b/security/nss/lib/dbm/include/search.h
new file mode 100644
index 000000000..d6fe0d93d
--- /dev/null
+++ b/security/nss/lib/dbm/include/search.h
@@ -0,0 +1,50 @@
+/*-
+ * Copyright (c) 1990, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)search.h 8.1 (Berkeley) 6/4/93
+ */
+
+/* Backward compatibility to hsearch interface. */
+typedef struct entry {
+ char *key;
+ char *data;
+} ENTRY;
+
+typedef enum {
+ FIND,
+ ENTER
+} ACTION;
+
+int hcreate(unsigned int);
+void hdestroy(void);
+ENTRY *hsearch(ENTRY, ACTION);
diff --git a/security/nss/lib/dbm/include/winfile.h b/security/nss/lib/dbm/include/winfile.h
new file mode 100644
index 000000000..da93ec746
--- /dev/null
+++ b/security/nss/lib/dbm/include/winfile.h
@@ -0,0 +1,103 @@
+
+/* ---------------------------------------------------------------------------
+ Stuff to fake unix file I/O on windows boxes
+ ------------------------------------------------------------------------*/
+
+#ifndef WINFILE_H
+#define WINFILE_H
+
+#ifdef _WINDOWS
+/* hacked out of <dirent.h> on an SGI */
+#if defined(XP_WIN32) || defined(_WIN32)
+/* 32-bit stuff here */
+#include <windows.h>
+#include <stdlib.h>
+#ifdef __MINGW32__
+#include <sys/types.h>
+#include <sys/stat.h>
+#else
+#include <sys\types.h>
+#include <sys\stat.h>
+#endif
+
+typedef struct DIR_Struct {
+ void* directoryPtr;
+ WIN32_FIND_DATA data;
+} DIR;
+
+#define _ST_FSTYPSZ 16
+
+#if !defined(__BORLANDC__) && !defined(__GNUC__)
+typedef unsigned long mode_t;
+typedef long uid_t;
+typedef long gid_t;
+typedef long off_t;
+typedef unsigned long nlink_t;
+#endif
+
+typedef struct timestruc {
+ time_t tv_sec; /* seconds */
+ long tv_nsec; /* and nanoseconds */
+} timestruc_t;
+
+struct dirent { /* data from readdir() */
+ ino_t d_ino; /* inode number of entry */
+ off_t d_off; /* offset of disk direntory entry */
+ unsigned short d_reclen; /* length of this record */
+ char d_name[_MAX_FNAME]; /* name of file */
+};
+
+#if !defined(__BORLANDC__) && !defined(__GNUC__)
+#define S_ISDIR(s) ((s)&_S_IFDIR)
+#endif
+
+#else /* _WIN32 */
+/* 16-bit windows stuff */
+
+#include <sys\types.h>
+#include <sys\stat.h>
+#include <dos.h>
+
+/* Getting cocky to support multiple file systems */
+typedef struct dirStruct_tag {
+ struct _find_t file_data;
+ char c_checkdrive;
+} dirStruct;
+
+typedef struct DIR_Struct {
+ void* directoryPtr;
+ dirStruct data;
+} DIR;
+
+#define _ST_FSTYPSZ 16
+typedef unsigned long mode_t;
+typedef long uid_t;
+typedef long gid_t;
+typedef long off_t;
+typedef unsigned long nlink_t;
+
+typedef struct timestruc {
+ time_t tv_sec; /* seconds */
+ long tv_nsec; /* and nanoseconds */
+} timestruc_t;
+
+struct dirent { /* data from readdir() */
+ ino_t d_ino; /* inode number of entry */
+ off_t d_off; /* offset of disk direntory entry */
+ unsigned short d_reclen; /* length of this record */
+#ifdef XP_WIN32
+ char d_name[_MAX_FNAME]; /* name of file */
+#else
+ char d_name[20]; /* name of file */
+#endif
+};
+
+#define S_ISDIR(s) ((s)&_S_IFDIR)
+
+#endif /* 16-bit windows */
+
+#define CONST const
+
+#endif /* _WINDOWS */
+
+#endif /* WINFILE_H */
diff --git a/security/nss/lib/dbm/manifest.mn b/security/nss/lib/dbm/manifest.mn
new file mode 100644
index 000000000..7a3bcf4c1
--- /dev/null
+++ b/security/nss/lib/dbm/manifest.mn
@@ -0,0 +1,17 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+MODULE = dbm
+
+IMPORTS = nspr20/v4.4.1
+
+RELEASE = dbm
+
+DIRS = include \
+ src \
+ $(NULL)
diff --git a/security/nss/lib/dbm/src/Makefile b/security/nss/lib/dbm/src/Makefile
new file mode 100644
index 000000000..862544362
--- /dev/null
+++ b/security/nss/lib/dbm/src/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/lib/dbm/config/config.mk
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+
diff --git a/security/nss/lib/dbm/src/config.mk b/security/nss/lib/dbm/src/config.mk
new file mode 100644
index 000000000..eab180540
--- /dev/null
+++ b/security/nss/lib/dbm/src/config.mk
@@ -0,0 +1,33 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE
+
+#
+# Currently, override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PURE_LIBRARY =
+PROGRAM =
+
+ifdef SHARED_LIBRARY
+ ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+ DLLBASE=/BASE:0x30000000
+ RES=$(OBJDIR)/dbm.res
+ RESNAME=../include/dbm.rc
+ endif
+ ifeq ($(DLL_SUFFIX),dll)
+ DEFINES += -D_DLL
+ endif
+endif
+
+ifeq ($(OS_TARGET),AIX)
+ OS_LIBS += -lc_r
+endif
diff --git a/security/nss/lib/dbm/src/db.c b/security/nss/lib/dbm/src/db.c
new file mode 100644
index 000000000..5c35bbd48
--- /dev/null
+++ b/security/nss/lib/dbm/src/db.c
@@ -0,0 +1,134 @@
+/*-
+ * Copyright (c) 1991, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)db.c 8.4 (Berkeley) 2/21/94";
+#endif /* LIBC_SCCS and not lint */
+
+#ifndef __DBINTERFACE_PRIVATE
+#define __DBINTERFACE_PRIVATE
+#endif
+#ifdef macintosh
+#include <unix.h>
+#else
+#include <sys/types.h>
+#endif
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stddef.h>
+#include <stdio.h>
+
+#include "mcom_db.h"
+
+/* a global flag that locks closed all databases */
+int all_databases_locked_closed = 0;
+
+/* set or unset a global lock flag to disable the
+ * opening of any DBM file
+ */
+void
+dbSetOrClearDBLock(DBLockFlagEnum type)
+{
+ if (type == LockOutDatabase)
+ all_databases_locked_closed = 1;
+ else
+ all_databases_locked_closed = 0;
+}
+
+DB *
+dbopen(const char *fname, int flags, int mode, DBTYPE type, const void *openinfo)
+{
+
+ /* lock out all file databases. Let in-memory databases through
+ */
+ if (all_databases_locked_closed && fname) {
+ errno = EINVAL;
+ return (NULL);
+ }
+
+#define DB_FLAGS (DB_LOCK | DB_SHMEM | DB_TXN)
+
+#if 0 /* most systems don't have EXLOCK and SHLOCK */
+#define USE_OPEN_FLAGS \
+ (O_CREAT | O_EXCL | O_EXLOCK | O_NONBLOCK | O_RDONLY | \
+ O_RDWR | O_SHLOCK | O_TRUNC)
+#else
+#define USE_OPEN_FLAGS \
+ (O_CREAT | O_EXCL | O_RDONLY | \
+ O_RDWR | O_TRUNC)
+#endif
+
+ if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0)
+ switch (type) {
+/* we don't need btree and recno right now */
+#if 0
+ case DB_BTREE:
+ return (__bt_open(fname, flags & USE_OPEN_FLAGS,
+ mode, openinfo, flags & DB_FLAGS));
+ case DB_RECNO:
+ return (__rec_open(fname, flags & USE_OPEN_FLAGS,
+ mode, openinfo, flags & DB_FLAGS));
+#endif
+
+ case DB_HASH:
+ return (__hash_open(fname, flags & USE_OPEN_FLAGS,
+ mode, (const HASHINFO *)openinfo, flags & DB_FLAGS));
+ default:
+ break;
+ }
+ errno = EINVAL;
+ return (NULL);
+}
+
+static int
+__dberr()
+{
+ return (RET_ERROR);
+}
+
+/*
+ * __DBPANIC -- Stop.
+ *
+ * Parameters:
+ * dbp: pointer to the DB structure.
+ */
+void
+__dbpanic(DB *dbp)
+{
+ /* The only thing that can succeed is a close. */
+ dbp->del = (int (*)(const struct __db *, const DBT *, uint))__dberr;
+ dbp->fd = (int (*)(const struct __db *))__dberr;
+ dbp->get = (int (*)(const struct __db *, const DBT *, DBT *, uint))__dberr;
+ dbp->put = (int (*)(const struct __db *, DBT *, const DBT *, uint))__dberr;
+ dbp->seq = (int (*)(const struct __db *, DBT *, DBT *, uint))__dberr;
+ dbp->sync = (int (*)(const struct __db *, uint))__dberr;
+}
diff --git a/security/nss/lib/dbm/src/dirent.c b/security/nss/lib/dbm/src/dirent.c
new file mode 100644
index 000000000..da3e83e5c
--- /dev/null
+++ b/security/nss/lib/dbm/src/dirent.c
@@ -0,0 +1,344 @@
+#ifdef OS2
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#include <dirent.h>
+#include <errno.h>
+
+/*#ifndef __EMX__
+#include <libx.h>
+#endif */
+
+#define INCL_DOSFILEMGR
+#define INCL_DOSERRORS
+#include <os2.h>
+
+#if OS2 >= 2
+#define FFBUF FILEFINDBUF3
+#define Word ULONG
+/*
+ * LS20 recommends a request count of 100, but according to the
+ * APAR text it does not lead to missing files, just to funny
+ * numbers of returned entries.
+ *
+ * LS30 HPFS386 requires a count greater than 2, or some files
+ * are missing (those starting with a character less that '.').
+ *
+ * Novell loses entries which overflow the buffer. In previous
+ * versions of dirent2, this could have lead to missing files
+ * when the average length of 100 directory entries was 40 bytes
+ * or more (quite unlikely for files on a Novell server).
+ *
+ * Conclusion: Make sure that the entries all fit into the buffer
+ * and that the buffer is large enough for more than 2 entries
+ * (each entry is at most 300 bytes long). And ignore the LS20
+ * effect.
+ */
+#define Count 25
+#define BufSz (25 * (sizeof(FILEFINDBUF3) + 1))
+#else
+#define FFBUF FILEFINDBUF
+#define Word USHORT
+#define BufSz 1024
+#define Count 3
+#endif
+
+#if defined(__IBMC__) || defined(__IBMCPP__)
+#define error(rc) _doserrno = rc, errno = EOS2ERR
+#elif defined(MICROSOFT)
+#define error(rc) _doserrno = rc, errno = 255
+#else
+#define error(rc) errno = 255
+#endif
+
+struct _dirdescr {
+ HDIR handle; /* DosFindFirst handle */
+ char fstype; /* filesystem type */
+ Word count; /* valid entries in <ffbuf> */
+ long number; /* absolute number of next entry */
+ int index; /* relative number of next entry */
+ FFBUF *next; /* pointer to next entry */
+ char name[MAXPATHLEN + 3]; /* directory name */
+ unsigned attrmask; /* attribute mask for seekdir */
+ struct dirent entry; /* buffer for directory entry */
+ BYTE ffbuf[BufSz];
+};
+
+/*
+ * Return first char of filesystem type, or 0 if unknown.
+ */
+static char
+getFSType(const char *path)
+{
+ static char cache[1 + 26];
+ char drive[3], info[512];
+ Word unit, infolen;
+ char r;
+
+ if (isalpha(path[0]) && path[1] == ':') {
+ unit = toupper(path[0]) - '@';
+ path += 2;
+ } else {
+ ULONG driveMap;
+#if OS2 >= 2
+ if (DosQueryCurrentDisk(&unit, &driveMap))
+#else
+ if (DosQCurDisk(&unit, &driveMap))
+#endif
+ return 0;
+ }
+
+ if ((path[0] == '\\' || path[0] == '/') &&
+ (path[1] == '\\' || path[1] == '/'))
+ return 0;
+
+ if (cache[unit])
+ return cache[unit];
+
+ drive[0] = '@' + unit;
+ drive[1] = ':';
+ drive[2] = '\0';
+ infolen = sizeof info;
+#if OS2 >= 2
+ if (DosQueryFSAttach(drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen))
+ return 0;
+ if (infolen >= sizeof(FSQBUFFER2)) {
+ FSQBUFFER2 *p = (FSQBUFFER2 *)info;
+ r = p->szFSDName[p->cbName];
+ } else
+#else
+ if (DosQFSAttach((PSZ)drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen, 0))
+ return 0;
+ if (infolen >= 9) {
+ char *p = info + sizeof(USHORT);
+ p += sizeof(USHORT) + *(USHORT *)p + 1 + sizeof(USHORT);
+ r = *p;
+ } else
+#endif
+ r = 0;
+ return cache[unit] = r;
+}
+
+char *
+abs_path(const char *name, char *buffer, int len)
+{
+ char buf[4];
+ if (isalpha(name[0]) && name[1] == ':' && name[2] == '\0') {
+ buf[0] = name[0];
+ buf[1] = name[1];
+ buf[2] = '.';
+ buf[3] = '\0';
+ name = buf;
+ }
+#if OS2 >= 2
+ if (DosQueryPathInfo((PSZ)name, FIL_QUERYFULLNAME, buffer, len))
+#else
+ if (DosQPathInfo((PSZ)name, FIL_QUERYFULLNAME, (PBYTE)buffer, len, 0L))
+#endif
+ return NULL;
+ return buffer;
+}
+
+DIR *
+openxdir(const char *path, unsigned att_mask)
+{
+ DIR *dir;
+ char name[MAXPATHLEN + 3];
+ Word rc;
+
+ dir = malloc(sizeof(DIR));
+ if (dir == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+
+ strncpy(name, path, MAXPATHLEN);
+ name[MAXPATHLEN] = '\0';
+ switch (name[strlen(name) - 1]) {
+ default:
+ strcat(name, "\\");
+ case '\\':
+ case '/':
+ case ':':;
+ }
+ strcat(name, ".");
+ if (!abs_path(name, dir->name, MAXPATHLEN + 1))
+ strcpy(dir->name, name);
+ if (dir->name[strlen(dir->name) - 1] == '\\')
+ strcat(dir->name, "*");
+ else
+ strcat(dir->name, "\\*");
+
+ dir->fstype = getFSType(dir->name);
+ dir->attrmask = att_mask | A_DIR;
+
+ dir->handle = HDIR_CREATE;
+ dir->count = 100;
+#if OS2 >= 2
+ rc = DosFindFirst(dir->name, &dir->handle, dir->attrmask,
+ dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD);
+#else
+ rc = DosFindFirst((PSZ)dir->name, &dir->handle, dir->attrmask,
+ (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0);
+#endif
+ switch (rc) {
+ default:
+ free(dir);
+ error(rc);
+ return NULL;
+ case NO_ERROR:
+ case ERROR_NO_MORE_FILES:;
+ }
+
+ dir->number = 0;
+ dir->index = 0;
+ dir->next = (FFBUF *)dir->ffbuf;
+
+ return (DIR *)dir;
+}
+
+DIR *
+opendir(const char *pathname)
+{
+ return openxdir(pathname, 0);
+}
+
+struct dirent *
+readdir(DIR *dir)
+{
+ static int dummy_ino = 2;
+
+ if (dir->index == dir->count) {
+ Word rc;
+ dir->count = 100;
+#if OS2 >= 2
+ rc = DosFindNext(dir->handle, dir->ffbuf,
+ sizeof dir->ffbuf, &dir->count);
+#else
+ rc = DosFindNext(dir->handle, (PFILEFINDBUF)dir->ffbuf,
+ sizeof dir->ffbuf, &dir->count);
+#endif
+ if (rc) {
+ error(rc);
+ return NULL;
+ }
+
+ dir->index = 0;
+ dir->next = (FFBUF *)dir->ffbuf;
+ }
+
+ if (dir->index == dir->count)
+ return NULL;
+
+ memcpy(dir->entry.d_name, dir->next->achName, dir->next->cchName);
+ dir->entry.d_name[dir->next->cchName] = '\0';
+ dir->entry.d_ino = dummy_ino++;
+ dir->entry.d_reclen = dir->next->cchName;
+ dir->entry.d_namlen = dir->next->cchName;
+ dir->entry.d_size = dir->next->cbFile;
+ dir->entry.d_attribute = dir->next->attrFile;
+ dir->entry.d_time = *(USHORT *)&dir->next->ftimeLastWrite;
+ dir->entry.d_date = *(USHORT *)&dir->next->fdateLastWrite;
+
+ switch (dir->fstype) {
+ case 'F': /* FAT */
+ case 'C': /* CDFS */
+ if (dir->next->attrFile & FILE_DIRECTORY)
+ strupr(dir->entry.d_name);
+ else
+ strlwr(dir->entry.d_name);
+ }
+
+#if OS2 >= 2
+ dir->next = (FFBUF *)((BYTE *)dir->next + dir->next->oNextEntryOffset);
+#else
+ dir->next = (FFBUF *)((BYTE *)dir->next->achName + dir->next->cchName + 1);
+#endif
+ ++dir->number;
+ ++dir->index;
+
+ return &dir->entry;
+}
+
+long
+telldir(DIR *dir)
+{
+ return dir->number;
+}
+
+void
+seekdir(DIR *dir, long off)
+{
+ if (dir->number > off) {
+ char name[MAXPATHLEN + 2];
+ Word rc;
+
+ DosFindClose(dir->handle);
+
+ strcpy(name, dir->name);
+ strcat(name, "*");
+
+ dir->handle = HDIR_CREATE;
+ dir->count = 32767;
+#if OS2 >= 2
+ rc = DosFindFirst(name, &dir->handle, dir->attrmask,
+ dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD);
+#else
+ rc = DosFindFirst((PSZ)name, &dir->handle, dir->attrmask,
+ (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0);
+#endif
+ switch (rc) {
+ default:
+ error(rc);
+ return;
+ case NO_ERROR:
+ case ERROR_NO_MORE_FILES:;
+ }
+
+ dir->number = 0;
+ dir->index = 0;
+ dir->next = (FFBUF *)dir->ffbuf;
+ }
+
+ while (dir->number < off && readdir(dir))
+ ;
+}
+
+void
+closedir(DIR *dir)
+{
+ DosFindClose(dir->handle);
+ free(dir);
+}
+
+/*****************************************************************************/
+
+#ifdef TEST
+
+main(int argc, char **argv)
+{
+ int i;
+ DIR *dir;
+ struct dirent *ep;
+
+ for (i = 1; i < argc; ++i) {
+ dir = opendir(argv[i]);
+ if (!dir)
+ continue;
+ while (ep = readdir(dir))
+ if (strchr("\\/:", argv[i][strlen(argv[i]) - 1]))
+ printf("%s%s\n", argv[i], ep->d_name);
+ else
+ printf("%s/%s\n", argv[i], ep->d_name);
+ closedir(dir);
+ }
+
+ return 0;
+}
+
+#endif
+
+#endif /* OS2 */
diff --git a/security/nss/lib/dbm/src/dirent.h b/security/nss/lib/dbm/src/dirent.h
new file mode 100644
index 000000000..0b4ae5dd2
--- /dev/null
+++ b/security/nss/lib/dbm/src/dirent.h
@@ -0,0 +1,97 @@
+#ifndef __DIRENT_H__
+#define __DIRENT_H__
+/*
+ * @(#)msd_dir.h 1.4 87/11/06 Public Domain.
+ *
+ * A public domain implementation of BSD directory routines for
+ * MS-DOS. Written by Michael Rendell ({uunet,utai}michael@garfield),
+ * August 1897
+ *
+ * Extended by Peter Lim (lim@mullian.oz) to overcome some MS DOS quirks
+ * and returns 2 more pieces of information - file size & attribute.
+ * Plus a little reshuffling of some #define's positions December 1987
+ *
+ * Some modifications by Martin Junius 02-14-89
+ *
+ * AK900712
+ * AK910410 abs_path - make absolute path
+ *
+ */
+
+#ifdef __EMX__
+#include <sys/param.h>
+#else
+#if defined(__IBMC__) || defined(__IBMCPP__) || defined(XP_W32_MSVC)
+#include <stdio.h>
+#ifdef MAXPATHLEN
+#undef MAXPATHLEN
+#endif
+#define MAXPATHLEN (FILENAME_MAX * 4)
+#define MAXNAMLEN FILENAME_MAX
+
+#else
+#include <param.h>
+#endif
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* attribute stuff */
+#ifndef A_RONLY
+#define A_RONLY 0x01
+#define A_HIDDEN 0x02
+#define A_SYSTEM 0x04
+#define A_LABEL 0x08
+#define A_DIR 0x10
+#define A_ARCHIVE 0x20
+#endif
+
+struct dirent {
+#if defined(OS2) || defined(WIN32) /* use the layout of EMX to avoid trouble */
+ int d_ino; /* Dummy */
+ int d_reclen; /* Dummy, same as d_namlen */
+ int d_namlen; /* length of name */
+ char d_name[MAXNAMLEN + 1];
+ unsigned long d_size;
+ unsigned short d_attribute; /* attributes (see above) */
+ unsigned short d_time; /* modification time */
+ unsigned short d_date; /* modification date */
+#else
+ char d_name[MAXNAMLEN + 1]; /* garentee null termination */
+ char d_attribute; /* .. extension .. */
+ unsigned long d_size; /* .. extension .. */
+#endif
+};
+
+typedef struct _dirdescr DIR;
+/* the structs do not have to be defined here */
+
+extern DIR *opendir(const char *);
+extern DIR *openxdir(const char *, unsigned);
+extern struct dirent *readdir(DIR *);
+extern void seekdir(DIR *, long);
+extern long telldir(DIR *);
+extern void closedir(DIR *);
+#define rewinddir(dirp) seekdir(dirp, 0L)
+
+extern char *abs_path(const char *name, char *buffer, int len);
+
+#ifndef S_IFMT
+#define S_IFMT (S_IFDIR | S_IFREG)
+#endif
+
+#ifndef S_ISDIR
+#define S_ISDIR(m) (((m)&S_IFMT) == S_IFDIR)
+#endif
+
+#ifndef S_ISREG
+#define S_ISREG(m) (((m)&S_IFMT) == S_IFREG)
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/security/nss/lib/dbm/src/h_bigkey.c b/security/nss/lib/dbm/src/h_bigkey.c
new file mode 100644
index 000000000..6edfe7f5a
--- /dev/null
+++ b/security/nss/lib/dbm/src/h_bigkey.c
@@ -0,0 +1,707 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)hash_bigkey.c 8.3 (Berkeley) 5/31/94";
+#endif /* LIBC_SCCS and not lint */
+
+/*
+ * PACKAGE: hash
+ * DESCRIPTION:
+ * Big key/data handling for the hashing package.
+ *
+ * ROUTINES:
+ * External
+ * __big_keydata
+ * __big_split
+ * __big_insert
+ * __big_return
+ * __big_delete
+ * __find_last_page
+ * Internal
+ * collect_key
+ * collect_data
+ */
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+#include <sys/param.h>
+#endif
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef DEBUG
+#include <assert.h>
+#endif
+
+#include "mcom_db.h"
+#include "hash.h"
+#include "page.h"
+/* #include "extern.h" */
+
+static int collect_key(HTAB *, BUFHEAD *, int, DBT *, int);
+static int collect_data(HTAB *, BUFHEAD *, int, int);
+
+/*
+ * Big_insert
+ *
+ * You need to do an insert and the key/data pair is too big
+ *
+ * Returns:
+ * 0 ==> OK
+ *-1 ==> ERROR
+ */
+extern int
+__big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val)
+{
+ register uint16 *p;
+ uint key_size, n, val_size;
+ uint16 space, move_bytes, off;
+ char *cp, *key_data, *val_data;
+
+ cp = bufp->page; /* Character pointer of p. */
+ p = (uint16 *)cp;
+
+ key_data = (char *)key->data;
+ key_size = key->size;
+ val_data = (char *)val->data;
+ val_size = val->size;
+
+ /* First move the Key */
+ for (space = FREESPACE(p) - BIGOVERHEAD; key_size;
+ space = FREESPACE(p) - BIGOVERHEAD) {
+ move_bytes = PR_MIN(space, key_size);
+ off = OFFSET(p) - move_bytes;
+ memmove(cp + off, key_data, move_bytes);
+ key_size -= move_bytes;
+ key_data += move_bytes;
+ n = p[0];
+ p[++n] = off;
+ p[0] = ++n;
+ FREESPACE(p) = off - PAGE_META(n);
+ OFFSET(p) = off;
+ p[n] = PARTIAL_KEY;
+ bufp = __add_ovflpage(hashp, bufp);
+ if (!bufp)
+ return (-1);
+ n = p[0];
+ if (!key_size) {
+ if (FREESPACE(p)) {
+ move_bytes = PR_MIN(FREESPACE(p), val_size);
+ off = OFFSET(p) - move_bytes;
+ p[n] = off;
+ memmove(cp + off, val_data, move_bytes);
+ val_data += move_bytes;
+ val_size -= move_bytes;
+ p[n - 2] = FULL_KEY_DATA;
+ FREESPACE(p) = FREESPACE(p) - move_bytes;
+ OFFSET(p) = off;
+ } else
+ p[n - 2] = FULL_KEY;
+ }
+ p = (uint16 *)bufp->page;
+ cp = bufp->page;
+ bufp->flags |= BUF_MOD;
+ }
+
+ /* Now move the data */
+ for (space = FREESPACE(p) - BIGOVERHEAD; val_size;
+ space = FREESPACE(p) - BIGOVERHEAD) {
+ move_bytes = PR_MIN(space, val_size);
+ /*
+ * Here's the hack to make sure that if the data ends on the
+ * same page as the key ends, FREESPACE is at least one.
+ */
+ if (space == val_size && val_size == val->size)
+ move_bytes--;
+ off = OFFSET(p) - move_bytes;
+ memmove(cp + off, val_data, move_bytes);
+ val_size -= move_bytes;
+ val_data += move_bytes;
+ n = p[0];
+ p[++n] = off;
+ p[0] = ++n;
+ FREESPACE(p) = off - PAGE_META(n);
+ OFFSET(p) = off;
+ if (val_size) {
+ p[n] = FULL_KEY;
+ bufp = __add_ovflpage(hashp, bufp);
+ if (!bufp)
+ return (-1);
+ cp = bufp->page;
+ p = (uint16 *)cp;
+ } else
+ p[n] = FULL_KEY_DATA;
+ bufp->flags |= BUF_MOD;
+ }
+ return (0);
+}
+
+/*
+ * Called when bufp's page contains a partial key (index should be 1)
+ *
+ * All pages in the big key/data pair except bufp are freed. We cannot
+ * free bufp because the page pointing to it is lost and we can't get rid
+ * of its pointer.
+ *
+ * Returns:
+ * 0 => OK
+ *-1 => ERROR
+ */
+extern int
+__big_delete(HTAB *hashp, BUFHEAD *bufp)
+{
+ register BUFHEAD *last_bfp, *rbufp;
+ uint16 *bp, pageno;
+ int key_done, n;
+
+ rbufp = bufp;
+ last_bfp = NULL;
+ bp = (uint16 *)bufp->page;
+ pageno = 0;
+ key_done = 0;
+
+ while (!key_done || (bp[2] != FULL_KEY_DATA)) {
+ if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA)
+ key_done = 1;
+
+ /*
+ * If there is freespace left on a FULL_KEY_DATA page, then
+ * the data is short and fits entirely on this page, and this
+ * is the last page.
+ */
+ if (bp[2] == FULL_KEY_DATA && FREESPACE(bp))
+ break;
+ pageno = bp[bp[0] - 1];
+ rbufp->flags |= BUF_MOD;
+ rbufp = __get_buf(hashp, pageno, rbufp, 0);
+ if (last_bfp)
+ __free_ovflpage(hashp, last_bfp);
+ last_bfp = rbufp;
+ if (!rbufp)
+ return (-1); /* Error. */
+ bp = (uint16 *)rbufp->page;
+ }
+
+ /*
+ * If we get here then rbufp points to the last page of the big
+ * key/data pair. Bufp points to the first one -- it should now be
+ * empty pointing to the next page after this pair. Can't free it
+ * because we don't have the page pointing to it.
+ */
+
+ /* This is information from the last page of the pair. */
+ n = bp[0];
+ pageno = bp[n - 1];
+
+ /* Now, bp is the first page of the pair. */
+ bp = (uint16 *)bufp->page;
+ if (n > 2) {
+ /* There is an overflow page. */
+ bp[1] = pageno;
+ bp[2] = OVFLPAGE;
+ bufp->ovfl = rbufp->ovfl;
+ } else
+ /* This is the last page. */
+ bufp->ovfl = NULL;
+ n -= 2;
+ bp[0] = n;
+ FREESPACE(bp) = hashp->BSIZE - PAGE_META(n);
+ OFFSET(bp) = hashp->BSIZE - 1;
+
+ bufp->flags |= BUF_MOD;
+ if (rbufp)
+ __free_ovflpage(hashp, rbufp);
+ if (last_bfp != rbufp)
+ __free_ovflpage(hashp, last_bfp);
+
+ hashp->NKEYS--;
+ return (0);
+}
+/*
+ * Returns:
+ * 0 = key not found
+ * -1 = get next overflow page
+ * -2 means key not found and this is big key/data
+ * -3 error
+ */
+extern int
+__find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size)
+{
+ register uint16 *bp;
+ register char *p;
+ int ksize;
+ uint16 bytes;
+ char *kkey;
+
+ bp = (uint16 *)bufp->page;
+ p = bufp->page;
+ ksize = size;
+ kkey = key;
+
+ for (bytes = hashp->BSIZE - bp[ndx];
+ bytes <= size && bp[ndx + 1] == PARTIAL_KEY;
+ bytes = hashp->BSIZE - bp[ndx]) {
+ if (memcmp(p + bp[ndx], kkey, bytes))
+ return (-2);
+ kkey += bytes;
+ ksize -= bytes;
+ bufp = __get_buf(hashp, bp[ndx + 2], bufp, 0);
+ if (!bufp)
+ return (-3);
+ p = bufp->page;
+ bp = (uint16 *)p;
+ ndx = 1;
+ }
+
+ if (bytes != ksize || memcmp(p + bp[ndx], kkey, bytes)) {
+#ifdef HASH_STATISTICS
+ ++hash_collisions;
+#endif
+ return (-2);
+ } else
+ return (ndx);
+}
+
+/*
+ * Given the buffer pointer of the first overflow page of a big pair,
+ * find the end of the big pair
+ *
+ * This will set bpp to the buffer header of the last page of the big pair.
+ * It will return the pageno of the overflow page following the last page
+ * of the pair; 0 if there isn't any (i.e. big pair is the last key in the
+ * bucket)
+ */
+extern uint16
+__find_last_page(HTAB *hashp, BUFHEAD **bpp)
+{
+ BUFHEAD *bufp;
+ uint16 *bp, pageno;
+ uint n;
+
+ bufp = *bpp;
+ bp = (uint16 *)bufp->page;
+ for (;;) {
+ n = bp[0];
+
+ /*
+ * This is the last page if: the tag is FULL_KEY_DATA and
+ * either only 2 entries OVFLPAGE marker is explicit there
+ * is freespace on the page.
+ */
+ if (bp[2] == FULL_KEY_DATA &&
+ ((n == 2) || (bp[n] == OVFLPAGE) || (FREESPACE(bp))))
+ break;
+
+ /* LJM bound the size of n to reasonable limits
+ */
+ if (n > hashp->BSIZE / sizeof(uint16))
+ return (0);
+
+ pageno = bp[n - 1];
+ bufp = __get_buf(hashp, pageno, bufp, 0);
+ if (!bufp)
+ return (0); /* Need to indicate an error! */
+ bp = (uint16 *)bufp->page;
+ }
+
+ *bpp = bufp;
+ if (bp[0] > 2)
+ return (bp[3]);
+ else
+ return (0);
+}
+
+/*
+ * Return the data for the key/data pair that begins on this page at this
+ * index (index should always be 1).
+ */
+extern int
+__big_return(
+ HTAB *hashp,
+ BUFHEAD *bufp,
+ int ndx,
+ DBT *val,
+ int set_current)
+{
+ BUFHEAD *save_p;
+ uint16 *bp, len, off, save_addr;
+ char *tp;
+ int save_flags;
+
+ bp = (uint16 *)bufp->page;
+ while (bp[ndx + 1] == PARTIAL_KEY) {
+ bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!bufp)
+ return (-1);
+ bp = (uint16 *)bufp->page;
+ ndx = 1;
+ }
+
+ if (bp[ndx + 1] == FULL_KEY) {
+ bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!bufp)
+ return (-1);
+ bp = (uint16 *)bufp->page;
+ save_p = bufp;
+ save_addr = save_p->addr;
+ off = bp[1];
+ len = 0;
+ } else if (!FREESPACE(bp)) {
+ /*
+ * This is a hack. We can't distinguish between
+ * FULL_KEY_DATA that contains complete data or
+ * incomplete data, so we require that if the data
+ * is complete, there is at least 1 byte of free
+ * space left.
+ */
+ off = bp[bp[0]];
+ len = bp[1] - off;
+ save_p = bufp;
+ save_addr = bufp->addr;
+ bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!bufp)
+ return (-1);
+ bp = (uint16 *)bufp->page;
+ } else {
+ /* The data is all on one page. */
+ tp = (char *)bp;
+ off = bp[bp[0]];
+ val->data = (uint8 *)tp + off;
+ val->size = bp[1] - off;
+ if (set_current) {
+ if (bp[0] == 2) { /* No more buckets in
+ * chain */
+ hashp->cpage = NULL;
+ hashp->cbucket++;
+ hashp->cndx = 1;
+ } else {
+ hashp->cpage = __get_buf(hashp,
+ bp[bp[0] - 1], bufp, 0);
+ if (!hashp->cpage)
+ return (-1);
+ hashp->cndx = 1;
+ if (!((uint16 *)
+ hashp->cpage->page)[0]) {
+ hashp->cbucket++;
+ hashp->cpage = NULL;
+ }
+ }
+ }
+ return (0);
+ }
+
+ /* pin our saved buf so that we don't lose if
+ * we run out of buffers */
+ save_flags = save_p->flags;
+ save_p->flags |= BUF_PIN;
+ val->size = collect_data(hashp, bufp, (int)len, set_current);
+ save_p->flags = save_flags;
+ if (val->size == (size_t)-1)
+ return (-1);
+ if (save_p->addr != save_addr) {
+ /* We are pretty short on buffers. */
+ errno = EINVAL; /* OUT OF BUFFERS */
+ return (-1);
+ }
+ memmove(hashp->tmp_buf, (save_p->page) + off, len);
+ val->data = (uint8 *)hashp->tmp_buf;
+ return (0);
+}
+
+/*
+ * Count how big the total datasize is by looping through the pages. Then
+ * allocate a buffer and copy the data in the second loop. NOTE: Our caller
+ * may already have a bp which it is holding onto. The caller is
+ * responsible for copying that bp into our temp buffer. 'len' is how much
+ * space to reserve for that buffer.
+ */
+static int
+collect_data(
+ HTAB *hashp,
+ BUFHEAD *bufp,
+ int len, int set)
+{
+ register uint16 *bp;
+ BUFHEAD *save_bufp;
+ int save_flags;
+ int mylen, totlen;
+
+ /*
+ * save the input buf head because we need to walk the list twice.
+ * pin it to make sure it doesn't leave the buffer pool.
+ * This has the effect of growing the buffer pool if necessary.
+ */
+ save_bufp = bufp;
+ save_flags = save_bufp->flags;
+ save_bufp->flags |= BUF_PIN;
+
+ /* read the length of the buffer */
+ for (totlen = len; bufp; bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0)) {
+ bp = (uint16 *)bufp->page;
+ mylen = hashp->BSIZE - bp[1];
+
+ /* if mylen ever goes negative it means that the
+ * page is screwed up.
+ */
+ if (mylen < 0) {
+ save_bufp->flags = save_flags;
+ return (-1);
+ }
+ totlen += mylen;
+ if (bp[2] == FULL_KEY_DATA) { /* End of Data */
+ break;
+ }
+ }
+
+ if (!bufp) {
+ save_bufp->flags = save_flags;
+ return (-1);
+ }
+
+ /* allocate a temp buf */
+ if (hashp->tmp_buf)
+ free(hashp->tmp_buf);
+ if ((hashp->tmp_buf = (char *)malloc((size_t)totlen)) == NULL) {
+ save_bufp->flags = save_flags;
+ return (-1);
+ }
+
+ /* copy the buffers back into temp buf */
+ for (bufp = save_bufp; bufp;
+ bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0)) {
+ bp = (uint16 *)bufp->page;
+ mylen = hashp->BSIZE - bp[1];
+ memmove(&hashp->tmp_buf[len], (bufp->page) + bp[1], (size_t)mylen);
+ len += mylen;
+ if (bp[2] == FULL_KEY_DATA) {
+ break;
+ }
+ }
+
+ /* 'clear' the pin flags */
+ save_bufp->flags = save_flags;
+
+ /* update the database cursor */
+ if (set) {
+ hashp->cndx = 1;
+ if (bp[0] == 2) { /* No more buckets in chain */
+ hashp->cpage = NULL;
+ hashp->cbucket++;
+ } else {
+ hashp->cpage = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!hashp->cpage)
+ return (-1);
+ else if (!((uint16 *)hashp->cpage->page)[0]) {
+ hashp->cbucket++;
+ hashp->cpage = NULL;
+ }
+ }
+ }
+ return (totlen);
+}
+
+/*
+ * Fill in the key and data for this big pair.
+ */
+extern int
+__big_keydata(
+ HTAB *hashp,
+ BUFHEAD *bufp,
+ DBT *key, DBT *val,
+ int set)
+{
+ key->size = collect_key(hashp, bufp, 0, val, set);
+ if (key->size == (size_t)-1)
+ return (-1);
+ key->data = (uint8 *)hashp->tmp_key;
+ return (0);
+}
+
+/*
+ * Count how big the total key size is by recursing through the pages. Then
+ * collect the data, allocate a buffer and copy the key as you recurse up.
+ */
+static int
+collect_key(
+ HTAB *hashp,
+ BUFHEAD *bufp,
+ int len,
+ DBT *val,
+ int set)
+{
+ BUFHEAD *xbp;
+ char *p;
+ int mylen, totlen;
+ uint16 *bp, save_addr;
+
+ p = bufp->page;
+ bp = (uint16 *)p;
+ mylen = hashp->BSIZE - bp[1];
+
+ save_addr = bufp->addr;
+ totlen = len + mylen;
+ if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA) { /* End of Key. */
+ if (hashp->tmp_key != NULL)
+ free(hashp->tmp_key);
+ if ((hashp->tmp_key = (char *)malloc((size_t)totlen)) == NULL)
+ return (-1);
+ if (__big_return(hashp, bufp, 1, val, set))
+ return (-1);
+ } else {
+ xbp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!xbp || ((totlen =
+ collect_key(hashp, xbp, totlen, val, set)) < 1))
+ return (-1);
+ }
+ if (bufp->addr != save_addr) {
+ errno = EINVAL; /* MIS -- OUT OF BUFFERS */
+ return (-1);
+ }
+ memmove(&hashp->tmp_key[len], (bufp->page) + bp[1], (size_t)mylen);
+ return (totlen);
+}
+
+/*
+ * Returns:
+ * 0 => OK
+ * -1 => error
+ */
+extern int
+__big_split(
+ HTAB *hashp,
+ BUFHEAD *op, /* Pointer to where to put keys that go in old bucket */
+ BUFHEAD *np, /* Pointer to new bucket page */
+ /* Pointer to first page containing the big key/data */
+ BUFHEAD *big_keyp,
+ uint32 addr, /* Address of big_keyp */
+ uint32 obucket, /* Old Bucket */
+ SPLIT_RETURN *ret)
+{
+ register BUFHEAD *tmpp;
+ register uint16 *tp;
+ BUFHEAD *bp;
+ DBT key, val;
+ uint32 change;
+ uint16 free_space, n, off;
+
+ bp = big_keyp;
+
+ /* Now figure out where the big key/data goes */
+ if (__big_keydata(hashp, big_keyp, &key, &val, 0))
+ return (-1);
+ change = (__call_hash(hashp, (char *)key.data, key.size) != obucket);
+
+ if ((ret->next_addr = __find_last_page(hashp, &big_keyp))) {
+ if (!(ret->nextp =
+ __get_buf(hashp, ret->next_addr, big_keyp, 0)))
+ return (-1);
+ ;
+ } else
+ ret->nextp = NULL;
+
+/* Now make one of np/op point to the big key/data pair */
+#ifdef DEBUG
+ assert(np->ovfl == NULL);
+#endif
+ if (change)
+ tmpp = np;
+ else
+ tmpp = op;
+
+ tmpp->flags |= BUF_MOD;
+#ifdef DEBUG1
+ (void)fprintf(stderr,
+ "BIG_SPLIT: %d->ovfl was %d is now %d\n", tmpp->addr,
+ (tmpp->ovfl ? tmpp->ovfl->addr : 0), (bp ? bp->addr : 0));
+#endif
+ tmpp->ovfl = bp; /* one of op/np point to big_keyp */
+ tp = (uint16 *)tmpp->page;
+
+#if 0 /* this get's tripped on database corrupted error */
+ assert(FREESPACE(tp) >= OVFLSIZE);
+#endif
+ if (FREESPACE(tp) < OVFLSIZE)
+ return (DATABASE_CORRUPTED_ERROR);
+
+ n = tp[0];
+ off = OFFSET(tp);
+ free_space = FREESPACE(tp);
+ tp[++n] = (uint16)addr;
+ tp[++n] = OVFLPAGE;
+ tp[0] = n;
+ OFFSET(tp) = off;
+ FREESPACE(tp) = free_space - OVFLSIZE;
+
+ /*
+ * Finally, set the new and old return values. BIG_KEYP contains a
+ * pointer to the last page of the big key_data pair. Make sure that
+ * big_keyp has no following page (2 elements) or create an empty
+ * following page.
+ */
+
+ ret->newp = np;
+ ret->oldp = op;
+
+ tp = (uint16 *)big_keyp->page;
+ big_keyp->flags |= BUF_MOD;
+ if (tp[0] > 2) {
+ /*
+ * There may be either one or two offsets on this page. If
+ * there is one, then the overflow page is linked on normally
+ * and tp[4] is OVFLPAGE. If there are two, tp[4] contains
+ * the second offset and needs to get stuffed in after the
+ * next overflow page is added.
+ */
+ n = tp[4];
+ free_space = FREESPACE(tp);
+ off = OFFSET(tp);
+ tp[0] -= 2;
+ FREESPACE(tp) = free_space + OVFLSIZE;
+ OFFSET(tp) = off;
+ tmpp = __add_ovflpage(hashp, big_keyp);
+ if (!tmpp)
+ return (-1);
+ tp[4] = n;
+ } else
+ tmpp = big_keyp;
+
+ if (change)
+ ret->newp = tmpp;
+ else
+ ret->oldp = tmpp;
+ return (0);
+}
diff --git a/security/nss/lib/dbm/src/h_func.c b/security/nss/lib/dbm/src/h_func.c
new file mode 100644
index 000000000..0d8734e8b
--- /dev/null
+++ b/security/nss/lib/dbm/src/h_func.c
@@ -0,0 +1,207 @@
+/*-
+ * Copyright (c) 1990, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)hash_func.c 8.2 (Berkeley) 2/21/94";
+#endif /* LIBC_SCCS and not lint */
+
+#ifndef macintosh
+#include <sys/types.h>
+#endif
+#include "mcom_db.h"
+#include "hash.h"
+#include "page.h"
+/* #include "extern.h" */
+
+#if 0
+static uint32 hash1(const void *, size_t);
+static uint32 hash2(const void *, size_t);
+static uint32 hash3(const void *, size_t);
+#endif
+static uint32 hash4(const void *, size_t);
+
+/* Global default hash function */
+uint32 (*__default_hash)(const void *, size_t) = hash4;
+
+/*
+ * HASH FUNCTIONS
+ *
+ * Assume that we've already split the bucket to which this key hashes,
+ * calculate that bucket, and check that in fact we did already split it.
+ *
+ * This came from ejb's hsearch.
+ */
+
+#define PRIME1 37
+#define PRIME2 1048583
+
+#if 0
+static uint32
+hash1(const void *keyarg, register size_t len)
+{
+ register const uint8 *key;
+ register uint32 h;
+
+ /* Convert string to integer */
+ for (key = (const uint8 *)keyarg, h = 0; len--;)
+ h = h * PRIME1 ^ (*key++ - ' ');
+ h %= PRIME2;
+ return (h);
+}
+
+/*
+ * Phong's linear congruential hash
+ */
+#define dcharhash(h, c) ((h) = 0x63c63cd9 * (h) + 0x9c39c33d + (c))
+
+static uint32
+hash2(const void *keyarg, size_t len)
+{
+ register const uint8 *e, *key;
+ register uint32 h;
+ register uint8 c;
+
+ key = (const uint8 *)keyarg;
+ e = key + len;
+ for (h = 0; key != e;) {
+ c = *key++;
+ if (!c && key > e)
+ break;
+ dcharhash(h, c);
+ }
+ return (h);
+}
+
+/*
+ * This is INCREDIBLY ugly, but fast. We break the string up into 8 byte
+ * units. On the first time through the loop we get the "leftover bytes"
+ * (strlen % 8). On every other iteration, we perform 8 HASHC's so we handle
+ * all 8 bytes. Essentially, this saves us 7 cmp & branch instructions. If
+ * this routine is heavily used enough, it's worth the ugly coding.
+ *
+ * OZ's original sdbm hash
+ */
+static uint32
+hash3(const void *keyarg, register size_t len)
+{
+ register const uint8 *key;
+ register size_t loop;
+ register uint32 h;
+
+#define HASHC h = *key++ + 65599 * h
+
+ h = 0;
+ key = (const uint8 *)keyarg;
+ if (len > 0) {
+ loop = (len + 8 - 1) >> 3;
+
+ switch (len & (8 - 1)) {
+ case 0:
+ do {
+ HASHC;
+ /* FALLTHROUGH */
+ case 7:
+ HASHC;
+ /* FALLTHROUGH */
+ case 6:
+ HASHC;
+ /* FALLTHROUGH */
+ case 5:
+ HASHC;
+ /* FALLTHROUGH */
+ case 4:
+ HASHC;
+ /* FALLTHROUGH */
+ case 3:
+ HASHC;
+ /* FALLTHROUGH */
+ case 2:
+ HASHC;
+ /* FALLTHROUGH */
+ case 1:
+ HASHC;
+ } while (--loop);
+ }
+ }
+ return (h);
+}
+#endif /* 0 */
+
+/* Hash function from Chris Torek. */
+static uint32
+hash4(const void *keyarg, register size_t len)
+{
+ register const uint8 *key;
+ register size_t loop;
+ register uint32 h;
+
+#define HASH4a h = (h << 5) - h + *key++;
+#define HASH4b h = (h << 5) + h + *key++;
+#define HASH4 HASH4b
+
+ h = 0;
+ key = (const uint8 *)keyarg;
+ if (len > 0) {
+ loop = (len + 8 - 1) >> 3;
+
+ switch (len & (8 - 1)) {
+ case 0:
+ do {
+ HASH4;
+ /* FALLTHROUGH */
+ case 7:
+ HASH4;
+ /* FALLTHROUGH */
+ case 6:
+ HASH4;
+ /* FALLTHROUGH */
+ case 5:
+ HASH4;
+ /* FALLTHROUGH */
+ case 4:
+ HASH4;
+ /* FALLTHROUGH */
+ case 3:
+ HASH4;
+ /* FALLTHROUGH */
+ case 2:
+ HASH4;
+ /* FALLTHROUGH */
+ case 1:
+ HASH4;
+ } while (--loop);
+ }
+ }
+ return (h);
+}
diff --git a/security/nss/lib/dbm/src/h_log2.c b/security/nss/lib/dbm/src/h_log2.c
new file mode 100644
index 000000000..a42b51a99
--- /dev/null
+++ b/security/nss/lib/dbm/src/h_log2.c
@@ -0,0 +1,54 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)hash_log2.c 8.2 (Berkeley) 5/31/94";
+#endif /* LIBC_SCCS and not lint */
+
+#include <stdio.h>
+#ifndef macintosh
+#include <sys/types.h>
+#endif
+#include "mcom_db.h"
+
+uint32
+__log2(uint32 num)
+{
+ register uint32 i, limit;
+
+ limit = 1;
+ for (i = 0; limit < num; limit = limit << 1, i++) {
+ }
+ return (i);
+}
diff --git a/security/nss/lib/dbm/src/h_page.c b/security/nss/lib/dbm/src/h_page.c
new file mode 100644
index 000000000..bf1252aeb
--- /dev/null
+++ b/security/nss/lib/dbm/src/h_page.c
@@ -0,0 +1,1252 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(unix)
+#define MY_LSEEK lseek
+#else
+#define MY_LSEEK new_lseek
+extern long new_lseek(int fd, long pos, int start);
+#endif
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)hash_page.c 8.7 (Berkeley) 8/16/94";
+#endif /* LIBC_SCCS and not lint */
+
+/*
+ * PACKAGE: hashing
+ *
+ * DESCRIPTION:
+ * Page manipulation for hashing package.
+ *
+ * ROUTINES:
+ *
+ * External
+ * __get_page
+ * __add_ovflpage
+ * Internal
+ * overflow_page
+ * open_temp
+ */
+#ifndef macintosh
+#include <sys/types.h>
+#endif
+
+#if defined(macintosh)
+#include <unistd.h>
+#endif
+
+#include <errno.h>
+#include <fcntl.h>
+#if defined(_WIN32) || defined(_WINDOWS)
+#include <io.h>
+#endif
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+#include <unistd.h>
+#endif
+
+#include <assert.h>
+
+#include "mcom_db.h"
+#include "hash.h"
+#include "page.h"
+/* #include "extern.h" */
+
+extern int mkstempflags(char *path, int extraFlags);
+
+static uint32 *fetch_bitmap(HTAB *, uint32);
+static uint32 first_free(uint32);
+static int open_temp(HTAB *);
+static uint16 overflow_page(HTAB *);
+static void squeeze_key(uint16 *, const DBT *, const DBT *);
+static int ugly_split(HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int);
+
+#define PAGE_INIT(P) \
+ { \
+ ((uint16 *)(P))[0] = 0; \
+ ((uint16 *)(P))[1] = hashp->BSIZE - 3 * sizeof(uint16); \
+ ((uint16 *)(P))[2] = hashp->BSIZE; \
+ }
+
+/* implement a new lseek using lseek that
+ * writes zero's when extending a file
+ * beyond the end.
+ */
+long
+new_lseek(int fd, long offset, int origin)
+{
+ long cur_pos = 0;
+ long end_pos = 0;
+ long seek_pos = 0;
+
+ if (origin == SEEK_CUR) {
+ if (offset < 1)
+ return (lseek(fd, offset, SEEK_CUR));
+
+ cur_pos = lseek(fd, 0, SEEK_CUR);
+
+ if (cur_pos < 0)
+ return (cur_pos);
+ }
+
+ end_pos = lseek(fd, 0, SEEK_END);
+ if (end_pos < 0)
+ return (end_pos);
+
+ if (origin == SEEK_SET)
+ seek_pos = offset;
+ else if (origin == SEEK_CUR)
+ seek_pos = cur_pos + offset;
+ else if (origin == SEEK_END)
+ seek_pos = end_pos + offset;
+ else {
+ assert(0);
+ return (-1);
+ }
+
+ /* the seek position desired is before the
+ * end of the file. We don't need
+ * to do anything special except the seek.
+ */
+ if (seek_pos <= end_pos)
+ return (lseek(fd, seek_pos, SEEK_SET));
+
+ /* the seek position is beyond the end of the
+ * file. Write zero's to the end.
+ *
+ * we are already at the end of the file so
+ * we just need to "write()" zeros for the
+ * difference between seek_pos-end_pos and
+ * then seek to the position to finish
+ * the call
+ */
+ {
+ char buffer[1024];
+ long len = seek_pos - end_pos;
+ memset(buffer, 0, 1024);
+ while (len > 0) {
+ if (write(fd, buffer, (size_t)(1024 > len ? len : 1024)) < 0)
+ return (-1);
+ len -= 1024;
+ }
+ return (lseek(fd, seek_pos, SEEK_SET));
+ }
+}
+
+/*
+ * This is called AFTER we have verified that there is room on the page for
+ * the pair (PAIRFITS has returned true) so we go right ahead and start moving
+ * stuff on.
+ */
+static void
+putpair(char *p, const DBT *key, DBT *val)
+{
+ register uint16 *bp, n, off;
+
+ bp = (uint16 *)p;
+
+ /* Enter the key first. */
+ n = bp[0];
+
+ off = OFFSET(bp) - key->size;
+ memmove(p + off, key->data, key->size);
+ bp[++n] = off;
+
+ /* Now the data. */
+ off -= val->size;
+ memmove(p + off, val->data, val->size);
+ bp[++n] = off;
+
+ /* Adjust page info. */
+ bp[0] = n;
+ bp[n + 1] = off - ((n + 3) * sizeof(uint16));
+ bp[n + 2] = off;
+}
+
+/*
+ * Returns:
+ * 0 OK
+ * -1 error
+ */
+extern int
+__delpair(HTAB *hashp, BUFHEAD *bufp, int ndx)
+{
+ register uint16 *bp, newoff;
+ register int n;
+ uint16 pairlen;
+
+ bp = (uint16 *)bufp->page;
+ n = bp[0];
+
+ if (bp[ndx + 1] < REAL_KEY)
+ return (__big_delete(hashp, bufp));
+ if (ndx != 1)
+ newoff = bp[ndx - 1];
+ else
+ newoff = hashp->BSIZE;
+ pairlen = newoff - bp[ndx + 1];
+
+ if (ndx != (n - 1)) {
+ /* Hard Case -- need to shuffle keys */
+ register int i;
+ register char *src = bufp->page + (int)OFFSET(bp);
+ uint32 dst_offset = (uint32)OFFSET(bp) + (uint32)pairlen;
+ register char *dst = bufp->page + dst_offset;
+ uint32 length = bp[ndx + 1] - OFFSET(bp);
+
+ /*
+ * +-----------+XXX+---------+XXX+---------+---------> +infinity
+ * | | | |
+ * 0 src_offset dst_offset BSIZE
+ *
+ * Dst_offset is > src_offset, so if src_offset were bad, dst_offset
+ * would be too, therefore we check only dst_offset.
+ *
+ * If dst_offset is >= BSIZE, either OFFSET(bp), or pairlen, or both
+ * is corrupted.
+ *
+ * Once we know dst_offset is < BSIZE, we can subtract it from BSIZE
+ * to get an upper bound on length.
+ */
+ if (dst_offset > (uint32)hashp->BSIZE)
+ return (DATABASE_CORRUPTED_ERROR);
+
+ if (length > (uint32)(hashp->BSIZE - dst_offset))
+ return (DATABASE_CORRUPTED_ERROR);
+
+ memmove(dst, src, length);
+
+ /* Now adjust the pointers */
+ for (i = ndx + 2; i <= n; i += 2) {
+ if (bp[i + 1] == OVFLPAGE) {
+ bp[i - 2] = bp[i];
+ bp[i - 1] = bp[i + 1];
+ } else {
+ bp[i - 2] = bp[i] + pairlen;
+ bp[i - 1] = bp[i + 1] + pairlen;
+ }
+ }
+ }
+ /* Finally adjust the page data */
+ bp[n] = OFFSET(bp) + pairlen;
+ bp[n - 1] = bp[n + 1] + pairlen + 2 * sizeof(uint16);
+ bp[0] = n - 2;
+ hashp->NKEYS--;
+
+ bufp->flags |= BUF_MOD;
+ return (0);
+}
+/*
+ * Returns:
+ * 0 ==> OK
+ * -1 ==> Error
+ */
+extern int
+__split_page(HTAB *hashp, uint32 obucket, uint32 nbucket)
+{
+ register BUFHEAD *new_bufp, *old_bufp;
+ register uint16 *ino;
+ register uint16 *tmp_uint16_array;
+ register char *np;
+ DBT key, val;
+ uint16 n, ndx;
+ int retval;
+ uint16 copyto, diff, moved;
+ size_t off;
+ char *op;
+
+ copyto = (uint16)hashp->BSIZE;
+ off = (uint16)hashp->BSIZE;
+ old_bufp = __get_buf(hashp, obucket, NULL, 0);
+ if (old_bufp == NULL)
+ return (-1);
+ new_bufp = __get_buf(hashp, nbucket, NULL, 0);
+ if (new_bufp == NULL)
+ return (-1);
+
+ old_bufp->flags |= (BUF_MOD | BUF_PIN);
+ new_bufp->flags |= (BUF_MOD | BUF_PIN);
+
+ ino = (uint16 *)(op = old_bufp->page);
+ np = new_bufp->page;
+
+ moved = 0;
+
+ for (n = 1, ndx = 1; n < ino[0]; n += 2) {
+ if (ino[n + 1] < REAL_KEY) {
+ retval = ugly_split(hashp, obucket, old_bufp, new_bufp,
+ (int)copyto, (int)moved);
+ old_bufp->flags &= ~BUF_PIN;
+ new_bufp->flags &= ~BUF_PIN;
+ return (retval);
+ }
+ key.data = (uint8 *)op + ino[n];
+
+ /* check here for ino[n] being greater than
+ * off. If it is then the database has
+ * been corrupted.
+ */
+ if (ino[n] > off)
+ return (DATABASE_CORRUPTED_ERROR);
+
+ key.size = off - ino[n];
+
+#ifdef DEBUG
+ /* make sure the size is positive */
+ assert(((int)key.size) > -1);
+#endif
+
+ if (__call_hash(hashp, (char *)key.data, key.size) == obucket) {
+ /* Don't switch page */
+ diff = copyto - off;
+ if (diff) {
+ copyto = ino[n + 1] + diff;
+ memmove(op + copyto, op + ino[n + 1],
+ off - ino[n + 1]);
+ ino[ndx] = copyto + ino[n] - ino[n + 1];
+ ino[ndx + 1] = copyto;
+ } else
+ copyto = ino[n + 1];
+ ndx += 2;
+ } else {
+ /* Switch page */
+ val.data = (uint8 *)op + ino[n + 1];
+ val.size = ino[n] - ino[n + 1];
+
+ /* if the pair doesn't fit something is horribly
+ * wrong. LJM
+ */
+ tmp_uint16_array = (uint16 *)np;
+ if (!PAIRFITS(tmp_uint16_array, &key, &val))
+ return (DATABASE_CORRUPTED_ERROR);
+
+ putpair(np, &key, &val);
+ moved += 2;
+ }
+
+ off = ino[n + 1];
+ }
+
+ /* Now clean up the page */
+ ino[0] -= moved;
+ FREESPACE(ino) = copyto - sizeof(uint16) * (ino[0] + 3);
+ OFFSET(ino) = copyto;
+
+#ifdef DEBUG3
+ (void)fprintf(stderr, "split %d/%d\n",
+ ((uint16 *)np)[0] / 2,
+ ((uint16 *)op)[0] / 2);
+#endif
+ /* unpin both pages */
+ old_bufp->flags &= ~BUF_PIN;
+ new_bufp->flags &= ~BUF_PIN;
+ return (0);
+}
+
+/*
+ * Called when we encounter an overflow or big key/data page during split
+ * handling. This is special cased since we have to begin checking whether
+ * the key/data pairs fit on their respective pages and because we may need
+ * overflow pages for both the old and new pages.
+ *
+ * The first page might be a page with regular key/data pairs in which case
+ * we have a regular overflow condition and just need to go on to the next
+ * page or it might be a big key/data pair in which case we need to fix the
+ * big key/data pair.
+ *
+ * Returns:
+ * 0 ==> success
+ * -1 ==> failure
+ */
+
+/* the maximum number of loops we will allow UGLY split to chew
+ * on before we assume the database is corrupted and throw it
+ * away.
+ */
+#define MAX_UGLY_SPLIT_LOOPS 10000
+
+static int
+ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp,
+ BUFHEAD *new_bufp, /* Same as __split_page. */ int copyto, int moved)
+/* int copyto; First byte on page which contains key/data values. */
+/* int moved; Number of pairs moved to new page. */
+{
+ register BUFHEAD *bufp; /* Buffer header for ino */
+ register uint16 *ino; /* Page keys come off of */
+ register uint16 *np; /* New page */
+ register uint16 *op; /* Page keys go on to if they aren't moving */
+ uint32 loop_detection = 0;
+
+ BUFHEAD *last_bfp; /* Last buf header OVFL needing to be freed */
+ DBT key, val;
+ SPLIT_RETURN ret;
+ uint16 n, off, ov_addr, scopyto;
+ char *cino; /* Character value of ino */
+ int status;
+
+ bufp = old_bufp;
+ ino = (uint16 *)old_bufp->page;
+ np = (uint16 *)new_bufp->page;
+ op = (uint16 *)old_bufp->page;
+ last_bfp = NULL;
+ scopyto = (uint16)copyto; /* ANSI */
+
+ n = ino[0] - 1;
+ while (n < ino[0]) {
+
+ /* this function goes nuts sometimes and never returns.
+ * I havent found the problem yet but I need a solution
+ * so if we loop too often we assume a database curruption error
+ * :LJM
+ */
+ loop_detection++;
+
+ if (loop_detection > MAX_UGLY_SPLIT_LOOPS)
+ return DATABASE_CORRUPTED_ERROR;
+
+ if (ino[2] < REAL_KEY && ino[2] != OVFLPAGE) {
+ if ((status = __big_split(hashp, old_bufp,
+ new_bufp, bufp, bufp->addr, obucket, &ret)))
+ return (status);
+ old_bufp = ret.oldp;
+ if (!old_bufp)
+ return (-1);
+ op = (uint16 *)old_bufp->page;
+ new_bufp = ret.newp;
+ if (!new_bufp)
+ return (-1);
+ np = (uint16 *)new_bufp->page;
+ bufp = ret.nextp;
+ if (!bufp)
+ return (0);
+ cino = (char *)bufp->page;
+ ino = (uint16 *)cino;
+ last_bfp = ret.nextp;
+ } else if (ino[n + 1] == OVFLPAGE) {
+ ov_addr = ino[n];
+ /*
+ * Fix up the old page -- the extra 2 are the fields
+ * which contained the overflow information.
+ */
+ ino[0] -= (moved + 2);
+ FREESPACE(ino) =
+ scopyto - sizeof(uint16) * (ino[0] + 3);
+ OFFSET(ino) = scopyto;
+
+ bufp = __get_buf(hashp, ov_addr, bufp, 0);
+ if (!bufp)
+ return (-1);
+
+ ino = (uint16 *)bufp->page;
+ n = 1;
+ scopyto = hashp->BSIZE;
+ moved = 0;
+
+ if (last_bfp)
+ __free_ovflpage(hashp, last_bfp);
+ last_bfp = bufp;
+ }
+ /* Move regular sized pairs of there are any */
+ off = hashp->BSIZE;
+ for (n = 1; (n < ino[0]) && (ino[n + 1] >= REAL_KEY); n += 2) {
+ cino = (char *)ino;
+ key.data = (uint8 *)cino + ino[n];
+ key.size = off - ino[n];
+ val.data = (uint8 *)cino + ino[n + 1];
+ val.size = ino[n] - ino[n + 1];
+ off = ino[n + 1];
+
+ if (__call_hash(hashp, (char *)key.data, key.size) == obucket) {
+ /* Keep on old page */
+ if (PAIRFITS(op, (&key), (&val)))
+ putpair((char *)op, &key, &val);
+ else {
+ old_bufp =
+ __add_ovflpage(hashp, old_bufp);
+ if (!old_bufp)
+ return (-1);
+ op = (uint16 *)old_bufp->page;
+ putpair((char *)op, &key, &val);
+ }
+ old_bufp->flags |= BUF_MOD;
+ } else {
+ /* Move to new page */
+ if (PAIRFITS(np, (&key), (&val)))
+ putpair((char *)np, &key, &val);
+ else {
+ new_bufp =
+ __add_ovflpage(hashp, new_bufp);
+ if (!new_bufp)
+ return (-1);
+ np = (uint16 *)new_bufp->page;
+ putpair((char *)np, &key, &val);
+ }
+ new_bufp->flags |= BUF_MOD;
+ }
+ }
+ }
+ if (last_bfp)
+ __free_ovflpage(hashp, last_bfp);
+ return (0);
+}
+
+/*
+ * Add the given pair to the page
+ *
+ * Returns:
+ * 0 ==> OK
+ * 1 ==> failure
+ */
+extern int
+__addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val)
+{
+ register uint16 *bp, *sop;
+ int do_expand;
+
+ bp = (uint16 *)bufp->page;
+ do_expand = 0;
+ while (bp[0] && (bp[2] < REAL_KEY || bp[bp[0]] < REAL_KEY))
+ /* Exception case */
+ if (bp[2] == FULL_KEY_DATA && bp[0] == 2)
+ /* This is the last page of a big key/data pair
+ and we need to add another page */
+ break;
+ else if (bp[2] < REAL_KEY && bp[bp[0]] != OVFLPAGE) {
+ bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!bufp) {
+#ifdef DEBUG
+ assert(0);
+#endif
+ return (-1);
+ }
+ bp = (uint16 *)bufp->page;
+ } else
+ /* Try to squeeze key on this page */
+ if (FREESPACE(bp) > PAIRSIZE(key, val)) {
+ {
+ squeeze_key(bp, key, val);
+
+ /* LJM: I added this because I think it was
+ * left out on accident.
+ * if this isn't incremented nkeys will not
+ * be the actual number of keys in the db.
+ */
+ hashp->NKEYS++;
+ return (0);
+ }
+ } else {
+ bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
+ if (!bufp) {
+#ifdef DEBUG
+ assert(0);
+#endif
+ return (-1);
+ }
+ bp = (uint16 *)bufp->page;
+ }
+
+ if (PAIRFITS(bp, key, val))
+ putpair(bufp->page, key, (DBT *)val);
+ else {
+ do_expand = 1;
+ bufp = __add_ovflpage(hashp, bufp);
+ if (!bufp) {
+#ifdef DEBUG
+ assert(0);
+#endif
+ return (-1);
+ }
+ sop = (uint16 *)bufp->page;
+
+ if (PAIRFITS(sop, key, val))
+ putpair((char *)sop, key, (DBT *)val);
+ else if (__big_insert(hashp, bufp, key, val)) {
+#ifdef DEBUG
+ assert(0);
+#endif
+ return (-1);
+ }
+ }
+ bufp->flags |= BUF_MOD;
+ /*
+ * If the average number of keys per bucket exceeds the fill factor,
+ * expand the table.
+ */
+ hashp->NKEYS++;
+ if (do_expand ||
+ (hashp->NKEYS / (hashp->MAX_BUCKET + 1) > hashp->FFACTOR))
+ return (__expand_table(hashp));
+ return (0);
+}
+
+/*
+ *
+ * Returns:
+ * pointer on success
+ * NULL on error
+ */
+extern BUFHEAD *
+__add_ovflpage(HTAB *hashp, BUFHEAD *bufp)
+{
+ register uint16 *sp;
+ uint16 ndx, ovfl_num;
+#ifdef DEBUG1
+ int tmp1, tmp2;
+#endif
+ sp = (uint16 *)bufp->page;
+
+ /* Check if we are dynamically determining the fill factor */
+ if (hashp->FFACTOR == DEF_FFACTOR) {
+ hashp->FFACTOR = sp[0] >> 1;
+ if (hashp->FFACTOR < MIN_FFACTOR)
+ hashp->FFACTOR = MIN_FFACTOR;
+ }
+ bufp->flags |= BUF_MOD;
+ ovfl_num = overflow_page(hashp);
+#ifdef DEBUG1
+ tmp1 = bufp->addr;
+ tmp2 = bufp->ovfl ? bufp->ovfl->addr : 0;
+#endif
+ if (!ovfl_num || !(bufp->ovfl = __get_buf(hashp, ovfl_num, bufp, 1)))
+ return (NULL);
+ bufp->ovfl->flags |= BUF_MOD;
+#ifdef DEBUG1
+ (void)fprintf(stderr, "ADDOVFLPAGE: %d->ovfl was %d is now %d\n",
+ tmp1, tmp2, bufp->ovfl->addr);
+#endif
+ ndx = sp[0];
+ /*
+ * Since a pair is allocated on a page only if there's room to add
+ * an overflow page, we know that the OVFL information will fit on
+ * the page.
+ */
+ sp[ndx + 4] = OFFSET(sp);
+ sp[ndx + 3] = FREESPACE(sp) - OVFLSIZE;
+ sp[ndx + 1] = ovfl_num;
+ sp[ndx + 2] = OVFLPAGE;
+ sp[0] = ndx + 2;
+#ifdef HASH_STATISTICS
+ hash_overflows++;
+#endif
+ return (bufp->ovfl);
+}
+
+/*
+ * Returns:
+ * 0 indicates SUCCESS
+ * -1 indicates FAILURE
+ */
+extern int
+__get_page(HTAB *hashp,
+ char *p,
+ uint32 bucket,
+ int is_bucket,
+ int is_disk,
+ int is_bitmap)
+{
+ register int fd, page;
+ size_t size;
+ int rsize;
+ uint16 *bp;
+
+ fd = hashp->fp;
+ size = hashp->BSIZE;
+
+ if ((fd == -1) || !is_disk) {
+ PAGE_INIT(p);
+ return (0);
+ }
+ if (is_bucket)
+ page = BUCKET_TO_PAGE(bucket);
+ else
+ page = OADDR_TO_PAGE(bucket);
+ if ((MY_LSEEK(fd, (off_t)page << hashp->BSHIFT, SEEK_SET) == -1) ||
+ ((rsize = read(fd, p, size)) == -1))
+ return (-1);
+
+ bp = (uint16 *)p;
+ if (!rsize)
+ bp[0] = 0; /* We hit the EOF, so initialize a new page */
+ else if ((unsigned)rsize != size) {
+ errno = EFTYPE;
+ return (-1);
+ }
+
+ if (!is_bitmap && !bp[0]) {
+ PAGE_INIT(p);
+ } else {
+
+ if (hashp->LORDER != BYTE_ORDER) {
+ register int i, max;
+
+ if (is_bitmap) {
+ max = hashp->BSIZE >> 2; /* divide by 4 */
+ for (i = 0; i < max; i++)
+ M_32_SWAP(((int *)p)[i]);
+ } else {
+ M_16_SWAP(bp[0]);
+ max = bp[0] + 2;
+
+ /* bound the size of max by
+ * the maximum number of entries
+ * in the array
+ */
+ if ((unsigned)max > (size / sizeof(uint16)))
+ return (DATABASE_CORRUPTED_ERROR);
+
+ /* do the byte order swap
+ */
+ for (i = 1; i <= max; i++)
+ M_16_SWAP(bp[i]);
+ }
+ }
+
+ /* check the validity of the page here
+ * (after doing byte order swaping if necessary)
+ */
+ if (!is_bitmap && bp[0] != 0) {
+ uint16 num_keys = bp[0];
+ uint16 offset;
+ uint16 i;
+
+ /* bp[0] is supposed to be the number of
+ * entries currently in the page. If
+ * bp[0] is too large (larger than the whole
+ * page) then the page is corrupted
+ */
+ if (bp[0] > (size / sizeof(uint16)))
+ return (DATABASE_CORRUPTED_ERROR);
+
+ /* bound free space */
+ if (FREESPACE(bp) > size)
+ return (DATABASE_CORRUPTED_ERROR);
+
+ /* check each key and data offset to make
+ * sure they are all within bounds they
+ * should all be less than the previous
+ * offset as well.
+ */
+ offset = size;
+ for (i = 1; i <= num_keys; i += 2) {
+ /* ignore overflow pages etc. */
+ if (bp[i + 1] >= REAL_KEY) {
+
+ if (bp[i] > offset || bp[i + 1] > bp[i])
+ return (DATABASE_CORRUPTED_ERROR);
+
+ offset = bp[i + 1];
+ } else {
+ /* there are no other valid keys after
+ * seeing a non REAL_KEY
+ */
+ break;
+ }
+ }
+ }
+ }
+ return (0);
+}
+
+/*
+ * Write page p to disk
+ *
+ * Returns:
+ * 0 ==> OK
+ * -1 ==>failure
+ */
+extern int
+__put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap)
+{
+ register int fd, page;
+ size_t size;
+ int wsize;
+ off_t offset;
+
+ size = hashp->BSIZE;
+ if ((hashp->fp == -1) && open_temp(hashp))
+ return (-1);
+ fd = hashp->fp;
+
+ if (hashp->LORDER != BYTE_ORDER) {
+ register int i;
+ register int max;
+
+ if (is_bitmap) {
+ max = hashp->BSIZE >> 2; /* divide by 4 */
+ for (i = 0; i < max; i++)
+ M_32_SWAP(((int *)p)[i]);
+ } else {
+ max = ((uint16 *)p)[0] + 2;
+
+ /* bound the size of max by
+ * the maximum number of entries
+ * in the array
+ */
+ if ((unsigned)max > (size / sizeof(uint16)))
+ return (DATABASE_CORRUPTED_ERROR);
+
+ for (i = 0; i <= max; i++)
+ M_16_SWAP(((uint16 *)p)[i]);
+ }
+ }
+
+ if (is_bucket)
+ page = BUCKET_TO_PAGE(bucket);
+ else
+ page = OADDR_TO_PAGE(bucket);
+ offset = (off_t)page << hashp->BSHIFT;
+ if ((MY_LSEEK(fd, offset, SEEK_SET) == -1) ||
+ ((wsize = write(fd, p, size)) == -1))
+ /* Errno is set */
+ return (-1);
+ if ((unsigned)wsize != size) {
+ errno = EFTYPE;
+ return (-1);
+ }
+#if defined(_WIN32) || defined(_WINDOWS)
+ if (offset + size > hashp->file_size) {
+ hashp->updateEOF = 1;
+ }
+#endif
+ /* put the page back the way it was so that it isn't byteswapped
+ * if it remains in memory - LJM
+ */
+ if (hashp->LORDER != BYTE_ORDER) {
+ register int i;
+ register int max;
+
+ if (is_bitmap) {
+ max = hashp->BSIZE >> 2; /* divide by 4 */
+ for (i = 0; i < max; i++)
+ M_32_SWAP(((int *)p)[i]);
+ } else {
+ uint16 *bp = (uint16 *)p;
+
+ M_16_SWAP(bp[0]);
+ max = bp[0] + 2;
+
+ /* no need to bound the size if max again
+ * since it was done already above
+ */
+
+ /* do the byte order re-swap
+ */
+ for (i = 1; i <= max; i++)
+ M_16_SWAP(bp[i]);
+ }
+ }
+
+ return (0);
+}
+
+#define BYTE_MASK ((1 << INT_BYTE_SHIFT) - 1)
+/*
+ * Initialize a new bitmap page. Bitmap pages are left in memory
+ * once they are read in.
+ */
+extern int
+__ibitmap(HTAB *hashp, int pnum, int nbits, int ndx)
+{
+ uint32 *ip;
+ size_t clearbytes, clearints;
+
+ if ((ip = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
+ return (1);
+ hashp->nmaps++;
+ clearints = ((nbits - 1) >> INT_BYTE_SHIFT) + 1;
+ clearbytes = clearints << INT_TO_BYTE;
+ (void)memset((char *)ip, 0, clearbytes);
+ (void)memset(((char *)ip) + clearbytes, 0xFF,
+ hashp->BSIZE - clearbytes);
+ ip[clearints - 1] = ALL_SET << (nbits & BYTE_MASK);
+ SETBIT(ip, 0);
+ hashp->BITMAPS[ndx] = (uint16)pnum;
+ hashp->mapp[ndx] = ip;
+ return (0);
+}
+
+static uint32
+first_free(uint32 map)
+{
+ register uint32 i, mask;
+
+ mask = 0x1;
+ for (i = 0; i < BITS_PER_MAP; i++) {
+ if (!(mask & map))
+ return (i);
+ mask = mask << 1;
+ }
+ return (i);
+}
+
+static uint16
+overflow_page(HTAB *hashp)
+{
+ register uint32 *freep = NULL;
+ register int max_free, offset, splitnum;
+ uint16 addr;
+ uint32 i;
+ int bit, first_page, free_bit, free_page, in_use_bits, j;
+#ifdef DEBUG2
+ int tmp1, tmp2;
+#endif
+ splitnum = hashp->OVFL_POINT;
+ max_free = hashp->SPARES[splitnum];
+
+ free_page = (max_free - 1) >> (hashp->BSHIFT + BYTE_SHIFT);
+ free_bit = (max_free - 1) & ((hashp->BSIZE << BYTE_SHIFT) - 1);
+
+ /* Look through all the free maps to find the first free block */
+ first_page = hashp->LAST_FREED >> (hashp->BSHIFT + BYTE_SHIFT);
+ for (i = first_page; i <= (unsigned)free_page; i++) {
+ if (!(freep = (uint32 *)hashp->mapp[i]) &&
+ !(freep = fetch_bitmap(hashp, i)))
+ return (0);
+ if (i == (unsigned)free_page)
+ in_use_bits = free_bit;
+ else
+ in_use_bits = (hashp->BSIZE << BYTE_SHIFT) - 1;
+
+ if (i == (unsigned)first_page) {
+ bit = hashp->LAST_FREED &
+ ((hashp->BSIZE << BYTE_SHIFT) - 1);
+ j = bit / BITS_PER_MAP;
+ bit = bit & ~(BITS_PER_MAP - 1);
+ } else {
+ bit = 0;
+ j = 0;
+ }
+ for (; bit <= in_use_bits; j++, bit += BITS_PER_MAP)
+ if (freep[j] != ALL_SET)
+ goto found;
+ }
+
+ /* No Free Page Found */
+ hashp->LAST_FREED = hashp->SPARES[splitnum];
+ hashp->SPARES[splitnum]++;
+ offset = hashp->SPARES[splitnum] -
+ (splitnum ? hashp->SPARES[splitnum - 1] : 0);
+
+#define OVMSG "HASH: Out of overflow pages. Increase page size\n"
+ if (offset > SPLITMASK) {
+ if (++splitnum >= NCACHED) {
+#ifndef macintosh
+ (void)fwrite(OVMSG, 1, sizeof(OVMSG) - 1, stderr);
+#endif
+ return (0);
+ }
+ hashp->OVFL_POINT = splitnum;
+ hashp->SPARES[splitnum] = hashp->SPARES[splitnum - 1];
+ hashp->SPARES[splitnum - 1]--;
+ offset = 1;
+ }
+
+ /* Check if we need to allocate a new bitmap page */
+ if (free_bit == (hashp->BSIZE << BYTE_SHIFT) - 1) {
+ free_page++;
+ if (free_page >= NCACHED) {
+#ifndef macintosh
+ (void)fwrite(OVMSG, 1, sizeof(OVMSG) - 1, stderr);
+#endif
+ return (0);
+ }
+ /*
+ * This is tricky. The 1 indicates that you want the new page
+ * allocated with 1 clear bit. Actually, you are going to
+ * allocate 2 pages from this map. The first is going to be
+ * the map page, the second is the overflow page we were
+ * looking for. The init_bitmap routine automatically, sets
+ * the first bit of itself to indicate that the bitmap itself
+ * is in use. We would explicitly set the second bit, but
+ * don't have to if we tell init_bitmap not to leave it clear
+ * in the first place.
+ */
+ if (__ibitmap(hashp,
+ (int)OADDR_OF(splitnum, offset), 1, free_page))
+ return (0);
+ hashp->SPARES[splitnum]++;
+#ifdef DEBUG2
+ free_bit = 2;
+#endif
+ offset++;
+ if (offset > SPLITMASK) {
+ if (++splitnum >= NCACHED) {
+#ifndef macintosh
+ (void)fwrite(OVMSG, 1, sizeof(OVMSG) - 1, stderr);
+#endif
+ return (0);
+ }
+ hashp->OVFL_POINT = splitnum;
+ hashp->SPARES[splitnum] = hashp->SPARES[splitnum - 1];
+ hashp->SPARES[splitnum - 1]--;
+ offset = 0;
+ }
+ } else {
+ /*
+ * Free_bit addresses the last used bit. Bump it to address
+ * the first available bit.
+ */
+ free_bit++;
+ SETBIT(freep, free_bit);
+ }
+
+ /* Calculate address of the new overflow page */
+ addr = OADDR_OF(splitnum, offset);
+#ifdef DEBUG2
+ (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
+ addr, free_bit, free_page);
+#endif
+ return (addr);
+
+found:
+ bit = bit + first_free(freep[j]);
+ SETBIT(freep, bit);
+#ifdef DEBUG2
+ tmp1 = bit;
+ tmp2 = i;
+#endif
+ /*
+ * Bits are addressed starting with 0, but overflow pages are addressed
+ * beginning at 1. Bit is a bit addressnumber, so we need to increment
+ * it to convert it to a page number.
+ */
+ bit = 1 + bit + (i * (hashp->BSIZE << BYTE_SHIFT));
+ if (bit >= hashp->LAST_FREED)
+ hashp->LAST_FREED = bit - 1;
+
+ /* Calculate the split number for this page */
+ for (i = 0; (i < (unsigned)splitnum) && (bit > hashp->SPARES[i]); i++) {
+ }
+ offset = (i ? bit - hashp->SPARES[i - 1] : bit);
+ if (offset >= SPLITMASK)
+ return (0); /* Out of overflow pages */
+ addr = OADDR_OF(i, offset);
+#ifdef DEBUG2
+ (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
+ addr, tmp1, tmp2);
+#endif
+
+ /* Allocate and return the overflow page */
+ return (addr);
+}
+
+/*
+ * Mark this overflow page as free.
+ */
+extern void
+__free_ovflpage(HTAB *hashp, BUFHEAD *obufp)
+{
+ uint16 addr;
+ uint32 *freep;
+ uint32 bit_address, free_page, free_bit;
+ uint16 ndx;
+
+ if (!obufp || !obufp->addr)
+ return;
+
+ addr = obufp->addr;
+#ifdef DEBUG1
+ (void)fprintf(stderr, "Freeing %d\n", addr);
+#endif
+ ndx = (((uint16)addr) >> SPLITSHIFT);
+ bit_address =
+ (ndx ? hashp->SPARES[ndx - 1] : 0) + (addr & SPLITMASK) - 1;
+ if (bit_address < (uint32)hashp->LAST_FREED)
+ hashp->LAST_FREED = bit_address;
+ free_page = (bit_address >> (hashp->BSHIFT + BYTE_SHIFT));
+ free_bit = bit_address & ((hashp->BSIZE << BYTE_SHIFT) - 1);
+
+ if (!(freep = hashp->mapp[free_page]))
+ freep = fetch_bitmap(hashp, free_page);
+
+#ifdef DEBUG
+ /*
+ * This had better never happen. It means we tried to read a bitmap
+ * that has already had overflow pages allocated off it, and we
+ * failed to read it from the file.
+ */
+ if (!freep) {
+ assert(0);
+ return;
+ }
+#endif
+ CLRBIT(freep, free_bit);
+#ifdef DEBUG2
+ (void)fprintf(stderr, "FREE_OVFLPAGE: ADDR: %d BIT: %d PAGE %d\n",
+ obufp->addr, free_bit, free_page);
+#endif
+ __reclaim_buf(hashp, obufp);
+}
+
+/*
+ * Returns:
+ * 0 success
+ * -1 failure
+ */
+static int
+open_temp(HTAB *hashp)
+{
+#ifdef XP_OS2
+ hashp->fp = mkstemp(NULL);
+#else
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+ sigset_t set, oset;
+#endif
+#if !defined(macintosh)
+ char *tmpdir;
+ size_t len;
+ char last;
+#endif
+ static const char namestr[] = "/_hashXXXXXX";
+ char filename[1024];
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+ /* Block signals; make sure file goes away at process exit. */
+ (void)sigfillset(&set);
+ (void)sigprocmask(SIG_BLOCK, &set, &oset);
+#endif
+
+ filename[0] = 0;
+#if defined(macintosh)
+ strcat(filename, namestr + 1);
+#else
+ tmpdir = getenv("TMP");
+ if (!tmpdir)
+ tmpdir = getenv("TMPDIR");
+ if (!tmpdir)
+ tmpdir = getenv("TEMP");
+ if (!tmpdir)
+ tmpdir = ".";
+ len = strlen(tmpdir);
+ if (len && len < (sizeof filename - sizeof namestr)) {
+ strcpy(filename, tmpdir);
+ }
+ len = strlen(filename);
+ last = tmpdir[len - 1];
+ strcat(filename, (last == '/' || last == '\\') ? namestr + 1 : namestr);
+#endif
+
+#if defined(_WIN32) || defined(_WINDOWS)
+ if ((hashp->fp = mkstempflags(filename, _O_BINARY | _O_TEMPORARY)) != -1) {
+ if (hashp->filename) {
+ free(hashp->filename);
+ }
+ hashp->filename = strdup(filename);
+ hashp->is_temp = 1;
+ }
+#else
+ if ((hashp->fp = mkstemp(filename)) != -1) {
+ (void)unlink(filename);
+#if !defined(macintosh)
+ (void)fcntl(hashp->fp, F_SETFD, 1);
+#endif
+ }
+#endif
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+ (void)sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL);
+#endif
+#endif /* !OS2 */
+ return (hashp->fp != -1 ? 0 : -1);
+}
+
+/*
+ * We have to know that the key will fit, but the last entry on the page is
+ * an overflow pair, so we need to shift things.
+ */
+static void
+squeeze_key(uint16 *sp, const DBT *key, const DBT *val)
+{
+ register char *p;
+ uint16 free_space, n, off, pageno;
+
+ p = (char *)sp;
+ n = sp[0];
+ free_space = FREESPACE(sp);
+ off = OFFSET(sp);
+
+ pageno = sp[n - 1];
+ off -= key->size;
+ sp[n - 1] = off;
+ memmove(p + off, key->data, key->size);
+ off -= val->size;
+ sp[n] = off;
+ memmove(p + off, val->data, val->size);
+ sp[0] = n + 2;
+ sp[n + 1] = pageno;
+ sp[n + 2] = OVFLPAGE;
+ FREESPACE(sp) = free_space - PAIRSIZE(key, val);
+ OFFSET(sp) = off;
+}
+
+static uint32 *
+fetch_bitmap(HTAB *hashp, uint32 ndx)
+{
+ if (ndx >= (unsigned)hashp->nmaps)
+ return (NULL);
+ if ((hashp->mapp[ndx] = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
+ return (NULL);
+ if (__get_page(hashp,
+ (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) {
+ free(hashp->mapp[ndx]);
+ hashp->mapp[ndx] = NULL; /* NEW: 9-11-95 */
+ return (NULL);
+ }
+ return (hashp->mapp[ndx]);
+}
+
+#ifdef DEBUG4
+int
+print_chain(int addr)
+{
+ BUFHEAD *bufp;
+ short *bp, oaddr;
+
+ (void)fprintf(stderr, "%d ", addr);
+ bufp = __get_buf(hashp, addr, NULL, 0);
+ bp = (short *)bufp->page;
+ while (bp[0] && ((bp[bp[0]] == OVFLPAGE) ||
+ ((bp[0] > 2) && bp[2] < REAL_KEY))) {
+ oaddr = bp[bp[0] - 1];
+ (void)fprintf(stderr, "%d ", (int)oaddr);
+ bufp = __get_buf(hashp, (int)oaddr, bufp, 0);
+ bp = (short *)bufp->page;
+ }
+ (void)fprintf(stderr, "\n");
+}
+#endif
diff --git a/security/nss/lib/dbm/src/hash.c b/security/nss/lib/dbm/src/hash.c
new file mode 100644
index 000000000..b80aad4d3
--- /dev/null
+++ b/security/nss/lib/dbm/src/hash.c
@@ -0,0 +1,1172 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)hash.c 8.9 (Berkeley) 6/16/94";
+#endif /* LIBC_SCCS and not lint */
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+#include <sys/param.h>
+#endif
+
+#if !defined(macintosh)
+#ifdef XP_OS2
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+
+#if defined(macintosh)
+#include <unix.h>
+#include <unistd.h>
+#endif
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+#include <unistd.h>
+#endif
+#if defined(_WIN32) || defined(_WINDOWS)
+#include <windows.h>
+#endif
+
+#include <assert.h>
+
+#include "mcom_db.h"
+#include "hash.h"
+#include "page.h"
+
+/*
+#include "extern.h"
+*/
+static int alloc_segs(HTAB *, int);
+static int flush_meta(HTAB *);
+static int hash_access(HTAB *, ACTION, DBT *, DBT *);
+static int hash_close(DB *);
+static int hash_delete(const DB *, const DBT *, uint);
+static int hash_fd(const DB *);
+static int hash_get(const DB *, const DBT *, DBT *, uint);
+static int hash_put(const DB *, DBT *, const DBT *, uint);
+static void *hash_realloc(SEGMENT **, size_t, size_t);
+static int hash_seq(const DB *, DBT *, DBT *, uint);
+static int hash_sync(const DB *, uint);
+static int hdestroy(HTAB *);
+static HTAB *init_hash(HTAB *, const char *, HASHINFO *);
+static int init_htab(HTAB *, int);
+#if BYTE_ORDER == LITTLE_ENDIAN
+static void swap_header(HTAB *);
+static void swap_header_copy(HASHHDR *, HASHHDR *);
+#endif
+
+/* Fast arithmetic, relying on powers of 2, */
+#define MOD(x, y) ((x) & ((y)-1))
+
+#define RETURN_ERROR(ERR, LOC) \
+ { \
+ save_errno = ERR; \
+ goto LOC; \
+ }
+
+/* Return values */
+#define SUCCESS (0)
+#define DBM_ERROR (-1)
+#define ABNORMAL (1)
+
+#ifdef HASH_STATISTICS
+int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
+#endif
+
+/* A new Lou (montulli@mozilla.com) routine.
+ *
+ * The database is screwed.
+ *
+ * This closes the file, flushing buffers as appropriate.
+ */
+static void
+__remove_database(DB *dbp)
+{
+ HTAB *hashp = (HTAB *)dbp->internal;
+
+ assert(0);
+
+ if (!hashp)
+ return;
+ hdestroy(hashp);
+ dbp->internal = NULL;
+}
+
+/************************** INTERFACE ROUTINES ***************************/
+/* OPEN/CLOSE */
+
+extern DB *
+__hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags)
+{
+ HTAB *hashp = NULL;
+ struct stat statbuf;
+ DB *dbp;
+ int bpages, hdrsize, new_table, nsegs, save_errno;
+
+ if ((flags & O_ACCMODE) == O_WRONLY) {
+ errno = EINVAL;
+ return NULL;
+ }
+
+ /* zero the statbuffer so that
+ * we can check it for a non-zero
+ * date to see if stat succeeded
+ */
+ memset(&statbuf, 0, sizeof(struct stat));
+
+ if (!(hashp = (HTAB *)calloc(1, sizeof(HTAB)))) {
+ errno = ENOMEM;
+ return NULL;
+ }
+ hashp->fp = NO_FILE;
+ if (file)
+ hashp->filename = strdup(file);
+
+ /*
+ * Even if user wants write only, we need to be able to read
+ * the actual file, so we need to open it read/write. But, the
+ * field in the hashp structure needs to be accurate so that
+ * we can check accesses.
+ */
+ hashp->flags = flags;
+
+ new_table = 0;
+ if (!file || (flags & O_TRUNC) || (stat(file, &statbuf) && (errno == ENOENT))) {
+ if (errno == ENOENT)
+ errno = 0; /* Just in case someone looks at errno */
+ new_table = 1;
+ } else if (statbuf.st_mtime && statbuf.st_size == 0) {
+ /* check for a zero length file and delete it
+ * if it exists
+ */
+ new_table = 1;
+ }
+ hashp->file_size = statbuf.st_size;
+
+ if (file) {
+#if defined(_WIN32) || defined(_WINDOWS) || defined(macintosh) || defined(XP_OS2)
+ if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
+ RETURN_ERROR(errno, error1);
+#else
+ if ((hashp->fp = open(file, flags, mode)) == -1)
+ RETURN_ERROR(errno, error1);
+ (void)fcntl(hashp->fp, F_SETFD, 1);
+#endif
+ }
+ if (new_table) {
+ if (!init_hash(hashp, file, (HASHINFO *)info))
+ RETURN_ERROR(errno, error1);
+ } else {
+ /* Table already exists */
+ if (info && info->hash)
+ hashp->hash = info->hash;
+ else
+ hashp->hash = __default_hash;
+
+ hdrsize = read(hashp->fp, (char *)&hashp->hdr, sizeof(HASHHDR));
+ if (hdrsize == -1)
+ RETURN_ERROR(errno, error1);
+ if (hdrsize != sizeof(HASHHDR))
+ RETURN_ERROR(EFTYPE, error1);
+#if BYTE_ORDER == LITTLE_ENDIAN
+ swap_header(hashp);
+#endif
+ /* Verify file type, versions and hash function */
+ if (hashp->MAGIC != HASHMAGIC)
+ RETURN_ERROR(EFTYPE, error1);
+#define OLDHASHVERSION 1
+ if (hashp->VERSION != HASHVERSION &&
+ hashp->VERSION != OLDHASHVERSION)
+ RETURN_ERROR(EFTYPE, error1);
+ if (hashp->hash(CHARKEY, sizeof(CHARKEY)) != hashp->H_CHARKEY)
+ RETURN_ERROR(EFTYPE, error1);
+ if (hashp->NKEYS < 0) /* Old bad database. */
+ RETURN_ERROR(EFTYPE, error1);
+
+ /*
+ * Figure out how many segments we need. Max_Bucket is the
+ * maximum bucket number, so the number of buckets is
+ * max_bucket + 1.
+ */
+ nsegs = (hashp->MAX_BUCKET + 1 + hashp->SGSIZE - 1) /
+ hashp->SGSIZE;
+ hashp->nsegs = 0;
+ if (alloc_segs(hashp, nsegs))
+ /* If alloc_segs fails, errno will have been set. */
+ RETURN_ERROR(errno, error1);
+ /* Read in bitmaps */
+ bpages = (hashp->SPARES[hashp->OVFL_POINT] +
+ (hashp->BSIZE << BYTE_SHIFT) - 1) >>
+ (hashp->BSHIFT + BYTE_SHIFT);
+
+ hashp->nmaps = bpages;
+ (void)memset(&hashp->mapp[0], 0, bpages * sizeof(uint32 *));
+ }
+
+ /* Initialize Buffer Manager */
+ if (info && info->cachesize)
+ __buf_init(hashp, (int32)info->cachesize);
+ else
+ __buf_init(hashp, DEF_BUFSIZE);
+
+ hashp->new_file = new_table;
+#ifdef macintosh
+ hashp->save_file = file && !(hashp->flags & O_RDONLY);
+#else
+ hashp->save_file = file && (hashp->flags & O_RDWR);
+#endif
+ hashp->cbucket = -1;
+ if (!(dbp = (DB *)malloc(sizeof(DB)))) {
+ RETURN_ERROR(ENOMEM, error1);
+ }
+ dbp->internal = hashp;
+ dbp->close = hash_close;
+ dbp->del = hash_delete;
+ dbp->fd = hash_fd;
+ dbp->get = hash_get;
+ dbp->put = hash_put;
+ dbp->seq = hash_seq;
+ dbp->sync = hash_sync;
+ dbp->type = DB_HASH;
+
+#ifdef HASH_STATISTICS
+ hash_overflows = hash_accesses = hash_collisions = hash_expansions = 0;
+#endif
+ return (dbp);
+
+error1:
+ hdestroy(hashp);
+ errno = save_errno;
+ return (NULL);
+}
+
+static int
+hash_close(DB *dbp)
+{
+ HTAB *hashp;
+ int retval;
+
+ if (!dbp)
+ return (DBM_ERROR);
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ retval = hdestroy(hashp);
+ free(dbp);
+ return (retval);
+}
+
+static int
+hash_fd(const DB *dbp)
+{
+ HTAB *hashp;
+
+ if (!dbp)
+ return (DBM_ERROR);
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ if (hashp->fp == -1) {
+ errno = ENOENT;
+ return (-1);
+ }
+ return (hashp->fp);
+}
+
+/************************** LOCAL CREATION ROUTINES **********************/
+static HTAB *
+init_hash(HTAB *hashp, const char *file, HASHINFO *info)
+{
+ struct stat statbuf;
+ int nelem;
+
+ nelem = 1;
+ hashp->NKEYS = 0;
+ hashp->LORDER = BYTE_ORDER;
+ hashp->BSIZE = DEF_BUCKET_SIZE;
+ hashp->BSHIFT = DEF_BUCKET_SHIFT;
+ hashp->SGSIZE = DEF_SEGSIZE;
+ hashp->SSHIFT = DEF_SEGSIZE_SHIFT;
+ hashp->DSIZE = DEF_DIRSIZE;
+ hashp->FFACTOR = DEF_FFACTOR;
+ hashp->hash = __default_hash;
+ memset(hashp->SPARES, 0, sizeof(hashp->SPARES));
+ memset(hashp->BITMAPS, 0, sizeof(hashp->BITMAPS));
+
+ /* Fix bucket size to be optimal for file system */
+ if (file != NULL) {
+ if (stat(file, &statbuf))
+ return (NULL);
+
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2)
+#if defined(__QNX__) && !defined(__QNXNTO__)
+ hashp->BSIZE = 512; /* preferred blk size on qnx4 */
+#else
+ hashp->BSIZE = statbuf.st_blksize;
+#endif
+
+ /* new code added by Lou to reduce block
+ * size down below MAX_BSIZE
+ */
+ if (hashp->BSIZE > MAX_BSIZE)
+ hashp->BSIZE = MAX_BSIZE;
+#endif
+ hashp->BSHIFT = __log2((uint32)hashp->BSIZE);
+ }
+
+ if (info) {
+ if (info->bsize) {
+ /* Round pagesize up to power of 2 */
+ hashp->BSHIFT = __log2(info->bsize);
+ hashp->BSIZE = 1 << hashp->BSHIFT;
+ if (hashp->BSIZE > MAX_BSIZE) {
+ errno = EINVAL;
+ return (NULL);
+ }
+ }
+ if (info->ffactor)
+ hashp->FFACTOR = info->ffactor;
+ if (info->hash)
+ hashp->hash = info->hash;
+ if (info->nelem)
+ nelem = info->nelem;
+ if (info->lorder) {
+ if (info->lorder != BIG_ENDIAN &&
+ info->lorder != LITTLE_ENDIAN) {
+ errno = EINVAL;
+ return (NULL);
+ }
+ hashp->LORDER = info->lorder;
+ }
+ }
+ /* init_htab sets errno if it fails */
+ if (init_htab(hashp, nelem))
+ return (NULL);
+ else
+ return (hashp);
+}
+/*
+ * This calls alloc_segs which may run out of memory. Alloc_segs will
+ * set errno, so we just pass the error information along.
+ *
+ * Returns 0 on No Error
+ */
+static int
+init_htab(HTAB *hashp, int nelem)
+{
+ register int nbuckets, nsegs;
+ int l2;
+
+ /*
+ * Divide number of elements by the fill factor and determine a
+ * desired number of buckets. Allocate space for the next greater
+ * power of two number of buckets.
+ */
+ nelem = (nelem - 1) / hashp->FFACTOR + 1;
+
+ l2 = __log2((uint32)PR_MAX(nelem, 2));
+ nbuckets = 1 << l2;
+
+ hashp->SPARES[l2] = l2 + 1;
+ hashp->SPARES[l2 + 1] = l2 + 1;
+ hashp->OVFL_POINT = l2;
+ hashp->LAST_FREED = 2;
+
+ /* First bitmap page is at: splitpoint l2 page offset 1 */
+ if (__ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0))
+ return (-1);
+
+ hashp->MAX_BUCKET = hashp->LOW_MASK = nbuckets - 1;
+ hashp->HIGH_MASK = (nbuckets << 1) - 1;
+ hashp->HDRPAGES = ((PR_MAX(sizeof(HASHHDR), MINHDRSIZE) - 1) >>
+ hashp->BSHIFT) +
+ 1;
+
+ nsegs = (nbuckets - 1) / hashp->SGSIZE + 1;
+ nsegs = 1 << __log2((uint32)nsegs);
+
+ if (nsegs > hashp->DSIZE)
+ hashp->DSIZE = nsegs;
+ return (alloc_segs(hashp, nsegs));
+}
+
+/********************** DESTROY/CLOSE ROUTINES ************************/
+
+/*
+ * Flushes any changes to the file if necessary and destroys the hashp
+ * structure, freeing all allocated space.
+ */
+static int
+hdestroy(HTAB *hashp)
+{
+ int i, save_errno;
+
+ save_errno = 0;
+
+#ifdef HASH_STATISTICS
+ (void)fprintf(stderr, "hdestroy: accesses %ld collisions %ld\n",
+ hash_accesses, hash_collisions);
+ (void)fprintf(stderr, "hdestroy: expansions %ld\n",
+ hash_expansions);
+ (void)fprintf(stderr, "hdestroy: overflows %ld\n",
+ hash_overflows);
+ (void)fprintf(stderr, "keys %ld maxp %d segmentcount %d\n",
+ hashp->NKEYS, hashp->MAX_BUCKET, hashp->nsegs);
+
+ for (i = 0; i < NCACHED; i++)
+ (void)fprintf(stderr,
+ "spares[%d] = %d\n", i, hashp->SPARES[i]);
+#endif
+ /*
+ * Call on buffer manager to free buffers, and if required,
+ * write them to disk.
+ */
+ if (__buf_free(hashp, 1, hashp->save_file))
+ save_errno = errno;
+ if (hashp->dir) {
+ free(*hashp->dir); /* Free initial segments */
+ /* Free extra segments */
+ while (hashp->exsegs--)
+ free(hashp->dir[--hashp->nsegs]);
+ free(hashp->dir);
+ }
+ if (flush_meta(hashp) && !save_errno)
+ save_errno = errno;
+ /* Free Bigmaps */
+ for (i = 0; i < hashp->nmaps; i++)
+ if (hashp->mapp[i])
+ free(hashp->mapp[i]);
+
+ if (hashp->fp != -1)
+ (void)close(hashp->fp);
+
+ if (hashp->filename) {
+#if defined(_WIN32) || defined(_WINDOWS) || defined(XP_OS2)
+ if (hashp->is_temp)
+ (void)unlink(hashp->filename);
+#endif
+ free(hashp->filename);
+ }
+ if (hashp->tmp_buf)
+ free(hashp->tmp_buf);
+ if (hashp->tmp_key)
+ free(hashp->tmp_key);
+ free(hashp);
+ if (save_errno) {
+ errno = save_errno;
+ return (DBM_ERROR);
+ }
+ return (SUCCESS);
+}
+
+#if defined(_WIN32) || defined(_WINDOWS)
+/*
+ * Close and reopen file to force file length update on windows.
+ *
+ * Returns:
+ * 0 == OK
+ * -1 DBM_ERROR
+ */
+static int
+update_EOF(HTAB *hashp)
+{
+#if defined(DBM_REOPEN_ON_FLUSH)
+ char *file = hashp->filename;
+ off_t file_size;
+ int flags;
+ int mode = -1;
+ struct stat statbuf;
+
+ memset(&statbuf, 0, sizeof statbuf);
+
+ /* make sure we won't lose the file by closing it. */
+ if (!file || (stat(file, &statbuf) && (errno == ENOENT))) {
+ /* pretend we did it. */
+ return 0;
+ }
+
+ (void)close(hashp->fp);
+
+ flags = hashp->flags & ~(O_TRUNC | O_CREAT | O_EXCL);
+
+ if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
+ return -1;
+ file_size = lseek(hashp->fp, (off_t)0, SEEK_END);
+ if (file_size == -1)
+ return -1;
+ hashp->file_size = file_size;
+ return 0;
+#else
+ int fd = hashp->fp;
+ off_t file_size = lseek(fd, (off_t)0, SEEK_END);
+ HANDLE handle = (HANDLE)_get_osfhandle(fd);
+ BOOL cool = FlushFileBuffers(handle);
+#ifdef DEBUG3
+ if (!cool) {
+ DWORD err = GetLastError();
+ (void)fprintf(stderr,
+ "FlushFileBuffers failed, last error = %d, 0x%08x\n",
+ err, err);
+ }
+#endif
+ if (file_size == -1)
+ return -1;
+ hashp->file_size = file_size;
+ return cool ? 0 : -1;
+#endif
+}
+#endif
+
+/*
+ * Write modified pages to disk
+ *
+ * Returns:
+ * 0 == OK
+ * -1 DBM_ERROR
+ */
+static int
+hash_sync(const DB *dbp, uint flags)
+{
+ HTAB *hashp;
+
+ if (flags != 0) {
+ errno = EINVAL;
+ return (DBM_ERROR);
+ }
+
+ if (!dbp)
+ return (DBM_ERROR);
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ if (!hashp->save_file)
+ return (0);
+ if (__buf_free(hashp, 0, 1) || flush_meta(hashp))
+ return (DBM_ERROR);
+#if defined(_WIN32) || defined(_WINDOWS)
+ if (hashp->updateEOF && hashp->filename && !hashp->is_temp) {
+ int status = update_EOF(hashp);
+ hashp->updateEOF = 0;
+ if (status)
+ return status;
+ }
+#endif
+ hashp->new_file = 0;
+ return (0);
+}
+
+/*
+ * Returns:
+ * 0 == OK
+ * -1 indicates that errno should be set
+ */
+static int
+flush_meta(HTAB *hashp)
+{
+ HASHHDR *whdrp;
+#if BYTE_ORDER == LITTLE_ENDIAN
+ HASHHDR whdr;
+#endif
+ int fp, i, wsize;
+
+ if (!hashp->save_file)
+ return (0);
+ hashp->MAGIC = HASHMAGIC;
+ hashp->VERSION = HASHVERSION;
+ hashp->H_CHARKEY = hashp->hash(CHARKEY, sizeof(CHARKEY));
+
+ fp = hashp->fp;
+ whdrp = &hashp->hdr;
+#if BYTE_ORDER == LITTLE_ENDIAN
+ whdrp = &whdr;
+ swap_header_copy(&hashp->hdr, whdrp);
+#endif
+ if ((lseek(fp, (off_t)0, SEEK_SET) == -1) ||
+ ((wsize = write(fp, (char *)whdrp, sizeof(HASHHDR))) == -1))
+ return (-1);
+ else if (wsize != sizeof(HASHHDR)) {
+ errno = EFTYPE;
+ hashp->dbmerrno = errno;
+ return (-1);
+ }
+ for (i = 0; i < NCACHED; i++)
+ if (hashp->mapp[i])
+ if (__put_page(hashp, (char *)hashp->mapp[i],
+ hashp->BITMAPS[i], 0, 1))
+ return (-1);
+ return (0);
+}
+
+/*******************************SEARCH ROUTINES *****************************/
+/*
+ * All the access routines return
+ *
+ * Returns:
+ * 0 on SUCCESS
+ * 1 to indicate an external DBM_ERROR (i.e. key not found, etc)
+ * -1 to indicate an internal DBM_ERROR (i.e. out of memory, etc)
+ */
+static int
+hash_get(
+ const DB *dbp,
+ const DBT *key,
+ DBT *data,
+ uint flag)
+{
+ HTAB *hashp;
+ int rv;
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ if (flag) {
+ hashp->dbmerrno = errno = EINVAL;
+ return (DBM_ERROR);
+ }
+
+ rv = hash_access(hashp, HASH_GET, (DBT *)key, data);
+
+ if (rv == DATABASE_CORRUPTED_ERROR) {
+#if defined(unix) && defined(DEBUG)
+ printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
+#endif
+ __remove_database((DB *)dbp);
+ }
+
+ return (rv);
+}
+
+static int
+hash_put(
+ const DB *dbp,
+ DBT *key,
+ const DBT *data,
+ uint flag)
+{
+ HTAB *hashp;
+ int rv;
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ if (flag && flag != R_NOOVERWRITE) {
+ hashp->dbmerrno = errno = EINVAL;
+ return (DBM_ERROR);
+ }
+ if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
+ hashp->dbmerrno = errno = EPERM;
+ return (DBM_ERROR);
+ }
+
+ rv = hash_access(hashp, flag == R_NOOVERWRITE ? HASH_PUTNEW
+ : HASH_PUT,
+ (DBT *)key, (DBT *)data);
+
+ if (rv == DATABASE_CORRUPTED_ERROR) {
+#if defined(unix) && defined(DEBUG)
+ printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
+#endif
+ __remove_database((DB *)dbp);
+ }
+
+ return (rv);
+}
+
+static int
+hash_delete(
+ const DB *dbp,
+ const DBT *key,
+ uint flag) /* Ignored */
+{
+ HTAB *hashp;
+ int rv;
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ if (flag && flag != R_CURSOR) {
+ hashp->dbmerrno = errno = EINVAL;
+ return (DBM_ERROR);
+ }
+ if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
+ hashp->dbmerrno = errno = EPERM;
+ return (DBM_ERROR);
+ }
+ rv = hash_access(hashp, HASH_DELETE, (DBT *)key, NULL);
+
+ if (rv == DATABASE_CORRUPTED_ERROR) {
+#if defined(unix) && defined(DEBUG)
+ printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
+#endif
+ __remove_database((DB *)dbp);
+ }
+
+ return (rv);
+}
+
+#define MAX_OVERFLOW_HASH_ACCESS_LOOPS 2000
+/*
+ * Assume that hashp has been set in wrapper routine.
+ */
+static int
+hash_access(
+ HTAB *hashp,
+ ACTION action,
+ DBT *key, DBT *val)
+{
+ register BUFHEAD *rbufp;
+ BUFHEAD *bufp, *save_bufp;
+ register uint16 *bp;
+ register long n, ndx, off;
+ register size_t size;
+ register char *kp;
+ uint16 pageno;
+ uint32 ovfl_loop_count = 0;
+ int32 last_overflow_page_no = -1;
+
+#ifdef HASH_STATISTICS
+ hash_accesses++;
+#endif
+
+ off = hashp->BSIZE;
+ size = key->size;
+ kp = (char *)key->data;
+ rbufp = __get_buf(hashp, __call_hash(hashp, kp, size), NULL, 0);
+ if (!rbufp)
+ return (DATABASE_CORRUPTED_ERROR);
+ save_bufp = rbufp;
+
+ /* Pin the bucket chain */
+ rbufp->flags |= BUF_PIN;
+ for (bp = (uint16 *)rbufp->page, n = *bp++, ndx = 1; ndx < n;) {
+
+ if (bp[1] >= REAL_KEY) {
+ /* Real key/data pair */
+ if (size == (unsigned long)(off - *bp) &&
+ memcmp(kp, rbufp->page + *bp, size) == 0)
+ goto found;
+ off = bp[1];
+#ifdef HASH_STATISTICS
+ hash_collisions++;
+#endif
+ bp += 2;
+ ndx += 2;
+ } else if (bp[1] == OVFLPAGE) {
+
+ /* database corruption: overflow loop detection */
+ if (last_overflow_page_no == (int32)*bp)
+ return (DATABASE_CORRUPTED_ERROR);
+
+ last_overflow_page_no = *bp;
+
+ rbufp = __get_buf(hashp, *bp, rbufp, 0);
+ if (!rbufp) {
+ save_bufp->flags &= ~BUF_PIN;
+ return (DBM_ERROR);
+ }
+
+ ovfl_loop_count++;
+ if (ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS)
+ return (DATABASE_CORRUPTED_ERROR);
+
+ /* FOR LOOP INIT */
+ bp = (uint16 *)rbufp->page;
+ n = *bp++;
+ ndx = 1;
+ off = hashp->BSIZE;
+ } else if (bp[1] < REAL_KEY) {
+ if ((ndx =
+ __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0)
+ goto found;
+ if (ndx == -2) {
+ bufp = rbufp;
+ if (!(pageno =
+ __find_last_page(hashp, &bufp))) {
+ ndx = 0;
+ rbufp = bufp;
+ break; /* FOR */
+ }
+ rbufp = __get_buf(hashp, pageno, bufp, 0);
+ if (!rbufp) {
+ save_bufp->flags &= ~BUF_PIN;
+ return (DBM_ERROR);
+ }
+ /* FOR LOOP INIT */
+ bp = (uint16 *)rbufp->page;
+ n = *bp++;
+ ndx = 1;
+ off = hashp->BSIZE;
+ } else {
+ save_bufp->flags &= ~BUF_PIN;
+ return (DBM_ERROR);
+ }
+ }
+ }
+
+ /* Not found */
+ switch (action) {
+ case HASH_PUT:
+ case HASH_PUTNEW:
+ if (__addel(hashp, rbufp, key, val)) {
+ save_bufp->flags &= ~BUF_PIN;
+ return (DBM_ERROR);
+ } else {
+ save_bufp->flags &= ~BUF_PIN;
+ return (SUCCESS);
+ }
+ case HASH_GET:
+ case HASH_DELETE:
+ default:
+ save_bufp->flags &= ~BUF_PIN;
+ return (ABNORMAL);
+ }
+
+found:
+ switch (action) {
+ case HASH_PUTNEW:
+ save_bufp->flags &= ~BUF_PIN;
+ return (ABNORMAL);
+ case HASH_GET:
+ bp = (uint16 *)rbufp->page;
+ if (bp[ndx + 1] < REAL_KEY) {
+ if (__big_return(hashp, rbufp, ndx, val, 0))
+ return (DBM_ERROR);
+ } else {
+ val->data = (uint8 *)rbufp->page + (int)bp[ndx + 1];
+ val->size = bp[ndx] - bp[ndx + 1];
+ }
+ break;
+ case HASH_PUT:
+ if ((__delpair(hashp, rbufp, ndx)) ||
+ (__addel(hashp, rbufp, key, val))) {
+ save_bufp->flags &= ~BUF_PIN;
+ return (DBM_ERROR);
+ }
+ break;
+ case HASH_DELETE:
+ if (__delpair(hashp, rbufp, ndx))
+ return (DBM_ERROR);
+ break;
+ default:
+ abort();
+ }
+ save_bufp->flags &= ~BUF_PIN;
+ return (SUCCESS);
+}
+
+static int
+hash_seq(
+ const DB *dbp,
+ DBT *key, DBT *data,
+ uint flag)
+{
+ register uint32 bucket;
+ register BUFHEAD *bufp = NULL;
+ HTAB *hashp;
+ uint16 *bp, ndx;
+
+ hashp = (HTAB *)dbp->internal;
+ if (!hashp)
+ return (DBM_ERROR);
+
+ if (flag && flag != R_FIRST && flag != R_NEXT) {
+ hashp->dbmerrno = errno = EINVAL;
+ return (DBM_ERROR);
+ }
+#ifdef HASH_STATISTICS
+ hash_accesses++;
+#endif
+ if ((hashp->cbucket < 0) || (flag == R_FIRST)) {
+ hashp->cbucket = 0;
+ hashp->cndx = 1;
+ hashp->cpage = NULL;
+ }
+
+ for (bp = NULL; !bp || !bp[0];) {
+ if (!(bufp = hashp->cpage)) {
+ for (bucket = hashp->cbucket;
+ bucket <= (uint32)hashp->MAX_BUCKET;
+ bucket++, hashp->cndx = 1) {
+ bufp = __get_buf(hashp, bucket, NULL, 0);
+ if (!bufp)
+ return (DBM_ERROR);
+ hashp->cpage = bufp;
+ bp = (uint16 *)bufp->page;
+ if (bp[0])
+ break;
+ }
+ hashp->cbucket = bucket;
+ if (hashp->cbucket > hashp->MAX_BUCKET) {
+ hashp->cbucket = -1;
+ return (ABNORMAL);
+ }
+ } else
+ bp = (uint16 *)hashp->cpage->page;
+
+#ifdef DEBUG
+ assert(bp);
+ assert(bufp);
+#endif
+ while (bp[hashp->cndx + 1] == OVFLPAGE) {
+ bufp = hashp->cpage =
+ __get_buf(hashp, bp[hashp->cndx], bufp, 0);
+ if (!bufp)
+ return (DBM_ERROR);
+ bp = (uint16 *)(bufp->page);
+ hashp->cndx = 1;
+ }
+ if (!bp[0]) {
+ hashp->cpage = NULL;
+ ++hashp->cbucket;
+ }
+ }
+ ndx = hashp->cndx;
+ if (bp[ndx + 1] < REAL_KEY) {
+ if (__big_keydata(hashp, bufp, key, data, 1))
+ return (DBM_ERROR);
+ } else {
+ key->data = (uint8 *)hashp->cpage->page + bp[ndx];
+ key->size = (ndx > 1 ? bp[ndx - 1] : hashp->BSIZE) - bp[ndx];
+ data->data = (uint8 *)hashp->cpage->page + bp[ndx + 1];
+ data->size = bp[ndx] - bp[ndx + 1];
+ ndx += 2;
+ if (ndx > bp[0]) {
+ hashp->cpage = NULL;
+ hashp->cbucket++;
+ hashp->cndx = 1;
+ } else
+ hashp->cndx = ndx;
+ }
+ return (SUCCESS);
+}
+
+/********************************* UTILITIES ************************/
+
+/*
+ * Returns:
+ * 0 ==> OK
+ * -1 ==> Error
+ */
+extern int
+__expand_table(HTAB *hashp)
+{
+ uint32 old_bucket, new_bucket;
+ int new_segnum, spare_ndx;
+ size_t dirsize;
+
+#ifdef HASH_STATISTICS
+ hash_expansions++;
+#endif
+ new_bucket = ++hashp->MAX_BUCKET;
+ old_bucket = (hashp->MAX_BUCKET & hashp->LOW_MASK);
+
+ new_segnum = new_bucket >> hashp->SSHIFT;
+
+ /* Check if we need a new segment */
+ if (new_segnum >= hashp->nsegs) {
+ /* Check if we need to expand directory */
+ if (new_segnum >= hashp->DSIZE) {
+ /* Reallocate directory */
+ dirsize = hashp->DSIZE * sizeof(SEGMENT *);
+ if (!hash_realloc(&hashp->dir, dirsize, dirsize << 1))
+ return (-1);
+ hashp->DSIZE = dirsize << 1;
+ }
+ if ((hashp->dir[new_segnum] =
+ (SEGMENT)calloc((size_t)hashp->SGSIZE, sizeof(BUFHEAD *))) == NULL)
+ return (-1);
+ hashp->exsegs++;
+ hashp->nsegs++;
+ }
+ /*
+ * If the split point is increasing (MAX_BUCKET's log base 2
+ * * increases), we need to copy the current contents of the spare
+ * split bucket to the next bucket.
+ */
+ spare_ndx = __log2((uint32)(hashp->MAX_BUCKET + 1));
+ if (spare_ndx > hashp->OVFL_POINT) {
+ hashp->SPARES[spare_ndx] = hashp->SPARES[hashp->OVFL_POINT];
+ hashp->OVFL_POINT = spare_ndx;
+ }
+
+ if (new_bucket > (uint32)hashp->HIGH_MASK) {
+ /* Starting a new doubling */
+ hashp->LOW_MASK = hashp->HIGH_MASK;
+ hashp->HIGH_MASK = new_bucket | hashp->LOW_MASK;
+ }
+ /* Relocate records to the new bucket */
+ return (__split_page(hashp, old_bucket, new_bucket));
+}
+
+/*
+ * If realloc guarantees that the pointer is not destroyed if the realloc
+ * fails, then this routine can go away.
+ */
+static void *
+hash_realloc(
+ SEGMENT **p_ptr,
+ size_t oldsize, size_t newsize)
+{
+ register void *p;
+
+ if ((p = malloc(newsize))) {
+ memmove(p, *p_ptr, oldsize);
+ memset((char *)p + oldsize, 0, newsize - oldsize);
+ free(*p_ptr);
+ *p_ptr = (SEGMENT *)p;
+ }
+ return (p);
+}
+
+extern uint32
+__call_hash(HTAB *hashp, char *k, size_t len)
+{
+ uint32 n, bucket;
+
+ n = hashp->hash(k, len);
+ bucket = n & hashp->HIGH_MASK;
+ if (bucket > (uint32)hashp->MAX_BUCKET)
+ bucket = bucket & hashp->LOW_MASK;
+ return (bucket);
+}
+
+/*
+ * Allocate segment table. On error, set errno.
+ *
+ * Returns 0 on success
+ */
+static int
+alloc_segs(
+ HTAB *hashp,
+ int nsegs)
+{
+ register int i;
+ register SEGMENT store;
+
+ if ((hashp->dir =
+ (SEGMENT *)calloc((size_t)hashp->DSIZE, sizeof(SEGMENT))) == NULL) {
+ errno = ENOMEM;
+ return (-1);
+ }
+ /* Allocate segments */
+ if ((store =
+ (SEGMENT)calloc((size_t)nsegs << hashp->SSHIFT, sizeof(BUFHEAD *))) == NULL) {
+ errno = ENOMEM;
+ return (-1);
+ }
+ for (i = 0; i < nsegs; i++, hashp->nsegs++)
+ hashp->dir[i] = &store[i << hashp->SSHIFT];
+ return (0);
+}
+
+#if BYTE_ORDER == LITTLE_ENDIAN
+/*
+ * Hashp->hdr needs to be byteswapped.
+ */
+static void
+swap_header_copy(
+ HASHHDR *srcp, HASHHDR *destp)
+{
+ int i;
+
+ P_32_COPY(srcp->magic, destp->magic);
+ P_32_COPY(srcp->version, destp->version);
+ P_32_COPY(srcp->lorder, destp->lorder);
+ P_32_COPY(srcp->bsize, destp->bsize);
+ P_32_COPY(srcp->bshift, destp->bshift);
+ P_32_COPY(srcp->dsize, destp->dsize);
+ P_32_COPY(srcp->ssize, destp->ssize);
+ P_32_COPY(srcp->sshift, destp->sshift);
+ P_32_COPY(srcp->ovfl_point, destp->ovfl_point);
+ P_32_COPY(srcp->last_freed, destp->last_freed);
+ P_32_COPY(srcp->max_bucket, destp->max_bucket);
+ P_32_COPY(srcp->high_mask, destp->high_mask);
+ P_32_COPY(srcp->low_mask, destp->low_mask);
+ P_32_COPY(srcp->ffactor, destp->ffactor);
+ P_32_COPY(srcp->nkeys, destp->nkeys);
+ P_32_COPY(srcp->hdrpages, destp->hdrpages);
+ P_32_COPY(srcp->h_charkey, destp->h_charkey);
+ for (i = 0; i < NCACHED; i++) {
+ P_32_COPY(srcp->spares[i], destp->spares[i]);
+ P_16_COPY(srcp->bitmaps[i], destp->bitmaps[i]);
+ }
+}
+
+static void
+swap_header(HTAB *hashp)
+{
+ HASHHDR *hdrp;
+ int i;
+
+ hdrp = &hashp->hdr;
+
+ M_32_SWAP(hdrp->magic);
+ M_32_SWAP(hdrp->version);
+ M_32_SWAP(hdrp->lorder);
+ M_32_SWAP(hdrp->bsize);
+ M_32_SWAP(hdrp->bshift);
+ M_32_SWAP(hdrp->dsize);
+ M_32_SWAP(hdrp->ssize);
+ M_32_SWAP(hdrp->sshift);
+ M_32_SWAP(hdrp->ovfl_point);
+ M_32_SWAP(hdrp->last_freed);
+ M_32_SWAP(hdrp->max_bucket);
+ M_32_SWAP(hdrp->high_mask);
+ M_32_SWAP(hdrp->low_mask);
+ M_32_SWAP(hdrp->ffactor);
+ M_32_SWAP(hdrp->nkeys);
+ M_32_SWAP(hdrp->hdrpages);
+ M_32_SWAP(hdrp->h_charkey);
+ for (i = 0; i < NCACHED; i++) {
+ M_32_SWAP(hdrp->spares[i]);
+ M_16_SWAP(hdrp->bitmaps[i]);
+ }
+}
+#endif
diff --git a/security/nss/lib/dbm/src/hash_buf.c b/security/nss/lib/dbm/src/hash_buf.c
new file mode 100644
index 000000000..a7cd2d076
--- /dev/null
+++ b/security/nss/lib/dbm/src/hash_buf.c
@@ -0,0 +1,407 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Margo Seltzer.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)hash_buf.c 8.5 (Berkeley) 7/15/94";
+#endif /* LIBC_SCCS and not lint */
+
+/*
+ * PACKAGE: hash
+ *
+ * DESCRIPTION:
+ * Contains buffer management
+ *
+ * ROUTINES:
+ * External
+ * __buf_init
+ * __get_buf
+ * __buf_free
+ * __reclaim_buf
+ * Internal
+ * newbuf
+ */
+#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
+#include <sys/param.h>
+#endif
+
+#include <errno.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef DEBUG
+#include <assert.h>
+#endif
+
+#include "mcom_db.h"
+#include "hash.h"
+#include "page.h"
+/* #include "extern.h" */
+
+static BUFHEAD *newbuf(HTAB *, uint32, BUFHEAD *);
+
+/* Unlink B from its place in the lru */
+#define BUF_REMOVE(B) \
+ { \
+ (B)->prev->next = (B)->next; \
+ (B)->next->prev = (B)->prev; \
+ }
+
+/* Insert B after P */
+#define BUF_INSERT(B, P) \
+ { \
+ (B)->next = (P)->next; \
+ (B)->prev = (P); \
+ (P)->next = (B); \
+ (B)->next->prev = (B); \
+ }
+
+#define MRU hashp->bufhead.next
+#define LRU hashp->bufhead.prev
+
+#define MRU_INSERT(B) BUF_INSERT((B), &hashp->bufhead)
+#define LRU_INSERT(B) BUF_INSERT((B), LRU)
+
+/*
+ * We are looking for a buffer with address "addr". If prev_bp is NULL, then
+ * address is a bucket index. If prev_bp is not NULL, then it points to the
+ * page previous to an overflow page that we are trying to find.
+ *
+ * CAVEAT: The buffer header accessed via prev_bp's ovfl field may no longer
+ * be valid. Therefore, you must always verify that its address matches the
+ * address you are seeking.
+ */
+extern BUFHEAD *
+__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage)
+/* If prev_bp set, indicates a new overflow page. */
+{
+ register BUFHEAD *bp;
+ register uint32 is_disk_mask;
+ register int is_disk, segment_ndx = 0;
+ SEGMENT segp = 0;
+
+ is_disk = 0;
+ is_disk_mask = 0;
+ if (prev_bp) {
+ bp = prev_bp->ovfl;
+ if (!bp || (bp->addr != addr))
+ bp = NULL;
+ if (!newpage)
+ is_disk = BUF_DISK;
+ } else {
+ /* Grab buffer out of directory */
+ segment_ndx = addr & (hashp->SGSIZE - 1);
+
+ /* valid segment ensured by __call_hash() */
+ segp = hashp->dir[addr >> hashp->SSHIFT];
+#ifdef DEBUG
+ assert(segp != NULL);
+#endif
+
+ bp = PTROF(segp[segment_ndx]);
+
+ is_disk_mask = ISDISK(segp[segment_ndx]);
+ is_disk = is_disk_mask || !hashp->new_file;
+ }
+
+ if (!bp) {
+ bp = newbuf(hashp, addr, prev_bp);
+ if (!bp)
+ return (NULL);
+ if (__get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0)) {
+ /* free bp and its page */
+ if (prev_bp) {
+ /* if prev_bp is set then the new page that
+ * failed is hooked onto prev_bp as an overflow page.
+ * if we don't remove the pointer to the bad page
+ * we may try and access it later and we will die
+ * horribly because it will have already been
+ * free'd and overwritten with bogus data.
+ */
+ prev_bp->ovfl = NULL;
+ }
+ BUF_REMOVE(bp);
+ free(bp->page);
+ free(bp);
+ return (NULL);
+ }
+
+ if (!prev_bp) {
+#if 0
+ /* 16 bit windows and mac can't handle the
+ * oring of the is disk flag.
+ */
+ segp[segment_ndx] =
+ (BUFHEAD *)((ptrdiff_t)bp | is_disk_mask);
+#else
+ /* set the is_disk thing inside the structure
+ */
+ bp->is_disk = is_disk_mask;
+ segp[segment_ndx] = bp;
+#endif
+ }
+ } else {
+ BUF_REMOVE(bp);
+ MRU_INSERT(bp);
+ }
+ return (bp);
+}
+
+/*
+ * We need a buffer for this page. Either allocate one, or evict a resident
+ * one (if we have as many buffers as we're allowed) and put this one in.
+ *
+ * If newbuf finds an error (returning NULL), it also sets errno.
+ */
+static BUFHEAD *
+newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp)
+{
+ register BUFHEAD *bp; /* The buffer we're going to use */
+ register BUFHEAD *xbp; /* Temp pointer */
+ register BUFHEAD *next_xbp;
+ SEGMENT segp;
+ int segment_ndx;
+ uint16 oaddr, *shortp;
+
+ oaddr = 0;
+ bp = LRU;
+ /*
+ * If LRU buffer is pinned, the buffer pool is too small. We need to
+ * allocate more buffers.
+ */
+ if (hashp->nbufs || (bp->flags & BUF_PIN)) {
+ /* Allocate a new one */
+ if ((bp = (BUFHEAD *)malloc(sizeof(BUFHEAD))) == NULL)
+ return (NULL);
+
+ /* this memset is supposedly unnecessary but lets add
+ * it anyways.
+ */
+ memset(bp, 0xff, sizeof(BUFHEAD));
+
+ if ((bp->page = (char *)malloc((size_t)hashp->BSIZE)) == NULL) {
+ free(bp);
+ return (NULL);
+ }
+
+ /* this memset is supposedly unnecessary but lets add
+ * it anyways.
+ */
+ memset(bp->page, 0xff, (size_t)hashp->BSIZE);
+
+ if (hashp->nbufs)
+ hashp->nbufs--;
+ } else {
+ /* Kick someone out */
+ BUF_REMOVE(bp);
+ /*
+ * If this is an overflow page with addr 0, it's already been
+ * flushed back in an overflow chain and initialized.
+ */
+ if ((bp->addr != 0) || (bp->flags & BUF_BUCKET)) {
+ /*
+ * Set oaddr before __put_page so that you get it
+ * before bytes are swapped.
+ */
+ shortp = (uint16 *)bp->page;
+ if (shortp[0]) {
+ if (shortp[0] > (hashp->BSIZE / sizeof(uint16))) {
+ return (NULL);
+ }
+ oaddr = shortp[shortp[0] - 1];
+ }
+ if ((bp->flags & BUF_MOD) && __put_page(hashp, bp->page,
+ bp->addr, (int)IS_BUCKET(bp->flags), 0))
+ return (NULL);
+ /*
+ * Update the pointer to this page (i.e. invalidate it).
+ *
+ * If this is a new file (i.e. we created it at open
+ * time), make sure that we mark pages which have been
+ * written to disk so we retrieve them from disk later,
+ * rather than allocating new pages.
+ */
+ if (IS_BUCKET(bp->flags)) {
+ segment_ndx = bp->addr & (hashp->SGSIZE - 1);
+ segp = hashp->dir[bp->addr >> hashp->SSHIFT];
+#ifdef DEBUG
+ assert(segp != NULL);
+#endif
+
+ if (hashp->new_file &&
+ ((bp->flags & BUF_MOD) ||
+ ISDISK(segp[segment_ndx])))
+ segp[segment_ndx] = (BUFHEAD *)BUF_DISK;
+ else
+ segp[segment_ndx] = NULL;
+ }
+ /*
+ * Since overflow pages can only be access by means of
+ * their bucket, free overflow pages associated with
+ * this bucket.
+ */
+ for (xbp = bp; xbp->ovfl;) {
+ next_xbp = xbp->ovfl;
+ xbp->ovfl = 0;
+ xbp = next_xbp;
+
+ /* leave pinned pages alone, we are still using
+ * them. */
+ if (xbp->flags & BUF_PIN) {
+ continue;
+ }
+
+ /* Check that ovfl pointer is up date. */
+ if (IS_BUCKET(xbp->flags) ||
+ (oaddr != xbp->addr))
+ break;
+
+ shortp = (uint16 *)xbp->page;
+ if (shortp[0]) {
+ /* LJM is the number of reported
+ * pages way too much?
+ */
+ if (shortp[0] > hashp->BSIZE / sizeof(uint16))
+ return NULL;
+ /* set before __put_page */
+ oaddr = shortp[shortp[0] - 1];
+ }
+ if ((xbp->flags & BUF_MOD) && __put_page(hashp,
+ xbp->page, xbp->addr, 0, 0))
+ return (NULL);
+ xbp->addr = 0;
+ xbp->flags = 0;
+ BUF_REMOVE(xbp);
+ LRU_INSERT(xbp);
+ }
+ }
+ }
+
+ /* Now assign this buffer */
+ bp->addr = addr;
+#ifdef DEBUG1
+ (void)fprintf(stderr, "NEWBUF1: %d->ovfl was %d is now %d\n",
+ bp->addr, (bp->ovfl ? bp->ovfl->addr : 0), 0);
+#endif
+ bp->ovfl = NULL;
+ if (prev_bp) {
+/*
+ * If prev_bp is set, this is an overflow page, hook it in to
+ * the buffer overflow links.
+ */
+#ifdef DEBUG1
+ (void)fprintf(stderr, "NEWBUF2: %d->ovfl was %d is now %d\n",
+ prev_bp->addr, (prev_bp->ovfl ? bp->ovfl->addr : 0),
+ (bp ? bp->addr : 0));
+#endif
+ prev_bp->ovfl = bp;
+ bp->flags = 0;
+ } else
+ bp->flags = BUF_BUCKET;
+ MRU_INSERT(bp);
+ return (bp);
+}
+
+extern void
+__buf_init(HTAB *hashp, int32 nbytes)
+{
+ BUFHEAD *bfp;
+ int npages;
+
+ bfp = &(hashp->bufhead);
+ npages = (nbytes + hashp->BSIZE - 1) >> hashp->BSHIFT;
+ npages = PR_MAX(npages, MIN_BUFFERS);
+
+ hashp->nbufs = npages;
+ bfp->next = bfp;
+ bfp->prev = bfp;
+ /*
+ * This space is calloc'd so these are already null.
+ *
+ * bfp->ovfl = NULL;
+ * bfp->flags = 0;
+ * bfp->page = NULL;
+ * bfp->addr = 0;
+ */
+}
+
+extern int
+__buf_free(HTAB *hashp, int do_free, int to_disk)
+{
+ BUFHEAD *bp;
+ int status = -1;
+
+ /* Need to make sure that buffer manager has been initialized */
+ if (!LRU)
+ return (0);
+ for (bp = LRU; bp != &hashp->bufhead;) {
+ /* Check that the buffer is valid */
+ if (bp->addr || IS_BUCKET(bp->flags)) {
+ if (to_disk && (bp->flags & BUF_MOD) &&
+ (status = __put_page(hashp, bp->page,
+ bp->addr, IS_BUCKET(bp->flags), 0))) {
+
+ if (do_free) {
+ if (bp->page)
+ free(bp->page);
+ BUF_REMOVE(bp);
+ free(bp);
+ }
+
+ return (status);
+ }
+ }
+ /* Check if we are freeing stuff */
+ if (do_free) {
+ if (bp->page)
+ free(bp->page);
+ BUF_REMOVE(bp);
+ free(bp);
+ bp = LRU;
+ } else
+ bp = bp->prev;
+ }
+ return (0);
+}
+
+extern void
+__reclaim_buf(HTAB *hashp, BUFHEAD *bp)
+{
+ bp->ovfl = 0;
+ bp->addr = 0;
+ bp->flags = 0;
+ BUF_REMOVE(bp);
+ LRU_INSERT(bp);
+}
diff --git a/security/nss/lib/dbm/src/manifest.mn b/security/nss/lib/dbm/src/manifest.mn
new file mode 100644
index 000000000..119044407
--- /dev/null
+++ b/security/nss/lib/dbm/src/manifest.mn
@@ -0,0 +1,28 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../../..
+
+MODULE = dbm
+
+#
+# memmove.c, snprintf.c, and strerror.c are not in CSRCS because
+# the Standard C Library has memmove and strerror and DBM is not
+# using snprintf.
+#
+
+CSRCS = db.c \
+ h_bigkey.c \
+ h_func.c \
+ h_log2.c \
+ h_page.c \
+ hash.c \
+ hash_buf.c \
+ mktemp.c \
+ dirent.c \
+ $(NULL)
+
+LIBRARY_NAME = dbm
diff --git a/security/nss/lib/dbm/src/memmove.c b/security/nss/lib/dbm/src/memmove.c
new file mode 100644
index 000000000..135185b35
--- /dev/null
+++ b/security/nss/lib/dbm/src/memmove.c
@@ -0,0 +1,146 @@
+#if defined(__sun) && !defined(__SVR4)
+/*-
+ * Copyright (c) 1990, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Chris Torek.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)bcopy.c 8.1 (Berkeley) 6/4/93";
+#endif /* LIBC_SCCS and not lint */
+
+#include <string.h>
+
+/*
+ * sizeof(word) MUST BE A POWER OF TWO
+ * SO THAT wmask BELOW IS ALL ONES
+ */
+typedef int word; /* "word" used for optimal copy speed */
+
+#define wsize sizeof(word)
+#define wmask (wsize - 1)
+
+/*
+ * Copy a block of memory, handling overlap.
+ * This is the routine that actually implements
+ * (the portable versions of) bcopy, memcpy, and memmove.
+ */
+#ifdef MEMCOPY
+void *
+ memcpy(dst0, src0, length)
+#else
+#ifdef MEMMOVE
+void *
+ memmove(dst0, src0, length)
+#else
+void
+ bcopy(src0, dst0, length)
+#endif
+#endif
+ void *dst0;
+const void *src0;
+register size_t length;
+{
+ register char *dst = dst0;
+ register const char *src = src0;
+ register size_t t;
+
+ if (length == 0 || dst == src) /* nothing to do */
+ goto done;
+
+/*
+ * Macros: loop-t-times; and loop-t-times, t>0
+ */
+#define TLOOP(s) \
+ if (t) \
+ TLOOP1(s)
+#define TLOOP1(s) \
+ do { \
+ s; \
+ } while (--t)
+
+ if ((unsigned long)dst < (unsigned long)src) {
+ /*
+ * Copy forward.
+ */
+ t = (int)src; /* only need low bits */
+ if ((t | (int)dst) & wmask) {
+ /*
+ * Try to align operands. This cannot be done
+ * unless the low bits match.
+ */
+ if ((t ^ (int)dst) & wmask || length < wsize)
+ t = length;
+ else
+ t = wsize - (t & wmask);
+ length -= t;
+ TLOOP1(*dst++ = *src++);
+ }
+ /*
+ * Copy whole words, then mop up any trailing bytes.
+ */
+ t = length / wsize;
+ TLOOP(*(word *)dst = *(word *)src; src += wsize; dst += wsize);
+ t = length & wmask;
+ TLOOP(*dst++ = *src++);
+ } else {
+ /*
+ * Copy backwards. Otherwise essentially the same.
+ * Alignment works as before, except that it takes
+ * (t&wmask) bytes to align, not wsize-(t&wmask).
+ */
+ src += length;
+ dst += length;
+ t = (int)src;
+ if ((t | (int)dst) & wmask) {
+ if ((t ^ (int)dst) & wmask || length <= wsize)
+ t = length;
+ else
+ t &= wmask;
+ length -= t;
+ TLOOP1(*--dst = *--src);
+ }
+ t = length / wsize;
+ TLOOP(src -= wsize; dst -= wsize; *(word *)dst = *(word *)src);
+ t = length & wmask;
+ TLOOP(*--dst = *--src);
+ }
+done:
+#if defined(MEMCOPY) || defined(MEMMOVE)
+ return (dst0);
+#else
+ return;
+#endif
+}
+#endif /* no __sgi */
+
+/* Some compilers don't like an empty source file. */
+static int dummy = 0;
diff --git a/security/nss/lib/dbm/src/mktemp.c b/security/nss/lib/dbm/src/mktemp.c
new file mode 100644
index 000000000..b668ece18
--- /dev/null
+++ b/security/nss/lib/dbm/src/mktemp.c
@@ -0,0 +1,149 @@
+/*
+ * Copyright (c) 1987, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93";
+#endif /* LIBC_SCCS and not lint */
+
+#ifdef macintosh
+#include <unix.h>
+#else
+#include <sys/types.h>
+#include <sys/stat.h>
+#endif
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <ctype.h>
+#include "mcom_db.h"
+
+#ifndef _WINDOWS
+#include <unistd.h>
+#endif
+
+#ifdef _WINDOWS
+#include <process.h>
+#include "winfile.h"
+#endif
+
+static int _gettemp(char *path, register int *doopen, int extraFlags);
+
+int
+mkstemp(char *path)
+{
+#ifdef XP_OS2
+ FILE *temp = tmpfile();
+
+ return (temp ? fileno(temp) : -1);
+#else
+ int fd;
+
+ return (_gettemp(path, &fd, 0) ? fd : -1);
+#endif
+}
+
+int
+mkstempflags(char *path, int extraFlags)
+{
+ int fd;
+
+ return (_gettemp(path, &fd, extraFlags) ? fd : -1);
+}
+
+/* NB: This routine modifies its input string, and does not always restore it.
+** returns 1 on success, 0 on failure.
+*/
+static int
+_gettemp(char *path, register int *doopen, int extraFlags)
+{
+ register char *start, *trv;
+ struct stat sbuf;
+ unsigned int pid;
+
+ pid = getpid();
+ for (trv = path; *trv; ++trv)
+ ; /* extra X's get set to 0's */
+ while (*--trv == 'X') {
+ *trv = (pid % 10) + '0';
+ pid /= 10;
+ }
+
+ /*
+ * check the target directory; if you have six X's and it
+ * doesn't exist this runs for a *very* long time.
+ */
+ for (start = trv + 1;; --trv) {
+ char saved;
+ if (trv <= path)
+ break;
+ saved = *trv;
+ if (saved == '/' || saved == '\\') {
+ int rv;
+ *trv = '\0';
+ rv = stat(path, &sbuf);
+ *trv = saved;
+ if (rv)
+ return (0);
+ if (!S_ISDIR(sbuf.st_mode)) {
+ errno = ENOTDIR;
+ return (0);
+ }
+ break;
+ }
+ }
+
+ for (;;) {
+ if (doopen) {
+ if ((*doopen =
+ open(path, O_CREAT | O_EXCL | O_RDWR | extraFlags, 0600)) >= 0)
+ return (1);
+ if (errno != EEXIST)
+ return (0);
+ } else if (stat(path, &sbuf))
+ return (errno == ENOENT ? 1 : 0);
+
+ /* tricky little algorithm for backward compatibility */
+ for (trv = start;;) {
+ if (!*trv)
+ return (0);
+ if (*trv == 'z')
+ *trv++ = 'a';
+ else {
+ if (isdigit(*trv))
+ *trv = 'a';
+ else
+ ++*trv;
+ break;
+ }
+ }
+ }
+ /*NOTREACHED*/
+}
diff --git a/security/nss/lib/dbm/src/snprintf.c b/security/nss/lib/dbm/src/snprintf.c
new file mode 100644
index 000000000..3cafacf44
--- /dev/null
+++ b/security/nss/lib/dbm/src/snprintf.c
@@ -0,0 +1,50 @@
+#ifndef HAVE_SNPRINTF
+
+#include <sys/types.h>
+#include <stddef.h>
+#include <stdio.h>
+
+#include "prtypes.h"
+
+#include <ncompat.h>
+
+#include <stdarg.h>
+
+int
+snprintf(char *str, size_t n, const char *fmt, ...)
+{
+ va_list ap;
+#ifdef VSPRINTF_CHARSTAR
+ char *rp;
+#else
+ int rval;
+#endif
+ va_start(ap, fmt);
+#ifdef VSPRINTF_CHARSTAR
+ rp = vsprintf(str, fmt, ap);
+ va_end(ap);
+ return (strlen(rp));
+#else
+ rval = vsprintf(str, fmt, ap);
+ va_end(ap);
+ return (rval);
+#endif
+}
+
+int
+ vsnprintf(str, n, fmt, ap) char *str;
+size_t n;
+const char *fmt;
+va_list ap;
+{
+#ifdef VSPRINTF_CHARSTAR
+ return (strlen(vsprintf(str, fmt, ap)));
+#else
+ return (vsprintf(str, fmt, ap));
+#endif
+}
+
+#endif /* HAVE_SNPRINTF */
+
+/* Some compilers don't like an empty source file. */
+static int dummy = 0;
diff --git a/security/nss/lib/dbm/src/src.gyp b/security/nss/lib/dbm/src/src.gyp
new file mode 100644
index 000000000..a84755e60
--- /dev/null
+++ b/security/nss/lib/dbm/src/src.gyp
@@ -0,0 +1,40 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'dbm',
+ 'type': 'static_library',
+ 'sources': [
+ 'db.c',
+ 'dirent.c',
+ 'h_bigkey.c',
+ 'h_func.c',
+ 'h_log2.c',
+ 'h_page.c',
+ 'hash.c',
+ 'hash_buf.c',
+ 'mktemp.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:dbm_exports'
+ ]
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'STDC_HEADERS',
+ 'HAVE_STRERROR',
+ 'HAVE_SNPRINTF',
+ 'MEMMOVE',
+ '__DBINTERFACE_PRIVATE'
+ ]
+ },
+ 'variables': {
+ 'module': 'dbm'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/dbm/src/strerror.c b/security/nss/lib/dbm/src/strerror.c
new file mode 100644
index 000000000..d64918b5c
--- /dev/null
+++ b/security/nss/lib/dbm/src/strerror.c
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 1988, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. ***REMOVED*** - see
+ * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)strerror.c 8.1 (Berkeley) 6/4/93";
+#endif /* LIBC_SCCS and not lint */
+
+#include <string.h>
+
+#ifdef _DLL
+#define sys_nerr (*_sys_nerr_dll)
+#endif
+
+#ifndef HAVE_STRERROR
+#ifndef _AFXDLL
+char *
+ strerror(num) int num;
+{
+ extern int sys_nerr;
+ extern char *sys_errlist[];
+#define UPREFIX "Unknown error: "
+ static char ebuf[40] = UPREFIX; /* 64-bit number + slop */
+ register unsigned int errnum;
+ register char *p, *t;
+ char tmp[40];
+
+ errnum = num; /* convert to unsigned */
+ if (errnum < sys_nerr)
+ return (sys_errlist[errnum]);
+
+ /* Do this by hand, so we don't include stdio(3). */
+ t = tmp;
+ do {
+ *t++ = "0123456789"[errnum % 10];
+ } while (errnum /= 10);
+ for (p = ebuf + sizeof(UPREFIX) - 1;;) {
+ *p++ = *--t;
+ if (t <= tmp)
+ break;
+ }
+ return (ebuf);
+}
+
+#endif
+#endif /* !HAVE_STRERROR */
diff --git a/security/nss/lib/dbm/tests/Makefile b/security/nss/lib/dbm/tests/Makefile
new file mode 100644
index 000000000..3ecabe27c
--- /dev/null
+++ b/security/nss/lib/dbm/tests/Makefile
@@ -0,0 +1,41 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+DEPTH = ../../..
+CORE_DEPTH = ../../..
+
+VPATH = $(CORE_DEPTH)/../dbm/tests
+
+MODULE = dbm
+
+CSRCS = lots.c
+
+PROGRAM = lots
+
+include $(DEPTH)/coreconf/config.mk
+
+include $(DEPTH)/dbm/config/config.mk
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+LIBDBM = ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX)
+else
+LIBDBM = ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX)
+endif
+
+INCLUDES += -I$(CORE_DEPTH)/../dbm/include
+
+LDFLAGS = $(LDOPTS) $(LIBDBM)
+
+include $(DEPTH)/coreconf/rules.mk
+
+lots.pure: lots
+ purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS)
+
+crash: crash.o $(MYLIBS)
+ $(CC) -o crash $(CFLAGS) $^
+
+crash.pure: crash.o $(MYLIBS)
+ purify $(CC) -o crash.pure $(CFLAGS) $^
+
diff --git a/security/nss/lib/dbm/tests/dbmtest.pkg b/security/nss/lib/dbm/tests/dbmtest.pkg
new file mode 100644
index 000000000..abd564bed
--- /dev/null
+++ b/security/nss/lib/dbm/tests/dbmtest.pkg
@@ -0,0 +1,2 @@
+[gecko-tests]
+dist/bin/lots@BINS@
diff --git a/security/nss/lib/dbm/tests/lots.c b/security/nss/lib/dbm/tests/lots.c
new file mode 100644
index 000000000..91bba4965
--- /dev/null
+++ b/security/nss/lib/dbm/tests/lots.c
@@ -0,0 +1,553 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* use sequental numbers printed to strings
+ * to store lots and lots of entries in the
+ * database.
+ *
+ * Start with 100 entries, put them and then
+ * read them out. Then delete the first
+ * half and verify that all of the first half
+ * is gone and then verify that the second
+ * half is still there.
+ * Then add the first half back and verify
+ * again. Then delete the middle third
+ * and verify again.
+ * Then increase the size by 1000 and do
+ * the whole add delete thing again.
+ *
+ * The data for each object is the number string translated
+ * to hex and replicated a random number of times. The
+ * number of times that the data is replicated is the first
+ * int32 in the data.
+ */
+
+#include <stdio.h>
+
+#include <stdlib.h>
+#ifdef STDC_HEADERS
+#include <stdarg.h>
+#else
+#include <varargs.h>
+#endif
+
+#ifdef HAVE_MEMORY_H
+#include <memory.h>
+#endif
+#include <string.h>
+#include <assert.h>
+#include "mcom_db.h"
+
+DB *database = 0;
+int MsgPriority = 5;
+
+#if defined(_WINDOWS) && !defined(WIN32)
+#define int32 long
+#define uint32 unsigned long
+#else
+#define int32 int
+#define uint32 unsigned int
+#endif
+
+typedef enum {
+ USE_LARGE_KEY,
+ USE_SMALL_KEY
+} key_type_enum;
+
+#define TraceMe(priority, msg) \
+ do { \
+ if (priority <= MsgPriority) { \
+ ReportStatus msg; \
+ } \
+ } while (0)
+
+int
+ReportStatus(char *string, ...)
+{
+ va_list args;
+
+#ifdef STDC_HEADERS
+ va_start(args, string);
+#else
+ va_start(args);
+#endif
+ vfprintf(stderr, string, args);
+ va_end(args);
+
+ fprintf(stderr, "\n");
+
+ return (0);
+}
+
+int
+ReportError(char *string, ...)
+{
+ va_list args;
+
+#ifdef STDC_HEADERS
+ va_start(args, string);
+#else
+ va_start(args);
+#endif
+ fprintf(stderr, "\n ");
+ vfprintf(stderr, string, args);
+ fprintf(stderr, "\n");
+ va_end(args);
+
+ return (0);
+}
+
+DBT *
+MakeLargeKey(int32 num)
+{
+ int32 low_bits;
+ static DBT rv;
+ static char *string_rv = 0;
+ int rep_char;
+ size_t size;
+
+ if (string_rv)
+ free(string_rv);
+
+ /* generate a really large text key derived from
+ * an int32
+ */
+ low_bits = (num % 10000) + 1;
+
+ /* get the repeat char from the low 26 */
+ rep_char = (char)((low_bits % 26) + 'a');
+
+ /* malloc a string low_bits wide */
+ size = low_bits * sizeof(char);
+ string_rv = (char *)malloc(size);
+
+ memset(string_rv, rep_char, size);
+
+ rv.data = string_rv;
+ rv.size = size;
+
+ return (&rv);
+}
+
+DBT *
+MakeSmallKey(int32 num)
+{
+ static DBT rv;
+ static char data_string[64];
+
+ rv.data = data_string;
+
+ sprintf(data_string, "%ld", (long)num);
+ rv.size = strlen(data_string);
+
+ return (&rv);
+}
+
+DBT *
+GenKey(int32 num, key_type_enum key_type)
+{
+ DBT *key;
+
+ switch (key_type) {
+ case USE_LARGE_KEY:
+ key = MakeLargeKey(num);
+ break;
+ case USE_SMALL_KEY:
+ key = MakeSmallKey(num);
+ break;
+ default:
+ abort();
+ break;
+ }
+
+ return (key);
+}
+
+int
+SeqDatabase()
+{
+ int status;
+ DBT key, data;
+
+ ReportStatus("SEQuencing through database...");
+
+ /* seq through the whole database */
+ if (!(status = (*database->seq)(database, &key, &data, R_FIRST))) {
+ while (!(status = (database->seq)(database, &key, &data, R_NEXT)))
+ ; /* null body */
+ }
+
+ if (status < 0)
+ ReportError("Error seq'ing database");
+
+ return (status);
+}
+
+int
+VerifyData(DBT *data, int32 num, key_type_enum key_type)
+{
+ int32 count, compare_num;
+ size_t size;
+ int32 *int32_array;
+
+ /* The first int32 is count
+ * The other n entries should
+ * all equal num
+ */
+ if (data->size < sizeof(int32)) {
+ ReportError("Data size corrupted");
+ return -1;
+ }
+
+ memcpy(&count, data->data, sizeof(int32));
+
+ size = sizeof(int32) * (count + 1);
+
+ if (size != data->size) {
+ ReportError("Data size corrupted");
+ return -1;
+ }
+
+ int32_array = (int32 *)data->data;
+
+ for (; count > 0; count--) {
+ memcpy(&compare_num, &int32_array[count], sizeof(int32));
+
+ if (compare_num != num) {
+ ReportError("Data corrupted");
+ return -1;
+ }
+ }
+
+ return (0);
+}
+
+/* verify that a range of number strings exist
+ * or don't exist. And that the data is valid
+ */
+#define SHOULD_EXIST 1
+#define SHOULD_NOT_EXIST 0
+int
+VerifyRange(int32 low, int32 high, int32 should_exist, key_type_enum key_type)
+{
+ DBT *key, data;
+ int32 num;
+ int status;
+
+ TraceMe(1, ("Verifying: %ld to %ld, using %s keys",
+ low, high, key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
+
+ for (num = low; num <= high; num++) {
+
+ key = GenKey(num, key_type);
+
+ status = (*database->get)(database, key, &data, 0);
+
+ if (status == 0) {
+ /* got the item */
+ if (!should_exist) {
+ ReportError("Item exists but shouldn't: %ld", num);
+ } else {
+ /* else verify the data */
+ VerifyData(&data, num, key_type);
+ }
+ } else if (status > 0) {
+ /* item not found */
+ if (should_exist) {
+ ReportError("Item not found but should be: %ld", num);
+ }
+ } else {
+ /* database error */
+ ReportError("Database error");
+ return (-1);
+ }
+ }
+
+ TraceMe(1, ("Correctly verified: %ld to %ld", low, high));
+
+ return (0);
+}
+
+DBT *
+GenData(int32 num)
+{
+ int32 n;
+ static DBT *data = 0;
+ int32 *int32_array;
+ size_t size;
+
+ if (!data) {
+ data = (DBT *)malloc(sizeof(DBT));
+ data->size = 0;
+ data->data = 0;
+ } else if (data->data) {
+ free(data->data);
+ }
+
+ n = rand();
+
+ n = n % 512; /* bound to a 2K size */
+
+ size = sizeof(int32) * (n + 1);
+ int32_array = (int32 *)malloc(size);
+
+ memcpy(&int32_array[0], &n, sizeof(int32));
+
+ for (; n > 0; n--) {
+ memcpy(&int32_array[n], &num, sizeof(int32));
+ }
+
+ data->data = (void *)int32_array;
+ data->size = size;
+
+ return (data);
+}
+
+#define ADD_RANGE 1
+#define DELETE_RANGE 2
+
+int
+AddOrDelRange(int32 low, int32 high, int action, key_type_enum key_type)
+{
+ DBT *key, *data;
+#if 0 /* only do this if your really analy checking the puts */
+ DBT tmp_data;
+#endif
+ int32 num;
+ int status;
+
+ if (action != ADD_RANGE && action != DELETE_RANGE)
+ assert(0);
+
+ if (action == ADD_RANGE) {
+ TraceMe(1, ("Adding: %ld to %ld: %s keys", low, high,
+ key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
+ } else {
+ TraceMe(1, ("Deleting: %ld to %ld: %s keys", low, high,
+ key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
+ }
+
+ for (num = low; num <= high; num++) {
+
+ key = GenKey(num, key_type);
+
+ if (action == ADD_RANGE) {
+ data = GenData(num);
+ status = (*database->put)(database, key, data, 0);
+ } else {
+ status = (*database->del)(database, key, 0);
+ }
+
+ if (status < 0) {
+ ReportError("Database error %s item: %ld",
+ action == ADD_RANGE ? "ADDING" : "DELETING",
+ num);
+ } else if (status > 0) {
+ ReportError("Could not %s item: %ld",
+ action == ADD_RANGE ? "ADD" : "DELETE",
+ num);
+ } else if (action == ADD_RANGE) {
+#define SYNC_EVERY_TIME
+#ifdef SYNC_EVERY_TIME
+ status = (*database->sync)(database, 0);
+ if (status != 0)
+ ReportError("Database error syncing after add");
+#endif
+
+#if 0 /* only do this if your really analy checking the puts */
+
+ /* make sure we can still get it
+ */
+ status = (*database->get)(database, key, &tmp_data, 0);
+
+ if(status != 0)
+ {
+ ReportError("Database error checking item just added: %d",
+ num);
+ }
+ else
+ {
+ /* now verify that none of the ones we already
+ * put in have disappeared
+ */
+ VerifyRange(low, num, SHOULD_EXIST, key_type);
+ }
+#endif
+ }
+ }
+
+ if (action == ADD_RANGE) {
+ TraceMe(1, ("Successfully added: %ld to %ld", low, high));
+ } else {
+ TraceMe(1, ("Successfully deleted: %ld to %ld", low, high));
+ }
+
+ return (0);
+}
+
+int
+TestRange(int32 low, int32 range, key_type_enum key_type)
+{
+ int status;
+ int32 low_of_range1, high_of_range1;
+ int32 low_of_range2, high_of_range2;
+ int32 low_of_range3, high_of_range3;
+
+ status = AddOrDelRange(low, low + range, ADD_RANGE, key_type);
+ status = VerifyRange(low, low + range, SHOULD_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 1"));
+
+ SeqDatabase();
+
+ low_of_range1 = low;
+ high_of_range1 = low + (range / 2);
+ low_of_range2 = high_of_range1 + 1;
+ high_of_range2 = low + range;
+ status = AddOrDelRange(low_of_range1, high_of_range1, DELETE_RANGE, key_type);
+ status = VerifyRange(low_of_range1, high_of_range1, SHOULD_NOT_EXIST, key_type);
+ status = VerifyRange(low_of_range2, low_of_range2, SHOULD_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 2"));
+
+ SeqDatabase();
+
+ status = AddOrDelRange(low_of_range1, high_of_range1, ADD_RANGE, key_type);
+ /* the whole thing should exist now */
+ status = VerifyRange(low, low + range, SHOULD_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 3"));
+
+ SeqDatabase();
+
+ status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
+ status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
+ status = VerifyRange(low_of_range2, high_of_range2, SHOULD_NOT_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 4"));
+
+ SeqDatabase();
+
+ status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
+ /* the whole thing should exist now */
+ status = VerifyRange(low, low + range, SHOULD_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 5"));
+
+ SeqDatabase();
+
+ low_of_range1 = low;
+ high_of_range1 = low + (range / 3);
+ low_of_range2 = high_of_range1 + 1;
+ high_of_range2 = high_of_range1 + (range / 3);
+ low_of_range3 = high_of_range2 + 1;
+ high_of_range3 = low + range;
+ /* delete range 2 */
+ status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
+ status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
+ status = VerifyRange(low_of_range2, low_of_range2, SHOULD_NOT_EXIST, key_type);
+ status = VerifyRange(low_of_range3, low_of_range2, SHOULD_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 6"));
+
+ SeqDatabase();
+
+ status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
+ /* the whole thing should exist now */
+ status = VerifyRange(low, low + range, SHOULD_EXIST, key_type);
+
+ TraceMe(1, ("Finished with sub test 7"));
+
+ return (0);
+}
+
+#define START_RANGE 109876
+int
+main(int argc, char **argv)
+{
+ int32 i, j = 0;
+ int quick_exit = 0;
+ int large_keys = 0;
+ HASHINFO hash_info = {
+ 16 * 1024,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0
+ };
+
+ if (argc > 1) {
+ while (argc > 1) {
+ if (!strcmp(argv[argc - 1], "-quick"))
+ quick_exit = 1;
+ else if (!strcmp(argv[argc - 1], "-large")) {
+ large_keys = 1;
+ }
+ argc--;
+ }
+ }
+
+ database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, &hash_info);
+
+ if (!database) {
+ ReportError("Could not open database");
+#ifdef unix
+ perror("");
+#endif
+ exit(1);
+ }
+
+ if (quick_exit) {
+ if (large_keys)
+ TestRange(START_RANGE, 200, USE_LARGE_KEY);
+ else
+ TestRange(START_RANGE, 200, USE_SMALL_KEY);
+
+ (*database->sync)(database, 0);
+ (*database->close)(database);
+ exit(0);
+ }
+
+ for (i = 100; i < 10000000; i += 200) {
+ if (1 || j) {
+ TestRange(START_RANGE, i, USE_LARGE_KEY);
+ j = 0;
+ } else {
+ TestRange(START_RANGE, i, USE_SMALL_KEY);
+ j = 1;
+ }
+
+ if (1 == rand() % 3) {
+ (*database->sync)(database, 0);
+ }
+
+ if (1 == rand() % 3) {
+ /* close and reopen */
+ (*database->close)(database);
+ database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
+ if (!database) {
+ ReportError("Could not reopen database");
+#ifdef unix
+ perror("");
+#endif
+ exit(1);
+ }
+ } else {
+ /* reopen database without closeing the other */
+ database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
+ if (!database) {
+ ReportError("Could not reopen database "
+ "after not closing the other");
+#ifdef unix
+ perror("");
+#endif
+ exit(1);
+ }
+ }
+ }
+
+ return (0);
+}
diff --git a/security/nss/lib/dev/Makefile b/security/nss/lib/dev/Makefile
new file mode 100644
index 000000000..d88eb2807
--- /dev/null
+++ b/security/nss/lib/dev/Makefile
@@ -0,0 +1,24 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
+# ckhelper.c in 64-bit mode for unknown reasons. A workaround is
+# to compile it with optimizations turned on. (Bugzilla bug #63815)
+ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
+ifeq ($(USE_64),1)
+ifndef BUILD_OPT
+$(OBJDIR)/ckhelper.o: ckhelper.c
+ @$(MAKE_OBJDIR)
+ $(CC) -o $@ -c -O2 $(CFLAGS) $<
+endif
+endif
+endif
+
+export:: private_export
diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c
new file mode 100644
index 000000000..4f3972653
--- /dev/null
+++ b/security/nss/lib/dev/ckhelper.c
@@ -0,0 +1,592 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkcs11.h"
+
+#ifndef DEVM_H
+#include "devm.h"
+#endif /* DEVM_H */
+
+#ifndef CKHELPER_H
+#include "ckhelper.h"
+#endif /* CKHELPER_H */
+
+extern const NSSError NSS_ERROR_DEVICE_ERROR;
+
+static const CK_BBOOL s_true = CK_TRUE;
+NSS_IMPLEMENT_DATA const NSSItem
+ g_ck_true = { (CK_VOID_PTR)&s_true, sizeof(s_true) };
+
+static const CK_BBOOL s_false = CK_FALSE;
+NSS_IMPLEMENT_DATA const NSSItem
+ g_ck_false = { (CK_VOID_PTR)&s_false, sizeof(s_false) };
+
+static const CK_OBJECT_CLASS s_class_cert = CKO_CERTIFICATE;
+NSS_IMPLEMENT_DATA const NSSItem
+ g_ck_class_cert = { (CK_VOID_PTR)&s_class_cert, sizeof(s_class_cert) };
+
+static const CK_OBJECT_CLASS s_class_pubkey = CKO_PUBLIC_KEY;
+NSS_IMPLEMENT_DATA const NSSItem
+ g_ck_class_pubkey = { (CK_VOID_PTR)&s_class_pubkey, sizeof(s_class_pubkey) };
+
+static const CK_OBJECT_CLASS s_class_privkey = CKO_PRIVATE_KEY;
+NSS_IMPLEMENT_DATA const NSSItem
+ g_ck_class_privkey = { (CK_VOID_PTR)&s_class_privkey, sizeof(s_class_privkey) };
+
+static PRBool
+is_string_attribute(
+ CK_ATTRIBUTE_TYPE aType)
+{
+ PRBool isString;
+ switch (aType) {
+ case CKA_LABEL:
+ case CKA_NSS_EMAIL:
+ isString = PR_TRUE;
+ break;
+ default:
+ isString = PR_FALSE;
+ break;
+ }
+ return isString;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCKObject_GetAttributes(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_PTR obj_template,
+ CK_ULONG count,
+ NSSArena *arenaOpt,
+ nssSession *session,
+ NSSSlot *slot)
+{
+ nssArenaMark *mark = NULL;
+ CK_SESSION_HANDLE hSession;
+ CK_ULONG i = 0;
+ CK_RV ckrv;
+ PRStatus nssrv;
+ PRBool alloced = PR_FALSE;
+ void *epv = nssSlot_GetCryptokiEPV(slot);
+ hSession = session->handle;
+ if (arenaOpt) {
+ mark = nssArena_Mark(arenaOpt);
+ if (!mark) {
+ goto loser;
+ }
+ }
+ nssSession_EnterMonitor(session);
+ /* XXX kinda hacky, if the storage size is already in the first template
+ * item, then skip the alloc portion
+ */
+ if (obj_template[0].ulValueLen == 0) {
+ /* Get the storage size needed for each attribute */
+ ckrv = CKAPI(epv)->C_GetAttributeValue(hSession,
+ object, obj_template, count);
+ if (ckrv != CKR_OK &&
+ ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
+ ckrv != CKR_ATTRIBUTE_SENSITIVE) {
+ nssSession_ExitMonitor(session);
+ nss_SetError(NSS_ERROR_DEVICE_ERROR);
+ goto loser;
+ }
+ /* Allocate memory for each attribute. */
+ for (i = 0; i < count; i++) {
+ CK_ULONG ulValueLen = obj_template[i].ulValueLen;
+ if (ulValueLen == 0 || ulValueLen == (CK_ULONG)-1) {
+ obj_template[i].pValue = NULL;
+ obj_template[i].ulValueLen = 0;
+ continue;
+ }
+ if (is_string_attribute(obj_template[i].type)) {
+ ulValueLen++;
+ }
+ obj_template[i].pValue = nss_ZAlloc(arenaOpt, ulValueLen);
+ if (!obj_template[i].pValue) {
+ nssSession_ExitMonitor(session);
+ goto loser;
+ }
+ }
+ alloced = PR_TRUE;
+ }
+ /* Obtain the actual attribute values. */
+ ckrv = CKAPI(epv)->C_GetAttributeValue(hSession,
+ object, obj_template, count);
+ nssSession_ExitMonitor(session);
+ if (ckrv != CKR_OK &&
+ ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
+ ckrv != CKR_ATTRIBUTE_SENSITIVE) {
+ nss_SetError(NSS_ERROR_DEVICE_ERROR);
+ goto loser;
+ }
+ if (alloced && arenaOpt) {
+ nssrv = nssArena_Unmark(arenaOpt, mark);
+ if (nssrv != PR_SUCCESS) {
+ goto loser;
+ }
+ }
+
+ if (count > 1 && ((ckrv == CKR_ATTRIBUTE_TYPE_INVALID) ||
+ (ckrv == CKR_ATTRIBUTE_SENSITIVE))) {
+ /* old tokens would keep the length of '0' and not deal with any
+ * of the attributes we passed. For those tokens read them one at
+ * a time */
+ for (i = 0; i < count; i++) {
+ if ((obj_template[i].ulValueLen == 0) ||
+ (obj_template[i].ulValueLen == -1)) {
+ obj_template[i].ulValueLen = 0;
+ (void)nssCKObject_GetAttributes(object, &obj_template[i], 1,
+ arenaOpt, session, slot);
+ }
+ }
+ }
+ return PR_SUCCESS;
+loser:
+ if (alloced) {
+ if (arenaOpt) {
+ /* release all arena memory allocated before the failure. */
+ (void)nssArena_Release(arenaOpt, mark);
+ } else {
+ CK_ULONG j;
+ /* free each heap object that was allocated before the failure. */
+ for (j = 0; j < i; j++) {
+ nss_ZFreeIf(obj_template[j].pValue);
+ }
+ }
+ }
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCKObject_GetAttributeItem(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSArena *arenaOpt,
+ nssSession *session,
+ NSSSlot *slot,
+ NSSItem *rvItem)
+{
+ CK_ATTRIBUTE attr = { 0, NULL, 0 };
+ PRStatus nssrv;
+ attr.type = attribute;
+ nssrv = nssCKObject_GetAttributes(object, &attr, 1,
+ arenaOpt, session, slot);
+ if (nssrv != PR_SUCCESS) {
+ return nssrv;
+ }
+ rvItem->data = (void *)attr.pValue;
+ rvItem->size = (PRUint32)attr.ulValueLen;
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRBool
+nssCKObject_IsAttributeTrue(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_TYPE attribute,
+ nssSession *session,
+ NSSSlot *slot,
+ PRStatus *rvStatus)
+{
+ CK_BBOOL bool;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE atemplate = { 0, NULL, 0 };
+ CK_RV ckrv;
+ void *epv = nssSlot_GetCryptokiEPV(slot);
+ attr = &atemplate;
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, attribute, bool);
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_GetAttributeValue(session->handle, object,
+ &atemplate, 1);
+ nssSession_ExitMonitor(session);
+ if (ckrv != CKR_OK) {
+ *rvStatus = PR_FAILURE;
+ return PR_FALSE;
+ }
+ *rvStatus = PR_SUCCESS;
+ return (PRBool)(bool == CK_TRUE);
+}
+
+NSS_IMPLEMENT PRStatus
+nssCKObject_SetAttributes(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_PTR obj_template,
+ CK_ULONG count,
+ nssSession *session,
+ NSSSlot *slot)
+{
+ CK_RV ckrv;
+ void *epv = nssSlot_GetCryptokiEPV(slot);
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle, object,
+ obj_template, count);
+ nssSession_ExitMonitor(session);
+ if (ckrv == CKR_OK) {
+ return PR_SUCCESS;
+ } else {
+ return PR_FAILURE;
+ }
+}
+
+NSS_IMPLEMENT PRBool
+nssCKObject_IsTokenObjectTemplate(
+ CK_ATTRIBUTE_PTR objectTemplate,
+ CK_ULONG otsize)
+{
+ CK_ULONG ul;
+ for (ul = 0; ul < otsize; ul++) {
+ if (objectTemplate[ul].type == CKA_TOKEN) {
+ return (*((CK_BBOOL *)objectTemplate[ul].pValue) == CK_TRUE);
+ }
+ }
+ return PR_FALSE;
+}
+
+static NSSCertificateType
+nss_cert_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
+{
+ CK_CERTIFICATE_TYPE ckCertType;
+ if (!attrib->pValue) {
+ /* default to PKIX */
+ return NSSCertificateType_PKIX;
+ }
+ ckCertType = *((CK_ULONG *)attrib->pValue);
+ switch (ckCertType) {
+ case CKC_X_509:
+ return NSSCertificateType_PKIX;
+ default:
+ break;
+ }
+ return NSSCertificateType_Unknown;
+}
+
+/* incoming pointers must be valid */
+NSS_IMPLEMENT PRStatus
+nssCryptokiCertificate_GetAttributes(
+ nssCryptokiObject *certObject,
+ nssSession *sessionOpt,
+ NSSArena *arenaOpt,
+ NSSCertificateType *certTypeOpt,
+ NSSItem *idOpt,
+ NSSDER *encodingOpt,
+ NSSDER *issuerOpt,
+ NSSDER *serialOpt,
+ NSSDER *subjectOpt)
+{
+ PRStatus status;
+ PRUint32 i;
+ nssSession *session;
+ NSSSlot *slot;
+ CK_ULONG template_size;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE cert_template[6];
+ /* Set up a template of all options chosen by caller */
+ NSS_CK_TEMPLATE_START(cert_template, attr, template_size);
+ if (certTypeOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_CERTIFICATE_TYPE);
+ }
+ if (idOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
+ }
+ if (encodingOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
+ }
+ if (issuerOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ISSUER);
+ }
+ if (serialOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SERIAL_NUMBER);
+ }
+ if (subjectOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SUBJECT);
+ }
+ NSS_CK_TEMPLATE_FINISH(cert_template, attr, template_size);
+ if (template_size == 0) {
+ /* caller didn't want anything */
+ return PR_SUCCESS;
+ }
+
+ status = nssToken_GetCachedObjectAttributes(certObject->token, arenaOpt,
+ certObject, CKO_CERTIFICATE,
+ cert_template, template_size);
+ if (status != PR_SUCCESS) {
+
+ session = sessionOpt ? sessionOpt
+ : nssToken_GetDefaultSession(certObject->token);
+ if (!session) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return PR_FAILURE;
+ }
+
+ slot = nssToken_GetSlot(certObject->token);
+ status = nssCKObject_GetAttributes(certObject->handle,
+ cert_template, template_size,
+ arenaOpt, session, slot);
+ nssSlot_Destroy(slot);
+ if (status != PR_SUCCESS) {
+ return status;
+ }
+ }
+
+ i = 0;
+ if (certTypeOpt) {
+ *certTypeOpt = nss_cert_type_from_ck_attrib(&cert_template[i]);
+ i++;
+ }
+ if (idOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], idOpt);
+ i++;
+ }
+ if (encodingOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], encodingOpt);
+ i++;
+ }
+ if (issuerOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], issuerOpt);
+ i++;
+ }
+ if (serialOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], serialOpt);
+ i++;
+ }
+ if (subjectOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], subjectOpt);
+ i++;
+ }
+ return PR_SUCCESS;
+}
+
+static nssTrustLevel
+get_nss_trust(
+ CK_TRUST ckt)
+{
+ nssTrustLevel t;
+ switch (ckt) {
+ case CKT_NSS_NOT_TRUSTED:
+ t = nssTrustLevel_NotTrusted;
+ break;
+ case CKT_NSS_TRUSTED_DELEGATOR:
+ t = nssTrustLevel_TrustedDelegator;
+ break;
+ case CKT_NSS_VALID_DELEGATOR:
+ t = nssTrustLevel_ValidDelegator;
+ break;
+ case CKT_NSS_TRUSTED:
+ t = nssTrustLevel_Trusted;
+ break;
+ case CKT_NSS_MUST_VERIFY_TRUST:
+ t = nssTrustLevel_MustVerify;
+ break;
+ case CKT_NSS_TRUST_UNKNOWN:
+ default:
+ t = nssTrustLevel_Unknown;
+ break;
+ }
+ return t;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCryptokiTrust_GetAttributes(
+ nssCryptokiObject *trustObject,
+ nssSession *sessionOpt,
+ NSSItem *sha1_hash,
+ nssTrustLevel *serverAuth,
+ nssTrustLevel *clientAuth,
+ nssTrustLevel *codeSigning,
+ nssTrustLevel *emailProtection,
+ PRBool *stepUpApproved)
+{
+ PRStatus status;
+ NSSSlot *slot;
+ nssSession *session;
+ CK_BBOOL isToken = PR_FALSE;
+ CK_BBOOL stepUp = PR_FALSE;
+ CK_TRUST saTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_TRUST caTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_TRUST epTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_TRUST csTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE trust_template[7];
+ CK_ATTRIBUTE_PTR sha1_hash_attr;
+ CK_ULONG trust_size;
+
+ /* Use the trust object to find the trust settings */
+ NSS_CK_TEMPLATE_START(trust_template, attr, trust_size);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TOKEN, isToken);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_SERVER_AUTH, saTrust);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH, caTrust);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, epTrust);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING, csTrust);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_STEP_UP_APPROVED, stepUp);
+ sha1_hash_attr = attr;
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH, sha1_hash);
+ NSS_CK_TEMPLATE_FINISH(trust_template, attr, trust_size);
+
+ status = nssToken_GetCachedObjectAttributes(trustObject->token, NULL,
+ trustObject,
+ CKO_NSS_TRUST,
+ trust_template, trust_size);
+ if (status != PR_SUCCESS) {
+ session = sessionOpt ? sessionOpt
+ : nssToken_GetDefaultSession(trustObject->token);
+ if (!session) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return PR_FAILURE;
+ }
+
+ slot = nssToken_GetSlot(trustObject->token);
+ status = nssCKObject_GetAttributes(trustObject->handle,
+ trust_template, trust_size,
+ NULL, session, slot);
+ nssSlot_Destroy(slot);
+ if (status != PR_SUCCESS) {
+ return status;
+ }
+ }
+
+ if (sha1_hash_attr->ulValueLen == -1) {
+ /* The trust object does not have the CKA_CERT_SHA1_HASH attribute. */
+ sha1_hash_attr->ulValueLen = 0;
+ }
+ sha1_hash->size = sha1_hash_attr->ulValueLen;
+ *serverAuth = get_nss_trust(saTrust);
+ *clientAuth = get_nss_trust(caTrust);
+ *emailProtection = get_nss_trust(epTrust);
+ *codeSigning = get_nss_trust(csTrust);
+ *stepUpApproved = stepUp;
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCryptokiCRL_GetAttributes(
+ nssCryptokiObject *crlObject,
+ nssSession *sessionOpt,
+ NSSArena *arenaOpt,
+ NSSItem *encodingOpt,
+ NSSItem *subjectOpt,
+ CK_ULONG *crl_class,
+ NSSUTF8 **urlOpt,
+ PRBool *isKRLOpt)
+{
+ PRStatus status;
+ NSSSlot *slot;
+ nssSession *session;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE crl_template[7];
+ CK_ULONG crl_size;
+ PRUint32 i;
+
+ NSS_CK_TEMPLATE_START(crl_template, attr, crl_size);
+ if (crl_class) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_CLASS);
+ }
+ if (encodingOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
+ }
+ if (urlOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NSS_URL);
+ }
+ if (isKRLOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NSS_KRL);
+ }
+ if (subjectOpt) {
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SUBJECT);
+ }
+ NSS_CK_TEMPLATE_FINISH(crl_template, attr, crl_size);
+
+ status = nssToken_GetCachedObjectAttributes(crlObject->token, NULL,
+ crlObject,
+ CKO_NSS_CRL,
+ crl_template, crl_size);
+ if (status != PR_SUCCESS) {
+ session = sessionOpt ? sessionOpt
+ : nssToken_GetDefaultSession(crlObject->token);
+ if (session == NULL) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return PR_FAILURE;
+ }
+
+ slot = nssToken_GetSlot(crlObject->token);
+ status = nssCKObject_GetAttributes(crlObject->handle,
+ crl_template, crl_size,
+ arenaOpt, session, slot);
+ nssSlot_Destroy(slot);
+ if (status != PR_SUCCESS) {
+ return status;
+ }
+ }
+
+ i = 0;
+ if (crl_class) {
+ NSS_CK_ATTRIBUTE_TO_ULONG(&crl_template[i], *crl_class);
+ i++;
+ }
+ if (encodingOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&crl_template[i], encodingOpt);
+ i++;
+ }
+ if (urlOpt) {
+ NSS_CK_ATTRIBUTE_TO_UTF8(&crl_template[i], *urlOpt);
+ i++;
+ }
+ if (isKRLOpt) {
+ NSS_CK_ATTRIBUTE_TO_BOOL(&crl_template[i], *isKRLOpt);
+ i++;
+ }
+ if (subjectOpt) {
+ NSS_CK_ATTRIBUTE_TO_ITEM(&crl_template[i], subjectOpt);
+ i++;
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCryptokiPrivateKey_SetCertificate(
+ nssCryptokiObject *keyObject,
+ nssSession *sessionOpt,
+ const NSSUTF8 *nickname,
+ NSSItem *id,
+ NSSDER *subject)
+{
+ CK_RV ckrv;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE key_template[3];
+ CK_ULONG key_size;
+ void *epv = nssToken_GetCryptokiEPV(keyObject->token);
+ nssSession *session;
+ NSSToken *token = keyObject->token;
+ nssSession *defaultSession = nssToken_GetDefaultSession(token);
+ PRBool createdSession = PR_FALSE;
+
+ NSS_CK_TEMPLATE_START(key_template, attr, key_size);
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
+ NSS_CK_TEMPLATE_FINISH(key_template, attr, key_size);
+
+ if (sessionOpt) {
+ if (!nssSession_IsReadWrite(sessionOpt)) {
+ return PR_FAILURE;
+ }
+ session = sessionOpt;
+ } else if (defaultSession && nssSession_IsReadWrite(defaultSession)) {
+ session = defaultSession;
+ } else {
+ NSSSlot *slot = nssToken_GetSlot(token);
+ session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
+ nssSlot_Destroy(slot);
+ if (!session) {
+ return PR_FAILURE;
+ }
+ createdSession = PR_TRUE;
+ }
+
+ ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle,
+ keyObject->handle,
+ key_template,
+ key_size);
+
+ if (createdSession) {
+ nssSession_Destroy(session);
+ }
+
+ return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
+}
diff --git a/security/nss/lib/dev/ckhelper.h b/security/nss/lib/dev/ckhelper.h
new file mode 100644
index 000000000..169fc207d
--- /dev/null
+++ b/security/nss/lib/dev/ckhelper.h
@@ -0,0 +1,148 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * ckhelper.h
+ *
+ * This file contains some helper utilities for interaction with cryptoki.
+ */
+
+#ifndef CKHELPER_H
+#define CKHELPER_H
+
+PR_BEGIN_EXTERN_C
+
+/* Some globals to keep from constantly redeclaring common cryptoki
+ * attribute types on the stack.
+ */
+
+/* Boolean values */
+NSS_EXTERN_DATA const NSSItem g_ck_true;
+NSS_EXTERN_DATA const NSSItem g_ck_false;
+
+/* Object classes */
+NSS_EXTERN_DATA const NSSItem g_ck_class_cert;
+NSS_EXTERN_DATA const NSSItem g_ck_class_pubkey;
+NSS_EXTERN_DATA const NSSItem g_ck_class_privkey;
+
+#define NSS_CK_TEMPLATE_START(_template, attr, size) \
+ attr = _template; \
+ size = 0;
+
+#define NSS_CK_SET_ATTRIBUTE_ITEM(pattr, kind, item) \
+ (pattr)->type = kind; \
+ (pattr)->pValue = (CK_VOID_PTR)(item)->data; \
+ (pattr)->ulValueLen = (CK_ULONG)(item)->size; \
+ (pattr)++;
+
+#define NSS_CK_SET_ATTRIBUTE_UTF8(pattr, kind, utf8) \
+ (pattr)->type = kind; \
+ (pattr)->pValue = (CK_VOID_PTR)utf8; \
+ (pattr)->ulValueLen = (CK_ULONG)nssUTF8_Size(utf8, NULL); \
+ if ((pattr)->ulValueLen) \
+ ((pattr)->ulValueLen)--; \
+ (pattr)++;
+
+#define NSS_CK_SET_ATTRIBUTE_VAR(pattr, kind, var) \
+ (pattr)->type = kind; \
+ (pattr)->pValue = (CK_VOID_PTR)&var; \
+ (pattr)->ulValueLen = (CK_ULONG)sizeof(var); \
+ (pattr)++;
+
+#define NSS_CK_SET_ATTRIBUTE_NULL(pattr, kind) \
+ (pattr)->type = kind; \
+ (pattr)->pValue = (CK_VOID_PTR)NULL; \
+ (pattr)->ulValueLen = 0; \
+ (pattr)++;
+
+#define NSS_CK_TEMPLATE_FINISH(_template, attr, size) \
+ size = (attr) - (_template); \
+ PR_ASSERT(size <= sizeof(_template) / sizeof(_template[0]));
+
+/* NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item)
+ *
+ * Convert a CK_ATTRIBUTE to an NSSItem.
+ */
+#define NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item) \
+ if ((CK_LONG)(attrib)->ulValueLen > 0) { \
+ (item)->data = (void *)(attrib)->pValue; \
+ (item)->size = (PRUint32)(attrib)->ulValueLen; \
+ } else { \
+ (item)->data = 0; \
+ (item)->size = 0; \
+ }
+
+#define NSS_CK_ATTRIBUTE_TO_BOOL(attrib, boolvar) \
+ if ((attrib)->ulValueLen > 0) { \
+ if (*((CK_BBOOL *)(attrib)->pValue) == CK_TRUE) { \
+ boolvar = PR_TRUE; \
+ } else { \
+ boolvar = PR_FALSE; \
+ } \
+ }
+
+#define NSS_CK_ATTRIBUTE_TO_ULONG(attrib, ulongvar) \
+ if ((attrib)->ulValueLen > 0) { \
+ ulongvar = *((CK_ULONG *)(attrib)->pValue); \
+ }
+
+/* NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str)
+ *
+ * Convert a CK_ATTRIBUTE to a string.
+ */
+#define NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str) \
+ str = (NSSUTF8 *)((attrib)->pValue);
+
+/* NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib)
+ *
+ * Convert an NSSItem to a CK_ATTRIBUTE.
+ */
+#define NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib) \
+ (attrib)->pValue = (CK_VOID_PTR)(item)->data; \
+ (attrib)->ulValueLen = (CK_ULONG)(item)->size;
+
+/* Get an array of attributes from an object. */
+NSS_EXTERN PRStatus
+nssCKObject_GetAttributes(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_PTR obj_template,
+ CK_ULONG count,
+ NSSArena *arenaOpt,
+ nssSession *session,
+ NSSSlot *slot);
+
+/* Get a single attribute as an item. */
+NSS_EXTERN PRStatus
+nssCKObject_GetAttributeItem(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_TYPE attribute,
+ NSSArena *arenaOpt,
+ nssSession *session,
+ NSSSlot *slot,
+ NSSItem *rvItem);
+
+NSS_EXTERN PRBool
+nssCKObject_IsAttributeTrue(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_TYPE attribute,
+ nssSession *session,
+ NSSSlot *slot,
+ PRStatus *rvStatus);
+
+NSS_EXTERN PRStatus
+nssCKObject_SetAttributes(
+ CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE_PTR obj_template,
+ CK_ULONG count,
+ nssSession *session,
+ NSSSlot *slot);
+
+NSS_EXTERN PRBool
+nssCKObject_IsTokenObjectTemplate(
+ CK_ATTRIBUTE_PTR objectTemplate,
+ CK_ULONG otsize);
+
+PR_END_EXTERN_C
+
+#endif /* CKHELPER_H */
diff --git a/security/nss/lib/dev/config.mk b/security/nss/lib/dev/config.mk
new file mode 100644
index 000000000..2676cd537
--- /dev/null
+++ b/security/nss/lib/dev/config.mk
@@ -0,0 +1,19 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef BUILD_IDG
+DEFINES += -DNSSDEBUG
+endif
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/dev/dev.gyp b/security/nss/lib/dev/dev.gyp
new file mode 100644
index 000000000..dfa8f7e3e
--- /dev/null
+++ b/security/nss/lib/dev/dev.gyp
@@ -0,0 +1,26 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nssdev',
+ 'type': 'static_library',
+ 'sources': [
+ 'ckhelper.c',
+ 'devslot.c',
+ 'devtoken.c',
+ 'devutil.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h
new file mode 100644
index 000000000..7e64e7612
--- /dev/null
+++ b/security/nss/lib/dev/dev.h
@@ -0,0 +1,747 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEV_H
+#define DEV_H
+
+/*
+ * dev.h
+ *
+ * Low-level methods for interaction with cryptoki devices
+ */
+
+#ifndef NSSDEV_H
+#include "nssdev.h"
+#endif /* NSSDEV_H */
+
+#ifndef DEVT_H
+#include "devt.h"
+#endif /* DEVT_H */
+
+PR_BEGIN_EXTERN_C
+
+/* the global module list
+ *
+ * These functions are for managing the global set of modules. Trust Domains,
+ * etc., will draw from this set. These functions are completely internal
+ * and only invoked when there are changes to the global module state
+ * (load or unload).
+ *
+ * nss_InitializeGlobalModuleList
+ * nss_DestroyGlobalModuleList
+ * nss_GetLoadedModules
+ *
+ * nssGlobalModuleList_Add
+ * nssGlobalModuleList_Remove
+ * nssGlobalModuleList_FindModuleByName
+ * nssGlobalModuleList_FindSlotByName
+ * nssGlobalModuleList_FindTokenByName
+ */
+
+NSS_EXTERN PRStatus
+nss_InitializeGlobalModuleList(
+ void);
+
+NSS_EXTERN PRStatus
+nss_DestroyGlobalModuleList(
+ void);
+
+NSS_EXTERN NSSModule **
+nss_GetLoadedModules(
+ void);
+
+NSS_EXTERN PRStatus
+nssGlobalModuleList_Add(
+ NSSModule *module);
+
+NSS_EXTERN PRStatus
+nssGlobalModuleList_Remove(
+ NSSModule *module);
+
+NSS_EXTERN NSSModule *
+nssGlobalModuleList_FindModuleByName(
+ NSSUTF8 *moduleName);
+
+NSS_EXTERN NSSSlot *
+nssGlobalModuleList_FindSlotByName(
+ NSSUTF8 *slotName);
+
+NSS_EXTERN NSSToken *
+nssGlobalModuleList_FindTokenByName(
+ NSSUTF8 *tokenName);
+
+NSS_EXTERN NSSToken *
+nss_GetDefaultCryptoToken(
+ void);
+
+NSS_EXTERN NSSToken *
+nss_GetDefaultDatabaseToken(
+ void);
+
+/*
+ * |-----------|<---> NSSSlot <--> NSSToken
+ * | NSSModule |<---> NSSSlot <--> NSSToken
+ * |-----------|<---> NSSSlot <--> NSSToken
+ */
+
+/* NSSModule
+ *
+ * nssModule_Create
+ * nssModule_CreateFromSpec
+ * nssModule_AddRef
+ * nssModule_GetName
+ * nssModule_GetSlots
+ * nssModule_FindSlotByName
+ * nssModule_FindTokenByName
+ * nssModule_GetCertOrder
+ */
+
+NSS_EXTERN NSSModule *
+nssModule_Create(
+ NSSUTF8 *moduleOpt,
+ NSSUTF8 *uriOpt,
+ NSSUTF8 *opaqueOpt,
+ void *reserved);
+
+/* This is to use the new loading mechanism. */
+NSS_EXTERN NSSModule *
+nssModule_CreateFromSpec(
+ NSSUTF8 *moduleSpec,
+ NSSModule *parent,
+ PRBool loadSubModules);
+
+NSS_EXTERN PRStatus
+nssModule_Destroy(
+ NSSModule *mod);
+
+NSS_EXTERN NSSModule *
+nssModule_AddRef(
+ NSSModule *mod);
+
+NSS_EXTERN NSSUTF8 *
+nssModule_GetName(
+ NSSModule *mod);
+
+NSS_EXTERN NSSSlot **
+nssModule_GetSlots(
+ NSSModule *mod);
+
+NSS_EXTERN NSSSlot *
+nssModule_FindSlotByName(
+ NSSModule *mod,
+ NSSUTF8 *slotName);
+
+NSS_EXTERN NSSToken *
+nssModule_FindTokenByName(
+ NSSModule *mod,
+ NSSUTF8 *tokenName);
+
+NSS_EXTERN PRInt32
+nssModule_GetCertOrder(
+ NSSModule *module);
+
+/* NSSSlot
+ *
+ * nssSlot_Destroy
+ * nssSlot_AddRef
+ * nssSlot_GetName
+ * nssSlot_GetTokenName
+ * nssSlot_IsTokenPresent
+ * nssSlot_IsPermanent
+ * nssSlot_IsFriendly
+ * nssSlot_IsHardware
+ * nssSlot_Refresh
+ * nssSlot_GetModule
+ * nssSlot_GetToken
+ * nssSlot_Login
+ * nssSlot_Logout
+ * nssSlot_SetPassword
+ * nssSlot_CreateSession
+ */
+
+NSS_EXTERN PRStatus
+nssSlot_Destroy(
+ NSSSlot *slot);
+
+NSS_EXTERN NSSSlot *
+nssSlot_AddRef(
+ NSSSlot *slot);
+
+NSS_EXTERN void
+nssSlot_ResetDelay(
+ NSSSlot *slot);
+
+NSS_EXTERN NSSUTF8 *
+nssSlot_GetName(
+ NSSSlot *slot);
+
+NSS_EXTERN NSSUTF8 *
+nssSlot_GetTokenName(
+ NSSSlot *slot);
+
+NSS_EXTERN NSSModule *
+nssSlot_GetModule(
+ NSSSlot *slot);
+
+NSS_EXTERN NSSToken *
+nssSlot_GetToken(
+ NSSSlot *slot);
+
+NSS_EXTERN PRBool
+nssSlot_IsTokenPresent(
+ NSSSlot *slot);
+
+NSS_EXTERN PRBool
+nssSlot_IsPermanent(
+ NSSSlot *slot);
+
+NSS_EXTERN PRBool
+nssSlot_IsFriendly(
+ NSSSlot *slot);
+
+NSS_EXTERN PRBool
+nssSlot_IsHardware(
+ NSSSlot *slot);
+
+NSS_EXTERN PRBool
+nssSlot_IsLoggedIn(
+ NSSSlot *slot);
+
+NSS_EXTERN PRStatus
+nssSlot_Refresh(
+ NSSSlot *slot);
+
+NSS_EXTERN PRStatus
+nssSlot_Login(
+ NSSSlot *slot,
+ NSSCallback *pwcb);
+extern const NSSError NSS_ERROR_INVALID_PASSWORD;
+extern const NSSError NSS_ERROR_USER_CANCELED;
+
+NSS_EXTERN PRStatus
+nssSlot_Logout(
+ NSSSlot *slot,
+ nssSession *sessionOpt);
+
+NSS_EXTERN void
+nssSlot_EnterMonitor(
+ NSSSlot *slot);
+
+NSS_EXTERN void
+nssSlot_ExitMonitor(
+ NSSSlot *slot);
+
+#define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1
+#define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0
+NSS_EXTERN void
+nssSlot_SetPasswordDefaults(
+ NSSSlot *slot,
+ PRInt32 askPasswordTimeout);
+
+NSS_EXTERN PRStatus
+nssSlot_SetPassword(
+ NSSSlot *slot,
+ NSSUTF8 *oldPasswordOpt,
+ NSSUTF8 *newPassword);
+extern const NSSError NSS_ERROR_INVALID_PASSWORD;
+extern const NSSError NSS_ERROR_USER_CANCELED;
+
+/*
+ * nssSlot_IsLoggedIn
+ */
+
+NSS_EXTERN nssSession *
+nssSlot_CreateSession(
+ NSSSlot *slot,
+ NSSArena *arenaOpt,
+ PRBool readWrite /* so far, this is the only flag used */
+ );
+
+/* NSSToken
+ *
+ * nssToken_Destroy
+ * nssToken_AddRef
+ * nssToken_GetName
+ * nssToken_GetModule
+ * nssToken_GetSlot
+ * nssToken_NeedsPINInitialization
+ * nssToken_ImportCertificate
+ * nssToken_ImportTrust
+ * nssToken_ImportCRL
+ * nssToken_GenerateKeyPair
+ * nssToken_GenerateSymmetricKey
+ * nssToken_DeleteStoredObject
+ * nssToken_FindObjects
+ * nssToken_FindCertificatesBySubject
+ * nssToken_FindCertificatesByNickname
+ * nssToken_FindCertificatesByEmail
+ * nssToken_FindCertificateByIssuerAndSerialNumber
+ * nssToken_FindCertificateByEncodedCertificate
+ * nssToken_FindTrustForCertificate
+ * nssToken_FindCRLsBySubject
+ * nssToken_FindPrivateKeys
+ * nssToken_FindPrivateKeyByID
+ * nssToken_Digest
+ * nssToken_BeginDigest
+ * nssToken_ContinueDigest
+ * nssToken_FinishDigest
+ */
+
+NSS_EXTERN PRStatus
+nssToken_Destroy(
+ NSSToken *tok);
+
+NSS_EXTERN NSSToken *
+nssToken_AddRef(
+ NSSToken *tok);
+
+NSS_EXTERN NSSUTF8 *
+nssToken_GetName(
+ NSSToken *tok);
+
+NSS_EXTERN NSSModule *
+nssToken_GetModule(
+ NSSToken *token);
+
+NSS_EXTERN NSSSlot *
+nssToken_GetSlot(
+ NSSToken *tok);
+
+NSS_EXTERN PRBool
+nssToken_NeedsPINInitialization(
+ NSSToken *token);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_ImportCertificate(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSCertificateType certType,
+ NSSItem *id,
+ const NSSUTF8 *nickname,
+ NSSDER *encoding,
+ NSSDER *issuer,
+ NSSDER *subject,
+ NSSDER *serial,
+ NSSASCII7 *emailAddr,
+ PRBool asTokenObject);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_ImportTrust(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSDER *certEncoding,
+ NSSDER *certIssuer,
+ NSSDER *certSerial,
+ nssTrustLevel serverAuth,
+ nssTrustLevel clientAuth,
+ nssTrustLevel codeSigning,
+ nssTrustLevel emailProtection,
+ PRBool stepUpApproved,
+ PRBool asTokenObject);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_ImportCRL(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *subject,
+ NSSDER *encoding,
+ PRBool isKRL,
+ NSSUTF8 *url,
+ PRBool asTokenObject);
+
+/* Permanently remove an object from the token. */
+NSS_EXTERN PRStatus
+nssToken_DeleteStoredObject(
+ nssCryptokiObject *instance);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindObjects(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ CK_OBJECT_CLASS objclass,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindCertificatesBySubject(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *subject,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindCertificatesByNickname(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ const NSSUTF8 *name,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindCertificatesByEmail(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSASCII7 *email,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindCertificatesByID(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSItem *id,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_FindCertificateByIssuerAndSerialNumber(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *issuer,
+ NSSDER *serial,
+ nssTokenSearchType searchType,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_FindCertificateByEncodedCertificate(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSBER *encodedCertificate,
+ nssTokenSearchType searchType,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_FindTrustForCertificate(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *certEncoding,
+ NSSDER *certIssuer,
+ NSSDER *certSerial,
+ nssTokenSearchType searchType);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindCRLsBySubject(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *subject,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject **
+nssToken_FindPrivateKeys(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_FindPrivateKeyByID(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSItem *keyID);
+
+NSS_EXTERN nssCryptokiObject *
+nssToken_FindPublicKeyByID(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSItem *keyID);
+
+NSS_EXTERN NSSItem *
+nssToken_Digest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSAlgorithmAndParameters *ap,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN PRStatus
+nssToken_BeginDigest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSAlgorithmAndParameters *ap);
+
+NSS_EXTERN PRStatus
+nssToken_ContinueDigest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSItem *item);
+
+NSS_EXTERN NSSItem *
+nssToken_FinishDigest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/* nssSession
+ *
+ * nssSession_Destroy
+ * nssSession_EnterMonitor
+ * nssSession_ExitMonitor
+ * nssSession_IsReadWrite
+ */
+
+NSS_EXTERN PRStatus
+nssSession_Destroy(
+ nssSession *s);
+
+/* would like to inline */
+NSS_EXTERN PRStatus
+nssSession_EnterMonitor(
+ nssSession *s);
+
+/* would like to inline */
+NSS_EXTERN PRStatus
+nssSession_ExitMonitor(
+ nssSession *s);
+
+/* would like to inline */
+NSS_EXTERN PRBool
+nssSession_IsReadWrite(
+ nssSession *s);
+
+/* nssCryptokiObject
+ *
+ * An object living on a cryptoki token.
+ * Not really proper to mix up the object types just because
+ * nssCryptokiObject itself is generic, but doing so anyway.
+ *
+ * nssCryptokiObject_Destroy
+ * nssCryptokiObject_Equal
+ * nssCryptokiObject_Clone
+ * nssCryptokiCertificate_GetAttributes
+ * nssCryptokiPrivateKey_GetAttributes
+ * nssCryptokiPublicKey_GetAttributes
+ * nssCryptokiTrust_GetAttributes
+ * nssCryptokiCRL_GetAttributes
+ */
+
+NSS_EXTERN void
+nssCryptokiObject_Destroy(
+ nssCryptokiObject *object);
+
+NSS_EXTERN PRBool
+nssCryptokiObject_Equal(
+ nssCryptokiObject *object1,
+ nssCryptokiObject *object2);
+
+NSS_EXTERN nssCryptokiObject *
+nssCryptokiObject_Clone(
+ nssCryptokiObject *object);
+
+NSS_EXTERN PRStatus
+nssCryptokiCertificate_GetAttributes(
+ nssCryptokiObject *object,
+ nssSession *sessionOpt,
+ NSSArena *arenaOpt,
+ NSSCertificateType *certTypeOpt,
+ NSSItem *idOpt,
+ NSSDER *encodingOpt,
+ NSSDER *issuerOpt,
+ NSSDER *serialOpt,
+ NSSDER *subjectOpt);
+
+NSS_EXTERN PRStatus
+nssCryptokiTrust_GetAttributes(
+ nssCryptokiObject *trustObject,
+ nssSession *sessionOpt,
+ NSSItem *sha1_hash,
+ nssTrustLevel *serverAuth,
+ nssTrustLevel *clientAuth,
+ nssTrustLevel *codeSigning,
+ nssTrustLevel *emailProtection,
+ PRBool *stepUpApproved);
+
+NSS_EXTERN PRStatus
+nssCryptokiCRL_GetAttributes(
+ nssCryptokiObject *crlObject,
+ nssSession *sessionOpt,
+ NSSArena *arenaOpt,
+ NSSItem *encodingOpt,
+ NSSItem *subjectOpt,
+ CK_ULONG *crl_class,
+ NSSUTF8 **urlOpt,
+ PRBool *isKRLOpt);
+
+/* I'm including this to handle import of certificates in NSS 3.5. This
+ * function will set the cert-related attributes of a key, in order to
+ * associate it with a cert. Does it stay like this for 4.0?
+ */
+NSS_EXTERN PRStatus
+nssCryptokiPrivateKey_SetCertificate(
+ nssCryptokiObject *keyObject,
+ nssSession *sessionOpt,
+ const NSSUTF8 *nickname,
+ NSSItem *id,
+ NSSDER *subject);
+
+NSS_EXTERN void
+nssModuleArray_Destroy(
+ NSSModule **modules);
+
+/* nssSlotArray
+ *
+ * nssSlotArray_Destroy
+ */
+
+NSS_EXTERN void
+nssSlotArray_Destroy(
+ NSSSlot **slots);
+
+/* nssTokenArray
+ *
+ * nssTokenArray_Destroy
+ */
+
+NSS_EXTERN void
+nssTokenArray_Destroy(
+ NSSToken **tokens);
+
+/* nssCryptokiObjectArray
+ *
+ * nssCryptokiObjectArray_Destroy
+ */
+NSS_EXTERN void
+nssCryptokiObjectArray_Destroy(
+ nssCryptokiObject **object);
+
+/* nssSlotList
+ *
+ * An ordered list of slots. The order can be anything, it is set in the
+ * Add methods. Perhaps it should be CreateInCertOrder, ...?
+ *
+ * nssSlotList_Create
+ * nssSlotList_Destroy
+ * nssSlotList_Add
+ * nssSlotList_AddModuleSlots
+ * nssSlotList_GetSlots
+ * nssSlotList_FindSlotByName
+ * nssSlotList_FindTokenByName
+ * nssSlotList_GetBestSlot
+ * nssSlotList_GetBestSlotForAlgorithmAndParameters
+ * nssSlotList_GetBestSlotForAlgorithmsAndParameters
+ */
+
+/* nssSlotList_Create
+ */
+NSS_EXTERN nssSlotList *
+nssSlotList_Create(
+ NSSArena *arenaOpt);
+
+/* nssSlotList_Destroy
+ */
+NSS_EXTERN void
+nssSlotList_Destroy(
+ nssSlotList *slotList);
+
+/* nssSlotList_Add
+ *
+ * Add the given slot in the given order.
+ */
+NSS_EXTERN PRStatus
+nssSlotList_Add(
+ nssSlotList *slotList,
+ NSSSlot *slot,
+ PRUint32 order);
+
+/* nssSlotList_AddModuleSlots
+ *
+ * Add all slots in the module, in the given order (the slots will have
+ * equal weight).
+ */
+NSS_EXTERN PRStatus
+nssSlotList_AddModuleSlots(
+ nssSlotList *slotList,
+ NSSModule *module,
+ PRUint32 order);
+
+/* nssSlotList_GetSlots
+ */
+NSS_EXTERN NSSSlot **
+nssSlotList_GetSlots(
+ nssSlotList *slotList);
+
+/* nssSlotList_FindSlotByName
+ */
+NSS_EXTERN NSSSlot *
+nssSlotList_FindSlotByName(
+ nssSlotList *slotList,
+ NSSUTF8 *slotName);
+
+/* nssSlotList_FindTokenByName
+ */
+NSS_EXTERN NSSToken *
+nssSlotList_FindTokenByName(
+ nssSlotList *slotList,
+ NSSUTF8 *tokenName);
+
+/* nssSlotList_GetBestSlot
+ *
+ * The best slot is the highest ranking in order, i.e., the first in the
+ * list.
+ */
+NSS_EXTERN NSSSlot *
+nssSlotList_GetBestSlot(
+ nssSlotList *slotList);
+
+/* nssSlotList_GetBestSlotForAlgorithmAndParameters
+ *
+ * Highest-ranking slot than can handle algorithm/parameters.
+ */
+NSS_EXTERN NSSSlot *
+nssSlotList_GetBestSlotForAlgorithmAndParameters(
+ nssSlotList *slotList,
+ NSSAlgorithmAndParameters *ap);
+
+/* nssSlotList_GetBestSlotForAlgorithmsAndParameters
+ *
+ * Highest-ranking slot than can handle all algorithms/parameters.
+ */
+NSS_EXTERN NSSSlot *
+nssSlotList_GetBestSlotForAlgorithmsAndParameters(
+ nssSlotList *slotList,
+ NSSAlgorithmAndParameters **ap);
+
+NSS_EXTERN PRBool
+nssToken_IsPresent(
+ NSSToken *token);
+
+NSS_EXTERN nssSession *
+nssToken_GetDefaultSession(
+ NSSToken *token);
+
+NSS_EXTERN PRStatus
+nssToken_GetTrustOrder(
+ NSSToken *tok);
+
+NSS_EXTERN PRStatus
+nssToken_NotifyCertsNotVisible(
+ NSSToken *tok);
+
+NSS_EXTERN PRStatus
+nssToken_TraverseCertificates(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ nssTokenSearchType searchType,
+ PRStatus (*callback)(nssCryptokiObject *instance, void *arg),
+ void *arg);
+
+NSS_EXTERN PRBool
+nssToken_IsPrivateKeyAvailable(
+ NSSToken *token,
+ NSSCertificate *c,
+ nssCryptokiObject *instance);
+
+PR_END_EXTERN_C
+
+#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devm.h b/security/nss/lib/dev/devm.h
new file mode 100644
index 000000000..16acf649f
--- /dev/null
+++ b/security/nss/lib/dev/devm.h
@@ -0,0 +1,157 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEVM_H
+#define DEVM_H
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#ifndef DEV_H
+#include "dev.h"
+#endif /* DEV_H */
+
+#ifndef DEVTM_H
+#include "devtm.h"
+#endif /* DEVTM_H */
+
+PR_BEGIN_EXTERN_C
+
+/* Shortcut to cryptoki API functions. */
+#define CKAPI(epv) \
+ ((CK_FUNCTION_LIST_PTR)(epv))
+
+NSS_EXTERN void
+nssDevice_AddRef(
+ struct nssDeviceBaseStr *device);
+
+NSS_EXTERN PRBool
+nssDevice_Destroy(
+ struct nssDeviceBaseStr *device);
+
+NSS_EXTERN PRBool
+nssModule_IsThreadSafe(
+ NSSModule *module);
+
+NSS_EXTERN PRBool
+nssModule_IsInternal(
+ NSSModule *mod);
+
+NSS_EXTERN PRBool
+nssModule_IsModuleDBOnly(
+ NSSModule *mod);
+
+NSS_EXTERN void *
+nssModule_GetCryptokiEPV(
+ NSSModule *mod);
+
+NSS_EXTERN NSSSlot *
+nssSlot_Create(
+ CK_SLOT_ID slotId,
+ NSSModule *parent);
+
+NSS_EXTERN void *
+nssSlot_GetCryptokiEPV(
+ NSSSlot *slot);
+
+NSS_EXTERN NSSToken *
+nssToken_Create(
+ CK_SLOT_ID slotID,
+ NSSSlot *peer);
+
+NSS_EXTERN void *
+nssToken_GetCryptokiEPV(
+ NSSToken *token);
+
+NSS_EXTERN nssSession *
+nssToken_GetDefaultSession(
+ NSSToken *token);
+
+NSS_EXTERN PRBool
+nssToken_IsLoginRequired(
+ NSSToken *token);
+
+NSS_EXTERN void
+nssToken_Remove(
+ NSSToken *token);
+
+NSS_EXTERN nssCryptokiObject *
+nssCryptokiObject_Create(
+ NSSToken *t,
+ nssSession *session,
+ CK_OBJECT_HANDLE h);
+
+NSS_EXTERN nssTokenObjectCache *
+nssTokenObjectCache_Create(
+ NSSToken *token,
+ PRBool cacheCerts,
+ PRBool cacheTrust,
+ PRBool cacheCRLs);
+
+NSS_EXTERN void
+nssTokenObjectCache_Destroy(
+ nssTokenObjectCache *cache);
+
+NSS_EXTERN void
+nssTokenObjectCache_Clear(
+ nssTokenObjectCache *cache);
+
+NSS_EXTERN PRBool
+nssTokenObjectCache_HaveObjectClass(
+ nssTokenObjectCache *cache,
+ CK_OBJECT_CLASS objclass);
+
+NSS_EXTERN nssCryptokiObject **
+nssTokenObjectCache_FindObjectsByTemplate(
+ nssTokenObjectCache *cache,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR otemplate,
+ CK_ULONG otlen,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt);
+
+NSS_EXTERN PRStatus
+nssTokenObjectCache_GetObjectAttributes(
+ nssTokenObjectCache *cache,
+ NSSArena *arenaOpt,
+ nssCryptokiObject *object,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR atemplate,
+ CK_ULONG atlen);
+
+NSS_EXTERN PRStatus
+nssTokenObjectCache_ImportObject(
+ nssTokenObjectCache *cache,
+ nssCryptokiObject *object,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR ot,
+ CK_ULONG otlen);
+
+NSS_EXTERN void
+nssTokenObjectCache_RemoveObject(
+ nssTokenObjectCache *cache,
+ nssCryptokiObject *object);
+
+/* XXX allows peek back into token */
+NSS_EXTERN PRStatus
+nssToken_GetCachedObjectAttributes(
+ NSSToken *token,
+ NSSArena *arenaOpt,
+ nssCryptokiObject *object,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR atemplate,
+ CK_ULONG atlen);
+
+/* PKCS#11 stores strings in a fixed-length buffer padded with spaces. This
+ * function gets the length of the actual string.
+ */
+NSS_EXTERN PRUint32
+nssPKCS11String_Length(
+ CK_CHAR *pkcs11str,
+ PRUint32 bufLen);
+
+PR_END_EXTERN_C
+
+#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devslot.c b/security/nss/lib/dev/devslot.c
new file mode 100644
index 000000000..5b0bb371a
--- /dev/null
+++ b/security/nss/lib/dev/devslot.c
@@ -0,0 +1,247 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkcs11.h"
+
+#ifndef DEVM_H
+#include "devm.h"
+#endif /* DEVM_H */
+
+#ifndef CKHELPER_H
+#include "ckhelper.h"
+#endif /* CKHELPER_H */
+
+#include "pk11pub.h"
+
+/* measured in seconds */
+#define NSSSLOT_TOKEN_DELAY_TIME 1
+
+/* this should track global and per-transaction login information */
+
+#define NSSSLOT_IS_FRIENDLY(slot) \
+ (slot->base.flags & NSSSLOT_FLAGS_FRIENDLY)
+
+/* measured as interval */
+static PRIntervalTime s_token_delay_time = 0;
+
+NSS_IMPLEMENT PRStatus
+nssSlot_Destroy(
+ NSSSlot *slot)
+{
+ if (slot) {
+ if (PR_ATOMIC_DECREMENT(&slot->base.refCount) == 0) {
+ PZ_DestroyLock(slot->base.lock);
+ return nssArena_Destroy(slot->base.arena);
+ }
+ }
+ return PR_SUCCESS;
+}
+
+void
+nssSlot_EnterMonitor(NSSSlot *slot)
+{
+ if (slot->lock) {
+ PZ_Lock(slot->lock);
+ }
+}
+
+void
+nssSlot_ExitMonitor(NSSSlot *slot)
+{
+ if (slot->lock) {
+ PZ_Unlock(slot->lock);
+ }
+}
+
+NSS_IMPLEMENT void
+NSSSlot_Destroy(
+ NSSSlot *slot)
+{
+ (void)nssSlot_Destroy(slot);
+}
+
+NSS_IMPLEMENT NSSSlot *
+nssSlot_AddRef(
+ NSSSlot *slot)
+{
+ PR_ATOMIC_INCREMENT(&slot->base.refCount);
+ return slot;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nssSlot_GetName(
+ NSSSlot *slot)
+{
+ return slot->base.name;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nssSlot_GetTokenName(
+ NSSSlot *slot)
+{
+ return nssToken_GetName(slot->token);
+}
+
+NSS_IMPLEMENT void
+nssSlot_ResetDelay(
+ NSSSlot *slot)
+{
+ slot->lastTokenPing = 0;
+}
+
+static PRBool
+within_token_delay_period(NSSSlot *slot)
+{
+ PRIntervalTime time, lastTime;
+ /* Set the delay time for checking the token presence */
+ if (s_token_delay_time == 0) {
+ s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
+ }
+ time = PR_IntervalNow();
+ lastTime = slot->lastTokenPing;
+ if ((lastTime) && ((time - lastTime) < s_token_delay_time)) {
+ return PR_TRUE;
+ }
+ slot->lastTokenPing = time;
+ return PR_FALSE;
+}
+
+NSS_IMPLEMENT PRBool
+nssSlot_IsTokenPresent(
+ NSSSlot *slot)
+{
+ CK_RV ckrv;
+ PRStatus nssrv;
+ /* XXX */
+ nssSession *session;
+ CK_SLOT_INFO slotInfo;
+ void *epv;
+ /* permanent slots are always present unless they're disabled */
+ if (nssSlot_IsPermanent(slot)) {
+ return !PK11_IsDisabled(slot->pk11slot);
+ }
+ /* avoid repeated calls to check token status within set interval */
+ if (within_token_delay_period(slot)) {
+ return ((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
+ }
+
+ /* First obtain the slot info */
+ epv = slot->epv;
+ if (!epv) {
+ return PR_FALSE;
+ }
+ nssSlot_EnterMonitor(slot);
+ ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
+ nssSlot_ExitMonitor(slot);
+ if (ckrv != CKR_OK) {
+ slot->token->base.name[0] = 0; /* XXX */
+ return PR_FALSE;
+ }
+ slot->ckFlags = slotInfo.flags;
+ /* check for the presence of the token */
+ if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
+ if (!slot->token) {
+ /* token was never present */
+ return PR_FALSE;
+ }
+ session = nssToken_GetDefaultSession(slot->token);
+ if (session) {
+ nssSession_EnterMonitor(session);
+ /* token is not present */
+ if (session->handle != CK_INVALID_SESSION) {
+ /* session is valid, close and invalidate it */
+ CKAPI(epv)
+ ->C_CloseSession(session->handle);
+ session->handle = CK_INVALID_SESSION;
+ }
+ nssSession_ExitMonitor(session);
+ }
+ if (slot->token->base.name[0] != 0) {
+ /* notify the high-level cache that the token is removed */
+ slot->token->base.name[0] = 0; /* XXX */
+ nssToken_NotifyCertsNotVisible(slot->token);
+ }
+ slot->token->base.name[0] = 0; /* XXX */
+ /* clear the token cache */
+ nssToken_Remove(slot->token);
+ return PR_FALSE;
+ }
+ /* token is present, use the session info to determine if the card
+ * has been removed and reinserted.
+ */
+ session = nssToken_GetDefaultSession(slot->token);
+ if (session) {
+ PRBool isPresent = PR_FALSE;
+ nssSession_EnterMonitor(session);
+ if (session->handle != CK_INVALID_SESSION) {
+ CK_SESSION_INFO sessionInfo;
+ ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
+ if (ckrv != CKR_OK) {
+ /* session is screwy, close and invalidate it */
+ CKAPI(epv)
+ ->C_CloseSession(session->handle);
+ session->handle = CK_INVALID_SESSION;
+ }
+ }
+ isPresent = session->handle != CK_INVALID_SESSION;
+ nssSession_ExitMonitor(session);
+ /* token not removed, finished */
+ if (isPresent)
+ return PR_TRUE;
+ }
+ /* the token has been removed, and reinserted, or the slot contains
+ * a token it doesn't recognize. invalidate all the old
+ * information we had on this token, if we can't refresh, clear
+ * the present flag */
+ nssToken_NotifyCertsNotVisible(slot->token);
+ nssToken_Remove(slot->token);
+ /* token has been removed, need to refresh with new session */
+ nssrv = nssSlot_Refresh(slot);
+ if (nssrv != PR_SUCCESS) {
+ slot->token->base.name[0] = 0; /* XXX */
+ slot->ckFlags &= ~CKF_TOKEN_PRESENT;
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+NSS_IMPLEMENT void *
+nssSlot_GetCryptokiEPV(
+ NSSSlot *slot)
+{
+ return slot->epv;
+}
+
+NSS_IMPLEMENT NSSToken *
+nssSlot_GetToken(
+ NSSSlot *slot)
+{
+ if (nssSlot_IsTokenPresent(slot)) {
+ return nssToken_AddRef(slot->token);
+ }
+ return (NSSToken *)NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSession_EnterMonitor(
+ nssSession *s)
+{
+ if (s->lock)
+ PZ_Lock(s->lock);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSession_ExitMonitor(
+ nssSession *s)
+{
+ return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
+}
+
+NSS_EXTERN PRBool
+nssSession_IsReadWrite(
+ nssSession *s)
+{
+ return s->isRW;
+}
diff --git a/security/nss/lib/dev/devt.h b/security/nss/lib/dev/devt.h
new file mode 100644
index 000000000..db93deb12
--- /dev/null
+++ b/security/nss/lib/dev/devt.h
@@ -0,0 +1,147 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEVT_H
+#define DEVT_H
+
+/*
+ * devt.h
+ *
+ * This file contains definitions for the low-level cryptoki devices.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSPKIT_H
+#include "nsspkit.h"
+#endif /* NSSPKIT_H */
+
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
+#ifndef BASET_H
+#include "baset.h"
+#endif /* BASET_H */
+
+#include "secmodt.h"
+
+PR_BEGIN_EXTERN_C
+
+typedef struct nssSessionStr nssSession;
+
+/* XXX until NSSTokenStr is moved */
+struct nssDeviceBaseStr {
+ NSSArena *arena;
+ PZLock *lock;
+ PRInt32 refCount;
+ NSSUTF8 *name;
+ PRUint32 flags;
+};
+
+typedef struct nssTokenObjectCacheStr nssTokenObjectCache;
+
+/* XXX until devobject.c goes away */
+struct NSSTokenStr {
+ struct nssDeviceBaseStr base;
+ NSSSlot *slot; /* Parent (or peer, if you will) */
+ CK_FLAGS ckFlags; /* from CK_TOKEN_INFO.flags */
+ PRUint32 flags;
+ void *epv;
+ nssSession *defaultSession;
+ NSSTrustDomain *trustDomain;
+ PRIntervalTime lastTime;
+ nssTokenObjectCache *cache;
+ PK11SlotInfo *pk11slot;
+};
+
+typedef enum {
+ nssSlotAskPasswordTimes_FirstTime = 0,
+ nssSlotAskPasswordTimes_EveryTime = 1,
+ nssSlotAskPasswordTimes_Timeout = 2
+} nssSlotAskPasswordTimes;
+
+struct nssSlotAuthInfoStr {
+ PRTime lastLogin;
+ nssSlotAskPasswordTimes askTimes;
+ PRIntervalTime askPasswordTimeout;
+};
+
+struct NSSSlotStr {
+ struct nssDeviceBaseStr base;
+ NSSModule *module; /* Parent */
+ NSSToken *token; /* Peer */
+ CK_SLOT_ID slotID;
+ CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */
+ struct nssSlotAuthInfoStr authInfo;
+ PRIntervalTime lastTokenPing;
+ PZLock *lock;
+ void *epv;
+ PK11SlotInfo *pk11slot;
+};
+
+struct nssSessionStr {
+ PZLock *lock;
+ CK_SESSION_HANDLE handle;
+ NSSSlot *slot;
+ PRBool isRW;
+ PRBool ownLock;
+};
+
+typedef enum {
+ NSSCertificateType_Unknown = 0,
+ NSSCertificateType_PKIX = 1
+} NSSCertificateType;
+
+typedef enum {
+ nssTrustLevel_Unknown = 0,
+ nssTrustLevel_NotTrusted = 1,
+ nssTrustLevel_Trusted = 2,
+ nssTrustLevel_TrustedDelegator = 3,
+ nssTrustLevel_MustVerify = 4,
+ nssTrustLevel_ValidDelegator = 5
+} nssTrustLevel;
+
+typedef struct nssCryptokiInstanceStr nssCryptokiInstance;
+
+struct nssCryptokiInstanceStr {
+ CK_OBJECT_HANDLE handle;
+ NSSToken *token;
+ PRBool isTokenObject;
+ NSSUTF8 *label;
+};
+
+typedef struct nssCryptokiInstanceStr nssCryptokiObject;
+
+typedef struct nssTokenCertSearchStr nssTokenCertSearch;
+
+typedef enum {
+ nssTokenSearchType_AllObjects = 0,
+ nssTokenSearchType_SessionOnly = 1,
+ nssTokenSearchType_TokenOnly = 2,
+ nssTokenSearchType_TokenForced = 3
+} nssTokenSearchType;
+
+struct nssTokenCertSearchStr {
+ nssTokenSearchType searchType;
+ PRStatus (*callback)(NSSCertificate *c, void *arg);
+ void *cbarg;
+ nssList *cached;
+ /* TODO: add a cache query callback if the list would be large
+ * (traversal)
+ */
+};
+
+struct nssSlotListStr;
+typedef struct nssSlotListStr nssSlotList;
+
+struct NSSAlgorithmAndParametersStr {
+ CK_MECHANISM mechanism;
+};
+
+PR_END_EXTERN_C
+
+#endif /* DEVT_H */
diff --git a/security/nss/lib/dev/devtm.h b/security/nss/lib/dev/devtm.h
new file mode 100644
index 000000000..ef3c4c076
--- /dev/null
+++ b/security/nss/lib/dev/devtm.h
@@ -0,0 +1,25 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEVTM_H
+#define DEVTM_H
+
+/*
+ * devtm.h
+ *
+ * This file contains module-private definitions for the low-level
+ * cryptoki devices.
+ */
+
+#ifndef DEVT_H
+#include "devt.h"
+#endif /* DEVT_H */
+
+PR_BEGIN_EXTERN_C
+
+#define MAX_LOCAL_CACHE_OBJECTS 10
+
+PR_END_EXTERN_C
+
+#endif /* DEVTM_H */
diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c
new file mode 100644
index 000000000..0adbca8bc
--- /dev/null
+++ b/security/nss/lib/dev/devtoken.c
@@ -0,0 +1,1558 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkcs11.h"
+
+#ifndef DEVM_H
+#include "devm.h"
+#endif /* DEVM_H */
+
+#ifndef CKHELPER_H
+#include "ckhelper.h"
+#endif /* CKHELPER_H */
+
+#include "pk11func.h"
+#include "dev3hack.h"
+#include "secerr.h"
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
+extern const NSSError NSS_ERROR_PKCS11;
+
+/* The number of object handles to grab during each call to C_FindObjects */
+#define OBJECT_STACK_SIZE 16
+
+NSS_IMPLEMENT PRStatus
+nssToken_Destroy(
+ NSSToken *tok)
+{
+ if (tok) {
+ if (PR_ATOMIC_DECREMENT(&tok->base.refCount) == 0) {
+ PZ_DestroyLock(tok->base.lock);
+ nssTokenObjectCache_Destroy(tok->cache);
+ /* The token holds the first/last reference to the slot.
+ * When the token is actually destroyed, that ref must go too.
+ */
+ (void)nssSlot_Destroy(tok->slot);
+ return nssArena_Destroy(tok->base.arena);
+ }
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT void
+nssToken_Remove(
+ NSSToken *tok)
+{
+ nssTokenObjectCache_Clear(tok->cache);
+}
+
+NSS_IMPLEMENT void
+NSSToken_Destroy(
+ NSSToken *tok)
+{
+ (void)nssToken_Destroy(tok);
+}
+
+NSS_IMPLEMENT NSSToken *
+nssToken_AddRef(
+ NSSToken *tok)
+{
+ PR_ATOMIC_INCREMENT(&tok->base.refCount);
+ return tok;
+}
+
+NSS_IMPLEMENT NSSSlot *
+nssToken_GetSlot(
+ NSSToken *tok)
+{
+ return nssSlot_AddRef(tok->slot);
+}
+
+NSS_IMPLEMENT void *
+nssToken_GetCryptokiEPV(
+ NSSToken *token)
+{
+ return nssSlot_GetCryptokiEPV(token->slot);
+}
+
+NSS_IMPLEMENT nssSession *
+nssToken_GetDefaultSession(
+ NSSToken *token)
+{
+ return token->defaultSession;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nssToken_GetName(
+ NSSToken *tok)
+{
+ if (tok == NULL) {
+ return "";
+ }
+ if (tok->base.name[0] == 0) {
+ (void)nssSlot_IsTokenPresent(tok->slot);
+ }
+ return tok->base.name;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+NSSToken_GetName(
+ NSSToken *token)
+{
+ return nssToken_GetName(token);
+}
+
+NSS_IMPLEMENT PRBool
+nssToken_IsLoginRequired(
+ NSSToken *token)
+{
+ return (token->ckFlags & CKF_LOGIN_REQUIRED);
+}
+
+NSS_IMPLEMENT PRBool
+nssToken_NeedsPINInitialization(
+ NSSToken *token)
+{
+ return (!(token->ckFlags & CKF_USER_PIN_INITIALIZED));
+}
+
+NSS_IMPLEMENT PRStatus
+nssToken_DeleteStoredObject(
+ nssCryptokiObject *instance)
+{
+ CK_RV ckrv;
+ PRStatus status;
+ PRBool createdSession = PR_FALSE;
+ NSSToken *token = instance->token;
+ nssSession *session = NULL;
+ void *epv = nssToken_GetCryptokiEPV(instance->token);
+ if (token->cache) {
+ nssTokenObjectCache_RemoveObject(token->cache, instance);
+ }
+ if (instance->isTokenObject) {
+ if (token->defaultSession &&
+ nssSession_IsReadWrite(token->defaultSession)) {
+ session = token->defaultSession;
+ } else {
+ session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
+ createdSession = PR_TRUE;
+ }
+ }
+ if (session == NULL) {
+ return PR_FAILURE;
+ }
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_DestroyObject(session->handle, instance->handle);
+ nssSession_ExitMonitor(session);
+ if (createdSession) {
+ nssSession_Destroy(session);
+ }
+ status = PR_SUCCESS;
+ if (ckrv != CKR_OK) {
+ status = PR_FAILURE;
+ /* use the error stack to pass the PKCS #11 error out */
+ nss_SetError(ckrv);
+ nss_SetError(NSS_ERROR_PKCS11);
+ }
+ return status;
+}
+
+static nssCryptokiObject *
+import_object(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ CK_ATTRIBUTE_PTR objectTemplate,
+ CK_ULONG otsize)
+{
+ nssSession *session = NULL;
+ PRBool createdSession = PR_FALSE;
+ nssCryptokiObject *object = NULL;
+ CK_OBJECT_HANDLE handle;
+ CK_RV ckrv;
+ void *epv = nssToken_GetCryptokiEPV(tok);
+ if (nssCKObject_IsTokenObjectTemplate(objectTemplate, otsize)) {
+ if (sessionOpt) {
+ if (!nssSession_IsReadWrite(sessionOpt)) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return NULL;
+ }
+ session = sessionOpt;
+ } else if (tok->defaultSession &&
+ nssSession_IsReadWrite(tok->defaultSession)) {
+ session = tok->defaultSession;
+ } else {
+ session = nssSlot_CreateSession(tok->slot, NULL, PR_TRUE);
+ createdSession = PR_TRUE;
+ }
+ } else {
+ session = (sessionOpt) ? sessionOpt : tok->defaultSession;
+ }
+ if (session == NULL) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return NULL;
+ }
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_CreateObject(session->handle,
+ objectTemplate, otsize,
+ &handle);
+ nssSession_ExitMonitor(session);
+ if (ckrv == CKR_OK) {
+ object = nssCryptokiObject_Create(tok, session, handle);
+ } else {
+ nss_SetError(ckrv);
+ nss_SetError(NSS_ERROR_PKCS11);
+ }
+ if (createdSession) {
+ nssSession_Destroy(session);
+ }
+ return object;
+}
+
+static nssCryptokiObject **
+create_objects_from_handles(
+ NSSToken *tok,
+ nssSession *session,
+ CK_OBJECT_HANDLE *handles,
+ PRUint32 numH)
+{
+ nssCryptokiObject **objects;
+ objects = nss_ZNEWARRAY(NULL, nssCryptokiObject *, numH + 1);
+ if (objects) {
+ PRInt32 i;
+ for (i = 0; i < (PRInt32)numH; i++) {
+ objects[i] = nssCryptokiObject_Create(tok, session, handles[i]);
+ if (!objects[i]) {
+ for (--i; i > 0; --i) {
+ nssCryptokiObject_Destroy(objects[i]);
+ }
+ nss_ZFreeIf(objects);
+ objects = NULL;
+ break;
+ }
+ }
+ }
+ return objects;
+}
+
+static nssCryptokiObject **
+find_objects(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ CK_ATTRIBUTE_PTR obj_template,
+ CK_ULONG otsize,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_RV ckrv = CKR_OK;
+ CK_ULONG count;
+ CK_OBJECT_HANDLE *objectHandles = NULL;
+ CK_OBJECT_HANDLE staticObjects[OBJECT_STACK_SIZE];
+ PRUint32 arraySize, numHandles;
+ void *epv = nssToken_GetCryptokiEPV(tok);
+ nssCryptokiObject **objects;
+ nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ ckrv = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ /* the arena is only for the array of object handles */
+ if (maximumOpt > 0) {
+ arraySize = maximumOpt;
+ } else {
+ arraySize = OBJECT_STACK_SIZE;
+ }
+ numHandles = 0;
+ if (arraySize <= OBJECT_STACK_SIZE) {
+ objectHandles = staticObjects;
+ } else {
+ objectHandles = nss_ZNEWARRAY(NULL, CK_OBJECT_HANDLE, arraySize);
+ }
+ if (!objectHandles) {
+ ckrv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ nssSession_EnterMonitor(session); /* ==== session lock === */
+ /* Initialize the find with the template */
+ ckrv = CKAPI(epv)->C_FindObjectsInit(session->handle,
+ obj_template, otsize);
+ if (ckrv != CKR_OK) {
+ nssSession_ExitMonitor(session);
+ goto loser;
+ }
+ while (PR_TRUE) {
+ /* Issue the find for up to arraySize - numHandles objects */
+ ckrv = CKAPI(epv)->C_FindObjects(session->handle,
+ objectHandles + numHandles,
+ arraySize - numHandles,
+ &count);
+ if (ckrv != CKR_OK) {
+ nssSession_ExitMonitor(session);
+ goto loser;
+ }
+ /* bump the number of found objects */
+ numHandles += count;
+ if (maximumOpt > 0 || numHandles < arraySize) {
+ /* When a maximum is provided, the search is done all at once,
+ * so the search is finished. If the number returned was less
+ * than the number sought, the search is finished.
+ */
+ break;
+ }
+ /* the array is filled, double it and continue */
+ arraySize *= 2;
+ if (objectHandles == staticObjects) {
+ objectHandles = nss_ZNEWARRAY(NULL, CK_OBJECT_HANDLE, arraySize);
+ if (objectHandles) {
+ PORT_Memcpy(objectHandles, staticObjects,
+ OBJECT_STACK_SIZE * sizeof(objectHandles[1]));
+ }
+ } else {
+ objectHandles = nss_ZREALLOCARRAY(objectHandles,
+ CK_OBJECT_HANDLE,
+ arraySize);
+ }
+ if (!objectHandles) {
+ nssSession_ExitMonitor(session);
+ ckrv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+ ckrv = CKAPI(epv)->C_FindObjectsFinal(session->handle);
+ nssSession_ExitMonitor(session); /* ==== end session lock === */
+ if (ckrv != CKR_OK) {
+ goto loser;
+ }
+ if (numHandles > 0) {
+ objects = create_objects_from_handles(tok, session,
+ objectHandles, numHandles);
+ } else {
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ objects = NULL;
+ }
+ if (objectHandles && objectHandles != staticObjects) {
+ nss_ZFreeIf(objectHandles);
+ }
+ if (statusOpt)
+ *statusOpt = PR_SUCCESS;
+ return objects;
+loser:
+ if (objectHandles && objectHandles != staticObjects) {
+ nss_ZFreeIf(objectHandles);
+ }
+ /*
+ * These errors should be treated the same as if the objects just weren't
+ * found..
+ */
+ if ((ckrv == CKR_ATTRIBUTE_TYPE_INVALID) ||
+ (ckrv == CKR_ATTRIBUTE_VALUE_INVALID) ||
+ (ckrv == CKR_DATA_INVALID) ||
+ (ckrv == CKR_DATA_LEN_RANGE) ||
+ (ckrv == CKR_FUNCTION_NOT_SUPPORTED) ||
+ (ckrv == CKR_TEMPLATE_INCOMPLETE) ||
+ (ckrv == CKR_TEMPLATE_INCONSISTENT)) {
+
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ if (statusOpt)
+ *statusOpt = PR_SUCCESS;
+ } else {
+ nss_SetError(ckrv);
+ nss_SetError(NSS_ERROR_PKCS11);
+ if (statusOpt)
+ *statusOpt = PR_FAILURE;
+ }
+ return (nssCryptokiObject **)NULL;
+}
+
+static nssCryptokiObject **
+find_objects_by_template(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ CK_ATTRIBUTE_PTR obj_template,
+ CK_ULONG otsize,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_OBJECT_CLASS objclass = (CK_OBJECT_CLASS)-1;
+ nssCryptokiObject **objects = NULL;
+ PRUint32 i;
+
+ if (!token) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ if (statusOpt)
+ *statusOpt = PR_FAILURE;
+ return NULL;
+ }
+ for (i = 0; i < otsize; i++) {
+ if (obj_template[i].type == CKA_CLASS) {
+ objclass = *(CK_OBJECT_CLASS *)obj_template[i].pValue;
+ break;
+ }
+ }
+ PR_ASSERT(i < otsize);
+ if (i == otsize) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ if (statusOpt)
+ *statusOpt = PR_FAILURE;
+ return NULL;
+ }
+ /* If these objects are being cached, try looking there first */
+ if (token->cache &&
+ nssTokenObjectCache_HaveObjectClass(token->cache, objclass)) {
+ PRStatus status;
+ objects = nssTokenObjectCache_FindObjectsByTemplate(token->cache,
+ objclass,
+ obj_template,
+ otsize,
+ maximumOpt,
+ &status);
+ if (status == PR_SUCCESS) {
+ if (statusOpt)
+ *statusOpt = status;
+ return objects;
+ }
+ }
+ /* Either they are not cached, or cache failed; look on token. */
+ objects = find_objects(token, sessionOpt,
+ obj_template, otsize,
+ maximumOpt, statusOpt);
+ return objects;
+}
+
+extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_ImportCertificate(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSCertificateType certType,
+ NSSItem *id,
+ const NSSUTF8 *nickname,
+ NSSDER *encoding,
+ NSSDER *issuer,
+ NSSDER *subject,
+ NSSDER *serial,
+ NSSASCII7 *email,
+ PRBool asTokenObject)
+{
+ PRStatus status;
+ CK_CERTIFICATE_TYPE cert_type;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE cert_tmpl[10];
+ CK_ULONG ctsize;
+ nssTokenSearchType searchType;
+ nssCryptokiObject *rvObject = NULL;
+
+ if (!tok) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return NULL;
+ }
+ if (certType == NSSCertificateType_PKIX) {
+ cert_type = CKC_X_509;
+ } else {
+ return (nssCryptokiObject *)NULL;
+ }
+ NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
+ if (asTokenObject) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ searchType = nssTokenSearchType_TokenOnly;
+ } else {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ searchType = nssTokenSearchType_SessionOnly;
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_CERTIFICATE_TYPE, cert_type);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encoding);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, issuer);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, serial);
+ if (email) {
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NSS_EMAIL, email);
+ }
+ NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
+ /* see if the cert is already there */
+ rvObject = nssToken_FindCertificateByIssuerAndSerialNumber(tok,
+ sessionOpt,
+ issuer,
+ serial,
+ searchType,
+ NULL);
+ if (rvObject) {
+ NSSItem existingDER;
+ NSSSlot *slot = nssToken_GetSlot(tok);
+ nssSession *session = nssSlot_CreateSession(slot, NULL, PR_TRUE);
+ if (!session) {
+ nssCryptokiObject_Destroy(rvObject);
+ nssSlot_Destroy(slot);
+ return (nssCryptokiObject *)NULL;
+ }
+ /* Reject any attempt to import a new cert that has the same
+ * issuer/serial as an existing cert, but does not have the
+ * same encoding
+ */
+ NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
+ NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
+ NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
+ status = nssCKObject_GetAttributes(rvObject->handle,
+ cert_tmpl, ctsize, NULL,
+ session, slot);
+ NSS_CK_ATTRIBUTE_TO_ITEM(cert_tmpl, &existingDER);
+ if (status == PR_SUCCESS) {
+ if (!nssItem_Equal(encoding, &existingDER, NULL)) {
+ nss_SetError(NSS_ERROR_INVALID_CERTIFICATE);
+ status = PR_FAILURE;
+ }
+ nss_ZFreeIf(existingDER.data);
+ }
+ if (status == PR_FAILURE) {
+ nssCryptokiObject_Destroy(rvObject);
+ nssSession_Destroy(session);
+ nssSlot_Destroy(slot);
+ return (nssCryptokiObject *)NULL;
+ }
+ /* according to PKCS#11, label, ID, issuer, and serial number
+ * may change after the object has been created. For PKIX, the
+ * last two attributes can't change, so for now we'll only worry
+ * about the first two.
+ */
+ NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
+ NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
+ /* reset the mutable attributes on the token */
+ nssCKObject_SetAttributes(rvObject->handle,
+ cert_tmpl, ctsize,
+ session, slot);
+ if (!rvObject->label && nickname) {
+ rvObject->label = nssUTF8_Duplicate(nickname, NULL);
+ }
+ nssSession_Destroy(session);
+ nssSlot_Destroy(slot);
+ } else {
+ /* Import the certificate onto the token */
+ rvObject = import_object(tok, sessionOpt, cert_tmpl, ctsize);
+ }
+ if (rvObject && tok->cache) {
+ /* The cache will overwrite the attributes if the object already
+ * exists.
+ */
+ nssTokenObjectCache_ImportObject(tok->cache, rvObject,
+ CKO_CERTIFICATE,
+ cert_tmpl, ctsize);
+ }
+ return rvObject;
+}
+
+/* traverse all objects of the given class - this should only happen
+ * if the token has been marked as "traversable"
+ */
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindObjects(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ CK_OBJECT_CLASS objclass,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE obj_template[2];
+ CK_ULONG obj_size;
+ nssCryptokiObject **objects;
+ NSS_CK_TEMPLATE_START(obj_template, attr, obj_size);
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly ||
+ searchType == nssTokenSearchType_TokenForced) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_CLASS, objclass);
+ NSS_CK_TEMPLATE_FINISH(obj_template, attr, obj_size);
+
+ if (searchType == nssTokenSearchType_TokenForced) {
+ objects = find_objects(token, sessionOpt,
+ obj_template, obj_size,
+ maximumOpt, statusOpt);
+ } else {
+ objects = find_objects_by_template(token, sessionOpt,
+ obj_template, obj_size,
+ maximumOpt, statusOpt);
+ }
+ return objects;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindCertificatesBySubject(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *subject,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE subj_template[3];
+ CK_ULONG stsize;
+ nssCryptokiObject **objects;
+ NSS_CK_TEMPLATE_START(subj_template, attr, stsize);
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
+ NSS_CK_TEMPLATE_FINISH(subj_template, attr, stsize);
+ /* now locate the token certs matching this template */
+ objects = find_objects_by_template(token, sessionOpt,
+ subj_template, stsize,
+ maximumOpt, statusOpt);
+ return objects;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindCertificatesByNickname(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ const NSSUTF8 *name,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE nick_template[3];
+ CK_ULONG ntsize;
+ nssCryptokiObject **objects;
+ NSS_CK_TEMPLATE_START(nick_template, attr, ntsize);
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, name);
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_TEMPLATE_FINISH(nick_template, attr, ntsize);
+ /* now locate the token certs matching this template */
+ objects = find_objects_by_template(token, sessionOpt,
+ nick_template, ntsize,
+ maximumOpt, statusOpt);
+ if (!objects) {
+ /* This is to workaround the fact that PKCS#11 doesn't specify
+ * whether the '\0' should be included. XXX Is that still true?
+ * im - this is not needed by the current softoken. However, I'm
+ * leaving it in until I have surveyed more tokens to see if it needed.
+ * well, its needed by the builtin token...
+ */
+ nick_template[0].ulValueLen++;
+ objects = find_objects_by_template(token, sessionOpt,
+ nick_template, ntsize,
+ maximumOpt, statusOpt);
+ }
+ return objects;
+}
+
+/* XXX
+ * This function *does not* use the token object cache, because not even
+ * the softoken will return a value for CKA_NSS_EMAIL from a call
+ * to GetAttributes. The softoken does allow searches with that attribute,
+ * it just won't return a value for it.
+ */
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindCertificatesByEmail(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSASCII7 *email,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE email_template[3];
+ CK_ULONG etsize;
+ nssCryptokiObject **objects;
+ NSS_CK_TEMPLATE_START(email_template, attr, etsize);
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NSS_EMAIL, email);
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_TEMPLATE_FINISH(email_template, attr, etsize);
+ /* now locate the token certs matching this template */
+ objects = find_objects(token, sessionOpt,
+ email_template, etsize,
+ maximumOpt, statusOpt);
+ if (!objects) {
+ /* This is to workaround the fact that PKCS#11 doesn't specify
+ * whether the '\0' should be included. XXX Is that still true?
+ * im - this is not needed by the current softoken. However, I'm
+ * leaving it in until I have surveyed more tokens to see if it needed.
+ * well, its needed by the builtin token...
+ */
+ email_template[0].ulValueLen++;
+ objects = find_objects(token, sessionOpt,
+ email_template, etsize,
+ maximumOpt, statusOpt);
+ }
+ return objects;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindCertificatesByID(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSItem *id,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE id_template[3];
+ CK_ULONG idtsize;
+ nssCryptokiObject **objects;
+ NSS_CK_TEMPLATE_START(id_template, attr, idtsize);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_TEMPLATE_FINISH(id_template, attr, idtsize);
+ /* now locate the token certs matching this template */
+ objects = find_objects_by_template(token, sessionOpt,
+ id_template, idtsize,
+ maximumOpt, statusOpt);
+ return objects;
+}
+
+/*
+ * decode the serial item and return our result.
+ * NOTE serialDecode's data is really stored in serial. Don't free it.
+ */
+static PRStatus
+nssToken_decodeSerialItem(NSSItem *serial, NSSItem *serialDecode)
+{
+ unsigned char *data = (unsigned char *)serial->data;
+ int data_left, data_len, index;
+
+ if ((serial->size >= 3) && (data[0] == 0x2)) {
+ /* remove the der encoding of the serial number before generating the
+ * key.. */
+ data_left = serial->size - 2;
+ data_len = data[1];
+ index = 2;
+
+ /* extended length ? (not very likely for a serial number) */
+ if (data_len & 0x80) {
+ int len_count = data_len & 0x7f;
+
+ data_len = 0;
+ data_left -= len_count;
+ if (data_left > 0) {
+ while (len_count--) {
+ data_len = (data_len << 8) | data[index++];
+ }
+ }
+ }
+ /* XXX leaving any leading zeros on the serial number for backwards
+ * compatibility
+ */
+ /* not a valid der, must be just an unlucky serial number value */
+ if (data_len == data_left) {
+ serialDecode->size = data_len;
+ serialDecode->data = &data[index];
+ return PR_SUCCESS;
+ }
+ }
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_FindCertificateByIssuerAndSerialNumber(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *issuer,
+ NSSDER *serial,
+ nssTokenSearchType searchType,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE_PTR serialAttr;
+ CK_ATTRIBUTE cert_template[4];
+ CK_ULONG ctsize;
+ nssCryptokiObject **objects;
+ nssCryptokiObject *rvObject = NULL;
+ NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
+
+ if (!token) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ if (statusOpt)
+ *statusOpt = PR_FAILURE;
+ return NULL;
+ }
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if ((searchType == nssTokenSearchType_TokenOnly) ||
+ (searchType == nssTokenSearchType_TokenForced)) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ /* Set the unique id */
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, issuer);
+ serialAttr = attr;
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, serial);
+ NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
+ /* get the object handle */
+ if (searchType == nssTokenSearchType_TokenForced) {
+ objects = find_objects(token, sessionOpt,
+ cert_template, ctsize,
+ 1, statusOpt);
+ } else {
+ objects = find_objects_by_template(token, sessionOpt,
+ cert_template, ctsize,
+ 1, statusOpt);
+ }
+ if (objects) {
+ rvObject = objects[0];
+ nss_ZFreeIf(objects);
+ }
+
+ /*
+ * NSS used to incorrectly store serial numbers in their decoded form.
+ * because of this old tokens have decoded serial numbers.
+ */
+ if (!objects) {
+ NSSItem serialDecode;
+ PRStatus status;
+
+ status = nssToken_decodeSerialItem(serial, &serialDecode);
+ if (status != PR_SUCCESS) {
+ return NULL;
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(serialAttr, CKA_SERIAL_NUMBER, &serialDecode);
+ if (searchType == nssTokenSearchType_TokenForced) {
+ objects = find_objects(token, sessionOpt,
+ cert_template, ctsize,
+ 1, statusOpt);
+ } else {
+ objects = find_objects_by_template(token, sessionOpt,
+ cert_template, ctsize,
+ 1, statusOpt);
+ }
+ if (objects) {
+ rvObject = objects[0];
+ nss_ZFreeIf(objects);
+ }
+ }
+ return rvObject;
+}
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_FindCertificateByEncodedCertificate(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSBER *encodedCertificate,
+ nssTokenSearchType searchType,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE cert_template[3];
+ CK_ULONG ctsize;
+ nssCryptokiObject **objects;
+ nssCryptokiObject *rvObject = NULL;
+ NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
+ /* Set the search to token/session only if provided */
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCertificate);
+ NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
+ /* get the object handle */
+ objects = find_objects_by_template(token, sessionOpt,
+ cert_template, ctsize,
+ 1, statusOpt);
+ if (objects) {
+ rvObject = objects[0];
+ nss_ZFreeIf(objects);
+ }
+ return rvObject;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindPrivateKeys(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE key_template[2];
+ CK_ULONG ktsize;
+ nssCryptokiObject **objects;
+
+ NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_privkey);
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
+
+ objects = find_objects_by_template(token, sessionOpt,
+ key_template, ktsize,
+ maximumOpt, statusOpt);
+ return objects;
+}
+
+/* XXX ?there are no session cert objects, so only search token objects */
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_FindPrivateKeyByID(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSItem *keyID)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE key_template[3];
+ CK_ULONG ktsize;
+ nssCryptokiObject **objects;
+ nssCryptokiObject *rvKey = NULL;
+
+ NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_privkey);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, keyID);
+ NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
+
+ objects = find_objects_by_template(token, sessionOpt,
+ key_template, ktsize,
+ 1, NULL);
+ if (objects) {
+ rvKey = objects[0];
+ nss_ZFreeIf(objects);
+ }
+ return rvKey;
+}
+
+/* XXX ?there are no session cert objects, so only search token objects */
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_FindPublicKeyByID(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSItem *keyID)
+{
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE key_template[3];
+ CK_ULONG ktsize;
+ nssCryptokiObject **objects;
+ nssCryptokiObject *rvKey = NULL;
+
+ NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_pubkey);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, keyID);
+ NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
+
+ objects = find_objects_by_template(token, sessionOpt,
+ key_template, ktsize,
+ 1, NULL);
+ if (objects) {
+ rvKey = objects[0];
+ nss_ZFreeIf(objects);
+ }
+ return rvKey;
+}
+
+static void
+sha1_hash(NSSItem *input, NSSItem *output)
+{
+ NSSAlgorithmAndParameters *ap;
+ PK11SlotInfo *internal = PK11_GetInternalSlot();
+ NSSToken *token = PK11Slot_GetNSSToken(internal);
+ ap = NSSAlgorithmAndParameters_CreateSHA1Digest(NULL);
+ (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
+ PK11_FreeSlot(token->pk11slot);
+ nss_ZFreeIf(ap);
+}
+
+static void
+md5_hash(NSSItem *input, NSSItem *output)
+{
+ NSSAlgorithmAndParameters *ap;
+ PK11SlotInfo *internal = PK11_GetInternalSlot();
+ NSSToken *token = PK11Slot_GetNSSToken(internal);
+ ap = NSSAlgorithmAndParameters_CreateMD5Digest(NULL);
+ (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
+ PK11_FreeSlot(token->pk11slot);
+ nss_ZFreeIf(ap);
+}
+
+static CK_TRUST
+get_ck_trust(
+ nssTrustLevel nssTrust)
+{
+ CK_TRUST t;
+ switch (nssTrust) {
+ case nssTrustLevel_NotTrusted:
+ t = CKT_NSS_NOT_TRUSTED;
+ break;
+ case nssTrustLevel_TrustedDelegator:
+ t = CKT_NSS_TRUSTED_DELEGATOR;
+ break;
+ case nssTrustLevel_ValidDelegator:
+ t = CKT_NSS_VALID_DELEGATOR;
+ break;
+ case nssTrustLevel_Trusted:
+ t = CKT_NSS_TRUSTED;
+ break;
+ case nssTrustLevel_MustVerify:
+ t = CKT_NSS_MUST_VERIFY_TRUST;
+ break;
+ case nssTrustLevel_Unknown:
+ default:
+ t = CKT_NSS_TRUST_UNKNOWN;
+ break;
+ }
+ return t;
+}
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_ImportTrust(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSDER *certEncoding,
+ NSSDER *certIssuer,
+ NSSDER *certSerial,
+ nssTrustLevel serverAuth,
+ nssTrustLevel clientAuth,
+ nssTrustLevel codeSigning,
+ nssTrustLevel emailProtection,
+ PRBool stepUpApproved,
+ PRBool asTokenObject)
+{
+ nssCryptokiObject *object;
+ CK_OBJECT_CLASS tobjc = CKO_NSS_TRUST;
+ CK_TRUST ckSA, ckCA, ckCS, ckEP;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE trust_tmpl[11];
+ CK_ULONG tsize;
+ PRUint8 sha1[20]; /* this is cheating... */
+ PRUint8 md5[16];
+ NSSItem sha1_result, md5_result;
+ sha1_result.data = sha1;
+ sha1_result.size = sizeof sha1;
+ md5_result.data = md5;
+ md5_result.size = sizeof md5;
+ sha1_hash(certEncoding, &sha1_result);
+ md5_hash(certEncoding, &md5_result);
+ ckSA = get_ck_trust(serverAuth);
+ ckCA = get_ck_trust(clientAuth);
+ ckCS = get_ck_trust(codeSigning);
+ ckEP = get_ck_trust(emailProtection);
+ NSS_CK_TEMPLATE_START(trust_tmpl, attr, tsize);
+ if (asTokenObject) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ } else {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ }
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_CLASS, tobjc);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, certIssuer);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, certSerial);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH, &sha1_result);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_MD5_HASH, &md5_result);
+ /* now set the trust values */
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_SERVER_AUTH, ckSA);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH, ckCA);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING, ckCS);
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, ckEP);
+ if (stepUpApproved) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TRUST_STEP_UP_APPROVED,
+ &g_ck_true);
+ } else {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TRUST_STEP_UP_APPROVED,
+ &g_ck_false);
+ }
+ NSS_CK_TEMPLATE_FINISH(trust_tmpl, attr, tsize);
+ /* import the trust object onto the token */
+ object = import_object(tok, sessionOpt, trust_tmpl, tsize);
+ if (object && tok->cache) {
+ nssTokenObjectCache_ImportObject(tok->cache, object, tobjc,
+ trust_tmpl, tsize);
+ }
+ return object;
+}
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_FindTrustForCertificate(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *certEncoding,
+ NSSDER *certIssuer,
+ NSSDER *certSerial,
+ nssTokenSearchType searchType)
+{
+ CK_OBJECT_CLASS tobjc = CKO_NSS_TRUST;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE tobj_template[5];
+ CK_ULONG tobj_size;
+ nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
+ nssCryptokiObject *object = NULL, **objects;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return object;
+ }
+
+ NSS_CK_TEMPLATE_START(tobj_template, attr, tobj_size);
+ if (searchType == nssTokenSearchType_TokenOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_CLASS, tobjc);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, certIssuer);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, certSerial);
+ NSS_CK_TEMPLATE_FINISH(tobj_template, attr, tobj_size);
+ objects = find_objects_by_template(token, session,
+ tobj_template, tobj_size,
+ 1, NULL);
+ if (objects) {
+ object = objects[0];
+ nss_ZFreeIf(objects);
+ }
+ return object;
+}
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssToken_ImportCRL(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *subject,
+ NSSDER *encoding,
+ PRBool isKRL,
+ NSSUTF8 *url,
+ PRBool asTokenObject)
+{
+ nssCryptokiObject *object;
+ CK_OBJECT_CLASS crlobjc = CKO_NSS_CRL;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE crl_tmpl[6];
+ CK_ULONG crlsize;
+
+ NSS_CK_TEMPLATE_START(crl_tmpl, attr, crlsize);
+ if (asTokenObject) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ } else {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ }
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_CLASS, crlobjc);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encoding);
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NSS_URL, url);
+ if (isKRL) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_NSS_KRL, &g_ck_true);
+ } else {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_NSS_KRL, &g_ck_false);
+ }
+ NSS_CK_TEMPLATE_FINISH(crl_tmpl, attr, crlsize);
+
+ /* import the crl object onto the token */
+ object = import_object(token, sessionOpt, crl_tmpl, crlsize);
+ if (object && token->cache) {
+ nssTokenObjectCache_ImportObject(token->cache, object, crlobjc,
+ crl_tmpl, crlsize);
+ }
+ return object;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssToken_FindCRLsBySubject(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ NSSDER *subject,
+ nssTokenSearchType searchType,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ CK_OBJECT_CLASS crlobjc = CKO_NSS_CRL;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE crlobj_template[3];
+ CK_ULONG crlobj_size;
+ nssCryptokiObject **objects = NULL;
+ nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return objects;
+ }
+
+ NSS_CK_TEMPLATE_START(crlobj_template, attr, crlobj_size);
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly ||
+ searchType == nssTokenSearchType_TokenForced) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_CLASS, crlobjc);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
+ NSS_CK_TEMPLATE_FINISH(crlobj_template, attr, crlobj_size);
+
+ objects = find_objects_by_template(token, session,
+ crlobj_template, crlobj_size,
+ maximumOpt, statusOpt);
+ return objects;
+}
+
+NSS_IMPLEMENT PRStatus
+nssToken_GetCachedObjectAttributes(
+ NSSToken *token,
+ NSSArena *arenaOpt,
+ nssCryptokiObject *object,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR atemplate,
+ CK_ULONG atlen)
+{
+ if (!token->cache) {
+ return PR_FAILURE;
+ }
+ return nssTokenObjectCache_GetObjectAttributes(token->cache, arenaOpt,
+ object, objclass,
+ atemplate, atlen);
+}
+
+NSS_IMPLEMENT NSSItem *
+nssToken_Digest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSAlgorithmAndParameters *ap,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ CK_RV ckrv;
+ CK_ULONG digestLen;
+ CK_BYTE_PTR digest;
+ NSSItem *rvItem = NULL;
+ void *epv = nssToken_GetCryptokiEPV(tok);
+ nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return rvItem;
+ }
+
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_DigestInit(session->handle, &ap->mechanism);
+ if (ckrv != CKR_OK) {
+ nssSession_ExitMonitor(session);
+ return NULL;
+ }
+#if 0
+ /* XXX the standard says this should work, but it doesn't */
+ ckrv = CKAPI(epv)->C_Digest(session->handle, NULL, 0, NULL, &digestLen);
+ if (ckrv != CKR_OK) {
+ nssSession_ExitMonitor(session);
+ return NULL;
+ }
+#endif
+ digestLen = 0; /* XXX for now */
+ digest = NULL;
+ if (rvOpt) {
+ if (rvOpt->size > 0 && rvOpt->size < digestLen) {
+ nssSession_ExitMonitor(session);
+ /* the error should be bad args */
+ return NULL;
+ }
+ if (rvOpt->data) {
+ digest = rvOpt->data;
+ }
+ digestLen = rvOpt->size;
+ }
+ if (!digest) {
+ digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
+ if (!digest) {
+ nssSession_ExitMonitor(session);
+ return NULL;
+ }
+ }
+ ckrv = CKAPI(epv)->C_Digest(session->handle,
+ (CK_BYTE_PTR)data->data,
+ (CK_ULONG)data->size,
+ (CK_BYTE_PTR)digest,
+ &digestLen);
+ nssSession_ExitMonitor(session);
+ if (ckrv != CKR_OK) {
+ nss_ZFreeIf(digest);
+ return NULL;
+ }
+ if (!rvOpt) {
+ rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
+ }
+ return rvItem;
+}
+
+NSS_IMPLEMENT PRStatus
+nssToken_BeginDigest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSAlgorithmAndParameters *ap)
+{
+ CK_RV ckrv;
+ void *epv = nssToken_GetCryptokiEPV(tok);
+ nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return PR_FAILURE;
+ }
+
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_DigestInit(session->handle, &ap->mechanism);
+ nssSession_ExitMonitor(session);
+ return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+nssToken_ContinueDigest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSItem *item)
+{
+ CK_RV ckrv;
+ void *epv = nssToken_GetCryptokiEPV(tok);
+ nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return PR_FAILURE;
+ }
+
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_DigestUpdate(session->handle,
+ (CK_BYTE_PTR)item->data,
+ (CK_ULONG)item->size);
+ nssSession_ExitMonitor(session);
+ return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+nssToken_FinishDigest(
+ NSSToken *tok,
+ nssSession *sessionOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ CK_RV ckrv;
+ CK_ULONG digestLen;
+ CK_BYTE_PTR digest;
+ NSSItem *rvItem = NULL;
+ void *epv = nssToken_GetCryptokiEPV(tok);
+ nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return NULL;
+ }
+
+ nssSession_EnterMonitor(session);
+ ckrv = CKAPI(epv)->C_DigestFinal(session->handle, NULL, &digestLen);
+ if (ckrv != CKR_OK || digestLen == 0) {
+ nssSession_ExitMonitor(session);
+ return NULL;
+ }
+ digest = NULL;
+ if (rvOpt) {
+ if (rvOpt->size > 0 && rvOpt->size < digestLen) {
+ nssSession_ExitMonitor(session);
+ /* the error should be bad args */
+ return NULL;
+ }
+ if (rvOpt->data) {
+ digest = rvOpt->data;
+ }
+ digestLen = rvOpt->size;
+ }
+ if (!digest) {
+ digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
+ if (!digest) {
+ nssSession_ExitMonitor(session);
+ return NULL;
+ }
+ }
+ ckrv = CKAPI(epv)->C_DigestFinal(session->handle, digest, &digestLen);
+ nssSession_ExitMonitor(session);
+ if (ckrv != CKR_OK) {
+ nss_ZFreeIf(digest);
+ return NULL;
+ }
+ if (!rvOpt) {
+ rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
+ }
+ return rvItem;
+}
+
+NSS_IMPLEMENT PRBool
+nssToken_IsPresent(
+ NSSToken *token)
+{
+ return nssSlot_IsTokenPresent(token->slot);
+}
+
+/* Sigh. The methods to find objects declared above cause problems with
+ * the low-level object cache in the softoken -- the objects are found in
+ * toto, then one wave of GetAttributes is done, then another. Having a
+ * large number of objects causes the cache to be thrashed, as the objects
+ * are gone before there's any chance to ask for their attributes.
+ * So, for now, bringing back traversal methods for certs. This way all of
+ * the cert's attributes can be grabbed immediately after finding it,
+ * increasing the likelihood that the cache takes care of it.
+ */
+NSS_IMPLEMENT PRStatus
+nssToken_TraverseCertificates(
+ NSSToken *token,
+ nssSession *sessionOpt,
+ nssTokenSearchType searchType,
+ PRStatus (*callback)(nssCryptokiObject *instance, void *arg),
+ void *arg)
+{
+ CK_RV ckrv;
+ CK_ULONG count;
+ CK_OBJECT_HANDLE *objectHandles;
+ CK_ATTRIBUTE_PTR attr;
+ CK_ATTRIBUTE cert_template[2];
+ CK_ULONG ctsize;
+ NSSArena *arena;
+ PRUint32 arraySize, numHandles;
+ nssCryptokiObject **objects;
+ void *epv = nssToken_GetCryptokiEPV(token);
+ nssSession *session = (sessionOpt) ? sessionOpt : token->defaultSession;
+
+ /* Don't ask the module to use an invalid session handle. */
+ if (!session || session->handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return PR_FAILURE;
+ }
+
+ /* template for all certs */
+ NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
+ if (searchType == nssTokenSearchType_SessionOnly) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
+ } else if (searchType == nssTokenSearchType_TokenOnly ||
+ searchType == nssTokenSearchType_TokenForced) {
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
+ }
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
+ NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
+
+ /* the arena is only for the array of object handles */
+ arena = nssArena_Create();
+ if (!arena) {
+ return PR_FAILURE;
+ }
+ arraySize = OBJECT_STACK_SIZE;
+ numHandles = 0;
+ objectHandles = nss_ZNEWARRAY(arena, CK_OBJECT_HANDLE, arraySize);
+ if (!objectHandles) {
+ goto loser;
+ }
+ nssSession_EnterMonitor(session); /* ==== session lock === */
+ /* Initialize the find with the template */
+ ckrv = CKAPI(epv)->C_FindObjectsInit(session->handle,
+ cert_template, ctsize);
+ if (ckrv != CKR_OK) {
+ nssSession_ExitMonitor(session);
+ goto loser;
+ }
+ while (PR_TRUE) {
+ /* Issue the find for up to arraySize - numHandles objects */
+ ckrv = CKAPI(epv)->C_FindObjects(session->handle,
+ objectHandles + numHandles,
+ arraySize - numHandles,
+ &count);
+ if (ckrv != CKR_OK) {
+ nssSession_ExitMonitor(session);
+ goto loser;
+ }
+ /* bump the number of found objects */
+ numHandles += count;
+ if (numHandles < arraySize) {
+ break;
+ }
+ /* the array is filled, double it and continue */
+ arraySize *= 2;
+ objectHandles = nss_ZREALLOCARRAY(objectHandles,
+ CK_OBJECT_HANDLE,
+ arraySize);
+ if (!objectHandles) {
+ nssSession_ExitMonitor(session);
+ goto loser;
+ }
+ }
+ ckrv = CKAPI(epv)->C_FindObjectsFinal(session->handle);
+ nssSession_ExitMonitor(session); /* ==== end session lock === */
+ if (ckrv != CKR_OK) {
+ goto loser;
+ }
+ if (numHandles > 0) {
+ objects = create_objects_from_handles(token, session,
+ objectHandles, numHandles);
+ if (objects) {
+ nssCryptokiObject **op;
+ for (op = objects; *op; op++) {
+ (void)(*callback)(*op, arg);
+ }
+ nss_ZFreeIf(objects);
+ }
+ }
+ nssArena_Destroy(arena);
+ return PR_SUCCESS;
+loser:
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRBool
+nssToken_IsPrivateKeyAvailable(
+ NSSToken *token,
+ NSSCertificate *c,
+ nssCryptokiObject *instance)
+{
+ CK_OBJECT_CLASS theClass;
+
+ if (token == NULL)
+ return PR_FALSE;
+ if (c == NULL)
+ return PR_FALSE;
+
+ theClass = CKO_PRIVATE_KEY;
+ if (!nssSlot_IsLoggedIn(token->slot)) {
+ theClass = CKO_PUBLIC_KEY;
+ }
+ if (PK11_MatchItem(token->pk11slot, instance->handle, theClass) !=
+ CK_INVALID_HANDLE) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c
new file mode 100644
index 000000000..b8f82c810
--- /dev/null
+++ b/security/nss/lib/dev/devutil.c
@@ -0,0 +1,998 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEVM_H
+#include "devm.h"
+#endif /* DEVM_H */
+
+#ifndef CKHELPER_H
+#include "ckhelper.h"
+#endif /* CKHELPER_H */
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssCryptokiObject_Create(
+ NSSToken *t,
+ nssSession *session,
+ CK_OBJECT_HANDLE h)
+{
+ PRStatus status;
+ NSSSlot *slot;
+ nssCryptokiObject *object;
+ CK_BBOOL *isTokenObject;
+ CK_ATTRIBUTE cert_template[] = {
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_LABEL, NULL, 0 }
+ };
+ slot = nssToken_GetSlot(t);
+ status = nssCKObject_GetAttributes(h, cert_template, 2,
+ NULL, session, slot);
+ nssSlot_Destroy(slot);
+ if (status != PR_SUCCESS) {
+ /* a failure here indicates a device error */
+ return (nssCryptokiObject *)NULL;
+ }
+ object = nss_ZNEW(NULL, nssCryptokiObject);
+ if (!object) {
+ return (nssCryptokiObject *)NULL;
+ }
+ object->handle = h;
+ object->token = nssToken_AddRef(t);
+ isTokenObject = (CK_BBOOL *)cert_template[0].pValue;
+ object->isTokenObject = *isTokenObject;
+ nss_ZFreeIf(isTokenObject);
+ NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[1], object->label);
+ return object;
+}
+
+NSS_IMPLEMENT void
+nssCryptokiObject_Destroy(
+ nssCryptokiObject *object)
+{
+ if (object) {
+ nssToken_Destroy(object->token);
+ nss_ZFreeIf(object->label);
+ nss_ZFreeIf(object);
+ }
+}
+
+NSS_IMPLEMENT nssCryptokiObject *
+nssCryptokiObject_Clone(
+ nssCryptokiObject *object)
+{
+ nssCryptokiObject *rvObject;
+ rvObject = nss_ZNEW(NULL, nssCryptokiObject);
+ if (rvObject) {
+ rvObject->handle = object->handle;
+ rvObject->token = nssToken_AddRef(object->token);
+ rvObject->isTokenObject = object->isTokenObject;
+ if (object->label) {
+ rvObject->label = nssUTF8_Duplicate(object->label, NULL);
+ }
+ }
+ return rvObject;
+}
+
+NSS_EXTERN PRBool
+nssCryptokiObject_Equal(
+ nssCryptokiObject *o1,
+ nssCryptokiObject *o2)
+{
+ return (o1->token == o2->token && o1->handle == o2->handle);
+}
+
+NSS_IMPLEMENT PRUint32
+nssPKCS11String_Length(CK_CHAR *pkcs11Str, PRUint32 bufLen)
+{
+ PRInt32 i;
+ for (i = bufLen - 1; i >= 0;) {
+ if (pkcs11Str[i] != ' ' && pkcs11Str[i] != '\0')
+ break;
+ --i;
+ }
+ return (PRUint32)(i + 1);
+}
+
+/*
+ * Slot arrays
+ */
+
+NSS_IMPLEMENT NSSSlot **
+nssSlotArray_Clone(
+ NSSSlot **slots)
+{
+ NSSSlot **rvSlots = NULL;
+ NSSSlot **sp = slots;
+ PRUint32 count = 0;
+ while (sp && *sp)
+ count++;
+ if (count > 0) {
+ rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1);
+ if (rvSlots) {
+ for (sp = slots, count = 0; *sp; sp++) {
+ rvSlots[count++] = nssSlot_AddRef(*sp);
+ }
+ }
+ }
+ return rvSlots;
+}
+
+NSS_IMPLEMENT void
+nssSlotArray_Destroy(
+ NSSSlot **slots)
+{
+ if (slots) {
+ NSSSlot **slotp;
+ for (slotp = slots; *slotp; slotp++) {
+ nssSlot_Destroy(*slotp);
+ }
+ nss_ZFreeIf(slots);
+ }
+}
+
+NSS_IMPLEMENT void
+NSSSlotArray_Destroy(
+ NSSSlot **slots)
+{
+ nssSlotArray_Destroy(slots);
+}
+
+NSS_IMPLEMENT void
+nssTokenArray_Destroy(
+ NSSToken **tokens)
+{
+ if (tokens) {
+ NSSToken **tokenp;
+ for (tokenp = tokens; *tokenp; tokenp++) {
+ nssToken_Destroy(*tokenp);
+ }
+ nss_ZFreeIf(tokens);
+ }
+}
+
+NSS_IMPLEMENT void
+NSSTokenArray_Destroy(
+ NSSToken **tokens)
+{
+ nssTokenArray_Destroy(tokens);
+}
+
+NSS_IMPLEMENT void
+nssCryptokiObjectArray_Destroy(
+ nssCryptokiObject **objects)
+{
+ if (objects) {
+ nssCryptokiObject **op;
+ for (op = objects; *op; op++) {
+ nssCryptokiObject_Destroy(*op);
+ }
+ nss_ZFreeIf(objects);
+ }
+}
+
+/* object cache for token */
+
+typedef struct
+{
+ NSSArena *arena;
+ nssCryptokiObject *object;
+ CK_ATTRIBUTE_PTR attributes;
+ CK_ULONG numAttributes;
+} nssCryptokiObjectAndAttributes;
+
+enum {
+ cachedCerts = 0,
+ cachedTrust = 1,
+ cachedCRLs = 2
+} cachedObjectType;
+
+struct nssTokenObjectCacheStr {
+ NSSToken *token;
+ PZLock *lock;
+ PRBool loggedIn;
+ PRBool doObjectType[3];
+ PRBool searchedObjectType[3];
+ nssCryptokiObjectAndAttributes **objects[3];
+};
+
+NSS_IMPLEMENT nssTokenObjectCache *
+nssTokenObjectCache_Create(
+ NSSToken *token,
+ PRBool cacheCerts,
+ PRBool cacheTrust,
+ PRBool cacheCRLs)
+{
+ nssTokenObjectCache *rvCache;
+ rvCache = nss_ZNEW(NULL, nssTokenObjectCache);
+ if (!rvCache) {
+ goto loser;
+ }
+ rvCache->lock = PZ_NewLock(nssILockOther); /* XXX */
+ if (!rvCache->lock) {
+ goto loser;
+ }
+ rvCache->doObjectType[cachedCerts] = cacheCerts;
+ rvCache->doObjectType[cachedTrust] = cacheTrust;
+ rvCache->doObjectType[cachedCRLs] = cacheCRLs;
+ rvCache->token = token; /* cache goes away with token */
+ return rvCache;
+loser:
+ nssTokenObjectCache_Destroy(rvCache);
+ return (nssTokenObjectCache *)NULL;
+}
+
+static void
+clear_cache(
+ nssTokenObjectCache *cache)
+{
+ nssCryptokiObjectAndAttributes **oa;
+ PRUint32 objectType;
+ for (objectType = cachedCerts; objectType <= cachedCRLs; objectType++) {
+ cache->searchedObjectType[objectType] = PR_FALSE;
+ if (!cache->objects[objectType]) {
+ continue;
+ }
+ for (oa = cache->objects[objectType]; *oa; oa++) {
+ /* prevent the token from being destroyed */
+ (*oa)->object->token = NULL;
+ nssCryptokiObject_Destroy((*oa)->object);
+ nssArena_Destroy((*oa)->arena);
+ }
+ nss_ZFreeIf(cache->objects[objectType]);
+ cache->objects[objectType] = NULL;
+ }
+}
+
+NSS_IMPLEMENT void
+nssTokenObjectCache_Clear(
+ nssTokenObjectCache *cache)
+{
+ if (cache) {
+ PZ_Lock(cache->lock);
+ clear_cache(cache);
+ PZ_Unlock(cache->lock);
+ }
+}
+
+NSS_IMPLEMENT void
+nssTokenObjectCache_Destroy(
+ nssTokenObjectCache *cache)
+{
+ if (cache) {
+ clear_cache(cache);
+ if (cache->lock) {
+ PZ_DestroyLock(cache->lock);
+ }
+ nss_ZFreeIf(cache);
+ }
+}
+
+NSS_IMPLEMENT PRBool
+nssTokenObjectCache_HaveObjectClass(
+ nssTokenObjectCache *cache,
+ CK_OBJECT_CLASS objclass)
+{
+ PRBool haveIt;
+ PZ_Lock(cache->lock);
+ switch (objclass) {
+ case CKO_CERTIFICATE:
+ haveIt = cache->doObjectType[cachedCerts];
+ break;
+ case CKO_NETSCAPE_TRUST:
+ haveIt = cache->doObjectType[cachedTrust];
+ break;
+ case CKO_NETSCAPE_CRL:
+ haveIt = cache->doObjectType[cachedCRLs];
+ break;
+ default:
+ haveIt = PR_FALSE;
+ }
+ PZ_Unlock(cache->lock);
+ return haveIt;
+}
+
+static nssCryptokiObjectAndAttributes **
+create_object_array(
+ nssCryptokiObject **objects,
+ PRBool *doObjects,
+ PRUint32 *numObjects,
+ PRStatus *status)
+{
+ nssCryptokiObjectAndAttributes **rvOandA = NULL;
+ *numObjects = 0;
+ /* There are no objects for this type */
+ if (!objects || !*objects) {
+ *status = PR_SUCCESS;
+ return rvOandA;
+ }
+ while (*objects++)
+ (*numObjects)++;
+ if (*numObjects >= MAX_LOCAL_CACHE_OBJECTS) {
+ /* Hit the maximum allowed, so don't use a cache (there are
+ * too many objects to make caching worthwhile, presumably, if
+ * the token can handle that many objects, it can handle searching.
+ */
+ *doObjects = PR_FALSE;
+ *status = PR_FAILURE;
+ *numObjects = 0;
+ } else {
+ rvOandA = nss_ZNEWARRAY(NULL,
+ nssCryptokiObjectAndAttributes *,
+ *numObjects + 1);
+ *status = rvOandA ? PR_SUCCESS : PR_FAILURE;
+ }
+ return rvOandA;
+}
+
+static nssCryptokiObjectAndAttributes *
+create_object(
+ nssCryptokiObject *object,
+ const CK_ATTRIBUTE_TYPE *types,
+ PRUint32 numTypes,
+ PRStatus *status)
+{
+ PRUint32 j;
+ NSSArena *arena = NULL;
+ NSSSlot *slot = NULL;
+ nssSession *session = NULL;
+ nssCryptokiObjectAndAttributes *rvCachedObject = NULL;
+
+ slot = nssToken_GetSlot(object->token);
+ if (!slot) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ goto loser;
+ }
+ session = nssToken_GetDefaultSession(object->token);
+ if (!session) {
+ nss_SetError(NSS_ERROR_INVALID_POINTER);
+ goto loser;
+ }
+ arena = nssArena_Create();
+ if (!arena) {
+ goto loser;
+ }
+ rvCachedObject = nss_ZNEW(arena, nssCryptokiObjectAndAttributes);
+ if (!rvCachedObject) {
+ goto loser;
+ }
+ rvCachedObject->arena = arena;
+ /* The cache is tied to the token, and therefore the objects
+ * in it should not hold references to the token.
+ */
+ nssToken_Destroy(object->token);
+ rvCachedObject->object = object;
+ rvCachedObject->attributes = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, numTypes);
+ if (!rvCachedObject->attributes) {
+ goto loser;
+ }
+ for (j = 0; j < numTypes; j++) {
+ rvCachedObject->attributes[j].type = types[j];
+ }
+ *status = nssCKObject_GetAttributes(object->handle,
+ rvCachedObject->attributes,
+ numTypes,
+ arena,
+ session,
+ slot);
+ if (*status != PR_SUCCESS) {
+ goto loser;
+ }
+ rvCachedObject->numAttributes = numTypes;
+ *status = PR_SUCCESS;
+ nssSlot_Destroy(slot);
+
+ return rvCachedObject;
+loser:
+ *status = PR_FAILURE;
+ if (slot) {
+ nssSlot_Destroy(slot);
+ }
+ if (arena)
+ nssArena_Destroy(arena);
+ return (nssCryptokiObjectAndAttributes *)NULL;
+}
+
+/*
+ *
+ * State diagram for cache:
+ *
+ * token !present token removed
+ * +-------------------------+<----------------------+
+ * | ^ |
+ * v | |
+ * +----------+ slot friendly | token present +----------+
+ * | cache | -----------------> % ---------------> | cache |
+ * | unloaded | | loaded |
+ * +----------+ +----------+
+ * ^ | ^ |
+ * | | slot !friendly slot logged in | |
+ * | +-----------------------> % ----------------------+ |
+ * | | |
+ * | slot logged out v slot !friendly |
+ * +-----------------------------+<--------------------------+
+ *
+ */
+
+/* This function must not be called with cache->lock locked. */
+static PRBool
+token_is_present(
+ nssTokenObjectCache *cache)
+{
+ NSSSlot *slot = nssToken_GetSlot(cache->token);
+ PRBool tokenPresent = nssSlot_IsTokenPresent(slot);
+ nssSlot_Destroy(slot);
+ return tokenPresent;
+}
+
+static PRBool
+search_for_objects(
+ nssTokenObjectCache *cache)
+{
+ PRBool doSearch = PR_FALSE;
+ NSSSlot *slot = nssToken_GetSlot(cache->token);
+ /* Handle non-friendly slots (slots which require login for objects) */
+ if (!nssSlot_IsFriendly(slot)) {
+ if (nssSlot_IsLoggedIn(slot)) {
+ /* Either no state change, or went from !logged in -> logged in */
+ cache->loggedIn = PR_TRUE;
+ doSearch = PR_TRUE;
+ } else {
+ if (cache->loggedIn) {
+ /* went from logged in -> !logged in, destroy cached objects */
+ clear_cache(cache);
+ cache->loggedIn = PR_FALSE;
+ } /* else no state change, still not logged in, so exit */
+ }
+ } else {
+ /* slot is friendly, thus always available for search */
+ doSearch = PR_TRUE;
+ }
+ nssSlot_Destroy(slot);
+ return doSearch;
+}
+
+static nssCryptokiObjectAndAttributes *
+create_cert(
+ nssCryptokiObject *object,
+ PRStatus *status)
+{
+ static const CK_ATTRIBUTE_TYPE certAttr[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_LABEL,
+ CKA_CERTIFICATE_TYPE,
+ CKA_ID,
+ CKA_VALUE,
+ CKA_ISSUER,
+ CKA_SERIAL_NUMBER,
+ CKA_SUBJECT,
+ CKA_NETSCAPE_EMAIL
+ };
+ static const PRUint32 numCertAttr = sizeof(certAttr) / sizeof(certAttr[0]);
+ return create_object(object, certAttr, numCertAttr, status);
+}
+
+static nssCryptokiObjectAndAttributes *
+create_trust(
+ nssCryptokiObject *object,
+ PRStatus *status)
+{
+ static const CK_ATTRIBUTE_TYPE trustAttr[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_LABEL,
+ CKA_CERT_SHA1_HASH,
+ CKA_CERT_MD5_HASH,
+ CKA_ISSUER,
+ CKA_SUBJECT,
+ CKA_TRUST_SERVER_AUTH,
+ CKA_TRUST_CLIENT_AUTH,
+ CKA_TRUST_EMAIL_PROTECTION,
+ CKA_TRUST_CODE_SIGNING
+ };
+ static const PRUint32 numTrustAttr = sizeof(trustAttr) / sizeof(trustAttr[0]);
+ return create_object(object, trustAttr, numTrustAttr, status);
+}
+
+static nssCryptokiObjectAndAttributes *
+create_crl(
+ nssCryptokiObject *object,
+ PRStatus *status)
+{
+ static const CK_ATTRIBUTE_TYPE crlAttr[] = {
+ CKA_CLASS,
+ CKA_TOKEN,
+ CKA_LABEL,
+ CKA_VALUE,
+ CKA_SUBJECT,
+ CKA_NETSCAPE_KRL,
+ CKA_NETSCAPE_URL
+ };
+ static const PRUint32 numCRLAttr = sizeof(crlAttr) / sizeof(crlAttr[0]);
+ return create_object(object, crlAttr, numCRLAttr, status);
+}
+
+/* Dispatch to the create function for the object type */
+static nssCryptokiObjectAndAttributes *
+create_object_of_type(
+ nssCryptokiObject *object,
+ PRUint32 objectType,
+ PRStatus *status)
+{
+ if (objectType == cachedCerts) {
+ return create_cert(object, status);
+ }
+ if (objectType == cachedTrust) {
+ return create_trust(object, status);
+ }
+ if (objectType == cachedCRLs) {
+ return create_crl(object, status);
+ }
+ return (nssCryptokiObjectAndAttributes *)NULL;
+}
+
+static PRStatus
+get_token_objects_for_cache(
+ nssTokenObjectCache *cache,
+ PRUint32 objectType,
+ CK_OBJECT_CLASS objclass)
+{
+ PRStatus status;
+ nssCryptokiObject **objects;
+ PRBool *doIt = &cache->doObjectType[objectType];
+ PRUint32 i, numObjects;
+
+ if (!search_for_objects(cache) ||
+ cache->searchedObjectType[objectType] ||
+ !cache->doObjectType[objectType]) {
+ /* Either there was a state change that prevents a search
+ * (token logged out), or the search was already done,
+ * or objects of this type are not being cached.
+ */
+ return PR_SUCCESS;
+ }
+ objects = nssToken_FindObjects(cache->token, NULL, objclass,
+ nssTokenSearchType_TokenForced,
+ MAX_LOCAL_CACHE_OBJECTS, &status);
+ if (status != PR_SUCCESS) {
+ return status;
+ }
+ cache->objects[objectType] = create_object_array(objects,
+ doIt,
+ &numObjects,
+ &status);
+ if (status != PR_SUCCESS) {
+ nss_ZFreeIf(objects);
+ return status;
+ }
+ for (i = 0; i < numObjects; i++) {
+ cache->objects[objectType][i] = create_object_of_type(objects[i],
+ objectType,
+ &status);
+ if (status != PR_SUCCESS) {
+ break;
+ }
+ }
+ if (status == PR_SUCCESS) {
+ nss_ZFreeIf(objects);
+ } else {
+ PRUint32 j;
+ for (j = 0; j < i; j++) {
+ /* sigh */
+ nssToken_AddRef(cache->objects[objectType][j]->object->token);
+ nssArena_Destroy(cache->objects[objectType][j]->arena);
+ }
+ nss_ZFreeIf(cache->objects[objectType]);
+ cache->objects[objectType] = NULL;
+ nssCryptokiObjectArray_Destroy(objects);
+ }
+ cache->searchedObjectType[objectType] = PR_TRUE;
+ return status;
+}
+
+static CK_ATTRIBUTE_PTR
+find_attribute_in_object(
+ nssCryptokiObjectAndAttributes *obj,
+ CK_ATTRIBUTE_TYPE attrType)
+{
+ PRUint32 j;
+ for (j = 0; j < obj->numAttributes; j++) {
+ if (attrType == obj->attributes[j].type) {
+ return &obj->attributes[j];
+ }
+ }
+ return (CK_ATTRIBUTE_PTR)NULL;
+}
+
+/* Find all objects in the array that match the supplied template */
+static nssCryptokiObject **
+find_objects_in_array(
+ nssCryptokiObjectAndAttributes **objArray,
+ CK_ATTRIBUTE_PTR ot,
+ CK_ULONG otlen,
+ PRUint32 maximumOpt)
+{
+ PRIntn oi = 0;
+ PRUint32 i;
+ NSSArena *arena;
+ PRUint32 size = 8;
+ PRUint32 numMatches = 0;
+ nssCryptokiObject **objects = NULL;
+ nssCryptokiObjectAndAttributes **matches = NULL;
+ CK_ATTRIBUTE_PTR attr;
+
+ if (!objArray) {
+ return (nssCryptokiObject **)NULL;
+ }
+ arena = nssArena_Create();
+ if (!arena) {
+ return (nssCryptokiObject **)NULL;
+ }
+ matches = nss_ZNEWARRAY(arena, nssCryptokiObjectAndAttributes *, size);
+ if (!matches) {
+ goto loser;
+ }
+ if (maximumOpt == 0)
+ maximumOpt = ~0;
+ /* loop over the cached objects */
+ for (; *objArray && numMatches < maximumOpt; objArray++) {
+ nssCryptokiObjectAndAttributes *obj = *objArray;
+ /* loop over the test template */
+ for (i = 0; i < otlen; i++) {
+ /* see if the object has the attribute */
+ attr = find_attribute_in_object(obj, ot[i].type);
+ if (!attr) {
+ /* nope, match failed */
+ break;
+ }
+ /* compare the attribute against the test value */
+ if (ot[i].ulValueLen != attr->ulValueLen ||
+ !nsslibc_memequal(ot[i].pValue,
+ attr->pValue,
+ attr->ulValueLen, NULL)) {
+ /* nope, match failed */
+ break;
+ }
+ }
+ if (i == otlen) {
+ /* all of the attributes in the test template were found
+ * in the object's template, and they all matched
+ */
+ matches[numMatches++] = obj;
+ if (numMatches == size) {
+ size *= 2;
+ matches = nss_ZREALLOCARRAY(matches,
+ nssCryptokiObjectAndAttributes *,
+ size);
+ if (!matches) {
+ goto loser;
+ }
+ }
+ }
+ }
+ if (numMatches > 0) {
+ objects = nss_ZNEWARRAY(NULL, nssCryptokiObject *, numMatches + 1);
+ if (!objects) {
+ goto loser;
+ }
+ for (oi = 0; oi < (PRIntn)numMatches; oi++) {
+ objects[oi] = nssCryptokiObject_Clone(matches[oi]->object);
+ if (!objects[oi]) {
+ goto loser;
+ }
+ }
+ }
+ nssArena_Destroy(arena);
+ return objects;
+loser:
+ nssCryptokiObjectArray_Destroy(objects);
+ nssArena_Destroy(arena);
+ return (nssCryptokiObject **)NULL;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssTokenObjectCache_FindObjectsByTemplate(
+ nssTokenObjectCache *cache,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR otemplate,
+ CK_ULONG otlen,
+ PRUint32 maximumOpt,
+ PRStatus *statusOpt)
+{
+ PRStatus status = PR_FAILURE;
+ nssCryptokiObject **rvObjects = NULL;
+ PRUint32 objectType;
+ if (!token_is_present(cache)) {
+ status = PR_SUCCESS;
+ goto finish;
+ }
+ switch (objclass) {
+ case CKO_CERTIFICATE:
+ objectType = cachedCerts;
+ break;
+ case CKO_NETSCAPE_TRUST:
+ objectType = cachedTrust;
+ break;
+ case CKO_NETSCAPE_CRL:
+ objectType = cachedCRLs;
+ break;
+ default:
+ goto finish;
+ }
+ PZ_Lock(cache->lock);
+ if (cache->doObjectType[objectType]) {
+ status = get_token_objects_for_cache(cache, objectType, objclass);
+ if (status == PR_SUCCESS) {
+ rvObjects = find_objects_in_array(cache->objects[objectType],
+ otemplate, otlen, maximumOpt);
+ }
+ }
+ PZ_Unlock(cache->lock);
+finish:
+ if (statusOpt) {
+ *statusOpt = status;
+ }
+ return rvObjects;
+}
+
+static PRBool
+cache_available_for_object_type(
+ nssTokenObjectCache *cache,
+ PRUint32 objectType)
+{
+ if (!cache->doObjectType[objectType]) {
+ /* not caching this object kind */
+ return PR_FALSE;
+ }
+ if (!cache->searchedObjectType[objectType]) {
+ /* objects are not cached yet */
+ return PR_FALSE;
+ }
+ if (!search_for_objects(cache)) {
+ /* not logged in */
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+NSS_IMPLEMENT PRStatus
+nssTokenObjectCache_GetObjectAttributes(
+ nssTokenObjectCache *cache,
+ NSSArena *arenaOpt,
+ nssCryptokiObject *object,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR atemplate,
+ CK_ULONG atlen)
+{
+ PRUint32 i, j;
+ NSSArena *arena = NULL;
+ nssArenaMark *mark = NULL;
+ nssCryptokiObjectAndAttributes *cachedOA = NULL;
+ nssCryptokiObjectAndAttributes **oa = NULL;
+ PRUint32 objectType;
+ if (!token_is_present(cache)) {
+ return PR_FAILURE;
+ }
+ PZ_Lock(cache->lock);
+ switch (objclass) {
+ case CKO_CERTIFICATE:
+ objectType = cachedCerts;
+ break;
+ case CKO_NETSCAPE_TRUST:
+ objectType = cachedTrust;
+ break;
+ case CKO_NETSCAPE_CRL:
+ objectType = cachedCRLs;
+ break;
+ default:
+ goto loser;
+ }
+ if (!cache_available_for_object_type(cache, objectType)) {
+ goto loser;
+ }
+ oa = cache->objects[objectType];
+ if (!oa) {
+ goto loser;
+ }
+ for (; *oa; oa++) {
+ if (nssCryptokiObject_Equal((*oa)->object, object)) {
+ cachedOA = *oa;
+ break;
+ }
+ }
+ if (!cachedOA) {
+ goto loser; /* don't have this object */
+ }
+ if (arenaOpt) {
+ arena = arenaOpt;
+ mark = nssArena_Mark(arena);
+ }
+ for (i = 0; i < atlen; i++) {
+ for (j = 0; j < cachedOA->numAttributes; j++) {
+ if (atemplate[i].type == cachedOA->attributes[j].type) {
+ CK_ATTRIBUTE_PTR attr = &cachedOA->attributes[j];
+ if (cachedOA->attributes[j].ulValueLen == 0 ||
+ cachedOA->attributes[j].ulValueLen == (CK_ULONG)-1) {
+ break; /* invalid attribute */
+ }
+ if (atemplate[i].ulValueLen > 0) {
+ if (atemplate[i].pValue == NULL ||
+ atemplate[i].ulValueLen < attr->ulValueLen) {
+ goto loser;
+ }
+ } else {
+ atemplate[i].pValue = nss_ZAlloc(arena, attr->ulValueLen);
+ if (!atemplate[i].pValue) {
+ goto loser;
+ }
+ }
+ nsslibc_memcpy(atemplate[i].pValue,
+ attr->pValue, attr->ulValueLen);
+ atemplate[i].ulValueLen = attr->ulValueLen;
+ break;
+ }
+ }
+ if (j == cachedOA->numAttributes) {
+ atemplate[i].ulValueLen = (CK_ULONG)-1;
+ }
+ }
+ PZ_Unlock(cache->lock);
+ if (mark) {
+ nssArena_Unmark(arena, mark);
+ }
+ return PR_SUCCESS;
+loser:
+ PZ_Unlock(cache->lock);
+ if (mark) {
+ nssArena_Release(arena, mark);
+ }
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+nssTokenObjectCache_ImportObject(
+ nssTokenObjectCache *cache,
+ nssCryptokiObject *object,
+ CK_OBJECT_CLASS objclass,
+ CK_ATTRIBUTE_PTR ot,
+ CK_ULONG otlen)
+{
+ PRStatus status = PR_SUCCESS;
+ PRUint32 count;
+ nssCryptokiObjectAndAttributes **oa, ***otype;
+ PRUint32 objectType;
+ PRBool haveIt = PR_FALSE;
+
+ if (!token_is_present(cache)) {
+ return PR_SUCCESS; /* cache not active, ignored */
+ }
+ PZ_Lock(cache->lock);
+ switch (objclass) {
+ case CKO_CERTIFICATE:
+ objectType = cachedCerts;
+ break;
+ case CKO_NETSCAPE_TRUST:
+ objectType = cachedTrust;
+ break;
+ case CKO_NETSCAPE_CRL:
+ objectType = cachedCRLs;
+ break;
+ default:
+ PZ_Unlock(cache->lock);
+ return PR_SUCCESS; /* don't need to import it here */
+ }
+ if (!cache_available_for_object_type(cache, objectType)) {
+ PZ_Unlock(cache->lock);
+ return PR_SUCCESS; /* cache not active, ignored */
+ }
+ count = 0;
+ otype = &cache->objects[objectType]; /* index into array of types */
+ oa = *otype; /* the array of objects for this type */
+ while (oa && *oa) {
+ if (nssCryptokiObject_Equal((*oa)->object, object)) {
+ haveIt = PR_TRUE;
+ break;
+ }
+ count++;
+ oa++;
+ }
+ if (haveIt) {
+ /* Destroy the old entry */
+ (*oa)->object->token = NULL;
+ nssCryptokiObject_Destroy((*oa)->object);
+ nssArena_Destroy((*oa)->arena);
+ } else {
+ /* Create space for a new entry */
+ if (count > 0) {
+ *otype = nss_ZREALLOCARRAY(*otype,
+ nssCryptokiObjectAndAttributes *,
+ count + 2);
+ } else {
+ *otype = nss_ZNEWARRAY(NULL, nssCryptokiObjectAndAttributes *, 2);
+ }
+ }
+ if (*otype) {
+ nssCryptokiObject *copyObject = nssCryptokiObject_Clone(object);
+ (*otype)[count] = create_object_of_type(copyObject, objectType,
+ &status);
+ } else {
+ status = PR_FAILURE;
+ }
+ PZ_Unlock(cache->lock);
+ return status;
+}
+
+NSS_IMPLEMENT void
+nssTokenObjectCache_RemoveObject(
+ nssTokenObjectCache *cache,
+ nssCryptokiObject *object)
+{
+ PRUint32 oType;
+ nssCryptokiObjectAndAttributes **oa, **swp = NULL;
+ if (!token_is_present(cache)) {
+ return;
+ }
+ PZ_Lock(cache->lock);
+ for (oType = 0; oType < 3; oType++) {
+ if (!cache_available_for_object_type(cache, oType) ||
+ !cache->objects[oType]) {
+ continue;
+ }
+ for (oa = cache->objects[oType]; *oa; oa++) {
+ if (nssCryptokiObject_Equal((*oa)->object, object)) {
+ swp = oa; /* the entry to remove */
+ while (oa[1])
+ oa++; /* go to the tail */
+ (*swp)->object->token = NULL;
+ nssCryptokiObject_Destroy((*swp)->object);
+ nssArena_Destroy((*swp)->arena); /* destroy it */
+ *swp = *oa; /* swap the last with the removed */
+ *oa = NULL; /* null-terminate the array */
+ break;
+ }
+ }
+ if (swp) {
+ break;
+ }
+ }
+ if ((oType < 3) &&
+ cache->objects[oType] && cache->objects[oType][0] == NULL) {
+ nss_ZFreeIf(cache->objects[oType]); /* no entries remaining */
+ cache->objects[oType] = NULL;
+ }
+ PZ_Unlock(cache->lock);
+}
+
+/* These two hash algorithms are presently sufficient.
+** They are used for fingerprints of certs which are stored as the
+** CKA_CERT_SHA1_HASH and CKA_CERT_MD5_HASH attributes.
+** We don't need to add SHAxxx to these now.
+*/
+/* XXX of course this doesn't belong here */
+NSS_IMPLEMENT NSSAlgorithmAndParameters *
+NSSAlgorithmAndParameters_CreateSHA1Digest(
+ NSSArena *arenaOpt)
+{
+ NSSAlgorithmAndParameters *rvAP = NULL;
+ rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
+ if (rvAP) {
+ rvAP->mechanism.mechanism = CKM_SHA_1;
+ rvAP->mechanism.pParameter = NULL;
+ rvAP->mechanism.ulParameterLen = 0;
+ }
+ return rvAP;
+}
+
+NSS_IMPLEMENT NSSAlgorithmAndParameters *
+NSSAlgorithmAndParameters_CreateMD5Digest(
+ NSSArena *arenaOpt)
+{
+ NSSAlgorithmAndParameters *rvAP = NULL;
+ rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
+ if (rvAP) {
+ rvAP->mechanism.mechanism = CKM_MD5;
+ rvAP->mechanism.pParameter = NULL;
+ rvAP->mechanism.ulParameterLen = 0;
+ }
+ return rvAP;
+}
diff --git a/security/nss/lib/dev/exports.gyp b/security/nss/lib/dev/exports.gyp
new file mode 100644
index 000000000..92cf7564b
--- /dev/null
+++ b/security/nss/lib/dev/exports.gyp
@@ -0,0 +1,31 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_dev_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'ckhelper.h',
+ 'dev.h',
+ 'devm.h',
+ 'devt.h',
+ 'devtm.h',
+ 'nssdev.h',
+ 'nssdevt.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/dev/manifest.mn b/security/nss/lib/dev/manifest.mn
new file mode 100644
index 000000000..45c7509fc
--- /dev/null
+++ b/security/nss/lib/dev/manifest.mn
@@ -0,0 +1,35 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+PRIVATE_EXPORTS = \
+ ckhelper.h \
+ devm.h \
+ devtm.h \
+ devt.h \
+ dev.h \
+ nssdevt.h \
+ nssdev.h \
+ $(NULL)
+
+EXPORTS = \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ devslot.c \
+ devtoken.c \
+ devutil.c \
+ ckhelper.c \
+ $(NULL)
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nssdev
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/dev/nssdev.h b/security/nss/lib/dev/nssdev.h
new file mode 100644
index 000000000..1066ec6cd
--- /dev/null
+++ b/security/nss/lib/dev/nssdev.h
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSDEV_H
+#define NSSDEV_H
+
+/*
+ * nssdev.h
+ *
+ * High-level methods for interaction with cryptoki devices
+ */
+
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
+PR_BEGIN_EXTERN_C
+
+/* NSSAlgorithmAndParameters
+ *
+ * NSSAlgorithmAndParameters_CreateSHA1Digest
+ * NSSAlgorithmAndParameters_CreateMD5Digest
+ */
+
+NSS_EXTERN NSSAlgorithmAndParameters *
+NSSAlgorithmAndParameters_CreateSHA1Digest(
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSAlgorithmAndParameters *
+NSSAlgorithmAndParameters_CreateMD5Digest(
+ NSSArena *arenaOpt);
+
+PR_END_EXTERN_C
+
+#endif /* DEV_H */
diff --git a/security/nss/lib/dev/nssdevt.h b/security/nss/lib/dev/nssdevt.h
new file mode 100644
index 000000000..b7b7b1e49
--- /dev/null
+++ b/security/nss/lib/dev/nssdevt.h
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSDEVT_H
+#define NSSDEVT_H
+
+/*
+ * nssdevt.h
+ *
+ * This file contains definitions for the low-level cryptoki devices.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef NSSPKIT_H
+#include "nsspkit.h"
+#endif /* NSSPKIT_H */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * NSSModule and NSSSlot -- placeholders for the PKCS#11 types
+ */
+
+typedef struct NSSModuleStr NSSModule;
+
+typedef struct NSSSlotStr NSSSlot;
+
+typedef struct NSSTokenStr NSSToken;
+
+PR_END_EXTERN_C
+
+#endif /* NSSDEVT_H */
diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile
new file mode 100644
index 000000000..0ce1425f1
--- /dev/null
+++ b/security/nss/lib/freebl/Makefile
@@ -0,0 +1,764 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+# default for all platforms
+# unset this on those that have multiple freebl libraries
+FREEBL_BUILD_SINGLE_SHLIB = 1
+
+ifdef USE_64
+ DEFINES += -DNSS_USE_64
+endif
+
+ifdef USE_ABI32_FPU
+ DEFINES += -DNSS_USE_ABI32_FPU
+endif
+
+ifeq ($(FREEBL_NO_DEPEND),1)
+ DEFINES += -DFREEBL_NO_DEPEND
+ STUBS_SRCS = stubs.c
+endif
+
+ifeq ($(FREEBL_LOWHASH),1)
+ DEFINES += -DFREEBL_LOWHASH
+ LOWHASH_SRCS = nsslowhash.c
+ LOWHASH_EXPORTS = nsslowhash.h
+ MAPFILE_SOURCE = freebl_hash_vector.def
+ NEED_STUB_BUILD = 1
+else
+ MAPFILE_SOURCE = freebl.def
+endif
+
+ifdef USE_STUB_BUILD
+ CSRCS = lowhash_vector.c
+ SIMPLE_OBJS = $(CSRCS:.c=$(OBJ_SUFFIX))
+ OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS))
+ ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \
+ $(NOSUCHFILE) so_locations
+ MAPFILE_SOURCE = freebl_hash.def
+endif
+
+# FREEBL_USE_PRELINK
+#
+# Most modern version of Linux support a speed optimization scheme where an
+# application called prelink modifies programs and shared libraries to quickly
+# load if they fit into an already designed address space. In short, prelink
+# scans the list of programs and libraries on your system, assigns them a
+# predefined space in the the address space, then provides the fixups to the
+# library.
+#
+# The modification of the shared library is correctly detected by the freebl
+# FIPS checksum scheme where we check a signed hash of the library against the
+# library itself.
+#
+# The prelink command itself can reverse the process of modification and output
+# the prestine shared library as it was before prelink made it's changes.
+# This option tells Freebl could use prelink to output the original copy of
+# the shared library before prelink modified it.
+#
+# FREEBL_PRELINK_COMMAND
+#
+# This is an optional environment variable which can override the default
+# prelink command. It could be used on systems that did something similiar to
+# prelink but used a different command and syntax. The only requirement is the
+# program must take the library as the last argument, the program must output
+# the original library to standard out, and the program does not need to take
+# any quoted or imbedded spaces in its arguments (except the path to the
+# library itself, which can have imbedded spaces or special characters).
+#
+ifdef FREEBL_USE_PRELINK
+ DEFINES += -DFREEBL_USE_PRELINK
+ifdef LINUX
+ DEFINES += -D__GNU_SOURCE=1
+endif
+endif
+ifdef NSS_NO_INIT_SUPPORT
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif
+
+ifdef FREEBL_PRELINK_COMMAND
+ DEFINES +=-DFREEBL_PRELINK_COMMAND=\"$(FREEBL_PRELINK_COMMAND)\"
+endif
+# NSS_X86 means the target is a 32-bits x86 CPU architecture
+# NSS_X64 means the target is a 64-bits 64 CPU architecture
+# NSS_X86_OR_X64 means the target is either x86 or x64
+ifeq (,$(filter-out i386 x386 x86 x86_64,$(CPU_ARCH)))
+ DEFINES += -DNSS_X86_OR_X64
+ifneq (,$(USE_64)$(USE_X32))
+ DEFINES += -DNSS_X64
+else
+ DEFINES += -DNSS_X86
+endif
+endif
+
+ifeq ($(OS_TARGET),OSF1)
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_NO_MP_WORD
+ MPI_SRCS += mpvalpha.c
+endif
+
+ifeq (OS2,$(OS_TARGET))
+ ASFILES = mpi_x86_os2.s
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
+ DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
+ DEFINES += -DMP_IS_LITTLE_ENDIAN
+endif
+
+ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))
+ifndef USE_64
+# 32-bit Windows
+ifdef NS_USE_GCC
+# Ideally, we want to use assembler
+# ASFILES = mpi_x86.s
+# DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE \
+# -DMP_ASSEMBLY_DIV_2DX1D
+# but we haven't figured out how to make it work, so we are not
+# using assembler right now.
+ ASFILES =
+ DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT
+else
+# MSVC
+ MPI_SRCS += mpi_x86_asm.c
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
+ ifdef BUILD_OPT
+ OPTIMIZER += -Ox # maximum optimization for freebl
+ endif
+ # The Intel AES assembly code requires Visual C++ 2010.
+ # if $(_MSC_VER) >= 1600 (Visual C++ 2010)
+ ifeq ($(firstword $(sort $(_MSC_VER) 1600)),1600)
+ DEFINES += -DUSE_HW_AES -DINTEL_GCM
+ ASFILES += intel-aes-x86-masm.asm intel-gcm-x86-masm.asm
+ EXTRA_SRCS += intel-gcm-wrap.c
+ ifeq ($(CLANG_CL),1)
+ INTEL_GCM_CLANG_CL = 1
+ endif
+ endif
+endif
+else
+ # -DMP_NO_MP_WORD
+ DEFINES += -DMP_IS_LITTLE_ENDIAN
+ifdef NS_USE_GCC
+# Ideally, we should use amd64 assembly code, but it's not yet mingw-w64
+# compatible.
+else
+# MSVC
+ ifdef BUILD_OPT
+ OPTIMIZER += -Ox # maximum optimization for freebl
+ endif
+ ASFILES = arcfour-amd64-masm.asm mpi_amd64_masm.asm mp_comba_amd64_masm.asm
+ DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY
+ DEFINES += -DNSS_USE_COMBA
+ # The Intel AES assembly code requires Visual C++ 2010 (10.0). The _xgetbv
+ # compiler intrinsic function requires Visual C++ 2010 (10.0) SP1.
+ ifeq ($(_MSC_VER_GE_10SP1),1)
+ DEFINES += -DUSE_HW_AES -DINTEL_GCM
+ ASFILES += intel-aes-x64-masm.asm intel-gcm-x64-masm.asm
+ EXTRA_SRCS += intel-gcm-wrap.c
+ ifeq ($(CLANG_CL),1)
+ INTEL_GCM_CLANG_CL = 1
+ endif
+ endif
+ MPI_SRCS += mpi_amd64.c
+endif
+endif
+endif
+
+ifeq ($(OS_TARGET),IRIX)
+ifeq ($(USE_N32),1)
+ ASFILES = mpi_mips.s
+ ifeq ($(NS_USE_GCC),1)
+ ASFLAGS = -Wp,-P -Wp,-traditional -O -mips3
+ else
+ ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3
+ endif
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_USE_UINT_DIGIT
+endif
+endif
+
+ifeq ($(OS_TARGET),Darwin)
+ifeq ($(CPU_ARCH),x86)
+ ASFILES = mpi_sse2.s
+ DEFINES += -DMP_USE_UINT_DIGIT
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
+endif
+endif # Darwin
+
+ifeq ($(OS_TARGET),Linux)
+ifeq ($(CPU_ARCH),x86_64)
+ ASFILES = arcfour-amd64-gas.s mpi_amd64_gas.s
+ ASFLAGS += -fPIC -Wa,--noexecstack
+ DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY
+ DEFINES += -DNSS_USE_COMBA
+ DEFINES += -DMP_IS_LITTLE_ENDIAN
+# DEFINES += -DMPI_AMD64_ADD
+ # comment the next four lines to turn off Intel HW acceleration.
+ DEFINES += -DUSE_HW_AES -DINTEL_GCM
+ ASFILES += intel-aes.s intel-gcm.s
+ EXTRA_SRCS += intel-gcm-wrap.c
+ INTEL_GCM = 1
+ MPI_SRCS += mpi_amd64.c mp_comba.c
+endif
+ifeq ($(CPU_ARCH),x86)
+ ASFILES = mpi_x86.s
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT
+ DEFINES += -DMP_IS_LITTLE_ENDIAN
+ # The floating point ECC code doesn't work on Linux x86 (bug 311432).
+ #ECL_USE_FP = 1
+endif
+ifeq ($(CPU_ARCH),arm)
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_USE_UINT_DIGIT
+ DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512
+ MPI_SRCS += mpi_arm.c
+endif
+ifeq ($(CPU_ARCH),ppc)
+ifdef USE_64
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif # USE_64
+endif # ppc
+endif # Linux
+
+ifeq ($(OS_TARGET),AIX)
+ DEFINES += -DMP_USE_UINT_DIGIT
+ ifndef USE_64
+ DEFINES += -DMP_NO_DIV_WORD -DMP_NO_ADD_WORD -DMP_NO_SUB_WORD
+ endif
+endif # AIX
+
+ifeq ($(OS_TARGET), HP-UX)
+ifneq ($(OS_TEST), ia64)
+# PA-RISC
+ASFILES += ret_cr16.s
+ifndef USE_64
+ FREEBL_BUILD_SINGLE_SHLIB =
+ HAVE_ABI32_INT32 = 1
+ HAVE_ABI32_FPU = 1
+endif
+ifdef FREEBL_CHILD_BUILD
+ifdef USE_ABI32_INT32
+# build for DA1.1 (HP PA 1.1) 32-bit ABI build with 32-bit arithmetic
+ DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
+ DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512
+else
+ifdef USE_64
+# this builds for DA2.0W (HP PA 2.0 Wide), the LP64 ABI, using 64-bit digits
+ MPI_SRCS += mpi_hp.c
+ ASFILES += hpma512.s hppa20.s
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+else
+# this builds for DA2.0 (HP PA 2.0 Narrow) ABI32_FPU model
+# (the 32-bit ABI with 64-bit registers) using 64-bit digits
+ MPI_SRCS += mpi_hp.c
+ ASFILES += hpma512.s hppa20.s
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ifndef NS_USE_GCC
+ ARCHFLAG = -Aa +e +DA2.0 +DS2.0
+endif
+endif
+endif
+endif
+endif
+endif
+
+# The blapi functions are defined not only in the freebl shared
+# libraries but also in the shared libraries linked with loader.c
+# (libsoftokn3.so and libssl3.so). We need to use GNU ld's
+# -Bsymbolic option or the equivalent option for other linkers
+# to bind the blapi function references in FREEBLVector vector
+# (ldvector.c) to the blapi functions defined in the freebl
+# shared libraries.
+ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
+ MKSHLIB += -Wl,-Bsymbolic
+endif
+
+ifeq ($(OS_TARGET),SunOS)
+
+ifdef NS_USE_GCC
+ ifdef GCC_USE_GNU_LD
+ MKSHLIB += -Wl,-Bsymbolic,-z,now,-z,text
+ else
+ MKSHLIB += -Wl,-B,symbolic,-z,now,-z,text
+ endif # GCC_USE_GNU_LD
+else
+ MKSHLIB += -B symbolic -z now -z text
+endif # NS_USE_GCC
+
+# Sun's WorkShop defines v8, v8plus and v9 architectures.
+# gcc on Solaris defines v8 and v9 "cpus".
+# gcc's v9 is equivalent to Workshop's v8plus.
+# gcc's -m64 is equivalent to Workshop's v9
+# We always use Sun's assembler, which uses Sun's naming convention.
+ifeq ($(CPU_ARCH),sparc)
+ FREEBL_BUILD_SINGLE_SHLIB=
+ ifdef USE_64
+ HAVE_ABI64_INT = 1
+ HAVE_ABI64_FPU = 1
+ else
+ HAVE_ABI32_FPU = 1
+ HAVE_ABI32_INT64 = 1
+ endif
+ SYSV_SPARC = 1
+ SOLARIS_AS = /usr/ccs/bin/as
+ #### set arch, asm, c flags
+ ifdef NS_USE_GCC
+ ifdef USE_ABI32_INT64
+ ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plus
+ SOLARIS_AS_FLAGS = -xarch=v8plus -K PIC
+ endif
+ ifdef USE_ABI32_FPU
+ ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plusa
+ SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC
+ endif # USE_ABI32_FPU
+ ifdef USE_ABI64_INT
+ # this builds for Sparc v9a pure 64-bit architecture
+ ARCHFLAG += -mcpu=v9 -Wa,-xarch=v9
+ SOLARIS_AS_FLAGS = -xarch=v9 -K PIC
+ endif
+ ifdef USE_ABI64_FPU
+ # this builds for Sparc v9a pure 64-bit architecture
+ # It uses floating point, and 32-bit word size
+ ARCHFLAG += -mcpu=v9 -Wa,-xarch=v9a
+ SOLARIS_AS_FLAGS = -xarch=v9a -K PIC
+ endif
+ else # NS_USE_GCC
+ # FPU_TARGET_OPTIMIZER specifies the target processor and cache
+ # properties of the ABI32_FPU and ABI64_FPU architectures for use
+ # by the optimizer.
+ ifeq (,$(findstring Sun WorkShop 6,$(shell $(CC) -V 2>&1)))
+ # if the compiler is not Forte 6
+ FPU_TARGET_OPTIMIZER = -xcache=64/32/4:1024/64/4 -xchip=ultra3
+ else
+ # Forte 6 C compiler generates incorrect code for rijndael.c
+ # if -xchip=ultra3 is used (Bugzilla bug 333925). So we revert
+ # to what we used in NSS 3.10.
+ FPU_TARGET_OPTIMIZER = -xchip=ultra2
+ endif
+ ifdef USE_ABI32_INT64
+ # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers,
+ # 32-bit ABI, it uses 64-bit words, integer arithmetic,
+ # no FPU (non-VIS cpus).
+ # These flags were suggested by the compiler group for building
+ # with SunStudio 10.
+ ifdef BUILD_OPT
+ SOL_CFLAGS += -xO4
+ endif
+ SOL_CFLAGS += -xtarget=generic
+ ARCHFLAG = -xarch=v8plus
+ SOLARIS_AS_FLAGS = -xarch=v8plus -K PIC
+ endif
+ ifdef USE_ABI32_FPU
+ # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers,
+ # 32-bit ABI, it uses FPU code, and 32-bit word size.
+ # these flags were determined by running cc -### -fast and copying
+ # the generated flag settings
+ SOL_CFLAGS += -fsingle -xmemalign=8s
+ ifdef BUILD_OPT
+ SOL_CFLAGS += -D__MATHERR_ERRNO_DONTCARE -fsimple=1
+ SOL_CFLAGS += -xalias_level=basic -xbuiltin=%all
+ SOL_CFLAGS += $(FPU_TARGET_OPTIMIZER) -xdepend
+ SOL_CFLAGS += -xlibmil -xO5
+ endif
+ ARCHFLAG = -xarch=v8plusa
+ SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC
+ endif
+ ifdef USE_ABI64_INT
+ # this builds for Sparc v9a pure 64-bit architecture,
+ # no FPU (non-VIS cpus). For building with SunStudio 10.
+ ifdef BUILD_OPT
+ SOL_CFLAGS += -xO4
+ endif
+ SOL_CFLAGS += -xtarget=generic
+ ARCHFLAG = -xarch=v9
+ SOLARIS_AS_FLAGS = -xarch=v9 -K PIC
+ endif
+ ifdef USE_ABI64_FPU
+ # this builds for Sparc v9a pure 64-bit architecture
+ # It uses floating point, and 32-bit word size.
+ # See comment for USE_ABI32_FPU.
+ SOL_CFLAGS += -fsingle -xmemalign=8s
+ ifdef BUILD_OPT
+ SOL_CFLAGS += -D__MATHERR_ERRNO_DONTCARE -fsimple=1
+ SOL_CFLAGS += -xalias_level=basic -xbuiltin=%all
+ SOL_CFLAGS += $(FPU_TARGET_OPTIMIZER) -xdepend
+ SOL_CFLAGS += -xlibmil -xO5
+ endif
+ ARCHFLAG = -xarch=v9a
+ SOLARIS_AS_FLAGS = -xarch=v9a -K PIC
+ endif
+ endif # NS_USE_GCC
+
+ ### set flags for both GCC and Sun cc
+ ifdef USE_ABI32_INT64
+ # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers,
+ # 32-bit ABI, it uses 64-bit words, integer arithmetic, no FPU
+ # best times are with no MP_ flags specified
+ endif
+ ifdef USE_ABI32_FPU
+ # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers,
+ # 32-bit ABI, it uses FPU code, and 32-bit word size
+ MPI_SRCS += mpi_sparc.c
+ ASFILES = mpv_sparcv8.s montmulfv8.s
+ DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT -DMP_ASSEMBLY_MULTIPLY
+ DEFINES += -DMP_USING_MONT_MULF -DMP_MONT_USE_MP_MUL
+ ECL_USE_FP = 1
+ endif
+ ifdef USE_ABI64_INT
+ # this builds for Sparc v9a pure 64-bit architecture
+ # best times are with no MP_ flags specified
+ endif
+ ifdef USE_ABI64_FPU
+ # this builds for Sparc v9a pure 64-bit architecture
+ # It uses floating point, and 32-bit word size
+ MPI_SRCS += mpi_sparc.c
+ ASFILES = mpv_sparcv9.s montmulfv9.s
+ DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT -DMP_ASSEMBLY_MULTIPLY
+ DEFINES += -DMP_USING_MONT_MULF -DMP_MONT_USE_MP_MUL
+ ECL_USE_FP = 1
+ endif
+
+else
+ # Solaris for non-sparc family CPUs
+ ifdef NS_USE_GCC
+ LD = gcc
+ AS = gcc
+ ASFLAGS = -x assembler-with-cpp
+ endif
+ ifeq ($(USE_64),1)
+ # Solaris for AMD64
+ ifdef NS_USE_GCC
+ ASFILES = arcfour-amd64-gas.s mpi_amd64_gas.s
+ ASFLAGS += -march=opteron -m64 -fPIC
+ MPI_SRCS += mp_comba.c
+ # comment the next four lines to turn off Intel HW acceleration
+ ASFILES += intel-gcm.s
+ EXTRA_SRCS += intel-gcm-wrap.c
+ INTEL_GCM = 1
+ DEFINES += -DINTEL_GCM
+ else
+ ASFILES = arcfour-amd64-sun.s mpi_amd64_sun.s sha-fast-amd64-sun.s
+ ASFILES += mp_comba_amd64_sun.s mpcpucache_amd64.s
+ ASFLAGS += -xarch=generic64 -K PIC
+ SOL_CFLAGS += -xprefetch=no
+ SHA_SRCS =
+ MPCPU_SRCS =
+ # Intel acceleration for GCM does not build currently with Studio
+ endif
+ DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY
+ DEFINES += -DNSS_USE_COMBA -DMP_IS_LITTLE_ENDIAN
+ # comment the next two lines to turn off Intel HW acceleration
+ DEFINES += -DUSE_HW_AES
+ ASFILES += intel-aes.s
+ MPI_SRCS += mpi_amd64.c
+ else
+ # Solaris x86
+ DEFINES += -DMP_USE_UINT_DIGIT
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
+ ASFILES = mpi_i86pc.s
+ ifndef NS_USE_GCC
+ MPCPU_SRCS =
+ ASFILES += mpcpucache_x86.s
+ endif
+ endif
+endif # Solaris for non-sparc family CPUs
+endif # target == SunOS
+
+ifndef NSS_DISABLE_ECC
+ ifdef ECL_USE_FP
+ #enable floating point ECC code
+ DEFINES += -DECL_USE_FP
+ ECL_SRCS += ecp_fp160.c ecp_fp192.c ecp_fp224.c ecp_fp.c
+ ECL_HDRS += ecp_fp.h
+ endif
+endif
+
+# poly1305-donna-x64-sse2-incremental-source.c requires __int128 support
+# in GCC 4.6.0.
+ifdef USE_64
+ ifdef CC_IS_CLANG
+ HAVE_INT128_SUPPORT = 1
+ DEFINES += -DHAVE_INT128_SUPPORT
+ else ifeq (1,$(CC_IS_GCC))
+ ifneq (,$(filter 4.6 4.7 4.8 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION))))
+ HAVE_INT128_SUPPORT = 1
+ DEFINES += -DHAVE_INT128_SUPPORT
+ endif
+ ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION))))
+ HAVE_INT128_SUPPORT = 1
+ DEFINES += -DHAVE_INT128_SUPPORT
+ endif
+ endif
+endif
+
+ifndef NSS_DISABLE_CHACHAPOLY
+ ifeq ($(CPU_ARCH),x86_64)
+ ifdef HAVE_INT128_SUPPORT
+ EXTRA_SRCS += poly1305-donna-x64-sse2-incremental-source.c
+ else
+ EXTRA_SRCS += poly1305.c
+ endif
+
+ ifneq (1,$(CC_IS_GCC))
+ EXTRA_SRCS += chacha20.c
+ else
+ EXTRA_SRCS += chacha20_vec.c
+ endif
+ else
+ EXTRA_SRCS += poly1305.c
+ EXTRA_SRCS += chacha20.c
+ endif # x86_64
+endif # NSS_DISABLE_CHACHAPOLY
+
+ifeq (,$(filter-out i386 x386 x86 x86_64,$(CPU_ARCH)))
+ # All intel architectures get the 64 bit version
+ # With custom uint128 if necessary (faster than generic 32 bit version).
+ ECL_SRCS += curve25519_64.c
+else
+ # All non intel architectures get the generic 32 bit implementation (slow!)
+ ECL_SRCS += curve25519_32.c
+endif
+
+ifndef HAVE_INT128_SUPPORT
+ ECL_SRCS += uint128.c
+endif
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+rijndael_tables:
+ $(CC) -o $(OBJDIR)/make_rijndael_tab rijndael_tables.c \
+ $(DEFINES) $(INCLUDES) $(OBJDIR)/libfreebl.a
+ $(OBJDIR)/make_rijndael_tab
+
+vpath %.h mpi ecl
+vpath %.c mpi ecl
+vpath %.S mpi ecl
+vpath %.s mpi ecl
+vpath %.asm mpi ecl
+INCLUDES += -Impi -Iecl
+
+
+DEFINES += -DMP_API_COMPATIBLE
+
+MPI_USERS = dh.c pqg.c dsa.c rsa.c ec.c
+
+MPI_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_SRCS:.c=$(OBJ_SUFFIX)))
+MPI_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_USERS:.c=$(OBJ_SUFFIX)))
+
+$(MPI_OBJS): $(MPI_HDRS)
+
+ECL_USERS = ec.c
+
+ECL_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(ECL_SRCS:.c=$(OBJ_SUFFIX)) $(ECL_ASM_SRCS:$(ASM_SUFFIX)=$(OBJ_SUFFIX)))
+ECL_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(ECL_USERS:.c=$(OBJ_SUFFIX)))
+
+$(ECL_OBJS): $(ECL_HDRS)
+
+
+
+$(OBJDIR)/sysrand$(OBJ_SUFFIX): sysrand.c unix_rand.c win_rand.c os2_rand.c
+
+$(OBJDIR)/$(PROG_PREFIX)mpprime$(OBJ_SUFFIX): primes.c
+
+$(OBJDIR)/ldvector$(OBJ_SUFFIX) $(OBJDIR)/loader$(OBJ_SUFFIX) : loader.h
+
+ifeq ($(SYSV_SPARC),1)
+
+$(OBJDIR)/mpv_sparcv8.o $(OBJDIR)/mpv_sparcv8x.o $(OBJDIR)/montmulfv8.o : $(OBJDIR)/%.o : %.s
+ @$(MAKE_OBJDIR)
+ $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $<
+
+$(OBJDIR)/mpv_sparcv9.o $(OBJDIR)/montmulfv9.o : $(OBJDIR)/%.o : %.s
+ @$(MAKE_OBJDIR)
+ $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $<
+
+$(OBJDIR)/mpmontg.o: mpmontg.c montmulf.h
+
+endif
+
+ifndef FREEBL_CHILD_BUILD
+
+# Parent build. This is where we decide which shared libraries to build
+
+ifdef FREEBL_BUILD_SINGLE_SHLIB
+
+################### Single shared lib stuff #########################
+SINGLE_SHLIB_DIR = $(OBJDIR)/$(OS_TARGET)_SINGLE_SHLIB
+ALL_TRASH += $(SINGLE_SHLIB_DIR)
+
+$(SINGLE_SHLIB_DIR):
+ -mkdir -p $(SINGLE_SHLIB_DIR)
+
+release_md libs:: $(SINGLE_SHLIB_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 \
+ OBJDIR=$(SINGLE_SHLIB_DIR) $@
+######################## common stuff #########################
+
+endif
+
+ifdef NEED_STUB_BUILD
+SINGLE_SHLIB_DIR = $(OBJDIR)/$(OS_TARGET)_SINGLE_SHLIB
+ALL_TRASH += $(SINGLE_SHLIB_DIR)
+$(SINGLE_SHLIB_DIR):
+ -mkdir $(SINGLE_SHLIB_DIR)
+
+release_md libs:: $(SINGLE_SHLIB_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 USE_STUB_BUILD=1 \
+ OBJDIR=$(SINGLE_SHLIB_DIR) $@
+endif
+
+# multiple shared libraries
+
+######################## ABI32_FPU stuff #########################
+ifdef HAVE_ABI32_FPU
+ABI32_FPU_DIR = $(OBJDIR)/$(OS_TARGET)_ABI32_FPU
+ALL_TRASH += $(ABI32_FPU_DIR)
+
+$(ABI32_FPU_DIR):
+ -mkdir $(ABI32_FPU_DIR)
+
+release_md libs:: $(ABI32_FPU_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 USE_ABI32_FPU=1 \
+ OBJDIR=$(ABI32_FPU_DIR) $@
+endif
+
+######################## ABI32_INT32 stuff #########################
+ifdef HAVE_ABI32_INT32
+ABI32_INT32_DIR = $(OBJDIR)/$(OS_TARGET)_ABI32_INT32
+ALL_TRASH += $(ABI32_INT32_DIR)
+
+$(ABI32_INT32_DIR):
+ -mkdir $(ABI32_INT32_DIR)
+
+release_md libs:: $(ABI32_INT32_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 USE_ABI32_INT32=1 \
+ OBJDIR=$(ABI32_INT32_DIR) $@
+endif
+
+######################## ABI32_INT64 stuff #########################
+ifdef HAVE_ABI32_INT64
+ABI32_INT64_DIR = $(OBJDIR)/$(OS_TARGET)_ABI32_INT64
+ALL_TRASH += $(ABI32_INT64_DIR)
+
+$(ABI32_INT64_DIR):
+ -mkdir $(ABI32_INT64_DIR)
+
+release_md libs:: $(ABI32_INT64_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 USE_ABI32_INT64=1\
+ OBJDIR=$(ABI32_INT64_DIR) $@
+endif
+
+######################## END of 32-bit stuff #########################
+
+# above is 32-bit builds, below is 64-bit builds
+
+######################## ABI64_FPU stuff #########################
+ifdef HAVE_ABI64_FPU
+ABI64_FPU_DIR = $(OBJDIR)/$(OS_TARGET)_ABI64_FPU
+ALL_TRASH += $(ABI64_FPU_DIR)
+
+$(ABI64_FPU_DIR):
+ -mkdir $(ABI64_FPU_DIR)
+
+release_md libs:: $(ABI64_FPU_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 USE_ABI64_FPU=1 \
+ OBJDIR=$(ABI64_FPU_DIR) $@
+endif
+
+######################## ABI64_INT stuff #########################
+ifdef HAVE_ABI64_INT
+ABI64_INT_DIR = $(OBJDIR)/$(OS_TARGET)_ABI64_INT
+ALL_TRASH += $(ABI64_INT_DIR)
+
+$(ABI64_INT_DIR):
+ -mkdir $(ABI64_INT_DIR)
+
+release_md libs:: $(ABI64_INT_DIR)
+ $(MAKE) FREEBL_CHILD_BUILD=1 USE_ABI64_INT=1 \
+ OBJDIR=$(ABI64_INT_DIR) $@
+endif
+
+endif # FREEBL_CHILD_BUILD
+
+
+# Bugzilla Bug 333917: the non-x86 code in desblapi.c seems to violate
+# ANSI C's strict aliasing rules.
+ifeq ($(OS_TARGET),Linux)
+ifneq ($(CPU_ARCH),x86)
+$(OBJDIR)/$(PROG_PREFIX)desblapi$(OBJ_SUFFIX): desblapi.c
+ @$(MAKE_OBJDIR)
+ifdef NEED_ABSOLUTE_PATH
+ $(CC) -o $@ -c $(CFLAGS) -fno-strict-aliasing $(call core_abspath,$<)
+else
+ $(CC) -o $@ -c $(CFLAGS) -fno-strict-aliasing $<
+endif
+endif
+endif
+
+ifdef INTEL_GCM
+#
+# GCM binary needs -mssse3
+#
+$(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3
+
+# The integrated assembler in Clang 3.2 does not support % in the
+# expression of a .set directive. intel-gcm.s uses .set to give
+# symbolic names to registers, for example,
+# .set Htbl, %rdi
+# So we can't use Clang's integrated assembler with intel-gcm.s.
+ifdef CC_IS_CLANG
+$(OBJDIR)/$(PROG_PREFIX)intel-gcm$(OBJ_SUFFIX): CFLAGS += -no-integrated-as
+endif
+endif
+
+ifdef INTEL_GCM_CLANG_CL
+#
+# clang-cl needs -mssse3
+#
+$(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3
+endif
diff --git a/security/nss/lib/freebl/aeskeywrap.c b/security/nss/lib/freebl/aeskeywrap.c
new file mode 100644
index 000000000..79ff8a852
--- /dev/null
+++ b/security/nss/lib/freebl/aeskeywrap.c
@@ -0,0 +1,389 @@
+/*
+ * aeskeywrap.c - implement AES Key Wrap algorithm from RFC 3394
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prcpucfg.h"
+#if defined(IS_LITTLE_ENDIAN) || defined(SHA_NO_LONG_LONG)
+#define BIG_ENDIAN_WITH_64_BIT_REGISTERS 0
+#else
+#define BIG_ENDIAN_WITH_64_BIT_REGISTERS 1
+#endif
+#include "prtypes.h" /* for PRUintXX */
+#include "secport.h" /* for PORT_XXX */
+#include "secerr.h"
+#include "blapi.h" /* for AES_ functions */
+#include "rijndael.h"
+
+struct AESKeyWrapContextStr {
+ unsigned char iv[AES_KEY_WRAP_IV_BYTES];
+ AESContext aescx;
+};
+
+/******************************************/
+/*
+** AES key wrap algorithm, RFC 3394
+*/
+
+AESKeyWrapContext *
+AESKeyWrap_AllocateContext(void)
+{
+ AESKeyWrapContext *cx = PORT_New(AESKeyWrapContext);
+ return cx;
+}
+
+SECStatus
+AESKeyWrap_InitContext(AESKeyWrapContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int x1,
+ unsigned int encrypt,
+ unsigned int x2)
+{
+ SECStatus rv = SECFailure;
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (iv) {
+ memcpy(cx->iv, iv, sizeof cx->iv);
+ } else {
+ memset(cx->iv, 0xA6, sizeof cx->iv);
+ }
+ rv = AES_InitContext(&cx->aescx, key, keylen, NULL, NSS_AES, encrypt,
+ AES_BLOCK_SIZE);
+ return rv;
+}
+
+/*
+** Create a new AES context suitable for AES encryption/decryption.
+** "key" raw key data
+** "keylen" the number of bytes of key data (16, 24, or 32)
+*/
+extern AESKeyWrapContext *
+AESKeyWrap_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int encrypt, unsigned int keylen)
+{
+ SECStatus rv;
+ AESKeyWrapContext *cx = AESKeyWrap_AllocateContext();
+ if (!cx)
+ return NULL; /* error is already set */
+ rv = AESKeyWrap_InitContext(cx, key, keylen, iv, 0, encrypt, 0);
+ if (rv != SECSuccess) {
+ PORT_Free(cx);
+ cx = NULL; /* error should already be set */
+ }
+ return cx;
+}
+
+/*
+** Destroy a AES KeyWrap context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void
+AESKeyWrap_DestroyContext(AESKeyWrapContext *cx, PRBool freeit)
+{
+ if (cx) {
+ AES_DestroyContext(&cx->aescx, PR_FALSE);
+ /* memset(cx, 0, sizeof *cx); */
+ if (freeit)
+ PORT_Free(cx);
+ }
+}
+
+#if !BIG_ENDIAN_WITH_64_BIT_REGISTERS
+
+/* The AES Key Wrap algorithm has 64-bit values that are ALWAYS big-endian
+** (Most significant byte first) in memory. The only ALU operations done
+** on them are increment, decrement, and XOR. So, on little-endian CPUs,
+** and on CPUs that lack 64-bit registers, these big-endian 64-bit operations
+** are simulated in the following code. This is thought to be faster and
+** simpler than trying to convert the data to little-endian and back.
+*/
+
+/* A and T point to two 64-bit values stored most signficant byte first
+** (big endian). This function increments the 64-bit value T, and then
+** XORs it with A, changing A.
+*/
+static void
+increment_and_xor(unsigned char *A, unsigned char *T)
+{
+ if (!++T[7])
+ if (!++T[6])
+ if (!++T[5])
+ if (!++T[4])
+ if (!++T[3])
+ if (!++T[2])
+ if (!++T[1])
+ ++T[0];
+
+ A[0] ^= T[0];
+ A[1] ^= T[1];
+ A[2] ^= T[2];
+ A[3] ^= T[3];
+ A[4] ^= T[4];
+ A[5] ^= T[5];
+ A[6] ^= T[6];
+ A[7] ^= T[7];
+}
+
+/* A and T point to two 64-bit values stored most signficant byte first
+** (big endian). This function XORs T with A, giving a new A, then
+** decrements the 64-bit value T.
+*/
+static void
+xor_and_decrement(PRUint64 *A, PRUint64 *T)
+{
+ unsigned char *TP = (unsigned char *)T;
+ const PRUint64 mask = 0xFF;
+ *A = ((*A & mask << 56) ^ (*T & mask << 56)) |
+ ((*A & mask << 48) ^ (*T & mask << 48)) |
+ ((*A & mask << 40) ^ (*T & mask << 40)) |
+ ((*A & mask << 32) ^ (*T & mask << 32)) |
+ ((*A & mask << 24) ^ (*T & mask << 23)) |
+ ((*A & mask << 16) ^ (*T & mask << 16)) |
+ ((*A & mask << 8) ^ (*T & mask << 8)) |
+ ((*A & mask) ^ (*T & mask));
+
+ if (!TP[7]--)
+ if (!TP[6]--)
+ if (!TP[5]--)
+ if (!TP[4]--)
+ if (!TP[3]--)
+ if (!TP[2]--)
+ if (!TP[1]--)
+ TP[0]--;
+}
+
+/* Given an unsigned long t (in host byte order), store this value as a
+** 64-bit big-endian value (MSB first) in *pt.
+*/
+static void
+set_t(unsigned char *pt, unsigned long t)
+{
+ pt[7] = (unsigned char)t;
+ t >>= 8;
+ pt[6] = (unsigned char)t;
+ t >>= 8;
+ pt[5] = (unsigned char)t;
+ t >>= 8;
+ pt[4] = (unsigned char)t;
+ t >>= 8;
+ pt[3] = (unsigned char)t;
+ t >>= 8;
+ pt[2] = (unsigned char)t;
+ t >>= 8;
+ pt[1] = (unsigned char)t;
+ t >>= 8;
+ pt[0] = (unsigned char)t;
+}
+
+#endif
+
+/*
+** Perform AES key wrap.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+AESKeyWrap_Encrypt(AESKeyWrapContext *cx, unsigned char *output,
+ unsigned int *pOutputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PRUint64 *R = NULL;
+ unsigned int nBlocks;
+ unsigned int i, j;
+ unsigned int aesLen = AES_BLOCK_SIZE;
+ unsigned int outLen = inputLen + AES_KEY_WRAP_BLOCK_SIZE;
+ SECStatus s = SECFailure;
+ /* These PRUint64s are ALWAYS big endian, regardless of CPU orientation. */
+ PRUint64 t;
+ PRUint64 B[2];
+
+#define A B[0]
+
+ /* Check args */
+ if (!inputLen || 0 != inputLen % AES_KEY_WRAP_BLOCK_SIZE) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return s;
+ }
+#ifdef maybe
+ if (!output && pOutputLen) { /* caller is asking for output size */
+ *pOutputLen = outLen;
+ return SECSuccess;
+ }
+#endif
+ if (maxOutputLen < outLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return s;
+ }
+ if (cx == NULL || output == NULL || input == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return s;
+ }
+ nBlocks = inputLen / AES_KEY_WRAP_BLOCK_SIZE;
+ R = PORT_NewArray(PRUint64, nBlocks + 1);
+ if (!R)
+ return s; /* error is already set. */
+ /*
+ ** 1) Initialize variables.
+ */
+ memcpy(&A, cx->iv, AES_KEY_WRAP_IV_BYTES);
+ memcpy(&R[1], input, inputLen);
+#if BIG_ENDIAN_WITH_64_BIT_REGISTERS
+ t = 0;
+#else
+ memset(&t, 0, sizeof t);
+#endif
+ /*
+ ** 2) Calculate intermediate values.
+ */
+ for (j = 0; j < 6; ++j) {
+ for (i = 1; i <= nBlocks; ++i) {
+ B[1] = R[i];
+ s = AES_Encrypt(&cx->aescx, (unsigned char *)B, &aesLen,
+ sizeof B, (unsigned char *)B, sizeof B);
+ if (s != SECSuccess)
+ break;
+ R[i] = B[1];
+/* here, increment t and XOR A with t (in big endian order); */
+#if BIG_ENDIAN_WITH_64_BIT_REGISTERS
+ A ^= ++t;
+#else
+ increment_and_xor((unsigned char *)&A, (unsigned char *)&t);
+#endif
+ }
+ }
+ /*
+ ** 3) Output the results.
+ */
+ if (s == SECSuccess) {
+ R[0] = A;
+ memcpy(output, &R[0], outLen);
+ if (pOutputLen)
+ *pOutputLen = outLen;
+ } else if (pOutputLen) {
+ *pOutputLen = 0;
+ }
+ PORT_ZFree(R, outLen);
+ return s;
+}
+#undef A
+
+/*
+** Perform AES key unwrap.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+AESKeyWrap_Decrypt(AESKeyWrapContext *cx, unsigned char *output,
+ unsigned int *pOutputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PRUint64 *R = NULL;
+ unsigned int nBlocks;
+ unsigned int i, j;
+ unsigned int aesLen = AES_BLOCK_SIZE;
+ unsigned int outLen;
+ SECStatus s = SECFailure;
+ /* These PRUint64s are ALWAYS big endian, regardless of CPU orientation. */
+ PRUint64 t;
+ PRUint64 B[2];
+
+ /* Check args */
+ if (inputLen < 3 * AES_KEY_WRAP_BLOCK_SIZE ||
+ 0 != inputLen % AES_KEY_WRAP_BLOCK_SIZE) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return s;
+ }
+ outLen = inputLen - AES_KEY_WRAP_BLOCK_SIZE;
+#ifdef maybe
+ if (!output && pOutputLen) { /* caller is asking for output size */
+ *pOutputLen = outLen;
+ return SECSuccess;
+ }
+#endif
+ if (maxOutputLen < outLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return s;
+ }
+ if (cx == NULL || output == NULL || input == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return s;
+ }
+ nBlocks = inputLen / AES_KEY_WRAP_BLOCK_SIZE;
+ R = PORT_NewArray(PRUint64, nBlocks);
+ if (!R)
+ return s; /* error is already set. */
+ nBlocks--;
+ /*
+ ** 1) Initialize variables.
+ */
+ memcpy(&R[0], input, inputLen);
+ B[0] = R[0];
+#if BIG_ENDIAN_WITH_64_BIT_REGISTERS
+ t = 6UL * nBlocks;
+#else
+ set_t((unsigned char *)&t, 6UL * nBlocks);
+#endif
+ /*
+ ** 2) Calculate intermediate values.
+ */
+ for (j = 0; j < 6; ++j) {
+ for (i = nBlocks; i; --i) {
+/* here, XOR A with t (in big endian order) and decrement t; */
+#if BIG_ENDIAN_WITH_64_BIT_REGISTERS
+ B[0] ^= t--;
+#else
+ xor_and_decrement(&B[0], &t);
+#endif
+ B[1] = R[i];
+ s = AES_Decrypt(&cx->aescx, (unsigned char *)B, &aesLen,
+ sizeof B, (unsigned char *)B, sizeof B);
+ if (s != SECSuccess)
+ break;
+ R[i] = B[1];
+ }
+ }
+ /*
+ ** 3) Output the results.
+ */
+ if (s == SECSuccess) {
+ int bad = memcmp(&B[0], cx->iv, AES_KEY_WRAP_IV_BYTES);
+ if (!bad) {
+ memcpy(output, &R[1], outLen);
+ if (pOutputLen)
+ *pOutputLen = outLen;
+ } else {
+ s = SECFailure;
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ if (pOutputLen)
+ *pOutputLen = 0;
+ }
+ } else if (pOutputLen) {
+ *pOutputLen = 0;
+ }
+ PORT_ZFree(R, inputLen);
+ return s;
+}
+#undef A
diff --git a/security/nss/lib/freebl/alg2268.c b/security/nss/lib/freebl/alg2268.c
new file mode 100644
index 000000000..54c6f4dff
--- /dev/null
+++ b/security/nss/lib/freebl/alg2268.c
@@ -0,0 +1,509 @@
+/*
+ * alg2268.c - implementation of the algorithm in RFC 2268
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "blapii.h"
+#include "secerr.h"
+#ifdef XP_UNIX_XXX
+#include <stddef.h> /* for ptrdiff_t */
+#endif
+
+/*
+** RC2 symmetric block cypher
+*/
+
+typedef SECStatus(rc2Func)(RC2Context *cx, unsigned char *output,
+ const unsigned char *input, unsigned int inputLen);
+
+/* forward declarations */
+static rc2Func rc2_EncryptECB;
+static rc2Func rc2_DecryptECB;
+static rc2Func rc2_EncryptCBC;
+static rc2Func rc2_DecryptCBC;
+
+typedef union {
+ PRUint32 l[2];
+ PRUint16 s[4];
+ PRUint8 b[8];
+} RC2Block;
+
+struct RC2ContextStr {
+ union {
+ PRUint8 Kb[128];
+ PRUint16 Kw[64];
+ } u;
+ RC2Block iv;
+ rc2Func *enc;
+ rc2Func *dec;
+};
+
+#define B u.Kb
+#define K u.Kw
+#define BYTESWAP(x) ((x) << 8 | (x) >> 8)
+#define SWAPK(i) cx->K[i] = (tmpS = cx->K[i], BYTESWAP(tmpS))
+#define RC2_BLOCK_SIZE 8
+
+#define LOAD_HARD(R) \
+ R[0] = (PRUint16)input[1] << 8 | input[0]; \
+ R[1] = (PRUint16)input[3] << 8 | input[2]; \
+ R[2] = (PRUint16)input[5] << 8 | input[4]; \
+ R[3] = (PRUint16)input[7] << 8 | input[6];
+#define LOAD_EASY(R) \
+ R[0] = ((PRUint16 *)input)[0]; \
+ R[1] = ((PRUint16 *)input)[1]; \
+ R[2] = ((PRUint16 *)input)[2]; \
+ R[3] = ((PRUint16 *)input)[3];
+#define STORE_HARD(R) \
+ output[0] = (PRUint8)(R[0]); \
+ output[1] = (PRUint8)(R[0] >> 8); \
+ output[2] = (PRUint8)(R[1]); \
+ output[3] = (PRUint8)(R[1] >> 8); \
+ output[4] = (PRUint8)(R[2]); \
+ output[5] = (PRUint8)(R[2] >> 8); \
+ output[6] = (PRUint8)(R[3]); \
+ output[7] = (PRUint8)(R[3] >> 8);
+#define STORE_EASY(R) \
+ ((PRUint16 *)output)[0] = R[0]; \
+ ((PRUint16 *)output)[1] = R[1]; \
+ ((PRUint16 *)output)[2] = R[2]; \
+ ((PRUint16 *)output)[3] = R[3];
+
+#if defined(NSS_X86_OR_X64)
+#define LOAD(R) LOAD_EASY(R)
+#define STORE(R) STORE_EASY(R)
+#elif !defined(IS_LITTLE_ENDIAN)
+#define LOAD(R) LOAD_HARD(R)
+#define STORE(R) STORE_HARD(R)
+#else
+#define LOAD(R) \
+ if ((ptrdiff_t)input & 1) { \
+ LOAD_HARD(R) \
+ } else { \
+ LOAD_EASY(R) \
+ }
+#define STORE(R) \
+ if ((ptrdiff_t)input & 1) { \
+ STORE_HARD(R) \
+ } else { \
+ STORE_EASY(R) \
+ }
+#endif
+
+static const PRUint8 S[256] = {
+ 0331, 0170, 0371, 0304, 0031, 0335, 0265, 0355, 0050, 0351, 0375, 0171, 0112, 0240, 0330, 0235,
+ 0306, 0176, 0067, 0203, 0053, 0166, 0123, 0216, 0142, 0114, 0144, 0210, 0104, 0213, 0373, 0242,
+ 0027, 0232, 0131, 0365, 0207, 0263, 0117, 0023, 0141, 0105, 0155, 0215, 0011, 0201, 0175, 0062,
+ 0275, 0217, 0100, 0353, 0206, 0267, 0173, 0013, 0360, 0225, 0041, 0042, 0134, 0153, 0116, 0202,
+ 0124, 0326, 0145, 0223, 0316, 0140, 0262, 0034, 0163, 0126, 0300, 0024, 0247, 0214, 0361, 0334,
+ 0022, 0165, 0312, 0037, 0073, 0276, 0344, 0321, 0102, 0075, 0324, 0060, 0243, 0074, 0266, 0046,
+ 0157, 0277, 0016, 0332, 0106, 0151, 0007, 0127, 0047, 0362, 0035, 0233, 0274, 0224, 0103, 0003,
+ 0370, 0021, 0307, 0366, 0220, 0357, 0076, 0347, 0006, 0303, 0325, 0057, 0310, 0146, 0036, 0327,
+ 0010, 0350, 0352, 0336, 0200, 0122, 0356, 0367, 0204, 0252, 0162, 0254, 0065, 0115, 0152, 0052,
+ 0226, 0032, 0322, 0161, 0132, 0025, 0111, 0164, 0113, 0237, 0320, 0136, 0004, 0030, 0244, 0354,
+ 0302, 0340, 0101, 0156, 0017, 0121, 0313, 0314, 0044, 0221, 0257, 0120, 0241, 0364, 0160, 0071,
+ 0231, 0174, 0072, 0205, 0043, 0270, 0264, 0172, 0374, 0002, 0066, 0133, 0045, 0125, 0227, 0061,
+ 0055, 0135, 0372, 0230, 0343, 0212, 0222, 0256, 0005, 0337, 0051, 0020, 0147, 0154, 0272, 0311,
+ 0323, 0000, 0346, 0317, 0341, 0236, 0250, 0054, 0143, 0026, 0001, 0077, 0130, 0342, 0211, 0251,
+ 0015, 0070, 0064, 0033, 0253, 0063, 0377, 0260, 0273, 0110, 0014, 0137, 0271, 0261, 0315, 0056,
+ 0305, 0363, 0333, 0107, 0345, 0245, 0234, 0167, 0012, 0246, 0040, 0150, 0376, 0177, 0301, 0255
+};
+
+RC2Context *
+RC2_AllocateContext(void)
+{
+ return PORT_ZNew(RC2Context);
+}
+SECStatus
+RC2_InitContext(RC2Context *cx, const unsigned char *key, unsigned int len,
+ const unsigned char *input, int mode, unsigned int efLen8,
+ unsigned int unused)
+{
+ PRUint8 *L, *L2;
+ int i;
+#if !defined(IS_LITTLE_ENDIAN)
+ PRUint16 tmpS;
+#endif
+ PRUint8 tmpB;
+
+ if (!key || !cx || !len || len > (sizeof cx->B) ||
+ efLen8 > (sizeof cx->B)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (mode == NSS_RC2) {
+ /* groovy */
+ } else if (mode == NSS_RC2_CBC) {
+ if (!input) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (mode == NSS_RC2_CBC) {
+ cx->enc = &rc2_EncryptCBC;
+ cx->dec = &rc2_DecryptCBC;
+ LOAD(cx->iv.s);
+ } else {
+ cx->enc = &rc2_EncryptECB;
+ cx->dec = &rc2_DecryptECB;
+ }
+
+ /* Step 0. Copy key into table. */
+ memcpy(cx->B, key, len);
+
+ /* Step 1. Compute all values to the right of the key. */
+ L2 = cx->B;
+ L = L2 + len;
+ tmpB = L[-1];
+ for (i = (sizeof cx->B) - len; i > 0; --i) {
+ *L++ = tmpB = S[(PRUint8)(tmpB + *L2++)];
+ }
+
+ /* step 2. Adjust left most byte of effective key. */
+ i = (sizeof cx->B) - efLen8;
+ L = cx->B + i;
+ *L = tmpB = S[*L]; /* mask is always 0xff */
+
+ /* step 3. Recompute all values to the left of effective key. */
+ L2 = --L + efLen8;
+ while (L >= cx->B) {
+ *L-- = tmpB = S[tmpB ^ *L2--];
+ }
+
+#if !defined(IS_LITTLE_ENDIAN)
+ for (i = 63; i >= 0; --i) {
+ SWAPK(i); /* candidate for unrolling */
+ }
+#endif
+ return SECSuccess;
+}
+
+/*
+** Create a new RC2 context suitable for RC2 encryption/decryption.
+** "key" raw key data
+** "len" the number of bytes of key data
+** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC)
+** "mode" one of NSS_RC2 or NSS_RC2_CBC
+** "effectiveKeyLen" in bytes, not bits.
+**
+** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block
+** chaining" mode.
+*/
+RC2Context *
+RC2_CreateContext(const unsigned char *key, unsigned int len,
+ const unsigned char *iv, int mode, unsigned efLen8)
+{
+ RC2Context *cx = PORT_ZNew(RC2Context);
+ if (cx) {
+ SECStatus rv = RC2_InitContext(cx, key, len, iv, mode, efLen8, 0);
+ if (rv != SECSuccess) {
+ RC2_DestroyContext(cx, PR_TRUE);
+ cx = NULL;
+ }
+ }
+ return cx;
+}
+
+/*
+** Destroy an RC2 encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+void
+RC2_DestroyContext(RC2Context *cx, PRBool freeit)
+{
+ if (cx) {
+ memset(cx, 0, sizeof *cx);
+ if (freeit) {
+ PORT_Free(cx);
+ }
+ }
+}
+
+#define ROL(x, k) (x << k | x >> (16 - k))
+#define MIX(j) \
+ R0 = R0 + cx->K[4 * j + 0] + (R3 & R2) + (~R3 & R1); \
+ R0 = ROL(R0, 1); \
+ R1 = R1 + cx->K[4 * j + 1] + (R0 & R3) + (~R0 & R2); \
+ R1 = ROL(R1, 2); \
+ R2 = R2 + cx->K[4 * j + 2] + (R1 & R0) + (~R1 & R3); \
+ R2 = ROL(R2, 3); \
+ R3 = R3 + cx->K[4 * j + 3] + (R2 & R1) + (~R2 & R0); \
+ R3 = ROL(R3, 5)
+#define MASH \
+ R0 = R0 + cx->K[R3 & 63]; \
+ R1 = R1 + cx->K[R0 & 63]; \
+ R2 = R2 + cx->K[R1 & 63]; \
+ R3 = R3 + cx->K[R2 & 63]
+
+/* Encrypt one block */
+static void
+rc2_Encrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input)
+{
+ register PRUint16 R0, R1, R2, R3;
+
+ /* step 1. Initialize input. */
+ R0 = input->s[0];
+ R1 = input->s[1];
+ R2 = input->s[2];
+ R3 = input->s[3];
+
+ /* step 2. Expand Key (already done, in context) */
+ /* step 3. j = 0 */
+ /* step 4. Perform 5 mixing rounds. */
+
+ MIX(0);
+ MIX(1);
+ MIX(2);
+ MIX(3);
+ MIX(4);
+
+ /* step 5. Perform 1 mashing round. */
+ MASH;
+
+ /* step 6. Perform 6 mixing rounds. */
+
+ MIX(5);
+ MIX(6);
+ MIX(7);
+ MIX(8);
+ MIX(9);
+ MIX(10);
+
+ /* step 7. Perform 1 mashing round. */
+ MASH;
+
+ /* step 8. Perform 5 mixing rounds. */
+
+ MIX(11);
+ MIX(12);
+ MIX(13);
+ MIX(14);
+ MIX(15);
+
+ /* output results */
+ output->s[0] = R0;
+ output->s[1] = R1;
+ output->s[2] = R2;
+ output->s[3] = R3;
+}
+
+#define ROR(x, k) (x >> k | x << (16 - k))
+#define R_MIX(j) \
+ R3 = ROR(R3, 5); \
+ R3 = R3 - cx->K[4 * j + 3] - (R2 & R1) - (~R2 & R0); \
+ R2 = ROR(R2, 3); \
+ R2 = R2 - cx->K[4 * j + 2] - (R1 & R0) - (~R1 & R3); \
+ R1 = ROR(R1, 2); \
+ R1 = R1 - cx->K[4 * j + 1] - (R0 & R3) - (~R0 & R2); \
+ R0 = ROR(R0, 1); \
+ R0 = R0 - cx->K[4 * j + 0] - (R3 & R2) - (~R3 & R1)
+#define R_MASH \
+ R3 = R3 - cx->K[R2 & 63]; \
+ R2 = R2 - cx->K[R1 & 63]; \
+ R1 = R1 - cx->K[R0 & 63]; \
+ R0 = R0 - cx->K[R3 & 63]
+
+/* Encrypt one block */
+static void
+rc2_Decrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input)
+{
+ register PRUint16 R0, R1, R2, R3;
+
+ /* step 1. Initialize input. */
+ R0 = input->s[0];
+ R1 = input->s[1];
+ R2 = input->s[2];
+ R3 = input->s[3];
+
+ /* step 2. Expand Key (already done, in context) */
+ /* step 3. j = 63 */
+ /* step 4. Perform 5 r_mixing rounds. */
+ R_MIX(15);
+ R_MIX(14);
+ R_MIX(13);
+ R_MIX(12);
+ R_MIX(11);
+
+ /* step 5. Perform 1 r_mashing round. */
+ R_MASH;
+
+ /* step 6. Perform 6 r_mixing rounds. */
+ R_MIX(10);
+ R_MIX(9);
+ R_MIX(8);
+ R_MIX(7);
+ R_MIX(6);
+ R_MIX(5);
+
+ /* step 7. Perform 1 r_mashing round. */
+ R_MASH;
+
+ /* step 8. Perform 5 r_mixing rounds. */
+ R_MIX(4);
+ R_MIX(3);
+ R_MIX(2);
+ R_MIX(1);
+ R_MIX(0);
+
+ /* output results */
+ output->s[0] = R0;
+ output->s[1] = R1;
+ output->s[2] = R2;
+ output->s[3] = R3;
+}
+
+static SECStatus NO_SANITIZE_ALIGNMENT
+rc2_EncryptECB(RC2Context *cx, unsigned char *output,
+ const unsigned char *input, unsigned int inputLen)
+{
+ RC2Block iBlock;
+
+ while (inputLen > 0) {
+ LOAD(iBlock.s)
+ rc2_Encrypt1Block(cx, &iBlock, &iBlock);
+ STORE(iBlock.s)
+ output += RC2_BLOCK_SIZE;
+ input += RC2_BLOCK_SIZE;
+ inputLen -= RC2_BLOCK_SIZE;
+ }
+ return SECSuccess;
+}
+
+static SECStatus NO_SANITIZE_ALIGNMENT
+rc2_DecryptECB(RC2Context *cx, unsigned char *output,
+ const unsigned char *input, unsigned int inputLen)
+{
+ RC2Block iBlock;
+
+ while (inputLen > 0) {
+ LOAD(iBlock.s)
+ rc2_Decrypt1Block(cx, &iBlock, &iBlock);
+ STORE(iBlock.s)
+ output += RC2_BLOCK_SIZE;
+ input += RC2_BLOCK_SIZE;
+ inputLen -= RC2_BLOCK_SIZE;
+ }
+ return SECSuccess;
+}
+
+static SECStatus NO_SANITIZE_ALIGNMENT
+rc2_EncryptCBC(RC2Context *cx, unsigned char *output,
+ const unsigned char *input, unsigned int inputLen)
+{
+ RC2Block iBlock;
+
+ while (inputLen > 0) {
+
+ LOAD(iBlock.s)
+ iBlock.l[0] ^= cx->iv.l[0];
+ iBlock.l[1] ^= cx->iv.l[1];
+ rc2_Encrypt1Block(cx, &iBlock, &iBlock);
+ cx->iv = iBlock;
+ STORE(iBlock.s)
+ output += RC2_BLOCK_SIZE;
+ input += RC2_BLOCK_SIZE;
+ inputLen -= RC2_BLOCK_SIZE;
+ }
+ return SECSuccess;
+}
+
+static SECStatus NO_SANITIZE_ALIGNMENT
+rc2_DecryptCBC(RC2Context *cx, unsigned char *output,
+ const unsigned char *input, unsigned int inputLen)
+{
+ RC2Block iBlock;
+ RC2Block oBlock;
+
+ while (inputLen > 0) {
+ LOAD(iBlock.s)
+ rc2_Decrypt1Block(cx, &oBlock, &iBlock);
+ oBlock.l[0] ^= cx->iv.l[0];
+ oBlock.l[1] ^= cx->iv.l[1];
+ cx->iv = iBlock;
+ STORE(oBlock.s)
+ output += RC2_BLOCK_SIZE;
+ input += RC2_BLOCK_SIZE;
+ inputLen -= RC2_BLOCK_SIZE;
+ }
+ return SECSuccess;
+}
+
+/*
+** Perform RC2 encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+SECStatus
+RC2_Encrypt(RC2Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECSuccess;
+ if (inputLen) {
+ if (inputLen % RC2_BLOCK_SIZE) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ rv = (*cx->enc)(cx, output, input, inputLen);
+ }
+ if (rv == SECSuccess) {
+ *outputLen = inputLen;
+ }
+ return rv;
+}
+
+/*
+** Perform RC2 decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+SECStatus
+RC2_Decrypt(RC2Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECSuccess;
+ if (inputLen) {
+ if (inputLen % RC2_BLOCK_SIZE) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ rv = (*cx->dec)(cx, output, input, inputLen);
+ }
+ if (rv == SECSuccess) {
+ *outputLen = inputLen;
+ }
+ return rv;
+}
diff --git a/security/nss/lib/freebl/alghmac.c b/security/nss/lib/freebl/alghmac.c
new file mode 100644
index 000000000..dd8b73c5f
--- /dev/null
+++ b/security/nss/lib/freebl/alghmac.c
@@ -0,0 +1,165 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "secport.h"
+#include "hasht.h"
+#include "blapit.h"
+#include "alghmac.h"
+#include "secerr.h"
+
+#define HMAC_PAD_SIZE HASH_BLOCK_LENGTH_MAX
+
+struct HMACContextStr {
+ void *hash;
+ const SECHashObject *hashobj;
+ PRBool wasAllocated;
+ unsigned char ipad[HMAC_PAD_SIZE];
+ unsigned char opad[HMAC_PAD_SIZE];
+};
+
+void
+HMAC_Destroy(HMACContext *cx, PRBool freeit)
+{
+ if (cx == NULL)
+ return;
+
+ PORT_Assert(!freeit == !cx->wasAllocated);
+ if (cx->hash != NULL) {
+ cx->hashobj->destroy(cx->hash, PR_TRUE);
+ PORT_Memset(cx, 0, sizeof *cx);
+ }
+ if (freeit)
+ PORT_Free(cx);
+}
+
+SECStatus
+HMAC_Init(HMACContext *cx, const SECHashObject *hash_obj,
+ const unsigned char *secret, unsigned int secret_len, PRBool isFIPS)
+{
+ unsigned int i;
+ unsigned char hashed_secret[HASH_LENGTH_MAX];
+
+ /* required by FIPS 198 Section 3 */
+ if (isFIPS && secret_len < hash_obj->length / 2) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (cx == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ cx->wasAllocated = PR_FALSE;
+ cx->hashobj = hash_obj;
+ cx->hash = cx->hashobj->create();
+ if (cx->hash == NULL)
+ goto loser;
+
+ if (secret_len > cx->hashobj->blocklength) {
+ cx->hashobj->begin(cx->hash);
+ cx->hashobj->update(cx->hash, secret, secret_len);
+ PORT_Assert(cx->hashobj->length <= sizeof hashed_secret);
+ cx->hashobj->end(cx->hash, hashed_secret, &secret_len,
+ sizeof hashed_secret);
+ if (secret_len != cx->hashobj->length) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ goto loser;
+ }
+ secret = (const unsigned char *)&hashed_secret[0];
+ }
+
+ PORT_Memset(cx->ipad, 0x36, cx->hashobj->blocklength);
+ PORT_Memset(cx->opad, 0x5c, cx->hashobj->blocklength);
+
+ /* fold secret into padding */
+ for (i = 0; i < secret_len; i++) {
+ cx->ipad[i] ^= secret[i];
+ cx->opad[i] ^= secret[i];
+ }
+ PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
+ return SECSuccess;
+
+loser:
+ PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
+ if (cx->hash != NULL)
+ cx->hashobj->destroy(cx->hash, PR_TRUE);
+ return SECFailure;
+}
+
+HMACContext *
+HMAC_Create(const SECHashObject *hash_obj, const unsigned char *secret,
+ unsigned int secret_len, PRBool isFIPS)
+{
+ SECStatus rv;
+ HMACContext *cx = PORT_ZNew(HMACContext);
+ if (cx == NULL)
+ return NULL;
+ rv = HMAC_Init(cx, hash_obj, secret, secret_len, isFIPS);
+ cx->wasAllocated = PR_TRUE;
+ if (rv != SECSuccess) {
+ PORT_Free(cx); /* contains no secret info */
+ cx = NULL;
+ }
+ return cx;
+}
+
+void
+HMAC_Begin(HMACContext *cx)
+{
+ /* start inner hash */
+ cx->hashobj->begin(cx->hash);
+ cx->hashobj->update(cx->hash, cx->ipad, cx->hashobj->blocklength);
+}
+
+void
+HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len)
+{
+ cx->hashobj->update(cx->hash, data, data_len);
+}
+
+SECStatus
+HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
+ unsigned int max_result_len)
+{
+ if (max_result_len < cx->hashobj->length) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ cx->hashobj->end(cx->hash, result, result_len, max_result_len);
+ if (*result_len != cx->hashobj->length)
+ return SECFailure;
+
+ cx->hashobj->begin(cx->hash);
+ cx->hashobj->update(cx->hash, cx->opad, cx->hashobj->blocklength);
+ cx->hashobj->update(cx->hash, result, *result_len);
+ cx->hashobj->end(cx->hash, result, result_len, max_result_len);
+ return SECSuccess;
+}
+
+HMACContext *
+HMAC_Clone(HMACContext *cx)
+{
+ HMACContext *newcx;
+
+ newcx = (HMACContext *)PORT_ZAlloc(sizeof(HMACContext));
+ if (newcx == NULL)
+ goto loser;
+
+ newcx->wasAllocated = PR_TRUE;
+ newcx->hashobj = cx->hashobj;
+ newcx->hash = cx->hashobj->clone(cx->hash);
+ if (newcx->hash == NULL)
+ goto loser;
+ PORT_Memcpy(newcx->ipad, cx->ipad, cx->hashobj->blocklength);
+ PORT_Memcpy(newcx->opad, cx->opad, cx->hashobj->blocklength);
+ return newcx;
+
+loser:
+ HMAC_Destroy(newcx, PR_TRUE);
+ return NULL;
+}
diff --git a/security/nss/lib/freebl/alghmac.h b/security/nss/lib/freebl/alghmac.h
new file mode 100644
index 000000000..462526ac4
--- /dev/null
+++ b/security/nss/lib/freebl/alghmac.h
@@ -0,0 +1,64 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _ALGHMAC_H_
+#define _ALGHMAC_H_
+
+typedef struct HMACContextStr HMACContext;
+
+SEC_BEGIN_PROTOS
+
+/* destroy HMAC context */
+extern void
+HMAC_Destroy(HMACContext *cx, PRBool freeit);
+
+/* create HMAC context
+ * hash_obj hash object from SECRawHashObjects[]
+ * secret the secret with which the HMAC is performed.
+ * secret_len the length of the secret.
+ * isFIPS true if conforming to FIPS 198.
+ *
+ * NULL is returned if an error occurs.
+ */
+extern HMACContext *
+HMAC_Create(const SECHashObject *hash_obj, const unsigned char *secret,
+ unsigned int secret_len, PRBool isFIPS);
+
+/* like HMAC_Create, except caller allocates HMACContext. */
+SECStatus
+HMAC_Init(HMACContext *cx, const SECHashObject *hash_obj,
+ const unsigned char *secret, unsigned int secret_len, PRBool isFIPS);
+
+/* reset HMAC for a fresh round */
+extern void
+HMAC_Begin(HMACContext *cx);
+
+/* update HMAC
+ * cx HMAC Context
+ * data the data to perform HMAC on
+ * data_len the length of the data to process
+ */
+extern void
+HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len);
+
+/* Finish HMAC -- place the results within result
+ * cx HMAC context
+ * result buffer for resulting hmac'd data
+ * result_len where the resultant hmac length is stored
+ * max_result_len maximum possible length that can be stored in result
+ */
+extern SECStatus
+HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
+ unsigned int max_result_len);
+
+/* clone a copy of the HMAC state. this is usefult when you would
+ * need to keep a running hmac but also need to extract portions
+ * partway through the process.
+ */
+extern HMACContext *
+HMAC_Clone(HMACContext *cx);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/freebl/arcfive.c b/security/nss/lib/freebl/arcfive.c
new file mode 100644
index 000000000..dda77710f
--- /dev/null
+++ b/security/nss/lib/freebl/arcfive.c
@@ -0,0 +1,87 @@
+/*
+ * arcfive.c - stubs for RC5 - NOT a working implementation!
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "prerror.h"
+
+/******************************************/
+/*
+** RC5 symmetric block cypher -- 64-bit block size
+*/
+
+/*
+** Create a new RC5 context suitable for RC5 encryption/decryption.
+** "key" raw key data
+** "len" the number of bytes of key data
+** "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC)
+** "mode" one of NSS_RC5 or NSS_RC5_CBC
+**
+** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block
+** chaining" mode.
+*/
+RC5Context *
+RC5_CreateContext(const SECItem *key, unsigned int rounds,
+ unsigned int wordSize, const unsigned char *iv, int mode)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+}
+
+/*
+** Destroy an RC5 encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+void
+RC5_DestroyContext(RC5Context *cx, PRBool freeit)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+}
+
+/*
+** Perform RC5 encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+SECStatus
+RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+/*
+** Perform RC5 decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+SECStatus
+RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
diff --git a/security/nss/lib/freebl/arcfour-amd64-gas.s b/security/nss/lib/freebl/arcfour-amd64-gas.s
new file mode 100644
index 000000000..7c4f5358f
--- /dev/null
+++ b/security/nss/lib/freebl/arcfour-amd64-gas.s
@@ -0,0 +1,88 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# ** ARCFOUR implementation optimized for AMD64.
+# **
+# ** The throughput achieved by this code is about 320 MBytes/sec, on
+# ** a 1.8 GHz AMD Opteron (rev C0) processor.
+
+.text
+.align 16
+.globl ARCFOUR
+.type ARCFOUR,@function
+ARCFOUR:
+ pushq %rbp
+ pushq %rbx
+ movq %rdi, %rbp # key = ARG(key)
+ movq %rsi, %rbx # rbx = ARG(len)
+ movq %rdx, %rsi # in = ARG(in)
+ movq %rcx, %rdi # out = ARG(out)
+ movq (%rbp), %rcx # x = key->x
+ movq 8(%rbp), %rdx # y = key->y
+ addq $16, %rbp # d = key->data
+ incq %rcx # x++
+ andq $255, %rcx # x &= 0xff
+ leaq -8(%rbx,%rsi), %rbx # rbx = in+len-8
+ movq %rbx, %r9 # tmp = in+len-8
+ movq 0(%rbp,%rcx,8), %rax # tx = d[x]
+ cmpq %rsi, %rbx # cmp in with in+len-8
+ jl .Lend # jump if (in+len-8 < in)
+
+.Lstart:
+ addq $8, %rsi # increment in
+ addq $8, %rdi # increment out
+
+ # generate the next 8 bytes of the rc4 stream into %r8
+ movq $8, %r11 # byte counter
+1: addb %al, %dl # y += tx
+ movl 0(%rbp,%rdx,8), %ebx # ty = d[y]
+ movl %ebx, 0(%rbp,%rcx,8) # d[x] = ty
+ addb %al, %bl # val = ty + tx
+ movl %eax, 0(%rbp,%rdx,8) # d[y] = tx
+ incb %cl # x++ (NEXT ROUND)
+ movl 0(%rbp,%rcx,8), %eax # tx = d[x] (NEXT ROUND)
+ movb 0(%rbp,%rbx,8), %r8b # val = d[val]
+ decb %r11b
+ rorq $8, %r8 # (ror does not change ZF)
+ jnz 1b
+
+ # xor 8 bytes
+ xorq -8(%rsi), %r8
+ cmpq %r9, %rsi # cmp in+len-8 with in
+ movq %r8, -8(%rdi)
+ jle .Lstart # jump if (in <= in+len-8)
+
+.Lend:
+ addq $8, %r9 # tmp = in+len
+
+ # handle the last bytes, one by one
+1: cmpq %rsi, %r9 # cmp in with in+len
+ jle .Lfinished # jump if (in+len <= in)
+ addb %al, %dl # y += tx
+ movl 0(%rbp,%rdx,8), %ebx # ty = d[y]
+ movl %ebx, 0(%rbp,%rcx,8) # d[x] = ty
+ addb %al, %bl # val = ty + tx
+ movl %eax, 0(%rbp,%rdx,8) # d[y] = tx
+ incb %cl # x++ (NEXT ROUND)
+ movl 0(%rbp,%rcx,8), %eax # tx = d[x] (NEXT ROUND)
+ movb 0(%rbp,%rbx,8), %r8b # val = d[val]
+ xorb (%rsi), %r8b # xor 1 byte
+ movb %r8b, (%rdi)
+ incq %rsi # in++
+ incq %rdi # out++
+ jmp 1b
+
+.Lfinished:
+ decq %rcx # x--
+ movb %dl, -8(%rbp) # key->y = y
+ movb %cl, -16(%rbp) # key->x = x
+ popq %rbx
+ popq %rbp
+ ret
+.L_ARCFOUR_end:
+.size ARCFOUR,.L_ARCFOUR_end-ARCFOUR
+
+# Magic indicating no need for an executable stack
+.section .note.GNU-stack,"",@progbits
+.previous
diff --git a/security/nss/lib/freebl/arcfour-amd64-masm.asm b/security/nss/lib/freebl/arcfour-amd64-masm.asm
new file mode 100644
index 000000000..1601c4f89
--- /dev/null
+++ b/security/nss/lib/freebl/arcfour-amd64-masm.asm
@@ -0,0 +1,107 @@
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+; ** ARCFOUR implementation optimized for AMD64.
+; **
+; ** The throughput achieved by this code is about 320 MBytes/sec, on
+; ** a 1.8 GHz AMD Opteron (rev C0) processor.
+
+.CODE
+
+; extern void ARCFOUR(RC4Context *cx, unsigned long long inputLen,
+; const unsigned char *input, unsigned char *output);
+
+
+ARCFOUR PROC
+
+ push rbp
+ push rbx
+ push rsi
+ push rdi
+
+ mov rbp, rcx ; key = ARG(key)
+ mov rbx, rdx ; rbx = ARG(len)
+ mov rsi, r8 ; in = ARG(in)
+ mov rdi, r9 ; out = ARG(out)
+ mov rcx, [rbp] ; x = key->x
+ mov rdx, [rbp+8] ; y = key->y
+ add rbp, 16 ; d = key->data
+ inc rcx ; x++
+ and rcx, 0ffh ; x &= 0xff
+ lea rbx, [rbx+rsi-8] ; rbx = in+len-8
+ mov r9, rbx ; tmp = in+len-8
+ mov rax, [rbp+rcx*8] ; tx = d[x]
+ cmp rbx, rsi ; cmp in with in+len-8
+ jl Lend ; jump if (in+len-8 < in)
+
+Lstart:
+ add rsi, 8 ; increment in
+ add rdi, 8 ; increment out
+
+ ;
+ ; generate the next 8 bytes of the rc4 stream into r8
+ ;
+
+ mov r11, 8 ; byte counter
+
+@@:
+ add dl, al ; y += tx
+ mov ebx, [rbp+rdx*8] ; ty = d[y]
+ mov [rbp+rcx*8], ebx ; d[x] = ty
+ add bl, al ; val = ty + tx
+ mov [rbp+rdx*8], eax ; d[y] = tx
+ inc cl ; x++ (NEXT ROUND)
+ mov eax, [rbp+rcx*8] ; tx = d[x] (NEXT ROUND)
+ mov r8b, [rbp+rbx*8] ; val = d[val]
+ dec r11b
+ ror r8, 8 ; (ror does not change ZF)
+ jnz @b
+
+ ;
+ ; xor 8 bytes
+ ;
+
+ xor r8, [rsi-8]
+ cmp rsi, r9 ; cmp in+len-8 with in
+ mov [rdi-8], r8
+ jle Lstart
+
+Lend:
+ add r9, 8 ; tmp = in+len
+
+ ;
+ ; handle the last bytes, one by one
+ ;
+
+@@:
+ cmp r9, rsi ; cmp in with in+len
+ jle Lfinished ; jump if (in+len <= in)
+ add dl, al ; y += tx
+ mov ebx, [rbp+rdx*8] ; ty = d[y]
+ mov [rbp+rcx*8], ebx ; d[x] = ty
+ add bl, al ; val = ty + tx
+ mov [rbp+rdx*8], eax ; d[y] = tx
+ inc cl ; x++ (NEXT ROUND)
+ mov eax, [rbp+rcx*8] ; tx = d[x] (NEXT ROUND)
+ mov r8b, [rbp+rbx*8] ; val = d[val]
+ xor r8b, [rsi] ; xor 1 byte
+ mov [rdi], r8b
+ inc rsi ; in++
+ inc rdi
+ jmp @b
+
+Lfinished:
+ dec rcx ; x--
+ mov [rbp-8], dl ; key->y = y
+ mov [rbp-16], cl ; key->x = x
+
+ pop rdi
+ pop rsi
+ pop rbx
+ pop rbp
+ ret
+
+ARCFOUR ENDP
+
+END
diff --git a/security/nss/lib/freebl/arcfour-amd64-sun.s b/security/nss/lib/freebl/arcfour-amd64-sun.s
new file mode 100644
index 000000000..8b649f901
--- /dev/null
+++ b/security/nss/lib/freebl/arcfour-amd64-sun.s
@@ -0,0 +1,84 @@
+/ This Source Code Form is subject to the terms of the Mozilla Public
+/ License, v. 2.0. If a copy of the MPL was not distributed with this
+/ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+/ ** ARCFOUR implementation optimized for AMD64.
+/ **
+/ ** The throughput achieved by this code is about 320 MBytes/sec, on
+/ ** a 1.8 GHz AMD Opteron (rev C0) processor.
+
+.text
+.align 16
+.globl ARCFOUR
+.type ARCFOUR,@function
+ARCFOUR:
+ pushq %rbp
+ pushq %rbx
+ movq %rdi, %rbp / key = ARG(key)
+ movq %rsi, %rbx / rbx = ARG(len)
+ movq %rdx, %rsi / in = ARG(in)
+ movq %rcx, %rdi / out = ARG(out)
+ movq (%rbp), %rcx / x = key->x
+ movq 8(%rbp), %rdx / y = key->y
+ addq $16, %rbp / d = key->data
+ incq %rcx / x++
+ andq $255, %rcx / x &= 0xff
+ leaq -8(%rbx,%rsi), %rbx / rbx = in+len-8
+ movq %rbx, %r9 / tmp = in+len-8
+ movq 0(%rbp,%rcx,8), %rax / tx = d[x]
+ cmpq %rsi, %rbx / cmp in with in+len-8
+ jl .Lend / jump if (in+len-8 < in)
+
+.Lstart:
+ addq $8, %rsi / increment in
+ addq $8, %rdi / increment out
+
+ / generate the next 8 bytes of the rc4 stream into %r8
+ movq $8, %r11 / byte counter
+1: addb %al, %dl / y += tx
+ movl 0(%rbp,%rdx,8), %ebx / ty = d[y]
+ movl %ebx, 0(%rbp,%rcx,8) / d[x] = ty
+ addb %al, %bl / val = ty + tx
+ movl %eax, 0(%rbp,%rdx,8) / d[y] = tx
+ incb %cl / x++ (NEXT ROUND)
+ movl 0(%rbp,%rcx,8), %eax / tx = d[x] (NEXT ROUND)
+ movb 0(%rbp,%rbx,8), %r8b / val = d[val]
+ decb %r11b
+ rorq $8, %r8 / (ror does not change ZF)
+ jnz 1b
+
+ / xor 8 bytes
+ xorq -8(%rsi), %r8
+ cmpq %r9, %rsi / cmp in+len-8 with in
+ movq %r8, -8(%rdi)
+ jle .Lstart / jump if (in <= in+len-8)
+
+.Lend:
+ addq $8, %r9 / tmp = in+len
+
+ / handle the last bytes, one by one
+1: cmpq %rsi, %r9 / cmp in with in+len
+ jle .Lfinished / jump if (in+len <= in)
+ addb %al, %dl / y += tx
+ movl 0(%rbp,%rdx,8), %ebx / ty = d[y]
+ movl %ebx, 0(%rbp,%rcx,8) / d[x] = ty
+ addb %al, %bl / val = ty + tx
+ movl %eax, 0(%rbp,%rdx,8) / d[y] = tx
+ incb %cl / x++ (NEXT ROUND)
+ movl 0(%rbp,%rcx,8), %eax / tx = d[x] (NEXT ROUND)
+ movb 0(%rbp,%rbx,8), %r8b / val = d[val]
+ xorb (%rsi), %r8b / xor 1 byte
+ movb %r8b, (%rdi)
+ incq %rsi / in++
+ incq %rdi / out++
+ jmp 1b
+
+.Lfinished:
+ decq %rcx / x--
+ movb %dl, -8(%rbp) / key->y = y
+ movb %cl, -16(%rbp) / key->x = x
+ popq %rbx
+ popq %rbp
+ ret
+.L_ARCFOUR_end:
+.size ARCFOUR,.L_ARCFOUR_end-ARCFOUR
diff --git a/security/nss/lib/freebl/arcfour.c b/security/nss/lib/freebl/arcfour.c
new file mode 100644
index 000000000..e37b45843
--- /dev/null
+++ b/security/nss/lib/freebl/arcfour.c
@@ -0,0 +1,594 @@
+/* arcfour.c - the arc four algorithm.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerr.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "blapi.h"
+
+/* Architecture-dependent defines */
+
+#if defined(SOLARIS) || defined(HPUX) || defined(NSS_X86) || \
+ defined(_WIN64)
+/* Convert the byte-stream to a word-stream */
+#define CONVERT_TO_WORDS
+#endif
+
+#if defined(AIX) || defined(OSF1) || defined(NSS_BEVAND_ARCFOUR)
+/* Treat array variables as words, not bytes, on CPUs that take
+ * much longer to write bytes than to write words, or when using
+ * assembler code that required it.
+ */
+#define USE_WORD
+#endif
+
+#if defined(IS_64) || defined(NSS_BEVAND_ARCFOUR)
+typedef PRUint64 WORD;
+#else
+typedef PRUint32 WORD;
+#endif
+#define WORDSIZE sizeof(WORD)
+
+#if defined(USE_WORD)
+typedef WORD Stype;
+#else
+typedef PRUint8 Stype;
+#endif
+
+#define ARCFOUR_STATE_SIZE 256
+
+#define MASK1BYTE (WORD)(0xff)
+
+#define SWAP(a, b) \
+ tmp = a; \
+ a = b; \
+ b = tmp;
+
+/*
+ * State information for stream cipher.
+ */
+struct RC4ContextStr {
+#if defined(NSS_ARCFOUR_IJ_B4_S) || defined(NSS_BEVAND_ARCFOUR)
+ Stype i;
+ Stype j;
+ Stype S[ARCFOUR_STATE_SIZE];
+#else
+ Stype S[ARCFOUR_STATE_SIZE];
+ Stype i;
+ Stype j;
+#endif
+};
+
+/*
+ * array indices [0..255] to initialize cx->S array (faster than loop).
+ */
+static const Stype Kinit[256] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+ 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
+ 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
+ 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
+ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
+ 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
+ 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
+ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
+ 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+ 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
+ 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
+ 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
+ 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
+ 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+ 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
+ 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
+ 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
+ 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+ 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
+};
+
+RC4Context *
+RC4_AllocateContext(void)
+{
+ return PORT_ZNew(RC4Context);
+}
+
+SECStatus
+RC4_InitContext(RC4Context *cx, const unsigned char *key, unsigned int len,
+ const unsigned char *unused1, int unused2,
+ unsigned int unused3, unsigned int unused4)
+{
+ unsigned int i;
+ PRUint8 j, tmp;
+ PRUint8 K[256];
+ PRUint8 *L;
+
+ /* verify the key length. */
+ PORT_Assert(len > 0 && len < ARCFOUR_STATE_SIZE);
+ if (len == 0 || len >= ARCFOUR_STATE_SIZE) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+ if (cx == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* Initialize the state using array indices. */
+ memcpy(cx->S, Kinit, sizeof cx->S);
+ /* Fill in K repeatedly with values from key. */
+ L = K;
+ for (i = sizeof K; i > len; i -= len) {
+ memcpy(L, key, len);
+ L += len;
+ }
+ memcpy(L, key, i);
+ /* Stir the state of the generator. At this point it is assumed
+ * that the key is the size of the state buffer. If this is not
+ * the case, the key bytes are repeated to fill the buffer.
+ */
+ j = 0;
+#define ARCFOUR_STATE_STIR(ii) \
+ j = j + cx->S[ii] + K[ii]; \
+ SWAP(cx->S[ii], cx->S[j]);
+ for (i = 0; i < ARCFOUR_STATE_SIZE; i++) {
+ ARCFOUR_STATE_STIR(i);
+ }
+ cx->i = 0;
+ cx->j = 0;
+ return SECSuccess;
+}
+
+/*
+ * Initialize a new generator.
+ */
+RC4Context *
+RC4_CreateContext(const unsigned char *key, int len)
+{
+ RC4Context *cx = RC4_AllocateContext();
+ if (cx) {
+ SECStatus rv = RC4_InitContext(cx, key, len, NULL, 0, 0, 0);
+ if (rv != SECSuccess) {
+ PORT_ZFree(cx, sizeof(*cx));
+ cx = NULL;
+ }
+ }
+ return cx;
+}
+
+void
+RC4_DestroyContext(RC4Context *cx, PRBool freeit)
+{
+ if (freeit)
+ PORT_ZFree(cx, sizeof(*cx));
+}
+
+#if defined(NSS_BEVAND_ARCFOUR)
+extern void ARCFOUR(RC4Context *cx, WORD inputLen,
+ const unsigned char *input, unsigned char *output);
+#else
+/*
+ * Generate the next byte in the stream.
+ */
+#define ARCFOUR_NEXT_BYTE() \
+ tmpSi = cx->S[++tmpi]; \
+ tmpj += tmpSi; \
+ tmpSj = cx->S[tmpj]; \
+ cx->S[tmpi] = tmpSj; \
+ cx->S[tmpj] = tmpSi; \
+ t = tmpSi + tmpSj;
+
+#ifdef CONVERT_TO_WORDS
+/*
+ * Straight ARCFOUR op. No optimization.
+ */
+static SECStatus
+rc4_no_opt(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PRUint8 t;
+ Stype tmpSi, tmpSj;
+ register PRUint8 tmpi = cx->i;
+ register PRUint8 tmpj = cx->j;
+ unsigned int index;
+ PORT_Assert(maxOutputLen >= inputLen);
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ for (index = 0; index < inputLen; index++) {
+ /* Generate next byte from stream. */
+ ARCFOUR_NEXT_BYTE();
+ /* output = next stream byte XOR next input byte */
+ output[index] = cx->S[t] ^ input[index];
+ }
+ *outputLen = inputLen;
+ cx->i = tmpi;
+ cx->j = tmpj;
+ return SECSuccess;
+}
+
+#else
+/* !CONVERT_TO_WORDS */
+
+/*
+ * Byte-at-a-time ARCFOUR, unrolling the loop into 8 pieces.
+ */
+static SECStatus
+rc4_unrolled(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PRUint8 t;
+ Stype tmpSi, tmpSj;
+ register PRUint8 tmpi = cx->i;
+ register PRUint8 tmpj = cx->j;
+ int index;
+ PORT_Assert(maxOutputLen >= inputLen);
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ for (index = inputLen / 8; index-- > 0; input += 8, output += 8) {
+ ARCFOUR_NEXT_BYTE();
+ output[0] = cx->S[t] ^ input[0];
+ ARCFOUR_NEXT_BYTE();
+ output[1] = cx->S[t] ^ input[1];
+ ARCFOUR_NEXT_BYTE();
+ output[2] = cx->S[t] ^ input[2];
+ ARCFOUR_NEXT_BYTE();
+ output[3] = cx->S[t] ^ input[3];
+ ARCFOUR_NEXT_BYTE();
+ output[4] = cx->S[t] ^ input[4];
+ ARCFOUR_NEXT_BYTE();
+ output[5] = cx->S[t] ^ input[5];
+ ARCFOUR_NEXT_BYTE();
+ output[6] = cx->S[t] ^ input[6];
+ ARCFOUR_NEXT_BYTE();
+ output[7] = cx->S[t] ^ input[7];
+ }
+ index = inputLen % 8;
+ if (index) {
+ input += index;
+ output += index;
+ switch (index) {
+ case 7:
+ ARCFOUR_NEXT_BYTE();
+ output[-7] = cx->S[t] ^ input[-7]; /* FALLTHRU */
+ case 6:
+ ARCFOUR_NEXT_BYTE();
+ output[-6] = cx->S[t] ^ input[-6]; /* FALLTHRU */
+ case 5:
+ ARCFOUR_NEXT_BYTE();
+ output[-5] = cx->S[t] ^ input[-5]; /* FALLTHRU */
+ case 4:
+ ARCFOUR_NEXT_BYTE();
+ output[-4] = cx->S[t] ^ input[-4]; /* FALLTHRU */
+ case 3:
+ ARCFOUR_NEXT_BYTE();
+ output[-3] = cx->S[t] ^ input[-3]; /* FALLTHRU */
+ case 2:
+ ARCFOUR_NEXT_BYTE();
+ output[-2] = cx->S[t] ^ input[-2]; /* FALLTHRU */
+ case 1:
+ ARCFOUR_NEXT_BYTE();
+ output[-1] = cx->S[t] ^ input[-1]; /* FALLTHRU */
+ default:
+ /* FALLTHRU */
+ ; /* hp-ux build breaks without this */
+ }
+ }
+ cx->i = tmpi;
+ cx->j = tmpj;
+ *outputLen = inputLen;
+ return SECSuccess;
+}
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+#define ARCFOUR_NEXT4BYTES_L(n) \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n); \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n + 8); \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n + 16); \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n + 24);
+#else
+#define ARCFOUR_NEXT4BYTES_B(n) \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n + 24); \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n + 16); \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n + 8); \
+ ARCFOUR_NEXT_BYTE(); \
+ streamWord |= (WORD)cx->S[t] << (n);
+#endif
+
+#if (defined(IS_64) && !defined(__sparc)) || defined(NSS_USE_64)
+/* 64-bit wordsize */
+#ifdef IS_LITTLE_ENDIAN
+#define ARCFOUR_NEXT_WORD() \
+ { \
+ streamWord = 0; \
+ ARCFOUR_NEXT4BYTES_L(0); \
+ ARCFOUR_NEXT4BYTES_L(32); \
+ }
+#else
+#define ARCFOUR_NEXT_WORD() \
+ { \
+ streamWord = 0; \
+ ARCFOUR_NEXT4BYTES_B(32); \
+ ARCFOUR_NEXT4BYTES_B(0); \
+ }
+#endif
+#else
+/* 32-bit wordsize */
+#ifdef IS_LITTLE_ENDIAN
+#define ARCFOUR_NEXT_WORD() \
+ { \
+ streamWord = 0; \
+ ARCFOUR_NEXT4BYTES_L(0); \
+ }
+#else
+#define ARCFOUR_NEXT_WORD() \
+ { \
+ streamWord = 0; \
+ ARCFOUR_NEXT4BYTES_B(0); \
+ }
+#endif
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+#define RSH <<
+#define LSH >>
+#else
+#define RSH >>
+#define LSH <<
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+#define LEFTMOST_BYTE_SHIFT 0
+#define NEXT_BYTE_SHIFT(shift) shift + 8
+#else
+#define LEFTMOST_BYTE_SHIFT 8 * (WORDSIZE - 1)
+#define NEXT_BYTE_SHIFT(shift) shift - 8
+#endif
+
+#ifdef CONVERT_TO_WORDS
+static SECStatus
+rc4_wordconv(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PR_STATIC_ASSERT(sizeof(PRUword) == sizeof(ptrdiff_t));
+ unsigned int inOffset = (PRUword)input % WORDSIZE;
+ unsigned int outOffset = (PRUword)output % WORDSIZE;
+ register WORD streamWord;
+ register const WORD *pInWord;
+ register WORD *pOutWord;
+ register WORD inWord, nextInWord;
+ PRUint8 t;
+ register Stype tmpSi, tmpSj;
+ register PRUint8 tmpi = cx->i;
+ register PRUint8 tmpj = cx->j;
+ unsigned int bufShift, invBufShift;
+ unsigned int i;
+ const unsigned char *finalIn;
+ unsigned char *finalOut;
+
+ PORT_Assert(maxOutputLen >= inputLen);
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ if (inputLen < 2 * WORDSIZE) {
+ /* Ignore word conversion, do byte-at-a-time */
+ return rc4_no_opt(cx, output, outputLen, maxOutputLen, input, inputLen);
+ }
+ *outputLen = inputLen;
+ pInWord = (const WORD *)(input - inOffset);
+ pOutWord = (WORD *)(output - outOffset);
+ if (inOffset <= outOffset) {
+ bufShift = 8 * (outOffset - inOffset);
+ invBufShift = 8 * WORDSIZE - bufShift;
+ } else {
+ invBufShift = 8 * (inOffset - outOffset);
+ bufShift = 8 * WORDSIZE - invBufShift;
+ }
+ /*****************************************************************/
+ /* Step 1: */
+ /* If the first output word is partial, consume the bytes in the */
+ /* first partial output word by loading one or two words of */
+ /* input and shifting them accordingly. Otherwise, just load */
+ /* in the first word of input. At the end of this block, at */
+ /* least one partial word of input should ALWAYS be loaded. */
+ /*****************************************************************/
+ if (outOffset) {
+ unsigned int byteCount = WORDSIZE - outOffset;
+ for (i = 0; i < byteCount; i++) {
+ ARCFOUR_NEXT_BYTE();
+ output[i] = cx->S[t] ^ input[i];
+ }
+ /* Consumed byteCount bytes of input */
+ inputLen -= byteCount;
+ pInWord++;
+
+ /* move to next word of output */
+ pOutWord++;
+
+ /* If buffers are relatively misaligned, shift the bytes in inWord
+ * to be aligned to the output buffer.
+ */
+ if (inOffset < outOffset) {
+ /* The first input word (which may be partial) has more bytes
+ * than needed. Copy the remainder to inWord.
+ */
+ unsigned int shift = LEFTMOST_BYTE_SHIFT;
+ inWord = 0;
+ for (i = 0; i < outOffset - inOffset; i++) {
+ inWord |= (WORD)input[byteCount + i] << shift;
+ shift = NEXT_BYTE_SHIFT(shift);
+ }
+ } else if (inOffset > outOffset) {
+ /* Consumed some bytes in the second input word. Copy the
+ * remainder to inWord.
+ */
+ inWord = *pInWord++;
+ inWord = inWord LSH invBufShift;
+ } else {
+ inWord = 0;
+ }
+ } else {
+ /* output is word-aligned */
+ if (inOffset) {
+ /* Input is not word-aligned. The first word load of input
+ * will not produce a full word of input bytes, so one word
+ * must be pre-loaded. The main loop below will load in the
+ * next input word and shift some of its bytes into inWord
+ * in order to create a full input word. Note that the main
+ * loop must execute at least once because the input must
+ * be at least two words.
+ */
+ unsigned int shift = LEFTMOST_BYTE_SHIFT;
+ inWord = 0;
+ for (i = 0; i < WORDSIZE - inOffset; i++) {
+ inWord |= (WORD)input[i] << shift;
+ shift = NEXT_BYTE_SHIFT(shift);
+ }
+ pInWord++;
+ } else {
+ /* Input is word-aligned. The first word load of input
+ * will produce a full word of input bytes, so nothing
+ * needs to be loaded here.
+ */
+ inWord = 0;
+ }
+ }
+ /*****************************************************************/
+ /* Step 2: main loop */
+ /* At this point the output buffer is word-aligned. Any unused */
+ /* bytes from above will be in inWord (shifted correctly). If */
+ /* the input buffer is unaligned relative to the output buffer, */
+ /* shifting has to be done. */
+ /*****************************************************************/
+ if (bufShift) {
+ /* preloadedByteCount is the number of input bytes pre-loaded
+ * in inWord.
+ */
+ unsigned int preloadedByteCount = bufShift / 8;
+ for (; inputLen >= preloadedByteCount + WORDSIZE;
+ inputLen -= WORDSIZE) {
+ nextInWord = *pInWord++;
+ inWord |= nextInWord RSH bufShift;
+ nextInWord = nextInWord LSH invBufShift;
+ ARCFOUR_NEXT_WORD();
+ *pOutWord++ = inWord ^ streamWord;
+ inWord = nextInWord;
+ }
+ if (inputLen == 0) {
+ /* Nothing left to do. */
+ cx->i = tmpi;
+ cx->j = tmpj;
+ return SECSuccess;
+ }
+ finalIn = (const unsigned char *)pInWord - preloadedByteCount;
+ } else {
+ for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) {
+ inWord = *pInWord++;
+ ARCFOUR_NEXT_WORD();
+ *pOutWord++ = inWord ^ streamWord;
+ }
+ if (inputLen == 0) {
+ /* Nothing left to do. */
+ cx->i = tmpi;
+ cx->j = tmpj;
+ return SECSuccess;
+ }
+ finalIn = (const unsigned char *)pInWord;
+ }
+ /*****************************************************************/
+ /* Step 3: */
+ /* Do the remaining partial word of input one byte at a time. */
+ /*****************************************************************/
+ finalOut = (unsigned char *)pOutWord;
+ for (i = 0; i < inputLen; i++) {
+ ARCFOUR_NEXT_BYTE();
+ finalOut[i] = cx->S[t] ^ finalIn[i];
+ }
+ cx->i = tmpi;
+ cx->j = tmpj;
+ return SECSuccess;
+}
+#endif
+#endif /* NSS_BEVAND_ARCFOUR */
+
+SECStatus
+RC4_Encrypt(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PORT_Assert(maxOutputLen >= inputLen);
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+#if defined(NSS_BEVAND_ARCFOUR)
+ ARCFOUR(cx, inputLen, input, output);
+ *outputLen = inputLen;
+ return SECSuccess;
+#elif defined(CONVERT_TO_WORDS)
+ /* Convert the byte-stream to a word-stream */
+ return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen);
+#else
+ /* Operate on bytes, but unroll the main loop */
+ return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen);
+#endif
+}
+
+SECStatus
+RC4_Decrypt(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ PORT_Assert(maxOutputLen >= inputLen);
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+/* decrypt and encrypt are same operation. */
+#if defined(NSS_BEVAND_ARCFOUR)
+ ARCFOUR(cx, inputLen, input, output);
+ *outputLen = inputLen;
+ return SECSuccess;
+#elif defined(CONVERT_TO_WORDS)
+ /* Convert the byte-stream to a word-stream */
+ return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen);
+#else
+ /* Operate on bytes, but unroll the main loop */
+ return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen);
+#endif
+}
+
+#undef CONVERT_TO_WORDS
+#undef USE_WORD
diff --git a/security/nss/lib/freebl/blapi.h b/security/nss/lib/freebl/blapi.h
new file mode 100644
index 000000000..e5a6cf30e
--- /dev/null
+++ b/security/nss/lib/freebl/blapi.h
@@ -0,0 +1,1625 @@
+/*
+ * blapi.h - public prototypes for the freebl library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _BLAPI_H_
+#define _BLAPI_H_
+
+#include "blapit.h"
+#include "hasht.h"
+#include "alghmac.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+** RSA encryption/decryption. When encrypting/decrypting the output
+** buffer must be at least the size of the public key modulus.
+*/
+
+extern SECStatus BL_Init(void);
+
+/*
+** Generate and return a new RSA public and private key.
+** Both keys are encoded in a single RSAPrivateKey structure.
+** "cx" is the random number generator context
+** "keySizeInBits" is the size of the key to be generated, in bits.
+** 512, 1024, etc.
+** "publicExponent" when not NULL is a pointer to some data that
+** represents the public exponent to use. The data is a byte
+** encoded integer, in "big endian" order.
+*/
+extern RSAPrivateKey *RSA_NewKey(int keySizeInBits,
+ SECItem *publicExponent);
+
+/*
+** Perform a raw public-key operation
+** Length of input and output buffers are equal to key's modulus len.
+*/
+extern SECStatus RSA_PublicKeyOp(RSAPublicKey *key,
+ unsigned char *output,
+ const unsigned char *input);
+
+/*
+** Perform a raw private-key operation
+** Length of input and output buffers are equal to key's modulus len.
+*/
+extern SECStatus RSA_PrivateKeyOp(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input);
+
+/*
+** Perform a raw private-key operation, and check the parameters used in
+** the operation for validity by performing a test operation first.
+** Length of input and output buffers are equal to key's modulus len.
+*/
+extern SECStatus RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input);
+
+/*
+** Perform a check of private key parameters for consistency.
+*/
+extern SECStatus RSA_PrivateKeyCheck(const RSAPrivateKey *key);
+
+/*
+** Given only minimal private key parameters, fill in the rest of the
+** parameters.
+**
+**
+** All the entries, including those supplied by the caller, will be
+** overwritten with data alocated out of the arena.
+**
+** If no arena is supplied, one will be created.
+**
+** The following fields must be supplied in order for this function
+** to succeed:
+** one of either publicExponent or privateExponent
+** two more of the following 5 parameters (not counting the above).
+** modulus (n)
+** prime1 (p)
+** prime2 (q)
+** publicExponent (e)
+** privateExponent (d)
+**
+** NOTE: if only the publicExponent, privateExponent, and one prime is given,
+** then there may be more than one RSA key that matches that combination. If
+** we find 2 possible valid keys that meet this criteria, we return an error.
+** If we return the wrong key, and the original modulus is compared to the
+** new modulus, both can be factored by calculateing gcd(n_old,n_new) to get
+** the common prime.
+**
+** NOTE: in some cases the publicExponent must be less than 2^23 for this
+** function to work correctly. (The case where we have only one of: modulus
+** prime1 and prime2).
+**
+** All parameters will be replaced in the key structure with new parameters
+** allocated out of the arena. There is no attempt to free the old structures.
+** prime1 will always be greater than prime2 (even if the caller supplies the
+** smaller prime as prime1 or the larger prime as prime2). The parameters are
+** not overwritten on failure.
+**
+** While the remaining Chinese remainder theorem parameters (dp,dp, and qinv)
+** can also be used in reconstructing the private key, they are currently
+** ignored in this implementation.
+*/
+extern SECStatus RSA_PopulatePrivateKey(RSAPrivateKey *key);
+
+/********************************************************************
+** RSA algorithm
+*/
+
+/********************************************************************
+** Raw signing/encryption/decryption operations.
+**
+** No padding or formatting will be applied.
+** inputLen MUST be equivalent to the modulus size (in bytes).
+*/
+extern SECStatus
+RSA_SignRaw(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+extern SECStatus
+RSA_CheckSignRaw(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen);
+
+extern SECStatus
+RSA_CheckSignRecoverRaw(RSAPublicKey *key,
+ unsigned char *data,
+ unsigned int *dataLen,
+ unsigned int maxDataLen,
+ const unsigned char *sig,
+ unsigned int sigLen);
+
+extern SECStatus
+RSA_EncryptRaw(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+extern SECStatus
+RSA_DecryptRaw(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+/********************************************************************
+** RSAES-OAEP encryption/decryption, as defined in RFC 3447, Section 7.1.
+**
+** Note: Only MGF1 is supported as the mask generation function. It will be
+** used with maskHashAlg as the inner hash function.
+**
+** Unless performing Known Answer Tests, "seed" should be NULL, indicating that
+** freebl should generate a random value. Otherwise, it should be an octet
+** string of seedLen bytes, which should be the same size as the output of
+** hashAlg.
+*/
+extern SECStatus
+RSA_EncryptOAEP(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ const unsigned char *seed,
+ unsigned int seedLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+extern SECStatus
+RSA_DecryptOAEP(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+/********************************************************************
+** RSAES-PKCS1-v1_5 encryption/decryption, as defined in RFC 3447, Section 7.2.
+*/
+extern SECStatus
+RSA_EncryptBlock(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+extern SECStatus
+RSA_DecryptBlock(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+/********************************************************************
+** RSASSA-PSS signing/verifying, as defined in RFC 3447, Section 8.1.
+**
+** Note: Only MGF1 is supported as the mask generation function. It will be
+** used with maskHashAlg as the inner hash function.
+**
+** Unless performing Known Answer Tests, "salt" should be NULL, indicating that
+** freebl should generate a random value.
+*/
+extern SECStatus
+RSA_SignPSS(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *salt,
+ unsigned int saltLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+extern SECStatus
+RSA_CheckSignPSS(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ unsigned int saltLen,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen);
+
+/********************************************************************
+** RSASSA-PKCS1-v1_5 signing/verifying, as defined in RFC 3447, Section 8.2.
+**
+** These functions expect as input to be the raw value to be signed. For most
+** cases using PKCS1-v1_5, this should be the value of T, the DER-encoded
+** DigestInfo structure defined in Section 9.2, Step 2.
+** Note: This can also be used for signatures that use PKCS1-v1_5 padding, such
+** as the signatures used in SSL/TLS, which sign a raw hash.
+*/
+extern SECStatus
+RSA_Sign(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *data,
+ unsigned int dataLen);
+
+extern SECStatus
+RSA_CheckSign(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *data,
+ unsigned int dataLen);
+
+extern SECStatus
+RSA_CheckSignRecover(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *sig,
+ unsigned int sigLen);
+
+/********************************************************************
+** DSA signing algorithm
+*/
+
+/* Generate a new random value within the interval [2, q-1].
+*/
+extern SECStatus DSA_NewRandom(PLArenaPool *arena, const SECItem *q,
+ SECItem *random);
+
+/*
+** Generate and return a new DSA public and private key pair,
+** both of which are encoded into a single DSAPrivateKey struct.
+** "params" is a pointer to the PQG parameters for the domain
+** Uses a random seed.
+*/
+extern SECStatus DSA_NewKey(const PQGParams *params,
+ DSAPrivateKey **privKey);
+
+/* signature is caller-supplied buffer of at least 20 bytes.
+** On input, signature->len == size of buffer to hold signature.
+** digest->len == size of digest.
+** On output, signature->len == size of signature in buffer.
+** Uses a random seed.
+*/
+extern SECStatus DSA_SignDigest(DSAPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest);
+
+/* signature is caller-supplied buffer of at least 20 bytes.
+** On input, signature->len == size of buffer to hold signature.
+** digest->len == size of digest.
+*/
+extern SECStatus DSA_VerifyDigest(DSAPublicKey *key,
+ const SECItem *signature,
+ const SECItem *digest);
+
+/* For FIPS compliance testing. Seed must be exactly 20 bytes long */
+extern SECStatus DSA_NewKeyFromSeed(const PQGParams *params,
+ const unsigned char *seed,
+ DSAPrivateKey **privKey);
+
+/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
+extern SECStatus DSA_SignDigestWithSeed(DSAPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest,
+ const unsigned char *seed);
+
+/******************************************************
+** Diffie Helman key exchange algorithm
+*/
+
+/* Generates parameters for Diffie-Helman key generation.
+** primeLen is the length in bytes of prime P to be generated.
+*/
+extern SECStatus DH_GenParam(int primeLen, DHParams **params);
+
+/* Generates a public and private key, both of which are encoded in a single
+** DHPrivateKey struct. Params is input, privKey are output.
+** This is Phase 1 of Diffie Hellman.
+*/
+extern SECStatus DH_NewKey(DHParams *params,
+ DHPrivateKey **privKey);
+
+/*
+** DH_Derive does the Diffie-Hellman phase 2 calculation, using the
+** other party's publicValue, and the prime and our privateValue.
+** maxOutBytes is the requested length of the generated secret in bytes.
+** A zero value means produce a value of any length up to the size of
+** the prime. If successful, derivedSecret->data is set
+** to the address of the newly allocated buffer containing the derived
+** secret, and derivedSecret->len is the size of the secret produced.
+** The size of the secret produced will depend on the value of outBytes.
+** If outBytes is 0, the key length will be all the significant bytes of
+** the derived secret (leading zeros are dropped). This length could be less
+** than the length of the prime. If outBytes is nonzero, the length of the
+** produced key will be outBytes long. If the key is truncated, the most
+** significant bytes are truncated. If it is expanded, zero bytes are added
+** at the beginning.
+** It is the caller's responsibility to free the allocated buffer
+** containing the derived secret.
+*/
+extern SECStatus DH_Derive(SECItem *publicValue,
+ SECItem *prime,
+ SECItem *privateValue,
+ SECItem *derivedSecret,
+ unsigned int outBytes);
+
+/*
+** KEA_CalcKey returns octet string with the private key for a dual
+** Diffie-Helman key generation as specified for government key exchange.
+*/
+extern SECStatus KEA_Derive(SECItem *prime,
+ SECItem *public1,
+ SECItem *public2,
+ SECItem *private1,
+ SECItem *private2,
+ SECItem *derivedSecret);
+
+/*
+ * verify that a KEA or DSA public key is a valid key for this prime and
+ * subprime domain.
+ */
+extern PRBool KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime);
+
+/****************************************
+ * J-PAKE key transport
+ */
+
+/* Given gx == g^x, create a Schnorr zero-knowledge proof for the value x
+ * using the specified hash algorithm and signer ID. The signature is
+ * returned in the values gv and r. testRandom must be NULL for a PRNG
+ * generated random committment to be used in the sigature. When testRandom
+ * is non-NULL, that value must contain a value in the subgroup q; that
+ * value will be used instead of a PRNG-generated committment in order to
+ * facilitate known-answer tests.
+ *
+ * If gxIn is non-NULL then it must contain a pre-computed value of g^x that
+ * will be used by the function; in this case, the gxOut parameter must be NULL.
+ * If the gxIn parameter is NULL then gxOut must be non-NULL; in this case
+ * gxOut will contain the value g^x on output.
+ *
+ * gx (if not supplied by the caller), gv, and r will be allocated in the arena.
+ * The arena is *not* optional so do not pass NULL for the arena parameter.
+ * The arena should be zeroed when it is freed.
+ */
+SECStatus
+JPAKE_Sign(PLArenaPool *arena, const PQGParams *pqg, HASH_HashType hashType,
+ const SECItem *signerID, const SECItem *x,
+ const SECItem *testRandom, const SECItem *gxIn, SECItem *gxOut,
+ SECItem *gv, SECItem *r);
+
+/* Given gx == g^x, verify the Schnorr zero-knowledge proof (gv, r) for the
+ * value x using the specified hash algorithm and signer ID.
+ *
+ * The arena is *not* optional so do not pass NULL for the arena parameter.
+ */
+SECStatus
+JPAKE_Verify(PLArenaPool *arena, const PQGParams *pqg,
+ HASH_HashType hashType, const SECItem *signerID,
+ const SECItem *peerID, const SECItem *gx,
+ const SECItem *gv, const SECItem *r);
+
+/* Call before round 2 with x2, s, and x2s all non-NULL. This will calculate
+ * base = g^(x1+x3+x4) (mod p) and x2s = x2*s (mod q). The values to send in
+ * round 2 (A and the proof of knowledge of x2s) can then be calculated with
+ * JPAKE_Sign using pqg->base = base and x = x2s.
+ *
+ * Call after round 2 with x2, s, and x2s all NULL, and passing (gx1, gx2, gx3)
+ * instead of (gx1, gx3, gx4). This will calculate base = g^(x1+x2+x3). Then call
+ * JPAKE_Verify with pqg->base = base and then JPAKE_Final.
+ *
+ * base and x2s will be allocated in the arena. The arena is *not* optional so
+ * do not pass NULL for the arena parameter. The arena should be zeroed when it
+ * is freed.
+*/
+SECStatus
+JPAKE_Round2(PLArenaPool *arena, const SECItem *p, const SECItem *q,
+ const SECItem *gx1, const SECItem *gx3, const SECItem *gx4,
+ SECItem *base, const SECItem *x2, const SECItem *s, SECItem *x2s);
+
+/* K = (B/g^(x2*x4*s))^x2 (mod p)
+ *
+ * K will be allocated in the arena. The arena is *not* optional so do not pass
+ * NULL for the arena parameter. The arena should be zeroed when it is freed.
+ */
+SECStatus
+JPAKE_Final(PLArenaPool *arena, const SECItem *p, const SECItem *q,
+ const SECItem *x2, const SECItem *gx4, const SECItem *x2s,
+ const SECItem *B, SECItem *K);
+
+/******************************************************
+** Elliptic Curve algorithms
+*/
+
+/* Generates a public and private key, both of which are encoded
+** in a single ECPrivateKey struct. Params is input, privKey are
+** output.
+*/
+extern SECStatus EC_NewKey(ECParams *params,
+ ECPrivateKey **privKey);
+
+extern SECStatus EC_NewKeyFromSeed(ECParams *params,
+ ECPrivateKey **privKey,
+ const unsigned char *seed,
+ int seedlen);
+
+/* Validates an EC public key as described in Section 5.2.2 of
+ * X9.62. Such validation prevents against small subgroup attacks
+ * when the ECDH primitive is used with the cofactor.
+ */
+extern SECStatus EC_ValidatePublicKey(ECParams *params,
+ SECItem *publicValue);
+
+/*
+** ECDH_Derive performs a scalar point multiplication of a point
+** representing a (peer's) public key and a large integer representing
+** a private key (its own). Both keys must use the same elliptic curve
+** parameters. If the withCofactor parameter is true, the
+** multiplication also uses the cofactor associated with the curve
+** parameters. The output of this scheme is the x-coordinate of the
+** resulting point. If successful, derivedSecret->data is set to the
+** address of the newly allocated buffer containing the derived
+** secret, and derivedSecret->len is the size of the secret
+** produced. It is the caller's responsibility to free the allocated
+** buffer containing the derived secret.
+*/
+extern SECStatus ECDH_Derive(SECItem *publicValue,
+ ECParams *params,
+ SECItem *privateValue,
+ PRBool withCofactor,
+ SECItem *derivedSecret);
+
+/* On input, signature->len == size of buffer to hold signature.
+** digest->len == size of digest.
+** On output, signature->len == size of signature in buffer.
+** Uses a random seed.
+*/
+extern SECStatus ECDSA_SignDigest(ECPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest);
+
+/* On input, signature->len == size of buffer to hold signature.
+** digest->len == size of digest.
+*/
+extern SECStatus ECDSA_VerifyDigest(ECPublicKey *key,
+ const SECItem *signature,
+ const SECItem *digest);
+
+/* Uses the provided seed. */
+extern SECStatus ECDSA_SignDigestWithSeed(ECPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest,
+ const unsigned char *seed,
+ const int seedlen);
+
+/******************************************/
+/*
+** RC4 symmetric stream cypher
+*/
+
+/*
+** Create a new RC4 context suitable for RC4 encryption/decryption.
+** "key" raw key data
+** "len" the number of bytes of key data
+*/
+extern RC4Context *RC4_CreateContext(const unsigned char *key, int len);
+
+extern RC4Context *RC4_AllocateContext(void);
+extern SECStatus RC4_InitContext(RC4Context *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *,
+ int,
+ unsigned int,
+ unsigned int);
+
+/*
+** Destroy an RC4 encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void RC4_DestroyContext(RC4Context *cx, PRBool freeit);
+
+/*
+** Perform RC4 encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus RC4_Encrypt(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform RC4 decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** RC2 symmetric block cypher
+*/
+
+/*
+** Create a new RC2 context suitable for RC2 encryption/decryption.
+** "key" raw key data
+** "len" the number of bytes of key data
+** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC)
+** "mode" one of NSS_RC2 or NSS_RC2_CBC
+** "effectiveKeyLen" is the effective key length (as specified in
+** RFC 2268) in bytes (not bits).
+**
+** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block
+** chaining" mode.
+*/
+extern RC2Context *RC2_CreateContext(const unsigned char *key, unsigned int len,
+ const unsigned char *iv, int mode,
+ unsigned effectiveKeyLen);
+extern RC2Context *RC2_AllocateContext(void);
+extern SECStatus RC2_InitContext(RC2Context *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int effectiveKeyLen,
+ unsigned int);
+
+/*
+** Destroy an RC2 encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void RC2_DestroyContext(RC2Context *cx, PRBool freeit);
+
+/*
+** Perform RC2 encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform RC2 decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** RC5 symmetric block cypher -- 64-bit block size
+*/
+
+/*
+** Create a new RC5 context suitable for RC5 encryption/decryption.
+** "key" raw key data
+** "len" the number of bytes of key data
+** "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC)
+** "mode" one of NSS_RC5 or NSS_RC5_CBC
+**
+** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block
+** chaining" mode.
+*/
+extern RC5Context *RC5_CreateContext(const SECItem *key, unsigned int rounds,
+ unsigned int wordSize, const unsigned char *iv, int mode);
+extern RC5Context *RC5_AllocateContext(void);
+extern SECStatus RC5_InitContext(RC5Context *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int rounds,
+ unsigned int wordSize);
+
+/*
+** Destroy an RC5 encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void RC5_DestroyContext(RC5Context *cx, PRBool freeit);
+
+/*
+** Perform RC5 encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus RC5_Encrypt(RC5Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform RC5 decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+
+extern SECStatus RC5_Decrypt(RC5Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** DES symmetric block cypher
+*/
+
+/*
+** Create a new DES context suitable for DES encryption/decryption.
+** "key" raw key data
+** "len" the number of bytes of key data
+** "iv" is the CBC initialization vector (if mode is NSS_DES_CBC or
+** mode is DES_EDE3_CBC)
+** "mode" one of NSS_DES, NSS_DES_CBC, NSS_DES_EDE3 or NSS_DES_EDE3_CBC
+** "encrypt" is PR_TRUE if the context will be used for encryption
+**
+** When mode is set to NSS_DES_CBC or NSS_DES_EDE3_CBC then the DES
+** cipher is run in "cipher block chaining" mode.
+*/
+extern DESContext *DES_CreateContext(const unsigned char *key,
+ const unsigned char *iv,
+ int mode, PRBool encrypt);
+extern DESContext *DES_AllocateContext(void);
+extern SECStatus DES_InitContext(DESContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int);
+
+/*
+** Destroy an DES encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void DES_DestroyContext(DESContext *cx, PRBool freeit);
+
+/*
+** Perform DES encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+**
+** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH
+*/
+extern SECStatus DES_Encrypt(DESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform DES decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+**
+** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH
+*/
+extern SECStatus DES_Decrypt(DESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** SEED symmetric block cypher
+*/
+extern SEEDContext *
+SEED_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, PRBool encrypt);
+extern SEEDContext *SEED_AllocateContext(void);
+extern SECStatus SEED_InitContext(SEEDContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode, unsigned int encrypt,
+ unsigned int);
+extern void SEED_DestroyContext(SEEDContext *cx, PRBool freeit);
+extern SECStatus
+SEED_Encrypt(SEEDContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+extern SECStatus
+SEED_Decrypt(SEEDContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** AES symmetric block cypher (Rijndael)
+*/
+
+/*
+** Create a new AES context suitable for AES encryption/decryption.
+** "key" raw key data
+** "keylen" the number of bytes of key data (16, 24, or 32)
+** "blocklen" is the blocksize to use (16, 24, or 32)
+** XXX currently only blocksize==16 has been tested!
+*/
+extern AESContext *
+AES_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, int encrypt,
+ unsigned int keylen, unsigned int blocklen);
+extern AESContext *AES_AllocateContext(void);
+extern SECStatus AES_InitContext(AESContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int blocklen);
+
+/*
+** Destroy a AES encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void
+AES_DestroyContext(AESContext *cx, PRBool freeit);
+
+/*
+** Perform AES encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+AES_Encrypt(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform AES decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+AES_Decrypt(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** AES key wrap algorithm, RFC 3394
+*/
+
+/*
+** Create a new AES context suitable for AES encryption/decryption.
+** "key" raw key data
+** "iv" The 8 byte "initial value"
+** "encrypt", a boolean, true for key wrapping, false for unwrapping.
+** "keylen" the number of bytes of key data (16, 24, or 32)
+*/
+extern AESKeyWrapContext *
+AESKeyWrap_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int encrypt, unsigned int keylen);
+extern AESKeyWrapContext *AESKeyWrap_AllocateContext(void);
+extern SECStatus
+AESKeyWrap_InitContext(AESKeyWrapContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int,
+ unsigned int encrypt,
+ unsigned int);
+
+/*
+** Destroy a AES KeyWrap context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void
+AESKeyWrap_DestroyContext(AESKeyWrapContext *cx, PRBool freeit);
+
+/*
+** Perform AES key wrap.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+AESKeyWrap_Encrypt(AESKeyWrapContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform AES key unwrap.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+AESKeyWrap_Decrypt(AESKeyWrapContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** Camellia symmetric block cypher
+*/
+
+/*
+** Create a new Camellia context suitable for Camellia encryption/decryption.
+** "key" raw key data
+** "keylen" the number of bytes of key data (16, 24, or 32)
+*/
+extern CamelliaContext *
+Camellia_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, int encrypt, unsigned int keylen);
+
+extern CamelliaContext *Camellia_AllocateContext(void);
+extern SECStatus Camellia_InitContext(CamelliaContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int unused);
+/*
+** Destroy a Camellia encryption/decryption context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void
+Camellia_DestroyContext(CamelliaContext *cx, PRBool freeit);
+
+/*
+** Perform Camellia encryption.
+** "cx" the context
+** "output" the output buffer to store the encrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+Camellia_Encrypt(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform Camellia decryption.
+** "cx" the context
+** "output" the output buffer to store the decrypted data.
+** "outputLen" how much data is stored in "output". Set by the routine
+** after some data is stored in output.
+** "maxOutputLen" the maximum amount of data that can ever be
+** stored in "output"
+** "input" the input data
+** "inputLen" the amount of input data
+*/
+extern SECStatus
+Camellia_Decrypt(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+/******************************************/
+/*
+** ChaCha20+Poly1305 AEAD
+*/
+
+extern SECStatus ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx,
+ const unsigned char *key,
+ unsigned int keyLen,
+ unsigned int tagLen);
+
+extern ChaCha20Poly1305Context *ChaCha20Poly1305_CreateContext(
+ const unsigned char *key, unsigned int keyLen, unsigned int tagLen);
+
+extern void ChaCha20Poly1305_DestroyContext(ChaCha20Poly1305Context *ctx,
+ PRBool freeit);
+
+extern SECStatus ChaCha20Poly1305_Seal(
+ const ChaCha20Poly1305Context *ctx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen);
+
+extern SECStatus ChaCha20Poly1305_Open(
+ const ChaCha20Poly1305Context *ctx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen);
+
+/******************************************/
+/*
+** MD5 secure hash function
+*/
+
+/*
+** Hash a null terminated string "src" into "dest" using MD5
+*/
+extern SECStatus MD5_Hash(unsigned char *dest, const char *src);
+
+/*
+** Hash a non-null terminated string "src" into "dest" using MD5
+*/
+extern SECStatus MD5_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+
+/*
+** Create a new MD5 context
+*/
+extern MD5Context *MD5_NewContext(void);
+
+/*
+** Destroy an MD5 secure hash context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void MD5_DestroyContext(MD5Context *cx, PRBool freeit);
+
+/*
+** Reset an MD5 context, preparing it for a fresh round of hashing
+*/
+extern void MD5_Begin(MD5Context *cx);
+
+/*
+** Update the MD5 hash function with more data.
+** "cx" the context
+** "input" the data to hash
+** "inputLen" the amount of data to hash
+*/
+extern void MD5_Update(MD5Context *cx,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Finish the MD5 hash function. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 16 bytes of digest data are stored
+** "digestLen" where the digest length (16) is stored
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void MD5_End(MD5Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+/*
+** Export the current state of the MD5 hash without appending the standard
+** padding and length bytes. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 16 bytes of digest data are stored
+** "digestLen" where the digest length (16) is stored (optional)
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void MD5_EndRaw(MD5Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+/*
+ * Return the the size of a buffer needed to flatten the MD5 Context into
+ * "cx" the context
+ * returns size;
+ */
+extern unsigned int MD5_FlattenSize(MD5Context *cx);
+
+/*
+ * Flatten the MD5 Context into a buffer:
+ * "cx" the context
+ * "space" the buffer to flatten to
+ * returns status;
+ */
+extern SECStatus MD5_Flatten(MD5Context *cx, unsigned char *space);
+
+/*
+ * Resurrect a flattened context into a MD5 Context
+ * "space" the buffer of the flattend buffer
+ * "arg" ptr to void used by cryptographic resurrect
+ * returns resurected context;
+ */
+extern MD5Context *MD5_Resurrect(unsigned char *space, void *arg);
+extern void MD5_Clone(MD5Context *dest, MD5Context *src);
+
+/*
+** trace the intermediate state info of the MD5 hash.
+*/
+extern void MD5_TraceState(MD5Context *cx);
+
+/******************************************/
+/*
+** MD2 secure hash function
+*/
+
+/*
+** Hash a null terminated string "src" into "dest" using MD2
+*/
+extern SECStatus MD2_Hash(unsigned char *dest, const char *src);
+
+/*
+** Create a new MD2 context
+*/
+extern MD2Context *MD2_NewContext(void);
+
+/*
+** Destroy an MD2 secure hash context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void MD2_DestroyContext(MD2Context *cx, PRBool freeit);
+
+/*
+** Reset an MD2 context, preparing it for a fresh round of hashing
+*/
+extern void MD2_Begin(MD2Context *cx);
+
+/*
+** Update the MD2 hash function with more data.
+** "cx" the context
+** "input" the data to hash
+** "inputLen" the amount of data to hash
+*/
+extern void MD2_Update(MD2Context *cx,
+ const unsigned char *input, unsigned int inputLen);
+
+/*
+** Finish the MD2 hash function. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 16 bytes of digest data are stored
+** "digestLen" where the digest length (16) is stored
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void MD2_End(MD2Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+/*
+ * Return the the size of a buffer needed to flatten the MD2 Context into
+ * "cx" the context
+ * returns size;
+ */
+extern unsigned int MD2_FlattenSize(MD2Context *cx);
+
+/*
+ * Flatten the MD2 Context into a buffer:
+ * "cx" the context
+ * "space" the buffer to flatten to
+ * returns status;
+ */
+extern SECStatus MD2_Flatten(MD2Context *cx, unsigned char *space);
+
+/*
+ * Resurrect a flattened context into a MD2 Context
+ * "space" the buffer of the flattend buffer
+ * "arg" ptr to void used by cryptographic resurrect
+ * returns resurected context;
+ */
+extern MD2Context *MD2_Resurrect(unsigned char *space, void *arg);
+extern void MD2_Clone(MD2Context *dest, MD2Context *src);
+
+/******************************************/
+/*
+** SHA-1 secure hash function
+*/
+
+/*
+** Hash a null terminated string "src" into "dest" using SHA-1
+*/
+extern SECStatus SHA1_Hash(unsigned char *dest, const char *src);
+
+/*
+** Hash a non-null terminated string "src" into "dest" using SHA-1
+*/
+extern SECStatus SHA1_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+
+/*
+** Create a new SHA-1 context
+*/
+extern SHA1Context *SHA1_NewContext(void);
+
+/*
+** Destroy a SHA-1 secure hash context.
+** "cx" the context
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void SHA1_DestroyContext(SHA1Context *cx, PRBool freeit);
+
+/*
+** Reset a SHA-1 context, preparing it for a fresh round of hashing
+*/
+extern void SHA1_Begin(SHA1Context *cx);
+
+/*
+** Update the SHA-1 hash function with more data.
+** "cx" the context
+** "input" the data to hash
+** "inputLen" the amount of data to hash
+*/
+extern void SHA1_Update(SHA1Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+
+/*
+** Finish the SHA-1 hash function. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 16 bytes of digest data are stored
+** "digestLen" where the digest length (20) is stored
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void SHA1_End(SHA1Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+/*
+** Export the current state of the SHA-1 hash without appending the standard
+** padding and length bytes. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 20 bytes of digest data are stored
+** "digestLen" where the digest length (20) is stored (optional)
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void SHA1_EndRaw(SHA1Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+/*
+** trace the intermediate state info of the SHA1 hash.
+*/
+extern void SHA1_TraceState(SHA1Context *cx);
+
+/*
+ * Return the the size of a buffer needed to flatten the SHA-1 Context into
+ * "cx" the context
+ * returns size;
+ */
+extern unsigned int SHA1_FlattenSize(SHA1Context *cx);
+
+/*
+ * Flatten the SHA-1 Context into a buffer:
+ * "cx" the context
+ * "space" the buffer to flatten to
+ * returns status;
+ */
+extern SECStatus SHA1_Flatten(SHA1Context *cx, unsigned char *space);
+
+/*
+ * Resurrect a flattened context into a SHA-1 Context
+ * "space" the buffer of the flattend buffer
+ * "arg" ptr to void used by cryptographic resurrect
+ * returns resurected context;
+ */
+extern SHA1Context *SHA1_Resurrect(unsigned char *space, void *arg);
+extern void SHA1_Clone(SHA1Context *dest, SHA1Context *src);
+
+/******************************************/
+
+extern SHA224Context *SHA224_NewContext(void);
+extern void SHA224_DestroyContext(SHA224Context *cx, PRBool freeit);
+extern void SHA224_Begin(SHA224Context *cx);
+extern void SHA224_Update(SHA224Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+extern void SHA224_End(SHA224Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+/*
+** Export the current state of the SHA-224 hash without appending the standard
+** padding and length bytes. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 28 bytes of digest data are stored
+** "digestLen" where the digest length (28) is stored (optional)
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void SHA224_EndRaw(SHA224Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+extern SECStatus SHA224_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+extern SECStatus SHA224_Hash(unsigned char *dest, const char *src);
+extern void SHA224_TraceState(SHA224Context *cx);
+extern unsigned int SHA224_FlattenSize(SHA224Context *cx);
+extern SECStatus SHA224_Flatten(SHA224Context *cx, unsigned char *space);
+extern SHA224Context *SHA224_Resurrect(unsigned char *space, void *arg);
+extern void SHA224_Clone(SHA224Context *dest, SHA224Context *src);
+
+/******************************************/
+
+extern SHA256Context *SHA256_NewContext(void);
+extern void SHA256_DestroyContext(SHA256Context *cx, PRBool freeit);
+extern void SHA256_Begin(SHA256Context *cx);
+extern void SHA256_Update(SHA256Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+extern void SHA256_End(SHA256Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+/*
+** Export the current state of the SHA-256 hash without appending the standard
+** padding and length bytes. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 32 bytes of digest data are stored
+** "digestLen" where the digest length (32) is stored (optional)
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void SHA256_EndRaw(SHA256Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+extern SECStatus SHA256_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+extern SECStatus SHA256_Hash(unsigned char *dest, const char *src);
+extern void SHA256_TraceState(SHA256Context *cx);
+extern unsigned int SHA256_FlattenSize(SHA256Context *cx);
+extern SECStatus SHA256_Flatten(SHA256Context *cx, unsigned char *space);
+extern SHA256Context *SHA256_Resurrect(unsigned char *space, void *arg);
+extern void SHA256_Clone(SHA256Context *dest, SHA256Context *src);
+
+/******************************************/
+
+extern SHA512Context *SHA512_NewContext(void);
+extern void SHA512_DestroyContext(SHA512Context *cx, PRBool freeit);
+extern void SHA512_Begin(SHA512Context *cx);
+extern void SHA512_Update(SHA512Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+/*
+** Export the current state of the SHA-512 hash without appending the standard
+** padding and length bytes. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 64 bytes of digest data are stored
+** "digestLen" where the digest length (64) is stored (optional)
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void SHA512_EndRaw(SHA512Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+extern void SHA512_End(SHA512Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+extern SECStatus SHA512_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+extern SECStatus SHA512_Hash(unsigned char *dest, const char *src);
+extern void SHA512_TraceState(SHA512Context *cx);
+extern unsigned int SHA512_FlattenSize(SHA512Context *cx);
+extern SECStatus SHA512_Flatten(SHA512Context *cx, unsigned char *space);
+extern SHA512Context *SHA512_Resurrect(unsigned char *space, void *arg);
+extern void SHA512_Clone(SHA512Context *dest, SHA512Context *src);
+
+/******************************************/
+
+extern SHA384Context *SHA384_NewContext(void);
+extern void SHA384_DestroyContext(SHA384Context *cx, PRBool freeit);
+extern void SHA384_Begin(SHA384Context *cx);
+extern void SHA384_Update(SHA384Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+extern void SHA384_End(SHA384Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+/*
+** Export the current state of the SHA-384 hash without appending the standard
+** padding and length bytes. Produce the digested results in "digest"
+** "cx" the context
+** "digest" where the 48 bytes of digest data are stored
+** "digestLen" where the digest length (48) is stored (optional)
+** "maxDigestLen" the maximum amount of data that can ever be
+** stored in "digest"
+*/
+extern void SHA384_EndRaw(SHA384Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+extern SECStatus SHA384_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+extern SECStatus SHA384_Hash(unsigned char *dest, const char *src);
+extern void SHA384_TraceState(SHA384Context *cx);
+extern unsigned int SHA384_FlattenSize(SHA384Context *cx);
+extern SECStatus SHA384_Flatten(SHA384Context *cx, unsigned char *space);
+extern SHA384Context *SHA384_Resurrect(unsigned char *space, void *arg);
+extern void SHA384_Clone(SHA384Context *dest, SHA384Context *src);
+
+/****************************************
+ * implement TLS 1.0 Pseudo Random Function (PRF) and TLS P_hash function
+ */
+
+extern SECStatus
+TLS_PRF(const SECItem *secret, const char *label, SECItem *seed,
+ SECItem *result, PRBool isFIPS);
+
+extern SECStatus
+TLS_P_hash(HASH_HashType hashAlg, const SECItem *secret, const char *label,
+ SECItem *seed, SECItem *result, PRBool isFIPS);
+
+/******************************************/
+/*
+** Pseudo Random Number Generation. FIPS compliance desirable.
+*/
+
+/*
+** Initialize the global RNG context and give it some seed input taken
+** from the system. This function is thread-safe and will only allow
+** the global context to be initialized once. The seed input is likely
+** small, so it is imperative that RNG_RandomUpdate() be called with
+** additional seed data before the generator is used. A good way to
+** provide the generator with additional entropy is to call
+** RNG_SystemInfoForRNG(). Note that NSS_Init() does exactly that.
+*/
+extern SECStatus RNG_RNGInit(void);
+
+/*
+** Update the global random number generator with more seeding
+** material
+*/
+extern SECStatus RNG_RandomUpdate(const void *data, size_t bytes);
+
+/*
+** Generate some random bytes, using the global random number generator
+** object.
+*/
+extern SECStatus RNG_GenerateGlobalRandomBytes(void *dest, size_t len);
+
+extern SECStatus RNG_ResetForFuzzing(void);
+
+/* Destroy the global RNG context. After a call to RNG_RNGShutdown()
+** a call to RNG_RNGInit() is required in order to use the generator again,
+** along with seed data (see the comment above RNG_RNGInit()).
+*/
+extern void RNG_RNGShutdown(void);
+
+extern void RNG_SystemInfoForRNG(void);
+
+/*
+ * FIPS 186-2 Change Notice 1 RNG Algorithm 1, used both to
+ * generate the DSA X parameter and as a generic purpose RNG.
+ *
+ * The following two FIPS186Change functions are needed for
+ * NIST RNG Validation System.
+ */
+
+/*
+ * FIPS186Change_GenerateX is now deprecated. It will return SECFailure with
+ * the error set to PR_NOT_IMPLEMENTED_ERROR.
+ */
+extern SECStatus
+FIPS186Change_GenerateX(unsigned char *XKEY,
+ const unsigned char *XSEEDj,
+ unsigned char *x_j);
+
+/*
+ * When generating the DSA X parameter, we generate 2*GSIZE bytes
+ * of random output and reduce it mod q.
+ *
+ * Input: w, 2*GSIZE bytes
+ * q, DSA_SUBPRIME_LEN bytes
+ * Output: xj, DSA_SUBPRIME_LEN bytes
+ */
+extern SECStatus
+FIPS186Change_ReduceModQForDSA(const unsigned char *w,
+ const unsigned char *q,
+ unsigned char *xj);
+
+/* To allow NIST KAT tests */
+extern SECStatus
+PRNGTEST_Instantiate_Kat(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *nonce, unsigned int nonce_len,
+ const PRUint8 *personal_string, unsigned int ps_len);
+
+/*
+ * The following functions are for FIPS poweron self test and FIPS algorithm
+ * testing.
+ */
+extern SECStatus
+PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *nonce, unsigned int nonce_len,
+ const PRUint8 *personal_string, unsigned int ps_len);
+
+extern SECStatus
+PRNGTEST_Reseed(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *additional, unsigned int additional_len);
+
+extern SECStatus
+PRNGTEST_Generate(PRUint8 *bytes, unsigned int bytes_len,
+ const PRUint8 *additional, unsigned int additional_len);
+
+extern SECStatus
+PRNGTEST_Uninstantiate(void);
+
+extern SECStatus
+PRNGTEST_RunHealthTests(void);
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of seed and length of h both equal length of P.
+ * All lengths are specified by "j", according to the table above.
+ *
+ * The verify parameters will conform to FIPS186-1.
+ */
+extern SECStatus
+PQG_ParamGen(unsigned int j, /* input : determines length of P. */
+ PQGParams **pParams, /* output: P Q and G returned here */
+ PQGVerify **pVfy); /* output: counter and seed. */
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of P specified by j. Length of h will match length of P.
+ * Length of SEED in bytes specified in seedBytes.
+ * seedBbytes must be in the range [20..255] or an error will result.
+ *
+ * The verify parameters will conform to FIPS186-1.
+ */
+extern SECStatus
+PQG_ParamGenSeedLen(
+ unsigned int j, /* input : determines length of P. */
+ unsigned int seedBytes, /* input : length of seed in bytes.*/
+ PQGParams **pParams, /* output: P Q and G returned here */
+ PQGVerify **pVfy); /* output: counter and seed. */
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of P specified by L in bits.
+ * Length of Q specified by N in bits.
+ * Length of SEED in bytes specified in seedBytes.
+ * seedBbytes must be in the range [N..L*2] or an error will result.
+ *
+ * Not that J uses the above table, L is the length exact. L and N must
+ * match the table below or an error will result:
+ *
+ * L N
+ * 1024 160
+ * 2048 224
+ * 2048 256
+ * 3072 256
+ *
+ * If N or seedBytes are set to zero, then PQG_ParamGenSeedLen will
+ * pick a default value (typically the smallest secure value for these
+ * variables).
+ *
+ * The verify parameters will conform to FIPS186-3 using the smallest
+ * permissible hash for the key strength.
+ */
+extern SECStatus
+PQG_ParamGenV2(
+ unsigned int L, /* input : determines length of P. */
+ unsigned int N, /* input : determines length of Q. */
+ unsigned int seedBytes, /* input : length of seed in bytes.*/
+ PQGParams **pParams, /* output: P Q and G returned here */
+ PQGVerify **pVfy); /* output: counter and seed. */
+
+/* Test PQGParams for validity as DSS PQG values.
+ * If vfy is non-NULL, test PQGParams to make sure they were generated
+ * using the specified seed, counter, and h values.
+ *
+ * Return value indicates whether Verification operation ran successfully
+ * to completion, but does not indicate if PQGParams are valid or not.
+ * If return value is SECSuccess, then *pResult has these meanings:
+ * SECSuccess: PQGParams are valid.
+ * SECFailure: PQGParams are invalid.
+ *
+ * Verify the PQG againts the counter, SEED and h.
+ * These tests are specified in FIPS 186-3 Appendix A.1.1.1, A.1.1.3, and A.2.2
+ * PQG_VerifyParams will automatically choose the appropriate test.
+ */
+
+extern SECStatus PQG_VerifyParams(const PQGParams *params,
+ const PQGVerify *vfy, SECStatus *result);
+
+extern void PQG_DestroyParams(PQGParams *params);
+
+extern void PQG_DestroyVerify(PQGVerify *vfy);
+
+/*
+ * clean-up any global tables freebl may have allocated after it starts up.
+ * This function is not thread safe and should be called only after the
+ * library has been quiessed.
+ */
+extern void BL_Cleanup(void);
+
+/* unload freebl shared library from memory */
+extern void BL_Unload(void);
+
+/**************************************************************************
+ * Verify a given Shared library signature *
+ **************************************************************************/
+PRBool BLAPI_SHVerify(const char *name, PRFuncPtr addr);
+
+/**************************************************************************
+ * Verify a given filename's signature *
+ **************************************************************************/
+PRBool BLAPI_SHVerifyFile(const char *shName);
+
+/**************************************************************************
+ * Verify Are Own Shared library signature *
+ **************************************************************************/
+PRBool BLAPI_VerifySelf(const char *name);
+
+/*********************************************************************/
+extern const SECHashObject *HASH_GetRawHashObject(HASH_HashType hashType);
+
+extern void BL_SetForkState(PRBool forked);
+
+/*
+** pepare an ECParam structure from DEREncoded params
+ */
+extern SECStatus EC_FillParams(PLArenaPool *arena,
+ const SECItem *encodedParams, ECParams *params);
+extern SECStatus EC_DecodeParams(const SECItem *encodedParams,
+ ECParams **ecparams);
+extern SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
+ const ECParams *srcParams);
+
+/*
+ * use the internal table to get the size in bytes of a single EC point
+ */
+extern int EC_GetPointSize(const ECParams *params);
+
+SEC_END_PROTOS
+
+#endif /* _BLAPI_H_ */
diff --git a/security/nss/lib/freebl/blapii.h b/security/nss/lib/freebl/blapii.h
new file mode 100644
index 000000000..6ad2e2892
--- /dev/null
+++ b/security/nss/lib/freebl/blapii.h
@@ -0,0 +1,61 @@
+/*
+ * blapii.h - private data structures and prototypes for the freebl library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _BLAPII_H_
+#define _BLAPII_H_
+
+#include "blapit.h"
+
+/* max block size of supported block ciphers */
+#define MAX_BLOCK_SIZE 16
+
+typedef SECStatus (*freeblCipherFunc)(void *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ unsigned int blocksize);
+typedef void (*freeblDestroyFunc)(void *cx, PRBool freeit);
+
+SEC_BEGIN_PROTOS
+
+SECStatus BL_FIPSEntryOK(PRBool freeblOnly);
+PRBool BL_POSTRan(PRBool freeblOnly);
+
+#if defined(XP_UNIX) && !defined(NO_FORK_CHECK)
+
+extern PRBool bl_parentForkedAfterC_Initialize;
+
+#define SKIP_AFTER_FORK(x) \
+ if (!bl_parentForkedAfterC_Initialize) \
+ x
+
+#else
+
+#define SKIP_AFTER_FORK(x) x
+
+#endif
+
+SEC_END_PROTOS
+
+#if defined(NSS_X86_OR_X64)
+#define HAVE_UNALIGNED_ACCESS 1
+#endif
+
+#if defined(__clang__)
+#define HAVE_NO_SANITIZE_ATTR __has_attribute(no_sanitize)
+#else
+#define HAVE_NO_SANITIZE_ATTR 0
+#endif
+
+#if defined(HAVE_UNALIGNED_ACCESS) && HAVE_NO_SANITIZE_ATTR
+#define NO_SANITIZE_ALIGNMENT __attribute__((no_sanitize("alignment")))
+#else
+#define NO_SANITIZE_ALIGNMENT
+#endif
+
+#undef HAVE_NO_SANITIZE_ATTR
+
+#endif /* _BLAPII_H_ */
diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h
new file mode 100644
index 000000000..2a17b5f46
--- /dev/null
+++ b/security/nss/lib/freebl/blapit.h
@@ -0,0 +1,414 @@
+/*
+ * blapit.h - public data structures for the freebl library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _BLAPIT_H_
+#define _BLAPIT_H_
+
+#include "seccomon.h"
+#include "prlink.h"
+#include "plarena.h"
+#include "ecl-exp.h"
+
+/* RC2 operation modes */
+#define NSS_RC2 0
+#define NSS_RC2_CBC 1
+
+/* RC5 operation modes */
+#define NSS_RC5 0
+#define NSS_RC5_CBC 1
+
+/* DES operation modes */
+#define NSS_DES 0
+#define NSS_DES_CBC 1
+#define NSS_DES_EDE3 2
+#define NSS_DES_EDE3_CBC 3
+
+#define DES_KEY_LENGTH 8 /* Bytes */
+
+/* AES operation modes */
+#define NSS_AES 0
+#define NSS_AES_CBC 1
+#define NSS_AES_CTS 2
+#define NSS_AES_CTR 3
+#define NSS_AES_GCM 4
+
+/* Camellia operation modes */
+#define NSS_CAMELLIA 0
+#define NSS_CAMELLIA_CBC 1
+
+/* SEED operation modes */
+#define NSS_SEED 0
+#define NSS_SEED_CBC 1
+
+#define DSA1_SUBPRIME_LEN 20 /* Bytes */
+#define DSA1_SIGNATURE_LEN (DSA1_SUBPRIME_LEN * 2) /* Bytes */
+#define DSA_MAX_SUBPRIME_LEN 32 /* Bytes */
+#define DSA_MAX_SIGNATURE_LEN (DSA_MAX_SUBPRIME_LEN * 2) /* Bytes */
+
+/*
+ * Mark the old defines as deprecated. This will warn code that expected
+ * DSA1 only that they need to change if the are to support DSA2.
+ */
+#if defined(__GNUC__) && (__GNUC__ > 3)
+/* make GCC warn when we use these #defines */
+typedef int __BLAPI_DEPRECATED __attribute__((deprecated));
+#define DSA_SUBPRIME_LEN ((__BLAPI_DEPRECATED)DSA1_SUBPRIME_LEN)
+#define DSA_SIGNATURE_LEN ((__BLAPI_DEPRECATED)DSA1_SIGNATURE_LEN)
+#define DSA_Q_BITS ((__BLAPI_DEPRECATED)(DSA1_SUBPRIME_LEN * 8))
+#else
+#ifdef _WIN32
+/* This magic gets the windows compiler to give us a deprecation
+ * warning */
+#pragma deprecated(DSA_SUBPRIME_LEN, DSA_SIGNATURE_LEN, DSA_QBITS)
+#endif
+#define DSA_SUBPRIME_LEN DSA1_SUBPRIME_LEN
+#define DSA_SIGNATURE_LEN DSA1_SIGNATURE_LEN
+#define DSA_Q_BITS (DSA1_SUBPRIME_LEN * 8)
+#endif
+
+/* XXX We shouldn't have to hard code this limit. For
+ * now, this is the quickest way to support ECDSA signature
+ * processing (ECDSA signature lengths depend on curve
+ * size). This limit is sufficient for curves upto
+ * 576 bits.
+ */
+#define MAX_ECKEY_LEN 72 /* Bytes */
+
+#define EC_MAX_KEY_BITS 521 /* in bits */
+#define EC_MIN_KEY_BITS 256 /* in bits */
+
+/* EC point compression format */
+#define EC_POINT_FORM_COMPRESSED_Y0 0x02
+#define EC_POINT_FORM_COMPRESSED_Y1 0x03
+#define EC_POINT_FORM_UNCOMPRESSED 0x04
+#define EC_POINT_FORM_HYBRID_Y0 0x06
+#define EC_POINT_FORM_HYBRID_Y1 0x07
+
+/*
+ * Number of bytes each hash algorithm produces
+ */
+#define MD2_LENGTH 16 /* Bytes */
+#define MD5_LENGTH 16 /* Bytes */
+#define SHA1_LENGTH 20 /* Bytes */
+#define SHA256_LENGTH 32 /* bytes */
+#define SHA384_LENGTH 48 /* bytes */
+#define SHA512_LENGTH 64 /* bytes */
+#define HASH_LENGTH_MAX SHA512_LENGTH
+
+/*
+ * Input block size for each hash algorithm.
+ */
+
+#define MD2_BLOCK_LENGTH 64 /* bytes */
+#define MD5_BLOCK_LENGTH 64 /* bytes */
+#define SHA1_BLOCK_LENGTH 64 /* bytes */
+#define SHA224_BLOCK_LENGTH 64 /* bytes */
+#define SHA256_BLOCK_LENGTH 64 /* bytes */
+#define SHA384_BLOCK_LENGTH 128 /* bytes */
+#define SHA512_BLOCK_LENGTH 128 /* bytes */
+#define HASH_BLOCK_LENGTH_MAX SHA512_BLOCK_LENGTH
+
+#define AES_KEY_WRAP_IV_BYTES 8
+#define AES_KEY_WRAP_BLOCK_SIZE 8 /* bytes */
+#define AES_BLOCK_SIZE 16 /* bytes */
+
+#define AES_128_KEY_LENGTH 16 /* bytes */
+#define AES_192_KEY_LENGTH 24 /* bytes */
+#define AES_256_KEY_LENGTH 32 /* bytes */
+
+#define CAMELLIA_BLOCK_SIZE 16 /* bytes */
+
+#define SEED_BLOCK_SIZE 16 /* bytes */
+#define SEED_KEY_LENGTH 16 /* bytes */
+
+#define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
+
+/*
+ * These values come from the initial key size limits from the PKCS #11
+ * module. They may be arbitrarily adjusted to any value freebl supports.
+ */
+#define RSA_MIN_MODULUS_BITS 128
+#define RSA_MAX_MODULUS_BITS 16384
+#define RSA_MAX_EXPONENT_BITS 64
+#define DH_MIN_P_BITS 128
+#define DH_MAX_P_BITS 16384
+
+/*
+ * The FIPS 186-1 algorithm for generating primes P and Q allows only 9
+ * distinct values for the length of P, and only one value for the
+ * length of Q.
+ * The algorithm uses a variable j to indicate which of the 9 lengths
+ * of P is to be used.
+ * The following table relates j to the lengths of P and Q in bits.
+ *
+ * j bits in P bits in Q
+ * _ _________ _________
+ * 0 512 160
+ * 1 576 160
+ * 2 640 160
+ * 3 704 160
+ * 4 768 160
+ * 5 832 160
+ * 6 896 160
+ * 7 960 160
+ * 8 1024 160
+ *
+ * The FIPS-186-1 compliant PQG generator takes j as an input parameter.
+ *
+ * FIPS 186-3 algorithm specifies 4 distinct P and Q sizes:
+ *
+ * bits in P bits in Q
+ * _________ _________
+ * 1024 160
+ * 2048 224
+ * 2048 256
+ * 3072 256
+ *
+ * The FIPS-186-3 complaiant PQG generator (PQG V2) takes arbitrary p and q
+ * lengths as input and returns an error if they aren't in this list.
+ */
+
+#define DSA1_Q_BITS 160
+#define DSA_MAX_P_BITS 3072
+#define DSA_MIN_P_BITS 512
+#define DSA_MAX_Q_BITS 256
+#define DSA_MIN_Q_BITS 160
+
+#if DSA_MAX_Q_BITS != DSA_MAX_SUBPRIME_LEN * 8
+#error "Inconsistent declaration of DSA SUBPRIME/Q parameters in blapit.h"
+#endif
+
+/*
+ * function takes desired number of bits in P,
+ * returns index (0..8) or -1 if number of bits is invalid.
+ */
+#define PQG_PBITS_TO_INDEX(bits) \
+ (((bits) < 512 || (bits) > 1024 || (bits) % 64) ? -1 : (int)((bits)-512) / 64)
+
+/*
+ * function takes index (0-8)
+ * returns number of bits in P for that index, or -1 if index is invalid.
+ */
+#define PQG_INDEX_TO_PBITS(j) (((unsigned)(j) > 8) ? -1 : (512 + 64 * (j)))
+
+/***************************************************************************
+** Opaque objects
+*/
+
+struct DESContextStr;
+struct RC2ContextStr;
+struct RC4ContextStr;
+struct RC5ContextStr;
+struct AESContextStr;
+struct CamelliaContextStr;
+struct MD2ContextStr;
+struct MD5ContextStr;
+struct SHA1ContextStr;
+struct SHA256ContextStr;
+struct SHA512ContextStr;
+struct AESKeyWrapContextStr;
+struct SEEDContextStr;
+struct ChaCha20Poly1305ContextStr;
+
+typedef struct DESContextStr DESContext;
+typedef struct RC2ContextStr RC2Context;
+typedef struct RC4ContextStr RC4Context;
+typedef struct RC5ContextStr RC5Context;
+typedef struct AESContextStr AESContext;
+typedef struct CamelliaContextStr CamelliaContext;
+typedef struct MD2ContextStr MD2Context;
+typedef struct MD5ContextStr MD5Context;
+typedef struct SHA1ContextStr SHA1Context;
+typedef struct SHA256ContextStr SHA256Context;
+/* SHA224Context is really a SHA256ContextStr. This is not a mistake. */
+typedef struct SHA256ContextStr SHA224Context;
+typedef struct SHA512ContextStr SHA512Context;
+/* SHA384Context is really a SHA512ContextStr. This is not a mistake. */
+typedef struct SHA512ContextStr SHA384Context;
+typedef struct AESKeyWrapContextStr AESKeyWrapContext;
+typedef struct SEEDContextStr SEEDContext;
+typedef struct ChaCha20Poly1305ContextStr ChaCha20Poly1305Context;
+
+/***************************************************************************
+** RSA Public and Private Key structures
+*/
+
+/* member names from PKCS#1, section 7.1 */
+struct RSAPublicKeyStr {
+ PLArenaPool *arena;
+ SECItem modulus;
+ SECItem publicExponent;
+};
+typedef struct RSAPublicKeyStr RSAPublicKey;
+
+/* member names from PKCS#1, section 7.2 */
+struct RSAPrivateKeyStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECItem modulus;
+ SECItem publicExponent;
+ SECItem privateExponent;
+ SECItem prime1;
+ SECItem prime2;
+ SECItem exponent1;
+ SECItem exponent2;
+ SECItem coefficient;
+};
+typedef struct RSAPrivateKeyStr RSAPrivateKey;
+
+/***************************************************************************
+** DSA Public and Private Key and related structures
+*/
+
+struct PQGParamsStr {
+ PLArenaPool *arena;
+ SECItem prime; /* p */
+ SECItem subPrime; /* q */
+ SECItem base; /* g */
+ /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
+};
+typedef struct PQGParamsStr PQGParams;
+
+struct PQGVerifyStr {
+ PLArenaPool *arena; /* includes this struct, seed, & h. */
+ unsigned int counter;
+ SECItem seed;
+ SECItem h;
+};
+typedef struct PQGVerifyStr PQGVerify;
+
+struct DSAPublicKeyStr {
+ PQGParams params;
+ SECItem publicValue;
+};
+typedef struct DSAPublicKeyStr DSAPublicKey;
+
+struct DSAPrivateKeyStr {
+ PQGParams params;
+ SECItem publicValue;
+ SECItem privateValue;
+};
+typedef struct DSAPrivateKeyStr DSAPrivateKey;
+
+/***************************************************************************
+** Diffie-Hellman Public and Private Key and related structures
+** Structure member names suggested by PKCS#3.
+*/
+
+struct DHParamsStr {
+ PLArenaPool *arena;
+ SECItem prime; /* p */
+ SECItem base; /* g */
+};
+typedef struct DHParamsStr DHParams;
+
+struct DHPublicKeyStr {
+ PLArenaPool *arena;
+ SECItem prime;
+ SECItem base;
+ SECItem publicValue;
+};
+typedef struct DHPublicKeyStr DHPublicKey;
+
+struct DHPrivateKeyStr {
+ PLArenaPool *arena;
+ SECItem prime;
+ SECItem base;
+ SECItem publicValue;
+ SECItem privateValue;
+};
+typedef struct DHPrivateKeyStr DHPrivateKey;
+
+/***************************************************************************
+** Data structures used for elliptic curve parameters and
+** public and private keys.
+*/
+
+/*
+** The ECParams data structures can encode elliptic curve
+** parameters for both GFp and GF2m curves.
+*/
+
+typedef enum { ec_params_explicit,
+ ec_params_named
+} ECParamsType;
+
+typedef enum { ec_field_GFp = 1,
+ ec_field_GF2m,
+ ec_field_plain
+} ECFieldType;
+
+struct ECFieldIDStr {
+ int size; /* field size in bits */
+ ECFieldType type;
+ union {
+ SECItem prime; /* prime p for (GFp) */
+ SECItem poly; /* irreducible binary polynomial for (GF2m) */
+ } u;
+ int k1; /* first coefficient of pentanomial or
+ * the only coefficient of trinomial
+ */
+ int k2; /* two remaining coefficients of pentanomial */
+ int k3;
+};
+typedef struct ECFieldIDStr ECFieldID;
+
+struct ECCurveStr {
+ SECItem a; /* contains octet stream encoding of
+ * field element (X9.62 section 4.3.3)
+ */
+ SECItem b;
+ SECItem seed;
+};
+typedef struct ECCurveStr ECCurve;
+
+struct ECParamsStr {
+ PLArenaPool *arena;
+ ECParamsType type;
+ ECFieldID fieldID;
+ ECCurve curve;
+ SECItem base;
+ SECItem order;
+ int cofactor;
+ SECItem DEREncoding;
+ ECCurveName name;
+ SECItem curveOID;
+};
+typedef struct ECParamsStr ECParams;
+
+struct ECPublicKeyStr {
+ ECParams ecParams;
+ SECItem publicValue; /* elliptic curve point encoded as
+ * octet stream.
+ */
+};
+typedef struct ECPublicKeyStr ECPublicKey;
+
+struct ECPrivateKeyStr {
+ ECParams ecParams;
+ SECItem publicValue; /* encoded ec point */
+ SECItem privateValue; /* private big integer */
+ SECItem version; /* As per SEC 1, Appendix C, Section C.4 */
+};
+typedef struct ECPrivateKeyStr ECPrivateKey;
+
+typedef void *(*BLapiAllocateFunc)(void);
+typedef void (*BLapiDestroyContextFunc)(void *cx, PRBool freeit);
+typedef SECStatus (*BLapiInitContextFunc)(void *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *,
+ int,
+ unsigned int,
+ unsigned int);
+typedef SECStatus (*BLapiEncrypt)(void *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+#endif /* _BLAPIT_H_ */
diff --git a/security/nss/lib/freebl/blname.c b/security/nss/lib/freebl/blname.c
new file mode 100644
index 000000000..4bad74ada
--- /dev/null
+++ b/security/nss/lib/freebl/blname.c
@@ -0,0 +1,100 @@
+/*
+ * blname.c - determine the freebl library name.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#if defined(FREEBL_LOWHASH)
+static const char* default_name =
+ SHLIB_PREFIX "freeblpriv" SHLIB_VERSION "." SHLIB_SUFFIX;
+#else
+static const char* default_name =
+ SHLIB_PREFIX "freebl" SHLIB_VERSION "." SHLIB_SUFFIX;
+#endif
+
+/* getLibName() returns the name of the library to load. */
+
+#if defined(SOLARIS) && defined(__sparc)
+#include <stddef.h>
+#include <strings.h>
+#include <sys/systeminfo.h>
+
+#if defined(NSS_USE_64)
+
+const static char fpu_hybrid_shared_lib[] = "libfreebl_64fpu_3.so";
+const static char int_hybrid_shared_lib[] = "libfreebl_64int_3.so";
+const static char non_hybrid_shared_lib[] = "libfreebl_64fpu_3.so";
+
+const static char int_hybrid_isa[] = "sparcv9";
+const static char fpu_hybrid_isa[] = "sparcv9+vis";
+
+#else
+
+const static char fpu_hybrid_shared_lib[] = "libfreebl_32fpu_3.so";
+const static char int_hybrid_shared_lib[] = "libfreebl_32int64_3.so";
+/* This was for SPARC V8, now obsolete. */
+const static char* const non_hybrid_shared_lib = NULL;
+
+const static char int_hybrid_isa[] = "sparcv8plus";
+const static char fpu_hybrid_isa[] = "sparcv8plus+vis";
+
+#endif
+
+static const char*
+getLibName(void)
+{
+ char* found_int_hybrid;
+ char* found_fpu_hybrid;
+ long buflen;
+ char buf[256];
+
+ buflen = sysinfo(SI_ISALIST, buf, sizeof buf);
+ if (buflen <= 0)
+ return NULL;
+ /* sysinfo output is always supposed to be NUL terminated, but ... */
+ if (buflen < sizeof buf)
+ buf[buflen] = '\0';
+ else
+ buf[(sizeof buf) - 1] = '\0';
+ /* The ISA list is a space separated string of names of ISAs and
+ * ISA extensions, in order of decreasing performance.
+ * There are two different ISAs with which NSS's crypto code can be
+ * accelerated. If both are in the list, we take the first one.
+ * If one is in the list, we use it, and if neither then we use
+ * the base unaccelerated code.
+ */
+ found_int_hybrid = strstr(buf, int_hybrid_isa);
+ found_fpu_hybrid = strstr(buf, fpu_hybrid_isa);
+ if (found_fpu_hybrid &&
+ (!found_int_hybrid ||
+ (found_int_hybrid - found_fpu_hybrid) >= 0)) {
+ return fpu_hybrid_shared_lib;
+ }
+ if (found_int_hybrid) {
+ return int_hybrid_shared_lib;
+ }
+ return non_hybrid_shared_lib;
+}
+
+#elif defined(HPUX) && !defined(NSS_USE_64) && !defined(__ia64)
+#include <unistd.h>
+
+/* This code tests to see if we're running on a PA2.x CPU.
+** It returns true (1) if so, and false (0) otherwise.
+*/
+static const char*
+getLibName(void)
+{
+ long cpu = sysconf(_SC_CPU_VERSION);
+ return (cpu == CPU_PA_RISC2_0)
+ ? "libfreebl_32fpu_3.sl"
+ : "libfreebl_32int_3.sl";
+}
+#else
+/* default case, for platforms/ABIs that have only one freebl shared lib. */
+static const char*
+getLibName(void)
+{
+ return default_name;
+}
+#endif
diff --git a/security/nss/lib/freebl/camellia.c b/security/nss/lib/freebl/camellia.c
new file mode 100644
index 000000000..8a7bcb0fe
--- /dev/null
+++ b/security/nss/lib/freebl/camellia.c
@@ -0,0 +1,1896 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prinit.h"
+#include "prerr.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "blapi.h"
+#include "camellia.h"
+#include "sha_fast.h" /* for SHA_HTONL and related configuration macros */
+
+/* key constants */
+
+#define CAMELLIA_SIGMA1L (0xA09E667FL)
+#define CAMELLIA_SIGMA1R (0x3BCC908BL)
+#define CAMELLIA_SIGMA2L (0xB67AE858L)
+#define CAMELLIA_SIGMA2R (0x4CAA73B2L)
+#define CAMELLIA_SIGMA3L (0xC6EF372FL)
+#define CAMELLIA_SIGMA3R (0xE94F82BEL)
+#define CAMELLIA_SIGMA4L (0x54FF53A5L)
+#define CAMELLIA_SIGMA4R (0xF1D36F1CL)
+#define CAMELLIA_SIGMA5L (0x10E527FAL)
+#define CAMELLIA_SIGMA5R (0xDE682D1DL)
+#define CAMELLIA_SIGMA6L (0xB05688C2L)
+#define CAMELLIA_SIGMA6R (0xB3E6C1FDL)
+
+/*
+ * macros
+ */
+
+#if defined(HAVE_UNALIGNED_ACCESS)
+
+/* require a CPU that allows unaligned access */
+
+#if defined(SHA_NEED_TMP_VARIABLE)
+#define CAMELLIA_NEED_TMP_VARIABLE 1
+#endif
+
+#define GETU32(p) SHA_HTONL(*((PRUint32 *)(p)))
+#define PUTU32(ct, st) \
+ { \
+ *((PRUint32 *)(ct)) = SHA_HTONL(st); \
+ }
+
+#else /* no unaligned access */
+
+#define GETU32(pt) \
+ (((PRUint32)(pt)[0] << 24) ^ ((PRUint32)(pt)[1] << 16) ^ ((PRUint32)(pt)[2] << 8) ^ ((PRUint32)(pt)[3]))
+
+#define PUTU32(ct, st) \
+ { \
+ (ct)[0] = (PRUint8)((st) >> 24); \
+ (ct)[1] = (PRUint8)((st) >> 16); \
+ (ct)[2] = (PRUint8)((st) >> 8); \
+ (ct)[3] = (PRUint8)(st); \
+ }
+
+#endif
+
+#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2])
+#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])
+
+/* rotation right shift 1byte */
+#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
+/* rotation left shift 1bit */
+#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31))
+/* rotation left shift 1byte */
+#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24))
+
+#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \
+ do { \
+ w0 = ll; \
+ ll = (ll << bits) + (lr >> (32 - bits)); \
+ lr = (lr << bits) + (rl >> (32 - bits)); \
+ rl = (rl << bits) + (rr >> (32 - bits)); \
+ rr = (rr << bits) + (w0 >> (32 - bits)); \
+ } while (0)
+
+#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \
+ do { \
+ w0 = ll; \
+ w1 = lr; \
+ ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \
+ lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \
+ rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \
+ rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \
+ } while (0)
+
+#define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)])
+#define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)])
+#define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)])
+#define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)])
+
+#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
+ do { \
+ il = xl ^ kl; \
+ ir = xr ^ kr; \
+ t0 = il >> 16; \
+ t1 = ir >> 16; \
+ yl = CAMELLIA_SP1110(ir & 0xff) ^ \
+ CAMELLIA_SP0222((t1 >> 8) & 0xff) ^ \
+ CAMELLIA_SP3033(t1 & 0xff) ^ \
+ CAMELLIA_SP4404((ir >> 8) & 0xff); \
+ yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) ^ \
+ CAMELLIA_SP0222(t0 & 0xff) ^ \
+ CAMELLIA_SP3033((il >> 8) & 0xff) ^ \
+ CAMELLIA_SP4404(il & 0xff); \
+ yl ^= yr; \
+ yr = CAMELLIA_RR8(yr); \
+ yr ^= yl; \
+ } while (0)
+
+/*
+ * for speed up
+ *
+ */
+#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
+ do { \
+ t0 = kll; \
+ t0 &= ll; \
+ lr ^= CAMELLIA_RL1(t0); \
+ t1 = klr; \
+ t1 |= lr; \
+ ll ^= t1; \
+ \
+ t2 = krr; \
+ t2 |= rr; \
+ rl ^= t2; \
+ t3 = krl; \
+ t3 &= rl; \
+ rr ^= CAMELLIA_RL1(t3); \
+ } while (0)
+
+#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
+ do { \
+ ir = CAMELLIA_SP1110(xr & 0xff) ^ \
+ CAMELLIA_SP0222((xr >> 24) & 0xff) ^ \
+ CAMELLIA_SP3033((xr >> 16) & 0xff) ^ \
+ CAMELLIA_SP4404((xr >> 8) & 0xff); \
+ il = CAMELLIA_SP1110((xl >> 24) & 0xff) ^ \
+ CAMELLIA_SP0222((xl >> 16) & 0xff) ^ \
+ CAMELLIA_SP3033((xl >> 8) & 0xff) ^ \
+ CAMELLIA_SP4404(xl & 0xff); \
+ il ^= kl; \
+ ir ^= kr; \
+ ir ^= il; \
+ il = CAMELLIA_RR8(il); \
+ il ^= ir; \
+ yl ^= ir; \
+ yr ^= il; \
+ } while (0)
+
+static const PRUint32 camellia_sp1110[256] = {
+ 0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00,
+ 0xb3b3b300, 0x27272700, 0xc0c0c000, 0xe5e5e500,
+ 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
+ 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100,
+ 0x23232300, 0xefefef00, 0x6b6b6b00, 0x93939300,
+ 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
+ 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00,
+ 0x1d1d1d00, 0x65656500, 0x92929200, 0xbdbdbd00,
+ 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
+ 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00,
+ 0x3e3e3e00, 0x30303000, 0xdcdcdc00, 0x5f5f5f00,
+ 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
+ 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00,
+ 0xd5d5d500, 0x47474700, 0x5d5d5d00, 0x3d3d3d00,
+ 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
+ 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00,
+ 0x8b8b8b00, 0x0d0d0d00, 0x9a9a9a00, 0x66666600,
+ 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
+ 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000,
+ 0xf0f0f000, 0xb1b1b100, 0x84848400, 0x99999900,
+ 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
+ 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500,
+ 0x6d6d6d00, 0xb7b7b700, 0xa9a9a900, 0x31313100,
+ 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
+ 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100,
+ 0xdedede00, 0x1b1b1b00, 0x11111100, 0x1c1c1c00,
+ 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
+ 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200,
+ 0xfefefe00, 0x44444400, 0xcfcfcf00, 0xb2b2b200,
+ 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
+ 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800,
+ 0x60606000, 0xfcfcfc00, 0x69696900, 0x50505000,
+ 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
+ 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700,
+ 0x54545400, 0x5b5b5b00, 0x1e1e1e00, 0x95959500,
+ 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
+ 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800,
+ 0xa3a3a300, 0xf7f7f700, 0x75757500, 0xdbdbdb00,
+ 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
+ 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400,
+ 0x87878700, 0x5c5c5c00, 0x83838300, 0x02020200,
+ 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
+ 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300,
+ 0x9d9d9d00, 0x7f7f7f00, 0xbfbfbf00, 0xe2e2e200,
+ 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
+ 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00,
+ 0x81818100, 0x96969600, 0x6f6f6f00, 0x4b4b4b00,
+ 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
+ 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00,
+ 0x9f9f9f00, 0x6e6e6e00, 0xbcbcbc00, 0x8e8e8e00,
+ 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
+ 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900,
+ 0x78787800, 0x98989800, 0x06060600, 0x6a6a6a00,
+ 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
+ 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200,
+ 0x88888800, 0xa2a2a200, 0x8d8d8d00, 0xfafafa00,
+ 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
+ 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00,
+ 0x36363600, 0x49494900, 0x2a2a2a00, 0x68686800,
+ 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
+ 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00,
+ 0xbbbbbb00, 0xc9c9c900, 0x43434300, 0xc1c1c100,
+ 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
+ 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00,
+};
+
+static const PRUint32 camellia_sp0222[256] = {
+ 0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9,
+ 0x00676767, 0x004e4e4e, 0x00818181, 0x00cbcbcb,
+ 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
+ 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282,
+ 0x00464646, 0x00dfdfdf, 0x00d6d6d6, 0x00272727,
+ 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
+ 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c,
+ 0x003a3a3a, 0x00cacaca, 0x00252525, 0x007b7b7b,
+ 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
+ 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d,
+ 0x007c7c7c, 0x00606060, 0x00b9b9b9, 0x00bebebe,
+ 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
+ 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595,
+ 0x00ababab, 0x008e8e8e, 0x00bababa, 0x007a7a7a,
+ 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
+ 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a,
+ 0x00171717, 0x001a1a1a, 0x00353535, 0x00cccccc,
+ 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
+ 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040,
+ 0x00e1e1e1, 0x00636363, 0x00090909, 0x00333333,
+ 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
+ 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a,
+ 0x00dadada, 0x006f6f6f, 0x00535353, 0x00626262,
+ 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
+ 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2,
+ 0x00bdbdbd, 0x00363636, 0x00222222, 0x00383838,
+ 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
+ 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444,
+ 0x00fdfdfd, 0x00888888, 0x009f9f9f, 0x00656565,
+ 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
+ 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151,
+ 0x00c0c0c0, 0x00f9f9f9, 0x00d2d2d2, 0x00a0a0a0,
+ 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
+ 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f,
+ 0x00a8a8a8, 0x00b6b6b6, 0x003c3c3c, 0x002b2b2b,
+ 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
+ 0x00202020, 0x00898989, 0x00000000, 0x00909090,
+ 0x00474747, 0x00efefef, 0x00eaeaea, 0x00b7b7b7,
+ 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
+ 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929,
+ 0x000f0f0f, 0x00b8b8b8, 0x00070707, 0x00040404,
+ 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
+ 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7,
+ 0x003b3b3b, 0x00fefefe, 0x007f7f7f, 0x00c5c5c5,
+ 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
+ 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676,
+ 0x00030303, 0x002d2d2d, 0x00dedede, 0x00969696,
+ 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
+ 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919,
+ 0x003f3f3f, 0x00dcdcdc, 0x00797979, 0x001d1d1d,
+ 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
+ 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2,
+ 0x00f0f0f0, 0x00313131, 0x000c0c0c, 0x00d4d4d4,
+ 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
+ 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484,
+ 0x00111111, 0x00454545, 0x001b1b1b, 0x00f5f5f5,
+ 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
+ 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414,
+ 0x006c6c6c, 0x00929292, 0x00545454, 0x00d0d0d0,
+ 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
+ 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6,
+ 0x00777777, 0x00939393, 0x00868686, 0x00838383,
+ 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
+ 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d,
+};
+
+static const PRUint32 camellia_sp3033[256] = {
+ 0x38003838, 0x41004141, 0x16001616, 0x76007676,
+ 0xd900d9d9, 0x93009393, 0x60006060, 0xf200f2f2,
+ 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
+ 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0,
+ 0x91009191, 0xf700f7f7, 0xb500b5b5, 0xc900c9c9,
+ 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
+ 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727,
+ 0x8e008e8e, 0xb200b2b2, 0x49004949, 0xde00dede,
+ 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
+ 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767,
+ 0x1f001f1f, 0x18001818, 0x6e006e6e, 0xaf00afaf,
+ 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
+ 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565,
+ 0xea00eaea, 0xa300a3a3, 0xae00aeae, 0x9e009e9e,
+ 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
+ 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6,
+ 0xc500c5c5, 0x86008686, 0x4d004d4d, 0x33003333,
+ 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
+ 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010,
+ 0x78007878, 0xd800d8d8, 0x42004242, 0xcc00cccc,
+ 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
+ 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282,
+ 0xb600b6b6, 0xdb00dbdb, 0xd400d4d4, 0x98009898,
+ 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
+ 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0,
+ 0x6f006f6f, 0x8d008d8d, 0x88008888, 0x0e000e0e,
+ 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
+ 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111,
+ 0x7f007f7f, 0x22002222, 0xe700e7e7, 0x59005959,
+ 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
+ 0x12001212, 0x04000404, 0x74007474, 0x54005454,
+ 0x30003030, 0x7e007e7e, 0xb400b4b4, 0x28002828,
+ 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
+ 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb,
+ 0x2a002a2a, 0xad00adad, 0x0f000f0f, 0xca00caca,
+ 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
+ 0x08000808, 0x62006262, 0x00000000, 0x24002424,
+ 0xd100d1d1, 0xfb00fbfb, 0xba00baba, 0xed00eded,
+ 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
+ 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a,
+ 0xc300c3c3, 0x2e002e2e, 0xc100c1c1, 0x01000101,
+ 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
+ 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9,
+ 0xce00cece, 0xbf00bfbf, 0xdf00dfdf, 0x71007171,
+ 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
+ 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d,
+ 0xc000c0c0, 0x4b004b4b, 0xb700b7b7, 0xa500a5a5,
+ 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
+ 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646,
+ 0xcf00cfcf, 0x37003737, 0x5e005e5e, 0x47004747,
+ 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
+ 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac,
+ 0x3c003c3c, 0x4c004c4c, 0x03000303, 0x35003535,
+ 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
+ 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121,
+ 0x44004444, 0x51005151, 0xc600c6c6, 0x7d007d7d,
+ 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
+ 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505,
+ 0x1b001b1b, 0xa400a4a4, 0x15001515, 0x34003434,
+ 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
+ 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd,
+ 0xdd00dddd, 0xe400e4e4, 0xa100a1a1, 0xe000e0e0,
+ 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
+ 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f,
+};
+
+static const PRUint32 camellia_sp4404[256] = {
+ 0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0,
+ 0xe4e400e4, 0x57570057, 0xeaea00ea, 0xaeae00ae,
+ 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
+ 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092,
+ 0x86860086, 0xafaf00af, 0x7c7c007c, 0x1f1f001f,
+ 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
+ 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d,
+ 0xd9d900d9, 0x5a5a005a, 0x51510051, 0x6c6c006c,
+ 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
+ 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084,
+ 0xdfdf00df, 0xcbcb00cb, 0x34340034, 0x76760076,
+ 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
+ 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011,
+ 0x32320032, 0x9c9c009c, 0x53530053, 0xf2f200f2,
+ 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
+ 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069,
+ 0xaaaa00aa, 0xa0a000a0, 0xa1a100a1, 0x62620062,
+ 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
+ 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075,
+ 0x8a8a008a, 0xe6e600e6, 0x09090009, 0xdddd00dd,
+ 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
+ 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf,
+ 0x52520052, 0xd8d800d8, 0xc8c800c8, 0xc6c600c6,
+ 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
+ 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc,
+ 0x29290029, 0xf9f900f9, 0x2f2f002f, 0xb4b400b4,
+ 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
+ 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d,
+ 0x72720072, 0xb9b900b9, 0xf8f800f8, 0xacac00ac,
+ 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
+ 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043,
+ 0x15150015, 0xadad00ad, 0x77770077, 0x80800080,
+ 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
+ 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041,
+ 0xefef00ef, 0x93930093, 0x19190019, 0x21210021,
+ 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
+ 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce,
+ 0x30300030, 0x5f5f005f, 0xc5c500c5, 0x1a1a001a,
+ 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
+ 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d,
+ 0x0d0d000d, 0x66660066, 0xcccc00cc, 0x2d2d002d,
+ 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
+ 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005,
+ 0xb7b700b7, 0x31310031, 0x17170017, 0xd7d700d7,
+ 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
+ 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022,
+ 0x44440044, 0xb2b200b2, 0xb5b500b5, 0x91910091,
+ 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
+ 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097,
+ 0x5b5b005b, 0x95950095, 0xffff00ff, 0xd2d200d2,
+ 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
+ 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094,
+ 0x5c5c005c, 0x02020002, 0x4a4a004a, 0x33330033,
+ 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
+ 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b,
+ 0x96960096, 0x4b4b004b, 0xbebe00be, 0x2e2e002e,
+ 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
+ 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059,
+ 0x98980098, 0x6a6a006a, 0x46460046, 0xbaba00ba,
+ 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
+ 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a,
+ 0x49490049, 0x68680068, 0x38380038, 0xa4a400a4,
+ 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
+ 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e,
+};
+
+/**
+ * Stuff related to the Camellia key schedule
+ */
+#define subl(x) subL[(x)]
+#define subr(x) subR[(x)]
+
+void
+camellia_setup128(const unsigned char *key, PRUint32 *subkey)
+{
+ PRUint32 kll, klr, krl, krr;
+ PRUint32 il, ir, t0, t1, w0, w1;
+ PRUint32 kw4l, kw4r, dw, tl, tr;
+ PRUint32 subL[26];
+ PRUint32 subR[26];
+#if defined(CAMELLIA_NEED_TMP_VARIABLE)
+ PRUint32 tmp;
+#endif
+
+ /**
+ * k == kll || klr || krl || krr (|| is concatination)
+ */
+ kll = GETU32(key);
+ klr = GETU32(key + 4);
+ krl = GETU32(key + 8);
+ krr = GETU32(key + 12);
+ /**
+ * generate KL dependent subkeys
+ */
+ subl(0) = kll;
+ subr(0) = klr;
+ subl(1) = krl;
+ subr(1) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(4) = kll;
+ subr(4) = klr;
+ subl(5) = krl;
+ subr(5) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
+ subl(10) = kll;
+ subr(10) = klr;
+ subl(11) = krl;
+ subr(11) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(13) = krl;
+ subr(13) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+ subl(16) = kll;
+ subr(16) = klr;
+ subl(17) = krl;
+ subr(17) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+ subl(18) = kll;
+ subr(18) = klr;
+ subl(19) = krl;
+ subr(19) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+ subl(22) = kll;
+ subr(22) = klr;
+ subl(23) = krl;
+ subr(23) = krr;
+
+ /* generate KA */
+ kll = subl(0);
+ klr = subr(0);
+ krl = subl(1);
+ krr = subr(1);
+ CAMELLIA_F(kll, klr,
+ CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
+ w0, w1, il, ir, t0, t1);
+ krl ^= w0;
+ krr ^= w1;
+ CAMELLIA_F(krl, krr,
+ CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
+ kll, klr, il, ir, t0, t1);
+ CAMELLIA_F(kll, klr,
+ CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
+ krl, krr, il, ir, t0, t1);
+ krl ^= w0;
+ krr ^= w1;
+ CAMELLIA_F(krl, krr,
+ CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
+ w0, w1, il, ir, t0, t1);
+ kll ^= w0;
+ klr ^= w1;
+
+ /* generate KA dependent subkeys */
+ subl(2) = kll;
+ subr(2) = klr;
+ subl(3) = krl;
+ subr(3) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(6) = kll;
+ subr(6) = klr;
+ subl(7) = krl;
+ subr(7) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(8) = kll;
+ subr(8) = klr;
+ subl(9) = krl;
+ subr(9) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(12) = kll;
+ subr(12) = klr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(14) = kll;
+ subr(14) = klr;
+ subl(15) = krl;
+ subr(15) = krr;
+ CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
+ subl(20) = kll;
+ subr(20) = klr;
+ subl(21) = krl;
+ subr(21) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+ subl(24) = kll;
+ subr(24) = klr;
+ subl(25) = krl;
+ subr(25) = krr;
+
+ /* absorb kw2 to other subkeys */
+ subl(3) ^= subl(1);
+ subr(3) ^= subr(1);
+ subl(5) ^= subl(1);
+ subr(5) ^= subr(1);
+ subl(7) ^= subl(1);
+ subr(7) ^= subr(1);
+ subl(1) ^= subr(1) & ~subr(9);
+ dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw);
+ subl(11) ^= subl(1);
+ subr(11) ^= subr(1);
+ subl(13) ^= subl(1);
+ subr(13) ^= subr(1);
+ subl(15) ^= subl(1);
+ subr(15) ^= subr(1);
+ subl(1) ^= subr(1) & ~subr(17);
+ dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw);
+ subl(19) ^= subl(1);
+ subr(19) ^= subr(1);
+ subl(21) ^= subl(1);
+ subr(21) ^= subr(1);
+ subl(23) ^= subl(1);
+ subr(23) ^= subr(1);
+ subl(24) ^= subl(1);
+ subr(24) ^= subr(1);
+
+ /* absorb kw4 to other subkeys */
+ kw4l = subl(25);
+ kw4r = subr(25);
+ subl(22) ^= kw4l;
+ subr(22) ^= kw4r;
+ subl(20) ^= kw4l;
+ subr(20) ^= kw4r;
+ subl(18) ^= kw4l;
+ subr(18) ^= kw4r;
+ kw4l ^= kw4r & ~subr(16);
+ dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw);
+ subl(14) ^= kw4l;
+ subr(14) ^= kw4r;
+ subl(12) ^= kw4l;
+ subr(12) ^= kw4r;
+ subl(10) ^= kw4l;
+ subr(10) ^= kw4r;
+ kw4l ^= kw4r & ~subr(8);
+ dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw);
+ subl(6) ^= kw4l;
+ subr(6) ^= kw4r;
+ subl(4) ^= kw4l;
+ subr(4) ^= kw4r;
+ subl(2) ^= kw4l;
+ subr(2) ^= kw4r;
+ subl(0) ^= kw4l;
+ subr(0) ^= kw4r;
+
+ /* key XOR is end of F-function */
+ CamelliaSubkeyL(0) = subl(0) ^ subl(2);
+ CamelliaSubkeyR(0) = subr(0) ^ subr(2);
+ CamelliaSubkeyL(2) = subl(3);
+ CamelliaSubkeyR(2) = subr(3);
+ CamelliaSubkeyL(3) = subl(2) ^ subl(4);
+ CamelliaSubkeyR(3) = subr(2) ^ subr(4);
+ CamelliaSubkeyL(4) = subl(3) ^ subl(5);
+ CamelliaSubkeyR(4) = subr(3) ^ subr(5);
+ CamelliaSubkeyL(5) = subl(4) ^ subl(6);
+ CamelliaSubkeyR(5) = subr(4) ^ subr(6);
+ CamelliaSubkeyL(6) = subl(5) ^ subl(7);
+ CamelliaSubkeyR(6) = subr(5) ^ subr(7);
+ tl = subl(10) ^ (subr(10) & ~subr(8));
+ dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(7) = subl(6) ^ tl;
+ CamelliaSubkeyR(7) = subr(6) ^ tr;
+ CamelliaSubkeyL(8) = subl(8);
+ CamelliaSubkeyR(8) = subr(8);
+ CamelliaSubkeyL(9) = subl(9);
+ CamelliaSubkeyR(9) = subr(9);
+ tl = subl(7) ^ (subr(7) & ~subr(9));
+ dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(10) = tl ^ subl(11);
+ CamelliaSubkeyR(10) = tr ^ subr(11);
+ CamelliaSubkeyL(11) = subl(10) ^ subl(12);
+ CamelliaSubkeyR(11) = subr(10) ^ subr(12);
+ CamelliaSubkeyL(12) = subl(11) ^ subl(13);
+ CamelliaSubkeyR(12) = subr(11) ^ subr(13);
+ CamelliaSubkeyL(13) = subl(12) ^ subl(14);
+ CamelliaSubkeyR(13) = subr(12) ^ subr(14);
+ CamelliaSubkeyL(14) = subl(13) ^ subl(15);
+ CamelliaSubkeyR(14) = subr(13) ^ subr(15);
+ tl = subl(18) ^ (subr(18) & ~subr(16));
+ dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(15) = subl(14) ^ tl;
+ CamelliaSubkeyR(15) = subr(14) ^ tr;
+ CamelliaSubkeyL(16) = subl(16);
+ CamelliaSubkeyR(16) = subr(16);
+ CamelliaSubkeyL(17) = subl(17);
+ CamelliaSubkeyR(17) = subr(17);
+ tl = subl(15) ^ (subr(15) & ~subr(17));
+ dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(18) = tl ^ subl(19);
+ CamelliaSubkeyR(18) = tr ^ subr(19);
+ CamelliaSubkeyL(19) = subl(18) ^ subl(20);
+ CamelliaSubkeyR(19) = subr(18) ^ subr(20);
+ CamelliaSubkeyL(20) = subl(19) ^ subl(21);
+ CamelliaSubkeyR(20) = subr(19) ^ subr(21);
+ CamelliaSubkeyL(21) = subl(20) ^ subl(22);
+ CamelliaSubkeyR(21) = subr(20) ^ subr(22);
+ CamelliaSubkeyL(22) = subl(21) ^ subl(23);
+ CamelliaSubkeyR(22) = subr(21) ^ subr(23);
+ CamelliaSubkeyL(23) = subl(22);
+ CamelliaSubkeyR(23) = subr(22);
+ CamelliaSubkeyL(24) = subl(24) ^ subl(23);
+ CamelliaSubkeyR(24) = subr(24) ^ subr(23);
+
+ /* apply the inverse of the last half of P-function */
+ dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
+ dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
+ dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
+ dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
+ dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
+ dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
+ dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
+ dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
+ dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
+ dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
+ dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
+ dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
+ dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
+ dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
+ dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
+ dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
+ dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
+ dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
+
+ return;
+}
+
+void
+camellia_setup256(const unsigned char *key, PRUint32 *subkey)
+{
+ PRUint32 kll, klr, krl, krr; /* left half of key */
+ PRUint32 krll, krlr, krrl, krrr; /* right half of key */
+ PRUint32 il, ir, t0, t1, w0, w1; /* temporary variables */
+ PRUint32 kw4l, kw4r, dw, tl, tr;
+ PRUint32 subL[34];
+ PRUint32 subR[34];
+#if defined(CAMELLIA_NEED_TMP_VARIABLE)
+ PRUint32 tmp;
+#endif
+
+ /**
+ * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
+ * (|| is concatination)
+ */
+
+ kll = GETU32(key);
+ klr = GETU32(key + 4);
+ krl = GETU32(key + 8);
+ krr = GETU32(key + 12);
+ krll = GETU32(key + 16);
+ krlr = GETU32(key + 20);
+ krrl = GETU32(key + 24);
+ krrr = GETU32(key + 28);
+
+ /* generate KL dependent subkeys */
+ subl(0) = kll;
+ subr(0) = klr;
+ subl(1) = krl;
+ subr(1) = krr;
+ CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45);
+ subl(12) = kll;
+ subr(12) = klr;
+ subl(13) = krl;
+ subr(13) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(16) = kll;
+ subr(16) = klr;
+ subl(17) = krl;
+ subr(17) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+ subl(22) = kll;
+ subr(22) = klr;
+ subl(23) = krl;
+ subr(23) = krr;
+ CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
+ subl(30) = kll;
+ subr(30) = klr;
+ subl(31) = krl;
+ subr(31) = krr;
+
+ /* generate KR dependent subkeys */
+ CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
+ subl(4) = krll;
+ subr(4) = krlr;
+ subl(5) = krrl;
+ subr(5) = krrr;
+ CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
+ subl(8) = krll;
+ subr(8) = krlr;
+ subl(9) = krrl;
+ subr(9) = krrr;
+ CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
+ subl(18) = krll;
+ subr(18) = krlr;
+ subl(19) = krrl;
+ subr(19) = krrr;
+ CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
+ subl(26) = krll;
+ subr(26) = krlr;
+ subl(27) = krrl;
+ subr(27) = krrr;
+ CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
+
+ /* generate KA */
+ kll = subl(0) ^ krll;
+ klr = subr(0) ^ krlr;
+ krl = subl(1) ^ krrl;
+ krr = subr(1) ^ krrr;
+ CAMELLIA_F(kll, klr,
+ CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
+ w0, w1, il, ir, t0, t1);
+ krl ^= w0;
+ krr ^= w1;
+ CAMELLIA_F(krl, krr,
+ CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
+ kll, klr, il, ir, t0, t1);
+ kll ^= krll;
+ klr ^= krlr;
+ CAMELLIA_F(kll, klr,
+ CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
+ krl, krr, il, ir, t0, t1);
+ krl ^= w0 ^ krrl;
+ krr ^= w1 ^ krrr;
+ CAMELLIA_F(krl, krr,
+ CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
+ w0, w1, il, ir, t0, t1);
+ kll ^= w0;
+ klr ^= w1;
+
+ /* generate KB */
+ krll ^= kll;
+ krlr ^= klr;
+ krrl ^= krl;
+ krrr ^= krr;
+ CAMELLIA_F(krll, krlr,
+ CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R,
+ w0, w1, il, ir, t0, t1);
+ krrl ^= w0;
+ krrr ^= w1;
+ CAMELLIA_F(krrl, krrr,
+ CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R,
+ w0, w1, il, ir, t0, t1);
+ krll ^= w0;
+ krlr ^= w1;
+
+ /* generate KA dependent subkeys */
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+ subl(6) = kll;
+ subr(6) = klr;
+ subl(7) = krl;
+ subr(7) = krr;
+ CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
+ subl(14) = kll;
+ subr(14) = klr;
+ subl(15) = krl;
+ subr(15) = krr;
+ subl(24) = klr;
+ subr(24) = krl;
+ subl(25) = krr;
+ subr(25) = kll;
+ CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49);
+ subl(28) = kll;
+ subr(28) = klr;
+ subl(29) = krl;
+ subr(29) = krr;
+
+ /* generate KB dependent subkeys */
+ subl(2) = krll;
+ subr(2) = krlr;
+ subl(3) = krrl;
+ subr(3) = krrr;
+ CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
+ subl(10) = krll;
+ subr(10) = krlr;
+ subl(11) = krrl;
+ subr(11) = krrr;
+ CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
+ subl(20) = krll;
+ subr(20) = krlr;
+ subl(21) = krrl;
+ subr(21) = krrr;
+ CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51);
+ subl(32) = krll;
+ subr(32) = krlr;
+ subl(33) = krrl;
+ subr(33) = krrr;
+
+ /* absorb kw2 to other subkeys */
+ subl(3) ^= subl(1);
+ subr(3) ^= subr(1);
+ subl(5) ^= subl(1);
+ subr(5) ^= subr(1);
+ subl(7) ^= subl(1);
+ subr(7) ^= subr(1);
+ subl(1) ^= subr(1) & ~subr(9);
+ dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw);
+ subl(11) ^= subl(1);
+ subr(11) ^= subr(1);
+ subl(13) ^= subl(1);
+ subr(13) ^= subr(1);
+ subl(15) ^= subl(1);
+ subr(15) ^= subr(1);
+ subl(1) ^= subr(1) & ~subr(17);
+ dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw);
+ subl(19) ^= subl(1);
+ subr(19) ^= subr(1);
+ subl(21) ^= subl(1);
+ subr(21) ^= subr(1);
+ subl(23) ^= subl(1);
+ subr(23) ^= subr(1);
+ subl(1) ^= subr(1) & ~subr(25);
+ dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw);
+ subl(27) ^= subl(1);
+ subr(27) ^= subr(1);
+ subl(29) ^= subl(1);
+ subr(29) ^= subr(1);
+ subl(31) ^= subl(1);
+ subr(31) ^= subr(1);
+ subl(32) ^= subl(1);
+ subr(32) ^= subr(1);
+
+ /* absorb kw4 to other subkeys */
+ kw4l = subl(33);
+ kw4r = subr(33);
+ subl(30) ^= kw4l;
+ subr(30) ^= kw4r;
+ subl(28) ^= kw4l;
+ subr(28) ^= kw4r;
+ subl(26) ^= kw4l;
+ subr(26) ^= kw4r;
+ kw4l ^= kw4r & ~subr(24);
+ dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw);
+ subl(22) ^= kw4l;
+ subr(22) ^= kw4r;
+ subl(20) ^= kw4l;
+ subr(20) ^= kw4r;
+ subl(18) ^= kw4l;
+ subr(18) ^= kw4r;
+ kw4l ^= kw4r & ~subr(16);
+ dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw);
+ subl(14) ^= kw4l;
+ subr(14) ^= kw4r;
+ subl(12) ^= kw4l;
+ subr(12) ^= kw4r;
+ subl(10) ^= kw4l;
+ subr(10) ^= kw4r;
+ kw4l ^= kw4r & ~subr(8);
+ dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw);
+ subl(6) ^= kw4l;
+ subr(6) ^= kw4r;
+ subl(4) ^= kw4l;
+ subr(4) ^= kw4r;
+ subl(2) ^= kw4l;
+ subr(2) ^= kw4r;
+ subl(0) ^= kw4l;
+ subr(0) ^= kw4r;
+
+ /* key XOR is end of F-function */
+ CamelliaSubkeyL(0) = subl(0) ^ subl(2);
+ CamelliaSubkeyR(0) = subr(0) ^ subr(2);
+ CamelliaSubkeyL(2) = subl(3);
+ CamelliaSubkeyR(2) = subr(3);
+ CamelliaSubkeyL(3) = subl(2) ^ subl(4);
+ CamelliaSubkeyR(3) = subr(2) ^ subr(4);
+ CamelliaSubkeyL(4) = subl(3) ^ subl(5);
+ CamelliaSubkeyR(4) = subr(3) ^ subr(5);
+ CamelliaSubkeyL(5) = subl(4) ^ subl(6);
+ CamelliaSubkeyR(5) = subr(4) ^ subr(6);
+ CamelliaSubkeyL(6) = subl(5) ^ subl(7);
+ CamelliaSubkeyR(6) = subr(5) ^ subr(7);
+ tl = subl(10) ^ (subr(10) & ~subr(8));
+ dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(7) = subl(6) ^ tl;
+ CamelliaSubkeyR(7) = subr(6) ^ tr;
+ CamelliaSubkeyL(8) = subl(8);
+ CamelliaSubkeyR(8) = subr(8);
+ CamelliaSubkeyL(9) = subl(9);
+ CamelliaSubkeyR(9) = subr(9);
+ tl = subl(7) ^ (subr(7) & ~subr(9));
+ dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(10) = tl ^ subl(11);
+ CamelliaSubkeyR(10) = tr ^ subr(11);
+ CamelliaSubkeyL(11) = subl(10) ^ subl(12);
+ CamelliaSubkeyR(11) = subr(10) ^ subr(12);
+ CamelliaSubkeyL(12) = subl(11) ^ subl(13);
+ CamelliaSubkeyR(12) = subr(11) ^ subr(13);
+ CamelliaSubkeyL(13) = subl(12) ^ subl(14);
+ CamelliaSubkeyR(13) = subr(12) ^ subr(14);
+ CamelliaSubkeyL(14) = subl(13) ^ subl(15);
+ CamelliaSubkeyR(14) = subr(13) ^ subr(15);
+ tl = subl(18) ^ (subr(18) & ~subr(16));
+ dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(15) = subl(14) ^ tl;
+ CamelliaSubkeyR(15) = subr(14) ^ tr;
+ CamelliaSubkeyL(16) = subl(16);
+ CamelliaSubkeyR(16) = subr(16);
+ CamelliaSubkeyL(17) = subl(17);
+ CamelliaSubkeyR(17) = subr(17);
+ tl = subl(15) ^ (subr(15) & ~subr(17));
+ dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(18) = tl ^ subl(19);
+ CamelliaSubkeyR(18) = tr ^ subr(19);
+ CamelliaSubkeyL(19) = subl(18) ^ subl(20);
+ CamelliaSubkeyR(19) = subr(18) ^ subr(20);
+ CamelliaSubkeyL(20) = subl(19) ^ subl(21);
+ CamelliaSubkeyR(20) = subr(19) ^ subr(21);
+ CamelliaSubkeyL(21) = subl(20) ^ subl(22);
+ CamelliaSubkeyR(21) = subr(20) ^ subr(22);
+ CamelliaSubkeyL(22) = subl(21) ^ subl(23);
+ CamelliaSubkeyR(22) = subr(21) ^ subr(23);
+ tl = subl(26) ^ (subr(26) & ~subr(24));
+ dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(23) = subl(22) ^ tl;
+ CamelliaSubkeyR(23) = subr(22) ^ tr;
+ CamelliaSubkeyL(24) = subl(24);
+ CamelliaSubkeyR(24) = subr(24);
+ CamelliaSubkeyL(25) = subl(25);
+ CamelliaSubkeyR(25) = subr(25);
+ tl = subl(23) ^ (subr(23) & ~subr(25));
+ dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw);
+ CamelliaSubkeyL(26) = tl ^ subl(27);
+ CamelliaSubkeyR(26) = tr ^ subr(27);
+ CamelliaSubkeyL(27) = subl(26) ^ subl(28);
+ CamelliaSubkeyR(27) = subr(26) ^ subr(28);
+ CamelliaSubkeyL(28) = subl(27) ^ subl(29);
+ CamelliaSubkeyR(28) = subr(27) ^ subr(29);
+ CamelliaSubkeyL(29) = subl(28) ^ subl(30);
+ CamelliaSubkeyR(29) = subr(28) ^ subr(30);
+ CamelliaSubkeyL(30) = subl(29) ^ subl(31);
+ CamelliaSubkeyR(30) = subr(29) ^ subr(31);
+ CamelliaSubkeyL(31) = subl(30);
+ CamelliaSubkeyR(31) = subr(30);
+ CamelliaSubkeyL(32) = subl(32) ^ subl(31);
+ CamelliaSubkeyR(32) = subr(32) ^ subr(31);
+
+ /* apply the inverse of the last half of P-function */
+ dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
+ dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
+ dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
+ dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
+ dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
+ dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
+ dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
+ dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
+ dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
+ dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
+ dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
+ dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
+ dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
+ dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
+ dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
+ dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
+ dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
+ dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
+ dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw;
+ dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw;
+ dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw;
+ dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw;
+ dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw;
+ dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw);
+ CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw, CamelliaSubkeyL(31) = dw;
+
+ return;
+}
+
+void
+camellia_setup192(const unsigned char *key, PRUint32 *subkey)
+{
+ unsigned char kk[32];
+ PRUint32 krll, krlr, krrl, krrr;
+
+ memcpy(kk, key, 24);
+ memcpy((unsigned char *)&krll, key + 16, 4);
+ memcpy((unsigned char *)&krlr, key + 20, 4);
+ krrl = ~krll;
+ krrr = ~krlr;
+ memcpy(kk + 24, (unsigned char *)&krrl, 4);
+ memcpy(kk + 28, (unsigned char *)&krrr, 4);
+ camellia_setup256(kk, subkey);
+ return;
+}
+
+/**
+ * Stuff related to camellia encryption/decryption
+ *
+ */
+SECStatus NO_SANITIZE_ALIGNMENT
+camellia_encrypt128(const PRUint32 *subkey,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ PRUint32 il, ir, t0, t1;
+ PRUint32 io[4];
+#if defined(CAMELLIA_NEED_TMP_VARIABLE)
+ PRUint32 tmp;
+#endif
+
+ io[0] = GETU32(input);
+ io[1] = GETU32(input + 4);
+ io[2] = GETU32(input + 8);
+ io[3] = GETU32(input + 12);
+
+ /* pre whitening but absorb kw2*/
+ io[0] ^= CamelliaSubkeyL(0);
+ io[1] ^= CamelliaSubkeyR(0);
+ /* main iteration */
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(2), CamelliaSubkeyR(2),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(3), CamelliaSubkeyR(3),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(4), CamelliaSubkeyR(4),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(5), CamelliaSubkeyR(5),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(6), CamelliaSubkeyR(6),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(7), CamelliaSubkeyR(7),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(8), CamelliaSubkeyR(8),
+ CamelliaSubkeyL(9), CamelliaSubkeyR(9),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(10), CamelliaSubkeyR(10),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(11), CamelliaSubkeyR(11),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(12), CamelliaSubkeyR(12),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(13), CamelliaSubkeyR(13),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(14), CamelliaSubkeyR(14),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(15), CamelliaSubkeyR(15),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(16), CamelliaSubkeyR(16),
+ CamelliaSubkeyL(17), CamelliaSubkeyR(17),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(18), CamelliaSubkeyR(18),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(19), CamelliaSubkeyR(19),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(20), CamelliaSubkeyR(20),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(21), CamelliaSubkeyR(21),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(22), CamelliaSubkeyR(22),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(23), CamelliaSubkeyR(23),
+ io[0], io[1], il, ir, t0, t1);
+
+ /* post whitening but kw4 */
+ io[2] ^= CamelliaSubkeyL(24);
+ io[3] ^= CamelliaSubkeyR(24);
+
+ t0 = io[0];
+ t1 = io[1];
+ io[0] = io[2];
+ io[1] = io[3];
+ io[2] = t0;
+ io[3] = t1;
+
+ PUTU32(output, io[0]);
+ PUTU32(output + 4, io[1]);
+ PUTU32(output + 8, io[2]);
+ PUTU32(output + 12, io[3]);
+
+ return SECSuccess;
+}
+
+SECStatus NO_SANITIZE_ALIGNMENT
+camellia_decrypt128(const PRUint32 *subkey,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ PRUint32 il, ir, t0, t1; /* temporary valiables */
+ PRUint32 io[4];
+#if defined(CAMELLIA_NEED_TMP_VARIABLE)
+ PRUint32 tmp;
+#endif
+
+ io[0] = GETU32(input);
+ io[1] = GETU32(input + 4);
+ io[2] = GETU32(input + 8);
+ io[3] = GETU32(input + 12);
+
+ /* pre whitening but absorb kw2*/
+ io[0] ^= CamelliaSubkeyL(24);
+ io[1] ^= CamelliaSubkeyR(24);
+
+ /* main iteration */
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(23), CamelliaSubkeyR(23),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(22), CamelliaSubkeyR(22),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(21), CamelliaSubkeyR(21),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(20), CamelliaSubkeyR(20),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(19), CamelliaSubkeyR(19),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(18), CamelliaSubkeyR(18),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(17), CamelliaSubkeyR(17),
+ CamelliaSubkeyL(16), CamelliaSubkeyR(16),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(15), CamelliaSubkeyR(15),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(14), CamelliaSubkeyR(14),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(13), CamelliaSubkeyR(13),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(12), CamelliaSubkeyR(12),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(11), CamelliaSubkeyR(11),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(10), CamelliaSubkeyR(10),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(9), CamelliaSubkeyR(9),
+ CamelliaSubkeyL(8), CamelliaSubkeyR(8),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(7), CamelliaSubkeyR(7),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(6), CamelliaSubkeyR(6),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(5), CamelliaSubkeyR(5),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(4), CamelliaSubkeyR(4),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(3), CamelliaSubkeyR(3),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(2), CamelliaSubkeyR(2),
+ io[0], io[1], il, ir, t0, t1);
+
+ /* post whitening but kw4 */
+ io[2] ^= CamelliaSubkeyL(0);
+ io[3] ^= CamelliaSubkeyR(0);
+
+ t0 = io[0];
+ t1 = io[1];
+ io[0] = io[2];
+ io[1] = io[3];
+ io[2] = t0;
+ io[3] = t1;
+
+ PUTU32(output, io[0]);
+ PUTU32(output + 4, io[1]);
+ PUTU32(output + 8, io[2]);
+ PUTU32(output + 12, io[3]);
+
+ return SECSuccess;
+}
+
+/**
+ * stuff for 192 and 256bit encryption/decryption
+ */
+SECStatus NO_SANITIZE_ALIGNMENT
+camellia_encrypt256(const PRUint32 *subkey,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ PRUint32 il, ir, t0, t1; /* temporary valiables */
+ PRUint32 io[4];
+#if defined(CAMELLIA_NEED_TMP_VARIABLE)
+ PRUint32 tmp;
+#endif
+
+ io[0] = GETU32(input);
+ io[1] = GETU32(input + 4);
+ io[2] = GETU32(input + 8);
+ io[3] = GETU32(input + 12);
+
+ /* pre whitening but absorb kw2*/
+ io[0] ^= CamelliaSubkeyL(0);
+ io[1] ^= CamelliaSubkeyR(0);
+
+ /* main iteration */
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(2), CamelliaSubkeyR(2),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(3), CamelliaSubkeyR(3),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(4), CamelliaSubkeyR(4),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(5), CamelliaSubkeyR(5),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(6), CamelliaSubkeyR(6),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(7), CamelliaSubkeyR(7),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(8), CamelliaSubkeyR(8),
+ CamelliaSubkeyL(9), CamelliaSubkeyR(9),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(10), CamelliaSubkeyR(10),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(11), CamelliaSubkeyR(11),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(12), CamelliaSubkeyR(12),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(13), CamelliaSubkeyR(13),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(14), CamelliaSubkeyR(14),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(15), CamelliaSubkeyR(15),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(16), CamelliaSubkeyR(16),
+ CamelliaSubkeyL(17), CamelliaSubkeyR(17),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(18), CamelliaSubkeyR(18),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(19), CamelliaSubkeyR(19),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(20), CamelliaSubkeyR(20),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(21), CamelliaSubkeyR(21),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(22), CamelliaSubkeyR(22),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(23), CamelliaSubkeyR(23),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(24), CamelliaSubkeyR(24),
+ CamelliaSubkeyL(25), CamelliaSubkeyR(25),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(26), CamelliaSubkeyR(26),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(27), CamelliaSubkeyR(27),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(28), CamelliaSubkeyR(28),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(29), CamelliaSubkeyR(29),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(30), CamelliaSubkeyR(30),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(31), CamelliaSubkeyR(31),
+ io[0], io[1], il, ir, t0, t1);
+
+ /* post whitening but kw4 */
+ io[2] ^= CamelliaSubkeyL(32);
+ io[3] ^= CamelliaSubkeyR(32);
+
+ t0 = io[0];
+ t1 = io[1];
+ io[0] = io[2];
+ io[1] = io[3];
+ io[2] = t0;
+ io[3] = t1;
+
+ PUTU32(output, io[0]);
+ PUTU32(output + 4, io[1]);
+ PUTU32(output + 8, io[2]);
+ PUTU32(output + 12, io[3]);
+
+ return SECSuccess;
+}
+
+SECStatus NO_SANITIZE_ALIGNMENT
+camellia_decrypt256(const PRUint32 *subkey,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ PRUint32 il, ir, t0, t1; /* temporary valiables */
+ PRUint32 io[4];
+#if defined(CAMELLIA_NEED_TMP_VARIABLE)
+ PRUint32 tmp;
+#endif
+
+ io[0] = GETU32(input);
+ io[1] = GETU32(input + 4);
+ io[2] = GETU32(input + 8);
+ io[3] = GETU32(input + 12);
+
+ /* pre whitening but absorb kw2*/
+ io[0] ^= CamelliaSubkeyL(32);
+ io[1] ^= CamelliaSubkeyR(32);
+
+ /* main iteration */
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(31), CamelliaSubkeyR(31),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(30), CamelliaSubkeyR(30),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(29), CamelliaSubkeyR(29),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(28), CamelliaSubkeyR(28),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(27), CamelliaSubkeyR(27),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(26), CamelliaSubkeyR(26),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(25), CamelliaSubkeyR(25),
+ CamelliaSubkeyL(24), CamelliaSubkeyR(24),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(23), CamelliaSubkeyR(23),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(22), CamelliaSubkeyR(22),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(21), CamelliaSubkeyR(21),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(20), CamelliaSubkeyR(20),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(19), CamelliaSubkeyR(19),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(18), CamelliaSubkeyR(18),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(17), CamelliaSubkeyR(17),
+ CamelliaSubkeyL(16), CamelliaSubkeyR(16),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(15), CamelliaSubkeyR(15),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(14), CamelliaSubkeyR(14),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(13), CamelliaSubkeyR(13),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(12), CamelliaSubkeyR(12),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(11), CamelliaSubkeyR(11),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(10), CamelliaSubkeyR(10),
+ io[0], io[1], il, ir, t0, t1);
+
+ CAMELLIA_FLS(io[0], io[1], io[2], io[3],
+ CamelliaSubkeyL(9), CamelliaSubkeyR(9),
+ CamelliaSubkeyL(8), CamelliaSubkeyR(8),
+ t0, t1, il, ir);
+
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(7), CamelliaSubkeyR(7),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(6), CamelliaSubkeyR(6),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(5), CamelliaSubkeyR(5),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(4), CamelliaSubkeyR(4),
+ io[0], io[1], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[0], io[1],
+ CamelliaSubkeyL(3), CamelliaSubkeyR(3),
+ io[2], io[3], il, ir, t0, t1);
+ CAMELLIA_ROUNDSM(io[2], io[3],
+ CamelliaSubkeyL(2), CamelliaSubkeyR(2),
+ io[0], io[1], il, ir, t0, t1);
+
+ /* post whitening but kw4 */
+ io[2] ^= CamelliaSubkeyL(0);
+ io[3] ^= CamelliaSubkeyR(0);
+
+ t0 = io[0];
+ t1 = io[1];
+ io[0] = io[2];
+ io[1] = io[3];
+ io[2] = t0;
+ io[3] = t1;
+
+ PUTU32(output, io[0]);
+ PUTU32(output + 4, io[1]);
+ PUTU32(output + 8, io[2]);
+ PUTU32(output + 12, io[3]);
+
+ return SECSuccess;
+}
+
+/**************************************************************************
+ *
+ * Stuff related to the Camellia key schedule
+ *
+ *************************************************************************/
+
+SECStatus
+camellia_key_expansion(CamelliaContext *cx,
+ const unsigned char *key,
+ const unsigned int keysize)
+{
+ cx->keysize = keysize;
+
+ switch (keysize) {
+ case 16:
+ camellia_setup128(key, cx->expandedKey);
+ break;
+ case 24:
+ camellia_setup192(key, cx->expandedKey);
+ break;
+ case 32:
+ camellia_setup256(key, cx->expandedKey);
+ break;
+ default:
+ break;
+ }
+ return SECSuccess;
+}
+
+/**************************************************************************
+ *
+ * Camellia modes of operation (ECB and CBC)
+ *
+ *************************************************************************/
+
+SECStatus
+camellia_encryptECB(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ CamelliaBlockFunc *encryptor;
+
+ encryptor = (cx->keysize == 16)
+ ? &camellia_encrypt128
+ : &camellia_encrypt256;
+
+ while (inputLen > 0) {
+ (*encryptor)(cx->expandedKey, output, input);
+
+ output += CAMELLIA_BLOCK_SIZE;
+ input += CAMELLIA_BLOCK_SIZE;
+ inputLen -= CAMELLIA_BLOCK_SIZE;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+camellia_encryptCBC(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ unsigned int j;
+ unsigned char *lastblock;
+ unsigned char inblock[CAMELLIA_BLOCK_SIZE];
+ CamelliaBlockFunc *encryptor;
+
+ if (!inputLen)
+ return SECSuccess;
+ lastblock = cx->iv;
+
+ encryptor = (cx->keysize == 16)
+ ? &camellia_encrypt128
+ : &camellia_encrypt256;
+
+ while (inputLen > 0) {
+ /* XOR with the last block (IV if first block) */
+ for (j = 0; j < CAMELLIA_BLOCK_SIZE; ++j)
+ inblock[j] = input[j] ^ lastblock[j];
+ /* encrypt */
+ (*encryptor)(cx->expandedKey, output, inblock);
+
+ /* move to the next block */
+ lastblock = output;
+ output += CAMELLIA_BLOCK_SIZE;
+ input += CAMELLIA_BLOCK_SIZE;
+ inputLen -= CAMELLIA_BLOCK_SIZE;
+ }
+ memcpy(cx->iv, lastblock, CAMELLIA_BLOCK_SIZE);
+ return SECSuccess;
+}
+
+SECStatus
+camellia_decryptECB(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ CamelliaBlockFunc *decryptor;
+
+ decryptor = (cx->keysize == 16)
+ ? &camellia_decrypt128
+ : &camellia_decrypt256;
+
+ while (inputLen > 0) {
+
+ (*decryptor)(cx->expandedKey, output, input);
+
+ output += CAMELLIA_BLOCK_SIZE;
+ input += CAMELLIA_BLOCK_SIZE;
+ inputLen -= CAMELLIA_BLOCK_SIZE;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+camellia_decryptCBC(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ const unsigned char *in;
+ unsigned char *out;
+ unsigned int j;
+ unsigned char newIV[CAMELLIA_BLOCK_SIZE];
+ CamelliaBlockFunc *decryptor;
+
+ if (!inputLen)
+ return SECSuccess;
+
+ PORT_Assert(output - input >= 0 || input - output >= (int)inputLen);
+
+ in = input + (inputLen - CAMELLIA_BLOCK_SIZE);
+ memcpy(newIV, in, CAMELLIA_BLOCK_SIZE);
+ out = output + (inputLen - CAMELLIA_BLOCK_SIZE);
+
+ decryptor = (cx->keysize == 16)
+ ? &camellia_decrypt128
+ : &camellia_decrypt256;
+
+ while (inputLen > CAMELLIA_BLOCK_SIZE) {
+ (*decryptor)(cx->expandedKey, out, in);
+
+ for (j = 0; j < CAMELLIA_BLOCK_SIZE; ++j)
+ out[j] ^= in[(int)(j - CAMELLIA_BLOCK_SIZE)];
+
+ out -= CAMELLIA_BLOCK_SIZE;
+ in -= CAMELLIA_BLOCK_SIZE;
+ inputLen -= CAMELLIA_BLOCK_SIZE;
+ }
+ if (in == input) {
+ (*decryptor)(cx->expandedKey, out, in);
+
+ for (j = 0; j < CAMELLIA_BLOCK_SIZE; ++j)
+ out[j] ^= cx->iv[j];
+ }
+ memcpy(cx->iv, newIV, CAMELLIA_BLOCK_SIZE);
+ return SECSuccess;
+}
+
+/**************************************************************************
+ *
+ * BLAPI Interface functions
+ *
+ *************************************************************************/
+
+CamelliaContext *
+Camellia_AllocateContext(void)
+{
+ return PORT_ZNew(CamelliaContext);
+}
+
+SECStatus
+Camellia_InitContext(CamelliaContext *cx, const unsigned char *key,
+ unsigned int keysize,
+ const unsigned char *iv, int mode, unsigned int encrypt,
+ unsigned int unused)
+{
+ if (key == NULL ||
+ (keysize != 16 && keysize != 24 && keysize != 32)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (mode != NSS_CAMELLIA && mode != NSS_CAMELLIA_CBC) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (mode == NSS_CAMELLIA_CBC && iv == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (mode == NSS_CAMELLIA_CBC) {
+ memcpy(cx->iv, iv, CAMELLIA_BLOCK_SIZE);
+ cx->worker = (encrypt) ? &camellia_encryptCBC : &camellia_decryptCBC;
+ } else {
+ cx->worker = (encrypt) ? &camellia_encryptECB : &camellia_decryptECB;
+ }
+
+ /* Generate expanded key */
+ if (camellia_key_expansion(cx, key, keysize) != SECSuccess)
+ goto cleanup;
+
+ return SECSuccess;
+cleanup:
+ return SECFailure;
+}
+
+/*
+ * Camellia_CreateContext
+ * create a new context for Camellia operations
+ */
+
+CamelliaContext *
+Camellia_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, int encrypt,
+ unsigned int keysize)
+{
+ CamelliaContext *cx;
+
+ if (key == NULL ||
+ (keysize != 16 && keysize != 24 && keysize != 32)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ if (mode != NSS_CAMELLIA && mode != NSS_CAMELLIA_CBC) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ if (mode == NSS_CAMELLIA_CBC && iv == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ cx = PORT_ZNew(CamelliaContext);
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ /* copy in the iv, if neccessary */
+ if (mode == NSS_CAMELLIA_CBC) {
+ memcpy(cx->iv, iv, CAMELLIA_BLOCK_SIZE);
+ cx->worker = (encrypt) ? &camellia_encryptCBC : &camellia_decryptCBC;
+ } else {
+ cx->worker = (encrypt) ? &camellia_encryptECB : &camellia_decryptECB;
+ }
+ /* copy keysize */
+ cx->keysize = keysize;
+
+ /* Generate expanded key */
+ if (camellia_key_expansion(cx, key, keysize) != SECSuccess)
+ goto cleanup;
+
+ return cx;
+cleanup:
+ PORT_ZFree(cx, sizeof *cx);
+ return NULL;
+}
+
+/*
+ * Camellia_DestroyContext
+ *
+ * Zero an Camellia cipher context. If freeit is true, also free the pointer
+ * to the context.
+ */
+void
+Camellia_DestroyContext(CamelliaContext *cx, PRBool freeit)
+{
+ if (cx)
+ memset(cx, 0, sizeof *cx);
+ if (freeit)
+ PORT_Free(cx);
+}
+
+/*
+ * Camellia_Encrypt
+ *
+ * Encrypt an arbitrary-length buffer. The output buffer must already be
+ * allocated to at least inputLen.
+ */
+SECStatus
+Camellia_Encrypt(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+
+ /* Check args */
+ if (cx == NULL || output == NULL || input == NULL ||
+ outputLen == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (inputLen % CAMELLIA_BLOCK_SIZE != 0) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outputLen = inputLen;
+
+ return (*cx->worker)(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+/*
+ * Camellia_Decrypt
+ *
+ * Decrypt and arbitrary-length buffer. The output buffer must already be
+ * allocated to at least inputLen.
+ */
+SECStatus
+Camellia_Decrypt(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+
+ /* Check args */
+ if (cx == NULL || output == NULL || input == NULL || outputLen == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (inputLen % CAMELLIA_BLOCK_SIZE != 0) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outputLen = inputLen;
+
+ return (*cx->worker)(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
diff --git a/security/nss/lib/freebl/camellia.h b/security/nss/lib/freebl/camellia.h
new file mode 100644
index 000000000..15114db9a
--- /dev/null
+++ b/security/nss/lib/freebl/camellia.h
@@ -0,0 +1,42 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CAMELLIA_H_
+#define _CAMELLIA_H_ 1
+
+#define CAMELLIA_BLOCK_SIZE 16 /* bytes */
+#define CAMELLIA_MIN_KEYSIZE 16 /* bytes */
+#define CAMELLIA_MAX_KEYSIZE 32 /* bytes */
+
+#define CAMELLIA_MAX_EXPANDEDKEY (34 * 2) /* 32bit unit */
+
+typedef PRUint32 KEY_TABLE_TYPE[CAMELLIA_MAX_EXPANDEDKEY];
+
+typedef SECStatus CamelliaFunc(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+typedef SECStatus CamelliaBlockFunc(const PRUint32 *subkey,
+ unsigned char *output,
+ const unsigned char *input);
+
+/* CamelliaContextStr
+ *
+ * Values which maintain the state for Camellia encryption/decryption.
+ *
+ * keysize - the number of key bits
+ * worker - the encryption/decryption function to use with this context
+ * iv - initialization vector for CBC mode
+ * expandedKey - the round keys in 4-byte words
+ */
+struct CamelliaContextStr {
+ PRUint32 keysize; /* bytes */
+ CamelliaFunc *worker;
+ PRUint32 expandedKey[CAMELLIA_MAX_EXPANDEDKEY];
+ PRUint8 iv[CAMELLIA_BLOCK_SIZE];
+};
+
+#endif /* _CAMELLIA_H_ */
diff --git a/security/nss/lib/freebl/chacha20.c b/security/nss/lib/freebl/chacha20.c
new file mode 100644
index 000000000..f55d1e670
--- /dev/null
+++ b/security/nss/lib/freebl/chacha20.c
@@ -0,0 +1,119 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Adopted from the public domain code in NaCl by djb. */
+
+#include <string.h>
+#include <stdio.h>
+
+#include "prtypes.h"
+#include "secport.h"
+#include "chacha20.h"
+
+#if defined(_MSC_VER)
+#pragma intrinsic(_lrotl)
+#define ROTL32(x, n) _lrotl(x, n)
+#else
+#define ROTL32(x, n) ((x << n) | (x >> ((8 * sizeof x) - n)))
+#endif
+
+#define ROTATE(v, c) ROTL32((v), (c))
+
+#define U32TO8_LITTLE(p, v) \
+ { \
+ (p)[0] = ((v)) & 0xff; \
+ (p)[1] = ((v) >> 8) & 0xff; \
+ (p)[2] = ((v) >> 16) & 0xff; \
+ (p)[3] = ((v) >> 24) & 0xff; \
+ }
+#define U8TO32_LITTLE(p) \
+ (((PRUint32)((p)[0])) | ((PRUint32)((p)[1]) << 8) | \
+ ((PRUint32)((p)[2]) << 16) | ((PRUint32)((p)[3]) << 24))
+
+#define QUARTERROUND(x, a, b, c, d) \
+ x[a] = x[a] + x[b]; \
+ x[d] = ROTATE(x[d] ^ x[a], 16); \
+ x[c] = x[c] + x[d]; \
+ x[b] = ROTATE(x[b] ^ x[c], 12); \
+ x[a] = x[a] + x[b]; \
+ x[d] = ROTATE(x[d] ^ x[a], 8); \
+ x[c] = x[c] + x[d]; \
+ x[b] = ROTATE(x[b] ^ x[c], 7);
+
+static void
+ChaChaCore(unsigned char output[64], const PRUint32 input[16], int num_rounds)
+{
+ PRUint32 x[16];
+ int i;
+
+ PORT_Memcpy(x, input, sizeof(PRUint32) * 16);
+ for (i = num_rounds; i > 0; i -= 2) {
+ QUARTERROUND(x, 0, 4, 8, 12)
+ QUARTERROUND(x, 1, 5, 9, 13)
+ QUARTERROUND(x, 2, 6, 10, 14)
+ QUARTERROUND(x, 3, 7, 11, 15)
+ QUARTERROUND(x, 0, 5, 10, 15)
+ QUARTERROUND(x, 1, 6, 11, 12)
+ QUARTERROUND(x, 2, 7, 8, 13)
+ QUARTERROUND(x, 3, 4, 9, 14)
+ }
+
+ for (i = 0; i < 16; ++i) {
+ x[i] = x[i] + input[i];
+ }
+ for (i = 0; i < 16; ++i) {
+ U32TO8_LITTLE(output + 4 * i, x[i]);
+ }
+}
+
+static const unsigned char sigma[16] = "expand 32-byte k";
+
+void
+ChaCha20XOR(unsigned char *out, const unsigned char *in, unsigned int inLen,
+ const unsigned char key[32], const unsigned char nonce[12],
+ uint32_t counter)
+{
+ unsigned char block[64];
+ PRUint32 input[16];
+ unsigned int i;
+
+ input[4] = U8TO32_LITTLE(key + 0);
+ input[5] = U8TO32_LITTLE(key + 4);
+ input[6] = U8TO32_LITTLE(key + 8);
+ input[7] = U8TO32_LITTLE(key + 12);
+
+ input[8] = U8TO32_LITTLE(key + 16);
+ input[9] = U8TO32_LITTLE(key + 20);
+ input[10] = U8TO32_LITTLE(key + 24);
+ input[11] = U8TO32_LITTLE(key + 28);
+
+ input[0] = U8TO32_LITTLE(sigma + 0);
+ input[1] = U8TO32_LITTLE(sigma + 4);
+ input[2] = U8TO32_LITTLE(sigma + 8);
+ input[3] = U8TO32_LITTLE(sigma + 12);
+
+ input[12] = counter;
+ input[13] = U8TO32_LITTLE(nonce + 0);
+ input[14] = U8TO32_LITTLE(nonce + 4);
+ input[15] = U8TO32_LITTLE(nonce + 8);
+
+ while (inLen >= 64) {
+ ChaChaCore(block, input, 20);
+ for (i = 0; i < 64; i++) {
+ out[i] = in[i] ^ block[i];
+ }
+
+ input[12]++;
+ inLen -= 64;
+ in += 64;
+ out += 64;
+ }
+
+ if (inLen > 0) {
+ ChaChaCore(block, input, 20);
+ for (i = 0; i < inLen; i++) {
+ out[i] = in[i] ^ block[i];
+ }
+ }
+}
diff --git a/security/nss/lib/freebl/chacha20.h b/security/nss/lib/freebl/chacha20.h
new file mode 100644
index 000000000..7e396fa8c
--- /dev/null
+++ b/security/nss/lib/freebl/chacha20.h
@@ -0,0 +1,26 @@
+/*
+ * chacha20.h - header file for ChaCha20 implementation.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef FREEBL_CHACHA20_H_
+#define FREEBL_CHACHA20_H_
+
+#if defined(_MSC_VER) && _MSC_VER < 1600
+#include "prtypes.h"
+typedef PRUint32 uint32_t;
+typedef PRUint64 uint64_t;
+#else
+#include <stdint.h>
+#endif
+
+/* ChaCha20XOR encrypts |inLen| bytes from |in| with the given key and
+ * nonce and writes the result to |out|, which may be equal to |in|. The
+ * initial block counter is specified by |counter|. */
+extern void ChaCha20XOR(unsigned char *out, const unsigned char *in,
+ unsigned int inLen, const unsigned char key[32],
+ const unsigned char nonce[12], uint32_t counter);
+
+#endif /* FREEBL_CHACHA20_H_ */
diff --git a/security/nss/lib/freebl/chacha20_vec.c b/security/nss/lib/freebl/chacha20_vec.c
new file mode 100644
index 000000000..12f94d897
--- /dev/null
+++ b/security/nss/lib/freebl/chacha20_vec.c
@@ -0,0 +1,327 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This implementation is by Ted Krovetz and was submitted to SUPERCOP and
+ * marked as public domain. It was been altered to allow for non-aligned inputs
+ * and to allow the block counter to be passed in specifically. */
+
+#include <string.h>
+
+#include "chacha20.h"
+#include "blapii.h"
+
+#ifndef CHACHA_RNDS
+#define CHACHA_RNDS 20 /* 8 (high speed), 20 (conservative), 12 (middle) */
+#endif
+
+/* Architecture-neutral way to specify 16-byte vector of ints */
+typedef unsigned vec __attribute__((vector_size(16)));
+
+/* This implementation is designed for Neon, SSE and AltiVec machines. The
+ * following specify how to do certain vector operations efficiently on
+ * each architecture, using intrinsics.
+ * This implementation supports parallel processing of multiple blocks,
+ * including potentially using general-purpose registers.
+ */
+#if __ARM_NEON__
+#include <arm_neon.h>
+#define GPR_TOO 1
+#define VBPI 2
+#define ONE (vec) vsetq_lane_u32(1, vdupq_n_u32(0), 0)
+#define LOAD(m) (vec)(*((vec *)(m)))
+#define STORE(m, r) (*((vec *)(m))) = (r)
+#define ROTV1(x) (vec) vextq_u32((uint32x4_t)x, (uint32x4_t)x, 1)
+#define ROTV2(x) (vec) vextq_u32((uint32x4_t)x, (uint32x4_t)x, 2)
+#define ROTV3(x) (vec) vextq_u32((uint32x4_t)x, (uint32x4_t)x, 3)
+#define ROTW16(x) (vec) vrev32q_u16((uint16x8_t)x)
+#if __clang__
+#define ROTW7(x) (x << ((vec){ 7, 7, 7, 7 })) ^ (x >> ((vec){ 25, 25, 25, 25 }))
+#define ROTW8(x) (x << ((vec){ 8, 8, 8, 8 })) ^ (x >> ((vec){ 24, 24, 24, 24 }))
+#define ROTW12(x) (x << ((vec){ 12, 12, 12, 12 })) ^ (x >> ((vec){ 20, 20, 20, 20 }))
+#else
+#define ROTW7(x) (vec) vsriq_n_u32(vshlq_n_u32((uint32x4_t)x, 7), (uint32x4_t)x, 25)
+#define ROTW8(x) (vec) vsriq_n_u32(vshlq_n_u32((uint32x4_t)x, 8), (uint32x4_t)x, 24)
+#define ROTW12(x) (vec) vsriq_n_u32(vshlq_n_u32((uint32x4_t)x, 12), (uint32x4_t)x, 20)
+#endif
+#elif __SSE2__
+#include <emmintrin.h>
+#define GPR_TOO 0
+#if __clang__
+#define VBPI 4
+#else
+#define VBPI 3
+#endif
+#define ONE (vec) _mm_set_epi32(0, 0, 0, 1)
+#define LOAD(m) (vec) _mm_loadu_si128((__m128i *)(m))
+#define STORE(m, r) _mm_storeu_si128((__m128i *)(m), (__m128i)(r))
+#define ROTV1(x) (vec) _mm_shuffle_epi32((__m128i)x, _MM_SHUFFLE(0, 3, 2, 1))
+#define ROTV2(x) (vec) _mm_shuffle_epi32((__m128i)x, _MM_SHUFFLE(1, 0, 3, 2))
+#define ROTV3(x) (vec) _mm_shuffle_epi32((__m128i)x, _MM_SHUFFLE(2, 1, 0, 3))
+#define ROTW7(x) (vec)(_mm_slli_epi32((__m128i)x, 7) ^ _mm_srli_epi32((__m128i)x, 25))
+#define ROTW12(x) (vec)(_mm_slli_epi32((__m128i)x, 12) ^ _mm_srli_epi32((__m128i)x, 20))
+#if __SSSE3__
+#include <tmmintrin.h>
+#define ROTW8(x) (vec) _mm_shuffle_epi8((__m128i)x, _mm_set_epi8(14, 13, 12, 15, 10, 9, 8, 11, 6, 5, 4, 7, 2, 1, 0, 3))
+#define ROTW16(x) (vec) _mm_shuffle_epi8((__m128i)x, _mm_set_epi8(13, 12, 15, 14, 9, 8, 11, 10, 5, 4, 7, 6, 1, 0, 3, 2))
+#else
+#define ROTW8(x) (vec)(_mm_slli_epi32((__m128i)x, 8) ^ _mm_srli_epi32((__m128i)x, 24))
+#define ROTW16(x) (vec)(_mm_slli_epi32((__m128i)x, 16) ^ _mm_srli_epi32((__m128i)x, 16))
+#endif
+#else
+#error-- Implementation supports only machines with neon or SSE2
+#endif
+
+#ifndef REVV_BE
+#define REVV_BE(x) (x)
+#endif
+
+#ifndef REVW_BE
+#define REVW_BE(x) (x)
+#endif
+
+#define BPI (VBPI + GPR_TOO) /* Blocks computed per loop iteration */
+
+#define DQROUND_VECTORS(a, b, c, d) \
+ a += b; \
+ d ^= a; \
+ d = ROTW16(d); \
+ c += d; \
+ b ^= c; \
+ b = ROTW12(b); \
+ a += b; \
+ d ^= a; \
+ d = ROTW8(d); \
+ c += d; \
+ b ^= c; \
+ b = ROTW7(b); \
+ b = ROTV1(b); \
+ c = ROTV2(c); \
+ d = ROTV3(d); \
+ a += b; \
+ d ^= a; \
+ d = ROTW16(d); \
+ c += d; \
+ b ^= c; \
+ b = ROTW12(b); \
+ a += b; \
+ d ^= a; \
+ d = ROTW8(d); \
+ c += d; \
+ b ^= c; \
+ b = ROTW7(b); \
+ b = ROTV3(b); \
+ c = ROTV2(c); \
+ d = ROTV1(d);
+
+#define QROUND_WORDS(a, b, c, d) \
+ a = a + b; \
+ d ^= a; \
+ d = d << 16 | d >> 16; \
+ c = c + d; \
+ b ^= c; \
+ b = b << 12 | b >> 20; \
+ a = a + b; \
+ d ^= a; \
+ d = d << 8 | d >> 24; \
+ c = c + d; \
+ b ^= c; \
+ b = b << 7 | b >> 25;
+
+#define WRITE_XOR(in, op, d, v0, v1, v2, v3) \
+ STORE(op + d + 0, LOAD(in + d + 0) ^ REVV_BE(v0)); \
+ STORE(op + d + 4, LOAD(in + d + 4) ^ REVV_BE(v1)); \
+ STORE(op + d + 8, LOAD(in + d + 8) ^ REVV_BE(v2)); \
+ STORE(op + d + 12, LOAD(in + d + 12) ^ REVV_BE(v3));
+
+void NO_SANITIZE_ALIGNMENT
+ChaCha20XOR(unsigned char *out, const unsigned char *in, unsigned int inlen,
+ const unsigned char key[32], const unsigned char nonce[12],
+ uint32_t counter)
+{
+ unsigned iters, i, *op = (unsigned *)out, *ip = (unsigned *)in, *kp;
+#if defined(__ARM_NEON__)
+ unsigned *np;
+#endif
+ vec s0, s1, s2, s3;
+#if !defined(__ARM_NEON__) && !defined(__SSE2__)
+ __attribute__((aligned(16))) unsigned key[8], nonce[4];
+#endif
+ __attribute__((aligned(16))) unsigned chacha_const[] =
+ { 0x61707865, 0x3320646E, 0x79622D32, 0x6B206574 };
+#if defined(__ARM_NEON__) || defined(__SSE2__)
+ kp = (unsigned *)key;
+#else
+ ((vec *)key)[0] = REVV_BE(((vec *)key)[0]);
+ ((vec *)key)[1] = REVV_BE(((vec *)key)[1]);
+ ((unsigned *)nonce)[0] = REVW_BE(((unsigned *)nonce)[0]);
+ ((unsigned *)nonce)[1] = REVW_BE(((unsigned *)nonce)[1]);
+ ((unsigned *)nonce)[2] = REVW_BE(((unsigned *)nonce)[2]);
+ ((unsigned *)nonce)[3] = REVW_BE(((unsigned *)nonce)[3]);
+ kp = (unsigned *)key;
+ np = (unsigned *)nonce;
+#endif
+#if defined(__ARM_NEON__)
+ np = (unsigned *)nonce;
+#endif
+ s0 = LOAD(chacha_const);
+ s1 = LOAD(&((vec *)kp)[0]);
+ s2 = LOAD(&((vec *)kp)[1]);
+ s3 = (vec){
+ counter,
+ ((uint32_t *)nonce)[0],
+ ((uint32_t *)nonce)[1],
+ ((uint32_t *)nonce)[2]
+ };
+
+ for (iters = 0; iters < inlen / (BPI * 64); iters++) {
+#if GPR_TOO
+ register unsigned x0, x1, x2, x3, x4, x5, x6, x7, x8,
+ x9, x10, x11, x12, x13, x14, x15;
+#endif
+#if VBPI > 2
+ vec v8, v9, v10, v11;
+#endif
+#if VBPI > 3
+ vec v12, v13, v14, v15;
+#endif
+
+ vec v0, v1, v2, v3, v4, v5, v6, v7;
+ v4 = v0 = s0;
+ v5 = v1 = s1;
+ v6 = v2 = s2;
+ v3 = s3;
+ v7 = v3 + ONE;
+#if VBPI > 2
+ v8 = v4;
+ v9 = v5;
+ v10 = v6;
+ v11 = v7 + ONE;
+#endif
+#if VBPI > 3
+ v12 = v8;
+ v13 = v9;
+ v14 = v10;
+ v15 = v11 + ONE;
+#endif
+#if GPR_TOO
+ x0 = chacha_const[0];
+ x1 = chacha_const[1];
+ x2 = chacha_const[2];
+ x3 = chacha_const[3];
+ x4 = kp[0];
+ x5 = kp[1];
+ x6 = kp[2];
+ x7 = kp[3];
+ x8 = kp[4];
+ x9 = kp[5];
+ x10 = kp[6];
+ x11 = kp[7];
+ x12 = counter + BPI * iters + (BPI - 1);
+ x13 = np[0];
+ x14 = np[1];
+ x15 = np[2];
+#endif
+ for (i = CHACHA_RNDS / 2; i; i--) {
+ DQROUND_VECTORS(v0, v1, v2, v3)
+ DQROUND_VECTORS(v4, v5, v6, v7)
+#if VBPI > 2
+ DQROUND_VECTORS(v8, v9, v10, v11)
+#endif
+#if VBPI > 3
+ DQROUND_VECTORS(v12, v13, v14, v15)
+#endif
+#if GPR_TOO
+ QROUND_WORDS(x0, x4, x8, x12)
+ QROUND_WORDS(x1, x5, x9, x13)
+ QROUND_WORDS(x2, x6, x10, x14)
+ QROUND_WORDS(x3, x7, x11, x15)
+ QROUND_WORDS(x0, x5, x10, x15)
+ QROUND_WORDS(x1, x6, x11, x12)
+ QROUND_WORDS(x2, x7, x8, x13)
+ QROUND_WORDS(x3, x4, x9, x14)
+#endif
+ }
+
+ WRITE_XOR(ip, op, 0, v0 + s0, v1 + s1, v2 + s2, v3 + s3)
+ s3 += ONE;
+ WRITE_XOR(ip, op, 16, v4 + s0, v5 + s1, v6 + s2, v7 + s3)
+ s3 += ONE;
+#if VBPI > 2
+ WRITE_XOR(ip, op, 32, v8 + s0, v9 + s1, v10 + s2, v11 + s3)
+ s3 += ONE;
+#endif
+#if VBPI > 3
+ WRITE_XOR(ip, op, 48, v12 + s0, v13 + s1, v14 + s2, v15 + s3)
+ s3 += ONE;
+#endif
+ ip += VBPI * 16;
+ op += VBPI * 16;
+#if GPR_TOO
+ op[0] = REVW_BE(REVW_BE(ip[0]) ^ (x0 + chacha_const[0]));
+ op[1] = REVW_BE(REVW_BE(ip[1]) ^ (x1 + chacha_const[1]));
+ op[2] = REVW_BE(REVW_BE(ip[2]) ^ (x2 + chacha_const[2]));
+ op[3] = REVW_BE(REVW_BE(ip[3]) ^ (x3 + chacha_const[3]));
+ op[4] = REVW_BE(REVW_BE(ip[4]) ^ (x4 + kp[0]));
+ op[5] = REVW_BE(REVW_BE(ip[5]) ^ (x5 + kp[1]));
+ op[6] = REVW_BE(REVW_BE(ip[6]) ^ (x6 + kp[2]));
+ op[7] = REVW_BE(REVW_BE(ip[7]) ^ (x7 + kp[3]));
+ op[8] = REVW_BE(REVW_BE(ip[8]) ^ (x8 + kp[4]));
+ op[9] = REVW_BE(REVW_BE(ip[9]) ^ (x9 + kp[5]));
+ op[10] = REVW_BE(REVW_BE(ip[10]) ^ (x10 + kp[6]));
+ op[11] = REVW_BE(REVW_BE(ip[11]) ^ (x11 + kp[7]));
+ op[12] = REVW_BE(REVW_BE(ip[12]) ^ (x12 + counter + BPI * iters + (BPI - 1)));
+ op[13] = REVW_BE(REVW_BE(ip[13]) ^ (x13 + np[0]));
+ op[14] = REVW_BE(REVW_BE(ip[14]) ^ (x14 + np[1]));
+ op[15] = REVW_BE(REVW_BE(ip[15]) ^ (x15 + np[2]));
+ s3 += ONE;
+ ip += 16;
+ op += 16;
+#endif
+ }
+
+ for (iters = inlen % (BPI * 64) / 64; iters != 0; iters--) {
+ vec v0 = s0, v1 = s1, v2 = s2, v3 = s3;
+ for (i = CHACHA_RNDS / 2; i; i--) {
+ DQROUND_VECTORS(v0, v1, v2, v3);
+ }
+ WRITE_XOR(ip, op, 0, v0 + s0, v1 + s1, v2 + s2, v3 + s3)
+ s3 += ONE;
+ ip += 16;
+ op += 16;
+ }
+
+ inlen = inlen % 64;
+ if (inlen) {
+ __attribute__((aligned(16))) vec buf[4];
+ vec v0, v1, v2, v3;
+ v0 = s0;
+ v1 = s1;
+ v2 = s2;
+ v3 = s3;
+ for (i = CHACHA_RNDS / 2; i; i--) {
+ DQROUND_VECTORS(v0, v1, v2, v3);
+ }
+
+ if (inlen >= 16) {
+ STORE(op + 0, LOAD(ip + 0) ^ REVV_BE(v0 + s0));
+ if (inlen >= 32) {
+ STORE(op + 4, LOAD(ip + 4) ^ REVV_BE(v1 + s1));
+ if (inlen >= 48) {
+ STORE(op + 8, LOAD(ip + 8) ^ REVV_BE(v2 + s2));
+ buf[3] = REVV_BE(v3 + s3);
+ } else {
+ buf[2] = REVV_BE(v2 + s2);
+ }
+ } else {
+ buf[1] = REVV_BE(v1 + s1);
+ }
+ } else {
+ buf[0] = REVV_BE(v0 + s0);
+ }
+
+ for (i = inlen & ~15; i < inlen; i++) {
+ ((char *)op)[i] = ((char *)ip)[i] ^ ((char *)buf)[i];
+ }
+ }
+}
diff --git a/security/nss/lib/freebl/chacha20poly1305.c b/security/nss/lib/freebl/chacha20poly1305.c
new file mode 100644
index 000000000..cd265e1ff
--- /dev/null
+++ b/security/nss/lib/freebl/chacha20poly1305.c
@@ -0,0 +1,198 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include <string.h>
+#include <stdio.h>
+
+#include "seccomon.h"
+#include "secerr.h"
+#include "blapit.h"
+
+#ifndef NSS_DISABLE_CHACHAPOLY
+#include "poly1305.h"
+#include "chacha20.h"
+#include "chacha20poly1305.h"
+#endif
+
+/* Poly1305Do writes the Poly1305 authenticator of the given additional data
+ * and ciphertext to |out|. */
+#ifndef NSS_DISABLE_CHACHAPOLY
+static void
+Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen,
+ const unsigned char *ciphertext, unsigned int ciphertextLen,
+ const unsigned char key[32])
+{
+ poly1305_state state;
+ unsigned int j;
+ unsigned char lengthBytes[8];
+ static const unsigned char zeros[15];
+ unsigned int i;
+
+ Poly1305Init(&state, key);
+ Poly1305Update(&state, ad, adLen);
+ if (adLen % 16 > 0) {
+ Poly1305Update(&state, zeros, 16 - adLen % 16);
+ }
+ Poly1305Update(&state, ciphertext, ciphertextLen);
+ if (ciphertextLen % 16 > 0) {
+ Poly1305Update(&state, zeros, 16 - ciphertextLen % 16);
+ }
+ j = adLen;
+ for (i = 0; i < sizeof(lengthBytes); i++) {
+ lengthBytes[i] = j;
+ j >>= 8;
+ }
+ Poly1305Update(&state, lengthBytes, sizeof(lengthBytes));
+ j = ciphertextLen;
+ for (i = 0; i < sizeof(lengthBytes); i++) {
+ lengthBytes[i] = j;
+ j >>= 8;
+ }
+ Poly1305Update(&state, lengthBytes, sizeof(lengthBytes));
+ Poly1305Finish(&state, out);
+}
+#endif
+
+SECStatus
+ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx,
+ const unsigned char *key, unsigned int keyLen,
+ unsigned int tagLen)
+{
+#ifdef NSS_DISABLE_CHACHAPOLY
+ return SECFailure;
+#else
+ if (keyLen != 32) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+ if (tagLen == 0 || tagLen > 16) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ PORT_Memcpy(ctx->key, key, sizeof(ctx->key));
+ ctx->tagLen = tagLen;
+
+ return SECSuccess;
+#endif
+}
+
+ChaCha20Poly1305Context *
+ChaCha20Poly1305_CreateContext(const unsigned char *key, unsigned int keyLen,
+ unsigned int tagLen)
+{
+#ifdef NSS_DISABLE_CHACHAPOLY
+ return NULL;
+#else
+ ChaCha20Poly1305Context *ctx;
+
+ ctx = PORT_New(ChaCha20Poly1305Context);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ if (ChaCha20Poly1305_InitContext(ctx, key, keyLen, tagLen) != SECSuccess) {
+ PORT_Free(ctx);
+ ctx = NULL;
+ }
+
+ return ctx;
+#endif
+}
+
+void
+ChaCha20Poly1305_DestroyContext(ChaCha20Poly1305Context *ctx, PRBool freeit)
+{
+#ifndef NSS_DISABLE_CHACHAPOLY
+ PORT_Memset(ctx, 0, sizeof(*ctx));
+ if (freeit) {
+ PORT_Free(ctx);
+ }
+#endif
+}
+
+SECStatus
+ChaCha20Poly1305_Seal(const ChaCha20Poly1305Context *ctx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen)
+{
+#ifdef NSS_DISABLE_CHACHAPOLY
+ return SECFailure;
+#else
+ unsigned char block[64];
+ unsigned char tag[16];
+
+ if (nonceLen != 12) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ *outputLen = inputLen + ctx->tagLen;
+ if (maxOutputLen < *outputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ PORT_Memset(block, 0, sizeof(block));
+ // Generate a block of keystream. The first 32 bytes will be the poly1305
+ // key. The remainder of the block is discarded.
+ ChaCha20XOR(block, block, sizeof(block), ctx->key, nonce, 0);
+ ChaCha20XOR(output, input, inputLen, ctx->key, nonce, 1);
+
+ Poly1305Do(tag, ad, adLen, output, inputLen, block);
+ PORT_Memcpy(output + inputLen, tag, ctx->tagLen);
+
+ return SECSuccess;
+#endif
+}
+
+SECStatus
+ChaCha20Poly1305_Open(const ChaCha20Poly1305Context *ctx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen)
+{
+#ifdef NSS_DISABLE_CHACHAPOLY
+ return SECFailure;
+#else
+ unsigned char block[64];
+ unsigned char tag[16];
+ unsigned int ciphertextLen;
+
+ if (nonceLen != 12) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (inputLen < ctx->tagLen) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ ciphertextLen = inputLen - ctx->tagLen;
+ *outputLen = ciphertextLen;
+ if (maxOutputLen < *outputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ PORT_Memset(block, 0, sizeof(block));
+ // Generate a block of keystream. The first 32 bytes will be the poly1305
+ // key. The remainder of the block is discarded.
+ ChaCha20XOR(block, block, sizeof(block), ctx->key, nonce, 0);
+ Poly1305Do(tag, ad, adLen, input, ciphertextLen, block);
+ if (NSS_SecureMemcmp(tag, &input[ciphertextLen], ctx->tagLen) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+
+ ChaCha20XOR(output, input, ciphertextLen, ctx->key, nonce, 1);
+
+ return SECSuccess;
+#endif
+}
diff --git a/security/nss/lib/freebl/chacha20poly1305.h b/security/nss/lib/freebl/chacha20poly1305.h
new file mode 100644
index 000000000..c77632aa1
--- /dev/null
+++ b/security/nss/lib/freebl/chacha20poly1305.h
@@ -0,0 +1,15 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CHACHA20_POLY1305_H_
+#define _CHACHA20_POLY1305_H_ 1
+
+/* ChaCha20Poly1305ContextStr saves the key and tag length for a
+ * ChaCha20+Poly1305 AEAD operation. */
+struct ChaCha20Poly1305ContextStr {
+ unsigned char key[32];
+ unsigned char tagLen;
+};
+
+#endif /* _CHACHA20_POLY1305_H_ */
diff --git a/security/nss/lib/freebl/config.mk b/security/nss/lib/freebl/config.mk
new file mode 100644
index 000000000..918a66363
--- /dev/null
+++ b/security/nss/lib/freebl/config.mk
@@ -0,0 +1,97 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# only do this in the outermost freebl build.
+ifndef FREEBL_CHILD_BUILD
+
+# We're going to change this build so that it builds libfreebl.a with
+# just loader.c. Then we have to build this directory twice again to
+# build the two DSOs.
+# To build libfreebl.a with just loader.c, we must now override many
+# of the make variables setup by the prior inclusion of CORECONF's config.mk
+
+CSRCS = loader.c
+SIMPLE_OBJS = $(CSRCS:.c=$(OBJ_SUFFIX))
+OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS))
+ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \
+ $(NOSUCHFILE) so_locations
+
+# this is not a recursive child make. We make a static lib. (archive)
+
+# Override the values defined in coreconf's ruleset.mk.
+#
+# - (1) LIBRARY: a static (archival) library
+# - (2) SHARED_LIBRARY: a shared (dynamic link) library
+# - (3) IMPORT_LIBRARY: an import library, used only on Windows
+# - (4) PROGRAM: an executable binary
+#
+# override these variables to prevent building a DSO/DLL.
+ TARGETS = $(LIBRARY)
+ SHARED_LIBRARY =
+ IMPORT_LIBRARY =
+ PROGRAM =
+
+else
+
+# This is a recursive child make. We build the shared lib.
+
+TARGETS = $(SHARED_LIBRARY)
+LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+ifeq ($(OS_TARGET), SunOS)
+OS_LIBS += -lkstat
+endif
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+
+RES = $(OBJDIR)/$(LIBRARY_NAME).res
+RESNAME = freebl.rc
+
+ifdef NS_USE_GCC
+OS_LIBS += -ladvapi32
+else
+OS_LIBS += advapi32.lib
+endif
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lnspr4 \
+ $(NULL)
+else # ! NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ $(DIST)/lib/nssutil3.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+ifeq ($(FREEBL_NO_DEPEND),1)
+#drop pthreads as well
+OS_PTHREAD=
+else
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lnspr4 \
+ $(NULL)
+endif
+endif
+
+ifeq ($(OS_ARCH), Darwin)
+EXTRA_SHARED_LIBS += -dylib_file @executable_path/libplc4.dylib:$(DIST)/lib/libplc4.dylib -dylib_file @executable_path/libplds4.dylib:$(DIST)/lib/libplds4.dylib
+endif
+
+endif
diff --git a/security/nss/lib/freebl/ctr.c b/security/nss/lib/freebl/ctr.c
new file mode 100644
index 000000000..d5715a505
--- /dev/null
+++ b/security/nss/lib/freebl/ctr.c
@@ -0,0 +1,246 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+#include "prtypes.h"
+#include "blapit.h"
+#include "blapii.h"
+#include "ctr.h"
+#include "pkcs11t.h"
+#include "secerr.h"
+
+#ifdef USE_HW_AES
+#include "intel-aes.h"
+#include "rijndael.h"
+#endif
+
+SECStatus
+CTR_InitContext(CTRContext *ctr, void *context, freeblCipherFunc cipher,
+ const unsigned char *param, unsigned int blocksize)
+{
+ const CK_AES_CTR_PARAMS *ctrParams = (const CK_AES_CTR_PARAMS *)param;
+
+ if (ctrParams->ulCounterBits == 0 ||
+ ctrParams->ulCounterBits > blocksize * PR_BITS_PER_BYTE) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Invariant: 0 < ctr->bufPtr <= blocksize */
+ ctr->checkWrap = PR_FALSE;
+ ctr->bufPtr = blocksize; /* no unused data in the buffer */
+ ctr->cipher = cipher;
+ ctr->context = context;
+ ctr->counterBits = ctrParams->ulCounterBits;
+ if (blocksize > sizeof(ctr->counter) ||
+ blocksize > sizeof(ctrParams->cb)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ PORT_Memcpy(ctr->counter, ctrParams->cb, blocksize);
+ if (ctr->counterBits < 64) {
+ PORT_Memcpy(ctr->counterFirst, ctr->counter, blocksize);
+ ctr->checkWrap = PR_TRUE;
+ }
+ return SECSuccess;
+}
+
+CTRContext *
+CTR_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *param, unsigned int blocksize)
+{
+ CTRContext *ctr;
+ SECStatus rv;
+
+ /* first fill in the Counter context */
+ ctr = PORT_ZNew(CTRContext);
+ if (ctr == NULL) {
+ return NULL;
+ }
+ rv = CTR_InitContext(ctr, context, cipher, param, blocksize);
+ if (rv != SECSuccess) {
+ CTR_DestroyContext(ctr, PR_TRUE);
+ ctr = NULL;
+ }
+ return ctr;
+}
+
+void
+CTR_DestroyContext(CTRContext *ctr, PRBool freeit)
+{
+ PORT_Memset(ctr, 0, sizeof(CTRContext));
+ if (freeit) {
+ PORT_Free(ctr);
+ }
+}
+
+/*
+ * Used by counter mode. Increment the counter block. Not all bits in the
+ * counter block are part of the counter, counterBits tells how many bits
+ * are part of the counter. The counter block is blocksize long. It's a
+ * big endian value.
+ *
+ * XXX Does not handle counter rollover.
+ */
+static void
+ctr_GetNextCtr(unsigned char *counter, unsigned int counterBits,
+ unsigned int blocksize)
+{
+ unsigned char *counterPtr = counter + blocksize - 1;
+ unsigned char mask, count;
+
+ PORT_Assert(counterBits <= blocksize * PR_BITS_PER_BYTE);
+ while (counterBits >= PR_BITS_PER_BYTE) {
+ if (++(*(counterPtr--))) {
+ return;
+ }
+ counterBits -= PR_BITS_PER_BYTE;
+ }
+ if (counterBits == 0) {
+ return;
+ }
+ /* increment the final partial byte */
+ mask = (1 << counterBits) - 1;
+ count = ++(*counterPtr) & mask;
+ *counterPtr = ((*counterPtr) & ~mask) | count;
+ return;
+}
+
+static void
+ctr_xor(unsigned char *target, const unsigned char *x,
+ const unsigned char *y, unsigned int count)
+{
+ unsigned int i;
+ for (i = 0; i < count; i++) {
+ *target++ = *x++ ^ *y++;
+ }
+}
+
+SECStatus
+CTR_Update(CTRContext *ctr, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ unsigned int tmp;
+ SECStatus rv;
+
+ if (maxout < inlen) {
+ *outlen = inlen;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outlen = 0;
+ if (ctr->bufPtr != blocksize) {
+ unsigned int needed = PR_MIN(blocksize - ctr->bufPtr, inlen);
+ ctr_xor(outbuf, inbuf, ctr->buffer + ctr->bufPtr, needed);
+ ctr->bufPtr += needed;
+ outbuf += needed;
+ inbuf += needed;
+ *outlen += needed;
+ inlen -= needed;
+ if (inlen == 0) {
+ return SECSuccess;
+ }
+ PORT_Assert(ctr->bufPtr == blocksize);
+ }
+
+ while (inlen >= blocksize) {
+ rv = (*ctr->cipher)(ctr->context, ctr->buffer, &tmp, blocksize,
+ ctr->counter, blocksize, blocksize);
+ ctr_GetNextCtr(ctr->counter, ctr->counterBits, blocksize);
+ if (ctr->checkWrap) {
+ if (PORT_Memcmp(ctr->counter, ctr->counterFirst, blocksize) == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ }
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ ctr_xor(outbuf, inbuf, ctr->buffer, blocksize);
+ outbuf += blocksize;
+ inbuf += blocksize;
+ *outlen += blocksize;
+ inlen -= blocksize;
+ }
+ if (inlen == 0) {
+ return SECSuccess;
+ }
+ rv = (*ctr->cipher)(ctr->context, ctr->buffer, &tmp, blocksize,
+ ctr->counter, blocksize, blocksize);
+ ctr_GetNextCtr(ctr->counter, ctr->counterBits, blocksize);
+ if (ctr->checkWrap) {
+ if (PORT_Memcmp(ctr->counter, ctr->counterFirst, blocksize) == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ }
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ ctr_xor(outbuf, inbuf, ctr->buffer, inlen);
+ ctr->bufPtr = inlen;
+ *outlen += inlen;
+ return SECSuccess;
+}
+
+#if defined(USE_HW_AES) && defined(_MSC_VER)
+SECStatus
+CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ unsigned int fullblocks;
+ unsigned int tmp;
+ SECStatus rv;
+
+ if (maxout < inlen) {
+ *outlen = inlen;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outlen = 0;
+ if (ctr->bufPtr != blocksize) {
+ unsigned int needed = PR_MIN(blocksize - ctr->bufPtr, inlen);
+ ctr_xor(outbuf, inbuf, ctr->buffer + ctr->bufPtr, needed);
+ ctr->bufPtr += needed;
+ outbuf += needed;
+ inbuf += needed;
+ *outlen += needed;
+ inlen -= needed;
+ if (inlen == 0) {
+ return SECSuccess;
+ }
+ PORT_Assert(ctr->bufPtr == blocksize);
+ }
+
+ intel_aes_ctr_worker(((AESContext *)(ctr->context))->Nr)(
+ ctr, outbuf, outlen, maxout, inbuf, inlen, blocksize);
+ /* XXX intel_aes_ctr_worker should set *outlen. */
+ PORT_Assert(*outlen == 0);
+ fullblocks = (inlen / blocksize) * blocksize;
+ *outlen += fullblocks;
+ outbuf += fullblocks;
+ inbuf += fullblocks;
+ inlen -= fullblocks;
+
+ if (inlen == 0) {
+ return SECSuccess;
+ }
+ rv = (*ctr->cipher)(ctr->context, ctr->buffer, &tmp, blocksize,
+ ctr->counter, blocksize, blocksize);
+ ctr_GetNextCtr(ctr->counter, ctr->counterBits, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ ctr_xor(outbuf, inbuf, ctr->buffer, inlen);
+ ctr->bufPtr = inlen;
+ *outlen += inlen;
+ return SECSuccess;
+}
+#endif
diff --git a/security/nss/lib/freebl/ctr.h b/security/nss/lib/freebl/ctr.h
new file mode 100644
index 000000000..a97da144e
--- /dev/null
+++ b/security/nss/lib/freebl/ctr.h
@@ -0,0 +1,53 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CTR_H
+#define CTR_H 1
+
+#include "blapii.h"
+
+/* This structure is defined in this header because both ctr.c and gcm.c
+ * need it. */
+struct CTRContextStr {
+ freeblCipherFunc cipher;
+ void *context;
+ unsigned char counter[MAX_BLOCK_SIZE];
+ unsigned char buffer[MAX_BLOCK_SIZE];
+ unsigned char counterFirst[MAX_BLOCK_SIZE]; /* counter overlfow value */
+ PRBool checkWrap; /*check for counter overflow*/
+ unsigned long counterBits;
+ unsigned int bufPtr;
+};
+
+typedef struct CTRContextStr CTRContext;
+
+SECStatus CTR_InitContext(CTRContext *ctr, void *context,
+ freeblCipherFunc cipher, const unsigned char *param,
+ unsigned int blocksize);
+
+/*
+ * The context argument is the inner cipher context to use with cipher. The
+ * CTRContext does not own context. context needs to remain valid for as long
+ * as the CTRContext is valid.
+ *
+ * The cipher argument is a block cipher in the ECB encrypt mode.
+ */
+CTRContext *CTR_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *param, unsigned int blocksize);
+
+void CTR_DestroyContext(CTRContext *ctr, PRBool freeit);
+
+SECStatus CTR_Update(CTRContext *ctr, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+
+#ifdef USE_HW_AES
+SECStatus CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+#endif
+
+#endif
diff --git a/security/nss/lib/freebl/cts.c b/security/nss/lib/freebl/cts.c
new file mode 100644
index 000000000..99ccebb60
--- /dev/null
+++ b/security/nss/lib/freebl/cts.c
@@ -0,0 +1,307 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+#include "blapit.h"
+#include "blapii.h"
+#include "cts.h"
+#include "secerr.h"
+
+struct CTSContextStr {
+ freeblCipherFunc cipher;
+ void *context;
+ /* iv stores the last ciphertext block of the previous message.
+ * Only used by decrypt. */
+ unsigned char iv[MAX_BLOCK_SIZE];
+};
+
+CTSContext *
+CTS_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *iv, unsigned int blocksize)
+{
+ CTSContext *cts;
+
+ if (blocksize > MAX_BLOCK_SIZE) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ cts = PORT_ZNew(CTSContext);
+ if (cts == NULL) {
+ return NULL;
+ }
+ PORT_Memcpy(cts->iv, iv, blocksize);
+ cts->cipher = cipher;
+ cts->context = context;
+ return cts;
+}
+
+void
+CTS_DestroyContext(CTSContext *cts, PRBool freeit)
+{
+ if (freeit) {
+ PORT_Free(cts);
+ }
+}
+
+/*
+ * See addemdum to NIST SP 800-38A
+ * Generically handle cipher text stealing. Basically this is doing CBC
+ * operations except someone can pass us a partial block.
+ *
+ * Output Order:
+ * CS-1: C1||C2||C3..Cn-1(could be partial)||Cn (NIST)
+ * CS-2: pad == 0 C1||C2||C3...Cn-1(is full)||Cn (Schneier)
+ * CS-2: pad != 0 C1||C2||C3...Cn||Cn-1(is partial)(Schneier)
+ * CS-3: C1||C2||C3...Cn||Cn-1(could be partial) (Kerberos)
+ *
+ * The characteristics of these three options:
+ * - NIST & Schneier (CS-1 & CS-2) are identical to CBC if there are no
+ * partial blocks on input.
+ * - Scheier and Kerberos (CS-2 and CS-3) have no embedded partial blocks,
+ * which make decoding easier.
+ * - NIST & Kerberos (CS-1 and CS-3) have consistent block order independent
+ * of padding.
+ *
+ * PKCS #11 did not specify which version to implement, but points to the NIST
+ * spec, so this code implements CTS-CS-1 from NIST.
+ *
+ * To convert the returned buffer to:
+ * CS-2 (Schneier): do
+ * unsigned char tmp[MAX_BLOCK_SIZE];
+ * pad = *outlen % blocksize;
+ * if (pad) {
+ * memcpy(tmp, outbuf+*outlen-blocksize, blocksize);
+ * memcpy(outbuf+*outlen-pad,outbuf+*outlen-blocksize-pad, pad);
+ * memcpy(outbuf+*outlen-blocksize-pad, tmp, blocksize);
+ * }
+ * CS-3 (Kerberos): do
+ * unsigned char tmp[MAX_BLOCK_SIZE];
+ * pad = *outlen % blocksize;
+ * if (pad == 0) {
+ * pad = blocksize;
+ * }
+ * memcpy(tmp, outbuf+*outlen-blocksize, blocksize);
+ * memcpy(outbuf+*outlen-pad,outbuf+*outlen-blocksize-pad, pad);
+ * memcpy(outbuf+*outlen-blocksize-pad, tmp, blocksize);
+ */
+SECStatus
+CTS_EncryptUpdate(CTSContext *cts, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ unsigned char lastBlock[MAX_BLOCK_SIZE];
+ unsigned int tmp;
+ int fullblocks;
+ int written;
+ unsigned char *saveout = outbuf;
+ SECStatus rv;
+
+ if (inlen < blocksize) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ if (maxout < inlen) {
+ *outlen = inlen;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ fullblocks = (inlen / blocksize) * blocksize;
+ rv = (*cts->cipher)(cts->context, outbuf, outlen, maxout, inbuf,
+ fullblocks, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ *outlen = fullblocks; /* AES low level doesn't set outlen */
+ inbuf += fullblocks;
+ inlen -= fullblocks;
+ if (inlen == 0) {
+ return SECSuccess;
+ }
+ written = *outlen - (blocksize - inlen);
+ outbuf += written;
+ maxout -= written;
+
+ /*
+ * here's the CTS magic, we pad our final block with zeros,
+ * then do a CBC encrypt. CBC will xor our plain text with
+ * the previous block (Cn-1), capturing part of that block (Cn-1**) as it
+ * xors with the zero pad. We then write this full block, overwritting
+ * (Cn-1**) in our buffer. This allows us to have input data == output
+ * data since Cn contains enough information to reconver Cn-1** when
+ * we decrypt (at the cost of some complexity as you can see in decrypt
+ * below */
+ PORT_Memcpy(lastBlock, inbuf, inlen);
+ PORT_Memset(lastBlock + inlen, 0, blocksize - inlen);
+ rv = (*cts->cipher)(cts->context, outbuf, &tmp, maxout, lastBlock,
+ blocksize, blocksize);
+ PORT_Memset(lastBlock, 0, blocksize);
+ if (rv == SECSuccess) {
+ *outlen = written + blocksize;
+ } else {
+ PORT_Memset(saveout, 0, written + blocksize);
+ }
+ return rv;
+}
+
+#define XOR_BLOCK(x, y, count) \
+ for (i = 0; i < count; i++) \
+ x[i] = x[i] ^ y[i]
+
+/*
+ * See addemdum to NIST SP 800-38A
+ * Decrypt, Expect CS-1: input. See the comment on the encrypt side
+ * to understand what CS-2 and CS-3 mean.
+ *
+ * To convert the input buffer to CS-1 from ...
+ * CS-2 (Schneier): do
+ * unsigned char tmp[MAX_BLOCK_SIZE];
+ * pad = inlen % blocksize;
+ * if (pad) {
+ * memcpy(tmp, inbuf+inlen-blocksize-pad, blocksize);
+ * memcpy(inbuf+inlen-blocksize-pad,inbuf+inlen-pad, pad);
+ * memcpy(inbuf+inlen-blocksize, tmp, blocksize);
+ * }
+ * CS-3 (Kerberos): do
+ * unsigned char tmp[MAX_BLOCK_SIZE];
+ * pad = inlen % blocksize;
+ * if (pad == 0) {
+ * pad = blocksize;
+ * }
+ * memcpy(tmp, inbuf+inlen-blocksize-pad, blocksize);
+ * memcpy(inbuf+inlen-blocksize-pad,inbuf+inlen-pad, pad);
+ * memcpy(inbuf+inlen-blocksize, tmp, blocksize);
+ */
+SECStatus
+CTS_DecryptUpdate(CTSContext *cts, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ unsigned char *Pn;
+ unsigned char Cn_2[MAX_BLOCK_SIZE]; /* block Cn-2 */
+ unsigned char Cn_1[MAX_BLOCK_SIZE]; /* block Cn-1 */
+ unsigned char Cn[MAX_BLOCK_SIZE]; /* block Cn */
+ unsigned char lastBlock[MAX_BLOCK_SIZE];
+ const unsigned char *tmp;
+ unsigned char *saveout = outbuf;
+ unsigned int tmpLen;
+ unsigned int fullblocks, pad;
+ unsigned int i;
+ SECStatus rv;
+
+ if (inlen < blocksize) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ if (maxout < inlen) {
+ *outlen = inlen;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ fullblocks = (inlen / blocksize) * blocksize;
+
+ /* even though we expect the input to be CS-1, CS-2 is easier to parse,
+ * so convert to CS-2 immediately. NOTE: this is the same code as in
+ * the comment for encrypt. NOTE2: since we can't modify inbuf unless
+ * inbuf and outbuf overlap, just copy inbuf to outbuf and modify it there
+ */
+ pad = inlen - fullblocks;
+ if (pad != 0) {
+ if (inbuf != outbuf) {
+ memcpy(outbuf, inbuf, inlen);
+ /* keep the names so we logically know how we are using the
+ * buffers */
+ inbuf = outbuf;
+ }
+ memcpy(lastBlock, inbuf + inlen - blocksize, blocksize);
+ /* we know inbuf == outbuf now, inbuf is declared const and can't
+ * be the target, so use outbuf for the target here */
+ memcpy(outbuf + inlen - pad, inbuf + inlen - blocksize - pad, pad);
+ memcpy(outbuf + inlen - blocksize - pad, lastBlock, blocksize);
+ }
+ /* save the previous to last block so we can undo the misordered
+ * chaining */
+ tmp = (fullblocks < blocksize * 2) ? cts->iv : inbuf + fullblocks - blocksize * 2;
+ PORT_Memcpy(Cn_2, tmp, blocksize);
+ PORT_Memcpy(Cn, inbuf + fullblocks - blocksize, blocksize);
+ rv = (*cts->cipher)(cts->context, outbuf, outlen, maxout, inbuf,
+ fullblocks, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ *outlen = fullblocks; /* AES low level doesn't set outlen */
+ inbuf += fullblocks;
+ inlen -= fullblocks;
+ if (inlen == 0) {
+ return SECSuccess;
+ }
+ outbuf += fullblocks;
+
+ /* recover the stolen text */
+ PORT_Memset(lastBlock, 0, blocksize);
+ PORT_Memcpy(lastBlock, inbuf, inlen);
+ PORT_Memcpy(Cn_1, inbuf, inlen);
+ Pn = outbuf - blocksize;
+ /* inbuf points to Cn-1* in the input buffer */
+ /* NOTE: below there are 2 sections marked "make up for the out of order
+ * cbc decryption". You may ask, what is going on here.
+ * Short answer: CBC automatically xors the plain text with the previous
+ * encrypted block. We are decrypting the last 2 blocks out of order, so
+ * we have to 'back out' the decrypt xor and 'add back' the encrypt xor.
+ * Long answer: When we encrypted, we encrypted as follows:
+ * Pn-2, Pn-1, (Pn || 0), but on decryption we can't
+ * decrypt Cn-1 until we decrypt Cn because part of Cn-1 is stored in
+ * Cn (see below). So above we decrypted all the full blocks:
+ * Cn-2, Cn,
+ * to get:
+ * Pn-2, Pn, Except that Pn is not yet corect. On encrypt, we
+ * xor'd Pn || 0 with Cn-1, but on decrypt we xor'd it with Cn-2
+ * To recover Pn, we xor the block with Cn-1* || 0 (in last block) and
+ * Cn-2 to get Pn || Cn-1**. Pn can then be written to the output buffer
+ * and we can now reunite Cn-1. With the full Cn-1 we can decrypt it,
+ * but now decrypt is going to xor the decrypted data with Cn instead of
+ * Cn-2. xoring Cn and Cn-2 restores the original Pn-1 and we can now
+ * write that oout to the buffer */
+
+ /* make up for the out of order CBC decryption */
+ XOR_BLOCK(lastBlock, Cn_2, blocksize);
+ XOR_BLOCK(lastBlock, Pn, blocksize);
+ /* last buf now has Pn || Cn-1**, copy out Pn */
+ PORT_Memcpy(outbuf, lastBlock, inlen);
+ *outlen += inlen;
+ /* copy Cn-1* into last buf to recover Cn-1 */
+ PORT_Memcpy(lastBlock, Cn_1, inlen);
+ /* note: because Cn and Cn-1 were out of order, our pointer to Pn also
+ * points to where Pn-1 needs to reside. From here on out read Pn in
+ * the code as really Pn-1. */
+ rv = (*cts->cipher)(cts->context, Pn, &tmpLen, blocksize, lastBlock,
+ blocksize, blocksize);
+ if (rv != SECSuccess) {
+ PORT_Memset(lastBlock, 0, blocksize);
+ PORT_Memset(saveout, 0, *outlen);
+ return SECFailure;
+ }
+ /* make up for the out of order CBC decryption */
+ XOR_BLOCK(Pn, Cn_2, blocksize);
+ XOR_BLOCK(Pn, Cn, blocksize);
+ /* reset iv to Cn */
+ PORT_Memcpy(cts->iv, Cn, blocksize);
+ /* This makes Cn the last block for the next decrypt operation, which
+ * matches the encrypt. We don't care about the contexts of last block,
+ * only the side effect of setting the internal IV */
+ (void)(*cts->cipher)(cts->context, lastBlock, &tmpLen, blocksize, Cn,
+ blocksize, blocksize);
+ /* clear last block. At this point last block contains Pn xor Cn_1 xor
+ * Cn_2, both of with an attacker would know, so we need to clear this
+ * buffer out */
+ PORT_Memset(lastBlock, 0, blocksize);
+ /* Cn, Cn_1, and Cn_2 have encrypted data, so no need to clear them */
+ return SECSuccess;
+}
diff --git a/security/nss/lib/freebl/cts.h b/security/nss/lib/freebl/cts.h
new file mode 100644
index 000000000..a3ec180af
--- /dev/null
+++ b/security/nss/lib/freebl/cts.h
@@ -0,0 +1,33 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef CTS_H
+#define CTS_H 1
+
+#include "blapii.h"
+
+typedef struct CTSContextStr CTSContext;
+
+/*
+ * The context argument is the inner cipher context to use with cipher. The
+ * CTSContext does not own context. context needs to remain valid for as long
+ * as the CTSContext is valid.
+ *
+ * The cipher argument is a block cipher in the CBC mode.
+ */
+CTSContext *CTS_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *iv, unsigned int blocksize);
+
+void CTS_DestroyContext(CTSContext *cts, PRBool freeit);
+
+SECStatus CTS_EncryptUpdate(CTSContext *cts, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+SECStatus CTS_DecryptUpdate(CTSContext *cts, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+
+#endif
diff --git a/security/nss/lib/freebl/des.c b/security/nss/lib/freebl/des.c
new file mode 100644
index 000000000..fd433bbb2
--- /dev/null
+++ b/security/nss/lib/freebl/des.c
@@ -0,0 +1,676 @@
+/*
+ * des.c
+ *
+ * core source file for DES-150 library
+ * Make key schedule from DES key.
+ * Encrypt/Decrypt one 8-byte block.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "des.h"
+#include "blapii.h"
+#include <stddef.h> /* for ptrdiff_t */
+/* #define USE_INDEXING 1 */
+
+/*
+ * The tables below are the 8 sbox functions, with the 6-bit input permutation
+ * and the 32-bit output permutation pre-computed.
+ * They are shifted circularly to the left 3 bits, which removes 2 shifts
+ * and an or from each round by reducing the number of sboxes whose
+ * indices cross word broundaries from 2 to 1.
+ */
+
+static const HALF SP[8][64] = {
+ /* Box S1 */
+ { 0x04041000, 0x00000000, 0x00040000, 0x04041010,
+ 0x04040010, 0x00041010, 0x00000010, 0x00040000,
+ 0x00001000, 0x04041000, 0x04041010, 0x00001000,
+ 0x04001010, 0x04040010, 0x04000000, 0x00000010,
+ 0x00001010, 0x04001000, 0x04001000, 0x00041000,
+ 0x00041000, 0x04040000, 0x04040000, 0x04001010,
+ 0x00040010, 0x04000010, 0x04000010, 0x00040010,
+ 0x00000000, 0x00001010, 0x00041010, 0x04000000,
+ 0x00040000, 0x04041010, 0x00000010, 0x04040000,
+ 0x04041000, 0x04000000, 0x04000000, 0x00001000,
+ 0x04040010, 0x00040000, 0x00041000, 0x04000010,
+ 0x00001000, 0x00000010, 0x04001010, 0x00041010,
+ 0x04041010, 0x00040010, 0x04040000, 0x04001010,
+ 0x04000010, 0x00001010, 0x00041010, 0x04041000,
+ 0x00001010, 0x04001000, 0x04001000, 0x00000000,
+ 0x00040010, 0x00041000, 0x00000000, 0x04040010 },
+ /* Box S2 */
+ { 0x00420082, 0x00020002, 0x00020000, 0x00420080,
+ 0x00400000, 0x00000080, 0x00400082, 0x00020082,
+ 0x00000082, 0x00420082, 0x00420002, 0x00000002,
+ 0x00020002, 0x00400000, 0x00000080, 0x00400082,
+ 0x00420000, 0x00400080, 0x00020082, 0x00000000,
+ 0x00000002, 0x00020000, 0x00420080, 0x00400002,
+ 0x00400080, 0x00000082, 0x00000000, 0x00420000,
+ 0x00020080, 0x00420002, 0x00400002, 0x00020080,
+ 0x00000000, 0x00420080, 0x00400082, 0x00400000,
+ 0x00020082, 0x00400002, 0x00420002, 0x00020000,
+ 0x00400002, 0x00020002, 0x00000080, 0x00420082,
+ 0x00420080, 0x00000080, 0x00020000, 0x00000002,
+ 0x00020080, 0x00420002, 0x00400000, 0x00000082,
+ 0x00400080, 0x00020082, 0x00000082, 0x00400080,
+ 0x00420000, 0x00000000, 0x00020002, 0x00020080,
+ 0x00000002, 0x00400082, 0x00420082, 0x00420000 },
+ /* Box S3 */
+ { 0x00000820, 0x20080800, 0x00000000, 0x20080020,
+ 0x20000800, 0x00000000, 0x00080820, 0x20000800,
+ 0x00080020, 0x20000020, 0x20000020, 0x00080000,
+ 0x20080820, 0x00080020, 0x20080000, 0x00000820,
+ 0x20000000, 0x00000020, 0x20080800, 0x00000800,
+ 0x00080800, 0x20080000, 0x20080020, 0x00080820,
+ 0x20000820, 0x00080800, 0x00080000, 0x20000820,
+ 0x00000020, 0x20080820, 0x00000800, 0x20000000,
+ 0x20080800, 0x20000000, 0x00080020, 0x00000820,
+ 0x00080000, 0x20080800, 0x20000800, 0x00000000,
+ 0x00000800, 0x00080020, 0x20080820, 0x20000800,
+ 0x20000020, 0x00000800, 0x00000000, 0x20080020,
+ 0x20000820, 0x00080000, 0x20000000, 0x20080820,
+ 0x00000020, 0x00080820, 0x00080800, 0x20000020,
+ 0x20080000, 0x20000820, 0x00000820, 0x20080000,
+ 0x00080820, 0x00000020, 0x20080020, 0x00080800 },
+ /* Box S4 */
+ { 0x02008004, 0x00008204, 0x00008204, 0x00000200,
+ 0x02008200, 0x02000204, 0x02000004, 0x00008004,
+ 0x00000000, 0x02008000, 0x02008000, 0x02008204,
+ 0x00000204, 0x00000000, 0x02000200, 0x02000004,
+ 0x00000004, 0x00008000, 0x02000000, 0x02008004,
+ 0x00000200, 0x02000000, 0x00008004, 0x00008200,
+ 0x02000204, 0x00000004, 0x00008200, 0x02000200,
+ 0x00008000, 0x02008200, 0x02008204, 0x00000204,
+ 0x02000200, 0x02000004, 0x02008000, 0x02008204,
+ 0x00000204, 0x00000000, 0x00000000, 0x02008000,
+ 0x00008200, 0x02000200, 0x02000204, 0x00000004,
+ 0x02008004, 0x00008204, 0x00008204, 0x00000200,
+ 0x02008204, 0x00000204, 0x00000004, 0x00008000,
+ 0x02000004, 0x00008004, 0x02008200, 0x02000204,
+ 0x00008004, 0x00008200, 0x02000000, 0x02008004,
+ 0x00000200, 0x02000000, 0x00008000, 0x02008200 },
+ /* Box S5 */
+ { 0x00000400, 0x08200400, 0x08200000, 0x08000401,
+ 0x00200000, 0x00000400, 0x00000001, 0x08200000,
+ 0x00200401, 0x00200000, 0x08000400, 0x00200401,
+ 0x08000401, 0x08200001, 0x00200400, 0x00000001,
+ 0x08000000, 0x00200001, 0x00200001, 0x00000000,
+ 0x00000401, 0x08200401, 0x08200401, 0x08000400,
+ 0x08200001, 0x00000401, 0x00000000, 0x08000001,
+ 0x08200400, 0x08000000, 0x08000001, 0x00200400,
+ 0x00200000, 0x08000401, 0x00000400, 0x08000000,
+ 0x00000001, 0x08200000, 0x08000401, 0x00200401,
+ 0x08000400, 0x00000001, 0x08200001, 0x08200400,
+ 0x00200401, 0x00000400, 0x08000000, 0x08200001,
+ 0x08200401, 0x00200400, 0x08000001, 0x08200401,
+ 0x08200000, 0x00000000, 0x00200001, 0x08000001,
+ 0x00200400, 0x08000400, 0x00000401, 0x00200000,
+ 0x00000000, 0x00200001, 0x08200400, 0x00000401 },
+ /* Box S6 */
+ { 0x80000040, 0x81000000, 0x00010000, 0x81010040,
+ 0x81000000, 0x00000040, 0x81010040, 0x01000000,
+ 0x80010000, 0x01010040, 0x01000000, 0x80000040,
+ 0x01000040, 0x80010000, 0x80000000, 0x00010040,
+ 0x00000000, 0x01000040, 0x80010040, 0x00010000,
+ 0x01010000, 0x80010040, 0x00000040, 0x81000040,
+ 0x81000040, 0x00000000, 0x01010040, 0x81010000,
+ 0x00010040, 0x01010000, 0x81010000, 0x80000000,
+ 0x80010000, 0x00000040, 0x81000040, 0x01010000,
+ 0x81010040, 0x01000000, 0x00010040, 0x80000040,
+ 0x01000000, 0x80010000, 0x80000000, 0x00010040,
+ 0x80000040, 0x81010040, 0x01010000, 0x81000000,
+ 0x01010040, 0x81010000, 0x00000000, 0x81000040,
+ 0x00000040, 0x00010000, 0x81000000, 0x01010040,
+ 0x00010000, 0x01000040, 0x80010040, 0x00000000,
+ 0x81010000, 0x80000000, 0x01000040, 0x80010040 },
+ /* Box S7 */
+ { 0x00800000, 0x10800008, 0x10002008, 0x00000000,
+ 0x00002000, 0x10002008, 0x00802008, 0x10802000,
+ 0x10802008, 0x00800000, 0x00000000, 0x10000008,
+ 0x00000008, 0x10000000, 0x10800008, 0x00002008,
+ 0x10002000, 0x00802008, 0x00800008, 0x10002000,
+ 0x10000008, 0x10800000, 0x10802000, 0x00800008,
+ 0x10800000, 0x00002000, 0x00002008, 0x10802008,
+ 0x00802000, 0x00000008, 0x10000000, 0x00802000,
+ 0x10000000, 0x00802000, 0x00800000, 0x10002008,
+ 0x10002008, 0x10800008, 0x10800008, 0x00000008,
+ 0x00800008, 0x10000000, 0x10002000, 0x00800000,
+ 0x10802000, 0x00002008, 0x00802008, 0x10802000,
+ 0x00002008, 0x10000008, 0x10802008, 0x10800000,
+ 0x00802000, 0x00000000, 0x00000008, 0x10802008,
+ 0x00000000, 0x00802008, 0x10800000, 0x00002000,
+ 0x10000008, 0x10002000, 0x00002000, 0x00800008 },
+ /* Box S8 */
+ { 0x40004100, 0x00004000, 0x00100000, 0x40104100,
+ 0x40000000, 0x40004100, 0x00000100, 0x40000000,
+ 0x00100100, 0x40100000, 0x40104100, 0x00104000,
+ 0x40104000, 0x00104100, 0x00004000, 0x00000100,
+ 0x40100000, 0x40000100, 0x40004000, 0x00004100,
+ 0x00104000, 0x00100100, 0x40100100, 0x40104000,
+ 0x00004100, 0x00000000, 0x00000000, 0x40100100,
+ 0x40000100, 0x40004000, 0x00104100, 0x00100000,
+ 0x00104100, 0x00100000, 0x40104000, 0x00004000,
+ 0x00000100, 0x40100100, 0x00004000, 0x00104100,
+ 0x40004000, 0x00000100, 0x40000100, 0x40100000,
+ 0x40100100, 0x40000000, 0x00100000, 0x40004100,
+ 0x00000000, 0x40104100, 0x00100100, 0x40000100,
+ 0x40100000, 0x40004000, 0x40004100, 0x00000000,
+ 0x40104100, 0x00104000, 0x00104000, 0x00004100,
+ 0x00004100, 0x00100100, 0x40000000, 0x40104000 }
+};
+
+static const HALF PC2[8][64] = {
+ /* table 0 */
+ { 0x00000000, 0x00001000, 0x04000000, 0x04001000,
+ 0x00100000, 0x00101000, 0x04100000, 0x04101000,
+ 0x00008000, 0x00009000, 0x04008000, 0x04009000,
+ 0x00108000, 0x00109000, 0x04108000, 0x04109000,
+ 0x00000004, 0x00001004, 0x04000004, 0x04001004,
+ 0x00100004, 0x00101004, 0x04100004, 0x04101004,
+ 0x00008004, 0x00009004, 0x04008004, 0x04009004,
+ 0x00108004, 0x00109004, 0x04108004, 0x04109004,
+ 0x08000000, 0x08001000, 0x0c000000, 0x0c001000,
+ 0x08100000, 0x08101000, 0x0c100000, 0x0c101000,
+ 0x08008000, 0x08009000, 0x0c008000, 0x0c009000,
+ 0x08108000, 0x08109000, 0x0c108000, 0x0c109000,
+ 0x08000004, 0x08001004, 0x0c000004, 0x0c001004,
+ 0x08100004, 0x08101004, 0x0c100004, 0x0c101004,
+ 0x08008004, 0x08009004, 0x0c008004, 0x0c009004,
+ 0x08108004, 0x08109004, 0x0c108004, 0x0c109004 },
+ /* table 1 */
+ { 0x00000000, 0x00002000, 0x80000000, 0x80002000,
+ 0x00000008, 0x00002008, 0x80000008, 0x80002008,
+ 0x00200000, 0x00202000, 0x80200000, 0x80202000,
+ 0x00200008, 0x00202008, 0x80200008, 0x80202008,
+ 0x20000000, 0x20002000, 0xa0000000, 0xa0002000,
+ 0x20000008, 0x20002008, 0xa0000008, 0xa0002008,
+ 0x20200000, 0x20202000, 0xa0200000, 0xa0202000,
+ 0x20200008, 0x20202008, 0xa0200008, 0xa0202008,
+ 0x00000400, 0x00002400, 0x80000400, 0x80002400,
+ 0x00000408, 0x00002408, 0x80000408, 0x80002408,
+ 0x00200400, 0x00202400, 0x80200400, 0x80202400,
+ 0x00200408, 0x00202408, 0x80200408, 0x80202408,
+ 0x20000400, 0x20002400, 0xa0000400, 0xa0002400,
+ 0x20000408, 0x20002408, 0xa0000408, 0xa0002408,
+ 0x20200400, 0x20202400, 0xa0200400, 0xa0202400,
+ 0x20200408, 0x20202408, 0xa0200408, 0xa0202408 },
+ /* table 2 */
+ { 0x00000000, 0x00004000, 0x00000020, 0x00004020,
+ 0x00080000, 0x00084000, 0x00080020, 0x00084020,
+ 0x00000800, 0x00004800, 0x00000820, 0x00004820,
+ 0x00080800, 0x00084800, 0x00080820, 0x00084820,
+ 0x00000010, 0x00004010, 0x00000030, 0x00004030,
+ 0x00080010, 0x00084010, 0x00080030, 0x00084030,
+ 0x00000810, 0x00004810, 0x00000830, 0x00004830,
+ 0x00080810, 0x00084810, 0x00080830, 0x00084830,
+ 0x00400000, 0x00404000, 0x00400020, 0x00404020,
+ 0x00480000, 0x00484000, 0x00480020, 0x00484020,
+ 0x00400800, 0x00404800, 0x00400820, 0x00404820,
+ 0x00480800, 0x00484800, 0x00480820, 0x00484820,
+ 0x00400010, 0x00404010, 0x00400030, 0x00404030,
+ 0x00480010, 0x00484010, 0x00480030, 0x00484030,
+ 0x00400810, 0x00404810, 0x00400830, 0x00404830,
+ 0x00480810, 0x00484810, 0x00480830, 0x00484830 },
+ /* table 3 */
+ { 0x00000000, 0x40000000, 0x00000080, 0x40000080,
+ 0x00040000, 0x40040000, 0x00040080, 0x40040080,
+ 0x00000040, 0x40000040, 0x000000c0, 0x400000c0,
+ 0x00040040, 0x40040040, 0x000400c0, 0x400400c0,
+ 0x10000000, 0x50000000, 0x10000080, 0x50000080,
+ 0x10040000, 0x50040000, 0x10040080, 0x50040080,
+ 0x10000040, 0x50000040, 0x100000c0, 0x500000c0,
+ 0x10040040, 0x50040040, 0x100400c0, 0x500400c0,
+ 0x00800000, 0x40800000, 0x00800080, 0x40800080,
+ 0x00840000, 0x40840000, 0x00840080, 0x40840080,
+ 0x00800040, 0x40800040, 0x008000c0, 0x408000c0,
+ 0x00840040, 0x40840040, 0x008400c0, 0x408400c0,
+ 0x10800000, 0x50800000, 0x10800080, 0x50800080,
+ 0x10840000, 0x50840000, 0x10840080, 0x50840080,
+ 0x10800040, 0x50800040, 0x108000c0, 0x508000c0,
+ 0x10840040, 0x50840040, 0x108400c0, 0x508400c0 },
+ /* table 4 */
+ { 0x00000000, 0x00000008, 0x08000000, 0x08000008,
+ 0x00040000, 0x00040008, 0x08040000, 0x08040008,
+ 0x00002000, 0x00002008, 0x08002000, 0x08002008,
+ 0x00042000, 0x00042008, 0x08042000, 0x08042008,
+ 0x80000000, 0x80000008, 0x88000000, 0x88000008,
+ 0x80040000, 0x80040008, 0x88040000, 0x88040008,
+ 0x80002000, 0x80002008, 0x88002000, 0x88002008,
+ 0x80042000, 0x80042008, 0x88042000, 0x88042008,
+ 0x00080000, 0x00080008, 0x08080000, 0x08080008,
+ 0x000c0000, 0x000c0008, 0x080c0000, 0x080c0008,
+ 0x00082000, 0x00082008, 0x08082000, 0x08082008,
+ 0x000c2000, 0x000c2008, 0x080c2000, 0x080c2008,
+ 0x80080000, 0x80080008, 0x88080000, 0x88080008,
+ 0x800c0000, 0x800c0008, 0x880c0000, 0x880c0008,
+ 0x80082000, 0x80082008, 0x88082000, 0x88082008,
+ 0x800c2000, 0x800c2008, 0x880c2000, 0x880c2008 },
+ /* table 5 */
+ { 0x00000000, 0x00400000, 0x00008000, 0x00408000,
+ 0x40000000, 0x40400000, 0x40008000, 0x40408000,
+ 0x00000020, 0x00400020, 0x00008020, 0x00408020,
+ 0x40000020, 0x40400020, 0x40008020, 0x40408020,
+ 0x00001000, 0x00401000, 0x00009000, 0x00409000,
+ 0x40001000, 0x40401000, 0x40009000, 0x40409000,
+ 0x00001020, 0x00401020, 0x00009020, 0x00409020,
+ 0x40001020, 0x40401020, 0x40009020, 0x40409020,
+ 0x00100000, 0x00500000, 0x00108000, 0x00508000,
+ 0x40100000, 0x40500000, 0x40108000, 0x40508000,
+ 0x00100020, 0x00500020, 0x00108020, 0x00508020,
+ 0x40100020, 0x40500020, 0x40108020, 0x40508020,
+ 0x00101000, 0x00501000, 0x00109000, 0x00509000,
+ 0x40101000, 0x40501000, 0x40109000, 0x40509000,
+ 0x00101020, 0x00501020, 0x00109020, 0x00509020,
+ 0x40101020, 0x40501020, 0x40109020, 0x40509020 },
+ /* table 6 */
+ { 0x00000000, 0x00000040, 0x04000000, 0x04000040,
+ 0x00000800, 0x00000840, 0x04000800, 0x04000840,
+ 0x00800000, 0x00800040, 0x04800000, 0x04800040,
+ 0x00800800, 0x00800840, 0x04800800, 0x04800840,
+ 0x10000000, 0x10000040, 0x14000000, 0x14000040,
+ 0x10000800, 0x10000840, 0x14000800, 0x14000840,
+ 0x10800000, 0x10800040, 0x14800000, 0x14800040,
+ 0x10800800, 0x10800840, 0x14800800, 0x14800840,
+ 0x00000080, 0x000000c0, 0x04000080, 0x040000c0,
+ 0x00000880, 0x000008c0, 0x04000880, 0x040008c0,
+ 0x00800080, 0x008000c0, 0x04800080, 0x048000c0,
+ 0x00800880, 0x008008c0, 0x04800880, 0x048008c0,
+ 0x10000080, 0x100000c0, 0x14000080, 0x140000c0,
+ 0x10000880, 0x100008c0, 0x14000880, 0x140008c0,
+ 0x10800080, 0x108000c0, 0x14800080, 0x148000c0,
+ 0x10800880, 0x108008c0, 0x14800880, 0x148008c0 },
+ /* table 7 */
+ { 0x00000000, 0x00000010, 0x00000400, 0x00000410,
+ 0x00000004, 0x00000014, 0x00000404, 0x00000414,
+ 0x00004000, 0x00004010, 0x00004400, 0x00004410,
+ 0x00004004, 0x00004014, 0x00004404, 0x00004414,
+ 0x20000000, 0x20000010, 0x20000400, 0x20000410,
+ 0x20000004, 0x20000014, 0x20000404, 0x20000414,
+ 0x20004000, 0x20004010, 0x20004400, 0x20004410,
+ 0x20004004, 0x20004014, 0x20004404, 0x20004414,
+ 0x00200000, 0x00200010, 0x00200400, 0x00200410,
+ 0x00200004, 0x00200014, 0x00200404, 0x00200414,
+ 0x00204000, 0x00204010, 0x00204400, 0x00204410,
+ 0x00204004, 0x00204014, 0x00204404, 0x00204414,
+ 0x20200000, 0x20200010, 0x20200400, 0x20200410,
+ 0x20200004, 0x20200014, 0x20200404, 0x20200414,
+ 0x20204000, 0x20204010, 0x20204400, 0x20204410,
+ 0x20204004, 0x20204014, 0x20204404, 0x20204414 }
+};
+
+/*
+ * The PC-1 Permutation
+ * If we number the bits of the 8 bytes of key input like this (in octal):
+ * 00 01 02 03 04 05 06 07
+ * 10 11 12 13 14 15 16 17
+ * 20 21 22 23 24 25 26 27
+ * 30 31 32 33 34 35 36 37
+ * 40 41 42 43 44 45 46 47
+ * 50 51 52 53 54 55 56 57
+ * 60 61 62 63 64 65 66 67
+ * 70 71 72 73 74 75 76 77
+ * then after the PC-1 permutation,
+ * C0 is
+ * 70 60 50 40 30 20 10 00
+ * 71 61 51 41 31 21 11 01
+ * 72 62 52 42 32 22 12 02
+ * 73 63 53 43
+ * D0 is
+ * 76 66 56 46 36 26 16 06
+ * 75 65 55 45 35 25 15 05
+ * 74 64 54 44 34 24 14 04
+ * 33 23 13 03
+ * and these parity bits have been discarded:
+ * 77 67 57 47 37 27 17 07
+ *
+ * We achieve this by flipping the input matrix about the diagonal from 70-07,
+ * getting left =
+ * 77 67 57 47 37 27 17 07 (these are the parity bits)
+ * 76 66 56 46 36 26 16 06
+ * 75 65 55 45 35 25 15 05
+ * 74 64 54 44 34 24 14 04
+ * right =
+ * 73 63 53 43 33 23 13 03
+ * 72 62 52 42 32 22 12 02
+ * 71 61 51 41 31 21 11 01
+ * 70 60 50 40 30 20 10 00
+ * then byte swap right, ala htonl() on a little endian machine.
+ * right =
+ * 70 60 50 40 30 20 10 00
+ * 71 67 57 47 37 27 11 07
+ * 72 62 52 42 32 22 12 02
+ * 73 63 53 43 33 23 13 03
+ * then
+ * c0 = right >> 4;
+ * d0 = ((left & 0x00ffffff) << 4) | (right & 0xf);
+*/
+
+#define FLIP_RIGHT_DIAGONAL(word, temp) \
+ temp = (word ^ (word >> 18)) & 0x00003333; \
+ word ^= temp | (temp << 18); \
+ temp = (word ^ (word >> 9)) & 0x00550055; \
+ word ^= temp | (temp << 9);
+
+#if defined(__GNUC__) && defined(NSS_X86_OR_X64)
+#define BYTESWAP(word, temp) \
+ __asm("bswap %0" \
+ : "+r"(word));
+#elif (_MSC_VER >= 1300) && defined(NSS_X86_OR_X64)
+#include <stdlib.h>
+#pragma intrinsic(_byteswap_ulong)
+#define BYTESWAP(word, temp) \
+ word = _byteswap_ulong(word);
+#elif defined(__GNUC__) && (defined(__thumb2__) || \
+ (!defined(__thumb__) && \
+ (defined(__ARM_ARCH_6__) || \
+ defined(__ARM_ARCH_6J__) || \
+ defined(__ARM_ARCH_6K__) || \
+ defined(__ARM_ARCH_6Z__) || \
+ defined(__ARM_ARCH_6ZK__) || \
+ defined(__ARM_ARCH_6T2__) || \
+ defined(__ARM_ARCH_7__) || \
+ defined(__ARM_ARCH_7A__) || \
+ defined(__ARM_ARCH_7R__))))
+#define BYTESWAP(word, temp) \
+ __asm("rev %0, %0" \
+ : "+r"(word));
+#else
+#define BYTESWAP(word, temp) \
+ word = (word >> 16) | (word << 16); \
+ temp = 0x00ff00ff; \
+ word = ((word & temp) << 8) | ((word >> 8) & temp);
+#endif
+
+#define PC1(left, right, c0, d0, temp) \
+ right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
+ left ^= temp << 4; \
+ FLIP_RIGHT_DIAGONAL(left, temp); \
+ FLIP_RIGHT_DIAGONAL(right, temp); \
+ BYTESWAP(right, temp); \
+ c0 = right >> 4; \
+ d0 = ((left & 0x00ffffff) << 4) | (right & 0xf);
+
+#define LEFT_SHIFT_1(reg) (((reg << 1) | (reg >> 27)) & 0x0FFFFFFF)
+#define LEFT_SHIFT_2(reg) (((reg << 2) | (reg >> 26)) & 0x0FFFFFFF)
+
+/*
+ * setup key schedules from key
+ */
+
+void
+DES_MakeSchedule(HALF *ks, const BYTE *key, DESDirection direction)
+{
+ register HALF left, right;
+ register HALF c0, d0;
+ register HALF temp;
+ int delta;
+ unsigned int ls;
+
+#if defined(HAVE_UNALIGNED_ACCESS)
+ left = HALFPTR(key)[0];
+ right = HALFPTR(key)[1];
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP(left, temp);
+ BYTESWAP(right, temp);
+#endif
+#else
+ if (((ptrdiff_t)key & 0x03) == 0) {
+ left = HALFPTR(key)[0];
+ right = HALFPTR(key)[1];
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP(left, temp);
+ BYTESWAP(right, temp);
+#endif
+ } else {
+ left = ((HALF)key[0] << 24) | ((HALF)key[1] << 16) |
+ ((HALF)key[2] << 8) | key[3];
+ right = ((HALF)key[4] << 24) | ((HALF)key[5] << 16) |
+ ((HALF)key[6] << 8) | key[7];
+ }
+#endif
+
+ PC1(left, right, c0, d0, temp);
+
+ if (direction == DES_ENCRYPT) {
+ delta = 2 * (int)sizeof(HALF);
+ } else {
+ ks += 30;
+ delta = (-2) * (int)sizeof(HALF);
+ }
+
+ for (ls = 0x8103; ls; ls >>= 1) {
+ if (ls & 1) {
+ c0 = LEFT_SHIFT_1(c0);
+ d0 = LEFT_SHIFT_1(d0);
+ } else {
+ c0 = LEFT_SHIFT_2(c0);
+ d0 = LEFT_SHIFT_2(d0);
+ }
+
+#ifdef USE_INDEXING
+#define PC2LOOKUP(b, c) PC2[b][c]
+
+ left = PC2LOOKUP(0, ((c0 >> 22) & 0x3F));
+ left |= PC2LOOKUP(1, ((c0 >> 13) & 0x3F));
+ left |= PC2LOOKUP(2, ((c0 >> 4) & 0x38) | (c0 & 0x7));
+ left |= PC2LOOKUP(3, ((c0 >> 18) & 0xC) | ((c0 >> 11) & 0x3) | (c0 & 0x30));
+
+ right = PC2LOOKUP(4, ((d0 >> 22) & 0x3F));
+ right |= PC2LOOKUP(5, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf));
+ right |= PC2LOOKUP(6, ((d0 >> 7) & 0x3F));
+ right |= PC2LOOKUP(7, ((d0 >> 1) & 0x3C) | (d0 & 0x3));
+#else
+#define PC2LOOKUP(b, c) *(HALF *)((BYTE *)&PC2[b][0] + (c))
+
+ left = PC2LOOKUP(0, ((c0 >> 20) & 0xFC));
+ left |= PC2LOOKUP(1, ((c0 >> 11) & 0xFC));
+ left |= PC2LOOKUP(2, ((c0 >> 2) & 0xE0) | ((c0 << 2) & 0x1C));
+ left |= PC2LOOKUP(3, ((c0 >> 16) & 0x30) | ((c0 >> 9) & 0xC) | ((c0 << 2) & 0xC0));
+
+ right = PC2LOOKUP(4, ((d0 >> 20) & 0xFC));
+ right |= PC2LOOKUP(5, ((d0 >> 13) & 0xC0) | ((d0 >> 12) & 0x3C));
+ right |= PC2LOOKUP(6, ((d0 >> 5) & 0xFC));
+ right |= PC2LOOKUP(7, ((d0 << 1) & 0xF0) | ((d0 << 2) & 0x0C));
+#endif
+ /* left contains key bits for S1 S3 S2 S4 */
+ /* right contains key bits for S6 S8 S5 S7 */
+ temp = (left << 16) /* S2 S4 XX XX */
+ | (right >> 16); /* XX XX S6 S8 */
+ ks[0] = temp;
+
+ temp = (left & 0xffff0000) /* S1 S3 XX XX */
+ | (right & 0x0000ffff); /* XX XX S5 S7 */
+ ks[1] = temp;
+
+ ks = (HALF *)((BYTE *)ks + delta);
+ }
+}
+
+/*
+ * The DES Initial Permutation
+ * if we number the bits of the 8 bytes of input like this (in octal):
+ * 00 01 02 03 04 05 06 07
+ * 10 11 12 13 14 15 16 17
+ * 20 21 22 23 24 25 26 27
+ * 30 31 32 33 34 35 36 37
+ * 40 41 42 43 44 45 46 47
+ * 50 51 52 53 54 55 56 57
+ * 60 61 62 63 64 65 66 67
+ * 70 71 72 73 74 75 76 77
+ * then after the initial permutation, they will be in this order.
+ * 71 61 51 41 31 21 11 01
+ * 73 63 53 43 33 23 13 03
+ * 75 65 55 45 35 25 15 05
+ * 77 67 57 47 37 27 17 07
+ * 70 60 50 40 30 20 10 00
+ * 72 62 52 42 32 22 12 02
+ * 74 64 54 44 34 24 14 04
+ * 76 66 56 46 36 26 16 06
+ *
+ * One way to do this is in two steps:
+ * 1. Flip this matrix about the diagonal from 70-07 as done for PC1.
+ * 2. Rearrange the bytes (rows in the matrix above) with the following code.
+ *
+ * #define swapHiLo(word, temp) \
+ * temp = (word ^ (word >> 24)) & 0x000000ff; \
+ * word ^= temp | (temp << 24);
+ *
+ * right ^= temp = ((left << 8) ^ right) & 0xff00ff00;
+ * left ^= temp >> 8;
+ * swapHiLo(left, temp);
+ * swapHiLo(right,temp);
+ *
+ * However, the two steps can be combined, so that the rows are rearranged
+ * while the matrix is being flipped, reducing the number of bit exchange
+ * operations from 8 ot 5.
+ *
+ * Initial Permutation */
+#define IP(left, right, temp) \
+ right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
+ left ^= temp << 4; \
+ right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \
+ left ^= temp << 16; \
+ right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \
+ left ^= temp >> 2; \
+ right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \
+ left ^= temp >> 8; \
+ right ^= temp = ((left >> 1) ^ right) & 0x55555555; \
+ left ^= temp << 1;
+
+/* The Final (Inverse Initial) permutation is done by reversing the
+** steps of the Initital Permutation
+*/
+
+#define FP(left, right, temp) \
+ right ^= temp = ((left >> 1) ^ right) & 0x55555555; \
+ left ^= temp << 1; \
+ right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \
+ left ^= temp >> 8; \
+ right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \
+ left ^= temp >> 2; \
+ right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \
+ left ^= temp << 16; \
+ right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
+ left ^= temp << 4;
+
+void NO_SANITIZE_ALIGNMENT
+DES_Do1Block(HALF *ks, const BYTE *inbuf, BYTE *outbuf)
+{
+ register HALF left, right;
+ register HALF temp;
+
+#if defined(HAVE_UNALIGNED_ACCESS)
+ left = HALFPTR(inbuf)[0];
+ right = HALFPTR(inbuf)[1];
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP(left, temp);
+ BYTESWAP(right, temp);
+#endif
+#else
+ if (((ptrdiff_t)inbuf & 0x03) == 0) {
+ left = HALFPTR(inbuf)[0];
+ right = HALFPTR(inbuf)[1];
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP(left, temp);
+ BYTESWAP(right, temp);
+#endif
+ } else {
+ left = ((HALF)inbuf[0] << 24) | ((HALF)inbuf[1] << 16) |
+ ((HALF)inbuf[2] << 8) | inbuf[3];
+ right = ((HALF)inbuf[4] << 24) | ((HALF)inbuf[5] << 16) |
+ ((HALF)inbuf[6] << 8) | inbuf[7];
+ }
+#endif
+
+ IP(left, right, temp);
+
+ /* shift the values left circularly 3 bits. */
+ left = (left << 3) | (left >> 29);
+ right = (right << 3) | (right >> 29);
+
+#ifdef USE_INDEXING
+#define KSLOOKUP(s, b) SP[s][((temp >> (b + 2)) & 0x3f)]
+#else
+#define KSLOOKUP(s, b) *(HALF *)((BYTE *)&SP[s][0] + ((temp >> b) & 0xFC))
+#endif
+#define ROUND(out, in, r) \
+ temp = in ^ ks[2 * r]; \
+ out ^= KSLOOKUP(1, 24); \
+ out ^= KSLOOKUP(3, 16); \
+ out ^= KSLOOKUP(5, 8); \
+ out ^= KSLOOKUP(7, 0); \
+ temp = ((in >> 4) | (in << 28)) ^ ks[2 * r + 1]; \
+ out ^= KSLOOKUP(0, 24); \
+ out ^= KSLOOKUP(2, 16); \
+ out ^= KSLOOKUP(4, 8); \
+ out ^= KSLOOKUP(6, 0);
+
+ /* Do the 16 Feistel rounds */
+ ROUND(left, right, 0)
+ ROUND(right, left, 1)
+ ROUND(left, right, 2)
+ ROUND(right, left, 3)
+ ROUND(left, right, 4)
+ ROUND(right, left, 5)
+ ROUND(left, right, 6)
+ ROUND(right, left, 7)
+ ROUND(left, right, 8)
+ ROUND(right, left, 9)
+ ROUND(left, right, 10)
+ ROUND(right, left, 11)
+ ROUND(left, right, 12)
+ ROUND(right, left, 13)
+ ROUND(left, right, 14)
+ ROUND(right, left, 15)
+
+ /* now shift circularly right 3 bits to undo the shifting done
+ ** above. switch left and right here.
+ */
+ temp = (left >> 3) | (left << 29);
+ left = (right >> 3) | (right << 29);
+ right = temp;
+
+ FP(left, right, temp);
+
+#if defined(HAVE_UNALIGNED_ACCESS)
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP(left, temp);
+ BYTESWAP(right, temp);
+#endif
+ HALFPTR(outbuf)
+ [0] = left;
+ HALFPTR(outbuf)
+ [1] = right;
+#else
+ if (((ptrdiff_t)outbuf & 0x03) == 0) {
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP(left, temp);
+ BYTESWAP(right, temp);
+#endif
+ HALFPTR(outbuf)
+ [0] = left;
+ HALFPTR(outbuf)
+ [1] = right;
+ } else {
+ outbuf[0] = (BYTE)(left >> 24);
+ outbuf[1] = (BYTE)(left >> 16);
+ outbuf[2] = (BYTE)(left >> 8);
+ outbuf[3] = (BYTE)(left);
+
+ outbuf[4] = (BYTE)(right >> 24);
+ outbuf[5] = (BYTE)(right >> 16);
+ outbuf[6] = (BYTE)(right >> 8);
+ outbuf[7] = (BYTE)(right);
+ }
+#endif
+}
+
+/* Ackowledgements:
+** Two ideas used in this implementation were shown to me by Dennis Ferguson
+** in 1990. He credits them to Richard Outerbridge and Dan Hoey. They were:
+** 1. The method of computing the Initial and Final permutations.
+** 2. Circularly rotating the SP tables and the initial values of left and
+** right to reduce the number of shifts required during the 16 rounds.
+*/
diff --git a/security/nss/lib/freebl/des.h b/security/nss/lib/freebl/des.h
new file mode 100644
index 000000000..70a17e510
--- /dev/null
+++ b/security/nss/lib/freebl/des.h
@@ -0,0 +1,43 @@
+/*
+ * des.h
+ *
+ * header file for DES-150 library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _DES_H_
+#define _DES_H_ 1
+
+#include "blapi.h"
+
+typedef unsigned char BYTE;
+typedef unsigned int HALF;
+
+#define HALFPTR(x) ((HALF *)(x))
+#define SHORTPTR(x) ((unsigned short *)(x))
+#define BYTEPTR(x) ((BYTE *)(x))
+
+typedef enum {
+ DES_ENCRYPT = 0x5555,
+ DES_DECRYPT = 0xAAAA
+} DESDirection;
+
+typedef void DESFunc(struct DESContextStr *cx, BYTE *out, const BYTE *in,
+ unsigned int len);
+
+struct DESContextStr {
+ /* key schedule, 16 internal keys, each with 8 6-bit parts */
+ HALF ks0[32];
+ HALF ks1[32];
+ HALF ks2[32];
+ HALF iv[2];
+ DESDirection direction;
+ DESFunc *worker;
+};
+
+void DES_MakeSchedule(HALF *ks, const BYTE *key, DESDirection direction);
+void DES_Do1Block(HALF *ks, const BYTE *inbuf, BYTE *outbuf);
+
+#endif
diff --git a/security/nss/lib/freebl/desblapi.c b/security/nss/lib/freebl/desblapi.c
new file mode 100644
index 000000000..c03ab27cc
--- /dev/null
+++ b/security/nss/lib/freebl/desblapi.c
@@ -0,0 +1,256 @@
+/*
+ * desblapi.c
+ *
+ * core source file for DES-150 library
+ * Implement DES Modes of Operation and Triple-DES.
+ * Adapt DES-150 to blapi API.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "des.h"
+#include "blapii.h"
+#include <stddef.h>
+#include "secerr.h"
+
+#if defined(NSS_X86_OR_X64)
+/* Intel X86 CPUs do unaligned loads and stores without complaint. */
+#define COPY8B(to, from, ptr) \
+ HALFPTR(to) \
+ [0] = HALFPTR(from)[0]; \
+ HALFPTR(to) \
+ [1] = HALFPTR(from)[1];
+#else
+#define COPY8B(to, from, ptr) memcpy(to, from, 8)
+#endif
+#define COPY8BTOHALF(to, from) COPY8B(to, from, from)
+#define COPY8BFROMHALF(to, from) COPY8B(to, from, to)
+
+static void
+DES_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
+{
+ while (len) {
+ DES_Do1Block(cx->ks0, in, out);
+ len -= 8;
+ in += 8;
+ out += 8;
+ }
+}
+
+static void
+DES_EDE3_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
+{
+ while (len) {
+ DES_Do1Block(cx->ks0, in, out);
+ len -= 8;
+ in += 8;
+ DES_Do1Block(cx->ks1, out, out);
+ DES_Do1Block(cx->ks2, out, out);
+ out += 8;
+ }
+}
+
+static void NO_SANITIZE_ALIGNMENT
+DES_CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
+{
+ const BYTE *bufend = in + len;
+ HALF vec[2];
+
+ while (in != bufend) {
+ COPY8BTOHALF(vec, in);
+ in += 8;
+ vec[0] ^= cx->iv[0];
+ vec[1] ^= cx->iv[1];
+ DES_Do1Block(cx->ks0, (BYTE *)vec, (BYTE *)cx->iv);
+ COPY8BFROMHALF(out, cx->iv);
+ out += 8;
+ }
+}
+
+static void NO_SANITIZE_ALIGNMENT
+DES_CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
+{
+ const BYTE *bufend;
+ HALF oldciphertext[2];
+ HALF plaintext[2];
+
+ for (bufend = in + len; in != bufend;) {
+ oldciphertext[0] = cx->iv[0];
+ oldciphertext[1] = cx->iv[1];
+ COPY8BTOHALF(cx->iv, in);
+ in += 8;
+ DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext);
+ plaintext[0] ^= oldciphertext[0];
+ plaintext[1] ^= oldciphertext[1];
+ COPY8BFROMHALF(out, plaintext);
+ out += 8;
+ }
+}
+
+static void NO_SANITIZE_ALIGNMENT
+DES_EDE3CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
+{
+ const BYTE *bufend = in + len;
+ HALF vec[2];
+
+ while (in != bufend) {
+ COPY8BTOHALF(vec, in);
+ in += 8;
+ vec[0] ^= cx->iv[0];
+ vec[1] ^= cx->iv[1];
+ DES_Do1Block(cx->ks0, (BYTE *)vec, (BYTE *)cx->iv);
+ DES_Do1Block(cx->ks1, (BYTE *)cx->iv, (BYTE *)cx->iv);
+ DES_Do1Block(cx->ks2, (BYTE *)cx->iv, (BYTE *)cx->iv);
+ COPY8BFROMHALF(out, cx->iv);
+ out += 8;
+ }
+}
+
+static void NO_SANITIZE_ALIGNMENT
+DES_EDE3CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
+{
+ const BYTE *bufend;
+ HALF oldciphertext[2];
+ HALF plaintext[2];
+
+ for (bufend = in + len; in != bufend;) {
+ oldciphertext[0] = cx->iv[0];
+ oldciphertext[1] = cx->iv[1];
+ COPY8BTOHALF(cx->iv, in);
+ in += 8;
+ DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext);
+ DES_Do1Block(cx->ks1, (BYTE *)plaintext, (BYTE *)plaintext);
+ DES_Do1Block(cx->ks2, (BYTE *)plaintext, (BYTE *)plaintext);
+ plaintext[0] ^= oldciphertext[0];
+ plaintext[1] ^= oldciphertext[1];
+ COPY8BFROMHALF(out, plaintext);
+ out += 8;
+ }
+}
+
+DESContext *
+DES_AllocateContext(void)
+{
+ return PORT_ZNew(DESContext);
+}
+
+SECStatus
+DES_InitContext(DESContext *cx, const unsigned char *key, unsigned int keylen,
+ const unsigned char *iv, int mode, unsigned int encrypt,
+ unsigned int unused)
+{
+ DESDirection opposite;
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ cx->direction = encrypt ? DES_ENCRYPT : DES_DECRYPT;
+ opposite = encrypt ? DES_DECRYPT : DES_ENCRYPT;
+ switch (mode) {
+ case NSS_DES: /* DES ECB */
+ DES_MakeSchedule(cx->ks0, key, cx->direction);
+ cx->worker = &DES_ECB;
+ break;
+
+ case NSS_DES_EDE3: /* DES EDE ECB */
+ cx->worker = &DES_EDE3_ECB;
+ if (encrypt) {
+ DES_MakeSchedule(cx->ks0, key, cx->direction);
+ DES_MakeSchedule(cx->ks1, key + 8, opposite);
+ DES_MakeSchedule(cx->ks2, key + 16, cx->direction);
+ } else {
+ DES_MakeSchedule(cx->ks2, key, cx->direction);
+ DES_MakeSchedule(cx->ks1, key + 8, opposite);
+ DES_MakeSchedule(cx->ks0, key + 16, cx->direction);
+ }
+ break;
+
+ case NSS_DES_CBC: /* DES CBC */
+ COPY8BTOHALF(cx->iv, iv);
+ cx->worker = encrypt ? &DES_CBCEn : &DES_CBCDe;
+ DES_MakeSchedule(cx->ks0, key, cx->direction);
+ break;
+
+ case NSS_DES_EDE3_CBC: /* DES EDE CBC */
+ COPY8BTOHALF(cx->iv, iv);
+ if (encrypt) {
+ cx->worker = &DES_EDE3CBCEn;
+ DES_MakeSchedule(cx->ks0, key, cx->direction);
+ DES_MakeSchedule(cx->ks1, key + 8, opposite);
+ DES_MakeSchedule(cx->ks2, key + 16, cx->direction);
+ } else {
+ cx->worker = &DES_EDE3CBCDe;
+ DES_MakeSchedule(cx->ks2, key, cx->direction);
+ DES_MakeSchedule(cx->ks1, key + 8, opposite);
+ DES_MakeSchedule(cx->ks0, key + 16, cx->direction);
+ }
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+DESContext *
+DES_CreateContext(const BYTE *key, const BYTE *iv, int mode, PRBool encrypt)
+{
+ DESContext *cx = PORT_ZNew(DESContext);
+ SECStatus rv = DES_InitContext(cx, key, 0, iv, mode, encrypt, 0);
+
+ if (rv != SECSuccess) {
+ PORT_ZFree(cx, sizeof *cx);
+ cx = NULL;
+ }
+ return cx;
+}
+
+void
+DES_DestroyContext(DESContext *cx, PRBool freeit)
+{
+ if (cx) {
+ memset(cx, 0, sizeof *cx);
+ if (freeit)
+ PORT_Free(cx);
+ }
+}
+
+SECStatus
+DES_Encrypt(DESContext *cx, BYTE *out, unsigned int *outLen,
+ unsigned int maxOutLen, const BYTE *in, unsigned int inLen)
+{
+
+ if ((inLen % 8) != 0 || maxOutLen < inLen || !cx ||
+ cx->direction != DES_ENCRYPT) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ cx->worker(cx, out, in, inLen);
+ if (outLen)
+ *outLen = inLen;
+ return SECSuccess;
+}
+
+SECStatus
+DES_Decrypt(DESContext *cx, BYTE *out, unsigned int *outLen,
+ unsigned int maxOutLen, const BYTE *in, unsigned int inLen)
+{
+
+ if ((inLen % 8) != 0 || maxOutLen < inLen || !cx ||
+ cx->direction != DES_DECRYPT) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ cx->worker(cx, out, in, inLen);
+ if (outLen)
+ *outLen = inLen;
+ return SECSuccess;
+}
diff --git a/security/nss/lib/freebl/det_rng.c b/security/nss/lib/freebl/det_rng.c
new file mode 100644
index 000000000..fcbf9b34a
--- /dev/null
+++ b/security/nss/lib/freebl/det_rng.c
@@ -0,0 +1,67 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "blapi.h"
+#include "blapit.h"
+#include "chacha20.h"
+#include "nssilock.h"
+#include "seccomon.h"
+#include "secerr.h"
+
+static unsigned long globalNumCalls = 0;
+
+SECStatus
+prng_ResetForFuzzing(PZLock *rng_lock)
+{
+ /* Check for a valid RNG lock. */
+ PORT_Assert(rng_lock != NULL);
+ if (rng_lock == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* --- LOCKED --- */
+ PZ_Lock(rng_lock);
+ globalNumCalls = 0;
+ PZ_Unlock(rng_lock);
+ /* --- UNLOCKED --- */
+
+ return SECSuccess;
+}
+
+SECStatus
+prng_GenerateDeterministicRandomBytes(PZLock *rng_lock, void *dest, size_t len)
+{
+ static const uint8_t key[32];
+ uint8_t nonce[12] = { 0 };
+
+ /* Check for a valid RNG lock. */
+ PORT_Assert(rng_lock != NULL);
+ if (rng_lock == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* --- LOCKED --- */
+ PZ_Lock(rng_lock);
+
+ memcpy(nonce, &globalNumCalls, sizeof(globalNumCalls));
+ globalNumCalls++;
+
+ ChaCha20Poly1305Context *cx =
+ ChaCha20Poly1305_CreateContext(key, sizeof(key), 16);
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PZ_Unlock(rng_lock);
+ return SECFailure;
+ }
+
+ memset(dest, 0, len);
+ ChaCha20XOR(dest, dest, len, key, nonce, 0);
+ ChaCha20Poly1305_DestroyContext(cx, PR_TRUE);
+
+ PZ_Unlock(rng_lock);
+ /* --- UNLOCKED --- */
+ return SECSuccess;
+}
diff --git a/security/nss/lib/freebl/det_rng.h b/security/nss/lib/freebl/det_rng.h
new file mode 100644
index 000000000..599d726ca
--- /dev/null
+++ b/security/nss/lib/freebl/det_rng.h
@@ -0,0 +1,12 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __det_rng_h_
+#define __det_rng_h_
+
+SECStatus prng_ResetForFuzzing(PZLock *rng_lock);
+SECStatus prng_GenerateDeterministicRandomBytes(PZLock *rng_lock, void *dest,
+ size_t len);
+
+#endif /* __det_rng_h_ */
diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c
new file mode 100644
index 000000000..97025c7e2
--- /dev/null
+++ b/security/nss/lib/freebl/dh.c
@@ -0,0 +1,452 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Diffie-Hellman parameter generation, key generation, and secret derivation.
+ * KEA secret generation and verification.
+ */
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerr.h"
+#include "secerr.h"
+
+#include "blapi.h"
+#include "secitem.h"
+#include "mpi.h"
+#include "mpprime.h"
+#include "secmpi.h"
+
+#define KEA_DERIVED_SECRET_LEN 128
+
+/* Lengths are in bytes. */
+static unsigned int
+dh_GetSecretKeyLen(unsigned int primeLen)
+{
+ /* Based on Table 2 in NIST SP 800-57. */
+ if (primeLen >= 1920) { /* 15360 bits */
+ return 64; /* 512 bits */
+ }
+ if (primeLen >= 960) { /* 7680 bits */
+ return 48; /* 384 bits */
+ }
+ if (primeLen >= 384) { /* 3072 bits */
+ return 32; /* 256 bits */
+ }
+ if (primeLen >= 256) { /* 2048 bits */
+ return 28; /* 224 bits */
+ }
+ return 20; /* 160 bits */
+}
+
+SECStatus
+DH_GenParam(int primeLen, DHParams **params)
+{
+ PLArenaPool *arena;
+ DHParams *dhparams;
+ unsigned char *pb = NULL;
+ unsigned char *ab = NULL;
+ unsigned long counter = 0;
+ mp_int p, q, a, h, psub1, test;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ if (!params || primeLen < 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ dhparams = (DHParams *)PORT_ArenaZAlloc(arena, sizeof(DHParams));
+ if (!dhparams) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+ dhparams->arena = arena;
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&a) = 0;
+ MP_DIGITS(&h) = 0;
+ MP_DIGITS(&psub1) = 0;
+ MP_DIGITS(&test) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&a));
+ CHECK_MPI_OK(mp_init(&h));
+ CHECK_MPI_OK(mp_init(&psub1));
+ CHECK_MPI_OK(mp_init(&test));
+ /* generate prime with MPI, uses Miller-Rabin to generate strong prime. */
+ pb = PORT_Alloc(primeLen);
+ CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(pb, primeLen));
+ pb[0] |= 0x80; /* set high-order bit */
+ pb[primeLen - 1] |= 0x01; /* set low-order bit */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&p, pb, primeLen));
+ CHECK_MPI_OK(mpp_make_prime(&p, primeLen * 8, PR_TRUE, &counter));
+ /* construct Sophie-Germain prime q = (p-1)/2. */
+ CHECK_MPI_OK(mp_sub_d(&p, 1, &psub1));
+ CHECK_MPI_OK(mp_div_2(&psub1, &q));
+ /* construct a generator from the prime. */
+ ab = PORT_Alloc(primeLen);
+ /* generate a candidate number a in p's field */
+ CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(ab, primeLen));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&a, ab, primeLen));
+ /* force a < p (note that quot(a/p) <= 1) */
+ if (mp_cmp(&a, &p) > 0)
+ CHECK_MPI_OK(mp_sub(&a, &p, &a));
+ do {
+ /* check that a is in the range [2..p-1] */
+ if (mp_cmp_d(&a, 2) < 0 || mp_cmp(&a, &psub1) >= 0) {
+ /* a is outside of the allowed range. Set a=3 and keep going. */
+ mp_set(&a, 3);
+ }
+ /* if a**q mod p != 1 then a is a generator */
+ CHECK_MPI_OK(mp_exptmod(&a, &q, &p, &test));
+ if (mp_cmp_d(&test, 1) != 0)
+ break;
+ /* increment the candidate and try again. */
+ CHECK_MPI_OK(mp_add_d(&a, 1, &a));
+ } while (PR_TRUE);
+ MPINT_TO_SECITEM(&p, &dhparams->prime, arena);
+ MPINT_TO_SECITEM(&a, &dhparams->base, arena);
+ *params = dhparams;
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&a);
+ mp_clear(&h);
+ mp_clear(&psub1);
+ mp_clear(&test);
+ if (pb)
+ PORT_ZFree(pb, primeLen);
+ if (ab)
+ PORT_ZFree(ab, primeLen);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv)
+ PORT_FreeArena(arena, PR_TRUE);
+ return rv;
+}
+
+SECStatus
+DH_NewKey(DHParams *params, DHPrivateKey **privKey)
+{
+ PLArenaPool *arena;
+ DHPrivateKey *key;
+ mp_int g, xa, p, Ya;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ if (!params || !privKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ key = (DHPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DHPrivateKey));
+ if (!key) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+ key->arena = arena;
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&xa) = 0;
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&Ya) = 0;
+ CHECK_MPI_OK(mp_init(&g));
+ CHECK_MPI_OK(mp_init(&xa));
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&Ya));
+ /* Set private key's p */
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->prime, &params->prime));
+ SECITEM_TO_MPINT(key->prime, &p);
+ /* Set private key's g */
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->base, &params->base));
+ SECITEM_TO_MPINT(key->base, &g);
+ /* Generate private key xa */
+ SECITEM_AllocItem(arena, &key->privateValue,
+ dh_GetSecretKeyLen(params->prime.len));
+ CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(key->privateValue.data,
+ key->privateValue.len));
+ SECITEM_TO_MPINT(key->privateValue, &xa);
+ /* xa < p */
+ CHECK_MPI_OK(mp_mod(&xa, &p, &xa));
+ /* Compute public key Ya = g ** xa mod p */
+ CHECK_MPI_OK(mp_exptmod(&g, &xa, &p, &Ya));
+ MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena);
+ *privKey = key;
+cleanup:
+ mp_clear(&g);
+ mp_clear(&xa);
+ mp_clear(&p);
+ mp_clear(&Ya);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv) {
+ *privKey = NULL;
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ return rv;
+}
+
+SECStatus
+DH_Derive(SECItem *publicValue,
+ SECItem *prime,
+ SECItem *privateValue,
+ SECItem *derivedSecret,
+ unsigned int outBytes)
+{
+ mp_int p, Xa, Yb, ZZ, psub1;
+ mp_err err = MP_OKAY;
+ unsigned int len = 0;
+ unsigned int nb;
+ unsigned char *secret = NULL;
+ if (!publicValue || !prime || !privateValue || !derivedSecret) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ memset(derivedSecret, 0, sizeof *derivedSecret);
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&Xa) = 0;
+ MP_DIGITS(&Yb) = 0;
+ MP_DIGITS(&ZZ) = 0;
+ MP_DIGITS(&psub1) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&Xa));
+ CHECK_MPI_OK(mp_init(&Yb));
+ CHECK_MPI_OK(mp_init(&ZZ));
+ CHECK_MPI_OK(mp_init(&psub1));
+ SECITEM_TO_MPINT(*publicValue, &Yb);
+ SECITEM_TO_MPINT(*privateValue, &Xa);
+ SECITEM_TO_MPINT(*prime, &p);
+ CHECK_MPI_OK(mp_sub_d(&p, 1, &psub1));
+
+ /* We assume that the modulus, p, is a safe prime. That is, p = 2q+1 where
+ * q is also a prime. Thus the orders of the subgroups are factors of 2q:
+ * namely 1, 2, q and 2q.
+ *
+ * We check that the peer's public value isn't zero (which isn't in the
+ * group), one (subgroup of order one) or p-1 (subgroup of order 2). We
+ * also check that the public value is less than p, to avoid being fooled
+ * by values like p+1 or 2*p-1.
+ *
+ * Thus we must be operating in the subgroup of size q or 2q. */
+ if (mp_cmp_d(&Yb, 1) <= 0 ||
+ mp_cmp(&Yb, &psub1) >= 0) {
+ err = MP_BADARG;
+ goto cleanup;
+ }
+
+ /* ZZ = (Yb)**Xa mod p */
+ CHECK_MPI_OK(mp_exptmod(&Yb, &Xa, &p, &ZZ));
+ /* number of bytes in the derived secret */
+ len = mp_unsigned_octet_size(&ZZ);
+ if (len <= 0) {
+ err = MP_BADARG;
+ goto cleanup;
+ }
+
+ /*
+ * We check to make sure that ZZ is not equal to 1 or -1 mod p.
+ * This helps guard against small subgroup attacks, since an attacker
+ * using a subgroup of size N will produce 1 or -1 with probability 1/N.
+ * When the protocol is executed within a properly large subgroup, the
+ * probability of this result will be negligibly small. For example,
+ * with a strong prime of the form 2p+1, the probability will be 1/p.
+ *
+ * We return MP_BADARG because this is probably the result of a bad
+ * public value or a bad prime having been provided.
+ */
+ if (mp_cmp_d(&ZZ, 1) == 0 ||
+ mp_cmp(&ZZ, &psub1) == 0) {
+ err = MP_BADARG;
+ goto cleanup;
+ }
+
+ /* allocate a buffer which can hold the entire derived secret. */
+ secret = PORT_Alloc(len);
+ if (secret == NULL) {
+ err = MP_MEM;
+ goto cleanup;
+ }
+ /* grab the derived secret */
+ err = mp_to_unsigned_octets(&ZZ, secret, len);
+ if (err >= 0)
+ err = MP_OKAY;
+ /*
+ ** if outBytes is 0 take all of the bytes from the derived secret.
+ ** if outBytes is not 0 take exactly outBytes from the derived secret, zero
+ ** pad at the beginning if necessary, and truncate beginning bytes
+ ** if necessary.
+ */
+ if (outBytes > 0)
+ nb = outBytes;
+ else
+ nb = len;
+ if (SECITEM_AllocItem(NULL, derivedSecret, nb) == NULL) {
+ err = MP_MEM;
+ goto cleanup;
+ }
+ if (len < nb) {
+ unsigned int offset = nb - len;
+ memset(derivedSecret->data, 0, offset);
+ memcpy(derivedSecret->data + offset, secret, len);
+ } else {
+ memcpy(derivedSecret->data, secret + len - nb, nb);
+ }
+cleanup:
+ mp_clear(&p);
+ mp_clear(&Xa);
+ mp_clear(&Yb);
+ mp_clear(&ZZ);
+ mp_clear(&psub1);
+ if (secret) {
+ /* free the buffer allocated for the full secret. */
+ PORT_ZFree(secret, len);
+ }
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ if (derivedSecret->data)
+ PORT_ZFree(derivedSecret->data, derivedSecret->len);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+KEA_Derive(SECItem *prime,
+ SECItem *public1,
+ SECItem *public2,
+ SECItem *private1,
+ SECItem *private2,
+ SECItem *derivedSecret)
+{
+ mp_int p, Y, R, r, x, t, u, w;
+ mp_err err;
+ unsigned char *secret = NULL;
+ unsigned int len = 0, offset;
+ if (!prime || !public1 || !public2 || !private1 || !private2 ||
+ !derivedSecret) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ memset(derivedSecret, 0, sizeof *derivedSecret);
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&Y) = 0;
+ MP_DIGITS(&R) = 0;
+ MP_DIGITS(&r) = 0;
+ MP_DIGITS(&x) = 0;
+ MP_DIGITS(&t) = 0;
+ MP_DIGITS(&u) = 0;
+ MP_DIGITS(&w) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&Y));
+ CHECK_MPI_OK(mp_init(&R));
+ CHECK_MPI_OK(mp_init(&r));
+ CHECK_MPI_OK(mp_init(&x));
+ CHECK_MPI_OK(mp_init(&t));
+ CHECK_MPI_OK(mp_init(&u));
+ CHECK_MPI_OK(mp_init(&w));
+ SECITEM_TO_MPINT(*prime, &p);
+ SECITEM_TO_MPINT(*public1, &Y);
+ SECITEM_TO_MPINT(*public2, &R);
+ SECITEM_TO_MPINT(*private1, &r);
+ SECITEM_TO_MPINT(*private2, &x);
+ /* t = DH(Y, r, p) = Y ** r mod p */
+ CHECK_MPI_OK(mp_exptmod(&Y, &r, &p, &t));
+ /* u = DH(R, x, p) = R ** x mod p */
+ CHECK_MPI_OK(mp_exptmod(&R, &x, &p, &u));
+ /* w = (t + u) mod p */
+ CHECK_MPI_OK(mp_addmod(&t, &u, &p, &w));
+ /* allocate a buffer for the full derived secret */
+ len = mp_unsigned_octet_size(&w);
+ secret = PORT_Alloc(len);
+ if (secret == NULL) {
+ err = MP_MEM;
+ goto cleanup;
+ }
+ /* grab the secret */
+ err = mp_to_unsigned_octets(&w, secret, len);
+ if (err > 0)
+ err = MP_OKAY;
+ /* allocate output buffer */
+ if (SECITEM_AllocItem(NULL, derivedSecret, KEA_DERIVED_SECRET_LEN) == NULL) {
+ err = MP_MEM;
+ goto cleanup;
+ }
+ memset(derivedSecret->data, 0, derivedSecret->len);
+ /* copy in the 128 lsb of the secret */
+ if (len >= KEA_DERIVED_SECRET_LEN) {
+ memcpy(derivedSecret->data, secret + (len - KEA_DERIVED_SECRET_LEN),
+ KEA_DERIVED_SECRET_LEN);
+ } else {
+ offset = KEA_DERIVED_SECRET_LEN - len;
+ memcpy(derivedSecret->data + offset, secret, len);
+ }
+cleanup:
+ mp_clear(&p);
+ mp_clear(&Y);
+ mp_clear(&R);
+ mp_clear(&r);
+ mp_clear(&x);
+ mp_clear(&t);
+ mp_clear(&u);
+ mp_clear(&w);
+ if (secret)
+ PORT_ZFree(secret, len);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ if (derivedSecret->data)
+ PORT_ZFree(derivedSecret->data, derivedSecret->len);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+PRBool
+KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
+{
+ mp_int p, q, y, r;
+ mp_err err;
+ int cmp = 1; /* default is false */
+ if (!Y || !prime || !subPrime) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&y) = 0;
+ MP_DIGITS(&r) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&y));
+ CHECK_MPI_OK(mp_init(&r));
+ SECITEM_TO_MPINT(*prime, &p);
+ SECITEM_TO_MPINT(*subPrime, &q);
+ SECITEM_TO_MPINT(*Y, &y);
+ /* compute r = y**q mod p */
+ CHECK_MPI_OK(mp_exptmod(&y, &q, &p, &r));
+ /* compare to 1 */
+ cmp = mp_cmp_d(&r, 1);
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&y);
+ mp_clear(&r);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ return PR_FALSE;
+ }
+ return (cmp == 0) ? PR_TRUE : PR_FALSE;
+}
diff --git a/security/nss/lib/freebl/drbg.c b/security/nss/lib/freebl/drbg.c
new file mode 100644
index 000000000..ac0bba6e0
--- /dev/null
+++ b/security/nss/lib/freebl/drbg.c
@@ -0,0 +1,968 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerror.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "prinit.h"
+#include "blapi.h"
+#include "blapii.h"
+#include "nssilock.h"
+#include "secitem.h"
+#include "sha_fast.h"
+#include "sha256.h"
+#include "secrng.h" /* for RNG_SystemRNG() */
+#include "secmpi.h"
+
+#ifdef UNSAFE_FUZZER_MODE
+#include "det_rng.h"
+#endif
+
+/* PRNG_SEEDLEN defined in NIST SP 800-90 section 10.1
+ * for SHA-1, SHA-224, and SHA-256 it's 440 bits.
+ * for SHA-384 and SHA-512 it's 888 bits */
+#define PRNG_SEEDLEN (440 / PR_BITS_PER_BYTE)
+#define PRNG_MAX_ADDITIONAL_BYTES PR_INT64(0x100000000)
+/* 2^35 bits or 2^32 bytes */
+#define PRNG_MAX_REQUEST_SIZE 0x10000 /* 2^19 bits or 2^16 bytes */
+#define PRNG_ADDITONAL_DATA_CACHE_SIZE (8 * 1024) /* must be less than \
+ * PRNG_MAX_ADDITIONAL_BYTES \
+ */
+
+/* RESEED_COUNT is how many calls to the prng before we need to reseed
+ * under normal NIST rules, you must return an error. In the NSS case, we
+ * self-reseed with RNG_SystemRNG(). Count can be a large number. For code
+ * simplicity, we specify count with 2 components: RESEED_BYTE (which is
+ * the same as LOG256(RESEED_COUNT)) and RESEED_VALUE (which is the same as
+ * RESEED_COUNT / (256 ^ RESEED_BYTE)). Another way to look at this is
+ * RESEED_COUNT = RESEED_VALUE * (256 ^ RESEED_BYTE). For Hash based DRBG
+ * we use the maximum count value, 2^48, or RESEED_BYTE=6 and RESEED_VALUE=1
+ */
+#define RESEED_BYTE 6
+#define RESEED_VALUE 1
+
+#define PRNG_RESET_RESEED_COUNT(rng) \
+ PORT_Memset((rng)->reseed_counter, 0, sizeof(rng)->reseed_counter); \
+ (rng)->reseed_counter[RESEED_BYTE] = 1;
+
+/*
+ * The actual values of this enum are specified in SP 800-90, 10.1.1.*
+ * The spec does not name the types, it only uses bare values
+ */
+typedef enum {
+ prngCGenerateType = 0, /* used when creating a new 'C' */
+ prngReseedType = 1, /* used in reseeding */
+ prngAdditionalDataType = 2, /* used in mixing additional data */
+ prngGenerateByteType = 3 /* used when mixing internal state while
+ * generating bytes */
+} prngVTypes;
+
+/*
+ * Global RNG context
+ */
+struct RNGContextStr {
+ PZLock *lock; /* Lock to serialize access to global rng */
+ /*
+ * NOTE, a number of steps in the drbg algorithm need to hash
+ * V_type || V. The code, therefore, depends on the V array following
+ * immediately after V_type to avoid extra copies. To accomplish this
+ * in a way that compiliers can't perturb, we declare V_type and V
+ * as a V_Data array and reference them by macros */
+ PRUint8 V_Data[PRNG_SEEDLEN + 1]; /* internal state variables */
+#define V_type V_Data[0]
+#define V(rng) (((rng)->V_Data) + 1)
+#define VSize(rng) ((sizeof(rng)->V_Data) - 1)
+ PRUint8 C[PRNG_SEEDLEN]; /* internal state variables */
+ PRUint8 lastOutput[SHA256_LENGTH]; /* for continuous rng checking */
+ /* If we get calls for the PRNG to return less than the length of our
+ * hash, we extend the request for a full hash (since we'll be doing
+ * the full hash anyway). Future requests for random numbers are fulfilled
+ * from the remainder of the bytes we generated. Requests for bytes longer
+ * than the hash size are fulfilled directly from the HashGen function
+ * of the random number generator. */
+ PRUint8 reseed_counter[RESEED_BYTE + 1]; /* number of requests since the
+ * last reseed. Need only be
+ * big enough to hold the whole
+ * reseed count */
+ PRUint8 data[SHA256_LENGTH]; /* when we request less than a block
+ * save the rest of the rng output for
+ * another partial block */
+ PRUint8 dataAvail; /* # bytes of output available in our cache,
+ * [0...SHA256_LENGTH] */
+ /* store additional data that has been shovelled off to us by
+ * RNG_RandomUpdate. */
+ PRUint8 additionalDataCache[PRNG_ADDITONAL_DATA_CACHE_SIZE];
+ PRUint32 additionalAvail;
+ PRBool isValid; /* false if RNG reaches an invalid state */
+ PRBool isKatTest; /* true if running NIST PRNG KAT tests */
+};
+
+typedef struct RNGContextStr RNGContext;
+static RNGContext *globalrng = NULL;
+static RNGContext theGlobalRng;
+
+/*
+ * The next several functions are derived from the NIST SP 800-90
+ * spec. In these functions, an attempt was made to use names consistent
+ * with the names in the spec, even if they differ from normal NSS usage.
+ */
+
+/*
+ * Hash Derive function defined in NISP SP 800-90 Section 10.4.1.
+ * This function is used in the Instantiate and Reseed functions.
+ *
+ * NOTE: requested_bytes cannot overlap with input_string_1 or input_string_2.
+ * input_string_1 and input_string_2 are logically concatentated.
+ * input_string_1 must be supplied.
+ * if input_string_2 is not supplied, NULL should be passed for this parameter.
+ */
+static SECStatus
+prng_Hash_df(PRUint8 *requested_bytes, unsigned int no_of_bytes_to_return,
+ const PRUint8 *input_string_1, unsigned int input_string_1_len,
+ const PRUint8 *input_string_2, unsigned int input_string_2_len)
+{
+ SHA256Context ctx;
+ PRUint32 tmp;
+ PRUint8 counter;
+
+ tmp = SHA_HTONL(no_of_bytes_to_return * 8);
+
+ for (counter = 1; no_of_bytes_to_return > 0; counter++) {
+ unsigned int hash_return_len;
+ SHA256_Begin(&ctx);
+ SHA256_Update(&ctx, &counter, 1);
+ SHA256_Update(&ctx, (unsigned char *)&tmp, sizeof tmp);
+ SHA256_Update(&ctx, input_string_1, input_string_1_len);
+ if (input_string_2) {
+ SHA256_Update(&ctx, input_string_2, input_string_2_len);
+ }
+ SHA256_End(&ctx, requested_bytes, &hash_return_len,
+ no_of_bytes_to_return);
+ requested_bytes += hash_return_len;
+ no_of_bytes_to_return -= hash_return_len;
+ }
+ return SECSuccess;
+}
+
+/*
+ * Hash_DRBG Instantiate NIST SP 800-90 10.1.1.2
+ *
+ * NOTE: bytes & len are entropy || nonce || personalization_string. In
+ * normal operation, NSS calculates them all together in a single call.
+ */
+static SECStatus
+prng_instantiate(RNGContext *rng, const PRUint8 *bytes, unsigned int len)
+{
+ if (!rng->isKatTest && len < PRNG_SEEDLEN) {
+ /* If the seedlen is too small, it's probably because we failed to get
+ * enough random data.
+ * This is stricter than NIST SP800-90A requires. Don't enforce it for
+ * tests. */
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ return SECFailure;
+ }
+ prng_Hash_df(V(rng), VSize(rng), bytes, len, NULL, 0);
+ rng->V_type = prngCGenerateType;
+ prng_Hash_df(rng->C, sizeof rng->C, rng->V_Data, sizeof rng->V_Data, NULL, 0);
+ PRNG_RESET_RESEED_COUNT(rng)
+ return SECSuccess;
+}
+
+/*
+ * Update the global random number generator with more seeding
+ * material. Use the Hash_DRBG reseed algorithm from NIST SP-800-90
+ * section 10.1.1.3
+ *
+ * If entropy is NULL, it is fetched from the noise generator.
+ */
+static SECStatus
+prng_reseed(RNGContext *rng, const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *additional_input, unsigned int additional_input_len)
+{
+ PRUint8 noiseData[(sizeof rng->V_Data) + PRNG_SEEDLEN];
+ PRUint8 *noise = &noiseData[0];
+
+ /* if entropy wasn't supplied, fetch it. (normal operation case) */
+ if (entropy == NULL) {
+ entropy_len = (unsigned int)RNG_SystemRNG(
+ &noiseData[sizeof rng->V_Data], PRNG_SEEDLEN);
+ } else {
+ /* NOTE: this code is only available for testing, not to applications */
+ /* if entropy was too big for the stack variable, get it from malloc */
+ if (entropy_len > PRNG_SEEDLEN) {
+ noise = PORT_Alloc(entropy_len + (sizeof rng->V_Data));
+ if (noise == NULL) {
+ return SECFailure;
+ }
+ }
+ PORT_Memcpy(&noise[sizeof rng->V_Data], entropy, entropy_len);
+ }
+
+ if (entropy_len < 256 / PR_BITS_PER_BYTE) {
+ /* noise == &noiseData[0] at this point, so nothing to free */
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ return SECFailure;
+ }
+
+ rng->V_type = prngReseedType;
+ PORT_Memcpy(noise, rng->V_Data, sizeof rng->V_Data);
+ prng_Hash_df(V(rng), VSize(rng), noise, (sizeof rng->V_Data) + entropy_len,
+ additional_input, additional_input_len);
+ /* clear potential CSP */
+ PORT_Memset(noise, 0, (sizeof rng->V_Data) + entropy_len);
+ rng->V_type = prngCGenerateType;
+ prng_Hash_df(rng->C, sizeof rng->C, rng->V_Data, sizeof rng->V_Data, NULL, 0);
+ PRNG_RESET_RESEED_COUNT(rng)
+
+ if (noise != &noiseData[0]) {
+ PORT_Free(noise);
+ }
+ return SECSuccess;
+}
+
+/*
+ * SP 800-90 requires we rerun our health tests on reseed
+ */
+static SECStatus
+prng_reseed_test(RNGContext *rng, const PRUint8 *entropy,
+ unsigned int entropy_len, const PRUint8 *additional_input,
+ unsigned int additional_input_len)
+{
+ SECStatus rv;
+
+ /* do health checks in FIPS mode */
+ rv = PRNGTEST_RunHealthTests();
+ if (rv != SECSuccess) {
+ /* error set by PRNGTEST_RunHealTests() */
+ rng->isValid = PR_FALSE;
+ return SECFailure;
+ }
+ return prng_reseed(rng, entropy, entropy_len,
+ additional_input, additional_input_len);
+}
+
+/*
+ * build some fast inline functions for adding.
+ */
+#define PRNG_ADD_CARRY_ONLY(dest, start, carry) \
+ { \
+ int k1; \
+ for (k1 = start; carry && k1 >= 0; k1--) { \
+ carry = !(++dest[k1]); \
+ } \
+ }
+
+/*
+ * NOTE: dest must be an array for the following to work.
+ */
+#define PRNG_ADD_BITS(dest, dest_len, add, len, carry) \
+ carry = 0; \
+ PORT_Assert((dest_len) >= (len)); \
+ { \
+ int k1, k2; \
+ for (k1 = dest_len - 1, k2 = len - 1; k2 >= 0; --k1, --k2) { \
+ carry += dest[k1] + add[k2]; \
+ dest[k1] = (PRUint8)carry; \
+ carry >>= 8; \
+ } \
+ }
+
+#define PRNG_ADD_BITS_AND_CARRY(dest, dest_len, add, len, carry) \
+ PRNG_ADD_BITS(dest, dest_len, add, len, carry) \
+ PRNG_ADD_CARRY_ONLY(dest, dest_len - len - 1, carry)
+
+/*
+ * This function expands the internal state of the prng to fulfill any number
+ * of bytes we need for this request. We only use this call if we need more
+ * than can be supplied by a single call to SHA256_HashBuf.
+ *
+ * This function is specified in NIST SP 800-90 section 10.1.1.4, Hashgen
+ */
+static void
+prng_Hashgen(RNGContext *rng, PRUint8 *returned_bytes,
+ unsigned int no_of_returned_bytes)
+{
+ PRUint8 data[VSize(rng)];
+ PRUint8 thisHash[SHA256_LENGTH];
+ PRUint8 *lastHash = rng->lastOutput;
+
+ PORT_Memcpy(data, V(rng), VSize(rng));
+ while (no_of_returned_bytes) {
+ SHA256Context ctx;
+ unsigned int len;
+ unsigned int carry;
+
+ SHA256_Begin(&ctx);
+ SHA256_Update(&ctx, data, sizeof data);
+ SHA256_End(&ctx, thisHash, &len, SHA256_LENGTH);
+ if (PORT_Memcmp(lastHash, thisHash, len) == 0) {
+ rng->isValid = PR_FALSE;
+ break;
+ }
+ if (no_of_returned_bytes < SHA256_LENGTH) {
+ len = no_of_returned_bytes;
+ }
+ PORT_Memcpy(returned_bytes, thisHash, len);
+ lastHash = returned_bytes;
+ returned_bytes += len;
+ no_of_returned_bytes -= len;
+ /* The carry parameter is a bool (increment or not).
+ * This increments data if no_of_returned_bytes is not zero */
+ carry = no_of_returned_bytes;
+ PRNG_ADD_CARRY_ONLY(data, (sizeof data) - 1, carry);
+ }
+ PORT_Memcpy(rng->lastOutput, thisHash, SHA256_LENGTH);
+ PORT_Memset(data, 0, sizeof data);
+ PORT_Memset(thisHash, 0, sizeof thisHash);
+}
+
+/*
+ * Generates new random bytes and advances the internal prng state.
+ * additional bytes are only used in algorithm testing.
+ *
+ * This function is specified in NIST SP 800-90 section 10.1.1.4
+ */
+static SECStatus
+prng_generateNewBytes(RNGContext *rng,
+ PRUint8 *returned_bytes, unsigned int no_of_returned_bytes,
+ const PRUint8 *additional_input,
+ unsigned int additional_input_len)
+{
+ PRUint8 H[SHA256_LENGTH]; /* both H and w since they
+ * aren't used concurrently */
+ unsigned int carry;
+
+ if (!rng->isValid) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* This code only triggers during tests, normal
+ * prng operation does not use additional_input */
+ if (additional_input) {
+ SHA256Context ctx;
+/* NIST SP 800-90 defines two temporaries in their calculations,
+ * w and H. These temporaries are the same lengths, and used
+ * at different times, so we use the following macro to collapse
+ * them to the same variable, but keeping their unique names for
+ * easy comparison to the spec */
+#define w H
+ rng->V_type = prngAdditionalDataType;
+ SHA256_Begin(&ctx);
+ SHA256_Update(&ctx, rng->V_Data, sizeof rng->V_Data);
+ SHA256_Update(&ctx, additional_input, additional_input_len);
+ SHA256_End(&ctx, w, NULL, sizeof w);
+ PRNG_ADD_BITS_AND_CARRY(V(rng), VSize(rng), w, sizeof w, carry)
+ PORT_Memset(w, 0, sizeof w);
+#undef w
+ }
+
+ if (no_of_returned_bytes == SHA256_LENGTH) {
+ /* short_cut to hashbuf and a couple of copies and clears */
+ SHA256_HashBuf(returned_bytes, V(rng), VSize(rng));
+ /* continuous rng check */
+ if (memcmp(rng->lastOutput, returned_bytes, SHA256_LENGTH) == 0) {
+ rng->isValid = PR_FALSE;
+ }
+ PORT_Memcpy(rng->lastOutput, returned_bytes, sizeof rng->lastOutput);
+ } else {
+ prng_Hashgen(rng, returned_bytes, no_of_returned_bytes);
+ }
+ /* advance our internal state... */
+ rng->V_type = prngGenerateByteType;
+ SHA256_HashBuf(H, rng->V_Data, sizeof rng->V_Data);
+ PRNG_ADD_BITS_AND_CARRY(V(rng), VSize(rng), H, sizeof H, carry)
+ PRNG_ADD_BITS(V(rng), VSize(rng), rng->C, sizeof rng->C, carry);
+ PRNG_ADD_BITS_AND_CARRY(V(rng), VSize(rng), rng->reseed_counter,
+ sizeof rng->reseed_counter, carry)
+ carry = 1;
+ PRNG_ADD_CARRY_ONLY(rng->reseed_counter, (sizeof rng->reseed_counter) - 1, carry);
+
+ /* if the prng failed, don't return any output, signal softoken */
+ if (!rng->isValid) {
+ PORT_Memset(returned_bytes, 0, no_of_returned_bytes);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* Use NSPR to prevent RNG_RNGInit from being called from separate
+ * threads, creating a race condition.
+ */
+static const PRCallOnceType pristineCallOnce;
+static PRCallOnceType coRNGInit;
+static PRStatus
+rng_init(void)
+{
+ PRUint8 bytes[PRNG_SEEDLEN * 2]; /* entropy + nonce */
+ unsigned int numBytes;
+ SECStatus rv = SECSuccess;
+
+ if (globalrng == NULL) {
+ /* bytes needs to have enough space to hold
+ * a SHA256 hash value. Blow up at compile time if this isn't true */
+ PR_STATIC_ASSERT(sizeof(bytes) >= SHA256_LENGTH);
+ /* create a new global RNG context */
+ globalrng = &theGlobalRng;
+ PORT_Assert(NULL == globalrng->lock);
+ /* create a lock for it */
+ globalrng->lock = PZ_NewLock(nssILockOther);
+ if (globalrng->lock == NULL) {
+ globalrng = NULL;
+ PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+ return PR_FAILURE;
+ }
+
+ /* Try to get some seed data for the RNG */
+ numBytes = (unsigned int)RNG_SystemRNG(bytes, sizeof bytes);
+ PORT_Assert(numBytes == 0 || numBytes == sizeof bytes);
+ if (numBytes != 0) {
+ /* if this is our first call, instantiate, otherwise reseed
+ * prng_instantiate gets a new clean state, we want to mix
+ * any previous entropy we may have collected */
+ if (V(globalrng)[0] == 0) {
+ rv = prng_instantiate(globalrng, bytes, numBytes);
+ } else {
+ rv = prng_reseed_test(globalrng, bytes, numBytes, NULL, 0);
+ }
+ memset(bytes, 0, numBytes);
+ } else {
+ PZ_DestroyLock(globalrng->lock);
+ globalrng->lock = NULL;
+ globalrng = NULL;
+ return PR_FAILURE;
+ }
+
+ if (rv != SECSuccess) {
+ return PR_FAILURE;
+ }
+ /* the RNG is in a valid state */
+ globalrng->isValid = PR_TRUE;
+ globalrng->isKatTest = PR_FALSE;
+
+ /* fetch one random value so that we can populate rng->oldV for our
+ * continous random number test. */
+ prng_generateNewBytes(globalrng, bytes, SHA256_LENGTH, NULL, 0);
+
+ /* Fetch more entropy into the PRNG */
+ RNG_SystemInfoForRNG();
+ }
+ return PR_SUCCESS;
+}
+
+/*
+ * Clean up the global RNG context
+ */
+static void
+prng_freeRNGContext(RNGContext *rng)
+{
+ PRUint8 inputhash[VSize(rng) + (sizeof rng->C)];
+
+ /* destroy context lock */
+ SKIP_AFTER_FORK(PZ_DestroyLock(globalrng->lock));
+
+ /* zero global RNG context except for C & V to preserve entropy */
+ prng_Hash_df(inputhash, sizeof rng->C, rng->C, sizeof rng->C, NULL, 0);
+ prng_Hash_df(&inputhash[sizeof rng->C], VSize(rng), V(rng), VSize(rng),
+ NULL, 0);
+ memset(rng, 0, sizeof *rng);
+ memcpy(rng->C, inputhash, sizeof rng->C);
+ memcpy(V(rng), &inputhash[sizeof rng->C], VSize(rng));
+
+ memset(inputhash, 0, sizeof inputhash);
+}
+
+/*
+ * Public functions
+ */
+
+/*
+ * Initialize the global RNG context and give it some seed input taken
+ * from the system. This function is thread-safe and will only allow
+ * the global context to be initialized once. The seed input is likely
+ * small, so it is imperative that RNG_RandomUpdate() be called with
+ * additional seed data before the generator is used. A good way to
+ * provide the generator with additional entropy is to call
+ * RNG_SystemInfoForRNG(). Note that C_Initialize() does exactly that.
+ */
+SECStatus
+RNG_RNGInit(void)
+{
+ /* Allow only one call to initialize the context */
+ PR_CallOnce(&coRNGInit, rng_init);
+ /* Make sure there is a context */
+ return (globalrng != NULL) ? SECSuccess : SECFailure;
+}
+
+/*
+** Update the global random number generator with more seeding
+** material.
+*/
+SECStatus
+RNG_RandomUpdate(const void *data, size_t bytes)
+{
+ SECStatus rv;
+
+ /* Make sure our assumption that size_t is unsigned is true */
+ PR_STATIC_ASSERT(((size_t)-1) > (size_t)1);
+
+#if defined(NS_PTR_GT_32) || (defined(NSS_USE_64) && !defined(NS_PTR_LE_32))
+ /*
+ * NIST 800-90 requires us to verify our inputs. This value can
+ * come from the application, so we need to make sure it's within the
+ * spec. The spec says it must be less than 2^32 bytes (2^35 bits).
+ * This can only happen if size_t is greater than 32 bits (i.e. on
+ * most 64 bit platforms). The 90% case (perhaps 100% case), size_t
+ * is less than or equal to 32 bits if the platform is not 64 bits, and
+ * greater than 32 bits if it is a 64 bit platform. The corner
+ * cases are handled with explicit defines NS_PTR_GT_32 and NS_PTR_LE_32.
+ *
+ * In general, neither NS_PTR_GT_32 nor NS_PTR_LE_32 will need to be
+ * defined. If you trip over the next two size ASSERTS at compile time,
+ * you will need to define them for your platform.
+ *
+ * if 'sizeof(size_t) > 4' is triggered it means that we were expecting
+ * sizeof(size_t) to be greater than 4, but it wasn't. Setting
+ * NS_PTR_LE_32 will correct that mistake.
+ *
+ * if 'sizeof(size_t) <= 4' is triggered, it means that we were expecting
+ * sizeof(size_t) to be less than or equal to 4, but it wasn't. Setting
+ * NS_PTR_GT_32 will correct that mistake.
+ */
+
+ PR_STATIC_ASSERT(sizeof(size_t) > 4);
+
+ if (bytes > (size_t)PRNG_MAX_ADDITIONAL_BYTES) {
+ bytes = PRNG_MAX_ADDITIONAL_BYTES;
+ }
+#else
+ PR_STATIC_ASSERT(sizeof(size_t) <= 4);
+#endif
+
+ PZ_Lock(globalrng->lock);
+ /* if we're passed more than our additionalDataCache, simply
+ * call reseed with that data */
+ if (bytes > sizeof(globalrng->additionalDataCache)) {
+ rv = prng_reseed_test(globalrng, NULL, 0, data, (unsigned int)bytes);
+ /* if we aren't going to fill or overflow the buffer, just cache it */
+ } else if (bytes < ((sizeof globalrng->additionalDataCache) - globalrng->additionalAvail)) {
+ PORT_Memcpy(globalrng->additionalDataCache + globalrng->additionalAvail,
+ data, bytes);
+ globalrng->additionalAvail += (PRUint32)bytes;
+ rv = SECSuccess;
+ } else {
+ /* we are going to fill or overflow the buffer. In this case we will
+ * fill the entropy buffer, reseed with it, start a new buffer with the
+ * remainder. We know the remainder will fit in the buffer because
+ * we already handled the case where bytes > the size of the buffer.
+ */
+ size_t bufRemain = (sizeof globalrng->additionalDataCache) - globalrng->additionalAvail;
+ /* fill the rest of the buffer */
+ if (bufRemain) {
+ PORT_Memcpy(globalrng->additionalDataCache + globalrng->additionalAvail,
+ data, bufRemain);
+ data = ((unsigned char *)data) + bufRemain;
+ bytes -= bufRemain;
+ }
+ /* reseed from buffer */
+ rv = prng_reseed_test(globalrng, NULL, 0,
+ globalrng->additionalDataCache,
+ sizeof globalrng->additionalDataCache);
+
+ /* copy the rest into the cache */
+ PORT_Memcpy(globalrng->additionalDataCache, data, bytes);
+ globalrng->additionalAvail = (PRUint32)bytes;
+ }
+
+ PZ_Unlock(globalrng->lock);
+ return rv;
+}
+
+/*
+** Generate some random bytes, using the global random number generator
+** object.
+*/
+static SECStatus
+prng_GenerateGlobalRandomBytes(RNGContext *rng,
+ void *dest, size_t len)
+{
+ SECStatus rv = SECSuccess;
+ PRUint8 *output = dest;
+ /* check for a valid global RNG context */
+ PORT_Assert(rng != NULL);
+ if (rng == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* FIPS limits the amount of entropy available in a single request */
+ if (len > PRNG_MAX_REQUEST_SIZE) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* --- LOCKED --- */
+ PZ_Lock(rng->lock);
+ /* Check the amount of seed data in the generator. If not enough,
+ * don't produce any data.
+ */
+ if (rng->reseed_counter[0] >= RESEED_VALUE) {
+ rv = prng_reseed_test(rng, NULL, 0, NULL, 0);
+ PZ_Unlock(rng->lock);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ RNG_SystemInfoForRNG();
+ PZ_Lock(rng->lock);
+ }
+ /*
+ * see if we have enough bytes to fulfill the request.
+ */
+ if (len <= rng->dataAvail) {
+ memcpy(output, rng->data + ((sizeof rng->data) - rng->dataAvail), len);
+ memset(rng->data + ((sizeof rng->data) - rng->dataAvail), 0, len);
+ rng->dataAvail -= len;
+ rv = SECSuccess;
+ /* if we are asking for a small number of bytes, cache the rest of
+ * the bytes */
+ } else if (len < sizeof rng->data) {
+ rv = prng_generateNewBytes(rng, rng->data, sizeof rng->data,
+ rng->additionalAvail ? rng->additionalDataCache : NULL,
+ rng->additionalAvail);
+ rng->additionalAvail = 0;
+ if (rv == SECSuccess) {
+ memcpy(output, rng->data, len);
+ memset(rng->data, 0, len);
+ rng->dataAvail = (sizeof rng->data) - len;
+ }
+ /* we are asking for lots of bytes, just ask the generator to pass them */
+ } else {
+ rv = prng_generateNewBytes(rng, output, len,
+ rng->additionalAvail ? rng->additionalDataCache : NULL,
+ rng->additionalAvail);
+ rng->additionalAvail = 0;
+ }
+ PZ_Unlock(rng->lock);
+ /* --- UNLOCKED --- */
+ return rv;
+}
+
+/*
+** Generate some random bytes, using the global random number generator
+** object.
+*/
+SECStatus
+RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
+{
+#ifdef UNSAFE_FUZZER_MODE
+ return prng_GenerateDeterministicRandomBytes(globalrng->lock, dest, len);
+#else
+ return prng_GenerateGlobalRandomBytes(globalrng, dest, len);
+#endif
+}
+
+SECStatus
+RNG_ResetForFuzzing(void)
+{
+#ifdef UNSAFE_FUZZER_MODE
+ return prng_ResetForFuzzing(globalrng->lock);
+#else
+ return SECFailure;
+#endif
+}
+
+void
+RNG_RNGShutdown(void)
+{
+ /* check for a valid global RNG context */
+ PORT_Assert(globalrng != NULL);
+ if (globalrng == NULL) {
+ /* Should set a "not initialized" error code. */
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return;
+ }
+ /* clear */
+ prng_freeRNGContext(globalrng);
+ globalrng = NULL;
+ /* reset the callonce struct to allow a new call to RNG_RNGInit() */
+ coRNGInit = pristineCallOnce;
+}
+
+/*
+ * Test case interface. used by fips testing and power on self test
+ */
+/* make sure the test context is separate from the global context, This
+ * allows us to test the internal random number generator without losing
+ * entropy we may have previously collected. */
+RNGContext testContext;
+
+SECStatus
+PRNGTEST_Instantiate_Kat(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *nonce, unsigned int nonce_len,
+ const PRUint8 *personal_string, unsigned int ps_len)
+{
+ testContext.isKatTest = PR_TRUE;
+ return PRNGTEST_Instantiate(entropy, entropy_len,
+ nonce, nonce_len,
+ personal_string, ps_len);
+}
+
+/*
+ * Test vector API. Use NIST SP 800-90 general interface so one of the
+ * other NIST SP 800-90 algorithms may be used in the future.
+ */
+SECStatus
+PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *nonce, unsigned int nonce_len,
+ const PRUint8 *personal_string, unsigned int ps_len)
+{
+ int bytes_len = entropy_len + nonce_len + ps_len;
+ PRUint8 *bytes = NULL;
+ SECStatus rv;
+
+ if (entropy_len < 256 / PR_BITS_PER_BYTE) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ return SECFailure;
+ }
+
+ bytes = PORT_Alloc(bytes_len);
+ if (bytes == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ /* concatenate the various inputs, internally NSS only instantiates with
+ * a single long string */
+ PORT_Memcpy(bytes, entropy, entropy_len);
+ if (nonce) {
+ PORT_Memcpy(&bytes[entropy_len], nonce, nonce_len);
+ } else {
+ PORT_Assert(nonce_len == 0);
+ }
+ if (personal_string) {
+ PORT_Memcpy(&bytes[entropy_len + nonce_len], personal_string, ps_len);
+ } else {
+ PORT_Assert(ps_len == 0);
+ }
+ rv = prng_instantiate(&testContext, bytes, bytes_len);
+ PORT_ZFree(bytes, bytes_len);
+ if (rv == SECFailure) {
+ return SECFailure;
+ }
+ testContext.isValid = PR_TRUE;
+ return SECSuccess;
+}
+
+SECStatus
+PRNGTEST_Reseed(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *additional, unsigned int additional_len)
+{
+ if (!testContext.isValid) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* This magic input tells us to set the reseed count to it's max count,
+ * so we can simulate PRNGTEST_Generate reaching max reseed count */
+ if ((entropy == NULL) && (entropy_len == 0) &&
+ (additional == NULL) && (additional_len == 0)) {
+ testContext.reseed_counter[0] = RESEED_VALUE;
+ return SECSuccess;
+ }
+ return prng_reseed(&testContext, entropy, entropy_len, additional,
+ additional_len);
+}
+
+SECStatus
+PRNGTEST_Generate(PRUint8 *bytes, unsigned int bytes_len,
+ const PRUint8 *additional, unsigned int additional_len)
+{
+ SECStatus rv;
+ if (!testContext.isValid) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* replicate reseed test from prng_GenerateGlobalRandomBytes */
+ if (testContext.reseed_counter[0] >= RESEED_VALUE) {
+ rv = prng_reseed(&testContext, NULL, 0, NULL, 0);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ return prng_generateNewBytes(&testContext, bytes, bytes_len,
+ additional, additional_len);
+}
+
+SECStatus
+PRNGTEST_Uninstantiate()
+{
+ if (!testContext.isValid) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ PORT_Memset(&testContext, 0, sizeof testContext);
+ return SECSuccess;
+}
+
+SECStatus
+PRNGTEST_RunHealthTests()
+{
+ static const PRUint8 entropy[] = {
+ 0x8e, 0x9c, 0x0d, 0x25, 0x75, 0x22, 0x04, 0xf9,
+ 0xc5, 0x79, 0x10, 0x8b, 0x23, 0x79, 0x37, 0x14,
+ 0x9f, 0x2c, 0xc7, 0x0b, 0x39, 0xf8, 0xee, 0xef,
+ 0x95, 0x0c, 0x97, 0x59, 0xfc, 0x0a, 0x85, 0x41,
+ 0x76, 0x9d, 0x6d, 0x67, 0x00, 0x4e, 0x19, 0x12,
+ 0x02, 0x16, 0x53, 0xea, 0xf2, 0x73, 0xd7, 0xd6,
+ 0x7f, 0x7e, 0xc8, 0xae, 0x9c, 0x09, 0x99, 0x7d,
+ 0xbb, 0x9e, 0x48, 0x7f, 0xbb, 0x96, 0x46, 0xb3,
+ 0x03, 0x75, 0xf8, 0xc8, 0x69, 0x45, 0x3f, 0x97,
+ 0x5e, 0x2e, 0x48, 0xe1, 0x5d, 0x58, 0x97, 0x4c
+ };
+ static const PRUint8 rng_known_result[] = {
+ 0x16, 0xe1, 0x8c, 0x57, 0x21, 0xd8, 0xf1, 0x7e,
+ 0x5a, 0xa0, 0x16, 0x0b, 0x7e, 0xa6, 0x25, 0xb4,
+ 0x24, 0x19, 0xdb, 0x54, 0xfa, 0x35, 0x13, 0x66,
+ 0xbb, 0xaa, 0x2a, 0x1b, 0x22, 0x33, 0x2e, 0x4a,
+ 0x14, 0x07, 0x9d, 0x52, 0xfc, 0x73, 0x61, 0x48,
+ 0xac, 0xc1, 0x22, 0xfc, 0xa4, 0xfc, 0xac, 0xa4,
+ 0xdb, 0xda, 0x5b, 0x27, 0x33, 0xc4, 0xb3
+ };
+ static const PRUint8 reseed_entropy[] = {
+ 0xc6, 0x0b, 0x0a, 0x30, 0x67, 0x07, 0xf4, 0xe2,
+ 0x24, 0xa7, 0x51, 0x6f, 0x5f, 0x85, 0x3e, 0x5d,
+ 0x67, 0x97, 0xb8, 0x3b, 0x30, 0x9c, 0x7a, 0xb1,
+ 0x52, 0xc6, 0x1b, 0xc9, 0x46, 0xa8, 0x62, 0x79
+ };
+ static const PRUint8 additional_input[] = {
+ 0x86, 0x82, 0x28, 0x98, 0xe7, 0xcb, 0x01, 0x14,
+ 0xae, 0x87, 0x4b, 0x1d, 0x99, 0x1b, 0xc7, 0x41,
+ 0x33, 0xff, 0x33, 0x66, 0x40, 0x95, 0x54, 0xc6,
+ 0x67, 0x4d, 0x40, 0x2a, 0x1f, 0xf9, 0xeb, 0x65
+ };
+ static const PRUint8 rng_reseed_result[] = {
+ 0x02, 0x0c, 0xc6, 0x17, 0x86, 0x49, 0xba, 0xc4,
+ 0x7b, 0x71, 0x35, 0x05, 0xf0, 0xdb, 0x4a, 0xc2,
+ 0x2c, 0x38, 0xc1, 0xa4, 0x42, 0xe5, 0x46, 0x4a,
+ 0x7d, 0xf0, 0xbe, 0x47, 0x88, 0xb8, 0x0e, 0xc6,
+ 0x25, 0x2b, 0x1d, 0x13, 0xef, 0xa6, 0x87, 0x96,
+ 0xa3, 0x7d, 0x5b, 0x80, 0xc2, 0x38, 0x76, 0x61,
+ 0xc7, 0x80, 0x5d, 0x0f, 0x05, 0x76, 0x85
+ };
+ static const PRUint8 rng_no_reseed_result[] = {
+ 0xc4, 0x40, 0x41, 0x8c, 0xbf, 0x2f, 0x70, 0x23,
+ 0x88, 0xf2, 0x7b, 0x30, 0xc3, 0xca, 0x1e, 0xf3,
+ 0xef, 0x53, 0x81, 0x5d, 0x30, 0xed, 0x4c, 0xf1,
+ 0xff, 0x89, 0xa5, 0xee, 0x92, 0xf8, 0xc0, 0x0f,
+ 0x88, 0x53, 0xdf, 0xb6, 0x76, 0xf0, 0xaa, 0xd3,
+ 0x2e, 0x1d, 0x64, 0x37, 0x3e, 0xe8, 0x4a, 0x02,
+ 0xff, 0x0a, 0x7f, 0xe5, 0xe9, 0x2b, 0x6d
+ };
+
+ SECStatus rng_status = SECSuccess;
+ PR_STATIC_ASSERT(sizeof(rng_known_result) >= sizeof(rng_reseed_result));
+ PRUint8 result[sizeof(rng_known_result)];
+
+ /********************************************/
+ /* First test instantiate error path. */
+ /* In this case we supply enough entropy, */
+ /* but not enough seed. This will trigger */
+ /* the code that checks for a entropy */
+ /* source failure. */
+ /********************************************/
+ rng_status = PRNGTEST_Instantiate(entropy, 256 / PR_BITS_PER_BYTE,
+ NULL, 0, NULL, 0);
+ if (rng_status == SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (PORT_GetError() != SEC_ERROR_NEED_RANDOM) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* we failed with the proper error code, we can continue */
+
+ /********************************************/
+ /* Generate random bytes with a known seed. */
+ /********************************************/
+ rng_status = PRNGTEST_Instantiate(entropy, sizeof entropy,
+ NULL, 0, NULL, 0);
+ if (rng_status != SECSuccess) {
+ /* Error set by PRNGTEST_Instantiate */
+ return SECFailure;
+ }
+ rng_status = PRNGTEST_Generate(result, sizeof rng_known_result, NULL, 0);
+ if ((rng_status != SECSuccess) ||
+ (PORT_Memcmp(result, rng_known_result,
+ sizeof rng_known_result) != 0)) {
+ PRNGTEST_Uninstantiate();
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ rng_status = PRNGTEST_Reseed(reseed_entropy, sizeof reseed_entropy,
+ additional_input, sizeof additional_input);
+ if (rng_status != SECSuccess) {
+ /* Error set by PRNG_Reseed */
+ PRNGTEST_Uninstantiate();
+ return SECFailure;
+ }
+ rng_status = PRNGTEST_Generate(result, sizeof rng_reseed_result, NULL, 0);
+ if ((rng_status != SECSuccess) ||
+ (PORT_Memcmp(result, rng_reseed_result,
+ sizeof rng_reseed_result) != 0)) {
+ PRNGTEST_Uninstantiate();
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* This magic forces the reseed count to it's max count, so we can see if
+ * PRNGTEST_Generate will actually when it reaches it's count */
+ rng_status = PRNGTEST_Reseed(NULL, 0, NULL, 0);
+ if (rng_status != SECSuccess) {
+ PRNGTEST_Uninstantiate();
+ /* Error set by PRNG_Reseed */
+ return SECFailure;
+ }
+ /* This generate should now reseed */
+ rng_status = PRNGTEST_Generate(result, sizeof rng_reseed_result, NULL, 0);
+ if ((rng_status != SECSuccess) ||
+ /* NOTE we fail if the result is equal to the no_reseed_result.
+ * no_reseed_result is the value we would have gotten if we didn't
+ * do an automatic reseed in PRNGTEST_Generate */
+ (PORT_Memcmp(result, rng_no_reseed_result,
+ sizeof rng_no_reseed_result) == 0)) {
+ PRNGTEST_Uninstantiate();
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* make sure reseed fails when we don't supply enough entropy */
+ rng_status = PRNGTEST_Reseed(reseed_entropy, 4, NULL, 0);
+ if (rng_status == SECSuccess) {
+ PRNGTEST_Uninstantiate();
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (PORT_GetError() != SEC_ERROR_NEED_RANDOM) {
+ PRNGTEST_Uninstantiate();
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ rng_status = PRNGTEST_Uninstantiate();
+ if (rng_status != SECSuccess) {
+ /* Error set by PRNG_Uninstantiate */
+ return rng_status;
+ }
+ /* make sure uninstantiate fails if the contest is not initiated (also tests
+ * if the context was cleared in the previous Uninstantiate) */
+ rng_status = PRNGTEST_Uninstantiate();
+ if (rng_status == SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (PORT_GetError() != SEC_ERROR_LIBRARY_FAILURE) {
+ return rng_status;
+ }
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/freebl/dsa.c b/security/nss/lib/freebl/dsa.c
new file mode 100644
index 000000000..9324d306b
--- /dev/null
+++ b/security/nss/lib/freebl/dsa.c
@@ -0,0 +1,647 @@
+/*
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerror.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "prinit.h"
+#include "blapi.h"
+#include "nssilock.h"
+#include "secitem.h"
+#include "blapi.h"
+#include "mpi.h"
+#include "secmpi.h"
+#include "pqg.h"
+
+/* XXX to be replaced by define in blapit.h */
+#define NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE 2048
+
+/*
+ * FIPS 186-2 requires result from random output to be reduced mod q when
+ * generating random numbers for DSA.
+ *
+ * Input: w, 2*qLen bytes
+ * q, qLen bytes
+ * Output: xj, qLen bytes
+ */
+static SECStatus
+fips186Change_ReduceModQForDSA(const PRUint8 *w, const PRUint8 *q,
+ unsigned int qLen, PRUint8 *xj)
+{
+ mp_int W, Q, Xj;
+ mp_err err;
+ SECStatus rv = SECSuccess;
+
+ /* Initialize MPI integers. */
+ MP_DIGITS(&W) = 0;
+ MP_DIGITS(&Q) = 0;
+ MP_DIGITS(&Xj) = 0;
+ CHECK_MPI_OK(mp_init(&W));
+ CHECK_MPI_OK(mp_init(&Q));
+ CHECK_MPI_OK(mp_init(&Xj));
+ /*
+ * Convert input arguments into MPI integers.
+ */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&W, w, 2 * qLen));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&Q, q, qLen));
+
+ /*
+ * Algorithm 1 of FIPS 186-2 Change Notice 1, Step 3.3
+ *
+ * xj = (w0 || w1) mod q
+ */
+ CHECK_MPI_OK(mp_mod(&W, &Q, &Xj));
+ CHECK_MPI_OK(mp_to_fixlen_octets(&Xj, xj, qLen));
+cleanup:
+ mp_clear(&W);
+ mp_clear(&Q);
+ mp_clear(&Xj);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+ * FIPS 186-2 requires result from random output to be reduced mod q when
+ * generating random numbers for DSA.
+ */
+SECStatus
+FIPS186Change_ReduceModQForDSA(const unsigned char *w,
+ const unsigned char *q,
+ unsigned char *xj)
+{
+ return fips186Change_ReduceModQForDSA(w, q, DSA1_SUBPRIME_LEN, xj);
+}
+
+/*
+ * The core of Algorithm 1 of FIPS 186-2 Change Notice 1.
+ *
+ * We no longer support FIPS 186-2 RNG. This function was exported
+ * for power-up self tests and FIPS tests. Keep this stub, which fails,
+ * to prevent crashes, but also to signal to test code that FIPS 186-2
+ * RNG is no longer supported.
+ */
+SECStatus
+FIPS186Change_GenerateX(PRUint8 *XKEY, const PRUint8 *XSEEDj,
+ PRUint8 *x_j)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+/*
+ * Specialized RNG for DSA
+ *
+ * As per Algorithm 1 of FIPS 186-2 Change Notice 1, in step 3.3 the value
+ * Xj should be reduced mod q, a 160-bit prime number. Since this parameter
+ * is only meaningful in the context of DSA, the above RNG functions
+ * were implemented without it. They are re-implemented below for use
+ * with DSA.
+ */
+
+/*
+** Generate some random bytes, using the global random number generator
+** object. In DSA mode, so there is a q.
+*/
+static SECStatus
+dsa_GenerateGlobalRandomBytes(const SECItem *qItem, PRUint8 *dest,
+ unsigned int *destLen, unsigned int maxDestLen)
+{
+ SECStatus rv;
+ SECItem w;
+ const PRUint8 *q = qItem->data;
+ unsigned int qLen = qItem->len;
+
+ if (*q == 0) {
+ ++q;
+ --qLen;
+ }
+ if (maxDestLen < qLen) {
+ /* This condition can occur when DSA_SignDigest is passed a group
+ with a subprime that is larger than DSA_MAX_SUBPRIME_LEN. */
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ w.data = NULL; /* otherwise SECITEM_AllocItem asserts */
+ if (!SECITEM_AllocItem(NULL, &w, 2 * qLen)) {
+ return SECFailure;
+ }
+ *destLen = qLen;
+
+ rv = RNG_GenerateGlobalRandomBytes(w.data, w.len);
+ if (rv == SECSuccess) {
+ rv = fips186Change_ReduceModQForDSA(w.data, q, qLen, dest);
+ }
+
+ SECITEM_FreeItem(&w, PR_FALSE);
+ return rv;
+}
+
+static void
+translate_mpi_error(mp_err err)
+{
+ MP_TO_SEC_ERROR(err);
+}
+
+static SECStatus
+dsa_NewKeyExtended(const PQGParams *params, const SECItem *seed,
+ DSAPrivateKey **privKey)
+{
+ mp_int p, g;
+ mp_int x, y;
+ mp_err err;
+ PLArenaPool *arena;
+ DSAPrivateKey *key;
+ /* Check args. */
+ if (!params || !privKey || !seed || !seed->data) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* Initialize an arena for the DSA key. */
+ arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
+ if (!key) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+ key->params.arena = arena;
+ /* Initialize MPI integers. */
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&x) = 0;
+ MP_DIGITS(&y) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&g));
+ CHECK_MPI_OK(mp_init(&x));
+ CHECK_MPI_OK(mp_init(&y));
+ /* Copy over the PQG params */
+ CHECK_MPI_OK(SECITEM_CopyItem(arena, &key->params.prime,
+ &params->prime));
+ CHECK_MPI_OK(SECITEM_CopyItem(arena, &key->params.subPrime,
+ &params->subPrime));
+ CHECK_MPI_OK(SECITEM_CopyItem(arena, &key->params.base, &params->base));
+ /* Convert stored p, g, and received x into MPI integers. */
+ SECITEM_TO_MPINT(params->prime, &p);
+ SECITEM_TO_MPINT(params->base, &g);
+ OCTETS_TO_MPINT(seed->data, &x, seed->len);
+ /* Store x in private key */
+ SECITEM_AllocItem(arena, &key->privateValue, seed->len);
+ PORT_Memcpy(key->privateValue.data, seed->data, seed->len);
+ /* Compute public key y = g**x mod p */
+ CHECK_MPI_OK(mp_exptmod(&g, &x, &p, &y));
+ /* Store y in public key */
+ MPINT_TO_SECITEM(&y, &key->publicValue, arena);
+ *privKey = key;
+ key = NULL;
+cleanup:
+ mp_clear(&p);
+ mp_clear(&g);
+ mp_clear(&x);
+ mp_clear(&y);
+ if (key)
+ PORT_FreeArena(key->params.arena, PR_TRUE);
+ if (err) {
+ translate_mpi_error(err);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+DSA_NewRandom(PLArenaPool *arena, const SECItem *q, SECItem *seed)
+{
+ int retries = 10;
+ unsigned int i;
+ PRBool good;
+
+ if (q == NULL || q->data == NULL || q->len == 0 ||
+ (q->data[0] == 0 && q->len == 1)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!SECITEM_AllocItem(arena, seed, q->len)) {
+ return SECFailure;
+ }
+
+ do {
+ /* Generate seed bytes for x according to FIPS 186-1 appendix 3 */
+ if (dsa_GenerateGlobalRandomBytes(q, seed->data, &seed->len,
+ seed->len)) {
+ goto loser;
+ }
+ /* Disallow values of 0 and 1 for x. */
+ good = PR_FALSE;
+ for (i = 0; i < seed->len - 1; i++) {
+ if (seed->data[i] != 0) {
+ good = PR_TRUE;
+ break;
+ }
+ }
+ if (!good && seed->data[i] > 1) {
+ good = PR_TRUE;
+ }
+ } while (!good && --retries > 0);
+
+ if (!good) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ loser:
+ if (arena != NULL) {
+ SECITEM_FreeItem(seed, PR_FALSE);
+ }
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/*
+** Generate and return a new DSA public and private key pair,
+** both of which are encoded into a single DSAPrivateKey struct.
+** "params" is a pointer to the PQG parameters for the domain
+** Uses a random seed.
+*/
+SECStatus
+DSA_NewKey(const PQGParams *params, DSAPrivateKey **privKey)
+{
+ SECItem seed;
+ SECStatus rv;
+
+ rv = PQG_Check(params);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ seed.data = NULL;
+
+ rv = DSA_NewRandom(NULL, &params->subPrime, &seed);
+ if (rv == SECSuccess) {
+ if (seed.len != PQG_GetLength(&params->subPrime)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ } else {
+ rv = dsa_NewKeyExtended(params, &seed, privKey);
+ }
+ }
+ SECITEM_FreeItem(&seed, PR_FALSE);
+ return rv;
+}
+
+/* For FIPS compliance testing. Seed must be exactly the size of subPrime */
+SECStatus
+DSA_NewKeyFromSeed(const PQGParams *params,
+ const unsigned char *seed,
+ DSAPrivateKey **privKey)
+{
+ SECItem seedItem;
+ seedItem.data = (unsigned char *)seed;
+ seedItem.len = PQG_GetLength(&params->subPrime);
+ return dsa_NewKeyExtended(params, &seedItem, privKey);
+}
+
+static SECStatus
+dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest,
+ const unsigned char *kb)
+{
+ mp_int p, q, g; /* PQG parameters */
+ mp_int x, k; /* private key & pseudo-random integer */
+ mp_int r, s; /* tuple (r, s) is signature) */
+ mp_int t; /* holding tmp values */
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ unsigned int dsa_subprime_len, dsa_signature_len, offset;
+ SECItem localDigest;
+ unsigned char localDigestData[DSA_MAX_SUBPRIME_LEN];
+ SECItem t2 = { siBuffer, NULL, 0 };
+
+ /* FIPS-compliance dictates that digest is a SHA hash. */
+ /* Check args. */
+ if (!key || !signature || !digest) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ dsa_subprime_len = PQG_GetLength(&key->params.subPrime);
+ dsa_signature_len = dsa_subprime_len * 2;
+ if ((signature->len < dsa_signature_len) ||
+ (digest->len > HASH_LENGTH_MAX) ||
+ (digest->len < SHA1_LENGTH)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* DSA accepts digests not equal to dsa_subprime_len, if the
+ * digests are greater, then they are truncated to the size of
+ * dsa_subprime_len, using the left most bits. If they are less
+ * then they are padded on the left.*/
+ PORT_Memset(localDigestData, 0, dsa_subprime_len);
+ offset = (digest->len < dsa_subprime_len) ? (dsa_subprime_len - digest->len) : 0;
+ PORT_Memcpy(localDigestData + offset, digest->data,
+ dsa_subprime_len - offset);
+ localDigest.data = localDigestData;
+ localDigest.len = dsa_subprime_len;
+
+ /* Initialize MPI integers. */
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&x) = 0;
+ MP_DIGITS(&k) = 0;
+ MP_DIGITS(&r) = 0;
+ MP_DIGITS(&s) = 0;
+ MP_DIGITS(&t) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&g));
+ CHECK_MPI_OK(mp_init(&x));
+ CHECK_MPI_OK(mp_init(&k));
+ CHECK_MPI_OK(mp_init(&r));
+ CHECK_MPI_OK(mp_init(&s));
+ CHECK_MPI_OK(mp_init(&t));
+ /*
+ ** Convert stored PQG and private key into MPI integers.
+ */
+ SECITEM_TO_MPINT(key->params.prime, &p);
+ SECITEM_TO_MPINT(key->params.subPrime, &q);
+ SECITEM_TO_MPINT(key->params.base, &g);
+ SECITEM_TO_MPINT(key->privateValue, &x);
+ OCTETS_TO_MPINT(kb, &k, dsa_subprime_len);
+ /*
+ ** FIPS 186-1, Section 5, Step 1
+ **
+ ** r = (g**k mod p) mod q
+ */
+ CHECK_MPI_OK(mp_exptmod(&g, &k, &p, &r)); /* r = g**k mod p */
+ CHECK_MPI_OK(mp_mod(&r, &q, &r)); /* r = r mod q */
+ /*
+ ** FIPS 186-1, Section 5, Step 2
+ **
+ ** s = (k**-1 * (HASH(M) + x*r)) mod q
+ */
+ if (DSA_NewRandom(NULL, &key->params.subPrime, &t2) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ SECITEM_TO_MPINT(t2, &t); /* t <-$ Zq */
+ CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */
+ CHECK_MPI_OK(mp_invmod(&k, &q, &k)); /* k = k**-1 mod q */
+ CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */
+ SECITEM_TO_MPINT(localDigest, &s); /* s = HASH(M) */
+ CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */
+ CHECK_MPI_OK(mp_addmod(&s, &x, &q, &s)); /* s = s + x mod q */
+ CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */
+ /*
+ ** verify r != 0 and s != 0
+ ** mentioned as optional in FIPS 186-1.
+ */
+ if (mp_cmp_z(&r) == 0 || mp_cmp_z(&s) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ /*
+ ** Step 4
+ **
+ ** Signature is tuple (r, s)
+ */
+ err = mp_to_fixlen_octets(&r, signature->data, dsa_subprime_len);
+ if (err < 0)
+ goto cleanup;
+ err = mp_to_fixlen_octets(&s, signature->data + dsa_subprime_len,
+ dsa_subprime_len);
+ if (err < 0)
+ goto cleanup;
+ err = MP_OKAY;
+ signature->len = dsa_signature_len;
+cleanup:
+ PORT_Memset(localDigestData, 0, DSA_MAX_SUBPRIME_LEN);
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&g);
+ mp_clear(&x);
+ mp_clear(&k);
+ mp_clear(&r);
+ mp_clear(&s);
+ mp_clear(&t);
+ SECITEM_FreeItem(&t2, PR_FALSE);
+ if (err) {
+ translate_mpi_error(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/* signature is caller-supplied buffer of at least 40 bytes.
+** On input, signature->len == size of buffer to hold signature.
+** digest->len == size of digest.
+** On output, signature->len == size of signature in buffer.
+** Uses a random seed.
+*/
+SECStatus
+DSA_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest)
+{
+ SECStatus rv;
+ int retries = 10;
+ unsigned char kSeed[DSA_MAX_SUBPRIME_LEN];
+ unsigned int kSeedLen = 0;
+ unsigned int i;
+ unsigned int dsa_subprime_len = PQG_GetLength(&key->params.subPrime);
+ PRBool good;
+
+ PORT_SetError(0);
+ do {
+ rv = dsa_GenerateGlobalRandomBytes(&key->params.subPrime,
+ kSeed, &kSeedLen, sizeof kSeed);
+ if (rv != SECSuccess)
+ break;
+ if (kSeedLen != dsa_subprime_len) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+ /* Disallow a value of 0 for k. */
+ good = PR_FALSE;
+ for (i = 0; i < kSeedLen; i++) {
+ if (kSeed[i] != 0) {
+ good = PR_TRUE;
+ break;
+ }
+ }
+ if (!good) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ rv = SECFailure;
+ continue;
+ }
+ rv = dsa_SignDigest(key, signature, digest, kSeed);
+ } while (rv != SECSuccess && PORT_GetError() == SEC_ERROR_NEED_RANDOM &&
+ --retries > 0);
+ return rv;
+}
+
+/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
+SECStatus
+DSA_SignDigestWithSeed(DSAPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest,
+ const unsigned char *seed)
+{
+ SECStatus rv;
+ rv = dsa_SignDigest(key, signature, digest, seed);
+ return rv;
+}
+
+/* signature is caller-supplied buffer of at least 20 bytes.
+** On input, signature->len == size of buffer to hold signature.
+** digest->len == size of digest.
+*/
+SECStatus
+DSA_VerifyDigest(DSAPublicKey *key, const SECItem *signature,
+ const SECItem *digest)
+{
+ /* FIPS-compliance dictates that digest is a SHA hash. */
+ mp_int p, q, g; /* PQG parameters */
+ mp_int r_, s_; /* tuple (r', s') is received signature) */
+ mp_int u1, u2, v, w; /* intermediate values used in verification */
+ mp_int y; /* public key */
+ mp_err err;
+ unsigned int dsa_subprime_len, dsa_signature_len, offset;
+ SECItem localDigest;
+ unsigned char localDigestData[DSA_MAX_SUBPRIME_LEN];
+ SECStatus verified = SECFailure;
+
+ /* Check args. */
+ if (!key || !signature || !digest) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ dsa_subprime_len = PQG_GetLength(&key->params.subPrime);
+ dsa_signature_len = dsa_subprime_len * 2;
+ if ((signature->len != dsa_signature_len) ||
+ (digest->len > HASH_LENGTH_MAX) ||
+ (digest->len < SHA1_LENGTH)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* DSA accepts digests not equal to dsa_subprime_len, if the
+ * digests are greater, than they are truncated to the size of
+ * dsa_subprime_len, using the left most bits. If they are less
+ * then they are padded on the left.*/
+ PORT_Memset(localDigestData, 0, dsa_subprime_len);
+ offset = (digest->len < dsa_subprime_len) ? (dsa_subprime_len - digest->len) : 0;
+ PORT_Memcpy(localDigestData + offset, digest->data,
+ dsa_subprime_len - offset);
+ localDigest.data = localDigestData;
+ localDigest.len = dsa_subprime_len;
+
+ /* Initialize MPI integers. */
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&y) = 0;
+ MP_DIGITS(&r_) = 0;
+ MP_DIGITS(&s_) = 0;
+ MP_DIGITS(&u1) = 0;
+ MP_DIGITS(&u2) = 0;
+ MP_DIGITS(&v) = 0;
+ MP_DIGITS(&w) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&g));
+ CHECK_MPI_OK(mp_init(&y));
+ CHECK_MPI_OK(mp_init(&r_));
+ CHECK_MPI_OK(mp_init(&s_));
+ CHECK_MPI_OK(mp_init(&u1));
+ CHECK_MPI_OK(mp_init(&u2));
+ CHECK_MPI_OK(mp_init(&v));
+ CHECK_MPI_OK(mp_init(&w));
+ /*
+ ** Convert stored PQG and public key into MPI integers.
+ */
+ SECITEM_TO_MPINT(key->params.prime, &p);
+ SECITEM_TO_MPINT(key->params.subPrime, &q);
+ SECITEM_TO_MPINT(key->params.base, &g);
+ SECITEM_TO_MPINT(key->publicValue, &y);
+ /*
+ ** Convert received signature (r', s') into MPI integers.
+ */
+ OCTETS_TO_MPINT(signature->data, &r_, dsa_subprime_len);
+ OCTETS_TO_MPINT(signature->data + dsa_subprime_len, &s_, dsa_subprime_len);
+ /*
+ ** Verify that 0 < r' < q and 0 < s' < q
+ */
+ if (mp_cmp_z(&r_) <= 0 || mp_cmp_z(&s_) <= 0 ||
+ mp_cmp(&r_, &q) >= 0 || mp_cmp(&s_, &q) >= 0) {
+ /* err is zero here. */
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ goto cleanup; /* will return verified == SECFailure */
+ }
+ /*
+ ** FIPS 186-1, Section 6, Step 1
+ **
+ ** w = (s')**-1 mod q
+ */
+ CHECK_MPI_OK(mp_invmod(&s_, &q, &w)); /* w = (s')**-1 mod q */
+ /*
+ ** FIPS 186-1, Section 6, Step 2
+ **
+ ** u1 = ((Hash(M')) * w) mod q
+ */
+ SECITEM_TO_MPINT(localDigest, &u1); /* u1 = HASH(M') */
+ CHECK_MPI_OK(mp_mulmod(&u1, &w, &q, &u1)); /* u1 = u1 * w mod q */
+ /*
+ ** FIPS 186-1, Section 6, Step 3
+ **
+ ** u2 = ((r') * w) mod q
+ */
+ CHECK_MPI_OK(mp_mulmod(&r_, &w, &q, &u2));
+ /*
+ ** FIPS 186-1, Section 6, Step 4
+ **
+ ** v = ((g**u1 * y**u2) mod p) mod q
+ */
+ CHECK_MPI_OK(mp_exptmod(&g, &u1, &p, &g)); /* g = g**u1 mod p */
+ CHECK_MPI_OK(mp_exptmod(&y, &u2, &p, &y)); /* y = y**u2 mod p */
+ CHECK_MPI_OK(mp_mulmod(&g, &y, &p, &v)); /* v = g * y mod p */
+ CHECK_MPI_OK(mp_mod(&v, &q, &v)); /* v = v mod q */
+ /*
+ ** Verification: v == r'
+ */
+ if (mp_cmp(&v, &r_)) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ verified = SECFailure; /* Signature failed to verify. */
+ } else {
+ verified = SECSuccess; /* Signature verified. */
+ }
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&g);
+ mp_clear(&y);
+ mp_clear(&r_);
+ mp_clear(&s_);
+ mp_clear(&u1);
+ mp_clear(&u2);
+ mp_clear(&v);
+ mp_clear(&w);
+ if (err) {
+ translate_mpi_error(err);
+ }
+ return verified;
+}
diff --git a/security/nss/lib/freebl/ec.c b/security/nss/lib/freebl/ec.c
new file mode 100644
index 000000000..12bfeed41
--- /dev/null
+++ b/security/nss/lib/freebl/ec.c
@@ -0,0 +1,1159 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "prerr.h"
+#include "secerr.h"
+#include "secmpi.h"
+#include "secitem.h"
+#include "mplogic.h"
+#include "ec.h"
+#include "ecl.h"
+
+#ifndef NSS_DISABLE_ECC
+
+static const ECMethod kMethods[] = {
+ { ECCurve25519,
+ ec_Curve25519_pt_mul,
+ ec_Curve25519_pt_validate }
+};
+
+static const ECMethod *
+ec_get_method_from_name(ECCurveName name)
+{
+ int i;
+ for (i = 0; i < sizeof(kMethods) / sizeof(kMethods[0]); ++i) {
+ if (kMethods[i].name == name) {
+ return &kMethods[i];
+ }
+ }
+ return NULL;
+}
+
+/*
+ * Returns true if pointP is the point at infinity, false otherwise
+ */
+PRBool
+ec_point_at_infinity(SECItem *pointP)
+{
+ unsigned int i;
+
+ for (i = 1; i < pointP->len; i++) {
+ if (pointP->data[i] != 0x00)
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+/*
+ * Computes scalar point multiplication pointQ = k1 * G + k2 * pointP for
+ * the curve whose parameters are encoded in params with base point G.
+ */
+SECStatus
+ec_points_mul(const ECParams *params, const mp_int *k1, const mp_int *k2,
+ const SECItem *pointP, SECItem *pointQ)
+{
+ mp_int Px, Py, Qx, Qy;
+ mp_int Gx, Gy, order, irreducible, a, b;
+ ECGroup *group = NULL;
+ SECStatus rv = SECFailure;
+ mp_err err = MP_OKAY;
+ int len;
+
+#if EC_DEBUG
+ int i;
+ char mpstr[256];
+
+ printf("ec_points_mul: params [len=%d]:", params->DEREncoding.len);
+ for (i = 0; i < params->DEREncoding.len; i++)
+ printf("%02x:", params->DEREncoding.data[i]);
+ printf("\n");
+
+ if (k1 != NULL) {
+ mp_tohex((mp_int *)k1, mpstr);
+ printf("ec_points_mul: scalar k1: %s\n", mpstr);
+ mp_todecimal((mp_int *)k1, mpstr);
+ printf("ec_points_mul: scalar k1: %s (dec)\n", mpstr);
+ }
+
+ if (k2 != NULL) {
+ mp_tohex((mp_int *)k2, mpstr);
+ printf("ec_points_mul: scalar k2: %s\n", mpstr);
+ mp_todecimal((mp_int *)k2, mpstr);
+ printf("ec_points_mul: scalar k2: %s (dec)\n", mpstr);
+ }
+
+ if (pointP != NULL) {
+ printf("ec_points_mul: pointP [len=%d]:", pointP->len);
+ for (i = 0; i < pointP->len; i++)
+ printf("%02x:", pointP->data[i]);
+ printf("\n");
+ }
+#endif
+
+ /* NOTE: We only support uncompressed points for now */
+ len = (params->fieldID.size + 7) >> 3;
+ if (pointP != NULL) {
+ if ((pointP->data[0] != EC_POINT_FORM_UNCOMPRESSED) ||
+ (pointP->len != (2 * len + 1))) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM);
+ return SECFailure;
+ };
+ }
+
+ MP_DIGITS(&Px) = 0;
+ MP_DIGITS(&Py) = 0;
+ MP_DIGITS(&Qx) = 0;
+ MP_DIGITS(&Qy) = 0;
+ MP_DIGITS(&Gx) = 0;
+ MP_DIGITS(&Gy) = 0;
+ MP_DIGITS(&order) = 0;
+ MP_DIGITS(&irreducible) = 0;
+ MP_DIGITS(&a) = 0;
+ MP_DIGITS(&b) = 0;
+ CHECK_MPI_OK(mp_init(&Px));
+ CHECK_MPI_OK(mp_init(&Py));
+ CHECK_MPI_OK(mp_init(&Qx));
+ CHECK_MPI_OK(mp_init(&Qy));
+ CHECK_MPI_OK(mp_init(&Gx));
+ CHECK_MPI_OK(mp_init(&Gy));
+ CHECK_MPI_OK(mp_init(&order));
+ CHECK_MPI_OK(mp_init(&irreducible));
+ CHECK_MPI_OK(mp_init(&a));
+ CHECK_MPI_OK(mp_init(&b));
+
+ if ((k2 != NULL) && (pointP != NULL)) {
+ /* Initialize Px and Py */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&Px, pointP->data + 1, (mp_size)len));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&Py, pointP->data + 1 + len, (mp_size)len));
+ }
+
+ /* construct from named params, if possible */
+ if (params->name != ECCurve_noName) {
+ group = ECGroup_fromName(params->name);
+ }
+
+ if (group == NULL)
+ goto cleanup;
+
+ if ((k2 != NULL) && (pointP != NULL)) {
+ CHECK_MPI_OK(ECPoints_mul(group, k1, k2, &Px, &Py, &Qx, &Qy));
+ } else {
+ CHECK_MPI_OK(ECPoints_mul(group, k1, NULL, NULL, NULL, &Qx, &Qy));
+ }
+
+ /* Construct the SECItem representation of point Q */
+ pointQ->data[0] = EC_POINT_FORM_UNCOMPRESSED;
+ CHECK_MPI_OK(mp_to_fixlen_octets(&Qx, pointQ->data + 1,
+ (mp_size)len));
+ CHECK_MPI_OK(mp_to_fixlen_octets(&Qy, pointQ->data + 1 + len,
+ (mp_size)len));
+
+ rv = SECSuccess;
+
+#if EC_DEBUG
+ printf("ec_points_mul: pointQ [len=%d]:", pointQ->len);
+ for (i = 0; i < pointQ->len; i++)
+ printf("%02x:", pointQ->data[i]);
+ printf("\n");
+#endif
+
+cleanup:
+ ECGroup_free(group);
+ mp_clear(&Px);
+ mp_clear(&Py);
+ mp_clear(&Qx);
+ mp_clear(&Qy);
+ mp_clear(&Gx);
+ mp_clear(&Gy);
+ mp_clear(&order);
+ mp_clear(&irreducible);
+ mp_clear(&a);
+ mp_clear(&b);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+
+ return rv;
+}
+#endif /* NSS_DISABLE_ECC */
+
+/* Generates a new EC key pair. The private key is a supplied
+ * value and the public key is the result of performing a scalar
+ * point multiplication of that value with the curve's base point.
+ */
+SECStatus
+ec_NewKey(ECParams *ecParams, ECPrivateKey **privKey,
+ const unsigned char *privKeyBytes, int privKeyLen)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ PLArenaPool *arena;
+ ECPrivateKey *key;
+ mp_int k;
+ mp_err err = MP_OKAY;
+ int len;
+
+#if EC_DEBUG
+ printf("ec_NewKey called\n");
+#endif
+ MP_DIGITS(&k) = 0;
+
+ if (!ecParams || !privKey || !privKeyBytes || (privKeyLen < 0) ||
+ !ecParams->name) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Initialize an arena for the EC key. */
+ if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE)))
+ return SECFailure;
+
+ key = (ECPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(ECPrivateKey));
+ if (!key) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+
+ /* Set the version number (SEC 1 section C.4 says it should be 1) */
+ SECITEM_AllocItem(arena, &key->version, 1);
+ key->version.data[0] = 1;
+
+ /* Copy all of the fields from the ECParams argument to the
+ * ECParams structure within the private key.
+ */
+ key->ecParams.arena = arena;
+ key->ecParams.type = ecParams->type;
+ key->ecParams.fieldID.size = ecParams->fieldID.size;
+ key->ecParams.fieldID.type = ecParams->fieldID.type;
+ if (ecParams->fieldID.type == ec_field_GFp ||
+ ecParams->fieldID.type == ec_field_plain) {
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.prime,
+ &ecParams->fieldID.u.prime));
+ } else {
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.poly,
+ &ecParams->fieldID.u.poly));
+ }
+ key->ecParams.fieldID.k1 = ecParams->fieldID.k1;
+ key->ecParams.fieldID.k2 = ecParams->fieldID.k2;
+ key->ecParams.fieldID.k3 = ecParams->fieldID.k3;
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curve.a,
+ &ecParams->curve.a));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curve.b,
+ &ecParams->curve.b));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curve.seed,
+ &ecParams->curve.seed));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.base,
+ &ecParams->base));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.order,
+ &ecParams->order));
+ key->ecParams.cofactor = ecParams->cofactor;
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.DEREncoding,
+ &ecParams->DEREncoding));
+ key->ecParams.name = ecParams->name;
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curveOID,
+ &ecParams->curveOID));
+
+ SECITEM_AllocItem(arena, &key->publicValue, EC_GetPointSize(ecParams));
+ len = ecParams->order.len;
+ SECITEM_AllocItem(arena, &key->privateValue, len);
+
+ /* Copy private key */
+ if (privKeyLen >= len) {
+ memcpy(key->privateValue.data, privKeyBytes, len);
+ } else {
+ memset(key->privateValue.data, 0, (len - privKeyLen));
+ memcpy(key->privateValue.data + (len - privKeyLen), privKeyBytes, privKeyLen);
+ }
+
+ /* Compute corresponding public key */
+
+ /* Use curve specific code for point multiplication */
+ if (ecParams->fieldID.type == ec_field_plain) {
+ const ECMethod *method = ec_get_method_from_name(ecParams->name);
+ if (method == NULL || method->mul == NULL) {
+ /* unknown curve */
+ rv = SECFailure;
+ goto cleanup;
+ }
+ rv = method->mul(&key->publicValue, &key->privateValue, NULL);
+ goto done;
+ }
+
+ CHECK_MPI_OK(mp_init(&k));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&k, key->privateValue.data,
+ (mp_size)len));
+
+ rv = ec_points_mul(ecParams, &k, NULL, NULL, &(key->publicValue));
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+
+done:
+ *privKey = key;
+
+cleanup:
+ mp_clear(&k);
+ if (rv) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+
+#if EC_DEBUG
+ printf("ec_NewKey returning %s\n",
+ (rv == SECSuccess) ? "success" : "failure");
+#endif
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+
+ return rv;
+}
+
+/* Generates a new EC key pair. The private key is a supplied
+ * random value (in seed) and the public key is the result of
+ * performing a scalar point multiplication of that value with
+ * the curve's base point.
+ */
+SECStatus
+EC_NewKeyFromSeed(ECParams *ecParams, ECPrivateKey **privKey,
+ const unsigned char *seed, int seedlen)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ rv = ec_NewKey(ecParams, privKey, seed, seedlen);
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+ return rv;
+}
+
+#ifndef NSS_DISABLE_ECC
+/* Generate a random private key using the algorithm A.4.1 of ANSI X9.62,
+ * modified a la FIPS 186-2 Change Notice 1 to eliminate the bias in the
+ * random number generator.
+ *
+ * Parameters
+ * - order: a buffer that holds the curve's group order
+ * - len: the length in octets of the order buffer
+ *
+ * Return Value
+ * Returns a buffer of len octets that holds the private key. The caller
+ * is responsible for freeing the buffer with PORT_ZFree.
+ */
+static unsigned char *
+ec_GenerateRandomPrivateKey(const unsigned char *order, int len)
+{
+ SECStatus rv = SECSuccess;
+ mp_err err;
+ unsigned char *privKeyBytes = NULL;
+ mp_int privKeyVal, order_1, one;
+
+ MP_DIGITS(&privKeyVal) = 0;
+ MP_DIGITS(&order_1) = 0;
+ MP_DIGITS(&one) = 0;
+ CHECK_MPI_OK(mp_init(&privKeyVal));
+ CHECK_MPI_OK(mp_init(&order_1));
+ CHECK_MPI_OK(mp_init(&one));
+
+ /* Generates 2*len random bytes using the global random bit generator
+ * (which implements Algorithm 1 of FIPS 186-2 Change Notice 1) then
+ * reduces modulo the group order.
+ */
+ if ((privKeyBytes = PORT_Alloc(2 * len)) == NULL)
+ goto cleanup;
+ CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(privKeyBytes, 2 * len));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&privKeyVal, privKeyBytes, 2 * len));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&order_1, order, len));
+ CHECK_MPI_OK(mp_set_int(&one, 1));
+ CHECK_MPI_OK(mp_sub(&order_1, &one, &order_1));
+ CHECK_MPI_OK(mp_mod(&privKeyVal, &order_1, &privKeyVal));
+ CHECK_MPI_OK(mp_add(&privKeyVal, &one, &privKeyVal));
+ CHECK_MPI_OK(mp_to_fixlen_octets(&privKeyVal, privKeyBytes, len));
+ memset(privKeyBytes + len, 0, len);
+cleanup:
+ mp_clear(&privKeyVal);
+ mp_clear(&order_1);
+ mp_clear(&one);
+ if (err < MP_OKAY) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv != SECSuccess && privKeyBytes) {
+ PORT_ZFree(privKeyBytes, 2 * len);
+ privKeyBytes = NULL;
+ }
+ return privKeyBytes;
+}
+#endif /* NSS_DISABLE_ECC */
+
+/* Generates a new EC key pair. The private key is a random value and
+ * the public key is the result of performing a scalar point multiplication
+ * of that value with the curve's base point.
+ */
+SECStatus
+EC_NewKey(ECParams *ecParams, ECPrivateKey **privKey)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ int len;
+ unsigned char *privKeyBytes = NULL;
+
+ if (!ecParams) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ len = ecParams->order.len;
+ privKeyBytes = ec_GenerateRandomPrivateKey(ecParams->order.data, len);
+ if (privKeyBytes == NULL)
+ goto cleanup;
+ /* generate public key */
+ CHECK_SEC_OK(ec_NewKey(ecParams, privKey, privKeyBytes, len));
+
+cleanup:
+ if (privKeyBytes) {
+ PORT_ZFree(privKeyBytes, len);
+ }
+#if EC_DEBUG
+ printf("EC_NewKey returning %s\n",
+ (rv == SECSuccess) ? "success" : "failure");
+#endif
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+
+ return rv;
+}
+
+/* Validates an EC public key as described in Section 5.2.2 of
+ * X9.62. The ECDH primitive when used without the cofactor does
+ * not address small subgroup attacks, which may occur when the
+ * public key is not valid. These attacks can be prevented by
+ * validating the public key before using ECDH.
+ */
+SECStatus
+EC_ValidatePublicKey(ECParams *ecParams, SECItem *publicValue)
+{
+#ifndef NSS_DISABLE_ECC
+ mp_int Px, Py;
+ ECGroup *group = NULL;
+ SECStatus rv = SECFailure;
+ mp_err err = MP_OKAY;
+ int len;
+
+ if (!ecParams || !publicValue || !ecParams->name) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Uses curve specific code for point validation. */
+ if (ecParams->fieldID.type == ec_field_plain) {
+ const ECMethod *method = ec_get_method_from_name(ecParams->name);
+ if (method == NULL || method->validate == NULL) {
+ /* unknown curve */
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return method->validate(publicValue);
+ }
+
+ /* NOTE: We only support uncompressed points for now */
+ len = (ecParams->fieldID.size + 7) >> 3;
+ if (publicValue->data[0] != EC_POINT_FORM_UNCOMPRESSED) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM);
+ return SECFailure;
+ } else if (publicValue->len != (2 * len + 1)) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&Px) = 0;
+ MP_DIGITS(&Py) = 0;
+ CHECK_MPI_OK(mp_init(&Px));
+ CHECK_MPI_OK(mp_init(&Py));
+
+ /* Initialize Px and Py */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&Px, publicValue->data + 1, (mp_size)len));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&Py, publicValue->data + 1 + len, (mp_size)len));
+
+ /* construct from named params */
+ group = ECGroup_fromName(ecParams->name);
+ if (group == NULL) {
+ /*
+ * ECGroup_fromName fails if ecParams->name is not a valid
+ * ECCurveName value, or if we run out of memory, or perhaps
+ * for other reasons. Unfortunately if ecParams->name is a
+ * valid ECCurveName value, we don't know what the right error
+ * code should be because ECGroup_fromName doesn't return an
+ * error code to the caller. Set err to MP_UNDEF because
+ * that's what ECGroup_fromName uses internally.
+ */
+ if ((ecParams->name <= ECCurve_noName) ||
+ (ecParams->name >= ECCurve_pastLastCurve)) {
+ err = MP_BADARG;
+ } else {
+ err = MP_UNDEF;
+ }
+ goto cleanup;
+ }
+
+ /* validate public point */
+ if ((err = ECPoint_validate(group, &Px, &Py)) < MP_YES) {
+ if (err == MP_NO) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ rv = SECFailure;
+ err = MP_OKAY; /* don't change the error code */
+ }
+ goto cleanup;
+ }
+
+ rv = SECSuccess;
+
+cleanup:
+ ECGroup_free(group);
+ mp_clear(&Px);
+ mp_clear(&Py);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+ return SECFailure;
+#endif /* NSS_DISABLE_ECC */
+}
+
+/*
+** Performs an ECDH key derivation by computing the scalar point
+** multiplication of privateValue and publicValue (with or without the
+** cofactor) and returns the x-coordinate of the resulting elliptic
+** curve point in derived secret. If successful, derivedSecret->data
+** is set to the address of the newly allocated buffer containing the
+** derived secret, and derivedSecret->len is the size of the secret
+** produced. It is the caller's responsibility to free the allocated
+** buffer containing the derived secret.
+*/
+SECStatus
+ECDH_Derive(SECItem *publicValue,
+ ECParams *ecParams,
+ SECItem *privateValue,
+ PRBool withCofactor,
+ SECItem *derivedSecret)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ unsigned int len = 0;
+ SECItem pointQ = { siBuffer, NULL, 0 };
+ mp_int k; /* to hold the private value */
+ mp_int cofactor;
+ mp_err err = MP_OKAY;
+#if EC_DEBUG
+ int i;
+#endif
+
+ if (!publicValue || !ecParams || !privateValue || !derivedSecret ||
+ !ecParams->name) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Perform curve specific multiplication using ECMethod */
+ if (ecParams->fieldID.type == ec_field_plain) {
+ const ECMethod *method;
+ memset(derivedSecret, 0, sizeof(*derivedSecret));
+ derivedSecret = SECITEM_AllocItem(NULL, derivedSecret, EC_GetPointSize(ecParams));
+ if (derivedSecret == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ method = ec_get_method_from_name(ecParams->name);
+ if (method == NULL || method->validate == NULL ||
+ method->mul == NULL) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return SECFailure;
+ }
+ if (method->validate(publicValue) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+ return method->mul(derivedSecret, privateValue, publicValue);
+ }
+
+ /*
+ * We fail if the public value is the point at infinity, since
+ * this produces predictable results.
+ */
+ if (ec_point_at_infinity(publicValue)) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&k) = 0;
+ memset(derivedSecret, 0, sizeof *derivedSecret);
+ len = (ecParams->fieldID.size + 7) >> 3;
+ pointQ.len = EC_GetPointSize(ecParams);
+ if ((pointQ.data = PORT_Alloc(pointQ.len)) == NULL)
+ goto cleanup;
+
+ CHECK_MPI_OK(mp_init(&k));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&k, privateValue->data,
+ (mp_size)privateValue->len));
+
+ if (withCofactor && (ecParams->cofactor != 1)) {
+ /* multiply k with the cofactor */
+ MP_DIGITS(&cofactor) = 0;
+ CHECK_MPI_OK(mp_init(&cofactor));
+ mp_set(&cofactor, ecParams->cofactor);
+ CHECK_MPI_OK(mp_mul(&k, &cofactor, &k));
+ }
+
+ /* Multiply our private key and peer's public point */
+ if (ec_points_mul(ecParams, NULL, &k, publicValue, &pointQ) != SECSuccess) {
+ goto cleanup;
+ }
+ if (ec_point_at_infinity(&pointQ)) {
+ PORT_SetError(SEC_ERROR_BAD_KEY); /* XXX better error code? */
+ goto cleanup;
+ }
+
+ /* Allocate memory for the derived secret and copy
+ * the x co-ordinate of pointQ into it.
+ */
+ SECITEM_AllocItem(NULL, derivedSecret, len);
+ memcpy(derivedSecret->data, pointQ.data + 1, len);
+
+ rv = SECSuccess;
+
+#if EC_DEBUG
+ printf("derived_secret:\n");
+ for (i = 0; i < derivedSecret->len; i++)
+ printf("%02x:", derivedSecret->data[i]);
+ printf("\n");
+#endif
+
+cleanup:
+ mp_clear(&k);
+
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ }
+
+ if (pointQ.data) {
+ PORT_ZFree(pointQ.data, pointQ.len);
+ }
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+
+ return rv;
+}
+
+/* Computes the ECDSA signature (a concatenation of two values r and s)
+ * on the digest using the given key and the random value kb (used in
+ * computing s).
+ */
+SECStatus
+ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature,
+ const SECItem *digest, const unsigned char *kb, const int kblen)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ mp_int x1;
+ mp_int d, k; /* private key, random integer */
+ mp_int r, s; /* tuple (r, s) is the signature */
+ mp_int t; /* holding tmp values */
+ mp_int n;
+ mp_err err = MP_OKAY;
+ ECParams *ecParams = NULL;
+ SECItem kGpoint = { siBuffer, NULL, 0 };
+ int flen = 0; /* length in bytes of the field size */
+ unsigned olen; /* length in bytes of the base point order */
+ unsigned obits; /* length in bits of the base point order */
+ unsigned char *t2 = NULL;
+
+#if EC_DEBUG
+ char mpstr[256];
+#endif
+
+ /* Initialize MPI integers. */
+ /* must happen before the first potential call to cleanup */
+ MP_DIGITS(&x1) = 0;
+ MP_DIGITS(&d) = 0;
+ MP_DIGITS(&k) = 0;
+ MP_DIGITS(&r) = 0;
+ MP_DIGITS(&s) = 0;
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&t) = 0;
+
+ /* Check args */
+ if (!key || !signature || !digest || !kb || (kblen < 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+
+ ecParams = &(key->ecParams);
+ flen = (ecParams->fieldID.size + 7) >> 3;
+ olen = ecParams->order.len;
+ if (signature->data == NULL) {
+ /* a call to get the signature length only */
+ goto finish;
+ }
+ if (signature->len < 2 * olen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ goto cleanup;
+ }
+
+ CHECK_MPI_OK(mp_init(&x1));
+ CHECK_MPI_OK(mp_init(&d));
+ CHECK_MPI_OK(mp_init(&k));
+ CHECK_MPI_OK(mp_init(&r));
+ CHECK_MPI_OK(mp_init(&s));
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&t));
+
+ SECITEM_TO_MPINT(ecParams->order, &n);
+ SECITEM_TO_MPINT(key->privateValue, &d);
+
+ CHECK_MPI_OK(mp_read_unsigned_octets(&k, kb, kblen));
+ /* Make sure k is in the interval [1, n-1] */
+ if ((mp_cmp_z(&k) <= 0) || (mp_cmp(&k, &n) >= 0)) {
+#if EC_DEBUG
+ printf("k is outside [1, n-1]\n");
+ mp_tohex(&k, mpstr);
+ printf("k : %s \n", mpstr);
+ mp_tohex(&n, mpstr);
+ printf("n : %s \n", mpstr);
+#endif
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ /*
+ ** We do not want timing information to leak the length of k,
+ ** so we compute k*G using an equivalent scalar of fixed
+ ** bit-length.
+ ** Fix based on patch for ECDSA timing attack in the paper
+ ** by Billy Bob Brumley and Nicola Tuveri at
+ ** http://eprint.iacr.org/2011/232
+ **
+ ** How do we convert k to a value of a fixed bit-length?
+ ** k starts off as an integer satisfying 0 <= k < n. Hence,
+ ** n <= k+n < 2n, which means k+n has either the same number
+ ** of bits as n or one more bit than n. If k+n has the same
+ ** number of bits as n, the second addition ensures that the
+ ** final value has exactly one more bit than n. Thus, we
+ ** always end up with a value that exactly one more bit than n.
+ */
+ CHECK_MPI_OK(mp_add(&k, &n, &k));
+ if (mpl_significant_bits(&k) <= mpl_significant_bits(&n)) {
+ CHECK_MPI_OK(mp_add(&k, &n, &k));
+ }
+
+ /*
+ ** ANSI X9.62, Section 5.3.2, Step 2
+ **
+ ** Compute kG
+ */
+ kGpoint.len = EC_GetPointSize(ecParams);
+ kGpoint.data = PORT_Alloc(kGpoint.len);
+ if ((kGpoint.data == NULL) ||
+ (ec_points_mul(ecParams, &k, NULL, NULL, &kGpoint) != SECSuccess))
+ goto cleanup;
+
+ /*
+ ** ANSI X9.62, Section 5.3.3, Step 1
+ **
+ ** Extract the x co-ordinate of kG into x1
+ */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&x1, kGpoint.data + 1,
+ (mp_size)flen));
+
+ /*
+ ** ANSI X9.62, Section 5.3.3, Step 2
+ **
+ ** r = x1 mod n NOTE: n is the order of the curve
+ */
+ CHECK_MPI_OK(mp_mod(&x1, &n, &r));
+
+ /*
+ ** ANSI X9.62, Section 5.3.3, Step 3
+ **
+ ** verify r != 0
+ */
+ if (mp_cmp_z(&r) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ /*
+ ** ANSI X9.62, Section 5.3.3, Step 4
+ **
+ ** s = (k**-1 * (HASH(M) + d*r)) mod n
+ */
+ SECITEM_TO_MPINT(*digest, &s); /* s = HASH(M) */
+
+ /* In the definition of EC signing, digests are truncated
+ * to the length of n in bits.
+ * (see SEC 1 "Elliptic Curve Digit Signature Algorithm" section 4.1.*/
+ CHECK_MPI_OK((obits = mpl_significant_bits(&n)));
+ if (digest->len * 8 > obits) {
+ mpl_rsh(&s, &s, digest->len * 8 - obits);
+ }
+
+#if EC_DEBUG
+ mp_todecimal(&n, mpstr);
+ printf("n : %s (dec)\n", mpstr);
+ mp_todecimal(&d, mpstr);
+ printf("d : %s (dec)\n", mpstr);
+ mp_tohex(&x1, mpstr);
+ printf("x1: %s\n", mpstr);
+ mp_todecimal(&s, mpstr);
+ printf("digest: %s (decimal)\n", mpstr);
+ mp_todecimal(&r, mpstr);
+ printf("r : %s (dec)\n", mpstr);
+ mp_tohex(&r, mpstr);
+ printf("r : %s\n", mpstr);
+#endif
+
+ if ((t2 = PORT_Alloc(2 * ecParams->order.len)) == NULL) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+ if (RNG_GenerateGlobalRandomBytes(t2, 2 * ecParams->order.len) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ CHECK_MPI_OK(mp_read_unsigned_octets(&t, t2, 2 * ecParams->order.len)); /* t <-$ Zn */
+ CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */
+ CHECK_MPI_OK(mp_invmod(&k, &n, &k)); /* k = k**-1 mod n */
+ CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */
+ CHECK_MPI_OK(mp_mulmod(&d, &r, &n, &d)); /* d = d * r mod n */
+ CHECK_MPI_OK(mp_addmod(&s, &d, &n, &s)); /* s = s + d mod n */
+ CHECK_MPI_OK(mp_mulmod(&s, &k, &n, &s)); /* s = s * k mod n */
+
+#if EC_DEBUG
+ mp_todecimal(&s, mpstr);
+ printf("s : %s (dec)\n", mpstr);
+ mp_tohex(&s, mpstr);
+ printf("s : %s\n", mpstr);
+#endif
+
+ /*
+ ** ANSI X9.62, Section 5.3.3, Step 5
+ **
+ ** verify s != 0
+ */
+ if (mp_cmp_z(&s) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ /*
+ **
+ ** Signature is tuple (r, s)
+ */
+ CHECK_MPI_OK(mp_to_fixlen_octets(&r, signature->data, olen));
+ CHECK_MPI_OK(mp_to_fixlen_octets(&s, signature->data + olen, olen));
+finish:
+ signature->len = 2 * olen;
+
+ rv = SECSuccess;
+ err = MP_OKAY;
+cleanup:
+ mp_clear(&x1);
+ mp_clear(&d);
+ mp_clear(&k);
+ mp_clear(&r);
+ mp_clear(&s);
+ mp_clear(&n);
+ mp_clear(&t);
+
+ if (t2) {
+ PORT_Free(t2);
+ }
+
+ if (kGpoint.data) {
+ PORT_ZFree(kGpoint.data, kGpoint.len);
+ }
+
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+
+#if EC_DEBUG
+ printf("ECDSA signing with seed %s\n",
+ (rv == SECSuccess) ? "succeeded" : "failed");
+#endif
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+
+ return rv;
+}
+
+/*
+** Computes the ECDSA signature on the digest using the given key
+** and a random seed.
+*/
+SECStatus
+ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature, const SECItem *digest)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ int len;
+ unsigned char *kBytes = NULL;
+
+ if (!key) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Generate random value k */
+ len = key->ecParams.order.len;
+ kBytes = ec_GenerateRandomPrivateKey(key->ecParams.order.data, len);
+ if (kBytes == NULL)
+ goto cleanup;
+
+ /* Generate ECDSA signature with the specified k value */
+ rv = ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len);
+
+cleanup:
+ if (kBytes) {
+ PORT_ZFree(kBytes, len);
+ }
+
+#if EC_DEBUG
+ printf("ECDSA signing %s\n",
+ (rv == SECSuccess) ? "succeeded" : "failed");
+#endif
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+
+ return rv;
+}
+
+/*
+** Checks the signature on the given digest using the key provided.
+**
+** The key argument must represent a valid EC public key (a point on
+** the relevant curve). If it is not a valid point, then the behavior
+** of this function is undefined. In cases where a public key might
+** not be valid, use EC_ValidatePublicKey to check.
+*/
+SECStatus
+ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature,
+ const SECItem *digest)
+{
+ SECStatus rv = SECFailure;
+#ifndef NSS_DISABLE_ECC
+ mp_int r_, s_; /* tuple (r', s') is received signature) */
+ mp_int c, u1, u2, v; /* intermediate values used in verification */
+ mp_int x1;
+ mp_int n;
+ mp_err err = MP_OKAY;
+ ECParams *ecParams = NULL;
+ SECItem pointC = { siBuffer, NULL, 0 };
+ int slen; /* length in bytes of a half signature (r or s) */
+ int flen; /* length in bytes of the field size */
+ unsigned olen; /* length in bytes of the base point order */
+ unsigned obits; /* length in bits of the base point order */
+
+#if EC_DEBUG
+ char mpstr[256];
+ printf("ECDSA verification called\n");
+#endif
+
+ /* Initialize MPI integers. */
+ /* must happen before the first potential call to cleanup */
+ MP_DIGITS(&r_) = 0;
+ MP_DIGITS(&s_) = 0;
+ MP_DIGITS(&c) = 0;
+ MP_DIGITS(&u1) = 0;
+ MP_DIGITS(&u2) = 0;
+ MP_DIGITS(&x1) = 0;
+ MP_DIGITS(&v) = 0;
+ MP_DIGITS(&n) = 0;
+
+ /* Check args */
+ if (!key || !signature || !digest) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+
+ ecParams = &(key->ecParams);
+ flen = (ecParams->fieldID.size + 7) >> 3;
+ olen = ecParams->order.len;
+ if (signature->len == 0 || signature->len % 2 != 0 ||
+ signature->len > 2 * olen) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto cleanup;
+ }
+ slen = signature->len / 2;
+
+ SECITEM_AllocItem(NULL, &pointC, EC_GetPointSize(ecParams));
+ if (pointC.data == NULL)
+ goto cleanup;
+
+ CHECK_MPI_OK(mp_init(&r_));
+ CHECK_MPI_OK(mp_init(&s_));
+ CHECK_MPI_OK(mp_init(&c));
+ CHECK_MPI_OK(mp_init(&u1));
+ CHECK_MPI_OK(mp_init(&u2));
+ CHECK_MPI_OK(mp_init(&x1));
+ CHECK_MPI_OK(mp_init(&v));
+ CHECK_MPI_OK(mp_init(&n));
+
+ /*
+ ** Convert received signature (r', s') into MPI integers.
+ */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&r_, signature->data, slen));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&s_, signature->data + slen, slen));
+
+ /*
+ ** ANSI X9.62, Section 5.4.2, Steps 1 and 2
+ **
+ ** Verify that 0 < r' < n and 0 < s' < n
+ */
+ SECITEM_TO_MPINT(ecParams->order, &n);
+ if (mp_cmp_z(&r_) <= 0 || mp_cmp_z(&s_) <= 0 ||
+ mp_cmp(&r_, &n) >= 0 || mp_cmp(&s_, &n) >= 0) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ goto cleanup; /* will return rv == SECFailure */
+ }
+
+ /*
+ ** ANSI X9.62, Section 5.4.2, Step 3
+ **
+ ** c = (s')**-1 mod n
+ */
+ CHECK_MPI_OK(mp_invmod(&s_, &n, &c)); /* c = (s')**-1 mod n */
+
+ /*
+ ** ANSI X9.62, Section 5.4.2, Step 4
+ **
+ ** u1 = ((HASH(M')) * c) mod n
+ */
+ SECITEM_TO_MPINT(*digest, &u1); /* u1 = HASH(M) */
+
+ /* In the definition of EC signing, digests are truncated
+ * to the length of n in bits.
+ * (see SEC 1 "Elliptic Curve Digit Signature Algorithm" section 4.1.*/
+ CHECK_MPI_OK((obits = mpl_significant_bits(&n)));
+ if (digest->len * 8 > obits) { /* u1 = HASH(M') */
+ mpl_rsh(&u1, &u1, digest->len * 8 - obits);
+ }
+
+#if EC_DEBUG
+ mp_todecimal(&r_, mpstr);
+ printf("r_: %s (dec)\n", mpstr);
+ mp_todecimal(&s_, mpstr);
+ printf("s_: %s (dec)\n", mpstr);
+ mp_todecimal(&c, mpstr);
+ printf("c : %s (dec)\n", mpstr);
+ mp_todecimal(&u1, mpstr);
+ printf("digest: %s (dec)\n", mpstr);
+#endif
+
+ CHECK_MPI_OK(mp_mulmod(&u1, &c, &n, &u1)); /* u1 = u1 * c mod n */
+
+ /*
+ ** ANSI X9.62, Section 5.4.2, Step 4
+ **
+ ** u2 = ((r') * c) mod n
+ */
+ CHECK_MPI_OK(mp_mulmod(&r_, &c, &n, &u2));
+
+ /*
+ ** ANSI X9.62, Section 5.4.3, Step 1
+ **
+ ** Compute u1*G + u2*Q
+ ** Here, A = u1.G B = u2.Q and C = A + B
+ ** If the result, C, is the point at infinity, reject the signature
+ */
+ if (ec_points_mul(ecParams, &u1, &u2, &key->publicValue, &pointC) != SECSuccess) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+ if (ec_point_at_infinity(&pointC)) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ goto cleanup;
+ }
+
+ CHECK_MPI_OK(mp_read_unsigned_octets(&x1, pointC.data + 1, flen));
+
+ /*
+ ** ANSI X9.62, Section 5.4.4, Step 2
+ **
+ ** v = x1 mod n
+ */
+ CHECK_MPI_OK(mp_mod(&x1, &n, &v));
+
+#if EC_DEBUG
+ mp_todecimal(&r_, mpstr);
+ printf("r_: %s (dec)\n", mpstr);
+ mp_todecimal(&v, mpstr);
+ printf("v : %s (dec)\n", mpstr);
+#endif
+
+ /*
+ ** ANSI X9.62, Section 5.4.4, Step 3
+ **
+ ** Verification: v == r'
+ */
+ if (mp_cmp(&v, &r_)) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure; /* Signature failed to verify. */
+ } else {
+ rv = SECSuccess; /* Signature verified. */
+ }
+
+#if EC_DEBUG
+ mp_todecimal(&u1, mpstr);
+ printf("u1: %s (dec)\n", mpstr);
+ mp_todecimal(&u2, mpstr);
+ printf("u2: %s (dec)\n", mpstr);
+ mp_tohex(&x1, mpstr);
+ printf("x1: %s\n", mpstr);
+ mp_todecimal(&v, mpstr);
+ printf("v : %s (dec)\n", mpstr);
+#endif
+
+cleanup:
+ mp_clear(&r_);
+ mp_clear(&s_);
+ mp_clear(&c);
+ mp_clear(&u1);
+ mp_clear(&u2);
+ mp_clear(&x1);
+ mp_clear(&v);
+ mp_clear(&n);
+
+ if (pointC.data)
+ SECITEM_ZfreeItem(&pointC, PR_FALSE);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+
+#if EC_DEBUG
+ printf("ECDSA verification %s\n",
+ (rv == SECSuccess) ? "succeeded" : "failed");
+#endif
+#else
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+#endif /* NSS_DISABLE_ECC */
+
+ return rv;
+}
diff --git a/security/nss/lib/freebl/ec.h b/security/nss/lib/freebl/ec.h
new file mode 100644
index 000000000..bb65e82cd
--- /dev/null
+++ b/security/nss/lib/freebl/ec.h
@@ -0,0 +1,21 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ec_h_
+#define __ec_h_
+
+#define EC_DEBUG 0
+
+#define ANSI_X962_CURVE_OID_TOTAL_LEN 10
+#define SECG_CURVE_OID_TOTAL_LEN 7
+#define PKIX_NEWCURVES_OID_TOTAL_LEN 11
+
+struct ECMethodStr {
+ ECCurveName name;
+ SECStatus (*mul)(SECItem *result, SECItem *scalar, SECItem *point);
+ SECStatus (*validate)(const SECItem *point);
+};
+typedef struct ECMethodStr ECMethod;
+
+#endif /* __ec_h_ */
diff --git a/security/nss/lib/freebl/ecdecode.c b/security/nss/lib/freebl/ecdecode.c
new file mode 100644
index 000000000..e1f1eb8a5
--- /dev/null
+++ b/security/nss/lib/freebl/ecdecode.c
@@ -0,0 +1,311 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSS_DISABLE_ECC
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "secerr.h"
+#include "ec.h"
+#include "ecl-curve.h"
+
+#define CHECK_OK(func) \
+ if (func == NULL) \
+ goto cleanup
+#define CHECK_SEC_OK(func) \
+ if (SECSuccess != (rv = func)) \
+ goto cleanup
+
+/*
+ * Initializes a SECItem from a hexadecimal string
+ *
+ * Warning: This function ignores leading 00's, so any leading 00's
+ * in the hexadecimal string must be optional.
+ */
+static SECItem *
+hexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str)
+{
+ int i = 0;
+ int byteval = 0;
+ int tmp = PORT_Strlen(str);
+
+ PORT_Assert(arena);
+ PORT_Assert(item);
+
+ if ((tmp % 2) != 0)
+ return NULL;
+
+ /* skip leading 00's unless the hex string is "00" */
+ while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) {
+ str += 2;
+ tmp -= 2;
+ }
+
+ item->data = (unsigned char *)PORT_ArenaAlloc(arena, tmp / 2);
+ if (item->data == NULL)
+ return NULL;
+ item->len = tmp / 2;
+
+ while (str[i]) {
+ if ((str[i] >= '0') && (str[i] <= '9'))
+ tmp = str[i] - '0';
+ else if ((str[i] >= 'a') && (str[i] <= 'f'))
+ tmp = str[i] - 'a' + 10;
+ else if ((str[i] >= 'A') && (str[i] <= 'F'))
+ tmp = str[i] - 'A' + 10;
+ else
+ return NULL;
+
+ byteval = byteval * 16 + tmp;
+ if ((i % 2) != 0) {
+ item->data[i / 2] = byteval;
+ byteval = 0;
+ }
+ i++;
+ }
+
+ return item;
+}
+
+/* Copy all of the fields from srcParams into dstParams
+ */
+SECStatus
+EC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
+ const ECParams *srcParams)
+{
+ SECStatus rv = SECFailure;
+
+ dstParams->arena = arena;
+ dstParams->type = srcParams->type;
+ dstParams->fieldID.size = srcParams->fieldID.size;
+ dstParams->fieldID.type = srcParams->fieldID.type;
+ if (srcParams->fieldID.type == ec_field_GFp ||
+ srcParams->fieldID.type == ec_field_plain) {
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.prime,
+ &srcParams->fieldID.u.prime));
+ } else {
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.poly,
+ &srcParams->fieldID.u.poly));
+ }
+ dstParams->fieldID.k1 = srcParams->fieldID.k1;
+ dstParams->fieldID.k2 = srcParams->fieldID.k2;
+ dstParams->fieldID.k3 = srcParams->fieldID.k3;
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.a,
+ &srcParams->curve.a));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.b,
+ &srcParams->curve.b));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.seed,
+ &srcParams->curve.seed));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->base,
+ &srcParams->base));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->order,
+ &srcParams->order));
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->DEREncoding,
+ &srcParams->DEREncoding));
+ dstParams->name = srcParams->name;
+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curveOID,
+ &srcParams->curveOID));
+ dstParams->cofactor = srcParams->cofactor;
+
+ return SECSuccess;
+
+cleanup:
+ return SECFailure;
+}
+
+static SECStatus
+gf_populate_params(ECCurveName name, ECFieldType field_type, ECParams *params)
+{
+ SECStatus rv = SECFailure;
+ const ECCurveParams *curveParams;
+ /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */
+ char genenc[3 + 2 * 2 * MAX_ECKEY_LEN];
+
+ if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve))
+ goto cleanup;
+ params->name = name;
+ curveParams = ecCurve_map[params->name];
+ CHECK_OK(curveParams);
+ params->fieldID.size = curveParams->size;
+ params->fieldID.type = field_type;
+ if (field_type == ec_field_GFp ||
+ field_type == ec_field_plain) {
+ CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
+ curveParams->irr));
+ } else {
+ CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
+ curveParams->irr));
+ }
+ CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
+ curveParams->curvea));
+ CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
+ curveParams->curveb));
+ genenc[0] = '0';
+ genenc[1] = '4';
+ genenc[2] = '\0';
+ strcat(genenc, curveParams->genx);
+ strcat(genenc, curveParams->geny);
+ CHECK_OK(hexString2SECItem(params->arena, &params->base, genenc));
+ CHECK_OK(hexString2SECItem(params->arena, &params->order,
+ curveParams->order));
+ params->cofactor = curveParams->cofactor;
+
+ rv = SECSuccess;
+
+cleanup:
+ return rv;
+}
+
+SECStatus
+EC_FillParams(PLArenaPool *arena, const SECItem *encodedParams,
+ ECParams *params)
+{
+ SECStatus rv = SECFailure;
+ SECOidTag tag;
+ SECItem oid = { siBuffer, NULL, 0 };
+
+#if EC_DEBUG
+ int i;
+
+ printf("Encoded params in EC_DecodeParams: ");
+ for (i = 0; i < encodedParams->len; i++) {
+ printf("%02x:", encodedParams->data[i]);
+ }
+ printf("\n");
+#endif
+
+ if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) &&
+ (encodedParams->len != SECG_CURVE_OID_TOTAL_LEN) &&
+ (encodedParams->len != PKIX_NEWCURVES_OID_TOTAL_LEN)) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return SECFailure;
+ };
+
+ oid.len = encodedParams->len - 2;
+ oid.data = encodedParams->data + 2;
+ if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) ||
+ ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return SECFailure;
+ }
+
+ params->arena = arena;
+ params->cofactor = 0;
+ params->type = ec_params_named;
+ params->name = ECCurve_noName;
+
+ /* Fill out curveOID */
+ params->curveOID.len = oid.len;
+ params->curveOID.data = (unsigned char *)PORT_ArenaAlloc(arena, oid.len);
+ if (params->curveOID.data == NULL)
+ goto cleanup;
+ memcpy(params->curveOID.data, oid.data, oid.len);
+
+#if EC_DEBUG
+ printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag));
+#endif
+
+ switch (tag) {
+ case SEC_OID_ANSIX962_EC_PRIME256V1:
+ /* Populate params for prime256v1 aka secp256r1
+ * (the NIST P-256 curve)
+ */
+ CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp,
+ params));
+ break;
+
+ case SEC_OID_SECG_EC_SECP384R1:
+ /* Populate params for secp384r1
+ * (the NIST P-384 curve)
+ */
+ CHECK_SEC_OK(gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp,
+ params));
+ break;
+
+ case SEC_OID_SECG_EC_SECP521R1:
+ /* Populate params for secp521r1
+ * (the NIST P-521 curve)
+ */
+ CHECK_SEC_OK(gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp,
+ params));
+ break;
+
+ case SEC_OID_CURVE25519:
+ /* Populate params for Curve25519 */
+ CHECK_SEC_OK(gf_populate_params(ECCurve25519, ec_field_plain, params));
+ break;
+
+ default:
+ break;
+ };
+
+cleanup:
+ if (!params->cofactor) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+#if EC_DEBUG
+ printf("Unrecognized curve, returning NULL params\n");
+#endif
+ }
+
+ return rv;
+}
+
+SECStatus
+EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams)
+{
+ PLArenaPool *arena;
+ ECParams *params;
+ SECStatus rv = SECFailure;
+
+ /* Initialize an arena for the ECParams structure */
+ if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE)))
+ return SECFailure;
+
+ params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams));
+ if (!params) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+
+ /* Copy the encoded params */
+ SECITEM_AllocItem(arena, &(params->DEREncoding),
+ encodedParams->len);
+ memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len);
+
+ /* Fill out the rest of the ECParams structure based on
+ * the encoded params
+ */
+ rv = EC_FillParams(arena, encodedParams, params);
+ if (rv == SECFailure) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ } else {
+ *ecparams = params;
+ ;
+ return SECSuccess;
+ }
+}
+
+int
+EC_GetPointSize(const ECParams *params)
+{
+ ECCurveName name = params->name;
+ const ECCurveParams *curveParams;
+
+ if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve) ||
+ ((curveParams = ecCurve_map[name]) == NULL)) {
+ /* unknown curve, calculate point size from params. assume standard curves with 2 points
+ * and a point compression indicator byte */
+ int sizeInBytes = (params->fieldID.size + 7) / 8;
+ return sizeInBytes * 2 + 1;
+ }
+ return curveParams->pointSize;
+}
+
+#endif /* NSS_DISABLE_ECC */
diff --git a/security/nss/lib/freebl/ecl/README b/security/nss/lib/freebl/ecl/README
new file mode 100644
index 000000000..04a8b3b01
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/README
@@ -0,0 +1,267 @@
+This Source Code Form is subject to the terms of the Mozilla Public
+License, v. 2.0. If a copy of the MPL was not distributed with this
+file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+The ECL exposes routines for constructing and converting curve
+parameters for internal use.
+
+
+HEADER FILES
+============
+
+ecl-exp.h - Exports data structures and curve names. For use by code
+that does not have access to mp_ints.
+
+ecl-curve.h - Provides hex encodings (in the form of ECCurveParams
+structs) of standardizes elliptic curve domain parameters and mappings
+from ECCurveName to ECCurveParams. For use by code that does not have
+access to mp_ints.
+
+ecl.h - Interface to constructors for curve parameters and group object,
+and point multiplication operations. Used by higher level algorithms
+(like ECDH and ECDSA) to actually perform elliptic curve cryptography.
+
+ecl-priv.h - Data structures and functions for internal use within the
+library.
+
+ecp.h - Internal header file that contains all functions for point
+arithmetic over prime fields.
+
+DATA STRUCTURES AND TYPES
+=========================
+
+ECCurveName (from ecl-exp.h) - Opaque name for standardized elliptic
+curve domain parameters.
+
+ECCurveParams (from ecl-exp.h) - Provides hexadecimal encoding
+of elliptic curve domain parameters. Can be generated by a user
+and passed to ECGroup_fromHex or can be generated from a name by
+EC_GetNamedCurveParams. ecl-curve.h contains ECCurveParams structs for
+the standardized curves defined by ECCurveName.
+
+ECGroup (from ecl.h and ecl-priv.h) - Opaque data structure that
+represents a group of elliptic curve points for a particular set of
+elliptic curve domain parameters. Contains all domain parameters (curve
+a and b, field, base point) as well as pointers to the functions that
+should be used for point arithmetic and the underlying field GFMethod.
+Generated by either ECGroup_fromHex or ECGroup_fromName.
+
+GFMethod (from ecl-priv.h) - Represents a field underlying a set of
+elliptic curve domain parameters. Contains the irreducible that defines
+the field (either the prime or the binary polynomial) as well as
+pointers to the functions that should be used for field arithmetic.
+
+ARITHMETIC FUNCTIONS
+====================
+
+Higher-level algorithms (like ECDH and ECDSA) should call ECPoint_mul
+or ECPoints_mul (from ecl.h) to do point arithmetic. These functions
+will choose which underlying algorithms to use, based on the ECGroup
+structure.
+
+Point Multiplication
+--------------------
+
+ecl_mult.c provides the ECPoints_mul and ECPoint_mul wrappers.
+It also provides two implementations for the pts_mul operation -
+ec_pts_mul_basic (which computes kP, lQ, and then adds kP + lQ) and
+ec_pts_mul_simul_w2 (which does a simultaneous point multiplication
+using a table with window size 2*2).
+
+ec_naf.c provides an implementation of an algorithm to calculate a
+non-adjacent form of a scalar, minimizing the number of point
+additions that need to be done in a point multiplication.
+
+Point Arithmetic over Prime Fields
+----------------------------------
+
+ecp_aff.c provides point arithmetic using affine coordinates.
+
+ecp_jac.c provides point arithmetic using Jacobian projective
+coordinates and mixed Jacobian-affine coordinates. (Jacobian projective
+coordinates represent a point (x, y) as (X, Y, Z), where x=X/Z^2,
+y=Y/Z^3).
+
+ecp_jm.c provides point arithmetic using Modified Jacobian
+coordinates and mixed Modified_Jacobian-affine coordinates.
+(Modified Jacobian coordinates represent a point (x, y)
+as (X, Y, Z, a*Z^4), where x=X/Z^2, y=Y/Z^3, and a is
+the linear coefficient in the curve defining equation).
+
+ecp_192.c and ecp_224.c provide optimized field arithmetic.
+
+Point Arithmetic over Binary Polynomial Fields
+----------------------------------------------
+
+ec2_aff.c provides point arithmetic using affine coordinates.
+
+ec2_proj.c provides point arithmetic using projective coordinates.
+(Projective coordinates represent a point (x, y) as (X, Y, Z), where
+x=X/Z, y=Y/Z^2).
+
+ec2_mont.c provides point multiplication using Montgomery projective
+coordinates.
+
+ec2_163.c, ec2_193.c, and ec2_233.c provide optimized field arithmetic.
+
+Field Arithmetic
+----------------
+
+ecl_gf.c provides constructors for field objects (GFMethod) with the
+functions GFMethod_cons*. It also provides wrappers around the basic
+field operations.
+
+Prime Field Arithmetic
+----------------------
+
+The mpi library provides the basic prime field arithmetic.
+
+ecp_mont.c provides wrappers around the Montgomery multiplication
+functions from the mpi library and adds encoding and decoding functions.
+It also provides the function to construct a GFMethod object using
+Montgomery multiplication.
+
+ecp_192.c and ecp_224.c provide optimized modular reduction for the
+fields defined by nistp192 and nistp224 primes.
+
+ecl_gf.c provides wrappers around the basic field operations.
+
+Binary Polynomial Field Arithmetic
+----------------------------------
+
+../mpi/mp_gf2m.c provides basic binary polynomial field arithmetic,
+including addition, multiplication, squaring, mod, and division, as well
+as conversion ob polynomial representations between bitstring and int[].
+
+ec2_163.c, ec2_193.c, and ec2_233.c provide optimized field mod, mul,
+and sqr operations.
+
+ecl_gf.c provides wrappers around the basic field operations.
+
+Field Encoding
+--------------
+
+By default, field elements are encoded in their basic form. It is
+possible to use an alternative encoding, however. For example, it is
+possible to Montgomery representation of prime field elements and
+take advantage of the fast modular multiplication that Montgomery
+representation provides. The process of converting from basic form to
+Montgomery representation is called field encoding, and the opposite
+process would be field decoding. All internal point operations assume
+that the operands are field encoded as appropriate. By rewiring the
+underlying field arithmetic to perform operations on these encoded
+values, the same overlying point arithmetic operations can be used
+regardless of field representation.
+
+ALGORITHM WIRING
+================
+
+The EC library allows point and field arithmetic algorithms to be
+substituted ("wired-in") on a fine-grained basis. This allows for
+generic algorithms and algorithms that are optimized for a particular
+curve, field, or architecture, to coexist and to be automatically
+selected at runtime.
+
+Wiring Mechanism
+----------------
+
+The ECGroup and GFMethod structure contain pointers to the point and
+field arithmetic functions, respectively, that are to be used in
+operations.
+
+The selection of algorithms to use is handled in the function
+ecgroup_fromNameAndHex in ecl.c.
+
+Default Wiring
+--------------
+
+Curves over prime fields by default use montgomery field arithmetic,
+point multiplication using 5-bit window non-adjacent-form with
+Modified Jacobian coordinates, and 2*2-bit simultaneous point
+multiplication using Jacobian coordinates.
+(Wiring in function ECGroup_consGFp_mont in ecl.c.)
+
+Curves over prime fields that have optimized modular reduction (i.e.,
+secp160r1, nistp192, and nistp224) do not use Montgomery field
+arithmetic. Instead, they use basic field arithmetic with their
+optimized reduction (as in ecp_192.c and ecp_224.c). They
+use the same point multiplication and simultaneous point multiplication
+algorithms as other curves over prime fields.
+
+Curves over binary polynomial fields by default use generic field
+arithmetic with montgomery point multiplication and basic kP + lQ
+computation (multiply, multiply, and add). (Wiring in function
+ECGroup_cons_GF2m in ecl.c.)
+
+Curves over binary polynomial fields that have optimized field
+arithmetic (i.e., any 163-, 193, or 233-bit field) use their optimized
+field arithmetic. They use the same point multiplication and
+simultaneous point multiplication algorithms as other curves over binary
+fields.
+
+Example
+-------
+
+We provide an example for plugging in an optimized implementation for
+the Koblitz curve nistk163.
+
+Suppose the file ec2_k163.c contains the optimized implementation. In
+particular it contains a point multiplication function:
+
+ mp_err ec_GF2m_nistk163_pt_mul(const mp_int *n, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry, const ECGroup *group);
+
+Since only a pt_mul function is provided, the generic pt_add function
+will be used.
+
+There are two options for handling the optimized field arithmetic used
+by the ..._pt_mul function. Say the optimized field arithmetic includes
+the following functions:
+
+ mp_err ec_GF2m_nistk163_add(const mp_int *a, const mp_int *b,
+ mp_int *r, const GFMethod *meth);
+ mp_err ec_GF2m_nistk163_mul(const mp_int *a, const mp_int *b,
+ mp_int *r, const GFMethod *meth);
+ mp_err ec_GF2m_nistk163_sqr(const mp_int *a, const mp_int *b,
+ mp_int *r, const GFMethod *meth);
+ mp_err ec_GF2m_nistk163_div(const mp_int *a, const mp_int *b,
+ mp_int *r, const GFMethod *meth);
+
+First, the optimized field arithmetic could simply be called directly
+by the ..._pt_mul function. This would be accomplished by changing
+the ecgroup_fromNameAndHex function in ecl.c to include the following
+statements:
+
+ if (name == ECCurve_NIST_K163) {
+ group = ECGroup_consGF2m(&irr, NULL, &curvea, &curveb, &genx,
+ &geny, &order, params->cofactor);
+ if (group == NULL) { res = MP_UNDEF; goto CLEANUP; }
+ MP_CHECKOK( ec_group_set_nistk163(group) );
+ }
+
+and including in ec2_k163.c the following function:
+
+ mp_err ec_group_set_nistk163(ECGroup *group) {
+ group->point_mul = &ec_GF2m_nistk163_pt_mul;
+ return MP_OKAY;
+ }
+
+As a result, ec_GF2m_pt_add and similar functions would use the
+basic binary polynomial field arithmetic ec_GF2m_add, ec_GF2m_mul,
+ec_GF2m_sqr, and ec_GF2m_div.
+
+Alternatively, the optimized field arithmetic could be wired into the
+group's GFMethod. This would be accomplished by putting the following
+function in ec2_k163.c:
+
+ mp_err ec_group_set_nistk163(ECGroup *group) {
+ group->meth->field_add = &ec_GF2m_nistk163_add;
+ group->meth->field_mul = &ec_GF2m_nistk163_mul;
+ group->meth->field_sqr = &ec_GF2m_nistk163_sqr;
+ group->meth->field_div = &ec_GF2m_nistk163_div;
+ group->point_mul = &ec_GF2m_nistk163_pt_mul;
+ return MP_OKAY;
+ }
+
+For an example of functions that use special field encodings, take a
+look at ecp_mont.c.
diff --git a/security/nss/lib/freebl/ecl/curve25519_32.c b/security/nss/lib/freebl/ecl/curve25519_32.c
new file mode 100644
index 000000000..0122961e6
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/curve25519_32.c
@@ -0,0 +1,390 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Derived from public domain code by Matthew Dempsky and D. J. Bernstein.
+ */
+
+#include "ecl-priv.h"
+#include "mpi.h"
+
+#include <stdint.h>
+#include <stdio.h>
+
+typedef uint32_t elem[32];
+
+/*
+ * Add two field elements.
+ * out = a + b
+ */
+static void
+add(elem out, const elem a, const elem b)
+{
+ uint32_t j;
+ uint32_t u = 0;
+ for (j = 0; j < 31; ++j) {
+ u += a[j] + b[j];
+ out[j] = u & 0xFF;
+ u >>= 8;
+ }
+ u += a[31] + b[31];
+ out[31] = u;
+}
+
+/*
+ * Subtract two field elements.
+ * out = a - b
+ */
+static void
+sub(elem out, const elem a, const elem b)
+{
+ uint32_t j;
+ uint32_t u;
+ u = 218;
+ for (j = 0; j < 31; ++j) {
+ u += a[j] + 0xFF00 - b[j];
+ out[j] = u & 0xFF;
+ u >>= 8;
+ }
+ u += a[31] - b[31];
+ out[31] = u;
+}
+
+/*
+ * "Squeeze" an element after multiplication (and square).
+ */
+static void
+squeeze(elem a)
+{
+ uint32_t j;
+ uint32_t u;
+ u = 0;
+ for (j = 0; j < 31; ++j) {
+ u += a[j];
+ a[j] = u & 0xFF;
+ u >>= 8;
+ }
+ u += a[31];
+ a[31] = u & 0x7F;
+ u = 19 * (u >> 7);
+ for (j = 0; j < 31; ++j) {
+ u += a[j];
+ a[j] = u & 0xFF;
+ u >>= 8;
+ }
+ a[31] += u;
+}
+
+static const elem minusp = { 19, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 128 };
+
+/*
+ * Reduce point a by 2^255-19
+ */
+static void
+reduce(elem a)
+{
+ elem aorig;
+ uint32_t j;
+ uint32_t negative;
+
+ for (j = 0; j < 32; ++j) {
+ aorig[j] = a[j];
+ }
+ add(a, a, minusp);
+ negative = 1 + ~((a[31] >> 7) & 1);
+ for (j = 0; j < 32; ++j) {
+ a[j] ^= negative & (aorig[j] ^ a[j]);
+ }
+}
+
+/*
+ * Multiplication and squeeze
+ * out = a * b
+ */
+static void
+mult(elem out, const elem a, const elem b)
+{
+ uint32_t i;
+ uint32_t j;
+ uint32_t u;
+
+ for (i = 0; i < 32; ++i) {
+ u = 0;
+ for (j = 0; j <= i; ++j) {
+ u += a[j] * b[i - j];
+ }
+ for (j = i + 1; j < 32; ++j) {
+ u += 38 * a[j] * b[i + 32 - j];
+ }
+ out[i] = u;
+ }
+ squeeze(out);
+}
+
+/*
+ * Multiplication
+ * out = 121665 * a
+ */
+static void
+mult121665(elem out, const elem a)
+{
+ uint32_t j;
+ uint32_t u;
+
+ u = 0;
+ for (j = 0; j < 31; ++j) {
+ u += 121665 * a[j];
+ out[j] = u & 0xFF;
+ u >>= 8;
+ }
+ u += 121665 * a[31];
+ out[31] = u & 0x7F;
+ u = 19 * (u >> 7);
+ for (j = 0; j < 31; ++j) {
+ u += out[j];
+ out[j] = u & 0xFF;
+ u >>= 8;
+ }
+ u += out[j];
+ out[j] = u;
+}
+
+/*
+ * Square a and squeeze the result.
+ * out = a * a
+ */
+static void
+square(elem out, const elem a)
+{
+ uint32_t i;
+ uint32_t j;
+ uint32_t u;
+
+ for (i = 0; i < 32; ++i) {
+ u = 0;
+ for (j = 0; j < i - j; ++j) {
+ u += a[j] * a[i - j];
+ }
+ for (j = i + 1; j < i + 32 - j; ++j) {
+ u += 38 * a[j] * a[i + 32 - j];
+ }
+ u *= 2;
+ if ((i & 1) == 0) {
+ u += a[i / 2] * a[i / 2];
+ u += 38 * a[i / 2 + 16] * a[i / 2 + 16];
+ }
+ out[i] = u;
+ }
+ squeeze(out);
+}
+
+/*
+ * Constant time swap between r and s depending on b
+ */
+static void
+cswap(uint32_t p[64], uint32_t q[64], uint32_t b)
+{
+ uint32_t j;
+ uint32_t swap = 1 + ~b;
+
+ for (j = 0; j < 64; ++j) {
+ const uint32_t t = swap & (p[j] ^ q[j]);
+ p[j] ^= t;
+ q[j] ^= t;
+ }
+}
+
+/*
+ * Montgomery ladder
+ */
+static void
+monty(elem x_2_out, elem z_2_out,
+ const elem point, const elem scalar)
+{
+ uint32_t x_3[64] = { 0 };
+ uint32_t x_2[64] = { 0 };
+ uint32_t a0[64];
+ uint32_t a1[64];
+ uint32_t b0[64];
+ uint32_t b1[64];
+ uint32_t c1[64];
+ uint32_t r[32];
+ uint32_t s[32];
+ uint32_t t[32];
+ uint32_t u[32];
+ uint32_t swap = 0;
+ uint32_t k_t = 0;
+ int j;
+
+ for (j = 0; j < 32; ++j) {
+ x_3[j] = point[j];
+ }
+ x_3[32] = 1;
+ x_2[0] = 1;
+
+ for (j = 254; j >= 0; --j) {
+ k_t = (scalar[j >> 3] >> (j & 7)) & 1;
+ swap ^= k_t;
+ cswap(x_2, x_3, swap);
+ swap = k_t;
+ add(a0, x_2, x_2 + 32);
+ sub(a0 + 32, x_2, x_2 + 32);
+ add(a1, x_3, x_3 + 32);
+ sub(a1 + 32, x_3, x_3 + 32);
+ square(b0, a0);
+ square(b0 + 32, a0 + 32);
+ mult(b1, a1, a0 + 32);
+ mult(b1 + 32, a1 + 32, a0);
+ add(c1, b1, b1 + 32);
+ sub(c1 + 32, b1, b1 + 32);
+ square(r, c1 + 32);
+ sub(s, b0, b0 + 32);
+ mult121665(t, s);
+ add(u, t, b0);
+ mult(x_2, b0, b0 + 32);
+ mult(x_2 + 32, s, u);
+ square(x_3, c1);
+ mult(x_3 + 32, r, point);
+ }
+
+ cswap(x_2, x_3, swap);
+ for (j = 0; j < 32; ++j) {
+ x_2_out[j] = x_2[j];
+ }
+ for (j = 0; j < 32; ++j) {
+ z_2_out[j] = x_2[j + 32];
+ }
+}
+
+static void
+recip(elem out, const elem z)
+{
+ elem z2;
+ elem z9;
+ elem z11;
+ elem z2_5_0;
+ elem z2_10_0;
+ elem z2_20_0;
+ elem z2_50_0;
+ elem z2_100_0;
+ elem t0;
+ elem t1;
+ int i;
+
+ /* 2 */ square(z2, z);
+ /* 4 */ square(t1, z2);
+ /* 8 */ square(t0, t1);
+ /* 9 */ mult(z9, t0, z);
+ /* 11 */ mult(z11, z9, z2);
+ /* 22 */ square(t0, z11);
+ /* 2^5 - 2^0 = 31 */ mult(z2_5_0, t0, z9);
+
+ /* 2^6 - 2^1 */ square(t0, z2_5_0);
+ /* 2^7 - 2^2 */ square(t1, t0);
+ /* 2^8 - 2^3 */ square(t0, t1);
+ /* 2^9 - 2^4 */ square(t1, t0);
+ /* 2^10 - 2^5 */ square(t0, t1);
+ /* 2^10 - 2^0 */ mult(z2_10_0, t0, z2_5_0);
+
+ /* 2^11 - 2^1 */ square(t0, z2_10_0);
+ /* 2^12 - 2^2 */ square(t1, t0);
+ /* 2^20 - 2^10 */
+ for (i = 2; i < 10; i += 2) {
+ square(t0, t1);
+ square(t1, t0);
+ }
+ /* 2^20 - 2^0 */ mult(z2_20_0, t1, z2_10_0);
+
+ /* 2^21 - 2^1 */ square(t0, z2_20_0);
+ /* 2^22 - 2^2 */ square(t1, t0);
+ /* 2^40 - 2^20 */
+ for (i = 2; i < 20; i += 2) {
+ square(t0, t1);
+ square(t1, t0);
+ }
+ /* 2^40 - 2^0 */ mult(t0, t1, z2_20_0);
+
+ /* 2^41 - 2^1 */ square(t1, t0);
+ /* 2^42 - 2^2 */ square(t0, t1);
+ /* 2^50 - 2^10 */
+ for (i = 2; i < 10; i += 2) {
+ square(t1, t0);
+ square(t0, t1);
+ }
+ /* 2^50 - 2^0 */ mult(z2_50_0, t0, z2_10_0);
+
+ /* 2^51 - 2^1 */ square(t0, z2_50_0);
+ /* 2^52 - 2^2 */ square(t1, t0);
+ /* 2^100 - 2^50 */
+ for (i = 2; i < 50; i += 2) {
+ square(t0, t1);
+ square(t1, t0);
+ }
+ /* 2^100 - 2^0 */ mult(z2_100_0, t1, z2_50_0);
+
+ /* 2^101 - 2^1 */ square(t1, z2_100_0);
+ /* 2^102 - 2^2 */ square(t0, t1);
+ /* 2^200 - 2^100 */
+ for (i = 2; i < 100; i += 2) {
+ square(t1, t0);
+ square(t0, t1);
+ }
+ /* 2^200 - 2^0 */ mult(t1, t0, z2_100_0);
+
+ /* 2^201 - 2^1 */ square(t0, t1);
+ /* 2^202 - 2^2 */ square(t1, t0);
+ /* 2^250 - 2^50 */
+ for (i = 2; i < 50; i += 2) {
+ square(t0, t1);
+ square(t1, t0);
+ }
+ /* 2^250 - 2^0 */ mult(t0, t1, z2_50_0);
+
+ /* 2^251 - 2^1 */ square(t1, t0);
+ /* 2^252 - 2^2 */ square(t0, t1);
+ /* 2^253 - 2^3 */ square(t1, t0);
+ /* 2^254 - 2^4 */ square(t0, t1);
+ /* 2^255 - 2^5 */ square(t1, t0);
+ /* 2^255 - 21 */ mult(out, t1, z11);
+}
+
+/*
+ * Computes q = Curve25519(p, s)
+ */
+SECStatus
+ec_Curve25519_mul(PRUint8 *q, const PRUint8 *s, const PRUint8 *p)
+{
+ elem point = { 0 };
+ elem x_2 = { 0 };
+ elem z_2 = { 0 };
+ elem X = { 0 };
+ elem scalar = { 0 };
+ uint32_t i;
+
+ /* read and mask scalar */
+ for (i = 0; i < 32; ++i) {
+ scalar[i] = s[i];
+ }
+ scalar[0] &= 0xF8;
+ scalar[31] &= 0x7F;
+ scalar[31] |= 64;
+
+ /* read and mask point */
+ for (i = 0; i < 32; ++i) {
+ point[i] = p[i];
+ }
+ point[31] &= 0x7F;
+
+ monty(x_2, z_2, point, scalar);
+ recip(z_2, z_2);
+ mult(X, x_2, z_2);
+ reduce(X);
+ for (i = 0; i < 32; ++i) {
+ q[i] = X[i];
+ }
+ return 0;
+}
diff --git a/security/nss/lib/freebl/ecl/curve25519_64.c b/security/nss/lib/freebl/ecl/curve25519_64.c
new file mode 100644
index 000000000..89327ad1c
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/curve25519_64.c
@@ -0,0 +1,514 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Derived from public domain C code by Adan Langley and Daniel J. Bernstein
+ */
+
+#include "uint128.h"
+
+#include "ecl-priv.h"
+#include "mpi.h"
+
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+
+typedef uint8_t u8;
+typedef uint64_t felem;
+
+/* Sum two numbers: output += in */
+static void
+fsum(felem *output, const felem *in)
+{
+ unsigned i;
+ for (i = 0; i < 5; ++i) {
+ output[i] += in[i];
+ }
+}
+
+/* Find the difference of two numbers: output = in - output
+ * (note the order of the arguments!)
+ */
+static void
+fdifference_backwards(felem *ioutput, const felem *iin)
+{
+ static const int64_t twotothe51 = ((int64_t)1l << 51);
+ const int64_t *in = (const int64_t *)iin;
+ int64_t *out = (int64_t *)ioutput;
+
+ out[0] = in[0] - out[0];
+ out[1] = in[1] - out[1];
+ out[2] = in[2] - out[2];
+ out[3] = in[3] - out[3];
+ out[4] = in[4] - out[4];
+
+ // An arithmetic shift right of 63 places turns a positive number to 0 and a
+ // negative number to all 1's. This gives us a bitmask that lets us avoid
+ // side-channel prone branches.
+ int64_t t;
+
+#define NEGCHAIN(a, b) \
+ t = out[a] >> 63; \
+ out[a] += twotothe51 & t; \
+ out[b] -= 1 & t;
+
+#define NEGCHAIN19(a, b) \
+ t = out[a] >> 63; \
+ out[a] += twotothe51 & t; \
+ out[b] -= 19 & t;
+
+ NEGCHAIN(0, 1);
+ NEGCHAIN(1, 2);
+ NEGCHAIN(2, 3);
+ NEGCHAIN(3, 4);
+ NEGCHAIN19(4, 0);
+ NEGCHAIN(0, 1);
+ NEGCHAIN(1, 2);
+ NEGCHAIN(2, 3);
+ NEGCHAIN(3, 4);
+}
+
+/* Multiply a number by a scalar: output = in * scalar */
+static void
+fscalar_product(felem *output, const felem *in,
+ const felem scalar)
+{
+ uint128_t tmp, tmp2;
+
+ tmp = mul6464(in[0], scalar);
+ output[0] = mask51(tmp);
+
+ tmp2 = mul6464(in[1], scalar);
+ tmp = add128(tmp2, rshift128(tmp, 51));
+ output[1] = mask51(tmp);
+
+ tmp2 = mul6464(in[2], scalar);
+ tmp = add128(tmp2, rshift128(tmp, 51));
+ output[2] = mask51(tmp);
+
+ tmp2 = mul6464(in[3], scalar);
+ tmp = add128(tmp2, rshift128(tmp, 51));
+ output[3] = mask51(tmp);
+
+ tmp2 = mul6464(in[4], scalar);
+ tmp = add128(tmp2, rshift128(tmp, 51));
+ output[4] = mask51(tmp);
+
+ output[0] += mask_lower(rshift128(tmp, 51)) * 19;
+}
+
+/* Multiply two numbers: output = in2 * in
+ *
+ * output must be distinct to both inputs. The inputs are reduced coefficient
+ * form, the output is not.
+ */
+static void
+fmul(felem *output, const felem *in2, const felem *in)
+{
+ uint128_t t0, t1, t2, t3, t4, t5, t6, t7, t8;
+
+ t0 = mul6464(in[0], in2[0]);
+ t1 = add128(mul6464(in[1], in2[0]), mul6464(in[0], in2[1]));
+ t2 = add128(add128(mul6464(in[0], in2[2]),
+ mul6464(in[2], in2[0])),
+ mul6464(in[1], in2[1]));
+ t3 = add128(add128(add128(mul6464(in[0], in2[3]),
+ mul6464(in[3], in2[0])),
+ mul6464(in[1], in2[2])),
+ mul6464(in[2], in2[1]));
+ t4 = add128(add128(add128(add128(mul6464(in[0], in2[4]),
+ mul6464(in[4], in2[0])),
+ mul6464(in[3], in2[1])),
+ mul6464(in[1], in2[3])),
+ mul6464(in[2], in2[2]));
+ t5 = add128(add128(add128(mul6464(in[4], in2[1]),
+ mul6464(in[1], in2[4])),
+ mul6464(in[2], in2[3])),
+ mul6464(in[3], in2[2]));
+ t6 = add128(add128(mul6464(in[4], in2[2]),
+ mul6464(in[2], in2[4])),
+ mul6464(in[3], in2[3]));
+ t7 = add128(mul6464(in[3], in2[4]), mul6464(in[4], in2[3]));
+ t8 = mul6464(in[4], in2[4]);
+
+ t0 = add128(t0, mul12819(t5));
+ t1 = add128(t1, mul12819(t6));
+ t2 = add128(t2, mul12819(t7));
+ t3 = add128(t3, mul12819(t8));
+
+ t1 = add128(t1, rshift128(t0, 51));
+ t0 = mask51full(t0);
+ t2 = add128(t2, rshift128(t1, 51));
+ t1 = mask51full(t1);
+ t3 = add128(t3, rshift128(t2, 51));
+ t4 = add128(t4, rshift128(t3, 51));
+ t0 = add128(t0, mul12819(rshift128(t4, 51)));
+ t1 = add128(t1, rshift128(t0, 51));
+ t2 = mask51full(t2);
+ t2 = add128(t2, rshift128(t1, 51));
+
+ output[0] = mask51(t0);
+ output[1] = mask51(t1);
+ output[2] = mask_lower(t2);
+ output[3] = mask51(t3);
+ output[4] = mask51(t4);
+}
+
+static void
+fsquare(felem *output, const felem *in)
+{
+ uint128_t t0, t1, t2, t3, t4, t5, t6, t7, t8;
+
+ t0 = mul6464(in[0], in[0]);
+ t1 = lshift128(mul6464(in[0], in[1]), 1);
+ t2 = add128(lshift128(mul6464(in[0], in[2]), 1),
+ mul6464(in[1], in[1]));
+ t3 = add128(lshift128(mul6464(in[0], in[3]), 1),
+ lshift128(mul6464(in[1], in[2]), 1));
+ t4 = add128(add128(lshift128(mul6464(in[0], in[4]), 1),
+ lshift128(mul6464(in[3], in[1]), 1)),
+ mul6464(in[2], in[2]));
+ t5 = add128(lshift128(mul6464(in[4], in[1]), 1),
+ lshift128(mul6464(in[2], in[3]), 1));
+ t6 = add128(lshift128(mul6464(in[4], in[2]), 1),
+ mul6464(in[3], in[3]));
+ t7 = lshift128(mul6464(in[3], in[4]), 1);
+ t8 = mul6464(in[4], in[4]);
+
+ t0 = add128(t0, mul12819(t5));
+ t1 = add128(t1, mul12819(t6));
+ t2 = add128(t2, mul12819(t7));
+ t3 = add128(t3, mul12819(t8));
+
+ t1 = add128(t1, rshift128(t0, 51));
+ t0 = mask51full(t0);
+ t2 = add128(t2, rshift128(t1, 51));
+ t1 = mask51full(t1);
+ t3 = add128(t3, rshift128(t2, 51));
+ t4 = add128(t4, rshift128(t3, 51));
+ t0 = add128(t0, mul12819(rshift128(t4, 51)));
+ t1 = add128(t1, rshift128(t0, 51));
+
+ output[0] = mask51(t0);
+ output[1] = mask_lower(t1);
+ output[2] = mask51(t2);
+ output[3] = mask51(t3);
+ output[4] = mask51(t4);
+}
+
+/* Take a 32-byte number and expand it into polynomial form */
+static void NO_SANITIZE_ALIGNMENT
+fexpand(felem *output, const u8 *in)
+{
+ output[0] = *((const uint64_t *)(in)) & MASK51;
+ output[1] = (*((const uint64_t *)(in + 6)) >> 3) & MASK51;
+ output[2] = (*((const uint64_t *)(in + 12)) >> 6) & MASK51;
+ output[3] = (*((const uint64_t *)(in + 19)) >> 1) & MASK51;
+ output[4] = (*((const uint64_t *)(in + 25)) >> 4) & MASK51;
+}
+
+/* Take a fully reduced polynomial form number and contract it into a
+ * 32-byte array
+ */
+static void
+fcontract(u8 *output, const felem *input)
+{
+ uint128_t t0 = init128x(input[0]);
+ uint128_t t1 = init128x(input[1]);
+ uint128_t t2 = init128x(input[2]);
+ uint128_t t3 = init128x(input[3]);
+ uint128_t t4 = init128x(input[4]);
+ uint128_t tmp = init128x(19);
+
+ t1 = add128(t1, rshift128(t0, 51));
+ t0 = mask51full(t0);
+ t2 = add128(t2, rshift128(t1, 51));
+ t1 = mask51full(t1);
+ t3 = add128(t3, rshift128(t2, 51));
+ t2 = mask51full(t2);
+ t4 = add128(t4, rshift128(t3, 51));
+ t3 = mask51full(t3);
+ t0 = add128(t0, mul12819(rshift128(t4, 51)));
+ t4 = mask51full(t4);
+
+ t1 = add128(t1, rshift128(t0, 51));
+ t0 = mask51full(t0);
+ t2 = add128(t2, rshift128(t1, 51));
+ t1 = mask51full(t1);
+ t3 = add128(t3, rshift128(t2, 51));
+ t2 = mask51full(t2);
+ t4 = add128(t4, rshift128(t3, 51));
+ t3 = mask51full(t3);
+ t0 = add128(t0, mul12819(rshift128(t4, 51)));
+ t4 = mask51full(t4);
+
+ /* now t is between 0 and 2^255-1, properly carried. */
+ /* case 1: between 0 and 2^255-20. case 2: between 2^255-19 and 2^255-1. */
+
+ t0 = add128(t0, tmp);
+
+ t1 = add128(t1, rshift128(t0, 51));
+ t0 = mask51full(t0);
+ t2 = add128(t2, rshift128(t1, 51));
+ t1 = mask51full(t1);
+ t3 = add128(t3, rshift128(t2, 51));
+ t2 = mask51full(t2);
+ t4 = add128(t4, rshift128(t3, 51));
+ t3 = mask51full(t3);
+ t0 = add128(t0, mul12819(rshift128(t4, 51)));
+ t4 = mask51full(t4);
+
+ /* now between 19 and 2^255-1 in both cases, and offset by 19. */
+
+ t0 = add128(t0, init128x(0x8000000000000 - 19));
+ tmp = init128x(0x8000000000000 - 1);
+ t1 = add128(t1, tmp);
+ t2 = add128(t2, tmp);
+ t3 = add128(t3, tmp);
+ t4 = add128(t4, tmp);
+
+ /* now between 2^255 and 2^256-20, and offset by 2^255. */
+
+ t1 = add128(t1, rshift128(t0, 51));
+ t0 = mask51full(t0);
+ t2 = add128(t2, rshift128(t1, 51));
+ t1 = mask51full(t1);
+ t3 = add128(t3, rshift128(t2, 51));
+ t2 = mask51full(t2);
+ t4 = add128(t4, rshift128(t3, 51));
+ t3 = mask51full(t3);
+ t4 = mask51full(t4);
+
+ *((uint64_t *)(output)) = mask_lower(t0) | mask_lower(t1) << 51;
+ *((uint64_t *)(output + 8)) = (mask_lower(t1) >> 13) | (mask_lower(t2) << 38);
+ *((uint64_t *)(output + 16)) = (mask_lower(t2) >> 26) | (mask_lower(t3) << 25);
+ *((uint64_t *)(output + 24)) = (mask_lower(t3) >> 39) | (mask_lower(t4) << 12);
+}
+
+/* Input: Q, Q', Q-Q'
+ * Output: 2Q, Q+Q'
+ *
+ * x2 z3: long form
+ * x3 z3: long form
+ * x z: short form, destroyed
+ * xprime zprime: short form, destroyed
+ * qmqp: short form, preserved
+ */
+static void
+fmonty(felem *x2, felem *z2, /* output 2Q */
+ felem *x3, felem *z3, /* output Q + Q' */
+ felem *x, felem *z, /* input Q */
+ felem *xprime, felem *zprime, /* input Q' */
+ const felem *qmqp /* input Q - Q' */)
+{
+ felem origx[5], origxprime[5], zzz[5], xx[5], zz[5], xxprime[5], zzprime[5],
+ zzzprime[5];
+
+ memcpy(origx, x, 5 * sizeof(felem));
+ fsum(x, z);
+ fdifference_backwards(z, origx); // does x - z
+
+ memcpy(origxprime, xprime, sizeof(felem) * 5);
+ fsum(xprime, zprime);
+ fdifference_backwards(zprime, origxprime);
+ fmul(xxprime, xprime, z);
+ fmul(zzprime, x, zprime);
+ memcpy(origxprime, xxprime, sizeof(felem) * 5);
+ fsum(xxprime, zzprime);
+ fdifference_backwards(zzprime, origxprime);
+ fsquare(x3, xxprime);
+ fsquare(zzzprime, zzprime);
+ fmul(z3, zzzprime, qmqp);
+
+ fsquare(xx, x);
+ fsquare(zz, z);
+ fmul(x2, xx, zz);
+ fdifference_backwards(zz, xx); // does zz = xx - zz
+ fscalar_product(zzz, zz, 121665);
+ fsum(zzz, xx);
+ fmul(z2, zz, zzz);
+}
+
+// -----------------------------------------------------------------------------
+// Maybe swap the contents of two felem arrays (@a and @b), each @len elements
+// long. Perform the swap iff @swap is non-zero.
+//
+// This function performs the swap without leaking any side-channel
+// information.
+// -----------------------------------------------------------------------------
+static void
+swap_conditional(felem *a, felem *b, unsigned len, felem iswap)
+{
+ unsigned i;
+ const felem swap = 1 + ~iswap;
+
+ for (i = 0; i < len; ++i) {
+ const felem x = swap & (a[i] ^ b[i]);
+ a[i] ^= x;
+ b[i] ^= x;
+ }
+}
+
+/* Calculates nQ where Q is the x-coordinate of a point on the curve
+ *
+ * resultx/resultz: the x coordinate of the resulting curve point (short form)
+ * n: a 32-byte number
+ * q: a point of the curve (short form)
+ */
+static void
+cmult(felem *resultx, felem *resultz, const u8 *n, const felem *q)
+{
+ felem a[5] = { 0 }, b[5] = { 1 }, c[5] = { 1 }, d[5] = { 0 };
+ felem *nqpqx = a, *nqpqz = b, *nqx = c, *nqz = d, *t;
+ felem e[5] = { 0 }, f[5] = { 1 }, g[5] = { 0 }, h[5] = { 1 };
+ felem *nqpqx2 = e, *nqpqz2 = f, *nqx2 = g, *nqz2 = h;
+
+ unsigned i, j;
+
+ memcpy(nqpqx, q, sizeof(felem) * 5);
+
+ for (i = 0; i < 32; ++i) {
+ u8 byte = n[31 - i];
+ for (j = 0; j < 8; ++j) {
+ const felem bit = byte >> 7;
+
+ swap_conditional(nqx, nqpqx, 5, bit);
+ swap_conditional(nqz, nqpqz, 5, bit);
+ fmonty(nqx2, nqz2, nqpqx2, nqpqz2, nqx, nqz, nqpqx, nqpqz, q);
+ swap_conditional(nqx2, nqpqx2, 5, bit);
+ swap_conditional(nqz2, nqpqz2, 5, bit);
+
+ t = nqx;
+ nqx = nqx2;
+ nqx2 = t;
+ t = nqz;
+ nqz = nqz2;
+ nqz2 = t;
+ t = nqpqx;
+ nqpqx = nqpqx2;
+ nqpqx2 = t;
+ t = nqpqz;
+ nqpqz = nqpqz2;
+ nqpqz2 = t;
+
+ byte <<= 1;
+ }
+ }
+
+ memcpy(resultx, nqx, sizeof(felem) * 5);
+ memcpy(resultz, nqz, sizeof(felem) * 5);
+}
+
+// -----------------------------------------------------------------------------
+// Shamelessly copied from djb's code
+// -----------------------------------------------------------------------------
+static void
+crecip(felem *out, const felem *z)
+{
+ felem z2[5];
+ felem z9[5];
+ felem z11[5];
+ felem z2_5_0[5];
+ felem z2_10_0[5];
+ felem z2_20_0[5];
+ felem z2_50_0[5];
+ felem z2_100_0[5];
+ felem t0[5];
+ felem t1[5];
+ int i;
+
+ /* 2 */ fsquare(z2, z);
+ /* 4 */ fsquare(t1, z2);
+ /* 8 */ fsquare(t0, t1);
+ /* 9 */ fmul(z9, t0, z);
+ /* 11 */ fmul(z11, z9, z2);
+ /* 22 */ fsquare(t0, z11);
+ /* 2^5 - 2^0 = 31 */ fmul(z2_5_0, t0, z9);
+
+ /* 2^6 - 2^1 */ fsquare(t0, z2_5_0);
+ /* 2^7 - 2^2 */ fsquare(t1, t0);
+ /* 2^8 - 2^3 */ fsquare(t0, t1);
+ /* 2^9 - 2^4 */ fsquare(t1, t0);
+ /* 2^10 - 2^5 */ fsquare(t0, t1);
+ /* 2^10 - 2^0 */ fmul(z2_10_0, t0, z2_5_0);
+
+ /* 2^11 - 2^1 */ fsquare(t0, z2_10_0);
+ /* 2^12 - 2^2 */ fsquare(t1, t0);
+ /* 2^20 - 2^10 */ for (i = 2; i < 10; i += 2) {
+ fsquare(t0, t1);
+ fsquare(t1, t0);
+ }
+ /* 2^20 - 2^0 */ fmul(z2_20_0, t1, z2_10_0);
+
+ /* 2^21 - 2^1 */ fsquare(t0, z2_20_0);
+ /* 2^22 - 2^2 */ fsquare(t1, t0);
+ /* 2^40 - 2^20 */ for (i = 2; i < 20; i += 2) {
+ fsquare(t0, t1);
+ fsquare(t1, t0);
+ }
+ /* 2^40 - 2^0 */ fmul(t0, t1, z2_20_0);
+
+ /* 2^41 - 2^1 */ fsquare(t1, t0);
+ /* 2^42 - 2^2 */ fsquare(t0, t1);
+ /* 2^50 - 2^10 */ for (i = 2; i < 10; i += 2) {
+ fsquare(t1, t0);
+ fsquare(t0, t1);
+ }
+ /* 2^50 - 2^0 */ fmul(z2_50_0, t0, z2_10_0);
+
+ /* 2^51 - 2^1 */ fsquare(t0, z2_50_0);
+ /* 2^52 - 2^2 */ fsquare(t1, t0);
+ /* 2^100 - 2^50 */ for (i = 2; i < 50; i += 2) {
+ fsquare(t0, t1);
+ fsquare(t1, t0);
+ }
+ /* 2^100 - 2^0 */ fmul(z2_100_0, t1, z2_50_0);
+
+ /* 2^101 - 2^1 */ fsquare(t1, z2_100_0);
+ /* 2^102 - 2^2 */ fsquare(t0, t1);
+ /* 2^200 - 2^100 */ for (i = 2; i < 100; i += 2) {
+ fsquare(t1, t0);
+ fsquare(t0, t1);
+ }
+ /* 2^200 - 2^0 */ fmul(t1, t0, z2_100_0);
+
+ /* 2^201 - 2^1 */ fsquare(t0, t1);
+ /* 2^202 - 2^2 */ fsquare(t1, t0);
+ /* 2^250 - 2^50 */ for (i = 2; i < 50; i += 2) {
+ fsquare(t0, t1);
+ fsquare(t1, t0);
+ }
+ /* 2^250 - 2^0 */ fmul(t0, t1, z2_50_0);
+
+ /* 2^251 - 2^1 */ fsquare(t1, t0);
+ /* 2^252 - 2^2 */ fsquare(t0, t1);
+ /* 2^253 - 2^3 */ fsquare(t1, t0);
+ /* 2^254 - 2^4 */ fsquare(t0, t1);
+ /* 2^255 - 2^5 */ fsquare(t1, t0);
+ /* 2^255 - 21 */ fmul(out, t1, z11);
+}
+
+SECStatus
+ec_Curve25519_mul(uint8_t *mypublic, const uint8_t *secret,
+ const uint8_t *basepoint)
+{
+ felem bp[5], x[5], z[5], zmone[5];
+ uint8_t e[32];
+ int i;
+
+ for (i = 0; i < 32; ++i) {
+ e[i] = secret[i];
+ }
+ e[0] &= 248;
+ e[31] &= 127;
+ e[31] |= 64;
+ fexpand(bp, basepoint);
+ cmult(x, z, e, bp);
+ crecip(zmone, z);
+ fmul(z, x, zmone);
+ fcontract(mypublic, z);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/ecl/ec_naf.c b/security/nss/lib/freebl/ecl/ec_naf.c
new file mode 100644
index 000000000..cad08cb27
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ec_naf.c
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecl-priv.h"
+
+/* Returns 2^e as an integer. This is meant to be used for small powers of
+ * two. */
+int
+ec_twoTo(int e)
+{
+ int a = 1;
+ int i;
+
+ for (i = 0; i < e; i++) {
+ a *= 2;
+ }
+ return a;
+}
+
+/* Computes the windowed non-adjacent-form (NAF) of a scalar. Out should
+ * be an array of signed char's to output to, bitsize should be the number
+ * of bits of out, in is the original scalar, and w is the window size.
+ * NAF is discussed in the paper: D. Hankerson, J. Hernandez and A.
+ * Menezes, "Software implementation of elliptic curve cryptography over
+ * binary fields", Proc. CHES 2000. */
+mp_err
+ec_compute_wNAF(signed char *out, int bitsize, const mp_int *in, int w)
+{
+ mp_int k;
+ mp_err res = MP_OKAY;
+ int i, twowm1, mask;
+
+ twowm1 = ec_twoTo(w - 1);
+ mask = 2 * twowm1 - 1;
+
+ MP_DIGITS(&k) = 0;
+ MP_CHECKOK(mp_init_copy(&k, in));
+
+ i = 0;
+ /* Compute wNAF form */
+ while (mp_cmp_z(&k) > 0) {
+ if (mp_isodd(&k)) {
+ out[i] = MP_DIGIT(&k, 0) & mask;
+ if (out[i] >= twowm1)
+ out[i] -= 2 * twowm1;
+
+ /* Subtract off out[i]. Note mp_sub_d only works with
+ * unsigned digits */
+ if (out[i] >= 0) {
+ MP_CHECKOK(mp_sub_d(&k, out[i], &k));
+ } else {
+ MP_CHECKOK(mp_add_d(&k, -(out[i]), &k));
+ }
+ } else {
+ out[i] = 0;
+ }
+ MP_CHECKOK(mp_div_2(&k, &k));
+ i++;
+ }
+ /* Zero out the remaining elements of the out array. */
+ for (; i < bitsize + 1; i++) {
+ out[i] = 0;
+ }
+CLEANUP:
+ mp_clear(&k);
+ return res;
+}
diff --git a/security/nss/lib/freebl/ecl/ecl-curve.h b/security/nss/lib/freebl/ecl/ecl-curve.h
new file mode 100644
index 000000000..df061396c
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl-curve.h
@@ -0,0 +1,123 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecl-exp.h"
+#include <stdlib.h>
+
+#ifndef __ecl_curve_h_
+#define __ecl_curve_h_
+
+/* copied from certt.h */
+#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
+#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
+
+static const ECCurveParams ecCurve_NIST_P256 = {
+ "NIST-P256", ECField_GFp, 256,
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
+ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
+ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
+ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
+ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
+ 1, 128, 65, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT
+};
+
+static const ECCurveParams ecCurve_NIST_P384 = {
+ "NIST-P384", ECField_GFp, 384,
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
+ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
+ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
+ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
+ 1, 192, 97, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT
+};
+
+static const ECCurveParams ecCurve_NIST_P521 = {
+ "NIST-P521", ECField_GFp, 521,
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
+ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
+ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
+ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
+ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
+ 1, 256, 133, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT
+};
+
+static const ECCurveParams ecCurve25519 = {
+ "Curve25519", ECField_GFp, 255,
+ "7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed",
+ "076D06",
+ "00",
+ "0900000000000000000000000000000000000000000000000000000000000000",
+ "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9",
+ "1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed",
+ 8, 128, 32, KU_KEY_AGREEMENT
+};
+
+/* mapping between ECCurveName enum and pointers to ECCurveParams */
+static const ECCurveParams *ecCurve_map[] = {
+ NULL, /* ECCurve_noName */
+ NULL, /* ECCurve_NIST_P192 */
+ NULL, /* ECCurve_NIST_P224 */
+ &ecCurve_NIST_P256, /* ECCurve_NIST_P256 */
+ &ecCurve_NIST_P384, /* ECCurve_NIST_P384 */
+ &ecCurve_NIST_P521, /* ECCurve_NIST_P521 */
+ NULL, /* ECCurve_NIST_K163 */
+ NULL, /* ECCurve_NIST_B163 */
+ NULL, /* ECCurve_NIST_K233 */
+ NULL, /* ECCurve_NIST_B233 */
+ NULL, /* ECCurve_NIST_K283 */
+ NULL, /* ECCurve_NIST_B283 */
+ NULL, /* ECCurve_NIST_K409 */
+ NULL, /* ECCurve_NIST_B409 */
+ NULL, /* ECCurve_NIST_K571 */
+ NULL, /* ECCurve_NIST_B571 */
+ NULL, /* ECCurve_X9_62_PRIME_192V2 */
+ NULL, /* ECCurve_X9_62_PRIME_192V3 */
+ NULL, /* ECCurve_X9_62_PRIME_239V1 */
+ NULL, /* ECCurve_X9_62_PRIME_239V2 */
+ NULL, /* ECCurve_X9_62_PRIME_239V3 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB163V1 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB163V2 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB163V3 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB176V1 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB191V1 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB191V2 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB191V3 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB208W1 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB239V1 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB239V2 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB239V3 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB272W1 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB304W1 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB359V1 */
+ NULL, /* ECCurve_X9_62_CHAR2_PNB368W1 */
+ NULL, /* ECCurve_X9_62_CHAR2_TNB431R1 */
+ NULL, /* ECCurve_SECG_PRIME_112R1 */
+ NULL, /* ECCurve_SECG_PRIME_112R2 */
+ NULL, /* ECCurve_SECG_PRIME_128R1 */
+ NULL, /* ECCurve_SECG_PRIME_128R2 */
+ NULL, /* ECCurve_SECG_PRIME_160K1 */
+ NULL, /* ECCurve_SECG_PRIME_160R1 */
+ NULL, /* ECCurve_SECG_PRIME_160R2 */
+ NULL, /* ECCurve_SECG_PRIME_192K1 */
+ NULL, /* ECCurve_SECG_PRIME_224K1 */
+ NULL, /* ECCurve_SECG_PRIME_256K1 */
+ NULL, /* ECCurve_SECG_CHAR2_113R1 */
+ NULL, /* ECCurve_SECG_CHAR2_113R2 */
+ NULL, /* ECCurve_SECG_CHAR2_131R1 */
+ NULL, /* ECCurve_SECG_CHAR2_131R2 */
+ NULL, /* ECCurve_SECG_CHAR2_163R1 */
+ NULL, /* ECCurve_SECG_CHAR2_193R1 */
+ NULL, /* ECCurve_SECG_CHAR2_193R2 */
+ NULL, /* ECCurve_SECG_CHAR2_239K1 */
+ NULL, /* ECCurve_WTLS_1 */
+ NULL, /* ECCurve_WTLS_8 */
+ NULL, /* ECCurve_WTLS_9 */
+ &ecCurve25519, /* ECCurve25519 */
+ NULL /* ECCurve_pastLastCurve */
+};
+
+#endif
diff --git a/security/nss/lib/freebl/ecl/ecl-exp.h b/security/nss/lib/freebl/ecl/ecl-exp.h
new file mode 100644
index 000000000..44adb8a1c
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl-exp.h
@@ -0,0 +1,167 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ecl_exp_h_
+#define __ecl_exp_h_
+
+/* Curve field type */
+typedef enum {
+ ECField_GFp,
+ ECField_GF2m
+} ECField;
+
+/* Hexadecimal encoding of curve parameters */
+struct ECCurveParamsStr {
+ char *text;
+ ECField field;
+ unsigned int size;
+ char *irr;
+ char *curvea;
+ char *curveb;
+ char *genx;
+ char *geny;
+ char *order;
+ int cofactor;
+ int security;
+ int pointSize;
+ unsigned int usage;
+};
+typedef struct ECCurveParamsStr ECCurveParams;
+
+/* Named curve parameters */
+typedef enum {
+
+ ECCurve_noName = 0,
+
+ /* NIST prime curves */
+ ECCurve_NIST_P192, /* not supported */
+ ECCurve_NIST_P224, /* not supported */
+ ECCurve_NIST_P256,
+ ECCurve_NIST_P384,
+ ECCurve_NIST_P521,
+
+ /* NIST binary curves */
+ ECCurve_NIST_K163, /* not supported */
+ ECCurve_NIST_B163, /* not supported */
+ ECCurve_NIST_K233, /* not supported */
+ ECCurve_NIST_B233, /* not supported */
+ ECCurve_NIST_K283, /* not supported */
+ ECCurve_NIST_B283, /* not supported */
+ ECCurve_NIST_K409, /* not supported */
+ ECCurve_NIST_B409, /* not supported */
+ ECCurve_NIST_K571, /* not supported */
+ ECCurve_NIST_B571, /* not supported */
+
+ /* ANSI X9.62 prime curves */
+ /* ECCurve_X9_62_PRIME_192V1 == ECCurve_NIST_P192 */
+ ECCurve_X9_62_PRIME_192V2, /* not supported */
+ ECCurve_X9_62_PRIME_192V3, /* not supported */
+ ECCurve_X9_62_PRIME_239V1, /* not supported */
+ ECCurve_X9_62_PRIME_239V2, /* not supported */
+ ECCurve_X9_62_PRIME_239V3, /* not supported */
+ /* ECCurve_X9_62_PRIME_256V1 == ECCurve_NIST_P256 */
+
+ /* ANSI X9.62 binary curves */
+ ECCurve_X9_62_CHAR2_PNB163V1, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB163V2, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB163V3, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB176V1, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB191V1, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB191V2, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB191V3, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB208W1, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB239V1, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB239V2, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB239V3, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB272W1, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB304W1, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB359V1, /* not supported */
+ ECCurve_X9_62_CHAR2_PNB368W1, /* not supported */
+ ECCurve_X9_62_CHAR2_TNB431R1, /* not supported */
+
+ /* SEC2 prime curves */
+ ECCurve_SECG_PRIME_112R1, /* not supported */
+ ECCurve_SECG_PRIME_112R2, /* not supported */
+ ECCurve_SECG_PRIME_128R1, /* not supported */
+ ECCurve_SECG_PRIME_128R2, /* not supported */
+ ECCurve_SECG_PRIME_160K1, /* not supported */
+ ECCurve_SECG_PRIME_160R1, /* not supported */
+ ECCurve_SECG_PRIME_160R2, /* not supported */
+ ECCurve_SECG_PRIME_192K1, /* not supported */
+ /* ECCurve_SECG_PRIME_192R1 == ECCurve_NIST_P192 */
+ ECCurve_SECG_PRIME_224K1, /* not supported */
+ /* ECCurve_SECG_PRIME_224R1 == ECCurve_NIST_P224 */
+ ECCurve_SECG_PRIME_256K1, /* not supported */
+ /* ECCurve_SECG_PRIME_256R1 == ECCurve_NIST_P256 */
+ /* ECCurve_SECG_PRIME_384R1 == ECCurve_NIST_P384 */
+ /* ECCurve_SECG_PRIME_521R1 == ECCurve_NIST_P521 */
+
+ /* SEC2 binary curves */
+ ECCurve_SECG_CHAR2_113R1, /* not supported */
+ ECCurve_SECG_CHAR2_113R2, /* not supported */
+ ECCurve_SECG_CHAR2_131R1, /* not supported */
+ ECCurve_SECG_CHAR2_131R2, /* not supported */
+ /* ECCurve_SECG_CHAR2_163K1 == ECCurve_NIST_K163 */
+ ECCurve_SECG_CHAR2_163R1, /* not supported */
+ /* ECCurve_SECG_CHAR2_163R2 == ECCurve_NIST_B163 */
+ ECCurve_SECG_CHAR2_193R1, /* not supported */
+ ECCurve_SECG_CHAR2_193R2, /* not supported */
+ /* ECCurve_SECG_CHAR2_233K1 == ECCurve_NIST_K233 */
+ /* ECCurve_SECG_CHAR2_233R1 == ECCurve_NIST_B233 */
+ ECCurve_SECG_CHAR2_239K1, /* not supported */
+ /* ECCurve_SECG_CHAR2_283K1 == ECCurve_NIST_K283 */
+ /* ECCurve_SECG_CHAR2_283R1 == ECCurve_NIST_B283 */
+ /* ECCurve_SECG_CHAR2_409K1 == ECCurve_NIST_K409 */
+ /* ECCurve_SECG_CHAR2_409R1 == ECCurve_NIST_B409 */
+ /* ECCurve_SECG_CHAR2_571K1 == ECCurve_NIST_K571 */
+ /* ECCurve_SECG_CHAR2_571R1 == ECCurve_NIST_B571 */
+
+ /* WTLS curves */
+ ECCurve_WTLS_1, /* not supported */
+ /* there is no WTLS 2 curve */
+ /* ECCurve_WTLS_3 == ECCurve_NIST_K163 */
+ /* ECCurve_WTLS_4 == ECCurve_SECG_CHAR2_113R1 */
+ /* ECCurve_WTLS_5 == ECCurve_X9_62_CHAR2_PNB163V1 */
+ /* ECCurve_WTLS_6 == ECCurve_SECG_PRIME_112R1 */
+ /* ECCurve_WTLS_7 == ECCurve_SECG_PRIME_160R1 */
+ ECCurve_WTLS_8, /* not supported */
+ ECCurve_WTLS_9, /* not supported */
+ /* ECCurve_WTLS_10 == ECCurve_NIST_K233 */
+ /* ECCurve_WTLS_11 == ECCurve_NIST_B233 */
+ /* ECCurve_WTLS_12 == ECCurve_NIST_P224 */
+
+ ECCurve25519,
+
+ ECCurve_pastLastCurve
+} ECCurveName;
+
+/* Aliased named curves */
+
+#define ECCurve_X9_62_PRIME_192V1 ECCurve_NIST_P192 /* not supported */
+#define ECCurve_X9_62_PRIME_256V1 ECCurve_NIST_P256
+#define ECCurve_SECG_PRIME_192R1 ECCurve_NIST_P192 /* not supported */
+#define ECCurve_SECG_PRIME_224R1 ECCurve_NIST_P224 /* not supported */
+#define ECCurve_SECG_PRIME_256R1 ECCurve_NIST_P256
+#define ECCurve_SECG_PRIME_384R1 ECCurve_NIST_P384
+#define ECCurve_SECG_PRIME_521R1 ECCurve_NIST_P521
+#define ECCurve_SECG_CHAR2_163K1 ECCurve_NIST_K163 /* not supported */
+#define ECCurve_SECG_CHAR2_163R2 ECCurve_NIST_B163 /* not supported */
+#define ECCurve_SECG_CHAR2_233K1 ECCurve_NIST_K233 /* not supported */
+#define ECCurve_SECG_CHAR2_233R1 ECCurve_NIST_B233 /* not supported */
+#define ECCurve_SECG_CHAR2_283K1 ECCurve_NIST_K283 /* not supported */
+#define ECCurve_SECG_CHAR2_283R1 ECCurve_NIST_B283 /* not supported */
+#define ECCurve_SECG_CHAR2_409K1 ECCurve_NIST_K409 /* not supported */
+#define ECCurve_SECG_CHAR2_409R1 ECCurve_NIST_B409 /* not supported */
+#define ECCurve_SECG_CHAR2_571K1 ECCurve_NIST_K571 /* not supported */
+#define ECCurve_SECG_CHAR2_571R1 ECCurve_NIST_B571 /* not supported */
+#define ECCurve_WTLS_3 ECCurve_NIST_K163 /* not supported */
+#define ECCurve_WTLS_4 ECCurve_SECG_CHAR2_113R1 /* not supported */
+#define ECCurve_WTLS_5 ECCurve_X9_62_CHAR2_PNB163V1 /* not supported */
+#define ECCurve_WTLS_6 ECCurve_SECG_PRIME_112R1 /* not supported */
+#define ECCurve_WTLS_7 ECCurve_SECG_PRIME_160R1 /* not supported */
+#define ECCurve_WTLS_10 ECCurve_NIST_K233 /* not supported */
+#define ECCurve_WTLS_11 ECCurve_NIST_B233 /* not supported */
+#define ECCurve_WTLS_12 ECCurve_NIST_P224 /* not supported */
+
+#endif /* __ecl_exp_h_ */
diff --git a/security/nss/lib/freebl/ecl/ecl-priv.h b/security/nss/lib/freebl/ecl/ecl-priv.h
new file mode 100644
index 000000000..f43f19327
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl-priv.h
@@ -0,0 +1,257 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ecl_priv_h_
+#define __ecl_priv_h_
+
+#include "ecl.h"
+#include "mpi.h"
+#include "mplogic.h"
+#include "../blapii.h"
+
+/* MAX_FIELD_SIZE_DIGITS is the maximum size of field element supported */
+/* the following needs to go away... */
+#if defined(MP_USE_LONG_LONG_DIGIT) || defined(MP_USE_LONG_DIGIT)
+#define ECL_SIXTY_FOUR_BIT
+#else
+#define ECL_THIRTY_TWO_BIT
+#endif
+
+#define ECL_CURVE_DIGITS(curve_size_in_bits) \
+ (((curve_size_in_bits) + (sizeof(mp_digit) * 8 - 1)) / (sizeof(mp_digit) * 8))
+#define ECL_BITS (sizeof(mp_digit) * 8)
+#define ECL_MAX_FIELD_SIZE_DIGITS (80 / sizeof(mp_digit))
+
+/* Gets the i'th bit in the binary representation of a. If i >= length(a),
+ * then return 0. (The above behaviour differs from mpl_get_bit, which
+ * causes an error if i >= length(a).) */
+#define MP_GET_BIT(a, i) \
+ ((i) >= mpl_significant_bits((a))) ? 0 : mpl_get_bit((a), (i))
+
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+#define MP_ADD_CARRY(a1, a2, s, carry) \
+ { \
+ mp_word w; \
+ w = ((mp_word)carry) + (a1) + (a2); \
+ s = ACCUM(w); \
+ carry = CARRYOUT(w); \
+ }
+
+#define MP_SUB_BORROW(a1, a2, s, borrow) \
+ { \
+ mp_word w; \
+ w = ((mp_word)(a1)) - (a2)-borrow; \
+ s = ACCUM(w); \
+ borrow = (w >> MP_DIGIT_BIT) & 1; \
+ }
+
+#else
+/* NOTE,
+ * carry and borrow are both read and written.
+ * a1 or a2 and s could be the same variable.
+ * don't trash those outputs until their respective inputs have
+ * been read. */
+#define MP_ADD_CARRY(a1, a2, s, carry) \
+ { \
+ mp_digit tmp, sum; \
+ tmp = (a1); \
+ sum = tmp + (a2); \
+ tmp = (sum < tmp); /* detect overflow */ \
+ s = sum += carry; \
+ carry = tmp + (sum < carry); \
+ }
+
+#define MP_SUB_BORROW(a1, a2, s, borrow) \
+ { \
+ mp_digit tmp; \
+ tmp = (a1); \
+ s = tmp - (a2); \
+ tmp = (s > tmp); /* detect borrow */ \
+ if (borrow && !s--) \
+ tmp++; \
+ borrow = tmp; \
+ }
+#endif
+
+struct GFMethodStr;
+typedef struct GFMethodStr GFMethod;
+struct GFMethodStr {
+ /* Indicates whether the structure was constructed from dynamic memory
+ * or statically created. */
+ int constructed;
+ /* Irreducible that defines the field. For prime fields, this is the
+ * prime p. For binary polynomial fields, this is the bitstring
+ * representation of the irreducible polynomial. */
+ mp_int irr;
+ /* For prime fields, the value irr_arr[0] is the number of bits in the
+ * field. For binary polynomial fields, the irreducible polynomial
+ * f(t) is represented as an array of unsigned int[], where f(t) is
+ * of the form: f(t) = t^p[0] + t^p[1] + ... + t^p[4] where m = p[0]
+ * > p[1] > ... > p[4] = 0. */
+ unsigned int irr_arr[5];
+ /* Field arithmetic methods. All methods (except field_enc and
+ * field_dec) are assumed to take field-encoded parameters and return
+ * field-encoded values. All methods (except field_enc and field_dec)
+ * are required to be implemented. */
+ mp_err (*field_add)(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+ mp_err (*field_neg)(const mp_int *a, mp_int *r, const GFMethod *meth);
+ mp_err (*field_sub)(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+ mp_err (*field_mod)(const mp_int *a, mp_int *r, const GFMethod *meth);
+ mp_err (*field_mul)(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+ mp_err (*field_sqr)(const mp_int *a, mp_int *r, const GFMethod *meth);
+ mp_err (*field_div)(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+ mp_err (*field_enc)(const mp_int *a, mp_int *r, const GFMethod *meth);
+ mp_err (*field_dec)(const mp_int *a, mp_int *r, const GFMethod *meth);
+ /* Extra storage for implementation-specific data. Any memory
+ * allocated to these extra fields will be cleared by extra_free. */
+ void *extra1;
+ void *extra2;
+ void (*extra_free)(GFMethod *meth);
+};
+
+/* Construct generic GFMethods. */
+GFMethod *GFMethod_consGFp(const mp_int *irr);
+GFMethod *GFMethod_consGFp_mont(const mp_int *irr);
+
+/* Free the memory allocated (if any) to a GFMethod object. */
+void GFMethod_free(GFMethod *meth);
+
+struct ECGroupStr {
+ /* Indicates whether the structure was constructed from dynamic memory
+ * or statically created. */
+ int constructed;
+ /* Field definition and arithmetic. */
+ GFMethod *meth;
+ /* Textual representation of curve name, if any. */
+ char *text;
+ /* Curve parameters, field-encoded. */
+ mp_int curvea, curveb;
+ /* x and y coordinates of the base point, field-encoded. */
+ mp_int genx, geny;
+ /* Order and cofactor of the base point. */
+ mp_int order;
+ int cofactor;
+ /* Point arithmetic methods. All methods are assumed to take
+ * field-encoded parameters and return field-encoded values. All
+ * methods (except base_point_mul and points_mul) are required to be
+ * implemented. */
+ mp_err (*point_add)(const mp_int *px, const mp_int *py,
+ const mp_int *qx, const mp_int *qy, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+ mp_err (*point_sub)(const mp_int *px, const mp_int *py,
+ const mp_int *qx, const mp_int *qy, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+ mp_err (*point_dbl)(const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+ mp_err (*point_mul)(const mp_int *n, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group);
+ mp_err (*base_point_mul)(const mp_int *n, mp_int *rx, mp_int *ry,
+ const ECGroup *group);
+ mp_err (*points_mul)(const mp_int *k1, const mp_int *k2,
+ const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+ mp_err (*validate_point)(const mp_int *px, const mp_int *py, const ECGroup *group);
+ /* Extra storage for implementation-specific data. Any memory
+ * allocated to these extra fields will be cleared by extra_free. */
+ void *extra1;
+ void *extra2;
+ void (*extra_free)(ECGroup *group);
+};
+
+/* Wrapper functions for generic prime field arithmetic. */
+mp_err ec_GFp_add(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_neg(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GFp_sub(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+
+/* fixed length in-line adds. Count is in words */
+mp_err ec_GFp_add_3(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_add_4(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_add_5(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_add_6(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_sub_3(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_sub_4(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_sub_5(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_sub_6(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+
+mp_err ec_GFp_mod(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GFp_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_sqr(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GFp_div(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+/* Wrapper functions for generic binary polynomial field arithmetic. */
+mp_err ec_GF2m_add(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GF2m_neg(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GF2m_mod(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GF2m_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GF2m_sqr(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GF2m_div(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+
+/* Montgomery prime field arithmetic. */
+mp_err ec_GFp_mul_mont(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_sqr_mont(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GFp_div_mont(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth);
+mp_err ec_GFp_enc_mont(const mp_int *a, mp_int *r, const GFMethod *meth);
+mp_err ec_GFp_dec_mont(const mp_int *a, mp_int *r, const GFMethod *meth);
+void ec_GFp_extra_free_mont(GFMethod *meth);
+
+/* point multiplication */
+mp_err ec_pts_mul_basic(const mp_int *k1, const mp_int *k2,
+ const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+mp_err ec_pts_mul_simul_w2(const mp_int *k1, const mp_int *k2,
+ const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+
+/* Computes the windowed non-adjacent-form (NAF) of a scalar. Out should
+ * be an array of signed char's to output to, bitsize should be the number
+ * of bits of out, in is the original scalar, and w is the window size.
+ * NAF is discussed in the paper: D. Hankerson, J. Hernandez and A.
+ * Menezes, "Software implementation of elliptic curve cryptography over
+ * binary fields", Proc. CHES 2000. */
+mp_err ec_compute_wNAF(signed char *out, int bitsize, const mp_int *in,
+ int w);
+
+/* Optimized field arithmetic */
+mp_err ec_group_set_gfp192(ECGroup *group, ECCurveName);
+mp_err ec_group_set_gfp224(ECGroup *group, ECCurveName);
+mp_err ec_group_set_gfp256(ECGroup *group, ECCurveName);
+mp_err ec_group_set_gfp384(ECGroup *group, ECCurveName);
+mp_err ec_group_set_gfp521(ECGroup *group, ECCurveName);
+mp_err ec_group_set_gf2m163(ECGroup *group, ECCurveName name);
+mp_err ec_group_set_gf2m193(ECGroup *group, ECCurveName name);
+mp_err ec_group_set_gf2m233(ECGroup *group, ECCurveName name);
+
+/* Optimized point multiplication */
+mp_err ec_group_set_gfp256_32(ECGroup *group, ECCurveName name);
+
+/* Optimized floating-point arithmetic */
+#ifdef ECL_USE_FP
+mp_err ec_group_set_secp160r1_fp(ECGroup *group);
+mp_err ec_group_set_nistp192_fp(ECGroup *group);
+mp_err ec_group_set_nistp224_fp(ECGroup *group);
+#endif
+
+SECStatus ec_Curve25519_mul(PRUint8 *q, const PRUint8 *s, const PRUint8 *p);
+#endif /* __ecl_priv_h_ */
diff --git a/security/nss/lib/freebl/ecl/ecl.c b/security/nss/lib/freebl/ecl/ecl.c
new file mode 100644
index 000000000..3540af781
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl.c
@@ -0,0 +1,301 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+#include "mplogic.h"
+#include "ecl.h"
+#include "ecl-priv.h"
+#include "ecp.h"
+#include <stdlib.h>
+#include <string.h>
+
+/* Allocate memory for a new ECGroup object. */
+ECGroup *
+ECGroup_new()
+{
+ mp_err res = MP_OKAY;
+ ECGroup *group;
+ group = (ECGroup *)malloc(sizeof(ECGroup));
+ if (group == NULL)
+ return NULL;
+ group->constructed = MP_YES;
+ group->meth = NULL;
+ group->text = NULL;
+ MP_DIGITS(&group->curvea) = 0;
+ MP_DIGITS(&group->curveb) = 0;
+ MP_DIGITS(&group->genx) = 0;
+ MP_DIGITS(&group->geny) = 0;
+ MP_DIGITS(&group->order) = 0;
+ group->base_point_mul = NULL;
+ group->points_mul = NULL;
+ group->validate_point = NULL;
+ group->extra1 = NULL;
+ group->extra2 = NULL;
+ group->extra_free = NULL;
+ MP_CHECKOK(mp_init(&group->curvea));
+ MP_CHECKOK(mp_init(&group->curveb));
+ MP_CHECKOK(mp_init(&group->genx));
+ MP_CHECKOK(mp_init(&group->geny));
+ MP_CHECKOK(mp_init(&group->order));
+
+CLEANUP:
+ if (res != MP_OKAY) {
+ ECGroup_free(group);
+ return NULL;
+ }
+ return group;
+}
+
+/* Construct a generic ECGroup for elliptic curves over prime fields. */
+ECGroup *
+ECGroup_consGFp(const mp_int *irr, const mp_int *curvea,
+ const mp_int *curveb, const mp_int *genx,
+ const mp_int *geny, const mp_int *order, int cofactor)
+{
+ mp_err res = MP_OKAY;
+ ECGroup *group = NULL;
+
+ group = ECGroup_new();
+ if (group == NULL)
+ return NULL;
+
+ group->meth = GFMethod_consGFp(irr);
+ if (group->meth == NULL) {
+ res = MP_MEM;
+ goto CLEANUP;
+ }
+ MP_CHECKOK(mp_copy(curvea, &group->curvea));
+ MP_CHECKOK(mp_copy(curveb, &group->curveb));
+ MP_CHECKOK(mp_copy(genx, &group->genx));
+ MP_CHECKOK(mp_copy(geny, &group->geny));
+ MP_CHECKOK(mp_copy(order, &group->order));
+ group->cofactor = cofactor;
+ group->point_add = &ec_GFp_pt_add_aff;
+ group->point_sub = &ec_GFp_pt_sub_aff;
+ group->point_dbl = &ec_GFp_pt_dbl_aff;
+ group->point_mul = &ec_GFp_pt_mul_jm_wNAF;
+ group->base_point_mul = NULL;
+ group->points_mul = &ec_GFp_pts_mul_jac;
+ group->validate_point = &ec_GFp_validate_point;
+
+CLEANUP:
+ if (res != MP_OKAY) {
+ ECGroup_free(group);
+ return NULL;
+ }
+ return group;
+}
+
+/* Construct a generic ECGroup for elliptic curves over prime fields with
+ * field arithmetic implemented in Montgomery coordinates. */
+ECGroup *
+ECGroup_consGFp_mont(const mp_int *irr, const mp_int *curvea,
+ const mp_int *curveb, const mp_int *genx,
+ const mp_int *geny, const mp_int *order, int cofactor)
+{
+ mp_err res = MP_OKAY;
+ ECGroup *group = NULL;
+
+ group = ECGroup_new();
+ if (group == NULL)
+ return NULL;
+
+ group->meth = GFMethod_consGFp_mont(irr);
+ if (group->meth == NULL) {
+ res = MP_MEM;
+ goto CLEANUP;
+ }
+ MP_CHECKOK(group->meth->field_enc(curvea, &group->curvea, group->meth));
+ MP_CHECKOK(group->meth->field_enc(curveb, &group->curveb, group->meth));
+ MP_CHECKOK(group->meth->field_enc(genx, &group->genx, group->meth));
+ MP_CHECKOK(group->meth->field_enc(geny, &group->geny, group->meth));
+ MP_CHECKOK(mp_copy(order, &group->order));
+ group->cofactor = cofactor;
+ group->point_add = &ec_GFp_pt_add_aff;
+ group->point_sub = &ec_GFp_pt_sub_aff;
+ group->point_dbl = &ec_GFp_pt_dbl_aff;
+ group->point_mul = &ec_GFp_pt_mul_jm_wNAF;
+ group->base_point_mul = NULL;
+ group->points_mul = &ec_GFp_pts_mul_jac;
+ group->validate_point = &ec_GFp_validate_point;
+
+CLEANUP:
+ if (res != MP_OKAY) {
+ ECGroup_free(group);
+ return NULL;
+ }
+ return group;
+}
+
+/* Construct ECGroup from hex parameters and name, if any. Called by
+ * ECGroup_fromHex and ECGroup_fromName. */
+ECGroup *
+ecgroup_fromNameAndHex(const ECCurveName name,
+ const ECCurveParams *params)
+{
+ mp_int irr, curvea, curveb, genx, geny, order;
+ int bits;
+ ECGroup *group = NULL;
+ mp_err res = MP_OKAY;
+
+ /* initialize values */
+ MP_DIGITS(&irr) = 0;
+ MP_DIGITS(&curvea) = 0;
+ MP_DIGITS(&curveb) = 0;
+ MP_DIGITS(&genx) = 0;
+ MP_DIGITS(&geny) = 0;
+ MP_DIGITS(&order) = 0;
+ MP_CHECKOK(mp_init(&irr));
+ MP_CHECKOK(mp_init(&curvea));
+ MP_CHECKOK(mp_init(&curveb));
+ MP_CHECKOK(mp_init(&genx));
+ MP_CHECKOK(mp_init(&geny));
+ MP_CHECKOK(mp_init(&order));
+ MP_CHECKOK(mp_read_radix(&irr, params->irr, 16));
+ MP_CHECKOK(mp_read_radix(&curvea, params->curvea, 16));
+ MP_CHECKOK(mp_read_radix(&curveb, params->curveb, 16));
+ MP_CHECKOK(mp_read_radix(&genx, params->genx, 16));
+ MP_CHECKOK(mp_read_radix(&geny, params->geny, 16));
+ MP_CHECKOK(mp_read_radix(&order, params->order, 16));
+
+ /* determine number of bits */
+ bits = mpl_significant_bits(&irr) - 1;
+ if (bits < MP_OKAY) {
+ res = bits;
+ goto CLEANUP;
+ }
+
+ /* determine which optimizations (if any) to use */
+ if (params->field == ECField_GFp) {
+ switch (name) {
+ case ECCurve_SECG_PRIME_256R1:
+ group =
+ ECGroup_consGFp(&irr, &curvea, &curveb, &genx, &geny,
+ &order, params->cofactor);
+ if (group == NULL) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+ MP_CHECKOK(ec_group_set_gfp256(group, name));
+ MP_CHECKOK(ec_group_set_gfp256_32(group, name));
+ break;
+ case ECCurve_SECG_PRIME_521R1:
+ group =
+ ECGroup_consGFp(&irr, &curvea, &curveb, &genx, &geny,
+ &order, params->cofactor);
+ if (group == NULL) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+ MP_CHECKOK(ec_group_set_gfp521(group, name));
+ break;
+ default:
+ /* use generic arithmetic */
+ group =
+ ECGroup_consGFp_mont(&irr, &curvea, &curveb, &genx, &geny,
+ &order, params->cofactor);
+ if (group == NULL) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+ }
+ } else {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+
+ /* set name, if any */
+ if ((group != NULL) && (params->text != NULL)) {
+ group->text = strdup(params->text);
+ if (group->text == NULL) {
+ res = MP_MEM;
+ }
+ }
+
+CLEANUP:
+ mp_clear(&irr);
+ mp_clear(&curvea);
+ mp_clear(&curveb);
+ mp_clear(&genx);
+ mp_clear(&geny);
+ mp_clear(&order);
+ if (res != MP_OKAY) {
+ ECGroup_free(group);
+ return NULL;
+ }
+ return group;
+}
+
+/* Construct ECGroup from hexadecimal representations of parameters. */
+ECGroup *
+ECGroup_fromHex(const ECCurveParams *params)
+{
+ return ecgroup_fromNameAndHex(ECCurve_noName, params);
+}
+
+/* Construct ECGroup from named parameters. */
+ECGroup *
+ECGroup_fromName(const ECCurveName name)
+{
+ ECGroup *group = NULL;
+ ECCurveParams *params = NULL;
+ mp_err res = MP_OKAY;
+
+ params = EC_GetNamedCurveParams(name);
+ if (params == NULL) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+
+ /* construct actual group */
+ group = ecgroup_fromNameAndHex(name, params);
+ if (group == NULL) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+
+CLEANUP:
+ EC_FreeCurveParams(params);
+ if (res != MP_OKAY) {
+ ECGroup_free(group);
+ return NULL;
+ }
+ return group;
+}
+
+/* Validates an EC public key as described in Section 5.2.2 of X9.62. */
+mp_err
+ECPoint_validate(const ECGroup *group, const mp_int *px, const mp_int *py)
+{
+ /* 1: Verify that publicValue is not the point at infinity */
+ /* 2: Verify that the coordinates of publicValue are elements
+ * of the field.
+ */
+ /* 3: Verify that publicValue is on the curve. */
+ /* 4: Verify that the order of the curve times the publicValue
+ * is the point at infinity.
+ */
+ return group->validate_point(px, py, group);
+}
+
+/* Free the memory allocated (if any) to an ECGroup object. */
+void
+ECGroup_free(ECGroup *group)
+{
+ if (group == NULL)
+ return;
+ GFMethod_free(group->meth);
+ if (group->constructed == MP_NO)
+ return;
+ mp_clear(&group->curvea);
+ mp_clear(&group->curveb);
+ mp_clear(&group->genx);
+ mp_clear(&group->geny);
+ mp_clear(&group->order);
+ if (group->text != NULL)
+ free(group->text);
+ if (group->extra_free != NULL)
+ group->extra_free(group);
+ free(group);
+}
diff --git a/security/nss/lib/freebl/ecl/ecl.h b/security/nss/lib/freebl/ecl/ecl.h
new file mode 100644
index 000000000..ddcbb1f3a
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl.h
@@ -0,0 +1,60 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Although this is not an exported header file, code which uses elliptic
+ * curve point operations will need to include it. */
+
+#ifndef __ecl_h_
+#define __ecl_h_
+
+#include "blapi.h"
+#include "ecl-exp.h"
+#include "mpi.h"
+
+struct ECGroupStr;
+typedef struct ECGroupStr ECGroup;
+
+/* Construct ECGroup from hexadecimal representations of parameters. */
+ECGroup *ECGroup_fromHex(const ECCurveParams *params);
+
+/* Construct ECGroup from named parameters. */
+ECGroup *ECGroup_fromName(const ECCurveName name);
+
+/* Free an allocated ECGroup. */
+void ECGroup_free(ECGroup *group);
+
+/* Construct ECCurveParams from an ECCurveName */
+ECCurveParams *EC_GetNamedCurveParams(const ECCurveName name);
+
+/* Duplicates an ECCurveParams */
+ECCurveParams *ECCurveParams_dup(const ECCurveParams *params);
+
+/* Free an allocated ECCurveParams */
+void EC_FreeCurveParams(ECCurveParams *params);
+
+/* Elliptic curve scalar-point multiplication. Computes Q(x, y) = k * P(x,
+ * y). If x, y = NULL, then P is assumed to be the generator (base point)
+ * of the group of points on the elliptic curve. Input and output values
+ * are assumed to be NOT field-encoded. */
+mp_err ECPoint_mul(const ECGroup *group, const mp_int *k, const mp_int *px,
+ const mp_int *py, mp_int *qx, mp_int *qy);
+
+/* Elliptic curve scalar-point multiplication. Computes Q(x, y) = k1 * G +
+ * k2 * P(x, y), where G is the generator (base point) of the group of
+ * points on the elliptic curve. Input and output values are assumed to
+ * be NOT field-encoded. */
+mp_err ECPoints_mul(const ECGroup *group, const mp_int *k1,
+ const mp_int *k2, const mp_int *px, const mp_int *py,
+ mp_int *qx, mp_int *qy);
+
+/* Validates an EC public key as described in Section 5.2.2 of X9.62.
+ * Returns MP_YES if the public key is valid, MP_NO if the public key
+ * is invalid, or an error code if the validation could not be
+ * performed. */
+mp_err ECPoint_validate(const ECGroup *group, const mp_int *px, const mp_int *py);
+
+SECStatus ec_Curve25519_pt_mul(SECItem *X, SECItem *k, SECItem *P);
+SECStatus ec_Curve25519_pt_validate(const SECItem *px);
+
+#endif /* __ecl_h_ */
diff --git a/security/nss/lib/freebl/ecl/ecl_curve.c b/security/nss/lib/freebl/ecl/ecl_curve.c
new file mode 100644
index 000000000..cf090cfc3
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl_curve.c
@@ -0,0 +1,93 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecl.h"
+#include "ecl-curve.h"
+#include "ecl-priv.h"
+#include <stdlib.h>
+#include <string.h>
+
+#define CHECK(func) \
+ if ((func) == NULL) { \
+ res = 0; \
+ goto CLEANUP; \
+ }
+
+/* Duplicates an ECCurveParams */
+ECCurveParams *
+ECCurveParams_dup(const ECCurveParams *params)
+{
+ int res = 1;
+ ECCurveParams *ret = NULL;
+
+ CHECK(ret = (ECCurveParams *)calloc(1, sizeof(ECCurveParams)));
+ if (params->text != NULL) {
+ CHECK(ret->text = strdup(params->text));
+ }
+ ret->field = params->field;
+ ret->size = params->size;
+ if (params->irr != NULL) {
+ CHECK(ret->irr = strdup(params->irr));
+ }
+ if (params->curvea != NULL) {
+ CHECK(ret->curvea = strdup(params->curvea));
+ }
+ if (params->curveb != NULL) {
+ CHECK(ret->curveb = strdup(params->curveb));
+ }
+ if (params->genx != NULL) {
+ CHECK(ret->genx = strdup(params->genx));
+ }
+ if (params->geny != NULL) {
+ CHECK(ret->geny = strdup(params->geny));
+ }
+ if (params->order != NULL) {
+ CHECK(ret->order = strdup(params->order));
+ }
+ ret->cofactor = params->cofactor;
+
+CLEANUP:
+ if (res != 1) {
+ EC_FreeCurveParams(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+#undef CHECK
+
+/* Construct ECCurveParams from an ECCurveName */
+ECCurveParams *
+EC_GetNamedCurveParams(const ECCurveName name)
+{
+ if ((name <= ECCurve_noName) || (ECCurve_pastLastCurve <= name) ||
+ (ecCurve_map[name] == NULL)) {
+ return NULL;
+ } else {
+ return ECCurveParams_dup(ecCurve_map[name]);
+ }
+}
+
+/* Free the memory allocated (if any) to an ECCurveParams object. */
+void
+EC_FreeCurveParams(ECCurveParams *params)
+{
+ if (params == NULL)
+ return;
+ if (params->text != NULL)
+ free(params->text);
+ if (params->irr != NULL)
+ free(params->irr);
+ if (params->curvea != NULL)
+ free(params->curvea);
+ if (params->curveb != NULL)
+ free(params->curveb);
+ if (params->genx != NULL)
+ free(params->genx);
+ if (params->geny != NULL)
+ free(params->geny);
+ if (params->order != NULL)
+ free(params->order);
+ free(params);
+}
diff --git a/security/nss/lib/freebl/ecl/ecl_gf.c b/security/nss/lib/freebl/ecl/ecl_gf.c
new file mode 100644
index 000000000..81b007705
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl_gf.c
@@ -0,0 +1,958 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+#include "mp_gf2m.h"
+#include "ecl-priv.h"
+#include "mpi-priv.h"
+#include <stdlib.h>
+
+/* Allocate memory for a new GFMethod object. */
+GFMethod *
+GFMethod_new()
+{
+ mp_err res = MP_OKAY;
+ GFMethod *meth;
+ meth = (GFMethod *)malloc(sizeof(GFMethod));
+ if (meth == NULL)
+ return NULL;
+ meth->constructed = MP_YES;
+ MP_DIGITS(&meth->irr) = 0;
+ meth->extra_free = NULL;
+ MP_CHECKOK(mp_init(&meth->irr));
+
+CLEANUP:
+ if (res != MP_OKAY) {
+ GFMethod_free(meth);
+ return NULL;
+ }
+ return meth;
+}
+
+/* Construct a generic GFMethod for arithmetic over prime fields with
+ * irreducible irr. */
+GFMethod *
+GFMethod_consGFp(const mp_int *irr)
+{
+ mp_err res = MP_OKAY;
+ GFMethod *meth = NULL;
+
+ meth = GFMethod_new();
+ if (meth == NULL)
+ return NULL;
+
+ MP_CHECKOK(mp_copy(irr, &meth->irr));
+ meth->irr_arr[0] = mpl_significant_bits(irr);
+ meth->irr_arr[1] = meth->irr_arr[2] = meth->irr_arr[3] =
+ meth->irr_arr[4] = 0;
+ switch (MP_USED(&meth->irr)) {
+ /* maybe we need 1 and 2 words here as well?*/
+ case 3:
+ meth->field_add = &ec_GFp_add_3;
+ meth->field_sub = &ec_GFp_sub_3;
+ break;
+ case 4:
+ meth->field_add = &ec_GFp_add_4;
+ meth->field_sub = &ec_GFp_sub_4;
+ break;
+ case 5:
+ meth->field_add = &ec_GFp_add_5;
+ meth->field_sub = &ec_GFp_sub_5;
+ break;
+ case 6:
+ meth->field_add = &ec_GFp_add_6;
+ meth->field_sub = &ec_GFp_sub_6;
+ break;
+ default:
+ meth->field_add = &ec_GFp_add;
+ meth->field_sub = &ec_GFp_sub;
+ }
+ meth->field_neg = &ec_GFp_neg;
+ meth->field_mod = &ec_GFp_mod;
+ meth->field_mul = &ec_GFp_mul;
+ meth->field_sqr = &ec_GFp_sqr;
+ meth->field_div = &ec_GFp_div;
+ meth->field_enc = NULL;
+ meth->field_dec = NULL;
+ meth->extra1 = NULL;
+ meth->extra2 = NULL;
+ meth->extra_free = NULL;
+
+CLEANUP:
+ if (res != MP_OKAY) {
+ GFMethod_free(meth);
+ return NULL;
+ }
+ return meth;
+}
+
+/* Free the memory allocated (if any) to a GFMethod object. */
+void
+GFMethod_free(GFMethod *meth)
+{
+ if (meth == NULL)
+ return;
+ if (meth->constructed == MP_NO)
+ return;
+ mp_clear(&meth->irr);
+ if (meth->extra_free != NULL)
+ meth->extra_free(meth);
+ free(meth);
+}
+
+/* Wrapper functions for generic prime field arithmetic. */
+
+/* Add two field elements. Assumes that 0 <= a, b < meth->irr */
+mp_err
+ec_GFp_add(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ /* PRE: 0 <= a, b < p = meth->irr POST: 0 <= r < p, r = a + b (mod p) */
+ mp_err res;
+
+ if ((res = mp_add(a, b, r)) != MP_OKAY) {
+ return res;
+ }
+ if (mp_cmp(r, &meth->irr) >= 0) {
+ return mp_sub(r, &meth->irr, r);
+ }
+ return res;
+}
+
+/* Negates a field element. Assumes that 0 <= a < meth->irr */
+mp_err
+ec_GFp_neg(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ /* PRE: 0 <= a < p = meth->irr POST: 0 <= r < p, r = -a (mod p) */
+
+ if (mp_cmp_z(a) == 0) {
+ mp_zero(r);
+ return MP_OKAY;
+ }
+ return mp_sub(&meth->irr, a, r);
+}
+
+/* Subtracts two field elements. Assumes that 0 <= a, b < meth->irr */
+mp_err
+ec_GFp_sub(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ /* PRE: 0 <= a, b < p = meth->irr POST: 0 <= r < p, r = a - b (mod p) */
+ res = mp_sub(a, b, r);
+ if (res == MP_RANGE) {
+ MP_CHECKOK(mp_sub(b, a, r));
+ if (mp_cmp_z(r) < 0) {
+ MP_CHECKOK(mp_add(r, &meth->irr, r));
+ }
+ MP_CHECKOK(ec_GFp_neg(r, r, meth));
+ }
+ if (mp_cmp_z(r) < 0) {
+ MP_CHECKOK(mp_add(r, &meth->irr, r));
+ }
+CLEANUP:
+ return res;
+}
+/*
+ * Inline adds for small curve lengths.
+ */
+/* 3 words */
+mp_err
+ec_GFp_add_3(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit a0 = 0, a1 = 0, a2 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0;
+ mp_digit carry;
+
+ switch (MP_USED(a)) {
+ case 3:
+ a2 = MP_DIGIT(a, 2);
+ case 2:
+ a1 = MP_DIGIT(a, 1);
+ case 1:
+ a0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 3:
+ r2 = MP_DIGIT(b, 2);
+ case 2:
+ r1 = MP_DIGIT(b, 1);
+ case 1:
+ r0 = MP_DIGIT(b, 0);
+ }
+
+#ifndef MPI_AMD64_ADD
+ carry = 0;
+ MP_ADD_CARRY(a0, r0, r0, carry);
+ MP_ADD_CARRY(a1, r1, r1, carry);
+ MP_ADD_CARRY(a2, r2, r2, carry);
+#else
+ __asm__(
+ "xorq %3,%3 \n\t"
+ "addq %4,%0 \n\t"
+ "adcq %5,%1 \n\t"
+ "adcq %6,%2 \n\t"
+ "adcq $0,%3 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2), "=r"(carry)
+ : "r"(a0), "r"(a1), "r"(a2),
+ "0"(r0), "1"(r1), "2"(r2)
+ : "%cc");
+#endif
+
+ MP_CHECKOK(s_mp_pad(r, 3));
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 3;
+
+ /* Do quick 'subract' if we've gone over
+ * (add the 2's complement of the curve field) */
+ a2 = MP_DIGIT(&meth->irr, 2);
+ if (carry || r2 > a2 ||
+ ((r2 == a2) && mp_cmp(r, &meth->irr) != MP_LT)) {
+ a1 = MP_DIGIT(&meth->irr, 1);
+ a0 = MP_DIGIT(&meth->irr, 0);
+#ifndef MPI_AMD64_ADD
+ carry = 0;
+ MP_SUB_BORROW(r0, a0, r0, carry);
+ MP_SUB_BORROW(r1, a1, r1, carry);
+ MP_SUB_BORROW(r2, a2, r2, carry);
+#else
+ __asm__(
+ "subq %3,%0 \n\t"
+ "sbbq %4,%1 \n\t"
+ "sbbq %5,%2 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2)
+ : "r"(a0), "r"(a1), "r"(a2),
+ "0"(r0), "1"(r1), "2"(r2)
+ : "%cc");
+#endif
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ }
+
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* 4 words */
+mp_err
+ec_GFp_add_4(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit a0 = 0, a1 = 0, a2 = 0, a3 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0, r3 = 0;
+ mp_digit carry;
+
+ switch (MP_USED(a)) {
+ case 4:
+ a3 = MP_DIGIT(a, 3);
+ case 3:
+ a2 = MP_DIGIT(a, 2);
+ case 2:
+ a1 = MP_DIGIT(a, 1);
+ case 1:
+ a0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 4:
+ r3 = MP_DIGIT(b, 3);
+ case 3:
+ r2 = MP_DIGIT(b, 2);
+ case 2:
+ r1 = MP_DIGIT(b, 1);
+ case 1:
+ r0 = MP_DIGIT(b, 0);
+ }
+
+#ifndef MPI_AMD64_ADD
+ carry = 0;
+ MP_ADD_CARRY(a0, r0, r0, carry);
+ MP_ADD_CARRY(a1, r1, r1, carry);
+ MP_ADD_CARRY(a2, r2, r2, carry);
+ MP_ADD_CARRY(a3, r3, r3, carry);
+#else
+ __asm__(
+ "xorq %4,%4 \n\t"
+ "addq %5,%0 \n\t"
+ "adcq %6,%1 \n\t"
+ "adcq %7,%2 \n\t"
+ "adcq %8,%3 \n\t"
+ "adcq $0,%4 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2), "=r"(r3), "=r"(carry)
+ : "r"(a0), "r"(a1), "r"(a2), "r"(a3),
+ "0"(r0), "1"(r1), "2"(r2), "3"(r3)
+ : "%cc");
+#endif
+
+ MP_CHECKOK(s_mp_pad(r, 4));
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 4;
+
+ /* Do quick 'subract' if we've gone over
+ * (add the 2's complement of the curve field) */
+ a3 = MP_DIGIT(&meth->irr, 3);
+ if (carry || r3 > a3 ||
+ ((r3 == a3) && mp_cmp(r, &meth->irr) != MP_LT)) {
+ a2 = MP_DIGIT(&meth->irr, 2);
+ a1 = MP_DIGIT(&meth->irr, 1);
+ a0 = MP_DIGIT(&meth->irr, 0);
+#ifndef MPI_AMD64_ADD
+ carry = 0;
+ MP_SUB_BORROW(r0, a0, r0, carry);
+ MP_SUB_BORROW(r1, a1, r1, carry);
+ MP_SUB_BORROW(r2, a2, r2, carry);
+ MP_SUB_BORROW(r3, a3, r3, carry);
+#else
+ __asm__(
+ "subq %4,%0 \n\t"
+ "sbbq %5,%1 \n\t"
+ "sbbq %6,%2 \n\t"
+ "sbbq %7,%3 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2), "=r"(r3)
+ : "r"(a0), "r"(a1), "r"(a2), "r"(a3),
+ "0"(r0), "1"(r1), "2"(r2), "3"(r3)
+ : "%cc");
+#endif
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ }
+
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* 5 words */
+mp_err
+ec_GFp_add_5(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit a0 = 0, a1 = 0, a2 = 0, a3 = 0, a4 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0;
+ mp_digit carry;
+
+ switch (MP_USED(a)) {
+ case 5:
+ a4 = MP_DIGIT(a, 4);
+ case 4:
+ a3 = MP_DIGIT(a, 3);
+ case 3:
+ a2 = MP_DIGIT(a, 2);
+ case 2:
+ a1 = MP_DIGIT(a, 1);
+ case 1:
+ a0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 5:
+ r4 = MP_DIGIT(b, 4);
+ case 4:
+ r3 = MP_DIGIT(b, 3);
+ case 3:
+ r2 = MP_DIGIT(b, 2);
+ case 2:
+ r1 = MP_DIGIT(b, 1);
+ case 1:
+ r0 = MP_DIGIT(b, 0);
+ }
+
+ carry = 0;
+ MP_ADD_CARRY(a0, r0, r0, carry);
+ MP_ADD_CARRY(a1, r1, r1, carry);
+ MP_ADD_CARRY(a2, r2, r2, carry);
+ MP_ADD_CARRY(a3, r3, r3, carry);
+ MP_ADD_CARRY(a4, r4, r4, carry);
+
+ MP_CHECKOK(s_mp_pad(r, 5));
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 5;
+
+ /* Do quick 'subract' if we've gone over
+ * (add the 2's complement of the curve field) */
+ a4 = MP_DIGIT(&meth->irr, 4);
+ if (carry || r4 > a4 ||
+ ((r4 == a4) && mp_cmp(r, &meth->irr) != MP_LT)) {
+ a3 = MP_DIGIT(&meth->irr, 3);
+ a2 = MP_DIGIT(&meth->irr, 2);
+ a1 = MP_DIGIT(&meth->irr, 1);
+ a0 = MP_DIGIT(&meth->irr, 0);
+ carry = 0;
+ MP_SUB_BORROW(r0, a0, r0, carry);
+ MP_SUB_BORROW(r1, a1, r1, carry);
+ MP_SUB_BORROW(r2, a2, r2, carry);
+ MP_SUB_BORROW(r3, a3, r3, carry);
+ MP_SUB_BORROW(r4, a4, r4, carry);
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ }
+
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* 6 words */
+mp_err
+ec_GFp_add_6(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit a0 = 0, a1 = 0, a2 = 0, a3 = 0, a4 = 0, a5 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0, r5 = 0;
+ mp_digit carry;
+
+ switch (MP_USED(a)) {
+ case 6:
+ a5 = MP_DIGIT(a, 5);
+ case 5:
+ a4 = MP_DIGIT(a, 4);
+ case 4:
+ a3 = MP_DIGIT(a, 3);
+ case 3:
+ a2 = MP_DIGIT(a, 2);
+ case 2:
+ a1 = MP_DIGIT(a, 1);
+ case 1:
+ a0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 6:
+ r5 = MP_DIGIT(b, 5);
+ case 5:
+ r4 = MP_DIGIT(b, 4);
+ case 4:
+ r3 = MP_DIGIT(b, 3);
+ case 3:
+ r2 = MP_DIGIT(b, 2);
+ case 2:
+ r1 = MP_DIGIT(b, 1);
+ case 1:
+ r0 = MP_DIGIT(b, 0);
+ }
+
+ carry = 0;
+ MP_ADD_CARRY(a0, r0, r0, carry);
+ MP_ADD_CARRY(a1, r1, r1, carry);
+ MP_ADD_CARRY(a2, r2, r2, carry);
+ MP_ADD_CARRY(a3, r3, r3, carry);
+ MP_ADD_CARRY(a4, r4, r4, carry);
+ MP_ADD_CARRY(a5, r5, r5, carry);
+
+ MP_CHECKOK(s_mp_pad(r, 6));
+ MP_DIGIT(r, 5) = r5;
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 6;
+
+ /* Do quick 'subract' if we've gone over
+ * (add the 2's complement of the curve field) */
+ a5 = MP_DIGIT(&meth->irr, 5);
+ if (carry || r5 > a5 ||
+ ((r5 == a5) && mp_cmp(r, &meth->irr) != MP_LT)) {
+ a4 = MP_DIGIT(&meth->irr, 4);
+ a3 = MP_DIGIT(&meth->irr, 3);
+ a2 = MP_DIGIT(&meth->irr, 2);
+ a1 = MP_DIGIT(&meth->irr, 1);
+ a0 = MP_DIGIT(&meth->irr, 0);
+ carry = 0;
+ MP_SUB_BORROW(r0, a0, r0, carry);
+ MP_SUB_BORROW(r1, a1, r1, carry);
+ MP_SUB_BORROW(r2, a2, r2, carry);
+ MP_SUB_BORROW(r3, a3, r3, carry);
+ MP_SUB_BORROW(r4, a4, r4, carry);
+ MP_SUB_BORROW(r5, a5, r5, carry);
+ MP_DIGIT(r, 5) = r5;
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ }
+
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/*
+ * The following subraction functions do in-line subractions based
+ * on our curve size.
+ *
+ * ... 3 words
+ */
+mp_err
+ec_GFp_sub_3(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit b0 = 0, b1 = 0, b2 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0;
+ mp_digit borrow;
+
+ switch (MP_USED(a)) {
+ case 3:
+ r2 = MP_DIGIT(a, 2);
+ case 2:
+ r1 = MP_DIGIT(a, 1);
+ case 1:
+ r0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 3:
+ b2 = MP_DIGIT(b, 2);
+ case 2:
+ b1 = MP_DIGIT(b, 1);
+ case 1:
+ b0 = MP_DIGIT(b, 0);
+ }
+
+#ifndef MPI_AMD64_ADD
+ borrow = 0;
+ MP_SUB_BORROW(r0, b0, r0, borrow);
+ MP_SUB_BORROW(r1, b1, r1, borrow);
+ MP_SUB_BORROW(r2, b2, r2, borrow);
+#else
+ __asm__(
+ "xorq %3,%3 \n\t"
+ "subq %4,%0 \n\t"
+ "sbbq %5,%1 \n\t"
+ "sbbq %6,%2 \n\t"
+ "adcq $0,%3 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2), "=r"(borrow)
+ : "r"(b0), "r"(b1), "r"(b2),
+ "0"(r0), "1"(r1), "2"(r2)
+ : "%cc");
+#endif
+
+ /* Do quick 'add' if we've gone under 0
+ * (subtract the 2's complement of the curve field) */
+ if (borrow) {
+ b2 = MP_DIGIT(&meth->irr, 2);
+ b1 = MP_DIGIT(&meth->irr, 1);
+ b0 = MP_DIGIT(&meth->irr, 0);
+#ifndef MPI_AMD64_ADD
+ borrow = 0;
+ MP_ADD_CARRY(b0, r0, r0, borrow);
+ MP_ADD_CARRY(b1, r1, r1, borrow);
+ MP_ADD_CARRY(b2, r2, r2, borrow);
+#else
+ __asm__(
+ "addq %3,%0 \n\t"
+ "adcq %4,%1 \n\t"
+ "adcq %5,%2 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2)
+ : "r"(b0), "r"(b1), "r"(b2),
+ "0"(r0), "1"(r1), "2"(r2)
+ : "%cc");
+#endif
+ }
+
+#ifdef MPI_AMD64_ADD
+ /* compiler fakeout? */
+ if ((r2 == b0) && (r1 == b0) && (r0 == b0)) {
+ MP_CHECKOK(s_mp_pad(r, 4));
+ }
+#endif
+ MP_CHECKOK(s_mp_pad(r, 3));
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 3;
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* 4 words */
+mp_err
+ec_GFp_sub_4(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit b0 = 0, b1 = 0, b2 = 0, b3 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0, r3 = 0;
+ mp_digit borrow;
+
+ switch (MP_USED(a)) {
+ case 4:
+ r3 = MP_DIGIT(a, 3);
+ case 3:
+ r2 = MP_DIGIT(a, 2);
+ case 2:
+ r1 = MP_DIGIT(a, 1);
+ case 1:
+ r0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 4:
+ b3 = MP_DIGIT(b, 3);
+ case 3:
+ b2 = MP_DIGIT(b, 2);
+ case 2:
+ b1 = MP_DIGIT(b, 1);
+ case 1:
+ b0 = MP_DIGIT(b, 0);
+ }
+
+#ifndef MPI_AMD64_ADD
+ borrow = 0;
+ MP_SUB_BORROW(r0, b0, r0, borrow);
+ MP_SUB_BORROW(r1, b1, r1, borrow);
+ MP_SUB_BORROW(r2, b2, r2, borrow);
+ MP_SUB_BORROW(r3, b3, r3, borrow);
+#else
+ __asm__(
+ "xorq %4,%4 \n\t"
+ "subq %5,%0 \n\t"
+ "sbbq %6,%1 \n\t"
+ "sbbq %7,%2 \n\t"
+ "sbbq %8,%3 \n\t"
+ "adcq $0,%4 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2), "=r"(r3), "=r"(borrow)
+ : "r"(b0), "r"(b1), "r"(b2), "r"(b3),
+ "0"(r0), "1"(r1), "2"(r2), "3"(r3)
+ : "%cc");
+#endif
+
+ /* Do quick 'add' if we've gone under 0
+ * (subtract the 2's complement of the curve field) */
+ if (borrow) {
+ b3 = MP_DIGIT(&meth->irr, 3);
+ b2 = MP_DIGIT(&meth->irr, 2);
+ b1 = MP_DIGIT(&meth->irr, 1);
+ b0 = MP_DIGIT(&meth->irr, 0);
+#ifndef MPI_AMD64_ADD
+ borrow = 0;
+ MP_ADD_CARRY(b0, r0, r0, borrow);
+ MP_ADD_CARRY(b1, r1, r1, borrow);
+ MP_ADD_CARRY(b2, r2, r2, borrow);
+ MP_ADD_CARRY(b3, r3, r3, borrow);
+#else
+ __asm__(
+ "addq %4,%0 \n\t"
+ "adcq %5,%1 \n\t"
+ "adcq %6,%2 \n\t"
+ "adcq %7,%3 \n\t"
+ : "=r"(r0), "=r"(r1), "=r"(r2), "=r"(r3)
+ : "r"(b0), "r"(b1), "r"(b2), "r"(b3),
+ "0"(r0), "1"(r1), "2"(r2), "3"(r3)
+ : "%cc");
+#endif
+ }
+#ifdef MPI_AMD64_ADD
+ /* compiler fakeout? */
+ if ((r3 == b0) && (r1 == b0) && (r0 == b0)) {
+ MP_CHECKOK(s_mp_pad(r, 4));
+ }
+#endif
+ MP_CHECKOK(s_mp_pad(r, 4));
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 4;
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* 5 words */
+mp_err
+ec_GFp_sub_5(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit b0 = 0, b1 = 0, b2 = 0, b3 = 0, b4 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0;
+ mp_digit borrow;
+
+ switch (MP_USED(a)) {
+ case 5:
+ r4 = MP_DIGIT(a, 4);
+ case 4:
+ r3 = MP_DIGIT(a, 3);
+ case 3:
+ r2 = MP_DIGIT(a, 2);
+ case 2:
+ r1 = MP_DIGIT(a, 1);
+ case 1:
+ r0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 5:
+ b4 = MP_DIGIT(b, 4);
+ case 4:
+ b3 = MP_DIGIT(b, 3);
+ case 3:
+ b2 = MP_DIGIT(b, 2);
+ case 2:
+ b1 = MP_DIGIT(b, 1);
+ case 1:
+ b0 = MP_DIGIT(b, 0);
+ }
+
+ borrow = 0;
+ MP_SUB_BORROW(r0, b0, r0, borrow);
+ MP_SUB_BORROW(r1, b1, r1, borrow);
+ MP_SUB_BORROW(r2, b2, r2, borrow);
+ MP_SUB_BORROW(r3, b3, r3, borrow);
+ MP_SUB_BORROW(r4, b4, r4, borrow);
+
+ /* Do quick 'add' if we've gone under 0
+ * (subtract the 2's complement of the curve field) */
+ if (borrow) {
+ b4 = MP_DIGIT(&meth->irr, 4);
+ b3 = MP_DIGIT(&meth->irr, 3);
+ b2 = MP_DIGIT(&meth->irr, 2);
+ b1 = MP_DIGIT(&meth->irr, 1);
+ b0 = MP_DIGIT(&meth->irr, 0);
+ borrow = 0;
+ MP_ADD_CARRY(b0, r0, r0, borrow);
+ MP_ADD_CARRY(b1, r1, r1, borrow);
+ MP_ADD_CARRY(b2, r2, r2, borrow);
+ MP_ADD_CARRY(b3, r3, r3, borrow);
+ MP_ADD_CARRY(b4, r4, r4, borrow);
+ }
+ MP_CHECKOK(s_mp_pad(r, 5));
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 5;
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* 6 words */
+mp_err
+ec_GFp_sub_6(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_digit b0 = 0, b1 = 0, b2 = 0, b3 = 0, b4 = 0, b5 = 0;
+ mp_digit r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0, r5 = 0;
+ mp_digit borrow;
+
+ switch (MP_USED(a)) {
+ case 6:
+ r5 = MP_DIGIT(a, 5);
+ case 5:
+ r4 = MP_DIGIT(a, 4);
+ case 4:
+ r3 = MP_DIGIT(a, 3);
+ case 3:
+ r2 = MP_DIGIT(a, 2);
+ case 2:
+ r1 = MP_DIGIT(a, 1);
+ case 1:
+ r0 = MP_DIGIT(a, 0);
+ }
+ switch (MP_USED(b)) {
+ case 6:
+ b5 = MP_DIGIT(b, 5);
+ case 5:
+ b4 = MP_DIGIT(b, 4);
+ case 4:
+ b3 = MP_DIGIT(b, 3);
+ case 3:
+ b2 = MP_DIGIT(b, 2);
+ case 2:
+ b1 = MP_DIGIT(b, 1);
+ case 1:
+ b0 = MP_DIGIT(b, 0);
+ }
+
+ borrow = 0;
+ MP_SUB_BORROW(r0, b0, r0, borrow);
+ MP_SUB_BORROW(r1, b1, r1, borrow);
+ MP_SUB_BORROW(r2, b2, r2, borrow);
+ MP_SUB_BORROW(r3, b3, r3, borrow);
+ MP_SUB_BORROW(r4, b4, r4, borrow);
+ MP_SUB_BORROW(r5, b5, r5, borrow);
+
+ /* Do quick 'add' if we've gone under 0
+ * (subtract the 2's complement of the curve field) */
+ if (borrow) {
+ b5 = MP_DIGIT(&meth->irr, 5);
+ b4 = MP_DIGIT(&meth->irr, 4);
+ b3 = MP_DIGIT(&meth->irr, 3);
+ b2 = MP_DIGIT(&meth->irr, 2);
+ b1 = MP_DIGIT(&meth->irr, 1);
+ b0 = MP_DIGIT(&meth->irr, 0);
+ borrow = 0;
+ MP_ADD_CARRY(b0, r0, r0, borrow);
+ MP_ADD_CARRY(b1, r1, r1, borrow);
+ MP_ADD_CARRY(b2, r2, r2, borrow);
+ MP_ADD_CARRY(b3, r3, r3, borrow);
+ MP_ADD_CARRY(b4, r4, r4, borrow);
+ MP_ADD_CARRY(b5, r5, r5, borrow);
+ }
+
+ MP_CHECKOK(s_mp_pad(r, 6));
+ MP_DIGIT(r, 5) = r5;
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 6;
+ s_mp_clamp(r);
+
+CLEANUP:
+ return res;
+}
+
+/* Reduces an integer to a field element. */
+mp_err
+ec_GFp_mod(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ return mp_mod(a, &meth->irr, r);
+}
+
+/* Multiplies two field elements. */
+mp_err
+ec_GFp_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ return mp_mulmod(a, b, &meth->irr, r);
+}
+
+/* Squares a field element. */
+mp_err
+ec_GFp_sqr(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ return mp_sqrmod(a, &meth->irr, r);
+}
+
+/* Divides two field elements. If a is NULL, then returns the inverse of
+ * b. */
+mp_err
+ec_GFp_div(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_int t;
+
+ /* If a is NULL, then return the inverse of b, otherwise return a/b. */
+ if (a == NULL) {
+ return mp_invmod(b, &meth->irr, r);
+ } else {
+ /* MPI doesn't support divmod, so we implement it using invmod and
+ * mulmod. */
+ MP_CHECKOK(mp_init(&t));
+ MP_CHECKOK(mp_invmod(b, &meth->irr, &t));
+ MP_CHECKOK(mp_mulmod(a, &t, &meth->irr, r));
+ CLEANUP:
+ mp_clear(&t);
+ return res;
+ }
+}
+
+/* Wrapper functions for generic binary polynomial field arithmetic. */
+
+/* Adds two field elements. */
+mp_err
+ec_GF2m_add(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ return mp_badd(a, b, r);
+}
+
+/* Negates a field element. Note that for binary polynomial fields, the
+ * negation of a field element is the field element itself. */
+mp_err
+ec_GF2m_neg(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ if (a == r) {
+ return MP_OKAY;
+ } else {
+ return mp_copy(a, r);
+ }
+}
+
+/* Reduces a binary polynomial to a field element. */
+mp_err
+ec_GF2m_mod(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ return mp_bmod(a, meth->irr_arr, r);
+}
+
+/* Multiplies two field elements. */
+mp_err
+ec_GF2m_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ return mp_bmulmod(a, b, meth->irr_arr, r);
+}
+
+/* Squares a field element. */
+mp_err
+ec_GF2m_sqr(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ return mp_bsqrmod(a, meth->irr_arr, r);
+}
+
+/* Divides two field elements. If a is NULL, then returns the inverse of
+ * b. */
+mp_err
+ec_GF2m_div(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_int t;
+
+ /* If a is NULL, then return the inverse of b, otherwise return a/b. */
+ if (a == NULL) {
+ /* The GF(2^m) portion of MPI doesn't support invmod, so we
+ * compute 1/b. */
+ MP_CHECKOK(mp_init(&t));
+ MP_CHECKOK(mp_set_int(&t, 1));
+ MP_CHECKOK(mp_bdivmod(&t, b, &meth->irr, meth->irr_arr, r));
+ CLEANUP:
+ mp_clear(&t);
+ return res;
+ } else {
+ return mp_bdivmod(a, b, &meth->irr, meth->irr_arr, r);
+ }
+}
diff --git a/security/nss/lib/freebl/ecl/ecl_mult.c b/security/nss/lib/freebl/ecl/ecl_mult.c
new file mode 100644
index 000000000..ffbcbf1d9
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecl_mult.c
@@ -0,0 +1,305 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+#include "mplogic.h"
+#include "ecl.h"
+#include "ecl-priv.h"
+#include <stdlib.h>
+
+/* Elliptic curve scalar-point multiplication. Computes R(x, y) = k * P(x,
+ * y). If x, y = NULL, then P is assumed to be the generator (base point)
+ * of the group of points on the elliptic curve. Input and output values
+ * are assumed to be NOT field-encoded. */
+mp_err
+ECPoint_mul(const ECGroup *group, const mp_int *k, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry)
+{
+ mp_err res = MP_OKAY;
+ mp_int kt;
+
+ ARGCHK((k != NULL) && (group != NULL), MP_BADARG);
+ MP_DIGITS(&kt) = 0;
+
+ /* want scalar to be less than or equal to group order */
+ if (mp_cmp(k, &group->order) > 0) {
+ MP_CHECKOK(mp_init(&kt));
+ MP_CHECKOK(mp_mod(k, &group->order, &kt));
+ } else {
+ MP_SIGN(&kt) = MP_ZPOS;
+ MP_USED(&kt) = MP_USED(k);
+ MP_ALLOC(&kt) = MP_ALLOC(k);
+ MP_DIGITS(&kt) = MP_DIGITS(k);
+ }
+
+ if ((px == NULL) || (py == NULL)) {
+ if (group->base_point_mul) {
+ MP_CHECKOK(group->base_point_mul(&kt, rx, ry, group));
+ } else {
+ MP_CHECKOK(group->point_mul(&kt, &group->genx, &group->geny, rx, ry,
+ group));
+ }
+ } else {
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(px, rx, group->meth));
+ MP_CHECKOK(group->meth->field_enc(py, ry, group->meth));
+ MP_CHECKOK(group->point_mul(&kt, rx, ry, rx, ry, group));
+ } else {
+ MP_CHECKOK(group->point_mul(&kt, px, py, rx, ry, group));
+ }
+ }
+ if (group->meth->field_dec) {
+ MP_CHECKOK(group->meth->field_dec(rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_dec(ry, ry, group->meth));
+ }
+
+CLEANUP:
+ if (MP_DIGITS(&kt) != MP_DIGITS(k)) {
+ mp_clear(&kt);
+ }
+ return res;
+}
+
+/* Elliptic curve scalar-point multiplication. Computes R(x, y) = k1 * G +
+ * k2 * P(x, y), where G is the generator (base point) of the group of
+ * points on the elliptic curve. Allows k1 = NULL or { k2, P } = NULL.
+ * Input and output values are assumed to be NOT field-encoded. */
+mp_err
+ec_pts_mul_basic(const mp_int *k1, const mp_int *k2, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int sx, sy;
+
+ ARGCHK(group != NULL, MP_BADARG);
+ ARGCHK(!((k1 == NULL) && ((k2 == NULL) || (px == NULL) || (py == NULL))), MP_BADARG);
+
+ /* if some arguments are not defined used ECPoint_mul */
+ if (k1 == NULL) {
+ return ECPoint_mul(group, k2, px, py, rx, ry);
+ } else if ((k2 == NULL) || (px == NULL) || (py == NULL)) {
+ return ECPoint_mul(group, k1, NULL, NULL, rx, ry);
+ }
+
+ MP_DIGITS(&sx) = 0;
+ MP_DIGITS(&sy) = 0;
+ MP_CHECKOK(mp_init(&sx));
+ MP_CHECKOK(mp_init(&sy));
+
+ MP_CHECKOK(ECPoint_mul(group, k1, NULL, NULL, &sx, &sy));
+ MP_CHECKOK(ECPoint_mul(group, k2, px, py, rx, ry));
+
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(&sx, &sx, group->meth));
+ MP_CHECKOK(group->meth->field_enc(&sy, &sy, group->meth));
+ MP_CHECKOK(group->meth->field_enc(rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_enc(ry, ry, group->meth));
+ }
+
+ MP_CHECKOK(group->point_add(&sx, &sy, rx, ry, rx, ry, group));
+
+ if (group->meth->field_dec) {
+ MP_CHECKOK(group->meth->field_dec(rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_dec(ry, ry, group->meth));
+ }
+
+CLEANUP:
+ mp_clear(&sx);
+ mp_clear(&sy);
+ return res;
+}
+
+/* Elliptic curve scalar-point multiplication. Computes R(x, y) = k1 * G +
+ * k2 * P(x, y), where G is the generator (base point) of the group of
+ * points on the elliptic curve. Allows k1 = NULL or { k2, P } = NULL.
+ * Input and output values are assumed to be NOT field-encoded. Uses
+ * algorithm 15 (simultaneous multiple point multiplication) from Brown,
+ * Hankerson, Lopez, Menezes. Software Implementation of the NIST
+ * Elliptic Curves over Prime Fields. */
+mp_err
+ec_pts_mul_simul_w2(const mp_int *k1, const mp_int *k2, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int precomp[4][4][2];
+ const mp_int *a, *b;
+ unsigned int i, j;
+ int ai, bi, d;
+
+ ARGCHK(group != NULL, MP_BADARG);
+ ARGCHK(!((k1 == NULL) && ((k2 == NULL) || (px == NULL) || (py == NULL))), MP_BADARG);
+
+ /* if some arguments are not defined used ECPoint_mul */
+ if (k1 == NULL) {
+ return ECPoint_mul(group, k2, px, py, rx, ry);
+ } else if ((k2 == NULL) || (px == NULL) || (py == NULL)) {
+ return ECPoint_mul(group, k1, NULL, NULL, rx, ry);
+ }
+
+ /* initialize precomputation table */
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 4; j++) {
+ MP_DIGITS(&precomp[i][j][0]) = 0;
+ MP_DIGITS(&precomp[i][j][1]) = 0;
+ }
+ }
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 4; j++) {
+ MP_CHECKOK(mp_init_size(&precomp[i][j][0],
+ ECL_MAX_FIELD_SIZE_DIGITS));
+ MP_CHECKOK(mp_init_size(&precomp[i][j][1],
+ ECL_MAX_FIELD_SIZE_DIGITS));
+ }
+ }
+
+ /* fill precomputation table */
+ /* assign {k1, k2} = {a, b} such that len(a) >= len(b) */
+ if (mpl_significant_bits(k1) < mpl_significant_bits(k2)) {
+ a = k2;
+ b = k1;
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(px, &precomp[1][0][0], group->meth));
+ MP_CHECKOK(group->meth->field_enc(py, &precomp[1][0][1], group->meth));
+ } else {
+ MP_CHECKOK(mp_copy(px, &precomp[1][0][0]));
+ MP_CHECKOK(mp_copy(py, &precomp[1][0][1]));
+ }
+ MP_CHECKOK(mp_copy(&group->genx, &precomp[0][1][0]));
+ MP_CHECKOK(mp_copy(&group->geny, &precomp[0][1][1]));
+ } else {
+ a = k1;
+ b = k2;
+ MP_CHECKOK(mp_copy(&group->genx, &precomp[1][0][0]));
+ MP_CHECKOK(mp_copy(&group->geny, &precomp[1][0][1]));
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(px, &precomp[0][1][0], group->meth));
+ MP_CHECKOK(group->meth->field_enc(py, &precomp[0][1][1], group->meth));
+ } else {
+ MP_CHECKOK(mp_copy(px, &precomp[0][1][0]));
+ MP_CHECKOK(mp_copy(py, &precomp[0][1][1]));
+ }
+ }
+ /* precompute [*][0][*] */
+ mp_zero(&precomp[0][0][0]);
+ mp_zero(&precomp[0][0][1]);
+ MP_CHECKOK(group->point_dbl(&precomp[1][0][0], &precomp[1][0][1],
+ &precomp[2][0][0], &precomp[2][0][1], group));
+ MP_CHECKOK(group->point_add(&precomp[1][0][0], &precomp[1][0][1],
+ &precomp[2][0][0], &precomp[2][0][1],
+ &precomp[3][0][0], &precomp[3][0][1], group));
+ /* precompute [*][1][*] */
+ for (i = 1; i < 4; i++) {
+ MP_CHECKOK(group->point_add(&precomp[0][1][0], &precomp[0][1][1],
+ &precomp[i][0][0], &precomp[i][0][1],
+ &precomp[i][1][0], &precomp[i][1][1], group));
+ }
+ /* precompute [*][2][*] */
+ MP_CHECKOK(group->point_dbl(&precomp[0][1][0], &precomp[0][1][1],
+ &precomp[0][2][0], &precomp[0][2][1], group));
+ for (i = 1; i < 4; i++) {
+ MP_CHECKOK(group->point_add(&precomp[0][2][0], &precomp[0][2][1],
+ &precomp[i][0][0], &precomp[i][0][1],
+ &precomp[i][2][0], &precomp[i][2][1], group));
+ }
+ /* precompute [*][3][*] */
+ MP_CHECKOK(group->point_add(&precomp[0][1][0], &precomp[0][1][1],
+ &precomp[0][2][0], &precomp[0][2][1],
+ &precomp[0][3][0], &precomp[0][3][1], group));
+ for (i = 1; i < 4; i++) {
+ MP_CHECKOK(group->point_add(&precomp[0][3][0], &precomp[0][3][1],
+ &precomp[i][0][0], &precomp[i][0][1],
+ &precomp[i][3][0], &precomp[i][3][1], group));
+ }
+
+ d = (mpl_significant_bits(a) + 1) / 2;
+
+ /* R = inf */
+ mp_zero(rx);
+ mp_zero(ry);
+
+ for (i = d; i-- > 0;) {
+ ai = MP_GET_BIT(a, 2 * i + 1);
+ ai <<= 1;
+ ai |= MP_GET_BIT(a, 2 * i);
+ bi = MP_GET_BIT(b, 2 * i + 1);
+ bi <<= 1;
+ bi |= MP_GET_BIT(b, 2 * i);
+ /* R = 2^2 * R */
+ MP_CHECKOK(group->point_dbl(rx, ry, rx, ry, group));
+ MP_CHECKOK(group->point_dbl(rx, ry, rx, ry, group));
+ /* R = R + (ai * A + bi * B) */
+ MP_CHECKOK(group->point_add(rx, ry, &precomp[ai][bi][0],
+ &precomp[ai][bi][1], rx, ry, group));
+ }
+
+ if (group->meth->field_dec) {
+ MP_CHECKOK(group->meth->field_dec(rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_dec(ry, ry, group->meth));
+ }
+
+CLEANUP:
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 4; j++) {
+ mp_clear(&precomp[i][j][0]);
+ mp_clear(&precomp[i][j][1]);
+ }
+ }
+ return res;
+}
+
+/* Elliptic curve scalar-point multiplication. Computes R(x, y) = k1 * G +
+ * k2 * P(x, y), where G is the generator (base point) of the group of
+ * points on the elliptic curve. Allows k1 = NULL or { k2, P } = NULL.
+ * Input and output values are assumed to be NOT field-encoded. */
+mp_err
+ECPoints_mul(const ECGroup *group, const mp_int *k1, const mp_int *k2,
+ const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry)
+{
+ mp_err res = MP_OKAY;
+ mp_int k1t, k2t;
+ const mp_int *k1p, *k2p;
+
+ MP_DIGITS(&k1t) = 0;
+ MP_DIGITS(&k2t) = 0;
+
+ ARGCHK(group != NULL, MP_BADARG);
+
+ /* want scalar to be less than or equal to group order */
+ if (k1 != NULL) {
+ if (mp_cmp(k1, &group->order) >= 0) {
+ MP_CHECKOK(mp_init(&k1t));
+ MP_CHECKOK(mp_mod(k1, &group->order, &k1t));
+ k1p = &k1t;
+ } else {
+ k1p = k1;
+ }
+ } else {
+ k1p = k1;
+ }
+ if (k2 != NULL) {
+ if (mp_cmp(k2, &group->order) >= 0) {
+ MP_CHECKOK(mp_init(&k2t));
+ MP_CHECKOK(mp_mod(k2, &group->order, &k2t));
+ k2p = &k2t;
+ } else {
+ k2p = k2;
+ }
+ } else {
+ k2p = k2;
+ }
+
+ /* if points_mul is defined, then use it */
+ if (group->points_mul) {
+ res = group->points_mul(k1p, k2p, px, py, rx, ry, group);
+ } else {
+ res = ec_pts_mul_simul_w2(k1p, k2p, px, py, rx, ry, group);
+ }
+
+CLEANUP:
+ mp_clear(&k1t);
+ mp_clear(&k2t);
+ return res;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp.h b/security/nss/lib/freebl/ecl/ecp.h
new file mode 100644
index 000000000..7e54e4e07
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp.h
@@ -0,0 +1,106 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ecp_h_
+#define __ecp_h_
+
+#include "ecl-priv.h"
+
+/* Checks if point P(px, py) is at infinity. Uses affine coordinates. */
+mp_err ec_GFp_pt_is_inf_aff(const mp_int *px, const mp_int *py);
+
+/* Sets P(px, py) to be the point at infinity. Uses affine coordinates. */
+mp_err ec_GFp_pt_set_inf_aff(mp_int *px, mp_int *py);
+
+/* Computes R = P + Q where R is (rx, ry), P is (px, py) and Q is (qx,
+ * qy). Uses affine coordinates. */
+mp_err ec_GFp_pt_add_aff(const mp_int *px, const mp_int *py,
+ const mp_int *qx, const mp_int *qy, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+
+/* Computes R = P - Q. Uses affine coordinates. */
+mp_err ec_GFp_pt_sub_aff(const mp_int *px, const mp_int *py,
+ const mp_int *qx, const mp_int *qy, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+
+/* Computes R = 2P. Uses affine coordinates. */
+mp_err ec_GFp_pt_dbl_aff(const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, const ECGroup *group);
+
+/* Validates a point on a GFp curve. */
+mp_err ec_GFp_validate_point(const mp_int *px, const mp_int *py, const ECGroup *group);
+
+#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
+/* Computes R = nP where R is (rx, ry) and P is (px, py). The parameters
+ * a, b and p are the elliptic curve coefficients and the prime that
+ * determines the field GFp. Uses affine coordinates. */
+mp_err ec_GFp_pt_mul_aff(const mp_int *n, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group);
+#endif
+
+/* Converts a point P(px, py) from affine coordinates to Jacobian
+ * projective coordinates R(rx, ry, rz). */
+mp_err ec_GFp_pt_aff2jac(const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, mp_int *rz, const ECGroup *group);
+
+/* Converts a point P(px, py, pz) from Jacobian projective coordinates to
+ * affine coordinates R(rx, ry). */
+mp_err ec_GFp_pt_jac2aff(const mp_int *px, const mp_int *py,
+ const mp_int *pz, mp_int *rx, mp_int *ry,
+ const ECGroup *group);
+
+/* Checks if point P(px, py, pz) is at infinity. Uses Jacobian
+ * coordinates. */
+mp_err ec_GFp_pt_is_inf_jac(const mp_int *px, const mp_int *py,
+ const mp_int *pz);
+
+/* Sets P(px, py, pz) to be the point at infinity. Uses Jacobian
+ * coordinates. */
+mp_err ec_GFp_pt_set_inf_jac(mp_int *px, mp_int *py, mp_int *pz);
+
+/* Computes R = P + Q where R is (rx, ry, rz), P is (px, py, pz) and Q is
+ * (qx, qy, qz). Uses Jacobian coordinates. */
+mp_err ec_GFp_pt_add_jac_aff(const mp_int *px, const mp_int *py,
+ const mp_int *pz, const mp_int *qx,
+ const mp_int *qy, mp_int *rx, mp_int *ry,
+ mp_int *rz, const ECGroup *group);
+
+/* Computes R = 2P. Uses Jacobian coordinates. */
+mp_err ec_GFp_pt_dbl_jac(const mp_int *px, const mp_int *py,
+ const mp_int *pz, mp_int *rx, mp_int *ry,
+ mp_int *rz, const ECGroup *group);
+
+#ifdef ECL_ENABLE_GFP_PT_MUL_JAC
+/* Computes R = nP where R is (rx, ry) and P is (px, py). The parameters
+ * a, b and p are the elliptic curve coefficients and the prime that
+ * determines the field GFp. Uses Jacobian coordinates. */
+mp_err ec_GFp_pt_mul_jac(const mp_int *n, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group);
+#endif
+
+/* Computes R(x, y) = k1 * G + k2 * P(x, y), where G is the generator
+ * (base point) of the group of points on the elliptic curve. Allows k1 =
+ * NULL or { k2, P } = NULL. Implemented using mixed Jacobian-affine
+ * coordinates. Input and output values are assumed to be NOT
+ * field-encoded and are in affine form. */
+mp_err
+ec_GFp_pts_mul_jac(const mp_int *k1, const mp_int *k2, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group);
+
+/* Computes R = nP where R is (rx, ry) and P is the base point. Elliptic
+ * curve points P and R can be identical. Uses mixed Modified-Jacobian
+ * co-ordinates for doubling and Chudnovsky Jacobian coordinates for
+ * additions. Assumes input is already field-encoded using field_enc, and
+ * returns output that is still field-encoded. Uses 5-bit window NAF
+ * method (algorithm 11) for scalar-point multiplication from Brown,
+ * Hankerson, Lopez, Menezes. Software Implementation of the NIST Elliptic
+ * Curves Over Prime Fields. */
+mp_err
+ec_GFp_pt_mul_jm_wNAF(const mp_int *n, const mp_int *px, const mp_int *py,
+ mp_int *rx, mp_int *ry, const ECGroup *group);
+
+#endif /* __ecp_h_ */
diff --git a/security/nss/lib/freebl/ecl/ecp_25519.c b/security/nss/lib/freebl/ecl/ecp_25519.c
new file mode 100644
index 000000000..a8d41520e
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_25519.c
@@ -0,0 +1,120 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* curve 25519 https://www.rfc-editor.org/rfc/rfc7748.txt */
+
+#ifdef FREEBL_NO_DEPEND
+#include "../stubs.h"
+#endif
+
+#include "ecl-priv.h"
+#include "ecp.h"
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpi-priv.h"
+#include "secmpi.h"
+#include "secitem.h"
+#include "secport.h"
+#include <stdlib.h>
+#include <stdio.h>
+
+/*
+ * point validation is not necessary in general. But this checks a point (px)
+ * against some known bad values.
+ */
+SECStatus
+ec_Curve25519_pt_validate(const SECItem *px)
+{
+ PRUint8 *p;
+ int i;
+ PRUint8 forbiddenValues[12][32] = {
+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+ { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+ { 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae,
+ 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a,
+ 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd,
+ 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 },
+ { 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24,
+ 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b,
+ 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86,
+ 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 },
+ { 0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f },
+ { 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f },
+ { 0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f },
+ { 0xcd, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae,
+ 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a,
+ 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd,
+ 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x80 },
+ { 0x4c, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24,
+ 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b,
+ 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86,
+ 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0xd7 },
+ { 0xd9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
+ { 0xda, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
+ { 0xdb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
+ };
+
+ /* The point must not be longer than 32 (it can be smaller). */
+ if (px->len <= 32) {
+ p = px->data;
+ } else {
+ return SECFailure;
+ }
+
+ for (i = 0; i < PR_ARRAY_SIZE(forbiddenValues); ++i) {
+ if (NSS_SecureMemcmp(p, forbiddenValues[i], px->len) == 0) {
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Scalar multiplication for Curve25519.
+ * If P == NULL, the base point is used.
+ * Returns X = k*P
+ */
+SECStatus
+ec_Curve25519_pt_mul(SECItem *X, SECItem *k, SECItem *P)
+{
+ PRUint8 *px;
+ PRUint8 basePoint[32] = { 9 };
+
+ if (!P) {
+ px = basePoint;
+ } else {
+ PORT_Assert(P->len == 32);
+ if (P->len != 32) {
+ return SECFailure;
+ }
+ px = P->data;
+ }
+
+ return ec_Curve25519_mul(X->data, k->data, px);
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_256.c b/security/nss/lib/freebl/ecl/ecp_256.c
new file mode 100644
index 000000000..ad4e630c1
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_256.c
@@ -0,0 +1,401 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecp.h"
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpi-priv.h"
+
+/* Fast modular reduction for p256 = 2^256 - 2^224 + 2^192+ 2^96 - 1. a can be r.
+ * Uses algorithm 2.29 from Hankerson, Menezes, Vanstone. Guide to
+ * Elliptic Curve Cryptography. */
+static mp_err
+ec_GFp_nistp256_mod(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_size a_used = MP_USED(a);
+ int a_bits = mpl_significant_bits(a);
+ mp_digit carry;
+
+#ifdef ECL_THIRTY_TWO_BIT
+ mp_digit a8 = 0, a9 = 0, a10 = 0, a11 = 0, a12 = 0, a13 = 0, a14 = 0, a15 = 0;
+ mp_digit r0, r1, r2, r3, r4, r5, r6, r7;
+ int r8; /* must be a signed value ! */
+#else
+ mp_digit a4 = 0, a5 = 0, a6 = 0, a7 = 0;
+ mp_digit a4h, a4l, a5h, a5l, a6h, a6l, a7h, a7l;
+ mp_digit r0, r1, r2, r3;
+ int r4; /* must be a signed value ! */
+#endif
+ /* for polynomials larger than twice the field size
+ * use regular reduction */
+ if (a_bits < 256) {
+ if (a == r)
+ return MP_OKAY;
+ return mp_copy(a, r);
+ }
+ if (a_bits > 512) {
+ MP_CHECKOK(mp_mod(a, &meth->irr, r));
+ } else {
+
+#ifdef ECL_THIRTY_TWO_BIT
+ switch (a_used) {
+ case 16:
+ a15 = MP_DIGIT(a, 15);
+ case 15:
+ a14 = MP_DIGIT(a, 14);
+ case 14:
+ a13 = MP_DIGIT(a, 13);
+ case 13:
+ a12 = MP_DIGIT(a, 12);
+ case 12:
+ a11 = MP_DIGIT(a, 11);
+ case 11:
+ a10 = MP_DIGIT(a, 10);
+ case 10:
+ a9 = MP_DIGIT(a, 9);
+ case 9:
+ a8 = MP_DIGIT(a, 8);
+ }
+
+ r0 = MP_DIGIT(a, 0);
+ r1 = MP_DIGIT(a, 1);
+ r2 = MP_DIGIT(a, 2);
+ r3 = MP_DIGIT(a, 3);
+ r4 = MP_DIGIT(a, 4);
+ r5 = MP_DIGIT(a, 5);
+ r6 = MP_DIGIT(a, 6);
+ r7 = MP_DIGIT(a, 7);
+
+ /* sum 1 */
+ carry = 0;
+ MP_ADD_CARRY(r3, a11, r3, carry);
+ MP_ADD_CARRY(r4, a12, r4, carry);
+ MP_ADD_CARRY(r5, a13, r5, carry);
+ MP_ADD_CARRY(r6, a14, r6, carry);
+ MP_ADD_CARRY(r7, a15, r7, carry);
+ r8 = carry;
+ carry = 0;
+ MP_ADD_CARRY(r3, a11, r3, carry);
+ MP_ADD_CARRY(r4, a12, r4, carry);
+ MP_ADD_CARRY(r5, a13, r5, carry);
+ MP_ADD_CARRY(r6, a14, r6, carry);
+ MP_ADD_CARRY(r7, a15, r7, carry);
+ r8 += carry;
+ carry = 0;
+ /* sum 2 */
+ MP_ADD_CARRY(r3, a12, r3, carry);
+ MP_ADD_CARRY(r4, a13, r4, carry);
+ MP_ADD_CARRY(r5, a14, r5, carry);
+ MP_ADD_CARRY(r6, a15, r6, carry);
+ MP_ADD_CARRY(r7, 0, r7, carry);
+ r8 += carry;
+ carry = 0;
+ /* combine last bottom of sum 3 with second sum 2 */
+ MP_ADD_CARRY(r0, a8, r0, carry);
+ MP_ADD_CARRY(r1, a9, r1, carry);
+ MP_ADD_CARRY(r2, a10, r2, carry);
+ MP_ADD_CARRY(r3, a12, r3, carry);
+ MP_ADD_CARRY(r4, a13, r4, carry);
+ MP_ADD_CARRY(r5, a14, r5, carry);
+ MP_ADD_CARRY(r6, a15, r6, carry);
+ MP_ADD_CARRY(r7, a15, r7, carry); /* from sum 3 */
+ r8 += carry;
+ carry = 0;
+ /* sum 3 (rest of it)*/
+ MP_ADD_CARRY(r6, a14, r6, carry);
+ MP_ADD_CARRY(r7, 0, r7, carry);
+ r8 += carry;
+ carry = 0;
+ /* sum 4 (rest of it)*/
+ MP_ADD_CARRY(r0, a9, r0, carry);
+ MP_ADD_CARRY(r1, a10, r1, carry);
+ MP_ADD_CARRY(r2, a11, r2, carry);
+ MP_ADD_CARRY(r3, a13, r3, carry);
+ MP_ADD_CARRY(r4, a14, r4, carry);
+ MP_ADD_CARRY(r5, a15, r5, carry);
+ MP_ADD_CARRY(r6, a13, r6, carry);
+ MP_ADD_CARRY(r7, a8, r7, carry);
+ r8 += carry;
+ carry = 0;
+ /* diff 5 */
+ MP_SUB_BORROW(r0, a11, r0, carry);
+ MP_SUB_BORROW(r1, a12, r1, carry);
+ MP_SUB_BORROW(r2, a13, r2, carry);
+ MP_SUB_BORROW(r3, 0, r3, carry);
+ MP_SUB_BORROW(r4, 0, r4, carry);
+ MP_SUB_BORROW(r5, 0, r5, carry);
+ MP_SUB_BORROW(r6, a8, r6, carry);
+ MP_SUB_BORROW(r7, a10, r7, carry);
+ r8 -= carry;
+ carry = 0;
+ /* diff 6 */
+ MP_SUB_BORROW(r0, a12, r0, carry);
+ MP_SUB_BORROW(r1, a13, r1, carry);
+ MP_SUB_BORROW(r2, a14, r2, carry);
+ MP_SUB_BORROW(r3, a15, r3, carry);
+ MP_SUB_BORROW(r4, 0, r4, carry);
+ MP_SUB_BORROW(r5, 0, r5, carry);
+ MP_SUB_BORROW(r6, a9, r6, carry);
+ MP_SUB_BORROW(r7, a11, r7, carry);
+ r8 -= carry;
+ carry = 0;
+ /* diff 7 */
+ MP_SUB_BORROW(r0, a13, r0, carry);
+ MP_SUB_BORROW(r1, a14, r1, carry);
+ MP_SUB_BORROW(r2, a15, r2, carry);
+ MP_SUB_BORROW(r3, a8, r3, carry);
+ MP_SUB_BORROW(r4, a9, r4, carry);
+ MP_SUB_BORROW(r5, a10, r5, carry);
+ MP_SUB_BORROW(r6, 0, r6, carry);
+ MP_SUB_BORROW(r7, a12, r7, carry);
+ r8 -= carry;
+ carry = 0;
+ /* diff 8 */
+ MP_SUB_BORROW(r0, a14, r0, carry);
+ MP_SUB_BORROW(r1, a15, r1, carry);
+ MP_SUB_BORROW(r2, 0, r2, carry);
+ MP_SUB_BORROW(r3, a9, r3, carry);
+ MP_SUB_BORROW(r4, a10, r4, carry);
+ MP_SUB_BORROW(r5, a11, r5, carry);
+ MP_SUB_BORROW(r6, 0, r6, carry);
+ MP_SUB_BORROW(r7, a13, r7, carry);
+ r8 -= carry;
+
+ /* reduce the overflows */
+ while (r8 > 0) {
+ mp_digit r8_d = r8;
+ carry = 0;
+ MP_ADD_CARRY(r0, r8_d, r0, carry);
+ MP_ADD_CARRY(r1, 0, r1, carry);
+ MP_ADD_CARRY(r2, 0, r2, carry);
+ MP_ADD_CARRY(r3, 0 - r8_d, r3, carry);
+ MP_ADD_CARRY(r4, MP_DIGIT_MAX, r4, carry);
+ MP_ADD_CARRY(r5, MP_DIGIT_MAX, r5, carry);
+ MP_ADD_CARRY(r6, 0 - (r8_d + 1), r6, carry);
+ MP_ADD_CARRY(r7, (r8_d - 1), r7, carry);
+ r8 = carry;
+ }
+
+ /* reduce the underflows */
+ while (r8 < 0) {
+ mp_digit r8_d = -r8;
+ carry = 0;
+ MP_SUB_BORROW(r0, r8_d, r0, carry);
+ MP_SUB_BORROW(r1, 0, r1, carry);
+ MP_SUB_BORROW(r2, 0, r2, carry);
+ MP_SUB_BORROW(r3, 0 - r8_d, r3, carry);
+ MP_SUB_BORROW(r4, MP_DIGIT_MAX, r4, carry);
+ MP_SUB_BORROW(r5, MP_DIGIT_MAX, r5, carry);
+ MP_SUB_BORROW(r6, 0 - (r8_d + 1), r6, carry);
+ MP_SUB_BORROW(r7, (r8_d - 1), r7, carry);
+ r8 = 0 - carry;
+ }
+ if (a != r) {
+ MP_CHECKOK(s_mp_pad(r, 8));
+ }
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 8;
+
+ MP_DIGIT(r, 7) = r7;
+ MP_DIGIT(r, 6) = r6;
+ MP_DIGIT(r, 5) = r5;
+ MP_DIGIT(r, 4) = r4;
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+
+ /* final reduction if necessary */
+ if ((r7 == MP_DIGIT_MAX) &&
+ ((r6 > 1) || ((r6 == 1) &&
+ (r5 || r4 || r3 ||
+ ((r2 == MP_DIGIT_MAX) && (r1 == MP_DIGIT_MAX) && (r0 == MP_DIGIT_MAX)))))) {
+ MP_CHECKOK(mp_sub(r, &meth->irr, r));
+ }
+
+ s_mp_clamp(r);
+#else
+ switch (a_used) {
+ case 8:
+ a7 = MP_DIGIT(a, 7);
+ case 7:
+ a6 = MP_DIGIT(a, 6);
+ case 6:
+ a5 = MP_DIGIT(a, 5);
+ case 5:
+ a4 = MP_DIGIT(a, 4);
+ }
+ a7l = a7 << 32;
+ a7h = a7 >> 32;
+ a6l = a6 << 32;
+ a6h = a6 >> 32;
+ a5l = a5 << 32;
+ a5h = a5 >> 32;
+ a4l = a4 << 32;
+ a4h = a4 >> 32;
+ r3 = MP_DIGIT(a, 3);
+ r2 = MP_DIGIT(a, 2);
+ r1 = MP_DIGIT(a, 1);
+ r0 = MP_DIGIT(a, 0);
+
+ /* sum 1 */
+ carry = 0;
+ MP_ADD_CARRY(r1, a5h << 32, r1, carry);
+ MP_ADD_CARRY(r2, a6, r2, carry);
+ MP_ADD_CARRY(r3, a7, r3, carry);
+ r4 = carry;
+ carry = 0;
+ MP_ADD_CARRY(r1, a5h << 32, r1, carry);
+ MP_ADD_CARRY(r2, a6, r2, carry);
+ MP_ADD_CARRY(r3, a7, r3, carry);
+ r4 += carry;
+ /* sum 2 */
+ carry = 0;
+ MP_ADD_CARRY(r1, a6l, r1, carry);
+ MP_ADD_CARRY(r2, a6h | a7l, r2, carry);
+ MP_ADD_CARRY(r3, a7h, r3, carry);
+ r4 += carry;
+ carry = 0;
+ MP_ADD_CARRY(r1, a6l, r1, carry);
+ MP_ADD_CARRY(r2, a6h | a7l, r2, carry);
+ MP_ADD_CARRY(r3, a7h, r3, carry);
+ r4 += carry;
+
+ /* sum 3 */
+ carry = 0;
+ MP_ADD_CARRY(r0, a4, r0, carry);
+ MP_ADD_CARRY(r1, a5l >> 32, r1, carry);
+ MP_ADD_CARRY(r2, 0, r2, carry);
+ MP_ADD_CARRY(r3, a7, r3, carry);
+ r4 += carry;
+ /* sum 4 */
+ carry = 0;
+ MP_ADD_CARRY(r0, a4h | a5l, r0, carry);
+ MP_ADD_CARRY(r1, a5h | (a6h << 32), r1, carry);
+ MP_ADD_CARRY(r2, a7, r2, carry);
+ MP_ADD_CARRY(r3, a6h | a4l, r3, carry);
+ r4 += carry;
+ /* diff 5 */
+ carry = 0;
+ MP_SUB_BORROW(r0, a5h | a6l, r0, carry);
+ MP_SUB_BORROW(r1, a6h, r1, carry);
+ MP_SUB_BORROW(r2, 0, r2, carry);
+ MP_SUB_BORROW(r3, (a4l >> 32) | a5l, r3, carry);
+ r4 -= carry;
+ /* diff 6 */
+ carry = 0;
+ MP_SUB_BORROW(r0, a6, r0, carry);
+ MP_SUB_BORROW(r1, a7, r1, carry);
+ MP_SUB_BORROW(r2, 0, r2, carry);
+ MP_SUB_BORROW(r3, a4h | (a5h << 32), r3, carry);
+ r4 -= carry;
+ /* diff 7 */
+ carry = 0;
+ MP_SUB_BORROW(r0, a6h | a7l, r0, carry);
+ MP_SUB_BORROW(r1, a7h | a4l, r1, carry);
+ MP_SUB_BORROW(r2, a4h | a5l, r2, carry);
+ MP_SUB_BORROW(r3, a6l, r3, carry);
+ r4 -= carry;
+ /* diff 8 */
+ carry = 0;
+ MP_SUB_BORROW(r0, a7, r0, carry);
+ MP_SUB_BORROW(r1, a4h << 32, r1, carry);
+ MP_SUB_BORROW(r2, a5, r2, carry);
+ MP_SUB_BORROW(r3, a6h << 32, r3, carry);
+ r4 -= carry;
+
+ /* reduce the overflows */
+ while (r4 > 0) {
+ mp_digit r4_long = r4;
+ mp_digit r4l = (r4_long << 32);
+ carry = 0;
+ MP_ADD_CARRY(r0, r4_long, r0, carry);
+ MP_ADD_CARRY(r1, 0 - r4l, r1, carry);
+ MP_ADD_CARRY(r2, MP_DIGIT_MAX, r2, carry);
+ MP_ADD_CARRY(r3, r4l - r4_long - 1, r3, carry);
+ r4 = carry;
+ }
+
+ /* reduce the underflows */
+ while (r4 < 0) {
+ mp_digit r4_long = -r4;
+ mp_digit r4l = (r4_long << 32);
+ carry = 0;
+ MP_SUB_BORROW(r0, r4_long, r0, carry);
+ MP_SUB_BORROW(r1, 0 - r4l, r1, carry);
+ MP_SUB_BORROW(r2, MP_DIGIT_MAX, r2, carry);
+ MP_SUB_BORROW(r3, r4l - r4_long - 1, r3, carry);
+ r4 = 0 - carry;
+ }
+
+ if (a != r) {
+ MP_CHECKOK(s_mp_pad(r, 4));
+ }
+ MP_SIGN(r) = MP_ZPOS;
+ MP_USED(r) = 4;
+
+ MP_DIGIT(r, 3) = r3;
+ MP_DIGIT(r, 2) = r2;
+ MP_DIGIT(r, 1) = r1;
+ MP_DIGIT(r, 0) = r0;
+
+ /* final reduction if necessary */
+ if ((r3 > 0xFFFFFFFF00000001ULL) ||
+ ((r3 == 0xFFFFFFFF00000001ULL) &&
+ (r2 || (r1 >> 32) ||
+ (r1 == 0xFFFFFFFFULL && r0 == MP_DIGIT_MAX)))) {
+ /* very rare, just use mp_sub */
+ MP_CHECKOK(mp_sub(r, &meth->irr, r));
+ }
+
+ s_mp_clamp(r);
+#endif
+ }
+
+CLEANUP:
+ return res;
+}
+
+/* Compute the square of polynomial a, reduce modulo p256. Store the
+ * result in r. r could be a. Uses optimized modular reduction for p256.
+ */
+static mp_err
+ec_GFp_nistp256_sqr(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ MP_CHECKOK(mp_sqr(a, r));
+ MP_CHECKOK(ec_GFp_nistp256_mod(r, r, meth));
+CLEANUP:
+ return res;
+}
+
+/* Compute the product of two polynomials a and b, reduce modulo p256.
+ * Store the result in r. r could be a or b; a could be b. Uses
+ * optimized modular reduction for p256. */
+static mp_err
+ec_GFp_nistp256_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ MP_CHECKOK(mp_mul(a, b, r));
+ MP_CHECKOK(ec_GFp_nistp256_mod(r, r, meth));
+CLEANUP:
+ return res;
+}
+
+/* Wire in fast field arithmetic and precomputation of base point for
+ * named curves. */
+mp_err
+ec_group_set_gfp256(ECGroup *group, ECCurveName name)
+{
+ if (name == ECCurve_NIST_P256) {
+ group->meth->field_mod = &ec_GFp_nistp256_mod;
+ group->meth->field_mul = &ec_GFp_nistp256_mul;
+ group->meth->field_sqr = &ec_GFp_nistp256_sqr;
+ }
+ return MP_OKAY;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_256_32.c b/security/nss/lib/freebl/ecl/ecp_256_32.c
new file mode 100644
index 000000000..515f6f731
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_256_32.c
@@ -0,0 +1,1535 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* A 32-bit implementation of the NIST P-256 elliptic curve. */
+
+#include <string.h>
+
+#include "prtypes.h"
+#include "mpi.h"
+#include "mpi-priv.h"
+#include "ecp.h"
+
+typedef PRUint8 u8;
+typedef PRUint32 u32;
+typedef PRUint64 u64;
+
+/* Our field elements are represented as nine, unsigned 32-bit words. Freebl's
+ * MPI library calls them digits, but here they are called limbs, which is
+ * GMP's terminology.
+ *
+ * The value of an felem (field element) is:
+ * x[0] + (x[1] * 2**29) + (x[2] * 2**57) + ... + (x[8] * 2**228)
+ *
+ * That is, each limb is alternately 29 or 28-bits wide in little-endian
+ * order.
+ *
+ * This means that an felem hits 2**257, rather than 2**256 as we would like. A
+ * 28, 29, ... pattern would cause us to hit 2**256, but that causes problems
+ * when multiplying as terms end up one bit short of a limb which would require
+ * much bit-shifting to correct.
+ *
+ * Finally, the values stored in an felem are in Montgomery form. So the value
+ * |y| is stored as (y*R) mod p, where p is the P-256 prime and R is 2**257.
+ */
+typedef u32 limb;
+#define NLIMBS 9
+typedef limb felem[NLIMBS];
+
+static const limb kBottom28Bits = 0xfffffff;
+static const limb kBottom29Bits = 0x1fffffff;
+
+/* kOne is the number 1 as an felem. It's 2**257 mod p split up into 29 and
+ * 28-bit words.
+ */
+static const felem kOne = {
+ 2, 0, 0, 0xffff800,
+ 0x1fffffff, 0xfffffff, 0x1fbfffff, 0x1ffffff,
+ 0
+};
+static const felem kZero = { 0 };
+static const felem kP = {
+ 0x1fffffff, 0xfffffff, 0x1fffffff, 0x3ff,
+ 0, 0, 0x200000, 0xf000000,
+ 0xfffffff
+};
+static const felem k2P = {
+ 0x1ffffffe, 0xfffffff, 0x1fffffff, 0x7ff,
+ 0, 0, 0x400000, 0xe000000,
+ 0x1fffffff
+};
+
+/* kPrecomputed contains precomputed values to aid the calculation of scalar
+ * multiples of the base point, G. It's actually two, equal length, tables
+ * concatenated.
+ *
+ * The first table contains (x,y) felem pairs for 16 multiples of the base
+ * point, G.
+ *
+ * Index | Index (binary) | Value
+ * 0 | 0000 | 0G (all zeros, omitted)
+ * 1 | 0001 | G
+ * 2 | 0010 | 2**64G
+ * 3 | 0011 | 2**64G + G
+ * 4 | 0100 | 2**128G
+ * 5 | 0101 | 2**128G + G
+ * 6 | 0110 | 2**128G + 2**64G
+ * 7 | 0111 | 2**128G + 2**64G + G
+ * 8 | 1000 | 2**192G
+ * 9 | 1001 | 2**192G + G
+ * 10 | 1010 | 2**192G + 2**64G
+ * 11 | 1011 | 2**192G + 2**64G + G
+ * 12 | 1100 | 2**192G + 2**128G
+ * 13 | 1101 | 2**192G + 2**128G + G
+ * 14 | 1110 | 2**192G + 2**128G + 2**64G
+ * 15 | 1111 | 2**192G + 2**128G + 2**64G + G
+ *
+ * The second table follows the same style, but the terms are 2**32G,
+ * 2**96G, 2**160G, 2**224G.
+ *
+ * This is ~2KB of data.
+ */
+static const limb kPrecomputed[NLIMBS * 2 * 15 * 2] = {
+ 0x11522878, 0xe730d41, 0xdb60179, 0x4afe2ff, 0x12883add, 0xcaddd88, 0x119e7edc, 0xd4a6eab, 0x3120bee,
+ 0x1d2aac15, 0xf25357c, 0x19e45cdd, 0x5c721d0, 0x1992c5a5, 0xa237487, 0x154ba21, 0x14b10bb, 0xae3fe3,
+ 0xd41a576, 0x922fc51, 0x234994f, 0x60b60d3, 0x164586ae, 0xce95f18, 0x1fe49073, 0x3fa36cc, 0x5ebcd2c,
+ 0xb402f2f, 0x15c70bf, 0x1561925c, 0x5a26704, 0xda91e90, 0xcdc1c7f, 0x1ea12446, 0xe1ade1e, 0xec91f22,
+ 0x26f7778, 0x566847e, 0xa0bec9e, 0x234f453, 0x1a31f21a, 0xd85e75c, 0x56c7109, 0xa267a00, 0xb57c050,
+ 0x98fb57, 0xaa837cc, 0x60c0792, 0xcfa5e19, 0x61bab9e, 0x589e39b, 0xa324c5, 0x7d6dee7, 0x2976e4b,
+ 0x1fc4124a, 0xa8c244b, 0x1ce86762, 0xcd61c7e, 0x1831c8e0, 0x75774e1, 0x1d96a5a9, 0x843a649, 0xc3ab0fa,
+ 0x6e2e7d5, 0x7673a2a, 0x178b65e8, 0x4003e9b, 0x1a1f11c2, 0x7816ea, 0xf643e11, 0x58c43df, 0xf423fc2,
+ 0x19633ffa, 0x891f2b2, 0x123c231c, 0x46add8c, 0x54700dd, 0x59e2b17, 0x172db40f, 0x83e277d, 0xb0dd609,
+ 0xfd1da12, 0x35c6e52, 0x19ede20c, 0xd19e0c0, 0x97d0f40, 0xb015b19, 0x449e3f5, 0xe10c9e, 0x33ab581,
+ 0x56a67ab, 0x577734d, 0x1dddc062, 0xc57b10d, 0x149b39d, 0x26a9e7b, 0xc35df9f, 0x48764cd, 0x76dbcca,
+ 0xca4b366, 0xe9303ab, 0x1a7480e7, 0x57e9e81, 0x1e13eb50, 0xf466cf3, 0x6f16b20, 0x4ba3173, 0xc168c33,
+ 0x15cb5439, 0x6a38e11, 0x73658bd, 0xb29564f, 0x3f6dc5b, 0x53b97e, 0x1322c4c0, 0x65dd7ff, 0x3a1e4f6,
+ 0x14e614aa, 0x9246317, 0x1bc83aca, 0xad97eed, 0xd38ce4a, 0xf82b006, 0x341f077, 0xa6add89, 0x4894acd,
+ 0x9f162d5, 0xf8410ef, 0x1b266a56, 0xd7f223, 0x3e0cb92, 0xe39b672, 0x6a2901a, 0x69a8556, 0x7e7c0,
+ 0x9b7d8d3, 0x309a80, 0x1ad05f7f, 0xc2fb5dd, 0xcbfd41d, 0x9ceb638, 0x1051825c, 0xda0cf5b, 0x812e881,
+ 0x6f35669, 0x6a56f2c, 0x1df8d184, 0x345820, 0x1477d477, 0x1645db1, 0xbe80c51, 0xc22be3e, 0xe35e65a,
+ 0x1aeb7aa0, 0xc375315, 0xf67bc99, 0x7fdd7b9, 0x191fc1be, 0x61235d, 0x2c184e9, 0x1c5a839, 0x47a1e26,
+ 0xb7cb456, 0x93e225d, 0x14f3c6ed, 0xccc1ac9, 0x17fe37f3, 0x4988989, 0x1a90c502, 0x2f32042, 0xa17769b,
+ 0xafd8c7c, 0x8191c6e, 0x1dcdb237, 0x16200c0, 0x107b32a1, 0x66c08db, 0x10d06a02, 0x3fc93, 0x5620023,
+ 0x16722b27, 0x68b5c59, 0x270fcfc, 0xfad0ecc, 0xe5de1c2, 0xeab466b, 0x2fc513c, 0x407f75c, 0xbaab133,
+ 0x9705fe9, 0xb88b8e7, 0x734c993, 0x1e1ff8f, 0x19156970, 0xabd0f00, 0x10469ea7, 0x3293ac0, 0xcdc98aa,
+ 0x1d843fd, 0xe14bfe8, 0x15be825f, 0x8b5212, 0xeb3fb67, 0x81cbd29, 0xbc62f16, 0x2b6fcc7, 0xf5a4e29,
+ 0x13560b66, 0xc0b6ac2, 0x51ae690, 0xd41e271, 0xf3e9bd4, 0x1d70aab, 0x1029f72, 0x73e1c35, 0xee70fbc,
+ 0xad81baf, 0x9ecc49a, 0x86c741e, 0xfe6be30, 0x176752e7, 0x23d416, 0x1f83de85, 0x27de188, 0x66f70b8,
+ 0x181cd51f, 0x96b6e4c, 0x188f2335, 0xa5df759, 0x17a77eb6, 0xfeb0e73, 0x154ae914, 0x2f3ec51, 0x3826b59,
+ 0xb91f17d, 0x1c72949, 0x1362bf0a, 0xe23fddf, 0xa5614b0, 0xf7d8f, 0x79061, 0x823d9d2, 0x8213f39,
+ 0x1128ae0b, 0xd095d05, 0xb85c0c2, 0x1ecb2ef, 0x24ddc84, 0xe35e901, 0x18411a4a, 0xf5ddc3d, 0x3786689,
+ 0x52260e8, 0x5ae3564, 0x542b10d, 0x8d93a45, 0x19952aa4, 0x996cc41, 0x1051a729, 0x4be3499, 0x52b23aa,
+ 0x109f307e, 0x6f5b6bb, 0x1f84e1e7, 0x77a0cfa, 0x10c4df3f, 0x25a02ea, 0xb048035, 0xe31de66, 0xc6ecaa3,
+ 0x28ea335, 0x2886024, 0x1372f020, 0xf55d35, 0x15e4684c, 0xf2a9e17, 0x1a4a7529, 0xcb7beb1, 0xb2a78a1,
+ 0x1ab21f1f, 0x6361ccf, 0x6c9179d, 0xb135627, 0x1267b974, 0x4408bad, 0x1cbff658, 0xe3d6511, 0xc7d76f,
+ 0x1cc7a69, 0xe7ee31b, 0x54fab4f, 0x2b914f, 0x1ad27a30, 0xcd3579e, 0xc50124c, 0x50daa90, 0xb13f72,
+ 0xb06aa75, 0x70f5cc6, 0x1649e5aa, 0x84a5312, 0x329043c, 0x41c4011, 0x13d32411, 0xb04a838, 0xd760d2d,
+ 0x1713b532, 0xbaa0c03, 0x84022ab, 0x6bcf5c1, 0x2f45379, 0x18ae070, 0x18c9e11e, 0x20bca9a, 0x66f496b,
+ 0x3eef294, 0x67500d2, 0xd7f613c, 0x2dbbeb, 0xb741038, 0xe04133f, 0x1582968d, 0xbe985f7, 0x1acbc1a,
+ 0x1a6a939f, 0x33e50f6, 0xd665ed4, 0xb4b7bd6, 0x1e5a3799, 0x6b33847, 0x17fa56ff, 0x65ef930, 0x21dc4a,
+ 0x2b37659, 0x450fe17, 0xb357b65, 0xdf5efac, 0x15397bef, 0x9d35a7f, 0x112ac15f, 0x624e62e, 0xa90ae2f,
+ 0x107eecd2, 0x1f69bbe, 0x77d6bce, 0x5741394, 0x13c684fc, 0x950c910, 0x725522b, 0xdc78583, 0x40eeabb,
+ 0x1fde328a, 0xbd61d96, 0xd28c387, 0x9e77d89, 0x12550c40, 0x759cb7d, 0x367ef34, 0xae2a960, 0x91b8bdc,
+ 0x93462a9, 0xf469ef, 0xb2e9aef, 0xd2ca771, 0x54e1f42, 0x7aaa49, 0x6316abb, 0x2413c8e, 0x5425bf9,
+ 0x1bed3e3a, 0xf272274, 0x1f5e7326, 0x6416517, 0xea27072, 0x9cedea7, 0x6e7633, 0x7c91952, 0xd806dce,
+ 0x8e2a7e1, 0xe421e1a, 0x418c9e1, 0x1dbc890, 0x1b395c36, 0xa1dc175, 0x1dc4ef73, 0x8956f34, 0xe4b5cf2,
+ 0x1b0d3a18, 0x3194a36, 0x6c2641f, 0xe44124c, 0xa2f4eaa, 0xa8c25ba, 0xf927ed7, 0x627b614, 0x7371cca,
+ 0xba16694, 0x417bc03, 0x7c0a7e3, 0x9c35c19, 0x1168a205, 0x8b6b00d, 0x10e3edc9, 0x9c19bf2, 0x5882229,
+ 0x1b2b4162, 0xa5cef1a, 0x1543622b, 0x9bd433e, 0x364e04d, 0x7480792, 0x5c9b5b3, 0xe85ff25, 0x408ef57,
+ 0x1814cfa4, 0x121b41b, 0xd248a0f, 0x3b05222, 0x39bb16a, 0xc75966d, 0xa038113, 0xa4a1769, 0x11fbc6c,
+ 0x917e50e, 0xeec3da8, 0x169d6eac, 0x10c1699, 0xa416153, 0xf724912, 0x15cd60b7, 0x4acbad9, 0x5efc5fa,
+ 0xf150ed7, 0x122b51, 0x1104b40a, 0xcb7f442, 0xfbb28ff, 0x6ac53ca, 0x196142cc, 0x7bf0fa9, 0x957651,
+ 0x4e0f215, 0xed439f8, 0x3f46bd5, 0x5ace82f, 0x110916b6, 0x6db078, 0xffd7d57, 0xf2ecaac, 0xca86dec,
+ 0x15d6b2da, 0x965ecc9, 0x1c92b4c2, 0x1f3811, 0x1cb080f5, 0x2d8b804, 0x19d1c12d, 0xf20bd46, 0x1951fa7,
+ 0xa3656c3, 0x523a425, 0xfcd0692, 0xd44ddc8, 0x131f0f5b, 0xaf80e4a, 0xcd9fc74, 0x99bb618, 0x2db944c,
+ 0xa673090, 0x1c210e1, 0x178c8d23, 0x1474383, 0x10b8743d, 0x985a55b, 0x2e74779, 0x576138, 0x9587927,
+ 0x133130fa, 0xbe05516, 0x9f4d619, 0xbb62570, 0x99ec591, 0xd9468fe, 0x1d07782d, 0xfc72e0b, 0x701b298,
+ 0x1863863b, 0x85954b8, 0x121a0c36, 0x9e7fedf, 0xf64b429, 0x9b9d71e, 0x14e2f5d8, 0xf858d3a, 0x942eea8,
+ 0xda5b765, 0x6edafff, 0xa9d18cc, 0xc65e4ba, 0x1c747e86, 0xe4ea915, 0x1981d7a1, 0x8395659, 0x52ed4e2,
+ 0x87d43b7, 0x37ab11b, 0x19d292ce, 0xf8d4692, 0x18c3053f, 0x8863e13, 0x4c146c0, 0x6bdf55a, 0x4e4457d,
+ 0x16152289, 0xac78ec2, 0x1a59c5a2, 0x2028b97, 0x71c2d01, 0x295851f, 0x404747b, 0x878558d, 0x7d29aa4,
+ 0x13d8341f, 0x8daefd7, 0x139c972d, 0x6b7ea75, 0xd4a9dde, 0xff163d8, 0x81d55d7, 0xa5bef68, 0xb7b30d8,
+ 0xbe73d6f, 0xaa88141, 0xd976c81, 0x7e7a9cc, 0x18beb771, 0xd773cbd, 0x13f51951, 0x9d0c177, 0x1c49a78,
+};
+
+/* Field element operations:
+ */
+
+/* NON_ZERO_TO_ALL_ONES returns:
+ * 0xffffffff for 0 < x <= 2**31
+ * 0 for x == 0 or x > 2**31.
+ *
+ * x must be a u32 or an equivalent type such as limb.
+ */
+#define NON_ZERO_TO_ALL_ONES(x) ((((u32)(x)-1) >> 31) - 1)
+
+/* felem_reduce_carry adds a multiple of p in order to cancel |carry|,
+ * which is a term at 2**257.
+ *
+ * On entry: carry < 2**3, inout[0,2,...] < 2**29, inout[1,3,...] < 2**28.
+ * On exit: inout[0,2,..] < 2**30, inout[1,3,...] < 2**29.
+ */
+static void
+felem_reduce_carry(felem inout, limb carry)
+{
+ const u32 carry_mask = NON_ZERO_TO_ALL_ONES(carry);
+
+ inout[0] += carry << 1;
+ inout[3] += 0x10000000 & carry_mask;
+ /* carry < 2**3 thus (carry << 11) < 2**14 and we added 2**28 in the
+ * previous line therefore this doesn't underflow.
+ */
+ inout[3] -= carry << 11;
+ inout[4] += (0x20000000 - 1) & carry_mask;
+ inout[5] += (0x10000000 - 1) & carry_mask;
+ inout[6] += (0x20000000 - 1) & carry_mask;
+ inout[6] -= carry << 22;
+ /* This may underflow if carry is non-zero but, if so, we'll fix it in the
+ * next line.
+ */
+ inout[7] -= 1 & carry_mask;
+ inout[7] += carry << 25;
+}
+
+/* felem_sum sets out = in+in2.
+ *
+ * On entry, in[i]+in2[i] must not overflow a 32-bit word.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29
+ */
+static void
+felem_sum(felem out, const felem in, const felem in2)
+{
+ limb carry = 0;
+ unsigned int i;
+ for (i = 0;; i++) {
+ out[i] = in[i] + in2[i];
+ out[i] += carry;
+ carry = out[i] >> 29;
+ out[i] &= kBottom29Bits;
+
+ i++;
+ if (i == NLIMBS)
+ break;
+
+ out[i] = in[i] + in2[i];
+ out[i] += carry;
+ carry = out[i] >> 28;
+ out[i] &= kBottom28Bits;
+ }
+
+ felem_reduce_carry(out, carry);
+}
+
+#define two31m3 (((limb)1) << 31) - (((limb)1) << 3)
+#define two30m2 (((limb)1) << 30) - (((limb)1) << 2)
+#define two30p13m2 (((limb)1) << 30) + (((limb)1) << 13) - (((limb)1) << 2)
+#define two31m2 (((limb)1) << 31) - (((limb)1) << 2)
+#define two31p24m2 (((limb)1) << 31) + (((limb)1) << 24) - (((limb)1) << 2)
+#define two30m27m2 (((limb)1) << 30) - (((limb)1) << 27) - (((limb)1) << 2)
+
+/* zero31 is 0 mod p.
+ */
+static const felem zero31 = {
+ two31m3, two30m2, two31m2, two30p13m2,
+ two31m2, two30m2, two31p24m2, two30m27m2,
+ two31m2
+};
+
+/* felem_diff sets out = in-in2.
+ *
+ * On entry: in[0,2,...] < 2**30, in[1,3,...] < 2**29 and
+ * in2[0,2,...] < 2**30, in2[1,3,...] < 2**29.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ */
+static void
+felem_diff(felem out, const felem in, const felem in2)
+{
+ limb carry = 0;
+ unsigned int i;
+
+ for (i = 0;; i++) {
+ out[i] = in[i] - in2[i];
+ out[i] += zero31[i];
+ out[i] += carry;
+ carry = out[i] >> 29;
+ out[i] &= kBottom29Bits;
+
+ i++;
+ if (i == NLIMBS)
+ break;
+
+ out[i] = in[i] - in2[i];
+ out[i] += zero31[i];
+ out[i] += carry;
+ carry = out[i] >> 28;
+ out[i] &= kBottom28Bits;
+ }
+
+ felem_reduce_carry(out, carry);
+}
+
+/* felem_reduce_degree sets out = tmp/R mod p where tmp contains 64-bit words
+ * with the same 29,28,... bit positions as an felem.
+ *
+ * The values in felems are in Montgomery form: x*R mod p where R = 2**257.
+ * Since we just multiplied two Montgomery values together, the result is
+ * x*y*R*R mod p. We wish to divide by R in order for the result also to be
+ * in Montgomery form.
+ *
+ * On entry: tmp[i] < 2**64
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29
+ */
+static void
+felem_reduce_degree(felem out, u64 tmp[17])
+{
+ /* The following table may be helpful when reading this code:
+ *
+ * Limb number: 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10...
+ * Width (bits): 29| 28| 29| 28| 29| 28| 29| 28| 29| 28| 29
+ * Start bit: 0 | 29| 57| 86|114|143|171|200|228|257|285
+ * (odd phase): 0 | 28| 57| 85|114|142|171|199|228|256|285
+ */
+ limb tmp2[18], carry, x, xMask;
+ unsigned int i;
+
+ /* tmp contains 64-bit words with the same 29,28,29-bit positions as an
+ * felem. So the top of an element of tmp might overlap with another
+ * element two positions down. The following loop eliminates this
+ * overlap.
+ */
+ tmp2[0] = tmp[0] & kBottom29Bits;
+
+ /* In the following we use "(limb) tmp[x]" and "(limb) (tmp[x]>>32)" to try
+ * and hint to the compiler that it can do a single-word shift by selecting
+ * the right register rather than doing a double-word shift and truncating
+ * afterwards.
+ */
+ tmp2[1] = ((limb)tmp[0]) >> 29;
+ tmp2[1] |= (((limb)(tmp[0] >> 32)) << 3) & kBottom28Bits;
+ tmp2[1] += ((limb)tmp[1]) & kBottom28Bits;
+ carry = tmp2[1] >> 28;
+ tmp2[1] &= kBottom28Bits;
+
+ for (i = 2; i < 17; i++) {
+ tmp2[i] = ((limb)(tmp[i - 2] >> 32)) >> 25;
+ tmp2[i] += ((limb)(tmp[i - 1])) >> 28;
+ tmp2[i] += (((limb)(tmp[i - 1] >> 32)) << 4) & kBottom29Bits;
+ tmp2[i] += ((limb)tmp[i]) & kBottom29Bits;
+ tmp2[i] += carry;
+ carry = tmp2[i] >> 29;
+ tmp2[i] &= kBottom29Bits;
+
+ i++;
+ if (i == 17)
+ break;
+ tmp2[i] = ((limb)(tmp[i - 2] >> 32)) >> 25;
+ tmp2[i] += ((limb)(tmp[i - 1])) >> 29;
+ tmp2[i] += (((limb)(tmp[i - 1] >> 32)) << 3) & kBottom28Bits;
+ tmp2[i] += ((limb)tmp[i]) & kBottom28Bits;
+ tmp2[i] += carry;
+ carry = tmp2[i] >> 28;
+ tmp2[i] &= kBottom28Bits;
+ }
+
+ tmp2[17] = ((limb)(tmp[15] >> 32)) >> 25;
+ tmp2[17] += ((limb)(tmp[16])) >> 29;
+ tmp2[17] += (((limb)(tmp[16] >> 32)) << 3);
+ tmp2[17] += carry;
+
+ /* Montgomery elimination of terms:
+ *
+ * Since R is 2**257, we can divide by R with a bitwise shift if we can
+ * ensure that the right-most 257 bits are all zero. We can make that true
+ * by adding multiplies of p without affecting the value.
+ *
+ * So we eliminate limbs from right to left. Since the bottom 29 bits of p
+ * are all ones, then by adding tmp2[0]*p to tmp2 we'll make tmp2[0] == 0.
+ * We can do that for 8 further limbs and then right shift to eliminate the
+ * extra factor of R.
+ */
+ for (i = 0;; i += 2) {
+ tmp2[i + 1] += tmp2[i] >> 29;
+ x = tmp2[i] & kBottom29Bits;
+ xMask = NON_ZERO_TO_ALL_ONES(x);
+ tmp2[i] = 0;
+
+ /* The bounds calculations for this loop are tricky. Each iteration of
+ * the loop eliminates two words by adding values to words to their
+ * right.
+ *
+ * The following table contains the amounts added to each word (as an
+ * offset from the value of i at the top of the loop). The amounts are
+ * accounted for from the first and second half of the loop separately
+ * and are written as, for example, 28 to mean a value <2**28.
+ *
+ * Word: 3 4 5 6 7 8 9 10
+ * Added in top half: 28 11 29 21 29 28
+ * 28 29
+ * 29
+ * Added in bottom half: 29 10 28 21 28 28
+ * 29
+ *
+ * The value that is currently offset 7 will be offset 5 for the next
+ * iteration and then offset 3 for the iteration after that. Therefore
+ * the total value added will be the values added at 7, 5 and 3.
+ *
+ * The following table accumulates these values. The sums at the bottom
+ * are written as, for example, 29+28, to mean a value < 2**29+2**28.
+ *
+ * Word: 3 4 5 6 7 8 9 10 11 12 13
+ * 28 11 10 29 21 29 28 28 28 28 28
+ * 29 28 11 28 29 28 29 28 29 28
+ * 29 28 21 21 29 21 29 21
+ * 10 29 28 21 28 21 28
+ * 28 29 28 29 28 29 28
+ * 11 10 29 10 29 10
+ * 29 28 11 28 11
+ * 29 29
+ * --------------------------------------------
+ * 30+ 31+ 30+ 31+ 30+
+ * 28+ 29+ 28+ 29+ 21+
+ * 21+ 28+ 21+ 28+ 10
+ * 10 21+ 10 21+
+ * 11 11
+ *
+ * So the greatest amount is added to tmp2[10] and tmp2[12]. If
+ * tmp2[10/12] has an initial value of <2**29, then the maximum value
+ * will be < 2**31 + 2**30 + 2**28 + 2**21 + 2**11, which is < 2**32,
+ * as required.
+ */
+ tmp2[i + 3] += (x << 10) & kBottom28Bits;
+ tmp2[i + 4] += (x >> 18);
+
+ tmp2[i + 6] += (x << 21) & kBottom29Bits;
+ tmp2[i + 7] += x >> 8;
+
+ /* At position 200, which is the starting bit position for word 7, we
+ * have a factor of 0xf000000 = 2**28 - 2**24.
+ */
+ tmp2[i + 7] += 0x10000000 & xMask;
+ /* Word 7 is 28 bits wide, so the 2**28 term exactly hits word 8. */
+ tmp2[i + 8] += (x - 1) & xMask;
+ tmp2[i + 7] -= (x << 24) & kBottom28Bits;
+ tmp2[i + 8] -= x >> 4;
+
+ tmp2[i + 8] += 0x20000000 & xMask;
+ tmp2[i + 8] -= x;
+ tmp2[i + 8] += (x << 28) & kBottom29Bits;
+ tmp2[i + 9] += ((x >> 1) - 1) & xMask;
+
+ if (i + 1 == NLIMBS)
+ break;
+ tmp2[i + 2] += tmp2[i + 1] >> 28;
+ x = tmp2[i + 1] & kBottom28Bits;
+ xMask = NON_ZERO_TO_ALL_ONES(x);
+ tmp2[i + 1] = 0;
+
+ tmp2[i + 4] += (x << 11) & kBottom29Bits;
+ tmp2[i + 5] += (x >> 18);
+
+ tmp2[i + 7] += (x << 21) & kBottom28Bits;
+ tmp2[i + 8] += x >> 7;
+
+ /* At position 199, which is the starting bit of the 8th word when
+ * dealing with a context starting on an odd word, we have a factor of
+ * 0x1e000000 = 2**29 - 2**25. Since we have not updated i, the 8th
+ * word from i+1 is i+8.
+ */
+ tmp2[i + 8] += 0x20000000 & xMask;
+ tmp2[i + 9] += (x - 1) & xMask;
+ tmp2[i + 8] -= (x << 25) & kBottom29Bits;
+ tmp2[i + 9] -= x >> 4;
+
+ tmp2[i + 9] += 0x10000000 & xMask;
+ tmp2[i + 9] -= x;
+ tmp2[i + 10] += (x - 1) & xMask;
+ }
+
+ /* We merge the right shift with a carry chain. The words above 2**257 have
+ * widths of 28,29,... which we need to correct when copying them down.
+ */
+ carry = 0;
+ for (i = 0; i < 8; i++) {
+ /* The maximum value of tmp2[i + 9] occurs on the first iteration and
+ * is < 2**30+2**29+2**28. Adding 2**29 (from tmp2[i + 10]) is
+ * therefore safe.
+ */
+ out[i] = tmp2[i + 9];
+ out[i] += carry;
+ out[i] += (tmp2[i + 10] << 28) & kBottom29Bits;
+ carry = out[i] >> 29;
+ out[i] &= kBottom29Bits;
+
+ i++;
+ out[i] = tmp2[i + 9] >> 1;
+ out[i] += carry;
+ carry = out[i] >> 28;
+ out[i] &= kBottom28Bits;
+ }
+
+ out[8] = tmp2[17];
+ out[8] += carry;
+ carry = out[8] >> 29;
+ out[8] &= kBottom29Bits;
+
+ felem_reduce_carry(out, carry);
+}
+
+/* felem_square sets out=in*in.
+ *
+ * On entry: in[0,2,...] < 2**30, in[1,3,...] < 2**29.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ */
+static void
+felem_square(felem out, const felem in)
+{
+ u64 tmp[17];
+
+ tmp[0] = ((u64)in[0]) * in[0];
+ tmp[1] = ((u64)in[0]) * (in[1] << 1);
+ tmp[2] = ((u64)in[0]) * (in[2] << 1) +
+ ((u64)in[1]) * (in[1] << 1);
+ tmp[3] = ((u64)in[0]) * (in[3] << 1) +
+ ((u64)in[1]) * (in[2] << 1);
+ tmp[4] = ((u64)in[0]) * (in[4] << 1) +
+ ((u64)in[1]) * (in[3] << 2) +
+ ((u64)in[2]) * in[2];
+ tmp[5] = ((u64)in[0]) * (in[5] << 1) +
+ ((u64)in[1]) * (in[4] << 1) +
+ ((u64)in[2]) * (in[3] << 1);
+ tmp[6] = ((u64)in[0]) * (in[6] << 1) +
+ ((u64)in[1]) * (in[5] << 2) +
+ ((u64)in[2]) * (in[4] << 1) +
+ ((u64)in[3]) * (in[3] << 1);
+ tmp[7] = ((u64)in[0]) * (in[7] << 1) +
+ ((u64)in[1]) * (in[6] << 1) +
+ ((u64)in[2]) * (in[5] << 1) +
+ ((u64)in[3]) * (in[4] << 1);
+ /* tmp[8] has the greatest value of 2**61 + 2**60 + 2**61 + 2**60 + 2**60,
+ * which is < 2**64 as required.
+ */
+ tmp[8] = ((u64)in[0]) * (in[8] << 1) +
+ ((u64)in[1]) * (in[7] << 2) +
+ ((u64)in[2]) * (in[6] << 1) +
+ ((u64)in[3]) * (in[5] << 2) +
+ ((u64)in[4]) * in[4];
+ tmp[9] = ((u64)in[1]) * (in[8] << 1) +
+ ((u64)in[2]) * (in[7] << 1) +
+ ((u64)in[3]) * (in[6] << 1) +
+ ((u64)in[4]) * (in[5] << 1);
+ tmp[10] = ((u64)in[2]) * (in[8] << 1) +
+ ((u64)in[3]) * (in[7] << 2) +
+ ((u64)in[4]) * (in[6] << 1) +
+ ((u64)in[5]) * (in[5] << 1);
+ tmp[11] = ((u64)in[3]) * (in[8] << 1) +
+ ((u64)in[4]) * (in[7] << 1) +
+ ((u64)in[5]) * (in[6] << 1);
+ tmp[12] = ((u64)in[4]) * (in[8] << 1) +
+ ((u64)in[5]) * (in[7] << 2) +
+ ((u64)in[6]) * in[6];
+ tmp[13] = ((u64)in[5]) * (in[8] << 1) +
+ ((u64)in[6]) * (in[7] << 1);
+ tmp[14] = ((u64)in[6]) * (in[8] << 1) +
+ ((u64)in[7]) * (in[7] << 1);
+ tmp[15] = ((u64)in[7]) * (in[8] << 1);
+ tmp[16] = ((u64)in[8]) * in[8];
+
+ felem_reduce_degree(out, tmp);
+}
+
+/* felem_mul sets out=in*in2.
+ *
+ * On entry: in[0,2,...] < 2**30, in[1,3,...] < 2**29 and
+ * in2[0,2,...] < 2**30, in2[1,3,...] < 2**29.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ */
+static void
+felem_mul(felem out, const felem in, const felem in2)
+{
+ u64 tmp[17];
+
+ tmp[0] = ((u64)in[0]) * in2[0];
+ tmp[1] = ((u64)in[0]) * (in2[1] << 0) +
+ ((u64)in[1]) * (in2[0] << 0);
+ tmp[2] = ((u64)in[0]) * (in2[2] << 0) +
+ ((u64)in[1]) * (in2[1] << 1) +
+ ((u64)in[2]) * (in2[0] << 0);
+ tmp[3] = ((u64)in[0]) * (in2[3] << 0) +
+ ((u64)in[1]) * (in2[2] << 0) +
+ ((u64)in[2]) * (in2[1] << 0) +
+ ((u64)in[3]) * (in2[0] << 0);
+ tmp[4] = ((u64)in[0]) * (in2[4] << 0) +
+ ((u64)in[1]) * (in2[3] << 1) +
+ ((u64)in[2]) * (in2[2] << 0) +
+ ((u64)in[3]) * (in2[1] << 1) +
+ ((u64)in[4]) * (in2[0] << 0);
+ tmp[5] = ((u64)in[0]) * (in2[5] << 0) +
+ ((u64)in[1]) * (in2[4] << 0) +
+ ((u64)in[2]) * (in2[3] << 0) +
+ ((u64)in[3]) * (in2[2] << 0) +
+ ((u64)in[4]) * (in2[1] << 0) +
+ ((u64)in[5]) * (in2[0] << 0);
+ tmp[6] = ((u64)in[0]) * (in2[6] << 0) +
+ ((u64)in[1]) * (in2[5] << 1) +
+ ((u64)in[2]) * (in2[4] << 0) +
+ ((u64)in[3]) * (in2[3] << 1) +
+ ((u64)in[4]) * (in2[2] << 0) +
+ ((u64)in[5]) * (in2[1] << 1) +
+ ((u64)in[6]) * (in2[0] << 0);
+ tmp[7] = ((u64)in[0]) * (in2[7] << 0) +
+ ((u64)in[1]) * (in2[6] << 0) +
+ ((u64)in[2]) * (in2[5] << 0) +
+ ((u64)in[3]) * (in2[4] << 0) +
+ ((u64)in[4]) * (in2[3] << 0) +
+ ((u64)in[5]) * (in2[2] << 0) +
+ ((u64)in[6]) * (in2[1] << 0) +
+ ((u64)in[7]) * (in2[0] << 0);
+ /* tmp[8] has the greatest value but doesn't overflow. See logic in
+ * felem_square.
+ */
+ tmp[8] = ((u64)in[0]) * (in2[8] << 0) +
+ ((u64)in[1]) * (in2[7] << 1) +
+ ((u64)in[2]) * (in2[6] << 0) +
+ ((u64)in[3]) * (in2[5] << 1) +
+ ((u64)in[4]) * (in2[4] << 0) +
+ ((u64)in[5]) * (in2[3] << 1) +
+ ((u64)in[6]) * (in2[2] << 0) +
+ ((u64)in[7]) * (in2[1] << 1) +
+ ((u64)in[8]) * (in2[0] << 0);
+ tmp[9] = ((u64)in[1]) * (in2[8] << 0) +
+ ((u64)in[2]) * (in2[7] << 0) +
+ ((u64)in[3]) * (in2[6] << 0) +
+ ((u64)in[4]) * (in2[5] << 0) +
+ ((u64)in[5]) * (in2[4] << 0) +
+ ((u64)in[6]) * (in2[3] << 0) +
+ ((u64)in[7]) * (in2[2] << 0) +
+ ((u64)in[8]) * (in2[1] << 0);
+ tmp[10] = ((u64)in[2]) * (in2[8] << 0) +
+ ((u64)in[3]) * (in2[7] << 1) +
+ ((u64)in[4]) * (in2[6] << 0) +
+ ((u64)in[5]) * (in2[5] << 1) +
+ ((u64)in[6]) * (in2[4] << 0) +
+ ((u64)in[7]) * (in2[3] << 1) +
+ ((u64)in[8]) * (in2[2] << 0);
+ tmp[11] = ((u64)in[3]) * (in2[8] << 0) +
+ ((u64)in[4]) * (in2[7] << 0) +
+ ((u64)in[5]) * (in2[6] << 0) +
+ ((u64)in[6]) * (in2[5] << 0) +
+ ((u64)in[7]) * (in2[4] << 0) +
+ ((u64)in[8]) * (in2[3] << 0);
+ tmp[12] = ((u64)in[4]) * (in2[8] << 0) +
+ ((u64)in[5]) * (in2[7] << 1) +
+ ((u64)in[6]) * (in2[6] << 0) +
+ ((u64)in[7]) * (in2[5] << 1) +
+ ((u64)in[8]) * (in2[4] << 0);
+ tmp[13] = ((u64)in[5]) * (in2[8] << 0) +
+ ((u64)in[6]) * (in2[7] << 0) +
+ ((u64)in[7]) * (in2[6] << 0) +
+ ((u64)in[8]) * (in2[5] << 0);
+ tmp[14] = ((u64)in[6]) * (in2[8] << 0) +
+ ((u64)in[7]) * (in2[7] << 1) +
+ ((u64)in[8]) * (in2[6] << 0);
+ tmp[15] = ((u64)in[7]) * (in2[8] << 0) +
+ ((u64)in[8]) * (in2[7] << 0);
+ tmp[16] = ((u64)in[8]) * (in2[8] << 0);
+
+ felem_reduce_degree(out, tmp);
+}
+
+static void
+felem_assign(felem out, const felem in)
+{
+ memcpy(out, in, sizeof(felem));
+}
+
+/* felem_inv calculates |out| = |in|^{-1}
+ *
+ * Based on Fermat's Little Theorem:
+ * a^p = a (mod p)
+ * a^{p-1} = 1 (mod p)
+ * a^{p-2} = a^{-1} (mod p)
+ */
+static void
+felem_inv(felem out, const felem in)
+{
+ felem ftmp, ftmp2;
+ /* each e_I will hold |in|^{2^I - 1} */
+ felem e2, e4, e8, e16, e32, e64;
+ unsigned int i;
+
+ felem_square(ftmp, in); /* 2^1 */
+ felem_mul(ftmp, in, ftmp); /* 2^2 - 2^0 */
+ felem_assign(e2, ftmp);
+ felem_square(ftmp, ftmp); /* 2^3 - 2^1 */
+ felem_square(ftmp, ftmp); /* 2^4 - 2^2 */
+ felem_mul(ftmp, ftmp, e2); /* 2^4 - 2^0 */
+ felem_assign(e4, ftmp);
+ felem_square(ftmp, ftmp); /* 2^5 - 2^1 */
+ felem_square(ftmp, ftmp); /* 2^6 - 2^2 */
+ felem_square(ftmp, ftmp); /* 2^7 - 2^3 */
+ felem_square(ftmp, ftmp); /* 2^8 - 2^4 */
+ felem_mul(ftmp, ftmp, e4); /* 2^8 - 2^0 */
+ felem_assign(e8, ftmp);
+ for (i = 0; i < 8; i++) {
+ felem_square(ftmp, ftmp);
+ } /* 2^16 - 2^8 */
+ felem_mul(ftmp, ftmp, e8); /* 2^16 - 2^0 */
+ felem_assign(e16, ftmp);
+ for (i = 0; i < 16; i++) {
+ felem_square(ftmp, ftmp);
+ } /* 2^32 - 2^16 */
+ felem_mul(ftmp, ftmp, e16); /* 2^32 - 2^0 */
+ felem_assign(e32, ftmp);
+ for (i = 0; i < 32; i++) {
+ felem_square(ftmp, ftmp);
+ } /* 2^64 - 2^32 */
+ felem_assign(e64, ftmp);
+ felem_mul(ftmp, ftmp, in); /* 2^64 - 2^32 + 2^0 */
+ for (i = 0; i < 192; i++) {
+ felem_square(ftmp, ftmp);
+ } /* 2^256 - 2^224 + 2^192 */
+
+ felem_mul(ftmp2, e64, e32); /* 2^64 - 2^0 */
+ for (i = 0; i < 16; i++) {
+ felem_square(ftmp2, ftmp2);
+ } /* 2^80 - 2^16 */
+ felem_mul(ftmp2, ftmp2, e16); /* 2^80 - 2^0 */
+ for (i = 0; i < 8; i++) {
+ felem_square(ftmp2, ftmp2);
+ } /* 2^88 - 2^8 */
+ felem_mul(ftmp2, ftmp2, e8); /* 2^88 - 2^0 */
+ for (i = 0; i < 4; i++) {
+ felem_square(ftmp2, ftmp2);
+ } /* 2^92 - 2^4 */
+ felem_mul(ftmp2, ftmp2, e4); /* 2^92 - 2^0 */
+ felem_square(ftmp2, ftmp2); /* 2^93 - 2^1 */
+ felem_square(ftmp2, ftmp2); /* 2^94 - 2^2 */
+ felem_mul(ftmp2, ftmp2, e2); /* 2^94 - 2^0 */
+ felem_square(ftmp2, ftmp2); /* 2^95 - 2^1 */
+ felem_square(ftmp2, ftmp2); /* 2^96 - 2^2 */
+ felem_mul(ftmp2, ftmp2, in); /* 2^96 - 3 */
+
+ felem_mul(out, ftmp2, ftmp); /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */
+}
+
+/* felem_scalar_3 sets out=3*out.
+ *
+ * On entry: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ */
+static void
+felem_scalar_3(felem out)
+{
+ limb carry = 0;
+ unsigned int i;
+
+ for (i = 0;; i++) {
+ out[i] *= 3;
+ out[i] += carry;
+ carry = out[i] >> 29;
+ out[i] &= kBottom29Bits;
+
+ i++;
+ if (i == NLIMBS)
+ break;
+
+ out[i] *= 3;
+ out[i] += carry;
+ carry = out[i] >> 28;
+ out[i] &= kBottom28Bits;
+ }
+
+ felem_reduce_carry(out, carry);
+}
+
+/* felem_scalar_4 sets out=4*out.
+ *
+ * On entry: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ */
+static void
+felem_scalar_4(felem out)
+{
+ limb carry = 0, next_carry;
+ unsigned int i;
+
+ for (i = 0;; i++) {
+ next_carry = out[i] >> 27;
+ out[i] <<= 2;
+ out[i] &= kBottom29Bits;
+ out[i] += carry;
+ carry = next_carry + (out[i] >> 29);
+ out[i] &= kBottom29Bits;
+
+ i++;
+ if (i == NLIMBS)
+ break;
+ next_carry = out[i] >> 26;
+ out[i] <<= 2;
+ out[i] &= kBottom28Bits;
+ out[i] += carry;
+ carry = next_carry + (out[i] >> 28);
+ out[i] &= kBottom28Bits;
+ }
+
+ felem_reduce_carry(out, carry);
+}
+
+/* felem_scalar_8 sets out=8*out.
+ *
+ * On entry: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ * On exit: out[0,2,...] < 2**30, out[1,3,...] < 2**29.
+ */
+static void
+felem_scalar_8(felem out)
+{
+ limb carry = 0, next_carry;
+ unsigned int i;
+
+ for (i = 0;; i++) {
+ next_carry = out[i] >> 26;
+ out[i] <<= 3;
+ out[i] &= kBottom29Bits;
+ out[i] += carry;
+ carry = next_carry + (out[i] >> 29);
+ out[i] &= kBottom29Bits;
+
+ i++;
+ if (i == NLIMBS)
+ break;
+ next_carry = out[i] >> 25;
+ out[i] <<= 3;
+ out[i] &= kBottom28Bits;
+ out[i] += carry;
+ carry = next_carry + (out[i] >> 28);
+ out[i] &= kBottom28Bits;
+ }
+
+ felem_reduce_carry(out, carry);
+}
+
+/* felem_is_zero_vartime returns 1 iff |in| == 0. It takes a variable amount of
+ * time depending on the value of |in|.
+ */
+static char
+felem_is_zero_vartime(const felem in)
+{
+ limb carry;
+ int i;
+ limb tmp[NLIMBS];
+ felem_assign(tmp, in);
+
+ /* First, reduce tmp to a minimal form.
+ */
+ do {
+ carry = 0;
+ for (i = 0;; i++) {
+ tmp[i] += carry;
+ carry = tmp[i] >> 29;
+ tmp[i] &= kBottom29Bits;
+
+ i++;
+ if (i == NLIMBS)
+ break;
+
+ tmp[i] += carry;
+ carry = tmp[i] >> 28;
+ tmp[i] &= kBottom28Bits;
+ }
+
+ felem_reduce_carry(tmp, carry);
+ } while (carry);
+
+ /* tmp < 2**257, so the only possible zero values are 0, p and 2p.
+ */
+ return memcmp(tmp, kZero, sizeof(tmp)) == 0 ||
+ memcmp(tmp, kP, sizeof(tmp)) == 0 ||
+ memcmp(tmp, k2P, sizeof(tmp)) == 0;
+}
+
+/* Group operations:
+ *
+ * Elements of the elliptic curve group are represented in Jacobian
+ * coordinates: (x, y, z). An affine point (x', y') is x'=x/z**2, y'=y/z**3 in
+ * Jacobian form.
+ */
+
+/* point_double sets {x_out,y_out,z_out} = 2*{x,y,z}.
+ *
+ * See http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l
+ */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+ const felem x, const felem y, const felem z)
+{
+ felem delta, gamma, alpha, beta, tmp, tmp2;
+
+ felem_square(delta, z);
+ felem_square(gamma, y);
+ felem_mul(beta, x, gamma);
+
+ felem_sum(tmp, x, delta);
+ felem_diff(tmp2, x, delta);
+ felem_mul(alpha, tmp, tmp2);
+ felem_scalar_3(alpha);
+
+ felem_sum(tmp, y, z);
+ felem_square(tmp, tmp);
+ felem_diff(tmp, tmp, gamma);
+ felem_diff(z_out, tmp, delta);
+
+ felem_scalar_4(beta);
+ felem_square(x_out, alpha);
+ felem_diff(x_out, x_out, beta);
+ felem_diff(x_out, x_out, beta);
+
+ felem_diff(tmp, beta, x_out);
+ felem_mul(tmp, alpha, tmp);
+ felem_square(tmp2, gamma);
+ felem_scalar_8(tmp2);
+ felem_diff(y_out, tmp, tmp2);
+}
+
+/* point_add_mixed sets {x_out,y_out,z_out} = {x1,y1,z1} + {x2,y2,1}.
+ * (i.e. the second point is affine.)
+ *
+ * See http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
+ *
+ * Note that this function does not handle P+P, infinity+P nor P+infinity
+ * correctly.
+ */
+static void
+point_add_mixed(felem x_out, felem y_out, felem z_out,
+ const felem x1, const felem y1, const felem z1,
+ const felem x2, const felem y2)
+{
+ felem z1z1, z1z1z1, s2, u2, h, i, j, r, rr, v, tmp;
+
+ felem_square(z1z1, z1);
+ felem_sum(tmp, z1, z1);
+
+ felem_mul(u2, x2, z1z1);
+ felem_mul(z1z1z1, z1, z1z1);
+ felem_mul(s2, y2, z1z1z1);
+ felem_diff(h, u2, x1);
+ felem_sum(i, h, h);
+ felem_square(i, i);
+ felem_mul(j, h, i);
+ felem_diff(r, s2, y1);
+ felem_sum(r, r, r);
+ felem_mul(v, x1, i);
+
+ felem_mul(z_out, tmp, h);
+ felem_square(rr, r);
+ felem_diff(x_out, rr, j);
+ felem_diff(x_out, x_out, v);
+ felem_diff(x_out, x_out, v);
+
+ felem_diff(tmp, v, x_out);
+ felem_mul(y_out, tmp, r);
+ felem_mul(tmp, y1, j);
+ felem_diff(y_out, y_out, tmp);
+ felem_diff(y_out, y_out, tmp);
+}
+
+/* point_add sets {x_out,y_out,z_out} = {x1,y1,z1} + {x2,y2,z2}.
+ *
+ * See http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
+ *
+ * Note that this function does not handle P+P, infinity+P nor P+infinity
+ * correctly.
+ */
+static void
+point_add(felem x_out, felem y_out, felem z_out,
+ const felem x1, const felem y1, const felem z1,
+ const felem x2, const felem y2, const felem z2)
+{
+ felem z1z1, z1z1z1, z2z2, z2z2z2, s1, s2, u1, u2, h, i, j, r, rr, v, tmp;
+
+ felem_square(z1z1, z1);
+ felem_square(z2z2, z2);
+ felem_mul(u1, x1, z2z2);
+
+ felem_sum(tmp, z1, z2);
+ felem_square(tmp, tmp);
+ felem_diff(tmp, tmp, z1z1);
+ felem_diff(tmp, tmp, z2z2);
+
+ felem_mul(z2z2z2, z2, z2z2);
+ felem_mul(s1, y1, z2z2z2);
+
+ felem_mul(u2, x2, z1z1);
+ felem_mul(z1z1z1, z1, z1z1);
+ felem_mul(s2, y2, z1z1z1);
+ felem_diff(h, u2, u1);
+ felem_sum(i, h, h);
+ felem_square(i, i);
+ felem_mul(j, h, i);
+ felem_diff(r, s2, s1);
+ felem_sum(r, r, r);
+ felem_mul(v, u1, i);
+
+ felem_mul(z_out, tmp, h);
+ felem_square(rr, r);
+ felem_diff(x_out, rr, j);
+ felem_diff(x_out, x_out, v);
+ felem_diff(x_out, x_out, v);
+
+ felem_diff(tmp, v, x_out);
+ felem_mul(y_out, tmp, r);
+ felem_mul(tmp, s1, j);
+ felem_diff(y_out, y_out, tmp);
+ felem_diff(y_out, y_out, tmp);
+}
+
+/* point_add_or_double_vartime sets {x_out,y_out,z_out} = {x1,y1,z1} +
+ * {x2,y2,z2}.
+ *
+ * See http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
+ *
+ * This function handles the case where {x1,y1,z1}={x2,y2,z2}.
+ */
+static void
+point_add_or_double_vartime(
+ felem x_out, felem y_out, felem z_out,
+ const felem x1, const felem y1, const felem z1,
+ const felem x2, const felem y2, const felem z2)
+{
+ felem z1z1, z1z1z1, z2z2, z2z2z2, s1, s2, u1, u2, h, i, j, r, rr, v, tmp;
+ char x_equal, y_equal;
+
+ felem_square(z1z1, z1);
+ felem_square(z2z2, z2);
+ felem_mul(u1, x1, z2z2);
+
+ felem_sum(tmp, z1, z2);
+ felem_square(tmp, tmp);
+ felem_diff(tmp, tmp, z1z1);
+ felem_diff(tmp, tmp, z2z2);
+
+ felem_mul(z2z2z2, z2, z2z2);
+ felem_mul(s1, y1, z2z2z2);
+
+ felem_mul(u2, x2, z1z1);
+ felem_mul(z1z1z1, z1, z1z1);
+ felem_mul(s2, y2, z1z1z1);
+ felem_diff(h, u2, u1);
+ x_equal = felem_is_zero_vartime(h);
+ felem_sum(i, h, h);
+ felem_square(i, i);
+ felem_mul(j, h, i);
+ felem_diff(r, s2, s1);
+ y_equal = felem_is_zero_vartime(r);
+ if (x_equal && y_equal) {
+ point_double(x_out, y_out, z_out, x1, y1, z1);
+ return;
+ }
+ felem_sum(r, r, r);
+ felem_mul(v, u1, i);
+
+ felem_mul(z_out, tmp, h);
+ felem_square(rr, r);
+ felem_diff(x_out, rr, j);
+ felem_diff(x_out, x_out, v);
+ felem_diff(x_out, x_out, v);
+
+ felem_diff(tmp, v, x_out);
+ felem_mul(y_out, tmp, r);
+ felem_mul(tmp, s1, j);
+ felem_diff(y_out, y_out, tmp);
+ felem_diff(y_out, y_out, tmp);
+}
+
+/* copy_conditional sets out=in if mask = 0xffffffff in constant time.
+ *
+ * On entry: mask is either 0 or 0xffffffff.
+ */
+static void
+copy_conditional(felem out, const felem in, limb mask)
+{
+ int i;
+
+ for (i = 0; i < NLIMBS; i++) {
+ const limb tmp = mask & (in[i] ^ out[i]);
+ out[i] ^= tmp;
+ }
+}
+
+/* select_affine_point sets {out_x,out_y} to the index'th entry of table.
+ * On entry: index < 16, table[0] must be zero.
+ */
+static void
+select_affine_point(felem out_x, felem out_y,
+ const limb *table, limb index)
+{
+ limb i, j;
+
+ memset(out_x, 0, sizeof(felem));
+ memset(out_y, 0, sizeof(felem));
+
+ for (i = 1; i < 16; i++) {
+ limb mask = i ^ index;
+ mask |= mask >> 2;
+ mask |= mask >> 1;
+ mask &= 1;
+ mask--;
+ for (j = 0; j < NLIMBS; j++, table++) {
+ out_x[j] |= *table & mask;
+ }
+ for (j = 0; j < NLIMBS; j++, table++) {
+ out_y[j] |= *table & mask;
+ }
+ }
+}
+
+/* select_jacobian_point sets {out_x,out_y,out_z} to the index'th entry of
+ * table. On entry: index < 16, table[0] must be zero.
+ */
+static void
+select_jacobian_point(felem out_x, felem out_y, felem out_z,
+ const limb *table, limb index)
+{
+ limb i, j;
+
+ memset(out_x, 0, sizeof(felem));
+ memset(out_y, 0, sizeof(felem));
+ memset(out_z, 0, sizeof(felem));
+
+ /* The implicit value at index 0 is all zero. We don't need to perform that
+ * iteration of the loop because we already set out_* to zero.
+ */
+ table += 3 * NLIMBS;
+
+ for (i = 1; i < 16; i++) {
+ limb mask = i ^ index;
+ mask |= mask >> 2;
+ mask |= mask >> 1;
+ mask &= 1;
+ mask--;
+ for (j = 0; j < NLIMBS; j++, table++) {
+ out_x[j] |= *table & mask;
+ }
+ for (j = 0; j < NLIMBS; j++, table++) {
+ out_y[j] |= *table & mask;
+ }
+ for (j = 0; j < NLIMBS; j++, table++) {
+ out_z[j] |= *table & mask;
+ }
+ }
+}
+
+/* get_bit returns the bit'th bit of scalar. */
+static char
+get_bit(const u8 scalar[32], int bit)
+{
+ return ((scalar[bit >> 3]) >> (bit & 7)) & 1;
+}
+
+/* scalar_base_mult sets {nx,ny,nz} = scalar*G where scalar is a little-endian
+ * number. Note that the value of scalar must be less than the order of the
+ * group.
+ */
+static void
+scalar_base_mult(felem nx, felem ny, felem nz, const u8 scalar[32])
+{
+ int i, j;
+ limb n_is_infinity_mask = -1, p_is_noninfinite_mask, mask;
+ u32 table_offset;
+
+ felem px, py;
+ felem tx, ty, tz;
+
+ memset(nx, 0, sizeof(felem));
+ memset(ny, 0, sizeof(felem));
+ memset(nz, 0, sizeof(felem));
+
+ /* The loop adds bits at positions 0, 64, 128 and 192, followed by
+ * positions 32,96,160 and 224 and does this 32 times.
+ */
+ for (i = 0; i < 32; i++) {
+ if (i) {
+ point_double(nx, ny, nz, nx, ny, nz);
+ }
+ table_offset = 0;
+ for (j = 0; j <= 32; j += 32) {
+ char bit0 = get_bit(scalar, 31 - i + j);
+ char bit1 = get_bit(scalar, 95 - i + j);
+ char bit2 = get_bit(scalar, 159 - i + j);
+ char bit3 = get_bit(scalar, 223 - i + j);
+ limb index = bit0 | (bit1 << 1) | (bit2 << 2) | (bit3 << 3);
+
+ select_affine_point(px, py, kPrecomputed + table_offset, index);
+ table_offset += 30 * NLIMBS;
+
+ /* Since scalar is less than the order of the group, we know that
+ * {nx,ny,nz} != {px,py,1}, unless both are zero, which we handle
+ * below.
+ */
+ point_add_mixed(tx, ty, tz, nx, ny, nz, px, py);
+ /* The result of point_add_mixed is incorrect if {nx,ny,nz} is zero
+ * (a.k.a. the point at infinity). We handle that situation by
+ * copying the point from the table.
+ */
+ copy_conditional(nx, px, n_is_infinity_mask);
+ copy_conditional(ny, py, n_is_infinity_mask);
+ copy_conditional(nz, kOne, n_is_infinity_mask);
+
+ /* Equally, the result is also wrong if the point from the table is
+ * zero, which happens when the index is zero. We handle that by
+ * only copying from {tx,ty,tz} to {nx,ny,nz} if index != 0.
+ */
+ p_is_noninfinite_mask = NON_ZERO_TO_ALL_ONES(index);
+ mask = p_is_noninfinite_mask & ~n_is_infinity_mask;
+ copy_conditional(nx, tx, mask);
+ copy_conditional(ny, ty, mask);
+ copy_conditional(nz, tz, mask);
+ /* If p was not zero, then n is now non-zero. */
+ n_is_infinity_mask &= ~p_is_noninfinite_mask;
+ }
+ }
+}
+
+/* point_to_affine converts a Jacobian point to an affine point. If the input
+ * is the point at infinity then it returns (0, 0) in constant time.
+ */
+static void
+point_to_affine(felem x_out, felem y_out,
+ const felem nx, const felem ny, const felem nz)
+{
+ felem z_inv, z_inv_sq;
+ felem_inv(z_inv, nz);
+ felem_square(z_inv_sq, z_inv);
+ felem_mul(x_out, nx, z_inv_sq);
+ felem_mul(z_inv, z_inv, z_inv_sq);
+ felem_mul(y_out, ny, z_inv);
+}
+
+/* scalar_mult sets {nx,ny,nz} = scalar*{x,y}. */
+static void
+scalar_mult(felem nx, felem ny, felem nz,
+ const felem x, const felem y, const u8 scalar[32])
+{
+ int i;
+ felem px, py, pz, tx, ty, tz;
+ felem precomp[16][3];
+ limb n_is_infinity_mask, index, p_is_noninfinite_mask, mask;
+
+ /* We precompute 0,1,2,... times {x,y}. */
+ memset(precomp, 0, sizeof(felem) * 3);
+ memcpy(&precomp[1][0], x, sizeof(felem));
+ memcpy(&precomp[1][1], y, sizeof(felem));
+ memcpy(&precomp[1][2], kOne, sizeof(felem));
+
+ for (i = 2; i < 16; i += 2) {
+ point_double(precomp[i][0], precomp[i][1], precomp[i][2],
+ precomp[i / 2][0], precomp[i / 2][1], precomp[i / 2][2]);
+
+ point_add_mixed(precomp[i + 1][0], precomp[i + 1][1], precomp[i + 1][2],
+ precomp[i][0], precomp[i][1], precomp[i][2], x, y);
+ }
+
+ memset(nx, 0, sizeof(felem));
+ memset(ny, 0, sizeof(felem));
+ memset(nz, 0, sizeof(felem));
+ n_is_infinity_mask = -1;
+
+ /* We add in a window of four bits each iteration and do this 64 times. */
+ for (i = 0; i < 64; i++) {
+ if (i) {
+ point_double(nx, ny, nz, nx, ny, nz);
+ point_double(nx, ny, nz, nx, ny, nz);
+ point_double(nx, ny, nz, nx, ny, nz);
+ point_double(nx, ny, nz, nx, ny, nz);
+ }
+
+ index = scalar[31 - i / 2];
+ if ((i & 1) == 1) {
+ index &= 15;
+ } else {
+ index >>= 4;
+ }
+
+ /* See the comments in scalar_base_mult about handling infinities. */
+ select_jacobian_point(px, py, pz, precomp[0][0], index);
+ point_add(tx, ty, tz, nx, ny, nz, px, py, pz);
+ copy_conditional(nx, px, n_is_infinity_mask);
+ copy_conditional(ny, py, n_is_infinity_mask);
+ copy_conditional(nz, pz, n_is_infinity_mask);
+
+ p_is_noninfinite_mask = NON_ZERO_TO_ALL_ONES(index);
+ mask = p_is_noninfinite_mask & ~n_is_infinity_mask;
+ copy_conditional(nx, tx, mask);
+ copy_conditional(ny, ty, mask);
+ copy_conditional(nz, tz, mask);
+ n_is_infinity_mask &= ~p_is_noninfinite_mask;
+ }
+}
+
+/* Interface with Freebl: */
+
+/* BYTESWAP_MP_DIGIT_TO_LE swaps the bytes of a mp_digit to
+ * little-endian order.
+ */
+#ifdef IS_BIG_ENDIAN
+#ifdef __APPLE__
+#include <libkern/OSByteOrder.h>
+#define BYTESWAP32(x) OSSwapInt32(x)
+#define BYTESWAP64(x) OSSwapInt64(x)
+#else
+#define BYTESWAP32(x) \
+ (((x) >> 24) | (((x) >> 8) & 0xff00) | (((x)&0xff00) << 8) | ((x) << 24))
+#define BYTESWAP64(x) \
+ (((x) >> 56) | (((x) >> 40) & 0xff00) | \
+ (((x) >> 24) & 0xff0000) | (((x) >> 8) & 0xff000000) | \
+ (((x)&0xff000000) << 8) | (((x)&0xff0000) << 24) | \
+ (((x)&0xff00) << 40) | ((x) << 56))
+#endif
+
+#ifdef MP_USE_UINT_DIGIT
+#define BYTESWAP_MP_DIGIT_TO_LE(x) BYTESWAP32(x)
+#else
+#define BYTESWAP_MP_DIGIT_TO_LE(x) BYTESWAP64(x)
+#endif
+#endif /* IS_BIG_ENDIAN */
+
+#ifdef MP_USE_UINT_DIGIT
+static const mp_digit kRInvDigits[8] = {
+ 0x80000000, 1, 0xffffffff, 0,
+ 0x80000001, 0xfffffffe, 1, 0x7fffffff
+};
+#else
+static const mp_digit kRInvDigits[4] = {
+ PR_UINT64(0x180000000), 0xffffffff,
+ PR_UINT64(0xfffffffe80000001), PR_UINT64(0x7fffffff00000001)
+};
+#endif
+#define MP_DIGITS_IN_256_BITS (32 / sizeof(mp_digit))
+static const mp_int kRInv = {
+ MP_ZPOS,
+ MP_DIGITS_IN_256_BITS,
+ MP_DIGITS_IN_256_BITS,
+ (mp_digit *)kRInvDigits
+};
+
+static const limb kTwo28 = 0x10000000;
+static const limb kTwo29 = 0x20000000;
+
+/* to_montgomery sets out = R*in. */
+static mp_err
+to_montgomery(felem out, const mp_int *in, const ECGroup *group)
+{
+ /* There are no MPI functions for bitshift operations and we wish to shift
+ * in 257 bits left so we move the digits 256-bits left and then multiply
+ * by two.
+ */
+ mp_int in_shifted;
+ int i;
+ mp_err res;
+
+ MP_CHECKOK(mp_init(&in_shifted));
+ MP_CHECKOK(s_mp_pad(&in_shifted, MP_USED(in) + MP_DIGITS_IN_256_BITS));
+ memcpy(&MP_DIGIT(&in_shifted, MP_DIGITS_IN_256_BITS),
+ MP_DIGITS(in),
+ MP_USED(in) * sizeof(mp_digit));
+ MP_CHECKOK(mp_mul_2(&in_shifted, &in_shifted));
+ MP_CHECKOK(group->meth->field_mod(&in_shifted, &in_shifted, group->meth));
+
+ for (i = 0;; i++) {
+ out[i] = MP_DIGIT(&in_shifted, 0) & kBottom29Bits;
+ MP_CHECKOK(mp_div_d(&in_shifted, kTwo29, &in_shifted, NULL));
+
+ i++;
+ if (i == NLIMBS)
+ break;
+ out[i] = MP_DIGIT(&in_shifted, 0) & kBottom28Bits;
+ MP_CHECKOK(mp_div_d(&in_shifted, kTwo28, &in_shifted, NULL));
+ }
+
+CLEANUP:
+ mp_clear(&in_shifted);
+ return res;
+}
+
+/* from_montgomery sets out=in/R. */
+static mp_err
+from_montgomery(mp_int *out, const felem in,
+ const ECGroup *group)
+{
+ mp_int result, tmp;
+ mp_err res;
+ int i;
+
+ MP_CHECKOK(mp_init(&result));
+ MP_CHECKOK(mp_init(&tmp));
+
+ MP_CHECKOK(mp_add_d(&tmp, in[NLIMBS - 1], &result));
+ for (i = NLIMBS - 2; i >= 0; i--) {
+ if ((i & 1) == 0) {
+ MP_CHECKOK(mp_mul_d(&result, kTwo29, &tmp));
+ } else {
+ MP_CHECKOK(mp_mul_d(&result, kTwo28, &tmp));
+ }
+ MP_CHECKOK(mp_add_d(&tmp, in[i], &result));
+ }
+
+ MP_CHECKOK(mp_mul(&result, &kRInv, out));
+ MP_CHECKOK(group->meth->field_mod(out, out, group->meth));
+
+CLEANUP:
+ mp_clear(&result);
+ mp_clear(&tmp);
+ return res;
+}
+
+/* scalar_from_mp_int sets out_scalar=n, where n < the group order. */
+static void
+scalar_from_mp_int(u8 out_scalar[32], const mp_int *n)
+{
+ /* We require that |n| is less than the order of the group and therefore it
+ * will fit into |out_scalar|. However, these is a timing side-channel here
+ * that we cannot avoid: if |n| is sufficiently small it may be one or more
+ * words too short and we'll copy less data.
+ */
+ memset(out_scalar, 0, 32);
+#ifdef IS_LITTLE_ENDIAN
+ memcpy(out_scalar, MP_DIGITS(n), MP_USED(n) * sizeof(mp_digit));
+#else
+ {
+ mp_size i;
+ mp_digit swapped[MP_DIGITS_IN_256_BITS];
+ for (i = 0; i < MP_USED(n); i++) {
+ swapped[i] = BYTESWAP_MP_DIGIT_TO_LE(MP_DIGIT(n, i));
+ }
+ memcpy(out_scalar, swapped, MP_USED(n) * sizeof(mp_digit));
+ }
+#endif
+}
+
+/* ec_GFp_nistp256_base_point_mul sets {out_x,out_y} = nG, where n is < the
+ * order of the group.
+ */
+static mp_err
+ec_GFp_nistp256_base_point_mul(const mp_int *n,
+ mp_int *out_x, mp_int *out_y,
+ const ECGroup *group)
+{
+ u8 scalar[32];
+ felem x, y, z, x_affine, y_affine;
+ mp_err res;
+
+ /* FIXME(agl): test that n < order. */
+
+ scalar_from_mp_int(scalar, n);
+ scalar_base_mult(x, y, z, scalar);
+ point_to_affine(x_affine, y_affine, x, y, z);
+ MP_CHECKOK(from_montgomery(out_x, x_affine, group));
+ MP_CHECKOK(from_montgomery(out_y, y_affine, group));
+
+CLEANUP:
+ return res;
+}
+
+/* ec_GFp_nistp256_point_mul sets {out_x,out_y} = n*{in_x,in_y}, where n is <
+ * the order of the group.
+ */
+static mp_err
+ec_GFp_nistp256_point_mul(const mp_int *n,
+ const mp_int *in_x, const mp_int *in_y,
+ mp_int *out_x, mp_int *out_y,
+ const ECGroup *group)
+{
+ u8 scalar[32];
+ felem x, y, z, x_affine, y_affine, px, py;
+ mp_err res;
+
+ scalar_from_mp_int(scalar, n);
+
+ MP_CHECKOK(to_montgomery(px, in_x, group));
+ MP_CHECKOK(to_montgomery(py, in_y, group));
+
+ scalar_mult(x, y, z, px, py, scalar);
+ point_to_affine(x_affine, y_affine, x, y, z);
+ MP_CHECKOK(from_montgomery(out_x, x_affine, group));
+ MP_CHECKOK(from_montgomery(out_y, y_affine, group));
+
+CLEANUP:
+ return res;
+}
+
+/* ec_GFp_nistp256_point_mul_vartime sets {out_x,out_y} = n1*G +
+ * n2*{in_x,in_y}, where n1 and n2 are < the order of the group.
+ *
+ * As indicated by the name, this function operates in variable time. This
+ * is safe because it's used for signature validation which doesn't deal
+ * with secrets.
+ */
+static mp_err
+ec_GFp_nistp256_points_mul_vartime(
+ const mp_int *n1, const mp_int *n2,
+ const mp_int *in_x, const mp_int *in_y,
+ mp_int *out_x, mp_int *out_y,
+ const ECGroup *group)
+{
+ u8 scalar1[32], scalar2[32];
+ felem x1, y1, z1, x2, y2, z2, x_affine, y_affine, px, py;
+ mp_err res = MP_OKAY;
+
+ /* If n2 == NULL, this is just a base-point multiplication. */
+ if (n2 == NULL) {
+ return ec_GFp_nistp256_base_point_mul(n1, out_x, out_y, group);
+ }
+
+ /* If n1 == nULL, this is just an arbitary-point multiplication. */
+ if (n1 == NULL) {
+ return ec_GFp_nistp256_point_mul(n2, in_x, in_y, out_x, out_y, group);
+ }
+
+ /* If both scalars are zero, then the result is the point at infinity. */
+ if (mp_cmp_z(n1) == 0 && mp_cmp_z(n2) == 0) {
+ mp_zero(out_x);
+ mp_zero(out_y);
+ return res;
+ }
+
+ scalar_from_mp_int(scalar1, n1);
+ scalar_from_mp_int(scalar2, n2);
+
+ MP_CHECKOK(to_montgomery(px, in_x, group));
+ MP_CHECKOK(to_montgomery(py, in_y, group));
+ scalar_base_mult(x1, y1, z1, scalar1);
+ scalar_mult(x2, y2, z2, px, py, scalar2);
+
+ if (mp_cmp_z(n2) == 0) {
+ /* If n2 == 0, then {x2,y2,z2} is zero and the result is just
+ * {x1,y1,z1}. */
+ } else if (mp_cmp_z(n1) == 0) {
+ /* If n1 == 0, then {x1,y1,z1} is zero and the result is just
+ * {x2,y2,z2}. */
+ memcpy(x1, x2, sizeof(x2));
+ memcpy(y1, y2, sizeof(y2));
+ memcpy(z1, z2, sizeof(z2));
+ } else {
+ /* This function handles the case where {x1,y1,z1} == {x2,y2,z2}. */
+ point_add_or_double_vartime(x1, y1, z1, x1, y1, z1, x2, y2, z2);
+ }
+
+ point_to_affine(x_affine, y_affine, x1, y1, z1);
+ MP_CHECKOK(from_montgomery(out_x, x_affine, group));
+ MP_CHECKOK(from_montgomery(out_y, y_affine, group));
+
+CLEANUP:
+ return res;
+}
+
+/* Wire in fast point multiplication for named curves. */
+mp_err
+ec_group_set_gfp256_32(ECGroup *group, ECCurveName name)
+{
+ if (name == ECCurve_NIST_P256) {
+ group->base_point_mul = &ec_GFp_nistp256_base_point_mul;
+ group->point_mul = &ec_GFp_nistp256_point_mul;
+ group->points_mul = &ec_GFp_nistp256_points_mul_vartime;
+ }
+ return MP_OKAY;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_384.c b/security/nss/lib/freebl/ecl/ecp_384.c
new file mode 100644
index 000000000..702fd976e
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_384.c
@@ -0,0 +1,258 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecp.h"
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpi-priv.h"
+
+/* Fast modular reduction for p384 = 2^384 - 2^128 - 2^96 + 2^32 - 1. a can be r.
+ * Uses algorithm 2.30 from Hankerson, Menezes, Vanstone. Guide to
+ * Elliptic Curve Cryptography. */
+static mp_err
+ec_GFp_nistp384_mod(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ int a_bits = mpl_significant_bits(a);
+ int i;
+
+ /* m1, m2 are statically-allocated mp_int of exactly the size we need */
+ mp_int m[10];
+
+#ifdef ECL_THIRTY_TWO_BIT
+ mp_digit s[10][12];
+ for (i = 0; i < 10; i++) {
+ MP_SIGN(&m[i]) = MP_ZPOS;
+ MP_ALLOC(&m[i]) = 12;
+ MP_USED(&m[i]) = 12;
+ MP_DIGITS(&m[i]) = s[i];
+ }
+#else
+ mp_digit s[10][6];
+ for (i = 0; i < 10; i++) {
+ MP_SIGN(&m[i]) = MP_ZPOS;
+ MP_ALLOC(&m[i]) = 6;
+ MP_USED(&m[i]) = 6;
+ MP_DIGITS(&m[i]) = s[i];
+ }
+#endif
+
+#ifdef ECL_THIRTY_TWO_BIT
+ /* for polynomials larger than twice the field size or polynomials
+ * not using all words, use regular reduction */
+ if ((a_bits > 768) || (a_bits <= 736)) {
+ MP_CHECKOK(mp_mod(a, &meth->irr, r));
+ } else {
+ for (i = 0; i < 12; i++) {
+ s[0][i] = MP_DIGIT(a, i);
+ }
+ s[1][0] = 0;
+ s[1][1] = 0;
+ s[1][2] = 0;
+ s[1][3] = 0;
+ s[1][4] = MP_DIGIT(a, 21);
+ s[1][5] = MP_DIGIT(a, 22);
+ s[1][6] = MP_DIGIT(a, 23);
+ s[1][7] = 0;
+ s[1][8] = 0;
+ s[1][9] = 0;
+ s[1][10] = 0;
+ s[1][11] = 0;
+ for (i = 0; i < 12; i++) {
+ s[2][i] = MP_DIGIT(a, i + 12);
+ }
+ s[3][0] = MP_DIGIT(a, 21);
+ s[3][1] = MP_DIGIT(a, 22);
+ s[3][2] = MP_DIGIT(a, 23);
+ for (i = 3; i < 12; i++) {
+ s[3][i] = MP_DIGIT(a, i + 9);
+ }
+ s[4][0] = 0;
+ s[4][1] = MP_DIGIT(a, 23);
+ s[4][2] = 0;
+ s[4][3] = MP_DIGIT(a, 20);
+ for (i = 4; i < 12; i++) {
+ s[4][i] = MP_DIGIT(a, i + 8);
+ }
+ s[5][0] = 0;
+ s[5][1] = 0;
+ s[5][2] = 0;
+ s[5][3] = 0;
+ s[5][4] = MP_DIGIT(a, 20);
+ s[5][5] = MP_DIGIT(a, 21);
+ s[5][6] = MP_DIGIT(a, 22);
+ s[5][7] = MP_DIGIT(a, 23);
+ s[5][8] = 0;
+ s[5][9] = 0;
+ s[5][10] = 0;
+ s[5][11] = 0;
+ s[6][0] = MP_DIGIT(a, 20);
+ s[6][1] = 0;
+ s[6][2] = 0;
+ s[6][3] = MP_DIGIT(a, 21);
+ s[6][4] = MP_DIGIT(a, 22);
+ s[6][5] = MP_DIGIT(a, 23);
+ s[6][6] = 0;
+ s[6][7] = 0;
+ s[6][8] = 0;
+ s[6][9] = 0;
+ s[6][10] = 0;
+ s[6][11] = 0;
+ s[7][0] = MP_DIGIT(a, 23);
+ for (i = 1; i < 12; i++) {
+ s[7][i] = MP_DIGIT(a, i + 11);
+ }
+ s[8][0] = 0;
+ s[8][1] = MP_DIGIT(a, 20);
+ s[8][2] = MP_DIGIT(a, 21);
+ s[8][3] = MP_DIGIT(a, 22);
+ s[8][4] = MP_DIGIT(a, 23);
+ s[8][5] = 0;
+ s[8][6] = 0;
+ s[8][7] = 0;
+ s[8][8] = 0;
+ s[8][9] = 0;
+ s[8][10] = 0;
+ s[8][11] = 0;
+ s[9][0] = 0;
+ s[9][1] = 0;
+ s[9][2] = 0;
+ s[9][3] = MP_DIGIT(a, 23);
+ s[9][4] = MP_DIGIT(a, 23);
+ s[9][5] = 0;
+ s[9][6] = 0;
+ s[9][7] = 0;
+ s[9][8] = 0;
+ s[9][9] = 0;
+ s[9][10] = 0;
+ s[9][11] = 0;
+
+ MP_CHECKOK(mp_add(&m[0], &m[1], r));
+ MP_CHECKOK(mp_add(r, &m[1], r));
+ MP_CHECKOK(mp_add(r, &m[2], r));
+ MP_CHECKOK(mp_add(r, &m[3], r));
+ MP_CHECKOK(mp_add(r, &m[4], r));
+ MP_CHECKOK(mp_add(r, &m[5], r));
+ MP_CHECKOK(mp_add(r, &m[6], r));
+ MP_CHECKOK(mp_sub(r, &m[7], r));
+ MP_CHECKOK(mp_sub(r, &m[8], r));
+ MP_CHECKOK(mp_submod(r, &m[9], &meth->irr, r));
+ s_mp_clamp(r);
+ }
+#else
+ /* for polynomials larger than twice the field size or polynomials
+ * not using all words, use regular reduction */
+ if ((a_bits > 768) || (a_bits <= 736)) {
+ MP_CHECKOK(mp_mod(a, &meth->irr, r));
+ } else {
+ for (i = 0; i < 6; i++) {
+ s[0][i] = MP_DIGIT(a, i);
+ }
+ s[1][0] = 0;
+ s[1][1] = 0;
+ s[1][2] = (MP_DIGIT(a, 10) >> 32) | (MP_DIGIT(a, 11) << 32);
+ s[1][3] = MP_DIGIT(a, 11) >> 32;
+ s[1][4] = 0;
+ s[1][5] = 0;
+ for (i = 0; i < 6; i++) {
+ s[2][i] = MP_DIGIT(a, i + 6);
+ }
+ s[3][0] = (MP_DIGIT(a, 10) >> 32) | (MP_DIGIT(a, 11) << 32);
+ s[3][1] = (MP_DIGIT(a, 11) >> 32) | (MP_DIGIT(a, 6) << 32);
+ for (i = 2; i < 6; i++) {
+ s[3][i] = (MP_DIGIT(a, i + 4) >> 32) | (MP_DIGIT(a, i + 5) << 32);
+ }
+ s[4][0] = (MP_DIGIT(a, 11) >> 32) << 32;
+ s[4][1] = MP_DIGIT(a, 10) << 32;
+ for (i = 2; i < 6; i++) {
+ s[4][i] = MP_DIGIT(a, i + 4);
+ }
+ s[5][0] = 0;
+ s[5][1] = 0;
+ s[5][2] = MP_DIGIT(a, 10);
+ s[5][3] = MP_DIGIT(a, 11);
+ s[5][4] = 0;
+ s[5][5] = 0;
+ s[6][0] = (MP_DIGIT(a, 10) << 32) >> 32;
+ s[6][1] = (MP_DIGIT(a, 10) >> 32) << 32;
+ s[6][2] = MP_DIGIT(a, 11);
+ s[6][3] = 0;
+ s[6][4] = 0;
+ s[6][5] = 0;
+ s[7][0] = (MP_DIGIT(a, 11) >> 32) | (MP_DIGIT(a, 6) << 32);
+ for (i = 1; i < 6; i++) {
+ s[7][i] = (MP_DIGIT(a, i + 5) >> 32) | (MP_DIGIT(a, i + 6) << 32);
+ }
+ s[8][0] = MP_DIGIT(a, 10) << 32;
+ s[8][1] = (MP_DIGIT(a, 10) >> 32) | (MP_DIGIT(a, 11) << 32);
+ s[8][2] = MP_DIGIT(a, 11) >> 32;
+ s[8][3] = 0;
+ s[8][4] = 0;
+ s[8][5] = 0;
+ s[9][0] = 0;
+ s[9][1] = (MP_DIGIT(a, 11) >> 32) << 32;
+ s[9][2] = MP_DIGIT(a, 11) >> 32;
+ s[9][3] = 0;
+ s[9][4] = 0;
+ s[9][5] = 0;
+
+ MP_CHECKOK(mp_add(&m[0], &m[1], r));
+ MP_CHECKOK(mp_add(r, &m[1], r));
+ MP_CHECKOK(mp_add(r, &m[2], r));
+ MP_CHECKOK(mp_add(r, &m[3], r));
+ MP_CHECKOK(mp_add(r, &m[4], r));
+ MP_CHECKOK(mp_add(r, &m[5], r));
+ MP_CHECKOK(mp_add(r, &m[6], r));
+ MP_CHECKOK(mp_sub(r, &m[7], r));
+ MP_CHECKOK(mp_sub(r, &m[8], r));
+ MP_CHECKOK(mp_submod(r, &m[9], &meth->irr, r));
+ s_mp_clamp(r);
+ }
+#endif
+
+CLEANUP:
+ return res;
+}
+
+/* Compute the square of polynomial a, reduce modulo p384. Store the
+ * result in r. r could be a. Uses optimized modular reduction for p384.
+ */
+static mp_err
+ec_GFp_nistp384_sqr(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ MP_CHECKOK(mp_sqr(a, r));
+ MP_CHECKOK(ec_GFp_nistp384_mod(r, r, meth));
+CLEANUP:
+ return res;
+}
+
+/* Compute the product of two polynomials a and b, reduce modulo p384.
+ * Store the result in r. r could be a or b; a could be b. Uses
+ * optimized modular reduction for p384. */
+static mp_err
+ec_GFp_nistp384_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ MP_CHECKOK(mp_mul(a, b, r));
+ MP_CHECKOK(ec_GFp_nistp384_mod(r, r, meth));
+CLEANUP:
+ return res;
+}
+
+/* Wire in fast field arithmetic and precomputation of base point for
+ * named curves. */
+mp_err
+ec_group_set_gfp384(ECGroup *group, ECCurveName name)
+{
+ if (name == ECCurve_NIST_P384) {
+ group->meth->field_mod = &ec_GFp_nistp384_mod;
+ group->meth->field_mul = &ec_GFp_nistp384_mul;
+ group->meth->field_sqr = &ec_GFp_nistp384_sqr;
+ }
+ return MP_OKAY;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_521.c b/security/nss/lib/freebl/ecl/ecp_521.c
new file mode 100644
index 000000000..6ca0dbb11
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_521.c
@@ -0,0 +1,137 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecp.h"
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpi-priv.h"
+
+#define ECP521_DIGITS ECL_CURVE_DIGITS(521)
+
+/* Fast modular reduction for p521 = 2^521 - 1. a can be r. Uses
+ * algorithm 2.31 from Hankerson, Menezes, Vanstone. Guide to
+ * Elliptic Curve Cryptography. */
+static mp_err
+ec_GFp_nistp521_mod(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ int a_bits = mpl_significant_bits(a);
+ unsigned int i;
+
+ /* m1, m2 are statically-allocated mp_int of exactly the size we need */
+ mp_int m1;
+
+ mp_digit s1[ECP521_DIGITS] = { 0 };
+
+ MP_SIGN(&m1) = MP_ZPOS;
+ MP_ALLOC(&m1) = ECP521_DIGITS;
+ MP_USED(&m1) = ECP521_DIGITS;
+ MP_DIGITS(&m1) = s1;
+
+ if (a_bits < 521) {
+ if (a == r)
+ return MP_OKAY;
+ return mp_copy(a, r);
+ }
+ /* for polynomials larger than twice the field size or polynomials
+ * not using all words, use regular reduction */
+ if (a_bits > (521 * 2)) {
+ MP_CHECKOK(mp_mod(a, &meth->irr, r));
+ } else {
+#define FIRST_DIGIT (ECP521_DIGITS - 1)
+ for (i = FIRST_DIGIT; i < MP_USED(a) - 1; i++) {
+ s1[i - FIRST_DIGIT] = (MP_DIGIT(a, i) >> 9) | (MP_DIGIT(a, 1 + i) << (MP_DIGIT_BIT - 9));
+ }
+ s1[i - FIRST_DIGIT] = MP_DIGIT(a, i) >> 9;
+
+ if (a != r) {
+ MP_CHECKOK(s_mp_pad(r, ECP521_DIGITS));
+ for (i = 0; i < ECP521_DIGITS; i++) {
+ MP_DIGIT(r, i) = MP_DIGIT(a, i);
+ }
+ }
+ MP_USED(r) = ECP521_DIGITS;
+ MP_DIGIT(r, FIRST_DIGIT) &= 0x1FF;
+
+ MP_CHECKOK(s_mp_add(r, &m1));
+ if (MP_DIGIT(r, FIRST_DIGIT) & 0x200) {
+ MP_CHECKOK(s_mp_add_d(r, 1));
+ MP_DIGIT(r, FIRST_DIGIT) &= 0x1FF;
+ } else if (s_mp_cmp(r, &meth->irr) == 0) {
+ mp_zero(r);
+ }
+ s_mp_clamp(r);
+ }
+
+CLEANUP:
+ return res;
+}
+
+/* Compute the square of polynomial a, reduce modulo p521. Store the
+ * result in r. r could be a. Uses optimized modular reduction for p521.
+ */
+static mp_err
+ec_GFp_nistp521_sqr(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ MP_CHECKOK(mp_sqr(a, r));
+ MP_CHECKOK(ec_GFp_nistp521_mod(r, r, meth));
+CLEANUP:
+ return res;
+}
+
+/* Compute the product of two polynomials a and b, reduce modulo p521.
+ * Store the result in r. r could be a or b; a could be b. Uses
+ * optimized modular reduction for p521. */
+static mp_err
+ec_GFp_nistp521_mul(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ MP_CHECKOK(mp_mul(a, b, r));
+ MP_CHECKOK(ec_GFp_nistp521_mod(r, r, meth));
+CLEANUP:
+ return res;
+}
+
+/* Divides two field elements. If a is NULL, then returns the inverse of
+ * b. */
+static mp_err
+ec_GFp_nistp521_div(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+ mp_int t;
+
+ /* If a is NULL, then return the inverse of b, otherwise return a/b. */
+ if (a == NULL) {
+ return mp_invmod(b, &meth->irr, r);
+ } else {
+ /* MPI doesn't support divmod, so we implement it using invmod and
+ * mulmod. */
+ MP_CHECKOK(mp_init(&t));
+ MP_CHECKOK(mp_invmod(b, &meth->irr, &t));
+ MP_CHECKOK(mp_mul(a, &t, r));
+ MP_CHECKOK(ec_GFp_nistp521_mod(r, r, meth));
+ CLEANUP:
+ mp_clear(&t);
+ return res;
+ }
+}
+
+/* Wire in fast field arithmetic and precomputation of base point for
+ * named curves. */
+mp_err
+ec_group_set_gfp521(ECGroup *group, ECCurveName name)
+{
+ if (name == ECCurve_NIST_P521) {
+ group->meth->field_mod = &ec_GFp_nistp521_mod;
+ group->meth->field_mul = &ec_GFp_nistp521_mul;
+ group->meth->field_sqr = &ec_GFp_nistp521_sqr;
+ group->meth->field_div = &ec_GFp_nistp521_div;
+ }
+ return MP_OKAY;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_aff.c b/security/nss/lib/freebl/ecl/ecp_aff.c
new file mode 100644
index 000000000..47fb27326
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_aff.c
@@ -0,0 +1,308 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecp.h"
+#include "mplogic.h"
+#include <stdlib.h>
+
+/* Checks if point P(px, py) is at infinity. Uses affine coordinates. */
+mp_err
+ec_GFp_pt_is_inf_aff(const mp_int *px, const mp_int *py)
+{
+
+ if ((mp_cmp_z(px) == 0) && (mp_cmp_z(py) == 0)) {
+ return MP_YES;
+ } else {
+ return MP_NO;
+ }
+}
+
+/* Sets P(px, py) to be the point at infinity. Uses affine coordinates. */
+mp_err
+ec_GFp_pt_set_inf_aff(mp_int *px, mp_int *py)
+{
+ mp_zero(px);
+ mp_zero(py);
+ return MP_OKAY;
+}
+
+/* Computes R = P + Q based on IEEE P1363 A.10.1. Elliptic curve points P,
+ * Q, and R can all be identical. Uses affine coordinates. Assumes input
+ * is already field-encoded using field_enc, and returns output that is
+ * still field-encoded. */
+mp_err
+ec_GFp_pt_add_aff(const mp_int *px, const mp_int *py, const mp_int *qx,
+ const mp_int *qy, mp_int *rx, mp_int *ry,
+ const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int lambda, temp, tempx, tempy;
+
+ MP_DIGITS(&lambda) = 0;
+ MP_DIGITS(&temp) = 0;
+ MP_DIGITS(&tempx) = 0;
+ MP_DIGITS(&tempy) = 0;
+ MP_CHECKOK(mp_init(&lambda));
+ MP_CHECKOK(mp_init(&temp));
+ MP_CHECKOK(mp_init(&tempx));
+ MP_CHECKOK(mp_init(&tempy));
+ /* if P = inf, then R = Q */
+ if (ec_GFp_pt_is_inf_aff(px, py) == 0) {
+ MP_CHECKOK(mp_copy(qx, rx));
+ MP_CHECKOK(mp_copy(qy, ry));
+ res = MP_OKAY;
+ goto CLEANUP;
+ }
+ /* if Q = inf, then R = P */
+ if (ec_GFp_pt_is_inf_aff(qx, qy) == 0) {
+ MP_CHECKOK(mp_copy(px, rx));
+ MP_CHECKOK(mp_copy(py, ry));
+ res = MP_OKAY;
+ goto CLEANUP;
+ }
+ /* if px != qx, then lambda = (py-qy) / (px-qx) */
+ if (mp_cmp(px, qx) != 0) {
+ MP_CHECKOK(group->meth->field_sub(py, qy, &tempy, group->meth));
+ MP_CHECKOK(group->meth->field_sub(px, qx, &tempx, group->meth));
+ MP_CHECKOK(group->meth->field_div(&tempy, &tempx, &lambda, group->meth));
+ } else {
+ /* if py != qy or qy = 0, then R = inf */
+ if (((mp_cmp(py, qy) != 0)) || (mp_cmp_z(qy) == 0)) {
+ mp_zero(rx);
+ mp_zero(ry);
+ res = MP_OKAY;
+ goto CLEANUP;
+ }
+ /* lambda = (3qx^2+a) / (2qy) */
+ MP_CHECKOK(group->meth->field_sqr(qx, &tempx, group->meth));
+ MP_CHECKOK(mp_set_int(&temp, 3));
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(&temp, &temp, group->meth));
+ }
+ MP_CHECKOK(group->meth->field_mul(&tempx, &temp, &tempx, group->meth));
+ MP_CHECKOK(group->meth->field_add(&tempx, &group->curvea, &tempx, group->meth));
+ MP_CHECKOK(mp_set_int(&temp, 2));
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(&temp, &temp, group->meth));
+ }
+ MP_CHECKOK(group->meth->field_mul(qy, &temp, &tempy, group->meth));
+ MP_CHECKOK(group->meth->field_div(&tempx, &tempy, &lambda, group->meth));
+ }
+ /* rx = lambda^2 - px - qx */
+ MP_CHECKOK(group->meth->field_sqr(&lambda, &tempx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(&tempx, px, &tempx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(&tempx, qx, &tempx, group->meth));
+ /* ry = (x1-x2) * lambda - y1 */
+ MP_CHECKOK(group->meth->field_sub(qx, &tempx, &tempy, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&tempy, &lambda, &tempy, group->meth));
+ MP_CHECKOK(group->meth->field_sub(&tempy, qy, &tempy, group->meth));
+ MP_CHECKOK(mp_copy(&tempx, rx));
+ MP_CHECKOK(mp_copy(&tempy, ry));
+
+CLEANUP:
+ mp_clear(&lambda);
+ mp_clear(&temp);
+ mp_clear(&tempx);
+ mp_clear(&tempy);
+ return res;
+}
+
+/* Computes R = P - Q. Elliptic curve points P, Q, and R can all be
+ * identical. Uses affine coordinates. Assumes input is already
+ * field-encoded using field_enc, and returns output that is still
+ * field-encoded. */
+mp_err
+ec_GFp_pt_sub_aff(const mp_int *px, const mp_int *py, const mp_int *qx,
+ const mp_int *qy, mp_int *rx, mp_int *ry,
+ const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int nqy;
+
+ MP_DIGITS(&nqy) = 0;
+ MP_CHECKOK(mp_init(&nqy));
+ /* nqy = -qy */
+ MP_CHECKOK(group->meth->field_neg(qy, &nqy, group->meth));
+ res = group->point_add(px, py, qx, &nqy, rx, ry, group);
+CLEANUP:
+ mp_clear(&nqy);
+ return res;
+}
+
+/* Computes R = 2P. Elliptic curve points P and R can be identical. Uses
+ * affine coordinates. Assumes input is already field-encoded using
+ * field_enc, and returns output that is still field-encoded. */
+mp_err
+ec_GFp_pt_dbl_aff(const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, const ECGroup *group)
+{
+ return ec_GFp_pt_add_aff(px, py, px, py, rx, ry, group);
+}
+
+/* by default, this routine is unused and thus doesn't need to be compiled */
+#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
+/* Computes R = nP based on IEEE P1363 A.10.3. Elliptic curve points P and
+ * R can be identical. Uses affine coordinates. Assumes input is already
+ * field-encoded using field_enc, and returns output that is still
+ * field-encoded. */
+mp_err
+ec_GFp_pt_mul_aff(const mp_int *n, const mp_int *px, const mp_int *py,
+ mp_int *rx, mp_int *ry, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int k, k3, qx, qy, sx, sy;
+ int b1, b3, i, l;
+
+ MP_DIGITS(&k) = 0;
+ MP_DIGITS(&k3) = 0;
+ MP_DIGITS(&qx) = 0;
+ MP_DIGITS(&qy) = 0;
+ MP_DIGITS(&sx) = 0;
+ MP_DIGITS(&sy) = 0;
+ MP_CHECKOK(mp_init(&k));
+ MP_CHECKOK(mp_init(&k3));
+ MP_CHECKOK(mp_init(&qx));
+ MP_CHECKOK(mp_init(&qy));
+ MP_CHECKOK(mp_init(&sx));
+ MP_CHECKOK(mp_init(&sy));
+
+ /* if n = 0 then r = inf */
+ if (mp_cmp_z(n) == 0) {
+ mp_zero(rx);
+ mp_zero(ry);
+ res = MP_OKAY;
+ goto CLEANUP;
+ }
+ /* Q = P, k = n */
+ MP_CHECKOK(mp_copy(px, &qx));
+ MP_CHECKOK(mp_copy(py, &qy));
+ MP_CHECKOK(mp_copy(n, &k));
+ /* if n < 0 then Q = -Q, k = -k */
+ if (mp_cmp_z(n) < 0) {
+ MP_CHECKOK(group->meth->field_neg(&qy, &qy, group->meth));
+ MP_CHECKOK(mp_neg(&k, &k));
+ }
+#ifdef ECL_DEBUG /* basic double and add method */
+ l = mpl_significant_bits(&k) - 1;
+ MP_CHECKOK(mp_copy(&qx, &sx));
+ MP_CHECKOK(mp_copy(&qy, &sy));
+ for (i = l - 1; i >= 0; i--) {
+ /* S = 2S */
+ MP_CHECKOK(group->point_dbl(&sx, &sy, &sx, &sy, group));
+ /* if k_i = 1, then S = S + Q */
+ if (mpl_get_bit(&k, i) != 0) {
+ MP_CHECKOK(group->point_add(&sx, &sy, &qx, &qy, &sx, &sy, group));
+ }
+ }
+#else /* double and add/subtract method from \
+ * standard */
+ /* k3 = 3 * k */
+ MP_CHECKOK(mp_set_int(&k3, 3));
+ MP_CHECKOK(mp_mul(&k, &k3, &k3));
+ /* S = Q */
+ MP_CHECKOK(mp_copy(&qx, &sx));
+ MP_CHECKOK(mp_copy(&qy, &sy));
+ /* l = index of high order bit in binary representation of 3*k */
+ l = mpl_significant_bits(&k3) - 1;
+ /* for i = l-1 downto 1 */
+ for (i = l - 1; i >= 1; i--) {
+ /* S = 2S */
+ MP_CHECKOK(group->point_dbl(&sx, &sy, &sx, &sy, group));
+ b3 = MP_GET_BIT(&k3, i);
+ b1 = MP_GET_BIT(&k, i);
+ /* if k3_i = 1 and k_i = 0, then S = S + Q */
+ if ((b3 == 1) && (b1 == 0)) {
+ MP_CHECKOK(group->point_add(&sx, &sy, &qx, &qy, &sx, &sy, group));
+ /* if k3_i = 0 and k_i = 1, then S = S - Q */
+ } else if ((b3 == 0) && (b1 == 1)) {
+ MP_CHECKOK(group->point_sub(&sx, &sy, &qx, &qy, &sx, &sy, group));
+ }
+ }
+#endif
+ /* output S */
+ MP_CHECKOK(mp_copy(&sx, rx));
+ MP_CHECKOK(mp_copy(&sy, ry));
+
+CLEANUP:
+ mp_clear(&k);
+ mp_clear(&k3);
+ mp_clear(&qx);
+ mp_clear(&qy);
+ mp_clear(&sx);
+ mp_clear(&sy);
+ return res;
+}
+#endif
+
+/* Validates a point on a GFp curve. */
+mp_err
+ec_GFp_validate_point(const mp_int *px, const mp_int *py, const ECGroup *group)
+{
+ mp_err res = MP_NO;
+ mp_int accl, accr, tmp, pxt, pyt;
+
+ MP_DIGITS(&accl) = 0;
+ MP_DIGITS(&accr) = 0;
+ MP_DIGITS(&tmp) = 0;
+ MP_DIGITS(&pxt) = 0;
+ MP_DIGITS(&pyt) = 0;
+ MP_CHECKOK(mp_init(&accl));
+ MP_CHECKOK(mp_init(&accr));
+ MP_CHECKOK(mp_init(&tmp));
+ MP_CHECKOK(mp_init(&pxt));
+ MP_CHECKOK(mp_init(&pyt));
+
+ /* 1: Verify that publicValue is not the point at infinity */
+ if (ec_GFp_pt_is_inf_aff(px, py) == MP_YES) {
+ res = MP_NO;
+ goto CLEANUP;
+ }
+ /* 2: Verify that the coordinates of publicValue are elements
+ * of the field.
+ */
+ if ((MP_SIGN(px) == MP_NEG) || (mp_cmp(px, &group->meth->irr) >= 0) ||
+ (MP_SIGN(py) == MP_NEG) || (mp_cmp(py, &group->meth->irr) >= 0)) {
+ res = MP_NO;
+ goto CLEANUP;
+ }
+ /* 3: Verify that publicValue is on the curve. */
+ if (group->meth->field_enc) {
+ group->meth->field_enc(px, &pxt, group->meth);
+ group->meth->field_enc(py, &pyt, group->meth);
+ } else {
+ MP_CHECKOK(mp_copy(px, &pxt));
+ MP_CHECKOK(mp_copy(py, &pyt));
+ }
+ /* left-hand side: y^2 */
+ MP_CHECKOK(group->meth->field_sqr(&pyt, &accl, group->meth));
+ /* right-hand side: x^3 + a*x + b = (x^2 + a)*x + b by Horner's rule */
+ MP_CHECKOK(group->meth->field_sqr(&pxt, &tmp, group->meth));
+ MP_CHECKOK(group->meth->field_add(&tmp, &group->curvea, &tmp, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&tmp, &pxt, &accr, group->meth));
+ MP_CHECKOK(group->meth->field_add(&accr, &group->curveb, &accr, group->meth));
+ /* check LHS - RHS == 0 */
+ MP_CHECKOK(group->meth->field_sub(&accl, &accr, &accr, group->meth));
+ if (mp_cmp_z(&accr) != 0) {
+ res = MP_NO;
+ goto CLEANUP;
+ }
+ /* 4: Verify that the order of the curve times the publicValue
+ * is the point at infinity.
+ */
+ MP_CHECKOK(ECPoint_mul(group, &group->order, px, py, &pxt, &pyt));
+ if (ec_GFp_pt_is_inf_aff(&pxt, &pyt) != MP_YES) {
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ res = MP_YES;
+
+CLEANUP:
+ mp_clear(&accl);
+ mp_clear(&accr);
+ mp_clear(&tmp);
+ mp_clear(&pxt);
+ mp_clear(&pyt);
+ return res;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_jac.c b/security/nss/lib/freebl/ecl/ecp_jac.c
new file mode 100644
index 000000000..535e75903
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_jac.c
@@ -0,0 +1,513 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecp.h"
+#include "mplogic.h"
+#include <stdlib.h>
+#ifdef ECL_DEBUG
+#include <assert.h>
+#endif
+
+/* Converts a point P(px, py) from affine coordinates to Jacobian
+ * projective coordinates R(rx, ry, rz). Assumes input is already
+ * field-encoded using field_enc, and returns output that is still
+ * field-encoded. */
+mp_err
+ec_GFp_pt_aff2jac(const mp_int *px, const mp_int *py, mp_int *rx,
+ mp_int *ry, mp_int *rz, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+
+ if (ec_GFp_pt_is_inf_aff(px, py) == MP_YES) {
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, rz));
+ } else {
+ MP_CHECKOK(mp_copy(px, rx));
+ MP_CHECKOK(mp_copy(py, ry));
+ MP_CHECKOK(mp_set_int(rz, 1));
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(rz, rz, group->meth));
+ }
+ }
+CLEANUP:
+ return res;
+}
+
+/* Converts a point P(px, py, pz) from Jacobian projective coordinates to
+ * affine coordinates R(rx, ry). P and R can share x and y coordinates.
+ * Assumes input is already field-encoded using field_enc, and returns
+ * output that is still field-encoded. */
+mp_err
+ec_GFp_pt_jac2aff(const mp_int *px, const mp_int *py, const mp_int *pz,
+ mp_int *rx, mp_int *ry, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int z1, z2, z3;
+
+ MP_DIGITS(&z1) = 0;
+ MP_DIGITS(&z2) = 0;
+ MP_DIGITS(&z3) = 0;
+ MP_CHECKOK(mp_init(&z1));
+ MP_CHECKOK(mp_init(&z2));
+ MP_CHECKOK(mp_init(&z3));
+
+ /* if point at infinity, then set point at infinity and exit */
+ if (ec_GFp_pt_is_inf_jac(px, py, pz) == MP_YES) {
+ MP_CHECKOK(ec_GFp_pt_set_inf_aff(rx, ry));
+ goto CLEANUP;
+ }
+
+ /* transform (px, py, pz) into (px / pz^2, py / pz^3) */
+ if (mp_cmp_d(pz, 1) == 0) {
+ MP_CHECKOK(mp_copy(px, rx));
+ MP_CHECKOK(mp_copy(py, ry));
+ } else {
+ MP_CHECKOK(group->meth->field_div(NULL, pz, &z1, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(&z1, &z2, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&z1, &z2, &z3, group->meth));
+ MP_CHECKOK(group->meth->field_mul(px, &z2, rx, group->meth));
+ MP_CHECKOK(group->meth->field_mul(py, &z3, ry, group->meth));
+ }
+
+CLEANUP:
+ mp_clear(&z1);
+ mp_clear(&z2);
+ mp_clear(&z3);
+ return res;
+}
+
+/* Checks if point P(px, py, pz) is at infinity. Uses Jacobian
+ * coordinates. */
+mp_err
+ec_GFp_pt_is_inf_jac(const mp_int *px, const mp_int *py, const mp_int *pz)
+{
+ return mp_cmp_z(pz);
+}
+
+/* Sets P(px, py, pz) to be the point at infinity. Uses Jacobian
+ * coordinates. */
+mp_err
+ec_GFp_pt_set_inf_jac(mp_int *px, mp_int *py, mp_int *pz)
+{
+ mp_zero(pz);
+ return MP_OKAY;
+}
+
+/* Computes R = P + Q where R is (rx, ry, rz), P is (px, py, pz) and Q is
+ * (qx, qy, 1). Elliptic curve points P, Q, and R can all be identical.
+ * Uses mixed Jacobian-affine coordinates. Assumes input is already
+ * field-encoded using field_enc, and returns output that is still
+ * field-encoded. Uses equation (2) from Brown, Hankerson, Lopez, and
+ * Menezes. Software Implementation of the NIST Elliptic Curves Over Prime
+ * Fields. */
+mp_err
+ec_GFp_pt_add_jac_aff(const mp_int *px, const mp_int *py, const mp_int *pz,
+ const mp_int *qx, const mp_int *qy, mp_int *rx,
+ mp_int *ry, mp_int *rz, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int A, B, C, D, C2, C3;
+
+ MP_DIGITS(&A) = 0;
+ MP_DIGITS(&B) = 0;
+ MP_DIGITS(&C) = 0;
+ MP_DIGITS(&D) = 0;
+ MP_DIGITS(&C2) = 0;
+ MP_DIGITS(&C3) = 0;
+ MP_CHECKOK(mp_init(&A));
+ MP_CHECKOK(mp_init(&B));
+ MP_CHECKOK(mp_init(&C));
+ MP_CHECKOK(mp_init(&D));
+ MP_CHECKOK(mp_init(&C2));
+ MP_CHECKOK(mp_init(&C3));
+
+ /* If either P or Q is the point at infinity, then return the other
+ * point */
+ if (ec_GFp_pt_is_inf_jac(px, py, pz) == MP_YES) {
+ MP_CHECKOK(ec_GFp_pt_aff2jac(qx, qy, rx, ry, rz, group));
+ goto CLEANUP;
+ }
+ if (ec_GFp_pt_is_inf_aff(qx, qy) == MP_YES) {
+ MP_CHECKOK(mp_copy(px, rx));
+ MP_CHECKOK(mp_copy(py, ry));
+ MP_CHECKOK(mp_copy(pz, rz));
+ goto CLEANUP;
+ }
+
+ /* A = qx * pz^2, B = qy * pz^3 */
+ MP_CHECKOK(group->meth->field_sqr(pz, &A, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&A, pz, &B, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&A, qx, &A, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&B, qy, &B, group->meth));
+
+ /* C = A - px, D = B - py */
+ MP_CHECKOK(group->meth->field_sub(&A, px, &C, group->meth));
+ MP_CHECKOK(group->meth->field_sub(&B, py, &D, group->meth));
+
+ if (mp_cmp_z(&C) == 0) {
+ /* P == Q or P == -Q */
+ if (mp_cmp_z(&D) == 0) {
+ /* P == Q */
+ /* It is cheaper to double (qx, qy, 1) than (px, py, pz). */
+ MP_DIGIT(&D, 0) = 1; /* Set D to 1. */
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(qx, qy, &D, rx, ry, rz, group));
+ } else {
+ /* P == -Q */
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, rz));
+ }
+ goto CLEANUP;
+ }
+
+ /* C2 = C^2, C3 = C^3 */
+ MP_CHECKOK(group->meth->field_sqr(&C, &C2, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&C, &C2, &C3, group->meth));
+
+ /* rz = pz * C */
+ MP_CHECKOK(group->meth->field_mul(pz, &C, rz, group->meth));
+
+ /* C = px * C^2 */
+ MP_CHECKOK(group->meth->field_mul(px, &C2, &C, group->meth));
+ /* A = D^2 */
+ MP_CHECKOK(group->meth->field_sqr(&D, &A, group->meth));
+
+ /* rx = D^2 - (C^3 + 2 * (px * C^2)) */
+ MP_CHECKOK(group->meth->field_add(&C, &C, rx, group->meth));
+ MP_CHECKOK(group->meth->field_add(&C3, rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(&A, rx, rx, group->meth));
+
+ /* C3 = py * C^3 */
+ MP_CHECKOK(group->meth->field_mul(py, &C3, &C3, group->meth));
+
+ /* ry = D * (px * C^2 - rx) - py * C^3 */
+ MP_CHECKOK(group->meth->field_sub(&C, rx, ry, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&D, ry, ry, group->meth));
+ MP_CHECKOK(group->meth->field_sub(ry, &C3, ry, group->meth));
+
+CLEANUP:
+ mp_clear(&A);
+ mp_clear(&B);
+ mp_clear(&C);
+ mp_clear(&D);
+ mp_clear(&C2);
+ mp_clear(&C3);
+ return res;
+}
+
+/* Computes R = 2P. Elliptic curve points P and R can be identical. Uses
+ * Jacobian coordinates.
+ *
+ * Assumes input is already field-encoded using field_enc, and returns
+ * output that is still field-encoded.
+ *
+ * This routine implements Point Doubling in the Jacobian Projective
+ * space as described in the paper "Efficient elliptic curve exponentiation
+ * using mixed coordinates", by H. Cohen, A Miyaji, T. Ono.
+ */
+mp_err
+ec_GFp_pt_dbl_jac(const mp_int *px, const mp_int *py, const mp_int *pz,
+ mp_int *rx, mp_int *ry, mp_int *rz, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int t0, t1, M, S;
+
+ MP_DIGITS(&t0) = 0;
+ MP_DIGITS(&t1) = 0;
+ MP_DIGITS(&M) = 0;
+ MP_DIGITS(&S) = 0;
+ MP_CHECKOK(mp_init(&t0));
+ MP_CHECKOK(mp_init(&t1));
+ MP_CHECKOK(mp_init(&M));
+ MP_CHECKOK(mp_init(&S));
+
+ /* P == inf or P == -P */
+ if (ec_GFp_pt_is_inf_jac(px, py, pz) == MP_YES || mp_cmp_z(py) == 0) {
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, rz));
+ goto CLEANUP;
+ }
+
+ if (mp_cmp_d(pz, 1) == 0) {
+ /* M = 3 * px^2 + a */
+ MP_CHECKOK(group->meth->field_sqr(px, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(&t0, &t0, &M, group->meth));
+ MP_CHECKOK(group->meth->field_add(&t0, &M, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(&t0, &group->curvea, &M, group->meth));
+ } else if (MP_SIGN(&group->curvea) == MP_NEG &&
+ MP_USED(&group->curvea) == 1 &&
+ MP_DIGIT(&group->curvea, 0) == 3) {
+ /* M = 3 * (px + pz^2) * (px - pz^2) */
+ MP_CHECKOK(group->meth->field_sqr(pz, &M, group->meth));
+ MP_CHECKOK(group->meth->field_add(px, &M, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_sub(px, &M, &t1, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&t0, &t1, &M, group->meth));
+ MP_CHECKOK(group->meth->field_add(&M, &M, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(&t0, &M, &M, group->meth));
+ } else {
+ /* M = 3 * (px^2) + a * (pz^4) */
+ MP_CHECKOK(group->meth->field_sqr(px, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(&t0, &t0, &M, group->meth));
+ MP_CHECKOK(group->meth->field_add(&t0, &M, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(pz, &M, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(&M, &M, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&M, &group->curvea, &M, group->meth));
+ MP_CHECKOK(group->meth->field_add(&M, &t0, &M, group->meth));
+ }
+
+ /* rz = 2 * py * pz */
+ /* t0 = 4 * py^2 */
+ if (mp_cmp_d(pz, 1) == 0) {
+ MP_CHECKOK(group->meth->field_add(py, py, rz, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(rz, &t0, group->meth));
+ } else {
+ MP_CHECKOK(group->meth->field_add(py, py, &t0, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&t0, pz, rz, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(&t0, &t0, group->meth));
+ }
+
+ /* S = 4 * px * py^2 = px * (2 * py)^2 */
+ MP_CHECKOK(group->meth->field_mul(px, &t0, &S, group->meth));
+
+ /* rx = M^2 - 2 * S */
+ MP_CHECKOK(group->meth->field_add(&S, &S, &t1, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(&M, rx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(rx, &t1, rx, group->meth));
+
+ /* ry = M * (S - rx) - 8 * py^4 */
+ MP_CHECKOK(group->meth->field_sqr(&t0, &t1, group->meth));
+ if (mp_isodd(&t1)) {
+ MP_CHECKOK(mp_add(&t1, &group->meth->irr, &t1));
+ }
+ MP_CHECKOK(mp_div_2(&t1, &t1));
+ MP_CHECKOK(group->meth->field_sub(&S, rx, &S, group->meth));
+ MP_CHECKOK(group->meth->field_mul(&M, &S, &M, group->meth));
+ MP_CHECKOK(group->meth->field_sub(&M, &t1, ry, group->meth));
+
+CLEANUP:
+ mp_clear(&t0);
+ mp_clear(&t1);
+ mp_clear(&M);
+ mp_clear(&S);
+ return res;
+}
+
+/* by default, this routine is unused and thus doesn't need to be compiled */
+#ifdef ECL_ENABLE_GFP_PT_MUL_JAC
+/* Computes R = nP where R is (rx, ry) and P is (px, py). The parameters
+ * a, b and p are the elliptic curve coefficients and the prime that
+ * determines the field GFp. Elliptic curve points P and R can be
+ * identical. Uses mixed Jacobian-affine coordinates. Assumes input is
+ * already field-encoded using field_enc, and returns output that is still
+ * field-encoded. Uses 4-bit window method. */
+mp_err
+ec_GFp_pt_mul_jac(const mp_int *n, const mp_int *px, const mp_int *py,
+ mp_int *rx, mp_int *ry, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int precomp[16][2], rz;
+ int i, ni, d;
+
+ MP_DIGITS(&rz) = 0;
+ for (i = 0; i < 16; i++) {
+ MP_DIGITS(&precomp[i][0]) = 0;
+ MP_DIGITS(&precomp[i][1]) = 0;
+ }
+
+ ARGCHK(group != NULL, MP_BADARG);
+ ARGCHK((n != NULL) && (px != NULL) && (py != NULL), MP_BADARG);
+
+ /* initialize precomputation table */
+ for (i = 0; i < 16; i++) {
+ MP_CHECKOK(mp_init(&precomp[i][0]));
+ MP_CHECKOK(mp_init(&precomp[i][1]));
+ }
+
+ /* fill precomputation table */
+ mp_zero(&precomp[0][0]);
+ mp_zero(&precomp[0][1]);
+ MP_CHECKOK(mp_copy(px, &precomp[1][0]));
+ MP_CHECKOK(mp_copy(py, &precomp[1][1]));
+ for (i = 2; i < 16; i++) {
+ MP_CHECKOK(group->point_add(&precomp[1][0], &precomp[1][1],
+ &precomp[i - 1][0], &precomp[i - 1][1],
+ &precomp[i][0], &precomp[i][1], group));
+ }
+
+ d = (mpl_significant_bits(n) + 3) / 4;
+
+ /* R = inf */
+ MP_CHECKOK(mp_init(&rz));
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, &rz));
+
+ for (i = d - 1; i >= 0; i--) {
+ /* compute window ni */
+ ni = MP_GET_BIT(n, 4 * i + 3);
+ ni <<= 1;
+ ni |= MP_GET_BIT(n, 4 * i + 2);
+ ni <<= 1;
+ ni |= MP_GET_BIT(n, 4 * i + 1);
+ ni <<= 1;
+ ni |= MP_GET_BIT(n, 4 * i);
+ /* R = 2^4 * R */
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(rx, ry, &rz, rx, ry, &rz, group));
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(rx, ry, &rz, rx, ry, &rz, group));
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(rx, ry, &rz, rx, ry, &rz, group));
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(rx, ry, &rz, rx, ry, &rz, group));
+ /* R = R + (ni * P) */
+ MP_CHECKOK(ec_GFp_pt_add_jac_aff(rx, ry, &rz, &precomp[ni][0], &precomp[ni][1], rx, ry,
+ &rz, group));
+ }
+
+ /* convert result S to affine coordinates */
+ MP_CHECKOK(ec_GFp_pt_jac2aff(rx, ry, &rz, rx, ry, group));
+
+CLEANUP:
+ mp_clear(&rz);
+ for (i = 0; i < 16; i++) {
+ mp_clear(&precomp[i][0]);
+ mp_clear(&precomp[i][1]);
+ }
+ return res;
+}
+#endif
+
+/* Elliptic curve scalar-point multiplication. Computes R(x, y) = k1 * G +
+ * k2 * P(x, y), where G is the generator (base point) of the group of
+ * points on the elliptic curve. Allows k1 = NULL or { k2, P } = NULL.
+ * Uses mixed Jacobian-affine coordinates. Input and output values are
+ * assumed to be NOT field-encoded. Uses algorithm 15 (simultaneous
+ * multiple point multiplication) from Brown, Hankerson, Lopez, Menezes.
+ * Software Implementation of the NIST Elliptic Curves over Prime Fields. */
+mp_err
+ec_GFp_pts_mul_jac(const mp_int *k1, const mp_int *k2, const mp_int *px,
+ const mp_int *py, mp_int *rx, mp_int *ry,
+ const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int precomp[4][4][2];
+ mp_int rz;
+ const mp_int *a, *b;
+ unsigned int i, j;
+ int ai, bi, d;
+
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 4; j++) {
+ MP_DIGITS(&precomp[i][j][0]) = 0;
+ MP_DIGITS(&precomp[i][j][1]) = 0;
+ }
+ }
+ MP_DIGITS(&rz) = 0;
+
+ ARGCHK(group != NULL, MP_BADARG);
+ ARGCHK(!((k1 == NULL) && ((k2 == NULL) || (px == NULL) || (py == NULL))), MP_BADARG);
+
+ /* if some arguments are not defined used ECPoint_mul */
+ if (k1 == NULL) {
+ return ECPoint_mul(group, k2, px, py, rx, ry);
+ } else if ((k2 == NULL) || (px == NULL) || (py == NULL)) {
+ return ECPoint_mul(group, k1, NULL, NULL, rx, ry);
+ }
+
+ /* initialize precomputation table */
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 4; j++) {
+ MP_CHECKOK(mp_init(&precomp[i][j][0]));
+ MP_CHECKOK(mp_init(&precomp[i][j][1]));
+ }
+ }
+
+ /* fill precomputation table */
+ /* assign {k1, k2} = {a, b} such that len(a) >= len(b) */
+ if (mpl_significant_bits(k1) < mpl_significant_bits(k2)) {
+ a = k2;
+ b = k1;
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(px, &precomp[1][0][0], group->meth));
+ MP_CHECKOK(group->meth->field_enc(py, &precomp[1][0][1], group->meth));
+ } else {
+ MP_CHECKOK(mp_copy(px, &precomp[1][0][0]));
+ MP_CHECKOK(mp_copy(py, &precomp[1][0][1]));
+ }
+ MP_CHECKOK(mp_copy(&group->genx, &precomp[0][1][0]));
+ MP_CHECKOK(mp_copy(&group->geny, &precomp[0][1][1]));
+ } else {
+ a = k1;
+ b = k2;
+ MP_CHECKOK(mp_copy(&group->genx, &precomp[1][0][0]));
+ MP_CHECKOK(mp_copy(&group->geny, &precomp[1][0][1]));
+ if (group->meth->field_enc) {
+ MP_CHECKOK(group->meth->field_enc(px, &precomp[0][1][0], group->meth));
+ MP_CHECKOK(group->meth->field_enc(py, &precomp[0][1][1], group->meth));
+ } else {
+ MP_CHECKOK(mp_copy(px, &precomp[0][1][0]));
+ MP_CHECKOK(mp_copy(py, &precomp[0][1][1]));
+ }
+ }
+ /* precompute [*][0][*] */
+ mp_zero(&precomp[0][0][0]);
+ mp_zero(&precomp[0][0][1]);
+ MP_CHECKOK(group->point_dbl(&precomp[1][0][0], &precomp[1][0][1],
+ &precomp[2][0][0], &precomp[2][0][1], group));
+ MP_CHECKOK(group->point_add(&precomp[1][0][0], &precomp[1][0][1],
+ &precomp[2][0][0], &precomp[2][0][1],
+ &precomp[3][0][0], &precomp[3][0][1], group));
+ /* precompute [*][1][*] */
+ for (i = 1; i < 4; i++) {
+ MP_CHECKOK(group->point_add(&precomp[0][1][0], &precomp[0][1][1],
+ &precomp[i][0][0], &precomp[i][0][1],
+ &precomp[i][1][0], &precomp[i][1][1], group));
+ }
+ /* precompute [*][2][*] */
+ MP_CHECKOK(group->point_dbl(&precomp[0][1][0], &precomp[0][1][1],
+ &precomp[0][2][0], &precomp[0][2][1], group));
+ for (i = 1; i < 4; i++) {
+ MP_CHECKOK(group->point_add(&precomp[0][2][0], &precomp[0][2][1],
+ &precomp[i][0][0], &precomp[i][0][1],
+ &precomp[i][2][0], &precomp[i][2][1], group));
+ }
+ /* precompute [*][3][*] */
+ MP_CHECKOK(group->point_add(&precomp[0][1][0], &precomp[0][1][1],
+ &precomp[0][2][0], &precomp[0][2][1],
+ &precomp[0][3][0], &precomp[0][3][1], group));
+ for (i = 1; i < 4; i++) {
+ MP_CHECKOK(group->point_add(&precomp[0][3][0], &precomp[0][3][1],
+ &precomp[i][0][0], &precomp[i][0][1],
+ &precomp[i][3][0], &precomp[i][3][1], group));
+ }
+
+ d = (mpl_significant_bits(a) + 1) / 2;
+
+ /* R = inf */
+ MP_CHECKOK(mp_init(&rz));
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, &rz));
+
+ for (i = d; i-- > 0;) {
+ ai = MP_GET_BIT(a, 2 * i + 1);
+ ai <<= 1;
+ ai |= MP_GET_BIT(a, 2 * i);
+ bi = MP_GET_BIT(b, 2 * i + 1);
+ bi <<= 1;
+ bi |= MP_GET_BIT(b, 2 * i);
+ /* R = 2^2 * R */
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(rx, ry, &rz, rx, ry, &rz, group));
+ MP_CHECKOK(ec_GFp_pt_dbl_jac(rx, ry, &rz, rx, ry, &rz, group));
+ /* R = R + (ai * A + bi * B) */
+ MP_CHECKOK(ec_GFp_pt_add_jac_aff(rx, ry, &rz, &precomp[ai][bi][0], &precomp[ai][bi][1],
+ rx, ry, &rz, group));
+ }
+
+ MP_CHECKOK(ec_GFp_pt_jac2aff(rx, ry, &rz, rx, ry, group));
+
+ if (group->meth->field_dec) {
+ MP_CHECKOK(group->meth->field_dec(rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_dec(ry, ry, group->meth));
+ }
+
+CLEANUP:
+ mp_clear(&rz);
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 4; j++) {
+ mp_clear(&precomp[i][j][0]);
+ mp_clear(&precomp[i][j][1]);
+ }
+ }
+ return res;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_jm.c b/security/nss/lib/freebl/ecl/ecp_jm.c
new file mode 100644
index 000000000..a1106cea8
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_jm.c
@@ -0,0 +1,283 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ecp.h"
+#include "ecl-priv.h"
+#include "mplogic.h"
+#include <stdlib.h>
+
+#define MAX_SCRATCH 6
+
+/* Computes R = 2P. Elliptic curve points P and R can be identical. Uses
+ * Modified Jacobian coordinates.
+ *
+ * Assumes input is already field-encoded using field_enc, and returns
+ * output that is still field-encoded.
+ *
+ */
+static mp_err
+ec_GFp_pt_dbl_jm(const mp_int *px, const mp_int *py, const mp_int *pz,
+ const mp_int *paz4, mp_int *rx, mp_int *ry, mp_int *rz,
+ mp_int *raz4, mp_int scratch[], const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int *t0, *t1, *M, *S;
+
+ t0 = &scratch[0];
+ t1 = &scratch[1];
+ M = &scratch[2];
+ S = &scratch[3];
+
+#if MAX_SCRATCH < 4
+#error "Scratch array defined too small "
+#endif
+
+ /* Check for point at infinity */
+ if (ec_GFp_pt_is_inf_jac(px, py, pz) == MP_YES) {
+ /* Set r = pt at infinity by setting rz = 0 */
+
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, rz));
+ goto CLEANUP;
+ }
+
+ /* M = 3 (px^2) + a*(pz^4) */
+ MP_CHECKOK(group->meth->field_sqr(px, t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(t0, t0, M, group->meth));
+ MP_CHECKOK(group->meth->field_add(t0, M, t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(t0, paz4, M, group->meth));
+
+ /* rz = 2 * py * pz */
+ MP_CHECKOK(group->meth->field_mul(py, pz, S, group->meth));
+ MP_CHECKOK(group->meth->field_add(S, S, rz, group->meth));
+
+ /* t0 = 2y^2 , t1 = 8y^4 */
+ MP_CHECKOK(group->meth->field_sqr(py, t0, group->meth));
+ MP_CHECKOK(group->meth->field_add(t0, t0, t0, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(t0, t1, group->meth));
+ MP_CHECKOK(group->meth->field_add(t1, t1, t1, group->meth));
+
+ /* S = 4 * px * py^2 = 2 * px * t0 */
+ MP_CHECKOK(group->meth->field_mul(px, t0, S, group->meth));
+ MP_CHECKOK(group->meth->field_add(S, S, S, group->meth));
+
+ /* rx = M^2 - 2S */
+ MP_CHECKOK(group->meth->field_sqr(M, rx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(rx, S, rx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(rx, S, rx, group->meth));
+
+ /* ry = M * (S - rx) - t1 */
+ MP_CHECKOK(group->meth->field_sub(S, rx, S, group->meth));
+ MP_CHECKOK(group->meth->field_mul(S, M, ry, group->meth));
+ MP_CHECKOK(group->meth->field_sub(ry, t1, ry, group->meth));
+
+ /* ra*z^4 = 2*t1*(apz4) */
+ MP_CHECKOK(group->meth->field_mul(paz4, t1, raz4, group->meth));
+ MP_CHECKOK(group->meth->field_add(raz4, raz4, raz4, group->meth));
+
+CLEANUP:
+ return res;
+}
+
+/* Computes R = P + Q where R is (rx, ry, rz), P is (px, py, pz) and Q is
+ * (qx, qy, 1). Elliptic curve points P, Q, and R can all be identical.
+ * Uses mixed Modified_Jacobian-affine coordinates. Assumes input is
+ * already field-encoded using field_enc, and returns output that is still
+ * field-encoded. */
+static mp_err
+ec_GFp_pt_add_jm_aff(const mp_int *px, const mp_int *py, const mp_int *pz,
+ const mp_int *paz4, const mp_int *qx,
+ const mp_int *qy, mp_int *rx, mp_int *ry, mp_int *rz,
+ mp_int *raz4, mp_int scratch[], const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int *A, *B, *C, *D, *C2, *C3;
+
+ A = &scratch[0];
+ B = &scratch[1];
+ C = &scratch[2];
+ D = &scratch[3];
+ C2 = &scratch[4];
+ C3 = &scratch[5];
+
+#if MAX_SCRATCH < 6
+#error "Scratch array defined too small "
+#endif
+
+ /* If either P or Q is the point at infinity, then return the other
+ * point */
+ if (ec_GFp_pt_is_inf_jac(px, py, pz) == MP_YES) {
+ MP_CHECKOK(ec_GFp_pt_aff2jac(qx, qy, rx, ry, rz, group));
+ MP_CHECKOK(group->meth->field_sqr(rz, raz4, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(raz4, raz4, group->meth));
+ MP_CHECKOK(group->meth->field_mul(raz4, &group->curvea, raz4, group->meth));
+ goto CLEANUP;
+ }
+ if (ec_GFp_pt_is_inf_aff(qx, qy) == MP_YES) {
+ MP_CHECKOK(mp_copy(px, rx));
+ MP_CHECKOK(mp_copy(py, ry));
+ MP_CHECKOK(mp_copy(pz, rz));
+ MP_CHECKOK(mp_copy(paz4, raz4));
+ goto CLEANUP;
+ }
+
+ /* A = qx * pz^2, B = qy * pz^3 */
+ MP_CHECKOK(group->meth->field_sqr(pz, A, group->meth));
+ MP_CHECKOK(group->meth->field_mul(A, pz, B, group->meth));
+ MP_CHECKOK(group->meth->field_mul(A, qx, A, group->meth));
+ MP_CHECKOK(group->meth->field_mul(B, qy, B, group->meth));
+
+ /* C = A - px, D = B - py */
+ MP_CHECKOK(group->meth->field_sub(A, px, C, group->meth));
+ MP_CHECKOK(group->meth->field_sub(B, py, D, group->meth));
+
+ /* C2 = C^2, C3 = C^3 */
+ MP_CHECKOK(group->meth->field_sqr(C, C2, group->meth));
+ MP_CHECKOK(group->meth->field_mul(C, C2, C3, group->meth));
+
+ /* rz = pz * C */
+ MP_CHECKOK(group->meth->field_mul(pz, C, rz, group->meth));
+
+ /* C = px * C^2 */
+ MP_CHECKOK(group->meth->field_mul(px, C2, C, group->meth));
+ /* A = D^2 */
+ MP_CHECKOK(group->meth->field_sqr(D, A, group->meth));
+
+ /* rx = D^2 - (C^3 + 2 * (px * C^2)) */
+ MP_CHECKOK(group->meth->field_add(C, C, rx, group->meth));
+ MP_CHECKOK(group->meth->field_add(C3, rx, rx, group->meth));
+ MP_CHECKOK(group->meth->field_sub(A, rx, rx, group->meth));
+
+ /* C3 = py * C^3 */
+ MP_CHECKOK(group->meth->field_mul(py, C3, C3, group->meth));
+
+ /* ry = D * (px * C^2 - rx) - py * C^3 */
+ MP_CHECKOK(group->meth->field_sub(C, rx, ry, group->meth));
+ MP_CHECKOK(group->meth->field_mul(D, ry, ry, group->meth));
+ MP_CHECKOK(group->meth->field_sub(ry, C3, ry, group->meth));
+
+ /* raz4 = a * rz^4 */
+ MP_CHECKOK(group->meth->field_sqr(rz, raz4, group->meth));
+ MP_CHECKOK(group->meth->field_sqr(raz4, raz4, group->meth));
+ MP_CHECKOK(group->meth->field_mul(raz4, &group->curvea, raz4, group->meth));
+CLEANUP:
+ return res;
+}
+
+/* Computes R = nP where R is (rx, ry) and P is the base point. Elliptic
+ * curve points P and R can be identical. Uses mixed Modified-Jacobian
+ * co-ordinates for doubling and Chudnovsky Jacobian coordinates for
+ * additions. Assumes input is already field-encoded using field_enc, and
+ * returns output that is still field-encoded. Uses 5-bit window NAF
+ * method (algorithm 11) for scalar-point multiplication from Brown,
+ * Hankerson, Lopez, Menezes. Software Implementation of the NIST Elliptic
+ * Curves Over Prime Fields. */
+mp_err
+ec_GFp_pt_mul_jm_wNAF(const mp_int *n, const mp_int *px, const mp_int *py,
+ mp_int *rx, mp_int *ry, const ECGroup *group)
+{
+ mp_err res = MP_OKAY;
+ mp_int precomp[16][2], rz, tpx, tpy;
+ mp_int raz4;
+ mp_int scratch[MAX_SCRATCH];
+ signed char *naf = NULL;
+ int i, orderBitSize;
+
+ MP_DIGITS(&rz) = 0;
+ MP_DIGITS(&raz4) = 0;
+ MP_DIGITS(&tpx) = 0;
+ MP_DIGITS(&tpy) = 0;
+ for (i = 0; i < 16; i++) {
+ MP_DIGITS(&precomp[i][0]) = 0;
+ MP_DIGITS(&precomp[i][1]) = 0;
+ }
+ for (i = 0; i < MAX_SCRATCH; i++) {
+ MP_DIGITS(&scratch[i]) = 0;
+ }
+
+ ARGCHK(group != NULL, MP_BADARG);
+ ARGCHK((n != NULL) && (px != NULL) && (py != NULL), MP_BADARG);
+
+ /* initialize precomputation table */
+ MP_CHECKOK(mp_init(&tpx));
+ MP_CHECKOK(mp_init(&tpy));
+ ;
+ MP_CHECKOK(mp_init(&rz));
+ MP_CHECKOK(mp_init(&raz4));
+
+ for (i = 0; i < 16; i++) {
+ MP_CHECKOK(mp_init(&precomp[i][0]));
+ MP_CHECKOK(mp_init(&precomp[i][1]));
+ }
+ for (i = 0; i < MAX_SCRATCH; i++) {
+ MP_CHECKOK(mp_init(&scratch[i]));
+ }
+
+ /* Set out[8] = P */
+ MP_CHECKOK(mp_copy(px, &precomp[8][0]));
+ MP_CHECKOK(mp_copy(py, &precomp[8][1]));
+
+ /* Set (tpx, tpy) = 2P */
+ MP_CHECKOK(group->point_dbl(&precomp[8][0], &precomp[8][1], &tpx, &tpy,
+ group));
+
+ /* Set 3P, 5P, ..., 15P */
+ for (i = 8; i < 15; i++) {
+ MP_CHECKOK(group->point_add(&precomp[i][0], &precomp[i][1], &tpx, &tpy,
+ &precomp[i + 1][0], &precomp[i + 1][1],
+ group));
+ }
+
+ /* Set -15P, -13P, ..., -P */
+ for (i = 0; i < 8; i++) {
+ MP_CHECKOK(mp_copy(&precomp[15 - i][0], &precomp[i][0]));
+ MP_CHECKOK(group->meth->field_neg(&precomp[15 - i][1], &precomp[i][1],
+ group->meth));
+ }
+
+ /* R = inf */
+ MP_CHECKOK(ec_GFp_pt_set_inf_jac(rx, ry, &rz));
+
+ orderBitSize = mpl_significant_bits(&group->order);
+
+ /* Allocate memory for NAF */
+ naf = (signed char *)malloc(sizeof(signed char) * (orderBitSize + 1));
+ if (naf == NULL) {
+ res = MP_MEM;
+ goto CLEANUP;
+ }
+
+ /* Compute 5NAF */
+ ec_compute_wNAF(naf, orderBitSize, n, 5);
+
+ /* wNAF method */
+ for (i = orderBitSize; i >= 0; i--) {
+ /* R = 2R */
+ ec_GFp_pt_dbl_jm(rx, ry, &rz, &raz4, rx, ry, &rz,
+ &raz4, scratch, group);
+ if (naf[i] != 0) {
+ ec_GFp_pt_add_jm_aff(rx, ry, &rz, &raz4,
+ &precomp[(naf[i] + 15) / 2][0],
+ &precomp[(naf[i] + 15) / 2][1], rx, ry,
+ &rz, &raz4, scratch, group);
+ }
+ }
+
+ /* convert result S to affine coordinates */
+ MP_CHECKOK(ec_GFp_pt_jac2aff(rx, ry, &rz, rx, ry, group));
+
+CLEANUP:
+ for (i = 0; i < MAX_SCRATCH; i++) {
+ mp_clear(&scratch[i]);
+ }
+ for (i = 0; i < 16; i++) {
+ mp_clear(&precomp[i][0]);
+ mp_clear(&precomp[i][1]);
+ }
+ mp_clear(&tpx);
+ mp_clear(&tpy);
+ mp_clear(&rz);
+ mp_clear(&raz4);
+ free(naf);
+ return res;
+}
diff --git a/security/nss/lib/freebl/ecl/ecp_mont.c b/security/nss/lib/freebl/ecl/ecp_mont.c
new file mode 100644
index 000000000..779685b4d
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/ecp_mont.c
@@ -0,0 +1,154 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Uses Montgomery reduction for field arithmetic. See mpi/mpmontg.c for
+ * code implementation. */
+
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpi-priv.h"
+#include "ecl-priv.h"
+#include "ecp.h"
+#include <stdlib.h>
+#include <stdio.h>
+
+/* Construct a generic GFMethod for arithmetic over prime fields with
+ * irreducible irr. */
+GFMethod *
+GFMethod_consGFp_mont(const mp_int *irr)
+{
+ mp_err res = MP_OKAY;
+ GFMethod *meth = NULL;
+ mp_mont_modulus *mmm;
+
+ meth = GFMethod_consGFp(irr);
+ if (meth == NULL)
+ return NULL;
+
+ mmm = (mp_mont_modulus *)malloc(sizeof(mp_mont_modulus));
+ if (mmm == NULL) {
+ res = MP_MEM;
+ goto CLEANUP;
+ }
+
+ meth->field_mul = &ec_GFp_mul_mont;
+ meth->field_sqr = &ec_GFp_sqr_mont;
+ meth->field_div = &ec_GFp_div_mont;
+ meth->field_enc = &ec_GFp_enc_mont;
+ meth->field_dec = &ec_GFp_dec_mont;
+ meth->extra1 = mmm;
+ meth->extra2 = NULL;
+ meth->extra_free = &ec_GFp_extra_free_mont;
+
+ mmm->N = meth->irr;
+ mmm->n0prime = 0 - s_mp_invmod_radix(MP_DIGIT(&meth->irr, 0));
+
+CLEANUP:
+ if (res != MP_OKAY) {
+ GFMethod_free(meth);
+ return NULL;
+ }
+ return meth;
+}
+
+/* Wrapper functions for generic prime field arithmetic. */
+
+/* Field multiplication using Montgomery reduction. */
+mp_err
+ec_GFp_mul_mont(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+#ifdef MP_MONT_USE_MP_MUL
+ /* if MP_MONT_USE_MP_MUL is defined, then the function s_mp_mul_mont
+ * is not implemented and we have to use mp_mul and s_mp_redc directly
+ */
+ MP_CHECKOK(mp_mul(a, b, r));
+ MP_CHECKOK(s_mp_redc(r, (mp_mont_modulus *)meth->extra1));
+#else
+ mp_int s;
+
+ MP_DIGITS(&s) = 0;
+ /* s_mp_mul_mont doesn't allow source and destination to be the same */
+ if ((a == r) || (b == r)) {
+ MP_CHECKOK(mp_init(&s));
+ MP_CHECKOK(s_mp_mul_mont(a, b, &s, (mp_mont_modulus *)meth->extra1));
+ MP_CHECKOK(mp_copy(&s, r));
+ mp_clear(&s);
+ } else {
+ return s_mp_mul_mont(a, b, r, (mp_mont_modulus *)meth->extra1);
+ }
+#endif
+CLEANUP:
+ return res;
+}
+
+/* Field squaring using Montgomery reduction. */
+mp_err
+ec_GFp_sqr_mont(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ return ec_GFp_mul_mont(a, a, r, meth);
+}
+
+/* Field division using Montgomery reduction. */
+mp_err
+ec_GFp_div_mont(const mp_int *a, const mp_int *b, mp_int *r,
+ const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ /* if A=aZ represents a encoded in montgomery coordinates with Z and #
+ * and \ respectively represent multiplication and division in
+ * montgomery coordinates, then A\B = (a/b)Z = (A/B)Z and Binv =
+ * (1/b)Z = (1/B)(Z^2) where B # Binv = Z */
+ MP_CHECKOK(ec_GFp_div(a, b, r, meth));
+ MP_CHECKOK(ec_GFp_enc_mont(r, r, meth));
+ if (a == NULL) {
+ MP_CHECKOK(ec_GFp_enc_mont(r, r, meth));
+ }
+CLEANUP:
+ return res;
+}
+
+/* Encode a field element in Montgomery form. See s_mp_to_mont in
+ * mpi/mpmontg.c */
+mp_err
+ec_GFp_enc_mont(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_mont_modulus *mmm;
+ mp_err res = MP_OKAY;
+
+ mmm = (mp_mont_modulus *)meth->extra1;
+ MP_CHECKOK(mp_copy(a, r));
+ MP_CHECKOK(s_mp_lshd(r, MP_USED(&mmm->N)));
+ MP_CHECKOK(mp_mod(r, &mmm->N, r));
+CLEANUP:
+ return res;
+}
+
+/* Decode a field element from Montgomery form. */
+mp_err
+ec_GFp_dec_mont(const mp_int *a, mp_int *r, const GFMethod *meth)
+{
+ mp_err res = MP_OKAY;
+
+ if (a != r) {
+ MP_CHECKOK(mp_copy(a, r));
+ }
+ MP_CHECKOK(s_mp_redc(r, (mp_mont_modulus *)meth->extra1));
+CLEANUP:
+ return res;
+}
+
+/* Free the memory allocated to the extra fields of Montgomery GFMethod
+ * object. */
+void
+ec_GFp_extra_free_mont(GFMethod *meth)
+{
+ if (meth->extra1 != NULL) {
+ free(meth->extra1);
+ meth->extra1 = NULL;
+ }
+}
diff --git a/security/nss/lib/freebl/ecl/tests/ec_naft.c b/security/nss/lib/freebl/ecl/tests/ec_naft.c
new file mode 100644
index 000000000..61ef15c36
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/tests/ec_naft.c
@@ -0,0 +1,121 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+#include "mplogic.h"
+#include "ecl.h"
+#include "ecp.h"
+#include "ecl-priv.h"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <time.h>
+#include <sys/time.h>
+#include <sys/resource.h>
+
+/* Returns 2^e as an integer. This is meant to be used for small powers of
+ * two. */
+int ec_twoTo(int e);
+
+/* Number of bits of scalar to test */
+#define BITSIZE 160
+
+/* Time k repetitions of operation op. */
+#define M_TimeOperation(op, k) \
+ { \
+ double dStart, dNow, dUserTime; \
+ struct rusage ru; \
+ int i; \
+ getrusage(RUSAGE_SELF, &ru); \
+ dStart = (double)ru.ru_utime.tv_sec + (double)ru.ru_utime.tv_usec * 0.000001; \
+ for (i = 0; i < k; i++) { \
+ { \
+ op; \
+ } \
+ }; \
+ getrusage(RUSAGE_SELF, &ru); \
+ dNow = (double)ru.ru_utime.tv_sec + (double)ru.ru_utime.tv_usec * 0.000001; \
+ dUserTime = dNow - dStart; \
+ if (dUserTime) \
+ printf(" %-45s\n k: %6i, t: %6.2f sec\n", #op, k, dUserTime); \
+ }
+
+/* Tests wNAF computation. Non-adjacent-form is discussed in the paper: D.
+ * Hankerson, J. Hernandez and A. Menezes, "Software implementation of
+ * elliptic curve cryptography over binary fields", Proc. CHES 2000. */
+
+mp_err
+main(void)
+{
+ signed char naf[BITSIZE + 1];
+ ECGroup *group = NULL;
+ mp_int k;
+ mp_int *scalar;
+ int i, count;
+ int res;
+ int w = 5;
+ char s[1000];
+
+ /* Get a 160 bit scalar to compute wNAF from */
+ group = ECGroup_fromName(ECCurve_SECG_PRIME_160R1);
+ scalar = &group->genx;
+
+ /* Compute wNAF representation of scalar */
+ ec_compute_wNAF(naf, BITSIZE, scalar, w);
+
+ /* Verify correctness of representation */
+ mp_init(&k); /* init k to 0 */
+
+ for (i = BITSIZE; i >= 0; i--) {
+ mp_add(&k, &k, &k);
+ /* digits in mp_???_d are unsigned */
+ if (naf[i] >= 0) {
+ mp_add_d(&k, naf[i], &k);
+ } else {
+ mp_sub_d(&k, -naf[i], &k);
+ }
+ }
+
+ if (mp_cmp(&k, scalar) != 0) {
+ printf("Error: incorrect NAF value.\n");
+ MP_CHECKOK(mp_toradix(&k, s, 16));
+ printf("NAF value %s\n", s);
+ MP_CHECKOK(mp_toradix(scalar, s, 16));
+ printf("original value %s\n", s);
+ goto CLEANUP;
+ }
+
+ /* Verify digits of representation are valid */
+ for (i = 0; i <= BITSIZE; i++) {
+ if (naf[i] % 2 == 0 && naf[i] != 0) {
+ printf("Error: Even non-zero digit found.\n");
+ goto CLEANUP;
+ }
+ if (naf[i] < -(ec_twoTo(w - 1)) || naf[i] >= ec_twoTo(w - 1)) {
+ printf("Error: Magnitude of naf digit too large.\n");
+ goto CLEANUP;
+ }
+ }
+
+ /* Verify sparsity of representation */
+ count = w - 1;
+ for (i = 0; i <= BITSIZE; i++) {
+ if (naf[i] != 0) {
+ if (count < w - 1) {
+ printf("Error: Sparsity failed.\n");
+ goto CLEANUP;
+ }
+ count = 0;
+ } else
+ count++;
+ }
+
+ /* Check timing */
+ M_TimeOperation(ec_compute_wNAF(naf, BITSIZE, scalar, w), 10000);
+
+ printf("Test passed.\n");
+CLEANUP:
+ ECGroup_free(group);
+ return MP_OKAY;
+}
diff --git a/security/nss/lib/freebl/ecl/tests/ecp_test.c b/security/nss/lib/freebl/ecl/tests/ecp_test.c
new file mode 100644
index 000000000..dcec4d747
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/tests/ecp_test.c
@@ -0,0 +1,409 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpprime.h"
+#include "ecl.h"
+#include "ecl-curve.h"
+#include "ecp.h"
+#include <stdio.h>
+#include <strings.h>
+#include <assert.h>
+
+#include <time.h>
+#include <sys/time.h>
+#include <sys/resource.h>
+
+/* Time k repetitions of operation op. */
+#define M_TimeOperation(op, k) \
+ { \
+ double dStart, dNow, dUserTime; \
+ struct rusage ru; \
+ int i; \
+ getrusage(RUSAGE_SELF, &ru); \
+ dStart = (double)ru.ru_utime.tv_sec + (double)ru.ru_utime.tv_usec * 0.000001; \
+ for (i = 0; i < k; i++) { \
+ { \
+ op; \
+ } \
+ }; \
+ getrusage(RUSAGE_SELF, &ru); \
+ dNow = (double)ru.ru_utime.tv_sec + (double)ru.ru_utime.tv_usec * 0.000001; \
+ dUserTime = dNow - dStart; \
+ if (dUserTime) \
+ printf(" %-45s k: %6i, t: %6.2f sec\n", #op, k, dUserTime); \
+ }
+
+/* Test curve using generic field arithmetic. */
+#define ECTEST_GENERIC_GFP(name_c, name) \
+ printf("Testing %s using generic implementation...\n", name_c); \
+ params = EC_GetNamedCurveParams(name); \
+ if (params == NULL) { \
+ printf(" Error: could not construct params.\n"); \
+ res = MP_NO; \
+ goto CLEANUP; \
+ } \
+ ECGroup_free(group); \
+ group = ECGroup_fromHex(params); \
+ if (group == NULL) { \
+ printf(" Error: could not construct group.\n"); \
+ res = MP_NO; \
+ goto CLEANUP; \
+ } \
+ MP_CHECKOK(ectest_curve_GFp(group, ectestPrint, ectestTime, 1)); \
+ printf("... okay.\n");
+
+/* Test curve using specific field arithmetic. */
+#define ECTEST_NAMED_GFP(name_c, name) \
+ printf("Testing %s using specific implementation...\n", name_c); \
+ ECGroup_free(group); \
+ group = ECGroup_fromName(name); \
+ if (group == NULL) { \
+ printf(" Warning: could not construct group.\n"); \
+ printf("... failed; continuing with remaining tests.\n"); \
+ } else { \
+ MP_CHECKOK(ectest_curve_GFp(group, ectestPrint, ectestTime, 0)); \
+ printf("... okay.\n"); \
+ }
+
+/* Performs basic tests of elliptic curve cryptography over prime fields.
+ * If tests fail, then it prints an error message, aborts, and returns an
+ * error code. Otherwise, returns 0. */
+int
+ectest_curve_GFp(ECGroup *group, int ectestPrint, int ectestTime,
+ int generic)
+{
+
+ mp_int one, order_1, gx, gy, rx, ry, n;
+ int size;
+ mp_err res;
+ char s[1000];
+
+ /* initialize values */
+ MP_CHECKOK(mp_init(&one));
+ MP_CHECKOK(mp_init(&order_1));
+ MP_CHECKOK(mp_init(&gx));
+ MP_CHECKOK(mp_init(&gy));
+ MP_CHECKOK(mp_init(&rx));
+ MP_CHECKOK(mp_init(&ry));
+ MP_CHECKOK(mp_init(&n));
+
+ MP_CHECKOK(mp_set_int(&one, 1));
+ MP_CHECKOK(mp_sub(&group->order, &one, &order_1));
+
+ /* encode base point */
+ if (group->meth->field_dec) {
+ MP_CHECKOK(group->meth->field_dec(&group->genx, &gx, group->meth));
+ MP_CHECKOK(group->meth->field_dec(&group->geny, &gy, group->meth));
+ } else {
+ MP_CHECKOK(mp_copy(&group->genx, &gx));
+ MP_CHECKOK(mp_copy(&group->geny, &gy));
+ }
+ if (ectestPrint) {
+ /* output base point */
+ printf(" base point P:\n");
+ MP_CHECKOK(mp_toradix(&gx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&gy, s, 16));
+ printf(" %s\n", s);
+ if (group->meth->field_enc) {
+ printf(" base point P (encoded):\n");
+ MP_CHECKOK(mp_toradix(&group->genx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&group->geny, s, 16));
+ printf(" %s\n", s);
+ }
+ }
+
+#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
+ /* multiply base point by order - 1 and check for negative of base
+ * point */
+ MP_CHECKOK(ec_GFp_pt_mul_aff(&order_1, &group->genx, &group->geny, &rx, &ry, group));
+ if (ectestPrint) {
+ printf(" (order-1)*P (affine):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ MP_CHECKOK(group->meth->field_neg(&ry, &ry, group->meth));
+ if ((mp_cmp(&rx, &group->genx) != 0) || (mp_cmp(&ry, &group->geny) != 0)) {
+ printf(" Error: invalid result (expected (- base point)).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+#endif
+
+#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
+ /* multiply base point by order - 1 and check for negative of base
+ * point */
+ MP_CHECKOK(ec_GFp_pt_mul_jac(&order_1, &group->genx, &group->geny, &rx, &ry, group));
+ if (ectestPrint) {
+ printf(" (order-1)*P (jacobian):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ MP_CHECKOK(group->meth->field_neg(&ry, &ry, group->meth));
+ if ((mp_cmp(&rx, &group->genx) != 0) || (mp_cmp(&ry, &group->geny) != 0)) {
+ printf(" Error: invalid result (expected (- base point)).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+#endif
+
+ /* multiply base point by order - 1 and check for negative of base
+ * point */
+ MP_CHECKOK(ECPoint_mul(group, &order_1, NULL, NULL, &rx, &ry));
+ if (ectestPrint) {
+ printf(" (order-1)*P (ECPoint_mul):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ MP_CHECKOK(mp_submod(&group->meth->irr, &ry, &group->meth->irr, &ry));
+ if ((mp_cmp(&rx, &gx) != 0) || (mp_cmp(&ry, &gy) != 0)) {
+ printf(" Error: invalid result (expected (- base point)).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ /* multiply base point by order - 1 and check for negative of base
+ * point */
+ MP_CHECKOK(ECPoint_mul(group, &order_1, &gx, &gy, &rx, &ry));
+ if (ectestPrint) {
+ printf(" (order-1)*P (ECPoint_mul):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ MP_CHECKOK(mp_submod(&group->meth->irr, &ry, &group->meth->irr, &ry));
+ if ((mp_cmp(&rx, &gx) != 0) || (mp_cmp(&ry, &gy) != 0)) {
+ printf(" Error: invalid result (expected (- base point)).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
+ /* multiply base point by order and check for point at infinity */
+ MP_CHECKOK(ec_GFp_pt_mul_aff(&group->order, &group->genx, &group->geny, &rx, &ry,
+ group));
+ if (ectestPrint) {
+ printf(" (order)*P (affine):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ if (ec_GFp_pt_is_inf_aff(&rx, &ry) != MP_YES) {
+ printf(" Error: invalid result (expected point at infinity).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+#endif
+
+#ifdef ECL_ENABLE_GFP_PT_MUL_JAC
+ /* multiply base point by order and check for point at infinity */
+ MP_CHECKOK(ec_GFp_pt_mul_jac(&group->order, &group->genx, &group->geny, &rx, &ry,
+ group));
+ if (ectestPrint) {
+ printf(" (order)*P (jacobian):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ if (ec_GFp_pt_is_inf_aff(&rx, &ry) != MP_YES) {
+ printf(" Error: invalid result (expected point at infinity).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+#endif
+
+ /* multiply base point by order and check for point at infinity */
+ MP_CHECKOK(ECPoint_mul(group, &group->order, NULL, NULL, &rx, &ry));
+ if (ectestPrint) {
+ printf(" (order)*P (ECPoint_mul):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ if (ec_GFp_pt_is_inf_aff(&rx, &ry) != MP_YES) {
+ printf(" Error: invalid result (expected point at infinity).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ /* multiply base point by order and check for point at infinity */
+ MP_CHECKOK(ECPoint_mul(group, &group->order, &gx, &gy, &rx, &ry));
+ if (ectestPrint) {
+ printf(" (order)*P (ECPoint_mul):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ if (ec_GFp_pt_is_inf_aff(&rx, &ry) != MP_YES) {
+ printf(" Error: invalid result (expected point at infinity).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ /* check that (order-1)P + (order-1)P + P == (order-1)P */
+ MP_CHECKOK(ECPoints_mul(group, &order_1, &order_1, &gx, &gy, &rx, &ry));
+ MP_CHECKOK(ECPoints_mul(group, &one, &one, &rx, &ry, &rx, &ry));
+ if (ectestPrint) {
+ printf(" (order-1)*P + (order-1)*P + P == (order-1)*P (ECPoints_mul):\n");
+ MP_CHECKOK(mp_toradix(&rx, s, 16));
+ printf(" %s\n", s);
+ MP_CHECKOK(mp_toradix(&ry, s, 16));
+ printf(" %s\n", s);
+ }
+ MP_CHECKOK(mp_submod(&group->meth->irr, &ry, &group->meth->irr, &ry));
+ if ((mp_cmp(&rx, &gx) != 0) || (mp_cmp(&ry, &gy) != 0)) {
+ printf(" Error: invalid result (expected (- base point)).\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ /* test validate_point function */
+ if (ECPoint_validate(group, &gx, &gy) != MP_YES) {
+ printf(" Error: validate point on base point failed.\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+ MP_CHECKOK(mp_add_d(&gy, 1, &ry));
+ if (ECPoint_validate(group, &gx, &ry) != MP_NO) {
+ printf(" Error: validate point on invalid point passed.\n");
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ if (ectestTime) {
+ /* compute random scalar */
+ size = mpl_significant_bits(&group->meth->irr);
+ if (size < MP_OKAY) {
+ goto CLEANUP;
+ }
+ MP_CHECKOK(mpp_random_size(&n, (size + ECL_BITS - 1) / ECL_BITS));
+ MP_CHECKOK(group->meth->field_mod(&n, &n, group->meth));
+ /* timed test */
+ if (generic) {
+#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
+ M_TimeOperation(MP_CHECKOK(ec_GFp_pt_mul_aff(&n, &group->genx, &group->geny, &rx, &ry,
+ group)),
+ 100);
+#endif
+ M_TimeOperation(MP_CHECKOK(ECPoint_mul(group, &n, NULL, NULL, &rx, &ry)),
+ 100);
+ M_TimeOperation(MP_CHECKOK(ECPoints_mul(group, &n, &n, &gx, &gy, &rx, &ry)), 100);
+ } else {
+ M_TimeOperation(MP_CHECKOK(ECPoint_mul(group, &n, NULL, NULL, &rx, &ry)),
+ 100);
+ M_TimeOperation(MP_CHECKOK(ECPoint_mul(group, &n, &gx, &gy, &rx, &ry)),
+ 100);
+ M_TimeOperation(MP_CHECKOK(ECPoints_mul(group, &n, &n, &gx, &gy, &rx, &ry)), 100);
+ }
+ }
+
+CLEANUP:
+ mp_clear(&one);
+ mp_clear(&order_1);
+ mp_clear(&gx);
+ mp_clear(&gy);
+ mp_clear(&rx);
+ mp_clear(&ry);
+ mp_clear(&n);
+ if (res != MP_OKAY) {
+ printf(" Error: exiting with error value %i\n", res);
+ }
+ return res;
+}
+
+/* Prints help information. */
+void
+printUsage()
+{
+ printf("Usage: ecp_test [--print] [--time]\n");
+ printf(" --print Print out results of each point arithmetic test.\n");
+ printf(" --time Benchmark point operations and print results.\n");
+}
+
+/* Performs tests of elliptic curve cryptography over prime fields If
+ * tests fail, then it prints an error message, aborts, and returns an
+ * error code. Otherwise, returns 0. */
+int
+main(int argv, char **argc)
+{
+
+ int ectestTime = 0;
+ int ectestPrint = 0;
+ int i;
+ ECGroup *group = NULL;
+ ECCurveParams *params = NULL;
+ mp_err res;
+
+ /* read command-line arguments */
+ for (i = 1; i < argv; i++) {
+ if ((strcasecmp(argc[i], "time") == 0) || (strcasecmp(argc[i], "-time") == 0) || (strcasecmp(argc[i], "--time") == 0)) {
+ ectestTime = 1;
+ } else if ((strcasecmp(argc[i], "print") == 0) || (strcasecmp(argc[i], "-print") == 0) || (strcasecmp(argc[i], "--print") == 0)) {
+ ectestPrint = 1;
+ } else {
+ printUsage();
+ return 0;
+ }
+ }
+
+ /* generic arithmetic tests */
+ ECTEST_GENERIC_GFP("SECP-160R1", ECCurve_SECG_PRIME_160R1);
+
+ /* specific arithmetic tests */
+ ECTEST_NAMED_GFP("NIST-P192", ECCurve_NIST_P192);
+ ECTEST_NAMED_GFP("NIST-P224", ECCurve_NIST_P224);
+ ECTEST_NAMED_GFP("NIST-P256", ECCurve_NIST_P256);
+ ECTEST_NAMED_GFP("NIST-P384", ECCurve_NIST_P384);
+ ECTEST_NAMED_GFP("NIST-P521", ECCurve_NIST_P521);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME192v1", ECCurve_X9_62_PRIME_192V1);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME192v2", ECCurve_X9_62_PRIME_192V2);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME192v3", ECCurve_X9_62_PRIME_192V3);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME239v1", ECCurve_X9_62_PRIME_239V1);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME239v2", ECCurve_X9_62_PRIME_239V2);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME239v3", ECCurve_X9_62_PRIME_239V3);
+ ECTEST_NAMED_GFP("ANSI X9.62 PRIME256v1", ECCurve_X9_62_PRIME_256V1);
+ ECTEST_NAMED_GFP("SECP-112R1", ECCurve_SECG_PRIME_112R1);
+ ECTEST_NAMED_GFP("SECP-112R2", ECCurve_SECG_PRIME_112R2);
+ ECTEST_NAMED_GFP("SECP-128R1", ECCurve_SECG_PRIME_128R1);
+ ECTEST_NAMED_GFP("SECP-128R2", ECCurve_SECG_PRIME_128R2);
+ ECTEST_NAMED_GFP("SECP-160K1", ECCurve_SECG_PRIME_160K1);
+ ECTEST_NAMED_GFP("SECP-160R1", ECCurve_SECG_PRIME_160R1);
+ ECTEST_NAMED_GFP("SECP-160R2", ECCurve_SECG_PRIME_160R2);
+ ECTEST_NAMED_GFP("SECP-192K1", ECCurve_SECG_PRIME_192K1);
+ ECTEST_NAMED_GFP("SECP-192R1", ECCurve_SECG_PRIME_192R1);
+ ECTEST_NAMED_GFP("SECP-224K1", ECCurve_SECG_PRIME_224K1);
+ ECTEST_NAMED_GFP("SECP-224R1", ECCurve_SECG_PRIME_224R1);
+ ECTEST_NAMED_GFP("SECP-256K1", ECCurve_SECG_PRIME_256K1);
+ ECTEST_NAMED_GFP("SECP-256R1", ECCurve_SECG_PRIME_256R1);
+ ECTEST_NAMED_GFP("SECP-384R1", ECCurve_SECG_PRIME_384R1);
+ ECTEST_NAMED_GFP("SECP-521R1", ECCurve_SECG_PRIME_521R1);
+ ECTEST_NAMED_GFP("WTLS-6 (112)", ECCurve_WTLS_6);
+ ECTEST_NAMED_GFP("WTLS-7 (160)", ECCurve_WTLS_7);
+ ECTEST_NAMED_GFP("WTLS-8 (112)", ECCurve_WTLS_8);
+ ECTEST_NAMED_GFP("WTLS-9 (160)", ECCurve_WTLS_9);
+ ECTEST_NAMED_GFP("WTLS-12 (224)", ECCurve_WTLS_12);
+ ECTEST_NAMED_GFP("Curve25519", ECCurve25519);
+
+CLEANUP:
+ EC_FreeCurveParams(params);
+ ECGroup_free(group);
+ if (res != MP_OKAY) {
+ printf("Error: exiting with error value %i\n", res);
+ }
+ return res;
+}
diff --git a/security/nss/lib/freebl/ecl/uint128.c b/security/nss/lib/freebl/ecl/uint128.c
new file mode 100644
index 000000000..22cbd023c
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/uint128.c
@@ -0,0 +1,87 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "uint128.h"
+
+/* helper functions */
+uint64_t
+mask51(uint128_t x)
+{
+ return x.lo & MASK51;
+}
+
+uint64_t
+mask_lower(uint128_t x)
+{
+ return x.lo;
+}
+
+uint128_t
+mask51full(uint128_t x)
+{
+ uint128_t ret = { x.lo & MASK51, 0 };
+ return ret;
+}
+
+uint128_t
+init128x(uint64_t x)
+{
+ uint128_t ret = { x, 0 };
+ return ret;
+}
+
+/* arithmetic */
+
+uint128_t
+add128(uint128_t a, uint128_t b)
+{
+ uint128_t ret;
+ ret.lo = a.lo + b.lo;
+ ret.hi = a.hi + b.hi + (ret.lo < b.lo);
+ return ret;
+}
+
+/* out = 19 * a */
+uint128_t
+mul12819(uint128_t a)
+{
+ uint128_t ret = lshift128(a, 4);
+ ret = add128(ret, a);
+ ret = add128(ret, a);
+ ret = add128(ret, a);
+ return ret;
+}
+
+uint128_t
+mul6464(uint64_t a, uint64_t b)
+{
+ uint128_t ret;
+ uint64_t t0 = ((uint64_t)(uint32_t)a) * ((uint64_t)(uint32_t)b);
+ uint64_t t1 = (a >> 32) * ((uint64_t)(uint32_t)b) + (t0 >> 32);
+ uint64_t t2 = (b >> 32) * ((uint64_t)(uint32_t)a) + ((uint32_t)t1);
+ ret.lo = (((uint64_t)((uint32_t)t2)) << 32) + ((uint32_t)t0);
+ ret.hi = (a >> 32) * (b >> 32);
+ ret.hi += (t2 >> 32) + (t1 >> 32);
+ return ret;
+}
+
+/* only defined for n < 64 */
+uint128_t
+rshift128(uint128_t x, uint8_t n)
+{
+ uint128_t ret;
+ ret.lo = (x.lo >> n) + (x.hi << (64 - n));
+ ret.hi = x.hi >> n;
+ return ret;
+}
+
+/* only defined for n < 64 */
+uint128_t
+lshift128(uint128_t x, uint8_t n)
+{
+ uint128_t ret;
+ ret.hi = (x.hi << n) + (x.lo >> (64 - n));
+ ret.lo = x.lo << n;
+ return ret;
+}
diff --git a/security/nss/lib/freebl/ecl/uint128.h b/security/nss/lib/freebl/ecl/uint128.h
new file mode 100644
index 000000000..a3a71e6e7
--- /dev/null
+++ b/security/nss/lib/freebl/ecl/uint128.h
@@ -0,0 +1,35 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdint.h>
+
+#define MASK51 0x7ffffffffffffULL
+
+#ifdef HAVE_INT128_SUPPORT
+typedef unsigned __int128 uint128_t;
+#define add128(a, b) (a) + (b)
+#define mul6464(a, b) (uint128_t)(a) * (uint128_t)(b)
+#define mul12819(a) (uint128_t)(a) * 19
+#define rshift128(x, n) (x) >> (n)
+#define lshift128(x, n) (x) << (n)
+#define mask51(x) (x) & 0x7ffffffffffff
+#define mask_lower(x) (uint64_t)(x)
+#define mask51full(x) (x) & 0x7ffffffffffff
+#define init128x(x) (x)
+#else /* uint128_t for Windows and 32 bit intel systems */
+struct uint128_t_str {
+ uint64_t lo;
+ uint64_t hi;
+};
+typedef struct uint128_t_str uint128_t;
+uint128_t add128(uint128_t a, uint128_t b);
+uint128_t mul6464(uint64_t a, uint64_t b);
+uint128_t mul12819(uint128_t a);
+uint128_t rshift128(uint128_t x, uint8_t n);
+uint128_t lshift128(uint128_t x, uint8_t n);
+uint64_t mask51(uint128_t x);
+uint64_t mask_lower(uint128_t x);
+uint128_t mask51full(uint128_t x);
+uint128_t init128x(uint64_t x);
+#endif
diff --git a/security/nss/lib/freebl/exports.gyp b/security/nss/lib/freebl/exports.gyp
new file mode 100644
index 000000000..ef81685b0
--- /dev/null
+++ b/security/nss/lib/freebl/exports.gyp
@@ -0,0 +1,48 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_freebl_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'blapit.h',
+ 'ecl/ecl-exp.h',
+ 'shsign.h'
+ ],
+ 'conditions': [
+ [ 'OS=="linux"', {
+ 'files': [
+ 'nsslowhash.h',
+ ],
+ }],
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'alghmac.h',
+ 'blapi.h',
+ 'chacha20poly1305.h',
+ 'ec.h',
+ 'ecl/ecl-curve.h',
+ 'ecl/ecl.h',
+ 'hmacct.h',
+ 'secmpi.h',
+ 'secrng.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/freebl/fipsfreebl.c b/security/nss/lib/freebl/fipsfreebl.c
new file mode 100644
index 000000000..b3ae6865b
--- /dev/null
+++ b/security/nss/lib/freebl/fipsfreebl.c
@@ -0,0 +1,1715 @@
+/*
+ * PKCS #11 FIPS Power-Up Self Test.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* $Id: fipstest.c,v 1.31 2012/06/28 17:55:06 rrelyea%redhat.com Exp $ */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "seccomon.h" /* Required for RSA and DSA. */
+#include "secerr.h"
+#include "prtypes.h"
+
+#ifdef NSS_ENABLE_ECC
+#include "ec.h" /* Required for ECDSA */
+#endif
+
+/*
+ * different platforms have different ways of calling and initial entry point
+ * when the dll/.so is loaded. Most platforms support either a posix pragma
+ * or the GCC attribute. Some platforms suppor a pre-defined name, and some
+ * platforms have a link line way of invoking this function.
+ */
+
+/* The pragma */
+#if defined(USE_INIT_PRAGMA)
+#pragma init(bl_startup_tests)
+#endif
+
+/* GCC Attribute */
+#if defined(__GNUC__) && !defined(NSS_NO_INIT_SUPPORT)
+#define INIT_FUNCTION __attribute__((constructor))
+#else
+#define INIT_FUNCTION
+#endif
+
+static void INIT_FUNCTION bl_startup_tests(void);
+
+/* Windows pre-defined entry */
+#if defined(XP_WIN) && !defined(NSS_NO_INIT_SUPPORT)
+#include <windows.h>
+
+BOOL WINAPI DllMain(
+ HINSTANCE hinstDLL, // handle to DLL module
+ DWORD fdwReason, // reason for calling function
+ LPVOID lpReserved) // reserved
+{
+ // Perform actions based on the reason for calling.
+ switch (fdwReason) {
+ case DLL_PROCESS_ATTACH:
+ // Initialize once for each new process.
+ // Return FALSE to fail DLL load.
+ bl_startup_tests();
+ break;
+
+ case DLL_THREAD_ATTACH:
+ // Do thread-specific initialization.
+ break;
+
+ case DLL_THREAD_DETACH:
+ // Do thread-specific cleanup.
+ break;
+
+ case DLL_PROCESS_DETACH:
+ // Perform any necessary cleanup.
+ break;
+ }
+ return TRUE; // Successful DLL_PROCESS_ATTACH.
+}
+#endif
+
+/* insert other platform dependent init entry points here, or modify
+ * the linker line */
+
+/* FIPS preprocessor directives for RC2-ECB and RC2-CBC. */
+#define FIPS_RC2_KEY_LENGTH 5 /* 40-bits */
+#define FIPS_RC2_ENCRYPT_LENGTH 8 /* 64-bits */
+#define FIPS_RC2_DECRYPT_LENGTH 8 /* 64-bits */
+
+/* FIPS preprocessor directives for RC4. */
+#define FIPS_RC4_KEY_LENGTH 5 /* 40-bits */
+#define FIPS_RC4_ENCRYPT_LENGTH 8 /* 64-bits */
+#define FIPS_RC4_DECRYPT_LENGTH 8 /* 64-bits */
+
+/* FIPS preprocessor directives for DES-ECB and DES-CBC. */
+#define FIPS_DES_ENCRYPT_LENGTH 8 /* 64-bits */
+#define FIPS_DES_DECRYPT_LENGTH 8 /* 64-bits */
+
+/* FIPS preprocessor directives for DES3-CBC and DES3-ECB. */
+#define FIPS_DES3_ENCRYPT_LENGTH 8 /* 64-bits */
+#define FIPS_DES3_DECRYPT_LENGTH 8 /* 64-bits */
+
+/* FIPS preprocessor directives for AES-ECB and AES-CBC. */
+#define FIPS_AES_BLOCK_SIZE 16 /* 128-bits */
+#define FIPS_AES_ENCRYPT_LENGTH 16 /* 128-bits */
+#define FIPS_AES_DECRYPT_LENGTH 16 /* 128-bits */
+#define FIPS_AES_128_KEY_SIZE 16 /* 128-bits */
+#define FIPS_AES_192_KEY_SIZE 24 /* 192-bits */
+#define FIPS_AES_256_KEY_SIZE 32 /* 256-bits */
+
+/* FIPS preprocessor directives for message digests */
+#define FIPS_KNOWN_HASH_MESSAGE_LENGTH 64 /* 512-bits */
+
+/* FIPS preprocessor directives for RSA. */
+#define FIPS_RSA_TYPE siBuffer
+#define FIPS_RSA_PUBLIC_EXPONENT_LENGTH 3 /* 24-bits */
+#define FIPS_RSA_PRIVATE_VERSION_LENGTH 1 /* 8-bits */
+#define FIPS_RSA_MESSAGE_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_COEFFICIENT_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_PRIME0_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_PRIME1_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_EXPONENT0_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_EXPONENT1_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_PRIVATE_EXPONENT_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_ENCRYPT_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_DECRYPT_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_SIGNATURE_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_MODULUS_LENGTH 256 /* 2048-bits */
+
+/* FIPS preprocessor directives for DSA. */
+#define FIPS_DSA_TYPE siBuffer
+#define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
+#define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
+#define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
+#define FIPS_DSA_PRIME_LENGTH 128 /* 1024-bits */
+#define FIPS_DSA_BASE_LENGTH 128 /* 1024-bits */
+
+/* FIPS preprocessor directives for RNG. */
+#define FIPS_RNG_XKEY_LENGTH 32 /* 256-bits */
+
+static SECStatus
+freebl_fips_DES3_PowerUpSelfTest(void)
+{
+ /* DES3 Known Key (56-bits). */
+ static const PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
+
+ /* DES3-CBC Known Initialization Vector (64-bits). */
+ static const PRUint8 des3_cbc_known_initialization_vector[] = { "Security" };
+
+ /* DES3 Known Plaintext (64-bits). */
+ static const PRUint8 des3_ecb_known_plaintext[] = { "Netscape" };
+ static const PRUint8 des3_cbc_known_plaintext[] = { "Netscape" };
+
+ /* DES3 Known Ciphertext (64-bits). */
+ static const PRUint8 des3_ecb_known_ciphertext[] = {
+ 0x55, 0x8e, 0xad, 0x3c, 0xee, 0x49, 0x69, 0xbe
+ };
+ static const PRUint8 des3_cbc_known_ciphertext[] = {
+ 0x43, 0xdc, 0x6a, 0xc1, 0xaf, 0xa6, 0x32, 0xf5
+ };
+
+ /* DES3 variables. */
+ PRUint8 des3_computed_ciphertext[FIPS_DES3_ENCRYPT_LENGTH];
+ PRUint8 des3_computed_plaintext[FIPS_DES3_DECRYPT_LENGTH];
+ DESContext *des3_context;
+ unsigned int des3_bytes_encrypted;
+ unsigned int des3_bytes_decrypted;
+ SECStatus des3_status;
+
+ /*******************************************************/
+ /* DES3-ECB Single-Round Known Answer Encryption Test. */
+ /*******************************************************/
+
+ des3_context = DES_CreateContext(des3_known_key, NULL,
+ NSS_DES_EDE3, PR_TRUE);
+
+ if (des3_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ des3_status = DES_Encrypt(des3_context, des3_computed_ciphertext,
+ &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
+ des3_ecb_known_plaintext,
+ FIPS_DES3_DECRYPT_LENGTH);
+
+ DES_DestroyContext(des3_context, PR_TRUE);
+
+ if ((des3_status != SECSuccess) ||
+ (des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH) ||
+ (PORT_Memcmp(des3_computed_ciphertext, des3_ecb_known_ciphertext,
+ FIPS_DES3_ENCRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /*******************************************************/
+ /* DES3-ECB Single-Round Known Answer Decryption Test. */
+ /*******************************************************/
+
+ des3_context = DES_CreateContext(des3_known_key, NULL,
+ NSS_DES_EDE3, PR_FALSE);
+
+ if (des3_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ des3_status = DES_Decrypt(des3_context, des3_computed_plaintext,
+ &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
+ des3_ecb_known_ciphertext,
+ FIPS_DES3_ENCRYPT_LENGTH);
+
+ DES_DestroyContext(des3_context, PR_TRUE);
+
+ if ((des3_status != SECSuccess) ||
+ (des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH) ||
+ (PORT_Memcmp(des3_computed_plaintext, des3_ecb_known_plaintext,
+ FIPS_DES3_DECRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /*******************************************************/
+ /* DES3-CBC Single-Round Known Answer Encryption Test. */
+ /*******************************************************/
+
+ des3_context = DES_CreateContext(des3_known_key,
+ des3_cbc_known_initialization_vector,
+ NSS_DES_EDE3_CBC, PR_TRUE);
+
+ if (des3_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ des3_status = DES_Encrypt(des3_context, des3_computed_ciphertext,
+ &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
+ des3_cbc_known_plaintext,
+ FIPS_DES3_DECRYPT_LENGTH);
+
+ DES_DestroyContext(des3_context, PR_TRUE);
+
+ if ((des3_status != SECSuccess) ||
+ (des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH) ||
+ (PORT_Memcmp(des3_computed_ciphertext, des3_cbc_known_ciphertext,
+ FIPS_DES3_ENCRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /*******************************************************/
+ /* DES3-CBC Single-Round Known Answer Decryption Test. */
+ /*******************************************************/
+
+ des3_context = DES_CreateContext(des3_known_key,
+ des3_cbc_known_initialization_vector,
+ NSS_DES_EDE3_CBC, PR_FALSE);
+
+ if (des3_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ des3_status = DES_Decrypt(des3_context, des3_computed_plaintext,
+ &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
+ des3_cbc_known_ciphertext,
+ FIPS_DES3_ENCRYPT_LENGTH);
+
+ DES_DestroyContext(des3_context, PR_TRUE);
+
+ if ((des3_status != SECSuccess) ||
+ (des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH) ||
+ (PORT_Memcmp(des3_computed_plaintext, des3_cbc_known_plaintext,
+ FIPS_DES3_DECRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+/* AES self-test for 128-bit, 192-bit, or 256-bit key sizes*/
+static SECStatus
+freebl_fips_AES_PowerUpSelfTest(int aes_key_size)
+{
+ /* AES Known Key (up to 256-bits). */
+ static const PRUint8 aes_known_key[] =
+ { "AES-128 RIJNDAELLEADNJIR 821-SEA" };
+
+ /* AES-CBC Known Initialization Vector (128-bits). */
+ static const PRUint8 aes_cbc_known_initialization_vector[] =
+ { "SecurityytiruceS" };
+
+ /* AES Known Plaintext (128-bits). (blocksize is 128-bits) */
+ static const PRUint8 aes_known_plaintext[] = { "NetscapeepacsteN" };
+
+ /* AES Known Ciphertext (128-bit key). */
+ static const PRUint8 aes_ecb128_known_ciphertext[] = {
+ 0x3c, 0xa5, 0x96, 0xf3, 0x34, 0x6a, 0x96, 0xc1,
+ 0x03, 0x88, 0x16, 0x7b, 0x20, 0xbf, 0x35, 0x47
+ };
+
+ static const PRUint8 aes_cbc128_known_ciphertext[] = {
+ 0xcf, 0x15, 0x1d, 0x4f, 0x96, 0xe4, 0x4f, 0x63,
+ 0x15, 0x54, 0x14, 0x1d, 0x4e, 0xd8, 0xd5, 0xea
+ };
+
+ /* AES Known Ciphertext (192-bit key). */
+ static const PRUint8 aes_ecb192_known_ciphertext[] = {
+ 0xa0, 0x18, 0x62, 0xed, 0x88, 0x19, 0xcb, 0x62,
+ 0x88, 0x1d, 0x4d, 0xfe, 0x84, 0x02, 0x89, 0x0e
+ };
+
+ static const PRUint8 aes_cbc192_known_ciphertext[] = {
+ 0x83, 0xf7, 0xa4, 0x76, 0xd1, 0x6f, 0x07, 0xbe,
+ 0x07, 0xbc, 0x43, 0x2f, 0x6d, 0xad, 0x29, 0xe1
+ };
+
+ /* AES Known Ciphertext (256-bit key). */
+ static const PRUint8 aes_ecb256_known_ciphertext[] = {
+ 0xdb, 0xa6, 0x52, 0x01, 0x8a, 0x70, 0xae, 0x66,
+ 0x3a, 0x99, 0xd8, 0x95, 0x7f, 0xfb, 0x01, 0x67
+ };
+
+ static const PRUint8 aes_cbc256_known_ciphertext[] = {
+ 0x37, 0xea, 0x07, 0x06, 0x31, 0x1c, 0x59, 0x27,
+ 0xc5, 0xc5, 0x68, 0x71, 0x6e, 0x34, 0x40, 0x16
+ };
+
+ const PRUint8 *aes_ecb_known_ciphertext =
+ (aes_key_size == FIPS_AES_128_KEY_SIZE) ? aes_ecb128_known_ciphertext : (aes_key_size == FIPS_AES_192_KEY_SIZE) ? aes_ecb192_known_ciphertext : aes_ecb256_known_ciphertext;
+
+ const PRUint8 *aes_cbc_known_ciphertext =
+ (aes_key_size == FIPS_AES_128_KEY_SIZE) ? aes_cbc128_known_ciphertext : (aes_key_size == FIPS_AES_192_KEY_SIZE) ? aes_cbc192_known_ciphertext : aes_cbc256_known_ciphertext;
+
+ /* AES variables. */
+ PRUint8 aes_computed_ciphertext[FIPS_AES_ENCRYPT_LENGTH];
+ PRUint8 aes_computed_plaintext[FIPS_AES_DECRYPT_LENGTH];
+ AESContext *aes_context;
+ unsigned int aes_bytes_encrypted;
+ unsigned int aes_bytes_decrypted;
+ SECStatus aes_status;
+
+ /*check if aes_key_size is 128, 192, or 256 bits */
+ if ((aes_key_size != FIPS_AES_128_KEY_SIZE) &&
+ (aes_key_size != FIPS_AES_192_KEY_SIZE) &&
+ (aes_key_size != FIPS_AES_256_KEY_SIZE)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /******************************************************/
+ /* AES-ECB Single-Round Known Answer Encryption Test: */
+ /******************************************************/
+
+ aes_context = AES_CreateContext(aes_known_key, NULL, NSS_AES, PR_TRUE,
+ aes_key_size, FIPS_AES_BLOCK_SIZE);
+
+ if (aes_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ aes_status = AES_Encrypt(aes_context, aes_computed_ciphertext,
+ &aes_bytes_encrypted, FIPS_AES_ENCRYPT_LENGTH,
+ aes_known_plaintext,
+ FIPS_AES_DECRYPT_LENGTH);
+
+ AES_DestroyContext(aes_context, PR_TRUE);
+
+ if ((aes_status != SECSuccess) ||
+ (aes_bytes_encrypted != FIPS_AES_ENCRYPT_LENGTH) ||
+ (PORT_Memcmp(aes_computed_ciphertext, aes_ecb_known_ciphertext,
+ FIPS_AES_ENCRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /******************************************************/
+ /* AES-ECB Single-Round Known Answer Decryption Test: */
+ /******************************************************/
+
+ aes_context = AES_CreateContext(aes_known_key, NULL, NSS_AES, PR_FALSE,
+ aes_key_size, FIPS_AES_BLOCK_SIZE);
+
+ if (aes_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ aes_status = AES_Decrypt(aes_context, aes_computed_plaintext,
+ &aes_bytes_decrypted, FIPS_AES_DECRYPT_LENGTH,
+ aes_ecb_known_ciphertext,
+ FIPS_AES_ENCRYPT_LENGTH);
+
+ AES_DestroyContext(aes_context, PR_TRUE);
+
+ if ((aes_status != SECSuccess) ||
+ (aes_bytes_decrypted != FIPS_AES_DECRYPT_LENGTH) ||
+ (PORT_Memcmp(aes_computed_plaintext, aes_known_plaintext,
+ FIPS_AES_DECRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /******************************************************/
+ /* AES-CBC Single-Round Known Answer Encryption Test. */
+ /******************************************************/
+
+ aes_context = AES_CreateContext(aes_known_key,
+ aes_cbc_known_initialization_vector,
+ NSS_AES_CBC, PR_TRUE, aes_key_size,
+ FIPS_AES_BLOCK_SIZE);
+
+ if (aes_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ aes_status = AES_Encrypt(aes_context, aes_computed_ciphertext,
+ &aes_bytes_encrypted, FIPS_AES_ENCRYPT_LENGTH,
+ aes_known_plaintext,
+ FIPS_AES_DECRYPT_LENGTH);
+
+ AES_DestroyContext(aes_context, PR_TRUE);
+
+ if ((aes_status != SECSuccess) ||
+ (aes_bytes_encrypted != FIPS_AES_ENCRYPT_LENGTH) ||
+ (PORT_Memcmp(aes_computed_ciphertext, aes_cbc_known_ciphertext,
+ FIPS_AES_ENCRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /******************************************************/
+ /* AES-CBC Single-Round Known Answer Decryption Test. */
+ /******************************************************/
+
+ aes_context = AES_CreateContext(aes_known_key,
+ aes_cbc_known_initialization_vector,
+ NSS_AES_CBC, PR_FALSE, aes_key_size,
+ FIPS_AES_BLOCK_SIZE);
+
+ if (aes_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ aes_status = AES_Decrypt(aes_context, aes_computed_plaintext,
+ &aes_bytes_decrypted, FIPS_AES_DECRYPT_LENGTH,
+ aes_cbc_known_ciphertext,
+ FIPS_AES_ENCRYPT_LENGTH);
+
+ AES_DestroyContext(aes_context, PR_TRUE);
+
+ if ((aes_status != SECSuccess) ||
+ (aes_bytes_decrypted != FIPS_AES_DECRYPT_LENGTH) ||
+ (PORT_Memcmp(aes_computed_plaintext, aes_known_plaintext,
+ FIPS_AES_DECRYPT_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+/* Known Hash Message (512-bits). Used for all hashes (incl. SHA-N [N>1]). */
+static const PRUint8 known_hash_message[] = {
+ "The test message for the MD2, MD5, and SHA-1 hashing algorithms."
+};
+
+/****************************************************/
+/* Single Round HMAC SHA-X test */
+/****************************************************/
+static SECStatus
+freebl_fips_HMAC(unsigned char *hmac_computed,
+ const PRUint8 *secret_key,
+ unsigned int secret_key_length,
+ const PRUint8 *message,
+ unsigned int message_length,
+ HASH_HashType hashAlg)
+{
+ SECStatus hmac_status = SECFailure;
+ HMACContext *cx = NULL;
+ SECHashObject *hashObj = NULL;
+ unsigned int bytes_hashed = 0;
+
+ hashObj = (SECHashObject *)HASH_GetRawHashObject(hashAlg);
+
+ if (!hashObj)
+ return (SECFailure);
+
+ cx = HMAC_Create(hashObj, secret_key,
+ secret_key_length,
+ PR_TRUE); /* PR_TRUE for in FIPS mode */
+
+ if (cx == NULL)
+ return (SECFailure);
+
+ HMAC_Begin(cx);
+ HMAC_Update(cx, message, message_length);
+ hmac_status = HMAC_Finish(cx, hmac_computed, &bytes_hashed,
+ hashObj->length);
+
+ HMAC_Destroy(cx, PR_TRUE);
+
+ return (hmac_status);
+}
+
+static SECStatus
+freebl_fips_HMAC_PowerUpSelfTest(void)
+{
+ static const PRUint8 HMAC_known_secret_key[] = {
+ "Firefox and ThunderBird are awesome!"
+ };
+
+ static const PRUint8 HMAC_known_secret_key_length = sizeof HMAC_known_secret_key;
+
+ /* known SHA1 hmac (20 bytes) */
+ static const PRUint8 known_SHA1_hmac[] = {
+ 0xd5, 0x85, 0xf6, 0x5b, 0x39, 0xfa, 0xb9, 0x05,
+ 0x3b, 0x57, 0x1d, 0x61, 0xe7, 0xb8, 0x84, 0x1e,
+ 0x5d, 0x0e, 0x1e, 0x11
+ };
+
+ /* known SHA224 hmac (28 bytes) */
+ static const PRUint8 known_SHA224_hmac[] = {
+ 0x1c, 0xc3, 0x06, 0x8e, 0xce, 0x37, 0x68, 0xfb,
+ 0x1a, 0x82, 0x4a, 0xbe, 0x2b, 0x00, 0x51, 0xf8,
+ 0x9d, 0xb6, 0xe0, 0x90, 0x0d, 0x00, 0xc9, 0x64,
+ 0x9a, 0xb8, 0x98, 0x4e
+ };
+
+ /* known SHA256 hmac (32 bytes) */
+ static const PRUint8 known_SHA256_hmac[] = {
+ 0x05, 0x75, 0x9a, 0x9e, 0x70, 0x5e, 0xe7, 0x44,
+ 0xe2, 0x46, 0x4b, 0x92, 0x22, 0x14, 0x22, 0xe0,
+ 0x1b, 0x92, 0x8a, 0x0c, 0xfe, 0xf5, 0x49, 0xe9,
+ 0xa7, 0x1b, 0x56, 0x7d, 0x1d, 0x29, 0x40, 0x48
+ };
+
+ /* known SHA384 hmac (48 bytes) */
+ static const PRUint8 known_SHA384_hmac[] = {
+ 0xcd, 0x56, 0x14, 0xec, 0x05, 0x53, 0x06, 0x2b,
+ 0x7e, 0x9c, 0x8a, 0x18, 0x5e, 0xea, 0xf3, 0x91,
+ 0x33, 0xfb, 0x64, 0xf6, 0xe3, 0x9f, 0x89, 0x0b,
+ 0xaf, 0xbe, 0x83, 0x4d, 0x3f, 0x3c, 0x43, 0x4d,
+ 0x4a, 0x0c, 0x56, 0x98, 0xf8, 0xca, 0xb4, 0xaa,
+ 0x9a, 0xf4, 0x0a, 0xaf, 0x4f, 0x69, 0xca, 0x87
+ };
+
+ /* known SHA512 hmac (64 bytes) */
+ static const PRUint8 known_SHA512_hmac[] = {
+ 0xf6, 0x0e, 0x97, 0x12, 0x00, 0x67, 0x6e, 0xb9,
+ 0x0c, 0xb2, 0x63, 0xf0, 0x60, 0xac, 0x75, 0x62,
+ 0x70, 0x95, 0x2a, 0x52, 0x22, 0xee, 0xdd, 0xd2,
+ 0x71, 0xb1, 0xe8, 0x26, 0x33, 0xd3, 0x13, 0x27,
+ 0xcb, 0xff, 0x44, 0xef, 0x87, 0x97, 0x16, 0xfb,
+ 0xd3, 0x0b, 0x48, 0xbe, 0x12, 0x4e, 0xda, 0xb1,
+ 0x89, 0x90, 0xfb, 0x06, 0x0c, 0xbe, 0xe5, 0xc4,
+ 0xff, 0x24, 0x37, 0x3d, 0xc7, 0xe4, 0xe4, 0x37
+ };
+
+ SECStatus hmac_status;
+ PRUint8 hmac_computed[HASH_LENGTH_MAX];
+
+ /***************************************************/
+ /* HMAC SHA-1 Single-Round Known Answer HMAC Test. */
+ /***************************************************/
+
+ hmac_status = freebl_fips_HMAC(hmac_computed,
+ HMAC_known_secret_key,
+ HMAC_known_secret_key_length,
+ known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH,
+ HASH_AlgSHA1);
+
+ if ((hmac_status != SECSuccess) ||
+ (PORT_Memcmp(hmac_computed, known_SHA1_hmac,
+ SHA1_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* HMAC SHA-224 Single-Round Known Answer Test. */
+ /***************************************************/
+
+ hmac_status = freebl_fips_HMAC(hmac_computed,
+ HMAC_known_secret_key,
+ HMAC_known_secret_key_length,
+ known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH,
+ HASH_AlgSHA224);
+
+ if ((hmac_status != SECSuccess) ||
+ (PORT_Memcmp(hmac_computed, known_SHA224_hmac,
+ SHA224_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* HMAC SHA-256 Single-Round Known Answer Test. */
+ /***************************************************/
+
+ hmac_status = freebl_fips_HMAC(hmac_computed,
+ HMAC_known_secret_key,
+ HMAC_known_secret_key_length,
+ known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH,
+ HASH_AlgSHA256);
+
+ if ((hmac_status != SECSuccess) ||
+ (PORT_Memcmp(hmac_computed, known_SHA256_hmac,
+ SHA256_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* HMAC SHA-384 Single-Round Known Answer Test. */
+ /***************************************************/
+
+ hmac_status = freebl_fips_HMAC(hmac_computed,
+ HMAC_known_secret_key,
+ HMAC_known_secret_key_length,
+ known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH,
+ HASH_AlgSHA384);
+
+ if ((hmac_status != SECSuccess) ||
+ (PORT_Memcmp(hmac_computed, known_SHA384_hmac,
+ SHA384_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* HMAC SHA-512 Single-Round Known Answer Test. */
+ /***************************************************/
+
+ hmac_status = freebl_fips_HMAC(hmac_computed,
+ HMAC_known_secret_key,
+ HMAC_known_secret_key_length,
+ known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH,
+ HASH_AlgSHA512);
+
+ if ((hmac_status != SECSuccess) ||
+ (PORT_Memcmp(hmac_computed, known_SHA512_hmac,
+ SHA512_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+freebl_fips_SHA_PowerUpSelfTest(void)
+{
+ /* SHA-1 Known Digest Message (160-bits). */
+ static const PRUint8 sha1_known_digest[] = {
+ 0x0a, 0x6d, 0x07, 0xba, 0x1e, 0xbd, 0x8a, 0x1b,
+ 0x72, 0xf6, 0xc7, 0x22, 0xf1, 0x27, 0x9f, 0xf0,
+ 0xe0, 0x68, 0x47, 0x7a
+ };
+
+ /* SHA-224 Known Digest Message (224-bits). */
+ static const PRUint8 sha224_known_digest[] = {
+ 0x89, 0x5e, 0x7f, 0xfd, 0x0e, 0xd8, 0x35, 0x6f,
+ 0x64, 0x6d, 0xf2, 0xde, 0x5e, 0xed, 0xa6, 0x7f,
+ 0x29, 0xd1, 0x12, 0x73, 0x42, 0x84, 0x95, 0x4f,
+ 0x8e, 0x08, 0xe5, 0xcb
+ };
+
+ /* SHA-256 Known Digest Message (256-bits). */
+ static const PRUint8 sha256_known_digest[] = {
+ 0x38, 0xa9, 0xc1, 0xf0, 0x35, 0xf6, 0x5d, 0x61,
+ 0x11, 0xd4, 0x0b, 0xdc, 0xce, 0x35, 0x14, 0x8d,
+ 0xf2, 0xdd, 0xaf, 0xaf, 0xcf, 0xb7, 0x87, 0xe9,
+ 0x96, 0xa5, 0xd2, 0x83, 0x62, 0x46, 0x56, 0x79
+ };
+
+ /* SHA-384 Known Digest Message (384-bits). */
+ static const PRUint8 sha384_known_digest[] = {
+ 0x11, 0xfe, 0x1c, 0x00, 0x89, 0x48, 0xde, 0xb3,
+ 0x99, 0xee, 0x1c, 0x18, 0xb4, 0x10, 0xfb, 0xfe,
+ 0xe3, 0xa8, 0x2c, 0xf3, 0x04, 0xb0, 0x2f, 0xc8,
+ 0xa3, 0xc4, 0x5e, 0xea, 0x7e, 0x60, 0x48, 0x7b,
+ 0xce, 0x2c, 0x62, 0xf7, 0xbc, 0xa7, 0xe8, 0xa3,
+ 0xcf, 0x24, 0xce, 0x9c, 0xe2, 0x8b, 0x09, 0x72
+ };
+
+ /* SHA-512 Known Digest Message (512-bits). */
+ static const PRUint8 sha512_known_digest[] = {
+ 0xc8, 0xb3, 0x27, 0xf9, 0x0b, 0x24, 0xc8, 0xbf,
+ 0x4c, 0xba, 0x33, 0x54, 0xf2, 0x31, 0xbf, 0xdb,
+ 0xab, 0xfd, 0xb3, 0x15, 0xd7, 0xfa, 0x48, 0x99,
+ 0x07, 0x60, 0x0f, 0x57, 0x41, 0x1a, 0xdd, 0x28,
+ 0x12, 0x55, 0x25, 0xac, 0xba, 0x3a, 0x99, 0x12,
+ 0x2c, 0x7a, 0x8f, 0x75, 0x3a, 0xe1, 0x06, 0x6f,
+ 0x30, 0x31, 0xc9, 0x33, 0xc6, 0x1b, 0x90, 0x1a,
+ 0x6c, 0x98, 0x9a, 0x87, 0xd0, 0xb2, 0xf8, 0x07
+ };
+
+ /* SHA-X variables. */
+ PRUint8 sha_computed_digest[HASH_LENGTH_MAX];
+ SECStatus sha_status;
+
+ /*************************************************/
+ /* SHA-1 Single-Round Known Answer Hashing Test. */
+ /*************************************************/
+
+ sha_status = SHA1_HashBuf(sha_computed_digest, known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH);
+
+ if ((sha_status != SECSuccess) ||
+ (PORT_Memcmp(sha_computed_digest, sha1_known_digest,
+ SHA1_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* SHA-224 Single-Round Known Answer Hashing Test. */
+ /***************************************************/
+
+ sha_status = SHA224_HashBuf(sha_computed_digest, known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH);
+
+ if ((sha_status != SECSuccess) ||
+ (PORT_Memcmp(sha_computed_digest, sha224_known_digest,
+ SHA224_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* SHA-256 Single-Round Known Answer Hashing Test. */
+ /***************************************************/
+
+ sha_status = SHA256_HashBuf(sha_computed_digest, known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH);
+
+ if ((sha_status != SECSuccess) ||
+ (PORT_Memcmp(sha_computed_digest, sha256_known_digest,
+ SHA256_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* SHA-384 Single-Round Known Answer Hashing Test. */
+ /***************************************************/
+
+ sha_status = SHA384_HashBuf(sha_computed_digest, known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH);
+
+ if ((sha_status != SECSuccess) ||
+ (PORT_Memcmp(sha_computed_digest, sha384_known_digest,
+ SHA384_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /***************************************************/
+ /* SHA-512 Single-Round Known Answer Hashing Test. */
+ /***************************************************/
+
+ sha_status = SHA512_HashBuf(sha_computed_digest, known_hash_message,
+ FIPS_KNOWN_HASH_MESSAGE_LENGTH);
+
+ if ((sha_status != SECSuccess) ||
+ (PORT_Memcmp(sha_computed_digest, sha512_known_digest,
+ SHA512_LENGTH) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+freebl_fips_RSA_PowerUpSelfTest(void)
+{
+ /* RSA Known Modulus used in both Public/Private Key Values (2048-bits). */
+ static const PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
+ 0xb8, 0x15, 0x00, 0x33, 0xda, 0x0c, 0x9d, 0xa5,
+ 0x14, 0x8c, 0xde, 0x1f, 0x23, 0x07, 0x54, 0xe2,
+ 0xc6, 0xb9, 0x51, 0x04, 0xc9, 0x65, 0x24, 0x6e,
+ 0x0a, 0x46, 0x34, 0x5c, 0x37, 0x86, 0x6b, 0x88,
+ 0x24, 0x27, 0xac, 0xa5, 0x02, 0x79, 0xfb, 0xed,
+ 0x75, 0xc5, 0x3f, 0x6e, 0xdf, 0x05, 0x5f, 0x0f,
+ 0x20, 0x70, 0xa0, 0x5b, 0x85, 0xdb, 0xac, 0xb9,
+ 0x5f, 0x02, 0xc2, 0x64, 0x1e, 0x84, 0x5b, 0x3e,
+ 0xad, 0xbf, 0xf6, 0x2e, 0x51, 0xd6, 0xad, 0xf7,
+ 0xa7, 0x86, 0x75, 0x86, 0xec, 0xa7, 0xe1, 0xf7,
+ 0x08, 0xbf, 0xdc, 0x56, 0xb1, 0x3b, 0xca, 0xd8,
+ 0xfc, 0x51, 0xdf, 0x9a, 0x2a, 0x37, 0x06, 0xf2,
+ 0xd1, 0x6b, 0x9a, 0x5e, 0x2a, 0xe5, 0x20, 0x57,
+ 0x35, 0x9f, 0x1f, 0x98, 0xcf, 0x40, 0xc7, 0xd6,
+ 0x98, 0xdb, 0xde, 0xf5, 0x64, 0x53, 0xf7, 0x9d,
+ 0x45, 0xf3, 0xd6, 0x78, 0xb9, 0xe3, 0xa3, 0x20,
+ 0xcd, 0x79, 0x43, 0x35, 0xef, 0xd7, 0xfb, 0xb9,
+ 0x80, 0x88, 0x27, 0x2f, 0x63, 0xa8, 0x67, 0x3d,
+ 0x4a, 0xfa, 0x06, 0xc6, 0xd2, 0x86, 0x0b, 0xa7,
+ 0x28, 0xfd, 0xe0, 0x1e, 0x93, 0x4b, 0x17, 0x2e,
+ 0xb0, 0x11, 0x6f, 0xc6, 0x2b, 0x98, 0x0f, 0x15,
+ 0xe3, 0x87, 0x16, 0x7a, 0x7c, 0x67, 0x3e, 0x12,
+ 0x2b, 0xf8, 0xbe, 0x48, 0xc1, 0x97, 0x47, 0xf4,
+ 0x1f, 0x81, 0x80, 0x12, 0x28, 0xe4, 0x7b, 0x1e,
+ 0xb7, 0x00, 0xa4, 0xde, 0xaa, 0xfb, 0x0f, 0x77,
+ 0x84, 0xa3, 0xd6, 0xb2, 0x03, 0x48, 0xdd, 0x53,
+ 0x8b, 0x46, 0x41, 0x28, 0x52, 0xc4, 0x53, 0xf0,
+ 0x1c, 0x95, 0xd9, 0x36, 0xe0, 0x0f, 0x26, 0x46,
+ 0x9c, 0x61, 0x0e, 0x80, 0xca, 0x86, 0xaf, 0x39,
+ 0x95, 0xe5, 0x60, 0x43, 0x61, 0x3e, 0x2b, 0xb4,
+ 0xe8, 0xbd, 0x8d, 0x77, 0x62, 0xf5, 0x32, 0x43,
+ 0x2f, 0x4b, 0x65, 0x82, 0x14, 0xdd, 0x29, 0x5b
+ };
+
+ /* RSA Known Public Key Values (24-bits). */
+ static const PRUint8 rsa_public_exponent[FIPS_RSA_PUBLIC_EXPONENT_LENGTH] = { 0x01, 0x00, 0x01 };
+ /* RSA Known Private Key Values (version is 8-bits), */
+ /* (private exponent is 2048-bits), */
+ /* (private prime0 is 1024-bits), */
+ /* (private prime1 is 1024-bits), */
+ /* (private prime exponent0 is 1024-bits), */
+ /* (private prime exponent1 is 1024-bits), */
+ /* and (private coefficient is 1024-bits). */
+ static const PRUint8 rsa_version[] = { 0x00 };
+
+ static const PRUint8 rsa_private_exponent[FIPS_RSA_PRIVATE_EXPONENT_LENGTH] = {
+ 0x29, 0x08, 0x05, 0x53, 0x89, 0x76, 0xe6, 0x6c,
+ 0xb5, 0x77, 0xf0, 0xca, 0xdf, 0xf3, 0xf2, 0x67,
+ 0xda, 0x03, 0xd4, 0x9b, 0x4c, 0x88, 0xce, 0xe5,
+ 0xf8, 0x44, 0x4d, 0xc7, 0x80, 0x58, 0xe5, 0xff,
+ 0x22, 0x8f, 0xf5, 0x5b, 0x92, 0x81, 0xbe, 0x35,
+ 0xdf, 0xda, 0x67, 0x99, 0x3e, 0xfc, 0xe3, 0x83,
+ 0x6b, 0xa7, 0xaf, 0x16, 0xb7, 0x6f, 0x8f, 0xc0,
+ 0x81, 0xfd, 0x0b, 0x77, 0x65, 0x95, 0xfb, 0x00,
+ 0xad, 0x99, 0xec, 0x35, 0xc6, 0xe8, 0x23, 0x3e,
+ 0xe0, 0x88, 0x88, 0x09, 0xdb, 0x16, 0x50, 0xb7,
+ 0xcf, 0xab, 0x74, 0x61, 0x9e, 0x7f, 0xc5, 0x67,
+ 0x38, 0x56, 0xc7, 0x90, 0x85, 0x78, 0x5e, 0x84,
+ 0x21, 0x49, 0xea, 0xce, 0xb2, 0xa0, 0xff, 0xe4,
+ 0x70, 0x7f, 0x57, 0x7b, 0xa8, 0x36, 0xb8, 0x54,
+ 0x8d, 0x1d, 0xf5, 0x44, 0x9d, 0x68, 0x59, 0xf9,
+ 0x24, 0x6e, 0x85, 0x8f, 0xc3, 0x5f, 0x8a, 0x2c,
+ 0x94, 0xb7, 0xbc, 0x0e, 0xa5, 0xef, 0x93, 0x06,
+ 0x38, 0xcd, 0x07, 0x0c, 0xae, 0xb8, 0x44, 0x1a,
+ 0xd8, 0xe7, 0xf5, 0x9a, 0x1e, 0x9c, 0x18, 0xc7,
+ 0x6a, 0xc2, 0x7f, 0x28, 0x01, 0x4f, 0xb4, 0xb8,
+ 0x90, 0x97, 0x5a, 0x43, 0x38, 0xad, 0xe8, 0x95,
+ 0x68, 0x83, 0x1a, 0x1b, 0x10, 0x07, 0xe6, 0x02,
+ 0x52, 0x1f, 0xbf, 0x76, 0x6b, 0x46, 0xd6, 0xfb,
+ 0xc3, 0xbe, 0xb5, 0xac, 0x52, 0x53, 0x01, 0x1c,
+ 0xf3, 0xc5, 0xeb, 0x64, 0xf2, 0x1e, 0xc4, 0x38,
+ 0xe9, 0xaa, 0xd9, 0xc3, 0x72, 0x51, 0xa5, 0x44,
+ 0x58, 0x69, 0x0b, 0x1b, 0x98, 0x7f, 0xf2, 0x23,
+ 0xff, 0xeb, 0xf0, 0x75, 0x24, 0xcf, 0xc5, 0x1e,
+ 0xb8, 0x6a, 0xc5, 0x2f, 0x4f, 0x23, 0x50, 0x7d,
+ 0x15, 0x9d, 0x19, 0x7a, 0x0b, 0x82, 0xe0, 0x21,
+ 0x5b, 0x5f, 0x9d, 0x50, 0x2b, 0x83, 0xe4, 0x48,
+ 0xcc, 0x39, 0xe5, 0xfb, 0x13, 0x7b, 0x6f, 0x81
+ };
+
+ static const PRUint8 rsa_prime0[FIPS_RSA_PRIME0_LENGTH] = {
+ 0xe4, 0xbf, 0x21, 0x62, 0x9b, 0xa9, 0x77, 0x40,
+ 0x8d, 0x2a, 0xce, 0xa1, 0x67, 0x5a, 0x4c, 0x96,
+ 0x45, 0x98, 0x67, 0xbd, 0x75, 0x22, 0x33, 0x6f,
+ 0xe6, 0xcb, 0x77, 0xde, 0x9e, 0x97, 0x7d, 0x96,
+ 0x8c, 0x5e, 0x5d, 0x34, 0xfb, 0x27, 0xfc, 0x6d,
+ 0x74, 0xdb, 0x9d, 0x2e, 0x6d, 0xf6, 0xea, 0xfc,
+ 0xce, 0x9e, 0xda, 0xa7, 0x25, 0xa2, 0xf4, 0x58,
+ 0x6d, 0x0a, 0x3f, 0x01, 0xc2, 0xb4, 0xab, 0x38,
+ 0xc1, 0x14, 0x85, 0xb6, 0xfa, 0x94, 0xc3, 0x85,
+ 0xf9, 0x3c, 0x2e, 0x96, 0x56, 0x01, 0xe7, 0xd6,
+ 0x14, 0x71, 0x4f, 0xfb, 0x4c, 0x85, 0x52, 0xc4,
+ 0x61, 0x1e, 0xa5, 0x1e, 0x96, 0x13, 0x0d, 0x8f,
+ 0x66, 0xae, 0xa0, 0xcd, 0x7d, 0x25, 0x66, 0x19,
+ 0x15, 0xc2, 0xcf, 0xc3, 0x12, 0x3c, 0xe8, 0xa4,
+ 0x52, 0x4c, 0xcb, 0x28, 0x3c, 0xc4, 0xbf, 0x95,
+ 0x33, 0xe3, 0x81, 0xea, 0x0c, 0x6c, 0xa2, 0x05
+ };
+ static const PRUint8 rsa_prime1[FIPS_RSA_PRIME1_LENGTH] = {
+ 0xce, 0x03, 0x94, 0xf4, 0xa9, 0x2c, 0x1e, 0x06,
+ 0xe7, 0x40, 0x30, 0x01, 0xf7, 0xbb, 0x68, 0x8c,
+ 0x27, 0xd2, 0x15, 0xe3, 0x28, 0x49, 0x5b, 0xa8,
+ 0xc1, 0x9a, 0x42, 0x7e, 0x31, 0xf9, 0x08, 0x34,
+ 0x81, 0xa2, 0x0f, 0x04, 0x61, 0x34, 0xe3, 0x36,
+ 0x92, 0xb1, 0x09, 0x2b, 0xe9, 0xef, 0x84, 0x88,
+ 0xbe, 0x9c, 0x98, 0x60, 0xa6, 0x60, 0x84, 0xe9,
+ 0x75, 0x6f, 0xcc, 0x81, 0xd1, 0x96, 0xef, 0xdd,
+ 0x2e, 0xca, 0xc4, 0xf5, 0x42, 0xfb, 0x13, 0x2b,
+ 0x57, 0xbf, 0x14, 0x5e, 0xc2, 0x7f, 0x77, 0x35,
+ 0x29, 0xc4, 0xe5, 0xe0, 0xf9, 0x6d, 0x15, 0x4a,
+ 0x42, 0x56, 0x1c, 0x3e, 0x0c, 0xc5, 0xce, 0x70,
+ 0x08, 0x63, 0x1e, 0x73, 0xdb, 0x7e, 0x74, 0x05,
+ 0x32, 0x01, 0xc6, 0x36, 0x32, 0x75, 0x6b, 0xed,
+ 0x9d, 0xfe, 0x7c, 0x7e, 0xa9, 0x57, 0xb4, 0xe9,
+ 0x22, 0xe4, 0xe7, 0xfe, 0x36, 0x07, 0x9b, 0xdf
+ };
+ static const PRUint8 rsa_exponent0[FIPS_RSA_EXPONENT0_LENGTH] = {
+ 0x04, 0x5a, 0x3a, 0xa9, 0x64, 0xaa, 0xd9, 0xd1,
+ 0x09, 0x9e, 0x99, 0xe5, 0xea, 0x50, 0x86, 0x8a,
+ 0x89, 0x72, 0x77, 0xee, 0xdb, 0xee, 0xb5, 0xa9,
+ 0xd8, 0x6b, 0x60, 0xb1, 0x84, 0xb4, 0xff, 0x37,
+ 0xc1, 0x1d, 0xfe, 0x8a, 0x06, 0x89, 0x61, 0x3d,
+ 0x37, 0xef, 0x01, 0xd3, 0xa3, 0x56, 0x02, 0x6c,
+ 0xa3, 0x05, 0xd4, 0xc5, 0x3f, 0x6b, 0x15, 0x59,
+ 0x25, 0x61, 0xff, 0x86, 0xea, 0x0c, 0x84, 0x01,
+ 0x85, 0x72, 0xfd, 0x84, 0x58, 0xca, 0x41, 0xda,
+ 0x27, 0xbe, 0xe4, 0x68, 0x09, 0xe4, 0xe9, 0x63,
+ 0x62, 0x6a, 0x31, 0x8a, 0x67, 0x8f, 0x55, 0xde,
+ 0xd4, 0xb6, 0x3f, 0x90, 0x10, 0x6c, 0xf6, 0x62,
+ 0x17, 0x23, 0x15, 0x7e, 0x33, 0x76, 0x65, 0xb5,
+ 0xee, 0x7b, 0x11, 0x76, 0xf5, 0xbe, 0xe0, 0xf2,
+ 0x57, 0x7a, 0x8c, 0x97, 0x0c, 0x68, 0xf5, 0xf8,
+ 0x41, 0xcf, 0x7f, 0x66, 0x53, 0xac, 0x31, 0x7d
+ };
+ static const PRUint8 rsa_exponent1[FIPS_RSA_EXPONENT1_LENGTH] = {
+ 0x93, 0x54, 0x14, 0x6e, 0x73, 0x9d, 0x4d, 0x4b,
+ 0xfa, 0x8c, 0xf8, 0xc8, 0x2f, 0x76, 0x22, 0xea,
+ 0x38, 0x80, 0x11, 0x8f, 0x05, 0xfc, 0x90, 0x44,
+ 0x3b, 0x50, 0x2a, 0x45, 0x3d, 0x4f, 0xaf, 0x02,
+ 0x7d, 0xc2, 0x7b, 0xa2, 0xd2, 0x31, 0x94, 0x5c,
+ 0x2e, 0xc3, 0xd4, 0x9f, 0x47, 0x09, 0x37, 0x6a,
+ 0xe3, 0x85, 0xf1, 0xa3, 0x0c, 0xd8, 0xf1, 0xb4,
+ 0x53, 0x7b, 0xc4, 0x71, 0x02, 0x86, 0x42, 0xbb,
+ 0x96, 0xff, 0x03, 0xa3, 0xb2, 0x67, 0x03, 0xea,
+ 0x77, 0x31, 0xfb, 0x4b, 0x59, 0x24, 0xf7, 0x07,
+ 0x59, 0xfb, 0xa9, 0xba, 0x1e, 0x26, 0x58, 0x97,
+ 0x66, 0xa1, 0x56, 0x49, 0x39, 0xb1, 0x2c, 0x55,
+ 0x0a, 0x6a, 0x78, 0x18, 0xba, 0xdb, 0xcf, 0xf4,
+ 0xf7, 0x32, 0x35, 0xa2, 0x04, 0xab, 0xdc, 0xa7,
+ 0x6d, 0xd9, 0xd5, 0x06, 0x6f, 0xec, 0x7d, 0x40,
+ 0x4c, 0xe8, 0x0e, 0xd0, 0xc9, 0xaa, 0xdf, 0x59
+ };
+ static const PRUint8 rsa_coefficient[FIPS_RSA_COEFFICIENT_LENGTH] = {
+ 0x17, 0xd7, 0xf5, 0x0a, 0xf0, 0x68, 0x97, 0x96,
+ 0xc4, 0x29, 0x18, 0x77, 0x9a, 0x1f, 0xe3, 0xf3,
+ 0x12, 0x13, 0x0f, 0x7e, 0x7b, 0xb9, 0xc1, 0x91,
+ 0xf9, 0xc7, 0x08, 0x56, 0x5c, 0xa4, 0xbc, 0x83,
+ 0x71, 0xf9, 0x78, 0xd9, 0x2b, 0xec, 0xfe, 0x6b,
+ 0xdc, 0x2f, 0x63, 0xc9, 0xcd, 0x50, 0x14, 0x5b,
+ 0xd3, 0x6e, 0x85, 0x4d, 0x0c, 0xa2, 0x0b, 0xa0,
+ 0x09, 0xb6, 0xca, 0x34, 0x9c, 0xc2, 0xc1, 0x4a,
+ 0xb0, 0xbc, 0x45, 0x93, 0xa5, 0x7e, 0x99, 0xb5,
+ 0xbd, 0xe4, 0x69, 0x29, 0x08, 0x28, 0xd2, 0xcd,
+ 0xab, 0x24, 0x78, 0x48, 0x41, 0x26, 0x0b, 0x37,
+ 0xa3, 0x43, 0xd1, 0x95, 0x1a, 0xd6, 0xee, 0x22,
+ 0x1c, 0x00, 0x0b, 0xc2, 0xb7, 0xa4, 0xa3, 0x21,
+ 0xa9, 0xcd, 0xe4, 0x69, 0xd3, 0x45, 0x02, 0xb1,
+ 0xb7, 0x3a, 0xbf, 0x51, 0x35, 0x1b, 0x78, 0xc2,
+ 0xcf, 0x0c, 0x0d, 0x60, 0x09, 0xa9, 0x44, 0x02
+ };
+
+ /* RSA Known Plaintext Message (1024-bits). */
+ static const PRUint8 rsa_known_plaintext_msg[FIPS_RSA_MESSAGE_LENGTH] = {
+ "Known plaintext message utilized"
+ "for RSA Encryption & Decryption"
+ "blocks SHA256, SHA384 and "
+ "SHA512 RSA Signature KAT tests. "
+ "Known plaintext message utilized"
+ "for RSA Encryption & Decryption"
+ "blocks SHA256, SHA384 and "
+ "SHA512 RSA Signature KAT tests."
+ };
+
+ /* RSA Known Ciphertext (2048-bits). */
+ static const PRUint8 rsa_known_ciphertext[] = {
+ 0x04, 0x12, 0x46, 0xe3, 0x6a, 0xee, 0xde, 0xdd,
+ 0x49, 0xa1, 0xd9, 0x83, 0xf7, 0x35, 0xf9, 0x70,
+ 0x88, 0x03, 0x2d, 0x01, 0x8b, 0xd1, 0xbf, 0xdb,
+ 0xe5, 0x1c, 0x85, 0xbe, 0xb5, 0x0b, 0x48, 0x45,
+ 0x7a, 0xf0, 0xa0, 0xe3, 0xa2, 0xbb, 0x4b, 0xf6,
+ 0x27, 0xd0, 0x1b, 0x12, 0xe3, 0x77, 0x52, 0x34,
+ 0x9e, 0x8e, 0x03, 0xd2, 0xf8, 0x79, 0x6e, 0x39,
+ 0x79, 0x53, 0x3c, 0x44, 0x14, 0x94, 0xbb, 0x8d,
+ 0xaa, 0x14, 0x44, 0xa0, 0x7b, 0xa5, 0x8c, 0x93,
+ 0x5f, 0x99, 0xa4, 0xa3, 0x6e, 0x7a, 0x38, 0x40,
+ 0x78, 0xfa, 0x36, 0x91, 0x5e, 0x9a, 0x9c, 0xba,
+ 0x1e, 0xd4, 0xf9, 0xda, 0x4b, 0x0f, 0xa8, 0xa3,
+ 0x1c, 0xf3, 0x3a, 0xd1, 0xa5, 0xb4, 0x51, 0x16,
+ 0xed, 0x4b, 0xcf, 0xec, 0x93, 0x7b, 0x90, 0x21,
+ 0xbc, 0x3a, 0xf4, 0x0b, 0xd1, 0x3a, 0x2b, 0xba,
+ 0xa6, 0x7d, 0x5b, 0x53, 0xd8, 0x64, 0xf9, 0x29,
+ 0x7b, 0x7f, 0x77, 0x3e, 0x51, 0x4c, 0x9a, 0x94,
+ 0xd2, 0x4b, 0x4a, 0x8d, 0x61, 0x74, 0x97, 0xae,
+ 0x53, 0x6a, 0xf4, 0x90, 0xc2, 0x2c, 0x49, 0xe2,
+ 0xfa, 0xeb, 0x91, 0xc5, 0xe5, 0x83, 0x13, 0xc9,
+ 0x44, 0x4b, 0x95, 0x2c, 0x57, 0x70, 0x15, 0x5c,
+ 0x64, 0x8d, 0x1a, 0xfd, 0x2a, 0xc7, 0xb2, 0x9c,
+ 0x5c, 0x99, 0xd3, 0x4a, 0xfd, 0xdd, 0xf6, 0x82,
+ 0x87, 0x8c, 0x5a, 0xc4, 0xa8, 0x0d, 0x2a, 0xef,
+ 0xc3, 0xa2, 0x7e, 0x8e, 0x67, 0x9f, 0x6f, 0x63,
+ 0xdb, 0xbb, 0x1d, 0x31, 0xc4, 0xbb, 0xbc, 0x13,
+ 0x3f, 0x54, 0xc6, 0xf6, 0xc5, 0x28, 0x32, 0xab,
+ 0x96, 0x42, 0x10, 0x36, 0x40, 0x92, 0xbb, 0x57,
+ 0x55, 0x38, 0xf5, 0x43, 0x7e, 0x43, 0xc4, 0x65,
+ 0x47, 0x64, 0xaa, 0x0f, 0x4c, 0xe9, 0x49, 0x16,
+ 0xec, 0x6a, 0x50, 0xfd, 0x14, 0x49, 0xca, 0xdb,
+ 0x44, 0x54, 0xca, 0xbe, 0xa3, 0x0e, 0x5f, 0xef
+ };
+
+ static const RSAPublicKey bl_public_key = {
+ NULL,
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_modulus,
+ FIPS_RSA_MODULUS_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_public_exponent,
+ FIPS_RSA_PUBLIC_EXPONENT_LENGTH }
+ };
+ static const RSAPrivateKey bl_private_key = {
+ NULL,
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_version,
+ FIPS_RSA_PRIVATE_VERSION_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_modulus,
+ FIPS_RSA_MODULUS_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_public_exponent,
+ FIPS_RSA_PUBLIC_EXPONENT_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_private_exponent,
+ FIPS_RSA_PRIVATE_EXPONENT_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_prime0,
+ FIPS_RSA_PRIME0_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_prime1,
+ FIPS_RSA_PRIME1_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_exponent0,
+ FIPS_RSA_EXPONENT0_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_exponent1,
+ FIPS_RSA_EXPONENT1_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_coefficient,
+ FIPS_RSA_COEFFICIENT_LENGTH }
+ };
+
+ /* RSA variables. */
+ SECStatus rsa_status;
+ RSAPublicKey rsa_public_key;
+ RSAPrivateKey rsa_private_key;
+
+ PRUint8 rsa_computed_ciphertext[FIPS_RSA_ENCRYPT_LENGTH];
+ PRUint8 rsa_computed_plaintext[FIPS_RSA_DECRYPT_LENGTH];
+
+ rsa_public_key = bl_public_key;
+ rsa_private_key = bl_private_key;
+
+ /**************************************************/
+ /* RSA Single-Round Known Answer Encryption Test. */
+ /**************************************************/
+
+ /* Perform RSA Public Key Encryption. */
+ rsa_status = RSA_PublicKeyOp(&rsa_public_key,
+ rsa_computed_ciphertext,
+ rsa_known_plaintext_msg);
+
+ if ((rsa_status != SECSuccess) ||
+ (PORT_Memcmp(rsa_computed_ciphertext, rsa_known_ciphertext,
+ FIPS_RSA_ENCRYPT_LENGTH) != 0))
+ goto rsa_loser;
+
+ /**************************************************/
+ /* RSA Single-Round Known Answer Decryption Test. */
+ /**************************************************/
+
+ /* Perform RSA Private Key Decryption. */
+ rsa_status = RSA_PrivateKeyOp(&rsa_private_key,
+ rsa_computed_plaintext,
+ rsa_known_ciphertext);
+
+ if ((rsa_status != SECSuccess) ||
+ (PORT_Memcmp(rsa_computed_plaintext, rsa_known_plaintext_msg,
+ FIPS_RSA_DECRYPT_LENGTH) != 0))
+ goto rsa_loser;
+
+ return (SECSuccess);
+
+rsa_loser:
+
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+}
+
+#ifdef NSS_ENABLE_ECC
+
+static SECStatus
+freebl_fips_ECDSA_Test(ECParams *ecparams,
+ const PRUint8 *knownSignature,
+ unsigned int knownSignatureLen)
+{
+
+ /* ECDSA Known Seed info for curves nistp256 and nistk283 */
+ static const PRUint8 ecdsa_Known_Seed[] = {
+ 0x6a, 0x9b, 0xf6, 0xf7, 0xce, 0xed, 0x79, 0x11,
+ 0xf0, 0xc7, 0xc8, 0x9a, 0xa5, 0xd1, 0x57, 0xb1,
+ 0x7b, 0x5a, 0x3b, 0x76, 0x4e, 0x7b, 0x7c, 0xbc,
+ 0xf2, 0x76, 0x1c, 0x1c, 0x7f, 0xc5, 0x53, 0x2f
+ };
+
+ static const PRUint8 msg[] = {
+ "Firefox and ThunderBird are awesome!"
+ };
+
+ unsigned char sha1[SHA1_LENGTH]; /* SHA-1 hash (160 bits) */
+ unsigned char sig[2 * MAX_ECKEY_LEN];
+ SECItem signature, digest;
+ ECPrivateKey *ecdsa_private_key = NULL;
+ ECPublicKey ecdsa_public_key;
+ SECStatus ecdsaStatus = SECSuccess;
+
+ /* Generates a new EC key pair. The private key is a supplied
+ * random value (in seed) and the public key is the result of
+ * performing a scalar point multiplication of that value with
+ * the curve's base point.
+ */
+ ecdsaStatus = EC_NewKeyFromSeed(ecparams, &ecdsa_private_key,
+ ecdsa_Known_Seed,
+ sizeof(ecdsa_Known_Seed));
+ if (ecdsaStatus != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+
+ /* construct public key from private key. */
+ ecdsa_public_key.ecParams = ecdsa_private_key->ecParams;
+ ecdsa_public_key.publicValue = ecdsa_private_key->publicValue;
+
+ /* validate public key value */
+ ecdsaStatus = EC_ValidatePublicKey(&ecdsa_public_key.ecParams,
+ &ecdsa_public_key.publicValue);
+ if (ecdsaStatus != SECSuccess) {
+ goto loser;
+ }
+
+ /* validate public key value */
+ ecdsaStatus = EC_ValidatePublicKey(&ecdsa_private_key->ecParams,
+ &ecdsa_private_key->publicValue);
+ if (ecdsaStatus != SECSuccess) {
+ goto loser;
+ }
+
+ /***************************************************/
+ /* ECDSA Single-Round Known Answer Signature Test. */
+ /***************************************************/
+
+ ecdsaStatus = SHA1_HashBuf(sha1, msg, sizeof msg);
+ if (ecdsaStatus != SECSuccess) {
+ goto loser;
+ }
+ digest.type = siBuffer;
+ digest.data = sha1;
+ digest.len = SHA1_LENGTH;
+
+ memset(sig, 0, sizeof sig);
+ signature.type = siBuffer;
+ signature.data = sig;
+ signature.len = sizeof sig;
+
+ ecdsaStatus = ECDSA_SignDigestWithSeed(ecdsa_private_key, &signature,
+ &digest, ecdsa_Known_Seed, sizeof ecdsa_Known_Seed);
+ if (ecdsaStatus != SECSuccess) {
+ goto loser;
+ }
+
+ if ((signature.len != knownSignatureLen) ||
+ (PORT_Memcmp(signature.data, knownSignature,
+ knownSignatureLen) != 0)) {
+ ecdsaStatus = SECFailure;
+ goto loser;
+ }
+
+ /******************************************************/
+ /* ECDSA Single-Round Known Answer Verification Test. */
+ /******************************************************/
+
+ /* Perform ECDSA verification process. */
+ ecdsaStatus = ECDSA_VerifyDigest(&ecdsa_public_key, &signature, &digest);
+
+loser:
+ /* free the memory for the private key arena*/
+ PORT_FreeArena(ecdsa_private_key->ecParams.arena, PR_FALSE);
+
+ if (ecdsaStatus != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+ }
+ return (SECSuccess);
+}
+
+static SECStatus
+freebl_fips_ECDSA_PowerUpSelfTest()
+{
+
+ /* ECDSA Known curve nistp256 == ECCCurve_X9_62_PRIME_256V1 params */
+ static const unsigned char p256_prime[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+ static const unsigned char p256_a[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC
+ };
+ static const unsigned char p256_b[] = {
+ 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55, 0x76,
+ 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6, 0x3B, 0xCE,
+ 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B
+ };
+ static const unsigned char p256_base[] = {
+ 0x04,
+ 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, 0x63,
+ 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1,
+ 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
+ 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 0x8E, 0xE7, 0xEB, 0x4A, 0x7C,
+ 0x0F, 0x9E, 0x16, 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, 0xCB, 0xB6,
+ 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5
+ };
+ static const unsigned char p256_order[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3, 0xB9,
+ 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+ };
+ static const unsigned char p256_encoding[] = {
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
+ };
+ static const ECParams ecdsa_known_P256_Params = {
+ NULL, ec_params_named, /* arena, type */
+ /* fieldID */
+ { 256, ec_field_GFp, /* size and type */
+ { { siBuffer, (unsigned char *)p256_prime, sizeof(p256_prime) } }, /* u.prime */
+ 0,
+ 0,
+ 0 },
+ /* curve */
+ { /* a = curvea b = curveb */
+ /* curve.a */
+ { siBuffer, (unsigned char *)p256_a, sizeof(p256_a) },
+ /* curve.b */
+ { siBuffer, (unsigned char *)p256_b, sizeof(p256_b) },
+ /* curve.seed */
+ { siBuffer, NULL, 0 } },
+ /* base = 04xy*/
+ { siBuffer, (unsigned char *)p256_base, sizeof(p256_base) },
+ /* order */
+ { siBuffer, (unsigned char *)p256_order, sizeof(p256_order) },
+ 1, /* cofactor */
+ /* DEREncoding */
+ { siBuffer, (unsigned char *)p256_encoding, sizeof(p256_encoding) },
+ ECCurve_X9_62_PRIME_256V1,
+ /* curveOID */
+ { siBuffer, (unsigned char *)(p256_encoding) + 2, sizeof(p256_encoding) - 2 },
+ };
+
+ static const PRUint8 ecdsa_known_P256_signature[] = {
+ 0x07, 0xb1, 0xcb, 0x57, 0x20, 0xa7, 0x10, 0xd6,
+ 0x9d, 0x37, 0x4b, 0x1c, 0xdc, 0x35, 0x90, 0xff,
+ 0x1a, 0x2d, 0x98, 0x95, 0x1b, 0x2f, 0xeb, 0x7f,
+ 0xbb, 0x81, 0xca, 0xc0, 0x69, 0x75, 0xea, 0xc5,
+ 0x59, 0x6a, 0x62, 0x49, 0x3d, 0x50, 0xc9, 0xe1,
+ 0x27, 0x3b, 0xff, 0x9b, 0x13, 0x66, 0x67, 0xdd,
+ 0x7d, 0xd1, 0x0d, 0x2d, 0x7c, 0x44, 0x04, 0x1b,
+ 0x16, 0x21, 0x12, 0xc5, 0xcb, 0xbd, 0x9e, 0x75
+ };
+
+ ECParams ecparams;
+
+ SECStatus rv;
+
+ /* ECDSA GF(p) prime field curve test */
+ ecparams = ecdsa_known_P256_Params;
+ rv = freebl_fips_ECDSA_Test(&ecparams,
+ ecdsa_known_P256_signature,
+ sizeof ecdsa_known_P256_signature);
+ if (rv != SECSuccess) {
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+#endif /* NSS_ENABLE_ECC */
+
+static SECStatus
+freebl_fips_DSA_PowerUpSelfTest(void)
+{
+ /* DSA Known P (1024-bits), Q (160-bits), and G (1024-bits) Values. */
+ static const PRUint8 dsa_P[] = {
+ 0x80, 0xb0, 0xd1, 0x9d, 0x6e, 0xa4, 0xf3, 0x28,
+ 0x9f, 0x24, 0xa9, 0x8a, 0x49, 0xd0, 0x0c, 0x63,
+ 0xe8, 0x59, 0x04, 0xf9, 0x89, 0x4a, 0x5e, 0xc0,
+ 0x6d, 0xd2, 0x67, 0x6b, 0x37, 0x81, 0x83, 0x0c,
+ 0xfe, 0x3a, 0x8a, 0xfd, 0xa0, 0x3b, 0x08, 0x91,
+ 0x1c, 0xcb, 0xb5, 0x63, 0xb0, 0x1c, 0x70, 0xd0,
+ 0xae, 0xe1, 0x60, 0x2e, 0x12, 0xeb, 0x54, 0xc7,
+ 0xcf, 0xc6, 0xcc, 0xae, 0x97, 0x52, 0x32, 0x63,
+ 0xd3, 0xeb, 0x55, 0xea, 0x2f, 0x4c, 0xd5, 0xd7,
+ 0x3f, 0xda, 0xec, 0x49, 0x27, 0x0b, 0x14, 0x56,
+ 0xc5, 0x09, 0xbe, 0x4d, 0x09, 0x15, 0x75, 0x2b,
+ 0xa3, 0x42, 0x0d, 0x03, 0x71, 0xdf, 0x0f, 0xf4,
+ 0x0e, 0xe9, 0x0c, 0x46, 0x93, 0x3d, 0x3f, 0xa6,
+ 0x6c, 0xdb, 0xca, 0xe5, 0xac, 0x96, 0xc8, 0x64,
+ 0x5c, 0xec, 0x4b, 0x35, 0x65, 0xfc, 0xfb, 0x5a,
+ 0x1b, 0x04, 0x1b, 0xa1, 0x0e, 0xfd, 0x88, 0x15
+ };
+
+ static const PRUint8 dsa_Q[] = {
+ 0xad, 0x22, 0x59, 0xdf, 0xe5, 0xec, 0x4c, 0x6e,
+ 0xf9, 0x43, 0xf0, 0x4b, 0x2d, 0x50, 0x51, 0xc6,
+ 0x91, 0x99, 0x8b, 0xcf
+ };
+
+ static const PRUint8 dsa_G[] = {
+ 0x78, 0x6e, 0xa9, 0xd8, 0xcd, 0x4a, 0x85, 0xa4,
+ 0x45, 0xb6, 0x6e, 0x5d, 0x21, 0x50, 0x61, 0xf6,
+ 0x5f, 0xdf, 0x5c, 0x7a, 0xde, 0x0d, 0x19, 0xd3,
+ 0xc1, 0x3b, 0x14, 0xcc, 0x8e, 0xed, 0xdb, 0x17,
+ 0xb6, 0xca, 0xba, 0x86, 0xa9, 0xea, 0x51, 0x2d,
+ 0xc1, 0xa9, 0x16, 0xda, 0xf8, 0x7b, 0x59, 0x8a,
+ 0xdf, 0xcb, 0xa4, 0x67, 0x00, 0x44, 0xea, 0x24,
+ 0x73, 0xe5, 0xcb, 0x4b, 0xaf, 0x2a, 0x31, 0x25,
+ 0x22, 0x28, 0x3f, 0x16, 0x10, 0x82, 0xf7, 0xeb,
+ 0x94, 0x0d, 0xdd, 0x09, 0x22, 0x14, 0x08, 0x79,
+ 0xba, 0x11, 0x0b, 0xf1, 0xff, 0x2d, 0x67, 0xac,
+ 0xeb, 0xb6, 0x55, 0x51, 0x69, 0x97, 0xa7, 0x25,
+ 0x6b, 0x9c, 0xa0, 0x9b, 0xd5, 0x08, 0x9b, 0x27,
+ 0x42, 0x1c, 0x7a, 0x69, 0x57, 0xe6, 0x2e, 0xed,
+ 0xa9, 0x5b, 0x25, 0xe8, 0x1f, 0xd2, 0xed, 0x1f,
+ 0xdf, 0xe7, 0x80, 0x17, 0xba, 0x0d, 0x4d, 0x38
+ };
+
+ /* DSA Known Random Values (known random key block is 160-bits) */
+ /* and (known random signature block is 160-bits). */
+ static const PRUint8 dsa_known_random_key_block[] = {
+ "Mozilla Rules World!"
+ };
+ static const PRUint8 dsa_known_random_signature_block[] = {
+ "Random DSA Signature"
+ };
+
+ /* DSA Known Digest (160-bits) */
+ static const PRUint8 dsa_known_digest[] = { "DSA Signature Digest" };
+
+ /* DSA Known Signature (320-bits). */
+ static const PRUint8 dsa_known_signature[] = {
+ 0x25, 0x7c, 0x3a, 0x79, 0x32, 0x45, 0xb7, 0x32,
+ 0x70, 0xca, 0x62, 0x63, 0x2b, 0xf6, 0x29, 0x2c,
+ 0x22, 0x2a, 0x03, 0xce, 0x48, 0x15, 0x11, 0x72,
+ 0x7b, 0x7e, 0xf5, 0x7a, 0xf3, 0x10, 0x3b, 0xde,
+ 0x34, 0xc1, 0x9e, 0xd7, 0x27, 0x9e, 0x77, 0x38
+ };
+
+ /* DSA variables. */
+ DSAPrivateKey *dsa_private_key;
+ SECStatus dsa_status;
+ SECItem dsa_signature_item;
+ SECItem dsa_digest_item;
+ DSAPublicKey dsa_public_key;
+ PRUint8 dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
+ static const PQGParams dsa_pqg = {
+ NULL,
+ { FIPS_DSA_TYPE, (unsigned char *)dsa_P, FIPS_DSA_PRIME_LENGTH },
+ { FIPS_DSA_TYPE, (unsigned char *)dsa_Q, FIPS_DSA_SUBPRIME_LENGTH },
+ { FIPS_DSA_TYPE, (unsigned char *)dsa_G, FIPS_DSA_BASE_LENGTH }
+ };
+
+ /*******************************************/
+ /* Generate a DSA public/private key pair. */
+ /*******************************************/
+
+ /* Generate a DSA public/private key pair. */
+ dsa_status = DSA_NewKeyFromSeed(&dsa_pqg, dsa_known_random_key_block,
+ &dsa_private_key);
+
+ if (dsa_status != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ /* construct public key from private key. */
+ dsa_public_key.params = dsa_private_key->params;
+ dsa_public_key.publicValue = dsa_private_key->publicValue;
+
+ /*************************************************/
+ /* DSA Single-Round Known Answer Signature Test. */
+ /*************************************************/
+
+ dsa_signature_item.data = dsa_computed_signature;
+ dsa_signature_item.len = sizeof dsa_computed_signature;
+
+ dsa_digest_item.data = (unsigned char *)dsa_known_digest;
+ dsa_digest_item.len = SHA1_LENGTH;
+
+ /* Perform DSA signature process. */
+ dsa_status = DSA_SignDigestWithSeed(dsa_private_key,
+ &dsa_signature_item,
+ &dsa_digest_item,
+ dsa_known_random_signature_block);
+
+ if ((dsa_status != SECSuccess) ||
+ (dsa_signature_item.len != FIPS_DSA_SIGNATURE_LENGTH) ||
+ (PORT_Memcmp(dsa_computed_signature, dsa_known_signature,
+ FIPS_DSA_SIGNATURE_LENGTH) != 0)) {
+ dsa_status = SECFailure;
+ } else {
+
+ /****************************************************/
+ /* DSA Single-Round Known Answer Verification Test. */
+ /****************************************************/
+
+ /* Perform DSA verification process. */
+ dsa_status = DSA_VerifyDigest(&dsa_public_key,
+ &dsa_signature_item,
+ &dsa_digest_item);
+ }
+
+ PORT_FreeArena(dsa_private_key->params.arena, PR_TRUE);
+ /* Don't free public key, it uses same arena as private key */
+
+ /* Verify DSA signature. */
+ if (dsa_status != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+freebl_fips_RNG_PowerUpSelfTest(void)
+{
+ static const PRUint8 Q[] = {
+ 0x85, 0x89, 0x9c, 0x77, 0xa3, 0x79, 0xff, 0x1a,
+ 0x86, 0x6f, 0x2f, 0x3e, 0x2e, 0xf9, 0x8c, 0x9c,
+ 0x9d, 0xef, 0xeb, 0xed
+ };
+ static const PRUint8 GENX[] = {
+ 0x65, 0x48, 0xe3, 0xca, 0xac, 0x64, 0x2d, 0xf7,
+ 0x7b, 0xd3, 0x4e, 0x79, 0xc9, 0x7d, 0xa6, 0xa8,
+ 0xa2, 0xc2, 0x1f, 0x8f, 0xe9, 0xb9, 0xd3, 0xa1,
+ 0x3f, 0xf7, 0x0c, 0xcd, 0xa6, 0xca, 0xbf, 0xce,
+ 0x84, 0x0e, 0xb6, 0xf1, 0x0d, 0xbe, 0xa9, 0xa3
+ };
+ static const PRUint8 rng_known_DSAX[] = {
+ 0x7a, 0x86, 0xf1, 0x7f, 0xbd, 0x4e, 0x6e, 0xd9,
+ 0x0a, 0x26, 0x21, 0xd0, 0x19, 0xcb, 0x86, 0x73,
+ 0x10, 0x1f, 0x60, 0xd7
+ };
+
+ SECStatus rng_status = SECSuccess;
+ PRUint8 DSAX[FIPS_DSA_SUBPRIME_LENGTH];
+
+ /*******************************************/
+ /* Run the SP 800-90 Health tests */
+ /*******************************************/
+ rng_status = PRNGTEST_RunHealthTests();
+ if (rng_status != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /*******************************************/
+ /* Generate DSAX fow given Q. */
+ /*******************************************/
+
+ rng_status = FIPS186Change_ReduceModQForDSA(GENX, Q, DSAX);
+
+ /* Verify DSAX to perform the RNG integrity check */
+ if ((rng_status != SECSuccess) ||
+ (PORT_Memcmp(DSAX, rng_known_DSAX,
+ (FIPS_DSA_SUBPRIME_LENGTH)) != 0)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+freebl_fipsSoftwareIntegrityTest(const char *libname)
+{
+ SECStatus rv = SECSuccess;
+
+ /* make sure that our check file signatures are OK */
+ if (!BLAPI_VerifySelf(libname)) {
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+#define DO_FREEBL 1
+#define DO_REST 2
+
+static SECStatus
+freebl_fipsPowerUpSelfTest(unsigned int tests)
+{
+ SECStatus rv;
+
+ /*
+ * stand alone freebl. Test hash, and rng
+ */
+ if (tests & DO_FREEBL) {
+
+ /* SHA-X Power-Up SelfTest(s). */
+ rv = freebl_fips_SHA_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* RNG Power-Up SelfTest(s). */
+ rv = freebl_fips_RNG_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+ }
+
+ /*
+ * test the rest of the algorithms not accessed through freebl
+ * standalone */
+ if (tests & DO_REST) {
+
+ /* DES3 Power-Up SelfTest(s). */
+ rv = freebl_fips_DES3_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* AES Power-Up SelfTest(s) for 128-bit key. */
+ rv = freebl_fips_AES_PowerUpSelfTest(FIPS_AES_128_KEY_SIZE);
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* AES Power-Up SelfTest(s) for 192-bit key. */
+ rv = freebl_fips_AES_PowerUpSelfTest(FIPS_AES_192_KEY_SIZE);
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* AES Power-Up SelfTest(s) for 256-bit key. */
+ rv = freebl_fips_AES_PowerUpSelfTest(FIPS_AES_256_KEY_SIZE);
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* HMAC SHA-X Power-Up SelfTest(s). */
+ rv = freebl_fips_HMAC_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* NOTE: RSA can only be tested in full freebl. It requires access to
+ * the locking primitives */
+ /* RSA Power-Up SelfTest(s). */
+ rv = freebl_fips_RSA_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+
+ /* DSA Power-Up SelfTest(s). */
+ rv = freebl_fips_DSA_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+
+#ifdef NSS_ENABLE_ECC
+ /* ECDSA Power-Up SelfTest(s). */
+ rv = freebl_fips_ECDSA_PowerUpSelfTest();
+
+ if (rv != SECSuccess)
+ return rv;
+#endif
+ }
+ /* Passed Power-Up SelfTest(s). */
+ return (SECSuccess);
+}
+
+/*
+ * state variables. NOTE: freebl has two uses: a standalone use which
+ * provided limitted access to the hash functions throught the NSSLOWHASH_
+ * interface and an joint use from softoken, using the function pointer
+ * table. The standalone use can operation without nspr or nss-util, while
+ * the joint use requires both to be loaded. Certain functions (like RSA)
+ * needs locking from NSPR, for instance.
+ *
+ * At load time, we need to handle the two uses separately. If nspr and
+ * nss-util are loaded, then we can run all the selftests, but if nspr and
+ * nss-util are not loaded, then we can't run all the selftests, and we need
+ * to prevent the softoken function pointer table from operating until the
+ * libraries are loaded and we try to use them.
+ */
+static PRBool self_tests_freebl_ran = PR_FALSE;
+static PRBool self_tests_ran = PR_FALSE;
+static PRBool self_tests_freebl_success = PR_FALSE;
+static PRBool self_tests_success = PR_FALSE;
+#if defined(DEBUG)
+static PRBool fips_mode_available = PR_FALSE;
+#endif
+
+/*
+ * accessors for freebl
+ */
+PRBool
+BL_POSTRan(PRBool freebl_only)
+{
+ SECStatus rv;
+ /* if the freebl self tests didn't run, there is something wrong with
+ * our on load tests */
+ if (!self_tests_freebl_ran) {
+ return PR_FALSE;
+ }
+ /* if all the self tests have run, we are good */
+ if (self_tests_ran) {
+ return PR_TRUE;
+ }
+ /* if we only care about the freebl tests, we are good */
+ if (freebl_only) {
+ return PR_TRUE;
+ }
+ /* run the rest of the self tests */
+ /* We could get there if freebl was loaded without the rest of the support
+ * libraries, but now we want to use more than just a standalone freebl.
+ * This requires the other libraries to be loaded.
+ * If they are now loaded, Try to run the rest of the selftests,
+ * otherwise fail (disabling access to these algorithms) */
+ self_tests_ran = PR_TRUE;
+ BL_Init(); /* required by RSA */
+ RNG_RNGInit(); /* required by RSA */
+ rv = freebl_fipsPowerUpSelfTest(DO_REST);
+ if (rv == SECSuccess) {
+ self_tests_success = PR_TRUE;
+ }
+ return PR_TRUE;
+}
+
+#include "blname.c"
+
+/*
+ * This function is called at dll load time, the code tha makes this
+ * happen is platform specific on defined above.
+ */
+static void
+bl_startup_tests(void)
+{
+ const char *libraryName;
+ PRBool freebl_only = PR_FALSE;
+ SECStatus rv;
+
+ PORT_Assert(self_tests_freebl_ran == PR_FALSE);
+ PORT_Assert(self_tests_success == PR_FALSE);
+ PORT_Assert(fips_mode_available == PR_FALSE);
+ self_tests_freebl_ran = PR_TRUE; /* we are running the tests */
+ self_tests_success = PR_FALSE; /* force it just in case */
+ self_tests_freebl_success = PR_FALSE; /* force it just in case */
+
+#ifdef FREEBL_NO_DEPEND
+ rv = FREEBL_InitStubs();
+ if (rv != SECSuccess) {
+ freebl_only = PR_TRUE;
+ }
+#endif
+
+ self_tests_freebl_ran = PR_TRUE; /* we are running the tests */
+
+ if (!freebl_only) {
+ self_tests_ran = PR_TRUE; /* we're running all the tests */
+ BL_Init(); /* needs to be called before RSA can be used */
+ RNG_RNGInit();
+ }
+
+ /* always run the post tests */
+ rv = freebl_fipsPowerUpSelfTest(freebl_only ? DO_FREEBL : DO_FREEBL | DO_REST);
+ if (rv != SECSuccess) {
+ return;
+ }
+
+ libraryName = getLibName();
+ rv = freebl_fipsSoftwareIntegrityTest(libraryName);
+ if (rv != SECSuccess) {
+ return;
+ }
+
+ /* posts are happy, allow the fips module to function now */
+ self_tests_freebl_success = PR_TRUE; /* we always test the freebl stuff */
+ if (!freebl_only) {
+ self_tests_success = PR_TRUE;
+ }
+}
+
+/*
+ * this is called from the freebl init entry points that controll access to
+ * all other freebl functions. This prevents freebl from operating if our
+ * power on selftest failed.
+ */
+SECStatus
+BL_FIPSEntryOK(PRBool freebl_only)
+{
+#ifdef NSS_NO_INIT_SUPPORT
+ /* this should only be set on platforms that can't handle one of the INIT
+ * schemes. This code allows those platforms to continue to function,
+ * though they don't meet the strict NIST requirements. If NSS_NO_INIT_SUPPORT
+ * is not set, and init support has not been properly enabled, freebl
+ * will always fail because of the test below
+ */
+ if (!self_tests_freebl_ran) {
+ bl_startup_tests();
+ }
+#endif
+ /* if the general self tests succeeded, we're done */
+ if (self_tests_success) {
+ return SECSuccess;
+ }
+ /* standalone freebl can initialize */
+ if (freebl_only & self_tests_freebl_success) {
+ return SECSuccess;
+ }
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+}
diff --git a/security/nss/lib/freebl/freebl.def b/security/nss/lib/freebl/freebl.def
new file mode 100644
index 000000000..164c843fd
--- /dev/null
+++ b/security/nss/lib/freebl/freebl.def
@@ -0,0 +1,26 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSSprivate_3.11 { # NSS 3.11 release
+;+ global:
+LIBRARY freebl3 ;-
+EXPORTS ;-
+FREEBL_GetVector;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/freebl/freebl.gyp b/security/nss/lib/freebl/freebl.gyp
new file mode 100644
index 000000000..f5ae232ec
--- /dev/null
+++ b/security/nss/lib/freebl/freebl.gyp
@@ -0,0 +1,408 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'intel-gcm-wrap_c_lib',
+ 'type': 'static_library',
+ 'sources': [
+ 'intel-gcm-wrap.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ],
+ 'cflags': [
+ '-mssse3'
+ ],
+ 'cflags_mozilla': [
+ '-mssse3'
+ ]
+ },
+ {
+ 'target_name': 'freebl',
+ 'type': 'static_library',
+ 'sources': [
+ 'loader.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ },
+ {
+ 'target_name': '<(freebl_name)',
+ 'type': 'shared_library',
+ 'sources': [
+ 'aeskeywrap.c',
+ 'alg2268.c',
+ 'alghmac.c',
+ 'arcfive.c',
+ 'arcfour.c',
+ 'camellia.c',
+ 'chacha20poly1305.c',
+ 'ctr.c',
+ 'cts.c',
+ 'des.c',
+ 'desblapi.c',
+ 'dh.c',
+ 'drbg.c',
+ 'dsa.c',
+ 'ec.c',
+ 'ecdecode.c',
+ 'ecl/ec_naf.c',
+ 'ecl/ecl.c',
+ 'ecl/ecl_curve.c',
+ 'ecl/ecl_gf.c',
+ 'ecl/ecl_mult.c',
+ 'ecl/ecp_25519.c',
+ 'ecl/ecp_256.c',
+ 'ecl/ecp_256_32.c',
+ 'ecl/ecp_384.c',
+ 'ecl/ecp_521.c',
+ 'ecl/ecp_aff.c',
+ 'ecl/ecp_jac.c',
+ 'ecl/ecp_jm.c',
+ 'ecl/ecp_mont.c',
+ 'fipsfreebl.c',
+ 'freeblver.c',
+ 'gcm.c',
+ 'hmacct.c',
+ 'jpake.c',
+ 'ldvector.c',
+ 'md2.c',
+ 'md5.c',
+ 'mpi/mp_gf2m.c',
+ 'mpi/mpcpucache.c',
+ 'mpi/mpi.c',
+ 'mpi/mplogic.c',
+ 'mpi/mpmontg.c',
+ 'mpi/mpprime.c',
+ 'pqg.c',
+ 'rawhash.c',
+ 'rijndael.c',
+ 'rsa.c',
+ 'rsapkcs.c',
+ 'seed.c',
+ 'sha512.c',
+ 'sha_fast.c',
+ 'shvfy.c',
+ 'sysrand.c',
+ 'tlsprfalg.c'
+ ],
+ 'conditions': [
+ [ 'OS=="linux"', {
+ 'sources': [
+ 'nsslowhash.c',
+ 'stubs.c',
+ ],
+ 'conditions': [
+ [ 'test_build==1', {
+ 'dependencies': [
+ '<(DEPTH)/lib/util/util.gyp:nssutil3',
+ ],
+ }],
+ [ 'target_arch=="x64"', {
+ 'sources': [
+ 'arcfour-amd64-gas.s',
+ 'intel-aes.s',
+ 'intel-gcm.s',
+ 'mpi/mpi_amd64.c',
+ 'mpi/mpi_amd64_gas.s',
+ 'mpi/mp_comba.c',
+ ],
+ 'dependencies': [
+ 'intel-gcm-wrap_c_lib',
+ ],
+ 'conditions': [
+ [ 'cc_is_clang==1', {
+ 'cflags': [
+ '-no-integrated-as',
+ ],
+ 'cflags_mozilla': [
+ '-no-integrated-as',
+ ],
+ 'asflags_mozilla': [
+ '-no-integrated-as',
+ ],
+ }],
+ ],
+ }],
+ [ 'target_arch=="ia32"', {
+ 'sources': [
+ 'mpi/mpi_x86.s',
+ ],
+ }],
+ [ 'target_arch=="arm"', {
+ 'sources': [
+ 'mpi/mpi_arm.c',
+ ],
+ }],
+ ],
+ }, {
+ # not Linux
+ 'conditions': [
+ [ 'moz_fold_libs==0', {
+ 'dependencies': [
+ '../util/util.gyp:nssutil3',
+ ],
+ }, {
+ 'libraries': [
+ '<(moz_folded_library_name)',
+ ],
+ }],
+ ],
+ }],
+ [ 'OS=="win"', {
+ 'sources': [
+ #TODO: building with mingw should not need this.
+ 'ecl/uint128.c',
+ #TODO: clang-cl needs -msse3 here
+ 'intel-gcm-wrap.c',
+ ],
+ 'libraries': [
+ 'advapi32.lib',
+ ],
+ 'conditions': [
+ [ 'target_arch=="x64"', {
+ 'sources': [
+ 'arcfour-amd64-masm.asm',
+ 'mpi/mpi_amd64.c',
+ 'mpi/mpi_amd64_masm.asm',
+ 'mpi/mp_comba_amd64_masm.asm',
+ 'intel-aes-x64-masm.asm',
+ 'intel-gcm-x64-masm.asm',
+ ],
+ }, {
+ # not x64
+ 'sources': [
+ 'mpi/mpi_x86_asm.c',
+ 'intel-aes-x86-masm.asm',
+ 'intel-gcm-x86-masm.asm',
+ ],
+ }],
+ ],
+ }],
+ ['target_arch=="ia32" or target_arch=="x64"', {
+ 'sources': [
+ # All intel architectures get the 64 bit version
+ 'ecl/curve25519_64.c',
+ ],
+ }, {
+ 'sources': [
+ # All non intel architectures get the generic 32 bit implementation (slow!)
+ 'ecl/curve25519_32.c',
+ ],
+ }],
+ #TODO uint128.c
+ [ 'disable_chachapoly==0', {
+ 'conditions': [
+ [ 'OS!="win" and target_arch=="x64"', {
+ 'sources': [
+ 'chacha20_vec.c',
+ 'poly1305-donna-x64-sse2-incremental-source.c',
+ ],
+ }, {
+ # not x64
+ 'sources': [
+ 'chacha20.c',
+ 'poly1305.c',
+ ],
+ }],
+ ],
+ }],
+ [ 'fuzz==1', {
+ 'sources': [
+ 'det_rng.c',
+ ],
+ 'defines': [
+ 'UNSAFE_FUZZER_MODE',
+ ],
+ }],
+ [ 'test_build==1', {
+ 'defines': [
+ 'CT_VERIF',
+ ],
+ }],
+ [ 'OS=="mac"', {
+ 'conditions': [
+ [ 'target_arch=="ia32"', {
+ 'sources': [
+ 'mpi/mpi_sse2.s',
+ ],
+ 'defines': [
+ 'MP_USE_UINT_DIGIT',
+ 'MP_ASSEMBLY_MULTIPLY',
+ 'MP_ASSEMBLY_SQUARE',
+ 'MP_ASSEMBLY_DIV_2DX1D',
+ ],
+ }],
+ ],
+ }],
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ ],
+ 'variables': {
+ 'conditions': [
+ [ 'OS=="linux"', {
+ 'mapfile': 'freebl_hash_vector.def',
+ }, {
+ 'mapfile': 'freebl.def',
+ }],
+ ]
+ },
+ 'ldflags': [
+ '-Wl,-Bsymbolic'
+ ]
+ },
+ ],
+ 'conditions': [
+ [ 'OS=="linux"', {
+ # stub build
+ 'targets': [
+ {
+ 'target_name': 'freebl3',
+ 'type': 'shared_library',
+ 'defines': [
+ 'FREEBL_NO_DEPEND',
+ ],
+ 'sources': [
+ 'lowhash_vector.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ],
+ 'variables': {
+ 'mapfile': 'freebl_hash.def'
+ }
+ },
+ ],
+ }],
+ ],
+ 'target_defaults': {
+ 'include_dirs': [
+ 'mpi',
+ 'ecl'
+ ],
+ 'defines': [
+ 'SHLIB_SUFFIX=\"<(dll_suffix)\"',
+ 'SHLIB_PREFIX=\"<(dll_prefix)\"',
+ 'SHLIB_VERSION=\"3\"',
+ 'SOFTOKEN_SHLIB_VERSION=\"3\"',
+ 'RIJNDAEL_INCLUDE_TABLES',
+ 'MP_API_COMPATIBLE'
+ ],
+ 'conditions': [
+ [ 'OS=="win" and target_arch=="ia32"', {
+ 'msvs_settings': {
+ 'VCCLCompilerTool': {
+ #TODO: -Ox optimize flags
+ 'PreprocessorDefinitions': [
+ 'NSS_X86_OR_X64',
+ 'NSS_X86',
+ 'MP_ASSEMBLY_MULTIPLY',
+ 'MP_ASSEMBLY_SQUARE',
+ 'MP_ASSEMBLY_DIV_2DX1D',
+ 'MP_USE_UINT_DIGIT',
+ 'MP_NO_MP_WORD',
+ 'USE_HW_AES',
+ 'INTEL_GCM',
+ ],
+ },
+ },
+ }],
+ [ 'OS=="win" and target_arch=="x64"', {
+ 'msvs_settings': {
+ 'VCCLCompilerTool': {
+ #TODO: -Ox optimize flags
+ 'PreprocessorDefinitions': [
+ 'NSS_USE_64',
+ 'NSS_X86_OR_X64',
+ 'NSS_X64',
+ 'MP_IS_LITTLE_ENDIAN',
+ 'NSS_BEVAND_ARCFOUR',
+ 'MPI_AMD64',
+ 'MP_ASSEMBLY_MULTIPLY',
+ 'NSS_USE_COMBA',
+ 'USE_HW_AES',
+ 'INTEL_GCM',
+ ],
+ },
+ },
+ }],
+ [ 'OS!="win"', {
+ 'conditions': [
+ [ 'target_arch=="x64"', {
+ 'defines': [
+ 'NSS_USE_64',
+ 'NSS_X86_OR_X64',
+ 'NSS_X64',
+ # The Makefile does version-tests on GCC, but we're not doing that here.
+ 'HAVE_INT128_SUPPORT',
+ ],
+ }, {
+ 'sources': [
+ 'ecl/uint128.c',
+ ],
+ }],
+ [ 'target_arch=="ia32"', {
+ 'defines': [
+ 'NSS_X86_OR_X64',
+ 'NSS_X86',
+ ],
+ }],
+ ],
+ }],
+ [ 'OS=="linux"', {
+ 'defines': [
+ 'FREEBL_LOWHASH',
+ ],
+ 'conditions': [
+ [ 'test_build==0', {
+ 'defines': [
+ 'FREEBL_NO_DEPEND',
+ ],
+ }],
+ [ 'target_arch=="x64"', {
+ 'defines': [
+ 'MP_IS_LITTLE_ENDIAN',
+ 'NSS_BEVAND_ARCFOUR',
+ 'MPI_AMD64',
+ 'MP_ASSEMBLY_MULTIPLY',
+ 'NSS_USE_COMBA',
+ ],
+ }],
+ [ 'target_arch=="x64" and use_msan==0', {
+ 'defines': [
+ 'USE_HW_AES',
+ 'INTEL_GCM',
+ ],
+ }],
+ [ 'target_arch=="ia32"', {
+ 'defines': [
+ 'MP_IS_LITTLE_ENDIAN',
+ 'MP_ASSEMBLY_MULTIPLY',
+ 'MP_ASSEMBLY_SQUARE',
+ 'MP_ASSEMBLY_DIV_2DX1D',
+ 'MP_USE_UINT_DIGIT',
+ ],
+ }],
+ [ 'target_arch=="arm"', {
+ 'defines': [
+ 'MP_ASSEMBLY_MULTIPLY',
+ 'MP_ASSEMBLY_SQUARE',
+ 'MP_USE_UINT_DIGIT',
+ 'SHA_NO_LONG_LONG',
+ ],
+ }],
+ ],
+ }],
+ ],
+ },
+ 'variables': {
+ 'module': 'nss',
+ }
+}
diff --git a/security/nss/lib/freebl/freebl.rc b/security/nss/lib/freebl/freebl.rc
new file mode 100644
index 000000000..444ae5d03
--- /dev/null
+++ b/security/nss/lib/freebl/freebl.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "softkver.h"
+#include <winver.h>
+
+#define MY_LIBNAME "freebl"
+#define MY_FILEDESCRIPTION "NSS freebl Library"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define SOFTOKEN_VMAJOR_STR STRINGIZE2(SOFTOKEN_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if SOFTOKEN_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME SOFTOKEN_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,SOFTOKEN_VBUILD
+ PRODUCTVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,SOFTOKEN_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", SOFTOKEN_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", SOFTOKEN_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/freebl/freebl_hash.def b/security/nss/lib/freebl/freebl_hash.def
new file mode 100644
index 000000000..9fd27367e
--- /dev/null
+++ b/security/nss/lib/freebl/freebl_hash.def
@@ -0,0 +1,39 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSSprivate_3.11 { # NSS 3.11 release
+;+ global:
+LIBRARY freebl3 ;-
+EXPORTS ;-
+FREEBL_GetVector;
+;+ local:
+;+ *;
+;+};
+;+NSSRAWHASH_3.12.3 { # NSS 3.12.3 release
+;+ global:
+NSSLOW_Init;
+NSSLOW_Shutdown;
+NSSLOWHASH_Length;
+NSSLOWHASH_Begin;
+NSSLOWHASH_Destroy;
+NSSLOWHASH_End;
+NSSLOWHASH_NewContext;
+NSSLOWHASH_Update;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/freebl/freebl_hash_vector.def b/security/nss/lib/freebl/freebl_hash_vector.def
new file mode 100644
index 000000000..9d7d07d54
--- /dev/null
+++ b/security/nss/lib/freebl/freebl_hash_vector.def
@@ -0,0 +1,34 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSSprivate_3.11 { # NSS 3.11 release
+;+ global:
+LIBRARY freebl3 ;-
+EXPORTS ;-
+FREEBL_GetVector;
+;+ local:
+;+ *;
+;+};
+;+NSSprivate_3.16 { # NSS 3.11 release
+;+ global:
+LIBRARY freebl3 ;-
+EXPORTS ;-
+NSSLOW_GetVector;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/freebl/freeblver.c b/security/nss/lib/freebl/freeblver.c
new file mode 100644
index 000000000..9136f0b0b
--- /dev/null
+++ b/security/nss/lib/freebl/freeblver.c
@@ -0,0 +1,18 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Library identity and versioning */
+
+#include "softkver.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_freebl_version[] = "Version: NSS " SOFTOKEN_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/freebl/gcm.c b/security/nss/lib/freebl/gcm.c
new file mode 100644
index 000000000..22121001b
--- /dev/null
+++ b/security/nss/lib/freebl/gcm.c
@@ -0,0 +1,860 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+#include "blapii.h"
+#include "blapit.h"
+#include "gcm.h"
+#include "ctr.h"
+#include "secerr.h"
+#include "prtypes.h"
+#include "pkcs11t.h"
+
+#include <limits.h>
+
+/**************************************************************************
+ * First implement the Galois hash function of GCM (gcmHash) *
+ **************************************************************************/
+#define GCM_HASH_LEN_LEN 8 /* gcm hash defines lengths to be 64 bits */
+
+typedef struct gcmHashContextStr gcmHashContext;
+
+static SECStatus gcmHash_InitContext(gcmHashContext *hash,
+ const unsigned char *H,
+ unsigned int blocksize);
+static void gcmHash_DestroyContext(gcmHashContext *ghash, PRBool freeit);
+static SECStatus gcmHash_Update(gcmHashContext *ghash,
+ const unsigned char *buf, unsigned int len,
+ unsigned int blocksize);
+static SECStatus gcmHash_Sync(gcmHashContext *ghash, unsigned int blocksize);
+static SECStatus gcmHash_Final(gcmHashContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ unsigned int blocksize);
+static SECStatus gcmHash_Reset(gcmHashContext *ghash,
+ const unsigned char *inbuf,
+ unsigned int inbufLen, unsigned int blocksize);
+
+/* compile time defines to select how the GF2 multiply is calculated.
+ * There are currently 2 algorithms implemented here: MPI and ALGORITHM_1.
+ *
+ * MPI uses the GF2m implemented in mpi to support GF2 ECC.
+ * ALGORITHM_1 is the Algorithm 1 in both NIST SP 800-38D and
+ * "The Galois/Counter Mode of Operation (GCM)", McGrew & Viega.
+ */
+#if !defined(GCM_USE_ALGORITHM_1) && !defined(GCM_USE_MPI)
+#define GCM_USE_MPI 1 /* MPI is about 5x faster with the \
+ * same or less complexity. It's possible to use \
+ * tables to speed things up even more */
+#endif
+
+/* GCM defines the bit string to be LSB first, which is exactly
+ * opposite everyone else, including hardware. build array
+ * to reverse everything. */
+static const unsigned char gcm_byte_rev[256] = {
+ 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0,
+ 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0,
+ 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8,
+ 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8,
+ 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4,
+ 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4,
+ 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec,
+ 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc,
+ 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2,
+ 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2,
+ 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea,
+ 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa,
+ 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6,
+ 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6,
+ 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee,
+ 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe,
+ 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1,
+ 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1,
+ 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9,
+ 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9,
+ 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5,
+ 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5,
+ 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed,
+ 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd,
+ 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3,
+ 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3,
+ 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb,
+ 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb,
+ 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7,
+ 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7,
+ 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef,
+ 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff
+};
+
+#ifdef GCM_TRACE
+#include <stdio.h>
+
+#define GCM_TRACE_X(ghash, label) \
+ { \
+ unsigned char _X[MAX_BLOCK_SIZE]; \
+ int i; \
+ gcm_getX(ghash, _X, blocksize); \
+ printf(label, (ghash)->m); \
+ for (i = 0; i < blocksize; i++) \
+ printf("%02x", _X[i]); \
+ printf("\n"); \
+ }
+#define GCM_TRACE_BLOCK(label, buf, blocksize) \
+ { \
+ printf(label); \
+ for (i = 0; i < blocksize; i++) \
+ printf("%02x", buf[i]); \
+ printf("\n"); \
+ }
+#else
+#define GCM_TRACE_X(ghash, label)
+#define GCM_TRACE_BLOCK(label, buf, blocksize)
+#endif
+
+#ifdef GCM_USE_MPI
+
+#ifdef GCM_USE_ALGORITHM_1
+#error "Only define one of GCM_USE_MPI, GCM_USE_ALGORITHM_1"
+#endif
+/* use the MPI functions to calculate Xn = (Xn-1^C_i)*H mod poly */
+#include "mpi.h"
+#include "secmpi.h"
+#include "mplogic.h"
+#include "mp_gf2m.h"
+
+/* state needed to handle GCM Hash function */
+struct gcmHashContextStr {
+ mp_int H;
+ mp_int X;
+ mp_int C_i;
+ const unsigned int *poly;
+ unsigned char buffer[MAX_BLOCK_SIZE];
+ unsigned int bufLen;
+ int m; /* XXX what is m? */
+ unsigned char counterBuf[2 * GCM_HASH_LEN_LEN];
+ PRUint64 cLen;
+};
+
+/* f = x^128 + x^7 + x^2 + x + 1 */
+static const unsigned int poly_128[] = { 128, 7, 2, 1, 0 };
+
+/* sigh, GCM defines the bit strings exactly backwards from everything else */
+static void
+gcm_reverse(unsigned char *target, const unsigned char *src,
+ unsigned int blocksize)
+{
+ unsigned int i;
+ for (i = 0; i < blocksize; i++) {
+ target[blocksize - i - 1] = gcm_byte_rev[src[i]];
+ }
+}
+
+/* Initialize a gcmHashContext */
+static SECStatus
+gcmHash_InitContext(gcmHashContext *ghash, const unsigned char *H,
+ unsigned int blocksize)
+{
+ mp_err err = MP_OKAY;
+ unsigned char H_rev[MAX_BLOCK_SIZE];
+
+ MP_DIGITS(&ghash->H) = 0;
+ MP_DIGITS(&ghash->X) = 0;
+ MP_DIGITS(&ghash->C_i) = 0;
+ CHECK_MPI_OK(mp_init(&ghash->H));
+ CHECK_MPI_OK(mp_init(&ghash->X));
+ CHECK_MPI_OK(mp_init(&ghash->C_i));
+
+ mp_zero(&ghash->X);
+ gcm_reverse(H_rev, H, blocksize);
+ CHECK_MPI_OK(mp_read_unsigned_octets(&ghash->H, H_rev, blocksize));
+
+ /* set the irreducible polynomial. Each blocksize has its own polynomial.
+ * for now only blocksize 16 (=128 bits) is defined */
+ switch (blocksize) {
+ case 16: /* 128 bits */
+ ghash->poly = poly_128;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+ ghash->cLen = 0;
+ ghash->bufLen = 0;
+ ghash->m = 0;
+ PORT_Memset(ghash->counterBuf, 0, sizeof(ghash->counterBuf));
+ return SECSuccess;
+cleanup:
+ gcmHash_DestroyContext(ghash, PR_FALSE);
+ return SECFailure;
+}
+
+/* Destroy a HashContext (Note we zero the digits so this function
+ * is idempotent if called with freeit == PR_FALSE */
+static void
+gcmHash_DestroyContext(gcmHashContext *ghash, PRBool freeit)
+{
+ mp_clear(&ghash->H);
+ mp_clear(&ghash->X);
+ mp_clear(&ghash->C_i);
+ PORT_Memset(ghash, 0, sizeof(gcmHashContext));
+ if (freeit) {
+ PORT_Free(ghash);
+ }
+}
+
+static SECStatus
+gcm_getX(gcmHashContext *ghash, unsigned char *T, unsigned int blocksize)
+{
+ int len;
+ mp_err err;
+ unsigned char tmp_buf[MAX_BLOCK_SIZE];
+ unsigned char *X;
+
+ len = mp_unsigned_octet_size(&ghash->X);
+ if (len <= 0) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ X = tmp_buf;
+ PORT_Assert((unsigned int)len <= blocksize);
+ if ((unsigned int)len > blocksize) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* zero pad the result */
+ if (len != blocksize) {
+ PORT_Memset(X, 0, blocksize - len);
+ X += blocksize - len;
+ }
+
+ err = mp_to_unsigned_octets(&ghash->X, X, len);
+ if (err < 0) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ gcm_reverse(T, tmp_buf, blocksize);
+ return SECSuccess;
+}
+
+static SECStatus
+gcm_HashMult(gcmHashContext *ghash, const unsigned char *buf,
+ unsigned int count, unsigned int blocksize)
+{
+ SECStatus rv = SECFailure;
+ mp_err err = MP_OKAY;
+ unsigned char tmp_buf[MAX_BLOCK_SIZE];
+ unsigned int i;
+
+ for (i = 0; i < count; i++, buf += blocksize) {
+ ghash->m++;
+ gcm_reverse(tmp_buf, buf, blocksize);
+ CHECK_MPI_OK(mp_read_unsigned_octets(&ghash->C_i, tmp_buf, blocksize));
+ CHECK_MPI_OK(mp_badd(&ghash->X, &ghash->C_i, &ghash->C_i));
+ /*
+ * Looking to speed up GCM, this the the place to do it.
+ * There are two areas that can be exploited to speed up this code.
+ *
+ * 1) H is a constant in this multiply. We can precompute H * (0 - 255)
+ * at init time and this becomes an blockize xors of our table lookup.
+ *
+ * 2) poly is a constant for each blocksize. We can calculate the
+ * modulo reduction by a series of adds and shifts.
+ *
+ * For now we are after functionality, so we will go ahead and use
+ * the builtin bmulmod from mpi
+ */
+ CHECK_MPI_OK(mp_bmulmod(&ghash->C_i, &ghash->H,
+ ghash->poly, &ghash->X));
+ GCM_TRACE_X(ghash, "X%d = ")
+ }
+ rv = SECSuccess;
+cleanup:
+ PORT_Memset(tmp_buf, 0, sizeof(tmp_buf));
+ if (rv != SECSuccess) {
+ MP_TO_SEC_ERROR(err);
+ }
+ return rv;
+}
+
+static void
+gcm_zeroX(gcmHashContext *ghash)
+{
+ mp_zero(&ghash->X);
+ ghash->m = 0;
+}
+
+#endif
+
+#ifdef GCM_USE_ALGORITHM_1
+/* use algorithm 1 of McGrew & Viega "The Galois/Counter Mode of Operation" */
+
+#define GCM_ARRAY_SIZE (MAX_BLOCK_SIZE / sizeof(unsigned long))
+
+struct gcmHashContextStr {
+ unsigned long H[GCM_ARRAY_SIZE];
+ unsigned long X[GCM_ARRAY_SIZE];
+ unsigned long R;
+ unsigned char buffer[MAX_BLOCK_SIZE];
+ unsigned int bufLen;
+ int m;
+ unsigned char counterBuf[2 * GCM_HASH_LEN_LEN];
+ PRUint64 cLen;
+};
+
+static void
+gcm_bytes_to_longs(unsigned long *l, const unsigned char *c, unsigned int len)
+{
+ int i, j;
+ int array_size = len / sizeof(unsigned long);
+
+ PORT_Assert(len % sizeof(unsigned long) == 0);
+ for (i = 0; i < array_size; i++) {
+ unsigned long tmp = 0;
+ int byte_offset = i * sizeof(unsigned long);
+ for (j = sizeof(unsigned long) - 1; j >= 0; j--) {
+ tmp = (tmp << PR_BITS_PER_BYTE) | gcm_byte_rev[c[byte_offset + j]];
+ }
+ l[i] = tmp;
+ }
+}
+
+static void
+gcm_longs_to_bytes(const unsigned long *l, unsigned char *c, unsigned int len)
+{
+ int i, j;
+ int array_size = len / sizeof(unsigned long);
+
+ PORT_Assert(len % sizeof(unsigned long) == 0);
+ for (i = 0; i < array_size; i++) {
+ unsigned long tmp = l[i];
+ int byte_offset = i * sizeof(unsigned long);
+ for (j = 0; j < sizeof(unsigned long); j++) {
+ c[byte_offset + j] = gcm_byte_rev[tmp & 0xff];
+ tmp = (tmp >> PR_BITS_PER_BYTE);
+ }
+ }
+}
+
+/* Initialize a gcmHashContext */
+static SECStatus
+gcmHash_InitContext(gcmHashContext *ghash, const unsigned char *H,
+ unsigned int blocksize)
+{
+ PORT_Memset(ghash->X, 0, sizeof(ghash->X));
+ PORT_Memset(ghash->H, 0, sizeof(ghash->H));
+ gcm_bytes_to_longs(ghash->H, H, blocksize);
+
+ /* set the irreducible polynomial. Each blocksize has its own polynommial
+ * for now only blocksize 16 (=128 bits) is defined */
+ switch (blocksize) {
+ case 16: /* 128 bits */
+ ghash->R = (unsigned long)0x87; /* x^7 + x^2 + x +1 */
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto cleanup;
+ }
+ ghash->cLen = 0;
+ ghash->bufLen = 0;
+ ghash->m = 0;
+ PORT_Memset(ghash->counterBuf, 0, sizeof(ghash->counterBuf));
+ return SECSuccess;
+cleanup:
+ return SECFailure;
+}
+
+/* Destroy a HashContext (Note we zero the digits so this function
+ * is idempotent if called with freeit == PR_FALSE */
+static void
+gcmHash_DestroyContext(gcmHashContext *ghash, PRBool freeit)
+{
+ PORT_Memset(ghash, 0, sizeof(gcmHashContext));
+ if (freeit) {
+ PORT_Free(ghash);
+ }
+}
+
+static unsigned long
+gcm_shift_one(unsigned long *t, unsigned int count)
+{
+ unsigned long carry = 0;
+ unsigned long nextcarry = 0;
+ unsigned int i;
+ for (i = 0; i < count; i++) {
+ nextcarry = t[i] >> ((sizeof(unsigned long) * PR_BITS_PER_BYTE) - 1);
+ t[i] = (t[i] << 1) | carry;
+ carry = nextcarry;
+ }
+ return carry;
+}
+
+static SECStatus
+gcm_getX(gcmHashContext *ghash, unsigned char *T, unsigned int blocksize)
+{
+ gcm_longs_to_bytes(ghash->X, T, blocksize);
+ return SECSuccess;
+}
+
+#define GCM_XOR(t, s, len) \
+ for (l = 0; l < len; l++) \
+ t[l] ^= s[l]
+
+static SECStatus
+gcm_HashMult(gcmHashContext *ghash, const unsigned char *buf,
+ unsigned int count, unsigned int blocksize)
+{
+ unsigned long C_i[GCM_ARRAY_SIZE];
+ unsigned int arraysize = blocksize / sizeof(unsigned long);
+ unsigned int i, j, k, l;
+
+ for (i = 0; i < count; i++, buf += blocksize) {
+ ghash->m++;
+ gcm_bytes_to_longs(C_i, buf, blocksize);
+ GCM_XOR(C_i, ghash->X, arraysize);
+ /* multiply X = C_i * H */
+ PORT_Memset(ghash->X, 0, sizeof(ghash->X));
+ for (j = 0; j < arraysize; j++) {
+ unsigned long H = ghash->H[j];
+ for (k = 0; k < sizeof(unsigned long) * PR_BITS_PER_BYTE; k++) {
+ if (H & 1) {
+ GCM_XOR(ghash->X, C_i, arraysize);
+ }
+ if (gcm_shift_one(C_i, arraysize)) {
+ C_i[0] = C_i[0] ^ ghash->R;
+ }
+ H = H >> 1;
+ }
+ }
+ GCM_TRACE_X(ghash, "X%d = ")
+ }
+ PORT_Memset(C_i, 0, sizeof(C_i));
+ return SECSuccess;
+}
+
+static void
+gcm_zeroX(gcmHashContext *ghash)
+{
+ PORT_Memset(ghash->X, 0, sizeof(ghash->X));
+ ghash->m = 0;
+}
+#endif
+
+/*
+ * implement GCM GHASH using the freebl GHASH function. The gcm_HashMult
+ * function always takes blocksize lengths of data. gcmHash_Update will
+ * format the data properly.
+ */
+static SECStatus
+gcmHash_Update(gcmHashContext *ghash, const unsigned char *buf,
+ unsigned int len, unsigned int blocksize)
+{
+ unsigned int blocks;
+ SECStatus rv;
+
+ ghash->cLen += (len * PR_BITS_PER_BYTE);
+
+ /* first deal with the current buffer of data. Try to fill it out so
+ * we can hash it */
+ if (ghash->bufLen) {
+ unsigned int needed = PR_MIN(len, blocksize - ghash->bufLen);
+ if (needed != 0) {
+ PORT_Memcpy(ghash->buffer + ghash->bufLen, buf, needed);
+ }
+ buf += needed;
+ len -= needed;
+ ghash->bufLen += needed;
+ if (len == 0) {
+ /* didn't add enough to hash the data, nothing more do do */
+ return SECSuccess;
+ }
+ PORT_Assert(ghash->bufLen == blocksize);
+ /* hash the buffer and clear it */
+ rv = gcm_HashMult(ghash, ghash->buffer, 1, blocksize);
+ PORT_Memset(ghash->buffer, 0, blocksize);
+ ghash->bufLen = 0;
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ /* now hash any full blocks remaining in the data stream */
+ blocks = len / blocksize;
+ if (blocks) {
+ rv = gcm_HashMult(ghash, buf, blocks, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ buf += blocks * blocksize;
+ len -= blocks * blocksize;
+ }
+
+ /* save any remainder in the buffer to be hashed with the next call */
+ if (len != 0) {
+ PORT_Memcpy(ghash->buffer, buf, len);
+ ghash->bufLen = len;
+ }
+ return SECSuccess;
+}
+
+/*
+ * write out any partial blocks zero padded through the GHASH engine,
+ * save the lengths for the final completion of the hash
+ */
+static SECStatus
+gcmHash_Sync(gcmHashContext *ghash, unsigned int blocksize)
+{
+ int i;
+ SECStatus rv;
+
+ /* copy the previous counter to the upper block */
+ PORT_Memcpy(ghash->counterBuf, &ghash->counterBuf[GCM_HASH_LEN_LEN],
+ GCM_HASH_LEN_LEN);
+ /* copy the current counter in the lower block */
+ for (i = 0; i < GCM_HASH_LEN_LEN; i++) {
+ ghash->counterBuf[GCM_HASH_LEN_LEN + i] =
+ (ghash->cLen >> ((GCM_HASH_LEN_LEN - 1 - i) * PR_BITS_PER_BYTE)) & 0xff;
+ }
+ ghash->cLen = 0;
+
+ /* now zero fill the buffer and hash the last block */
+ if (ghash->bufLen) {
+ PORT_Memset(ghash->buffer + ghash->bufLen, 0, blocksize - ghash->bufLen);
+ rv = gcm_HashMult(ghash, ghash->buffer, 1, blocksize);
+ PORT_Memset(ghash->buffer, 0, blocksize);
+ ghash->bufLen = 0;
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+/*
+ * This does the final sync, hashes the lengths, then returns
+ * "T", the hashed output.
+ */
+static SECStatus
+gcmHash_Final(gcmHashContext *ghash, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ unsigned int blocksize)
+{
+ unsigned char T[MAX_BLOCK_SIZE];
+ SECStatus rv;
+
+ rv = gcmHash_Sync(ghash, blocksize);
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+
+ rv = gcm_HashMult(ghash, ghash->counterBuf, (GCM_HASH_LEN_LEN * 2) / blocksize,
+ blocksize);
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+
+ GCM_TRACE_X(ghash, "GHASH(H,A,C) = ")
+
+ rv = gcm_getX(ghash, T, blocksize);
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+
+ if (maxout > blocksize)
+ maxout = blocksize;
+ PORT_Memcpy(outbuf, T, maxout);
+ *outlen = maxout;
+ rv = SECSuccess;
+
+cleanup:
+ PORT_Memset(T, 0, sizeof(T));
+ return rv;
+}
+
+SECStatus
+gcmHash_Reset(gcmHashContext *ghash, const unsigned char *AAD,
+ unsigned int AADLen, unsigned int blocksize)
+{
+ SECStatus rv;
+
+ ghash->cLen = 0;
+ PORT_Memset(ghash->counterBuf, 0, GCM_HASH_LEN_LEN * 2);
+ ghash->bufLen = 0;
+ gcm_zeroX(ghash);
+
+ /* now kick things off by hashing the Additional Authenticated Data */
+ if (AADLen != 0) {
+ rv = gcmHash_Update(ghash, AAD, AADLen, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = gcmHash_Sync(ghash, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+/**************************************************************************
+ * Now implement the GCM using gcmHash and CTR *
+ **************************************************************************/
+
+/* state to handle the full GCM operation (hash and counter) */
+struct GCMContextStr {
+ gcmHashContext ghash_context;
+ CTRContext ctr_context;
+ unsigned long tagBits;
+ unsigned char tagKey[MAX_BLOCK_SIZE];
+};
+
+GCMContext *
+GCM_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *params, unsigned int blocksize)
+{
+ GCMContext *gcm = NULL;
+ gcmHashContext *ghash;
+ unsigned char H[MAX_BLOCK_SIZE];
+ unsigned int tmp;
+ PRBool freeCtr = PR_FALSE;
+ PRBool freeHash = PR_FALSE;
+ const CK_GCM_PARAMS *gcmParams = (const CK_GCM_PARAMS *)params;
+ CK_AES_CTR_PARAMS ctrParams;
+ SECStatus rv;
+
+ if (blocksize > MAX_BLOCK_SIZE || blocksize > sizeof(ctrParams.cb)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ gcm = PORT_ZNew(GCMContext);
+ if (gcm == NULL) {
+ return NULL;
+ }
+ /* first fill in the ghash context */
+ ghash = &gcm->ghash_context;
+ PORT_Memset(H, 0, blocksize);
+ rv = (*cipher)(context, H, &tmp, blocksize, H, blocksize, blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = gcmHash_InitContext(ghash, H, blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ freeHash = PR_TRUE;
+
+ /* fill in the Counter context */
+ ctrParams.ulCounterBits = 32;
+ PORT_Memset(ctrParams.cb, 0, sizeof(ctrParams.cb));
+ if ((blocksize == 16) && (gcmParams->ulIvLen == 12)) {
+ PORT_Memcpy(ctrParams.cb, gcmParams->pIv, gcmParams->ulIvLen);
+ ctrParams.cb[blocksize - 1] = 1;
+ } else {
+ rv = gcmHash_Update(ghash, gcmParams->pIv, gcmParams->ulIvLen,
+ blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = gcmHash_Final(ghash, ctrParams.cb, &tmp, blocksize, blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ rv = CTR_InitContext(&gcm->ctr_context, context, cipher,
+ (unsigned char *)&ctrParams, blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ freeCtr = PR_TRUE;
+
+ /* fill in the gcm structure */
+ gcm->tagBits = gcmParams->ulTagBits; /* save for final step */
+ /* calculate the final tag key. NOTE: gcm->tagKey is zero to start with.
+ * if this assumption changes, we would need to explicitly clear it here */
+ rv = CTR_Update(&gcm->ctr_context, gcm->tagKey, &tmp, blocksize,
+ gcm->tagKey, blocksize, blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* finally mix in the AAD data */
+ rv = gcmHash_Reset(ghash, gcmParams->pAAD, gcmParams->ulAADLen, blocksize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return gcm;
+
+loser:
+ if (freeCtr) {
+ CTR_DestroyContext(&gcm->ctr_context, PR_FALSE);
+ }
+ if (freeHash) {
+ gcmHash_DestroyContext(&gcm->ghash_context, PR_FALSE);
+ }
+ if (gcm) {
+ PORT_Free(gcm);
+ }
+ return NULL;
+}
+
+void
+GCM_DestroyContext(GCMContext *gcm, PRBool freeit)
+{
+ /* these two are statically allocated and will be freed when we free
+ * gcm. call their destroy functions to free up any locally
+ * allocated data (like mp_int's) */
+ CTR_DestroyContext(&gcm->ctr_context, PR_FALSE);
+ gcmHash_DestroyContext(&gcm->ghash_context, PR_FALSE);
+ PORT_Memset(&gcm->tagBits, 0, sizeof(gcm->tagBits));
+ PORT_Memset(gcm->tagKey, 0, sizeof(gcm->tagKey));
+ if (freeit) {
+ PORT_Free(gcm);
+ }
+}
+
+static SECStatus
+gcm_GetTag(GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ unsigned int blocksize)
+{
+ unsigned int tagBytes;
+ unsigned int extra;
+ unsigned int i;
+ SECStatus rv;
+
+ tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE;
+ extra = tagBytes * PR_BITS_PER_BYTE - gcm->tagBits;
+
+ if (outbuf == NULL) {
+ *outlen = tagBytes;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ if (maxout < tagBytes) {
+ *outlen = tagBytes;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ maxout = tagBytes;
+ rv = gcmHash_Final(&gcm->ghash_context, outbuf, outlen, maxout, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ GCM_TRACE_BLOCK("GHASH=", outbuf, blocksize);
+ GCM_TRACE_BLOCK("Y0=", gcm->tagKey, blocksize);
+ for (i = 0; i < *outlen; i++) {
+ outbuf[i] ^= gcm->tagKey[i];
+ }
+ GCM_TRACE_BLOCK("Y0=", gcm->tagKey, blocksize);
+ GCM_TRACE_BLOCK("T=", outbuf, blocksize);
+ /* mask off any extra bits we got */
+ if (extra) {
+ outbuf[tagBytes - 1] &= ~((1 << extra) - 1);
+ }
+ return SECSuccess;
+}
+
+/*
+ * See The Galois/Counter Mode of Operation, McGrew and Viega.
+ * GCM is basically counter mode with a specific initialization and
+ * built in macing operation.
+ */
+SECStatus
+GCM_EncryptUpdate(GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ SECStatus rv;
+ unsigned int tagBytes;
+ unsigned int len;
+
+ tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE;
+ if (UINT_MAX - inlen < tagBytes) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxout < inlen + tagBytes) {
+ *outlen = inlen + tagBytes;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ rv = CTR_Update(&gcm->ctr_context, outbuf, outlen, maxout,
+ inbuf, inlen, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = gcmHash_Update(&gcm->ghash_context, outbuf, *outlen, blocksize);
+ if (rv != SECSuccess) {
+ PORT_Memset(outbuf, 0, *outlen); /* clear the output buffer */
+ *outlen = 0;
+ return SECFailure;
+ }
+ rv = gcm_GetTag(gcm, outbuf + *outlen, &len, maxout - *outlen, blocksize);
+ if (rv != SECSuccess) {
+ PORT_Memset(outbuf, 0, *outlen); /* clear the output buffer */
+ *outlen = 0;
+ return SECFailure;
+ };
+ *outlen += len;
+ return SECSuccess;
+}
+
+/*
+ * See The Galois/Counter Mode of Operation, McGrew and Viega.
+ * GCM is basically counter mode with a specific initialization and
+ * built in macing operation. NOTE: the only difference between Encrypt
+ * and Decrypt is when we calculate the mac. That is because the mac must
+ * always be calculated on the cipher text, not the plain text, so for
+ * encrypt, we do the CTR update first and for decrypt we do the mac first.
+ */
+SECStatus
+GCM_DecryptUpdate(GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ SECStatus rv;
+ unsigned int tagBytes;
+ unsigned char tag[MAX_BLOCK_SIZE];
+ const unsigned char *intag;
+ unsigned int len;
+
+ tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE;
+
+ /* get the authentication block */
+ if (inlen < tagBytes) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ inlen -= tagBytes;
+ intag = inbuf + inlen;
+
+ /* verify the block */
+ rv = gcmHash_Update(&gcm->ghash_context, inbuf, inlen, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = gcm_GetTag(gcm, tag, &len, blocksize, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ /* Don't decrypt if we can't authenticate the encrypted data!
+ * This assumes that if tagBits is not a multiple of 8, intag will
+ * preserve the masked off missing bits. */
+ if (NSS_SecureMemcmp(tag, intag, tagBytes) != 0) {
+ /* force a CKR_ENCRYPTED_DATA_INVALID error at in softoken */
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ PORT_Memset(tag, 0, sizeof(tag));
+ return SECFailure;
+ }
+ PORT_Memset(tag, 0, sizeof(tag));
+ /* finish the decryption */
+ return CTR_Update(&gcm->ctr_context, outbuf, outlen, maxout,
+ inbuf, inlen, blocksize);
+}
diff --git a/security/nss/lib/freebl/gcm.h b/security/nss/lib/freebl/gcm.h
new file mode 100644
index 000000000..1cdba534d
--- /dev/null
+++ b/security/nss/lib/freebl/gcm.h
@@ -0,0 +1,31 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef GCM_H
+#define GCM_H 1
+
+#include "blapii.h"
+
+typedef struct GCMContextStr GCMContext;
+
+/*
+ * The context argument is the inner cipher context to use with cipher. The
+ * GCMContext does not own context. context needs to remain valid for as long
+ * as the GCMContext is valid.
+ *
+ * The cipher argument is a block cipher in the ECB encrypt mode.
+ */
+GCMContext *GCM_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *params, unsigned int blocksize);
+void GCM_DestroyContext(GCMContext *gcm, PRBool freeit);
+SECStatus GCM_EncryptUpdate(GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+SECStatus GCM_DecryptUpdate(GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+
+#endif
diff --git a/security/nss/lib/freebl/genload.c b/security/nss/lib/freebl/genload.c
new file mode 100644
index 000000000..832deb58c
--- /dev/null
+++ b/security/nss/lib/freebl/genload.c
@@ -0,0 +1,167 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * This file is meant to be included by other .c files.
+ * This file takes a "parameter", the scope which includes this
+ * code shall declare this variable:
+ * const char *NameOfThisSharedLib;
+ *
+ * NameOfThisSharedLib:
+ * The file name of the shared library that shall be used as the
+ * "reference library". The loader will attempt to load the requested
+ * library from the same directory as the reference library.
+ */
+
+#ifdef XP_UNIX
+#include <unistd.h>
+#define BL_MAXSYMLINKS 20
+
+/*
+ * If 'link' is a symbolic link, this function follows the symbolic links
+ * and returns the pathname of the ultimate source of the symbolic links.
+ * If 'link' is not a symbolic link, this function returns NULL.
+ * The caller should call PR_Free to free the string returned by this
+ * function.
+ */
+static char*
+loader_GetOriginalPathname(const char* link)
+{
+#ifdef __GLIBC__
+ char* tmp = realpath(link, NULL);
+ char* resolved;
+ if (!tmp)
+ return NULL;
+ resolved = PR_Malloc(strlen(tmp) + 1);
+ strcpy(resolved, tmp); /* This is necessary because PR_Free might not be using free() */
+ free(tmp);
+ return resolved;
+#else
+ char* resolved = NULL;
+ char* input = NULL;
+ PRUint32 iterations = 0;
+ PRInt32 len = 0, retlen = 0;
+ if (!link) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return NULL;
+ }
+ len = PR_MAX(1024, strlen(link) + 1);
+ resolved = PR_Malloc(len);
+ input = PR_Malloc(len);
+ if (!resolved || !input) {
+ if (resolved) {
+ PR_Free(resolved);
+ }
+ if (input) {
+ PR_Free(input);
+ }
+ return NULL;
+ }
+ strcpy(input, link);
+ while ((iterations++ < BL_MAXSYMLINKS) &&
+ ((retlen = readlink(input, resolved, len - 1)) > 0)) {
+ char* tmp = input;
+ resolved[retlen] = '\0'; /* NULL termination */
+ input = resolved;
+ resolved = tmp;
+ }
+ PR_Free(resolved);
+ if (iterations == 1 && retlen < 0) {
+ PR_Free(input);
+ input = NULL;
+ }
+ return input;
+#endif
+}
+#endif /* XP_UNIX */
+
+/*
+ * Load the library with the file name 'name' residing in the same
+ * directory as the reference library, whose pathname is 'referencePath'.
+ */
+static PRLibrary*
+loader_LoadLibInReferenceDir(const char* referencePath, const char* name)
+{
+ PRLibrary* dlh = NULL;
+ char* fullName = NULL;
+ char* c;
+ PRLibSpec libSpec;
+
+ /* Remove the trailing filename from referencePath and add the new one */
+ c = strrchr(referencePath, PR_GetDirectorySeparator());
+ if (c) {
+ size_t referencePathSize = 1 + c - referencePath;
+ fullName = (char*)PORT_Alloc(strlen(name) + referencePathSize + 1);
+ if (fullName) {
+ memcpy(fullName, referencePath, referencePathSize);
+ strcpy(fullName + referencePathSize, name);
+#ifdef DEBUG_LOADER
+ PR_fprintf(PR_STDOUT, "\nAttempting to load fully-qualified %s\n",
+ fullName);
+#endif
+ libSpec.type = PR_LibSpec_Pathname;
+ libSpec.value.pathname = fullName;
+ dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
+ PORT_Free(fullName);
+ }
+ }
+ return dlh;
+}
+
+/*
+ * We use PR_GetLibraryFilePathname to get the pathname of the loaded
+ * shared lib that contains this function, and then do a PR_LoadLibrary
+ * with an absolute pathname for the softoken shared library.
+ */
+
+static PRLibrary*
+loader_LoadLibrary(const char* nameToLoad)
+{
+ PRLibrary* lib = NULL;
+ char* fullPath = NULL;
+ PRLibSpec libSpec;
+
+ /* Get the pathname for nameOfAlreadyLoadedLib, i.e. /usr/lib/libnss3.so
+ * PR_GetLibraryFilePathname works with either the base library name or a
+ * function pointer, depending on the platform. We can't query an exported
+ * symbol such as NSC_GetFunctionList, because on some platforms we can't
+ * find symbols in loaded implicit dependencies.
+ * But we can just get the address of this function !
+ */
+ fullPath = PR_GetLibraryFilePathname(NameOfThisSharedLib,
+ (PRFuncPtr)&loader_LoadLibrary);
+
+ if (fullPath) {
+ lib = loader_LoadLibInReferenceDir(fullPath, nameToLoad);
+#ifdef XP_UNIX
+ if (!lib) {
+ /*
+ * If fullPath is a symbolic link, resolve the symbolic
+ * link and try again.
+ */
+ char* originalfullPath = loader_GetOriginalPathname(fullPath);
+ if (originalfullPath) {
+ PR_Free(fullPath);
+ fullPath = originalfullPath;
+ lib = loader_LoadLibInReferenceDir(fullPath, nameToLoad);
+ }
+ }
+#endif
+ PR_Free(fullPath);
+ }
+ if (!lib) {
+#ifdef DEBUG_LOADER
+ PR_fprintf(PR_STDOUT, "\nAttempting to load %s\n", nameToLoad);
+#endif
+ libSpec.type = PR_LibSpec_Pathname;
+ libSpec.value.pathname = nameToLoad;
+ lib = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
+ }
+ if (NULL == lib) {
+#ifdef DEBUG_LOADER
+ PR_fprintf(PR_STDOUT, "\nLoading failed : %s.\n", nameToLoad);
+#endif
+ }
+ return lib;
+}
diff --git a/security/nss/lib/freebl/hmacct.c b/security/nss/lib/freebl/hmacct.c
new file mode 100644
index 000000000..c7815ac05
--- /dev/null
+++ b/security/nss/lib/freebl/hmacct.c
@@ -0,0 +1,335 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "secport.h"
+#include "hasht.h"
+#include "blapit.h"
+#include "hmacct.h"
+#include "secerr.h"
+
+/* MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's length
+ * field. (SHA-384/512 have 128-bit length.) */
+#define MAX_HASH_BIT_COUNT_BYTES 16
+
+/* Some utility functions are needed:
+ *
+ * These macros return the given value with the MSB copied to all the other
+ * bits. They use the fact that an arithmetic shift shifts-in the sign bit.
+ * However, this is not ensured by the C standard so you may need to replace
+ * them with something else on odd CPUs.
+ *
+ * Note: the argument to these macros must be an unsigned int.
+ * */
+#define DUPLICATE_MSB_TO_ALL(x) ((unsigned int)((int)(x) >> (sizeof(int) * 8 - 1)))
+#define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned char)(DUPLICATE_MSB_TO_ALL(x)))
+
+/* constantTimeGE returns 0xff if a>=b and 0x00 otherwise, where a, b <
+ * MAX_UINT/2. */
+static unsigned char
+constantTimeGE(unsigned int a, unsigned int b)
+{
+ a -= b;
+ return DUPLICATE_MSB_TO_ALL(~a);
+}
+
+/* constantTimeEQ8 returns 0xff if a==b and 0x00 otherwise. */
+static unsigned char
+constantTimeEQ8(unsigned char a, unsigned char b)
+{
+ unsigned int c = a ^ b;
+ c--;
+ return DUPLICATE_MSB_TO_ALL_8(c);
+}
+
+/* MAC performs a constant time SSLv3/TLS MAC of |dataLen| bytes of |data|,
+ * where |dataLen| includes both the authenticated bytes and the MAC tag from
+ * the sender. |dataLen| must be >= the length of the MAC tag.
+ *
+ * |dataTotalLen| is >= |dataLen| and also accounts for any padding bytes
+ * that may follow the sender's MAC. (Only a single block of padding may
+ * follow in SSLv3, or up to 255 bytes in TLS.)
+ *
+ * Since the results of decryption are secret information (otherwise a
+ * padding-oracle is created), this function is constant-time with respect to
+ * |dataLen|.
+ *
+ * |header| contains either the 13-byte TLS header (containing the sequence
+ * number, record type etc), or it contains the SSLv3 header with the SSLv3
+ * padding bytes etc. */
+static SECStatus
+MAC(unsigned char *mdOut,
+ unsigned int *mdOutLen,
+ unsigned int mdOutMax,
+ const SECHashObject *hashObj,
+ const unsigned char *macSecret,
+ unsigned int macSecretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *data,
+ unsigned int dataLen,
+ unsigned int dataTotalLen,
+ unsigned char isSSLv3)
+{
+ void *mdState = hashObj->create();
+ const unsigned int mdSize = hashObj->length;
+ const unsigned int mdBlockSize = hashObj->blocklength;
+ /* mdLengthSize is the number of bytes in the length field that terminates
+ * the hash.
+ *
+ * This assumes that hash functions with a 64 byte block size use a 64-bit
+ * length, and otherwise they use a 128-bit length. This is true of {MD5,
+ * SHA*} (which are all of the hash functions specified for use with TLS
+ * today). */
+ const unsigned int mdLengthSize = mdBlockSize == 64 ? 8 : 16;
+
+ const unsigned int sslv3PadLen = hashObj->type == HASH_AlgMD5 ? 48 : 40;
+
+ /* varianceBlocks is the number of blocks of the hash that we have to
+ * calculate in constant time because they could be altered by the
+ * padding value.
+ *
+ * In SSLv3, the padding must be minimal so the end of the plaintext
+ * varies by, at most, 15+20 = 35 bytes. (We conservatively assume that
+ * the MAC size varies from 0..20 bytes.) In case the 9 bytes of hash
+ * termination (0x80 + 64-bit length) don't fit in the final block, we
+ * say that the final two blocks can vary based on the padding.
+ *
+ * TLSv1 has MACs up to 48 bytes long (SHA-384) and the padding is not
+ * required to be minimal. Therefore we say that the final six blocks
+ * can vary based on the padding.
+ *
+ * Later in the function, if the message is short and there obviously
+ * cannot be this many blocks then varianceBlocks can be reduced. */
+ unsigned int varianceBlocks = isSSLv3 ? 2 : 6;
+ /* From now on we're dealing with the MAC, which conceptually has 13
+ * bytes of `header' before the start of the data (TLS) or 71/75 bytes
+ * (SSLv3) */
+ const unsigned int len = dataTotalLen + headerLen;
+ /* maxMACBytes contains the maximum bytes of bytes in the MAC, including
+ * |header|, assuming that there's no padding. */
+ const unsigned int maxMACBytes = len - mdSize - 1;
+ /* numBlocks is the maximum number of hash blocks. */
+ const unsigned int numBlocks =
+ (maxMACBytes + 1 + mdLengthSize + mdBlockSize - 1) / mdBlockSize;
+ /* macEndOffset is the index just past the end of the data to be
+ * MACed. */
+ const unsigned int macEndOffset = dataLen + headerLen - mdSize;
+ /* c is the index of the 0x80 byte in the final hash block that
+ * contains application data. */
+ const unsigned int c = macEndOffset % mdBlockSize;
+ /* indexA is the hash block number that contains the 0x80 terminating
+ * value. */
+ const unsigned int indexA = macEndOffset / mdBlockSize;
+ /* indexB is the hash block number that contains the 64-bit hash
+ * length, in bits. */
+ const unsigned int indexB = (macEndOffset + mdLengthSize) / mdBlockSize;
+ /* bits is the hash-length in bits. It includes the additional hash
+ * block for the masked HMAC key, or whole of |header| in the case of
+ * SSLv3. */
+ unsigned int bits;
+ /* In order to calculate the MAC in constant time we have to handle
+ * the final blocks specially because the padding value could cause the
+ * end to appear somewhere in the final |varianceBlocks| blocks and we
+ * can't leak where. However, |numStartingBlocks| worth of data can
+ * be hashed right away because no padding value can affect whether
+ * they are plaintext. */
+ unsigned int numStartingBlocks = 0;
+ /* k is the starting byte offset into the conceptual header||data where
+ * we start processing. */
+ unsigned int k = 0;
+ unsigned char lengthBytes[MAX_HASH_BIT_COUNT_BYTES];
+ /* hmacPad is the masked HMAC key. */
+ unsigned char hmacPad[HASH_BLOCK_LENGTH_MAX];
+ unsigned char firstBlock[HASH_BLOCK_LENGTH_MAX];
+ unsigned char macOut[HASH_LENGTH_MAX];
+ unsigned i, j;
+
+ /* For SSLv3, if we're going to have any starting blocks then we need
+ * at least two because the header is larger than a single block. */
+ if (numBlocks > varianceBlocks + (isSSLv3 ? 1 : 0)) {
+ numStartingBlocks = numBlocks - varianceBlocks;
+ k = mdBlockSize * numStartingBlocks;
+ }
+
+ bits = 8 * macEndOffset;
+ hashObj->begin(mdState);
+ if (!isSSLv3) {
+ /* Compute the initial HMAC block. For SSLv3, the padding and
+ * secret bytes are included in |header| because they take more
+ * than a single block. */
+ bits += 8 * mdBlockSize;
+ memset(hmacPad, 0, mdBlockSize);
+ PORT_Assert(macSecretLen <= sizeof(hmacPad));
+ memcpy(hmacPad, macSecret, macSecretLen);
+ for (i = 0; i < mdBlockSize; i++)
+ hmacPad[i] ^= 0x36;
+ hashObj->update(mdState, hmacPad, mdBlockSize);
+ }
+
+ j = 0;
+ memset(lengthBytes, 0, sizeof(lengthBytes));
+ if (mdLengthSize == 16) {
+ j = 8;
+ }
+ if (hashObj->type == HASH_AlgMD5) {
+ /* MD5 appends a little-endian length. */
+ for (i = 0; i < 4; i++) {
+ lengthBytes[i + j] = bits >> (8 * i);
+ }
+ } else {
+ /* All other TLS hash functions use a big-endian length. */
+ for (i = 0; i < 4; i++) {
+ lengthBytes[4 + i + j] = bits >> (8 * (3 - i));
+ }
+ }
+
+ if (k > 0) {
+ if (isSSLv3) {
+ /* The SSLv3 header is larger than a single block.
+ * overhang is the number of bytes beyond a single
+ * block that the header consumes: either 7 bytes
+ * (SHA1) or 11 bytes (MD5). */
+ const unsigned int overhang = headerLen - mdBlockSize;
+ hashObj->update(mdState, header, mdBlockSize);
+ memcpy(firstBlock, header + mdBlockSize, overhang);
+ memcpy(firstBlock + overhang, data, mdBlockSize - overhang);
+ hashObj->update(mdState, firstBlock, mdBlockSize);
+ for (i = 1; i < k / mdBlockSize - 1; i++) {
+ hashObj->update(mdState, data + mdBlockSize * i - overhang,
+ mdBlockSize);
+ }
+ } else {
+ /* k is a multiple of mdBlockSize. */
+ memcpy(firstBlock, header, 13);
+ memcpy(firstBlock + 13, data, mdBlockSize - 13);
+ hashObj->update(mdState, firstBlock, mdBlockSize);
+ for (i = 1; i < k / mdBlockSize; i++) {
+ hashObj->update(mdState, data + mdBlockSize * i - 13,
+ mdBlockSize);
+ }
+ }
+ }
+
+ memset(macOut, 0, sizeof(macOut));
+
+ /* We now process the final hash blocks. For each block, we construct
+ * it in constant time. If i == indexA then we'll include the 0x80
+ * bytes and zero pad etc. For each block we selectively copy it, in
+ * constant time, to |macOut|. */
+ for (i = numStartingBlocks; i <= numStartingBlocks + varianceBlocks; i++) {
+ unsigned char block[HASH_BLOCK_LENGTH_MAX];
+ unsigned char isBlockA = constantTimeEQ8(i, indexA);
+ unsigned char isBlockB = constantTimeEQ8(i, indexB);
+ for (j = 0; j < mdBlockSize; j++) {
+ unsigned char isPastC = isBlockA & constantTimeGE(j, c);
+ unsigned char isPastCPlus1 = isBlockA & constantTimeGE(j, c + 1);
+ unsigned char b = 0;
+ if (k < headerLen) {
+ b = header[k];
+ } else if (k < dataTotalLen + headerLen) {
+ b = data[k - headerLen];
+ }
+ k++;
+
+ /* If this is the block containing the end of the
+ * application data, and we are at the offset for the
+ * 0x80 value, then overwrite b with 0x80. */
+ b = (b & ~isPastC) | (0x80 & isPastC);
+ /* If this the the block containing the end of the
+ * application data and we're past the 0x80 value then
+ * just write zero. */
+ b = b & ~isPastCPlus1;
+ /* If this is indexB (the final block), but not
+ * indexA (the end of the data), then the 64-bit
+ * length didn't fit into indexA and we're having to
+ * add an extra block of zeros. */
+ b &= ~isBlockB | isBlockA;
+
+ /* The final bytes of one of the blocks contains the length. */
+ if (j >= mdBlockSize - mdLengthSize) {
+ /* If this is indexB, write a length byte. */
+ b = (b & ~isBlockB) |
+ (isBlockB & lengthBytes[j - (mdBlockSize - mdLengthSize)]);
+ }
+ block[j] = b;
+ }
+
+ hashObj->update(mdState, block, mdBlockSize);
+ hashObj->end_raw(mdState, block, NULL, mdSize);
+ /* If this is indexB, copy the hash value to |macOut|. */
+ for (j = 0; j < mdSize; j++) {
+ macOut[j] |= block[j] & isBlockB;
+ }
+ }
+
+ hashObj->begin(mdState);
+
+ if (isSSLv3) {
+ /* We repurpose |hmacPad| to contain the SSLv3 pad2 block. */
+ for (i = 0; i < sslv3PadLen; i++)
+ hmacPad[i] = 0x5c;
+
+ hashObj->update(mdState, macSecret, macSecretLen);
+ hashObj->update(mdState, hmacPad, sslv3PadLen);
+ hashObj->update(mdState, macOut, mdSize);
+ } else {
+ /* Complete the HMAC in the standard manner. */
+ for (i = 0; i < mdBlockSize; i++)
+ hmacPad[i] ^= 0x6a;
+
+ hashObj->update(mdState, hmacPad, mdBlockSize);
+ hashObj->update(mdState, macOut, mdSize);
+ }
+
+ hashObj->end(mdState, mdOut, mdOutLen, mdOutMax);
+ hashObj->destroy(mdState, PR_TRUE);
+
+ return SECSuccess;
+}
+
+SECStatus
+HMAC_ConstantTime(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen)
+{
+ if (hashObj->end_raw == NULL)
+ return SECFailure;
+ return MAC(result, resultLen, maxResultLen, hashObj, secret, secretLen,
+ header, headerLen, body, bodyLen, bodyTotalLen,
+ 0 /* not SSLv3 */);
+}
+
+SECStatus
+SSLv3_MAC_ConstantTime(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen)
+{
+ if (hashObj->end_raw == NULL)
+ return SECFailure;
+ return MAC(result, resultLen, maxResultLen, hashObj, secret, secretLen,
+ header, headerLen, body, bodyLen, bodyTotalLen,
+ 1 /* SSLv3 */);
+}
diff --git a/security/nss/lib/freebl/hmacct.h b/security/nss/lib/freebl/hmacct.h
new file mode 100644
index 000000000..a773ea89c
--- /dev/null
+++ b/security/nss/lib/freebl/hmacct.h
@@ -0,0 +1,38 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _HMACCT_H_
+#define _HMACCT_H_
+
+SEC_BEGIN_PROTOS
+
+extern SECStatus HMAC_ConstantTime(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen);
+
+extern SECStatus SSLv3_MAC_ConstantTime(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/freebl/intel-aes-x64-masm.asm b/security/nss/lib/freebl/intel-aes-x64-masm.asm
new file mode 100644
index 000000000..ef5c76ba2
--- /dev/null
+++ b/security/nss/lib/freebl/intel-aes-x64-masm.asm
@@ -0,0 +1,971 @@
+; LICENSE:
+; This submission to NSS is to be made available under the terms of the
+; Mozilla Public License, v. 2.0. You can obtain one at http:
+; //mozilla.org/MPL/2.0/.
+;###############################################################################
+; Copyright(c) 2014, Intel Corp.
+; Developers and authors:
+; Shay Gueron and Vlad Krasnov
+; Intel Corporation, Israel Development Centre, Haifa, Israel
+; Please send feedback directly to crypto.feedback.alias@intel.com
+
+
+.DATA
+ALIGN 16
+Lmask dd 0c0f0e0dh,0c0f0e0dh,0c0f0e0dh,0c0f0e0dh
+Lmask192 dd 004070605h, 004070605h, 004070605h, 004070605h
+Lmask256 dd 00c0f0e0dh, 00c0f0e0dh, 00c0f0e0dh, 00c0f0e0dh
+Lcon1 dd 1,1,1,1
+Lcon2 dd 1bh,1bh,1bh,1bh
+
+.CODE
+
+ctx textequ <rcx>
+output textequ <rdx>
+input textequ <r8>
+inputLen textequ <r9d>
+
+
+aes_rnd MACRO i
+ movdqu xmm8, [i*16 + ctx]
+ aesenc xmm0, xmm8
+ aesenc xmm1, xmm8
+ aesenc xmm2, xmm8
+ aesenc xmm3, xmm8
+ aesenc xmm4, xmm8
+ aesenc xmm5, xmm8
+ aesenc xmm6, xmm8
+ aesenc xmm7, xmm8
+ ENDM
+
+aes_last_rnd MACRO i
+ movdqu xmm8, [i*16 + ctx]
+ aesenclast xmm0, xmm8
+ aesenclast xmm1, xmm8
+ aesenclast xmm2, xmm8
+ aesenclast xmm3, xmm8
+ aesenclast xmm4, xmm8
+ aesenclast xmm5, xmm8
+ aesenclast xmm6, xmm8
+ aesenclast xmm7, xmm8
+ ENDM
+
+aes_dec_rnd MACRO i
+ movdqu xmm8, [i*16 + ctx]
+ aesdec xmm0, xmm8
+ aesdec xmm1, xmm8
+ aesdec xmm2, xmm8
+ aesdec xmm3, xmm8
+ aesdec xmm4, xmm8
+ aesdec xmm5, xmm8
+ aesdec xmm6, xmm8
+ aesdec xmm7, xmm8
+ ENDM
+
+aes_dec_last_rnd MACRO i
+ movdqu xmm8, [i*16 + ctx]
+ aesdeclast xmm0, xmm8
+ aesdeclast xmm1, xmm8
+ aesdeclast xmm2, xmm8
+ aesdeclast xmm3, xmm8
+ aesdeclast xmm4, xmm8
+ aesdeclast xmm5, xmm8
+ aesdeclast xmm6, xmm8
+ aesdeclast xmm7, xmm8
+ ENDM
+
+
+gen_aes_ecb_func MACRO enc, rnds
+
+LOCAL loop8
+LOCAL loop1
+LOCAL bail
+
+ xor inputLen, inputLen
+ mov input, [rsp + 1*8 + 8*4]
+ mov inputLen, [rsp + 1*8 + 8*5]
+
+ sub rsp, 3*16
+
+ movdqu [rsp + 0*16], xmm6
+ movdqu [rsp + 1*16], xmm7
+ movdqu [rsp + 2*16], xmm8
+
+ lea ctx, [48+ctx]
+
+loop8:
+ cmp inputLen, 8*16
+ jb loop1
+
+ movdqu xmm0, [0*16 + input]
+ movdqu xmm1, [1*16 + input]
+ movdqu xmm2, [2*16 + input]
+ movdqu xmm3, [3*16 + input]
+ movdqu xmm4, [4*16 + input]
+ movdqu xmm5, [5*16 + input]
+ movdqu xmm6, [6*16 + input]
+ movdqu xmm7, [7*16 + input]
+
+ movdqu xmm8, [0*16 + ctx]
+ pxor xmm0, xmm8
+ pxor xmm1, xmm8
+ pxor xmm2, xmm8
+ pxor xmm3, xmm8
+ pxor xmm4, xmm8
+ pxor xmm5, xmm8
+ pxor xmm6, xmm8
+ pxor xmm7, xmm8
+
+IF enc eq 1
+ rnd textequ <aes_rnd>
+ lastrnd textequ <aes_last_rnd>
+ aesinst textequ <aesenc>
+ aeslastinst textequ <aesenclast>
+ELSE
+ rnd textequ <aes_dec_rnd>
+ lastrnd textequ <aes_dec_last_rnd>
+ aesinst textequ <aesdec>
+ aeslastinst textequ <aesdeclast>
+ENDIF
+
+ i = 1
+ WHILE i LT rnds
+ rnd i
+ i = i+1
+ ENDM
+ lastrnd rnds
+
+ movdqu [0*16 + output], xmm0
+ movdqu [1*16 + output], xmm1
+ movdqu [2*16 + output], xmm2
+ movdqu [3*16 + output], xmm3
+ movdqu [4*16 + output], xmm4
+ movdqu [5*16 + output], xmm5
+ movdqu [6*16 + output], xmm6
+ movdqu [7*16 + output], xmm7
+
+ lea input, [8*16 + input]
+ lea output, [8*16 + output]
+ sub inputLen, 8*16
+ jmp loop8
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm0, [input]
+ movdqu xmm7, [0*16 + ctx]
+ pxor xmm0, xmm7
+
+ i = 1
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesinst xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aeslastinst xmm0, xmm7
+
+ movdqu [output], xmm0
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+ xor rax, rax
+
+ movdqu xmm6, [rsp + 0*16]
+ movdqu xmm7, [rsp + 1*16]
+ movdqu xmm8, [rsp + 2*16]
+ add rsp, 3*16
+ ret
+ENDM
+
+intel_aes_encrypt_ecb_128 PROC
+gen_aes_ecb_func 1, 10
+intel_aes_encrypt_ecb_128 ENDP
+
+intel_aes_encrypt_ecb_192 PROC
+gen_aes_ecb_func 1, 12
+intel_aes_encrypt_ecb_192 ENDP
+
+intel_aes_encrypt_ecb_256 PROC
+gen_aes_ecb_func 1, 14
+intel_aes_encrypt_ecb_256 ENDP
+
+intel_aes_decrypt_ecb_128 PROC
+gen_aes_ecb_func 0, 10
+intel_aes_decrypt_ecb_128 ENDP
+
+intel_aes_decrypt_ecb_192 PROC
+gen_aes_ecb_func 0, 12
+intel_aes_decrypt_ecb_192 ENDP
+
+intel_aes_decrypt_ecb_256 PROC
+gen_aes_ecb_func 0, 14
+intel_aes_decrypt_ecb_256 ENDP
+
+
+KEY textequ <rcx>
+KS textequ <rdx>
+ITR textequ <r8>
+
+intel_aes_encrypt_init_128 PROC
+
+ movdqu xmm1, [KEY]
+ movdqu [KS], xmm1
+ movdqa xmm2, xmm1
+
+ lea ITR, Lcon1
+ movdqa xmm0, [ITR]
+ lea ITR, Lmask
+ movdqa xmm4, [ITR]
+
+ mov ITR, 8
+
+Lenc_128_ks_loop:
+ lea KS, [16 + KS]
+ dec ITR
+
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+ movdqa xmm3, xmm1
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pxor xmm1, xmm2
+ movdqu [KS], xmm1
+ movdqa xmm2, xmm1
+
+ jne Lenc_128_ks_loop
+
+ lea ITR, Lcon2
+ movdqa xmm0, [ITR]
+
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+ movdqa xmm3, xmm1
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pxor xmm1, xmm2
+ movdqu [16 + KS], xmm1
+ movdqa xmm2, xmm1
+
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ movdqa xmm3, xmm1
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pxor xmm1, xmm2
+ movdqu [32 + KS], xmm1
+ movdqa xmm2, xmm1
+
+ ret
+intel_aes_encrypt_init_128 ENDP
+
+
+intel_aes_decrypt_init_128 PROC
+
+ push KS
+ push KEY
+
+ call intel_aes_encrypt_init_128
+
+ pop KEY
+ pop KS
+
+ movdqu xmm0, [0*16 + KS]
+ movdqu xmm1, [10*16 + KS]
+ movdqu [10*16 + KS], xmm0
+ movdqu [0*16 + KS], xmm1
+
+ i = 1
+ WHILE i LT 5
+ movdqu xmm0, [i*16 + KS]
+ movdqu xmm1, [(10-i)*16 + KS]
+
+ aesimc xmm0, xmm0
+ aesimc xmm1, xmm1
+
+ movdqu [(10-i)*16 + KS], xmm0
+ movdqu [i*16 + KS], xmm1
+
+ i = i+1
+ ENDM
+
+ movdqu xmm0, [5*16 + KS]
+ aesimc xmm0, xmm0
+ movdqu [5*16 + KS], xmm0
+ ret
+intel_aes_decrypt_init_128 ENDP
+
+
+intel_aes_encrypt_init_192 PROC
+
+ sub rsp, 16*2
+ movdqu [16*0 + rsp], xmm6
+ movdqu [16*1 + rsp], xmm7
+
+ movdqu xmm1, [KEY]
+ mov ITR, [16 + KEY]
+ movd xmm3, ITR
+
+ movdqu [KS], xmm1
+ movdqa xmm5, xmm3
+
+ lea ITR, Lcon1
+ movdqu xmm0, [ITR]
+ lea ITR, Lmask192
+ movdqu xmm4, [ITR]
+
+ mov ITR, 4
+
+Lenc_192_ks_loop:
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+
+ movdqa xmm6, xmm1
+ movdqa xmm7, xmm3
+ pslldq xmm6, 4
+ pslldq xmm7, 4
+ pxor xmm1, xmm6
+ pxor xmm3, xmm7
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pxor xmm1, xmm2
+ pshufd xmm2, xmm1, 0ffh
+ pxor xmm3, xmm2
+
+ movdqa xmm6, xmm1
+ shufpd xmm5, xmm1, 00h
+ shufpd xmm6, xmm3, 01h
+
+ movdqu [16 + KS], xmm5
+ movdqu [32 + KS], xmm6
+
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+
+ movdqa xmm6, xmm1
+ movdqa xmm7, xmm3
+ pslldq xmm6, 4
+ pslldq xmm7, 4
+ pxor xmm1, xmm6
+ pxor xmm3, xmm7
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pxor xmm1, xmm2
+ pshufd xmm2, xmm1, 0ffh
+ pxor xmm3, xmm2
+
+ movdqu [48 + KS], xmm1
+ movdqa xmm5, xmm3
+
+ lea KS, [48 + KS]
+
+ dec ITR
+ jnz Lenc_192_ks_loop
+
+ movdqu [16 + KS], xmm5
+
+ movdqu xmm7, [16*1 + rsp]
+ movdqu xmm6, [16*0 + rsp]
+ add rsp, 16*2
+ ret
+intel_aes_encrypt_init_192 ENDP
+
+intel_aes_decrypt_init_192 PROC
+ push KS
+ push KEY
+
+ call intel_aes_encrypt_init_192
+
+ pop KEY
+ pop KS
+
+ movdqu xmm0, [0*16 + KS]
+ movdqu xmm1, [12*16 + KS]
+ movdqu [12*16 + KS], xmm0
+ movdqu [0*16 + KS], xmm1
+
+ i = 1
+ WHILE i LT 6
+ movdqu xmm0, [i*16 + KS]
+ movdqu xmm1, [(12-i)*16 + KS]
+
+ aesimc xmm0, xmm0
+ aesimc xmm1, xmm1
+
+ movdqu [(12-i)*16 + KS], xmm0
+ movdqu [i*16 + KS], xmm1
+
+ i = i+1
+ ENDM
+
+ movdqu xmm0, [6*16 + KS]
+ aesimc xmm0, xmm0
+ movdqu [6*16 + KS], xmm0
+ ret
+intel_aes_decrypt_init_192 ENDP
+
+
+intel_aes_encrypt_init_256 PROC
+ sub rsp, 16*2
+ movdqu [16*0 + rsp], xmm6
+ movdqu [16*1 + rsp], xmm7
+
+ movdqu xmm1, [16*0 + KEY]
+ movdqu xmm3, [16*1 + KEY]
+
+ movdqu [16*0 + KS], xmm1
+ movdqu [16*1 + KS], xmm3
+
+ lea ITR, Lcon1
+ movdqu xmm0, [ITR]
+ lea ITR, Lmask256
+ movdqu xmm5, [ITR]
+
+ pxor xmm6, xmm6
+
+ mov ITR, 6
+
+Lenc_256_ks_loop:
+
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm5
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+ movdqa xmm4, xmm1
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pxor xmm1, xmm2
+ movdqu [16*2 + KS], xmm1
+
+ pshufd xmm2, xmm1, 0ffh
+ aesenclast xmm2, xmm6
+ movdqa xmm4, xmm3
+ pslldq xmm4, 4
+ pxor xmm3, xmm4
+ pslldq xmm4, 4
+ pxor xmm3, xmm4
+ pslldq xmm4, 4
+ pxor xmm3, xmm4
+ pxor xmm3, xmm2
+ movdqu [16*3 + KS], xmm3
+
+ lea KS, [32 + KS]
+ dec ITR
+ jnz Lenc_256_ks_loop
+
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm5
+ aesenclast xmm2, xmm0
+ movdqa xmm4, xmm1
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pxor xmm1, xmm2
+ movdqu [16*2 + KS], xmm1
+
+ movdqu xmm7, [16*1 + rsp]
+ movdqu xmm6, [16*0 + rsp]
+ add rsp, 16*2
+ ret
+
+intel_aes_encrypt_init_256 ENDP
+
+
+intel_aes_decrypt_init_256 PROC
+ push KS
+ push KEY
+
+ call intel_aes_encrypt_init_256
+
+ pop KEY
+ pop KS
+
+ movdqu xmm0, [0*16 + KS]
+ movdqu xmm1, [14*16 + KS]
+ movdqu [14*16 + KS], xmm0
+ movdqu [0*16 + KS], xmm1
+
+ i = 1
+ WHILE i LT 7
+ movdqu xmm0, [i*16 + KS]
+ movdqu xmm1, [(14-i)*16 + KS]
+
+ aesimc xmm0, xmm0
+ aesimc xmm1, xmm1
+
+ movdqu [(14-i)*16 + KS], xmm0
+ movdqu [i*16 + KS], xmm1
+
+ i = i+1
+ ENDM
+
+ movdqu xmm0, [7*16 + KS]
+ aesimc xmm0, xmm0
+ movdqu [7*16 + KS], xmm0
+ ret
+intel_aes_decrypt_init_256 ENDP
+
+
+
+gen_aes_cbc_enc_func MACRO rnds
+
+LOCAL loop1
+LOCAL bail
+
+ mov input, [rsp + 1*8 + 8*4]
+ mov inputLen, [rsp + 1*8 + 8*5]
+
+ sub rsp, 3*16
+
+ movdqu [rsp + 0*16], xmm6
+ movdqu [rsp + 1*16], xmm7
+ movdqu [rsp + 2*16], xmm8
+
+ lea ctx, [48+ctx]
+
+ movdqu xmm0, [-32+ctx]
+
+ movdqu xmm2, [0*16 + ctx]
+ movdqu xmm3, [1*16 + ctx]
+ movdqu xmm4, [2*16 + ctx]
+ movdqu xmm5, [3*16 + ctx]
+ movdqu xmm6, [4*16 + ctx]
+ movdqu xmm7, [5*16 + ctx]
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm1, [input]
+ pxor xmm1, xmm2
+ pxor xmm0, xmm1
+
+ aesenc xmm0, xmm3
+ aesenc xmm0, xmm4
+ aesenc xmm0, xmm5
+ aesenc xmm0, xmm6
+ aesenc xmm0, xmm7
+
+ i = 6
+ WHILE i LT rnds
+ movdqu xmm8, [i*16 + ctx]
+ aesenc xmm0, xmm8
+ i = i+1
+ ENDM
+ movdqu xmm8, [rnds*16 + ctx]
+ aesenclast xmm0, xmm8
+
+ movdqu [output], xmm0
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+ movdqu [-32+ctx], xmm0
+
+ xor rax, rax
+
+ movdqu xmm6, [rsp + 0*16]
+ movdqu xmm7, [rsp + 1*16]
+ movdqu xmm8, [rsp + 2*16]
+ add rsp, 3*16
+ ret
+
+ENDM
+
+gen_aes_cbc_dec_func MACRO rnds
+
+LOCAL loop8
+LOCAL loop1
+LOCAL dec1
+LOCAL bail
+
+ mov input, [rsp + 1*8 + 8*4]
+ mov inputLen, [rsp + 1*8 + 8*5]
+
+ sub rsp, 3*16
+
+ movdqu [rsp + 0*16], xmm6
+ movdqu [rsp + 1*16], xmm7
+ movdqu [rsp + 2*16], xmm8
+
+ lea ctx, [48+ctx]
+
+loop8:
+ cmp inputLen, 8*16
+ jb dec1
+
+ movdqu xmm0, [0*16 + input]
+ movdqu xmm1, [1*16 + input]
+ movdqu xmm2, [2*16 + input]
+ movdqu xmm3, [3*16 + input]
+ movdqu xmm4, [4*16 + input]
+ movdqu xmm5, [5*16 + input]
+ movdqu xmm6, [6*16 + input]
+ movdqu xmm7, [7*16 + input]
+
+ movdqu xmm8, [0*16 + ctx]
+ pxor xmm0, xmm8
+ pxor xmm1, xmm8
+ pxor xmm2, xmm8
+ pxor xmm3, xmm8
+ pxor xmm4, xmm8
+ pxor xmm5, xmm8
+ pxor xmm6, xmm8
+ pxor xmm7, xmm8
+
+ i = 1
+ WHILE i LT rnds
+ aes_dec_rnd i
+ i = i+1
+ ENDM
+ aes_dec_last_rnd rnds
+
+ movdqu xmm8, [-32 + ctx]
+ pxor xmm0, xmm8
+ movdqu xmm8, [0*16 + input]
+ pxor xmm1, xmm8
+ movdqu xmm8, [1*16 + input]
+ pxor xmm2, xmm8
+ movdqu xmm8, [2*16 + input]
+ pxor xmm3, xmm8
+ movdqu xmm8, [3*16 + input]
+ pxor xmm4, xmm8
+ movdqu xmm8, [4*16 + input]
+ pxor xmm5, xmm8
+ movdqu xmm8, [5*16 + input]
+ pxor xmm6, xmm8
+ movdqu xmm8, [6*16 + input]
+ pxor xmm7, xmm8
+ movdqu xmm8, [7*16 + input]
+
+ movdqu [0*16 + output], xmm0
+ movdqu [1*16 + output], xmm1
+ movdqu [2*16 + output], xmm2
+ movdqu [3*16 + output], xmm3
+ movdqu [4*16 + output], xmm4
+ movdqu [5*16 + output], xmm5
+ movdqu [6*16 + output], xmm6
+ movdqu [7*16 + output], xmm7
+ movdqu [-32 + ctx], xmm8
+
+ lea input, [8*16 + input]
+ lea output, [8*16 + output]
+ sub inputLen, 8*16
+ jmp loop8
+dec1:
+
+ movdqu xmm3, [-32 + ctx]
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm0, [input]
+ movdqa xmm4, xmm0
+ movdqu xmm7, [0*16 + ctx]
+ pxor xmm0, xmm7
+
+ i = 1
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesdec xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aesdeclast xmm0, xmm7
+ pxor xmm3, xmm0
+
+ movdqu [output], xmm3
+ movdqa xmm3, xmm4
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+ movdqu [-32 + ctx], xmm3
+ xor rax, rax
+
+ movdqu xmm6, [rsp + 0*16]
+ movdqu xmm7, [rsp + 1*16]
+ movdqu xmm8, [rsp + 2*16]
+ add rsp, 3*16
+ ret
+ENDM
+
+intel_aes_encrypt_cbc_128 PROC
+gen_aes_cbc_enc_func 10
+intel_aes_encrypt_cbc_128 ENDP
+
+intel_aes_encrypt_cbc_192 PROC
+gen_aes_cbc_enc_func 12
+intel_aes_encrypt_cbc_192 ENDP
+
+intel_aes_encrypt_cbc_256 PROC
+gen_aes_cbc_enc_func 14
+intel_aes_encrypt_cbc_256 ENDP
+
+intel_aes_decrypt_cbc_128 PROC
+gen_aes_cbc_dec_func 10
+intel_aes_decrypt_cbc_128 ENDP
+
+intel_aes_decrypt_cbc_192 PROC
+gen_aes_cbc_dec_func 12
+intel_aes_decrypt_cbc_192 ENDP
+
+intel_aes_decrypt_cbc_256 PROC
+gen_aes_cbc_dec_func 14
+intel_aes_decrypt_cbc_256 ENDP
+
+
+
+ctrCtx textequ <r10>
+CTR textequ <r11d>
+CTRSave textequ <eax>
+
+gen_aes_ctr_func MACRO rnds
+
+LOCAL loop8
+LOCAL loop1
+LOCAL enc1
+LOCAL bail
+
+ mov input, [rsp + 8*1 + 4*8]
+ mov inputLen, [rsp + 8*1 + 5*8]
+
+ mov ctrCtx, ctx
+ mov ctx, [8+ctrCtx]
+ lea ctx, [48+ctx]
+
+ sub rsp, 3*16
+ movdqu [rsp + 0*16], xmm6
+ movdqu [rsp + 1*16], xmm7
+ movdqu [rsp + 2*16], xmm8
+
+
+ push rbp
+ mov rbp, rsp
+ sub rsp, 8*16
+ and rsp, -16
+
+
+ movdqu xmm0, [16+ctrCtx]
+ mov CTRSave, DWORD PTR [ctrCtx + 16 + 3*4]
+ bswap CTRSave
+ movdqu xmm1, [ctx + 0*16]
+
+ pxor xmm0, xmm1
+
+ movdqa [rsp + 0*16], xmm0
+ movdqa [rsp + 1*16], xmm0
+ movdqa [rsp + 2*16], xmm0
+ movdqa [rsp + 3*16], xmm0
+ movdqa [rsp + 4*16], xmm0
+ movdqa [rsp + 5*16], xmm0
+ movdqa [rsp + 6*16], xmm0
+ movdqa [rsp + 7*16], xmm0
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 1*16 + 3*4], CTR
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 2*16 + 3*4], CTR
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 3*16 + 3*4], CTR
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 4*16 + 3*4], CTR
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 5*16 + 3*4], CTR
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 6*16 + 3*4], CTR
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + 7*16 + 3*4], CTR
+
+
+loop8:
+ cmp inputLen, 8*16
+ jb loop1
+
+ movdqu xmm0, [0*16 + rsp]
+ movdqu xmm1, [1*16 + rsp]
+ movdqu xmm2, [2*16 + rsp]
+ movdqu xmm3, [3*16 + rsp]
+ movdqu xmm4, [4*16 + rsp]
+ movdqu xmm5, [5*16 + rsp]
+ movdqu xmm6, [6*16 + rsp]
+ movdqu xmm7, [7*16 + rsp]
+
+ i = 1
+ WHILE i LE 8
+ aes_rnd i
+
+ inc CTRSave
+ mov CTR, CTRSave
+ bswap CTR
+ xor CTR, DWORD PTR [ctx + 3*4]
+ mov DWORD PTR [rsp + (i-1)*16 + 3*4], CTR
+
+ i = i+1
+ ENDM
+ WHILE i LT rnds
+ aes_rnd i
+ i = i+1
+ ENDM
+ aes_last_rnd rnds
+
+ movdqu xmm8, [0*16 + input]
+ pxor xmm0, xmm8
+ movdqu xmm8, [1*16 + input]
+ pxor xmm1, xmm8
+ movdqu xmm8, [2*16 + input]
+ pxor xmm2, xmm8
+ movdqu xmm8, [3*16 + input]
+ pxor xmm3, xmm8
+ movdqu xmm8, [4*16 + input]
+ pxor xmm4, xmm8
+ movdqu xmm8, [5*16 + input]
+ pxor xmm5, xmm8
+ movdqu xmm8, [6*16 + input]
+ pxor xmm6, xmm8
+ movdqu xmm8, [7*16 + input]
+ pxor xmm7, xmm8
+
+ movdqu [0*16 + output], xmm0
+ movdqu [1*16 + output], xmm1
+ movdqu [2*16 + output], xmm2
+ movdqu [3*16 + output], xmm3
+ movdqu [4*16 + output], xmm4
+ movdqu [5*16 + output], xmm5
+ movdqu [6*16 + output], xmm6
+ movdqu [7*16 + output], xmm7
+
+ lea input, [8*16 + input]
+ lea output, [8*16 + output]
+ sub inputLen, 8*16
+ jmp loop8
+
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm0, [rsp]
+ add rsp, 16
+
+ i = 1
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesenc xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aesenclast xmm0, xmm7
+
+ movdqu xmm7, [input]
+ pxor xmm0, xmm7
+ movdqu [output], xmm0
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+
+ movdqu xmm0, [rsp]
+ movdqu xmm1, [ctx + 0*16]
+ pxor xmm0, xmm1
+ movdqu [16+ctrCtx], xmm0
+
+
+ xor rax, rax
+ mov rsp, rbp
+ pop rbp
+
+ movdqu xmm6, [rsp + 0*16]
+ movdqu xmm7, [rsp + 1*16]
+ movdqu xmm8, [rsp + 2*16]
+ add rsp, 3*16
+
+ ret
+ENDM
+
+
+intel_aes_encrypt_ctr_128 PROC
+gen_aes_ctr_func 10
+intel_aes_encrypt_ctr_128 ENDP
+
+intel_aes_encrypt_ctr_192 PROC
+gen_aes_ctr_func 12
+intel_aes_encrypt_ctr_192 ENDP
+
+intel_aes_encrypt_ctr_256 PROC
+gen_aes_ctr_func 14
+intel_aes_encrypt_ctr_256 ENDP
+
+
+END
diff --git a/security/nss/lib/freebl/intel-aes-x86-masm.asm b/security/nss/lib/freebl/intel-aes-x86-masm.asm
new file mode 100644
index 000000000..7d805e766
--- /dev/null
+++ b/security/nss/lib/freebl/intel-aes-x86-masm.asm
@@ -0,0 +1,949 @@
+; LICENSE:
+; This submission to NSS is to be made available under the terms of the
+; Mozilla Public License, v. 2.0. You can obtain one at http:
+; //mozilla.org/MPL/2.0/.
+;###############################################################################
+; Copyright(c) 2014, Intel Corp.
+; Developers and authors:
+; Shay Gueron and Vlad Krasnov
+; Intel Corporation, Israel Development Centre, Haifa, Israel
+; Please send feedback directly to crypto.feedback.alias@intel.com
+
+
+.MODEL FLAT, C
+.XMM
+
+.DATA
+ALIGN 16
+Lmask dd 0c0f0e0dh,0c0f0e0dh,0c0f0e0dh,0c0f0e0dh
+Lmask192 dd 004070605h, 004070605h, 004070605h, 004070605h
+Lmask256 dd 00c0f0e0dh, 00c0f0e0dh, 00c0f0e0dh, 00c0f0e0dh
+Lcon1 dd 1,1,1,1
+Lcon2 dd 1bh,1bh,1bh,1bh
+
+.CODE
+
+ctx textequ <ecx>
+output textequ <edx>
+input textequ <eax>
+inputLen textequ <edi>
+
+
+aes_rnd MACRO i
+ movdqu xmm7, [i*16 + ctx]
+ aesenc xmm0, xmm7
+ aesenc xmm1, xmm7
+ aesenc xmm2, xmm7
+ aesenc xmm3, xmm7
+ aesenc xmm4, xmm7
+ aesenc xmm5, xmm7
+ aesenc xmm6, xmm7
+ ENDM
+
+aes_last_rnd MACRO i
+ movdqu xmm7, [i*16 + ctx]
+ aesenclast xmm0, xmm7
+ aesenclast xmm1, xmm7
+ aesenclast xmm2, xmm7
+ aesenclast xmm3, xmm7
+ aesenclast xmm4, xmm7
+ aesenclast xmm5, xmm7
+ aesenclast xmm6, xmm7
+ ENDM
+
+aes_dec_rnd MACRO i
+ movdqu xmm7, [i*16 + ctx]
+ aesdec xmm0, xmm7
+ aesdec xmm1, xmm7
+ aesdec xmm2, xmm7
+ aesdec xmm3, xmm7
+ aesdec xmm4, xmm7
+ aesdec xmm5, xmm7
+ aesdec xmm6, xmm7
+ ENDM
+
+aes_dec_last_rnd MACRO i
+ movdqu xmm7, [i*16 + ctx]
+ aesdeclast xmm0, xmm7
+ aesdeclast xmm1, xmm7
+ aesdeclast xmm2, xmm7
+ aesdeclast xmm3, xmm7
+ aesdeclast xmm4, xmm7
+ aesdeclast xmm5, xmm7
+ aesdeclast xmm6, xmm7
+ ENDM
+
+
+gen_aes_ecb_func MACRO enc, rnds
+
+LOCAL loop7
+LOCAL loop1
+LOCAL bail
+
+ push inputLen
+
+ mov ctx, [esp + 2*4 + 0*4]
+ mov output, [esp + 2*4 + 1*4]
+ mov input, [esp + 2*4 + 4*4]
+ mov inputLen, [esp + 2*4 + 5*4]
+
+ lea ctx, [44+ctx]
+
+loop7:
+ cmp inputLen, 7*16
+ jb loop1
+
+ movdqu xmm0, [0*16 + input]
+ movdqu xmm1, [1*16 + input]
+ movdqu xmm2, [2*16 + input]
+ movdqu xmm3, [3*16 + input]
+ movdqu xmm4, [4*16 + input]
+ movdqu xmm5, [5*16 + input]
+ movdqu xmm6, [6*16 + input]
+
+ movdqu xmm7, [0*16 + ctx]
+ pxor xmm0, xmm7
+ pxor xmm1, xmm7
+ pxor xmm2, xmm7
+ pxor xmm3, xmm7
+ pxor xmm4, xmm7
+ pxor xmm5, xmm7
+ pxor xmm6, xmm7
+
+IF enc eq 1
+ rnd textequ <aes_rnd>
+ lastrnd textequ <aes_last_rnd>
+ aesinst textequ <aesenc>
+ aeslastinst textequ <aesenclast>
+ELSE
+ rnd textequ <aes_dec_rnd>
+ lastrnd textequ <aes_dec_last_rnd>
+ aesinst textequ <aesdec>
+ aeslastinst textequ <aesdeclast>
+ENDIF
+
+ i = 1
+ WHILE i LT rnds
+ rnd i
+ i = i+1
+ ENDM
+ lastrnd rnds
+
+ movdqu [0*16 + output], xmm0
+ movdqu [1*16 + output], xmm1
+ movdqu [2*16 + output], xmm2
+ movdqu [3*16 + output], xmm3
+ movdqu [4*16 + output], xmm4
+ movdqu [5*16 + output], xmm5
+ movdqu [6*16 + output], xmm6
+
+ lea input, [7*16 + input]
+ lea output, [7*16 + output]
+ sub inputLen, 7*16
+ jmp loop7
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm0, [input]
+ movdqu xmm7, [0*16 + ctx]
+ pxor xmm0, xmm7
+
+ i = 1
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesinst xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aeslastinst xmm0, xmm7
+
+ movdqu [output], xmm0
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+ xor eax, eax
+ pop inputLen
+ ret
+
+ENDM
+
+ALIGN 16
+intel_aes_encrypt_ecb_128 PROC
+gen_aes_ecb_func 1, 10
+intel_aes_encrypt_ecb_128 ENDP
+
+ALIGN 16
+intel_aes_encrypt_ecb_192 PROC
+gen_aes_ecb_func 1, 12
+intel_aes_encrypt_ecb_192 ENDP
+
+ALIGN 16
+intel_aes_encrypt_ecb_256 PROC
+gen_aes_ecb_func 1, 14
+intel_aes_encrypt_ecb_256 ENDP
+
+ALIGN 16
+intel_aes_decrypt_ecb_128 PROC
+gen_aes_ecb_func 0, 10
+intel_aes_decrypt_ecb_128 ENDP
+
+ALIGN 16
+intel_aes_decrypt_ecb_192 PROC
+gen_aes_ecb_func 0, 12
+intel_aes_decrypt_ecb_192 ENDP
+
+ALIGN 16
+intel_aes_decrypt_ecb_256 PROC
+gen_aes_ecb_func 0, 14
+intel_aes_decrypt_ecb_256 ENDP
+
+
+KEY textequ <ecx>
+KS textequ <edx>
+ITR textequ <eax>
+
+ALIGN 16
+intel_aes_encrypt_init_128 PROC
+
+ mov KEY, [esp + 1*4 + 0*4]
+ mov KS, [esp + 1*4 + 1*4]
+
+
+ movdqu xmm1, [KEY]
+ movdqu [KS], xmm1
+ movdqa xmm2, xmm1
+
+ lea ITR, Lcon1
+ movdqa xmm0, [ITR]
+ lea ITR, Lmask
+ movdqa xmm4, [ITR]
+
+ mov ITR, 8
+
+Lenc_128_ks_loop:
+ lea KS, [16 + KS]
+ dec ITR
+
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+ movdqa xmm3, xmm1
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pxor xmm1, xmm2
+ movdqu [KS], xmm1
+ movdqa xmm2, xmm1
+
+ jne Lenc_128_ks_loop
+
+ lea ITR, Lcon2
+ movdqa xmm0, [ITR]
+
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+ movdqa xmm3, xmm1
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pxor xmm1, xmm2
+ movdqu [16 + KS], xmm1
+ movdqa xmm2, xmm1
+
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ movdqa xmm3, xmm1
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pslldq xmm3, 4
+ pxor xmm1, xmm3
+ pxor xmm1, xmm2
+ movdqu [32 + KS], xmm1
+ movdqa xmm2, xmm1
+
+ ret
+intel_aes_encrypt_init_128 ENDP
+
+
+ALIGN 16
+intel_aes_decrypt_init_128 PROC
+
+ mov KEY, [esp + 1*4 + 0*4]
+ mov KS, [esp + 1*4 + 1*4]
+
+ push KS
+ push KEY
+
+ call intel_aes_encrypt_init_128
+
+ pop KEY
+ pop KS
+
+ movdqu xmm0, [0*16 + KS]
+ movdqu xmm1, [10*16 + KS]
+ movdqu [10*16 + KS], xmm0
+ movdqu [0*16 + KS], xmm1
+
+ i = 1
+ WHILE i LT 5
+ movdqu xmm0, [i*16 + KS]
+ movdqu xmm1, [(10-i)*16 + KS]
+
+ aesimc xmm0, xmm0
+ aesimc xmm1, xmm1
+
+ movdqu [(10-i)*16 + KS], xmm0
+ movdqu [i*16 + KS], xmm1
+
+ i = i+1
+ ENDM
+
+ movdqu xmm0, [5*16 + KS]
+ aesimc xmm0, xmm0
+ movdqu [5*16 + KS], xmm0
+ ret
+intel_aes_decrypt_init_128 ENDP
+
+
+ALIGN 16
+intel_aes_encrypt_init_192 PROC
+
+ mov KEY, [esp + 1*4 + 0*4]
+ mov KS, [esp + 1*4 + 1*4]
+
+ pxor xmm3, xmm3
+ movdqu xmm1, [KEY]
+ pinsrd xmm3, DWORD PTR [16 + KEY], 0
+ pinsrd xmm3, DWORD PTR [20 + KEY], 1
+
+ movdqu [KS], xmm1
+ movdqa xmm5, xmm3
+
+ lea ITR, Lcon1
+ movdqu xmm0, [ITR]
+ lea ITR, Lmask192
+ movdqu xmm4, [ITR]
+
+ mov ITR, 4
+
+Lenc_192_ks_loop:
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+
+ movdqa xmm6, xmm1
+ movdqa xmm7, xmm3
+ pslldq xmm6, 4
+ pslldq xmm7, 4
+ pxor xmm1, xmm6
+ pxor xmm3, xmm7
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pxor xmm1, xmm2
+ pshufd xmm2, xmm1, 0ffh
+ pxor xmm3, xmm2
+
+ movdqa xmm6, xmm1
+ shufpd xmm5, xmm1, 00h
+ shufpd xmm6, xmm3, 01h
+
+ movdqu [16 + KS], xmm5
+ movdqu [32 + KS], xmm6
+
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm4
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+
+ movdqa xmm6, xmm1
+ movdqa xmm7, xmm3
+ pslldq xmm6, 4
+ pslldq xmm7, 4
+ pxor xmm1, xmm6
+ pxor xmm3, xmm7
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pslldq xmm6, 4
+ pxor xmm1, xmm6
+ pxor xmm1, xmm2
+ pshufd xmm2, xmm1, 0ffh
+ pxor xmm3, xmm2
+
+ movdqu [48 + KS], xmm1
+ movdqa xmm5, xmm3
+
+ lea KS, [48 + KS]
+
+ dec ITR
+ jnz Lenc_192_ks_loop
+
+ movdqu [16 + KS], xmm5
+ret
+intel_aes_encrypt_init_192 ENDP
+
+ALIGN 16
+intel_aes_decrypt_init_192 PROC
+ mov KEY, [esp + 1*4 + 0*4]
+ mov KS, [esp + 1*4 + 1*4]
+
+ push KS
+ push KEY
+
+ call intel_aes_encrypt_init_192
+
+ pop KEY
+ pop KS
+
+ movdqu xmm0, [0*16 + KS]
+ movdqu xmm1, [12*16 + KS]
+ movdqu [12*16 + KS], xmm0
+ movdqu [0*16 + KS], xmm1
+
+ i = 1
+ WHILE i LT 6
+ movdqu xmm0, [i*16 + KS]
+ movdqu xmm1, [(12-i)*16 + KS]
+
+ aesimc xmm0, xmm0
+ aesimc xmm1, xmm1
+
+ movdqu [(12-i)*16 + KS], xmm0
+ movdqu [i*16 + KS], xmm1
+
+ i = i+1
+ ENDM
+
+ movdqu xmm0, [6*16 + KS]
+ aesimc xmm0, xmm0
+ movdqu [6*16 + KS], xmm0
+ ret
+intel_aes_decrypt_init_192 ENDP
+
+ALIGN 16
+intel_aes_encrypt_init_256 PROC
+
+ mov KEY, [esp + 1*4 + 0*4]
+ mov KS, [esp + 1*4 + 1*4]
+ movdqu xmm1, [16*0 + KEY]
+ movdqu xmm3, [16*1 + KEY]
+
+ movdqu [16*0 + KS], xmm1
+ movdqu [16*1 + KS], xmm3
+
+ lea ITR, Lcon1
+ movdqu xmm0, [ITR]
+ lea ITR, Lmask256
+ movdqu xmm5, [ITR]
+
+ pxor xmm6, xmm6
+
+ mov ITR, 6
+
+Lenc_256_ks_loop:
+
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm5
+ aesenclast xmm2, xmm0
+ pslld xmm0, 1
+ movdqa xmm4, xmm1
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pxor xmm1, xmm2
+ movdqu [16*2 + KS], xmm1
+
+ pshufd xmm2, xmm1, 0ffh
+ aesenclast xmm2, xmm6
+ movdqa xmm4, xmm3
+ pslldq xmm4, 4
+ pxor xmm3, xmm4
+ pslldq xmm4, 4
+ pxor xmm3, xmm4
+ pslldq xmm4, 4
+ pxor xmm3, xmm4
+ pxor xmm3, xmm2
+ movdqu [16*3 + KS], xmm3
+
+ lea KS, [32 + KS]
+ dec ITR
+ jnz Lenc_256_ks_loop
+
+ movdqa xmm2, xmm3
+ pshufb xmm2, xmm5
+ aesenclast xmm2, xmm0
+ movdqa xmm4, xmm1
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pslldq xmm4, 4
+ pxor xmm1, xmm4
+ pxor xmm1, xmm2
+ movdqu [16*2 + KS], xmm1
+
+ ret
+intel_aes_encrypt_init_256 ENDP
+
+ALIGN 16
+intel_aes_decrypt_init_256 PROC
+ mov KEY, [esp + 1*4 + 0*4]
+ mov KS, [esp + 1*4 + 1*4]
+
+ push KS
+ push KEY
+
+ call intel_aes_encrypt_init_256
+
+ pop KEY
+ pop KS
+
+ movdqu xmm0, [0*16 + KS]
+ movdqu xmm1, [14*16 + KS]
+ movdqu [14*16 + KS], xmm0
+ movdqu [0*16 + KS], xmm1
+
+ i = 1
+ WHILE i LT 7
+ movdqu xmm0, [i*16 + KS]
+ movdqu xmm1, [(14-i)*16 + KS]
+
+ aesimc xmm0, xmm0
+ aesimc xmm1, xmm1
+
+ movdqu [(14-i)*16 + KS], xmm0
+ movdqu [i*16 + KS], xmm1
+
+ i = i+1
+ ENDM
+
+ movdqu xmm0, [7*16 + KS]
+ aesimc xmm0, xmm0
+ movdqu [7*16 + KS], xmm0
+ ret
+intel_aes_decrypt_init_256 ENDP
+
+
+
+gen_aes_cbc_enc_func MACRO rnds
+
+LOCAL loop1
+LOCAL bail
+
+ push inputLen
+
+ mov ctx, [esp + 2*4 + 0*4]
+ mov output, [esp + 2*4 + 1*4]
+ mov input, [esp + 2*4 + 4*4]
+ mov inputLen, [esp + 2*4 + 5*4]
+
+ lea ctx, [44+ctx]
+
+ movdqu xmm0, [-32+ctx]
+
+ movdqu xmm2, [0*16 + ctx]
+ movdqu xmm3, [1*16 + ctx]
+ movdqu xmm4, [2*16 + ctx]
+ movdqu xmm5, [3*16 + ctx]
+ movdqu xmm6, [4*16 + ctx]
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm1, [input]
+ pxor xmm1, xmm2
+ pxor xmm0, xmm1
+
+ aesenc xmm0, xmm3
+ aesenc xmm0, xmm4
+ aesenc xmm0, xmm5
+ aesenc xmm0, xmm6
+
+ i = 5
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesenc xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aesenclast xmm0, xmm7
+
+ movdqu [output], xmm0
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+ movdqu [-32+ctx], xmm0
+
+ xor eax, eax
+ pop inputLen
+ ret
+
+ENDM
+
+gen_aes_cbc_dec_func MACRO rnds
+
+LOCAL loop7
+LOCAL loop1
+LOCAL dec1
+LOCAL bail
+
+ push inputLen
+
+ mov ctx, [esp + 2*4 + 0*4]
+ mov output, [esp + 2*4 + 1*4]
+ mov input, [esp + 2*4 + 4*4]
+ mov inputLen, [esp + 2*4 + 5*4]
+
+ lea ctx, [44+ctx]
+
+loop7:
+ cmp inputLen, 7*16
+ jb dec1
+
+ movdqu xmm0, [0*16 + input]
+ movdqu xmm1, [1*16 + input]
+ movdqu xmm2, [2*16 + input]
+ movdqu xmm3, [3*16 + input]
+ movdqu xmm4, [4*16 + input]
+ movdqu xmm5, [5*16 + input]
+ movdqu xmm6, [6*16 + input]
+
+ movdqu xmm7, [0*16 + ctx]
+ pxor xmm0, xmm7
+ pxor xmm1, xmm7
+ pxor xmm2, xmm7
+ pxor xmm3, xmm7
+ pxor xmm4, xmm7
+ pxor xmm5, xmm7
+ pxor xmm6, xmm7
+
+ i = 1
+ WHILE i LT rnds
+ aes_dec_rnd i
+ i = i+1
+ ENDM
+ aes_dec_last_rnd rnds
+
+ movdqu xmm7, [-32 + ctx]
+ pxor xmm0, xmm7
+ movdqu xmm7, [0*16 + input]
+ pxor xmm1, xmm7
+ movdqu xmm7, [1*16 + input]
+ pxor xmm2, xmm7
+ movdqu xmm7, [2*16 + input]
+ pxor xmm3, xmm7
+ movdqu xmm7, [3*16 + input]
+ pxor xmm4, xmm7
+ movdqu xmm7, [4*16 + input]
+ pxor xmm5, xmm7
+ movdqu xmm7, [5*16 + input]
+ pxor xmm6, xmm7
+ movdqu xmm7, [6*16 + input]
+
+ movdqu [0*16 + output], xmm0
+ movdqu [1*16 + output], xmm1
+ movdqu [2*16 + output], xmm2
+ movdqu [3*16 + output], xmm3
+ movdqu [4*16 + output], xmm4
+ movdqu [5*16 + output], xmm5
+ movdqu [6*16 + output], xmm6
+ movdqu [-32 + ctx], xmm7
+
+ lea input, [7*16 + input]
+ lea output, [7*16 + output]
+ sub inputLen, 7*16
+ jmp loop7
+dec1:
+
+ movdqu xmm3, [-32 + ctx]
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm0, [input]
+ movdqa xmm4, xmm0
+ movdqu xmm7, [0*16 + ctx]
+ pxor xmm0, xmm7
+
+ i = 1
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesdec xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aesdeclast xmm0, xmm7
+ pxor xmm3, xmm0
+
+ movdqu [output], xmm3
+ movdqa xmm3, xmm4
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+ movdqu [-32 + ctx], xmm3
+ xor eax, eax
+ pop inputLen
+ ret
+ENDM
+
+ALIGN 16
+intel_aes_encrypt_cbc_128 PROC
+gen_aes_cbc_enc_func 10
+intel_aes_encrypt_cbc_128 ENDP
+
+ALIGN 16
+intel_aes_encrypt_cbc_192 PROC
+gen_aes_cbc_enc_func 12
+intel_aes_encrypt_cbc_192 ENDP
+
+ALIGN 16
+intel_aes_encrypt_cbc_256 PROC
+gen_aes_cbc_enc_func 14
+intel_aes_encrypt_cbc_256 ENDP
+
+ALIGN 16
+intel_aes_decrypt_cbc_128 PROC
+gen_aes_cbc_dec_func 10
+intel_aes_decrypt_cbc_128 ENDP
+
+ALIGN 16
+intel_aes_decrypt_cbc_192 PROC
+gen_aes_cbc_dec_func 12
+intel_aes_decrypt_cbc_192 ENDP
+
+ALIGN 16
+intel_aes_decrypt_cbc_256 PROC
+gen_aes_cbc_dec_func 14
+intel_aes_decrypt_cbc_256 ENDP
+
+
+
+ctrCtx textequ <esi>
+CTR textequ <ebx>
+
+gen_aes_ctr_func MACRO rnds
+
+LOCAL loop7
+LOCAL loop1
+LOCAL enc1
+LOCAL bail
+
+ push inputLen
+ push ctrCtx
+ push CTR
+ push ebp
+
+ mov ctrCtx, [esp + 4*5 + 0*4]
+ mov output, [esp + 4*5 + 1*4]
+ mov input, [esp + 4*5 + 4*4]
+ mov inputLen, [esp + 4*5 + 5*4]
+
+ mov ctx, [4+ctrCtx]
+ lea ctx, [44+ctx]
+
+ mov ebp, esp
+ sub esp, 7*16
+ and esp, -16
+
+ movdqu xmm0, [8+ctrCtx]
+ mov ctrCtx, [ctrCtx + 8 + 3*4]
+ bswap ctrCtx
+ movdqu xmm1, [ctx + 0*16]
+
+ pxor xmm0, xmm1
+
+ movdqa [esp + 0*16], xmm0
+ movdqa [esp + 1*16], xmm0
+ movdqa [esp + 2*16], xmm0
+ movdqa [esp + 3*16], xmm0
+ movdqa [esp + 4*16], xmm0
+ movdqa [esp + 5*16], xmm0
+ movdqa [esp + 6*16], xmm0
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + 1*16 + 3*4], CTR
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + 2*16 + 3*4], CTR
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + 3*16 + 3*4], CTR
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + 4*16 + 3*4], CTR
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + 5*16 + 3*4], CTR
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + 6*16 + 3*4], CTR
+
+
+loop7:
+ cmp inputLen, 7*16
+ jb loop1
+
+ movdqu xmm0, [0*16 + esp]
+ movdqu xmm1, [1*16 + esp]
+ movdqu xmm2, [2*16 + esp]
+ movdqu xmm3, [3*16 + esp]
+ movdqu xmm4, [4*16 + esp]
+ movdqu xmm5, [5*16 + esp]
+ movdqu xmm6, [6*16 + esp]
+
+ i = 1
+ WHILE i LE 7
+ aes_rnd i
+
+ inc ctrCtx
+ mov CTR, ctrCtx
+ bswap CTR
+ xor CTR, [ctx + 3*4]
+ mov [esp + (i-1)*16 + 3*4], CTR
+
+ i = i+1
+ ENDM
+ WHILE i LT rnds
+ aes_rnd i
+ i = i+1
+ ENDM
+ aes_last_rnd rnds
+
+ movdqu xmm7, [0*16 + input]
+ pxor xmm0, xmm7
+ movdqu xmm7, [1*16 + input]
+ pxor xmm1, xmm7
+ movdqu xmm7, [2*16 + input]
+ pxor xmm2, xmm7
+ movdqu xmm7, [3*16 + input]
+ pxor xmm3, xmm7
+ movdqu xmm7, [4*16 + input]
+ pxor xmm4, xmm7
+ movdqu xmm7, [5*16 + input]
+ pxor xmm5, xmm7
+ movdqu xmm7, [6*16 + input]
+ pxor xmm6, xmm7
+
+ movdqu [0*16 + output], xmm0
+ movdqu [1*16 + output], xmm1
+ movdqu [2*16 + output], xmm2
+ movdqu [3*16 + output], xmm3
+ movdqu [4*16 + output], xmm4
+ movdqu [5*16 + output], xmm5
+ movdqu [6*16 + output], xmm6
+
+ lea input, [7*16 + input]
+ lea output, [7*16 + output]
+ sub inputLen, 7*16
+ jmp loop7
+
+
+loop1:
+ cmp inputLen, 1*16
+ jb bail
+
+ movdqu xmm0, [esp]
+ add esp, 16
+
+ i = 1
+ WHILE i LT rnds
+ movdqu xmm7, [i*16 + ctx]
+ aesenc xmm0, xmm7
+ i = i+1
+ ENDM
+ movdqu xmm7, [rnds*16 + ctx]
+ aesenclast xmm0, xmm7
+
+ movdqu xmm7, [input]
+ pxor xmm0, xmm7
+ movdqu [output], xmm0
+
+ lea input, [1*16 + input]
+ lea output, [1*16 + output]
+ sub inputLen, 1*16
+ jmp loop1
+
+bail:
+
+ mov ctrCtx, [ebp + 4*5 + 0*4]
+ movdqu xmm0, [esp]
+ movdqu xmm1, [ctx + 0*16]
+ pxor xmm0, xmm1
+ movdqu [8+ctrCtx], xmm0
+
+
+ xor eax, eax
+ mov esp, ebp
+ pop ebp
+ pop CTR
+ pop ctrCtx
+ pop inputLen
+ ret
+ENDM
+
+
+ALIGN 16
+intel_aes_encrypt_ctr_128 PROC
+gen_aes_ctr_func 10
+intel_aes_encrypt_ctr_128 ENDP
+
+ALIGN 16
+intel_aes_encrypt_ctr_192 PROC
+gen_aes_ctr_func 12
+intel_aes_encrypt_ctr_192 ENDP
+
+ALIGN 16
+intel_aes_encrypt_ctr_256 PROC
+gen_aes_ctr_func 14
+intel_aes_encrypt_ctr_256 ENDP
+
+
+END
diff --git a/security/nss/lib/freebl/intel-aes.h b/security/nss/lib/freebl/intel-aes.h
new file mode 100644
index 000000000..d5bd2d8ca
--- /dev/null
+++ b/security/nss/lib/freebl/intel-aes.h
@@ -0,0 +1,143 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Prototypes of the functions defined in the assembler file. */
+void intel_aes_encrypt_init_128(const unsigned char *key, PRUint32 *expanded);
+void intel_aes_encrypt_init_192(const unsigned char *key, PRUint32 *expanded);
+void intel_aes_encrypt_init_256(const unsigned char *key, PRUint32 *expanded);
+void intel_aes_decrypt_init_128(const unsigned char *key, PRUint32 *expanded);
+void intel_aes_decrypt_init_192(const unsigned char *key, PRUint32 *expanded);
+void intel_aes_decrypt_init_256(const unsigned char *key, PRUint32 *expanded);
+SECStatus intel_aes_encrypt_ecb_128(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_decrypt_ecb_128(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_cbc_128(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_decrypt_cbc_128(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_ctr_128(CTRContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_ecb_192(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_decrypt_ecb_192(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_cbc_192(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_decrypt_cbc_192(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_ctr_192(CTRContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_ecb_256(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_decrypt_ecb_256(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_cbc_256(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_decrypt_cbc_256(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+SECStatus intel_aes_encrypt_ctr_256(CTRContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ unsigned int blocksize);
+
+#define intel_aes_ecb_worker(encrypt, keysize) \
+ ((encrypt) \
+ ? ((keysize) == 16 ? intel_aes_encrypt_ecb_128 \
+ : (keysize) == 24 ? intel_aes_encrypt_ecb_192 \
+ : intel_aes_encrypt_ecb_256) \
+ : ((keysize) == 16 ? intel_aes_decrypt_ecb_128 \
+ : (keysize) == 24 ? intel_aes_decrypt_ecb_192 \
+ : intel_aes_decrypt_ecb_256))
+
+#define intel_aes_cbc_worker(encrypt, keysize) \
+ ((encrypt) \
+ ? ((keysize) == 16 ? intel_aes_encrypt_cbc_128 \
+ : (keysize) == 24 ? intel_aes_encrypt_cbc_192 \
+ : intel_aes_encrypt_cbc_256) \
+ : ((keysize) == 16 ? intel_aes_decrypt_cbc_128 \
+ : (keysize) == 24 ? intel_aes_decrypt_cbc_192 \
+ : intel_aes_decrypt_cbc_256))
+
+#define intel_aes_ctr_worker(nr) \
+ ((nr) == 10 ? intel_aes_encrypt_ctr_128 \
+ : (nr) == 12 ? intel_aes_encrypt_ctr_192 \
+ : intel_aes_encrypt_ctr_256)
+
+#define intel_aes_init(encrypt, keysize) \
+ do { \
+ if (encrypt) { \
+ if (keysize == 16) \
+ intel_aes_encrypt_init_128(key, cx->expandedKey); \
+ else if (keysize == 24) \
+ intel_aes_encrypt_init_192(key, cx->expandedKey); \
+ else \
+ intel_aes_encrypt_init_256(key, cx->expandedKey); \
+ } else { \
+ if (keysize == 16) \
+ intel_aes_decrypt_init_128(key, cx->expandedKey); \
+ else if (keysize == 24) \
+ intel_aes_decrypt_init_192(key, cx->expandedKey); \
+ else \
+ intel_aes_decrypt_init_256(key, cx->expandedKey); \
+ } \
+ } while (0)
diff --git a/security/nss/lib/freebl/intel-aes.s b/security/nss/lib/freebl/intel-aes.s
new file mode 100644
index 000000000..2dfcfa15b
--- /dev/null
+++ b/security/nss/lib/freebl/intel-aes.s
@@ -0,0 +1,2514 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ .text
+
+#define IV_OFFSET 16
+#define EXPANDED_KEY_OFFSET 48
+
+/*
+ * Warning: the length values used in this module are "unsigned int"
+ * in C, which is 32-bit. When they're passed in registers, use only
+ * the low 32 bits, because the top half is unspecified.
+ *
+ * This is called from C code, so the contents of those bits can
+ * depend on the C compiler's optimization decisions. This means that
+ * mistakes might not be obvious in testing if those bits happen to be
+ * zero in your build.
+ *
+ * Exception: 32-bit lea instructions use a 64-bit address because the
+ * address size doesn't affect the result, and that form is more
+ * compactly encoded and preferred by compilers over a 32-bit address.
+ */
+
+/* in %rdi : the key
+ in %rsi : buffer for expanded key
+*/
+ .type intel_aes_encrypt_init_128,@function
+ .globl intel_aes_encrypt_init_128
+ .align 16
+intel_aes_encrypt_init_128:
+ movups (%rdi), %xmm1
+ movups %xmm1, (%rsi)
+ leaq 16(%rsi), %rsi
+ xorl %eax, %eax
+
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x01 /* aeskeygenassist $0x01, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x02 /* aeskeygenassist $0x02, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x04 /* aeskeygenassist $0x04, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x08 /* aeskeygenassist $0x08, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x10 /* aeskeygenassist $0x10, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x20 /* aeskeygenassist $0x20, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x40 /* aeskeygenassist $0x40, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x80 /* aeskeygenassist $0x80, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x1b /* aeskeygenassist $0x1b, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x36 /* aeskeygenassist $0x36, %xmm1, %xmm2 */
+ call key_expansion128
+
+ ret
+ .size intel_aes_encrypt_init_128, .-intel_aes_encrypt_init_128
+
+
+/* in %rdi : the key
+ in %rsi : buffer for expanded key
+*/
+ .type intel_aes_decrypt_init_128,@function
+ .globl intel_aes_decrypt_init_128
+ .align 16
+intel_aes_decrypt_init_128:
+ movups (%rdi), %xmm1
+ movups %xmm1, (%rsi)
+ leaq 16(%rsi), %rsi
+ xorl %eax, %eax
+
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x01 /* aeskeygenassist $0x01, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x02 /* aeskeygenassist $0x02, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x04 /* aeskeygenassist $0x04, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x08 /* aeskeygenassist $0x08, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x10 /* aeskeygenassist $0x10, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x20 /* aeskeygenassist $0x20, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x40 /* aeskeygenassist $0x40, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x80 /* aeskeygenassist $0x80, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x1b /* aeskeygenassist $0x1b, %xmm1, %xmm2 */
+ call key_expansion128
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd1,0x36 /* aeskeygenassist $0x36, %xmm1, %xmm2 */
+ call key_expansion128
+
+ ret
+ .size intel_aes_decrypt_init_128, .-intel_aes_decrypt_init_128
+
+
+ .type key_expansion128,@function
+ .align 16
+key_expansion128:
+ movd %eax, %xmm3
+ pshufd $0xff, %xmm2, %xmm2
+ shufps $0x10, %xmm1, %xmm3
+ pxor %xmm3, %xmm1
+ shufps $0x8c, %xmm1, %xmm3
+ pxor %xmm2, %xmm1
+ pxor %xmm3, %xmm1
+ movdqu %xmm1, (%rsi)
+ addq $16, %rsi
+ ret
+ .size key_expansion128, .-key_expansion128
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_encrypt_ecb_128,@function
+ .globl intel_aes_encrypt_ecb_128
+ .align 16
+intel_aes_encrypt_ecb_128:
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdi), %xmm2
+ movdqu 160(%rdi), %xmm12
+ xor %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm2, %xmm3
+ pxor %xmm2, %xmm4
+ pxor %xmm2, %xmm5
+ pxor %xmm2, %xmm6
+ pxor %xmm2, %xmm7
+ pxor %xmm2, %xmm8
+ pxor %xmm2, %xmm9
+ pxor %xmm2, %xmm10
+
+// complete loop unrolling
+ movdqu 16(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xdc /* aesenclast %xmm12, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xe4 /* aesenclast %xmm12, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xec /* aesenclast %xmm12, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xf4 /* aesenclast %xmm12, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xfc /* aesenclast %xmm12, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xc4 /* aesenclast %xmm12, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xcc /* aesenclast %xmm12, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xd4 /* aesenclast %xmm12, %xmm10 */
+
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm2, %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xcb /* aesenc %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcc /* aesenc %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcd /* aesenc %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xce /* aesenc %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcf /* aesenc %xmm7, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc8 /* aesenc %xmm8, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xca /* aesenc %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xcc /* aesenclast %xmm12, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: xor %eax, %eax
+ ret
+ .size intel_aes_encrypt_ecb_128, .-intel_aes_encrypt_ecb_128
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_decrypt_ecb_128,@function
+ .globl intel_aes_decrypt_ecb_128
+ .align 16
+intel_aes_decrypt_ecb_128:
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdi), %xmm2
+ movdqu 160(%rdi), %xmm12
+ xorl %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm12, %xmm3
+ pxor %xmm12, %xmm4
+ pxor %xmm12, %xmm5
+ pxor %xmm12, %xmm6
+ pxor %xmm12, %xmm7
+ pxor %xmm12, %xmm8
+ pxor %xmm12, %xmm9
+ pxor %xmm12, %xmm10
+
+// complete loop unrolling
+ movdqu 144(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 16(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x0f,0x38,0xdf,0xda /* aesdeclast %xmm2, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdf,0xe2 /* aesdeclast %xmm2, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdf,0xea /* aesdeclast %xmm2, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdf,0xf2 /* aesdeclast %xmm2, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdf,0xfa /* aesdeclast %xmm2, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xc2 /* aesdeclast %xmm2, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xd2 /* aesdeclast %xmm2, %xmm10 */
+
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm12, %xmm1
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xca /* aesdec %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc9 /* aesdec %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc8 /* aesdec %xmm8, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcf /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xce /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcd /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcc /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcb /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: xor %eax, %eax
+ ret
+ .size intel_aes_decrypt_ecb_128, .-intel_aes_decrypt_ecb_128
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_encrypt_cbc_128,@function
+ .globl intel_aes_encrypt_cbc_128
+ .align 16
+intel_aes_encrypt_cbc_128:
+ testl %r9d, %r9d
+ je 2f
+
+// leaq IV_OFFSET(%rdi), %rdx
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 16(%rdi), %rdx
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdx), %xmm0
+ movdqu (%rdi), %xmm2
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+ movdqu 160(%rdi), %xmm12
+
+ xorl %eax, %eax
+1: movdqu (%r8, %rax), %xmm1
+ pxor %xmm0, %xmm1
+ pxor %xmm2, %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xcb /* aesenc %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcc /* aesenc %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcd /* aesenc %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xce /* aesenc %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcf /* aesenc %xmm7, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc8 /* aesenc %xmm8, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xca /* aesenc %xmma, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcb /* aesenc %xmmb, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xcc /* aesenclast %xmm12, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ movdqa %xmm1, %xmm0
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 1b
+
+ movdqu %xmm0, (%rdx)
+
+2: xor %eax, %eax
+ ret
+ .size intel_aes_encrypt_cbc_128, .-intel_aes_encrypt_cbc_128
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_decrypt_cbc_128,@function
+ .globl intel_aes_decrypt_cbc_128
+ .align 16
+intel_aes_decrypt_cbc_128:
+// leaq IV_OFFSET(%rdi), %rdx
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 16(%rdi), %rdx
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdx), %xmm0 /* iv */
+ movdqu (%rdi), %xmm2 /* first key block */
+ movdqu 160(%rdi), %xmm12 /* last key block */
+ xorl %eax, %eax
+ cmpl $128, %r9d
+ jb 1f
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3 /* 1st data block */
+ movdqu 16(%r8, %rax), %xmm4 /* 2d data block */
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm12, %xmm3
+ pxor %xmm12, %xmm4
+ pxor %xmm12, %xmm5
+ pxor %xmm12, %xmm6
+ pxor %xmm12, %xmm7
+ pxor %xmm12, %xmm8
+ pxor %xmm12, %xmm9
+ pxor %xmm12, %xmm10
+
+// complete loop unrolling
+ movdqu 144(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 16(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x0f,0x38,0xdf,0xda /* aesdeclast %xmm2, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdf,0xe2 /* aesdeclast %xmm2, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdf,0xea /* aesdeclast %xmm2, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdf,0xf2 /* aesdeclast %xmm2, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdf,0xfa /* aesdeclast %xmm2, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xc2 /* aesdeclast %xmm2, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xd2 /* aesdeclast %xmm2, %xmm10 */
+
+ pxor %xmm0, %xmm3
+ movdqu (%r8, %rax), %xmm0
+ pxor %xmm0, %xmm4
+ movdqu 16(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm5
+ movdqu 32(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm6
+ movdqu 48(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm7
+ movdqu 64(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm8
+ movdqu 80(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm9
+ movdqu 96(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm10
+ movdqu 112(%r8, %rax), %xmm0
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+
+4: movdqu (%r8, %rax), %xmm1
+ movdqa %xmm1, %xmm13
+ pxor %xmm12, %xmm1
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xca /* aesdec %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc9 /* aesdec %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc8 /* aesdec %xmm8, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcf /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xce /* aesdec %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcd /* aesdec %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcc /* aesdec %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcb /* aesdec %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm1 */
+ pxor %xmm0, %xmm1
+ movdqu %xmm1, (%rsi, %rax)
+ movdqa %xmm13, %xmm0
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: movdqu %xmm0, (%rdx)
+
+ xor %eax, %eax
+ ret
+ .size intel_aes_decrypt_cbc_128, .-intel_aes_decrypt_cbc_128
+
+/* in %rdi : the key
+ in %rsi : buffer for expanded key
+*/
+ .type intel_aes_encrypt_init_192,@function
+ .globl intel_aes_encrypt_init_192
+ .align 16
+intel_aes_encrypt_init_192:
+ movdqu (%rdi), %xmm1
+ movq 16(%rdi), %xmm3
+ movdqu %xmm1, (%rsi)
+ movq %xmm3, 16(%rsi)
+ leaq 24(%rsi), %rsi
+
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x01 /* aeskeygenassist $0x01, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x02 /* aeskeygenassist $0x02, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x04 /* aeskeygenassist $0x04, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x08 /* aeskeygenassist $0x08, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x10 /* aeskeygenassist $0x10, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x20 /* aeskeygenassist $0x20, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x40 /* aeskeygenassist $0x40, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x80 /* aeskeygenassist $0x80, %xmm3, %xmm2 */
+ call key_expansion192
+
+ ret
+ .size intel_aes_encrypt_init_192, .-intel_aes_encrypt_init_192
+
+
+/* in %rdi : the key
+ in %rsi : buffer for expanded key
+*/
+ .type intel_aes_decrypt_init_192,@function
+ .globl intel_aes_decrypt_init_192
+ .align 16
+intel_aes_decrypt_init_192:
+ movdqu (%rdi), %xmm1
+ movq 16(%rdi), %xmm3
+ movdqu %xmm1, (%rsi)
+ movq %xmm3, 16(%rsi)
+ leaq 24(%rsi), %rsi
+
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x01 /* aeskeygenassist $0x01, %xmm3, %xmm2 */
+ call key_expansion192
+ movups -32(%rsi), %xmm2
+ movups -16(%rsi), %xmm4
+ .byte 0x66,0x0f,0x38,0xdb,0xd2 /* aesimc %xmm2, %xmm2 */
+ .byte 0x66,0x0f,0x38,0xdb,0xe4 /* aesimc %xmm4, %xmm4 */
+ movups %xmm2, -32(%rsi)
+ movups %xmm4, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x02 /* aeskeygenassist $0x02, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -24(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x04 /* aeskeygenassist $0x04, %xmm3, %xmm2 */
+ call key_expansion192
+ movups -32(%rsi), %xmm2
+ movups -16(%rsi), %xmm4
+ .byte 0x66,0x0f,0x38,0xdb,0xd2 /* aesimc %xmm2, %xmm2 */
+ .byte 0x66,0x0f,0x38,0xdb,0xe4 /* aesimc %xmm4, %xmm4 */
+ movups %xmm2, -32(%rsi)
+ movups %xmm4, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x08 /* aeskeygenassist $0x08, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -24(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x10 /* aeskeygenassist $0x10, %xmm3, %xmm2 */
+ call key_expansion192
+ movups -32(%rsi), %xmm2
+ movups -16(%rsi), %xmm4
+ .byte 0x66,0x0f,0x38,0xdb,0xd2 /* aesimc %xmm2, %xmm2 */
+ .byte 0x66,0x0f,0x38,0xdb,0xe4 /* aesimc %xmm4, %xmm4 */
+ movups %xmm2, -32(%rsi)
+ movups %xmm4, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x20 /* aeskeygenassist $0x20, %xmm3, %xmm2 */
+ call key_expansion192
+ .byte 0x66,0x0f,0x38,0xdb,0xd1 /* aesimc %xmm1, %xmm2 */
+ movups %xmm2, -24(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x40 /* aeskeygenassist $0x40, %xmm3, %xmm2 */
+ call key_expansion192
+ movups -32(%rsi), %xmm2
+ movups -16(%rsi), %xmm4
+ .byte 0x66,0x0f,0x38,0xdb,0xd2 /* aesimc %xmm2, %xmm2 */
+ .byte 0x66,0x0f,0x38,0xdb,0xe4 /* aesimc %xmm4, %xmm4 */
+ movups %xmm2, -32(%rsi)
+ movups %xmm4, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x80 /* aeskeygenassist $0x80, %xmm3, %xmm2 */
+ call key_expansion192
+
+ ret
+ .size intel_aes_decrypt_init_192, .-intel_aes_decrypt_init_192
+
+
+ .type key_expansion192,@function
+ .align 16
+key_expansion192:
+ pshufd $0x55, %xmm2, %xmm2
+ xor %eax, %eax
+ movd %eax, %xmm4
+ shufps $0x10, %xmm1, %xmm4
+ pxor %xmm4, %xmm1
+ shufps $0x8c, %xmm1, %xmm4
+ pxor %xmm2, %xmm1
+ pxor %xmm4, %xmm1
+ movdqu %xmm1, (%rsi)
+ addq $16, %rsi
+
+ pshufd $0xff, %xmm1, %xmm4
+ movd %eax, %xmm5
+ shufps $0x00, %xmm3, %xmm5
+ shufps $0x08, %xmm3, %xmm5
+ pxor %xmm4, %xmm3
+ pxor %xmm5, %xmm3
+ movq %xmm3, (%rsi)
+ addq $8, %rsi
+ ret
+ .size key_expansion192, .-key_expansion192
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_encrypt_ecb_192,@function
+ .globl intel_aes_encrypt_ecb_192
+ .align 16
+intel_aes_encrypt_ecb_192:
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdi), %xmm2
+ movdqu 192(%rdi), %xmm14
+ xorl %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm2, %xmm3
+ pxor %xmm2, %xmm4
+ pxor %xmm2, %xmm5
+ pxor %xmm2, %xmm6
+ pxor %xmm2, %xmm7
+ pxor %xmm2, %xmm8
+ pxor %xmm2, %xmm9
+ pxor %xmm2, %xmm10
+
+// complete loop unrolling
+ movdqu 16(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ movdqu 160(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 176(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xde /* aesenclast %xmm14, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xe6 /* aesenclast %xmm14, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xee /* aesenclast %xmm14, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xf6 /* aesenclast %xmm14, %xmm7 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xfe /* aesenclast %xmm14, %xmm3 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xc6 /* aesenclast %xmm14, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xce /* aesenclast %xmm14, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xd6 /* aesenclast %xmm14, %xmm10 */
+
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+ movdqu 160(%rdi), %xmm12
+ movdqu 176(%rdi), %xmm13
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm2, %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xcb /* aesenc %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcc /* aesenc %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcd /* aesenc %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xce /* aesenc %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcf /* aesenc %xmm7, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc8 /* aesenc %xmm8, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xca /* aesenc %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcc /* aesenc %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcd /* aesenc %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xce /* aesenclast %xmm14, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: xor %eax, %eax
+ ret
+ .size intel_aes_encrypt_ecb_192, .-intel_aes_encrypt_ecb_192
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_decrypt_ecb_192,@function
+ .globl intel_aes_decrypt_ecb_192
+ .align 16
+intel_aes_decrypt_ecb_192:
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdi), %xmm2
+ movdqu 192(%rdi), %xmm14
+ xorl %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm14, %xmm3
+ pxor %xmm14, %xmm4
+ pxor %xmm14, %xmm5
+ pxor %xmm14, %xmm6
+ pxor %xmm14, %xmm7
+ pxor %xmm14, %xmm8
+ pxor %xmm14, %xmm9
+ pxor %xmm14, %xmm10
+
+// complete loop unrolling
+ movdqu 176(%rdi), %xmm1
+ movdqu 160(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 16(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x0f,0x38,0xdf,0xda /* aesdeclast %xmm2, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdf,0xe2 /* aesdeclast %xmm2, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdf,0xea /* aesdeclast %xmm2, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdf,0xf2 /* aesdeclast %xmm2, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdf,0xfa /* aesdeclast %xmm2, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xc2 /* aesdeclast %xmm2, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xd2 /* aesdeclast %xmm2, %xmm10 */
+
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+ movdqu 160(%rdi), %xmm12
+ movdqu 176(%rdi), %xmm13
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm14, %xmm1
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcd /* aesdec %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcc /* aesdec %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xca /* aesdec %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc9 /* aesdec %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc8 /* aesdec %xmm8, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcf /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xce /* aesdec %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcd /* aesdec %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcc /* aesdec %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcb /* aesdec %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: xor %eax, %eax
+ ret
+ .size intel_aes_decrypt_ecb_192, .-intel_aes_decrypt_ecb_192
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_encrypt_cbc_192,@function
+ .globl intel_aes_encrypt_cbc_192
+ .align 16
+intel_aes_encrypt_cbc_192:
+ testl %r9d, %r9d
+ je 2f
+
+// leaq IV_OFFSET(%rdi), %rdx
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 16(%rdi), %rdx
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdx), %xmm0
+ movdqu (%rdi), %xmm2
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+ movdqu 160(%rdi), %xmm12
+ movdqu 176(%rdi), %xmm13
+ movdqu 192(%rdi), %xmm14
+
+ xorl %eax, %eax
+1: movdqu (%r8, %rax), %xmm1
+ pxor %xmm0, %xmm1
+ pxor %xmm2, %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xcb /* aesenc %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcc /* aesenc %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcd /* aesenc %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xce /* aesenc %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcf /* aesenc %xmm7, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc8 /* aesenc %xmm8, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xca /* aesenc %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcc /* aesenc %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcd /* aesenc %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xce /* aesenclast %xmm14, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ movdqa %xmm1, %xmm0
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 1b
+
+ movdqu %xmm0, (%rdx)
+
+2: xor %eax, %eax
+ ret
+ .size intel_aes_encrypt_cbc_192, .-intel_aes_encrypt_cbc_192
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %exx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_decrypt_cbc_192,@function
+ .globl intel_aes_decrypt_cbc_192
+ .align 16
+intel_aes_decrypt_cbc_192:
+ leaq 16(%rdi), %rdx
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdx), %xmm0
+ movdqu (%rdi), %xmm2
+ movdqu 192(%rdi), %xmm14
+ xorl %eax, %eax
+ cmpl $128, %r9d
+ jb 1f
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm14, %xmm3
+ pxor %xmm14, %xmm4
+ pxor %xmm14, %xmm5
+ pxor %xmm14, %xmm6
+ pxor %xmm14, %xmm7
+ pxor %xmm14, %xmm8
+ pxor %xmm14, %xmm9
+ pxor %xmm14, %xmm10
+
+// complete loop unrolling
+ movdqu 176(%rdi), %xmm1
+ movdqu 160(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 16(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x0f,0x38,0xdf,0xda /* aesdeclast %xmm2, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdf,0xe2 /* aesdeclast %xmm2, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdf,0xea /* aesdeclast %xmm2, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdf,0xf2 /* aesdeclast %xmm2, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdf,0xfa /* aesdeclast %xmm2, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xc2 /* aesdeclast %xmm2, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xd2 /* aesdeclast %xmm2, %xmm10 */
+
+ pxor %xmm0, %xmm3
+ movdqu (%r8, %rax), %xmm0
+ pxor %xmm0, %xmm4
+ movdqu 16(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm5
+ movdqu 32(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm6
+ movdqu 48(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm7
+ movdqu 64(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm8
+ movdqu 80(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm9
+ movdqu 96(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm10
+ movdqu 112(%r8, %rax), %xmm0
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm3
+ movdqu 32(%rdi), %xmm4
+ movdqu 48(%rdi), %xmm5
+ movdqu 64(%rdi), %xmm6
+ movdqu 80(%rdi), %xmm7
+ movdqu 96(%rdi), %xmm8
+ movdqu 112(%rdi), %xmm9
+ movdqu 128(%rdi), %xmm10
+ movdqu 144(%rdi), %xmm11
+ movdqu 160(%rdi), %xmm12
+ movdqu 176(%rdi), %xmm13
+
+4: movdqu (%r8, %rax), %xmm1
+ movdqa %xmm1, %xmm15
+ pxor %xmm14, %xmm1
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcd /* aesdec %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcc /* aesdec %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xca /* aesdec %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc9 /* aesdec %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc8 /* aesdec %xmm8, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcf /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xce /* aesdec %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcd /* aesdec %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcc /* aesdec %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcb /* aesdec %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm1 */
+ pxor %xmm0, %xmm1
+ movdqu %xmm1, (%rsi, %rax)
+ movdqa %xmm15, %xmm0
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: movdqu %xmm0, (%rdx)
+
+ xor %eax, %eax
+ ret
+ .size intel_aes_decrypt_cbc_192, .-intel_aes_decrypt_cbc_192
+
+/* in %rdi : the key
+ in %rsi : buffer for expanded key
+*/
+ .type intel_aes_encrypt_init_256,@function
+ .globl intel_aes_encrypt_init_256
+ .align 16
+intel_aes_encrypt_init_256:
+ movdqu (%rdi), %xmm1
+ movdqu 16(%rdi), %xmm3
+ movdqu %xmm1, (%rsi)
+ movdqu %xmm3, 16(%rsi)
+ leaq 32(%rsi), %rsi
+ xor %eax, %eax
+
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x01 /* aeskeygenassist $0x01, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x02 /* aeskeygenassist $0x02, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x04 /* aeskeygenassist $0x04, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x08 /* aeskeygenassist $0x08, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x10 /* aeskeygenassist $0x10, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x20 /* aeskeygenassist $0x20, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x40 /* aeskeygenassist $0x40, %xmm3, %xmm2 */
+ pxor %xmm6, %xmm6
+ pshufd $0xff, %xmm2, %xmm2
+ shufps $0x10, %xmm1, %xmm6
+ pxor %xmm6, %xmm1
+ shufps $0x8c, %xmm1, %xmm6
+ pxor %xmm2, %xmm1
+ pxor %xmm6, %xmm1
+ movdqu %xmm1, (%rsi)
+
+ ret
+ .size intel_aes_encrypt_init_256, .-intel_aes_encrypt_init_256
+
+
+/* in %rdi : the key
+ in %rsi : buffer for expanded key
+*/
+ .type intel_aes_decrypt_init_256,@function
+ .globl intel_aes_decrypt_init_256
+ .align 16
+intel_aes_decrypt_init_256:
+ movdqu (%rdi), %xmm1
+ movdqu 16(%rdi), %xmm3
+ movdqu %xmm1, (%rsi)
+ .byte 0x66,0x0f,0x38,0xdb,0xe3 /* aesimc %xmm3, %xmm4 */
+ movdqu %xmm4, 16(%rsi)
+ leaq 32(%rsi), %rsi
+ xor %eax, %eax
+
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x01 /* aeskeygenassist $0x01, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x38,0xdb,0xe1 /* aesimc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdb,0xeb /* aesimc %xmm3, %xmm5 */
+ movdqu %xmm4, -32(%rsi)
+ movdqu %xmm5, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x02 /* aeskeygenassist $0x02, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x38,0xdb,0xe1 /* aesimc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdb,0xeb /* aesimc %xmm3, %xmm5 */
+ movdqu %xmm4, -32(%rsi)
+ movdqu %xmm5, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x04 /* aeskeygenassist $0x04, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x38,0xdb,0xe1 /* aesimc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdb,0xeb /* aesimc %xmm3, %xmm5 */
+ movdqu %xmm4, -32(%rsi)
+ movdqu %xmm5, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x08 /* aeskeygenassist $0x08, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x38,0xdb,0xe1 /* aesimc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdb,0xeb /* aesimc %xmm3, %xmm5 */
+ movdqu %xmm4, -32(%rsi)
+ movdqu %xmm5, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x10 /* aeskeygenassist $0x10, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x38,0xdb,0xe1 /* aesimc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdb,0xeb /* aesimc %xmm3, %xmm5 */
+ movdqu %xmm4, -32(%rsi)
+ movdqu %xmm5, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x20 /* aeskeygenassist $0x20, %xmm3, %xmm2 */
+ call key_expansion256
+ .byte 0x66,0x0f,0x38,0xdb,0xe1 /* aesimc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdb,0xeb /* aesimc %xmm3, %xmm5 */
+ movdqu %xmm4, -32(%rsi)
+ movdqu %xmm5, -16(%rsi)
+ .byte 0x66,0x0f,0x3a,0xdf,0xd3,0x40 /* aeskeygenassist $0x40, %xmm3, %xmm2 */
+ pxor %xmm6, %xmm6
+ pshufd $0xff, %xmm2, %xmm2
+ shufps $0x10, %xmm1, %xmm6
+ pxor %xmm6, %xmm1
+ shufps $0x8c, %xmm1, %xmm6
+ pxor %xmm2, %xmm1
+ pxor %xmm6, %xmm1
+ movdqu %xmm1, (%rsi)
+
+ ret
+ .size intel_aes_decrypt_init_256, .-intel_aes_decrypt_init_256
+
+
+ .type key_expansion256,@function
+ .align 16
+key_expansion256:
+ movd %eax, %xmm6
+ pshufd $0xff, %xmm2, %xmm2
+ shufps $0x10, %xmm1, %xmm6
+ pxor %xmm6, %xmm1
+ shufps $0x8c, %xmm1, %xmm6
+ pxor %xmm2, %xmm1
+ pxor %xmm6, %xmm1
+ movdqu %xmm1, (%rsi)
+
+ addq $16, %rsi
+ .byte 0x66,0x0f,0x3a,0xdf,0xe1,0x00 /* aeskeygenassist $0, %xmm1, %xmm4 */
+ pshufd $0xaa, %xmm4, %xmm4
+ shufps $0x10, %xmm3, %xmm6
+ pxor %xmm6, %xmm3
+ shufps $0x8c, %xmm3, %xmm6
+ pxor %xmm4, %xmm3
+ pxor %xmm6, %xmm3
+ movdqu %xmm3, (%rsi)
+ addq $16, %rsi
+ ret
+ .size key_expansion256, .-key_expansion256
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_encrypt_ecb_256,@function
+ .globl intel_aes_encrypt_ecb_256
+ .align 16
+intel_aes_encrypt_ecb_256:
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdi), %xmm2
+ movdqu 224(%rdi), %xmm15
+ xorl %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm2, %xmm3
+ pxor %xmm2, %xmm4
+ pxor %xmm2, %xmm5
+ pxor %xmm2, %xmm6
+ pxor %xmm2, %xmm7
+ pxor %xmm2, %xmm8
+ pxor %xmm2, %xmm9
+ pxor %xmm2, %xmm10
+
+// complete loop unrolling
+ movdqu 16(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ movdqu 160(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 176(%rdi), %xmm1
+ movdqu 192(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xdb /* aesenc %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xe3 /* aesenc %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xeb /* aesenc %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xf3 /* aesenc %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xfb /* aesenc %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xc3 /* aesenc %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdc,0xd3 /* aesenc %xmm11, %xmm10 */
+
+ movdqu 208(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xdc,0xd9 /* aesenc %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe1 /* aesenc %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdc,0xe9 /* aesenc %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf1 /* aesenc %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdc,0xf9 /* aesenc %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc1 /* aesenc %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdc,0xd1 /* aesenc %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xdf /* aesenclast %xmm15, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xe7 /* aesenclast %xmm15, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xef /* aesenclast %xmm15, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xf7 /* aesenclast %xmm15, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xff /* aesenclast %xmm15, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xc7 /* aesenclast %xmm15, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xcf /* aesenclast %xmm15, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xdd,0xd7 /* aesenclast %xmm15, %xmm10 */
+
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu (%rdi), %xmm8
+ movdqu 16(%rdi), %xmm2
+ movdqu 32(%rdi), %xmm3
+ movdqu 48(%rdi), %xmm4
+ movdqu 64(%rdi), %xmm5
+ movdqu 80(%rdi), %xmm6
+ movdqu 96(%rdi), %xmm7
+ movdqu 128(%rdi), %xmm9
+ movdqu 144(%rdi), %xmm10
+ movdqu 160(%rdi), %xmm11
+ movdqu 176(%rdi), %xmm12
+ movdqu 192(%rdi), %xmm13
+ movdqu 208(%rdi), %xmm14
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm8, %xmm1
+ movdqu 112(%rdi), %xmm8
+ .byte 0x66,0x0f,0x38,0xdc,0xca /* aesenc %xmm2, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcb /* aesenc %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcc /* aesenc %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcd /* aesenc %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xce /* aesenc %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcf /* aesenc %xmm7, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc8 /* aesenc %xmm8, %xmm1 */
+ movdqu (%rdi), %xmm8
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xca /* aesenc %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcc /* aesenc %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcd /* aesenc %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xce /* aesenc %xmm14, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xcf /* aesenclast %xmm15, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: xor %eax, %eax
+ ret
+ .size intel_aes_encrypt_ecb_256, .-intel_aes_encrypt_ecb_256
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_decrypt_ecb_256,@function
+ .globl intel_aes_decrypt_ecb_256
+ .align 16
+intel_aes_decrypt_ecb_256:
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdi), %xmm2
+ movdqu 224(%rdi), %xmm15
+ xorl %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm15, %xmm3
+ pxor %xmm15, %xmm4
+ pxor %xmm15, %xmm5
+ pxor %xmm15, %xmm6
+ pxor %xmm15, %xmm7
+ pxor %xmm15, %xmm8
+ pxor %xmm15, %xmm9
+ pxor %xmm15, %xmm10
+
+// complete loop unrolling
+ movdqu 208(%rdi), %xmm1
+ movdqu 192(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 176(%rdi), %xmm1
+ movdqu 160(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 16(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x0f,0x38,0xdf,0xda /* aesdeclast %xmm2, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdf,0xe2 /* aesdeclast %xmm2, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdf,0xea /* aesdeclast %xmm2, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdf,0xf2 /* aesdeclast %xmm2, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdf,0xfa /* aesdeclast %xmm2, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xc2 /* aesdeclast %xmm2, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xd2 /* aesdeclast %xmm2, %xmm10 */
+
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm2
+ movdqu 32(%rdi), %xmm3
+ movdqu 48(%rdi), %xmm4
+ movdqu 64(%rdi), %xmm5
+ movdqu 80(%rdi), %xmm6
+ movdqu 96(%rdi), %xmm7
+ movdqu 112(%rdi), %xmm8
+ movdqu 128(%rdi), %xmm9
+ movdqu 144(%rdi), %xmm10
+ movdqu 160(%rdi), %xmm11
+ movdqu 176(%rdi), %xmm12
+ movdqu 192(%rdi), %xmm13
+ movdqu 208(%rdi), %xmm14
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm15, %xmm1
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xce /* aesdec %xmm14, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcd /* aesdec %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcc /* aesdec %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xca /* aesdec %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc9 /* aesdec %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc8 /* aesdec %xmm8, %xmm1 */
+ movdqu (%rdi), %xmm8
+ .byte 0x66,0x0f,0x38,0xde,0xcf /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xce /* aesdec %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcd /* aesdec %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcc /* aesdec %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcb /* aesdec %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xca /* aesdec %xmm2, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdf,0xc8 /* aesdeclast %xmm8, %xmm1 */
+ movdqu 112(%rdi), %xmm8
+ movdqu %xmm1, (%rsi, %rax)
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: xor %eax, %eax
+ ret
+ .size intel_aes_decrypt_ecb_256, .-intel_aes_decrypt_ecb_256
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_encrypt_cbc_256,@function
+ .globl intel_aes_encrypt_cbc_256
+ .align 16
+intel_aes_encrypt_cbc_256:
+ testl %r9d, %r9d
+ je 2f
+
+// leaq IV_OFFSET(%rdi), %rdx
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 16(%rdi), %rdx
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdx), %xmm0
+ movdqu (%rdi), %xmm8
+ movdqu 16(%rdi), %xmm2
+ movdqu 32(%rdi), %xmm3
+ movdqu 48(%rdi), %xmm4
+ movdqu 64(%rdi), %xmm5
+ movdqu 80(%rdi), %xmm6
+ movdqu 96(%rdi), %xmm7
+ movdqu 128(%rdi), %xmm9
+ movdqu 144(%rdi), %xmm10
+ movdqu 160(%rdi), %xmm11
+ movdqu 176(%rdi), %xmm12
+ movdqu 192(%rdi), %xmm13
+ movdqu 208(%rdi), %xmm14
+ movdqu 224(%rdi), %xmm15
+
+ xorl %eax, %eax
+1: movdqu (%r8, %rax), %xmm1
+ pxor %xmm0, %xmm1
+ pxor %xmm8, %xmm1
+ movdqu 112(%rdi), %xmm8
+ .byte 0x66,0x0f,0x38,0xdc,0xca /* aesenc %xmm2, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcb /* aesenc %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcc /* aesenc %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcd /* aesenc %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xce /* aesenc %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xdc,0xcf /* aesenc %xmm7, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc8 /* aesenc %xmm8, %xmm1 */
+ movdqu (%rdi), %xmm8
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xc9 /* aesenc %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xca /* aesenc %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcb /* aesenc %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcc /* aesenc %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xcd /* aesenc %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdc,0xce /* aesenc %xmm14, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdd,0xcf /* aesenclast %xmm15, %xmm1 */
+ movdqu %xmm1, (%rsi, %rax)
+ movdqa %xmm1, %xmm0
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 1b
+
+ movdqu %xmm0, (%rdx)
+
+2: xor %eax, %eax
+ ret
+ .size intel_aes_encrypt_cbc_256, .-intel_aes_encrypt_cbc_256
+
+
+/* in %rdi : cx - context
+ in %rsi : output - pointer to output buffer
+ in %rdx : outputLen - pointer to variable for length of output
+ (already filled in by caller)
+ in %ecx : maxOutputLen - length of output buffer
+ (already checked by caller)
+ in %r8 : input - pointer to input buffer
+ in %r9d : inputLen - length of input buffer
+ on stack: blocksize - AES blocksize (always 16, unused)
+*/
+ .type intel_aes_decrypt_cbc_256,@function
+ .globl intel_aes_decrypt_cbc_256
+ .align 16
+intel_aes_decrypt_cbc_256:
+// leaq IV_OFFSET(%rdi), %rdx
+// leaq EXPANDED_KEY_OFFSET(%rdi), %rdi
+ leaq 16(%rdi), %rdx
+ leaq 48(%rdi), %rdi
+
+ movdqu (%rdx), %xmm0
+ movdqu (%rdi), %xmm2
+ movdqu 224(%rdi), %xmm15
+ xorl %eax, %eax
+// cmpl $8*16, %r9d
+ cmpl $128, %r9d
+ jb 1f
+// leal -8*16(%r9), %r11d
+ leal -128(%r9), %r11d
+2: movdqu (%r8, %rax), %xmm3
+ movdqu 16(%r8, %rax), %xmm4
+ movdqu 32(%r8, %rax), %xmm5
+ movdqu 48(%r8, %rax), %xmm6
+ movdqu 64(%r8, %rax), %xmm7
+ movdqu 80(%r8, %rax), %xmm8
+ movdqu 96(%r8, %rax), %xmm9
+ movdqu 112(%r8, %rax), %xmm10
+ pxor %xmm15, %xmm3
+ pxor %xmm15, %xmm4
+ pxor %xmm15, %xmm5
+ pxor %xmm15, %xmm6
+ pxor %xmm15, %xmm7
+ pxor %xmm15, %xmm8
+ pxor %xmm15, %xmm9
+ pxor %xmm15, %xmm10
+
+// complete loop unrolling
+ movdqu 208(%rdi), %xmm1
+ movdqu 192(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 176(%rdi), %xmm1
+ movdqu 160(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 144(%rdi), %xmm1
+ movdqu 128(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 112(%rdi), %xmm1
+ movdqu 96(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 80(%rdi), %xmm1
+ movdqu 64(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 48(%rdi), %xmm1
+ movdqu 32(%rdi), %xmm11
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xdb /* aesdec %xmm11, %xmm3 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xe3 /* aesdec %xmm11, %xmm4 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xeb /* aesdec %xmm11, %xmm5 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xf3 /* aesdec %xmm11, %xmm6 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xfb /* aesdec %xmm11, %xmm7 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xc3 /* aesdec %xmm11, %xmm8 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm9 */
+ .byte 0x66,0x45,0x0f,0x38,0xde,0xd3 /* aesdec %xmm11, %xmm10 */
+
+ movdqu 16(%rdi), %xmm1
+ .byte 0x66,0x0f,0x38,0xde,0xd9 /* aesdec %xmm1, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xde,0xe1 /* aesdec %xmm1, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xde,0xe9 /* aesdec %xmm1, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xde,0xf1 /* aesdec %xmm1, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xde,0xf9 /* aesdec %xmm1, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc1 /* aesdec %xmm1, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xc9 /* aesdec %xmm1, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xde,0xd1 /* aesdec %xmm1, %xmm10 */
+ .byte 0x66,0x0f,0x38,0xdf,0xda /* aesdeclast %xmm2, %xmm3 */
+ .byte 0x66,0x0f,0x38,0xdf,0xe2 /* aesdeclast %xmm2, %xmm4 */
+ .byte 0x66,0x0f,0x38,0xdf,0xea /* aesdeclast %xmm2, %xmm5 */
+ .byte 0x66,0x0f,0x38,0xdf,0xf2 /* aesdeclast %xmm2, %xmm6 */
+ .byte 0x66,0x0f,0x38,0xdf,0xfa /* aesdeclast %xmm2, %xmm7 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xc2 /* aesdeclast %xmm2, %xmm8 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xca /* aesdeclast %xmm2, %xmm9 */
+ .byte 0x66,0x44,0x0f,0x38,0xdf,0xd2 /* aesdeclast %xmm2, %xmm10 */
+
+ pxor %xmm0, %xmm3
+ movdqu (%r8, %rax), %xmm0
+ pxor %xmm0, %xmm4
+ movdqu 16(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm5
+ movdqu 32(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm6
+ movdqu 48(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm7
+ movdqu 64(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm8
+ movdqu 80(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm9
+ movdqu 96(%r8, %rax), %xmm0
+ pxor %xmm0, %xmm10
+ movdqu 112(%r8, %rax), %xmm0
+ movdqu %xmm3, (%rsi, %rax)
+ movdqu %xmm4, 16(%rsi, %rax)
+ movdqu %xmm5, 32(%rsi, %rax)
+ movdqu %xmm6, 48(%rsi, %rax)
+ movdqu %xmm7, 64(%rsi, %rax)
+ movdqu %xmm8, 80(%rsi, %rax)
+ movdqu %xmm9, 96(%rsi, %rax)
+ movdqu %xmm10, 112(%rsi, %rax)
+// addl $8*16, %eax
+ addl $128, %eax
+ cmpl %r11d, %eax
+ jbe 2b
+1: cmpl %eax, %r9d
+ je 5f
+
+ movdqu 16(%rdi), %xmm2
+ movdqu 32(%rdi), %xmm3
+ movdqu 48(%rdi), %xmm4
+ movdqu 64(%rdi), %xmm5
+ movdqu 80(%rdi), %xmm6
+ movdqu 96(%rdi), %xmm7
+ movdqu 112(%rdi), %xmm8
+ movdqu 128(%rdi), %xmm9
+ movdqu 144(%rdi), %xmm10
+ movdqu 160(%rdi), %xmm11
+ movdqu 176(%rdi), %xmm12
+ movdqu 192(%rdi), %xmm13
+ movdqu 208(%rdi), %xmm14
+
+4: movdqu (%r8, %rax), %xmm1
+ pxor %xmm15, %xmm1
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xce /* aesdec %xmm14, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcd /* aesdec %xmm13, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcc /* aesdec %xmm12, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xcb /* aesdec %xmm11, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xca /* aesdec %xmm10, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc9 /* aesdec %xmm9, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xde,0xc8 /* aesdec %xmm8, %xmm1 */
+ movdqu (%rdi), %xmm8
+ .byte 0x66,0x0f,0x38,0xde,0xcf /* aesdec %xmm7, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xce /* aesdec %xmm6, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcd /* aesdec %xmm5, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcc /* aesdec %xmm4, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xcb /* aesdec %xmm3, %xmm1 */
+ .byte 0x66,0x0f,0x38,0xde,0xca /* aesdec %xmm2, %xmm1 */
+ .byte 0x66,0x41,0x0f,0x38,0xdf,0xc8 /* aesdeclast %xmm8, %xmm1 */
+ movdqu 112(%rdi), %xmm8
+ pxor %xmm0, %xmm1
+ movdqu (%r8, %rax), %xmm0 /* fetch the IV before we store the block */
+ movdqu %xmm1, (%rsi, %rax) /* in case input buf = output buf */
+ addl $16, %eax
+ cmpl %eax, %r9d
+ jne 4b
+
+5: movdqu %xmm0, (%rdx)
+
+ xor %eax, %eax
+ ret
+ .size intel_aes_decrypt_cbc_256, .-intel_aes_decrypt_cbc_256
diff --git a/security/nss/lib/freebl/intel-gcm-wrap.c b/security/nss/lib/freebl/intel-gcm-wrap.c
new file mode 100644
index 000000000..8c5eaf021
--- /dev/null
+++ b/security/nss/lib/freebl/intel-gcm-wrap.c
@@ -0,0 +1,254 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* Copyright(c) 2013, Intel Corp. */
+
+/* Wrapper functions for Intel optimized implementation of AES-GCM */
+
+#ifdef USE_HW_AES
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapii.h"
+#include "blapit.h"
+#include "gcm.h"
+#include "ctr.h"
+#include "secerr.h"
+#include "prtypes.h"
+#include "pkcs11t.h"
+
+#include <limits.h>
+
+#include "intel-gcm.h"
+#include "rijndael.h"
+
+#include <emmintrin.h>
+#include <tmmintrin.h>
+
+struct intel_AES_GCMContextStr {
+ unsigned char Htbl[16 * AES_BLOCK_SIZE];
+ unsigned char X0[AES_BLOCK_SIZE];
+ unsigned char T[AES_BLOCK_SIZE];
+ unsigned char CTR[AES_BLOCK_SIZE];
+ AESContext *aes_context;
+ unsigned long tagBits;
+ unsigned long Alen;
+ unsigned long Mlen;
+};
+
+intel_AES_GCMContext *
+intel_AES_GCM_CreateContext(void *context,
+ freeblCipherFunc cipher,
+ const unsigned char *params,
+ unsigned int blocksize)
+{
+ intel_AES_GCMContext *gcm = NULL;
+ AESContext *aes = (AESContext *)context;
+ const CK_GCM_PARAMS *gcmParams = (const CK_GCM_PARAMS *)params;
+ unsigned char buff[AES_BLOCK_SIZE]; /* aux buffer */
+
+ unsigned long IV_whole_len = gcmParams->ulIvLen & (~0xful);
+ unsigned int IV_remainder_len = gcmParams->ulIvLen & 0xful;
+ unsigned long AAD_whole_len = gcmParams->ulAADLen & (~0xful);
+ unsigned int AAD_remainder_len = gcmParams->ulAADLen & 0xful;
+
+ __m128i BSWAP_MASK = _mm_setr_epi8(15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0);
+ __m128i ONE = _mm_set_epi32(0, 0, 0, 1);
+ unsigned int j;
+ SECStatus rv;
+
+ if (blocksize != AES_BLOCK_SIZE) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ gcm = PORT_ZNew(intel_AES_GCMContext);
+
+ if (gcm == NULL) {
+ return NULL;
+ }
+
+ /* initialize context fields */
+ gcm->aes_context = aes;
+ gcm->tagBits = gcmParams->ulTagBits;
+ gcm->Alen = 0;
+ gcm->Mlen = 0;
+
+ /* first prepare H and its derivatives for ghash */
+ intel_aes_gcmINIT(gcm->Htbl, (unsigned char *)aes->expandedKey, aes->Nr);
+
+ /* Initial TAG value is zero */
+ _mm_storeu_si128((__m128i *)gcm->T, _mm_setzero_si128());
+ _mm_storeu_si128((__m128i *)gcm->X0, _mm_setzero_si128());
+
+ /* Init the counter */
+ if (gcmParams->ulIvLen == 12) {
+ _mm_storeu_si128((__m128i *)gcm->CTR,
+ _mm_setr_epi32(((unsigned int *)gcmParams->pIv)[0],
+ ((unsigned int *)gcmParams->pIv)[1],
+ ((unsigned int *)gcmParams->pIv)[2],
+ 0x01000000));
+ } else {
+ /* If IV size is not 96 bits, then the initial counter value is GHASH
+ * of the IV */
+ intel_aes_gcmAAD(gcm->Htbl, gcmParams->pIv, IV_whole_len, gcm->T);
+
+ /* Partial block */
+ if (IV_remainder_len) {
+ PORT_Memset(buff, 0, AES_BLOCK_SIZE);
+ PORT_Memcpy(buff, gcmParams->pIv + IV_whole_len, IV_remainder_len);
+ intel_aes_gcmAAD(gcm->Htbl, buff, AES_BLOCK_SIZE, gcm->T);
+ }
+
+ intel_aes_gcmTAG(
+ gcm->Htbl,
+ gcm->T,
+ gcmParams->ulIvLen,
+ 0,
+ gcm->X0,
+ gcm->CTR);
+
+ /* TAG should be zero again */
+ _mm_storeu_si128((__m128i *)gcm->T, _mm_setzero_si128());
+ }
+
+ /* Encrypt the initial counter, will be used to encrypt the GHASH value,
+ * in the end */
+ rv = (*cipher)(context, gcm->X0, &j, AES_BLOCK_SIZE, gcm->CTR,
+ AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Promote the counter by 1 */
+ _mm_storeu_si128((__m128i *)gcm->CTR, _mm_shuffle_epi8(_mm_add_epi32(ONE, _mm_shuffle_epi8(_mm_loadu_si128((__m128i *)gcm->CTR), BSWAP_MASK)), BSWAP_MASK));
+
+ /* Now hash AAD - it would actually make sense to seperate the context
+ * creation from the AAD, because that would allow to reuse the H, which
+ * only changes when the AES key changes, and not every package, like the
+ * IV and AAD */
+ intel_aes_gcmAAD(gcm->Htbl, gcmParams->pAAD, AAD_whole_len, gcm->T);
+ if (AAD_remainder_len) {
+ PORT_Memset(buff, 0, AES_BLOCK_SIZE);
+ PORT_Memcpy(buff, gcmParams->pAAD + AAD_whole_len, AAD_remainder_len);
+ intel_aes_gcmAAD(gcm->Htbl, buff, AES_BLOCK_SIZE, gcm->T);
+ }
+ gcm->Alen += gcmParams->ulAADLen;
+ return gcm;
+
+loser:
+ PORT_Free(gcm);
+ return NULL;
+}
+
+void
+intel_AES_GCM_DestroyContext(intel_AES_GCMContext *gcm, PRBool freeit)
+{
+ if (freeit) {
+ PORT_Free(gcm);
+ }
+}
+
+SECStatus
+intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm,
+ unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ unsigned int tagBytes;
+ unsigned char T[AES_BLOCK_SIZE];
+ unsigned int j;
+
+ tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE;
+ if (UINT_MAX - inlen < tagBytes) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxout < inlen + tagBytes) {
+ *outlen = inlen + tagBytes;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ intel_aes_gcmENC(
+ inbuf,
+ outbuf,
+ gcm,
+ inlen);
+
+ gcm->Mlen += inlen;
+
+ intel_aes_gcmTAG(
+ gcm->Htbl,
+ gcm->T,
+ gcm->Mlen,
+ gcm->Alen,
+ gcm->X0,
+ T);
+
+ *outlen = inlen + tagBytes;
+
+ for (j = 0; j < tagBytes; j++) {
+ outbuf[inlen + j] = T[j];
+ }
+ return SECSuccess;
+}
+
+SECStatus
+intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm,
+ unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize)
+{
+ unsigned int tagBytes;
+ unsigned char T[AES_BLOCK_SIZE];
+ const unsigned char *intag;
+
+ tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE;
+
+ /* get the authentication block */
+ if (inlen < tagBytes) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ inlen -= tagBytes;
+ intag = inbuf + inlen;
+
+ if (maxout < inlen) {
+ *outlen = inlen;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ intel_aes_gcmDEC(
+ inbuf,
+ outbuf,
+ gcm,
+ inlen);
+
+ gcm->Mlen += inlen;
+ intel_aes_gcmTAG(
+ gcm->Htbl,
+ gcm->T,
+ gcm->Mlen,
+ gcm->Alen,
+ gcm->X0,
+ T);
+
+ if (NSS_SecureMemcmp(T, intag, tagBytes) != 0) {
+ memset(outbuf, 0, inlen);
+ *outlen = 0;
+ /* force a CKR_ENCRYPTED_DATA_INVALID error at in softoken */
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ *outlen = inlen;
+
+ return SECSuccess;
+}
+
+#endif
diff --git a/security/nss/lib/freebl/intel-gcm-x64-masm.asm b/security/nss/lib/freebl/intel-gcm-x64-masm.asm
new file mode 100644
index 000000000..8b68b76e5
--- /dev/null
+++ b/security/nss/lib/freebl/intel-gcm-x64-masm.asm
@@ -0,0 +1,1295 @@
+; LICENSE:
+; This submission to NSS is to be made available under the terms of the
+; Mozilla Public License, v. 2.0. You can obtain one at http:
+; //mozilla.org/MPL/2.0/.
+;###############################################################################
+; Copyright(c) 2014, Intel Corp.
+; Developers and authors:
+; Shay Gueron and Vlad Krasnov
+; Intel Corporation, Israel Development Centre, Haifa, Israel
+; Please send feedback directly to crypto.feedback.alias@intel.com
+
+
+.DATA
+ALIGN 16
+Lone dq 1,0
+Ltwo dq 2,0
+Lbswap_mask db 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+Lshuff_mask dq 0f0f0f0f0f0f0f0fh, 0f0f0f0f0f0f0f0fh
+Lpoly dq 01h, 0c200000000000000h
+
+.CODE
+
+
+GFMUL MACRO DST, SRC1, SRC2, TMP1, TMP2, TMP3, TMP4
+ vpclmulqdq TMP1, SRC2, SRC1, 0h
+ vpclmulqdq TMP4, SRC2, SRC1, 011h
+
+ vpshufd TMP2, SRC2, 78
+ vpshufd TMP3, SRC1, 78
+ vpxor TMP2, TMP2, SRC2
+ vpxor TMP3, TMP3, SRC1
+
+ vpclmulqdq TMP2, TMP2, TMP3, 0h
+ vpxor TMP2, TMP2, TMP1
+ vpxor TMP2, TMP2, TMP4
+
+ vpslldq TMP3, TMP2, 8
+ vpsrldq TMP2, TMP2, 8
+
+ vpxor TMP1, TMP1, TMP3
+ vpxor TMP4, TMP4, TMP2
+
+ vpclmulqdq TMP2, TMP1, [Lpoly], 010h
+ vpshufd TMP3, TMP1, 78
+ vpxor TMP1, TMP2, TMP3
+
+ vpclmulqdq TMP2, TMP1, [Lpoly], 010h
+ vpshufd TMP3, TMP1, 78
+ vpxor TMP1, TMP2, TMP3
+
+ vpxor DST, TMP1, TMP4
+
+ ENDM
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Generates the final GCM tag
+; void intel_aes_gcmTAG(unsigned char Htbl[16*16],
+; unsigned char *Tp,
+; unsigned int Mlen,
+; unsigned int Alen,
+; unsigned char *X0,
+; unsigned char *TAG);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmTAG PROC
+
+Htbl textequ <rcx>
+Tp textequ <rdx>
+Mlen textequ <r8>
+Alen textequ <r9>
+X0 textequ <r10>
+TAG textequ <r11>
+
+T textequ <xmm0>
+TMP0 textequ <xmm1>
+
+ mov X0, [rsp + 1*8 + 4*8]
+ mov TAG, [rsp + 1*8 + 5*8]
+
+ vzeroupper
+ vmovdqu T, XMMWORD PTR[Tp]
+ vpxor TMP0, TMP0, TMP0
+
+ shl Mlen, 3
+ shl Alen, 3
+
+ ;vpinsrq TMP0, TMP0, Mlen, 0
+ ;vpinsrq TMP0, TMP0, Alen, 1
+ ; workaround the ml64.exe vpinsrq issue
+ vpinsrd TMP0, TMP0, r8d, 0
+ vpinsrd TMP0, TMP0, r9d, 2
+ shr Mlen, 32
+ shr Alen, 32
+ vpinsrd TMP0, TMP0, r8d, 1
+ vpinsrd TMP0, TMP0, r9d, 3
+
+ vpxor T, T, TMP0
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL T, T, TMP0, xmm2, xmm3, xmm4, xmm5
+
+ vpshufb T, T, [Lbswap_mask]
+ vpxor T, T, [X0]
+ vmovdqu XMMWORD PTR[TAG], T
+ vzeroupper
+
+ ret
+
+intel_aes_gcmTAG ENDP
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Generates the H table
+; void intel_aes_gcmINIT(unsigned char Htbl[16*16], unsigned char *KS, int NR);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmINIT PROC
+
+Htbl textequ <rcx>
+KS textequ <rdx>
+NR textequ <r8d>
+
+T textequ <xmm0>
+TMP0 textequ <xmm1>
+
+ vzeroupper
+ ; AES-ENC(0)
+ vmovdqu T, XMMWORD PTR[KS]
+ lea KS, [16 + KS]
+ dec NR
+Lenc_loop:
+ vaesenc T, T, [KS]
+ lea KS, [16 + KS]
+ dec NR
+ jnz Lenc_loop
+
+ vaesenclast T, T, [KS]
+ vpshufb T, T, [Lbswap_mask]
+
+ ;Calculate H` = GFMUL(H, 2)
+ vpsrad xmm3, T, 31
+ vpshufd xmm3, xmm3, 0ffh
+ vpand xmm5, xmm3, [Lpoly]
+ vpsrld xmm3, T, 31
+ vpslld xmm4, T, 1
+ vpslldq xmm3, xmm3, 4
+ vpxor T, xmm4, xmm3
+ vpxor T, T, xmm5
+
+ vmovdqu TMP0, T
+ vmovdqu XMMWORD PTR[Htbl + 0*16], T
+
+ vpshufd xmm2, T, 78
+ vpxor xmm2, xmm2, T
+ vmovdqu XMMWORD PTR[Htbl + 8*16 + 0*16], xmm2
+
+ i = 1
+ WHILE i LT 8
+ GFMUL T, T, TMP0, xmm2, xmm3, xmm4, xmm5
+ vmovdqu XMMWORD PTR[Htbl + i*16], T
+ vpshufd xmm2, T, 78
+ vpxor xmm2, xmm2, T
+ vmovdqu XMMWORD PTR[Htbl + 8*16 + i*16], xmm2
+ i = i+1
+ ENDM
+ vzeroupper
+ ret
+intel_aes_gcmINIT ENDP
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Authenticate only
+; void intel_aes_gcmAAD(unsigned char Htbl[16*16], unsigned char *AAD, unsigned int Alen, unsigned char *Tp);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmAAD PROC
+
+Htbl textequ <rcx>
+inp textequ <rdx>
+len textequ <r8>
+Tp textequ <r9>
+hlp0 textequ <r10>
+
+DATA textequ <xmm0>
+T textequ <xmm1>
+TMP0 textequ <xmm2>
+TMP1 textequ <xmm3>
+TMP2 textequ <xmm4>
+TMP3 textequ <xmm5>
+TMP4 textequ <xmm6>
+Xhi textequ <xmm7>
+
+KARATSUBA_AAD MACRO i
+ vpclmulqdq TMP3, DATA, [Htbl + i*16], 0h
+ vpxor TMP0, TMP0, TMP3
+ vpclmulqdq TMP3, DATA, [Htbl + i*16], 011h
+ vpxor TMP1, TMP1, TMP3
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP3, TMP3, [Htbl + 8*16 + i*16], 0h
+ vpxor TMP2, TMP2, TMP3
+ENDM
+
+ test len, len
+ jnz LbeginAAD
+ ret
+
+LbeginAAD:
+ vzeroupper
+
+ sub rsp, 2*16
+ vmovdqu XMMWORD PTR[rsp + 0*16], xmm6
+ vmovdqu XMMWORD PTR[rsp + 1*16], xmm7
+
+ vpxor Xhi, Xhi, Xhi
+
+ vmovdqu T, XMMWORD PTR[Tp]
+ ;we hash 8 block each iteration, if the total amount of blocks is not a multiple of 8, we hash the first n%8 blocks first
+ mov hlp0, len
+ and hlp0, 128-1
+ jz Lmod_loop
+
+ and len, -128
+ sub hlp0, 16
+
+ ; Prefix block
+ vmovdqu DATA, XMMWORD PTR[inp]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ vpxor DATA, DATA, T
+
+ vpclmulqdq TMP0, DATA, [Htbl + hlp0], 0h
+ vpclmulqdq TMP1, DATA, [Htbl + hlp0], 011h
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP2, TMP3, [Htbl + 8*16 + hlp0], 0h
+
+ lea inp, [inp+16]
+ test hlp0, hlp0
+ jnz Lpre_loop
+ jmp Lred1
+
+ ;hash remaining prefix bocks (up to 7 total prefix blocks)
+Lpre_loop:
+
+ sub hlp0, 16
+
+ vmovdqu DATA, XMMWORD PTR[inp]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP3, DATA, [Htbl + hlp0], 0h
+ vpxor TMP0, TMP0, TMP3
+ vpclmulqdq TMP3, DATA, [Htbl + hlp0], 011h
+ vpxor TMP1, TMP1, TMP3
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP3, TMP3, [Htbl + 8*16 + hlp0], 0h
+ vpxor TMP2, TMP2, TMP3
+
+ test hlp0, hlp0
+ lea inp, [inp+16]
+ jnz Lpre_loop
+
+Lred1:
+
+ vpxor TMP2, TMP2, TMP0
+ vpxor TMP2, TMP2, TMP1
+ vpsrldq TMP3, TMP2, 8
+ vpslldq TMP2, TMP2, 8
+
+ vpxor Xhi, TMP1, TMP3
+ vpxor T, TMP0, TMP2
+
+
+Lmod_loop:
+
+ sub len, 16*8
+ jb Ldone
+ ; Block #0
+ vmovdqu DATA, XMMWORD PTR[inp + 16*7]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP0, DATA, [Htbl + 0*16], 0h
+ vpclmulqdq TMP1, DATA, [Htbl + 0*16], 011h
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP2, TMP3, [Htbl + 8*16 + 0*16], 0h
+
+ ; Block #1
+ vmovdqu DATA, XMMWORD PTR[inp + 16*6]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 1
+
+ ; Block #2
+ vmovdqu DATA, XMMWORD PTR[inp + 16*5]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP4, T, [Lpoly], 010h ;reduction stage 1a
+ vpalignr T, T, T, 8
+
+ KARATSUBA_AAD 2
+
+ vpxor T, T, TMP4 ;reduction stage 1b
+
+ ; Block #3
+ vmovdqu DATA, XMMWORD PTR[inp + 16*4]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 3
+ ; Block #4
+ vmovdqu DATA, XMMWORD PTR[inp + 16*3]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP4, T, [Lpoly], 010h ;reduction stage 2a
+ vpalignr T, T, T, 8
+
+ KARATSUBA_AAD 4
+
+ vpxor T, T, TMP4 ;reduction stage 2b
+ ; Block #5
+ vmovdqu DATA, XMMWORD PTR[inp + 16*2]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 5
+
+ vpxor T, T, Xhi ;reduction finalize
+ ; Block #6
+ vmovdqu DATA, XMMWORD PTR[inp + 16*1]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 6
+ ; Block #7
+ vmovdqu DATA, XMMWORD PTR[inp + 16*0]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ vpxor DATA, DATA, T
+ KARATSUBA_AAD 7
+ ; Aggregated 8 blocks, now karatsuba fixup
+ vpxor TMP2, TMP2, TMP0
+ vpxor TMP2, TMP2, TMP1
+ vpsrldq TMP3, TMP2, 8
+ vpslldq TMP2, TMP2, 8
+
+ vpxor Xhi, TMP1, TMP3
+ vpxor T, TMP0, TMP2
+
+ lea inp, [inp + 16*8]
+ jmp Lmod_loop
+
+Ldone:
+ vpclmulqdq TMP4, T, [Lpoly], 010h
+ vpalignr T, T, T, 8
+ vpxor T, T, TMP4
+
+ vpclmulqdq TMP4, T, [Lpoly], 010h
+ vpalignr T, T, T, 8
+ vpxor T, T, TMP4
+
+ vpxor T, T, Xhi
+ vmovdqu XMMWORD PTR[Tp], T
+ vzeroupper
+
+ vmovdqu xmm6, XMMWORD PTR[rsp + 0*16]
+ vmovdqu xmm7, XMMWORD PTR[rsp + 1*16]
+ add rsp, 16*2
+
+ ret
+
+intel_aes_gcmAAD ENDP
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Encrypt and Authenticate
+; void intel_aes_gcmENC(unsigned char* PT, unsigned char* CT, void *Gctx, unsigned int len);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmENC PROC
+
+PT textequ <rcx>
+CT textequ <rdx>
+Htbl textequ <r8>
+Gctx textequ <r8>
+len textequ <r9>
+KS textequ <r10>
+NR textequ <eax>
+
+aluCTR textequ <r11d>
+aluKSl textequ <r12d>
+aluTMP textequ <r13d>
+
+T textequ <xmm0>
+TMP0 textequ <xmm1>
+TMP1 textequ <xmm2>
+TMP2 textequ <xmm3>
+TMP3 textequ <xmm4>
+TMP4 textequ <xmm5>
+TMP5 textequ <xmm6>
+CTR0 textequ <xmm7>
+CTR1 textequ <xmm8>
+CTR2 textequ <xmm9>
+CTR3 textequ <xmm10>
+CTR4 textequ <xmm11>
+CTR5 textequ <xmm12>
+CTR6 textequ <xmm13>
+CTR7 textequ <xmm14>
+BSWAPMASK textequ <xmm15>
+
+ROUND MACRO i
+ vmovdqu TMP3, XMMWORD PTR[i*16 + KS]
+ vaesenc CTR0, CTR0, TMP3
+ vaesenc CTR1, CTR1, TMP3
+ vaesenc CTR2, CTR2, TMP3
+ vaesenc CTR3, CTR3, TMP3
+ vaesenc CTR4, CTR4, TMP3
+ vaesenc CTR5, CTR5, TMP3
+ vaesenc CTR6, CTR6, TMP3
+ vaesenc CTR7, CTR7, TMP3
+ENDM
+ROUNDMUL MACRO i
+ vmovdqu TMP3, XMMWORD PTR[i*16 + KS]
+
+ vaesenc CTR0, CTR0, TMP3
+ vaesenc CTR1, CTR1, TMP3
+ vaesenc CTR2, CTR2, TMP3
+ vaesenc CTR3, CTR3, TMP3
+
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+
+ vaesenc CTR4, CTR4, TMP3
+ vaesenc CTR5, CTR5, TMP3
+ vaesenc CTR6, CTR6, TMP3
+ vaesenc CTR7, CTR7, TMP3
+
+ vpclmulqdq TMP3, TMP4, XMMWORD PTR[i*16 + 8*16 + Htbl], 000h
+ vpxor TMP0, TMP0, TMP3
+ vmovdqu TMP4, XMMWORD PTR[i*16 + Htbl]
+ vpclmulqdq TMP3, TMP5, TMP4, 011h
+ vpxor TMP1, TMP1, TMP3
+ vpclmulqdq TMP3, TMP5, TMP4, 000h
+ vpxor TMP2, TMP2, TMP3
+ENDM
+KARATSUBA MACRO i
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP3, TMP4, XMMWORD PTR[i*16 + 8*16 + Htbl], 000h
+ vpxor TMP0, TMP0, TMP3
+ vmovdqu TMP4, XMMWORD PTR[i*16 + Htbl]
+ vpclmulqdq TMP3, TMP5, TMP4, 011h
+ vpxor TMP1, TMP1, TMP3
+ vpclmulqdq TMP3, TMP5, TMP4, 000h
+ vpxor TMP2, TMP2, TMP3
+ENDM
+NEXTCTR MACRO i
+ add aluCTR, 1
+ mov aluTMP, aluCTR
+ xor aluTMP, aluKSl
+ bswap aluTMP
+ mov [3*4 + 8*16 + i*16 + rsp], aluTMP
+ENDM
+
+
+ test len, len
+ jnz LbeginENC
+ ret
+
+LbeginENC:
+
+ vzeroupper
+ push r11
+ push r12
+ push r13
+ push rbp
+ sub rsp, 10*16
+ vmovdqu XMMWORD PTR[rsp + 0*16], xmm6
+ vmovdqu XMMWORD PTR[rsp + 1*16], xmm7
+ vmovdqu XMMWORD PTR[rsp + 2*16], xmm8
+ vmovdqu XMMWORD PTR[rsp + 3*16], xmm9
+ vmovdqu XMMWORD PTR[rsp + 4*16], xmm10
+ vmovdqu XMMWORD PTR[rsp + 5*16], xmm11
+ vmovdqu XMMWORD PTR[rsp + 6*16], xmm12
+ vmovdqu XMMWORD PTR[rsp + 7*16], xmm13
+ vmovdqu XMMWORD PTR[rsp + 8*16], xmm14
+ vmovdqu XMMWORD PTR[rsp + 9*16], xmm15
+
+ mov rbp, rsp
+ sub rsp, 16*16
+ and rsp, -16
+
+ vmovdqu T, XMMWORD PTR[16*16 + 1*16 + Gctx]
+ vmovdqu CTR0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vmovdqu BSWAPMASK, XMMWORD PTR[Lbswap_mask]
+ mov KS, [16*16 + 3*16 + Gctx]
+ mov NR, [4 + KS]
+ lea KS, [48 + KS]
+
+ vpshufb CTR0, CTR0, BSWAPMASK
+
+ mov aluCTR, [16*16 + 2*16 + 3*4 + Gctx]
+ mov aluKSl, [3*4 + KS]
+ bswap aluCTR
+ bswap aluKSl
+
+ vmovdqu TMP0, XMMWORD PTR[0*16 + KS]
+ vpxor TMP0, TMP0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vmovdqu XMMWORD PTR[8*16 + 0*16 + rsp], TMP0
+
+ cmp len, 128
+ jb LEncDataSingles
+; Prepare the "top" counters
+ vmovdqu XMMWORD PTR[8*16 + 1*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 2*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 3*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 4*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 5*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 6*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 7*16 + rsp], TMP0
+
+; Encrypt the initial 8 blocks
+ sub len, 128
+ vpaddd CTR1, CTR0, XMMWORD PTR[Lone]
+ vpaddd CTR2, CTR0, XMMWORD PTR[Ltwo]
+ vpaddd CTR3, CTR2, XMMWORD PTR[Lone]
+ vpaddd CTR4, CTR2, XMMWORD PTR[Ltwo]
+ vpaddd CTR5, CTR4, XMMWORD PTR[Lone]
+ vpaddd CTR6, CTR4, XMMWORD PTR[Ltwo]
+ vpaddd CTR7, CTR6, XMMWORD PTR[Lone]
+
+ vpshufb CTR0, CTR0, BSWAPMASK
+ vpshufb CTR1, CTR1, BSWAPMASK
+ vpshufb CTR2, CTR2, BSWAPMASK
+ vpshufb CTR3, CTR3, BSWAPMASK
+ vpshufb CTR4, CTR4, BSWAPMASK
+ vpshufb CTR5, CTR5, BSWAPMASK
+ vpshufb CTR6, CTR6, BSWAPMASK
+ vpshufb CTR7, CTR7, BSWAPMASK
+
+ vmovdqu TMP3, XMMWORD PTR[0*16 + KS]
+ vpxor CTR0, CTR0, TMP3
+ vpxor CTR1, CTR1, TMP3
+ vpxor CTR2, CTR2, TMP3
+ vpxor CTR3, CTR3, TMP3
+ vpxor CTR4, CTR4, TMP3
+ vpxor CTR5, CTR5, TMP3
+ vpxor CTR6, CTR6, TMP3
+ vpxor CTR7, CTR7, TMP3
+
+ ROUND 1
+
+ add aluCTR, 8
+ mov aluTMP, aluCTR
+ xor aluTMP, aluKSl
+ bswap aluTMP
+ mov [8*16 + 0*16 + 3*4 + rsp], aluTMP
+
+ ROUND 2
+ NEXTCTR 1
+ ROUND 3
+ NEXTCTR 2
+ ROUND 4
+ NEXTCTR 3
+ ROUND 5
+ NEXTCTR 4
+ ROUND 6
+ NEXTCTR 5
+ ROUND 7
+ NEXTCTR 6
+ ROUND 8
+ NEXTCTR 7
+ ROUND 9
+ vmovdqu TMP5, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+
+ ROUND 10
+ ROUND 11
+ vmovdqu TMP5, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+
+ ROUND 12
+ ROUND 13
+ vmovdqu TMP5, XMMWORD PTR[14*16 + KS]
+@@:
+ vpxor TMP3, TMP5, XMMWORD PTR[0*16 + PT]
+ vaesenclast CTR0, CTR0, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[1*16 + PT]
+ vaesenclast CTR1, CTR1, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[2*16 + PT]
+ vaesenclast CTR2, CTR2, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[3*16 + PT]
+ vaesenclast CTR3, CTR3, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[4*16 + PT]
+ vaesenclast CTR4, CTR4, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[5*16 + PT]
+ vaesenclast CTR5, CTR5, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[6*16 + PT]
+ vaesenclast CTR6, CTR6, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[7*16 + PT]
+ vaesenclast CTR7, CTR7, TMP3
+
+ vmovdqu XMMWORD PTR[0*16 + CT], CTR0
+ vpshufb CTR0, CTR0, BSWAPMASK
+ vmovdqu XMMWORD PTR[1*16 + CT], CTR1
+ vpshufb CTR1, CTR1, BSWAPMASK
+ vmovdqu XMMWORD PTR[2*16 + CT], CTR2
+ vpshufb CTR2, CTR2, BSWAPMASK
+ vmovdqu XMMWORD PTR[3*16 + CT], CTR3
+ vpshufb CTR3, CTR3, BSWAPMASK
+ vmovdqu XMMWORD PTR[4*16 + CT], CTR4
+ vpshufb CTR4, CTR4, BSWAPMASK
+ vmovdqu XMMWORD PTR[5*16 + CT], CTR5
+ vpshufb CTR5, CTR5, BSWAPMASK
+ vmovdqu XMMWORD PTR[6*16 + CT], CTR6
+ vpshufb CTR6, CTR6, BSWAPMASK
+ vmovdqu XMMWORD PTR[7*16 + CT], CTR7
+ vpshufb TMP5, CTR7, BSWAPMASK
+
+ vmovdqa XMMWORD PTR[1*16 + rsp], CTR6
+ vmovdqa XMMWORD PTR[2*16 + rsp], CTR5
+ vmovdqa XMMWORD PTR[3*16 + rsp], CTR4
+ vmovdqa XMMWORD PTR[4*16 + rsp], CTR3
+ vmovdqa XMMWORD PTR[5*16 + rsp], CTR2
+ vmovdqa XMMWORD PTR[6*16 + rsp], CTR1
+ vmovdqa XMMWORD PTR[7*16 + rsp], CTR0
+
+ lea CT, [8*16 + CT]
+ lea PT, [8*16 + PT]
+ jmp LEncDataOctets
+
+LEncDataOctets:
+ cmp len, 128
+ jb LEndEncOctets
+ sub len, 128
+
+ vmovdqa CTR0, XMMWORD PTR[8*16 + 0*16 + rsp]
+ vmovdqa CTR1, XMMWORD PTR[8*16 + 1*16 + rsp]
+ vmovdqa CTR2, XMMWORD PTR[8*16 + 2*16 + rsp]
+ vmovdqa CTR3, XMMWORD PTR[8*16 + 3*16 + rsp]
+ vmovdqa CTR4, XMMWORD PTR[8*16 + 4*16 + rsp]
+ vmovdqa CTR5, XMMWORD PTR[8*16 + 5*16 + rsp]
+ vmovdqa CTR6, XMMWORD PTR[8*16 + 6*16 + rsp]
+ vmovdqa CTR7, XMMWORD PTR[8*16 + 7*16 + rsp]
+
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP0, TMP4, XMMWORD PTR[0*16 + 8*16 + Htbl], 000h
+ vmovdqu TMP4, XMMWORD PTR[0*16 + Htbl]
+ vpclmulqdq TMP1, TMP5, TMP4, 011h
+ vpclmulqdq TMP2, TMP5, TMP4, 000h
+
+ vmovdqu TMP5, XMMWORD PTR[1*16 + rsp]
+ ROUNDMUL 1
+ NEXTCTR 0
+ vmovdqu TMP5, XMMWORD PTR[2*16 + rsp]
+ ROUNDMUL 2
+ NEXTCTR 1
+ vmovdqu TMP5, XMMWORD PTR[3*16 + rsp]
+ ROUNDMUL 3
+ NEXTCTR 2
+ vmovdqu TMP5, XMMWORD PTR[4*16 + rsp]
+ ROUNDMUL 4
+ NEXTCTR 3
+ vmovdqu TMP5, XMMWORD PTR[5*16 + rsp]
+ ROUNDMUL 5
+ NEXTCTR 4
+ vmovdqu TMP5, XMMWORD PTR[6*16 + rsp]
+ ROUNDMUL 6
+ NEXTCTR 5
+ vpxor TMP5, T, XMMWORD PTR[7*16 + rsp]
+ ROUNDMUL 7
+ NEXTCTR 6
+
+ ROUND 8
+ NEXTCTR 7
+
+ vpxor TMP0, TMP0, TMP1
+ vpxor TMP0, TMP0, TMP2
+ vpsrldq TMP3, TMP0, 8
+ vpxor TMP4, TMP1, TMP3
+ vpslldq TMP3, TMP0, 8
+ vpxor T, TMP2, TMP3
+
+ vpclmulqdq TMP1, T, XMMWORD PTR[Lpoly], 010h
+ vpalignr T,T,T,8
+ vpxor T, T, TMP1
+
+ ROUND 9
+
+ vpclmulqdq TMP1, T, XMMWORD PTR[Lpoly], 010h
+ vpalignr T,T,T,8
+ vpxor T, T, TMP1
+
+ vmovdqu TMP5, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+
+ ROUND 10
+ ROUND 11
+ vmovdqu TMP5, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+
+ ROUND 12
+ ROUND 13
+ vmovdqu TMP5, XMMWORD PTR[14*16 + KS]
+@@:
+ vpxor TMP3, TMP5, XMMWORD PTR[0*16 + PT]
+ vaesenclast CTR0, CTR0, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[1*16 + PT]
+ vaesenclast CTR1, CTR1, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[2*16 + PT]
+ vaesenclast CTR2, CTR2, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[3*16 + PT]
+ vaesenclast CTR3, CTR3, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[4*16 + PT]
+ vaesenclast CTR4, CTR4, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[5*16 + PT]
+ vaesenclast CTR5, CTR5, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[6*16 + PT]
+ vaesenclast CTR6, CTR6, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[7*16 + PT]
+ vaesenclast CTR7, CTR7, TMP3
+
+ vmovdqu XMMWORD PTR[0*16 + CT], CTR0
+ vpshufb CTR0, CTR0, BSWAPMASK
+ vmovdqu XMMWORD PTR[1*16 + CT], CTR1
+ vpshufb CTR1, CTR1, BSWAPMASK
+ vmovdqu XMMWORD PTR[2*16 + CT], CTR2
+ vpshufb CTR2, CTR2, BSWAPMASK
+ vmovdqu XMMWORD PTR[3*16 + CT], CTR3
+ vpshufb CTR3, CTR3, BSWAPMASK
+ vmovdqu XMMWORD PTR[4*16 + CT], CTR4
+ vpshufb CTR4, CTR4, BSWAPMASK
+ vmovdqu XMMWORD PTR[5*16 + CT], CTR5
+ vpshufb CTR5, CTR5, BSWAPMASK
+ vmovdqu XMMWORD PTR[6*16 + CT], CTR6
+ vpshufb CTR6, CTR6, BSWAPMASK
+ vmovdqu XMMWORD PTR[7*16 + CT], CTR7
+ vpshufb TMP5, CTR7, BSWAPMASK
+
+ vmovdqa XMMWORD PTR[1*16 + rsp], CTR6
+ vmovdqa XMMWORD PTR[2*16 + rsp], CTR5
+ vmovdqa XMMWORD PTR[3*16 + rsp], CTR4
+ vmovdqa XMMWORD PTR[4*16 + rsp], CTR3
+ vmovdqa XMMWORD PTR[5*16 + rsp], CTR2
+ vmovdqa XMMWORD PTR[6*16 + rsp], CTR1
+ vmovdqa XMMWORD PTR[7*16 + rsp], CTR0
+
+ vpxor T, T, TMP4
+
+ lea CT, [8*16 + CT]
+ lea PT, [8*16 + PT]
+ jmp LEncDataOctets
+
+LEndEncOctets:
+
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP0, TMP4, XMMWORD PTR[0*16 + 8*16 + Htbl], 000h
+ vmovdqu TMP4, XMMWORD PTR[0*16 + Htbl]
+ vpclmulqdq TMP1, TMP5, TMP4, 011h
+ vpclmulqdq TMP2, TMP5, TMP4, 000h
+
+ vmovdqu TMP5, XMMWORD PTR[1*16 + rsp]
+ KARATSUBA 1
+ vmovdqu TMP5, XMMWORD PTR[2*16 + rsp]
+ KARATSUBA 2
+ vmovdqu TMP5, XMMWORD PTR[3*16 + rsp]
+ KARATSUBA 3
+ vmovdqu TMP5, XMMWORD PTR[4*16 + rsp]
+ KARATSUBA 4
+ vmovdqu TMP5, XMMWORD PTR[5*16 + rsp]
+ KARATSUBA 5
+ vmovdqu TMP5, XMMWORD PTR[6*16 + rsp]
+ KARATSUBA 6
+ vpxor TMP5, T, XMMWORD PTR[7*16 + rsp]
+ KARATSUBA 7
+
+ vpxor TMP0, TMP0, TMP1
+ vpxor TMP0, TMP0, TMP2
+ vpsrldq TMP3, TMP0, 8
+ vpxor TMP4, TMP1, TMP3
+ vpslldq TMP3, TMP0, 8
+ vpxor T, TMP2, TMP3
+
+ vpclmulqdq TMP1, T, XMMWORD PTR[Lpoly], 010h
+ vpalignr T,T,T,8
+ vpxor T, T, TMP1
+
+ vpclmulqdq TMP1, T, XMMWORD PTR[Lpoly], 010h
+ vpalignr T,T,T,8
+ vpxor T, T, TMP1
+
+ vpxor T, T, TMP4
+
+ sub aluCTR, 7
+
+LEncDataSingles:
+
+ cmp len, 16
+ jb LEncDataTail
+ sub len, 16
+
+ vmovdqa TMP1, XMMWORD PTR[8*16 + 0*16 + rsp]
+ NEXTCTR 0
+
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+ vpxor TMP1, TMP1, XMMWORD PTR[PT]
+ vmovdqu XMMWORD PTR[CT], TMP1
+
+ lea PT, [16+PT]
+ lea CT, [16+CT]
+
+ vpshufb TMP1, TMP1, BSWAPMASK
+ vpxor T, T, TMP1
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL T, T, TMP0, TMP1, TMP2, TMP3, TMP4
+
+ jmp LEncDataSingles
+
+LEncDataTail:
+
+ test len, len
+ jz LEncDataEnd
+
+ vmovdqa TMP1, XMMWORD PTR[8*16 + 0*16 + rsp]
+
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+; zero a temp location
+ vpxor TMP2, TMP2, TMP2
+ vmovdqa XMMWORD PTR[rsp], TMP2
+; copy as many bytes as needed
+ xor KS, KS
+
+@@:
+ cmp len, KS
+ je @f
+ mov al, [PT + KS]
+ mov [rsp + KS], al
+ inc KS
+ jmp @b
+@@:
+ vpxor TMP1, TMP1, XMMWORD PTR[rsp]
+ vmovdqa XMMWORD PTR[rsp], TMP1
+ xor KS, KS
+@@:
+ cmp len, KS
+ je @f
+ mov al, [rsp + KS]
+ mov [CT + KS], al
+ inc KS
+ jmp @b
+@@:
+ cmp KS, 16
+ je @f
+ mov BYTE PTR[rsp + KS], 0
+ inc KS
+ jmp @b
+@@:
+BAIL:
+ vmovdqa TMP1, XMMWORD PTR[rsp]
+ vpshufb TMP1, TMP1, BSWAPMASK
+ vpxor T, T, TMP1
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL T, T, TMP0, TMP1, TMP2, TMP3, TMP4
+
+LEncDataEnd:
+
+ vmovdqu XMMWORD PTR[16*16 + 1*16 + Gctx], T
+ bswap aluCTR
+ mov [16*16 + 2*16 + 3*4 + Gctx], aluCTR
+
+ mov rsp, rbp
+
+ vmovdqu xmm6, XMMWORD PTR[rsp + 0*16]
+ vmovdqu xmm7, XMMWORD PTR[rsp + 1*16]
+ vmovdqu xmm8, XMMWORD PTR[rsp + 2*16]
+ vmovdqu xmm9, XMMWORD PTR[rsp + 3*16]
+ vmovdqu xmm10, XMMWORD PTR[rsp + 4*16]
+ vmovdqu xmm11, XMMWORD PTR[rsp + 5*16]
+ vmovdqu xmm12, XMMWORD PTR[rsp + 6*16]
+ vmovdqu xmm13, XMMWORD PTR[rsp + 7*16]
+ vmovdqu xmm14, XMMWORD PTR[rsp + 8*16]
+ vmovdqu xmm15, XMMWORD PTR[rsp + 9*16]
+
+ add rsp, 10*16
+ pop rbp
+ pop r13
+ pop r12
+ pop r11
+
+ vzeroupper
+
+ ret
+intel_aes_gcmENC ENDP
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Decrypt and Authenticate
+; void intel_aes_gcmDEC(uint8_t* PT, uint8_t* CT, void *Gctx, unsigned int len);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmDEC PROC
+
+NEXTCTR MACRO i
+ add aluCTR, 1
+ mov aluTMP, aluCTR
+ xor aluTMP, aluKSl
+ bswap aluTMP
+ mov [3*4 + i*16 + rsp], aluTMP
+ENDM
+
+PT textequ <rdx>
+CT textequ <rcx>
+
+ test len, len
+ jnz LbeginDEC
+ ret
+
+LbeginDEC:
+
+ vzeroupper
+ push r11
+ push r12
+ push r13
+ push rbp
+ sub rsp, 10*16
+ vmovdqu XMMWORD PTR[rsp + 0*16], xmm6
+ vmovdqu XMMWORD PTR[rsp + 1*16], xmm7
+ vmovdqu XMMWORD PTR[rsp + 2*16], xmm8
+ vmovdqu XMMWORD PTR[rsp + 3*16], xmm9
+ vmovdqu XMMWORD PTR[rsp + 4*16], xmm10
+ vmovdqu XMMWORD PTR[rsp + 5*16], xmm11
+ vmovdqu XMMWORD PTR[rsp + 6*16], xmm12
+ vmovdqu XMMWORD PTR[rsp + 7*16], xmm13
+ vmovdqu XMMWORD PTR[rsp + 8*16], xmm14
+ vmovdqu XMMWORD PTR[rsp + 9*16], xmm15
+
+ mov rbp, rsp
+ sub rsp, 8*16
+ and rsp, -16
+
+ vmovdqu T, XMMWORD PTR[16*16 + 1*16 + Gctx]
+ vmovdqu CTR0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vmovdqu BSWAPMASK, XMMWORD PTR[Lbswap_mask]
+ mov KS, [16*16 + 3*16 + Gctx]
+ mov NR, [4 + KS]
+ lea KS, [48 + KS]
+
+ vpshufb CTR0, CTR0, BSWAPMASK
+
+ mov aluCTR, [16*16 + 2*16 + 3*4 + Gctx]
+ mov aluKSl, [3*4 + KS]
+ bswap aluCTR
+ bswap aluKSl
+
+ vmovdqu TMP0, XMMWORD PTR[0*16 + KS]
+ vpxor TMP0, TMP0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vmovdqu XMMWORD PTR[0*16 + rsp], TMP0
+
+ cmp len, 128
+ jb LDecDataSingles
+; Prepare the "top" counters
+ vmovdqu XMMWORD PTR[1*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[2*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[3*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[4*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[5*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[6*16 + rsp], TMP0
+ vmovdqu XMMWORD PTR[7*16 + rsp], TMP0
+
+ NEXTCTR 1
+ NEXTCTR 2
+ NEXTCTR 3
+ NEXTCTR 4
+ NEXTCTR 5
+ NEXTCTR 6
+ NEXTCTR 7
+
+LDecDataOctets:
+ cmp len, 128
+ jb LEndDecOctets
+ sub len, 128
+
+ vmovdqa CTR0, XMMWORD PTR[0*16 + rsp]
+ vmovdqa CTR1, XMMWORD PTR[1*16 + rsp]
+ vmovdqa CTR2, XMMWORD PTR[2*16 + rsp]
+ vmovdqa CTR3, XMMWORD PTR[3*16 + rsp]
+ vmovdqa CTR4, XMMWORD PTR[4*16 + rsp]
+ vmovdqa CTR5, XMMWORD PTR[5*16 + rsp]
+ vmovdqa CTR6, XMMWORD PTR[6*16 + rsp]
+ vmovdqa CTR7, XMMWORD PTR[7*16 + rsp]
+
+ vmovdqu TMP5, XMMWORD PTR[7*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP0, TMP4, XMMWORD PTR[0*16 + 8*16 + Htbl], 000h
+ vmovdqu TMP4, XMMWORD PTR[0*16 + Htbl]
+ vpclmulqdq TMP1, TMP5, TMP4, 011h
+ vpclmulqdq TMP2, TMP5, TMP4, 000h
+
+ vmovdqu TMP5, XMMWORD PTR[6*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ ROUNDMUL 1
+ NEXTCTR 0
+ vmovdqu TMP5, XMMWORD PTR[5*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ ROUNDMUL 2
+ NEXTCTR 1
+ vmovdqu TMP5, XMMWORD PTR[4*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ ROUNDMUL 3
+ NEXTCTR 2
+ vmovdqu TMP5, XMMWORD PTR[3*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ ROUNDMUL 4
+ NEXTCTR 3
+ vmovdqu TMP5, XMMWORD PTR[2*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ ROUNDMUL 5
+ NEXTCTR 4
+ vmovdqu TMP5, XMMWORD PTR[1*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ ROUNDMUL 6
+ NEXTCTR 5
+ vmovdqu TMP5, XMMWORD PTR[0*16 + CT]
+ vpshufb TMP5, TMP5, BSWAPMASK
+ vpxor TMP5, TMP5, T
+ ROUNDMUL 7
+ NEXTCTR 6
+
+ ROUND 8
+ NEXTCTR 7
+
+ vpxor TMP0, TMP0, TMP1
+ vpxor TMP0, TMP0, TMP2
+ vpsrldq TMP3, TMP0, 8
+ vpxor TMP4, TMP1, TMP3
+ vpslldq TMP3, TMP0, 8
+ vpxor T, TMP2, TMP3
+
+ vpclmulqdq TMP1, T, XMMWORD PTR[Lpoly], 010h
+ vpalignr T,T,T,8
+ vpxor T, T, TMP1
+
+ ROUND 9
+
+ vpclmulqdq TMP1, T, XMMWORD PTR[Lpoly], 010h
+ vpalignr T,T,T,8
+ vpxor T, T, TMP1
+
+ vmovdqu TMP5, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+
+ ROUND 10
+ ROUND 11
+ vmovdqu TMP5, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+
+ ROUND 12
+ ROUND 13
+ vmovdqu TMP5, XMMWORD PTR[14*16 + KS]
+@@:
+ vpxor TMP3, TMP5, XMMWORD PTR[0*16 + CT]
+ vaesenclast CTR0, CTR0, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[1*16 + CT]
+ vaesenclast CTR1, CTR1, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[2*16 + CT]
+ vaesenclast CTR2, CTR2, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[3*16 + CT]
+ vaesenclast CTR3, CTR3, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[4*16 + CT]
+ vaesenclast CTR4, CTR4, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[5*16 + CT]
+ vaesenclast CTR5, CTR5, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[6*16 + CT]
+ vaesenclast CTR6, CTR6, TMP3
+ vpxor TMP3, TMP5, XMMWORD PTR[7*16 + CT]
+ vaesenclast CTR7, CTR7, TMP3
+
+ vmovdqu XMMWORD PTR[0*16 + PT], CTR0
+ vmovdqu XMMWORD PTR[1*16 + PT], CTR1
+ vmovdqu XMMWORD PTR[2*16 + PT], CTR2
+ vmovdqu XMMWORD PTR[3*16 + PT], CTR3
+ vmovdqu XMMWORD PTR[4*16 + PT], CTR4
+ vmovdqu XMMWORD PTR[5*16 + PT], CTR5
+ vmovdqu XMMWORD PTR[6*16 + PT], CTR6
+ vmovdqu XMMWORD PTR[7*16 + PT], CTR7
+
+ vpxor T, T, TMP4
+
+ lea CT, [8*16 + CT]
+ lea PT, [8*16 + PT]
+ jmp LDecDataOctets
+
+LEndDecOctets:
+
+ sub aluCTR, 7
+
+LDecDataSingles:
+
+ cmp len, 16
+ jb LDecDataTail
+ sub len, 16
+
+ vmovdqa TMP1, XMMWORD PTR[0*16 + rsp]
+ NEXTCTR 0
+
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+
+ vmovdqu TMP2, XMMWORD PTR[CT]
+ vpxor TMP1, TMP1, TMP2
+ vmovdqu XMMWORD PTR[PT], TMP1
+
+ lea PT, [16+PT]
+ lea CT, [16+CT]
+
+ vpshufb TMP2, TMP2, BSWAPMASK
+ vpxor T, T, TMP2
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL T, T, TMP0, TMP1, TMP2, TMP3, TMP4
+
+ jmp LDecDataSingles
+
+LDecDataTail:
+
+ test len, len
+ jz LDecDataEnd
+
+ vmovdqa TMP1, XMMWORD PTR[0*16 + rsp]
+ inc aluCTR
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+; copy as many bytes as needed
+ xor KS, KS
+@@:
+ cmp len, KS
+ je @f
+ mov al, [CT + KS]
+ mov [rsp + KS], al
+ inc KS
+ jmp @b
+@@:
+ cmp KS, 16
+ je @f
+ mov BYTE PTR[rsp + KS], 0
+ inc KS
+ jmp @b
+@@:
+ vmovdqa TMP2, XMMWORD PTR[rsp]
+ vpshufb TMP2, TMP2, BSWAPMASK
+ vpxor T, T, TMP2
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL T, T, TMP0, TMP5, TMP2, TMP3, TMP4
+
+
+ vpxor TMP1, TMP1, XMMWORD PTR[rsp]
+ vmovdqa XMMWORD PTR[rsp], TMP1
+ xor KS, KS
+@@:
+ cmp len, KS
+ je @f
+ mov al, [rsp + KS]
+ mov [PT + KS], al
+ inc KS
+ jmp @b
+@@:
+
+LDecDataEnd:
+
+ vmovdqu XMMWORD PTR[16*16 + 1*16 + Gctx], T
+ bswap aluCTR
+ mov [16*16 + 2*16 + 3*4 + Gctx], aluCTR
+
+ mov rsp, rbp
+
+ vmovdqu xmm6, XMMWORD PTR[rsp + 0*16]
+ vmovdqu xmm7, XMMWORD PTR[rsp + 1*16]
+ vmovdqu xmm8, XMMWORD PTR[rsp + 2*16]
+ vmovdqu xmm9, XMMWORD PTR[rsp + 3*16]
+ vmovdqu xmm10, XMMWORD PTR[rsp + 4*16]
+ vmovdqu xmm11, XMMWORD PTR[rsp + 5*16]
+ vmovdqu xmm12, XMMWORD PTR[rsp + 6*16]
+ vmovdqu xmm13, XMMWORD PTR[rsp + 7*16]
+ vmovdqu xmm14, XMMWORD PTR[rsp + 8*16]
+ vmovdqu xmm15, XMMWORD PTR[rsp + 9*16]
+
+ add rsp, 10*16
+ pop rbp
+ pop r13
+ pop r12
+ pop r11
+
+ vzeroupper
+
+ ret
+ret
+intel_aes_gcmDEC ENDP
+
+
+END
diff --git a/security/nss/lib/freebl/intel-gcm-x86-masm.asm b/security/nss/lib/freebl/intel-gcm-x86-masm.asm
new file mode 100644
index 000000000..6362ad859
--- /dev/null
+++ b/security/nss/lib/freebl/intel-gcm-x86-masm.asm
@@ -0,0 +1,1209 @@
+; LICENSE:
+; This submission to NSS is to be made available under the terms of the
+; Mozilla Public License, v. 2.0. You can obtain one at http:
+; //mozilla.org/MPL/2.0/.
+;###############################################################################
+; Copyright(c) 2014, Intel Corp.
+; Developers and authors:
+; Shay Gueron and Vlad Krasnov
+; Intel Corporation, Israel Development Centre, Haifa, Israel
+; Please send feedback directly to crypto.feedback.alias@intel.com
+
+
+.MODEL FLAT, C
+.XMM
+
+.DATA
+ALIGN 16
+Lone dq 1,0
+Ltwo dq 2,0
+Lbswap_mask db 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+Lshuff_mask dq 0f0f0f0f0f0f0f0fh, 0f0f0f0f0f0f0f0fh
+Lpoly dq 01h, 0c200000000000000h
+
+.CODE
+
+
+GFMUL MACRO DST, SRC1, SRC2, TMP1, TMP2, TMP3, TMP4
+ vpclmulqdq TMP1, SRC2, SRC1, 0h
+ vpclmulqdq TMP4, SRC2, SRC1, 011h
+
+ vpshufd TMP2, SRC2, 78
+ vpshufd TMP3, SRC1, 78
+ vpxor TMP2, TMP2, SRC2
+ vpxor TMP3, TMP3, SRC1
+
+ vpclmulqdq TMP2, TMP2, TMP3, 0h
+ vpxor TMP2, TMP2, TMP1
+ vpxor TMP2, TMP2, TMP4
+
+ vpslldq TMP3, TMP2, 8
+ vpsrldq TMP2, TMP2, 8
+
+ vpxor TMP1, TMP1, TMP3
+ vpxor TMP4, TMP4, TMP2
+
+ vpclmulqdq TMP2, TMP1, [Lpoly], 010h
+ vpshufd TMP3, TMP1, 78
+ vpxor TMP1, TMP2, TMP3
+
+ vpclmulqdq TMP2, TMP1, [Lpoly], 010h
+ vpshufd TMP3, TMP1, 78
+ vpxor TMP1, TMP2, TMP3
+
+ vpxor DST, TMP1, TMP4
+
+ ENDM
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Generates the final GCM tag
+; void intel_aes_gcmTAG(unsigned char Htbl[16*16],
+; unsigned char *Tp,
+; unsigned int Mlen,
+; unsigned int Alen,
+; unsigned char* X0,
+; unsigned char* TAG);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmTAG PROC
+
+Htbl textequ <eax>
+Tp textequ <ecx>
+X0 textequ <edx>
+TAG textequ <ebx>
+
+T textequ <xmm0>
+TMP0 textequ <xmm1>
+
+ push ebx
+
+ mov Htbl, [esp + 2*4 + 0*4]
+ mov Tp, [esp + 2*4 + 1*4]
+ mov X0, [esp + 2*4 + 4*4]
+ mov TAG, [esp + 2*4 + 5*4]
+
+ vzeroupper
+ vmovdqu T, XMMWORD PTR[Tp]
+
+ vpxor TMP0, TMP0, TMP0
+ vpinsrd TMP0, TMP0, DWORD PTR[esp + 2*4 + 2*4], 0
+ vpinsrd TMP0, TMP0, DWORD PTR[esp + 2*4 + 3*4], 2
+ vpsllq TMP0, TMP0, 3
+
+ vpxor T, T, TMP0
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL T, T, TMP0, xmm2, xmm3, xmm4, xmm5
+
+ vpshufb T, T, [Lbswap_mask]
+ vpxor T, T, [X0]
+ vmovdqu XMMWORD PTR[TAG], T
+ vzeroupper
+
+ pop ebx
+
+ ret
+
+intel_aes_gcmTAG ENDP
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Generates the H table
+; void intel_aes_gcmINIT(unsigned char Htbl[16*16], unsigned char *KS, int NR);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmINIT PROC
+
+Htbl textequ <eax>
+KS textequ <ecx>
+NR textequ <edx>
+
+T textequ <xmm0>
+TMP0 textequ <xmm1>
+
+ mov Htbl, [esp + 4*1 + 0*4]
+ mov KS, [esp + 4*1 + 1*4]
+ mov NR, [esp + 4*1 + 2*4]
+
+ vzeroupper
+ ; AES-ENC(0)
+ vmovdqu T, XMMWORD PTR[KS]
+ lea KS, [16 + KS]
+ dec NR
+Lenc_loop:
+ vaesenc T, T, [KS]
+ lea KS, [16 + KS]
+ dec NR
+ jnz Lenc_loop
+
+ vaesenclast T, T, [KS]
+ vpshufb T, T, [Lbswap_mask]
+
+ ;Calculate H` = GFMUL(H, 2)
+ vpsrad xmm3, T, 31
+ vpshufd xmm3, xmm3, 0ffh
+ vpand xmm5, xmm3, [Lpoly]
+ vpsrld xmm3, T, 31
+ vpslld xmm4, T, 1
+ vpslldq xmm3, xmm3, 4
+ vpxor T, xmm4, xmm3
+ vpxor T, T, xmm5
+
+ vmovdqu TMP0, T
+ vmovdqu XMMWORD PTR[Htbl + 0*16], T
+
+ vpshufd xmm2, T, 78
+ vpxor xmm2, xmm2, T
+ vmovdqu XMMWORD PTR[Htbl + 8*16 + 0*16], xmm2
+
+ i = 1
+ WHILE i LT 8
+ GFMUL T, T, TMP0, xmm2, xmm3, xmm4, xmm5
+ vmovdqu XMMWORD PTR[Htbl + i*16], T
+ vpshufd xmm2, T, 78
+ vpxor xmm2, xmm2, T
+ vmovdqu XMMWORD PTR[Htbl + 8*16 + i*16], xmm2
+ i = i+1
+ ENDM
+ vzeroupper
+ ret
+intel_aes_gcmINIT ENDP
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Authenticate only
+; void intel_aes_gcmAAD(unsigned char Htbl[16*16], unsigned char *AAD, unsigned int Alen, unsigned char *Tp);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmAAD PROC
+
+Htbl textequ <eax>
+inp textequ <ecx>
+len textequ <edx>
+Tp textequ <ebx>
+hlp0 textequ <esi>
+
+DATA textequ <xmm0>
+T textequ <xmm1>
+TMP0 textequ <xmm2>
+TMP1 textequ <xmm3>
+TMP2 textequ <xmm4>
+TMP3 textequ <xmm5>
+TMP4 textequ <xmm6>
+Xhi textequ <xmm7>
+
+KARATSUBA_AAD MACRO i
+ vpclmulqdq TMP3, DATA, [Htbl + i*16], 0h
+ vpxor TMP0, TMP0, TMP3
+ vpclmulqdq TMP3, DATA, [Htbl + i*16], 011h
+ vpxor TMP1, TMP1, TMP3
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP3, TMP3, [Htbl + 8*16 + i*16], 0h
+ vpxor TMP2, TMP2, TMP3
+ENDM
+
+ cmp DWORD PTR[esp + 1*3 + 2*4], 0
+ jnz LbeginAAD
+ ret
+
+LbeginAAD:
+ push ebx
+ push esi
+
+ mov Htbl, [esp + 4*3 + 0*4]
+ mov inp, [esp + 4*3 + 1*4]
+ mov len, [esp + 4*3 + 2*4]
+ mov Tp, [esp + 4*3 + 3*4]
+
+ vzeroupper
+
+ vpxor Xhi, Xhi, Xhi
+
+ vmovdqu T, XMMWORD PTR[Tp]
+ ;we hash 8 block each iteration, if the total amount of blocks is not a multiple of 8, we hash the first n%8 blocks first
+ mov hlp0, len
+ and hlp0, 128-1
+ jz Lmod_loop
+
+ and len, -128
+ sub hlp0, 16
+
+ ; Prefix block
+ vmovdqu DATA, XMMWORD PTR[inp]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ vpxor DATA, DATA, T
+
+ vpclmulqdq TMP0, DATA, XMMWORD PTR[Htbl + hlp0], 0h
+ vpclmulqdq TMP1, DATA, XMMWORD PTR[Htbl + hlp0], 011h
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP2, TMP3, XMMWORD PTR[Htbl + 8*16 + hlp0], 0h
+
+ lea inp, [inp+16]
+ test hlp0, hlp0
+ jnz Lpre_loop
+ jmp Lred1
+
+ ;hash remaining prefix bocks (up to 7 total prefix blocks)
+Lpre_loop:
+
+ sub hlp0, 16
+
+ vmovdqu DATA, XMMWORD PTR[inp]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP3, DATA, XMMWORD PTR[Htbl + hlp0], 0h
+ vpxor TMP0, TMP0, TMP3
+ vpclmulqdq TMP3, DATA, XMMWORD PTR[Htbl + hlp0], 011h
+ vpxor TMP1, TMP1, TMP3
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP3, TMP3, XMMWORD PTR[Htbl + 8*16 + hlp0], 0h
+ vpxor TMP2, TMP2, TMP3
+
+ test hlp0, hlp0
+ lea inp, [inp+16]
+ jnz Lpre_loop
+
+Lred1:
+
+ vpxor TMP2, TMP2, TMP0
+ vpxor TMP2, TMP2, TMP1
+ vpsrldq TMP3, TMP2, 8
+ vpslldq TMP2, TMP2, 8
+
+ vpxor Xhi, TMP1, TMP3
+ vpxor T, TMP0, TMP2
+
+Lmod_loop:
+
+ sub len, 16*8
+ jb Ldone
+ ; Block #0
+ vmovdqu DATA, XMMWORD PTR[inp + 16*7]
+ vpshufb DATA, DATA, XMMWORD PTR[Lbswap_mask]
+
+ vpclmulqdq TMP0, DATA, XMMWORD PTR[Htbl + 0*16], 0h
+ vpclmulqdq TMP1, DATA, XMMWORD PTR[Htbl + 0*16], 011h
+ vpshufd TMP3, DATA, 78
+ vpxor TMP3, TMP3, DATA
+ vpclmulqdq TMP2, TMP3, XMMWORD PTR[Htbl + 8*16 + 0*16], 0h
+
+ ; Block #1
+ vmovdqu DATA, XMMWORD PTR[inp + 16*6]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 1
+
+ ; Block #2
+ vmovdqu DATA, XMMWORD PTR[inp + 16*5]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP4, T, [Lpoly], 010h ;reduction stage 1a
+ vpalignr T, T, T, 8
+
+ KARATSUBA_AAD 2
+
+ vpxor T, T, TMP4 ;reduction stage 1b
+
+ ; Block #3
+ vmovdqu DATA, XMMWORD PTR[inp + 16*4]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 3
+ ; Block #4
+ vmovdqu DATA, XMMWORD PTR[inp + 16*3]
+ vpshufb DATA, DATA, [Lbswap_mask]
+
+ vpclmulqdq TMP4, T, [Lpoly], 010h ;reduction stage 2a
+ vpalignr T, T, T, 8
+
+ KARATSUBA_AAD 4
+
+ vpxor T, T, TMP4 ;reduction stage 2b
+ ; Block #5
+ vmovdqu DATA, XMMWORD PTR[inp + 16*2]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 5
+
+ vpxor T, T, Xhi ;reduction finalize
+ ; Block #6
+ vmovdqu DATA, XMMWORD PTR[inp + 16*1]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ KARATSUBA_AAD 6
+ ; Block #7
+ vmovdqu DATA, XMMWORD PTR[inp + 16*0]
+ vpshufb DATA, DATA, [Lbswap_mask]
+ vpxor DATA, DATA, T
+ KARATSUBA_AAD 7
+ ; Aggregated 8 blocks, now karatsuba fixup
+ vpxor TMP2, TMP2, TMP0
+ vpxor TMP2, TMP2, TMP1
+ vpsrldq TMP3, TMP2, 8
+ vpslldq TMP2, TMP2, 8
+
+ vpxor Xhi, TMP1, TMP3
+ vpxor T, TMP0, TMP2
+
+ lea inp, [inp + 16*8]
+ jmp Lmod_loop
+
+Ldone:
+ vpclmulqdq TMP4, T, [Lpoly], 010h
+ vpalignr T, T, T, 8
+ vpxor T, T, TMP4
+
+ vpclmulqdq TMP4, T, [Lpoly], 010h
+ vpalignr T, T, T, 8
+ vpxor T, T, TMP4
+
+ vpxor T, T, Xhi
+ vmovdqu XMMWORD PTR[Tp], T
+ vzeroupper
+
+ pop esi
+ pop ebx
+ ret
+
+intel_aes_gcmAAD ENDP
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Encrypt and Authenticate
+; void intel_aes_gcmENC(unsigned char* PT, unsigned char* CT, void *Gctx, unsigned int len);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+ALIGN 16
+intel_aes_gcmENC PROC
+
+PT textequ <eax>
+CT textequ <ecx>
+Htbl textequ <edx>
+Gctx textequ <edx>
+len textequ <DWORD PTR[ebp + 5*4 + 3*4]>
+KS textequ <esi>
+NR textequ <DWORD PTR[-40 + KS]>
+
+aluCTR textequ <ebx>
+aluTMP textequ <edi>
+
+T textequ <XMMWORD PTR[16*16 + 1*16 + Gctx]>
+TMP0 textequ <xmm1>
+TMP1 textequ <xmm2>
+TMP2 textequ <xmm3>
+TMP3 textequ <xmm4>
+TMP4 textequ <xmm5>
+TMP5 textequ <xmm6>
+
+CTR0 textequ <xmm0>
+CTR1 textequ <xmm1>
+CTR2 textequ <xmm2>
+CTR3 textequ <xmm3>
+CTR4 textequ <xmm4>
+CTR5 textequ <xmm5>
+CTR6 textequ <xmm6>
+
+ROUND MACRO i
+ vmovdqu xmm7, XMMWORD PTR[i*16 + KS]
+ vaesenc CTR0, CTR0, xmm7
+ vaesenc CTR1, CTR1, xmm7
+ vaesenc CTR2, CTR2, xmm7
+ vaesenc CTR3, CTR3, xmm7
+ vaesenc CTR4, CTR4, xmm7
+ vaesenc CTR5, CTR5, xmm7
+ vaesenc CTR6, CTR6, xmm7
+ENDM
+
+KARATSUBA MACRO i
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP3, TMP4, XMMWORD PTR[i*16 + 8*16 + Htbl], 000h
+ vpxor TMP0, TMP0, TMP3
+ vmovdqu TMP4, XMMWORD PTR[i*16 + Htbl]
+ vpclmulqdq TMP3, TMP5, TMP4, 011h
+ vpxor TMP1, TMP1, TMP3
+ vpclmulqdq TMP3, TMP5, TMP4, 000h
+ vpxor TMP2, TMP2, TMP3
+ENDM
+
+NEXTCTR MACRO i
+ add aluCTR, 1
+ mov aluTMP, aluCTR
+ bswap aluTMP
+ xor aluTMP, [3*4 + KS]
+ mov [3*4 + 8*16 + i*16 + esp], aluTMP
+ENDM
+
+ cmp DWORD PTR[1*4 + 3*4 + esp], 0
+ jne LbeginENC
+ ret
+
+LbeginENC:
+
+ vzeroupper
+ push ebp
+ push ebx
+ push esi
+ push edi
+
+ mov ebp, esp
+ sub esp, 16*16
+ and esp, -16
+
+ mov PT, [ebp + 5*4 + 0*4]
+ mov CT, [ebp + 5*4 + 1*4]
+ mov Gctx, [ebp + 5*4 + 2*4]
+
+ mov KS, [16*16 + 3*16 + Gctx]
+ lea KS, [44 + KS]
+
+ mov aluCTR, [16*16 + 2*16 + 3*4 + Gctx]
+ bswap aluCTR
+
+
+ vmovdqu TMP0, XMMWORD PTR[0*16 + KS]
+ vpxor TMP0, TMP0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vmovdqu XMMWORD PTR[8*16 + 0*16 + esp], TMP0
+
+ cmp len, 16*7
+ jb LEncDataSingles
+; Prepare the "top" counters
+ vmovdqu XMMWORD PTR[8*16 + 1*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 2*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 3*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 4*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 5*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[8*16 + 6*16 + esp], TMP0
+
+ vmovdqu CTR0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vpshufb CTR0, CTR0, XMMWORD PTR[Lbswap_mask]
+; Encrypt the initial 7 blocks
+ sub len, 16*7
+ vpaddd CTR1, CTR0, XMMWORD PTR[Lone]
+ vpaddd CTR2, CTR0, XMMWORD PTR[Ltwo]
+ vpaddd CTR3, CTR2, XMMWORD PTR[Lone]
+ vpaddd CTR4, CTR2, XMMWORD PTR[Ltwo]
+ vpaddd CTR5, CTR4, XMMWORD PTR[Lone]
+ vpaddd CTR6, CTR4, XMMWORD PTR[Ltwo]
+
+ vpshufb CTR0, CTR0, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR1, CTR1, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR2, CTR2, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR3, CTR3, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR4, CTR4, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR5, CTR5, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR6, CTR6, XMMWORD PTR[Lbswap_mask]
+
+ vmovdqu xmm7, XMMWORD PTR[0*16 + KS]
+ vpxor CTR0, CTR0, xmm7
+ vpxor CTR1, CTR1, xmm7
+ vpxor CTR2, CTR2, xmm7
+ vpxor CTR3, CTR3, xmm7
+ vpxor CTR4, CTR4, xmm7
+ vpxor CTR5, CTR5, xmm7
+ vpxor CTR6, CTR6, xmm7
+
+ ROUND 1
+
+ add aluCTR, 7
+ mov aluTMP, aluCTR
+ bswap aluTMP
+ xor aluTMP, [KS + 3*4]
+ mov [8*16 + 0*16 + 3*4 + esp], aluTMP
+
+ ROUND 2
+ NEXTCTR 1
+ ROUND 3
+ NEXTCTR 2
+ ROUND 4
+ NEXTCTR 3
+ ROUND 5
+ NEXTCTR 4
+ ROUND 6
+ NEXTCTR 5
+ ROUND 7
+ NEXTCTR 6
+ ROUND 8
+ ROUND 9
+ vmovdqu xmm7, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+
+ ROUND 10
+ ROUND 11
+ vmovdqu xmm7, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+
+ ROUND 12
+ ROUND 13
+ vmovdqu xmm7, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast CTR0, CTR0, xmm7
+ vaesenclast CTR1, CTR1, xmm7
+ vaesenclast CTR2, CTR2, xmm7
+ vaesenclast CTR3, CTR3, xmm7
+ vaesenclast CTR4, CTR4, xmm7
+ vaesenclast CTR5, CTR5, xmm7
+ vaesenclast CTR6, CTR6, xmm7
+
+ vpxor CTR0, CTR0, XMMWORD PTR[0*16 + PT]
+ vpxor CTR1, CTR1, XMMWORD PTR[1*16 + PT]
+ vpxor CTR2, CTR2, XMMWORD PTR[2*16 + PT]
+ vpxor CTR3, CTR3, XMMWORD PTR[3*16 + PT]
+ vpxor CTR4, CTR4, XMMWORD PTR[4*16 + PT]
+ vpxor CTR5, CTR5, XMMWORD PTR[5*16 + PT]
+ vpxor CTR6, CTR6, XMMWORD PTR[6*16 + PT]
+
+ vmovdqu XMMWORD PTR[0*16 + CT], CTR0
+ vmovdqu XMMWORD PTR[1*16 + CT], CTR1
+ vmovdqu XMMWORD PTR[2*16 + CT], CTR2
+ vmovdqu XMMWORD PTR[3*16 + CT], CTR3
+ vmovdqu XMMWORD PTR[4*16 + CT], CTR4
+ vmovdqu XMMWORD PTR[5*16 + CT], CTR5
+ vmovdqu XMMWORD PTR[6*16 + CT], CTR6
+
+ vpshufb CTR0, CTR0, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR1, CTR1, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR2, CTR2, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR3, CTR3, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR4, CTR4, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR5, CTR5, XMMWORD PTR[Lbswap_mask]
+ vpshufb TMP5, CTR6, XMMWORD PTR[Lbswap_mask]
+
+ vmovdqa XMMWORD PTR[1*16 + esp], CTR5
+ vmovdqa XMMWORD PTR[2*16 + esp], CTR4
+ vmovdqa XMMWORD PTR[3*16 + esp], CTR3
+ vmovdqa XMMWORD PTR[4*16 + esp], CTR2
+ vmovdqa XMMWORD PTR[5*16 + esp], CTR1
+ vmovdqa XMMWORD PTR[6*16 + esp], CTR0
+
+ lea CT, [7*16 + CT]
+ lea PT, [7*16 + PT]
+ jmp LEncData7
+
+LEncData7:
+ cmp len, 16*7
+ jb LEndEnc7
+ sub len, 16*7
+
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP0, TMP4, XMMWORD PTR[0*16 + 8*16 + Htbl], 000h
+ vmovdqu TMP4, XMMWORD PTR[0*16 + Htbl]
+ vpclmulqdq TMP1, TMP5, TMP4, 011h
+ vpclmulqdq TMP2, TMP5, TMP4, 000h
+
+ vmovdqu TMP5, XMMWORD PTR[1*16 + esp]
+ KARATSUBA 1
+ vmovdqu TMP5, XMMWORD PTR[2*16 + esp]
+ KARATSUBA 2
+ vmovdqu TMP5, XMMWORD PTR[3*16 + esp]
+ KARATSUBA 3
+ vmovdqu TMP5, XMMWORD PTR[4*16 + esp]
+ KARATSUBA 4
+ vmovdqu TMP5, XMMWORD PTR[5*16 + esp]
+ KARATSUBA 5
+ vmovdqu TMP5, XMMWORD PTR[6*16 + esp]
+ vpxor TMP5, TMP5, T
+ KARATSUBA 6
+
+ vpxor TMP0, TMP0, TMP1
+ vpxor TMP0, TMP0, TMP2
+ vpsrldq TMP3, TMP0, 8
+ vpxor TMP4, TMP1, TMP3
+ vpslldq TMP3, TMP0, 8
+ vpxor TMP5, TMP2, TMP3
+
+ vpclmulqdq TMP1, TMP5, XMMWORD PTR[Lpoly], 010h
+ vpalignr TMP5,TMP5,TMP5,8
+ vpxor TMP5, TMP5, TMP1
+
+ vpclmulqdq TMP1, TMP5, XMMWORD PTR[Lpoly], 010h
+ vpalignr TMP5,TMP5,TMP5,8
+ vpxor TMP5, TMP5, TMP1
+
+ vpxor TMP5, TMP5, TMP4
+ vmovdqu T, TMP5
+
+ vmovdqa CTR0, XMMWORD PTR[8*16 + 0*16 + esp]
+ vmovdqa CTR1, XMMWORD PTR[8*16 + 1*16 + esp]
+ vmovdqa CTR2, XMMWORD PTR[8*16 + 2*16 + esp]
+ vmovdqa CTR3, XMMWORD PTR[8*16 + 3*16 + esp]
+ vmovdqa CTR4, XMMWORD PTR[8*16 + 4*16 + esp]
+ vmovdqa CTR5, XMMWORD PTR[8*16 + 5*16 + esp]
+ vmovdqa CTR6, XMMWORD PTR[8*16 + 6*16 + esp]
+
+ ROUND 1
+ NEXTCTR 0
+ ROUND 2
+ NEXTCTR 1
+ ROUND 3
+ NEXTCTR 2
+ ROUND 4
+ NEXTCTR 3
+ ROUND 5
+ NEXTCTR 4
+ ROUND 6
+ NEXTCTR 5
+ ROUND 7
+ NEXTCTR 6
+
+ ROUND 8
+ ROUND 9
+
+ vmovdqu xmm7, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+
+ ROUND 10
+ ROUND 11
+ vmovdqu xmm7, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+
+ ROUND 12
+ ROUND 13
+ vmovdqu xmm7, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast CTR0, CTR0, xmm7
+ vaesenclast CTR1, CTR1, xmm7
+ vaesenclast CTR2, CTR2, xmm7
+ vaesenclast CTR3, CTR3, xmm7
+ vaesenclast CTR4, CTR4, xmm7
+ vaesenclast CTR5, CTR5, xmm7
+ vaesenclast CTR6, CTR6, xmm7
+
+ vpxor CTR0, CTR0, XMMWORD PTR[0*16 + PT]
+ vpxor CTR1, CTR1, XMMWORD PTR[1*16 + PT]
+ vpxor CTR2, CTR2, XMMWORD PTR[2*16 + PT]
+ vpxor CTR3, CTR3, XMMWORD PTR[3*16 + PT]
+ vpxor CTR4, CTR4, XMMWORD PTR[4*16 + PT]
+ vpxor CTR5, CTR5, XMMWORD PTR[5*16 + PT]
+ vpxor CTR6, CTR6, XMMWORD PTR[6*16 + PT]
+
+ vmovdqu XMMWORD PTR[0*16 + CT], CTR0
+ vmovdqu XMMWORD PTR[1*16 + CT], CTR1
+ vmovdqu XMMWORD PTR[2*16 + CT], CTR2
+ vmovdqu XMMWORD PTR[3*16 + CT], CTR3
+ vmovdqu XMMWORD PTR[4*16 + CT], CTR4
+ vmovdqu XMMWORD PTR[5*16 + CT], CTR5
+ vmovdqu XMMWORD PTR[6*16 + CT], CTR6
+
+ vpshufb CTR0, CTR0, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR1, CTR1, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR2, CTR2, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR3, CTR3, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR4, CTR4, XMMWORD PTR[Lbswap_mask]
+ vpshufb CTR5, CTR5, XMMWORD PTR[Lbswap_mask]
+ vpshufb TMP5, CTR6, XMMWORD PTR[Lbswap_mask]
+
+ vmovdqa XMMWORD PTR[1*16 + esp], CTR5
+ vmovdqa XMMWORD PTR[2*16 + esp], CTR4
+ vmovdqa XMMWORD PTR[3*16 + esp], CTR3
+ vmovdqa XMMWORD PTR[4*16 + esp], CTR2
+ vmovdqa XMMWORD PTR[5*16 + esp], CTR1
+ vmovdqa XMMWORD PTR[6*16 + esp], CTR0
+
+ lea CT, [7*16 + CT]
+ lea PT, [7*16 + PT]
+ jmp LEncData7
+
+LEndEnc7:
+
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP0, TMP4, XMMWORD PTR[0*16 + 8*16 + Htbl], 000h
+ vmovdqu TMP4, XMMWORD PTR[0*16 + Htbl]
+ vpclmulqdq TMP1, TMP5, TMP4, 011h
+ vpclmulqdq TMP2, TMP5, TMP4, 000h
+
+ vmovdqu TMP5, XMMWORD PTR[1*16 + esp]
+ KARATSUBA 1
+ vmovdqu TMP5, XMMWORD PTR[2*16 + esp]
+ KARATSUBA 2
+ vmovdqu TMP5, XMMWORD PTR[3*16 + esp]
+ KARATSUBA 3
+ vmovdqu TMP5, XMMWORD PTR[4*16 + esp]
+ KARATSUBA 4
+ vmovdqu TMP5, XMMWORD PTR[5*16 + esp]
+ KARATSUBA 5
+ vmovdqu TMP5, XMMWORD PTR[6*16 + esp]
+ vpxor TMP5, TMP5, T
+ KARATSUBA 6
+
+ vpxor TMP0, TMP0, TMP1
+ vpxor TMP0, TMP0, TMP2
+ vpsrldq TMP3, TMP0, 8
+ vpxor TMP4, TMP1, TMP3
+ vpslldq TMP3, TMP0, 8
+ vpxor TMP5, TMP2, TMP3
+
+ vpclmulqdq TMP1, TMP5, XMMWORD PTR[Lpoly], 010h
+ vpalignr TMP5,TMP5,TMP5,8
+ vpxor TMP5, TMP5, TMP1
+
+ vpclmulqdq TMP1, TMP5, XMMWORD PTR[Lpoly], 010h
+ vpalignr TMP5,TMP5,TMP5,8
+ vpxor TMP5, TMP5, TMP1
+
+ vpxor TMP5, TMP5, TMP4
+ vmovdqu T, TMP5
+
+ sub aluCTR, 6
+
+LEncDataSingles:
+
+ cmp len, 16
+ jb LEncDataTail
+ sub len, 16
+
+ vmovdqa TMP1, XMMWORD PTR[8*16 + 0*16 + esp]
+ NEXTCTR 0
+
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+ vpxor TMP1, TMP1, XMMWORD PTR[PT]
+ vmovdqu XMMWORD PTR[CT], TMP1
+
+ lea PT, [16+PT]
+ lea CT, [16+CT]
+
+ vpshufb TMP1, TMP1, XMMWORD PTR[Lbswap_mask]
+ vpxor TMP1, TMP1, T
+
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL TMP1, TMP1, TMP0, TMP5, TMP2, TMP3, TMP4
+ vmovdqu T, TMP1
+
+ jmp LEncDataSingles
+
+LEncDataTail:
+
+ cmp len, 0
+ je LEncDataEnd
+
+ vmovdqa TMP1, XMMWORD PTR[8*16 + 0*16 + esp]
+
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+; zero a temp location
+ vpxor TMP2, TMP2, TMP2
+ vmovdqa XMMWORD PTR[esp], TMP2
+; copy as many bytes as needed
+ xor KS, KS
+ mov aluTMP, edx
+@@:
+ cmp len, KS
+ je @f
+ mov dl, BYTE PTR[PT + KS]
+ mov BYTE PTR[esp + KS], dl
+ inc KS
+ jmp @b
+@@:
+ vpxor TMP1, TMP1, XMMWORD PTR[esp]
+ vmovdqa XMMWORD PTR[esp], TMP1
+ xor KS, KS
+@@:
+ cmp len, KS
+ je @f
+ mov dl, BYTE PTR[esp + KS]
+ mov BYTE PTR[CT + KS], dl
+ inc KS
+ jmp @b
+@@:
+ cmp KS, 16
+ je @f
+ mov BYTE PTR[esp + KS], 0
+ inc KS
+ jmp @b
+@@:
+ mov edx, aluTMP
+ vmovdqa TMP1, XMMWORD PTR[esp]
+ vpshufb TMP1, TMP1, XMMWORD PTR[Lbswap_mask]
+ vpxor TMP1, TMP1, T
+
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL TMP1, TMP1, TMP0, TMP5, TMP2, TMP3, TMP4
+ vmovdqu T, TMP1
+
+LEncDataEnd:
+ inc aluCTR
+ bswap aluCTR
+ mov [16*16 + 2*16 + 3*4 + Gctx], aluCTR
+
+ mov esp, ebp
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+
+
+ vzeroupper
+
+ ret
+intel_aes_gcmENC ENDP
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; Decrypt and Authenticate
+; void intel_aes_gcmDEC(uint8_t* PT, uint8_t* CT, void *Gctx, unsigned int len);
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+
+NEXTCTR MACRO i
+ add aluCTR, 1
+ mov aluTMP, aluCTR
+ bswap aluTMP
+ xor aluTMP, [3*4 + KS]
+ mov [3*4 + i*16 + esp], aluTMP
+ENDM
+
+intel_aes_gcmDEC PROC
+
+ cmp DWORD PTR[1*4 + 3*4 + esp], 0
+ jne LbeginDEC
+ ret
+
+LbeginDEC:
+
+ vzeroupper
+ push ebp
+ push ebx
+ push esi
+ push edi
+
+ mov ebp, esp
+ sub esp, 8*16
+ and esp, -16
+
+ mov CT, [ebp + 5*4 + 0*4]
+ mov PT, [ebp + 5*4 + 1*4]
+ mov Gctx, [ebp + 5*4 + 2*4]
+
+ mov KS, [16*16 + 3*16 + Gctx]
+ lea KS, [44 + KS]
+
+ mov aluCTR, [16*16 + 2*16 + 3*4 + Gctx]
+ bswap aluCTR
+
+
+ vmovdqu TMP0, XMMWORD PTR[0*16 + KS]
+ vpxor TMP0, TMP0, XMMWORD PTR[16*16 + 2*16 + Gctx]
+ vmovdqu XMMWORD PTR[0*16 + esp], TMP0
+
+ cmp len, 16*7
+ jb LDecDataSingles
+ vmovdqu XMMWORD PTR[1*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[2*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[3*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[4*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[5*16 + esp], TMP0
+ vmovdqu XMMWORD PTR[6*16 + esp], TMP0
+ dec aluCTR
+
+LDecData7:
+ cmp len, 16*7
+ jb LDecData7End
+ sub len, 16*7
+
+ vmovdqu TMP5, XMMWORD PTR[0*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ vpxor TMP5, TMP5, T
+ vpshufd TMP4, TMP5, 78
+ vpxor TMP4, TMP4, TMP5
+ vpclmulqdq TMP0, TMP4, XMMWORD PTR[6*16 + 8*16 + Htbl], 000h
+ vmovdqu TMP4, XMMWORD PTR[6*16 + Htbl]
+ vpclmulqdq TMP1, TMP5, TMP4, 011h
+ vpclmulqdq TMP2, TMP5, TMP4, 000h
+
+ NEXTCTR 0
+ vmovdqu TMP5, XMMWORD PTR[1*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ KARATSUBA 5
+ NEXTCTR 1
+ vmovdqu TMP5, XMMWORD PTR[2*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ KARATSUBA 4
+ NEXTCTR 2
+ vmovdqu TMP5, XMMWORD PTR[3*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ KARATSUBA 3
+ NEXTCTR 3
+ vmovdqu TMP5, XMMWORD PTR[4*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ KARATSUBA 2
+ NEXTCTR 4
+ vmovdqu TMP5, XMMWORD PTR[5*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ KARATSUBA 1
+ NEXTCTR 5
+ vmovdqu TMP5, XMMWORD PTR[6*16 + CT]
+ vpshufb TMP5, TMP5, XMMWORD PTR[Lbswap_mask]
+ KARATSUBA 0
+ NEXTCTR 6
+
+ vpxor TMP0, TMP0, TMP1
+ vpxor TMP0, TMP0, TMP2
+ vpsrldq TMP3, TMP0, 8
+ vpxor TMP4, TMP1, TMP3
+ vpslldq TMP3, TMP0, 8
+ vpxor TMP5, TMP2, TMP3
+
+ vpclmulqdq TMP1, TMP5, XMMWORD PTR[Lpoly], 010h
+ vpalignr TMP5,TMP5,TMP5,8
+ vpxor TMP5, TMP5, TMP1
+
+ vpclmulqdq TMP1, TMP5, XMMWORD PTR[Lpoly], 010h
+ vpalignr TMP5,TMP5,TMP5,8
+ vpxor TMP5, TMP5, TMP1
+
+ vpxor TMP5, TMP5, TMP4
+ vmovdqu T, TMP5
+
+ vmovdqa CTR0, XMMWORD PTR[0*16 + esp]
+ vmovdqa CTR1, XMMWORD PTR[1*16 + esp]
+ vmovdqa CTR2, XMMWORD PTR[2*16 + esp]
+ vmovdqa CTR3, XMMWORD PTR[3*16 + esp]
+ vmovdqa CTR4, XMMWORD PTR[4*16 + esp]
+ vmovdqa CTR5, XMMWORD PTR[5*16 + esp]
+ vmovdqa CTR6, XMMWORD PTR[6*16 + esp]
+
+ ROUND 1
+ ROUND 2
+ ROUND 3
+ ROUND 4
+ ROUND 5
+ ROUND 6
+ ROUND 7
+ ROUND 8
+ ROUND 9
+ vmovdqu xmm7, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+
+ ROUND 10
+ ROUND 11
+ vmovdqu xmm7, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+
+ ROUND 12
+ ROUND 13
+ vmovdqu xmm7, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast CTR0, CTR0, xmm7
+ vaesenclast CTR1, CTR1, xmm7
+ vaesenclast CTR2, CTR2, xmm7
+ vaesenclast CTR3, CTR3, xmm7
+ vaesenclast CTR4, CTR4, xmm7
+ vaesenclast CTR5, CTR5, xmm7
+ vaesenclast CTR6, CTR6, xmm7
+
+ vpxor CTR0, CTR0, XMMWORD PTR[0*16 + CT]
+ vpxor CTR1, CTR1, XMMWORD PTR[1*16 + CT]
+ vpxor CTR2, CTR2, XMMWORD PTR[2*16 + CT]
+ vpxor CTR3, CTR3, XMMWORD PTR[3*16 + CT]
+ vpxor CTR4, CTR4, XMMWORD PTR[4*16 + CT]
+ vpxor CTR5, CTR5, XMMWORD PTR[5*16 + CT]
+ vpxor CTR6, CTR6, XMMWORD PTR[6*16 + CT]
+
+ vmovdqu XMMWORD PTR[0*16 + PT], CTR0
+ vmovdqu XMMWORD PTR[1*16 + PT], CTR1
+ vmovdqu XMMWORD PTR[2*16 + PT], CTR2
+ vmovdqu XMMWORD PTR[3*16 + PT], CTR3
+ vmovdqu XMMWORD PTR[4*16 + PT], CTR4
+ vmovdqu XMMWORD PTR[5*16 + PT], CTR5
+ vmovdqu XMMWORD PTR[6*16 + PT], CTR6
+
+ lea CT, [7*16 + CT]
+ lea PT, [7*16 + PT]
+ jmp LDecData7
+
+LDecData7End:
+
+ NEXTCTR 0
+
+LDecDataSingles:
+
+ cmp len, 16
+ jb LDecDataTail
+ sub len, 16
+
+ vmovdqu TMP1, XMMWORD PTR[CT]
+ vpshufb TMP1, TMP1, XMMWORD PTR[Lbswap_mask]
+ vpxor TMP1, TMP1, T
+
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL TMP1, TMP1, TMP0, TMP5, TMP2, TMP3, TMP4
+ vmovdqu T, TMP1
+
+ vmovdqa TMP1, XMMWORD PTR[0*16 + esp]
+ NEXTCTR 0
+
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast TMP1, TMP1, TMP2
+ vpxor TMP1, TMP1, XMMWORD PTR[CT]
+ vmovdqu XMMWORD PTR[PT], TMP1
+
+ lea PT, [16+PT]
+ lea CT, [16+CT]
+ jmp LDecDataSingles
+
+LDecDataTail:
+
+ cmp len, 0
+ je LDecDataEnd
+
+ vmovdqa TMP1, XMMWORD PTR[0*16 + esp]
+ inc aluCTR
+ vaesenc TMP1, TMP1, XMMWORD PTR[1*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[2*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[3*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[4*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[5*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[6*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[7*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[8*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[9*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[10*16 + KS]
+ cmp NR, 10
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[10*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[11*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[12*16 + KS]
+ cmp NR, 12
+ je @f
+ vaesenc TMP1, TMP1, XMMWORD PTR[12*16 + KS]
+ vaesenc TMP1, TMP1, XMMWORD PTR[13*16 + KS]
+ vmovdqu TMP2, XMMWORD PTR[14*16 + KS]
+@@:
+ vaesenclast xmm7, TMP1, TMP2
+
+; copy as many bytes as needed
+ xor KS, KS
+ mov aluTMP, edx
+@@:
+ cmp len, KS
+ je @f
+ mov dl, BYTE PTR[CT + KS]
+ mov BYTE PTR[esp + KS], dl
+ inc KS
+ jmp @b
+@@:
+ cmp KS, 16
+ je @f
+ mov BYTE PTR[esp + KS], 0
+ inc KS
+ jmp @b
+@@:
+ mov edx, aluTMP
+ vmovdqa TMP1, XMMWORD PTR[esp]
+ vpshufb TMP1, TMP1, XMMWORD PTR[Lbswap_mask]
+ vpxor TMP1, TMP1, T
+
+ vmovdqu TMP0, XMMWORD PTR[Htbl]
+ GFMUL TMP1, TMP1, TMP0, TMP5, TMP2, TMP3, TMP4
+ vmovdqu T, TMP1
+
+ vpxor xmm7, xmm7, XMMWORD PTR[esp]
+ vmovdqa XMMWORD PTR[esp], xmm7
+ xor KS, KS
+ mov aluTMP, edx
+@@:
+ cmp len, KS
+ je @f
+ mov dl, BYTE PTR[esp + KS]
+ mov BYTE PTR[PT + KS], dl
+ inc KS
+ jmp @b
+@@:
+ mov edx, aluTMP
+
+LDecDataEnd:
+
+ bswap aluCTR
+ mov [16*16 + 2*16 + 3*4 + Gctx], aluCTR
+
+ mov esp, ebp
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+
+ vzeroupper
+
+ ret
+intel_aes_gcmDEC ENDP
+
+
+END
diff --git a/security/nss/lib/freebl/intel-gcm.h b/security/nss/lib/freebl/intel-gcm.h
new file mode 100644
index 000000000..566e544d8
--- /dev/null
+++ b/security/nss/lib/freebl/intel-gcm.h
@@ -0,0 +1,83 @@
+/******************************************************************************/
+/* LICENSE: */
+/* This submission to NSS is to be made available under the terms of the */
+/* Mozilla Public License, v. 2.0. You can obtain one at http: */
+/* //mozilla.org/MPL/2.0/. */
+/******************************************************************************/
+/* Copyright(c) 2013, Intel Corp. */
+/******************************************************************************/
+/* Reference: */
+/* [1] Shay Gueron, Michael E. Kounavis: Intel(R) Carry-Less Multiplication */
+/* Instruction and its Usage for Computing the GCM Mode (Rev. 2.01) */
+/* http://software.intel.com/sites/default/files/article/165685/clmul-wp-r*/
+/*ev-2.01-2012-09-21.pdf */
+/* [2] S. Gueron, M. E. Kounavis: Efficient Implementation of the Galois */
+/* Counter Mode Using a Carry-less Multiplier and a Fast Reduction */
+/* Algorithm. Information Processing Letters 110: 549-553 (2010). */
+/* [3] S. Gueron: AES Performance on the 2nd Generation Intel(R) Core(TM) */
+/* Processor Family (to be posted) (2012). */
+/* [4] S. Gueron: Fast GHASH computations for speeding up AES-GCM (to be */
+/* published) (2012). */
+
+#ifndef INTEL_GCM_H
+#define INTEL_GCM_H 1
+
+#include "blapii.h"
+
+typedef struct intel_AES_GCMContextStr intel_AES_GCMContext;
+
+intel_AES_GCMContext *intel_AES_GCM_CreateContext(void *context, freeblCipherFunc cipher,
+ const unsigned char *params, unsigned int blocksize);
+
+void intel_AES_GCM_DestroyContext(intel_AES_GCMContext *gcm, PRBool freeit);
+
+SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+
+SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm, unsigned char *outbuf,
+ unsigned int *outlen, unsigned int maxout,
+ const unsigned char *inbuf, unsigned int inlen,
+ unsigned int blocksize);
+
+/* Prototypes of functions in the assembler file for fast AES-GCM, using
+ Intel AES-NI and CLMUL-NI, as described in [1]
+ [1] Shay Gueron, Michael E. Kounavis: Intel(R) Carry-Less Multiplication
+ Instruction and its Usage for Computing the GCM Mode */
+
+/* Prepares the constants used in the aggregated reduction method */
+void intel_aes_gcmINIT(unsigned char Htbl[16 * 16],
+ unsigned char *KS,
+ int NR);
+
+/* Produces the final GHASH value */
+void intel_aes_gcmTAG(unsigned char Htbl[16 * 16],
+ unsigned char *Tp,
+ unsigned long Mlen,
+ unsigned long Alen,
+ unsigned char *X0,
+ unsigned char *TAG);
+
+/* Hashes the Additional Authenticated Data, should be used before enc/dec.
+ Operates on whole blocks only. Partial blocks should be padded externally. */
+void intel_aes_gcmAAD(unsigned char Htbl[16 * 16],
+ unsigned char *AAD,
+ unsigned long Alen,
+ unsigned char *Tp);
+
+/* Encrypts and hashes the Plaintext.
+ Operates on any length of data, however partial block should only be encrypted
+ at the last call, otherwise the result will be incorrect. */
+void intel_aes_gcmENC(const unsigned char *PT,
+ unsigned char *CT,
+ void *Gctx,
+ unsigned long len);
+
+/* Similar to ENC, but decrypts the Ciphertext. */
+void intel_aes_gcmDEC(const unsigned char *CT,
+ unsigned char *PT,
+ void *Gctx,
+ unsigned long len);
+
+#endif
diff --git a/security/nss/lib/freebl/intel-gcm.s b/security/nss/lib/freebl/intel-gcm.s
new file mode 100644
index 000000000..1a3106091
--- /dev/null
+++ b/security/nss/lib/freebl/intel-gcm.s
@@ -0,0 +1,1340 @@
+# LICENSE:
+# This submission to NSS is to be made available under the terms of the
+# Mozilla Public License, v. 2.0. You can obtain one at http:
+# //mozilla.org/MPL/2.0/.
+################################################################################
+# Copyright(c) 2012, Intel Corp.
+
+.align 16
+.Lone:
+.quad 1,0
+.Ltwo:
+.quad 2,0
+.Lbswap_mask:
+.byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lshuff_mask:
+.quad 0x0f0f0f0f0f0f0f0f, 0x0f0f0f0f0f0f0f0f
+.Lpoly:
+.quad 0x1, 0xc200000000000000
+
+
+################################################################################
+# Generates the final GCM tag
+# void intel_aes_gcmTAG(uint8_t Htbl[16*16], uint8_t *Tp, uint64_t Mlen, uint64_t Alen, uint8_t* X0, uint8_t* TAG);
+.type intel_aes_gcmTAG,@function
+.globl intel_aes_gcmTAG
+.align 16
+intel_aes_gcmTAG:
+
+.set Htbl, %rdi
+.set Tp, %rsi
+.set Mlen, %rdx
+.set Alen, %rcx
+.set X0, %r8
+.set TAG, %r9
+
+.set T,%xmm0
+.set TMP0,%xmm1
+
+ vmovdqu (Tp), T
+ vpshufb .Lbswap_mask(%rip), T, T
+ vpxor TMP0, TMP0, TMP0
+ shl $3, Mlen
+ shl $3, Alen
+ vpinsrq $0, Mlen, TMP0, TMP0
+ vpinsrq $1, Alen, TMP0, TMP0
+ vpxor TMP0, T, T
+ vmovdqu (Htbl), TMP0
+ call GFMUL
+ vpshufb .Lbswap_mask(%rip), T, T
+ vpxor (X0), T, T
+ vmovdqu T, (TAG)
+
+ret
+.size intel_aes_gcmTAG, .-intel_aes_gcmTAG
+################################################################################
+# Generates the H table
+# void intel_aes_gcmINIT(uint8_t Htbl[16*16], uint8_t *KS, int NR);
+.type intel_aes_gcmINIT,@function
+.globl intel_aes_gcmINIT
+.align 16
+intel_aes_gcmINIT:
+
+.set Htbl, %rdi
+.set KS, %rsi
+.set NR, %edx
+
+.set T,%xmm0
+.set TMP0,%xmm1
+
+CALCULATE_POWERS_OF_H:
+ vmovdqu 16*0(KS), T
+ vaesenc 16*1(KS), T, T
+ vaesenc 16*2(KS), T, T
+ vaesenc 16*3(KS), T, T
+ vaesenc 16*4(KS), T, T
+ vaesenc 16*5(KS), T, T
+ vaesenc 16*6(KS), T, T
+ vaesenc 16*7(KS), T, T
+ vaesenc 16*8(KS), T, T
+ vaesenc 16*9(KS), T, T
+ vmovdqu 16*10(KS), TMP0
+ cmp $10, NR
+ je .LH0done
+ vaesenc 16*10(KS), T, T
+ vaesenc 16*11(KS), T, T
+ vmovdqu 16*12(KS), TMP0
+ cmp $12, NR
+ je .LH0done
+ vaesenc 16*12(KS), T, T
+ vaesenc 16*13(KS), T, T
+ vmovdqu 16*14(KS), TMP0
+
+.LH0done:
+ vaesenclast TMP0, T, T
+
+ vpshufb .Lbswap_mask(%rip), T, T
+
+ vmovdqu T, TMP0
+ # Calculate H` = GFMUL(H, 2)
+ vpsrld $7 , T , %xmm3
+ vmovdqu .Lshuff_mask(%rip), %xmm4
+ vpshufb %xmm4, %xmm3 , %xmm3
+ movq $0xff00 , %rax
+ vmovq %rax, %xmm4
+ vpshufb %xmm3, %xmm4 , %xmm4
+ vmovdqu .Lpoly(%rip), %xmm5
+ vpand %xmm4, %xmm5, %xmm5
+ vpsrld $31, T, %xmm3
+ vpslld $1, T, %xmm4
+ vpslldq $4, %xmm3, %xmm3
+ vpxor %xmm3, %xmm4, T #xmm1 holds now p(x)<<1
+
+ #adding p(x)<<1 to xmm5
+ vpxor %xmm5, T , T
+ vmovdqu T, TMP0
+ vmovdqu T, (Htbl) # H * 2
+ call GFMUL
+ vmovdqu T, 16(Htbl) # H^2 * 2
+ call GFMUL
+ vmovdqu T, 32(Htbl) # H^3 * 2
+ call GFMUL
+ vmovdqu T, 48(Htbl) # H^4 * 2
+ call GFMUL
+ vmovdqu T, 64(Htbl) # H^5 * 2
+ call GFMUL
+ vmovdqu T, 80(Htbl) # H^6 * 2
+ call GFMUL
+ vmovdqu T, 96(Htbl) # H^7 * 2
+ call GFMUL
+ vmovdqu T, 112(Htbl) # H^8 * 2
+
+ # Precalculations for the reduce 4 step
+ vpshufd $78, (Htbl), %xmm8
+ vpshufd $78, 16(Htbl), %xmm9
+ vpshufd $78, 32(Htbl), %xmm10
+ vpshufd $78, 48(Htbl), %xmm11
+ vpshufd $78, 64(Htbl), %xmm12
+ vpshufd $78, 80(Htbl), %xmm13
+ vpshufd $78, 96(Htbl), %xmm14
+ vpshufd $78, 112(Htbl), %xmm15
+
+ vpxor (Htbl), %xmm8, %xmm8
+ vpxor 16(Htbl), %xmm9, %xmm9
+ vpxor 32(Htbl), %xmm10, %xmm10
+ vpxor 48(Htbl), %xmm11, %xmm11
+ vpxor 64(Htbl), %xmm12, %xmm12
+ vpxor 80(Htbl), %xmm13, %xmm13
+ vpxor 96(Htbl), %xmm14, %xmm14
+ vpxor 112(Htbl), %xmm15, %xmm15
+
+ vmovdqu %xmm8, 128(Htbl)
+ vmovdqu %xmm9, 144(Htbl)
+ vmovdqu %xmm10, 160(Htbl)
+ vmovdqu %xmm11, 176(Htbl)
+ vmovdqu %xmm12, 192(Htbl)
+ vmovdqu %xmm13, 208(Htbl)
+ vmovdqu %xmm14, 224(Htbl)
+ vmovdqu %xmm15, 240(Htbl)
+
+ ret
+.size intel_aes_gcmINIT, .-intel_aes_gcmINIT
+################################################################################
+# Authenticate only
+# void intel_aes_gcmAAD(uint8_t Htbl[16*16], uint8_t *AAD, uint64_t Alen, uint8_t *Tp);
+
+.globl intel_aes_gcmAAD
+.type intel_aes_gcmAAD,@function
+.align 16
+intel_aes_gcmAAD:
+
+.set DATA, %xmm0
+.set T, %xmm1
+.set BSWAP_MASK, %xmm2
+.set TMP0, %xmm3
+.set TMP1, %xmm4
+.set TMP2, %xmm5
+.set TMP3, %xmm6
+.set TMP4, %xmm7
+.set Xhi, %xmm9
+
+.set Htbl, %rdi
+.set inp, %rsi
+.set len, %rdx
+.set Tp, %rcx
+
+.set hlp0, %r11
+
+.macro KARATSUBA_AAD i
+ vpclmulqdq $0x00, 16*\i(Htbl), DATA, TMP3
+ vpxor TMP3, TMP0, TMP0
+ vpclmulqdq $0x11, 16*\i(Htbl), DATA, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpshufd $78, DATA, TMP3
+ vpxor DATA, TMP3, TMP3
+ vpclmulqdq $0x00, 16*(\i+8)(Htbl), TMP3, TMP3
+ vpxor TMP3, TMP2, TMP2
+.endm
+
+ test len, len
+ jnz .LbeginAAD
+ ret
+
+.LbeginAAD:
+
+ push hlp0
+ vzeroupper
+
+ vmovdqa .Lbswap_mask(%rip), BSWAP_MASK
+
+ vpxor Xhi, Xhi, Xhi
+
+ vmovdqu (Tp),T
+ vpshufb BSWAP_MASK,T,T
+
+ # we hash 8 block each iteration, if the total amount of blocks is not a multiple of 8, we hash the first n%8 blocks first
+ mov len, hlp0
+ and $~-128, hlp0
+
+ jz .Lmod_loop
+
+ sub hlp0, len
+ sub $16, hlp0
+
+ #hash first prefix block
+ vmovdqu (inp), DATA
+ vpshufb BSWAP_MASK, DATA, DATA
+ vpxor T, DATA, DATA
+
+ vpclmulqdq $0x00, (Htbl, hlp0), DATA, TMP0
+ vpclmulqdq $0x11, (Htbl, hlp0), DATA, TMP1
+ vpshufd $78, DATA, TMP2
+ vpxor DATA, TMP2, TMP2
+ vpclmulqdq $0x00, 16*8(Htbl, hlp0), TMP2, TMP2
+
+ lea 16(inp), inp
+ test hlp0, hlp0
+ jnz .Lpre_loop
+ jmp .Lred1
+
+ #hash remaining prefix bocks (up to 7 total prefix blocks)
+.align 64
+.Lpre_loop:
+
+ sub $16, hlp0
+
+ vmovdqu (inp),DATA # next data block
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ vpclmulqdq $0x00, (Htbl,hlp0), DATA, TMP3
+ vpxor TMP3, TMP0, TMP0
+ vpclmulqdq $0x11, (Htbl,hlp0), DATA, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpshufd $78, DATA, TMP3
+ vpxor DATA, TMP3, TMP3
+ vpclmulqdq $0x00, 16*8(Htbl,hlp0), TMP3, TMP3
+ vpxor TMP3, TMP2, TMP2
+
+ test hlp0, hlp0
+
+ lea 16(inp), inp
+
+ jnz .Lpre_loop
+
+.Lred1:
+ vpxor TMP0, TMP2, TMP2
+ vpxor TMP1, TMP2, TMP2
+ vpsrldq $8, TMP2, TMP3
+ vpslldq $8, TMP2, TMP2
+
+ vpxor TMP3, TMP1, Xhi
+ vpxor TMP2, TMP0, T
+
+.align 64
+.Lmod_loop:
+ sub $0x80, len
+ jb .Ldone
+
+ vmovdqu 16*7(inp),DATA # Ii
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ vpclmulqdq $0x00, (Htbl), DATA, TMP0
+ vpclmulqdq $0x11, (Htbl), DATA, TMP1
+ vpshufd $78, DATA, TMP2
+ vpxor DATA, TMP2, TMP2
+ vpclmulqdq $0x00, 16*8(Htbl), TMP2, TMP2
+ #########################################################
+ vmovdqu 16*6(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+ KARATSUBA_AAD 1
+ #########################################################
+ vmovdqu 16*5(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ vpclmulqdq $0x10, .Lpoly(%rip), T, TMP4 #reduction stage 1a
+ vpalignr $8, T, T, T
+
+ KARATSUBA_AAD 2
+
+ vpxor TMP4, T, T #reduction stage 1b
+ #########################################################
+ vmovdqu 16*4(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ KARATSUBA_AAD 3
+ #########################################################
+ vmovdqu 16*3(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ vpclmulqdq $0x10, .Lpoly(%rip), T, TMP4 #reduction stage 2a
+ vpalignr $8, T, T, T
+
+ KARATSUBA_AAD 4
+
+ vpxor TMP4, T, T #reduction stage 2b
+ #########################################################
+ vmovdqu 16*2(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ KARATSUBA_AAD 5
+
+ vpxor Xhi, T, T #reduction finalize
+ #########################################################
+ vmovdqu 16*1(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+
+ KARATSUBA_AAD 6
+ #########################################################
+ vmovdqu 16*0(inp),DATA
+ vpshufb BSWAP_MASK,DATA,DATA
+ vpxor T,DATA,DATA
+
+ KARATSUBA_AAD 7
+ #########################################################
+ vpxor TMP0, TMP2, TMP2 # karatsuba fixup
+ vpxor TMP1, TMP2, TMP2
+ vpsrldq $8, TMP2, TMP3
+ vpslldq $8, TMP2, TMP2
+
+ vpxor TMP3, TMP1, Xhi
+ vpxor TMP2, TMP0, T
+
+ lea 16*8(inp), inp
+ jmp .Lmod_loop
+ #########################################################
+
+.Ldone:
+ vpclmulqdq $0x10, .Lpoly(%rip), T, TMP3
+ vpalignr $8, T, T, T
+ vpxor TMP3, T, T
+
+ vpclmulqdq $0x10, .Lpoly(%rip), T, TMP3
+ vpalignr $8, T, T, T
+ vpxor TMP3, T, T
+
+ vpxor Xhi, T, T
+
+.Lsave:
+ vpshufb BSWAP_MASK,T, T
+ vmovdqu T,(Tp)
+ vzeroupper
+
+ pop hlp0
+ ret
+.size intel_aes_gcmAAD,.-intel_aes_gcmAAD
+
+################################################################################
+# Encrypt and Authenticate
+# void intel_aes_gcmENC(uint8_t* PT, uint8_t* CT, void *Gctx,uint64_t len);
+.type intel_aes_gcmENC,@function
+.globl intel_aes_gcmENC
+.align 16
+intel_aes_gcmENC:
+
+.set PT,%rdi
+.set CT,%rsi
+.set Htbl, %rdx
+.set len, %rcx
+.set KS,%r9
+.set NR,%r10d
+
+.set Gctx, %rdx
+
+.set T,%xmm0
+.set TMP0,%xmm1
+.set TMP1,%xmm2
+.set TMP2,%xmm3
+.set TMP3,%xmm4
+.set TMP4,%xmm5
+.set TMP5,%xmm6
+.set CTR0,%xmm7
+.set CTR1,%xmm8
+.set CTR2,%xmm9
+.set CTR3,%xmm10
+.set CTR4,%xmm11
+.set CTR5,%xmm12
+.set CTR6,%xmm13
+.set CTR7,%xmm14
+.set CTR,%xmm15
+
+.macro ROUND i
+ vmovdqu \i*16(KS), TMP3
+ vaesenc TMP3, CTR0, CTR0
+ vaesenc TMP3, CTR1, CTR1
+ vaesenc TMP3, CTR2, CTR2
+ vaesenc TMP3, CTR3, CTR3
+ vaesenc TMP3, CTR4, CTR4
+ vaesenc TMP3, CTR5, CTR5
+ vaesenc TMP3, CTR6, CTR6
+ vaesenc TMP3, CTR7, CTR7
+.endm
+
+.macro ROUNDMUL i
+
+ vmovdqu \i*16(%rsp), TMP5
+ vmovdqu \i*16(KS), TMP3
+
+ vaesenc TMP3, CTR0, CTR0
+ vaesenc TMP3, CTR1, CTR1
+ vaesenc TMP3, CTR2, CTR2
+ vaesenc TMP3, CTR3, CTR3
+
+ vpshufd $78, TMP5, TMP4
+ vpxor TMP5, TMP4, TMP4
+
+ vaesenc TMP3, CTR4, CTR4
+ vaesenc TMP3, CTR5, CTR5
+ vaesenc TMP3, CTR6, CTR6
+ vaesenc TMP3, CTR7, CTR7
+
+ vpclmulqdq $0x00, 128+\i*16(Htbl), TMP4, TMP3
+ vpxor TMP3, TMP0, TMP0
+ vmovdqa \i*16(Htbl), TMP4
+ vpclmulqdq $0x11, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpclmulqdq $0x00, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP2, TMP2
+
+.endm
+
+.macro KARATSUBA i
+ vmovdqu \i*16(%rsp), TMP5
+
+ vpclmulqdq $0x11, 16*\i(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpclmulqdq $0x00, 16*\i(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP2, TMP2
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vpclmulqdq $0x00, 128+\i*16(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP0, TMP0
+.endm
+
+ test len, len
+ jnz .Lbegin
+ ret
+
+.Lbegin:
+
+ vzeroupper
+ push %rbp
+ push %rbx
+
+ movq %rsp, %rbp
+ sub $128, %rsp
+ andq $-16, %rsp
+
+ vmovdqu 288(Gctx), CTR
+ vmovdqu 272(Gctx), T
+ mov 304(Gctx), KS
+ mov 4(KS), NR
+ lea 48(KS), KS
+
+ vpshufb .Lbswap_mask(%rip), CTR, CTR
+ vpshufb .Lbswap_mask(%rip), T, T
+
+ cmp $128, len
+ jb .LDataSingles
+
+# Encrypt the first eight blocks
+ sub $128, len
+ vmovdqa CTR, CTR0
+ vpaddd .Lone(%rip), CTR0, CTR1
+ vpaddd .Ltwo(%rip), CTR0, CTR2
+ vpaddd .Lone(%rip), CTR2, CTR3
+ vpaddd .Ltwo(%rip), CTR2, CTR4
+ vpaddd .Lone(%rip), CTR4, CTR5
+ vpaddd .Ltwo(%rip), CTR4, CTR6
+ vpaddd .Lone(%rip), CTR6, CTR7
+ vpaddd .Ltwo(%rip), CTR6, CTR
+
+ vpshufb .Lbswap_mask(%rip), CTR0, CTR0
+ vpshufb .Lbswap_mask(%rip), CTR1, CTR1
+ vpshufb .Lbswap_mask(%rip), CTR2, CTR2
+ vpshufb .Lbswap_mask(%rip), CTR3, CTR3
+ vpshufb .Lbswap_mask(%rip), CTR4, CTR4
+ vpshufb .Lbswap_mask(%rip), CTR5, CTR5
+ vpshufb .Lbswap_mask(%rip), CTR6, CTR6
+ vpshufb .Lbswap_mask(%rip), CTR7, CTR7
+
+ vpxor (KS), CTR0, CTR0
+ vpxor (KS), CTR1, CTR1
+ vpxor (KS), CTR2, CTR2
+ vpxor (KS), CTR3, CTR3
+ vpxor (KS), CTR4, CTR4
+ vpxor (KS), CTR5, CTR5
+ vpxor (KS), CTR6, CTR6
+ vpxor (KS), CTR7, CTR7
+
+ ROUND 1
+ ROUND 2
+ ROUND 3
+ ROUND 4
+ ROUND 5
+ ROUND 6
+ ROUND 7
+ ROUND 8
+ ROUND 9
+
+ vmovdqu 160(KS), TMP5
+ cmp $12, NR
+ jb .LLast1
+
+ ROUND 10
+ ROUND 11
+
+ vmovdqu 192(KS), TMP5
+ cmp $14, NR
+ jb .LLast1
+
+ ROUND 12
+ ROUND 13
+
+ vmovdqu 224(KS), TMP5
+
+.LLast1:
+
+ vpxor (PT), TMP5, TMP3
+ vaesenclast TMP3, CTR0, CTR0
+ vpxor 16(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR1, CTR1
+ vpxor 32(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR2, CTR2
+ vpxor 48(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR3, CTR3
+ vpxor 64(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR4, CTR4
+ vpxor 80(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR5, CTR5
+ vpxor 96(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR6, CTR6
+ vpxor 112(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR7, CTR7
+
+ vmovdqu .Lbswap_mask(%rip), TMP3
+
+ vmovdqu CTR0, (CT)
+ vpshufb TMP3, CTR0, CTR0
+ vmovdqu CTR1, 16(CT)
+ vpshufb TMP3, CTR1, CTR1
+ vmovdqu CTR2, 32(CT)
+ vpshufb TMP3, CTR2, CTR2
+ vmovdqu CTR3, 48(CT)
+ vpshufb TMP3, CTR3, CTR3
+ vmovdqu CTR4, 64(CT)
+ vpshufb TMP3, CTR4, CTR4
+ vmovdqu CTR5, 80(CT)
+ vpshufb TMP3, CTR5, CTR5
+ vmovdqu CTR6, 96(CT)
+ vpshufb TMP3, CTR6, CTR6
+ vmovdqu CTR7, 112(CT)
+ vpshufb TMP3, CTR7, CTR7
+
+ lea 128(CT), CT
+ lea 128(PT), PT
+ jmp .LDataOctets
+
+# Encrypt 8 blocks each time while hashing previous 8 blocks
+.align 64
+.LDataOctets:
+ cmp $128, len
+ jb .LEndOctets
+ sub $128, len
+
+ vmovdqa CTR7, TMP5
+ vmovdqa CTR6, 1*16(%rsp)
+ vmovdqa CTR5, 2*16(%rsp)
+ vmovdqa CTR4, 3*16(%rsp)
+ vmovdqa CTR3, 4*16(%rsp)
+ vmovdqa CTR2, 5*16(%rsp)
+ vmovdqa CTR1, 6*16(%rsp)
+ vmovdqa CTR0, 7*16(%rsp)
+
+ vmovdqa CTR, CTR0
+ vpaddd .Lone(%rip), CTR0, CTR1
+ vpaddd .Ltwo(%rip), CTR0, CTR2
+ vpaddd .Lone(%rip), CTR2, CTR3
+ vpaddd .Ltwo(%rip), CTR2, CTR4
+ vpaddd .Lone(%rip), CTR4, CTR5
+ vpaddd .Ltwo(%rip), CTR4, CTR6
+ vpaddd .Lone(%rip), CTR6, CTR7
+ vpaddd .Ltwo(%rip), CTR6, CTR
+
+ vmovdqu (KS), TMP4
+ vpshufb TMP3, CTR0, CTR0
+ vpxor TMP4, CTR0, CTR0
+ vpshufb TMP3, CTR1, CTR1
+ vpxor TMP4, CTR1, CTR1
+ vpshufb TMP3, CTR2, CTR2
+ vpxor TMP4, CTR2, CTR2
+ vpshufb TMP3, CTR3, CTR3
+ vpxor TMP4, CTR3, CTR3
+ vpshufb TMP3, CTR4, CTR4
+ vpxor TMP4, CTR4, CTR4
+ vpshufb TMP3, CTR5, CTR5
+ vpxor TMP4, CTR5, CTR5
+ vpshufb TMP3, CTR6, CTR6
+ vpxor TMP4, CTR6, CTR6
+ vpshufb TMP3, CTR7, CTR7
+ vpxor TMP4, CTR7, CTR7
+
+ vmovdqu 16*0(Htbl), TMP3
+ vpclmulqdq $0x11, TMP3, TMP5, TMP1
+ vpclmulqdq $0x00, TMP3, TMP5, TMP2
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vmovdqu 128+0*16(Htbl), TMP3
+ vpclmulqdq $0x00, TMP3, TMP5, TMP0
+
+ ROUNDMUL 1
+
+ ROUNDMUL 2
+
+ ROUNDMUL 3
+
+ ROUNDMUL 4
+
+ ROUNDMUL 5
+
+ ROUNDMUL 6
+
+ vpxor 7*16(%rsp), T, TMP5
+ vmovdqu 7*16(KS), TMP3
+
+ vaesenc TMP3, CTR0, CTR0
+ vaesenc TMP3, CTR1, CTR1
+ vaesenc TMP3, CTR2, CTR2
+ vaesenc TMP3, CTR3, CTR3
+
+ vpshufd $78, TMP5, TMP4
+ vpxor TMP5, TMP4, TMP4
+
+ vaesenc TMP3, CTR4, CTR4
+ vaesenc TMP3, CTR5, CTR5
+ vaesenc TMP3, CTR6, CTR6
+ vaesenc TMP3, CTR7, CTR7
+
+ vpclmulqdq $0x11, 7*16(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpclmulqdq $0x00, 7*16(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP2, TMP2
+ vpclmulqdq $0x00, 128+7*16(Htbl), TMP4, TMP3
+ vpxor TMP3, TMP0, TMP0
+
+ ROUND 8
+ vmovdqa .Lpoly(%rip), TMP5
+
+ vpxor TMP1, TMP0, TMP0
+ vpxor TMP2, TMP0, TMP0
+ vpsrldq $8, TMP0, TMP3
+ vpxor TMP3, TMP1, TMP4
+ vpslldq $8, TMP0, TMP3
+ vpxor TMP3, TMP2, T
+
+ vpclmulqdq $0x10, TMP5, T, TMP1
+ vpalignr $8, T, T, T
+ vpxor T, TMP1, T
+
+ ROUND 9
+
+ vpclmulqdq $0x10, TMP5, T, TMP1
+ vpalignr $8, T, T, T
+ vpxor T, TMP1, T
+
+ vmovdqu 160(KS), TMP5
+ cmp $10, NR
+ jbe .LLast2
+
+ ROUND 10
+ ROUND 11
+
+ vmovdqu 192(KS), TMP5
+ cmp $12, NR
+ jbe .LLast2
+
+ ROUND 12
+ ROUND 13
+
+ vmovdqu 224(KS), TMP5
+
+.LLast2:
+
+ vpxor (PT), TMP5, TMP3
+ vaesenclast TMP3, CTR0, CTR0
+ vpxor 16(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR1, CTR1
+ vpxor 32(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR2, CTR2
+ vpxor 48(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR3, CTR3
+ vpxor 64(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR4, CTR4
+ vpxor 80(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR5, CTR5
+ vpxor 96(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR6, CTR6
+ vpxor 112(PT), TMP5, TMP3
+ vaesenclast TMP3, CTR7, CTR7
+
+ vmovdqu .Lbswap_mask(%rip), TMP3
+
+ vmovdqu CTR0, (CT)
+ vpshufb TMP3, CTR0, CTR0
+ vmovdqu CTR1, 16(CT)
+ vpshufb TMP3, CTR1, CTR1
+ vmovdqu CTR2, 32(CT)
+ vpshufb TMP3, CTR2, CTR2
+ vmovdqu CTR3, 48(CT)
+ vpshufb TMP3, CTR3, CTR3
+ vmovdqu CTR4, 64(CT)
+ vpshufb TMP3, CTR4, CTR4
+ vmovdqu CTR5, 80(CT)
+ vpshufb TMP3, CTR5, CTR5
+ vmovdqu CTR6, 96(CT)
+ vpshufb TMP3, CTR6, CTR6
+ vmovdqu CTR7,112(CT)
+ vpshufb TMP3, CTR7, CTR7
+
+ vpxor TMP4, T, T
+
+ lea 128(CT), CT
+ lea 128(PT), PT
+ jmp .LDataOctets
+
+.LEndOctets:
+
+ vmovdqa CTR7, TMP5
+ vmovdqa CTR6, 1*16(%rsp)
+ vmovdqa CTR5, 2*16(%rsp)
+ vmovdqa CTR4, 3*16(%rsp)
+ vmovdqa CTR3, 4*16(%rsp)
+ vmovdqa CTR2, 5*16(%rsp)
+ vmovdqa CTR1, 6*16(%rsp)
+ vmovdqa CTR0, 7*16(%rsp)
+
+ vmovdqu 16*0(Htbl), TMP3
+ vpclmulqdq $0x11, TMP3, TMP5, TMP1
+ vpclmulqdq $0x00, TMP3, TMP5, TMP2
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vmovdqu 128+0*16(Htbl), TMP3
+ vpclmulqdq $0x00, TMP3, TMP5, TMP0
+
+ KARATSUBA 1
+ KARATSUBA 2
+ KARATSUBA 3
+ KARATSUBA 4
+ KARATSUBA 5
+ KARATSUBA 6
+
+ vmovdqu 7*16(%rsp), TMP5
+ vpxor T, TMP5, TMP5
+ vmovdqu 16*7(Htbl), TMP4
+ vpclmulqdq $0x11, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpclmulqdq $0x00, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP2, TMP2
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vmovdqu 128+7*16(Htbl), TMP4
+ vpclmulqdq $0x00, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP0, TMP0
+
+ vpxor TMP1, TMP0, TMP0
+ vpxor TMP2, TMP0, TMP0
+
+ vpsrldq $8, TMP0, TMP3
+ vpxor TMP3, TMP1, TMP4
+ vpslldq $8, TMP0, TMP3
+ vpxor TMP3, TMP2, T
+
+ vmovdqa .Lpoly(%rip), TMP2
+
+ vpalignr $8, T, T, TMP1
+ vpclmulqdq $0x10, TMP2, T, T
+ vpxor T, TMP1, T
+
+ vpalignr $8, T, T, TMP1
+ vpclmulqdq $0x10, TMP2, T, T
+ vpxor T, TMP1, T
+
+ vpxor TMP4, T, T
+
+#Here we encrypt any remaining whole block
+.LDataSingles:
+
+ cmp $16, len
+ jb .LDataTail
+ sub $16, len
+
+ vpshufb .Lbswap_mask(%rip), CTR, TMP1
+ vpaddd .Lone(%rip), CTR, CTR
+
+ vpxor (KS), TMP1, TMP1
+ vaesenc 16*1(KS), TMP1, TMP1
+ vaesenc 16*2(KS), TMP1, TMP1
+ vaesenc 16*3(KS), TMP1, TMP1
+ vaesenc 16*4(KS), TMP1, TMP1
+ vaesenc 16*5(KS), TMP1, TMP1
+ vaesenc 16*6(KS), TMP1, TMP1
+ vaesenc 16*7(KS), TMP1, TMP1
+ vaesenc 16*8(KS), TMP1, TMP1
+ vaesenc 16*9(KS), TMP1, TMP1
+ vmovdqu 16*10(KS), TMP2
+ cmp $10, NR
+ je .LLast3
+ vaesenc 16*10(KS), TMP1, TMP1
+ vaesenc 16*11(KS), TMP1, TMP1
+ vmovdqu 16*12(KS), TMP2
+ cmp $12, NR
+ je .LLast3
+ vaesenc 16*12(KS), TMP1, TMP1
+ vaesenc 16*13(KS), TMP1, TMP1
+ vmovdqu 16*14(KS), TMP2
+
+.LLast3:
+ vaesenclast TMP2, TMP1, TMP1
+
+ vpxor (PT), TMP1, TMP1
+ vmovdqu TMP1, (CT)
+ addq $16, CT
+ addq $16, PT
+
+ vpshufb .Lbswap_mask(%rip), TMP1, TMP1
+ vpxor TMP1, T, T
+ vmovdqu (Htbl), TMP0
+ call GFMUL
+
+ jmp .LDataSingles
+
+#Here we encypt the final partial block, if there is one
+.LDataTail:
+
+ test len, len
+ jz DATA_END
+# First prepare the counter block
+ vpshufb .Lbswap_mask(%rip), CTR, TMP1
+ vpaddd .Lone(%rip), CTR, CTR
+
+ vpxor (KS), TMP1, TMP1
+ vaesenc 16*1(KS), TMP1, TMP1
+ vaesenc 16*2(KS), TMP1, TMP1
+ vaesenc 16*3(KS), TMP1, TMP1
+ vaesenc 16*4(KS), TMP1, TMP1
+ vaesenc 16*5(KS), TMP1, TMP1
+ vaesenc 16*6(KS), TMP1, TMP1
+ vaesenc 16*7(KS), TMP1, TMP1
+ vaesenc 16*8(KS), TMP1, TMP1
+ vaesenc 16*9(KS), TMP1, TMP1
+ vmovdqu 16*10(KS), TMP2
+ cmp $10, NR
+ je .LLast4
+ vaesenc 16*10(KS), TMP1, TMP1
+ vaesenc 16*11(KS), TMP1, TMP1
+ vmovdqu 16*12(KS), TMP2
+ cmp $12, NR
+ je .LLast4
+ vaesenc 16*12(KS), TMP1, TMP1
+ vaesenc 16*13(KS), TMP1, TMP1
+ vmovdqu 16*14(KS), TMP2
+
+.LLast4:
+ vaesenclast TMP2, TMP1, TMP1
+#Zero a temp location
+ vpxor TMP2, TMP2, TMP2
+ vmovdqa TMP2, (%rsp)
+
+# Copy the required bytes only (could probably use rep movsb)
+ xor KS, KS
+.LEncCpy:
+ cmp KS, len
+ je .LEncCpyEnd
+ movb (PT, KS, 1), %r8b
+ movb %r8b, (%rsp, KS, 1)
+ inc KS
+ jmp .LEncCpy
+.LEncCpyEnd:
+# Xor with the counter block
+ vpxor (%rsp), TMP1, TMP0
+# Again, store at temp location
+ vmovdqa TMP0, (%rsp)
+# Copy only the required bytes to CT, and zero the rest for the hash
+ xor KS, KS
+.LEncCpy2:
+ cmp KS, len
+ je .LEncCpy3
+ movb (%rsp, KS, 1), %r8b
+ movb %r8b, (CT, KS, 1)
+ inc KS
+ jmp .LEncCpy2
+.LEncCpy3:
+ cmp $16, KS
+ je .LEndCpy3
+ movb $0, (%rsp, KS, 1)
+ inc KS
+ jmp .LEncCpy3
+.LEndCpy3:
+ vmovdqa (%rsp), TMP0
+
+ vpshufb .Lbswap_mask(%rip), TMP0, TMP0
+ vpxor TMP0, T, T
+ vmovdqu (Htbl), TMP0
+ call GFMUL
+
+DATA_END:
+
+ vpshufb .Lbswap_mask(%rip), T, T
+ vpshufb .Lbswap_mask(%rip), CTR, CTR
+ vmovdqu T, 272(Gctx)
+ vmovdqu CTR, 288(Gctx)
+
+ movq %rbp, %rsp
+
+ popq %rbx
+ popq %rbp
+ ret
+ .size intel_aes_gcmENC, .-intel_aes_gcmENC
+
+#########################
+# Decrypt and Authenticate
+# void intel_aes_gcmDEC(uint8_t* PT, uint8_t* CT, void *Gctx,uint64_t len);
+.type intel_aes_gcmDEC,@function
+.globl intel_aes_gcmDEC
+.align 16
+intel_aes_gcmDEC:
+# parameter 1: CT # input
+# parameter 2: PT # output
+# parameter 3: %rdx # Gctx
+# parameter 4: %rcx # len
+
+.macro DEC_KARATSUBA i
+ vmovdqu (7-\i)*16(CT), TMP5
+ vpshufb .Lbswap_mask(%rip), TMP5, TMP5
+
+ vpclmulqdq $0x11, 16*\i(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpclmulqdq $0x00, 16*\i(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP2, TMP2
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vpclmulqdq $0x00, 128+\i*16(Htbl), TMP5, TMP3
+ vpxor TMP3, TMP0, TMP0
+.endm
+
+.set PT,%rsi
+.set CT,%rdi
+.set Htbl, %rdx
+.set len, %rcx
+.set KS,%r9
+.set NR,%r10d
+
+.set Gctx, %rdx
+
+.set T,%xmm0
+.set TMP0,%xmm1
+.set TMP1,%xmm2
+.set TMP2,%xmm3
+.set TMP3,%xmm4
+.set TMP4,%xmm5
+.set TMP5,%xmm6
+.set CTR0,%xmm7
+.set CTR1,%xmm8
+.set CTR2,%xmm9
+.set CTR3,%xmm10
+.set CTR4,%xmm11
+.set CTR5,%xmm12
+.set CTR6,%xmm13
+.set CTR7,%xmm14
+.set CTR,%xmm15
+
+ test len, len
+ jnz .LbeginDec
+ ret
+
+.LbeginDec:
+
+ pushq %rbp
+ pushq %rbx
+ movq %rsp, %rbp
+ sub $128, %rsp
+ andq $-16, %rsp
+ vmovdqu 288(Gctx), CTR
+ vmovdqu 272(Gctx), T
+ mov 304(Gctx), KS
+ mov 4(KS), NR
+ lea 48(KS), KS
+
+ vpshufb .Lbswap_mask(%rip), CTR, CTR
+ vpshufb .Lbswap_mask(%rip), T, T
+
+ vmovdqu .Lbswap_mask(%rip), TMP3
+ jmp .LDECOctets
+
+# Decrypt 8 blocks each time while hashing them at the same time
+.align 64
+.LDECOctets:
+
+ cmp $128, len
+ jb .LDECSingles
+ sub $128, len
+
+ vmovdqa CTR, CTR0
+ vpaddd .Lone(%rip), CTR0, CTR1
+ vpaddd .Ltwo(%rip), CTR0, CTR2
+ vpaddd .Lone(%rip), CTR2, CTR3
+ vpaddd .Ltwo(%rip), CTR2, CTR4
+ vpaddd .Lone(%rip), CTR4, CTR5
+ vpaddd .Ltwo(%rip), CTR4, CTR6
+ vpaddd .Lone(%rip), CTR6, CTR7
+ vpaddd .Ltwo(%rip), CTR6, CTR
+
+ vpshufb TMP3, CTR0, CTR0
+ vpshufb TMP3, CTR1, CTR1
+ vpshufb TMP3, CTR2, CTR2
+ vpshufb TMP3, CTR3, CTR3
+ vpshufb TMP3, CTR4, CTR4
+ vpshufb TMP3, CTR5, CTR5
+ vpshufb TMP3, CTR6, CTR6
+ vpshufb TMP3, CTR7, CTR7
+
+ vmovdqu (KS), TMP3
+ vpxor TMP3, CTR0, CTR0
+ vpxor TMP3, CTR1, CTR1
+ vpxor TMP3, CTR2, CTR2
+ vpxor TMP3, CTR3, CTR3
+ vpxor TMP3, CTR4, CTR4
+ vpxor TMP3, CTR5, CTR5
+ vpxor TMP3, CTR6, CTR6
+ vpxor TMP3, CTR7, CTR7
+
+ vmovdqu 7*16(CT), TMP5
+ vpshufb .Lbswap_mask(%rip), TMP5, TMP5
+ vmovdqu 16*0(Htbl), TMP3
+ vpclmulqdq $0x11, TMP3, TMP5, TMP1
+ vpclmulqdq $0x00, TMP3, TMP5, TMP2
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vmovdqu 128+0*16(Htbl), TMP3
+ vpclmulqdq $0x00, TMP3, TMP5, TMP0
+
+ ROUND 1
+ DEC_KARATSUBA 1
+
+ ROUND 2
+ DEC_KARATSUBA 2
+
+ ROUND 3
+ DEC_KARATSUBA 3
+
+ ROUND 4
+ DEC_KARATSUBA 4
+
+ ROUND 5
+ DEC_KARATSUBA 5
+
+ ROUND 6
+ DEC_KARATSUBA 6
+
+ ROUND 7
+
+ vmovdqu 0*16(CT), TMP5
+ vpshufb .Lbswap_mask(%rip), TMP5, TMP5
+ vpxor T, TMP5, TMP5
+ vmovdqu 16*7(Htbl), TMP4
+
+ vpclmulqdq $0x11, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP1, TMP1
+ vpclmulqdq $0x00, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP2, TMP2
+
+ vpshufd $78, TMP5, TMP3
+ vpxor TMP5, TMP3, TMP5
+ vmovdqu 128+7*16(Htbl), TMP4
+
+ vpclmulqdq $0x00, TMP4, TMP5, TMP3
+ vpxor TMP3, TMP0, TMP0
+
+ ROUND 8
+
+ vpxor TMP1, TMP0, TMP0
+ vpxor TMP2, TMP0, TMP0
+
+ vpsrldq $8, TMP0, TMP3
+ vpxor TMP3, TMP1, TMP4
+ vpslldq $8, TMP0, TMP3
+ vpxor TMP3, TMP2, T
+ vmovdqa .Lpoly(%rip), TMP2
+
+ vpalignr $8, T, T, TMP1
+ vpclmulqdq $0x10, TMP2, T, T
+ vpxor T, TMP1, T
+
+ ROUND 9
+
+ vpalignr $8, T, T, TMP1
+ vpclmulqdq $0x10, TMP2, T, T
+ vpxor T, TMP1, T
+
+ vmovdqu 160(KS), TMP5
+ cmp $10, NR
+
+ jbe .LDECLast1
+
+ ROUND 10
+ ROUND 11
+
+ vmovdqu 192(KS), TMP5
+ cmp $12, NR
+
+ jbe .LDECLast1
+
+ ROUND 12
+ ROUND 13
+
+ vmovdqu 224(KS), TMP5
+
+.LDECLast1:
+
+ vpxor (CT), TMP5, TMP3
+ vaesenclast TMP3, CTR0, CTR0
+ vpxor 16(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR1, CTR1
+ vpxor 32(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR2, CTR2
+ vpxor 48(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR3, CTR3
+ vpxor 64(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR4, CTR4
+ vpxor 80(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR5, CTR5
+ vpxor 96(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR6, CTR6
+ vpxor 112(CT), TMP5, TMP3
+ vaesenclast TMP3, CTR7, CTR7
+
+ vmovdqu .Lbswap_mask(%rip), TMP3
+
+ vmovdqu CTR0, (PT)
+ vmovdqu CTR1, 16(PT)
+ vmovdqu CTR2, 32(PT)
+ vmovdqu CTR3, 48(PT)
+ vmovdqu CTR4, 64(PT)
+ vmovdqu CTR5, 80(PT)
+ vmovdqu CTR6, 96(PT)
+ vmovdqu CTR7,112(PT)
+
+ vpxor TMP4, T, T
+
+ lea 128(CT), CT
+ lea 128(PT), PT
+ jmp .LDECOctets
+
+#Here we decrypt and hash any remaining whole block
+.LDECSingles:
+
+ cmp $16, len
+ jb .LDECTail
+ sub $16, len
+
+ vmovdqu (CT), TMP1
+ vpshufb .Lbswap_mask(%rip), TMP1, TMP1
+ vpxor TMP1, T, T
+ vmovdqu (Htbl), TMP0
+ call GFMUL
+
+
+ vpshufb .Lbswap_mask(%rip), CTR, TMP1
+ vpaddd .Lone(%rip), CTR, CTR
+
+ vpxor (KS), TMP1, TMP1
+ vaesenc 16*1(KS), TMP1, TMP1
+ vaesenc 16*2(KS), TMP1, TMP1
+ vaesenc 16*3(KS), TMP1, TMP1
+ vaesenc 16*4(KS), TMP1, TMP1
+ vaesenc 16*5(KS), TMP1, TMP1
+ vaesenc 16*6(KS), TMP1, TMP1
+ vaesenc 16*7(KS), TMP1, TMP1
+ vaesenc 16*8(KS), TMP1, TMP1
+ vaesenc 16*9(KS), TMP1, TMP1
+ vmovdqu 16*10(KS), TMP2
+ cmp $10, NR
+ je .LDECLast2
+ vaesenc 16*10(KS), TMP1, TMP1
+ vaesenc 16*11(KS), TMP1, TMP1
+ vmovdqu 16*12(KS), TMP2
+ cmp $12, NR
+ je .LDECLast2
+ vaesenc 16*12(KS), TMP1, TMP1
+ vaesenc 16*13(KS), TMP1, TMP1
+ vmovdqu 16*14(KS), TMP2
+.LDECLast2:
+ vaesenclast TMP2, TMP1, TMP1
+
+ vpxor (CT), TMP1, TMP1
+ vmovdqu TMP1, (PT)
+ addq $16, CT
+ addq $16, PT
+ jmp .LDECSingles
+
+#Here we decrypt the final partial block, if there is one
+.LDECTail:
+ test len, len
+ jz .LDEC_END
+
+ vpshufb .Lbswap_mask(%rip), CTR, TMP1
+ vpaddd .Lone(%rip), CTR, CTR
+
+ vpxor (KS), TMP1, TMP1
+ vaesenc 16*1(KS), TMP1, TMP1
+ vaesenc 16*2(KS), TMP1, TMP1
+ vaesenc 16*3(KS), TMP1, TMP1
+ vaesenc 16*4(KS), TMP1, TMP1
+ vaesenc 16*5(KS), TMP1, TMP1
+ vaesenc 16*6(KS), TMP1, TMP1
+ vaesenc 16*7(KS), TMP1, TMP1
+ vaesenc 16*8(KS), TMP1, TMP1
+ vaesenc 16*9(KS), TMP1, TMP1
+ vmovdqu 16*10(KS), TMP2
+ cmp $10, NR
+ je .LDECLast3
+ vaesenc 16*10(KS), TMP1, TMP1
+ vaesenc 16*11(KS), TMP1, TMP1
+ vmovdqu 16*12(KS), TMP2
+ cmp $12, NR
+ je .LDECLast3
+ vaesenc 16*12(KS), TMP1, TMP1
+ vaesenc 16*13(KS), TMP1, TMP1
+ vmovdqu 16*14(KS), TMP2
+
+.LDECLast3:
+ vaesenclast TMP2, TMP1, TMP1
+
+ vpxor TMP2, TMP2, TMP2
+ vmovdqa TMP2, (%rsp)
+# Copy the required bytes only (could probably use rep movsb)
+ xor KS, KS
+.LDecCpy:
+ cmp KS, len
+ je .LDecCpy2
+ movb (CT, KS, 1), %r8b
+ movb %r8b, (%rsp, KS, 1)
+ inc KS
+ jmp .LDecCpy
+.LDecCpy2:
+ cmp $16, KS
+ je .LDecCpyEnd
+ movb $0, (%rsp, KS, 1)
+ inc KS
+ jmp .LDecCpy2
+.LDecCpyEnd:
+# Xor with the counter block
+ vmovdqa (%rsp), TMP0
+ vpxor TMP0, TMP1, TMP1
+# Again, store at temp location
+ vmovdqa TMP1, (%rsp)
+# Copy only the required bytes to PT, and zero the rest for the hash
+ xor KS, KS
+.LDecCpy3:
+ cmp KS, len
+ je .LDecCpyEnd3
+ movb (%rsp, KS, 1), %r8b
+ movb %r8b, (PT, KS, 1)
+ inc KS
+ jmp .LDecCpy3
+.LDecCpyEnd3:
+ vpshufb .Lbswap_mask(%rip), TMP0, TMP0
+ vpxor TMP0, T, T
+ vmovdqu (Htbl), TMP0
+ call GFMUL
+.LDEC_END:
+
+ vpshufb .Lbswap_mask(%rip), T, T
+ vpshufb .Lbswap_mask(%rip), CTR, CTR
+ vmovdqu T, 272(Gctx)
+ vmovdqu CTR, 288(Gctx)
+
+ movq %rbp, %rsp
+
+ popq %rbx
+ popq %rbp
+ ret
+ .size intel_aes_gcmDEC, .-intel_aes_gcmDEC
+#########################
+# a = T
+# b = TMP0 - remains unchanged
+# res = T
+# uses also TMP1,TMP2,TMP3,TMP4
+# __m128i GFMUL(__m128i A, __m128i B);
+.type GFMUL,@function
+.globl GFMUL
+GFMUL:
+ vpclmulqdq $0x00, TMP0, T, TMP1
+ vpclmulqdq $0x11, TMP0, T, TMP4
+
+ vpshufd $78, T, TMP2
+ vpshufd $78, TMP0, TMP3
+ vpxor T, TMP2, TMP2
+ vpxor TMP0, TMP3, TMP3
+
+ vpclmulqdq $0x00, TMP3, TMP2, TMP2
+ vpxor TMP1, TMP2, TMP2
+ vpxor TMP4, TMP2, TMP2
+
+ vpslldq $8, TMP2, TMP3
+ vpsrldq $8, TMP2, TMP2
+
+ vpxor TMP3, TMP1, TMP1
+ vpxor TMP2, TMP4, TMP4
+
+ vpclmulqdq $0x10, .Lpoly(%rip), TMP1, TMP2
+ vpshufd $78, TMP1, TMP3
+ vpxor TMP3, TMP2, TMP1
+
+ vpclmulqdq $0x10, .Lpoly(%rip), TMP1, TMP2
+ vpshufd $78, TMP1, TMP3
+ vpxor TMP3, TMP2, TMP1
+
+ vpxor TMP4, TMP1, T
+ ret
+.size GFMUL, .-GFMUL
+
diff --git a/security/nss/lib/freebl/jpake.c b/security/nss/lib/freebl/jpake.c
new file mode 100644
index 000000000..741c7a876
--- /dev/null
+++ b/security/nss/lib/freebl/jpake.c
@@ -0,0 +1,495 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "secerr.h"
+#include "secitem.h"
+#include "secmpi.h"
+
+/* Hash an item's length and then its value. Only items smaller than 2^16 bytes
+ * are allowed. Lengths are hashed in network byte order. This is designed
+ * to match the OpenSSL J-PAKE implementation.
+ */
+static mp_err
+hashSECItem(HASHContext *hash, const SECItem *it)
+{
+ unsigned char length[2];
+
+ if (it->len > 0xffff)
+ return MP_BADARG;
+
+ length[0] = (unsigned char)(it->len >> 8);
+ length[1] = (unsigned char)(it->len);
+ hash->hashobj->update(hash->hash_context, length, 2);
+ hash->hashobj->update(hash->hash_context, it->data, it->len);
+ return MP_OKAY;
+}
+
+/* Hash all public components of the signature, each prefixed with its
+ length, and then convert the hash to an mp_int. */
+static mp_err
+hashPublicParams(HASH_HashType hashType, const SECItem *g,
+ const SECItem *gv, const SECItem *gx,
+ const SECItem *signerID, mp_int *h)
+{
+ mp_err err;
+ unsigned char hBuf[HASH_LENGTH_MAX];
+ SECItem hItem;
+ HASHContext hash;
+
+ hash.hashobj = HASH_GetRawHashObject(hashType);
+ if (hash.hashobj == NULL || hash.hashobj->length > sizeof hBuf) {
+ return MP_BADARG;
+ }
+ hash.hash_context = hash.hashobj->create();
+ if (hash.hash_context == NULL) {
+ return MP_MEM;
+ }
+
+ hItem.data = hBuf;
+ hItem.len = hash.hashobj->length;
+
+ hash.hashobj->begin(hash.hash_context);
+ CHECK_MPI_OK(hashSECItem(&hash, g));
+ CHECK_MPI_OK(hashSECItem(&hash, gv));
+ CHECK_MPI_OK(hashSECItem(&hash, gx));
+ CHECK_MPI_OK(hashSECItem(&hash, signerID));
+ hash.hashobj->end(hash.hash_context, hItem.data, &hItem.len,
+ sizeof hBuf);
+ SECITEM_TO_MPINT(hItem, h);
+
+cleanup:
+ if (hash.hash_context != NULL) {
+ hash.hashobj->destroy(hash.hash_context, PR_TRUE);
+ }
+
+ return err;
+}
+
+/* Generate a Schnorr signature for round 1 or round 2 */
+SECStatus
+JPAKE_Sign(PLArenaPool *arena, const PQGParams *pqg, HASH_HashType hashType,
+ const SECItem *signerID, const SECItem *x,
+ const SECItem *testRandom, const SECItem *gxIn, SECItem *gxOut,
+ SECItem *gv, SECItem *r)
+{
+ SECStatus rv = SECSuccess;
+ mp_err err;
+ mp_int p;
+ mp_int q;
+ mp_int g;
+ mp_int X;
+ mp_int GX;
+ mp_int V;
+ mp_int GV;
+ mp_int h;
+ mp_int tmp;
+ mp_int R;
+ SECItem v;
+
+ if (!arena ||
+ !pqg || !pqg->prime.data || pqg->prime.len == 0 ||
+ !pqg->subPrime.data || pqg->subPrime.len == 0 ||
+ !pqg->base.data || pqg->base.len == 0 ||
+ !signerID || !signerID->data || signerID->len == 0 ||
+ !x || !x->data || x->len == 0 ||
+ (testRandom && (!testRandom->data || testRandom->len == 0)) ||
+ (gxIn == NULL && (!gxOut || gxOut->data != NULL)) ||
+ (gxIn != NULL && (!gxIn->data || gxIn->len == 0 || gxOut != NULL)) ||
+ !gv || gv->data != NULL ||
+ !r || r->data != NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&X) = 0;
+ MP_DIGITS(&GX) = 0;
+ MP_DIGITS(&V) = 0;
+ MP_DIGITS(&GV) = 0;
+ MP_DIGITS(&h) = 0;
+ MP_DIGITS(&tmp) = 0;
+ MP_DIGITS(&R) = 0;
+
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&g));
+ CHECK_MPI_OK(mp_init(&X));
+ CHECK_MPI_OK(mp_init(&GX));
+ CHECK_MPI_OK(mp_init(&V));
+ CHECK_MPI_OK(mp_init(&GV));
+ CHECK_MPI_OK(mp_init(&h));
+ CHECK_MPI_OK(mp_init(&tmp));
+ CHECK_MPI_OK(mp_init(&R));
+
+ SECITEM_TO_MPINT(pqg->prime, &p);
+ SECITEM_TO_MPINT(pqg->subPrime, &q);
+ SECITEM_TO_MPINT(pqg->base, &g);
+ SECITEM_TO_MPINT(*x, &X);
+
+ /* gx = g^x */
+ if (gxIn == NULL) {
+ CHECK_MPI_OK(mp_exptmod(&g, &X, &p, &GX));
+ MPINT_TO_SECITEM(&GX, gxOut, arena);
+ gxIn = gxOut;
+ } else {
+ SECITEM_TO_MPINT(*gxIn, &GX);
+ }
+
+ /* v is a random value in the q subgroup */
+ if (testRandom == NULL) {
+ v.data = NULL;
+ rv = DSA_NewRandom(arena, &pqg->subPrime, &v);
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+ } else {
+ v.data = testRandom->data;
+ v.len = testRandom->len;
+ }
+ SECITEM_TO_MPINT(v, &V);
+
+ /* gv = g^v (mod q), random v, 1 <= v < q */
+ CHECK_MPI_OK(mp_exptmod(&g, &V, &p, &GV));
+ MPINT_TO_SECITEM(&GV, gv, arena);
+
+ /* h = H(g, gv, gx, signerID) */
+ CHECK_MPI_OK(hashPublicParams(hashType, &pqg->base, gv, gxIn, signerID,
+ &h));
+
+ /* r = v - x*h (mod q) */
+ CHECK_MPI_OK(mp_mulmod(&X, &h, &q, &tmp));
+ CHECK_MPI_OK(mp_submod(&V, &tmp, &q, &R));
+ MPINT_TO_SECITEM(&R, r, arena);
+
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&g);
+ mp_clear(&X);
+ mp_clear(&GX);
+ mp_clear(&V);
+ mp_clear(&GV);
+ mp_clear(&h);
+ mp_clear(&tmp);
+ mp_clear(&R);
+
+ if (rv == SECSuccess && err != MP_OKAY) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/* Verify a Schnorr signature generated by the peer in round 1 or round 2. */
+SECStatus
+JPAKE_Verify(PLArenaPool *arena, const PQGParams *pqg, HASH_HashType hashType,
+ const SECItem *signerID, const SECItem *peerID,
+ const SECItem *gx, const SECItem *gv, const SECItem *r)
+{
+ SECStatus rv = SECSuccess;
+ mp_err err;
+ mp_int p;
+ mp_int q;
+ mp_int g;
+ mp_int p_minus_1;
+ mp_int GX;
+ mp_int h;
+ mp_int one;
+ mp_int R;
+ mp_int gr;
+ mp_int gxh;
+ mp_int gr_gxh;
+ SECItem calculated;
+
+ if (!arena ||
+ !pqg || !pqg->prime.data || pqg->prime.len == 0 ||
+ !pqg->subPrime.data || pqg->subPrime.len == 0 ||
+ !pqg->base.data || pqg->base.len == 0 ||
+ !signerID || !signerID->data || signerID->len == 0 ||
+ !peerID || !peerID->data || peerID->len == 0 ||
+ !gx || !gx->data || gx->len == 0 ||
+ !gv || !gv->data || gv->len == 0 ||
+ !r || !r->data || r->len == 0 ||
+ SECITEM_CompareItem(signerID, peerID) == SECEqual) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&p_minus_1) = 0;
+ MP_DIGITS(&GX) = 0;
+ MP_DIGITS(&h) = 0;
+ MP_DIGITS(&one) = 0;
+ MP_DIGITS(&R) = 0;
+ MP_DIGITS(&gr) = 0;
+ MP_DIGITS(&gxh) = 0;
+ MP_DIGITS(&gr_gxh) = 0;
+ calculated.data = NULL;
+
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&g));
+ CHECK_MPI_OK(mp_init(&p_minus_1));
+ CHECK_MPI_OK(mp_init(&GX));
+ CHECK_MPI_OK(mp_init(&h));
+ CHECK_MPI_OK(mp_init(&one));
+ CHECK_MPI_OK(mp_init(&R));
+ CHECK_MPI_OK(mp_init(&gr));
+ CHECK_MPI_OK(mp_init(&gxh));
+ CHECK_MPI_OK(mp_init(&gr_gxh));
+
+ SECITEM_TO_MPINT(pqg->prime, &p);
+ SECITEM_TO_MPINT(pqg->subPrime, &q);
+ SECITEM_TO_MPINT(pqg->base, &g);
+ SECITEM_TO_MPINT(*gx, &GX);
+ SECITEM_TO_MPINT(*r, &R);
+
+ CHECK_MPI_OK(mp_sub_d(&p, 1, &p_minus_1));
+ CHECK_MPI_OK(mp_exptmod(&GX, &q, &p, &one));
+ /* Check g^x is in [1, p-2], R is in [0, q-1], and (g^x)^q mod p == 1 */
+ if (!(mp_cmp_z(&GX) > 0 &&
+ mp_cmp(&GX, &p_minus_1) < 0 &&
+ mp_cmp(&R, &q) < 0 &&
+ mp_cmp_d(&one, 1) == 0)) {
+ goto badSig;
+ }
+
+ CHECK_MPI_OK(hashPublicParams(hashType, &pqg->base, gv, gx, peerID,
+ &h));
+
+ /* Calculate g^v = g^r * g^x^h */
+ CHECK_MPI_OK(mp_exptmod(&g, &R, &p, &gr));
+ CHECK_MPI_OK(mp_exptmod(&GX, &h, &p, &gxh));
+ CHECK_MPI_OK(mp_mulmod(&gr, &gxh, &p, &gr_gxh));
+
+ /* Compare calculated g^v to given g^v */
+ MPINT_TO_SECITEM(&gr_gxh, &calculated, arena);
+ if (calculated.len == gv->len &&
+ NSS_SecureMemcmp(calculated.data, gv->data, calculated.len) == 0) {
+ rv = SECSuccess;
+ } else {
+ badSig:
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ }
+
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&g);
+ mp_clear(&p_minus_1);
+ mp_clear(&GX);
+ mp_clear(&h);
+ mp_clear(&one);
+ mp_clear(&R);
+ mp_clear(&gr);
+ mp_clear(&gxh);
+ mp_clear(&gr_gxh);
+
+ if (rv == SECSuccess && err != MP_OKAY) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/* Calculate base = gx1*gx3*gx4 (mod p), i.e. g^(x1+x3+x4) (mod p) */
+static mp_err
+jpake_Round2Base(const SECItem *gx1, const SECItem *gx3,
+ const SECItem *gx4, const mp_int *p, mp_int *base)
+{
+ mp_err err;
+ mp_int GX1;
+ mp_int GX3;
+ mp_int GX4;
+ mp_int tmp;
+
+ MP_DIGITS(&GX1) = 0;
+ MP_DIGITS(&GX3) = 0;
+ MP_DIGITS(&GX4) = 0;
+ MP_DIGITS(&tmp) = 0;
+
+ CHECK_MPI_OK(mp_init(&GX1));
+ CHECK_MPI_OK(mp_init(&GX3));
+ CHECK_MPI_OK(mp_init(&GX4));
+ CHECK_MPI_OK(mp_init(&tmp));
+
+ SECITEM_TO_MPINT(*gx1, &GX1);
+ SECITEM_TO_MPINT(*gx3, &GX3);
+ SECITEM_TO_MPINT(*gx4, &GX4);
+
+ /* In round 2, the peer/attacker sends us g^x3 and g^x4 and the protocol
+ requires that these values are distinct. */
+ if (mp_cmp(&GX3, &GX4) == 0) {
+ return MP_BADARG;
+ }
+
+ CHECK_MPI_OK(mp_mul(&GX1, &GX3, &tmp));
+ CHECK_MPI_OK(mp_mul(&tmp, &GX4, &tmp));
+ CHECK_MPI_OK(mp_mod(&tmp, p, base));
+
+cleanup:
+ mp_clear(&GX1);
+ mp_clear(&GX3);
+ mp_clear(&GX4);
+ mp_clear(&tmp);
+ return err;
+}
+
+SECStatus
+JPAKE_Round2(PLArenaPool *arena,
+ const SECItem *p, const SECItem *q, const SECItem *gx1,
+ const SECItem *gx3, const SECItem *gx4, SECItem *base,
+ const SECItem *x2, const SECItem *s, SECItem *x2s)
+{
+ mp_err err;
+ mp_int P;
+ mp_int Q;
+ mp_int X2;
+ mp_int S;
+ mp_int result;
+
+ if (!arena ||
+ !p || !p->data || p->len == 0 ||
+ !q || !q->data || q->len == 0 ||
+ !gx1 || !gx1->data || gx1->len == 0 ||
+ !gx3 || !gx3->data || gx3->len == 0 ||
+ !gx4 || !gx4->data || gx4->len == 0 ||
+ !base || base->data != NULL ||
+ (x2s != NULL && (x2s->data != NULL ||
+ !x2 || !x2->data || x2->len == 0 ||
+ !s || !s->data || s->len == 0))) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&P) = 0;
+ MP_DIGITS(&Q) = 0;
+ MP_DIGITS(&X2) = 0;
+ MP_DIGITS(&S) = 0;
+ MP_DIGITS(&result) = 0;
+
+ CHECK_MPI_OK(mp_init(&P));
+ CHECK_MPI_OK(mp_init(&Q));
+ CHECK_MPI_OK(mp_init(&result));
+
+ if (x2s != NULL) {
+ CHECK_MPI_OK(mp_init(&X2));
+ CHECK_MPI_OK(mp_init(&S));
+
+ SECITEM_TO_MPINT(*q, &Q);
+ SECITEM_TO_MPINT(*x2, &X2);
+
+ SECITEM_TO_MPINT(*s, &S);
+ /* S must be in [1, Q-1] */
+ if (mp_cmp_z(&S) <= 0 || mp_cmp(&S, &Q) >= 0) {
+ err = MP_BADARG;
+ goto cleanup;
+ }
+
+ CHECK_MPI_OK(mp_mulmod(&X2, &S, &Q, &result));
+ MPINT_TO_SECITEM(&result, x2s, arena);
+ }
+
+ SECITEM_TO_MPINT(*p, &P);
+ CHECK_MPI_OK(jpake_Round2Base(gx1, gx3, gx4, &P, &result));
+ MPINT_TO_SECITEM(&result, base, arena);
+
+cleanup:
+ mp_clear(&P);
+ mp_clear(&Q);
+ mp_clear(&X2);
+ mp_clear(&S);
+ mp_clear(&result);
+
+ if (err != MP_OKAY) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+JPAKE_Final(PLArenaPool *arena, const SECItem *p, const SECItem *q,
+ const SECItem *x2, const SECItem *gx4, const SECItem *x2s,
+ const SECItem *B, SECItem *K)
+{
+ mp_err err;
+ mp_int P;
+ mp_int Q;
+ mp_int tmp;
+ mp_int exponent;
+ mp_int divisor;
+ mp_int base;
+
+ if (!arena ||
+ !p || !p->data || p->len == 0 ||
+ !q || !q->data || q->len == 0 ||
+ !x2 || !x2->data || x2->len == 0 ||
+ !gx4 || !gx4->data || gx4->len == 0 ||
+ !x2s || !x2s->data || x2s->len == 0 ||
+ !B || !B->data || B->len == 0 ||
+ !K || K->data != NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&P) = 0;
+ MP_DIGITS(&Q) = 0;
+ MP_DIGITS(&tmp) = 0;
+ MP_DIGITS(&exponent) = 0;
+ MP_DIGITS(&divisor) = 0;
+ MP_DIGITS(&base) = 0;
+
+ CHECK_MPI_OK(mp_init(&P));
+ CHECK_MPI_OK(mp_init(&Q));
+ CHECK_MPI_OK(mp_init(&tmp));
+ CHECK_MPI_OK(mp_init(&exponent));
+ CHECK_MPI_OK(mp_init(&divisor));
+ CHECK_MPI_OK(mp_init(&base));
+
+ /* exponent = -x2s (mod q) */
+ SECITEM_TO_MPINT(*q, &Q);
+ SECITEM_TO_MPINT(*x2s, &tmp);
+ /* q == 0 (mod q), so q - x2s == -x2s (mod q) */
+ CHECK_MPI_OK(mp_sub(&Q, &tmp, &exponent));
+
+ /* divisor = gx4^-x2s = 1/(gx4^x2s) (mod p) */
+ SECITEM_TO_MPINT(*p, &P);
+ SECITEM_TO_MPINT(*gx4, &tmp);
+ CHECK_MPI_OK(mp_exptmod(&tmp, &exponent, &P, &divisor));
+
+ /* base = B*divisor = B/(gx4^x2s) (mod p) */
+ SECITEM_TO_MPINT(*B, &tmp);
+ CHECK_MPI_OK(mp_mulmod(&divisor, &tmp, &P, &base));
+
+ /* tmp = base^x2 (mod p) */
+ SECITEM_TO_MPINT(*x2, &exponent);
+ CHECK_MPI_OK(mp_exptmod(&base, &exponent, &P, &tmp));
+
+ MPINT_TO_SECITEM(&tmp, K, arena);
+
+cleanup:
+ mp_clear(&P);
+ mp_clear(&Q);
+ mp_clear(&tmp);
+ mp_clear(&exponent);
+ mp_clear(&divisor);
+ mp_clear(&base);
+
+ if (err != MP_OKAY) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/freebl/ldvector.c b/security/nss/lib/freebl/ldvector.c
new file mode 100644
index 000000000..2447a0c9f
--- /dev/null
+++ b/security/nss/lib/freebl/ldvector.c
@@ -0,0 +1,353 @@
+/*
+ * ldvector.c - platform dependent DSO containing freebl implementation.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+extern int FREEBL_InitStubs(void);
+#endif
+
+#include "loader.h"
+#include "alghmac.h"
+#include "hmacct.h"
+#include "blapii.h"
+
+static const struct FREEBLVectorStr vector =
+ {
+
+ sizeof vector,
+ FREEBL_VERSION,
+
+ RSA_NewKey,
+ RSA_PublicKeyOp,
+ RSA_PrivateKeyOp,
+ DSA_NewKey,
+ DSA_SignDigest,
+ DSA_VerifyDigest,
+ DSA_NewKeyFromSeed,
+ DSA_SignDigestWithSeed,
+ DH_GenParam,
+ DH_NewKey,
+ DH_Derive,
+ KEA_Derive,
+ KEA_Verify,
+ RC4_CreateContext,
+ RC4_DestroyContext,
+ RC4_Encrypt,
+ RC4_Decrypt,
+ RC2_CreateContext,
+ RC2_DestroyContext,
+ RC2_Encrypt,
+ RC2_Decrypt,
+ RC5_CreateContext,
+ RC5_DestroyContext,
+ RC5_Encrypt,
+ RC5_Decrypt,
+ DES_CreateContext,
+ DES_DestroyContext,
+ DES_Encrypt,
+ DES_Decrypt,
+ AES_CreateContext,
+ AES_DestroyContext,
+ AES_Encrypt,
+ AES_Decrypt,
+ MD5_Hash,
+ MD5_HashBuf,
+ MD5_NewContext,
+ MD5_DestroyContext,
+ MD5_Begin,
+ MD5_Update,
+ MD5_End,
+ MD5_FlattenSize,
+ MD5_Flatten,
+ MD5_Resurrect,
+ MD5_TraceState,
+ MD2_Hash,
+ MD2_NewContext,
+ MD2_DestroyContext,
+ MD2_Begin,
+ MD2_Update,
+ MD2_End,
+ MD2_FlattenSize,
+ MD2_Flatten,
+ MD2_Resurrect,
+ SHA1_Hash,
+ SHA1_HashBuf,
+ SHA1_NewContext,
+ SHA1_DestroyContext,
+ SHA1_Begin,
+ SHA1_Update,
+ SHA1_End,
+ SHA1_TraceState,
+ SHA1_FlattenSize,
+ SHA1_Flatten,
+ SHA1_Resurrect,
+ RNG_RNGInit,
+ RNG_RandomUpdate,
+ RNG_GenerateGlobalRandomBytes,
+ RNG_RNGShutdown,
+ PQG_ParamGen,
+ PQG_ParamGenSeedLen,
+ PQG_VerifyParams,
+
+ /* End of Version 3.001. */
+
+ RSA_PrivateKeyOpDoubleChecked,
+ RSA_PrivateKeyCheck,
+ BL_Cleanup,
+
+ /* End of Version 3.002. */
+
+ SHA256_NewContext,
+ SHA256_DestroyContext,
+ SHA256_Begin,
+ SHA256_Update,
+ SHA256_End,
+ SHA256_HashBuf,
+ SHA256_Hash,
+ SHA256_TraceState,
+ SHA256_FlattenSize,
+ SHA256_Flatten,
+ SHA256_Resurrect,
+
+ SHA512_NewContext,
+ SHA512_DestroyContext,
+ SHA512_Begin,
+ SHA512_Update,
+ SHA512_End,
+ SHA512_HashBuf,
+ SHA512_Hash,
+ SHA512_TraceState,
+ SHA512_FlattenSize,
+ SHA512_Flatten,
+ SHA512_Resurrect,
+
+ SHA384_NewContext,
+ SHA384_DestroyContext,
+ SHA384_Begin,
+ SHA384_Update,
+ SHA384_End,
+ SHA384_HashBuf,
+ SHA384_Hash,
+ SHA384_TraceState,
+ SHA384_FlattenSize,
+ SHA384_Flatten,
+ SHA384_Resurrect,
+
+ /* End of Version 3.003. */
+
+ AESKeyWrap_CreateContext,
+ AESKeyWrap_DestroyContext,
+ AESKeyWrap_Encrypt,
+ AESKeyWrap_Decrypt,
+
+ /* End of Version 3.004. */
+
+ BLAPI_SHVerify,
+ BLAPI_VerifySelf,
+
+ /* End of Version 3.005. */
+
+ EC_NewKey,
+ EC_NewKeyFromSeed,
+ EC_ValidatePublicKey,
+ ECDH_Derive,
+ ECDSA_SignDigest,
+ ECDSA_VerifyDigest,
+ ECDSA_SignDigestWithSeed,
+
+ /* End of Version 3.006. */
+ /* End of Version 3.007. */
+
+ AES_InitContext,
+ AESKeyWrap_InitContext,
+ DES_InitContext,
+ RC2_InitContext,
+ RC4_InitContext,
+
+ AES_AllocateContext,
+ AESKeyWrap_AllocateContext,
+ DES_AllocateContext,
+ RC2_AllocateContext,
+ RC4_AllocateContext,
+
+ MD2_Clone,
+ MD5_Clone,
+ SHA1_Clone,
+ SHA256_Clone,
+ SHA384_Clone,
+ SHA512_Clone,
+
+ TLS_PRF,
+ HASH_GetRawHashObject,
+
+ HMAC_Create,
+ HMAC_Init,
+ HMAC_Begin,
+ HMAC_Update,
+ HMAC_Clone,
+ HMAC_Finish,
+ HMAC_Destroy,
+
+ RNG_SystemInfoForRNG,
+
+ /* End of Version 3.008. */
+
+ FIPS186Change_GenerateX,
+ FIPS186Change_ReduceModQForDSA,
+
+ /* End of Version 3.009. */
+ Camellia_InitContext,
+ Camellia_AllocateContext,
+ Camellia_CreateContext,
+ Camellia_DestroyContext,
+ Camellia_Encrypt,
+ Camellia_Decrypt,
+
+ PQG_DestroyParams,
+ PQG_DestroyVerify,
+
+ /* End of Version 3.010. */
+
+ SEED_InitContext,
+ SEED_AllocateContext,
+ SEED_CreateContext,
+ SEED_DestroyContext,
+ SEED_Encrypt,
+ SEED_Decrypt,
+
+ BL_Init,
+ BL_SetForkState,
+
+ PRNGTEST_Instantiate,
+ PRNGTEST_Reseed,
+ PRNGTEST_Generate,
+
+ PRNGTEST_Uninstantiate,
+
+ /* End of Version 3.011. */
+
+ RSA_PopulatePrivateKey,
+
+ DSA_NewRandom,
+
+ JPAKE_Sign,
+ JPAKE_Verify,
+ JPAKE_Round2,
+ JPAKE_Final,
+
+ /* End of Version 3.012 */
+
+ TLS_P_hash,
+ SHA224_NewContext,
+ SHA224_DestroyContext,
+ SHA224_Begin,
+ SHA224_Update,
+ SHA224_End,
+ SHA224_HashBuf,
+ SHA224_Hash,
+ SHA224_TraceState,
+ SHA224_FlattenSize,
+ SHA224_Flatten,
+ SHA224_Resurrect,
+ SHA224_Clone,
+ BLAPI_SHVerifyFile,
+
+ /* End of Version 3.013 */
+
+ PQG_ParamGenV2,
+ PRNGTEST_RunHealthTests,
+
+ /* End of Version 3.014 */
+
+ HMAC_ConstantTime,
+ SSLv3_MAC_ConstantTime,
+
+ /* End of Version 3.015 */
+
+ RSA_SignRaw,
+ RSA_CheckSignRaw,
+ RSA_CheckSignRecoverRaw,
+ RSA_EncryptRaw,
+ RSA_DecryptRaw,
+ RSA_EncryptOAEP,
+ RSA_DecryptOAEP,
+ RSA_EncryptBlock,
+ RSA_DecryptBlock,
+ RSA_SignPSS,
+ RSA_CheckSignPSS,
+ RSA_Sign,
+ RSA_CheckSign,
+ RSA_CheckSignRecover,
+
+ /* End of Version 3.016 */
+
+ EC_FillParams,
+ EC_DecodeParams,
+ EC_CopyParams,
+
+ /* End of Version 3.017 */
+
+ ChaCha20Poly1305_InitContext,
+ ChaCha20Poly1305_CreateContext,
+ ChaCha20Poly1305_DestroyContext,
+ ChaCha20Poly1305_Seal,
+ ChaCha20Poly1305_Open,
+
+ /* End of Version 3.018 */
+
+ EC_GetPointSize
+
+ /* End of Version 3.019 */
+ };
+
+const FREEBLVector*
+FREEBL_GetVector(void)
+{
+#ifdef FREEBL_NO_DEPEND
+ SECStatus rv;
+#endif
+
+#define NSS_VERSION_VARIABLE __nss_freebl_version
+#include "verref.h"
+
+#ifdef FREEBL_NO_DEPEND
+ /* this entry point is only valid if nspr and nss-util has been loaded */
+ rv = FREEBL_InitStubs();
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+#endif
+ /* make sure the Full self tests have been run before continuing */
+ BL_POSTRan(PR_FALSE);
+
+ return &vector;
+}
+
+#ifdef FREEBL_LOWHASH
+static const struct NSSLOWVectorStr nssvector =
+ {
+ sizeof nssvector,
+ NSSLOW_VERSION,
+ FREEBL_GetVector,
+ NSSLOW_Init,
+ NSSLOW_Shutdown,
+ NSSLOW_Reset,
+ NSSLOWHASH_NewContext,
+ NSSLOWHASH_Begin,
+ NSSLOWHASH_Update,
+ NSSLOWHASH_End,
+ NSSLOWHASH_Destroy,
+ NSSLOWHASH_Length
+ };
+
+const NSSLOWVector*
+NSSLOW_GetVector(void)
+{
+ /* POST check and stub init happens in FREEBL_GetVector() and
+ * NSSLOW_Init() respectively */
+ return &nssvector;
+}
+#endif
diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c
new file mode 100644
index 000000000..792171b08
--- /dev/null
+++ b/security/nss/lib/freebl/loader.c
@@ -0,0 +1,2126 @@
+/*
+ * loader.c - load platform dependent DSO containing freebl implementation.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "loader.h"
+#include "prmem.h"
+#include "prerror.h"
+#include "prinit.h"
+#include "prenv.h"
+#include "blname.c"
+
+#include "prio.h"
+#include "prprf.h"
+#include <stdio.h>
+#include "prsystem.h"
+
+static const char *NameOfThisSharedLib =
+ SHLIB_PREFIX "softokn" SOFTOKEN_SHLIB_VERSION "." SHLIB_SUFFIX;
+
+static PRLibrary *blLib = NULL;
+
+#define LSB(x) ((x)&0xff)
+#define MSB(x) ((x) >> 8)
+
+static const FREEBLVector *vector;
+static const char *libraryName = NULL;
+
+#include "genload.c"
+
+/* This function must be run only once. */
+/* determine if hybrid platform, then actually load the DSO. */
+static PRStatus
+freebl_LoadDSO(void)
+{
+ PRLibrary *handle;
+ const char *name = getLibName();
+
+ if (!name) {
+ PR_SetError(PR_LOAD_LIBRARY_ERROR, 0);
+ return PR_FAILURE;
+ }
+
+ handle = loader_LoadLibrary(name);
+ if (handle) {
+ PRFuncPtr address = PR_FindFunctionSymbol(handle, "FREEBL_GetVector");
+ if (address) {
+ FREEBLGetVectorFn *getVector = (FREEBLGetVectorFn *)address;
+ const FREEBLVector *dsoVector = getVector();
+ if (dsoVector) {
+ unsigned short dsoVersion = dsoVector->version;
+ unsigned short myVersion = FREEBL_VERSION;
+ if (MSB(dsoVersion) == MSB(myVersion) &&
+ LSB(dsoVersion) >= LSB(myVersion) &&
+ dsoVector->length >= sizeof(FREEBLVector)) {
+ vector = dsoVector;
+ libraryName = name;
+ blLib = handle;
+ return PR_SUCCESS;
+ }
+ }
+ }
+#ifdef DEBUG
+ if (blLib) {
+ PRStatus status = PR_UnloadLibrary(blLib);
+ PORT_Assert(PR_SUCCESS == status);
+ }
+#else
+ if (blLib)
+ PR_UnloadLibrary(blLib);
+#endif
+ }
+ return PR_FAILURE;
+}
+
+static const PRCallOnceType pristineCallOnce;
+static PRCallOnceType loadFreeBLOnce;
+
+static PRStatus
+freebl_RunLoaderOnce(void)
+{
+ PRStatus status;
+
+ status = PR_CallOnce(&loadFreeBLOnce, &freebl_LoadDSO);
+ return status;
+}
+
+SECStatus
+BL_Init(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_BL_Init)();
+}
+
+RSAPrivateKey *
+RSA_NewKey(int keySizeInBits, SECItem *publicExponent)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_RSA_NewKey)(keySizeInBits, publicExponent);
+}
+
+SECStatus
+RSA_PublicKeyOp(RSAPublicKey *key,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_PublicKeyOp)(key, output, input);
+}
+
+SECStatus
+RSA_PrivateKeyOp(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_PrivateKeyOp)(key, output, input);
+}
+
+SECStatus
+RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_PrivateKeyOpDoubleChecked)(key, output, input);
+}
+
+SECStatus
+RSA_PrivateKeyCheck(const RSAPrivateKey *key)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_PrivateKeyCheck)(key);
+}
+
+SECStatus
+DSA_NewKey(const PQGParams *params, DSAPrivateKey **privKey)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DSA_NewKey)(params, privKey);
+}
+
+SECStatus
+DSA_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DSA_SignDigest)(key, signature, digest);
+}
+
+SECStatus
+DSA_VerifyDigest(DSAPublicKey *key, const SECItem *signature,
+ const SECItem *digest)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DSA_VerifyDigest)(key, signature, digest);
+}
+
+SECStatus
+DSA_NewKeyFromSeed(const PQGParams *params, const unsigned char *seed,
+ DSAPrivateKey **privKey)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DSA_NewKeyFromSeed)(params, seed, privKey);
+}
+
+SECStatus
+DSA_SignDigestWithSeed(DSAPrivateKey *key, SECItem *signature,
+ const SECItem *digest, const unsigned char *seed)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DSA_SignDigestWithSeed)(key, signature, digest, seed);
+}
+
+SECStatus
+DSA_NewRandom(PLArenaPool *arena, const SECItem *q, SECItem *seed)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DSA_NewRandom)(arena, q, seed);
+}
+
+SECStatus
+DH_GenParam(int primeLen, DHParams **params)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DH_GenParam)(primeLen, params);
+}
+
+SECStatus
+DH_NewKey(DHParams *params, DHPrivateKey **privKey)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DH_NewKey)(params, privKey);
+}
+
+SECStatus
+DH_Derive(SECItem *publicValue, SECItem *prime, SECItem *privateValue,
+ SECItem *derivedSecret, unsigned int maxOutBytes)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DH_Derive)(publicValue, prime, privateValue,
+ derivedSecret, maxOutBytes);
+}
+
+SECStatus
+KEA_Derive(SECItem *prime, SECItem *public1, SECItem *public2,
+ SECItem *private1, SECItem *private2, SECItem *derivedSecret)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_KEA_Derive)(prime, public1, public2,
+ private1, private2, derivedSecret);
+}
+
+PRBool
+KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return PR_FALSE;
+ return (vector->p_KEA_Verify)(Y, prime, subPrime);
+}
+
+RC4Context *
+RC4_CreateContext(const unsigned char *key, int len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_RC4_CreateContext)(key, len);
+}
+
+void
+RC4_DestroyContext(RC4Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_RC4_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+RC4_Encrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC4_Encrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+RC4_Decrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC4_Decrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+RC2Context *
+RC2_CreateContext(const unsigned char *key, unsigned int len,
+ const unsigned char *iv, int mode, unsigned effectiveKeyLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_RC2_CreateContext)(key, len, iv, mode, effectiveKeyLen);
+}
+
+void
+RC2_DestroyContext(RC2Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_RC2_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+RC2_Encrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC2_Encrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+RC2_Decrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC2_Decrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+RC5Context *
+RC5_CreateContext(const SECItem *key, unsigned int rounds,
+ unsigned int wordSize, const unsigned char *iv, int mode)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_RC5_CreateContext)(key, rounds, wordSize, iv, mode);
+}
+
+void
+RC5_DestroyContext(RC5Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_RC5_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC5_Encrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC5_Decrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+DESContext *
+DES_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, PRBool encrypt)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_DES_CreateContext)(key, iv, mode, encrypt);
+}
+
+void
+DES_DestroyContext(DESContext *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_DES_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+DES_Encrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DES_Encrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+DES_Decrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DES_Decrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+SEEDContext *
+SEED_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, PRBool encrypt)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SEED_CreateContext)(key, iv, mode, encrypt);
+}
+
+void
+SEED_DestroyContext(SEEDContext *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SEED_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+SEED_Encrypt(SEEDContext *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SEED_Encrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+SEED_Decrypt(SEEDContext *cx, unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SEED_Decrypt)(cx, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+AESContext *
+AES_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, int encrypt,
+ unsigned int keylen, unsigned int blocklen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_AES_CreateContext)(key, iv, mode, encrypt, keylen,
+ blocklen);
+}
+
+void
+AES_DestroyContext(AESContext *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_AES_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+AES_Encrypt(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_AES_Encrypt)(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+AES_Decrypt(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_AES_Decrypt)(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+MD5_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_MD5_Hash)(dest, src);
+}
+
+SECStatus
+MD5_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_MD5_HashBuf)(dest, src, src_length);
+}
+
+MD5Context *
+MD5_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_MD5_NewContext)();
+}
+
+void
+MD5_DestroyContext(MD5Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD5_DestroyContext)(cx, freeit);
+}
+
+void
+MD5_Begin(MD5Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD5_Begin)(cx);
+}
+
+void
+MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD5_Update)(cx, input, inputLen);
+}
+
+void
+MD5_End(MD5Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD5_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+unsigned int
+MD5_FlattenSize(MD5Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_MD5_FlattenSize)(cx);
+}
+
+SECStatus
+MD5_Flatten(MD5Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_MD5_Flatten)(cx, space);
+}
+
+MD5Context *
+MD5_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_MD5_Resurrect)(space, arg);
+}
+
+void
+MD5_TraceState(MD5Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD5_TraceState)(cx);
+}
+
+SECStatus
+MD2_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_MD2_Hash)(dest, src);
+}
+
+MD2Context *
+MD2_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_MD2_NewContext)();
+}
+
+void
+MD2_DestroyContext(MD2Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD2_DestroyContext)(cx, freeit);
+}
+
+void
+MD2_Begin(MD2Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD2_Begin)(cx);
+}
+
+void
+MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD2_Update)(cx, input, inputLen);
+}
+
+void
+MD2_End(MD2Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD2_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+unsigned int
+MD2_FlattenSize(MD2Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_MD2_FlattenSize)(cx);
+}
+
+SECStatus
+MD2_Flatten(MD2Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_MD2_Flatten)(cx, space);
+}
+
+MD2Context *
+MD2_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_MD2_Resurrect)(space, arg);
+}
+
+SECStatus
+SHA1_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA1_Hash)(dest, src);
+}
+
+SECStatus
+SHA1_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA1_HashBuf)(dest, src, src_length);
+}
+
+SHA1Context *
+SHA1_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA1_NewContext)();
+}
+
+void
+SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA1_DestroyContext)(cx, freeit);
+}
+
+void
+SHA1_Begin(SHA1Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA1_Begin)(cx);
+}
+
+void
+SHA1_Update(SHA1Context *cx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA1_Update)(cx, input, inputLen);
+}
+
+void
+SHA1_End(SHA1Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA1_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+void
+SHA1_TraceState(SHA1Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA1_TraceState)(cx);
+}
+
+unsigned int
+SHA1_FlattenSize(SHA1Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_SHA1_FlattenSize)(cx);
+}
+
+SECStatus
+SHA1_Flatten(SHA1Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA1_Flatten)(cx, space);
+}
+
+SHA1Context *
+SHA1_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA1_Resurrect)(space, arg);
+}
+
+SECStatus
+RNG_RNGInit(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RNG_RNGInit)();
+}
+
+SECStatus
+RNG_RandomUpdate(const void *data, size_t bytes)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RNG_RandomUpdate)(data, bytes);
+}
+
+SECStatus
+RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RNG_GenerateGlobalRandomBytes)(dest, len);
+}
+
+void
+RNG_RNGShutdown(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_RNG_RNGShutdown)();
+}
+
+SECStatus
+PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PQG_ParamGen)(j, pParams, pVfy);
+}
+
+SECStatus
+PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PQG_ParamGenSeedLen)(j, seedBytes, pParams, pVfy);
+}
+
+SECStatus
+PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy,
+ SECStatus *result)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PQG_VerifyParams)(params, vfy, result);
+}
+
+void
+PQG_DestroyParams(PQGParams *params)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_PQG_DestroyParams)(params);
+}
+
+void
+PQG_DestroyVerify(PQGVerify *vfy)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_PQG_DestroyVerify)(vfy);
+}
+
+void
+BL_Cleanup(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_BL_Cleanup)();
+}
+
+void
+BL_Unload(void)
+{
+ /* This function is not thread-safe, but doesn't need to be, because it is
+ * only called from functions that are also defined as not thread-safe,
+ * namely C_Finalize in softoken, and the SSL bypass shutdown callback called
+ * from NSS_Shutdown. */
+ char *disableUnload = NULL;
+ vector = NULL;
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+ if (blLib && !disableUnload) {
+#ifdef DEBUG
+ PRStatus status = PR_UnloadLibrary(blLib);
+ PORT_Assert(PR_SUCCESS == status);
+#else
+ PR_UnloadLibrary(blLib);
+#endif
+ }
+ blLib = NULL;
+ loadFreeBLOnce = pristineCallOnce;
+}
+
+/* ============== New for 3.003 =============================== */
+
+SECStatus
+SHA256_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA256_Hash)(dest, src);
+}
+
+SECStatus
+SHA256_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA256_HashBuf)(dest, src, src_length);
+}
+
+SHA256Context *
+SHA256_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA256_NewContext)();
+}
+
+void
+SHA256_DestroyContext(SHA256Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA256_DestroyContext)(cx, freeit);
+}
+
+void
+SHA256_Begin(SHA256Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA256_Begin)(cx);
+}
+
+void
+SHA256_Update(SHA256Context *cx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA256_Update)(cx, input, inputLen);
+}
+
+void
+SHA256_End(SHA256Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA256_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+void
+SHA256_TraceState(SHA256Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA256_TraceState)(cx);
+}
+
+unsigned int
+SHA256_FlattenSize(SHA256Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_SHA256_FlattenSize)(cx);
+}
+
+SECStatus
+SHA256_Flatten(SHA256Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA256_Flatten)(cx, space);
+}
+
+SHA256Context *
+SHA256_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA256_Resurrect)(space, arg);
+}
+
+SECStatus
+SHA512_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA512_Hash)(dest, src);
+}
+
+SECStatus
+SHA512_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA512_HashBuf)(dest, src, src_length);
+}
+
+SHA512Context *
+SHA512_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA512_NewContext)();
+}
+
+void
+SHA512_DestroyContext(SHA512Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA512_DestroyContext)(cx, freeit);
+}
+
+void
+SHA512_Begin(SHA512Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA512_Begin)(cx);
+}
+
+void
+SHA512_Update(SHA512Context *cx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA512_Update)(cx, input, inputLen);
+}
+
+void
+SHA512_End(SHA512Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA512_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+void
+SHA512_TraceState(SHA512Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA512_TraceState)(cx);
+}
+
+unsigned int
+SHA512_FlattenSize(SHA512Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_SHA512_FlattenSize)(cx);
+}
+
+SECStatus
+SHA512_Flatten(SHA512Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA512_Flatten)(cx, space);
+}
+
+SHA512Context *
+SHA512_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA512_Resurrect)(space, arg);
+}
+
+SECStatus
+SHA384_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA384_Hash)(dest, src);
+}
+
+SECStatus
+SHA384_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA384_HashBuf)(dest, src, src_length);
+}
+
+SHA384Context *
+SHA384_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA384_NewContext)();
+}
+
+void
+SHA384_DestroyContext(SHA384Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA384_DestroyContext)(cx, freeit);
+}
+
+void
+SHA384_Begin(SHA384Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA384_Begin)(cx);
+}
+
+void
+SHA384_Update(SHA384Context *cx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA384_Update)(cx, input, inputLen);
+}
+
+void
+SHA384_End(SHA384Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA384_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+void
+SHA384_TraceState(SHA384Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA384_TraceState)(cx);
+}
+
+unsigned int
+SHA384_FlattenSize(SHA384Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_SHA384_FlattenSize)(cx);
+}
+
+SECStatus
+SHA384_Flatten(SHA384Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA384_Flatten)(cx, space);
+}
+
+SHA384Context *
+SHA384_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA384_Resurrect)(space, arg);
+}
+
+AESKeyWrapContext *
+AESKeyWrap_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int encrypt, unsigned int keylen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return vector->p_AESKeyWrap_CreateContext(key, iv, encrypt, keylen);
+}
+
+void
+AESKeyWrap_DestroyContext(AESKeyWrapContext *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ vector->p_AESKeyWrap_DestroyContext(cx, freeit);
+}
+
+SECStatus
+AESKeyWrap_Encrypt(AESKeyWrapContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return vector->p_AESKeyWrap_Encrypt(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+SECStatus
+AESKeyWrap_Decrypt(AESKeyWrapContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return vector->p_AESKeyWrap_Decrypt(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+PRBool
+BLAPI_SHVerify(const char *name, PRFuncPtr addr)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return PR_FALSE;
+ return vector->p_BLAPI_SHVerify(name, addr);
+}
+
+/*
+ * The Caller is expected to pass NULL as the name, which will
+ * trigger the p_BLAPI_VerifySelf() to return 'TRUE'. Pass the real
+ * name of the shared library we loaded (the static libraryName set
+ * in freebl_LoadDSO) to p_BLAPI_VerifySelf.
+ */
+PRBool
+BLAPI_VerifySelf(const char *name)
+{
+ PORT_Assert(!name);
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return PR_FALSE;
+ return vector->p_BLAPI_VerifySelf(libraryName);
+}
+
+/* ============== New for 3.006 =============================== */
+
+SECStatus
+EC_NewKey(ECParams *params, ECPrivateKey **privKey)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_NewKey)(params, privKey);
+}
+
+SECStatus
+EC_NewKeyFromSeed(ECParams *params, ECPrivateKey **privKey,
+ const unsigned char *seed, int seedlen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_NewKeyFromSeed)(params, privKey, seed, seedlen);
+}
+
+SECStatus
+EC_ValidatePublicKey(ECParams *params, SECItem *publicValue)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_ValidatePublicKey)(params, publicValue);
+}
+
+SECStatus
+ECDH_Derive(SECItem *publicValue, ECParams *params, SECItem *privateValue,
+ PRBool withCofactor, SECItem *derivedSecret)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ECDH_Derive)(publicValue, params, privateValue,
+ withCofactor, derivedSecret);
+}
+
+SECStatus
+ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature,
+ const SECItem *digest)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ECDSA_SignDigest)(key, signature, digest);
+}
+
+SECStatus
+ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature,
+ const SECItem *digest)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ECDSA_VerifyDigest)(key, signature, digest);
+}
+
+SECStatus
+ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature,
+ const SECItem *digest, const unsigned char *seed, const int seedlen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ECDSA_SignDigestWithSeed)(key, signature, digest,
+ seed, seedlen);
+}
+
+/* ============== New for 3.008 =============================== */
+
+AESContext *
+AES_AllocateContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_AES_AllocateContext)();
+}
+
+AESKeyWrapContext *
+AESKeyWrap_AllocateContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_AESKeyWrap_AllocateContext)();
+}
+
+DESContext *
+DES_AllocateContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_DES_AllocateContext)();
+}
+
+RC2Context *
+RC2_AllocateContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_RC2_AllocateContext)();
+}
+
+RC4Context *
+RC4_AllocateContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_RC4_AllocateContext)();
+}
+
+SECStatus
+AES_InitContext(AESContext *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv, int mode,
+ unsigned int encrypt, unsigned int blocklen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_AES_InitContext)(cx, key, keylen, iv, mode, encrypt,
+ blocklen);
+}
+
+SECStatus
+AESKeyWrap_InitContext(AESKeyWrapContext *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv, int mode,
+ unsigned int encrypt, unsigned int blocklen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_AESKeyWrap_InitContext)(cx, key, keylen, iv, mode,
+ encrypt, blocklen);
+}
+
+SECStatus
+DES_InitContext(DESContext *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv, int mode,
+ unsigned int encrypt, unsigned int xtra)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_DES_InitContext)(cx, key, keylen, iv, mode, encrypt, xtra);
+}
+
+SECStatus
+SEED_InitContext(SEEDContext *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv, int mode,
+ unsigned int encrypt, unsigned int xtra)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SEED_InitContext)(cx, key, keylen, iv, mode, encrypt, xtra);
+}
+
+SECStatus
+RC2_InitContext(RC2Context *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv, int mode,
+ unsigned int effectiveKeyLen, unsigned int xtra)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC2_InitContext)(cx, key, keylen, iv, mode,
+ effectiveKeyLen, xtra);
+}
+
+SECStatus
+RC4_InitContext(RC4Context *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *x1, int x2,
+ unsigned int x3, unsigned int x4)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RC4_InitContext)(cx, key, keylen, x1, x2, x3, x4);
+}
+
+void
+MD2_Clone(MD2Context *dest, MD2Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD2_Clone)(dest, src);
+}
+
+void
+MD5_Clone(MD5Context *dest, MD5Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_MD5_Clone)(dest, src);
+}
+
+void
+SHA1_Clone(SHA1Context *dest, SHA1Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA1_Clone)(dest, src);
+}
+
+void
+SHA256_Clone(SHA256Context *dest, SHA256Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA256_Clone)(dest, src);
+}
+
+void
+SHA384_Clone(SHA384Context *dest, SHA384Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA384_Clone)(dest, src);
+}
+
+void
+SHA512_Clone(SHA512Context *dest, SHA512Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA512_Clone)(dest, src);
+}
+
+SECStatus
+TLS_PRF(const SECItem *secret, const char *label,
+ SECItem *seed, SECItem *result, PRBool isFIPS)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_TLS_PRF)(secret, label, seed, result, isFIPS);
+}
+
+const SECHashObject *
+HASH_GetRawHashObject(HASH_HashType hashType)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_HASH_GetRawHashObject)(hashType);
+}
+
+void
+HMAC_Destroy(HMACContext *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_HMAC_Destroy)(cx, freeit);
+}
+
+HMACContext *
+HMAC_Create(const SECHashObject *hashObj, const unsigned char *secret,
+ unsigned int secret_len, PRBool isFIPS)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_HMAC_Create)(hashObj, secret, secret_len, isFIPS);
+}
+
+SECStatus
+HMAC_Init(HMACContext *cx, const SECHashObject *hashObj,
+ const unsigned char *secret, unsigned int secret_len, PRBool isFIPS)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_HMAC_Init)(cx, hashObj, secret, secret_len, isFIPS);
+}
+
+void
+HMAC_Begin(HMACContext *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_HMAC_Begin)(cx);
+}
+
+void
+HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_HMAC_Update)(cx, data, data_len);
+}
+
+SECStatus
+HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
+ unsigned int max_result_len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_HMAC_Finish)(cx, result, result_len, max_result_len);
+}
+
+HMACContext *
+HMAC_Clone(HMACContext *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_HMAC_Clone)(cx);
+}
+
+void
+RNG_SystemInfoForRNG(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_RNG_SystemInfoForRNG)();
+}
+
+SECStatus
+FIPS186Change_GenerateX(unsigned char *XKEY, const unsigned char *XSEEDj,
+ unsigned char *x_j)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_FIPS186Change_GenerateX)(XKEY, XSEEDj, x_j);
+}
+
+SECStatus
+FIPS186Change_ReduceModQForDSA(const unsigned char *w,
+ const unsigned char *q,
+ unsigned char *xj)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_FIPS186Change_ReduceModQForDSA)(w, q, xj);
+}
+
+/* === new for Camellia === */
+SECStatus
+Camellia_InitContext(CamelliaContext *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv, int mode,
+ unsigned int encrypt, unsigned int unused)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_Camellia_InitContext)(cx, key, keylen, iv, mode, encrypt,
+ unused);
+}
+
+CamelliaContext *
+Camellia_AllocateContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_Camellia_AllocateContext)();
+}
+
+CamelliaContext *
+Camellia_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, int encrypt,
+ unsigned int keylen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_Camellia_CreateContext)(key, iv, mode, encrypt, keylen);
+}
+
+void
+Camellia_DestroyContext(CamelliaContext *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_Camellia_DestroyContext)(cx, freeit);
+}
+
+SECStatus
+Camellia_Encrypt(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_Camellia_Encrypt)(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+Camellia_Decrypt(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_Camellia_Decrypt)(cx, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+void
+BL_SetForkState(PRBool forked)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_BL_SetForkState)(forked);
+}
+
+SECStatus
+PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *nonce, unsigned int nonce_len,
+ const PRUint8 *personal_string, unsigned int ps_len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PRNGTEST_Instantiate)(entropy, entropy_len,
+ nonce, nonce_len,
+ personal_string, ps_len);
+}
+
+SECStatus
+PRNGTEST_Reseed(const PRUint8 *entropy, unsigned int entropy_len,
+ const PRUint8 *additional, unsigned int additional_len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PRNGTEST_Reseed)(entropy, entropy_len,
+ additional, additional_len);
+}
+
+SECStatus
+PRNGTEST_Generate(PRUint8 *bytes, unsigned int bytes_len,
+ const PRUint8 *additional, unsigned int additional_len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PRNGTEST_Generate)(bytes, bytes_len,
+ additional, additional_len);
+}
+
+SECStatus
+PRNGTEST_Uninstantiate()
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PRNGTEST_Uninstantiate)();
+}
+
+SECStatus
+RSA_PopulatePrivateKey(RSAPrivateKey *key)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_PopulatePrivateKey)(key);
+}
+
+SECStatus
+JPAKE_Sign(PLArenaPool *arena, const PQGParams *pqg, HASH_HashType hashType,
+ const SECItem *signerID, const SECItem *x,
+ const SECItem *testRandom, const SECItem *gxIn, SECItem *gxOut,
+ SECItem *gv, SECItem *r)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_JPAKE_Sign)(arena, pqg, hashType, signerID, x,
+ testRandom, gxIn, gxOut, gv, r);
+}
+
+SECStatus
+JPAKE_Verify(PLArenaPool *arena, const PQGParams *pqg,
+ HASH_HashType hashType, const SECItem *signerID,
+ const SECItem *peerID, const SECItem *gx,
+ const SECItem *gv, const SECItem *r)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_JPAKE_Verify)(arena, pqg, hashType, signerID, peerID,
+ gx, gv, r);
+}
+
+SECStatus
+JPAKE_Round2(PLArenaPool *arena, const SECItem *p, const SECItem *q,
+ const SECItem *gx1, const SECItem *gx3, const SECItem *gx4,
+ SECItem *base, const SECItem *x2, const SECItem *s, SECItem *x2s)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_JPAKE_Round2)(arena, p, q, gx1, gx3, gx4, base, x2, s, x2s);
+}
+
+SECStatus
+JPAKE_Final(PLArenaPool *arena, const SECItem *p, const SECItem *q,
+ const SECItem *x2, const SECItem *gx4, const SECItem *x2s,
+ const SECItem *B, SECItem *K)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_JPAKE_Final)(arena, p, q, x2, gx4, x2s, B, K);
+}
+
+SECStatus
+TLS_P_hash(HASH_HashType hashAlg, const SECItem *secret, const char *label,
+ SECItem *seed, SECItem *result, PRBool isFIPS)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_TLS_P_hash)(hashAlg, secret, label, seed, result, isFIPS);
+}
+
+SECStatus
+SHA224_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA224_Hash)(dest, src);
+}
+
+SECStatus
+SHA224_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA224_HashBuf)(dest, src, src_length);
+}
+
+SHA224Context *
+SHA224_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA224_NewContext)();
+}
+
+void
+SHA224_DestroyContext(SHA224Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA224_DestroyContext)(cx, freeit);
+}
+
+void
+SHA224_Begin(SHA256Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA224_Begin)(cx);
+}
+
+void
+SHA224_Update(SHA224Context *cx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA224_Update)(cx, input, inputLen);
+}
+
+void
+SHA224_End(SHA224Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA224_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+void
+SHA224_TraceState(SHA224Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA224_TraceState)(cx);
+}
+
+unsigned int
+SHA224_FlattenSize(SHA224Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_SHA224_FlattenSize)(cx);
+}
+
+SECStatus
+SHA224_Flatten(SHA224Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SHA224_Flatten)(cx, space);
+}
+
+SHA224Context *
+SHA224_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SHA224_Resurrect)(space, arg);
+}
+
+void
+SHA224_Clone(SHA224Context *dest, SHA224Context *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SHA224_Clone)(dest, src);
+}
+
+PRBool
+BLAPI_SHVerifyFile(const char *name)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return PR_FALSE;
+ return vector->p_BLAPI_SHVerifyFile(name);
+}
+
+/* === new for DSA-2 === */
+SECStatus
+PQG_ParamGenV2(unsigned int L, unsigned int N, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_PQG_ParamGenV2)(L, N, seedBytes, pParams, pVfy);
+}
+
+SECStatus
+PRNGTEST_RunHealthTests(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return vector->p_PRNGTEST_RunHealthTests();
+}
+
+SECStatus
+SSLv3_MAC_ConstantTime(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SSLv3_MAC_ConstantTime)(
+ result, resultLen, maxResultLen,
+ hashObj,
+ secret, secretLen,
+ header, headerLen,
+ body, bodyLen, bodyTotalLen);
+}
+
+SECStatus
+HMAC_ConstantTime(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_HMAC_ConstantTime)(
+ result, resultLen, maxResultLen,
+ hashObj,
+ secret, secretLen,
+ header, headerLen,
+ body, bodyLen, bodyTotalLen);
+}
+
+SECStatus
+RSA_SignRaw(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_SignRaw)(key, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+RSA_CheckSignRaw(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_CheckSignRaw)(key, sig, sigLen, hash, hashLen);
+}
+
+SECStatus
+RSA_CheckSignRecoverRaw(RSAPublicKey *key,
+ unsigned char *data,
+ unsigned int *dataLen,
+ unsigned int maxDataLen,
+ const unsigned char *sig,
+ unsigned int sigLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_CheckSignRecoverRaw)(key, data, dataLen, maxDataLen,
+ sig, sigLen);
+}
+
+SECStatus
+RSA_EncryptRaw(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_EncryptRaw)(key, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+RSA_DecryptRaw(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_DecryptRaw)(key, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+RSA_EncryptOAEP(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ const unsigned char *seed,
+ unsigned int seedLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_EncryptOAEP)(key, hashAlg, maskHashAlg, label,
+ labelLen, seed, seedLen, output,
+ outputLen, maxOutputLen, input, inputLen);
+}
+
+SECStatus
+RSA_DecryptOAEP(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_DecryptOAEP)(key, hashAlg, maskHashAlg, label,
+ labelLen, output, outputLen,
+ maxOutputLen, input, inputLen);
+}
+
+SECStatus
+RSA_EncryptBlock(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_EncryptBlock)(key, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+RSA_DecryptBlock(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_DecryptBlock)(key, output, outputLen, maxOutputLen,
+ input, inputLen);
+}
+
+SECStatus
+RSA_SignPSS(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *salt,
+ unsigned int saltLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_SignPSS)(key, hashAlg, maskHashAlg, salt, saltLen,
+ output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+RSA_CheckSignPSS(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ unsigned int saltLen,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_CheckSignPSS)(key, hashAlg, maskHashAlg, saltLen,
+ sig, sigLen, hash, hashLen);
+}
+
+SECStatus
+RSA_Sign(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_Sign)(key, output, outputLen, maxOutputLen, input,
+ inputLen);
+}
+
+SECStatus
+RSA_CheckSign(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *data,
+ unsigned int dataLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_CheckSign)(key, sig, sigLen, data, dataLen);
+}
+
+SECStatus
+RSA_CheckSignRecover(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *sig,
+ unsigned int sigLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_RSA_CheckSignRecover)(key, output, outputLen, maxOutputLen,
+ sig, sigLen);
+}
+
+SECStatus
+EC_FillParams(PLArenaPool *arena,
+ const SECItem *encodedParams,
+ ECParams *params)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_FillParams)(arena, encodedParams, params);
+}
+
+SECStatus
+EC_DecodeParams(const SECItem *encodedParams,
+ ECParams **ecparams)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_DecodeParams)(encodedParams, ecparams);
+}
+
+SECStatus
+EC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
+ const ECParams *srcParams)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_CopyParams)(arena, dstParams, srcParams);
+}
+
+SECStatus
+ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx,
+ const unsigned char *key, unsigned int keyLen,
+ unsigned int tagLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ChaCha20Poly1305_InitContext)(ctx, key, keyLen, tagLen);
+}
+
+ChaCha20Poly1305Context *
+ChaCha20Poly1305_CreateContext(const unsigned char *key, unsigned int keyLen,
+ unsigned int tagLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_ChaCha20Poly1305_CreateContext)(key, keyLen, tagLen);
+}
+
+void
+ChaCha20Poly1305_DestroyContext(ChaCha20Poly1305Context *ctx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_ChaCha20Poly1305_DestroyContext)(ctx, freeit);
+}
+
+SECStatus
+ChaCha20Poly1305_Seal(const ChaCha20Poly1305Context *ctx,
+ unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ChaCha20Poly1305_Seal)(
+ ctx, output, outputLen, maxOutputLen, input, inputLen,
+ nonce, nonceLen, ad, adLen);
+}
+
+SECStatus
+ChaCha20Poly1305_Open(const ChaCha20Poly1305Context *ctx,
+ unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_ChaCha20Poly1305_Open)(
+ ctx, output, outputLen, maxOutputLen, input, inputLen,
+ nonce, nonceLen, ad, adLen);
+}
+
+int
+EC_GetPointSize(const ECParams *params)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_EC_GetPointSize)(params);
+}
diff --git a/security/nss/lib/freebl/loader.h b/security/nss/lib/freebl/loader.h
new file mode 100644
index 000000000..ed392cc47
--- /dev/null
+++ b/security/nss/lib/freebl/loader.h
@@ -0,0 +1,788 @@
+/*
+ * loader.h - load platform dependent DSO containing freebl implementation.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _LOADER_H_
+#define _LOADER_H_ 1
+
+#include "blapi.h"
+
+#define FREEBL_VERSION 0x0313
+
+struct FREEBLVectorStr {
+
+ unsigned short length; /* of this struct in bytes */
+ unsigned short version; /* of this struct. */
+
+ RSAPrivateKey *(*p_RSA_NewKey)(int keySizeInBits,
+ SECItem *publicExponent);
+
+ SECStatus (*p_RSA_PublicKeyOp)(RSAPublicKey *key,
+ unsigned char *output,
+ const unsigned char *input);
+
+ SECStatus (*p_RSA_PrivateKeyOp)(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input);
+
+ SECStatus (*p_DSA_NewKey)(const PQGParams *params,
+ DSAPrivateKey **privKey);
+
+ SECStatus (*p_DSA_SignDigest)(DSAPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest);
+
+ SECStatus (*p_DSA_VerifyDigest)(DSAPublicKey *key,
+ const SECItem *signature,
+ const SECItem *digest);
+
+ SECStatus (*p_DSA_NewKeyFromSeed)(const PQGParams *params,
+ const unsigned char *seed,
+ DSAPrivateKey **privKey);
+
+ SECStatus (*p_DSA_SignDigestWithSeed)(DSAPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest,
+ const unsigned char *seed);
+
+ SECStatus (*p_DH_GenParam)(int primeLen, DHParams **params);
+
+ SECStatus (*p_DH_NewKey)(DHParams *params,
+ DHPrivateKey **privKey);
+
+ SECStatus (*p_DH_Derive)(SECItem *publicValue,
+ SECItem *prime,
+ SECItem *privateValue,
+ SECItem *derivedSecret,
+ unsigned int maxOutBytes);
+
+ SECStatus (*p_KEA_Derive)(SECItem *prime,
+ SECItem *public1,
+ SECItem *public2,
+ SECItem *private1,
+ SECItem *private2,
+ SECItem *derivedSecret);
+
+ PRBool (*p_KEA_Verify)(SECItem *Y, SECItem *prime, SECItem *subPrime);
+
+ RC4Context *(*p_RC4_CreateContext)(const unsigned char *key, int len);
+
+ void (*p_RC4_DestroyContext)(RC4Context *cx, PRBool freeit);
+
+ SECStatus (*p_RC4_Encrypt)(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_RC4_Decrypt)(RC4Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ RC2Context *(*p_RC2_CreateContext)(const unsigned char *key,
+ unsigned int len, const unsigned char *iv,
+ int mode, unsigned effectiveKeyLen);
+
+ void (*p_RC2_DestroyContext)(RC2Context *cx, PRBool freeit);
+
+ SECStatus (*p_RC2_Encrypt)(RC2Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_RC2_Decrypt)(RC2Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ RC5Context *(*p_RC5_CreateContext)(const SECItem *key, unsigned int rounds,
+ unsigned int wordSize, const unsigned char *iv, int mode);
+
+ void (*p_RC5_DestroyContext)(RC5Context *cx, PRBool freeit);
+
+ SECStatus (*p_RC5_Encrypt)(RC5Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_RC5_Decrypt)(RC5Context *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ DESContext *(*p_DES_CreateContext)(const unsigned char *key,
+ const unsigned char *iv,
+ int mode, PRBool encrypt);
+
+ void (*p_DES_DestroyContext)(DESContext *cx, PRBool freeit);
+
+ SECStatus (*p_DES_Encrypt)(DESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_DES_Decrypt)(DESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ AESContext *(*p_AES_CreateContext)(const unsigned char *key,
+ const unsigned char *iv,
+ int mode, int encrypt, unsigned int keylen,
+ unsigned int blocklen);
+
+ void (*p_AES_DestroyContext)(AESContext *cx, PRBool freeit);
+
+ SECStatus (*p_AES_Encrypt)(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_AES_Decrypt)(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_MD5_Hash)(unsigned char *dest, const char *src);
+
+ SECStatus (*p_MD5_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+
+ MD5Context *(*p_MD5_NewContext)(void);
+
+ void (*p_MD5_DestroyContext)(MD5Context *cx, PRBool freeit);
+
+ void (*p_MD5_Begin)(MD5Context *cx);
+
+ void (*p_MD5_Update)(MD5Context *cx,
+ const unsigned char *input, unsigned int inputLen);
+
+ void (*p_MD5_End)(MD5Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+ unsigned int (*p_MD5_FlattenSize)(MD5Context *cx);
+
+ SECStatus (*p_MD5_Flatten)(MD5Context *cx, unsigned char *space);
+
+ MD5Context *(*p_MD5_Resurrect)(unsigned char *space, void *arg);
+
+ void (*p_MD5_TraceState)(MD5Context *cx);
+
+ SECStatus (*p_MD2_Hash)(unsigned char *dest, const char *src);
+
+ MD2Context *(*p_MD2_NewContext)(void);
+
+ void (*p_MD2_DestroyContext)(MD2Context *cx, PRBool freeit);
+
+ void (*p_MD2_Begin)(MD2Context *cx);
+
+ void (*p_MD2_Update)(MD2Context *cx,
+ const unsigned char *input, unsigned int inputLen);
+
+ void (*p_MD2_End)(MD2Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+ unsigned int (*p_MD2_FlattenSize)(MD2Context *cx);
+
+ SECStatus (*p_MD2_Flatten)(MD2Context *cx, unsigned char *space);
+
+ MD2Context *(*p_MD2_Resurrect)(unsigned char *space, void *arg);
+
+ SECStatus (*p_SHA1_Hash)(unsigned char *dest, const char *src);
+
+ SECStatus (*p_SHA1_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+
+ SHA1Context *(*p_SHA1_NewContext)(void);
+
+ void (*p_SHA1_DestroyContext)(SHA1Context *cx, PRBool freeit);
+
+ void (*p_SHA1_Begin)(SHA1Context *cx);
+
+ void (*p_SHA1_Update)(SHA1Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+
+ void (*p_SHA1_End)(SHA1Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+
+ void (*p_SHA1_TraceState)(SHA1Context *cx);
+
+ unsigned int (*p_SHA1_FlattenSize)(SHA1Context *cx);
+
+ SECStatus (*p_SHA1_Flatten)(SHA1Context *cx, unsigned char *space);
+
+ SHA1Context *(*p_SHA1_Resurrect)(unsigned char *space, void *arg);
+
+ SECStatus (*p_RNG_RNGInit)(void);
+
+ SECStatus (*p_RNG_RandomUpdate)(const void *data, size_t bytes);
+
+ SECStatus (*p_RNG_GenerateGlobalRandomBytes)(void *dest, size_t len);
+
+ void (*p_RNG_RNGShutdown)(void);
+
+ SECStatus (*p_PQG_ParamGen)(unsigned int j, PQGParams **pParams,
+ PQGVerify **pVfy);
+
+ SECStatus (*p_PQG_ParamGenSeedLen)(unsigned int j, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy);
+
+ SECStatus (*p_PQG_VerifyParams)(const PQGParams *params,
+ const PQGVerify *vfy, SECStatus *result);
+
+ /* Version 3.001 came to here */
+
+ SECStatus (*p_RSA_PrivateKeyOpDoubleChecked)(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input);
+
+ SECStatus (*p_RSA_PrivateKeyCheck)(const RSAPrivateKey *key);
+
+ void (*p_BL_Cleanup)(void);
+
+ /* Version 3.002 came to here */
+
+ SHA256Context *(*p_SHA256_NewContext)(void);
+ void (*p_SHA256_DestroyContext)(SHA256Context *cx, PRBool freeit);
+ void (*p_SHA256_Begin)(SHA256Context *cx);
+ void (*p_SHA256_Update)(SHA256Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+ void (*p_SHA256_End)(SHA256Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+ SECStatus (*p_SHA256_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+ SECStatus (*p_SHA256_Hash)(unsigned char *dest, const char *src);
+ void (*p_SHA256_TraceState)(SHA256Context *cx);
+ unsigned int (*p_SHA256_FlattenSize)(SHA256Context *cx);
+ SECStatus (*p_SHA256_Flatten)(SHA256Context *cx, unsigned char *space);
+ SHA256Context *(*p_SHA256_Resurrect)(unsigned char *space, void *arg);
+
+ SHA512Context *(*p_SHA512_NewContext)(void);
+ void (*p_SHA512_DestroyContext)(SHA512Context *cx, PRBool freeit);
+ void (*p_SHA512_Begin)(SHA512Context *cx);
+ void (*p_SHA512_Update)(SHA512Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+ void (*p_SHA512_End)(SHA512Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+ SECStatus (*p_SHA512_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+ SECStatus (*p_SHA512_Hash)(unsigned char *dest, const char *src);
+ void (*p_SHA512_TraceState)(SHA512Context *cx);
+ unsigned int (*p_SHA512_FlattenSize)(SHA512Context *cx);
+ SECStatus (*p_SHA512_Flatten)(SHA512Context *cx, unsigned char *space);
+ SHA512Context *(*p_SHA512_Resurrect)(unsigned char *space, void *arg);
+
+ SHA384Context *(*p_SHA384_NewContext)(void);
+ void (*p_SHA384_DestroyContext)(SHA384Context *cx, PRBool freeit);
+ void (*p_SHA384_Begin)(SHA384Context *cx);
+ void (*p_SHA384_Update)(SHA384Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+ void (*p_SHA384_End)(SHA384Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+ SECStatus (*p_SHA384_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+ SECStatus (*p_SHA384_Hash)(unsigned char *dest, const char *src);
+ void (*p_SHA384_TraceState)(SHA384Context *cx);
+ unsigned int (*p_SHA384_FlattenSize)(SHA384Context *cx);
+ SECStatus (*p_SHA384_Flatten)(SHA384Context *cx, unsigned char *space);
+ SHA384Context *(*p_SHA384_Resurrect)(unsigned char *space, void *arg);
+
+ /* Version 3.003 came to here */
+
+ AESKeyWrapContext *(*p_AESKeyWrap_CreateContext)(const unsigned char *key,
+ const unsigned char *iv, int encrypt, unsigned int keylen);
+
+ void (*p_AESKeyWrap_DestroyContext)(AESKeyWrapContext *cx, PRBool freeit);
+
+ SECStatus (*p_AESKeyWrap_Encrypt)(AESKeyWrapContext *cx,
+ unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_AESKeyWrap_Decrypt)(AESKeyWrapContext *cx,
+ unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ /* Version 3.004 came to here */
+
+ PRBool (*p_BLAPI_SHVerify)(const char *name, PRFuncPtr addr);
+ PRBool (*p_BLAPI_VerifySelf)(const char *name);
+
+ /* Version 3.005 came to here */
+
+ SECStatus (*p_EC_NewKey)(ECParams *params,
+ ECPrivateKey **privKey);
+
+ SECStatus (*p_EC_NewKeyFromSeed)(ECParams *params,
+ ECPrivateKey **privKey,
+ const unsigned char *seed,
+ int seedlen);
+
+ SECStatus (*p_EC_ValidatePublicKey)(ECParams *params,
+ SECItem *publicValue);
+
+ SECStatus (*p_ECDH_Derive)(SECItem *publicValue,
+ ECParams *params,
+ SECItem *privateValue,
+ PRBool withCofactor,
+ SECItem *derivedSecret);
+
+ SECStatus (*p_ECDSA_SignDigest)(ECPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest);
+
+ SECStatus (*p_ECDSA_VerifyDigest)(ECPublicKey *key,
+ const SECItem *signature,
+ const SECItem *digest);
+
+ SECStatus (*p_ECDSA_SignDigestWithSeed)(ECPrivateKey *key,
+ SECItem *signature,
+ const SECItem *digest,
+ const unsigned char *seed,
+ const int seedlen);
+
+ /* Version 3.006 came to here */
+
+ /* no modification to FREEBLVectorStr itself
+ * but ECParamStr was modified
+ */
+
+ /* Version 3.007 came to here */
+
+ SECStatus (*p_AES_InitContext)(AESContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int blocklen);
+ SECStatus (*p_AESKeyWrap_InitContext)(AESKeyWrapContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int blocklen);
+ SECStatus (*p_DES_InitContext)(DESContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int);
+ SECStatus (*p_RC2_InitContext)(RC2Context *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int effectiveKeyLen,
+ unsigned int);
+ SECStatus (*p_RC4_InitContext)(RC4Context *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *,
+ int,
+ unsigned int,
+ unsigned int);
+
+ AESContext *(*p_AES_AllocateContext)(void);
+ AESKeyWrapContext *(*p_AESKeyWrap_AllocateContext)(void);
+ DESContext *(*p_DES_AllocateContext)(void);
+ RC2Context *(*p_RC2_AllocateContext)(void);
+ RC4Context *(*p_RC4_AllocateContext)(void);
+
+ void (*p_MD2_Clone)(MD2Context *dest, MD2Context *src);
+ void (*p_MD5_Clone)(MD5Context *dest, MD5Context *src);
+ void (*p_SHA1_Clone)(SHA1Context *dest, SHA1Context *src);
+ void (*p_SHA256_Clone)(SHA256Context *dest, SHA256Context *src);
+ void (*p_SHA384_Clone)(SHA384Context *dest, SHA384Context *src);
+ void (*p_SHA512_Clone)(SHA512Context *dest, SHA512Context *src);
+
+ SECStatus (*p_TLS_PRF)(const SECItem *secret, const char *label,
+ SECItem *seed, SECItem *result, PRBool isFIPS);
+
+ const SECHashObject *(*p_HASH_GetRawHashObject)(HASH_HashType hashType);
+
+ HMACContext *(*p_HMAC_Create)(const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secret_len, PRBool isFIPS);
+ SECStatus (*p_HMAC_Init)(HMACContext *cx, const SECHashObject *hash_obj,
+ const unsigned char *secret,
+ unsigned int secret_len, PRBool isFIPS);
+ void (*p_HMAC_Begin)(HMACContext *cx);
+ void (*p_HMAC_Update)(HMACContext *cx, const unsigned char *data,
+ unsigned int data_len);
+ HMACContext *(*p_HMAC_Clone)(HMACContext *cx);
+ SECStatus (*p_HMAC_Finish)(HMACContext *cx, unsigned char *result,
+ unsigned int *result_len,
+ unsigned int max_result_len);
+ void (*p_HMAC_Destroy)(HMACContext *cx, PRBool freeit);
+
+ void (*p_RNG_SystemInfoForRNG)(void);
+
+ /* Version 3.008 came to here */
+
+ SECStatus (*p_FIPS186Change_GenerateX)(unsigned char *XKEY,
+ const unsigned char *XSEEDj,
+ unsigned char *x_j);
+ SECStatus (*p_FIPS186Change_ReduceModQForDSA)(const unsigned char *w,
+ const unsigned char *q,
+ unsigned char *xj);
+
+ /* Version 3.009 came to here */
+
+ SECStatus (*p_Camellia_InitContext)(CamelliaContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int unused);
+
+ CamelliaContext *(*p_Camellia_AllocateContext)(void);
+ CamelliaContext *(*p_Camellia_CreateContext)(const unsigned char *key,
+ const unsigned char *iv,
+ int mode, int encrypt,
+ unsigned int keylen);
+ void (*p_Camellia_DestroyContext)(CamelliaContext *cx, PRBool freeit);
+
+ SECStatus (*p_Camellia_Encrypt)(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+ SECStatus (*p_Camellia_Decrypt)(CamelliaContext *cx, unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+
+ void (*p_PQG_DestroyParams)(PQGParams *params);
+
+ void (*p_PQG_DestroyVerify)(PQGVerify *vfy);
+
+ /* Version 3.010 came to here */
+
+ SECStatus (*p_SEED_InitContext)(SEEDContext *cx,
+ const unsigned char *key,
+ unsigned int keylen,
+ const unsigned char *iv,
+ int mode,
+ unsigned int encrypt,
+ unsigned int);
+
+ SEEDContext *(*p_SEED_AllocateContext)(void);
+
+ SEEDContext *(*p_SEED_CreateContext)(const unsigned char *key,
+ const unsigned char *iv,
+ int mode, PRBool encrypt);
+
+ void (*p_SEED_DestroyContext)(SEEDContext *cx, PRBool freeit);
+
+ SECStatus (*p_SEED_Encrypt)(SEEDContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_SEED_Decrypt)(SEEDContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (*p_BL_Init)(void);
+ void (*p_BL_SetForkState)(PRBool);
+
+ SECStatus (*p_PRNGTEST_Instantiate)(const PRUint8 *entropy,
+ unsigned int entropy_len,
+ const PRUint8 *nonce,
+ unsigned int nonce_len,
+ const PRUint8 *personal_string,
+ unsigned int ps_len);
+
+ SECStatus (*p_PRNGTEST_Reseed)(const PRUint8 *entropy,
+ unsigned int entropy_len,
+ const PRUint8 *additional,
+ unsigned int additional_len);
+
+ SECStatus (*p_PRNGTEST_Generate)(PRUint8 *bytes,
+ unsigned int bytes_len,
+ const PRUint8 *additional,
+ unsigned int additional_len);
+
+ SECStatus (*p_PRNGTEST_Uninstantiate)(void);
+ /* Version 3.011 came to here */
+
+ SECStatus (*p_RSA_PopulatePrivateKey)(RSAPrivateKey *key);
+
+ SECStatus (*p_DSA_NewRandom)(PLArenaPool *arena, const SECItem *q,
+ SECItem *seed);
+
+ SECStatus (*p_JPAKE_Sign)(PLArenaPool *arena, const PQGParams *pqg,
+ HASH_HashType hashType, const SECItem *signerID,
+ const SECItem *x, const SECItem *testRandom,
+ const SECItem *gxIn, SECItem *gxOut,
+ SECItem *gv, SECItem *r);
+
+ SECStatus (*p_JPAKE_Verify)(PLArenaPool *arena, const PQGParams *pqg,
+ HASH_HashType hashType, const SECItem *signerID,
+ const SECItem *peerID, const SECItem *gx,
+ const SECItem *gv, const SECItem *r);
+
+ SECStatus (*p_JPAKE_Round2)(PLArenaPool *arena, const SECItem *p,
+ const SECItem *q, const SECItem *gx1,
+ const SECItem *gx3, const SECItem *gx4,
+ SECItem *base, const SECItem *x2,
+ const SECItem *s, SECItem *x2s);
+
+ SECStatus (*p_JPAKE_Final)(PLArenaPool *arena, const SECItem *p,
+ const SECItem *q, const SECItem *x2,
+ const SECItem *gx4, const SECItem *x2s,
+ const SECItem *B, SECItem *K);
+
+ /* Version 3.012 came to here */
+
+ SECStatus (*p_TLS_P_hash)(HASH_HashType hashAlg,
+ const SECItem *secret,
+ const char *label,
+ SECItem *seed,
+ SECItem *result,
+ PRBool isFIPS);
+
+ SHA224Context *(*p_SHA224_NewContext)(void);
+ void (*p_SHA224_DestroyContext)(SHA224Context *cx, PRBool freeit);
+ void (*p_SHA224_Begin)(SHA224Context *cx);
+ void (*p_SHA224_Update)(SHA224Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+ void (*p_SHA224_End)(SHA224Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+ SECStatus (*p_SHA224_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+ SECStatus (*p_SHA224_Hash)(unsigned char *dest, const char *src);
+ void (*p_SHA224_TraceState)(SHA224Context *cx);
+ unsigned int (*p_SHA224_FlattenSize)(SHA224Context *cx);
+ SECStatus (*p_SHA224_Flatten)(SHA224Context *cx, unsigned char *space);
+ SHA224Context *(*p_SHA224_Resurrect)(unsigned char *space, void *arg);
+ void (*p_SHA224_Clone)(SHA224Context *dest, SHA224Context *src);
+ PRBool (*p_BLAPI_SHVerifyFile)(const char *name);
+
+ /* Version 3.013 came to here */
+
+ SECStatus (*p_PQG_ParamGenV2)(unsigned int L, unsigned int N,
+ unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy);
+ SECStatus (*p_PRNGTEST_RunHealthTests)(void);
+
+ /* Version 3.014 came to here */
+
+ SECStatus (*p_HMAC_ConstantTime)(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen);
+
+ SECStatus (*p_SSLv3_MAC_ConstantTime)(
+ unsigned char *result,
+ unsigned int *resultLen,
+ unsigned int maxResultLen,
+ const SECHashObject *hashObj,
+ const unsigned char *secret,
+ unsigned int secretLen,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const unsigned char *body,
+ unsigned int bodyLen,
+ unsigned int bodyTotalLen);
+
+ /* Version 3.015 came to here */
+
+ SECStatus (*p_RSA_SignRaw)(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_CheckSignRaw)(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen);
+ SECStatus (*p_RSA_CheckSignRecoverRaw)(RSAPublicKey *key,
+ unsigned char *data,
+ unsigned int *dataLen,
+ unsigned int maxDataLen,
+ const unsigned char *sig,
+ unsigned int sigLen);
+ SECStatus (*p_RSA_EncryptRaw)(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_DecryptRaw)(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_EncryptOAEP)(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ const unsigned char *seed,
+ unsigned int seedLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_DecryptOAEP)(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_EncryptBlock)(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_DecryptBlock)(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_SignPSS)(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *salt,
+ unsigned int saltLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_CheckSignPSS)(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ unsigned int saltLen,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen);
+ SECStatus (*p_RSA_Sign)(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen);
+ SECStatus (*p_RSA_CheckSign)(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *data,
+ unsigned int dataLen);
+ SECStatus (*p_RSA_CheckSignRecover)(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *sig,
+ unsigned int sigLen);
+
+ /* Version 3.016 came to here */
+
+ SECStatus (*p_EC_FillParams)(PLArenaPool *arena,
+ const SECItem *encodedParams, ECParams *params);
+ SECStatus (*p_EC_DecodeParams)(const SECItem *encodedParams,
+ ECParams **ecparams);
+ SECStatus (*p_EC_CopyParams)(PLArenaPool *arena, ECParams *dstParams,
+ const ECParams *srcParams);
+
+ /* Version 3.017 came to here */
+
+ SECStatus (*p_ChaCha20Poly1305_InitContext)(ChaCha20Poly1305Context *ctx,
+ const unsigned char *key,
+ unsigned int keyLen,
+ unsigned int tagLen);
+
+ ChaCha20Poly1305Context *(*p_ChaCha20Poly1305_CreateContext)(
+ const unsigned char *key, unsigned int keyLen, unsigned int tagLen);
+
+ void (*p_ChaCha20Poly1305_DestroyContext)(ChaCha20Poly1305Context *ctx,
+ PRBool freeit);
+
+ SECStatus (*p_ChaCha20Poly1305_Seal)(
+ const ChaCha20Poly1305Context *ctx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen);
+
+ SECStatus (*p_ChaCha20Poly1305_Open)(
+ const ChaCha20Poly1305Context *ctx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ const unsigned char *nonce, unsigned int nonceLen,
+ const unsigned char *ad, unsigned int adLen);
+
+ /* Version 3.018 came to here */
+
+ int (*p_EC_GetPointSize)(const ECParams *);
+
+ /* Version 3.019 came to here */
+
+ /* Add new function pointers at the end of this struct and bump
+ * FREEBL_VERSION at the beginning of this file. */
+};
+
+typedef struct FREEBLVectorStr FREEBLVector;
+
+#ifdef FREEBL_LOWHASH
+#include "nsslowhash.h"
+
+#define NSSLOW_VERSION 0x0300
+
+struct NSSLOWVectorStr {
+ unsigned short length; /* of this struct in bytes */
+ unsigned short version; /* of this struct. */
+ const FREEBLVector *(*p_FREEBL_GetVector)(void);
+ NSSLOWInitContext *(*p_NSSLOW_Init)(void);
+ void (*p_NSSLOW_Shutdown)(NSSLOWInitContext *context);
+ void (*p_NSSLOW_Reset)(NSSLOWInitContext *context);
+ NSSLOWHASHContext *(*p_NSSLOWHASH_NewContext)(
+ NSSLOWInitContext *initContext,
+ HASH_HashType hashType);
+ void (*p_NSSLOWHASH_Begin)(NSSLOWHASHContext *context);
+ void (*p_NSSLOWHASH_Update)(NSSLOWHASHContext *context,
+ const unsigned char *buf,
+ unsigned int len);
+ void (*p_NSSLOWHASH_End)(NSSLOWHASHContext *context,
+ unsigned char *buf,
+ unsigned int *ret, unsigned int len);
+ void (*p_NSSLOWHASH_Destroy)(NSSLOWHASHContext *context);
+ unsigned int (*p_NSSLOWHASH_Length)(NSSLOWHASHContext *context);
+};
+
+typedef struct NSSLOWVectorStr NSSLOWVector;
+#endif
+
+SEC_BEGIN_PROTOS
+
+#ifdef FREEBL_LOWHASH
+typedef const NSSLOWVector *NSSLOWGetVectorFn(void);
+
+extern NSSLOWGetVectorFn NSSLOW_GetVector;
+#endif
+
+typedef const FREEBLVector *FREEBLGetVectorFn(void);
+
+extern FREEBLGetVectorFn FREEBL_GetVector;
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/freebl/lowhash_vector.c b/security/nss/lib/freebl/lowhash_vector.c
new file mode 100644
index 000000000..7690c98da
--- /dev/null
+++ b/security/nss/lib/freebl/lowhash_vector.c
@@ -0,0 +1,217 @@
+/*
+ * loader.c - load platform dependent DSO containing freebl implementation.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#define _GNU_SOURCE 1
+#include "loader.h"
+#include "prmem.h"
+#include "prerror.h"
+#include "prinit.h"
+#include "prenv.h"
+#include "blname.c"
+
+#include "prio.h"
+#include "prprf.h"
+#include <stdio.h>
+#include "prsystem.h"
+#include "nsslowhash.h"
+#include <dlfcn.h>
+#include "pratom.h"
+
+static PRLibrary *blLib;
+
+#define LSB(x) ((x)&0xff)
+#define MSB(x) ((x) >> 8)
+
+static const NSSLOWVector *vector;
+static const char *libraryName = NULL;
+
+/* pretty much only glibc uses this, make sure we don't have any depenencies
+ * on nspr.. */
+#undef PORT_Alloc
+#undef PORT_Free
+#define PORT_Alloc malloc
+#define PR_Malloc malloc
+#define PORT_Free free
+#define PR_Free free
+#define PR_GetDirectorySeparator() '/'
+#define PR_LoadLibraryWithFlags(libspec, flags) \
+ (PRLibrary *)dlopen(libSpec.value.pathname, RTLD_NOW | RTLD_LOCAL)
+#define PR_GetLibraryFilePathname(name, addr) \
+ freebl_lowhash_getLibraryFilePath(addr)
+
+static char *
+freebl_lowhash_getLibraryFilePath(void *addr)
+{
+ Dl_info dli;
+ if (dladdr(addr, &dli) == 0) {
+ return NULL;
+ }
+ return strdup(dli.dli_fname);
+}
+
+/*
+ * The PR_LoadLibraryWithFlags call above defines this variable away, so we
+ * don't need it..
+ */
+#ifdef nodef
+static const char *NameOfThisSharedLib =
+ SHLIB_PREFIX "freebl" SHLIB_VERSION "." SHLIB_SUFFIX;
+#endif
+
+#include "genload.c"
+
+/* This function must be run only once. */
+/* determine if hybrid platform, then actually load the DSO. */
+static PRStatus
+freebl_LoadDSO(void)
+{
+ PRLibrary *handle;
+ const char *name = getLibName();
+
+ if (!name) {
+ /*PR_SetError(PR_LOAD_LIBRARY_ERROR,0); */
+ return PR_FAILURE;
+ }
+ handle = loader_LoadLibrary(name);
+ if (handle) {
+ void *address = dlsym(handle, "NSSLOW_GetVector");
+ if (address) {
+ NSSLOWGetVectorFn *getVector = (NSSLOWGetVectorFn *)address;
+ const NSSLOWVector *dsoVector = getVector();
+ if (dsoVector) {
+ unsigned short dsoVersion = dsoVector->version;
+ unsigned short myVersion = NSSLOW_VERSION;
+ if (MSB(dsoVersion) == MSB(myVersion) &&
+ LSB(dsoVersion) >= LSB(myVersion) &&
+ dsoVector->length >= sizeof(NSSLOWVector)) {
+ vector = dsoVector;
+ libraryName = name;
+ blLib = handle;
+ return PR_SUCCESS;
+ }
+ }
+ }
+ (void)dlclose(handle);
+ }
+ return PR_FAILURE;
+}
+
+static PRCallOnceType loadFreeBLOnce;
+
+static PRStatus
+freebl_RunLoaderOnce(void)
+{
+ /* Don't have NSPR, so can use the real PR_CallOnce, implement a stripped
+ * down version. */
+ if (loadFreeBLOnce.initialized) {
+ return loadFreeBLOnce.status;
+ }
+ if (__sync_lock_test_and_set(&loadFreeBLOnce.inProgress, 1) == 0) {
+ loadFreeBLOnce.status = freebl_LoadDSO();
+ loadFreeBLOnce.initialized = 1;
+ } else {
+ /* shouldn't have a lot of takers on the else clause, which is good
+ * since we don't have condition variables yet.
+ * 'initialized' only ever gets set (not cleared) so we don't
+ * need the traditional locks. */
+ while (!loadFreeBLOnce.initialized) {
+ sleep(1); /* don't have condition variables, just give up the CPU */
+ }
+ }
+
+ return loadFreeBLOnce.status;
+}
+
+const FREEBLVector *
+FREEBL_GetVector(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) {
+ return NULL;
+ }
+ if (vector) {
+ return (vector->p_FREEBL_GetVector)();
+ }
+ return NULL;
+}
+
+NSSLOWInitContext *
+NSSLOW_Init(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_NSSLOW_Init)();
+}
+
+void
+NSSLOW_Shutdown(NSSLOWInitContext *context)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_NSSLOW_Shutdown)(context);
+}
+
+void
+NSSLOW_Reset(NSSLOWInitContext *context)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_NSSLOW_Reset)(context);
+}
+
+NSSLOWHASHContext *
+NSSLOWHASH_NewContext(
+ NSSLOWInitContext *initContext,
+ HASH_HashType hashType)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_NSSLOWHASH_NewContext)(initContext, hashType);
+}
+
+void
+NSSLOWHASH_Begin(NSSLOWHASHContext *context)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_NSSLOWHASH_Begin)(context);
+}
+
+void
+NSSLOWHASH_Update(NSSLOWHASHContext *context,
+ const unsigned char *buf,
+ unsigned int len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_NSSLOWHASH_Update)(context, buf, len);
+}
+
+void
+NSSLOWHASH_End(NSSLOWHASHContext *context,
+ unsigned char *buf,
+ unsigned int *ret, unsigned int len)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_NSSLOWHASH_End)(context, buf, ret, len);
+}
+
+void
+NSSLOWHASH_Destroy(NSSLOWHASHContext *context)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_NSSLOWHASH_Destroy)(context);
+}
+
+unsigned int
+NSSLOWHASH_Length(NSSLOWHASHContext *context)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return -1;
+ return (vector->p_NSSLOWHASH_Length)(context);
+}
diff --git a/security/nss/lib/freebl/manifest.mn b/security/nss/lib/freebl/manifest.mn
new file mode 100644
index 000000000..1ef983907
--- /dev/null
+++ b/security/nss/lib/freebl/manifest.mn
@@ -0,0 +1,195 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# NOTE: any ifdefs in this file must be defined on the gmake command line
+# (if anywhere). They cannot come from Makefile or config.mk
+
+CORE_DEPTH = ../..
+
+MODULE = nss
+
+# copied from Linux.mk. We have a chicken and egg issue here. We need to set
+# Library name before we call the platform code in coreconf, but we need to
+# Pick up the automatic setting of FREEBL_LOWHASH before we can set the
+# Library name... so for now we mimic the code in Linux.mk to get the
+# automatic setting early...
+#
+# On Linux 2.6 or later, build libfreebl3.so with no NSPR and libnssutil3.so
+# dependencies by default. Set FREEBL_NO_DEPEND to 0 in the environment to
+# override this.
+#
+#
+include $(CORE_DEPTH)/coreconf/arch.mk
+ifeq ($(OS_ARCH),Linux)
+ifneq ($(OS_TARGET),Android)
+ifeq (2.6,$(firstword $(sort 2.6 $(OS_RELEASE))))
+ifndef FREEBL_NO_DEPEND
+FREEBL_NO_DEPEND = 1
+FREEBL_LOWHASH = 1
+endif
+endif
+endif
+endif
+
+
+LIBRARY_NAME = freebl
+LIBRARY_VERSION = 3
+
+ifdef FREEBL_CHILD_BUILD
+ ifdef USE_ABI32_INT32
+ LIBRARY_NAME = freebl_32int
+ endif
+ ifdef USE_ABI32_INT64
+ LIBRARY_NAME = freebl_32int64
+ endif
+ ifdef USE_ABI32_FPU
+ LIBRARY_NAME = freebl_32fpu
+ endif
+ ifdef USE_ABI64_INT
+ LIBRARY_NAME = freebl_64int
+ endif
+ ifdef USE_ABI64_FPU
+ LIBRARY_NAME = freebl_64fpu
+ endif
+ ifdef FREEBL_LOWHASH
+ LIBRARY_NAME = freeblpriv
+ endif
+ ifdef USE_STUB_BUILD
+ # for the stub build, reset name to the default (from freeblpriv)
+ LIBRARY_NAME = freebl
+ endif
+endif
+
+# if the library name contains _, we prefix the version with _
+ifneq (,$(findstring _,$(LIBRARY_NAME)))
+ LIBRARY_VERSION := _$(LIBRARY_VERSION)
+endif
+
+MAPFILE = $(OBJDIR)/$(LIBRARY_NAME).def
+
+SOFTOKEN_LIBRARY_VERSION = 3
+
+DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" \
+ -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\" \
+ -DSOFTOKEN_SHLIB_VERSION=\"$(SOFTOKEN_LIBRARY_VERSION)\"
+
+REQUIRES =
+
+EXPORTS = \
+ blapit.h \
+ shsign.h \
+ ecl-exp.h \
+ $(LOWHASH_EXPORTS) \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ alghmac.h \
+ blapi.h \
+ chacha20poly1305.h \
+ hmacct.h \
+ secmpi.h \
+ secrng.h \
+ ec.h \
+ ecl.h \
+ ecl-curve.h \
+ $(NULL)
+
+MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h mp_gf2m.h
+MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c mp_gf2m.c
+
+
+ECL_HDRS = ecl-exp.h ecl.h ecp.h ecl-priv.h
+ifndef NSS_DISABLE_ECC
+ECL_SRCS = ecl.c ecl_curve.c ecl_mult.c ecl_gf.c \
+ ecp_aff.c ecp_jac.c ecp_mont.c \
+ ec_naf.c ecp_jm.c ecp_256.c ecp_384.c ecp_521.c \
+ ecp_256_32.c ecp_25519.c
+else
+ECL_SRCS = $(NULL)
+endif
+SHA_SRCS = sha_fast.c
+MPCPU_SRCS = mpcpucache.c
+
+CSRCS = \
+ freeblver.c \
+ ldvector.c \
+ sysrand.c \
+ $(SHA_SRCS) \
+ md2.c \
+ md5.c \
+ sha512.c \
+ alghmac.c \
+ rawhash.c \
+ alg2268.c \
+ arcfour.c \
+ arcfive.c \
+ desblapi.c \
+ des.c \
+ drbg.c \
+ chacha20poly1305.c \
+ cts.c \
+ ctr.c \
+ fipsfreebl.c \
+ gcm.c \
+ hmacct.c \
+ rijndael.c \
+ aeskeywrap.c \
+ camellia.c \
+ dh.c \
+ ec.c \
+ ecdecode.c \
+ pqg.c \
+ dsa.c \
+ rsa.c \
+ rsapkcs.c \
+ shvfy.c \
+ tlsprfalg.c \
+ seed.c \
+ jpake.c \
+ $(MPI_SRCS) \
+ $(MPCPU_SRCS) \
+ $(ECL_SRCS) \
+ $(STUBS_SRCS) \
+ $(LOWHASH_SRCS) \
+ $(EXTRA_SRCS) \
+ $(NULL)
+
+ALL_CSRCS := $(CSRCS)
+
+ALL_HDRS = \
+ alghmac.h \
+ blapi.h \
+ blapit.h \
+ des.h \
+ ec.h \
+ loader.h \
+ rijndael.h \
+ camellia.h \
+ secmpi.h \
+ sha_fast.h \
+ sha256.h \
+ shsign.h \
+ vis_proto.h \
+ seed.h \
+ $(NULL)
+
+
+ifdef AES_GEN_TBL
+DEFINES += -DRIJNDAEL_GENERATE_TABLES
+else
+ifdef AES_GEN_TBL_M
+DEFINES += -DRIJNDAEL_GENERATE_TABLES_MACRO
+else
+ifdef AES_GEN_VAL
+DEFINES += -DRIJNDAEL_GENERATE_VALUES
+else
+ifdef AES_GEN_VAL_M
+DEFINES += -DRIJNDAEL_GENERATE_VALUES_MACRO
+else
+DEFINES += -DRIJNDAEL_INCLUDE_TABLES
+endif
+endif
+endif
+endif
diff --git a/security/nss/lib/freebl/md2.c b/security/nss/lib/freebl/md2.c
new file mode 100644
index 000000000..cb3d3d82b
--- /dev/null
+++ b/security/nss/lib/freebl/md2.c
@@ -0,0 +1,269 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerr.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+
+#include "blapi.h"
+
+#define MD2_DIGEST_LEN 16
+#define MD2_BUFSIZE 16
+#define MD2_X_SIZE 48 /* The X array, [CV | INPUT | TMP VARS] */
+#define MD2_CV 0 /* index into X for chaining variables */
+#define MD2_INPUT 16 /* index into X for input */
+#define MD2_TMPVARS 32 /* index into X for temporary variables */
+#define MD2_CHECKSUM_SIZE 16
+
+struct MD2ContextStr {
+ unsigned char checksum[MD2_BUFSIZE];
+ unsigned char X[MD2_X_SIZE];
+ PRUint8 unusedBuffer;
+};
+
+static const PRUint8 MD2S[256] = {
+ 0051, 0056, 0103, 0311, 0242, 0330, 0174, 0001,
+ 0075, 0066, 0124, 0241, 0354, 0360, 0006, 0023,
+ 0142, 0247, 0005, 0363, 0300, 0307, 0163, 0214,
+ 0230, 0223, 0053, 0331, 0274, 0114, 0202, 0312,
+ 0036, 0233, 0127, 0074, 0375, 0324, 0340, 0026,
+ 0147, 0102, 0157, 0030, 0212, 0027, 0345, 0022,
+ 0276, 0116, 0304, 0326, 0332, 0236, 0336, 0111,
+ 0240, 0373, 0365, 0216, 0273, 0057, 0356, 0172,
+ 0251, 0150, 0171, 0221, 0025, 0262, 0007, 0077,
+ 0224, 0302, 0020, 0211, 0013, 0042, 0137, 0041,
+ 0200, 0177, 0135, 0232, 0132, 0220, 0062, 0047,
+ 0065, 0076, 0314, 0347, 0277, 0367, 0227, 0003,
+ 0377, 0031, 0060, 0263, 0110, 0245, 0265, 0321,
+ 0327, 0136, 0222, 0052, 0254, 0126, 0252, 0306,
+ 0117, 0270, 0070, 0322, 0226, 0244, 0175, 0266,
+ 0166, 0374, 0153, 0342, 0234, 0164, 0004, 0361,
+ 0105, 0235, 0160, 0131, 0144, 0161, 0207, 0040,
+ 0206, 0133, 0317, 0145, 0346, 0055, 0250, 0002,
+ 0033, 0140, 0045, 0255, 0256, 0260, 0271, 0366,
+ 0034, 0106, 0141, 0151, 0064, 0100, 0176, 0017,
+ 0125, 0107, 0243, 0043, 0335, 0121, 0257, 0072,
+ 0303, 0134, 0371, 0316, 0272, 0305, 0352, 0046,
+ 0054, 0123, 0015, 0156, 0205, 0050, 0204, 0011,
+ 0323, 0337, 0315, 0364, 0101, 0201, 0115, 0122,
+ 0152, 0334, 0067, 0310, 0154, 0301, 0253, 0372,
+ 0044, 0341, 0173, 0010, 0014, 0275, 0261, 0112,
+ 0170, 0210, 0225, 0213, 0343, 0143, 0350, 0155,
+ 0351, 0313, 0325, 0376, 0073, 0000, 0035, 0071,
+ 0362, 0357, 0267, 0016, 0146, 0130, 0320, 0344,
+ 0246, 0167, 0162, 0370, 0353, 0165, 0113, 0012,
+ 0061, 0104, 0120, 0264, 0217, 0355, 0037, 0032,
+ 0333, 0231, 0215, 0063, 0237, 0021, 0203, 0024
+};
+
+SECStatus
+MD2_Hash(unsigned char *dest, const char *src)
+{
+ unsigned int len;
+ MD2Context *cx = MD2_NewContext();
+ if (!cx) {
+ PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+ return SECFailure;
+ }
+ MD2_Begin(cx);
+ MD2_Update(cx, (const unsigned char *)src, PORT_Strlen(src));
+ MD2_End(cx, dest, &len, MD2_DIGEST_LEN);
+ MD2_DestroyContext(cx, PR_TRUE);
+ return SECSuccess;
+}
+
+MD2Context *
+MD2_NewContext(void)
+{
+ MD2Context *cx = (MD2Context *)PORT_ZAlloc(sizeof(MD2Context));
+ if (cx == NULL) {
+ PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+ return NULL;
+ }
+ return cx;
+}
+
+void
+MD2_DestroyContext(MD2Context *cx, PRBool freeit)
+{
+ if (freeit)
+ PORT_ZFree(cx, sizeof(*cx));
+}
+
+void
+MD2_Begin(MD2Context *cx)
+{
+ memset(cx, 0, sizeof(*cx));
+ cx->unusedBuffer = MD2_BUFSIZE;
+}
+
+static void
+md2_compress(MD2Context *cx)
+{
+ int j;
+ unsigned char P;
+ P = cx->checksum[MD2_CHECKSUM_SIZE - 1];
+/* Compute the running checksum, and set the tmp variables to be
+ * CV[i] XOR input[i]
+ */
+#define CKSUMFN(n) \
+ P = cx->checksum[n] ^ MD2S[cx->X[MD2_INPUT + n] ^ P]; \
+ cx->checksum[n] = P; \
+ cx->X[MD2_TMPVARS + n] = cx->X[n] ^ cx->X[MD2_INPUT + n];
+ CKSUMFN(0);
+ CKSUMFN(1);
+ CKSUMFN(2);
+ CKSUMFN(3);
+ CKSUMFN(4);
+ CKSUMFN(5);
+ CKSUMFN(6);
+ CKSUMFN(7);
+ CKSUMFN(8);
+ CKSUMFN(9);
+ CKSUMFN(10);
+ CKSUMFN(11);
+ CKSUMFN(12);
+ CKSUMFN(13);
+ CKSUMFN(14);
+ CKSUMFN(15);
+/* The compression function. */
+#define COMPRESS(n) \
+ P = cx->X[n] ^ MD2S[P]; \
+ cx->X[n] = P;
+ P = 0x00;
+ for (j = 0; j < 18; j++) {
+ COMPRESS(0);
+ COMPRESS(1);
+ COMPRESS(2);
+ COMPRESS(3);
+ COMPRESS(4);
+ COMPRESS(5);
+ COMPRESS(6);
+ COMPRESS(7);
+ COMPRESS(8);
+ COMPRESS(9);
+ COMPRESS(10);
+ COMPRESS(11);
+ COMPRESS(12);
+ COMPRESS(13);
+ COMPRESS(14);
+ COMPRESS(15);
+ COMPRESS(16);
+ COMPRESS(17);
+ COMPRESS(18);
+ COMPRESS(19);
+ COMPRESS(20);
+ COMPRESS(21);
+ COMPRESS(22);
+ COMPRESS(23);
+ COMPRESS(24);
+ COMPRESS(25);
+ COMPRESS(26);
+ COMPRESS(27);
+ COMPRESS(28);
+ COMPRESS(29);
+ COMPRESS(30);
+ COMPRESS(31);
+ COMPRESS(32);
+ COMPRESS(33);
+ COMPRESS(34);
+ COMPRESS(35);
+ COMPRESS(36);
+ COMPRESS(37);
+ COMPRESS(38);
+ COMPRESS(39);
+ COMPRESS(40);
+ COMPRESS(41);
+ COMPRESS(42);
+ COMPRESS(43);
+ COMPRESS(44);
+ COMPRESS(45);
+ COMPRESS(46);
+ COMPRESS(47);
+ P = (P + j) % 256;
+ }
+ cx->unusedBuffer = MD2_BUFSIZE;
+}
+
+void
+MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
+{
+ PRUint32 bytesToConsume;
+
+ /* Fill the remaining input buffer. */
+ if (cx->unusedBuffer != MD2_BUFSIZE) {
+ bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer);
+ memcpy(&cx->X[MD2_INPUT + (MD2_BUFSIZE - cx->unusedBuffer)],
+ input, bytesToConsume);
+ if (cx->unusedBuffer + bytesToConsume >= MD2_BUFSIZE)
+ md2_compress(cx);
+ inputLen -= bytesToConsume;
+ input += bytesToConsume;
+ }
+
+ /* Iterate over 16-byte chunks of the input. */
+ while (inputLen >= MD2_BUFSIZE) {
+ memcpy(&cx->X[MD2_INPUT], input, MD2_BUFSIZE);
+ md2_compress(cx);
+ inputLen -= MD2_BUFSIZE;
+ input += MD2_BUFSIZE;
+ }
+
+ /* Copy any input that remains into the buffer. */
+ if (inputLen)
+ memcpy(&cx->X[MD2_INPUT], input, inputLen);
+ cx->unusedBuffer = MD2_BUFSIZE - inputLen;
+}
+
+void
+MD2_End(MD2Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ PRUint8 padStart;
+ if (maxDigestLen < MD2_BUFSIZE) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+ padStart = MD2_BUFSIZE - cx->unusedBuffer;
+ memset(&cx->X[MD2_INPUT + padStart], cx->unusedBuffer,
+ cx->unusedBuffer);
+ md2_compress(cx);
+ memcpy(&cx->X[MD2_INPUT], cx->checksum, MD2_BUFSIZE);
+ md2_compress(cx);
+ *digestLen = MD2_DIGEST_LEN;
+ memcpy(digest, &cx->X[MD2_CV], MD2_DIGEST_LEN);
+}
+
+unsigned int
+MD2_FlattenSize(MD2Context *cx)
+{
+ return sizeof(*cx);
+}
+
+SECStatus
+MD2_Flatten(MD2Context *cx, unsigned char *space)
+{
+ memcpy(space, cx, sizeof(*cx));
+ return SECSuccess;
+}
+
+MD2Context *
+MD2_Resurrect(unsigned char *space, void *arg)
+{
+ MD2Context *cx = MD2_NewContext();
+ if (cx)
+ memcpy(cx, space, sizeof(*cx));
+ return cx;
+}
+
+void
+MD2_Clone(MD2Context *dest, MD2Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
diff --git a/security/nss/lib/freebl/md5.c b/security/nss/lib/freebl/md5.c
new file mode 100644
index 000000000..bdd36a61b
--- /dev/null
+++ b/security/nss/lib/freebl/md5.c
@@ -0,0 +1,598 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerr.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "prlong.h"
+
+#include "blapi.h"
+#include "blapii.h"
+
+#define MD5_HASH_LEN 16
+#define MD5_BUFFER_SIZE 64
+#define MD5_END_BUFFER (MD5_BUFFER_SIZE - 8)
+
+#define CV0_1 0x67452301
+#define CV0_2 0xefcdab89
+#define CV0_3 0x98badcfe
+#define CV0_4 0x10325476
+
+#define T1_0 0xd76aa478
+#define T1_1 0xe8c7b756
+#define T1_2 0x242070db
+#define T1_3 0xc1bdceee
+#define T1_4 0xf57c0faf
+#define T1_5 0x4787c62a
+#define T1_6 0xa8304613
+#define T1_7 0xfd469501
+#define T1_8 0x698098d8
+#define T1_9 0x8b44f7af
+#define T1_10 0xffff5bb1
+#define T1_11 0x895cd7be
+#define T1_12 0x6b901122
+#define T1_13 0xfd987193
+#define T1_14 0xa679438e
+#define T1_15 0x49b40821
+
+#define T2_0 0xf61e2562
+#define T2_1 0xc040b340
+#define T2_2 0x265e5a51
+#define T2_3 0xe9b6c7aa
+#define T2_4 0xd62f105d
+#define T2_5 0x02441453
+#define T2_6 0xd8a1e681
+#define T2_7 0xe7d3fbc8
+#define T2_8 0x21e1cde6
+#define T2_9 0xc33707d6
+#define T2_10 0xf4d50d87
+#define T2_11 0x455a14ed
+#define T2_12 0xa9e3e905
+#define T2_13 0xfcefa3f8
+#define T2_14 0x676f02d9
+#define T2_15 0x8d2a4c8a
+
+#define T3_0 0xfffa3942
+#define T3_1 0x8771f681
+#define T3_2 0x6d9d6122
+#define T3_3 0xfde5380c
+#define T3_4 0xa4beea44
+#define T3_5 0x4bdecfa9
+#define T3_6 0xf6bb4b60
+#define T3_7 0xbebfbc70
+#define T3_8 0x289b7ec6
+#define T3_9 0xeaa127fa
+#define T3_10 0xd4ef3085
+#define T3_11 0x04881d05
+#define T3_12 0xd9d4d039
+#define T3_13 0xe6db99e5
+#define T3_14 0x1fa27cf8
+#define T3_15 0xc4ac5665
+
+#define T4_0 0xf4292244
+#define T4_1 0x432aff97
+#define T4_2 0xab9423a7
+#define T4_3 0xfc93a039
+#define T4_4 0x655b59c3
+#define T4_5 0x8f0ccc92
+#define T4_6 0xffeff47d
+#define T4_7 0x85845dd1
+#define T4_8 0x6fa87e4f
+#define T4_9 0xfe2ce6e0
+#define T4_10 0xa3014314
+#define T4_11 0x4e0811a1
+#define T4_12 0xf7537e82
+#define T4_13 0xbd3af235
+#define T4_14 0x2ad7d2bb
+#define T4_15 0xeb86d391
+
+#define R1B0 0
+#define R1B1 1
+#define R1B2 2
+#define R1B3 3
+#define R1B4 4
+#define R1B5 5
+#define R1B6 6
+#define R1B7 7
+#define R1B8 8
+#define R1B9 9
+#define R1B10 10
+#define R1B11 11
+#define R1B12 12
+#define R1B13 13
+#define R1B14 14
+#define R1B15 15
+
+#define R2B0 1
+#define R2B1 6
+#define R2B2 11
+#define R2B3 0
+#define R2B4 5
+#define R2B5 10
+#define R2B6 15
+#define R2B7 4
+#define R2B8 9
+#define R2B9 14
+#define R2B10 3
+#define R2B11 8
+#define R2B12 13
+#define R2B13 2
+#define R2B14 7
+#define R2B15 12
+
+#define R3B0 5
+#define R3B1 8
+#define R3B2 11
+#define R3B3 14
+#define R3B4 1
+#define R3B5 4
+#define R3B6 7
+#define R3B7 10
+#define R3B8 13
+#define R3B9 0
+#define R3B10 3
+#define R3B11 6
+#define R3B12 9
+#define R3B13 12
+#define R3B14 15
+#define R3B15 2
+
+#define R4B0 0
+#define R4B1 7
+#define R4B2 14
+#define R4B3 5
+#define R4B4 12
+#define R4B5 3
+#define R4B6 10
+#define R4B7 1
+#define R4B8 8
+#define R4B9 15
+#define R4B10 6
+#define R4B11 13
+#define R4B12 4
+#define R4B13 11
+#define R4B14 2
+#define R4B15 9
+
+#define S1_0 7
+#define S1_1 12
+#define S1_2 17
+#define S1_3 22
+
+#define S2_0 5
+#define S2_1 9
+#define S2_2 14
+#define S2_3 20
+
+#define S3_0 4
+#define S3_1 11
+#define S3_2 16
+#define S3_3 23
+
+#define S4_0 6
+#define S4_1 10
+#define S4_2 15
+#define S4_3 21
+
+struct MD5ContextStr {
+ PRUint32 lsbInput;
+ PRUint32 msbInput;
+ PRUint32 cv[4];
+ union {
+ PRUint8 b[64];
+ PRUint32 w[16];
+ } u;
+};
+
+#define inBuf u.b
+
+SECStatus
+MD5_Hash(unsigned char *dest, const char *src)
+{
+ return MD5_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+SECStatus
+MD5_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ unsigned int len;
+ MD5Context cx;
+
+ MD5_Begin(&cx);
+ MD5_Update(&cx, src, src_length);
+ MD5_End(&cx, dest, &len, MD5_HASH_LEN);
+ memset(&cx, 0, sizeof cx);
+ return SECSuccess;
+}
+
+MD5Context *
+MD5_NewContext(void)
+{
+ /* no need to ZAlloc, MD5_Begin will init the context */
+ MD5Context *cx = (MD5Context *)PORT_Alloc(sizeof(MD5Context));
+ if (cx == NULL) {
+ PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
+ return NULL;
+ }
+ return cx;
+}
+
+void
+MD5_DestroyContext(MD5Context *cx, PRBool freeit)
+{
+ memset(cx, 0, sizeof *cx);
+ if (freeit) {
+ PORT_Free(cx);
+ }
+}
+
+void
+MD5_Begin(MD5Context *cx)
+{
+ cx->lsbInput = 0;
+ cx->msbInput = 0;
+ /* memset(cx->inBuf, 0, sizeof(cx->inBuf)); */
+ cx->cv[0] = CV0_1;
+ cx->cv[1] = CV0_2;
+ cx->cv[2] = CV0_3;
+ cx->cv[3] = CV0_4;
+}
+
+#define cls(i32, s) (tmp = i32, tmp << s | tmp >> (32 - s))
+
+#if defined(SOLARIS) || defined(HPUX)
+#define addto64(sumhigh, sumlow, addend) \
+ sumlow += addend; \
+ sumhigh += (sumlow < addend);
+#else
+#define addto64(sumhigh, sumlow, addend) \
+ sumlow += addend; \
+ if (sumlow < addend) \
+ ++sumhigh;
+#endif
+
+#define MASK 0x00ff00ff
+#ifdef IS_LITTLE_ENDIAN
+#define lendian(i32) \
+ (i32)
+#else
+#define lendian(i32) \
+ (tmp = (i32 >> 16) | (i32 << 16), ((tmp & MASK) << 8) | ((tmp >> 8) & MASK))
+#endif
+
+#ifndef IS_LITTLE_ENDIAN
+
+#define lebytes(b4) \
+ ((b4)[3] << 24 | (b4)[2] << 16 | (b4)[1] << 8 | (b4)[0])
+
+static void
+md5_prep_state_le(MD5Context *cx)
+{
+ PRUint32 tmp;
+ cx->u.w[0] = lendian(cx->u.w[0]);
+ cx->u.w[1] = lendian(cx->u.w[1]);
+ cx->u.w[2] = lendian(cx->u.w[2]);
+ cx->u.w[3] = lendian(cx->u.w[3]);
+ cx->u.w[4] = lendian(cx->u.w[4]);
+ cx->u.w[5] = lendian(cx->u.w[5]);
+ cx->u.w[6] = lendian(cx->u.w[6]);
+ cx->u.w[7] = lendian(cx->u.w[7]);
+ cx->u.w[8] = lendian(cx->u.w[8]);
+ cx->u.w[9] = lendian(cx->u.w[9]);
+ cx->u.w[10] = lendian(cx->u.w[10]);
+ cx->u.w[11] = lendian(cx->u.w[11]);
+ cx->u.w[12] = lendian(cx->u.w[12]);
+ cx->u.w[13] = lendian(cx->u.w[13]);
+ cx->u.w[14] = lendian(cx->u.w[14]);
+ cx->u.w[15] = lendian(cx->u.w[15]);
+}
+
+static void
+md5_prep_buffer_le(MD5Context *cx, const PRUint8 *beBuf)
+{
+ cx->u.w[0] = lebytes(&beBuf[0]);
+ cx->u.w[1] = lebytes(&beBuf[4]);
+ cx->u.w[2] = lebytes(&beBuf[8]);
+ cx->u.w[3] = lebytes(&beBuf[12]);
+ cx->u.w[4] = lebytes(&beBuf[16]);
+ cx->u.w[5] = lebytes(&beBuf[20]);
+ cx->u.w[6] = lebytes(&beBuf[24]);
+ cx->u.w[7] = lebytes(&beBuf[28]);
+ cx->u.w[8] = lebytes(&beBuf[32]);
+ cx->u.w[9] = lebytes(&beBuf[36]);
+ cx->u.w[10] = lebytes(&beBuf[40]);
+ cx->u.w[11] = lebytes(&beBuf[44]);
+ cx->u.w[12] = lebytes(&beBuf[48]);
+ cx->u.w[13] = lebytes(&beBuf[52]);
+ cx->u.w[14] = lebytes(&beBuf[56]);
+ cx->u.w[15] = lebytes(&beBuf[60]);
+}
+#endif
+
+#define F(X, Y, Z) \
+ ((X & Y) | ((~X) & Z))
+
+#define G(X, Y, Z) \
+ ((X & Z) | (Y & (~Z)))
+
+#define H(X, Y, Z) \
+ (X ^ Y ^ Z)
+
+#define I(X, Y, Z) \
+ (Y ^ (X | (~Z)))
+
+#define FF(a, b, c, d, bufint, s, ti) \
+ a = b + cls(a + F(b, c, d) + bufint + ti, s)
+
+#define GG(a, b, c, d, bufint, s, ti) \
+ a = b + cls(a + G(b, c, d) + bufint + ti, s)
+
+#define HH(a, b, c, d, bufint, s, ti) \
+ a = b + cls(a + H(b, c, d) + bufint + ti, s)
+
+#define II(a, b, c, d, bufint, s, ti) \
+ a = b + cls(a + I(b, c, d) + bufint + ti, s)
+
+static void NO_SANITIZE_ALIGNMENT
+md5_compress(MD5Context *cx, const PRUint32 *wBuf)
+{
+ PRUint32 a, b, c, d;
+ PRUint32 tmp;
+ a = cx->cv[0];
+ b = cx->cv[1];
+ c = cx->cv[2];
+ d = cx->cv[3];
+ FF(a, b, c, d, wBuf[R1B0], S1_0, T1_0);
+ FF(d, a, b, c, wBuf[R1B1], S1_1, T1_1);
+ FF(c, d, a, b, wBuf[R1B2], S1_2, T1_2);
+ FF(b, c, d, a, wBuf[R1B3], S1_3, T1_3);
+ FF(a, b, c, d, wBuf[R1B4], S1_0, T1_4);
+ FF(d, a, b, c, wBuf[R1B5], S1_1, T1_5);
+ FF(c, d, a, b, wBuf[R1B6], S1_2, T1_6);
+ FF(b, c, d, a, wBuf[R1B7], S1_3, T1_7);
+ FF(a, b, c, d, wBuf[R1B8], S1_0, T1_8);
+ FF(d, a, b, c, wBuf[R1B9], S1_1, T1_9);
+ FF(c, d, a, b, wBuf[R1B10], S1_2, T1_10);
+ FF(b, c, d, a, wBuf[R1B11], S1_3, T1_11);
+ FF(a, b, c, d, wBuf[R1B12], S1_0, T1_12);
+ FF(d, a, b, c, wBuf[R1B13], S1_1, T1_13);
+ FF(c, d, a, b, wBuf[R1B14], S1_2, T1_14);
+ FF(b, c, d, a, wBuf[R1B15], S1_3, T1_15);
+ GG(a, b, c, d, wBuf[R2B0], S2_0, T2_0);
+ GG(d, a, b, c, wBuf[R2B1], S2_1, T2_1);
+ GG(c, d, a, b, wBuf[R2B2], S2_2, T2_2);
+ GG(b, c, d, a, wBuf[R2B3], S2_3, T2_3);
+ GG(a, b, c, d, wBuf[R2B4], S2_0, T2_4);
+ GG(d, a, b, c, wBuf[R2B5], S2_1, T2_5);
+ GG(c, d, a, b, wBuf[R2B6], S2_2, T2_6);
+ GG(b, c, d, a, wBuf[R2B7], S2_3, T2_7);
+ GG(a, b, c, d, wBuf[R2B8], S2_0, T2_8);
+ GG(d, a, b, c, wBuf[R2B9], S2_1, T2_9);
+ GG(c, d, a, b, wBuf[R2B10], S2_2, T2_10);
+ GG(b, c, d, a, wBuf[R2B11], S2_3, T2_11);
+ GG(a, b, c, d, wBuf[R2B12], S2_0, T2_12);
+ GG(d, a, b, c, wBuf[R2B13], S2_1, T2_13);
+ GG(c, d, a, b, wBuf[R2B14], S2_2, T2_14);
+ GG(b, c, d, a, wBuf[R2B15], S2_3, T2_15);
+ HH(a, b, c, d, wBuf[R3B0], S3_0, T3_0);
+ HH(d, a, b, c, wBuf[R3B1], S3_1, T3_1);
+ HH(c, d, a, b, wBuf[R3B2], S3_2, T3_2);
+ HH(b, c, d, a, wBuf[R3B3], S3_3, T3_3);
+ HH(a, b, c, d, wBuf[R3B4], S3_0, T3_4);
+ HH(d, a, b, c, wBuf[R3B5], S3_1, T3_5);
+ HH(c, d, a, b, wBuf[R3B6], S3_2, T3_6);
+ HH(b, c, d, a, wBuf[R3B7], S3_3, T3_7);
+ HH(a, b, c, d, wBuf[R3B8], S3_0, T3_8);
+ HH(d, a, b, c, wBuf[R3B9], S3_1, T3_9);
+ HH(c, d, a, b, wBuf[R3B10], S3_2, T3_10);
+ HH(b, c, d, a, wBuf[R3B11], S3_3, T3_11);
+ HH(a, b, c, d, wBuf[R3B12], S3_0, T3_12);
+ HH(d, a, b, c, wBuf[R3B13], S3_1, T3_13);
+ HH(c, d, a, b, wBuf[R3B14], S3_2, T3_14);
+ HH(b, c, d, a, wBuf[R3B15], S3_3, T3_15);
+ II(a, b, c, d, wBuf[R4B0], S4_0, T4_0);
+ II(d, a, b, c, wBuf[R4B1], S4_1, T4_1);
+ II(c, d, a, b, wBuf[R4B2], S4_2, T4_2);
+ II(b, c, d, a, wBuf[R4B3], S4_3, T4_3);
+ II(a, b, c, d, wBuf[R4B4], S4_0, T4_4);
+ II(d, a, b, c, wBuf[R4B5], S4_1, T4_5);
+ II(c, d, a, b, wBuf[R4B6], S4_2, T4_6);
+ II(b, c, d, a, wBuf[R4B7], S4_3, T4_7);
+ II(a, b, c, d, wBuf[R4B8], S4_0, T4_8);
+ II(d, a, b, c, wBuf[R4B9], S4_1, T4_9);
+ II(c, d, a, b, wBuf[R4B10], S4_2, T4_10);
+ II(b, c, d, a, wBuf[R4B11], S4_3, T4_11);
+ II(a, b, c, d, wBuf[R4B12], S4_0, T4_12);
+ II(d, a, b, c, wBuf[R4B13], S4_1, T4_13);
+ II(c, d, a, b, wBuf[R4B14], S4_2, T4_14);
+ II(b, c, d, a, wBuf[R4B15], S4_3, T4_15);
+ cx->cv[0] += a;
+ cx->cv[1] += b;
+ cx->cv[2] += c;
+ cx->cv[3] += d;
+}
+
+void
+MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
+{
+ PRUint32 bytesToConsume;
+ PRUint32 inBufIndex = cx->lsbInput & 63;
+ const PRUint32 *wBuf;
+
+ /* Add the number of input bytes to the 64-bit input counter. */
+ addto64(cx->msbInput, cx->lsbInput, inputLen);
+ if (inBufIndex) {
+ /* There is already data in the buffer. Fill with input. */
+ bytesToConsume = PR_MIN(inputLen, MD5_BUFFER_SIZE - inBufIndex);
+ memcpy(&cx->inBuf[inBufIndex], input, bytesToConsume);
+ if (inBufIndex + bytesToConsume >= MD5_BUFFER_SIZE) {
+/* The buffer is filled. Run the compression function. */
+#ifndef IS_LITTLE_ENDIAN
+ md5_prep_state_le(cx);
+#endif
+ md5_compress(cx, cx->u.w);
+ }
+ /* Remaining input. */
+ inputLen -= bytesToConsume;
+ input += bytesToConsume;
+ }
+
+ /* Iterate over 64-byte chunks of the message. */
+ while (inputLen >= MD5_BUFFER_SIZE) {
+#ifdef IS_LITTLE_ENDIAN
+#ifdef HAVE_UNALIGNED_ACCESS
+ /* x86 can handle arithmetic on non-word-aligned buffers */
+ wBuf = (PRUint32 *)input;
+#else
+ if ((ptrdiff_t)input & 0x3) {
+ /* buffer not aligned, copy it to force alignment */
+ memcpy(cx->inBuf, input, MD5_BUFFER_SIZE);
+ wBuf = cx->u.w;
+ } else {
+ /* buffer is aligned */
+ wBuf = (PRUint32 *)input;
+ }
+#endif
+#else
+ md5_prep_buffer_le(cx, input);
+ wBuf = cx->u.w;
+#endif
+ md5_compress(cx, wBuf);
+ inputLen -= MD5_BUFFER_SIZE;
+ input += MD5_BUFFER_SIZE;
+ }
+
+ /* Tail of message (message bytes mod 64). */
+ if (inputLen)
+ memcpy(cx->inBuf, input, inputLen);
+}
+
+static const unsigned char padbytes[] = {
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+void
+MD5_End(MD5Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+#ifndef IS_LITTLE_ENDIAN
+ PRUint32 tmp;
+#endif
+ PRUint32 lowInput, highInput;
+ PRUint32 inBufIndex = cx->lsbInput & 63;
+
+ if (maxDigestLen < MD5_HASH_LEN) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ /* Copy out the length of bits input before padding. */
+ lowInput = cx->lsbInput;
+ highInput = (cx->msbInput << 3) | (lowInput >> 29);
+ lowInput <<= 3;
+
+ if (inBufIndex < MD5_END_BUFFER) {
+ MD5_Update(cx, padbytes, MD5_END_BUFFER - inBufIndex);
+ } else {
+ MD5_Update(cx, padbytes,
+ MD5_END_BUFFER + MD5_BUFFER_SIZE - inBufIndex);
+ }
+
+ /* Store the number of bytes input (before padding) in final 64 bits. */
+ cx->u.w[14] = lendian(lowInput);
+ cx->u.w[15] = lendian(highInput);
+
+/* Final call to compress. */
+#ifndef IS_LITTLE_ENDIAN
+ md5_prep_state_le(cx);
+#endif
+ md5_compress(cx, cx->u.w);
+
+ /* Copy the resulting values out of the chain variables into return buf. */
+ if (digestLen)
+ *digestLen = MD5_HASH_LEN;
+#ifndef IS_LITTLE_ENDIAN
+ cx->cv[0] = lendian(cx->cv[0]);
+ cx->cv[1] = lendian(cx->cv[1]);
+ cx->cv[2] = lendian(cx->cv[2]);
+ cx->cv[3] = lendian(cx->cv[3]);
+#endif
+ memcpy(digest, cx->cv, MD5_HASH_LEN);
+}
+
+void
+MD5_EndRaw(MD5Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+#ifndef IS_LITTLE_ENDIAN
+ PRUint32 tmp;
+#endif
+ PRUint32 cv[4];
+
+ if (maxDigestLen < MD5_HASH_LEN) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ memcpy(cv, cx->cv, sizeof(cv));
+#ifndef IS_LITTLE_ENDIAN
+ cv[0] = lendian(cv[0]);
+ cv[1] = lendian(cv[1]);
+ cv[2] = lendian(cv[2]);
+ cv[3] = lendian(cv[3]);
+#endif
+ memcpy(digest, cv, MD5_HASH_LEN);
+ if (digestLen)
+ *digestLen = MD5_HASH_LEN;
+}
+
+unsigned int
+MD5_FlattenSize(MD5Context *cx)
+{
+ return sizeof(*cx);
+}
+
+SECStatus
+MD5_Flatten(MD5Context *cx, unsigned char *space)
+{
+ memcpy(space, cx, sizeof(*cx));
+ return SECSuccess;
+}
+
+MD5Context *
+MD5_Resurrect(unsigned char *space, void *arg)
+{
+ MD5Context *cx = MD5_NewContext();
+ if (cx)
+ memcpy(cx, space, sizeof(*cx));
+ return cx;
+}
+
+void
+MD5_Clone(MD5Context *dest, MD5Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
+
+void
+MD5_TraceState(MD5Context *cx)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+}
diff --git a/security/nss/lib/freebl/mknewpc2.c b/security/nss/lib/freebl/mknewpc2.c
new file mode 100644
index 000000000..6b2968816
--- /dev/null
+++ b/security/nss/lib/freebl/mknewpc2.c
@@ -0,0 +1,208 @@
+/*
+ * mknewpc2.c
+ *
+ * Generate PC-2 tables for DES-150 library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+typedef unsigned char BYTE;
+typedef unsigned int HALF;
+
+#define DES_ENCRYPT 0
+#define DES_DECRYPT 1
+
+/* two 28-bit registers defined in key schedule production process */
+static HALF C0, D0;
+
+static HALF L0, R0;
+
+/* key schedule, 16 internal keys, each with 8 6-bit parts */
+static BYTE KS[8][16];
+
+/*
+ * This table takes the 56 bits in C0 and D0 and shows show they are
+ * permuted into the 8 6-bit parts of the key in the key schedule.
+ * The bits of C0 are numbered left to right, 1-28.
+ * The bits of D0 are numbered left to right, 29-56.
+ * Zeros in this table represent bits that are always zero.
+ * Note that all the bits in the first 4 rows come from C0,
+ * and all the bits in the second 4 rows come from D0.
+ */
+static const BYTE PC2[64] = {
+ 14, 17, 11, 24, 1, 5, 0, 0, /* S1 */
+ 3, 28, 15, 6, 21, 10, 0, 0, /* S2 */
+ 23, 19, 12, 4, 26, 8, 0, 0, /* S3 */
+ 16, 7, 27, 20, 13, 2, 0, 0, /* S4 */
+
+ 41, 52, 31, 37, 47, 55, 0, 0, /* S5 */
+ 30, 40, 51, 45, 33, 48, 0, 0, /* S6 */
+ 44, 49, 39, 56, 34, 53, 0, 0, /* S7 */
+ 46, 42, 50, 36, 29, 32, 0, 0 /* S8 */
+};
+
+/* This table represents the same info as PC2, except that
+ * The bits of C0 and D0 are each numbered right to left, 0-27.
+ * -1 values indicate bits that are always zero.
+ * As before all the bits in the first 4 rows come from C0,
+ * and all the bits in the second 4 rows come from D0.
+ */
+static signed char PC2a[64] = {
+ /* bits of C0 */
+ 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */
+ 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */
+ 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */
+ 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */
+ /* bits of D0 */
+ 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */
+ 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */
+ 12, 7, 17, 0, 22, 3, -1, -1, /* S7 */
+ 10, 14, 6, 20, 27, 24, -1, -1 /* S8 */
+};
+
+/* This table represents the same info as PC2a, except that
+ * The order of of the rows has been changed to increase the efficiency
+ * with which the key sechedule is created.
+ * Fewer shifts and ANDs are required to make the KS from these.
+ */
+static const signed char PC2b[64] = {
+ /* bits of C0 */
+ 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */
+ 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */
+ 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */
+ 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */
+ /* bits of D0 */
+ 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */
+ 10, 14, 6, 20, 27, 24, -1, -1, /* S8 */
+ 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */
+ 12, 7, 17, 0, 22, 3, -1, -1 /* S7 */
+};
+
+/* Only 24 of the 28 bits in C0 and D0 are used in PC2.
+ * The used bits of C0 and D0 are grouped into 4 groups of 6,
+ * so that the PC2 permutation can be accomplished with 4 lookups
+ * in tables of 64 entries.
+ * The following table shows how the bits of C0 and D0 are grouped
+ * into indexes for the respective table lookups.
+ * Bits are numbered right-to-left, 0-27, as in PC2b.
+ */
+static BYTE NDX[48] = {
+ /* Bits of C0 */
+ 27, 26, 25, 24, 23, 22, /* C0 table 0 */
+ 18, 17, 16, 15, 14, 13, /* C0 table 1 */
+ 9, 8, 7, 2, 1, 0, /* C0 table 2 */
+ 5, 4, 21, 20, 12, 11, /* C0 table 3 */
+ /* bits of D0 */
+ 27, 26, 25, 24, 23, 22, /* D0 table 0 */
+ 20, 19, 17, 16, 15, 14, /* D0 table 1 */
+ 12, 11, 10, 9, 8, 7, /* D0 table 2 */
+ 6, 5, 4, 3, 1, 0 /* D0 table 3 */
+};
+
+/* Here's the code that does that grouping.
+ left = PC2LOOKUP(0, 0, ((c0 >> 22) & 0x3F) );
+ left |= PC2LOOKUP(0, 1, ((c0 >> 13) & 0x3F) );
+ left |= PC2LOOKUP(0, 2, ((c0 >> 4) & 0x38) | (c0 & 0x7) );
+ left |= PC2LOOKUP(0, 3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30));
+
+ right = PC2LOOKUP(1, 0, ((d0 >> 22) & 0x3F) );
+ right |= PC2LOOKUP(1, 1, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) );
+ right |= PC2LOOKUP(1, 2, ((d0 >> 7) & 0x3F) );
+ right |= PC2LOOKUP(1, 3, ((d0 >> 1) & 0x3C) | (d0 & 0x3));
+*/
+
+void
+make_pc2a(void)
+{
+
+ int i, j;
+
+ for (i = 0; i < 64; ++i) {
+ j = PC2[i];
+ if (j == 0)
+ j = -1;
+ else if (j < 29)
+ j = 28 - j;
+ else
+ j = 56 - j;
+ PC2a[i] = j;
+ }
+ for (i = 0; i < 64; i += 8) {
+ printf("%3d,%3d,%3d,%3d,%3d,%3d,%3d,%3d,\n",
+ PC2a[i + 0], PC2a[i + 1], PC2a[i + 2], PC2a[i + 3],
+ PC2a[i + 4], PC2a[i + 5], PC2a[i + 6], PC2a[i + 7]);
+ }
+}
+
+HALF PC2cd0[64];
+
+HALF PC_2H[8][64];
+
+void
+mktable()
+{
+ int i;
+ int table;
+ const BYTE* ndx = NDX;
+ HALF mask;
+
+ mask = 0x80000000;
+ for (i = 0; i < 32; ++i, mask >>= 1) {
+ int bit = PC2b[i];
+ if (bit < 0)
+ continue;
+ PC2cd0[bit + 32] = mask;
+ }
+
+ mask = 0x80000000;
+ for (i = 32; i < 64; ++i, mask >>= 1) {
+ int bit = PC2b[i];
+ if (bit < 0)
+ continue;
+ PC2cd0[bit] = mask;
+ }
+
+#if DEBUG
+ for (i = 0; i < 64; ++i) {
+ printf("0x%08x,\n", PC2cd0[i]);
+ }
+#endif
+ for (i = 0; i < 24; ++i) {
+ NDX[i] += 32; /* because c0 is the upper half */
+ }
+
+ for (table = 0; table < 8; ++table) {
+ HALF bitvals[6];
+ for (i = 0; i < 6; ++i) {
+ bitvals[5 - i] = PC2cd0[*ndx++];
+ }
+ for (i = 0; i < 64; ++i) {
+ int j;
+ int k = 0;
+ HALF value = 0;
+
+ for (j = i; j; j >>= 1, ++k) {
+ if (j & 1) {
+ value |= bitvals[k];
+ }
+ }
+ PC_2H[table][i] = value;
+ }
+ printf("/* table %d */ {\n", table);
+ for (i = 0; i < 64; i += 4) {
+ printf(" 0x%08x, 0x%08x, 0x%08x, 0x%08x, \n",
+ PC_2H[table][i], PC_2H[table][i + 1],
+ PC_2H[table][i + 2], PC_2H[table][i + 3]);
+ }
+ printf(" },\n");
+ }
+}
+
+int
+main(void)
+{
+ /* make_pc2a(); */
+ mktable();
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mksp.c b/security/nss/lib/freebl/mksp.c
new file mode 100644
index 000000000..ca83ac8e7
--- /dev/null
+++ b/security/nss/lib/freebl/mksp.c
@@ -0,0 +1,119 @@
+/*
+ * mksp.c
+ *
+ * Generate SP tables for DES-150 library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+
+/*
+ * sboxes - the tables for the s-box functions
+ * from FIPS 46, pages 15-16.
+ */
+unsigned char S[8][64] = {
+ /* Func S1 = */
+ { 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
+ 3, 10, 10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
+ 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
+ 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13 },
+ /* Func S2 = */
+ { 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
+ 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
+ 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
+ 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9 },
+ /* Func S3 = */
+ { 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
+ 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
+ 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
+ 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12 },
+ /* Func S4 = */
+ { 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
+ 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
+ 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
+ 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14 },
+ /* Func S5 = */
+ { 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
+ 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
+ 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
+ 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3 },
+ /* Func S6 = */
+ { 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
+ 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
+ 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
+ 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13 },
+ /* Func S7 = */
+ { 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
+ 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
+ 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
+ 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12 },
+ /* Func S8 = */
+ { 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
+ 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
+ 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
+ 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11 }
+};
+
+/*
+ * Permutation function for results from s-boxes
+ * from FIPS 46 pages 12 and 16.
+ * P =
+ */
+unsigned char P[32] = {
+ 16, 7, 20, 21, 29, 12, 28, 17,
+ 1, 15, 23, 26, 5, 18, 31, 10,
+ 2, 8, 24, 14, 32, 27, 3, 9,
+ 19, 13, 30, 6, 22, 11, 4, 25
+};
+
+unsigned int Pinv[32];
+unsigned int SP[8][64];
+
+void
+makePinv(void)
+{
+ int i;
+ unsigned int Pi = 0x80000000;
+ for (i = 0; i < 32; ++i) {
+ int j = 32 - P[i];
+ Pinv[j] = Pi;
+ Pi >>= 1;
+ }
+}
+
+void
+makeSP(void)
+{
+ int box;
+ for (box = 0; box < 8; ++box) {
+ int item;
+ printf("/* box S%d */ {\n", box + 1);
+ for (item = 0; item < 64; ++item) {
+ unsigned int s = S[box][item];
+ unsigned int val = 0;
+ unsigned int bitnum = (7 - box) * 4;
+ for (; s; s >>= 1, ++bitnum) {
+ if (s & 1) {
+ val |= Pinv[bitnum];
+ }
+ }
+ val = (val << 3) | (val >> 29);
+ SP[box][item] = val;
+ }
+ for (item = 0; item < 64; item += 4) {
+ printf("\t0x%08x, 0x%08x, 0x%08x, 0x%08x,\n",
+ SP[box][item], SP[box][item + 1], SP[box][item + 2], SP[box][item + 3]);
+ }
+ printf(" },\n");
+ }
+}
+
+int
+main()
+{
+ makePinv();
+ makeSP();
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/Makefile b/security/nss/lib/freebl/mpi/Makefile
new file mode 100644
index 000000000..0dee5bed1
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/Makefile
@@ -0,0 +1,244 @@
+#
+# Makefile for MPI library
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+## Define CC to be the C compiler you wish to use. The GNU cc
+## compiler (gcc) should work, at the very least
+#CC=cc
+#CC=gcc
+
+##
+## Define PERL to point to your local Perl interpreter. It
+## should be Perl 5.x, although it's conceivable that Perl 4
+## might work ... I haven't tested it.
+##
+#PERL=/usr/bin/perl
+#PERL=perl
+
+include target.mk
+
+CFLAGS+= $(XCFLAGS)
+
+##
+## Define LIBS to include any libraries you need to link against.
+## If NO_TABLE is define, LIBS should include '-lm' or whatever is
+## necessary to bring in the math library. Otherwise, it can be
+## left alone, unless your system has other peculiar requirements.
+##
+LIBS=#-lmalloc#-lefence#-lm
+
+##
+## Define RANLIB to be the library header randomizer; you might not
+## need this on some systems (just set it to 'echo' on these systems,
+## such as IRIX)
+##
+RANLIB=echo
+
+##
+## This is the version string used for the documentation and
+## building the distribution tarball. Don't mess with it unless
+## you are releasing a new version
+VERS=1.7p6
+
+## ----------------------------------------------------------------------
+## You probably don't need to change anything below this line...
+##
+
+##
+## This is the list of source files that need to be packed into
+## the distribution file
+SRCS= mpi.c mpprime.c mplogic.c mp_gf2m.c mpmontg.c mpi-test.c primes.c \
+ mpcpucache.c tests/ \
+ utils/gcd.c utils/invmod.c utils/lap.c \
+ utils/ptab.pl utils/sieve.c utils/isprime.c\
+ utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
+ utils/bbsrand.c utils/prng.c utils/primegen.c \
+ utils/basecvt.c utils/makeprime.c\
+ utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
+ utils/mpi.h utils/mpprime.h mulsqr.c \
+ make-test-arrays test-arrays.txt all-tests make-logtab \
+ types.pl stats timetest multest
+
+## These are the header files that go into the distribution file
+HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h mp_gf2m.h \
+ mp_gf2m-priv.h utils/bbs_rand.h tests/mpi.h tests/mpprime.h
+
+## These are the documentation files that go into the distribution file
+DOCS=README doc utils/README utils/PRIMES
+
+## This is the list of tools built by 'make tools'
+TOOLS=gcd invmod isprime lap dec2hex hex2dec primegen prng \
+ basecvt fact exptmod pi makeprime identest
+
+LIBOBJS = mpprime.o mpmontg.o mplogic.o mp_gf2m.o mpi.o mpcpucache.o $(AS_OBJS)
+LIBHDRS = mpi-config.h mpi-priv.h mpi.h
+APPHDRS = mpi-config.h mpi.h mplogic.h mp_gf2m.h mpprime.h
+
+help:
+ @ echo ""
+ @ echo "The following targets can be built with this Makefile:"
+ @ echo ""
+ @ echo "libmpi.a - arithmetic and prime testing library"
+ @ echo "mpi-test - test driver (requires MP_IOFUNC)"
+ @ echo "tools - command line tools"
+ @ echo "doc - manual pages for tools"
+ @ echo "clean - clean up objects and such"
+ @ echo "distclean - get ready for distribution"
+ @ echo "dist - distribution tarball"
+ @ echo ""
+
+.SUFFIXES: .c .o .i
+
+.c.i:
+ $(CC) $(CFLAGS) -E $< > $@
+
+#.c.o: $*.h $*.c
+# $(CC) $(CFLAGS) -c $<
+
+#---------------------------------------
+
+$(LIBOBJS): $(LIBHDRS)
+
+logtab.h: make-logtab
+ $(PERL) make-logtab > logtab.h
+
+mpi.o: mpi.c logtab.h $(LIBHDRS)
+
+mplogic.o: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
+
+mp_gf2m.o: mp_gf2m.c mpi-priv.h mp_gf2m.h mp_gf2m-priv.h $(LIBHDRS)
+
+mpmontg.o: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
+
+mpprime.o: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
+
+mpcpucache.o: mpcpucache.c $(LIBHDRS)
+
+mpi_mips.o: mpi_mips.s
+ $(CC) -o $@ $(ASFLAGS) -c mpi_mips.s
+
+mpi_sparc.o : montmulf.h
+
+mpv_sparcv9.s: vis_64.il mpv_sparc.c
+ $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_64.il mpv_sparc.c
+
+mpv_sparcv8.s: vis_64.il mpv_sparc.c
+ $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_32.il mpv_sparc.c
+
+montmulfv8.o montmulfv9.o mpv_sparcv8.o mpv_sparcv9.o : %.o : %.s
+ $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -c $<
+
+mpi_arm.o: mpi_arm.c $(LIBHDRS)
+
+# This rule is used to build the .s sources, which are then hand optimized.
+#montmulfv8.s montmulfv9.s : montmulf%.s : montmulf%.il montmulf.c montmulf.h
+# $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -S montmulf$*.il montmulf.c
+
+
+libmpi.a: $(LIBOBJS)
+ ar -cvr libmpi.a $(LIBOBJS)
+ $(RANLIB) libmpi.a
+
+lib libs: libmpi.a
+
+mpi.i: mpi.h
+
+#---------------------------------------
+
+MPTESTOBJS = mptest1.o mptest2.o mptest3.o mptest3a.o mptest4.o mptest4a.o \
+ mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o mptestb.o
+MPTESTS = $(MPTESTOBJS:.o=)
+
+$(MPTESTOBJS): mptest%.o: tests/mptest-%.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -o $@ -c $<
+
+$(MPTESTS): mptest%: mptest%.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+tests: mptest1 mptest2 mptest3 mptest3a mptest4 mptest4a mptest4b mptest6 \
+ mptestb bbsrand
+
+utests: mptest7 mptest8 mptest9
+
+#---------------------------------------
+
+EXTRAOBJS = bbsrand.o bbs_rand.o prng.o
+UTILOBJS = primegen.o metime.o identest.o basecvt.o fact.o exptmod.o pi.o \
+ makeprime.o gcd.o invmod.o lap.o isprime.o \
+ dec2hex.o hex2dec.o
+UTILS = $(UTILOBJS:.o=)
+
+$(UTILS): % : %.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+$(UTILOBJS) $(EXTRAOBJS): %.o : utils/%.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -o $@ -c $<
+
+prng: prng.o bbs_rand.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+bbsrand: bbsrand.o bbs_rand.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+utils: $(UTILS) prng bbsrand
+
+#---------------------------------------
+
+test-info.c: test-arrays.txt
+ $(PERL) make-test-arrays test-arrays.txt > test-info.c
+
+mpi-test.o: mpi-test.c test-info.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -o $@ -c $<
+
+mpi-test: mpi-test.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+mdxptest.o: mdxptest.c $(LIBHDRS) mpi-priv.h
+
+mdxptest: mdxptest.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+mulsqr.o: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
+ $(CC) $(CFLAGS) -DMP_SQUARE=1 -o $@ -c mulsqr.c
+
+mulsqr: mulsqr.o libmpi.a
+ $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
+
+#---------------------------------------
+
+alltests: tests utests mpi-test
+
+tools: $(TOOLS)
+
+doc:
+ (cd doc; ./build)
+
+clean:
+ rm -f *.o *.a *.i
+ rm -f core
+ rm -f *~ .*~
+ rm -f utils/*.o
+ rm -f utils/core
+ rm -f utils/*~ utils/.*~
+
+clobber: clean
+ rm -f $(TOOLS) $(UTILS)
+
+distclean: clean
+ rm -f mptest? mpi-test metime mulsqr karatsuba
+ rm -f mptest?a mptest?b
+ rm -f utils/mptest?
+ rm -f test-info.c logtab.h
+ rm -f libmpi.a
+ rm -f $(TOOLS)
+
+dist: Makefile $(HDRS) $(SRCS) $(DOCS)
+ tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
+ pgps -ab mpi-$(VERS).tar
+ chmod +r mpi-$(VERS).tar.asc
+ gzip -9 mpi-$(VERS).tar
+
+# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.os2 b/security/nss/lib/freebl/mpi/Makefile.os2
new file mode 100644
index 000000000..fa705ee08
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/Makefile.os2
@@ -0,0 +1,243 @@
+#
+# Makefile.win - gmake Makefile for building MPI with VACPP on OS/2
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+## Define CC to be the C compiler you wish to use. The GNU cc
+## compiler (gcc) should work, at the very least
+#CC=cc
+#CC=gcc
+CC=icc.exe
+AS=alp.exe
+
+##
+## Define PERL to point to your local Perl interpreter. It
+## should be Perl 5.x, although it's conceivable that Perl 4
+## might work ... I haven't tested it.
+##
+#PERL=/usr/bin/perl
+#PERL=perl
+
+##
+## Define CFLAGS to contain any local options your compiler
+## setup requires.
+##
+## Conditional compilation options are no longer here; see
+## the file 'mpi-config.h' instead.
+##
+MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
+
+#OS/2
+AS_SRCS = mpi_x86.asm
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
+#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
+ -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+CFLAGS = /Ti+ -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ $(MPICMN)
+ASFLAGS =
+
+##
+## Define LIBS to include any libraries you need to link against.
+## If NO_TABLE is define, LIBS should include '-lm' or whatever is
+## necessary to bring in the math library. Otherwise, it can be
+## left alone, unless your system has other peculiar requirements.
+##
+LIBS=#-lmalloc#-lefence#-lm
+
+##
+## Define RANLIB to be the library header randomizer; you might not
+## need this on some systems (just set it to 'echo' on these systems,
+## such as IRIX)
+##
+RANLIB=echo
+
+##
+## This is the version string used for the documentation and
+## building the distribution tarball. Don't mess with it unless
+## you are releasing a new version
+VERS=1.7p6
+
+## ----------------------------------------------------------------------
+## You probably don't need to change anything below this line...
+##
+
+##
+## This is the list of source files that need to be packed into
+## the distribution file
+SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
+ utils/gcd.c utils/invmod.c utils/lap.c \
+ utils/ptab.pl utils/sieve.c utils/isprime.c\
+ utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
+ utils/bbsrand.c utils/prng.c utils/primegen.c \
+ utils/basecvt.c utils/makeprime.c\
+ utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
+ utils/mpi.h utils/mpprime.h mulsqr.c \
+ make-test-arrays test-arrays.txt all-tests make-logtab \
+ types.pl stats timetest multest
+
+## These are the header files that go into the distribution file
+HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
+ utils/bbs_rand.h tests/mpi.h tests/mpprime.h
+
+## These are the documentation files that go into the distribution file
+DOCS=README doc utils/README utils/PRIMES
+
+## This is the list of tools built by 'make tools'
+TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
+ primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
+
+AS_OBJS = $(AS_SRCS:.asm=.obj)
+LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
+LIBHDRS = mpi-config.h mpi-priv.h mpi.h
+APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
+
+
+help:
+ @ echo ""
+ @ echo "The following targets can be built with this Makefile:"
+ @ echo ""
+ @ echo "mpi.lib - arithmetic and prime testing library"
+ @ echo "mpi-test.exe - test driver (requires MP_IOFUNC)"
+ @ echo "tools - command line tools"
+ @ echo "doc - manual pages for tools"
+ @ echo "clean - clean up objects and such"
+ @ echo "distclean - get ready for distribution"
+ @ echo "dist - distribution tarball"
+ @ echo ""
+
+.SUFFIXES: .c .obj .i .lib .exe .asm
+
+.c.i:
+ $(CC) $(CFLAGS) -E $< > $@
+
+.c.obj:
+ $(CC) $(CFLAGS) -c $<
+
+.asm.obj:
+ $(AS) $(ASFLAGS) $<
+
+.obj.exe:
+ $(CC) $(CFLAGS) -Fo$@ $<
+
+#---------------------------------------
+
+$(LIBOBJS): $(LIBHDRS)
+
+logtab.h: make-logtab
+ $(PERL) make-logtab > logtab.h
+
+mpi.obj: mpi.c logtab.h $(LIBHDRS)
+
+mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
+
+mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
+
+mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
+
+mpi_mips.obj: mpi_mips.s
+ $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
+
+mpi.lib: $(LIBOBJS)
+ ilib /out:mpi.lib $(LIBOBJS)
+ $(RANLIB) mpi.lib
+
+lib libs: mpi.lib
+
+#---------------------------------------
+
+MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
+ mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
+MPTESTS = $(MPTESTOBJS:.obj=.exe)
+
+$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -Fo$@ -c $<
+
+$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
+ mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
+
+utests: mptest7.exe mptest8.exe mptest9.exe
+
+#---------------------------------------
+
+EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
+UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
+ exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
+ isprime.obj dec2hex.obj hex2dec.obj
+UTILS = $(UTILOBJS:.obj=.exe)
+
+$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -Fo$@ -c $<
+
+prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+utils: $(UTILS) prng.exe bbsrand.exe
+
+#---------------------------------------
+
+test-info.c: test-arrays.txt
+ $(PERL) make-test-arrays test-arrays.txt > test-info.c
+
+mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -Fo$@ -c $<
+
+mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
+
+mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
+ $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c
+
+mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+#---------------------------------------
+
+alltests: tests utests mpi-test.exe
+
+tools: $(TOOLS)
+
+doc:
+ (cd doc; ./build)
+
+clean:
+ rm -f *.obj *.lib *.pdb *.ilk
+ cd utils; rm -f *.obj *.lib *.pdb *.ilk
+
+distclean: clean
+ rm -f mptest? mpi-test metime mulsqr karatsuba
+ rm -f mptest?a mptest?b
+ rm -f utils/mptest?
+ rm -f test-info.c logtab.h
+ rm -f mpi.lib
+ rm -f $(TOOLS)
+
+dist: Makefile $(HDRS) $(SRCS) $(DOCS)
+ tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
+ pgps -ab mpi-$(VERS).tar
+ chmod +r mpi-$(VERS).tar.asc
+ gzip -9 mpi-$(VERS).tar
+
+
+print:
+ @echo LIBOBJS = $(LIBOBJS)
+# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.win b/security/nss/lib/freebl/mpi/Makefile.win
new file mode 100644
index 000000000..cd41dfab8
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/Makefile.win
@@ -0,0 +1,254 @@
+#
+# Makefile.win - gmake Makefile for building MPI with MSVC on NT
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+## Define CC to be the C compiler you wish to use. The GNU cc
+## compiler (gcc) should work, at the very least
+#CC=cc
+#CC=gcc
+CC=cl.exe
+ifeq ($(CPU_ARCH),x86_64)
+AS=ml64.exe
+else
+AS=ml.exe
+endif
+
+##
+## Define PERL to point to your local Perl interpreter. It
+## should be Perl 5.x, although it's conceivable that Perl 4
+## might work ... I haven't tested it.
+##
+#PERL=/usr/bin/perl
+#PERL=perl
+
+##
+## Define CFLAGS to contain any local options your compiler
+## setup requires.
+##
+## Conditional compilation options are no longer here; see
+## the file 'mpi-config.h' instead.
+##
+MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
+
+ifeq ($(CPU_ARCH),x86_64)
+AS_SRCS = mpi_x86_64.asm
+CFLAGS = -O2 -Z7 -MD -W3 -nologo -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ -DWIN32 -D_WIN64 -D_AMD64_ -D_M_AMD64 -D_WINDOWS -DWIN95 $(MPICMN)
+ASFLAGS = -Cp -Sn -Zi -I.
+else
+#NT
+AS_SRCS = mpi_x86.asm
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
+#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
+ -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+CFLAGS = -O2 -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
+ -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
+ASFLAGS = -Cp -Sn -Zi -coff -I.
+endif
+
+##
+## Define LIBS to include any libraries you need to link against.
+## If NO_TABLE is define, LIBS should include '-lm' or whatever is
+## necessary to bring in the math library. Otherwise, it can be
+## left alone, unless your system has other peculiar requirements.
+##
+LIBS=#-lmalloc#-lefence#-lm
+
+##
+## Define RANLIB to be the library header randomizer; you might not
+## need this on some systems (just set it to 'echo' on these systems,
+## such as IRIX)
+##
+RANLIB=echo
+
+##
+## This is the version string used for the documentation and
+## building the distribution tarball. Don't mess with it unless
+## you are releasing a new version
+VERS=1.7p6
+
+## ----------------------------------------------------------------------
+## You probably don't need to change anything below this line...
+##
+
+##
+## This is the list of source files that need to be packed into
+## the distribution file
+SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
+ utils/gcd.c utils/invmod.c utils/lap.c \
+ utils/ptab.pl utils/sieve.c utils/isprime.c\
+ utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
+ utils/bbsrand.c utils/prng.c utils/primegen.c \
+ utils/basecvt.c utils/makeprime.c\
+ utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
+ utils/mpi.h utils/mpprime.h mulsqr.c \
+ make-test-arrays test-arrays.txt all-tests make-logtab \
+ types.pl stats timetest multest
+
+## These are the header files that go into the distribution file
+HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
+ utils/bbs_rand.h tests/mpi.h tests/mpprime.h
+
+## These are the documentation files that go into the distribution file
+DOCS=README doc utils/README utils/PRIMES
+
+## This is the list of tools built by 'make tools'
+TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
+ primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
+
+AS_OBJS = $(AS_SRCS:.asm=.obj)
+LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
+LIBHDRS = mpi-config.h mpi-priv.h mpi.h
+APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
+
+
+help:
+ @ echo ""
+ @ echo "The following targets can be built with this Makefile:"
+ @ echo ""
+ @ echo "mpi.lib - arithmetic and prime testing library"
+ @ echo "mpi-test - test driver (requires MP_IOFUNC)"
+ @ echo "tools - command line tools"
+ @ echo "doc - manual pages for tools"
+ @ echo "clean - clean up objects and such"
+ @ echo "distclean - get ready for distribution"
+ @ echo "dist - distribution tarball"
+ @ echo ""
+
+.SUFFIXES: .c .obj .i .lib .exe .asm
+
+.c.i:
+ $(CC) $(CFLAGS) -E $< > $@
+
+.c.obj:
+ $(CC) $(CFLAGS) -c $<
+
+.asm.obj:
+ $(AS) $(ASFLAGS) -c $<
+
+.obj.exe:
+ $(CC) $(CFLAGS) -Fo$@ $<
+
+#---------------------------------------
+
+$(LIBOBJS): $(LIBHDRS)
+
+logtab.h: make-logtab
+ $(PERL) make-logtab > logtab.h
+
+mpi.obj: mpi.c logtab.h $(LIBHDRS)
+
+mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
+
+mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
+
+mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
+
+mpi_mips.obj: mpi_mips.s
+ $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
+
+mpi.lib: $(LIBOBJS)
+ ar -cvr mpi.lib $(LIBOBJS)
+ $(RANLIB) mpi.lib
+
+lib libs: mpi.lib
+
+#---------------------------------------
+
+MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
+ mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
+MPTESTS = $(MPTESTOBJS:.obj=.exe)
+
+$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -Fo$@ -c $<
+
+$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
+ mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
+
+utests: mptest7.exe mptest8.exe mptest9.exe
+
+#---------------------------------------
+
+EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
+UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
+ exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
+ isprime.obj dec2hex.obj hex2dec.obj
+UTILS = $(UTILOBJS:.obj=.exe)
+
+$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -Fo$@ -c $<
+
+prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+utils: $(UTILS) prng.exe bbsrand.exe
+
+#---------------------------------------
+
+test-info.c: test-arrays.txt
+ $(PERL) make-test-arrays test-arrays.txt > test-info.c
+
+mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
+ $(CC) $(CFLAGS) -Fo$@ -c $<
+
+mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
+
+mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
+ $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c
+
+mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
+ $(CC) $(CFLAGS) -Fo$@ $^
+
+#---------------------------------------
+
+alltests: tests utests mpi-test.exe
+
+tools: $(TOOLS)
+
+doc:
+ (cd doc; ./build)
+
+clean:
+ rm -f *.obj *.lib *.pdb *.ilk
+ cd utils; rm -f *.obj *.lib *.pdb *.ilk
+
+distclean: clean
+ rm -f mptest? mpi-test metime mulsqr karatsuba
+ rm -f mptest?a mptest?b
+ rm -f utils/mptest?
+ rm -f test-info.c logtab.h
+ rm -f mpi.lib
+ rm -f $(TOOLS)
+
+dist: Makefile $(HDRS) $(SRCS) $(DOCS)
+ tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
+ pgps -ab mpi-$(VERS).tar
+ chmod +r mpi-$(VERS).tar.asc
+ gzip -9 mpi-$(VERS).tar
+
+
+print:
+ @echo LIBOBJS = $(LIBOBJS)
+# END
diff --git a/security/nss/lib/freebl/mpi/README b/security/nss/lib/freebl/mpi/README
new file mode 100644
index 000000000..475549bad
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/README
@@ -0,0 +1,749 @@
+This Source Code Form is subject to the terms of the Mozilla Public
+License, v. 2.0. If a copy of the MPL was not distributed with this
+file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+About the MPI Library
+---------------------
+
+The files 'mpi.h' and 'mpi.c' define a simple, arbitrary precision
+signed integer arithmetic package. The implementation is not the most
+efficient possible, but the code is small and should be fairly easily
+portable to just about any machine that supports an ANSI C compiler,
+as long as it is capable of at least 16-bit arithmetic (but also see
+below for more on this).
+
+This library was written with an eye to cryptographic applications;
+thus, some care is taken to make sure that temporary values are not
+left lying around in memory when they are no longer in use. This adds
+some overhead for zeroing buffers before they are released back into
+the free pool; however, it gives you the assurance that there is only
+one copy of your important values residing in your process's address
+space at a time. Obviously, it is difficult to guarantee anything, in
+a pre-emptive multitasking environment, but this at least helps you
+keep a lid on the more obvious ways your data can get spread around in
+memory.
+
+
+Using the Library
+-----------------
+
+To use the MPI library in your program, you must include the header:
+
+#include "mpi.h"
+
+This header provides all the type and function declarations you'll
+need to use the library. Almost all the names defined by the library
+begin with the prefix 'mp_', so it should be easy to keep them from
+clashing with your program's namespace (he says, glibly, knowing full
+well there are always pathological cases).
+
+There are a few things you may want to configure about the library.
+By default, the MPI library uses an unsigned short for its digit type,
+and an unsigned int for its word type. The word type must be big
+enough to contain at least two digits, for the primitive arithmetic to
+work out. On my machine, a short is 2 bytes and an int is 4 bytes --
+but if you have 64-bit ints, you might want to use a 4-byte digit and
+an 8-byte word. I have tested the library using 1-byte digits and
+2-byte words, as well. Whatever you choose to do, the things you need
+to change are:
+
+(1) The type definitions for mp_digit and mp_word.
+
+(2) The macro DIGIT_FMT which tells mp_print() how to display a
+ single digit. This is just a printf() format string, so you
+ can adjust it appropriately.
+
+(3) The macros DIGIT_MAX and MP_WORD_MAX, which specify the
+ largest value expressible in an mp_digit and an mp_word,
+ respectively.
+
+Both the mp_digit and mp_word should be UNSIGNED integer types. The
+code relies on having the full positive precision of the type used for
+digits and words.
+
+The remaining type definitions should be left alone, for the most
+part. The code in the library does not make any significant
+assumptions about the sizes of things, but there is little if any
+reason to change the other parameters, so I would recommend you leave
+them as you found them.
+
+The library comes with a Perl script, 'types.pl', which will scan your
+current Makefile settings, and attempt to find good definitions for
+these types. It relies on a Unix sort of build environment, so it
+probably won't work under MacOS or Windows, but it can be convenient
+if you're porting to a new flavour of Unix. Just run 'types.pl' at
+the command line, and it will spit out its results to the standard
+output.
+
+
+Conventions
+-----------
+
+Most functions in the library return a value of type mp_err. This
+permits the library to communicate success or various kinds of failure
+to the calling program. The return values currently defined are:
+
+ MP_OKAY - okay, operation succeeded, all's well
+ MP_YES - okay, the answer is yes (same as MP_OKAY)
+ MP_NO - okay, but answer is no (not MP_OKAY)
+ MP_MEM - operation ran out of memory
+ MP_RANGE - input parameter was out of range
+ MP_BADARG - an invalid input parameter was provided
+ MP_UNDEF - no output value is defined for this input
+
+The only function which currently uses MP_UNDEF is mp_invmod().
+Division by zero is undefined, but the division functions will return
+MP_RANGE for a zero divisor. MP_BADARG usually means you passed a
+bogus mp_int structure to the function. MP_YES and MP_NO are not used
+by the library itself; they're defined so you can use them in your own
+extensions.
+
+If you need a readable interpretation of these error codes in your
+program, you may also use the mp_strerror() function. This function
+takes an mp_err as input, and returns a pointer to a human-readable
+string describing the meaning of the error. These strings are stored
+as constants within the library, so the caller should not attempt to
+modify or free the memory associated with these strings.
+
+The library represents values in signed-magnitude format. Values
+strictly less than zero are negative, all others are considered
+positive (zero is positive by fiat). You can access the 'sign' member
+of the mp_int structure directly, but better is to use the mp_cmp_z()
+function, to find out which side of zero the value lies on.
+
+Most arithmetic functions have a single-digit variant, as well as the
+full arbitrary-precision. An mp_digit is an unsigned value between 0
+and DIGIT_MAX inclusive. The radix is available as RADIX. The number
+of bits in a given digit is given as DIGIT_BIT.
+
+Generally, input parameters are given before output parameters.
+Unless otherwise specified, any input parameter can be re-used as an
+output parameter, without confusing anything.
+
+The basic numeric type defined by the library is an mp_int. Virtually
+all the functions in the library take a pointer to an mp_int as one of
+their parameters. An explanation of how to create and use these
+structures follows. And so, without further ado...
+
+
+Initialization and Cleanup
+--------------------------
+
+The basic numeric type defined by the library is an 'mp_int'.
+However, it is not sufficient to simply declare a variable of type
+mp_int in your program. These variables also need to be initialized
+before they can be used, to allocate the internal storage they require
+for computation.
+
+This is done using one of the following functions:
+
+ mp_init(mp_int *mp);
+ mp_init_copy(mp_int *mp, mp_int *from);
+ mp_init_size(mp_int *mp, mp_size p);
+
+Each of these requires a pointer to a structure of type mp_int. The
+basic mp_init() simply initializes the mp_int to a default size, and
+sets its value to zero. If you would like to initialize a copy of an
+existing mp_int, use mp_init_copy(), where the 'from' parameter is the
+mp_int you'd like to make a copy of. The third function,
+mp_init_size(), permits you to specify how many digits of precision
+should be preallocated for your mp_int. This can help the library
+avoid unnecessary re-allocations later on.
+
+The default precision used by mp_init() can be retrieved using:
+
+ precision = mp_get_prec();
+
+This returns the number of digits that will be allocated. You can
+change this value by using:
+
+ mp_set_prec(unsigned int prec);
+
+Any positive value is acceptable -- if you pass zero, the default
+precision will be re-set to the compiled-in library default (this is
+specified in the header file 'mpi-config.h', and typically defaults to
+8 or 16).
+
+Just as you must allocate an mp_int before you can use it, you must
+clean up the structure when you are done with it. This is performed
+using the mp_clear() function. Remember that any mp_int that you
+create as a local variable in a function must be mp_clear()'d before
+that function exits, or else the memory allocated to that mp_int will
+be orphaned and unrecoverable.
+
+To set an mp_int to a given value, the following functions are given:
+
+ mp_set(mp_int *mp, mp_digit d);
+ mp_set_int(mp_int *mp, long z);
+
+The mp_set() function sets the mp_int to a single digit value, while
+mp_set_int() sets the mp_int to a signed long integer value.
+
+To set an mp_int to zero, use:
+
+ mp_zero(mp_int *mp);
+
+
+Copying and Moving
+------------------
+
+If you have two initialized mp_int's, and you want to copy the value
+of one into the other, use:
+
+ mp_copy(from, to)
+
+This takes care of clearing the old value of 'to', and copies the new
+value into it. If 'to' is not yet initialized, use mp_init_copy()
+instead (see above).
+
+Note: The library tries, whenever possible, to avoid allocating
+---- new memory. Thus, mp_copy() tries first to satisfy the needs
+ of the copy by re-using the memory already allocated to 'to'.
+ Only if this proves insufficient will mp_copy() actually
+ allocate new memory.
+
+ For this reason, if you know a priori that 'to' has enough
+ available space to hold 'from', you don't need to check the
+ return value of mp_copy() for memory failure. The USED()
+ macro tells you how many digits are used by an mp_int, and
+ the ALLOC() macro tells you how many are allocated.
+
+If you have two initialized mp_int's, and you want to exchange their
+values, use:
+
+ mp_exch(a, b)
+
+This is better than using mp_copy() with a temporary, since it will
+not (ever) touch the memory allocator -- it just swaps the exact
+contents of the two structures. The mp_exch() function cannot fail;
+if you pass it an invalid structure, it just ignores it, and does
+nothing.
+
+
+Basic Arithmetic
+----------------
+
+Once you have initialized your integers, you can operate on them. The
+basic arithmetic functions on full mp_int values are:
+
+mp_add(a, b, c) - computes c = a + b
+mp_sub(a, b, c) - computes c = a - b
+mp_mul(a, b, c) - computes c = a * b
+mp_sqr(a, b) - computes b = a * a
+mp_div(a, b, q, r) - computes q, r such that a = bq + r
+mp_div_2d(a, d, q, r) - computes q = a / 2^d, r = a % 2^d
+mp_expt(a, b, c) - computes c = a ** b
+mp_2expt(a, k) - computes a = 2^k
+
+The mp_div_2d() function efficiently computes division by powers of
+two. Either the q or r parameter may be NULL, in which case that
+portion of the computation will be discarded.
+
+The algorithms used for some of the computations here are described in
+the following files which are included with this distribution:
+
+mul.txt Describes the multiplication algorithm
+div.txt Describes the division algorithm
+expt.txt Describes the exponentiation algorithm
+sqrt.txt Describes the square-root algorithm
+square.txt Describes the squaring algorithm
+
+There are single-digit versions of most of these routines, as well.
+In the following prototypes, 'd' is a single mp_digit:
+
+mp_add_d(a, d, c) - computes c = a + d
+mp_sub_d(a, d, c) - computes c = a - d
+mp_mul_d(a, d, c) - computes c = a * d
+mp_mul_2(a, c) - computes c = a * 2
+mp_div_d(a, d, q, r) - computes q, r such that a = bq + r
+mp_div_2(a, c) - computes c = a / 2
+mp_expt_d(a, d, c) - computes c = a ** d
+
+The mp_mul_2() and mp_div_2() functions take advantage of the internal
+representation of an mp_int to do multiplication by two more quickly
+than mp_mul_d() would. Other basic functions of an arithmetic variety
+include:
+
+mp_zero(a) - assign 0 to a
+mp_neg(a, c) - negate a: c = -a
+mp_abs(a, c) - absolute value: c = |a|
+
+
+Comparisons
+-----------
+
+Several comparison functions are provided. Each of these, unless
+otherwise specified, returns zero if the comparands are equal, < 0 if
+the first is less than the second, and > 0 if the first is greater
+than the second:
+
+mp_cmp_z(a) - compare a <=> 0
+mp_cmp_d(a, d) - compare a <=> d, d is a single digit
+mp_cmp(a, b) - compare a <=> b
+mp_cmp_mag(a, b) - compare |a| <=> |b|
+mp_isodd(a) - return nonzero if odd, zero otherwise
+mp_iseven(a) - return nonzero if even, zero otherwise
+
+
+Modular Arithmetic
+------------------
+
+Modular variations of the basic arithmetic functions are also
+supported. These are available if the MP_MODARITH parameter in
+mpi-config.h is turned on (it is by default). The modular arithmetic
+functions are:
+
+mp_mod(a, m, c) - compute c = a (mod m), 0 <= c < m
+mp_mod_d(a, d, c) - compute c = a (mod d), 0 <= c < d (see below)
+mp_addmod(a, b, m, c) - compute c = (a + b) mod m
+mp_submod(a, b, m, c) - compute c = (a - b) mod m
+mp_mulmod(a, b, m, c) - compute c = (a * b) mod m
+mp_sqrmod(a, m, c) - compute c = (a * a) mod m
+mp_exptmod(a, b, m, c) - compute c = (a ** b) mod m
+mp_exptmod_d(a, d, m, c)- compute c = (a ** d) mod m
+
+The mp_sqr() function squares its input argument. A call to mp_sqr(a,
+c) is identical in meaning to mp_mul(a, a, c); however, if the
+MP_SQUARE variable is set true in mpi-config.h (see below), then it
+will be implemented with a different algorithm, that is supposed to
+take advantage of the redundant computation that takes place during
+squaring. Unfortunately, some compilers result in worse performance
+on this code, so you can change the behaviour at will. There is a
+utility program "mulsqr.c" that lets you test which does better on
+your system.
+
+The mp_sqrmod() function is analogous to the mp_sqr() function; it
+uses the mp_sqr() function rather than mp_mul(), and then performs the
+modular reduction. This probably won't help much unless you are doing
+a lot of them.
+
+See the file 'square.txt' for a synopsis of the algorithm used.
+
+Note: The mp_mod_d() function computes a modular reduction around
+---- a single digit d. The result is a single digit c.
+
+Because an inverse is defined for a (mod m) if and only if (a, m) = 1
+(that is, if a and m are relatively prime), mp_invmod() may not be
+able to compute an inverse for the arguments. In this case, it
+returns the value MP_UNDEF, and does not modify c. If an inverse is
+defined, however, it returns MP_OKAY, and sets c to the value of the
+inverse (mod m).
+
+See the file 'redux.txt' for a description of the modular reduction
+algorithm used by mp_exptmod().
+
+
+Greatest Common Divisor
+-----------------------
+
+If The greates common divisor of two values can be found using one of the
+following functions:
+
+mp_gcd(a, b, c) - compute c = (a, b) using binary algorithm
+mp_lcm(a, b, c) - compute c = [a, b] = ab / (a, b)
+mp_xgcd(a, b, g, x, y) - compute g, x, y so that ax + by = g = (a, b)
+
+Also provided is a function to compute modular inverses, if they
+exist:
+
+mp_invmod(a, m, c) - compute c = a^-1 (mod m), if it exists
+
+The function mp_xgcd() computes the greatest common divisor, and also
+returns values of x and y satisfying Bezout's identity. This is used
+by mp_invmod() to find modular inverses. However, if you do not need
+these values, you will find that mp_gcd() is MUCH more efficient,
+since it doesn't need all the intermediate values that mp_xgcd()
+requires in order to compute x and y.
+
+The mp_gcd() (and mp_xgcd()) functions use the binary (extended) GCD
+algorithm due to Josef Stein.
+
+
+Input & Output Functions
+------------------------
+
+The following basic I/O routines are provided. These are present at
+all times:
+
+mp_read_radix(mp, str, r) - convert a string in radix r to an mp_int
+mp_read_raw(mp, s, len) - convert a string of bytes to an mp_int
+mp_radix_size(mp, r) - return length of buffer needed by mp_toradix()
+mp_raw_size(mp) - return length of buffer needed by mp_toraw()
+mp_toradix(mp, str, r) - convert an mp_int to a string of radix r
+ digits
+mp_toraw(mp, str) - convert an mp_int to a string of bytes
+mp_tovalue(ch, r) - convert ch to its value when taken as
+ a radix r digit, or -1 if invalid
+mp_strerror(err) - get a string describing mp_err value 'err'
+
+If you compile the MPI library with MP_IOFUNC defined, you will also
+have access to the following additional I/O function:
+
+mp_print(mp, ofp) - print an mp_int as text to output stream ofp
+
+Note that mp_radix_size() returns a size in bytes guaranteed to be AT
+LEAST big enough for the digits output by mp_toradix(). Because it
+uses an approximation technique to figure out how many digits will be
+needed, it may return a figure which is larger than necessary. Thus,
+the caller should not rely on the value to determine how many bytes
+will actually be written by mp_toradix(). The string mp_toradix()
+creates will be NUL terminated, so the standard C library function
+strlen() should be able to ascertain this for you, if you need it.
+
+The mp_read_radix() and mp_toradix() functions support bases from 2 to
+64 inclusive. If you require more general radix conversion facilities
+than this, you will need to write them yourself (that's why mp_div_d()
+is provided, after all).
+
+Note: mp_read_radix() will accept as digits either capital or
+---- lower-case letters. However, the current implementation of
+ mp_toradix() only outputs upper-case letters, when writing
+ bases betwee 10 and 36. The underlying code supports using
+ lower-case letters, but the interface stub does not have a
+ selector for it. You can add one yourself if you think it
+ is worthwhile -- I do not. Bases from 36 to 64 use lower-
+ case letters as distinct from upper-case. Bases 63 and
+ 64 use the characters '+' and '/' as digits.
+
+ Note also that compiling with MP_IOFUNC defined will cause
+ inclusion of <stdio.h>, so if you are trying to write code
+ which does not depend on the standard C library, you will
+ probably want to avoid this option. This is needed because
+ the mp_print() function takes a standard library FILE * as
+ one of its parameters, and uses the fprintf() function.
+
+The mp_toraw() function converts the integer to a sequence of bytes,
+in big-endian ordering (most-significant byte first). Assuming your
+bytes are 8 bits wide, this corresponds to base 256. The sign is
+encoded as a single leading byte, whose value is 0 for zero or
+positive values, or 1 for negative values. The mp_read_raw() function
+reverses this process -- it takes a buffer of bytes, interprets the
+first as a sign indicator (0 = zero/positive, nonzero = negative), and
+the rest as a sequence of 1-byte digits in big-endian ordering.
+
+The mp_raw_size() function returns the exact number of bytes required
+to store the given integer in "raw" format (as described in the
+previous paragraph). Zero is returned in case of error; a valid
+integer will require at least three bytes of storage.
+
+In previous versions of the MPI library, an "external representation
+format" was supported. This was removed, however, because I found I
+was never using it, it was not as portable as I would have liked, and
+I decided it was a waste of space.
+
+
+Other Functions
+---------------
+
+The files 'mpprime.h' and 'mpprime.c' define some routines which are
+useful for divisibility testing and probabilistic primality testing.
+The routines defined are:
+
+mpp_divis(a, b) - is a divisible by b?
+mpp_divis_d(a, d) - is a divisible by digit d?
+mpp_random(a) - set a to random value at current precision
+mpp_random_size(a, prec) - set a to random value at given precision
+
+Note: The mpp_random() and mpp_random_size() functions use the C
+---- library's rand() function to generate random values. It is
+ up to the caller to seed this generator before it is called.
+ These functions are not suitable for generating quantities
+ requiring cryptographic-quality randomness; they are intended
+ primarily for use in primality testing.
+
+ Note too that the MPI library does not call srand(), so your
+ application should do this, if you ever want the sequence
+ to change.
+
+mpp_divis_vector(a, v, s, w) - is a divisible by any of the s digits
+ in v? If so, let w be the index of
+ that digit
+
+mpp_divis_primes(a, np) - is a divisible by any of the first np
+ primes? If so, set np to the prime
+ which divided a.
+
+mpp_fermat(a, d) - test if w^a = w (mod a). If so,
+ returns MP_YES, otherwise MP_NO.
+
+mpp_pprime(a, nt) - perform nt iterations of the Rabin-
+ Miller probabilistic primality test
+ on a. Returns MP_YES if all tests
+ passed, or MP_NO if any test fails.
+
+The mpp_fermat() function works based on Fermat's little theorem, a
+consequence of which is that if p is a prime, and (w, p) = 1, then:
+
+ w^p = w (mod p)
+
+Put another way, if w^p != w (mod p), then p is not prime. The test
+is expensive to compute, but it helps to quickly eliminate an enormous
+class of composite numbers prior to Rabin-Miller testing.
+
+Building the Library
+--------------------
+
+The MPI library is designed to be as self-contained as possible. You
+should be able to compile it with your favourite ANSI C compiler, and
+link it into your program directly. If you are on a Unix system using
+the GNU C compiler (gcc), the following should work:
+
+% gcc -ansi -pedantic -Wall -O2 -c mpi.c
+
+The file 'mpi-config.h' defines several configurable parameters for
+the library, which you can adjust to suit your application. At the
+time of this writing, the available options are:
+
+MP_IOFUNC - Define true to include the mp_print() function,
+ which is moderately useful for debugging. This
+ implicitly includes <stdio.h>.
+
+MP_MODARITH - Define true to include the modular arithmetic
+ functions. If you don't need modular arithmetic
+ in your application, you can set this to zero to
+ leave out all the modular routines.
+
+MP_NUMTH - Define true to include number theoretic functions
+ such as mp_gcd(), mp_lcm(), and mp_invmod().
+
+MP_LOGTAB - If true, the file "logtab.h" is included, which
+ is basically a static table of base 2 logarithms.
+ These are used to compute how big the buffers for
+ radix conversion need to be. If you set this false,
+ the library includes <math.h> and uses log(). This
+ typically forces you to link against math libraries.
+
+MP_MEMSET - If true, use memset() to zero buffers. If you run
+ into weird alignment related bugs, set this to zero
+ and an explicit loop will be used.
+
+MP_MEMCPY - If true, use memcpy() to copy buffers. If you run
+ into weird alignment bugs, set this to zero and an
+ explicit loop will be used.
+
+MP_ARGCHK - Set to 0, 1, or 2. This defines how the argument
+ checking macro, ARGCHK(), gets expanded. If this
+ is set to zero, ARGCHK() expands to nothing; no
+ argument checks are performed. If this is 1, the
+ ARGCHK() macro expands to code that returns MP_BADARG
+ or similar at runtime. If it is 2, ARGCHK() expands
+ to an assert() call that aborts the program on a
+ bad input.
+
+MP_DEBUG - Turns on debugging output. This is probably not at
+ all useful unless you are debugging the library. It
+ tends to spit out a LOT of output.
+
+MP_DEFPREC - The default precision of a newly-created mp_int, in
+ digits. The precision can be changed at runtime by
+ the mp_set_prec() function, but this is its initial
+ value.
+
+MP_SQUARE - If this is set to a nonzero value, the mp_sqr()
+ function will use an alternate algorithm that takes
+ advantage of the redundant inner product computation
+ when both multiplicands are identical. Unfortunately,
+ with some compilers this is actually SLOWER than just
+ calling mp_mul() with the same argument twice. So
+ if you set MP_SQUARE to zero, mp_sqr() will be expan-
+ ded into a call to mp_mul(). This applies to all
+ the uses of mp_sqr(), including mp_sqrmod() and the
+ internal calls to s_mp_sqr() inside mpi.c
+
+ The program 'mulsqr' (mulsqr.c) can be used to test
+ which works best for your configuration. Set up the
+ CC and CFLAGS variables in the Makefile, then type:
+
+ make mulsqr
+
+ Invoke it with arguments similar to the following:
+
+ mulsqr 25000 1024
+
+ That is, 25000 products computed on 1024-bit values.
+ The output will compare the two timings, and recommend
+ a setting for MP_SQUARE. It is off by default.
+
+If you would like to use the mp_print() function (see above), be sure
+to define MP_IOFUNC in mpi-config.h. Many of the test drivers in the
+'tests' subdirectory expect this to be defined (although the test
+driver 'mpi-test' doesn't need it)
+
+The Makefile which comes with the library should take care of building
+the library for you, if you have set the CC and CFLAGS variables at
+the top of the file appropriately. By default, they are set up to
+use the GNU C compiler:
+
+CC=gcc
+CFLAGS=-ansi -pedantic -Wall -O2
+
+If all goes well, the library should compile without warnings using
+this combination. You should, of course, make whatever adjustments
+you find necessary.
+
+The MPI library distribution comes with several additional programs
+which are intended to demonstrate the use of the library, and provide
+a framework for testing it. There are a handful of test driver
+programs, in the files named 'mptest-X.c', where X is a digit. Also,
+there are some simple command-line utilities (in the 'utils'
+directory) for manipulating large numbers. These include:
+
+basecvt.c A radix-conversion program, supporting bases from
+ 2 to 64 inclusive.
+
+bbsrand.c A BBS (quadratic residue) pseudo-random number
+ generator. The file 'bbsrand.c' is just the driver
+ for the program; the real code lives in the files
+ 'bbs_rand.h' and 'bbs_rand.c'
+
+dec2hex.c Converts decimal to hexadecimal
+
+gcd.c Computes the greatest common divisor of two values.
+ If invoked as 'xgcd', also computes constants x and
+ y such that (a, b) = ax + by, in accordance with
+ Bezout's identity.
+
+hex2dec.c Converts hexadecimal to decimal
+
+invmod.c Computes modular inverses
+
+isprime.c Performs the Rabin-Miller probabilistic primality
+ test on a number. Values which fail this test are
+ definitely composite, and those which pass are very
+ likely to be prime (although there are no guarantees)
+
+lap.c Computes the order (least annihilating power) of
+ a value v modulo m. Very dumb algorithm.
+
+primegen.c Generates large (probable) primes.
+
+prng.c A pseudo-random number generator based on the
+ BBS generator code in 'bbs_rand.c'
+
+sieve.c Implements the Sieve of Eratosthenes, using a big
+ bitmap, to generate a list of prime numbers.
+
+fact.c Computes the factorial of an arbitrary precision
+ integer (iterative).
+
+exptmod.c Computes arbitrary precision modular exponentiation
+ from the command line (exptmod a b m -> a^b (mod m))
+
+Most of these can be built from the Makefile that comes with the
+library. Try 'make tools', if your environment supports it.
+
+
+Testing the Library
+-------------------
+
+Automatic test vectors are included, in the form of a program called
+'mpi-test'. To build this program and run all the tests, simply
+invoke the shell script 'all-tests'. If all the tests pass, you
+should see a message:
+
+ All tests passed
+
+If something went wrong, you'll get:
+
+ One or more tests failed.
+
+If this happens, scan back through the preceding lines, to see which
+test failed. Any failure indicates a bug in the library, which needs
+to be fixed before it will give accurate results. If you get any such
+thing, please let me know, and I'll try to fix it. Please let me know
+what platform and compiler you were using, as well as which test
+failed. If a reason for failure was given, please send me that text
+as well.
+
+If you're on a system where the standard Unix build tools don't work,
+you can build the 'mpi-test' program manually, and run it by hand.
+This is tedious and obnoxious, sorry.
+
+Further manual testing can be performed by building the manual testing
+programs, whose source is found in the 'tests' subdirectory. Each
+test is in a source file called 'mptest-X.c'. The Makefile contains a
+target to build all of them at once:
+
+ make tests
+
+Read the comments at the top of each source file to see what the
+driver is supposed to test. You probably don't need to do this; these
+programs were only written to help me as I was developing the library.
+
+The relevant files are:
+
+mpi-test.c The source for the test driver
+
+make-test-arrays A Perl script to generate some of the internal
+ data structures used by mpi-test.c
+
+test-arrays.txt The source file for make-test-arrays
+
+all-tests A Bourne shell script which runs all the
+ tests in the mpi-test suite
+
+Running 'make mpi-test' should build the mpi-test program. If you
+cannot use make, here is what needs to be done:
+
+(1) Use 'make-test-arrays' to generate the file 'test-info.c' from
+ the 'test-arrays.txt' file. Since Perl can be found everywhere,
+ this should be no trouble. Under Unix, this looks like:
+
+ make-test-arrays test-arrays.txt > test-info.c
+
+(2) Build the MPI library:
+
+ gcc -ansi -pedantic -Wall -c mpi.c
+
+(3) Build the mpi-test program:
+
+ gcc -ansi -pedantic -Wall -o mpi-test mpi.o mpi-test.c
+
+When you've got mpi-test, you can use 'all-tests' to run all the tests
+made available by mpi-test. If any of them fail, there should be a
+diagnostic indicating what went wrong. These are fairly high-level
+diagnostics, and won't really help you debug the problem; they're
+simply intended to help you isolate which function caused the problem.
+If you encounter a problem of this sort, feel free to e-mail me, and I
+will certainly attempt to help you debug it.
+
+Note: Several of the tests hard-wired into 'mpi-test' operate under
+---- the assumption that you are using at least a 16-bit mp_digit
+ type. If that is not true, several tests might fail, because
+ of range problems with the maximum digit value.
+
+ If you are using an 8-bit digit, you will also need to
+ modify the code for mp_read_raw(), which assumes that
+ multiplication by 256 can be done with mp_mul_d(), a
+ fact that fails when DIGIT_MAX is 255. You can replace
+ the call with s_mp_lshd(), which will give you the same
+ effect, and without doing as much work. :)
+
+Acknowledgements:
+----------------
+
+The algorithms used in this library were drawn primarily from Volume
+2 of Donald Knuth's magnum opus, _The Art of Computer Programming_,
+"Semi-Numerical Methods". Barrett's algorithm for modular reduction
+came from Menezes, Oorschot, and Vanstone's _Handbook of Applied
+Cryptography_, Chapter 14.
+
+Thanks are due to Tom St. Denis, for finding an obnoxious sign-related
+bug in mp_read_raw() that made things break on platforms which use
+signed chars.
+
+About the Author
+----------------
+
+This software was written by Michael J. Fromberger. You can contact
+the author as follows:
+
+E-mail: <sting@linguist.dartmouth.edu>
+
+Postal: 8000 Cummings Hall, Thayer School of Engineering
+ Dartmouth College, Hanover, New Hampshire, USA
+
+PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html
+ 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907
+
+Last updated: 16-Jan-2000
diff --git a/security/nss/lib/freebl/mpi/all-tests b/security/nss/lib/freebl/mpi/all-tests
new file mode 100755
index 000000000..3429a15c0
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/all-tests
@@ -0,0 +1,83 @@
+#!/bin/sh
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ECHO=/bin/echo
+MAKE=gmake
+
+$ECHO "\n** Running unit tests for MPI library\n"
+
+# Build the mpi-test program, which comprises all the unit tests for
+# the MPI library...
+
+$ECHO "Bringing mpi-test up to date ... "
+if $MAKE mpi-test ; then
+ :
+else
+ $ECHO " "
+ $ECHO "Make failed to build mpi-test."
+ $ECHO " "
+ exit 1
+fi
+
+if [ ! -x mpi-test ] ; then
+ $ECHO " "
+ $ECHO "Cannot find 'mpi-test' program, testing cannot continue."
+ $ECHO " "
+ exit 1
+fi
+
+# Get the list of available test suites...
+tests=`./mpi-test list | awk '{print $1}'`
+errs=0
+
+# Run each test suite and check the result code of mpi-test
+for test in $tests ; do
+ $ECHO "$test ... \c"
+ if ./mpi-test $test ; then
+ $ECHO "passed"
+ else
+ $ECHO "FAILED"
+ errs=1
+ fi
+done
+
+# If any tests failed, we'll stop at this point
+if [ "$errs" = "0" ] ; then
+ $ECHO "All unit tests passed"
+else
+ $ECHO "One or more tests failed"
+ exit 1
+fi
+
+# Now try to build the 'pi' program, and see if it can compute the
+# first thousand digits of pi correctly
+$ECHO "\n** Running other tests\n"
+
+$ECHO "Bringing 'pi' up to date ... "
+if $MAKE pi ; then
+ :
+else
+ $ECHO "\nMake failed to build pi.\n"
+ exit 1
+fi
+
+if [ ! -x pi ] ; then
+ $ECHO "\nCannot find 'pi' program; testing cannot continue.\n"
+ exit 1
+fi
+
+./pi 2000 > /tmp/pi.tmp.$$
+if cmp tests/pi2k.txt /tmp/pi.tmp.$$ ; then
+ $ECHO "Okay! The pi test passes."
+else
+ $ECHO "Oops! The pi test failed. :("
+ exit 1
+fi
+
+rm -f /tmp/pi.tmp.$$
+
+exit 0
+
+# Here there be dragons
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE b/security/nss/lib/freebl/mpi/doc/LICENSE
new file mode 100644
index 000000000..35cca68ce
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/LICENSE
@@ -0,0 +1,11 @@
+Within this directory, each of the file listed below is licensed under
+the terms given in the file LICENSE-MPL, also in this directory.
+
+basecvt.pod
+gcd.pod
+invmod.pod
+isprime.pod
+lap.pod
+mpi-test.pod
+prime.txt
+prng.pod
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
new file mode 100644
index 000000000..41dc2327f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
@@ -0,0 +1,3 @@
+This Source Code Form is subject to the terms of the Mozilla Public
+License, v. 2.0. If a copy of the MPL was not distributed with this
+file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/basecvt.pod b/security/nss/lib/freebl/mpi/doc/basecvt.pod
new file mode 100644
index 000000000..c3d87fbc7
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/basecvt.pod
@@ -0,0 +1,65 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+=head1 NAME
+
+ basecvt - radix conversion for arbitrary precision integers
+
+=head1 SYNOPSIS
+
+ basecvt <ibase> <obase> [values]
+
+=head1 DESCRIPTION
+
+The B<basecvt> program is a command-line tool for converting integers
+of arbitrary precision from one radix to another. The current version
+supports radix values from 2 (binary) to 64, inclusive. The first two
+command line arguments specify the input and output radix, in base 10.
+Any further arguments are taken to be integers notated in the input
+radix, and these are converted to the output radix. The output is
+written, one integer per line, to standard output.
+
+When reading integers, only digits considered "valid" for the input
+radix are considered. Processing of an integer terminates when an
+invalid input digit is encountered. So, for example, if you set the
+input radix to 10 and enter '10ACF', B<basecvt> would assume that you
+had entered '10' and ignore the rest of the string.
+
+If no values are provided, no output is written, but the program
+simply terminates with a zero exit status. Error diagnostics are
+written to standard error in the event of out-of-range radix
+specifications. Regardless of the actual values of the input and
+output radix, the radix arguments are taken to be in base 10 (decimal)
+notation.
+
+=head1 DIGITS
+
+For radices from 2-10, standard ASCII decimal digits 0-9 are used for
+both input and output. For radices from 11-36, the ASCII letters A-Z
+are also included, following the convention used in hexadecimal. In
+this range, input is accepted in either upper or lower case, although
+on output only lower-case letters are used.
+
+For radices from 37-62, the output includes both upper- and lower-case
+ASCII letters, and case matters. In this range, case is distinguished
+both for input and for output values.
+
+For radices 63 and 64, the characters '+' (plus) and '/' (forward
+solidus) are also used. These are derived from the MIME base64
+encoding scheme. The overall encoding is not the same as base64,
+because the ASCII digits are used for the bottom of the range, and the
+letters are shifted upward; however, the output will consist of the
+same character set.
+
+This input and output behaviour is inherited from the MPI library used
+by B<basecvt>, and so is not configurable at runtime.
+
+=head1 SEE ALSO
+
+ dec2hex(1), hex2dec(1)
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Thayer School of Engineering, Hanover, New Hampshire, USA
diff --git a/security/nss/lib/freebl/mpi/doc/build b/security/nss/lib/freebl/mpi/doc/build
new file mode 100755
index 000000000..4d75b1e5a
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/build
@@ -0,0 +1,30 @@
+#!/bin/sh
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+VERS="1.7p6"
+SECT="1"
+NAME="MPI Tools"
+
+echo "Building manual pages ..."
+case $# in
+ 0)
+ files=`ls *.pod`
+ ;;
+ *)
+ files=$*
+ ;;
+esac
+
+for name in $files
+do
+ echo -n "$name ... "
+# sname=`noext $name`
+ sname=`basename $name .pod`
+ pod2man --section="$SECT" --center="$NAME" --release="$VERS" $name > $sname.$SECT
+ echo "(done)"
+done
+
+echo "Finished building."
+
diff --git a/security/nss/lib/freebl/mpi/doc/div.txt b/security/nss/lib/freebl/mpi/doc/div.txt
new file mode 100644
index 000000000..c13fb6ef1
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/div.txt
@@ -0,0 +1,64 @@
+Division
+
+This describes the division algorithm used by the MPI library.
+
+Input: a, b; a > b
+Compute: Q, R; a = Qb + R
+
+The input numbers are normalized so that the high-order digit of b is
+at least half the radix. This guarantees that we have a reasonable
+way to guess at the digits of the quotient (this method was taken from
+Knuth, vol. 2, with adaptations).
+
+To normalize, test the high-order digit of b. If it is less than half
+the radix, multiply both a and b by d, where:
+
+ radix - 1
+ d = -----------
+ bmax + 1
+
+...where bmax is the high-order digit of b. Otherwise, set d = 1.
+
+Given normalize values for a and b, let the notation a[n] denote the
+nth digit of a. Let #a be the number of significant figures of a (not
+including any leading zeroes).
+
+ Let R = 0
+ Let p = #a - 1
+
+ while(p >= 0)
+ do
+ R = (R * radix) + a[p]
+ p = p - 1
+ while(R < b and p >= 0)
+
+ if(R < b)
+ break
+
+ q = (R[#R - 1] * radix) + R[#R - 2]
+ q = q / b[#b - 1]
+
+ T = b * q
+
+ while(T > L)
+ q = q - 1
+ T = T - b
+ endwhile
+
+ L = L - T
+
+ Q = (Q * radix) + q
+
+ endwhile
+
+At this point, Q is the quotient, and R is the normalized remainder.
+To denormalize R, compute:
+
+ R = (R / d)
+
+At this point, you are finished.
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/expt.txt b/security/nss/lib/freebl/mpi/doc/expt.txt
new file mode 100644
index 000000000..bd9d6f196
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/expt.txt
@@ -0,0 +1,94 @@
+Exponentiation
+
+For exponentiation, the MPI library uses a simple and fairly standard
+square-and-multiply method. The algorithm is this:
+
+Input: a, b
+Output: a ** b
+
+ s = 1
+
+ while(b != 0)
+ if(b is odd)
+ s = s * a
+ endif
+
+ b = b / 2
+
+ x = x * x
+ endwhile
+
+ return s
+
+The modular exponentiation is done the same way, except replacing:
+
+ s = s * a
+
+with
+ s = (s * a) mod m
+
+and replacing
+
+ x = x * x
+
+with
+
+ x = (x * x) mod m
+
+Here is a sample exponentiation using the MPI library, as compared to
+the same problem solved by the Unix 'bc' program on my system:
+
+Computation of 2,381,283 ** 235
+
+'bc' says:
+
+4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
+4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
+6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
+4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
+6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
+FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
+CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
+5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
+CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
+49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
+5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
+A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
+D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
+92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
+A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
+AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
+E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
+1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
+CFFF2E1AC93F3CA264A1B
+
+MPI says:
+
+4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
+4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
+6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
+4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
+6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
+FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
+CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
+5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
+CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
+49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
+5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
+A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
+D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
+92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
+A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
+AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
+E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
+1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
+CFFF2E1AC93F3CA264A1B
+
+Diff says:
+% diff bc.txt mp.txt
+%
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/gcd.pod b/security/nss/lib/freebl/mpi/doc/gcd.pod
new file mode 100644
index 000000000..b5b8fa34f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/gcd.pod
@@ -0,0 +1,28 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+=head1 NAME
+
+ gcd - compute greatest common divisor of two integers
+
+=head1 SYNOPSIS
+
+ gcd <a> <b>
+
+=head1 DESCRIPTION
+
+The B<gcd> program computes the greatest common divisor of two
+arbitrary-precision integers I<a> and I<b>. The result is written in
+standard decimal notation to the standard output.
+
+If I<b> is zero, B<gcd> will print an error message and exit.
+
+=head1 SEE ALSO
+
+invmod(1), isprime(1), lap(1)
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Thayer School of Engineering, Hanover, New Hampshire, USA
diff --git a/security/nss/lib/freebl/mpi/doc/invmod.pod b/security/nss/lib/freebl/mpi/doc/invmod.pod
new file mode 100644
index 000000000..0194f4488
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/invmod.pod
@@ -0,0 +1,34 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+=head1 NAME
+
+ invmod - compute modular inverse of an integer
+
+=head1 SYNOPSIS
+
+ invmod <a> <m>
+
+=head1 DESCRIPTION
+
+The B<invmod> program computes the inverse of I<a>, modulo I<m>, if
+that inverse exists. Both I<a> and I<m> are arbitrary-precision
+integers in decimal notation. The result is written in standard
+decimal notation to the standard output.
+
+If there is no inverse, the message:
+
+ No inverse
+
+...will be printed to the standard output (an inverse exists if and
+only if the greatest common divisor of I<a> and I<m> is 1).
+
+=head1 SEE ALSO
+
+gcd(1), isprime(1), lap(1)
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Thayer School of Engineering, Hanover, New Hampshire, USA
diff --git a/security/nss/lib/freebl/mpi/doc/isprime.pod b/security/nss/lib/freebl/mpi/doc/isprime.pod
new file mode 100644
index 000000000..a8ec1f7ee
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/isprime.pod
@@ -0,0 +1,63 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+=head1 NAME
+
+ isprime - probabilistic primality testing
+
+=head1 SYNOPSIS
+
+ isprime <a>
+
+=head1 DESCRIPTION
+
+The B<isprime> program attempts to determine whether the arbitrary
+precision integer I<a> is prime. It first tests I<a> for divisibility
+by the first 170 or so small primes, and assuming I<a> is not
+divisible by any of these, applies 15 iterations of the Rabin-Miller
+probabilistic primality test.
+
+If the program discovers that the number is composite, it will print:
+
+ Not prime (reason)
+
+Where I<reason> is either:
+
+ divisible by small prime x
+
+Or:
+
+ failed nth pseudoprime test
+
+In the first case, I<x> indicates the first small prime factor that
+was found. In the second case, I<n> indicates which of the
+pseudoprime tests failed (numbered from 1)
+
+If this happens, the number is definitely not prime. However, if the
+number succeeds, this message results:
+
+ Probably prime, 1 in 4^15 chance of false positive
+
+If this happens, the number is prime with very high probability, but
+its primality has not been absolutely proven, only demonstrated to a
+very convincing degree.
+
+The value I<a> can be input in standard decimal notation, or, if it is
+prefixed with I<Ox>, it will be read as hexadecimal.
+
+=head1 ENVIRONMENT
+
+You can control how many iterations of Rabin-Miller are performed on
+the candidate number by setting the I<RM_TESTS> environment variable
+to an integer value before starting up B<isprime>. This will change
+the output slightly if the number passes all the tests.
+
+=head1 SEE ALSO
+
+gcd(1), invmod(1), lap(1)
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Thayer School of Engineering, Hanover, New Hampshire, USA
diff --git a/security/nss/lib/freebl/mpi/doc/lap.pod b/security/nss/lib/freebl/mpi/doc/lap.pod
new file mode 100644
index 000000000..47539fbbf
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/lap.pod
@@ -0,0 +1,36 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+=head1 NAME
+
+ lap - compute least annihilating power of a number
+
+=head1 SYNOPSIS
+
+ lap <a> <m>
+
+=head1 DESCRIPTION
+
+The B<lap> program computes the order of I<a> modulo I<m>, for
+arbitrary precision integers I<a> and I<m>. The B<order> of I<a>
+modulo I<m> is defined as the smallest positive value I<n> for which
+I<a> raised to the I<n>th power, modulo I<m>, is equal to 1. The
+order may not exist, if I<m> is composite.
+
+=head1 RESTRICTIONS
+
+This program is very slow, especially for large moduli. It is
+intended as a way to help find primitive elements in a modular field,
+but it does not do so in a particularly inefficient manner. It was
+written simply to help verify that a particular candidate does not
+have an obviously short cycle mod I<m>.
+
+=head1 SEE ALSO
+
+gcd(1), invmod(1), isprime(1)
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Thayer School of Engineering, Hanover, New Hampshire, USA
diff --git a/security/nss/lib/freebl/mpi/doc/mpi-test.pod b/security/nss/lib/freebl/mpi/doc/mpi-test.pod
new file mode 100644
index 000000000..b05f866e5
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/mpi-test.pod
@@ -0,0 +1,51 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+=head1 NAME
+
+ mpi-test - automated test program for MPI library
+
+=head1 SYNOPSIS
+
+ mpi-test <suite-name> [quiet]
+ mpi-test list
+ mpi-test help
+
+=head1 DESCRIPTION
+
+The B<mpi-test> program is a general unit test driver for the MPI
+library. It is used to verify that the library works as it is
+supposed to on your architecture. As with most such things, passing
+all the tests in B<mpi-test> does not guarantee the code is correct,
+but if any of them fail, there are certainly problems.
+
+Each major function of the library can be tested individually. For a
+list of the test suites understood by B<mpi-test>, run it with the
+I<list> command line option:
+
+ mpi-test list
+
+This will display a list of the available test suites and a brief
+synopsis of what each one does. For a brief overview of this
+document, run B<mpi-test> I<help>.
+
+B<mpi-test> exits with a zero status if the selected test succeeds, or
+a nonzero status if it fails. If a I<suite-name> which is not
+understood by B<mpi-test> is given, a diagnostic is printed to the
+standard error, and the program exits with a result code of 2. If a
+test fails, the result code will be 1, and a diagnostic is ordinarily
+printed to the standard error. However, if the I<quiet> option is
+provided, these diagnostics will be suppressed.
+
+=head1 RESTRICTIONS
+
+Only a few canned test cases are provided. The solutions have been
+verified using the GNU bc(1) program, so bugs there may cause problems
+here; however, this is very unlikely, so if a test fails, it is almost
+certainly my fault, not bc(1)'s.
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Thayer School of Engineering, Hanover, New Hampshire, USA
diff --git a/security/nss/lib/freebl/mpi/doc/mul.txt b/security/nss/lib/freebl/mpi/doc/mul.txt
new file mode 100644
index 000000000..975f56ddb
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/mul.txt
@@ -0,0 +1,77 @@
+Multiplication
+
+This describes the multiplication algorithm used by the MPI library.
+
+This is basically a standard "schoolbook" algorithm. It is slow --
+O(mn) for m = #a, n = #b -- but easy to implement and verify.
+Basically, we run two nested loops, as illustrated here (R is the
+radix):
+
+k = 0
+for j <- 0 to (#b - 1)
+ for i <- 0 to (#a - 1)
+ w = (a[j] * b[i]) + k + c[i+j]
+ c[i+j] = w mod R
+ k = w div R
+ endfor
+ c[i+j] = k;
+ k = 0;
+endfor
+
+It is necessary that 'w' have room for at least two radix R digits.
+The product of any two digits in radix R is at most:
+
+ (R - 1)(R - 1) = R^2 - 2R + 1
+
+Since a two-digit radix-R number can hold R^2 - 1 distinct values,
+this insures that the product will fit into the two-digit register.
+
+To insure that two digits is enough for w, we must also show that
+there is room for the carry-in from the previous multiplication, and
+the current value of the product digit that is being recomputed.
+Assuming each of these may be as big as R - 1 (and no larger,
+certainly), two digits will be enough if and only if:
+
+ (R^2 - 2R + 1) + 2(R - 1) <= R^2 - 1
+
+Solving this equation shows that, indeed, this is the case:
+
+ R^2 - 2R + 1 + 2R - 2 <= R^2 - 1
+
+ R^2 - 1 <= R^2 - 1
+
+This suggests that a good radix would be one more than the largest
+value that can be held in half a machine word -- so, for example, as
+in this implementation, where we used a radix of 65536 on a machine
+with 4-byte words. Another advantage of a radix of this sort is that
+binary-level operations are easy on numbers in this representation.
+
+Here's an example multiplication worked out longhand in radix-10,
+using the above algorithm:
+
+ a = 999
+ b = x 999
+ -------------
+ p = 98001
+
+w = (a[jx] * b[ix]) + kin + c[ix + jx]
+c[ix+jx] = w % RADIX
+k = w / RADIX
+ product
+ix jx a[jx] b[ix] kin w c[i+j] kout 000000
+0 0 9 9 0 81+0+0 1 8 000001
+0 1 9 9 8 81+8+0 9 8 000091
+0 2 9 9 8 81+8+0 9 8 000991
+ 8 0 008991
+1 0 9 9 0 81+0+9 0 9 008901
+1 1 9 9 9 81+9+9 9 9 008901
+1 2 9 9 9 81+9+8 8 9 008901
+ 9 0 098901
+2 0 9 9 0 81+0+9 0 9 098001
+2 1 9 9 9 81+9+8 8 9 098001
+2 2 9 9 9 81+9+9 9 9 098001
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/pi.txt b/security/nss/lib/freebl/mpi/doc/pi.txt
new file mode 100644
index 000000000..a6ef91137
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/pi.txt
@@ -0,0 +1,53 @@
+This file describes how pi is computed by the program in 'pi.c' (see
+the utils subdirectory).
+
+Basically, we use Machin's formula, which is what everyone in the
+world uses as a simple method for computing approximations to pi.
+This works for up to a few thousand digits without too much effort.
+Beyond that, though, it gets too slow.
+
+Machin's formula states:
+
+ pi := 16 * arctan(1/5) - 4 * arctan(1/239)
+
+We compute this in integer arithmetic by first multiplying everything
+through by 10^d, where 'd' is the number of digits of pi we wanted to
+compute. It turns out, the last few digits will be wrong, but the
+number that are wrong is usually very small (ordinarly only 2-3).
+Having done this, we compute the arctan() function using the formula:
+
+ 1 1 1 1 1
+ arctan(1/x) := --- - ----- + ----- - ----- + ----- - ...
+ x 3 x^3 5 x^5 7 x^7 9 x^9
+
+This is done iteratively by computing the first term manually, and
+then iteratively dividing x^2 and k, where k = 3, 5, 7, ... out of the
+current figure. This is then added to (or subtracted from) a running
+sum, as appropriate. The iteration continues until we overflow our
+available precision and the current figure goes to zero under integer
+division. At that point, we're finished.
+
+Actually, we get a couple extra bits of precision out of the fact that
+we know we're computing y * arctan(1/x), by setting up the multiplier
+as:
+
+ y * 10^d
+
+... instead of just 10^d. There is also a bit of cleverness in how
+the loop is constructed, to avoid special-casing the first term.
+Check out the code for arctan() in 'pi.c', if you are interested in
+seeing how it is set up.
+
+Thanks to Jason P. for this algorithm, which I assembled from notes
+and programs found on his cool "Pile of Pi Programs" page, at:
+
+ http://www.isr.umd.edu/~jasonp/pipage.html
+
+Thanks also to Henrik Johansson <Henrik.Johansson@Nexus.Comm.SE>, from
+whose pi program I borrowed the clever idea of pre-multiplying by x in
+order to avoid a special case on the loop iteration.
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/prime.txt b/security/nss/lib/freebl/mpi/doc/prime.txt
new file mode 100644
index 000000000..694797d5f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/prime.txt
@@ -0,0 +1,6542 @@
+2
+3
+5
+7
+11
+13
+17
+19
+23
+29
+31
+37
+41
+43
+47
+53
+59
+61
+67
+71
+73
+79
+83
+89
+97
+101
+103
+107
+109
+113
+127
+131
+137
+139
+149
+151
+157
+163
+167
+173
+179
+181
+191
+193
+197
+199
+211
+223
+227
+229
+233
+239
+241
+251
+257
+263
+269
+271
+277
+281
+283
+293
+307
+311
+313
+317
+331
+337
+347
+349
+353
+359
+367
+373
+379
+383
+389
+397
+401
+409
+419
+421
+431
+433
+439
+443
+449
+457
+461
+463
+467
+479
+487
+491
+499
+503
+509
+521
+523
+541
+547
+557
+563
+569
+571
+577
+587
+593
+599
+601
+607
+613
+617
+619
+631
+641
+643
+647
+653
+659
+661
+673
+677
+683
+691
+701
+709
+719
+727
+733
+739
+743
+751
+757
+761
+769
+773
+787
+797
+809
+811
+821
+823
+827
+829
+839
+853
+857
+859
+863
+877
+881
+883
+887
+907
+911
+919
+929
+937
+941
+947
+953
+967
+971
+977
+983
+991
+997
+1009
+1013
+1019
+1021
+1031
+1033
+1039
+1049
+1051
+1061
+1063
+1069
+1087
+1091
+1093
+1097
+1103
+1109
+1117
+1123
+1129
+1151
+1153
+1163
+1171
+1181
+1187
+1193
+1201
+1213
+1217
+1223
+1229
+1231
+1237
+1249
+1259
+1277
+1279
+1283
+1289
+1291
+1297
+1301
+1303
+1307
+1319
+1321
+1327
+1361
+1367
+1373
+1381
+1399
+1409
+1423
+1427
+1429
+1433
+1439
+1447
+1451
+1453
+1459
+1471
+1481
+1483
+1487
+1489
+1493
+1499
+1511
+1523
+1531
+1543
+1549
+1553
+1559
+1567
+1571
+1579
+1583
+1597
+1601
+1607
+1609
+1613
+1619
+1621
+1627
+1637
+1657
+1663
+1667
+1669
+1693
+1697
+1699
+1709
+1721
+1723
+1733
+1741
+1747
+1753
+1759
+1777
+1783
+1787
+1789
+1801
+1811
+1823
+1831
+1847
+1861
+1867
+1871
+1873
+1877
+1879
+1889
+1901
+1907
+1913
+1931
+1933
+1949
+1951
+1973
+1979
+1987
+1993
+1997
+1999
+2003
+2011
+2017
+2027
+2029
+2039
+2053
+2063
+2069
+2081
+2083
+2087
+2089
+2099
+2111
+2113
+2129
+2131
+2137
+2141
+2143
+2153
+2161
+2179
+2203
+2207
+2213
+2221
+2237
+2239
+2243
+2251
+2267
+2269
+2273
+2281
+2287
+2293
+2297
+2309
+2311
+2333
+2339
+2341
+2347
+2351
+2357
+2371
+2377
+2381
+2383
+2389
+2393
+2399
+2411
+2417
+2423
+2437
+2441
+2447
+2459
+2467
+2473
+2477
+2503
+2521
+2531
+2539
+2543
+2549
+2551
+2557
+2579
+2591
+2593
+2609
+2617
+2621
+2633
+2647
+2657
+2659
+2663
+2671
+2677
+2683
+2687
+2689
+2693
+2699
+2707
+2711
+2713
+2719
+2729
+2731
+2741
+2749
+2753
+2767
+2777
+2789
+2791
+2797
+2801
+2803
+2819
+2833
+2837
+2843
+2851
+2857
+2861
+2879
+2887
+2897
+2903
+2909
+2917
+2927
+2939
+2953
+2957
+2963
+2969
+2971
+2999
+3001
+3011
+3019
+3023
+3037
+3041
+3049
+3061
+3067
+3079
+3083
+3089
+3109
+3119
+3121
+3137
+3163
+3167
+3169
+3181
+3187
+3191
+3203
+3209
+3217
+3221
+3229
+3251
+3253
+3257
+3259
+3271
+3299
+3301
+3307
+3313
+3319
+3323
+3329
+3331
+3343
+3347
+3359
+3361
+3371
+3373
+3389
+3391
+3407
+3413
+3433
+3449
+3457
+3461
+3463
+3467
+3469
+3491
+3499
+3511
+3517
+3527
+3529
+3533
+3539
+3541
+3547
+3557
+3559
+3571
+3581
+3583
+3593
+3607
+3613
+3617
+3623
+3631
+3637
+3643
+3659
+3671
+3673
+3677
+3691
+3697
+3701
+3709
+3719
+3727
+3733
+3739
+3761
+3767
+3769
+3779
+3793
+3797
+3803
+3821
+3823
+3833
+3847
+3851
+3853
+3863
+3877
+3881
+3889
+3907
+3911
+3917
+3919
+3923
+3929
+3931
+3943
+3947
+3967
+3989
+4001
+4003
+4007
+4013
+4019
+4021
+4027
+4049
+4051
+4057
+4073
+4079
+4091
+4093
+4099
+4111
+4127
+4129
+4133
+4139
+4153
+4157
+4159
+4177
+4201
+4211
+4217
+4219
+4229
+4231
+4241
+4243
+4253
+4259
+4261
+4271
+4273
+4283
+4289
+4297
+4327
+4337
+4339
+4349
+4357
+4363
+4373
+4391
+4397
+4409
+4421
+4423
+4441
+4447
+4451
+4457
+4463
+4481
+4483
+4493
+4507
+4513
+4517
+4519
+4523
+4547
+4549
+4561
+4567
+4583
+4591
+4597
+4603
+4621
+4637
+4639
+4643
+4649
+4651
+4657
+4663
+4673
+4679
+4691
+4703
+4721
+4723
+4729
+4733
+4751
+4759
+4783
+4787
+4789
+4793
+4799
+4801
+4813
+4817
+4831
+4861
+4871
+4877
+4889
+4903
+4909
+4919
+4931
+4933
+4937
+4943
+4951
+4957
+4967
+4969
+4973
+4987
+4993
+4999
+5003
+5009
+5011
+5021
+5023
+5039
+5051
+5059
+5077
+5081
+5087
+5099
+5101
+5107
+5113
+5119
+5147
+5153
+5167
+5171
+5179
+5189
+5197
+5209
+5227
+5231
+5233
+5237
+5261
+5273
+5279
+5281
+5297
+5303
+5309
+5323
+5333
+5347
+5351
+5381
+5387
+5393
+5399
+5407
+5413
+5417
+5419
+5431
+5437
+5441
+5443
+5449
+5471
+5477
+5479
+5483
+5501
+5503
+5507
+5519
+5521
+5527
+5531
+5557
+5563
+5569
+5573
+5581
+5591
+5623
+5639
+5641
+5647
+5651
+5653
+5657
+5659
+5669
+5683
+5689
+5693
+5701
+5711
+5717
+5737
+5741
+5743
+5749
+5779
+5783
+5791
+5801
+5807
+5813
+5821
+5827
+5839
+5843
+5849
+5851
+5857
+5861
+5867
+5869
+5879
+5881
+5897
+5903
+5923
+5927
+5939
+5953
+5981
+5987
+6007
+6011
+6029
+6037
+6043
+6047
+6053
+6067
+6073
+6079
+6089
+6091
+6101
+6113
+6121
+6131
+6133
+6143
+6151
+6163
+6173
+6197
+6199
+6203
+6211
+6217
+6221
+6229
+6247
+6257
+6263
+6269
+6271
+6277
+6287
+6299
+6301
+6311
+6317
+6323
+6329
+6337
+6343
+6353
+6359
+6361
+6367
+6373
+6379
+6389
+6397
+6421
+6427
+6449
+6451
+6469
+6473
+6481
+6491
+6521
+6529
+6547
+6551
+6553
+6563
+6569
+6571
+6577
+6581
+6599
+6607
+6619
+6637
+6653
+6659
+6661
+6673
+6679
+6689
+6691
+6701
+6703
+6709
+6719
+6733
+6737
+6761
+6763
+6779
+6781
+6791
+6793
+6803
+6823
+6827
+6829
+6833
+6841
+6857
+6863
+6869
+6871
+6883
+6899
+6907
+6911
+6917
+6947
+6949
+6959
+6961
+6967
+6971
+6977
+6983
+6991
+6997
+7001
+7013
+7019
+7027
+7039
+7043
+7057
+7069
+7079
+7103
+7109
+7121
+7127
+7129
+7151
+7159
+7177
+7187
+7193
+7207
+7211
+7213
+7219
+7229
+7237
+7243
+7247
+7253
+7283
+7297
+7307
+7309
+7321
+7331
+7333
+7349
+7351
+7369
+7393
+7411
+7417
+7433
+7451
+7457
+7459
+7477
+7481
+7487
+7489
+7499
+7507
+7517
+7523
+7529
+7537
+7541
+7547
+7549
+7559
+7561
+7573
+7577
+7583
+7589
+7591
+7603
+7607
+7621
+7639
+7643
+7649
+7669
+7673
+7681
+7687
+7691
+7699
+7703
+7717
+7723
+7727
+7741
+7753
+7757
+7759
+7789
+7793
+7817
+7823
+7829
+7841
+7853
+7867
+7873
+7877
+7879
+7883
+7901
+7907
+7919
+7927
+7933
+7937
+7949
+7951
+7963
+7993
+8009
+8011
+8017
+8039
+8053
+8059
+8069
+8081
+8087
+8089
+8093
+8101
+8111
+8117
+8123
+8147
+8161
+8167
+8171
+8179
+8191
+8209
+8219
+8221
+8231
+8233
+8237
+8243
+8263
+8269
+8273
+8287
+8291
+8293
+8297
+8311
+8317
+8329
+8353
+8363
+8369
+8377
+8387
+8389
+8419
+8423
+8429
+8431
+8443
+8447
+8461
+8467
+8501
+8513
+8521
+8527
+8537
+8539
+8543
+8563
+8573
+8581
+8597
+8599
+8609
+8623
+8627
+8629
+8641
+8647
+8663
+8669
+8677
+8681
+8689
+8693
+8699
+8707
+8713
+8719
+8731
+8737
+8741
+8747
+8753
+8761
+8779
+8783
+8803
+8807
+8819
+8821
+8831
+8837
+8839
+8849
+8861
+8863
+8867
+8887
+8893
+8923
+8929
+8933
+8941
+8951
+8963
+8969
+8971
+8999
+9001
+9007
+9011
+9013
+9029
+9041
+9043
+9049
+9059
+9067
+9091
+9103
+9109
+9127
+9133
+9137
+9151
+9157
+9161
+9173
+9181
+9187
+9199
+9203
+9209
+9221
+9227
+9239
+9241
+9257
+9277
+9281
+9283
+9293
+9311
+9319
+9323
+9337
+9341
+9343
+9349
+9371
+9377
+9391
+9397
+9403
+9413
+9419
+9421
+9431
+9433
+9437
+9439
+9461
+9463
+9467
+9473
+9479
+9491
+9497
+9511
+9521
+9533
+9539
+9547
+9551
+9587
+9601
+9613
+9619
+9623
+9629
+9631
+9643
+9649
+9661
+9677
+9679
+9689
+9697
+9719
+9721
+9733
+9739
+9743
+9749
+9767
+9769
+9781
+9787
+9791
+9803
+9811
+9817
+9829
+9833
+9839
+9851
+9857
+9859
+9871
+9883
+9887
+9901
+9907
+9923
+9929
+9931
+9941
+9949
+9967
+9973
+10007
+10009
+10037
+10039
+10061
+10067
+10069
+10079
+10091
+10093
+10099
+10103
+10111
+10133
+10139
+10141
+10151
+10159
+10163
+10169
+10177
+10181
+10193
+10211
+10223
+10243
+10247
+10253
+10259
+10267
+10271
+10273
+10289
+10301
+10303
+10313
+10321
+10331
+10333
+10337
+10343
+10357
+10369
+10391
+10399
+10427
+10429
+10433
+10453
+10457
+10459
+10463
+10477
+10487
+10499
+10501
+10513
+10529
+10531
+10559
+10567
+10589
+10597
+10601
+10607
+10613
+10627
+10631
+10639
+10651
+10657
+10663
+10667
+10687
+10691
+10709
+10711
+10723
+10729
+10733
+10739
+10753
+10771
+10781
+10789
+10799
+10831
+10837
+10847
+10853
+10859
+10861
+10867
+10883
+10889
+10891
+10903
+10909
+10937
+10939
+10949
+10957
+10973
+10979
+10987
+10993
+11003
+11027
+11047
+11057
+11059
+11069
+11071
+11083
+11087
+11093
+11113
+11117
+11119
+11131
+11149
+11159
+11161
+11171
+11173
+11177
+11197
+11213
+11239
+11243
+11251
+11257
+11261
+11273
+11279
+11287
+11299
+11311
+11317
+11321
+11329
+11351
+11353
+11369
+11383
+11393
+11399
+11411
+11423
+11437
+11443
+11447
+11467
+11471
+11483
+11489
+11491
+11497
+11503
+11519
+11527
+11549
+11551
+11579
+11587
+11593
+11597
+11617
+11621
+11633
+11657
+11677
+11681
+11689
+11699
+11701
+11717
+11719
+11731
+11743
+11777
+11779
+11783
+11789
+11801
+11807
+11813
+11821
+11827
+11831
+11833
+11839
+11863
+11867
+11887
+11897
+11903
+11909
+11923
+11927
+11933
+11939
+11941
+11953
+11959
+11969
+11971
+11981
+11987
+12007
+12011
+12037
+12041
+12043
+12049
+12071
+12073
+12097
+12101
+12107
+12109
+12113
+12119
+12143
+12149
+12157
+12161
+12163
+12197
+12203
+12211
+12227
+12239
+12241
+12251
+12253
+12263
+12269
+12277
+12281
+12289
+12301
+12323
+12329
+12343
+12347
+12373
+12377
+12379
+12391
+12401
+12409
+12413
+12421
+12433
+12437
+12451
+12457
+12473
+12479
+12487
+12491
+12497
+12503
+12511
+12517
+12527
+12539
+12541
+12547
+12553
+12569
+12577
+12583
+12589
+12601
+12611
+12613
+12619
+12637
+12641
+12647
+12653
+12659
+12671
+12689
+12697
+12703
+12713
+12721
+12739
+12743
+12757
+12763
+12781
+12791
+12799
+12809
+12821
+12823
+12829
+12841
+12853
+12889
+12893
+12899
+12907
+12911
+12917
+12919
+12923
+12941
+12953
+12959
+12967
+12973
+12979
+12983
+13001
+13003
+13007
+13009
+13033
+13037
+13043
+13049
+13063
+13093
+13099
+13103
+13109
+13121
+13127
+13147
+13151
+13159
+13163
+13171
+13177
+13183
+13187
+13217
+13219
+13229
+13241
+13249
+13259
+13267
+13291
+13297
+13309
+13313
+13327
+13331
+13337
+13339
+13367
+13381
+13397
+13399
+13411
+13417
+13421
+13441
+13451
+13457
+13463
+13469
+13477
+13487
+13499
+13513
+13523
+13537
+13553
+13567
+13577
+13591
+13597
+13613
+13619
+13627
+13633
+13649
+13669
+13679
+13681
+13687
+13691
+13693
+13697
+13709
+13711
+13721
+13723
+13729
+13751
+13757
+13759
+13763
+13781
+13789
+13799
+13807
+13829
+13831
+13841
+13859
+13873
+13877
+13879
+13883
+13901
+13903
+13907
+13913
+13921
+13931
+13933
+13963
+13967
+13997
+13999
+14009
+14011
+14029
+14033
+14051
+14057
+14071
+14081
+14083
+14087
+14107
+14143
+14149
+14153
+14159
+14173
+14177
+14197
+14207
+14221
+14243
+14249
+14251
+14281
+14293
+14303
+14321
+14323
+14327
+14341
+14347
+14369
+14387
+14389
+14401
+14407
+14411
+14419
+14423
+14431
+14437
+14447
+14449
+14461
+14479
+14489
+14503
+14519
+14533
+14537
+14543
+14549
+14551
+14557
+14561
+14563
+14591
+14593
+14621
+14627
+14629
+14633
+14639
+14653
+14657
+14669
+14683
+14699
+14713
+14717
+14723
+14731
+14737
+14741
+14747
+14753
+14759
+14767
+14771
+14779
+14783
+14797
+14813
+14821
+14827
+14831
+14843
+14851
+14867
+14869
+14879
+14887
+14891
+14897
+14923
+14929
+14939
+14947
+14951
+14957
+14969
+14983
+15013
+15017
+15031
+15053
+15061
+15073
+15077
+15083
+15091
+15101
+15107
+15121
+15131
+15137
+15139
+15149
+15161
+15173
+15187
+15193
+15199
+15217
+15227
+15233
+15241
+15259
+15263
+15269
+15271
+15277
+15287
+15289
+15299
+15307
+15313
+15319
+15329
+15331
+15349
+15359
+15361
+15373
+15377
+15383
+15391
+15401
+15413
+15427
+15439
+15443
+15451
+15461
+15467
+15473
+15493
+15497
+15511
+15527
+15541
+15551
+15559
+15569
+15581
+15583
+15601
+15607
+15619
+15629
+15641
+15643
+15647
+15649
+15661
+15667
+15671
+15679
+15683
+15727
+15731
+15733
+15737
+15739
+15749
+15761
+15767
+15773
+15787
+15791
+15797
+15803
+15809
+15817
+15823
+15859
+15877
+15881
+15887
+15889
+15901
+15907
+15913
+15919
+15923
+15937
+15959
+15971
+15973
+15991
+16001
+16007
+16033
+16057
+16061
+16063
+16067
+16069
+16073
+16087
+16091
+16097
+16103
+16111
+16127
+16139
+16141
+16183
+16187
+16189
+16193
+16217
+16223
+16229
+16231
+16249
+16253
+16267
+16273
+16301
+16319
+16333
+16339
+16349
+16361
+16363
+16369
+16381
+16411
+16417
+16421
+16427
+16433
+16447
+16451
+16453
+16477
+16481
+16487
+16493
+16519
+16529
+16547
+16553
+16561
+16567
+16573
+16603
+16607
+16619
+16631
+16633
+16649
+16651
+16657
+16661
+16673
+16691
+16693
+16699
+16703
+16729
+16741
+16747
+16759
+16763
+16787
+16811
+16823
+16829
+16831
+16843
+16871
+16879
+16883
+16889
+16901
+16903
+16921
+16927
+16931
+16937
+16943
+16963
+16979
+16981
+16987
+16993
+17011
+17021
+17027
+17029
+17033
+17041
+17047
+17053
+17077
+17093
+17099
+17107
+17117
+17123
+17137
+17159
+17167
+17183
+17189
+17191
+17203
+17207
+17209
+17231
+17239
+17257
+17291
+17293
+17299
+17317
+17321
+17327
+17333
+17341
+17351
+17359
+17377
+17383
+17387
+17389
+17393
+17401
+17417
+17419
+17431
+17443
+17449
+17467
+17471
+17477
+17483
+17489
+17491
+17497
+17509
+17519
+17539
+17551
+17569
+17573
+17579
+17581
+17597
+17599
+17609
+17623
+17627
+17657
+17659
+17669
+17681
+17683
+17707
+17713
+17729
+17737
+17747
+17749
+17761
+17783
+17789
+17791
+17807
+17827
+17837
+17839
+17851
+17863
+17881
+17891
+17903
+17909
+17911
+17921
+17923
+17929
+17939
+17957
+17959
+17971
+17977
+17981
+17987
+17989
+18013
+18041
+18043
+18047
+18049
+18059
+18061
+18077
+18089
+18097
+18119
+18121
+18127
+18131
+18133
+18143
+18149
+18169
+18181
+18191
+18199
+18211
+18217
+18223
+18229
+18233
+18251
+18253
+18257
+18269
+18287
+18289
+18301
+18307
+18311
+18313
+18329
+18341
+18353
+18367
+18371
+18379
+18397
+18401
+18413
+18427
+18433
+18439
+18443
+18451
+18457
+18461
+18481
+18493
+18503
+18517
+18521
+18523
+18539
+18541
+18553
+18583
+18587
+18593
+18617
+18637
+18661
+18671
+18679
+18691
+18701
+18713
+18719
+18731
+18743
+18749
+18757
+18773
+18787
+18793
+18797
+18803
+18839
+18859
+18869
+18899
+18911
+18913
+18917
+18919
+18947
+18959
+18973
+18979
+19001
+19009
+19013
+19031
+19037
+19051
+19069
+19073
+19079
+19081
+19087
+19121
+19139
+19141
+19157
+19163
+19181
+19183
+19207
+19211
+19213
+19219
+19231
+19237
+19249
+19259
+19267
+19273
+19289
+19301
+19309
+19319
+19333
+19373
+19379
+19381
+19387
+19391
+19403
+19417
+19421
+19423
+19427
+19429
+19433
+19441
+19447
+19457
+19463
+19469
+19471
+19477
+19483
+19489
+19501
+19507
+19531
+19541
+19543
+19553
+19559
+19571
+19577
+19583
+19597
+19603
+19609
+19661
+19681
+19687
+19697
+19699
+19709
+19717
+19727
+19739
+19751
+19753
+19759
+19763
+19777
+19793
+19801
+19813
+19819
+19841
+19843
+19853
+19861
+19867
+19889
+19891
+19913
+19919
+19927
+19937
+19949
+19961
+19963
+19973
+19979
+19991
+19993
+19997
+20011
+20021
+20023
+20029
+20047
+20051
+20063
+20071
+20089
+20101
+20107
+20113
+20117
+20123
+20129
+20143
+20147
+20149
+20161
+20173
+20177
+20183
+20201
+20219
+20231
+20233
+20249
+20261
+20269
+20287
+20297
+20323
+20327
+20333
+20341
+20347
+20353
+20357
+20359
+20369
+20389
+20393
+20399
+20407
+20411
+20431
+20441
+20443
+20477
+20479
+20483
+20507
+20509
+20521
+20533
+20543
+20549
+20551
+20563
+20593
+20599
+20611
+20627
+20639
+20641
+20663
+20681
+20693
+20707
+20717
+20719
+20731
+20743
+20747
+20749
+20753
+20759
+20771
+20773
+20789
+20807
+20809
+20849
+20857
+20873
+20879
+20887
+20897
+20899
+20903
+20921
+20929
+20939
+20947
+20959
+20963
+20981
+20983
+21001
+21011
+21013
+21017
+21019
+21023
+21031
+21059
+21061
+21067
+21089
+21101
+21107
+21121
+21139
+21143
+21149
+21157
+21163
+21169
+21179
+21187
+21191
+21193
+21211
+21221
+21227
+21247
+21269
+21277
+21283
+21313
+21317
+21319
+21323
+21341
+21347
+21377
+21379
+21383
+21391
+21397
+21401
+21407
+21419
+21433
+21467
+21481
+21487
+21491
+21493
+21499
+21503
+21517
+21521
+21523
+21529
+21557
+21559
+21563
+21569
+21577
+21587
+21589
+21599
+21601
+21611
+21613
+21617
+21647
+21649
+21661
+21673
+21683
+21701
+21713
+21727
+21737
+21739
+21751
+21757
+21767
+21773
+21787
+21799
+21803
+21817
+21821
+21839
+21841
+21851
+21859
+21863
+21871
+21881
+21893
+21911
+21929
+21937
+21943
+21961
+21977
+21991
+21997
+22003
+22013
+22027
+22031
+22037
+22039
+22051
+22063
+22067
+22073
+22079
+22091
+22093
+22109
+22111
+22123
+22129
+22133
+22147
+22153
+22157
+22159
+22171
+22189
+22193
+22229
+22247
+22259
+22271
+22273
+22277
+22279
+22283
+22291
+22303
+22307
+22343
+22349
+22367
+22369
+22381
+22391
+22397
+22409
+22433
+22441
+22447
+22453
+22469
+22481
+22483
+22501
+22511
+22531
+22541
+22543
+22549
+22567
+22571
+22573
+22613
+22619
+22621
+22637
+22639
+22643
+22651
+22669
+22679
+22691
+22697
+22699
+22709
+22717
+22721
+22727
+22739
+22741
+22751
+22769
+22777
+22783
+22787
+22807
+22811
+22817
+22853
+22859
+22861
+22871
+22877
+22901
+22907
+22921
+22937
+22943
+22961
+22963
+22973
+22993
+23003
+23011
+23017
+23021
+23027
+23029
+23039
+23041
+23053
+23057
+23059
+23063
+23071
+23081
+23087
+23099
+23117
+23131
+23143
+23159
+23167
+23173
+23189
+23197
+23201
+23203
+23209
+23227
+23251
+23269
+23279
+23291
+23293
+23297
+23311
+23321
+23327
+23333
+23339
+23357
+23369
+23371
+23399
+23417
+23431
+23447
+23459
+23473
+23497
+23509
+23531
+23537
+23539
+23549
+23557
+23561
+23563
+23567
+23581
+23593
+23599
+23603
+23609
+23623
+23627
+23629
+23633
+23663
+23669
+23671
+23677
+23687
+23689
+23719
+23741
+23743
+23747
+23753
+23761
+23767
+23773
+23789
+23801
+23813
+23819
+23827
+23831
+23833
+23857
+23869
+23873
+23879
+23887
+23893
+23899
+23909
+23911
+23917
+23929
+23957
+23971
+23977
+23981
+23993
+24001
+24007
+24019
+24023
+24029
+24043
+24049
+24061
+24071
+24077
+24083
+24091
+24097
+24103
+24107
+24109
+24113
+24121
+24133
+24137
+24151
+24169
+24179
+24181
+24197
+24203
+24223
+24229
+24239
+24247
+24251
+24281
+24317
+24329
+24337
+24359
+24371
+24373
+24379
+24391
+24407
+24413
+24419
+24421
+24439
+24443
+24469
+24473
+24481
+24499
+24509
+24517
+24527
+24533
+24547
+24551
+24571
+24593
+24611
+24623
+24631
+24659
+24671
+24677
+24683
+24691
+24697
+24709
+24733
+24749
+24763
+24767
+24781
+24793
+24799
+24809
+24821
+24841
+24847
+24851
+24859
+24877
+24889
+24907
+24917
+24919
+24923
+24943
+24953
+24967
+24971
+24977
+24979
+24989
+25013
+25031
+25033
+25037
+25057
+25073
+25087
+25097
+25111
+25117
+25121
+25127
+25147
+25153
+25163
+25169
+25171
+25183
+25189
+25219
+25229
+25237
+25243
+25247
+25253
+25261
+25301
+25303
+25307
+25309
+25321
+25339
+25343
+25349
+25357
+25367
+25373
+25391
+25409
+25411
+25423
+25439
+25447
+25453
+25457
+25463
+25469
+25471
+25523
+25537
+25541
+25561
+25577
+25579
+25583
+25589
+25601
+25603
+25609
+25621
+25633
+25639
+25643
+25657
+25667
+25673
+25679
+25693
+25703
+25717
+25733
+25741
+25747
+25759
+25763
+25771
+25793
+25799
+25801
+25819
+25841
+25847
+25849
+25867
+25873
+25889
+25903
+25913
+25919
+25931
+25933
+25939
+25943
+25951
+25969
+25981
+25997
+25999
+26003
+26017
+26021
+26029
+26041
+26053
+26083
+26099
+26107
+26111
+26113
+26119
+26141
+26153
+26161
+26171
+26177
+26183
+26189
+26203
+26209
+26227
+26237
+26249
+26251
+26261
+26263
+26267
+26293
+26297
+26309
+26317
+26321
+26339
+26347
+26357
+26371
+26387
+26393
+26399
+26407
+26417
+26423
+26431
+26437
+26449
+26459
+26479
+26489
+26497
+26501
+26513
+26539
+26557
+26561
+26573
+26591
+26597
+26627
+26633
+26641
+26647
+26669
+26681
+26683
+26687
+26693
+26699
+26701
+26711
+26713
+26717
+26723
+26729
+26731
+26737
+26759
+26777
+26783
+26801
+26813
+26821
+26833
+26839
+26849
+26861
+26863
+26879
+26881
+26891
+26893
+26903
+26921
+26927
+26947
+26951
+26953
+26959
+26981
+26987
+26993
+27011
+27017
+27031
+27043
+27059
+27061
+27067
+27073
+27077
+27091
+27103
+27107
+27109
+27127
+27143
+27179
+27191
+27197
+27211
+27239
+27241
+27253
+27259
+27271
+27277
+27281
+27283
+27299
+27329
+27337
+27361
+27367
+27397
+27407
+27409
+27427
+27431
+27437
+27449
+27457
+27479
+27481
+27487
+27509
+27527
+27529
+27539
+27541
+27551
+27581
+27583
+27611
+27617
+27631
+27647
+27653
+27673
+27689
+27691
+27697
+27701
+27733
+27737
+27739
+27743
+27749
+27751
+27763
+27767
+27773
+27779
+27791
+27793
+27799
+27803
+27809
+27817
+27823
+27827
+27847
+27851
+27883
+27893
+27901
+27917
+27919
+27941
+27943
+27947
+27953
+27961
+27967
+27983
+27997
+28001
+28019
+28027
+28031
+28051
+28057
+28069
+28081
+28087
+28097
+28099
+28109
+28111
+28123
+28151
+28163
+28181
+28183
+28201
+28211
+28219
+28229
+28277
+28279
+28283
+28289
+28297
+28307
+28309
+28319
+28349
+28351
+28387
+28393
+28403
+28409
+28411
+28429
+28433
+28439
+28447
+28463
+28477
+28493
+28499
+28513
+28517
+28537
+28541
+28547
+28549
+28559
+28571
+28573
+28579
+28591
+28597
+28603
+28607
+28619
+28621
+28627
+28631
+28643
+28649
+28657
+28661
+28663
+28669
+28687
+28697
+28703
+28711
+28723
+28729
+28751
+28753
+28759
+28771
+28789
+28793
+28807
+28813
+28817
+28837
+28843
+28859
+28867
+28871
+28879
+28901
+28909
+28921
+28927
+28933
+28949
+28961
+28979
+29009
+29017
+29021
+29023
+29027
+29033
+29059
+29063
+29077
+29101
+29123
+29129
+29131
+29137
+29147
+29153
+29167
+29173
+29179
+29191
+29201
+29207
+29209
+29221
+29231
+29243
+29251
+29269
+29287
+29297
+29303
+29311
+29327
+29333
+29339
+29347
+29363
+29383
+29387
+29389
+29399
+29401
+29411
+29423
+29429
+29437
+29443
+29453
+29473
+29483
+29501
+29527
+29531
+29537
+29567
+29569
+29573
+29581
+29587
+29599
+29611
+29629
+29633
+29641
+29663
+29669
+29671
+29683
+29717
+29723
+29741
+29753
+29759
+29761
+29789
+29803
+29819
+29833
+29837
+29851
+29863
+29867
+29873
+29879
+29881
+29917
+29921
+29927
+29947
+29959
+29983
+29989
+30011
+30013
+30029
+30047
+30059
+30071
+30089
+30091
+30097
+30103
+30109
+30113
+30119
+30133
+30137
+30139
+30161
+30169
+30181
+30187
+30197
+30203
+30211
+30223
+30241
+30253
+30259
+30269
+30271
+30293
+30307
+30313
+30319
+30323
+30341
+30347
+30367
+30389
+30391
+30403
+30427
+30431
+30449
+30467
+30469
+30491
+30493
+30497
+30509
+30517
+30529
+30539
+30553
+30557
+30559
+30577
+30593
+30631
+30637
+30643
+30649
+30661
+30671
+30677
+30689
+30697
+30703
+30707
+30713
+30727
+30757
+30763
+30773
+30781
+30803
+30809
+30817
+30829
+30839
+30841
+30851
+30853
+30859
+30869
+30871
+30881
+30893
+30911
+30931
+30937
+30941
+30949
+30971
+30977
+30983
+31013
+31019
+31033
+31039
+31051
+31063
+31069
+31079
+31081
+31091
+31121
+31123
+31139
+31147
+31151
+31153
+31159
+31177
+31181
+31183
+31189
+31193
+31219
+31223
+31231
+31237
+31247
+31249
+31253
+31259
+31267
+31271
+31277
+31307
+31319
+31321
+31327
+31333
+31337
+31357
+31379
+31387
+31391
+31393
+31397
+31469
+31477
+31481
+31489
+31511
+31513
+31517
+31531
+31541
+31543
+31547
+31567
+31573
+31583
+31601
+31607
+31627
+31643
+31649
+31657
+31663
+31667
+31687
+31699
+31721
+31723
+31727
+31729
+31741
+31751
+31769
+31771
+31793
+31799
+31817
+31847
+31849
+31859
+31873
+31883
+31891
+31907
+31957
+31963
+31973
+31981
+31991
+32003
+32009
+32027
+32029
+32051
+32057
+32059
+32063
+32069
+32077
+32083
+32089
+32099
+32117
+32119
+32141
+32143
+32159
+32173
+32183
+32189
+32191
+32203
+32213
+32233
+32237
+32251
+32257
+32261
+32297
+32299
+32303
+32309
+32321
+32323
+32327
+32341
+32353
+32359
+32363
+32369
+32371
+32377
+32381
+32401
+32411
+32413
+32423
+32429
+32441
+32443
+32467
+32479
+32491
+32497
+32503
+32507
+32531
+32533
+32537
+32561
+32563
+32569
+32573
+32579
+32587
+32603
+32609
+32611
+32621
+32633
+32647
+32653
+32687
+32693
+32707
+32713
+32717
+32719
+32749
+32771
+32779
+32783
+32789
+32797
+32801
+32803
+32831
+32833
+32839
+32843
+32869
+32887
+32909
+32911
+32917
+32933
+32939
+32941
+32957
+32969
+32971
+32983
+32987
+32993
+32999
+33013
+33023
+33029
+33037
+33049
+33053
+33071
+33073
+33083
+33091
+33107
+33113
+33119
+33149
+33151
+33161
+33179
+33181
+33191
+33199
+33203
+33211
+33223
+33247
+33287
+33289
+33301
+33311
+33317
+33329
+33331
+33343
+33347
+33349
+33353
+33359
+33377
+33391
+33403
+33409
+33413
+33427
+33457
+33461
+33469
+33479
+33487
+33493
+33503
+33521
+33529
+33533
+33547
+33563
+33569
+33577
+33581
+33587
+33589
+33599
+33601
+33613
+33617
+33619
+33623
+33629
+33637
+33641
+33647
+33679
+33703
+33713
+33721
+33739
+33749
+33751
+33757
+33767
+33769
+33773
+33791
+33797
+33809
+33811
+33827
+33829
+33851
+33857
+33863
+33871
+33889
+33893
+33911
+33923
+33931
+33937
+33941
+33961
+33967
+33997
+34019
+34031
+34033
+34039
+34057
+34061
+34123
+34127
+34129
+34141
+34147
+34157
+34159
+34171
+34183
+34211
+34213
+34217
+34231
+34253
+34259
+34261
+34267
+34273
+34283
+34297
+34301
+34303
+34313
+34319
+34327
+34337
+34351
+34361
+34367
+34369
+34381
+34403
+34421
+34429
+34439
+34457
+34469
+34471
+34483
+34487
+34499
+34501
+34511
+34513
+34519
+34537
+34543
+34549
+34583
+34589
+34591
+34603
+34607
+34613
+34631
+34649
+34651
+34667
+34673
+34679
+34687
+34693
+34703
+34721
+34729
+34739
+34747
+34757
+34759
+34763
+34781
+34807
+34819
+34841
+34843
+34847
+34849
+34871
+34877
+34883
+34897
+34913
+34919
+34939
+34949
+34961
+34963
+34981
+35023
+35027
+35051
+35053
+35059
+35069
+35081
+35083
+35089
+35099
+35107
+35111
+35117
+35129
+35141
+35149
+35153
+35159
+35171
+35201
+35221
+35227
+35251
+35257
+35267
+35279
+35281
+35291
+35311
+35317
+35323
+35327
+35339
+35353
+35363
+35381
+35393
+35401
+35407
+35419
+35423
+35437
+35447
+35449
+35461
+35491
+35507
+35509
+35521
+35527
+35531
+35533
+35537
+35543
+35569
+35573
+35591
+35593
+35597
+35603
+35617
+35671
+35677
+35729
+35731
+35747
+35753
+35759
+35771
+35797
+35801
+35803
+35809
+35831
+35837
+35839
+35851
+35863
+35869
+35879
+35897
+35899
+35911
+35923
+35933
+35951
+35963
+35969
+35977
+35983
+35993
+35999
+36007
+36011
+36013
+36017
+36037
+36061
+36067
+36073
+36083
+36097
+36107
+36109
+36131
+36137
+36151
+36161
+36187
+36191
+36209
+36217
+36229
+36241
+36251
+36263
+36269
+36277
+36293
+36299
+36307
+36313
+36319
+36341
+36343
+36353
+36373
+36383
+36389
+36433
+36451
+36457
+36467
+36469
+36473
+36479
+36493
+36497
+36523
+36527
+36529
+36541
+36551
+36559
+36563
+36571
+36583
+36587
+36599
+36607
+36629
+36637
+36643
+36653
+36671
+36677
+36683
+36691
+36697
+36709
+36713
+36721
+36739
+36749
+36761
+36767
+36779
+36781
+36787
+36791
+36793
+36809
+36821
+36833
+36847
+36857
+36871
+36877
+36887
+36899
+36901
+36913
+36919
+36923
+36929
+36931
+36943
+36947
+36973
+36979
+36997
+37003
+37013
+37019
+37021
+37039
+37049
+37057
+37061
+37087
+37097
+37117
+37123
+37139
+37159
+37171
+37181
+37189
+37199
+37201
+37217
+37223
+37243
+37253
+37273
+37277
+37307
+37309
+37313
+37321
+37337
+37339
+37357
+37361
+37363
+37369
+37379
+37397
+37409
+37423
+37441
+37447
+37463
+37483
+37489
+37493
+37501
+37507
+37511
+37517
+37529
+37537
+37547
+37549
+37561
+37567
+37571
+37573
+37579
+37589
+37591
+37607
+37619
+37633
+37643
+37649
+37657
+37663
+37691
+37693
+37699
+37717
+37747
+37781
+37783
+37799
+37811
+37813
+37831
+37847
+37853
+37861
+37871
+37879
+37889
+37897
+37907
+37951
+37957
+37963
+37967
+37987
+37991
+37993
+37997
+38011
+38039
+38047
+38053
+38069
+38083
+38113
+38119
+38149
+38153
+38167
+38177
+38183
+38189
+38197
+38201
+38219
+38231
+38237
+38239
+38261
+38273
+38281
+38287
+38299
+38303
+38317
+38321
+38327
+38329
+38333
+38351
+38371
+38377
+38393
+38431
+38447
+38449
+38453
+38459
+38461
+38501
+38543
+38557
+38561
+38567
+38569
+38593
+38603
+38609
+38611
+38629
+38639
+38651
+38653
+38669
+38671
+38677
+38693
+38699
+38707
+38711
+38713
+38723
+38729
+38737
+38747
+38749
+38767
+38783
+38791
+38803
+38821
+38833
+38839
+38851
+38861
+38867
+38873
+38891
+38903
+38917
+38921
+38923
+38933
+38953
+38959
+38971
+38977
+38993
+39019
+39023
+39041
+39043
+39047
+39079
+39089
+39097
+39103
+39107
+39113
+39119
+39133
+39139
+39157
+39161
+39163
+39181
+39191
+39199
+39209
+39217
+39227
+39229
+39233
+39239
+39241
+39251
+39293
+39301
+39313
+39317
+39323
+39341
+39343
+39359
+39367
+39371
+39373
+39383
+39397
+39409
+39419
+39439
+39443
+39451
+39461
+39499
+39503
+39509
+39511
+39521
+39541
+39551
+39563
+39569
+39581
+39607
+39619
+39623
+39631
+39659
+39667
+39671
+39679
+39703
+39709
+39719
+39727
+39733
+39749
+39761
+39769
+39779
+39791
+39799
+39821
+39827
+39829
+39839
+39841
+39847
+39857
+39863
+39869
+39877
+39883
+39887
+39901
+39929
+39937
+39953
+39971
+39979
+39983
+39989
+40009
+40013
+40031
+40037
+40039
+40063
+40087
+40093
+40099
+40111
+40123
+40127
+40129
+40151
+40153
+40163
+40169
+40177
+40189
+40193
+40213
+40231
+40237
+40241
+40253
+40277
+40283
+40289
+40343
+40351
+40357
+40361
+40387
+40423
+40427
+40429
+40433
+40459
+40471
+40483
+40487
+40493
+40499
+40507
+40519
+40529
+40531
+40543
+40559
+40577
+40583
+40591
+40597
+40609
+40627
+40637
+40639
+40693
+40697
+40699
+40709
+40739
+40751
+40759
+40763
+40771
+40787
+40801
+40813
+40819
+40823
+40829
+40841
+40847
+40849
+40853
+40867
+40879
+40883
+40897
+40903
+40927
+40933
+40939
+40949
+40961
+40973
+40993
+41011
+41017
+41023
+41039
+41047
+41051
+41057
+41077
+41081
+41113
+41117
+41131
+41141
+41143
+41149
+41161
+41177
+41179
+41183
+41189
+41201
+41203
+41213
+41221
+41227
+41231
+41233
+41243
+41257
+41263
+41269
+41281
+41299
+41333
+41341
+41351
+41357
+41381
+41387
+41389
+41399
+41411
+41413
+41443
+41453
+41467
+41479
+41491
+41507
+41513
+41519
+41521
+41539
+41543
+41549
+41579
+41593
+41597
+41603
+41609
+41611
+41617
+41621
+41627
+41641
+41647
+41651
+41659
+41669
+41681
+41687
+41719
+41729
+41737
+41759
+41761
+41771
+41777
+41801
+41809
+41813
+41843
+41849
+41851
+41863
+41879
+41887
+41893
+41897
+41903
+41911
+41927
+41941
+41947
+41953
+41957
+41959
+41969
+41981
+41983
+41999
+42013
+42017
+42019
+42023
+42043
+42061
+42071
+42073
+42083
+42089
+42101
+42131
+42139
+42157
+42169
+42179
+42181
+42187
+42193
+42197
+42209
+42221
+42223
+42227
+42239
+42257
+42281
+42283
+42293
+42299
+42307
+42323
+42331
+42337
+42349
+42359
+42373
+42379
+42391
+42397
+42403
+42407
+42409
+42433
+42437
+42443
+42451
+42457
+42461
+42463
+42467
+42473
+42487
+42491
+42499
+42509
+42533
+42557
+42569
+42571
+42577
+42589
+42611
+42641
+42643
+42649
+42667
+42677
+42683
+42689
+42697
+42701
+42703
+42709
+42719
+42727
+42737
+42743
+42751
+42767
+42773
+42787
+42793
+42797
+42821
+42829
+42839
+42841
+42853
+42859
+42863
+42899
+42901
+42923
+42929
+42937
+42943
+42953
+42961
+42967
+42979
+42989
+43003
+43013
+43019
+43037
+43049
+43051
+43063
+43067
+43093
+43103
+43117
+43133
+43151
+43159
+43177
+43189
+43201
+43207
+43223
+43237
+43261
+43271
+43283
+43291
+43313
+43319
+43321
+43331
+43391
+43397
+43399
+43403
+43411
+43427
+43441
+43451
+43457
+43481
+43487
+43499
+43517
+43541
+43543
+43573
+43577
+43579
+43591
+43597
+43607
+43609
+43613
+43627
+43633
+43649
+43651
+43661
+43669
+43691
+43711
+43717
+43721
+43753
+43759
+43777
+43781
+43783
+43787
+43789
+43793
+43801
+43853
+43867
+43889
+43891
+43913
+43933
+43943
+43951
+43961
+43963
+43969
+43973
+43987
+43991
+43997
+44017
+44021
+44027
+44029
+44041
+44053
+44059
+44071
+44087
+44089
+44101
+44111
+44119
+44123
+44129
+44131
+44159
+44171
+44179
+44189
+44201
+44203
+44207
+44221
+44249
+44257
+44263
+44267
+44269
+44273
+44279
+44281
+44293
+44351
+44357
+44371
+44381
+44383
+44389
+44417
+44449
+44453
+44483
+44491
+44497
+44501
+44507
+44519
+44531
+44533
+44537
+44543
+44549
+44563
+44579
+44587
+44617
+44621
+44623
+44633
+44641
+44647
+44651
+44657
+44683
+44687
+44699
+44701
+44711
+44729
+44741
+44753
+44771
+44773
+44777
+44789
+44797
+44809
+44819
+44839
+44843
+44851
+44867
+44879
+44887
+44893
+44909
+44917
+44927
+44939
+44953
+44959
+44963
+44971
+44983
+44987
+45007
+45013
+45053
+45061
+45077
+45083
+45119
+45121
+45127
+45131
+45137
+45139
+45161
+45179
+45181
+45191
+45197
+45233
+45247
+45259
+45263
+45281
+45289
+45293
+45307
+45317
+45319
+45329
+45337
+45341
+45343
+45361
+45377
+45389
+45403
+45413
+45427
+45433
+45439
+45481
+45491
+45497
+45503
+45523
+45533
+45541
+45553
+45557
+45569
+45587
+45589
+45599
+45613
+45631
+45641
+45659
+45667
+45673
+45677
+45691
+45697
+45707
+45737
+45751
+45757
+45763
+45767
+45779
+45817
+45821
+45823
+45827
+45833
+45841
+45853
+45863
+45869
+45887
+45893
+45943
+45949
+45953
+45959
+45971
+45979
+45989
+46021
+46027
+46049
+46051
+46061
+46073
+46091
+46093
+46099
+46103
+46133
+46141
+46147
+46153
+46171
+46181
+46183
+46187
+46199
+46219
+46229
+46237
+46261
+46271
+46273
+46279
+46301
+46307
+46309
+46327
+46337
+46349
+46351
+46381
+46399
+46411
+46439
+46441
+46447
+46451
+46457
+46471
+46477
+46489
+46499
+46507
+46511
+46523
+46549
+46559
+46567
+46573
+46589
+46591
+46601
+46619
+46633
+46639
+46643
+46649
+46663
+46679
+46681
+46687
+46691
+46703
+46723
+46727
+46747
+46751
+46757
+46769
+46771
+46807
+46811
+46817
+46819
+46829
+46831
+46853
+46861
+46867
+46877
+46889
+46901
+46919
+46933
+46957
+46993
+46997
+47017
+47041
+47051
+47057
+47059
+47087
+47093
+47111
+47119
+47123
+47129
+47137
+47143
+47147
+47149
+47161
+47189
+47207
+47221
+47237
+47251
+47269
+47279
+47287
+47293
+47297
+47303
+47309
+47317
+47339
+47351
+47353
+47363
+47381
+47387
+47389
+47407
+47417
+47419
+47431
+47441
+47459
+47491
+47497
+47501
+47507
+47513
+47521
+47527
+47533
+47543
+47563
+47569
+47581
+47591
+47599
+47609
+47623
+47629
+47639
+47653
+47657
+47659
+47681
+47699
+47701
+47711
+47713
+47717
+47737
+47741
+47743
+47777
+47779
+47791
+47797
+47807
+47809
+47819
+47837
+47843
+47857
+47869
+47881
+47903
+47911
+47917
+47933
+47939
+47947
+47951
+47963
+47969
+47977
+47981
+48017
+48023
+48029
+48049
+48073
+48079
+48091
+48109
+48119
+48121
+48131
+48157
+48163
+48179
+48187
+48193
+48197
+48221
+48239
+48247
+48259
+48271
+48281
+48299
+48311
+48313
+48337
+48341
+48353
+48371
+48383
+48397
+48407
+48409
+48413
+48437
+48449
+48463
+48473
+48479
+48481
+48487
+48491
+48497
+48523
+48527
+48533
+48539
+48541
+48563
+48571
+48589
+48593
+48611
+48619
+48623
+48647
+48649
+48661
+48673
+48677
+48679
+48731
+48733
+48751
+48757
+48761
+48767
+48779
+48781
+48787
+48799
+48809
+48817
+48821
+48823
+48847
+48857
+48859
+48869
+48871
+48883
+48889
+48907
+48947
+48953
+48973
+48989
+48991
+49003
+49009
+49019
+49031
+49033
+49037
+49043
+49057
+49069
+49081
+49103
+49109
+49117
+49121
+49123
+49139
+49157
+49169
+49171
+49177
+49193
+49199
+49201
+49207
+49211
+49223
+49253
+49261
+49277
+49279
+49297
+49307
+49331
+49333
+49339
+49363
+49367
+49369
+49391
+49393
+49409
+49411
+49417
+49429
+49433
+49451
+49459
+49463
+49477
+49481
+49499
+49523
+49529
+49531
+49537
+49547
+49549
+49559
+49597
+49603
+49613
+49627
+49633
+49639
+49663
+49667
+49669
+49681
+49697
+49711
+49727
+49739
+49741
+49747
+49757
+49783
+49787
+49789
+49801
+49807
+49811
+49823
+49831
+49843
+49853
+49871
+49877
+49891
+49919
+49921
+49927
+49937
+49939
+49943
+49957
+49991
+49993
+49999
+50021
+50023
+50033
+50047
+50051
+50053
+50069
+50077
+50087
+50093
+50101
+50111
+50119
+50123
+50129
+50131
+50147
+50153
+50159
+50177
+50207
+50221
+50227
+50231
+50261
+50263
+50273
+50287
+50291
+50311
+50321
+50329
+50333
+50341
+50359
+50363
+50377
+50383
+50387
+50411
+50417
+50423
+50441
+50459
+50461
+50497
+50503
+50513
+50527
+50539
+50543
+50549
+50551
+50581
+50587
+50591
+50593
+50599
+50627
+50647
+50651
+50671
+50683
+50707
+50723
+50741
+50753
+50767
+50773
+50777
+50789
+50821
+50833
+50839
+50849
+50857
+50867
+50873
+50891
+50893
+50909
+50923
+50929
+50951
+50957
+50969
+50971
+50989
+50993
+51001
+51031
+51043
+51047
+51059
+51061
+51071
+51109
+51131
+51133
+51137
+51151
+51157
+51169
+51193
+51197
+51199
+51203
+51217
+51229
+51239
+51241
+51257
+51263
+51283
+51287
+51307
+51329
+51341
+51343
+51347
+51349
+51361
+51383
+51407
+51413
+51419
+51421
+51427
+51431
+51437
+51439
+51449
+51461
+51473
+51479
+51481
+51487
+51503
+51511
+51517
+51521
+51539
+51551
+51563
+51577
+51581
+51593
+51599
+51607
+51613
+51631
+51637
+51647
+51659
+51673
+51679
+51683
+51691
+51713
+51719
+51721
+51749
+51767
+51769
+51787
+51797
+51803
+51817
+51827
+51829
+51839
+51853
+51859
+51869
+51871
+51893
+51899
+51907
+51913
+51929
+51941
+51949
+51971
+51973
+51977
+51991
+52009
+52021
+52027
+52051
+52057
+52067
+52069
+52081
+52103
+52121
+52127
+52147
+52153
+52163
+52177
+52181
+52183
+52189
+52201
+52223
+52237
+52249
+52253
+52259
+52267
+52289
+52291
+52301
+52313
+52321
+52361
+52363
+52369
+52379
+52387
+52391
+52433
+52453
+52457
+52489
+52501
+52511
+52517
+52529
+52541
+52543
+52553
+52561
+52567
+52571
+52579
+52583
+52609
+52627
+52631
+52639
+52667
+52673
+52691
+52697
+52709
+52711
+52721
+52727
+52733
+52747
+52757
+52769
+52783
+52807
+52813
+52817
+52837
+52859
+52861
+52879
+52883
+52889
+52901
+52903
+52919
+52937
+52951
+52957
+52963
+52967
+52973
+52981
+52999
+53003
+53017
+53047
+53051
+53069
+53077
+53087
+53089
+53093
+53101
+53113
+53117
+53129
+53147
+53149
+53161
+53171
+53173
+53189
+53197
+53201
+53231
+53233
+53239
+53267
+53269
+53279
+53281
+53299
+53309
+53323
+53327
+53353
+53359
+53377
+53381
+53401
+53407
+53411
+53419
+53437
+53441
+53453
+53479
+53503
+53507
+53527
+53549
+53551
+53569
+53591
+53593
+53597
+53609
+53611
+53617
+53623
+53629
+53633
+53639
+53653
+53657
+53681
+53693
+53699
+53717
+53719
+53731
+53759
+53773
+53777
+53783
+53791
+53813
+53819
+53831
+53849
+53857
+53861
+53881
+53887
+53891
+53897
+53899
+53917
+53923
+53927
+53939
+53951
+53959
+53987
+53993
+54001
+54011
+54013
+54037
+54049
+54059
+54083
+54091
+54101
+54121
+54133
+54139
+54151
+54163
+54167
+54181
+54193
+54217
+54251
+54269
+54277
+54287
+54293
+54311
+54319
+54323
+54331
+54347
+54361
+54367
+54371
+54377
+54401
+54403
+54409
+54413
+54419
+54421
+54437
+54443
+54449
+54469
+54493
+54497
+54499
+54503
+54517
+54521
+54539
+54541
+54547
+54559
+54563
+54577
+54581
+54583
+54601
+54617
+54623
+54629
+54631
+54647
+54667
+54673
+54679
+54709
+54713
+54721
+54727
+54751
+54767
+54773
+54779
+54787
+54799
+54829
+54833
+54851
+54869
+54877
+54881
+54907
+54917
+54919
+54941
+54949
+54959
+54973
+54979
+54983
+55001
+55009
+55021
+55049
+55051
+55057
+55061
+55073
+55079
+55103
+55109
+55117
+55127
+55147
+55163
+55171
+55201
+55207
+55213
+55217
+55219
+55229
+55243
+55249
+55259
+55291
+55313
+55331
+55333
+55337
+55339
+55343
+55351
+55373
+55381
+55399
+55411
+55439
+55441
+55457
+55469
+55487
+55501
+55511
+55529
+55541
+55547
+55579
+55589
+55603
+55609
+55619
+55621
+55631
+55633
+55639
+55661
+55663
+55667
+55673
+55681
+55691
+55697
+55711
+55717
+55721
+55733
+55763
+55787
+55793
+55799
+55807
+55813
+55817
+55819
+55823
+55829
+55837
+55843
+55849
+55871
+55889
+55897
+55901
+55903
+55921
+55927
+55931
+55933
+55949
+55967
+55987
+55997
+56003
+56009
+56039
+56041
+56053
+56081
+56087
+56093
+56099
+56101
+56113
+56123
+56131
+56149
+56167
+56171
+56179
+56197
+56207
+56209
+56237
+56239
+56249
+56263
+56267
+56269
+56299
+56311
+56333
+56359
+56369
+56377
+56383
+56393
+56401
+56417
+56431
+56437
+56443
+56453
+56467
+56473
+56477
+56479
+56489
+56501
+56503
+56509
+56519
+56527
+56531
+56533
+56543
+56569
+56591
+56597
+56599
+56611
+56629
+56633
+56659
+56663
+56671
+56681
+56687
+56701
+56711
+56713
+56731
+56737
+56747
+56767
+56773
+56779
+56783
+56807
+56809
+56813
+56821
+56827
+56843
+56857
+56873
+56891
+56893
+56897
+56909
+56911
+56921
+56923
+56929
+56941
+56951
+56957
+56963
+56983
+56989
+56993
+56999
+57037
+57041
+57047
+57059
+57073
+57077
+57089
+57097
+57107
+57119
+57131
+57139
+57143
+57149
+57163
+57173
+57179
+57191
+57193
+57203
+57221
+57223
+57241
+57251
+57259
+57269
+57271
+57283
+57287
+57301
+57329
+57331
+57347
+57349
+57367
+57373
+57383
+57389
+57397
+57413
+57427
+57457
+57467
+57487
+57493
+57503
+57527
+57529
+57557
+57559
+57571
+57587
+57593
+57601
+57637
+57641
+57649
+57653
+57667
+57679
+57689
+57697
+57709
+57713
+57719
+57727
+57731
+57737
+57751
+57773
+57781
+57787
+57791
+57793
+57803
+57809
+57829
+57839
+57847
+57853
+57859
+57881
+57899
+57901
+57917
+57923
+57943
+57947
+57973
+57977
+57991
+58013
+58027
+58031
+58043
+58049
+58057
+58061
+58067
+58073
+58099
+58109
+58111
+58129
+58147
+58151
+58153
+58169
+58171
+58189
+58193
+58199
+58207
+58211
+58217
+58229
+58231
+58237
+58243
+58271
+58309
+58313
+58321
+58337
+58363
+58367
+58369
+58379
+58391
+58393
+58403
+58411
+58417
+58427
+58439
+58441
+58451
+58453
+58477
+58481
+58511
+58537
+58543
+58549
+58567
+58573
+58579
+58601
+58603
+58613
+58631
+58657
+58661
+58679
+58687
+58693
+58699
+58711
+58727
+58733
+58741
+58757
+58763
+58771
+58787
+58789
+58831
+58889
+58897
+58901
+58907
+58909
+58913
+58921
+58937
+58943
+58963
+58967
+58979
+58991
+58997
+59009
+59011
+59021
+59023
+59029
+59051
+59053
+59063
+59069
+59077
+59083
+59093
+59107
+59113
+59119
+59123
+59141
+59149
+59159
+59167
+59183
+59197
+59207
+59209
+59219
+59221
+59233
+59239
+59243
+59263
+59273
+59281
+59333
+59341
+59351
+59357
+59359
+59369
+59377
+59387
+59393
+59399
+59407
+59417
+59419
+59441
+59443
+59447
+59453
+59467
+59471
+59473
+59497
+59509
+59513
+59539
+59557
+59561
+59567
+59581
+59611
+59617
+59621
+59627
+59629
+59651
+59659
+59663
+59669
+59671
+59693
+59699
+59707
+59723
+59729
+59743
+59747
+59753
+59771
+59779
+59791
+59797
+59809
+59833
+59863
+59879
+59887
+59921
+59929
+59951
+59957
+59971
+59981
+59999
+60013
+60017
+60029
+60037
+60041
+60077
+60083
+60089
+60091
+60101
+60103
+60107
+60127
+60133
+60139
+60149
+60161
+60167
+60169
+60209
+60217
+60223
+60251
+60257
+60259
+60271
+60289
+60293
+60317
+60331
+60337
+60343
+60353
+60373
+60383
+60397
+60413
+60427
+60443
+60449
+60457
+60493
+60497
+60509
+60521
+60527
+60539
+60589
+60601
+60607
+60611
+60617
+60623
+60631
+60637
+60647
+60649
+60659
+60661
+60679
+60689
+60703
+60719
+60727
+60733
+60737
+60757
+60761
+60763
+60773
+60779
+60793
+60811
+60821
+60859
+60869
+60887
+60889
+60899
+60901
+60913
+60917
+60919
+60923
+60937
+60943
+60953
+60961
+61001
+61007
+61027
+61031
+61043
+61051
+61057
+61091
+61099
+61121
+61129
+61141
+61151
+61153
+61169
+61211
+61223
+61231
+61253
+61261
+61283
+61291
+61297
+61331
+61333
+61339
+61343
+61357
+61363
+61379
+61381
+61403
+61409
+61417
+61441
+61463
+61469
+61471
+61483
+61487
+61493
+61507
+61511
+61519
+61543
+61547
+61553
+61559
+61561
+61583
+61603
+61609
+61613
+61627
+61631
+61637
+61643
+61651
+61657
+61667
+61673
+61681
+61687
+61703
+61717
+61723
+61729
+61751
+61757
+61781
+61813
+61819
+61837
+61843
+61861
+61871
+61879
+61909
+61927
+61933
+61949
+61961
+61967
+61979
+61981
+61987
+61991
+62003
+62011
+62017
+62039
+62047
+62053
+62057
+62071
+62081
+62099
+62119
+62129
+62131
+62137
+62141
+62143
+62171
+62189
+62191
+62201
+62207
+62213
+62219
+62233
+62273
+62297
+62299
+62303
+62311
+62323
+62327
+62347
+62351
+62383
+62401
+62417
+62423
+62459
+62467
+62473
+62477
+62483
+62497
+62501
+62507
+62533
+62539
+62549
+62563
+62581
+62591
+62597
+62603
+62617
+62627
+62633
+62639
+62653
+62659
+62683
+62687
+62701
+62723
+62731
+62743
+62753
+62761
+62773
+62791
+62801
+62819
+62827
+62851
+62861
+62869
+62873
+62897
+62903
+62921
+62927
+62929
+62939
+62969
+62971
+62981
+62983
+62987
+62989
+63029
+63031
+63059
+63067
+63073
+63079
+63097
+63103
+63113
+63127
+63131
+63149
+63179
+63197
+63199
+63211
+63241
+63247
+63277
+63281
+63299
+63311
+63313
+63317
+63331
+63337
+63347
+63353
+63361
+63367
+63377
+63389
+63391
+63397
+63409
+63419
+63421
+63439
+63443
+63463
+63467
+63473
+63487
+63493
+63499
+63521
+63527
+63533
+63541
+63559
+63577
+63587
+63589
+63599
+63601
+63607
+63611
+63617
+63629
+63647
+63649
+63659
+63667
+63671
+63689
+63691
+63697
+63703
+63709
+63719
+63727
+63737
+63743
+63761
+63773
+63781
+63793
+63799
+63803
+63809
+63823
+63839
+63841
+63853
+63857
+63863
+63901
+63907
+63913
+63929
+63949
+63977
+63997
+64007
+64013
+64019
+64033
+64037
+64063
+64067
+64081
+64091
+64109
+64123
+64151
+64153
+64157
+64171
+64187
+64189
+64217
+64223
+64231
+64237
+64271
+64279
+64283
+64301
+64303
+64319
+64327
+64333
+64373
+64381
+64399
+64403
+64433
+64439
+64451
+64453
+64483
+64489
+64499
+64513
+64553
+64567
+64577
+64579
+64591
+64601
+64609
+64613
+64621
+64627
+64633
+64661
+64663
+64667
+64679
+64693
+64709
+64717
+64747
+64763
+64781
+64783
+64793
+64811
+64817
+64849
+64853
+64871
+64877
+64879
+64891
+64901
+64919
+64921
+64927
+64937
+64951
+64969
+64997
+65003
+65011
+65027
+65029
+65033
+65053
+65063
+65071
+65089
+65099
+65101
+65111
+65119
+65123
+65129
+65141
+65147
+65167
+65171
+65173
+65179
+65183
+65203
+65213
+65239
+65257
+65267
+65269
+65287
+65293
+65309
+65323
+65327
+65353
+65357
+65371
+65381
+65393
+65407
+65413
+65419
+65423
+65437
+65447
+65449
+65479
+65497
+65519
+65521
diff --git a/security/nss/lib/freebl/mpi/doc/prng.pod b/security/nss/lib/freebl/mpi/doc/prng.pod
new file mode 100644
index 000000000..6da4d4a9c
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/prng.pod
@@ -0,0 +1,38 @@
+=head1 NAME
+
+ prng - pseudo-random number generator
+
+=head1 SYNOPSIS
+
+ prng [count]
+
+=head1 DESCRIPTION
+
+B<Prng> generates 32-bit pseudo-random integers using the
+Blum-Blum-Shub (BBS) quadratic residue generator. It is seeded using
+the standard C library's rand() function, which itself seeded from the
+system clock and the process ID number. Thus, the values generated
+are not particularly useful for cryptographic applications, but they
+are in general much better than the typical output of the usual
+multiplicative congruency generator used by most runtime libraries.
+
+You may optionally specify how many random values should be generated
+by giving a I<count> argument on the command line. If you do not
+specify a count, only one random value will be generated. The results
+are output to the standard output in decimal notation, one value per
+line.
+
+=head1 RESTRICTIONS
+
+As stated above, B<prng> uses the C library's rand() function to seed
+the generator, so it is not terribly suitable for cryptographic
+applications. Also note that each time you run the program, a new
+seed is generated, so it is better to run it once with a I<count>
+parameter than it is to run it multiple times to generate several
+values.
+
+=head1 AUTHOR
+
+ Michael J. Fromberger <sting@linguist.dartmouth.edu>
+ Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved
+ Thayer School of Engineering, Dartmouth College, Hanover, NH USA
diff --git a/security/nss/lib/freebl/mpi/doc/redux.txt b/security/nss/lib/freebl/mpi/doc/redux.txt
new file mode 100644
index 000000000..0df0f0390
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/redux.txt
@@ -0,0 +1,86 @@
+Modular Reduction
+
+Usually, modular reduction is accomplished by long division, using the
+mp_div() or mp_mod() functions. However, when performing modular
+exponentiation, you spend a lot of time reducing by the same modulus
+again and again. For this purpose, doing a full division for each
+multiplication is quite inefficient.
+
+For this reason, the mp_exptmod() function does not perform modular
+reductions in the usual way, but instead takes advantage of an
+algorithm due to Barrett, as described by Menezes, Oorschot and
+VanStone in their book _Handbook of Applied Cryptography_, published
+by the CRC Press (see Chapter 14 for details). This method reduces
+most of the computation of reduction to efficient shifting and masking
+operations, and avoids the multiple-precision division entirely.
+
+Here is a brief synopsis of Barrett reduction, as it is implemented in
+this library.
+
+Let b denote the radix of the computation (one more than the maximum
+value that can be denoted by an mp_digit). Let m be the modulus, and
+let k be the number of significant digits of m. Let x be the value to
+be reduced modulo m. By the Division Theorem, there exist unique
+integers Q and R such that:
+
+ x = Qm + R, 0 <= R < m
+
+Barrett reduction takes advantage of the fact that you can easily
+approximate Q to within two, given a value M such that:
+
+ 2k
+ b
+ M = floor( ----- )
+ m
+
+Computation of M requires a full-precision division step, so if you
+are only doing a single reduction by m, you gain no advantage.
+However, when multiple reductions by the same m are required, this
+division need only be done once, beforehand. Using this, we can use
+the following equation to compute Q', an approximation of Q:
+
+ x
+ floor( ------ ) M
+ k-1
+ b
+Q' = floor( ----------------- )
+ k+1
+ b
+
+The divisions by b^(k-1) and b^(k+1) and the floor() functions can be
+efficiently implemented with shifts and masks, leaving only a single
+multiplication to be performed to get this approximation. It can be
+shown that Q - 2 <= Q' <= Q, so in the worst case, we can get out with
+two additional subtractions to bring the value into line with the
+actual value of Q.
+
+Once we've got Q', we basically multiply that by m and subtract from
+x, yielding:
+
+ x - Q'm = Qm + R - Q'm
+
+Since we know the constraint on Q', this is one of:
+
+ R
+ m + R
+ 2m + R
+
+Since R < m by the Division Theorem, we can simply subtract off m
+until we get a value in the correct range, which will happen with no
+more than 2 subtractions:
+
+ v = x - Q'm
+
+ while(v >= m)
+ v = v - m
+ endwhile
+
+
+In random performance trials, modular exponentiation using this method
+of reduction gave around a 40% speedup over using the division for
+reduction.
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/sqrt.txt b/security/nss/lib/freebl/mpi/doc/sqrt.txt
new file mode 100644
index 000000000..4529cbfc4
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/sqrt.txt
@@ -0,0 +1,50 @@
+Square Root
+
+A simple iterative algorithm is used to compute the greatest integer
+less than or equal to the square root. Essentially, this is Newton's
+linear approximation, computed by finding successive values of the
+equation:
+
+ x[k]^2 - V
+x[k+1] = x[k] - ------------
+ 2 x[k]
+
+...where V is the value for which the square root is being sought. In
+essence, what is happening here is that we guess a value for the
+square root, then figure out how far off we were by squaring our guess
+and subtracting the target. Using this value, we compute a linear
+approximation for the error, and adjust the "guess". We keep doing
+this until the precision gets low enough that the above equation
+yields a quotient of zero. At this point, our last guess is one
+greater than the square root we're seeking.
+
+The initial guess is computed by dividing V by 4, which is a heuristic
+I have found to be fairly good on average. This also has the
+advantage of being very easy to compute efficiently, even for large
+values.
+
+So, the resulting algorithm works as follows:
+
+ x = V / 4 /* compute initial guess */
+
+ loop
+ t = (x * x) - V /* Compute absolute error */
+ u = 2 * x /* Adjust by tangent slope */
+ t = t / u
+
+ /* Loop is done if error is zero */
+ if(t == 0)
+ break
+
+ /* Adjust guess by error term */
+ x = x - t
+ end
+
+ x = x - 1
+
+The result of the computation is the value of x.
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/square.txt b/security/nss/lib/freebl/mpi/doc/square.txt
new file mode 100644
index 000000000..edbb97882
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/square.txt
@@ -0,0 +1,72 @@
+Squaring Algorithm
+
+When you are squaring a value, you can take advantage of the fact that
+half the multiplications performed by the more general multiplication
+algorithm (see 'mul.txt' for a description) are redundant when the
+multiplicand equals the multiplier.
+
+In particular, the modified algorithm is:
+
+k = 0
+for j <- 0 to (#a - 1)
+ w = c[2*j] + (a[j] ^ 2);
+ k = w div R
+
+ for i <- j+1 to (#a - 1)
+ w = (2 * a[j] * a[i]) + k + c[i+j]
+ c[i+j] = w mod R
+ k = w div R
+ endfor
+ c[i+j] = k;
+ k = 0;
+endfor
+
+On the surface, this looks identical to the multiplication algorithm;
+however, note the following differences:
+
+ - precomputation of the leading term in the outer loop
+
+ - i runs from j+1 instead of from zero
+
+ - doubling of a[i] * a[j] in the inner product
+
+Unfortunately, the construction of the inner product is such that we
+need more than two digits to represent the inner product, in some
+cases. In a C implementation, this means that some gymnastics must be
+performed in order to handle overflow, for which C has no direct
+abstraction. We do this by observing the following:
+
+If we have multiplied a[i] and a[j], and the product is more than half
+the maximum value expressible in two digits, then doubling this result
+will overflow into a third digit. If this occurs, we take note of the
+overflow, and double it anyway -- C integer arithmetic ignores
+overflow, so the two digits we get back should still be valid, modulo
+the overflow.
+
+Having doubled this value, we now have to add in the remainders and
+the digits already computed by earlier steps. If we did not overflow
+in the previous step, we might still cause an overflow here. That
+will happen whenever the maximum value expressible in two digits, less
+the amount we have to add, is greater than the result of the previous
+step. Thus, the overflow computation is:
+
+
+ u = 0
+ w = a[i] * a[j]
+
+ if(w > (R - 1)/ 2)
+ u = 1;
+
+ w = w * 2
+ v = c[i + j] + k
+
+ if(u == 0 && (R - 1 - v) < w)
+ u = 1
+
+If there is an overflow, u will be 1, otherwise u will be 0. The rest
+of the parameters are the same as they are in the above description.
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/doc/timing.txt b/security/nss/lib/freebl/mpi/doc/timing.txt
new file mode 100644
index 000000000..58f37c9df
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/doc/timing.txt
@@ -0,0 +1,213 @@
+MPI Library Timing Tests
+
+Hardware/OS
+(A) SGI O2 1 x MIPS R10000 250MHz IRIX 6.5.3
+(B) IBM RS/6000 43P-240 1 x PowerPC 603e 223MHz AIX 4.3
+(C) Dell GX1/L+ 1 x Pentium III 550MHz Linux 2.2.12-20
+(D) PowerBook G3 1 x PowerPC 750 266MHz LinuxPPC 2.2.6-15apmac
+(E) PowerBook G3 1 x PowerPC 750 266MHz MacOS 8.5.1
+(F) PowerBook G3 1 x PowerPC 750 400MHz MacOS 9.0.2
+
+Compiler
+(1) MIPSpro C 7.2.1 -O3 optimizations
+(2) GCC 2.95.1 -O3 optimizations
+(3) IBM AIX xlc -O3 optimizations (version unknown)
+(4) EGCS 2.91.66 -O3 optimizations
+(5) Metrowerks CodeWarrior 5.0 C, all optimizations
+(6) MIPSpro C 7.30 -O3 optimizations
+(7) same as (6), with optimized libmalloc.so
+
+Timings are given in seconds, computed using the C library's clock()
+function. The first column gives the hardware and compiler
+configuration used for the test. The second column indicates the
+number of tests that were aggregated to get the statistics for that
+size. These were compiled using 16 bit digits.
+
+Source data were generated randomly using a fixed seed, so they should
+be internally consistent, but may vary on different systems depending
+on the C library. Also, since the resolution of the timer accessed by
+clock() varies, there may be some variance in the precision of these
+measurements.
+
+Prime Generation (primegen)
+
+128 bits:
+A1 200 min=0.03, avg=0.19, max=0.72, sum=38.46
+A2 200 min=0.02, avg=0.16, max=0.62, sum=32.55
+B3 200 min=0.01, avg=0.07, max=0.22, sum=13.29
+C4 200 min=0.00, avg=0.03, max=0.20, sum=6.14
+D4 200 min=0.00, avg=0.05, max=0.33, sum=9.70
+A6 200 min=0.01, avg=0.09, max=0.36, sum=17.48
+A7 200 min=0.00, avg=0.05, max=0.24, sum=10.07
+
+192 bits:
+A1 200 min=0.05, avg=0.45, max=3.13, sum=89.96
+A2 200 min=0.04, avg=0.39, max=2.61, sum=77.55
+B3 200 min=0.02, avg=0.18, max=1.25, sum=36.97
+C4 200 min=0.01, avg=0.09, max=0.33, sum=18.24
+D4 200 min=0.02, avg=0.15, max=0.54, sum=29.63
+A6 200 min=0.02, avg=0.24, max=1.70, sum=47.84
+A7 200 min=0.01, avg=0.15, max=1.05, sum=30.88
+
+256 bits:
+A1 200 min=0.08, avg=0.92, max=6.13, sum=184.79
+A2 200 min=0.06, avg=0.76, max=5.03, sum=151.11
+B3 200 min=0.04, avg=0.41, max=2.68, sum=82.35
+C4 200 min=0.02, avg=0.19, max=0.69, sum=37.91
+D4 200 min=0.03, avg=0.31, max=1.15, sum=63.00
+A6 200 min=0.04, avg=0.48, max=3.13, sum=95.46
+A7 200 min=0.03, avg=0.37, max=2.36, sum=73.60
+
+320 bits:
+A1 200 min=0.11, avg=1.59, max=6.14, sum=318.81
+A2 200 min=0.09, avg=1.27, max=4.93, sum=254.03
+B3 200 min=0.07, avg=0.82, max=3.13, sum=163.80
+C4 200 min=0.04, avg=0.44, max=1.91, sum=87.59
+D4 200 min=0.06, avg=0.73, max=3.22, sum=146.73
+A6 200 min=0.07, avg=0.93, max=3.50, sum=185.01
+A7 200 min=0.05, avg=0.76, max=2.94, sum=151.78
+
+384 bits:
+A1 200 min=0.16, avg=2.69, max=11.41, sum=537.89
+A2 200 min=0.13, avg=2.15, max=9.03, sum=429.14
+B3 200 min=0.11, avg=1.54, max=6.49, sum=307.78
+C4 200 min=0.06, avg=0.81, max=4.84, sum=161.13
+D4 200 min=0.10, avg=1.38, max=8.31, sum=276.81
+A6 200 min=0.11, avg=1.73, max=7.36, sum=345.55
+A7 200 min=0.09, avg=1.46, max=6.12, sum=292.02
+
+448 bits:
+A1 200 min=0.23, avg=3.36, max=15.92, sum=672.63
+A2 200 min=0.17, avg=2.61, max=12.25, sum=522.86
+B3 200 min=0.16, avg=2.10, max=9.83, sum=420.86
+C4 200 min=0.09, avg=1.44, max=7.64, sum=288.36
+D4 200 min=0.16, avg=2.50, max=13.29, sum=500.17
+A6 200 min=0.15, avg=2.31, max=10.81, sum=461.58
+A7 200 min=0.14, avg=2.03, max=9.53, sum=405.16
+
+512 bits:
+A1 200 min=0.30, avg=6.12, max=22.18, sum=1223.35
+A2 200 min=0.25, avg=4.67, max=16.90, sum=933.18
+B3 200 min=0.23, avg=4.13, max=14.94, sum=825.45
+C4 200 min=0.13, avg=2.08, max=9.75, sum=415.22
+D4 200 min=0.24, avg=4.04, max=20.18, sum=808.11
+A6 200 min=0.22, avg=4.47, max=16.19, sum=893.83
+A7 200 min=0.20, avg=4.03, max=14.65, sum=806.02
+
+Modular Exponentation (metime)
+
+The following results are aggregated from 200 pseudo-randomly
+generated tests, based on a fixed seed.
+
+ base, exponent, and modulus size (bits)
+P/C 128 192 256 320 384 448 512 640 768 896 1024
+------- -----------------------------------------------------------------
+A1 0.015 0.027 0.047 0.069 0.098 0.133 0.176 0.294 0.458 0.680 1.040
+A2 0.013 0.024 0.037 0.053 0.077 0.102 0.133 0.214 0.326 0.476 0.668
+B3 0.005 0.011 0.021 0.036 0.056 0.084 0.121 0.222 0.370 0.573 0.840
+C4 0.002 0.006 0.011 0.020 0.032 0.048 0.069 0.129 0.223 0.344 0.507
+D4 0.004 0.010 0.019 0.034 0.056 0.085 0.123 0.232 0.390 0.609 0.899
+E5 0.007 0.015 0.031 0.055 0.088 0.133 0.183 0.342 0.574 0.893 1.317
+A6 0.008 0.016 0.038 0.042 0.064 0.093 0.133 0.239 0.393 0.604 0.880
+A7 0.005 0.011 0.020 0.036 0.056 0.083 0.121 0.223 0.374 0.583 0.855
+
+Multiplication and Squaring tests, (mulsqr)
+
+The following results are aggregated from 500000 pseudo-randomly
+generated tests, based on a per-run wall-clock seed. Times are given
+in seconds, except where indicated in microseconds (us).
+
+(A1)
+
+bits multiply square ad percent time/mult time/square
+64 9.33 9.15 > 1.9 18.7us 18.3us
+128 10.88 10.44 > 4.0 21.8us 20.9us
+192 13.30 11.89 > 10.6 26.7us 23.8us
+256 14.88 12.64 > 15.1 29.8us 25.3us
+320 18.64 15.01 > 19.5 37.3us 30.0us
+384 23.11 17.70 > 23.4 46.2us 35.4us
+448 28.28 20.88 > 26.2 56.6us 41.8us
+512 34.09 24.51 > 28.1 68.2us 49.0us
+640 47.86 33.25 > 30.5 95.7us 66.5us
+768 64.91 43.54 > 32.9 129.8us 87.1us
+896 84.49 55.48 > 34.3 169.0us 111.0us
+1024 107.25 69.21 > 35.5 214.5us 138.4us
+1536 227.97 141.91 > 37.8 456.0us 283.8us
+2048 394.05 242.15 > 38.5 788.1us 484.3us
+
+(A2)
+
+bits multiply square ad percent time/mult time/square
+64 7.87 7.95 < 1.0 15.7us 15.9us
+128 9.40 9.19 > 2.2 18.8us 18.4us
+192 11.15 10.59 > 5.0 22.3us 21.2us
+256 12.02 11.16 > 7.2 24.0us 22.3us
+320 14.62 13.43 > 8.1 29.2us 26.9us
+384 17.72 15.80 > 10.8 35.4us 31.6us
+448 21.24 18.51 > 12.9 42.5us 37.0us
+512 25.36 21.78 > 14.1 50.7us 43.6us
+640 34.57 29.00 > 16.1 69.1us 58.0us
+768 46.10 37.60 > 18.4 92.2us 75.2us
+896 58.94 47.72 > 19.0 117.9us 95.4us
+1024 73.76 59.12 > 19.8 147.5us 118.2us
+1536 152.00 118.80 > 21.8 304.0us 237.6us
+2048 259.41 199.57 > 23.1 518.8us 399.1us
+
+(B3)
+
+bits multiply square ad percent time/mult time/square
+64 2.60 2.47 > 5.0 5.20us 4.94us
+128 4.43 4.06 > 8.4 8.86us 8.12us
+192 7.03 6.10 > 13.2 14.1us 12.2us
+256 10.44 8.59 > 17.7 20.9us 17.2us
+320 14.44 11.64 > 19.4 28.9us 23.3us
+384 19.12 15.08 > 21.1 38.2us 30.2us
+448 24.55 19.09 > 22.2 49.1us 38.2us
+512 31.03 23.53 > 24.2 62.1us 47.1us
+640 45.05 33.80 > 25.0 90.1us 67.6us
+768 63.02 46.05 > 26.9 126.0us 92.1us
+896 83.74 60.29 > 28.0 167.5us 120.6us
+1024 106.73 76.65 > 28.2 213.5us 153.3us
+1536 228.94 160.98 > 29.7 457.9us 322.0us
+2048 398.08 275.93 > 30.7 796.2us 551.9us
+
+(C4)
+
+bits multiply square ad percent time/mult time/square
+64 1.34 1.28 > 4.5 2.68us 2.56us
+128 2.76 2.59 > 6.2 5.52us 5.18us
+192 4.52 4.16 > 8.0 9.04us 8.32us
+256 6.64 5.99 > 9.8 13.3us 12.0us
+320 9.20 8.13 > 11.6 18.4us 16.3us
+384 12.01 10.58 > 11.9 24.0us 21.2us
+448 15.24 13.33 > 12.5 30.5us 26.7us
+512 19.02 16.46 > 13.5 38.0us 32.9us
+640 27.56 23.54 > 14.6 55.1us 47.1us
+768 37.89 31.78 > 16.1 75.8us 63.6us
+896 49.24 41.42 > 15.9 98.5us 82.8us
+1024 62.59 52.18 > 16.6 125.2us 104.3us
+1536 131.66 107.72 > 18.2 263.3us 215.4us
+2048 226.45 182.95 > 19.2 453.0us 365.9us
+
+(A7)
+
+bits multiply square ad percent time/mult time/square
+64 1.74 1.71 > 1.7 3.48us 3.42us
+128 3.48 2.96 > 14.9 6.96us 5.92us
+192 5.74 4.60 > 19.9 11.5us 9.20us
+256 8.75 6.61 > 24.5 17.5us 13.2us
+320 12.5 8.99 > 28.1 25.0us 18.0us
+384 16.9 11.9 > 29.6 33.8us 23.8us
+448 22.2 15.2 > 31.7 44.4us 30.4us
+512 28.3 19.0 > 32.7 56.6us 38.0us
+640 42.4 28.0 > 34.0 84.8us 56.0us
+768 59.4 38.5 > 35.2 118.8us 77.0us
+896 79.5 51.2 > 35.6 159.0us 102.4us
+1024 102.6 65.5 > 36.2 205.2us 131.0us
+1536 224.3 140.6 > 37.3 448.6us 281.2us
+2048 393.4 244.3 > 37.9 786.8us 488.6us
+
+------------------------------------------------------------------
+ This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/hpma512.s b/security/nss/lib/freebl/mpi/hpma512.s
new file mode 100644
index 000000000..ae9da630d
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/hpma512.s
@@ -0,0 +1,615 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ *
+ * This PA-RISC 2.0 function computes the product of two unsigned integers,
+ * and adds the result to a previously computed integer. The multiplicand
+ * is a 512-bit (64-byte, eight doubleword) unsigned integer, stored in
+ * memory in little-double-wordian order. The multiplier is an unsigned
+ * 64-bit integer. The previously computed integer to which the product is
+ * added is located in the result ("res") area, and is assumed to be a
+ * 576-bit (72-byte, nine doubleword) unsigned integer, stored in memory
+ * in little-double-wordian order. This value normally will be the result
+ * of a previously computed nine doubleword result. It is not necessary
+ * to pad the multiplicand with an additional 64-bit zero doubleword.
+ *
+ * Multiplicand, multiplier, and addend ideally should be aligned at
+ * 16-byte boundaries for best performance. The code will function
+ * correctly for alignment at eight-byte boundaries which are not 16-byte
+ * boundaries, but the execution may be slightly slower due to even/odd
+ * bank conflicts on PA-RISC 8000 processors.
+ *
+ * This function is designed to accept the same calling sequence as Bill
+ * Ackerman's "maxpy_little" function. The carry from the ninth doubleword
+ * of the result is written to the tenth word of the result, as is done by
+ * Bill Ackerman's function. The final carry also is returned as an
+ * integer, which may be ignored. The function prototype may be either
+ * of the following:
+ *
+ * void multacc512( int l, chunk* m, const chunk* a, chunk* res );
+ * or
+ * int multacc512( int l, chunk* m, const chunk* a, chunk* res );
+ *
+ * where: "l" originally denoted vector lengths. This parameter is
+ * ignored. This function always assumes a multiplicand length of
+ * 512 bits (eight doublewords), and addend and result lengths of
+ * 576 bits (nine doublewords).
+ *
+ * "m" is a pointer to the doubleword multiplier, ideally aligned
+ * on a 16-byte boundary.
+ *
+ * "a" is a pointer to the eight-doubleword multiplicand, stored
+ * in little-double-wordian order, and ideally aligned on a 16-byte
+ * boundary.
+ *
+ * "res" is a pointer to the nine doubleword addend, and to the
+ * nine-doubleword product computed by this function. The result
+ * also is stored in little-double-wordian order, and ideally is
+ * aligned on a 16-byte boundary. It is expected that the alignment
+ * of the "res" area may alternate between even/odd doubleword
+ * boundaries for successive calls for 512-bit x 512-bit
+ * multiplications.
+ *
+ * The code for this function has been scheduled to use the parallelism
+ * of the PA-RISC 8000 series microprocessors as well as the author was
+ * able. Comments and/or suggestions for improvement are welcomed.
+ *
+ * The code is "64-bit safe". This means it may be called in either
+ * the 32ILP context or the 64LP context. All 64-bits of registers are
+ * saved and restored.
+ *
+ * This code is self-contained. It requires no other header files in order
+ * to compile and to be linkable on a PA-RISC 2.0 machine. Symbolic
+ * definitions for registers and stack offsets are included within this
+ * one source file.
+ *
+ * This is a leaf routine. As such, minimal use is made of the stack area.
+ * Of the 192 bytes allocated, 64 bytes are used for saving/restoring eight
+ * general registers, and 128 bytes are used to move intermediate products
+ * from the floating-point registers to the general registers. Stack
+ * protocols assure proper alignment of these areas.
+ *
+ */
+
+
+/* ====================================================================*/
+/* symbolic definitions for PA-RISC registers */
+/* in the MIPS style, avoids lots of case shifts */
+/* assigments (except t4) preserve register number parity */
+/* ====================================================================*/
+
+#define zero %r0 /* permanent zero */
+#define t5 %r1 /* temp register, altered by addil */
+
+#define rp %r2 /* return pointer */
+
+#define s1 %r3 /* callee saves register*/
+#define s0 %r4 /* callee saves register*/
+#define s3 %r5 /* callee saves register*/
+#define s2 %r6 /* callee saves register*/
+#define s5 %r7 /* callee saves register*/
+#define s4 %r8 /* callee saves register*/
+#define s7 %r9 /* callee saves register*/
+#define s6 %r10 /* callee saves register*/
+
+#define t1 %r19 /* caller saves register*/
+#define t0 %r20 /* caller saves register*/
+#define t3 %r21 /* caller saves register*/
+#define t2 %r22 /* caller saves register*/
+
+#define a3 %r23 /* fourth argument register, high word */
+#define a2 %r24 /* third argument register, low word*/
+#define a1 %r25 /* second argument register, high word*/
+#define a0 %r26 /* first argument register, low word*/
+
+#define v0 %r28 /* high order return value*/
+#define v1 %r29 /* low order return value*/
+
+#define sp %r30 /* stack pointer*/
+#define t4 %r31 /* temporary register */
+
+#define fa0 %fr4 /* first argument register*/
+#define fa1 %fr5 /* second argument register*/
+#define fa2 %fr6 /* third argument register*/
+#define fa3 %fr7 /* fourth argument register*/
+
+#define fa0r %fr4R /* first argument register*/
+#define fa1r %fr5R /* second argument register*/
+#define fa2r %fr6R /* third argument register*/
+#define fa3r %fr7R /* fourth argument register*/
+
+#define ft0 %fr8 /* caller saves register*/
+#define ft1 %fr9 /* caller saves register*/
+#define ft2 %fr10 /* caller saves register*/
+#define ft3 %fr11 /* caller saves register*/
+
+#define ft0r %fr8R /* caller saves register*/
+#define ft1r %fr9R /* caller saves register*/
+#define ft2r %fr10R /* caller saves register*/
+#define ft3r %fr11R /* caller saves register*/
+
+#define ft4 %fr22 /* caller saves register*/
+#define ft5 %fr23 /* caller saves register*/
+#define ft6 %fr24 /* caller saves register*/
+#define ft7 %fr25 /* caller saves register*/
+#define ft8 %fr26 /* caller saves register*/
+#define ft9 %fr27 /* caller saves register*/
+#define ft10 %fr28 /* caller saves register*/
+#define ft11 %fr29 /* caller saves register*/
+#define ft12 %fr30 /* caller saves register*/
+#define ft13 %fr31 /* caller saves register*/
+
+#define ft4r %fr22R /* caller saves register*/
+#define ft5r %fr23R /* caller saves register*/
+#define ft6r %fr24R /* caller saves register*/
+#define ft7r %fr25R /* caller saves register*/
+#define ft8r %fr26R /* caller saves register*/
+#define ft9r %fr27R /* caller saves register*/
+#define ft10r %fr28R /* caller saves register*/
+#define ft11r %fr29R /* caller saves register*/
+#define ft12r %fr30R /* caller saves register*/
+#define ft13r %fr31R /* caller saves register*/
+
+
+
+/* ================================================================== */
+/* functional definitions for PA-RISC registers */
+/* ================================================================== */
+
+/* general registers */
+
+#define T1 a0 /* temp, (length parameter ignored) */
+
+#define pM a1 /* -> 64-bit multiplier */
+#define T2 a1 /* temp, (after fetching multiplier) */
+
+#define pA a2 /* -> multiplicand vector (8 64-bit words) */
+#define T3 a2 /* temp, (after fetching multiplicand) */
+
+#define pR a3 /* -> addend vector (8 64-bit doublewords,
+ result vector (9 64-bit words) */
+
+#define S0 s0 /* callee saves summand registers */
+#define S1 s1
+#define S2 s2
+#define S3 s3
+#define S4 s4
+#define S5 s5
+#define S6 s6
+#define S7 s7
+
+#define S8 v0 /* caller saves summand registers */
+#define S9 v1
+#define S10 t0
+#define S11 t1
+#define S12 t2
+#define S13 t3
+#define S14 t4
+#define S15 t5
+
+
+
+/* floating-point registers */
+
+#define M fa0 /* multiplier double word */
+#define MR fa0r /* low order half of multiplier double word */
+#define ML fa0 /* high order half of multiplier double word */
+
+#define A0 fa2 /* multiplicand double word 0 */
+#define A0R fa2r /* low order half of multiplicand double word */
+#define A0L fa2 /* high order half of multiplicand double word */
+
+#define A1 fa3 /* multiplicand double word 1 */
+#define A1R fa3r /* low order half of multiplicand double word */
+#define A1L fa3 /* high order half of multiplicand double word */
+
+#define A2 ft0 /* multiplicand double word 2 */
+#define A2R ft0r /* low order half of multiplicand double word */
+#define A2L ft0 /* high order half of multiplicand double word */
+
+#define A3 ft1 /* multiplicand double word 3 */
+#define A3R ft1r /* low order half of multiplicand double word */
+#define A3L ft1 /* high order half of multiplicand double word */
+
+#define A4 ft2 /* multiplicand double word 4 */
+#define A4R ft2r /* low order half of multiplicand double word */
+#define A4L ft2 /* high order half of multiplicand double word */
+
+#define A5 ft3 /* multiplicand double word 5 */
+#define A5R ft3r /* low order half of multiplicand double word */
+#define A5L ft3 /* high order half of multiplicand double word */
+
+#define A6 ft4 /* multiplicand double word 6 */
+#define A6R ft4r /* low order half of multiplicand double word */
+#define A6L ft4 /* high order half of multiplicand double word */
+
+#define A7 ft5 /* multiplicand double word 7 */
+#define A7R ft5r /* low order half of multiplicand double word */
+#define A7L ft5 /* high order half of multiplicand double word */
+
+#define P0 ft6 /* product word 0 */
+#define P1 ft7 /* product word 0 */
+#define P2 ft8 /* product word 0 */
+#define P3 ft9 /* product word 0 */
+#define P4 ft10 /* product word 0 */
+#define P5 ft11 /* product word 0 */
+#define P6 ft12 /* product word 0 */
+#define P7 ft13 /* product word 0 */
+
+
+
+
+/* ====================================================================== */
+/* symbolic definitions for HP-UX stack offsets */
+/* symbolic definitions for memory NOPs */
+/* ====================================================================== */
+
+#define ST_SZ 192 /* stack area total size */
+
+#define SV0 -192(sp) /* general register save area */
+#define SV1 -184(sp)
+#define SV2 -176(sp)
+#define SV3 -168(sp)
+#define SV4 -160(sp)
+#define SV5 -152(sp)
+#define SV6 -144(sp)
+#define SV7 -136(sp)
+
+#define XF0 -128(sp) /* data transfer area */
+#define XF1 -120(sp) /* for floating-pt to integer regs */
+#define XF2 -112(sp)
+#define XF3 -104(sp)
+#define XF4 -96(sp)
+#define XF5 -88(sp)
+#define XF6 -80(sp)
+#define XF7 -72(sp)
+#define XF8 -64(sp)
+#define XF9 -56(sp)
+#define XF10 -48(sp)
+#define XF11 -40(sp)
+#define XF12 -32(sp)
+#define XF13 -24(sp)
+#define XF14 -16(sp)
+#define XF15 -8(sp)
+
+#define mnop proberi (sp),3,zero /* memory NOP */
+
+
+
+
+/* ====================================================================== */
+/* assembler formalities */
+/* ====================================================================== */
+
+#ifdef __LP64__
+ .level 2.0W
+#else
+ .level 2.0
+#endif
+ .space $TEXT$
+ .subspa $CODE$
+ .align 16
+
+/* ====================================================================== */
+/* here to compute 64-bit x 512-bit product + 512-bit addend */
+/* ====================================================================== */
+
+multacc512
+ .PROC
+ .CALLINFO
+ .ENTRY
+ fldd 0(pM),M ; multiplier double word
+ ldo ST_SZ(sp),sp ; push stack
+
+ fldd 0(pA),A0 ; multiplicand double word 0
+ std S1,SV1 ; save s1
+
+ fldd 16(pA),A2 ; multiplicand double word 2
+ std S3,SV3 ; save s3
+
+ fldd 32(pA),A4 ; multiplicand double word 4
+ std S5,SV5 ; save s5
+
+ fldd 48(pA),A6 ; multiplicand double word 6
+ std S7,SV7 ; save s7
+
+
+ std S0,SV0 ; save s0
+ fldd 8(pA),A1 ; multiplicand double word 1
+ xmpyu MR,A0L,P0 ; A0 cross 32-bit word products
+ xmpyu ML,A0R,P2
+
+ std S2,SV2 ; save s2
+ fldd 24(pA),A3 ; multiplicand double word 3
+ xmpyu MR,A2L,P4 ; A2 cross 32-bit word products
+ xmpyu ML,A2R,P6
+
+ std S4,SV4 ; save s4
+ fldd 40(pA),A5 ; multiplicand double word 5
+
+ std S6,SV6 ; save s6
+ fldd 56(pA),A7 ; multiplicand double word 7
+
+
+ fstd P0,XF0 ; MR * A0L
+ xmpyu MR,A0R,P0 ; A0 right 32-bit word product
+ xmpyu MR,A1L,P1 ; A1 cross 32-bit word product
+
+ fstd P2,XF2 ; ML * A0R
+ xmpyu ML,A0L,P2 ; A0 left 32-bit word product
+ xmpyu ML,A1R,P3 ; A1 cross 32-bit word product
+
+ fstd P4,XF4 ; MR * A2L
+ xmpyu MR,A2R,P4 ; A2 right 32-bit word product
+ xmpyu MR,A3L,P5 ; A3 cross 32-bit word product
+
+ fstd P6,XF6 ; ML * A2R
+ xmpyu ML,A2L,P6 ; A2 parallel 32-bit word product
+ xmpyu ML,A3R,P7 ; A3 cross 32-bit word product
+
+
+ ldd XF0,S0 ; MR * A0L
+ fstd P1,XF1 ; MR * A1L
+
+ ldd XF2,S2 ; ML * A0R
+ fstd P3,XF3 ; ML * A1R
+
+ ldd XF4,S4 ; MR * A2L
+ fstd P5,XF5 ; MR * A3L
+ xmpyu MR,A1R,P1 ; A1 parallel 32-bit word products
+ xmpyu ML,A1L,P3
+
+ ldd XF6,S6 ; ML * A2R
+ fstd P7,XF7 ; ML * A3R
+ xmpyu MR,A3R,P5 ; A3 parallel 32-bit word products
+ xmpyu ML,A3L,P7
+
+
+ fstd P0,XF0 ; MR * A0R
+ ldd XF1,S1 ; MR * A1L
+ nop
+ add S0,S2,T1 ; A0 cross product sum
+
+ fstd P2,XF2 ; ML * A0L
+ ldd XF3,S3 ; ML * A1R
+ add,dc zero,zero,S0 ; A0 cross product sum carry
+ depd,z T1,31,32,S2 ; A0 cross product sum << 32
+
+ fstd P4,XF4 ; MR * A2R
+ ldd XF5,S5 ; MR * A3L
+ shrpd S0,T1,32,S0 ; A0 carry | cross product sum >> 32
+ add S4,S6,T3 ; A2 cross product sum
+
+ fstd P6,XF6 ; ML * A2L
+ ldd XF7,S7 ; ML * A3R
+ add,dc zero,zero,S4 ; A2 cross product sum carry
+ depd,z T3,31,32,S6 ; A2 cross product sum << 32
+
+
+ ldd XF0,S8 ; MR * A0R
+ fstd P1,XF1 ; MR * A1R
+ xmpyu MR,A4L,P0 ; A4 cross 32-bit word product
+ xmpyu MR,A5L,P1 ; A5 cross 32-bit word product
+
+ ldd XF2,S10 ; ML * A0L
+ fstd P3,XF3 ; ML * A1L
+ xmpyu ML,A4R,P2 ; A4 cross 32-bit word product
+ xmpyu ML,A5R,P3 ; A5 cross 32-bit word product
+
+ ldd XF4,S12 ; MR * A2R
+ fstd P5,XF5 ; MR * A3L
+ xmpyu MR,A6L,P4 ; A6 cross 32-bit word product
+ xmpyu MR,A7L,P5 ; A7 cross 32-bit word product
+
+ ldd XF6,S14 ; ML * A2L
+ fstd P7,XF7 ; ML * A3L
+ xmpyu ML,A6R,P6 ; A6 cross 32-bit word product
+ xmpyu ML,A7R,P7 ; A7 cross 32-bit word product
+
+
+ fstd P0,XF0 ; MR * A4L
+ ldd XF1,S9 ; MR * A1R
+ shrpd S4,T3,32,S4 ; A2 carry | cross product sum >> 32
+ add S1,S3,T1 ; A1 cross product sum
+
+ fstd P2,XF2 ; ML * A4R
+ ldd XF3,S11 ; ML * A1L
+ add,dc zero,zero,S1 ; A1 cross product sum carry
+ depd,z T1,31,32,S3 ; A1 cross product sum << 32
+
+ fstd P4,XF4 ; MR * A6L
+ ldd XF5,S13 ; MR * A3R
+ shrpd S1,T1,32,S1 ; A1 carry | cross product sum >> 32
+ add S5,S7,T3 ; A3 cross product sum
+
+ fstd P6,XF6 ; ML * A6R
+ ldd XF7,S15 ; ML * A3L
+ add,dc zero,zero,S5 ; A3 cross product sum carry
+ depd,z T3,31,32,S7 ; A3 cross product sum << 32
+
+
+ shrpd S5,T3,32,S5 ; A3 carry | cross product sum >> 32
+ add S2,S8,S8 ; M * A0 right doubleword, P0 doubleword
+
+ add,dc S0,S10,S10 ; M * A0 left doubleword
+ add S3,S9,S9 ; M * A1 right doubleword
+
+ add,dc S1,S11,S11 ; M * A1 left doubleword
+ add S6,S12,S12 ; M * A2 right doubleword
+
+
+ ldd 24(pR),S3 ; Addend word 3
+ fstd P1,XF1 ; MR * A5L
+ add,dc S4,S14,S14 ; M * A2 left doubleword
+ xmpyu MR,A5R,P1 ; A5 right 32-bit word product
+
+ ldd 8(pR),S1 ; Addend word 1
+ fstd P3,XF3 ; ML * A5R
+ add S7,S13,S13 ; M * A3 right doubleword
+ xmpyu ML,A5L,P3 ; A5 left 32-bit word product
+
+ ldd 0(pR),S7 ; Addend word 0
+ fstd P5,XF5 ; MR * A7L
+ add,dc S5,S15,S15 ; M * A3 left doubleword
+ xmpyu MR,A7R,P5 ; A7 right 32-bit word product
+
+ ldd 16(pR),S5 ; Addend word 2
+ fstd P7,XF7 ; ML * A7R
+ add S10,S9,S9 ; P1 doubleword
+ xmpyu ML,A7L,P7 ; A7 left 32-bit word products
+
+
+ ldd XF0,S0 ; MR * A4L
+ fstd P1,XF9 ; MR * A5R
+ add,dc S11,S12,S12 ; P2 doubleword
+ xmpyu MR,A4R,P0 ; A4 right 32-bit word product
+
+ ldd XF2,S2 ; ML * A4R
+ fstd P3,XF11 ; ML * A5L
+ add,dc S14,S13,S13 ; P3 doubleword
+ xmpyu ML,A4L,P2 ; A4 left 32-bit word product
+
+ ldd XF6,S6 ; ML * A6R
+ fstd P5,XF13 ; MR * A7R
+ add,dc zero,S15,T2 ; P4 partial doubleword
+ xmpyu MR,A6R,P4 ; A6 right 32-bit word product
+
+ ldd XF4,S4 ; MR * A6L
+ fstd P7,XF15 ; ML * A7L
+ add S7,S8,S8 ; R0 + P0, new R0 doubleword
+ xmpyu ML,A6L,P6 ; A6 left 32-bit word product
+
+
+ fstd P0,XF0 ; MR * A4R
+ ldd XF7,S7 ; ML * A7R
+ add,dc S1,S9,S9 ; c + R1 + P1, new R1 doubleword
+
+ fstd P2,XF2 ; ML * A4L
+ ldd XF1,S1 ; MR * A5L
+ add,dc S5,S12,S12 ; c + R2 + P2, new R2 doubleword
+
+ fstd P4,XF4 ; MR * A6R
+ ldd XF5,S5 ; MR * A7L
+ add,dc S3,S13,S13 ; c + R3 + P3, new R3 doubleword
+
+ fstd P6,XF6 ; ML * A6L
+ ldd XF3,S3 ; ML * A5R
+ add,dc zero,T2,T2 ; c + partial P4
+ add S0,S2,T1 ; A4 cross product sum
+
+
+ std S8,0(pR) ; save R0
+ add,dc zero,zero,S0 ; A4 cross product sum carry
+ depd,z T1,31,32,S2 ; A4 cross product sum << 32
+
+ std S9,8(pR) ; save R1
+ shrpd S0,T1,32,S0 ; A4 carry | cross product sum >> 32
+ add S4,S6,T3 ; A6 cross product sum
+
+ std S12,16(pR) ; save R2
+ add,dc zero,zero,S4 ; A6 cross product sum carry
+ depd,z T3,31,32,S6 ; A6 cross product sum << 32
+
+
+ std S13,24(pR) ; save R3
+ shrpd S4,T3,32,S4 ; A6 carry | cross product sum >> 32
+ add S1,S3,T1 ; A5 cross product sum
+
+ ldd XF0,S8 ; MR * A4R
+ add,dc zero,zero,S1 ; A5 cross product sum carry
+ depd,z T1,31,32,S3 ; A5 cross product sum << 32
+
+ ldd XF2,S10 ; ML * A4L
+ ldd XF9,S9 ; MR * A5R
+ shrpd S1,T1,32,S1 ; A5 carry | cross product sum >> 32
+ add S5,S7,T3 ; A7 cross product sum
+
+ ldd XF4,S12 ; MR * A6R
+ ldd XF11,S11 ; ML * A5L
+ add,dc zero,zero,S5 ; A7 cross product sum carry
+ depd,z T3,31,32,S7 ; A7 cross product sum << 32
+
+ ldd XF6,S14 ; ML * A6L
+ ldd XF13,S13 ; MR * A7R
+ shrpd S5,T3,32,S5 ; A7 carry | cross product sum >> 32
+ add S2,S8,S8 ; M * A4 right doubleword
+
+
+ ldd XF15,S15 ; ML * A7L
+ add,dc S0,S10,S10 ; M * A4 left doubleword
+ add S3,S9,S9 ; M * A5 right doubleword
+
+ add,dc S1,S11,S11 ; M * A5 left doubleword
+ add S6,S12,S12 ; M * A6 right doubleword
+
+ ldd 32(pR),S0 ; Addend word 4
+ ldd 40(pR),S1 ; Addend word 5
+ add,dc S4,S14,S14 ; M * A6 left doubleword
+ add S7,S13,S13 ; M * A7 right doubleword
+
+ ldd 48(pR),S2 ; Addend word 6
+ ldd 56(pR),S3 ; Addend word 7
+ add,dc S5,S15,S15 ; M * A7 left doubleword
+ add S8,T2,S8 ; P4 doubleword
+
+ ldd 64(pR),S4 ; Addend word 8
+ ldd SV5,s5 ; restore s5
+ add,dc S10,S9,S9 ; P5 doubleword
+ add,dc S11,S12,S12 ; P6 doubleword
+
+
+ ldd SV6,s6 ; restore s6
+ ldd SV7,s7 ; restore s7
+ add,dc S14,S13,S13 ; P7 doubleword
+ add,dc zero,S15,S15 ; P8 doubleword
+
+ add S0,S8,S8 ; new R4 doubleword
+
+ ldd SV0,s0 ; restore s0
+ std S8,32(pR) ; save R4
+ add,dc S1,S9,S9 ; new R5 doubleword
+
+ ldd SV1,s1 ; restore s1
+ std S9,40(pR) ; save R5
+ add,dc S2,S12,S12 ; new R6 doubleword
+
+ ldd SV2,s2 ; restore s2
+ std S12,48(pR) ; save R6
+ add,dc S3,S13,S13 ; new R7 doubleword
+
+ ldd SV3,s3 ; restore s3
+ std S13,56(pR) ; save R7
+ add,dc S4,S15,S15 ; new R8 doubleword
+
+ ldd SV4,s4 ; restore s4
+ std S15,64(pR) ; save result[8]
+ add,dc zero,zero,v0 ; return carry from R8
+
+ CMPIB,*= 0,v0,$L0 ; if no overflow, exit
+ LDO 8(pR),pR
+
+$FINAL1 ; Final carry propagation
+ LDD 64(pR),v0
+ LDO 8(pR),pR
+ ADDI 1,v0,v0
+ CMPIB,*= 0,v0,$FINAL1 ; Keep looping if there is a carry.
+ STD v0,56(pR)
+$L0
+ bv zero(rp) ; -> caller
+ ldo -ST_SZ(sp),sp ; pop stack
+
+/* ====================================================================== */
+/* end of module */
+/* ====================================================================== */
+
+
+ bve (rp)
+ .EXIT
+ nop
+ .PROCEND
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+ .EXPORT multacc512,ENTRY
+
+ .end
diff --git a/security/nss/lib/freebl/mpi/hppa20.s b/security/nss/lib/freebl/mpi/hppa20.s
new file mode 100644
index 000000000..c72de8a12
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/hppa20.s
@@ -0,0 +1,904 @@
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#ifdef __LP64__
+ .LEVEL 2.0W
+#else
+; .LEVEL 1.1
+; .ALLOW 2.0N
+ .LEVEL 2.0
+#endif
+ .SPACE $TEXT$,SORT=8
+ .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
+
+; ***************************************************************
+;
+; maxpy_[little/big]
+;
+; ***************************************************************
+
+; There is no default -- you must specify one or the other.
+#define LITTLE_WORDIAN 1
+
+#ifdef LITTLE_WORDIAN
+#define EIGHT 8
+#define SIXTEEN 16
+#define THIRTY_TWO 32
+#define UN_EIGHT -8
+#define UN_SIXTEEN -16
+#define UN_TWENTY_FOUR -24
+#endif
+
+#ifdef BIG_WORDIAN
+#define EIGHT -8
+#define SIXTEEN -16
+#define THIRTY_TWO -32
+#define UN_EIGHT 8
+#define UN_SIXTEEN 16
+#define UN_TWENTY_FOUR 24
+#endif
+
+; This performs a multiple-precision integer version of "daxpy",
+; Using the selected addressing direction. "Little-wordian" means that
+; the least significant word of a number is stored at the lowest address.
+; "Big-wordian" means that the most significant word is at the lowest
+; address. Either way, the incoming address of the vector is that
+; of the least significant word. That means that, for little-wordian
+; addressing, we move the address upward as we propagate carries
+; from the least significant word to the most significant. For
+; big-wordian we move the address downward.
+
+; We use the following registers:
+;
+; r2 return PC, of course
+; r26 = arg1 = length
+; r25 = arg2 = address of scalar
+; r24 = arg3 = multiplicand vector
+; r23 = arg4 = result vector
+;
+; fr9 = scalar loaded once only from r25
+
+; The cycle counts shown in the bodies below are simply the result of a
+; scheduling by hand. The actual PCX-U hardware does it differently.
+; The intention is that the overall speed is the same.
+
+; The pipeline startup and shutdown code is constructed in the usual way,
+; by taking the loop bodies and removing unnecessary instructions.
+; We have left the comments describing cycle numbers in the code.
+; These are intended for reference when comparing with the main loop,
+; and have no particular relationship to actual cycle numbers.
+
+#ifdef LITTLE_WORDIAN
+maxpy_little
+#else
+maxpy_big
+#endif
+ .PROC
+ .CALLINFO FRAME=120,ENTRY_GR=4
+ .ENTRY
+ STW,MA %r3,128(%sp)
+ STW %r4,-124(%sp)
+
+ ADDIB,< -1,%r26,$L0 ; If N = 0, exit immediately.
+ FLDD 0(%r25),%fr9 ; fr9 = scalar
+
+; First startup
+
+ FLDD 0(%r24),%fr24 ; Cycle 1
+ XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
+ XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
+ XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
+ CMPIB,> 3,%r26,$N_IS_SMALL ; Pick out cases N = 1, 2, or 3
+ XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
+ FLDD EIGHT(%r24),%fr28 ; Cycle 8
+ XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
+ FSTD %fr24,-96(%sp)
+ XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
+ FSTD %fr25,-80(%sp)
+ LDO SIXTEEN(%r24),%r24 ; Cycle 12
+ FSTD %fr31,-64(%sp)
+ XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
+ FSTD %fr27,-48(%sp)
+
+; Second startup
+
+ XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
+ FSTD %fr30,-56(%sp)
+ FLDD 0(%r24),%fr24
+
+ FSTD %fr26,-88(%sp) ; Cycle 2
+
+ XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
+ FSTD %fr28,-104(%sp)
+
+ XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
+ LDD -96(%sp),%r3
+ FSTD %fr29,-72(%sp)
+
+ XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
+ LDD -64(%sp),%r19
+ LDD -80(%sp),%r21
+
+ XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
+ LDD -56(%sp),%r20
+ ADD %r21,%r3,%r3
+
+ ADD,DC %r20,%r19,%r19 ; Cycle 7
+ LDD -88(%sp),%r4
+ SHRPD %r3,%r0,32,%r21
+ LDD -48(%sp),%r1
+
+ FLDD EIGHT(%r24),%fr28 ; Cycle 8
+ LDD -104(%sp),%r31
+ ADD,DC %r0,%r0,%r20
+ SHRPD %r19,%r3,32,%r3
+
+ LDD -72(%sp),%r29 ; Cycle 9
+ SHRPD %r20,%r19,32,%r20
+ ADD %r21,%r1,%r1
+
+ XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
+ ADD,DC %r3,%r4,%r4
+ FSTD %fr24,-96(%sp)
+
+ XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
+ ADD,DC %r0,%r20,%r20
+ LDD 0(%r23),%r3
+ FSTD %fr25,-80(%sp)
+
+ LDO SIXTEEN(%r24),%r24 ; Cycle 12
+ FSTD %fr31,-64(%sp)
+
+ XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
+ ADD %r0,%r0,%r0 ; clear the carry bit
+ ADDIB,<= -4,%r26,$ENDLOOP ; actually happens in cycle 12
+ FSTD %fr27,-48(%sp)
+; MFCTL %cr16,%r21 ; for timing
+; STD %r21,-112(%sp)
+
+; Here is the loop.
+
+$LOOP XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
+ ADD,DC %r29,%r4,%r4
+ FSTD %fr30,-56(%sp)
+ FLDD 0(%r24),%fr24
+
+ LDO SIXTEEN(%r23),%r23 ; Cycle 2
+ ADD,DC %r0,%r20,%r20
+ FSTD %fr26,-88(%sp)
+
+ XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
+ ADD %r3,%r1,%r1
+ FSTD %fr28,-104(%sp)
+ LDD UN_EIGHT(%r23),%r21
+
+ XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
+ ADD,DC %r21,%r4,%r28
+ FSTD %fr29,-72(%sp)
+ LDD -96(%sp),%r3
+
+ XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
+ ADD,DC %r20,%r31,%r22
+ LDD -64(%sp),%r19
+ LDD -80(%sp),%r21
+
+ XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
+ ADD %r21,%r3,%r3
+ LDD -56(%sp),%r20
+ STD %r1,UN_SIXTEEN(%r23)
+
+ ADD,DC %r20,%r19,%r19 ; Cycle 7
+ SHRPD %r3,%r0,32,%r21
+ LDD -88(%sp),%r4
+ LDD -48(%sp),%r1
+
+ ADD,DC %r0,%r0,%r20 ; Cycle 8
+ SHRPD %r19,%r3,32,%r3
+ FLDD EIGHT(%r24),%fr28
+ LDD -104(%sp),%r31
+
+ SHRPD %r20,%r19,32,%r20 ; Cycle 9
+ ADD %r21,%r1,%r1
+ STD %r28,UN_EIGHT(%r23)
+ LDD -72(%sp),%r29
+
+ XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
+ ADD,DC %r3,%r4,%r4
+ FSTD %fr24,-96(%sp)
+
+ XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
+ ADD,DC %r0,%r20,%r20
+ FSTD %fr25,-80(%sp)
+ LDD 0(%r23),%r3
+
+ LDO SIXTEEN(%r24),%r24 ; Cycle 12
+ FSTD %fr31,-64(%sp)
+
+ XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
+ ADD %r22,%r1,%r1
+ ADDIB,> -2,%r26,$LOOP ; actually happens in cycle 12
+ FSTD %fr27,-48(%sp)
+
+$ENDLOOP
+
+; Shutdown code, first stage.
+
+; MFCTL %cr16,%r21 ; for timing
+; STD %r21,UN_SIXTEEN(%r23)
+; LDD -112(%sp),%r21
+; STD %r21,UN_EIGHT(%r23)
+
+ XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
+ ADD,DC %r29,%r4,%r4
+ CMPIB,= 0,%r26,$ONEMORE
+ FSTD %fr30,-56(%sp)
+
+ LDO SIXTEEN(%r23),%r23 ; Cycle 2
+ ADD,DC %r0,%r20,%r20
+ FSTD %fr26,-88(%sp)
+
+ ADD %r3,%r1,%r1 ; Cycle 3
+ FSTD %fr28,-104(%sp)
+ LDD UN_EIGHT(%r23),%r21
+
+ ADD,DC %r21,%r4,%r28 ; Cycle 4
+ FSTD %fr29,-72(%sp)
+ STD %r28,UN_EIGHT(%r23) ; moved up from cycle 9
+ LDD -96(%sp),%r3
+
+ ADD,DC %r20,%r31,%r22 ; Cycle 5
+ STD %r1,UN_SIXTEEN(%r23)
+$JOIN4
+ LDD -64(%sp),%r19
+ LDD -80(%sp),%r21
+
+ ADD %r21,%r3,%r3 ; Cycle 6
+ LDD -56(%sp),%r20
+
+ ADD,DC %r20,%r19,%r19 ; Cycle 7
+ SHRPD %r3,%r0,32,%r21
+ LDD -88(%sp),%r4
+ LDD -48(%sp),%r1
+
+ ADD,DC %r0,%r0,%r20 ; Cycle 8
+ SHRPD %r19,%r3,32,%r3
+ LDD -104(%sp),%r31
+
+ SHRPD %r20,%r19,32,%r20 ; Cycle 9
+ ADD %r21,%r1,%r1
+ LDD -72(%sp),%r29
+
+ ADD,DC %r3,%r4,%r4 ; Cycle 10
+
+ ADD,DC %r0,%r20,%r20 ; Cycle 11
+ LDD 0(%r23),%r3
+
+ ADD %r22,%r1,%r1 ; Cycle 13
+
+; Shutdown code, second stage.
+
+ ADD,DC %r29,%r4,%r4 ; Cycle 1
+
+ LDO SIXTEEN(%r23),%r23 ; Cycle 2
+ ADD,DC %r0,%r20,%r20
+
+ LDD UN_EIGHT(%r23),%r21 ; Cycle 3
+ ADD %r3,%r1,%r1
+
+ ADD,DC %r21,%r4,%r28 ; Cycle 4
+
+ ADD,DC %r20,%r31,%r22 ; Cycle 5
+
+ STD %r1,UN_SIXTEEN(%r23); Cycle 6
+
+ STD %r28,UN_EIGHT(%r23) ; Cycle 9
+
+ LDD 0(%r23),%r3 ; Cycle 11
+
+; Shutdown code, third stage.
+
+ LDO SIXTEEN(%r23),%r23
+ ADD %r3,%r22,%r1
+$JOIN1 ADD,DC %r0,%r0,%r21
+ CMPIB,*= 0,%r21,$L0 ; if no overflow, exit
+ STD %r1,UN_SIXTEEN(%r23)
+
+; Final carry propagation
+
+$FINAL1 LDO EIGHT(%r23),%r23
+ LDD UN_SIXTEEN(%r23),%r21
+ ADDI 1,%r21,%r21
+ CMPIB,*= 0,%r21,$FINAL1 ; Keep looping if there is a carry.
+ STD %r21,UN_SIXTEEN(%r23)
+ B $L0
+ NOP
+
+; Here is the code that handles the difficult cases N=1, N=2, and N=3.
+; We do the usual trick -- branch out of the startup code at appropriate
+; points, and branch into the shutdown code.
+
+$N_IS_SMALL
+ CMPIB,= 0,%r26,$N_IS_ONE
+ FSTD %fr24,-96(%sp) ; Cycle 10
+ FLDD EIGHT(%r24),%fr28 ; Cycle 8
+ XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
+ XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
+ FSTD %fr25,-80(%sp)
+ FSTD %fr31,-64(%sp) ; Cycle 12
+ XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
+ FSTD %fr27,-48(%sp)
+ XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
+ CMPIB,= 2,%r26,$N_IS_THREE
+ FSTD %fr30,-56(%sp)
+
+; N = 2
+ FSTD %fr26,-88(%sp) ; Cycle 2
+ FSTD %fr28,-104(%sp) ; Cycle 3
+ LDD -96(%sp),%r3 ; Cycle 4
+ FSTD %fr29,-72(%sp)
+ B $JOIN4
+ ADD %r0,%r0,%r22
+
+$N_IS_THREE
+ FLDD SIXTEEN(%r24),%fr24
+ FSTD %fr26,-88(%sp) ; Cycle 2
+ XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
+ FSTD %fr28,-104(%sp)
+ XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
+ LDD -96(%sp),%r3
+ FSTD %fr29,-72(%sp)
+ XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
+ LDD -64(%sp),%r19
+ LDD -80(%sp),%r21
+ B $JOIN3
+ ADD %r0,%r0,%r22
+
+$N_IS_ONE
+ FSTD %fr25,-80(%sp)
+ FSTD %fr27,-48(%sp)
+ FSTD %fr26,-88(%sp) ; Cycle 2
+ B $JOIN5
+ ADD %r0,%r0,%r22
+
+; We came out of the unrolled loop with wrong parity. Do one more
+; single cycle. This is quite tricky, because of the way the
+; carry chains and SHRPD chains have been chopped up.
+
+$ONEMORE
+
+ FLDD 0(%r24),%fr24
+
+ LDO SIXTEEN(%r23),%r23 ; Cycle 2
+ ADD,DC %r0,%r20,%r20
+ FSTD %fr26,-88(%sp)
+
+ XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
+ FSTD %fr28,-104(%sp)
+ LDD UN_EIGHT(%r23),%r21
+ ADD %r3,%r1,%r1
+
+ XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
+ ADD,DC %r21,%r4,%r28
+ STD %r28,UN_EIGHT(%r23) ; moved from cycle 9
+ LDD -96(%sp),%r3
+ FSTD %fr29,-72(%sp)
+
+ XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
+ ADD,DC %r20,%r31,%r22
+ LDD -64(%sp),%r19
+ LDD -80(%sp),%r21
+
+ STD %r1,UN_SIXTEEN(%r23); Cycle 6
+$JOIN3
+ XMPYU %fr9L,%fr24R,%fr24
+ LDD -56(%sp),%r20
+ ADD %r21,%r3,%r3
+
+ ADD,DC %r20,%r19,%r19 ; Cycle 7
+ LDD -88(%sp),%r4
+ SHRPD %r3,%r0,32,%r21
+ LDD -48(%sp),%r1
+
+ LDD -104(%sp),%r31 ; Cycle 8
+ ADD,DC %r0,%r0,%r20
+ SHRPD %r19,%r3,32,%r3
+
+ LDD -72(%sp),%r29 ; Cycle 9
+ SHRPD %r20,%r19,32,%r20
+ ADD %r21,%r1,%r1
+
+ ADD,DC %r3,%r4,%r4 ; Cycle 10
+ FSTD %fr24,-96(%sp)
+
+ ADD,DC %r0,%r20,%r20 ; Cycle 11
+ LDD 0(%r23),%r3
+ FSTD %fr25,-80(%sp)
+
+ ADD %r22,%r1,%r1 ; Cycle 13
+ FSTD %fr27,-48(%sp)
+
+; Shutdown code, stage 1-1/2.
+
+ ADD,DC %r29,%r4,%r4 ; Cycle 1
+
+ LDO SIXTEEN(%r23),%r23 ; Cycle 2
+ ADD,DC %r0,%r20,%r20
+ FSTD %fr26,-88(%sp)
+
+ LDD UN_EIGHT(%r23),%r21 ; Cycle 3
+ ADD %r3,%r1,%r1
+
+ ADD,DC %r21,%r4,%r28 ; Cycle 4
+ STD %r28,UN_EIGHT(%r23) ; moved from cycle 9
+
+ ADD,DC %r20,%r31,%r22 ; Cycle 5
+ STD %r1,UN_SIXTEEN(%r23)
+$JOIN5
+ LDD -96(%sp),%r3 ; moved from cycle 4
+ LDD -80(%sp),%r21
+ ADD %r21,%r3,%r3 ; Cycle 6
+ ADD,DC %r0,%r0,%r19 ; Cycle 7
+ LDD -88(%sp),%r4
+ SHRPD %r3,%r0,32,%r21
+ LDD -48(%sp),%r1
+ SHRPD %r19,%r3,32,%r3 ; Cycle 8
+ ADD %r21,%r1,%r1 ; Cycle 9
+ ADD,DC %r3,%r4,%r4 ; Cycle 10
+ LDD 0(%r23),%r3 ; Cycle 11
+ ADD %r22,%r1,%r1 ; Cycle 13
+
+; Shutdown code, stage 2-1/2.
+
+ ADD,DC %r0,%r4,%r4 ; Cycle 1
+ LDO SIXTEEN(%r23),%r23 ; Cycle 2
+ LDD UN_EIGHT(%r23),%r21 ; Cycle 3
+ ADD %r3,%r1,%r1
+ STD %r1,UN_SIXTEEN(%r23)
+ ADD,DC %r21,%r4,%r1
+ B $JOIN1
+ LDO EIGHT(%r23),%r23
+
+; exit
+
+$L0
+ LDW -124(%sp),%r4
+ BVE (%r2)
+ .EXIT
+ LDW,MB -128(%sp),%r3
+
+ .PROCEND
+
+; ***************************************************************
+;
+; add_diag_[little/big]
+;
+; ***************************************************************
+
+; The arguments are as follows:
+; r2 return PC, of course
+; r26 = arg1 = length
+; r25 = arg2 = vector to square
+; r24 = arg3 = result vector
+
+#ifdef LITTLE_WORDIAN
+add_diag_little
+#else
+add_diag_big
+#endif
+ .PROC
+ .CALLINFO FRAME=120,ENTRY_GR=4
+ .ENTRY
+ STW,MA %r3,128(%sp)
+ STW %r4,-124(%sp)
+
+ ADDIB,< -1,%r26,$Z0 ; If N=0, exit immediately.
+ NOP
+
+; Startup code
+
+ FLDD 0(%r25),%fr7 ; Cycle 2 (alternate body)
+ XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4
+ XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5
+ XMPYU %fr7L,%fr7L,%fr30
+ LDO SIXTEEN(%r25),%r25 ; Cycle 6
+ FSTD %fr29,-88(%sp)
+ FSTD %fr27,-72(%sp) ; Cycle 7
+ CMPIB,= 0,%r26,$DIAG_N_IS_ONE ; Cycle 1 (main body)
+ FSTD %fr30,-96(%sp)
+ FLDD UN_EIGHT(%r25),%fr7 ; Cycle 2
+ LDD -88(%sp),%r22 ; Cycle 3
+ LDD -72(%sp),%r31 ; Cycle 4
+ XMPYU %fr7R,%fr7R,%fr28
+ XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5
+ XMPYU %fr7L,%fr7L,%fr31
+ LDD -96(%sp),%r20 ; Cycle 6
+ FSTD %fr28,-80(%sp)
+ ADD %r0,%r0,%r0 ; clear the carry bit
+ ADDIB,<= -2,%r26,$ENDDIAGLOOP ; Cycle 7
+ FSTD %fr24,-64(%sp)
+
+; Here is the loop. It is unrolled twice, modelled after the "alternate body" and then the "main body".
+
+$DIAGLOOP
+ SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body)
+ LDO SIXTEEN(%r25),%r25
+ LDD 0(%r24),%r1
+ FSTD %fr31,-104(%sp)
+ SHRPD %r0,%r31,31,%r4 ; Cycle 2
+ ADD,DC %r22,%r3,%r3
+ FLDD UN_SIXTEEN(%r25),%fr7
+ ADD,DC %r0,%r20,%r20 ; Cycle 3
+ ADD %r1,%r3,%r3
+ XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4
+ LDD -80(%sp),%r21
+ STD %r3,0(%r24)
+ XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5
+ XMPYU %fr7L,%fr7L,%fr30
+ LDD -64(%sp),%r29
+ LDD EIGHT(%r24),%r1
+ ADD,DC %r4,%r20,%r20 ; Cycle 6
+ LDD -104(%sp),%r19
+ FSTD %fr29,-88(%sp)
+ ADD %r20,%r1,%r1 ; Cycle 7
+ FSTD %fr27,-72(%sp)
+ SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
+ LDO THIRTY_TWO(%r24),%r24
+ LDD UN_SIXTEEN(%r24),%r28
+ FSTD %fr30,-96(%sp)
+ SHRPD %r0,%r29,31,%r3 ; Cycle 2
+ ADD,DC %r21,%r4,%r4
+ FLDD UN_EIGHT(%r25),%fr7
+ STD %r1,UN_TWENTY_FOUR(%r24)
+ ADD,DC %r0,%r19,%r19 ; Cycle 3
+ ADD %r28,%r4,%r4
+ XMPYU %fr7R,%fr7R,%fr28 ; Cycle 4
+ LDD -88(%sp),%r22
+ STD %r4,UN_SIXTEEN(%r24)
+ XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5
+ XMPYU %fr7L,%fr7L,%fr31
+ LDD -72(%sp),%r31
+ LDD UN_EIGHT(%r24),%r28
+ ADD,DC %r3,%r19,%r19 ; Cycle 6
+ LDD -96(%sp),%r20
+ FSTD %fr28,-80(%sp)
+ ADD %r19,%r28,%r28 ; Cycle 7
+ FSTD %fr24,-64(%sp)
+ ADDIB,> -2,%r26,$DIAGLOOP ; Cycle 8
+ STD %r28,UN_EIGHT(%r24)
+
+$ENDDIAGLOOP
+
+ ADD,DC %r0,%r22,%r22
+ CMPIB,= 0,%r26,$ONEMOREDIAG
+ SHRPD %r31,%r0,31,%r3
+
+; Shutdown code, first stage.
+
+ FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body)
+ LDD 0(%r24),%r28
+ SHRPD %r0,%r31,31,%r4 ; Cycle 2
+ ADD %r3,%r22,%r3
+ ADD,DC %r0,%r20,%r20 ; Cycle 3
+ LDD -80(%sp),%r21
+ ADD %r3,%r28,%r3
+ LDD -64(%sp),%r29 ; Cycle 4
+ STD %r3,0(%r24)
+ LDD EIGHT(%r24),%r1 ; Cycle 5
+ LDO SIXTEEN(%r25),%r25 ; Cycle 6
+ LDD -104(%sp),%r19
+ ADD,DC %r4,%r20,%r20
+ ADD %r20,%r1,%r1 ; Cycle 7
+ ADD,DC %r0,%r21,%r21 ; Cycle 8
+ STD %r1,EIGHT(%r24)
+
+; Shutdown code, second stage.
+
+ SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
+ LDO THIRTY_TWO(%r24),%r24
+ LDD UN_SIXTEEN(%r24),%r1
+ SHRPD %r0,%r29,31,%r3 ; Cycle 2
+ ADD %r4,%r21,%r4
+ ADD,DC %r0,%r19,%r19 ; Cycle 3
+ ADD %r4,%r1,%r4
+ STD %r4,UN_SIXTEEN(%r24); Cycle 4
+ LDD UN_EIGHT(%r24),%r28 ; Cycle 5
+ ADD,DC %r3,%r19,%r19 ; Cycle 6
+ ADD %r19,%r28,%r28 ; Cycle 7
+ ADD,DC %r0,%r0,%r22 ; Cycle 8
+ CMPIB,*= 0,%r22,$Z0 ; if no overflow, exit
+ STD %r28,UN_EIGHT(%r24)
+
+; Final carry propagation
+
+$FDIAG2
+ LDO EIGHT(%r24),%r24
+ LDD UN_EIGHT(%r24),%r26
+ ADDI 1,%r26,%r26
+ CMPIB,*= 0,%r26,$FDIAG2 ; Keep looping if there is a carry.
+ STD %r26,UN_EIGHT(%r24)
+
+ B $Z0
+ NOP
+
+; Here is the code that handles the difficult case N=1.
+; We do the usual trick -- branch out of the startup code at appropriate
+; points, and branch into the shutdown code.
+
+$DIAG_N_IS_ONE
+
+ LDD -88(%sp),%r22
+ LDD -72(%sp),%r31
+ B $JOINDIAG
+ LDD -96(%sp),%r20
+
+; We came out of the unrolled loop with wrong parity. Do one more
+; single cycle. This is the "alternate body". It will, of course,
+; give us opposite registers from the other case, so we need
+; completely different shutdown code.
+
+$ONEMOREDIAG
+ FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body)
+ LDD 0(%r24),%r28
+ FLDD 0(%r25),%fr7 ; Cycle 2
+ SHRPD %r0,%r31,31,%r4
+ ADD %r3,%r22,%r3
+ ADD,DC %r0,%r20,%r20 ; Cycle 3
+ LDD -80(%sp),%r21
+ ADD %r3,%r28,%r3
+ LDD -64(%sp),%r29 ; Cycle 4
+ STD %r3,0(%r24)
+ XMPYU %fr7R,%fr7R,%fr29
+ LDD EIGHT(%r24),%r1 ; Cycle 5
+ XMPYU %fr7L,%fr7R,%fr27
+ XMPYU %fr7L,%fr7L,%fr30
+ LDD -104(%sp),%r19 ; Cycle 6
+ FSTD %fr29,-88(%sp)
+ ADD,DC %r4,%r20,%r20
+ FSTD %fr27,-72(%sp) ; Cycle 7
+ ADD %r20,%r1,%r1
+ ADD,DC %r0,%r21,%r21 ; Cycle 8
+ STD %r1,EIGHT(%r24)
+
+; Shutdown code, first stage.
+
+ SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
+ LDO THIRTY_TWO(%r24),%r24
+ FSTD %fr30,-96(%sp)
+ LDD UN_SIXTEEN(%r24),%r1
+ SHRPD %r0,%r29,31,%r3 ; Cycle 2
+ ADD %r4,%r21,%r4
+ ADD,DC %r0,%r19,%r19 ; Cycle 3
+ LDD -88(%sp),%r22
+ ADD %r4,%r1,%r4
+ LDD -72(%sp),%r31 ; Cycle 4
+ STD %r4,UN_SIXTEEN(%r24)
+ LDD UN_EIGHT(%r24),%r28 ; Cycle 5
+ LDD -96(%sp),%r20 ; Cycle 6
+ ADD,DC %r3,%r19,%r19
+ ADD %r19,%r28,%r28 ; Cycle 7
+ ADD,DC %r0,%r22,%r22 ; Cycle 8
+ STD %r28,UN_EIGHT(%r24)
+
+; Shutdown code, second stage.
+
+$JOINDIAG
+ SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body)
+ LDD 0(%r24),%r28
+ SHRPD %r0,%r31,31,%r4 ; Cycle 2
+ ADD %r3,%r22,%r3
+ ADD,DC %r0,%r20,%r20 ; Cycle 3
+ ADD %r3,%r28,%r3
+ STD %r3,0(%r24) ; Cycle 4
+ LDD EIGHT(%r24),%r1 ; Cycle 5
+ ADD,DC %r4,%r20,%r20
+ ADD %r20,%r1,%r1 ; Cycle 7
+ ADD,DC %r0,%r0,%r21 ; Cycle 8
+ CMPIB,*= 0,%r21,$Z0 ; if no overflow, exit
+ STD %r1,EIGHT(%r24)
+
+; Final carry propagation
+
+$FDIAG1
+ LDO EIGHT(%r24),%r24
+ LDD EIGHT(%r24),%r26
+ ADDI 1,%r26,%r26
+ CMPIB,*= 0,%r26,$FDIAG1 ; Keep looping if there is a carry.
+ STD %r26,EIGHT(%r24)
+
+$Z0
+ LDW -124(%sp),%r4
+ BVE (%r2)
+ .EXIT
+ LDW,MB -128(%sp),%r3
+ .PROCEND
+; .ALLOW
+
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+#ifdef LITTLE_WORDIAN
+#ifdef __GNUC__
+; GNU-as (as of 2.19) does not support LONG_RETURN
+ .EXPORT maxpy_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+ .EXPORT add_diag_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+#else
+ .EXPORT maxpy_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
+ .EXPORT add_diag_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
+#endif
+#else
+ .EXPORT maxpy_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
+ .EXPORT add_diag_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
+#endif
+ .END
+
+
+; How to use "maxpy_PA20_little" and "maxpy_PA20_big"
+;
+; The routine "maxpy_PA20_little" or "maxpy_PA20_big"
+; performs a 64-bit x any-size multiply, and adds the
+; result to an area of memory. That is, it performs
+; something like
+;
+; A B C D
+; * Z
+; __________
+; P Q R S T
+;
+; and then adds the "PQRST" vector into an area of memory,
+; handling all carries.
+;
+; Digression on nomenclature and endian-ness:
+;
+; Each of the capital letters in the above represents a 64-bit
+; quantity. That is, you could think of the discussion as
+; being in terms of radix-16-quintillion arithmetic. The data
+; type being manipulated is "unsigned long long int". This
+; requires the 64-bit extension of the HP-UX C compiler,
+; available at release 10. You need these compiler flags to
+; enable these extensions:
+;
+; -Aa +e +DA2.0 +DS2.0
+;
+; (The first specifies ANSI C, the second enables the
+; extensions, which are beyond ANSI C, and the third and
+; fourth tell the compiler to use whatever features of the
+; PA2.0 architecture it wishes, in order to made the code more
+; efficient. Since the presence of the assembly code will
+; make the program unable to run on anything less than PA2.0,
+; you might as well gain the performance enhancements in the C
+; code as well.)
+;
+; Questions of "endian-ness" often come up, usually in the
+; context of byte ordering in a word. These routines have a
+; similar issue, that could be called "wordian-ness".
+; Independent of byte ordering (PA is always big-endian), one
+; can make two choices when representing extremely large
+; numbers as arrays of 64-bit doublewords in memory.
+;
+; "Little-wordian" layout means that the least significant
+; word of a number is stored at the lowest address.
+;
+; MSW LSW
+; | |
+; V V
+;
+; A B C D E
+;
+; ^ ^ ^
+; | | |____ address 0
+; | |
+; | |_______address 8
+; |
+; address 32
+;
+; "Big-wordian" means that the most significant word is at the
+; lowest address.
+;
+; MSW LSW
+; | |
+; V V
+;
+; A B C D E
+;
+; ^ ^ ^
+; | | |____ address 32
+; | |
+; | |_______address 24
+; |
+; address 0
+;
+; When you compile the file, you must specify one or the other, with
+; a switch "-DLITTLE_WORDIAN" or "-DBIG_WORDIAN".
+;
+; Incidentally, you assemble this file as part of your
+; project with the same C compiler as the rest of the program.
+; My "makefile" for a superprecision arithmetic package has
+; the following stuff:
+;
+; # definitions:
+; CC = cc -Aa +e -z +DA2.0 +DS2.0 +w1
+; CFLAGS = +O3
+; LDFLAGS = -L /usr/lib -Wl,-aarchive
+;
+; # general build rule for ".s" files:
+; .s.o:
+; $(CC) $(CFLAGS) -c $< -DBIG_WORDIAN
+;
+; # Now any bind step that calls for pa20.o will assemble pa20.s
+;
+; End of digression, back to arithmetic:
+;
+; The way we multiply two huge numbers is, of course, to multiply
+; the "ABCD" vector by each of the "WXYZ" doublewords, adding
+; the result vectors with increasing offsets, the way we learned
+; in school, back before we all used calculators:
+;
+; A B C D
+; * W X Y Z
+; __________
+; P Q R S T
+; E F G H I
+; M N O P Q
+; + R S T U V
+; _______________
+; F I N A L S U M
+;
+; So we call maxpy_PA20_big (in my case; my package is
+; big-wordian) repeatedly, giving the W, X, Y, and Z arguments
+; in turn as the "scalar", and giving the "ABCD" vector each
+; time. We direct it to add its result into an area of memory
+; that we have cleared at the start. We skew the exact
+; location into that area with each call.
+;
+; The prototype for the function is
+;
+; extern void maxpy_PA20_big(
+; int length, /* Number of doublewords in the multiplicand vector. */
+; const long long int *scalaraddr, /* Address to fetch the scalar. */
+; const long long int *multiplicand, /* The multiplicand vector. */
+; long long int *result); /* Where to accumulate the result. */
+;
+; (You should place a copy of this prototype in an include file
+; or in your C file.)
+;
+; Now, IN ALL CASES, the given address for the multiplicand or
+; the result is that of the LEAST SIGNIFICANT DOUBLEWORD.
+; That word is, of course, the word at which the routine
+; starts processing. "maxpy_PA20_little" then increases the
+; addresses as it computes. "maxpy_PA20_big" decreases them.
+;
+; In our example above, "length" would be 4 in each case.
+; "multiplicand" would be the "ABCD" vector. Specifically,
+; the address of the element "D". "scalaraddr" would be the
+; address of "W", "X", "Y", or "Z" on the four calls that we
+; would make. (The order doesn't matter, of course.)
+; "result" would be the appropriate address in the result
+; area. When multiplying by "Z", that would be the least
+; significant word. When multiplying by "Y", it would be the
+; next higher word (8 bytes higher if little-wordian; 8 bytes
+; lower if big-wordian), and so on. The size of the result
+; area must be the the sum of the sizes of the multiplicand
+; and multiplier vectors, and must be initialized to zero
+; before we start.
+;
+; Whenever the routine adds its partial product into the result
+; vector, it follows carry chains as far as they need to go.
+;
+; Here is the super-precision multiply routine that I use for
+; my package. The package is big-wordian. I have taken out
+; handling of exponents (it's a floating point package):
+;
+; static void mul_PA20(
+; int size,
+; const long long int *arg1,
+; const long long int *arg2,
+; long long int *result)
+; {
+; int i;
+;
+; for (i=0 ; i<2*size ; i++) result[i] = 0ULL;
+;
+; for (i=0 ; i<size ; i++) {
+; maxpy_PA20_big(size, &arg2[i], &arg1[size-1], &result[size+i]);
+; }
+; }
diff --git a/security/nss/lib/freebl/mpi/hppatch.adb b/security/nss/lib/freebl/mpi/hppatch.adb
new file mode 100644
index 000000000..6875032ef
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/hppatch.adb
@@ -0,0 +1,21 @@
+#/bin/sh
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# script to change the system id in an object file from PA-RISC 2.0 to 1.1
+
+adb -w $1 << EOF
+?m 0 -1 0
+0x0?X
+0x0?W (@0x0&~0x40000)|(~@0x0&0x40000)
+
+0?"change checksum"
+0x7c?X
+0x7c?W (@0x7c&~0x40000)|(~@0x7c&0x40000)
+$q
+EOF
+
+exit 0
+
diff --git a/security/nss/lib/freebl/mpi/logtab.h b/security/nss/lib/freebl/mpi/logtab.h
new file mode 100644
index 000000000..24cb13c5b
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/logtab.h
@@ -0,0 +1,28 @@
+/*
+ * logtab.h
+ *
+ * Arbitrary precision integer arithmetic library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+const float s_logv_2[] = {
+ 0.000000000f, 0.000000000f, 1.000000000f, 0.630929754f, /* 0 1 2 3 */
+ 0.500000000f, 0.430676558f, 0.386852807f, 0.356207187f, /* 4 5 6 7 */
+ 0.333333333f, 0.315464877f, 0.301029996f, 0.289064826f, /* 8 9 10 11 */
+ 0.278942946f, 0.270238154f, 0.262649535f, 0.255958025f, /* 12 13 14 15 */
+ 0.250000000f, 0.244650542f, 0.239812467f, 0.235408913f, /* 16 17 18 19 */
+ 0.231378213f, 0.227670249f, 0.224243824f, 0.221064729f, /* 20 21 22 23 */
+ 0.218104292f, 0.215338279f, 0.212746054f, 0.210309918f, /* 24 25 26 27 */
+ 0.208014598f, 0.205846832f, 0.203795047f, 0.201849087f, /* 28 29 30 31 */
+ 0.200000000f, 0.198239863f, 0.196561632f, 0.194959022f, /* 32 33 34 35 */
+ 0.193426404f, 0.191958720f, 0.190551412f, 0.189200360f, /* 36 37 38 39 */
+ 0.187901825f, 0.186652411f, 0.185449023f, 0.184288833f, /* 40 41 42 43 */
+ 0.183169251f, 0.182087900f, 0.181042597f, 0.180031327f, /* 44 45 46 47 */
+ 0.179052232f, 0.178103594f, 0.177183820f, 0.176291434f, /* 48 49 50 51 */
+ 0.175425064f, 0.174583430f, 0.173765343f, 0.172969690f, /* 52 53 54 55 */
+ 0.172195434f, 0.171441601f, 0.170707280f, 0.169991616f, /* 56 57 58 59 */
+ 0.169293808f, 0.168613099f, 0.167948779f, 0.167300179f, /* 60 61 62 63 */
+ 0.166666667f
+};
diff --git a/security/nss/lib/freebl/mpi/make-logtab b/security/nss/lib/freebl/mpi/make-logtab
new file mode 100755
index 000000000..fadba1c86
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/make-logtab
@@ -0,0 +1,29 @@
+#!/usr/bin/perl
+
+#
+# make-logtab
+#
+# Generate a table of logarithms of 2 in various bases, for use in
+# estimating the output sizes of various bases.
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+$ARRAYNAME = $ENV{'ARRAYNAME'} || "s_logv_2";
+$ARRAYTYPE = $ENV{'ARRAYTYPE'} || "float";
+
+printf("const %s %s[] = {\n %0.9ff, %0.9ff, ",
+ $ARRAYTYPE, $ARRAYNAME, 0, 0);
+$brk = 2;
+for($ix = 2; $ix < 64; $ix++) {
+ printf("%0.9ff, ", (log(2)/log($ix)));
+ $brk = ($brk + 1) & 3;
+ if(!$brk) {
+ printf(" /* %2d %2d %2d %2d */\n ",
+ $ix - 3, $ix - 2, $ix - 1, $ix);
+ }
+}
+printf("%0.9ff\n};\n\n", (log(2)/log($ix)));
+
+exit 0;
diff --git a/security/nss/lib/freebl/mpi/make-test-arrays b/security/nss/lib/freebl/mpi/make-test-arrays
new file mode 100755
index 000000000..ecdd55202
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/make-test-arrays
@@ -0,0 +1,98 @@
+#!/usr/bin/perl
+
+#
+# make-test-arrays
+#
+# Given a test-arrays file, which specifies the test suite names, the
+# names of the functions which perform those test suites, and
+# descriptive comments, this script generates C structures for the
+# mpi-test program. The input consists of lines of the form:
+#
+# suite-name:function-name:comment
+#
+# The output is written to the standard output. Blank lines are
+# ignored, and comments beginning with '#' are stripped.
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Read parameters from the environment, if available
+$NAMEVAR = $ENV{'NAMEVAR'} || "g_names";
+$COUNTVAR = $ENV{'COUNTVAR'} || "g_count";
+$FUNCVAR = $ENV{'FUNCVAR'} || "g_tests";
+$DESCVAR = $ENV{'DESCVAR'} || "g_descs";
+$FUNCLEN = 13;
+$NAMELEN = 18;
+$DESCLEN = 45;
+
+#------------------------------------------------------------------------
+# Suck in input from the files on the command line, or standard input
+while(<>) {
+ chomp;
+ s/\#.*$//;
+ next if /^\s*$/;
+
+ ($suite, $func, $desc) = split(/:/, $_);
+
+ $tmp = { "suite" => $suite,
+ "func" => $func,
+ "desc" => $desc };
+
+ push(@item, $tmp);
+}
+$count = scalar(@item);
+$last = pop(@item);
+
+#------------------------------------------------------------------------
+# Output the table of names
+print "/* Table mapping test suite names to index numbers */\n";
+printf("const int %s = %d;\n", $COUNTVAR, $count);
+printf("const char *%s[] = {\n", $NAMEVAR);
+
+foreach $elt (@item) {
+ printf(" \"%s\",%s/* %s%s */\n", $elt->{"suite"},
+ " " x ($NAMELEN - length($elt->{"suite"})),
+ $elt->{"desc"},
+ " " x ($DESCLEN - length($elt->{"desc"})));
+}
+printf(" \"%s\" %s/* %s%s */\n", $last->{"suite"},
+ " " x ($NAMELEN - length($last->{"suite"})),
+ $last->{"desc"},
+ " " x ($DESCLEN - length($last->{"desc"})));
+print "};\n\n";
+
+#------------------------------------------------------------------------
+# Output the driver function prototypes
+print "/* Test function prototypes */\n";
+foreach $elt (@item, $last) {
+ printf("int %s(void);\n", $elt->{"func"});
+}
+print "\n";
+
+#------------------------------------------------------------------------
+# Output the table of functions
+print "/* Table mapping index numbers to functions */\n";
+printf("int (*%s[])(void) = {\n ", $FUNCVAR);
+$brk = 0;
+
+foreach $elt (@item) {
+ print($elt->{"func"}, ", ",
+ " " x ($FUNCLEN - length($elt->{"func"})));
+ $brk = ($brk + 1) & 3;
+ print "\n " unless($brk);
+}
+print $last->{"func"}, "\n};\n\n";
+
+#------------------------------------------------------------------------
+# Output the table of descriptions
+print "/* Table mapping index numbers to descriptions */\n";
+printf("const char *%s[] = {\n", $DESCVAR);
+
+foreach $elt (@item) {
+ printf(" \"%s\",\n", $elt->{"desc"});
+}
+printf(" \"%s\"\n};\n\n", $last->{"desc"});
+
+exit 0;
+
diff --git a/security/nss/lib/freebl/mpi/mdxptest.c b/security/nss/lib/freebl/mpi/mdxptest.c
new file mode 100644
index 000000000..adbcfc3d1
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mdxptest.c
@@ -0,0 +1,306 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "mpi.h"
+#include "mpi-priv.h"
+
+/* #define OLD_WAY 1 */
+
+/* This key is the 1024-bit test key used for speed testing of RSA private
+** key ops.
+*/
+
+#define CONST const
+
+static CONST unsigned char default_n[128] = {
+ 0xc2, 0xae, 0x96, 0x89, 0xaf, 0xce, 0xd0, 0x7b, 0x3b, 0x35, 0xfd, 0x0f, 0xb1, 0xf4, 0x7a, 0xd1,
+ 0x3c, 0x7d, 0xb5, 0x86, 0xf2, 0x68, 0x36, 0xc9, 0x97, 0xe6, 0x82, 0x94, 0x86, 0xaa, 0x05, 0x39,
+ 0xec, 0x11, 0x51, 0xcc, 0x5c, 0xa1, 0x59, 0xba, 0x29, 0x18, 0xf3, 0x28, 0xf1, 0x9d, 0xe3, 0xae,
+ 0x96, 0x5d, 0x6d, 0x87, 0x73, 0xf6, 0xf6, 0x1f, 0xd0, 0x2d, 0xfb, 0x2f, 0x7a, 0x13, 0x7f, 0xc8,
+ 0x0c, 0x7a, 0xe9, 0x85, 0xfb, 0xce, 0x74, 0x86, 0xf8, 0xef, 0x2f, 0x85, 0x37, 0x73, 0x0f, 0x62,
+ 0x4e, 0x93, 0x17, 0xb7, 0x7e, 0x84, 0x9a, 0x94, 0x11, 0x05, 0xca, 0x0d, 0x31, 0x4b, 0x2a, 0xc8,
+ 0xdf, 0xfe, 0xe9, 0x0c, 0x13, 0xc7, 0xf2, 0xad, 0x19, 0x64, 0x28, 0x3c, 0xb5, 0x6a, 0xc8, 0x4b,
+ 0x79, 0xea, 0x7c, 0xce, 0x75, 0x92, 0x45, 0x3e, 0xa3, 0x9d, 0x64, 0x6f, 0x04, 0x69, 0x19, 0x17
+};
+
+static CONST unsigned char default_d[128] = {
+ 0x13, 0xcb, 0xbc, 0xf2, 0xf3, 0x35, 0x8c, 0x6d, 0x7b, 0x6f, 0xd9, 0xf3, 0xa6, 0x9c, 0xbd, 0x80,
+ 0x59, 0x2e, 0x4f, 0x2f, 0x11, 0xa7, 0x17, 0x2b, 0x18, 0x8f, 0x0f, 0xe8, 0x1a, 0x69, 0x5f, 0x6e,
+ 0xac, 0x5a, 0x76, 0x7e, 0xd9, 0x4c, 0x6e, 0xdb, 0x47, 0x22, 0x8a, 0x57, 0x37, 0x7a, 0x5e, 0x94,
+ 0x7a, 0x25, 0xb5, 0xe5, 0x78, 0x1d, 0x3c, 0x99, 0xaf, 0x89, 0x7d, 0x69, 0x2e, 0x78, 0x9d, 0x1d,
+ 0x84, 0xc8, 0xc1, 0xd7, 0x1a, 0xb2, 0x6d, 0x2d, 0x8a, 0xd9, 0xab, 0x6b, 0xce, 0xae, 0xb0, 0xa0,
+ 0x58, 0x55, 0xad, 0x5c, 0x40, 0x8a, 0xd6, 0x96, 0x08, 0x8a, 0xe8, 0x63, 0xe6, 0x3d, 0x6c, 0x20,
+ 0x49, 0xc7, 0xaf, 0x0f, 0x25, 0x73, 0xd3, 0x69, 0x43, 0x3b, 0xf2, 0x32, 0xf8, 0x3d, 0x5e, 0xee,
+ 0x7a, 0xca, 0xd6, 0x94, 0x55, 0xe5, 0xbd, 0x25, 0x34, 0x8d, 0x63, 0x40, 0xb5, 0x8a, 0xc3, 0x01
+};
+
+#define DEFAULT_ITERS 50
+
+typedef clock_t timetype;
+#define gettime(x) *(x) = clock()
+#define subtime(a, b) a -= b
+#define msec(x) ((clock_t)((double)x * 1000.0 / CLOCKS_PER_SEC))
+#define sec(x) (x / CLOCKS_PER_SEC)
+
+struct TimingContextStr {
+ timetype start;
+ timetype end;
+ timetype interval;
+
+ int minutes;
+ int seconds;
+ int millisecs;
+};
+
+typedef struct TimingContextStr TimingContext;
+
+TimingContext *
+CreateTimingContext(void)
+{
+ return (TimingContext *)malloc(sizeof(TimingContext));
+}
+
+void
+DestroyTimingContext(TimingContext *ctx)
+{
+ free(ctx);
+}
+
+void
+TimingBegin(TimingContext *ctx)
+{
+ gettime(&ctx->start);
+}
+
+static void
+timingUpdate(TimingContext *ctx)
+{
+
+ ctx->millisecs = msec(ctx->interval) % 1000;
+ ctx->seconds = sec(ctx->interval);
+ ctx->minutes = ctx->seconds / 60;
+ ctx->seconds %= 60;
+}
+
+void
+TimingEnd(TimingContext *ctx)
+{
+ gettime(&ctx->end);
+ ctx->interval = ctx->end;
+ subtime(ctx->interval, ctx->start);
+ timingUpdate(ctx);
+}
+
+char *
+TimingGenerateString(TimingContext *ctx)
+{
+ static char sBuf[4096];
+
+ sprintf(sBuf, "%d minutes, %d.%03d seconds", ctx->minutes,
+ ctx->seconds, ctx->millisecs);
+ return sBuf;
+}
+
+static void
+dumpBytes(unsigned char *b, int l)
+{
+ int i;
+ if (l <= 0)
+ return;
+ for (i = 0; i < l; ++i) {
+ if (i % 16 == 0)
+ printf("\t");
+ printf(" %02x", b[i]);
+ if (i % 16 == 15)
+ printf("\n");
+ }
+ if ((i % 16) != 0)
+ printf("\n");
+ printf("\n");
+}
+
+static mp_err
+testNewFuncs(const unsigned char *modulusBytes, int modulus_len)
+{
+ mp_err mperr = MP_OKAY;
+ mp_int modulus;
+ unsigned char buf[512];
+
+ mperr = mp_init(&modulus);
+ mperr = mp_read_unsigned_octets(&modulus, modulusBytes, modulus_len);
+ mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len);
+ mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len + 1);
+ mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len + 4);
+ mperr = mp_to_unsigned_octets(&modulus, buf, modulus_len);
+ mperr = mp_to_signed_octets(&modulus, buf, modulus_len + 1);
+ mp_clear(&modulus);
+ return mperr;
+}
+
+int
+testModExp(const unsigned char *modulusBytes,
+ const unsigned int expo,
+ const unsigned char *input,
+ unsigned char *output,
+ int modulus_len)
+{
+ mp_err mperr = MP_OKAY;
+ mp_int modulus;
+ mp_int base;
+ mp_int exponent;
+ mp_int result;
+
+ mperr = mp_init(&modulus);
+ mperr += mp_init(&base);
+ mperr += mp_init(&exponent);
+ mperr += mp_init(&result);
+ /* we initialize all mp_ints unconditionally, even if some fail.
+ ** This guarantees that the DIGITS pointer is valid (even if null).
+ ** So, mp_clear will do the right thing below.
+ */
+ if (mperr == MP_OKAY) {
+ mperr = mp_read_unsigned_octets(&modulus,
+ modulusBytes + (sizeof default_n - modulus_len), modulus_len);
+ mperr += mp_read_unsigned_octets(&base, input, modulus_len);
+ mp_set(&exponent, expo);
+ if (mperr == MP_OKAY) {
+#if OLD_WAY
+ mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
+#else
+ mperr = mp_exptmod(&base, &exponent, &modulus, &result);
+#endif
+ if (mperr == MP_OKAY) {
+ mperr = mp_to_fixlen_octets(&result, output, modulus_len);
+ }
+ }
+ }
+ mp_clear(&base);
+ mp_clear(&result);
+
+ mp_clear(&modulus);
+ mp_clear(&exponent);
+
+ return (int)mperr;
+}
+
+int
+doModExp(const unsigned char *modulusBytes,
+ const unsigned char *exponentBytes,
+ const unsigned char *input,
+ unsigned char *output,
+ int modulus_len)
+{
+ mp_err mperr = MP_OKAY;
+ mp_int modulus;
+ mp_int base;
+ mp_int exponent;
+ mp_int result;
+
+ mperr = mp_init(&modulus);
+ mperr += mp_init(&base);
+ mperr += mp_init(&exponent);
+ mperr += mp_init(&result);
+ /* we initialize all mp_ints unconditionally, even if some fail.
+ ** This guarantees that the DIGITS pointer is valid (even if null).
+ ** So, mp_clear will do the right thing below.
+ */
+ if (mperr == MP_OKAY) {
+ mperr = mp_read_unsigned_octets(&modulus,
+ modulusBytes + (sizeof default_n - modulus_len), modulus_len);
+ mperr += mp_read_unsigned_octets(&exponent, exponentBytes, modulus_len);
+ mperr += mp_read_unsigned_octets(&base, input, modulus_len);
+ if (mperr == MP_OKAY) {
+#if OLD_WAY
+ mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
+#else
+ mperr = mp_exptmod(&base, &exponent, &modulus, &result);
+#endif
+ if (mperr == MP_OKAY) {
+ mperr = mp_to_fixlen_octets(&result, output, modulus_len);
+ }
+ }
+ }
+ mp_clear(&base);
+ mp_clear(&result);
+
+ mp_clear(&modulus);
+ mp_clear(&exponent);
+
+ return (int)mperr;
+}
+
+int
+main(int argc, char **argv)
+{
+ TimingContext *timeCtx;
+ char *progName;
+ long iters = DEFAULT_ITERS;
+ unsigned int modulus_len;
+ int i;
+ int rv;
+ unsigned char buf[1024];
+ unsigned char buf2[1024];
+
+ progName = strrchr(argv[0], '/');
+ if (!progName)
+ progName = strrchr(argv[0], '\\');
+ progName = progName ? progName + 1 : argv[0];
+
+ if (argc >= 2) {
+ iters = atol(argv[1]);
+ }
+
+ if (argc >= 3) {
+ modulus_len = atol(argv[2]);
+ } else
+ modulus_len = sizeof default_n;
+
+ /* no library init function !? */
+
+ memset(buf, 0x41, sizeof buf);
+
+ if (iters < 2) {
+ testNewFuncs(default_n, modulus_len);
+ testNewFuncs(default_n + 1, modulus_len - 1);
+ testNewFuncs(default_n + 2, modulus_len - 2);
+ testNewFuncs(default_n + 3, modulus_len - 3);
+
+ rv = testModExp(default_n, 0, buf, buf2, modulus_len);
+ dumpBytes((unsigned char *)buf2, modulus_len);
+
+ rv = testModExp(default_n, 1, buf, buf2, modulus_len);
+ dumpBytes((unsigned char *)buf2, modulus_len);
+
+ rv = testModExp(default_n, 2, buf, buf2, modulus_len);
+ dumpBytes((unsigned char *)buf2, modulus_len);
+
+ rv = testModExp(default_n, 3, buf, buf2, modulus_len);
+ dumpBytes((unsigned char *)buf2, modulus_len);
+ }
+ rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
+ if (rv != 0) {
+ fprintf(stderr, "Error in modexp operation:\n");
+ exit(1);
+ }
+ dumpBytes((unsigned char *)buf2, modulus_len);
+
+ timeCtx = CreateTimingContext();
+ TimingBegin(timeCtx);
+ i = iters;
+ while (i--) {
+ rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
+ if (rv != 0) {
+ fprintf(stderr, "Error in modexp operation\n");
+ exit(1);
+ }
+ }
+ TimingEnd(timeCtx);
+ printf("%ld iterations in %s\n", iters, TimingGenerateString(timeCtx));
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/montmulf.c b/security/nss/lib/freebl/mpi/montmulf.c
new file mode 100644
index 000000000..ce8fbc31d
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulf.c
@@ -0,0 +1,286 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef SOLARIS
+#define RF_INLINE_MACROS 1
+#endif
+
+static const double TwoTo16 = 65536.0;
+static const double TwoToMinus16 = 1.0 / 65536.0;
+static const double Zero = 0.0;
+static const double TwoTo32 = 65536.0 * 65536.0;
+static const double TwoToMinus32 = 1.0 / (65536.0 * 65536.0);
+
+#ifdef RF_INLINE_MACROS
+
+double upper32(double);
+double lower32(double, double);
+double mod(double, double, double);
+
+void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
+ const double * /* 2^16*/,
+ const double * /* 0 */,
+ double * /*result16*/,
+ double * /* result32 */,
+ float * /*source - should be unsigned int* converted to float* */);
+
+#else
+#ifdef MP_USE_FLOOR
+#include <math.h>
+#else
+#define floor(d) ((double)((unsigned long long)(d)))
+#endif
+
+static double
+upper32(double x)
+{
+ return floor(x * TwoToMinus32);
+}
+
+static double
+lower32(double x, double y)
+{
+ return x - TwoTo32 * floor(x * TwoToMinus32);
+}
+
+static double
+mod(double x, double oneoverm, double m)
+{
+ return x - m * floor(x * oneoverm);
+}
+
+#endif
+
+static void
+cleanup(double *dt, int from, int tlen)
+{
+ int i;
+ double tmp, tmp1, x, x1;
+
+ tmp = tmp1 = Zero;
+ /* original code **
+ for(i=2*from;i<2*tlen-2;i++)
+ {
+ x=dt[i];
+ dt[i]=lower32(x,Zero)+tmp1;
+ tmp1=tmp;
+ tmp=upper32(x);
+ }
+ dt[tlen-2]+=tmp1;
+ dt[tlen-1]+=tmp;
+ **end original code ***/
+ /* new code ***/
+ for (i = 2 * from; i < 2 * tlen; i += 2) {
+ x = dt[i];
+ x1 = dt[i + 1];
+ dt[i] = lower32(x, Zero) + tmp;
+ dt[i + 1] = lower32(x1, Zero) + tmp1;
+ tmp = upper32(x);
+ tmp1 = upper32(x1);
+ }
+ /** end new code **/
+}
+
+void
+conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
+{
+ int i;
+ long long t, t1, a, b, c, d;
+
+ t1 = 0;
+ a = (long long)d16[0];
+ b = (long long)d16[1];
+ for (i = 0; i < ilen - 1; i++) {
+ c = (long long)d16[2 * i + 2];
+ t1 += (unsigned int)a;
+ t = (a >> 32);
+ d = (long long)d16[2 * i + 3];
+ t1 += (b & 0xffff) << 16;
+ t += (b >> 16) + (t1 >> 32);
+ i32[i] = (unsigned int)t1;
+ t1 = t;
+ a = c;
+ b = d;
+ }
+ t1 += (unsigned int)a;
+ t = (a >> 32);
+ t1 += (b & 0xffff) << 16;
+ i32[i] = (unsigned int)t1;
+}
+
+void
+conv_i32_to_d32(double *d32, unsigned int *i32, int len)
+{
+ int i;
+
+#pragma pipeloop(0)
+ for (i = 0; i < len; i++)
+ d32[i] = (double)(i32[i]);
+}
+
+void
+conv_i32_to_d16(double *d16, unsigned int *i32, int len)
+{
+ int i;
+ unsigned int a;
+
+#pragma pipeloop(0)
+ for (i = 0; i < len; i++) {
+ a = i32[i];
+ d16[2 * i] = (double)(a & 0xffff);
+ d16[2 * i + 1] = (double)(a >> 16);
+ }
+}
+
+void
+conv_i32_to_d32_and_d16(double *d32, double *d16,
+ unsigned int *i32, int len)
+{
+ int i = 0;
+ unsigned int a;
+
+#pragma pipeloop(0)
+#ifdef RF_INLINE_MACROS
+ for (; i < len - 3; i += 4) {
+ i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
+ &(d16[2 * i]), &(d32[i]), (float *)(&(i32[i])));
+ }
+#endif
+ for (; i < len; i++) {
+ a = i32[i];
+ d32[i] = (double)(i32[i]);
+ d16[2 * i] = (double)(a & 0xffff);
+ d16[2 * i + 1] = (double)(a >> 16);
+ }
+}
+
+void
+adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
+{
+ long long acc;
+ int i;
+
+ if (i32[len] > 0)
+ i = -1;
+ else {
+ for (i = len - 1; i >= 0; i--) {
+ if (i32[i] != nint[i])
+ break;
+ }
+ }
+ if ((i < 0) || (i32[i] > nint[i])) {
+ acc = 0;
+ for (i = 0; i < len; i++) {
+ acc = acc + (unsigned long long)(i32[i]) - (unsigned long long)(nint[i]);
+ i32[i] = (unsigned int)acc;
+ acc = acc >> 32;
+ }
+ }
+}
+
+/*
+** the lengths of the input arrays should be at least the following:
+** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
+** all of them should be different from one another
+**
+*/
+void
+mont_mulf_noconv(unsigned int *result,
+ double *dm1, double *dm2, double *dt,
+ double *dn, unsigned int *nint,
+ int nlen, double dn0)
+{
+ int i, j, jj;
+ int tmp;
+ double digit, m2j, nextm2j, a, b;
+ double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
+
+ pdm1 = &(dm1[0]);
+ pdm2 = &(dm2[0]);
+ pdn = &(dn[0]);
+ pdm2[2 * nlen] = Zero;
+
+ if (nlen != 16) {
+ for (i = 0; i < 4 * nlen + 2; i++)
+ dt[i] = Zero;
+
+ a = dt[0] = pdm1[0] * pdm2[0];
+ digit = mod(lower32(a, Zero) * dn0, TwoToMinus16, TwoTo16);
+
+ pdtj = &(dt[0]);
+ for (j = jj = 0; j < 2 * nlen; j++, jj++, pdtj++) {
+ m2j = pdm2[j];
+ a = pdtj[0] + pdn[0] * digit;
+ b = pdtj[1] + pdm1[0] * pdm2[j + 1] + a * TwoToMinus16;
+ pdtj[1] = b;
+
+#pragma pipeloop(0)
+ for (i = 1; i < nlen; i++) {
+ pdtj[2 * i] += pdm1[i] * m2j + pdn[i] * digit;
+ }
+ if ((jj == 30)) {
+ cleanup(dt, j / 2 + 1, 2 * nlen + 1);
+ jj = 0;
+ }
+
+ digit = mod(lower32(b, Zero) * dn0, TwoToMinus16, TwoTo16);
+ }
+ } else {
+ a = dt[0] = pdm1[0] * pdm2[0];
+
+ dt[65] = dt[64] = dt[63] = dt[62] = dt[61] = dt[60] =
+ dt[59] = dt[58] = dt[57] = dt[56] = dt[55] = dt[54] =
+ dt[53] = dt[52] = dt[51] = dt[50] = dt[49] = dt[48] =
+ dt[47] = dt[46] = dt[45] = dt[44] = dt[43] = dt[42] =
+ dt[41] = dt[40] = dt[39] = dt[38] = dt[37] = dt[36] =
+ dt[35] = dt[34] = dt[33] = dt[32] = dt[31] = dt[30] =
+ dt[29] = dt[28] = dt[27] = dt[26] = dt[25] = dt[24] =
+ dt[23] = dt[22] = dt[21] = dt[20] = dt[19] = dt[18] =
+ dt[17] = dt[16] = dt[15] = dt[14] = dt[13] = dt[12] =
+ dt[11] = dt[10] = dt[9] = dt[8] = dt[7] = dt[6] =
+ dt[5] = dt[4] = dt[3] = dt[2] = dt[1] = Zero;
+
+ pdn_0 = pdn[0];
+ pdm1_0 = pdm1[0];
+
+ digit = mod(lower32(a, Zero) * dn0, TwoToMinus16, TwoTo16);
+ pdtj = &(dt[0]);
+
+ for (j = 0; j < 32; j++, pdtj++) {
+
+ m2j = pdm2[j];
+ a = pdtj[0] + pdn_0 * digit;
+ b = pdtj[1] + pdm1_0 * pdm2[j + 1] + a * TwoToMinus16;
+ pdtj[1] = b;
+
+ /**** this loop will be fully unrolled:
+ for(i=1;i<16;i++)
+ {
+ pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+ }
+ *************************************/
+ pdtj[2] += pdm1[1] * m2j + pdn[1] * digit;
+ pdtj[4] += pdm1[2] * m2j + pdn[2] * digit;
+ pdtj[6] += pdm1[3] * m2j + pdn[3] * digit;
+ pdtj[8] += pdm1[4] * m2j + pdn[4] * digit;
+ pdtj[10] += pdm1[5] * m2j + pdn[5] * digit;
+ pdtj[12] += pdm1[6] * m2j + pdn[6] * digit;
+ pdtj[14] += pdm1[7] * m2j + pdn[7] * digit;
+ pdtj[16] += pdm1[8] * m2j + pdn[8] * digit;
+ pdtj[18] += pdm1[9] * m2j + pdn[9] * digit;
+ pdtj[20] += pdm1[10] * m2j + pdn[10] * digit;
+ pdtj[22] += pdm1[11] * m2j + pdn[11] * digit;
+ pdtj[24] += pdm1[12] * m2j + pdn[12] * digit;
+ pdtj[26] += pdm1[13] * m2j + pdn[13] * digit;
+ pdtj[28] += pdm1[14] * m2j + pdn[14] * digit;
+ pdtj[30] += pdm1[15] * m2j + pdn[15] * digit;
+ /* no need for cleenup, cannot overflow */
+ digit = mod(lower32(b, Zero) * dn0, TwoToMinus16, TwoTo16);
+ }
+ }
+
+ conv_d16_to_i32(result, dt + 2 * nlen, (long long *)dt, nlen + 1);
+
+ adjust_montf_result(result, nint, nlen);
+}
diff --git a/security/nss/lib/freebl/mpi/montmulf.h b/security/nss/lib/freebl/mpi/montmulf.h
new file mode 100644
index 000000000..69bed4acb
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulf.h
@@ -0,0 +1,65 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* The functions that are to be called from outside of the .s file have the
+ * following interfaces and array size requirements:
+ */
+
+void conv_i32_to_d32(double *d32, unsigned int *i32, int len);
+
+/* Converts an array of int's to an array of doubles, so that each double
+ * corresponds to an int. len is the number of items converted.
+ * Does not allocate the output array.
+ * The pointers d32 and i32 should point to arrays of size at least len
+ * (doubles and unsigned ints, respectively)
+ */
+
+void conv_i32_to_d16(double *d16, unsigned int *i32, int len);
+
+/* Converts an array of int's to an array of doubles so that each element
+ * of the int array is converted to a pair of doubles, the first one
+ * corresponding to the lower (least significant) 16 bits of the int and
+ * the second one corresponding to the upper (most significant) 16 bits of
+ * the 32-bit int. len is the number of ints converted.
+ * Does not allocate the output array.
+ * The pointer d16 should point to an array of doubles of size at least
+ * 2*len and i32 should point an array of ints of size at least len
+ */
+
+void conv_i32_to_d32_and_d16(double *d32, double *d16,
+ unsigned int *i32, int len);
+
+/* Does the above two conversions together, it is much faster than doing
+ * both of those in succession
+ */
+
+void mont_mulf_noconv(unsigned int *result,
+ double *dm1, double *dm2, double *dt,
+ double *dn, unsigned int *nint,
+ int nlen, double dn0);
+
+/* Does the Montgomery multiplication of the numbers stored in the arrays
+ * pointed to by dm1 and dm2, writing the result to the array pointed to by
+ * result. It uses the array pointed to by dt as a temporary work area.
+ * nint should point to the modulus in the array-of-integers representation,
+ * dn should point to its array-of-doubles as obtained as a result of the
+ * function call conv_i32_to_d32(dn, nint, nlen);
+ * nlen is the length of the array containing the modulus.
+ * The representation used for dm1 is the one that is a result of the function
+ * call conv_i32_to_d32(dm1, m1, nlen), the representation for dm2 is the
+ * result of the function call conv_i32_to_d16(dm2, m2, nlen).
+ * Note that m1 and m2 should both be of length nlen, so they should be
+ * padded with 0's if necessary before the conversion. The result comes in
+ * this form (int representation, padded with 0's).
+ * dn0 is the value of the 16 least significant bits of n0'.
+ * The function does not allocate memory for any of the arrays, so the
+ * pointers should point to arrays with the following minimal sizes:
+ * result - nlen+1
+ * dm1 - nlen
+ * dm2 - 2*nlen+1 ( the +1 is necessary for technical reasons )
+ * dt - 4*nlen+2
+ * dn - nlen
+ * nint - nlen
+ * No two arrays should point to overlapping areas of memory.
+ */
diff --git a/security/nss/lib/freebl/mpi/montmulf.il b/security/nss/lib/freebl/mpi/montmulf.il
new file mode 100644
index 000000000..4952d0fb8
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulf.il
@@ -0,0 +1,108 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+!
+! double upper32(double /*frs1*/);
+!
+ .inline upper32,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+
+ fdtox %f10,%f10
+ fitod %f10,%f0
+ .end
+
+!
+! double lower32(double /*frs1*/, double /* Zero */);
+!
+ .inline lower32,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f12
+
+ fdtox %f10,%f10
+ fmovs %f12,%f10
+ fxtod %f10,%f0
+ .end
+
+!
+! double mod(double /*x*/, double /*1/m*/, double /*m*/);
+!
+ .inline mod,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f2
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o4,[%sp+0x48]
+ ldd [%sp+0x48],%f6
+
+ fmuld %f2,%f4,%f4
+ fdtox %f4,%f4
+ fxtod %f4,%f4
+ fmuld %f4,%f6,%f4
+ fsubd %f2,%f4,%f0
+ .end
+
+
+!
+! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
+! double * /* 0 */,
+! double * /*result16*/, double * /* result32 */
+! float * /*source - should be unsigned int*
+! converted to float* */);
+!
+ .inline i16_to_d16_and_d32x4,24
+ ldd [%o0],%f2 ! 1/(2^16)
+ ldd [%o1],%f4 ! 2^16
+ ldd [%o2],%f22
+
+ fmovd %f22,%f6
+ ld [%o5],%f7
+ fmovd %f22,%f10
+ ld [%o5+4],%f11
+ fmovd %f22,%f14
+ ld [%o5+8],%f15
+ fmovd %f22,%f18
+ ld [%o5+12],%f19
+ fxtod %f6,%f6
+ std %f6,[%o4]
+ fxtod %f10,%f10
+ std %f10,[%o4+8]
+ fxtod %f14,%f14
+ std %f14,[%o4+16]
+ fxtod %f18,%f18
+ std %f18,[%o4+24]
+ fmuld %f2,%f6,%f8
+ fmuld %f2,%f10,%f12
+ fmuld %f2,%f14,%f16
+ fmuld %f2,%f18,%f20
+ fdtox %f8,%f8
+ fdtox %f12,%f12
+ fdtox %f16,%f16
+ fdtox %f20,%f20
+ fxtod %f8,%f8
+ std %f8,[%o3+8]
+ fxtod %f12,%f12
+ std %f12,[%o3+24]
+ fxtod %f16,%f16
+ std %f16,[%o3+40]
+ fxtod %f20,%f20
+ std %f20,[%o3+56]
+ fmuld %f8,%f4,%f8
+ fmuld %f12,%f4,%f12
+ fmuld %f16,%f4,%f16
+ fmuld %f20,%f4,%f20
+ fsubd %f6,%f8,%f8
+ std %f8,[%o3]
+ fsubd %f10,%f12,%f12
+ std %f12,[%o3+16]
+ fsubd %f14,%f16,%f16
+ std %f16,[%o3+32]
+ fsubd %f18,%f20,%f20
+ std %f20,[%o3+48]
+ .end
+
+
diff --git a/security/nss/lib/freebl/mpi/montmulf.s b/security/nss/lib/freebl/mpi/montmulf.s
new file mode 100644
index 000000000..69d2a3c51
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulf.s
@@ -0,0 +1,1938 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .section ".text",#alloc,#execinstr
+ .file "montmulf.c"
+
+ .section ".data",#alloc,#write
+ .align 8
+TwoTo16: /* frequency 1.0 confidence 0.0 */
+ .word 1089470464
+ .word 0
+ .type TwoTo16,#object
+ .size TwoTo16,8
+TwoToMinus16: /* frequency 1.0 confidence 0.0 */
+ .word 1055916032
+ .word 0
+ .type TwoToMinus16,#object
+ .size TwoToMinus16,8
+Zero: /* frequency 1.0 confidence 0.0 */
+ .word 0
+ .word 0
+ .type Zero,#object
+ .size Zero,8
+TwoTo32: /* frequency 1.0 confidence 0.0 */
+ .word 1106247680
+ .word 0
+ .type TwoTo32,#object
+ .size TwoTo32,8
+TwoToMinus32: /* frequency 1.0 confidence 0.0 */
+ .word 1039138816
+ .word 0
+ .type TwoToMinus32,#object
+ .size TwoToMinus32,8
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 4
+!
+! SUBROUTINE cleanup
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global cleanup
+ cleanup: /* frequency 1.0 confidence 0.0 */
+! FILE montmulf.c
+
+! 1 !#define RF_INLINE_MACROS
+! 3 !static double TwoTo16=65536.0;
+! 4 !static double TwoToMinus16=1.0/65536.0;
+! 5 !static double Zero=0.0;
+! 6 !static double TwoTo32=65536.0*65536.0;
+! 7 !static double TwoToMinus32=1.0/(65536.0*65536.0);
+! 9 !#ifdef RF_INLINE_MACROS
+! 11 !double upper32(double);
+! 12 !double lower32(double, double);
+! 13 !double mod(double, double, double);
+! 15 !#else
+! 17 !static double upper32(double x)
+! 18 !{
+! 19 ! return floor(x*TwoToMinus32);
+! 20 !}
+! 22 !static double lower32(double x, double y)
+! 23 !{
+! 24 ! return x-TwoTo32*floor(x*TwoToMinus32);
+! 25 !}
+! 27 !static double mod(double x, double oneoverm, double m)
+! 28 !{
+! 29 ! return x-m*floor(x*oneoverm);
+! 30 !}
+! 32 !#endif
+! 35 !void cleanup(double *dt, int from, int tlen)
+! 36 !{
+! 37 ! int i;
+! 38 ! double tmp,tmp1,x,x1;
+! 40 ! tmp=tmp1=Zero;
+
+/* 000000 40 ( 0 1) */ sethi %hi(Zero),%g2
+
+! 41 ! /* original code **
+! 42 ! for(i=2*from;i<2*tlen-2;i++)
+! 43 ! {
+! 44 ! x=dt[i];
+! 45 ! dt[i]=lower32(x,Zero)+tmp1;
+! 46 ! tmp1=tmp;
+! 47 ! tmp=upper32(x);
+! 48 ! }
+! 49 ! dt[tlen-2]+=tmp1;
+! 50 ! dt[tlen-1]+=tmp;
+! 51 ! **end original code ***/
+! 52 ! /* new code ***/
+! 53 ! for(i=2*from;i<2*tlen;i+=2)
+
+/* 0x0004 53 ( 1 2) */ sll %o2,1,%g3
+/* 0x0008 40 ( 1 4) */ ldd [%g2+%lo(Zero)],%f0
+/* 0x000c ( 1 2) */ add %g2,%lo(Zero),%g2
+/* 0x0010 53 ( 2 3) */ sll %o1,1,%g4
+/* 0x0014 36 ( 3 4) */ sll %o1,4,%g1
+/* 0x0018 40 ( 3 4) */ fmovd %f0,%f4
+/* 0x001c 53 ( 3 4) */ cmp %g4,%g3
+/* 0x0020 ( 3 4) */ bge,pt %icc,.L77000116 ! tprob=0.56
+/* 0x0024 ( 4 5) */ fmovd %f0,%f2
+/* 0x0028 36 ( 4 5) */ add %o0,%g1,%g1
+/* 0x002c ( 4 5) */ sub %g3,1,%g3
+
+! 54 ! {
+! 55 ! x=dt[i];
+
+/* 0x0030 55 ( 5 8) */ ldd [%g1],%f8
+ .L900000114: /* frequency 6.4 confidence 0.0 */
+/* 0x0034 ( 0 3) */ fdtox %f8,%f6
+
+! 56 ! x1=dt[i+1];
+
+/* 0x0038 56 ( 0 3) */ ldd [%g1+8],%f10
+
+! 57 ! dt[i]=lower32(x,Zero)+tmp;
+! 58 ! dt[i+1]=lower32(x1,Zero)+tmp1;
+! 59 ! tmp=upper32(x);
+! 60 ! tmp1=upper32(x1);
+
+/* 0x003c 60 ( 0 1) */ add %g4,2,%g4
+/* 0x0040 ( 1 4) */ fdtox %f8,%f8
+/* 0x0044 ( 1 2) */ cmp %g4,%g3
+/* 0x0048 ( 5 6) */ fmovs %f0,%f6
+/* 0x004c ( 7 10) */ fxtod %f6,%f6
+/* 0x0050 ( 8 11) */ fdtox %f10,%f0
+/* 0x0054 57 (10 13) */ faddd %f6,%f2,%f2
+/* 0x0058 (10 11) */ std %f2,[%g1]
+/* 0x005c (12 15) */ ldd [%g2],%f2
+/* 0x0060 (14 15) */ fmovs %f2,%f0
+/* 0x0064 (16 19) */ fxtod %f0,%f6
+/* 0x0068 (17 20) */ fdtox %f10,%f0
+/* 0x006c (18 21) */ fitod %f8,%f2
+/* 0x0070 58 (19 22) */ faddd %f6,%f4,%f4
+/* 0x0074 (19 20) */ std %f4,[%g1+8]
+/* 0x0078 60 (19 20) */ add %g1,16,%g1
+/* 0x007c (20 23) */ fitod %f0,%f4
+/* 0x0080 (20 23) */ ldd [%g2],%f0
+/* 0x0084 (20 21) */ ble,a,pt %icc,.L900000114 ! tprob=0.86
+/* 0x0088 (21 24) */ ldd [%g1],%f8
+ .L77000116: /* frequency 1.0 confidence 0.0 */
+/* 0x008c ( 0 2) */ retl ! Result =
+/* 0x0090 ( 1 2) */ nop
+/* 0x0094 0 ( 0 0) */ .type cleanup,2
+/* 0x0094 ( 0 0) */ .size cleanup,(.-cleanup)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 4
+!
+! SUBROUTINE conv_d16_to_i32
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global conv_d16_to_i32
+ conv_d16_to_i32: /* frequency 1.0 confidence 0.0 */
+/* 000000 ( 0 1) */ save %sp,-136,%sp
+
+! 61 ! }
+! 62 ! /** end new code **/
+! 63 !}
+! 66 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
+! 67 !{
+! 68 !int i;
+! 69 !long long t, t1, a, b, c, d;
+! 71 ! t1=0;
+! 72 ! a=(long long)d16[0];
+
+/* 0x0004 72 ( 1 4) */ ldd [%i1],%f0
+
+! 73 ! b=(long long)d16[1];
+! 74 ! for(i=0; i<ilen-1; i++)
+
+/* 0x0008 74 ( 1 2) */ sub %i3,1,%g2
+/* 0x000c 67 ( 1 2) */ or %g0,%i0,%g5
+/* 0x0010 74 ( 2 3) */ cmp %g2,0
+/* 0x0014 71 ( 2 3) */ or %g0,0,%o4
+/* 0x0018 72 ( 3 6) */ fdtox %f0,%f0
+/* 0x001c ( 3 4) */ std %f0,[%sp+120]
+/* 0x0020 74 ( 3 4) */ or %g0,0,%o7
+/* 0x0024 67 ( 4 5) */ or %g0,%i3,%o0
+/* 0x0028 ( 4 5) */ sub %i3,2,%o2
+/* 0x002c 73 ( 5 8) */ ldd [%i1+8],%f0
+/* 0x0030 67 ( 5 6) */ sethi %hi(0xfc00),%o0
+/* 0x0034 ( 5 6) */ add %o2,1,%g3
+/* 0x0038 ( 6 7) */ add %o0,1023,%o1
+/* 0x003c ( 6 7) */ or %g0,%g5,%o5
+/* 0x0040 73 ( 7 10) */ fdtox %f0,%f0
+/* 0x0044 ( 7 8) */ std %f0,[%sp+112]
+/* 0x0048 72 (11 13) */ ldx [%sp+120],%g4
+/* 0x004c 73 (12 14) */ ldx [%sp+112],%g1
+/* 0x0050 74 (12 13) */ ble,pt %icc,.L900000214 ! tprob=0.56
+/* 0x0054 (12 13) */ sethi %hi(0xfc00),%g2
+/* 0x0058 67 (13 14) */ or %g0,-1,%g2
+/* 0x005c 74 (13 14) */ cmp %g3,3
+/* 0x0060 67 (14 15) */ srl %g2,0,%o3
+/* 0x0064 (14 15) */ or %g0,%i1,%g2
+/* 0x0068 74 (14 15) */ bl,pn %icc,.L77000134 ! tprob=0.44
+/* 0x006c (15 18) */ ldd [%g2+16],%f0
+
+! 75 ! {
+! 76 ! c=(long long)d16[2*i+2];
+! 77 ! t1+=a&0xffffffff;
+! 78 ! t=(a>>32);
+! 79 ! d=(long long)d16[2*i+3];
+! 80 ! t1+=(b&0xffff)<<16;
+
+/* 0x0070 80 (15 16) */ and %g1,%o1,%o0
+
+! 81 ! t+=(b>>16)+(t1>>32);
+! 82 ! i32[i]=t1&0xffffffff;
+! 83 ! t1=t;
+! 84 ! a=c;
+! 85 ! b=d;
+
+/* 0x0074 85 (15 16) */ add %g2,16,%g2
+/* 0x0078 80 (16 17) */ sllx %o0,16,%g3
+/* 0x007c 77 (16 17) */ and %g4,%o3,%o0
+/* 0x0080 76 (17 20) */ fdtox %f0,%f0
+/* 0x0084 (17 18) */ std %f0,[%sp+104]
+/* 0x0088 74 (17 18) */ add %o0,%g3,%o4
+/* 0x008c 79 (18 21) */ ldd [%g2+8],%f2
+/* 0x0090 81 (18 19) */ srax %g1,16,%o0
+/* 0x0094 82 (18 19) */ and %o4,%o3,%o7
+/* 0x0098 81 (19 20) */ stx %o0,[%sp+112]
+/* 0x009c (19 20) */ srax %o4,32,%o0
+/* 0x00a0 85 (19 20) */ add %g5,4,%o5
+/* 0x00a4 81 (20 21) */ stx %o0,[%sp+120]
+/* 0x00a8 78 (20 21) */ srax %g4,32,%o4
+/* 0x00ac 79 (20 23) */ fdtox %f2,%f0
+/* 0x00b0 (21 22) */ std %f0,[%sp+96]
+/* 0x00b4 81 (22 24) */ ldx [%sp+112],%o0
+/* 0x00b8 (23 25) */ ldx [%sp+120],%g4
+/* 0x00bc 76 (25 27) */ ldx [%sp+104],%g3
+/* 0x00c0 81 (25 26) */ add %o0,%g4,%g4
+/* 0x00c4 79 (26 28) */ ldx [%sp+96],%g1
+/* 0x00c8 81 (26 27) */ add %o4,%g4,%o4
+/* 0x00cc 82 (27 28) */ st %o7,[%g5]
+/* 0x00d0 (27 28) */ or %g0,1,%o7
+/* 0x00d4 84 (27 28) */ or %g0,%g3,%g4
+ .L900000209: /* frequency 64.0 confidence 0.0 */
+/* 0x00d8 76 (17 19) */ ldd [%g2+16],%f0
+/* 0x00dc 85 (17 18) */ add %o7,1,%o7
+/* 0x00e0 (17 18) */ add %o5,4,%o5
+/* 0x00e4 (18 18) */ cmp %o7,%o2
+/* 0x00e8 (18 19) */ add %g2,16,%g2
+/* 0x00ec 76 (19 22) */ fdtox %f0,%f0
+/* 0x00f0 (20 21) */ std %f0,[%sp+104]
+/* 0x00f4 79 (21 23) */ ldd [%g2+8],%f0
+/* 0x00f8 (23 26) */ fdtox %f0,%f0
+/* 0x00fc (24 25) */ std %f0,[%sp+96]
+/* 0x0100 80 (25 26) */ and %g1,%o1,%g3
+/* 0x0104 (26 27) */ sllx %g3,16,%g3
+/* 0x0108 ( 0 0) */ stx %g3,[%sp+120]
+/* 0x010c 77 (26 27) */ and %g4,%o3,%g3
+/* 0x0110 74 ( 0 0) */ stx %o7,[%sp+128]
+/* 0x0114 ( 0 0) */ ldx [%sp+120],%o7
+/* 0x0118 (27 27) */ add %g3,%o7,%g3
+/* 0x011c ( 0 0) */ ldx [%sp+128],%o7
+/* 0x0120 81 (28 29) */ srax %g1,16,%g1
+/* 0x0124 74 (28 28) */ add %g3,%o4,%g3
+/* 0x0128 81 (29 30) */ srax %g3,32,%o4
+/* 0x012c ( 0 0) */ stx %o4,[%sp+112]
+/* 0x0130 78 (30 31) */ srax %g4,32,%o4
+/* 0x0134 81 ( 0 0) */ ldx [%sp+112],%g4
+/* 0x0138 (30 31) */ add %g1,%g4,%g4
+/* 0x013c 79 (31 33) */ ldx [%sp+96],%g1
+/* 0x0140 81 (31 32) */ add %o4,%g4,%o4
+/* 0x0144 82 (32 33) */ and %g3,%o3,%g3
+/* 0x0148 84 ( 0 0) */ ldx [%sp+104],%g4
+/* 0x014c 85 (33 34) */ ble,pt %icc,.L900000209 ! tprob=0.50
+/* 0x0150 (33 34) */ st %g3,[%o5-4]
+ .L900000212: /* frequency 8.0 confidence 0.0 */
+/* 0x0154 85 ( 0 1) */ ba .L900000214 ! tprob=1.00
+/* 0x0158 ( 0 1) */ sethi %hi(0xfc00),%g2
+ .L77000134: /* frequency 0.7 confidence 0.0 */
+ .L900000213: /* frequency 6.4 confidence 0.0 */
+/* 0x015c 77 ( 0 1) */ and %g4,%o3,%o0
+/* 0x0160 80 ( 0 1) */ and %g1,%o1,%g3
+/* 0x0164 76 ( 0 3) */ fdtox %f0,%f0
+/* 0x0168 77 ( 1 2) */ add %o4,%o0,%o0
+/* 0x016c 76 ( 1 2) */ std %f0,[%sp+104]
+/* 0x0170 85 ( 1 2) */ add %o7,1,%o7
+/* 0x0174 80 ( 2 3) */ sllx %g3,16,%o4
+/* 0x0178 79 ( 2 5) */ ldd [%g2+24],%f2
+/* 0x017c 85 ( 2 3) */ add %g2,16,%g2
+/* 0x0180 80 ( 3 4) */ add %o0,%o4,%o4
+/* 0x0184 81 ( 3 4) */ stx %o7,[%sp+128]
+/* 0x0188 ( 4 5) */ srax %g1,16,%o0
+/* 0x018c ( 4 5) */ stx %o0,[%sp+112]
+/* 0x0190 82 ( 4 5) */ and %o4,%o3,%g3
+/* 0x0194 81 ( 5 6) */ srax %o4,32,%o0
+/* 0x0198 ( 5 6) */ stx %o0,[%sp+120]
+/* 0x019c 79 ( 5 8) */ fdtox %f2,%f0
+/* 0x01a0 ( 6 7) */ std %f0,[%sp+96]
+/* 0x01a4 78 ( 6 7) */ srax %g4,32,%o4
+/* 0x01a8 81 ( 7 9) */ ldx [%sp+120],%o7
+/* 0x01ac ( 8 10) */ ldx [%sp+112],%g4
+/* 0x01b0 76 (10 12) */ ldx [%sp+104],%g1
+/* 0x01b4 81 (10 11) */ add %g4,%o7,%g4
+/* 0x01b8 (11 13) */ ldx [%sp+128],%o7
+/* 0x01bc (11 12) */ add %o4,%g4,%o4
+/* 0x01c0 79 (12 14) */ ldx [%sp+96],%o0
+/* 0x01c4 84 (12 13) */ or %g0,%g1,%g4
+/* 0x01c8 82 (13 14) */ st %g3,[%o5]
+/* 0x01cc 85 (13 14) */ add %o5,4,%o5
+/* 0x01d0 (13 14) */ cmp %o7,%o2
+/* 0x01d4 (14 15) */ or %g0,%o0,%g1
+/* 0x01d8 (14 15) */ ble,a,pt %icc,.L900000213 ! tprob=0.86
+/* 0x01dc (14 17) */ ldd [%g2+16],%f0
+ .L77000127: /* frequency 1.0 confidence 0.0 */
+
+! 86 ! }
+! 87 ! t1+=a&0xffffffff;
+! 88 ! t=(a>>32);
+! 89 ! t1+=(b&0xffff)<<16;
+! 90 ! i32[i]=t1&0xffffffff;
+
+/* 0x01e0 90 ( 0 1) */ sethi %hi(0xfc00),%g2
+ .L900000214: /* frequency 1.0 confidence 0.0 */
+/* 0x01e4 90 ( 0 1) */ or %g0,-1,%g3
+/* 0x01e8 ( 0 1) */ add %g2,1023,%g2
+/* 0x01ec ( 1 2) */ srl %g3,0,%g3
+/* 0x01f0 ( 1 2) */ and %g1,%g2,%g2
+/* 0x01f4 ( 2 3) */ and %g4,%g3,%g4
+/* 0x01f8 ( 3 4) */ sllx %g2,16,%g2
+/* 0x01fc ( 3 4) */ add %o4,%g4,%g4
+/* 0x0200 ( 4 5) */ add %g4,%g2,%g2
+/* 0x0204 ( 5 6) */ sll %o7,2,%g4
+/* 0x0208 ( 5 6) */ and %g2,%g3,%g2
+/* 0x020c ( 6 7) */ st %g2,[%g5+%g4]
+/* 0x0210 ( 7 9) */ ret ! Result =
+/* 0x0214 ( 9 10) */ restore %g0,%g0,%g0
+/* 0x0218 0 ( 0 0) */ .type conv_d16_to_i32,2
+/* 0x0218 ( 0 0) */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000301: /* frequency 1.0 confidence 0.0 */
+/* 000000 0 ( 0 0) */ .word 1127219200,0
+/* 0x0008 0 ( 0 0) */ .align 4
+!
+! SUBROUTINE conv_i32_to_d32
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global conv_i32_to_d32
+ conv_i32_to_d32: /* frequency 1.0 confidence 0.0 */
+/* 000000 ( 0 1) */ orcc %g0,%o2,%g1
+
+! 92 !}
+! 94 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
+! 95 !{
+! 96 !int i;
+! 98 !#pragma pipeloop(0)
+! 99 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
+
+/* 0x0004 99 ( 0 1) */ ble,pt %icc,.L77000140 ! tprob=0.56
+/* 0x0008 ( 0 1) */ nop
+/* 0x000c ( 1 2) */ sethi %hi(.L_const_seg_900000301),%g2
+/* 0x0010 95 ( 1 2) */ or %g0,%o1,%g4
+/* 0x0014 99 ( 2 3) */ add %g2,%lo(.L_const_seg_900000301),%g2
+/* 0x0018 ( 2 3) */ or %g0,0,%o5
+/* 0x001c 95 ( 3 4) */ or %g0,%o0,%g5
+/* 0x0020 99 ( 3 4) */ sub %o2,1,%g3
+/* 0x0024 ( 4 5) */ cmp %o2,9
+/* 0x0028 ( 4 5) */ bl,pn %icc,.L77000144 ! tprob=0.44
+/* 0x002c ( 4 7) */ ldd [%g2],%f8
+/* 0x0030 ( 5 8) */ ld [%o1],%f7
+/* 0x0034 ( 5 6) */ add %o1,16,%g4
+/* 0x0038 ( 5 6) */ sub %o2,5,%g1
+/* 0x003c ( 6 9) */ ld [%o1+4],%f5
+/* 0x0040 ( 6 7) */ or %g0,4,%o5
+/* 0x0044 ( 7 10) */ ld [%o1+8],%f3
+/* 0x0048 ( 7 8) */ fmovs %f8,%f6
+/* 0x004c ( 8 11) */ ld [%o1+12],%f1
+ .L900000305: /* frequency 64.0 confidence 0.0 */
+/* 0x0050 ( 8 16) */ ld [%g4],%f11
+/* 0x0054 ( 8 9) */ add %o5,5,%o5
+/* 0x0058 ( 8 9) */ add %g4,20,%g4
+/* 0x005c ( 8 11) */ fsubd %f6,%f8,%f6
+/* 0x0060 ( 9 10) */ std %f6,[%g5]
+/* 0x0064 ( 9 9) */ cmp %o5,%g1
+/* 0x0068 ( 9 10) */ add %g5,40,%g5
+/* 0x006c ( 0 0) */ fmovs %f8,%f4
+/* 0x0070 (10 18) */ ld [%g4-16],%f7
+/* 0x0074 (10 13) */ fsubd %f4,%f8,%f12
+/* 0x0078 ( 0 0) */ fmovs %f8,%f2
+/* 0x007c (11 12) */ std %f12,[%g5-32]
+/* 0x0080 (12 20) */ ld [%g4-12],%f5
+/* 0x0084 (12 15) */ fsubd %f2,%f8,%f12
+/* 0x0088 ( 0 0) */ fmovs %f8,%f0
+/* 0x008c (13 14) */ std %f12,[%g5-24]
+/* 0x0090 (14 22) */ ld [%g4-8],%f3
+/* 0x0094 (14 17) */ fsubd %f0,%f8,%f12
+/* 0x0098 ( 0 0) */ fmovs %f8,%f10
+/* 0x009c (15 16) */ std %f12,[%g5-16]
+/* 0x00a0 (16 24) */ ld [%g4-4],%f1
+/* 0x00a4 (16 19) */ fsubd %f10,%f8,%f10
+/* 0x00a8 ( 0 0) */ fmovs %f8,%f6
+/* 0x00ac (17 18) */ ble,pt %icc,.L900000305 ! tprob=0.50
+/* 0x00b0 (17 18) */ std %f10,[%g5-8]
+ .L900000308: /* frequency 8.0 confidence 0.0 */
+/* 0x00b4 ( 0 1) */ fmovs %f8,%f4
+/* 0x00b8 ( 0 1) */ add %g5,32,%g5
+/* 0x00bc ( 0 1) */ cmp %o5,%g3
+/* 0x00c0 ( 1 2) */ fmovs %f8,%f2
+/* 0x00c4 ( 2 3) */ fmovs %f8,%f0
+/* 0x00c8 ( 4 7) */ fsubd %f6,%f8,%f6
+/* 0x00cc ( 4 5) */ std %f6,[%g5-32]
+/* 0x00d0 ( 5 8) */ fsubd %f4,%f8,%f4
+/* 0x00d4 ( 5 6) */ std %f4,[%g5-24]
+/* 0x00d8 ( 6 9) */ fsubd %f2,%f8,%f2
+/* 0x00dc ( 6 7) */ std %f2,[%g5-16]
+/* 0x00e0 ( 7 10) */ fsubd %f0,%f8,%f0
+/* 0x00e4 ( 7 8) */ bg,pn %icc,.L77000140 ! tprob=0.14
+/* 0x00e8 ( 7 8) */ std %f0,[%g5-8]
+ .L77000144: /* frequency 0.7 confidence 0.0 */
+/* 0x00ec ( 0 3) */ ld [%g4],%f1
+ .L900000309: /* frequency 6.4 confidence 0.0 */
+/* 0x00f0 ( 0 3) */ ldd [%g2],%f8
+/* 0x00f4 ( 0 1) */ add %o5,1,%o5
+/* 0x00f8 ( 0 1) */ add %g4,4,%g4
+/* 0x00fc ( 1 2) */ cmp %o5,%g3
+/* 0x0100 ( 2 3) */ fmovs %f8,%f0
+/* 0x0104 ( 4 7) */ fsubd %f0,%f8,%f0
+/* 0x0108 ( 4 5) */ std %f0,[%g5]
+/* 0x010c ( 4 5) */ add %g5,8,%g5
+/* 0x0110 ( 4 5) */ ble,a,pt %icc,.L900000309 ! tprob=0.86
+/* 0x0114 ( 6 9) */ ld [%g4],%f1
+ .L77000140: /* frequency 1.0 confidence 0.0 */
+/* 0x0118 ( 0 2) */ retl ! Result =
+/* 0x011c ( 1 2) */ nop
+/* 0x0120 0 ( 0 0) */ .type conv_i32_to_d32,2
+/* 0x0120 ( 0 0) */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000401: /* frequency 1.0 confidence 0.0 */
+/* 000000 0 ( 0 0) */ .word 1127219200,0
+/* 0x0008 0 ( 0 0) */ .align 4
+!
+! SUBROUTINE conv_i32_to_d16
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global conv_i32_to_d16
+ conv_i32_to_d16: /* frequency 1.0 confidence 0.0 */
+/* 000000 ( 0 1) */ save %sp,-104,%sp
+/* 0x0004 ( 1 2) */ orcc %g0,%i2,%o0
+
+! 100 !}
+! 103 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
+! 104 !{
+! 105 !int i;
+! 106 !unsigned int a;
+! 108 !#pragma pipeloop(0)
+! 109 ! for(i=0;i<len;i++)
+
+/* 0x0008 109 ( 1 2) */ ble,pt %icc,.L77000150 ! tprob=0.56
+/* 0x000c ( 1 2) */ nop
+/* 0x0010 ( 2 3) */ sub %o0,1,%o5
+/* 0x0014 ( 2 3) */ sethi %hi(0xfc00),%g2
+
+! 110 ! {
+! 111 ! a=i32[i];
+! 112 ! d16[2*i]=(double)(a&0xffff);
+! 113 ! d16[2*i+1]=(double)(a>>16);
+
+/* 0x0018 113 ( 3 4) */ sethi %hi(.L_const_seg_900000401),%o0
+/* 0x001c ( 3 4) */ add %o5,1,%g3
+/* 0x0020 ( 4 5) */ add %g2,1023,%o4
+/* 0x0024 109 ( 4 5) */ or %g0,0,%g1
+/* 0x0028 ( 5 6) */ cmp %g3,3
+/* 0x002c ( 5 6) */ or %g0,%i1,%o7
+/* 0x0030 ( 6 7) */ add %o0,%lo(.L_const_seg_900000401),%o3
+/* 0x0034 ( 6 7) */ or %g0,%i0,%g2
+/* 0x0038 ( 6 7) */ bl,pn %icc,.L77000154 ! tprob=0.44
+/* 0x003c ( 7 8) */ add %o7,4,%o0
+/* 0x0040 112 ( 7 10) */ ldd [%o3],%f0
+/* 0x0044 113 ( 7 8) */ or %g0,1,%g1
+/* 0x0048 111 ( 8 11) */ ld [%o0-4],%o1
+/* 0x004c 0 ( 8 9) */ or %g0,%o0,%o7
+/* 0x0050 112 (10 11) */ and %o1,%o4,%o0
+ .L900000406: /* frequency 64.0 confidence 0.0 */
+/* 0x0054 112 (22 23) */ st %o0,[%sp+96]
+/* 0x0058 113 (22 23) */ add %g1,1,%g1
+/* 0x005c (22 23) */ add %g2,16,%g2
+/* 0x0060 (23 23) */ cmp %g1,%o5
+/* 0x0064 (23 24) */ add %o7,4,%o7
+/* 0x0068 112 (29 31) */ ld [%sp+96],%f3
+/* 0x006c ( 0 0) */ fmovs %f0,%f2
+/* 0x0070 (31 34) */ fsubd %f2,%f0,%f2
+/* 0x0074 113 (32 33) */ srl %o1,16,%o0
+/* 0x0078 112 (32 33) */ std %f2,[%g2-16]
+/* 0x007c 113 (33 34) */ st %o0,[%sp+92]
+/* 0x0080 (40 42) */ ld [%sp+92],%f3
+/* 0x0084 111 (41 43) */ ld [%o7-4],%o1
+/* 0x0088 113 ( 0 0) */ fmovs %f0,%f2
+/* 0x008c (42 45) */ fsubd %f2,%f0,%f2
+/* 0x0090 112 (43 44) */ and %o1,%o4,%o0
+/* 0x0094 113 (43 44) */ ble,pt %icc,.L900000406 ! tprob=0.50
+/* 0x0098 (43 44) */ std %f2,[%g2-8]
+ .L900000409: /* frequency 8.0 confidence 0.0 */
+/* 0x009c 112 ( 0 1) */ st %o0,[%sp+96]
+/* 0x00a0 ( 0 1) */ fmovs %f0,%f2
+/* 0x00a4 113 ( 0 1) */ add %g2,16,%g2
+/* 0x00a8 ( 1 2) */ srl %o1,16,%o0
+/* 0x00ac 112 ( 4 7) */ ld [%sp+96],%f3
+/* 0x00b0 ( 6 9) */ fsubd %f2,%f0,%f2
+/* 0x00b4 ( 6 7) */ std %f2,[%g2-16]
+/* 0x00b8 113 ( 7 8) */ st %o0,[%sp+92]
+/* 0x00bc (10 11) */ fmovs %f0,%f2
+/* 0x00c0 (11 14) */ ld [%sp+92],%f3
+/* 0x00c4 (13 16) */ fsubd %f2,%f0,%f0
+/* 0x00c8 (13 14) */ std %f0,[%g2-8]
+/* 0x00cc (14 16) */ ret ! Result =
+/* 0x00d0 (16 17) */ restore %g0,%g0,%g0
+ .L77000154: /* frequency 0.7 confidence 0.0 */
+/* 0x00d4 111 ( 0 3) */ ld [%o7],%o0
+ .L900000410: /* frequency 6.4 confidence 0.0 */
+/* 0x00d8 112 ( 0 1) */ and %o0,%o4,%o1
+/* 0x00dc ( 0 1) */ st %o1,[%sp+96]
+/* 0x00e0 113 ( 0 1) */ add %g1,1,%g1
+/* 0x00e4 112 ( 1 4) */ ldd [%o3],%f0
+/* 0x00e8 113 ( 1 2) */ srl %o0,16,%o0
+/* 0x00ec ( 1 2) */ add %o7,4,%o7
+/* 0x00f0 ( 2 3) */ cmp %g1,%o5
+/* 0x00f4 112 ( 3 4) */ fmovs %f0,%f2
+/* 0x00f8 ( 4 7) */ ld [%sp+96],%f3
+/* 0x00fc ( 6 9) */ fsubd %f2,%f0,%f2
+/* 0x0100 ( 6 7) */ std %f2,[%g2]
+/* 0x0104 113 ( 7 8) */ st %o0,[%sp+92]
+/* 0x0108 (10 11) */ fmovs %f0,%f2
+/* 0x010c (11 14) */ ld [%sp+92],%f3
+/* 0x0110 (13 16) */ fsubd %f2,%f0,%f0
+/* 0x0114 (13 14) */ std %f0,[%g2+8]
+/* 0x0118 (13 14) */ add %g2,16,%g2
+/* 0x011c (13 14) */ ble,a,pt %icc,.L900000410 ! tprob=0.86
+/* 0x0120 (14 17) */ ld [%o7],%o0
+ .L77000150: /* frequency 1.0 confidence 0.0 */
+/* 0x0124 ( 0 2) */ ret ! Result =
+/* 0x0128 ( 2 3) */ restore %g0,%g0,%g0
+/* 0x012c 0 ( 0 0) */ .type conv_i32_to_d16,2
+/* 0x012c ( 0 0) */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000501: /* frequency 1.0 confidence 0.0 */
+/* 000000 0 ( 0 0) */ .word 1127219200,0
+/* 0x0008 0 ( 0 0) */ .align 4
+!
+! SUBROUTINE conv_i32_to_d32_and_d16
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global conv_i32_to_d32_and_d16
+ conv_i32_to_d32_and_d16: /* frequency 1.0 confidence 0.0 */
+/* 000000 ( 0 1) */ save %sp,-104,%sp
+/* 0x0004 ( 1 2) */ or %g0,%i3,%i4
+/* 0x0008 ( 1 2) */ or %g0,%i2,%g1
+
+! 114 ! }
+! 115 !}
+! 118 !void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
+! 119 ! double * /* 0 */,
+! 120 ! double * /*result16*/, double * /* result32 */,
+! 121 ! float * /*source - should be unsigned int*
+! 122 ! converted to float* */);
+! 126 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
+! 127 ! unsigned int *i32, int len)
+! 128 !{
+! 129 !int i;
+! 130 !unsigned int a;
+! 132 !#pragma pipeloop(0)
+! 133 ! for(i=0;i<len-3;i+=4)
+
+/* 0x000c 133 ( 2 3) */ sub %i4,3,%g2
+/* 0x0010 ( 2 3) */ or %g0,0,%o7
+/* 0x0014 ( 3 4) */ cmp %g2,0
+/* 0x0018 128 ( 3 4) */ or %g0,%i0,%i3
+/* 0x001c 133 ( 3 4) */ ble,pt %icc,.L900000515 ! tprob=0.56
+/* 0x0020 ( 4 5) */ cmp %o7,%i4
+
+! 134 ! {
+! 135 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
+! 136 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
+
+/* 0x0024 136 ( 4 5) */ sethi %hi(Zero),%g2
+/* 0x0028 133 ( 5 6) */ or %g0,%g1,%o3
+/* 0x002c ( 5 6) */ sub %i4,4,%o2
+/* 0x0030 136 ( 6 7) */ add %g2,%lo(Zero),%o1
+/* 0x0034 133 ( 6 7) */ or %g0,0,%o5
+/* 0x0038 ( 7 8) */ or %g0,0,%o4
+/* 0x003c 136 ( 7 8) */ or %g0,%o3,%g4
+ .L900000514: /* frequency 6.4 confidence 0.0 */
+/* 0x0040 ( 0 3) */ ldd [%o1],%f2
+/* 0x0044 136 ( 0 1) */ add %i3,%o5,%g2
+/* 0x0048 ( 0 1) */ add %i1,%o4,%g3
+/* 0x004c ( 1 4) */ ldd [%o1-8],%f0
+/* 0x0050 ( 1 2) */ add %o7,4,%o7
+/* 0x0054 ( 1 2) */ add %o3,16,%o3
+/* 0x0058 ( 2 3) */ fmovd %f2,%f14
+/* 0x005c ( 2 5) */ ld [%g4],%f15
+/* 0x0060 ( 2 3) */ cmp %o7,%o2
+/* 0x0064 ( 3 4) */ fmovd %f2,%f10
+/* 0x0068 ( 3 6) */ ld [%g4+4],%f11
+/* 0x006c ( 4 5) */ fmovd %f2,%f6
+/* 0x0070 ( 4 7) */ ld [%g4+8],%f7
+/* 0x0074 ( 5 8) */ ld [%g4+12],%f3
+/* 0x0078 ( 5 8) */ fxtod %f14,%f14
+/* 0x007c ( 6 9) */ fxtod %f10,%f10
+/* 0x0080 ( 6 9) */ ldd [%o1-16],%f16
+/* 0x0084 ( 7 10) */ fxtod %f6,%f6
+/* 0x0088 ( 7 8) */ std %f14,[%i3+%o5]
+/* 0x008c ( 7 8) */ add %o5,32,%o5
+/* 0x0090 ( 8 11) */ fxtod %f2,%f2
+/* 0x0094 ( 8 11) */ fmuld %f0,%f14,%f12
+/* 0x0098 ( 8 9) */ std %f10,[%g2+8]
+/* 0x009c ( 9 12) */ fmuld %f0,%f10,%f8
+/* 0x00a0 ( 9 10) */ std %f6,[%g2+16]
+/* 0x00a4 (10 13) */ fmuld %f0,%f6,%f4
+/* 0x00a8 (10 11) */ std %f2,[%g2+24]
+/* 0x00ac (11 14) */ fmuld %f0,%f2,%f0
+/* 0x00b0 (11 14) */ fdtox %f12,%f12
+/* 0x00b4 (12 15) */ fdtox %f8,%f8
+/* 0x00b8 (13 16) */ fdtox %f4,%f4
+/* 0x00bc (14 17) */ fdtox %f0,%f0
+/* 0x00c0 (15 18) */ fxtod %f12,%f12
+/* 0x00c4 (15 16) */ std %f12,[%g3+8]
+/* 0x00c8 (16 19) */ fxtod %f8,%f8
+/* 0x00cc (16 17) */ std %f8,[%g3+24]
+/* 0x00d0 (17 20) */ fxtod %f4,%f4
+/* 0x00d4 (17 18) */ std %f4,[%g3+40]
+/* 0x00d8 (18 21) */ fxtod %f0,%f0
+/* 0x00dc (18 21) */ fmuld %f12,%f16,%f12
+/* 0x00e0 (18 19) */ std %f0,[%g3+56]
+/* 0x00e4 (19 22) */ fmuld %f8,%f16,%f8
+/* 0x00e8 (20 23) */ fmuld %f4,%f16,%f4
+/* 0x00ec (21 24) */ fmuld %f0,%f16,%f0
+/* 0x00f0 (21 24) */ fsubd %f14,%f12,%f12
+/* 0x00f4 (21 22) */ std %f12,[%i1+%o4]
+/* 0x00f8 (22 25) */ fsubd %f10,%f8,%f8
+/* 0x00fc (22 23) */ std %f8,[%g3+16]
+/* 0x0100 (22 23) */ add %o4,64,%o4
+/* 0x0104 (23 26) */ fsubd %f6,%f4,%f4
+/* 0x0108 (23 24) */ std %f4,[%g3+32]
+/* 0x010c (24 27) */ fsubd %f2,%f0,%f0
+/* 0x0110 (24 25) */ std %f0,[%g3+48]
+/* 0x0114 (24 25) */ ble,pt %icc,.L900000514 ! tprob=0.86
+/* 0x0118 (25 26) */ or %g0,%o3,%g4
+ .L77000159: /* frequency 1.0 confidence 0.0 */
+
+! 137 ! }
+! 138 ! for(;i<len;i++)
+
+/* 0x011c 138 ( 0 1) */ cmp %o7,%i4
+ .L900000515: /* frequency 1.0 confidence 0.0 */
+/* 0x0120 138 ( 0 1) */ bge,pt %icc,.L77000164 ! tprob=0.56
+/* 0x0124 ( 0 1) */ nop
+
+! 139 ! {
+! 140 ! a=i32[i];
+! 141 ! d32[i]=(double)(i32[i]);
+! 142 ! d16[2*i]=(double)(a&0xffff);
+! 143 ! d16[2*i+1]=(double)(a>>16);
+
+/* 0x0128 143 ( 0 1) */ sethi %hi(.L_const_seg_900000501),%o1
+/* 0x012c 138 ( 1 2) */ sethi %hi(0xfc00),%o0
+/* 0x0130 141 ( 1 4) */ ldd [%o1+%lo(.L_const_seg_900000501)],%f0
+/* 0x0134 138 ( 1 2) */ sub %i4,%o7,%g3
+/* 0x0138 ( 2 3) */ sll %o7,2,%g2
+/* 0x013c ( 2 3) */ add %o0,1023,%o3
+/* 0x0140 ( 3 4) */ sll %o7,3,%g4
+/* 0x0144 ( 3 4) */ cmp %g3,3
+/* 0x0148 ( 4 5) */ add %g1,%g2,%o0
+/* 0x014c ( 4 5) */ add %o1,%lo(.L_const_seg_900000501),%o2
+/* 0x0150 ( 5 6) */ add %i3,%g4,%o4
+/* 0x0154 ( 5 6) */ sub %i4,1,%o1
+/* 0x0158 ( 6 7) */ sll %o7,4,%g5
+/* 0x015c ( 6 7) */ bl,pn %icc,.L77000161 ! tprob=0.44
+/* 0x0160 ( 7 8) */ add %i1,%g5,%o5
+/* 0x0164 141 ( 7 10) */ ld [%g1+%g2],%f3
+/* 0x0168 143 ( 7 8) */ add %o4,8,%o4
+/* 0x016c 140 ( 8 11) */ ld [%g1+%g2],%g1
+/* 0x0170 143 ( 8 9) */ add %o5,16,%o5
+/* 0x0174 ( 8 9) */ add %o7,1,%o7
+/* 0x0178 141 ( 9 10) */ fmovs %f0,%f2
+/* 0x017c 143 ( 9 10) */ add %o0,4,%o0
+/* 0x0180 142 (10 11) */ and %g1,%o3,%g2
+/* 0x0184 141 (11 14) */ fsubd %f2,%f0,%f2
+/* 0x0188 (11 12) */ std %f2,[%o4-8]
+/* 0x018c 143 (11 12) */ srl %g1,16,%g1
+/* 0x0190 142 (12 13) */ st %g2,[%sp+96]
+/* 0x0194 (15 16) */ fmovs %f0,%f2
+/* 0x0198 (16 19) */ ld [%sp+96],%f3
+/* 0x019c (18 21) */ fsubd %f2,%f0,%f2
+/* 0x01a0 (18 19) */ std %f2,[%o5-16]
+/* 0x01a4 143 (19 20) */ st %g1,[%sp+92]
+/* 0x01a8 (22 23) */ fmovs %f0,%f2
+/* 0x01ac (23 26) */ ld [%sp+92],%f3
+/* 0x01b0 (25 28) */ fsubd %f2,%f0,%f2
+/* 0x01b4 (25 26) */ std %f2,[%o5-8]
+ .L900000509: /* frequency 64.0 confidence 0.0 */
+/* 0x01b8 141 (26 28) */ ld [%o0],%f3
+/* 0x01bc 143 (26 27) */ add %o7,2,%o7
+/* 0x01c0 (26 27) */ add %o5,32,%o5
+/* 0x01c4 140 (27 29) */ ld [%o0],%g1
+/* 0x01c8 143 (27 27) */ cmp %o7,%o1
+/* 0x01cc (27 28) */ add %o4,16,%o4
+/* 0x01d0 141 ( 0 0) */ fmovs %f0,%f2
+/* 0x01d4 (28 31) */ fsubd %f2,%f0,%f2
+/* 0x01d8 (29 30) */ std %f2,[%o4-16]
+/* 0x01dc 142 (29 30) */ and %g1,%o3,%g2
+/* 0x01e0 (30 31) */ st %g2,[%sp+96]
+/* 0x01e4 (37 39) */ ld [%sp+96],%f3
+/* 0x01e8 ( 0 0) */ fmovs %f0,%f2
+/* 0x01ec (39 42) */ fsubd %f2,%f0,%f2
+/* 0x01f0 143 (40 41) */ srl %g1,16,%g1
+/* 0x01f4 142 (40 41) */ std %f2,[%o5-32]
+/* 0x01f8 143 (41 42) */ st %g1,[%sp+92]
+/* 0x01fc (48 50) */ ld [%sp+92],%f3
+/* 0x0200 ( 0 0) */ fmovs %f0,%f2
+/* 0x0204 (50 53) */ fsubd %f2,%f0,%f2
+/* 0x0208 (51 52) */ std %f2,[%o5-24]
+/* 0x020c (51 52) */ add %o0,4,%o0
+/* 0x0210 141 (52 54) */ ld [%o0],%f3
+/* 0x0214 140 (53 55) */ ld [%o0],%g1
+/* 0x0218 141 ( 0 0) */ fmovs %f0,%f2
+/* 0x021c (54 57) */ fsubd %f2,%f0,%f2
+/* 0x0220 (55 56) */ std %f2,[%o4-8]
+/* 0x0224 142 (55 56) */ and %g1,%o3,%g2
+/* 0x0228 (56 57) */ st %g2,[%sp+96]
+/* 0x022c (63 65) */ ld [%sp+96],%f3
+/* 0x0230 ( 0 0) */ fmovs %f0,%f2
+/* 0x0234 (65 68) */ fsubd %f2,%f0,%f2
+/* 0x0238 143 (66 67) */ srl %g1,16,%g1
+/* 0x023c 142 (66 67) */ std %f2,[%o5-16]
+/* 0x0240 143 (67 68) */ st %g1,[%sp+92]
+/* 0x0244 (74 76) */ ld [%sp+92],%f3
+/* 0x0248 ( 0 0) */ fmovs %f0,%f2
+/* 0x024c (76 79) */ fsubd %f2,%f0,%f2
+/* 0x0250 (77 78) */ std %f2,[%o5-8]
+/* 0x0254 (77 78) */ bl,pt %icc,.L900000509 ! tprob=0.50
+/* 0x0258 (77 78) */ add %o0,4,%o0
+ .L900000512: /* frequency 8.0 confidence 0.0 */
+/* 0x025c 143 ( 0 1) */ cmp %o7,%i4
+/* 0x0260 ( 0 1) */ bge,pn %icc,.L77000164 ! tprob=0.14
+/* 0x0264 ( 0 1) */ nop
+ .L77000161: /* frequency 0.7 confidence 0.0 */
+/* 0x0268 141 ( 0 3) */ ld [%o0],%f3
+ .L900000513: /* frequency 6.4 confidence 0.0 */
+/* 0x026c 141 ( 0 3) */ ldd [%o2],%f0
+/* 0x0270 143 ( 0 1) */ add %o7,1,%o7
+/* 0x0274 140 ( 1 4) */ ld [%o0],%o1
+/* 0x0278 143 ( 1 2) */ add %o0,4,%o0
+/* 0x027c ( 1 2) */ cmp %o7,%i4
+/* 0x0280 141 ( 2 3) */ fmovs %f0,%f2
+/* 0x0284 142 ( 3 4) */ and %o1,%o3,%g1
+/* 0x0288 141 ( 4 7) */ fsubd %f2,%f0,%f2
+/* 0x028c ( 4 5) */ std %f2,[%o4]
+/* 0x0290 143 ( 4 5) */ srl %o1,16,%o1
+/* 0x0294 142 ( 5 6) */ st %g1,[%sp+96]
+/* 0x0298 143 ( 5 6) */ add %o4,8,%o4
+/* 0x029c 142 ( 8 9) */ fmovs %f0,%f2
+/* 0x02a0 ( 9 12) */ ld [%sp+96],%f3
+/* 0x02a4 (11 14) */ fsubd %f2,%f0,%f2
+/* 0x02a8 (11 12) */ std %f2,[%o5]
+/* 0x02ac 143 (12 13) */ st %o1,[%sp+92]
+/* 0x02b0 (15 16) */ fmovs %f0,%f2
+/* 0x02b4 (16 19) */ ld [%sp+92],%f3
+/* 0x02b8 (18 21) */ fsubd %f2,%f0,%f0
+/* 0x02bc (18 19) */ std %f0,[%o5+8]
+/* 0x02c0 (18 19) */ add %o5,16,%o5
+/* 0x02c4 (18 19) */ bl,a,pt %icc,.L900000513 ! tprob=0.86
+/* 0x02c8 (19 22) */ ld [%o0],%f3
+ .L77000164: /* frequency 1.0 confidence 0.0 */
+/* 0x02cc ( 0 2) */ ret ! Result =
+/* 0x02d0 ( 2 3) */ restore %g0,%g0,%g0
+/* 0x02d4 0 ( 0 0) */ .type conv_i32_to_d32_and_d16,2
+/* 0x02d4 ( 0 0) */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 4
+!
+! SUBROUTINE adjust_montf_result
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global adjust_montf_result
+ adjust_montf_result: /* frequency 1.0 confidence 0.0 */
+
+! 144 ! }
+! 145 !}
+! 148 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
+! 149 !{
+! 150 !long long acc;
+! 151 !int i;
+! 153 ! if(i32[len]>0) i=-1;
+
+/* 000000 153 ( 0 1) */ sll %o2,2,%g1
+/* 0x0004 ( 0 1) */ or %g0,-1,%g3
+/* 0x0008 ( 1 4) */ ld [%o0+%g1],%g1
+/* 0x000c ( 3 4) */ cmp %g1,0
+/* 0x0010 ( 3 4) */ bleu,pn %icc,.L77000175 ! tprob=0.50
+/* 0x0014 ( 3 4) */ or %g0,%o1,%o3
+/* 0x0018 ( 4 5) */ ba .L900000611 ! tprob=1.00
+/* 0x001c ( 4 5) */ cmp %g3,0
+ .L77000175: /* frequency 0.8 confidence 0.0 */
+
+! 154 ! else
+! 155 ! {
+! 156 ! for(i=len-1; i>=0; i++)
+
+/* 0x0020 156 ( 0 1) */ subcc %o2,1,%g3
+/* 0x0024 ( 0 1) */ bneg,pt %icc,.L900000611 ! tprob=0.60
+/* 0x0028 ( 1 2) */ cmp %g3,0
+/* 0x002c ( 1 2) */ sll %g3,2,%g1
+/* 0x0030 ( 2 3) */ add %o0,%g1,%g2
+/* 0x0034 ( 2 3) */ add %o1,%g1,%g1
+
+! 157 ! {
+! 158 ! if(i32[i]!=nint[i]) break;
+
+/* 0x0038 158 ( 3 6) */ ld [%g1],%g5
+ .L900000610: /* frequency 5.3 confidence 0.0 */
+/* 0x003c 158 ( 0 3) */ ld [%g2],%o5
+/* 0x0040 ( 0 1) */ add %g1,4,%g1
+/* 0x0044 ( 0 1) */ add %g2,4,%g2
+/* 0x0048 ( 2 3) */ cmp %o5,%g5
+/* 0x004c ( 2 3) */ bne,pn %icc,.L77000182 ! tprob=0.16
+/* 0x0050 ( 2 3) */ nop
+/* 0x0054 ( 3 4) */ addcc %g3,1,%g3
+/* 0x0058 ( 3 4) */ bpos,a,pt %icc,.L900000610 ! tprob=0.84
+/* 0x005c ( 3 6) */ ld [%g1],%g5
+ .L77000182: /* frequency 1.0 confidence 0.0 */
+
+! 159 ! }
+! 160 ! }
+! 161 ! if((i<0)||(i32[i]>nint[i]))
+
+/* 0x0060 161 ( 0 1) */ cmp %g3,0
+ .L900000611: /* frequency 1.0 confidence 0.0 */
+/* 0x0064 161 ( 0 1) */ bl,pn %icc,.L77000198 ! tprob=0.50
+/* 0x0068 ( 0 1) */ sll %g3,2,%g2
+/* 0x006c ( 1 4) */ ld [%o1+%g2],%g1
+/* 0x0070 ( 2 5) */ ld [%o0+%g2],%g2
+/* 0x0074 ( 4 5) */ cmp %g2,%g1
+/* 0x0078 ( 4 5) */ bleu,pt %icc,.L77000191 ! tprob=0.56
+/* 0x007c ( 4 5) */ nop
+ .L77000198: /* frequency 0.8 confidence 0.0 */
+
+! 162 ! {
+! 163 ! acc=0;
+! 164 ! for(i=0;i<len;i++)
+
+/* 0x0080 164 ( 0 1) */ cmp %o2,0
+/* 0x0084 ( 0 1) */ ble,pt %icc,.L77000191 ! tprob=0.60
+/* 0x0088 ( 0 1) */ nop
+/* 0x008c 161 ( 1 2) */ or %g0,-1,%g2
+/* 0x0090 ( 1 2) */ sub %o2,1,%g4
+/* 0x0094 ( 2 3) */ srl %g2,0,%g3
+/* 0x0098 163 ( 2 3) */ or %g0,0,%g5
+/* 0x009c 164 ( 3 4) */ or %g0,0,%o5
+/* 0x00a0 161 ( 3 4) */ or %g0,%o0,%o4
+/* 0x00a4 ( 4 5) */ cmp %o2,3
+/* 0x00a8 ( 4 5) */ add %o1,4,%g2
+/* 0x00ac 164 ( 4 5) */ bl,pn %icc,.L77000199 ! tprob=0.40
+/* 0x00b0 ( 5 6) */ add %o0,8,%g1
+
+! 165 ! {
+! 166 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
+
+/* 0x00b4 166 ( 5 8) */ ld [%o0],%o2
+/* 0x00b8 0 ( 5 6) */ or %g0,%g2,%o3
+/* 0x00bc 166 ( 6 9) */ ld [%o1],%o1
+/* 0x00c0 0 ( 6 7) */ or %g0,%g1,%o4
+
+! 167 ! i32[i]=acc&0xffffffff;
+! 168 ! acc=acc>>32;
+
+/* 0x00c4 168 ( 6 7) */ or %g0,2,%o5
+/* 0x00c8 166 ( 7 10) */ ld [%o0+4],%g1
+/* 0x00cc 164 ( 8 9) */ sub %o2,%o1,%o2
+/* 0x00d0 ( 9 10) */ or %g0,%o2,%g5
+/* 0x00d4 167 ( 9 10) */ and %o2,%g3,%o2
+/* 0x00d8 ( 9 10) */ st %o2,[%o0]
+/* 0x00dc 168 (10 11) */ srax %g5,32,%g5
+ .L900000605: /* frequency 64.0 confidence 0.0 */
+/* 0x00e0 166 (12 20) */ ld [%o3],%o2
+/* 0x00e4 168 (12 13) */ add %o5,1,%o5
+/* 0x00e8 (12 13) */ add %o3,4,%o3
+/* 0x00ec (13 13) */ cmp %o5,%g4
+/* 0x00f0 (13 14) */ add %o4,4,%o4
+/* 0x00f4 164 (14 14) */ sub %g1,%o2,%g1
+/* 0x00f8 (15 15) */ add %g1,%g5,%g5
+/* 0x00fc 167 (16 17) */ and %g5,%g3,%o2
+/* 0x0100 166 (16 24) */ ld [%o4-4],%g1
+/* 0x0104 167 (17 18) */ st %o2,[%o4-8]
+/* 0x0108 168 (17 18) */ ble,pt %icc,.L900000605 ! tprob=0.50
+/* 0x010c (17 18) */ srax %g5,32,%g5
+ .L900000608: /* frequency 8.0 confidence 0.0 */
+/* 0x0110 166 ( 0 3) */ ld [%o3],%g2
+/* 0x0114 164 ( 2 3) */ sub %g1,%g2,%g1
+/* 0x0118 ( 3 4) */ add %g1,%g5,%g1
+/* 0x011c 167 ( 4 5) */ and %g1,%g3,%g2
+/* 0x0120 ( 5 7) */ retl ! Result =
+/* 0x0124 ( 6 7) */ st %g2,[%o4-4]
+ .L77000199: /* frequency 0.6 confidence 0.0 */
+/* 0x0128 166 ( 0 3) */ ld [%o4],%g1
+ .L900000609: /* frequency 5.3 confidence 0.0 */
+/* 0x012c 166 ( 0 3) */ ld [%o3],%g2
+/* 0x0130 ( 0 1) */ add %g5,%g1,%g1
+/* 0x0134 168 ( 0 1) */ add %o5,1,%o5
+/* 0x0138 ( 1 2) */ add %o3,4,%o3
+/* 0x013c ( 1 2) */ cmp %o5,%g4
+/* 0x0140 166 ( 2 3) */ sub %g1,%g2,%g1
+/* 0x0144 167 ( 3 4) */ and %g1,%g3,%g2
+/* 0x0148 ( 3 4) */ st %g2,[%o4]
+/* 0x014c 168 ( 3 4) */ add %o4,4,%o4
+/* 0x0150 ( 4 5) */ srax %g1,32,%g5
+/* 0x0154 ( 4 5) */ ble,a,pt %icc,.L900000609 ! tprob=0.84
+/* 0x0158 ( 4 7) */ ld [%o4],%g1
+ .L77000191: /* frequency 1.0 confidence 0.0 */
+/* 0x015c ( 0 2) */ retl ! Result =
+/* 0x0160 ( 1 2) */ nop
+/* 0x0164 0 ( 0 0) */ .type adjust_montf_result,2
+/* 0x0164 ( 0 0) */ .size adjust_montf_result,(.-adjust_montf_result)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .align 32
+!
+! SUBROUTINE mont_mulf_noconv
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .global mont_mulf_noconv
+ mont_mulf_noconv: /* frequency 1.0 confidence 0.0 */
+/* 000000 ( 0 1) */ save %sp,-144,%sp
+/* 0x0004 ( 1 2) */ st %i0,[%fp+68]
+
+! 169 ! }
+! 170 ! }
+! 171 !}
+! 175 !void cleanup(double *dt, int from, int tlen);
+! 177 !/*
+! 178 !** the lengths of the input arrays should be at least the following:
+! 179 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
+! 180 !** all of them should be different from one another
+! 181 !**
+! 182 !*/
+! 183 !void mont_mulf_noconv(unsigned int *result,
+! 184 ! double *dm1, double *dm2, double *dt,
+! 185 ! double *dn, unsigned int *nint,
+! 186 ! int nlen, double dn0)
+! 187 !{
+! 188 ! int i, j, jj;
+! 189 ! int tmp;
+! 190 ! double digit, m2j, nextm2j, a, b;
+! 191 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
+! 193 ! pdm1=&(dm1[0]);
+! 194 ! pdm2=&(dm2[0]);
+! 195 ! pdn=&(dn[0]);
+! 196 ! pdm2[2*nlen]=Zero;
+
+/* 0x0008 196 ( 1 2) */ sethi %hi(Zero),%g2
+/* 0x000c 187 ( 1 2) */ or %g0,%i2,%o1
+/* 0x0010 ( 2 3) */ st %i5,[%fp+88]
+/* 0x0014 ( 2 3) */ or %g0,%i3,%o2
+/* 0x0018 196 ( 2 3) */ add %g2,%lo(Zero),%g4
+/* 0x001c ( 3 6) */ ldd [%g2+%lo(Zero)],%f2
+/* 0x0020 187 ( 3 4) */ or %g0,%o2,%g5
+/* 0x0024 196 ( 3 4) */ or %g0,%o1,%i0
+/* 0x0028 187 ( 4 5) */ or %g0,%i4,%i2
+
+! 198 ! if (nlen!=16)
+! 199 ! {
+! 200 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
+! 202 ! a=dt[0]=pdm1[0]*pdm2[0];
+! 203 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 205 ! pdtj=&(dt[0]);
+! 206 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
+! 207 ! {
+! 208 ! m2j=pdm2[j];
+! 209 ! a=pdtj[0]+pdn[0]*digit;
+! 210 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
+! 211 ! pdtj[1]=b;
+! 213 !#pragma pipeloop(0)
+! 214 ! for(i=1;i<nlen;i++)
+! 215 ! {
+! 216 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+! 217 ! }
+! 218 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
+! 219 !
+! 220 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 221 ! }
+! 222 ! }
+! 223 ! else
+! 224 ! {
+! 225 ! a=dt[0]=pdm1[0]*pdm2[0];
+! 227 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
+! 228 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
+! 229 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
+! 230 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
+! 231 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
+! 232 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
+! 233 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
+! 234 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
+! 235 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
+! 236 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
+! 237 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
+! 239 ! pdn_0=pdn[0];
+! 240 ! pdm1_0=pdm1[0];
+! 242 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 243 ! pdtj=&(dt[0]);
+! 245 ! for(j=0;j<32;j++,pdtj++)
+! 246 ! {
+! 248 ! m2j=pdm2[j];
+! 249 ! a=pdtj[0]+pdn_0*digit;
+! 250 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
+! 251 ! pdtj[1]=b;
+! 253 ! /**** this loop will be fully unrolled:
+! 254 ! for(i=1;i<16;i++)
+! 255 ! {
+! 256 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+! 257 ! }
+! 258 ! *************************************/
+! 259 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
+! 260 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
+! 261 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
+! 262 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
+! 263 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
+! 264 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
+! 265 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
+! 266 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
+! 267 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
+! 268 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
+! 269 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
+! 270 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
+! 271 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
+! 272 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
+! 273 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
+! 274 ! /* no need for cleenup, cannot overflow */
+! 275 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 276 ! }
+! 277 ! }
+! 279 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
+! 281 ! adjust_montf_result(result,nint,nlen);
+
+/* 0x002c 281 ( 4 5) */ or %g0,1,%o4
+/* 0x0030 187 ( 6 9) */ ldd [%fp+96],%f0
+/* 0x0034 196 ( 7 10) */ ld [%fp+92],%o0
+/* 0x0038 187 ( 8 9) */ fmovd %f0,%f16
+/* 0x003c 196 ( 9 10) */ sll %o0,4,%g2
+/* 0x0040 ( 9 10) */ or %g0,%o0,%g1
+/* 0x0044 198 (10 11) */ cmp %o0,16
+/* 0x0048 (10 11) */ be,pn %icc,.L77000289 ! tprob=0.50
+/* 0x004c (10 11) */ std %f2,[%o1+%g2]
+/* 0x0050 200 (11 12) */ sll %o0,2,%g2
+/* 0x0054 (11 14) */ ldd [%g4],%f2
+/* 0x0058 (12 13) */ add %g2,2,%o1
+/* 0x005c (12 13) */ add %g2,1,%o3
+/* 0x0060 196 (13 14) */ sll %o0,1,%o7
+/* 0x0064 200 (13 14) */ cmp %o1,0
+/* 0x0068 (13 14) */ ble,a,pt %icc,.L900000755 ! tprob=0.55
+/* 0x006c (14 17) */ ldd [%i1],%f0
+/* 0x0070 (14 15) */ cmp %o1,3
+/* 0x0074 281 (14 15) */ or %g0,1,%o1
+/* 0x0078 (14 15) */ bl,pn %icc,.L77000279 ! tprob=0.40
+/* 0x007c (15 16) */ add %o2,8,%o0
+/* 0x0080 (15 16) */ std %f2,[%g5]
+/* 0x0084 0 (16 17) */ or %g0,%o0,%o2
+ .L900000726: /* frequency 64.0 confidence 0.0 */
+/* 0x0088 ( 3 5) */ ldd [%g4],%f0
+/* 0x008c ( 3 4) */ add %o4,1,%o4
+/* 0x0090 ( 3 4) */ add %o2,8,%o2
+/* 0x0094 ( 4 4) */ cmp %o4,%o3
+/* 0x0098 ( 5 6) */ ble,pt %icc,.L900000726 ! tprob=0.50
+/* 0x009c ( 5 6) */ std %f0,[%o2-8]
+ .L900000729: /* frequency 8.0 confidence 0.0 */
+/* 0x00a0 ( 0 1) */ ba .L900000755 ! tprob=1.00
+/* 0x00a4 ( 0 3) */ ldd [%i1],%f0
+ .L77000279: /* frequency 0.6 confidence 0.0 */
+/* 0x00a8 ( 0 1) */ std %f2,[%o2]
+ .L900000754: /* frequency 5.3 confidence 0.0 */
+/* 0x00ac ( 0 3) */ ldd [%g4],%f2
+/* 0x00b0 ( 0 1) */ cmp %o1,%o3
+/* 0x00b4 ( 0 1) */ add %o2,8,%o2
+/* 0x00b8 ( 1 2) */ add %o1,1,%o1
+/* 0x00bc ( 1 2) */ ble,a,pt %icc,.L900000754 ! tprob=0.87
+/* 0x00c0 ( 3 4) */ std %f2,[%o2]
+ .L77000284: /* frequency 0.8 confidence 0.0 */
+/* 0x00c4 202 ( 0 3) */ ldd [%i1],%f0
+ .L900000755: /* frequency 0.8 confidence 0.0 */
+/* 0x00c8 202 ( 0 3) */ ldd [%i0],%f2
+/* 0x00cc ( 0 1) */ add %o7,1,%o2
+/* 0x00d0 206 ( 0 1) */ cmp %o7,0
+/* 0x00d4 ( 1 2) */ sll %o2,1,%o0
+/* 0x00d8 ( 1 2) */ sub %o7,1,%o1
+/* 0x00dc 202 ( 2 5) */ fmuld %f0,%f2,%f0
+/* 0x00e0 ( 2 3) */ std %f0,[%g5]
+/* 0x00e4 ( 2 3) */ sub %g1,1,%o7
+/* 0x00e8 ( 3 6) */ ldd [%g4],%f6
+/* 0x00ec 0 ( 3 4) */ or %g0,%o7,%g3
+/* 0x00f0 ( 3 4) */ or %g0,0,%l0
+/* 0x00f4 ( 4 7) */ ldd [%g4-8],%f2
+/* 0x00f8 ( 4 5) */ or %g0,0,%i5
+/* 0x00fc ( 4 5) */ or %g0,%o1,%o5
+/* 0x0100 ( 5 8) */ fdtox %f0,%f0
+/* 0x0104 ( 5 8) */ ldd [%g4-16],%f4
+/* 0x0108 ( 5 6) */ or %g0,%o0,%o3
+/* 0x010c 210 ( 6 7) */ add %i0,8,%o4
+/* 0x0110 ( 6 7) */ or %g0,0,%i4
+/* 0x0114 ( 9 10) */ fmovs %f6,%f0
+/* 0x0118 (11 14) */ fxtod %f0,%f0
+/* 0x011c 203 (14 17) */ fmuld %f0,%f16,%f0
+/* 0x0120 (17 20) */ fmuld %f0,%f2,%f2
+/* 0x0124 (20 23) */ fdtox %f2,%f2
+/* 0x0128 (23 26) */ fxtod %f2,%f2
+/* 0x012c (26 29) */ fmuld %f2,%f4,%f2
+/* 0x0130 (29 32) */ fsubd %f0,%f2,%f22
+/* 0x0134 206 (29 30) */ ble,pt %icc,.L900000748 ! tprob=0.60
+/* 0x0138 (29 30) */ sll %g1,4,%g2
+/* 0x013c 210 (30 33) */ ldd [%i2],%f0
+ .L900000749: /* frequency 5.3 confidence 0.0 */
+/* 0x0140 210 ( 0 3) */ fmuld %f0,%f22,%f8
+/* 0x0144 ( 0 3) */ ldd [%i1],%f0
+/* 0x0148 214 ( 0 1) */ cmp %g1,1
+/* 0x014c 210 ( 1 4) */ ldd [%o4+%i4],%f6
+/* 0x0150 ( 1 2) */ add %i1,8,%o0
+/* 0x0154 214 ( 1 2) */ or %g0,1,%o1
+/* 0x0158 210 ( 2 5) */ ldd [%i3],%f2
+/* 0x015c ( 2 3) */ add %i3,16,%l1
+/* 0x0160 ( 3 6) */ fmuld %f0,%f6,%f6
+/* 0x0164 ( 3 6) */ ldd [%g4-8],%f4
+/* 0x0168 ( 4 7) */ faddd %f2,%f8,%f2
+/* 0x016c ( 4 7) */ ldd [%i3+8],%f0
+/* 0x0170 208 ( 5 8) */ ldd [%i0+%i4],%f20
+/* 0x0174 210 ( 6 9) */ faddd %f0,%f6,%f0
+/* 0x0178 ( 7 10) */ fmuld %f2,%f4,%f2
+/* 0x017c (10 13) */ faddd %f0,%f2,%f18
+/* 0x0180 211 (10 11) */ std %f18,[%i3+8]
+/* 0x0184 214 (10 11) */ ble,pt %icc,.L900000753 ! tprob=0.54
+/* 0x0188 (11 12) */ srl %i5,31,%g2
+/* 0x018c (11 12) */ cmp %g3,7
+/* 0x0190 210 (12 13) */ add %i2,8,%g2
+/* 0x0194 214 (12 13) */ bl,pn %icc,.L77000281 ! tprob=0.36
+/* 0x0198 (13 14) */ add %g2,24,%o2
+/* 0x019c 216 (13 16) */ ldd [%o0+16],%f14
+/* 0x01a0 (13 14) */ add %i3,48,%l1
+/* 0x01a4 (14 17) */ ldd [%o0+24],%f12
+/* 0x01a8 0 (14 15) */ or %g0,%o2,%g2
+/* 0x01ac 214 (14 15) */ sub %g1,3,%o2
+/* 0x01b0 216 (15 18) */ ldd [%o0],%f2
+/* 0x01b4 (15 16) */ or %g0,5,%o1
+/* 0x01b8 (16 19) */ ldd [%g2-24],%f0
+/* 0x01bc (17 20) */ ldd [%o0+8],%f6
+/* 0x01c0 (17 20) */ fmuld %f2,%f20,%f2
+/* 0x01c4 (17 18) */ add %o0,32,%o0
+/* 0x01c8 (18 21) */ ldd [%g2-16],%f8
+/* 0x01cc (18 21) */ fmuld %f0,%f22,%f4
+/* 0x01d0 (19 22) */ ldd [%i3+16],%f0
+/* 0x01d4 (19 22) */ fmuld %f6,%f20,%f10
+/* 0x01d8 (20 23) */ ldd [%g2-8],%f6
+/* 0x01dc (21 24) */ faddd %f2,%f4,%f4
+/* 0x01e0 (21 24) */ ldd [%i3+32],%f2
+ .L900000738: /* frequency 512.0 confidence 0.0 */
+/* 0x01e4 216 (16 24) */ ldd [%g2],%f24
+/* 0x01e8 (16 17) */ add %o1,3,%o1
+/* 0x01ec (16 17) */ add %g2,24,%g2
+/* 0x01f0 (16 19) */ fmuld %f8,%f22,%f8
+/* 0x01f4 (17 25) */ ldd [%l1],%f28
+/* 0x01f8 (17 17) */ cmp %o1,%o2
+/* 0x01fc (17 18) */ add %o0,24,%o0
+/* 0x0200 (18 26) */ ldd [%o0-24],%f26
+/* 0x0204 (18 21) */ faddd %f0,%f4,%f0
+/* 0x0208 (18 19) */ add %l1,48,%l1
+/* 0x020c (19 22) */ faddd %f10,%f8,%f10
+/* 0x0210 (19 22) */ fmuld %f14,%f20,%f4
+/* 0x0214 (19 20) */ std %f0,[%l1-80]
+/* 0x0218 (20 28) */ ldd [%g2-16],%f8
+/* 0x021c (20 23) */ fmuld %f6,%f22,%f6
+/* 0x0220 (21 29) */ ldd [%l1-32],%f0
+/* 0x0224 (22 30) */ ldd [%o0-16],%f14
+/* 0x0228 (22 25) */ faddd %f2,%f10,%f2
+/* 0x022c (23 26) */ faddd %f4,%f6,%f10
+/* 0x0230 (23 26) */ fmuld %f12,%f20,%f4
+/* 0x0234 (23 24) */ std %f2,[%l1-64]
+/* 0x0238 (24 32) */ ldd [%g2-8],%f6
+/* 0x023c (24 27) */ fmuld %f24,%f22,%f24
+/* 0x0240 (25 33) */ ldd [%l1-16],%f2
+/* 0x0244 (26 34) */ ldd [%o0-8],%f12
+/* 0x0248 (26 29) */ faddd %f28,%f10,%f10
+/* 0x024c (27 28) */ std %f10,[%l1-48]
+/* 0x0250 (27 30) */ fmuld %f26,%f20,%f10
+/* 0x0254 (27 28) */ ble,pt %icc,.L900000738 ! tprob=0.50
+/* 0x0258 (27 30) */ faddd %f4,%f24,%f4
+ .L900000741: /* frequency 64.0 confidence 0.0 */
+/* 0x025c 216 ( 0 3) */ fmuld %f8,%f22,%f28
+/* 0x0260 ( 0 3) */ ldd [%g2],%f24
+/* 0x0264 ( 0 3) */ faddd %f0,%f4,%f26
+/* 0x0268 ( 1 4) */ fmuld %f12,%f20,%f8
+/* 0x026c ( 1 2) */ add %l1,32,%l1
+/* 0x0270 ( 1 2) */ cmp %o1,%g3
+/* 0x0274 ( 2 5) */ fmuld %f14,%f20,%f14
+/* 0x0278 ( 2 5) */ ldd [%l1-32],%f4
+/* 0x027c ( 2 3) */ add %g2,8,%g2
+/* 0x0280 ( 3 6) */ faddd %f10,%f28,%f12
+/* 0x0284 ( 3 6) */ fmuld %f6,%f22,%f6
+/* 0x0288 ( 3 6) */ ldd [%l1-16],%f0
+/* 0x028c ( 4 7) */ fmuld %f24,%f22,%f10
+/* 0x0290 ( 4 5) */ std %f26,[%l1-64]
+/* 0x0294 ( 6 9) */ faddd %f2,%f12,%f2
+/* 0x0298 ( 6 7) */ std %f2,[%l1-48]
+/* 0x029c ( 7 10) */ faddd %f14,%f6,%f6
+/* 0x02a0 ( 8 11) */ faddd %f8,%f10,%f2
+/* 0x02a4 (10 13) */ faddd %f4,%f6,%f4
+/* 0x02a8 (10 11) */ std %f4,[%l1-32]
+/* 0x02ac (11 14) */ faddd %f0,%f2,%f0
+/* 0x02b0 (11 12) */ bg,pn %icc,.L77000213 ! tprob=0.13
+/* 0x02b4 (11 12) */ std %f0,[%l1-16]
+ .L77000281: /* frequency 4.0 confidence 0.0 */
+/* 0x02b8 216 ( 0 3) */ ldd [%o0],%f0
+ .L900000752: /* frequency 36.6 confidence 0.0 */
+/* 0x02bc 216 ( 0 3) */ ldd [%g2],%f4
+/* 0x02c0 ( 0 3) */ fmuld %f0,%f20,%f2
+/* 0x02c4 ( 0 1) */ add %o1,1,%o1
+/* 0x02c8 ( 1 4) */ ldd [%l1],%f0
+/* 0x02cc ( 1 2) */ add %o0,8,%o0
+/* 0x02d0 ( 1 2) */ add %g2,8,%g2
+/* 0x02d4 ( 2 5) */ fmuld %f4,%f22,%f4
+/* 0x02d8 ( 2 3) */ cmp %o1,%g3
+/* 0x02dc ( 5 8) */ faddd %f2,%f4,%f2
+/* 0x02e0 ( 8 11) */ faddd %f0,%f2,%f0
+/* 0x02e4 ( 8 9) */ std %f0,[%l1]
+/* 0x02e8 ( 8 9) */ add %l1,16,%l1
+/* 0x02ec ( 8 9) */ ble,a,pt %icc,.L900000752 ! tprob=0.87
+/* 0x02f0 (10 13) */ ldd [%o0],%f0
+ .L77000213: /* frequency 5.3 confidence 0.0 */
+/* 0x02f4 ( 0 1) */ srl %i5,31,%g2
+ .L900000753: /* frequency 5.3 confidence 0.0 */
+/* 0x02f8 218 ( 0 1) */ cmp %l0,30
+/* 0x02fc ( 0 1) */ bne,a,pt %icc,.L900000751 ! tprob=0.54
+/* 0x0300 ( 0 3) */ fdtox %f18,%f0
+/* 0x0304 ( 1 2) */ add %i5,%g2,%g2
+/* 0x0308 ( 1 2) */ sub %o3,1,%o2
+/* 0x030c ( 2 3) */ sra %g2,1,%o0
+/* 0x0310 216 ( 2 5) */ ldd [%g4],%f0
+/* 0x0314 ( 3 4) */ add %o0,1,%g2
+/* 0x0318 ( 4 5) */ sll %g2,1,%o0
+/* 0x031c ( 4 5) */ fmovd %f0,%f2
+/* 0x0320 ( 5 6) */ sll %g2,4,%o1
+/* 0x0324 ( 5 6) */ cmp %o0,%o3
+/* 0x0328 ( 5 6) */ bge,pt %icc,.L77000215 ! tprob=0.53
+/* 0x032c ( 6 7) */ or %g0,0,%l0
+/* 0x0330 218 ( 6 7) */ add %g5,%o1,%o1
+/* 0x0334 216 ( 7 10) */ ldd [%o1],%f8
+ .L900000750: /* frequency 32.0 confidence 0.0 */
+/* 0x0338 ( 0 3) */ fdtox %f8,%f6
+/* 0x033c ( 0 3) */ ldd [%g4],%f10
+/* 0x0340 ( 0 1) */ add %o0,2,%o0
+/* 0x0344 ( 1 4) */ ldd [%o1+8],%f4
+/* 0x0348 ( 1 4) */ fdtox %f8,%f8
+/* 0x034c ( 1 2) */ cmp %o0,%o2
+/* 0x0350 ( 5 6) */ fmovs %f10,%f6
+/* 0x0354 ( 7 10) */ fxtod %f6,%f10
+/* 0x0358 ( 8 11) */ fdtox %f4,%f6
+/* 0x035c ( 9 12) */ fdtox %f4,%f4
+/* 0x0360 (10 13) */ faddd %f10,%f2,%f2
+/* 0x0364 (10 11) */ std %f2,[%o1]
+/* 0x0368 (12 15) */ ldd [%g4],%f2
+/* 0x036c (14 15) */ fmovs %f2,%f6
+/* 0x0370 (16 19) */ fxtod %f6,%f6
+/* 0x0374 (17 20) */ fitod %f8,%f2
+/* 0x0378 (19 22) */ faddd %f6,%f0,%f0
+/* 0x037c (19 20) */ std %f0,[%o1+8]
+/* 0x0380 (19 20) */ add %o1,16,%o1
+/* 0x0384 (20 23) */ fitod %f4,%f0
+/* 0x0388 (20 21) */ ble,a,pt %icc,.L900000750 ! tprob=0.87
+/* 0x038c (20 23) */ ldd [%o1],%f8
+ .L77000233: /* frequency 4.6 confidence 0.0 */
+/* 0x0390 ( 0 0) */ or %g0,0,%l0
+ .L77000215: /* frequency 5.3 confidence 0.0 */
+/* 0x0394 ( 0 3) */ fdtox %f18,%f0
+ .L900000751: /* frequency 5.3 confidence 0.0 */
+/* 0x0398 ( 0 3) */ ldd [%g4],%f6
+/* 0x039c 220 ( 0 1) */ add %i5,1,%i5
+/* 0x03a0 ( 0 1) */ add %i4,8,%i4
+/* 0x03a4 ( 1 4) */ ldd [%g4-8],%f2
+/* 0x03a8 ( 1 2) */ add %l0,1,%l0
+/* 0x03ac ( 1 2) */ add %i3,8,%i3
+/* 0x03b0 ( 2 3) */ fmovs %f6,%f0
+/* 0x03b4 ( 2 5) */ ldd [%g4-16],%f4
+/* 0x03b8 ( 2 3) */ cmp %i5,%o5
+/* 0x03bc ( 4 7) */ fxtod %f0,%f0
+/* 0x03c0 ( 7 10) */ fmuld %f0,%f16,%f0
+/* 0x03c4 (10 13) */ fmuld %f0,%f2,%f2
+/* 0x03c8 (13 16) */ fdtox %f2,%f2
+/* 0x03cc (16 19) */ fxtod %f2,%f2
+/* 0x03d0 (19 22) */ fmuld %f2,%f4,%f2
+/* 0x03d4 (22 25) */ fsubd %f0,%f2,%f22
+/* 0x03d8 (22 23) */ ble,a,pt %icc,.L900000749 ! tprob=0.89
+/* 0x03dc (22 25) */ ldd [%i2],%f0
+ .L900000725: /* frequency 0.7 confidence 0.0 */
+/* 0x03e0 220 ( 0 1) */ ba .L900000748 ! tprob=1.00
+/* 0x03e4 ( 0 1) */ sll %g1,4,%g2
+
+
+ .L77000289: /* frequency 0.8 confidence 0.0 */
+/* 0x03e8 225 ( 0 3) */ ldd [%o1],%f6
+/* 0x03ec 242 ( 0 1) */ add %g4,-8,%g2
+/* 0x03f0 ( 0 1) */ add %g4,-16,%g3
+/* 0x03f4 225 ( 1 4) */ ldd [%i1],%f2
+/* 0x03f8 245 ( 1 2) */ or %g0,0,%o3
+/* 0x03fc ( 1 2) */ or %g0,0,%o0
+/* 0x0400 225 ( 3 6) */ fmuld %f2,%f6,%f2
+/* 0x0404 ( 3 4) */ std %f2,[%o2]
+/* 0x0408 ( 4 7) */ ldd [%g4],%f6
+/* 0x040c 237 ( 7 8) */ std %f6,[%o2+8]
+/* 0x0410 ( 8 9) */ std %f6,[%o2+16]
+/* 0x0414 ( 9 10) */ std %f6,[%o2+24]
+/* 0x0418 (10 11) */ std %f6,[%o2+32]
+/* 0x041c (11 12) */ std %f6,[%o2+40]
+/* 0x0420 (12 13) */ std %f6,[%o2+48]
+/* 0x0424 (13 14) */ std %f6,[%o2+56]
+/* 0x0428 (14 15) */ std %f6,[%o2+64]
+/* 0x042c (15 16) */ std %f6,[%o2+72]
+! prefetch [%i4],0
+! prefetch [%i4+32],0
+! prefetch [%i4+64],0
+! prefetch [%i4+96],0
+! prefetch [%i4+120],0
+! prefetch [%i1],0
+! prefetch [%i1+32],0
+! prefetch [%i1+64],0
+! prefetch [%i1+96],0
+! prefetch [%i1+120],0
+/* 0x0430 (16 17) */ std %f6,[%o2+80]
+/* 0x0434 (17 18) */ std %f6,[%o2+88]
+/* 0x0438 (18 19) */ std %f6,[%o2+96]
+/* 0x043c (19 20) */ std %f6,[%o2+104]
+/* 0x0440 (20 21) */ std %f6,[%o2+112]
+/* 0x0444 (21 22) */ std %f6,[%o2+120]
+/* 0x0448 (22 23) */ std %f6,[%o2+128]
+/* 0x044c (23 24) */ std %f6,[%o2+136]
+/* 0x0450 (24 25) */ std %f6,[%o2+144]
+/* 0x0454 (25 26) */ std %f6,[%o2+152]
+/* 0x0458 (26 27) */ std %f6,[%o2+160]
+/* 0x045c (27 28) */ std %f6,[%o2+168]
+/* 0x0460 (27 30) */ fdtox %f2,%f2
+/* 0x0464 (28 29) */ std %f6,[%o2+176]
+/* 0x0468 (29 30) */ std %f6,[%o2+184]
+/* 0x046c (30 31) */ std %f6,[%o2+192]
+/* 0x0470 (31 32) */ std %f6,[%o2+200]
+/* 0x0474 (32 33) */ std %f6,[%o2+208]
+/* 0x0478 (33 34) */ std %f6,[%o2+216]
+/* 0x047c (34 35) */ std %f6,[%o2+224]
+/* 0x0480 (35 36) */ std %f6,[%o2+232]
+/* 0x0484 (36 37) */ std %f6,[%o2+240]
+/* 0x0488 (37 38) */ std %f6,[%o2+248]
+/* 0x048c (38 39) */ std %f6,[%o2+256]
+/* 0x0490 (39 40) */ std %f6,[%o2+264]
+/* 0x0494 (40 41) */ std %f6,[%o2+272]
+/* 0x0498 (41 42) */ std %f6,[%o2+280]
+/* 0x049c (42 43) */ std %f6,[%o2+288]
+/* 0x04a0 (43 44) */ std %f6,[%o2+296]
+/* 0x04a4 (44 45) */ std %f6,[%o2+304]
+/* 0x04a8 (45 46) */ std %f6,[%o2+312]
+/* 0x04ac (46 47) */ std %f6,[%o2+320]
+/* 0x04b0 (47 48) */ std %f6,[%o2+328]
+/* 0x04b4 (48 49) */ std %f6,[%o2+336]
+/* 0x04b8 (49 50) */ std %f6,[%o2+344]
+/* 0x04bc (50 51) */ std %f6,[%o2+352]
+/* 0x04c0 (51 52) */ std %f6,[%o2+360]
+/* 0x04c4 (52 53) */ std %f6,[%o2+368]
+/* 0x04c8 (53 54) */ std %f6,[%o2+376]
+/* 0x04cc (54 55) */ std %f6,[%o2+384]
+/* 0x04d0 (55 56) */ std %f6,[%o2+392]
+/* 0x04d4 (56 57) */ std %f6,[%o2+400]
+/* 0x04d8 (57 58) */ std %f6,[%o2+408]
+/* 0x04dc (58 59) */ std %f6,[%o2+416]
+/* 0x04e0 (59 60) */ std %f6,[%o2+424]
+/* 0x04e4 (60 61) */ std %f6,[%o2+432]
+/* 0x04e8 (61 62) */ std %f6,[%o2+440]
+/* 0x04ec (62 63) */ std %f6,[%o2+448]
+/* 0x04f0 (63 64) */ std %f6,[%o2+456]
+/* 0x04f4 (64 65) */ std %f6,[%o2+464]
+/* 0x04f8 (65 66) */ std %f6,[%o2+472]
+/* 0x04fc (66 67) */ std %f6,[%o2+480]
+/* 0x0500 (67 68) */ std %f6,[%o2+488]
+/* 0x0504 (68 69) */ std %f6,[%o2+496]
+/* 0x0508 (69 70) */ std %f6,[%o2+504]
+/* 0x050c (70 71) */ std %f6,[%o2+512]
+/* 0x0510 (71 72) */ std %f6,[%o2+520]
+/* 0x0514 242 (72 75) */ ld [%g4],%f2 ! dalign
+/* 0x0518 (73 76) */ ld [%g2],%f6 ! dalign
+/* 0x051c (74 77) */ fxtod %f2,%f10
+/* 0x0520 (74 77) */ ld [%g2+4],%f7
+/* 0x0524 (75 78) */ ld [%g3],%f8 ! dalign
+/* 0x0528 (76 79) */ ld [%g3+4],%f9
+/* 0x052c (77 80) */ fmuld %f10,%f0,%f0
+/* 0x0530 239 (77 80) */ ldd [%i4],%f4
+/* 0x0534 240 (78 81) */ ldd [%i1],%f2
+/* 0x0538 (80 83) */ fmuld %f0,%f6,%f6
+/* 0x053c (83 86) */ fdtox %f6,%f6
+/* 0x0540 (86 89) */ fxtod %f6,%f6
+/* 0x0544 (89 92) */ fmuld %f6,%f8,%f6
+/* 0x0548 (92 95) */ fsubd %f0,%f6,%f0
+/* 0x054c 250 (95 98) */ fmuld %f4,%f0,%f10
+ .L900000747: /* frequency 6.4 confidence 0.0 */
+
+
+ fmovd %f0,%f0
+ fmovd %f16,%f18
+ ldd [%i4],%f2
+ ldd [%o2],%f8
+ ldd [%i1],%f10
+ ldd [%g4-8],%f14
+ ldd [%g4-16],%f16
+ ldd [%o1],%f24
+
+ ldd [%i1+8],%f26
+ ldd [%i1+16],%f40
+ ldd [%i1+48],%f46
+ ldd [%i1+56],%f30
+ ldd [%i1+64],%f54
+ ldd [%i1+104],%f34
+ ldd [%i1+112],%f58
+
+ ldd [%i4+112],%f60
+ ldd [%i4+8],%f28
+ ldd [%i4+104],%f38
+
+ nop
+ nop
+!
+ .L99999999:
+!1
+!!!
+ ldd [%i1+24],%f32
+ fmuld %f0,%f2,%f4
+!2
+!!!
+ ldd [%i4+24],%f36
+ fmuld %f26,%f24,%f20
+!3
+!!!
+ ldd [%i1+40],%f42
+ fmuld %f28,%f0,%f22
+!4
+!!!
+ ldd [%i4+40],%f44
+ fmuld %f32,%f24,%f32
+!5
+!!!
+ ldd [%o1+8],%f6
+ faddd %f4,%f8,%f4
+ fmuld %f36,%f0,%f36
+!6
+!!!
+ add %o1,8,%o1
+ ldd [%i4+56],%f50
+ fmuld %f42,%f24,%f42
+!7
+!!!
+ ldd [%i1+72],%f52
+ faddd %f20,%f22,%f20
+ fmuld %f44,%f0,%f44
+!8
+!!!
+ ldd [%o2+16],%f22
+ fmuld %f10,%f6,%f12
+!9
+!!!
+ ldd [%i4+72],%f56
+ faddd %f32,%f36,%f32
+ fmuld %f14,%f4,%f4
+!10
+!!!
+ ldd [%o2+48],%f36
+ fmuld %f30,%f24,%f48
+!11
+!!!
+ ldd [%o2+8],%f8
+ faddd %f20,%f22,%f20
+ fmuld %f50,%f0,%f50
+!12
+!!!
+ std %f20,[%o2+16]
+ faddd %f42,%f44,%f42
+ fmuld %f52,%f24,%f52
+!13
+!!!
+ ldd [%o2+80],%f44
+ faddd %f4,%f12,%f4
+ fmuld %f56,%f0,%f56
+!14
+!!!
+ ldd [%i1+88],%f20
+ faddd %f32,%f36,%f32
+!15
+!!!
+ ldd [%i4+88],%f22
+ faddd %f48,%f50,%f48
+!16
+!!!
+ ldd [%o2+112],%f50
+ faddd %f52,%f56,%f52
+!17
+!!!
+ ldd [%o2+144],%f56
+ faddd %f4,%f8,%f8
+ fmuld %f20,%f24,%f20
+!18
+!!!
+ std %f32,[%o2+48]
+ faddd %f42,%f44,%f42
+ fmuld %f22,%f0,%f22
+!19
+!!!
+ std %f42,[%o2+80]
+ faddd %f48,%f50,%f48
+ fmuld %f34,%f24,%f32
+!20
+!!!
+ std %f48,[%o2+112]
+ faddd %f52,%f56,%f52
+ fmuld %f38,%f0,%f36
+!21
+!!!
+ ldd [%i1+120],%f42
+ fdtox %f8,%f4
+!22
+!!!
+ std %f52,[%o2+144]
+ faddd %f20,%f22,%f20
+!23
+!!!
+ ldd [%i4+120],%f44
+!24
+!!!
+ ldd [%o2+176],%f22
+ faddd %f32,%f36,%f32
+ fmuld %f42,%f24,%f42
+!25
+!!!
+ ldd [%i4+16],%f50
+ fmovs %f17,%f4
+!26
+!!!
+ ldd [%i1+32],%f52
+ fmuld %f44,%f0,%f44
+!27
+!!!
+ ldd [%i4+32],%f56
+ fmuld %f40,%f24,%f48
+!28
+!!!
+ ldd [%o2+208],%f36
+ faddd %f20,%f22,%f20
+ fmuld %f50,%f0,%f50
+!29
+!!!
+ std %f20,[%o2+176]
+ fxtod %f4,%f4
+ fmuld %f52,%f24,%f52
+!30
+!!!
+ ldd [%i4+48],%f22
+ faddd %f42,%f44,%f42
+ fmuld %f56,%f0,%f56
+!31
+!!!
+ ldd [%o2+240],%f44
+ faddd %f32,%f36,%f32
+!32
+!!!
+ std %f32,[%o2+208]
+ faddd %f48,%f50,%f48
+ fmuld %f46,%f24,%f20
+!33
+!!!
+ ldd [%o2+32],%f50
+ fmuld %f4,%f18,%f12
+!34
+!!!
+ ldd [%i4+64],%f36
+ faddd %f52,%f56,%f52
+ fmuld %f22,%f0,%f22
+!35
+!!!
+ ldd [%o2+64],%f56
+ faddd %f42,%f44,%f42
+!36
+!!!
+ std %f42,[%o2+240]
+ faddd %f48,%f50,%f48
+ fmuld %f54,%f24,%f32
+!37
+!!!
+ std %f48,[%o2+32]
+ fmuld %f12,%f14,%f4
+!38
+!!!
+ ldd [%i1+80],%f42
+ faddd %f52,%f56,%f56 ! yes, tmp52!
+ fmuld %f36,%f0,%f36
+!39
+!!!
+ ldd [%i4+80],%f44
+ faddd %f20,%f22,%f20
+!40
+!!!
+ ldd [%i1+96],%f48
+ fmuld %f58,%f24,%f52
+!41
+!!!
+ ldd [%i4+96],%f50
+ fdtox %f4,%f4
+ fmuld %f42,%f24,%f42
+!42
+!!!
+ std %f56,[%o2+64] ! yes, tmp52!
+ faddd %f32,%f36,%f32
+ fmuld %f44,%f0,%f44
+!43
+!!!
+ ldd [%o2+96],%f22
+ fmuld %f48,%f24,%f48
+!44
+!!!
+ ldd [%o2+128],%f36
+ fmovd %f6,%f24
+ fmuld %f50,%f0,%f50
+!45
+!!!
+ fxtod %f4,%f4
+ fmuld %f60,%f0,%f56
+!46
+!!!
+ add %o2,8,%o2
+ faddd %f42,%f44,%f42
+!47
+!!!
+ ldd [%o2+160-8],%f44
+ faddd %f20,%f22,%f20
+!48
+!!!
+ std %f20,[%o2+96-8]
+ faddd %f48,%f50,%f48
+!49
+!!!
+ ldd [%o2+192-8],%f50
+ faddd %f52,%f56,%f52
+ fmuld %f4,%f16,%f4
+!50
+!!!
+ ldd [%o2+224-8],%f56
+ faddd %f32,%f36,%f32
+!51
+!!!
+ std %f32,[%o2+128-8]
+ faddd %f42,%f44,%f42
+!52
+ add %o3,1,%o3
+ std %f42,[%o2+160-8]
+ faddd %f48,%f50,%f48
+!53
+!!!
+ cmp %o3,31
+ std %f48,[%o2+192-8]
+ faddd %f52,%f56,%f52
+!54
+ std %f52,[%o2+224-8]
+ ble,pt %icc,.L99999999
+ fsubd %f12,%f4,%f0
+
+
+
+!55
+ std %f8,[%o2]
+
+
+
+
+
+
+ .L77000285: /* frequency 1.0 confidence 0.0 */
+/* 0x07a8 279 ( 0 1) */ sll %g1,4,%g2
+ .L900000748: /* frequency 1.0 confidence 0.0 */
+/* 0x07ac 279 ( 0 3) */ ldd [%g5+%g2],%f0
+/* 0x07b0 ( 0 1) */ add %g5,%g2,%i1
+/* 0x07b4 ( 0 1) */ or %g0,0,%o4
+/* 0x07b8 206 ( 1 4) */ ld [%fp+68],%o0
+/* 0x07bc 279 ( 1 2) */ or %g0,0,%i0
+/* 0x07c0 ( 1 2) */ cmp %g1,0
+/* 0x07c4 ( 2 5) */ fdtox %f0,%f0
+/* 0x07c8 ( 2 3) */ std %f0,[%sp+120]
+/* 0x07cc 275 ( 2 3) */ sethi %hi(0xfc00),%o1
+/* 0x07d0 206 ( 3 4) */ or %g0,%o0,%o3
+/* 0x07d4 275 ( 3 4) */ sub %g1,1,%g4
+/* 0x07d8 279 ( 4 7) */ ldd [%i1+8],%f0
+/* 0x07dc ( 4 5) */ or %g0,%o0,%g5
+/* 0x07e0 ( 4 5) */ add %o1,1023,%o1
+/* 0x07e4 ( 6 9) */ fdtox %f0,%f0
+/* 0x07e8 ( 6 7) */ std %f0,[%sp+112]
+/* 0x07ec (10 12) */ ldx [%sp+112],%o5
+/* 0x07f0 (11 13) */ ldx [%sp+120],%o7
+/* 0x07f4 (11 12) */ ble,pt %icc,.L900000746 ! tprob=0.56
+/* 0x07f8 (11 12) */ sethi %hi(0xfc00),%g2
+/* 0x07fc 275 (12 13) */ or %g0,-1,%g2
+/* 0x0800 279 (12 13) */ cmp %g1,3
+/* 0x0804 275 (13 14) */ srl %g2,0,%o2
+/* 0x0808 279 (13 14) */ bl,pn %icc,.L77000286 ! tprob=0.44
+/* 0x080c (13 14) */ or %g0,%i1,%g2
+/* 0x0810 (14 17) */ ldd [%i1+16],%f0
+/* 0x0814 (14 15) */ and %o5,%o1,%o0
+/* 0x0818 (14 15) */ add %i1,16,%g2
+/* 0x081c (15 16) */ sllx %o0,16,%g3
+/* 0x0820 (15 16) */ and %o7,%o2,%o0
+/* 0x0824 (16 19) */ fdtox %f0,%f0
+/* 0x0828 (16 17) */ std %f0,[%sp+104]
+/* 0x082c (16 17) */ add %o0,%g3,%o4
+/* 0x0830 (17 20) */ ldd [%i1+24],%f2
+/* 0x0834 (17 18) */ srax %o5,16,%o0
+/* 0x0838 (17 18) */ add %o3,4,%g5
+/* 0x083c (18 19) */ stx %o0,[%sp+128]
+/* 0x0840 (18 19) */ and %o4,%o2,%o0
+/* 0x0844 (18 19) */ or %g0,1,%i0
+/* 0x0848 (19 20) */ stx %o0,[%sp+112]
+/* 0x084c (19 20) */ srax %o4,32,%o0
+/* 0x0850 (19 22) */ fdtox %f2,%f0
+/* 0x0854 (20 21) */ stx %o0,[%sp+136]
+/* 0x0858 (20 21) */ srax %o7,32,%o4
+/* 0x085c (21 22) */ std %f0,[%sp+96]
+/* 0x0860 (22 24) */ ldx [%sp+136],%o7
+/* 0x0864 (23 25) */ ldx [%sp+128],%o0
+/* 0x0868 (25 27) */ ldx [%sp+104],%g3
+/* 0x086c (25 26) */ add %o0,%o7,%o0
+/* 0x0870 (26 28) */ ldx [%sp+112],%o7
+/* 0x0874 (26 27) */ add %o4,%o0,%o4
+/* 0x0878 (27 29) */ ldx [%sp+96],%o5
+/* 0x087c (28 29) */ st %o7,[%o3]
+/* 0x0880 (28 29) */ or %g0,%g3,%o7
+ .L900000730: /* frequency 64.0 confidence 0.0 */
+/* 0x0884 (17 19) */ ldd [%g2+16],%f0
+/* 0x0888 (17 18) */ add %i0,1,%i0
+/* 0x088c (17 18) */ add %g5,4,%g5
+/* 0x0890 (18 18) */ cmp %i0,%g4
+/* 0x0894 (18 19) */ add %g2,16,%g2
+/* 0x0898 (19 22) */ fdtox %f0,%f0
+/* 0x089c (20 21) */ std %f0,[%sp+104]
+/* 0x08a0 (21 23) */ ldd [%g2+8],%f0
+/* 0x08a4 (23 26) */ fdtox %f0,%f0
+/* 0x08a8 (24 25) */ std %f0,[%sp+96]
+/* 0x08ac (25 26) */ and %o5,%o1,%g3
+/* 0x08b0 (26 27) */ sllx %g3,16,%g3
+/* 0x08b4 ( 0 0) */ stx %g3,[%sp+120]
+/* 0x08b8 (26 27) */ and %o7,%o2,%g3
+/* 0x08bc ( 0 0) */ stx %o7,[%sp+128]
+/* 0x08c0 ( 0 0) */ ldx [%sp+120],%o7
+/* 0x08c4 (27 27) */ add %g3,%o7,%g3
+/* 0x08c8 ( 0 0) */ ldx [%sp+128],%o7
+/* 0x08cc (28 29) */ srax %o5,16,%o5
+/* 0x08d0 (28 28) */ add %g3,%o4,%g3
+/* 0x08d4 (29 30) */ srax %g3,32,%o4
+/* 0x08d8 ( 0 0) */ stx %o4,[%sp+112]
+/* 0x08dc (30 31) */ srax %o7,32,%o4
+/* 0x08e0 ( 0 0) */ ldx [%sp+112],%o7
+/* 0x08e4 (30 31) */ add %o5,%o7,%o7
+/* 0x08e8 (31 33) */ ldx [%sp+96],%o5
+/* 0x08ec (31 32) */ add %o4,%o7,%o4
+/* 0x08f0 (32 33) */ and %g3,%o2,%g3
+/* 0x08f4 ( 0 0) */ ldx [%sp+104],%o7
+/* 0x08f8 (33 34) */ ble,pt %icc,.L900000730 ! tprob=0.50
+/* 0x08fc (33 34) */ st %g3,[%g5-4]
+ .L900000733: /* frequency 8.0 confidence 0.0 */
+/* 0x0900 ( 0 1) */ ba .L900000746 ! tprob=1.00
+/* 0x0904 ( 0 1) */ sethi %hi(0xfc00),%g2
+ .L77000286: /* frequency 0.7 confidence 0.0 */
+/* 0x0908 ( 0 3) */ ldd [%g2+16],%f0
+ .L900000745: /* frequency 6.4 confidence 0.0 */
+/* 0x090c ( 0 1) */ and %o7,%o2,%o0
+/* 0x0910 ( 0 1) */ and %o5,%o1,%g3
+/* 0x0914 ( 0 3) */ fdtox %f0,%f0
+/* 0x0918 ( 1 2) */ add %o4,%o0,%o0
+/* 0x091c ( 1 2) */ std %f0,[%sp+104]
+/* 0x0920 ( 1 2) */ add %i0,1,%i0
+/* 0x0924 ( 2 3) */ sllx %g3,16,%o4
+/* 0x0928 ( 2 5) */ ldd [%g2+24],%f2
+/* 0x092c ( 2 3) */ add %g2,16,%g2
+/* 0x0930 ( 3 4) */ add %o0,%o4,%o4
+/* 0x0934 ( 3 4) */ cmp %i0,%g4
+/* 0x0938 ( 4 5) */ srax %o5,16,%o0
+/* 0x093c ( 4 5) */ stx %o0,[%sp+112]
+/* 0x0940 ( 4 5) */ and %o4,%o2,%g3
+/* 0x0944 ( 5 6) */ srax %o4,32,%o5
+/* 0x0948 ( 5 8) */ fdtox %f2,%f0
+/* 0x094c ( 5 6) */ std %f0,[%sp+96]
+/* 0x0950 ( 6 7) */ srax %o7,32,%o4
+/* 0x0954 ( 6 8) */ ldx [%sp+112],%o7
+/* 0x0958 ( 8 9) */ add %o7,%o5,%o7
+/* 0x095c ( 9 11) */ ldx [%sp+104],%o5
+/* 0x0960 ( 9 10) */ add %o4,%o7,%o4
+/* 0x0964 (10 12) */ ldx [%sp+96],%o0
+/* 0x0968 (11 12) */ st %g3,[%g5]
+/* 0x096c (11 12) */ or %g0,%o5,%o7
+/* 0x0970 (11 12) */ add %g5,4,%g5
+/* 0x0974 (12 13) */ or %g0,%o0,%o5
+/* 0x0978 (12 13) */ ble,a,pt %icc,.L900000745 ! tprob=0.86
+/* 0x097c (12 15) */ ldd [%g2+16],%f0
+ .L77000236: /* frequency 1.0 confidence 0.0 */
+/* 0x0980 ( 0 1) */ sethi %hi(0xfc00),%g2
+ .L900000746: /* frequency 1.0 confidence 0.0 */
+/* 0x0984 ( 0 1) */ or %g0,-1,%o0
+/* 0x0988 ( 0 1) */ add %g2,1023,%g2
+/* 0x098c ( 0 3) */ ld [%fp+88],%o1
+/* 0x0990 ( 1 2) */ srl %o0,0,%g3
+/* 0x0994 ( 1 2) */ and %o5,%g2,%g2
+/* 0x0998 ( 2 3) */ and %o7,%g3,%g4
+/* 0x099c 281 ( 2 3) */ or %g0,-1,%o5
+/* 0x09a0 275 ( 3 4) */ sllx %g2,16,%g2
+/* 0x09a4 ( 3 4) */ add %o4,%g4,%g4
+/* 0x09a8 ( 4 5) */ add %g4,%g2,%g2
+/* 0x09ac ( 5 6) */ sll %i0,2,%g4
+/* 0x09b0 ( 5 6) */ and %g2,%g3,%g2
+/* 0x09b4 ( 6 7) */ st %g2,[%o3+%g4]
+/* 0x09b8 281 ( 6 7) */ sll %g1,2,%g2
+/* 0x09bc ( 7 10) */ ld [%o3+%g2],%g2
+/* 0x09c0 ( 9 10) */ cmp %g2,0
+/* 0x09c4 ( 9 10) */ bleu,pn %icc,.L77000241 ! tprob=0.50
+/* 0x09c8 ( 9 10) */ or %g0,%o1,%o2
+/* 0x09cc (10 11) */ ba .L900000744 ! tprob=1.00
+/* 0x09d0 (10 11) */ cmp %o5,0
+ .L77000241: /* frequency 0.8 confidence 0.0 */
+/* 0x09d4 ( 0 1) */ subcc %g1,1,%o5
+/* 0x09d8 ( 0 1) */ bneg,pt %icc,.L900000744 ! tprob=0.60
+/* 0x09dc ( 1 2) */ cmp %o5,0
+/* 0x09e0 ( 1 2) */ sll %o5,2,%g2
+/* 0x09e4 ( 2 3) */ add %o1,%g2,%o0
+/* 0x09e8 ( 2 3) */ add %o3,%g2,%o4
+/* 0x09ec ( 3 6) */ ld [%o0],%g2
+ .L900000743: /* frequency 5.3 confidence 0.0 */
+/* 0x09f0 ( 0 3) */ ld [%o4],%g3
+/* 0x09f4 ( 0 1) */ add %o0,4,%o0
+/* 0x09f8 ( 0 1) */ add %o4,4,%o4
+/* 0x09fc ( 2 3) */ cmp %g3,%g2
+/* 0x0a00 ( 2 3) */ bne,pn %icc,.L77000244 ! tprob=0.16
+/* 0x0a04 ( 2 3) */ nop
+/* 0x0a08 ( 3 4) */ addcc %o5,1,%o5
+/* 0x0a0c ( 3 4) */ bpos,a,pt %icc,.L900000743 ! tprob=0.84
+/* 0x0a10 ( 3 6) */ ld [%o0],%g2
+ .L77000244: /* frequency 1.0 confidence 0.0 */
+/* 0x0a14 ( 0 1) */ cmp %o5,0
+ .L900000744: /* frequency 1.0 confidence 0.0 */
+/* 0x0a18 ( 0 1) */ bl,pn %icc,.L77000287 ! tprob=0.50
+/* 0x0a1c ( 0 1) */ sll %o5,2,%g2
+/* 0x0a20 ( 1 4) */ ld [%o2+%g2],%g3
+/* 0x0a24 ( 2 5) */ ld [%o3+%g2],%g2
+/* 0x0a28 ( 4 5) */ cmp %g2,%g3
+/* 0x0a2c ( 4 5) */ bleu,pt %icc,.L77000224 ! tprob=0.56
+/* 0x0a30 ( 4 5) */ nop
+ .L77000287: /* frequency 0.8 confidence 0.0 */
+/* 0x0a34 ( 0 1) */ cmp %g1,0
+/* 0x0a38 ( 0 1) */ ble,pt %icc,.L77000224 ! tprob=0.60
+/* 0x0a3c ( 0 1) */ nop
+/* 0x0a40 281 ( 1 2) */ sub %g1,1,%o7
+/* 0x0a44 ( 1 2) */ or %g0,-1,%g2
+/* 0x0a48 ( 2 3) */ srl %g2,0,%o4
+/* 0x0a4c ( 2 3) */ add %o7,1,%o0
+/* 0x0a50 279 ( 3 4) */ or %g0,0,%o5
+/* 0x0a54 ( 3 4) */ or %g0,0,%g1
+/* 0x0a58 ( 4 5) */ cmp %o0,3
+/* 0x0a5c ( 4 5) */ bl,pn %icc,.L77000288 ! tprob=0.40
+/* 0x0a60 ( 4 5) */ add %o3,8,%o1
+/* 0x0a64 ( 5 6) */ add %o2,4,%o0
+/* 0x0a68 ( 5 8) */ ld [%o1-8],%g2
+/* 0x0a6c 0 ( 5 6) */ or %g0,%o1,%o3
+/* 0x0a70 279 ( 6 9) */ ld [%o0-4],%g3
+/* 0x0a74 0 ( 6 7) */ or %g0,%o0,%o2
+/* 0x0a78 279 ( 6 7) */ or %g0,2,%g1
+/* 0x0a7c ( 7 10) */ ld [%o3-4],%o0
+/* 0x0a80 ( 8 9) */ sub %g2,%g3,%g2
+/* 0x0a84 ( 9 10) */ or %g0,%g2,%o5
+/* 0x0a88 ( 9 10) */ and %g2,%o4,%g2
+/* 0x0a8c ( 9 10) */ st %g2,[%o3-8]
+/* 0x0a90 (10 11) */ srax %o5,32,%o5
+ .L900000734: /* frequency 64.0 confidence 0.0 */
+/* 0x0a94 (12 20) */ ld [%o2],%g2
+/* 0x0a98 (12 13) */ add %g1,1,%g1
+/* 0x0a9c (12 13) */ add %o2,4,%o2
+/* 0x0aa0 (13 13) */ cmp %g1,%o7
+/* 0x0aa4 (13 14) */ add %o3,4,%o3
+/* 0x0aa8 (14 14) */ sub %o0,%g2,%o0
+/* 0x0aac (15 15) */ add %o0,%o5,%o5
+/* 0x0ab0 (16 17) */ and %o5,%o4,%g2
+/* 0x0ab4 (16 24) */ ld [%o3-4],%o0
+/* 0x0ab8 (17 18) */ st %g2,[%o3-8]
+/* 0x0abc (17 18) */ ble,pt %icc,.L900000734 ! tprob=0.50
+/* 0x0ac0 (17 18) */ srax %o5,32,%o5
+ .L900000737: /* frequency 8.0 confidence 0.0 */
+/* 0x0ac4 ( 0 3) */ ld [%o2],%o1
+/* 0x0ac8 ( 2 3) */ sub %o0,%o1,%o0
+/* 0x0acc ( 3 4) */ add %o0,%o5,%o0
+/* 0x0ad0 ( 4 5) */ and %o0,%o4,%o1
+/* 0x0ad4 ( 4 5) */ st %o1,[%o3-4]
+/* 0x0ad8 ( 5 7) */ ret ! Result =
+/* 0x0adc ( 7 8) */ restore %g0,%g0,%g0
+ .L77000288: /* frequency 0.6 confidence 0.0 */
+/* 0x0ae0 ( 0 3) */ ld [%o3],%o0
+ .L900000742: /* frequency 5.3 confidence 0.0 */
+/* 0x0ae4 ( 0 3) */ ld [%o2],%o1
+/* 0x0ae8 ( 0 1) */ add %o5,%o0,%o0
+/* 0x0aec ( 0 1) */ add %g1,1,%g1
+/* 0x0af0 ( 1 2) */ add %o2,4,%o2
+/* 0x0af4 ( 1 2) */ cmp %g1,%o7
+/* 0x0af8 ( 2 3) */ sub %o0,%o1,%o0
+/* 0x0afc ( 3 4) */ and %o0,%o4,%o1
+/* 0x0b00 ( 3 4) */ st %o1,[%o3]
+/* 0x0b04 ( 3 4) */ add %o3,4,%o3
+/* 0x0b08 ( 4 5) */ srax %o0,32,%o5
+/* 0x0b0c ( 4 5) */ ble,a,pt %icc,.L900000742 ! tprob=0.84
+/* 0x0b10 ( 4 7) */ ld [%o3],%o0
+ .L77000224: /* frequency 1.0 confidence 0.0 */
+/* 0x0b14 ( 0 2) */ ret ! Result =
+/* 0x0b18 ( 2 3) */ restore %g0,%g0,%g0
+/* 0x0b1c 0 ( 0 0) */ .type mont_mulf_noconv,2
+/* 0x0b1c ( 0 0) */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
+
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.il b/security/nss/lib/freebl/mpi/montmulfv8.il
new file mode 100644
index 000000000..4952d0fb8
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulfv8.il
@@ -0,0 +1,108 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+!
+! double upper32(double /*frs1*/);
+!
+ .inline upper32,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+
+ fdtox %f10,%f10
+ fitod %f10,%f0
+ .end
+
+!
+! double lower32(double /*frs1*/, double /* Zero */);
+!
+ .inline lower32,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f12
+
+ fdtox %f10,%f10
+ fmovs %f12,%f10
+ fxtod %f10,%f0
+ .end
+
+!
+! double mod(double /*x*/, double /*1/m*/, double /*m*/);
+!
+ .inline mod,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f2
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o4,[%sp+0x48]
+ ldd [%sp+0x48],%f6
+
+ fmuld %f2,%f4,%f4
+ fdtox %f4,%f4
+ fxtod %f4,%f4
+ fmuld %f4,%f6,%f4
+ fsubd %f2,%f4,%f0
+ .end
+
+
+!
+! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
+! double * /* 0 */,
+! double * /*result16*/, double * /* result32 */
+! float * /*source - should be unsigned int*
+! converted to float* */);
+!
+ .inline i16_to_d16_and_d32x4,24
+ ldd [%o0],%f2 ! 1/(2^16)
+ ldd [%o1],%f4 ! 2^16
+ ldd [%o2],%f22
+
+ fmovd %f22,%f6
+ ld [%o5],%f7
+ fmovd %f22,%f10
+ ld [%o5+4],%f11
+ fmovd %f22,%f14
+ ld [%o5+8],%f15
+ fmovd %f22,%f18
+ ld [%o5+12],%f19
+ fxtod %f6,%f6
+ std %f6,[%o4]
+ fxtod %f10,%f10
+ std %f10,[%o4+8]
+ fxtod %f14,%f14
+ std %f14,[%o4+16]
+ fxtod %f18,%f18
+ std %f18,[%o4+24]
+ fmuld %f2,%f6,%f8
+ fmuld %f2,%f10,%f12
+ fmuld %f2,%f14,%f16
+ fmuld %f2,%f18,%f20
+ fdtox %f8,%f8
+ fdtox %f12,%f12
+ fdtox %f16,%f16
+ fdtox %f20,%f20
+ fxtod %f8,%f8
+ std %f8,[%o3+8]
+ fxtod %f12,%f12
+ std %f12,[%o3+24]
+ fxtod %f16,%f16
+ std %f16,[%o3+40]
+ fxtod %f20,%f20
+ std %f20,[%o3+56]
+ fmuld %f8,%f4,%f8
+ fmuld %f12,%f4,%f12
+ fmuld %f16,%f4,%f16
+ fmuld %f20,%f4,%f20
+ fsubd %f6,%f8,%f8
+ std %f8,[%o3]
+ fsubd %f10,%f12,%f12
+ std %f12,[%o3+16]
+ fsubd %f14,%f16,%f16
+ std %f16,[%o3+32]
+ fsubd %f18,%f20,%f20
+ std %f20,[%o3+48]
+ .end
+
+
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.s b/security/nss/lib/freebl/mpi/montmulfv8.s
new file mode 100644
index 000000000..ca738880f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulfv8.s
@@ -0,0 +1,1818 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .section ".text",#alloc,#execinstr
+ .file "montmulf.c"
+
+ .section ".rodata",#alloc
+ .global TwoTo16
+ .align 8
+!
+! CONSTANT POOL
+!
+ .global TwoTo16
+TwoTo16:
+ .word 1089470464
+ .word 0
+ .type TwoTo16,#object
+ .size TwoTo16,8
+ .global TwoToMinus16
+!
+! CONSTANT POOL
+!
+ .global TwoToMinus16
+TwoToMinus16:
+ .word 1055916032
+ .word 0
+ .type TwoToMinus16,#object
+ .size TwoToMinus16,8
+ .global Zero
+!
+! CONSTANT POOL
+!
+ .global Zero
+Zero:
+ .word 0
+ .word 0
+ .type Zero,#object
+ .size Zero,8
+ .global TwoTo32
+!
+! CONSTANT POOL
+!
+ .global TwoTo32
+TwoTo32:
+ .word 1106247680
+ .word 0
+ .type TwoTo32,#object
+ .size TwoTo32,8
+ .global TwoToMinus32
+!
+! CONSTANT POOL
+!
+ .global TwoToMinus32
+TwoToMinus32:
+ .word 1039138816
+ .word 0
+ .type TwoToMinus32,#object
+ .size TwoToMinus32,8
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 4
+!
+! SUBROUTINE conv_d16_to_i32
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_d16_to_i32
+ conv_d16_to_i32:
+/* 000000 */ save %sp,-128,%sp
+! FILE montmulf.c
+
+! 36 !#define RF_INLINE_MACROS
+! 38 !static const double TwoTo16=65536.0;
+! 39 !static const double TwoToMinus16=1.0/65536.0;
+! 40 !static const double Zero=0.0;
+! 41 !static const double TwoTo32=65536.0*65536.0;
+! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0);
+! 44 !#ifdef RF_INLINE_MACROS
+! 46 !double upper32(double);
+! 47 !double lower32(double, double);
+! 48 !double mod(double, double, double);
+! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
+! 51 ! const double * /* 2^16*/,
+! 52 ! const double * /* 0 */,
+! 53 ! double * /*result16*/,
+! 54 ! double * /* result32 */,
+! 55 ! float * /*source - should be unsigned int*
+! 56 ! converted to float* */);
+! 58 !#else
+! 60 !static double upper32(double x)
+! 61 !{
+! 62 ! return floor(x*TwoToMinus32);
+! 63 !}
+! 65 !static double lower32(double x, double y)
+! 66 !{
+! 67 ! return x-TwoTo32*floor(x*TwoToMinus32);
+! 68 !}
+! 70 !static double mod(double x, double oneoverm, double m)
+! 71 !{
+! 72 ! return x-m*floor(x*oneoverm);
+! 73 !}
+! 75 !#endif
+! 78 !static void cleanup(double *dt, int from, int tlen)
+! 79 !{
+! 80 ! int i;
+! 81 ! double tmp,tmp1,x,x1;
+! 83 ! tmp=tmp1=Zero;
+! 84 ! /* original code **
+! 85 ! for(i=2*from;i<2*tlen-2;i++)
+! 86 ! {
+! 87 ! x=dt[i];
+! 88 ! dt[i]=lower32(x,Zero)+tmp1;
+! 89 ! tmp1=tmp;
+! 90 ! tmp=upper32(x);
+! 91 ! }
+! 92 ! dt[tlen-2]+=tmp1;
+! 93 ! dt[tlen-1]+=tmp;
+! 94 ! **end original code ***/
+! 95 ! /* new code ***/
+! 96 ! for(i=2*from;i<2*tlen;i+=2)
+! 97 ! {
+! 98 ! x=dt[i];
+! 99 ! x1=dt[i+1];
+! 100 ! dt[i]=lower32(x,Zero)+tmp;
+! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1;
+! 102 ! tmp=upper32(x);
+! 103 ! tmp1=upper32(x1);
+! 104 ! }
+! 105 ! /** end new code **/
+! 106 !}
+! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
+! 110 !{
+! 111 !int i;
+! 112 !long long t, t1, a, b, c, d;
+! 114 ! t1=0;
+! 115 ! a=(long long)d16[0];
+
+/* 0x0004 115 */ ldd [%i1],%f0
+/* 0x0008 110 */ or %g0,%i1,%o0
+
+! 116 ! b=(long long)d16[1];
+! 117 ! for(i=0; i<ilen-1; i++)
+
+/* 0x000c 117 */ sub %i3,1,%g2
+/* 0x0010 */ cmp %g2,0
+/* 0x0014 114 */ or %g0,0,%o4
+/* 0x0018 115 */ fdtox %f0,%f0
+/* 0x001c */ std %f0,[%sp+120]
+/* 0x0020 117 */ or %g0,0,%o7
+/* 0x0024 110 */ or %g0,%i3,%o1
+/* 0x0028 */ sub %i3,2,%o2
+/* 0x002c 116 */ ldd [%o0+8],%f0
+/* 0x0030 110 */ sethi %hi(0xfc00),%o1
+/* 0x0034 */ add %o2,1,%g3
+/* 0x0038 */ add %o1,1023,%o1
+/* 0x003c */ or %g0,%i0,%o5
+/* 0x0040 116 */ fdtox %f0,%f0
+/* 0x0044 */ std %f0,[%sp+112]
+/* 0x0048 */ ldx [%sp+112],%g1
+/* 0x004c 115 */ ldx [%sp+120],%g4
+/* 0x0050 117 */ ble,pt %icc,.L900000117
+/* 0x0054 */ sethi %hi(0xfc00),%g2
+/* 0x0058 110 */ or %g0,-1,%g2
+/* 0x005c 117 */ cmp %g3,3
+/* 0x0060 110 */ srl %g2,0,%o3
+/* 0x0064 117 */ bl,pn %icc,.L77000134
+/* 0x0068 */ or %g0,%o0,%g2
+
+! 118 ! {
+! 119 ! c=(long long)d16[2*i+2];
+
+/* 0x006c 119 */ ldd [%o0+16],%f0
+
+! 120 ! t1+=a&0xffffffff;
+! 121 ! t=(a>>32);
+! 122 ! d=(long long)d16[2*i+3];
+! 123 ! t1+=(b&0xffff)<<16;
+! 124 ! t+=(b>>16)+(t1>>32);
+! 125 ! i32[i]=t1&0xffffffff;
+! 126 ! t1=t;
+! 127 ! a=c;
+! 128 ! b=d;
+
+/* 0x0070 128 */ add %o0,16,%g2
+/* 0x0074 123 */ and %g1,%o1,%o0
+/* 0x0078 */ sllx %o0,16,%g3
+/* 0x007c 120 */ and %g4,%o3,%o0
+/* 0x0080 117 */ add %o0,%g3,%o4
+/* 0x0084 119 */ fdtox %f0,%f0
+/* 0x0088 */ std %f0,[%sp+104]
+/* 0x008c 125 */ and %o4,%o3,%g5
+/* 0x0090 122 */ ldd [%g2+8],%f2
+/* 0x0094 128 */ add %o5,4,%o5
+/* 0x0098 124 */ srax %o4,32,%o4
+/* 0x009c */ stx %o4,[%sp+112]
+/* 0x00a0 122 */ fdtox %f2,%f0
+/* 0x00a4 */ std %f0,[%sp+96]
+/* 0x00a8 124 */ srax %g1,16,%o0
+/* 0x00ac */ ldx [%sp+112],%o7
+/* 0x00b0 121 */ srax %g4,32,%o4
+/* 0x00b4 124 */ add %o0,%o7,%g4
+/* 0x00b8 128 */ or %g0,1,%o7
+/* 0x00bc 119 */ ldx [%sp+104],%g3
+/* 0x00c0 124 */ add %o4,%g4,%o4
+/* 0x00c4 122 */ ldx [%sp+96],%g1
+/* 0x00c8 125 */ st %g5,[%o5-4]
+/* 0x00cc 127 */ or %g0,%g3,%g4
+ .L900000112:
+/* 0x00d0 119 */ ldd [%g2+16],%f0
+/* 0x00d4 128 */ add %o7,1,%o7
+/* 0x00d8 */ add %o5,4,%o5
+/* 0x00dc */ cmp %o7,%o2
+/* 0x00e0 */ add %g2,16,%g2
+/* 0x00e4 119 */ fdtox %f0,%f0
+/* 0x00e8 */ std %f0,[%sp+104]
+/* 0x00ec 122 */ ldd [%g2+8],%f0
+/* 0x00f0 */ fdtox %f0,%f0
+/* 0x00f4 */ std %f0,[%sp+96]
+/* 0x00f8 123 */ and %g1,%o1,%g3
+/* 0x00fc */ sllx %g3,16,%g5
+/* 0x0100 120 */ and %g4,%o3,%g3
+/* 0x0104 117 */ add %g3,%g5,%g3
+/* 0x0108 124 */ srax %g1,16,%g1
+/* 0x010c 117 */ add %g3,%o4,%g3
+/* 0x0110 124 */ srax %g3,32,%o4
+/* 0x0114 */ stx %o4,[%sp+112]
+/* 0x0118 119 */ ldx [%sp+104],%g5
+/* 0x011c 121 */ srax %g4,32,%o4
+/* 0x0120 124 */ ldx [%sp+112],%g4
+/* 0x0124 */ add %g1,%g4,%g4
+/* 0x0128 122 */ ldx [%sp+96],%g1
+/* 0x012c 124 */ add %o4,%g4,%o4
+/* 0x0130 125 */ and %g3,%o3,%g3
+/* 0x0134 127 */ or %g0,%g5,%g4
+/* 0x0138 128 */ ble,pt %icc,.L900000112
+/* 0x013c */ st %g3,[%o5-4]
+ .L900000115:
+/* 0x0140 128 */ ba .L900000117
+/* 0x0144 */ sethi %hi(0xfc00),%g2
+ .L77000134:
+/* 0x0148 119 */ ldd [%g2+16],%f0
+ .L900000116:
+/* 0x014c 120 */ and %g4,%o3,%o0
+/* 0x0150 123 */ and %g1,%o1,%g3
+/* 0x0154 119 */ fdtox %f0,%f0
+/* 0x0158 120 */ add %o4,%o0,%o0
+/* 0x015c 119 */ std %f0,[%sp+104]
+/* 0x0160 128 */ add %o7,1,%o7
+/* 0x0164 123 */ sllx %g3,16,%o4
+/* 0x0168 122 */ ldd [%g2+24],%f2
+/* 0x016c 128 */ add %g2,16,%g2
+/* 0x0170 123 */ add %o0,%o4,%o0
+/* 0x0174 128 */ cmp %o7,%o2
+/* 0x0178 125 */ and %o0,%o3,%g3
+/* 0x017c 122 */ fdtox %f2,%f0
+/* 0x0180 */ std %f0,[%sp+96]
+/* 0x0184 124 */ srax %o0,32,%o0
+/* 0x0188 */ stx %o0,[%sp+112]
+/* 0x018c 121 */ srax %g4,32,%o4
+/* 0x0190 122 */ ldx [%sp+96],%o0
+/* 0x0194 124 */ srax %g1,16,%g5
+/* 0x0198 */ ldx [%sp+112],%g4
+/* 0x019c 119 */ ldx [%sp+104],%g1
+/* 0x01a0 125 */ st %g3,[%o5]
+/* 0x01a4 124 */ add %g5,%g4,%g4
+/* 0x01a8 128 */ add %o5,4,%o5
+/* 0x01ac 124 */ add %o4,%g4,%o4
+/* 0x01b0 127 */ or %g0,%g1,%g4
+/* 0x01b4 128 */ or %g0,%o0,%g1
+/* 0x01b8 */ ble,a,pt %icc,.L900000116
+/* 0x01bc */ ldd [%g2+16],%f0
+ .L77000127:
+
+! 129 ! }
+! 130 ! t1+=a&0xffffffff;
+! 131 ! t=(a>>32);
+! 132 ! t1+=(b&0xffff)<<16;
+! 133 ! i32[i]=t1&0xffffffff;
+
+/* 0x01c0 133 */ sethi %hi(0xfc00),%g2
+ .L900000117:
+/* 0x01c4 133 */ or %g0,-1,%g3
+/* 0x01c8 */ add %g2,1023,%g2
+/* 0x01cc */ srl %g3,0,%g3
+/* 0x01d0 */ and %g1,%g2,%g2
+/* 0x01d4 */ and %g4,%g3,%g4
+/* 0x01d8 */ sllx %g2,16,%g2
+/* 0x01dc */ add %o4,%g4,%g4
+/* 0x01e0 */ add %g4,%g2,%g2
+/* 0x01e4 */ sll %o7,2,%g4
+/* 0x01e8 */ and %g2,%g3,%g2
+/* 0x01ec */ st %g2,[%i0+%g4]
+/* 0x01f0 */ ret ! Result =
+/* 0x01f4 */ restore %g0,%g0,%g0
+/* 0x01f8 0 */ .type conv_d16_to_i32,2
+/* 0x01f8 */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000201:
+/* 000000 0 */ .word 1127219200,0
+/* 0x0008 0 */ .align 4
+/* 0x0008 */ .skip 16
+!
+! SUBROUTINE conv_i32_to_d32
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_i32_to_d32
+ conv_i32_to_d32:
+/* 000000 */ or %g0,%o7,%g2
+
+! 135 !}
+! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
+! 138 !{
+! 139 !int i;
+! 141 !#pragma pipeloop(0)
+! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
+
+/* 0x0004 142 */ cmp %o2,0
+ .L900000210:
+/* 0x0008 */ call .+8
+/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
+/* 0x0010 142 */ or %g0,0,%o5
+/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
+/* 0x0018 */ or %g0,%o0,%g5
+/* 0x001c */ add %g4,%o7,%g1
+/* 0x0020 142 */ ble,pt %icc,.L77000140
+/* 0x0024 */ or %g0,%g2,%o7
+/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g2
+/* 0x002c 138 */ or %g0,%o1,%g4
+/* 0x0030 142 */ add %g2,%lo(.L_const_seg_900000201),%g2
+/* 0x0034 */ sub %o2,1,%g3
+/* 0x0038 */ ld [%g1+%g2],%g2
+/* 0x003c */ cmp %o2,9
+/* 0x0040 */ bl,pn %icc,.L77000144
+/* 0x0044 */ ldd [%g2],%f8
+/* 0x0048 */ add %o1,16,%g4
+/* 0x004c */ sub %o2,5,%g1
+/* 0x0050 */ ld [%o1],%f7
+/* 0x0054 */ or %g0,4,%o5
+/* 0x0058 */ ld [%o1+4],%f5
+/* 0x005c */ ld [%o1+8],%f3
+/* 0x0060 */ fmovs %f8,%f6
+/* 0x0064 */ ld [%o1+12],%f1
+ .L900000205:
+/* 0x0068 */ ld [%g4],%f11
+/* 0x006c */ add %o5,5,%o5
+/* 0x0070 */ add %g4,20,%g4
+/* 0x0074 */ fsubd %f6,%f8,%f6
+/* 0x0078 */ std %f6,[%g5]
+/* 0x007c */ cmp %o5,%g1
+/* 0x0080 */ add %g5,40,%g5
+/* 0x0084 */ fmovs %f8,%f4
+/* 0x0088 */ ld [%g4-16],%f7
+/* 0x008c */ fsubd %f4,%f8,%f12
+/* 0x0090 */ fmovs %f8,%f2
+/* 0x0094 */ std %f12,[%g5-32]
+/* 0x0098 */ ld [%g4-12],%f5
+/* 0x009c */ fsubd %f2,%f8,%f12
+/* 0x00a0 */ fmovs %f8,%f0
+/* 0x00a4 */ std %f12,[%g5-24]
+/* 0x00a8 */ ld [%g4-8],%f3
+/* 0x00ac */ fsubd %f0,%f8,%f12
+/* 0x00b0 */ fmovs %f8,%f10
+/* 0x00b4 */ std %f12,[%g5-16]
+/* 0x00b8 */ ld [%g4-4],%f1
+/* 0x00bc */ fsubd %f10,%f8,%f10
+/* 0x00c0 */ fmovs %f8,%f6
+/* 0x00c4 */ ble,pt %icc,.L900000205
+/* 0x00c8 */ std %f10,[%g5-8]
+ .L900000208:
+/* 0x00cc */ fmovs %f8,%f4
+/* 0x00d0 */ add %g5,32,%g5
+/* 0x00d4 */ cmp %o5,%g3
+/* 0x00d8 */ fmovs %f8,%f2
+/* 0x00dc */ fmovs %f8,%f0
+/* 0x00e0 */ fsubd %f6,%f8,%f6
+/* 0x00e4 */ std %f6,[%g5-32]
+/* 0x00e8 */ fsubd %f4,%f8,%f4
+/* 0x00ec */ std %f4,[%g5-24]
+/* 0x00f0 */ fsubd %f2,%f8,%f2
+/* 0x00f4 */ std %f2,[%g5-16]
+/* 0x00f8 */ fsubd %f0,%f8,%f0
+/* 0x00fc */ bg,pn %icc,.L77000140
+/* 0x0100 */ std %f0,[%g5-8]
+ .L77000144:
+/* 0x0104 */ ld [%g4],%f1
+ .L900000211:
+/* 0x0108 */ ldd [%g2],%f8
+/* 0x010c */ add %o5,1,%o5
+/* 0x0110 */ add %g4,4,%g4
+/* 0x0114 */ cmp %o5,%g3
+/* 0x0118 */ fmovs %f8,%f0
+/* 0x011c */ fsubd %f0,%f8,%f0
+/* 0x0120 */ std %f0,[%g5]
+/* 0x0124 */ add %g5,8,%g5
+/* 0x0128 */ ble,a,pt %icc,.L900000211
+/* 0x012c */ ld [%g4],%f1
+ .L77000140:
+/* 0x0130 */ retl ! Result =
+/* 0x0134 */ nop
+/* 0x0138 0 */ .type conv_i32_to_d32,2
+/* 0x0138 */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000301:
+/* 000000 0 */ .word 1127219200,0
+/* 0x0008 0 */ .align 4
+!
+! SUBROUTINE conv_i32_to_d16
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_i32_to_d16
+ conv_i32_to_d16:
+/* 000000 */ save %sp,-104,%sp
+/* 0x0004 */ or %g0,%i2,%o0
+
+! 143 !}
+! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
+! 147 !{
+! 148 !int i;
+! 149 !unsigned int a;
+! 151 !#pragma pipeloop(0)
+! 152 ! for(i=0;i<len;i++)
+! 153 ! {
+! 154 ! a=i32[i];
+! 155 ! d16[2*i]=(double)(a&0xffff);
+! 156 ! d16[2*i+1]=(double)(a>>16);
+
+/* 0x0008 156 */ sethi %hi(.L_const_seg_900000301),%g2
+ .L900000310:
+/* 0x000c */ call .+8
+/* 0x0010 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
+/* 0x0014 152 */ cmp %o0,0
+/* 0x0018 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
+/* 0x001c 152 */ ble,pt %icc,.L77000150
+/* 0x0020 */ add %g3,%o7,%o2
+/* 0x0024 */ sub %i2,1,%o5
+/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%o1
+/* 0x002c 152 */ sethi %hi(0xfc00),%o0
+/* 0x0030 */ ld [%o2+%o1],%o3
+/* 0x0034 */ add %o5,1,%g2
+/* 0x0038 */ or %g0,0,%g1
+/* 0x003c */ cmp %g2,3
+/* 0x0040 */ or %g0,%i1,%o7
+/* 0x0044 */ add %o0,1023,%o4
+/* 0x0048 */ or %g0,%i0,%g3
+/* 0x004c */ bl,pn %icc,.L77000154
+/* 0x0050 */ add %o7,4,%o0
+/* 0x0054 155 */ ldd [%o3],%f0
+/* 0x0058 156 */ or %g0,1,%g1
+/* 0x005c 154 */ ld [%o0-4],%o1
+/* 0x0060 0 */ or %g0,%o0,%o7
+/* 0x0064 155 */ and %o1,%o4,%o0
+ .L900000306:
+/* 0x0068 155 */ st %o0,[%sp+96]
+/* 0x006c 156 */ add %g1,1,%g1
+/* 0x0070 */ add %g3,16,%g3
+/* 0x0074 */ cmp %g1,%o5
+/* 0x0078 */ add %o7,4,%o7
+/* 0x007c 155 */ ld [%sp+96],%f3
+/* 0x0080 */ fmovs %f0,%f2
+/* 0x0084 */ fsubd %f2,%f0,%f2
+/* 0x0088 156 */ srl %o1,16,%o0
+/* 0x008c 155 */ std %f2,[%g3-16]
+/* 0x0090 156 */ st %o0,[%sp+92]
+/* 0x0094 */ ld [%sp+92],%f3
+/* 0x0098 154 */ ld [%o7-4],%o1
+/* 0x009c 156 */ fmovs %f0,%f2
+/* 0x00a0 */ fsubd %f2,%f0,%f2
+/* 0x00a4 155 */ and %o1,%o4,%o0
+/* 0x00a8 156 */ ble,pt %icc,.L900000306
+/* 0x00ac */ std %f2,[%g3-8]
+ .L900000309:
+/* 0x00b0 155 */ st %o0,[%sp+96]
+/* 0x00b4 */ fmovs %f0,%f2
+/* 0x00b8 156 */ add %g3,16,%g3
+/* 0x00bc */ srl %o1,16,%o0
+/* 0x00c0 155 */ ld [%sp+96],%f3
+/* 0x00c4 */ fsubd %f2,%f0,%f2
+/* 0x00c8 */ std %f2,[%g3-16]
+/* 0x00cc 156 */ st %o0,[%sp+92]
+/* 0x00d0 */ fmovs %f0,%f2
+/* 0x00d4 */ ld [%sp+92],%f3
+/* 0x00d8 */ fsubd %f2,%f0,%f0
+/* 0x00dc */ std %f0,[%g3-8]
+/* 0x00e0 */ ret ! Result =
+/* 0x00e4 */ restore %g0,%g0,%g0
+ .L77000154:
+/* 0x00e8 154 */ ld [%o7],%o0
+ .L900000311:
+/* 0x00ec 155 */ and %o0,%o4,%o1
+/* 0x00f0 */ st %o1,[%sp+96]
+/* 0x00f4 156 */ add %g1,1,%g1
+/* 0x00f8 155 */ ldd [%o3],%f0
+/* 0x00fc 156 */ srl %o0,16,%o0
+/* 0x0100 */ add %o7,4,%o7
+/* 0x0104 */ cmp %g1,%o5
+/* 0x0108 155 */ fmovs %f0,%f2
+/* 0x010c */ ld [%sp+96],%f3
+/* 0x0110 */ fsubd %f2,%f0,%f2
+/* 0x0114 */ std %f2,[%g3]
+/* 0x0118 156 */ st %o0,[%sp+92]
+/* 0x011c */ fmovs %f0,%f2
+/* 0x0120 */ ld [%sp+92],%f3
+/* 0x0124 */ fsubd %f2,%f0,%f0
+/* 0x0128 */ std %f0,[%g3+8]
+/* 0x012c */ add %g3,16,%g3
+/* 0x0130 */ ble,a,pt %icc,.L900000311
+/* 0x0134 */ ld [%o7],%o0
+ .L77000150:
+/* 0x0138 */ ret ! Result =
+/* 0x013c */ restore %g0,%g0,%g0
+/* 0x0140 0 */ .type conv_i32_to_d16,2
+/* 0x0140 */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000401:
+/* 000000 0 */ .word 1127219200,0
+/* 0x0008 0 */ .align 4
+/* 0x0008 */ .skip 16
+!
+! SUBROUTINE conv_i32_to_d32_and_d16
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_i32_to_d32_and_d16
+ conv_i32_to_d32_and_d16:
+/* 000000 */ save %sp,-120,%sp
+ .L900000415:
+/* 0x0004 */ call .+8
+/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
+
+! 157 ! }
+! 158 !}
+! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
+! 162 ! unsigned int *i32, int len)
+! 163 !{
+! 164 !int i = 0;
+! 165 !unsigned int a;
+! 167 !#pragma pipeloop(0)
+! 168 !#ifdef RF_INLINE_MACROS
+! 169 ! for(;i<len-3;i+=4)
+
+/* 0x000c 169 */ sub %i3,3,%g2
+/* 0x0010 */ cmp %g2,0
+/* 0x0014 163 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
+
+! 170 ! {
+! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
+! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
+
+/* 0x0018 172 */ sethi %hi(Zero),%g2
+/* 0x001c 163 */ add %g4,%o7,%o4
+/* 0x0020 172 */ add %g2,%lo(Zero),%g2
+/* 0x0024 */ sethi %hi(TwoToMinus16),%g3
+/* 0x0028 */ ld [%o4+%g2],%o1
+/* 0x002c */ sethi %hi(TwoTo16),%g4
+/* 0x0030 */ add %g3,%lo(TwoToMinus16),%g2
+/* 0x0034 */ ld [%o4+%g2],%o3
+/* 0x0038 164 */ or %g0,0,%g5
+/* 0x003c 172 */ add %g4,%lo(TwoTo16),%g3
+/* 0x0040 */ ld [%o4+%g3],%o2
+/* 0x0044 163 */ or %g0,%i0,%i4
+/* 0x0048 169 */ or %g0,%i2,%o7
+/* 0x004c */ ble,pt %icc,.L900000418
+/* 0x0050 */ cmp %g5,%i3
+/* 0x0054 172 */ stx %o7,[%sp+104]
+/* 0x0058 169 */ sub %i3,4,%o5
+/* 0x005c */ or %g0,0,%g4
+/* 0x0060 */ or %g0,0,%g1
+ .L900000417:
+/* 0x0064 */ ldd [%o1],%f2
+/* 0x0068 172 */ add %i4,%g4,%g2
+/* 0x006c */ add %i1,%g1,%g3
+/* 0x0070 */ ldd [%o3],%f0
+/* 0x0074 */ add %g5,4,%g5
+/* 0x0078 */ fmovd %f2,%f14
+/* 0x007c */ ld [%o7],%f15
+/* 0x0080 */ cmp %g5,%o5
+/* 0x0084 */ fmovd %f2,%f10
+/* 0x0088 */ ld [%o7+4],%f11
+/* 0x008c */ add %o7,16,%o7
+/* 0x0090 */ ldx [%sp+104],%o0
+/* 0x0094 */ fmovd %f2,%f6
+/* 0x0098 */ stx %o7,[%sp+112]
+/* 0x009c */ fxtod %f14,%f14
+/* 0x00a0 */ ld [%o0+8],%f7
+/* 0x00a4 */ fxtod %f10,%f10
+/* 0x00a8 */ ld [%o0+12],%f3
+/* 0x00ac */ fxtod %f6,%f6
+/* 0x00b0 */ ldd [%o2],%f16
+/* 0x00b4 */ fmuld %f0,%f14,%f12
+/* 0x00b8 */ fxtod %f2,%f2
+/* 0x00bc */ fmuld %f0,%f10,%f8
+/* 0x00c0 */ std %f14,[%i4+%g4]
+/* 0x00c4 */ ldx [%sp+112],%o7
+/* 0x00c8 */ add %g4,32,%g4
+/* 0x00cc */ fmuld %f0,%f6,%f4
+/* 0x00d0 */ fdtox %f12,%f12
+/* 0x00d4 */ std %f10,[%g2+8]
+/* 0x00d8 */ fmuld %f0,%f2,%f0
+/* 0x00dc */ fdtox %f8,%f8
+/* 0x00e0 */ std %f6,[%g2+16]
+/* 0x00e4 */ std %f2,[%g2+24]
+/* 0x00e8 */ fdtox %f4,%f4
+/* 0x00ec */ fdtox %f0,%f0
+/* 0x00f0 */ fxtod %f12,%f12
+/* 0x00f4 */ std %f12,[%g3+8]
+/* 0x00f8 */ fxtod %f8,%f8
+/* 0x00fc */ std %f8,[%g3+24]
+/* 0x0100 */ fxtod %f4,%f4
+/* 0x0104 */ std %f4,[%g3+40]
+/* 0x0108 */ fxtod %f0,%f0
+/* 0x010c */ std %f0,[%g3+56]
+/* 0x0110 */ fmuld %f12,%f16,%f12
+/* 0x0114 */ fmuld %f8,%f16,%f8
+/* 0x0118 */ fmuld %f4,%f16,%f4
+/* 0x011c */ fsubd %f14,%f12,%f12
+/* 0x0120 */ std %f12,[%i1+%g1]
+/* 0x0124 */ fmuld %f0,%f16,%f0
+/* 0x0128 */ fsubd %f10,%f8,%f8
+/* 0x012c */ std %f8,[%g3+16]
+/* 0x0130 */ add %g1,64,%g1
+/* 0x0134 */ fsubd %f6,%f4,%f4
+/* 0x0138 */ std %f4,[%g3+32]
+/* 0x013c */ fsubd %f2,%f0,%f0
+/* 0x0140 */ std %f0,[%g3+48]
+/* 0x0144 */ ble,a,pt %icc,.L900000417
+/* 0x0148 */ stx %o7,[%sp+104]
+ .L77000159:
+
+! 173 ! }
+! 174 !#endif
+! 175 ! for(;i<len;i++)
+
+/* 0x014c 175 */ cmp %g5,%i3
+ .L900000418:
+/* 0x0150 175 */ bge,pt %icc,.L77000164
+/* 0x0154 */ nop
+
+! 176 ! {
+! 177 ! a=i32[i];
+! 178 ! d32[i]=(double)(i32[i]);
+! 179 ! d16[2*i]=(double)(a&0xffff);
+! 180 ! d16[2*i+1]=(double)(a>>16);
+
+/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2
+/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%o1
+/* 0x0160 175 */ sethi %hi(0xfc00),%o0
+/* 0x0164 */ ld [%o4+%o1],%o2
+/* 0x0168 */ sll %g5,2,%o3
+/* 0x016c */ sub %i3,%g5,%g3
+/* 0x0170 */ sll %g5,3,%g2
+/* 0x0174 */ add %o0,1023,%o4
+/* 0x0178 178 */ ldd [%o2],%f0
+/* 0x017c */ add %i2,%o3,%o0
+/* 0x0180 175 */ cmp %g3,3
+/* 0x0184 */ add %i4,%g2,%o3
+/* 0x0188 */ sub %i3,1,%o1
+/* 0x018c */ sll %g5,4,%g4
+/* 0x0190 */ bl,pn %icc,.L77000161
+/* 0x0194 */ add %i1,%g4,%o5
+/* 0x0198 178 */ ld [%o0],%f3
+/* 0x019c 180 */ add %o3,8,%o3
+/* 0x01a0 177 */ ld [%o0],%o7
+/* 0x01a4 180 */ add %o5,16,%o5
+/* 0x01a8 */ add %g5,1,%g5
+/* 0x01ac 178 */ fmovs %f0,%f2
+/* 0x01b0 180 */ add %o0,4,%o0
+/* 0x01b4 179 */ and %o7,%o4,%g1
+/* 0x01b8 178 */ fsubd %f2,%f0,%f2
+/* 0x01bc */ std %f2,[%o3-8]
+/* 0x01c0 180 */ srl %o7,16,%o7
+/* 0x01c4 179 */ st %g1,[%sp+96]
+/* 0x01c8 */ fmovs %f0,%f2
+/* 0x01cc */ ld [%sp+96],%f3
+/* 0x01d0 */ fsubd %f2,%f0,%f2
+/* 0x01d4 */ std %f2,[%o5-16]
+/* 0x01d8 180 */ st %o7,[%sp+92]
+/* 0x01dc */ fmovs %f0,%f2
+/* 0x01e0 */ ld [%sp+92],%f3
+/* 0x01e4 */ fsubd %f2,%f0,%f2
+/* 0x01e8 */ std %f2,[%o5-8]
+ .L900000411:
+/* 0x01ec 178 */ ld [%o0],%f3
+/* 0x01f0 180 */ add %g5,2,%g5
+/* 0x01f4 */ add %o5,32,%o5
+/* 0x01f8 177 */ ld [%o0],%o7
+/* 0x01fc 180 */ cmp %g5,%o1
+/* 0x0200 */ add %o3,16,%o3
+/* 0x0204 178 */ fmovs %f0,%f2
+/* 0x0208 */ fsubd %f2,%f0,%f2
+/* 0x020c */ std %f2,[%o3-16]
+/* 0x0210 179 */ and %o7,%o4,%g1
+/* 0x0214 */ st %g1,[%sp+96]
+/* 0x0218 */ ld [%sp+96],%f3
+/* 0x021c */ fmovs %f0,%f2
+/* 0x0220 */ fsubd %f2,%f0,%f2
+/* 0x0224 180 */ srl %o7,16,%o7
+/* 0x0228 179 */ std %f2,[%o5-32]
+/* 0x022c 180 */ st %o7,[%sp+92]
+/* 0x0230 */ ld [%sp+92],%f3
+/* 0x0234 */ fmovs %f0,%f2
+/* 0x0238 */ fsubd %f2,%f0,%f2
+/* 0x023c */ std %f2,[%o5-24]
+/* 0x0240 */ add %o0,4,%o0
+/* 0x0244 178 */ ld [%o0],%f3
+/* 0x0248 177 */ ld [%o0],%o7
+/* 0x024c 178 */ fmovs %f0,%f2
+/* 0x0250 */ fsubd %f2,%f0,%f2
+/* 0x0254 */ std %f2,[%o3-8]
+/* 0x0258 179 */ and %o7,%o4,%g1
+/* 0x025c */ st %g1,[%sp+96]
+/* 0x0260 */ ld [%sp+96],%f3
+/* 0x0264 */ fmovs %f0,%f2
+/* 0x0268 */ fsubd %f2,%f0,%f2
+/* 0x026c 180 */ srl %o7,16,%o7
+/* 0x0270 179 */ std %f2,[%o5-16]
+/* 0x0274 180 */ st %o7,[%sp+92]
+/* 0x0278 */ ld [%sp+92],%f3
+/* 0x027c */ fmovs %f0,%f2
+/* 0x0280 */ fsubd %f2,%f0,%f2
+/* 0x0284 */ std %f2,[%o5-8]
+/* 0x0288 */ bl,pt %icc,.L900000411
+/* 0x028c */ add %o0,4,%o0
+ .L900000414:
+/* 0x0290 180 */ cmp %g5,%i3
+/* 0x0294 */ bge,pn %icc,.L77000164
+/* 0x0298 */ nop
+ .L77000161:
+/* 0x029c 178 */ ld [%o0],%f3
+ .L900000416:
+/* 0x02a0 178 */ ldd [%o2],%f0
+/* 0x02a4 180 */ add %g5,1,%g5
+/* 0x02a8 177 */ ld [%o0],%o1
+/* 0x02ac 180 */ add %o0,4,%o0
+/* 0x02b0 */ cmp %g5,%i3
+/* 0x02b4 178 */ fmovs %f0,%f2
+/* 0x02b8 179 */ and %o1,%o4,%o7
+/* 0x02bc 178 */ fsubd %f2,%f0,%f2
+/* 0x02c0 */ std %f2,[%o3]
+/* 0x02c4 180 */ srl %o1,16,%o1
+/* 0x02c8 179 */ st %o7,[%sp+96]
+/* 0x02cc 180 */ add %o3,8,%o3
+/* 0x02d0 179 */ fmovs %f0,%f2
+/* 0x02d4 */ ld [%sp+96],%f3
+/* 0x02d8 */ fsubd %f2,%f0,%f2
+/* 0x02dc */ std %f2,[%o5]
+/* 0x02e0 180 */ st %o1,[%sp+92]
+/* 0x02e4 */ fmovs %f0,%f2
+/* 0x02e8 */ ld [%sp+92],%f3
+/* 0x02ec */ fsubd %f2,%f0,%f0
+/* 0x02f0 */ std %f0,[%o5+8]
+/* 0x02f4 */ add %o5,16,%o5
+/* 0x02f8 */ bl,a,pt %icc,.L900000416
+/* 0x02fc */ ld [%o0],%f3
+ .L77000164:
+/* 0x0300 */ ret ! Result =
+/* 0x0304 */ restore %g0,%g0,%g0
+/* 0x0308 0 */ .type conv_i32_to_d32_and_d16,2
+/* 0x0308 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 4
+!
+! SUBROUTINE adjust_montf_result
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global adjust_montf_result
+ adjust_montf_result:
+/* 000000 */ or %g0,%o2,%g5
+
+! 181 ! }
+! 182 !}
+! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
+! 186 !{
+! 187 !long long acc;
+! 188 !int i;
+! 190 ! if(i32[len]>0) i=-1;
+
+/* 0x0004 190 */ or %g0,-1,%g4
+/* 0x0008 */ sll %o2,2,%g1
+/* 0x000c */ ld [%o0+%g1],%g1
+/* 0x0010 */ cmp %g1,0
+/* 0x0014 */ bleu,pn %icc,.L77000175
+/* 0x0018 */ or %g0,%o1,%o3
+/* 0x001c */ ba .L900000511
+/* 0x0020 */ cmp %g4,0
+ .L77000175:
+
+! 191 ! else
+! 192 ! {
+! 193 ! for(i=len-1; i>=0; i--)
+
+/* 0x0024 193 */ sub %o2,1,%g4
+/* 0x0028 */ sll %g4,2,%g1
+/* 0x002c */ cmp %g4,0
+/* 0x0030 */ bl,pt %icc,.L900000511
+/* 0x0034 */ cmp %g4,0
+/* 0x0038 */ add %o1,%g1,%g2
+
+! 194 ! {
+! 195 ! if(i32[i]!=nint[i]) break;
+
+/* 0x003c 195 */ ld [%g2],%o5
+/* 0x0040 193 */ add %o0,%g1,%g3
+ .L900000510:
+/* 0x0044 195 */ ld [%g3],%o2
+/* 0x0048 */ sub %g4,1,%g1
+/* 0x004c */ sub %g2,4,%g2
+/* 0x0050 */ sub %g3,4,%g3
+/* 0x0054 */ cmp %o2,%o5
+/* 0x0058 */ bne,pn %icc,.L77000182
+/* 0x005c */ nop
+/* 0x0060 0 */ or %g0,%g1,%g4
+/* 0x0064 195 */ cmp %g1,0
+/* 0x0068 */ bge,a,pt %icc,.L900000510
+/* 0x006c */ ld [%g2],%o5
+ .L77000182:
+
+! 196 ! }
+! 197 ! }
+! 198 ! if((i<0)||(i32[i]>nint[i]))
+
+/* 0x0070 198 */ cmp %g4,0
+ .L900000511:
+/* 0x0074 198 */ bl,pn %icc,.L77000198
+/* 0x0078 */ sll %g4,2,%g2
+/* 0x007c */ ld [%o1+%g2],%g1
+/* 0x0080 */ ld [%o0+%g2],%g2
+/* 0x0084 */ cmp %g2,%g1
+/* 0x0088 */ bleu,pt %icc,.L77000191
+/* 0x008c */ nop
+ .L77000198:
+
+! 199 ! {
+! 200 ! acc=0;
+! 201 ! for(i=0;i<len;i++)
+
+/* 0x0090 201 */ cmp %g5,0
+/* 0x0094 */ ble,pt %icc,.L77000191
+/* 0x0098 */ nop
+/* 0x009c */ or %g0,%g5,%g1
+/* 0x00a0 198 */ or %g0,-1,%g2
+/* 0x00a4 */ srl %g2,0,%g3
+/* 0x00a8 */ sub %g5,1,%g4
+/* 0x00ac 200 */ or %g0,0,%g5
+/* 0x00b0 201 */ or %g0,0,%o5
+/* 0x00b4 198 */ or %g0,%o0,%o4
+/* 0x00b8 */ cmp %g1,3
+/* 0x00bc 201 */ bl,pn %icc,.L77000199
+/* 0x00c0 */ add %o0,8,%g1
+/* 0x00c4 */ add %o1,4,%g2
+
+! 202 ! {
+! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
+
+/* 0x00c8 203 */ ld [%o0],%o2
+/* 0x00cc */ ld [%o1],%o1
+/* 0x00d0 0 */ or %g0,%g1,%o4
+/* 0x00d4 */ or %g0,%g2,%o3
+/* 0x00d8 203 */ ld [%o0+4],%g1
+
+! 204 ! i32[i]=acc&0xffffffff;
+! 205 ! acc=acc>>32;
+
+/* 0x00dc 205 */ or %g0,2,%o5
+/* 0x00e0 201 */ sub %o2,%o1,%o2
+/* 0x00e4 */ or %g0,%o2,%g5
+/* 0x00e8 204 */ and %o2,%g3,%o2
+/* 0x00ec */ st %o2,[%o0]
+/* 0x00f0 205 */ srax %g5,32,%g5
+ .L900000505:
+/* 0x00f4 203 */ ld [%o3],%o2
+/* 0x00f8 205 */ add %o5,1,%o5
+/* 0x00fc */ add %o3,4,%o3
+/* 0x0100 */ cmp %o5,%g4
+/* 0x0104 */ add %o4,4,%o4
+/* 0x0108 201 */ sub %g1,%o2,%g1
+/* 0x010c */ add %g1,%g5,%g5
+/* 0x0110 204 */ and %g5,%g3,%o2
+/* 0x0114 203 */ ld [%o4-4],%g1
+/* 0x0118 204 */ st %o2,[%o4-8]
+/* 0x011c 205 */ ble,pt %icc,.L900000505
+/* 0x0120 */ srax %g5,32,%g5
+ .L900000508:
+/* 0x0124 203 */ ld [%o3],%g2
+/* 0x0128 201 */ sub %g1,%g2,%g1
+/* 0x012c */ add %g1,%g5,%g1
+/* 0x0130 204 */ and %g1,%g3,%g2
+/* 0x0134 */ retl ! Result =
+/* 0x0138 */ st %g2,[%o4-4]
+ .L77000199:
+/* 0x013c 203 */ ld [%o4],%g1
+ .L900000509:
+/* 0x0140 203 */ ld [%o3],%g2
+/* 0x0144 */ add %g5,%g1,%g1
+/* 0x0148 205 */ add %o5,1,%o5
+/* 0x014c */ add %o3,4,%o3
+/* 0x0150 */ cmp %o5,%g4
+/* 0x0154 203 */ sub %g1,%g2,%g1
+/* 0x0158 204 */ and %g1,%g3,%g2
+/* 0x015c */ st %g2,[%o4]
+/* 0x0160 205 */ add %o4,4,%o4
+/* 0x0164 */ srax %g1,32,%g5
+/* 0x0168 */ ble,a,pt %icc,.L900000509
+/* 0x016c */ ld [%o4],%g1
+ .L77000191:
+/* 0x0170 */ retl ! Result =
+/* 0x0174 */ nop
+/* 0x0178 0 */ .type adjust_montf_result,2
+/* 0x0178 */ .size adjust_montf_result,(.-adjust_montf_result)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 4
+/* 000000 */ .skip 16
+!
+! SUBROUTINE mont_mulf_noconv
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global mont_mulf_noconv
+ mont_mulf_noconv:
+/* 000000 */ save %sp,-144,%sp
+ .L900000646:
+/* 0x0004 */ call .+8
+/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
+
+! 206 ! }
+! 207 ! }
+! 208 !}
+! 213 !/*
+! 214 !** the lengths of the input arrays should be at least the following:
+! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
+! 216 !** all of them should be different from one another
+! 217 !**
+! 218 !*/
+! 219 !void mont_mulf_noconv(unsigned int *result,
+! 220 ! double *dm1, double *dm2, double *dt,
+! 221 ! double *dn, unsigned int *nint,
+! 222 ! int nlen, double dn0)
+! 223 !{
+! 224 ! int i, j, jj;
+! 225 ! int tmp;
+! 226 ! double digit, m2j, nextm2j, a, b;
+! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
+! 229 ! pdm1=&(dm1[0]);
+! 230 ! pdm2=&(dm2[0]);
+! 231 ! pdn=&(dn[0]);
+! 232 ! pdm2[2*nlen]=Zero;
+
+/* 0x000c 232 */ ld [%fp+92],%o1
+/* 0x0010 */ sethi %hi(Zero),%g2
+/* 0x0014 223 */ ldd [%fp+96],%f2
+/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
+/* 0x001c 232 */ add %g2,%lo(Zero),%g2
+/* 0x0020 223 */ st %i0,[%fp+68]
+/* 0x0024 */ add %g5,%o7,%o3
+
+! 234 ! if (nlen!=16)
+! 235 ! {
+! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
+! 238 ! a=dt[0]=pdm1[0]*pdm2[0];
+! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
+
+/* 0x0028 239 */ sethi %hi(TwoToMinus16),%g3
+/* 0x002c 232 */ ld [%o3+%g2],%l0
+/* 0x0030 239 */ sethi %hi(TwoTo16),%g4
+/* 0x0034 223 */ or %g0,%i2,%o2
+/* 0x0038 */ fmovd %f2,%f16
+/* 0x003c */ st %i5,[%fp+88]
+/* 0x0040 239 */ add %g3,%lo(TwoToMinus16),%g2
+/* 0x0044 223 */ or %g0,%i1,%i2
+/* 0x0048 232 */ ldd [%l0],%f0
+/* 0x004c 239 */ add %g4,%lo(TwoTo16),%g3
+/* 0x0050 223 */ or %g0,%i3,%o0
+/* 0x0054 232 */ sll %o1,4,%g4
+/* 0x0058 239 */ ld [%o3+%g2],%g5
+/* 0x005c 223 */ or %g0,%i3,%i1
+/* 0x0060 239 */ ld [%o3+%g3],%g1
+/* 0x0064 232 */ or %g0,%o1,%i0
+/* 0x0068 */ or %g0,%o2,%i3
+/* 0x006c 234 */ cmp %o1,16
+/* 0x0070 */ be,pn %icc,.L77000279
+/* 0x0074 */ std %f0,[%o2+%g4]
+/* 0x0078 236 */ sll %o1,2,%g2
+/* 0x007c */ or %g0,%o0,%o3
+/* 0x0080 232 */ sll %o1,1,%o1
+/* 0x0084 236 */ add %g2,2,%o2
+/* 0x0088 */ cmp %o2,0
+/* 0x008c */ ble,a,pt %icc,.L900000660
+/* 0x0090 */ ldd [%i2],%f0
+
+! 241 ! pdtj=&(dt[0]);
+! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
+! 243 ! {
+! 244 ! m2j=pdm2[j];
+! 245 ! a=pdtj[0]+pdn[0]*digit;
+! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
+! 247 ! pdtj[1]=b;
+! 249 !#pragma pipeloop(0)
+! 250 ! for(i=1;i<nlen;i++)
+! 251 ! {
+! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+! 253 ! }
+! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
+! 255 !
+! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 257 ! }
+! 258 ! }
+! 259 ! else
+! 260 ! {
+! 261 ! a=dt[0]=pdm1[0]*pdm2[0];
+! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
+! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
+! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
+! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
+! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
+! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
+! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
+! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
+! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
+! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
+! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
+! 275 ! pdn_0=pdn[0];
+! 276 ! pdm1_0=pdm1[0];
+! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 279 ! pdtj=&(dt[0]);
+! 281 ! for(j=0;j<32;j++,pdtj++)
+
+/* 0x0094 281 */ add %g2,2,%o0
+/* 0x0098 236 */ add %g2,1,%o2
+/* 0x009c 281 */ cmp %o0,3
+/* 0x00a0 */ bl,pn %icc,.L77000280
+/* 0x00a4 */ or %g0,1,%o0
+/* 0x00a8 */ add %o3,8,%o3
+/* 0x00ac */ or %g0,1,%o4
+/* 0x00b0 */ std %f0,[%o3-8]
+ .L900000630:
+/* 0x00b4 */ std %f0,[%o3]
+/* 0x00b8 */ add %o4,2,%o4
+/* 0x00bc */ add %o3,16,%o3
+/* 0x00c0 */ cmp %o4,%g2
+/* 0x00c4 */ ble,pt %icc,.L900000630
+/* 0x00c8 */ std %f0,[%o3-8]
+ .L900000633:
+/* 0x00cc */ cmp %o4,%o2
+/* 0x00d0 */ bg,pn %icc,.L77000285
+/* 0x00d4 */ add %o4,1,%o0
+ .L77000280:
+/* 0x00d8 */ std %f0,[%o3]
+ .L900000659:
+/* 0x00dc */ ldd [%l0],%f0
+/* 0x00e0 */ cmp %o0,%o2
+/* 0x00e4 */ add %o3,8,%o3
+/* 0x00e8 */ add %o0,1,%o0
+/* 0x00ec */ ble,a,pt %icc,.L900000659
+/* 0x00f0 */ std %f0,[%o3]
+ .L77000285:
+/* 0x00f4 238 */ ldd [%i2],%f0
+ .L900000660:
+/* 0x00f8 238 */ ldd [%i3],%f2
+/* 0x00fc */ add %o1,1,%o2
+/* 0x0100 242 */ cmp %o1,0
+/* 0x0104 */ sll %o2,1,%o0
+/* 0x0108 */ sub %o1,1,%o1
+/* 0x010c 238 */ fmuld %f0,%f2,%f0
+/* 0x0110 */ std %f0,[%i1]
+/* 0x0114 0 */ or %g0,0,%l1
+/* 0x0118 */ ldd [%l0],%f6
+/* 0x011c */ or %g0,0,%g4
+/* 0x0120 */ or %g0,%o2,%i5
+/* 0x0124 */ ldd [%g5],%f2
+/* 0x0128 */ or %g0,%o1,%g3
+/* 0x012c */ or %g0,%o0,%o3
+/* 0x0130 */ fdtox %f0,%f0
+/* 0x0134 */ ldd [%g1],%f4
+/* 0x0138 246 */ add %i3,8,%o4
+/* 0x013c */ or %g0,0,%l2
+/* 0x0140 */ or %g0,%i1,%o5
+/* 0x0144 */ sub %i0,1,%o7
+/* 0x0148 */ fmovs %f6,%f0
+/* 0x014c */ fxtod %f0,%f0
+/* 0x0150 239 */ fmuld %f0,%f16,%f0
+/* 0x0154 */ fmuld %f0,%f2,%f2
+/* 0x0158 */ fdtox %f2,%f2
+/* 0x015c */ fxtod %f2,%f2
+/* 0x0160 */ fmuld %f2,%f4,%f2
+/* 0x0164 */ fsubd %f0,%f2,%f22
+/* 0x0168 242 */ ble,pt %icc,.L900000653
+/* 0x016c */ sll %i0,4,%g2
+/* 0x0170 246 */ ldd [%i4],%f0
+ .L900000654:
+/* 0x0174 246 */ fmuld %f0,%f22,%f8
+/* 0x0178 */ ldd [%i2],%f0
+/* 0x017c 250 */ cmp %i0,1
+/* 0x0180 246 */ ldd [%o4+%l2],%f6
+/* 0x0184 */ add %i2,8,%o0
+/* 0x0188 250 */ or %g0,1,%o1
+/* 0x018c 246 */ ldd [%o5],%f2
+/* 0x0190 */ add %o5,16,%l3
+/* 0x0194 */ fmuld %f0,%f6,%f6
+/* 0x0198 */ ldd [%g5],%f4
+/* 0x019c */ faddd %f2,%f8,%f2
+/* 0x01a0 */ ldd [%o5+8],%f0
+/* 0x01a4 244 */ ldd [%i3+%l2],%f20
+/* 0x01a8 246 */ faddd %f0,%f6,%f0
+/* 0x01ac */ fmuld %f2,%f4,%f2
+/* 0x01b0 */ faddd %f0,%f2,%f18
+/* 0x01b4 247 */ std %f18,[%o5+8]
+/* 0x01b8 250 */ ble,pt %icc,.L900000658
+/* 0x01bc */ srl %g4,31,%g2
+/* 0x01c0 */ cmp %o7,7
+/* 0x01c4 246 */ add %i4,8,%g2
+/* 0x01c8 250 */ bl,pn %icc,.L77000284
+/* 0x01cc */ add %g2,24,%o2
+/* 0x01d0 252 */ ldd [%o0+24],%f12
+/* 0x01d4 */ add %o5,48,%l3
+/* 0x01d8 */ ldd [%o0],%f2
+/* 0x01dc 0 */ or %g0,%o2,%g2
+/* 0x01e0 250 */ sub %o7,2,%o2
+/* 0x01e4 252 */ ldd [%g2-24],%f0
+/* 0x01e8 */ or %g0,5,%o1
+/* 0x01ec */ ldd [%o0+8],%f6
+/* 0x01f0 */ fmuld %f2,%f20,%f2
+/* 0x01f4 */ ldd [%o0+16],%f14
+/* 0x01f8 */ fmuld %f0,%f22,%f4
+/* 0x01fc */ add %o0,32,%o0
+/* 0x0200 */ ldd [%g2-16],%f8
+/* 0x0204 */ fmuld %f6,%f20,%f10
+/* 0x0208 */ ldd [%o5+16],%f0
+/* 0x020c */ ldd [%g2-8],%f6
+/* 0x0210 */ faddd %f2,%f4,%f4
+/* 0x0214 */ ldd [%o5+32],%f2
+ .L900000642:
+/* 0x0218 252 */ ldd [%g2],%f24
+/* 0x021c */ add %o1,3,%o1
+/* 0x0220 */ add %g2,24,%g2
+/* 0x0224 */ fmuld %f8,%f22,%f8
+/* 0x0228 */ ldd [%l3],%f28
+/* 0x022c */ cmp %o1,%o2
+/* 0x0230 */ add %o0,24,%o0
+/* 0x0234 */ ldd [%o0-24],%f26
+/* 0x0238 */ faddd %f0,%f4,%f0
+/* 0x023c */ add %l3,48,%l3
+/* 0x0240 */ faddd %f10,%f8,%f10
+/* 0x0244 */ fmuld %f14,%f20,%f4
+/* 0x0248 */ std %f0,[%l3-80]
+/* 0x024c */ ldd [%g2-16],%f8
+/* 0x0250 */ fmuld %f6,%f22,%f6
+/* 0x0254 */ ldd [%l3-32],%f0
+/* 0x0258 */ ldd [%o0-16],%f14
+/* 0x025c */ faddd %f2,%f10,%f2
+/* 0x0260 */ faddd %f4,%f6,%f10
+/* 0x0264 */ fmuld %f12,%f20,%f4
+/* 0x0268 */ std %f2,[%l3-64]
+/* 0x026c */ ldd [%g2-8],%f6
+/* 0x0270 */ fmuld %f24,%f22,%f24
+/* 0x0274 */ ldd [%l3-16],%f2
+/* 0x0278 */ ldd [%o0-8],%f12
+/* 0x027c */ faddd %f28,%f10,%f10
+/* 0x0280 */ std %f10,[%l3-48]
+/* 0x0284 */ fmuld %f26,%f20,%f10
+/* 0x0288 */ ble,pt %icc,.L900000642
+/* 0x028c */ faddd %f4,%f24,%f4
+ .L900000645:
+/* 0x0290 252 */ fmuld %f8,%f22,%f28
+/* 0x0294 */ ldd [%g2],%f24
+/* 0x0298 */ faddd %f0,%f4,%f26
+/* 0x029c */ fmuld %f12,%f20,%f8
+/* 0x02a0 */ add %l3,32,%l3
+/* 0x02a4 */ cmp %o1,%o7
+/* 0x02a8 */ fmuld %f14,%f20,%f14
+/* 0x02ac */ ldd [%l3-32],%f4
+/* 0x02b0 */ add %g2,8,%g2
+/* 0x02b4 */ faddd %f10,%f28,%f12
+/* 0x02b8 */ fmuld %f6,%f22,%f6
+/* 0x02bc */ ldd [%l3-16],%f0
+/* 0x02c0 */ fmuld %f24,%f22,%f10
+/* 0x02c4 */ std %f26,[%l3-64]
+/* 0x02c8 */ faddd %f2,%f12,%f2
+/* 0x02cc */ std %f2,[%l3-48]
+/* 0x02d0 */ faddd %f14,%f6,%f6
+/* 0x02d4 */ faddd %f8,%f10,%f2
+/* 0x02d8 */ faddd %f4,%f6,%f4
+/* 0x02dc */ std %f4,[%l3-32]
+/* 0x02e0 */ faddd %f0,%f2,%f0
+/* 0x02e4 */ bg,pn %icc,.L77000213
+/* 0x02e8 */ std %f0,[%l3-16]
+ .L77000284:
+/* 0x02ec 252 */ ldd [%o0],%f0
+ .L900000657:
+/* 0x02f0 252 */ ldd [%g2],%f4
+/* 0x02f4 */ fmuld %f0,%f20,%f2
+/* 0x02f8 */ add %o1,1,%o1
+/* 0x02fc */ ldd [%l3],%f0
+/* 0x0300 */ add %o0,8,%o0
+/* 0x0304 */ add %g2,8,%g2
+/* 0x0308 */ fmuld %f4,%f22,%f4
+/* 0x030c */ cmp %o1,%o7
+/* 0x0310 */ faddd %f2,%f4,%f2
+/* 0x0314 */ faddd %f0,%f2,%f0
+/* 0x0318 */ std %f0,[%l3]
+/* 0x031c */ add %l3,16,%l3
+/* 0x0320 */ ble,a,pt %icc,.L900000657
+/* 0x0324 */ ldd [%o0],%f0
+ .L77000213:
+/* 0x0328 */ srl %g4,31,%g2
+ .L900000658:
+/* 0x032c 254 */ cmp %l1,30
+/* 0x0330 */ bne,a,pt %icc,.L900000656
+/* 0x0334 */ fdtox %f18,%f0
+/* 0x0338 */ add %g4,%g2,%g2
+/* 0x033c */ sra %g2,1,%o0
+/* 0x0340 281 */ ldd [%l0],%f0
+/* 0x0344 */ sll %i5,1,%o2
+/* 0x0348 */ add %o0,1,%g2
+/* 0x034c */ sll %g2,1,%o0
+/* 0x0350 254 */ sub %o2,1,%o2
+/* 0x0354 281 */ fmovd %f0,%f2
+/* 0x0358 */ sll %g2,4,%o1
+/* 0x035c */ cmp %o0,%o3
+/* 0x0360 */ bge,pt %icc,.L77000215
+/* 0x0364 */ or %g0,0,%l1
+/* 0x0368 254 */ add %i1,%o1,%o1
+/* 0x036c 281 */ ldd [%o1],%f6
+ .L900000655:
+/* 0x0370 */ fdtox %f6,%f10
+/* 0x0374 */ ldd [%o1+8],%f4
+/* 0x0378 */ add %o0,2,%o0
+/* 0x037c */ ldd [%l0],%f12
+/* 0x0380 */ fdtox %f6,%f6
+/* 0x0384 */ cmp %o0,%o2
+/* 0x0388 */ fdtox %f4,%f8
+/* 0x038c */ fdtox %f4,%f4
+/* 0x0390 */ fmovs %f12,%f10
+/* 0x0394 */ fmovs %f12,%f8
+/* 0x0398 */ fxtod %f10,%f10
+/* 0x039c */ fxtod %f8,%f8
+/* 0x03a0 */ faddd %f10,%f2,%f2
+/* 0x03a4 */ std %f2,[%o1]
+/* 0x03a8 */ faddd %f8,%f0,%f0
+/* 0x03ac */ std %f0,[%o1+8]
+/* 0x03b0 */ add %o1,16,%o1
+/* 0x03b4 */ fitod %f6,%f2
+/* 0x03b8 */ fitod %f4,%f0
+/* 0x03bc */ ble,a,pt %icc,.L900000655
+/* 0x03c0 */ ldd [%o1],%f6
+ .L77000233:
+/* 0x03c4 */ or %g0,0,%l1
+ .L77000215:
+/* 0x03c8 */ fdtox %f18,%f0
+ .L900000656:
+/* 0x03cc */ ldd [%l0],%f6
+/* 0x03d0 256 */ add %g4,1,%g4
+/* 0x03d4 */ add %l2,8,%l2
+/* 0x03d8 */ ldd [%g5],%f2
+/* 0x03dc */ add %l1,1,%l1
+/* 0x03e0 */ add %o5,8,%o5
+/* 0x03e4 */ fmovs %f6,%f0
+/* 0x03e8 */ ldd [%g1],%f4
+/* 0x03ec */ cmp %g4,%g3
+/* 0x03f0 */ fxtod %f0,%f0
+/* 0x03f4 */ fmuld %f0,%f16,%f0
+/* 0x03f8 */ fmuld %f0,%f2,%f2
+/* 0x03fc */ fdtox %f2,%f2
+/* 0x0400 */ fxtod %f2,%f2
+/* 0x0404 */ fmuld %f2,%f4,%f2
+/* 0x0408 */ fsubd %f0,%f2,%f22
+/* 0x040c */ ble,a,pt %icc,.L900000654
+/* 0x0410 */ ldd [%i4],%f0
+ .L900000629:
+/* 0x0414 256 */ ba .L900000653
+/* 0x0418 */ sll %i0,4,%g2
+ .L77000279:
+/* 0x041c 261 */ ldd [%o2],%f6
+/* 0x0420 279 */ or %g0,%o0,%o4
+/* 0x0424 281 */ or %g0,0,%o3
+/* 0x0428 261 */ ldd [%i2],%f4
+/* 0x042c 273 */ std %f0,[%o0+8]
+/* 0x0430 */ std %f0,[%o0+16]
+/* 0x0434 261 */ fmuld %f4,%f6,%f4
+/* 0x0438 */ std %f4,[%o0]
+/* 0x043c 273 */ std %f0,[%o0+24]
+/* 0x0440 */ std %f0,[%o0+32]
+/* 0x0444 */ fdtox %f4,%f4
+/* 0x0448 */ std %f0,[%o0+40]
+/* 0x044c */ std %f0,[%o0+48]
+/* 0x0450 */ std %f0,[%o0+56]
+/* 0x0454 */ std %f0,[%o0+64]
+/* 0x0458 */ std %f0,[%o0+72]
+/* 0x045c */ std %f0,[%o0+80]
+/* 0x0460 */ std %f0,[%o0+88]
+/* 0x0464 */ std %f0,[%o0+96]
+/* 0x0468 */ std %f0,[%o0+104]
+/* 0x046c */ std %f0,[%o0+112]
+/* 0x0470 */ std %f0,[%o0+120]
+/* 0x0474 */ std %f0,[%o0+128]
+/* 0x0478 */ std %f0,[%o0+136]
+/* 0x047c */ std %f0,[%o0+144]
+/* 0x0480 */ std %f0,[%o0+152]
+/* 0x0484 */ std %f0,[%o0+160]
+/* 0x0488 */ std %f0,[%o0+168]
+/* 0x048c */ fmovs %f0,%f4
+/* 0x0490 */ std %f0,[%o0+176]
+/* 0x0494 281 */ or %g0,0,%o1
+/* 0x0498 273 */ std %f0,[%o0+184]
+/* 0x049c */ fxtod %f4,%f4
+/* 0x04a0 */ std %f0,[%o0+192]
+/* 0x04a4 */ std %f0,[%o0+200]
+/* 0x04a8 */ std %f0,[%o0+208]
+/* 0x04ac 278 */ fmuld %f4,%f2,%f2
+/* 0x04b0 273 */ std %f0,[%o0+216]
+/* 0x04b4 */ std %f0,[%o0+224]
+/* 0x04b8 */ std %f0,[%o0+232]
+/* 0x04bc */ std %f0,[%o0+240]
+/* 0x04c0 */ std %f0,[%o0+248]
+/* 0x04c4 */ std %f0,[%o0+256]
+/* 0x04c8 */ std %f0,[%o0+264]
+/* 0x04cc */ std %f0,[%o0+272]
+/* 0x04d0 */ std %f0,[%o0+280]
+/* 0x04d4 */ std %f0,[%o0+288]
+/* 0x04d8 */ std %f0,[%o0+296]
+/* 0x04dc */ std %f0,[%o0+304]
+/* 0x04e0 */ std %f0,[%o0+312]
+/* 0x04e4 */ std %f0,[%o0+320]
+/* 0x04e8 */ std %f0,[%o0+328]
+/* 0x04ec */ std %f0,[%o0+336]
+/* 0x04f0 */ std %f0,[%o0+344]
+/* 0x04f4 */ std %f0,[%o0+352]
+/* 0x04f8 */ std %f0,[%o0+360]
+/* 0x04fc */ std %f0,[%o0+368]
+/* 0x0500 */ std %f0,[%o0+376]
+/* 0x0504 */ std %f0,[%o0+384]
+/* 0x0508 */ std %f0,[%o0+392]
+/* 0x050c */ std %f0,[%o0+400]
+/* 0x0510 */ std %f0,[%o0+408]
+/* 0x0514 */ std %f0,[%o0+416]
+/* 0x0518 */ std %f0,[%o0+424]
+/* 0x051c */ std %f0,[%o0+432]
+/* 0x0520 */ std %f0,[%o0+440]
+/* 0x0524 */ std %f0,[%o0+448]
+/* 0x0528 */ std %f0,[%o0+456]
+/* 0x052c */ std %f0,[%o0+464]
+/* 0x0530 */ std %f0,[%o0+472]
+/* 0x0534 */ std %f0,[%o0+480]
+/* 0x0538 */ std %f0,[%o0+488]
+/* 0x053c */ std %f0,[%o0+496]
+/* 0x0540 */ std %f0,[%o0+504]
+/* 0x0544 */ std %f0,[%o0+512]
+/* 0x0548 */ std %f0,[%o0+520]
+/* 0x054c */ ldd [%g5],%f0
+/* 0x0550 */ ldd [%g1],%f8
+/* 0x0554 */ fmuld %f2,%f0,%f6
+/* 0x0558 275 */ ldd [%i4],%f4
+/* 0x055c 276 */ ldd [%i2],%f0
+/* 0x0560 */ fdtox %f6,%f6
+/* 0x0564 */ fxtod %f6,%f6
+/* 0x0568 */ fmuld %f6,%f8,%f6
+/* 0x056c */ fsubd %f2,%f6,%f2
+/* 0x0570 286 */ fmuld %f4,%f2,%f12
+
+! 282 ! {
+! 284 ! m2j=pdm2[j];
+! 285 ! a=pdtj[0]+pdn_0*digit;
+! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
+
+! 287 ! pdtj[1]=b;
+! 289 ! /**** this loop will be fully unrolled:
+! 290 ! for(i=1;i<16;i++)
+! 291 ! {
+! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+! 293 ! }
+! 294 ! *************************************/
+! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
+! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
+! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
+! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
+! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
+! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
+! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
+! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
+! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
+! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
+! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
+! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
+! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
+! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
+! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
+! 310 ! /* no need for cleenup, cannot overflow */
+! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
+
+ fmovd %f2,%f0 ! hand modified
+ fmovd %f16,%f18 ! hand modified
+ ldd [%i4],%f2
+ ldd [%o4],%f8
+ ldd [%i2],%f10
+ ldd [%g5],%f14 ! hand modified
+ ldd [%g1],%f16 ! hand modified
+ ldd [%i3],%f24
+
+ ldd [%i2+8],%f26
+ ldd [%i2+16],%f40
+ ldd [%i2+48],%f46
+ ldd [%i2+56],%f30
+ ldd [%i2+64],%f54
+ ldd [%i2+104],%f34
+ ldd [%i2+112],%f58
+
+ ldd [%i4+8],%f28
+ ldd [%i4+104],%f38
+ ldd [%i4+112],%f60
+
+ .L99999999: !1
+ ldd [%i2+24],%f32
+ fmuld %f0,%f2,%f4 !2
+ ldd [%i4+24],%f36
+ fmuld %f26,%f24,%f20 !3
+ ldd [%i2+40],%f42
+ fmuld %f28,%f0,%f22 !4
+ ldd [%i4+40],%f44
+ fmuld %f32,%f24,%f32 !5
+ ldd [%i3+8],%f6
+ faddd %f4,%f8,%f4
+ fmuld %f36,%f0,%f36 !6
+ add %i3,8,%i3
+ ldd [%i4+56],%f50
+ fmuld %f42,%f24,%f42 !7
+ ldd [%i2+72],%f52
+ faddd %f20,%f22,%f20
+ fmuld %f44,%f0,%f44 !8
+ ldd [%o4+16],%f22
+ fmuld %f10,%f6,%f12 !9
+ ldd [%i4+72],%f56
+ faddd %f32,%f36,%f32
+ fmuld %f14,%f4,%f4 !10
+ ldd [%o4+48],%f36
+ fmuld %f30,%f24,%f48 !11
+ ldd [%o4+8],%f8
+ faddd %f20,%f22,%f20
+ fmuld %f50,%f0,%f50 !12
+ std %f20,[%o4+16]
+ faddd %f42,%f44,%f42
+ fmuld %f52,%f24,%f52 !13
+ ldd [%o4+80],%f44
+ faddd %f4,%f12,%f4
+ fmuld %f56,%f0,%f56 !14
+ ldd [%i2+88],%f20
+ faddd %f32,%f36,%f32 !15
+ ldd [%i4+88],%f22
+ faddd %f48,%f50,%f48 !16
+ ldd [%o4+112],%f50
+ faddd %f52,%f56,%f52 !17
+ ldd [%o4+144],%f56
+ faddd %f4,%f8,%f8
+ fmuld %f20,%f24,%f20 !18
+ std %f32,[%o4+48]
+ faddd %f42,%f44,%f42
+ fmuld %f22,%f0,%f22 !19
+ std %f42,[%o4+80]
+ faddd %f48,%f50,%f48
+ fmuld %f34,%f24,%f32 !20
+ std %f48,[%o4+112]
+ faddd %f52,%f56,%f52
+ fmuld %f38,%f0,%f36 !21
+ ldd [%i2+120],%f42
+ fdtox %f8,%f4 !22
+ std %f52,[%o4+144]
+ faddd %f20,%f22,%f20 !23
+ ldd [%i4+120],%f44 !24
+ ldd [%o4+176],%f22
+ faddd %f32,%f36,%f32
+ fmuld %f42,%f24,%f42 !25
+ ldd [%i4+16],%f50
+ fmovs %f17,%f4 !26
+ ldd [%i2+32],%f52
+ fmuld %f44,%f0,%f44 !27
+ ldd [%i4+32],%f56
+ fmuld %f40,%f24,%f48 !28
+ ldd [%o4+208],%f36
+ faddd %f20,%f22,%f20
+ fmuld %f50,%f0,%f50 !29
+ std %f20,[%o4+176]
+ fxtod %f4,%f4
+ fmuld %f52,%f24,%f52 !30
+ ldd [%i4+48],%f22
+ faddd %f42,%f44,%f42
+ fmuld %f56,%f0,%f56 !31
+ ldd [%o4+240],%f44
+ faddd %f32,%f36,%f32 !32
+ std %f32,[%o4+208]
+ faddd %f48,%f50,%f48
+ fmuld %f46,%f24,%f20 !33
+ ldd [%o4+32],%f50
+ fmuld %f4,%f18,%f12 !34
+ ldd [%i4+64],%f36
+ faddd %f52,%f56,%f52
+ fmuld %f22,%f0,%f22 !35
+ ldd [%o4+64],%f56
+ faddd %f42,%f44,%f42 !36
+ std %f42,[%o4+240]
+ faddd %f48,%f50,%f48
+ fmuld %f54,%f24,%f32 !37
+ std %f48,[%o4+32]
+ fmuld %f12,%f14,%f4 !38
+ ldd [%i2+80],%f42
+ faddd %f52,%f56,%f56 ! yes, tmp52!
+ fmuld %f36,%f0,%f36 !39
+ ldd [%i4+80],%f44
+ faddd %f20,%f22,%f20 !40
+ ldd [%i2+96],%f48
+ fmuld %f58,%f24,%f52 !41
+ ldd [%i4+96],%f50
+ fdtox %f4,%f4
+ fmuld %f42,%f24,%f42 !42
+ std %f56,[%o4+64] ! yes, tmp52!
+ faddd %f32,%f36,%f32
+ fmuld %f44,%f0,%f44 !43
+ ldd [%o4+96],%f22
+ fmuld %f48,%f24,%f48 !44
+ ldd [%o4+128],%f36
+ fmovd %f6,%f24
+ fmuld %f50,%f0,%f50 !45
+ fxtod %f4,%f4
+ fmuld %f60,%f0,%f56 !46
+ add %o4,8,%o4
+ faddd %f42,%f44,%f42 !47
+ ldd [%o4+160-8],%f44
+ faddd %f20,%f22,%f20 !48
+ std %f20,[%o4+96-8]
+ faddd %f48,%f50,%f48 !49
+ ldd [%o4+192-8],%f50
+ faddd %f52,%f56,%f52
+ fmuld %f4,%f16,%f4 !50
+ ldd [%o4+224-8],%f56
+ faddd %f32,%f36,%f32 !51
+ std %f32,[%o4+128-8]
+ faddd %f42,%f44,%f42 !52
+ add %o3,1,%o3
+ std %f42,[%o4+160-8]
+ faddd %f48,%f50,%f48 !53
+ cmp %o3,31
+ std %f48,[%o4+192-8]
+ fsubd %f12,%f4,%f0 !54
+ faddd %f52,%f56,%f52
+ ble,pt %icc,.L99999999
+ std %f52,[%o4+224-8] !55
+ std %f8,[%o4]
+
+! 312 ! }
+! 313 ! }
+! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
+
+/* 0x07c8 315 */ sll %i0,4,%g2
+ .L900000653:
+/* 0x07cc 315 */ add %i1,%g2,%i1
+/* 0x07d0 242 */ ld [%fp+68],%o0
+/* 0x07d4 315 */ or %g0,0,%o4
+/* 0x07d8 */ ldd [%i1],%f0
+/* 0x07dc */ or %g0,0,%g5
+/* 0x07e0 */ cmp %i0,0
+/* 0x07e4 242 */ or %g0,%o0,%o3
+/* 0x07e8 311 */ sub %i0,1,%g1
+/* 0x07ec 315 */ fdtox %f0,%f0
+/* 0x07f0 */ std %f0,[%sp+120]
+/* 0x07f4 311 */ sethi %hi(0xfc00),%o1
+/* 0x07f8 */ add %g1,1,%g3
+/* 0x07fc */ or %g0,%o0,%g4
+/* 0x0800 315 */ ldd [%i1+8],%f0
+/* 0x0804 */ add %o1,1023,%o1
+/* 0x0808 */ fdtox %f0,%f0
+/* 0x080c */ std %f0,[%sp+112]
+/* 0x0810 */ ldx [%sp+112],%o5
+/* 0x0814 */ ldx [%sp+120],%o7
+/* 0x0818 */ ble,pt %icc,.L900000651
+/* 0x081c */ sethi %hi(0xfc00),%g2
+/* 0x0820 311 */ or %g0,-1,%g2
+/* 0x0824 315 */ cmp %g3,3
+/* 0x0828 311 */ srl %g2,0,%o2
+/* 0x082c 315 */ bl,pn %icc,.L77000287
+/* 0x0830 */ or %g0,%i1,%g2
+/* 0x0834 */ ldd [%i1+16],%f0
+/* 0x0838 */ and %o5,%o1,%o0
+/* 0x083c */ add %i1,16,%g2
+/* 0x0840 */ sllx %o0,16,%g3
+/* 0x0844 */ and %o7,%o2,%o0
+/* 0x0848 */ fdtox %f0,%f0
+/* 0x084c */ std %f0,[%sp+104]
+/* 0x0850 */ add %o0,%g3,%o4
+/* 0x0854 */ ldd [%i1+24],%f2
+/* 0x0858 */ srax %o5,16,%o0
+/* 0x085c */ add %o3,4,%g4
+/* 0x0860 */ stx %o0,[%sp+128]
+/* 0x0864 */ and %o4,%o2,%o0
+/* 0x0868 */ stx %o0,[%sp+112]
+/* 0x086c */ srax %o4,32,%o0
+/* 0x0870 */ fdtox %f2,%f0
+/* 0x0874 */ stx %o0,[%sp+136]
+/* 0x0878 */ srax %o7,32,%o4
+/* 0x087c */ std %f0,[%sp+96]
+/* 0x0880 */ ldx [%sp+128],%g5
+/* 0x0884 */ ldx [%sp+136],%o7
+/* 0x0888 */ ldx [%sp+104],%g3
+/* 0x088c */ add %g5,%o7,%o0
+/* 0x0890 */ or %g0,1,%g5
+/* 0x0894 */ ldx [%sp+112],%o7
+/* 0x0898 */ add %o4,%o0,%o4
+/* 0x089c */ ldx [%sp+96],%o5
+/* 0x08a0 */ st %o7,[%o3]
+/* 0x08a4 */ or %g0,%g3,%o7
+ .L900000634:
+/* 0x08a8 */ ldd [%g2+16],%f0
+/* 0x08ac */ add %g5,1,%g5
+/* 0x08b0 */ add %g4,4,%g4
+/* 0x08b4 */ cmp %g5,%g1
+/* 0x08b8 */ add %g2,16,%g2
+/* 0x08bc */ fdtox %f0,%f0
+/* 0x08c0 */ std %f0,[%sp+104]
+/* 0x08c4 */ ldd [%g2+8],%f0
+/* 0x08c8 */ fdtox %f0,%f0
+/* 0x08cc */ std %f0,[%sp+96]
+/* 0x08d0 */ and %o5,%o1,%g3
+/* 0x08d4 */ sllx %g3,16,%g3
+/* 0x08d8 */ stx %g3,[%sp+120]
+/* 0x08dc */ and %o7,%o2,%g3
+/* 0x08e0 */ stx %o7,[%sp+128]
+/* 0x08e4 */ ldx [%sp+120],%o7
+/* 0x08e8 */ add %g3,%o7,%g3
+/* 0x08ec */ ldx [%sp+128],%o7
+/* 0x08f0 */ srax %o5,16,%o5
+/* 0x08f4 */ add %g3,%o4,%g3
+/* 0x08f8 */ srax %g3,32,%o4
+/* 0x08fc */ stx %o4,[%sp+112]
+/* 0x0900 */ srax %o7,32,%o4
+/* 0x0904 */ ldx [%sp+112],%o7
+/* 0x0908 */ add %o5,%o7,%o7
+/* 0x090c */ ldx [%sp+96],%o5
+/* 0x0910 */ add %o4,%o7,%o4
+/* 0x0914 */ and %g3,%o2,%g3
+/* 0x0918 */ ldx [%sp+104],%o7
+/* 0x091c */ ble,pt %icc,.L900000634
+/* 0x0920 */ st %g3,[%g4-4]
+ .L900000637:
+/* 0x0924 */ ba .L900000651
+/* 0x0928 */ sethi %hi(0xfc00),%g2
+ .L77000287:
+/* 0x092c */ ldd [%g2+16],%f0
+ .L900000650:
+/* 0x0930 */ and %o7,%o2,%o0
+/* 0x0934 */ and %o5,%o1,%g3
+/* 0x0938 */ fdtox %f0,%f0
+/* 0x093c */ add %o4,%o0,%o0
+/* 0x0940 */ std %f0,[%sp+104]
+/* 0x0944 */ add %g5,1,%g5
+/* 0x0948 */ sllx %g3,16,%o4
+/* 0x094c */ ldd [%g2+24],%f2
+/* 0x0950 */ add %g2,16,%g2
+/* 0x0954 */ add %o0,%o4,%o4
+/* 0x0958 */ cmp %g5,%g1
+/* 0x095c */ srax %o5,16,%o0
+/* 0x0960 */ stx %o0,[%sp+112]
+/* 0x0964 */ and %o4,%o2,%g3
+/* 0x0968 */ srax %o4,32,%o5
+/* 0x096c */ fdtox %f2,%f0
+/* 0x0970 */ std %f0,[%sp+96]
+/* 0x0974 */ srax %o7,32,%o4
+/* 0x0978 */ ldx [%sp+112],%o7
+/* 0x097c */ add %o7,%o5,%o7
+/* 0x0980 */ ldx [%sp+104],%o5
+/* 0x0984 */ add %o4,%o7,%o4
+/* 0x0988 */ ldx [%sp+96],%o0
+/* 0x098c */ st %g3,[%g4]
+/* 0x0990 */ or %g0,%o5,%o7
+/* 0x0994 */ add %g4,4,%g4
+/* 0x0998 */ or %g0,%o0,%o5
+/* 0x099c */ ble,a,pt %icc,.L900000650
+/* 0x09a0 */ ldd [%g2+16],%f0
+ .L77000236:
+/* 0x09a4 */ sethi %hi(0xfc00),%g2
+ .L900000651:
+/* 0x09a8 */ or %g0,-1,%o0
+/* 0x09ac */ add %g2,1023,%g2
+/* 0x09b0 */ ld [%fp+88],%o1
+/* 0x09b4 */ srl %o0,0,%g3
+/* 0x09b8 */ and %o5,%g2,%g2
+/* 0x09bc */ and %o7,%g3,%g4
+
+! 317 ! adjust_montf_result(result,nint,nlen);
+
+/* 0x09c0 317 */ or %g0,-1,%o5
+/* 0x09c4 311 */ sllx %g2,16,%g2
+/* 0x09c8 */ add %o4,%g4,%g4
+/* 0x09cc */ add %g4,%g2,%g2
+/* 0x09d0 */ sll %g5,2,%g4
+/* 0x09d4 */ and %g2,%g3,%g2
+/* 0x09d8 */ st %g2,[%o3+%g4]
+/* 0x09dc 317 */ sll %i0,2,%g2
+/* 0x09e0 */ ld [%o3+%g2],%g2
+/* 0x09e4 */ cmp %g2,0
+/* 0x09e8 */ bleu,pn %icc,.L77000241
+/* 0x09ec */ or %g0,%o1,%o2
+/* 0x09f0 */ ba .L900000649
+/* 0x09f4 */ cmp %o5,0
+ .L77000241:
+/* 0x09f8 */ sub %i0,1,%o5
+/* 0x09fc */ sll %o5,2,%g2
+/* 0x0a00 */ cmp %o5,0
+/* 0x0a04 */ bl,pt %icc,.L900000649
+/* 0x0a08 */ cmp %o5,0
+/* 0x0a0c */ add %o1,%g2,%o1
+/* 0x0a10 */ add %o3,%g2,%o4
+/* 0x0a14 */ ld [%o1],%g2
+ .L900000648:
+/* 0x0a18 */ ld [%o4],%g3
+/* 0x0a1c */ sub %o5,1,%o0
+/* 0x0a20 */ sub %o1,4,%o1
+/* 0x0a24 */ sub %o4,4,%o4
+/* 0x0a28 */ cmp %g3,%g2
+/* 0x0a2c */ bne,pn %icc,.L77000244
+/* 0x0a30 */ nop
+/* 0x0a34 0 */ or %g0,%o0,%o5
+/* 0x0a38 317 */ cmp %o0,0
+/* 0x0a3c */ bge,a,pt %icc,.L900000648
+/* 0x0a40 */ ld [%o1],%g2
+ .L77000244:
+/* 0x0a44 */ cmp %o5,0
+ .L900000649:
+/* 0x0a48 */ bl,pn %icc,.L77000288
+/* 0x0a4c */ sll %o5,2,%g2
+/* 0x0a50 */ ld [%o2+%g2],%g3
+/* 0x0a54 */ ld [%o3+%g2],%g2
+/* 0x0a58 */ cmp %g2,%g3
+/* 0x0a5c */ bleu,pt %icc,.L77000224
+/* 0x0a60 */ nop
+ .L77000288:
+/* 0x0a64 */ cmp %i0,0
+/* 0x0a68 */ ble,pt %icc,.L77000224
+/* 0x0a6c */ nop
+/* 0x0a70 317 */ sub %i0,1,%o7
+/* 0x0a74 */ or %g0,-1,%g2
+/* 0x0a78 */ srl %g2,0,%o4
+/* 0x0a7c */ add %o7,1,%o0
+/* 0x0a80 315 */ or %g0,0,%o5
+/* 0x0a84 */ or %g0,0,%g1
+/* 0x0a88 */ cmp %o0,3
+/* 0x0a8c */ bl,pn %icc,.L77000289
+/* 0x0a90 */ add %o3,8,%o1
+/* 0x0a94 */ add %o2,4,%o0
+/* 0x0a98 */ ld [%o1-8],%g2
+/* 0x0a9c 0 */ or %g0,%o1,%o3
+/* 0x0aa0 315 */ ld [%o0-4],%g3
+/* 0x0aa4 0 */ or %g0,%o0,%o2
+/* 0x0aa8 315 */ or %g0,2,%g1
+/* 0x0aac */ ld [%o3-4],%o0
+/* 0x0ab0 */ sub %g2,%g3,%g2
+/* 0x0ab4 */ or %g0,%g2,%o5
+/* 0x0ab8 */ and %g2,%o4,%g2
+/* 0x0abc */ st %g2,[%o3-8]
+/* 0x0ac0 */ srax %o5,32,%o5
+ .L900000638:
+/* 0x0ac4 */ ld [%o2],%g2
+/* 0x0ac8 */ add %g1,1,%g1
+/* 0x0acc */ add %o2,4,%o2
+/* 0x0ad0 */ cmp %g1,%o7
+/* 0x0ad4 */ add %o3,4,%o3
+/* 0x0ad8 */ sub %o0,%g2,%o0
+/* 0x0adc */ add %o0,%o5,%o5
+/* 0x0ae0 */ and %o5,%o4,%g2
+/* 0x0ae4 */ ld [%o3-4],%o0
+/* 0x0ae8 */ st %g2,[%o3-8]
+/* 0x0aec */ ble,pt %icc,.L900000638
+/* 0x0af0 */ srax %o5,32,%o5
+ .L900000641:
+/* 0x0af4 */ ld [%o2],%o1
+/* 0x0af8 */ sub %o0,%o1,%o0
+/* 0x0afc */ add %o0,%o5,%o0
+/* 0x0b00 */ and %o0,%o4,%o1
+/* 0x0b04 */ st %o1,[%o3-4]
+/* 0x0b08 */ ret ! Result =
+/* 0x0b0c */ restore %g0,%g0,%g0
+ .L77000289:
+/* 0x0b10 */ ld [%o3],%o0
+ .L900000647:
+/* 0x0b14 */ ld [%o2],%o1
+/* 0x0b18 */ add %o5,%o0,%o0
+/* 0x0b1c */ add %g1,1,%g1
+/* 0x0b20 */ add %o2,4,%o2
+/* 0x0b24 */ cmp %g1,%o7
+/* 0x0b28 */ sub %o0,%o1,%o0
+/* 0x0b2c */ and %o0,%o4,%o1
+/* 0x0b30 */ st %o1,[%o3]
+/* 0x0b34 */ add %o3,4,%o3
+/* 0x0b38 */ srax %o0,32,%o5
+/* 0x0b3c */ ble,a,pt %icc,.L900000647
+/* 0x0b40 */ ld [%o3],%o0
+ .L77000224:
+/* 0x0b44 */ ret ! Result =
+/* 0x0b48 */ restore %g0,%g0,%g0
+/* 0x0b4c 0 */ .type mont_mulf_noconv,2
+/* 0x0b4c */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
+
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.il b/security/nss/lib/freebl/mpi/montmulfv9.il
new file mode 100644
index 000000000..006f47431
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulfv9.il
@@ -0,0 +1,93 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+!
+! double upper32(double /*frs1*/);
+!
+ .inline upper32,8
+ fdtox %f0,%f10
+ fitod %f10,%f0
+ .end
+
+!
+! double lower32(double /*frs1*/, double /* Zero */);
+!
+ .inline lower32,8
+ fdtox %f0,%f10
+ fmovs %f2,%f10
+ fxtod %f10,%f0
+ .end
+
+!
+! double mod(double /*x*/, double /*1/m*/, double /*m*/);
+!
+ .inline mod,12
+ fmuld %f0,%f2,%f2
+ fdtox %f2,%f2
+ fxtod %f2,%f2
+ fmuld %f2,%f4,%f2
+ fsubd %f0,%f2,%f0
+ .end
+
+
+!
+! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
+! double * /* 0 */,
+! double * /*result16*/, double * /* result32 */
+! float * /*source - should be unsigned int*
+! converted to float* */);
+!
+ .inline i16_to_d16_and_d32x4,24
+ ldd [%o0],%f2 ! 1/(2^16)
+ ldd [%o1],%f4 ! 2^16
+ ldd [%o2],%f22
+
+ fmovd %f22,%f6
+ ld [%o5],%f7
+ fmovd %f22,%f10
+ ld [%o5+4],%f11
+ fmovd %f22,%f14
+ ld [%o5+8],%f15
+ fmovd %f22,%f18
+ ld [%o5+12],%f19
+ fxtod %f6,%f6
+ std %f6,[%o4]
+ fxtod %f10,%f10
+ std %f10,[%o4+8]
+ fxtod %f14,%f14
+ std %f14,[%o4+16]
+ fxtod %f18,%f18
+ std %f18,[%o4+24]
+ fmuld %f2,%f6,%f8
+ fmuld %f2,%f10,%f12
+ fmuld %f2,%f14,%f16
+ fmuld %f2,%f18,%f20
+ fdtox %f8,%f8
+ fdtox %f12,%f12
+ fdtox %f16,%f16
+ fdtox %f20,%f20
+ fxtod %f8,%f8
+ std %f8,[%o3+8]
+ fxtod %f12,%f12
+ std %f12,[%o3+24]
+ fxtod %f16,%f16
+ std %f16,[%o3+40]
+ fxtod %f20,%f20
+ std %f20,[%o3+56]
+ fmuld %f8,%f4,%f8
+ fmuld %f12,%f4,%f12
+ fmuld %f16,%f4,%f16
+ fmuld %f20,%f4,%f20
+ fsubd %f6,%f8,%f8
+ std %f8,[%o3]
+ fsubd %f10,%f12,%f12
+ std %f12,[%o3+16]
+ fsubd %f14,%f16,%f16
+ std %f16,[%o3+32]
+ fsubd %f18,%f20,%f20
+ std %f20,[%o3+48]
+ .end
+
+
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.s b/security/nss/lib/freebl/mpi/montmulfv9.s
new file mode 100644
index 000000000..560e47f7b
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/montmulfv9.s
@@ -0,0 +1,2346 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .section ".text",#alloc,#execinstr
+ .file "montmulf.c"
+
+ .section ".rodata",#alloc
+ .global TwoTo16
+ .align 8
+!
+! CONSTANT POOL
+!
+ .global TwoTo16
+TwoTo16:
+ .word 1089470464
+ .word 0
+ .type TwoTo16,#object
+ .size TwoTo16,8
+ .global TwoToMinus16
+!
+! CONSTANT POOL
+!
+ .global TwoToMinus16
+TwoToMinus16:
+ .word 1055916032
+ .word 0
+ .type TwoToMinus16,#object
+ .size TwoToMinus16,8
+ .global Zero
+!
+! CONSTANT POOL
+!
+ .global Zero
+Zero:
+ .word 0
+ .word 0
+ .type Zero,#object
+ .size Zero,8
+ .global TwoTo32
+!
+! CONSTANT POOL
+!
+ .global TwoTo32
+TwoTo32:
+ .word 1106247680
+ .word 0
+ .type TwoTo32,#object
+ .size TwoTo32,8
+ .global TwoToMinus32
+!
+! CONSTANT POOL
+!
+ .global TwoToMinus32
+TwoToMinus32:
+ .word 1039138816
+ .word 0
+ .type TwoToMinus32,#object
+ .size TwoToMinus32,8
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .register %g3,#scratch
+/* 000000 */ .register %g2,#scratch
+/* 000000 0 */ .align 8
+!
+! SUBROUTINE conv_d16_to_i32
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_d16_to_i32
+ conv_d16_to_i32:
+/* 000000 */ save %sp,-208,%sp
+! FILE montmulf.c
+
+! 1 !/*
+! 2 ! * The contents of this file are subject to the Mozilla Public
+! 3 ! * License Version 1.1 (the "License"); you may not use this file
+! 4 ! * except in compliance with the License. You may obtain a copy of
+! 5 ! * the License at http://www.mozilla.org/MPL/
+! 6 ! *
+! 7 ! * Software distributed under the License is distributed on an "AS
+! 8 ! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+! 9 ! * implied. See the License for the specific language governing
+! 10 ! * rights and limitations under the License.
+! 11 ! *
+! 12 ! * The Original Code is SPARC optimized Montgomery multiply functions.
+! 13 ! *
+! 14 ! * The Initial Developer of the Original Code is Sun Microsystems Inc.
+! 15 ! * Portions created by Sun Microsystems Inc. are
+! 16 ! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
+! 17 ! *
+! 18 ! * Contributor(s):
+! 19 ! * Netscape Communications Corporation
+! 20 ! *
+! 21 ! * Alternatively, the contents of this file may be used under the
+! 22 ! * terms of the GNU General Public License Version 2 or later (the
+! 23 ! * "GPL"), in which case the provisions of the GPL are applicable
+! 24 ! * instead of those above. If you wish to allow use of your
+! 25 ! * version of this file only under the terms of the GPL and not to
+! 26 ! * allow others to use your version of this file under the MPL,
+! 27 ! * indicate your decision by deleting the provisions above and
+! 28 ! * replace them with the notice and other provisions required by
+! 29 ! * the GPL. If you do not delete the provisions above, a recipient
+! 30 ! * may use your version of this file under either the MPL or the
+! 31 ! * GPL.
+! 34 ! */
+! 36 !#define RF_INLINE_MACROS
+! 38 !static const double TwoTo16=65536.0;
+! 39 !static const double TwoToMinus16=1.0/65536.0;
+! 40 !static const double Zero=0.0;
+! 41 !static const double TwoTo32=65536.0*65536.0;
+! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0);
+! 44 !#ifdef RF_INLINE_MACROS
+! 46 !double upper32(double);
+! 47 !double lower32(double, double);
+! 48 !double mod(double, double, double);
+! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
+! 51 ! const double * /* 2^16*/,
+! 52 ! const double * /* 0 */,
+! 53 ! double * /*result16*/,
+! 54 ! double * /* result32 */,
+! 55 ! float * /*source - should be unsigned int*
+! 56 ! converted to float* */);
+! 58 !#else
+! 60 !static double upper32(double x)
+! 61 !{
+! 62 ! return floor(x*TwoToMinus32);
+! 63 !}
+! 65 !static double lower32(double x, double y)
+! 66 !{
+! 67 ! return x-TwoTo32*floor(x*TwoToMinus32);
+! 68 !}
+! 70 !static double mod(double x, double oneoverm, double m)
+! 71 !{
+! 72 ! return x-m*floor(x*oneoverm);
+! 73 !}
+! 75 !#endif
+! 78 !static void cleanup(double *dt, int from, int tlen)
+! 79 !{
+! 80 ! int i;
+! 81 ! double tmp,tmp1,x,x1;
+! 83 ! tmp=tmp1=Zero;
+! 84 ! /* original code **
+! 85 ! for(i=2*from;i<2*tlen-2;i++)
+! 86 ! {
+! 87 ! x=dt[i];
+! 88 ! dt[i]=lower32(x,Zero)+tmp1;
+! 89 ! tmp1=tmp;
+! 90 ! tmp=upper32(x);
+! 91 ! }
+! 92 ! dt[tlen-2]+=tmp1;
+! 93 ! dt[tlen-1]+=tmp;
+! 94 ! **end original code ***/
+! 95 ! /* new code ***/
+! 96 ! for(i=2*from;i<2*tlen;i+=2)
+! 97 ! {
+! 98 ! x=dt[i];
+! 99 ! x1=dt[i+1];
+! 100 ! dt[i]=lower32(x,Zero)+tmp;
+! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1;
+! 102 ! tmp=upper32(x);
+! 103 ! tmp1=upper32(x1);
+! 104 ! }
+! 105 ! /** end new code **/
+! 106 !}
+! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
+! 110 !{
+! 111 !int i;
+! 112 !long long t, t1, a, b, c, d;
+! 114 ! t1=0;
+! 115 ! a=(long long)d16[0];
+
+/* 0x0004 115 */ ldd [%i1],%f2
+
+! 116 ! b=(long long)d16[1];
+! 117 ! for(i=0; i<ilen-1; i++)
+
+/* 0x0008 117 */ sub %i3,1,%o1
+/* 0x000c 110 */ or %g0,%i0,%g1
+/* 0x0010 116 */ ldd [%i1+8],%f4
+/* 0x0014 117 */ cmp %o1,0
+/* 0x0018 114 */ or %g0,0,%g5
+/* 0x001c 115 */ fdtox %f2,%f2
+/* 0x0020 */ std %f2,[%sp+2247]
+/* 0x0024 117 */ or %g0,0,%o0
+/* 0x0028 116 */ fdtox %f4,%f2
+/* 0x002c */ std %f2,[%sp+2239]
+/* 0x0030 110 */ sub %o1,1,%o7
+/* 0x0034 */ or %g0,%i1,%o4
+/* 0x0038 */ sethi %hi(0xfc00),%o3
+/* 0x003c */ or %g0,-1,%o1
+/* 0x0040 */ or %g0,2,%i1
+/* 0x0044 */ srl %o1,0,%g3
+/* 0x0048 */ or %g0,%o4,%g4
+/* 0x004c 116 */ ldx [%sp+2239],%i2
+/* 0x0050 */ add %o3,1023,%o5
+/* 0x0054 117 */ sub %o7,1,%o2
+/* 0x0058 115 */ ldx [%sp+2247],%i3
+/* 0x005c 117 */ ble,pt %icc,.L900000113
+/* 0x0060 */ sethi %hi(0xfc00),%g2
+/* 0x0064 */ add %o7,1,%g2
+
+! 118 ! {
+! 119 ! c=(long long)d16[2*i+2];
+! 120 ! t1+=a&0xffffffff;
+! 121 ! t=(a>>32);
+! 122 ! d=(long long)d16[2*i+3];
+! 123 ! t1+=(b&0xffff)<<16;
+
+/* 0x0068 123 */ and %i2,%o5,%i4
+/* 0x006c */ sllx %i4,16,%o1
+/* 0x0070 117 */ cmp %g2,6
+/* 0x0074 */ bl,pn %icc,.L77000134
+/* 0x0078 */ or %g0,3,%i0
+/* 0x007c 119 */ ldd [%o4+16],%f0
+/* 0x0080 120 */ and %i3,%g3,%o3
+
+! 124 ! t+=(b>>16)+(t1>>32);
+
+/* 0x0084 124 */ srax %i2,16,%i5
+/* 0x0088 117 */ add %o3,%o1,%i4
+/* 0x008c 121 */ srax %i3,32,%i3
+/* 0x0090 119 */ fdtox %f0,%f0
+/* 0x0094 */ std %f0,[%sp+2231]
+
+! 125 ! i32[i]=t1&0xffffffff;
+
+/* 0x0098 125 */ and %i4,%g3,%l0
+/* 0x009c 117 */ or %g0,72,%o3
+/* 0x00a0 122 */ ldd [%g4+24],%f0
+/* 0x00a4 117 */ or %g0,64,%o4
+/* 0x00a8 */ or %g0,4,%o1
+
+! 126 ! t1=t;
+! 127 ! a=c;
+! 128 ! b=d;
+
+/* 0x00ac 128 */ or %g0,5,%i0
+/* 0x00b0 */ or %g0,4,%i1
+/* 0x00b4 119 */ ldx [%sp+2231],%g2
+/* 0x00b8 122 */ fdtox %f0,%f0
+/* 0x00bc 128 */ or %g0,4,%o0
+/* 0x00c0 122 */ std %f0,[%sp+2223]
+/* 0x00c4 */ ldd [%g4+40],%f2
+/* 0x00c8 120 */ and %g2,%g3,%i2
+/* 0x00cc 119 */ ldd [%g4+32],%f0
+/* 0x00d0 121 */ srax %g2,32,%g2
+/* 0x00d4 122 */ ldd [%g4+56],%f4
+/* 0x00d8 */ fdtox %f2,%f2
+/* 0x00dc */ ldx [%sp+2223],%g5
+/* 0x00e0 119 */ fdtox %f0,%f0
+/* 0x00e4 125 */ st %l0,[%g1]
+/* 0x00e8 124 */ srax %i4,32,%l0
+/* 0x00ec 122 */ fdtox %f4,%f4
+/* 0x00f0 */ std %f2,[%sp+2223]
+/* 0x00f4 123 */ and %g5,%o5,%i4
+/* 0x00f8 124 */ add %i5,%l0,%i5
+/* 0x00fc 119 */ std %f0,[%sp+2231]
+/* 0x0100 123 */ sllx %i4,16,%i4
+/* 0x0104 124 */ add %i3,%i5,%i3
+/* 0x0108 119 */ ldd [%g4+48],%f2
+/* 0x010c 124 */ srax %g5,16,%g5
+/* 0x0110 117 */ add %i2,%i4,%i2
+/* 0x0114 122 */ ldd [%g4+72],%f0
+/* 0x0118 117 */ add %i2,%i3,%i4
+/* 0x011c 124 */ srax %i4,32,%i5
+/* 0x0120 119 */ fdtox %f2,%f2
+/* 0x0124 125 */ and %i4,%g3,%i4
+/* 0x0128 122 */ ldx [%sp+2223],%i2
+/* 0x012c 124 */ add %g5,%i5,%g5
+/* 0x0130 119 */ ldx [%sp+2231],%i3
+/* 0x0134 124 */ add %g2,%g5,%g5
+/* 0x0138 119 */ std %f2,[%sp+2231]
+/* 0x013c 122 */ std %f4,[%sp+2223]
+/* 0x0140 119 */ ldd [%g4+64],%f2
+/* 0x0144 125 */ st %i4,[%g1+4]
+ .L900000108:
+/* 0x0148 122 */ ldx [%sp+2223],%i4
+/* 0x014c 128 */ add %o0,2,%o0
+/* 0x0150 */ add %i0,4,%i0
+/* 0x0154 119 */ ldx [%sp+2231],%l0
+/* 0x0158 117 */ add %o3,16,%o3
+/* 0x015c 123 */ and %i2,%o5,%g2
+/* 0x0160 */ sllx %g2,16,%i5
+/* 0x0164 120 */ and %i3,%g3,%g2
+/* 0x0168 122 */ ldd [%g4+%o3],%f4
+/* 0x016c */ fdtox %f0,%f0
+/* 0x0170 */ std %f0,[%sp+2223]
+/* 0x0174 124 */ srax %i2,16,%i2
+/* 0x0178 117 */ add %g2,%i5,%g2
+/* 0x017c 119 */ fdtox %f2,%f0
+/* 0x0180 117 */ add %o4,16,%o4
+/* 0x0184 119 */ std %f0,[%sp+2231]
+/* 0x0188 117 */ add %g2,%g5,%g2
+/* 0x018c 119 */ ldd [%g4+%o4],%f2
+/* 0x0190 124 */ srax %g2,32,%i5
+/* 0x0194 128 */ cmp %o0,%o2
+/* 0x0198 121 */ srax %i3,32,%g5
+/* 0x019c 124 */ add %i2,%i5,%i2
+/* 0x01a0 */ add %g5,%i2,%i5
+/* 0x01a4 117 */ add %o1,4,%o1
+/* 0x01a8 125 */ and %g2,%g3,%g2
+/* 0x01ac 127 */ or %g0,%l0,%g5
+/* 0x01b0 125 */ st %g2,[%g1+%o1]
+/* 0x01b4 128 */ add %i1,4,%i1
+/* 0x01b8 122 */ ldx [%sp+2223],%i2
+/* 0x01bc 119 */ ldx [%sp+2231],%i3
+/* 0x01c0 117 */ add %o3,16,%o3
+/* 0x01c4 123 */ and %i4,%o5,%g2
+/* 0x01c8 */ sllx %g2,16,%l0
+/* 0x01cc 120 */ and %g5,%g3,%g2
+/* 0x01d0 122 */ ldd [%g4+%o3],%f0
+/* 0x01d4 */ fdtox %f4,%f4
+/* 0x01d8 */ std %f4,[%sp+2223]
+/* 0x01dc 124 */ srax %i4,16,%i4
+/* 0x01e0 117 */ add %g2,%l0,%g2
+/* 0x01e4 119 */ fdtox %f2,%f2
+/* 0x01e8 117 */ add %o4,16,%o4
+/* 0x01ec 119 */ std %f2,[%sp+2231]
+/* 0x01f0 117 */ add %g2,%i5,%g2
+/* 0x01f4 119 */ ldd [%g4+%o4],%f2
+/* 0x01f8 124 */ srax %g2,32,%i5
+/* 0x01fc 121 */ srax %g5,32,%g5
+/* 0x0200 124 */ add %i4,%i5,%i4
+/* 0x0204 */ add %g5,%i4,%g5
+/* 0x0208 117 */ add %o1,4,%o1
+/* 0x020c 125 */ and %g2,%g3,%g2
+/* 0x0210 128 */ ble,pt %icc,.L900000108
+/* 0x0214 */ st %g2,[%g1+%o1]
+ .L900000111:
+/* 0x0218 122 */ ldx [%sp+2223],%o2
+/* 0x021c 123 */ and %i2,%o5,%i4
+/* 0x0220 120 */ and %i3,%g3,%g2
+/* 0x0224 123 */ sllx %i4,16,%i4
+/* 0x0228 119 */ ldx [%sp+2231],%i5
+/* 0x022c 128 */ cmp %o0,%o7
+/* 0x0230 124 */ srax %i2,16,%i2
+/* 0x0234 117 */ add %g2,%i4,%g2
+/* 0x0238 122 */ fdtox %f0,%f4
+/* 0x023c */ std %f4,[%sp+2223]
+/* 0x0240 117 */ add %g2,%g5,%g5
+/* 0x0244 123 */ and %o2,%o5,%l0
+/* 0x0248 124 */ srax %g5,32,%l1
+/* 0x024c 120 */ and %i5,%g3,%i4
+/* 0x0250 119 */ fdtox %f2,%f0
+/* 0x0254 121 */ srax %i3,32,%g2
+/* 0x0258 119 */ std %f0,[%sp+2231]
+/* 0x025c 124 */ add %i2,%l1,%i2
+/* 0x0260 123 */ sllx %l0,16,%i3
+/* 0x0264 124 */ add %g2,%i2,%i2
+/* 0x0268 */ srax %o2,16,%o2
+/* 0x026c 117 */ add %o1,4,%g2
+/* 0x0270 */ add %i4,%i3,%o1
+/* 0x0274 125 */ and %g5,%g3,%g5
+/* 0x0278 */ st %g5,[%g1+%g2]
+/* 0x027c 119 */ ldx [%sp+2231],%i3
+/* 0x0280 117 */ add %o1,%i2,%o1
+/* 0x0284 */ add %g2,4,%g2
+/* 0x0288 124 */ srax %o1,32,%i4
+/* 0x028c 122 */ ldx [%sp+2223],%i2
+/* 0x0290 125 */ and %o1,%g3,%g5
+/* 0x0294 121 */ srax %i5,32,%o1
+/* 0x0298 124 */ add %o2,%i4,%o2
+/* 0x029c 125 */ st %g5,[%g1+%g2]
+/* 0x02a0 128 */ bg,pn %icc,.L77000127
+/* 0x02a4 */ add %o1,%o2,%g5
+/* 0x02a8 */ add %i0,6,%i0
+/* 0x02ac */ add %i1,6,%i1
+ .L77000134:
+/* 0x02b0 119 */ sra %i1,0,%o2
+ .L900000112:
+/* 0x02b4 119 */ sllx %o2,3,%o3
+/* 0x02b8 120 */ and %i3,%g3,%o1
+/* 0x02bc 119 */ ldd [%g4+%o3],%f0
+/* 0x02c0 122 */ sra %i0,0,%o3
+/* 0x02c4 123 */ and %i2,%o5,%o2
+/* 0x02c8 122 */ sllx %o3,3,%o3
+/* 0x02cc 120 */ add %g5,%o1,%o1
+/* 0x02d0 119 */ fdtox %f0,%f0
+/* 0x02d4 */ std %f0,[%sp+2231]
+/* 0x02d8 123 */ sllx %o2,16,%o2
+/* 0x02dc */ add %o1,%o2,%o2
+/* 0x02e0 128 */ add %i1,2,%i1
+/* 0x02e4 122 */ ldd [%g4+%o3],%f0
+/* 0x02e8 124 */ srax %o2,32,%g2
+/* 0x02ec 125 */ and %o2,%g3,%o3
+/* 0x02f0 124 */ srax %i2,16,%o1
+/* 0x02f4 128 */ add %i0,2,%i0
+/* 0x02f8 122 */ fdtox %f0,%f0
+/* 0x02fc */ std %f0,[%sp+2223]
+/* 0x0300 125 */ sra %o0,0,%o2
+/* 0x0304 */ sllx %o2,2,%o2
+/* 0x0308 124 */ add %o1,%g2,%g5
+/* 0x030c 121 */ srax %i3,32,%g2
+/* 0x0310 128 */ add %o0,1,%o0
+/* 0x0314 124 */ add %g2,%g5,%g5
+/* 0x0318 128 */ cmp %o0,%o7
+/* 0x031c 119 */ ldx [%sp+2231],%o4
+/* 0x0320 122 */ ldx [%sp+2223],%i2
+/* 0x0324 125 */ st %o3,[%g1+%o2]
+/* 0x0328 127 */ or %g0,%o4,%i3
+/* 0x032c 128 */ ble,pt %icc,.L900000112
+/* 0x0330 */ sra %i1,0,%o2
+ .L77000127:
+
+! 129 ! }
+! 130 ! t1+=a&0xffffffff;
+! 131 ! t=(a>>32);
+! 132 ! t1+=(b&0xffff)<<16;
+! 133 ! i32[i]=t1&0xffffffff;
+
+/* 0x0334 133 */ sethi %hi(0xfc00),%g2
+ .L900000113:
+/* 0x0338 133 */ or %g0,-1,%g3
+/* 0x033c */ add %g2,1023,%g2
+/* 0x0340 */ srl %g3,0,%g3
+/* 0x0344 */ and %i2,%g2,%g2
+/* 0x0348 */ and %i3,%g3,%g4
+/* 0x034c */ sllx %g2,16,%g2
+/* 0x0350 */ add %g5,%g4,%g4
+/* 0x0354 */ sra %o0,0,%g5
+/* 0x0358 */ add %g4,%g2,%g4
+/* 0x035c */ sllx %g5,2,%g2
+/* 0x0360 */ and %g4,%g3,%g3
+/* 0x0364 */ st %g3,[%g1+%g2]
+/* 0x0368 */ ret ! Result =
+/* 0x036c */ restore %g0,%g0,%g0
+/* 0x0370 0 */ .type conv_d16_to_i32,2
+/* 0x0370 */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000201:
+/* 000000 0 */ .word 1127219200,0
+/* 0x0008 0 */ .align 8
+/* 0x0008 */ .skip 24
+!
+! SUBROUTINE conv_i32_to_d32
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_i32_to_d32
+ conv_i32_to_d32:
+/* 000000 */ or %g0,%o7,%g3
+
+! 135 !}
+! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
+! 138 !{
+! 139 !int i;
+! 141 !#pragma pipeloop(0)
+! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
+
+/* 0x0004 142 */ cmp %o2,0
+ .L900000210:
+/* 0x0008 */ call .+8
+/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
+/* 0x0010 142 */ or %g0,0,%o3
+/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
+/* 0x0018 142 */ sub %o2,1,%o4
+/* 0x001c 138 */ add %g4,%o7,%g1
+/* 0x0020 142 */ ble,pt %icc,.L77000140
+/* 0x0024 */ or %g0,%g3,%o7
+/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g3
+/* 0x002c */ cmp %o2,12
+/* 0x0030 */ add %g3,%lo(.L_const_seg_900000201),%g2
+/* 0x0034 */ or %g0,%o1,%g5
+/* 0x0038 */ ldx [%g1+%g2],%g4
+/* 0x003c */ or %g0,0,%g1
+/* 0x0040 */ or %g0,24,%g2
+/* 0x0044 */ bl,pn %icc,.L77000144
+/* 0x0048 */ or %g0,0,%g3
+/* 0x004c */ ld [%o1],%f13
+/* 0x0050 */ or %g0,7,%o3
+/* 0x0054 */ ldd [%g4],%f8
+/* 0x0058 */ sub %o2,5,%g3
+/* 0x005c */ or %g0,8,%g1
+/* 0x0060 */ ld [%o1+4],%f11
+/* 0x0064 */ ld [%o1+8],%f7
+/* 0x0068 */ fmovs %f8,%f12
+/* 0x006c */ ld [%o1+12],%f5
+/* 0x0070 */ fmovs %f8,%f10
+/* 0x0074 */ ld [%o1+16],%f3
+/* 0x0078 */ fmovs %f8,%f6
+/* 0x007c */ ld [%o1+20],%f1
+/* 0x0080 */ fsubd %f12,%f8,%f12
+/* 0x0084 */ std %f12,[%o0]
+/* 0x0088 */ fsubd %f10,%f8,%f10
+/* 0x008c */ std %f10,[%o0+8]
+ .L900000205:
+/* 0x0090 */ ld [%o1+%g2],%f11
+/* 0x0094 */ add %g1,8,%g1
+/* 0x0098 */ add %o3,5,%o3
+/* 0x009c */ fsubd %f6,%f8,%f6
+/* 0x00a0 */ add %g2,4,%g2
+/* 0x00a4 */ std %f6,[%o0+%g1]
+/* 0x00a8 */ cmp %o3,%g3
+/* 0x00ac */ fmovs %f8,%f4
+/* 0x00b0 */ ld [%o1+%g2],%f7
+/* 0x00b4 */ fsubd %f4,%f8,%f12
+/* 0x00b8 */ add %g1,8,%g1
+/* 0x00bc */ add %g2,4,%g2
+/* 0x00c0 */ fmovs %f8,%f2
+/* 0x00c4 */ std %f12,[%o0+%g1]
+/* 0x00c8 */ ld [%o1+%g2],%f5
+/* 0x00cc */ fsubd %f2,%f8,%f12
+/* 0x00d0 */ add %g1,8,%g1
+/* 0x00d4 */ add %g2,4,%g2
+/* 0x00d8 */ fmovs %f8,%f0
+/* 0x00dc */ std %f12,[%o0+%g1]
+/* 0x00e0 */ ld [%o1+%g2],%f3
+/* 0x00e4 */ fsubd %f0,%f8,%f12
+/* 0x00e8 */ add %g1,8,%g1
+/* 0x00ec */ add %g2,4,%g2
+/* 0x00f0 */ fmovs %f8,%f10
+/* 0x00f4 */ std %f12,[%o0+%g1]
+/* 0x00f8 */ ld [%o1+%g2],%f1
+/* 0x00fc */ fsubd %f10,%f8,%f10
+/* 0x0100 */ add %g1,8,%g1
+/* 0x0104 */ add %g2,4,%g2
+/* 0x0108 */ std %f10,[%o0+%g1]
+/* 0x010c */ ble,pt %icc,.L900000205
+/* 0x0110 */ fmovs %f8,%f6
+ .L900000208:
+/* 0x0114 */ fmovs %f8,%f4
+/* 0x0118 */ ld [%o1+%g2],%f11
+/* 0x011c */ add %g1,8,%g3
+/* 0x0120 */ fmovs %f8,%f2
+/* 0x0124 */ add %g1,16,%g1
+/* 0x0128 */ cmp %o3,%o4
+/* 0x012c */ fmovs %f8,%f0
+/* 0x0130 */ add %g1,8,%o1
+/* 0x0134 */ add %g1,16,%o2
+/* 0x0138 */ fmovs %f8,%f10
+/* 0x013c */ add %g1,24,%g2
+/* 0x0140 */ fsubd %f6,%f8,%f6
+/* 0x0144 */ std %f6,[%o0+%g3]
+/* 0x0148 */ fsubd %f4,%f8,%f4
+/* 0x014c */ std %f4,[%o0+%g1]
+/* 0x0150 */ sra %o3,0,%g1
+/* 0x0154 */ fsubd %f2,%f8,%f2
+/* 0x0158 */ std %f2,[%o0+%o1]
+/* 0x015c */ sllx %g1,2,%g3
+/* 0x0160 */ fsubd %f0,%f8,%f0
+/* 0x0164 */ std %f0,[%o0+%o2]
+/* 0x0168 */ fsubd %f10,%f8,%f0
+/* 0x016c */ bg,pn %icc,.L77000140
+/* 0x0170 */ std %f0,[%o0+%g2]
+ .L77000144:
+/* 0x0174 */ ldd [%g4],%f8
+ .L900000211:
+/* 0x0178 */ ld [%g5+%g3],%f13
+/* 0x017c */ sllx %g1,3,%g2
+/* 0x0180 */ add %o3,1,%o3
+/* 0x0184 */ sra %o3,0,%g1
+/* 0x0188 */ cmp %o3,%o4
+/* 0x018c */ fmovs %f8,%f12
+/* 0x0190 */ sllx %g1,2,%g3
+/* 0x0194 */ fsubd %f12,%f8,%f0
+/* 0x0198 */ std %f0,[%o0+%g2]
+/* 0x019c */ ble,a,pt %icc,.L900000211
+/* 0x01a0 */ ldd [%g4],%f8
+ .L77000140:
+/* 0x01a4 */ retl ! Result =
+/* 0x01a8 */ nop
+/* 0x01ac 0 */ .type conv_i32_to_d32,2
+/* 0x01ac */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000301:
+/* 000000 0 */ .word 1127219200,0
+/* 0x0008 0 */ .align 8
+/* 0x0008 */ .skip 24
+!
+! SUBROUTINE conv_i32_to_d16
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_i32_to_d16
+ conv_i32_to_d16:
+/* 000000 */ save %sp,-192,%sp
+ .L900000310:
+/* 0x0004 */ call .+8
+/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
+
+! 143 !}
+! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
+! 147 !{
+! 148 !int i;
+! 149 !unsigned int a;
+! 151 !#pragma pipeloop(0)
+! 152 ! for(i=0;i<len;i++)
+
+/* 0x000c 152 */ cmp %i2,0
+/* 0x0010 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
+/* 0x0014 152 */ ble,pt %icc,.L77000150
+/* 0x0018 */ add %g3,%o7,%o0
+
+! 153 ! {
+! 154 ! a=i32[i];
+! 155 ! d16[2*i]=(double)(a&0xffff);
+! 156 ! d16[2*i+1]=(double)(a>>16);
+
+/* 0x001c 156 */ sethi %hi(.L_const_seg_900000301),%g2
+/* 0x0020 147 */ or %g0,%i2,%o1
+/* 0x0024 152 */ sethi %hi(0xfc00),%g3
+/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%g2
+/* 0x002c 152 */ or %g0,%o1,%g4
+/* 0x0030 156 */ ldx [%o0+%g2],%o5
+/* 0x0034 152 */ add %g3,1023,%g1
+/* 0x0038 147 */ or %g0,%i1,%o7
+/* 0x003c 152 */ or %g0,0,%i2
+/* 0x0040 */ sub %o1,1,%g5
+/* 0x0044 */ or %g0,0,%g3
+/* 0x0048 */ or %g0,1,%g2
+/* 0x004c 154 */ or %g0,0,%o2
+/* 0x0050 */ cmp %g4,6
+/* 0x0054 152 */ bl,pn %icc,.L77000154
+/* 0x0058 */ ldd [%o5],%f0
+/* 0x005c */ sub %o1,2,%o3
+/* 0x0060 */ or %g0,16,%o2
+/* 0x0064 154 */ ld [%i1],%o4
+/* 0x0068 156 */ or %g0,3,%g2
+/* 0x006c */ or %g0,2,%g3
+/* 0x0070 155 */ fmovs %f0,%f2
+/* 0x0074 156 */ or %g0,4,%i2
+/* 0x0078 155 */ and %o4,%g1,%o0
+/* 0x007c */ st %o0,[%sp+2227]
+/* 0x0080 */ fmovs %f0,%f4
+/* 0x0084 156 */ srl %o4,16,%i4
+/* 0x0088 152 */ or %g0,12,%o4
+/* 0x008c */ or %g0,24,%o0
+/* 0x0090 155 */ ld [%sp+2227],%f3
+/* 0x0094 */ fsubd %f2,%f0,%f2
+/* 0x0098 */ std %f2,[%i0]
+/* 0x009c 156 */ st %i4,[%sp+2223]
+/* 0x00a0 154 */ ld [%o7+4],%o1
+/* 0x00a4 156 */ fmovs %f0,%f2
+/* 0x00a8 155 */ and %o1,%g1,%i1
+/* 0x00ac 156 */ ld [%sp+2223],%f3
+/* 0x00b0 */ srl %o1,16,%o1
+/* 0x00b4 */ fsubd %f2,%f0,%f2
+/* 0x00b8 */ std %f2,[%i0+8]
+/* 0x00bc */ st %o1,[%sp+2223]
+/* 0x00c0 155 */ st %i1,[%sp+2227]
+/* 0x00c4 154 */ ld [%o7+8],%o1
+/* 0x00c8 156 */ fmovs %f0,%f2
+/* 0x00cc 155 */ and %o1,%g1,%g4
+/* 0x00d0 */ ld [%sp+2227],%f5
+/* 0x00d4 156 */ srl %o1,16,%o1
+/* 0x00d8 */ ld [%sp+2223],%f3
+/* 0x00dc */ st %o1,[%sp+2223]
+/* 0x00e0 155 */ fsubd %f4,%f0,%f4
+/* 0x00e4 */ st %g4,[%sp+2227]
+/* 0x00e8 156 */ fsubd %f2,%f0,%f2
+/* 0x00ec 154 */ ld [%o7+12],%o1
+/* 0x00f0 155 */ std %f4,[%i0+16]
+/* 0x00f4 156 */ std %f2,[%i0+24]
+ .L900000306:
+/* 0x00f8 155 */ ld [%sp+2227],%f5
+/* 0x00fc 156 */ add %i2,2,%i2
+/* 0x0100 */ add %g2,4,%g2
+/* 0x0104 */ ld [%sp+2223],%f3
+/* 0x0108 */ cmp %i2,%o3
+/* 0x010c */ add %g3,4,%g3
+/* 0x0110 155 */ and %o1,%g1,%g4
+/* 0x0114 156 */ srl %o1,16,%o1
+/* 0x0118 155 */ st %g4,[%sp+2227]
+/* 0x011c 156 */ st %o1,[%sp+2223]
+/* 0x0120 152 */ add %o4,4,%o1
+/* 0x0124 154 */ ld [%o7+%o1],%o4
+/* 0x0128 156 */ fmovs %f0,%f2
+/* 0x012c 155 */ fmovs %f0,%f4
+/* 0x0130 */ fsubd %f4,%f0,%f4
+/* 0x0134 152 */ add %o2,16,%o2
+/* 0x0138 156 */ fsubd %f2,%f0,%f2
+/* 0x013c 155 */ std %f4,[%i0+%o2]
+/* 0x0140 152 */ add %o0,16,%o0
+/* 0x0144 156 */ std %f2,[%i0+%o0]
+/* 0x0148 155 */ ld [%sp+2227],%f5
+/* 0x014c 156 */ ld [%sp+2223],%f3
+/* 0x0150 155 */ and %o4,%g1,%g4
+/* 0x0154 156 */ srl %o4,16,%o4
+/* 0x0158 155 */ st %g4,[%sp+2227]
+/* 0x015c 156 */ st %o4,[%sp+2223]
+/* 0x0160 152 */ add %o1,4,%o4
+/* 0x0164 154 */ ld [%o7+%o4],%o1
+/* 0x0168 156 */ fmovs %f0,%f2
+/* 0x016c 155 */ fmovs %f0,%f4
+/* 0x0170 */ fsubd %f4,%f0,%f4
+/* 0x0174 152 */ add %o2,16,%o2
+/* 0x0178 156 */ fsubd %f2,%f0,%f2
+/* 0x017c 155 */ std %f4,[%i0+%o2]
+/* 0x0180 152 */ add %o0,16,%o0
+/* 0x0184 156 */ ble,pt %icc,.L900000306
+/* 0x0188 */ std %f2,[%i0+%o0]
+ .L900000309:
+/* 0x018c 155 */ ld [%sp+2227],%f5
+/* 0x0190 156 */ fmovs %f0,%f2
+/* 0x0194 */ srl %o1,16,%o3
+/* 0x0198 */ ld [%sp+2223],%f3
+/* 0x019c 155 */ and %o1,%g1,%i1
+/* 0x01a0 152 */ add %o2,16,%g4
+/* 0x01a4 155 */ fmovs %f0,%f4
+/* 0x01a8 */ st %i1,[%sp+2227]
+/* 0x01ac 152 */ add %o0,16,%o2
+/* 0x01b0 156 */ st %o3,[%sp+2223]
+/* 0x01b4 154 */ sra %i2,0,%o3
+/* 0x01b8 152 */ add %g4,16,%o1
+/* 0x01bc 155 */ fsubd %f4,%f0,%f4
+/* 0x01c0 */ std %f4,[%i0+%g4]
+/* 0x01c4 152 */ add %o0,32,%o0
+/* 0x01c8 156 */ fsubd %f2,%f0,%f2
+/* 0x01cc */ std %f2,[%i0+%o2]
+/* 0x01d0 */ sllx %o3,2,%o2
+/* 0x01d4 155 */ ld [%sp+2227],%f5
+/* 0x01d8 156 */ cmp %i2,%g5
+/* 0x01dc */ add %g2,6,%g2
+/* 0x01e0 */ ld [%sp+2223],%f3
+/* 0x01e4 */ add %g3,6,%g3
+/* 0x01e8 155 */ fmovs %f0,%f4
+/* 0x01ec 156 */ fmovs %f0,%f2
+/* 0x01f0 155 */ fsubd %f4,%f0,%f4
+/* 0x01f4 */ std %f4,[%i0+%o1]
+/* 0x01f8 156 */ fsubd %f2,%f0,%f0
+/* 0x01fc */ bg,pn %icc,.L77000150
+/* 0x0200 */ std %f0,[%i0+%o0]
+ .L77000154:
+/* 0x0204 155 */ ldd [%o5],%f0
+ .L900000311:
+/* 0x0208 154 */ ld [%o7+%o2],%o0
+/* 0x020c 155 */ sra %g3,0,%o1
+/* 0x0210 */ fmovs %f0,%f2
+/* 0x0214 */ sllx %o1,3,%o2
+/* 0x0218 156 */ add %i2,1,%i2
+/* 0x021c 155 */ and %o0,%g1,%o1
+/* 0x0220 */ st %o1,[%sp+2227]
+/* 0x0224 156 */ add %g3,2,%g3
+/* 0x0228 */ srl %o0,16,%o1
+/* 0x022c */ cmp %i2,%g5
+/* 0x0230 */ sra %g2,0,%o0
+/* 0x0234 */ add %g2,2,%g2
+/* 0x0238 */ sllx %o0,3,%o0
+/* 0x023c 155 */ ld [%sp+2227],%f3
+/* 0x0240 154 */ sra %i2,0,%o3
+/* 0x0244 155 */ fsubd %f2,%f0,%f2
+/* 0x0248 */ std %f2,[%i0+%o2]
+/* 0x024c */ sllx %o3,2,%o2
+/* 0x0250 156 */ st %o1,[%sp+2223]
+/* 0x0254 */ fmovs %f0,%f2
+/* 0x0258 */ ld [%sp+2223],%f3
+/* 0x025c */ fsubd %f2,%f0,%f0
+/* 0x0260 */ std %f0,[%i0+%o0]
+/* 0x0264 */ ble,a,pt %icc,.L900000311
+/* 0x0268 */ ldd [%o5],%f0
+ .L77000150:
+/* 0x026c */ ret ! Result =
+/* 0x0270 */ restore %g0,%g0,%g0
+/* 0x0274 0 */ .type conv_i32_to_d16,2
+/* 0x0274 */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! CONSTANT POOL
+!
+ .L_const_seg_900000401:
+/* 000000 0 */ .word 1127219200,0
+/* 0x0008 0 */ .align 8
+/* 0x0008 */ .skip 24
+!
+! SUBROUTINE conv_i32_to_d32_and_d16
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global conv_i32_to_d32_and_d16
+ conv_i32_to_d32_and_d16:
+/* 000000 */ save %sp,-192,%sp
+ .L900000415:
+/* 0x0004 */ call .+8
+/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
+
+! 157 ! }
+! 158 !}
+! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
+! 162 ! unsigned int *i32, int len)
+! 163 !{
+! 164 !int i = 0;
+! 165 !unsigned int a;
+! 167 !#pragma pipeloop(0)
+! 168 !#ifdef RF_INLINE_MACROS
+! 169 ! for(;i<len-3;i+=4)
+! 170 ! {
+! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
+! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
+
+/* 0x000c 172 */ sethi %hi(Zero),%g2
+/* 0x0010 163 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
+/* 0x0014 */ or %g0,%i3,%g5
+/* 0x0018 */ add %g3,%o7,%o3
+/* 0x001c 172 */ add %g2,%lo(Zero),%g2
+/* 0x0020 */ ldx [%o3+%g2],%o0
+/* 0x0024 */ sethi %hi(TwoToMinus16),%g3
+/* 0x0028 163 */ or %g0,%i0,%i3
+/* 0x002c 169 */ sub %g5,3,%o1
+/* 0x0030 172 */ sethi %hi(TwoTo16),%g4
+/* 0x0034 163 */ or %g0,%i2,%i0
+/* 0x0038 172 */ add %g3,%lo(TwoToMinus16),%g2
+/* 0x003c */ ldx [%o3+%g2],%o2
+/* 0x0040 169 */ cmp %o1,0
+/* 0x0044 164 */ or %g0,0,%i2
+/* 0x0048 169 */ ble,pt %icc,.L900000418
+/* 0x004c */ cmp %i2,%g5
+/* 0x0050 */ ldd [%o0],%f2
+/* 0x0054 172 */ add %g4,%lo(TwoTo16),%g3
+/* 0x0058 */ ldx [%o3+%g3],%o1
+/* 0x005c 169 */ sub %g5,4,%o4
+/* 0x0060 */ or %g0,0,%o5
+ .L900000417:
+/* 0x0064 172 */ sra %i2,0,%g2
+/* 0x0068 */ fmovd %f2,%f14
+/* 0x006c */ ldd [%o2],%f0
+/* 0x0070 */ sllx %g2,2,%g3
+/* 0x0074 */ fmovd %f2,%f10
+/* 0x0078 */ ldd [%o1],%f16
+/* 0x007c */ ld [%g3+%i0],%f15
+/* 0x0080 */ add %i0,%g3,%g3
+/* 0x0084 */ fmovd %f2,%f6
+/* 0x0088 */ ld [%g3+4],%f11
+/* 0x008c */ sra %o5,0,%g4
+/* 0x0090 */ add %i2,4,%i2
+/* 0x0094 */ ld [%g3+8],%f7
+/* 0x0098 */ fxtod %f14,%f14
+/* 0x009c */ sllx %g2,3,%g2
+/* 0x00a0 */ ld [%g3+12],%f3
+/* 0x00a4 */ fxtod %f10,%f10
+/* 0x00a8 */ sllx %g4,3,%g3
+/* 0x00ac */ fxtod %f6,%f6
+/* 0x00b0 */ std %f14,[%g2+%i3]
+/* 0x00b4 */ add %i3,%g2,%g4
+/* 0x00b8 */ fxtod %f2,%f2
+/* 0x00bc */ fmuld %f0,%f14,%f12
+/* 0x00c0 */ std %f2,[%g4+24]
+/* 0x00c4 */ fmuld %f0,%f10,%f8
+/* 0x00c8 */ std %f10,[%g4+8]
+/* 0x00cc */ add %i1,%g3,%g2
+/* 0x00d0 */ fmuld %f0,%f6,%f4
+/* 0x00d4 */ std %f6,[%g4+16]
+/* 0x00d8 */ cmp %i2,%o4
+/* 0x00dc */ fmuld %f0,%f2,%f0
+/* 0x00e0 */ fdtox %f12,%f12
+/* 0x00e4 */ add %o5,8,%o5
+/* 0x00e8 */ fdtox %f8,%f8
+/* 0x00ec */ fdtox %f4,%f4
+/* 0x00f0 */ fdtox %f0,%f0
+/* 0x00f4 */ fxtod %f12,%f12
+/* 0x00f8 */ std %f12,[%g2+8]
+/* 0x00fc */ fxtod %f8,%f8
+/* 0x0100 */ std %f8,[%g2+24]
+/* 0x0104 */ fxtod %f4,%f4
+/* 0x0108 */ std %f4,[%g2+40]
+/* 0x010c */ fxtod %f0,%f0
+/* 0x0110 */ std %f0,[%g2+56]
+/* 0x0114 */ fmuld %f12,%f16,%f12
+/* 0x0118 */ fmuld %f8,%f16,%f8
+/* 0x011c */ fmuld %f4,%f16,%f4
+/* 0x0120 */ fsubd %f14,%f12,%f12
+/* 0x0124 */ std %f12,[%g3+%i1]
+/* 0x0128 */ fmuld %f0,%f16,%f0
+/* 0x012c */ fsubd %f10,%f8,%f8
+/* 0x0130 */ std %f8,[%g2+16]
+/* 0x0134 */ fsubd %f6,%f4,%f4
+/* 0x0138 */ std %f4,[%g2+32]
+/* 0x013c */ fsubd %f2,%f0,%f0
+/* 0x0140 */ std %f0,[%g2+48]
+/* 0x0144 */ ble,a,pt %icc,.L900000417
+/* 0x0148 */ ldd [%o0],%f2
+ .L77000159:
+
+! 173 ! }
+! 174 !#endif
+! 175 ! for(;i<len;i++)
+
+/* 0x014c 175 */ cmp %i2,%g5
+ .L900000418:
+/* 0x0150 175 */ bge,pt %icc,.L77000164
+/* 0x0154 */ nop
+
+! 176 ! {
+! 177 ! a=i32[i];
+! 178 ! d32[i]=(double)(i32[i]);
+! 179 ! d16[2*i]=(double)(a&0xffff);
+! 180 ! d16[2*i+1]=(double)(a>>16);
+
+/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2
+/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%g2
+/* 0x0160 175 */ sethi %hi(0xfc00),%g3
+/* 0x0164 180 */ ldx [%o3+%g2],%g1
+/* 0x0168 175 */ sll %i2,1,%i4
+/* 0x016c */ sub %g5,%i2,%g4
+/* 0x0170 177 */ sra %i2,0,%o3
+/* 0x0174 175 */ add %g3,1023,%g3
+/* 0x0178 178 */ ldd [%g1],%f2
+/* 0x017c */ sllx %o3,2,%o2
+/* 0x0180 175 */ add %i4,1,%g2
+/* 0x0184 177 */ or %g0,%o3,%o1
+/* 0x0188 */ cmp %g4,6
+/* 0x018c 175 */ bl,pn %icc,.L77000161
+/* 0x0190 */ sra %i2,0,%o3
+/* 0x0194 177 */ or %g0,%o2,%o0
+/* 0x0198 178 */ ld [%i0+%o2],%f5
+/* 0x019c 179 */ fmovs %f2,%f8
+/* 0x01a0 175 */ add %o0,4,%o3
+/* 0x01a4 177 */ ld [%i0+%o0],%o7
+/* 0x01a8 180 */ fmovs %f2,%f6
+/* 0x01ac 178 */ fmovs %f2,%f4
+/* 0x01b0 */ sllx %o1,3,%o2
+/* 0x01b4 175 */ add %o3,4,%o5
+/* 0x01b8 179 */ sra %i4,0,%o0
+/* 0x01bc 175 */ add %o3,8,%o4
+/* 0x01c0 178 */ fsubd %f4,%f2,%f4
+/* 0x01c4 */ std %f4,[%i3+%o2]
+/* 0x01c8 179 */ sllx %o0,3,%i5
+/* 0x01cc */ and %o7,%g3,%o0
+/* 0x01d0 */ st %o0,[%sp+2227]
+/* 0x01d4 175 */ add %i5,16,%o1
+/* 0x01d8 180 */ srl %o7,16,%g4
+/* 0x01dc */ add %i2,1,%i2
+/* 0x01e0 */ sra %g2,0,%o0
+/* 0x01e4 175 */ add %o2,8,%o2
+/* 0x01e8 179 */ fmovs %f2,%f4
+/* 0x01ec 180 */ sllx %o0,3,%l0
+/* 0x01f0 */ add %i4,3,%g2
+/* 0x01f4 179 */ ld [%sp+2227],%f5
+/* 0x01f8 175 */ add %l0,16,%o0
+/* 0x01fc 180 */ add %i4,2,%i4
+/* 0x0200 175 */ sub %g5,1,%o7
+/* 0x0204 180 */ add %i2,3,%i2
+/* 0x0208 179 */ fsubd %f4,%f2,%f4
+/* 0x020c */ std %f4,[%i1+%i5]
+/* 0x0210 180 */ st %g4,[%sp+2223]
+/* 0x0214 177 */ ld [%i0+%o3],%i5
+/* 0x0218 180 */ fmovs %f2,%f4
+/* 0x021c */ srl %i5,16,%g4
+/* 0x0220 179 */ and %i5,%g3,%i5
+/* 0x0224 180 */ ld [%sp+2223],%f5
+/* 0x0228 */ fsubd %f4,%f2,%f4
+/* 0x022c */ std %f4,[%i1+%l0]
+/* 0x0230 */ st %g4,[%sp+2223]
+/* 0x0234 177 */ ld [%i0+%o5],%g4
+/* 0x0238 179 */ st %i5,[%sp+2227]
+/* 0x023c 178 */ fmovs %f2,%f4
+/* 0x0240 180 */ srl %g4,16,%i5
+/* 0x0244 179 */ and %g4,%g3,%g4
+/* 0x0248 180 */ ld [%sp+2223],%f7
+/* 0x024c */ st %i5,[%sp+2223]
+/* 0x0250 178 */ ld [%i0+%o3],%f5
+/* 0x0254 180 */ fsubd %f6,%f2,%f6
+/* 0x0258 177 */ ld [%i0+%o4],%o3
+/* 0x025c 178 */ fsubd %f4,%f2,%f4
+/* 0x0260 179 */ ld [%sp+2227],%f9
+/* 0x0264 180 */ ld [%sp+2223],%f1
+/* 0x0268 179 */ st %g4,[%sp+2227]
+/* 0x026c */ fsubd %f8,%f2,%f8
+/* 0x0270 */ std %f8,[%i1+%o1]
+/* 0x0274 180 */ std %f6,[%i1+%o0]
+/* 0x0278 178 */ std %f4,[%i3+%o2]
+ .L900000411:
+/* 0x027c 179 */ ld [%sp+2227],%f13
+/* 0x0280 180 */ srl %o3,16,%g4
+/* 0x0284 */ add %i2,2,%i2
+/* 0x0288 */ st %g4,[%sp+2223]
+/* 0x028c */ cmp %i2,%o7
+/* 0x0290 */ add %g2,4,%g2
+/* 0x0294 178 */ ld [%i0+%o5],%f11
+/* 0x0298 180 */ add %i4,4,%i4
+/* 0x029c 175 */ add %o4,4,%o5
+/* 0x02a0 177 */ ld [%i0+%o5],%g4
+/* 0x02a4 179 */ and %o3,%g3,%o3
+/* 0x02a8 */ st %o3,[%sp+2227]
+/* 0x02ac 180 */ fmovs %f2,%f0
+/* 0x02b0 179 */ fmovs %f2,%f12
+/* 0x02b4 180 */ fsubd %f0,%f2,%f8
+/* 0x02b8 179 */ fsubd %f12,%f2,%f4
+/* 0x02bc 175 */ add %o1,16,%o1
+/* 0x02c0 180 */ ld [%sp+2223],%f7
+/* 0x02c4 178 */ fmovs %f2,%f10
+/* 0x02c8 179 */ std %f4,[%i1+%o1]
+/* 0x02cc 175 */ add %o0,16,%o0
+/* 0x02d0 178 */ fsubd %f10,%f2,%f4
+/* 0x02d4 175 */ add %o2,8,%o2
+/* 0x02d8 180 */ std %f8,[%i1+%o0]
+/* 0x02dc 178 */ std %f4,[%i3+%o2]
+/* 0x02e0 179 */ ld [%sp+2227],%f9
+/* 0x02e4 180 */ srl %g4,16,%o3
+/* 0x02e8 */ st %o3,[%sp+2223]
+/* 0x02ec 178 */ ld [%i0+%o4],%f5
+/* 0x02f0 175 */ add %o4,8,%o4
+/* 0x02f4 177 */ ld [%i0+%o4],%o3
+/* 0x02f8 179 */ and %g4,%g3,%g4
+/* 0x02fc */ st %g4,[%sp+2227]
+/* 0x0300 180 */ fmovs %f2,%f6
+/* 0x0304 179 */ fmovs %f2,%f8
+/* 0x0308 180 */ fsubd %f6,%f2,%f6
+/* 0x030c 179 */ fsubd %f8,%f2,%f8
+/* 0x0310 175 */ add %o1,16,%o1
+/* 0x0314 180 */ ld [%sp+2223],%f1
+/* 0x0318 178 */ fmovs %f2,%f4
+/* 0x031c 179 */ std %f8,[%i1+%o1]
+/* 0x0320 175 */ add %o0,16,%o0
+/* 0x0324 178 */ fsubd %f4,%f2,%f4
+/* 0x0328 175 */ add %o2,8,%o2
+/* 0x032c 180 */ std %f6,[%i1+%o0]
+/* 0x0330 */ bl,pt %icc,.L900000411
+/* 0x0334 */ std %f4,[%i3+%o2]
+ .L900000414:
+/* 0x0338 180 */ srl %o3,16,%o7
+/* 0x033c */ st %o7,[%sp+2223]
+/* 0x0340 179 */ fmovs %f2,%f12
+/* 0x0344 178 */ ld [%i0+%o5],%f11
+/* 0x0348 180 */ fmovs %f2,%f0
+/* 0x034c 179 */ and %o3,%g3,%g4
+/* 0x0350 180 */ fmovs %f2,%f6
+/* 0x0354 175 */ add %o1,16,%o3
+/* 0x0358 */ add %o0,16,%o7
+/* 0x035c 178 */ fmovs %f2,%f10
+/* 0x0360 175 */ add %o2,8,%o2
+/* 0x0364 */ add %o1,32,%o5
+/* 0x0368 179 */ ld [%sp+2227],%f13
+/* 0x036c 178 */ fmovs %f2,%f4
+/* 0x0370 175 */ add %o0,32,%o1
+/* 0x0374 180 */ ld [%sp+2223],%f7
+/* 0x0378 175 */ add %o2,8,%o0
+/* 0x037c 180 */ cmp %i2,%g5
+/* 0x0380 179 */ st %g4,[%sp+2227]
+/* 0x0384 */ fsubd %f12,%f2,%f8
+/* 0x0388 180 */ add %g2,6,%g2
+/* 0x038c 179 */ std %f8,[%i1+%o3]
+/* 0x0390 180 */ fsubd %f0,%f2,%f0
+/* 0x0394 177 */ sra %i2,0,%o3
+/* 0x0398 180 */ std %f0,[%i1+%o7]
+/* 0x039c 178 */ fsubd %f10,%f2,%f0
+/* 0x03a0 180 */ add %i4,6,%i4
+/* 0x03a4 178 */ std %f0,[%i3+%o2]
+/* 0x03a8 */ sllx %o3,2,%o2
+/* 0x03ac 179 */ ld [%sp+2227],%f9
+/* 0x03b0 178 */ ld [%i0+%o4],%f5
+/* 0x03b4 179 */ fmovs %f2,%f8
+/* 0x03b8 */ fsubd %f8,%f2,%f0
+/* 0x03bc */ std %f0,[%i1+%o5]
+/* 0x03c0 180 */ fsubd %f6,%f2,%f0
+/* 0x03c4 */ std %f0,[%i1+%o1]
+/* 0x03c8 178 */ fsubd %f4,%f2,%f0
+/* 0x03cc 180 */ bge,pn %icc,.L77000164
+/* 0x03d0 */ std %f0,[%i3+%o0]
+ .L77000161:
+/* 0x03d4 178 */ ldd [%g1],%f2
+ .L900000416:
+/* 0x03d8 178 */ ld [%i0+%o2],%f5
+/* 0x03dc 179 */ sra %i4,0,%o0
+/* 0x03e0 180 */ add %i2,1,%i2
+/* 0x03e4 177 */ ld [%i0+%o2],%o1
+/* 0x03e8 178 */ sllx %o3,3,%o3
+/* 0x03ec 180 */ add %i4,2,%i4
+/* 0x03f0 178 */ fmovs %f2,%f4
+/* 0x03f4 179 */ sllx %o0,3,%o4
+/* 0x03f8 180 */ cmp %i2,%g5
+/* 0x03fc 179 */ and %o1,%g3,%o0
+/* 0x0400 178 */ fsubd %f4,%f2,%f0
+/* 0x0404 */ std %f0,[%i3+%o3]
+/* 0x0408 180 */ srl %o1,16,%o1
+/* 0x040c 179 */ st %o0,[%sp+2227]
+/* 0x0410 180 */ sra %g2,0,%o0
+/* 0x0414 */ add %g2,2,%g2
+/* 0x0418 177 */ sra %i2,0,%o3
+/* 0x041c 180 */ sllx %o0,3,%o0
+/* 0x0420 179 */ fmovs %f2,%f4
+/* 0x0424 */ sllx %o3,2,%o2
+/* 0x0428 */ ld [%sp+2227],%f5
+/* 0x042c */ fsubd %f4,%f2,%f0
+/* 0x0430 */ std %f0,[%i1+%o4]
+/* 0x0434 180 */ st %o1,[%sp+2223]
+/* 0x0438 */ fmovs %f2,%f4
+/* 0x043c */ ld [%sp+2223],%f5
+/* 0x0440 */ fsubd %f4,%f2,%f0
+/* 0x0444 */ std %f0,[%i1+%o0]
+/* 0x0448 */ bl,a,pt %icc,.L900000416
+/* 0x044c */ ldd [%g1],%f2
+ .L77000164:
+/* 0x0450 */ ret ! Result =
+/* 0x0454 */ restore %g0,%g0,%g0
+/* 0x0458 0 */ .type conv_i32_to_d32_and_d16,2
+/* 0x0458 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+!
+! SUBROUTINE adjust_montf_result
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global adjust_montf_result
+ adjust_montf_result:
+/* 000000 */ save %sp,-176,%sp
+/* 0x0004 */ or %g0,%i2,%o1
+/* 0x0008 */ or %g0,%i0,%i2
+
+! 181 ! }
+! 182 !}
+! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
+! 186 !{
+! 187 !long long acc;
+! 188 !int i;
+! 190 ! if(i32[len]>0) i=-1;
+
+/* 0x000c 190 */ sra %o1,0,%g2
+/* 0x0010 */ or %g0,-1,%o2
+/* 0x0014 */ sllx %g2,2,%g2
+/* 0x0018 */ ld [%i2+%g2],%g2
+/* 0x001c */ cmp %g2,0
+/* 0x0020 */ bleu,pn %icc,.L77000175
+/* 0x0024 */ or %g0,%i1,%i0
+/* 0x0028 */ ba .L900000511
+/* 0x002c */ cmp %o2,0
+ .L77000175:
+
+! 191 ! else
+! 192 ! {
+! 193 ! for(i=len-1; i>=0; i--)
+
+/* 0x0030 193 */ sub %o1,1,%o2
+/* 0x0034 */ cmp %o2,0
+/* 0x0038 */ bl,pn %icc,.L77000182
+/* 0x003c */ sra %o2,0,%g2
+ .L900000510:
+
+! 194 ! {
+! 195 ! if(i32[i]!=nint[i]) break;
+
+/* 0x0040 195 */ sllx %g2,2,%g2
+/* 0x0044 */ sub %o2,1,%o0
+/* 0x0048 */ ld [%i1+%g2],%g3
+/* 0x004c */ ld [%i2+%g2],%g2
+/* 0x0050 */ cmp %g2,%g3
+/* 0x0054 */ bne,pn %icc,.L77000182
+/* 0x0058 */ nop
+/* 0x005c 0 */ or %g0,%o0,%o2
+/* 0x0060 195 */ cmp %o0,0
+/* 0x0064 */ bge,pt %icc,.L900000510
+/* 0x0068 */ sra %o2,0,%g2
+ .L77000182:
+
+! 196 ! }
+! 197 ! }
+! 198 ! if((i<0)||(i32[i]>nint[i]))
+
+/* 0x006c 198 */ cmp %o2,0
+ .L900000511:
+/* 0x0070 198 */ bl,pn %icc,.L77000198
+/* 0x0074 */ sra %o2,0,%g2
+/* 0x0078 */ sllx %g2,2,%g2
+/* 0x007c */ ld [%i1+%g2],%g3
+/* 0x0080 */ ld [%i2+%g2],%g2
+/* 0x0084 */ cmp %g2,%g3
+/* 0x0088 */ bleu,pt %icc,.L77000191
+/* 0x008c */ nop
+ .L77000198:
+
+! 199 ! {
+! 200 ! acc=0;
+! 201 ! for(i=0;i<len;i++)
+
+/* 0x0090 201 */ cmp %o1,0
+/* 0x0094 */ ble,pt %icc,.L77000191
+/* 0x0098 */ nop
+/* 0x009c 198 */ or %g0,-1,%g2
+/* 0x00a0 201 */ or %g0,%o1,%g3
+/* 0x00a4 198 */ srl %g2,0,%g2
+/* 0x00a8 */ sub %o1,1,%g4
+/* 0x00ac */ cmp %o1,9
+/* 0x00b0 201 */ or %g0,0,%i1
+/* 0x00b4 200 */ or %g0,0,%g5
+
+! 202 ! {
+! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
+
+/* 0x00b8 203 */ or %g0,0,%o1
+/* 0x00bc 201 */ bl,pn %icc,.L77000199
+/* 0x00c0 */ sub %g3,4,%o7
+/* 0x00c4 203 */ ld [%i2],%o1
+
+! 204 ! i32[i]=acc&0xffffffff;
+! 205 ! acc=acc>>32;
+
+/* 0x00c8 205 */ or %g0,5,%i1
+/* 0x00cc 203 */ ld [%i0],%o2
+/* 0x00d0 201 */ or %g0,8,%o5
+/* 0x00d4 */ or %g0,12,%o4
+/* 0x00d8 203 */ ld [%i0+4],%o3
+/* 0x00dc 201 */ or %g0,16,%g1
+/* 0x00e0 203 */ ld [%i2+4],%o0
+/* 0x00e4 201 */ sub %o1,%o2,%o1
+/* 0x00e8 203 */ ld [%i0+8],%i3
+/* 0x00ec 204 */ and %o1,%g2,%g5
+/* 0x00f0 */ st %g5,[%i2]
+/* 0x00f4 205 */ srax %o1,32,%g5
+/* 0x00f8 201 */ sub %o0,%o3,%o0
+/* 0x00fc 203 */ ld [%i0+12],%o2
+/* 0x0100 201 */ add %o0,%g5,%o0
+/* 0x0104 204 */ and %o0,%g2,%g5
+/* 0x0108 */ st %g5,[%i2+4]
+/* 0x010c 205 */ srax %o0,32,%o0
+/* 0x0110 203 */ ld [%i2+8],%o1
+/* 0x0114 */ ld [%i2+12],%o3
+/* 0x0118 201 */ sub %o1,%i3,%o1
+ .L900000505:
+/* 0x011c */ add %g1,4,%g3
+/* 0x0120 203 */ ld [%g1+%i2],%g5
+/* 0x0124 201 */ add %o1,%o0,%o0
+/* 0x0128 203 */ ld [%i0+%g1],%i3
+/* 0x012c 201 */ sub %o3,%o2,%o1
+/* 0x0130 204 */ and %o0,%g2,%o2
+/* 0x0134 */ st %o2,[%o5+%i2]
+/* 0x0138 205 */ srax %o0,32,%o2
+/* 0x013c */ add %i1,4,%i1
+/* 0x0140 201 */ add %g1,8,%o5
+/* 0x0144 203 */ ld [%g3+%i2],%o0
+/* 0x0148 201 */ add %o1,%o2,%o1
+/* 0x014c 203 */ ld [%i0+%g3],%o3
+/* 0x0150 201 */ sub %g5,%i3,%o2
+/* 0x0154 204 */ and %o1,%g2,%g5
+/* 0x0158 */ st %g5,[%o4+%i2]
+/* 0x015c 205 */ srax %o1,32,%g5
+/* 0x0160 */ cmp %i1,%o7
+/* 0x0164 201 */ add %g1,12,%o4
+/* 0x0168 203 */ ld [%o5+%i2],%o1
+/* 0x016c 201 */ add %o2,%g5,%o2
+/* 0x0170 203 */ ld [%i0+%o5],%i3
+/* 0x0174 201 */ sub %o0,%o3,%o0
+/* 0x0178 204 */ and %o2,%g2,%o3
+/* 0x017c */ st %o3,[%g1+%i2]
+/* 0x0180 205 */ srax %o2,32,%g5
+/* 0x0184 203 */ ld [%o4+%i2],%o3
+/* 0x0188 201 */ add %g1,16,%g1
+/* 0x018c */ add %o0,%g5,%o0
+/* 0x0190 203 */ ld [%i0+%o4],%o2
+/* 0x0194 201 */ sub %o1,%i3,%o1
+/* 0x0198 204 */ and %o0,%g2,%g5
+/* 0x019c */ st %g5,[%g3+%i2]
+/* 0x01a0 205 */ ble,pt %icc,.L900000505
+/* 0x01a4 */ srax %o0,32,%o0
+ .L900000508:
+/* 0x01a8 */ add %o1,%o0,%g3
+/* 0x01ac */ sub %o3,%o2,%o1
+/* 0x01b0 203 */ ld [%g1+%i2],%o0
+/* 0x01b4 */ ld [%i0+%g1],%o2
+/* 0x01b8 205 */ srax %g3,32,%o7
+/* 0x01bc 204 */ and %g3,%g2,%o3
+/* 0x01c0 201 */ add %o1,%o7,%o1
+/* 0x01c4 204 */ st %o3,[%o5+%i2]
+/* 0x01c8 205 */ cmp %i1,%g4
+/* 0x01cc 201 */ sub %o0,%o2,%o0
+/* 0x01d0 204 */ and %o1,%g2,%o2
+/* 0x01d4 */ st %o2,[%o4+%i2]
+/* 0x01d8 205 */ srax %o1,32,%o1
+/* 0x01dc 203 */ sra %i1,0,%o2
+/* 0x01e0 201 */ add %o0,%o1,%o0
+/* 0x01e4 205 */ srax %o0,32,%g5
+/* 0x01e8 204 */ and %o0,%g2,%o1
+/* 0x01ec */ st %o1,[%g1+%i2]
+/* 0x01f0 205 */ bg,pn %icc,.L77000191
+/* 0x01f4 */ sllx %o2,2,%o1
+ .L77000199:
+/* 0x01f8 0 */ or %g0,%o1,%g1
+ .L900000509:
+/* 0x01fc 203 */ ld [%o1+%i2],%o0
+/* 0x0200 205 */ add %i1,1,%i1
+/* 0x0204 203 */ ld [%i0+%o1],%o1
+/* 0x0208 */ sra %i1,0,%o2
+/* 0x020c 205 */ cmp %i1,%g4
+/* 0x0210 203 */ add %g5,%o0,%o0
+/* 0x0214 */ sub %o0,%o1,%o0
+/* 0x0218 205 */ srax %o0,32,%g5
+/* 0x021c 204 */ and %o0,%g2,%o1
+/* 0x0220 */ st %o1,[%g1+%i2]
+/* 0x0224 */ sllx %o2,2,%o1
+/* 0x0228 205 */ ble,pt %icc,.L900000509
+/* 0x022c */ or %g0,%o1,%g1
+ .L77000191:
+/* 0x0230 */ ret ! Result =
+/* 0x0234 */ restore %g0,%g0,%g0
+/* 0x0238 0 */ .type adjust_montf_result,2
+/* 0x0238 */ .size adjust_montf_result,(.-adjust_montf_result)
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 */ .align 8
+/* 000000 */ .skip 24
+!
+! SUBROUTINE mont_mulf_noconv
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION
+
+ .global mont_mulf_noconv
+ mont_mulf_noconv:
+/* 000000 */ save %sp,-224,%sp
+ .L900000643:
+/* 0x0004 */ call .+8
+/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
+/* 0x000c */ ldx [%fp+2223],%l0
+
+! 206 ! }
+! 207 ! }
+! 208 !}
+! 213 !/*
+! 214 !** the lengths of the input arrays should be at least the following:
+! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
+! 216 !** all of them should be different from one another
+! 217 !**
+! 218 !*/
+! 219 !void mont_mulf_noconv(unsigned int *result,
+! 220 ! double *dm1, double *dm2, double *dt,
+! 221 ! double *dn, unsigned int *nint,
+! 222 ! int nlen, double dn0)
+! 223 !{
+! 224 ! int i, j, jj;
+! 225 ! int tmp;
+! 226 ! double digit, m2j, nextm2j, a, b;
+! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
+! 229 ! pdm1=&(dm1[0]);
+! 230 ! pdm2=&(dm2[0]);
+! 231 ! pdn=&(dn[0]);
+! 232 ! pdm2[2*nlen]=Zero;
+
+/* 0x0010 232 */ sethi %hi(Zero),%g2
+/* 0x0014 223 */ fmovd %f14,%f30
+/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
+/* 0x001c 232 */ add %g2,%lo(Zero),%g2
+/* 0x0020 */ sll %l0,1,%o3
+/* 0x0024 223 */ add %g5,%o7,%o4
+/* 0x0028 232 */ sra %o3,0,%g5
+/* 0x002c */ ldx [%o4+%g2],%o7
+
+! 234 ! if (nlen!=16)
+! 235 ! {
+! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
+! 238 ! a=dt[0]=pdm1[0]*pdm2[0];
+! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
+
+/* 0x0030 239 */ sethi %hi(TwoToMinus16),%g3
+/* 0x0034 */ sethi %hi(TwoTo16),%g4
+/* 0x0038 */ add %g3,%lo(TwoToMinus16),%g2
+/* 0x003c 232 */ ldd [%o7],%f0
+/* 0x0040 239 */ add %g4,%lo(TwoTo16),%g3
+/* 0x0044 223 */ or %g0,%i4,%o0
+/* 0x0048 232 */ sllx %g5,3,%g4
+/* 0x004c 239 */ ldx [%o4+%g2],%o5
+/* 0x0050 223 */ or %g0,%i5,%l3
+/* 0x0054 */ or %g0,%i0,%l2
+/* 0x0058 239 */ ldx [%o4+%g3],%o4
+/* 0x005c 234 */ cmp %l0,16
+/* 0x0060 232 */ std %f0,[%i2+%g4]
+/* 0x0064 234 */ be,pn %icc,.L77000279
+/* 0x0068 */ or %g0,%i3,%l4
+/* 0x006c 236 */ sll %l0,2,%g2
+/* 0x0070 223 */ or %g0,%o0,%i5
+/* 0x0074 236 */ add %g2,2,%o0
+/* 0x0078 223 */ or %g0,%i1,%i4
+/* 0x007c 236 */ cmp %o0,0
+/* 0x0080 223 */ or %g0,%i2,%l1
+/* 0x0084 236 */ ble,a,pt %icc,.L900000657
+/* 0x0088 */ ldd [%i1],%f6
+
+! 241 ! pdtj=&(dt[0]);
+! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
+! 243 ! {
+! 244 ! m2j=pdm2[j];
+! 245 ! a=pdtj[0]+pdn[0]*digit;
+! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
+! 247 ! pdtj[1]=b;
+! 249 !#pragma pipeloop(0)
+! 250 ! for(i=1;i<nlen;i++)
+! 251 ! {
+! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+! 253 ! }
+! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
+! 255 !
+! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 257 ! }
+! 258 ! }
+! 259 ! else
+! 260 ! {
+! 261 ! a=dt[0]=pdm1[0]*pdm2[0];
+! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
+! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
+! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
+! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
+! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
+! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
+! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
+! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
+! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
+! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
+! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
+! 275 ! pdn_0=pdn[0];
+! 276 ! pdm1_0=pdm1[0];
+! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
+! 279 ! pdtj=&(dt[0]);
+! 281 ! for(j=0;j<32;j++,pdtj++)
+
+/* 0x008c 281 */ or %g0,%o0,%o1
+/* 0x0090 236 */ sub %o0,1,%g1
+/* 0x0094 */ or %g0,0,%g2
+/* 0x0098 281 */ cmp %o1,5
+/* 0x009c */ bl,pn %icc,.L77000280
+/* 0x00a0 */ or %g0,8,%o0
+/* 0x00a4 */ std %f0,[%i3]
+/* 0x00a8 */ or %g0,2,%g2
+/* 0x00ac */ sub %g1,2,%o1
+ .L900000627:
+/* 0x00b0 */ add %o0,8,%g3
+/* 0x00b4 */ std %f0,[%i3+%o0]
+/* 0x00b8 */ add %g2,3,%g2
+/* 0x00bc */ add %o0,16,%o2
+/* 0x00c0 */ std %f0,[%i3+%g3]
+/* 0x00c4 */ cmp %g2,%o1
+/* 0x00c8 */ add %o0,24,%o0
+/* 0x00cc */ ble,pt %icc,.L900000627
+/* 0x00d0 */ std %f0,[%i3+%o2]
+ .L900000630:
+/* 0x00d4 */ cmp %g2,%g1
+/* 0x00d8 */ bg,pn %icc,.L77000285
+/* 0x00dc */ std %f0,[%i3+%o0]
+ .L77000280:
+/* 0x00e0 */ ldd [%o7],%f0
+ .L900000656:
+/* 0x00e4 */ sra %g2,0,%o0
+/* 0x00e8 */ add %g2,1,%g2
+/* 0x00ec */ sllx %o0,3,%o0
+/* 0x00f0 */ cmp %g2,%g1
+/* 0x00f4 */ std %f0,[%i3+%o0]
+/* 0x00f8 */ ble,a,pt %icc,.L900000656
+/* 0x00fc */ ldd [%o7],%f0
+ .L77000285:
+/* 0x0100 238 */ ldd [%i1],%f6
+ .L900000657:
+/* 0x0104 238 */ ldd [%i2],%f8
+/* 0x0108 242 */ cmp %o3,0
+/* 0x010c */ sub %o3,1,%o1
+/* 0x0110 239 */ ldd [%o7],%f10
+/* 0x0114 */ add %o3,1,%o2
+/* 0x0118 0 */ or %g0,0,%i2
+/* 0x011c 238 */ fmuld %f6,%f8,%f6
+/* 0x0120 */ std %f6,[%i3]
+/* 0x0124 0 */ or %g0,0,%g3
+/* 0x0128 239 */ ldd [%o5],%f8
+/* 0x012c 0 */ or %g0,%o2,%g1
+/* 0x0130 236 */ sub %l0,1,%i1
+/* 0x0134 239 */ ldd [%o4],%f12
+/* 0x0138 236 */ or %g0,1,%g4
+/* 0x013c */ fdtox %f6,%f0
+/* 0x0140 */ fmovs %f10,%f0
+/* 0x0144 */ fxtod %f0,%f6
+/* 0x0148 239 */ fmuld %f6,%f14,%f6
+/* 0x014c */ fmuld %f6,%f8,%f8
+/* 0x0150 */ fdtox %f8,%f8
+/* 0x0154 */ fxtod %f8,%f8
+/* 0x0158 */ fmuld %f8,%f12,%f8
+/* 0x015c */ fsubd %f6,%f8,%f20
+/* 0x0160 242 */ ble,pt %icc,.L900000650
+/* 0x0164 */ sllx %g5,3,%g2
+/* 0x0168 0 */ st %o1,[%sp+2223]
+/* 0x016c 246 */ ldd [%i5],%f6
+ .L900000651:
+/* 0x0170 246 */ sra %g4,0,%g2
+/* 0x0174 */ fmuld %f6,%f20,%f6
+/* 0x0178 */ ldd [%i3],%f12
+/* 0x017c */ sllx %g2,3,%g2
+/* 0x0180 */ ldd [%i4],%f8
+/* 0x0184 250 */ cmp %l0,1
+/* 0x0188 246 */ ldd [%l1+%g2],%f10
+/* 0x018c 244 */ sra %i2,0,%g2
+/* 0x0190 */ add %i2,1,%i0
+/* 0x0194 246 */ faddd %f12,%f6,%f6
+/* 0x0198 */ ldd [%o5],%f12
+/* 0x019c 244 */ sllx %g2,3,%g2
+/* 0x01a0 246 */ fmuld %f8,%f10,%f8
+/* 0x01a4 */ ldd [%i3+8],%f10
+/* 0x01a8 */ srl %i2,31,%o3
+/* 0x01ac 244 */ ldd [%l1+%g2],%f18
+/* 0x01b0 0 */ or %g0,1,%l5
+/* 0x01b4 236 */ or %g0,2,%g2
+/* 0x01b8 246 */ fmuld %f6,%f12,%f6
+/* 0x01bc 250 */ or %g0,32,%o1
+/* 0x01c0 */ or %g0,48,%o2
+/* 0x01c4 246 */ faddd %f10,%f8,%f8
+/* 0x01c8 */ faddd %f8,%f6,%f16
+/* 0x01cc 250 */ ble,pn %icc,.L77000213
+/* 0x01d0 */ std %f16,[%i3+8]
+/* 0x01d4 */ cmp %i1,8
+/* 0x01d8 */ sub %l0,3,%o3
+/* 0x01dc */ bl,pn %icc,.L77000284
+/* 0x01e0 */ or %g0,8,%o0
+/* 0x01e4 252 */ ldd [%i5+8],%f0
+/* 0x01e8 */ or %g0,6,%l5
+/* 0x01ec */ ldd [%i4+8],%f2
+/* 0x01f0 */ or %g0,4,%g2
+/* 0x01f4 250 */ or %g0,40,%o0
+/* 0x01f8 252 */ ldd [%i5+16],%f8
+/* 0x01fc */ fmuld %f0,%f20,%f10
+/* 0x0200 */ ldd [%i4+16],%f4
+/* 0x0204 */ fmuld %f2,%f18,%f2
+/* 0x0208 */ ldd [%i3+16],%f0
+/* 0x020c */ fmuld %f8,%f20,%f12
+/* 0x0210 */ ldd [%i4+24],%f6
+/* 0x0214 */ fmuld %f4,%f18,%f4
+/* 0x0218 */ ldd [%i5+24],%f8
+/* 0x021c */ faddd %f2,%f10,%f2
+/* 0x0220 */ ldd [%i4+32],%f14
+/* 0x0224 */ fmuld %f6,%f18,%f10
+/* 0x0228 */ ldd [%i5+32],%f6
+/* 0x022c */ faddd %f4,%f12,%f4
+/* 0x0230 */ ldd [%i4+40],%f12
+/* 0x0234 */ faddd %f0,%f2,%f0
+/* 0x0238 */ std %f0,[%i3+16]
+/* 0x023c */ ldd [%i3+32],%f0
+/* 0x0240 */ ldd [%i3+48],%f2
+ .L900000639:
+/* 0x0244 */ add %o2,16,%l6
+/* 0x0248 252 */ ldd [%i5+%o0],%f22
+/* 0x024c */ add %l5,3,%l5
+/* 0x0250 */ fmuld %f8,%f20,%f8
+/* 0x0254 250 */ add %o0,8,%o0
+/* 0x0258 252 */ ldd [%l6+%i3],%f26
+/* 0x025c */ cmp %l5,%o3
+/* 0x0260 */ ldd [%i4+%o0],%f24
+/* 0x0264 */ faddd %f0,%f4,%f0
+/* 0x0268 */ add %g2,6,%g2
+/* 0x026c */ faddd %f10,%f8,%f10
+/* 0x0270 */ fmuld %f14,%f18,%f4
+/* 0x0274 */ std %f0,[%o1+%i3]
+/* 0x0278 250 */ add %o2,32,%o1
+/* 0x027c 252 */ ldd [%i5+%o0],%f8
+/* 0x0280 */ fmuld %f6,%f20,%f6
+/* 0x0284 250 */ add %o0,8,%o0
+/* 0x0288 252 */ ldd [%o1+%i3],%f0
+/* 0x028c */ ldd [%i4+%o0],%f14
+/* 0x0290 */ faddd %f2,%f10,%f2
+/* 0x0294 */ faddd %f4,%f6,%f10
+/* 0x0298 */ fmuld %f12,%f18,%f4
+/* 0x029c */ std %f2,[%o2+%i3]
+/* 0x02a0 250 */ add %o2,48,%o2
+/* 0x02a4 252 */ ldd [%i5+%o0],%f6
+/* 0x02a8 */ fmuld %f22,%f20,%f22
+/* 0x02ac 250 */ add %o0,8,%o0
+/* 0x02b0 252 */ ldd [%o2+%i3],%f2
+/* 0x02b4 */ ldd [%i4+%o0],%f12
+/* 0x02b8 */ faddd %f26,%f10,%f10
+/* 0x02bc */ std %f10,[%l6+%i3]
+/* 0x02c0 */ fmuld %f24,%f18,%f10
+/* 0x02c4 */ ble,pt %icc,.L900000639
+/* 0x02c8 */ faddd %f4,%f22,%f4
+ .L900000642:
+/* 0x02cc 252 */ fmuld %f8,%f20,%f24
+/* 0x02d0 */ faddd %f0,%f4,%f8
+/* 0x02d4 250 */ add %o2,16,%o3
+/* 0x02d8 252 */ ldd [%o3+%i3],%f4
+/* 0x02dc */ fmuld %f14,%f18,%f0
+/* 0x02e0 */ cmp %l5,%i1
+/* 0x02e4 */ std %f8,[%o1+%i3]
+/* 0x02e8 */ fmuld %f12,%f18,%f8
+/* 0x02ec 250 */ add %o2,32,%o1
+/* 0x02f0 252 */ faddd %f10,%f24,%f12
+/* 0x02f4 */ ldd [%i5+%o0],%f22
+/* 0x02f8 */ fmuld %f6,%f20,%f6
+/* 0x02fc */ add %g2,8,%g2
+/* 0x0300 */ fmuld %f22,%f20,%f10
+/* 0x0304 */ faddd %f2,%f12,%f2
+/* 0x0308 */ faddd %f0,%f6,%f6
+/* 0x030c */ ldd [%o1+%i3],%f0
+/* 0x0310 */ std %f2,[%o2+%i3]
+/* 0x0314 */ faddd %f8,%f10,%f2
+/* 0x0318 */ sra %l5,0,%o2
+/* 0x031c */ sllx %o2,3,%o0
+/* 0x0320 */ faddd %f4,%f6,%f4
+/* 0x0324 */ std %f4,[%o3+%i3]
+/* 0x0328 */ faddd %f0,%f2,%f0
+/* 0x032c */ std %f0,[%o1+%i3]
+/* 0x0330 */ bg,a,pn %icc,.L77000213
+/* 0x0334 */ srl %i2,31,%o3
+ .L77000284:
+/* 0x0338 252 */ ldd [%i4+%o0],%f2
+ .L900000655:
+/* 0x033c 252 */ ldd [%i5+%o0],%f0
+/* 0x0340 */ fmuld %f2,%f18,%f2
+/* 0x0344 */ sra %g2,0,%o0
+/* 0x0348 */ sllx %o0,3,%o1
+/* 0x034c */ add %l5,1,%l5
+/* 0x0350 */ fmuld %f0,%f20,%f4
+/* 0x0354 */ ldd [%o1+%i3],%f0
+/* 0x0358 */ sra %l5,0,%o2
+/* 0x035c */ sllx %o2,3,%o0
+/* 0x0360 */ add %g2,2,%g2
+/* 0x0364 */ cmp %l5,%i1
+/* 0x0368 */ faddd %f2,%f4,%f2
+/* 0x036c */ faddd %f0,%f2,%f0
+/* 0x0370 */ std %f0,[%o1+%i3]
+/* 0x0374 */ ble,a,pt %icc,.L900000655
+/* 0x0378 */ ldd [%i4+%o0],%f2
+ .L900000626:
+/* 0x037c */ srl %i2,31,%o3
+/* 0x0380 252 */ ba .L900000654
+/* 0x0384 */ cmp %g3,30
+ .L77000213:
+/* 0x0388 254 */ cmp %g3,30
+ .L900000654:
+/* 0x038c */ add %i2,%o3,%o0
+/* 0x0390 254 */ bne,a,pt %icc,.L900000653
+/* 0x0394 */ fdtox %f16,%f0
+/* 0x0398 281 */ sra %o0,1,%g2
+/* 0x039c */ add %g2,1,%g2
+/* 0x03a0 */ ldd [%o7],%f0
+/* 0x03a4 */ sll %g2,1,%o1
+/* 0x03a8 */ sll %g1,1,%g2
+/* 0x03ac */ or %g0,%o1,%o2
+/* 0x03b0 */ fmovd %f0,%f2
+/* 0x03b4 */ or %g0,%g2,%o0
+/* 0x03b8 */ cmp %o1,%o0
+/* 0x03bc */ sub %g2,1,%o0
+/* 0x03c0 */ bge,pt %icc,.L77000215
+/* 0x03c4 */ or %g0,0,%g3
+/* 0x03c8 254 */ add %o1,1,%o1
+/* 0x03cc 281 */ sra %o2,0,%g2
+ .L900000652:
+/* 0x03d0 */ sllx %g2,3,%g2
+/* 0x03d4 */ ldd [%o7],%f6
+/* 0x03d8 */ add %o2,2,%o2
+/* 0x03dc */ sra %o1,0,%g3
+/* 0x03e0 */ ldd [%g2+%l4],%f8
+/* 0x03e4 */ cmp %o2,%o0
+/* 0x03e8 */ sllx %g3,3,%g3
+/* 0x03ec */ add %o1,2,%o1
+/* 0x03f0 */ ldd [%l4+%g3],%f10
+/* 0x03f4 */ fdtox %f8,%f12
+/* 0x03f8 */ fdtox %f10,%f4
+/* 0x03fc */ fmovd %f12,%f8
+/* 0x0400 */ fmovs %f6,%f12
+/* 0x0404 */ fmovs %f6,%f4
+/* 0x0408 */ fxtod %f12,%f6
+/* 0x040c */ fxtod %f4,%f12
+/* 0x0410 */ fdtox %f10,%f4
+/* 0x0414 */ faddd %f6,%f2,%f6
+/* 0x0418 */ std %f6,[%g2+%l4]
+/* 0x041c */ faddd %f12,%f0,%f6
+/* 0x0420 */ std %f6,[%l4+%g3]
+/* 0x0424 */ fitod %f8,%f2
+/* 0x0428 */ fitod %f4,%f0
+/* 0x042c */ ble,pt %icc,.L900000652
+/* 0x0430 */ sra %o2,0,%g2
+ .L77000233:
+/* 0x0434 */ or %g0,0,%g3
+ .L77000215:
+/* 0x0438 */ fdtox %f16,%f0
+ .L900000653:
+/* 0x043c 256 */ ldd [%o7],%f6
+/* 0x0440 */ add %g4,1,%g4
+/* 0x0444 */ or %g0,%i0,%i2
+/* 0x0448 */ ldd [%o5],%f8
+/* 0x044c */ add %g3,1,%g3
+/* 0x0450 */ add %i3,8,%i3
+/* 0x0454 */ fmovs %f6,%f0
+/* 0x0458 */ ldd [%o4],%f10
+/* 0x045c */ ld [%sp+2223],%o0
+/* 0x0460 */ fxtod %f0,%f6
+/* 0x0464 */ cmp %i0,%o0
+/* 0x0468 */ fmuld %f6,%f30,%f6
+/* 0x046c */ fmuld %f6,%f8,%f8
+/* 0x0470 */ fdtox %f8,%f8
+/* 0x0474 */ fxtod %f8,%f8
+/* 0x0478 */ fmuld %f8,%f10,%f8
+/* 0x047c */ fsubd %f6,%f8,%f20
+/* 0x0480 */ ble,a,pt %icc,.L900000651
+/* 0x0484 */ ldd [%i5],%f6
+ .L900000625:
+/* 0x0488 256 */ ba .L900000650
+/* 0x048c */ sllx %g5,3,%g2
+ .L77000279:
+/* 0x0490 261 */ ldd [%i1],%f4
+/* 0x0494 */ ldd [%i2],%f6
+/* 0x0498 273 */ std %f0,[%i3+8]
+/* 0x049c */ std %f0,[%i3+16]
+/* 0x04a0 261 */ fmuld %f4,%f6,%f6
+/* 0x04a4 */ std %f6,[%i3]
+/* 0x04a8 273 */ std %f0,[%i3+24]
+/* 0x04ac */ std %f0,[%i3+32]
+/* 0x04b0 */ fdtox %f6,%f2
+/* 0x04b4 */ std %f0,[%i3+40]
+/* 0x04b8 */ std %f0,[%i3+48]
+/* 0x04bc */ std %f0,[%i3+56]
+/* 0x04c0 */ std %f0,[%i3+64]
+/* 0x04c4 */ fmovs %f0,%f2
+/* 0x04c8 */ std %f0,[%i3+72]
+/* 0x04cc */ std %f0,[%i3+80]
+/* 0x04d0 */ std %f0,[%i3+88]
+/* 0x04d4 */ std %f0,[%i3+96]
+/* 0x04d8 */ std %f0,[%i3+104]
+/* 0x04dc */ std %f0,[%i3+112]
+/* 0x04e0 */ std %f0,[%i3+120]
+/* 0x04e4 */ std %f0,[%i3+128]
+/* 0x04e8 */ std %f0,[%i3+136]
+/* 0x04ec */ std %f0,[%i3+144]
+/* 0x04f0 */ std %f0,[%i3+152]
+/* 0x04f4 */ std %f0,[%i3+160]
+/* 0x04f8 */ std %f0,[%i3+168]
+/* 0x04fc */ fxtod %f2,%f6
+/* 0x0500 */ std %f0,[%i3+176]
+/* 0x0504 281 */ or %g0,1,%o2
+/* 0x0508 273 */ std %f0,[%i3+184]
+
+! 282 ! {
+! 284 ! m2j=pdm2[j];
+! 285 ! a=pdtj[0]+pdn_0*digit;
+! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
+
+/* 0x050c 286 */ sra %o2,0,%g2
+/* 0x0510 279 */ or %g0,%i3,%o3
+/* 0x0514 273 */ std %f0,[%i3+192]
+/* 0x0518 278 */ fmuld %f6,%f14,%f6
+/* 0x051c 281 */ or %g0,0,%g1
+/* 0x0520 273 */ std %f0,[%i3+200]
+/* 0x0524 */ std %f0,[%i3+208]
+/* 0x0528 */ std %f0,[%i3+216]
+/* 0x052c */ std %f0,[%i3+224]
+/* 0x0530 */ std %f0,[%i3+232]
+/* 0x0534 */ std %f0,[%i3+240]
+/* 0x0538 */ std %f0,[%i3+248]
+/* 0x053c */ std %f0,[%i3+256]
+/* 0x0540 */ std %f0,[%i3+264]
+/* 0x0544 */ std %f0,[%i3+272]
+/* 0x0548 */ std %f0,[%i3+280]
+/* 0x054c */ std %f0,[%i3+288]
+/* 0x0550 */ std %f0,[%i3+296]
+/* 0x0554 */ std %f0,[%i3+304]
+/* 0x0558 */ std %f0,[%i3+312]
+/* 0x055c */ std %f0,[%i3+320]
+/* 0x0560 */ std %f0,[%i3+328]
+/* 0x0564 */ std %f0,[%i3+336]
+/* 0x0568 */ std %f0,[%i3+344]
+/* 0x056c */ std %f0,[%i3+352]
+/* 0x0570 */ std %f0,[%i3+360]
+/* 0x0574 */ std %f0,[%i3+368]
+/* 0x0578 */ std %f0,[%i3+376]
+/* 0x057c */ std %f0,[%i3+384]
+/* 0x0580 */ std %f0,[%i3+392]
+/* 0x0584 */ std %f0,[%i3+400]
+/* 0x0588 */ std %f0,[%i3+408]
+/* 0x058c */ std %f0,[%i3+416]
+/* 0x0590 */ std %f0,[%i3+424]
+/* 0x0594 */ std %f0,[%i3+432]
+/* 0x0598 */ std %f0,[%i3+440]
+/* 0x059c */ std %f0,[%i3+448]
+/* 0x05a0 */ std %f0,[%i3+456]
+/* 0x05a4 */ std %f0,[%i3+464]
+/* 0x05a8 */ std %f0,[%i3+472]
+/* 0x05ac */ std %f0,[%i3+480]
+/* 0x05b0 */ std %f0,[%i3+488]
+/* 0x05b4 */ std %f0,[%i3+496]
+/* 0x05b8 278 */ ldd [%o5],%f8
+/* 0x05bc */ ldd [%o4],%f10
+/* 0x05c0 */ fmuld %f6,%f8,%f8
+/* 0x05c4 273 */ std %f0,[%i3+504]
+/* 0x05c8 */ std %f0,[%i3+512]
+/* 0x05cc */ std %f0,[%i3+520]
+/* 0x05d0 */ fdtox %f8,%f8
+/* 0x05d4 275 */ ldd [%o0],%f0
+/* 0x05d8 */ fxtod %f8,%f8
+/* 0x05dc */ fmuld %f8,%f10,%f8
+/* 0x05e0 */ fsubd %f6,%f8,%f2
+
+! 287 ! pdtj[1]=b;
+! 289 ! /**** this loop will be fully unrolled:
+! 290 ! for(i=1;i<16;i++)
+! 291 ! {
+! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
+! 293 ! }
+! 294 ! *************************************/
+! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
+! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
+! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
+! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
+! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
+! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
+! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
+! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
+! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
+! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
+! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
+! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
+! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
+! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
+! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
+! 310 ! /* no need for cleenup, cannot overflow */
+! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
+
+
+ fmovd %f2,%f0 ! hand modified
+ fmovd %f30,%f18 ! hand modified
+ ldd [%o0],%f2
+ ldd [%o3],%f8
+ ldd [%i1],%f10
+ ldd [%o5],%f14 ! hand modified
+ ldd [%o4],%f16 ! hand modified
+ ldd [%i2],%f24
+
+ ldd [%i1+8],%f26
+ ldd [%i1+16],%f40
+ ldd [%i1+48],%f46
+ ldd [%i1+56],%f30
+ ldd [%i1+64],%f54
+ ldd [%i1+104],%f34
+ ldd [%i1+112],%f58
+
+ ldd [%o0+8],%f28
+ ldd [%o0+104],%f38
+ ldd [%o0+112],%f60
+
+ .L99999999: !1
+ ldd [%i1+24],%f32
+ fmuld %f0,%f2,%f4 !2
+ ldd [%o0+24],%f36
+ fmuld %f26,%f24,%f20 !3
+ ldd [%i1+40],%f42
+ fmuld %f28,%f0,%f22 !4
+ ldd [%o0+40],%f44
+ fmuld %f32,%f24,%f32 !5
+ ldd [%i2+8],%f6
+ faddd %f4,%f8,%f4
+ fmuld %f36,%f0,%f36 !6
+ add %i2,8,%i2
+ ldd [%o0+56],%f50
+ fmuld %f42,%f24,%f42 !7
+ ldd [%i1+72],%f52
+ faddd %f20,%f22,%f20
+ fmuld %f44,%f0,%f44 !8
+ ldd [%o3+16],%f22
+ fmuld %f10,%f6,%f12 !9
+ ldd [%o0+72],%f56
+ faddd %f32,%f36,%f32
+ fmuld %f14,%f4,%f4 !10
+ ldd [%o3+48],%f36
+ fmuld %f30,%f24,%f48 !11
+ ldd [%o3+8],%f8
+ faddd %f20,%f22,%f20
+ fmuld %f50,%f0,%f50 !12
+ std %f20,[%o3+16]
+ faddd %f42,%f44,%f42
+ fmuld %f52,%f24,%f52 !13
+ ldd [%o3+80],%f44
+ faddd %f4,%f12,%f4
+ fmuld %f56,%f0,%f56 !14
+ ldd [%i1+88],%f20
+ faddd %f32,%f36,%f32 !15
+ ldd [%o0+88],%f22
+ faddd %f48,%f50,%f48 !16
+ ldd [%o3+112],%f50
+ faddd %f52,%f56,%f52 !17
+ ldd [%o3+144],%f56
+ faddd %f4,%f8,%f8
+ fmuld %f20,%f24,%f20 !18
+ std %f32,[%o3+48]
+ faddd %f42,%f44,%f42
+ fmuld %f22,%f0,%f22 !19
+ std %f42,[%o3+80]
+ faddd %f48,%f50,%f48
+ fmuld %f34,%f24,%f32 !20
+ std %f48,[%o3+112]
+ faddd %f52,%f56,%f52
+ fmuld %f38,%f0,%f36 !21
+ ldd [%i1+120],%f42
+ fdtox %f8,%f4 !22
+ std %f52,[%o3+144]
+ faddd %f20,%f22,%f20 !23
+ ldd [%o0+120],%f44 !24
+ ldd [%o3+176],%f22
+ faddd %f32,%f36,%f32
+ fmuld %f42,%f24,%f42 !25
+ ldd [%o0+16],%f50
+ fmovs %f17,%f4 !26
+ ldd [%i1+32],%f52
+ fmuld %f44,%f0,%f44 !27
+ ldd [%o0+32],%f56
+ fmuld %f40,%f24,%f48 !28
+ ldd [%o3+208],%f36
+ faddd %f20,%f22,%f20
+ fmuld %f50,%f0,%f50 !29
+ std %f20,[%o3+176]
+ fxtod %f4,%f4
+ fmuld %f52,%f24,%f52 !30
+ ldd [%o0+48],%f22
+ faddd %f42,%f44,%f42
+ fmuld %f56,%f0,%f56 !31
+ ldd [%o3+240],%f44
+ faddd %f32,%f36,%f32 !32
+ std %f32,[%o3+208]
+ faddd %f48,%f50,%f48
+ fmuld %f46,%f24,%f20 !33
+ ldd [%o3+32],%f50
+ fmuld %f4,%f18,%f12 !34
+ ldd [%o0+64],%f36
+ faddd %f52,%f56,%f52
+ fmuld %f22,%f0,%f22 !35
+ ldd [%o3+64],%f56
+ faddd %f42,%f44,%f42 !36
+ std %f42,[%o3+240]
+ faddd %f48,%f50,%f48
+ fmuld %f54,%f24,%f32 !37
+ std %f48,[%o3+32]
+ fmuld %f12,%f14,%f4 !38
+ ldd [%i1+80],%f42
+ faddd %f52,%f56,%f56 ! yes, tmp52!
+ fmuld %f36,%f0,%f36 !39
+ ldd [%o0+80],%f44
+ faddd %f20,%f22,%f20 !40
+ ldd [%i1+96],%f48
+ fmuld %f58,%f24,%f52 !41
+ ldd [%o0+96],%f50
+ fdtox %f4,%f4
+ fmuld %f42,%f24,%f42 !42
+ std %f56,[%o3+64] ! yes, tmp52!
+ faddd %f32,%f36,%f32
+ fmuld %f44,%f0,%f44 !43
+ ldd [%o3+96],%f22
+ fmuld %f48,%f24,%f48 !44
+ ldd [%o3+128],%f36
+ fmovd %f6,%f24
+ fmuld %f50,%f0,%f50 !45
+ fxtod %f4,%f4
+ fmuld %f60,%f0,%f56 !46
+ add %o3,8,%o3
+ faddd %f42,%f44,%f42 !47
+ ldd [%o3+160-8],%f44
+ faddd %f20,%f22,%f20 !48
+ std %f20,[%o3+96-8]
+ faddd %f48,%f50,%f48 !49
+ ldd [%o3+192-8],%f50
+ faddd %f52,%f56,%f52
+ fmuld %f4,%f16,%f4 !50
+ ldd [%o3+224-8],%f56
+ faddd %f32,%f36,%f32 !51
+ std %f32,[%o3+128-8]
+ faddd %f42,%f44,%f42 !52
+ add %g1,1,%g1
+ std %f42,[%o3+160-8]
+ faddd %f48,%f50,%f48 !53
+ cmp %g1,31
+ std %f48,[%o3+192-8]
+ fsubd %f12,%f4,%f0 !54
+ faddd %f52,%f56,%f52
+ ble,pt %icc,.L99999999
+ std %f52,[%o3+224-8] !55
+ std %f8,[%o3]
+! 312 ! }
+! 313 ! }
+! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
+
+/* 0x0844 315 */ sllx %g5,3,%g2
+ .L900000650:
+/* 0x0848 315 */ ldd [%g2+%l4],%f2
+/* 0x084c */ add %l4,%g2,%o0
+/* 0x0850 */ or %g0,0,%g1
+/* 0x0854 */ ldd [%o0+8],%f4
+/* 0x0858 */ or %g0,0,%i2
+/* 0x085c */ cmp %l0,0
+/* 0x0860 */ fdtox %f2,%f2
+/* 0x0864 */ std %f2,[%sp+2255]
+/* 0x0868 311 */ sethi %hi(0xfc00),%o3
+/* 0x086c 315 */ fdtox %f4,%f2
+/* 0x0870 */ std %f2,[%sp+2247]
+/* 0x0874 311 */ or %g0,-1,%o2
+/* 0x0878 */ srl %o2,0,%o5
+/* 0x087c */ or %g0,2,%g5
+/* 0x0880 */ sub %l0,1,%g3
+/* 0x0884 */ or %g0,%o0,%o7
+/* 0x0888 */ add %o3,1023,%o4
+/* 0x088c 315 */ or %g0,64,%o3
+/* 0x0890 */ ldx [%sp+2255],%i0
+/* 0x0894 */ sub %l0,2,%o1
+/* 0x0898 */ ldx [%sp+2247],%i1
+/* 0x089c */ ble,pt %icc,.L900000648
+/* 0x08a0 */ sethi %hi(0xfc00),%g2
+/* 0x08a4 */ cmp %l0,6
+/* 0x08a8 */ and %i0,%o5,%o2
+/* 0x08ac */ bl,pn %icc,.L77000287
+/* 0x08b0 */ or %g0,3,%g4
+/* 0x08b4 */ ldd [%o7+16],%f0
+/* 0x08b8 */ and %i1,%o4,%i3
+/* 0x08bc */ sllx %i3,16,%o0
+/* 0x08c0 */ or %g0,5,%g4
+/* 0x08c4 */ srax %i1,16,%i4
+/* 0x08c8 */ fdtox %f0,%f0
+/* 0x08cc */ std %f0,[%sp+2239]
+/* 0x08d0 */ srax %i0,32,%i1
+/* 0x08d4 */ add %o2,%o0,%i5
+/* 0x08d8 */ ldd [%o7+24],%f0
+/* 0x08dc */ and %i5,%o5,%l1
+/* 0x08e0 */ or %g0,72,%o2
+/* 0x08e4 */ or %g0,4,%o0
+/* 0x08e8 */ or %g0,4,%g5
+/* 0x08ec */ ldx [%sp+2239],%g1
+/* 0x08f0 */ fdtox %f0,%f0
+/* 0x08f4 */ or %g0,4,%i2
+/* 0x08f8 */ std %f0,[%sp+2231]
+/* 0x08fc */ ldd [%o7+40],%f2
+/* 0x0900 */ and %g1,%o5,%i3
+/* 0x0904 */ ldd [%o7+32],%f0
+/* 0x0908 */ srax %g1,32,%g1
+/* 0x090c */ ldd [%o7+56],%f4
+/* 0x0910 */ fdtox %f2,%f2
+/* 0x0914 */ ldx [%sp+2231],%g2
+/* 0x0918 */ fdtox %f0,%f0
+/* 0x091c */ st %l1,[%l2]
+/* 0x0920 */ srax %i5,32,%l1
+/* 0x0924 */ fdtox %f4,%f4
+/* 0x0928 */ std %f2,[%sp+2231]
+/* 0x092c */ and %g2,%o4,%i5
+/* 0x0930 */ add %i4,%l1,%i4
+/* 0x0934 */ std %f0,[%sp+2239]
+/* 0x0938 */ sllx %i5,16,%i0
+/* 0x093c */ add %i1,%i4,%i1
+/* 0x0940 */ ldd [%o7+48],%f2
+/* 0x0944 */ srax %g2,16,%g2
+/* 0x0948 */ add %i3,%i0,%i0
+/* 0x094c */ ldd [%o7+72],%f0
+/* 0x0950 */ add %i0,%i1,%i3
+/* 0x0954 */ srax %i3,32,%i4
+/* 0x0958 */ fdtox %f2,%f2
+/* 0x095c */ and %i3,%o5,%i3
+/* 0x0960 */ ldx [%sp+2231],%i1
+/* 0x0964 */ add %g2,%i4,%g2
+/* 0x0968 */ ldx [%sp+2239],%i0
+/* 0x096c */ add %g1,%g2,%g1
+/* 0x0970 */ std %f2,[%sp+2239]
+/* 0x0974 */ std %f4,[%sp+2231]
+/* 0x0978 */ ldd [%o7+64],%f2
+/* 0x097c */ st %i3,[%l2+4]
+ .L900000631:
+/* 0x0980 */ ldx [%sp+2231],%i3
+/* 0x0984 */ add %i2,2,%i2
+/* 0x0988 */ add %g4,4,%g4
+/* 0x098c */ ldx [%sp+2239],%i5
+/* 0x0990 */ add %o2,16,%o2
+/* 0x0994 */ and %i1,%o4,%g2
+/* 0x0998 */ sllx %g2,16,%i4
+/* 0x099c */ and %i0,%o5,%g2
+/* 0x09a0 */ ldd [%o7+%o2],%f4
+/* 0x09a4 */ fdtox %f0,%f0
+/* 0x09a8 */ std %f0,[%sp+2231]
+/* 0x09ac */ srax %i1,16,%i1
+/* 0x09b0 */ add %g2,%i4,%g2
+/* 0x09b4 */ fdtox %f2,%f0
+/* 0x09b8 */ add %o3,16,%o3
+/* 0x09bc */ std %f0,[%sp+2239]
+/* 0x09c0 */ add %g2,%g1,%g1
+/* 0x09c4 */ ldd [%o7+%o3],%f2
+/* 0x09c8 */ srax %g1,32,%i4
+/* 0x09cc */ cmp %i2,%o1
+/* 0x09d0 */ srax %i0,32,%g2
+/* 0x09d4 */ add %i1,%i4,%i0
+/* 0x09d8 */ add %g2,%i0,%i4
+/* 0x09dc */ add %o0,4,%o0
+/* 0x09e0 */ and %g1,%o5,%g2
+/* 0x09e4 */ or %g0,%i5,%g1
+/* 0x09e8 */ st %g2,[%l2+%o0]
+/* 0x09ec */ add %g5,4,%g5
+/* 0x09f0 */ ldx [%sp+2231],%i1
+/* 0x09f4 */ ldx [%sp+2239],%i0
+/* 0x09f8 */ add %o2,16,%o2
+/* 0x09fc */ and %i3,%o4,%g2
+/* 0x0a00 */ sllx %g2,16,%i5
+/* 0x0a04 */ and %g1,%o5,%g2
+/* 0x0a08 */ ldd [%o7+%o2],%f0
+/* 0x0a0c */ fdtox %f4,%f4
+/* 0x0a10 */ std %f4,[%sp+2231]
+/* 0x0a14 */ srax %i3,16,%i3
+/* 0x0a18 */ add %g2,%i5,%g2
+/* 0x0a1c */ fdtox %f2,%f2
+/* 0x0a20 */ add %o3,16,%o3
+/* 0x0a24 */ std %f2,[%sp+2239]
+/* 0x0a28 */ add %g2,%i4,%g2
+/* 0x0a2c */ ldd [%o7+%o3],%f2
+/* 0x0a30 */ srax %g2,32,%i4
+/* 0x0a34 */ srax %g1,32,%g1
+/* 0x0a38 */ add %i3,%i4,%i3
+/* 0x0a3c */ add %g1,%i3,%g1
+/* 0x0a40 */ add %o0,4,%o0
+/* 0x0a44 */ and %g2,%o5,%g2
+/* 0x0a48 */ ble,pt %icc,.L900000631
+/* 0x0a4c */ st %g2,[%l2+%o0]
+ .L900000634:
+/* 0x0a50 */ srax %i1,16,%i5
+/* 0x0a54 */ ldx [%sp+2231],%o1
+/* 0x0a58 */ and %i1,%o4,%i3
+/* 0x0a5c */ sllx %i3,16,%i3
+/* 0x0a60 */ ldx [%sp+2239],%i4
+/* 0x0a64 */ and %i0,%o5,%g2
+/* 0x0a68 */ add %g2,%i3,%g2
+/* 0x0a6c */ and %o1,%o4,%i3
+/* 0x0a70 */ fdtox %f0,%f4
+/* 0x0a74 */ sllx %i3,16,%i3
+/* 0x0a78 */ std %f4,[%sp+2231]
+/* 0x0a7c */ add %g2,%g1,%g2
+/* 0x0a80 */ srax %g2,32,%l1
+/* 0x0a84 */ and %i4,%o5,%i1
+/* 0x0a88 */ fdtox %f2,%f0
+/* 0x0a8c */ srax %i0,32,%g1
+/* 0x0a90 */ std %f0,[%sp+2239]
+/* 0x0a94 */ add %i5,%l1,%i0
+/* 0x0a98 */ srax %o1,16,%o1
+/* 0x0a9c */ add %g1,%i0,%i0
+/* 0x0aa0 */ add %o0,4,%g1
+/* 0x0aa4 */ add %i1,%i3,%o0
+/* 0x0aa8 */ and %g2,%o5,%g2
+/* 0x0aac */ st %g2,[%l2+%g1]
+/* 0x0ab0 */ add %o0,%i0,%o0
+/* 0x0ab4 */ srax %o0,32,%i3
+/* 0x0ab8 */ ldx [%sp+2231],%i1
+/* 0x0abc */ add %g1,4,%g1
+/* 0x0ac0 */ ldx [%sp+2239],%i0
+/* 0x0ac4 */ and %o0,%o5,%g2
+/* 0x0ac8 */ add %o1,%i3,%o1
+/* 0x0acc */ srax %i4,32,%o0
+/* 0x0ad0 */ cmp %i2,%g3
+/* 0x0ad4 */ st %g2,[%l2+%g1]
+/* 0x0ad8 */ bg,pn %icc,.L77000236
+/* 0x0adc */ add %o0,%o1,%g1
+/* 0x0ae0 */ add %g4,6,%g4
+/* 0x0ae4 */ add %g5,6,%g5
+ .L77000287:
+/* 0x0ae8 */ sra %g5,0,%o1
+ .L900000647:
+/* 0x0aec */ sllx %o1,3,%o2
+/* 0x0af0 */ and %i0,%o5,%o0
+/* 0x0af4 */ ldd [%o7+%o2],%f0
+/* 0x0af8 */ sra %g4,0,%o2
+/* 0x0afc */ and %i1,%o4,%o1
+/* 0x0b00 */ sllx %o2,3,%o2
+/* 0x0b04 */ add %g1,%o0,%o0
+/* 0x0b08 */ fdtox %f0,%f0
+/* 0x0b0c */ std %f0,[%sp+2239]
+/* 0x0b10 */ sllx %o1,16,%o1
+/* 0x0b14 */ add %o0,%o1,%o1
+/* 0x0b18 */ add %g5,2,%g5
+/* 0x0b1c */ ldd [%o7+%o2],%f0
+/* 0x0b20 */ srax %o1,32,%g1
+/* 0x0b24 */ and %o1,%o5,%o2
+/* 0x0b28 */ srax %i1,16,%o0
+/* 0x0b2c */ add %g4,2,%g4
+/* 0x0b30 */ fdtox %f0,%f0
+/* 0x0b34 */ std %f0,[%sp+2231]
+/* 0x0b38 */ sra %i2,0,%o1
+/* 0x0b3c */ sllx %o1,2,%o1
+/* 0x0b40 */ add %o0,%g1,%g2
+/* 0x0b44 */ srax %i0,32,%g1
+/* 0x0b48 */ add %i2,1,%i2
+/* 0x0b4c */ add %g1,%g2,%g1
+/* 0x0b50 */ cmp %i2,%g3
+/* 0x0b54 */ ldx [%sp+2239],%o3
+/* 0x0b58 */ ldx [%sp+2231],%i1
+/* 0x0b5c */ st %o2,[%l2+%o1]
+/* 0x0b60 */ or %g0,%o3,%i0
+/* 0x0b64 */ ble,pt %icc,.L900000647
+/* 0x0b68 */ sra %g5,0,%o1
+ .L77000236:
+/* 0x0b6c */ sethi %hi(0xfc00),%g2
+ .L900000648:
+/* 0x0b70 */ or %g0,-1,%o0
+/* 0x0b74 */ add %g2,1023,%g2
+/* 0x0b78 */ srl %o0,0,%g3
+/* 0x0b7c */ and %i1,%g2,%g2
+/* 0x0b80 */ and %i0,%g3,%g4
+/* 0x0b84 */ sllx %g2,16,%g2
+/* 0x0b88 */ add %g1,%g4,%g4
+/* 0x0b8c */ sra %i2,0,%g5
+/* 0x0b90 */ add %g4,%g2,%g4
+/* 0x0b94 */ sllx %g5,2,%g2
+/* 0x0b98 */ and %g4,%g3,%g3
+/* 0x0b9c */ st %g3,[%l2+%g2]
+
+! 317 ! adjust_montf_result(result,nint,nlen);
+
+/* 0x0ba0 317 */ sra %l0,0,%g4
+/* 0x0ba4 */ sllx %g4,2,%g2
+/* 0x0ba8 */ ld [%l2+%g2],%g2
+/* 0x0bac */ cmp %g2,0
+/* 0x0bb0 */ bleu,pn %icc,.L77000241
+/* 0x0bb4 */ or %g0,-1,%o1
+/* 0x0bb8 */ ba .L900000646
+/* 0x0bbc */ cmp %o1,0
+ .L77000241:
+/* 0x0bc0 */ sub %l0,1,%o1
+/* 0x0bc4 */ cmp %o1,0
+/* 0x0bc8 */ bl,pn %icc,.L77000244
+/* 0x0bcc */ sra %o1,0,%g2
+ .L900000645:
+/* 0x0bd0 */ sllx %g2,2,%g2
+/* 0x0bd4 */ sub %o1,1,%o0
+/* 0x0bd8 */ ld [%l3+%g2],%g3
+/* 0x0bdc */ ld [%l2+%g2],%g2
+/* 0x0be0 */ cmp %g2,%g3
+/* 0x0be4 */ bne,pn %icc,.L77000244
+/* 0x0be8 */ nop
+/* 0x0bec 0 */ or %g0,%o0,%o1
+/* 0x0bf0 317 */ cmp %o0,0
+/* 0x0bf4 */ bge,pt %icc,.L900000645
+/* 0x0bf8 */ sra %o1,0,%g2
+ .L77000244:
+/* 0x0bfc */ cmp %o1,0
+ .L900000646:
+/* 0x0c00 */ bl,pn %icc,.L77000288
+/* 0x0c04 */ sra %o1,0,%g2
+/* 0x0c08 */ sllx %g2,2,%g2
+/* 0x0c0c */ ld [%l3+%g2],%g3
+/* 0x0c10 */ ld [%l2+%g2],%g2
+/* 0x0c14 */ cmp %g2,%g3
+/* 0x0c18 */ bleu,pt %icc,.L77000224
+/* 0x0c1c */ nop
+ .L77000288:
+/* 0x0c20 */ cmp %l0,0
+/* 0x0c24 */ ble,pt %icc,.L77000224
+/* 0x0c28 */ nop
+/* 0x0c2c 317 */ or %g0,-1,%g2
+/* 0x0c30 315 */ or %g0,0,%i0
+/* 0x0c34 317 */ srl %g2,0,%g2
+/* 0x0c38 315 */ or %g0,0,%g4
+/* 0x0c3c */ or %g0,0,%o1
+/* 0x0c40 317 */ sub %l0,1,%g5
+/* 0x0c44 */ cmp %l0,9
+/* 0x0c48 315 */ or %g0,8,%o5
+/* 0x0c4c */ bl,pn %icc,.L77000289
+/* 0x0c50 */ sub %l0,4,%o7
+/* 0x0c54 */ ld [%l2],%o1
+/* 0x0c58 */ or %g0,5,%i0
+/* 0x0c5c */ ld [%l3],%o2
+/* 0x0c60 */ or %g0,12,%o4
+/* 0x0c64 */ or %g0,16,%g1
+/* 0x0c68 */ ld [%l3+4],%o3
+/* 0x0c6c */ ld [%l2+4],%o0
+/* 0x0c70 */ sub %o1,%o2,%o1
+/* 0x0c74 */ ld [%l3+8],%i1
+/* 0x0c78 */ and %o1,%g2,%g4
+/* 0x0c7c */ st %g4,[%l2]
+/* 0x0c80 */ srax %o1,32,%g4
+/* 0x0c84 */ sub %o0,%o3,%o0
+/* 0x0c88 */ ld [%l3+12],%o2
+/* 0x0c8c */ add %o0,%g4,%o0
+/* 0x0c90 */ and %o0,%g2,%g4
+/* 0x0c94 */ st %g4,[%l2+4]
+/* 0x0c98 */ srax %o0,32,%o0
+/* 0x0c9c */ ld [%l2+8],%o1
+/* 0x0ca0 */ ld [%l2+12],%o3
+/* 0x0ca4 */ sub %o1,%i1,%o1
+ .L900000635:
+/* 0x0ca8 */ add %g1,4,%g3
+/* 0x0cac */ ld [%g1+%l2],%g4
+/* 0x0cb0 */ add %o1,%o0,%o0
+/* 0x0cb4 */ ld [%l3+%g1],%i1
+/* 0x0cb8 */ sub %o3,%o2,%o1
+/* 0x0cbc */ and %o0,%g2,%o2
+/* 0x0cc0 */ st %o2,[%o5+%l2]
+/* 0x0cc4 */ srax %o0,32,%o2
+/* 0x0cc8 */ add %i0,4,%i0
+/* 0x0ccc */ add %g1,8,%o5
+/* 0x0cd0 */ ld [%g3+%l2],%o0
+/* 0x0cd4 */ add %o1,%o2,%o1
+/* 0x0cd8 */ ld [%l3+%g3],%o3
+/* 0x0cdc */ sub %g4,%i1,%o2
+/* 0x0ce0 */ and %o1,%g2,%g4
+/* 0x0ce4 */ st %g4,[%o4+%l2]
+/* 0x0ce8 */ srax %o1,32,%g4
+/* 0x0cec */ cmp %i0,%o7
+/* 0x0cf0 */ add %g1,12,%o4
+/* 0x0cf4 */ ld [%o5+%l2],%o1
+/* 0x0cf8 */ add %o2,%g4,%o2
+/* 0x0cfc */ ld [%l3+%o5],%i1
+/* 0x0d00 */ sub %o0,%o3,%o0
+/* 0x0d04 */ and %o2,%g2,%o3
+/* 0x0d08 */ st %o3,[%g1+%l2]
+/* 0x0d0c */ srax %o2,32,%g4
+/* 0x0d10 */ ld [%o4+%l2],%o3
+/* 0x0d14 */ add %g1,16,%g1
+/* 0x0d18 */ add %o0,%g4,%o0
+/* 0x0d1c */ ld [%l3+%o4],%o2
+/* 0x0d20 */ sub %o1,%i1,%o1
+/* 0x0d24 */ and %o0,%g2,%g4
+/* 0x0d28 */ st %g4,[%g3+%l2]
+/* 0x0d2c */ ble,pt %icc,.L900000635
+/* 0x0d30 */ srax %o0,32,%o0
+ .L900000638:
+/* 0x0d34 */ add %o1,%o0,%g3
+/* 0x0d38 */ sub %o3,%o2,%o1
+/* 0x0d3c */ ld [%g1+%l2],%o0
+/* 0x0d40 */ ld [%l3+%g1],%o2
+/* 0x0d44 */ srax %g3,32,%o7
+/* 0x0d48 */ and %g3,%g2,%o3
+/* 0x0d4c */ add %o1,%o7,%o1
+/* 0x0d50 */ st %o3,[%o5+%l2]
+/* 0x0d54 */ cmp %i0,%g5
+/* 0x0d58 */ sub %o0,%o2,%o0
+/* 0x0d5c */ and %o1,%g2,%o2
+/* 0x0d60 */ st %o2,[%o4+%l2]
+/* 0x0d64 */ srax %o1,32,%o1
+/* 0x0d68 */ sra %i0,0,%o2
+/* 0x0d6c */ add %o0,%o1,%o0
+/* 0x0d70 */ srax %o0,32,%g4
+/* 0x0d74 */ and %o0,%g2,%o1
+/* 0x0d78 */ st %o1,[%g1+%l2]
+/* 0x0d7c */ bg,pn %icc,.L77000224
+/* 0x0d80 */ sllx %o2,2,%o1
+ .L77000289:
+/* 0x0d84 0 */ or %g0,%o1,%g1
+ .L900000644:
+/* 0x0d88 */ ld [%o1+%l2],%o0
+/* 0x0d8c */ add %i0,1,%i0
+/* 0x0d90 */ ld [%l3+%o1],%o1
+/* 0x0d94 */ sra %i0,0,%o2
+/* 0x0d98 */ cmp %i0,%g5
+/* 0x0d9c */ add %g4,%o0,%o0
+/* 0x0da0 */ sub %o0,%o1,%o0
+/* 0x0da4 */ srax %o0,32,%g4
+/* 0x0da8 */ and %o0,%g2,%o1
+/* 0x0dac */ st %o1,[%g1+%l2]
+/* 0x0db0 */ sllx %o2,2,%o1
+/* 0x0db4 */ ble,pt %icc,.L900000644
+/* 0x0db8 */ or %g0,%o1,%g1
+ .L77000224:
+/* 0x0dbc */ ret ! Result =
+/* 0x0dc0 */ restore %g0,%g0,%g0
+/* 0x0dc4 0 */ .type mont_mulf_noconv,2
+/* 0x0dc4 */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
+
diff --git a/security/nss/lib/freebl/mpi/mp_comba.c b/security/nss/lib/freebl/mpi/mp_comba.c
new file mode 100644
index 000000000..3b4937b98
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mp_comba.c
@@ -0,0 +1,3235 @@
+/*
+ * The below file is derived from TFM v0.03.
+ * It contains code from fp_mul_comba.c and
+ * fp_sqr_comba.c, which contained the following license.
+ *
+ * Right now, the assembly in this file limits
+ * this code to AMD 64.
+ *
+ * This file is public domain.
+ */
+
+/* TomsFastMath, a fast ISO C bignum library.
+ *
+ * This project is meant to fill in where LibTomMath
+ * falls short. That is speed ;-)
+ *
+ * This project is public domain and free for all purposes.
+ *
+ * Tom St Denis, tomstdenis@iahu.ca
+ */
+
+#include "mpi-priv.h"
+
+/* clamp digits */
+#define mp_clamp(a) \
+ { \
+ while ((a)->used && (a)->dp[(a)->used - 1] == 0) \
+ --((a)->used); \
+ (a)->sign = (a)->used ? (a)->sign : ZPOS; \
+ }
+
+/* anything you need at the start */
+#define COMBA_START
+
+/* clear the chaining variables */
+#define COMBA_CLEAR \
+ c0 = c1 = c2 = 0;
+
+/* forward the carry to the next digit */
+#define COMBA_FORWARD \
+ do { \
+ c0 = c1; \
+ c1 = c2; \
+ c2 = 0; \
+ } while (0);
+
+/* anything you need at the end */
+#define COMBA_FINI
+
+/* this should multiply i and j */
+#define MULADD(i, j) \
+ __asm__( \
+ "movq %6,%%rax \n\t" \
+ "mulq %7 \n\t" \
+ "addq %%rax,%0 \n\t" \
+ "adcq %%rdx,%1 \n\t" \
+ "adcq $0,%2 \n\t" \
+ : "=r"(c0), "=r"(c1), "=r"(c2) \
+ : "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) \
+ : "%rax", "%rdx", "cc");
+
+/* sqr macros only */
+#define CLEAR_CARRY \
+ c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+ x = c0;
+
+#define COMBA_STORE2(x) \
+ x = c1;
+
+#define CARRY_FORWARD \
+ do { \
+ c0 = c1; \
+ c1 = c2; \
+ c2 = 0; \
+ } while (0);
+
+#define COMBA_FINI
+
+#define SQRADD(i, j) \
+ __asm__( \
+ "movq %6,%%rax \n\t" \
+ "mulq %%rax \n\t" \
+ "addq %%rax,%0 \n\t" \
+ "adcq %%rdx,%1 \n\t" \
+ "adcq $0,%2 \n\t" \
+ : "=r"(c0), "=r"(c1), "=r"(c2) \
+ : "0"(c0), "1"(c1), "2"(c2), "g"(i) \
+ : "%rax", "%rdx", "cc");
+
+#define SQRADD2(i, j) \
+ __asm__( \
+ "movq %6,%%rax \n\t" \
+ "mulq %7 \n\t" \
+ "addq %%rax,%0 \n\t" \
+ "adcq %%rdx,%1 \n\t" \
+ "adcq $0,%2 \n\t" \
+ "addq %%rax,%0 \n\t" \
+ "adcq %%rdx,%1 \n\t" \
+ "adcq $0,%2 \n\t" \
+ : "=r"(c0), "=r"(c1), "=r"(c2) \
+ : "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) \
+ : "%rax", "%rdx", "cc");
+
+#define SQRADDSC(i, j) \
+ __asm__( \
+ "movq %3,%%rax \n\t" \
+ "mulq %4 \n\t" \
+ "movq %%rax,%0 \n\t" \
+ "movq %%rdx,%1 \n\t" \
+ "xorq %2,%2 \n\t" \
+ : "=r"(sc0), "=r"(sc1), "=r"(sc2) \
+ : "g"(i), "g"(j) \
+ : "%rax", "%rdx", "cc");
+
+#define SQRADDAC(i, j) \
+ __asm__( \
+ "movq %6,%%rax \n\t" \
+ "mulq %7 \n\t" \
+ "addq %%rax,%0 \n\t" \
+ "adcq %%rdx,%1 \n\t" \
+ "adcq $0,%2 \n\t" \
+ : "=r"(sc0), "=r"(sc1), "=r"(sc2) \
+ : "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) \
+ : "%rax", "%rdx", "cc");
+
+#define SQRADDDB \
+ __asm__( \
+ "addq %6,%0 \n\t" \
+ "adcq %7,%1 \n\t" \
+ "adcq %8,%2 \n\t" \
+ "addq %6,%0 \n\t" \
+ "adcq %7,%1 \n\t" \
+ "adcq %8,%2 \n\t" \
+ : "=&r"(c0), "=&r"(c1), "=&r"(c2) \
+ : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) \
+ : "cc");
+
+void
+s_mp_mul_comba_4(const mp_int *A, const mp_int *B, mp_int *C)
+{
+ mp_digit c0, c1, c2, at[8];
+
+ memcpy(at, A->dp, 4 * sizeof(mp_digit));
+ memcpy(at + 4, B->dp, 4 * sizeof(mp_digit));
+ COMBA_START;
+
+ COMBA_CLEAR;
+ /* 0 */
+ MULADD(at[0], at[4]);
+ COMBA_STORE(C->dp[0]);
+ /* 1 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[5]);
+ MULADD(at[1], at[4]);
+ COMBA_STORE(C->dp[1]);
+ /* 2 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[6]);
+ MULADD(at[1], at[5]);
+ MULADD(at[2], at[4]);
+ COMBA_STORE(C->dp[2]);
+ /* 3 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[7]);
+ MULADD(at[1], at[6]);
+ MULADD(at[2], at[5]);
+ MULADD(at[3], at[4]);
+ COMBA_STORE(C->dp[3]);
+ /* 4 */
+ COMBA_FORWARD;
+ MULADD(at[1], at[7]);
+ MULADD(at[2], at[6]);
+ MULADD(at[3], at[5]);
+ COMBA_STORE(C->dp[4]);
+ /* 5 */
+ COMBA_FORWARD;
+ MULADD(at[2], at[7]);
+ MULADD(at[3], at[6]);
+ COMBA_STORE(C->dp[5]);
+ /* 6 */
+ COMBA_FORWARD;
+ MULADD(at[3], at[7]);
+ COMBA_STORE(C->dp[6]);
+ COMBA_STORE2(C->dp[7]);
+ C->used = 8;
+ C->sign = A->sign ^ B->sign;
+ mp_clamp(C);
+ COMBA_FINI;
+}
+
+void
+s_mp_mul_comba_8(const mp_int *A, const mp_int *B, mp_int *C)
+{
+ mp_digit c0, c1, c2, at[16];
+
+ memcpy(at, A->dp, 8 * sizeof(mp_digit));
+ memcpy(at + 8, B->dp, 8 * sizeof(mp_digit));
+ COMBA_START;
+
+ COMBA_CLEAR;
+ /* 0 */
+ MULADD(at[0], at[8]);
+ COMBA_STORE(C->dp[0]);
+ /* 1 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[9]);
+ MULADD(at[1], at[8]);
+ COMBA_STORE(C->dp[1]);
+ /* 2 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[10]);
+ MULADD(at[1], at[9]);
+ MULADD(at[2], at[8]);
+ COMBA_STORE(C->dp[2]);
+ /* 3 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[11]);
+ MULADD(at[1], at[10]);
+ MULADD(at[2], at[9]);
+ MULADD(at[3], at[8]);
+ COMBA_STORE(C->dp[3]);
+ /* 4 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[12]);
+ MULADD(at[1], at[11]);
+ MULADD(at[2], at[10]);
+ MULADD(at[3], at[9]);
+ MULADD(at[4], at[8]);
+ COMBA_STORE(C->dp[4]);
+ /* 5 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[13]);
+ MULADD(at[1], at[12]);
+ MULADD(at[2], at[11]);
+ MULADD(at[3], at[10]);
+ MULADD(at[4], at[9]);
+ MULADD(at[5], at[8]);
+ COMBA_STORE(C->dp[5]);
+ /* 6 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[14]);
+ MULADD(at[1], at[13]);
+ MULADD(at[2], at[12]);
+ MULADD(at[3], at[11]);
+ MULADD(at[4], at[10]);
+ MULADD(at[5], at[9]);
+ MULADD(at[6], at[8]);
+ COMBA_STORE(C->dp[6]);
+ /* 7 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[15]);
+ MULADD(at[1], at[14]);
+ MULADD(at[2], at[13]);
+ MULADD(at[3], at[12]);
+ MULADD(at[4], at[11]);
+ MULADD(at[5], at[10]);
+ MULADD(at[6], at[9]);
+ MULADD(at[7], at[8]);
+ COMBA_STORE(C->dp[7]);
+ /* 8 */
+ COMBA_FORWARD;
+ MULADD(at[1], at[15]);
+ MULADD(at[2], at[14]);
+ MULADD(at[3], at[13]);
+ MULADD(at[4], at[12]);
+ MULADD(at[5], at[11]);
+ MULADD(at[6], at[10]);
+ MULADD(at[7], at[9]);
+ COMBA_STORE(C->dp[8]);
+ /* 9 */
+ COMBA_FORWARD;
+ MULADD(at[2], at[15]);
+ MULADD(at[3], at[14]);
+ MULADD(at[4], at[13]);
+ MULADD(at[5], at[12]);
+ MULADD(at[6], at[11]);
+ MULADD(at[7], at[10]);
+ COMBA_STORE(C->dp[9]);
+ /* 10 */
+ COMBA_FORWARD;
+ MULADD(at[3], at[15]);
+ MULADD(at[4], at[14]);
+ MULADD(at[5], at[13]);
+ MULADD(at[6], at[12]);
+ MULADD(at[7], at[11]);
+ COMBA_STORE(C->dp[10]);
+ /* 11 */
+ COMBA_FORWARD;
+ MULADD(at[4], at[15]);
+ MULADD(at[5], at[14]);
+ MULADD(at[6], at[13]);
+ MULADD(at[7], at[12]);
+ COMBA_STORE(C->dp[11]);
+ /* 12 */
+ COMBA_FORWARD;
+ MULADD(at[5], at[15]);
+ MULADD(at[6], at[14]);
+ MULADD(at[7], at[13]);
+ COMBA_STORE(C->dp[12]);
+ /* 13 */
+ COMBA_FORWARD;
+ MULADD(at[6], at[15]);
+ MULADD(at[7], at[14]);
+ COMBA_STORE(C->dp[13]);
+ /* 14 */
+ COMBA_FORWARD;
+ MULADD(at[7], at[15]);
+ COMBA_STORE(C->dp[14]);
+ COMBA_STORE2(C->dp[15]);
+ C->used = 16;
+ C->sign = A->sign ^ B->sign;
+ mp_clamp(C);
+ COMBA_FINI;
+}
+
+void
+s_mp_mul_comba_16(const mp_int *A, const mp_int *B, mp_int *C)
+{
+ mp_digit c0, c1, c2, at[32];
+
+ memcpy(at, A->dp, 16 * sizeof(mp_digit));
+ memcpy(at + 16, B->dp, 16 * sizeof(mp_digit));
+ COMBA_START;
+
+ COMBA_CLEAR;
+ /* 0 */
+ MULADD(at[0], at[16]);
+ COMBA_STORE(C->dp[0]);
+ /* 1 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[17]);
+ MULADD(at[1], at[16]);
+ COMBA_STORE(C->dp[1]);
+ /* 2 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[18]);
+ MULADD(at[1], at[17]);
+ MULADD(at[2], at[16]);
+ COMBA_STORE(C->dp[2]);
+ /* 3 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[19]);
+ MULADD(at[1], at[18]);
+ MULADD(at[2], at[17]);
+ MULADD(at[3], at[16]);
+ COMBA_STORE(C->dp[3]);
+ /* 4 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[20]);
+ MULADD(at[1], at[19]);
+ MULADD(at[2], at[18]);
+ MULADD(at[3], at[17]);
+ MULADD(at[4], at[16]);
+ COMBA_STORE(C->dp[4]);
+ /* 5 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[21]);
+ MULADD(at[1], at[20]);
+ MULADD(at[2], at[19]);
+ MULADD(at[3], at[18]);
+ MULADD(at[4], at[17]);
+ MULADD(at[5], at[16]);
+ COMBA_STORE(C->dp[5]);
+ /* 6 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[22]);
+ MULADD(at[1], at[21]);
+ MULADD(at[2], at[20]);
+ MULADD(at[3], at[19]);
+ MULADD(at[4], at[18]);
+ MULADD(at[5], at[17]);
+ MULADD(at[6], at[16]);
+ COMBA_STORE(C->dp[6]);
+ /* 7 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[23]);
+ MULADD(at[1], at[22]);
+ MULADD(at[2], at[21]);
+ MULADD(at[3], at[20]);
+ MULADD(at[4], at[19]);
+ MULADD(at[5], at[18]);
+ MULADD(at[6], at[17]);
+ MULADD(at[7], at[16]);
+ COMBA_STORE(C->dp[7]);
+ /* 8 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[24]);
+ MULADD(at[1], at[23]);
+ MULADD(at[2], at[22]);
+ MULADD(at[3], at[21]);
+ MULADD(at[4], at[20]);
+ MULADD(at[5], at[19]);
+ MULADD(at[6], at[18]);
+ MULADD(at[7], at[17]);
+ MULADD(at[8], at[16]);
+ COMBA_STORE(C->dp[8]);
+ /* 9 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[25]);
+ MULADD(at[1], at[24]);
+ MULADD(at[2], at[23]);
+ MULADD(at[3], at[22]);
+ MULADD(at[4], at[21]);
+ MULADD(at[5], at[20]);
+ MULADD(at[6], at[19]);
+ MULADD(at[7], at[18]);
+ MULADD(at[8], at[17]);
+ MULADD(at[9], at[16]);
+ COMBA_STORE(C->dp[9]);
+ /* 10 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[26]);
+ MULADD(at[1], at[25]);
+ MULADD(at[2], at[24]);
+ MULADD(at[3], at[23]);
+ MULADD(at[4], at[22]);
+ MULADD(at[5], at[21]);
+ MULADD(at[6], at[20]);
+ MULADD(at[7], at[19]);
+ MULADD(at[8], at[18]);
+ MULADD(at[9], at[17]);
+ MULADD(at[10], at[16]);
+ COMBA_STORE(C->dp[10]);
+ /* 11 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[27]);
+ MULADD(at[1], at[26]);
+ MULADD(at[2], at[25]);
+ MULADD(at[3], at[24]);
+ MULADD(at[4], at[23]);
+ MULADD(at[5], at[22]);
+ MULADD(at[6], at[21]);
+ MULADD(at[7], at[20]);
+ MULADD(at[8], at[19]);
+ MULADD(at[9], at[18]);
+ MULADD(at[10], at[17]);
+ MULADD(at[11], at[16]);
+ COMBA_STORE(C->dp[11]);
+ /* 12 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[28]);
+ MULADD(at[1], at[27]);
+ MULADD(at[2], at[26]);
+ MULADD(at[3], at[25]);
+ MULADD(at[4], at[24]);
+ MULADD(at[5], at[23]);
+ MULADD(at[6], at[22]);
+ MULADD(at[7], at[21]);
+ MULADD(at[8], at[20]);
+ MULADD(at[9], at[19]);
+ MULADD(at[10], at[18]);
+ MULADD(at[11], at[17]);
+ MULADD(at[12], at[16]);
+ COMBA_STORE(C->dp[12]);
+ /* 13 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[29]);
+ MULADD(at[1], at[28]);
+ MULADD(at[2], at[27]);
+ MULADD(at[3], at[26]);
+ MULADD(at[4], at[25]);
+ MULADD(at[5], at[24]);
+ MULADD(at[6], at[23]);
+ MULADD(at[7], at[22]);
+ MULADD(at[8], at[21]);
+ MULADD(at[9], at[20]);
+ MULADD(at[10], at[19]);
+ MULADD(at[11], at[18]);
+ MULADD(at[12], at[17]);
+ MULADD(at[13], at[16]);
+ COMBA_STORE(C->dp[13]);
+ /* 14 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[30]);
+ MULADD(at[1], at[29]);
+ MULADD(at[2], at[28]);
+ MULADD(at[3], at[27]);
+ MULADD(at[4], at[26]);
+ MULADD(at[5], at[25]);
+ MULADD(at[6], at[24]);
+ MULADD(at[7], at[23]);
+ MULADD(at[8], at[22]);
+ MULADD(at[9], at[21]);
+ MULADD(at[10], at[20]);
+ MULADD(at[11], at[19]);
+ MULADD(at[12], at[18]);
+ MULADD(at[13], at[17]);
+ MULADD(at[14], at[16]);
+ COMBA_STORE(C->dp[14]);
+ /* 15 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[31]);
+ MULADD(at[1], at[30]);
+ MULADD(at[2], at[29]);
+ MULADD(at[3], at[28]);
+ MULADD(at[4], at[27]);
+ MULADD(at[5], at[26]);
+ MULADD(at[6], at[25]);
+ MULADD(at[7], at[24]);
+ MULADD(at[8], at[23]);
+ MULADD(at[9], at[22]);
+ MULADD(at[10], at[21]);
+ MULADD(at[11], at[20]);
+ MULADD(at[12], at[19]);
+ MULADD(at[13], at[18]);
+ MULADD(at[14], at[17]);
+ MULADD(at[15], at[16]);
+ COMBA_STORE(C->dp[15]);
+ /* 16 */
+ COMBA_FORWARD;
+ MULADD(at[1], at[31]);
+ MULADD(at[2], at[30]);
+ MULADD(at[3], at[29]);
+ MULADD(at[4], at[28]);
+ MULADD(at[5], at[27]);
+ MULADD(at[6], at[26]);
+ MULADD(at[7], at[25]);
+ MULADD(at[8], at[24]);
+ MULADD(at[9], at[23]);
+ MULADD(at[10], at[22]);
+ MULADD(at[11], at[21]);
+ MULADD(at[12], at[20]);
+ MULADD(at[13], at[19]);
+ MULADD(at[14], at[18]);
+ MULADD(at[15], at[17]);
+ COMBA_STORE(C->dp[16]);
+ /* 17 */
+ COMBA_FORWARD;
+ MULADD(at[2], at[31]);
+ MULADD(at[3], at[30]);
+ MULADD(at[4], at[29]);
+ MULADD(at[5], at[28]);
+ MULADD(at[6], at[27]);
+ MULADD(at[7], at[26]);
+ MULADD(at[8], at[25]);
+ MULADD(at[9], at[24]);
+ MULADD(at[10], at[23]);
+ MULADD(at[11], at[22]);
+ MULADD(at[12], at[21]);
+ MULADD(at[13], at[20]);
+ MULADD(at[14], at[19]);
+ MULADD(at[15], at[18]);
+ COMBA_STORE(C->dp[17]);
+ /* 18 */
+ COMBA_FORWARD;
+ MULADD(at[3], at[31]);
+ MULADD(at[4], at[30]);
+ MULADD(at[5], at[29]);
+ MULADD(at[6], at[28]);
+ MULADD(at[7], at[27]);
+ MULADD(at[8], at[26]);
+ MULADD(at[9], at[25]);
+ MULADD(at[10], at[24]);
+ MULADD(at[11], at[23]);
+ MULADD(at[12], at[22]);
+ MULADD(at[13], at[21]);
+ MULADD(at[14], at[20]);
+ MULADD(at[15], at[19]);
+ COMBA_STORE(C->dp[18]);
+ /* 19 */
+ COMBA_FORWARD;
+ MULADD(at[4], at[31]);
+ MULADD(at[5], at[30]);
+ MULADD(at[6], at[29]);
+ MULADD(at[7], at[28]);
+ MULADD(at[8], at[27]);
+ MULADD(at[9], at[26]);
+ MULADD(at[10], at[25]);
+ MULADD(at[11], at[24]);
+ MULADD(at[12], at[23]);
+ MULADD(at[13], at[22]);
+ MULADD(at[14], at[21]);
+ MULADD(at[15], at[20]);
+ COMBA_STORE(C->dp[19]);
+ /* 20 */
+ COMBA_FORWARD;
+ MULADD(at[5], at[31]);
+ MULADD(at[6], at[30]);
+ MULADD(at[7], at[29]);
+ MULADD(at[8], at[28]);
+ MULADD(at[9], at[27]);
+ MULADD(at[10], at[26]);
+ MULADD(at[11], at[25]);
+ MULADD(at[12], at[24]);
+ MULADD(at[13], at[23]);
+ MULADD(at[14], at[22]);
+ MULADD(at[15], at[21]);
+ COMBA_STORE(C->dp[20]);
+ /* 21 */
+ COMBA_FORWARD;
+ MULADD(at[6], at[31]);
+ MULADD(at[7], at[30]);
+ MULADD(at[8], at[29]);
+ MULADD(at[9], at[28]);
+ MULADD(at[10], at[27]);
+ MULADD(at[11], at[26]);
+ MULADD(at[12], at[25]);
+ MULADD(at[13], at[24]);
+ MULADD(at[14], at[23]);
+ MULADD(at[15], at[22]);
+ COMBA_STORE(C->dp[21]);
+ /* 22 */
+ COMBA_FORWARD;
+ MULADD(at[7], at[31]);
+ MULADD(at[8], at[30]);
+ MULADD(at[9], at[29]);
+ MULADD(at[10], at[28]);
+ MULADD(at[11], at[27]);
+ MULADD(at[12], at[26]);
+ MULADD(at[13], at[25]);
+ MULADD(at[14], at[24]);
+ MULADD(at[15], at[23]);
+ COMBA_STORE(C->dp[22]);
+ /* 23 */
+ COMBA_FORWARD;
+ MULADD(at[8], at[31]);
+ MULADD(at[9], at[30]);
+ MULADD(at[10], at[29]);
+ MULADD(at[11], at[28]);
+ MULADD(at[12], at[27]);
+ MULADD(at[13], at[26]);
+ MULADD(at[14], at[25]);
+ MULADD(at[15], at[24]);
+ COMBA_STORE(C->dp[23]);
+ /* 24 */
+ COMBA_FORWARD;
+ MULADD(at[9], at[31]);
+ MULADD(at[10], at[30]);
+ MULADD(at[11], at[29]);
+ MULADD(at[12], at[28]);
+ MULADD(at[13], at[27]);
+ MULADD(at[14], at[26]);
+ MULADD(at[15], at[25]);
+ COMBA_STORE(C->dp[24]);
+ /* 25 */
+ COMBA_FORWARD;
+ MULADD(at[10], at[31]);
+ MULADD(at[11], at[30]);
+ MULADD(at[12], at[29]);
+ MULADD(at[13], at[28]);
+ MULADD(at[14], at[27]);
+ MULADD(at[15], at[26]);
+ COMBA_STORE(C->dp[25]);
+ /* 26 */
+ COMBA_FORWARD;
+ MULADD(at[11], at[31]);
+ MULADD(at[12], at[30]);
+ MULADD(at[13], at[29]);
+ MULADD(at[14], at[28]);
+ MULADD(at[15], at[27]);
+ COMBA_STORE(C->dp[26]);
+ /* 27 */
+ COMBA_FORWARD;
+ MULADD(at[12], at[31]);
+ MULADD(at[13], at[30]);
+ MULADD(at[14], at[29]);
+ MULADD(at[15], at[28]);
+ COMBA_STORE(C->dp[27]);
+ /* 28 */
+ COMBA_FORWARD;
+ MULADD(at[13], at[31]);
+ MULADD(at[14], at[30]);
+ MULADD(at[15], at[29]);
+ COMBA_STORE(C->dp[28]);
+ /* 29 */
+ COMBA_FORWARD;
+ MULADD(at[14], at[31]);
+ MULADD(at[15], at[30]);
+ COMBA_STORE(C->dp[29]);
+ /* 30 */
+ COMBA_FORWARD;
+ MULADD(at[15], at[31]);
+ COMBA_STORE(C->dp[30]);
+ COMBA_STORE2(C->dp[31]);
+ C->used = 32;
+ C->sign = A->sign ^ B->sign;
+ mp_clamp(C);
+ COMBA_FINI;
+}
+
+void
+s_mp_mul_comba_32(const mp_int *A, const mp_int *B, mp_int *C)
+{
+ mp_digit c0, c1, c2, at[64];
+
+ memcpy(at, A->dp, 32 * sizeof(mp_digit));
+ memcpy(at + 32, B->dp, 32 * sizeof(mp_digit));
+ COMBA_START;
+
+ COMBA_CLEAR;
+ /* 0 */
+ MULADD(at[0], at[32]);
+ COMBA_STORE(C->dp[0]);
+ /* 1 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[33]);
+ MULADD(at[1], at[32]);
+ COMBA_STORE(C->dp[1]);
+ /* 2 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[34]);
+ MULADD(at[1], at[33]);
+ MULADD(at[2], at[32]);
+ COMBA_STORE(C->dp[2]);
+ /* 3 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[35]);
+ MULADD(at[1], at[34]);
+ MULADD(at[2], at[33]);
+ MULADD(at[3], at[32]);
+ COMBA_STORE(C->dp[3]);
+ /* 4 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[36]);
+ MULADD(at[1], at[35]);
+ MULADD(at[2], at[34]);
+ MULADD(at[3], at[33]);
+ MULADD(at[4], at[32]);
+ COMBA_STORE(C->dp[4]);
+ /* 5 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[37]);
+ MULADD(at[1], at[36]);
+ MULADD(at[2], at[35]);
+ MULADD(at[3], at[34]);
+ MULADD(at[4], at[33]);
+ MULADD(at[5], at[32]);
+ COMBA_STORE(C->dp[5]);
+ /* 6 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[38]);
+ MULADD(at[1], at[37]);
+ MULADD(at[2], at[36]);
+ MULADD(at[3], at[35]);
+ MULADD(at[4], at[34]);
+ MULADD(at[5], at[33]);
+ MULADD(at[6], at[32]);
+ COMBA_STORE(C->dp[6]);
+ /* 7 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[39]);
+ MULADD(at[1], at[38]);
+ MULADD(at[2], at[37]);
+ MULADD(at[3], at[36]);
+ MULADD(at[4], at[35]);
+ MULADD(at[5], at[34]);
+ MULADD(at[6], at[33]);
+ MULADD(at[7], at[32]);
+ COMBA_STORE(C->dp[7]);
+ /* 8 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[40]);
+ MULADD(at[1], at[39]);
+ MULADD(at[2], at[38]);
+ MULADD(at[3], at[37]);
+ MULADD(at[4], at[36]);
+ MULADD(at[5], at[35]);
+ MULADD(at[6], at[34]);
+ MULADD(at[7], at[33]);
+ MULADD(at[8], at[32]);
+ COMBA_STORE(C->dp[8]);
+ /* 9 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[41]);
+ MULADD(at[1], at[40]);
+ MULADD(at[2], at[39]);
+ MULADD(at[3], at[38]);
+ MULADD(at[4], at[37]);
+ MULADD(at[5], at[36]);
+ MULADD(at[6], at[35]);
+ MULADD(at[7], at[34]);
+ MULADD(at[8], at[33]);
+ MULADD(at[9], at[32]);
+ COMBA_STORE(C->dp[9]);
+ /* 10 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[42]);
+ MULADD(at[1], at[41]);
+ MULADD(at[2], at[40]);
+ MULADD(at[3], at[39]);
+ MULADD(at[4], at[38]);
+ MULADD(at[5], at[37]);
+ MULADD(at[6], at[36]);
+ MULADD(at[7], at[35]);
+ MULADD(at[8], at[34]);
+ MULADD(at[9], at[33]);
+ MULADD(at[10], at[32]);
+ COMBA_STORE(C->dp[10]);
+ /* 11 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[43]);
+ MULADD(at[1], at[42]);
+ MULADD(at[2], at[41]);
+ MULADD(at[3], at[40]);
+ MULADD(at[4], at[39]);
+ MULADD(at[5], at[38]);
+ MULADD(at[6], at[37]);
+ MULADD(at[7], at[36]);
+ MULADD(at[8], at[35]);
+ MULADD(at[9], at[34]);
+ MULADD(at[10], at[33]);
+ MULADD(at[11], at[32]);
+ COMBA_STORE(C->dp[11]);
+ /* 12 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[44]);
+ MULADD(at[1], at[43]);
+ MULADD(at[2], at[42]);
+ MULADD(at[3], at[41]);
+ MULADD(at[4], at[40]);
+ MULADD(at[5], at[39]);
+ MULADD(at[6], at[38]);
+ MULADD(at[7], at[37]);
+ MULADD(at[8], at[36]);
+ MULADD(at[9], at[35]);
+ MULADD(at[10], at[34]);
+ MULADD(at[11], at[33]);
+ MULADD(at[12], at[32]);
+ COMBA_STORE(C->dp[12]);
+ /* 13 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[45]);
+ MULADD(at[1], at[44]);
+ MULADD(at[2], at[43]);
+ MULADD(at[3], at[42]);
+ MULADD(at[4], at[41]);
+ MULADD(at[5], at[40]);
+ MULADD(at[6], at[39]);
+ MULADD(at[7], at[38]);
+ MULADD(at[8], at[37]);
+ MULADD(at[9], at[36]);
+ MULADD(at[10], at[35]);
+ MULADD(at[11], at[34]);
+ MULADD(at[12], at[33]);
+ MULADD(at[13], at[32]);
+ COMBA_STORE(C->dp[13]);
+ /* 14 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[46]);
+ MULADD(at[1], at[45]);
+ MULADD(at[2], at[44]);
+ MULADD(at[3], at[43]);
+ MULADD(at[4], at[42]);
+ MULADD(at[5], at[41]);
+ MULADD(at[6], at[40]);
+ MULADD(at[7], at[39]);
+ MULADD(at[8], at[38]);
+ MULADD(at[9], at[37]);
+ MULADD(at[10], at[36]);
+ MULADD(at[11], at[35]);
+ MULADD(at[12], at[34]);
+ MULADD(at[13], at[33]);
+ MULADD(at[14], at[32]);
+ COMBA_STORE(C->dp[14]);
+ /* 15 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[47]);
+ MULADD(at[1], at[46]);
+ MULADD(at[2], at[45]);
+ MULADD(at[3], at[44]);
+ MULADD(at[4], at[43]);
+ MULADD(at[5], at[42]);
+ MULADD(at[6], at[41]);
+ MULADD(at[7], at[40]);
+ MULADD(at[8], at[39]);
+ MULADD(at[9], at[38]);
+ MULADD(at[10], at[37]);
+ MULADD(at[11], at[36]);
+ MULADD(at[12], at[35]);
+ MULADD(at[13], at[34]);
+ MULADD(at[14], at[33]);
+ MULADD(at[15], at[32]);
+ COMBA_STORE(C->dp[15]);
+ /* 16 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[48]);
+ MULADD(at[1], at[47]);
+ MULADD(at[2], at[46]);
+ MULADD(at[3], at[45]);
+ MULADD(at[4], at[44]);
+ MULADD(at[5], at[43]);
+ MULADD(at[6], at[42]);
+ MULADD(at[7], at[41]);
+ MULADD(at[8], at[40]);
+ MULADD(at[9], at[39]);
+ MULADD(at[10], at[38]);
+ MULADD(at[11], at[37]);
+ MULADD(at[12], at[36]);
+ MULADD(at[13], at[35]);
+ MULADD(at[14], at[34]);
+ MULADD(at[15], at[33]);
+ MULADD(at[16], at[32]);
+ COMBA_STORE(C->dp[16]);
+ /* 17 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[49]);
+ MULADD(at[1], at[48]);
+ MULADD(at[2], at[47]);
+ MULADD(at[3], at[46]);
+ MULADD(at[4], at[45]);
+ MULADD(at[5], at[44]);
+ MULADD(at[6], at[43]);
+ MULADD(at[7], at[42]);
+ MULADD(at[8], at[41]);
+ MULADD(at[9], at[40]);
+ MULADD(at[10], at[39]);
+ MULADD(at[11], at[38]);
+ MULADD(at[12], at[37]);
+ MULADD(at[13], at[36]);
+ MULADD(at[14], at[35]);
+ MULADD(at[15], at[34]);
+ MULADD(at[16], at[33]);
+ MULADD(at[17], at[32]);
+ COMBA_STORE(C->dp[17]);
+ /* 18 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[50]);
+ MULADD(at[1], at[49]);
+ MULADD(at[2], at[48]);
+ MULADD(at[3], at[47]);
+ MULADD(at[4], at[46]);
+ MULADD(at[5], at[45]);
+ MULADD(at[6], at[44]);
+ MULADD(at[7], at[43]);
+ MULADD(at[8], at[42]);
+ MULADD(at[9], at[41]);
+ MULADD(at[10], at[40]);
+ MULADD(at[11], at[39]);
+ MULADD(at[12], at[38]);
+ MULADD(at[13], at[37]);
+ MULADD(at[14], at[36]);
+ MULADD(at[15], at[35]);
+ MULADD(at[16], at[34]);
+ MULADD(at[17], at[33]);
+ MULADD(at[18], at[32]);
+ COMBA_STORE(C->dp[18]);
+ /* 19 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[51]);
+ MULADD(at[1], at[50]);
+ MULADD(at[2], at[49]);
+ MULADD(at[3], at[48]);
+ MULADD(at[4], at[47]);
+ MULADD(at[5], at[46]);
+ MULADD(at[6], at[45]);
+ MULADD(at[7], at[44]);
+ MULADD(at[8], at[43]);
+ MULADD(at[9], at[42]);
+ MULADD(at[10], at[41]);
+ MULADD(at[11], at[40]);
+ MULADD(at[12], at[39]);
+ MULADD(at[13], at[38]);
+ MULADD(at[14], at[37]);
+ MULADD(at[15], at[36]);
+ MULADD(at[16], at[35]);
+ MULADD(at[17], at[34]);
+ MULADD(at[18], at[33]);
+ MULADD(at[19], at[32]);
+ COMBA_STORE(C->dp[19]);
+ /* 20 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[52]);
+ MULADD(at[1], at[51]);
+ MULADD(at[2], at[50]);
+ MULADD(at[3], at[49]);
+ MULADD(at[4], at[48]);
+ MULADD(at[5], at[47]);
+ MULADD(at[6], at[46]);
+ MULADD(at[7], at[45]);
+ MULADD(at[8], at[44]);
+ MULADD(at[9], at[43]);
+ MULADD(at[10], at[42]);
+ MULADD(at[11], at[41]);
+ MULADD(at[12], at[40]);
+ MULADD(at[13], at[39]);
+ MULADD(at[14], at[38]);
+ MULADD(at[15], at[37]);
+ MULADD(at[16], at[36]);
+ MULADD(at[17], at[35]);
+ MULADD(at[18], at[34]);
+ MULADD(at[19], at[33]);
+ MULADD(at[20], at[32]);
+ COMBA_STORE(C->dp[20]);
+ /* 21 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[53]);
+ MULADD(at[1], at[52]);
+ MULADD(at[2], at[51]);
+ MULADD(at[3], at[50]);
+ MULADD(at[4], at[49]);
+ MULADD(at[5], at[48]);
+ MULADD(at[6], at[47]);
+ MULADD(at[7], at[46]);
+ MULADD(at[8], at[45]);
+ MULADD(at[9], at[44]);
+ MULADD(at[10], at[43]);
+ MULADD(at[11], at[42]);
+ MULADD(at[12], at[41]);
+ MULADD(at[13], at[40]);
+ MULADD(at[14], at[39]);
+ MULADD(at[15], at[38]);
+ MULADD(at[16], at[37]);
+ MULADD(at[17], at[36]);
+ MULADD(at[18], at[35]);
+ MULADD(at[19], at[34]);
+ MULADD(at[20], at[33]);
+ MULADD(at[21], at[32]);
+ COMBA_STORE(C->dp[21]);
+ /* 22 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[54]);
+ MULADD(at[1], at[53]);
+ MULADD(at[2], at[52]);
+ MULADD(at[3], at[51]);
+ MULADD(at[4], at[50]);
+ MULADD(at[5], at[49]);
+ MULADD(at[6], at[48]);
+ MULADD(at[7], at[47]);
+ MULADD(at[8], at[46]);
+ MULADD(at[9], at[45]);
+ MULADD(at[10], at[44]);
+ MULADD(at[11], at[43]);
+ MULADD(at[12], at[42]);
+ MULADD(at[13], at[41]);
+ MULADD(at[14], at[40]);
+ MULADD(at[15], at[39]);
+ MULADD(at[16], at[38]);
+ MULADD(at[17], at[37]);
+ MULADD(at[18], at[36]);
+ MULADD(at[19], at[35]);
+ MULADD(at[20], at[34]);
+ MULADD(at[21], at[33]);
+ MULADD(at[22], at[32]);
+ COMBA_STORE(C->dp[22]);
+ /* 23 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[55]);
+ MULADD(at[1], at[54]);
+ MULADD(at[2], at[53]);
+ MULADD(at[3], at[52]);
+ MULADD(at[4], at[51]);
+ MULADD(at[5], at[50]);
+ MULADD(at[6], at[49]);
+ MULADD(at[7], at[48]);
+ MULADD(at[8], at[47]);
+ MULADD(at[9], at[46]);
+ MULADD(at[10], at[45]);
+ MULADD(at[11], at[44]);
+ MULADD(at[12], at[43]);
+ MULADD(at[13], at[42]);
+ MULADD(at[14], at[41]);
+ MULADD(at[15], at[40]);
+ MULADD(at[16], at[39]);
+ MULADD(at[17], at[38]);
+ MULADD(at[18], at[37]);
+ MULADD(at[19], at[36]);
+ MULADD(at[20], at[35]);
+ MULADD(at[21], at[34]);
+ MULADD(at[22], at[33]);
+ MULADD(at[23], at[32]);
+ COMBA_STORE(C->dp[23]);
+ /* 24 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[56]);
+ MULADD(at[1], at[55]);
+ MULADD(at[2], at[54]);
+ MULADD(at[3], at[53]);
+ MULADD(at[4], at[52]);
+ MULADD(at[5], at[51]);
+ MULADD(at[6], at[50]);
+ MULADD(at[7], at[49]);
+ MULADD(at[8], at[48]);
+ MULADD(at[9], at[47]);
+ MULADD(at[10], at[46]);
+ MULADD(at[11], at[45]);
+ MULADD(at[12], at[44]);
+ MULADD(at[13], at[43]);
+ MULADD(at[14], at[42]);
+ MULADD(at[15], at[41]);
+ MULADD(at[16], at[40]);
+ MULADD(at[17], at[39]);
+ MULADD(at[18], at[38]);
+ MULADD(at[19], at[37]);
+ MULADD(at[20], at[36]);
+ MULADD(at[21], at[35]);
+ MULADD(at[22], at[34]);
+ MULADD(at[23], at[33]);
+ MULADD(at[24], at[32]);
+ COMBA_STORE(C->dp[24]);
+ /* 25 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[57]);
+ MULADD(at[1], at[56]);
+ MULADD(at[2], at[55]);
+ MULADD(at[3], at[54]);
+ MULADD(at[4], at[53]);
+ MULADD(at[5], at[52]);
+ MULADD(at[6], at[51]);
+ MULADD(at[7], at[50]);
+ MULADD(at[8], at[49]);
+ MULADD(at[9], at[48]);
+ MULADD(at[10], at[47]);
+ MULADD(at[11], at[46]);
+ MULADD(at[12], at[45]);
+ MULADD(at[13], at[44]);
+ MULADD(at[14], at[43]);
+ MULADD(at[15], at[42]);
+ MULADD(at[16], at[41]);
+ MULADD(at[17], at[40]);
+ MULADD(at[18], at[39]);
+ MULADD(at[19], at[38]);
+ MULADD(at[20], at[37]);
+ MULADD(at[21], at[36]);
+ MULADD(at[22], at[35]);
+ MULADD(at[23], at[34]);
+ MULADD(at[24], at[33]);
+ MULADD(at[25], at[32]);
+ COMBA_STORE(C->dp[25]);
+ /* 26 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[58]);
+ MULADD(at[1], at[57]);
+ MULADD(at[2], at[56]);
+ MULADD(at[3], at[55]);
+ MULADD(at[4], at[54]);
+ MULADD(at[5], at[53]);
+ MULADD(at[6], at[52]);
+ MULADD(at[7], at[51]);
+ MULADD(at[8], at[50]);
+ MULADD(at[9], at[49]);
+ MULADD(at[10], at[48]);
+ MULADD(at[11], at[47]);
+ MULADD(at[12], at[46]);
+ MULADD(at[13], at[45]);
+ MULADD(at[14], at[44]);
+ MULADD(at[15], at[43]);
+ MULADD(at[16], at[42]);
+ MULADD(at[17], at[41]);
+ MULADD(at[18], at[40]);
+ MULADD(at[19], at[39]);
+ MULADD(at[20], at[38]);
+ MULADD(at[21], at[37]);
+ MULADD(at[22], at[36]);
+ MULADD(at[23], at[35]);
+ MULADD(at[24], at[34]);
+ MULADD(at[25], at[33]);
+ MULADD(at[26], at[32]);
+ COMBA_STORE(C->dp[26]);
+ /* 27 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[59]);
+ MULADD(at[1], at[58]);
+ MULADD(at[2], at[57]);
+ MULADD(at[3], at[56]);
+ MULADD(at[4], at[55]);
+ MULADD(at[5], at[54]);
+ MULADD(at[6], at[53]);
+ MULADD(at[7], at[52]);
+ MULADD(at[8], at[51]);
+ MULADD(at[9], at[50]);
+ MULADD(at[10], at[49]);
+ MULADD(at[11], at[48]);
+ MULADD(at[12], at[47]);
+ MULADD(at[13], at[46]);
+ MULADD(at[14], at[45]);
+ MULADD(at[15], at[44]);
+ MULADD(at[16], at[43]);
+ MULADD(at[17], at[42]);
+ MULADD(at[18], at[41]);
+ MULADD(at[19], at[40]);
+ MULADD(at[20], at[39]);
+ MULADD(at[21], at[38]);
+ MULADD(at[22], at[37]);
+ MULADD(at[23], at[36]);
+ MULADD(at[24], at[35]);
+ MULADD(at[25], at[34]);
+ MULADD(at[26], at[33]);
+ MULADD(at[27], at[32]);
+ COMBA_STORE(C->dp[27]);
+ /* 28 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[60]);
+ MULADD(at[1], at[59]);
+ MULADD(at[2], at[58]);
+ MULADD(at[3], at[57]);
+ MULADD(at[4], at[56]);
+ MULADD(at[5], at[55]);
+ MULADD(at[6], at[54]);
+ MULADD(at[7], at[53]);
+ MULADD(at[8], at[52]);
+ MULADD(at[9], at[51]);
+ MULADD(at[10], at[50]);
+ MULADD(at[11], at[49]);
+ MULADD(at[12], at[48]);
+ MULADD(at[13], at[47]);
+ MULADD(at[14], at[46]);
+ MULADD(at[15], at[45]);
+ MULADD(at[16], at[44]);
+ MULADD(at[17], at[43]);
+ MULADD(at[18], at[42]);
+ MULADD(at[19], at[41]);
+ MULADD(at[20], at[40]);
+ MULADD(at[21], at[39]);
+ MULADD(at[22], at[38]);
+ MULADD(at[23], at[37]);
+ MULADD(at[24], at[36]);
+ MULADD(at[25], at[35]);
+ MULADD(at[26], at[34]);
+ MULADD(at[27], at[33]);
+ MULADD(at[28], at[32]);
+ COMBA_STORE(C->dp[28]);
+ /* 29 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[61]);
+ MULADD(at[1], at[60]);
+ MULADD(at[2], at[59]);
+ MULADD(at[3], at[58]);
+ MULADD(at[4], at[57]);
+ MULADD(at[5], at[56]);
+ MULADD(at[6], at[55]);
+ MULADD(at[7], at[54]);
+ MULADD(at[8], at[53]);
+ MULADD(at[9], at[52]);
+ MULADD(at[10], at[51]);
+ MULADD(at[11], at[50]);
+ MULADD(at[12], at[49]);
+ MULADD(at[13], at[48]);
+ MULADD(at[14], at[47]);
+ MULADD(at[15], at[46]);
+ MULADD(at[16], at[45]);
+ MULADD(at[17], at[44]);
+ MULADD(at[18], at[43]);
+ MULADD(at[19], at[42]);
+ MULADD(at[20], at[41]);
+ MULADD(at[21], at[40]);
+ MULADD(at[22], at[39]);
+ MULADD(at[23], at[38]);
+ MULADD(at[24], at[37]);
+ MULADD(at[25], at[36]);
+ MULADD(at[26], at[35]);
+ MULADD(at[27], at[34]);
+ MULADD(at[28], at[33]);
+ MULADD(at[29], at[32]);
+ COMBA_STORE(C->dp[29]);
+ /* 30 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[62]);
+ MULADD(at[1], at[61]);
+ MULADD(at[2], at[60]);
+ MULADD(at[3], at[59]);
+ MULADD(at[4], at[58]);
+ MULADD(at[5], at[57]);
+ MULADD(at[6], at[56]);
+ MULADD(at[7], at[55]);
+ MULADD(at[8], at[54]);
+ MULADD(at[9], at[53]);
+ MULADD(at[10], at[52]);
+ MULADD(at[11], at[51]);
+ MULADD(at[12], at[50]);
+ MULADD(at[13], at[49]);
+ MULADD(at[14], at[48]);
+ MULADD(at[15], at[47]);
+ MULADD(at[16], at[46]);
+ MULADD(at[17], at[45]);
+ MULADD(at[18], at[44]);
+ MULADD(at[19], at[43]);
+ MULADD(at[20], at[42]);
+ MULADD(at[21], at[41]);
+ MULADD(at[22], at[40]);
+ MULADD(at[23], at[39]);
+ MULADD(at[24], at[38]);
+ MULADD(at[25], at[37]);
+ MULADD(at[26], at[36]);
+ MULADD(at[27], at[35]);
+ MULADD(at[28], at[34]);
+ MULADD(at[29], at[33]);
+ MULADD(at[30], at[32]);
+ COMBA_STORE(C->dp[30]);
+ /* 31 */
+ COMBA_FORWARD;
+ MULADD(at[0], at[63]);
+ MULADD(at[1], at[62]);
+ MULADD(at[2], at[61]);
+ MULADD(at[3], at[60]);
+ MULADD(at[4], at[59]);
+ MULADD(at[5], at[58]);
+ MULADD(at[6], at[57]);
+ MULADD(at[7], at[56]);
+ MULADD(at[8], at[55]);
+ MULADD(at[9], at[54]);
+ MULADD(at[10], at[53]);
+ MULADD(at[11], at[52]);
+ MULADD(at[12], at[51]);
+ MULADD(at[13], at[50]);
+ MULADD(at[14], at[49]);
+ MULADD(at[15], at[48]);
+ MULADD(at[16], at[47]);
+ MULADD(at[17], at[46]);
+ MULADD(at[18], at[45]);
+ MULADD(at[19], at[44]);
+ MULADD(at[20], at[43]);
+ MULADD(at[21], at[42]);
+ MULADD(at[22], at[41]);
+ MULADD(at[23], at[40]);
+ MULADD(at[24], at[39]);
+ MULADD(at[25], at[38]);
+ MULADD(at[26], at[37]);
+ MULADD(at[27], at[36]);
+ MULADD(at[28], at[35]);
+ MULADD(at[29], at[34]);
+ MULADD(at[30], at[33]);
+ MULADD(at[31], at[32]);
+ COMBA_STORE(C->dp[31]);
+ /* 32 */
+ COMBA_FORWARD;
+ MULADD(at[1], at[63]);
+ MULADD(at[2], at[62]);
+ MULADD(at[3], at[61]);
+ MULADD(at[4], at[60]);
+ MULADD(at[5], at[59]);
+ MULADD(at[6], at[58]);
+ MULADD(at[7], at[57]);
+ MULADD(at[8], at[56]);
+ MULADD(at[9], at[55]);
+ MULADD(at[10], at[54]);
+ MULADD(at[11], at[53]);
+ MULADD(at[12], at[52]);
+ MULADD(at[13], at[51]);
+ MULADD(at[14], at[50]);
+ MULADD(at[15], at[49]);
+ MULADD(at[16], at[48]);
+ MULADD(at[17], at[47]);
+ MULADD(at[18], at[46]);
+ MULADD(at[19], at[45]);
+ MULADD(at[20], at[44]);
+ MULADD(at[21], at[43]);
+ MULADD(at[22], at[42]);
+ MULADD(at[23], at[41]);
+ MULADD(at[24], at[40]);
+ MULADD(at[25], at[39]);
+ MULADD(at[26], at[38]);
+ MULADD(at[27], at[37]);
+ MULADD(at[28], at[36]);
+ MULADD(at[29], at[35]);
+ MULADD(at[30], at[34]);
+ MULADD(at[31], at[33]);
+ COMBA_STORE(C->dp[32]);
+ /* 33 */
+ COMBA_FORWARD;
+ MULADD(at[2], at[63]);
+ MULADD(at[3], at[62]);
+ MULADD(at[4], at[61]);
+ MULADD(at[5], at[60]);
+ MULADD(at[6], at[59]);
+ MULADD(at[7], at[58]);
+ MULADD(at[8], at[57]);
+ MULADD(at[9], at[56]);
+ MULADD(at[10], at[55]);
+ MULADD(at[11], at[54]);
+ MULADD(at[12], at[53]);
+ MULADD(at[13], at[52]);
+ MULADD(at[14], at[51]);
+ MULADD(at[15], at[50]);
+ MULADD(at[16], at[49]);
+ MULADD(at[17], at[48]);
+ MULADD(at[18], at[47]);
+ MULADD(at[19], at[46]);
+ MULADD(at[20], at[45]);
+ MULADD(at[21], at[44]);
+ MULADD(at[22], at[43]);
+ MULADD(at[23], at[42]);
+ MULADD(at[24], at[41]);
+ MULADD(at[25], at[40]);
+ MULADD(at[26], at[39]);
+ MULADD(at[27], at[38]);
+ MULADD(at[28], at[37]);
+ MULADD(at[29], at[36]);
+ MULADD(at[30], at[35]);
+ MULADD(at[31], at[34]);
+ COMBA_STORE(C->dp[33]);
+ /* 34 */
+ COMBA_FORWARD;
+ MULADD(at[3], at[63]);
+ MULADD(at[4], at[62]);
+ MULADD(at[5], at[61]);
+ MULADD(at[6], at[60]);
+ MULADD(at[7], at[59]);
+ MULADD(at[8], at[58]);
+ MULADD(at[9], at[57]);
+ MULADD(at[10], at[56]);
+ MULADD(at[11], at[55]);
+ MULADD(at[12], at[54]);
+ MULADD(at[13], at[53]);
+ MULADD(at[14], at[52]);
+ MULADD(at[15], at[51]);
+ MULADD(at[16], at[50]);
+ MULADD(at[17], at[49]);
+ MULADD(at[18], at[48]);
+ MULADD(at[19], at[47]);
+ MULADD(at[20], at[46]);
+ MULADD(at[21], at[45]);
+ MULADD(at[22], at[44]);
+ MULADD(at[23], at[43]);
+ MULADD(at[24], at[42]);
+ MULADD(at[25], at[41]);
+ MULADD(at[26], at[40]);
+ MULADD(at[27], at[39]);
+ MULADD(at[28], at[38]);
+ MULADD(at[29], at[37]);
+ MULADD(at[30], at[36]);
+ MULADD(at[31], at[35]);
+ COMBA_STORE(C->dp[34]);
+ /* 35 */
+ COMBA_FORWARD;
+ MULADD(at[4], at[63]);
+ MULADD(at[5], at[62]);
+ MULADD(at[6], at[61]);
+ MULADD(at[7], at[60]);
+ MULADD(at[8], at[59]);
+ MULADD(at[9], at[58]);
+ MULADD(at[10], at[57]);
+ MULADD(at[11], at[56]);
+ MULADD(at[12], at[55]);
+ MULADD(at[13], at[54]);
+ MULADD(at[14], at[53]);
+ MULADD(at[15], at[52]);
+ MULADD(at[16], at[51]);
+ MULADD(at[17], at[50]);
+ MULADD(at[18], at[49]);
+ MULADD(at[19], at[48]);
+ MULADD(at[20], at[47]);
+ MULADD(at[21], at[46]);
+ MULADD(at[22], at[45]);
+ MULADD(at[23], at[44]);
+ MULADD(at[24], at[43]);
+ MULADD(at[25], at[42]);
+ MULADD(at[26], at[41]);
+ MULADD(at[27], at[40]);
+ MULADD(at[28], at[39]);
+ MULADD(at[29], at[38]);
+ MULADD(at[30], at[37]);
+ MULADD(at[31], at[36]);
+ COMBA_STORE(C->dp[35]);
+ /* 36 */
+ COMBA_FORWARD;
+ MULADD(at[5], at[63]);
+ MULADD(at[6], at[62]);
+ MULADD(at[7], at[61]);
+ MULADD(at[8], at[60]);
+ MULADD(at[9], at[59]);
+ MULADD(at[10], at[58]);
+ MULADD(at[11], at[57]);
+ MULADD(at[12], at[56]);
+ MULADD(at[13], at[55]);
+ MULADD(at[14], at[54]);
+ MULADD(at[15], at[53]);
+ MULADD(at[16], at[52]);
+ MULADD(at[17], at[51]);
+ MULADD(at[18], at[50]);
+ MULADD(at[19], at[49]);
+ MULADD(at[20], at[48]);
+ MULADD(at[21], at[47]);
+ MULADD(at[22], at[46]);
+ MULADD(at[23], at[45]);
+ MULADD(at[24], at[44]);
+ MULADD(at[25], at[43]);
+ MULADD(at[26], at[42]);
+ MULADD(at[27], at[41]);
+ MULADD(at[28], at[40]);
+ MULADD(at[29], at[39]);
+ MULADD(at[30], at[38]);
+ MULADD(at[31], at[37]);
+ COMBA_STORE(C->dp[36]);
+ /* 37 */
+ COMBA_FORWARD;
+ MULADD(at[6], at[63]);
+ MULADD(at[7], at[62]);
+ MULADD(at[8], at[61]);
+ MULADD(at[9], at[60]);
+ MULADD(at[10], at[59]);
+ MULADD(at[11], at[58]);
+ MULADD(at[12], at[57]);
+ MULADD(at[13], at[56]);
+ MULADD(at[14], at[55]);
+ MULADD(at[15], at[54]);
+ MULADD(at[16], at[53]);
+ MULADD(at[17], at[52]);
+ MULADD(at[18], at[51]);
+ MULADD(at[19], at[50]);
+ MULADD(at[20], at[49]);
+ MULADD(at[21], at[48]);
+ MULADD(at[22], at[47]);
+ MULADD(at[23], at[46]);
+ MULADD(at[24], at[45]);
+ MULADD(at[25], at[44]);
+ MULADD(at[26], at[43]);
+ MULADD(at[27], at[42]);
+ MULADD(at[28], at[41]);
+ MULADD(at[29], at[40]);
+ MULADD(at[30], at[39]);
+ MULADD(at[31], at[38]);
+ COMBA_STORE(C->dp[37]);
+ /* 38 */
+ COMBA_FORWARD;
+ MULADD(at[7], at[63]);
+ MULADD(at[8], at[62]);
+ MULADD(at[9], at[61]);
+ MULADD(at[10], at[60]);
+ MULADD(at[11], at[59]);
+ MULADD(at[12], at[58]);
+ MULADD(at[13], at[57]);
+ MULADD(at[14], at[56]);
+ MULADD(at[15], at[55]);
+ MULADD(at[16], at[54]);
+ MULADD(at[17], at[53]);
+ MULADD(at[18], at[52]);
+ MULADD(at[19], at[51]);
+ MULADD(at[20], at[50]);
+ MULADD(at[21], at[49]);
+ MULADD(at[22], at[48]);
+ MULADD(at[23], at[47]);
+ MULADD(at[24], at[46]);
+ MULADD(at[25], at[45]);
+ MULADD(at[26], at[44]);
+ MULADD(at[27], at[43]);
+ MULADD(at[28], at[42]);
+ MULADD(at[29], at[41]);
+ MULADD(at[30], at[40]);
+ MULADD(at[31], at[39]);
+ COMBA_STORE(C->dp[38]);
+ /* 39 */
+ COMBA_FORWARD;
+ MULADD(at[8], at[63]);
+ MULADD(at[9], at[62]);
+ MULADD(at[10], at[61]);
+ MULADD(at[11], at[60]);
+ MULADD(at[12], at[59]);
+ MULADD(at[13], at[58]);
+ MULADD(at[14], at[57]);
+ MULADD(at[15], at[56]);
+ MULADD(at[16], at[55]);
+ MULADD(at[17], at[54]);
+ MULADD(at[18], at[53]);
+ MULADD(at[19], at[52]);
+ MULADD(at[20], at[51]);
+ MULADD(at[21], at[50]);
+ MULADD(at[22], at[49]);
+ MULADD(at[23], at[48]);
+ MULADD(at[24], at[47]);
+ MULADD(at[25], at[46]);
+ MULADD(at[26], at[45]);
+ MULADD(at[27], at[44]);
+ MULADD(at[28], at[43]);
+ MULADD(at[29], at[42]);
+ MULADD(at[30], at[41]);
+ MULADD(at[31], at[40]);
+ COMBA_STORE(C->dp[39]);
+ /* 40 */
+ COMBA_FORWARD;
+ MULADD(at[9], at[63]);
+ MULADD(at[10], at[62]);
+ MULADD(at[11], at[61]);
+ MULADD(at[12], at[60]);
+ MULADD(at[13], at[59]);
+ MULADD(at[14], at[58]);
+ MULADD(at[15], at[57]);
+ MULADD(at[16], at[56]);
+ MULADD(at[17], at[55]);
+ MULADD(at[18], at[54]);
+ MULADD(at[19], at[53]);
+ MULADD(at[20], at[52]);
+ MULADD(at[21], at[51]);
+ MULADD(at[22], at[50]);
+ MULADD(at[23], at[49]);
+ MULADD(at[24], at[48]);
+ MULADD(at[25], at[47]);
+ MULADD(at[26], at[46]);
+ MULADD(at[27], at[45]);
+ MULADD(at[28], at[44]);
+ MULADD(at[29], at[43]);
+ MULADD(at[30], at[42]);
+ MULADD(at[31], at[41]);
+ COMBA_STORE(C->dp[40]);
+ /* 41 */
+ COMBA_FORWARD;
+ MULADD(at[10], at[63]);
+ MULADD(at[11], at[62]);
+ MULADD(at[12], at[61]);
+ MULADD(at[13], at[60]);
+ MULADD(at[14], at[59]);
+ MULADD(at[15], at[58]);
+ MULADD(at[16], at[57]);
+ MULADD(at[17], at[56]);
+ MULADD(at[18], at[55]);
+ MULADD(at[19], at[54]);
+ MULADD(at[20], at[53]);
+ MULADD(at[21], at[52]);
+ MULADD(at[22], at[51]);
+ MULADD(at[23], at[50]);
+ MULADD(at[24], at[49]);
+ MULADD(at[25], at[48]);
+ MULADD(at[26], at[47]);
+ MULADD(at[27], at[46]);
+ MULADD(at[28], at[45]);
+ MULADD(at[29], at[44]);
+ MULADD(at[30], at[43]);
+ MULADD(at[31], at[42]);
+ COMBA_STORE(C->dp[41]);
+ /* 42 */
+ COMBA_FORWARD;
+ MULADD(at[11], at[63]);
+ MULADD(at[12], at[62]);
+ MULADD(at[13], at[61]);
+ MULADD(at[14], at[60]);
+ MULADD(at[15], at[59]);
+ MULADD(at[16], at[58]);
+ MULADD(at[17], at[57]);
+ MULADD(at[18], at[56]);
+ MULADD(at[19], at[55]);
+ MULADD(at[20], at[54]);
+ MULADD(at[21], at[53]);
+ MULADD(at[22], at[52]);
+ MULADD(at[23], at[51]);
+ MULADD(at[24], at[50]);
+ MULADD(at[25], at[49]);
+ MULADD(at[26], at[48]);
+ MULADD(at[27], at[47]);
+ MULADD(at[28], at[46]);
+ MULADD(at[29], at[45]);
+ MULADD(at[30], at[44]);
+ MULADD(at[31], at[43]);
+ COMBA_STORE(C->dp[42]);
+ /* 43 */
+ COMBA_FORWARD;
+ MULADD(at[12], at[63]);
+ MULADD(at[13], at[62]);
+ MULADD(at[14], at[61]);
+ MULADD(at[15], at[60]);
+ MULADD(at[16], at[59]);
+ MULADD(at[17], at[58]);
+ MULADD(at[18], at[57]);
+ MULADD(at[19], at[56]);
+ MULADD(at[20], at[55]);
+ MULADD(at[21], at[54]);
+ MULADD(at[22], at[53]);
+ MULADD(at[23], at[52]);
+ MULADD(at[24], at[51]);
+ MULADD(at[25], at[50]);
+ MULADD(at[26], at[49]);
+ MULADD(at[27], at[48]);
+ MULADD(at[28], at[47]);
+ MULADD(at[29], at[46]);
+ MULADD(at[30], at[45]);
+ MULADD(at[31], at[44]);
+ COMBA_STORE(C->dp[43]);
+ /* 44 */
+ COMBA_FORWARD;
+ MULADD(at[13], at[63]);
+ MULADD(at[14], at[62]);
+ MULADD(at[15], at[61]);
+ MULADD(at[16], at[60]);
+ MULADD(at[17], at[59]);
+ MULADD(at[18], at[58]);
+ MULADD(at[19], at[57]);
+ MULADD(at[20], at[56]);
+ MULADD(at[21], at[55]);
+ MULADD(at[22], at[54]);
+ MULADD(at[23], at[53]);
+ MULADD(at[24], at[52]);
+ MULADD(at[25], at[51]);
+ MULADD(at[26], at[50]);
+ MULADD(at[27], at[49]);
+ MULADD(at[28], at[48]);
+ MULADD(at[29], at[47]);
+ MULADD(at[30], at[46]);
+ MULADD(at[31], at[45]);
+ COMBA_STORE(C->dp[44]);
+ /* 45 */
+ COMBA_FORWARD;
+ MULADD(at[14], at[63]);
+ MULADD(at[15], at[62]);
+ MULADD(at[16], at[61]);
+ MULADD(at[17], at[60]);
+ MULADD(at[18], at[59]);
+ MULADD(at[19], at[58]);
+ MULADD(at[20], at[57]);
+ MULADD(at[21], at[56]);
+ MULADD(at[22], at[55]);
+ MULADD(at[23], at[54]);
+ MULADD(at[24], at[53]);
+ MULADD(at[25], at[52]);
+ MULADD(at[26], at[51]);
+ MULADD(at[27], at[50]);
+ MULADD(at[28], at[49]);
+ MULADD(at[29], at[48]);
+ MULADD(at[30], at[47]);
+ MULADD(at[31], at[46]);
+ COMBA_STORE(C->dp[45]);
+ /* 46 */
+ COMBA_FORWARD;
+ MULADD(at[15], at[63]);
+ MULADD(at[16], at[62]);
+ MULADD(at[17], at[61]);
+ MULADD(at[18], at[60]);
+ MULADD(at[19], at[59]);
+ MULADD(at[20], at[58]);
+ MULADD(at[21], at[57]);
+ MULADD(at[22], at[56]);
+ MULADD(at[23], at[55]);
+ MULADD(at[24], at[54]);
+ MULADD(at[25], at[53]);
+ MULADD(at[26], at[52]);
+ MULADD(at[27], at[51]);
+ MULADD(at[28], at[50]);
+ MULADD(at[29], at[49]);
+ MULADD(at[30], at[48]);
+ MULADD(at[31], at[47]);
+ COMBA_STORE(C->dp[46]);
+ /* 47 */
+ COMBA_FORWARD;
+ MULADD(at[16], at[63]);
+ MULADD(at[17], at[62]);
+ MULADD(at[18], at[61]);
+ MULADD(at[19], at[60]);
+ MULADD(at[20], at[59]);
+ MULADD(at[21], at[58]);
+ MULADD(at[22], at[57]);
+ MULADD(at[23], at[56]);
+ MULADD(at[24], at[55]);
+ MULADD(at[25], at[54]);
+ MULADD(at[26], at[53]);
+ MULADD(at[27], at[52]);
+ MULADD(at[28], at[51]);
+ MULADD(at[29], at[50]);
+ MULADD(at[30], at[49]);
+ MULADD(at[31], at[48]);
+ COMBA_STORE(C->dp[47]);
+ /* 48 */
+ COMBA_FORWARD;
+ MULADD(at[17], at[63]);
+ MULADD(at[18], at[62]);
+ MULADD(at[19], at[61]);
+ MULADD(at[20], at[60]);
+ MULADD(at[21], at[59]);
+ MULADD(at[22], at[58]);
+ MULADD(at[23], at[57]);
+ MULADD(at[24], at[56]);
+ MULADD(at[25], at[55]);
+ MULADD(at[26], at[54]);
+ MULADD(at[27], at[53]);
+ MULADD(at[28], at[52]);
+ MULADD(at[29], at[51]);
+ MULADD(at[30], at[50]);
+ MULADD(at[31], at[49]);
+ COMBA_STORE(C->dp[48]);
+ /* 49 */
+ COMBA_FORWARD;
+ MULADD(at[18], at[63]);
+ MULADD(at[19], at[62]);
+ MULADD(at[20], at[61]);
+ MULADD(at[21], at[60]);
+ MULADD(at[22], at[59]);
+ MULADD(at[23], at[58]);
+ MULADD(at[24], at[57]);
+ MULADD(at[25], at[56]);
+ MULADD(at[26], at[55]);
+ MULADD(at[27], at[54]);
+ MULADD(at[28], at[53]);
+ MULADD(at[29], at[52]);
+ MULADD(at[30], at[51]);
+ MULADD(at[31], at[50]);
+ COMBA_STORE(C->dp[49]);
+ /* 50 */
+ COMBA_FORWARD;
+ MULADD(at[19], at[63]);
+ MULADD(at[20], at[62]);
+ MULADD(at[21], at[61]);
+ MULADD(at[22], at[60]);
+ MULADD(at[23], at[59]);
+ MULADD(at[24], at[58]);
+ MULADD(at[25], at[57]);
+ MULADD(at[26], at[56]);
+ MULADD(at[27], at[55]);
+ MULADD(at[28], at[54]);
+ MULADD(at[29], at[53]);
+ MULADD(at[30], at[52]);
+ MULADD(at[31], at[51]);
+ COMBA_STORE(C->dp[50]);
+ /* 51 */
+ COMBA_FORWARD;
+ MULADD(at[20], at[63]);
+ MULADD(at[21], at[62]);
+ MULADD(at[22], at[61]);
+ MULADD(at[23], at[60]);
+ MULADD(at[24], at[59]);
+ MULADD(at[25], at[58]);
+ MULADD(at[26], at[57]);
+ MULADD(at[27], at[56]);
+ MULADD(at[28], at[55]);
+ MULADD(at[29], at[54]);
+ MULADD(at[30], at[53]);
+ MULADD(at[31], at[52]);
+ COMBA_STORE(C->dp[51]);
+ /* 52 */
+ COMBA_FORWARD;
+ MULADD(at[21], at[63]);
+ MULADD(at[22], at[62]);
+ MULADD(at[23], at[61]);
+ MULADD(at[24], at[60]);
+ MULADD(at[25], at[59]);
+ MULADD(at[26], at[58]);
+ MULADD(at[27], at[57]);
+ MULADD(at[28], at[56]);
+ MULADD(at[29], at[55]);
+ MULADD(at[30], at[54]);
+ MULADD(at[31], at[53]);
+ COMBA_STORE(C->dp[52]);
+ /* 53 */
+ COMBA_FORWARD;
+ MULADD(at[22], at[63]);
+ MULADD(at[23], at[62]);
+ MULADD(at[24], at[61]);
+ MULADD(at[25], at[60]);
+ MULADD(at[26], at[59]);
+ MULADD(at[27], at[58]);
+ MULADD(at[28], at[57]);
+ MULADD(at[29], at[56]);
+ MULADD(at[30], at[55]);
+ MULADD(at[31], at[54]);
+ COMBA_STORE(C->dp[53]);
+ /* 54 */
+ COMBA_FORWARD;
+ MULADD(at[23], at[63]);
+ MULADD(at[24], at[62]);
+ MULADD(at[25], at[61]);
+ MULADD(at[26], at[60]);
+ MULADD(at[27], at[59]);
+ MULADD(at[28], at[58]);
+ MULADD(at[29], at[57]);
+ MULADD(at[30], at[56]);
+ MULADD(at[31], at[55]);
+ COMBA_STORE(C->dp[54]);
+ /* 55 */
+ COMBA_FORWARD;
+ MULADD(at[24], at[63]);
+ MULADD(at[25], at[62]);
+ MULADD(at[26], at[61]);
+ MULADD(at[27], at[60]);
+ MULADD(at[28], at[59]);
+ MULADD(at[29], at[58]);
+ MULADD(at[30], at[57]);
+ MULADD(at[31], at[56]);
+ COMBA_STORE(C->dp[55]);
+ /* 56 */
+ COMBA_FORWARD;
+ MULADD(at[25], at[63]);
+ MULADD(at[26], at[62]);
+ MULADD(at[27], at[61]);
+ MULADD(at[28], at[60]);
+ MULADD(at[29], at[59]);
+ MULADD(at[30], at[58]);
+ MULADD(at[31], at[57]);
+ COMBA_STORE(C->dp[56]);
+ /* 57 */
+ COMBA_FORWARD;
+ MULADD(at[26], at[63]);
+ MULADD(at[27], at[62]);
+ MULADD(at[28], at[61]);
+ MULADD(at[29], at[60]);
+ MULADD(at[30], at[59]);
+ MULADD(at[31], at[58]);
+ COMBA_STORE(C->dp[57]);
+ /* 58 */
+ COMBA_FORWARD;
+ MULADD(at[27], at[63]);
+ MULADD(at[28], at[62]);
+ MULADD(at[29], at[61]);
+ MULADD(at[30], at[60]);
+ MULADD(at[31], at[59]);
+ COMBA_STORE(C->dp[58]);
+ /* 59 */
+ COMBA_FORWARD;
+ MULADD(at[28], at[63]);
+ MULADD(at[29], at[62]);
+ MULADD(at[30], at[61]);
+ MULADD(at[31], at[60]);
+ COMBA_STORE(C->dp[59]);
+ /* 60 */
+ COMBA_FORWARD;
+ MULADD(at[29], at[63]);
+ MULADD(at[30], at[62]);
+ MULADD(at[31], at[61]);
+ COMBA_STORE(C->dp[60]);
+ /* 61 */
+ COMBA_FORWARD;
+ MULADD(at[30], at[63]);
+ MULADD(at[31], at[62]);
+ COMBA_STORE(C->dp[61]);
+ /* 62 */
+ COMBA_FORWARD;
+ MULADD(at[31], at[63]);
+ COMBA_STORE(C->dp[62]);
+ COMBA_STORE2(C->dp[63]);
+ C->used = 64;
+ C->sign = A->sign ^ B->sign;
+ mp_clamp(C);
+ COMBA_FINI;
+}
+
+void
+s_mp_sqr_comba_4(const mp_int *A, mp_int *B)
+{
+ mp_digit *a, b[8], c0, c1, c2;
+
+ a = A->dp;
+ COMBA_START;
+
+ /* clear carries */
+ CLEAR_CARRY;
+
+ /* output 0 */
+ SQRADD(a[0], a[0]);
+ COMBA_STORE(b[0]);
+
+ /* output 1 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[1]);
+ COMBA_STORE(b[1]);
+
+ /* output 2 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[2]);
+ SQRADD(a[1], a[1]);
+ COMBA_STORE(b[2]);
+
+ /* output 3 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[3]);
+ SQRADD2(a[1], a[2]);
+ COMBA_STORE(b[3]);
+
+ /* output 4 */
+ CARRY_FORWARD;
+ SQRADD2(a[1], a[3]);
+ SQRADD(a[2], a[2]);
+ COMBA_STORE(b[4]);
+
+ /* output 5 */
+ CARRY_FORWARD;
+ SQRADD2(a[2], a[3]);
+ COMBA_STORE(b[5]);
+
+ /* output 6 */
+ CARRY_FORWARD;
+ SQRADD(a[3], a[3]);
+ COMBA_STORE(b[6]);
+ COMBA_STORE2(b[7]);
+ COMBA_FINI;
+
+ B->used = 8;
+ B->sign = ZPOS;
+ memcpy(B->dp, b, 8 * sizeof(mp_digit));
+ mp_clamp(B);
+}
+
+void
+s_mp_sqr_comba_8(const mp_int *A, mp_int *B)
+{
+ mp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2;
+
+ a = A->dp;
+ COMBA_START;
+
+ /* clear carries */
+ CLEAR_CARRY;
+
+ /* output 0 */
+ SQRADD(a[0], a[0]);
+ COMBA_STORE(b[0]);
+
+ /* output 1 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[1]);
+ COMBA_STORE(b[1]);
+
+ /* output 2 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[2]);
+ SQRADD(a[1], a[1]);
+ COMBA_STORE(b[2]);
+
+ /* output 3 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[3]);
+ SQRADD2(a[1], a[2]);
+ COMBA_STORE(b[3]);
+
+ /* output 4 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[4]);
+ SQRADD2(a[1], a[3]);
+ SQRADD(a[2], a[2]);
+ COMBA_STORE(b[4]);
+
+ /* output 5 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[5]);
+ SQRADDAC(a[1], a[4]);
+ SQRADDAC(a[2], a[3]);
+ SQRADDDB;
+ COMBA_STORE(b[5]);
+
+ /* output 6 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[6]);
+ SQRADDAC(a[1], a[5]);
+ SQRADDAC(a[2], a[4]);
+ SQRADDDB;
+ SQRADD(a[3], a[3]);
+ COMBA_STORE(b[6]);
+
+ /* output 7 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[7]);
+ SQRADDAC(a[1], a[6]);
+ SQRADDAC(a[2], a[5]);
+ SQRADDAC(a[3], a[4]);
+ SQRADDDB;
+ COMBA_STORE(b[7]);
+
+ /* output 8 */
+ CARRY_FORWARD;
+ SQRADDSC(a[1], a[7]);
+ SQRADDAC(a[2], a[6]);
+ SQRADDAC(a[3], a[5]);
+ SQRADDDB;
+ SQRADD(a[4], a[4]);
+ COMBA_STORE(b[8]);
+
+ /* output 9 */
+ CARRY_FORWARD;
+ SQRADDSC(a[2], a[7]);
+ SQRADDAC(a[3], a[6]);
+ SQRADDAC(a[4], a[5]);
+ SQRADDDB;
+ COMBA_STORE(b[9]);
+
+ /* output 10 */
+ CARRY_FORWARD;
+ SQRADD2(a[3], a[7]);
+ SQRADD2(a[4], a[6]);
+ SQRADD(a[5], a[5]);
+ COMBA_STORE(b[10]);
+
+ /* output 11 */
+ CARRY_FORWARD;
+ SQRADD2(a[4], a[7]);
+ SQRADD2(a[5], a[6]);
+ COMBA_STORE(b[11]);
+
+ /* output 12 */
+ CARRY_FORWARD;
+ SQRADD2(a[5], a[7]);
+ SQRADD(a[6], a[6]);
+ COMBA_STORE(b[12]);
+
+ /* output 13 */
+ CARRY_FORWARD;
+ SQRADD2(a[6], a[7]);
+ COMBA_STORE(b[13]);
+
+ /* output 14 */
+ CARRY_FORWARD;
+ SQRADD(a[7], a[7]);
+ COMBA_STORE(b[14]);
+ COMBA_STORE2(b[15]);
+ COMBA_FINI;
+
+ B->used = 16;
+ B->sign = ZPOS;
+ memcpy(B->dp, b, 16 * sizeof(mp_digit));
+ mp_clamp(B);
+}
+
+void
+s_mp_sqr_comba_16(const mp_int *A, mp_int *B)
+{
+ mp_digit *a, b[32], c0, c1, c2, sc0, sc1, sc2;
+
+ a = A->dp;
+ COMBA_START;
+
+ /* clear carries */
+ CLEAR_CARRY;
+
+ /* output 0 */
+ SQRADD(a[0], a[0]);
+ COMBA_STORE(b[0]);
+
+ /* output 1 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[1]);
+ COMBA_STORE(b[1]);
+
+ /* output 2 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[2]);
+ SQRADD(a[1], a[1]);
+ COMBA_STORE(b[2]);
+
+ /* output 3 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[3]);
+ SQRADD2(a[1], a[2]);
+ COMBA_STORE(b[3]);
+
+ /* output 4 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[4]);
+ SQRADD2(a[1], a[3]);
+ SQRADD(a[2], a[2]);
+ COMBA_STORE(b[4]);
+
+ /* output 5 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[5]);
+ SQRADDAC(a[1], a[4]);
+ SQRADDAC(a[2], a[3]);
+ SQRADDDB;
+ COMBA_STORE(b[5]);
+
+ /* output 6 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[6]);
+ SQRADDAC(a[1], a[5]);
+ SQRADDAC(a[2], a[4]);
+ SQRADDDB;
+ SQRADD(a[3], a[3]);
+ COMBA_STORE(b[6]);
+
+ /* output 7 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[7]);
+ SQRADDAC(a[1], a[6]);
+ SQRADDAC(a[2], a[5]);
+ SQRADDAC(a[3], a[4]);
+ SQRADDDB;
+ COMBA_STORE(b[7]);
+
+ /* output 8 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[8]);
+ SQRADDAC(a[1], a[7]);
+ SQRADDAC(a[2], a[6]);
+ SQRADDAC(a[3], a[5]);
+ SQRADDDB;
+ SQRADD(a[4], a[4]);
+ COMBA_STORE(b[8]);
+
+ /* output 9 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[9]);
+ SQRADDAC(a[1], a[8]);
+ SQRADDAC(a[2], a[7]);
+ SQRADDAC(a[3], a[6]);
+ SQRADDAC(a[4], a[5]);
+ SQRADDDB;
+ COMBA_STORE(b[9]);
+
+ /* output 10 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[10]);
+ SQRADDAC(a[1], a[9]);
+ SQRADDAC(a[2], a[8]);
+ SQRADDAC(a[3], a[7]);
+ SQRADDAC(a[4], a[6]);
+ SQRADDDB;
+ SQRADD(a[5], a[5]);
+ COMBA_STORE(b[10]);
+
+ /* output 11 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[11]);
+ SQRADDAC(a[1], a[10]);
+ SQRADDAC(a[2], a[9]);
+ SQRADDAC(a[3], a[8]);
+ SQRADDAC(a[4], a[7]);
+ SQRADDAC(a[5], a[6]);
+ SQRADDDB;
+ COMBA_STORE(b[11]);
+
+ /* output 12 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[12]);
+ SQRADDAC(a[1], a[11]);
+ SQRADDAC(a[2], a[10]);
+ SQRADDAC(a[3], a[9]);
+ SQRADDAC(a[4], a[8]);
+ SQRADDAC(a[5], a[7]);
+ SQRADDDB;
+ SQRADD(a[6], a[6]);
+ COMBA_STORE(b[12]);
+
+ /* output 13 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[13]);
+ SQRADDAC(a[1], a[12]);
+ SQRADDAC(a[2], a[11]);
+ SQRADDAC(a[3], a[10]);
+ SQRADDAC(a[4], a[9]);
+ SQRADDAC(a[5], a[8]);
+ SQRADDAC(a[6], a[7]);
+ SQRADDDB;
+ COMBA_STORE(b[13]);
+
+ /* output 14 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[14]);
+ SQRADDAC(a[1], a[13]);
+ SQRADDAC(a[2], a[12]);
+ SQRADDAC(a[3], a[11]);
+ SQRADDAC(a[4], a[10]);
+ SQRADDAC(a[5], a[9]);
+ SQRADDAC(a[6], a[8]);
+ SQRADDDB;
+ SQRADD(a[7], a[7]);
+ COMBA_STORE(b[14]);
+
+ /* output 15 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[15]);
+ SQRADDAC(a[1], a[14]);
+ SQRADDAC(a[2], a[13]);
+ SQRADDAC(a[3], a[12]);
+ SQRADDAC(a[4], a[11]);
+ SQRADDAC(a[5], a[10]);
+ SQRADDAC(a[6], a[9]);
+ SQRADDAC(a[7], a[8]);
+ SQRADDDB;
+ COMBA_STORE(b[15]);
+
+ /* output 16 */
+ CARRY_FORWARD;
+ SQRADDSC(a[1], a[15]);
+ SQRADDAC(a[2], a[14]);
+ SQRADDAC(a[3], a[13]);
+ SQRADDAC(a[4], a[12]);
+ SQRADDAC(a[5], a[11]);
+ SQRADDAC(a[6], a[10]);
+ SQRADDAC(a[7], a[9]);
+ SQRADDDB;
+ SQRADD(a[8], a[8]);
+ COMBA_STORE(b[16]);
+
+ /* output 17 */
+ CARRY_FORWARD;
+ SQRADDSC(a[2], a[15]);
+ SQRADDAC(a[3], a[14]);
+ SQRADDAC(a[4], a[13]);
+ SQRADDAC(a[5], a[12]);
+ SQRADDAC(a[6], a[11]);
+ SQRADDAC(a[7], a[10]);
+ SQRADDAC(a[8], a[9]);
+ SQRADDDB;
+ COMBA_STORE(b[17]);
+
+ /* output 18 */
+ CARRY_FORWARD;
+ SQRADDSC(a[3], a[15]);
+ SQRADDAC(a[4], a[14]);
+ SQRADDAC(a[5], a[13]);
+ SQRADDAC(a[6], a[12]);
+ SQRADDAC(a[7], a[11]);
+ SQRADDAC(a[8], a[10]);
+ SQRADDDB;
+ SQRADD(a[9], a[9]);
+ COMBA_STORE(b[18]);
+
+ /* output 19 */
+ CARRY_FORWARD;
+ SQRADDSC(a[4], a[15]);
+ SQRADDAC(a[5], a[14]);
+ SQRADDAC(a[6], a[13]);
+ SQRADDAC(a[7], a[12]);
+ SQRADDAC(a[8], a[11]);
+ SQRADDAC(a[9], a[10]);
+ SQRADDDB;
+ COMBA_STORE(b[19]);
+
+ /* output 20 */
+ CARRY_FORWARD;
+ SQRADDSC(a[5], a[15]);
+ SQRADDAC(a[6], a[14]);
+ SQRADDAC(a[7], a[13]);
+ SQRADDAC(a[8], a[12]);
+ SQRADDAC(a[9], a[11]);
+ SQRADDDB;
+ SQRADD(a[10], a[10]);
+ COMBA_STORE(b[20]);
+
+ /* output 21 */
+ CARRY_FORWARD;
+ SQRADDSC(a[6], a[15]);
+ SQRADDAC(a[7], a[14]);
+ SQRADDAC(a[8], a[13]);
+ SQRADDAC(a[9], a[12]);
+ SQRADDAC(a[10], a[11]);
+ SQRADDDB;
+ COMBA_STORE(b[21]);
+
+ /* output 22 */
+ CARRY_FORWARD;
+ SQRADDSC(a[7], a[15]);
+ SQRADDAC(a[8], a[14]);
+ SQRADDAC(a[9], a[13]);
+ SQRADDAC(a[10], a[12]);
+ SQRADDDB;
+ SQRADD(a[11], a[11]);
+ COMBA_STORE(b[22]);
+
+ /* output 23 */
+ CARRY_FORWARD;
+ SQRADDSC(a[8], a[15]);
+ SQRADDAC(a[9], a[14]);
+ SQRADDAC(a[10], a[13]);
+ SQRADDAC(a[11], a[12]);
+ SQRADDDB;
+ COMBA_STORE(b[23]);
+
+ /* output 24 */
+ CARRY_FORWARD;
+ SQRADDSC(a[9], a[15]);
+ SQRADDAC(a[10], a[14]);
+ SQRADDAC(a[11], a[13]);
+ SQRADDDB;
+ SQRADD(a[12], a[12]);
+ COMBA_STORE(b[24]);
+
+ /* output 25 */
+ CARRY_FORWARD;
+ SQRADDSC(a[10], a[15]);
+ SQRADDAC(a[11], a[14]);
+ SQRADDAC(a[12], a[13]);
+ SQRADDDB;
+ COMBA_STORE(b[25]);
+
+ /* output 26 */
+ CARRY_FORWARD;
+ SQRADD2(a[11], a[15]);
+ SQRADD2(a[12], a[14]);
+ SQRADD(a[13], a[13]);
+ COMBA_STORE(b[26]);
+
+ /* output 27 */
+ CARRY_FORWARD;
+ SQRADD2(a[12], a[15]);
+ SQRADD2(a[13], a[14]);
+ COMBA_STORE(b[27]);
+
+ /* output 28 */
+ CARRY_FORWARD;
+ SQRADD2(a[13], a[15]);
+ SQRADD(a[14], a[14]);
+ COMBA_STORE(b[28]);
+
+ /* output 29 */
+ CARRY_FORWARD;
+ SQRADD2(a[14], a[15]);
+ COMBA_STORE(b[29]);
+
+ /* output 30 */
+ CARRY_FORWARD;
+ SQRADD(a[15], a[15]);
+ COMBA_STORE(b[30]);
+ COMBA_STORE2(b[31]);
+ COMBA_FINI;
+
+ B->used = 32;
+ B->sign = ZPOS;
+ memcpy(B->dp, b, 32 * sizeof(mp_digit));
+ mp_clamp(B);
+}
+
+void
+s_mp_sqr_comba_32(const mp_int *A, mp_int *B)
+{
+ mp_digit *a, b[64], c0, c1, c2, sc0, sc1, sc2;
+
+ a = A->dp;
+ COMBA_START;
+
+ /* clear carries */
+ CLEAR_CARRY;
+
+ /* output 0 */
+ SQRADD(a[0], a[0]);
+ COMBA_STORE(b[0]);
+
+ /* output 1 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[1]);
+ COMBA_STORE(b[1]);
+
+ /* output 2 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[2]);
+ SQRADD(a[1], a[1]);
+ COMBA_STORE(b[2]);
+
+ /* output 3 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[3]);
+ SQRADD2(a[1], a[2]);
+ COMBA_STORE(b[3]);
+
+ /* output 4 */
+ CARRY_FORWARD;
+ SQRADD2(a[0], a[4]);
+ SQRADD2(a[1], a[3]);
+ SQRADD(a[2], a[2]);
+ COMBA_STORE(b[4]);
+
+ /* output 5 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[5]);
+ SQRADDAC(a[1], a[4]);
+ SQRADDAC(a[2], a[3]);
+ SQRADDDB;
+ COMBA_STORE(b[5]);
+
+ /* output 6 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[6]);
+ SQRADDAC(a[1], a[5]);
+ SQRADDAC(a[2], a[4]);
+ SQRADDDB;
+ SQRADD(a[3], a[3]);
+ COMBA_STORE(b[6]);
+
+ /* output 7 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[7]);
+ SQRADDAC(a[1], a[6]);
+ SQRADDAC(a[2], a[5]);
+ SQRADDAC(a[3], a[4]);
+ SQRADDDB;
+ COMBA_STORE(b[7]);
+
+ /* output 8 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[8]);
+ SQRADDAC(a[1], a[7]);
+ SQRADDAC(a[2], a[6]);
+ SQRADDAC(a[3], a[5]);
+ SQRADDDB;
+ SQRADD(a[4], a[4]);
+ COMBA_STORE(b[8]);
+
+ /* output 9 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[9]);
+ SQRADDAC(a[1], a[8]);
+ SQRADDAC(a[2], a[7]);
+ SQRADDAC(a[3], a[6]);
+ SQRADDAC(a[4], a[5]);
+ SQRADDDB;
+ COMBA_STORE(b[9]);
+
+ /* output 10 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[10]);
+ SQRADDAC(a[1], a[9]);
+ SQRADDAC(a[2], a[8]);
+ SQRADDAC(a[3], a[7]);
+ SQRADDAC(a[4], a[6]);
+ SQRADDDB;
+ SQRADD(a[5], a[5]);
+ COMBA_STORE(b[10]);
+
+ /* output 11 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[11]);
+ SQRADDAC(a[1], a[10]);
+ SQRADDAC(a[2], a[9]);
+ SQRADDAC(a[3], a[8]);
+ SQRADDAC(a[4], a[7]);
+ SQRADDAC(a[5], a[6]);
+ SQRADDDB;
+ COMBA_STORE(b[11]);
+
+ /* output 12 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[12]);
+ SQRADDAC(a[1], a[11]);
+ SQRADDAC(a[2], a[10]);
+ SQRADDAC(a[3], a[9]);
+ SQRADDAC(a[4], a[8]);
+ SQRADDAC(a[5], a[7]);
+ SQRADDDB;
+ SQRADD(a[6], a[6]);
+ COMBA_STORE(b[12]);
+
+ /* output 13 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[13]);
+ SQRADDAC(a[1], a[12]);
+ SQRADDAC(a[2], a[11]);
+ SQRADDAC(a[3], a[10]);
+ SQRADDAC(a[4], a[9]);
+ SQRADDAC(a[5], a[8]);
+ SQRADDAC(a[6], a[7]);
+ SQRADDDB;
+ COMBA_STORE(b[13]);
+
+ /* output 14 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[14]);
+ SQRADDAC(a[1], a[13]);
+ SQRADDAC(a[2], a[12]);
+ SQRADDAC(a[3], a[11]);
+ SQRADDAC(a[4], a[10]);
+ SQRADDAC(a[5], a[9]);
+ SQRADDAC(a[6], a[8]);
+ SQRADDDB;
+ SQRADD(a[7], a[7]);
+ COMBA_STORE(b[14]);
+
+ /* output 15 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[15]);
+ SQRADDAC(a[1], a[14]);
+ SQRADDAC(a[2], a[13]);
+ SQRADDAC(a[3], a[12]);
+ SQRADDAC(a[4], a[11]);
+ SQRADDAC(a[5], a[10]);
+ SQRADDAC(a[6], a[9]);
+ SQRADDAC(a[7], a[8]);
+ SQRADDDB;
+ COMBA_STORE(b[15]);
+
+ /* output 16 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[16]);
+ SQRADDAC(a[1], a[15]);
+ SQRADDAC(a[2], a[14]);
+ SQRADDAC(a[3], a[13]);
+ SQRADDAC(a[4], a[12]);
+ SQRADDAC(a[5], a[11]);
+ SQRADDAC(a[6], a[10]);
+ SQRADDAC(a[7], a[9]);
+ SQRADDDB;
+ SQRADD(a[8], a[8]);
+ COMBA_STORE(b[16]);
+
+ /* output 17 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[17]);
+ SQRADDAC(a[1], a[16]);
+ SQRADDAC(a[2], a[15]);
+ SQRADDAC(a[3], a[14]);
+ SQRADDAC(a[4], a[13]);
+ SQRADDAC(a[5], a[12]);
+ SQRADDAC(a[6], a[11]);
+ SQRADDAC(a[7], a[10]);
+ SQRADDAC(a[8], a[9]);
+ SQRADDDB;
+ COMBA_STORE(b[17]);
+
+ /* output 18 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[18]);
+ SQRADDAC(a[1], a[17]);
+ SQRADDAC(a[2], a[16]);
+ SQRADDAC(a[3], a[15]);
+ SQRADDAC(a[4], a[14]);
+ SQRADDAC(a[5], a[13]);
+ SQRADDAC(a[6], a[12]);
+ SQRADDAC(a[7], a[11]);
+ SQRADDAC(a[8], a[10]);
+ SQRADDDB;
+ SQRADD(a[9], a[9]);
+ COMBA_STORE(b[18]);
+
+ /* output 19 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[19]);
+ SQRADDAC(a[1], a[18]);
+ SQRADDAC(a[2], a[17]);
+ SQRADDAC(a[3], a[16]);
+ SQRADDAC(a[4], a[15]);
+ SQRADDAC(a[5], a[14]);
+ SQRADDAC(a[6], a[13]);
+ SQRADDAC(a[7], a[12]);
+ SQRADDAC(a[8], a[11]);
+ SQRADDAC(a[9], a[10]);
+ SQRADDDB;
+ COMBA_STORE(b[19]);
+
+ /* output 20 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[20]);
+ SQRADDAC(a[1], a[19]);
+ SQRADDAC(a[2], a[18]);
+ SQRADDAC(a[3], a[17]);
+ SQRADDAC(a[4], a[16]);
+ SQRADDAC(a[5], a[15]);
+ SQRADDAC(a[6], a[14]);
+ SQRADDAC(a[7], a[13]);
+ SQRADDAC(a[8], a[12]);
+ SQRADDAC(a[9], a[11]);
+ SQRADDDB;
+ SQRADD(a[10], a[10]);
+ COMBA_STORE(b[20]);
+
+ /* output 21 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[21]);
+ SQRADDAC(a[1], a[20]);
+ SQRADDAC(a[2], a[19]);
+ SQRADDAC(a[3], a[18]);
+ SQRADDAC(a[4], a[17]);
+ SQRADDAC(a[5], a[16]);
+ SQRADDAC(a[6], a[15]);
+ SQRADDAC(a[7], a[14]);
+ SQRADDAC(a[8], a[13]);
+ SQRADDAC(a[9], a[12]);
+ SQRADDAC(a[10], a[11]);
+ SQRADDDB;
+ COMBA_STORE(b[21]);
+
+ /* output 22 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[22]);
+ SQRADDAC(a[1], a[21]);
+ SQRADDAC(a[2], a[20]);
+ SQRADDAC(a[3], a[19]);
+ SQRADDAC(a[4], a[18]);
+ SQRADDAC(a[5], a[17]);
+ SQRADDAC(a[6], a[16]);
+ SQRADDAC(a[7], a[15]);
+ SQRADDAC(a[8], a[14]);
+ SQRADDAC(a[9], a[13]);
+ SQRADDAC(a[10], a[12]);
+ SQRADDDB;
+ SQRADD(a[11], a[11]);
+ COMBA_STORE(b[22]);
+
+ /* output 23 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[23]);
+ SQRADDAC(a[1], a[22]);
+ SQRADDAC(a[2], a[21]);
+ SQRADDAC(a[3], a[20]);
+ SQRADDAC(a[4], a[19]);
+ SQRADDAC(a[5], a[18]);
+ SQRADDAC(a[6], a[17]);
+ SQRADDAC(a[7], a[16]);
+ SQRADDAC(a[8], a[15]);
+ SQRADDAC(a[9], a[14]);
+ SQRADDAC(a[10], a[13]);
+ SQRADDAC(a[11], a[12]);
+ SQRADDDB;
+ COMBA_STORE(b[23]);
+
+ /* output 24 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[24]);
+ SQRADDAC(a[1], a[23]);
+ SQRADDAC(a[2], a[22]);
+ SQRADDAC(a[3], a[21]);
+ SQRADDAC(a[4], a[20]);
+ SQRADDAC(a[5], a[19]);
+ SQRADDAC(a[6], a[18]);
+ SQRADDAC(a[7], a[17]);
+ SQRADDAC(a[8], a[16]);
+ SQRADDAC(a[9], a[15]);
+ SQRADDAC(a[10], a[14]);
+ SQRADDAC(a[11], a[13]);
+ SQRADDDB;
+ SQRADD(a[12], a[12]);
+ COMBA_STORE(b[24]);
+
+ /* output 25 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[25]);
+ SQRADDAC(a[1], a[24]);
+ SQRADDAC(a[2], a[23]);
+ SQRADDAC(a[3], a[22]);
+ SQRADDAC(a[4], a[21]);
+ SQRADDAC(a[5], a[20]);
+ SQRADDAC(a[6], a[19]);
+ SQRADDAC(a[7], a[18]);
+ SQRADDAC(a[8], a[17]);
+ SQRADDAC(a[9], a[16]);
+ SQRADDAC(a[10], a[15]);
+ SQRADDAC(a[11], a[14]);
+ SQRADDAC(a[12], a[13]);
+ SQRADDDB;
+ COMBA_STORE(b[25]);
+
+ /* output 26 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[26]);
+ SQRADDAC(a[1], a[25]);
+ SQRADDAC(a[2], a[24]);
+ SQRADDAC(a[3], a[23]);
+ SQRADDAC(a[4], a[22]);
+ SQRADDAC(a[5], a[21]);
+ SQRADDAC(a[6], a[20]);
+ SQRADDAC(a[7], a[19]);
+ SQRADDAC(a[8], a[18]);
+ SQRADDAC(a[9], a[17]);
+ SQRADDAC(a[10], a[16]);
+ SQRADDAC(a[11], a[15]);
+ SQRADDAC(a[12], a[14]);
+ SQRADDDB;
+ SQRADD(a[13], a[13]);
+ COMBA_STORE(b[26]);
+
+ /* output 27 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[27]);
+ SQRADDAC(a[1], a[26]);
+ SQRADDAC(a[2], a[25]);
+ SQRADDAC(a[3], a[24]);
+ SQRADDAC(a[4], a[23]);
+ SQRADDAC(a[5], a[22]);
+ SQRADDAC(a[6], a[21]);
+ SQRADDAC(a[7], a[20]);
+ SQRADDAC(a[8], a[19]);
+ SQRADDAC(a[9], a[18]);
+ SQRADDAC(a[10], a[17]);
+ SQRADDAC(a[11], a[16]);
+ SQRADDAC(a[12], a[15]);
+ SQRADDAC(a[13], a[14]);
+ SQRADDDB;
+ COMBA_STORE(b[27]);
+
+ /* output 28 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[28]);
+ SQRADDAC(a[1], a[27]);
+ SQRADDAC(a[2], a[26]);
+ SQRADDAC(a[3], a[25]);
+ SQRADDAC(a[4], a[24]);
+ SQRADDAC(a[5], a[23]);
+ SQRADDAC(a[6], a[22]);
+ SQRADDAC(a[7], a[21]);
+ SQRADDAC(a[8], a[20]);
+ SQRADDAC(a[9], a[19]);
+ SQRADDAC(a[10], a[18]);
+ SQRADDAC(a[11], a[17]);
+ SQRADDAC(a[12], a[16]);
+ SQRADDAC(a[13], a[15]);
+ SQRADDDB;
+ SQRADD(a[14], a[14]);
+ COMBA_STORE(b[28]);
+
+ /* output 29 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[29]);
+ SQRADDAC(a[1], a[28]);
+ SQRADDAC(a[2], a[27]);
+ SQRADDAC(a[3], a[26]);
+ SQRADDAC(a[4], a[25]);
+ SQRADDAC(a[5], a[24]);
+ SQRADDAC(a[6], a[23]);
+ SQRADDAC(a[7], a[22]);
+ SQRADDAC(a[8], a[21]);
+ SQRADDAC(a[9], a[20]);
+ SQRADDAC(a[10], a[19]);
+ SQRADDAC(a[11], a[18]);
+ SQRADDAC(a[12], a[17]);
+ SQRADDAC(a[13], a[16]);
+ SQRADDAC(a[14], a[15]);
+ SQRADDDB;
+ COMBA_STORE(b[29]);
+
+ /* output 30 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[30]);
+ SQRADDAC(a[1], a[29]);
+ SQRADDAC(a[2], a[28]);
+ SQRADDAC(a[3], a[27]);
+ SQRADDAC(a[4], a[26]);
+ SQRADDAC(a[5], a[25]);
+ SQRADDAC(a[6], a[24]);
+ SQRADDAC(a[7], a[23]);
+ SQRADDAC(a[8], a[22]);
+ SQRADDAC(a[9], a[21]);
+ SQRADDAC(a[10], a[20]);
+ SQRADDAC(a[11], a[19]);
+ SQRADDAC(a[12], a[18]);
+ SQRADDAC(a[13], a[17]);
+ SQRADDAC(a[14], a[16]);
+ SQRADDDB;
+ SQRADD(a[15], a[15]);
+ COMBA_STORE(b[30]);
+
+ /* output 31 */
+ CARRY_FORWARD;
+ SQRADDSC(a[0], a[31]);
+ SQRADDAC(a[1], a[30]);
+ SQRADDAC(a[2], a[29]);
+ SQRADDAC(a[3], a[28]);
+ SQRADDAC(a[4], a[27]);
+ SQRADDAC(a[5], a[26]);
+ SQRADDAC(a[6], a[25]);
+ SQRADDAC(a[7], a[24]);
+ SQRADDAC(a[8], a[23]);
+ SQRADDAC(a[9], a[22]);
+ SQRADDAC(a[10], a[21]);
+ SQRADDAC(a[11], a[20]);
+ SQRADDAC(a[12], a[19]);
+ SQRADDAC(a[13], a[18]);
+ SQRADDAC(a[14], a[17]);
+ SQRADDAC(a[15], a[16]);
+ SQRADDDB;
+ COMBA_STORE(b[31]);
+
+ /* output 32 */
+ CARRY_FORWARD;
+ SQRADDSC(a[1], a[31]);
+ SQRADDAC(a[2], a[30]);
+ SQRADDAC(a[3], a[29]);
+ SQRADDAC(a[4], a[28]);
+ SQRADDAC(a[5], a[27]);
+ SQRADDAC(a[6], a[26]);
+ SQRADDAC(a[7], a[25]);
+ SQRADDAC(a[8], a[24]);
+ SQRADDAC(a[9], a[23]);
+ SQRADDAC(a[10], a[22]);
+ SQRADDAC(a[11], a[21]);
+ SQRADDAC(a[12], a[20]);
+ SQRADDAC(a[13], a[19]);
+ SQRADDAC(a[14], a[18]);
+ SQRADDAC(a[15], a[17]);
+ SQRADDDB;
+ SQRADD(a[16], a[16]);
+ COMBA_STORE(b[32]);
+
+ /* output 33 */
+ CARRY_FORWARD;
+ SQRADDSC(a[2], a[31]);
+ SQRADDAC(a[3], a[30]);
+ SQRADDAC(a[4], a[29]);
+ SQRADDAC(a[5], a[28]);
+ SQRADDAC(a[6], a[27]);
+ SQRADDAC(a[7], a[26]);
+ SQRADDAC(a[8], a[25]);
+ SQRADDAC(a[9], a[24]);
+ SQRADDAC(a[10], a[23]);
+ SQRADDAC(a[11], a[22]);
+ SQRADDAC(a[12], a[21]);
+ SQRADDAC(a[13], a[20]);
+ SQRADDAC(a[14], a[19]);
+ SQRADDAC(a[15], a[18]);
+ SQRADDAC(a[16], a[17]);
+ SQRADDDB;
+ COMBA_STORE(b[33]);
+
+ /* output 34 */
+ CARRY_FORWARD;
+ SQRADDSC(a[3], a[31]);
+ SQRADDAC(a[4], a[30]);
+ SQRADDAC(a[5], a[29]);
+ SQRADDAC(a[6], a[28]);
+ SQRADDAC(a[7], a[27]);
+ SQRADDAC(a[8], a[26]);
+ SQRADDAC(a[9], a[25]);
+ SQRADDAC(a[10], a[24]);
+ SQRADDAC(a[11], a[23]);
+ SQRADDAC(a[12], a[22]);
+ SQRADDAC(a[13], a[21]);
+ SQRADDAC(a[14], a[20]);
+ SQRADDAC(a[15], a[19]);
+ SQRADDAC(a[16], a[18]);
+ SQRADDDB;
+ SQRADD(a[17], a[17]);
+ COMBA_STORE(b[34]);
+
+ /* output 35 */
+ CARRY_FORWARD;
+ SQRADDSC(a[4], a[31]);
+ SQRADDAC(a[5], a[30]);
+ SQRADDAC(a[6], a[29]);
+ SQRADDAC(a[7], a[28]);
+ SQRADDAC(a[8], a[27]);
+ SQRADDAC(a[9], a[26]);
+ SQRADDAC(a[10], a[25]);
+ SQRADDAC(a[11], a[24]);
+ SQRADDAC(a[12], a[23]);
+ SQRADDAC(a[13], a[22]);
+ SQRADDAC(a[14], a[21]);
+ SQRADDAC(a[15], a[20]);
+ SQRADDAC(a[16], a[19]);
+ SQRADDAC(a[17], a[18]);
+ SQRADDDB;
+ COMBA_STORE(b[35]);
+
+ /* output 36 */
+ CARRY_FORWARD;
+ SQRADDSC(a[5], a[31]);
+ SQRADDAC(a[6], a[30]);
+ SQRADDAC(a[7], a[29]);
+ SQRADDAC(a[8], a[28]);
+ SQRADDAC(a[9], a[27]);
+ SQRADDAC(a[10], a[26]);
+ SQRADDAC(a[11], a[25]);
+ SQRADDAC(a[12], a[24]);
+ SQRADDAC(a[13], a[23]);
+ SQRADDAC(a[14], a[22]);
+ SQRADDAC(a[15], a[21]);
+ SQRADDAC(a[16], a[20]);
+ SQRADDAC(a[17], a[19]);
+ SQRADDDB;
+ SQRADD(a[18], a[18]);
+ COMBA_STORE(b[36]);
+
+ /* output 37 */
+ CARRY_FORWARD;
+ SQRADDSC(a[6], a[31]);
+ SQRADDAC(a[7], a[30]);
+ SQRADDAC(a[8], a[29]);
+ SQRADDAC(a[9], a[28]);
+ SQRADDAC(a[10], a[27]);
+ SQRADDAC(a[11], a[26]);
+ SQRADDAC(a[12], a[25]);
+ SQRADDAC(a[13], a[24]);
+ SQRADDAC(a[14], a[23]);
+ SQRADDAC(a[15], a[22]);
+ SQRADDAC(a[16], a[21]);
+ SQRADDAC(a[17], a[20]);
+ SQRADDAC(a[18], a[19]);
+ SQRADDDB;
+ COMBA_STORE(b[37]);
+
+ /* output 38 */
+ CARRY_FORWARD;
+ SQRADDSC(a[7], a[31]);
+ SQRADDAC(a[8], a[30]);
+ SQRADDAC(a[9], a[29]);
+ SQRADDAC(a[10], a[28]);
+ SQRADDAC(a[11], a[27]);
+ SQRADDAC(a[12], a[26]);
+ SQRADDAC(a[13], a[25]);
+ SQRADDAC(a[14], a[24]);
+ SQRADDAC(a[15], a[23]);
+ SQRADDAC(a[16], a[22]);
+ SQRADDAC(a[17], a[21]);
+ SQRADDAC(a[18], a[20]);
+ SQRADDDB;
+ SQRADD(a[19], a[19]);
+ COMBA_STORE(b[38]);
+
+ /* output 39 */
+ CARRY_FORWARD;
+ SQRADDSC(a[8], a[31]);
+ SQRADDAC(a[9], a[30]);
+ SQRADDAC(a[10], a[29]);
+ SQRADDAC(a[11], a[28]);
+ SQRADDAC(a[12], a[27]);
+ SQRADDAC(a[13], a[26]);
+ SQRADDAC(a[14], a[25]);
+ SQRADDAC(a[15], a[24]);
+ SQRADDAC(a[16], a[23]);
+ SQRADDAC(a[17], a[22]);
+ SQRADDAC(a[18], a[21]);
+ SQRADDAC(a[19], a[20]);
+ SQRADDDB;
+ COMBA_STORE(b[39]);
+
+ /* output 40 */
+ CARRY_FORWARD;
+ SQRADDSC(a[9], a[31]);
+ SQRADDAC(a[10], a[30]);
+ SQRADDAC(a[11], a[29]);
+ SQRADDAC(a[12], a[28]);
+ SQRADDAC(a[13], a[27]);
+ SQRADDAC(a[14], a[26]);
+ SQRADDAC(a[15], a[25]);
+ SQRADDAC(a[16], a[24]);
+ SQRADDAC(a[17], a[23]);
+ SQRADDAC(a[18], a[22]);
+ SQRADDAC(a[19], a[21]);
+ SQRADDDB;
+ SQRADD(a[20], a[20]);
+ COMBA_STORE(b[40]);
+
+ /* output 41 */
+ CARRY_FORWARD;
+ SQRADDSC(a[10], a[31]);
+ SQRADDAC(a[11], a[30]);
+ SQRADDAC(a[12], a[29]);
+ SQRADDAC(a[13], a[28]);
+ SQRADDAC(a[14], a[27]);
+ SQRADDAC(a[15], a[26]);
+ SQRADDAC(a[16], a[25]);
+ SQRADDAC(a[17], a[24]);
+ SQRADDAC(a[18], a[23]);
+ SQRADDAC(a[19], a[22]);
+ SQRADDAC(a[20], a[21]);
+ SQRADDDB;
+ COMBA_STORE(b[41]);
+
+ /* output 42 */
+ CARRY_FORWARD;
+ SQRADDSC(a[11], a[31]);
+ SQRADDAC(a[12], a[30]);
+ SQRADDAC(a[13], a[29]);
+ SQRADDAC(a[14], a[28]);
+ SQRADDAC(a[15], a[27]);
+ SQRADDAC(a[16], a[26]);
+ SQRADDAC(a[17], a[25]);
+ SQRADDAC(a[18], a[24]);
+ SQRADDAC(a[19], a[23]);
+ SQRADDAC(a[20], a[22]);
+ SQRADDDB;
+ SQRADD(a[21], a[21]);
+ COMBA_STORE(b[42]);
+
+ /* output 43 */
+ CARRY_FORWARD;
+ SQRADDSC(a[12], a[31]);
+ SQRADDAC(a[13], a[30]);
+ SQRADDAC(a[14], a[29]);
+ SQRADDAC(a[15], a[28]);
+ SQRADDAC(a[16], a[27]);
+ SQRADDAC(a[17], a[26]);
+ SQRADDAC(a[18], a[25]);
+ SQRADDAC(a[19], a[24]);
+ SQRADDAC(a[20], a[23]);
+ SQRADDAC(a[21], a[22]);
+ SQRADDDB;
+ COMBA_STORE(b[43]);
+
+ /* output 44 */
+ CARRY_FORWARD;
+ SQRADDSC(a[13], a[31]);
+ SQRADDAC(a[14], a[30]);
+ SQRADDAC(a[15], a[29]);
+ SQRADDAC(a[16], a[28]);
+ SQRADDAC(a[17], a[27]);
+ SQRADDAC(a[18], a[26]);
+ SQRADDAC(a[19], a[25]);
+ SQRADDAC(a[20], a[24]);
+ SQRADDAC(a[21], a[23]);
+ SQRADDDB;
+ SQRADD(a[22], a[22]);
+ COMBA_STORE(b[44]);
+
+ /* output 45 */
+ CARRY_FORWARD;
+ SQRADDSC(a[14], a[31]);
+ SQRADDAC(a[15], a[30]);
+ SQRADDAC(a[16], a[29]);
+ SQRADDAC(a[17], a[28]);
+ SQRADDAC(a[18], a[27]);
+ SQRADDAC(a[19], a[26]);
+ SQRADDAC(a[20], a[25]);
+ SQRADDAC(a[21], a[24]);
+ SQRADDAC(a[22], a[23]);
+ SQRADDDB;
+ COMBA_STORE(b[45]);
+
+ /* output 46 */
+ CARRY_FORWARD;
+ SQRADDSC(a[15], a[31]);
+ SQRADDAC(a[16], a[30]);
+ SQRADDAC(a[17], a[29]);
+ SQRADDAC(a[18], a[28]);
+ SQRADDAC(a[19], a[27]);
+ SQRADDAC(a[20], a[26]);
+ SQRADDAC(a[21], a[25]);
+ SQRADDAC(a[22], a[24]);
+ SQRADDDB;
+ SQRADD(a[23], a[23]);
+ COMBA_STORE(b[46]);
+
+ /* output 47 */
+ CARRY_FORWARD;
+ SQRADDSC(a[16], a[31]);
+ SQRADDAC(a[17], a[30]);
+ SQRADDAC(a[18], a[29]);
+ SQRADDAC(a[19], a[28]);
+ SQRADDAC(a[20], a[27]);
+ SQRADDAC(a[21], a[26]);
+ SQRADDAC(a[22], a[25]);
+ SQRADDAC(a[23], a[24]);
+ SQRADDDB;
+ COMBA_STORE(b[47]);
+
+ /* output 48 */
+ CARRY_FORWARD;
+ SQRADDSC(a[17], a[31]);
+ SQRADDAC(a[18], a[30]);
+ SQRADDAC(a[19], a[29]);
+ SQRADDAC(a[20], a[28]);
+ SQRADDAC(a[21], a[27]);
+ SQRADDAC(a[22], a[26]);
+ SQRADDAC(a[23], a[25]);
+ SQRADDDB;
+ SQRADD(a[24], a[24]);
+ COMBA_STORE(b[48]);
+
+ /* output 49 */
+ CARRY_FORWARD;
+ SQRADDSC(a[18], a[31]);
+ SQRADDAC(a[19], a[30]);
+ SQRADDAC(a[20], a[29]);
+ SQRADDAC(a[21], a[28]);
+ SQRADDAC(a[22], a[27]);
+ SQRADDAC(a[23], a[26]);
+ SQRADDAC(a[24], a[25]);
+ SQRADDDB;
+ COMBA_STORE(b[49]);
+
+ /* output 50 */
+ CARRY_FORWARD;
+ SQRADDSC(a[19], a[31]);
+ SQRADDAC(a[20], a[30]);
+ SQRADDAC(a[21], a[29]);
+ SQRADDAC(a[22], a[28]);
+ SQRADDAC(a[23], a[27]);
+ SQRADDAC(a[24], a[26]);
+ SQRADDDB;
+ SQRADD(a[25], a[25]);
+ COMBA_STORE(b[50]);
+
+ /* output 51 */
+ CARRY_FORWARD;
+ SQRADDSC(a[20], a[31]);
+ SQRADDAC(a[21], a[30]);
+ SQRADDAC(a[22], a[29]);
+ SQRADDAC(a[23], a[28]);
+ SQRADDAC(a[24], a[27]);
+ SQRADDAC(a[25], a[26]);
+ SQRADDDB;
+ COMBA_STORE(b[51]);
+
+ /* output 52 */
+ CARRY_FORWARD;
+ SQRADDSC(a[21], a[31]);
+ SQRADDAC(a[22], a[30]);
+ SQRADDAC(a[23], a[29]);
+ SQRADDAC(a[24], a[28]);
+ SQRADDAC(a[25], a[27]);
+ SQRADDDB;
+ SQRADD(a[26], a[26]);
+ COMBA_STORE(b[52]);
+
+ /* output 53 */
+ CARRY_FORWARD;
+ SQRADDSC(a[22], a[31]);
+ SQRADDAC(a[23], a[30]);
+ SQRADDAC(a[24], a[29]);
+ SQRADDAC(a[25], a[28]);
+ SQRADDAC(a[26], a[27]);
+ SQRADDDB;
+ COMBA_STORE(b[53]);
+
+ /* output 54 */
+ CARRY_FORWARD;
+ SQRADDSC(a[23], a[31]);
+ SQRADDAC(a[24], a[30]);
+ SQRADDAC(a[25], a[29]);
+ SQRADDAC(a[26], a[28]);
+ SQRADDDB;
+ SQRADD(a[27], a[27]);
+ COMBA_STORE(b[54]);
+
+ /* output 55 */
+ CARRY_FORWARD;
+ SQRADDSC(a[24], a[31]);
+ SQRADDAC(a[25], a[30]);
+ SQRADDAC(a[26], a[29]);
+ SQRADDAC(a[27], a[28]);
+ SQRADDDB;
+ COMBA_STORE(b[55]);
+
+ /* output 56 */
+ CARRY_FORWARD;
+ SQRADDSC(a[25], a[31]);
+ SQRADDAC(a[26], a[30]);
+ SQRADDAC(a[27], a[29]);
+ SQRADDDB;
+ SQRADD(a[28], a[28]);
+ COMBA_STORE(b[56]);
+
+ /* output 57 */
+ CARRY_FORWARD;
+ SQRADDSC(a[26], a[31]);
+ SQRADDAC(a[27], a[30]);
+ SQRADDAC(a[28], a[29]);
+ SQRADDDB;
+ COMBA_STORE(b[57]);
+
+ /* output 58 */
+ CARRY_FORWARD;
+ SQRADD2(a[27], a[31]);
+ SQRADD2(a[28], a[30]);
+ SQRADD(a[29], a[29]);
+ COMBA_STORE(b[58]);
+
+ /* output 59 */
+ CARRY_FORWARD;
+ SQRADD2(a[28], a[31]);
+ SQRADD2(a[29], a[30]);
+ COMBA_STORE(b[59]);
+
+ /* output 60 */
+ CARRY_FORWARD;
+ SQRADD2(a[29], a[31]);
+ SQRADD(a[30], a[30]);
+ COMBA_STORE(b[60]);
+
+ /* output 61 */
+ CARRY_FORWARD;
+ SQRADD2(a[30], a[31]);
+ COMBA_STORE(b[61]);
+
+ /* output 62 */
+ CARRY_FORWARD;
+ SQRADD(a[31], a[31]);
+ COMBA_STORE(b[62]);
+ COMBA_STORE2(b[63]);
+ COMBA_FINI;
+
+ B->used = 64;
+ B->sign = ZPOS;
+ memcpy(B->dp, b, 64 * sizeof(mp_digit));
+ mp_clamp(B);
+}
diff --git a/security/nss/lib/freebl/mpi/mp_comba_amd64_masm.asm b/security/nss/lib/freebl/mpi/mp_comba_amd64_masm.asm
new file mode 100644
index 000000000..cb432583f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mp_comba_amd64_masm.asm
@@ -0,0 +1,13066 @@
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+;/* TomsFastMath, a fast ISO C bignum library.
+; *
+; * This project is meant to fill in where LibTomMath
+; * falls short. That is speed ;-)
+; *
+; * This project is public domain and free for all purposes.
+; *
+; * Tom St Denis, tomstdenis@iahu.ca
+; */
+
+;/*
+; * The source file from which this assembly was derived
+; * comes from TFM v0.03, which has the above license.
+; * This source was from mp_comba_amd64.sun.s and convert to
+; * MASM code set.
+; */
+
+.CODE
+
+externdef memcpy:PROC
+
+public s_mp_mul_comba_4
+public s_mp_mul_comba_8
+public s_mp_mul_comba_16
+public s_mp_mul_comba_32
+public s_mp_sqr_comba_8
+public s_mp_sqr_comba_16
+public s_mp_sqr_comba_32
+
+
+; void s_mp_mul_comba_4(const mp_int *A, const mp_int *B, mp_int *C)
+
+ ALIGN 16
+s_mp_mul_comba_4 PROC
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov rdx, r8
+
+ push r12
+ push rbp
+ push rbx
+ sub rsp, 64
+ mov r9, qword ptr [16+rdi]
+ mov rbx, rdx
+ mov rdx, qword ptr [16+rsi]
+ mov rax, qword ptr [r9]
+ mov qword ptr [-64+64+rsp], rax
+ mov r8, qword ptr [8+r9]
+ mov qword ptr [-56+64+rsp], r8
+ mov rbp, qword ptr [16+r9]
+ mov qword ptr [-48+64+rsp], rbp
+ mov r12, qword ptr [24+r9]
+ mov qword ptr [-40+64+rsp], r12
+ mov rcx, qword ptr [rdx]
+ mov qword ptr [-32+64+rsp], rcx
+ mov r10, qword ptr [8+rdx]
+ mov qword ptr [-24+64+rsp], r10
+ mov r11, qword ptr [16+rdx]
+ xor r10d, r10d
+ mov r8, r10
+ mov r9, r10
+ mov rbp, r10
+ mov qword ptr [-16+64+rsp], r11
+ mov r11, qword ptr [16+rbx]
+ mov rax, qword ptr [24+rdx]
+ mov qword ptr [-8+64+rsp], rax
+ mov rax, qword ptr [-64+64+rsp]
+ mul qword ptr [-32+64+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rbp, 0
+ mov qword ptr [r11], r8
+ mov r8, rbp
+ mov rbp, r10
+ mov rax, qword ptr [-64+64+rsp]
+ mul qword ptr [-24+64+rsp]
+ add r9, rax
+ adc r8, rdx
+ adc rbp, 0
+ mov r12, rbp
+ mov rax, qword ptr [-56+64+rsp]
+ mul qword ptr [-32+64+rsp]
+ add r9, rax
+ adc r8, rdx
+ adc r12, 0
+ mov qword ptr [8+r11], r9
+ mov r9, r12
+ mov r12, r10
+ mov rax, qword ptr [-64+64+rsp]
+ mul qword ptr [-16+64+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc r12, 0
+ mov rcx, r12
+ mov rax, qword ptr [-56+64+rsp]
+ mul qword ptr [-24+64+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-48+64+rsp]
+ mul qword ptr [-32+64+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [16+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-64+64+rsp]
+ mul qword ptr [-8+64+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+64+rsp]
+ mul qword ptr [-16+64+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+64+rsp]
+ mul qword ptr [-24+64+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-40+64+rsp]
+ mul qword ptr [-32+64+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [24+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-56+64+rsp]
+ mul qword ptr [-8+64+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+64+rsp]
+ mul qword ptr [-16+64+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-40+64+rsp]
+ mul qword ptr [-24+64+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [32+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-48+64+rsp]
+ mul qword ptr [-8+64+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov r12, r8
+ mov rbp, r9
+ mov rax, qword ptr [-40+64+rsp]
+ mul qword ptr [-16+64+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [40+r11], rcx
+ mov r8, rbp
+ mov rcx, r12
+ mov rax, qword ptr [-40+64+rsp]
+ mul qword ptr [-8+64+rsp]
+ add r8, rax
+ adc rcx, rdx
+ adc r10, 0
+ mov qword ptr [48+r11], r8
+ mov esi, dword ptr [rsi]
+ xor esi, dword ptr [rdi]
+ test rcx, rcx
+ mov qword ptr [56+r11], rcx
+ mov dword ptr [8+rbx], 8
+ jne L9
+ ALIGN 16
+L18:
+ mov edx, dword ptr [8+rbx]
+ lea edi, dword ptr [-1+rdx]
+ test edi, edi
+ mov dword ptr [8+rbx], edi
+ je L9
+ lea r10d, dword ptr [-2+rdx]
+ cmp dword ptr [r11+r10*8], 0
+ je L18
+L9:
+ mov edx, dword ptr [8+rbx]
+ xor r11d, r11d
+ test edx, edx
+ cmovne r11d, esi
+ mov dword ptr [rbx], r11d
+ add rsp, 64
+ pop rbx
+ pop rbp
+ pop r12
+
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_mul_comba_4 ENDP
+
+
+; void s_mp_mul_comba_8(const mp_int *A, const mp_int *B, mp_int *C)
+
+ ALIGN 16
+s_mp_mul_comba_8 PROC
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov rdx, r8
+
+ push r12
+ push rbp
+ push rbx
+ mov rbx, rdx
+ sub rsp, 8+128
+ mov rdx, qword ptr [16+rdi]
+ mov r8, qword ptr [rdx]
+ mov qword ptr [-120+128+rsp], r8
+ mov rbp, qword ptr [8+rdx]
+ mov qword ptr [-112+128+rsp], rbp
+ mov r9, qword ptr [16+rdx]
+ mov qword ptr [-104+128+rsp], r9
+ mov r12, qword ptr [24+rdx]
+ mov qword ptr [-96+128+rsp], r12
+ mov rcx, qword ptr [32+rdx]
+ mov qword ptr [-88+128+rsp], rcx
+ mov r10, qword ptr [40+rdx]
+ mov qword ptr [-80+128+rsp], r10
+ mov r11, qword ptr [48+rdx]
+ mov qword ptr [-72+128+rsp], r11
+ mov rax, qword ptr [56+rdx]
+ mov rdx, qword ptr [16+rsi]
+ mov qword ptr [-64+128+rsp], rax
+ mov r8, qword ptr [rdx]
+ mov qword ptr [-56+128+rsp], r8
+ mov rbp, qword ptr [8+rdx]
+ mov qword ptr [-48+128+rsp], rbp
+ mov r9, qword ptr [16+rdx]
+ mov qword ptr [-40+128+rsp], r9
+ mov r12, qword ptr [24+rdx]
+ mov qword ptr [-32+128+rsp], r12
+ mov rcx, qword ptr [32+rdx]
+ mov qword ptr [-24+128+rsp], rcx
+ mov r10, qword ptr [40+rdx]
+ mov qword ptr [-16+128+rsp], r10
+ mov r11, qword ptr [48+rdx]
+ xor r10d, r10d
+ mov r8, r10
+ mov r9, r10
+ mov rbp, r10
+ mov qword ptr [-8+128+rsp], r11
+ mov r11, qword ptr [16+rbx]
+ mov rax, qword ptr [56+rdx]
+ mov qword ptr [128+rsp], rax
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rbp, 0
+ mov qword ptr [r11], r8
+ mov r8, rbp
+ mov rbp, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add r9, rax
+ adc r8, rdx
+ adc rbp, 0
+ mov r12, rbp
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add r9, rax
+ adc r8, rdx
+ adc r12, 0
+ mov qword ptr [8+r11], r9
+ mov r9, r12
+ mov r12, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc r12, 0
+ mov rcx, r12
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [16+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [24+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [32+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [40+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [48+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-56+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [56+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-48+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [64+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-40+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [72+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-32+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [80+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-24+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [88+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-16+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [96+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov r12, r8
+ mov rbp, r9
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [-8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [104+r11], rcx
+ mov r8, rbp
+ mov rcx, r12
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [128+rsp]
+ add r8, rax
+ adc rcx, rdx
+ adc r10, 0
+ mov qword ptr [112+r11], r8
+ mov esi, dword ptr [rsi]
+ xor esi, dword ptr [rdi]
+ test rcx, rcx
+ mov qword ptr [120+r11], rcx
+ mov dword ptr [8+rbx], 16
+ jne L35
+ ALIGN 16
+L43:
+ mov edx, dword ptr [8+rbx]
+ lea edi, dword ptr [-1+rdx]
+ test edi, edi
+ mov dword ptr [8+rbx], edi
+ je L35
+ lea eax, dword ptr [-2+rdx]
+ cmp dword ptr [r11+rax*8], 0
+ je L43
+L35:
+ mov r11d, dword ptr [8+rbx]
+ xor edx, edx
+ test r11d, r11d
+ cmovne edx, esi
+ mov dword ptr [rbx], edx
+ add rsp, 8+128
+ pop rbx
+ pop rbp
+ pop r12
+
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_mul_comba_8 ENDP
+
+
+; void s_mp_mul_comba_16(const mp_int *A, const mp_int *B, mp_int *C);
+
+ ALIGN 16
+s_mp_mul_comba_16 PROC
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov rdx, r8
+
+ push r12
+ push rbp
+ push rbx
+ mov rbx, rdx
+ sub rsp, 136+128
+ mov rax, qword ptr [16+rdi]
+ mov r8, qword ptr [rax]
+ mov qword ptr [-120+128+rsp], r8
+ mov rbp, qword ptr [8+rax]
+ mov qword ptr [-112+128+rsp], rbp
+ mov r9, qword ptr [16+rax]
+ mov qword ptr [-104+128+rsp], r9
+ mov r12, qword ptr [24+rax]
+ mov qword ptr [-96+128+rsp], r12
+ mov rcx, qword ptr [32+rax]
+ mov qword ptr [-88+128+rsp], rcx
+ mov r10, qword ptr [40+rax]
+ mov qword ptr [-80+128+rsp], r10
+ mov rdx, qword ptr [48+rax]
+ mov qword ptr [-72+128+rsp], rdx
+ mov r11, qword ptr [56+rax]
+ mov qword ptr [-64+128+rsp], r11
+ mov r8, qword ptr [64+rax]
+ mov qword ptr [-56+128+rsp], r8
+ mov rbp, qword ptr [72+rax]
+ mov qword ptr [-48+128+rsp], rbp
+ mov r9, qword ptr [80+rax]
+ mov qword ptr [-40+128+rsp], r9
+ mov r12, qword ptr [88+rax]
+ mov qword ptr [-32+128+rsp], r12
+ mov rcx, qword ptr [96+rax]
+ mov qword ptr [-24+128+rsp], rcx
+ mov r10, qword ptr [104+rax]
+ mov qword ptr [-16+128+rsp], r10
+ mov rdx, qword ptr [112+rax]
+ mov qword ptr [-8+128+rsp], rdx
+ mov r11, qword ptr [120+rax]
+ mov qword ptr [128+rsp], r11
+ mov r11, qword ptr [16+rsi]
+ mov r8, qword ptr [r11]
+ mov qword ptr [8+128+rsp], r8
+ mov rbp, qword ptr [8+r11]
+ mov qword ptr [16+128+rsp], rbp
+ mov r9, qword ptr [16+r11]
+ mov qword ptr [24+128+rsp], r9
+ mov r12, qword ptr [24+r11]
+ mov qword ptr [32+128+rsp], r12
+ mov rcx, qword ptr [32+r11]
+ mov qword ptr [40+128+rsp], rcx
+ mov r10, qword ptr [40+r11]
+ mov qword ptr [48+128+rsp], r10
+ mov rdx, qword ptr [48+r11]
+ mov qword ptr [56+128+rsp], rdx
+ mov rax, qword ptr [56+r11]
+ mov qword ptr [64+128+rsp], rax
+ mov r8, qword ptr [64+r11]
+ mov qword ptr [72+128+rsp], r8
+ mov rbp, qword ptr [72+r11]
+ mov qword ptr [80+128+rsp], rbp
+ mov r9, qword ptr [80+r11]
+ mov qword ptr [88+128+rsp], r9
+ mov r12, qword ptr [88+r11]
+ mov qword ptr [96+128+rsp], r12
+ mov rcx, qword ptr [96+r11]
+ mov qword ptr [104+128+rsp], rcx
+ mov r10, qword ptr [104+r11]
+ mov qword ptr [112+128+rsp], r10
+ mov rdx, qword ptr [112+r11]
+ xor r10d, r10d
+ mov r8, r10
+ mov r9, r10
+ mov rbp, r10
+ mov qword ptr [120+128+rsp], rdx
+ mov rax, qword ptr [120+r11]
+ mov qword ptr [128+128+rsp], rax
+ mov r11, qword ptr [16+rbx]
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rbp, 0
+ mov qword ptr [r11], r8
+ mov r8, rbp
+ mov rbp, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r9, rax
+ adc r8, rdx
+ adc rbp, 0
+ mov r12, rbp
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r9, rax
+ adc r8, rdx
+ adc r12, 0
+ mov qword ptr [8+r11], r9
+ mov r9, r12
+ mov r12, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc r12, 0
+ mov rcx, r12
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [16+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [24+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [32+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [40+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [48+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [56+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [64+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [72+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [80+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [88+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [96+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [104+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [8+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [112+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-120+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [16+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [8+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [120+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-112+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [24+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [16+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [128+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-104+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [32+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [24+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [136+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-96+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [40+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [32+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [144+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-88+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [48+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [40+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [152+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-80+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [56+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [48+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [160+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-72+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [64+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [56+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [168+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-64+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [72+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [64+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [176+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-56+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [80+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [72+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [184+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-48+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [88+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [80+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [192+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-40+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [96+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [88+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [200+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-32+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [104+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [96+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [208+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-24+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [112+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbp, r9
+ mov r12, r8
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [104+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [216+r11], rcx
+ mov r9, r12
+ mov r8, rbp
+ mov rcx, r10
+ mov rax, qword ptr [-16+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [120+128+rsp]
+ add r8, rax
+ adc r9, rdx
+ adc rcx, 0
+ mov rbp, r9
+ mov r12, rcx
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [112+128+rsp]
+ add r8, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [224+r11], r8
+ mov r9, r12
+ mov rcx, rbp
+ mov r8, r10
+ mov rax, qword ptr [-8+128+rsp]
+ mul qword ptr [128+128+rsp]
+ add rcx, rax
+ adc r9, rdx
+ adc r8, 0
+ mov r12, r8
+ mov rbp, r9
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [120+128+rsp]
+ add rcx, rax
+ adc rbp, rdx
+ adc r12, 0
+ mov qword ptr [232+r11], rcx
+ mov r8, rbp
+ mov rcx, r12
+ mov rax, qword ptr [128+rsp]
+ mul qword ptr [128+128+rsp]
+ add r8, rax
+ adc rcx, rdx
+ adc r10, 0
+ mov qword ptr [240+r11], r8
+ mov esi, dword ptr [rsi]
+ xor esi, dword ptr [rdi]
+ test rcx, rcx
+ mov qword ptr [248+r11], rcx
+ mov dword ptr [8+rbx], 32
+ jne L76
+ ALIGN 16
+L84:
+ mov edx, dword ptr [8+rbx]
+ lea edi, dword ptr [-1+rdx]
+ test edi, edi
+ mov dword ptr [8+rbx], edi
+ je L76
+ lea eax, dword ptr [-2+rdx]
+ cmp dword ptr [r11+rax*8], 0
+ je L84
+L76:
+ mov edx, dword ptr [8+rbx]
+ xor r11d, r11d
+ test edx, edx
+ cmovne r11d, esi
+ mov dword ptr [rbx], r11d
+ add rsp, 136+128
+ pop rbx
+ pop rbp
+ pop r12
+
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_mul_comba_16 ENDP
+
+; void s_mp_mul_comba_32(const mp_int *A, const mp_int *B, mp_int *C)
+
+
+ ALIGN 16
+s_mp_mul_comba_32 PROC ; a "FRAME" function
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov rdx, r8
+
+ push rbp
+ mov rbp, rsp
+ push r13
+ mov r13, rdx
+; mov edx, 256
+ mov r8d, 256
+ push r12
+ mov r12, rsi
+ push rbx
+ mov rbx, rdi
+ sub rsp, 520+32 ; +32 for "home" storage
+; mov rsi, qword ptr [16+rdi]
+; lea rdi, qword ptr [-544+rbp]
+ mov rdx, qword ptr [16+rdi]
+ lea rcx, qword ptr [-544+rbp]
+ call memcpy
+; mov rsi, qword ptr [16+r12]
+; lea rdi, qword ptr [-288+rbp]
+; mov edx, 256
+ mov rdx, qword ptr [16+r12]
+ lea rcx, qword ptr [-288+rbp]
+ mov r8d, 256
+ call memcpy
+ mov r9, qword ptr [16+r13]
+ xor r8d, r8d
+ mov rsi, r8
+ mov rdi, r8
+ mov r10, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov qword ptr [r9], rsi
+ mov rsi, r10
+ mov r10, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-280+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc r10, 0
+ mov r11, r10
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-288+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc r11, 0
+ mov qword ptr [8+r9], rdi
+ mov rdi, r11
+ mov r11, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc r11, 0
+ mov rcx, r11
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [16+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [24+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [32+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [40+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [48+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [56+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [64+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [72+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [80+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [88+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [96+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [104+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [112+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [120+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [128+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [136+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [144+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [152+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [160+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [168+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [176+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [184+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [192+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [200+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [208+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [216+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [224+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [232+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-288+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [240+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-544+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-280+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-288+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [248+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-536+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-272+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-280+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [256+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-528+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-264+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-272+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [264+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-520+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-256+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-264+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [272+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-512+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-248+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-256+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [280+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-504+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-240+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-248+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [288+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-496+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-232+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-240+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [296+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-488+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-224+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-232+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [304+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-480+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-216+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-224+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [312+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-472+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-184+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-192+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-200+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-208+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-216+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [320+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-464+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-192+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-200+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-208+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [328+r9], rcx
+ mov rdi, r11
+ mov r11, r10
+ mov r10, r8
+ mov rax, qword ptr [-456+rbp]
+ mul qword ptr [-40+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-48+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-56+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-64+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-72+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-80+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-88+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-96+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-104+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-112+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-120+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-128+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-136+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-144+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-152+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-160+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-168+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-176+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-184+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-192+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-200+rbp]
+ add r11, rax
+ adc rdi, rdx
+ adc r10, 0
+ mov qword ptr [336+r9], r11
+ mov rsi, r10
+ mov r10, r8
+ mov rax, qword ptr [-448+rbp]
+ mul qword ptr [-40+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc r10, 0
+ mov rcx, r10
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-48+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-56+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-64+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-72+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-80+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-88+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-96+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-104+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-112+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-120+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-128+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-136+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-144+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-152+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-160+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-168+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-176+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-184+rbp]
+ add rdi, rax
+ adc rsi, rdx
+ adc rcx, 0
+ mov r11, rsi
+ mov r10, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-192+rbp]
+ add rdi, rax
+ adc r11, rdx
+ adc r10, 0
+ mov qword ptr [344+r9], rdi
+ mov rcx, r11
+ mov rdi, r10
+ mov r11, r8
+ mov rax, qword ptr [-440+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc r11, 0
+ mov rsi, r11
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-176+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-184+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [352+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-432+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-168+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-176+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [360+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-424+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-160+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-168+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [368+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-416+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-152+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-160+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [376+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-408+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-144+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-152+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [384+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-400+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-136+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-144+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [392+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-392+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-128+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-136+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [400+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-384+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-120+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-128+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [408+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-376+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-112+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-120+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [416+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-368+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-104+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-112+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [424+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-360+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-96+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-104+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [432+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-352+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-88+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-96+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [440+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-344+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-80+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-88+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [448+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-336+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-72+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-80+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [456+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-328+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-64+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-72+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [464+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-320+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-56+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r10, rdi
+ mov r11, rcx
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-64+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [472+r9], rsi
+ mov rdi, r11
+ mov rcx, r10
+ mov rsi, r8
+ mov rax, qword ptr [-312+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-48+rbp]
+ add rcx, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r10, rdi
+ mov r11, rsi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-56+rbp]
+ add rcx, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [480+r9], rcx
+ mov rdi, r11
+ mov rsi, r10
+ mov rcx, r8
+ mov rax, qword ptr [-304+rbp]
+ mul qword ptr [-40+rbp]
+ add rsi, rax
+ adc rdi, rdx
+ adc rcx, 0
+ mov r11, rcx
+ mov r10, rdi
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-48+rbp]
+ add rsi, rax
+ adc r10, rdx
+ adc r11, 0
+ mov qword ptr [488+r9], rsi
+ mov rcx, r10
+ mov rsi, r11
+ mov rax, qword ptr [-296+rbp]
+ mul qword ptr [-40+rbp]
+ add rcx, rax
+ adc rsi, rdx
+ adc r8, 0
+ mov qword ptr [496+r9], rcx
+ mov ecx, dword ptr [r12]
+ xor ecx, dword ptr [rbx]
+ test rsi, rsi
+ mov qword ptr [504+r9], rsi
+ mov dword ptr [8+r13], 64
+ jne L149
+ ALIGN 16
+L157:
+ mov edx, dword ptr [8+r13]
+ lea ebx, dword ptr [-1+rdx]
+ test ebx, ebx
+ mov dword ptr [8+r13], ebx
+ je L149
+ lea r12d, dword ptr [-2+rdx]
+ cmp dword ptr [r9+r12*8], 0
+ je L157
+L149:
+ mov r9d, dword ptr [8+r13]
+ xor edx, edx
+ test r9d, r9d
+ cmovne edx, ecx
+ mov dword ptr [r13], edx
+ add rsp, 520+32 ; +32 for "home" storage
+ pop rbx
+ pop r12
+ pop r13
+ pop rbp
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_mul_comba_32 ENDP
+
+
+; void s_mp_sqr_comba_4(const mp_int *A, mp_int *B);
+
+ ALIGN 16
+s_mp_sqr_comba_4 PROC
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+
+ push rbp
+ push rbx
+ sub rsp, 80
+ mov r11, rsi
+ xor esi, esi
+ mov r10, rsi
+ mov rbp, rsi
+ mov r8, rsi
+ mov rbx, rsi
+ mov rcx, qword ptr [16+rdi]
+ mov rdi, rsi
+ mov rax, qword ptr [rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc rdi, 0
+ mov qword ptr [-72+80+rsp], r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [8+rcx]
+ add rbx, rax
+ adc rdi, rdx
+ adc rbp, 0
+ add rbx, rax
+ adc rdi, rdx
+ adc rbp, 0
+ mov qword ptr [-64+80+rsp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [16+rcx]
+ add rdi, rax
+ adc rbp, rdx
+ adc r8, 0
+ add rdi, rax
+ adc rbp, rdx
+ adc r8, 0
+ mov rbx, rbp
+ mov rbp, r8
+ mov rax, qword ptr [8+rcx]
+ mul rax
+ add rdi, rax
+ adc rbx, rdx
+ adc rbp, 0
+ mov qword ptr [-56+80+rsp], rdi
+ mov r9, rbp
+ mov r8, rbx
+ mov rdi, rsi
+ mov rax, qword ptr [rcx]
+ mul qword ptr [24+rcx]
+ add r8, rax
+ adc r9, rdx
+ adc rdi, 0
+ add r8, rax
+ adc r9, rdx
+ adc rdi, 0
+ mov rbx, r9
+ mov rbp, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [16+rcx]
+ add r8, rax
+ adc rbx, rdx
+ adc rbp, 0
+ add r8, rax
+ adc rbx, rdx
+ adc rbp, 0
+ mov qword ptr [-48+80+rsp], r8
+ mov r9, rbp
+ mov rdi, rbx
+ mov r8, rsi
+ mov dword ptr [8+r11], 8
+ mov dword ptr [r11], 0
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [24+rcx]
+ add rdi, rax
+ adc r9, rdx
+ adc r8, 0
+ add rdi, rax
+ adc r9, rdx
+ adc r8, 0
+ mov rbx, r9
+ mov rbp, r8
+ mov rax, qword ptr [16+rcx]
+ mul rax
+ add rdi, rax
+ adc rbx, rdx
+ adc rbp, 0
+ mov rax, rbp
+ mov qword ptr [-40+80+rsp], rdi
+ mov rbp, rbx
+ mov rdi, rax
+ mov rbx, rsi
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [24+rcx]
+ add rbp, rax
+ adc rdi, rdx
+ adc rbx, 0
+ add rbp, rax
+ adc rdi, rdx
+ adc rbx, 0
+ mov qword ptr [-32+80+rsp], rbp
+ mov r9, rbx
+ mov rax, qword ptr [24+rcx]
+ mul rax
+ add rdi, rax
+ adc r9, rdx
+ adc rsi, 0
+ mov rdx, qword ptr [16+r11]
+ mov qword ptr [-24+80+rsp], rdi
+ mov qword ptr [-16+80+rsp], r9
+ mov qword ptr [rdx], r10
+ mov r8, qword ptr [-64+80+rsp]
+ mov qword ptr [8+rdx], r8
+ mov rbp, qword ptr [-56+80+rsp]
+ mov qword ptr [16+rdx], rbp
+ mov rdi, qword ptr [-48+80+rsp]
+ mov qword ptr [24+rdx], rdi
+ mov rsi, qword ptr [-40+80+rsp]
+ mov qword ptr [32+rdx], rsi
+ mov rbx, qword ptr [-32+80+rsp]
+ mov qword ptr [40+rdx], rbx
+ mov rcx, qword ptr [-24+80+rsp]
+ mov qword ptr [48+rdx], rcx
+ mov rax, qword ptr [-16+80+rsp]
+ mov qword ptr [56+rdx], rax
+ mov edx, dword ptr [8+r11]
+ test edx, edx
+ je L168
+ lea ecx, dword ptr [-1+rdx]
+ mov rsi, qword ptr [16+r11]
+ mov r10d, ecx
+ cmp dword ptr [rsi+r10*8], 0
+ jne L166
+ mov edx, ecx
+ ALIGN 16
+L167:
+ test edx, edx
+ mov ecx, edx
+ je L171
+ dec edx
+ mov eax, edx
+ cmp dword ptr [rsi+rax*8], 0
+ je L167
+ mov dword ptr [8+r11], ecx
+ mov edx, ecx
+L166:
+ test edx, edx
+ je L168
+ mov eax, dword ptr [r11]
+ jmp L169
+
+L171:
+ mov dword ptr [8+r11], edx
+L168:
+ xor eax, eax
+L169:
+ add rsp, 80
+ pop rbx
+ pop rbp
+ mov dword ptr [r11], eax
+
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_sqr_comba_4 ENDP
+
+
+; void s_mp_sqr_comba_8(const mp_int *A, mp_int *B);
+
+ ALIGN 16
+s_mp_sqr_comba_8 PROC
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov rdx, r8
+ mov rcx, r9
+
+ push r14
+ xor r9d, r9d
+ mov r14, r9
+ mov r10, r9
+ push r13
+ mov r13, r9
+ push r12
+ mov r12, r9
+ push rbp
+ mov rbp, rsi
+ mov rsi, r9
+ push rbx
+ mov rbx, r9
+ sub rsp, 8+128
+ mov rcx, qword ptr [16+rdi]
+ mov rax, qword ptr [rcx]
+ mul rax
+ add r14, rax
+ adc rbx, rdx
+ adc r12, 0
+ mov qword ptr [-120+128+rsp], r14
+ mov rax, qword ptr [rcx]
+ mul qword ptr [8+rcx]
+ add rbx, rax
+ adc r12, rdx
+ adc r10, 0
+ add rbx, rax
+ adc r12, rdx
+ adc r10, 0
+ mov qword ptr [-112+128+rsp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [16+rcx]
+ add r12, rax
+ adc r10, rdx
+ adc r13, 0
+ add r12, rax
+ adc r10, rdx
+ adc r13, 0
+ mov rbx, r10
+ mov r10, r13
+ mov r13, r9
+ mov rax, qword ptr [8+rcx]
+ mul rax
+ add r12, rax
+ adc rbx, rdx
+ adc r10, 0
+ mov qword ptr [-104+128+rsp], r12
+ mov rdi, r10
+ mov r11, rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [24+rcx]
+ add r11, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r11, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, rdi
+ mov r10, rsi
+ mov rdi, r9
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [16+rcx]
+ add r11, rax
+ adc rbx, rdx
+ adc r10, 0
+ add r11, rax
+ adc rbx, rdx
+ adc r10, 0
+ mov rsi, r9
+ mov qword ptr [-96+128+rsp], r11
+ mov r8, r10
+ mov r12, rbx
+ mov r11, r9
+ mov rax, qword ptr [rcx]
+ mul qword ptr [32+rcx]
+ add r12, rax
+ adc r8, rdx
+ adc r13, 0
+ add r12, rax
+ adc r8, rdx
+ adc r13, 0
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [24+rcx]
+ add r12, rax
+ adc r8, rdx
+ adc r13, 0
+ add r12, rax
+ adc r8, rdx
+ adc r13, 0
+ mov rbx, r8
+ mov r10, r13
+ mov r8, r9
+ mov rax, qword ptr [16+rcx]
+ mul rax
+ add r12, rax
+ adc rbx, rdx
+ adc r10, 0
+ mov qword ptr [-88+128+rsp], r12
+ mov rax, qword ptr [rcx]
+ mul qword ptr [40+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [24+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r10, rdi
+ adc r11, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc r11, rsi
+ mov qword ptr [-80+128+rsp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [48+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov rax, qword ptr [24+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-72+128+rsp], r10
+ mov r10, r11
+ mov rax, qword ptr [rcx]
+ mul qword ptr [56+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ add rbx, r8
+ adc r10, rdi
+ adc rax, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc rax, rsi
+ mov qword ptr [-64+128+rsp], rbx
+ mov r11, rax
+ mov rbx, r9
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [56+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ mov rsi, rbx
+ mov rdi, r13
+ mov rbx, r11
+ mov r13, r12
+ mov r11, rsi
+ mov rax, qword ptr [32+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-56+128+rsp], r10
+ mov r10, r9
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [56+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor r13, r13
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc r13, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc r13, 0
+ mov r12, rdi
+ mov rax, r13
+ add rbx, r8
+ adc r11, r12
+ adc r10, rax
+ add rbx, r8
+ adc r11, r12
+ adc r10, rax
+ mov qword ptr [-48+128+rsp], rbx
+ mov r12, r11
+ mov rsi, r10
+ mov rbx, r9
+ mov r11, r9
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [56+rcx]
+ add r12, rax
+ adc rsi, rdx
+ adc rbx, 0
+ add r12, rax
+ adc rsi, rdx
+ adc rbx, 0
+ mov r13, rbx
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [48+rcx]
+ add r12, rax
+ adc rsi, rdx
+ adc r13, 0
+ add r12, rax
+ adc rsi, rdx
+ adc r13, 0
+ mov r10, rsi
+ mov rbx, r13
+ mov r13, r9
+ mov rax, qword ptr [40+rcx]
+ mul rax
+ add r12, rax
+ adc r10, rdx
+ adc rbx, 0
+ mov qword ptr [-40+128+rsp], r12
+ mov r8, rbx
+ mov rdi, r10
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [56+rcx]
+ add rdi, rax
+ adc r8, rdx
+ adc r11, 0
+ add rdi, rax
+ adc r8, rdx
+ adc r11, 0
+ mov r10, r8
+ mov rbx, r11
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [48+rcx]
+ add rdi, rax
+ adc r10, rdx
+ adc rbx, 0
+ add rdi, rax
+ adc r10, rdx
+ adc rbx, 0
+ mov qword ptr [-32+128+rsp], rdi
+ mov rsi, rbx
+ mov r12, r10
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [56+rcx]
+ add r12, rax
+ adc rsi, rdx
+ adc r13, 0
+ add r12, rax
+ adc rsi, rdx
+ adc r13, 0
+ mov r10, rsi
+ mov rbx, r13
+ mov rax, qword ptr [48+rcx]
+ mul rax
+ add r12, rax
+ adc r10, rdx
+ adc rbx, 0
+ mov qword ptr [-24+128+rsp], r12
+ mov rdi, r10
+ mov rsi, rbx
+ mov r10, r9
+ mov dword ptr [8+rbp], 16
+ mov dword ptr [rbp], 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [56+rcx]
+ add rdi, rax
+ adc rsi, rdx
+ adc r10, 0
+ add rdi, rax
+ adc rsi, rdx
+ adc r10, 0
+ mov qword ptr [-16+128+rsp], rdi
+ mov r8, r10
+ mov rax, qword ptr [56+rcx]
+ mul rax
+ add rsi, rax
+ adc r8, rdx
+ adc r9, 0
+ mov rax, qword ptr [16+rbp]
+ mov qword ptr [-8+128+rsp], rsi
+ mov qword ptr [128+rsp], r8
+ mov qword ptr [rax], r14
+ mov rbx, qword ptr [-112+128+rsp]
+ mov qword ptr [8+rax], rbx
+ mov rcx, qword ptr [-104+128+rsp]
+ mov qword ptr [16+rax], rcx
+ mov rdx, qword ptr [-96+128+rsp]
+ mov qword ptr [24+rax], rdx
+ mov r14, qword ptr [-88+128+rsp]
+ mov qword ptr [32+rax], r14
+ mov r13, qword ptr [-80+128+rsp]
+ mov qword ptr [40+rax], r13
+ mov r12, qword ptr [-72+128+rsp]
+ mov qword ptr [48+rax], r12
+ mov r11, qword ptr [-64+128+rsp]
+ mov qword ptr [56+rax], r11
+ mov r10, qword ptr [-56+128+rsp]
+ mov qword ptr [64+rax], r10
+ mov r9, qword ptr [-48+128+rsp]
+ mov qword ptr [72+rax], r9
+ mov r8, qword ptr [-40+128+rsp]
+ mov qword ptr [80+rax], r8
+ mov rdi, qword ptr [-32+128+rsp]
+ mov qword ptr [88+rax], rdi
+ mov rsi, qword ptr [-24+128+rsp]
+ mov qword ptr [96+rax], rsi
+ mov rbx, qword ptr [-16+128+rsp]
+ mov qword ptr [104+rax], rbx
+ mov rcx, qword ptr [-8+128+rsp]
+ mov qword ptr [112+rax], rcx
+ mov rdx, qword ptr [128+rsp]
+ mov qword ptr [120+rax], rdx
+ mov edx, dword ptr [8+rbp]
+ test edx, edx
+ je L192
+ lea ecx, dword ptr [-1+rdx]
+ mov rsi, qword ptr [16+rbp]
+ mov r14d, ecx
+ cmp dword ptr [rsi+r14*8], 0
+ jne L190
+ mov edx, ecx
+ ALIGN 16
+L191:
+ test edx, edx
+ mov ecx, edx
+ je L195
+ dec edx
+ mov r9d, edx
+ cmp dword ptr [rsi+r9*8], 0
+ je L191
+ mov dword ptr [8+rbp], ecx
+ mov edx, ecx
+L190:
+ test edx, edx
+ je L192
+ mov eax, dword ptr [rbp]
+ jmp L193
+
+L195:
+ mov dword ptr [8+rbp], edx
+L192:
+ xor eax, eax
+L193:
+ mov dword ptr [rbp], eax
+ add rsp, 8+128
+ pop rbx
+ pop rbp
+ pop r12
+ pop r13
+ pop r14
+
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_sqr_comba_8 ENDP
+
+
+; void s_mp_sqr_comba_16(const mp_int *A, mp_int *B)
+
+ ALIGN 16
+s_mp_sqr_comba_16 PROC ; A "FRAME" function
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+
+ push rbp
+ xor r9d, r9d
+ mov r8, r9
+ mov r11, r9
+ mov rbp, rsp
+ push r14
+ mov r14, rsi
+ mov rsi, r9
+ push r13
+ mov r13, r9
+ push r12
+ mov r12, r9
+ push rbx
+ mov rbx, r9
+ sub rsp, 256+32 ; +32 for "home" storage
+ mov rcx, qword ptr [16+rdi]
+ mov rax, qword ptr [rcx]
+ mul rax
+ add r8, rax
+ adc rbx, rdx
+ adc rsi, 0
+ mov qword ptr [-288+rbp], r8
+ mov rax, qword ptr [rcx]
+ mul qword ptr [8+rcx]
+ add rbx, rax
+ adc rsi, rdx
+ adc r12, 0
+ add rbx, rax
+ adc rsi, rdx
+ adc r12, 0
+ mov qword ptr [-280+rbp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [16+rcx]
+ add rsi, rax
+ adc r12, rdx
+ adc r13, 0
+ add rsi, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rbx, r12
+ mov r10, r13
+ mov rax, qword ptr [8+rcx]
+ mul rax
+ add rsi, rax
+ adc rbx, rdx
+ adc r10, 0
+ mov qword ptr [-272+rbp], rsi
+ mov rdi, r10
+ mov rsi, r9
+ mov r10, rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [24+rcx]
+ add r10, rax
+ adc rdi, rdx
+ adc r11, 0
+ add r10, rax
+ adc rdi, rdx
+ adc r11, 0
+ mov r12, rdi
+ mov rbx, r11
+ mov rdi, r9
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [16+rcx]
+ add r10, rax
+ adc r12, rdx
+ adc rbx, 0
+ add r10, rax
+ adc r12, rdx
+ adc rbx, 0
+ mov r11, r9
+ mov qword ptr [-264+rbp], r10
+ mov r8, rbx
+ mov r13, r12
+ mov r12, r9
+ mov rax, qword ptr [rcx]
+ mul qword ptr [32+rcx]
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [24+rcx]
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ mov rbx, r8
+ mov r10, r12
+ mov r8, r9
+ mov rax, qword ptr [16+rcx]
+ mul rax
+ add r13, rax
+ adc rbx, rdx
+ adc r10, 0
+ mov qword ptr [-256+rbp], r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [40+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [24+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r10, rdi
+ adc r11, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc r11, rsi
+ mov qword ptr [-248+rbp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [48+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov rax, qword ptr [24+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-240+rbp], r10
+ mov r10, r11
+ mov rax, qword ptr [rcx]
+ mul qword ptr [56+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r9
+ add rbx, r8
+ adc r10, rdi
+ adc rdx, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc rdx, rsi
+ mov r11, rdx
+ mov qword ptr [-232+rbp], rbx
+ mov rbx, r9
+ mov rax, qword ptr [rcx]
+ mul qword ptr [64+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ mov rax, qword ptr [32+rcx]
+ mul rax
+ add r10, rax
+ adc r11, rdx
+ adc rbx, 0
+ mov rdi, r13
+ mov qword ptr [-224+rbp], r10
+ mov rsi, r12
+ mov r10, rbx
+ mov r12, r9
+ mov rax, qword ptr [rcx]
+ mul qword ptr [72+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r11, r8
+ adc r10, rdi
+ adc r12, rsi
+ add r11, r8
+ adc r10, rdi
+ adc r12, rsi
+ mov qword ptr [-216+rbp], r11
+ mov rbx, r12
+ mov rax, qword ptr [rcx]
+ mul qword ptr [80+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc rbx, r13
+ adc rax, r12
+ add r10, r8
+ adc rbx, r13
+ adc rax, r12
+ mov rdx, rax
+ mov r11, rbx
+ mov rdi, r13
+ mov rbx, rdx
+ mov rsi, r12
+ mov rax, qword ptr [40+rcx]
+ mul rax
+ add r10, rax
+ adc r11, rdx
+ adc rbx, 0
+ mov qword ptr [-208+rbp], r10
+ mov r10, rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [88+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r9
+ add r11, r8
+ adc r10, rdi
+ adc rdx, rsi
+ add r11, r8
+ adc r10, rdi
+ adc rdx, rsi
+ mov r13, rdx
+ mov qword ptr [-200+rbp], r11
+ mov r12, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [96+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov rdx, rdi
+ mov r11, rsi
+ add r10, r8
+ adc r12, rdx
+ adc rax, r11
+ add r10, r8
+ adc r12, rdx
+ adc rax, r11
+ mov rbx, rdx
+ mov r13, rax
+ mov rsi, r11
+ mov rax, qword ptr [48+rcx]
+ mul rax
+ add r10, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rdi, rbx
+ mov qword ptr [-192+rbp], r10
+ mov r10, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [104+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r9
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r12, r8
+ adc r10, rdi
+ adc r13, rsi
+ add r12, r8
+ adc r10, rdi
+ adc r13, rsi
+ mov qword ptr [-184+rbp], r12
+ mov r12, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [112+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov rbx, rdi
+ mov rdx, rsi
+ add r10, r8
+ adc r12, rbx
+ adc rax, rdx
+ add r10, r8
+ adc r12, rbx
+ adc rax, rdx
+ mov r11, rdx
+ mov r13, rax
+ mov rdi, rbx
+ mov rax, qword ptr [56+rcx]
+ mul rax
+ add r10, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-176+rbp], r10
+ mov r10, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r9
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r12, r8
+ adc r10, rdi
+ adc r13, rsi
+ add r12, r8
+ adc r10, rdi
+ adc r13, rsi
+ mov qword ptr [-168+rbp], r12
+ mov r12, r13
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov rbx, rdi
+ mov rdx, rsi
+ add r10, r8
+ adc r12, rbx
+ adc rax, rdx
+ add r10, r8
+ adc r12, rbx
+ adc rax, rdx
+ mov r11, rdx
+ mov r13, rax
+ mov rdi, rbx
+ mov rax, qword ptr [64+rcx]
+ mul rax
+ add r10, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-160+rbp], r10
+ mov r11, r9
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r10, r13
+ mov rbx, r9
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r12, r8
+ adc r10, rdi
+ adc r11, rsi
+ add r12, r8
+ adc r10, rdi
+ adc r11, rsi
+ mov qword ptr [-152+rbp], r12
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ mov rdx, rbx
+ mov rdi, r13
+ mov rbx, r11
+ mov rsi, r12
+ mov r11, rdx
+ mov r12, r9
+ mov rax, qword ptr [72+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-144+rbp], r10
+ mov r10, r11
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r10, rdi
+ adc r12, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc r12, rsi
+ mov qword ptr [-136+rbp], rbx
+ mov r11, r12
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov rax, qword ptr [80+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-128+rbp], r10
+ mov r10, r11
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r9
+ add rbx, r8
+ adc r10, rdi
+ adc rdx, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc rdx, rsi
+ mov qword ptr [-120+rbp], rbx
+ mov r11, rdx
+ mov rbx, r9
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ add r10, r8
+ adc r11, r13
+ adc rbx, r12
+ mov rdx, rbx
+ mov rdi, r13
+ mov rbx, r11
+ mov rsi, r12
+ mov r11, rdx
+ mov r12, r9
+ mov rax, qword ptr [88+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-112+rbp], r10
+ mov r10, r11
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r10, rdi
+ adc r12, rsi
+ add rbx, r8
+ adc r10, rdi
+ adc r12, rsi
+ mov qword ptr [-104+rbp], rbx
+ mov r11, r12
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r9
+ mov r13, rdi
+ mov r12, rsi
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ add r10, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov rax, qword ptr [96+rcx]
+ mul rax
+ add r10, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-96+rbp], r10
+ mov r10, r9
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r12, rdi
+ mov rax, rsi
+ mov rsi, r9
+ add rbx, r8
+ adc r11, r12
+ adc r10, rax
+ add rbx, r8
+ adc r11, r12
+ adc r10, rax
+ mov r12, r9
+ mov qword ptr [-88+rbp], rbx
+ mov r13, r11
+ mov r11, r10
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [120+rcx]
+ add r13, rax
+ adc r11, rdx
+ adc r12, 0
+ add r13, rax
+ adc r11, rdx
+ adc r12, 0
+ mov rdi, r12
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [112+rcx]
+ add r13, rax
+ adc r11, rdx
+ adc rdi, 0
+ add r13, rax
+ adc r11, rdx
+ adc rdi, 0
+ mov rbx, r11
+ mov r10, rdi
+ mov r11, r9
+ mov rax, qword ptr [104+rcx]
+ mul rax
+ add r13, rax
+ adc rbx, rdx
+ adc r10, 0
+ mov qword ptr [-80+rbp], r13
+ mov r8, r10
+ mov r10, rbx
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [120+rcx]
+ add r10, rax
+ adc r8, rdx
+ adc rsi, 0
+ add r10, rax
+ adc r8, rdx
+ adc rsi, 0
+ mov r12, r8
+ mov rbx, rsi
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [112+rcx]
+ add r10, rax
+ adc r12, rdx
+ adc rbx, 0
+ add r10, rax
+ adc r12, rdx
+ adc rbx, 0
+ mov qword ptr [-72+rbp], r10
+ mov r13, rbx
+ mov rbx, r12
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [120+rcx]
+ add rbx, rax
+ adc r13, rdx
+ adc r11, 0
+ add rbx, rax
+ adc r13, rdx
+ adc r11, 0
+ mov r12, r11
+ mov r10, r13
+ mov rax, qword ptr [112+rcx]
+ mul rax
+ add rbx, rax
+ adc r10, rdx
+ adc r12, 0
+ mov qword ptr [-64+rbp], rbx
+ mov rdi, r10
+ mov rbx, r9
+ mov rsi, r12
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [120+rcx]
+ add rdi, rax
+ adc rsi, rdx
+ adc rbx, 0
+ add rdi, rax
+ adc rsi, rdx
+ adc rbx, 0
+ mov qword ptr [-56+rbp], rdi
+ mov r8, rbx
+ mov rax, qword ptr [120+rcx]
+ mul rax
+ add rsi, rax
+ adc r8, rdx
+ adc r9, 0
+ mov qword ptr [-48+rbp], rsi
+ mov qword ptr [-40+rbp], r8
+ mov dword ptr [8+r14], 32
+ mov dword ptr [r14], 0
+; mov rdi, qword ptr [16+r14]
+; lea rsi, qword ptr [-288+rbp]
+; mov edx, 256
+ mov rcx, qword ptr [16+r14]
+ lea rdx, qword ptr [-288+rbp]
+ mov r8d, 256
+ call memcpy
+ mov edx, dword ptr [8+r14]
+ test edx, edx
+ je L232
+ lea ecx, dword ptr [-1+rdx]
+ mov rsi, qword ptr [16+r14]
+ mov r9d, ecx
+ cmp dword ptr [rsi+r9*8], 0
+ jne L230
+ mov edx, ecx
+ ALIGN 16
+L231:
+ test edx, edx
+ mov ecx, edx
+ je L235
+ dec edx
+ mov eax, edx
+ cmp dword ptr [rsi+rax*8], 0
+ je L231
+ mov dword ptr [8+r14], ecx
+ mov edx, ecx
+L230:
+ test edx, edx
+ je L232
+ mov eax, dword ptr [r14]
+ jmp L233
+
+L235:
+ mov dword ptr [8+r14], edx
+L232:
+ xor eax, eax
+L233:
+ mov dword ptr [r14], eax
+ add rsp, 256+32 ; +32 for "home" storage
+ pop rbx
+ pop r12
+ pop r13
+ pop r14
+ pop rbp
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_sqr_comba_16 ENDP
+
+
+; void s_mp_sqr_comba_32(const mp_int *A, mp_int *B);
+
+ ALIGN 16
+s_mp_sqr_comba_32 PROC ; A "FRAME" function
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+
+ push rbp
+ xor r10d, r10d
+ mov r8, r10
+ mov r11, r10
+ mov rbp, rsp
+ push r14
+ mov r14, rsi
+ mov rsi, r10
+ push r13
+ mov r13, r10
+ push r12
+ mov r12, r10
+ push rbx
+ mov rbx, r10
+ sub rsp, 512+32 ; +32 for "home" storage
+ mov rcx, qword ptr [16+rdi]
+ mov rax, qword ptr [rcx]
+ mul rax
+ add r8, rax
+ adc rbx, rdx
+ adc rsi, 0
+ mov qword ptr [-544+rbp], r8
+ mov rax, qword ptr [rcx]
+ mul qword ptr [8+rcx]
+ add rbx, rax
+ adc rsi, rdx
+ adc r12, 0
+ add rbx, rax
+ adc rsi, rdx
+ adc r12, 0
+ mov qword ptr [-536+rbp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [16+rcx]
+ add rsi, rax
+ adc r12, rdx
+ adc r13, 0
+ add rsi, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rbx, r12
+ mov r9, r13
+ mov rax, qword ptr [8+rcx]
+ mul rax
+ add rsi, rax
+ adc rbx, rdx
+ adc r9, 0
+ mov qword ptr [-528+rbp], rsi
+ mov rdi, r9
+ mov rsi, r10
+ mov r9, rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [24+rcx]
+ add r9, rax
+ adc rdi, rdx
+ adc r11, 0
+ add r9, rax
+ adc rdi, rdx
+ adc r11, 0
+ mov r12, rdi
+ mov r13, r11
+ mov rdi, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [16+rcx]
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov r11, r10
+ mov qword ptr [-520+rbp], r9
+ mov r8, r13
+ mov r13, r12
+ mov r12, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [32+rcx]
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [24+rcx]
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ add r13, rax
+ adc r8, rdx
+ adc r12, 0
+ mov rbx, r8
+ mov r9, r12
+ mov r8, r10
+ mov rax, qword ptr [16+rcx]
+ mul rax
+ add r13, rax
+ adc rbx, rdx
+ adc r9, 0
+ mov qword ptr [-512+rbp], r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [40+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [24+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r9, rdi
+ adc r11, rsi
+ add rbx, r8
+ adc r9, rdi
+ adc r11, rsi
+ mov qword ptr [-504+rbp], rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [48+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r10
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc r11, r13
+ adc rax, r12
+ add r9, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov rax, qword ptr [24+rcx]
+ mul rax
+ add r9, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-496+rbp], r9
+ mov r9, r11
+ mov rax, qword ptr [rcx]
+ mul qword ptr [56+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [32+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r10
+ add rbx, r8
+ adc r9, rdi
+ adc rdx, rsi
+ add rbx, r8
+ adc r9, rdi
+ adc rdx, rsi
+ mov r11, rdx
+ mov qword ptr [-488+rbp], rbx
+ mov rbx, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [64+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc r11, r13
+ adc rbx, r12
+ add r9, r8
+ adc r11, r13
+ adc rbx, r12
+ mov rax, qword ptr [32+rcx]
+ mul rax
+ add r9, rax
+ adc r11, rdx
+ adc rbx, 0
+ mov rdi, r13
+ mov qword ptr [-480+rbp], r9
+ mov rsi, r12
+ mov r9, rbx
+ mov r12, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [72+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [40+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r11, r8
+ adc r9, rdi
+ adc r12, rsi
+ add r11, r8
+ adc r9, rdi
+ adc r12, rsi
+ mov qword ptr [-472+rbp], r11
+ mov rbx, r12
+ mov rax, qword ptr [rcx]
+ mul qword ptr [80+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r10
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc rbx, r13
+ adc rax, r12
+ add r9, r8
+ adc rbx, r13
+ adc rax, r12
+ mov rdx, rax
+ mov r11, rbx
+ mov rdi, r13
+ mov rbx, rdx
+ mov rsi, r12
+ mov rax, qword ptr [40+rcx]
+ mul rax
+ add r9, rax
+ adc r11, rdx
+ adc rbx, 0
+ mov qword ptr [-464+rbp], r9
+ mov r9, rbx
+ mov rax, qword ptr [rcx]
+ mul qword ptr [88+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [48+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r10
+ add r11, r8
+ adc r9, rdi
+ adc rdx, rsi
+ add r11, r8
+ adc r9, rdi
+ adc rdx, rsi
+ mov r13, rdx
+ mov qword ptr [-456+rbp], r11
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [96+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, rdi
+ mov r11, rsi
+ add r9, r8
+ adc r12, rax
+ adc r13, r11
+ add r9, r8
+ adc r12, rax
+ adc r13, r11
+ mov rbx, rax
+ mov rsi, r11
+ mov rax, qword ptr [48+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rdi, rbx
+ mov qword ptr [-448+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [104+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [56+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r12, r8
+ adc r9, rdi
+ adc r13, rsi
+ add r12, r8
+ adc r9, rdi
+ adc r13, rsi
+ mov qword ptr [-440+rbp], r12
+ mov r12, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [112+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r13
+ mov rbx, rdi
+ mov r13, rsi
+ add r9, r8
+ adc rdx, rbx
+ adc r12, r13
+ add r9, r8
+ adc rdx, rbx
+ adc r12, r13
+ mov rax, r12
+ mov r11, r13
+ mov r12, rdx
+ mov r13, rax
+ mov rdi, rbx
+ mov rsi, r11
+ mov rax, qword ptr [56+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov qword ptr [-432+rbp], r9
+ mov r9, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [120+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [64+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r8
+ mov rdx, rdi
+ mov rbx, rsi
+ add r12, rax
+ adc r9, rdx
+ adc r13, rbx
+ add r12, rax
+ adc r9, rdx
+ adc r13, rbx
+ mov qword ptr [-424+rbp], r12
+ mov r8, rdx
+ mov rsi, rax
+ mov rdi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [128+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [104+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [96+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [88+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [80+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [72+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [64+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-416+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [136+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [128+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [120+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [72+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov qword ptr [-408+rbp], r12
+ mov rdi, rdx
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [144+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [104+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [96+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [88+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [80+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [72+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-400+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [152+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [144+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [136+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [128+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [120+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [80+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov qword ptr [-392+rbp], r12
+ mov rdi, rdx
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [160+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [104+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [96+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [88+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [80+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-384+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [168+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [160+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [152+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [144+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [136+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [128+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [120+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [88+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov qword ptr [-376+rbp], r12
+ mov rdi, rdx
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [176+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [104+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [96+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [88+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-368+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [184+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [176+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [168+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [160+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [152+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [144+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [136+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [128+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [120+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [112+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [104+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [96+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov rdi, rdx
+ mov qword ptr [-360+rbp], r12
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [192+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [104+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rbx, r8
+ mov rax, rdi
+ add r9, rsi
+ adc r12, rbx
+ adc r13, rax
+ add r9, rsi
+ adc r12, rbx
+ adc r13, rax
+ mov r11, rax
+ mov r8, rbx
+ mov rax, qword ptr [96+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rdi, r11
+ mov qword ptr [-352+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [rcx]
+ mul qword ptr [200+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [104+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ mov qword ptr [-344+rbp], r12
+ mov r12, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [208+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rdx, r13
+ mov rbx, r8
+ mov r13, rdi
+ add r9, rsi
+ adc rdx, rbx
+ adc r12, r13
+ add r9, rsi
+ adc rdx, rbx
+ adc r12, r13
+ mov rax, r12
+ mov r11, r13
+ mov r12, rdx
+ mov r13, rax
+ mov r8, rbx
+ mov rdi, r11
+ mov rax, qword ptr [104+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov qword ptr [-336+rbp], r9
+ mov r9, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [216+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [112+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ mov qword ptr [-328+rbp], r12
+ mov rax, qword ptr [rcx]
+ mul qword ptr [224+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, r13
+ mov rdx, r10
+ mov rbx, r8
+ mov r12, rdi
+ add r9, rsi
+ adc rax, rbx
+ adc rdx, r12
+ add r9, rsi
+ adc rax, rbx
+ adc rdx, r12
+ mov rdi, rdx
+ mov r11, r12
+ mov r8, rbx
+ mov r12, rax
+ mov r13, rdi
+ mov rdi, r11
+ mov rax, qword ptr [112+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov qword ptr [-320+rbp], r9
+ mov rbx, r13
+ mov r9, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [232+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [120+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc rbx, r8
+ adc r9, rdi
+ add r12, rsi
+ adc rbx, r8
+ adc r9, rdi
+ mov qword ptr [-312+rbp], r12
+ mov r13, r9
+ mov rax, qword ptr [rcx]
+ mul qword ptr [240+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, r10
+ mov r11, r8
+ mov rdx, rdi
+ add rbx, rsi
+ adc r13, r11
+ adc rax, rdx
+ add rbx, rsi
+ adc r13, r11
+ adc rax, rdx
+ mov r9, rdx
+ mov rdx, rax
+ mov r12, r13
+ mov r8, r11
+ mov r13, rdx
+ mov rdi, r9
+ mov rax, qword ptr [120+rcx]
+ mul rax
+ add rbx, rax
+ adc r12, rdx
+ adc r13, 0
+ mov qword ptr [-304+rbp], rbx
+ mov rbx, r13
+ mov r13, r10
+ mov rax, qword ptr [rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [128+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc rbx, r8
+ adc r13, rdi
+ add r12, rsi
+ adc rbx, r8
+ adc r13, rdi
+ mov qword ptr [-296+rbp], r12
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [8+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov r11, r8
+ mov rax, rdi
+ add rbx, rsi
+ adc r12, r11
+ adc r13, rax
+ add rbx, rsi
+ adc r12, r11
+ adc r13, rax
+ mov r9, rax
+ mov r8, r11
+ mov rax, qword ptr [128+rcx]
+ mul rax
+ add rbx, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rdi, r9
+ mov qword ptr [-288+rbp], rbx
+ mov r9, r13
+ mov rax, qword ptr [16+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov r13, r10
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [136+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ mov qword ptr [-280+rbp], r12
+ mov r12, r10
+ mov rax, qword ptr [24+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rdx, r13
+ mov rbx, r8
+ mov r13, rdi
+ add r9, rsi
+ adc rdx, rbx
+ adc r12, r13
+ add r9, rsi
+ adc rdx, rbx
+ adc r12, r13
+ mov rax, r12
+ mov r11, r13
+ mov r12, rdx
+ mov r13, rax
+ mov r8, rbx
+ mov rdi, r11
+ mov rax, qword ptr [136+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov qword ptr [-272+rbp], r9
+ mov r9, r13
+ mov r13, r10
+ mov rax, qword ptr [32+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [144+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ add r12, rsi
+ adc r9, r8
+ adc r13, rdi
+ mov qword ptr [-264+rbp], r12
+ mov rax, qword ptr [40+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, r13
+ mov rdx, r10
+ mov rbx, r8
+ mov r12, rdi
+ add r9, rsi
+ adc rax, rbx
+ adc rdx, r12
+ add r9, rsi
+ adc rax, rbx
+ adc rdx, r12
+ mov rdi, rdx
+ mov r11, r12
+ mov r8, rbx
+ mov r12, rax
+ mov r13, rdi
+ mov rdi, r11
+ mov rax, qword ptr [144+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov r11, r10
+ mov qword ptr [-256+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [48+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [152+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ add r12, rsi
+ adc r9, r8
+ adc r11, rdi
+ add r12, rsi
+ adc r9, r8
+ adc r11, rdi
+ mov qword ptr [-248+rbp], r12
+ mov r13, r11
+ mov rax, qword ptr [56+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [160+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, r10
+ mov rdx, rsi
+ mov rbx, r8
+ mov r12, rdi
+ add r9, rdx
+ adc r13, rbx
+ adc rax, r12
+ add r9, rdx
+ adc r13, rbx
+ adc rax, r12
+ mov r11, r12
+ mov r8, rdx
+ mov rdx, rax
+ mov r12, r13
+ mov rdi, rbx
+ mov r13, rdx
+ mov rsi, r11
+ mov rax, qword ptr [152+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov qword ptr [-240+rbp], r9
+ mov r9, r13
+ mov r13, r10
+ mov rax, qword ptr [64+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [192+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [184+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [176+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [168+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [160+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r8
+ mov rdx, rdi
+ mov rbx, rsi
+ add r12, rax
+ adc r9, rdx
+ adc r13, rbx
+ add r12, rax
+ adc r9, rdx
+ adc r13, rbx
+ mov qword ptr [-232+rbp], r12
+ mov r8, rdx
+ mov rsi, rax
+ mov rdi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [72+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [168+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [160+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-224+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [80+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [192+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [184+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [176+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [168+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov qword ptr [-216+rbp], r12
+ mov rdi, rdx
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [88+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [176+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [168+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-208+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [96+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [192+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [184+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [176+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov qword ptr [-200+rbp], r12
+ mov rdi, rdx
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [104+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [184+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [176+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-192+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [112+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [192+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [184+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, r8
+ mov rax, rdi
+ mov rdx, rsi
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ add r12, rbx
+ adc r9, rax
+ adc r13, rdx
+ mov qword ptr [-184+rbp], r12
+ mov rdi, rdx
+ mov r8, rax
+ mov rsi, rbx
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [120+rcx]
+ mul qword ptr [248+rcx]
+ mov rsi, rax
+ mov r8, rdx
+ xor rdi, rdi
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [232+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [224+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [216+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [208+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [200+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [192+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc rdi, 0
+ mov rax, rsi
+ mov rbx, r8
+ mov rdx, rdi
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ add r9, rax
+ adc r12, rbx
+ adc r13, rdx
+ mov r11, rdx
+ mov r8, rax
+ mov rdi, rbx
+ mov rax, qword ptr [184+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-176+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [128+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov r13, r10
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [192+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r12, r8
+ adc r9, rdi
+ adc r13, rsi
+ add r12, r8
+ adc r9, rdi
+ adc r13, rsi
+ mov qword ptr [-168+rbp], r12
+ mov r12, r13
+ mov r13, r10
+ mov rax, qword ptr [136+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rbx, rdi
+ mov rax, rsi
+ add r9, r8
+ adc r12, rbx
+ adc r13, rax
+ add r9, r8
+ adc r12, rbx
+ adc r13, rax
+ mov r11, rax
+ mov rdi, rbx
+ mov rbx, r10
+ mov rax, qword ptr [192+rcx]
+ mul rax
+ add r9, rax
+ adc r12, rdx
+ adc r13, 0
+ mov rsi, r11
+ mov qword ptr [-160+rbp], r9
+ mov r9, r13
+ mov rax, qword ptr [144+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [200+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add r12, r8
+ adc r9, rdi
+ adc rbx, rsi
+ add r12, r8
+ adc r9, rdi
+ adc rbx, rsi
+ mov qword ptr [-152+rbp], r12
+ mov rax, qword ptr [152+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r10
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc rbx, r13
+ adc rdx, r12
+ add r9, r8
+ adc rbx, r13
+ adc rdx, r12
+ mov rax, rdx
+ mov rdi, r13
+ mov rsi, r12
+ mov r11, rax
+ mov r12, r10
+ mov rax, qword ptr [200+rcx]
+ mul rax
+ add r9, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-144+rbp], r9
+ mov r9, r11
+ mov rax, qword ptr [160+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [200+rcx]
+ mul qword ptr [208+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r9, rdi
+ adc r12, rsi
+ add rbx, r8
+ adc r9, rdi
+ adc r12, rsi
+ mov qword ptr [-136+rbp], rbx
+ mov r11, r12
+ mov rax, qword ptr [168+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [200+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r10
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc r11, r13
+ adc rax, r12
+ add r9, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov rax, qword ptr [208+rcx]
+ mul rax
+ add r9, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-128+rbp], r9
+ mov r9, r11
+ mov rax, qword ptr [176+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [200+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [208+rcx]
+ mul qword ptr [216+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rdx, r10
+ add rbx, r8
+ adc r9, rdi
+ adc rdx, rsi
+ add rbx, r8
+ adc r9, rdi
+ adc rdx, rsi
+ mov qword ptr [-120+rbp], rbx
+ mov r11, rdx
+ mov rbx, r10
+ mov rax, qword ptr [184+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [200+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [208+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc r11, r13
+ adc rbx, r12
+ add r9, r8
+ adc r11, r13
+ adc rbx, r12
+ mov rdx, rbx
+ mov rdi, r13
+ mov rbx, r11
+ mov rsi, r12
+ mov r11, rdx
+ mov r12, r10
+ mov rax, qword ptr [216+rcx]
+ mul rax
+ add r9, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-112+rbp], r9
+ mov r9, r11
+ mov rax, qword ptr [192+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [200+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [208+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [216+rcx]
+ mul qword ptr [224+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ add rbx, r8
+ adc r9, rdi
+ adc r12, rsi
+ add rbx, r8
+ adc r9, rdi
+ adc r12, rsi
+ mov qword ptr [-104+rbp], rbx
+ mov r11, r12
+ mov rax, qword ptr [200+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [208+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [216+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, r10
+ mov r13, rdi
+ mov r12, rsi
+ add r9, r8
+ adc r11, r13
+ adc rax, r12
+ add r9, r8
+ adc r11, r13
+ adc rax, r12
+ mov rdx, rax
+ mov rbx, r11
+ mov rdi, r13
+ mov r11, rdx
+ mov rsi, r12
+ mov r12, r10
+ mov rax, qword ptr [224+rcx]
+ mul rax
+ add r9, rax
+ adc rbx, rdx
+ adc r11, 0
+ mov qword ptr [-96+rbp], r9
+ mov r9, r10
+ mov rax, qword ptr [208+rcx]
+ mul qword ptr [248+rcx]
+ mov r8, rax
+ mov rdi, rdx
+ xor rsi, rsi
+ mov rax, qword ptr [216+rcx]
+ mul qword ptr [240+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov rax, qword ptr [224+rcx]
+ mul qword ptr [232+rcx]
+ add r8, rax
+ adc rdi, rdx
+ adc rsi, 0
+ mov r13, rdi
+ mov rax, rsi
+ add rbx, r8
+ adc r11, r13
+ adc r9, rax
+ add rbx, r8
+ adc r11, r13
+ adc r9, rax
+ mov qword ptr [-88+rbp], rbx
+ mov rsi, r11
+ mov r8, r9
+ mov rax, qword ptr [216+rcx]
+ mul qword ptr [248+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc r12, 0
+ add rsi, rax
+ adc r8, rdx
+ adc r12, 0
+ mov r11, r12
+ mov rax, qword ptr [224+rcx]
+ mul qword ptr [240+rcx]
+ add rsi, rax
+ adc r8, rdx
+ adc r11, 0
+ add rsi, rax
+ adc r8, rdx
+ adc r11, 0
+ mov r13, r8
+ mov rbx, r11
+ mov rax, qword ptr [232+rcx]
+ mul rax
+ add rsi, rax
+ adc r13, rdx
+ adc rbx, 0
+ mov qword ptr [-80+rbp], rsi
+ mov r12, rbx
+ mov rdi, r13
+ mov r13, r10
+ mov rax, qword ptr [224+rcx]
+ mul qword ptr [248+rcx]
+ add rdi, rax
+ adc r12, rdx
+ adc r13, 0
+ add rdi, rax
+ adc r12, rdx
+ adc r13, 0
+ mov r9, r12
+ mov r12, r13
+ mov rax, qword ptr [232+rcx]
+ mul qword ptr [240+rcx]
+ add rdi, rax
+ adc r9, rdx
+ adc r12, 0
+ add rdi, rax
+ adc r9, rdx
+ adc r12, 0
+ mov qword ptr [-72+rbp], rdi
+ mov r11, r9
+ mov rbx, r12
+ mov r9, r10
+ mov rax, qword ptr [232+rcx]
+ mul qword ptr [248+rcx]
+ add r11, rax
+ adc rbx, rdx
+ adc r9, 0
+ add r11, rax
+ adc rbx, rdx
+ adc r9, 0
+ mov r13, rbx
+ mov rbx, r9
+ mov r9, r10
+ mov rax, qword ptr [240+rcx]
+ mul rax
+ add r11, rax
+ adc r13, rdx
+ adc rbx, 0
+ mov qword ptr [-64+rbp], r11
+ mov rdi, r13
+ mov rsi, rbx
+ mov rax, qword ptr [240+rcx]
+ mul qword ptr [248+rcx]
+ add rdi, rax
+ adc rsi, rdx
+ adc r9, 0
+ add rdi, rax
+ adc rsi, rdx
+ adc r9, 0
+ mov qword ptr [-56+rbp], rdi
+ mov r8, r9
+ mov rax, qword ptr [248+rcx]
+ mul rax
+ add rsi, rax
+ adc r8, rdx
+ adc r10, 0
+ mov qword ptr [-48+rbp], rsi
+ mov qword ptr [-40+rbp], r8
+ mov dword ptr [8+r14], 64
+ mov dword ptr [r14], 0
+; mov rdi, qword ptr [16+r14]
+; lea rsi, qword ptr [-544+rbp]
+; mov edx, 512
+ mov rcx, qword ptr [16+r14]
+ lea rdx, qword ptr [-544+rbp]
+ mov r8d, 512
+ call memcpy
+ mov edx, dword ptr [8+r14]
+ test edx, edx
+ je L304
+ lea ecx, dword ptr [-1+rdx]
+ mov rsi, qword ptr [16+r14]
+ mov r10d, ecx
+ cmp dword ptr [rsi+r10*8], 0
+ jne L302
+ mov edx, ecx
+ ALIGN 16
+L303:
+ test edx, edx
+ mov ecx, edx
+ je L307
+ dec edx
+ mov eax, edx
+ cmp dword ptr [rsi+rax*8], 0
+ je L303
+ mov dword ptr [8+r14], ecx
+ mov edx, ecx
+L302:
+ test edx, edx
+ je L304
+ mov eax, dword ptr [r14]
+ jmp L305
+
+L307:
+ mov dword ptr [8+r14], edx
+L304:
+ xor eax, eax
+L305:
+ mov dword ptr [r14], eax
+ add rsp, 512+32 ; +32 for "home" storage
+ pop rbx
+ pop r12
+ pop r13
+ pop r14
+ pop rbp
+
+ pop rsi
+ pop rdi
+
+ ret
+
+s_mp_sqr_comba_32 ENDP
+
+END
diff --git a/security/nss/lib/freebl/mpi/mp_comba_amd64_sun.s b/security/nss/lib/freebl/mpi/mp_comba_amd64_sun.s
new file mode 100644
index 000000000..a5181df33
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mp_comba_amd64_sun.s
@@ -0,0 +1,16097 @@
+//* TomsFastMath, a fast ISO C bignum library.
+/ *
+/ * This project is meant to fill in where LibTomMath
+/ * falls short. That is speed ;-)
+/ *
+/ * This project is public domain and free for all purposes.
+/ *
+/ * Tom St Denis, tomstdenis@iahu.ca
+/ */
+
+//*
+/ * The source file from which this assembly was derived
+/ * comes from TFM v0.03, which has the above license.
+/ * This source was compiled with an unnamed compiler at
+/ * the highest optimization level. Afterwards, the
+/ * trailing .section was removed because it causes errors
+/ * in the Studio 10 compiler on AMD 64.
+/ */
+
+ .file "mp_comba.c"
+ .text
+ .align 16
+.globl s_mp_mul_comba_4
+ .type s_mp_mul_comba_4, @function
+s_mp_mul_comba_4:
+.LFB2:
+ pushq %r12
+.LCFI0:
+ pushq %rbp
+.LCFI1:
+ pushq %rbx
+.LCFI2:
+ movq 16(%rdi), %r9
+ movq %rdx, %rbx
+ movq 16(%rsi), %rdx
+ movq (%r9), %rax
+ movq %rax, -64(%rsp)
+ movq 8(%r9), %r8
+ movq %r8, -56(%rsp)
+ movq 16(%r9), %rbp
+ movq %rbp, -48(%rsp)
+ movq 24(%r9), %r12
+ movq %r12, -40(%rsp)
+ movq (%rdx), %rcx
+ movq %rcx, -32(%rsp)
+ movq 8(%rdx), %r10
+ movq %r10, -24(%rsp)
+ movq 16(%rdx), %r11
+ xorl %r10d, %r10d
+ movq %r10, %r8
+ movq %r10, %r9
+ movq %r10, %rbp
+ movq %r11, -16(%rsp)
+ movq 16(%rbx), %r11
+ movq 24(%rdx), %rax
+ movq %rax, -8(%rsp)
+/APP
+ movq -64(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rbp
+
+/NO_APP
+ movq %r8, (%r11)
+ movq %rbp, %r8
+ movq %r10, %rbp
+/APP
+ movq -64(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r9
+ adcq %rdx,%r8
+ adcq $0,%rbp
+
+/NO_APP
+ movq %rbp, %r12
+/APP
+ movq -56(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r9
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+/NO_APP
+ movq %r9, 8(%r11)
+ movq %r12, %r9
+ movq %r10, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%r12
+
+/NO_APP
+ movq %r12, %rcx
+/APP
+ movq -56(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -48(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 16(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -64(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -40(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 24(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -56(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -40(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 32(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -48(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r8, %r12
+ movq %r9, %rbp
+/APP
+ movq -40(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 40(%r11)
+ movq %rbp, %r8
+ movq %r12, %rcx
+/APP
+ movq -40(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rcx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r8, 48(%r11)
+ movl (%rsi), %esi
+ xorl (%rdi), %esi
+ testq %rcx, %rcx
+ movq %rcx, 56(%r11)
+ movl $8, 8(%rbx)
+ jne .L9
+ .align 16
+.L18:
+ movl 8(%rbx), %edx
+ leal -1(%rdx), %edi
+ testl %edi, %edi
+ movl %edi, 8(%rbx)
+ je .L9
+ leal -2(%rdx), %r10d
+ cmpq $0, (%r11,%r10,8)
+ je .L18
+.L9:
+ movl 8(%rbx), %edx
+ xorl %r11d, %r11d
+ testl %edx, %edx
+ cmovne %esi, %r11d
+ movl %r11d, (%rbx)
+ popq %rbx
+ popq %rbp
+ popq %r12
+ ret
+.LFE2:
+ .size s_mp_mul_comba_4, .-s_mp_mul_comba_4
+ .align 16
+.globl s_mp_mul_comba_8
+ .type s_mp_mul_comba_8, @function
+s_mp_mul_comba_8:
+.LFB3:
+ pushq %r12
+.LCFI3:
+ pushq %rbp
+.LCFI4:
+ pushq %rbx
+.LCFI5:
+ movq %rdx, %rbx
+ subq $8, %rsp
+.LCFI6:
+ movq 16(%rdi), %rdx
+ movq (%rdx), %r8
+ movq %r8, -120(%rsp)
+ movq 8(%rdx), %rbp
+ movq %rbp, -112(%rsp)
+ movq 16(%rdx), %r9
+ movq %r9, -104(%rsp)
+ movq 24(%rdx), %r12
+ movq %r12, -96(%rsp)
+ movq 32(%rdx), %rcx
+ movq %rcx, -88(%rsp)
+ movq 40(%rdx), %r10
+ movq %r10, -80(%rsp)
+ movq 48(%rdx), %r11
+ movq %r11, -72(%rsp)
+ movq 56(%rdx), %rax
+ movq 16(%rsi), %rdx
+ movq %rax, -64(%rsp)
+ movq (%rdx), %r8
+ movq %r8, -56(%rsp)
+ movq 8(%rdx), %rbp
+ movq %rbp, -48(%rsp)
+ movq 16(%rdx), %r9
+ movq %r9, -40(%rsp)
+ movq 24(%rdx), %r12
+ movq %r12, -32(%rsp)
+ movq 32(%rdx), %rcx
+ movq %rcx, -24(%rsp)
+ movq 40(%rdx), %r10
+ movq %r10, -16(%rsp)
+ movq 48(%rdx), %r11
+ xorl %r10d, %r10d
+ movq %r10, %r8
+ movq %r10, %r9
+ movq %r10, %rbp
+ movq %r11, -8(%rsp)
+ movq 16(%rbx), %r11
+ movq 56(%rdx), %rax
+ movq %rax, (%rsp)
+/APP
+ movq -120(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rbp
+
+/NO_APP
+ movq %r8, (%r11)
+ movq %rbp, %r8
+ movq %r10, %rbp
+/APP
+ movq -120(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%r9
+ adcq %rdx,%r8
+ adcq $0,%rbp
+
+/NO_APP
+ movq %rbp, %r12
+/APP
+ movq -112(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%r9
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+/NO_APP
+ movq %r9, 8(%r11)
+ movq %r12, %r9
+ movq %r10, %r12
+/APP
+ movq -120(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%r12
+
+/NO_APP
+ movq %r12, %rcx
+/APP
+ movq -112(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -104(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 16(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -96(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 24(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -88(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 32(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -80(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 40(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -72(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 48(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 56(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -112(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 64(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -104(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 72(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -96(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 80(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -88(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 88(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -80(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq -16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 96(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -72(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r8, %r12
+ movq %r9, %rbp
+/APP
+ movq -64(%rsp),%rax
+ mulq -8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 104(%r11)
+ movq %rbp, %r8
+ movq %r12, %rcx
+/APP
+ movq -64(%rsp),%rax
+ mulq (%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rcx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r8, 112(%r11)
+ movl (%rsi), %esi
+ xorl (%rdi), %esi
+ testq %rcx, %rcx
+ movq %rcx, 120(%r11)
+ movl $16, 8(%rbx)
+ jne .L35
+ .align 16
+.L43:
+ movl 8(%rbx), %edx
+ leal -1(%rdx), %edi
+ testl %edi, %edi
+ movl %edi, 8(%rbx)
+ je .L35
+ leal -2(%rdx), %eax
+ cmpq $0, (%r11,%rax,8)
+ je .L43
+.L35:
+ movl 8(%rbx), %r11d
+ xorl %edx, %edx
+ testl %r11d, %r11d
+ cmovne %esi, %edx
+ movl %edx, (%rbx)
+ addq $8, %rsp
+ popq %rbx
+ popq %rbp
+ popq %r12
+ ret
+.LFE3:
+ .size s_mp_mul_comba_8, .-s_mp_mul_comba_8
+ .align 16
+.globl s_mp_mul_comba_16
+ .type s_mp_mul_comba_16, @function
+s_mp_mul_comba_16:
+.LFB4:
+ pushq %r12
+.LCFI7:
+ pushq %rbp
+.LCFI8:
+ pushq %rbx
+.LCFI9:
+ movq %rdx, %rbx
+ subq $136, %rsp
+.LCFI10:
+ movq 16(%rdi), %rax
+ movq (%rax), %r8
+ movq %r8, -120(%rsp)
+ movq 8(%rax), %rbp
+ movq %rbp, -112(%rsp)
+ movq 16(%rax), %r9
+ movq %r9, -104(%rsp)
+ movq 24(%rax), %r12
+ movq %r12, -96(%rsp)
+ movq 32(%rax), %rcx
+ movq %rcx, -88(%rsp)
+ movq 40(%rax), %r10
+ movq %r10, -80(%rsp)
+ movq 48(%rax), %rdx
+ movq %rdx, -72(%rsp)
+ movq 56(%rax), %r11
+ movq %r11, -64(%rsp)
+ movq 64(%rax), %r8
+ movq %r8, -56(%rsp)
+ movq 72(%rax), %rbp
+ movq %rbp, -48(%rsp)
+ movq 80(%rax), %r9
+ movq %r9, -40(%rsp)
+ movq 88(%rax), %r12
+ movq %r12, -32(%rsp)
+ movq 96(%rax), %rcx
+ movq %rcx, -24(%rsp)
+ movq 104(%rax), %r10
+ movq %r10, -16(%rsp)
+ movq 112(%rax), %rdx
+ movq %rdx, -8(%rsp)
+ movq 120(%rax), %r11
+ movq %r11, (%rsp)
+ movq 16(%rsi), %r11
+ movq (%r11), %r8
+ movq %r8, 8(%rsp)
+ movq 8(%r11), %rbp
+ movq %rbp, 16(%rsp)
+ movq 16(%r11), %r9
+ movq %r9, 24(%rsp)
+ movq 24(%r11), %r12
+ movq %r12, 32(%rsp)
+ movq 32(%r11), %rcx
+ movq %rcx, 40(%rsp)
+ movq 40(%r11), %r10
+ movq %r10, 48(%rsp)
+ movq 48(%r11), %rdx
+ movq %rdx, 56(%rsp)
+ movq 56(%r11), %rax
+ movq %rax, 64(%rsp)
+ movq 64(%r11), %r8
+ movq %r8, 72(%rsp)
+ movq 72(%r11), %rbp
+ movq %rbp, 80(%rsp)
+ movq 80(%r11), %r9
+ movq %r9, 88(%rsp)
+ movq 88(%r11), %r12
+ movq %r12, 96(%rsp)
+ movq 96(%r11), %rcx
+ movq %rcx, 104(%rsp)
+ movq 104(%r11), %r10
+ movq %r10, 112(%rsp)
+ movq 112(%r11), %rdx
+ xorl %r10d, %r10d
+ movq %r10, %r8
+ movq %r10, %r9
+ movq %r10, %rbp
+ movq %rdx, 120(%rsp)
+ movq 120(%r11), %rax
+ movq %rax, 128(%rsp)
+ movq 16(%rbx), %r11
+/APP
+ movq -120(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rbp
+
+/NO_APP
+ movq %r8, (%r11)
+ movq %rbp, %r8
+ movq %r10, %rbp
+/APP
+ movq -120(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r9
+ adcq %rdx,%r8
+ adcq $0,%rbp
+
+/NO_APP
+ movq %rbp, %r12
+/APP
+ movq -112(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r9
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+/NO_APP
+ movq %r9, 8(%r11)
+ movq %r12, %r9
+ movq %r10, %r12
+/APP
+ movq -120(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%r12
+
+/NO_APP
+ movq %r12, %rcx
+/APP
+ movq -112(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -104(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 16(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -96(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 24(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -88(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 32(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -80(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 40(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -72(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 48(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -64(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 56(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -56(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 64(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -48(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 72(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -40(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 80(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -32(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 88(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -24(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 96(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq -16(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 104(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -120(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -112(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq -8(%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 112(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -120(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -112(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -104(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 8(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 120(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -112(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -104(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -96(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 16(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 128(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -104(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -96(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -88(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 24(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 136(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -96(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -88(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -80(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 32(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 144(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -88(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -80(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -72(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 40(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 152(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -80(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -72(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -64(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 48(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 160(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -72(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -64(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -56(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 56(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 168(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -64(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -56(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -48(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 64(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 176(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -56(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -48(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -40(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 72(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 184(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -48(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -40(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -32(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 80(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 192(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -40(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -32(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -24(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 88(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 200(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -32(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -24(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -16(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 96(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 208(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -24(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -16(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+ movq -8(%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbp
+ movq %r8, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 104(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 216(%r11)
+ movq %r12, %r9
+ movq %rbp, %r8
+ movq %r10, %rcx
+/APP
+ movq -16(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+ movq -8(%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rcx
+
+/NO_APP
+ movq %r9, %rbp
+ movq %rcx, %r12
+/APP
+ movq (%rsp),%rax
+ mulq 112(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, 224(%r11)
+ movq %r12, %r9
+ movq %rbp, %rcx
+ movq %r10, %r8
+/APP
+ movq -8(%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r8, %r12
+ movq %r9, %rbp
+/APP
+ movq (%rsp),%rax
+ mulq 120(%rsp)
+ addq %rax,%rcx
+ adcq %rdx,%rbp
+ adcq $0,%r12
+
+/NO_APP
+ movq %rcx, 232(%r11)
+ movq %rbp, %r8
+ movq %r12, %rcx
+/APP
+ movq (%rsp),%rax
+ mulq 128(%rsp)
+ addq %rax,%r8
+ adcq %rdx,%rcx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r8, 240(%r11)
+ movl (%rsi), %esi
+ xorl (%rdi), %esi
+ testq %rcx, %rcx
+ movq %rcx, 248(%r11)
+ movl $32, 8(%rbx)
+ jne .L76
+ .align 16
+.L84:
+ movl 8(%rbx), %edx
+ leal -1(%rdx), %edi
+ testl %edi, %edi
+ movl %edi, 8(%rbx)
+ je .L76
+ leal -2(%rdx), %eax
+ cmpq $0, (%r11,%rax,8)
+ je .L84
+.L76:
+ movl 8(%rbx), %edx
+ xorl %r11d, %r11d
+ testl %edx, %edx
+ cmovne %esi, %r11d
+ movl %r11d, (%rbx)
+ addq $136, %rsp
+ popq %rbx
+ popq %rbp
+ popq %r12
+ ret
+.LFE4:
+ .size s_mp_mul_comba_16, .-s_mp_mul_comba_16
+ .align 16
+.globl s_mp_mul_comba_32
+ .type s_mp_mul_comba_32, @function
+s_mp_mul_comba_32:
+.LFB5:
+ pushq %rbp
+.LCFI11:
+ movq %rsp, %rbp
+.LCFI12:
+ pushq %r13
+.LCFI13:
+ movq %rdx, %r13
+ movl $256, %edx
+ pushq %r12
+.LCFI14:
+ movq %rsi, %r12
+ pushq %rbx
+.LCFI15:
+ movq %rdi, %rbx
+ subq $520, %rsp
+.LCFI16:
+ movq 16(%rdi), %rsi
+ leaq -544(%rbp), %rdi
+ call memcpy@PLT
+ movq 16(%r12), %rsi
+ leaq -288(%rbp), %rdi
+ movl $256, %edx
+ call memcpy@PLT
+ movq 16(%r13), %r9
+ xorl %r8d, %r8d
+ movq %r8, %rsi
+ movq %r8, %rdi
+ movq %r8, %r10
+/APP
+ movq -544(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+/NO_APP
+ movq %rsi, (%r9)
+ movq %r10, %rsi
+ movq %r8, %r10
+/APP
+ movq -544(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r10
+
+/NO_APP
+ movq %r10, %r11
+/APP
+ movq -536(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r11
+
+/NO_APP
+ movq %rdi, 8(%r9)
+ movq %r11, %rdi
+ movq %r8, %r11
+/APP
+ movq -544(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%r11
+
+/NO_APP
+ movq %r11, %rcx
+/APP
+ movq -536(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -528(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 16(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -520(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 24(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -512(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 32(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -504(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 40(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -496(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 48(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -488(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 56(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -480(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 64(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -472(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 72(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -464(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 80(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -456(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 88(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -448(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 96(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -440(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 104(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -432(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 112(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -424(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 120(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -416(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 128(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -408(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 136(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -400(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 144(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -392(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 152(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -384(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 160(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -376(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 168(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -368(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 176(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -360(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 184(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -352(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 192(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -344(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 200(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -336(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 208(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -328(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 216(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -320(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 224(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -312(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 232(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -544(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -536(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -304(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 240(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -544(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -536(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -528(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -288(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 248(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -536(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -528(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -520(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -280(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 256(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -528(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -520(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -512(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -272(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 264(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -520(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -512(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -504(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -264(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 272(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -512(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -504(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -496(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -256(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 280(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -504(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -496(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -488(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -248(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 288(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -496(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -488(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -480(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -240(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 296(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -488(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -480(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -472(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -232(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 304(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -480(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -472(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -464(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -224(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 312(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -472(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -464(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -456(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -448(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -440(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -216(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 320(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -464(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -456(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -448(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -440(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -432(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -208(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 328(%r9)
+ movq %r11, %rdi
+ movq %r10, %r11
+ movq %r8, %r10
+/APP
+ movq -456(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -448(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -440(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -432(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -424(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -416(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -408(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -400(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -392(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -384(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -376(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -368(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -360(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -352(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -344(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -336(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -328(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -320(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -312(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -304(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+ movq -296(%rbp),%rax
+ mulq -200(%rbp)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%r10
+
+/NO_APP
+ movq %r11, 336(%r9)
+ movq %r10, %rsi
+ movq %r8, %r10
+/APP
+ movq -448(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r10
+
+/NO_APP
+ movq %r10, %rcx
+/APP
+ movq -440(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -432(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rsi, %r11
+ movq %rcx, %r10
+/APP
+ movq -296(%rbp),%rax
+ mulq -192(%rbp)
+ addq %rax,%rdi
+ adcq %rdx,%r11
+ adcq $0,%r10
+
+/NO_APP
+ movq %rdi, 344(%r9)
+ movq %r11, %rcx
+ movq %r10, %rdi
+ movq %r8, %r11
+/APP
+ movq -440(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%r11
+
+/NO_APP
+ movq %r11, %rsi
+/APP
+ movq -432(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -424(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -184(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 352(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -432(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -424(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -416(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -176(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 360(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -424(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -416(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -408(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -168(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 368(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -416(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -408(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -400(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -160(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 376(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -408(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -400(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -392(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -152(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 384(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -400(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -392(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -384(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -144(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 392(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -392(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -384(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -376(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -136(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 400(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -384(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -376(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -368(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -128(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 408(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -376(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -368(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -360(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -120(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 416(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -368(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -360(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -352(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -112(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 424(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -360(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -352(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -344(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -104(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 432(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -352(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -344(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -336(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -96(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 440(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -344(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -336(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -328(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -88(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 448(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -336(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -328(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -320(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -80(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 456(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -328(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -320(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -312(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -72(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 464(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -320(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -312(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+ movq -304(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rcx, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -64(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 472(%r9)
+ movq %r11, %rdi
+ movq %r10, %rcx
+ movq %r8, %rsi
+/APP
+ movq -312(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq -304(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r10
+ movq %rsi, %r11
+/APP
+ movq -296(%rbp),%rax
+ mulq -56(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rcx, 480(%r9)
+ movq %r11, %rdi
+ movq %r10, %rsi
+ movq %r8, %rcx
+/APP
+ movq -304(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%rdi
+ adcq $0,%rcx
+
+/NO_APP
+ movq %rcx, %r11
+ movq %rdi, %r10
+/APP
+ movq -296(%rbp),%rax
+ mulq -48(%rbp)
+ addq %rax,%rsi
+ adcq %rdx,%r10
+ adcq $0,%r11
+
+/NO_APP
+ movq %rsi, 488(%r9)
+ movq %r10, %rcx
+ movq %r11, %rsi
+/APP
+ movq -296(%rbp),%rax
+ mulq -40(%rbp)
+ addq %rax,%rcx
+ adcq %rdx,%rsi
+ adcq $0,%r8
+
+/NO_APP
+ movq %rcx, 496(%r9)
+ movl (%r12), %ecx
+ xorl (%rbx), %ecx
+ testq %rsi, %rsi
+ movq %rsi, 504(%r9)
+ movl $64, 8(%r13)
+ jne .L149
+ .align 16
+.L157:
+ movl 8(%r13), %edx
+ leal -1(%rdx), %ebx
+ testl %ebx, %ebx
+ movl %ebx, 8(%r13)
+ je .L149
+ leal -2(%rdx), %r12d
+ cmpq $0, (%r9,%r12,8)
+ je .L157
+.L149:
+ movl 8(%r13), %r9d
+ xorl %edx, %edx
+ testl %r9d, %r9d
+ cmovne %ecx, %edx
+ movl %edx, (%r13)
+ addq $520, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ leave
+ ret
+.LFE5:
+ .size s_mp_mul_comba_32, .-s_mp_mul_comba_32
+ .align 16
+.globl s_mp_sqr_comba_4
+ .type s_mp_sqr_comba_4, @function
+s_mp_sqr_comba_4:
+.LFB6:
+ pushq %rbp
+.LCFI17:
+ movq %rsi, %r11
+ xorl %esi, %esi
+ movq %rsi, %r10
+ movq %rsi, %rbp
+ movq %rsi, %r8
+ pushq %rbx
+.LCFI18:
+ movq %rsi, %rbx
+ movq 16(%rdi), %rcx
+ movq %rsi, %rdi
+/APP
+ movq (%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r10, -72(%rsp)
+/APP
+ movq (%rcx),%rax
+ mulq 8(%rcx)
+ addq %rax,%rbx
+ adcq %rdx,%rdi
+ adcq $0,%rbp
+ addq %rax,%rbx
+ adcq %rdx,%rdi
+ adcq $0,%rbp
+
+/NO_APP
+ movq %rbx, -64(%rsp)
+/APP
+ movq (%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%rbp
+ adcq $0,%r8
+ addq %rax,%rdi
+ adcq %rdx,%rbp
+ adcq $0,%r8
+
+/NO_APP
+ movq %rbp, %rbx
+ movq %r8, %rbp
+/APP
+ movq 8(%rcx),%rax
+ mulq %rax
+ addq %rax,%rdi
+ adcq %rdx,%rbx
+ adcq $0,%rbp
+
+/NO_APP
+ movq %rdi, -56(%rsp)
+ movq %rbp, %r9
+ movq %rbx, %r8
+ movq %rsi, %rdi
+/APP
+ movq (%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rdi
+ addq %rax,%r8
+ adcq %rdx,%r9
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r9, %rbx
+ movq %rdi, %rbp
+/APP
+ movq 8(%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rbx
+ adcq $0,%rbp
+ addq %rax,%r8
+ adcq %rdx,%rbx
+ adcq $0,%rbp
+
+/NO_APP
+ movq %r8, -48(%rsp)
+ movq %rbp, %r9
+ movq %rbx, %rdi
+ movq %rsi, %r8
+ movl $8, 8(%r11)
+ movl $0, (%r11)
+/APP
+ movq 8(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%r9
+ adcq $0,%r8
+ addq %rax,%rdi
+ adcq %rdx,%r9
+ adcq $0,%r8
+
+/NO_APP
+ movq %r9, %rbx
+ movq %r8, %rbp
+/APP
+ movq 16(%rcx),%rax
+ mulq %rax
+ addq %rax,%rdi
+ adcq %rdx,%rbx
+ adcq $0,%rbp
+
+/NO_APP
+ movq %rbp, %rax
+ movq %rdi, -40(%rsp)
+ movq %rbx, %rbp
+ movq %rax, %rdi
+ movq %rsi, %rbx
+/APP
+ movq 16(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%rbp
+ adcq %rdx,%rdi
+ adcq $0,%rbx
+ addq %rax,%rbp
+ adcq %rdx,%rdi
+ adcq $0,%rbx
+
+/NO_APP
+ movq %rbp, -32(%rsp)
+ movq %rbx, %r9
+/APP
+ movq 24(%rcx),%rax
+ mulq %rax
+ addq %rax,%rdi
+ adcq %rdx,%r9
+ adcq $0,%rsi
+
+/NO_APP
+ movq 16(%r11), %rdx
+ movq %rdi, -24(%rsp)
+ movq %r9, -16(%rsp)
+ movq %r10, (%rdx)
+ movq -64(%rsp), %r8
+ movq %r8, 8(%rdx)
+ movq -56(%rsp), %rbp
+ movq %rbp, 16(%rdx)
+ movq -48(%rsp), %rdi
+ movq %rdi, 24(%rdx)
+ movq -40(%rsp), %rsi
+ movq %rsi, 32(%rdx)
+ movq -32(%rsp), %rbx
+ movq %rbx, 40(%rdx)
+ movq -24(%rsp), %rcx
+ movq %rcx, 48(%rdx)
+ movq -16(%rsp), %rax
+ movq %rax, 56(%rdx)
+ movl 8(%r11), %edx
+ testl %edx, %edx
+ je .L168
+ leal -1(%rdx), %ecx
+ movq 16(%r11), %rsi
+ mov %ecx, %r10d
+ cmpq $0, (%rsi,%r10,8)
+ jne .L166
+ movl %ecx, %edx
+ .align 16
+.L167:
+ testl %edx, %edx
+ movl %edx, %ecx
+ je .L171
+ decl %edx
+ mov %edx, %eax
+ cmpq $0, (%rsi,%rax,8)
+ je .L167
+ movl %ecx, 8(%r11)
+ movl %ecx, %edx
+.L166:
+ testl %edx, %edx
+ je .L168
+ popq %rbx
+ popq %rbp
+ movl (%r11), %eax
+ movl %eax, (%r11)
+ ret
+.L171:
+ movl %edx, 8(%r11)
+ .align 16
+.L168:
+ popq %rbx
+ popq %rbp
+ xorl %eax, %eax
+ movl %eax, (%r11)
+ ret
+.LFE6:
+ .size s_mp_sqr_comba_4, .-s_mp_sqr_comba_4
+ .align 16
+.globl s_mp_sqr_comba_8
+ .type s_mp_sqr_comba_8, @function
+s_mp_sqr_comba_8:
+.LFB7:
+ pushq %r14
+.LCFI19:
+ xorl %r9d, %r9d
+ movq %r9, %r14
+ movq %r9, %r10
+ pushq %r13
+.LCFI20:
+ movq %r9, %r13
+ pushq %r12
+.LCFI21:
+ movq %r9, %r12
+ pushq %rbp
+.LCFI22:
+ movq %rsi, %rbp
+ movq %r9, %rsi
+ pushq %rbx
+.LCFI23:
+ movq %r9, %rbx
+ subq $8, %rsp
+.LCFI24:
+ movq 16(%rdi), %rcx
+/APP
+ movq (%rcx),%rax
+ mulq %rax
+ addq %rax,%r14
+ adcq %rdx,%rbx
+ adcq $0,%r12
+
+/NO_APP
+ movq %r14, -120(%rsp)
+/APP
+ movq (%rcx),%rax
+ mulq 8(%rcx)
+ addq %rax,%rbx
+ adcq %rdx,%r12
+ adcq $0,%r10
+ addq %rax,%rbx
+ adcq %rdx,%r12
+ adcq $0,%r10
+
+/NO_APP
+ movq %rbx, -112(%rsp)
+/APP
+ movq (%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%r12
+ adcq %rdx,%r10
+ adcq $0,%r13
+ addq %rax,%r12
+ adcq %rdx,%r10
+ adcq $0,%r13
+
+/NO_APP
+ movq %r10, %rbx
+ movq %r13, %r10
+ movq %r9, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq %rax
+ addq %rax,%r12
+ adcq %rdx,%rbx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r12, -104(%rsp)
+ movq %r10, %rdi
+ movq %rbx, %r11
+/APP
+ movq (%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+ addq %rax,%r11
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %rbx
+ movq %rsi, %r10
+ movq %r9, %rdi
+/APP
+ movq 8(%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%r11
+ adcq %rdx,%rbx
+ adcq $0,%r10
+ addq %rax,%r11
+ adcq %rdx,%rbx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r9, %rsi
+ movq %r11, -96(%rsp)
+ movq %r10, %r8
+ movq %rbx, %r12
+ movq %r9, %r11
+/APP
+ movq (%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r12
+ adcq %rdx,%r8
+ adcq $0,%r13
+ addq %rax,%r12
+ adcq %rdx,%r8
+ adcq $0,%r13
+
+ movq 8(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r12
+ adcq %rdx,%r8
+ adcq $0,%r13
+ addq %rax,%r12
+ adcq %rdx,%r8
+ adcq $0,%r13
+
+/NO_APP
+ movq %r8, %rbx
+ movq %r13, %r10
+ movq %r9, %r8
+/APP
+ movq 16(%rcx),%rax
+ mulq %rax
+ addq %rax,%r12
+ adcq %rdx,%rbx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r12, -88(%rsp)
+/APP
+ movq (%rcx),%rax
+ mulq 40(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r11
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r11
+
+/NO_APP
+ movq %rbx, -80(%rsp)
+/APP
+ movq (%rcx),%rax
+ mulq 48(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+/APP
+ movq 24(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -72(%rsp)
+ movq %r11, %r10
+/APP
+ movq (%rcx),%rax
+ mulq 56(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+/APP
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%rax
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%rax
+
+/NO_APP
+ movq %rbx, -64(%rsp)
+ movq %rax, %r11
+ movq %r9, %rbx
+/APP
+ movq 8(%rcx),%rax
+ mulq 56(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+
+/NO_APP
+ movq %rbx, %rsi
+ movq %r13, %rdi
+ movq %r11, %rbx
+ movq %r12, %r13
+ movq %rsi, %r11
+/APP
+ movq 32(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -56(%rsp)
+ movq %r9, %r10
+/APP
+ movq 16(%rcx),%rax
+ mulq 56(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %r13,%r13
+
+ movq 24(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%r13
+
+ movq 32(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%r13
+
+/NO_APP
+ movq %rdi, %r12
+ movq %r13, %rax
+/APP
+ addq %r8,%rbx
+ adcq %r12,%r11
+ adcq %rax,%r10
+ addq %r8,%rbx
+ adcq %r12,%r11
+ adcq %rax,%r10
+
+/NO_APP
+ movq %rbx, -48(%rsp)
+ movq %r11, %r12
+ movq %r10, %rsi
+ movq %r9, %rbx
+ movq %r9, %r11
+/APP
+ movq 24(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r12
+ adcq %rdx,%rsi
+ adcq $0,%rbx
+ addq %rax,%r12
+ adcq %rdx,%rsi
+ adcq $0,%rbx
+
+/NO_APP
+ movq %rbx, %r13
+/APP
+ movq 32(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r12
+ adcq %rdx,%rsi
+ adcq $0,%r13
+ addq %rax,%r12
+ adcq %rdx,%rsi
+ adcq $0,%r13
+
+/NO_APP
+ movq %rsi, %r10
+ movq %r13, %rbx
+ movq %r9, %r13
+/APP
+ movq 40(%rcx),%rax
+ mulq %rax
+ addq %rax,%r12
+ adcq %rdx,%r10
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r12, -40(%rsp)
+ movq %rbx, %r8
+ movq %r10, %rdi
+/APP
+ movq 32(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%r8
+ adcq $0,%r11
+ addq %rax,%rdi
+ adcq %rdx,%r8
+ adcq $0,%r11
+
+/NO_APP
+ movq %r8, %r10
+ movq %r11, %rbx
+/APP
+ movq 40(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%r10
+ adcq $0,%rbx
+ addq %rax,%rdi
+ adcq %rdx,%r10
+ adcq $0,%rbx
+
+/NO_APP
+ movq %rdi, -32(%rsp)
+ movq %rbx, %rsi
+ movq %r10, %r12
+/APP
+ movq 40(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r12
+ adcq %rdx,%rsi
+ adcq $0,%r13
+ addq %rax,%r12
+ adcq %rdx,%rsi
+ adcq $0,%r13
+
+/NO_APP
+ movq %rsi, %r10
+ movq %r13, %rbx
+/APP
+ movq 48(%rcx),%rax
+ mulq %rax
+ addq %rax,%r12
+ adcq %rdx,%r10
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r12, -24(%rsp)
+ movq %r10, %rdi
+ movq %rbx, %rsi
+ movq %r9, %r10
+ movl $16, 8(%rbp)
+ movl $0, (%rbp)
+/APP
+ movq 48(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r10
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r10
+
+/NO_APP
+ movq %rdi, -16(%rsp)
+ movq %r10, %r8
+/APP
+ movq 56(%rcx),%rax
+ mulq %rax
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r9
+
+/NO_APP
+ movq 16(%rbp), %rax
+ movq %rsi, -8(%rsp)
+ movq %r8, (%rsp)
+ movq %r14, (%rax)
+ movq -112(%rsp), %rbx
+ movq %rbx, 8(%rax)
+ movq -104(%rsp), %rcx
+ movq %rcx, 16(%rax)
+ movq -96(%rsp), %rdx
+ movq %rdx, 24(%rax)
+ movq -88(%rsp), %r14
+ movq %r14, 32(%rax)
+ movq -80(%rsp), %r13
+ movq %r13, 40(%rax)
+ movq -72(%rsp), %r12
+ movq %r12, 48(%rax)
+ movq -64(%rsp), %r11
+ movq %r11, 56(%rax)
+ movq -56(%rsp), %r10
+ movq %r10, 64(%rax)
+ movq -48(%rsp), %r9
+ movq %r9, 72(%rax)
+ movq -40(%rsp), %r8
+ movq %r8, 80(%rax)
+ movq -32(%rsp), %rdi
+ movq %rdi, 88(%rax)
+ movq -24(%rsp), %rsi
+ movq %rsi, 96(%rax)
+ movq -16(%rsp), %rbx
+ movq %rbx, 104(%rax)
+ movq -8(%rsp), %rcx
+ movq %rcx, 112(%rax)
+ movq (%rsp), %rdx
+ movq %rdx, 120(%rax)
+ movl 8(%rbp), %edx
+ testl %edx, %edx
+ je .L192
+ leal -1(%rdx), %ecx
+ movq 16(%rbp), %rsi
+ mov %ecx, %r14d
+ cmpq $0, (%rsi,%r14,8)
+ jne .L190
+ movl %ecx, %edx
+ .align 16
+.L191:
+ testl %edx, %edx
+ movl %edx, %ecx
+ je .L195
+ decl %edx
+ mov %edx, %r9d
+ cmpq $0, (%rsi,%r9,8)
+ je .L191
+ movl %ecx, 8(%rbp)
+ movl %ecx, %edx
+.L190:
+ testl %edx, %edx
+ je .L192
+ movl (%rbp), %eax
+ movl %eax, (%rbp)
+ addq $8, %rsp
+ popq %rbx
+ popq %rbp
+ popq %r12
+ popq %r13
+ popq %r14
+ ret
+.L195:
+ movl %edx, 8(%rbp)
+ .align 16
+.L192:
+ xorl %eax, %eax
+ movl %eax, (%rbp)
+ addq $8, %rsp
+ popq %rbx
+ popq %rbp
+ popq %r12
+ popq %r13
+ popq %r14
+ ret
+.LFE7:
+ .size s_mp_sqr_comba_8, .-s_mp_sqr_comba_8
+ .align 16
+.globl s_mp_sqr_comba_16
+ .type s_mp_sqr_comba_16, @function
+s_mp_sqr_comba_16:
+.LFB8:
+ pushq %rbp
+.LCFI25:
+ xorl %r9d, %r9d
+ movq %r9, %r8
+ movq %r9, %r11
+ movq %rsp, %rbp
+.LCFI26:
+ pushq %r14
+.LCFI27:
+ movq %rsi, %r14
+ movq %r9, %rsi
+ pushq %r13
+.LCFI28:
+ movq %r9, %r13
+ pushq %r12
+.LCFI29:
+ movq %r9, %r12
+ pushq %rbx
+.LCFI30:
+ movq %r9, %rbx
+ subq $256, %rsp
+.LCFI31:
+ movq 16(%rdi), %rcx
+/APP
+ movq (%rcx),%rax
+ mulq %rax
+ addq %rax,%r8
+ adcq %rdx,%rbx
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, -288(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 8(%rcx)
+ addq %rax,%rbx
+ adcq %rdx,%rsi
+ adcq $0,%r12
+ addq %rax,%rbx
+ adcq %rdx,%rsi
+ adcq $0,%r12
+
+/NO_APP
+ movq %rbx, -280(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r12
+ adcq $0,%r13
+ addq %rax,%rsi
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r12, %rbx
+ movq %r13, %r10
+/APP
+ movq 8(%rcx),%rax
+ mulq %rax
+ addq %rax,%rsi
+ adcq %rdx,%rbx
+ adcq $0,%r10
+
+/NO_APP
+ movq %rsi, -272(%rbp)
+ movq %r10, %rdi
+ movq %r9, %rsi
+ movq %rbx, %r10
+/APP
+ movq (%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r10
+ adcq %rdx,%rdi
+ adcq $0,%r11
+ addq %rax,%r10
+ adcq %rdx,%rdi
+ adcq $0,%r11
+
+/NO_APP
+ movq %rdi, %r12
+ movq %r11, %rbx
+ movq %r9, %rdi
+/APP
+ movq 8(%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%rbx
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r9, %r11
+ movq %r10, -264(%rbp)
+ movq %rbx, %r8
+ movq %r12, %r13
+ movq %r9, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+ movq 8(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, %rbx
+ movq %r12, %r10
+ movq %r9, %r8
+/APP
+ movq 16(%rcx),%rax
+ mulq %rax
+ addq %rax,%r13
+ adcq %rdx,%rbx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r13, -256(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 40(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r11
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r11
+
+/NO_APP
+ movq %rbx, -248(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 48(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+/APP
+ movq 24(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -240(%rbp)
+ movq %r11, %r10
+/APP
+ movq (%rcx),%rax
+ mulq 56(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rdx
+/APP
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%rdx
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%rdx
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rbx, -232(%rbp)
+ movq %r9, %rbx
+/APP
+ movq (%rcx),%rax
+ mulq 64(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+
+ movq 32(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%r11
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r13, %rdi
+ movq %r10, -224(%rbp)
+ movq %r12, %rsi
+ movq %rbx, %r10
+ movq %r9, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 72(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r11
+ adcq %rdi,%r10
+ adcq %rsi,%r12
+ addq %r8,%r11
+ adcq %rdi,%r10
+ adcq %rsi,%r12
+
+/NO_APP
+ movq %r11, -216(%rbp)
+ movq %r12, %rbx
+/APP
+ movq (%rcx),%rax
+ mulq 80(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%rbx
+ adcq %r12,%rax
+ addq %r8,%r10
+ adcq %r13,%rbx
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %rbx, %r11
+ movq %r13, %rdi
+ movq %rdx, %rbx
+ movq %r12, %rsi
+/APP
+ movq 40(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%r11
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r10, -208(%rbp)
+ movq %rbx, %r10
+/APP
+ movq (%rcx),%rax
+ mulq 88(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rdx
+/APP
+ addq %r8,%r11
+ adcq %rdi,%r10
+ adcq %rsi,%rdx
+ addq %r8,%r11
+ adcq %rdi,%r10
+ adcq %rsi,%rdx
+
+/NO_APP
+ movq %rdx, %r13
+ movq %r11, -200(%rbp)
+ movq %r13, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 96(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %rdx
+ movq %rsi, %r11
+/APP
+ addq %r8,%r10
+ adcq %rdx,%r12
+ adcq %r11,%rax
+ addq %r8,%r10
+ adcq %rdx,%r12
+ adcq %r11,%rax
+
+/NO_APP
+ movq %rdx, %rbx
+ movq %rax, %r13
+ movq %r11, %rsi
+/APP
+ movq 48(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %rbx, %rdi
+ movq %r10, -192(%rbp)
+ movq %r13, %r10
+/APP
+ movq (%rcx),%rax
+ mulq 104(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r9, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r12
+ adcq %rdi,%r10
+ adcq %rsi,%r13
+ addq %r8,%r12
+ adcq %rdi,%r10
+ adcq %rsi,%r13
+
+/NO_APP
+ movq %r12, -184(%rbp)
+ movq %r13, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 112(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %rbx
+ movq %rsi, %rdx
+/APP
+ addq %r8,%r10
+ adcq %rbx,%r12
+ adcq %rdx,%rax
+ addq %r8,%r10
+ adcq %rbx,%r12
+ adcq %rdx,%rax
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r13
+ movq %rbx, %rdi
+/APP
+ movq 56(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r10, -176(%rbp)
+ movq %r13, %r10
+/APP
+ movq (%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r9, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r12
+ adcq %rdi,%r10
+ adcq %rsi,%r13
+ addq %r8,%r12
+ adcq %rdi,%r10
+ adcq %rsi,%r13
+
+/NO_APP
+ movq %r12, -168(%rbp)
+ movq %r13, %r12
+/APP
+ movq 8(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %rbx
+ movq %rsi, %rdx
+/APP
+ addq %r8,%r10
+ adcq %rbx,%r12
+ adcq %rdx,%rax
+ addq %r8,%r10
+ adcq %rbx,%r12
+ adcq %rdx,%rax
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r13
+ movq %rbx, %rdi
+/APP
+ movq 64(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r10, -160(%rbp)
+ movq %r9, %r11
+/APP
+ movq 16(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r13, %r10
+ movq %r9, %rbx
+/APP
+ movq 24(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r12
+ adcq %rdi,%r10
+ adcq %rsi,%r11
+ addq %r8,%r12
+ adcq %rdi,%r10
+ adcq %rsi,%r11
+
+/NO_APP
+ movq %r12, -152(%rbp)
+/APP
+ movq 24(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+
+/NO_APP
+ movq %rbx, %rdx
+ movq %r13, %rdi
+ movq %r11, %rbx
+ movq %r12, %rsi
+ movq %rdx, %r11
+ movq %r9, %r12
+/APP
+ movq 72(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -144(%rbp)
+ movq %r11, %r10
+/APP
+ movq 32(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r12
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r12
+
+/NO_APP
+ movq %rbx, -136(%rbp)
+ movq %r12, %r11
+/APP
+ movq 40(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+/APP
+ movq 80(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -128(%rbp)
+ movq %r11, %r10
+/APP
+ movq 48(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rdx
+/APP
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%rdx
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%rdx
+
+/NO_APP
+ movq %rbx, -120(%rbp)
+ movq %rdx, %r11
+ movq %r9, %rbx
+/APP
+ movq 56(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rbx
+
+/NO_APP
+ movq %rbx, %rdx
+ movq %r13, %rdi
+ movq %r11, %rbx
+ movq %r12, %rsi
+ movq %rdx, %r11
+ movq %r9, %r12
+/APP
+ movq 88(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -112(%rbp)
+ movq %r11, %r10
+/APP
+ movq 64(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 88(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r12
+ addq %r8,%rbx
+ adcq %rdi,%r10
+ adcq %rsi,%r12
+
+/NO_APP
+ movq %rbx, -104(%rbp)
+ movq %r12, %r11
+/APP
+ movq 72(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 88(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r9, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r10
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+/APP
+ movq 96(%rcx),%rax
+ mulq %rax
+ addq %rax,%r10
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r10, -96(%rbp)
+ movq %r9, %r10
+/APP
+ movq 80(%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 88(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 96(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r12
+ movq %rsi, %rax
+ movq %r9, %rsi
+/APP
+ addq %r8,%rbx
+ adcq %r12,%r11
+ adcq %rax,%r10
+ addq %r8,%rbx
+ adcq %r12,%r11
+ adcq %rax,%r10
+
+/NO_APP
+ movq %r9, %r12
+ movq %rbx, -88(%rbp)
+ movq %r11, %r13
+ movq %r10, %r11
+/APP
+ movq 88(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%r13
+ adcq %rdx,%r11
+ adcq $0,%r12
+ addq %rax,%r13
+ adcq %rdx,%r11
+ adcq $0,%r12
+
+/NO_APP
+ movq %r12, %rdi
+/APP
+ movq 96(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r13
+ adcq %rdx,%r11
+ adcq $0,%rdi
+ addq %rax,%r13
+ adcq %rdx,%r11
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r11, %rbx
+ movq %rdi, %r10
+ movq %r9, %r11
+/APP
+ movq 104(%rcx),%rax
+ mulq %rax
+ addq %rax,%r13
+ adcq %rdx,%rbx
+ adcq $0,%r10
+
+/NO_APP
+ movq %r13, -80(%rbp)
+ movq %r10, %r8
+ movq %rbx, %r10
+/APP
+ movq 96(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%r10
+ adcq %rdx,%r8
+ adcq $0,%rsi
+ addq %rax,%r10
+ adcq %rdx,%r8
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %r12
+ movq %rsi, %rbx
+/APP
+ movq 104(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%rbx
+ addq %rax,%r10
+ adcq %rdx,%r12
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r10, -72(%rbp)
+ movq %rbx, %r13
+ movq %r12, %rbx
+/APP
+ movq 104(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rbx
+ adcq %rdx,%r13
+ adcq $0,%r11
+ addq %rax,%rbx
+ adcq %rdx,%r13
+ adcq $0,%r11
+
+/NO_APP
+ movq %r11, %r12
+ movq %r13, %r10
+/APP
+ movq 112(%rcx),%rax
+ mulq %rax
+ addq %rax,%rbx
+ adcq %rdx,%r10
+ adcq $0,%r12
+
+/NO_APP
+ movq %rbx, -64(%rbp)
+ movq %r10, %rdi
+ movq %r9, %rbx
+ movq %r12, %rsi
+/APP
+ movq 112(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rbx
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%rbx
+
+/NO_APP
+ movq %rdi, -56(%rbp)
+ movq %rbx, %r8
+/APP
+ movq 120(%rcx),%rax
+ mulq %rax
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r9
+
+/NO_APP
+ movq %rsi, -48(%rbp)
+ movq 16(%r14), %rdi
+ leaq -288(%rbp), %rsi
+ movl $256, %edx
+ movq %r8, -40(%rbp)
+ movl $32, 8(%r14)
+ movl $0, (%r14)
+ call memcpy@PLT
+ movl 8(%r14), %edx
+ testl %edx, %edx
+ je .L232
+ leal -1(%rdx), %ecx
+ movq 16(%r14), %rsi
+ mov %ecx, %r9d
+ cmpq $0, (%rsi,%r9,8)
+ jne .L230
+ movl %ecx, %edx
+ .align 16
+.L231:
+ testl %edx, %edx
+ movl %edx, %ecx
+ je .L235
+ decl %edx
+ mov %edx, %eax
+ cmpq $0, (%rsi,%rax,8)
+ je .L231
+ movl %ecx, 8(%r14)
+ movl %ecx, %edx
+.L230:
+ testl %edx, %edx
+ je .L232
+ movl (%r14), %eax
+ movl %eax, (%r14)
+ addq $256, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ leave
+ ret
+.L235:
+ movl %edx, 8(%r14)
+ .align 16
+.L232:
+ xorl %eax, %eax
+ movl %eax, (%r14)
+ addq $256, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ leave
+ ret
+.LFE8:
+ .size s_mp_sqr_comba_16, .-s_mp_sqr_comba_16
+ .align 16
+.globl s_mp_sqr_comba_32
+ .type s_mp_sqr_comba_32, @function
+s_mp_sqr_comba_32:
+.LFB9:
+ pushq %rbp
+.LCFI32:
+ xorl %r10d, %r10d
+ movq %r10, %r8
+ movq %r10, %r11
+ movq %rsp, %rbp
+.LCFI33:
+ pushq %r14
+.LCFI34:
+ movq %rsi, %r14
+ movq %r10, %rsi
+ pushq %r13
+.LCFI35:
+ movq %r10, %r13
+ pushq %r12
+.LCFI36:
+ movq %r10, %r12
+ pushq %rbx
+.LCFI37:
+ movq %r10, %rbx
+ subq $512, %rsp
+.LCFI38:
+ movq 16(%rdi), %rcx
+/APP
+ movq (%rcx),%rax
+ mulq %rax
+ addq %rax,%r8
+ adcq %rdx,%rbx
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, -544(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 8(%rcx)
+ addq %rax,%rbx
+ adcq %rdx,%rsi
+ adcq $0,%r12
+ addq %rax,%rbx
+ adcq %rdx,%rsi
+ adcq $0,%r12
+
+/NO_APP
+ movq %rbx, -536(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r12
+ adcq $0,%r13
+ addq %rax,%rsi
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r12, %rbx
+ movq %r13, %r9
+/APP
+ movq 8(%rcx),%rax
+ mulq %rax
+ addq %rax,%rsi
+ adcq %rdx,%rbx
+ adcq $0,%r9
+
+/NO_APP
+ movq %rsi, -528(%rbp)
+ movq %r9, %rdi
+ movq %r10, %rsi
+ movq %rbx, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r9
+ adcq %rdx,%rdi
+ adcq $0,%r11
+ addq %rax,%r9
+ adcq %rdx,%rdi
+ adcq $0,%r11
+
+/NO_APP
+ movq %rdi, %r12
+ movq %r11, %r13
+ movq %r10, %rdi
+/APP
+ movq 8(%rcx),%rax
+ mulq 16(%rcx)
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r10, %r11
+ movq %r9, -520(%rbp)
+ movq %r13, %r8
+ movq %r12, %r13
+ movq %r10, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+ movq 8(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+ addq %rax,%r13
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+/NO_APP
+ movq %r8, %rbx
+ movq %r12, %r9
+ movq %r10, %r8
+/APP
+ movq 16(%rcx),%rax
+ mulq %rax
+ addq %rax,%r13
+ adcq %rdx,%rbx
+ adcq $0,%r9
+
+/NO_APP
+ movq %r13, -512(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 40(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 24(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%r11
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%r11
+
+/NO_APP
+ movq %rbx, -504(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 48(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+/APP
+ movq 24(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r9, -496(%rbp)
+ movq %r11, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 56(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 32(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rdx
+/APP
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%rdx
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%rdx
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rbx, -488(%rbp)
+ movq %r10, %rbx
+/APP
+ movq (%rcx),%rax
+ mulq 64(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rbx
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rbx
+
+ movq 32(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r11
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r13, %rdi
+ movq %r9, -480(%rbp)
+ movq %r12, %rsi
+ movq %rbx, %r9
+ movq %r10, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 72(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 40(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r11
+ adcq %rdi,%r9
+ adcq %rsi,%r12
+ addq %r8,%r11
+ adcq %rdi,%r9
+ adcq %rsi,%r12
+
+/NO_APP
+ movq %r11, -472(%rbp)
+ movq %r12, %rbx
+/APP
+ movq (%rcx),%rax
+ mulq 80(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%rbx
+ adcq %r12,%rax
+ addq %r8,%r9
+ adcq %r13,%rbx
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %rbx, %r11
+ movq %r13, %rdi
+ movq %rdx, %rbx
+ movq %r12, %rsi
+/APP
+ movq 40(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r11
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r9, -464(%rbp)
+ movq %rbx, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 88(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 48(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rdx
+/APP
+ addq %r8,%r11
+ adcq %rdi,%r9
+ adcq %rsi,%rdx
+ addq %r8,%r11
+ adcq %rdi,%r9
+ adcq %rsi,%rdx
+
+/NO_APP
+ movq %rdx, %r13
+ movq %r11, -456(%rbp)
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 96(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %rax
+ movq %rsi, %r11
+/APP
+ addq %r8,%r9
+ adcq %rax,%r12
+ adcq %r11,%r13
+ addq %r8,%r9
+ adcq %rax,%r12
+ adcq %r11,%r13
+
+/NO_APP
+ movq %rax, %rbx
+ movq %r11, %rsi
+/APP
+ movq 48(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %rbx, %rdi
+ movq %r9, -448(%rbp)
+ movq %r13, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 104(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 56(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r12
+ adcq %rdi,%r9
+ adcq %rsi,%r13
+ addq %r8,%r12
+ adcq %rdi,%r9
+ adcq %rsi,%r13
+
+/NO_APP
+ movq %r12, -440(%rbp)
+ movq %r10, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 112(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r13, %rdx
+ movq %rdi, %rbx
+ movq %rsi, %r13
+/APP
+ addq %r8,%r9
+ adcq %rbx,%rdx
+ adcq %r13,%r12
+ addq %r8,%r9
+ adcq %rbx,%rdx
+ adcq %r13,%r12
+
+/NO_APP
+ movq %r12, %rax
+ movq %r13, %r11
+ movq %rdx, %r12
+ movq %rax, %r13
+ movq %rbx, %rdi
+ movq %r11, %rsi
+/APP
+ movq 56(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r9, -432(%rbp)
+ movq %r13, %r9
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 120(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 8(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 64(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rax
+ movq %rdi, %rdx
+ movq %rsi, %rbx
+/APP
+ addq %rax,%r12
+ adcq %rdx,%r9
+ adcq %rbx,%r13
+ addq %rax,%r12
+ adcq %rdx,%r9
+ adcq %rbx,%r13
+
+/NO_APP
+ movq %r12, -424(%rbp)
+ movq %rdx, %r8
+ movq %rax, %rsi
+ movq %rbx, %rdi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 128(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 64(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -416(%rbp)
+ movq %r13, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 136(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 72(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %r12, -408(%rbp)
+ movq %rdx, %rdi
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 144(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 72(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -400(%rbp)
+ movq %r13, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 152(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 80(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %r12, -392(%rbp)
+ movq %rdx, %rdi
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 160(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 80(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -384(%rbp)
+ movq %r13, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 168(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 88(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %r12, -376(%rbp)
+ movq %rdx, %rdi
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 176(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 88(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -368(%rbp)
+ movq %r13, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 184(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 16(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 24(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 32(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 40(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 48(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 56(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 64(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 88(%rcx),%rax
+ mulq 96(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %rdi
+ movq %r12, -360(%rbp)
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 192(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+/APP
+ addq %rsi,%r9
+ adcq %rbx,%r12
+ adcq %rax,%r13
+ addq %rsi,%r9
+ adcq %rbx,%r12
+ adcq %rax,%r13
+
+/NO_APP
+ movq %rax, %r11
+ movq %rbx, %r8
+/APP
+ movq 96(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rdi
+ movq %r9, -352(%rbp)
+ movq %r13, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 200(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 104(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+
+/NO_APP
+ movq %r12, -344(%rbp)
+ movq %r10, %r12
+/APP
+ movq (%rcx),%rax
+ mulq 208(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r13, %rdx
+ movq %r8, %rbx
+ movq %rdi, %r13
+/APP
+ addq %rsi,%r9
+ adcq %rbx,%rdx
+ adcq %r13,%r12
+ addq %rsi,%r9
+ adcq %rbx,%rdx
+ adcq %r13,%r12
+
+/NO_APP
+ movq %r12, %rax
+ movq %r13, %r11
+ movq %rdx, %r12
+ movq %rax, %r13
+ movq %rbx, %r8
+ movq %r11, %rdi
+/APP
+ movq 104(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r9, -336(%rbp)
+ movq %r13, %r9
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 216(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 112(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+
+/NO_APP
+ movq %r12, -328(%rbp)
+/APP
+ movq (%rcx),%rax
+ mulq 224(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r13, %rax
+ movq %r10, %rdx
+ movq %r8, %rbx
+ movq %rdi, %r12
+/APP
+ addq %rsi,%r9
+ adcq %rbx,%rax
+ adcq %r12,%rdx
+ addq %rsi,%r9
+ adcq %rbx,%rax
+ adcq %r12,%rdx
+
+/NO_APP
+ movq %rdx, %rdi
+ movq %r12, %r11
+ movq %rbx, %r8
+ movq %rax, %r12
+ movq %rdi, %r13
+ movq %r11, %rdi
+/APP
+ movq 112(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r9, -320(%rbp)
+ movq %r13, %rbx
+ movq %r10, %r9
+/APP
+ movq (%rcx),%rax
+ mulq 232(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 120(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%rbx
+ adcq %rdi,%r9
+ addq %rsi,%r12
+ adcq %r8,%rbx
+ adcq %rdi,%r9
+
+/NO_APP
+ movq %r12, -312(%rbp)
+ movq %r9, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 240(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r10, %rax
+ movq %r8, %r11
+ movq %rdi, %rdx
+/APP
+ addq %rsi,%rbx
+ adcq %r11,%r13
+ adcq %rdx,%rax
+ addq %rsi,%rbx
+ adcq %r11,%r13
+ adcq %rdx,%rax
+
+/NO_APP
+ movq %rdx, %r9
+ movq %rax, %rdx
+ movq %r13, %r12
+ movq %r11, %r8
+ movq %rdx, %r13
+ movq %r9, %rdi
+/APP
+ movq 120(%rcx),%rax
+ mulq %rax
+ addq %rax,%rbx
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %rbx, -304(%rbp)
+ movq %r13, %rbx
+ movq %r10, %r13
+/APP
+ movq (%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 8(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 128(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%rbx
+ adcq %rdi,%r13
+ addq %rsi,%r12
+ adcq %r8,%rbx
+ adcq %rdi,%r13
+
+/NO_APP
+ movq %r12, -296(%rbp)
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq 8(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 16(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 24(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r8, %r11
+ movq %rdi, %rax
+/APP
+ addq %rsi,%rbx
+ adcq %r11,%r12
+ adcq %rax,%r13
+ addq %rsi,%rbx
+ adcq %r11,%r12
+ adcq %rax,%r13
+
+/NO_APP
+ movq %rax, %r9
+ movq %r11, %r8
+/APP
+ movq 128(%rcx),%rax
+ mulq %rax
+ addq %rax,%rbx
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r9, %rdi
+ movq %rbx, -288(%rbp)
+ movq %r13, %r9
+/APP
+ movq 16(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 24(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 136(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+
+/NO_APP
+ movq %r12, -280(%rbp)
+ movq %r10, %r12
+/APP
+ movq 24(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 32(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r13, %rdx
+ movq %r8, %rbx
+ movq %rdi, %r13
+/APP
+ addq %rsi,%r9
+ adcq %rbx,%rdx
+ adcq %r13,%r12
+ addq %rsi,%r9
+ adcq %rbx,%rdx
+ adcq %r13,%r12
+
+/NO_APP
+ movq %r12, %rax
+ movq %r13, %r11
+ movq %rdx, %r12
+ movq %rax, %r13
+ movq %rbx, %r8
+ movq %r11, %rdi
+/APP
+ movq 136(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r9, -272(%rbp)
+ movq %r13, %r9
+ movq %r10, %r13
+/APP
+ movq 32(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 40(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 144(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r13
+
+/NO_APP
+ movq %r12, -264(%rbp)
+/APP
+ movq 40(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 48(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r13, %rax
+ movq %r10, %rdx
+ movq %r8, %rbx
+ movq %rdi, %r12
+/APP
+ addq %rsi,%r9
+ adcq %rbx,%rax
+ adcq %r12,%rdx
+ addq %rsi,%r9
+ adcq %rbx,%rax
+ adcq %r12,%rdx
+
+/NO_APP
+ movq %rdx, %rdi
+ movq %r12, %r11
+ movq %rbx, %r8
+ movq %rax, %r12
+ movq %rdi, %r13
+ movq %r11, %rdi
+/APP
+ movq 144(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r10, %r11
+ movq %r9, -256(%rbp)
+ movq %r13, %r9
+/APP
+ movq 48(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 56(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 144(%rcx),%rax
+ mulq 152(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r11
+ addq %rsi,%r12
+ adcq %r8,%r9
+ adcq %rdi,%r11
+
+/NO_APP
+ movq %r12, -248(%rbp)
+ movq %r11, %r13
+/APP
+ movq 56(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 64(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 72(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 144(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %r10, %rax
+ movq %rsi, %rdx
+ movq %r8, %rbx
+ movq %rdi, %r12
+/APP
+ addq %rdx,%r9
+ adcq %rbx,%r13
+ adcq %r12,%rax
+ addq %rdx,%r9
+ adcq %rbx,%r13
+ adcq %r12,%rax
+
+/NO_APP
+ movq %r12, %r11
+ movq %rdx, %r8
+ movq %rax, %rdx
+ movq %r13, %r12
+ movq %rbx, %rdi
+ movq %rdx, %r13
+ movq %r11, %rsi
+/APP
+ movq 152(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r9, -240(%rbp)
+ movq %r13, %r9
+ movq %r10, %r13
+/APP
+ movq 64(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 72(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 80(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 88(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 96(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 104(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 112(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 120(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 128(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 136(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 144(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 160(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rax
+ movq %rdi, %rdx
+ movq %rsi, %rbx
+/APP
+ addq %rax,%r12
+ adcq %rdx,%r9
+ adcq %rbx,%r13
+ addq %rax,%r12
+ adcq %rdx,%r9
+ adcq %rbx,%r13
+
+/NO_APP
+ movq %r12, -232(%rbp)
+ movq %rdx, %r8
+ movq %rax, %rsi
+ movq %rbx, %rdi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq 72(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 80(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 88(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 144(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 152(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 160(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -224(%rbp)
+ movq %r13, %r9
+/APP
+ movq 80(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 88(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 96(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 104(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 112(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 120(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 128(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 136(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 144(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 168(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %r12, -216(%rbp)
+ movq %rdx, %rdi
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq 88(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 96(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 104(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 144(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 152(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 160(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 168(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -208(%rbp)
+ movq %r13, %r9
+/APP
+ movq 96(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 104(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 112(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 120(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 128(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 136(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 144(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 176(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %r12, -200(%rbp)
+ movq %rdx, %rdi
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq 104(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 112(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 120(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 144(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 152(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 160(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 168(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 176(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -192(%rbp)
+ movq %r13, %r9
+/APP
+ movq 112(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 120(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 128(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 136(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 144(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 184(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r8, %rbx
+ movq %rdi, %rax
+ movq %rsi, %rdx
+/APP
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+ addq %rbx,%r12
+ adcq %rax,%r9
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %r12, -184(%rbp)
+ movq %rdx, %rdi
+ movq %rax, %r8
+ movq %rbx, %rsi
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq 120(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%rsi
+ movq %rdx,%r8
+ xorq %rdi,%rdi
+
+ movq 128(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 136(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 144(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 152(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 160(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 168(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+ movq 176(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%rdi
+
+/NO_APP
+ movq %rsi, %rax
+ movq %r8, %rbx
+ movq %rdi, %rdx
+/APP
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+ addq %rax,%r9
+ adcq %rbx,%r12
+ adcq %rdx,%r13
+
+/NO_APP
+ movq %rdx, %r11
+ movq %rax, %r8
+ movq %rbx, %rdi
+/APP
+ movq 184(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -176(%rbp)
+ movq %r13, %r9
+/APP
+ movq 128(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+/NO_APP
+ movq %r10, %r13
+/APP
+ movq 136(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 144(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 192(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r12
+ adcq %rdi,%r9
+ adcq %rsi,%r13
+ addq %r8,%r12
+ adcq %rdi,%r9
+ adcq %rsi,%r13
+
+/NO_APP
+ movq %r12, -168(%rbp)
+ movq %r13, %r12
+ movq %r10, %r13
+/APP
+ movq 136(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 144(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %rbx
+ movq %rsi, %rax
+/APP
+ addq %r8,%r9
+ adcq %rbx,%r12
+ adcq %rax,%r13
+ addq %r8,%r9
+ adcq %rbx,%r12
+ adcq %rax,%r13
+
+/NO_APP
+ movq %rax, %r11
+ movq %rbx, %rdi
+ movq %r10, %rbx
+/APP
+ movq 192(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r11, %rsi
+ movq %r9, -160(%rbp)
+ movq %r13, %r9
+/APP
+ movq 144(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 152(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 192(%rcx),%rax
+ mulq 200(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%r12
+ adcq %rdi,%r9
+ adcq %rsi,%rbx
+ addq %r8,%r12
+ adcq %rdi,%r9
+ adcq %rsi,%rbx
+
+/NO_APP
+ movq %r12, -152(%rbp)
+/APP
+ movq 152(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 160(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 192(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rdx
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%rbx
+ adcq %r12,%rdx
+ addq %r8,%r9
+ adcq %r13,%rbx
+ adcq %r12,%rdx
+
+/NO_APP
+ movq %rdx, %rax
+ movq %r13, %rdi
+ movq %r12, %rsi
+ movq %rax, %r11
+ movq %r10, %r12
+/APP
+ movq 200(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r9, -144(%rbp)
+ movq %r11, %r9
+/APP
+ movq 160(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 168(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 192(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 200(%rcx),%rax
+ mulq 208(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%r12
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%r12
+
+/NO_APP
+ movq %rbx, -136(%rbp)
+ movq %r12, %r11
+/APP
+ movq 168(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 176(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 192(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 200(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+/APP
+ movq 208(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r9, -128(%rbp)
+ movq %r11, %r9
+/APP
+ movq 176(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 184(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 192(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 200(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 208(%rcx),%rax
+ mulq 216(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rdx
+/APP
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%rdx
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%rdx
+
+/NO_APP
+ movq %rbx, -120(%rbp)
+ movq %rdx, %r11
+ movq %r10, %rbx
+/APP
+ movq 184(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 192(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 200(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 208(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rbx
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rbx
+
+/NO_APP
+ movq %rbx, %rdx
+ movq %r13, %rdi
+ movq %r11, %rbx
+ movq %r12, %rsi
+ movq %rdx, %r11
+ movq %r10, %r12
+/APP
+ movq 216(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r9, -112(%rbp)
+ movq %r11, %r9
+/APP
+ movq 192(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 200(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 208(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 216(%rcx),%rax
+ mulq 224(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%r12
+ addq %r8,%rbx
+ adcq %rdi,%r9
+ adcq %rsi,%r12
+
+/NO_APP
+ movq %rbx, -104(%rbp)
+ movq %r12, %r11
+/APP
+ movq 200(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 208(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 216(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %r10, %rax
+ movq %rdi, %r13
+ movq %rsi, %r12
+/APP
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rax
+ addq %r8,%r9
+ adcq %r13,%r11
+ adcq %r12,%rax
+
+/NO_APP
+ movq %rax, %rdx
+ movq %r11, %rbx
+ movq %r13, %rdi
+ movq %rdx, %r11
+ movq %r12, %rsi
+ movq %r10, %r12
+/APP
+ movq 224(%rcx),%rax
+ mulq %rax
+ addq %rax,%r9
+ adcq %rdx,%rbx
+ adcq $0,%r11
+
+/NO_APP
+ movq %r9, -96(%rbp)
+ movq %r10, %r9
+/APP
+ movq 208(%rcx),%rax
+ mulq 248(%rcx)
+ movq %rax,%r8
+ movq %rdx,%rdi
+ xorq %rsi,%rsi
+
+ movq 216(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+ movq 224(%rcx),%rax
+ mulq 232(%rcx)
+ addq %rax,%r8
+ adcq %rdx,%rdi
+ adcq $0,%rsi
+
+/NO_APP
+ movq %rdi, %r13
+ movq %rsi, %rax
+/APP
+ addq %r8,%rbx
+ adcq %r13,%r11
+ adcq %rax,%r9
+ addq %r8,%rbx
+ adcq %r13,%r11
+ adcq %rax,%r9
+
+/NO_APP
+ movq %rbx, -88(%rbp)
+ movq %r11, %rsi
+ movq %r9, %r8
+/APP
+ movq 216(%rcx),%rax
+ mulq 248(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r12
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r12
+
+/NO_APP
+ movq %r12, %r11
+/APP
+ movq 224(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r11
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r11
+
+/NO_APP
+ movq %r8, %r13
+ movq %r11, %rbx
+/APP
+ movq 232(%rcx),%rax
+ mulq %rax
+ addq %rax,%rsi
+ adcq %rdx,%r13
+ adcq $0,%rbx
+
+/NO_APP
+ movq %rsi, -80(%rbp)
+ movq %rbx, %r12
+ movq %r13, %rdi
+ movq %r10, %r13
+/APP
+ movq 224(%rcx),%rax
+ mulq 248(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%r12
+ adcq $0,%r13
+ addq %rax,%rdi
+ adcq %rdx,%r12
+ adcq $0,%r13
+
+/NO_APP
+ movq %r12, %r9
+ movq %r13, %r12
+/APP
+ movq 232(%rcx),%rax
+ mulq 240(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%r9
+ adcq $0,%r12
+ addq %rax,%rdi
+ adcq %rdx,%r9
+ adcq $0,%r12
+
+/NO_APP
+ movq %rdi, -72(%rbp)
+ movq %r9, %r11
+ movq %r12, %rbx
+ movq %r10, %r9
+/APP
+ movq 232(%rcx),%rax
+ mulq 248(%rcx)
+ addq %rax,%r11
+ adcq %rdx,%rbx
+ adcq $0,%r9
+ addq %rax,%r11
+ adcq %rdx,%rbx
+ adcq $0,%r9
+
+/NO_APP
+ movq %rbx, %r13
+ movq %r9, %rbx
+ movq %r10, %r9
+/APP
+ movq 240(%rcx),%rax
+ mulq %rax
+ addq %rax,%r11
+ adcq %rdx,%r13
+ adcq $0,%rbx
+
+/NO_APP
+ movq %r11, -64(%rbp)
+ movq %r13, %rdi
+ movq %rbx, %rsi
+/APP
+ movq 240(%rcx),%rax
+ mulq 248(%rcx)
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r9
+ addq %rax,%rdi
+ adcq %rdx,%rsi
+ adcq $0,%r9
+
+/NO_APP
+ movq %rdi, -56(%rbp)
+ movq %r9, %r8
+/APP
+ movq 248(%rcx),%rax
+ mulq %rax
+ addq %rax,%rsi
+ adcq %rdx,%r8
+ adcq $0,%r10
+
+/NO_APP
+ movq %rsi, -48(%rbp)
+ movq 16(%r14), %rdi
+ leaq -544(%rbp), %rsi
+ movl $512, %edx
+ movq %r8, -40(%rbp)
+ movl $64, 8(%r14)
+ movl $0, (%r14)
+ call memcpy@PLT
+ movl 8(%r14), %edx
+ testl %edx, %edx
+ je .L304
+ leal -1(%rdx), %ecx
+ movq 16(%r14), %rsi
+ mov %ecx, %r10d
+ cmpq $0, (%rsi,%r10,8)
+ jne .L302
+ movl %ecx, %edx
+ .align 16
+.L303:
+ testl %edx, %edx
+ movl %edx, %ecx
+ je .L307
+ decl %edx
+ mov %edx, %eax
+ cmpq $0, (%rsi,%rax,8)
+ je .L303
+ movl %ecx, 8(%r14)
+ movl %ecx, %edx
+.L302:
+ testl %edx, %edx
+ je .L304
+ movl (%r14), %eax
+ movl %eax, (%r14)
+ addq $512, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ leave
+ ret
+.L307:
+ movl %edx, 8(%r14)
+ .align 16
+.L304:
+ xorl %eax, %eax
+ movl %eax, (%r14)
+ addq $512, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ leave
+ ret
+.LFE9:
+ .size s_mp_sqr_comba_32, .-s_mp_sqr_comba_32
diff --git a/security/nss/lib/freebl/mpi/mp_gf2m-priv.h b/security/nss/lib/freebl/mpi/mp_gf2m-priv.h
new file mode 100644
index 000000000..5be4da4bf
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mp_gf2m-priv.h
@@ -0,0 +1,73 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _MP_GF2M_PRIV_H_
+#define _MP_GF2M_PRIV_H_
+
+#include "mpi-priv.h"
+
+extern const mp_digit mp_gf2m_sqr_tb[16];
+
+#if defined(MP_USE_UINT_DIGIT)
+#define MP_DIGIT_BITS 32
+/* enable fast divide and mod operations on MP_DIGIT_BITS */
+#define MP_DIGIT_BITS_LOG_2 5
+#define MP_DIGIT_BITS_MASK 0x1f
+#else
+#define MP_DIGIT_BITS 64
+/* enable fast divide and mod operations on MP_DIGIT_BITS */
+#define MP_DIGIT_BITS_LOG_2 6
+#define MP_DIGIT_BITS_MASK 0x3f
+#endif
+
+/* Platform-specific macros for fast binary polynomial squaring. */
+#if MP_DIGIT_BITS == 32
+#define gf2m_SQR1(w) \
+ mp_gf2m_sqr_tb[(w) >> 28 & 0xF] << 24 | mp_gf2m_sqr_tb[(w) >> 24 & 0xF] << 16 | \
+ mp_gf2m_sqr_tb[(w) >> 20 & 0xF] << 8 | mp_gf2m_sqr_tb[(w) >> 16 & 0xF]
+#define gf2m_SQR0(w) \
+ mp_gf2m_sqr_tb[(w) >> 12 & 0xF] << 24 | mp_gf2m_sqr_tb[(w) >> 8 & 0xF] << 16 | \
+ mp_gf2m_sqr_tb[(w) >> 4 & 0xF] << 8 | mp_gf2m_sqr_tb[(w)&0xF]
+#else
+#define gf2m_SQR1(w) \
+ mp_gf2m_sqr_tb[(w) >> 60 & 0xF] << 56 | mp_gf2m_sqr_tb[(w) >> 56 & 0xF] << 48 | \
+ mp_gf2m_sqr_tb[(w) >> 52 & 0xF] << 40 | mp_gf2m_sqr_tb[(w) >> 48 & 0xF] << 32 | \
+ mp_gf2m_sqr_tb[(w) >> 44 & 0xF] << 24 | mp_gf2m_sqr_tb[(w) >> 40 & 0xF] << 16 | \
+ mp_gf2m_sqr_tb[(w) >> 36 & 0xF] << 8 | mp_gf2m_sqr_tb[(w) >> 32 & 0xF]
+#define gf2m_SQR0(w) \
+ mp_gf2m_sqr_tb[(w) >> 28 & 0xF] << 56 | mp_gf2m_sqr_tb[(w) >> 24 & 0xF] << 48 | \
+ mp_gf2m_sqr_tb[(w) >> 20 & 0xF] << 40 | mp_gf2m_sqr_tb[(w) >> 16 & 0xF] << 32 | \
+ mp_gf2m_sqr_tb[(w) >> 12 & 0xF] << 24 | mp_gf2m_sqr_tb[(w) >> 8 & 0xF] << 16 | \
+ mp_gf2m_sqr_tb[(w) >> 4 & 0xF] << 8 | mp_gf2m_sqr_tb[(w)&0xF]
+#endif
+
+/* Multiply two binary polynomials mp_digits a, b.
+ * Result is a polynomial with degree < 2 * MP_DIGIT_BITS - 1.
+ * Output in two mp_digits rh, rl.
+ */
+void s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b);
+
+/* Compute xor-multiply of two binary polynomials (a1, a0) x (b1, b0)
+ * result is a binary polynomial in 4 mp_digits r[4].
+ * The caller MUST ensure that r has the right amount of space allocated.
+ */
+void s_bmul_2x2(mp_digit *r, const mp_digit a1, const mp_digit a0, const mp_digit b1,
+ const mp_digit b0);
+
+/* Compute xor-multiply of two binary polynomials (a2, a1, a0) x (b2, b1, b0)
+ * result is a binary polynomial in 6 mp_digits r[6].
+ * The caller MUST ensure that r has the right amount of space allocated.
+ */
+void s_bmul_3x3(mp_digit *r, const mp_digit a2, const mp_digit a1, const mp_digit a0,
+ const mp_digit b2, const mp_digit b1, const mp_digit b0);
+
+/* Compute xor-multiply of two binary polynomials (a3, a2, a1, a0) x (b3, b2, b1, b0)
+ * result is a binary polynomial in 8 mp_digits r[8].
+ * The caller MUST ensure that r has the right amount of space allocated.
+ */
+void s_bmul_4x4(mp_digit *r, const mp_digit a3, const mp_digit a2, const mp_digit a1,
+ const mp_digit a0, const mp_digit b3, const mp_digit b2, const mp_digit b1,
+ const mp_digit b0);
+
+#endif /* _MP_GF2M_PRIV_H_ */
diff --git a/security/nss/lib/freebl/mpi/mp_gf2m.c b/security/nss/lib/freebl/mpi/mp_gf2m.c
new file mode 100644
index 000000000..5a096adde
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mp_gf2m.c
@@ -0,0 +1,678 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mp_gf2m.h"
+#include "mp_gf2m-priv.h"
+#include "mplogic.h"
+#include "mpi-priv.h"
+
+const mp_digit mp_gf2m_sqr_tb[16] =
+ {
+ 0, 1, 4, 5, 16, 17, 20, 21,
+ 64, 65, 68, 69, 80, 81, 84, 85
+ };
+
+/* Multiply two binary polynomials mp_digits a, b.
+ * Result is a polynomial with degree < 2 * MP_DIGIT_BITS - 1.
+ * Output in two mp_digits rh, rl.
+ */
+#if MP_DIGIT_BITS == 32
+void
+s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b)
+{
+ register mp_digit h, l, s;
+ mp_digit tab[8], top2b = a >> 30;
+ register mp_digit a1, a2, a4;
+
+ a1 = a & (0x3FFFFFFF);
+ a2 = a1 << 1;
+ a4 = a2 << 1;
+
+ tab[0] = 0;
+ tab[1] = a1;
+ tab[2] = a2;
+ tab[3] = a1 ^ a2;
+ tab[4] = a4;
+ tab[5] = a1 ^ a4;
+ tab[6] = a2 ^ a4;
+ tab[7] = a1 ^ a2 ^ a4;
+
+ s = tab[b & 0x7];
+ l = s;
+ s = tab[b >> 3 & 0x7];
+ l ^= s << 3;
+ h = s >> 29;
+ s = tab[b >> 6 & 0x7];
+ l ^= s << 6;
+ h ^= s >> 26;
+ s = tab[b >> 9 & 0x7];
+ l ^= s << 9;
+ h ^= s >> 23;
+ s = tab[b >> 12 & 0x7];
+ l ^= s << 12;
+ h ^= s >> 20;
+ s = tab[b >> 15 & 0x7];
+ l ^= s << 15;
+ h ^= s >> 17;
+ s = tab[b >> 18 & 0x7];
+ l ^= s << 18;
+ h ^= s >> 14;
+ s = tab[b >> 21 & 0x7];
+ l ^= s << 21;
+ h ^= s >> 11;
+ s = tab[b >> 24 & 0x7];
+ l ^= s << 24;
+ h ^= s >> 8;
+ s = tab[b >> 27 & 0x7];
+ l ^= s << 27;
+ h ^= s >> 5;
+ s = tab[b >> 30];
+ l ^= s << 30;
+ h ^= s >> 2;
+
+ /* compensate for the top two bits of a */
+
+ if (top2b & 01) {
+ l ^= b << 30;
+ h ^= b >> 2;
+ }
+ if (top2b & 02) {
+ l ^= b << 31;
+ h ^= b >> 1;
+ }
+
+ *rh = h;
+ *rl = l;
+}
+#else
+void
+s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b)
+{
+ register mp_digit h, l, s;
+ mp_digit tab[16], top3b = a >> 61;
+ register mp_digit a1, a2, a4, a8;
+
+ a1 = a & (0x1FFFFFFFFFFFFFFFULL);
+ a2 = a1 << 1;
+ a4 = a2 << 1;
+ a8 = a4 << 1;
+ tab[0] = 0;
+ tab[1] = a1;
+ tab[2] = a2;
+ tab[3] = a1 ^ a2;
+ tab[4] = a4;
+ tab[5] = a1 ^ a4;
+ tab[6] = a2 ^ a4;
+ tab[7] = a1 ^ a2 ^ a4;
+ tab[8] = a8;
+ tab[9] = a1 ^ a8;
+ tab[10] = a2 ^ a8;
+ tab[11] = a1 ^ a2 ^ a8;
+ tab[12] = a4 ^ a8;
+ tab[13] = a1 ^ a4 ^ a8;
+ tab[14] = a2 ^ a4 ^ a8;
+ tab[15] = a1 ^ a2 ^ a4 ^ a8;
+
+ s = tab[b & 0xF];
+ l = s;
+ s = tab[b >> 4 & 0xF];
+ l ^= s << 4;
+ h = s >> 60;
+ s = tab[b >> 8 & 0xF];
+ l ^= s << 8;
+ h ^= s >> 56;
+ s = tab[b >> 12 & 0xF];
+ l ^= s << 12;
+ h ^= s >> 52;
+ s = tab[b >> 16 & 0xF];
+ l ^= s << 16;
+ h ^= s >> 48;
+ s = tab[b >> 20 & 0xF];
+ l ^= s << 20;
+ h ^= s >> 44;
+ s = tab[b >> 24 & 0xF];
+ l ^= s << 24;
+ h ^= s >> 40;
+ s = tab[b >> 28 & 0xF];
+ l ^= s << 28;
+ h ^= s >> 36;
+ s = tab[b >> 32 & 0xF];
+ l ^= s << 32;
+ h ^= s >> 32;
+ s = tab[b >> 36 & 0xF];
+ l ^= s << 36;
+ h ^= s >> 28;
+ s = tab[b >> 40 & 0xF];
+ l ^= s << 40;
+ h ^= s >> 24;
+ s = tab[b >> 44 & 0xF];
+ l ^= s << 44;
+ h ^= s >> 20;
+ s = tab[b >> 48 & 0xF];
+ l ^= s << 48;
+ h ^= s >> 16;
+ s = tab[b >> 52 & 0xF];
+ l ^= s << 52;
+ h ^= s >> 12;
+ s = tab[b >> 56 & 0xF];
+ l ^= s << 56;
+ h ^= s >> 8;
+ s = tab[b >> 60];
+ l ^= s << 60;
+ h ^= s >> 4;
+
+ /* compensate for the top three bits of a */
+
+ if (top3b & 01) {
+ l ^= b << 61;
+ h ^= b >> 3;
+ }
+ if (top3b & 02) {
+ l ^= b << 62;
+ h ^= b >> 2;
+ }
+ if (top3b & 04) {
+ l ^= b << 63;
+ h ^= b >> 1;
+ }
+
+ *rh = h;
+ *rl = l;
+}
+#endif
+
+/* Compute xor-multiply of two binary polynomials (a1, a0) x (b1, b0)
+ * result is a binary polynomial in 4 mp_digits r[4].
+ * The caller MUST ensure that r has the right amount of space allocated.
+ */
+void
+s_bmul_2x2(mp_digit *r, const mp_digit a1, const mp_digit a0, const mp_digit b1,
+ const mp_digit b0)
+{
+ mp_digit m1, m0;
+ /* r[3] = h1, r[2] = h0; r[1] = l1; r[0] = l0 */
+ s_bmul_1x1(r + 3, r + 2, a1, b1);
+ s_bmul_1x1(r + 1, r, a0, b0);
+ s_bmul_1x1(&m1, &m0, a0 ^ a1, b0 ^ b1);
+ /* Correction on m1 ^= l1 ^ h1; m0 ^= l0 ^ h0; */
+ r[2] ^= m1 ^ r[1] ^ r[3]; /* h0 ^= m1 ^ l1 ^ h1; */
+ r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */
+}
+
+/* Compute xor-multiply of two binary polynomials (a2, a1, a0) x (b2, b1, b0)
+ * result is a binary polynomial in 6 mp_digits r[6].
+ * The caller MUST ensure that r has the right amount of space allocated.
+ */
+void
+s_bmul_3x3(mp_digit *r, const mp_digit a2, const mp_digit a1, const mp_digit a0,
+ const mp_digit b2, const mp_digit b1, const mp_digit b0)
+{
+ mp_digit zm[4];
+
+ s_bmul_1x1(r + 5, r + 4, a2, b2); /* fill top 2 words */
+ s_bmul_2x2(zm, a1, a2 ^ a0, b1, b2 ^ b0); /* fill middle 4 words */
+ s_bmul_2x2(r, a1, a0, b1, b0); /* fill bottom 4 words */
+
+ zm[3] ^= r[3];
+ zm[2] ^= r[2];
+ zm[1] ^= r[1] ^ r[5];
+ zm[0] ^= r[0] ^ r[4];
+
+ r[5] ^= zm[3];
+ r[4] ^= zm[2];
+ r[3] ^= zm[1];
+ r[2] ^= zm[0];
+}
+
+/* Compute xor-multiply of two binary polynomials (a3, a2, a1, a0) x (b3, b2, b1, b0)
+ * result is a binary polynomial in 8 mp_digits r[8].
+ * The caller MUST ensure that r has the right amount of space allocated.
+ */
+void
+s_bmul_4x4(mp_digit *r, const mp_digit a3, const mp_digit a2, const mp_digit a1,
+ const mp_digit a0, const mp_digit b3, const mp_digit b2, const mp_digit b1,
+ const mp_digit b0)
+{
+ mp_digit zm[4];
+
+ s_bmul_2x2(r + 4, a3, a2, b3, b2); /* fill top 4 words */
+ s_bmul_2x2(zm, a3 ^ a1, a2 ^ a0, b3 ^ b1, b2 ^ b0); /* fill middle 4 words */
+ s_bmul_2x2(r, a1, a0, b1, b0); /* fill bottom 4 words */
+
+ zm[3] ^= r[3] ^ r[7];
+ zm[2] ^= r[2] ^ r[6];
+ zm[1] ^= r[1] ^ r[5];
+ zm[0] ^= r[0] ^ r[4];
+
+ r[5] ^= zm[3];
+ r[4] ^= zm[2];
+ r[3] ^= zm[1];
+ r[2] ^= zm[0];
+}
+
+/* Compute addition of two binary polynomials a and b,
+ * store result in c; c could be a or b, a and b could be equal;
+ * c is the bitwise XOR of a and b.
+ */
+mp_err
+mp_badd(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_digit *pa, *pb, *pc;
+ mp_size ix;
+ mp_size used_pa, used_pb;
+ mp_err res = MP_OKAY;
+
+ /* Add all digits up to the precision of b. If b had more
+ * precision than a initially, swap a, b first
+ */
+ if (MP_USED(a) >= MP_USED(b)) {
+ pa = MP_DIGITS(a);
+ pb = MP_DIGITS(b);
+ used_pa = MP_USED(a);
+ used_pb = MP_USED(b);
+ } else {
+ pa = MP_DIGITS(b);
+ pb = MP_DIGITS(a);
+ used_pa = MP_USED(b);
+ used_pb = MP_USED(a);
+ }
+
+ /* Make sure c has enough precision for the output value */
+ MP_CHECKOK(s_mp_pad(c, used_pa));
+
+ /* Do word-by-word xor */
+ pc = MP_DIGITS(c);
+ for (ix = 0; ix < used_pb; ix++) {
+ (*pc++) = (*pa++) ^ (*pb++);
+ }
+
+ /* Finish the rest of digits until we're actually done */
+ for (; ix < used_pa; ++ix) {
+ *pc++ = *pa++;
+ }
+
+ MP_USED(c) = used_pa;
+ MP_SIGN(c) = ZPOS;
+ s_mp_clamp(c);
+
+CLEANUP:
+ return res;
+}
+
+#define s_mp_div2(a) MP_CHECKOK(mpl_rsh((a), (a), 1));
+
+/* Compute binary polynomial multiply d = a * b */
+static void
+s_bmul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *d)
+{
+ mp_digit a_i, a0b0, a1b1, carry = 0;
+ while (a_len--) {
+ a_i = *a++;
+ s_bmul_1x1(&a1b1, &a0b0, a_i, b);
+ *d++ = a0b0 ^ carry;
+ carry = a1b1;
+ }
+ *d = carry;
+}
+
+/* Compute binary polynomial xor multiply accumulate d ^= a * b */
+static void
+s_bmul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *d)
+{
+ mp_digit a_i, a0b0, a1b1, carry = 0;
+ while (a_len--) {
+ a_i = *a++;
+ s_bmul_1x1(&a1b1, &a0b0, a_i, b);
+ *d++ ^= a0b0 ^ carry;
+ carry = a1b1;
+ }
+ *d ^= carry;
+}
+
+/* Compute binary polynomial xor multiply c = a * b.
+ * All parameters may be identical.
+ */
+mp_err
+mp_bmul(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_digit *pb, b_i;
+ mp_int tmp;
+ mp_size ib, a_used, b_used;
+ mp_err res = MP_OKAY;
+
+ MP_DIGITS(&tmp) = 0;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (a == c) {
+ MP_CHECKOK(mp_init_copy(&tmp, a));
+ if (a == b)
+ b = &tmp;
+ a = &tmp;
+ } else if (b == c) {
+ MP_CHECKOK(mp_init_copy(&tmp, b));
+ b = &tmp;
+ }
+
+ if (MP_USED(a) < MP_USED(b)) {
+ const mp_int *xch = b; /* switch a and b if b longer */
+ b = a;
+ a = xch;
+ }
+
+ MP_USED(c) = 1;
+ MP_DIGIT(c, 0) = 0;
+ MP_CHECKOK(s_mp_pad(c, USED(a) + USED(b)));
+
+ pb = MP_DIGITS(b);
+ s_bmul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c));
+
+ /* Outer loop: Digits of b */
+ a_used = MP_USED(a);
+ b_used = MP_USED(b);
+ MP_USED(c) = a_used + b_used;
+ for (ib = 1; ib < b_used; ib++) {
+ b_i = *pb++;
+
+ /* Inner product: Digits of a */
+ if (b_i)
+ s_bmul_d_add(MP_DIGITS(a), a_used, b_i, MP_DIGITS(c) + ib);
+ else
+ MP_DIGIT(c, ib + a_used) = b_i;
+ }
+
+ s_mp_clamp(c);
+
+ SIGN(c) = ZPOS;
+
+CLEANUP:
+ mp_clear(&tmp);
+ return res;
+}
+
+/* Compute modular reduction of a and store result in r.
+ * r could be a.
+ * For modular arithmetic, the irreducible polynomial f(t) is represented
+ * as an array of int[], where f(t) is of the form:
+ * f(t) = t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+mp_err
+mp_bmod(const mp_int *a, const unsigned int p[], mp_int *r)
+{
+ int j, k;
+ int n, dN, d0, d1;
+ mp_digit zz, *z, tmp;
+ mp_size used;
+ mp_err res = MP_OKAY;
+
+ /* The algorithm does the reduction in place in r,
+ * if a != r, copy a into r first so reduction can be done in r
+ */
+ if (a != r) {
+ MP_CHECKOK(mp_copy(a, r));
+ }
+ z = MP_DIGITS(r);
+
+ /* start reduction */
+ /*dN = p[0] / MP_DIGIT_BITS; */
+ dN = p[0] >> MP_DIGIT_BITS_LOG_2;
+ used = MP_USED(r);
+
+ for (j = used - 1; j > dN;) {
+
+ zz = z[j];
+ if (zz == 0) {
+ j--;
+ continue;
+ }
+ z[j] = 0;
+
+ for (k = 1; p[k] > 0; k++) {
+ /* reducing component t^p[k] */
+ n = p[0] - p[k];
+ /*d0 = n % MP_DIGIT_BITS; */
+ d0 = n & MP_DIGIT_BITS_MASK;
+ d1 = MP_DIGIT_BITS - d0;
+ /*n /= MP_DIGIT_BITS; */
+ n >>= MP_DIGIT_BITS_LOG_2;
+ z[j - n] ^= (zz >> d0);
+ if (d0)
+ z[j - n - 1] ^= (zz << d1);
+ }
+
+ /* reducing component t^0 */
+ n = dN;
+ /*d0 = p[0] % MP_DIGIT_BITS;*/
+ d0 = p[0] & MP_DIGIT_BITS_MASK;
+ d1 = MP_DIGIT_BITS - d0;
+ z[j - n] ^= (zz >> d0);
+ if (d0)
+ z[j - n - 1] ^= (zz << d1);
+ }
+
+ /* final round of reduction */
+ while (j == dN) {
+
+ /* d0 = p[0] % MP_DIGIT_BITS; */
+ d0 = p[0] & MP_DIGIT_BITS_MASK;
+ zz = z[dN] >> d0;
+ if (zz == 0)
+ break;
+ d1 = MP_DIGIT_BITS - d0;
+
+ /* clear up the top d1 bits */
+ if (d0) {
+ z[dN] = (z[dN] << d1) >> d1;
+ } else {
+ z[dN] = 0;
+ }
+ *z ^= zz; /* reduction t^0 component */
+
+ for (k = 1; p[k] > 0; k++) {
+ /* reducing component t^p[k]*/
+ /* n = p[k] / MP_DIGIT_BITS; */
+ n = p[k] >> MP_DIGIT_BITS_LOG_2;
+ /* d0 = p[k] % MP_DIGIT_BITS; */
+ d0 = p[k] & MP_DIGIT_BITS_MASK;
+ d1 = MP_DIGIT_BITS - d0;
+ z[n] ^= (zz << d0);
+ tmp = zz >> d1;
+ if (d0 && tmp)
+ z[n + 1] ^= tmp;
+ }
+ }
+
+ s_mp_clamp(r);
+CLEANUP:
+ return res;
+}
+
+/* Compute the product of two polynomials a and b, reduce modulo p,
+ * Store the result in r. r could be a or b; a could be b.
+ */
+mp_err
+mp_bmulmod(const mp_int *a, const mp_int *b, const unsigned int p[], mp_int *r)
+{
+ mp_err res;
+
+ if (a == b)
+ return mp_bsqrmod(a, p, r);
+ if ((res = mp_bmul(a, b, r)) != MP_OKAY)
+ return res;
+ return mp_bmod(r, p, r);
+}
+
+/* Compute binary polynomial squaring c = a*a mod p .
+ * Parameter r and a can be identical.
+ */
+
+mp_err
+mp_bsqrmod(const mp_int *a, const unsigned int p[], mp_int *r)
+{
+ mp_digit *pa, *pr, a_i;
+ mp_int tmp;
+ mp_size ia, a_used;
+ mp_err res;
+
+ ARGCHK(a != NULL && r != NULL, MP_BADARG);
+ MP_DIGITS(&tmp) = 0;
+
+ if (a == r) {
+ MP_CHECKOK(mp_init_copy(&tmp, a));
+ a = &tmp;
+ }
+
+ MP_USED(r) = 1;
+ MP_DIGIT(r, 0) = 0;
+ MP_CHECKOK(s_mp_pad(r, 2 * USED(a)));
+
+ pa = MP_DIGITS(a);
+ pr = MP_DIGITS(r);
+ a_used = MP_USED(a);
+ MP_USED(r) = 2 * a_used;
+
+ for (ia = 0; ia < a_used; ia++) {
+ a_i = *pa++;
+ *pr++ = gf2m_SQR0(a_i);
+ *pr++ = gf2m_SQR1(a_i);
+ }
+
+ MP_CHECKOK(mp_bmod(r, p, r));
+ s_mp_clamp(r);
+ SIGN(r) = ZPOS;
+
+CLEANUP:
+ mp_clear(&tmp);
+ return res;
+}
+
+/* Compute binary polynomial y/x mod p, y divided by x, reduce modulo p.
+ * Store the result in r. r could be x or y, and x could equal y.
+ * Uses algorithm Modular_Division_GF(2^m) from
+ * Chang-Shantz, S. "From Euclid's GCD to Montgomery Multiplication to
+ * the Great Divide".
+ */
+int
+mp_bdivmod(const mp_int *y, const mp_int *x, const mp_int *pp,
+ const unsigned int p[], mp_int *r)
+{
+ mp_int aa, bb, uu;
+ mp_int *a, *b, *u, *v;
+ mp_err res = MP_OKAY;
+
+ MP_DIGITS(&aa) = 0;
+ MP_DIGITS(&bb) = 0;
+ MP_DIGITS(&uu) = 0;
+
+ MP_CHECKOK(mp_init_copy(&aa, x));
+ MP_CHECKOK(mp_init_copy(&uu, y));
+ MP_CHECKOK(mp_init_copy(&bb, pp));
+ MP_CHECKOK(s_mp_pad(r, USED(pp)));
+ MP_USED(r) = 1;
+ MP_DIGIT(r, 0) = 0;
+
+ a = &aa;
+ b = &bb;
+ u = &uu;
+ v = r;
+ /* reduce x and y mod p */
+ MP_CHECKOK(mp_bmod(a, p, a));
+ MP_CHECKOK(mp_bmod(u, p, u));
+
+ while (!mp_isodd(a)) {
+ s_mp_div2(a);
+ if (mp_isodd(u)) {
+ MP_CHECKOK(mp_badd(u, pp, u));
+ }
+ s_mp_div2(u);
+ }
+
+ do {
+ if (mp_cmp_mag(b, a) > 0) {
+ MP_CHECKOK(mp_badd(b, a, b));
+ MP_CHECKOK(mp_badd(v, u, v));
+ do {
+ s_mp_div2(b);
+ if (mp_isodd(v)) {
+ MP_CHECKOK(mp_badd(v, pp, v));
+ }
+ s_mp_div2(v);
+ } while (!mp_isodd(b));
+ } else if ((MP_DIGIT(a, 0) == 1) && (MP_USED(a) == 1))
+ break;
+ else {
+ MP_CHECKOK(mp_badd(a, b, a));
+ MP_CHECKOK(mp_badd(u, v, u));
+ do {
+ s_mp_div2(a);
+ if (mp_isodd(u)) {
+ MP_CHECKOK(mp_badd(u, pp, u));
+ }
+ s_mp_div2(u);
+ } while (!mp_isodd(a));
+ }
+ } while (1);
+
+ MP_CHECKOK(mp_copy(u, r));
+
+CLEANUP:
+ mp_clear(&aa);
+ mp_clear(&bb);
+ mp_clear(&uu);
+ return res;
+}
+
+/* Convert the bit-string representation of a polynomial a into an array
+ * of integers corresponding to the bits with non-zero coefficient.
+ * Up to max elements of the array will be filled. Return value is total
+ * number of coefficients that would be extracted if array was large enough.
+ */
+int
+mp_bpoly2arr(const mp_int *a, unsigned int p[], int max)
+{
+ int i, j, k;
+ mp_digit top_bit, mask;
+
+ top_bit = 1;
+ top_bit <<= MP_DIGIT_BIT - 1;
+
+ for (k = 0; k < max; k++)
+ p[k] = 0;
+ k = 0;
+
+ for (i = MP_USED(a) - 1; i >= 0; i--) {
+ mask = top_bit;
+ for (j = MP_DIGIT_BIT - 1; j >= 0; j--) {
+ if (MP_DIGITS(a)[i] & mask) {
+ if (k < max)
+ p[k] = MP_DIGIT_BIT * i + j;
+ k++;
+ }
+ mask >>= 1;
+ }
+ }
+
+ return k;
+}
+
+/* Convert the coefficient array representation of a polynomial to a
+ * bit-string. The array must be terminated by 0.
+ */
+mp_err
+mp_barr2poly(const unsigned int p[], mp_int *a)
+{
+
+ mp_err res = MP_OKAY;
+ int i;
+
+ mp_zero(a);
+ for (i = 0; p[i] > 0; i++) {
+ MP_CHECKOK(mpl_set_bit(a, p[i], 1));
+ }
+ MP_CHECKOK(mpl_set_bit(a, 0, 1));
+
+CLEANUP:
+ return res;
+}
diff --git a/security/nss/lib/freebl/mpi/mp_gf2m.h b/security/nss/lib/freebl/mpi/mp_gf2m.h
new file mode 100644
index 000000000..ed2c85493
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mp_gf2m.h
@@ -0,0 +1,28 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _MP_GF2M_H_
+#define _MP_GF2M_H_
+
+#include "mpi.h"
+
+mp_err mp_badd(const mp_int *a, const mp_int *b, mp_int *c);
+mp_err mp_bmul(const mp_int *a, const mp_int *b, mp_int *c);
+
+/* For modular arithmetic, the irreducible polynomial f(t) is represented
+ * as an array of int[], where f(t) is of the form:
+ * f(t) = t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+mp_err mp_bmod(const mp_int *a, const unsigned int p[], mp_int *r);
+mp_err mp_bmulmod(const mp_int *a, const mp_int *b, const unsigned int p[],
+ mp_int *r);
+mp_err mp_bsqrmod(const mp_int *a, const unsigned int p[], mp_int *r);
+mp_err mp_bdivmod(const mp_int *y, const mp_int *x, const mp_int *pp,
+ const unsigned int p[], mp_int *r);
+
+int mp_bpoly2arr(const mp_int *a, unsigned int p[], int max);
+mp_err mp_barr2poly(const unsigned int p[], mp_int *a);
+
+#endif /* _MP_GF2M_H_ */
diff --git a/security/nss/lib/freebl/mpi/mpcpucache.c b/security/nss/lib/freebl/mpi/mpcpucache.c
new file mode 100644
index 000000000..6fed35239
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpcpucache.c
@@ -0,0 +1,808 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+#include "prtypes.h"
+
+/*
+ * This file implements a single function: s_mpi_getProcessorLineSize();
+ * s_mpi_getProcessorLineSize() returns the size in bytes of the cache line
+ * if a cache exists, or zero if there is no cache. If more than one
+ * cache line exists, it should return the smallest line size (which is
+ * usually the L1 cache).
+ *
+ * mp_modexp uses this information to make sure that private key information
+ * isn't being leaked through the cache.
+ *
+ * Currently the file returns good data for most modern x86 processors, and
+ * reasonable data on 64-bit ppc processors. All other processors are assumed
+ * to have a cache line size of 32 bytes unless modified by target.mk.
+ *
+ */
+
+#if defined(i386) || defined(__i386) || defined(__X86__) || defined(_M_IX86) || defined(__x86_64__) || defined(__x86_64) || defined(_M_AMD64)
+/* X86 processors have special instructions that tell us about the cache */
+#include "string.h"
+
+#if defined(__x86_64__) || defined(__x86_64) || defined(_M_AMD64)
+#define AMD_64 1
+#endif
+
+/* Generic CPUID function */
+#if defined(AMD_64)
+
+#if defined(__GNUC__)
+
+void
+freebl_cpuid(unsigned long op, unsigned long *eax,
+ unsigned long *ebx, unsigned long *ecx,
+ unsigned long *edx)
+{
+ __asm__("cpuid\n\t"
+ : "=a"(*eax),
+ "=b"(*ebx),
+ "=c"(*ecx),
+ "=d"(*edx)
+ : "0"(op));
+}
+
+#elif defined(_MSC_VER)
+
+#include <intrin.h>
+
+void
+freebl_cpuid(unsigned long op, unsigned long *eax,
+ unsigned long *ebx, unsigned long *ecx,
+ unsigned long *edx)
+{
+ int intrinsic_out[4];
+
+ __cpuid(intrinsic_out, op);
+ *eax = intrinsic_out[0];
+ *ebx = intrinsic_out[1];
+ *ecx = intrinsic_out[2];
+ *edx = intrinsic_out[3];
+}
+
+#endif
+
+#else /* !defined(AMD_64) */
+
+/* x86 */
+
+#if defined(__GNUC__)
+void
+freebl_cpuid(unsigned long op, unsigned long *eax,
+ unsigned long *ebx, unsigned long *ecx,
+ unsigned long *edx)
+{
+ /* Some older processors don't fill the ecx register with cpuid, so clobber it
+ * before calling cpuid, so that there's no risk of picking random bits that
+ * erroneously indicate that absent CPU features are present.
+ * Also, GCC isn't smart enough to save the ebx PIC register on its own
+ * in this case, so do it by hand. Use edi to store ebx and pass the
+ * value returned in ebx from cpuid through edi. */
+ __asm__("xor %%ecx, %%ecx\n\t"
+ "mov %%ebx,%%edi\n\t"
+ "cpuid\n\t"
+ "xchgl %%ebx,%%edi\n\t"
+ : "=a"(*eax),
+ "=D"(*ebx),
+ "=c"(*ecx),
+ "=d"(*edx)
+ : "0"(op));
+}
+
+/*
+ * try flipping a processor flag to determine CPU type
+ */
+static unsigned long
+changeFlag(unsigned long flag)
+{
+ unsigned long changedFlags, originalFlags;
+ __asm__("pushfl\n\t" /* get the flags */
+ "popl %0\n\t"
+ "movl %0,%1\n\t" /* save the original flags */
+ "xorl %2,%0\n\t" /* flip the bit */
+ "pushl %0\n\t" /* set the flags */
+ "popfl\n\t"
+ "pushfl\n\t" /* get the flags again (for return) */
+ "popl %0\n\t"
+ "pushl %1\n\t" /* restore the original flags */
+ "popfl\n\t"
+ : "=r"(changedFlags),
+ "=r"(originalFlags),
+ "=r"(flag)
+ : "2"(flag));
+ return changedFlags ^ originalFlags;
+}
+
+#elif defined(_MSC_VER)
+
+/*
+ * windows versions of the above assembler
+ */
+#define wcpuid __asm __emit 0fh __asm __emit 0a2h
+void
+freebl_cpuid(unsigned long op, unsigned long *Reax,
+ unsigned long *Rebx, unsigned long *Recx, unsigned long *Redx)
+{
+ unsigned long Leax, Lebx, Lecx, Ledx;
+ __asm {
+ pushad
+ xor ecx,ecx
+ mov eax,op
+ wcpuid
+ mov Leax,eax
+ mov Lebx,ebx
+ mov Lecx,ecx
+ mov Ledx,edx
+ popad
+ }
+ *Reax = Leax;
+ *Rebx = Lebx;
+ *Recx = Lecx;
+ *Redx = Ledx;
+}
+
+static unsigned long
+changeFlag(unsigned long flag)
+{
+ unsigned long changedFlags, originalFlags;
+ __asm {
+ push eax
+ push ebx
+ pushfd /* get the flags */
+ pop eax
+ push eax /* save the flags on the stack */
+ mov originalFlags,eax /* save the original flags */
+ mov ebx,flag
+ xor eax,ebx /* flip the bit */
+ push eax /* set the flags */
+ popfd
+ pushfd /* get the flags again (for return) */
+ pop eax
+ popfd /* restore the original flags */
+ mov changedFlags,eax
+ pop ebx
+ pop eax
+ }
+ return changedFlags ^ originalFlags;
+}
+#endif
+
+#endif
+
+#if !defined(AMD_64)
+#define AC_FLAG 0x40000
+#define ID_FLAG 0x200000
+
+/* 386 processors can't flip the AC_FLAG, intel AP Note AP-485 */
+static int
+is386()
+{
+ return changeFlag(AC_FLAG) == 0;
+}
+
+/* 486 processors can't flip the ID_FLAG, intel AP Note AP-485 */
+static int
+is486()
+{
+ return changeFlag(ID_FLAG) == 0;
+}
+#endif
+
+/*
+ * table for Intel Cache.
+ * See Intel Application Note AP-485 for more information
+ */
+
+typedef unsigned char CacheTypeEntry;
+
+typedef enum {
+ Cache_NONE = 0,
+ Cache_UNKNOWN = 1,
+ Cache_TLB = 2,
+ Cache_TLBi = 3,
+ Cache_TLBd = 4,
+ Cache_Trace = 5,
+ Cache_L1 = 6,
+ Cache_L1i = 7,
+ Cache_L1d = 8,
+ Cache_L2 = 9,
+ Cache_L2i = 10,
+ Cache_L2d = 11,
+ Cache_L3 = 12,
+ Cache_L3i = 13,
+ Cache_L3d = 14
+} CacheType;
+
+struct _cache {
+ CacheTypeEntry type;
+ unsigned char lineSize;
+};
+static const struct _cache CacheMap[256] = {
+ /* 00 */ { Cache_NONE, 0 },
+ /* 01 */ { Cache_TLBi, 0 },
+ /* 02 */ { Cache_TLBi, 0 },
+ /* 03 */ { Cache_TLBd, 0 },
+ /* 04 */ {
+ Cache_TLBd,
+ },
+ /* 05 */ { Cache_UNKNOWN, 0 },
+ /* 06 */ { Cache_L1i, 32 },
+ /* 07 */ { Cache_UNKNOWN, 0 },
+ /* 08 */ { Cache_L1i, 32 },
+ /* 09 */ { Cache_UNKNOWN, 0 },
+ /* 0a */ { Cache_L1d, 32 },
+ /* 0b */ { Cache_UNKNOWN, 0 },
+ /* 0c */ { Cache_L1d, 32 },
+ /* 0d */ { Cache_UNKNOWN, 0 },
+ /* 0e */ { Cache_UNKNOWN, 0 },
+ /* 0f */ { Cache_UNKNOWN, 0 },
+ /* 10 */ { Cache_UNKNOWN, 0 },
+ /* 11 */ { Cache_UNKNOWN, 0 },
+ /* 12 */ { Cache_UNKNOWN, 0 },
+ /* 13 */ { Cache_UNKNOWN, 0 },
+ /* 14 */ { Cache_UNKNOWN, 0 },
+ /* 15 */ { Cache_UNKNOWN, 0 },
+ /* 16 */ { Cache_UNKNOWN, 0 },
+ /* 17 */ { Cache_UNKNOWN, 0 },
+ /* 18 */ { Cache_UNKNOWN, 0 },
+ /* 19 */ { Cache_UNKNOWN, 0 },
+ /* 1a */ { Cache_UNKNOWN, 0 },
+ /* 1b */ { Cache_UNKNOWN, 0 },
+ /* 1c */ { Cache_UNKNOWN, 0 },
+ /* 1d */ { Cache_UNKNOWN, 0 },
+ /* 1e */ { Cache_UNKNOWN, 0 },
+ /* 1f */ { Cache_UNKNOWN, 0 },
+ /* 20 */ { Cache_UNKNOWN, 0 },
+ /* 21 */ { Cache_UNKNOWN, 0 },
+ /* 22 */ { Cache_L3, 64 },
+ /* 23 */ { Cache_L3, 64 },
+ /* 24 */ { Cache_UNKNOWN, 0 },
+ /* 25 */ { Cache_L3, 64 },
+ /* 26 */ { Cache_UNKNOWN, 0 },
+ /* 27 */ { Cache_UNKNOWN, 0 },
+ /* 28 */ { Cache_UNKNOWN, 0 },
+ /* 29 */ { Cache_L3, 64 },
+ /* 2a */ { Cache_UNKNOWN, 0 },
+ /* 2b */ { Cache_UNKNOWN, 0 },
+ /* 2c */ { Cache_L1d, 64 },
+ /* 2d */ { Cache_UNKNOWN, 0 },
+ /* 2e */ { Cache_UNKNOWN, 0 },
+ /* 2f */ { Cache_UNKNOWN, 0 },
+ /* 30 */ { Cache_L1i, 64 },
+ /* 31 */ { Cache_UNKNOWN, 0 },
+ /* 32 */ { Cache_UNKNOWN, 0 },
+ /* 33 */ { Cache_UNKNOWN, 0 },
+ /* 34 */ { Cache_UNKNOWN, 0 },
+ /* 35 */ { Cache_UNKNOWN, 0 },
+ /* 36 */ { Cache_UNKNOWN, 0 },
+ /* 37 */ { Cache_UNKNOWN, 0 },
+ /* 38 */ { Cache_UNKNOWN, 0 },
+ /* 39 */ { Cache_L2, 64 },
+ /* 3a */ { Cache_UNKNOWN, 0 },
+ /* 3b */ { Cache_L2, 64 },
+ /* 3c */ { Cache_L2, 64 },
+ /* 3d */ { Cache_UNKNOWN, 0 },
+ /* 3e */ { Cache_UNKNOWN, 0 },
+ /* 3f */ { Cache_UNKNOWN, 0 },
+ /* 40 */ { Cache_L2, 0 },
+ /* 41 */ { Cache_L2, 32 },
+ /* 42 */ { Cache_L2, 32 },
+ /* 43 */ { Cache_L2, 32 },
+ /* 44 */ { Cache_L2, 32 },
+ /* 45 */ { Cache_L2, 32 },
+ /* 46 */ { Cache_UNKNOWN, 0 },
+ /* 47 */ { Cache_UNKNOWN, 0 },
+ /* 48 */ { Cache_UNKNOWN, 0 },
+ /* 49 */ { Cache_UNKNOWN, 0 },
+ /* 4a */ { Cache_UNKNOWN, 0 },
+ /* 4b */ { Cache_UNKNOWN, 0 },
+ /* 4c */ { Cache_UNKNOWN, 0 },
+ /* 4d */ { Cache_UNKNOWN, 0 },
+ /* 4e */ { Cache_UNKNOWN, 0 },
+ /* 4f */ { Cache_UNKNOWN, 0 },
+ /* 50 */ { Cache_TLBi, 0 },
+ /* 51 */ { Cache_TLBi, 0 },
+ /* 52 */ { Cache_TLBi, 0 },
+ /* 53 */ { Cache_UNKNOWN, 0 },
+ /* 54 */ { Cache_UNKNOWN, 0 },
+ /* 55 */ { Cache_UNKNOWN, 0 },
+ /* 56 */ { Cache_UNKNOWN, 0 },
+ /* 57 */ { Cache_UNKNOWN, 0 },
+ /* 58 */ { Cache_UNKNOWN, 0 },
+ /* 59 */ { Cache_UNKNOWN, 0 },
+ /* 5a */ { Cache_UNKNOWN, 0 },
+ /* 5b */ { Cache_TLBd, 0 },
+ /* 5c */ { Cache_TLBd, 0 },
+ /* 5d */ { Cache_TLBd, 0 },
+ /* 5e */ { Cache_UNKNOWN, 0 },
+ /* 5f */ { Cache_UNKNOWN, 0 },
+ /* 60 */ { Cache_UNKNOWN, 0 },
+ /* 61 */ { Cache_UNKNOWN, 0 },
+ /* 62 */ { Cache_UNKNOWN, 0 },
+ /* 63 */ { Cache_UNKNOWN, 0 },
+ /* 64 */ { Cache_UNKNOWN, 0 },
+ /* 65 */ { Cache_UNKNOWN, 0 },
+ /* 66 */ { Cache_L1d, 64 },
+ /* 67 */ { Cache_L1d, 64 },
+ /* 68 */ { Cache_L1d, 64 },
+ /* 69 */ { Cache_UNKNOWN, 0 },
+ /* 6a */ { Cache_UNKNOWN, 0 },
+ /* 6b */ { Cache_UNKNOWN, 0 },
+ /* 6c */ { Cache_UNKNOWN, 0 },
+ /* 6d */ { Cache_UNKNOWN, 0 },
+ /* 6e */ { Cache_UNKNOWN, 0 },
+ /* 6f */ { Cache_UNKNOWN, 0 },
+ /* 70 */ { Cache_Trace, 1 },
+ /* 71 */ { Cache_Trace, 1 },
+ /* 72 */ { Cache_Trace, 1 },
+ /* 73 */ { Cache_UNKNOWN, 0 },
+ /* 74 */ { Cache_UNKNOWN, 0 },
+ /* 75 */ { Cache_UNKNOWN, 0 },
+ /* 76 */ { Cache_UNKNOWN, 0 },
+ /* 77 */ { Cache_UNKNOWN, 0 },
+ /* 78 */ { Cache_UNKNOWN, 0 },
+ /* 79 */ { Cache_L2, 64 },
+ /* 7a */ { Cache_L2, 64 },
+ /* 7b */ { Cache_L2, 64 },
+ /* 7c */ { Cache_L2, 64 },
+ /* 7d */ { Cache_UNKNOWN, 0 },
+ /* 7e */ { Cache_UNKNOWN, 0 },
+ /* 7f */ { Cache_UNKNOWN, 0 },
+ /* 80 */ { Cache_UNKNOWN, 0 },
+ /* 81 */ { Cache_UNKNOWN, 0 },
+ /* 82 */ { Cache_L2, 32 },
+ /* 83 */ { Cache_L2, 32 },
+ /* 84 */ { Cache_L2, 32 },
+ /* 85 */ { Cache_L2, 32 },
+ /* 86 */ { Cache_L2, 64 },
+ /* 87 */ { Cache_L2, 64 },
+ /* 88 */ { Cache_UNKNOWN, 0 },
+ /* 89 */ { Cache_UNKNOWN, 0 },
+ /* 8a */ { Cache_UNKNOWN, 0 },
+ /* 8b */ { Cache_UNKNOWN, 0 },
+ /* 8c */ { Cache_UNKNOWN, 0 },
+ /* 8d */ { Cache_UNKNOWN, 0 },
+ /* 8e */ { Cache_UNKNOWN, 0 },
+ /* 8f */ { Cache_UNKNOWN, 0 },
+ /* 90 */ { Cache_UNKNOWN, 0 },
+ /* 91 */ { Cache_UNKNOWN, 0 },
+ /* 92 */ { Cache_UNKNOWN, 0 },
+ /* 93 */ { Cache_UNKNOWN, 0 },
+ /* 94 */ { Cache_UNKNOWN, 0 },
+ /* 95 */ { Cache_UNKNOWN, 0 },
+ /* 96 */ { Cache_UNKNOWN, 0 },
+ /* 97 */ { Cache_UNKNOWN, 0 },
+ /* 98 */ { Cache_UNKNOWN, 0 },
+ /* 99 */ { Cache_UNKNOWN, 0 },
+ /* 9a */ { Cache_UNKNOWN, 0 },
+ /* 9b */ { Cache_UNKNOWN, 0 },
+ /* 9c */ { Cache_UNKNOWN, 0 },
+ /* 9d */ { Cache_UNKNOWN, 0 },
+ /* 9e */ { Cache_UNKNOWN, 0 },
+ /* 9f */ { Cache_UNKNOWN, 0 },
+ /* a0 */ { Cache_UNKNOWN, 0 },
+ /* a1 */ { Cache_UNKNOWN, 0 },
+ /* a2 */ { Cache_UNKNOWN, 0 },
+ /* a3 */ { Cache_UNKNOWN, 0 },
+ /* a4 */ { Cache_UNKNOWN, 0 },
+ /* a5 */ { Cache_UNKNOWN, 0 },
+ /* a6 */ { Cache_UNKNOWN, 0 },
+ /* a7 */ { Cache_UNKNOWN, 0 },
+ /* a8 */ { Cache_UNKNOWN, 0 },
+ /* a9 */ { Cache_UNKNOWN, 0 },
+ /* aa */ { Cache_UNKNOWN, 0 },
+ /* ab */ { Cache_UNKNOWN, 0 },
+ /* ac */ { Cache_UNKNOWN, 0 },
+ /* ad */ { Cache_UNKNOWN, 0 },
+ /* ae */ { Cache_UNKNOWN, 0 },
+ /* af */ { Cache_UNKNOWN, 0 },
+ /* b0 */ { Cache_TLBi, 0 },
+ /* b1 */ { Cache_UNKNOWN, 0 },
+ /* b2 */ { Cache_UNKNOWN, 0 },
+ /* b3 */ { Cache_TLBd, 0 },
+ /* b4 */ { Cache_UNKNOWN, 0 },
+ /* b5 */ { Cache_UNKNOWN, 0 },
+ /* b6 */ { Cache_UNKNOWN, 0 },
+ /* b7 */ { Cache_UNKNOWN, 0 },
+ /* b8 */ { Cache_UNKNOWN, 0 },
+ /* b9 */ { Cache_UNKNOWN, 0 },
+ /* ba */ { Cache_UNKNOWN, 0 },
+ /* bb */ { Cache_UNKNOWN, 0 },
+ /* bc */ { Cache_UNKNOWN, 0 },
+ /* bd */ { Cache_UNKNOWN, 0 },
+ /* be */ { Cache_UNKNOWN, 0 },
+ /* bf */ { Cache_UNKNOWN, 0 },
+ /* c0 */ { Cache_UNKNOWN, 0 },
+ /* c1 */ { Cache_UNKNOWN, 0 },
+ /* c2 */ { Cache_UNKNOWN, 0 },
+ /* c3 */ { Cache_UNKNOWN, 0 },
+ /* c4 */ { Cache_UNKNOWN, 0 },
+ /* c5 */ { Cache_UNKNOWN, 0 },
+ /* c6 */ { Cache_UNKNOWN, 0 },
+ /* c7 */ { Cache_UNKNOWN, 0 },
+ /* c8 */ { Cache_UNKNOWN, 0 },
+ /* c9 */ { Cache_UNKNOWN, 0 },
+ /* ca */ { Cache_UNKNOWN, 0 },
+ /* cb */ { Cache_UNKNOWN, 0 },
+ /* cc */ { Cache_UNKNOWN, 0 },
+ /* cd */ { Cache_UNKNOWN, 0 },
+ /* ce */ { Cache_UNKNOWN, 0 },
+ /* cf */ { Cache_UNKNOWN, 0 },
+ /* d0 */ { Cache_UNKNOWN, 0 },
+ /* d1 */ { Cache_UNKNOWN, 0 },
+ /* d2 */ { Cache_UNKNOWN, 0 },
+ /* d3 */ { Cache_UNKNOWN, 0 },
+ /* d4 */ { Cache_UNKNOWN, 0 },
+ /* d5 */ { Cache_UNKNOWN, 0 },
+ /* d6 */ { Cache_UNKNOWN, 0 },
+ /* d7 */ { Cache_UNKNOWN, 0 },
+ /* d8 */ { Cache_UNKNOWN, 0 },
+ /* d9 */ { Cache_UNKNOWN, 0 },
+ /* da */ { Cache_UNKNOWN, 0 },
+ /* db */ { Cache_UNKNOWN, 0 },
+ /* dc */ { Cache_UNKNOWN, 0 },
+ /* dd */ { Cache_UNKNOWN, 0 },
+ /* de */ { Cache_UNKNOWN, 0 },
+ /* df */ { Cache_UNKNOWN, 0 },
+ /* e0 */ { Cache_UNKNOWN, 0 },
+ /* e1 */ { Cache_UNKNOWN, 0 },
+ /* e2 */ { Cache_UNKNOWN, 0 },
+ /* e3 */ { Cache_UNKNOWN, 0 },
+ /* e4 */ { Cache_UNKNOWN, 0 },
+ /* e5 */ { Cache_UNKNOWN, 0 },
+ /* e6 */ { Cache_UNKNOWN, 0 },
+ /* e7 */ { Cache_UNKNOWN, 0 },
+ /* e8 */ { Cache_UNKNOWN, 0 },
+ /* e9 */ { Cache_UNKNOWN, 0 },
+ /* ea */ { Cache_UNKNOWN, 0 },
+ /* eb */ { Cache_UNKNOWN, 0 },
+ /* ec */ { Cache_UNKNOWN, 0 },
+ /* ed */ { Cache_UNKNOWN, 0 },
+ /* ee */ { Cache_UNKNOWN, 0 },
+ /* ef */ { Cache_UNKNOWN, 0 },
+ /* f0 */ { Cache_UNKNOWN, 0 },
+ /* f1 */ { Cache_UNKNOWN, 0 },
+ /* f2 */ { Cache_UNKNOWN, 0 },
+ /* f3 */ { Cache_UNKNOWN, 0 },
+ /* f4 */ { Cache_UNKNOWN, 0 },
+ /* f5 */ { Cache_UNKNOWN, 0 },
+ /* f6 */ { Cache_UNKNOWN, 0 },
+ /* f7 */ { Cache_UNKNOWN, 0 },
+ /* f8 */ { Cache_UNKNOWN, 0 },
+ /* f9 */ { Cache_UNKNOWN, 0 },
+ /* fa */ { Cache_UNKNOWN, 0 },
+ /* fb */ { Cache_UNKNOWN, 0 },
+ /* fc */ { Cache_UNKNOWN, 0 },
+ /* fd */ { Cache_UNKNOWN, 0 },
+ /* fe */ { Cache_UNKNOWN, 0 },
+ /* ff */ { Cache_UNKNOWN, 0 }
+};
+
+/*
+ * use the above table to determine the CacheEntryLineSize.
+ */
+static void
+getIntelCacheEntryLineSize(unsigned long val, int *level,
+ unsigned long *lineSize)
+{
+ CacheType type;
+
+ type = CacheMap[val].type;
+ /* only interested in data caches */
+ /* NOTE val = 0x40 is a special value that means no L2 or L3 cache.
+ * this data check has the side effect of rejecting that entry. If
+ * that wasn't the case, we could have to reject it explicitly */
+ if (CacheMap[val].lineSize == 0) {
+ return;
+ }
+ /* look at the caches, skip types we aren't interested in.
+ * if we already have a value for a lower level cache, skip the
+ * current entry */
+ if ((type == Cache_L1) || (type == Cache_L1d)) {
+ *level = 1;
+ *lineSize = CacheMap[val].lineSize;
+ } else if ((*level >= 2) && ((type == Cache_L2) || (type == Cache_L2d))) {
+ *level = 2;
+ *lineSize = CacheMap[val].lineSize;
+ } else if ((*level >= 3) && ((type == Cache_L3) || (type == Cache_L3d))) {
+ *level = 3;
+ *lineSize = CacheMap[val].lineSize;
+ }
+ return;
+}
+
+static void
+getIntelRegisterCacheLineSize(unsigned long val,
+ int *level, unsigned long *lineSize)
+{
+ getIntelCacheEntryLineSize(val >> 24 & 0xff, level, lineSize);
+ getIntelCacheEntryLineSize(val >> 16 & 0xff, level, lineSize);
+ getIntelCacheEntryLineSize(val >> 8 & 0xff, level, lineSize);
+ getIntelCacheEntryLineSize(val & 0xff, level, lineSize);
+}
+
+/*
+ * returns '0' if no recognized cache is found, or if the cache
+ * information is supported by this processor
+ */
+static unsigned long
+getIntelCacheLineSize(int cpuidLevel)
+{
+ int level = 4;
+ unsigned long lineSize = 0;
+ unsigned long eax, ebx, ecx, edx;
+ int repeat, count;
+
+ if (cpuidLevel < 2) {
+ return 0;
+ }
+
+ /* command '2' of the cpuid is intel's cache info call. Each byte of the
+ * 4 registers contain a potential descriptor for the cache. The CacheMap
+ * table maps the cache entry with the processor cache. Register 'al'
+ * contains a count value that cpuid '2' needs to be called in order to
+ * find all the cache descriptors. Only registers with the high bit set
+ * to 'zero' have valid descriptors. This code loops through all the
+ * required calls to cpuid '2' and passes any valid descriptors it finds
+ * to the getIntelRegisterCacheLineSize code, which breaks the registers
+ * down into their component descriptors. In the end the lineSize of the
+ * lowest level cache data cache is returned. */
+ freebl_cpuid(2, &eax, &ebx, &ecx, &edx);
+ repeat = eax & 0xf;
+ for (count = 0; count < repeat; count++) {
+ if ((eax & 0x80000000) == 0) {
+ getIntelRegisterCacheLineSize(eax & 0xffffff00, &level, &lineSize);
+ }
+ if ((ebx & 0x80000000) == 0) {
+ getIntelRegisterCacheLineSize(ebx, &level, &lineSize);
+ }
+ if ((ecx & 0x80000000) == 0) {
+ getIntelRegisterCacheLineSize(ecx, &level, &lineSize);
+ }
+ if ((edx & 0x80000000) == 0) {
+ getIntelRegisterCacheLineSize(edx, &level, &lineSize);
+ }
+ if (count + 1 != repeat) {
+ freebl_cpuid(2, &eax, &ebx, &ecx, &edx);
+ }
+ }
+ return lineSize;
+}
+
+/*
+ * returns '0' if the cache info is not supported by this processor.
+ * This is based on the AMD extended cache commands for cpuid.
+ * (see "AMD Processor Recognition Application Note" Publication 20734).
+ * Some other processors use the identical scheme.
+ * (see "Processor Recognition, Transmeta Corporation").
+ */
+static unsigned long
+getOtherCacheLineSize(unsigned long cpuidLevel)
+{
+ unsigned long lineSize = 0;
+ unsigned long eax, ebx, ecx, edx;
+
+ /* get the Extended CPUID level */
+ freebl_cpuid(0x80000000, &eax, &ebx, &ecx, &edx);
+ cpuidLevel = eax;
+
+ if (cpuidLevel >= 0x80000005) {
+ freebl_cpuid(0x80000005, &eax, &ebx, &ecx, &edx);
+ lineSize = ecx & 0xff; /* line Size, L1 Data Cache */
+ }
+ return lineSize;
+}
+
+static const char *const manMap[] = {
+#define INTEL 0
+ "GenuineIntel",
+#define AMD 1
+ "AuthenticAMD",
+#define CYRIX 2
+ "CyrixInstead",
+#define CENTAUR 2
+ "CentaurHauls",
+#define NEXGEN 3
+ "NexGenDriven",
+#define TRANSMETA 4
+ "GenuineTMx86",
+#define RISE 5
+ "RiseRiseRise",
+#define UMC 6
+ "UMC UMC UMC ",
+#define SIS 7
+ "Sis Sis Sis ",
+#define NATIONAL 8
+ "Geode by NSC",
+};
+
+static const int n_manufacturers = sizeof(manMap) / sizeof(manMap[0]);
+
+#define MAN_UNKNOWN 9
+
+#if !defined(AMD_64)
+#define SSE2_FLAG (1 << 26)
+unsigned long
+s_mpi_is_sse2()
+{
+ unsigned long eax, ebx, ecx, edx;
+
+ if (is386() || is486()) {
+ return 0;
+ }
+ freebl_cpuid(0, &eax, &ebx, &ecx, &edx);
+
+ /* has no SSE2 extensions */
+ if (eax == 0) {
+ return 0;
+ }
+
+ freebl_cpuid(1, &eax, &ebx, &ecx, &edx);
+ return (edx & SSE2_FLAG) == SSE2_FLAG;
+}
+#endif
+
+unsigned long
+s_mpi_getProcessorLineSize()
+{
+ unsigned long eax, ebx, ecx, edx;
+ PRUint32 cpuid[3];
+ unsigned long cpuidLevel;
+ unsigned long cacheLineSize = 0;
+ int manufacturer = MAN_UNKNOWN;
+ int i;
+ char string[13];
+
+#if !defined(AMD_64)
+ if (is386()) {
+ return 0; /* 386 had no cache */
+ }
+ if (is486()) {
+ return 32; /* really? need more info */
+ }
+#endif
+
+ /* Pentium, cpuid command is available */
+ freebl_cpuid(0, &eax, &ebx, &ecx, &edx);
+ cpuidLevel = eax;
+ /* string holds the CPU's manufacturer ID string - a twelve
+ * character ASCII string stored in ebx, edx, ecx, and
+ * the 32-bit extended feature flags are in edx, ecx.
+ */
+ cpuid[0] = ebx;
+ cpuid[1] = ecx;
+ cpuid[2] = edx;
+ memcpy(string, cpuid, sizeof(cpuid));
+ string[12] = 0;
+
+ manufacturer = MAN_UNKNOWN;
+ for (i = 0; i < n_manufacturers; i++) {
+ if (strcmp(manMap[i], string) == 0) {
+ manufacturer = i;
+ }
+ }
+
+ if (manufacturer == INTEL) {
+ cacheLineSize = getIntelCacheLineSize(cpuidLevel);
+ } else {
+ cacheLineSize = getOtherCacheLineSize(cpuidLevel);
+ }
+ /* doesn't support cache info based on cpuid. This means
+ * an old pentium class processor, which have cache lines of
+ * 32. If we learn differently, we can use a switch based on
+ * the Manufacturer id */
+ if (cacheLineSize == 0) {
+ cacheLineSize = 32;
+ }
+ return cacheLineSize;
+}
+#define MPI_GET_PROCESSOR_LINE_SIZE_DEFINED 1
+#endif
+
+#if defined(__ppc64__)
+/*
+ * Sigh, The PPC has some really nice features to help us determine cache
+ * size, since it had lots of direct control functions to do so. The POWER
+ * processor even has an instruction to do this, but it was dropped in
+ * PowerPC. Unfortunately most of them are not available in user mode.
+ *
+ * The dcbz function would be a great way to determine cache line size except
+ * 1) it only works on write-back memory (it throws an exception otherwise),
+ * and 2) because so many mac programs 'knew' the processor cache size was
+ * 32 bytes, they used this instruction as a fast 'zero 32 bytes'. Now the new
+ * G5 processor has 128 byte cache, but dcbz only clears 32 bytes to keep
+ * these programs happy. dcbzl work if 64 bit instructions are supported.
+ * If you know 64 bit instructions are supported, and that stack is
+ * write-back, you can use this code.
+ */
+#include "memory.h"
+
+/* clear the cache line that contains 'array' */
+static inline void
+dcbzl(char *array)
+{
+ register char *a asm("r2") = array;
+ __asm__ __volatile__("dcbzl %0,r0"
+ : "=r"(a)
+ : "0"(a));
+}
+
+#define PPC_DO_ALIGN(x, y) ((char *)((((long long)(x)) + ((y)-1)) & ~((y)-1)))
+
+#define PPC_MAX_LINE_SIZE 256
+unsigned long
+s_mpi_getProcessorLineSize()
+{
+ char testArray[2 * PPC_MAX_LINE_SIZE + 1];
+ char *test;
+ int i;
+
+ /* align the array on a maximum line size boundary, so we
+ * know we are starting to clear from the first address */
+ test = PPC_DO_ALIGN(testArray, PPC_MAX_LINE_SIZE);
+ /* set all the values to 1's */
+ memset(test, 0xff, PPC_MAX_LINE_SIZE);
+ /* clear one cache block starting at 'test' */
+ dcbzl(test);
+
+ /* find the size of the cleared area, that's our block size */
+ for (i = PPC_MAX_LINE_SIZE; i != 0; i = i / 2) {
+ if (test[i - 1] == 0) {
+ return i;
+ }
+ }
+ return 0;
+}
+
+#define MPI_GET_PROCESSOR_LINE_SIZE_DEFINED 1
+#endif
+
+/*
+ * put other processor and platform specific cache code here
+ * return the smallest cache line size in bytes on the processor
+ * (usually the L1 cache). If the OS has a call, this would be
+ * a greate place to put it.
+ *
+ * If there is no cache, return 0;
+ *
+ * define MPI_GET_PROCESSOR_LINE_SIZE_DEFINED so the generic functions
+ * below aren't compiled.
+ *
+ */
+
+/* target.mk can define MPI_CACHE_LINE_SIZE if it's common for the family or
+ * OS */
+#if defined(MPI_CACHE_LINE_SIZE) && !defined(MPI_GET_PROCESSOR_LINE_SIZE_DEFINED)
+
+unsigned long
+s_mpi_getProcessorLineSize()
+{
+ return MPI_CACHE_LINE_SIZE;
+}
+#define MPI_GET_PROCESSOR_LINE_SIZE_DEFINED 1
+#endif
+
+/* If no way to get the processor cache line size has been defined, assume
+ * it's 32 bytes (most common value, does not significantly impact performance)
+ */
+#ifndef MPI_GET_PROCESSOR_LINE_SIZE_DEFINED
+unsigned long
+s_mpi_getProcessorLineSize()
+{
+ return 32;
+}
+#endif
+
+#ifdef TEST_IT
+#include <stdio.h>
+
+main()
+{
+ printf("line size = %d\n", s_mpi_getProcessorLineSize());
+}
+#endif
diff --git a/security/nss/lib/freebl/mpi/mpcpucache_amd64.s b/security/nss/lib/freebl/mpi/mpcpucache_amd64.s
new file mode 100644
index 000000000..d493b4762
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpcpucache_amd64.s
@@ -0,0 +1,861 @@
+/ This Source Code Form is subject to the terms of the Mozilla Public
+/ License, v. 2.0. If a copy of the MPL was not distributed with this
+/ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .file "mpcpucache.c"
+/ .section .rodata.str1.1,"aMS",@progbits,1
+ .section .rodata
+.LC0:
+ .string "GenuineIntel"
+.LC1:
+ .string "AuthenticAMD"
+.LC2:
+ .string "CyrixInstead"
+.LC3:
+ .string "CentaurHauls"
+.LC4:
+ .string "NexGenDriven"
+.LC5:
+ .string "GenuineTMx86"
+.LC6:
+ .string "RiseRiseRise"
+.LC7:
+ .string "UMC UMC UMC "
+.LC8:
+ .string "Sis Sis Sis "
+.LC9:
+ .string "Geode by NSC"
+ .section .data.rel.ro.local,"aw",@progbits
+ .align 32
+ .type manMap, @object
+ .size manMap, 80
+manMap:
+ .quad .LC0
+ .quad .LC1
+ .quad .LC2
+ .quad .LC3
+ .quad .LC4
+ .quad .LC5
+ .quad .LC6
+ .quad .LC7
+ .quad .LC8
+ .quad .LC9
+ .section .rodata
+ .align 32
+ .type CacheMap, @object
+ .size CacheMap, 512
+CacheMap:
+ .byte 0
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 4
+ .zero 1
+ .byte 1
+ .byte 0
+ .byte 7
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 7
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 12
+ .byte 64
+ .byte 12
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 12
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 12
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 7
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 0
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 64
+ .byte 8
+ .byte 64
+ .byte 8
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 5
+ .byte 1
+ .byte 5
+ .byte 1
+ .byte 5
+ .byte 1
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .text
+ .align 16
+.globl freebl_cpuid
+ .type freebl_cpuid, @function
+freebl_cpuid:
+.LFB2:
+ movq %rdx, %r10
+ pushq %rbx
+.LCFI0:
+ movq %rcx, %r11
+ movq %rdi, %rax
+/APP
+ cpuid
+
+/NO_APP
+ movq %rax, (%rsi)
+ movq %rbx, (%r10)
+ popq %rbx
+ movq %rcx, (%r11)
+ movq %rdx, (%r8)
+ ret
+.LFE2:
+ .size freebl_cpuid, .-freebl_cpuid
+ .align 16
+ .type getIntelCacheEntryLineSize, @function
+getIntelCacheEntryLineSize:
+.LFB3:
+ leaq CacheMap(%rip), %r9
+ movq %rdx, %r10
+ movzbl 1(%r9,%rdi,2), %ecx
+ movzbl (%r9,%rdi,2), %r8d
+ testb %cl, %cl
+ je .L2
+ cmpl $6, %r8d
+ sete %dl
+ cmpl $8, %r8d
+ sete %al
+ orl %edx, %eax
+ testb $1, %al
+ je .L4
+ movl $1, (%rsi)
+.L9:
+ movzbl %cl, %eax
+ movq %rax, (%r10)
+ ret
+ .align 16
+.L4:
+ movl (%rsi), %r11d
+ cmpl $1, %r11d
+ jg .L11
+.L6:
+ cmpl $2, %r11d
+ jle .L2
+ cmpl $12, %r8d
+ sete %dl
+ cmpl $14, %r8d
+ sete %al
+ orl %edx, %eax
+ testb $1, %al
+ je .L2
+ movzbq 1(%r9,%rdi,2), %rax
+ movl $3, (%rsi)
+ movq %rax, (%r10)
+ .align 16
+.L2:
+ rep ; ret
+ .align 16
+.L11:
+ cmpl $9, %r8d
+ sete %dl
+ cmpl $11, %r8d
+ sete %al
+ orl %edx, %eax
+ testb $1, %al
+ je .L6
+ movl $2, (%rsi)
+ jmp .L9
+.LFE3:
+ .size getIntelCacheEntryLineSize, .-getIntelCacheEntryLineSize
+ .align 16
+ .type getIntelRegisterCacheLineSize, @function
+getIntelRegisterCacheLineSize:
+.LFB4:
+ pushq %rbp
+.LCFI1:
+ movq %rsp, %rbp
+.LCFI2:
+ movq %rbx, -24(%rbp)
+.LCFI3:
+ movq %rdi, %rbx
+ shrq $24, %rdi
+ movq %r12, -16(%rbp)
+.LCFI4:
+ movq %r13, -8(%rbp)
+.LCFI5:
+ andl $255, %edi
+ subq $24, %rsp
+.LCFI6:
+ movq %rsi, %r13
+ movq %rdx, %r12
+ call getIntelCacheEntryLineSize
+ movq %rbx, %rdi
+ movq %r12, %rdx
+ movq %r13, %rsi
+ shrq $16, %rdi
+ andl $255, %edi
+ call getIntelCacheEntryLineSize
+ movq %rbx, %rdi
+ movq %r12, %rdx
+ movq %r13, %rsi
+ shrq $8, %rdi
+ andl $255, %ebx
+ andl $255, %edi
+ call getIntelCacheEntryLineSize
+ movq %r12, %rdx
+ movq %r13, %rsi
+ movq %rbx, %rdi
+ movq 8(%rsp), %r12
+ movq (%rsp), %rbx
+ movq 16(%rsp), %r13
+ leave
+ jmp getIntelCacheEntryLineSize
+.LFE4:
+ .size getIntelRegisterCacheLineSize, .-getIntelRegisterCacheLineSize
+ .align 16
+.globl s_mpi_getProcessorLineSize
+ .type s_mpi_getProcessorLineSize, @function
+s_mpi_getProcessorLineSize:
+.LFB7:
+ pushq %rbp
+.LCFI7:
+ xorl %edi, %edi
+ movq %rsp, %rbp
+.LCFI8:
+ pushq %r15
+.LCFI9:
+ leaq -136(%rbp), %r8
+ leaq -144(%rbp), %rcx
+ leaq -152(%rbp), %rdx
+ pushq %r14
+.LCFI10:
+ leaq -160(%rbp), %rsi
+ leaq -128(%rbp), %r14
+ pushq %r13
+.LCFI11:
+ leaq manMap(%rip), %r13
+ pushq %r12
+.LCFI12:
+ movl $9, %r12d
+ pushq %rbx
+.LCFI13:
+ xorl %ebx, %ebx
+ subq $200, %rsp
+.LCFI14:
+ call freebl_cpuid
+ movq -152(%rbp), %rax
+ movq -160(%rbp), %r15
+ movb $0, -116(%rbp)
+ movl %eax, -128(%rbp)
+ movq -136(%rbp), %rax
+ movl %eax, -124(%rbp)
+ movq -144(%rbp), %rax
+ movl %eax, -120(%rbp)
+ .align 16
+.L18:
+ movslq %ebx,%rax
+ movq %r14, %rsi
+ movq (%r13,%rax,8), %rdi
+ call strcmp@PLT
+ testl %eax, %eax
+ cmove %ebx, %r12d
+ incl %ebx
+ cmpl $9, %ebx
+ jle .L18
+ testl %r12d, %r12d
+ jne .L19
+ xorl %eax, %eax
+ decl %r15d
+ movl $4, -204(%rbp)
+ movq $0, -200(%rbp)
+ jle .L21
+ leaq -168(%rbp), %r8
+ leaq -176(%rbp), %rcx
+ leaq -184(%rbp), %rdx
+ leaq -192(%rbp), %rsi
+ movl $2, %edi
+ xorl %ebx, %ebx
+ call freebl_cpuid
+ movq -192(%rbp), %rdi
+ movl %edi, %r12d
+ andl $15, %r12d
+ cmpl %r12d, %ebx
+ jl .L30
+ jmp .L38
+ .align 16
+.L25:
+ movq -184(%rbp), %rdi
+ testl $2147483648, %edi
+ je .L40
+.L26:
+ movq -176(%rbp), %rdi
+ testl $2147483648, %edi
+ je .L41
+.L27:
+ movq -168(%rbp), %rdi
+ testl $2147483648, %edi
+ je .L42
+.L28:
+ incl %ebx
+ cmpl %r12d, %ebx
+ je .L24
+ leaq -168(%rbp), %r8
+ leaq -176(%rbp), %rcx
+ leaq -184(%rbp), %rdx
+ leaq -192(%rbp), %rsi
+ movl $2, %edi
+ call freebl_cpuid
+.L24:
+ cmpl %r12d, %ebx
+ jge .L38
+ movq -192(%rbp), %rdi
+.L30:
+ testl $2147483648, %edi
+ jne .L25
+ leaq -200(%rbp), %rdx
+ leaq -204(%rbp), %rsi
+ andl $4294967040, %edi
+ call getIntelRegisterCacheLineSize
+ movq -184(%rbp), %rdi
+ testl $2147483648, %edi
+ jne .L26
+.L40:
+ leaq -200(%rbp), %rdx
+ leaq -204(%rbp), %rsi
+ call getIntelRegisterCacheLineSize
+ movq -176(%rbp), %rdi
+ testl $2147483648, %edi
+ jne .L27
+.L41:
+ leaq -200(%rbp), %rdx
+ leaq -204(%rbp), %rsi
+ call getIntelRegisterCacheLineSize
+ movq -168(%rbp), %rdi
+ testl $2147483648, %edi
+ jne .L28
+.L42:
+ leaq -200(%rbp), %rdx
+ leaq -204(%rbp), %rsi
+ call getIntelRegisterCacheLineSize
+ jmp .L28
+.L38:
+ movq -200(%rbp), %rax
+.L21:
+ movq %rax, %rdx
+ movl $32, %eax
+ testq %rdx, %rdx
+ cmoveq %rax, %rdx
+ addq $200, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ popq %r15
+ leave
+ movq %rdx, %rax
+ ret
+.L19:
+ leaq -216(%rbp), %r8
+ leaq -224(%rbp), %rcx
+ leaq -232(%rbp), %rdx
+ leaq -240(%rbp), %rsi
+ movl $2147483648, %edi
+ xorl %ebx, %ebx
+ call freebl_cpuid
+ movl $2147483652, %eax
+ cmpq %rax, -240(%rbp)
+ ja .L43
+.L32:
+ movq %rbx, %rdx
+ movl $32, %eax
+ testq %rdx, %rdx
+ cmoveq %rax, %rdx
+ addq $200, %rsp
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ popq %r15
+ leave
+ movq %rdx, %rax
+ ret
+.L43:
+ leaq -216(%rbp), %r8
+ leaq -224(%rbp), %rcx
+ leaq -232(%rbp), %rdx
+ leaq -240(%rbp), %rsi
+ movl $2147483653, %edi
+ call freebl_cpuid
+ movzbq -224(%rbp), %rbx
+ jmp .L32
+.LFE7:
+ .size s_mpi_getProcessorLineSize, .-s_mpi_getProcessorLineSize
diff --git a/security/nss/lib/freebl/mpi/mpcpucache_x86.s b/security/nss/lib/freebl/mpi/mpcpucache_x86.s
new file mode 100644
index 000000000..af17ebcb4
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpcpucache_x86.s
@@ -0,0 +1,902 @@
+/ This Source Code Form is subject to the terms of the Mozilla Public
+/ License, v. 2.0. If a copy of the MPL was not distributed with this
+/ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .file "mpcpucache.c"
+/ .section .rodata.str1.1,"aMS",@progbits,1
+ .section .rodata
+.LC0:
+ .string "GenuineIntel"
+.LC1:
+ .string "AuthenticAMD"
+.LC2:
+ .string "CyrixInstead"
+.LC3:
+ .string "CentaurHauls"
+.LC4:
+ .string "NexGenDriven"
+.LC5:
+ .string "GenuineTMx86"
+.LC6:
+ .string "RiseRiseRise"
+.LC7:
+ .string "UMC UMC UMC "
+.LC8:
+ .string "Sis Sis Sis "
+.LC9:
+ .string "Geode by NSC"
+ .section .data.rel.ro.local,"aw",@progbits
+ .align 32
+ .type manMap, @object
+ .size manMap, 40
+manMap:
+ .long .LC0
+ .long .LC1
+ .long .LC2
+ .long .LC3
+ .long .LC4
+ .long .LC5
+ .long .LC6
+ .long .LC7
+ .long .LC8
+ .long .LC9
+ .section .rodata
+ .align 32
+ .type CacheMap, @object
+ .size CacheMap, 512
+CacheMap:
+ .byte 0
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 4
+ .zero 1
+ .byte 1
+ .byte 0
+ .byte 7
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 7
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 12
+ .byte 64
+ .byte 12
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 12
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 12
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 7
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 0
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 8
+ .byte 64
+ .byte 8
+ .byte 64
+ .byte 8
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 5
+ .byte 1
+ .byte 5
+ .byte 1
+ .byte 5
+ .byte 1
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 32
+ .byte 9
+ .byte 64
+ .byte 9
+ .byte 64
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 3
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 4
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .byte 1
+ .byte 0
+ .text
+ .align 4
+.globl freebl_cpuid
+ .type freebl_cpuid, @function
+freebl_cpuid:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ subl $8, %esp
+ movl %edx, %ebp
+/APP
+ pushl %ebx
+ xorl %ecx, %ecx
+ cpuid
+ mov %ebx,%esi
+ popl %ebx
+
+/NO_APP
+ movl %eax, (%ebp)
+ movl 24(%esp), %eax
+ movl %esi, (%eax)
+ movl 28(%esp), %eax
+ movl %ecx, (%eax)
+ movl 32(%esp), %eax
+ movl %edx, (%eax)
+ addl $8, %esp
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+ .size freebl_cpuid, .-freebl_cpuid
+ .align 4
+ .type changeFlag, @function
+changeFlag:
+/APP
+ pushfl
+ popl %edx
+ movl %edx,%ecx
+ xorl %eax,%edx
+ pushl %edx
+ popfl
+ pushfl
+ popl %edx
+ pushl %ecx
+ popfl
+
+/NO_APP
+ xorl %ecx, %edx
+ movl %edx, %eax
+ ret
+ .size changeFlag, .-changeFlag
+ .align 4
+ .type getIntelCacheEntryLineSize, @function
+getIntelCacheEntryLineSize:
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+ call .L17
+.L17:
+ popl %ebx
+ addl $_GLOBAL_OFFSET_TABLE_+[.-.L17], %ebx
+ movzbl CacheMap@GOTOFF(%ebx,%eax,2), %ecx
+ movb 1+CacheMap@GOTOFF(%ebx,%eax,2), %al
+ testb %al, %al
+ movl 16(%esp), %edi
+ je .L3
+ cmpl $6, %ecx
+ je .L6
+ cmpl $8, %ecx
+ je .L6
+ movl (%edx), %esi
+ cmpl $1, %esi
+ jg .L15
+.L8:
+ cmpl $2, %esi
+ jle .L3
+ cmpl $12, %ecx
+ je .L12
+ cmpl $14, %ecx
+ je .L12
+ .align 4
+.L3:
+ popl %ebx
+ popl %esi
+ popl %edi
+ ret
+ .align 4
+.L6:
+ movzbl %al, %eax
+ movl $1, (%edx)
+ movl %eax, (%edi)
+.L16:
+ popl %ebx
+ popl %esi
+ popl %edi
+ ret
+ .align 4
+.L15:
+ cmpl $9, %ecx
+ je .L9
+ cmpl $11, %ecx
+ jne .L8
+.L9:
+ movzbl %al, %eax
+ movl $2, (%edx)
+ movl %eax, (%edi)
+ jmp .L16
+.L12:
+ movzbl %al, %eax
+ movl $3, (%edx)
+ movl %eax, (%edi)
+ jmp .L16
+ .size getIntelCacheEntryLineSize, .-getIntelCacheEntryLineSize
+ .align 4
+ .type getIntelRegisterCacheLineSize, @function
+getIntelRegisterCacheLineSize:
+ pushl %ebp
+ movl %esp, %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ecx
+ movl 8(%ebp), %edi
+ movl %eax, %esi
+ movl %edx, -12(%ebp)
+ shrl $24, %eax
+ pushl %edi
+ call getIntelCacheEntryLineSize
+ movl %esi, %eax
+ pushl %edi
+ shrl $16, %eax
+ movl -12(%ebp), %edx
+ andl $255, %eax
+ call getIntelCacheEntryLineSize
+ pushl %edi
+ movl %esi, %edx
+ movzbl %dh, %eax
+ movl -12(%ebp), %edx
+ call getIntelCacheEntryLineSize
+ andl $255, %esi
+ movl %edi, 8(%ebp)
+ movl -12(%ebp), %edx
+ addl $12, %esp
+ leal -8(%ebp), %esp
+ movl %esi, %eax
+ popl %esi
+ popl %edi
+ leave
+ jmp getIntelCacheEntryLineSize
+ .size getIntelRegisterCacheLineSize, .-getIntelRegisterCacheLineSize
+ .align 4
+.globl s_mpi_getProcessorLineSize
+ .type s_mpi_getProcessorLineSize, @function
+s_mpi_getProcessorLineSize:
+ pushl %ebp
+ movl %esp, %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+ subl $188, %esp
+ call .L52
+.L52:
+ popl %ebx
+ addl $_GLOBAL_OFFSET_TABLE_+[.-.L52], %ebx
+ movl $9, -168(%ebp)
+ movl $262144, %eax
+ call changeFlag
+ xorl %edx, %edx
+ testl %eax, %eax
+ jne .L50
+.L19:
+ leal -12(%ebp), %esp
+ popl %ebx
+ popl %esi
+ movl %edx, %eax
+ popl %edi
+ leave
+ ret
+ .align 4
+.L50:
+ movl $2097152, %eax
+ call changeFlag
+ testl %eax, %eax
+ movl $32, %edx
+ je .L19
+ leal -108(%ebp), %eax
+ pushl %eax
+ leal -112(%ebp), %eax
+ pushl %eax
+ leal -116(%ebp), %eax
+ pushl %eax
+ leal -120(%ebp), %edx
+ xorl %eax, %eax
+ call freebl_cpuid
+ movl -120(%ebp), %eax
+ movl %eax, -164(%ebp)
+ movl -116(%ebp), %eax
+ movl %eax, -104(%ebp)
+ movl -108(%ebp), %eax
+ movl %eax, -100(%ebp)
+ movl -112(%ebp), %eax
+ movl %eax, -96(%ebp)
+ movb $0, -92(%ebp)
+ xorl %esi, %esi
+ addl $12, %esp
+ leal -104(%ebp), %edi
+ .align 4
+.L28:
+ subl $8, %esp
+ pushl %edi
+ pushl manMap@GOTOFF(%ebx,%esi,4)
+ call strcmp@PLT
+ addl $16, %esp
+ testl %eax, %eax
+ jne .L26
+ movl %esi, -168(%ebp)
+.L26:
+ incl %esi
+ cmpl $9, %esi
+ jle .L28
+ movl -168(%ebp), %eax
+ testl %eax, %eax
+ jne .L29
+ xorl %eax, %eax
+ cmpl $1, -164(%ebp)
+ movl $4, -144(%ebp)
+ movl $0, -140(%ebp)
+ jle .L41
+ leal -124(%ebp), %edx
+ movl %edx, -188(%ebp)
+ leal -128(%ebp), %eax
+ pushl %edx
+ movl %eax, -184(%ebp)
+ leal -132(%ebp), %edx
+ pushl %eax
+ movl %edx, -180(%ebp)
+ movl $2, %eax
+ pushl %edx
+ leal -136(%ebp), %edx
+ call freebl_cpuid
+ movl -136(%ebp), %eax
+ movl %eax, %edi
+ andl $15, %edi
+ xorl %esi, %esi
+ addl $12, %esp
+ leal -140(%ebp), %edx
+ cmpl %edi, %esi
+ movl %edx, -176(%ebp)
+ jl .L40
+ jmp .L48
+ .align 4
+.L49:
+ movl -136(%ebp), %eax
+.L40:
+ testl %eax, %eax
+ js .L35
+ xorb %al, %al
+ pushl -176(%ebp)
+ leal -144(%ebp), %edx
+ call getIntelRegisterCacheLineSize
+ popl %eax
+.L35:
+ movl -132(%ebp), %eax
+ testl %eax, %eax
+ js .L36
+ pushl -176(%ebp)
+ leal -144(%ebp), %edx
+ call getIntelRegisterCacheLineSize
+ popl %eax
+.L36:
+ movl -128(%ebp), %eax
+ testl %eax, %eax
+ js .L37
+ pushl -176(%ebp)
+ leal -144(%ebp), %edx
+ call getIntelRegisterCacheLineSize
+ popl %eax
+.L37:
+ movl -124(%ebp), %eax
+ testl %eax, %eax
+ js .L38
+ pushl -176(%ebp)
+ leal -144(%ebp), %edx
+ call getIntelRegisterCacheLineSize
+ popl %eax
+.L38:
+ incl %esi
+ cmpl %edi, %esi
+ je .L34
+ pushl -188(%ebp)
+ pushl -184(%ebp)
+ pushl -180(%ebp)
+ leal -136(%ebp), %edx
+ movl $2, %eax
+ call freebl_cpuid
+ addl $12, %esp
+.L34:
+ cmpl %edi, %esi
+ jl .L49
+.L48:
+ movl -140(%ebp), %eax
+.L41:
+ testl %eax, %eax
+ jne .L44
+ movb $32, %al
+.L44:
+ leal -12(%ebp), %esp
+ popl %ebx
+ popl %esi
+ movl %eax, %edx
+ movl %edx, %eax
+ popl %edi
+ leave
+ ret
+.L29:
+ leal -148(%ebp), %eax
+ movl %eax, -192(%ebp)
+ movl $0, -172(%ebp)
+ leal -152(%ebp), %edi
+ pushl %eax
+ pushl %edi
+ leal -156(%ebp), %esi
+ pushl %esi
+ leal -160(%ebp), %edx
+ movl $-2147483648, %eax
+ call freebl_cpuid
+ addl $12, %esp
+ cmpl $-2147483644, -160(%ebp)
+ ja .L51
+.L42:
+ movl -172(%ebp), %eax
+ jmp .L41
+.L51:
+ pushl -192(%ebp)
+ pushl %edi
+ pushl %esi
+ leal -160(%ebp), %edx
+ movl $-2147483643, %eax
+ call freebl_cpuid
+ movzbl -152(%ebp), %edx
+ addl $12, %esp
+ movl %edx, -172(%ebp)
+ jmp .L42
+ .size s_mpi_getProcessorLineSize, .-s_mpi_getProcessorLineSize
diff --git a/security/nss/lib/freebl/mpi/mpi-config.h b/security/nss/lib/freebl/mpi/mpi-config.h
new file mode 100644
index 000000000..f365592a4
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi-config.h
@@ -0,0 +1,68 @@
+/* Default configuration for MPI library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef MPI_CONFIG_H_
+#define MPI_CONFIG_H_
+
+/*
+ For boolean options,
+ 0 = no
+ 1 = yes
+
+ Other options are documented individually.
+
+ */
+
+#ifndef MP_IOFUNC
+#define MP_IOFUNC 0 /* include mp_print() ? */
+#endif
+
+#ifndef MP_MODARITH
+#define MP_MODARITH 1 /* include modular arithmetic ? */
+#endif
+
+#ifndef MP_NUMTH
+#define MP_NUMTH 1 /* include number theoretic functions? */
+#endif
+
+#ifndef MP_LOGTAB
+#define MP_LOGTAB 1 /* use table of logs instead of log()? */
+#endif
+
+#ifndef MP_MEMSET
+#define MP_MEMSET 1 /* use memset() to zero buffers? */
+#endif
+
+#ifndef MP_MEMCPY
+#define MP_MEMCPY 1 /* use memcpy() to copy buffers? */
+#endif
+
+#ifndef MP_ARGCHK
+/*
+ 0 = no parameter checks
+ 1 = runtime checks, continue execution and return an error to caller
+ 2 = assertions; dump core on parameter errors
+ */
+#ifdef DEBUG
+#define MP_ARGCHK 2 /* how to check input arguments */
+#else
+#define MP_ARGCHK 1 /* how to check input arguments */
+#endif
+#endif
+
+#ifndef MP_DEBUG
+#define MP_DEBUG 0 /* print diagnostic output? */
+#endif
+
+#ifndef MP_DEFPREC
+#define MP_DEFPREC 64 /* default precision, in digits */
+#endif
+
+#ifndef MP_SQUARE
+#define MP_SQUARE 1 /* use separate squaring code? */
+#endif
+
+#endif /* ifndef MPI_CONFIG_H_ */
diff --git a/security/nss/lib/freebl/mpi/mpi-priv.h b/security/nss/lib/freebl/mpi/mpi-priv.h
new file mode 100644
index 000000000..b34452c48
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi-priv.h
@@ -0,0 +1,243 @@
+/*
+ * mpi-priv.h - Private header file for MPI
+ * Arbitrary precision integer arithmetic library
+ *
+ * NOTE WELL: the content of this header file is NOT part of the "public"
+ * API for the MPI library, and may change at any time.
+ * Application programs that use libmpi should NOT include this header file.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _MPI_PRIV_H_
+#define _MPI_PRIV_H_ 1
+
+#include "mpi.h"
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#if MP_DEBUG
+#include <stdio.h>
+
+#define DIAG(T, V) \
+ { \
+ fprintf(stderr, T); \
+ mp_print(V, stderr); \
+ fputc('\n', stderr); \
+ }
+#else
+#define DIAG(T, V)
+#endif
+
+/* If we aren't using a wired-in logarithm table, we need to include
+ the math library to get the log() function
+ */
+
+/* {{{ s_logv_2[] - log table for 2 in various bases */
+
+#if MP_LOGTAB
+/*
+ A table of the logs of 2 for various bases (the 0 and 1 entries of
+ this table are meaningless and should not be referenced).
+
+ This table is used to compute output lengths for the mp_toradix()
+ function. Since a number n in radix r takes up about log_r(n)
+ digits, we estimate the output size by taking the least integer
+ greater than log_r(n), where:
+
+ log_r(n) = log_2(n) * log_r(2)
+
+ This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
+ which are the output bases supported.
+ */
+
+extern const float s_logv_2[];
+#define LOG_V_2(R) s_logv_2[(R)]
+
+#else
+
+/*
+ If MP_LOGTAB is not defined, use the math library to compute the
+ logarithms on the fly. Otherwise, use the table.
+ Pick which works best for your system.
+ */
+
+#include <math.h>
+#define LOG_V_2(R) (log(2.0) / log(R))
+
+#endif /* if MP_LOGTAB */
+
+/* }}} */
+
+/* {{{ Digit arithmetic macros */
+
+/*
+ When adding and multiplying digits, the results can be larger than
+ can be contained in an mp_digit. Thus, an mp_word is used. These
+ macros mask off the upper and lower digits of the mp_word (the
+ mp_word may be more than 2 mp_digits wide, but we only concern
+ ourselves with the low-order 2 mp_digits)
+ */
+
+#define CARRYOUT(W) (mp_digit)((W) >> DIGIT_BIT)
+#define ACCUM(W) (mp_digit)(W)
+
+#define MP_MIN(a, b) (((a) < (b)) ? (a) : (b))
+#define MP_MAX(a, b) (((a) > (b)) ? (a) : (b))
+#define MP_HOWMANY(a, b) (((a) + (b)-1) / (b))
+#define MP_ROUNDUP(a, b) (MP_HOWMANY(a, b) * (b))
+
+/* }}} */
+
+/* {{{ Comparison constants */
+
+#define MP_LT -1
+#define MP_EQ 0
+#define MP_GT 1
+
+/* }}} */
+
+/* {{{ private function declarations */
+
+void s_mp_setz(mp_digit *dp, mp_size count); /* zero digits */
+void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count); /* copy */
+void *s_mp_alloc(size_t nb, size_t ni); /* general allocator */
+void s_mp_free(void *ptr); /* general free function */
+
+mp_err s_mp_grow(mp_int *mp, mp_size min); /* increase allocated size */
+mp_err s_mp_pad(mp_int *mp, mp_size min); /* left pad with zeroes */
+
+void s_mp_clamp(mp_int *mp); /* clip leading zeroes */
+
+void s_mp_exch(mp_int *a, mp_int *b); /* swap a and b in place */
+
+mp_err s_mp_lshd(mp_int *mp, mp_size p); /* left-shift by p digits */
+void s_mp_rshd(mp_int *mp, mp_size p); /* right-shift by p digits */
+mp_err s_mp_mul_2d(mp_int *mp, mp_digit d); /* multiply by 2^d in place */
+void s_mp_div_2d(mp_int *mp, mp_digit d); /* divide by 2^d in place */
+void s_mp_mod_2d(mp_int *mp, mp_digit d); /* modulo 2^d in place */
+void s_mp_div_2(mp_int *mp); /* divide by 2 in place */
+mp_err s_mp_mul_2(mp_int *mp); /* multiply by 2 in place */
+mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd);
+/* normalize for division */
+mp_err s_mp_add_d(mp_int *mp, mp_digit d); /* unsigned digit addition */
+mp_err s_mp_sub_d(mp_int *mp, mp_digit d); /* unsigned digit subtract */
+mp_err s_mp_mul_d(mp_int *mp, mp_digit d); /* unsigned digit multiply */
+mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r);
+/* unsigned digit divide */
+mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu);
+/* Barrett reduction */
+mp_err s_mp_add(mp_int *a, const mp_int *b); /* magnitude addition */
+mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c);
+mp_err s_mp_sub(mp_int *a, const mp_int *b); /* magnitude subtract */
+mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c);
+mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset);
+/* a += b * RADIX^offset */
+mp_err s_mp_mul(mp_int *a, const mp_int *b); /* magnitude multiply */
+#if MP_SQUARE
+mp_err s_mp_sqr(mp_int *a); /* magnitude square */
+#else
+#define s_mp_sqr(a) s_mp_mul(a, a)
+#endif
+mp_err s_mp_div(mp_int *rem, mp_int *div, mp_int *quot); /* magnitude div */
+mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
+mp_err s_mp_2expt(mp_int *a, mp_digit k); /* a = 2^k */
+int s_mp_cmp(const mp_int *a, const mp_int *b); /* magnitude comparison */
+int s_mp_cmp_d(const mp_int *a, mp_digit d); /* magnitude digit compare */
+int s_mp_ispow2(const mp_int *v); /* is v a power of 2? */
+int s_mp_ispow2d(mp_digit d); /* is d a power of 2? */
+
+int s_mp_tovalue(char ch, int r); /* convert ch to value */
+char s_mp_todigit(mp_digit val, int r, int low); /* convert val to digit */
+int s_mp_outlen(int bits, int r); /* output length in bytes */
+mp_digit s_mp_invmod_radix(mp_digit P); /* returns (P ** -1) mod RADIX */
+mp_err s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c);
+mp_err s_mp_invmod_2d(const mp_int *a, mp_size k, mp_int *c);
+mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c);
+
+#ifdef NSS_USE_COMBA
+
+#define IS_POWER_OF_2(a) ((a) && !((a) & ((a)-1)))
+
+void s_mp_mul_comba_4(const mp_int *A, const mp_int *B, mp_int *C);
+void s_mp_mul_comba_8(const mp_int *A, const mp_int *B, mp_int *C);
+void s_mp_mul_comba_16(const mp_int *A, const mp_int *B, mp_int *C);
+void s_mp_mul_comba_32(const mp_int *A, const mp_int *B, mp_int *C);
+
+void s_mp_sqr_comba_4(const mp_int *A, mp_int *B);
+void s_mp_sqr_comba_8(const mp_int *A, mp_int *B);
+void s_mp_sqr_comba_16(const mp_int *A, mp_int *B);
+void s_mp_sqr_comba_32(const mp_int *A, mp_int *B);
+
+#endif /* end NSS_USE_COMBA */
+
+/* ------ mpv functions, operate on arrays of digits, not on mp_int's ------ */
+#if defined(__OS2__) && defined(__IBMC__)
+#define MPI_ASM_DECL __cdecl
+#else
+#define MPI_ASM_DECL
+#endif
+
+#ifdef MPI_AMD64
+
+mp_digit MPI_ASM_DECL s_mpv_mul_set_vec64(mp_digit *, mp_digit *, mp_size, mp_digit);
+mp_digit MPI_ASM_DECL s_mpv_mul_add_vec64(mp_digit *, const mp_digit *, mp_size, mp_digit);
+
+/* c = a * b */
+#define s_mpv_mul_d(a, a_len, b, c) \
+ ((mp_digit *)c)[a_len] = s_mpv_mul_set_vec64(c, a, a_len, b)
+
+/* c += a * b */
+#define s_mpv_mul_d_add(a, a_len, b, c) \
+ ((mp_digit *)c)[a_len] = s_mpv_mul_add_vec64(c, a, a_len, b)
+
+#else
+
+void MPI_ASM_DECL s_mpv_mul_d(const mp_digit *a, mp_size a_len,
+ mp_digit b, mp_digit *c);
+void MPI_ASM_DECL s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
+ mp_digit b, mp_digit *c);
+
+#endif
+
+void MPI_ASM_DECL s_mpv_mul_d_add_prop(const mp_digit *a,
+ mp_size a_len, mp_digit b,
+ mp_digit *c);
+void MPI_ASM_DECL s_mpv_sqr_add_prop(const mp_digit *a,
+ mp_size a_len,
+ mp_digit *sqrs);
+
+mp_err MPI_ASM_DECL s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo,
+ mp_digit divisor, mp_digit *quot, mp_digit *rem);
+
+/* c += a * b * (MP_RADIX ** offset); */
+/* Callers of this macro should be aware that the return type might vary;
+ * it should be treated as a void function. */
+#define s_mp_mul_d_add_offset(a, b, c, off) \
+ s_mpv_mul_d_add_prop(MP_DIGITS(a), MP_USED(a), b, MP_DIGITS(c) + off)
+
+typedef struct {
+ mp_int N; /* modulus N */
+ mp_digit n0prime; /* n0' = - (n0 ** -1) mod MP_RADIX */
+} mp_mont_modulus;
+
+mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c,
+ mp_mont_modulus *mmm);
+mp_err s_mp_redc(mp_int *T, mp_mont_modulus *mmm);
+
+/*
+ * s_mpi_getProcessorLineSize() returns the size in bytes of the cache line
+ * if a cache exists, or zero if there is no cache. If more than one
+ * cache line exists, it should return the smallest line size (which is
+ * usually the L1 cache).
+ *
+ * mp_modexp uses this information to make sure that private key information
+ * isn't being leaked through the cache.
+ *
+ * see mpcpucache.c for the implementation.
+ */
+unsigned long s_mpi_getProcessorLineSize();
+
+/* }}} */
+#endif
diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c
new file mode 100644
index 000000000..f6f75439c
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi.c
@@ -0,0 +1,4839 @@
+/*
+ * mpi.c
+ *
+ * Arbitrary precision integer arithmetic library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi-priv.h"
+#if defined(OSF1)
+#include <c_asm.h>
+#endif
+
+#if defined(__arm__) && \
+ ((defined(__thumb__) && !defined(__thumb2__)) || defined(__ARM_ARCH_3__))
+/* 16-bit thumb or ARM v3 doesn't work inlined assember version */
+#undef MP_ASSEMBLY_MULTIPLY
+#undef MP_ASSEMBLY_SQUARE
+#endif
+
+#if MP_LOGTAB
+/*
+ A table of the logs of 2 for various bases (the 0 and 1 entries of
+ this table are meaningless and should not be referenced).
+
+ This table is used to compute output lengths for the mp_toradix()
+ function. Since a number n in radix r takes up about log_r(n)
+ digits, we estimate the output size by taking the least integer
+ greater than log_r(n), where:
+
+ log_r(n) = log_2(n) * log_r(2)
+
+ This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
+ which are the output bases supported.
+ */
+#include "logtab.h"
+#endif
+
+#ifdef CT_VERIF
+#include <valgrind/memcheck.h>
+#endif
+
+/* {{{ Constant strings */
+
+/* Constant strings returned by mp_strerror() */
+static const char *mp_err_string[] = {
+ "unknown result code", /* say what? */
+ "boolean true", /* MP_OKAY, MP_YES */
+ "boolean false", /* MP_NO */
+ "out of memory", /* MP_MEM */
+ "argument out of range", /* MP_RANGE */
+ "invalid input parameter", /* MP_BADARG */
+ "result is undefined" /* MP_UNDEF */
+};
+
+/* Value to digit maps for radix conversion */
+
+/* s_dmap_1 - standard digits and letters */
+static const char *s_dmap_1 =
+ "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
+
+/* }}} */
+
+/* {{{ Default precision manipulation */
+
+/* Default precision for newly created mp_int's */
+static mp_size s_mp_defprec = MP_DEFPREC;
+
+mp_size
+mp_get_prec(void)
+{
+ return s_mp_defprec;
+
+} /* end mp_get_prec() */
+
+void
+mp_set_prec(mp_size prec)
+{
+ if (prec == 0)
+ s_mp_defprec = MP_DEFPREC;
+ else
+ s_mp_defprec = prec;
+
+} /* end mp_set_prec() */
+
+/* }}} */
+
+#ifdef CT_VERIF
+void
+mp_taint(mp_int *mp)
+{
+ size_t i;
+ for (i = 0; i < mp->used; ++i) {
+ VALGRIND_MAKE_MEM_UNDEFINED(&(mp->dp[i]), sizeof(mp_digit));
+ }
+}
+
+void
+mp_untaint(mp_int *mp)
+{
+ size_t i;
+ for (i = 0; i < mp->used; ++i) {
+ VALGRIND_MAKE_MEM_DEFINED(&(mp->dp[i]), sizeof(mp_digit));
+ }
+}
+#endif
+
+/*------------------------------------------------------------------------*/
+/* {{{ mp_init(mp) */
+
+/*
+ mp_init(mp)
+
+ Initialize a new zero-valued mp_int. Returns MP_OKAY if successful,
+ MP_MEM if memory could not be allocated for the structure.
+ */
+
+mp_err
+mp_init(mp_int *mp)
+{
+ return mp_init_size(mp, s_mp_defprec);
+
+} /* end mp_init() */
+
+/* }}} */
+
+/* {{{ mp_init_size(mp, prec) */
+
+/*
+ mp_init_size(mp, prec)
+
+ Initialize a new zero-valued mp_int with at least the given
+ precision; returns MP_OKAY if successful, or MP_MEM if memory could
+ not be allocated for the structure.
+ */
+
+mp_err
+mp_init_size(mp_int *mp, mp_size prec)
+{
+ ARGCHK(mp != NULL && prec > 0, MP_BADARG);
+
+ prec = MP_ROUNDUP(prec, s_mp_defprec);
+ if ((DIGITS(mp) = s_mp_alloc(prec, sizeof(mp_digit))) == NULL)
+ return MP_MEM;
+
+ SIGN(mp) = ZPOS;
+ USED(mp) = 1;
+ ALLOC(mp) = prec;
+
+ return MP_OKAY;
+
+} /* end mp_init_size() */
+
+/* }}} */
+
+/* {{{ mp_init_copy(mp, from) */
+
+/*
+ mp_init_copy(mp, from)
+
+ Initialize mp as an exact copy of from. Returns MP_OKAY if
+ successful, MP_MEM if memory could not be allocated for the new
+ structure.
+ */
+
+mp_err
+mp_init_copy(mp_int *mp, const mp_int *from)
+{
+ ARGCHK(mp != NULL && from != NULL, MP_BADARG);
+
+ if (mp == from)
+ return MP_OKAY;
+
+ if ((DIGITS(mp) = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
+ return MP_MEM;
+
+ s_mp_copy(DIGITS(from), DIGITS(mp), USED(from));
+ USED(mp) = USED(from);
+ ALLOC(mp) = ALLOC(from);
+ SIGN(mp) = SIGN(from);
+
+ return MP_OKAY;
+
+} /* end mp_init_copy() */
+
+/* }}} */
+
+/* {{{ mp_copy(from, to) */
+
+/*
+ mp_copy(from, to)
+
+ Copies the mp_int 'from' to the mp_int 'to'. It is presumed that
+ 'to' has already been initialized (if not, use mp_init_copy()
+ instead). If 'from' and 'to' are identical, nothing happens.
+ */
+
+mp_err
+mp_copy(const mp_int *from, mp_int *to)
+{
+ ARGCHK(from != NULL && to != NULL, MP_BADARG);
+
+ if (from == to)
+ return MP_OKAY;
+
+ { /* copy */
+ mp_digit *tmp;
+
+ /*
+ If the allocated buffer in 'to' already has enough space to hold
+ all the used digits of 'from', we'll re-use it to avoid hitting
+ the memory allocater more than necessary; otherwise, we'd have
+ to grow anyway, so we just allocate a hunk and make the copy as
+ usual
+ */
+ if (ALLOC(to) >= USED(from)) {
+ s_mp_setz(DIGITS(to) + USED(from), ALLOC(to) - USED(from));
+ s_mp_copy(DIGITS(from), DIGITS(to), USED(from));
+
+ } else {
+ if ((tmp = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
+ return MP_MEM;
+
+ s_mp_copy(DIGITS(from), tmp, USED(from));
+
+ if (DIGITS(to) != NULL) {
+ s_mp_setz(DIGITS(to), ALLOC(to));
+ s_mp_free(DIGITS(to));
+ }
+
+ DIGITS(to) = tmp;
+ ALLOC(to) = ALLOC(from);
+ }
+
+ /* Copy the precision and sign from the original */
+ USED(to) = USED(from);
+ SIGN(to) = SIGN(from);
+ } /* end copy */
+
+ return MP_OKAY;
+
+} /* end mp_copy() */
+
+/* }}} */
+
+/* {{{ mp_exch(mp1, mp2) */
+
+/*
+ mp_exch(mp1, mp2)
+
+ Exchange mp1 and mp2 without allocating any intermediate memory
+ (well, unless you count the stack space needed for this call and the
+ locals it creates...). This cannot fail.
+ */
+
+void
+mp_exch(mp_int *mp1, mp_int *mp2)
+{
+#if MP_ARGCHK == 2
+ assert(mp1 != NULL && mp2 != NULL);
+#else
+ if (mp1 == NULL || mp2 == NULL)
+ return;
+#endif
+
+ s_mp_exch(mp1, mp2);
+
+} /* end mp_exch() */
+
+/* }}} */
+
+/* {{{ mp_clear(mp) */
+
+/*
+ mp_clear(mp)
+
+ Release the storage used by an mp_int, and void its fields so that
+ if someone calls mp_clear() again for the same int later, we won't
+ get tollchocked.
+ */
+
+void
+mp_clear(mp_int *mp)
+{
+ if (mp == NULL)
+ return;
+
+ if (DIGITS(mp) != NULL) {
+ s_mp_setz(DIGITS(mp), ALLOC(mp));
+ s_mp_free(DIGITS(mp));
+ DIGITS(mp) = NULL;
+ }
+
+ USED(mp) = 0;
+ ALLOC(mp) = 0;
+
+} /* end mp_clear() */
+
+/* }}} */
+
+/* {{{ mp_zero(mp) */
+
+/*
+ mp_zero(mp)
+
+ Set mp to zero. Does not change the allocated size of the structure,
+ and therefore cannot fail (except on a bad argument, which we ignore)
+ */
+void
+mp_zero(mp_int *mp)
+{
+ if (mp == NULL)
+ return;
+
+ s_mp_setz(DIGITS(mp), ALLOC(mp));
+ USED(mp) = 1;
+ SIGN(mp) = ZPOS;
+
+} /* end mp_zero() */
+
+/* }}} */
+
+/* {{{ mp_set(mp, d) */
+
+void
+mp_set(mp_int *mp, mp_digit d)
+{
+ if (mp == NULL)
+ return;
+
+ mp_zero(mp);
+ DIGIT(mp, 0) = d;
+
+} /* end mp_set() */
+
+/* }}} */
+
+/* {{{ mp_set_int(mp, z) */
+
+mp_err
+mp_set_int(mp_int *mp, long z)
+{
+ int ix;
+ unsigned long v = labs(z);
+ mp_err res;
+
+ ARGCHK(mp != NULL, MP_BADARG);
+
+ mp_zero(mp);
+ if (z == 0)
+ return MP_OKAY; /* shortcut for zero */
+
+ if (sizeof v <= sizeof(mp_digit)) {
+ DIGIT(mp, 0) = v;
+ } else {
+ for (ix = sizeof(long) - 1; ix >= 0; ix--) {
+ if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
+ return res;
+
+ res = s_mp_add_d(mp, (mp_digit)((v >> (ix * CHAR_BIT)) & UCHAR_MAX));
+ if (res != MP_OKAY)
+ return res;
+ }
+ }
+ if (z < 0)
+ SIGN(mp) = NEG;
+
+ return MP_OKAY;
+
+} /* end mp_set_int() */
+
+/* }}} */
+
+/* {{{ mp_set_ulong(mp, z) */
+
+mp_err
+mp_set_ulong(mp_int *mp, unsigned long z)
+{
+ int ix;
+ mp_err res;
+
+ ARGCHK(mp != NULL, MP_BADARG);
+
+ mp_zero(mp);
+ if (z == 0)
+ return MP_OKAY; /* shortcut for zero */
+
+ if (sizeof z <= sizeof(mp_digit)) {
+ DIGIT(mp, 0) = z;
+ } else {
+ for (ix = sizeof(long) - 1; ix >= 0; ix--) {
+ if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
+ return res;
+
+ res = s_mp_add_d(mp, (mp_digit)((z >> (ix * CHAR_BIT)) & UCHAR_MAX));
+ if (res != MP_OKAY)
+ return res;
+ }
+ }
+ return MP_OKAY;
+} /* end mp_set_ulong() */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ Digit arithmetic */
+
+/* {{{ mp_add_d(a, d, b) */
+
+/*
+ mp_add_d(a, d, b)
+
+ Compute the sum b = a + d, for a single digit d. Respects the sign of
+ its primary addend (single digits are unsigned anyway).
+ */
+
+mp_err
+mp_add_d(const mp_int *a, mp_digit d, mp_int *b)
+{
+ mp_int tmp;
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
+ return res;
+
+ if (SIGN(&tmp) == ZPOS) {
+ if ((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
+ goto CLEANUP;
+ } else if (s_mp_cmp_d(&tmp, d) >= 0) {
+ if ((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
+ goto CLEANUP;
+ } else {
+ mp_neg(&tmp, &tmp);
+
+ DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
+ }
+
+ if (s_mp_cmp_d(&tmp, 0) == 0)
+ SIGN(&tmp) = ZPOS;
+
+ s_mp_exch(&tmp, b);
+
+CLEANUP:
+ mp_clear(&tmp);
+ return res;
+
+} /* end mp_add_d() */
+
+/* }}} */
+
+/* {{{ mp_sub_d(a, d, b) */
+
+/*
+ mp_sub_d(a, d, b)
+
+ Compute the difference b = a - d, for a single digit d. Respects the
+ sign of its subtrahend (single digits are unsigned anyway).
+ */
+
+mp_err
+mp_sub_d(const mp_int *a, mp_digit d, mp_int *b)
+{
+ mp_int tmp;
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
+ return res;
+
+ if (SIGN(&tmp) == NEG) {
+ if ((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
+ goto CLEANUP;
+ } else if (s_mp_cmp_d(&tmp, d) >= 0) {
+ if ((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
+ goto CLEANUP;
+ } else {
+ mp_neg(&tmp, &tmp);
+
+ DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
+ SIGN(&tmp) = NEG;
+ }
+
+ if (s_mp_cmp_d(&tmp, 0) == 0)
+ SIGN(&tmp) = ZPOS;
+
+ s_mp_exch(&tmp, b);
+
+CLEANUP:
+ mp_clear(&tmp);
+ return res;
+
+} /* end mp_sub_d() */
+
+/* }}} */
+
+/* {{{ mp_mul_d(a, d, b) */
+
+/*
+ mp_mul_d(a, d, b)
+
+ Compute the product b = a * d, for a single digit d. Respects the sign
+ of its multiplicand (single digits are unsigned anyway)
+ */
+
+mp_err
+mp_mul_d(const mp_int *a, mp_digit d, mp_int *b)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if (d == 0) {
+ mp_zero(b);
+ return MP_OKAY;
+ }
+
+ if ((res = mp_copy(a, b)) != MP_OKAY)
+ return res;
+
+ res = s_mp_mul_d(b, d);
+
+ return res;
+
+} /* end mp_mul_d() */
+
+/* }}} */
+
+/* {{{ mp_mul_2(a, c) */
+
+mp_err
+mp_mul_2(const mp_int *a, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, c)) != MP_OKAY)
+ return res;
+
+ return s_mp_mul_2(c);
+
+} /* end mp_mul_2() */
+
+/* }}} */
+
+/* {{{ mp_div_d(a, d, q, r) */
+
+/*
+ mp_div_d(a, d, q, r)
+
+ Compute the quotient q = a / d and remainder r = a mod d, for a
+ single digit d. Respects the sign of its divisor (single digits are
+ unsigned anyway).
+ */
+
+mp_err
+mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r)
+{
+ mp_err res;
+ mp_int qp;
+ mp_digit rem = 0;
+ int pow;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ if (d == 0)
+ return MP_RANGE;
+
+ /* Shortcut for powers of two ... */
+ if ((pow = s_mp_ispow2d(d)) >= 0) {
+ mp_digit mask;
+
+ mask = ((mp_digit)1 << pow) - 1;
+ rem = DIGIT(a, 0) & mask;
+
+ if (q) {
+ if ((res = mp_copy(a, q)) != MP_OKAY) {
+ return res;
+ }
+ s_mp_div_2d(q, pow);
+ }
+
+ if (r)
+ *r = rem;
+
+ return MP_OKAY;
+ }
+
+ if ((res = mp_init_copy(&qp, a)) != MP_OKAY)
+ return res;
+
+ res = s_mp_div_d(&qp, d, &rem);
+
+ if (s_mp_cmp_d(&qp, 0) == 0)
+ SIGN(q) = ZPOS;
+
+ if (r) {
+ *r = rem;
+ }
+
+ if (q)
+ s_mp_exch(&qp, q);
+
+ mp_clear(&qp);
+ return res;
+
+} /* end mp_div_d() */
+
+/* }}} */
+
+/* {{{ mp_div_2(a, c) */
+
+/*
+ mp_div_2(a, c)
+
+ Compute c = a / 2, disregarding the remainder.
+ */
+
+mp_err
+mp_div_2(const mp_int *a, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, c)) != MP_OKAY)
+ return res;
+
+ s_mp_div_2(c);
+
+ return MP_OKAY;
+
+} /* end mp_div_2() */
+
+/* }}} */
+
+/* {{{ mp_expt_d(a, d, b) */
+
+mp_err
+mp_expt_d(const mp_int *a, mp_digit d, mp_int *c)
+{
+ mp_int s, x;
+ mp_err res;
+
+ ARGCHK(a != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_init(&s)) != MP_OKAY)
+ return res;
+ if ((res = mp_init_copy(&x, a)) != MP_OKAY)
+ goto X;
+
+ DIGIT(&s, 0) = 1;
+
+ while (d != 0) {
+ if (d & 1) {
+ if ((res = s_mp_mul(&s, &x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ d /= 2;
+
+ if ((res = s_mp_sqr(&x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ s_mp_exch(&s, c);
+
+CLEANUP:
+ mp_clear(&x);
+X:
+ mp_clear(&s);
+
+ return res;
+
+} /* end mp_expt_d() */
+
+/* }}} */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ Full arithmetic */
+
+/* {{{ mp_abs(a, b) */
+
+/*
+ mp_abs(a, b)
+
+ Compute b = |a|. 'a' and 'b' may be identical.
+ */
+
+mp_err
+mp_abs(const mp_int *a, mp_int *b)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, b)) != MP_OKAY)
+ return res;
+
+ SIGN(b) = ZPOS;
+
+ return MP_OKAY;
+
+} /* end mp_abs() */
+
+/* }}} */
+
+/* {{{ mp_neg(a, b) */
+
+/*
+ mp_neg(a, b)
+
+ Compute b = -a. 'a' and 'b' may be identical.
+ */
+
+mp_err
+mp_neg(const mp_int *a, mp_int *b)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, b)) != MP_OKAY)
+ return res;
+
+ if (s_mp_cmp_d(b, 0) == MP_EQ)
+ SIGN(b) = ZPOS;
+ else
+ SIGN(b) = (SIGN(b) == NEG) ? ZPOS : NEG;
+
+ return MP_OKAY;
+
+} /* end mp_neg() */
+
+/* }}} */
+
+/* {{{ mp_add(a, b, c) */
+
+/*
+ mp_add(a, b, c)
+
+ Compute c = a + b. All parameters may be identical.
+ */
+
+mp_err
+mp_add(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (SIGN(a) == SIGN(b)) { /* same sign: add values, keep sign */
+ MP_CHECKOK(s_mp_add_3arg(a, b, c));
+ } else if (s_mp_cmp(a, b) >= 0) { /* different sign: |a| >= |b| */
+ MP_CHECKOK(s_mp_sub_3arg(a, b, c));
+ } else { /* different sign: |a| < |b| */
+ MP_CHECKOK(s_mp_sub_3arg(b, a, c));
+ }
+
+ if (s_mp_cmp_d(c, 0) == MP_EQ)
+ SIGN(c) = ZPOS;
+
+CLEANUP:
+ return res;
+
+} /* end mp_add() */
+
+/* }}} */
+
+/* {{{ mp_sub(a, b, c) */
+
+/*
+ mp_sub(a, b, c)
+
+ Compute c = a - b. All parameters may be identical.
+ */
+
+mp_err
+mp_sub(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_err res;
+ int magDiff;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (a == b) {
+ mp_zero(c);
+ return MP_OKAY;
+ }
+
+ if (MP_SIGN(a) != MP_SIGN(b)) {
+ MP_CHECKOK(s_mp_add_3arg(a, b, c));
+ } else if (!(magDiff = s_mp_cmp(a, b))) {
+ mp_zero(c);
+ res = MP_OKAY;
+ } else if (magDiff > 0) {
+ MP_CHECKOK(s_mp_sub_3arg(a, b, c));
+ } else {
+ MP_CHECKOK(s_mp_sub_3arg(b, a, c));
+ MP_SIGN(c) = !MP_SIGN(a);
+ }
+
+ if (s_mp_cmp_d(c, 0) == MP_EQ)
+ MP_SIGN(c) = MP_ZPOS;
+
+CLEANUP:
+ return res;
+
+} /* end mp_sub() */
+
+/* }}} */
+
+/* {{{ mp_mul(a, b, c) */
+
+/*
+ mp_mul(a, b, c)
+
+ Compute c = a * b. All parameters may be identical.
+ */
+mp_err
+mp_mul(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_digit *pb;
+ mp_int tmp;
+ mp_err res;
+ mp_size ib;
+ mp_size useda, usedb;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (a == c) {
+ if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
+ return res;
+ if (a == b)
+ b = &tmp;
+ a = &tmp;
+ } else if (b == c) {
+ if ((res = mp_init_copy(&tmp, b)) != MP_OKAY)
+ return res;
+ b = &tmp;
+ } else {
+ MP_DIGITS(&tmp) = 0;
+ }
+
+ if (MP_USED(a) < MP_USED(b)) {
+ const mp_int *xch = b; /* switch a and b, to do fewer outer loops */
+ b = a;
+ a = xch;
+ }
+
+ MP_USED(c) = 1;
+ MP_DIGIT(c, 0) = 0;
+ if ((res = s_mp_pad(c, USED(a) + USED(b))) != MP_OKAY)
+ goto CLEANUP;
+
+#ifdef NSS_USE_COMBA
+ if ((MP_USED(a) == MP_USED(b)) && IS_POWER_OF_2(MP_USED(b))) {
+ if (MP_USED(a) == 4) {
+ s_mp_mul_comba_4(a, b, c);
+ goto CLEANUP;
+ }
+ if (MP_USED(a) == 8) {
+ s_mp_mul_comba_8(a, b, c);
+ goto CLEANUP;
+ }
+ if (MP_USED(a) == 16) {
+ s_mp_mul_comba_16(a, b, c);
+ goto CLEANUP;
+ }
+ if (MP_USED(a) == 32) {
+ s_mp_mul_comba_32(a, b, c);
+ goto CLEANUP;
+ }
+ }
+#endif
+
+ pb = MP_DIGITS(b);
+ s_mpv_mul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c));
+
+ /* Outer loop: Digits of b */
+ useda = MP_USED(a);
+ usedb = MP_USED(b);
+ for (ib = 1; ib < usedb; ib++) {
+ mp_digit b_i = *pb++;
+
+ /* Inner product: Digits of a */
+ if (b_i)
+ s_mpv_mul_d_add(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
+ else
+ MP_DIGIT(c, ib + useda) = b_i;
+ }
+
+ s_mp_clamp(c);
+
+ if (SIGN(a) == SIGN(b) || s_mp_cmp_d(c, 0) == MP_EQ)
+ SIGN(c) = ZPOS;
+ else
+ SIGN(c) = NEG;
+
+CLEANUP:
+ mp_clear(&tmp);
+ return res;
+} /* end mp_mul() */
+
+/* }}} */
+
+/* {{{ mp_sqr(a, sqr) */
+
+#if MP_SQUARE
+/*
+ Computes the square of a. This can be done more
+ efficiently than a general multiplication, because many of the
+ computation steps are redundant when squaring. The inner product
+ step is a bit more complicated, but we save a fair number of
+ iterations of the multiplication loop.
+ */
+
+/* sqr = a^2; Caller provides both a and tmp; */
+mp_err
+mp_sqr(const mp_int *a, mp_int *sqr)
+{
+ mp_digit *pa;
+ mp_digit d;
+ mp_err res;
+ mp_size ix;
+ mp_int tmp;
+ int count;
+
+ ARGCHK(a != NULL && sqr != NULL, MP_BADARG);
+
+ if (a == sqr) {
+ if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
+ return res;
+ a = &tmp;
+ } else {
+ DIGITS(&tmp) = 0;
+ res = MP_OKAY;
+ }
+
+ ix = 2 * MP_USED(a);
+ if (ix > MP_ALLOC(sqr)) {
+ MP_USED(sqr) = 1;
+ MP_CHECKOK(s_mp_grow(sqr, ix));
+ }
+ MP_USED(sqr) = ix;
+ MP_DIGIT(sqr, 0) = 0;
+
+#ifdef NSS_USE_COMBA
+ if (IS_POWER_OF_2(MP_USED(a))) {
+ if (MP_USED(a) == 4) {
+ s_mp_sqr_comba_4(a, sqr);
+ goto CLEANUP;
+ }
+ if (MP_USED(a) == 8) {
+ s_mp_sqr_comba_8(a, sqr);
+ goto CLEANUP;
+ }
+ if (MP_USED(a) == 16) {
+ s_mp_sqr_comba_16(a, sqr);
+ goto CLEANUP;
+ }
+ if (MP_USED(a) == 32) {
+ s_mp_sqr_comba_32(a, sqr);
+ goto CLEANUP;
+ }
+ }
+#endif
+
+ pa = MP_DIGITS(a);
+ count = MP_USED(a) - 1;
+ if (count > 0) {
+ d = *pa++;
+ s_mpv_mul_d(pa, count, d, MP_DIGITS(sqr) + 1);
+ for (ix = 3; --count > 0; ix += 2) {
+ d = *pa++;
+ s_mpv_mul_d_add(pa, count, d, MP_DIGITS(sqr) + ix);
+ } /* for(ix ...) */
+ MP_DIGIT(sqr, MP_USED(sqr) - 1) = 0; /* above loop stopped short of this. */
+
+ /* now sqr *= 2 */
+ s_mp_mul_2(sqr);
+ } else {
+ MP_DIGIT(sqr, 1) = 0;
+ }
+
+ /* now add the squares of the digits of a to sqr. */
+ s_mpv_sqr_add_prop(MP_DIGITS(a), MP_USED(a), MP_DIGITS(sqr));
+
+ SIGN(sqr) = ZPOS;
+ s_mp_clamp(sqr);
+
+CLEANUP:
+ mp_clear(&tmp);
+ return res;
+
+} /* end mp_sqr() */
+#endif
+
+/* }}} */
+
+/* {{{ mp_div(a, b, q, r) */
+
+/*
+ mp_div(a, b, q, r)
+
+ Compute q = a / b and r = a mod b. Input parameters may be re-used
+ as output parameters. If q or r is NULL, that portion of the
+ computation will be discarded (although it will still be computed)
+ */
+mp_err
+mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r)
+{
+ mp_err res;
+ mp_int *pQ, *pR;
+ mp_int qtmp, rtmp, btmp;
+ int cmp;
+ mp_sign signA;
+ mp_sign signB;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ signA = MP_SIGN(a);
+ signB = MP_SIGN(b);
+
+ if (mp_cmp_z(b) == MP_EQ)
+ return MP_RANGE;
+
+ DIGITS(&qtmp) = 0;
+ DIGITS(&rtmp) = 0;
+ DIGITS(&btmp) = 0;
+
+ /* Set up some temporaries... */
+ if (!r || r == a || r == b) {
+ MP_CHECKOK(mp_init_copy(&rtmp, a));
+ pR = &rtmp;
+ } else {
+ MP_CHECKOK(mp_copy(a, r));
+ pR = r;
+ }
+
+ if (!q || q == a || q == b) {
+ MP_CHECKOK(mp_init_size(&qtmp, MP_USED(a)));
+ pQ = &qtmp;
+ } else {
+ MP_CHECKOK(s_mp_pad(q, MP_USED(a)));
+ pQ = q;
+ mp_zero(pQ);
+ }
+
+ /*
+ If |a| <= |b|, we can compute the solution without division;
+ otherwise, we actually do the work required.
+ */
+ if ((cmp = s_mp_cmp(a, b)) <= 0) {
+ if (cmp) {
+ /* r was set to a above. */
+ mp_zero(pQ);
+ } else {
+ mp_set(pQ, 1);
+ mp_zero(pR);
+ }
+ } else {
+ MP_CHECKOK(mp_init_copy(&btmp, b));
+ MP_CHECKOK(s_mp_div(pR, &btmp, pQ));
+ }
+
+ /* Compute the signs for the output */
+ MP_SIGN(pR) = signA; /* Sr = Sa */
+ /* Sq = ZPOS if Sa == Sb */ /* Sq = NEG if Sa != Sb */
+ MP_SIGN(pQ) = (signA == signB) ? ZPOS : NEG;
+
+ if (s_mp_cmp_d(pQ, 0) == MP_EQ)
+ SIGN(pQ) = ZPOS;
+ if (s_mp_cmp_d(pR, 0) == MP_EQ)
+ SIGN(pR) = ZPOS;
+
+ /* Copy output, if it is needed */
+ if (q && q != pQ)
+ s_mp_exch(pQ, q);
+
+ if (r && r != pR)
+ s_mp_exch(pR, r);
+
+CLEANUP:
+ mp_clear(&btmp);
+ mp_clear(&rtmp);
+ mp_clear(&qtmp);
+
+ return res;
+
+} /* end mp_div() */
+
+/* }}} */
+
+/* {{{ mp_div_2d(a, d, q, r) */
+
+mp_err
+mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ if (q) {
+ if ((res = mp_copy(a, q)) != MP_OKAY)
+ return res;
+ }
+ if (r) {
+ if ((res = mp_copy(a, r)) != MP_OKAY)
+ return res;
+ }
+ if (q) {
+ s_mp_div_2d(q, d);
+ }
+ if (r) {
+ s_mp_mod_2d(r, d);
+ }
+
+ return MP_OKAY;
+
+} /* end mp_div_2d() */
+
+/* }}} */
+
+/* {{{ mp_expt(a, b, c) */
+
+/*
+ mp_expt(a, b, c)
+
+ Compute c = a ** b, that is, raise a to the b power. Uses a
+ standard iterative square-and-multiply technique.
+ */
+
+mp_err
+mp_expt(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_int s, x;
+ mp_err res;
+ mp_digit d;
+ unsigned int dig, bit;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (mp_cmp_z(b) < 0)
+ return MP_RANGE;
+
+ if ((res = mp_init(&s)) != MP_OKAY)
+ return res;
+
+ mp_set(&s, 1);
+
+ if ((res = mp_init_copy(&x, a)) != MP_OKAY)
+ goto X;
+
+ /* Loop over low-order digits in ascending order */
+ for (dig = 0; dig < (USED(b) - 1); dig++) {
+ d = DIGIT(b, dig);
+
+ /* Loop over bits of each non-maximal digit */
+ for (bit = 0; bit < DIGIT_BIT; bit++) {
+ if (d & 1) {
+ if ((res = s_mp_mul(&s, &x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ d >>= 1;
+
+ if ((res = s_mp_sqr(&x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+ }
+
+ /* Consider now the last digit... */
+ d = DIGIT(b, dig);
+
+ while (d) {
+ if (d & 1) {
+ if ((res = s_mp_mul(&s, &x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ d >>= 1;
+
+ if ((res = s_mp_sqr(&x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ if (mp_iseven(b))
+ SIGN(&s) = SIGN(a);
+
+ res = mp_copy(&s, c);
+
+CLEANUP:
+ mp_clear(&x);
+X:
+ mp_clear(&s);
+
+ return res;
+
+} /* end mp_expt() */
+
+/* }}} */
+
+/* {{{ mp_2expt(a, k) */
+
+/* Compute a = 2^k */
+
+mp_err
+mp_2expt(mp_int *a, mp_digit k)
+{
+ ARGCHK(a != NULL, MP_BADARG);
+
+ return s_mp_2expt(a, k);
+
+} /* end mp_2expt() */
+
+/* }}} */
+
+/* {{{ mp_mod(a, m, c) */
+
+/*
+ mp_mod(a, m, c)
+
+ Compute c = a (mod m). Result will always be 0 <= c < m.
+ */
+
+mp_err
+mp_mod(const mp_int *a, const mp_int *m, mp_int *c)
+{
+ mp_err res;
+ int mag;
+
+ ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
+
+ if (SIGN(m) == NEG)
+ return MP_RANGE;
+
+ /*
+ If |a| > m, we need to divide to get the remainder and take the
+ absolute value.
+
+ If |a| < m, we don't need to do any division, just copy and adjust
+ the sign (if a is negative).
+
+ If |a| == m, we can simply set the result to zero.
+
+ This order is intended to minimize the average path length of the
+ comparison chain on common workloads -- the most frequent cases are
+ that |a| != m, so we do those first.
+ */
+ if ((mag = s_mp_cmp(a, m)) > 0) {
+ if ((res = mp_div(a, m, NULL, c)) != MP_OKAY)
+ return res;
+
+ if (SIGN(c) == NEG) {
+ if ((res = mp_add(c, m, c)) != MP_OKAY)
+ return res;
+ }
+
+ } else if (mag < 0) {
+ if ((res = mp_copy(a, c)) != MP_OKAY)
+ return res;
+
+ if (mp_cmp_z(a) < 0) {
+ if ((res = mp_add(c, m, c)) != MP_OKAY)
+ return res;
+ }
+
+ } else {
+ mp_zero(c);
+ }
+
+ return MP_OKAY;
+
+} /* end mp_mod() */
+
+/* }}} */
+
+/* {{{ mp_mod_d(a, d, c) */
+
+/*
+ mp_mod_d(a, d, c)
+
+ Compute c = a (mod d). Result will always be 0 <= c < d
+ */
+mp_err
+mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c)
+{
+ mp_err res;
+ mp_digit rem;
+
+ ARGCHK(a != NULL && c != NULL, MP_BADARG);
+
+ if (s_mp_cmp_d(a, d) > 0) {
+ if ((res = mp_div_d(a, d, NULL, &rem)) != MP_OKAY)
+ return res;
+
+ } else {
+ if (SIGN(a) == NEG)
+ rem = d - DIGIT(a, 0);
+ else
+ rem = DIGIT(a, 0);
+ }
+
+ if (c)
+ *c = rem;
+
+ return MP_OKAY;
+
+} /* end mp_mod_d() */
+
+/* }}} */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ Modular arithmetic */
+
+#if MP_MODARITH
+/* {{{ mp_addmod(a, b, m, c) */
+
+/*
+ mp_addmod(a, b, m, c)
+
+ Compute c = (a + b) mod m
+ */
+
+mp_err
+mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_add(a, b, c)) != MP_OKAY)
+ return res;
+ if ((res = mp_mod(c, m, c)) != MP_OKAY)
+ return res;
+
+ return MP_OKAY;
+}
+
+/* }}} */
+
+/* {{{ mp_submod(a, b, m, c) */
+
+/*
+ mp_submod(a, b, m, c)
+
+ Compute c = (a - b) mod m
+ */
+
+mp_err
+mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_sub(a, b, c)) != MP_OKAY)
+ return res;
+ if ((res = mp_mod(c, m, c)) != MP_OKAY)
+ return res;
+
+ return MP_OKAY;
+}
+
+/* }}} */
+
+/* {{{ mp_mulmod(a, b, m, c) */
+
+/*
+ mp_mulmod(a, b, m, c)
+
+ Compute c = (a * b) mod m
+ */
+
+mp_err
+mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_mul(a, b, c)) != MP_OKAY)
+ return res;
+ if ((res = mp_mod(c, m, c)) != MP_OKAY)
+ return res;
+
+ return MP_OKAY;
+}
+
+/* }}} */
+
+/* {{{ mp_sqrmod(a, m, c) */
+
+#if MP_SQUARE
+mp_err
+mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_sqr(a, c)) != MP_OKAY)
+ return res;
+ if ((res = mp_mod(c, m, c)) != MP_OKAY)
+ return res;
+
+ return MP_OKAY;
+
+} /* end mp_sqrmod() */
+#endif
+
+/* }}} */
+
+/* {{{ s_mp_exptmod(a, b, m, c) */
+
+/*
+ s_mp_exptmod(a, b, m, c)
+
+ Compute c = (a ** b) mod m. Uses a standard square-and-multiply
+ method with modular reductions at each step. (This is basically the
+ same code as mp_expt(), except for the addition of the reductions)
+
+ The modular reductions are done using Barrett's algorithm (see
+ s_mp_reduce() below for details)
+ */
+
+mp_err
+s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
+{
+ mp_int s, x, mu;
+ mp_err res;
+ mp_digit d;
+ unsigned int dig, bit;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (mp_cmp_z(b) < 0 || mp_cmp_z(m) <= 0)
+ return MP_RANGE;
+
+ if ((res = mp_init(&s)) != MP_OKAY)
+ return res;
+ if ((res = mp_init_copy(&x, a)) != MP_OKAY ||
+ (res = mp_mod(&x, m, &x)) != MP_OKAY)
+ goto X;
+ if ((res = mp_init(&mu)) != MP_OKAY)
+ goto MU;
+
+ mp_set(&s, 1);
+
+ /* mu = b^2k / m */
+ if ((res = s_mp_add_d(&mu, 1)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = s_mp_lshd(&mu, 2 * USED(m))) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = mp_div(&mu, m, &mu, NULL)) != MP_OKAY)
+ goto CLEANUP;
+
+ /* Loop over digits of b in ascending order, except highest order */
+ for (dig = 0; dig < (USED(b) - 1); dig++) {
+ d = DIGIT(b, dig);
+
+ /* Loop over the bits of the lower-order digits */
+ for (bit = 0; bit < DIGIT_BIT; bit++) {
+ if (d & 1) {
+ if ((res = s_mp_mul(&s, &x)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ d >>= 1;
+
+ if ((res = s_mp_sqr(&x)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
+ goto CLEANUP;
+ }
+ }
+
+ /* Now do the last digit... */
+ d = DIGIT(b, dig);
+
+ while (d) {
+ if (d & 1) {
+ if ((res = s_mp_mul(&s, &x)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ d >>= 1;
+
+ if ((res = s_mp_sqr(&x)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ s_mp_exch(&s, c);
+
+CLEANUP:
+ mp_clear(&mu);
+MU:
+ mp_clear(&x);
+X:
+ mp_clear(&s);
+
+ return res;
+
+} /* end s_mp_exptmod() */
+
+/* }}} */
+
+/* {{{ mp_exptmod_d(a, d, m, c) */
+
+mp_err
+mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c)
+{
+ mp_int s, x;
+ mp_err res;
+
+ ARGCHK(a != NULL && c != NULL, MP_BADARG);
+
+ if ((res = mp_init(&s)) != MP_OKAY)
+ return res;
+ if ((res = mp_init_copy(&x, a)) != MP_OKAY)
+ goto X;
+
+ mp_set(&s, 1);
+
+ while (d != 0) {
+ if (d & 1) {
+ if ((res = s_mp_mul(&s, &x)) != MP_OKAY ||
+ (res = mp_mod(&s, m, &s)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ d /= 2;
+
+ if ((res = s_mp_sqr(&x)) != MP_OKAY ||
+ (res = mp_mod(&x, m, &x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ s_mp_exch(&s, c);
+
+CLEANUP:
+ mp_clear(&x);
+X:
+ mp_clear(&s);
+
+ return res;
+
+} /* end mp_exptmod_d() */
+
+/* }}} */
+#endif /* if MP_MODARITH */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ Comparison functions */
+
+/* {{{ mp_cmp_z(a) */
+
+/*
+ mp_cmp_z(a)
+
+ Compare a <=> 0. Returns <0 if a<0, 0 if a=0, >0 if a>0.
+ */
+
+int
+mp_cmp_z(const mp_int *a)
+{
+ if (SIGN(a) == NEG)
+ return MP_LT;
+ else if (USED(a) == 1 && DIGIT(a, 0) == 0)
+ return MP_EQ;
+ else
+ return MP_GT;
+
+} /* end mp_cmp_z() */
+
+/* }}} */
+
+/* {{{ mp_cmp_d(a, d) */
+
+/*
+ mp_cmp_d(a, d)
+
+ Compare a <=> d. Returns <0 if a<d, 0 if a=d, >0 if a>d
+ */
+
+int
+mp_cmp_d(const mp_int *a, mp_digit d)
+{
+ ARGCHK(a != NULL, MP_EQ);
+
+ if (SIGN(a) == NEG)
+ return MP_LT;
+
+ return s_mp_cmp_d(a, d);
+
+} /* end mp_cmp_d() */
+
+/* }}} */
+
+/* {{{ mp_cmp(a, b) */
+
+int
+mp_cmp(const mp_int *a, const mp_int *b)
+{
+ ARGCHK(a != NULL && b != NULL, MP_EQ);
+
+ if (SIGN(a) == SIGN(b)) {
+ int mag;
+
+ if ((mag = s_mp_cmp(a, b)) == MP_EQ)
+ return MP_EQ;
+
+ if (SIGN(a) == ZPOS)
+ return mag;
+ else
+ return -mag;
+
+ } else if (SIGN(a) == ZPOS) {
+ return MP_GT;
+ } else {
+ return MP_LT;
+ }
+
+} /* end mp_cmp() */
+
+/* }}} */
+
+/* {{{ mp_cmp_mag(a, b) */
+
+/*
+ mp_cmp_mag(a, b)
+
+ Compares |a| <=> |b|, and returns an appropriate comparison result
+ */
+
+int
+mp_cmp_mag(const mp_int *a, const mp_int *b)
+{
+ ARGCHK(a != NULL && b != NULL, MP_EQ);
+
+ return s_mp_cmp(a, b);
+
+} /* end mp_cmp_mag() */
+
+/* }}} */
+
+/* {{{ mp_isodd(a) */
+
+/*
+ mp_isodd(a)
+
+ Returns a true (non-zero) value if a is odd, false (zero) otherwise.
+ */
+int
+mp_isodd(const mp_int *a)
+{
+ ARGCHK(a != NULL, 0);
+
+ return (int)(DIGIT(a, 0) & 1);
+
+} /* end mp_isodd() */
+
+/* }}} */
+
+/* {{{ mp_iseven(a) */
+
+int
+mp_iseven(const mp_int *a)
+{
+ return !mp_isodd(a);
+
+} /* end mp_iseven() */
+
+/* }}} */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ Number theoretic functions */
+
+#if MP_NUMTH
+/* {{{ mp_gcd(a, b, c) */
+
+/*
+ Like the old mp_gcd() function, except computes the GCD using the
+ binary algorithm due to Josef Stein in 1961 (via Knuth).
+ */
+mp_err
+mp_gcd(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_err res;
+ mp_int u, v, t;
+ mp_size k = 0;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (mp_cmp_z(a) == MP_EQ && mp_cmp_z(b) == MP_EQ)
+ return MP_RANGE;
+ if (mp_cmp_z(a) == MP_EQ) {
+ return mp_copy(b, c);
+ } else if (mp_cmp_z(b) == MP_EQ) {
+ return mp_copy(a, c);
+ }
+
+ if ((res = mp_init(&t)) != MP_OKAY)
+ return res;
+ if ((res = mp_init_copy(&u, a)) != MP_OKAY)
+ goto U;
+ if ((res = mp_init_copy(&v, b)) != MP_OKAY)
+ goto V;
+
+ SIGN(&u) = ZPOS;
+ SIGN(&v) = ZPOS;
+
+ /* Divide out common factors of 2 until at least 1 of a, b is even */
+ while (mp_iseven(&u) && mp_iseven(&v)) {
+ s_mp_div_2(&u);
+ s_mp_div_2(&v);
+ ++k;
+ }
+
+ /* Initialize t */
+ if (mp_isodd(&u)) {
+ if ((res = mp_copy(&v, &t)) != MP_OKAY)
+ goto CLEANUP;
+
+ /* t = -v */
+ if (SIGN(&v) == ZPOS)
+ SIGN(&t) = NEG;
+ else
+ SIGN(&t) = ZPOS;
+
+ } else {
+ if ((res = mp_copy(&u, &t)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ for (;;) {
+ while (mp_iseven(&t)) {
+ s_mp_div_2(&t);
+ }
+
+ if (mp_cmp_z(&t) == MP_GT) {
+ if ((res = mp_copy(&t, &u)) != MP_OKAY)
+ goto CLEANUP;
+
+ } else {
+ if ((res = mp_copy(&t, &v)) != MP_OKAY)
+ goto CLEANUP;
+
+ /* v = -t */
+ if (SIGN(&t) == ZPOS)
+ SIGN(&v) = NEG;
+ else
+ SIGN(&v) = ZPOS;
+ }
+
+ if ((res = mp_sub(&u, &v, &t)) != MP_OKAY)
+ goto CLEANUP;
+
+ if (s_mp_cmp_d(&t, 0) == MP_EQ)
+ break;
+ }
+
+ s_mp_2expt(&v, k); /* v = 2^k */
+ res = mp_mul(&u, &v, c); /* c = u * v */
+
+CLEANUP:
+ mp_clear(&v);
+V:
+ mp_clear(&u);
+U:
+ mp_clear(&t);
+
+ return res;
+
+} /* end mp_gcd() */
+
+/* }}} */
+
+/* {{{ mp_lcm(a, b, c) */
+
+/* We compute the least common multiple using the rule:
+
+ ab = [a, b](a, b)
+
+ ... by computing the product, and dividing out the gcd.
+ */
+
+mp_err
+mp_lcm(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_int gcd, prod;
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ /* Set up temporaries */
+ if ((res = mp_init(&gcd)) != MP_OKAY)
+ return res;
+ if ((res = mp_init(&prod)) != MP_OKAY)
+ goto GCD;
+
+ if ((res = mp_mul(a, b, &prod)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = mp_gcd(a, b, &gcd)) != MP_OKAY)
+ goto CLEANUP;
+
+ res = mp_div(&prod, &gcd, c, NULL);
+
+CLEANUP:
+ mp_clear(&prod);
+GCD:
+ mp_clear(&gcd);
+
+ return res;
+
+} /* end mp_lcm() */
+
+/* }}} */
+
+/* {{{ mp_xgcd(a, b, g, x, y) */
+
+/*
+ mp_xgcd(a, b, g, x, y)
+
+ Compute g = (a, b) and values x and y satisfying Bezout's identity
+ (that is, ax + by = g). This uses the binary extended GCD algorithm
+ based on the Stein algorithm used for mp_gcd()
+ See algorithm 14.61 in Handbook of Applied Cryptogrpahy.
+ */
+
+mp_err
+mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y)
+{
+ mp_int gx, xc, yc, u, v, A, B, C, D;
+ mp_int *clean[9];
+ mp_err res;
+ int last = -1;
+
+ if (mp_cmp_z(b) == 0)
+ return MP_RANGE;
+
+ /* Initialize all these variables we need */
+ MP_CHECKOK(mp_init(&u));
+ clean[++last] = &u;
+ MP_CHECKOK(mp_init(&v));
+ clean[++last] = &v;
+ MP_CHECKOK(mp_init(&gx));
+ clean[++last] = &gx;
+ MP_CHECKOK(mp_init(&A));
+ clean[++last] = &A;
+ MP_CHECKOK(mp_init(&B));
+ clean[++last] = &B;
+ MP_CHECKOK(mp_init(&C));
+ clean[++last] = &C;
+ MP_CHECKOK(mp_init(&D));
+ clean[++last] = &D;
+ MP_CHECKOK(mp_init_copy(&xc, a));
+ clean[++last] = &xc;
+ mp_abs(&xc, &xc);
+ MP_CHECKOK(mp_init_copy(&yc, b));
+ clean[++last] = &yc;
+ mp_abs(&yc, &yc);
+
+ mp_set(&gx, 1);
+
+ /* Divide by two until at least one of them is odd */
+ while (mp_iseven(&xc) && mp_iseven(&yc)) {
+ mp_size nx = mp_trailing_zeros(&xc);
+ mp_size ny = mp_trailing_zeros(&yc);
+ mp_size n = MP_MIN(nx, ny);
+ s_mp_div_2d(&xc, n);
+ s_mp_div_2d(&yc, n);
+ MP_CHECKOK(s_mp_mul_2d(&gx, n));
+ }
+
+ MP_CHECKOK(mp_copy(&xc, &u));
+ MP_CHECKOK(mp_copy(&yc, &v));
+ mp_set(&A, 1);
+ mp_set(&D, 1);
+
+ /* Loop through binary GCD algorithm */
+ do {
+ while (mp_iseven(&u)) {
+ s_mp_div_2(&u);
+
+ if (mp_iseven(&A) && mp_iseven(&B)) {
+ s_mp_div_2(&A);
+ s_mp_div_2(&B);
+ } else {
+ MP_CHECKOK(mp_add(&A, &yc, &A));
+ s_mp_div_2(&A);
+ MP_CHECKOK(mp_sub(&B, &xc, &B));
+ s_mp_div_2(&B);
+ }
+ }
+
+ while (mp_iseven(&v)) {
+ s_mp_div_2(&v);
+
+ if (mp_iseven(&C) && mp_iseven(&D)) {
+ s_mp_div_2(&C);
+ s_mp_div_2(&D);
+ } else {
+ MP_CHECKOK(mp_add(&C, &yc, &C));
+ s_mp_div_2(&C);
+ MP_CHECKOK(mp_sub(&D, &xc, &D));
+ s_mp_div_2(&D);
+ }
+ }
+
+ if (mp_cmp(&u, &v) >= 0) {
+ MP_CHECKOK(mp_sub(&u, &v, &u));
+ MP_CHECKOK(mp_sub(&A, &C, &A));
+ MP_CHECKOK(mp_sub(&B, &D, &B));
+ } else {
+ MP_CHECKOK(mp_sub(&v, &u, &v));
+ MP_CHECKOK(mp_sub(&C, &A, &C));
+ MP_CHECKOK(mp_sub(&D, &B, &D));
+ }
+ } while (mp_cmp_z(&u) != 0);
+
+ /* copy results to output */
+ if (x)
+ MP_CHECKOK(mp_copy(&C, x));
+
+ if (y)
+ MP_CHECKOK(mp_copy(&D, y));
+
+ if (g)
+ MP_CHECKOK(mp_mul(&gx, &v, g));
+
+CLEANUP:
+ while (last >= 0)
+ mp_clear(clean[last--]);
+
+ return res;
+
+} /* end mp_xgcd() */
+
+/* }}} */
+
+mp_size
+mp_trailing_zeros(const mp_int *mp)
+{
+ mp_digit d;
+ mp_size n = 0;
+ unsigned int ix;
+
+ if (!mp || !MP_DIGITS(mp) || !mp_cmp_z(mp))
+ return n;
+
+ for (ix = 0; !(d = MP_DIGIT(mp, ix)) && (ix < MP_USED(mp)); ++ix)
+ n += MP_DIGIT_BIT;
+ if (!d)
+ return 0; /* shouldn't happen, but ... */
+#if !defined(MP_USE_UINT_DIGIT)
+ if (!(d & 0xffffffffU)) {
+ d >>= 32;
+ n += 32;
+ }
+#endif
+ if (!(d & 0xffffU)) {
+ d >>= 16;
+ n += 16;
+ }
+ if (!(d & 0xffU)) {
+ d >>= 8;
+ n += 8;
+ }
+ if (!(d & 0xfU)) {
+ d >>= 4;
+ n += 4;
+ }
+ if (!(d & 0x3U)) {
+ d >>= 2;
+ n += 2;
+ }
+ if (!(d & 0x1U)) {
+ d >>= 1;
+ n += 1;
+ }
+#if MP_ARGCHK == 2
+ assert(0 != (d & 1));
+#endif
+ return n;
+}
+
+/* Given a and prime p, computes c and k such that a*c == 2**k (mod p).
+** Returns k (positive) or error (negative).
+** This technique from the paper "Fast Modular Reciprocals" (unpublished)
+** by Richard Schroeppel (a.k.a. Captain Nemo).
+*/
+mp_err
+s_mp_almost_inverse(const mp_int *a, const mp_int *p, mp_int *c)
+{
+ mp_err res;
+ mp_err k = 0;
+ mp_int d, f, g;
+
+ ARGCHK(a && p && c, MP_BADARG);
+
+ MP_DIGITS(&d) = 0;
+ MP_DIGITS(&f) = 0;
+ MP_DIGITS(&g) = 0;
+ MP_CHECKOK(mp_init(&d));
+ MP_CHECKOK(mp_init_copy(&f, a)); /* f = a */
+ MP_CHECKOK(mp_init_copy(&g, p)); /* g = p */
+
+ mp_set(c, 1);
+ mp_zero(&d);
+
+ if (mp_cmp_z(&f) == 0) {
+ res = MP_UNDEF;
+ } else
+ for (;;) {
+ int diff_sign;
+ while (mp_iseven(&f)) {
+ mp_size n = mp_trailing_zeros(&f);
+ if (!n) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+ s_mp_div_2d(&f, n);
+ MP_CHECKOK(s_mp_mul_2d(&d, n));
+ k += n;
+ }
+ if (mp_cmp_d(&f, 1) == MP_EQ) { /* f == 1 */
+ res = k;
+ break;
+ }
+ diff_sign = mp_cmp(&f, &g);
+ if (diff_sign < 0) { /* f < g */
+ s_mp_exch(&f, &g);
+ s_mp_exch(c, &d);
+ } else if (diff_sign == 0) { /* f == g */
+ res = MP_UNDEF; /* a and p are not relatively prime */
+ break;
+ }
+ if ((MP_DIGIT(&f, 0) % 4) == (MP_DIGIT(&g, 0) % 4)) {
+ MP_CHECKOK(mp_sub(&f, &g, &f)); /* f = f - g */
+ MP_CHECKOK(mp_sub(c, &d, c)); /* c = c - d */
+ } else {
+ MP_CHECKOK(mp_add(&f, &g, &f)); /* f = f + g */
+ MP_CHECKOK(mp_add(c, &d, c)); /* c = c + d */
+ }
+ }
+ if (res >= 0) {
+ while (MP_SIGN(c) != MP_ZPOS) {
+ MP_CHECKOK(mp_add(c, p, c));
+ }
+ res = k;
+ }
+
+CLEANUP:
+ mp_clear(&d);
+ mp_clear(&f);
+ mp_clear(&g);
+ return res;
+}
+
+/* Compute T = (P ** -1) mod MP_RADIX. Also works for 16-bit mp_digits.
+** This technique from the paper "Fast Modular Reciprocals" (unpublished)
+** by Richard Schroeppel (a.k.a. Captain Nemo).
+*/
+mp_digit
+s_mp_invmod_radix(mp_digit P)
+{
+ mp_digit T = P;
+ T *= 2 - (P * T);
+ T *= 2 - (P * T);
+ T *= 2 - (P * T);
+ T *= 2 - (P * T);
+#if !defined(MP_USE_UINT_DIGIT)
+ T *= 2 - (P * T);
+ T *= 2 - (P * T);
+#endif
+ return T;
+}
+
+/* Given c, k, and prime p, where a*c == 2**k (mod p),
+** Compute x = (a ** -1) mod p. This is similar to Montgomery reduction.
+** This technique from the paper "Fast Modular Reciprocals" (unpublished)
+** by Richard Schroeppel (a.k.a. Captain Nemo).
+*/
+mp_err
+s_mp_fixup_reciprocal(const mp_int *c, const mp_int *p, int k, mp_int *x)
+{
+ int k_orig = k;
+ mp_digit r;
+ mp_size ix;
+ mp_err res;
+
+ if (mp_cmp_z(c) < 0) { /* c < 0 */
+ MP_CHECKOK(mp_add(c, p, x)); /* x = c + p */
+ } else {
+ MP_CHECKOK(mp_copy(c, x)); /* x = c */
+ }
+
+ /* make sure x is large enough */
+ ix = MP_HOWMANY(k, MP_DIGIT_BIT) + MP_USED(p) + 1;
+ ix = MP_MAX(ix, MP_USED(x));
+ MP_CHECKOK(s_mp_pad(x, ix));
+
+ r = 0 - s_mp_invmod_radix(MP_DIGIT(p, 0));
+
+ for (ix = 0; k > 0; ix++) {
+ int j = MP_MIN(k, MP_DIGIT_BIT);
+ mp_digit v = r * MP_DIGIT(x, ix);
+ if (j < MP_DIGIT_BIT) {
+ v &= ((mp_digit)1 << j) - 1; /* v = v mod (2 ** j) */
+ }
+ s_mp_mul_d_add_offset(p, v, x, ix); /* x += p * v * (RADIX ** ix) */
+ k -= j;
+ }
+ s_mp_clamp(x);
+ s_mp_div_2d(x, k_orig);
+ res = MP_OKAY;
+
+CLEANUP:
+ return res;
+}
+
+/* compute mod inverse using Schroeppel's method, only if m is odd */
+mp_err
+s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c)
+{
+ int k;
+ mp_err res;
+ mp_int x;
+
+ ARGCHK(a && m && c, MP_BADARG);
+
+ if (mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
+ return MP_RANGE;
+ if (mp_iseven(m))
+ return MP_UNDEF;
+
+ MP_DIGITS(&x) = 0;
+
+ if (a == c) {
+ if ((res = mp_init_copy(&x, a)) != MP_OKAY)
+ return res;
+ if (a == m)
+ m = &x;
+ a = &x;
+ } else if (m == c) {
+ if ((res = mp_init_copy(&x, m)) != MP_OKAY)
+ return res;
+ m = &x;
+ } else {
+ MP_DIGITS(&x) = 0;
+ }
+
+ MP_CHECKOK(s_mp_almost_inverse(a, m, c));
+ k = res;
+ MP_CHECKOK(s_mp_fixup_reciprocal(c, m, k, c));
+CLEANUP:
+ mp_clear(&x);
+ return res;
+}
+
+/* Known good algorithm for computing modular inverse. But slow. */
+mp_err
+mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c)
+{
+ mp_int g, x;
+ mp_err res;
+
+ ARGCHK(a && m && c, MP_BADARG);
+
+ if (mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
+ return MP_RANGE;
+
+ MP_DIGITS(&g) = 0;
+ MP_DIGITS(&x) = 0;
+ MP_CHECKOK(mp_init(&x));
+ MP_CHECKOK(mp_init(&g));
+
+ MP_CHECKOK(mp_xgcd(a, m, &g, &x, NULL));
+
+ if (mp_cmp_d(&g, 1) != MP_EQ) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+
+ res = mp_mod(&x, m, c);
+ SIGN(c) = SIGN(a);
+
+CLEANUP:
+ mp_clear(&x);
+ mp_clear(&g);
+
+ return res;
+}
+
+/* modular inverse where modulus is 2**k. */
+/* c = a**-1 mod 2**k */
+mp_err
+s_mp_invmod_2d(const mp_int *a, mp_size k, mp_int *c)
+{
+ mp_err res;
+ mp_size ix = k + 4;
+ mp_int t0, t1, val, tmp, two2k;
+
+ static const mp_digit d2 = 2;
+ static const mp_int two = { MP_ZPOS, 1, 1, (mp_digit *)&d2 };
+
+ if (mp_iseven(a))
+ return MP_UNDEF;
+ if (k <= MP_DIGIT_BIT) {
+ mp_digit i = s_mp_invmod_radix(MP_DIGIT(a, 0));
+ if (k < MP_DIGIT_BIT)
+ i &= ((mp_digit)1 << k) - (mp_digit)1;
+ mp_set(c, i);
+ return MP_OKAY;
+ }
+ MP_DIGITS(&t0) = 0;
+ MP_DIGITS(&t1) = 0;
+ MP_DIGITS(&val) = 0;
+ MP_DIGITS(&tmp) = 0;
+ MP_DIGITS(&two2k) = 0;
+ MP_CHECKOK(mp_init_copy(&val, a));
+ s_mp_mod_2d(&val, k);
+ MP_CHECKOK(mp_init_copy(&t0, &val));
+ MP_CHECKOK(mp_init_copy(&t1, &t0));
+ MP_CHECKOK(mp_init(&tmp));
+ MP_CHECKOK(mp_init(&two2k));
+ MP_CHECKOK(s_mp_2expt(&two2k, k));
+ do {
+ MP_CHECKOK(mp_mul(&val, &t1, &tmp));
+ MP_CHECKOK(mp_sub(&two, &tmp, &tmp));
+ MP_CHECKOK(mp_mul(&t1, &tmp, &t1));
+ s_mp_mod_2d(&t1, k);
+ while (MP_SIGN(&t1) != MP_ZPOS) {
+ MP_CHECKOK(mp_add(&t1, &two2k, &t1));
+ }
+ if (mp_cmp(&t1, &t0) == MP_EQ)
+ break;
+ MP_CHECKOK(mp_copy(&t1, &t0));
+ } while (--ix > 0);
+ if (!ix) {
+ res = MP_UNDEF;
+ } else {
+ mp_exch(c, &t1);
+ }
+
+CLEANUP:
+ mp_clear(&t0);
+ mp_clear(&t1);
+ mp_clear(&val);
+ mp_clear(&tmp);
+ mp_clear(&two2k);
+ return res;
+}
+
+mp_err
+s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c)
+{
+ mp_err res;
+ mp_size k;
+ mp_int oddFactor, evenFactor; /* factors of the modulus */
+ mp_int oddPart, evenPart; /* parts to combine via CRT. */
+ mp_int C2, tmp1, tmp2;
+
+ /*static const mp_digit d1 = 1; */
+ /*static const mp_int one = { MP_ZPOS, 1, 1, (mp_digit *)&d1 }; */
+
+ if ((res = s_mp_ispow2(m)) >= 0) {
+ k = res;
+ return s_mp_invmod_2d(a, k, c);
+ }
+ MP_DIGITS(&oddFactor) = 0;
+ MP_DIGITS(&evenFactor) = 0;
+ MP_DIGITS(&oddPart) = 0;
+ MP_DIGITS(&evenPart) = 0;
+ MP_DIGITS(&C2) = 0;
+ MP_DIGITS(&tmp1) = 0;
+ MP_DIGITS(&tmp2) = 0;
+
+ MP_CHECKOK(mp_init_copy(&oddFactor, m)); /* oddFactor = m */
+ MP_CHECKOK(mp_init(&evenFactor));
+ MP_CHECKOK(mp_init(&oddPart));
+ MP_CHECKOK(mp_init(&evenPart));
+ MP_CHECKOK(mp_init(&C2));
+ MP_CHECKOK(mp_init(&tmp1));
+ MP_CHECKOK(mp_init(&tmp2));
+
+ k = mp_trailing_zeros(m);
+ s_mp_div_2d(&oddFactor, k);
+ MP_CHECKOK(s_mp_2expt(&evenFactor, k));
+
+ /* compute a**-1 mod oddFactor. */
+ MP_CHECKOK(s_mp_invmod_odd_m(a, &oddFactor, &oddPart));
+ /* compute a**-1 mod evenFactor, where evenFactor == 2**k. */
+ MP_CHECKOK(s_mp_invmod_2d(a, k, &evenPart));
+
+ /* Use Chinese Remainer theorem to compute a**-1 mod m. */
+ /* let m1 = oddFactor, v1 = oddPart,
+ * let m2 = evenFactor, v2 = evenPart.
+ */
+
+ /* Compute C2 = m1**-1 mod m2. */
+ MP_CHECKOK(s_mp_invmod_2d(&oddFactor, k, &C2));
+
+ /* compute u = (v2 - v1)*C2 mod m2 */
+ MP_CHECKOK(mp_sub(&evenPart, &oddPart, &tmp1));
+ MP_CHECKOK(mp_mul(&tmp1, &C2, &tmp2));
+ s_mp_mod_2d(&tmp2, k);
+ while (MP_SIGN(&tmp2) != MP_ZPOS) {
+ MP_CHECKOK(mp_add(&tmp2, &evenFactor, &tmp2));
+ }
+
+ /* compute answer = v1 + u*m1 */
+ MP_CHECKOK(mp_mul(&tmp2, &oddFactor, c));
+ MP_CHECKOK(mp_add(&oddPart, c, c));
+ /* not sure this is necessary, but it's low cost if not. */
+ MP_CHECKOK(mp_mod(c, m, c));
+
+CLEANUP:
+ mp_clear(&oddFactor);
+ mp_clear(&evenFactor);
+ mp_clear(&oddPart);
+ mp_clear(&evenPart);
+ mp_clear(&C2);
+ mp_clear(&tmp1);
+ mp_clear(&tmp2);
+ return res;
+}
+
+/* {{{ mp_invmod(a, m, c) */
+
+/*
+ mp_invmod(a, m, c)
+
+ Compute c = a^-1 (mod m), if there is an inverse for a (mod m).
+ This is equivalent to the question of whether (a, m) = 1. If not,
+ MP_UNDEF is returned, and there is no inverse.
+ */
+
+mp_err
+mp_invmod(const mp_int *a, const mp_int *m, mp_int *c)
+{
+
+ ARGCHK(a && m && c, MP_BADARG);
+
+ if (mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
+ return MP_RANGE;
+
+ if (mp_isodd(m)) {
+ return s_mp_invmod_odd_m(a, m, c);
+ }
+ if (mp_iseven(a))
+ return MP_UNDEF; /* not invertable */
+
+ return s_mp_invmod_even_m(a, m, c);
+
+} /* end mp_invmod() */
+
+/* }}} */
+#endif /* if MP_NUMTH */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ mp_print(mp, ofp) */
+
+#if MP_IOFUNC
+/*
+ mp_print(mp, ofp)
+
+ Print a textual representation of the given mp_int on the output
+ stream 'ofp'. Output is generated using the internal radix.
+ */
+
+void
+mp_print(mp_int *mp, FILE *ofp)
+{
+ int ix;
+
+ if (mp == NULL || ofp == NULL)
+ return;
+
+ fputc((SIGN(mp) == NEG) ? '-' : '+', ofp);
+
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ fprintf(ofp, DIGIT_FMT, DIGIT(mp, ix));
+ }
+
+} /* end mp_print() */
+
+#endif /* if MP_IOFUNC */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* {{{ More I/O Functions */
+
+/* {{{ mp_read_raw(mp, str, len) */
+
+/*
+ mp_read_raw(mp, str, len)
+
+ Read in a raw value (base 256) into the given mp_int
+ */
+
+mp_err
+mp_read_raw(mp_int *mp, char *str, int len)
+{
+ int ix;
+ mp_err res;
+ unsigned char *ustr = (unsigned char *)str;
+
+ ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
+
+ mp_zero(mp);
+
+ /* Get sign from first byte */
+ if (ustr[0])
+ SIGN(mp) = NEG;
+ else
+ SIGN(mp) = ZPOS;
+
+ /* Read the rest of the digits */
+ for (ix = 1; ix < len; ix++) {
+ if ((res = mp_mul_d(mp, 256, mp)) != MP_OKAY)
+ return res;
+ if ((res = mp_add_d(mp, ustr[ix], mp)) != MP_OKAY)
+ return res;
+ }
+
+ return MP_OKAY;
+
+} /* end mp_read_raw() */
+
+/* }}} */
+
+/* {{{ mp_raw_size(mp) */
+
+int
+mp_raw_size(mp_int *mp)
+{
+ ARGCHK(mp != NULL, 0);
+
+ return (USED(mp) * sizeof(mp_digit)) + 1;
+
+} /* end mp_raw_size() */
+
+/* }}} */
+
+/* {{{ mp_toraw(mp, str) */
+
+mp_err
+mp_toraw(mp_int *mp, char *str)
+{
+ int ix, jx, pos = 1;
+
+ ARGCHK(mp != NULL && str != NULL, MP_BADARG);
+
+ str[0] = (char)SIGN(mp);
+
+ /* Iterate over each digit... */
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ mp_digit d = DIGIT(mp, ix);
+
+ /* Unpack digit bytes, high order first */
+ for (jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
+ str[pos++] = (char)(d >> (jx * CHAR_BIT));
+ }
+ }
+
+ return MP_OKAY;
+
+} /* end mp_toraw() */
+
+/* }}} */
+
+/* {{{ mp_read_radix(mp, str, radix) */
+
+/*
+ mp_read_radix(mp, str, radix)
+
+ Read an integer from the given string, and set mp to the resulting
+ value. The input is presumed to be in base 10. Leading non-digit
+ characters are ignored, and the function reads until a non-digit
+ character or the end of the string.
+ */
+
+mp_err
+mp_read_radix(mp_int *mp, const char *str, int radix)
+{
+ int ix = 0, val = 0;
+ mp_err res;
+ mp_sign sig = ZPOS;
+
+ ARGCHK(mp != NULL && str != NULL && radix >= 2 && radix <= MAX_RADIX,
+ MP_BADARG);
+
+ mp_zero(mp);
+
+ /* Skip leading non-digit characters until a digit or '-' or '+' */
+ while (str[ix] &&
+ (s_mp_tovalue(str[ix], radix) < 0) &&
+ str[ix] != '-' &&
+ str[ix] != '+') {
+ ++ix;
+ }
+
+ if (str[ix] == '-') {
+ sig = NEG;
+ ++ix;
+ } else if (str[ix] == '+') {
+ sig = ZPOS; /* this is the default anyway... */
+ ++ix;
+ }
+
+ while ((val = s_mp_tovalue(str[ix], radix)) >= 0) {
+ if ((res = s_mp_mul_d(mp, radix)) != MP_OKAY)
+ return res;
+ if ((res = s_mp_add_d(mp, val)) != MP_OKAY)
+ return res;
+ ++ix;
+ }
+
+ if (s_mp_cmp_d(mp, 0) == MP_EQ)
+ SIGN(mp) = ZPOS;
+ else
+ SIGN(mp) = sig;
+
+ return MP_OKAY;
+
+} /* end mp_read_radix() */
+
+mp_err
+mp_read_variable_radix(mp_int *a, const char *str, int default_radix)
+{
+ int radix = default_radix;
+ int cx;
+ mp_sign sig = ZPOS;
+ mp_err res;
+
+ /* Skip leading non-digit characters until a digit or '-' or '+' */
+ while ((cx = *str) != 0 &&
+ (s_mp_tovalue(cx, radix) < 0) &&
+ cx != '-' &&
+ cx != '+') {
+ ++str;
+ }
+
+ if (cx == '-') {
+ sig = NEG;
+ ++str;
+ } else if (cx == '+') {
+ sig = ZPOS; /* this is the default anyway... */
+ ++str;
+ }
+
+ if (str[0] == '0') {
+ if ((str[1] | 0x20) == 'x') {
+ radix = 16;
+ str += 2;
+ } else {
+ radix = 8;
+ str++;
+ }
+ }
+ res = mp_read_radix(a, str, radix);
+ if (res == MP_OKAY) {
+ MP_SIGN(a) = (s_mp_cmp_d(a, 0) == MP_EQ) ? ZPOS : sig;
+ }
+ return res;
+}
+
+/* }}} */
+
+/* {{{ mp_radix_size(mp, radix) */
+
+int
+mp_radix_size(mp_int *mp, int radix)
+{
+ int bits;
+
+ if (!mp || radix < 2 || radix > MAX_RADIX)
+ return 0;
+
+ bits = USED(mp) * DIGIT_BIT - 1;
+
+ return s_mp_outlen(bits, radix);
+
+} /* end mp_radix_size() */
+
+/* }}} */
+
+/* {{{ mp_toradix(mp, str, radix) */
+
+mp_err
+mp_toradix(mp_int *mp, char *str, int radix)
+{
+ int ix, pos = 0;
+
+ ARGCHK(mp != NULL && str != NULL, MP_BADARG);
+ ARGCHK(radix > 1 && radix <= MAX_RADIX, MP_RANGE);
+
+ if (mp_cmp_z(mp) == MP_EQ) {
+ str[0] = '0';
+ str[1] = '\0';
+ } else {
+ mp_err res;
+ mp_int tmp;
+ mp_sign sgn;
+ mp_digit rem, rdx = (mp_digit)radix;
+ char ch;
+
+ if ((res = mp_init_copy(&tmp, mp)) != MP_OKAY)
+ return res;
+
+ /* Save sign for later, and take absolute value */
+ sgn = SIGN(&tmp);
+ SIGN(&tmp) = ZPOS;
+
+ /* Generate output digits in reverse order */
+ while (mp_cmp_z(&tmp) != 0) {
+ if ((res = mp_div_d(&tmp, rdx, &tmp, &rem)) != MP_OKAY) {
+ mp_clear(&tmp);
+ return res;
+ }
+
+ /* Generate digits, use capital letters */
+ ch = s_mp_todigit(rem, radix, 0);
+
+ str[pos++] = ch;
+ }
+
+ /* Add - sign if original value was negative */
+ if (sgn == NEG)
+ str[pos++] = '-';
+
+ /* Add trailing NUL to end the string */
+ str[pos--] = '\0';
+
+ /* Reverse the digits and sign indicator */
+ ix = 0;
+ while (ix < pos) {
+ char tmp = str[ix];
+
+ str[ix] = str[pos];
+ str[pos] = tmp;
+ ++ix;
+ --pos;
+ }
+
+ mp_clear(&tmp);
+ }
+
+ return MP_OKAY;
+
+} /* end mp_toradix() */
+
+/* }}} */
+
+/* {{{ mp_tovalue(ch, r) */
+
+int
+mp_tovalue(char ch, int r)
+{
+ return s_mp_tovalue(ch, r);
+
+} /* end mp_tovalue() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ mp_strerror(ec) */
+
+/*
+ mp_strerror(ec)
+
+ Return a string describing the meaning of error code 'ec'. The
+ string returned is allocated in static memory, so the caller should
+ not attempt to modify or free the memory associated with this
+ string.
+ */
+const char *
+mp_strerror(mp_err ec)
+{
+ int aec = (ec < 0) ? -ec : ec;
+
+ /* Code values are negative, so the senses of these comparisons
+ are accurate */
+ if (ec < MP_LAST_CODE || ec > MP_OKAY) {
+ return mp_err_string[0]; /* unknown error code */
+ } else {
+ return mp_err_string[aec + 1];
+ }
+
+} /* end mp_strerror() */
+
+/* }}} */
+
+/*========================================================================*/
+/*------------------------------------------------------------------------*/
+/* Static function definitions (internal use only) */
+
+/* {{{ Memory management */
+
+/* {{{ s_mp_grow(mp, min) */
+
+/* Make sure there are at least 'min' digits allocated to mp */
+mp_err
+s_mp_grow(mp_int *mp, mp_size min)
+{
+ if (min > ALLOC(mp)) {
+ mp_digit *tmp;
+
+ /* Set min to next nearest default precision block size */
+ min = MP_ROUNDUP(min, s_mp_defprec);
+
+ if ((tmp = s_mp_alloc(min, sizeof(mp_digit))) == NULL)
+ return MP_MEM;
+
+ s_mp_copy(DIGITS(mp), tmp, USED(mp));
+
+ s_mp_setz(DIGITS(mp), ALLOC(mp));
+ s_mp_free(DIGITS(mp));
+ DIGITS(mp) = tmp;
+ ALLOC(mp) = min;
+ }
+
+ return MP_OKAY;
+
+} /* end s_mp_grow() */
+
+/* }}} */
+
+/* {{{ s_mp_pad(mp, min) */
+
+/* Make sure the used size of mp is at least 'min', growing if needed */
+mp_err
+s_mp_pad(mp_int *mp, mp_size min)
+{
+ if (min > USED(mp)) {
+ mp_err res;
+
+ /* Make sure there is room to increase precision */
+ if (min > ALLOC(mp)) {
+ if ((res = s_mp_grow(mp, min)) != MP_OKAY)
+ return res;
+ } else {
+ s_mp_setz(DIGITS(mp) + USED(mp), min - USED(mp));
+ }
+
+ /* Increase precision; should already be 0-filled */
+ USED(mp) = min;
+ }
+
+ return MP_OKAY;
+
+} /* end s_mp_pad() */
+
+/* }}} */
+
+/* {{{ s_mp_setz(dp, count) */
+
+/* Set 'count' digits pointed to by dp to be zeroes */
+void
+s_mp_setz(mp_digit *dp, mp_size count)
+{
+#if MP_MEMSET == 0
+ int ix;
+
+ for (ix = 0; ix < count; ix++)
+ dp[ix] = 0;
+#else
+ memset(dp, 0, count * sizeof(mp_digit));
+#endif
+
+} /* end s_mp_setz() */
+
+/* }}} */
+
+/* {{{ s_mp_copy(sp, dp, count) */
+
+/* Copy 'count' digits from sp to dp */
+void
+s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count)
+{
+#if MP_MEMCPY == 0
+ int ix;
+
+ for (ix = 0; ix < count; ix++)
+ dp[ix] = sp[ix];
+#else
+ memcpy(dp, sp, count * sizeof(mp_digit));
+#endif
+} /* end s_mp_copy() */
+
+/* }}} */
+
+/* {{{ s_mp_alloc(nb, ni) */
+
+/* Allocate ni records of nb bytes each, and return a pointer to that */
+void *
+s_mp_alloc(size_t nb, size_t ni)
+{
+ return calloc(nb, ni);
+
+} /* end s_mp_alloc() */
+
+/* }}} */
+
+/* {{{ s_mp_free(ptr) */
+
+/* Free the memory pointed to by ptr */
+void
+s_mp_free(void *ptr)
+{
+ if (ptr) {
+ free(ptr);
+ }
+} /* end s_mp_free() */
+
+/* }}} */
+
+/* {{{ s_mp_clamp(mp) */
+
+/* Remove leading zeroes from the given value */
+void
+s_mp_clamp(mp_int *mp)
+{
+ mp_size used = MP_USED(mp);
+ while (used > 1 && DIGIT(mp, used - 1) == 0)
+ --used;
+ MP_USED(mp) = used;
+} /* end s_mp_clamp() */
+
+/* }}} */
+
+/* {{{ s_mp_exch(a, b) */
+
+/* Exchange the data for a and b; (b, a) = (a, b) */
+void
+s_mp_exch(mp_int *a, mp_int *b)
+{
+ mp_int tmp;
+
+ tmp = *a;
+ *a = *b;
+ *b = tmp;
+
+} /* end s_mp_exch() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ Arithmetic helpers */
+
+/* {{{ s_mp_lshd(mp, p) */
+
+/*
+ Shift mp leftward by p digits, growing if needed, and zero-filling
+ the in-shifted digits at the right end. This is a convenient
+ alternative to multiplication by powers of the radix
+ */
+
+mp_err
+s_mp_lshd(mp_int *mp, mp_size p)
+{
+ mp_err res;
+ unsigned int ix;
+
+ if (p == 0)
+ return MP_OKAY;
+
+ if (MP_USED(mp) == 1 && MP_DIGIT(mp, 0) == 0)
+ return MP_OKAY;
+
+ if ((res = s_mp_pad(mp, USED(mp) + p)) != MP_OKAY)
+ return res;
+
+ /* Shift all the significant figures over as needed */
+ for (ix = USED(mp) - p; ix-- > 0;) {
+ DIGIT(mp, ix + p) = DIGIT(mp, ix);
+ }
+
+ /* Fill the bottom digits with zeroes */
+ for (ix = 0; (mp_size)ix < p; ix++)
+ DIGIT(mp, ix) = 0;
+
+ return MP_OKAY;
+
+} /* end s_mp_lshd() */
+
+/* }}} */
+
+/* {{{ s_mp_mul_2d(mp, d) */
+
+/*
+ Multiply the integer by 2^d, where d is a number of bits. This
+ amounts to a bitwise shift of the value.
+ */
+mp_err
+s_mp_mul_2d(mp_int *mp, mp_digit d)
+{
+ mp_err res;
+ mp_digit dshift, bshift;
+ mp_digit mask;
+
+ ARGCHK(mp != NULL, MP_BADARG);
+
+ dshift = d / MP_DIGIT_BIT;
+ bshift = d % MP_DIGIT_BIT;
+ /* bits to be shifted out of the top word */
+ if (bshift) {
+ mask = (mp_digit)~0 << (MP_DIGIT_BIT - bshift);
+ mask &= MP_DIGIT(mp, MP_USED(mp) - 1);
+ } else {
+ mask = 0;
+ }
+
+ if (MP_OKAY != (res = s_mp_pad(mp, MP_USED(mp) + dshift + (mask != 0))))
+ return res;
+
+ if (dshift && MP_OKAY != (res = s_mp_lshd(mp, dshift)))
+ return res;
+
+ if (bshift) {
+ mp_digit *pa = MP_DIGITS(mp);
+ mp_digit *alim = pa + MP_USED(mp);
+ mp_digit prev = 0;
+
+ for (pa += dshift; pa < alim;) {
+ mp_digit x = *pa;
+ *pa++ = (x << bshift) | prev;
+ prev = x >> (DIGIT_BIT - bshift);
+ }
+ }
+
+ s_mp_clamp(mp);
+ return MP_OKAY;
+} /* end s_mp_mul_2d() */
+
+/* {{{ s_mp_rshd(mp, p) */
+
+/*
+ Shift mp rightward by p digits. Maintains the invariant that
+ digits above the precision are all zero. Digits shifted off the
+ end are lost. Cannot fail.
+ */
+
+void
+s_mp_rshd(mp_int *mp, mp_size p)
+{
+ mp_size ix;
+ mp_digit *src, *dst;
+
+ if (p == 0)
+ return;
+
+ /* Shortcut when all digits are to be shifted off */
+ if (p >= USED(mp)) {
+ s_mp_setz(DIGITS(mp), ALLOC(mp));
+ USED(mp) = 1;
+ SIGN(mp) = ZPOS;
+ return;
+ }
+
+ /* Shift all the significant figures over as needed */
+ dst = MP_DIGITS(mp);
+ src = dst + p;
+ for (ix = USED(mp) - p; ix > 0; ix--)
+ *dst++ = *src++;
+
+ MP_USED(mp) -= p;
+ /* Fill the top digits with zeroes */
+ while (p-- > 0)
+ *dst++ = 0;
+
+} /* end s_mp_rshd() */
+
+/* }}} */
+
+/* {{{ s_mp_div_2(mp) */
+
+/* Divide by two -- take advantage of radix properties to do it fast */
+void
+s_mp_div_2(mp_int *mp)
+{
+ s_mp_div_2d(mp, 1);
+
+} /* end s_mp_div_2() */
+
+/* }}} */
+
+/* {{{ s_mp_mul_2(mp) */
+
+mp_err
+s_mp_mul_2(mp_int *mp)
+{
+ mp_digit *pd;
+ unsigned int ix, used;
+ mp_digit kin = 0;
+
+ /* Shift digits leftward by 1 bit */
+ used = MP_USED(mp);
+ pd = MP_DIGITS(mp);
+ for (ix = 0; ix < used; ix++) {
+ mp_digit d = *pd;
+ *pd++ = (d << 1) | kin;
+ kin = (d >> (DIGIT_BIT - 1));
+ }
+
+ /* Deal with rollover from last digit */
+ if (kin) {
+ if (ix >= ALLOC(mp)) {
+ mp_err res;
+ if ((res = s_mp_grow(mp, ALLOC(mp) + 1)) != MP_OKAY)
+ return res;
+ }
+
+ DIGIT(mp, ix) = kin;
+ USED(mp) += 1;
+ }
+
+ return MP_OKAY;
+
+} /* end s_mp_mul_2() */
+
+/* }}} */
+
+/* {{{ s_mp_mod_2d(mp, d) */
+
+/*
+ Remainder the integer by 2^d, where d is a number of bits. This
+ amounts to a bitwise AND of the value, and does not require the full
+ division code
+ */
+void
+s_mp_mod_2d(mp_int *mp, mp_digit d)
+{
+ mp_size ndig = (d / DIGIT_BIT), nbit = (d % DIGIT_BIT);
+ mp_size ix;
+ mp_digit dmask;
+
+ if (ndig >= USED(mp))
+ return;
+
+ /* Flush all the bits above 2^d in its digit */
+ dmask = ((mp_digit)1 << nbit) - 1;
+ DIGIT(mp, ndig) &= dmask;
+
+ /* Flush all digits above the one with 2^d in it */
+ for (ix = ndig + 1; ix < USED(mp); ix++)
+ DIGIT(mp, ix) = 0;
+
+ s_mp_clamp(mp);
+
+} /* end s_mp_mod_2d() */
+
+/* }}} */
+
+/* {{{ s_mp_div_2d(mp, d) */
+
+/*
+ Divide the integer by 2^d, where d is a number of bits. This
+ amounts to a bitwise shift of the value, and does not require the
+ full division code (used in Barrett reduction, see below)
+ */
+void
+s_mp_div_2d(mp_int *mp, mp_digit d)
+{
+ int ix;
+ mp_digit save, next, mask;
+
+ s_mp_rshd(mp, d / DIGIT_BIT);
+ d %= DIGIT_BIT;
+ if (d) {
+ mask = ((mp_digit)1 << d) - 1;
+ save = 0;
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ next = DIGIT(mp, ix) & mask;
+ DIGIT(mp, ix) = (DIGIT(mp, ix) >> d) | (save << (DIGIT_BIT - d));
+ save = next;
+ }
+ }
+ s_mp_clamp(mp);
+
+} /* end s_mp_div_2d() */
+
+/* }}} */
+
+/* {{{ s_mp_norm(a, b, *d) */
+
+/*
+ s_mp_norm(a, b, *d)
+
+ Normalize a and b for division, where b is the divisor. In order
+ that we might make good guesses for quotient digits, we want the
+ leading digit of b to be at least half the radix, which we
+ accomplish by multiplying a and b by a power of 2. The exponent
+ (shift count) is placed in *pd, so that the remainder can be shifted
+ back at the end of the division process.
+ */
+
+mp_err
+s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd)
+{
+ mp_digit d;
+ mp_digit mask;
+ mp_digit b_msd;
+ mp_err res = MP_OKAY;
+
+ d = 0;
+ mask = DIGIT_MAX & ~(DIGIT_MAX >> 1); /* mask is msb of digit */
+ b_msd = DIGIT(b, USED(b) - 1);
+ while (!(b_msd & mask)) {
+ b_msd <<= 1;
+ ++d;
+ }
+
+ if (d) {
+ MP_CHECKOK(s_mp_mul_2d(a, d));
+ MP_CHECKOK(s_mp_mul_2d(b, d));
+ }
+
+ *pd = d;
+CLEANUP:
+ return res;
+
+} /* end s_mp_norm() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ Primitive digit arithmetic */
+
+/* {{{ s_mp_add_d(mp, d) */
+
+/* Add d to |mp| in place */
+mp_err s_mp_add_d(mp_int *mp, mp_digit d) /* unsigned digit addition */
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ mp_word w, k = 0;
+ mp_size ix = 1;
+
+ w = (mp_word)DIGIT(mp, 0) + d;
+ DIGIT(mp, 0) = ACCUM(w);
+ k = CARRYOUT(w);
+
+ while (ix < USED(mp) && k) {
+ w = (mp_word)DIGIT(mp, ix) + k;
+ DIGIT(mp, ix) = ACCUM(w);
+ k = CARRYOUT(w);
+ ++ix;
+ }
+
+ if (k != 0) {
+ mp_err res;
+
+ if ((res = s_mp_pad(mp, USED(mp) + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(mp, ix) = (mp_digit)k;
+ }
+
+ return MP_OKAY;
+#else
+ mp_digit *pmp = MP_DIGITS(mp);
+ mp_digit sum, mp_i, carry = 0;
+ mp_err res = MP_OKAY;
+ int used = (int)MP_USED(mp);
+
+ mp_i = *pmp;
+ *pmp++ = sum = d + mp_i;
+ carry = (sum < d);
+ while (carry && --used > 0) {
+ mp_i = *pmp;
+ *pmp++ = sum = carry + mp_i;
+ carry = !sum;
+ }
+ if (carry && !used) {
+ /* mp is growing */
+ used = MP_USED(mp);
+ MP_CHECKOK(s_mp_pad(mp, used + 1));
+ MP_DIGIT(mp, used) = carry;
+ }
+CLEANUP:
+ return res;
+#endif
+} /* end s_mp_add_d() */
+
+/* }}} */
+
+/* {{{ s_mp_sub_d(mp, d) */
+
+/* Subtract d from |mp| in place, assumes |mp| > d */
+mp_err s_mp_sub_d(mp_int *mp, mp_digit d) /* unsigned digit subtract */
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ mp_word w, b = 0;
+ mp_size ix = 1;
+
+ /* Compute initial subtraction */
+ w = (RADIX + (mp_word)DIGIT(mp, 0)) - d;
+ b = CARRYOUT(w) ? 0 : 1;
+ DIGIT(mp, 0) = ACCUM(w);
+
+ /* Propagate borrows leftward */
+ while (b && ix < USED(mp)) {
+ w = (RADIX + (mp_word)DIGIT(mp, ix)) - b;
+ b = CARRYOUT(w) ? 0 : 1;
+ DIGIT(mp, ix) = ACCUM(w);
+ ++ix;
+ }
+
+ /* Remove leading zeroes */
+ s_mp_clamp(mp);
+
+ /* If we have a borrow out, it's a violation of the input invariant */
+ if (b)
+ return MP_RANGE;
+ else
+ return MP_OKAY;
+#else
+ mp_digit *pmp = MP_DIGITS(mp);
+ mp_digit mp_i, diff, borrow;
+ mp_size used = MP_USED(mp);
+
+ mp_i = *pmp;
+ *pmp++ = diff = mp_i - d;
+ borrow = (diff > mp_i);
+ while (borrow && --used) {
+ mp_i = *pmp;
+ *pmp++ = diff = mp_i - borrow;
+ borrow = (diff > mp_i);
+ }
+ s_mp_clamp(mp);
+ return (borrow && !used) ? MP_RANGE : MP_OKAY;
+#endif
+} /* end s_mp_sub_d() */
+
+/* }}} */
+
+/* {{{ s_mp_mul_d(a, d) */
+
+/* Compute a = a * d, single digit multiplication */
+mp_err
+s_mp_mul_d(mp_int *a, mp_digit d)
+{
+ mp_err res;
+ mp_size used;
+ int pow;
+
+ if (!d) {
+ mp_zero(a);
+ return MP_OKAY;
+ }
+ if (d == 1)
+ return MP_OKAY;
+ if (0 <= (pow = s_mp_ispow2d(d))) {
+ return s_mp_mul_2d(a, (mp_digit)pow);
+ }
+
+ used = MP_USED(a);
+ MP_CHECKOK(s_mp_pad(a, used + 1));
+
+ s_mpv_mul_d(MP_DIGITS(a), used, d, MP_DIGITS(a));
+
+ s_mp_clamp(a);
+
+CLEANUP:
+ return res;
+
+} /* end s_mp_mul_d() */
+
+/* }}} */
+
+/* {{{ s_mp_div_d(mp, d, r) */
+
+/*
+ s_mp_div_d(mp, d, r)
+
+ Compute the quotient mp = mp / d and remainder r = mp mod d, for a
+ single digit d. If r is null, the remainder will be discarded.
+ */
+
+mp_err
+s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r)
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
+ mp_word w = 0, q;
+#else
+ mp_digit w = 0, q;
+#endif
+ int ix;
+ mp_err res;
+ mp_int quot;
+ mp_int rem;
+
+ if (d == 0)
+ return MP_RANGE;
+ if (d == 1) {
+ if (r)
+ *r = 0;
+ return MP_OKAY;
+ }
+ /* could check for power of 2 here, but mp_div_d does that. */
+ if (MP_USED(mp) == 1) {
+ mp_digit n = MP_DIGIT(mp, 0);
+ mp_digit rem;
+
+ q = n / d;
+ rem = n % d;
+ MP_DIGIT(mp, 0) = q;
+ if (r)
+ *r = rem;
+ return MP_OKAY;
+ }
+
+ MP_DIGITS(&rem) = 0;
+ MP_DIGITS(&quot) = 0;
+ /* Make room for the quotient */
+ MP_CHECKOK(mp_init_size(&quot, USED(mp)));
+
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ w = (w << DIGIT_BIT) | DIGIT(mp, ix);
+
+ if (w >= d) {
+ q = w / d;
+ w = w % d;
+ } else {
+ q = 0;
+ }
+
+ s_mp_lshd(&quot, 1);
+ DIGIT(&quot, 0) = (mp_digit)q;
+ }
+#else
+ {
+ mp_digit p;
+#if !defined(MP_ASSEMBLY_DIV_2DX1D)
+ mp_digit norm;
+#endif
+
+ MP_CHECKOK(mp_init_copy(&rem, mp));
+
+#if !defined(MP_ASSEMBLY_DIV_2DX1D)
+ MP_DIGIT(&quot, 0) = d;
+ MP_CHECKOK(s_mp_norm(&rem, &quot, &norm));
+ if (norm)
+ d <<= norm;
+ MP_DIGIT(&quot, 0) = 0;
+#endif
+
+ p = 0;
+ for (ix = USED(&rem) - 1; ix >= 0; ix--) {
+ w = DIGIT(&rem, ix);
+
+ if (p) {
+ MP_CHECKOK(s_mpv_div_2dx1d(p, w, d, &q, &w));
+ } else if (w >= d) {
+ q = w / d;
+ w = w % d;
+ } else {
+ q = 0;
+ }
+
+ MP_CHECKOK(s_mp_lshd(&quot, 1));
+ DIGIT(&quot, 0) = q;
+ p = w;
+ }
+#if !defined(MP_ASSEMBLY_DIV_2DX1D)
+ if (norm)
+ w >>= norm;
+#endif
+ }
+#endif
+
+ /* Deliver the remainder, if desired */
+ if (r) {
+ *r = (mp_digit)w;
+ }
+
+ s_mp_clamp(&quot);
+ mp_exch(&quot, mp);
+CLEANUP:
+ mp_clear(&quot);
+ mp_clear(&rem);
+
+ return res;
+} /* end s_mp_div_d() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ Primitive full arithmetic */
+
+/* {{{ s_mp_add(a, b) */
+
+/* Compute a = |a| + |b| */
+mp_err s_mp_add(mp_int *a, const mp_int *b) /* magnitude addition */
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ mp_word w = 0;
+#else
+ mp_digit d, sum, carry = 0;
+#endif
+ mp_digit *pa, *pb;
+ mp_size ix;
+ mp_size used;
+ mp_err res;
+
+ /* Make sure a has enough precision for the output value */
+ if ((USED(b) > USED(a)) && (res = s_mp_pad(a, USED(b))) != MP_OKAY)
+ return res;
+
+ /*
+ Add up all digits up to the precision of b. If b had initially
+ the same precision as a, or greater, we took care of it by the
+ padding step above, so there is no problem. If b had initially
+ less precision, we'll have to make sure the carry out is duly
+ propagated upward among the higher-order digits of the sum.
+ */
+ pa = MP_DIGITS(a);
+ pb = MP_DIGITS(b);
+ used = MP_USED(b);
+ for (ix = 0; ix < used; ix++) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ w = w + *pa + *pb++;
+ *pa++ = ACCUM(w);
+ w = CARRYOUT(w);
+#else
+ d = *pa;
+ sum = d + *pb++;
+ d = (sum < d); /* detect overflow */
+ *pa++ = sum += carry;
+ carry = d + (sum < carry); /* detect overflow */
+#endif
+ }
+
+ /* If we run out of 'b' digits before we're actually done, make
+ sure the carries get propagated upward...
+ */
+ used = MP_USED(a);
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ while (w && ix < used) {
+ w = w + *pa;
+ *pa++ = ACCUM(w);
+ w = CARRYOUT(w);
+ ++ix;
+ }
+#else
+ while (carry && ix < used) {
+ sum = carry + *pa;
+ *pa++ = sum;
+ carry = !sum;
+ ++ix;
+ }
+#endif
+
+/* If there's an overall carry out, increase precision and include
+ it. We could have done this initially, but why touch the memory
+ allocator unless we're sure we have to?
+ */
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ if (w) {
+ if ((res = s_mp_pad(a, used + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(a, ix) = (mp_digit)w;
+ }
+#else
+ if (carry) {
+ if ((res = s_mp_pad(a, used + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(a, used) = carry;
+ }
+#endif
+
+ return MP_OKAY;
+} /* end s_mp_add() */
+
+/* }}} */
+
+/* Compute c = |a| + |b| */ /* magnitude addition */
+mp_err
+s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_digit *pa, *pb, *pc;
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ mp_word w = 0;
+#else
+ mp_digit sum, carry = 0, d;
+#endif
+ mp_size ix;
+ mp_size used;
+ mp_err res;
+
+ MP_SIGN(c) = MP_SIGN(a);
+ if (MP_USED(a) < MP_USED(b)) {
+ const mp_int *xch = a;
+ a = b;
+ b = xch;
+ }
+
+ /* Make sure a has enough precision for the output value */
+ if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
+ return res;
+
+ /*
+ Add up all digits up to the precision of b. If b had initially
+ the same precision as a, or greater, we took care of it by the
+ exchange step above, so there is no problem. If b had initially
+ less precision, we'll have to make sure the carry out is duly
+ propagated upward among the higher-order digits of the sum.
+ */
+ pa = MP_DIGITS(a);
+ pb = MP_DIGITS(b);
+ pc = MP_DIGITS(c);
+ used = MP_USED(b);
+ for (ix = 0; ix < used; ix++) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ w = w + *pa++ + *pb++;
+ *pc++ = ACCUM(w);
+ w = CARRYOUT(w);
+#else
+ d = *pa++;
+ sum = d + *pb++;
+ d = (sum < d); /* detect overflow */
+ *pc++ = sum += carry;
+ carry = d + (sum < carry); /* detect overflow */
+#endif
+ }
+
+ /* If we run out of 'b' digits before we're actually done, make
+ sure the carries get propagated upward...
+ */
+ for (used = MP_USED(a); ix < used; ++ix) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ w = w + *pa++;
+ *pc++ = ACCUM(w);
+ w = CARRYOUT(w);
+#else
+ *pc++ = sum = carry + *pa++;
+ carry = (sum < carry);
+#endif
+ }
+
+/* If there's an overall carry out, increase precision and include
+ it. We could have done this initially, but why touch the memory
+ allocator unless we're sure we have to?
+ */
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ if (w) {
+ if ((res = s_mp_pad(c, used + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(c, used) = (mp_digit)w;
+ ++used;
+ }
+#else
+ if (carry) {
+ if ((res = s_mp_pad(c, used + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(c, used) = carry;
+ ++used;
+ }
+#endif
+ MP_USED(c) = used;
+ return MP_OKAY;
+}
+/* {{{ s_mp_add_offset(a, b, offset) */
+
+/* Compute a = |a| + ( |b| * (RADIX ** offset) ) */
+mp_err
+s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset)
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ mp_word w, k = 0;
+#else
+ mp_digit d, sum, carry = 0;
+#endif
+ mp_size ib;
+ mp_size ia;
+ mp_size lim;
+ mp_err res;
+
+ /* Make sure a has enough precision for the output value */
+ lim = MP_USED(b) + offset;
+ if ((lim > USED(a)) && (res = s_mp_pad(a, lim)) != MP_OKAY)
+ return res;
+
+ /*
+ Add up all digits up to the precision of b. If b had initially
+ the same precision as a, or greater, we took care of it by the
+ padding step above, so there is no problem. If b had initially
+ less precision, we'll have to make sure the carry out is duly
+ propagated upward among the higher-order digits of the sum.
+ */
+ lim = USED(b);
+ for (ib = 0, ia = offset; ib < lim; ib++, ia++) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ w = (mp_word)DIGIT(a, ia) + DIGIT(b, ib) + k;
+ DIGIT(a, ia) = ACCUM(w);
+ k = CARRYOUT(w);
+#else
+ d = MP_DIGIT(a, ia);
+ sum = d + MP_DIGIT(b, ib);
+ d = (sum < d);
+ MP_DIGIT(a, ia) = sum += carry;
+ carry = d + (sum < carry);
+#endif
+ }
+
+/* If we run out of 'b' digits before we're actually done, make
+ sure the carries get propagated upward...
+ */
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ for (lim = MP_USED(a); k && (ia < lim); ++ia) {
+ w = (mp_word)DIGIT(a, ia) + k;
+ DIGIT(a, ia) = ACCUM(w);
+ k = CARRYOUT(w);
+ }
+#else
+ for (lim = MP_USED(a); carry && (ia < lim); ++ia) {
+ d = MP_DIGIT(a, ia);
+ MP_DIGIT(a, ia) = sum = d + carry;
+ carry = (sum < d);
+ }
+#endif
+
+/* If there's an overall carry out, increase precision and include
+ it. We could have done this initially, but why touch the memory
+ allocator unless we're sure we have to?
+ */
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
+ if (k) {
+ if ((res = s_mp_pad(a, USED(a) + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(a, ia) = (mp_digit)k;
+ }
+#else
+ if (carry) {
+ if ((res = s_mp_pad(a, lim + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(a, lim) = carry;
+ }
+#endif
+ s_mp_clamp(a);
+
+ return MP_OKAY;
+
+} /* end s_mp_add_offset() */
+
+/* }}} */
+
+/* {{{ s_mp_sub(a, b) */
+
+/* Compute a = |a| - |b|, assumes |a| >= |b| */
+mp_err s_mp_sub(mp_int *a, const mp_int *b) /* magnitude subtract */
+{
+ mp_digit *pa, *pb, *limit;
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ mp_sword w = 0;
+#else
+ mp_digit d, diff, borrow = 0;
+#endif
+
+ /*
+ Subtract and propagate borrow. Up to the precision of b, this
+ accounts for the digits of b; after that, we just make sure the
+ carries get to the right place. This saves having to pad b out to
+ the precision of a just to make the loops work right...
+ */
+ pa = MP_DIGITS(a);
+ pb = MP_DIGITS(b);
+ limit = pb + MP_USED(b);
+ while (pb < limit) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ w = w + *pa - *pb++;
+ *pa++ = ACCUM(w);
+ w >>= MP_DIGIT_BIT;
+#else
+ d = *pa;
+ diff = d - *pb++;
+ d = (diff > d); /* detect borrow */
+ if (borrow && --diff == MP_DIGIT_MAX)
+ ++d;
+ *pa++ = diff;
+ borrow = d;
+#endif
+ }
+ limit = MP_DIGITS(a) + MP_USED(a);
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ while (w && pa < limit) {
+ w = w + *pa;
+ *pa++ = ACCUM(w);
+ w >>= MP_DIGIT_BIT;
+ }
+#else
+ while (borrow && pa < limit) {
+ d = *pa;
+ *pa++ = diff = d - borrow;
+ borrow = (diff > d);
+ }
+#endif
+
+ /* Clobber any leading zeroes we created */
+ s_mp_clamp(a);
+
+/*
+ If there was a borrow out, then |b| > |a| in violation
+ of our input invariant. We've already done the work,
+ but we'll at least complain about it...
+ */
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ return w ? MP_RANGE : MP_OKAY;
+#else
+ return borrow ? MP_RANGE : MP_OKAY;
+#endif
+} /* end s_mp_sub() */
+
+/* }}} */
+
+/* Compute c = |a| - |b|, assumes |a| >= |b| */ /* magnitude subtract */
+mp_err
+s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c)
+{
+ mp_digit *pa, *pb, *pc;
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ mp_sword w = 0;
+#else
+ mp_digit d, diff, borrow = 0;
+#endif
+ int ix, limit;
+ mp_err res;
+
+ MP_SIGN(c) = MP_SIGN(a);
+
+ /* Make sure a has enough precision for the output value */
+ if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
+ return res;
+
+ /*
+ Subtract and propagate borrow. Up to the precision of b, this
+ accounts for the digits of b; after that, we just make sure the
+ carries get to the right place. This saves having to pad b out to
+ the precision of a just to make the loops work right...
+ */
+ pa = MP_DIGITS(a);
+ pb = MP_DIGITS(b);
+ pc = MP_DIGITS(c);
+ limit = MP_USED(b);
+ for (ix = 0; ix < limit; ++ix) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ w = w + *pa++ - *pb++;
+ *pc++ = ACCUM(w);
+ w >>= MP_DIGIT_BIT;
+#else
+ d = *pa++;
+ diff = d - *pb++;
+ d = (diff > d);
+ if (borrow && --diff == MP_DIGIT_MAX)
+ ++d;
+ *pc++ = diff;
+ borrow = d;
+#endif
+ }
+ for (limit = MP_USED(a); ix < limit; ++ix) {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ w = w + *pa++;
+ *pc++ = ACCUM(w);
+ w >>= MP_DIGIT_BIT;
+#else
+ d = *pa++;
+ *pc++ = diff = d - borrow;
+ borrow = (diff > d);
+#endif
+ }
+
+ /* Clobber any leading zeroes we created */
+ MP_USED(c) = ix;
+ s_mp_clamp(c);
+
+/*
+ If there was a borrow out, then |b| > |a| in violation
+ of our input invariant. We've already done the work,
+ but we'll at least complain about it...
+ */
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
+ return w ? MP_RANGE : MP_OKAY;
+#else
+ return borrow ? MP_RANGE : MP_OKAY;
+#endif
+}
+/* {{{ s_mp_mul(a, b) */
+
+/* Compute a = |a| * |b| */
+mp_err
+s_mp_mul(mp_int *a, const mp_int *b)
+{
+ return mp_mul(a, b, a);
+} /* end s_mp_mul() */
+
+/* }}} */
+
+#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
+/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
+#define MP_MUL_DxD(a, b, Phi, Plo) \
+ { \
+ unsigned long long product = (unsigned long long)a * b; \
+ Plo = (mp_digit)product; \
+ Phi = (mp_digit)(product >> MP_DIGIT_BIT); \
+ }
+#elif defined(OSF1)
+#define MP_MUL_DxD(a, b, Phi, Plo) \
+ { \
+ Plo = asm("mulq %a0, %a1, %v0", a, b); \
+ Phi = asm("umulh %a0, %a1, %v0", a, b); \
+ }
+#else
+#define MP_MUL_DxD(a, b, Phi, Plo) \
+ { \
+ mp_digit a0b1, a1b0; \
+ Plo = (a & MP_HALF_DIGIT_MAX) * (b & MP_HALF_DIGIT_MAX); \
+ Phi = (a >> MP_HALF_DIGIT_BIT) * (b >> MP_HALF_DIGIT_BIT); \
+ a0b1 = (a & MP_HALF_DIGIT_MAX) * (b >> MP_HALF_DIGIT_BIT); \
+ a1b0 = (a >> MP_HALF_DIGIT_BIT) * (b & MP_HALF_DIGIT_MAX); \
+ a1b0 += a0b1; \
+ Phi += a1b0 >> MP_HALF_DIGIT_BIT; \
+ if (a1b0 < a0b1) \
+ Phi += MP_HALF_RADIX; \
+ a1b0 <<= MP_HALF_DIGIT_BIT; \
+ Plo += a1b0; \
+ if (Plo < a1b0) \
+ ++Phi; \
+ }
+#endif
+
+#if !defined(MP_ASSEMBLY_MULTIPLY)
+/* c = a * b */
+void
+s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
+ mp_digit d = 0;
+
+ /* Inner product: Digits of a */
+ while (a_len--) {
+ mp_word w = ((mp_word)b * *a++) + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+ *c = d;
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+ *c = carry;
+#endif
+}
+
+/* c += a * b */
+void
+s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b,
+ mp_digit *c)
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
+ mp_digit d = 0;
+
+ /* Inner product: Digits of a */
+ while (a_len--) {
+ mp_word w = ((mp_word)b * *a++) + *c + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+ *c = d;
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+ a0b0 += a_i = *c;
+ if (a0b0 < a_i)
+ ++a1b1;
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+ *c = carry;
+#endif
+}
+
+/* Presently, this is only used by the Montgomery arithmetic code. */
+/* c += a * b */
+void
+s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
+ mp_digit d = 0;
+
+ /* Inner product: Digits of a */
+ while (a_len--) {
+ mp_word w = ((mp_word)b * *a++) + *c + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+
+ while (d) {
+ mp_word w = (mp_word)*c + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+
+ a0b0 += a_i = *c;
+ if (a0b0 < a_i)
+ ++a1b1;
+
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+ while (carry) {
+ mp_digit c_i = *c;
+ carry += c_i;
+ *c++ = carry;
+ carry = carry < c_i;
+ }
+#endif
+}
+#endif
+
+#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
+/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
+#define MP_SQR_D(a, Phi, Plo) \
+ { \
+ unsigned long long square = (unsigned long long)a * a; \
+ Plo = (mp_digit)square; \
+ Phi = (mp_digit)(square >> MP_DIGIT_BIT); \
+ }
+#elif defined(OSF1)
+#define MP_SQR_D(a, Phi, Plo) \
+ { \
+ Plo = asm("mulq %a0, %a0, %v0", a); \
+ Phi = asm("umulh %a0, %a0, %v0", a); \
+ }
+#else
+#define MP_SQR_D(a, Phi, Plo) \
+ { \
+ mp_digit Pmid; \
+ Plo = (a & MP_HALF_DIGIT_MAX) * (a & MP_HALF_DIGIT_MAX); \
+ Phi = (a >> MP_HALF_DIGIT_BIT) * (a >> MP_HALF_DIGIT_BIT); \
+ Pmid = (a & MP_HALF_DIGIT_MAX) * (a >> MP_HALF_DIGIT_BIT); \
+ Phi += Pmid >> (MP_HALF_DIGIT_BIT - 1); \
+ Pmid <<= (MP_HALF_DIGIT_BIT + 1); \
+ Plo += Pmid; \
+ if (Plo < Pmid) \
+ ++Phi; \
+ }
+#endif
+
+#if !defined(MP_ASSEMBLY_SQUARE)
+/* Add the squares of the digits of a to the digits of b. */
+void
+s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
+{
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
+ mp_word w;
+ mp_digit d;
+ mp_size ix;
+
+ w = 0;
+#define ADD_SQUARE(n) \
+ d = pa[n]; \
+ w += (d * (mp_word)d) + ps[2 * n]; \
+ ps[2 * n] = ACCUM(w); \
+ w = (w >> DIGIT_BIT) + ps[2 * n + 1]; \
+ ps[2 * n + 1] = ACCUM(w); \
+ w = (w >> DIGIT_BIT)
+
+ for (ix = a_len; ix >= 4; ix -= 4) {
+ ADD_SQUARE(0);
+ ADD_SQUARE(1);
+ ADD_SQUARE(2);
+ ADD_SQUARE(3);
+ pa += 4;
+ ps += 8;
+ }
+ if (ix) {
+ ps += 2 * ix;
+ pa += ix;
+ switch (ix) {
+ case 3:
+ ADD_SQUARE(-3); /* FALLTHRU */
+ case 2:
+ ADD_SQUARE(-2); /* FALLTHRU */
+ case 1:
+ ADD_SQUARE(-1); /* FALLTHRU */
+ case 0:
+ break;
+ }
+ }
+ while (w) {
+ w += *ps;
+ *ps++ = ACCUM(w);
+ w = (w >> DIGIT_BIT);
+ }
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *pa++;
+ mp_digit a0a0, a1a1;
+
+ MP_SQR_D(a_i, a1a1, a0a0);
+
+ /* here a1a1 and a0a0 constitute a_i ** 2 */
+ a0a0 += carry;
+ if (a0a0 < carry)
+ ++a1a1;
+
+ /* now add to ps */
+ a0a0 += a_i = *ps;
+ if (a0a0 < a_i)
+ ++a1a1;
+ *ps++ = a0a0;
+ a1a1 += a_i = *ps;
+ carry = (a1a1 < a_i);
+ *ps++ = a1a1;
+ }
+ while (carry) {
+ mp_digit s_i = *ps;
+ carry += s_i;
+ *ps++ = carry;
+ carry = carry < s_i;
+ }
+#endif
+}
+#endif
+
+#if (defined(MP_NO_MP_WORD) || defined(MP_NO_DIV_WORD)) && !defined(MP_ASSEMBLY_DIV_2DX1D)
+/*
+** Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
+** so its high bit is 1. This code is from NSPR.
+*/
+mp_err
+s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
+ mp_digit *qp, mp_digit *rp)
+{
+ mp_digit d1, d0, q1, q0;
+ mp_digit r1, r0, m;
+
+ d1 = divisor >> MP_HALF_DIGIT_BIT;
+ d0 = divisor & MP_HALF_DIGIT_MAX;
+ r1 = Nhi % d1;
+ q1 = Nhi / d1;
+ m = q1 * d0;
+ r1 = (r1 << MP_HALF_DIGIT_BIT) | (Nlo >> MP_HALF_DIGIT_BIT);
+ if (r1 < m) {
+ q1--, r1 += divisor;
+ if (r1 >= divisor && r1 < m) {
+ q1--, r1 += divisor;
+ }
+ }
+ r1 -= m;
+ r0 = r1 % d1;
+ q0 = r1 / d1;
+ m = q0 * d0;
+ r0 = (r0 << MP_HALF_DIGIT_BIT) | (Nlo & MP_HALF_DIGIT_MAX);
+ if (r0 < m) {
+ q0--, r0 += divisor;
+ if (r0 >= divisor && r0 < m) {
+ q0--, r0 += divisor;
+ }
+ }
+ if (qp)
+ *qp = (q1 << MP_HALF_DIGIT_BIT) | q0;
+ if (rp)
+ *rp = r0 - m;
+ return MP_OKAY;
+}
+#endif
+
+#if MP_SQUARE
+/* {{{ s_mp_sqr(a) */
+
+mp_err
+s_mp_sqr(mp_int *a)
+{
+ mp_err res;
+ mp_int tmp;
+
+ if ((res = mp_init_size(&tmp, 2 * USED(a))) != MP_OKAY)
+ return res;
+ res = mp_sqr(a, &tmp);
+ if (res == MP_OKAY) {
+ s_mp_exch(&tmp, a);
+ }
+ mp_clear(&tmp);
+ return res;
+}
+
+/* }}} */
+#endif
+
+/* {{{ s_mp_div(a, b) */
+
+/*
+ s_mp_div(a, b)
+
+ Compute a = a / b and b = a mod b. Assumes b > a.
+ */
+
+mp_err s_mp_div(mp_int *rem, /* i: dividend, o: remainder */
+ mp_int *div, /* i: divisor */
+ mp_int *quot) /* i: 0; o: quotient */
+{
+ mp_int part, t;
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
+ mp_word q_msd;
+#else
+ mp_digit q_msd;
+#endif
+ mp_err res;
+ mp_digit d;
+ mp_digit div_msd;
+ int ix;
+
+ if (mp_cmp_z(div) == 0)
+ return MP_RANGE;
+
+ DIGITS(&t) = 0;
+ /* Shortcut if divisor is power of two */
+ if ((ix = s_mp_ispow2(div)) >= 0) {
+ MP_CHECKOK(mp_copy(rem, quot));
+ s_mp_div_2d(quot, (mp_digit)ix);
+ s_mp_mod_2d(rem, (mp_digit)ix);
+
+ return MP_OKAY;
+ }
+
+ MP_SIGN(rem) = ZPOS;
+ MP_SIGN(div) = ZPOS;
+ MP_SIGN(&part) = ZPOS;
+
+ /* A working temporary for division */
+ MP_CHECKOK(mp_init_size(&t, MP_ALLOC(rem)));
+
+ /* Normalize to optimize guessing */
+ MP_CHECKOK(s_mp_norm(rem, div, &d));
+
+ /* Perform the division itself...woo! */
+ MP_USED(quot) = MP_ALLOC(quot);
+
+ /* Find a partial substring of rem which is at least div */
+ /* If we didn't find one, we're finished dividing */
+ while (MP_USED(rem) > MP_USED(div) || s_mp_cmp(rem, div) >= 0) {
+ int i;
+ int unusedRem;
+ int partExtended = 0; /* set to true if we need to extend part */
+
+ unusedRem = MP_USED(rem) - MP_USED(div);
+ MP_DIGITS(&part) = MP_DIGITS(rem) + unusedRem;
+ MP_ALLOC(&part) = MP_ALLOC(rem) - unusedRem;
+ MP_USED(&part) = MP_USED(div);
+
+ /* We have now truncated the part of the remainder to the same length as
+ * the divisor. If part is smaller than div, extend part by one digit. */
+ if (s_mp_cmp(&part, div) < 0) {
+ --unusedRem;
+#if MP_ARGCHK == 2
+ assert(unusedRem >= 0);
+#endif
+ --MP_DIGITS(&part);
+ ++MP_USED(&part);
+ ++MP_ALLOC(&part);
+ partExtended = 1;
+ }
+
+ /* Compute a guess for the next quotient digit */
+ q_msd = MP_DIGIT(&part, MP_USED(&part) - 1);
+ div_msd = MP_DIGIT(div, MP_USED(div) - 1);
+ if (!partExtended) {
+ /* In this case, q_msd /= div_msd is always 1. First, since div_msd is
+ * normalized to have the high bit set, 2*div_msd > MP_DIGIT_MAX. Since
+ * we didn't extend part, q_msd >= div_msd. Therefore we know that
+ * div_msd <= q_msd <= MP_DIGIT_MAX < 2*div_msd. Dividing by div_msd we
+ * get 1 <= q_msd/div_msd < 2. So q_msd /= div_msd must be 1. */
+ q_msd = 1;
+ } else {
+#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
+ q_msd = (q_msd << MP_DIGIT_BIT) | MP_DIGIT(&part, MP_USED(&part) - 2);
+ q_msd /= div_msd;
+ if (q_msd == RADIX)
+ --q_msd;
+#else
+ if (q_msd == div_msd) {
+ q_msd = MP_DIGIT_MAX;
+ } else {
+ mp_digit r;
+ MP_CHECKOK(s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2),
+ div_msd, &q_msd, &r));
+ }
+#endif
+ }
+#if MP_ARGCHK == 2
+ assert(q_msd > 0); /* This case should never occur any more. */
+#endif
+ if (q_msd <= 0)
+ break;
+
+ /* See what that multiplies out to */
+ mp_copy(div, &t);
+ MP_CHECKOK(s_mp_mul_d(&t, (mp_digit)q_msd));
+
+ /*
+ If it's too big, back it off. We should not have to do this
+ more than once, or, in rare cases, twice. Knuth describes a
+ method by which this could be reduced to a maximum of once, but
+ I didn't implement that here.
+ * When using s_mpv_div_2dx1d, we may have to do this 3 times.
+ */
+ for (i = 4; s_mp_cmp(&t, &part) > 0 && i > 0; --i) {
+ --q_msd;
+ MP_CHECKOK(s_mp_sub(&t, div)); /* t -= div */
+ }
+ if (i < 0) {
+ res = MP_RANGE;
+ goto CLEANUP;
+ }
+
+ /* At this point, q_msd should be the right next digit */
+ MP_CHECKOK(s_mp_sub(&part, &t)); /* part -= t */
+ s_mp_clamp(rem);
+
+ /*
+ Include the digit in the quotient. We allocated enough memory
+ for any quotient we could ever possibly get, so we should not
+ have to check for failures here
+ */
+ MP_DIGIT(quot, unusedRem) = (mp_digit)q_msd;
+ }
+
+ /* Denormalize remainder */
+ if (d) {
+ s_mp_div_2d(rem, d);
+ }
+
+ s_mp_clamp(quot);
+
+CLEANUP:
+ mp_clear(&t);
+
+ return res;
+
+} /* end s_mp_div() */
+
+/* }}} */
+
+/* {{{ s_mp_2expt(a, k) */
+
+mp_err
+s_mp_2expt(mp_int *a, mp_digit k)
+{
+ mp_err res;
+ mp_size dig, bit;
+
+ dig = k / DIGIT_BIT;
+ bit = k % DIGIT_BIT;
+
+ mp_zero(a);
+ if ((res = s_mp_pad(a, dig + 1)) != MP_OKAY)
+ return res;
+
+ DIGIT(a, dig) |= ((mp_digit)1 << bit);
+
+ return MP_OKAY;
+
+} /* end s_mp_2expt() */
+
+/* }}} */
+
+/* {{{ s_mp_reduce(x, m, mu) */
+
+/*
+ Compute Barrett reduction, x (mod m), given a precomputed value for
+ mu = b^2k / m, where b = RADIX and k = #digits(m). This should be
+ faster than straight division, when many reductions by the same
+ value of m are required (such as in modular exponentiation). This
+ can nearly halve the time required to do modular exponentiation,
+ as compared to using the full integer divide to reduce.
+
+ This algorithm was derived from the _Handbook of Applied
+ Cryptography_ by Menezes, Oorschot and VanStone, Ch. 14,
+ pp. 603-604.
+ */
+
+mp_err
+s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu)
+{
+ mp_int q;
+ mp_err res;
+
+ if ((res = mp_init_copy(&q, x)) != MP_OKAY)
+ return res;
+
+ s_mp_rshd(&q, USED(m) - 1); /* q1 = x / b^(k-1) */
+ s_mp_mul(&q, mu); /* q2 = q1 * mu */
+ s_mp_rshd(&q, USED(m) + 1); /* q3 = q2 / b^(k+1) */
+
+ /* x = x mod b^(k+1), quick (no division) */
+ s_mp_mod_2d(x, DIGIT_BIT * (USED(m) + 1));
+
+ /* q = q * m mod b^(k+1), quick (no division) */
+ s_mp_mul(&q, m);
+ s_mp_mod_2d(&q, DIGIT_BIT * (USED(m) + 1));
+
+ /* x = x - q */
+ if ((res = mp_sub(x, &q, x)) != MP_OKAY)
+ goto CLEANUP;
+
+ /* If x < 0, add b^(k+1) to it */
+ if (mp_cmp_z(x) < 0) {
+ mp_set(&q, 1);
+ if ((res = s_mp_lshd(&q, USED(m) + 1)) != MP_OKAY)
+ goto CLEANUP;
+ if ((res = mp_add(x, &q, x)) != MP_OKAY)
+ goto CLEANUP;
+ }
+
+ /* Back off if it's too big */
+ while (mp_cmp(x, m) >= 0) {
+ if ((res = s_mp_sub(x, m)) != MP_OKAY)
+ break;
+ }
+
+CLEANUP:
+ mp_clear(&q);
+
+ return res;
+
+} /* end s_mp_reduce() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ Primitive comparisons */
+
+/* {{{ s_mp_cmp(a, b) */
+
+/* Compare |a| <=> |b|, return 0 if equal, <0 if a<b, >0 if a>b */
+int
+s_mp_cmp(const mp_int *a, const mp_int *b)
+{
+ mp_size used_a = MP_USED(a);
+ {
+ mp_size used_b = MP_USED(b);
+
+ if (used_a > used_b)
+ goto IS_GT;
+ if (used_a < used_b)
+ goto IS_LT;
+ }
+ {
+ mp_digit *pa, *pb;
+ mp_digit da = 0, db = 0;
+
+#define CMP_AB(n) \
+ if ((da = pa[n]) != (db = pb[n])) \
+ goto done
+
+ pa = MP_DIGITS(a) + used_a;
+ pb = MP_DIGITS(b) + used_a;
+ while (used_a >= 4) {
+ pa -= 4;
+ pb -= 4;
+ used_a -= 4;
+ CMP_AB(3);
+ CMP_AB(2);
+ CMP_AB(1);
+ CMP_AB(0);
+ }
+ while (used_a-- > 0 && ((da = *--pa) == (db = *--pb)))
+ /* do nothing */;
+ done:
+ if (da > db)
+ goto IS_GT;
+ if (da < db)
+ goto IS_LT;
+ }
+ return MP_EQ;
+IS_LT:
+ return MP_LT;
+IS_GT:
+ return MP_GT;
+} /* end s_mp_cmp() */
+
+/* }}} */
+
+/* {{{ s_mp_cmp_d(a, d) */
+
+/* Compare |a| <=> d, return 0 if equal, <0 if a<d, >0 if a>d */
+int
+s_mp_cmp_d(const mp_int *a, mp_digit d)
+{
+ if (USED(a) > 1)
+ return MP_GT;
+
+ if (DIGIT(a, 0) < d)
+ return MP_LT;
+ else if (DIGIT(a, 0) > d)
+ return MP_GT;
+ else
+ return MP_EQ;
+
+} /* end s_mp_cmp_d() */
+
+/* }}} */
+
+/* {{{ s_mp_ispow2(v) */
+
+/*
+ Returns -1 if the value is not a power of two; otherwise, it returns
+ k such that v = 2^k, i.e. lg(v).
+ */
+int
+s_mp_ispow2(const mp_int *v)
+{
+ mp_digit d;
+ int extra = 0, ix;
+
+ ix = MP_USED(v) - 1;
+ d = MP_DIGIT(v, ix); /* most significant digit of v */
+
+ extra = s_mp_ispow2d(d);
+ if (extra < 0 || ix == 0)
+ return extra;
+
+ while (--ix >= 0) {
+ if (DIGIT(v, ix) != 0)
+ return -1; /* not a power of two */
+ extra += MP_DIGIT_BIT;
+ }
+
+ return extra;
+
+} /* end s_mp_ispow2() */
+
+/* }}} */
+
+/* {{{ s_mp_ispow2d(d) */
+
+int
+s_mp_ispow2d(mp_digit d)
+{
+ if ((d != 0) && ((d & (d - 1)) == 0)) { /* d is a power of 2 */
+ int pow = 0;
+#if defined(MP_USE_UINT_DIGIT)
+ if (d & 0xffff0000U)
+ pow += 16;
+ if (d & 0xff00ff00U)
+ pow += 8;
+ if (d & 0xf0f0f0f0U)
+ pow += 4;
+ if (d & 0xccccccccU)
+ pow += 2;
+ if (d & 0xaaaaaaaaU)
+ pow += 1;
+#elif defined(MP_USE_LONG_LONG_DIGIT)
+ if (d & 0xffffffff00000000ULL)
+ pow += 32;
+ if (d & 0xffff0000ffff0000ULL)
+ pow += 16;
+ if (d & 0xff00ff00ff00ff00ULL)
+ pow += 8;
+ if (d & 0xf0f0f0f0f0f0f0f0ULL)
+ pow += 4;
+ if (d & 0xccccccccccccccccULL)
+ pow += 2;
+ if (d & 0xaaaaaaaaaaaaaaaaULL)
+ pow += 1;
+#elif defined(MP_USE_LONG_DIGIT)
+ if (d & 0xffffffff00000000UL)
+ pow += 32;
+ if (d & 0xffff0000ffff0000UL)
+ pow += 16;
+ if (d & 0xff00ff00ff00ff00UL)
+ pow += 8;
+ if (d & 0xf0f0f0f0f0f0f0f0UL)
+ pow += 4;
+ if (d & 0xccccccccccccccccUL)
+ pow += 2;
+ if (d & 0xaaaaaaaaaaaaaaaaUL)
+ pow += 1;
+#else
+#error "unknown type for mp_digit"
+#endif
+ return pow;
+ }
+ return -1;
+
+} /* end s_mp_ispow2d() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ Primitive I/O helpers */
+
+/* {{{ s_mp_tovalue(ch, r) */
+
+/*
+ Convert the given character to its digit value, in the given radix.
+ If the given character is not understood in the given radix, -1 is
+ returned. Otherwise the digit's numeric value is returned.
+
+ The results will be odd if you use a radix < 2 or > 62, you are
+ expected to know what you're up to.
+ */
+int
+s_mp_tovalue(char ch, int r)
+{
+ int val, xch;
+
+ if (r > 36)
+ xch = ch;
+ else
+ xch = toupper(ch);
+
+ if (isdigit(xch))
+ val = xch - '0';
+ else if (isupper(xch))
+ val = xch - 'A' + 10;
+ else if (islower(xch))
+ val = xch - 'a' + 36;
+ else if (xch == '+')
+ val = 62;
+ else if (xch == '/')
+ val = 63;
+ else
+ return -1;
+
+ if (val < 0 || val >= r)
+ return -1;
+
+ return val;
+
+} /* end s_mp_tovalue() */
+
+/* }}} */
+
+/* {{{ s_mp_todigit(val, r, low) */
+
+/*
+ Convert val to a radix-r digit, if possible. If val is out of range
+ for r, returns zero. Otherwise, returns an ASCII character denoting
+ the value in the given radix.
+
+ The results may be odd if you use a radix < 2 or > 64, you are
+ expected to know what you're doing.
+ */
+
+char
+s_mp_todigit(mp_digit val, int r, int low)
+{
+ char ch;
+
+ if (val >= r)
+ return 0;
+
+ ch = s_dmap_1[val];
+
+ if (r <= 36 && low)
+ ch = tolower(ch);
+
+ return ch;
+
+} /* end s_mp_todigit() */
+
+/* }}} */
+
+/* {{{ s_mp_outlen(bits, radix) */
+
+/*
+ Return an estimate for how long a string is needed to hold a radix
+ r representation of a number with 'bits' significant bits, plus an
+ extra for a zero terminator (assuming C style strings here)
+ */
+int
+s_mp_outlen(int bits, int r)
+{
+ return (int)((double)bits * LOG_V_2(r) + 1.5) + 1;
+
+} /* end s_mp_outlen() */
+
+/* }}} */
+
+/* }}} */
+
+/* {{{ mp_read_unsigned_octets(mp, str, len) */
+/* mp_read_unsigned_octets(mp, str, len)
+ Read in a raw value (base 256) into the given mp_int
+ No sign bit, number is positive. Leading zeros ignored.
+ */
+
+mp_err
+mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len)
+{
+ int count;
+ mp_err res;
+ mp_digit d;
+
+ ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
+
+ mp_zero(mp);
+
+ count = len % sizeof(mp_digit);
+ if (count) {
+ for (d = 0; count-- > 0; --len) {
+ d = (d << 8) | *str++;
+ }
+ MP_DIGIT(mp, 0) = d;
+ }
+
+ /* Read the rest of the digits */
+ for (; len > 0; len -= sizeof(mp_digit)) {
+ for (d = 0, count = sizeof(mp_digit); count > 0; --count) {
+ d = (d << 8) | *str++;
+ }
+ if (MP_EQ == mp_cmp_z(mp)) {
+ if (!d)
+ continue;
+ } else {
+ if ((res = s_mp_lshd(mp, 1)) != MP_OKAY)
+ return res;
+ }
+ MP_DIGIT(mp, 0) = d;
+ }
+ return MP_OKAY;
+} /* end mp_read_unsigned_octets() */
+/* }}} */
+
+/* {{{ mp_unsigned_octet_size(mp) */
+unsigned int
+mp_unsigned_octet_size(const mp_int *mp)
+{
+ unsigned int bytes;
+ int ix;
+ mp_digit d = 0;
+
+ ARGCHK(mp != NULL, MP_BADARG);
+ ARGCHK(MP_ZPOS == SIGN(mp), MP_BADARG);
+
+ bytes = (USED(mp) * sizeof(mp_digit));
+
+ /* subtract leading zeros. */
+ /* Iterate over each digit... */
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ d = DIGIT(mp, ix);
+ if (d)
+ break;
+ bytes -= sizeof(d);
+ }
+ if (!bytes)
+ return 1;
+
+ /* Have MSD, check digit bytes, high order first */
+ for (ix = sizeof(mp_digit) - 1; ix >= 0; ix--) {
+ unsigned char x = (unsigned char)(d >> (ix * CHAR_BIT));
+ if (x)
+ break;
+ --bytes;
+ }
+ return bytes;
+} /* end mp_unsigned_octet_size() */
+/* }}} */
+
+/* {{{ mp_to_unsigned_octets(mp, str) */
+/* output a buffer of big endian octets no longer than specified. */
+mp_err
+mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
+{
+ int ix, pos = 0;
+ unsigned int bytes;
+
+ ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
+
+ bytes = mp_unsigned_octet_size(mp);
+ ARGCHK(bytes <= maxlen, MP_BADARG);
+
+ /* Iterate over each digit... */
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ mp_digit d = DIGIT(mp, ix);
+ int jx;
+
+ /* Unpack digit bytes, high order first */
+ for (jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
+ unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
+ if (!pos && !x) /* suppress leading zeros */
+ continue;
+ str[pos++] = x;
+ }
+ }
+ if (!pos)
+ str[pos++] = 0;
+ return pos;
+} /* end mp_to_unsigned_octets() */
+/* }}} */
+
+/* {{{ mp_to_signed_octets(mp, str) */
+/* output a buffer of big endian octets no longer than specified. */
+mp_err
+mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
+{
+ int ix, pos = 0;
+ unsigned int bytes;
+
+ ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
+
+ bytes = mp_unsigned_octet_size(mp);
+ ARGCHK(bytes <= maxlen, MP_BADARG);
+
+ /* Iterate over each digit... */
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ mp_digit d = DIGIT(mp, ix);
+ int jx;
+
+ /* Unpack digit bytes, high order first */
+ for (jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
+ unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
+ if (!pos) {
+ if (!x) /* suppress leading zeros */
+ continue;
+ if (x & 0x80) { /* add one leading zero to make output positive. */
+ ARGCHK(bytes + 1 <= maxlen, MP_BADARG);
+ if (bytes + 1 > maxlen)
+ return MP_BADARG;
+ str[pos++] = 0;
+ }
+ }
+ str[pos++] = x;
+ }
+ }
+ if (!pos)
+ str[pos++] = 0;
+ return pos;
+} /* end mp_to_signed_octets() */
+/* }}} */
+
+/* {{{ mp_to_fixlen_octets(mp, str) */
+/* output a buffer of big endian octets exactly as long as requested. */
+mp_err
+mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length)
+{
+ int ix, pos = 0;
+ unsigned int bytes;
+
+ ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
+
+ bytes = mp_unsigned_octet_size(mp);
+ ARGCHK(bytes <= length, MP_BADARG);
+
+ /* place any needed leading zeros */
+ for (; length > bytes; --length) {
+ *str++ = 0;
+ }
+
+ /* Iterate over each digit... */
+ for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ mp_digit d = DIGIT(mp, ix);
+ int jx;
+
+ /* Unpack digit bytes, high order first */
+ for (jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
+ unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
+ if (!pos && !x) /* suppress leading zeros */
+ continue;
+ str[pos++] = x;
+ }
+ }
+ if (!pos)
+ str[pos++] = 0;
+ return MP_OKAY;
+} /* end mp_to_fixlen_octets() */
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpi.h b/security/nss/lib/freebl/mpi/mpi.h
new file mode 100644
index 000000000..64ffe75d5
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi.h
@@ -0,0 +1,313 @@
+/*
+ * mpi.h
+ *
+ * Arbitrary precision integer arithmetic library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _H_MPI_
+#define _H_MPI_
+
+#include "mpi-config.h"
+
+#include "seccomon.h"
+SEC_BEGIN_PROTOS
+
+#if MP_DEBUG
+#undef MP_IOFUNC
+#define MP_IOFUNC 1
+#endif
+
+#if MP_IOFUNC
+#include <stdio.h>
+#include <ctype.h>
+#endif
+
+#include <limits.h>
+
+#if defined(BSDI)
+#undef ULLONG_MAX
+#endif
+
+#include <sys/types.h>
+
+#define MP_NEG 1
+#define MP_ZPOS 0
+
+#define MP_OKAY 0 /* no error, all is well */
+#define MP_YES 0 /* yes (boolean result) */
+#define MP_NO -1 /* no (boolean result) */
+#define MP_MEM -2 /* out of memory */
+#define MP_RANGE -3 /* argument out of range */
+#define MP_BADARG -4 /* invalid parameter */
+#define MP_UNDEF -5 /* answer is undefined */
+#define MP_LAST_CODE MP_UNDEF
+
+typedef unsigned int mp_sign;
+typedef unsigned int mp_size;
+typedef int mp_err;
+
+#define MP_32BIT_MAX 4294967295U
+
+#if !defined(ULONG_MAX)
+#error "ULONG_MAX not defined"
+#elif !defined(UINT_MAX)
+#error "UINT_MAX not defined"
+#elif !defined(USHRT_MAX)
+#error "USHRT_MAX not defined"
+#endif
+
+#if defined(ULLONG_MAX) /* C99, Solaris */
+#define MP_ULONG_LONG_MAX ULLONG_MAX
+/* MP_ULONG_LONG_MAX was defined to be ULLONG_MAX */
+#elif defined(ULONG_LONG_MAX) /* HPUX */
+#define MP_ULONG_LONG_MAX ULONG_LONG_MAX
+#elif defined(ULONGLONG_MAX) /* IRIX, AIX */
+#define MP_ULONG_LONG_MAX ULONGLONG_MAX
+#endif
+
+/* We only use unsigned long for mp_digit iff long is more than 32 bits. */
+#if !defined(MP_USE_UINT_DIGIT) && ULONG_MAX > MP_32BIT_MAX
+typedef unsigned long mp_digit;
+#define MP_DIGIT_MAX ULONG_MAX
+#define MP_DIGIT_FMT "%016lX" /* printf() format for 1 digit */
+#define MP_HALF_DIGIT_MAX UINT_MAX
+#undef MP_NO_MP_WORD
+#define MP_NO_MP_WORD 1
+#undef MP_USE_LONG_DIGIT
+#define MP_USE_LONG_DIGIT 1
+#undef MP_USE_LONG_LONG_DIGIT
+
+#elif !defined(MP_USE_UINT_DIGIT) && defined(MP_ULONG_LONG_MAX)
+typedef unsigned long long mp_digit;
+#define MP_DIGIT_MAX MP_ULONG_LONG_MAX
+#define MP_DIGIT_FMT "%016llX" /* printf() format for 1 digit */
+#define MP_HALF_DIGIT_MAX UINT_MAX
+#undef MP_NO_MP_WORD
+#define MP_NO_MP_WORD 1
+#undef MP_USE_LONG_LONG_DIGIT
+#define MP_USE_LONG_LONG_DIGIT 1
+#undef MP_USE_LONG_DIGIT
+
+#else
+typedef unsigned int mp_digit;
+#define MP_DIGIT_MAX UINT_MAX
+#define MP_DIGIT_FMT "%08X" /* printf() format for 1 digit */
+#define MP_HALF_DIGIT_MAX USHRT_MAX
+#undef MP_USE_UINT_DIGIT
+#define MP_USE_UINT_DIGIT 1
+#undef MP_USE_LONG_LONG_DIGIT
+#undef MP_USE_LONG_DIGIT
+#endif
+
+#if !defined(MP_NO_MP_WORD)
+#if defined(MP_USE_UINT_DIGIT) && \
+ (defined(MP_ULONG_LONG_MAX) || (ULONG_MAX > UINT_MAX))
+
+#if (ULONG_MAX > UINT_MAX)
+typedef unsigned long mp_word;
+typedef long mp_sword;
+#define MP_WORD_MAX ULONG_MAX
+
+#else
+typedef unsigned long long mp_word;
+typedef long long mp_sword;
+#define MP_WORD_MAX MP_ULONG_LONG_MAX
+#endif
+
+#else
+#define MP_NO_MP_WORD 1
+#endif
+#endif /* !defined(MP_NO_MP_WORD) */
+
+#if !defined(MP_WORD_MAX) && defined(MP_DEFINE_SMALL_WORD)
+typedef unsigned int mp_word;
+typedef int mp_sword;
+#define MP_WORD_MAX UINT_MAX
+#endif
+
+#define MP_DIGIT_BIT (CHAR_BIT * sizeof(mp_digit))
+#define MP_WORD_BIT (CHAR_BIT * sizeof(mp_word))
+#define MP_RADIX (1 + (mp_word)MP_DIGIT_MAX)
+
+#define MP_HALF_DIGIT_BIT (MP_DIGIT_BIT / 2)
+#define MP_HALF_RADIX (1 + (mp_digit)MP_HALF_DIGIT_MAX)
+/* MP_HALF_RADIX really ought to be called MP_SQRT_RADIX, but it's named
+** MP_HALF_RADIX because it's the radix for MP_HALF_DIGITs, and it's
+** consistent with the other _HALF_ names.
+*/
+
+/* Macros for accessing the mp_int internals */
+#define MP_SIGN(MP) ((MP)->sign)
+#define MP_USED(MP) ((MP)->used)
+#define MP_ALLOC(MP) ((MP)->alloc)
+#define MP_DIGITS(MP) ((MP)->dp)
+#define MP_DIGIT(MP, N) (MP)->dp[(N)]
+
+/* This defines the maximum I/O base (minimum is 2) */
+#define MP_MAX_RADIX 64
+
+typedef struct {
+ mp_sign sign; /* sign of this quantity */
+ mp_size alloc; /* how many digits allocated */
+ mp_size used; /* how many digits used */
+ mp_digit *dp; /* the digits themselves */
+} mp_int;
+
+/* Default precision */
+mp_size mp_get_prec(void);
+void mp_set_prec(mp_size prec);
+
+/* Memory management */
+mp_err mp_init(mp_int *mp);
+mp_err mp_init_size(mp_int *mp, mp_size prec);
+mp_err mp_init_copy(mp_int *mp, const mp_int *from);
+mp_err mp_copy(const mp_int *from, mp_int *to);
+void mp_exch(mp_int *mp1, mp_int *mp2);
+void mp_clear(mp_int *mp);
+void mp_zero(mp_int *mp);
+void mp_set(mp_int *mp, mp_digit d);
+mp_err mp_set_int(mp_int *mp, long z);
+#define mp_set_long(mp, z) mp_set_int(mp, z)
+mp_err mp_set_ulong(mp_int *mp, unsigned long z);
+
+/* Single digit arithmetic */
+mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b);
+mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b);
+mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b);
+mp_err mp_mul_2(const mp_int *a, mp_int *c);
+mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r);
+mp_err mp_div_2(const mp_int *a, mp_int *c);
+mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c);
+
+/* Sign manipulations */
+mp_err mp_abs(const mp_int *a, mp_int *b);
+mp_err mp_neg(const mp_int *a, mp_int *b);
+
+/* Full arithmetic */
+mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c);
+mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c);
+mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int *c);
+#if MP_SQUARE
+mp_err mp_sqr(const mp_int *a, mp_int *b);
+#else
+#define mp_sqr(a, b) mp_mul(a, a, b)
+#endif
+mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r);
+mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r);
+mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c);
+mp_err mp_2expt(mp_int *a, mp_digit k);
+
+/* Modular arithmetic */
+#if MP_MODARITH
+mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c);
+mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c);
+mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
+mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
+mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
+#if MP_SQUARE
+mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c);
+#else
+#define mp_sqrmod(a, m, c) mp_mulmod(a, a, m, c)
+#endif
+mp_err mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
+mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c);
+#endif /* MP_MODARITH */
+
+/* Comparisons */
+int mp_cmp_z(const mp_int *a);
+int mp_cmp_d(const mp_int *a, mp_digit d);
+int mp_cmp(const mp_int *a, const mp_int *b);
+int mp_cmp_mag(const mp_int *a, const mp_int *b);
+int mp_isodd(const mp_int *a);
+int mp_iseven(const mp_int *a);
+
+/* Number theoretic */
+#if MP_NUMTH
+mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c);
+mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c);
+mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y);
+mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c);
+mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c);
+#endif /* end MP_NUMTH */
+
+/* Input and output */
+#if MP_IOFUNC
+void mp_print(mp_int *mp, FILE *ofp);
+#endif /* end MP_IOFUNC */
+
+/* Base conversion */
+mp_err mp_read_raw(mp_int *mp, char *str, int len);
+int mp_raw_size(mp_int *mp);
+mp_err mp_toraw(mp_int *mp, char *str);
+mp_err mp_read_radix(mp_int *mp, const char *str, int radix);
+mp_err mp_read_variable_radix(mp_int *a, const char *str, int default_radix);
+int mp_radix_size(mp_int *mp, int radix);
+mp_err mp_toradix(mp_int *mp, char *str, int radix);
+int mp_tovalue(char ch, int r);
+
+#define mp_tobinary(M, S) mp_toradix((M), (S), 2)
+#define mp_tooctal(M, S) mp_toradix((M), (S), 8)
+#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
+#define mp_tohex(M, S) mp_toradix((M), (S), 16)
+
+/* Error strings */
+const char *mp_strerror(mp_err ec);
+
+/* Octet string conversion functions */
+mp_err mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len);
+unsigned int mp_unsigned_octet_size(const mp_int *mp);
+mp_err mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
+mp_err mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
+mp_err mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size len);
+
+/* Miscellaneous */
+mp_size mp_trailing_zeros(const mp_int *mp);
+void freebl_cpuid(unsigned long op, unsigned long *eax,
+ unsigned long *ebx, unsigned long *ecx,
+ unsigned long *edx);
+
+#define MP_CHECKOK(x) \
+ if (MP_OKAY > (res = (x))) \
+ goto CLEANUP
+#define MP_CHECKERR(x) \
+ if (MP_OKAY > (res = (x))) \
+ goto CLEANUP
+
+#define NEG MP_NEG
+#define ZPOS MP_ZPOS
+#define DIGIT_MAX MP_DIGIT_MAX
+#define DIGIT_BIT MP_DIGIT_BIT
+#define DIGIT_FMT MP_DIGIT_FMT
+#define RADIX MP_RADIX
+#define MAX_RADIX MP_MAX_RADIX
+#define SIGN(MP) MP_SIGN(MP)
+#define USED(MP) MP_USED(MP)
+#define ALLOC(MP) MP_ALLOC(MP)
+#define DIGITS(MP) MP_DIGITS(MP)
+#define DIGIT(MP, N) MP_DIGIT(MP, N)
+
+#if MP_ARGCHK == 1
+#define ARGCHK(X, Y) \
+ { \
+ if (!(X)) { \
+ return (Y); \
+ } \
+ }
+#elif MP_ARGCHK == 2
+#include <assert.h>
+#define ARGCHK(X, Y) assert(X)
+#else
+#define ARGCHK(X, Y) /* */
+#endif
+
+#ifdef CT_VERIF
+void mp_taint(mp_int *mp);
+void mp_untaint(mp_int *mp);
+#endif
+
+SEC_END_PROTOS
+
+#endif /* end _H_MPI_ */
diff --git a/security/nss/lib/freebl/mpi/mpi_amd64.c b/security/nss/lib/freebl/mpi/mpi_amd64.c
new file mode 100644
index 000000000..9e538bb6a
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_amd64.c
@@ -0,0 +1,32 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef MPI_AMD64
+#error This file only works on AMD64 platforms.
+#endif
+
+#include <mpi-priv.h>
+
+/*
+ * MPI glue
+ *
+ */
+
+/* Presently, this is only used by the Montgomery arithmetic code. */
+/* c += a * b */
+void MPI_ASM_DECL
+s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len,
+ mp_digit b, mp_digit *c)
+{
+ mp_digit w;
+ mp_digit d;
+
+ d = s_mpv_mul_add_vec64(c, a, a_len, b);
+ c += a_len;
+ while (d) {
+ w = c[0] + d;
+ d = (w < c[0] || w < d);
+ *c++ = w;
+ }
+}
diff --git a/security/nss/lib/freebl/mpi/mpi_amd64_gas.s b/security/nss/lib/freebl/mpi/mpi_amd64_gas.s
new file mode 100644
index 000000000..ad6e2b9d7
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_amd64_gas.s
@@ -0,0 +1,389 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+# ------------------------------------------------------------------------
+#
+# Implementation of s_mpv_mul_set_vec which exploits
+# the 64X64->128 bit unsigned multiply instruction.
+#
+# ------------------------------------------------------------------------
+
+# r = a * digit, r and a are vectors of length len
+# returns the carry digit
+# r and a are 64 bit aligned.
+#
+# uint64_t
+# s_mpv_mul_set_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
+#
+
+.text; .align 16; .globl s_mpv_mul_set_vec64; .type s_mpv_mul_set_vec64, @function; s_mpv_mul_set_vec64:
+
+ xorq %rax, %rax # if (len == 0) return (0)
+ testq %rdx, %rdx
+ jz .L17
+
+ movq %rdx, %r8 # Use r8 for len; %rdx is used by mul
+ xorq %r9, %r9 # cy = 0
+
+.L15:
+ cmpq $8, %r8 # 8 - len
+ jb .L16
+ movq 0(%rsi), %rax # rax = a[0]
+ movq 8(%rsi), %r11 # prefetch a[1]
+ mulq %rcx # p = a[0] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 0(%rdi) # r[0] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 16(%rsi), %r11 # prefetch a[2]
+ mulq %rcx # p = a[1] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 8(%rdi) # r[1] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 24(%rsi), %r11 # prefetch a[3]
+ mulq %rcx # p = a[2] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 16(%rdi) # r[2] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 32(%rsi), %r11 # prefetch a[4]
+ mulq %rcx # p = a[3] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 24(%rdi) # r[3] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 40(%rsi), %r11 # prefetch a[5]
+ mulq %rcx # p = a[4] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 32(%rdi) # r[4] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 48(%rsi), %r11 # prefetch a[6]
+ mulq %rcx # p = a[5] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 40(%rdi) # r[5] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 56(%rsi), %r11 # prefetch a[7]
+ mulq %rcx # p = a[6] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 48(%rdi) # r[6] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ mulq %rcx # p = a[7] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 56(%rdi) # r[7] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ addq $64, %rsi
+ addq $64, %rdi
+ subq $8, %r8
+
+ jz .L17
+ jmp .L15
+
+.L16:
+ movq 0(%rsi), %rax
+ mulq %rcx # p = a[0] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 0(%rdi) # r[0] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 8(%rsi), %rax
+ mulq %rcx # p = a[1] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 8(%rdi) # r[1] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 16(%rsi), %rax
+ mulq %rcx # p = a[2] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 16(%rdi) # r[2] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 24(%rsi), %rax
+ mulq %rcx # p = a[3] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 24(%rdi) # r[3] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 32(%rsi), %rax
+ mulq %rcx # p = a[4] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 32(%rdi) # r[4] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 40(%rsi), %rax
+ mulq %rcx # p = a[5] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 40(%rdi) # r[5] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 48(%rsi), %rax
+ mulq %rcx # p = a[6] * digit
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 48(%rdi) # r[6] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L17
+
+
+.L17:
+ movq %r9, %rax
+ ret
+
+.size s_mpv_mul_set_vec64, .-s_mpv_mul_set_vec64
+
+# ------------------------------------------------------------------------
+#
+# Implementation of s_mpv_mul_add_vec which exploits
+# the 64X64->128 bit unsigned multiply instruction.
+#
+# ------------------------------------------------------------------------
+
+# r += a * digit, r and a are vectors of length len
+# returns the carry digit
+# r and a are 64 bit aligned.
+#
+# uint64_t
+# s_mpv_mul_add_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
+#
+
+.text; .align 16; .globl s_mpv_mul_add_vec64; .type s_mpv_mul_add_vec64, @function; s_mpv_mul_add_vec64:
+
+ xorq %rax, %rax # if (len == 0) return (0)
+ testq %rdx, %rdx
+ jz .L27
+
+ movq %rdx, %r8 # Use r8 for len; %rdx is used by mul
+ xorq %r9, %r9 # cy = 0
+
+.L25:
+ cmpq $8, %r8 # 8 - len
+ jb .L26
+ movq 0(%rsi), %rax # rax = a[0]
+ movq 0(%rdi), %r10 # r10 = r[0]
+ movq 8(%rsi), %r11 # prefetch a[1]
+ mulq %rcx # p = a[0] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[0]
+ movq 8(%rdi), %r10 # prefetch r[1]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 0(%rdi) # r[0] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 16(%rsi), %r11 # prefetch a[2]
+ mulq %rcx # p = a[1] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[1]
+ movq 16(%rdi), %r10 # prefetch r[2]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 8(%rdi) # r[1] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 24(%rsi), %r11 # prefetch a[3]
+ mulq %rcx # p = a[2] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[2]
+ movq 24(%rdi), %r10 # prefetch r[3]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 16(%rdi) # r[2] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 32(%rsi), %r11 # prefetch a[4]
+ mulq %rcx # p = a[3] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[3]
+ movq 32(%rdi), %r10 # prefetch r[4]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 24(%rdi) # r[3] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 40(%rsi), %r11 # prefetch a[5]
+ mulq %rcx # p = a[4] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[4]
+ movq 40(%rdi), %r10 # prefetch r[5]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 32(%rdi) # r[4] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 48(%rsi), %r11 # prefetch a[6]
+ mulq %rcx # p = a[5] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[5]
+ movq 48(%rdi), %r10 # prefetch r[6]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 40(%rdi) # r[5] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ movq 56(%rsi), %r11 # prefetch a[7]
+ mulq %rcx # p = a[6] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[6]
+ movq 56(%rdi), %r10 # prefetch r[7]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 48(%rdi) # r[6] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ movq %r11, %rax
+ mulq %rcx # p = a[7] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[7]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 56(%rdi) # r[7] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+
+ addq $64, %rsi
+ addq $64, %rdi
+ subq $8, %r8
+
+ jz .L27
+ jmp .L25
+
+.L26:
+ movq 0(%rsi), %rax
+ movq 0(%rdi), %r10
+ mulq %rcx # p = a[0] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[0]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 0(%rdi) # r[0] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 8(%rsi), %rax
+ movq 8(%rdi), %r10
+ mulq %rcx # p = a[1] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[1]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 8(%rdi) # r[1] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 16(%rsi), %rax
+ movq 16(%rdi), %r10
+ mulq %rcx # p = a[2] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[2]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 16(%rdi) # r[2] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 24(%rsi), %rax
+ movq 24(%rdi), %r10
+ mulq %rcx # p = a[3] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[3]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 24(%rdi) # r[3] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 32(%rsi), %rax
+ movq 32(%rdi), %r10
+ mulq %rcx # p = a[4] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[4]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 32(%rdi) # r[4] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 40(%rsi), %rax
+ movq 40(%rdi), %r10
+ mulq %rcx # p = a[5] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[5]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 40(%rdi) # r[5] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 48(%rsi), %rax
+ movq 48(%rdi), %r10
+ mulq %rcx # p = a[6] * digit
+ addq %r10, %rax
+ adcq $0, %rdx # p += r[6]
+ addq %r9, %rax
+ adcq $0, %rdx # p += cy
+ movq %rax, 48(%rdi) # r[6] = lo(p)
+ movq %rdx, %r9 # cy = hi(p)
+ decq %r8
+ jz .L27
+
+
+.L27:
+ movq %r9, %rax
+ ret
+
+.size s_mpv_mul_add_vec64, .-s_mpv_mul_add_vec64
+
+# Magic indicating no need for an executable stack
+.section .note.GNU-stack, "", @progbits
+.previous
diff --git a/security/nss/lib/freebl/mpi/mpi_amd64_masm.asm b/security/nss/lib/freebl/mpi/mpi_amd64_masm.asm
new file mode 100644
index 000000000..2120c18f9
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_amd64_masm.asm
@@ -0,0 +1,388 @@
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+;
+; This code is converted from mpi_amd64_gas.asm for MASM for x64.
+;
+
+; ------------------------------------------------------------------------
+;
+; Implementation of s_mpv_mul_set_vec which exploits
+; the 64X64->128 bit unsigned multiply instruction.
+;
+; ------------------------------------------------------------------------
+
+; r = a * digit, r and a are vectors of length len
+; returns the carry digit
+; r and a are 64 bit aligned.
+;
+; uint64_t
+; s_mpv_mul_set_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
+;
+
+.CODE
+
+s_mpv_mul_set_vec64 PROC
+
+ ; compatibilities for paramenter registers
+ ;
+ ; About GAS and MASM, the usage of parameter registers are different.
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov edx, r8d
+ mov rcx, r9
+
+ xor rax, rax
+ test rdx, rdx
+ jz L17
+ mov r8, rdx
+ xor r9, r9
+
+L15:
+ cmp r8, 8
+ jb L16
+ mov rax, [rsi]
+ mov r11, [8+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx, 0
+ mov [0+rdi], rax
+ mov r9, rdx
+ mov rax,r11
+ mov r11, [16+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [8+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [24+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [16+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [32+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [24+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [40+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [32+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [48+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [40+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [56+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [48+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [56+rdi],rax
+ mov r9,rdx
+ add rsi, 64
+ add rdi, 64
+ sub r8, 8
+ jz L17
+ jmp L15
+
+L16:
+ mov rax, [0+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx,0
+ mov [0+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L17
+ mov rax, [8+rsi]
+ mul rcx
+ add rax,r9
+ adc rdx,0
+ mov [8+rdi], rax
+ mov r9, rdx
+ dec r8
+ jz L17
+ mov rax, [16+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx, 0
+ mov [16+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L17
+ mov rax, [24+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx, 0
+ mov [24+rdi], rax
+ mov r9, rdx
+ dec r8
+ jz L17
+ mov rax, [32+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx, 0
+ mov [32+rdi],rax
+ mov r9, rdx
+ dec r8
+ jz L17
+ mov rax, [40+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx, 0
+ mov [40+rdi], rax
+ mov r9, rdx
+ dec r8
+ jz L17
+ mov rax, [48+rsi]
+ mul rcx
+ add rax, r9
+ adc rdx, 0
+ mov [48+rdi], rax
+ mov r9, rdx
+ dec r8
+ jz L17
+
+L17:
+ mov rax, r9
+ pop rsi
+ pop rdi
+ ret
+
+s_mpv_mul_set_vec64 ENDP
+
+
+;------------------------------------------------------------------------
+;
+; Implementation of s_mpv_mul_add_vec which exploits
+; the 64X64->128 bit unsigned multiply instruction.
+;
+;------------------------------------------------------------------------
+
+; r += a * digit, r and a are vectors of length len
+; returns the carry digit
+; r and a are 64 bit aligned.
+;
+; uint64_t
+; s_mpv_mul_add_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
+;
+
+s_mpv_mul_add_vec64 PROC
+
+ ; compatibilities for paramenter registers
+ ;
+ ; About GAS and MASM, the usage of parameter registers are different.
+
+ push rdi
+ push rsi
+
+ mov rdi, rcx
+ mov rsi, rdx
+ mov edx, r8d
+ mov rcx, r9
+
+ xor rax, rax
+ test rdx, rdx
+ jz L27
+ mov r8, rdx
+ xor r9, r9
+
+L25:
+ cmp r8, 8
+ jb L26
+ mov rax, [0+rsi]
+ mov r10, [0+rdi]
+ mov r11, [8+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [8+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [0+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [16+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [16+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [8+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [24+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [24+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [16+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [32+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [32+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [24+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [40+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [40+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [32+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [48+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [48+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [40+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mov r11, [56+rsi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ mov r10, [56+rdi]
+ add rax,r9
+ adc rdx,0
+ mov [48+rdi],rax
+ mov r9,rdx
+ mov rax,r11
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [56+rdi],rax
+ mov r9,rdx
+ add rsi,64
+ add rdi,64
+ sub r8, 8
+ jz L27
+ jmp L25
+
+L26:
+ mov rax, [0+rsi]
+ mov r10, [0+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [0+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L27
+ mov rax, [8+rsi]
+ mov r10, [8+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [8+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L27
+ mov rax, [16+rsi]
+ mov r10, [16+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [16+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L27
+ mov rax, [24+rsi]
+ mov r10, [24+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [24+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L27
+ mov rax, [32+rsi]
+ mov r10, [32+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [32+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L27
+ mov rax, [40+rsi]
+ mov r10, [40+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax,r9
+ adc rdx,0
+ mov [40+rdi],rax
+ mov r9,rdx
+ dec r8
+ jz L27
+ mov rax, [48+rsi]
+ mov r10, [48+rdi]
+ mul rcx
+ add rax,r10
+ adc rdx,0
+ add rax, r9
+ adc rdx, 0
+ mov [48+rdi], rax
+ mov r9, rdx
+ dec r8
+ jz L27
+
+L27:
+ mov rax, r9
+
+ pop rsi
+ pop rdi
+ ret
+
+s_mpv_mul_add_vec64 ENDP
+
+END
diff --git a/security/nss/lib/freebl/mpi/mpi_amd64_sun.s b/security/nss/lib/freebl/mpi/mpi_amd64_sun.s
new file mode 100644
index 000000000..ddd5c40fd
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_amd64_sun.s
@@ -0,0 +1,385 @@
+/ This Source Code Form is subject to the terms of the Mozilla Public
+/ License, v. 2.0. If a copy of the MPL was not distributed with this
+/ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+/ ------------------------------------------------------------------------
+/
+/ Implementation of s_mpv_mul_set_vec which exploits
+/ the 64X64->128 bit unsigned multiply instruction.
+/
+/ ------------------------------------------------------------------------
+
+/ r = a * digit, r and a are vectors of length len
+/ returns the carry digit
+/ r and a are 64 bit aligned.
+/
+/ uint64_t
+/ s_mpv_mul_set_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
+/
+
+.text; .align 16; .globl s_mpv_mul_set_vec64; .type s_mpv_mul_set_vec64, @function; s_mpv_mul_set_vec64:
+
+ xorq %rax, %rax / if (len == 0) return (0)
+ testq %rdx, %rdx
+ jz .L17
+
+ movq %rdx, %r8 / Use r8 for len; %rdx is used by mul
+ xorq %r9, %r9 / cy = 0
+
+.L15:
+ cmpq $8, %r8 / 8 - len
+ jb .L16
+ movq 0(%rsi), %rax / rax = a[0]
+ movq 8(%rsi), %r11 / prefetch a[1]
+ mulq %rcx / p = a[0] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 0(%rdi) / r[0] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 16(%rsi), %r11 / prefetch a[2]
+ mulq %rcx / p = a[1] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 8(%rdi) / r[1] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 24(%rsi), %r11 / prefetch a[3]
+ mulq %rcx / p = a[2] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 16(%rdi) / r[2] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 32(%rsi), %r11 / prefetch a[4]
+ mulq %rcx / p = a[3] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 24(%rdi) / r[3] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 40(%rsi), %r11 / prefetch a[5]
+ mulq %rcx / p = a[4] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 32(%rdi) / r[4] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 48(%rsi), %r11 / prefetch a[6]
+ mulq %rcx / p = a[5] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 40(%rdi) / r[5] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 56(%rsi), %r11 / prefetch a[7]
+ mulq %rcx / p = a[6] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 48(%rdi) / r[6] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ mulq %rcx / p = a[7] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 56(%rdi) / r[7] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ addq $64, %rsi
+ addq $64, %rdi
+ subq $8, %r8
+
+ jz .L17
+ jmp .L15
+
+.L16:
+ movq 0(%rsi), %rax
+ mulq %rcx / p = a[0] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 0(%rdi) / r[0] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 8(%rsi), %rax
+ mulq %rcx / p = a[1] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 8(%rdi) / r[1] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 16(%rsi), %rax
+ mulq %rcx / p = a[2] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 16(%rdi) / r[2] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 24(%rsi), %rax
+ mulq %rcx / p = a[3] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 24(%rdi) / r[3] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 32(%rsi), %rax
+ mulq %rcx / p = a[4] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 32(%rdi) / r[4] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 40(%rsi), %rax
+ mulq %rcx / p = a[5] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 40(%rdi) / r[5] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+ movq 48(%rsi), %rax
+ mulq %rcx / p = a[6] * digit
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 48(%rdi) / r[6] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L17
+
+
+.L17:
+ movq %r9, %rax
+ ret
+
+.size s_mpv_mul_set_vec64, .-s_mpv_mul_set_vec64
+
+/ ------------------------------------------------------------------------
+/
+/ Implementation of s_mpv_mul_add_vec which exploits
+/ the 64X64->128 bit unsigned multiply instruction.
+/
+/ ------------------------------------------------------------------------
+
+/ r += a * digit, r and a are vectors of length len
+/ returns the carry digit
+/ r and a are 64 bit aligned.
+/
+/ uint64_t
+/ s_mpv_mul_add_vec64(uint64_t *r, uint64_t *a, int len, uint64_t digit)
+/
+
+.text; .align 16; .globl s_mpv_mul_add_vec64; .type s_mpv_mul_add_vec64, @function; s_mpv_mul_add_vec64:
+
+ xorq %rax, %rax / if (len == 0) return (0)
+ testq %rdx, %rdx
+ jz .L27
+
+ movq %rdx, %r8 / Use r8 for len; %rdx is used by mul
+ xorq %r9, %r9 / cy = 0
+
+.L25:
+ cmpq $8, %r8 / 8 - len
+ jb .L26
+ movq 0(%rsi), %rax / rax = a[0]
+ movq 0(%rdi), %r10 / r10 = r[0]
+ movq 8(%rsi), %r11 / prefetch a[1]
+ mulq %rcx / p = a[0] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[0]
+ movq 8(%rdi), %r10 / prefetch r[1]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 0(%rdi) / r[0] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 16(%rsi), %r11 / prefetch a[2]
+ mulq %rcx / p = a[1] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[1]
+ movq 16(%rdi), %r10 / prefetch r[2]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 8(%rdi) / r[1] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 24(%rsi), %r11 / prefetch a[3]
+ mulq %rcx / p = a[2] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[2]
+ movq 24(%rdi), %r10 / prefetch r[3]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 16(%rdi) / r[2] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 32(%rsi), %r11 / prefetch a[4]
+ mulq %rcx / p = a[3] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[3]
+ movq 32(%rdi), %r10 / prefetch r[4]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 24(%rdi) / r[3] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 40(%rsi), %r11 / prefetch a[5]
+ mulq %rcx / p = a[4] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[4]
+ movq 40(%rdi), %r10 / prefetch r[5]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 32(%rdi) / r[4] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 48(%rsi), %r11 / prefetch a[6]
+ mulq %rcx / p = a[5] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[5]
+ movq 48(%rdi), %r10 / prefetch r[6]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 40(%rdi) / r[5] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ movq 56(%rsi), %r11 / prefetch a[7]
+ mulq %rcx / p = a[6] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[6]
+ movq 56(%rdi), %r10 / prefetch r[7]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 48(%rdi) / r[6] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ movq %r11, %rax
+ mulq %rcx / p = a[7] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[7]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 56(%rdi) / r[7] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+
+ addq $64, %rsi
+ addq $64, %rdi
+ subq $8, %r8
+
+ jz .L27
+ jmp .L25
+
+.L26:
+ movq 0(%rsi), %rax
+ movq 0(%rdi), %r10
+ mulq %rcx / p = a[0] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[0]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 0(%rdi) / r[0] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 8(%rsi), %rax
+ movq 8(%rdi), %r10
+ mulq %rcx / p = a[1] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[1]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 8(%rdi) / r[1] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 16(%rsi), %rax
+ movq 16(%rdi), %r10
+ mulq %rcx / p = a[2] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[2]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 16(%rdi) / r[2] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 24(%rsi), %rax
+ movq 24(%rdi), %r10
+ mulq %rcx / p = a[3] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[3]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 24(%rdi) / r[3] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 32(%rsi), %rax
+ movq 32(%rdi), %r10
+ mulq %rcx / p = a[4] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[4]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 32(%rdi) / r[4] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 40(%rsi), %rax
+ movq 40(%rdi), %r10
+ mulq %rcx / p = a[5] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[5]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 40(%rdi) / r[5] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+ movq 48(%rsi), %rax
+ movq 48(%rdi), %r10
+ mulq %rcx / p = a[6] * digit
+ addq %r10, %rax
+ adcq $0, %rdx / p += r[6]
+ addq %r9, %rax
+ adcq $0, %rdx / p += cy
+ movq %rax, 48(%rdi) / r[6] = lo(p)
+ movq %rdx, %r9 / cy = hi(p)
+ decq %r8
+ jz .L27
+
+
+.L27:
+ movq %r9, %rax
+ ret
+
+.size s_mpv_mul_add_vec64, .-s_mpv_mul_add_vec64
diff --git a/security/nss/lib/freebl/mpi/mpi_arm.c b/security/nss/lib/freebl/mpi/mpi_arm.c
new file mode 100644
index 000000000..b5139f28d
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_arm.c
@@ -0,0 +1,175 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This inlined version is for 32-bit ARM platform only */
+
+#if !defined(__arm__)
+#error "This is for ARM only"
+#endif
+
+/* 16-bit thumb doesn't work inlined assember version */
+#if (!defined(__thumb__) || defined(__thumb2__)) && !defined(__ARM_ARCH_3__)
+
+#include "mpi-priv.h"
+
+#ifdef MP_ASSEMBLY_MULTIPLY
+void
+s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ __asm__ __volatile__(
+ "mov r5, #0\n"
+#ifdef __thumb2__
+ "cbz %1, 2f\n"
+#else
+ "cmp %1, r5\n" /* r5 is 0 now */
+ "beq 2f\n"
+#endif
+
+ "1:\n"
+ "mov r4, #0\n"
+ "ldr r6, [%0], #4\n"
+ "umlal r5, r4, r6, %2\n"
+ "str r5, [%3], #4\n"
+ "mov r5, r4\n"
+
+ "subs %1, #1\n"
+ "bne 1b\n"
+
+ "2:\n"
+ "str r5, [%3]\n"
+ :
+ : "r"(a), "r"(a_len), "r"(b), "r"(c)
+ : "memory", "cc", "%r4", "%r5", "%r6");
+}
+
+void
+s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ __asm__ __volatile__(
+ "mov r5, #0\n"
+#ifdef __thumb2__
+ "cbz %1, 2f\n"
+#else
+ "cmp %1, r5\n" /* r5 is 0 now */
+ "beq 2f\n"
+#endif
+
+ "1:\n"
+ "mov r4, #0\n"
+ "ldr r6, [%3]\n"
+ "adds r5, r6\n"
+ "adc r4, r4, #0\n"
+
+ "ldr r6, [%0], #4\n"
+ "umlal r5, r4, r6, %2\n"
+ "str r5, [%3], #4\n"
+ "mov r5, r4\n"
+
+ "subs %1, #1\n"
+ "bne 1b\n"
+
+ "2:\n"
+ "str r5, [%3]\n"
+ :
+ : "r"(a), "r"(a_len), "r"(b), "r"(c)
+ : "memory", "cc", "%r4", "%r5", "%r6");
+}
+
+void
+s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ if (!a_len)
+ return;
+
+ __asm__ __volatile__(
+ "mov r5, #0\n"
+
+ "1:\n"
+ "mov r4, #0\n"
+ "ldr r6, [%3]\n"
+ "adds r5, r6\n"
+ "adc r4, r4, #0\n"
+ "ldr r6, [%0], #4\n"
+ "umlal r5, r4, r6, %2\n"
+ "str r5, [%3], #4\n"
+ "mov r5, r4\n"
+
+ "subs %1, #1\n"
+ "bne 1b\n"
+
+#ifdef __thumb2__
+ "cbz r4, 3f\n"
+#else
+ "cmp r4, #0\n"
+ "beq 3f\n"
+#endif
+
+ "2:\n"
+ "mov r4, #0\n"
+ "ldr r6, [%3]\n"
+ "adds r5, r6\n"
+ "adc r4, r4, #0\n"
+ "str r5, [%3], #4\n"
+ "movs r5, r4\n"
+ "bne 2b\n"
+
+ "3:\n"
+ :
+ : "r"(a), "r"(a_len), "r"(b), "r"(c)
+ : "memory", "cc", "%r4", "%r5", "%r6");
+}
+#endif
+
+#ifdef MP_ASSEMBLY_SQUARE
+void
+s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
+{
+ if (!a_len)
+ return;
+
+ __asm__ __volatile__(
+ "mov r3, #0\n"
+
+ "1:\n"
+ "mov r4, #0\n"
+ "ldr r6, [%0], #4\n"
+ "ldr r5, [%2]\n"
+ "adds r3, r5\n"
+ "adc r4, r4, #0\n"
+ "umlal r3, r4, r6, r6\n" /* w = r3:r4 */
+ "str r3, [%2], #4\n"
+
+ "ldr r5, [%2]\n"
+ "adds r3, r4, r5\n"
+ "mov r4, #0\n"
+ "adc r4, r4, #0\n"
+ "str r3, [%2], #4\n"
+ "mov r3, r4\n"
+
+ "subs %1, #1\n"
+ "bne 1b\n"
+
+#ifdef __thumb2__
+ "cbz r3, 3f\n"
+#else
+ "cmp r3, #0\n"
+ "beq 3f\n"
+#endif
+
+ "2:\n"
+ "mov r4, #0\n"
+ "ldr r5, [%2]\n"
+ "adds r3, r5\n"
+ "adc r4, r4, #0\n"
+ "str r3, [%2], #4\n"
+ "movs r3, r4\n"
+ "bne 2b\n"
+
+ "3:"
+ :
+ : "r"(pa), "r"(a_len), "r"(ps)
+ : "memory", "cc", "%r3", "%r4", "%r5", "%r6");
+}
+#endif
+#endif
diff --git a/security/nss/lib/freebl/mpi/mpi_hp.c b/security/nss/lib/freebl/mpi/mpi_hp.c
new file mode 100644
index 000000000..0cea7685d
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_hp.c
@@ -0,0 +1,81 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This file contains routines that perform vector multiplication. */
+
+#include "mpi-priv.h"
+#include <unistd.h>
+
+#include <stddef.h>
+/* #include <sys/systeminfo.h> */
+#include <strings.h>
+
+extern void multacc512(
+ int length, /* doublewords in multiplicand vector. */
+ const mp_digit *scalaraddr, /* Address of scalar. */
+ const mp_digit *multiplicand, /* The multiplicand vector. */
+ mp_digit *result); /* Where to accumulate the result. */
+
+extern void maxpy_little(
+ int length, /* doublewords in multiplicand vector. */
+ const mp_digit *scalaraddr, /* Address of scalar. */
+ const mp_digit *multiplicand, /* The multiplicand vector. */
+ mp_digit *result); /* Where to accumulate the result. */
+
+extern void add_diag_little(
+ int length, /* doublewords in input vector. */
+ const mp_digit *root, /* The vector to square. */
+ mp_digit *result); /* Where to accumulate the result. */
+
+void
+s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
+{
+ add_diag_little(a_len, pa, ps);
+}
+
+#define MAX_STACK_DIGITS 258
+#define MULTACC512_LEN (512 / MP_DIGIT_BIT)
+#define HP_MPY_ADD_FN (a_len == MULTACC512_LEN ? multacc512 : maxpy_little)
+
+/* c = a * b */
+void
+s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ mp_digit x[MAX_STACK_DIGITS];
+ mp_digit *px = x;
+ size_t xSize = 0;
+
+ if (a == c) {
+ if (a_len > MAX_STACK_DIGITS) {
+ xSize = sizeof(mp_digit) * (a_len + 2);
+ px = malloc(xSize);
+ if (!px)
+ return;
+ }
+ memcpy(px, a, a_len * sizeof(*a));
+ a = px;
+ }
+ s_mp_setz(c, a_len + 1);
+ HP_MPY_ADD_FN(a_len, &b, a, c);
+ if (px != x && px) {
+ memset(px, 0, xSize);
+ free(px);
+ }
+}
+
+/* c += a * b, where a is a_len words long. */
+void
+s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ c[a_len] = 0; /* so carry propagation stops here. */
+ HP_MPY_ADD_FN(a_len, &b, a, c);
+}
+
+/* c += a * b, where a is y words long. */
+void
+s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
+ mp_digit *c)
+{
+ HP_MPY_ADD_FN(a_len, &b, a, c);
+}
diff --git a/security/nss/lib/freebl/mpi/mpi_i86pc.s b/security/nss/lib/freebl/mpi/mpi_i86pc.s
new file mode 100644
index 000000000..f80039659
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_i86pc.s
@@ -0,0 +1,313 @@
+/
+/ This Source Code Form is subject to the terms of the Mozilla Public
+/ License, v. 2.0. If a copy of the MPL was not distributed with this
+/ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+.text
+
+ / ebp - 36: caller's esi
+ / ebp - 32: caller's edi
+ / ebp - 28:
+ / ebp - 24:
+ / ebp - 20:
+ / ebp - 16:
+ / ebp - 12:
+ / ebp - 8:
+ / ebp - 4:
+ / ebp + 0: caller's ebp
+ / ebp + 4: return address
+ / ebp + 8: a argument
+ / ebp + 12: a_len argument
+ / ebp + 16: b argument
+ / ebp + 20: c argument
+ / registers:
+ / eax:
+ / ebx: carry
+ / ecx: a_len
+ / edx:
+ / esi: a ptr
+ / edi: c ptr
+.globl s_mpv_mul_d
+.type s_mpv_mul_d,@function
+s_mpv_mul_d:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx / carry = 0
+ mov 12(%ebp),%ecx / ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je L2 / jmp if a_len == 0
+ mov 8(%ebp),%esi / esi = a
+ cld
+L1:
+ lodsl / eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx / edx = b
+ mull %edx / edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax / add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov %edx,%ebx / high half of product becomes next carry
+
+ stosl / [es:edi] = ax; edi += 4;
+ dec %ecx / --a_len
+ jnz L1 / jmp if a_len != 0
+L2:
+ mov %ebx,0(%edi) / *c = carry
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ / ebp - 36: caller's esi
+ / ebp - 32: caller's edi
+ / ebp - 28:
+ / ebp - 24:
+ / ebp - 20:
+ / ebp - 16:
+ / ebp - 12:
+ / ebp - 8:
+ / ebp - 4:
+ / ebp + 0: caller's ebp
+ / ebp + 4: return address
+ / ebp + 8: a argument
+ / ebp + 12: a_len argument
+ / ebp + 16: b argument
+ / ebp + 20: c argument
+ / registers:
+ / eax:
+ / ebx: carry
+ / ecx: a_len
+ / edx:
+ / esi: a ptr
+ / edi: c ptr
+.globl s_mpv_mul_d_add
+.type s_mpv_mul_d_add,@function
+s_mpv_mul_d_add:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx / carry = 0
+ mov 12(%ebp),%ecx / ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je L4 / jmp if a_len == 0
+ mov 8(%ebp),%esi / esi = a
+ cld
+L3:
+ lodsl / eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx / edx = b
+ mull %edx / edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax / add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov 0(%edi),%ebx / add in current word from *c
+ add %ebx,%eax
+ adc $0,%edx
+ mov %edx,%ebx / high half of product becomes next carry
+
+ stosl / [es:edi] = ax; edi += 4;
+ dec %ecx / --a_len
+ jnz L3 / jmp if a_len != 0
+L4:
+ mov %ebx,0(%edi) / *c = carry
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ / ebp - 36: caller's esi
+ / ebp - 32: caller's edi
+ / ebp - 28:
+ / ebp - 24:
+ / ebp - 20:
+ / ebp - 16:
+ / ebp - 12:
+ / ebp - 8:
+ / ebp - 4:
+ / ebp + 0: caller's ebp
+ / ebp + 4: return address
+ / ebp + 8: a argument
+ / ebp + 12: a_len argument
+ / ebp + 16: b argument
+ / ebp + 20: c argument
+ / registers:
+ / eax:
+ / ebx: carry
+ / ecx: a_len
+ / edx:
+ / esi: a ptr
+ / edi: c ptr
+.globl s_mpv_mul_d_add_prop
+.type s_mpv_mul_d_add_prop,@function
+s_mpv_mul_d_add_prop:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx / carry = 0
+ mov 12(%ebp),%ecx / ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je L6 / jmp if a_len == 0
+ cld
+ mov 8(%ebp),%esi / esi = a
+L5:
+ lodsl / eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx / edx = b
+ mull %edx / edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax / add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov 0(%edi),%ebx / add in current word from *c
+ add %ebx,%eax
+ adc $0,%edx
+ mov %edx,%ebx / high half of product becomes next carry
+
+ stosl / [es:edi] = ax; edi += 4;
+ dec %ecx / --a_len
+ jnz L5 / jmp if a_len != 0
+L6:
+ cmp $0,%ebx / is carry zero?
+ jz L8
+ mov 0(%edi),%eax / add in current word from *c
+ add %ebx,%eax
+ stosl / [es:edi] = ax; edi += 4;
+ jnc L8
+L7:
+ mov 0(%edi),%eax / add in current word from *c
+ adc $0,%eax
+ stosl / [es:edi] = ax; edi += 4;
+ jc L7
+L8:
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ / ebp - 20: caller's esi
+ / ebp - 16: caller's edi
+ / ebp - 12:
+ / ebp - 8: carry
+ / ebp - 4: a_len local
+ / ebp + 0: caller's ebp
+ / ebp + 4: return address
+ / ebp + 8: pa argument
+ / ebp + 12: a_len argument
+ / ebp + 16: ps argument
+ / ebp + 20:
+ / registers:
+ / eax:
+ / ebx: carry
+ / ecx: a_len
+ / edx:
+ / esi: a ptr
+ / edi: c ptr
+
+.globl s_mpv_sqr_add_prop
+.type s_mpv_sqr_add_prop,@function
+s_mpv_sqr_add_prop:
+ push %ebp
+ mov %esp,%ebp
+ sub $12,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx / carry = 0
+ mov 12(%ebp),%ecx / a_len
+ mov 16(%ebp),%edi / edi = ps
+ cmp $0,%ecx
+ je L11 / jump if a_len == 0
+ cld
+ mov 8(%ebp),%esi / esi = pa
+L10:
+ lodsl / %eax = [ds:si]; si += 4;
+ mull %eax
+
+ add %ebx,%eax / add "carry"
+ adc $0,%edx
+ mov 0(%edi),%ebx
+ add %ebx,%eax / add low word from result
+ mov 4(%edi),%ebx
+ stosl / [es:di] = %eax; di += 4;
+ adc %ebx,%edx / add high word from result
+ movl $0,%ebx
+ mov %edx,%eax
+ adc $0,%ebx
+ stosl / [es:di] = %eax; di += 4;
+ dec %ecx / --a_len
+ jnz L10 / jmp if a_len != 0
+L11:
+ cmp $0,%ebx / is carry zero?
+ jz L14
+ mov 0(%edi),%eax / add in current word from *c
+ add %ebx,%eax
+ stosl / [es:edi] = ax; edi += 4;
+ jnc L14
+L12:
+ mov 0(%edi),%eax / add in current word from *c
+ adc $0,%eax
+ stosl / [es:edi] = ax; edi += 4;
+ jc L12
+L14:
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ /
+ / Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
+ / so its high bit is 1. This code is from NSPR.
+ /
+ / mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
+ / mp_digit *qp, mp_digit *rp)
+
+ / esp + 0: Caller's ebx
+ / esp + 4: return address
+ / esp + 8: Nhi argument
+ / esp + 12: Nlo argument
+ / esp + 16: divisor argument
+ / esp + 20: qp argument
+ / esp + 24: rp argument
+ / registers:
+ / eax:
+ / ebx: carry
+ / ecx: a_len
+ / edx:
+ / esi: a ptr
+ / edi: c ptr
+ /
+
+.globl s_mpv_div_2dx1d
+.type s_mpv_div_2dx1d,@function
+s_mpv_div_2dx1d:
+ push %ebx
+ mov 8(%esp),%edx
+ mov 12(%esp),%eax
+ mov 16(%esp),%ebx
+ div %ebx
+ mov 20(%esp),%ebx
+ mov %eax,0(%ebx)
+ mov 24(%esp),%ebx
+ mov %edx,0(%ebx)
+ xor %eax,%eax / return zero
+ pop %ebx
+ ret
+ nop
+
diff --git a/security/nss/lib/freebl/mpi/mpi_mips.s b/security/nss/lib/freebl/mpi/mpi_mips.s
new file mode 100644
index 000000000..455792bbb
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_mips.s
@@ -0,0 +1,472 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include <regdef.h>
+ .set noreorder
+ .set noat
+
+ .section .text, 1, 0x00000006, 4, 4
+.text:
+ .section .text
+
+ .ent s_mpv_mul_d_add
+ .globl s_mpv_mul_d_add
+
+s_mpv_mul_d_add:
+ #/* c += a * b */
+ #void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b,
+ # mp_digit *c)
+ #{
+ # mp_digit a0, a1; regs a4, a5
+ # mp_digit c0, c1; regs a6, a7
+ # mp_digit cy = 0; reg t2
+ # mp_word w0, w1; regs t0, t1
+ #
+ # if (a_len) {
+ beq a1,zero,.L.1
+ move t2,zero # cy = 0
+ dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
+ dsrl32 a2,a2,0 # This clears the upper 32 bits.
+ # a0 = a[0];
+ lwu a4,0(a0)
+ # w0 = ((mp_word)b * a0);
+ dmultu a2,a4
+ # if (--a_len) {
+ addiu a1,a1,-1
+ beq a1,zero,.L.2
+ # while (a_len >= 2) {
+ sltiu t3,a1,2
+ bne t3,zero,.L.3
+ # a1 = a[1];
+ lwu a5,4(a0)
+.L.4:
+ # a_len -= 2;
+ addiu a1,a1,-2
+ # c0 = c[0];
+ lwu a6,0(a3)
+ # w0 += cy;
+ mflo t0
+ daddu t0,t0,t2
+ # w0 += c0;
+ daddu t0,t0,a6
+ # w1 = (mp_word)b * a1;
+ dmultu a2,a5 #
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # a0 = a[2];
+ lwu a4,8(a0)
+ # a += 2;
+ addiu a0,a0,8
+ # c1 = c[1];
+ lwu a7,4(a3)
+ # w1 += cy;
+ mflo t1
+ daddu t1,t1,t2
+ # w1 += c1;
+ daddu t1,t1,a7
+ # w0 = (mp_word)b * a0;
+ dmultu a2,a4 #
+ # cy = CARRYOUT(w1);
+ dsrl32 t2,t1,0
+ # c[1] = ACCUM(w1);
+ sw t1,4(a3)
+ # c += 2;
+ addiu a3,a3,8
+ sltiu t3,a1,2
+ beq t3,zero,.L.4
+ # a1 = a[1];
+ lwu a5,4(a0)
+ # }
+.L.3:
+ # c0 = c[0];
+ lwu a6,0(a3)
+ # w0 += cy;
+ # if (a_len) {
+ mflo t0
+ beq a1,zero,.L.5
+ daddu t0,t0,t2
+ # w1 = (mp_word)b * a1;
+ dmultu a2,a5
+ # w0 += c0;
+ daddu t0,t0,a6 #
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # c1 = c[1];
+ lwu a7,4(a3)
+ # w1 += cy;
+ mflo t1
+ daddu t1,t1,t2
+ # w1 += c1;
+ daddu t1,t1,a7
+ # c[1] = ACCUM(w1);
+ sw t1,4(a3)
+ # cy = CARRYOUT(w1);
+ dsrl32 t2,t1,0
+ # c += 1;
+ b .L.6
+ addiu a3,a3,4
+ # } else {
+.L.5:
+ # w0 += c0;
+ daddu t0,t0,a6
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # cy = CARRYOUT(w0);
+ b .L.6
+ dsrl32 t2,t0,0
+ # }
+ # } else {
+.L.2:
+ # c0 = c[0];
+ lwu a6,0(a3)
+ # w0 += c0;
+ mflo t0
+ daddu t0,t0,a6
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # }
+.L.6:
+ # c[1] = cy;
+ jr ra
+ sw t2,4(a3)
+ # }
+.L.1:
+ jr ra
+ nop
+ #}
+ #
+ .end s_mpv_mul_d_add
+
+ .ent s_mpv_mul_d_add_prop
+ .globl s_mpv_mul_d_add_prop
+
+s_mpv_mul_d_add_prop:
+ #/* c += a * b */
+ #void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
+ # mp_digit *c)
+ #{
+ # mp_digit a0, a1; regs a4, a5
+ # mp_digit c0, c1; regs a6, a7
+ # mp_digit cy = 0; reg t2
+ # mp_word w0, w1; regs t0, t1
+ #
+ # if (a_len) {
+ beq a1,zero,.M.1
+ move t2,zero # cy = 0
+ dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
+ dsrl32 a2,a2,0 # This clears the upper 32 bits.
+ # a0 = a[0];
+ lwu a4,0(a0)
+ # w0 = ((mp_word)b * a0);
+ dmultu a2,a4
+ # if (--a_len) {
+ addiu a1,a1,-1
+ beq a1,zero,.M.2
+ # while (a_len >= 2) {
+ sltiu t3,a1,2
+ bne t3,zero,.M.3
+ # a1 = a[1];
+ lwu a5,4(a0)
+.M.4:
+ # a_len -= 2;
+ addiu a1,a1,-2
+ # c0 = c[0];
+ lwu a6,0(a3)
+ # w0 += cy;
+ mflo t0
+ daddu t0,t0,t2
+ # w0 += c0;
+ daddu t0,t0,a6
+ # w1 = (mp_word)b * a1;
+ dmultu a2,a5 #
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # a0 = a[2];
+ lwu a4,8(a0)
+ # a += 2;
+ addiu a0,a0,8
+ # c1 = c[1];
+ lwu a7,4(a3)
+ # w1 += cy;
+ mflo t1
+ daddu t1,t1,t2
+ # w1 += c1;
+ daddu t1,t1,a7
+ # w0 = (mp_word)b * a0;
+ dmultu a2,a4 #
+ # cy = CARRYOUT(w1);
+ dsrl32 t2,t1,0
+ # c[1] = ACCUM(w1);
+ sw t1,4(a3)
+ # c += 2;
+ addiu a3,a3,8
+ sltiu t3,a1,2
+ beq t3,zero,.M.4
+ # a1 = a[1];
+ lwu a5,4(a0)
+ # }
+.M.3:
+ # c0 = c[0];
+ lwu a6,0(a3)
+ # w0 += cy;
+ # if (a_len) {
+ mflo t0
+ beq a1,zero,.M.5
+ daddu t0,t0,t2
+ # w1 = (mp_word)b * a1;
+ dmultu a2,a5
+ # w0 += c0;
+ daddu t0,t0,a6 #
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # c1 = c[1];
+ lwu a7,4(a3)
+ # w1 += cy;
+ mflo t1
+ daddu t1,t1,t2
+ # w1 += c1;
+ daddu t1,t1,a7
+ # c[1] = ACCUM(w1);
+ sw t1,4(a3)
+ # cy = CARRYOUT(w1);
+ dsrl32 t2,t1,0
+ # c += 1;
+ b .M.6
+ addiu a3,a3,8
+ # } else {
+.M.5:
+ # w0 += c0;
+ daddu t0,t0,a6
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ b .M.6
+ addiu a3,a3,4
+ # }
+ # } else {
+.M.2:
+ # c0 = c[0];
+ lwu a6,0(a3)
+ # w0 += c0;
+ mflo t0
+ daddu t0,t0,a6
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ addiu a3,a3,4
+ # }
+.M.6:
+
+ # while (cy) {
+ beq t2,zero,.M.1
+ nop
+.M.7:
+ # mp_word w = (mp_word)*c + cy;
+ lwu a6,0(a3)
+ daddu t2,t2,a6
+ # *c++ = ACCUM(w);
+ sw t2,0(a3)
+ # cy = CARRYOUT(w);
+ dsrl32 t2,t2,0
+ bne t2,zero,.M.7
+ addiu a3,a3,4
+
+ # }
+.M.1:
+ jr ra
+ nop
+ #}
+ #
+ .end s_mpv_mul_d_add_prop
+
+ .ent s_mpv_mul_d
+ .globl s_mpv_mul_d
+
+s_mpv_mul_d:
+ #/* c = a * b */
+ #void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b,
+ # mp_digit *c)
+ #{
+ # mp_digit a0, a1; regs a4, a5
+ # mp_digit cy = 0; reg t2
+ # mp_word w0, w1; regs t0, t1
+ #
+ # if (a_len) {
+ beq a1,zero,.N.1
+ move t2,zero # cy = 0
+ dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
+ dsrl32 a2,a2,0 # This clears the upper 32 bits.
+ # a0 = a[0];
+ lwu a4,0(a0)
+ # w0 = ((mp_word)b * a0);
+ dmultu a2,a4
+ # if (--a_len) {
+ addiu a1,a1,-1
+ beq a1,zero,.N.2
+ # while (a_len >= 2) {
+ sltiu t3,a1,2
+ bne t3,zero,.N.3
+ # a1 = a[1];
+ lwu a5,4(a0)
+.N.4:
+ # a_len -= 2;
+ addiu a1,a1,-2
+ # w0 += cy;
+ mflo t0
+ daddu t0,t0,t2
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # w1 = (mp_word)b * a1;
+ dmultu a2,a5
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # a0 = a[2];
+ lwu a4,8(a0)
+ # a += 2;
+ addiu a0,a0,8
+ # w1 += cy;
+ mflo t1
+ daddu t1,t1,t2
+ # cy = CARRYOUT(w1);
+ dsrl32 t2,t1,0
+ # w0 = (mp_word)b * a0;
+ dmultu a2,a4
+ # c[1] = ACCUM(w1);
+ sw t1,4(a3)
+ # c += 2;
+ addiu a3,a3,8
+ sltiu t3,a1,2
+ beq t3,zero,.N.4
+ # a1 = a[1];
+ lwu a5,4(a0)
+ # }
+.N.3:
+ # w0 += cy;
+ # if (a_len) {
+ mflo t0
+ beq a1,zero,.N.5
+ daddu t0,t0,t2
+ # w1 = (mp_word)b * a1;
+ dmultu a2,a5 #
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # w1 += cy;
+ mflo t1
+ daddu t1,t1,t2
+ # c[1] = ACCUM(w1);
+ sw t1,4(a3)
+ # cy = CARRYOUT(w1);
+ dsrl32 t2,t1,0
+ # c += 1;
+ b .N.6
+ addiu a3,a3,4
+ # } else {
+.N.5:
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # cy = CARRYOUT(w0);
+ b .N.6
+ dsrl32 t2,t0,0
+ # }
+ # } else {
+.N.2:
+ mflo t0
+ # c[0] = ACCUM(w0);
+ sw t0,0(a3)
+ # cy = CARRYOUT(w0);
+ dsrl32 t2,t0,0
+ # }
+.N.6:
+ # c[1] = cy;
+ jr ra
+ sw t2,4(a3)
+ # }
+.N.1:
+ jr ra
+ nop
+ #}
+ #
+ .end s_mpv_mul_d
+
+
+ .ent s_mpv_sqr_add_prop
+ .globl s_mpv_sqr_add_prop
+ #void s_mpv_sqr_add_prop(const mp_digit *a, mp_size a_len, mp_digit *sqrs);
+ # registers
+ # a0 *a
+ # a1 a_len
+ # a2 *sqr
+ # a3 digit from *a, a_i
+ # a4 square of digit from a
+ # a5,a6 next 2 digits in sqr
+ # a7,t0 carry
+s_mpv_sqr_add_prop:
+ move a7,zero
+ move t0,zero
+ lwu a3,0(a0)
+ addiu a1,a1,-1 # --a_len
+ dmultu a3,a3
+ beq a1,zero,.P.3 # jump if we've already done the only sqr
+ addiu a0,a0,4 # ++a
+.P.2:
+ lwu a5,0(a2)
+ lwu a6,4(a2)
+ addiu a2,a2,8 # sqrs += 2;
+ dsll32 a6,a6,0
+ daddu a5,a5,a6
+ lwu a3,0(a0)
+ addiu a0,a0,4 # ++a
+ mflo a4
+ daddu a6,a5,a4
+ sltu a7,a6,a5 # a7 = a6 < a5 detect overflow
+ dmultu a3,a3
+ daddu a4,a6,t0
+ sltu t0,a4,a6
+ add t0,t0,a7
+ sw a4,-8(a2)
+ addiu a1,a1,-1 # --a_len
+ dsrl32 a4,a4,0
+ bne a1,zero,.P.2 # loop if a_len > 0
+ sw a4,-4(a2)
+.P.3:
+ lwu a5,0(a2)
+ lwu a6,4(a2)
+ addiu a2,a2,8 # sqrs += 2;
+ dsll32 a6,a6,0
+ daddu a5,a5,a6
+ mflo a4
+ daddu a6,a5,a4
+ sltu a7,a6,a5 # a7 = a6 < a5 detect overflow
+ daddu a4,a6,t0
+ sltu t0,a4,a6
+ add t0,t0,a7
+ sw a4,-8(a2)
+ beq t0,zero,.P.9 # jump if no carry
+ dsrl32 a4,a4,0
+.P.8:
+ sw a4,-4(a2)
+ /* propagate final carry */
+ lwu a5,0(a2)
+ daddu a6,a5,t0
+ sltu t0,a6,a5
+ bne t0,zero,.P.8 # loop if carry persists
+ addiu a2,a2,4 # sqrs++
+.P.9:
+ jr ra
+ sw a4,-4(a2)
+
+ .end s_mpv_sqr_add_prop
diff --git a/security/nss/lib/freebl/mpi/mpi_sparc.c b/security/nss/lib/freebl/mpi/mpi_sparc.c
new file mode 100644
index 000000000..1e88357af
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_sparc.c
@@ -0,0 +1,226 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Multiplication performance enhancements for sparc v8+vis CPUs. */
+
+#include "mpi-priv.h"
+#include <stddef.h>
+#include <sys/systeminfo.h>
+#include <strings.h>
+
+/* In the functions below, */
+/* vector y must be 8-byte aligned, and n must be even */
+/* returns carry out of high order word of result */
+/* maximum n is 256 */
+
+/* vector x += vector y * scaler a; where y is of length n words. */
+extern mp_digit mul_add_inp(mp_digit *x, const mp_digit *y, int n, mp_digit a);
+
+/* vector z = vector x + vector y * scaler a; where y is of length n words. */
+extern mp_digit mul_add(mp_digit *z, const mp_digit *x, const mp_digit *y,
+ int n, mp_digit a);
+
+/* v8 versions of these functions run on any Sparc v8 CPU. */
+
+/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
+#define MP_MUL_DxD(a, b, Phi, Plo) \
+ { \
+ unsigned long long product = (unsigned long long)a * b; \
+ Plo = (mp_digit)product; \
+ Phi = (mp_digit)(product >> MP_DIGIT_BIT); \
+ }
+
+/* c = a * b */
+static void
+v8_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+#if !defined(MP_NO_MP_WORD)
+ mp_digit d = 0;
+
+ /* Inner product: Digits of a */
+ while (a_len--) {
+ mp_word w = ((mp_word)b * *a++) + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+ *c = d;
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+ *c = carry;
+#endif
+}
+
+/* c += a * b */
+static void
+v8_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+#if !defined(MP_NO_MP_WORD)
+ mp_digit d = 0;
+
+ /* Inner product: Digits of a */
+ while (a_len--) {
+ mp_word w = ((mp_word)b * *a++) + *c + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+ *c = d;
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+ a0b0 += a_i = *c;
+ if (a0b0 < a_i)
+ ++a1b1;
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+ *c = carry;
+#endif
+}
+
+/* Presently, this is only used by the Montgomery arithmetic code. */
+/* c += a * b */
+static void
+v8_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+#if !defined(MP_NO_MP_WORD)
+ mp_digit d = 0;
+
+ /* Inner product: Digits of a */
+ while (a_len--) {
+ mp_word w = ((mp_word)b * *a++) + *c + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+
+ while (d) {
+ mp_word w = (mp_word)*c + d;
+ *c++ = ACCUM(w);
+ d = CARRYOUT(w);
+ }
+#else
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+
+ a0b0 += a_i = *c;
+ if (a0b0 < a_i)
+ ++a1b1;
+
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+ while (carry) {
+ mp_digit c_i = *c;
+ carry += c_i;
+ *c++ = carry;
+ carry = carry < c_i;
+ }
+#endif
+}
+
+/* These functions run only on v8plus+vis or v9+vis CPUs. */
+
+/* c = a * b */
+void
+s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ mp_digit d;
+ mp_digit x[258];
+ if (a_len <= 256) {
+ if (a == c || ((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
+ mp_digit *px;
+ px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
+ memcpy(px, a, a_len * sizeof(*a));
+ a = px;
+ if (a_len & 1) {
+ px[a_len] = 0;
+ }
+ }
+ s_mp_setz(c, a_len + 1);
+ d = mul_add_inp(c, a, a_len, b);
+ c[a_len] = d;
+ } else {
+ v8_mpv_mul_d(a, a_len, b, c);
+ }
+}
+
+/* c += a * b, where a is a_len words long. */
+void
+s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ mp_digit d;
+ mp_digit x[258];
+ if (a_len <= 256) {
+ if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
+ mp_digit *px;
+ px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
+ memcpy(px, a, a_len * sizeof(*a));
+ a = px;
+ if (a_len & 1) {
+ px[a_len] = 0;
+ }
+ }
+ d = mul_add_inp(c, a, a_len, b);
+ c[a_len] = d;
+ } else {
+ v8_mpv_mul_d_add(a, a_len, b, c);
+ }
+}
+
+/* c += a * b, where a is y words long. */
+void
+s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ mp_digit d;
+ mp_digit x[258];
+ if (a_len <= 256) {
+ if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
+ mp_digit *px;
+ px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
+ memcpy(px, a, a_len * sizeof(*a));
+ a = px;
+ if (a_len & 1) {
+ px[a_len] = 0;
+ }
+ }
+ d = mul_add_inp(c, a, a_len, b);
+ if (d) {
+ c += a_len;
+ do {
+ mp_digit sum = d + *c;
+ *c++ = sum;
+ d = sum < d;
+ } while (d);
+ }
+ } else {
+ v8_mpv_mul_d_add_prop(a, a_len, b, c);
+ }
+}
diff --git a/security/nss/lib/freebl/mpi/mpi_sse2.s b/security/nss/lib/freebl/mpi/mpi_sse2.s
new file mode 100644
index 000000000..16a47019c
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_sse2.s
@@ -0,0 +1,294 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#ifdef DARWIN
+#define s_mpv_mul_d _s_mpv_mul_d
+#define s_mpv_mul_d_add _s_mpv_mul_d_add
+#define s_mpv_mul_d_add_prop _s_mpv_mul_d_add_prop
+#define s_mpv_sqr_add_prop _s_mpv_sqr_add_prop
+#define s_mpv_div_2dx1d _s_mpv_div_2dx1d
+#define TYPE_FUNCTION(x)
+#else
+#define TYPE_FUNCTION(x) .type x, @function
+#endif
+
+.text
+
+ # ebp - 8: caller's esi
+ # ebp - 4: caller's edi
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # ebx:
+ # ecx: a_len
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_mul_d
+.private_extern s_mpv_mul_d
+TYPE_FUNCTION(s_mpv_mul_d)
+s_mpv_mul_d:
+ push %ebp
+ mov %esp, %ebp
+ push %edi
+ push %esi
+ psubq %mm2, %mm2 # carry = 0
+ mov 12(%ebp), %ecx # ecx = a_len
+ movd 16(%ebp), %mm1 # mm1 = b
+ mov 20(%ebp), %edi
+ cmp $0, %ecx
+ je 2f # jmp if a_len == 0
+ mov 8(%ebp), %esi # esi = a
+ cld
+1:
+ movd 0(%esi), %mm0 # mm0 = *a++
+ add $4, %esi
+ pmuludq %mm1, %mm0 # mm0 = b * *a++
+ paddq %mm0, %mm2 # add the carry
+ movd %mm2, 0(%edi) # store the 32bit result
+ add $4, %edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 1b # jmp if a_len != 0
+2:
+ movd %mm2, 0(%edi) # *c = carry
+ emms
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 8: caller's esi
+ # ebp - 4: caller's edi
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # ebx:
+ # ecx: a_len
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_mul_d_add
+.private_extern s_mpv_mul_d_add
+TYPE_FUNCTION(s_mpv_mul_d_add)
+s_mpv_mul_d_add:
+ push %ebp
+ mov %esp, %ebp
+ push %edi
+ push %esi
+ psubq %mm2, %mm2 # carry = 0
+ mov 12(%ebp), %ecx # ecx = a_len
+ movd 16(%ebp), %mm1 # mm1 = b
+ mov 20(%ebp), %edi
+ cmp $0, %ecx
+ je 2f # jmp if a_len == 0
+ mov 8(%ebp), %esi # esi = a
+ cld
+1:
+ movd 0(%esi), %mm0 # mm0 = *a++
+ add $4, %esi
+ pmuludq %mm1, %mm0 # mm0 = b * *a++
+ paddq %mm0, %mm2 # add the carry
+ movd 0(%edi), %mm0
+ paddq %mm0, %mm2 # add the carry
+ movd %mm2, 0(%edi) # store the 32bit result
+ add $4, %edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 1b # jmp if a_len != 0
+2:
+ movd %mm2, 0(%edi) # *c = carry
+ emms
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 12: caller's ebx
+ # ebp - 8: caller's esi
+ # ebp - 4: caller's edi
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_mul_d_add_prop
+.private_extern s_mpv_mul_d_add_prop
+TYPE_FUNCTION(s_mpv_mul_d_add_prop)
+s_mpv_mul_d_add_prop:
+ push %ebp
+ mov %esp, %ebp
+ push %edi
+ push %esi
+ push %ebx
+ psubq %mm2, %mm2 # carry = 0
+ mov 12(%ebp), %ecx # ecx = a_len
+ movd 16(%ebp), %mm1 # mm1 = b
+ mov 20(%ebp), %edi
+ cmp $0, %ecx
+ je 2f # jmp if a_len == 0
+ mov 8(%ebp), %esi # esi = a
+ cld
+1:
+ movd 0(%esi), %mm0 # mm0 = *a++
+ movd 0(%edi), %mm3 # fetch the sum
+ add $4, %esi
+ pmuludq %mm1, %mm0 # mm0 = b * *a++
+ paddq %mm0, %mm2 # add the carry
+ paddq %mm3, %mm2 # add *c++
+ movd %mm2, 0(%edi) # store the 32bit result
+ add $4, %edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 1b # jmp if a_len != 0
+2:
+ movd %mm2, %ebx
+ cmp $0, %ebx # is carry zero?
+ jz 4f
+ mov 0(%edi), %eax
+ add %ebx, %eax
+ stosl
+ jnc 4f
+3:
+ mov 0(%edi), %eax # add in current word from *c
+ adc $0, %eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 3b
+4:
+ emms
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 12: caller's ebx
+ # ebp - 8: caller's esi
+ # ebp - 4: caller's edi
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: pa argument
+ # ebp + 12: a_len argument
+ # ebp + 16: ps argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_sqr_add_prop
+.private_extern s_mpv_sqr_add_prop
+TYPE_FUNCTION(s_mpv_sqr_add_prop)
+s_mpv_sqr_add_prop:
+ push %ebp
+ mov %esp, %ebp
+ push %edi
+ push %esi
+ push %ebx
+ psubq %mm2, %mm2 # carry = 0
+ mov 12(%ebp), %ecx # ecx = a_len
+ mov 16(%ebp), %edi
+ cmp $0, %ecx
+ je 2f # jmp if a_len == 0
+ mov 8(%ebp), %esi # esi = a
+ cld
+1:
+ movd 0(%esi), %mm0 # mm0 = *a
+ movd 0(%edi), %mm3 # fetch the sum
+ add $4, %esi
+ pmuludq %mm0, %mm0 # mm0 = sqr(a)
+ paddq %mm0, %mm2 # add the carry
+ paddq %mm3, %mm2 # add the low word
+ movd 4(%edi), %mm3
+ movd %mm2, 0(%edi) # store the 32bit result
+ psrlq $32, %mm2
+ paddq %mm3, %mm2 # add the high word
+ movd %mm2, 4(%edi) # store the 32bit result
+ psrlq $32, %mm2 # save the carry.
+ add $8, %edi
+ dec %ecx # --a_len
+ jnz 1b # jmp if a_len != 0
+2:
+ movd %mm2, %ebx
+ cmp $0, %ebx # is carry zero?
+ jz 4f
+ mov 0(%edi), %eax
+ add %ebx, %eax
+ stosl
+ jnc 4f
+3:
+ mov 0(%edi), %eax # add in current word from *c
+ adc $0, %eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 3b
+4:
+ emms
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ #
+ # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
+ # so its high bit is 1. This code is from NSPR.
+ #
+ # mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
+ # mp_digit *qp, mp_digit *rp)
+
+ # esp + 0: Caller's ebx
+ # esp + 4: return address
+ # esp + 8: Nhi argument
+ # esp + 12: Nlo argument
+ # esp + 16: divisor argument
+ # esp + 20: qp argument
+ # esp + 24: rp argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+ #
+.globl s_mpv_div_2dx1d
+.private_extern s_mpv_div_2dx1d
+TYPE_FUNCTION(s_mpv_div_2dx1d)
+s_mpv_div_2dx1d:
+ push %ebx
+ mov 8(%esp), %edx
+ mov 12(%esp), %eax
+ mov 16(%esp), %ebx
+ div %ebx
+ mov 20(%esp), %ebx
+ mov %eax, 0(%ebx)
+ mov 24(%esp), %ebx
+ mov %edx, 0(%ebx)
+ xor %eax, %eax # return zero
+ pop %ebx
+ ret
+ nop
+
+#ifndef DARWIN
+ # Magic indicating no need for an executable stack
+.section .note.GNU-stack, "", @progbits
+.previous
+#endif
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.s b/security/nss/lib/freebl/mpi/mpi_x86.s
new file mode 100644
index 000000000..8f7e2130c
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_x86.s
@@ -0,0 +1,541 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+.data
+.align 4
+ #
+ # -1 means to call s_mpi_is_sse to determine if we support sse
+ # instructions.
+ # 0 means to use x86 instructions
+ # 1 means to use sse2 instructions
+.type is_sse,@object
+.size is_sse,4
+is_sse: .long -1
+
+#
+# sigh, handle the difference between -fPIC and not PIC
+# default to pic, since this file seems to be exclusively
+# linux right now (solaris uses mpi_i86pc.s and windows uses
+# mpi_x86_asm.c)
+#
+.ifndef NO_PIC
+.macro GET var,reg
+ movl \var@GOTOFF(%ebx),\reg
+.endm
+.macro PUT reg,var
+ movl \reg,\var@GOTOFF(%ebx)
+.endm
+.else
+.macro GET var,reg
+ movl \var,\reg
+.endm
+.macro PUT reg,var
+ movl \reg,\var
+.endm
+.endif
+
+.text
+
+
+ # ebp - 36: caller's esi
+ # ebp - 32: caller's edi
+ # ebp - 28:
+ # ebp - 24:
+ # ebp - 20:
+ # ebp - 16:
+ # ebp - 12:
+ # ebp - 8:
+ # ebp - 4:
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_mul_d
+.type s_mpv_mul_d,@function
+s_mpv_mul_d:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je s_mpv_mul_d_x86
+ jg s_mpv_mul_d_sse2
+ call s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg s_mpv_mul_d_sse2
+s_mpv_mul_d_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 2f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+1:
+ lodsl # eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx # edx = b
+ mull %edx # edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax # add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov %edx,%ebx # high half of product becomes next carry
+
+ stosl # [es:edi] = ax; edi += 4;
+ dec %ecx # --a_len
+ jnz 1b # jmp if a_len != 0
+2:
+ mov %ebx,0(%edi) # *c = carry
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+s_mpv_mul_d_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ movd 16(%ebp),%mm1 # mm1 = b
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 6f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+5:
+ movd 0(%esi),%mm0 # mm0 = *a++
+ add $4,%esi
+ pmuludq %mm1,%mm0 # mm0 = b * *a++
+ paddq %mm0,%mm2 # add the carry
+ movd %mm2,0(%edi) # store the 32bit result
+ add $4,%edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 5b # jmp if a_len != 0
+6:
+ movd %mm2,0(%edi) # *c = carry
+ emms
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 36: caller's esi
+ # ebp - 32: caller's edi
+ # ebp - 28:
+ # ebp - 24:
+ # ebp - 20:
+ # ebp - 16:
+ # ebp - 12:
+ # ebp - 8:
+ # ebp - 4:
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_mul_d_add
+.type s_mpv_mul_d_add,@function
+s_mpv_mul_d_add:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je s_mpv_mul_d_add_x86
+ jg s_mpv_mul_d_add_sse2
+ call s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg s_mpv_mul_d_add_sse2
+s_mpv_mul_d_add_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 11f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+10:
+ lodsl # eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx # edx = b
+ mull %edx # edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax # add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov 0(%edi),%ebx # add in current word from *c
+ add %ebx,%eax
+ adc $0,%edx
+ mov %edx,%ebx # high half of product becomes next carry
+
+ stosl # [es:edi] = ax; edi += 4;
+ dec %ecx # --a_len
+ jnz 10b # jmp if a_len != 0
+11:
+ mov %ebx,0(%edi) # *c = carry
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+s_mpv_mul_d_add_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ movd 16(%ebp),%mm1 # mm1 = b
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 16f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+15:
+ movd 0(%esi),%mm0 # mm0 = *a++
+ add $4,%esi
+ pmuludq %mm1,%mm0 # mm0 = b * *a++
+ paddq %mm0,%mm2 # add the carry
+ movd 0(%edi),%mm0
+ paddq %mm0,%mm2 # add the carry
+ movd %mm2,0(%edi) # store the 32bit result
+ add $4,%edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 15b # jmp if a_len != 0
+16:
+ movd %mm2,0(%edi) # *c = carry
+ emms
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 8: caller's esi
+ # ebp - 4: caller's edi
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+.globl s_mpv_mul_d_add_prop
+.type s_mpv_mul_d_add_prop,@function
+s_mpv_mul_d_add_prop:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je s_mpv_mul_d_add_prop_x86
+ jg s_mpv_mul_d_add_prop_sse2
+ call s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg s_mpv_mul_d_add_prop_sse2
+s_mpv_mul_d_add_prop_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 21f # jmp if a_len == 0
+ cld
+ mov 8(%ebp),%esi # esi = a
+20:
+ lodsl # eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx # edx = b
+ mull %edx # edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax # add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov 0(%edi),%ebx # add in current word from *c
+ add %ebx,%eax
+ adc $0,%edx
+ mov %edx,%ebx # high half of product becomes next carry
+
+ stosl # [es:edi] = ax; edi += 4;
+ dec %ecx # --a_len
+ jnz 20b # jmp if a_len != 0
+21:
+ cmp $0,%ebx # is carry zero?
+ jz 23f
+ mov 0(%edi),%eax # add in current word from *c
+ add %ebx,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jnc 23f
+22:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 22b
+23:
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+s_mpv_mul_d_add_prop_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ push %ebx
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ movd 16(%ebp),%mm1 # mm1 = b
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 26f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+25:
+ movd 0(%esi),%mm0 # mm0 = *a++
+ movd 0(%edi),%mm3 # fetch the sum
+ add $4,%esi
+ pmuludq %mm1,%mm0 # mm0 = b * *a++
+ paddq %mm0,%mm2 # add the carry
+ paddq %mm3,%mm2 # add *c++
+ movd %mm2,0(%edi) # store the 32bit result
+ add $4,%edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 25b # jmp if a_len != 0
+26:
+ movd %mm2,%ebx
+ cmp $0,%ebx # is carry zero?
+ jz 28f
+ mov 0(%edi),%eax
+ add %ebx, %eax
+ stosl
+ jnc 28f
+27:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 27b
+28:
+ emms
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+
+ # ebp - 20: caller's esi
+ # ebp - 16: caller's edi
+ # ebp - 12:
+ # ebp - 8: carry
+ # ebp - 4: a_len local
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: pa argument
+ # ebp + 12: a_len argument
+ # ebp + 16: ps argument
+ # ebp + 20:
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+
+.globl s_mpv_sqr_add_prop
+.type s_mpv_sqr_add_prop,@function
+s_mpv_sqr_add_prop:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je s_mpv_sqr_add_prop_x86
+ jg s_mpv_sqr_add_prop_sse2
+ call s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg s_mpv_sqr_add_prop_sse2
+s_mpv_sqr_add_prop_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $12,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # a_len
+ mov 16(%ebp),%edi # edi = ps
+ cmp $0,%ecx
+ je 31f # jump if a_len == 0
+ cld
+ mov 8(%ebp),%esi # esi = pa
+30:
+ lodsl # %eax = [ds:si]; si += 4;
+ mull %eax
+
+ add %ebx,%eax # add "carry"
+ adc $0,%edx
+ mov 0(%edi),%ebx
+ add %ebx,%eax # add low word from result
+ mov 4(%edi),%ebx
+ stosl # [es:di] = %eax; di += 4;
+ adc %ebx,%edx # add high word from result
+ movl $0,%ebx
+ mov %edx,%eax
+ adc $0,%ebx
+ stosl # [es:di] = %eax; di += 4;
+ dec %ecx # --a_len
+ jnz 30b # jmp if a_len != 0
+31:
+ cmp $0,%ebx # is carry zero?
+ jz 34f
+ mov 0(%edi),%eax # add in current word from *c
+ add %ebx,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jnc 34f
+32:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 32b
+34:
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+s_mpv_sqr_add_prop_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ push %ebx
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 16(%ebp),%edi
+ cmp $0,%ecx
+ je 36f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+35:
+ movd 0(%esi),%mm0 # mm0 = *a
+ movd 0(%edi),%mm3 # fetch the sum
+ add $4,%esi
+ pmuludq %mm0,%mm0 # mm0 = sqr(a)
+ paddq %mm0,%mm2 # add the carry
+ paddq %mm3,%mm2 # add the low word
+ movd 4(%edi),%mm3
+ movd %mm2,0(%edi) # store the 32bit result
+ psrlq $32, %mm2
+ paddq %mm3,%mm2 # add the high word
+ movd %mm2,4(%edi) # store the 32bit result
+ psrlq $32, %mm2 # save the carry.
+ add $8,%edi
+ dec %ecx # --a_len
+ jnz 35b # jmp if a_len != 0
+36:
+ movd %mm2,%ebx
+ cmp $0,%ebx # is carry zero?
+ jz 38f
+ mov 0(%edi),%eax
+ add %ebx, %eax
+ stosl
+ jnc 38f
+37:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 37b
+38:
+ emms
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ #
+ # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
+ # so its high bit is 1. This code is from NSPR.
+ #
+ # mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
+ # mp_digit *qp, mp_digit *rp)
+
+ # esp + 0: Caller's ebx
+ # esp + 4: return address
+ # esp + 8: Nhi argument
+ # esp + 12: Nlo argument
+ # esp + 16: divisor argument
+ # esp + 20: qp argument
+ # esp + 24: rp argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+ #
+
+.globl s_mpv_div_2dx1d
+.type s_mpv_div_2dx1d,@function
+s_mpv_div_2dx1d:
+ push %ebx
+ mov 8(%esp),%edx
+ mov 12(%esp),%eax
+ mov 16(%esp),%ebx
+ div %ebx
+ mov 20(%esp),%ebx
+ mov %eax,0(%ebx)
+ mov 24(%esp),%ebx
+ mov %edx,0(%ebx)
+ xor %eax,%eax # return zero
+ pop %ebx
+ ret
+ nop
+
+ # Magic indicating no need for an executable stack
+.section .note.GNU-stack, "", @progbits
+.previous
diff --git a/security/nss/lib/freebl/mpi/mpi_x86_asm.c b/security/nss/lib/freebl/mpi/mpi_x86_asm.c
new file mode 100644
index 000000000..4faeef30c
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_x86_asm.c
@@ -0,0 +1,531 @@
+/*
+ * mpi_x86_asm.c - MSVC inline assembly implementation of s_mpv_ functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi-priv.h"
+
+static int is_sse = -1;
+extern unsigned long s_mpi_is_sse2();
+
+/*
+ * ebp - 36: caller's esi
+ * ebp - 32: caller's edi
+ * ebp - 28:
+ * ebp - 24:
+ * ebp - 20:
+ * ebp - 16:
+ * ebp - 12:
+ * ebp - 8:
+ * ebp - 4:
+ * ebp + 0: caller's ebp
+ * ebp + 4: return address
+ * ebp + 8: a argument
+ * ebp + 12: a_len argument
+ * ebp + 16: b argument
+ * ebp + 20: c argument
+ * registers:
+ * eax:
+ * ebx: carry
+ * ecx: a_len
+ * edx:
+ * esi: a ptr
+ * edi: c ptr
+ */
+__declspec(naked) void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ __asm {
+ mov eax, is_sse
+ cmp eax, 0
+ je s_mpv_mul_d_x86
+ jg s_mpv_mul_d_sse2
+ call s_mpi_is_sse2
+ mov is_sse, eax
+ cmp eax, 0
+ jg s_mpv_mul_d_sse2
+s_mpv_mul_d_x86:
+ push ebp
+ mov ebp,esp
+ sub esp,28
+ push edi
+ push esi
+ push ebx
+ mov ebx,0 ; carry = 0
+ mov ecx,[ebp+12] ; ecx = a_len
+ mov edi,[ebp+20]
+ cmp ecx,0
+ je L_2 ; jmp if a_len == 0
+ mov esi,[ebp+8] ; esi = a
+ cld
+L_1:
+ lodsd ; eax = [ds:esi]; esi += 4
+ mov edx,[ebp+16] ; edx = b
+ mul edx ; edx:eax = Phi:Plo = a_i * b
+
+ add eax,ebx ; add carry (ebx) to edx:eax
+ adc edx,0
+ mov ebx,edx ; high half of product becomes next carry
+
+ stosd ; [es:edi] = ax; edi += 4;
+ dec ecx ; --a_len
+ jnz L_1 ; jmp if a_len != 0
+L_2:
+ mov [edi],ebx ; *c = carry
+ pop ebx
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+s_mpv_mul_d_sse2:
+ push ebp
+ mov ebp, esp
+ push edi
+ push esi
+ psubq mm2, mm2 ; carry = 0
+ mov ecx, [ebp+12] ; ecx = a_len
+ movd mm1, [ebp+16] ; mm1 = b
+ mov edi, [ebp+20]
+ cmp ecx, 0
+ je L_6 ; jmp if a_len == 0
+ mov esi, [ebp+8] ; esi = a
+ cld
+L_5:
+ movd mm0, [esi] ; mm0 = *a++
+ add esi, 4
+ pmuludq mm0, mm1 ; mm0 = b * *a++
+ paddq mm2, mm0 ; add the carry
+ movd [edi], mm2 ; store the 32bit result
+ add edi, 4
+ psrlq mm2, 32 ; save the carry
+ dec ecx ; --a_len
+ jnz L_5 ; jmp if a_len != 0
+L_6:
+ movd [edi], mm2 ; *c = carry
+ emms
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+ }
+}
+
+/*
+ * ebp - 36: caller's esi
+ * ebp - 32: caller's edi
+ * ebp - 28:
+ * ebp - 24:
+ * ebp - 20:
+ * ebp - 16:
+ * ebp - 12:
+ * ebp - 8:
+ * ebp - 4:
+ * ebp + 0: caller's ebp
+ * ebp + 4: return address
+ * ebp + 8: a argument
+ * ebp + 12: a_len argument
+ * ebp + 16: b argument
+ * ebp + 20: c argument
+ * registers:
+ * eax:
+ * ebx: carry
+ * ecx: a_len
+ * edx:
+ * esi: a ptr
+ * edi: c ptr
+ */
+__declspec(naked) void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ __asm {
+ mov eax, is_sse
+ cmp eax, 0
+ je s_mpv_mul_d_add_x86
+ jg s_mpv_mul_d_add_sse2
+ call s_mpi_is_sse2
+ mov is_sse, eax
+ cmp eax, 0
+ jg s_mpv_mul_d_add_sse2
+s_mpv_mul_d_add_x86:
+ push ebp
+ mov ebp,esp
+ sub esp,28
+ push edi
+ push esi
+ push ebx
+ mov ebx,0 ; carry = 0
+ mov ecx,[ebp+12] ; ecx = a_len
+ mov edi,[ebp+20]
+ cmp ecx,0
+ je L_11 ; jmp if a_len == 0
+ mov esi,[ebp+8] ; esi = a
+ cld
+L_10:
+ lodsd ; eax = [ds:esi]; esi += 4
+ mov edx,[ebp+16] ; edx = b
+ mul edx ; edx:eax = Phi:Plo = a_i * b
+
+ add eax,ebx ; add carry (ebx) to edx:eax
+ adc edx,0
+ mov ebx,[edi] ; add in current word from *c
+ add eax,ebx
+ adc edx,0
+ mov ebx,edx ; high half of product becomes next carry
+
+ stosd ; [es:edi] = ax; edi += 4;
+ dec ecx ; --a_len
+ jnz L_10 ; jmp if a_len != 0
+L_11:
+ mov [edi],ebx ; *c = carry
+ pop ebx
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+s_mpv_mul_d_add_sse2:
+ push ebp
+ mov ebp, esp
+ push edi
+ push esi
+ psubq mm2, mm2 ; carry = 0
+ mov ecx, [ebp+12] ; ecx = a_len
+ movd mm1, [ebp+16] ; mm1 = b
+ mov edi, [ebp+20]
+ cmp ecx, 0
+ je L_16 ; jmp if a_len == 0
+ mov esi, [ebp+8] ; esi = a
+ cld
+L_15:
+ movd mm0, [esi] ; mm0 = *a++
+ add esi, 4
+ pmuludq mm0, mm1 ; mm0 = b * *a++
+ paddq mm2, mm0 ; add the carry
+ movd mm0, [edi]
+ paddq mm2, mm0 ; add the carry
+ movd [edi], mm2 ; store the 32bit result
+ add edi, 4
+ psrlq mm2, 32 ; save the carry
+ dec ecx ; --a_len
+ jnz L_15 ; jmp if a_len != 0
+L_16:
+ movd [edi], mm2 ; *c = carry
+ emms
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+ }
+}
+
+/*
+ * ebp - 36: caller's esi
+ * ebp - 32: caller's edi
+ * ebp - 28:
+ * ebp - 24:
+ * ebp - 20:
+ * ebp - 16:
+ * ebp - 12:
+ * ebp - 8:
+ * ebp - 4:
+ * ebp + 0: caller's ebp
+ * ebp + 4: return address
+ * ebp + 8: a argument
+ * ebp + 12: a_len argument
+ * ebp + 16: b argument
+ * ebp + 20: c argument
+ * registers:
+ * eax:
+ * ebx: carry
+ * ecx: a_len
+ * edx:
+ * esi: a ptr
+ * edi: c ptr
+ */
+__declspec(naked) void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
+{
+ __asm {
+ mov eax, is_sse
+ cmp eax, 0
+ je s_mpv_mul_d_add_prop_x86
+ jg s_mpv_mul_d_add_prop_sse2
+ call s_mpi_is_sse2
+ mov is_sse, eax
+ cmp eax, 0
+ jg s_mpv_mul_d_add_prop_sse2
+s_mpv_mul_d_add_prop_x86:
+ push ebp
+ mov ebp,esp
+ sub esp,28
+ push edi
+ push esi
+ push ebx
+ mov ebx,0 ; carry = 0
+ mov ecx,[ebp+12] ; ecx = a_len
+ mov edi,[ebp+20]
+ cmp ecx,0
+ je L_21 ; jmp if a_len == 0
+ cld
+ mov esi,[ebp+8] ; esi = a
+L_20:
+ lodsd ; eax = [ds:esi]; esi += 4
+ mov edx,[ebp+16] ; edx = b
+ mul edx ; edx:eax = Phi:Plo = a_i * b
+
+ add eax,ebx ; add carry (ebx) to edx:eax
+ adc edx,0
+ mov ebx,[edi] ; add in current word from *c
+ add eax,ebx
+ adc edx,0
+ mov ebx,edx ; high half of product becomes next carry
+
+ stosd ; [es:edi] = ax; edi += 4;
+ dec ecx ; --a_len
+ jnz L_20 ; jmp if a_len != 0
+L_21:
+ cmp ebx,0 ; is carry zero?
+ jz L_23
+ mov eax,[edi] ; add in current word from *c
+ add eax,ebx
+ stosd ; [es:edi] = ax; edi += 4;
+ jnc L_23
+L_22:
+ mov eax,[edi] ; add in current word from *c
+ adc eax,0
+ stosd ; [es:edi] = ax; edi += 4;
+ jc L_22
+L_23:
+ pop ebx
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+s_mpv_mul_d_add_prop_sse2:
+ push ebp
+ mov ebp, esp
+ push edi
+ push esi
+ push ebx
+ psubq mm2, mm2 ; carry = 0
+ mov ecx, [ebp+12] ; ecx = a_len
+ movd mm1, [ebp+16] ; mm1 = b
+ mov edi, [ebp+20]
+ cmp ecx, 0
+ je L_26 ; jmp if a_len == 0
+ mov esi, [ebp+8] ; esi = a
+ cld
+L_25:
+ movd mm0, [esi] ; mm0 = *a++
+ movd mm3, [edi] ; fetch the sum
+ add esi, 4
+ pmuludq mm0, mm1 ; mm0 = b * *a++
+ paddq mm2, mm0 ; add the carry
+ paddq mm2, mm3 ; add *c++
+ movd [edi], mm2 ; store the 32bit result
+ add edi, 4
+ psrlq mm2, 32 ; save the carry
+ dec ecx ; --a_len
+ jnz L_25 ; jmp if a_len != 0
+L_26:
+ movd ebx, mm2
+ cmp ebx, 0 ; is carry zero?
+ jz L_28
+ mov eax, [edi]
+ add eax, ebx
+ stosd
+ jnc L_28
+L_27:
+ mov eax, [edi] ; add in current word from *c
+ adc eax, 0
+ stosd ; [es:edi] = ax; edi += 4;
+ jc L_27
+L_28:
+ emms
+ pop ebx
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+ }
+}
+
+/*
+ * ebp - 20: caller's esi
+ * ebp - 16: caller's edi
+ * ebp - 12:
+ * ebp - 8: carry
+ * ebp - 4: a_len local
+ * ebp + 0: caller's ebp
+ * ebp + 4: return address
+ * ebp + 8: pa argument
+ * ebp + 12: a_len argument
+ * ebp + 16: ps argument
+ * ebp + 20:
+ * registers:
+ * eax:
+ * ebx: carry
+ * ecx: a_len
+ * edx:
+ * esi: a ptr
+ * edi: c ptr
+ */
+__declspec(naked) void s_mpv_sqr_add_prop(const mp_digit *a, mp_size a_len, mp_digit *sqrs)
+{
+ __asm {
+ mov eax, is_sse
+ cmp eax, 0
+ je s_mpv_sqr_add_prop_x86
+ jg s_mpv_sqr_add_prop_sse2
+ call s_mpi_is_sse2
+ mov is_sse, eax
+ cmp eax, 0
+ jg s_mpv_sqr_add_prop_sse2
+s_mpv_sqr_add_prop_x86:
+ push ebp
+ mov ebp,esp
+ sub esp,12
+ push edi
+ push esi
+ push ebx
+ mov ebx,0 ; carry = 0
+ mov ecx,[ebp+12] ; a_len
+ mov edi,[ebp+16] ; edi = ps
+ cmp ecx,0
+ je L_31 ; jump if a_len == 0
+ cld
+ mov esi,[ebp+8] ; esi = pa
+L_30:
+ lodsd ; eax = [ds:si]; si += 4;
+ mul eax
+
+ add eax,ebx ; add "carry"
+ adc edx,0
+ mov ebx,[edi]
+ add eax,ebx ; add low word from result
+ mov ebx,[edi+4]
+ stosd ; [es:di] = eax; di += 4;
+ adc edx,ebx ; add high word from result
+ mov ebx,0
+ mov eax,edx
+ adc ebx,0
+ stosd ; [es:di] = eax; di += 4;
+ dec ecx ; --a_len
+ jnz L_30 ; jmp if a_len != 0
+L_31:
+ cmp ebx,0 ; is carry zero?
+ jz L_34
+ mov eax,[edi] ; add in current word from *c
+ add eax,ebx
+ stosd ; [es:edi] = ax; edi += 4;
+ jnc L_34
+L_32:
+ mov eax,[edi] ; add in current word from *c
+ adc eax,0
+ stosd ; [es:edi] = ax; edi += 4;
+ jc L_32
+L_34:
+ pop ebx
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+s_mpv_sqr_add_prop_sse2:
+ push ebp
+ mov ebp, esp
+ push edi
+ push esi
+ push ebx
+ psubq mm2, mm2 ; carry = 0
+ mov ecx, [ebp+12] ; ecx = a_len
+ mov edi, [ebp+16]
+ cmp ecx, 0
+ je L_36 ; jmp if a_len == 0
+ mov esi, [ebp+8] ; esi = a
+ cld
+L_35:
+ movd mm0, [esi] ; mm0 = *a
+ movd mm3, [edi] ; fetch the sum
+ add esi, 4
+ pmuludq mm0, mm0 ; mm0 = sqr(a)
+ paddq mm2, mm0 ; add the carry
+ paddq mm2, mm3 ; add the low word
+ movd mm3, [edi+4]
+ movd [edi], mm2 ; store the 32bit result
+ psrlq mm2, 32
+ paddq mm2, mm3 ; add the high word
+ movd [edi+4], mm2 ; store the 32bit result
+ psrlq mm2, 32 ; save the carry.
+ add edi, 8
+ dec ecx ; --a_len
+ jnz L_35 ; jmp if a_len != 0
+L_36:
+ movd ebx, mm2
+ cmp ebx, 0 ; is carry zero?
+ jz L_38
+ mov eax, [edi]
+ add eax, ebx
+ stosd
+ jnc L_38
+L_37:
+ mov eax, [edi] ; add in current word from *c
+ adc eax, 0
+ stosd ; [es:edi] = ax; edi += 4;
+ jc L_37
+L_38:
+ emms
+ pop ebx
+ pop esi
+ pop edi
+ leave
+ ret
+ nop
+ }
+}
+
+/*
+ * Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
+ * so its high bit is 1. This code is from NSPR.
+ *
+ * Dump of assembler code for function s_mpv_div_2dx1d:
+ *
+ * esp + 0: Caller's ebx
+ * esp + 4: return address
+ * esp + 8: Nhi argument
+ * esp + 12: Nlo argument
+ * esp + 16: divisor argument
+ * esp + 20: qp argument
+ * esp + 24: rp argument
+ * registers:
+ * eax:
+ * ebx: carry
+ * ecx: a_len
+ * edx:
+ * esi: a ptr
+ * edi: c ptr
+ */
+__declspec(naked) mp_err
+ s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
+ mp_digit *qp, mp_digit *rp)
+{
+ __asm {
+ push ebx
+ mov edx,[esp+8]
+ mov eax,[esp+12]
+ mov ebx,[esp+16]
+ div ebx
+ mov ebx,[esp+20]
+ mov [ebx],eax
+ mov ebx,[esp+24]
+ mov [ebx],edx
+ xor eax,eax ; return zero
+ pop ebx
+ ret
+ nop
+ }
+}
diff --git a/security/nss/lib/freebl/mpi/mpi_x86_os2.s b/security/nss/lib/freebl/mpi/mpi_x86_os2.s
new file mode 100644
index 000000000..b903e2564
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpi_x86_os2.s
@@ -0,0 +1,538 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+.data
+.align 4
+ #
+ # -1 means to call _s_mpi_is_sse to determine if we support sse
+ # instructions.
+ # 0 means to use x86 instructions
+ # 1 means to use sse2 instructions
+.type is_sse,@object
+.size is_sse,4
+is_sse: .long -1
+
+#
+# sigh, handle the difference between -fPIC and not PIC
+# default to pic, since this file seems to be exclusively
+# linux right now (solaris uses mpi_i86pc.s and windows uses
+# mpi_x86_asm.c)
+#
+#.ifndef NO_PIC
+#.macro GET var,reg
+# movl \var@GOTOFF(%ebx),\reg
+#.endm
+#.macro PUT reg,var
+# movl \reg,\var@GOTOFF(%ebx)
+#.endm
+#.else
+.macro GET var,reg
+ movl \var,\reg
+.endm
+.macro PUT reg,var
+ movl \reg,\var
+.endm
+#.endif
+
+.text
+
+
+ # ebp - 36: caller's esi
+ # ebp - 32: caller's edi
+ # ebp - 28:
+ # ebp - 24:
+ # ebp - 20:
+ # ebp - 16:
+ # ebp - 12:
+ # ebp - 8:
+ # ebp - 4:
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+.globl _s_mpv_mul_d
+.type _s_mpv_mul_d,@function
+_s_mpv_mul_d:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je _s_mpv_mul_d_x86
+ jg _s_mpv_mul_d_sse2
+ call _s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg _s_mpv_mul_d_sse2
+_s_mpv_mul_d_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 2f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+1:
+ lodsl # eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx # edx = b
+ mull %edx # edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax # add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov %edx,%ebx # high half of product becomes next carry
+
+ stosl # [es:edi] = ax; edi += 4;
+ dec %ecx # --a_len
+ jnz 1b # jmp if a_len != 0
+2:
+ mov %ebx,0(%edi) # *c = carry
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+_s_mpv_mul_d_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ movd 16(%ebp),%mm1 # mm1 = b
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 6f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+5:
+ movd 0(%esi),%mm0 # mm0 = *a++
+ add $4,%esi
+ pmuludq %mm1,%mm0 # mm0 = b * *a++
+ paddq %mm0,%mm2 # add the carry
+ movd %mm2,0(%edi) # store the 32bit result
+ add $4,%edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 5b # jmp if a_len != 0
+6:
+ movd %mm2,0(%edi) # *c = carry
+ emms
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 36: caller's esi
+ # ebp - 32: caller's edi
+ # ebp - 28:
+ # ebp - 24:
+ # ebp - 20:
+ # ebp - 16:
+ # ebp - 12:
+ # ebp - 8:
+ # ebp - 4:
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+.globl _s_mpv_mul_d_add
+.type _s_mpv_mul_d_add,@function
+_s_mpv_mul_d_add:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je _s_mpv_mul_d_add_x86
+ jg _s_mpv_mul_d_add_sse2
+ call _s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg _s_mpv_mul_d_add_sse2
+_s_mpv_mul_d_add_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 11f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+10:
+ lodsl # eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx # edx = b
+ mull %edx # edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax # add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov 0(%edi),%ebx # add in current word from *c
+ add %ebx,%eax
+ adc $0,%edx
+ mov %edx,%ebx # high half of product becomes next carry
+
+ stosl # [es:edi] = ax; edi += 4;
+ dec %ecx # --a_len
+ jnz 10b # jmp if a_len != 0
+11:
+ mov %ebx,0(%edi) # *c = carry
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+_s_mpv_mul_d_add_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ movd 16(%ebp),%mm1 # mm1 = b
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 16f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+15:
+ movd 0(%esi),%mm0 # mm0 = *a++
+ add $4,%esi
+ pmuludq %mm1,%mm0 # mm0 = b * *a++
+ paddq %mm0,%mm2 # add the carry
+ movd 0(%edi),%mm0
+ paddq %mm0,%mm2 # add the carry
+ movd %mm2,0(%edi) # store the 32bit result
+ add $4,%edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 15b # jmp if a_len != 0
+16:
+ movd %mm2,0(%edi) # *c = carry
+ emms
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ # ebp - 8: caller's esi
+ # ebp - 4: caller's edi
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: a argument
+ # ebp + 12: a_len argument
+ # ebp + 16: b argument
+ # ebp + 20: c argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+.globl _s_mpv_mul_d_add_prop
+.type _s_mpv_mul_d_add_prop,@function
+_s_mpv_mul_d_add_prop:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je _s_mpv_mul_d_add_prop_x86
+ jg _s_mpv_mul_d_add_prop_sse2
+ call _s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg _s_mpv_mul_d_add_prop_sse2
+_s_mpv_mul_d_add_prop_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $28,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 21f # jmp if a_len == 0
+ cld
+ mov 8(%ebp),%esi # esi = a
+20:
+ lodsl # eax = [ds:esi]; esi += 4
+ mov 16(%ebp),%edx # edx = b
+ mull %edx # edx:eax = Phi:Plo = a_i * b
+
+ add %ebx,%eax # add carry (%ebx) to edx:eax
+ adc $0,%edx
+ mov 0(%edi),%ebx # add in current word from *c
+ add %ebx,%eax
+ adc $0,%edx
+ mov %edx,%ebx # high half of product becomes next carry
+
+ stosl # [es:edi] = ax; edi += 4;
+ dec %ecx # --a_len
+ jnz 20b # jmp if a_len != 0
+21:
+ cmp $0,%ebx # is carry zero?
+ jz 23f
+ mov 0(%edi),%eax # add in current word from *c
+ add %ebx,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jnc 23f
+22:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 22b
+23:
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+_s_mpv_mul_d_add_prop_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ push %ebx
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ movd 16(%ebp),%mm1 # mm1 = b
+ mov 20(%ebp),%edi
+ cmp $0,%ecx
+ je 26f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+25:
+ movd 0(%esi),%mm0 # mm0 = *a++
+ movd 0(%edi),%mm3 # fetch the sum
+ add $4,%esi
+ pmuludq %mm1,%mm0 # mm0 = b * *a++
+ paddq %mm0,%mm2 # add the carry
+ paddq %mm3,%mm2 # add *c++
+ movd %mm2,0(%edi) # store the 32bit result
+ add $4,%edi
+ psrlq $32, %mm2 # save the carry
+ dec %ecx # --a_len
+ jnz 25b # jmp if a_len != 0
+26:
+ movd %mm2,%ebx
+ cmp $0,%ebx # is carry zero?
+ jz 28f
+ mov 0(%edi),%eax
+ add %ebx, %eax
+ stosl
+ jnc 28f
+27:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 27b
+28:
+ emms
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+
+ # ebp - 20: caller's esi
+ # ebp - 16: caller's edi
+ # ebp - 12:
+ # ebp - 8: carry
+ # ebp - 4: a_len local
+ # ebp + 0: caller's ebp
+ # ebp + 4: return address
+ # ebp + 8: pa argument
+ # ebp + 12: a_len argument
+ # ebp + 16: ps argument
+ # ebp + 20:
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+
+.globl _s_mpv_sqr_add_prop
+.type _s_mpv_sqr_add_prop,@function
+_s_mpv_sqr_add_prop:
+ GET is_sse,%eax
+ cmp $0,%eax
+ je _s_mpv_sqr_add_prop_x86
+ jg _s_mpv_sqr_add_prop_sse2
+ call _s_mpi_is_sse2
+ PUT %eax,is_sse
+ cmp $0,%eax
+ jg _s_mpv_sqr_add_prop_sse2
+_s_mpv_sqr_add_prop_x86:
+ push %ebp
+ mov %esp,%ebp
+ sub $12,%esp
+ push %edi
+ push %esi
+ push %ebx
+ movl $0,%ebx # carry = 0
+ mov 12(%ebp),%ecx # a_len
+ mov 16(%ebp),%edi # edi = ps
+ cmp $0,%ecx
+ je 31f # jump if a_len == 0
+ cld
+ mov 8(%ebp),%esi # esi = pa
+30:
+ lodsl # %eax = [ds:si]; si += 4;
+ mull %eax
+
+ add %ebx,%eax # add "carry"
+ adc $0,%edx
+ mov 0(%edi),%ebx
+ add %ebx,%eax # add low word from result
+ mov 4(%edi),%ebx
+ stosl # [es:di] = %eax; di += 4;
+ adc %ebx,%edx # add high word from result
+ movl $0,%ebx
+ mov %edx,%eax
+ adc $0,%ebx
+ stosl # [es:di] = %eax; di += 4;
+ dec %ecx # --a_len
+ jnz 30b # jmp if a_len != 0
+31:
+ cmp $0,%ebx # is carry zero?
+ jz 34f
+ mov 0(%edi),%eax # add in current word from *c
+ add %ebx,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jnc 34f
+32:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 32b
+34:
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+_s_mpv_sqr_add_prop_sse2:
+ push %ebp
+ mov %esp,%ebp
+ push %edi
+ push %esi
+ push %ebx
+ psubq %mm2,%mm2 # carry = 0
+ mov 12(%ebp),%ecx # ecx = a_len
+ mov 16(%ebp),%edi
+ cmp $0,%ecx
+ je 36f # jmp if a_len == 0
+ mov 8(%ebp),%esi # esi = a
+ cld
+35:
+ movd 0(%esi),%mm0 # mm0 = *a
+ movd 0(%edi),%mm3 # fetch the sum
+ add $4,%esi
+ pmuludq %mm0,%mm0 # mm0 = sqr(a)
+ paddq %mm0,%mm2 # add the carry
+ paddq %mm3,%mm2 # add the low word
+ movd 4(%edi),%mm3
+ movd %mm2,0(%edi) # store the 32bit result
+ psrlq $32, %mm2
+ paddq %mm3,%mm2 # add the high word
+ movd %mm2,4(%edi) # store the 32bit result
+ psrlq $32, %mm2 # save the carry.
+ add $8,%edi
+ dec %ecx # --a_len
+ jnz 35b # jmp if a_len != 0
+36:
+ movd %mm2,%ebx
+ cmp $0,%ebx # is carry zero?
+ jz 38f
+ mov 0(%edi),%eax
+ add %ebx, %eax
+ stosl
+ jnc 38f
+37:
+ mov 0(%edi),%eax # add in current word from *c
+ adc $0,%eax
+ stosl # [es:edi] = ax; edi += 4;
+ jc 37b
+38:
+ emms
+ pop %ebx
+ pop %esi
+ pop %edi
+ leave
+ ret
+ nop
+
+ #
+ # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
+ # so its high bit is 1. This code is from NSPR.
+ #
+ # mp_err _s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
+ # mp_digit *qp, mp_digit *rp)
+
+ # esp + 0: Caller's ebx
+ # esp + 4: return address
+ # esp + 8: Nhi argument
+ # esp + 12: Nlo argument
+ # esp + 16: divisor argument
+ # esp + 20: qp argument
+ # esp + 24: rp argument
+ # registers:
+ # eax:
+ # ebx: carry
+ # ecx: a_len
+ # edx:
+ # esi: a ptr
+ # edi: c ptr
+ #
+
+.globl _s_mpv_div_2dx1d
+.type _s_mpv_div_2dx1d,@function
+_s_mpv_div_2dx1d:
+ push %ebx
+ mov 8(%esp),%edx
+ mov 12(%esp),%eax
+ mov 16(%esp),%ebx
+ div %ebx
+ mov 20(%esp),%ebx
+ mov %eax,0(%ebx)
+ mov 24(%esp),%ebx
+ mov %edx,0(%ebx)
+ xor %eax,%eax # return zero
+ pop %ebx
+ ret
+ nop
+
diff --git a/security/nss/lib/freebl/mpi/mplogic.c b/security/nss/lib/freebl/mpi/mplogic.c
new file mode 100644
index 000000000..89fd03ae8
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mplogic.c
@@ -0,0 +1,443 @@
+/*
+ * mplogic.c
+ *
+ * Bitwise logical operations on MPI values
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi-priv.h"
+#include "mplogic.h"
+
+/* {{{ Lookup table for population count */
+
+static unsigned char bitc[] = {
+ 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4,
+ 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+ 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+ 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+ 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+ 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+ 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+ 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+ 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+ 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+ 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+ 4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8
+};
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/*
+ mpl_not(a, b) - compute b = ~a
+ mpl_and(a, b, c) - compute c = a & b
+ mpl_or(a, b, c) - compute c = a | b
+ mpl_xor(a, b, c) - compute c = a ^ b
+ */
+
+/* {{{ mpl_not(a, b) */
+
+mp_err
+mpl_not(mp_int *a, mp_int *b)
+{
+ mp_err res;
+ unsigned int ix;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, b)) != MP_OKAY)
+ return res;
+
+ /* This relies on the fact that the digit type is unsigned */
+ for (ix = 0; ix < USED(b); ix++)
+ DIGIT(b, ix) = ~DIGIT(b, ix);
+
+ s_mp_clamp(b);
+
+ return MP_OKAY;
+
+} /* end mpl_not() */
+
+/* }}} */
+
+/* {{{ mpl_and(a, b, c) */
+
+mp_err
+mpl_and(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_int *which, *other;
+ mp_err res;
+ unsigned int ix;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (USED(a) <= USED(b)) {
+ which = a;
+ other = b;
+ } else {
+ which = b;
+ other = a;
+ }
+
+ if ((res = mp_copy(which, c)) != MP_OKAY)
+ return res;
+
+ for (ix = 0; ix < USED(which); ix++)
+ DIGIT(c, ix) &= DIGIT(other, ix);
+
+ s_mp_clamp(c);
+
+ return MP_OKAY;
+
+} /* end mpl_and() */
+
+/* }}} */
+
+/* {{{ mpl_or(a, b, c) */
+
+mp_err
+mpl_or(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_int *which, *other;
+ mp_err res;
+ unsigned int ix;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (USED(a) >= USED(b)) {
+ which = a;
+ other = b;
+ } else {
+ which = b;
+ other = a;
+ }
+
+ if ((res = mp_copy(which, c)) != MP_OKAY)
+ return res;
+
+ for (ix = 0; ix < USED(which); ix++)
+ DIGIT(c, ix) |= DIGIT(other, ix);
+
+ return MP_OKAY;
+
+} /* end mpl_or() */
+
+/* }}} */
+
+/* {{{ mpl_xor(a, b, c) */
+
+mp_err
+mpl_xor(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_int *which, *other;
+ mp_err res;
+ unsigned int ix;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (USED(a) >= USED(b)) {
+ which = a;
+ other = b;
+ } else {
+ which = b;
+ other = a;
+ }
+
+ if ((res = mp_copy(which, c)) != MP_OKAY)
+ return res;
+
+ for (ix = 0; ix < USED(which); ix++)
+ DIGIT(c, ix) ^= DIGIT(other, ix);
+
+ s_mp_clamp(c);
+
+ return MP_OKAY;
+
+} /* end mpl_xor() */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/*
+ mpl_rsh(a, b, d) - b = a >> d
+ mpl_lsh(a, b, d) - b = a << d
+ */
+
+/* {{{ mpl_rsh(a, b, d) */
+
+mp_err
+mpl_rsh(const mp_int *a, mp_int *b, mp_digit d)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, b)) != MP_OKAY)
+ return res;
+
+ s_mp_div_2d(b, d);
+
+ return MP_OKAY;
+
+} /* end mpl_rsh() */
+
+/* }}} */
+
+/* {{{ mpl_lsh(a, b, d) */
+
+mp_err
+mpl_lsh(const mp_int *a, mp_int *b, mp_digit d)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && b != NULL, MP_BADARG);
+
+ if ((res = mp_copy(a, b)) != MP_OKAY)
+ return res;
+
+ return s_mp_mul_2d(b, d);
+
+} /* end mpl_lsh() */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/*
+ mpl_num_set(a, num)
+
+ Count the number of set bits in the binary representation of a.
+ Returns MP_OKAY and sets 'num' to be the number of such bits, if
+ possible. If num is NULL, the result is thrown away, but it is
+ not considered an error.
+
+ mpl_num_clear() does basically the same thing for clear bits.
+ */
+
+/* {{{ mpl_num_set(a, num) */
+
+mp_err
+mpl_num_set(mp_int *a, int *num)
+{
+ unsigned int ix;
+ int db, nset = 0;
+ mp_digit cur;
+ unsigned char reg;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ for (ix = 0; ix < USED(a); ix++) {
+ cur = DIGIT(a, ix);
+
+ for (db = 0; db < sizeof(mp_digit); db++) {
+ reg = (unsigned char)(cur >> (CHAR_BIT * db));
+
+ nset += bitc[reg];
+ }
+ }
+
+ if (num)
+ *num = nset;
+
+ return MP_OKAY;
+
+} /* end mpl_num_set() */
+
+/* }}} */
+
+/* {{{ mpl_num_clear(a, num) */
+
+mp_err
+mpl_num_clear(mp_int *a, int *num)
+{
+ unsigned int ix;
+ int db, nset = 0;
+ mp_digit cur;
+ unsigned char reg;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ for (ix = 0; ix < USED(a); ix++) {
+ cur = DIGIT(a, ix);
+
+ for (db = 0; db < sizeof(mp_digit); db++) {
+ reg = (unsigned char)(cur >> (CHAR_BIT * db));
+
+ nset += bitc[UCHAR_MAX - reg];
+ }
+ }
+
+ if (num)
+ *num = nset;
+
+ return MP_OKAY;
+
+} /* end mpl_num_clear() */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/*
+ mpl_parity(a)
+
+ Determines the bitwise parity of the value given. Returns MP_EVEN
+ if an even number of digits are set, MP_ODD if an odd number are
+ set.
+ */
+
+/* {{{ mpl_parity(a) */
+
+mp_err
+mpl_parity(mp_int *a)
+{
+ unsigned int ix;
+ int par = 0;
+ mp_digit cur;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ for (ix = 0; ix < USED(a); ix++) {
+ int shft = (sizeof(mp_digit) * CHAR_BIT) / 2;
+
+ cur = DIGIT(a, ix);
+
+ /* Compute parity for current digit */
+ while (shft != 0) {
+ cur ^= (cur >> shft);
+ shft >>= 1;
+ }
+ cur &= 1;
+
+ /* XOR with running parity so far */
+ par ^= cur;
+ }
+
+ if (par)
+ return MP_ODD;
+ else
+ return MP_EVEN;
+
+} /* end mpl_parity() */
+
+/* }}} */
+
+/*
+ mpl_set_bit
+
+ Returns MP_OKAY or some error code.
+ Grows a if needed to set a bit to 1.
+ */
+mp_err
+mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value)
+{
+ mp_size ix;
+ mp_err rv;
+ mp_digit mask;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ ix = bitNum / MP_DIGIT_BIT;
+ if (ix + 1 > MP_USED(a)) {
+ rv = s_mp_pad(a, ix + 1);
+ if (rv != MP_OKAY)
+ return rv;
+ }
+
+ bitNum = bitNum % MP_DIGIT_BIT;
+ mask = (mp_digit)1 << bitNum;
+ if (value)
+ MP_DIGIT(a, ix) |= mask;
+ else
+ MP_DIGIT(a, ix) &= ~mask;
+ s_mp_clamp(a);
+ return MP_OKAY;
+}
+
+/*
+ mpl_get_bit
+
+ returns 0 or 1 or some (negative) error code.
+ */
+mp_err
+mpl_get_bit(const mp_int *a, mp_size bitNum)
+{
+ mp_size bit, ix;
+ mp_err rv;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ ix = bitNum / MP_DIGIT_BIT;
+ ARGCHK(ix <= MP_USED(a) - 1, MP_RANGE);
+
+ bit = bitNum % MP_DIGIT_BIT;
+ rv = (mp_err)(MP_DIGIT(a, ix) >> bit) & 1;
+ return rv;
+}
+
+/*
+ mpl_get_bits
+ - Extracts numBits bits from a, where the least significant extracted bit
+ is bit lsbNum. Returns a negative value if error occurs.
+ - Because sign bit is used to indicate error, maximum number of bits to
+ be returned is the lesser of (a) the number of bits in an mp_digit, or
+ (b) one less than the number of bits in an mp_err.
+ - lsbNum + numbits can be greater than the number of significant bits in
+ integer a, as long as bit lsbNum is in the high order digit of a.
+ */
+mp_err
+mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits)
+{
+ mp_size rshift = (lsbNum % MP_DIGIT_BIT);
+ mp_size lsWndx = (lsbNum / MP_DIGIT_BIT);
+ mp_digit *digit = MP_DIGITS(a) + lsWndx;
+ mp_digit mask = ((1 << numBits) - 1);
+
+ ARGCHK(numBits < CHAR_BIT * sizeof mask, MP_BADARG);
+ ARGCHK(MP_HOWMANY(lsbNum, MP_DIGIT_BIT) <= MP_USED(a), MP_RANGE);
+
+ if ((numBits + lsbNum % MP_DIGIT_BIT <= MP_DIGIT_BIT) ||
+ (lsWndx + 1 >= MP_USED(a))) {
+ mask &= (digit[0] >> rshift);
+ } else {
+ mask &= ((digit[0] >> rshift) | (digit[1] << (MP_DIGIT_BIT - rshift)));
+ }
+ return (mp_err)mask;
+}
+
+/*
+ mpl_significant_bits
+ returns number of significnant bits in abs(a).
+ returns 1 if value is zero.
+ */
+mp_size
+mpl_significant_bits(const mp_int *a)
+{
+ mp_size bits = 0;
+ int ix;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ for (ix = MP_USED(a); ix > 0;) {
+ mp_digit d;
+ d = MP_DIGIT(a, --ix);
+ if (d) {
+ while (d) {
+ ++bits;
+ d >>= 1;
+ }
+ break;
+ }
+ }
+ bits += ix * MP_DIGIT_BIT;
+ if (!bits)
+ bits = 1;
+ return bits;
+}
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mplogic.h b/security/nss/lib/freebl/mpi/mplogic.h
new file mode 100644
index 000000000..a4a6b7735
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mplogic.h
@@ -0,0 +1,52 @@
+/*
+ * mplogic.h
+ *
+ * Bitwise logical operations on MPI values
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _H_MPLOGIC_
+#define _H_MPLOGIC_
+
+#include "mpi.h"
+
+/*
+ The logical operations treat an mp_int as if it were a bit vector,
+ without regard to its sign (an mp_int is represented in a signed
+ magnitude format). Values are treated as if they had an infinite
+ string of zeros left of the most-significant bit.
+ */
+
+/* Parity results */
+
+#define MP_EVEN MP_YES
+#define MP_ODD MP_NO
+
+/* Bitwise functions */
+
+mp_err mpl_not(mp_int *a, mp_int *b); /* one's complement */
+mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c); /* bitwise AND */
+mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c); /* bitwise OR */
+mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c); /* bitwise XOR */
+
+/* Shift functions */
+
+mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d); /* right shift */
+mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d); /* left shift */
+
+/* Bit count and parity */
+
+mp_err mpl_num_set(mp_int *a, int *num); /* count set bits */
+mp_err mpl_num_clear(mp_int *a, int *num); /* count clear bits */
+mp_err mpl_parity(mp_int *a); /* determine parity */
+
+/* Get & Set the value of a bit */
+
+mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value);
+mp_err mpl_get_bit(const mp_int *a, mp_size bitNum);
+mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits);
+mp_size mpl_significant_bits(const mp_int *a);
+
+#endif /* end _H_MPLOGIC_ */
diff --git a/security/nss/lib/freebl/mpi/mpmontg.c b/security/nss/lib/freebl/mpi/mpmontg.c
new file mode 100644
index 000000000..06fd41b3a
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpmontg.c
@@ -0,0 +1,1141 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This file implements moduluar exponentiation using Montgomery's
+ * method for modular reduction. This file implements the method
+ * described as "Improvement 2" in the paper "A Cryptogrpahic Library for
+ * the Motorola DSP56000" by Stephen R. Dusse' and Burton S. Kaliski Jr.
+ * published in "Advances in Cryptology: Proceedings of EUROCRYPT '90"
+ * "Lecture Notes in Computer Science" volume 473, 1991, pg 230-244,
+ * published by Springer Verlag.
+ */
+
+#define MP_USING_CACHE_SAFE_MOD_EXP 1
+#include <string.h>
+#include "mpi-priv.h"
+#include "mplogic.h"
+#include "mpprime.h"
+#ifdef MP_USING_MONT_MULF
+#include "montmulf.h"
+#endif
+#include <stddef.h> /* ptrdiff_t */
+#include <assert.h>
+
+#define STATIC
+
+#define MAX_ODD_INTS 32 /* 2 ** (WINDOW_BITS - 1) */
+
+/*! computes T = REDC(T), 2^b == R
+ \param T < RN
+*/
+mp_err
+s_mp_redc(mp_int *T, mp_mont_modulus *mmm)
+{
+ mp_err res;
+ mp_size i;
+
+ i = (MP_USED(&mmm->N) << 1) + 1;
+ MP_CHECKOK(s_mp_pad(T, i));
+ for (i = 0; i < MP_USED(&mmm->N); ++i) {
+ mp_digit m_i = MP_DIGIT(T, i) * mmm->n0prime;
+ /* T += N * m_i * (MP_RADIX ** i); */
+ s_mp_mul_d_add_offset(&mmm->N, m_i, T, i);
+ }
+ s_mp_clamp(T);
+
+ /* T /= R */
+ s_mp_rshd(T, MP_USED(&mmm->N));
+
+ if ((res = s_mp_cmp(T, &mmm->N)) >= 0) {
+ /* T = T - N */
+ MP_CHECKOK(s_mp_sub(T, &mmm->N));
+#ifdef DEBUG
+ if ((res = mp_cmp(T, &mmm->N)) >= 0) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+#endif
+ }
+ res = MP_OKAY;
+CLEANUP:
+ return res;
+}
+
+#if !defined(MP_MONT_USE_MP_MUL)
+
+/*! c <- REDC( a * b ) mod N
+ \param a < N i.e. "reduced"
+ \param b < N i.e. "reduced"
+ \param mmm modulus N and n0' of N
+*/
+mp_err
+s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c,
+ mp_mont_modulus *mmm)
+{
+ mp_digit *pb;
+ mp_digit m_i;
+ mp_err res;
+ mp_size ib; /* "index b": index of current digit of B */
+ mp_size useda, usedb;
+
+ ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
+
+ if (MP_USED(a) < MP_USED(b)) {
+ const mp_int *xch = b; /* switch a and b, to do fewer outer loops */
+ b = a;
+ a = xch;
+ }
+
+ MP_USED(c) = 1;
+ MP_DIGIT(c, 0) = 0;
+ ib = (MP_USED(&mmm->N) << 1) + 1;
+ if ((res = s_mp_pad(c, ib)) != MP_OKAY)
+ goto CLEANUP;
+
+ useda = MP_USED(a);
+ pb = MP_DIGITS(b);
+ s_mpv_mul_d(MP_DIGITS(a), useda, *pb++, MP_DIGITS(c));
+ s_mp_setz(MP_DIGITS(c) + useda + 1, ib - (useda + 1));
+ m_i = MP_DIGIT(c, 0) * mmm->n0prime;
+ s_mp_mul_d_add_offset(&mmm->N, m_i, c, 0);
+
+ /* Outer loop: Digits of b */
+ usedb = MP_USED(b);
+ for (ib = 1; ib < usedb; ib++) {
+ mp_digit b_i = *pb++;
+
+ /* Inner product: Digits of a */
+ if (b_i)
+ s_mpv_mul_d_add_prop(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
+ m_i = MP_DIGIT(c, ib) * mmm->n0prime;
+ s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
+ }
+ if (usedb < MP_USED(&mmm->N)) {
+ for (usedb = MP_USED(&mmm->N); ib < usedb; ++ib) {
+ m_i = MP_DIGIT(c, ib) * mmm->n0prime;
+ s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
+ }
+ }
+ s_mp_clamp(c);
+ s_mp_rshd(c, MP_USED(&mmm->N)); /* c /= R */
+ if (s_mp_cmp(c, &mmm->N) >= 0) {
+ MP_CHECKOK(s_mp_sub(c, &mmm->N));
+ }
+ res = MP_OKAY;
+
+CLEANUP:
+ return res;
+}
+#endif
+
+STATIC
+mp_err
+s_mp_to_mont(const mp_int *x, mp_mont_modulus *mmm, mp_int *xMont)
+{
+ mp_err res;
+
+ /* xMont = x * R mod N where N is modulus */
+ MP_CHECKOK(mp_copy(x, xMont));
+ MP_CHECKOK(s_mp_lshd(xMont, MP_USED(&mmm->N))); /* xMont = x << b */
+ MP_CHECKOK(mp_div(xMont, &mmm->N, 0, xMont)); /* mod N */
+CLEANUP:
+ return res;
+}
+
+#ifdef MP_USING_MONT_MULF
+
+/* the floating point multiply is already cache safe,
+ * don't turn on cache safe unless we specifically
+ * force it */
+#ifndef MP_FORCE_CACHE_SAFE
+#undef MP_USING_CACHE_SAFE_MOD_EXP
+#endif
+
+unsigned int mp_using_mont_mulf = 1;
+
+/* computes montgomery square of the integer in mResult */
+#define SQR \
+ conv_i32_to_d32_and_d16(dm1, d16Tmp, mResult, nLen); \
+ mont_mulf_noconv(mResult, dm1, d16Tmp, \
+ dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
+
+/* computes montgomery product of x and the integer in mResult */
+#define MUL(x) \
+ conv_i32_to_d32(dm1, mResult, nLen); \
+ mont_mulf_noconv(mResult, dm1, oddPowers[x], \
+ dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
+
+/* Do modular exponentiation using floating point multiply code. */
+mp_err
+mp_exptmod_f(const mp_int *montBase,
+ const mp_int *exponent,
+ const mp_int *modulus,
+ mp_int *result,
+ mp_mont_modulus *mmm,
+ int nLen,
+ mp_size bits_in_exponent,
+ mp_size window_bits,
+ mp_size odd_ints)
+{
+ mp_digit *mResult;
+ double *dBuf = 0, *dm1, *dn, *dSqr, *d16Tmp, *dTmp;
+ double dn0;
+ mp_size i;
+ mp_err res;
+ int expOff;
+ int dSize = 0, oddPowSize, dTmpSize;
+ mp_int accum1;
+ double *oddPowers[MAX_ODD_INTS];
+
+ /* function for computing n0prime only works if n0 is odd */
+
+ MP_DIGITS(&accum1) = 0;
+
+ for (i = 0; i < MAX_ODD_INTS; ++i)
+ oddPowers[i] = 0;
+
+ MP_CHECKOK(mp_init_size(&accum1, 3 * nLen + 2));
+
+ mp_set(&accum1, 1);
+ MP_CHECKOK(s_mp_to_mont(&accum1, mmm, &accum1));
+ MP_CHECKOK(s_mp_pad(&accum1, nLen));
+
+ oddPowSize = 2 * nLen + 1;
+ dTmpSize = 2 * oddPowSize;
+ dSize = sizeof(double) * (nLen * 4 + 1 +
+ ((odd_ints + 1) * oddPowSize) + dTmpSize);
+ dBuf = (double *)malloc(dSize);
+ dm1 = dBuf; /* array of d32 */
+ dn = dBuf + nLen; /* array of d32 */
+ dSqr = dn + nLen; /* array of d32 */
+ d16Tmp = dSqr + nLen; /* array of d16 */
+ dTmp = d16Tmp + oddPowSize;
+
+ for (i = 0; i < odd_ints; ++i) {
+ oddPowers[i] = dTmp;
+ dTmp += oddPowSize;
+ }
+ mResult = (mp_digit *)(dTmp + dTmpSize); /* size is nLen + 1 */
+
+ /* Make dn and dn0 */
+ conv_i32_to_d32(dn, MP_DIGITS(modulus), nLen);
+ dn0 = (double)(mmm->n0prime & 0xffff);
+
+ /* Make dSqr */
+ conv_i32_to_d32_and_d16(dm1, oddPowers[0], MP_DIGITS(montBase), nLen);
+ mont_mulf_noconv(mResult, dm1, oddPowers[0],
+ dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
+ conv_i32_to_d32(dSqr, mResult, nLen);
+
+ for (i = 1; i < odd_ints; ++i) {
+ mont_mulf_noconv(mResult, dSqr, oddPowers[i - 1],
+ dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
+ conv_i32_to_d16(oddPowers[i], mResult, nLen);
+ }
+
+ s_mp_copy(MP_DIGITS(&accum1), mResult, nLen); /* from, to, len */
+
+ for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
+ mp_size smallExp;
+ MP_CHECKOK(mpl_get_bits(exponent, expOff, window_bits));
+ smallExp = (mp_size)res;
+
+ if (window_bits == 1) {
+ if (!smallExp) {
+ SQR;
+ } else if (smallExp & 1) {
+ SQR;
+ MUL(0);
+ } else {
+ abort();
+ }
+ } else if (window_bits == 4) {
+ if (!smallExp) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ } else if (smallExp & 1) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 2);
+ } else if (smallExp & 2) {
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 4);
+ SQR;
+ } else if (smallExp & 4) {
+ SQR;
+ SQR;
+ MUL(smallExp / 8);
+ SQR;
+ SQR;
+ } else if (smallExp & 8) {
+ SQR;
+ MUL(smallExp / 16);
+ SQR;
+ SQR;
+ SQR;
+ } else {
+ abort();
+ }
+ } else if (window_bits == 5) {
+ if (!smallExp) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ } else if (smallExp & 1) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 2);
+ } else if (smallExp & 2) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 4);
+ SQR;
+ } else if (smallExp & 4) {
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 8);
+ SQR;
+ SQR;
+ } else if (smallExp & 8) {
+ SQR;
+ SQR;
+ MUL(smallExp / 16);
+ SQR;
+ SQR;
+ SQR;
+ } else if (smallExp & 0x10) {
+ SQR;
+ MUL(smallExp / 32);
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ } else {
+ abort();
+ }
+ } else if (window_bits == 6) {
+ if (!smallExp) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ } else if (smallExp & 1) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 2);
+ } else if (smallExp & 2) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 4);
+ SQR;
+ } else if (smallExp & 4) {
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 8);
+ SQR;
+ SQR;
+ } else if (smallExp & 8) {
+ SQR;
+ SQR;
+ SQR;
+ MUL(smallExp / 16);
+ SQR;
+ SQR;
+ SQR;
+ } else if (smallExp & 0x10) {
+ SQR;
+ SQR;
+ MUL(smallExp / 32);
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ } else if (smallExp & 0x20) {
+ SQR;
+ MUL(smallExp / 64);
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ SQR;
+ } else {
+ abort();
+ }
+ } else {
+ abort();
+ }
+ }
+
+ s_mp_copy(mResult, MP_DIGITS(&accum1), nLen); /* from, to, len */
+
+ res = s_mp_redc(&accum1, mmm);
+ mp_exch(&accum1, result);
+
+CLEANUP:
+ mp_clear(&accum1);
+ if (dBuf) {
+ if (dSize)
+ memset(dBuf, 0, dSize);
+ free(dBuf);
+ }
+
+ return res;
+}
+#undef SQR
+#undef MUL
+#endif
+
+#define SQR(a, b) \
+ MP_CHECKOK(mp_sqr(a, b)); \
+ MP_CHECKOK(s_mp_redc(b, mmm))
+
+#if defined(MP_MONT_USE_MP_MUL)
+#define MUL(x, a, b) \
+ MP_CHECKOK(mp_mul(a, oddPowers + (x), b)); \
+ MP_CHECKOK(s_mp_redc(b, mmm))
+#else
+#define MUL(x, a, b) \
+ MP_CHECKOK(s_mp_mul_mont(a, oddPowers + (x), b, mmm))
+#endif
+
+#define SWAPPA \
+ ptmp = pa1; \
+ pa1 = pa2; \
+ pa2 = ptmp
+
+/* Do modular exponentiation using integer multiply code. */
+mp_err
+mp_exptmod_i(const mp_int *montBase,
+ const mp_int *exponent,
+ const mp_int *modulus,
+ mp_int *result,
+ mp_mont_modulus *mmm,
+ int nLen,
+ mp_size bits_in_exponent,
+ mp_size window_bits,
+ mp_size odd_ints)
+{
+ mp_int *pa1, *pa2, *ptmp;
+ mp_size i;
+ mp_err res;
+ int expOff;
+ mp_int accum1, accum2, power2, oddPowers[MAX_ODD_INTS];
+
+ /* power2 = base ** 2; oddPowers[i] = base ** (2*i + 1); */
+ /* oddPowers[i] = base ** (2*i + 1); */
+
+ MP_DIGITS(&accum1) = 0;
+ MP_DIGITS(&accum2) = 0;
+ MP_DIGITS(&power2) = 0;
+ for (i = 0; i < MAX_ODD_INTS; ++i) {
+ MP_DIGITS(oddPowers + i) = 0;
+ }
+
+ MP_CHECKOK(mp_init_size(&accum1, 3 * nLen + 2));
+ MP_CHECKOK(mp_init_size(&accum2, 3 * nLen + 2));
+
+ MP_CHECKOK(mp_init_copy(&oddPowers[0], montBase));
+
+ MP_CHECKOK(mp_init_size(&power2, nLen + 2 * MP_USED(montBase) + 2));
+ MP_CHECKOK(mp_sqr(montBase, &power2)); /* power2 = montBase ** 2 */
+ MP_CHECKOK(s_mp_redc(&power2, mmm));
+
+ for (i = 1; i < odd_ints; ++i) {
+ MP_CHECKOK(mp_init_size(oddPowers + i, nLen + 2 * MP_USED(&power2) + 2));
+ MP_CHECKOK(mp_mul(oddPowers + (i - 1), &power2, oddPowers + i));
+ MP_CHECKOK(s_mp_redc(oddPowers + i, mmm));
+ }
+
+ /* set accumulator to montgomery residue of 1 */
+ mp_set(&accum1, 1);
+ MP_CHECKOK(s_mp_to_mont(&accum1, mmm, &accum1));
+ pa1 = &accum1;
+ pa2 = &accum2;
+
+ for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
+ mp_size smallExp;
+ MP_CHECKOK(mpl_get_bits(exponent, expOff, window_bits));
+ smallExp = (mp_size)res;
+
+ if (window_bits == 1) {
+ if (!smallExp) {
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 1) {
+ SQR(pa1, pa2);
+ MUL(0, pa2, pa1);
+ } else {
+ abort();
+ }
+ } else if (window_bits == 4) {
+ if (!smallExp) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ } else if (smallExp & 1) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 2, pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 2) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ MUL(smallExp / 4, pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 4) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 8, pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 8) {
+ SQR(pa1, pa2);
+ MUL(smallExp / 16, pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else {
+ abort();
+ }
+ } else if (window_bits == 5) {
+ if (!smallExp) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 1) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ MUL(smallExp / 2, pa2, pa1);
+ } else if (smallExp & 2) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 4, pa1, pa2);
+ SQR(pa2, pa1);
+ } else if (smallExp & 4) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ MUL(smallExp / 8, pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ } else if (smallExp & 8) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 16, pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ } else if (smallExp & 0x10) {
+ SQR(pa1, pa2);
+ MUL(smallExp / 32, pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ } else {
+ abort();
+ }
+ } else if (window_bits == 6) {
+ if (!smallExp) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ } else if (smallExp & 1) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 2, pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 2) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ MUL(smallExp / 4, pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 4) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 8, pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 8) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ MUL(smallExp / 16, pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 0x10) {
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp / 32, pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 0x20) {
+ SQR(pa1, pa2);
+ MUL(smallExp / 64, pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else {
+ abort();
+ }
+ } else {
+ abort();
+ }
+ }
+
+ res = s_mp_redc(pa1, mmm);
+ mp_exch(pa1, result);
+
+CLEANUP:
+ mp_clear(&accum1);
+ mp_clear(&accum2);
+ mp_clear(&power2);
+ for (i = 0; i < odd_ints; ++i) {
+ mp_clear(oddPowers + i);
+ }
+ return res;
+}
+#undef SQR
+#undef MUL
+
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+unsigned int mp_using_cache_safe_exp = 1;
+#endif
+
+mp_err
+mp_set_safe_modexp(int value)
+{
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+ mp_using_cache_safe_exp = value;
+ return MP_OKAY;
+#else
+ if (value == 0) {
+ return MP_OKAY;
+ }
+ return MP_BADARG;
+#endif
+}
+
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+#define WEAVE_WORD_SIZE 4
+
+/*
+ * mpi_to_weave takes an array of bignums, a matrix in which each bignum
+ * occupies all the columns of a row, and transposes it into a matrix in
+ * which each bignum occupies a column of every row. The first row of the
+ * input matrix becomes the first column of the output matrix. The n'th
+ * row of input becomes the n'th column of output. The input data is said
+ * to be "interleaved" or "woven" into the output matrix.
+ *
+ * The array of bignums is left in this woven form. Each time a single
+ * bignum value is needed, it is recreated by fetching the n'th column,
+ * forming a single row which is the new bignum.
+ *
+ * The purpose of this interleaving is make it impossible to determine which
+ * of the bignums is being used in any one operation by examining the pattern
+ * of cache misses.
+ *
+ * The weaving function does not transpose the entire input matrix in one call.
+ * It transposes 4 rows of mp_ints into their respective columns of output.
+ *
+ * This implementation treats each mp_int bignum as an array of mp_digits,
+ * It stores those bytes as a column of mp_digits in the output matrix. It
+ * doesn't care if the machine uses big-endian or little-endian byte ordering
+ * within mp_digits.
+ *
+ * "bignums" is an array of mp_ints.
+ * It points to four rows, four mp_ints, a subset of a larger array of mp_ints.
+ *
+ * "weaved" is the weaved output matrix.
+ * The first byte of bignums[0] is stored in weaved[0].
+ *
+ * "nBignums" is the total number of bignums in the array of which "bignums"
+ * is a part.
+ *
+ * "nDigits" is the size in mp_digits of each mp_int in the "bignums" array.
+ * mp_ints that use less than nDigits digits are logically padded with zeros
+ * while being stored in the weaved array.
+ */
+mp_err mpi_to_weave(const mp_int *bignums,
+ mp_digit *weaved,
+ mp_size nDigits, /* in each mp_int of input */
+ mp_size nBignums) /* in the entire source array */
+{
+ mp_size i;
+ mp_digit *endDest = weaved + (nDigits * nBignums);
+
+ for (i = 0; i < WEAVE_WORD_SIZE; i++) {
+ mp_size used = MP_USED(&bignums[i]);
+ mp_digit *pSrc = MP_DIGITS(&bignums[i]);
+ mp_digit *endSrc = pSrc + used;
+ mp_digit *pDest = weaved + i;
+
+ ARGCHK(MP_SIGN(&bignums[i]) == MP_ZPOS, MP_BADARG);
+ ARGCHK(used <= nDigits, MP_BADARG);
+
+ for (; pSrc < endSrc; pSrc++) {
+ *pDest = *pSrc;
+ pDest += nBignums;
+ }
+ while (pDest < endDest) {
+ *pDest = 0;
+ pDest += nBignums;
+ }
+ }
+
+ return MP_OKAY;
+}
+
+/*
+ * These functions return 0xffffffff if the output is true, and 0 otherwise.
+ */
+#define CONST_TIME_MSB(x) (0L - ((x) >> (8 * sizeof(x) - 1)))
+#define CONST_TIME_EQ_Z(x) CONST_TIME_MSB(~(x) & ((x)-1))
+#define CONST_TIME_EQ(a, b) CONST_TIME_EQ_Z((a) ^ (b))
+
+/* Reverse the operation above for one mp_int.
+ * Reconstruct one mp_int from its column in the weaved array.
+ * Every read accesses every element of the weaved array, in order to
+ * avoid timing attacks based on patterns of memory accesses.
+ */
+mp_err weave_to_mpi(mp_int *a, /* out, result */
+ const mp_digit *weaved, /* in, byte matrix */
+ mp_size index, /* which column to read */
+ mp_size nDigits, /* number of mp_digits in each bignum */
+ mp_size nBignums) /* width of the matrix */
+{
+ /* these are indices, but need to be the same size as mp_digit
+ * because of the CONST_TIME operations */
+ mp_digit i, j;
+ mp_digit d;
+ mp_digit *pDest = MP_DIGITS(a);
+
+ MP_SIGN(a) = MP_ZPOS;
+ MP_USED(a) = nDigits;
+
+ assert(weaved != NULL);
+
+ /* Fetch the proper column in constant time, indexing over the whole array */
+ for (i = 0; i < nDigits; ++i) {
+ d = 0;
+ for (j = 0; j < nBignums; ++j) {
+ d |= weaved[i * nBignums + j] & CONST_TIME_EQ(j, index);
+ }
+ pDest[i] = d;
+ }
+
+ s_mp_clamp(a);
+ return MP_OKAY;
+}
+
+#define SQR(a, b) \
+ MP_CHECKOK(mp_sqr(a, b)); \
+ MP_CHECKOK(s_mp_redc(b, mmm))
+
+#if defined(MP_MONT_USE_MP_MUL)
+#define MUL_NOWEAVE(x, a, b) \
+ MP_CHECKOK(mp_mul(a, x, b)); \
+ MP_CHECKOK(s_mp_redc(b, mmm))
+#else
+#define MUL_NOWEAVE(x, a, b) \
+ MP_CHECKOK(s_mp_mul_mont(a, x, b, mmm))
+#endif
+
+#define MUL(x, a, b) \
+ MP_CHECKOK(weave_to_mpi(&tmp, powers, (x), nLen, num_powers)); \
+ MUL_NOWEAVE(&tmp, a, b)
+
+#define SWAPPA \
+ ptmp = pa1; \
+ pa1 = pa2; \
+ pa2 = ptmp
+#define MP_ALIGN(x, y) ((((ptrdiff_t)(x)) + ((y)-1)) & (((ptrdiff_t)0) - (y)))
+
+/* Do modular exponentiation using integer multiply code. */
+mp_err
+mp_exptmod_safe_i(const mp_int *montBase,
+ const mp_int *exponent,
+ const mp_int *modulus,
+ mp_int *result,
+ mp_mont_modulus *mmm,
+ int nLen,
+ mp_size bits_in_exponent,
+ mp_size window_bits,
+ mp_size num_powers)
+{
+ mp_int *pa1, *pa2, *ptmp;
+ mp_size i;
+ mp_size first_window;
+ mp_err res;
+ int expOff;
+ mp_int accum1, accum2, accum[WEAVE_WORD_SIZE];
+ mp_int tmp;
+ mp_digit *powersArray = NULL;
+ mp_digit *powers = NULL;
+
+ MP_DIGITS(&accum1) = 0;
+ MP_DIGITS(&accum2) = 0;
+ MP_DIGITS(&accum[0]) = 0;
+ MP_DIGITS(&accum[1]) = 0;
+ MP_DIGITS(&accum[2]) = 0;
+ MP_DIGITS(&accum[3]) = 0;
+ MP_DIGITS(&tmp) = 0;
+
+ /* grab the first window value. This allows us to preload accumulator1
+ * and save a conversion, some squares and a multiple*/
+ MP_CHECKOK(mpl_get_bits(exponent,
+ bits_in_exponent - window_bits, window_bits));
+ first_window = (mp_size)res;
+
+ MP_CHECKOK(mp_init_size(&accum1, 3 * nLen + 2));
+ MP_CHECKOK(mp_init_size(&accum2, 3 * nLen + 2));
+
+ /* build the first WEAVE_WORD powers inline */
+ /* if WEAVE_WORD_SIZE is not 4, this code will have to change */
+ if (num_powers > 2) {
+ MP_CHECKOK(mp_init_size(&accum[0], 3 * nLen + 2));
+ MP_CHECKOK(mp_init_size(&accum[1], 3 * nLen + 2));
+ MP_CHECKOK(mp_init_size(&accum[2], 3 * nLen + 2));
+ MP_CHECKOK(mp_init_size(&accum[3], 3 * nLen + 2));
+ mp_set(&accum[0], 1);
+ MP_CHECKOK(s_mp_to_mont(&accum[0], mmm, &accum[0]));
+ MP_CHECKOK(mp_copy(montBase, &accum[1]));
+ SQR(montBase, &accum[2]);
+ MUL_NOWEAVE(montBase, &accum[2], &accum[3]);
+ powersArray = (mp_digit *)malloc(num_powers * (nLen * sizeof(mp_digit) + 1));
+ if (!powersArray) {
+ res = MP_MEM;
+ goto CLEANUP;
+ }
+ /* powers[i] = base ** (i); */
+ powers = (mp_digit *)MP_ALIGN(powersArray, num_powers);
+ MP_CHECKOK(mpi_to_weave(accum, powers, nLen, num_powers));
+ if (first_window < 4) {
+ MP_CHECKOK(mp_copy(&accum[first_window], &accum1));
+ first_window = num_powers;
+ }
+ } else {
+ if (first_window == 0) {
+ mp_set(&accum1, 1);
+ MP_CHECKOK(s_mp_to_mont(&accum1, mmm, &accum1));
+ } else {
+ /* assert first_window == 1? */
+ MP_CHECKOK(mp_copy(montBase, &accum1));
+ }
+ }
+
+ /*
+ * calculate all the powers in the powers array.
+ * this adds 2**(k-1)-2 square operations over just calculating the
+ * odd powers where k is the window size in the two other mp_modexpt
+ * implementations in this file. We will get some of that
+ * back by not needing the first 'k' squares and one multiply for the
+ * first window.
+ * Given the value of 4 for WEAVE_WORD_SIZE, this loop will only execute if
+ * num_powers > 2, in which case powers will have been allocated.
+ */
+ for (i = WEAVE_WORD_SIZE; i < num_powers; i++) {
+ int acc_index = i & (WEAVE_WORD_SIZE - 1); /* i % WEAVE_WORD_SIZE */
+ if (i & 1) {
+ MUL_NOWEAVE(montBase, &accum[acc_index - 1], &accum[acc_index]);
+ /* we've filled the array do our 'per array' processing */
+ if (acc_index == (WEAVE_WORD_SIZE - 1)) {
+ MP_CHECKOK(mpi_to_weave(accum, powers + i - (WEAVE_WORD_SIZE - 1),
+ nLen, num_powers));
+
+ if (first_window <= i) {
+ MP_CHECKOK(mp_copy(&accum[first_window & (WEAVE_WORD_SIZE - 1)],
+ &accum1));
+ first_window = num_powers;
+ }
+ }
+ } else {
+ /* up to 8 we can find 2^i-1 in the accum array, but at 8 we our source
+ * and target are the same so we need to copy.. After that, the
+ * value is overwritten, so we need to fetch it from the stored
+ * weave array */
+ if (i > 2 * WEAVE_WORD_SIZE) {
+ MP_CHECKOK(weave_to_mpi(&accum2, powers, i / 2, nLen, num_powers));
+ SQR(&accum2, &accum[acc_index]);
+ } else {
+ int half_power_index = (i / 2) & (WEAVE_WORD_SIZE - 1);
+ if (half_power_index == acc_index) {
+ /* copy is cheaper than weave_to_mpi */
+ MP_CHECKOK(mp_copy(&accum[half_power_index], &accum2));
+ SQR(&accum2, &accum[acc_index]);
+ } else {
+ SQR(&accum[half_power_index], &accum[acc_index]);
+ }
+ }
+ }
+ }
+/* if the accum1 isn't set, Then there is something wrong with our logic
+ * above and is an internal programming error.
+ */
+#if MP_ARGCHK == 2
+ assert(MP_USED(&accum1) != 0);
+#endif
+
+ /* set accumulator to montgomery residue of 1 */
+ pa1 = &accum1;
+ pa2 = &accum2;
+
+ /* tmp is not used if window_bits == 1. */
+ if (window_bits != 1) {
+ MP_CHECKOK(mp_init_size(&tmp, 3 * nLen + 2));
+ }
+
+ for (expOff = bits_in_exponent - window_bits * 2; expOff >= 0; expOff -= window_bits) {
+ mp_size smallExp;
+ MP_CHECKOK(mpl_get_bits(exponent, expOff, window_bits));
+ smallExp = (mp_size)res;
+
+ /* handle unroll the loops */
+ switch (window_bits) {
+ case 1:
+ if (!smallExp) {
+ SQR(pa1, pa2);
+ SWAPPA;
+ } else if (smallExp & 1) {
+ SQR(pa1, pa2);
+ MUL_NOWEAVE(montBase, pa2, pa1);
+ } else {
+ abort();
+ }
+ break;
+ case 6:
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ /* fall through */
+ case 4:
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ MUL(smallExp, pa1, pa2);
+ SWAPPA;
+ break;
+ case 5:
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ SQR(pa2, pa1);
+ SQR(pa1, pa2);
+ MUL(smallExp, pa2, pa1);
+ break;
+ default:
+ abort(); /* could do a loop? */
+ }
+ }
+
+ res = s_mp_redc(pa1, mmm);
+ mp_exch(pa1, result);
+
+CLEANUP:
+ mp_clear(&accum1);
+ mp_clear(&accum2);
+ mp_clear(&accum[0]);
+ mp_clear(&accum[1]);
+ mp_clear(&accum[2]);
+ mp_clear(&accum[3]);
+ mp_clear(&tmp);
+ /* PORT_Memset(powers,0,num_powers*nLen*sizeof(mp_digit)); */
+ free(powersArray);
+ return res;
+}
+#undef SQR
+#undef MUL
+#endif
+
+mp_err
+mp_exptmod(const mp_int *inBase, const mp_int *exponent,
+ const mp_int *modulus, mp_int *result)
+{
+ const mp_int *base;
+ mp_size bits_in_exponent, i, window_bits, odd_ints;
+ mp_err res;
+ int nLen;
+ mp_int montBase, goodBase;
+ mp_mont_modulus mmm;
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+ static unsigned int max_window_bits;
+#endif
+
+ /* function for computing n0prime only works if n0 is odd */
+ if (!mp_isodd(modulus))
+ return s_mp_exptmod(inBase, exponent, modulus, result);
+
+ MP_DIGITS(&montBase) = 0;
+ MP_DIGITS(&goodBase) = 0;
+
+ if (mp_cmp(inBase, modulus) < 0) {
+ base = inBase;
+ } else {
+ MP_CHECKOK(mp_init(&goodBase));
+ base = &goodBase;
+ MP_CHECKOK(mp_mod(inBase, modulus, &goodBase));
+ }
+
+ nLen = MP_USED(modulus);
+ MP_CHECKOK(mp_init_size(&montBase, 2 * nLen + 2));
+
+ mmm.N = *modulus; /* a copy of the mp_int struct */
+
+ /* compute n0', given n0, n0' = -(n0 ** -1) mod MP_RADIX
+ ** where n0 = least significant mp_digit of N, the modulus.
+ */
+ mmm.n0prime = 0 - s_mp_invmod_radix(MP_DIGIT(modulus, 0));
+
+ MP_CHECKOK(s_mp_to_mont(base, &mmm, &montBase));
+
+ bits_in_exponent = mpl_significant_bits(exponent);
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+ if (mp_using_cache_safe_exp) {
+ if (bits_in_exponent > 780)
+ window_bits = 6;
+ else if (bits_in_exponent > 256)
+ window_bits = 5;
+ else if (bits_in_exponent > 20)
+ window_bits = 4;
+ /* RSA public key exponents are typically under 20 bits (common values
+ * are: 3, 17, 65537) and a 4-bit window is inefficient
+ */
+ else
+ window_bits = 1;
+ } else
+#endif
+ if (bits_in_exponent > 480)
+ window_bits = 6;
+ else if (bits_in_exponent > 160)
+ window_bits = 5;
+ else if (bits_in_exponent > 20)
+ window_bits = 4;
+ /* RSA public key exponents are typically under 20 bits (common values
+ * are: 3, 17, 65537) and a 4-bit window is inefficient
+ */
+ else
+ window_bits = 1;
+
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+ /*
+ * clamp the window size based on
+ * the cache line size.
+ */
+ if (!max_window_bits) {
+ unsigned long cache_size = s_mpi_getProcessorLineSize();
+ /* processor has no cache, use 'fast' code always */
+ if (cache_size == 0) {
+ mp_using_cache_safe_exp = 0;
+ }
+ if ((cache_size == 0) || (cache_size >= 64)) {
+ max_window_bits = 6;
+ } else if (cache_size >= 32) {
+ max_window_bits = 5;
+ } else if (cache_size >= 16) {
+ max_window_bits = 4;
+ } else
+ max_window_bits = 1; /* should this be an assert? */
+ }
+
+ /* clamp the window size down before we caclulate bits_in_exponent */
+ if (mp_using_cache_safe_exp) {
+ if (window_bits > max_window_bits) {
+ window_bits = max_window_bits;
+ }
+ }
+#endif
+
+ odd_ints = 1 << (window_bits - 1);
+ i = bits_in_exponent % window_bits;
+ if (i != 0) {
+ bits_in_exponent += window_bits - i;
+ }
+
+#ifdef MP_USING_MONT_MULF
+ if (mp_using_mont_mulf) {
+ MP_CHECKOK(s_mp_pad(&montBase, nLen));
+ res = mp_exptmod_f(&montBase, exponent, modulus, result, &mmm, nLen,
+ bits_in_exponent, window_bits, odd_ints);
+ } else
+#endif
+#ifdef MP_USING_CACHE_SAFE_MOD_EXP
+ if (mp_using_cache_safe_exp) {
+ res = mp_exptmod_safe_i(&montBase, exponent, modulus, result, &mmm, nLen,
+ bits_in_exponent, window_bits, 1 << window_bits);
+ } else
+#endif
+ res = mp_exptmod_i(&montBase, exponent, modulus, result, &mmm, nLen,
+ bits_in_exponent, window_bits, odd_ints);
+
+CLEANUP:
+ mp_clear(&montBase);
+ mp_clear(&goodBase);
+ /* Don't mp_clear mmm.N because it is merely a copy of modulus.
+ ** Just zap it.
+ */
+ memset(&mmm, 0, sizeof mmm);
+ return res;
+}
diff --git a/security/nss/lib/freebl/mpi/mpprime.c b/security/nss/lib/freebl/mpi/mpprime.c
new file mode 100644
index 000000000..58287192e
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpprime.c
@@ -0,0 +1,599 @@
+/*
+ * mpprime.c
+ *
+ * Utilities for finding and working with prime and pseudo-prime
+ * integers
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi-priv.h"
+#include "mpprime.h"
+#include "mplogic.h"
+#include <stdlib.h>
+#include <string.h>
+
+#define SMALL_TABLE 0 /* determines size of hard-wired prime table */
+
+#define RANDOM() rand()
+
+#include "primes.c" /* pull in the prime digit table */
+
+/*
+ Test if any of a given vector of digits divides a. If not, MP_NO
+ is returned; otherwise, MP_YES is returned and 'which' is set to
+ the index of the integer in the vector which divided a.
+ */
+mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which);
+
+/* {{{ mpp_divis(a, b) */
+
+/*
+ mpp_divis(a, b)
+
+ Returns MP_YES if a is divisible by b, or MP_NO if it is not.
+ */
+
+mp_err
+mpp_divis(mp_int *a, mp_int *b)
+{
+ mp_err res;
+ mp_int rem;
+
+ if ((res = mp_init(&rem)) != MP_OKAY)
+ return res;
+
+ if ((res = mp_mod(a, b, &rem)) != MP_OKAY)
+ goto CLEANUP;
+
+ if (mp_cmp_z(&rem) == 0)
+ res = MP_YES;
+ else
+ res = MP_NO;
+
+CLEANUP:
+ mp_clear(&rem);
+ return res;
+
+} /* end mpp_divis() */
+
+/* }}} */
+
+/* {{{ mpp_divis_d(a, d) */
+
+/*
+ mpp_divis_d(a, d)
+
+ Return MP_YES if a is divisible by d, or MP_NO if it is not.
+ */
+
+mp_err
+mpp_divis_d(mp_int *a, mp_digit d)
+{
+ mp_err res;
+ mp_digit rem;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ if (d == 0)
+ return MP_NO;
+
+ if ((res = mp_mod_d(a, d, &rem)) != MP_OKAY)
+ return res;
+
+ if (rem == 0)
+ return MP_YES;
+ else
+ return MP_NO;
+
+} /* end mpp_divis_d() */
+
+/* }}} */
+
+/* {{{ mpp_random(a) */
+
+/*
+ mpp_random(a)
+
+ Assigns a random value to a. This value is generated using the
+ standard C library's rand() function, so it should not be used for
+ cryptographic purposes, but it should be fine for primality testing,
+ since all we really care about there is good statistical properties.
+
+ As many digits as a currently has are filled with random digits.
+ */
+
+mp_err
+mpp_random(mp_int *a)
+
+{
+ mp_digit next = 0;
+ unsigned int ix, jx;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ for (ix = 0; ix < USED(a); ix++) {
+ for (jx = 0; jx < sizeof(mp_digit); jx++) {
+ next = (next << CHAR_BIT) | (RANDOM() & UCHAR_MAX);
+ }
+ DIGIT(a, ix) = next;
+ }
+
+ return MP_OKAY;
+
+} /* end mpp_random() */
+
+/* }}} */
+
+/* {{{ mpp_random_size(a, prec) */
+
+mp_err
+mpp_random_size(mp_int *a, mp_size prec)
+{
+ mp_err res;
+
+ ARGCHK(a != NULL && prec > 0, MP_BADARG);
+
+ if ((res = s_mp_pad(a, prec)) != MP_OKAY)
+ return res;
+
+ return mpp_random(a);
+
+} /* end mpp_random_size() */
+
+/* }}} */
+
+/* {{{ mpp_divis_vector(a, vec, size, which) */
+
+/*
+ mpp_divis_vector(a, vec, size, which)
+
+ Determines if a is divisible by any of the 'size' digits in vec.
+ Returns MP_YES and sets 'which' to the index of the offending digit,
+ if it is; returns MP_NO if it is not.
+ */
+
+mp_err
+mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which)
+{
+ ARGCHK(a != NULL && vec != NULL && size > 0, MP_BADARG);
+
+ return s_mpp_divp(a, vec, size, which);
+
+} /* end mpp_divis_vector() */
+
+/* }}} */
+
+/* {{{ mpp_divis_primes(a, np) */
+
+/*
+ mpp_divis_primes(a, np)
+
+ Test whether a is divisible by any of the first 'np' primes. If it
+ is, returns MP_YES and sets *np to the value of the digit that did
+ it. If not, returns MP_NO.
+ */
+mp_err
+mpp_divis_primes(mp_int *a, mp_digit *np)
+{
+ int size, which;
+ mp_err res;
+
+ ARGCHK(a != NULL && np != NULL, MP_BADARG);
+
+ size = (int)*np;
+ if (size > prime_tab_size)
+ size = prime_tab_size;
+
+ res = mpp_divis_vector(a, prime_tab, size, &which);
+ if (res == MP_YES)
+ *np = prime_tab[which];
+
+ return res;
+
+} /* end mpp_divis_primes() */
+
+/* }}} */
+
+/* {{{ mpp_fermat(a, w) */
+
+/*
+ Using w as a witness, try pseudo-primality testing based on Fermat's
+ little theorem. If a is prime, and (w, a) = 1, then w^a == w (mod
+ a). So, we compute z = w^a (mod a) and compare z to w; if they are
+ equal, the test passes and we return MP_YES. Otherwise, we return
+ MP_NO.
+ */
+mp_err
+mpp_fermat(mp_int *a, mp_digit w)
+{
+ mp_int base, test;
+ mp_err res;
+
+ if ((res = mp_init(&base)) != MP_OKAY)
+ return res;
+
+ mp_set(&base, w);
+
+ if ((res = mp_init(&test)) != MP_OKAY)
+ goto TEST;
+
+ /* Compute test = base^a (mod a) */
+ if ((res = mp_exptmod(&base, a, a, &test)) != MP_OKAY)
+ goto CLEANUP;
+
+ if (mp_cmp(&base, &test) == 0)
+ res = MP_YES;
+ else
+ res = MP_NO;
+
+CLEANUP:
+ mp_clear(&test);
+TEST:
+ mp_clear(&base);
+
+ return res;
+
+} /* end mpp_fermat() */
+
+/* }}} */
+
+/*
+ Perform the fermat test on each of the primes in a list until
+ a) one of them shows a is not prime, or
+ b) the list is exhausted.
+ Returns: MP_YES if it passes tests.
+ MP_NO if fermat test reveals it is composite
+ Some MP error code if some other error occurs.
+ */
+mp_err
+mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes)
+{
+ mp_err rv = MP_YES;
+
+ while (nPrimes-- > 0 && rv == MP_YES) {
+ rv = mpp_fermat(a, *primes++);
+ }
+ return rv;
+}
+
+/* {{{ mpp_pprime(a, nt) */
+
+/*
+ mpp_pprime(a, nt)
+
+ Performs nt iteration of the Miller-Rabin probabilistic primality
+ test on a. Returns MP_YES if the tests pass, MP_NO if one fails.
+ If MP_NO is returned, the number is definitely composite. If MP_YES
+ is returned, it is probably prime (but that is not guaranteed).
+ */
+
+mp_err
+mpp_pprime(mp_int *a, int nt)
+{
+ mp_err res;
+ mp_int x, amo, m, z; /* "amo" = "a minus one" */
+ int iter;
+ unsigned int jx;
+ mp_size b;
+
+ ARGCHK(a != NULL, MP_BADARG);
+
+ MP_DIGITS(&x) = 0;
+ MP_DIGITS(&amo) = 0;
+ MP_DIGITS(&m) = 0;
+ MP_DIGITS(&z) = 0;
+
+ /* Initialize temporaries... */
+ MP_CHECKOK(mp_init(&amo));
+ /* Compute amo = a - 1 for what follows... */
+ MP_CHECKOK(mp_sub_d(a, 1, &amo));
+
+ b = mp_trailing_zeros(&amo);
+ if (!b) { /* a was even ? */
+ res = MP_NO;
+ goto CLEANUP;
+ }
+
+ MP_CHECKOK(mp_init_size(&x, MP_USED(a)));
+ MP_CHECKOK(mp_init(&z));
+ MP_CHECKOK(mp_init(&m));
+ MP_CHECKOK(mp_div_2d(&amo, b, &m, 0));
+
+ /* Do the test nt times... */
+ for (iter = 0; iter < nt; iter++) {
+
+ /* Choose a random value for 1 < x < a */
+ MP_CHECKOK(s_mp_pad(&x, USED(a)));
+ mpp_random(&x);
+ MP_CHECKOK(mp_mod(&x, a, &x));
+ if (mp_cmp_d(&x, 1) <= 0) {
+ iter--; /* don't count this iteration */
+ continue; /* choose a new x */
+ }
+
+ /* Compute z = (x ** m) mod a */
+ MP_CHECKOK(mp_exptmod(&x, &m, a, &z));
+
+ if (mp_cmp_d(&z, 1) == 0 || mp_cmp(&z, &amo) == 0) {
+ res = MP_YES;
+ continue;
+ }
+
+ res = MP_NO; /* just in case the following for loop never executes. */
+ for (jx = 1; jx < b; jx++) {
+ /* z = z^2 (mod a) */
+ MP_CHECKOK(mp_sqrmod(&z, a, &z));
+ res = MP_NO; /* previous line set res to MP_YES */
+
+ if (mp_cmp_d(&z, 1) == 0) {
+ break;
+ }
+ if (mp_cmp(&z, &amo) == 0) {
+ res = MP_YES;
+ break;
+ }
+ } /* end testing loop */
+
+ /* If the test passes, we will continue iterating, but a failed
+ test means the candidate is definitely NOT prime, so we will
+ immediately break out of this loop
+ */
+ if (res == MP_NO)
+ break;
+
+ } /* end iterations loop */
+
+CLEANUP:
+ mp_clear(&m);
+ mp_clear(&z);
+ mp_clear(&x);
+ mp_clear(&amo);
+ return res;
+
+} /* end mpp_pprime() */
+
+/* }}} */
+
+/* Produce table of composites from list of primes and trial value.
+** trial must be odd. List of primes must not include 2.
+** sieve should have dimension >= MAXPRIME/2, where MAXPRIME is largest
+** prime in list of primes. After this function is finished,
+** if sieve[i] is non-zero, then (trial + 2*i) is composite.
+** Each prime used in the sieve costs one division of trial, and eliminates
+** one or more values from the search space. (3 eliminates 1/3 of the values
+** alone!) Each value left in the search space costs 1 or more modular
+** exponentations. So, these divisions are a bargain!
+*/
+mp_err
+mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
+ unsigned char *sieve, mp_size nSieve)
+{
+ mp_err res;
+ mp_digit rem;
+ mp_size ix;
+ unsigned long offset;
+
+ memset(sieve, 0, nSieve);
+
+ for (ix = 0; ix < nPrimes; ix++) {
+ mp_digit prime = primes[ix];
+ mp_size i;
+ if ((res = mp_mod_d(trial, prime, &rem)) != MP_OKAY)
+ return res;
+
+ if (rem == 0) {
+ offset = 0;
+ } else {
+ offset = prime - rem;
+ }
+
+ for (i = offset; i < nSieve * 2; i += prime) {
+ if (i % 2 == 0) {
+ sieve[i / 2] = 1;
+ }
+ }
+ }
+
+ return MP_OKAY;
+}
+
+#define SIEVE_SIZE 32 * 1024
+
+mp_err
+mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
+ unsigned long *nTries)
+{
+ mp_digit np;
+ mp_err res;
+ unsigned int i = 0;
+ mp_int trial;
+ mp_int q;
+ mp_size num_tests;
+ unsigned char *sieve;
+
+ ARGCHK(start != 0, MP_BADARG);
+ ARGCHK(nBits > 16, MP_RANGE);
+
+ sieve = malloc(SIEVE_SIZE);
+ ARGCHK(sieve != NULL, MP_MEM);
+
+ MP_DIGITS(&trial) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_CHECKOK(mp_init(&trial));
+ MP_CHECKOK(mp_init(&q));
+ /* values originally taken from table 4.4,
+ * HandBook of Applied Cryptography, augmented by FIPS-186
+ * requirements, Table C.2 and C.3 */
+ if (nBits >= 2000) {
+ num_tests = 3;
+ } else if (nBits >= 1536) {
+ num_tests = 4;
+ } else if (nBits >= 1024) {
+ num_tests = 5;
+ } else if (nBits >= 550) {
+ num_tests = 6;
+ } else if (nBits >= 450) {
+ num_tests = 7;
+ } else if (nBits >= 400) {
+ num_tests = 8;
+ } else if (nBits >= 350) {
+ num_tests = 9;
+ } else if (nBits >= 300) {
+ num_tests = 10;
+ } else if (nBits >= 250) {
+ num_tests = 20;
+ } else if (nBits >= 200) {
+ num_tests = 41;
+ } else if (nBits >= 100) {
+ num_tests = 38; /* funny anomaly in the FIPS tables, for aux primes, the
+ * required more iterations for larger aux primes */
+ } else
+ num_tests = 50;
+
+ if (strong)
+ --nBits;
+ MP_CHECKOK(mpl_set_bit(start, nBits - 1, 1));
+ MP_CHECKOK(mpl_set_bit(start, 0, 1));
+ for (i = mpl_significant_bits(start) - 1; i >= nBits; --i) {
+ MP_CHECKOK(mpl_set_bit(start, i, 0));
+ }
+ /* start sieveing with prime value of 3. */
+ MP_CHECKOK(mpp_sieve(start, prime_tab + 1, prime_tab_size - 1,
+ sieve, SIEVE_SIZE));
+
+#ifdef DEBUG_SIEVE
+ res = 0;
+ for (i = 0; i < SIEVE_SIZE; ++i) {
+ if (!sieve[i])
+ ++res;
+ }
+ fprintf(stderr, "sieve found %d potential primes.\n", res);
+#define FPUTC(x, y) fputc(x, y)
+#else
+#define FPUTC(x, y)
+#endif
+
+ res = MP_NO;
+ for (i = 0; i < SIEVE_SIZE; ++i) {
+ if (sieve[i]) /* this number is composite */
+ continue;
+ MP_CHECKOK(mp_add_d(start, 2 * i, &trial));
+ FPUTC('.', stderr);
+ /* run a Fermat test */
+ res = mpp_fermat(&trial, 2);
+ if (res != MP_OKAY) {
+ if (res == MP_NO)
+ continue; /* was composite */
+ goto CLEANUP;
+ }
+
+ FPUTC('+', stderr);
+ /* If that passed, run some Miller-Rabin tests */
+ res = mpp_pprime(&trial, num_tests);
+ if (res != MP_OKAY) {
+ if (res == MP_NO)
+ continue; /* was composite */
+ goto CLEANUP;
+ }
+ FPUTC('!', stderr);
+
+ if (!strong)
+ break; /* success !! */
+
+ /* At this point, we have strong evidence that our candidate
+ is itself prime. If we want a strong prime, we need now
+ to test q = 2p + 1 for primality...
+ */
+ MP_CHECKOK(mp_mul_2(&trial, &q));
+ MP_CHECKOK(mp_add_d(&q, 1, &q));
+
+ /* Test q for small prime divisors ... */
+ np = prime_tab_size;
+ res = mpp_divis_primes(&q, &np);
+ if (res == MP_YES) { /* is composite */
+ mp_clear(&q);
+ continue;
+ }
+ if (res != MP_NO)
+ goto CLEANUP;
+
+ /* And test with Fermat, as with its parent ... */
+ res = mpp_fermat(&q, 2);
+ if (res != MP_YES) {
+ mp_clear(&q);
+ if (res == MP_NO)
+ continue; /* was composite */
+ goto CLEANUP;
+ }
+
+ /* And test with Miller-Rabin, as with its parent ... */
+ res = mpp_pprime(&q, num_tests);
+ if (res != MP_YES) {
+ mp_clear(&q);
+ if (res == MP_NO)
+ continue; /* was composite */
+ goto CLEANUP;
+ }
+
+ /* If it passed, we've got a winner */
+ mp_exch(&q, &trial);
+ mp_clear(&q);
+ break;
+
+ } /* end of loop through sieved values */
+ if (res == MP_YES)
+ mp_exch(&trial, start);
+CLEANUP:
+ mp_clear(&trial);
+ mp_clear(&q);
+ if (nTries)
+ *nTries += i;
+ if (sieve != NULL) {
+ memset(sieve, 0, SIEVE_SIZE);
+ free(sieve);
+ }
+ return res;
+}
+
+/*========================================================================*/
+/*------------------------------------------------------------------------*/
+/* Static functions visible only to the library internally */
+
+/* {{{ s_mpp_divp(a, vec, size, which) */
+
+/*
+ Test for divisibility by members of a vector of digits. Returns
+ MP_NO if a is not divisible by any of them; returns MP_YES and sets
+ 'which' to the index of the offender, if it is. Will stop on the
+ first digit against which a is divisible.
+ */
+
+mp_err
+s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which)
+{
+ mp_err res;
+ mp_digit rem;
+
+ int ix;
+
+ for (ix = 0; ix < size; ix++) {
+ if ((res = mp_mod_d(a, vec[ix], &rem)) != MP_OKAY)
+ return res;
+
+ if (rem == 0) {
+ if (which)
+ *which = ix;
+ return MP_YES;
+ }
+ }
+
+ return MP_NO;
+
+} /* end s_mpp_divp() */
+
+/* }}} */
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpprime.h b/security/nss/lib/freebl/mpi/mpprime.h
new file mode 100644
index 000000000..c47c61836
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpprime.h
@@ -0,0 +1,38 @@
+/*
+ * mpprime.h
+ *
+ * Utilities for finding and working with prime and pseudo-prime
+ * integers
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _H_MP_PRIME_
+#define _H_MP_PRIME_
+
+#include "mpi.h"
+
+extern const int prime_tab_size; /* number of primes available */
+extern const mp_digit prime_tab[];
+
+/* Tests for divisibility */
+mp_err mpp_divis(mp_int *a, mp_int *b);
+mp_err mpp_divis_d(mp_int *a, mp_digit d);
+
+/* Random selection */
+mp_err mpp_random(mp_int *a);
+mp_err mpp_random_size(mp_int *a, mp_size prec);
+
+/* Pseudo-primality testing */
+mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which);
+mp_err mpp_divis_primes(mp_int *a, mp_digit *np);
+mp_err mpp_fermat(mp_int *a, mp_digit w);
+mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes);
+mp_err mpp_pprime(mp_int *a, int nt);
+mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
+ unsigned char *sieve, mp_size nSieve);
+mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
+ unsigned long *nTries);
+
+#endif /* end _H_MP_PRIME_ */
diff --git a/security/nss/lib/freebl/mpi/mpv_sparc.c b/security/nss/lib/freebl/mpi/mpv_sparc.c
new file mode 100644
index 000000000..423311b65
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpv_sparc.c
@@ -0,0 +1,221 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "vis_proto.h"
+
+/***************************************************************/
+
+typedef int t_s32;
+typedef unsigned int t_u32;
+#if defined(__sparcv9)
+typedef long t_s64;
+typedef unsigned long t_u64;
+#else
+typedef long long t_s64;
+typedef unsigned long long t_u64;
+#endif
+typedef double t_d64;
+
+/***************************************************************/
+
+typedef union {
+ t_d64 d64;
+ struct {
+ t_s32 i0;
+ t_s32 i1;
+ } i32s;
+} d64_2_i32;
+
+/***************************************************************/
+
+#define BUFF_SIZE 256
+
+#define A_BITS 19
+#define A_MASK ((1 << A_BITS) - 1)
+
+/***************************************************************/
+
+static t_u64 mask_cnst[] = {
+ 0x8000000080000000ull
+};
+
+/***************************************************************/
+
+#define DEF_VARS(N) \
+ t_d64 *py = (t_d64 *)y; \
+ t_d64 mask = *((t_d64 *)mask_cnst); \
+ t_d64 ca = (1u << 31) - 1; \
+ t_d64 da = (t_d64)a; \
+ t_s64 buff[N], s; \
+ d64_2_i32 dy
+
+/***************************************************************/
+
+#define MUL_U32_S64_2(i) \
+ dy.d64 = vis_fxnor(mask, py[i]); \
+ buff[2 * (i)] = (ca - (t_d64)dy.i32s.i0) * da; \
+ buff[2 * (i) + 1] = (ca - (t_d64)dy.i32s.i1) * da
+
+#define MUL_U32_S64_2_D(i) \
+ dy.d64 = vis_fxnor(mask, py[i]); \
+ d0 = ca - (t_d64)dy.i32s.i0; \
+ d1 = ca - (t_d64)dy.i32s.i1; \
+ buff[4 * (i)] = (t_s64)(d0 * da); \
+ buff[4 * (i) + 1] = (t_s64)(d0 * db); \
+ buff[4 * (i) + 2] = (t_s64)(d1 * da); \
+ buff[4 * (i) + 3] = (t_s64)(d1 * db)
+
+/***************************************************************/
+
+#define ADD_S64_U32(i) \
+ s = buff[i] + x[i] + c; \
+ z[i] = s; \
+ c = (s >> 32)
+
+#define ADD_S64_U32_D(i) \
+ s = buff[2 * (i)] + (((t_s64)(buff[2 * (i) + 1])) << A_BITS) + x[i] + uc; \
+ z[i] = s; \
+ uc = ((t_u64)s >> 32)
+
+/***************************************************************/
+
+#define MUL_U32_S64_8(i) \
+ MUL_U32_S64_2(i); \
+ MUL_U32_S64_2(i + 1); \
+ MUL_U32_S64_2(i + 2); \
+ MUL_U32_S64_2(i + 3)
+
+#define MUL_U32_S64_D_8(i) \
+ MUL_U32_S64_2_D(i); \
+ MUL_U32_S64_2_D(i + 1); \
+ MUL_U32_S64_2_D(i + 2); \
+ MUL_U32_S64_2_D(i + 3)
+
+/***************************************************************/
+
+#define ADD_S64_U32_8(i) \
+ ADD_S64_U32(i); \
+ ADD_S64_U32(i + 1); \
+ ADD_S64_U32(i + 2); \
+ ADD_S64_U32(i + 3); \
+ ADD_S64_U32(i + 4); \
+ ADD_S64_U32(i + 5); \
+ ADD_S64_U32(i + 6); \
+ ADD_S64_U32(i + 7)
+
+#define ADD_S64_U32_D_8(i) \
+ ADD_S64_U32_D(i); \
+ ADD_S64_U32_D(i + 1); \
+ ADD_S64_U32_D(i + 2); \
+ ADD_S64_U32_D(i + 3); \
+ ADD_S64_U32_D(i + 4); \
+ ADD_S64_U32_D(i + 5); \
+ ADD_S64_U32_D(i + 6); \
+ ADD_S64_U32_D(i + 7)
+
+/***************************************************************/
+
+t_u32
+mul_add(t_u32 *z, t_u32 *x, t_u32 *y, int n, t_u32 a)
+{
+ if (a < (1 << A_BITS)) {
+
+ if (n == 8) {
+ DEF_VARS(8);
+ t_s32 c = 0;
+
+ MUL_U32_S64_8(0);
+ ADD_S64_U32_8(0);
+
+ return c;
+
+ } else if (n == 16) {
+ DEF_VARS(16);
+ t_s32 c = 0;
+
+ MUL_U32_S64_8(0);
+ MUL_U32_S64_8(4);
+ ADD_S64_U32_8(0);
+ ADD_S64_U32_8(8);
+
+ return c;
+
+ } else {
+ DEF_VARS(BUFF_SIZE);
+ t_s32 i, c = 0;
+
+#pragma pipeloop(0)
+ for (i = 0; i < (n + 1) / 2; i++) {
+ MUL_U32_S64_2(i);
+ }
+
+#pragma pipeloop(0)
+ for (i = 0; i < n; i++) {
+ ADD_S64_U32(i);
+ }
+
+ return c;
+ }
+ } else {
+
+ if (n == 8) {
+ DEF_VARS(2 * 8);
+ t_d64 d0, d1, db;
+ t_u32 uc = 0;
+
+ da = (t_d64)(a & A_MASK);
+ db = (t_d64)(a >> A_BITS);
+
+ MUL_U32_S64_D_8(0);
+ ADD_S64_U32_D_8(0);
+
+ return uc;
+
+ } else if (n == 16) {
+ DEF_VARS(2 * 16);
+ t_d64 d0, d1, db;
+ t_u32 uc = 0;
+
+ da = (t_d64)(a & A_MASK);
+ db = (t_d64)(a >> A_BITS);
+
+ MUL_U32_S64_D_8(0);
+ MUL_U32_S64_D_8(4);
+ ADD_S64_U32_D_8(0);
+ ADD_S64_U32_D_8(8);
+
+ return uc;
+
+ } else {
+ DEF_VARS(2 * BUFF_SIZE);
+ t_d64 d0, d1, db;
+ t_u32 i, uc = 0;
+
+ da = (t_d64)(a & A_MASK);
+ db = (t_d64)(a >> A_BITS);
+
+#pragma pipeloop(0)
+ for (i = 0; i < (n + 1) / 2; i++) {
+ MUL_U32_S64_2_D(i);
+ }
+
+#pragma pipeloop(0)
+ for (i = 0; i < n; i++) {
+ ADD_S64_U32_D(i);
+ }
+
+ return uc;
+ }
+ }
+}
+
+/***************************************************************/
+
+t_u32
+mul_add_inp(t_u32 *x, t_u32 *y, int n, t_u32 a)
+{
+ return mul_add(x, x, y, n, a);
+}
+
+/***************************************************************/
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv8.s b/security/nss/lib/freebl/mpi/mpv_sparcv8.s
new file mode 100644
index 000000000..66122a1d9
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpv_sparcv8.s
@@ -0,0 +1,1607 @@
+! Inner multiply loop functions for hybrid 32/64-bit Sparc v8plus CPUs.
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .section ".text",#alloc,#execinstr
+/* 000000 3 ( 0 0) */ .file "mpv_sparc.c"
+/* 000000 14 ( 0 0) */ .align 8
+!
+! SUBROUTINE .L_const_seg_900000106
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .L_const_seg_900000106: /* frequency 1.0 confidence 0.0 */
+/* 000000 19 ( 0 0) */ .word 1127219200,0
+/* 0x0008 20 ( 0 0) */ .word 1105199103,-4194304
+/* 0x0010 21 ( 0 0) */ .align 16
+/* 0x0010 27 ( 0 0) */ .global mul_add
+
+!
+! ENTRY mul_add
+!
+
+ .global mul_add
+ mul_add: /* frequency 1.0 confidence 0.0 */
+/* 0x0010 29 ( 0 1) */ sethi %hi(0x1800),%g1
+/* 0x0014 30 ( 0 1) */ sethi %hi(mask_cnst),%g2
+/* 0x0018 31 ( 1 2) */ xor %g1,-984,%g1
+/* 0x001c 32 ( 1 2) */ add %g2,%lo(mask_cnst),%g2
+/* 0x0020 33 ( 2 4) */ save %sp,%g1,%sp
+
+!
+! ENTRY .L900000154
+!
+
+ .L900000154: /* frequency 1.0 confidence 0.0 */
+/* 0x0024 35 ( 0 2) */ call (.+0x8) ! params = ! Result =
+/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
+/* 0x002c 177 ( 2 3) */ sethi %hi(.L_const_seg_900000106),%g3
+/* 0x0030 178 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
+/* 0x0034 179 ( 3 4) */ or %g0,%i4,%o1
+/* 0x0038 180 ( 3 4) */ st %o1,[%fp+84]
+/* 0x003c 181 ( 3 4) */ add %g5,%o7,%o3
+/* 0x0040 182 ( 4 5) */ add %g3,%lo(.L_const_seg_900000106),%g3
+/* 0x0044 183 ( 4 6) */ ld [%o3+%g2],%g2
+/* 0x0048 184 ( 4 5) */ or %g0,%i3,%o2
+/* 0x004c 185 ( 5 6) */ sethi %hi(0x80000),%g4
+/* 0x0050 186 ( 5 7) */ ld [%o3+%g3],%o0
+/* 0x0054 187 ( 5 6) */ or %g0,%i2,%g5
+/* 0x0058 188 ( 6 7) */ or %g0,%o2,%o3
+/* 0x005c 189 ( 6 10) */ ldd [%g2],%f0
+/* 0x0060 190 ( 6 7) */ subcc %o1,%g4,%g0
+/* 0x0064 191 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50
+/* 0x0068 ( 7 8) */ subcc %o2,8,%g0
+/* 0x006c 193 ( 7 8) */ bne,pn %icc,.L77000037 ! tprob=0.50
+/* 0x0070 ( 8 12) */ ldd [%o0],%f8
+/* 0x0074 195 ( 9 13) */ ldd [%g5],%f4
+/* 0x0078 196 (10 14) */ ldd [%g5+8],%f6
+/* 0x007c 197 (11 15) */ ldd [%g5+16],%f10
+/* 0x0080 198 (11 14) */ fmovs %f8,%f12
+/* 0x0084 199 (12 16) */ fxnor %f0,%f4,%f4
+/* 0x0088 200 (12 14) */ ld [%fp+84],%f13
+/* 0x008c 201 (13 17) */ ldd [%o0+8],%f14
+/* 0x0090 202 (13 17) */ fxnor %f0,%f6,%f6
+/* 0x0094 203 (14 18) */ ldd [%g5+24],%f16
+/* 0x0098 204 (14 18) */ fxnor %f0,%f10,%f10
+/* 0x009c 208 (15 17) */ ld [%i1],%g2
+/* 0x00a0 209 (15 20) */ fsubd %f12,%f8,%f8
+/* 0x00a4 210 (16 21) */ fitod %f4,%f18
+/* 0x00a8 211 (16 18) */ ld [%i1+4],%g3
+/* 0x00ac 212 (17 22) */ fitod %f5,%f4
+/* 0x00b0 213 (17 19) */ ld [%i1+8],%g4
+/* 0x00b4 214 (18 23) */ fitod %f6,%f20
+/* 0x00b8 215 (18 20) */ ld [%i1+12],%g5
+/* 0x00bc 216 (19 21) */ ld [%i1+16],%o0
+/* 0x00c0 217 (19 24) */ fitod %f7,%f6
+/* 0x00c4 218 (20 22) */ ld [%i1+20],%o1
+/* 0x00c8 219 (20 24) */ fxnor %f0,%f16,%f16
+/* 0x00cc 220 (21 26) */ fsubd %f14,%f18,%f12
+/* 0x00d0 221 (21 23) */ ld [%i1+24],%o2
+/* 0x00d4 222 (22 27) */ fsubd %f14,%f4,%f4
+/* 0x00d8 223 (22 24) */ ld [%i1+28],%o3
+/* 0x00dc 224 (23 28) */ fitod %f10,%f18
+/* 0x00e0 225 (24 29) */ fsubd %f14,%f20,%f20
+/* 0x00e4 226 (25 30) */ fitod %f11,%f10
+/* 0x00e8 227 (26 31) */ fsubd %f14,%f6,%f6
+/* 0x00ec 228 (26 31) */ fmuld %f12,%f8,%f12
+/* 0x00f0 229 (27 32) */ fitod %f16,%f22
+/* 0x00f4 230 (27 32) */ fmuld %f4,%f8,%f4
+/* 0x00f8 231 (28 33) */ fsubd %f14,%f18,%f18
+/* 0x00fc 232 (29 34) */ fitod %f17,%f16
+/* 0x0100 233 (29 34) */ fmuld %f20,%f8,%f20
+/* 0x0104 234 (30 35) */ fsubd %f14,%f10,%f10
+/* 0x0108 235 (31 36) */ fdtox %f12,%f12
+/* 0x010c 236 (31 32) */ std %f12,[%sp+152]
+/* 0x0110 237 (31 36) */ fmuld %f6,%f8,%f6
+/* 0x0114 238 (32 37) */ fdtox %f4,%f4
+/* 0x0118 239 (32 33) */ std %f4,[%sp+144]
+/* 0x011c 240 (33 38) */ fsubd %f14,%f22,%f4
+/* 0x0120 241 (33 38) */ fmuld %f18,%f8,%f12
+/* 0x0124 242 (34 39) */ fdtox %f20,%f18
+/* 0x0128 243 (34 35) */ std %f18,[%sp+136]
+/* 0x012c 244 (35 37) */ ldx [%sp+152],%o4
+/* 0x0130 245 (35 40) */ fsubd %f14,%f16,%f14
+/* 0x0134 246 (35 40) */ fmuld %f10,%f8,%f10
+/* 0x0138 247 (36 41) */ fdtox %f6,%f6
+/* 0x013c 248 (36 37) */ std %f6,[%sp+128]
+/* 0x0140 249 (37 39) */ ldx [%sp+144],%o5
+/* 0x0144 250 (37 38) */ add %o4,%g2,%o4
+/* 0x0148 251 (38 39) */ st %o4,[%i0]
+/* 0x014c 252 (38 39) */ srax %o4,32,%g2
+/* 0x0150 253 (38 43) */ fdtox %f12,%f6
+/* 0x0154 254 (38 43) */ fmuld %f4,%f8,%f4
+/* 0x0158 255 (39 40) */ std %f6,[%sp+120]
+/* 0x015c 256 (39 40) */ add %o5,%g3,%g3
+/* 0x0160 257 (40 42) */ ldx [%sp+136],%o7
+/* 0x0164 258 (40 41) */ add %g3,%g2,%g2
+/* 0x0168 259 (40 45) */ fmuld %f14,%f8,%f6
+/* 0x016c 260 (40 45) */ fdtox %f10,%f8
+/* 0x0170 261 (41 42) */ std %f8,[%sp+112]
+/* 0x0174 262 (41 42) */ srax %g2,32,%o5
+/* 0x0178 263 (42 44) */ ldx [%sp+128],%g3
+/* 0x017c 264 (42 43) */ add %o7,%g4,%g4
+/* 0x0180 265 (43 44) */ st %g2,[%i0+4]
+/* 0x0184 266 (43 44) */ add %g4,%o5,%g4
+/* 0x0188 267 (43 48) */ fdtox %f4,%f4
+/* 0x018c 268 (44 46) */ ldx [%sp+120],%o5
+/* 0x0190 269 (44 45) */ add %g3,%g5,%g3
+/* 0x0194 270 (44 45) */ srax %g4,32,%g5
+/* 0x0198 271 (45 46) */ std %f4,[%sp+104]
+/* 0x019c 272 (45 46) */ add %g3,%g5,%g3
+/* 0x01a0 273 (45 50) */ fdtox %f6,%f4
+/* 0x01a4 274 (46 47) */ std %f4,[%sp+96]
+/* 0x01a8 275 (46 47) */ add %o5,%o0,%o0
+/* 0x01ac 276 (46 47) */ srax %g3,32,%o5
+/* 0x01b0 277 (47 49) */ ldx [%sp+112],%g5
+/* 0x01b4 278 (47 48) */ add %o0,%o5,%o0
+/* 0x01b8 279 (48 49) */ st %g4,[%i0+8]
+/* 0x01bc 280 (49 51) */ ldx [%sp+104],%o5
+/* 0x01c0 281 (49 50) */ add %g5,%o1,%o1
+/* 0x01c4 282 (49 50) */ srax %o0,32,%g5
+/* 0x01c8 283 (50 51) */ st %o0,[%i0+16]
+/* 0x01cc 284 (50 51) */ add %o1,%g5,%o1
+/* 0x01d0 285 (51 53) */ ldx [%sp+96],%g5
+/* 0x01d4 286 (51 52) */ add %o5,%o2,%o2
+/* 0x01d8 287 (51 52) */ srax %o1,32,%o5
+/* 0x01dc 288 (52 53) */ st %o1,[%i0+20]
+/* 0x01e0 289 (52 53) */ add %o2,%o5,%o2
+/* 0x01e4 290 (53 54) */ st %o2,[%i0+24]
+/* 0x01e8 291 (53 54) */ srax %o2,32,%g4
+/* 0x01ec 292 (53 54) */ add %g5,%o3,%g2
+/* 0x01f0 293 (54 55) */ st %g3,[%i0+12]
+/* 0x01f4 294 (54 55) */ add %g2,%g4,%g2
+/* 0x01f8 295 (55 56) */ st %g2,[%i0+28]
+/* 0x01fc 299 (55 56) */ srax %g2,32,%o7
+/* 0x0200 300 (56 57) */ or %g0,%o7,%i0
+/* 0x0204 (57 64) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x0208 (59 61) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000037
+!
+
+ .L77000037: /* frequency 1.0 confidence 0.0 */
+/* 0x020c 307 ( 0 1) */ subcc %o2,16,%g0
+/* 0x0210 308 ( 0 1) */ bne,pn %icc,.L77000076 ! tprob=0.50
+/* 0x0214 ( 1 5) */ ldd [%o0],%f8
+/* 0x0218 310 ( 2 6) */ ldd [%g5],%f4
+/* 0x021c 311 ( 3 7) */ ldd [%g5+8],%f6
+/* 0x0220 317 ( 4 8) */ ldd [%o0+8],%f14
+/* 0x0224 318 ( 4 7) */ fmovs %f8,%f12
+/* 0x0228 319 ( 5 7) */ ld [%fp+84],%f13
+/* 0x022c 320 ( 5 9) */ fxnor %f0,%f4,%f4
+/* 0x0230 321 ( 6 10) */ ldd [%g5+16],%f10
+/* 0x0234 322 ( 6 10) */ fxnor %f0,%f6,%f6
+/* 0x0238 323 ( 7 11) */ ldd [%g5+24],%f16
+/* 0x023c 324 ( 8 12) */ ldd [%g5+32],%f20
+/* 0x0240 325 ( 8 13) */ fsubd %f12,%f8,%f8
+/* 0x0244 331 ( 9 11) */ ld [%i1+40],%o7
+/* 0x0248 332 ( 9 14) */ fitod %f4,%f18
+/* 0x024c 333 (10 14) */ ldd [%g5+40],%f22
+/* 0x0250 334 (10 15) */ fitod %f5,%f4
+/* 0x0254 335 (11 12) */ stx %o7,[%sp+96]
+/* 0x0258 336 (11 16) */ fitod %f6,%f24
+/* 0x025c 337 (12 14) */ ld [%i1+44],%o7
+/* 0x0260 338 (12 16) */ fxnor %f0,%f10,%f10
+/* 0x0264 339 (13 17) */ ldd [%g5+48],%f26
+/* 0x0268 340 (13 18) */ fitod %f7,%f6
+/* 0x026c 341 (14 15) */ stx %o7,[%sp+104]
+/* 0x0270 342 (14 19) */ fsubd %f14,%f18,%f18
+/* 0x0274 343 (15 17) */ ld [%i1+48],%o7
+/* 0x0278 344 (15 20) */ fsubd %f14,%f4,%f4
+/* 0x027c 345 (16 18) */ ld [%i1+36],%o5
+/* 0x0280 346 (16 21) */ fitod %f10,%f28
+/* 0x0284 347 (17 18) */ stx %o7,[%sp+112]
+/* 0x0288 348 (17 21) */ fxnor %f0,%f16,%f16
+/* 0x028c 349 (18 20) */ ld [%i1],%g2
+/* 0x0290 350 (18 23) */ fsubd %f14,%f24,%f24
+/* 0x0294 351 (19 20) */ stx %o5,[%sp+120]
+/* 0x0298 352 (19 24) */ fitod %f11,%f10
+/* 0x029c 353 (19 24) */ fmuld %f18,%f8,%f18
+/* 0x02a0 354 (20 22) */ ld [%i1+52],%o5
+/* 0x02a4 355 (20 25) */ fsubd %f14,%f6,%f6
+/* 0x02a8 356 (20 25) */ fmuld %f4,%f8,%f4
+/* 0x02ac 357 (21 26) */ fitod %f16,%f30
+/* 0x02b0 358 (22 26) */ fxnor %f0,%f20,%f20
+/* 0x02b4 359 (22 24) */ ld [%i1+4],%g3
+/* 0x02b8 360 (23 27) */ ldd [%g5+56],%f2
+/* 0x02bc 361 (23 28) */ fsubd %f14,%f28,%f28
+/* 0x02c0 362 (23 28) */ fmuld %f24,%f8,%f24
+/* 0x02c4 363 (24 25) */ stx %o5,[%sp+128]
+/* 0x02c8 364 (24 29) */ fdtox %f18,%f18
+/* 0x02cc 365 (25 26) */ std %f18,[%sp+272]
+/* 0x02d0 366 (25 30) */ fitod %f17,%f16
+/* 0x02d4 367 (25 30) */ fmuld %f6,%f8,%f6
+/* 0x02d8 368 (26 31) */ fsubd %f14,%f10,%f10
+/* 0x02dc 369 (27 32) */ fitod %f20,%f18
+/* 0x02e0 370 (28 33) */ fdtox %f4,%f4
+/* 0x02e4 371 (28 29) */ std %f4,[%sp+264]
+/* 0x02e8 372 (28 33) */ fmuld %f28,%f8,%f28
+/* 0x02ec 373 (29 31) */ ld [%i1+8],%g4
+/* 0x02f0 374 (29 34) */ fsubd %f14,%f30,%f4
+/* 0x02f4 375 (30 34) */ fxnor %f0,%f22,%f22
+/* 0x02f8 376 (30 32) */ ld [%i1+12],%g5
+/* 0x02fc 377 (31 33) */ ld [%i1+16],%o0
+/* 0x0300 378 (31 36) */ fitod %f21,%f20
+/* 0x0304 379 (31 36) */ fmuld %f10,%f8,%f10
+/* 0x0308 380 (32 34) */ ld [%i1+20],%o1
+/* 0x030c 381 (32 37) */ fdtox %f24,%f24
+/* 0x0310 382 (33 34) */ std %f24,[%sp+256]
+/* 0x0314 383 (33 38) */ fsubd %f14,%f16,%f16
+/* 0x0318 384 (34 36) */ ldx [%sp+272],%o7
+/* 0x031c 385 (34 39) */ fdtox %f6,%f6
+/* 0x0320 386 (34 39) */ fmuld %f4,%f8,%f4
+/* 0x0324 387 (35 36) */ std %f6,[%sp+248]
+/* 0x0328 388 (35 40) */ fitod %f22,%f24
+/* 0x032c 389 (36 38) */ ld [%i1+32],%o4
+/* 0x0330 390 (36 41) */ fsubd %f14,%f18,%f6
+/* 0x0334 391 (36 37) */ add %o7,%g2,%g2
+/* 0x0338 392 (37 39) */ ldx [%sp+264],%o7
+/* 0x033c 393 (37 41) */ fxnor %f0,%f26,%f26
+/* 0x0340 394 (37 38) */ srax %g2,32,%o5
+/* 0x0344 395 (38 39) */ st %g2,[%i0]
+/* 0x0348 396 (38 43) */ fitod %f23,%f18
+/* 0x034c 397 (38 43) */ fmuld %f16,%f8,%f16
+/* 0x0350 398 (39 41) */ ldx [%sp+248],%g2
+/* 0x0354 399 (39 44) */ fdtox %f28,%f22
+/* 0x0358 400 (39 40) */ add %o7,%g3,%g3
+/* 0x035c 401 (40 42) */ ldx [%sp+256],%o7
+/* 0x0360 402 (40 45) */ fsubd %f14,%f20,%f20
+/* 0x0364 403 (40 41) */ add %g3,%o5,%g3
+/* 0x0368 404 (41 42) */ std %f22,[%sp+240]
+/* 0x036c 405 (41 46) */ fitod %f26,%f22
+/* 0x0370 406 (41 42) */ srax %g3,32,%o5
+/* 0x0374 407 (41 42) */ add %g2,%g5,%g2
+/* 0x0378 408 (42 43) */ st %g3,[%i0+4]
+/* 0x037c 409 (42 47) */ fdtox %f10,%f10
+/* 0x0380 410 (42 43) */ add %o7,%g4,%g4
+/* 0x0384 411 (42 47) */ fmuld %f6,%f8,%f6
+/* 0x0388 412 (43 44) */ std %f10,[%sp+232]
+/* 0x038c 413 (43 47) */ fxnor %f0,%f2,%f12
+/* 0x0390 414 (43 44) */ add %g4,%o5,%g4
+/* 0x0394 415 (44 45) */ st %g4,[%i0+8]
+/* 0x0398 416 (44 45) */ srax %g4,32,%o5
+/* 0x039c 417 (44 49) */ fsubd %f14,%f24,%f10
+/* 0x03a0 418 (45 47) */ ldx [%sp+240],%o7
+/* 0x03a4 419 (45 50) */ fdtox %f4,%f4
+/* 0x03a8 420 (45 46) */ add %g2,%o5,%g2
+/* 0x03ac 421 (45 50) */ fmuld %f20,%f8,%f20
+/* 0x03b0 422 (46 47) */ std %f4,[%sp+224]
+/* 0x03b4 423 (46 47) */ srax %g2,32,%g5
+/* 0x03b8 424 (46 51) */ fsubd %f14,%f18,%f4
+/* 0x03bc 425 (47 48) */ st %g2,[%i0+12]
+/* 0x03c0 426 (47 52) */ fitod %f27,%f24
+/* 0x03c4 427 (47 48) */ add %o7,%o0,%g3
+/* 0x03c8 428 (48 50) */ ldx [%sp+232],%o5
+/* 0x03cc 429 (48 53) */ fdtox %f16,%f16
+/* 0x03d0 430 (48 49) */ add %g3,%g5,%g2
+/* 0x03d4 431 (49 50) */ std %f16,[%sp+216]
+/* 0x03d8 432 (49 50) */ srax %g2,32,%g4
+/* 0x03dc 433 (49 54) */ fitod %f12,%f18
+/* 0x03e0 434 (49 54) */ fmuld %f10,%f8,%f10
+/* 0x03e4 435 (50 51) */ st %g2,[%i0+16]
+/* 0x03e8 436 (50 55) */ fsubd %f14,%f22,%f16
+/* 0x03ec 437 (50 51) */ add %o5,%o1,%g2
+/* 0x03f0 438 (51 53) */ ld [%i1+24],%o2
+/* 0x03f4 439 (51 56) */ fitod %f13,%f12
+/* 0x03f8 440 (51 52) */ add %g2,%g4,%g2
+/* 0x03fc 441 (51 56) */ fmuld %f4,%f8,%f22
+/* 0x0400 442 (52 54) */ ldx [%sp+224],%g3
+/* 0x0404 443 (52 53) */ srax %g2,32,%g4
+/* 0x0408 444 (52 57) */ fdtox %f6,%f6
+/* 0x040c 445 (53 54) */ std %f6,[%sp+208]
+/* 0x0410 446 (53 58) */ fdtox %f20,%f6
+/* 0x0414 447 (54 55) */ stx %o4,[%sp+136]
+/* 0x0418 448 (54 59) */ fsubd %f14,%f24,%f4
+/* 0x041c 449 (55 56) */ std %f6,[%sp+200]
+/* 0x0420 450 (55 60) */ fsubd %f14,%f18,%f6
+/* 0x0424 451 (55 60) */ fmuld %f16,%f8,%f16
+/* 0x0428 452 (56 57) */ st %g2,[%i0+20]
+/* 0x042c 453 (56 57) */ add %g3,%o2,%g2
+/* 0x0430 454 (56 61) */ fdtox %f10,%f10
+/* 0x0434 455 (57 59) */ ld [%i1+28],%o3
+/* 0x0438 456 (57 58) */ add %g2,%g4,%g2
+/* 0x043c 457 (58 60) */ ldx [%sp+216],%g5
+/* 0x0440 458 (58 59) */ srax %g2,32,%g4
+/* 0x0444 459 (59 60) */ std %f10,[%sp+192]
+/* 0x0448 460 (59 64) */ fsubd %f14,%f12,%f10
+/* 0x044c 461 (59 64) */ fmuld %f4,%f8,%f4
+/* 0x0450 462 (60 61) */ st %g2,[%i0+24]
+/* 0x0454 463 (60 61) */ add %g5,%o3,%g2
+/* 0x0458 464 (60 65) */ fdtox %f22,%f12
+/* 0x045c 465 (60 65) */ fmuld %f6,%f8,%f6
+/* 0x0460 466 (61 63) */ ldx [%sp+136],%o0
+/* 0x0464 467 (61 62) */ add %g2,%g4,%g2
+/* 0x0468 468 (62 64) */ ldx [%sp+208],%g3
+/* 0x046c 469 (62 63) */ srax %g2,32,%g4
+/* 0x0470 470 (63 65) */ ldx [%sp+120],%o1
+/* 0x0474 471 (64 66) */ ldx [%sp+200],%g5
+/* 0x0478 472 (64 65) */ add %g3,%o0,%g3
+/* 0x047c 473 (64 69) */ fdtox %f4,%f4
+/* 0x0480 474 (64 69) */ fmuld %f10,%f8,%f8
+/* 0x0484 475 (65 66) */ std %f12,[%sp+184]
+/* 0x0488 476 (65 66) */ add %g3,%g4,%g3
+/* 0x048c 477 (65 70) */ fdtox %f16,%f12
+/* 0x0490 478 (66 67) */ std %f12,[%sp+176]
+/* 0x0494 479 (66 67) */ srax %g3,32,%o0
+/* 0x0498 480 (66 67) */ add %g5,%o1,%g5
+/* 0x049c 481 (67 69) */ ldx [%sp+192],%o2
+/* 0x04a0 482 (67 68) */ add %g5,%o0,%g5
+/* 0x04a4 483 (68 70) */ ldx [%sp+96],%g4
+/* 0x04a8 484 (68 69) */ srax %g5,32,%o1
+/* 0x04ac 485 (69 71) */ ld [%i1+56],%o4
+/* 0x04b0 486 (70 72) */ ldx [%sp+104],%o0
+/* 0x04b4 487 (70 71) */ add %o2,%g4,%g4
+/* 0x04b8 488 (71 72) */ std %f4,[%sp+168]
+/* 0x04bc 489 (71 72) */ add %g4,%o1,%g4
+/* 0x04c0 490 (71 76) */ fdtox %f6,%f4
+/* 0x04c4 491 (72 74) */ ldx [%sp+184],%o3
+/* 0x04c8 492 (72 73) */ srax %g4,32,%o2
+/* 0x04cc 493 (73 75) */ ldx [%sp+112],%o1
+/* 0x04d0 494 (74 75) */ std %f4,[%sp+160]
+/* 0x04d4 495 (74 75) */ add %o3,%o0,%o0
+/* 0x04d8 496 (74 79) */ fdtox %f8,%f4
+/* 0x04dc 497 (75 77) */ ldx [%sp+176],%o5
+/* 0x04e0 498 (75 76) */ add %o0,%o2,%o0
+/* 0x04e4 499 (76 77) */ stx %o4,[%sp+144]
+/* 0x04e8 500 (77 78) */ st %g2,[%i0+28]
+/* 0x04ec 501 (77 78) */ add %o5,%o1,%g2
+/* 0x04f0 502 (77 78) */ srax %o0,32,%o1
+/* 0x04f4 503 (78 79) */ std %f4,[%sp+152]
+/* 0x04f8 504 (78 79) */ add %g2,%o1,%o1
+/* 0x04fc 505 (79 81) */ ldx [%sp+168],%o7
+/* 0x0500 506 (79 80) */ srax %o1,32,%o3
+/* 0x0504 507 (80 82) */ ldx [%sp+128],%o2
+/* 0x0508 508 (81 83) */ ld [%i1+60],%o4
+/* 0x050c 509 (82 83) */ add %o7,%o2,%o2
+/* 0x0510 510 (83 84) */ add %o2,%o3,%o2
+/* 0x0514 511 (83 85) */ ldx [%sp+144],%o5
+/* 0x0518 512 (84 86) */ ldx [%sp+160],%g2
+/* 0x051c 513 (85 87) */ ldx [%sp+152],%o3
+/* 0x0520 514 (86 87) */ st %g3,[%i0+32]
+/* 0x0524 515 (86 87) */ add %g2,%o5,%g2
+/* 0x0528 516 (86 87) */ srax %o2,32,%o5
+/* 0x052c 517 (87 88) */ st %g5,[%i0+36]
+/* 0x0530 518 (87 88) */ add %g2,%o5,%g2
+/* 0x0534 519 (87 88) */ add %o3,%o4,%g3
+/* 0x0538 520 (88 89) */ st %o0,[%i0+44]
+/* 0x053c 521 (88 89) */ srax %g2,32,%g5
+/* 0x0540 522 (89 90) */ st %o1,[%i0+48]
+/* 0x0544 523 (89 90) */ add %g3,%g5,%g3
+/* 0x0548 524 (90 91) */ st %o2,[%i0+52]
+/* 0x054c 528 (90 91) */ srax %g3,32,%o7
+/* 0x0550 529 (91 92) */ st %g4,[%i0+40]
+/* 0x0554 530 (92 93) */ st %g2,[%i0+56]
+/* 0x0558 531 (93 94) */ st %g3,[%i0+60]
+/* 0x055c 532 (93 94) */ or %g0,%o7,%i0
+/* 0x0560 (94 101) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x0564 (96 98) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000076
+!
+
+ .L77000076: /* frequency 1.0 confidence 0.0 */
+/* 0x0568 540 ( 0 4) */ ldd [%o0],%f6
+/* 0x056c 546 ( 0 1) */ add %o2,1,%g2
+/* 0x0570 547 ( 0 3) */ fmovd %f0,%f14
+/* 0x0574 548 ( 0 1) */ or %g0,0,%o7
+/* 0x0578 549 ( 1 3) */ ld [%fp+84],%f9
+/* 0x057c 550 ( 1 2) */ srl %g2,31,%g3
+/* 0x0580 551 ( 1 2) */ add %fp,-2264,%o5
+/* 0x0584 552 ( 2 3) */ add %g2,%g3,%g2
+/* 0x0588 553 ( 2 6) */ ldd [%o0+8],%f18
+/* 0x058c 554 ( 2 3) */ add %fp,-2256,%o4
+/* 0x0590 555 ( 3 6) */ fmovs %f6,%f8
+/* 0x0594 556 ( 3 4) */ sra %g2,1,%o1
+/* 0x0598 557 ( 3 4) */ or %g0,0,%g2
+/* 0x059c 558 ( 4 5) */ subcc %o1,0,%g0
+/* 0x05a0 559 ( 4 5) */ sub %o1,1,%o2
+/* 0x05a4 563 ( 5 6) */ add %g5,32,%o0
+/* 0x05a8 564 ( 6 11) */ fsubd %f8,%f6,%f16
+/* 0x05ac 565 ( 6 7) */ ble,pt %icc,.L900000161 ! tprob=0.50
+/* 0x05b0 ( 6 7) */ subcc %o3,0,%g0
+/* 0x05b4 567 ( 7 8) */ subcc %o1,7,%g0
+/* 0x05b8 568 ( 7 8) */ bl,pn %icc,.L77000077 ! tprob=0.50
+/* 0x05bc ( 7 8) */ sub %o1,2,%o1
+/* 0x05c0 570 ( 8 12) */ ldd [%g5],%f2
+/* 0x05c4 571 ( 9 13) */ ldd [%g5+8],%f4
+/* 0x05c8 572 ( 9 10) */ or %g0,5,%g2
+/* 0x05cc 573 (10 14) */ ldd [%g5+16],%f0
+/* 0x05d0 574 (11 15) */ fxnor %f14,%f2,%f2
+/* 0x05d4 575 (11 15) */ ldd [%g5+24],%f12
+/* 0x05d8 576 (12 16) */ fxnor %f14,%f4,%f6
+/* 0x05dc 577 (12 16) */ ldd [%g5+32],%f10
+/* 0x05e0 578 (13 17) */ fxnor %f14,%f0,%f8
+/* 0x05e4 579 (15 20) */ fitod %f3,%f0
+/* 0x05e8 580 (16 21) */ fitod %f2,%f4
+/* 0x05ec 581 (17 22) */ fitod %f7,%f2
+/* 0x05f0 582 (18 23) */ fitod %f6,%f6
+/* 0x05f4 583 (20 25) */ fsubd %f18,%f0,%f0
+/* 0x05f8 584 (21 26) */ fsubd %f18,%f4,%f4
+
+!
+! ENTRY .L900000149
+!
+
+ .L900000149: /* frequency 1.0 confidence 0.0 */
+/* 0x05fc 586 ( 0 4) */ fxnor %f14,%f12,%f22
+/* 0x0600 587 ( 0 5) */ fmuld %f4,%f16,%f4
+/* 0x0604 588 ( 0 1) */ add %g2,2,%g2
+/* 0x0608 589 ( 0 1) */ add %o4,32,%o4
+/* 0x060c 590 ( 1 6) */ fitod %f9,%f24
+/* 0x0610 591 ( 1 6) */ fmuld %f0,%f16,%f20
+/* 0x0614 592 ( 1 2) */ add %o0,8,%o0
+/* 0x0618 593 ( 1 2) */ subcc %g2,%o1,%g0
+/* 0x061c 594 ( 2 6) */ ldd [%o0],%f12
+/* 0x0620 595 ( 2 7) */ fsubd %f18,%f2,%f0
+/* 0x0624 596 ( 2 3) */ add %o5,32,%o5
+/* 0x0628 597 ( 3 8) */ fsubd %f18,%f6,%f2
+/* 0x062c 598 ( 5 10) */ fdtox %f4,%f4
+/* 0x0630 599 ( 6 11) */ fdtox %f20,%f6
+/* 0x0634 600 ( 6 7) */ std %f4,[%o5-32]
+/* 0x0638 601 ( 7 12) */ fitod %f8,%f4
+/* 0x063c 602 ( 7 8) */ std %f6,[%o4-32]
+/* 0x0640 603 ( 8 12) */ fxnor %f14,%f10,%f8
+/* 0x0644 604 ( 8 13) */ fmuld %f2,%f16,%f6
+/* 0x0648 605 ( 9 14) */ fitod %f23,%f2
+/* 0x064c 606 ( 9 14) */ fmuld %f0,%f16,%f20
+/* 0x0650 607 ( 9 10) */ add %o0,8,%o0
+/* 0x0654 608 (10 14) */ ldd [%o0],%f10
+/* 0x0658 609 (10 15) */ fsubd %f18,%f24,%f0
+/* 0x065c 610 (12 17) */ fsubd %f18,%f4,%f4
+/* 0x0660 611 (13 18) */ fdtox %f6,%f6
+/* 0x0664 612 (14 19) */ fdtox %f20,%f20
+/* 0x0668 613 (14 15) */ std %f6,[%o5-16]
+/* 0x066c 614 (15 20) */ fitod %f22,%f6
+/* 0x0670 615 (15 16) */ ble,pt %icc,.L900000149 ! tprob=0.50
+/* 0x0674 (15 16) */ std %f20,[%o4-16]
+
+!
+! ENTRY .L900000152
+!
+
+ .L900000152: /* frequency 1.0 confidence 0.0 */
+/* 0x0678 618 ( 0 4) */ fxnor %f14,%f12,%f12
+/* 0x067c 619 ( 0 5) */ fmuld %f0,%f16,%f22
+/* 0x0680 620 ( 0 1) */ add %o5,80,%o5
+/* 0x0684 621 ( 0 1) */ add %o4,80,%o4
+/* 0x0688 622 ( 1 5) */ fxnor %f14,%f10,%f0
+/* 0x068c 623 ( 1 6) */ fmuld %f4,%f16,%f24
+/* 0x0690 624 ( 1 2) */ subcc %g2,%o2,%g0
+/* 0x0694 625 ( 1 2) */ add %o0,8,%g5
+/* 0x0698 626 ( 2 7) */ fitod %f8,%f20
+/* 0x069c 627 ( 3 8) */ fitod %f9,%f8
+/* 0x06a0 628 ( 4 9) */ fsubd %f18,%f6,%f6
+/* 0x06a4 629 ( 5 10) */ fitod %f12,%f26
+/* 0x06a8 630 ( 6 11) */ fitod %f13,%f4
+/* 0x06ac 631 ( 7 12) */ fsubd %f18,%f2,%f12
+/* 0x06b0 632 ( 8 13) */ fitod %f0,%f2
+/* 0x06b4 633 ( 9 14) */ fitod %f1,%f0
+/* 0x06b8 634 (10 15) */ fsubd %f18,%f20,%f10
+/* 0x06bc 635 (10 15) */ fmuld %f6,%f16,%f20
+/* 0x06c0 636 (11 16) */ fsubd %f18,%f8,%f8
+/* 0x06c4 637 (12 17) */ fsubd %f18,%f26,%f6
+/* 0x06c8 638 (12 17) */ fmuld %f12,%f16,%f12
+/* 0x06cc 639 (13 18) */ fsubd %f18,%f4,%f4
+/* 0x06d0 640 (14 19) */ fsubd %f18,%f2,%f2
+/* 0x06d4 641 (15 20) */ fsubd %f18,%f0,%f0
+/* 0x06d8 642 (15 20) */ fmuld %f10,%f16,%f10
+/* 0x06dc 643 (16 21) */ fdtox %f24,%f24
+/* 0x06e0 644 (16 17) */ std %f24,[%o5-80]
+/* 0x06e4 645 (16 21) */ fmuld %f8,%f16,%f8
+/* 0x06e8 646 (17 22) */ fdtox %f22,%f22
+/* 0x06ec 647 (17 18) */ std %f22,[%o4-80]
+/* 0x06f0 648 (17 22) */ fmuld %f6,%f16,%f6
+/* 0x06f4 649 (18 23) */ fdtox %f20,%f20
+/* 0x06f8 650 (18 19) */ std %f20,[%o5-64]
+/* 0x06fc 651 (18 23) */ fmuld %f4,%f16,%f4
+/* 0x0700 652 (19 24) */ fdtox %f12,%f12
+/* 0x0704 653 (19 20) */ std %f12,[%o4-64]
+/* 0x0708 654 (19 24) */ fmuld %f2,%f16,%f2
+/* 0x070c 655 (20 25) */ fdtox %f10,%f10
+/* 0x0710 656 (20 21) */ std %f10,[%o5-48]
+/* 0x0714 657 (20 25) */ fmuld %f0,%f16,%f0
+/* 0x0718 658 (21 26) */ fdtox %f8,%f8
+/* 0x071c 659 (21 22) */ std %f8,[%o4-48]
+/* 0x0720 660 (22 27) */ fdtox %f6,%f6
+/* 0x0724 661 (22 23) */ std %f6,[%o5-32]
+/* 0x0728 662 (23 28) */ fdtox %f4,%f4
+/* 0x072c 663 (23 24) */ std %f4,[%o4-32]
+/* 0x0730 664 (24 29) */ fdtox %f2,%f2
+/* 0x0734 665 (24 25) */ std %f2,[%o5-16]
+/* 0x0738 666 (25 30) */ fdtox %f0,%f0
+/* 0x073c 667 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50
+/* 0x0740 (25 26) */ std %f0,[%o4-16]
+
+!
+! ENTRY .L77000077
+!
+
+ .L77000077: /* frequency 1.0 confidence 0.0 */
+/* 0x0744 670 ( 0 4) */ ldd [%g5],%f0
+
+!
+! ENTRY .L900000160
+!
+
+ .L900000160: /* frequency 1.0 confidence 0.0 */
+/* 0x0748 672 ( 0 4) */ fxnor %f14,%f0,%f0
+/* 0x074c 673 ( 0 1) */ add %g2,1,%g2
+/* 0x0750 674 ( 0 1) */ add %g5,8,%g5
+/* 0x0754 675 ( 1 2) */ subcc %g2,%o2,%g0
+/* 0x0758 676 ( 4 9) */ fitod %f0,%f2
+/* 0x075c 677 ( 5 10) */ fitod %f1,%f0
+/* 0x0760 678 ( 9 14) */ fsubd %f18,%f2,%f2
+/* 0x0764 679 (10 15) */ fsubd %f18,%f0,%f0
+/* 0x0768 680 (14 19) */ fmuld %f2,%f16,%f2
+/* 0x076c 681 (15 20) */ fmuld %f0,%f16,%f0
+/* 0x0770 682 (19 24) */ fdtox %f2,%f2
+/* 0x0774 683 (19 20) */ std %f2,[%o5]
+/* 0x0778 684 (19 20) */ add %o5,16,%o5
+/* 0x077c 685 (20 25) */ fdtox %f0,%f0
+/* 0x0780 686 (20 21) */ std %f0,[%o4]
+/* 0x0784 687 (20 21) */ add %o4,16,%o4
+/* 0x0788 688 (20 21) */ ble,a,pt %icc,.L900000160 ! tprob=0.50
+/* 0x078c (23 27) */ ldd [%g5],%f0
+
+!
+! ENTRY .L77000043
+!
+
+ .L77000043: /* frequency 1.0 confidence 0.0 */
+/* 0x0790 696 ( 0 1) */ subcc %o3,0,%g0
+
+!
+! ENTRY .L900000161
+!
+
+ .L900000161: /* frequency 1.0 confidence 0.0 */
+/* 0x0794 698 ( 0 1) */ ble,a,pt %icc,.L900000159 ! tprob=0.50
+/* 0x0798 ( 0 1) */ or %g0,%o7,%i0
+/* 0x079c 703 ( 0 2) */ ldx [%fp-2256],%o2
+/* 0x07a0 704 ( 0 1) */ or %g0,%i1,%g3
+/* 0x07a4 705 ( 1 2) */ sub %o3,1,%o5
+/* 0x07a8 706 ( 1 2) */ or %g0,0,%g4
+/* 0x07ac 707 ( 2 3) */ add %fp,-2264,%g5
+/* 0x07b0 708 ( 2 3) */ or %g0,%i0,%g2
+/* 0x07b4 709 ( 3 4) */ subcc %o3,6,%g0
+/* 0x07b8 710 ( 3 4) */ sub %o5,2,%o4
+/* 0x07bc 711 ( 3 4) */ bl,pn %icc,.L77000078 ! tprob=0.50
+/* 0x07c0 ( 3 5) */ ldx [%fp-2264],%o0
+/* 0x07c4 713 ( 4 6) */ ld [%g3],%o1
+/* 0x07c8 714 ( 4 5) */ add %g2,4,%g2
+/* 0x07cc 715 ( 4 5) */ or %g0,3,%g4
+/* 0x07d0 716 ( 5 7) */ ld [%g3+4],%o3
+/* 0x07d4 717 ( 5 6) */ add %g3,8,%g3
+/* 0x07d8 718 ( 5 6) */ add %fp,-2240,%g5
+/* 0x07dc 719 ( 6 7) */ add %o0,%o1,%o0
+/* 0x07e0 720 ( 6 8) */ ldx [%fp-2248],%o1
+/* 0x07e4 721 ( 7 8) */ st %o0,[%g2-4]
+/* 0x07e8 722 ( 7 8) */ srax %o0,32,%o0
+
+!
+! ENTRY .L900000145
+!
+
+ .L900000145: /* frequency 1.0 confidence 0.0 */
+/* 0x07ec 724 ( 0 2) */ ld [%g3],%o7
+/* 0x07f0 725 ( 0 1) */ add %o2,%o3,%o2
+/* 0x07f4 726 ( 0 1) */ sra %o0,0,%o3
+/* 0x07f8 727 ( 1 3) */ ldx [%g5],%o0
+/* 0x07fc 728 ( 1 2) */ add %o2,%o3,%o2
+/* 0x0800 729 ( 1 2) */ add %g4,3,%g4
+/* 0x0804 730 ( 2 3) */ st %o2,[%g2]
+/* 0x0808 731 ( 2 3) */ srax %o2,32,%o3
+/* 0x080c 732 ( 2 3) */ subcc %g4,%o4,%g0
+/* 0x0810 733 ( 3 5) */ ld [%g3+4],%o2
+/* 0x0814 734 ( 4 5) */ stx %o2,[%sp+96]
+/* 0x0818 735 ( 4 5) */ add %o1,%o7,%o1
+/* 0x081c 736 ( 5 7) */ ldx [%g5+8],%o2
+/* 0x0820 737 ( 5 6) */ add %o1,%o3,%o1
+/* 0x0824 738 ( 5 6) */ add %g2,12,%g2
+/* 0x0828 739 ( 6 7) */ st %o1,[%g2-8]
+/* 0x082c 740 ( 6 7) */ srax %o1,32,%o7
+/* 0x0830 741 ( 6 7) */ add %g3,12,%g3
+/* 0x0834 742 ( 7 9) */ ld [%g3-4],%o3
+/* 0x0838 743 ( 8 10) */ ldx [%sp+96],%o1
+/* 0x083c 744 (10 11) */ add %o0,%o1,%o0
+/* 0x0840 745 (10 12) */ ldx [%g5+16],%o1
+/* 0x0844 746 (11 12) */ add %o0,%o7,%o0
+/* 0x0848 747 (11 12) */ add %g5,24,%g5
+/* 0x084c 748 (11 12) */ st %o0,[%g2-4]
+/* 0x0850 749 (11 12) */ ble,pt %icc,.L900000145 ! tprob=0.50
+/* 0x0854 (12 13) */ srax %o0,32,%o0
+
+!
+! ENTRY .L900000148
+!
+
+ .L900000148: /* frequency 1.0 confidence 0.0 */
+/* 0x0858 752 ( 0 1) */ add %o2,%o3,%o2
+/* 0x085c 753 ( 0 1) */ sra %o0,0,%o3
+/* 0x0860 754 ( 0 2) */ ld [%g3],%o0
+/* 0x0864 755 ( 1 2) */ add %o2,%o3,%o3
+/* 0x0868 756 ( 1 2) */ add %g2,8,%g2
+/* 0x086c 757 ( 2 3) */ srax %o3,32,%o2
+/* 0x0870 758 ( 2 3) */ st %o3,[%g2-8]
+/* 0x0874 759 ( 2 3) */ add %o1,%o0,%o0
+/* 0x0878 760 ( 3 4) */ add %o0,%o2,%o0
+/* 0x087c 761 ( 3 4) */ st %o0,[%g2-4]
+/* 0x0880 762 ( 3 4) */ subcc %g4,%o5,%g0
+/* 0x0884 763 ( 3 4) */ bg,pn %icc,.L77000061 ! tprob=0.50
+/* 0x0888 ( 4 5) */ srax %o0,32,%o7
+/* 0x088c 765 ( 4 5) */ add %g3,4,%g3
+
+!
+! ENTRY .L77000078
+!
+
+ .L77000078: /* frequency 1.0 confidence 0.0 */
+/* 0x0890 767 ( 0 2) */ ld [%g3],%o2
+
+!
+! ENTRY .L900000158
+!
+
+ .L900000158: /* frequency 1.0 confidence 0.0 */
+/* 0x0894 769 ( 0 2) */ ldx [%g5],%o0
+/* 0x0898 770 ( 0 1) */ sra %o7,0,%o1
+/* 0x089c 771 ( 0 1) */ add %g4,1,%g4
+/* 0x08a0 772 ( 1 2) */ add %g3,4,%g3
+/* 0x08a4 773 ( 1 2) */ add %g5,8,%g5
+/* 0x08a8 774 ( 2 3) */ add %o0,%o2,%o0
+/* 0x08ac 775 ( 2 3) */ subcc %g4,%o5,%g0
+/* 0x08b0 776 ( 3 4) */ add %o0,%o1,%o0
+/* 0x08b4 777 ( 3 4) */ st %o0,[%g2]
+/* 0x08b8 778 ( 3 4) */ add %g2,4,%g2
+/* 0x08bc 779 ( 4 5) */ srax %o0,32,%o7
+/* 0x08c0 780 ( 4 5) */ ble,a,pt %icc,.L900000158 ! tprob=0.50
+/* 0x08c4 ( 4 6) */ ld [%g3],%o2
+
+!
+! ENTRY .L77000047
+!
+
+ .L77000047: /* frequency 1.0 confidence 0.0 */
+/* 0x08c8 783 ( 0 1) */ or %g0,%o7,%i0
+/* 0x08cc ( 1 8) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x08d0 ( 3 5) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000048
+!
+
+ .L77000048: /* frequency 1.0 confidence 0.0 */
+/* 0x08d4 794 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50
+/* 0x08d8 ( 0 1) */ sethi %hi(0xfff80000),%g2
+/* 0x08dc 796 ( 0 4) */ ldd [%g5],%f4
+/* 0x08e0 804 ( 0 1) */ srl %o1,19,%g3
+/* 0x08e4 805 ( 1 2) */ st %g3,[%sp+240]
+/* 0x08e8 806 ( 1 2) */ andn %o1,%g2,%g2
+/* 0x08ec 807 ( 2 6) */ ldd [%o0],%f8
+/* 0x08f0 808 ( 3 4) */ st %g2,[%sp+244]
+/* 0x08f4 809 ( 3 7) */ fxnor %f0,%f4,%f4
+/* 0x08f8 810 ( 4 8) */ ldd [%g5+8],%f6
+/* 0x08fc 814 ( 5 9) */ ldd [%o0+8],%f18
+/* 0x0900 815 ( 5 8) */ fmovs %f8,%f12
+/* 0x0904 816 ( 6 10) */ ldd [%g5+16],%f10
+/* 0x0908 817 ( 6 9) */ fmovs %f8,%f16
+/* 0x090c 818 ( 7 11) */ ldd [%g5+24],%f20
+/* 0x0910 819 ( 7 12) */ fitod %f4,%f14
+/* 0x0914 823 ( 8 10) */ ld [%i1],%g2
+/* 0x0918 824 ( 8 13) */ fitod %f5,%f4
+/* 0x091c 825 ( 9 11) */ ld [%sp+240],%f13
+/* 0x0920 826 ( 9 13) */ fxnor %f0,%f6,%f6
+/* 0x0924 827 (10 12) */ ld [%sp+244],%f17
+/* 0x0928 828 (10 14) */ fxnor %f0,%f10,%f10
+/* 0x092c 829 (11 13) */ ld [%i1+28],%o3
+/* 0x0930 830 (11 15) */ fxnor %f0,%f20,%f20
+/* 0x0934 831 (12 14) */ ld [%i1+4],%g3
+/* 0x0938 832 (12 17) */ fsubd %f12,%f8,%f12
+/* 0x093c 833 (13 14) */ stx %o3,[%sp+96]
+/* 0x0940 834 (13 18) */ fsubd %f18,%f14,%f14
+/* 0x0944 835 (14 16) */ ld [%i1+8],%g4
+/* 0x0948 836 (14 19) */ fsubd %f16,%f8,%f8
+/* 0x094c 837 (15 17) */ ld [%i1+12],%g5
+/* 0x0950 838 (15 20) */ fsubd %f18,%f4,%f4
+/* 0x0954 839 (16 18) */ ld [%i1+16],%o0
+/* 0x0958 840 (16 21) */ fitod %f6,%f22
+/* 0x095c 841 (17 19) */ ld [%i1+20],%o1
+/* 0x0960 842 (17 22) */ fitod %f7,%f6
+/* 0x0964 843 (18 20) */ ld [%i1+24],%o2
+/* 0x0968 844 (18 23) */ fitod %f10,%f16
+/* 0x096c 845 (18 23) */ fmuld %f14,%f12,%f24
+/* 0x0970 846 (19 24) */ fitod %f20,%f28
+/* 0x0974 847 (19 24) */ fmuld %f14,%f8,%f14
+/* 0x0978 848 (20 25) */ fitod %f11,%f10
+/* 0x097c 849 (20 25) */ fmuld %f4,%f12,%f26
+/* 0x0980 850 (21 26) */ fsubd %f18,%f22,%f22
+/* 0x0984 851 (21 26) */ fmuld %f4,%f8,%f4
+/* 0x0988 852 (22 27) */ fsubd %f18,%f6,%f6
+/* 0x098c 853 (23 28) */ fdtox %f24,%f24
+/* 0x0990 854 (23 24) */ std %f24,[%sp+224]
+/* 0x0994 855 (24 29) */ fdtox %f14,%f14
+/* 0x0998 856 (24 25) */ std %f14,[%sp+232]
+/* 0x099c 857 (25 30) */ fdtox %f26,%f14
+/* 0x09a0 858 (25 26) */ std %f14,[%sp+208]
+/* 0x09a4 859 (26 28) */ ldx [%sp+224],%o4
+/* 0x09a8 860 (26 31) */ fitod %f21,%f20
+/* 0x09ac 861 (26 31) */ fmuld %f22,%f12,%f30
+/* 0x09b0 862 (27 29) */ ldx [%sp+232],%o5
+/* 0x09b4 863 (27 32) */ fsubd %f18,%f16,%f16
+/* 0x09b8 864 (27 32) */ fmuld %f22,%f8,%f22
+/* 0x09bc 865 (28 29) */ sllx %o4,19,%o4
+/* 0x09c0 866 (28 33) */ fdtox %f4,%f4
+/* 0x09c4 867 (28 29) */ std %f4,[%sp+216]
+/* 0x09c8 868 (28 33) */ fmuld %f6,%f12,%f24
+/* 0x09cc 869 (29 34) */ fsubd %f18,%f28,%f26
+/* 0x09d0 870 (29 30) */ add %o5,%o4,%o4
+/* 0x09d4 871 (29 34) */ fmuld %f6,%f8,%f6
+/* 0x09d8 872 (30 35) */ fsubd %f18,%f10,%f10
+/* 0x09dc 873 (30 31) */ add %o4,%g2,%g2
+/* 0x09e0 874 (30 31) */ st %g2,[%i0]
+/* 0x09e4 875 (31 33) */ ldx [%sp+208],%o7
+/* 0x09e8 876 (31 32) */ srlx %g2,32,%o5
+/* 0x09ec 877 (31 36) */ fsubd %f18,%f20,%f18
+/* 0x09f0 878 (32 37) */ fdtox %f30,%f28
+/* 0x09f4 879 (32 33) */ std %f28,[%sp+192]
+/* 0x09f8 880 (32 37) */ fmuld %f16,%f12,%f14
+/* 0x09fc 881 (33 34) */ sllx %o7,19,%o4
+/* 0x0a00 882 (33 35) */ ldx [%sp+216],%o7
+/* 0x0a04 883 (33 38) */ fdtox %f22,%f20
+/* 0x0a08 884 (33 38) */ fmuld %f16,%f8,%f16
+/* 0x0a0c 885 (34 35) */ std %f20,[%sp+200]
+/* 0x0a10 886 (34 39) */ fdtox %f24,%f20
+/* 0x0a14 887 (34 39) */ fmuld %f26,%f12,%f22
+/* 0x0a18 888 (35 36) */ std %f20,[%sp+176]
+/* 0x0a1c 889 (35 36) */ add %o7,%o4,%o4
+/* 0x0a20 890 (35 40) */ fdtox %f6,%f6
+/* 0x0a24 891 (35 40) */ fmuld %f10,%f12,%f4
+/* 0x0a28 892 (36 38) */ ldx [%sp+192],%o3
+/* 0x0a2c 893 (36 37) */ add %o4,%g3,%g3
+/* 0x0a30 894 (36 41) */ fmuld %f10,%f8,%f10
+/* 0x0a34 895 (37 38) */ std %f6,[%sp+184]
+/* 0x0a38 896 (37 38) */ add %g3,%o5,%g3
+/* 0x0a3c 897 (37 42) */ fdtox %f14,%f6
+/* 0x0a40 898 (37 42) */ fmuld %f26,%f8,%f20
+/* 0x0a44 899 (38 40) */ ldx [%sp+200],%o4
+/* 0x0a48 900 (38 39) */ sllx %o3,19,%o3
+/* 0x0a4c 901 (38 39) */ srlx %g3,32,%o5
+/* 0x0a50 902 (38 43) */ fdtox %f16,%f14
+/* 0x0a54 903 (39 40) */ std %f6,[%sp+160]
+/* 0x0a58 904 (39 44) */ fmuld %f18,%f12,%f12
+/* 0x0a5c 905 (40 42) */ ldx [%sp+176],%o7
+/* 0x0a60 906 (40 41) */ add %o4,%o3,%o3
+/* 0x0a64 907 (40 45) */ fdtox %f4,%f16
+/* 0x0a68 908 (40 45) */ fmuld %f18,%f8,%f18
+/* 0x0a6c 909 (41 42) */ std %f14,[%sp+168]
+/* 0x0a70 910 (41 42) */ add %o3,%g4,%g4
+/* 0x0a74 911 (41 46) */ fdtox %f10,%f4
+/* 0x0a78 912 (42 44) */ ldx [%sp+184],%o3
+/* 0x0a7c 913 (42 43) */ sllx %o7,19,%o4
+/* 0x0a80 914 (42 43) */ add %g4,%o5,%g4
+/* 0x0a84 915 (42 47) */ fdtox %f22,%f14
+/* 0x0a88 916 (43 44) */ std %f16,[%sp+144]
+/* 0x0a8c 917 (43 44) */ srlx %g4,32,%o5
+/* 0x0a90 918 (43 48) */ fdtox %f20,%f6
+/* 0x0a94 919 (44 46) */ ldx [%sp+160],%o7
+/* 0x0a98 920 (44 45) */ add %o3,%o4,%o3
+/* 0x0a9c 921 (44 49) */ fdtox %f12,%f16
+/* 0x0aa0 922 (45 46) */ std %f4,[%sp+152]
+/* 0x0aa4 923 (45 46) */ add %o3,%g5,%g5
+/* 0x0aa8 924 (45 50) */ fdtox %f18,%f8
+/* 0x0aac 925 (46 48) */ ldx [%sp+168],%o3
+/* 0x0ab0 926 (46 47) */ sllx %o7,19,%o4
+/* 0x0ab4 927 (46 47) */ add %g5,%o5,%g5
+/* 0x0ab8 928 (47 48) */ std %f14,[%sp+128]
+/* 0x0abc 929 (47 48) */ srlx %g5,32,%o5
+/* 0x0ac0 930 (48 49) */ std %f6,[%sp+136]
+/* 0x0ac4 931 (48 49) */ add %o3,%o4,%o3
+/* 0x0ac8 932 (49 50) */ std %f16,[%sp+112]
+/* 0x0acc 933 (49 50) */ add %o3,%o0,%o0
+/* 0x0ad0 934 (50 52) */ ldx [%sp+144],%o7
+/* 0x0ad4 935 (50 51) */ add %o0,%o5,%o0
+/* 0x0ad8 936 (51 53) */ ldx [%sp+152],%o3
+/* 0x0adc 937 (52 53) */ std %f8,[%sp+120]
+/* 0x0ae0 938 (52 53) */ sllx %o7,19,%o4
+/* 0x0ae4 939 (52 53) */ srlx %o0,32,%o7
+/* 0x0ae8 940 (53 54) */ stx %o0,[%sp+104]
+/* 0x0aec 941 (53 54) */ add %o3,%o4,%o3
+/* 0x0af0 942 (54 56) */ ldx [%sp+128],%o5
+/* 0x0af4 943 (54 55) */ add %o3,%o1,%o1
+/* 0x0af8 944 (55 57) */ ldx [%sp+136],%o0
+/* 0x0afc 945 (55 56) */ add %o1,%o7,%o1
+/* 0x0b00 946 (56 57) */ st %g3,[%i0+4]
+/* 0x0b04 947 (56 57) */ sllx %o5,19,%o3
+/* 0x0b08 948 (57 59) */ ldx [%sp+112],%o4
+/* 0x0b0c 949 (57 58) */ add %o0,%o3,%o3
+/* 0x0b10 950 (58 60) */ ldx [%sp+120],%o0
+/* 0x0b14 951 (58 59) */ add %o3,%o2,%o2
+/* 0x0b18 952 (58 59) */ srlx %o1,32,%o3
+/* 0x0b1c 953 (59 60) */ st %o1,[%i0+20]
+/* 0x0b20 954 (59 60) */ sllx %o4,19,%g2
+/* 0x0b24 955 (59 60) */ add %o2,%o3,%o2
+/* 0x0b28 956 (60 62) */ ldx [%sp+96],%o4
+/* 0x0b2c 957 (60 61) */ srlx %o2,32,%g3
+/* 0x0b30 958 (60 61) */ add %o0,%g2,%g2
+/* 0x0b34 959 (61 63) */ ldx [%sp+104],%o0
+/* 0x0b38 960 (62 63) */ st %o2,[%i0+24]
+/* 0x0b3c 961 (62 63) */ add %g2,%o4,%g2
+/* 0x0b40 962 (63 64) */ st %o0,[%i0+16]
+/* 0x0b44 963 (63 64) */ add %g2,%g3,%g2
+/* 0x0b48 964 (64 65) */ st %g4,[%i0+8]
+/* 0x0b4c 968 (64 65) */ srlx %g2,32,%o7
+/* 0x0b50 969 (65 66) */ st %g5,[%i0+12]
+/* 0x0b54 970 (66 67) */ st %g2,[%i0+28]
+/* 0x0b58 971 (66 67) */ or %g0,%o7,%i0
+/* 0x0b5c (67 74) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x0b60 (69 71) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000050
+!
+
+ .L77000050: /* frequency 1.0 confidence 0.0 */
+/* 0x0b64 978 ( 0 1) */ subcc %o2,16,%g0
+/* 0x0b68 979 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50
+/* 0x0b6c ( 0 1) */ sethi %hi(0xfff80000),%g2
+/* 0x0b70 981 ( 1 5) */ ldd [%g5],%f4
+/* 0x0b74 982 ( 2 6) */ ldd [%g5+8],%f6
+/* 0x0b78 989 ( 2 3) */ andn %o1,%g2,%g2
+/* 0x0b7c 993 ( 2 3) */ srl %o1,19,%g3
+/* 0x0b80 994 ( 3 7) */ ldd [%g5+16],%f8
+/* 0x0b84 995 ( 4 8) */ fxnor %f0,%f4,%f4
+/* 0x0b88 996 ( 4 5) */ st %g2,[%sp+356]
+/* 0x0b8c 997 ( 5 9) */ ldd [%o0],%f20
+/* 0x0b90 998 ( 5 9) */ fxnor %f0,%f6,%f6
+/* 0x0b94 999 ( 6 7) */ st %g3,[%sp+352]
+/* 0x0b98 1000 ( 6 10) */ fxnor %f0,%f8,%f8
+/* 0x0b9c 1005 ( 7 11) */ ldd [%o0+8],%f30
+/* 0x0ba0 1006 ( 8 13) */ fitod %f4,%f22
+/* 0x0ba4 1007 ( 8 12) */ ldd [%g5+24],%f10
+/* 0x0ba8 1008 ( 9 12) */ fmovs %f20,%f24
+/* 0x0bac 1009 ( 9 13) */ ldd [%g5+32],%f12
+/* 0x0bb0 1010 (10 15) */ fitod %f5,%f4
+/* 0x0bb4 1011 (10 14) */ ldd [%g5+40],%f14
+/* 0x0bb8 1012 (11 14) */ fmovs %f20,%f26
+/* 0x0bbc 1013 (11 15) */ ldd [%g5+48],%f16
+/* 0x0bc0 1014 (12 14) */ ld [%sp+356],%f25
+/* 0x0bc4 1015 (12 17) */ fitod %f6,%f28
+/* 0x0bc8 1016 (13 15) */ ld [%sp+352],%f27
+/* 0x0bcc 1017 (13 18) */ fitod %f8,%f32
+/* 0x0bd0 1018 (14 19) */ fsubd %f30,%f22,%f22
+/* 0x0bd4 1019 (14 18) */ ldd [%g5+56],%f18
+/* 0x0bd8 1020 (15 20) */ fsubd %f24,%f20,%f24
+/* 0x0bdc 1021 (16 21) */ fsubd %f26,%f20,%f20
+/* 0x0be0 1022 (17 22) */ fsubd %f30,%f4,%f4
+/* 0x0be4 1023 (18 23) */ fsubd %f30,%f28,%f26
+/* 0x0be8 1024 (19 24) */ fitod %f7,%f6
+/* 0x0bec 1025 (20 25) */ fsubd %f30,%f32,%f28
+/* 0x0bf0 1026 (20 25) */ fmuld %f22,%f24,%f32
+/* 0x0bf4 1027 (21 26) */ fmuld %f22,%f20,%f22
+/* 0x0bf8 1028 (21 25) */ fxnor %f0,%f10,%f10
+/* 0x0bfc 1029 (22 27) */ fmuld %f4,%f24,%f44
+/* 0x0c00 1030 (22 27) */ fitod %f9,%f8
+/* 0x0c04 1031 (23 28) */ fmuld %f4,%f20,%f4
+/* 0x0c08 1032 (23 27) */ fxnor %f0,%f12,%f12
+/* 0x0c0c 1033 (24 29) */ fsubd %f30,%f6,%f6
+/* 0x0c10 1034 (24 29) */ fmuld %f26,%f24,%f46
+/* 0x0c14 1035 (25 30) */ fitod %f10,%f34
+/* 0x0c18 1036 (26 31) */ fdtox %f22,%f22
+/* 0x0c1c 1037 (26 27) */ std %f22,[%sp+336]
+/* 0x0c20 1038 (27 32) */ fmuld %f26,%f20,%f22
+/* 0x0c24 1039 (27 32) */ fdtox %f44,%f26
+/* 0x0c28 1040 (27 28) */ std %f26,[%sp+328]
+/* 0x0c2c 1041 (28 33) */ fdtox %f4,%f4
+/* 0x0c30 1042 (28 29) */ std %f4,[%sp+320]
+/* 0x0c34 1043 (29 34) */ fmuld %f6,%f24,%f26
+/* 0x0c38 1044 (29 34) */ fsubd %f30,%f8,%f8
+/* 0x0c3c 1045 (30 35) */ fdtox %f46,%f4
+/* 0x0c40 1046 (30 31) */ std %f4,[%sp+312]
+/* 0x0c44 1047 (31 36) */ fmuld %f28,%f24,%f4
+/* 0x0c48 1048 (31 36) */ fdtox %f32,%f32
+/* 0x0c4c 1049 (31 32) */ std %f32,[%sp+344]
+/* 0x0c50 1050 (32 37) */ fitod %f11,%f10
+/* 0x0c54 1051 (32 37) */ fmuld %f6,%f20,%f32
+/* 0x0c58 1052 (33 38) */ fsubd %f30,%f34,%f34
+/* 0x0c5c 1053 (34 39) */ fdtox %f22,%f6
+/* 0x0c60 1054 (34 35) */ std %f6,[%sp+304]
+/* 0x0c64 1058 (35 40) */ fitod %f12,%f36
+/* 0x0c68 1059 (35 40) */ fmuld %f28,%f20,%f6
+/* 0x0c6c 1060 (36 41) */ fdtox %f26,%f22
+/* 0x0c70 1061 (36 37) */ std %f22,[%sp+296]
+/* 0x0c74 1062 (37 42) */ fmuld %f8,%f24,%f22
+/* 0x0c78 1063 (37 42) */ fdtox %f4,%f4
+/* 0x0c7c 1064 (37 38) */ std %f4,[%sp+280]
+/* 0x0c80 1065 (38 43) */ fmuld %f8,%f20,%f8
+/* 0x0c84 1066 (38 43) */ fsubd %f30,%f10,%f10
+/* 0x0c88 1067 (39 44) */ fmuld %f34,%f24,%f4
+/* 0x0c8c 1068 (39 44) */ fitod %f13,%f12
+/* 0x0c90 1069 (40 45) */ fsubd %f30,%f36,%f36
+/* 0x0c94 1070 (41 46) */ fdtox %f6,%f6
+/* 0x0c98 1071 (41 42) */ std %f6,[%sp+272]
+/* 0x0c9c 1072 (42 46) */ fxnor %f0,%f14,%f14
+/* 0x0ca0 1073 (42 47) */ fmuld %f34,%f20,%f6
+/* 0x0ca4 1074 (43 48) */ fdtox %f22,%f22
+/* 0x0ca8 1075 (43 44) */ std %f22,[%sp+264]
+/* 0x0cac 1076 (44 49) */ fdtox %f8,%f8
+/* 0x0cb0 1077 (44 45) */ std %f8,[%sp+256]
+/* 0x0cb4 1078 (44 49) */ fmuld %f10,%f24,%f22
+/* 0x0cb8 1079 (45 50) */ fdtox %f4,%f4
+/* 0x0cbc 1080 (45 46) */ std %f4,[%sp+248]
+/* 0x0cc0 1081 (45 50) */ fmuld %f10,%f20,%f8
+/* 0x0cc4 1082 (46 51) */ fsubd %f30,%f12,%f4
+/* 0x0cc8 1083 (46 51) */ fmuld %f36,%f24,%f10
+/* 0x0ccc 1084 (47 52) */ fitod %f14,%f38
+/* 0x0cd0 1085 (48 53) */ fdtox %f6,%f6
+/* 0x0cd4 1086 (48 49) */ std %f6,[%sp+240]
+/* 0x0cd8 1087 (49 54) */ fdtox %f22,%f12
+/* 0x0cdc 1088 (49 50) */ std %f12,[%sp+232]
+/* 0x0ce0 1089 (49 54) */ fmuld %f36,%f20,%f6
+/* 0x0ce4 1090 (50 55) */ fdtox %f8,%f8
+/* 0x0ce8 1091 (50 51) */ std %f8,[%sp+224]
+/* 0x0cec 1092 (51 56) */ fdtox %f10,%f22
+/* 0x0cf0 1093 (51 52) */ std %f22,[%sp+216]
+/* 0x0cf4 1094 (51 56) */ fmuld %f4,%f24,%f8
+/* 0x0cf8 1095 (52 57) */ fitod %f15,%f14
+/* 0x0cfc 1096 (52 57) */ fmuld %f4,%f20,%f4
+/* 0x0d00 1097 (53 58) */ fsubd %f30,%f38,%f22
+/* 0x0d04 1098 (54 58) */ fxnor %f0,%f16,%f16
+/* 0x0d08 1099 (55 60) */ fdtox %f6,%f6
+/* 0x0d0c 1100 (55 56) */ std %f6,[%sp+208]
+/* 0x0d10 1101 (56 61) */ fdtox %f8,%f6
+/* 0x0d14 1102 (56 57) */ std %f6,[%sp+200]
+/* 0x0d18 1103 (57 62) */ fsubd %f30,%f14,%f10
+/* 0x0d1c 1104 (58 63) */ fitod %f16,%f40
+/* 0x0d20 1105 (58 63) */ fmuld %f22,%f24,%f6
+/* 0x0d24 1106 (59 64) */ fdtox %f4,%f4
+/* 0x0d28 1107 (59 60) */ std %f4,[%sp+192]
+/* 0x0d2c 1108 (60 65) */ fitod %f17,%f16
+/* 0x0d30 1109 (60 65) */ fmuld %f22,%f20,%f4
+/* 0x0d34 1110 (61 65) */ fxnor %f0,%f18,%f18
+/* 0x0d38 1111 (62 67) */ fdtox %f32,%f32
+/* 0x0d3c 1112 (62 63) */ std %f32,[%sp+288]
+/* 0x0d40 1113 (62 67) */ fmuld %f10,%f24,%f8
+/* 0x0d44 1114 (63 68) */ fdtox %f6,%f6
+/* 0x0d48 1115 (63 64) */ std %f6,[%sp+184]
+/* 0x0d4c 1116 (63 68) */ fmuld %f10,%f20,%f22
+/* 0x0d50 1117 (64 69) */ fsubd %f30,%f40,%f6
+/* 0x0d54 1118 (65 70) */ fdtox %f4,%f4
+/* 0x0d58 1119 (65 66) */ std %f4,[%sp+176]
+/* 0x0d5c 1120 (66 71) */ fsubd %f30,%f16,%f10
+/* 0x0d60 1121 (67 72) */ fdtox %f8,%f4
+/* 0x0d64 1122 (67 68) */ std %f4,[%sp+168]
+/* 0x0d68 1123 (68 73) */ fdtox %f22,%f4
+/* 0x0d6c 1124 (68 69) */ std %f4,[%sp+160]
+/* 0x0d70 1125 (69 74) */ fitod %f18,%f42
+/* 0x0d74 1126 (69 74) */ fmuld %f6,%f24,%f4
+/* 0x0d78 1127 (70 75) */ fmuld %f6,%f20,%f22
+/* 0x0d7c 1128 (71 76) */ fmuld %f10,%f24,%f6
+/* 0x0d80 1129 (72 77) */ fmuld %f10,%f20,%f8
+/* 0x0d84 1130 (74 79) */ fdtox %f4,%f4
+/* 0x0d88 1131 (74 75) */ std %f4,[%sp+152]
+/* 0x0d8c 1132 (75 80) */ fsubd %f30,%f42,%f4
+/* 0x0d90 1133 (76 81) */ fdtox %f6,%f6
+/* 0x0d94 1134 (76 77) */ std %f6,[%sp+136]
+/* 0x0d98 1135 (77 82) */ fdtox %f22,%f22
+/* 0x0d9c 1136 (77 78) */ std %f22,[%sp+144]
+/* 0x0da0 1137 (78 83) */ fdtox %f8,%f22
+/* 0x0da4 1138 (78 79) */ std %f22,[%sp+128]
+/* 0x0da8 1139 (79 84) */ fitod %f19,%f22
+/* 0x0dac 1140 (80 85) */ fmuld %f4,%f24,%f6
+/* 0x0db0 1141 (81 86) */ fmuld %f4,%f20,%f4
+/* 0x0db4 1142 (84 89) */ fsubd %f30,%f22,%f22
+/* 0x0db8 1143 (85 90) */ fdtox %f6,%f6
+/* 0x0dbc 1144 (85 86) */ std %f6,[%sp+120]
+/* 0x0dc0 1145 (86 91) */ fdtox %f4,%f4
+/* 0x0dc4 1146 (86 87) */ std %f4,[%sp+112]
+/* 0x0dc8 1150 (87 89) */ ldx [%sp+336],%g2
+/* 0x0dcc 1151 (88 90) */ ldx [%sp+344],%g3
+/* 0x0dd0 1152 (89 91) */ ld [%i1],%g4
+/* 0x0dd4 1153 (89 90) */ sllx %g2,19,%g2
+/* 0x0dd8 1154 (89 94) */ fmuld %f22,%f20,%f4
+/* 0x0ddc 1155 (90 92) */ ldx [%sp+328],%g5
+/* 0x0de0 1156 (90 91) */ add %g3,%g2,%g2
+/* 0x0de4 1157 (90 95) */ fmuld %f22,%f24,%f6
+/* 0x0de8 1158 (91 93) */ ldx [%sp+320],%g3
+/* 0x0dec 1159 (91 92) */ add %g2,%g4,%g4
+/* 0x0df0 1160 (92 94) */ ldx [%sp+304],%o0
+/* 0x0df4 1161 (93 94) */ st %g4,[%i0]
+/* 0x0df8 1162 (93 94) */ sllx %g3,19,%g2
+/* 0x0dfc 1163 (93 94) */ srlx %g4,32,%g4
+/* 0x0e00 1164 (94 96) */ ld [%i1+4],%g3
+/* 0x0e04 1165 (94 95) */ add %g5,%g2,%g2
+/* 0x0e08 1166 (94 99) */ fdtox %f4,%f4
+/* 0x0e0c 1167 (95 97) */ ldx [%sp+312],%g5
+/* 0x0e10 1168 (95 100) */ fdtox %f6,%f6
+/* 0x0e14 1169 (96 98) */ ldx [%sp+288],%o1
+/* 0x0e18 1170 (96 97) */ add %g2,%g3,%g2
+/* 0x0e1c 1171 (96 97) */ sllx %o0,19,%g3
+/* 0x0e20 1172 (97 99) */ ldx [%sp+272],%o2
+/* 0x0e24 1173 (97 98) */ add %g2,%g4,%g2
+/* 0x0e28 1174 (97 98) */ add %g5,%g3,%g3
+/* 0x0e2c 1175 (98 100) */ ld [%i1+8],%g4
+/* 0x0e30 1176 (98 99) */ srlx %g2,32,%o0
+/* 0x0e34 1177 (99 101) */ ldx [%sp+296],%g5
+/* 0x0e38 1178 (100 101) */ st %g2,[%i0+4]
+/* 0x0e3c 1179 (100 101) */ sllx %o2,19,%g2
+/* 0x0e40 1180 (100 101) */ add %g3,%g4,%g3
+/* 0x0e44 1181 (101 103) */ ldx [%sp+256],%o2
+/* 0x0e48 1182 (101 102) */ sllx %o1,19,%g4
+/* 0x0e4c 1183 (101 102) */ add %g3,%o0,%g3
+/* 0x0e50 1184 (102 104) */ ld [%i1+12],%o0
+/* 0x0e54 1185 (102 103) */ srlx %g3,32,%o1
+/* 0x0e58 1186 (102 103) */ add %g5,%g4,%g4
+/* 0x0e5c 1187 (103 105) */ ldx [%sp+280],%g5
+/* 0x0e60 1188 (104 105) */ st %g3,[%i0+8]
+/* 0x0e64 1189 (104 105) */ sllx %o2,19,%g3
+/* 0x0e68 1190 (104 105) */ add %g4,%o0,%g4
+/* 0x0e6c 1191 (105 107) */ ld [%i1+16],%o0
+/* 0x0e70 1192 (105 106) */ add %g5,%g2,%g2
+/* 0x0e74 1193 (105 106) */ add %g4,%o1,%g4
+/* 0x0e78 1194 (106 108) */ ldx [%sp+264],%g5
+/* 0x0e7c 1195 (106 107) */ srlx %g4,32,%o1
+/* 0x0e80 1196 (107 109) */ ldx [%sp+240],%o2
+/* 0x0e84 1197 (107 108) */ add %g2,%o0,%g2
+/* 0x0e88 1198 (108 110) */ ld [%i1+20],%o0
+/* 0x0e8c 1199 (108 109) */ add %g5,%g3,%g3
+/* 0x0e90 1200 (108 109) */ add %g2,%o1,%g2
+/* 0x0e94 1201 (109 111) */ ldx [%sp+248],%g5
+/* 0x0e98 1202 (109 110) */ srlx %g2,32,%o1
+/* 0x0e9c 1203 (110 111) */ st %g4,[%i0+12]
+/* 0x0ea0 1204 (110 111) */ sllx %o2,19,%g4
+/* 0x0ea4 1205 (110 111) */ add %g3,%o0,%g3
+/* 0x0ea8 1206 (111 113) */ ld [%i1+24],%o0
+/* 0x0eac 1207 (111 112) */ add %g5,%g4,%g4
+/* 0x0eb0 1208 (111 112) */ add %g3,%o1,%g3
+/* 0x0eb4 1209 (112 114) */ ldx [%sp+224],%o2
+/* 0x0eb8 1210 (112 113) */ srlx %g3,32,%o1
+/* 0x0ebc 1211 (113 115) */ ldx [%sp+232],%g5
+/* 0x0ec0 1212 (113 114) */ add %g4,%o0,%g4
+/* 0x0ec4 1213 (114 115) */ st %g2,[%i0+16]
+/* 0x0ec8 1214 (114 115) */ sllx %o2,19,%g2
+/* 0x0ecc 1215 (114 115) */ add %g4,%o1,%g4
+/* 0x0ed0 1216 (115 117) */ ld [%i1+28],%o0
+/* 0x0ed4 1217 (115 116) */ srlx %g4,32,%o1
+/* 0x0ed8 1218 (115 116) */ add %g5,%g2,%g2
+/* 0x0edc 1222 (116 118) */ ldx [%sp+208],%o2
+/* 0x0ee0 1223 (117 119) */ ldx [%sp+216],%g5
+/* 0x0ee4 1224 (117 118) */ add %g2,%o0,%g2
+/* 0x0ee8 1225 (118 119) */ st %g3,[%i0+20]
+/* 0x0eec 1226 (118 119) */ sllx %o2,19,%g3
+/* 0x0ef0 1227 (118 119) */ add %g2,%o1,%g2
+/* 0x0ef4 1228 (119 121) */ ld [%i1+32],%o0
+/* 0x0ef8 1229 (119 120) */ srlx %g2,32,%o1
+/* 0x0efc 1230 (119 120) */ add %g5,%g3,%g3
+/* 0x0f00 1231 (120 122) */ ldx [%sp+192],%o2
+/* 0x0f04 1232 (121 123) */ ldx [%sp+200],%g5
+/* 0x0f08 1233 (121 122) */ add %g3,%o0,%g3
+/* 0x0f0c 1234 (122 123) */ st %g4,[%i0+24]
+/* 0x0f10 1235 (122 123) */ sllx %o2,19,%g4
+/* 0x0f14 1236 (122 123) */ add %g3,%o1,%g3
+/* 0x0f18 1237 (123 125) */ ld [%i1+36],%o0
+/* 0x0f1c 1238 (123 124) */ srlx %g3,32,%o1
+/* 0x0f20 1239 (123 124) */ add %g5,%g4,%g4
+/* 0x0f24 1240 (124 126) */ ldx [%sp+176],%o2
+/* 0x0f28 1241 (125 127) */ ldx [%sp+184],%g5
+/* 0x0f2c 1242 (125 126) */ add %g4,%o0,%g4
+/* 0x0f30 1243 (126 127) */ st %g2,[%i0+28]
+/* 0x0f34 1244 (126 127) */ sllx %o2,19,%g2
+/* 0x0f38 1245 (126 127) */ add %g4,%o1,%g4
+/* 0x0f3c 1246 (127 129) */ ld [%i1+40],%o0
+/* 0x0f40 1247 (127 128) */ srlx %g4,32,%o1
+/* 0x0f44 1248 (127 128) */ add %g5,%g2,%g2
+/* 0x0f48 1249 (128 130) */ ldx [%sp+160],%o2
+/* 0x0f4c 1250 (129 131) */ ldx [%sp+168],%g5
+/* 0x0f50 1251 (129 130) */ add %g2,%o0,%g2
+/* 0x0f54 1252 (130 131) */ st %g3,[%i0+32]
+/* 0x0f58 1253 (130 131) */ sllx %o2,19,%g3
+/* 0x0f5c 1254 (130 131) */ add %g2,%o1,%g2
+/* 0x0f60 1255 (131 133) */ ld [%i1+44],%o0
+/* 0x0f64 1256 (131 132) */ srlx %g2,32,%o1
+/* 0x0f68 1257 (131 132) */ add %g5,%g3,%g3
+/* 0x0f6c 1258 (132 134) */ ldx [%sp+144],%o2
+/* 0x0f70 1259 (133 135) */ ldx [%sp+152],%g5
+/* 0x0f74 1260 (133 134) */ add %g3,%o0,%g3
+/* 0x0f78 1261 (134 135) */ st %g4,[%i0+36]
+/* 0x0f7c 1262 (134 135) */ sllx %o2,19,%g4
+/* 0x0f80 1263 (134 135) */ add %g3,%o1,%g3
+/* 0x0f84 1264 (135 137) */ ld [%i1+48],%o0
+/* 0x0f88 1265 (135 136) */ srlx %g3,32,%o1
+/* 0x0f8c 1266 (135 136) */ add %g5,%g4,%g4
+/* 0x0f90 1267 (136 138) */ ldx [%sp+128],%o2
+/* 0x0f94 1268 (137 139) */ ldx [%sp+136],%g5
+/* 0x0f98 1269 (137 138) */ add %g4,%o0,%g4
+/* 0x0f9c 1270 (138 139) */ std %f4,[%sp+96]
+/* 0x0fa0 1271 (138 139) */ add %g4,%o1,%g4
+/* 0x0fa4 1272 (139 140) */ st %g2,[%i0+40]
+/* 0x0fa8 1273 (139 140) */ sllx %o2,19,%g2
+/* 0x0fac 1274 (139 140) */ srlx %g4,32,%o1
+/* 0x0fb0 1275 (140 142) */ ld [%i1+52],%o0
+/* 0x0fb4 1276 (140 141) */ add %g5,%g2,%g2
+/* 0x0fb8 1277 (141 142) */ std %f6,[%sp+104]
+/* 0x0fbc 1278 (142 144) */ ldx [%sp+120],%g5
+/* 0x0fc0 1279 (142 143) */ add %g2,%o0,%g2
+/* 0x0fc4 1280 (143 144) */ st %g3,[%i0+44]
+/* 0x0fc8 1281 (143 144) */ add %g2,%o1,%g2
+/* 0x0fcc 1282 (144 146) */ ldx [%sp+112],%o2
+/* 0x0fd0 1283 (144 145) */ srlx %g2,32,%o1
+/* 0x0fd4 1284 (145 147) */ ld [%i1+56],%o0
+/* 0x0fd8 1285 (146 147) */ st %g4,[%i0+48]
+/* 0x0fdc 1286 (146 147) */ sllx %o2,19,%g3
+/* 0x0fe0 1287 (147 149) */ ldx [%sp+96],%o2
+/* 0x0fe4 1288 (147 148) */ add %g5,%g3,%g3
+/* 0x0fe8 1289 (148 150) */ ldx [%sp+104],%g5
+/* 0x0fec 1290 (148 149) */ add %g3,%o0,%g3
+/* 0x0ff0 1291 (149 151) */ ld [%i1+60],%o0
+/* 0x0ff4 1292 (149 150) */ sllx %o2,19,%g4
+/* 0x0ff8 1293 (149 150) */ add %g3,%o1,%g3
+/* 0x0ffc 1294 (150 151) */ st %g2,[%i0+52]
+/* 0x1000 1295 (150 151) */ srlx %g3,32,%o1
+/* 0x1004 1296 (150 151) */ add %g5,%g4,%g4
+/* 0x1008 1297 (151 152) */ st %g3,[%i0+56]
+/* 0x100c 1298 (151 152) */ add %g4,%o0,%g2
+/* 0x1010 1299 (152 153) */ add %g2,%o1,%g2
+/* 0x1014 1300 (152 153) */ st %g2,[%i0+60]
+/* 0x1018 1304 (153 154) */ srlx %g2,32,%o7
+
+!
+! ENTRY .L77000061
+!
+
+ .L77000061: /* frequency 1.0 confidence 0.0 */
+/* 0x119c 1437 ( 0 1) */ or %g0,%o7,%i0
+
+!
+! ENTRY .L900000159
+!
+
+ .L900000159: /* frequency 1.0 confidence 0.0 */
+/* 0x11a0 ( 0 7) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x11a4 ( 2 4) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000073
+!
+
+ .L77000073: /* frequency 1.0 confidence 0.0 */
+ or %g0, %i4, %o2
+ or %g0, %o0, %o1
+ or %g0, %i3, %o0
+
+!
+! ENTRY .L77000052
+!
+
+ .L77000052: /* frequency 1.0 confidence 0.0 */
+/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2
+/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+96]
+/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3
+/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14
+/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2
+/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+92]
+/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5
+/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2
+/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6
+/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1800),%g1
+/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2
+/* 0x1054 1337 ( 3 4) */ xor %g1,-304,%g1
+/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20
+/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3
+/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8
+/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3
+/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10
+/* 0x106c 1343 ( 5 7) */ ld [%sp+96],%f9
+/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0
+/* 0x1074 1345 ( 6 8) */ ld [%sp+92],%f11
+/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1800),%g1
+/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1
+/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18
+/* 0x1084 1349 ( 7 8) */ xor %g1,-296,%g1
+/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4
+/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16
+/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50
+/* 0x1094 ( 8 9) */ subcc %o0,0,%g0
+/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2
+/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1800),%g1
+/* 0x10a0 1356 (10 11) */ xor %g1,-288,%g1
+/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0
+/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7
+/* 0x10ac 1359 (11 12) */ sethi %hi(0x1800),%g1
+/* 0x10b0 1360 (12 13) */ xor %g1,-280,%g1
+/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4
+/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50
+/* 0x10bc (13 14) */ sub %o3,2,%o2
+/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2
+/* 0x10c4 1365 (14 15) */ add %o1,16,%g5
+/* 0x10c8 1366 (14 15) */ or %g0,4,%g4
+/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0
+/* 0x10d0 1368 (15 16) */ add %o1,8,%o1
+/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6
+/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4
+/* 0x10dc 1371 (16 17) */ add %o1,16,%o1
+/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12
+/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0
+/* 0x10e8 1374 (17 18) */ add %o1,8,%o1
+/* 0x10ec 1375 (18 21) */ fitod %f7,%f2
+/* 0x10f0 1376 (19 22) */ fitod %f6,%f6
+/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10
+/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2
+/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8
+/* 0x1100 1380 (23 26) */ fitod %f13,%f4
+/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6
+/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0
+
+!
+! ENTRY .L990000154
+!
+
+ .L990000154: /* frequency 1.0 confidence 0.0 */
+/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24
+/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4
+/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4
+/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22
+/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26
+/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0
+/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7
+/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28
+/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6
+/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2
+/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3
+/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0
+/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4
+/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2
+/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12
+/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6
+/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96]
+/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96]
+/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2
+/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6
+/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96]
+/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1
+/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12
+/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4
+/* 0x116c 1408 (10 11) */ std %f0,[%o4-96]
+/* 0x1170 1409 (11 14) */ ldd [%o1],%f0
+/* 0x1174 1410 (11 14) */ fitod %f9,%f2
+/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28
+/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24
+/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22
+/* 0x1184 1414 (13 16) */ fdtox %f4,%f4
+/* 0x1188 1415 (14 17) */ fitod %f10,%f6
+/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10
+/* 0x1190 1417 (15 18) */ fdtox %f24,%f24
+/* 0x1194 1418 (16 19) */ fdtox %f22,%f22
+/* 0x1198 1419 (16 17) */ std %f24,[%g3-64]
+/* 0x119c 1420 (17 18) */ std %f22,[%g2-64]
+/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10
+/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6
+/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64]
+/* 0x11ac 1424 (18 19) */ add %o1,8,%o1
+/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10
+/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0
+/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64]
+/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22
+/* 0x11c0 1429 (20 23) */ fitod %f13,%f4
+/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2
+/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26
+/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24
+/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0
+/* 0x11d4 1434 (23 26) */ fitod %f8,%f6
+/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8
+/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26
+/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24
+/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32]
+/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32]
+/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8
+/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6
+/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32]
+/* 0x11f8 1443 (27 28) */ add %o1,8,%o1
+/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8
+/* 0x1200 1445 (28 29) */ std %f0,[%o4-32]
+/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50
+/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0
+
+!
+! ENTRY .L990000157
+!
+
+ .L990000157: /* frequency 1.0 confidence 0.0 */
+/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28
+/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24
+/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3
+/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12
+/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26
+/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2
+/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4
+/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22
+/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7
+/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6
+/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128]
+/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4
+/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2
+/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0
+/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6
+/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24
+/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10
+/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128]
+/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10
+/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128]
+/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26
+/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10
+/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2
+/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22
+/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12
+/* 0x1270 1474 (10 13) */ fdtox %f0,%f0
+/* 0x1274 1475 (10 11) */ std %f0,[%o4-128]
+/* 0x1278 1476 (11 14) */ fitod %f8,%f4
+/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6
+/* 0x1280 1478 (12 15) */ fdtox %f26,%f0
+/* 0x1284 1479 (12 13) */ std %f0,[%g3-96]
+/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10
+/* 0x128c 1481 (13 16) */ fdtox %f2,%f2
+/* 0x1290 1482 (13 14) */ std %f2,[%g2-96]
+/* 0x1294 1483 (14 17) */ fitod %f9,%f0
+/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2
+/* 0x129c 1485 (15 18) */ fdtox %f24,%f8
+/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96]
+/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4
+/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8
+/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12
+/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96]
+/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0
+/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6
+/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64]
+/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10
+/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64]
+/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6
+/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2
+/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64]
+/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4
+/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2
+/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8
+/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64]
+/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6
+/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32]
+/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0
+/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4
+/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32]
+/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2
+/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32]
+/* 0x1300 1510 (26 29) */ fdtox %f0,%f0
+/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50
+/* 0x1308 (26 27) */ std %f0,[%o4-32]
+
+!
+! ENTRY .L77000054
+!
+
+ .L77000054: /* frequency 1.0 confidence 0.0 */
+/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0
+
+!
+! ENTRY .L990000161
+!
+
+ .L990000161: /* frequency 1.0 confidence 0.0 */
+/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0
+/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4
+/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1
+/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0
+/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2
+/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0
+/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2
+/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0
+/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6
+/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4
+/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2
+/* 0x133c 1527 (11 14) */ fdtox %f6,%f6
+/* 0x1340 1528 (11 12) */ std %f6,[%g3]
+/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0
+/* 0x1348 1530 (12 15) */ fdtox %f4,%f4
+/* 0x134c 1531 (12 13) */ std %f4,[%g2]
+/* 0x1350 1532 (12 13) */ add %g2,32,%g2
+/* 0x1354 1533 (13 16) */ fdtox %f2,%f2
+/* 0x1358 1534 (13 14) */ std %f2,[%o7]
+/* 0x135c 1535 (13 14) */ add %o7,32,%o7
+/* 0x1360 1536 (14 17) */ fdtox %f0,%f0
+/* 0x1364 1537 (14 15) */ std %f0,[%o4]
+/* 0x1368 1538 (14 15) */ add %o4,32,%o4
+/* 0x136c 1539 (15 16) */ add %g3,32,%g3
+/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50
+/* 0x1374 (16 19) */ ldd [%o1],%f0
+
+!
+! ENTRY .L77000056
+!
+
+ .L77000056: /* frequency 1.0 confidence 0.0 */
+/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0
+
+!
+! ENTRY .L990000162
+!
+
+ .L990000162: /* frequency 1.0 confidence 0.0 */
+/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50
+/* 0x1380 ( 0 1) */ nop
+/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1800),%g1
+/* 0x1388 1556 ( 1 2) */ xor %g1,-304,%g1
+/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4
+/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5
+/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1800),%g1
+/* 0x1398 1560 ( 3 4) */ xor %g1,-296,%g1
+/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7
+/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2
+/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2
+/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3
+/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0
+/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50
+/* 0x13b4 ( 6 7) */ sethi %hi(0x1800),%g1
+/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2
+/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3
+/* 0x13c0 1570 ( 7 8) */ xor %g1,-264,%g1
+/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4
+/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2
+/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1800),%g1
+/* 0x13d0 1574 ( 9 10) */ xor %g1,-272,%g1
+/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2
+/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5
+/* 0x13dc 1577 (10 11) */ sethi %hi(0x1800),%g1
+/* 0x13e0 1578 (11 12) */ xor %g1,-296,%g1
+/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1
+/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1
+/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0
+/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1
+/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3
+/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0
+/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1
+/* 0x1400 1586 (16 17) */ add %g4,8,%g4
+/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3
+/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0
+/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2
+/* 0x1410 1590 (18 19) */ st %o0,[%g3-4]
+/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0
+
+!
+! ENTRY .L990000142
+!
+
+ .L990000142: /* frequency 1.0 confidence 0.0 */
+/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2
+/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2
+/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3
+/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5
+/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1
+/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0
+/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2
+/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0
+/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1
+/* 0x143c 1602 ( 4 5) */ st %o1,[%g3]
+/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5
+/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0
+/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1
+/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0
+/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3
+/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2
+/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0
+/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3
+/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1
+/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0
+/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12]
+/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5
+/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4
+/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0
+/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1
+/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2
+/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3
+/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2
+/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1
+/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0
+/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2
+/* 0x1494 1624 (12 13) */ st %o2,[%g3-8]
+/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5
+/* 0x149c 1626 (12 13) */ add %g5,64,%g5
+/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2
+/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0
+/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1
+/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0
+/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3
+/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2
+/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0
+/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4]
+/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50
+/* 0x14c4 (16 17) */ srlx %o0,32,%o0
+
+!
+! ENTRY .L990000145
+!
+
+ .L990000145: /* frequency 1.0 confidence 0.0 */
+/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3
+/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3
+/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2
+/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0
+/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0
+/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4]
+/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0
+/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50
+/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5
+
+!
+! ENTRY .L77000058
+!
+
+ .L77000058: /* frequency 1.0 confidence 0.0 */
+/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2
+
+!
+! ENTRY .L990000160
+!
+
+ .L990000160: /* frequency 1.0 confidence 0.0 */
+/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3
+/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0
+/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2
+/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1
+/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2
+/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2
+/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0
+/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5
+/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0
+/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4
+/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0
+/* 0x151c 1661 ( 4 5) */ st %o0,[%g3]
+/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0
+/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5
+/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3
+/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50
+/* 0x1530 ( 6 8) */ ldx [%g2],%o2
+
+!
+! ENTRY .L77770061
+!
+
+ .L77770061: /* frequency 1.0 confidence 0.0 */
+/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0
+
+/* 0x11a8 1441 ( 0 0) */ .type mul_add,2
+/* 0x11a8 1442 ( 0 0) */ .size mul_add,(.-mul_add)
+/* 0x11a8 1445 ( 0 0) */ .align 16
+/* 0x11b0 1451 ( 0 0) */ .global mul_add_inp
+
+!
+! ENTRY mul_add_inp
+!
+
+ .global mul_add_inp
+ mul_add_inp: /* frequency 1.0 confidence 0.0 */
+/* 0x11b0 1453 ( 0 1) */ or %g0,%o2,%g1
+/* 0x11b4 1454 ( 0 1) */ or %g0,%o3,%o4
+/* 0x11b8 1455 ( 1 2) */ or %g0,%o0,%g3
+/* 0x11bc 1456 ( 1 2) */ or %g0,%o1,%g2
+/* 0x11c0 1466 ( 2 3) */ or %g0,%g1,%o3
+/* 0x11c4 1467 ( 2 3) */ or %g0,%g3,%o1
+/* 0x11c8 1468 ( 3 4) */ or %g0,%g2,%o2
+/* 0x11cc 1469 ( 3 4) */ or %g0,%o7,%g1
+/* 0x11d0 1470 ( 4 6) */ call mul_add ! params = ! Result =
+/* 0x11d4 ( 5 6) */ or %g0,%g1,%o7
+/* 0x11d8 1472 ( 0 0) */ .type mul_add_inp,2
+/* 0x11d8 1473 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp)
+
+ .section ".data",#alloc,#write
+/* 0x11d8 6 ( 0 0) */ .align 8
+
+!
+! ENTRY mask_cnst
+!
+
+ mask_cnst: /* frequency 1.0 confidence 0.0 */
+/* 0x11d8 8 ( 0 0) */ .word -2147483648
+/* 0x11dc 9 ( 0 0) */ .word -2147483648
+/* 0x11e0 10 ( 0 0) */ .type mask_cnst,#object
+/* 0x11e0 11 ( 0 0) */ .size mask_cnst,8
+
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv9.s b/security/nss/lib/freebl/mpi/mpv_sparcv9.s
new file mode 100644
index 000000000..e2fbe0bd0
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpv_sparcv9.s
@@ -0,0 +1,1645 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .section ".text",#alloc,#execinstr
+/* 000000 0 ( 0 0) */ .register %g2,#scratch
+/* 000000 ( 0 0) */ .register %g3,#scratch
+/* 000000 3 ( 0 0) */ .file "mpv_sparc.c"
+/* 000000 15 ( 0 0) */ .align 8
+!
+! SUBROUTINE .L_const_seg_900000101
+!
+! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
+
+ .L_const_seg_900000101: /* frequency 1.0 confidence 0.0 */
+/* 000000 20 ( 0 0) */ .word 1127219200,0
+/* 0x0008 21 ( 0 0) */ .word 1105199103,-4194304
+/* 0x0010 22 ( 0 0) */ .align 8
+/* 0x0010 28 ( 0 0) */ .global mul_add
+
+!
+! ENTRY mul_add
+!
+
+ .global mul_add
+ mul_add: /* frequency 1.0 confidence 0.0 */
+/* 0x0010 30 ( 0 1) */ sethi %hi(0x1c00),%g1
+/* 0x0014 31 ( 0 1) */ sethi %hi(mask_cnst),%g2
+/* 0x0018 32 ( 1 2) */ xor %g1,-48,%g1
+/* 0x001c 33 ( 1 2) */ add %g2,%lo(mask_cnst),%g2
+/* 0x0020 34 ( 2 3) */ save %sp,%g1,%sp
+
+!
+! ENTRY .L900000149
+!
+
+ .L900000149: /* frequency 1.0 confidence 0.0 */
+/* 0x0024 36 ( 0 2) */ call (.+0x8) ! params = ! Result =
+/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
+/* 0x002c 178 ( 2 3) */ sethi %hi(.L_const_seg_900000101),%g3
+/* 0x0030 179 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
+/* 0x0034 180 ( 3 4) */ add %g3,%lo(.L_const_seg_900000101),%g3
+/* 0x0038 181 ( 3 4) */ add %g5,%o7,%o1
+/* 0x003c 182 ( 4 5) */ sethi %hi(0x80000),%g4
+/* 0x0040 183 ( 4 6) */ ldx [%o1+%g2],%g2
+/* 0x0044 184 ( 4 5) */ or %g0,%i2,%o2
+/* 0x0048 185 ( 5 6) */ subcc %i4,%g4,%g0
+/* 0x004c 186 ( 5 7) */ ldx [%o1+%g3],%o0
+/* 0x0050 187 ( 6 7) */ or %g0,%i0,%o7
+/* 0x0054 188 ( 6 7) */ or %g0,%i1,%o5
+/* 0x0058 189 ( 6 9) */ ldd [%g2],%f0
+/* 0x005c 190 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50
+/* 0x0060 ( 7 8) */ subcc %i3,8,%g0
+/* 0x0064 192 ( 7 8) */ bne,pn %icc,.L900000158 ! tprob=0.50
+/* 0x0068 ( 8 9) */ subcc %i3,16,%g0
+/* 0x006c 194 ( 9 12) */ ldd [%o2],%f4
+/* 0x0070 195 (10 11) */ st %i4,[%sp+2287]
+/* 0x0074 196 (11 14) */ ldd [%o0],%f8
+/* 0x0078 197 (11 13) */ fxnor %f0,%f4,%f4
+/* 0x007c 198 (12 15) */ ldd [%o2+8],%f10
+/* 0x0080 199 (13 16) */ fitod %f4,%f12
+/* 0x0084 200 (13 16) */ ldd [%o0+8],%f14
+/* 0x0088 201 (14 17) */ ld [%sp+2287],%f7
+/* 0x008c 202 (14 17) */ fitod %f5,%f4
+/* 0x0090 203 (15 17) */ fxnor %f0,%f10,%f10
+/* 0x0094 204 (15 18) */ ldd [%o2+16],%f16
+/* 0x0098 205 (16 19) */ ldd [%o2+24],%f18
+/* 0x009c 206 (17 20) */ fsubd %f14,%f4,%f4
+/* 0x00a0 210 (17 20) */ ld [%i1],%g2
+/* 0x00a4 211 (18 20) */ fxnor %f0,%f16,%f16
+/* 0x00a8 212 (18 21) */ ld [%i1+4],%g3
+/* 0x00ac 213 (19 22) */ ld [%i1+8],%g4
+/* 0x00b0 214 (20 23) */ fitod %f16,%f20
+/* 0x00b4 215 (20 23) */ ld [%i1+16],%o0
+/* 0x00b8 216 (21 24) */ ld [%i1+12],%g5
+/* 0x00bc 217 (22 25) */ ld [%i1+20],%o1
+/* 0x00c0 218 (23 26) */ ld [%i1+24],%o2
+/* 0x00c4 219 (24 25) */ fmovs %f8,%f6
+/* 0x00c8 220 (24 27) */ ld [%i1+28],%o3
+/* 0x00cc 221 (26 29) */ fsubd %f6,%f8,%f6
+/* 0x00d0 222 (27 30) */ fsubd %f14,%f12,%f8
+/* 0x00d4 223 (28 31) */ fitod %f10,%f12
+/* 0x00d8 224 (29 32) */ fmuld %f4,%f6,%f4
+/* 0x00dc 225 (29 32) */ fitod %f11,%f10
+/* 0x00e0 226 (30 33) */ fmuld %f8,%f6,%f8
+/* 0x00e4 227 (31 34) */ fsubd %f14,%f12,%f12
+/* 0x00e8 228 (32 35) */ fdtox %f4,%f4
+/* 0x00ec 229 (32 33) */ std %f4,[%sp+2271]
+/* 0x00f0 230 (33 36) */ fdtox %f8,%f8
+/* 0x00f4 231 (33 34) */ std %f8,[%sp+2279]
+/* 0x00f8 232 (34 37) */ fmuld %f12,%f6,%f12
+/* 0x00fc 233 (34 37) */ fsubd %f14,%f10,%f10
+/* 0x0100 234 (35 38) */ fsubd %f14,%f20,%f4
+/* 0x0104 235 (36 39) */ fitod %f17,%f8
+/* 0x0108 236 (37 39) */ fxnor %f0,%f18,%f16
+/* 0x010c 237 (37 39) */ ldx [%sp+2279],%o4
+/* 0x0110 238 (37 40) */ fmuld %f10,%f6,%f10
+/* 0x0114 239 (38 41) */ fdtox %f12,%f12
+/* 0x0118 240 (38 39) */ std %f12,[%sp+2263]
+/* 0x011c 241 (38 41) */ fmuld %f4,%f6,%f4
+/* 0x0120 242 (39 42) */ fitod %f16,%f18
+/* 0x0124 243 (39 40) */ add %o4,%g2,%g2
+/* 0x0128 244 (39 40) */ st %g2,[%i0]
+/* 0x012c 245 (40 42) */ ldx [%sp+2271],%o4
+/* 0x0130 246 (40 43) */ fsubd %f14,%f8,%f8
+/* 0x0134 247 (40 41) */ srax %g2,32,%o5
+/* 0x0138 248 (41 44) */ fdtox %f10,%f10
+/* 0x013c 249 (41 42) */ std %f10,[%sp+2255]
+/* 0x0140 250 (42 45) */ fdtox %f4,%f4
+/* 0x0144 251 (42 43) */ std %f4,[%sp+2247]
+/* 0x0148 252 (42 43) */ add %o4,%g3,%o4
+/* 0x014c 253 (43 46) */ fitod %f17,%f12
+/* 0x0150 254 (43 45) */ ldx [%sp+2263],%g2
+/* 0x0154 255 (43 44) */ add %o4,%o5,%g3
+/* 0x0158 256 (43 46) */ fmuld %f8,%f6,%f8
+/* 0x015c 257 (44 47) */ fsubd %f14,%f18,%f10
+/* 0x0160 258 (44 45) */ st %g3,[%i0+4]
+/* 0x0164 259 (44 45) */ srax %g3,32,%g3
+/* 0x0168 260 (45 46) */ add %g2,%g4,%g4
+/* 0x016c 261 (45 47) */ ldx [%sp+2255],%g2
+/* 0x0170 262 (46 49) */ fsubd %f14,%f12,%f4
+/* 0x0174 263 (46 47) */ add %g4,%g3,%g3
+/* 0x0178 264 (46 48) */ ldx [%sp+2247],%g4
+/* 0x017c 265 (47 50) */ fmuld %f10,%f6,%f10
+/* 0x0180 266 (47 50) */ fdtox %f8,%f8
+/* 0x0184 267 (47 48) */ std %f8,[%sp+2239]
+/* 0x0188 268 (48 49) */ add %g4,%o0,%g4
+/* 0x018c 269 (48 49) */ add %g2,%g5,%g2
+/* 0x0190 270 (48 49) */ st %g3,[%i0+8]
+/* 0x0194 271 (49 52) */ fmuld %f4,%f6,%f4
+/* 0x0198 272 (49 50) */ srax %g3,32,%o0
+/* 0x019c 273 (49 51) */ ldx [%sp+2239],%g5
+/* 0x01a0 274 (50 53) */ fdtox %f10,%f6
+/* 0x01a4 275 (50 51) */ std %f6,[%sp+2231]
+/* 0x01a8 276 (50 51) */ add %g2,%o0,%g2
+/* 0x01ac 277 (51 52) */ srax %g2,32,%g3
+/* 0x01b0 278 (51 52) */ add %g5,%o1,%o1
+/* 0x01b4 279 (51 52) */ st %g2,[%i0+12]
+/* 0x01b8 280 (52 55) */ fdtox %f4,%f4
+/* 0x01bc 281 (52 53) */ std %f4,[%sp+2223]
+/* 0x01c0 282 (52 53) */ add %g4,%g3,%g3
+/* 0x01c4 283 (53 54) */ srax %g3,32,%g4
+/* 0x01c8 284 (53 54) */ st %g3,[%i0+16]
+/* 0x01cc 285 (54 56) */ ldx [%sp+2231],%o0
+/* 0x01d0 286 (54 55) */ add %o1,%g4,%g4
+/* 0x01d4 287 (55 56) */ srax %g4,32,%g2
+/* 0x01d8 288 (55 57) */ ldx [%sp+2223],%g5
+/* 0x01dc 289 (56 57) */ add %o0,%o2,%o2
+/* 0x01e0 290 (56 57) */ st %g4,[%i0+20]
+/* 0x01e4 291 (57 58) */ add %o2,%g2,%g2
+/* 0x01e8 292 (57 58) */ add %g5,%o3,%g5
+/* 0x01ec 293 (57 58) */ st %g2,[%i0+24]
+/* 0x01f0 294 (58 59) */ srax %g2,32,%g3
+/* 0x01f4 295 (59 60) */ add %g5,%g3,%g2
+/* 0x01f8 296 (59 60) */ st %g2,[%i0+28]
+/* 0x01fc 300 (60 61) */ srax %g2,32,%o3
+/* 0x0200 301 (61 62) */ srl %o3,0,%i0
+/* 0x0204 (62 64) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x0208 (64 65) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L900000158
+!
+
+ .L900000158: /* frequency 1.0 confidence 0.0 */
+/* 0x020c 308 ( 0 1) */ bne,a,pn %icc,.L900000157 ! tprob=0.50
+/* 0x0210 ( 0 1) */ st %i4,[%sp+2223]
+/* 0x0214 315 ( 1 4) */ ldd [%o2],%f4
+/* 0x0218 316 ( 2 3) */ st %i4,[%sp+2351]
+/* 0x021c 317 ( 3 6) */ ldd [%o0],%f8
+/* 0x0220 318 ( 3 5) */ fxnor %f0,%f4,%f4
+/* 0x0224 319 ( 4 7) */ ldd [%o2+8],%f10
+/* 0x0228 320 ( 5 8) */ ldd [%o0+8],%f14
+/* 0x022c 321 ( 5 8) */ fitod %f4,%f12
+/* 0x0230 322 ( 6 9) */ ld [%sp+2351],%f7
+/* 0x0234 323 ( 6 8) */ fxnor %f0,%f10,%f10
+/* 0x0238 324 ( 7 10) */ ldd [%o2+16],%f16
+/* 0x023c 325 ( 7 10) */ fitod %f5,%f4
+/* 0x0240 326 ( 8 11) */ ldd [%o2+24],%f18
+/* 0x0244 330 ( 9 12) */ ldd [%o2+32],%f20
+/* 0x0248 331 ( 9 11) */ fxnor %f0,%f16,%f16
+/* 0x024c 335 (10 13) */ ld [%i1],%g2
+/* 0x0250 336 (10 13) */ fsubd %f14,%f4,%f4
+/* 0x0254 337 (11 14) */ ldd [%o2+40],%f22
+/* 0x0258 338 (11 14) */ fitod %f16,%f28
+/* 0x025c 339 (12 15) */ ld [%i1+4],%g3
+/* 0x0260 340 (13 16) */ ld [%i1+8],%g4
+/* 0x0264 341 (13 15) */ fxnor %f0,%f22,%f22
+/* 0x0268 342 (14 17) */ ld [%i1+12],%g5
+/* 0x026c 343 (15 18) */ ld [%i1+16],%o0
+/* 0x0270 344 (16 19) */ ldd [%o2+48],%f24
+/* 0x0274 345 (17 20) */ ld [%i1+20],%o1
+/* 0x0278 346 (17 18) */ fmovs %f8,%f6
+/* 0x027c 347 (18 21) */ ldd [%o2+56],%f26
+/* 0x0280 348 (19 22) */ ld [%i1+24],%o2
+/* 0x0284 349 (19 22) */ fsubd %f6,%f8,%f6
+/* 0x0288 350 (20 23) */ ld [%i1+28],%o3
+/* 0x028c 351 (20 23) */ fsubd %f14,%f12,%f8
+/* 0x0290 355 (21 24) */ ld [%i1+32],%o4
+/* 0x0294 356 (21 24) */ fitod %f10,%f12
+/* 0x0298 357 (22 25) */ ld [%i1+36],%o7
+/* 0x029c 358 (22 25) */ fitod %f11,%f10
+/* 0x02a0 359 (22 25) */ fmuld %f4,%f6,%f4
+/* 0x02a4 360 (23 26) */ ld [%i1+40],%l1
+/* 0x02a8 361 (23 26) */ fmuld %f8,%f6,%f8
+/* 0x02ac 362 (24 27) */ ld [%i1+56],%l5
+/* 0x02b0 363 (24 27) */ fsubd %f14,%f12,%f12
+/* 0x02b4 364 (25 28) */ fsubd %f14,%f10,%f10
+/* 0x02b8 365 (26 29) */ fdtox %f8,%f8
+/* 0x02bc 366 (26 27) */ std %f8,[%sp+2343]
+/* 0x02c0 367 (27 30) */ fitod %f17,%f8
+/* 0x02c4 368 (27 30) */ fmuld %f12,%f6,%f12
+/* 0x02c8 369 (28 31) */ fdtox %f4,%f4
+/* 0x02cc 370 (28 29) */ std %f4,[%sp+2335]
+/* 0x02d0 371 (28 31) */ fmuld %f10,%f6,%f10
+/* 0x02d4 372 (29 31) */ fxnor %f0,%f18,%f16
+/* 0x02d8 373 (30 33) */ fdtox %f12,%f12
+/* 0x02dc 374 (30 31) */ std %f12,[%sp+2327]
+/* 0x02e0 375 (31 33) */ ldx [%sp+2343],%o5
+/* 0x02e4 376 (31 34) */ fsubd %f14,%f8,%f8
+/* 0x02e8 377 (32 35) */ fsubd %f14,%f28,%f4
+/* 0x02ec 378 (33 36) */ fitod %f17,%f12
+/* 0x02f0 379 (33 34) */ add %o5,%g2,%g2
+/* 0x02f4 380 (33 34) */ st %g2,[%i0]
+/* 0x02f8 381 (34 36) */ ldx [%sp+2335],%o5
+/* 0x02fc 382 (34 37) */ fitod %f16,%f18
+/* 0x0300 383 (34 35) */ srax %g2,32,%l0
+/* 0x0304 384 (35 37) */ fxnor %f0,%f20,%f16
+/* 0x0308 385 (35 38) */ fmuld %f8,%f6,%f20
+/* 0x030c 386 (36 39) */ fdtox %f10,%f10
+/* 0x0310 387 (36 37) */ std %f10,[%sp+2319]
+/* 0x0314 388 (36 37) */ add %o5,%g3,%g3
+/* 0x0318 389 (36 39) */ fmuld %f4,%f6,%f4
+/* 0x031c 390 (37 40) */ fitod %f16,%f8
+/* 0x0320 391 (37 38) */ add %g3,%l0,%g3
+/* 0x0324 392 (37 38) */ st %g3,[%i0+4]
+/* 0x0328 393 (38 40) */ ldx [%sp+2327],%o5
+/* 0x032c 394 (38 41) */ fsubd %f14,%f18,%f18
+/* 0x0330 395 (38 39) */ srax %g3,32,%l3
+/* 0x0334 396 (39 41) */ ldx [%sp+2319],%l2
+/* 0x0338 397 (39 42) */ fdtox %f4,%f4
+/* 0x033c 398 (40 41) */ std %f4,[%sp+2311]
+/* 0x0340 399 (40 43) */ fdtox %f20,%f20
+/* 0x0344 400 (40 41) */ add %o5,%g4,%g4
+/* 0x0348 401 (41 42) */ std %f20,[%sp+2303]
+/* 0x034c 402 (41 44) */ fsubd %f14,%f12,%f4
+/* 0x0350 403 (41 42) */ add %g4,%l3,%g4
+/* 0x0354 404 (41 44) */ fmuld %f18,%f6,%f18
+/* 0x0358 405 (42 43) */ st %g4,[%i0+8]
+/* 0x035c 406 (42 45) */ fitod %f17,%f16
+/* 0x0360 407 (42 43) */ srax %g4,32,%l4
+/* 0x0364 408 (43 46) */ ld [%i1+44],%l0
+/* 0x0368 409 (43 46) */ fsubd %f14,%f8,%f20
+/* 0x036c 410 (43 44) */ add %l2,%g5,%l2
+/* 0x0370 411 (44 46) */ ldx [%sp+2311],%g5
+/* 0x0374 412 (44 47) */ fitod %f22,%f8
+/* 0x0378 413 (44 45) */ add %l2,%l4,%l2
+/* 0x037c 414 (44 47) */ fmuld %f4,%f6,%f4
+/* 0x0380 415 (45 46) */ st %l2,[%i0+12]
+/* 0x0384 416 (45 48) */ fsubd %f14,%f16,%f10
+/* 0x0388 417 (46 49) */ ld [%i1+52],%l3
+/* 0x038c 418 (46 49) */ fdtox %f18,%f18
+/* 0x0390 419 (46 47) */ add %g5,%o0,%l4
+/* 0x0394 420 (46 49) */ fmuld %f20,%f6,%f12
+/* 0x0398 421 (47 48) */ std %f18,[%sp+2295]
+/* 0x039c 422 (47 48) */ srax %l2,32,%o0
+/* 0x03a0 423 (47 50) */ fitod %f23,%f16
+/* 0x03a4 424 (48 51) */ ld [%i1+48],%o5
+/* 0x03a8 425 (48 51) */ fsubd %f14,%f8,%f8
+/* 0x03ac 426 (48 49) */ add %l4,%o0,%l4
+/* 0x03b0 427 (49 50) */ st %l4,[%i0+16]
+/* 0x03b4 428 (49 50) */ srax %l4,32,%o0
+/* 0x03b8 429 (49 51) */ fxnor %f0,%f24,%f18
+/* 0x03bc 430 (50 52) */ ldx [%sp+2303],%g5
+/* 0x03c0 431 (50 53) */ fdtox %f4,%f4
+/* 0x03c4 432 (51 52) */ std %f4,[%sp+2287]
+/* 0x03c8 433 (51 54) */ fdtox %f12,%f12
+/* 0x03cc 434 (51 54) */ fmuld %f10,%f6,%f4
+/* 0x03d0 435 (52 53) */ std %f12,[%sp+2279]
+/* 0x03d4 436 (52 55) */ fsubd %f14,%f16,%f12
+/* 0x03d8 437 (52 53) */ add %g5,%o1,%g2
+/* 0x03dc 438 (52 55) */ fmuld %f8,%f6,%f8
+/* 0x03e0 439 (53 55) */ ldx [%sp+2295],%g5
+/* 0x03e4 440 (53 56) */ fitod %f18,%f10
+/* 0x03e8 441 (53 54) */ add %g2,%o0,%g2
+/* 0x03ec 442 (54 55) */ st %g2,[%i0+20]
+/* 0x03f0 443 (54 57) */ fitod %f19,%f16
+/* 0x03f4 444 (54 55) */ srax %g2,32,%o0
+/* 0x03f8 445 (55 58) */ fdtox %f8,%f8
+/* 0x03fc 446 (55 56) */ std %f8,[%sp+2263]
+/* 0x0400 447 (55 56) */ add %g5,%o2,%g3
+/* 0x0404 448 (56 58) */ ldx [%sp+2287],%g5
+/* 0x0408 449 (56 59) */ fsubd %f14,%f10,%f10
+/* 0x040c 450 (56 57) */ add %g3,%o0,%g3
+/* 0x0410 451 (57 58) */ st %g3,[%i0+24]
+/* 0x0414 452 (57 60) */ fsubd %f14,%f16,%f8
+/* 0x0418 453 (57 58) */ srax %g3,32,%o0
+/* 0x041c 454 (58 61) */ fdtox %f4,%f4
+/* 0x0420 455 (58 59) */ std %f4,[%sp+2271]
+/* 0x0424 456 (58 59) */ add %g5,%o3,%g4
+/* 0x0428 457 (59 61) */ fxnor %f0,%f26,%f18
+/* 0x042c 458 (59 62) */ fmuld %f12,%f6,%f4
+/* 0x0430 459 (59 60) */ add %g4,%o0,%g4
+/* 0x0434 460 (60 61) */ st %g4,[%i0+28]
+/* 0x0438 461 (60 63) */ fmuld %f10,%f6,%f10
+/* 0x043c 462 (60 61) */ srax %g4,32,%o0
+/* 0x0440 463 (61 63) */ ldx [%sp+2279],%g5
+/* 0x0444 464 (61 64) */ fitod %f18,%f12
+/* 0x0448 465 (61 64) */ fmuld %f8,%f6,%f8
+/* 0x044c 466 (62 65) */ fdtox %f4,%f4
+/* 0x0450 467 (62 63) */ std %f4,[%sp+2255]
+/* 0x0454 468 (63 64) */ add %g5,%o4,%l2
+/* 0x0458 469 (63 65) */ ldx [%sp+2271],%g5
+/* 0x045c 470 (63 66) */ fdtox %f10,%f16
+/* 0x0460 471 (64 67) */ fsubd %f14,%f12,%f4
+/* 0x0464 472 (64 65) */ std %f16,[%sp+2247]
+/* 0x0468 473 (64 65) */ add %l2,%o0,%l2
+/* 0x046c 474 (65 68) */ fdtox %f8,%f8
+/* 0x0470 475 (65 66) */ std %f8,[%sp+2239]
+/* 0x0474 476 (65 66) */ add %g5,%o7,%l4
+/* 0x0478 477 (66 69) */ fitod %f19,%f10
+/* 0x047c 478 (66 68) */ ldx [%sp+2263],%g5
+/* 0x0480 479 (66 67) */ srax %l2,32,%o0
+/* 0x0484 480 (67 68) */ add %l4,%o0,%l4
+/* 0x0488 481 (67 70) */ fmuld %f4,%f6,%f4
+/* 0x048c 482 (67 69) */ ldx [%sp+2255],%o0
+/* 0x0490 483 (68 69) */ srax %l4,32,%o1
+/* 0x0494 484 (68 69) */ add %g5,%l1,%l1
+/* 0x0498 485 (68 69) */ st %l2,[%i0+32]
+/* 0x049c 486 (69 72) */ fsubd %f14,%f10,%f8
+/* 0x04a0 487 (69 71) */ ldx [%sp+2239],%o3
+/* 0x04a4 488 (69 70) */ add %l1,%o1,%o1
+/* 0x04a8 489 (70 72) */ ldx [%sp+2247],%g5
+/* 0x04ac 490 (70 71) */ srax %o1,32,%o2
+/* 0x04b0 491 (70 71) */ add %o0,%l0,%o0
+/* 0x04b4 492 (71 74) */ fdtox %f4,%f4
+/* 0x04b8 493 (71 72) */ std %f4,[%sp+2231]
+/* 0x04bc 494 (71 72) */ add %o0,%o2,%o2
+/* 0x04c0 495 (72 73) */ add %o3,%l3,%l3
+/* 0x04c4 496 (72 75) */ fmuld %f8,%f6,%f4
+/* 0x04c8 497 (72 73) */ add %g5,%o5,%g5
+/* 0x04cc 498 (73 74) */ srax %o2,32,%o3
+/* 0x04d0 499 (73 74) */ st %l4,[%i0+36]
+/* 0x04d4 500 (74 75) */ add %g5,%o3,%g2
+/* 0x04d8 501 (74 76) */ ldx [%sp+2231],%o0
+/* 0x04dc 502 (75 76) */ srax %g2,32,%g3
+/* 0x04e0 503 (75 78) */ fdtox %f4,%f4
+/* 0x04e4 504 (75 76) */ std %f4,[%sp+2223]
+/* 0x04e8 505 (76 77) */ st %o1,[%i0+40]
+/* 0x04ec 506 (76 77) */ add %l3,%g3,%g3
+/* 0x04f0 507 (76 77) */ add %o0,%l5,%g5
+/* 0x04f4 508 (77 78) */ st %o2,[%i0+44]
+/* 0x04f8 509 (77 78) */ srax %g3,32,%g4
+/* 0x04fc 510 (78 79) */ st %g2,[%i0+48]
+/* 0x0500 511 (78 79) */ add %g5,%g4,%g4
+/* 0x0504 512 (79 80) */ st %g3,[%i0+52]
+/* 0x0508 513 (79 80) */ srax %g4,32,%g5
+/* 0x050c 514 (80 83) */ ld [%i1+60],%g3
+/* 0x0510 515 (81 83) */ ldx [%sp+2223],%g2
+/* 0x0514 516 (82 83) */ st %g4,[%i0+56]
+/* 0x0518 517 (83 84) */ add %g2,%g3,%g2
+/* 0x051c 518 (84 85) */ add %g2,%g5,%g2
+/* 0x0520 519 (84 85) */ st %g2,[%i0+60]
+/* 0x0524 523 (85 86) */ srax %g2,32,%o3
+/* 0x0528 524 (86 87) */ srl %o3,0,%i0
+/* 0x052c (87 89) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x0530 (89 90) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L900000157
+!
+
+ .L900000157: /* frequency 1.0 confidence 0.0 */
+/* 0x0534 532 ( 0 1) */ fmovd %f0,%f14
+/* 0x0538 533 ( 0 3) */ ldd [%o0],%f8
+/* 0x053c 539 ( 0 1) */ add %i3,1,%g2
+/* 0x0540 540 ( 1 4) */ ld [%sp+2223],%f7
+/* 0x0544 541 ( 1 2) */ srl %g2,31,%g3
+/* 0x0548 545 ( 1 2) */ add %fp,-217,%g4
+/* 0x054c 546 ( 2 3) */ add %g2,%g3,%g2
+/* 0x0550 547 ( 2 3) */ or %g0,0,%g5
+/* 0x0554 548 ( 2 5) */ ldd [%o0+8],%f18
+/* 0x0558 549 ( 3 4) */ fmovs %f8,%f6
+/* 0x055c 550 ( 3 4) */ sra %g2,1,%o1
+/* 0x0560 551 ( 3 4) */ or %g0,0,%o0
+/* 0x0564 552 ( 4 5) */ subcc %o1,0,%g0
+/* 0x0568 553 ( 5 6) */ or %g0,%o1,%o3
+/* 0x056c 554 ( 5 8) */ fsubd %f6,%f8,%f16
+/* 0x0570 555 ( 5 6) */ ble,pt %icc,.L900000156 ! tprob=0.50
+/* 0x0574 ( 6 7) */ subcc %i3,0,%g0
+/* 0x0578 557 ( 6 7) */ sub %o1,1,%g2
+/* 0x057c 558 ( 7 8) */ or %g0,0,%i0
+/* 0x0580 559 ( 7 8) */ or %g0,1,%g3
+/* 0x0584 560 ( 8 9) */ subcc %o3,10,%g0
+/* 0x0588 561 ( 8 9) */ bl,pn %icc,.L77000077 ! tprob=0.50
+/* 0x058c ( 9 10) */ or %g0,0,%o1
+/* 0x0590 563 ( 9 12) */ ldd [%i2+8],%f0
+/* 0x0594 564 ( 9 10) */ sub %o3,3,%o3
+/* 0x0598 565 (10 13) */ ldd [%i2],%f2
+/* 0x059c 566 (10 11) */ or %g0,7,%o0
+/* 0x05a0 567 (10 11) */ or %g0,2,%i0
+/* 0x05a4 568 (11 13) */ fxnor %f14,%f0,%f8
+/* 0x05a8 569 (11 14) */ ldd [%i2+16],%f4
+/* 0x05ac 570 (11 12) */ or %g0,16,%o2
+/* 0x05b0 571 (12 14) */ fxnor %f14,%f2,%f2
+/* 0x05b4 572 (12 15) */ ldd [%i2+24],%f6
+/* 0x05b8 573 (12 13) */ or %g0,48,%o4
+/* 0x05bc 574 (13 16) */ fitod %f8,%f12
+/* 0x05c0 575 (13 14) */ or %g0,24,%o1
+/* 0x05c4 576 (13 14) */ or %g0,3,%g3
+/* 0x05c8 577 (14 17) */ fitod %f2,%f0
+/* 0x05cc 578 (15 18) */ fitod %f3,%f20
+/* 0x05d0 579 (15 18) */ ldd [%i2+32],%f2
+/* 0x05d4 580 (16 19) */ fitod %f9,%f10
+/* 0x05d8 581 (16 19) */ ldd [%i2+40],%f8
+/* 0x05dc 582 (17 20) */ fsubd %f18,%f0,%f0
+/* 0x05e0 583 (18 21) */ fsubd %f18,%f20,%f22
+/* 0x05e4 584 (19 22) */ fsubd %f18,%f12,%f20
+/* 0x05e8 585 (19 22) */ ldd [%i2+48],%f12
+/* 0x05ec 586 (20 23) */ fsubd %f18,%f10,%f10
+/* 0x05f0 587 (20 23) */ fmuld %f0,%f16,%f0
+/* 0x05f4 588 (21 23) */ fxnor %f14,%f4,%f4
+/* 0x05f8 589 (21 24) */ fmuld %f22,%f16,%f22
+/* 0x05fc 590 (22 24) */ fxnor %f14,%f6,%f6
+/* 0x0600 591 (22 25) */ fmuld %f20,%f16,%f20
+/* 0x0604 592 (23 26) */ fdtox %f0,%f0
+/* 0x0608 593 (23 24) */ std %f0,[%fp-217]
+/* 0x060c 594 (23 26) */ fmuld %f10,%f16,%f10
+/* 0x0610 595 (24 27) */ fdtox %f22,%f22
+/* 0x0614 596 (24 25) */ std %f22,[%fp-209]
+/* 0x0618 597 (25 28) */ fitod %f5,%f0
+/* 0x061c 598 (26 29) */ fdtox %f10,%f10
+/* 0x0620 599 (27 30) */ fdtox %f20,%f20
+/* 0x0624 600 (27 28) */ std %f20,[%fp-201]
+/* 0x0628 601 (28 31) */ fitod %f4,%f4
+/* 0x062c 602 (28 29) */ std %f10,[%fp-193]
+/* 0x0630 603 (29 31) */ fxnor %f14,%f2,%f10
+/* 0x0634 604 (30 33) */ fitod %f7,%f2
+/* 0x0638 605 (31 34) */ fsubd %f18,%f0,%f0
+/* 0x063c 606 (32 35) */ fsubd %f18,%f4,%f4
+/* 0x0640 607 (33 35) */ fxnor %f14,%f8,%f8
+
+!
+! ENTRY .L900000144
+!
+
+ .L900000144: /* frequency 1.0 confidence 0.0 */
+/* 0x0644 609 ( 0 3) */ fitod %f11,%f22
+/* 0x0648 610 ( 0 1) */ add %o0,3,%o0
+/* 0x064c 611 ( 0 1) */ add %g3,6,%g3
+/* 0x0650 612 ( 0 3) */ fmuld %f0,%f16,%f0
+/* 0x0654 613 ( 1 4) */ fmuld %f4,%f16,%f24
+/* 0x0658 614 ( 1 2) */ subcc %o0,%o3,%g0
+/* 0x065c 615 ( 1 2) */ add %i0,6,%i0
+/* 0x0660 616 ( 1 4) */ fsubd %f18,%f2,%f2
+/* 0x0664 617 ( 2 5) */ fitod %f6,%f4
+/* 0x0668 618 ( 3 6) */ fdtox %f0,%f0
+/* 0x066c 619 ( 3 4) */ add %o4,8,%i1
+/* 0x0670 620 ( 4 7) */ ldd [%i2+%i1],%f20
+/* 0x0674 621 ( 4 7) */ fdtox %f24,%f6
+/* 0x0678 622 ( 4 5) */ add %o2,16,%o4
+/* 0x067c 623 ( 5 8) */ fsubd %f18,%f4,%f4
+/* 0x0680 624 ( 5 6) */ std %f6,[%o4+%g4]
+/* 0x0684 625 ( 5 6) */ add %o1,16,%o2
+/* 0x0688 626 ( 6 8) */ fxnor %f14,%f12,%f6
+/* 0x068c 627 ( 6 7) */ std %f0,[%o2+%g4]
+/* 0x0690 628 ( 7 10) */ fitod %f9,%f0
+/* 0x0694 629 ( 7 10) */ fmuld %f2,%f16,%f2
+/* 0x0698 630 ( 8 11) */ fmuld %f4,%f16,%f24
+/* 0x069c 631 ( 8 11) */ fsubd %f18,%f22,%f12
+/* 0x06a0 632 ( 9 12) */ fitod %f10,%f4
+/* 0x06a4 633 (10 13) */ fdtox %f2,%f2
+/* 0x06a8 634 (10 11) */ add %i1,8,%o1
+/* 0x06ac 635 (11 14) */ ldd [%i2+%o1],%f22
+/* 0x06b0 636 (11 14) */ fdtox %f24,%f10
+/* 0x06b4 637 (11 12) */ add %o4,16,%i4
+/* 0x06b8 638 (12 15) */ fsubd %f18,%f4,%f4
+/* 0x06bc 639 (12 13) */ std %f10,[%i4+%g4]
+/* 0x06c0 640 (12 13) */ add %o2,16,%i1
+/* 0x06c4 641 (13 15) */ fxnor %f14,%f20,%f10
+/* 0x06c8 642 (13 14) */ std %f2,[%i1+%g4]
+/* 0x06cc 643 (14 17) */ fitod %f7,%f2
+/* 0x06d0 644 (14 17) */ fmuld %f12,%f16,%f12
+/* 0x06d4 645 (15 18) */ fmuld %f4,%f16,%f24
+/* 0x06d8 646 (15 18) */ fsubd %f18,%f0,%f0
+/* 0x06dc 647 (16 19) */ fitod %f8,%f4
+/* 0x06e0 648 (17 20) */ fdtox %f12,%f20
+/* 0x06e4 649 (17 18) */ add %o1,8,%o4
+/* 0x06e8 650 (18 21) */ ldd [%i2+%o4],%f12
+/* 0x06ec 651 (18 21) */ fdtox %f24,%f8
+/* 0x06f0 652 (18 19) */ add %i4,16,%o2
+/* 0x06f4 653 (19 22) */ fsubd %f18,%f4,%f4
+/* 0x06f8 654 (19 20) */ std %f8,[%o2+%g4]
+/* 0x06fc 655 (19 20) */ add %i1,16,%o1
+/* 0x0700 656 (20 22) */ fxnor %f14,%f22,%f8
+/* 0x0704 657 (20 21) */ ble,pt %icc,.L900000144 ! tprob=0.50
+/* 0x0708 (20 21) */ std %f20,[%o1+%g4]
+
+!
+! ENTRY .L900000147
+!
+
+ .L900000147: /* frequency 1.0 confidence 0.0 */
+/* 0x070c 660 ( 0 3) */ fitod %f6,%f6
+/* 0x0710 661 ( 0 3) */ fmuld %f4,%f16,%f24
+/* 0x0714 662 ( 0 1) */ add %i4,32,%l4
+/* 0x0718 663 ( 1 4) */ fsubd %f18,%f2,%f2
+/* 0x071c 664 ( 1 4) */ fmuld %f0,%f16,%f22
+/* 0x0720 665 ( 1 2) */ add %i1,32,%l3
+/* 0x0724 666 ( 2 5) */ fitod %f10,%f28
+/* 0x0728 667 ( 2 3) */ sra %o0,0,%o2
+/* 0x072c 668 ( 2 3) */ add %i4,48,%l2
+/* 0x0730 669 ( 3 6) */ fsubd %f18,%f6,%f4
+/* 0x0734 670 ( 3 4) */ add %i1,48,%l1
+/* 0x0738 671 ( 3 4) */ add %i4,64,%l0
+/* 0x073c 672 ( 4 7) */ fitod %f11,%f26
+/* 0x0740 673 ( 4 5) */ sllx %o2,3,%o1
+/* 0x0744 674 ( 4 5) */ add %i1,64,%i5
+/* 0x0748 675 ( 5 8) */ fitod %f8,%f6
+/* 0x074c 676 ( 5 6) */ add %i4,80,%i4
+/* 0x0750 677 ( 5 6) */ add %i1,80,%i1
+/* 0x0754 678 ( 6 8) */ fxnor %f14,%f12,%f0
+/* 0x0758 679 ( 6 9) */ fmuld %f4,%f16,%f20
+/* 0x075c 680 ( 6 7) */ add %i4,16,%o4
+/* 0x0760 681 ( 7 10) */ fitod %f9,%f4
+/* 0x0764 682 ( 7 10) */ fmuld %f2,%f16,%f12
+/* 0x0768 683 ( 7 8) */ add %i1,16,%o3
+/* 0x076c 684 ( 8 11) */ fsubd %f18,%f28,%f10
+/* 0x0770 685 ( 8 9) */ subcc %o0,%g2,%g0
+/* 0x0774 686 ( 8 9) */ add %g3,12,%g3
+/* 0x0778 687 ( 9 12) */ fitod %f0,%f2
+/* 0x077c 688 (10 13) */ fsubd %f18,%f26,%f8
+/* 0x0780 689 (11 14) */ fitod %f1,%f0
+/* 0x0784 690 (11 14) */ fmuld %f10,%f16,%f10
+/* 0x0788 691 (12 15) */ fdtox %f24,%f24
+/* 0x078c 692 (12 13) */ std %f24,[%l4+%g4]
+/* 0x0790 693 (12 13) */ add %i0,12,%i0
+/* 0x0794 694 (13 16) */ fsubd %f18,%f6,%f6
+/* 0x0798 695 (13 16) */ fmuld %f8,%f16,%f8
+/* 0x079c 696 (14 17) */ fdtox %f22,%f22
+/* 0x07a0 697 (14 15) */ std %f22,[%l3+%g4]
+/* 0x07a4 698 (15 18) */ fsubd %f18,%f4,%f4
+/* 0x07a8 699 (16 19) */ fdtox %f20,%f20
+/* 0x07ac 700 (16 17) */ std %f20,[%l2+%g4]
+/* 0x07b0 701 (16 19) */ fmuld %f6,%f16,%f6
+/* 0x07b4 702 (17 20) */ fsubd %f18,%f2,%f2
+/* 0x07b8 703 (18 21) */ fsubd %f18,%f0,%f0
+/* 0x07bc 704 (18 21) */ fmuld %f4,%f16,%f4
+/* 0x07c0 705 (19 22) */ fdtox %f12,%f12
+/* 0x07c4 706 (19 20) */ std %f12,[%l1+%g4]
+/* 0x07c8 707 (20 23) */ fdtox %f10,%f10
+/* 0x07cc 708 (20 21) */ std %f10,[%l0+%g4]
+/* 0x07d0 709 (20 23) */ fmuld %f2,%f16,%f2
+/* 0x07d4 710 (21 24) */ fdtox %f8,%f8
+/* 0x07d8 711 (21 22) */ std %f8,[%i5+%g4]
+/* 0x07dc 712 (21 24) */ fmuld %f0,%f16,%f0
+/* 0x07e0 713 (22 25) */ fdtox %f6,%f6
+/* 0x07e4 714 (22 23) */ std %f6,[%i4+%g4]
+/* 0x07e8 715 (23 26) */ fdtox %f4,%f4
+/* 0x07ec 716 (23 24) */ std %f4,[%i1+%g4]
+/* 0x07f0 717 (24 27) */ fdtox %f2,%f2
+/* 0x07f4 718 (24 25) */ std %f2,[%o4+%g4]
+/* 0x07f8 719 (25 28) */ fdtox %f0,%f0
+/* 0x07fc 720 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50
+/* 0x0800 (25 26) */ std %f0,[%o3+%g4]
+
+!
+! ENTRY .L77000077
+!
+
+ .L77000077: /* frequency 1.0 confidence 0.0 */
+/* 0x0804 723 ( 0 3) */ ldd [%i2+%o1],%f0
+
+!
+! ENTRY .L900000155
+!
+
+ .L900000155: /* frequency 1.0 confidence 0.0 */
+/* 0x0808 725 ( 0 2) */ fxnor %f14,%f0,%f0
+/* 0x080c 726 ( 0 1) */ sra %i0,0,%o1
+/* 0x0810 727 ( 0 1) */ add %o0,1,%o0
+/* 0x0814 728 ( 1 2) */ sllx %o1,3,%i4
+/* 0x0818 729 ( 1 2) */ add %i0,2,%i0
+/* 0x081c 730 ( 2 5) */ fitod %f0,%f2
+/* 0x0820 731 ( 2 3) */ sra %g3,0,%o1
+/* 0x0824 732 ( 2 3) */ add %g3,2,%g3
+/* 0x0828 733 ( 3 6) */ fitod %f1,%f0
+/* 0x082c 734 ( 3 4) */ sllx %o1,3,%i1
+/* 0x0830 735 ( 3 4) */ subcc %o0,%g2,%g0
+/* 0x0834 736 ( 4 5) */ sra %o0,0,%o2
+/* 0x0838 737 ( 5 8) */ fsubd %f18,%f2,%f2
+/* 0x083c 738 ( 5 6) */ sllx %o2,3,%o1
+/* 0x0840 739 ( 6 9) */ fsubd %f18,%f0,%f0
+/* 0x0844 740 ( 8 11) */ fmuld %f2,%f16,%f2
+/* 0x0848 741 ( 9 12) */ fmuld %f0,%f16,%f0
+/* 0x084c 742 (11 14) */ fdtox %f2,%f2
+/* 0x0850 743 (11 12) */ std %f2,[%i4+%g4]
+/* 0x0854 744 (12 15) */ fdtox %f0,%f0
+/* 0x0858 745 (12 13) */ std %f0,[%i1+%g4]
+/* 0x085c 746 (12 13) */ ble,a,pt %icc,.L900000155 ! tprob=0.50
+/* 0x0860 (14 17) */ ldd [%i2+%o1],%f0
+
+!
+! ENTRY .L77000043
+!
+
+ .L77000043: /* frequency 1.0 confidence 0.0 */
+/* 0x0864 754 ( 0 1) */ subcc %i3,0,%g0
+
+!
+! ENTRY .L900000156
+!
+
+ .L900000156: /* frequency 1.0 confidence 0.0 */
+/* 0x0868 756 ( 0 1) */ ble,a,pt %icc,.L77000061 ! tprob=0.50
+/* 0x086c ( 0 1) */ or %g0,%g5,%o3
+/* 0x0870 761 ( 0 2) */ ldx [%fp-209],%i1
+/* 0x0874 762 ( 1 2) */ sub %i3,1,%g3
+/* 0x0878 763 ( 1 2) */ or %g0,0,%i0
+/* 0x087c 764 ( 2 3) */ subcc %i3,5,%g0
+/* 0x0880 765 ( 2 3) */ bl,pn %icc,.L77000078 ! tprob=0.50
+/* 0x0884 ( 2 4) */ ldx [%fp-217],%i2
+/* 0x0888 767 ( 3 6) */ ld [%o5],%i3
+/* 0x088c 768 ( 3 4) */ or %g0,8,%g2
+/* 0x0890 769 ( 3 4) */ or %g0,16,%o4
+/* 0x0894 770 ( 4 5) */ sub %g3,1,%o3
+/* 0x0898 771 ( 4 5) */ or %g0,3,%i0
+/* 0x089c 772 ( 5 6) */ add %i2,%i3,%o1
+/* 0x08a0 773 ( 5 8) */ ld [%o5+4],%i2
+/* 0x08a4 774 ( 6 7) */ st %o1,[%o7]
+/* 0x08a8 775 ( 6 7) */ srax %o1,32,%o1
+/* 0x08ac 776 ( 7 9) */ ldx [%fp-201],%o2
+/* 0x08b0 777 ( 7 8) */ add %i1,%i2,%o0
+/* 0x08b4 778 ( 7 8) */ or %g0,%o1,%i1
+/* 0x08b8 779 ( 8 11) */ ld [%o5+8],%o1
+/* 0x08bc 780 ( 8 9) */ add %o0,%i1,%o0
+/* 0x08c0 781 ( 9 10) */ st %o0,[%o7+4]
+/* 0x08c4 782 ( 9 10) */ srax %o0,32,%o0
+
+!
+! ENTRY .L900000140
+!
+
+ .L900000140: /* frequency 1.0 confidence 0.0 */
+/* 0x08c8 784 ( 0 1) */ add %g2,4,%i1
+/* 0x08cc 785 ( 0 1) */ add %o4,8,%o4
+/* 0x08d0 786 ( 1 3) */ ldx [%o4+%g4],%i2
+/* 0x08d4 787 ( 1 2) */ sra %o0,0,%g5
+/* 0x08d8 788 ( 1 2) */ add %o2,%o1,%o1
+/* 0x08dc 789 ( 2 5) */ ld [%o5+%i1],%o0
+/* 0x08e0 790 ( 2 3) */ add %o1,%g5,%o1
+/* 0x08e4 791 ( 2 3) */ add %i0,2,%i0
+/* 0x08e8 792 ( 3 4) */ st %o1,[%o7+%g2]
+/* 0x08ec 793 ( 3 4) */ srax %o1,32,%g5
+/* 0x08f0 794 ( 3 4) */ subcc %i0,%o3,%g0
+/* 0x08f4 795 ( 4 5) */ add %g2,8,%g2
+/* 0x08f8 796 ( 4 5) */ add %o4,8,%o4
+/* 0x08fc 797 ( 5 7) */ ldx [%o4+%g4],%o2
+/* 0x0900 798 ( 5 6) */ add %i2,%o0,%o0
+/* 0x0904 799 ( 6 9) */ ld [%o5+%g2],%o1
+/* 0x0908 800 ( 6 7) */ add %o0,%g5,%o0
+/* 0x090c 801 ( 7 8) */ st %o0,[%o7+%i1]
+/* 0x0910 802 ( 7 8) */ ble,pt %icc,.L900000140 ! tprob=0.50
+/* 0x0914 ( 7 8) */ srax %o0,32,%o0
+
+!
+! ENTRY .L900000143
+!
+
+ .L900000143: /* frequency 1.0 confidence 0.0 */
+/* 0x0918 805 ( 0 1) */ sra %o0,0,%o3
+/* 0x091c 806 ( 0 1) */ add %o2,%o1,%o0
+/* 0x0920 807 ( 1 2) */ add %o0,%o3,%o0
+/* 0x0924 808 ( 1 2) */ st %o0,[%o7+%g2]
+/* 0x0928 809 ( 1 2) */ subcc %i0,%g3,%g0
+/* 0x092c 810 ( 2 3) */ srax %o0,32,%g5
+/* 0x0930 811 ( 2 3) */ bg,a,pn %icc,.L77000061 ! tprob=0.50
+/* 0x0934 ( 3 4) */ or %g0,%g5,%o3
+
+!
+! ENTRY .L77000078
+!
+
+ .L77000078: /* frequency 1.0 confidence 0.0 */
+/* 0x0938 814 ( 0 1) */ sra %i0,0,%o0
+
+!
+! ENTRY .L900000154
+!
+
+ .L900000154: /* frequency 1.0 confidence 0.0 */
+/* 0x093c 816 ( 0 1) */ sllx %o0,2,%g2
+/* 0x0940 817 ( 0 1) */ add %i0,1,%i0
+/* 0x0944 818 ( 1 2) */ sllx %o0,3,%o4
+/* 0x0948 819 ( 1 4) */ ld [%o5+%g2],%o2
+/* 0x094c 820 ( 1 2) */ subcc %i0,%g3,%g0
+/* 0x0950 821 ( 2 4) */ ldx [%o4+%g4],%o0
+/* 0x0954 822 ( 2 3) */ sra %g5,0,%o1
+/* 0x0958 823 ( 4 5) */ add %o0,%o2,%o0
+/* 0x095c 824 ( 5 6) */ add %o0,%o1,%o0
+/* 0x0960 825 ( 5 6) */ st %o0,[%o7+%g2]
+/* 0x0964 826 ( 6 7) */ srax %o0,32,%g5
+/* 0x0968 827 ( 6 7) */ ble,pt %icc,.L900000154 ! tprob=0.50
+/* 0x096c ( 7 8) */ sra %i0,0,%o0
+
+!
+! ENTRY .L77000047
+!
+
+ .L77000047: /* frequency 1.0 confidence 0.0 */
+/* 0x0970 834 ( 0 1) */ or %g0,%g5,%o3
+
+!
+! ENTRY .L77000061
+!
+
+ .L77000061: /* frequency 1.0 confidence 0.0 */
+
+/* 0x0974 835 ( 1 2) */ srl %o3,0,%i0
+/* 0x0978 ( 2 4) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x097c ( 4 5) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000048
+!
+
+ .L77000048: /* frequency 1.0 confidence 0.0 */
+/* 0x0980 844 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50
+/* 0x0984 ( 0 1) */ sethi %hi(0xfff80000),%g2
+/* 0x0988 854 ( 0 3) */ ldd [%o2],%f4
+/* 0x098c 855 ( 1 4) */ ldd [%o0],%f6
+/* 0x0990 856 ( 1 2) */ srl %i4,19,%g3
+/* 0x0994 857 ( 1 2) */ andn %i4,%g2,%g2
+/* 0x0998 858 ( 2 3) */ st %g3,[%sp+2351]
+/* 0x099c 859 ( 2 4) */ fxnor %f0,%f4,%f4
+/* 0x09a0 860 ( 3 4) */ st %g2,[%sp+2355]
+/* 0x09a4 861 ( 4 7) */ ldd [%o2+8],%f12
+/* 0x09a8 862 ( 4 7) */ fitod %f4,%f10
+/* 0x09ac 863 ( 5 8) */ ldd [%o0+8],%f16
+/* 0x09b0 864 ( 5 8) */ fitod %f5,%f4
+/* 0x09b4 865 ( 6 9) */ ldd [%o2+16],%f18
+/* 0x09b8 866 ( 6 8) */ fxnor %f0,%f12,%f12
+/* 0x09bc 867 ( 7 10) */ ld [%sp+2351],%f9
+/* 0x09c0 868 ( 7 10) */ fsubd %f16,%f10,%f10
+/* 0x09c4 869 ( 8 11) */ ld [%sp+2355],%f15
+/* 0x09c8 870 ( 8 11) */ fitod %f12,%f22
+/* 0x09cc 871 ( 9 12) */ ldd [%o2+24],%f20
+/* 0x09d0 872 ( 9 12) */ fitod %f13,%f12
+/* 0x09d4 876 (10 13) */ ld [%i1],%g2
+/* 0x09d8 877 (10 13) */ fsubd %f16,%f4,%f4
+/* 0x09dc 878 (11 14) */ ld [%i1+4],%g3
+/* 0x09e0 879 (11 14) */ fsubd %f16,%f22,%f22
+/* 0x09e4 880 (12 15) */ ld [%i1+8],%g4
+/* 0x09e8 881 (12 14) */ fxnor %f0,%f18,%f18
+/* 0x09ec 882 (13 16) */ ld [%i1+12],%g5
+/* 0x09f0 883 (13 16) */ fsubd %f16,%f12,%f12
+/* 0x09f4 884 (14 17) */ ld [%i1+16],%o0
+/* 0x09f8 885 (14 17) */ fitod %f18,%f26
+/* 0x09fc 886 (15 18) */ ld [%i1+20],%o1
+/* 0x0a00 887 (15 17) */ fxnor %f0,%f20,%f20
+/* 0x0a04 888 (16 19) */ ld [%i1+24],%o2
+/* 0x0a08 889 (17 20) */ ld [%i1+28],%o3
+/* 0x0a0c 890 (19 20) */ fmovs %f6,%f8
+/* 0x0a10 891 (20 21) */ fmovs %f6,%f14
+/* 0x0a14 892 (22 25) */ fsubd %f8,%f6,%f8
+/* 0x0a18 893 (23 26) */ fsubd %f14,%f6,%f6
+/* 0x0a1c 894 (25 28) */ fmuld %f10,%f8,%f14
+/* 0x0a20 895 (26 29) */ fmuld %f10,%f6,%f10
+/* 0x0a24 896 (27 30) */ fmuld %f4,%f8,%f24
+/* 0x0a28 897 (28 31) */ fdtox %f14,%f14
+/* 0x0a2c 898 (28 29) */ std %f14,[%sp+2335]
+/* 0x0a30 899 (28 31) */ fmuld %f22,%f8,%f28
+/* 0x0a34 900 (29 32) */ fitod %f19,%f14
+/* 0x0a38 901 (29 32) */ fmuld %f22,%f6,%f18
+/* 0x0a3c 902 (30 33) */ fdtox %f10,%f10
+/* 0x0a40 903 (30 31) */ std %f10,[%sp+2343]
+/* 0x0a44 904 (30 33) */ fmuld %f4,%f6,%f4
+/* 0x0a48 905 (31 34) */ fmuld %f12,%f8,%f22
+/* 0x0a4c 906 (32 35) */ fdtox %f18,%f18
+/* 0x0a50 907 (32 33) */ std %f18,[%sp+2311]
+/* 0x0a54 908 (32 35) */ fmuld %f12,%f6,%f10
+/* 0x0a58 909 (33 35) */ ldx [%sp+2335],%o4
+/* 0x0a5c 910 (33 36) */ fdtox %f24,%f12
+/* 0x0a60 911 (34 35) */ std %f12,[%sp+2319]
+/* 0x0a64 912 (34 37) */ fsubd %f16,%f26,%f12
+/* 0x0a68 913 (35 37) */ ldx [%sp+2343],%o5
+/* 0x0a6c 914 (35 36) */ sllx %o4,19,%o4
+/* 0x0a70 915 (35 38) */ fdtox %f4,%f4
+/* 0x0a74 916 (36 37) */ std %f4,[%sp+2327]
+/* 0x0a78 917 (36 39) */ fdtox %f28,%f24
+/* 0x0a7c 918 (37 38) */ std %f24,[%sp+2303]
+/* 0x0a80 919 (37 40) */ fitod %f20,%f4
+/* 0x0a84 920 (37 38) */ add %o5,%o4,%o4
+/* 0x0a88 921 (37 40) */ fmuld %f12,%f8,%f24
+/* 0x0a8c 922 (38 40) */ ldx [%sp+2319],%o7
+/* 0x0a90 923 (38 41) */ fsubd %f16,%f14,%f14
+/* 0x0a94 924 (38 39) */ add %o4,%g2,%o4
+/* 0x0a98 925 (38 41) */ fmuld %f12,%f6,%f12
+/* 0x0a9c 926 (39 41) */ ldx [%sp+2327],%o5
+/* 0x0aa0 927 (39 42) */ fitod %f21,%f18
+/* 0x0aa4 928 (40 41) */ st %o4,[%i0]
+/* 0x0aa8 929 (40 41) */ sllx %o7,19,%o7
+/* 0x0aac 930 (40 43) */ fdtox %f22,%f20
+/* 0x0ab0 931 (41 42) */ std %f20,[%sp+2287]
+/* 0x0ab4 932 (41 44) */ fdtox %f10,%f10
+/* 0x0ab8 933 (41 42) */ add %o5,%o7,%o5
+/* 0x0abc 934 (41 44) */ fmuld %f14,%f8,%f20
+/* 0x0ac0 935 (42 43) */ std %f10,[%sp+2295]
+/* 0x0ac4 936 (42 43) */ srlx %o4,32,%o7
+/* 0x0ac8 937 (42 45) */ fsubd %f16,%f4,%f4
+/* 0x0acc 938 (42 45) */ fmuld %f14,%f6,%f14
+/* 0x0ad0 939 (43 45) */ ldx [%sp+2311],%g2
+/* 0x0ad4 940 (43 46) */ fdtox %f24,%f10
+/* 0x0ad8 941 (43 44) */ add %o5,%g3,%g3
+/* 0x0adc 942 (44 45) */ std %f10,[%sp+2271]
+/* 0x0ae0 943 (44 45) */ add %g3,%o7,%g3
+/* 0x0ae4 944 (44 47) */ fdtox %f12,%f12
+/* 0x0ae8 945 (45 47) */ ldx [%sp+2303],%l0
+/* 0x0aec 946 (45 48) */ fsubd %f16,%f18,%f10
+/* 0x0af0 947 (45 48) */ fmuld %f4,%f8,%f16
+/* 0x0af4 948 (46 47) */ std %f12,[%sp+2279]
+/* 0x0af8 949 (46 49) */ fdtox %f20,%f12
+/* 0x0afc 950 (46 49) */ fmuld %f4,%f6,%f4
+/* 0x0b00 951 (47 48) */ std %f12,[%sp+2255]
+/* 0x0b04 952 (47 48) */ sllx %l0,19,%l0
+/* 0x0b08 953 (47 50) */ fdtox %f14,%f12
+/* 0x0b0c 954 (48 50) */ ldx [%sp+2287],%o5
+/* 0x0b10 955 (48 49) */ add %g2,%l0,%g2
+/* 0x0b14 956 (48 51) */ fmuld %f10,%f8,%f8
+/* 0x0b18 957 (49 51) */ ldx [%sp+2295],%l1
+/* 0x0b1c 958 (49 50) */ srlx %g3,32,%l0
+/* 0x0b20 959 (49 50) */ add %g2,%g4,%g4
+/* 0x0b24 960 (49 52) */ fmuld %f10,%f6,%f6
+/* 0x0b28 961 (50 51) */ std %f12,[%sp+2263]
+/* 0x0b2c 962 (50 51) */ sllx %o5,19,%g2
+/* 0x0b30 963 (50 51) */ add %g4,%l0,%g4
+/* 0x0b34 964 (51 53) */ ldx [%sp+2279],%l0
+/* 0x0b38 965 (51 52) */ srlx %g4,32,%o5
+/* 0x0b3c 966 (51 52) */ add %l1,%g2,%g2
+/* 0x0b40 967 (52 53) */ st %g3,[%i0+4]
+/* 0x0b44 968 (52 53) */ add %g2,%g5,%g2
+/* 0x0b48 969 (52 55) */ fdtox %f16,%f10
+/* 0x0b4c 970 (53 55) */ ldx [%sp+2271],%o7
+/* 0x0b50 971 (53 54) */ add %g2,%o5,%g2
+/* 0x0b54 972 (53 56) */ fdtox %f4,%f4
+/* 0x0b58 973 (54 55) */ std %f10,[%sp+2239]
+/* 0x0b5c 974 (55 56) */ sllx %o7,19,%o7
+/* 0x0b60 975 (55 56) */ std %f4,[%sp+2247]
+/* 0x0b64 976 (55 58) */ fdtox %f8,%f4
+/* 0x0b68 977 (56 57) */ add %l0,%o7,%o7
+/* 0x0b6c 978 (56 58) */ ldx [%sp+2263],%o5
+/* 0x0b70 979 (57 58) */ add %o7,%o0,%o0
+/* 0x0b74 980 (57 58) */ std %f4,[%sp+2223]
+/* 0x0b78 981 (57 60) */ fdtox %f6,%f4
+/* 0x0b7c 982 (58 60) */ ldx [%sp+2255],%g5
+/* 0x0b80 983 (58 59) */ srlx %g2,32,%o7
+/* 0x0b84 984 (59 60) */ std %f4,[%sp+2231]
+/* 0x0b88 985 (59 60) */ add %o0,%o7,%o0
+/* 0x0b8c 986 (60 61) */ sllx %g5,19,%g5
+/* 0x0b90 987 (60 62) */ ldx [%sp+2247],%l1
+/* 0x0b94 988 (61 62) */ add %o5,%g5,%g5
+/* 0x0b98 989 (61 62) */ st %g2,[%i0+12]
+/* 0x0b9c 990 (62 64) */ ldx [%sp+2239],%l0
+/* 0x0ba0 991 (62 63) */ srlx %o0,32,%o4
+/* 0x0ba4 992 (62 63) */ add %g5,%o1,%o1
+/* 0x0ba8 993 (63 64) */ add %o1,%o4,%o1
+/* 0x0bac 994 (63 65) */ ldx [%sp+2223],%o7
+/* 0x0bb0 995 (64 65) */ sllx %l0,19,%g3
+/* 0x0bb4 996 (64 66) */ ldx [%sp+2231],%o5
+/* 0x0bb8 997 (65 66) */ add %l1,%g3,%o4
+/* 0x0bbc 998 (65 66) */ st %o0,[%i0+16]
+/* 0x0bc0 999 (66 67) */ add %o4,%o2,%o2
+/* 0x0bc4 1000 (66 67) */ st %o1,[%i0+20]
+/* 0x0bc8 1001 (67 68) */ srlx %o1,32,%o4
+/* 0x0bcc 1002 (67 68) */ st %g4,[%i0+8]
+/* 0x0bd0 1003 (68 69) */ sllx %o7,19,%g2
+/* 0x0bd4 1004 (68 69) */ add %o2,%o4,%o4
+/* 0x0bd8 1005 (68 69) */ st %o4,[%i0+24]
+/* 0x0bdc 1006 (69 70) */ add %o5,%g2,%g2
+/* 0x0be0 1007 (70 71) */ srlx %o4,32,%g3
+/* 0x0be4 1008 (70 71) */ add %g2,%o3,%g2
+/* 0x0be8 1009 (71 72) */ add %g2,%g3,%g2
+/* 0x0bec 1010 (71 72) */ st %g2,[%i0+28]
+/* 0x0bf0 1014 (72 73) */ srlx %g2,32,%o3
+/* 0x0bf4 1015 (73 74) */ srl %o3,0,%i0
+/* 0x0bf8 (74 76) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x0bfc (76 77) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000050
+!
+
+ .L77000050: /* frequency 1.0 confidence 0.0 */
+/* 0x0c00 1022 ( 0 1) */ subcc %i3,16,%g0
+/* 0x0c04 1023 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50
+/* 0x0c08 ( 0 1) */ sethi %hi(0xfff80000),%g2
+/* 0x0c0c 1034 ( 1 4) */ ldd [%o2],%f4
+/* 0x0c10 1035 ( 1 2) */ andn %i4,%g2,%g2
+/* 0x0c14 1036 ( 2 3) */ st %g2,[%sp+2483]
+/* 0x0c18 1037 ( 2 3) */ srl %i4,19,%g2
+/* 0x0c1c 1038 ( 3 4) */ st %g2,[%sp+2479]
+/* 0x0c20 1039 ( 3 5) */ fxnor %f0,%f4,%f4
+/* 0x0c24 1040 ( 4 7) */ ldd [%o0],%f8
+/* 0x0c28 1041 ( 5 8) */ fitod %f4,%f10
+/* 0x0c2c 1042 ( 5 8) */ ldd [%o0+8],%f16
+/* 0x0c30 1043 ( 6 9) */ ldd [%o2+8],%f14
+/* 0x0c34 1044 ( 6 9) */ fitod %f5,%f4
+/* 0x0c38 1045 ( 7 10) */ ld [%sp+2483],%f13
+/* 0x0c3c 1046 ( 8 11) */ ld [%sp+2479],%f7
+/* 0x0c40 1047 ( 8 11) */ fsubd %f16,%f10,%f10
+/* 0x0c44 1048 ( 9 11) */ fxnor %f0,%f14,%f14
+/* 0x0c48 1049 (10 13) */ fsubd %f16,%f4,%f4
+/* 0x0c4c 1050 (14 15) */ fmovs %f8,%f12
+/* 0x0c50 1051 (15 16) */ fmovs %f8,%f6
+/* 0x0c54 1052 (17 20) */ fsubd %f12,%f8,%f12
+/* 0x0c58 1053 (18 21) */ fsubd %f6,%f8,%f6
+/* 0x0c5c 1054 (19 22) */ fitod %f14,%f8
+/* 0x0c60 1055 (20 23) */ fmuld %f10,%f12,%f18
+/* 0x0c64 1056 (20 23) */ fitod %f15,%f14
+/* 0x0c68 1057 (21 24) */ fmuld %f10,%f6,%f10
+/* 0x0c6c 1058 (22 25) */ fsubd %f16,%f8,%f8
+/* 0x0c70 1059 (22 25) */ fmuld %f4,%f12,%f20
+/* 0x0c74 1060 (23 26) */ fmuld %f4,%f6,%f4
+/* 0x0c78 1061 (23 26) */ fsubd %f16,%f14,%f14
+/* 0x0c7c 1062 (24 27) */ fdtox %f10,%f10
+/* 0x0c80 1063 (24 25) */ std %f10,[%sp+2463]
+/* 0x0c84 1064 (25 28) */ fmuld %f8,%f12,%f10
+/* 0x0c88 1065 (25 28) */ fdtox %f18,%f18
+/* 0x0c8c 1066 (25 26) */ std %f18,[%sp+2471]
+/* 0x0c90 1067 (26 29) */ fmuld %f8,%f6,%f8
+/* 0x0c94 1068 (26 29) */ fdtox %f4,%f4
+/* 0x0c98 1069 (26 27) */ std %f4,[%sp+2447]
+/* 0x0c9c 1070 (27 30) */ fmuld %f14,%f12,%f4
+/* 0x0ca0 1071 (27 30) */ fdtox %f20,%f18
+/* 0x0ca4 1072 (27 28) */ std %f18,[%sp+2455]
+/* 0x0ca8 1073 (28 31) */ fdtox %f10,%f10
+/* 0x0cac 1074 (28 29) */ std %f10,[%sp+2439]
+/* 0x0cb0 1075 (28 31) */ fmuld %f14,%f6,%f14
+/* 0x0cb4 1076 (29 32) */ fdtox %f8,%f8
+/* 0x0cb8 1077 (29 30) */ std %f8,[%sp+2431]
+/* 0x0cbc 1078 (30 33) */ ldd [%o2+16],%f10
+/* 0x0cc0 1079 (30 33) */ fdtox %f4,%f4
+/* 0x0cc4 1080 (31 34) */ ldd [%o2+24],%f8
+/* 0x0cc8 1081 (31 34) */ fdtox %f14,%f14
+/* 0x0ccc 1082 (32 33) */ std %f4,[%sp+2423]
+/* 0x0cd0 1083 (32 34) */ fxnor %f0,%f10,%f10
+/* 0x0cd4 1084 (33 35) */ fxnor %f0,%f8,%f4
+/* 0x0cd8 1085 (33 34) */ std %f14,[%sp+2415]
+/* 0x0cdc 1086 (34 37) */ fitod %f10,%f8
+/* 0x0ce0 1087 (35 38) */ fitod %f11,%f10
+/* 0x0ce4 1088 (36 39) */ fitod %f4,%f14
+/* 0x0ce8 1089 (37 40) */ fsubd %f16,%f8,%f8
+/* 0x0cec 1090 (38 41) */ fsubd %f16,%f10,%f10
+/* 0x0cf0 1091 (39 42) */ fsubd %f16,%f14,%f14
+/* 0x0cf4 1092 (40 43) */ fmuld %f8,%f12,%f18
+/* 0x0cf8 1093 (40 43) */ fitod %f5,%f4
+/* 0x0cfc 1094 (41 44) */ fmuld %f8,%f6,%f8
+/* 0x0d00 1095 (42 45) */ fmuld %f10,%f12,%f20
+/* 0x0d04 1096 (43 46) */ fmuld %f10,%f6,%f10
+/* 0x0d08 1097 (43 46) */ fsubd %f16,%f4,%f4
+/* 0x0d0c 1098 (44 47) */ fdtox %f8,%f8
+/* 0x0d10 1099 (44 45) */ std %f8,[%sp+2399]
+/* 0x0d14 1100 (45 48) */ fmuld %f14,%f12,%f8
+/* 0x0d18 1101 (45 48) */ fdtox %f18,%f18
+/* 0x0d1c 1102 (45 46) */ std %f18,[%sp+2407]
+/* 0x0d20 1103 (46 49) */ fdtox %f10,%f10
+/* 0x0d24 1104 (46 47) */ std %f10,[%sp+2383]
+/* 0x0d28 1105 (46 49) */ fmuld %f14,%f6,%f14
+/* 0x0d2c 1106 (47 50) */ fmuld %f4,%f12,%f10
+/* 0x0d30 1107 (47 50) */ fdtox %f20,%f18
+/* 0x0d34 1108 (47 48) */ std %f18,[%sp+2391]
+/* 0x0d38 1109 (48 51) */ fdtox %f8,%f8
+/* 0x0d3c 1110 (48 49) */ std %f8,[%sp+2375]
+/* 0x0d40 1111 (48 51) */ fmuld %f4,%f6,%f4
+/* 0x0d44 1112 (49 52) */ fdtox %f14,%f14
+/* 0x0d48 1113 (49 50) */ std %f14,[%sp+2367]
+/* 0x0d4c 1117 (50 53) */ ldd [%o2+32],%f8
+/* 0x0d50 1118 (50 53) */ fdtox %f10,%f10
+/* 0x0d54 1119 (51 54) */ fdtox %f4,%f4
+/* 0x0d58 1120 (51 52) */ std %f4,[%sp+2351]
+/* 0x0d5c 1121 (52 54) */ fxnor %f0,%f8,%f8
+/* 0x0d60 1122 (52 55) */ ldd [%o2+40],%f14
+/* 0x0d64 1123 (53 54) */ std %f10,[%sp+2359]
+/* 0x0d68 1124 (54 57) */ fitod %f8,%f4
+/* 0x0d6c 1125 (55 57) */ fxnor %f0,%f14,%f10
+/* 0x0d70 1126 (56 59) */ fitod %f9,%f8
+/* 0x0d74 1127 (57 60) */ fsubd %f16,%f4,%f4
+/* 0x0d78 1128 (58 61) */ fitod %f10,%f14
+/* 0x0d7c 1129 (59 62) */ fsubd %f16,%f8,%f8
+/* 0x0d80 1130 (60 63) */ fmuld %f4,%f12,%f18
+/* 0x0d84 1131 (60 63) */ fitod %f11,%f10
+/* 0x0d88 1132 (61 64) */ fmuld %f4,%f6,%f4
+/* 0x0d8c 1133 (61 64) */ fsubd %f16,%f14,%f14
+/* 0x0d90 1134 (62 65) */ fmuld %f8,%f12,%f20
+/* 0x0d94 1135 (63 66) */ fmuld %f8,%f6,%f8
+/* 0x0d98 1136 (63 66) */ fsubd %f16,%f10,%f10
+/* 0x0d9c 1137 (64 67) */ fdtox %f4,%f4
+/* 0x0da0 1138 (64 65) */ std %f4,[%sp+2335]
+/* 0x0da4 1139 (65 68) */ fmuld %f14,%f12,%f4
+/* 0x0da8 1140 (65 68) */ fdtox %f18,%f18
+/* 0x0dac 1141 (65 66) */ std %f18,[%sp+2343]
+/* 0x0db0 1142 (66 69) */ fdtox %f8,%f8
+/* 0x0db4 1143 (66 67) */ std %f8,[%sp+2319]
+/* 0x0db8 1144 (66 69) */ fmuld %f14,%f6,%f14
+/* 0x0dbc 1145 (67 70) */ fmuld %f10,%f12,%f8
+/* 0x0dc0 1146 (67 70) */ fdtox %f20,%f18
+/* 0x0dc4 1147 (67 68) */ std %f18,[%sp+2327]
+/* 0x0dc8 1148 (68 71) */ fdtox %f4,%f4
+/* 0x0dcc 1149 (68 69) */ std %f4,[%sp+2311]
+/* 0x0dd0 1150 (68 71) */ fmuld %f10,%f6,%f10
+/* 0x0dd4 1151 (69 72) */ fdtox %f14,%f14
+/* 0x0dd8 1152 (69 70) */ std %f14,[%sp+2303]
+/* 0x0ddc 1153 (70 73) */ ldd [%o2+48],%f4
+/* 0x0de0 1154 (70 73) */ fdtox %f8,%f8
+/* 0x0de4 1155 (71 74) */ fdtox %f10,%f10
+/* 0x0de8 1156 (71 72) */ std %f10,[%sp+2287]
+/* 0x0dec 1157 (72 74) */ fxnor %f0,%f4,%f4
+/* 0x0df0 1158 (72 75) */ ldd [%o2+56],%f14
+/* 0x0df4 1159 (73 74) */ std %f8,[%sp+2295]
+/* 0x0df8 1160 (74 77) */ fitod %f4,%f10
+/* 0x0dfc 1161 (75 78) */ fitod %f5,%f4
+/* 0x0e00 1162 (76 78) */ fxnor %f0,%f14,%f8
+/* 0x0e04 1163 (77 80) */ fsubd %f16,%f10,%f10
+/* 0x0e08 1164 (78 81) */ fsubd %f16,%f4,%f4
+/* 0x0e0c 1165 (79 82) */ fitod %f8,%f14
+/* 0x0e10 1166 (80 83) */ fmuld %f10,%f12,%f18
+/* 0x0e14 1167 (80 83) */ fitod %f9,%f8
+/* 0x0e18 1168 (81 84) */ fmuld %f10,%f6,%f10
+/* 0x0e1c 1169 (82 85) */ fmuld %f4,%f12,%f20
+/* 0x0e20 1170 (82 85) */ fsubd %f16,%f14,%f14
+/* 0x0e24 1171 (83 86) */ fdtox %f18,%f18
+/* 0x0e28 1172 (83 84) */ std %f18,[%sp+2279]
+/* 0x0e2c 1173 (83 86) */ fmuld %f4,%f6,%f4
+/* 0x0e30 1174 (84 87) */ fdtox %f10,%f10
+/* 0x0e34 1175 (84 85) */ std %f10,[%sp+2271]
+/* 0x0e38 1176 (85 88) */ fdtox %f20,%f10
+/* 0x0e3c 1177 (85 86) */ std %f10,[%sp+2263]
+/* 0x0e40 1178 (86 89) */ fdtox %f4,%f4
+/* 0x0e44 1179 (86 87) */ std %f4,[%sp+2255]
+/* 0x0e48 1180 (86 89) */ fmuld %f14,%f12,%f10
+/* 0x0e4c 1181 (87 90) */ fmuld %f14,%f6,%f4
+/* 0x0e50 1182 (89 92) */ fdtox %f10,%f10
+/* 0x0e54 1183 (89 90) */ std %f10,[%sp+2247]
+/* 0x0e58 1184 (90 93) */ fdtox %f4,%f4
+/* 0x0e5c 1185 (90 91) */ std %f4,[%sp+2239]
+/* 0x0e60 1189 (91 93) */ ldx [%sp+2463],%g2
+/* 0x0e64 1190 (91 94) */ fsubd %f16,%f8,%f4
+/* 0x0e68 1191 (92 94) */ ldx [%sp+2471],%g3
+/* 0x0e6c 1192 (93 96) */ ld [%i1],%g4
+/* 0x0e70 1193 (93 94) */ sllx %g2,19,%g2
+/* 0x0e74 1194 (94 96) */ ldx [%sp+2455],%g5
+/* 0x0e78 1195 (94 95) */ add %g3,%g2,%g2
+/* 0x0e7c 1196 (94 97) */ fmuld %f4,%f6,%f6
+/* 0x0e80 1197 (95 97) */ ldx [%sp+2447],%g3
+/* 0x0e84 1198 (95 96) */ add %g2,%g4,%g4
+/* 0x0e88 1199 (95 98) */ fmuld %f4,%f12,%f4
+/* 0x0e8c 1200 (96 97) */ st %g4,[%i0]
+/* 0x0e90 1201 (96 97) */ srlx %g4,32,%g4
+/* 0x0e94 1202 (97 100) */ ld [%i1+8],%o0
+/* 0x0e98 1203 (97 98) */ sllx %g3,19,%g2
+/* 0x0e9c 1204 (97 100) */ fdtox %f6,%f6
+/* 0x0ea0 1205 (98 101) */ ld [%i1+4],%g3
+/* 0x0ea4 1206 (98 99) */ add %g5,%g2,%g2
+/* 0x0ea8 1207 (98 101) */ fdtox %f4,%f4
+/* 0x0eac 1208 (99 101) */ ldx [%sp+2439],%g5
+/* 0x0eb0 1209 (100 103) */ ld [%i1+12],%o1
+/* 0x0eb4 1210 (100 101) */ add %g2,%g3,%g2
+/* 0x0eb8 1211 (101 103) */ ldx [%sp+2431],%g3
+/* 0x0ebc 1212 (101 102) */ add %g2,%g4,%g4
+/* 0x0ec0 1213 (102 103) */ st %g4,[%i0+4]
+/* 0x0ec4 1214 (103 104) */ std %f6,[%sp+2223]
+/* 0x0ec8 1215 (103 104) */ sllx %g3,19,%g2
+/* 0x0ecc 1216 (104 106) */ ldx [%sp+2423],%g3
+/* 0x0ed0 1217 (104 105) */ add %g5,%g2,%g2
+/* 0x0ed4 1218 (105 107) */ ldx [%sp+2415],%g5
+/* 0x0ed8 1219 (105 106) */ add %g2,%o0,%g2
+/* 0x0edc 1220 (106 107) */ std %f4,[%sp+2231]
+/* 0x0ee0 1221 (106 107) */ srlx %g4,32,%o0
+/* 0x0ee4 1222 (107 109) */ ldx [%sp+2407],%g4
+/* 0x0ee8 1223 (107 108) */ sllx %g5,19,%g5
+/* 0x0eec 1224 (107 108) */ add %g2,%o0,%g2
+/* 0x0ef0 1225 (108 109) */ st %g2,[%i0+8]
+/* 0x0ef4 1226 (108 109) */ srlx %g2,32,%o0
+/* 0x0ef8 1227 (108 109) */ add %g3,%g5,%g3
+/* 0x0efc 1228 (109 111) */ ldx [%sp+2399],%g5
+/* 0x0f00 1229 (109 110) */ add %g3,%o1,%g3
+/* 0x0f04 1230 (110 113) */ ld [%i1+16],%o1
+/* 0x0f08 1231 (110 111) */ add %g3,%o0,%g3
+/* 0x0f0c 1232 (111 112) */ st %g3,[%i0+12]
+/* 0x0f10 1233 (111 112) */ sllx %g5,19,%g5
+/* 0x0f14 1234 (112 113) */ srlx %g3,32,%o0
+/* 0x0f18 1235 (112 113) */ add %g4,%g5,%g2
+/* 0x0f1c 1236 (112 114) */ ldx [%sp+2383],%g5
+/* 0x0f20 1237 (113 115) */ ldx [%sp+2391],%g4
+/* 0x0f24 1238 (113 114) */ add %g2,%o1,%g2
+/* 0x0f28 1239 (114 117) */ ld [%i1+20],%o1
+/* 0x0f2c 1240 (114 115) */ sllx %g5,19,%g5
+/* 0x0f30 1241 (114 115) */ add %g2,%o0,%g2
+/* 0x0f34 1242 (115 116) */ st %g2,[%i0+16]
+/* 0x0f38 1243 (115 116) */ srlx %g2,32,%o0
+/* 0x0f3c 1244 (115 116) */ add %g4,%g5,%g3
+/* 0x0f40 1245 (116 118) */ ldx [%sp+2367],%g5
+/* 0x0f44 1246 (116 117) */ add %g3,%o1,%g3
+/* 0x0f48 1247 (117 119) */ ldx [%sp+2375],%g4
+/* 0x0f4c 1248 (117 118) */ add %g3,%o0,%g3
+/* 0x0f50 1249 (118 121) */ ld [%i1+24],%o1
+/* 0x0f54 1250 (118 119) */ sllx %g5,19,%g5
+/* 0x0f58 1251 (119 120) */ st %g3,[%i0+20]
+/* 0x0f5c 1252 (119 120) */ add %g4,%g5,%g2
+/* 0x0f60 1253 (120 122) */ ldx [%sp+2351],%g5
+/* 0x0f64 1254 (120 121) */ srlx %g3,32,%o0
+/* 0x0f68 1255 (120 121) */ add %g2,%o1,%g2
+/* 0x0f6c 1256 (121 123) */ ldx [%sp+2359],%g4
+/* 0x0f70 1257 (121 122) */ add %g2,%o0,%g2
+/* 0x0f74 1258 (122 125) */ ld [%i1+28],%o1
+/* 0x0f78 1259 (122 123) */ sllx %g5,19,%g5
+/* 0x0f7c 1260 (123 124) */ st %g2,[%i0+24]
+/* 0x0f80 1261 (123 124) */ add %g4,%g5,%g3
+/* 0x0f84 1265 (124 126) */ ldx [%sp+2335],%g5
+/* 0x0f88 1266 (124 125) */ srlx %g2,32,%o0
+/* 0x0f8c 1267 (124 125) */ add %g3,%o1,%g3
+/* 0x0f90 1268 (125 127) */ ldx [%sp+2343],%g4
+/* 0x0f94 1269 (125 126) */ add %g3,%o0,%g3
+/* 0x0f98 1270 (126 127) */ sllx %g5,19,%g5
+/* 0x0f9c 1271 (126 129) */ ld [%i1+32],%o1
+/* 0x0fa0 1272 (127 128) */ add %g4,%g5,%g2
+/* 0x0fa4 1273 (127 129) */ ldx [%sp+2319],%g5
+/* 0x0fa8 1274 (128 130) */ ldx [%sp+2327],%g4
+/* 0x0fac 1275 (128 129) */ srlx %g3,32,%o0
+/* 0x0fb0 1276 (128 129) */ add %g2,%o1,%g2
+/* 0x0fb4 1277 (129 130) */ st %g3,[%i0+28]
+/* 0x0fb8 1278 (129 130) */ sllx %g5,19,%g5
+/* 0x0fbc 1279 (129 130) */ add %g2,%o0,%g2
+/* 0x0fc0 1280 (130 133) */ ld [%i1+36],%o1
+/* 0x0fc4 1281 (130 131) */ add %g4,%g5,%g3
+/* 0x0fc8 1282 (131 133) */ ldx [%sp+2303],%g5
+/* 0x0fcc 1283 (131 132) */ srlx %g2,32,%o0
+/* 0x0fd0 1284 (132 134) */ ldx [%sp+2311],%g4
+/* 0x0fd4 1285 (132 133) */ add %g3,%o1,%g3
+/* 0x0fd8 1286 (133 134) */ sllx %g5,19,%g5
+/* 0x0fdc 1287 (133 134) */ st %g2,[%i0+32]
+/* 0x0fe0 1288 (133 134) */ add %g3,%o0,%g3
+/* 0x0fe4 1289 (134 135) */ add %g4,%g5,%g2
+/* 0x0fe8 1290 (134 136) */ ldx [%sp+2287],%g5
+/* 0x0fec 1291 (135 137) */ ldx [%sp+2295],%g4
+/* 0x0ff0 1292 (135 136) */ srlx %g3,32,%o0
+/* 0x0ff4 1293 (136 139) */ ld [%i1+40],%o1
+/* 0x0ff8 1294 (136 137) */ sllx %g5,19,%g5
+/* 0x0ffc 1295 (137 138) */ st %g3,[%i0+36]
+/* 0x1000 1296 (137 138) */ add %g4,%g5,%g3
+/* 0x1004 1297 (138 140) */ ldx [%sp+2271],%g5
+/* 0x1008 1298 (138 139) */ add %g2,%o1,%g2
+/* 0x100c 1299 (139 141) */ ldx [%sp+2279],%g4
+/* 0x1010 1300 (139 140) */ add %g2,%o0,%g2
+/* 0x1014 1301 (140 143) */ ld [%i1+44],%o1
+/* 0x1018 1302 (140 141) */ sllx %g5,19,%g5
+/* 0x101c 1303 (141 142) */ st %g2,[%i0+40]
+/* 0x1020 1304 (141 142) */ srlx %g2,32,%o0
+/* 0x1024 1305 (141 142) */ add %g4,%g5,%g2
+/* 0x1028 1306 (142 144) */ ldx [%sp+2255],%g5
+/* 0x102c 1307 (142 143) */ add %g3,%o1,%g3
+/* 0x1030 1308 (143 145) */ ldx [%sp+2263],%g4
+/* 0x1034 1309 (143 144) */ add %g3,%o0,%g3
+/* 0x1038 1310 (144 147) */ ld [%i1+48],%o1
+/* 0x103c 1311 (144 145) */ sllx %g5,19,%g5
+/* 0x1040 1312 (145 146) */ srlx %g3,32,%o0
+/* 0x1044 1313 (145 146) */ st %g3,[%i0+44]
+/* 0x1048 1314 (145 146) */ add %g4,%g5,%g3
+/* 0x104c 1315 (146 148) */ ldx [%sp+2239],%g5
+/* 0x1050 1316 (146 147) */ add %g2,%o1,%g2
+/* 0x1054 1317 (147 150) */ ld [%i1+52],%o1
+/* 0x1058 1318 (147 148) */ add %g2,%o0,%g2
+/* 0x105c 1319 (148 150) */ ldx [%sp+2247],%g4
+/* 0x1060 1320 (148 149) */ sllx %g5,19,%g5
+/* 0x1064 1321 (149 150) */ srlx %g2,32,%o0
+/* 0x1068 1322 (149 150) */ st %g2,[%i0+48]
+/* 0x106c 1323 (149 150) */ add %g3,%o1,%g3
+/* 0x1070 1324 (150 153) */ ld [%i1+56],%o1
+/* 0x1074 1325 (150 151) */ add %g4,%g5,%g2
+/* 0x1078 1326 (150 151) */ add %g3,%o0,%g3
+/* 0x107c 1327 (151 153) */ ldx [%sp+2223],%g5
+/* 0x1080 1328 (151 152) */ srlx %g3,32,%o0
+/* 0x1084 1329 (152 154) */ ldx [%sp+2231],%g4
+/* 0x1088 1330 (152 153) */ add %g2,%o1,%g2
+/* 0x108c 1331 (153 154) */ sllx %g5,19,%g5
+/* 0x1090 1332 (153 156) */ ld [%i1+60],%o1
+/* 0x1094 1333 (153 154) */ add %g2,%o0,%g2
+/* 0x1098 1334 (154 155) */ st %g3,[%i0+52]
+/* 0x109c 1335 (154 155) */ add %g4,%g5,%g3
+/* 0x10a0 1336 (155 156) */ st %g2,[%i0+56]
+/* 0x10a4 1337 (155 156) */ srlx %g2,32,%g2
+/* 0x10a8 1338 (155 156) */ add %g3,%o1,%g3
+/* 0x10ac 1339 (156 157) */ add %g3,%g2,%g2
+/* 0x10b0 1340 (156 157) */ st %g2,[%i0+60]
+/* 0x10b4 1344 (157 158) */ srlx %g2,32,%o3
+/* 0x10b8 1345 (158 159) */ srl %o3,0,%i0
+/* 0x10bc (159 161) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x10c0 (161 162) */ restore %g0,%g0,%g0
+
+!
+! ENTRY .L77000073
+!
+
+ .L77000073: /* frequency 1.0 confidence 0.0 */
+
+
+ or %g0, %i4, %o2
+ or %g0, %o0, %o1
+ or %g0, %i3, %o0
+
+!
+! ENTRY .L77000052
+!
+
+ .L77000052: /* frequency 1.0 confidence 0.0 */
+/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2
+/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+2227]
+/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3
+/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14
+/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2
+/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+2223]
+/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5
+/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2
+/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6
+/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1000),%g1
+/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2
+/* 0x1054 1337 ( 3 4) */ xor %g1,-625,%g1
+/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20
+/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3
+/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8
+/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3
+/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10
+/* 0x106c 1343 ( 5 7) */ ld [%sp+2227],%f9
+/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0
+/* 0x1074 1345 ( 6 8) */ ld [%sp+2223],%f11
+/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1000),%g1
+/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1
+/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18
+/* 0x1084 1349 ( 7 8) */ xor %g1,-617,%g1
+/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4
+/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16
+/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50
+/* 0x1094 ( 8 9) */ subcc %o0,0,%g0
+/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2
+/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1000),%g1
+/* 0x10a0 1356 (10 11) */ xor %g1,-609,%g1
+/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0
+/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7
+/* 0x10ac 1359 (11 12) */ sethi %hi(0x1000),%g1
+/* 0x10b0 1360 (12 13) */ xor %g1,-601,%g1
+/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4
+/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50
+/* 0x10bc (13 14) */ sub %o3,2,%o2
+/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2
+/* 0x10c4 1365 (14 15) */ add %o1,16,%g5
+/* 0x10c8 1366 (14 15) */ or %g0,4,%g4
+/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0
+/* 0x10d0 1368 (15 16) */ add %o1,8,%o1
+/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6
+/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4
+/* 0x10dc 1371 (16 17) */ add %o1,16,%o1
+/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12
+/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0
+/* 0x10e8 1374 (17 18) */ add %o1,8,%o1
+/* 0x10ec 1375 (18 21) */ fitod %f7,%f2
+/* 0x10f0 1376 (19 22) */ fitod %f6,%f6
+/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10
+/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2
+/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8
+/* 0x1100 1380 (23 26) */ fitod %f13,%f4
+/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6
+/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0
+
+!
+! ENTRY .L990000154
+!
+
+ .L990000154: /* frequency 1.0 confidence 0.0 */
+/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24
+/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4
+/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4
+/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22
+/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26
+/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0
+/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7
+/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28
+/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6
+/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2
+/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3
+/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0
+/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4
+/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2
+/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12
+/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6
+/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96]
+/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96]
+/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2
+/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6
+/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96]
+/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1
+/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12
+/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4
+/* 0x116c 1408 (10 11) */ std %f0,[%o4-96]
+/* 0x1170 1409 (11 14) */ ldd [%o1],%f0
+/* 0x1174 1410 (11 14) */ fitod %f9,%f2
+/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28
+/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24
+/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22
+/* 0x1184 1414 (13 16) */ fdtox %f4,%f4
+/* 0x1188 1415 (14 17) */ fitod %f10,%f6
+/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10
+/* 0x1190 1417 (15 18) */ fdtox %f24,%f24
+/* 0x1194 1418 (16 19) */ fdtox %f22,%f22
+/* 0x1198 1419 (16 17) */ std %f24,[%g3-64]
+/* 0x119c 1420 (17 18) */ std %f22,[%g2-64]
+/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10
+/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6
+/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64]
+/* 0x11ac 1424 (18 19) */ add %o1,8,%o1
+/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10
+/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0
+/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64]
+/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22
+/* 0x11c0 1429 (20 23) */ fitod %f13,%f4
+/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2
+/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26
+/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24
+/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0
+/* 0x11d4 1434 (23 26) */ fitod %f8,%f6
+/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8
+/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26
+/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24
+/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32]
+/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32]
+/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8
+/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6
+/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32]
+/* 0x11f8 1443 (27 28) */ add %o1,8,%o1
+/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8
+/* 0x1200 1445 (28 29) */ std %f0,[%o4-32]
+/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50
+/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0
+
+!
+! ENTRY .L990000157
+!
+
+ .L990000157: /* frequency 1.0 confidence 0.0 */
+/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28
+/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24
+/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3
+/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12
+/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26
+/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2
+/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4
+/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22
+/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7
+/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6
+/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128]
+/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4
+/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2
+/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0
+/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6
+/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24
+/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10
+/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128]
+/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10
+/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128]
+/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26
+/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10
+/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2
+/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22
+/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12
+/* 0x1270 1474 (10 13) */ fdtox %f0,%f0
+/* 0x1274 1475 (10 11) */ std %f0,[%o4-128]
+/* 0x1278 1476 (11 14) */ fitod %f8,%f4
+/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6
+/* 0x1280 1478 (12 15) */ fdtox %f26,%f0
+/* 0x1284 1479 (12 13) */ std %f0,[%g3-96]
+/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10
+/* 0x128c 1481 (13 16) */ fdtox %f2,%f2
+/* 0x1290 1482 (13 14) */ std %f2,[%g2-96]
+/* 0x1294 1483 (14 17) */ fitod %f9,%f0
+/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2
+/* 0x129c 1485 (15 18) */ fdtox %f24,%f8
+/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96]
+/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4
+/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8
+/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12
+/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96]
+/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0
+/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6
+/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64]
+/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10
+/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64]
+/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6
+/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2
+/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64]
+/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4
+/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2
+/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8
+/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64]
+/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6
+/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32]
+/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0
+/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4
+/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32]
+/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2
+/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32]
+/* 0x1300 1510 (26 29) */ fdtox %f0,%f0
+/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50
+/* 0x1308 (26 27) */ std %f0,[%o4-32]
+
+!
+! ENTRY .L77000054
+!
+
+ .L77000054: /* frequency 1.0 confidence 0.0 */
+/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0
+
+!
+! ENTRY .L990000161
+!
+
+ .L990000161: /* frequency 1.0 confidence 0.0 */
+/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0
+/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4
+/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1
+/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0
+/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2
+/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0
+/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2
+/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0
+/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6
+/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4
+/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2
+/* 0x133c 1527 (11 14) */ fdtox %f6,%f6
+/* 0x1340 1528 (11 12) */ std %f6,[%g3]
+/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0
+/* 0x1348 1530 (12 15) */ fdtox %f4,%f4
+/* 0x134c 1531 (12 13) */ std %f4,[%g2]
+/* 0x1350 1532 (12 13) */ add %g2,32,%g2
+/* 0x1354 1533 (13 16) */ fdtox %f2,%f2
+/* 0x1358 1534 (13 14) */ std %f2,[%o7]
+/* 0x135c 1535 (13 14) */ add %o7,32,%o7
+/* 0x1360 1536 (14 17) */ fdtox %f0,%f0
+/* 0x1364 1537 (14 15) */ std %f0,[%o4]
+/* 0x1368 1538 (14 15) */ add %o4,32,%o4
+/* 0x136c 1539 (15 16) */ add %g3,32,%g3
+/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50
+/* 0x1374 (16 19) */ ldd [%o1],%f0
+
+!
+! ENTRY .L77000056
+!
+
+ .L77000056: /* frequency 1.0 confidence 0.0 */
+/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0
+
+!
+! ENTRY .L990000162
+!
+
+ .L990000162: /* frequency 1.0 confidence 0.0 */
+/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50
+/* 0x1380 ( 0 1) */ nop
+/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1000),%g1
+/* 0x1388 1556 ( 1 2) */ xor %g1,-625,%g1
+/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4
+/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5
+/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1000),%g1
+/* 0x1398 1560 ( 3 4) */ xor %g1,-617,%g1
+/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7
+/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2
+/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2
+/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3
+/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0
+/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50
+/* 0x13b4 ( 6 7) */ sethi %hi(0x1000),%g1
+/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2
+/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3
+/* 0x13c0 1570 ( 7 8) */ xor %g1,-585,%g1
+/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4
+/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2
+/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1000),%g1
+/* 0x13d0 1574 ( 9 10) */ xor %g1,-593,%g1
+/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2
+/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5
+/* 0x13dc 1577 (10 11) */ sethi %hi(0x1000),%g1
+/* 0x13e0 1578 (11 12) */ xor %g1,-617,%g1
+/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1
+/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1
+/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0
+/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1
+/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3
+/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0
+/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1
+/* 0x1400 1586 (16 17) */ add %g4,8,%g4
+/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3
+/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0
+/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2
+/* 0x1410 1590 (18 19) */ st %o0,[%g3-4]
+/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0
+
+!
+! ENTRY .L990000142
+!
+
+ .L990000142: /* frequency 1.0 confidence 0.0 */
+/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2
+/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2
+/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3
+/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5
+/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1
+/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0
+/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2
+/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0
+/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1
+/* 0x143c 1602 ( 4 5) */ st %o1,[%g3]
+/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5
+/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0
+/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1
+/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0
+/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3
+/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2
+/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0
+/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3
+/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1
+/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0
+/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12]
+/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5
+/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4
+/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0
+/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1
+/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2
+/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3
+/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2
+/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1
+/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0
+/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2
+/* 0x1494 1624 (12 13) */ st %o2,[%g3-8]
+/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5
+/* 0x149c 1626 (12 13) */ add %g5,64,%g5
+/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2
+/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0
+/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1
+/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0
+/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3
+/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2
+/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0
+/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4]
+/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50
+/* 0x14c4 (16 17) */ srlx %o0,32,%o0
+
+!
+! ENTRY .L990000145
+!
+
+ .L990000145: /* frequency 1.0 confidence 0.0 */
+/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3
+/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3
+/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2
+/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0
+/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0
+/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4]
+/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0
+/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50
+/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5
+
+!
+! ENTRY .L77000058
+!
+
+ .L77000058: /* frequency 1.0 confidence 0.0 */
+/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2
+
+!
+! ENTRY .L990000160
+!
+
+ .L990000160: /* frequency 1.0 confidence 0.0 */
+/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3
+/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0
+/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2
+/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1
+/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2
+/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2
+/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0
+/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5
+/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0
+/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4
+/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0
+/* 0x151c 1661 ( 4 5) */ st %o0,[%g3]
+/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0
+/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5
+/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3
+/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50
+/* 0x1530 ( 6 8) */ ldx [%g2],%o2
+
+!
+! ENTRY .L77770061
+!
+
+ .L77770061: /* frequency 1.0 confidence 0.0 */
+/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0
+
+
+/* 0x124c 1476 ( 0 0) */ .type mul_add,2
+/* 0x124c 1477 ( 0 0) */ .size mul_add,(.-mul_add)
+/* 0x124c 1480 ( 0 0) */ .align 8
+/* 0x1250 1486 ( 0 0) */ .global mul_add_inp
+
+!
+! ENTRY mul_add_inp
+!
+
+ .global mul_add_inp
+ mul_add_inp: /* frequency 1.0 confidence 0.0 */
+/* 0x1250 1488 ( 0 1) */ save %sp,-176,%sp
+/* 0x1254 1500 ( 1 2) */ sra %i2,0,%o3
+/* 0x1258 1501 ( 1 2) */ or %g0,%i1,%o2
+/* 0x125c 1502 ( 2 3) */ or %g0,%i0,%o0
+/* 0x1260 1503 ( 2 3) */ or %g0,%i0,%o1
+/* 0x1264 1504 ( 3 5) */ call mul_add ! params = ! Result =
+/* 0x1268 ( 4 5) */ srl %i3,0,%o4
+/* 0x126c 1506 ( 5 6) */ srl %o0,0,%i0
+/* 0x1270 ( 6 8) */ ret ! Result = %o1 %o0 %f0 %f1
+/* 0x1274 ( 8 9) */ restore %g0,%g0,%g0
+/* 0x1278 1509 ( 0 0) */ .type mul_add_inp,2
+/* 0x1278 1510 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp)
+
+ .section ".data",#alloc,#write
+/* 0x1278 6 ( 0 0) */ .align 8
+
+!
+! ENTRY mask_cnst
+!
+
+ mask_cnst: /* frequency 1.0 confidence 0.0 */
+/* 0x1278 8 ( 0 0) */ .xword -9223372034707292160
+/* 0x1280 9 ( 0 0) */ .type mask_cnst,#object
+/* 0x1280 10 ( 0 0) */ .size mask_cnst,8
+
diff --git a/security/nss/lib/freebl/mpi/mpvalpha.c b/security/nss/lib/freebl/mpi/mpvalpha.c
new file mode 100644
index 000000000..94e86eedb
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mpvalpha.c
@@ -0,0 +1,183 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi-priv.h"
+#include <c_asm.h>
+
+#define MP_MUL_DxD(a, b, Phi, Plo) \
+ { \
+ Plo = asm("mulq %a0, %a1, %v0", a, b); \
+ Phi = asm("umulh %a0, %a1, %v0", a, b); \
+ }
+
+/* This is empty for the loop in s_mpv_mul_d */
+#define CARRY_ADD
+
+#define ONE_MUL \
+ a_i = *a++; \
+ MP_MUL_DxD(a_i, b, a1b1, a0b0); \
+ a0b0 += carry; \
+ if (a0b0 < carry) \
+ ++a1b1; \
+ CARRY_ADD \
+ *c++ = a0b0; \
+ carry = a1b1;
+
+#define FOUR_MUL \
+ ONE_MUL \
+ ONE_MUL \
+ ONE_MUL \
+ ONE_MUL
+
+#define SIXTEEN_MUL \
+ FOUR_MUL \
+ FOUR_MUL \
+ FOUR_MUL \
+ FOUR_MUL
+
+#define THIRTYTWO_MUL \
+ SIXTEEN_MUL \
+ SIXTEEN_MUL
+
+#define ONETWENTYEIGHT_MUL \
+ THIRTYTWO_MUL \
+ THIRTYTWO_MUL \
+ THIRTYTWO_MUL \
+ THIRTYTWO_MUL
+
+#define EXPAND_256(CALL) \
+ mp_digit carry = 0; \
+ mp_digit a_i; \
+ mp_digit a0b0, a1b1; \
+ if (a_len & 255) { \
+ if (a_len & 1) { \
+ ONE_MUL \
+ } \
+ if (a_len & 2) { \
+ ONE_MUL \
+ ONE_MUL \
+ } \
+ if (a_len & 4) { \
+ FOUR_MUL \
+ } \
+ if (a_len & 8) { \
+ FOUR_MUL \
+ FOUR_MUL \
+ } \
+ if (a_len & 16) { \
+ SIXTEEN_MUL \
+ } \
+ if (a_len & 32) { \
+ THIRTYTWO_MUL \
+ } \
+ if (a_len & 64) { \
+ THIRTYTWO_MUL \
+ THIRTYTWO_MUL \
+ } \
+ if (a_len & 128) { \
+ ONETWENTYEIGHT_MUL \
+ } \
+ a_len = a_len & (-256); \
+ } \
+ if (a_len >= 256) { \
+ carry = CALL(a, a_len, b, c, carry); \
+ c += a_len; \
+ }
+
+#define FUNC_NAME(NAME) \
+ mp_digit NAME(const mp_digit *a, \
+ mp_size a_len, \
+ mp_digit b, mp_digit *c, \
+ mp_digit carry)
+
+#define DECLARE_MUL_256(FNAME) \
+ FUNC_NAME(FNAME) \
+ { \
+ mp_digit a_i; \
+ mp_digit a0b0, a1b1; \
+ while (a_len) { \
+ ONETWENTYEIGHT_MUL \
+ ONETWENTYEIGHT_MUL \
+ a_len -= 256; \
+ } \
+ return carry; \
+ }
+
+/* Expanding the loop in s_mpv_mul_d appeared to slow down the
+ (admittedly) small number of tests (i.e., timetest) used to
+ measure performance, so this define disables that optimization. */
+#define DO_NOT_EXPAND 1
+
+/* Need forward declaration so it can be instantiated after
+ the routine that uses it; this helps locality somewhat */
+#if !defined(DO_NOT_EXPAND)
+FUNC_NAME(s_mpv_mul_d_MUL256);
+#endif
+
+/* c = a * b */
+void
+s_mpv_mul_d(const mp_digit *a, mp_size a_len,
+ mp_digit b, mp_digit *c)
+{
+#if defined(DO_NOT_EXPAND)
+ mp_digit carry = 0;
+ while (a_len--) {
+ mp_digit a_i = *a++;
+ mp_digit a0b0, a1b1;
+
+ MP_MUL_DxD(a_i, b, a1b1, a0b0);
+
+ a0b0 += carry;
+ if (a0b0 < carry)
+ ++a1b1;
+ *c++ = a0b0;
+ carry = a1b1;
+ }
+#else
+ EXPAND_256(s_mpv_mul_d_MUL256)
+#endif
+ *c = carry;
+}
+
+#if !defined(DO_NOT_EXPAND)
+DECLARE_MUL_256(s_mpv_mul_d_MUL256)
+#endif
+
+#undef CARRY_ADD
+/* This is redefined for the loop in s_mpv_mul_d_add */
+#define CARRY_ADD \
+ a0b0 += a_i = *c; \
+ if (a0b0 < a_i) \
+ ++a1b1;
+
+/* Need forward declaration so it can be instantiated between the
+ two routines that use it; this helps locality somewhat */
+FUNC_NAME(s_mpv_mul_d_add_MUL256);
+
+/* c += a * b */
+void
+s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
+ mp_digit b, mp_digit *c)
+{
+ EXPAND_256(s_mpv_mul_d_add_MUL256)
+ *c = carry;
+}
+
+/* Instantiate multiply 256 routine here */
+DECLARE_MUL_256(s_mpv_mul_d_add_MUL256)
+
+/* Presently, this is only used by the Montgomery arithmetic code. */
+/* c += a * b */
+void
+s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len,
+ mp_digit b, mp_digit *c)
+{
+ EXPAND_256(s_mpv_mul_d_add_MUL256)
+ while (carry) {
+ mp_digit c_i = *c;
+ carry += c_i;
+ *c++ = carry;
+ carry = carry < c_i;
+ }
+}
diff --git a/security/nss/lib/freebl/mpi/mulsqr.c b/security/nss/lib/freebl/mpi/mulsqr.c
new file mode 100644
index 000000000..461d40ab3
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/mulsqr.c
@@ -0,0 +1,84 @@
+/*
+ * Test whether to include squaring code given the current settings
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <time.h>
+
+#define MP_SQUARE 1 /* make sure squaring code is included */
+
+#include "mpi.h"
+#include "mpprime.h"
+
+int
+main(int argc, char *argv[])
+{
+ int ntests, prec, ix;
+ unsigned int seed;
+ clock_t start, stop;
+ double multime, sqrtime;
+ mp_int a, c;
+
+ seed = (unsigned int)time(NULL);
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <ntests> <nbits>\n", argv[0]);
+ return 1;
+ }
+
+ if ((ntests = abs(atoi(argv[1]))) == 0) {
+ fprintf(stderr, "%s: must request at least 1 test.\n", argv[0]);
+ return 1;
+ }
+ if ((prec = abs(atoi(argv[2]))) < CHAR_BIT) {
+ fprintf(stderr, "%s: must request at least %d bits.\n", argv[0],
+ CHAR_BIT);
+ return 1;
+ }
+
+ prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
+
+ mp_init_size(&a, prec);
+ mp_init_size(&c, 2 * prec);
+
+ /* Test multiplication by self */
+ srand(seed);
+ start = clock();
+ for (ix = 0; ix < ntests; ix++) {
+ mpp_random_size(&a, prec);
+ mp_mul(&a, &a, &c);
+ }
+ stop = clock();
+
+ multime = (double)(stop - start) / CLOCKS_PER_SEC;
+
+ /* Test squaring */
+ srand(seed);
+ start = clock();
+ for (ix = 0; ix < ntests; ix++) {
+ mpp_random_size(&a, prec);
+ mp_sqr(&a, &c);
+ }
+ stop = clock();
+
+ sqrtime = (double)(stop - start) / CLOCKS_PER_SEC;
+
+ printf("Multiply: %.4f\n", multime);
+ printf("Square: %.4f\n", sqrtime);
+ if (multime < sqrtime) {
+ printf("Speedup: %.1f%%\n", 100.0 * (1.0 - multime / sqrtime));
+ printf("Prefer: multiply\n");
+ } else {
+ printf("Speedup: %.1f%%\n", 100.0 * (1.0 - sqrtime / multime));
+ printf("Prefer: square\n");
+ }
+
+ mp_clear(&a);
+ mp_clear(&c);
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/multest b/security/nss/lib/freebl/mpi/multest
new file mode 100755
index 000000000..24752e019
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/multest
@@ -0,0 +1,76 @@
+#!/bin/sh
+#
+# multest
+#
+# Run multiply and square timing tests, to compute a chart for the
+# current processor and compiler combination.
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ECHO=/bin/echo
+MAKE=gmake
+
+$ECHO "\n** Running multiply and square timing tests\n"
+
+$ECHO "Bringing 'mulsqr' up to date ... "
+if $MAKE mulsqr ; then
+ :
+else
+ $ECHO "\nMake failed to build mulsqr.\n"
+ exit 1
+fi
+
+if [ ! -x ./mulsqr ] ; then
+ $ECHO "\nCannot find 'mulsqr' program, testing cannot continue.\n"
+ exit 1
+fi
+
+sizes='64 128 192 256 320 384 448 512 640 768 896 1024 1536 2048'
+ntests=500000
+
+$ECHO "Running timing tests, please wait ... "
+
+trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
+
+touch tt$$.tmp
+$ECHO $ntests tests >> tt$$.tmp
+for size in $sizes ; do
+ $ECHO "$size bits ... \c"
+ set -A res `./mulsqr $ntests $size|head -3|tr -d '%'|awk '{print $2}'`
+ $ECHO $size"\t"${res[0]}"\t"${res[1]}"\t"${res[2]} >> tt$$.tmp
+ $ECHO "(done)"
+done
+mv tt$$.tmp mulsqr-results.txt
+rm -f tt$$.tmp
+
+$ECHO "\n** Running Karatsuba-Ofman multiplication tests\n"
+
+$ECHO "Brining 'karatsuba' up to date ... "
+if $MAKE karatsuba ; then
+ :
+else
+ $ECHO "\nMake failed to build karatsuba.\n"
+ exit 1
+fi
+
+if [ ! -x ./karatsuba ] ; then
+ $ECHO "\nCannot find 'karatsuba' program, testing cannot continue.\n"
+ exit 1
+fi
+
+ntests=100000
+
+trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
+
+touch tt$$.tmp
+for size in $sizes ; do
+ $ECHO "$size bits ... "
+ ./karatsuba $ntests $size >> tt$$.tmp
+ tail -2 tt$$.tmp
+done
+mv tt$$.tmp karatsuba-results.txt
+rm -f tt$$.tmp
+
+exit 0
diff --git a/security/nss/lib/freebl/mpi/primes.c b/security/nss/lib/freebl/mpi/primes.c
new file mode 100644
index 000000000..c8bd93ff9
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/primes.c
@@ -0,0 +1,841 @@
+/*
+ * These tables of primes wwere generated using the 'sieve' program
+ * (sieve.c) and converted to this format with 'ptab.pl'.
+ *
+ * The 'small' table is just the first 128 primes. The 'large' table
+ * is a table of all the prime values that will fit into a single
+ * mp_digit (given the current size of an mp_digit, which is two bytes).
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#if SMALL_TABLE
+#define MP_PRIME_TAB_SIZE 128
+#else
+#define MP_PRIME_TAB_SIZE 6542
+#endif
+
+const int prime_tab_size = MP_PRIME_TAB_SIZE;
+const mp_digit prime_tab[] = {
+ 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
+ 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
+ 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
+ 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083,
+ 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
+ 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
+ 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
+ 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
+ 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
+ 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
+ 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
+ 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
+ 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
+ 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
+ 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
+ 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
+#if !SMALL_TABLE
+ 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
+ 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
+ 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
+ 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
+ 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
+ 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
+ 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
+ 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
+ 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
+ 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
+ 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
+ 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
+ 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
+ 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
+ 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
+ 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653,
+ 0x0655, 0x065B, 0x0665, 0x0679, 0x067F, 0x0683, 0x0685, 0x069D,
+ 0x06A1, 0x06A3, 0x06AD, 0x06B9, 0x06BB, 0x06C5, 0x06CD, 0x06D3,
+ 0x06D9, 0x06DF, 0x06F1, 0x06F7, 0x06FB, 0x06FD, 0x0709, 0x0713,
+ 0x071F, 0x0727, 0x0737, 0x0745, 0x074B, 0x074F, 0x0751, 0x0755,
+ 0x0757, 0x0761, 0x076D, 0x0773, 0x0779, 0x078B, 0x078D, 0x079D,
+ 0x079F, 0x07B5, 0x07BB, 0x07C3, 0x07C9, 0x07CD, 0x07CF, 0x07D3,
+ 0x07DB, 0x07E1, 0x07EB, 0x07ED, 0x07F7, 0x0805, 0x080F, 0x0815,
+ 0x0821, 0x0823, 0x0827, 0x0829, 0x0833, 0x083F, 0x0841, 0x0851,
+ 0x0853, 0x0859, 0x085D, 0x085F, 0x0869, 0x0871, 0x0883, 0x089B,
+ 0x089F, 0x08A5, 0x08AD, 0x08BD, 0x08BF, 0x08C3, 0x08CB, 0x08DB,
+ 0x08DD, 0x08E1, 0x08E9, 0x08EF, 0x08F5, 0x08F9, 0x0905, 0x0907,
+ 0x091D, 0x0923, 0x0925, 0x092B, 0x092F, 0x0935, 0x0943, 0x0949,
+ 0x094D, 0x094F, 0x0955, 0x0959, 0x095F, 0x096B, 0x0971, 0x0977,
+ 0x0985, 0x0989, 0x098F, 0x099B, 0x09A3, 0x09A9, 0x09AD, 0x09C7,
+ 0x09D9, 0x09E3, 0x09EB, 0x09EF, 0x09F5, 0x09F7, 0x09FD, 0x0A13,
+ 0x0A1F, 0x0A21, 0x0A31, 0x0A39, 0x0A3D, 0x0A49, 0x0A57, 0x0A61,
+ 0x0A63, 0x0A67, 0x0A6F, 0x0A75, 0x0A7B, 0x0A7F, 0x0A81, 0x0A85,
+ 0x0A8B, 0x0A93, 0x0A97, 0x0A99, 0x0A9F, 0x0AA9, 0x0AAB, 0x0AB5,
+ 0x0ABD, 0x0AC1, 0x0ACF, 0x0AD9, 0x0AE5, 0x0AE7, 0x0AED, 0x0AF1,
+ 0x0AF3, 0x0B03, 0x0B11, 0x0B15, 0x0B1B, 0x0B23, 0x0B29, 0x0B2D,
+ 0x0B3F, 0x0B47, 0x0B51, 0x0B57, 0x0B5D, 0x0B65, 0x0B6F, 0x0B7B,
+ 0x0B89, 0x0B8D, 0x0B93, 0x0B99, 0x0B9B, 0x0BB7, 0x0BB9, 0x0BC3,
+ 0x0BCB, 0x0BCF, 0x0BDD, 0x0BE1, 0x0BE9, 0x0BF5, 0x0BFB, 0x0C07,
+ 0x0C0B, 0x0C11, 0x0C25, 0x0C2F, 0x0C31, 0x0C41, 0x0C5B, 0x0C5F,
+ 0x0C61, 0x0C6D, 0x0C73, 0x0C77, 0x0C83, 0x0C89, 0x0C91, 0x0C95,
+ 0x0C9D, 0x0CB3, 0x0CB5, 0x0CB9, 0x0CBB, 0x0CC7, 0x0CE3, 0x0CE5,
+ 0x0CEB, 0x0CF1, 0x0CF7, 0x0CFB, 0x0D01, 0x0D03, 0x0D0F, 0x0D13,
+ 0x0D1F, 0x0D21, 0x0D2B, 0x0D2D, 0x0D3D, 0x0D3F, 0x0D4F, 0x0D55,
+ 0x0D69, 0x0D79, 0x0D81, 0x0D85, 0x0D87, 0x0D8B, 0x0D8D, 0x0DA3,
+ 0x0DAB, 0x0DB7, 0x0DBD, 0x0DC7, 0x0DC9, 0x0DCD, 0x0DD3, 0x0DD5,
+ 0x0DDB, 0x0DE5, 0x0DE7, 0x0DF3, 0x0DFD, 0x0DFF, 0x0E09, 0x0E17,
+ 0x0E1D, 0x0E21, 0x0E27, 0x0E2F, 0x0E35, 0x0E3B, 0x0E4B, 0x0E57,
+ 0x0E59, 0x0E5D, 0x0E6B, 0x0E71, 0x0E75, 0x0E7D, 0x0E87, 0x0E8F,
+ 0x0E95, 0x0E9B, 0x0EB1, 0x0EB7, 0x0EB9, 0x0EC3, 0x0ED1, 0x0ED5,
+ 0x0EDB, 0x0EED, 0x0EEF, 0x0EF9, 0x0F07, 0x0F0B, 0x0F0D, 0x0F17,
+ 0x0F25, 0x0F29, 0x0F31, 0x0F43, 0x0F47, 0x0F4D, 0x0F4F, 0x0F53,
+ 0x0F59, 0x0F5B, 0x0F67, 0x0F6B, 0x0F7F, 0x0F95, 0x0FA1, 0x0FA3,
+ 0x0FA7, 0x0FAD, 0x0FB3, 0x0FB5, 0x0FBB, 0x0FD1, 0x0FD3, 0x0FD9,
+ 0x0FE9, 0x0FEF, 0x0FFB, 0x0FFD, 0x1003, 0x100F, 0x101F, 0x1021,
+ 0x1025, 0x102B, 0x1039, 0x103D, 0x103F, 0x1051, 0x1069, 0x1073,
+ 0x1079, 0x107B, 0x1085, 0x1087, 0x1091, 0x1093, 0x109D, 0x10A3,
+ 0x10A5, 0x10AF, 0x10B1, 0x10BB, 0x10C1, 0x10C9, 0x10E7, 0x10F1,
+ 0x10F3, 0x10FD, 0x1105, 0x110B, 0x1115, 0x1127, 0x112D, 0x1139,
+ 0x1145, 0x1147, 0x1159, 0x115F, 0x1163, 0x1169, 0x116F, 0x1181,
+ 0x1183, 0x118D, 0x119B, 0x11A1, 0x11A5, 0x11A7, 0x11AB, 0x11C3,
+ 0x11C5, 0x11D1, 0x11D7, 0x11E7, 0x11EF, 0x11F5, 0x11FB, 0x120D,
+ 0x121D, 0x121F, 0x1223, 0x1229, 0x122B, 0x1231, 0x1237, 0x1241,
+ 0x1247, 0x1253, 0x125F, 0x1271, 0x1273, 0x1279, 0x127D, 0x128F,
+ 0x1297, 0x12AF, 0x12B3, 0x12B5, 0x12B9, 0x12BF, 0x12C1, 0x12CD,
+ 0x12D1, 0x12DF, 0x12FD, 0x1307, 0x130D, 0x1319, 0x1327, 0x132D,
+ 0x1337, 0x1343, 0x1345, 0x1349, 0x134F, 0x1357, 0x135D, 0x1367,
+ 0x1369, 0x136D, 0x137B, 0x1381, 0x1387, 0x138B, 0x1391, 0x1393,
+ 0x139D, 0x139F, 0x13AF, 0x13BB, 0x13C3, 0x13D5, 0x13D9, 0x13DF,
+ 0x13EB, 0x13ED, 0x13F3, 0x13F9, 0x13FF, 0x141B, 0x1421, 0x142F,
+ 0x1433, 0x143B, 0x1445, 0x144D, 0x1459, 0x146B, 0x146F, 0x1471,
+ 0x1475, 0x148D, 0x1499, 0x149F, 0x14A1, 0x14B1, 0x14B7, 0x14BD,
+ 0x14CB, 0x14D5, 0x14E3, 0x14E7, 0x1505, 0x150B, 0x1511, 0x1517,
+ 0x151F, 0x1525, 0x1529, 0x152B, 0x1537, 0x153D, 0x1541, 0x1543,
+ 0x1549, 0x155F, 0x1565, 0x1567, 0x156B, 0x157D, 0x157F, 0x1583,
+ 0x158F, 0x1591, 0x1597, 0x159B, 0x15B5, 0x15BB, 0x15C1, 0x15C5,
+ 0x15CD, 0x15D7, 0x15F7, 0x1607, 0x1609, 0x160F, 0x1613, 0x1615,
+ 0x1619, 0x161B, 0x1625, 0x1633, 0x1639, 0x163D, 0x1645, 0x164F,
+ 0x1655, 0x1669, 0x166D, 0x166F, 0x1675, 0x1693, 0x1697, 0x169F,
+ 0x16A9, 0x16AF, 0x16B5, 0x16BD, 0x16C3, 0x16CF, 0x16D3, 0x16D9,
+ 0x16DB, 0x16E1, 0x16E5, 0x16EB, 0x16ED, 0x16F7, 0x16F9, 0x1709,
+ 0x170F, 0x1723, 0x1727, 0x1733, 0x1741, 0x175D, 0x1763, 0x1777,
+ 0x177B, 0x178D, 0x1795, 0x179B, 0x179F, 0x17A5, 0x17B3, 0x17B9,
+ 0x17BF, 0x17C9, 0x17CB, 0x17D5, 0x17E1, 0x17E9, 0x17F3, 0x17F5,
+ 0x17FF, 0x1807, 0x1813, 0x181D, 0x1835, 0x1837, 0x183B, 0x1843,
+ 0x1849, 0x184D, 0x1855, 0x1867, 0x1871, 0x1877, 0x187D, 0x187F,
+ 0x1885, 0x188F, 0x189B, 0x189D, 0x18A7, 0x18AD, 0x18B3, 0x18B9,
+ 0x18C1, 0x18C7, 0x18D1, 0x18D7, 0x18D9, 0x18DF, 0x18E5, 0x18EB,
+ 0x18F5, 0x18FD, 0x1915, 0x191B, 0x1931, 0x1933, 0x1945, 0x1949,
+ 0x1951, 0x195B, 0x1979, 0x1981, 0x1993, 0x1997, 0x1999, 0x19A3,
+ 0x19A9, 0x19AB, 0x19B1, 0x19B5, 0x19C7, 0x19CF, 0x19DB, 0x19ED,
+ 0x19FD, 0x1A03, 0x1A05, 0x1A11, 0x1A17, 0x1A21, 0x1A23, 0x1A2D,
+ 0x1A2F, 0x1A35, 0x1A3F, 0x1A4D, 0x1A51, 0x1A69, 0x1A6B, 0x1A7B,
+ 0x1A7D, 0x1A87, 0x1A89, 0x1A93, 0x1AA7, 0x1AAB, 0x1AAD, 0x1AB1,
+ 0x1AB9, 0x1AC9, 0x1ACF, 0x1AD5, 0x1AD7, 0x1AE3, 0x1AF3, 0x1AFB,
+ 0x1AFF, 0x1B05, 0x1B23, 0x1B25, 0x1B2F, 0x1B31, 0x1B37, 0x1B3B,
+ 0x1B41, 0x1B47, 0x1B4F, 0x1B55, 0x1B59, 0x1B65, 0x1B6B, 0x1B73,
+ 0x1B7F, 0x1B83, 0x1B91, 0x1B9D, 0x1BA7, 0x1BBF, 0x1BC5, 0x1BD1,
+ 0x1BD7, 0x1BD9, 0x1BEF, 0x1BF7, 0x1C09, 0x1C13, 0x1C19, 0x1C27,
+ 0x1C2B, 0x1C2D, 0x1C33, 0x1C3D, 0x1C45, 0x1C4B, 0x1C4F, 0x1C55,
+ 0x1C73, 0x1C81, 0x1C8B, 0x1C8D, 0x1C99, 0x1CA3, 0x1CA5, 0x1CB5,
+ 0x1CB7, 0x1CC9, 0x1CE1, 0x1CF3, 0x1CF9, 0x1D09, 0x1D1B, 0x1D21,
+ 0x1D23, 0x1D35, 0x1D39, 0x1D3F, 0x1D41, 0x1D4B, 0x1D53, 0x1D5D,
+ 0x1D63, 0x1D69, 0x1D71, 0x1D75, 0x1D7B, 0x1D7D, 0x1D87, 0x1D89,
+ 0x1D95, 0x1D99, 0x1D9F, 0x1DA5, 0x1DA7, 0x1DB3, 0x1DB7, 0x1DC5,
+ 0x1DD7, 0x1DDB, 0x1DE1, 0x1DF5, 0x1DF9, 0x1E01, 0x1E07, 0x1E0B,
+ 0x1E13, 0x1E17, 0x1E25, 0x1E2B, 0x1E2F, 0x1E3D, 0x1E49, 0x1E4D,
+ 0x1E4F, 0x1E6D, 0x1E71, 0x1E89, 0x1E8F, 0x1E95, 0x1EA1, 0x1EAD,
+ 0x1EBB, 0x1EC1, 0x1EC5, 0x1EC7, 0x1ECB, 0x1EDD, 0x1EE3, 0x1EEF,
+ 0x1EF7, 0x1EFD, 0x1F01, 0x1F0D, 0x1F0F, 0x1F1B, 0x1F39, 0x1F49,
+ 0x1F4B, 0x1F51, 0x1F67, 0x1F75, 0x1F7B, 0x1F85, 0x1F91, 0x1F97,
+ 0x1F99, 0x1F9D, 0x1FA5, 0x1FAF, 0x1FB5, 0x1FBB, 0x1FD3, 0x1FE1,
+ 0x1FE7, 0x1FEB, 0x1FF3, 0x1FFF, 0x2011, 0x201B, 0x201D, 0x2027,
+ 0x2029, 0x202D, 0x2033, 0x2047, 0x204D, 0x2051, 0x205F, 0x2063,
+ 0x2065, 0x2069, 0x2077, 0x207D, 0x2089, 0x20A1, 0x20AB, 0x20B1,
+ 0x20B9, 0x20C3, 0x20C5, 0x20E3, 0x20E7, 0x20ED, 0x20EF, 0x20FB,
+ 0x20FF, 0x210D, 0x2113, 0x2135, 0x2141, 0x2149, 0x214F, 0x2159,
+ 0x215B, 0x215F, 0x2173, 0x217D, 0x2185, 0x2195, 0x2197, 0x21A1,
+ 0x21AF, 0x21B3, 0x21B5, 0x21C1, 0x21C7, 0x21D7, 0x21DD, 0x21E5,
+ 0x21E9, 0x21F1, 0x21F5, 0x21FB, 0x2203, 0x2209, 0x220F, 0x221B,
+ 0x2221, 0x2225, 0x222B, 0x2231, 0x2239, 0x224B, 0x224F, 0x2263,
+ 0x2267, 0x2273, 0x2275, 0x227F, 0x2285, 0x2287, 0x2291, 0x229D,
+ 0x229F, 0x22A3, 0x22B7, 0x22BD, 0x22DB, 0x22E1, 0x22E5, 0x22ED,
+ 0x22F7, 0x2303, 0x2309, 0x230B, 0x2327, 0x2329, 0x232F, 0x2333,
+ 0x2335, 0x2345, 0x2351, 0x2353, 0x2359, 0x2363, 0x236B, 0x2383,
+ 0x238F, 0x2395, 0x23A7, 0x23AD, 0x23B1, 0x23BF, 0x23C5, 0x23C9,
+ 0x23D5, 0x23DD, 0x23E3, 0x23EF, 0x23F3, 0x23F9, 0x2405, 0x240B,
+ 0x2417, 0x2419, 0x2429, 0x243D, 0x2441, 0x2443, 0x244D, 0x245F,
+ 0x2467, 0x246B, 0x2479, 0x247D, 0x247F, 0x2485, 0x249B, 0x24A1,
+ 0x24AF, 0x24B5, 0x24BB, 0x24C5, 0x24CB, 0x24CD, 0x24D7, 0x24D9,
+ 0x24DD, 0x24DF, 0x24F5, 0x24F7, 0x24FB, 0x2501, 0x2507, 0x2513,
+ 0x2519, 0x2527, 0x2531, 0x253D, 0x2543, 0x254B, 0x254F, 0x2573,
+ 0x2581, 0x258D, 0x2593, 0x2597, 0x259D, 0x259F, 0x25AB, 0x25B1,
+ 0x25BD, 0x25CD, 0x25CF, 0x25D9, 0x25E1, 0x25F7, 0x25F9, 0x2605,
+ 0x260B, 0x260F, 0x2615, 0x2627, 0x2629, 0x2635, 0x263B, 0x263F,
+ 0x264B, 0x2653, 0x2659, 0x2665, 0x2669, 0x266F, 0x267B, 0x2681,
+ 0x2683, 0x268F, 0x269B, 0x269F, 0x26AD, 0x26B3, 0x26C3, 0x26C9,
+ 0x26CB, 0x26D5, 0x26DD, 0x26EF, 0x26F5, 0x2717, 0x2719, 0x2735,
+ 0x2737, 0x274D, 0x2753, 0x2755, 0x275F, 0x276B, 0x276D, 0x2773,
+ 0x2777, 0x277F, 0x2795, 0x279B, 0x279D, 0x27A7, 0x27AF, 0x27B3,
+ 0x27B9, 0x27C1, 0x27C5, 0x27D1, 0x27E3, 0x27EF, 0x2803, 0x2807,
+ 0x280D, 0x2813, 0x281B, 0x281F, 0x2821, 0x2831, 0x283D, 0x283F,
+ 0x2849, 0x2851, 0x285B, 0x285D, 0x2861, 0x2867, 0x2875, 0x2881,
+ 0x2897, 0x289F, 0x28BB, 0x28BD, 0x28C1, 0x28D5, 0x28D9, 0x28DB,
+ 0x28DF, 0x28ED, 0x28F7, 0x2903, 0x2905, 0x2911, 0x2921, 0x2923,
+ 0x293F, 0x2947, 0x295D, 0x2965, 0x2969, 0x296F, 0x2975, 0x2983,
+ 0x2987, 0x298F, 0x299B, 0x29A1, 0x29A7, 0x29AB, 0x29BF, 0x29C3,
+ 0x29D5, 0x29D7, 0x29E3, 0x29E9, 0x29ED, 0x29F3, 0x2A01, 0x2A13,
+ 0x2A1D, 0x2A25, 0x2A2F, 0x2A4F, 0x2A55, 0x2A5F, 0x2A65, 0x2A6B,
+ 0x2A6D, 0x2A73, 0x2A83, 0x2A89, 0x2A8B, 0x2A97, 0x2A9D, 0x2AB9,
+ 0x2ABB, 0x2AC5, 0x2ACD, 0x2ADD, 0x2AE3, 0x2AEB, 0x2AF1, 0x2AFB,
+ 0x2B13, 0x2B27, 0x2B31, 0x2B33, 0x2B3D, 0x2B3F, 0x2B4B, 0x2B4F,
+ 0x2B55, 0x2B69, 0x2B6D, 0x2B6F, 0x2B7B, 0x2B8D, 0x2B97, 0x2B99,
+ 0x2BA3, 0x2BA5, 0x2BA9, 0x2BBD, 0x2BCD, 0x2BE7, 0x2BEB, 0x2BF3,
+ 0x2BF9, 0x2BFD, 0x2C09, 0x2C0F, 0x2C17, 0x2C23, 0x2C2F, 0x2C35,
+ 0x2C39, 0x2C41, 0x2C57, 0x2C59, 0x2C69, 0x2C77, 0x2C81, 0x2C87,
+ 0x2C93, 0x2C9F, 0x2CAD, 0x2CB3, 0x2CB7, 0x2CCB, 0x2CCF, 0x2CDB,
+ 0x2CE1, 0x2CE3, 0x2CE9, 0x2CEF, 0x2CFF, 0x2D07, 0x2D1D, 0x2D1F,
+ 0x2D3B, 0x2D43, 0x2D49, 0x2D4D, 0x2D61, 0x2D65, 0x2D71, 0x2D89,
+ 0x2D9D, 0x2DA1, 0x2DA9, 0x2DB3, 0x2DB5, 0x2DC5, 0x2DC7, 0x2DD3,
+ 0x2DDF, 0x2E01, 0x2E03, 0x2E07, 0x2E0D, 0x2E19, 0x2E1F, 0x2E25,
+ 0x2E2D, 0x2E33, 0x2E37, 0x2E39, 0x2E3F, 0x2E57, 0x2E5B, 0x2E6F,
+ 0x2E79, 0x2E7F, 0x2E85, 0x2E93, 0x2E97, 0x2E9D, 0x2EA3, 0x2EA5,
+ 0x2EB1, 0x2EB7, 0x2EC1, 0x2EC3, 0x2ECD, 0x2ED3, 0x2EE7, 0x2EEB,
+ 0x2F05, 0x2F09, 0x2F0B, 0x2F11, 0x2F27, 0x2F29, 0x2F41, 0x2F45,
+ 0x2F4B, 0x2F4D, 0x2F51, 0x2F57, 0x2F6F, 0x2F75, 0x2F7D, 0x2F81,
+ 0x2F83, 0x2FA5, 0x2FAB, 0x2FB3, 0x2FC3, 0x2FCF, 0x2FD1, 0x2FDB,
+ 0x2FDD, 0x2FE7, 0x2FED, 0x2FF5, 0x2FF9, 0x3001, 0x300D, 0x3023,
+ 0x3029, 0x3037, 0x303B, 0x3055, 0x3059, 0x305B, 0x3067, 0x3071,
+ 0x3079, 0x307D, 0x3085, 0x3091, 0x3095, 0x30A3, 0x30A9, 0x30B9,
+ 0x30BF, 0x30C7, 0x30CB, 0x30D1, 0x30D7, 0x30DF, 0x30E5, 0x30EF,
+ 0x30FB, 0x30FD, 0x3103, 0x3109, 0x3119, 0x3121, 0x3127, 0x312D,
+ 0x3139, 0x3143, 0x3145, 0x314B, 0x315D, 0x3161, 0x3167, 0x316D,
+ 0x3173, 0x317F, 0x3191, 0x3199, 0x319F, 0x31A9, 0x31B1, 0x31C3,
+ 0x31C7, 0x31D5, 0x31DB, 0x31ED, 0x31F7, 0x31FF, 0x3209, 0x3215,
+ 0x3217, 0x321D, 0x3229, 0x3235, 0x3259, 0x325D, 0x3263, 0x326B,
+ 0x326F, 0x3275, 0x3277, 0x327B, 0x328D, 0x3299, 0x329F, 0x32A7,
+ 0x32AD, 0x32B3, 0x32B7, 0x32C9, 0x32CB, 0x32CF, 0x32D1, 0x32E9,
+ 0x32ED, 0x32F3, 0x32F9, 0x3307, 0x3325, 0x332B, 0x332F, 0x3335,
+ 0x3341, 0x3347, 0x335B, 0x335F, 0x3367, 0x336B, 0x3373, 0x3379,
+ 0x337F, 0x3383, 0x33A1, 0x33A3, 0x33AD, 0x33B9, 0x33C1, 0x33CB,
+ 0x33D3, 0x33EB, 0x33F1, 0x33FD, 0x3401, 0x340F, 0x3413, 0x3419,
+ 0x341B, 0x3437, 0x3445, 0x3455, 0x3457, 0x3463, 0x3469, 0x346D,
+ 0x3481, 0x348B, 0x3491, 0x3497, 0x349D, 0x34A5, 0x34AF, 0x34BB,
+ 0x34C9, 0x34D3, 0x34E1, 0x34F1, 0x34FF, 0x3509, 0x3517, 0x351D,
+ 0x352D, 0x3533, 0x353B, 0x3541, 0x3551, 0x3565, 0x356F, 0x3571,
+ 0x3577, 0x357B, 0x357D, 0x3581, 0x358D, 0x358F, 0x3599, 0x359B,
+ 0x35A1, 0x35B7, 0x35BD, 0x35BF, 0x35C3, 0x35D5, 0x35DD, 0x35E7,
+ 0x35EF, 0x3605, 0x3607, 0x3611, 0x3623, 0x3631, 0x3635, 0x3637,
+ 0x363B, 0x364D, 0x364F, 0x3653, 0x3659, 0x3661, 0x366B, 0x366D,
+ 0x368B, 0x368F, 0x36AD, 0x36AF, 0x36B9, 0x36BB, 0x36CD, 0x36D1,
+ 0x36E3, 0x36E9, 0x36F7, 0x3701, 0x3703, 0x3707, 0x371B, 0x373F,
+ 0x3745, 0x3749, 0x374F, 0x375D, 0x3761, 0x3775, 0x377F, 0x378D,
+ 0x37A3, 0x37A9, 0x37AB, 0x37C9, 0x37D5, 0x37DF, 0x37F1, 0x37F3,
+ 0x37F7, 0x3805, 0x380B, 0x3821, 0x3833, 0x3835, 0x3841, 0x3847,
+ 0x384B, 0x3853, 0x3857, 0x385F, 0x3865, 0x386F, 0x3871, 0x387D,
+ 0x388F, 0x3899, 0x38A7, 0x38B7, 0x38C5, 0x38C9, 0x38CF, 0x38D5,
+ 0x38D7, 0x38DD, 0x38E1, 0x38E3, 0x38FF, 0x3901, 0x391D, 0x3923,
+ 0x3925, 0x3929, 0x392F, 0x393D, 0x3941, 0x394D, 0x395B, 0x396B,
+ 0x3979, 0x397D, 0x3983, 0x398B, 0x3991, 0x3995, 0x399B, 0x39A1,
+ 0x39A7, 0x39AF, 0x39B3, 0x39BB, 0x39BF, 0x39CD, 0x39DD, 0x39E5,
+ 0x39EB, 0x39EF, 0x39FB, 0x3A03, 0x3A13, 0x3A15, 0x3A1F, 0x3A27,
+ 0x3A2B, 0x3A31, 0x3A4B, 0x3A51, 0x3A5B, 0x3A63, 0x3A67, 0x3A6D,
+ 0x3A79, 0x3A87, 0x3AA5, 0x3AA9, 0x3AB7, 0x3ACD, 0x3AD5, 0x3AE1,
+ 0x3AE5, 0x3AEB, 0x3AF3, 0x3AFD, 0x3B03, 0x3B11, 0x3B1B, 0x3B21,
+ 0x3B23, 0x3B2D, 0x3B39, 0x3B45, 0x3B53, 0x3B59, 0x3B5F, 0x3B71,
+ 0x3B7B, 0x3B81, 0x3B89, 0x3B9B, 0x3B9F, 0x3BA5, 0x3BA7, 0x3BAD,
+ 0x3BB7, 0x3BB9, 0x3BC3, 0x3BCB, 0x3BD1, 0x3BD7, 0x3BE1, 0x3BE3,
+ 0x3BF5, 0x3BFF, 0x3C01, 0x3C0D, 0x3C11, 0x3C17, 0x3C1F, 0x3C29,
+ 0x3C35, 0x3C43, 0x3C4F, 0x3C53, 0x3C5B, 0x3C65, 0x3C6B, 0x3C71,
+ 0x3C85, 0x3C89, 0x3C97, 0x3CA7, 0x3CB5, 0x3CBF, 0x3CC7, 0x3CD1,
+ 0x3CDD, 0x3CDF, 0x3CF1, 0x3CF7, 0x3D03, 0x3D0D, 0x3D19, 0x3D1B,
+ 0x3D1F, 0x3D21, 0x3D2D, 0x3D33, 0x3D37, 0x3D3F, 0x3D43, 0x3D6F,
+ 0x3D73, 0x3D75, 0x3D79, 0x3D7B, 0x3D85, 0x3D91, 0x3D97, 0x3D9D,
+ 0x3DAB, 0x3DAF, 0x3DB5, 0x3DBB, 0x3DC1, 0x3DC9, 0x3DCF, 0x3DF3,
+ 0x3E05, 0x3E09, 0x3E0F, 0x3E11, 0x3E1D, 0x3E23, 0x3E29, 0x3E2F,
+ 0x3E33, 0x3E41, 0x3E57, 0x3E63, 0x3E65, 0x3E77, 0x3E81, 0x3E87,
+ 0x3EA1, 0x3EB9, 0x3EBD, 0x3EBF, 0x3EC3, 0x3EC5, 0x3EC9, 0x3ED7,
+ 0x3EDB, 0x3EE1, 0x3EE7, 0x3EEF, 0x3EFF, 0x3F0B, 0x3F0D, 0x3F37,
+ 0x3F3B, 0x3F3D, 0x3F41, 0x3F59, 0x3F5F, 0x3F65, 0x3F67, 0x3F79,
+ 0x3F7D, 0x3F8B, 0x3F91, 0x3FAD, 0x3FBF, 0x3FCD, 0x3FD3, 0x3FDD,
+ 0x3FE9, 0x3FEB, 0x3FF1, 0x3FFD, 0x401B, 0x4021, 0x4025, 0x402B,
+ 0x4031, 0x403F, 0x4043, 0x4045, 0x405D, 0x4061, 0x4067, 0x406D,
+ 0x4087, 0x4091, 0x40A3, 0x40A9, 0x40B1, 0x40B7, 0x40BD, 0x40DB,
+ 0x40DF, 0x40EB, 0x40F7, 0x40F9, 0x4109, 0x410B, 0x4111, 0x4115,
+ 0x4121, 0x4133, 0x4135, 0x413B, 0x413F, 0x4159, 0x4165, 0x416B,
+ 0x4177, 0x417B, 0x4193, 0x41AB, 0x41B7, 0x41BD, 0x41BF, 0x41CB,
+ 0x41E7, 0x41EF, 0x41F3, 0x41F9, 0x4205, 0x4207, 0x4219, 0x421F,
+ 0x4223, 0x4229, 0x422F, 0x4243, 0x4253, 0x4255, 0x425B, 0x4261,
+ 0x4273, 0x427D, 0x4283, 0x4285, 0x4289, 0x4291, 0x4297, 0x429D,
+ 0x42B5, 0x42C5, 0x42CB, 0x42D3, 0x42DD, 0x42E3, 0x42F1, 0x4307,
+ 0x430F, 0x431F, 0x4325, 0x4327, 0x4333, 0x4337, 0x4339, 0x434F,
+ 0x4357, 0x4369, 0x438B, 0x438D, 0x4393, 0x43A5, 0x43A9, 0x43AF,
+ 0x43B5, 0x43BD, 0x43C7, 0x43CF, 0x43E1, 0x43E7, 0x43EB, 0x43ED,
+ 0x43F1, 0x43F9, 0x4409, 0x440B, 0x4417, 0x4423, 0x4429, 0x443B,
+ 0x443F, 0x4445, 0x444B, 0x4451, 0x4453, 0x4459, 0x4465, 0x446F,
+ 0x4483, 0x448F, 0x44A1, 0x44A5, 0x44AB, 0x44AD, 0x44BD, 0x44BF,
+ 0x44C9, 0x44D7, 0x44DB, 0x44F9, 0x44FB, 0x4505, 0x4511, 0x4513,
+ 0x452B, 0x4531, 0x4541, 0x4549, 0x4553, 0x4555, 0x4561, 0x4577,
+ 0x457D, 0x457F, 0x458F, 0x45A3, 0x45AD, 0x45AF, 0x45BB, 0x45C7,
+ 0x45D9, 0x45E3, 0x45EF, 0x45F5, 0x45F7, 0x4601, 0x4603, 0x4609,
+ 0x4613, 0x4625, 0x4627, 0x4633, 0x4639, 0x463D, 0x4643, 0x4645,
+ 0x465D, 0x4679, 0x467B, 0x467F, 0x4681, 0x468B, 0x468D, 0x469D,
+ 0x46A9, 0x46B1, 0x46C7, 0x46C9, 0x46CF, 0x46D3, 0x46D5, 0x46DF,
+ 0x46E5, 0x46F9, 0x4705, 0x470F, 0x4717, 0x4723, 0x4729, 0x472F,
+ 0x4735, 0x4739, 0x474B, 0x474D, 0x4751, 0x475D, 0x476F, 0x4771,
+ 0x477D, 0x4783, 0x4787, 0x4789, 0x4799, 0x47A5, 0x47B1, 0x47BF,
+ 0x47C3, 0x47CB, 0x47DD, 0x47E1, 0x47ED, 0x47FB, 0x4801, 0x4807,
+ 0x480B, 0x4813, 0x4819, 0x481D, 0x4831, 0x483D, 0x4847, 0x4855,
+ 0x4859, 0x485B, 0x486B, 0x486D, 0x4879, 0x4897, 0x489B, 0x48A1,
+ 0x48B9, 0x48CD, 0x48E5, 0x48EF, 0x48F7, 0x4903, 0x490D, 0x4919,
+ 0x491F, 0x492B, 0x4937, 0x493D, 0x4945, 0x4955, 0x4963, 0x4969,
+ 0x496D, 0x4973, 0x4997, 0x49AB, 0x49B5, 0x49D3, 0x49DF, 0x49E1,
+ 0x49E5, 0x49E7, 0x4A03, 0x4A0F, 0x4A1D, 0x4A23, 0x4A39, 0x4A41,
+ 0x4A45, 0x4A57, 0x4A5D, 0x4A6B, 0x4A7D, 0x4A81, 0x4A87, 0x4A89,
+ 0x4A8F, 0x4AB1, 0x4AC3, 0x4AC5, 0x4AD5, 0x4ADB, 0x4AED, 0x4AEF,
+ 0x4B07, 0x4B0B, 0x4B0D, 0x4B13, 0x4B1F, 0x4B25, 0x4B31, 0x4B3B,
+ 0x4B43, 0x4B49, 0x4B59, 0x4B65, 0x4B6D, 0x4B77, 0x4B85, 0x4BAD,
+ 0x4BB3, 0x4BB5, 0x4BBB, 0x4BBF, 0x4BCB, 0x4BD9, 0x4BDD, 0x4BDF,
+ 0x4BE3, 0x4BE5, 0x4BE9, 0x4BF1, 0x4BF7, 0x4C01, 0x4C07, 0x4C0D,
+ 0x4C0F, 0x4C15, 0x4C1B, 0x4C21, 0x4C2D, 0x4C33, 0x4C4B, 0x4C55,
+ 0x4C57, 0x4C61, 0x4C67, 0x4C73, 0x4C79, 0x4C7F, 0x4C8D, 0x4C93,
+ 0x4C99, 0x4CCD, 0x4CE1, 0x4CE7, 0x4CF1, 0x4CF3, 0x4CFD, 0x4D05,
+ 0x4D0F, 0x4D1B, 0x4D27, 0x4D29, 0x4D2F, 0x4D33, 0x4D41, 0x4D51,
+ 0x4D59, 0x4D65, 0x4D6B, 0x4D81, 0x4D83, 0x4D8D, 0x4D95, 0x4D9B,
+ 0x4DB1, 0x4DB3, 0x4DC9, 0x4DCF, 0x4DD7, 0x4DE1, 0x4DED, 0x4DF9,
+ 0x4DFB, 0x4E05, 0x4E0B, 0x4E17, 0x4E19, 0x4E1D, 0x4E2B, 0x4E35,
+ 0x4E37, 0x4E3D, 0x4E4F, 0x4E53, 0x4E5F, 0x4E67, 0x4E79, 0x4E85,
+ 0x4E8B, 0x4E91, 0x4E95, 0x4E9B, 0x4EA1, 0x4EAF, 0x4EB3, 0x4EB5,
+ 0x4EC1, 0x4ECD, 0x4ED1, 0x4ED7, 0x4EE9, 0x4EFB, 0x4F07, 0x4F09,
+ 0x4F19, 0x4F25, 0x4F2D, 0x4F3F, 0x4F49, 0x4F63, 0x4F67, 0x4F6D,
+ 0x4F75, 0x4F7B, 0x4F81, 0x4F85, 0x4F87, 0x4F91, 0x4FA5, 0x4FA9,
+ 0x4FAF, 0x4FB7, 0x4FBB, 0x4FCF, 0x4FD9, 0x4FDB, 0x4FFD, 0x4FFF,
+ 0x5003, 0x501B, 0x501D, 0x5029, 0x5035, 0x503F, 0x5045, 0x5047,
+ 0x5053, 0x5071, 0x5077, 0x5083, 0x5093, 0x509F, 0x50A1, 0x50B7,
+ 0x50C9, 0x50D5, 0x50E3, 0x50ED, 0x50EF, 0x50FB, 0x5107, 0x510B,
+ 0x510D, 0x5111, 0x5117, 0x5123, 0x5125, 0x5135, 0x5147, 0x5149,
+ 0x5171, 0x5179, 0x5189, 0x518F, 0x5197, 0x51A1, 0x51A3, 0x51A7,
+ 0x51B9, 0x51C1, 0x51CB, 0x51D3, 0x51DF, 0x51E3, 0x51F5, 0x51F7,
+ 0x5209, 0x5213, 0x5215, 0x5219, 0x521B, 0x521F, 0x5227, 0x5243,
+ 0x5245, 0x524B, 0x5261, 0x526D, 0x5273, 0x5281, 0x5293, 0x5297,
+ 0x529D, 0x52A5, 0x52AB, 0x52B1, 0x52BB, 0x52C3, 0x52C7, 0x52C9,
+ 0x52DB, 0x52E5, 0x52EB, 0x52FF, 0x5315, 0x531D, 0x5323, 0x5341,
+ 0x5345, 0x5347, 0x534B, 0x535D, 0x5363, 0x5381, 0x5383, 0x5387,
+ 0x538F, 0x5395, 0x5399, 0x539F, 0x53AB, 0x53B9, 0x53DB, 0x53E9,
+ 0x53EF, 0x53F3, 0x53F5, 0x53FB, 0x53FF, 0x540D, 0x5411, 0x5413,
+ 0x5419, 0x5435, 0x5437, 0x543B, 0x5441, 0x5449, 0x5453, 0x5455,
+ 0x545F, 0x5461, 0x546B, 0x546D, 0x5471, 0x548F, 0x5491, 0x549D,
+ 0x54A9, 0x54B3, 0x54C5, 0x54D1, 0x54DF, 0x54E9, 0x54EB, 0x54F7,
+ 0x54FD, 0x5507, 0x550D, 0x551B, 0x5527, 0x552B, 0x5539, 0x553D,
+ 0x554F, 0x5551, 0x555B, 0x5563, 0x5567, 0x556F, 0x5579, 0x5585,
+ 0x5597, 0x55A9, 0x55B1, 0x55B7, 0x55C9, 0x55D9, 0x55E7, 0x55ED,
+ 0x55F3, 0x55FD, 0x560B, 0x560F, 0x5615, 0x5617, 0x5623, 0x562F,
+ 0x5633, 0x5639, 0x563F, 0x564B, 0x564D, 0x565D, 0x565F, 0x566B,
+ 0x5671, 0x5675, 0x5683, 0x5689, 0x568D, 0x568F, 0x569B, 0x56AD,
+ 0x56B1, 0x56D5, 0x56E7, 0x56F3, 0x56FF, 0x5701, 0x5705, 0x5707,
+ 0x570B, 0x5713, 0x571F, 0x5723, 0x5747, 0x574D, 0x575F, 0x5761,
+ 0x576D, 0x5777, 0x577D, 0x5789, 0x57A1, 0x57A9, 0x57AF, 0x57B5,
+ 0x57C5, 0x57D1, 0x57D3, 0x57E5, 0x57EF, 0x5803, 0x580D, 0x580F,
+ 0x5815, 0x5827, 0x582B, 0x582D, 0x5855, 0x585B, 0x585D, 0x586D,
+ 0x586F, 0x5873, 0x587B, 0x588D, 0x5897, 0x58A3, 0x58A9, 0x58AB,
+ 0x58B5, 0x58BD, 0x58C1, 0x58C7, 0x58D3, 0x58D5, 0x58DF, 0x58F1,
+ 0x58F9, 0x58FF, 0x5903, 0x5917, 0x591B, 0x5921, 0x5945, 0x594B,
+ 0x594D, 0x5957, 0x595D, 0x5975, 0x597B, 0x5989, 0x5999, 0x599F,
+ 0x59B1, 0x59B3, 0x59BD, 0x59D1, 0x59DB, 0x59E3, 0x59E9, 0x59ED,
+ 0x59F3, 0x59F5, 0x59FF, 0x5A01, 0x5A0D, 0x5A11, 0x5A13, 0x5A17,
+ 0x5A1F, 0x5A29, 0x5A2F, 0x5A3B, 0x5A4D, 0x5A5B, 0x5A67, 0x5A77,
+ 0x5A7F, 0x5A85, 0x5A95, 0x5A9D, 0x5AA1, 0x5AA3, 0x5AA9, 0x5ABB,
+ 0x5AD3, 0x5AE5, 0x5AEF, 0x5AFB, 0x5AFD, 0x5B01, 0x5B0F, 0x5B19,
+ 0x5B1F, 0x5B25, 0x5B2B, 0x5B3D, 0x5B49, 0x5B4B, 0x5B67, 0x5B79,
+ 0x5B87, 0x5B97, 0x5BA3, 0x5BB1, 0x5BC9, 0x5BD5, 0x5BEB, 0x5BF1,
+ 0x5BF3, 0x5BFD, 0x5C05, 0x5C09, 0x5C0B, 0x5C0F, 0x5C1D, 0x5C29,
+ 0x5C2F, 0x5C33, 0x5C39, 0x5C47, 0x5C4B, 0x5C4D, 0x5C51, 0x5C6F,
+ 0x5C75, 0x5C77, 0x5C7D, 0x5C87, 0x5C89, 0x5CA7, 0x5CBD, 0x5CBF,
+ 0x5CC3, 0x5CC9, 0x5CD1, 0x5CD7, 0x5CDD, 0x5CED, 0x5CF9, 0x5D05,
+ 0x5D0B, 0x5D13, 0x5D17, 0x5D19, 0x5D31, 0x5D3D, 0x5D41, 0x5D47,
+ 0x5D4F, 0x5D55, 0x5D5B, 0x5D65, 0x5D67, 0x5D6D, 0x5D79, 0x5D95,
+ 0x5DA3, 0x5DA9, 0x5DAD, 0x5DB9, 0x5DC1, 0x5DC7, 0x5DD3, 0x5DD7,
+ 0x5DDD, 0x5DEB, 0x5DF1, 0x5DFD, 0x5E07, 0x5E0D, 0x5E13, 0x5E1B,
+ 0x5E21, 0x5E27, 0x5E2B, 0x5E2D, 0x5E31, 0x5E39, 0x5E45, 0x5E49,
+ 0x5E57, 0x5E69, 0x5E73, 0x5E75, 0x5E85, 0x5E8B, 0x5E9F, 0x5EA5,
+ 0x5EAF, 0x5EB7, 0x5EBB, 0x5ED9, 0x5EFD, 0x5F09, 0x5F11, 0x5F27,
+ 0x5F33, 0x5F35, 0x5F3B, 0x5F47, 0x5F57, 0x5F5D, 0x5F63, 0x5F65,
+ 0x5F77, 0x5F7B, 0x5F95, 0x5F99, 0x5FA1, 0x5FB3, 0x5FBD, 0x5FC5,
+ 0x5FCF, 0x5FD5, 0x5FE3, 0x5FE7, 0x5FFB, 0x6011, 0x6023, 0x602F,
+ 0x6037, 0x6053, 0x605F, 0x6065, 0x606B, 0x6073, 0x6079, 0x6085,
+ 0x609D, 0x60AD, 0x60BB, 0x60BF, 0x60CD, 0x60D9, 0x60DF, 0x60E9,
+ 0x60F5, 0x6109, 0x610F, 0x6113, 0x611B, 0x612D, 0x6139, 0x614B,
+ 0x6155, 0x6157, 0x615B, 0x616F, 0x6179, 0x6187, 0x618B, 0x6191,
+ 0x6193, 0x619D, 0x61B5, 0x61C7, 0x61C9, 0x61CD, 0x61E1, 0x61F1,
+ 0x61FF, 0x6209, 0x6217, 0x621D, 0x6221, 0x6227, 0x623B, 0x6241,
+ 0x624B, 0x6251, 0x6253, 0x625F, 0x6265, 0x6283, 0x628D, 0x6295,
+ 0x629B, 0x629F, 0x62A5, 0x62AD, 0x62D5, 0x62D7, 0x62DB, 0x62DD,
+ 0x62E9, 0x62FB, 0x62FF, 0x6305, 0x630D, 0x6317, 0x631D, 0x632F,
+ 0x6341, 0x6343, 0x634F, 0x635F, 0x6367, 0x636D, 0x6371, 0x6377,
+ 0x637D, 0x637F, 0x63B3, 0x63C1, 0x63C5, 0x63D9, 0x63E9, 0x63EB,
+ 0x63EF, 0x63F5, 0x6401, 0x6403, 0x6409, 0x6415, 0x6421, 0x6427,
+ 0x642B, 0x6439, 0x6443, 0x6449, 0x644F, 0x645D, 0x6467, 0x6475,
+ 0x6485, 0x648D, 0x6493, 0x649F, 0x64A3, 0x64AB, 0x64C1, 0x64C7,
+ 0x64C9, 0x64DB, 0x64F1, 0x64F7, 0x64F9, 0x650B, 0x6511, 0x6521,
+ 0x652F, 0x6539, 0x653F, 0x654B, 0x654D, 0x6553, 0x6557, 0x655F,
+ 0x6571, 0x657D, 0x658D, 0x658F, 0x6593, 0x65A1, 0x65A5, 0x65AD,
+ 0x65B9, 0x65C5, 0x65E3, 0x65F3, 0x65FB, 0x65FF, 0x6601, 0x6607,
+ 0x661D, 0x6629, 0x6631, 0x663B, 0x6641, 0x6647, 0x664D, 0x665B,
+ 0x6661, 0x6673, 0x667D, 0x6689, 0x668B, 0x6695, 0x6697, 0x669B,
+ 0x66B5, 0x66B9, 0x66C5, 0x66CD, 0x66D1, 0x66E3, 0x66EB, 0x66F5,
+ 0x6703, 0x6713, 0x6719, 0x671F, 0x6727, 0x6731, 0x6737, 0x673F,
+ 0x6745, 0x6751, 0x675B, 0x676F, 0x6779, 0x6781, 0x6785, 0x6791,
+ 0x67AB, 0x67BD, 0x67C1, 0x67CD, 0x67DF, 0x67E5, 0x6803, 0x6809,
+ 0x6811, 0x6817, 0x682D, 0x6839, 0x683B, 0x683F, 0x6845, 0x684B,
+ 0x684D, 0x6857, 0x6859, 0x685D, 0x6863, 0x6869, 0x686B, 0x6871,
+ 0x6887, 0x6899, 0x689F, 0x68B1, 0x68BD, 0x68C5, 0x68D1, 0x68D7,
+ 0x68E1, 0x68ED, 0x68EF, 0x68FF, 0x6901, 0x690B, 0x690D, 0x6917,
+ 0x6929, 0x692F, 0x6943, 0x6947, 0x6949, 0x694F, 0x6965, 0x696B,
+ 0x6971, 0x6983, 0x6989, 0x6997, 0x69A3, 0x69B3, 0x69B5, 0x69BB,
+ 0x69C1, 0x69C5, 0x69D3, 0x69DF, 0x69E3, 0x69E5, 0x69F7, 0x6A07,
+ 0x6A2B, 0x6A37, 0x6A3D, 0x6A4B, 0x6A67, 0x6A69, 0x6A75, 0x6A7B,
+ 0x6A87, 0x6A8D, 0x6A91, 0x6A93, 0x6AA3, 0x6AC1, 0x6AC9, 0x6AE1,
+ 0x6AE7, 0x6B05, 0x6B0F, 0x6B11, 0x6B23, 0x6B27, 0x6B2D, 0x6B39,
+ 0x6B41, 0x6B57, 0x6B59, 0x6B5F, 0x6B75, 0x6B87, 0x6B89, 0x6B93,
+ 0x6B95, 0x6B9F, 0x6BBD, 0x6BBF, 0x6BDB, 0x6BE1, 0x6BEF, 0x6BFF,
+ 0x6C05, 0x6C19, 0x6C29, 0x6C2B, 0x6C31, 0x6C35, 0x6C55, 0x6C59,
+ 0x6C5B, 0x6C5F, 0x6C65, 0x6C67, 0x6C73, 0x6C77, 0x6C7D, 0x6C83,
+ 0x6C8F, 0x6C91, 0x6C97, 0x6C9B, 0x6CA1, 0x6CA9, 0x6CAF, 0x6CB3,
+ 0x6CC7, 0x6CCB, 0x6CEB, 0x6CF5, 0x6CFD, 0x6D0D, 0x6D0F, 0x6D25,
+ 0x6D27, 0x6D2B, 0x6D31, 0x6D39, 0x6D3F, 0x6D4F, 0x6D5D, 0x6D61,
+ 0x6D73, 0x6D7B, 0x6D7F, 0x6D93, 0x6D99, 0x6DA5, 0x6DB1, 0x6DB7,
+ 0x6DC1, 0x6DC3, 0x6DCD, 0x6DCF, 0x6DDB, 0x6DF7, 0x6E03, 0x6E15,
+ 0x6E17, 0x6E29, 0x6E33, 0x6E3B, 0x6E45, 0x6E75, 0x6E77, 0x6E7B,
+ 0x6E81, 0x6E89, 0x6E93, 0x6E95, 0x6E9F, 0x6EBD, 0x6EBF, 0x6EE3,
+ 0x6EE9, 0x6EF3, 0x6EF9, 0x6EFB, 0x6F0D, 0x6F11, 0x6F17, 0x6F1F,
+ 0x6F2F, 0x6F3D, 0x6F4D, 0x6F53, 0x6F61, 0x6F65, 0x6F79, 0x6F7D,
+ 0x6F83, 0x6F85, 0x6F8F, 0x6F9B, 0x6F9D, 0x6FA3, 0x6FAF, 0x6FB5,
+ 0x6FBB, 0x6FBF, 0x6FCB, 0x6FCD, 0x6FD3, 0x6FD7, 0x6FE3, 0x6FE9,
+ 0x6FF1, 0x6FF5, 0x6FF7, 0x6FFD, 0x700F, 0x7019, 0x701F, 0x7027,
+ 0x7033, 0x7039, 0x704F, 0x7051, 0x7057, 0x7063, 0x7075, 0x7079,
+ 0x7087, 0x708D, 0x7091, 0x70A5, 0x70AB, 0x70BB, 0x70C3, 0x70C7,
+ 0x70CF, 0x70E5, 0x70ED, 0x70F9, 0x70FF, 0x7105, 0x7115, 0x7121,
+ 0x7133, 0x7151, 0x7159, 0x715D, 0x715F, 0x7163, 0x7169, 0x7183,
+ 0x7187, 0x7195, 0x71AD, 0x71C3, 0x71C9, 0x71CB, 0x71D1, 0x71DB,
+ 0x71E1, 0x71EF, 0x71F5, 0x71FB, 0x7207, 0x7211, 0x7217, 0x7219,
+ 0x7225, 0x722F, 0x723B, 0x7243, 0x7255, 0x7267, 0x7271, 0x7277,
+ 0x727F, 0x728F, 0x7295, 0x729B, 0x72A3, 0x72B3, 0x72C7, 0x72CB,
+ 0x72CD, 0x72D7, 0x72D9, 0x72E3, 0x72EF, 0x72F5, 0x72FD, 0x7303,
+ 0x730D, 0x7321, 0x732B, 0x733D, 0x7357, 0x735B, 0x7361, 0x737F,
+ 0x7381, 0x7385, 0x738D, 0x7393, 0x739F, 0x73AB, 0x73BD, 0x73C1,
+ 0x73C9, 0x73DF, 0x73E5, 0x73E7, 0x73F3, 0x7415, 0x741B, 0x742D,
+ 0x7439, 0x743F, 0x7441, 0x745D, 0x746B, 0x747B, 0x7489, 0x748D,
+ 0x749B, 0x74A7, 0x74AB, 0x74B1, 0x74B7, 0x74B9, 0x74DD, 0x74E1,
+ 0x74E7, 0x74FB, 0x7507, 0x751F, 0x7525, 0x753B, 0x753D, 0x754D,
+ 0x755F, 0x756B, 0x7577, 0x7589, 0x758B, 0x7591, 0x7597, 0x759D,
+ 0x75A1, 0x75A7, 0x75B5, 0x75B9, 0x75BB, 0x75D1, 0x75D9, 0x75E5,
+ 0x75EB, 0x75F5, 0x75FB, 0x7603, 0x760F, 0x7621, 0x762D, 0x7633,
+ 0x763D, 0x763F, 0x7655, 0x7663, 0x7669, 0x766F, 0x7673, 0x7685,
+ 0x768B, 0x769F, 0x76B5, 0x76B7, 0x76C3, 0x76DB, 0x76DF, 0x76F1,
+ 0x7703, 0x7705, 0x771B, 0x771D, 0x7721, 0x772D, 0x7735, 0x7741,
+ 0x774B, 0x7759, 0x775D, 0x775F, 0x7771, 0x7781, 0x77A7, 0x77AD,
+ 0x77B3, 0x77B9, 0x77C5, 0x77CF, 0x77D5, 0x77E1, 0x77E9, 0x77EF,
+ 0x77F3, 0x77F9, 0x7807, 0x7825, 0x782B, 0x7835, 0x783D, 0x7853,
+ 0x7859, 0x7861, 0x786D, 0x7877, 0x7879, 0x7883, 0x7885, 0x788B,
+ 0x7895, 0x7897, 0x78A1, 0x78AD, 0x78BF, 0x78D3, 0x78D9, 0x78DD,
+ 0x78E5, 0x78FB, 0x7901, 0x7907, 0x7925, 0x792B, 0x7939, 0x793F,
+ 0x794B, 0x7957, 0x795D, 0x7967, 0x7969, 0x7973, 0x7991, 0x7993,
+ 0x79A3, 0x79AB, 0x79AF, 0x79B1, 0x79B7, 0x79C9, 0x79CD, 0x79CF,
+ 0x79D5, 0x79D9, 0x79F3, 0x79F7, 0x79FF, 0x7A05, 0x7A0F, 0x7A11,
+ 0x7A15, 0x7A1B, 0x7A23, 0x7A27, 0x7A2D, 0x7A4B, 0x7A57, 0x7A59,
+ 0x7A5F, 0x7A65, 0x7A69, 0x7A7D, 0x7A93, 0x7A9B, 0x7A9F, 0x7AA1,
+ 0x7AA5, 0x7AED, 0x7AF5, 0x7AF9, 0x7B01, 0x7B17, 0x7B19, 0x7B1D,
+ 0x7B2B, 0x7B35, 0x7B37, 0x7B3B, 0x7B4F, 0x7B55, 0x7B5F, 0x7B71,
+ 0x7B77, 0x7B8B, 0x7B9B, 0x7BA1, 0x7BA9, 0x7BAF, 0x7BB3, 0x7BC7,
+ 0x7BD3, 0x7BE9, 0x7BEB, 0x7BEF, 0x7BF1, 0x7BFD, 0x7C07, 0x7C19,
+ 0x7C1B, 0x7C31, 0x7C37, 0x7C49, 0x7C67, 0x7C69, 0x7C73, 0x7C81,
+ 0x7C8B, 0x7C93, 0x7CA3, 0x7CD5, 0x7CDB, 0x7CE5, 0x7CED, 0x7CF7,
+ 0x7D03, 0x7D09, 0x7D1B, 0x7D1D, 0x7D33, 0x7D39, 0x7D3B, 0x7D3F,
+ 0x7D45, 0x7D4D, 0x7D53, 0x7D59, 0x7D63, 0x7D75, 0x7D77, 0x7D8D,
+ 0x7D8F, 0x7D9F, 0x7DAD, 0x7DB7, 0x7DBD, 0x7DBF, 0x7DCB, 0x7DD5,
+ 0x7DE9, 0x7DED, 0x7DFB, 0x7E01, 0x7E05, 0x7E29, 0x7E2B, 0x7E2F,
+ 0x7E35, 0x7E41, 0x7E43, 0x7E47, 0x7E55, 0x7E61, 0x7E67, 0x7E6B,
+ 0x7E71, 0x7E73, 0x7E79, 0x7E7D, 0x7E91, 0x7E9B, 0x7E9D, 0x7EA7,
+ 0x7EAD, 0x7EB9, 0x7EBB, 0x7ED3, 0x7EDF, 0x7EEB, 0x7EF1, 0x7EF7,
+ 0x7EFB, 0x7F13, 0x7F15, 0x7F19, 0x7F31, 0x7F33, 0x7F39, 0x7F3D,
+ 0x7F43, 0x7F4B, 0x7F5B, 0x7F61, 0x7F63, 0x7F6D, 0x7F79, 0x7F87,
+ 0x7F8D, 0x7FAF, 0x7FB5, 0x7FC3, 0x7FC9, 0x7FCD, 0x7FCF, 0x7FED,
+ 0x8003, 0x800B, 0x800F, 0x8015, 0x801D, 0x8021, 0x8023, 0x803F,
+ 0x8041, 0x8047, 0x804B, 0x8065, 0x8077, 0x808D, 0x808F, 0x8095,
+ 0x80A5, 0x80AB, 0x80AD, 0x80BD, 0x80C9, 0x80CB, 0x80D7, 0x80DB,
+ 0x80E1, 0x80E7, 0x80F5, 0x80FF, 0x8105, 0x810D, 0x8119, 0x811D,
+ 0x812F, 0x8131, 0x813B, 0x8143, 0x8153, 0x8159, 0x815F, 0x817D,
+ 0x817F, 0x8189, 0x819B, 0x819D, 0x81A7, 0x81AF, 0x81B3, 0x81BB,
+ 0x81C7, 0x81DF, 0x8207, 0x8209, 0x8215, 0x821F, 0x8225, 0x8231,
+ 0x8233, 0x823F, 0x8243, 0x8245, 0x8249, 0x824F, 0x8261, 0x826F,
+ 0x827B, 0x8281, 0x8285, 0x8293, 0x82B1, 0x82B5, 0x82BD, 0x82C7,
+ 0x82CF, 0x82D5, 0x82DF, 0x82F1, 0x82F9, 0x82FD, 0x830B, 0x831B,
+ 0x8321, 0x8329, 0x832D, 0x8333, 0x8335, 0x833F, 0x8341, 0x834D,
+ 0x8351, 0x8353, 0x8357, 0x835D, 0x8365, 0x8369, 0x836F, 0x838F,
+ 0x83A7, 0x83B1, 0x83B9, 0x83CB, 0x83D5, 0x83D7, 0x83DD, 0x83E7,
+ 0x83E9, 0x83ED, 0x83FF, 0x8405, 0x8411, 0x8413, 0x8423, 0x8425,
+ 0x843B, 0x8441, 0x8447, 0x844F, 0x8461, 0x8465, 0x8477, 0x8483,
+ 0x848B, 0x8491, 0x8495, 0x84A9, 0x84AF, 0x84CD, 0x84E3, 0x84EF,
+ 0x84F1, 0x84F7, 0x8509, 0x850D, 0x854B, 0x854F, 0x8551, 0x855D,
+ 0x8563, 0x856D, 0x856F, 0x857B, 0x8587, 0x85A3, 0x85A5, 0x85A9,
+ 0x85B7, 0x85CD, 0x85D3, 0x85D5, 0x85DB, 0x85E1, 0x85EB, 0x85F9,
+ 0x85FD, 0x85FF, 0x8609, 0x860F, 0x8617, 0x8621, 0x862F, 0x8639,
+ 0x863F, 0x8641, 0x864D, 0x8663, 0x8675, 0x867D, 0x8687, 0x8699,
+ 0x86A5, 0x86A7, 0x86B3, 0x86B7, 0x86C3, 0x86C5, 0x86CF, 0x86D1,
+ 0x86D7, 0x86E9, 0x86EF, 0x86F5, 0x8717, 0x871D, 0x871F, 0x872B,
+ 0x872F, 0x8735, 0x8747, 0x8759, 0x875B, 0x876B, 0x8771, 0x8777,
+ 0x877F, 0x8785, 0x878F, 0x87A1, 0x87A9, 0x87B3, 0x87BB, 0x87C5,
+ 0x87C7, 0x87CB, 0x87DD, 0x87F7, 0x8803, 0x8819, 0x881B, 0x881F,
+ 0x8821, 0x8837, 0x883D, 0x8843, 0x8851, 0x8861, 0x8867, 0x887B,
+ 0x8885, 0x8891, 0x8893, 0x88A5, 0x88CF, 0x88D3, 0x88EB, 0x88ED,
+ 0x88F3, 0x88FD, 0x8909, 0x890B, 0x8911, 0x891B, 0x8923, 0x8927,
+ 0x892D, 0x8939, 0x8945, 0x894D, 0x8951, 0x8957, 0x8963, 0x8981,
+ 0x8995, 0x899B, 0x89B3, 0x89B9, 0x89C3, 0x89CF, 0x89D1, 0x89DB,
+ 0x89EF, 0x89F5, 0x89FB, 0x89FF, 0x8A0B, 0x8A19, 0x8A23, 0x8A35,
+ 0x8A41, 0x8A49, 0x8A4F, 0x8A5B, 0x8A5F, 0x8A6D, 0x8A77, 0x8A79,
+ 0x8A85, 0x8AA3, 0x8AB3, 0x8AB5, 0x8AC1, 0x8AC7, 0x8ACB, 0x8ACD,
+ 0x8AD1, 0x8AD7, 0x8AF1, 0x8AF5, 0x8B07, 0x8B09, 0x8B0D, 0x8B13,
+ 0x8B21, 0x8B57, 0x8B5D, 0x8B91, 0x8B93, 0x8BA3, 0x8BA9, 0x8BAF,
+ 0x8BBB, 0x8BD5, 0x8BD9, 0x8BDB, 0x8BE1, 0x8BF7, 0x8BFD, 0x8BFF,
+ 0x8C0B, 0x8C17, 0x8C1D, 0x8C27, 0x8C39, 0x8C3B, 0x8C47, 0x8C53,
+ 0x8C5D, 0x8C6F, 0x8C7B, 0x8C81, 0x8C89, 0x8C8F, 0x8C99, 0x8C9F,
+ 0x8CA7, 0x8CAB, 0x8CAD, 0x8CB1, 0x8CC5, 0x8CDD, 0x8CE3, 0x8CE9,
+ 0x8CF3, 0x8D01, 0x8D0B, 0x8D0D, 0x8D23, 0x8D29, 0x8D37, 0x8D41,
+ 0x8D5B, 0x8D5F, 0x8D71, 0x8D79, 0x8D85, 0x8D91, 0x8D9B, 0x8DA7,
+ 0x8DAD, 0x8DB5, 0x8DC5, 0x8DCB, 0x8DD3, 0x8DD9, 0x8DDF, 0x8DF5,
+ 0x8DF7, 0x8E01, 0x8E15, 0x8E1F, 0x8E25, 0x8E51, 0x8E63, 0x8E69,
+ 0x8E73, 0x8E75, 0x8E79, 0x8E7F, 0x8E8D, 0x8E91, 0x8EAB, 0x8EAF,
+ 0x8EB1, 0x8EBD, 0x8EC7, 0x8ECF, 0x8ED3, 0x8EDB, 0x8EE7, 0x8EEB,
+ 0x8EF7, 0x8EFF, 0x8F15, 0x8F1D, 0x8F23, 0x8F2D, 0x8F3F, 0x8F45,
+ 0x8F4B, 0x8F53, 0x8F59, 0x8F65, 0x8F69, 0x8F71, 0x8F83, 0x8F8D,
+ 0x8F99, 0x8F9F, 0x8FAB, 0x8FAD, 0x8FB3, 0x8FB7, 0x8FB9, 0x8FC9,
+ 0x8FD5, 0x8FE1, 0x8FEF, 0x8FF9, 0x9007, 0x900D, 0x9017, 0x9023,
+ 0x9025, 0x9031, 0x9037, 0x903B, 0x9041, 0x9043, 0x904F, 0x9053,
+ 0x906D, 0x9073, 0x9085, 0x908B, 0x9095, 0x909B, 0x909D, 0x90AF,
+ 0x90B9, 0x90C1, 0x90C5, 0x90DF, 0x90E9, 0x90FD, 0x9103, 0x9113,
+ 0x9127, 0x9133, 0x913D, 0x9145, 0x914F, 0x9151, 0x9161, 0x9167,
+ 0x917B, 0x9185, 0x9199, 0x919D, 0x91BB, 0x91BD, 0x91C1, 0x91C9,
+ 0x91D9, 0x91DB, 0x91ED, 0x91F1, 0x91F3, 0x91F9, 0x9203, 0x9215,
+ 0x9221, 0x922F, 0x9241, 0x9247, 0x9257, 0x926B, 0x9271, 0x9275,
+ 0x927D, 0x9283, 0x9287, 0x928D, 0x9299, 0x92A1, 0x92AB, 0x92AD,
+ 0x92B9, 0x92BF, 0x92C3, 0x92C5, 0x92CB, 0x92D5, 0x92D7, 0x92E7,
+ 0x92F3, 0x9301, 0x930B, 0x9311, 0x9319, 0x931F, 0x933B, 0x933D,
+ 0x9343, 0x9355, 0x9373, 0x9395, 0x9397, 0x93A7, 0x93B3, 0x93B5,
+ 0x93C7, 0x93D7, 0x93DD, 0x93E5, 0x93EF, 0x93F7, 0x9401, 0x9409,
+ 0x9413, 0x943F, 0x9445, 0x944B, 0x944F, 0x9463, 0x9467, 0x9469,
+ 0x946D, 0x947B, 0x9497, 0x949F, 0x94A5, 0x94B5, 0x94C3, 0x94E1,
+ 0x94E7, 0x9505, 0x9509, 0x9517, 0x9521, 0x9527, 0x952D, 0x9535,
+ 0x9539, 0x954B, 0x9557, 0x955D, 0x955F, 0x9575, 0x9581, 0x9589,
+ 0x958F, 0x959B, 0x959F, 0x95AD, 0x95B1, 0x95B7, 0x95B9, 0x95BD,
+ 0x95CF, 0x95E3, 0x95E9, 0x95F9, 0x961F, 0x962F, 0x9631, 0x9635,
+ 0x963B, 0x963D, 0x9665, 0x968F, 0x969D, 0x96A1, 0x96A7, 0x96A9,
+ 0x96C1, 0x96CB, 0x96D1, 0x96D3, 0x96E5, 0x96EF, 0x96FB, 0x96FD,
+ 0x970D, 0x970F, 0x9715, 0x9725, 0x972B, 0x9733, 0x9737, 0x9739,
+ 0x9743, 0x9749, 0x9751, 0x975B, 0x975D, 0x976F, 0x977F, 0x9787,
+ 0x9793, 0x97A5, 0x97B1, 0x97B7, 0x97C3, 0x97CD, 0x97D3, 0x97D9,
+ 0x97EB, 0x97F7, 0x9805, 0x9809, 0x980B, 0x9815, 0x9829, 0x982F,
+ 0x983B, 0x9841, 0x9851, 0x986B, 0x986F, 0x9881, 0x9883, 0x9887,
+ 0x98A7, 0x98B1, 0x98B9, 0x98BF, 0x98C3, 0x98C9, 0x98CF, 0x98DD,
+ 0x98E3, 0x98F5, 0x98F9, 0x98FB, 0x990D, 0x9917, 0x991F, 0x9929,
+ 0x9931, 0x993B, 0x993D, 0x9941, 0x9947, 0x9949, 0x9953, 0x997D,
+ 0x9985, 0x9991, 0x9995, 0x999B, 0x99AD, 0x99AF, 0x99BF, 0x99C7,
+ 0x99CB, 0x99CD, 0x99D7, 0x99E5, 0x99F1, 0x99FB, 0x9A0F, 0x9A13,
+ 0x9A1B, 0x9A25, 0x9A4B, 0x9A4F, 0x9A55, 0x9A57, 0x9A61, 0x9A75,
+ 0x9A7F, 0x9A8B, 0x9A91, 0x9A9D, 0x9AB7, 0x9AC3, 0x9AC7, 0x9ACF,
+ 0x9AEB, 0x9AF3, 0x9AF7, 0x9AFF, 0x9B17, 0x9B1D, 0x9B27, 0x9B2F,
+ 0x9B35, 0x9B45, 0x9B51, 0x9B59, 0x9B63, 0x9B6F, 0x9B77, 0x9B8D,
+ 0x9B93, 0x9B95, 0x9B9F, 0x9BA1, 0x9BA7, 0x9BB1, 0x9BB7, 0x9BBD,
+ 0x9BC5, 0x9BCB, 0x9BCF, 0x9BDD, 0x9BF9, 0x9C01, 0x9C11, 0x9C23,
+ 0x9C2B, 0x9C2F, 0x9C35, 0x9C49, 0x9C4D, 0x9C5F, 0x9C65, 0x9C67,
+ 0x9C7F, 0x9C97, 0x9C9D, 0x9CA3, 0x9CAF, 0x9CBB, 0x9CBF, 0x9CC1,
+ 0x9CD7, 0x9CD9, 0x9CE3, 0x9CE9, 0x9CF1, 0x9CFD, 0x9D01, 0x9D15,
+ 0x9D27, 0x9D2D, 0x9D31, 0x9D3D, 0x9D55, 0x9D5B, 0x9D61, 0x9D97,
+ 0x9D9F, 0x9DA5, 0x9DA9, 0x9DC3, 0x9DE7, 0x9DEB, 0x9DED, 0x9DF1,
+ 0x9E0B, 0x9E17, 0x9E23, 0x9E27, 0x9E2D, 0x9E33, 0x9E3B, 0x9E47,
+ 0x9E51, 0x9E53, 0x9E5F, 0x9E6F, 0x9E81, 0x9E87, 0x9E8F, 0x9E95,
+ 0x9EA1, 0x9EB3, 0x9EBD, 0x9EBF, 0x9EF5, 0x9EF9, 0x9EFB, 0x9F05,
+ 0x9F23, 0x9F2F, 0x9F37, 0x9F3B, 0x9F43, 0x9F53, 0x9F61, 0x9F6D,
+ 0x9F73, 0x9F77, 0x9F7D, 0x9F89, 0x9F8F, 0x9F91, 0x9F95, 0x9FA3,
+ 0x9FAF, 0x9FB3, 0x9FC1, 0x9FC7, 0x9FDF, 0x9FE5, 0x9FEB, 0x9FF5,
+ 0xA001, 0xA00D, 0xA021, 0xA033, 0xA039, 0xA03F, 0xA04F, 0xA057,
+ 0xA05B, 0xA061, 0xA075, 0xA079, 0xA099, 0xA09D, 0xA0AB, 0xA0B5,
+ 0xA0B7, 0xA0BD, 0xA0C9, 0xA0D9, 0xA0DB, 0xA0DF, 0xA0E5, 0xA0F1,
+ 0xA0F3, 0xA0FD, 0xA105, 0xA10B, 0xA10F, 0xA111, 0xA11B, 0xA129,
+ 0xA12F, 0xA135, 0xA141, 0xA153, 0xA175, 0xA17D, 0xA187, 0xA18D,
+ 0xA1A5, 0xA1AB, 0xA1AD, 0xA1B7, 0xA1C3, 0xA1C5, 0xA1E3, 0xA1ED,
+ 0xA1FB, 0xA207, 0xA213, 0xA223, 0xA229, 0xA22F, 0xA231, 0xA243,
+ 0xA247, 0xA24D, 0xA26B, 0xA279, 0xA27D, 0xA283, 0xA289, 0xA28B,
+ 0xA291, 0xA295, 0xA29B, 0xA2A9, 0xA2AF, 0xA2B3, 0xA2BB, 0xA2C5,
+ 0xA2D1, 0xA2D7, 0xA2F7, 0xA301, 0xA309, 0xA31F, 0xA321, 0xA32B,
+ 0xA331, 0xA349, 0xA351, 0xA355, 0xA373, 0xA379, 0xA37B, 0xA387,
+ 0xA397, 0xA39F, 0xA3A5, 0xA3A9, 0xA3AF, 0xA3B7, 0xA3C7, 0xA3D5,
+ 0xA3DB, 0xA3E1, 0xA3E5, 0xA3E7, 0xA3F1, 0xA3FD, 0xA3FF, 0xA40F,
+ 0xA41D, 0xA421, 0xA423, 0xA427, 0xA43B, 0xA44D, 0xA457, 0xA459,
+ 0xA463, 0xA469, 0xA475, 0xA493, 0xA49B, 0xA4AD, 0xA4B9, 0xA4C3,
+ 0xA4C5, 0xA4CB, 0xA4D1, 0xA4D5, 0xA4E1, 0xA4ED, 0xA4EF, 0xA4F3,
+ 0xA4FF, 0xA511, 0xA529, 0xA52B, 0xA535, 0xA53B, 0xA543, 0xA553,
+ 0xA55B, 0xA561, 0xA56D, 0xA577, 0xA585, 0xA58B, 0xA597, 0xA59D,
+ 0xA5A3, 0xA5A7, 0xA5A9, 0xA5C1, 0xA5C5, 0xA5CB, 0xA5D3, 0xA5D9,
+ 0xA5DD, 0xA5DF, 0xA5E3, 0xA5E9, 0xA5F7, 0xA5FB, 0xA603, 0xA60D,
+ 0xA625, 0xA63D, 0xA649, 0xA64B, 0xA651, 0xA65D, 0xA673, 0xA691,
+ 0xA693, 0xA699, 0xA6AB, 0xA6B5, 0xA6BB, 0xA6C1, 0xA6C9, 0xA6CD,
+ 0xA6CF, 0xA6D5, 0xA6DF, 0xA6E7, 0xA6F1, 0xA6F7, 0xA6FF, 0xA70F,
+ 0xA715, 0xA723, 0xA729, 0xA72D, 0xA745, 0xA74D, 0xA757, 0xA759,
+ 0xA765, 0xA76B, 0xA76F, 0xA793, 0xA795, 0xA7AB, 0xA7B1, 0xA7B9,
+ 0xA7BF, 0xA7C9, 0xA7D1, 0xA7D7, 0xA7E3, 0xA7ED, 0xA7FB, 0xA805,
+ 0xA80B, 0xA81D, 0xA829, 0xA82B, 0xA837, 0xA83B, 0xA855, 0xA85F,
+ 0xA86D, 0xA87D, 0xA88F, 0xA897, 0xA8A9, 0xA8B5, 0xA8C1, 0xA8C7,
+ 0xA8D7, 0xA8E5, 0xA8FD, 0xA907, 0xA913, 0xA91B, 0xA931, 0xA937,
+ 0xA939, 0xA943, 0xA97F, 0xA985, 0xA987, 0xA98B, 0xA993, 0xA9A3,
+ 0xA9B1, 0xA9BB, 0xA9C1, 0xA9D9, 0xA9DF, 0xA9EB, 0xA9FD, 0xAA15,
+ 0xAA17, 0xAA35, 0xAA39, 0xAA3B, 0xAA47, 0xAA4D, 0xAA57, 0xAA59,
+ 0xAA5D, 0xAA6B, 0xAA71, 0xAA81, 0xAA83, 0xAA8D, 0xAA95, 0xAAAB,
+ 0xAABF, 0xAAC5, 0xAAC9, 0xAAE9, 0xAAEF, 0xAB01, 0xAB05, 0xAB07,
+ 0xAB0B, 0xAB0D, 0xAB11, 0xAB19, 0xAB4D, 0xAB5B, 0xAB71, 0xAB73,
+ 0xAB89, 0xAB9D, 0xABA7, 0xABAF, 0xABB9, 0xABBB, 0xABC1, 0xABC5,
+ 0xABD3, 0xABD7, 0xABDD, 0xABF1, 0xABF5, 0xABFB, 0xABFD, 0xAC09,
+ 0xAC15, 0xAC1B, 0xAC27, 0xAC37, 0xAC39, 0xAC45, 0xAC4F, 0xAC57,
+ 0xAC5B, 0xAC61, 0xAC63, 0xAC7F, 0xAC8B, 0xAC93, 0xAC9D, 0xACA9,
+ 0xACAB, 0xACAF, 0xACBD, 0xACD9, 0xACE1, 0xACE7, 0xACEB, 0xACED,
+ 0xACF1, 0xACF7, 0xACF9, 0xAD05, 0xAD3F, 0xAD45, 0xAD53, 0xAD5D,
+ 0xAD5F, 0xAD65, 0xAD81, 0xADA1, 0xADA5, 0xADC3, 0xADCB, 0xADD1,
+ 0xADD5, 0xADDB, 0xADE7, 0xADF3, 0xADF5, 0xADF9, 0xADFF, 0xAE05,
+ 0xAE13, 0xAE23, 0xAE2B, 0xAE49, 0xAE4D, 0xAE4F, 0xAE59, 0xAE61,
+ 0xAE67, 0xAE6B, 0xAE71, 0xAE8B, 0xAE8F, 0xAE9B, 0xAE9D, 0xAEA7,
+ 0xAEB9, 0xAEC5, 0xAED1, 0xAEE3, 0xAEE5, 0xAEE9, 0xAEF5, 0xAEFD,
+ 0xAF09, 0xAF13, 0xAF27, 0xAF2B, 0xAF33, 0xAF43, 0xAF4F, 0xAF57,
+ 0xAF5D, 0xAF6D, 0xAF75, 0xAF7F, 0xAF8B, 0xAF99, 0xAF9F, 0xAFA3,
+ 0xAFAB, 0xAFB7, 0xAFBB, 0xAFCF, 0xAFD5, 0xAFFD, 0xB005, 0xB015,
+ 0xB01B, 0xB03F, 0xB041, 0xB047, 0xB04B, 0xB051, 0xB053, 0xB069,
+ 0xB07B, 0xB07D, 0xB087, 0xB08D, 0xB0B1, 0xB0BF, 0xB0CB, 0xB0CF,
+ 0xB0E1, 0xB0E9, 0xB0ED, 0xB0FB, 0xB105, 0xB107, 0xB111, 0xB119,
+ 0xB11D, 0xB11F, 0xB131, 0xB141, 0xB14D, 0xB15B, 0xB165, 0xB173,
+ 0xB179, 0xB17F, 0xB1A9, 0xB1B3, 0xB1B9, 0xB1BF, 0xB1D3, 0xB1DD,
+ 0xB1E5, 0xB1F1, 0xB1F5, 0xB201, 0xB213, 0xB215, 0xB21F, 0xB22D,
+ 0xB23F, 0xB249, 0xB25B, 0xB263, 0xB269, 0xB26D, 0xB27B, 0xB281,
+ 0xB28B, 0xB2A9, 0xB2B7, 0xB2BD, 0xB2C3, 0xB2C7, 0xB2D3, 0xB2F9,
+ 0xB2FD, 0xB2FF, 0xB303, 0xB309, 0xB311, 0xB31D, 0xB327, 0xB32D,
+ 0xB33F, 0xB345, 0xB377, 0xB37D, 0xB381, 0xB387, 0xB393, 0xB39B,
+ 0xB3A5, 0xB3C5, 0xB3CB, 0xB3E1, 0xB3E3, 0xB3ED, 0xB3F9, 0xB40B,
+ 0xB40D, 0xB413, 0xB417, 0xB435, 0xB43D, 0xB443, 0xB449, 0xB45B,
+ 0xB465, 0xB467, 0xB46B, 0xB477, 0xB48B, 0xB495, 0xB49D, 0xB4B5,
+ 0xB4BF, 0xB4C1, 0xB4C7, 0xB4DD, 0xB4E3, 0xB4E5, 0xB4F7, 0xB501,
+ 0xB50D, 0xB50F, 0xB52D, 0xB53F, 0xB54B, 0xB567, 0xB569, 0xB56F,
+ 0xB573, 0xB579, 0xB587, 0xB58D, 0xB599, 0xB5A3, 0xB5AB, 0xB5AF,
+ 0xB5BB, 0xB5D5, 0xB5DF, 0xB5E7, 0xB5ED, 0xB5FD, 0xB5FF, 0xB609,
+ 0xB61B, 0xB629, 0xB62F, 0xB633, 0xB639, 0xB647, 0xB657, 0xB659,
+ 0xB65F, 0xB663, 0xB66F, 0xB683, 0xB687, 0xB69B, 0xB69F, 0xB6A5,
+ 0xB6B1, 0xB6B3, 0xB6D7, 0xB6DB, 0xB6E1, 0xB6E3, 0xB6ED, 0xB6EF,
+ 0xB705, 0xB70D, 0xB713, 0xB71D, 0xB729, 0xB735, 0xB747, 0xB755,
+ 0xB76D, 0xB791, 0xB795, 0xB7A9, 0xB7C1, 0xB7CB, 0xB7D1, 0xB7D3,
+ 0xB7EF, 0xB7F5, 0xB807, 0xB80F, 0xB813, 0xB819, 0xB821, 0xB827,
+ 0xB82B, 0xB82D, 0xB839, 0xB855, 0xB867, 0xB875, 0xB885, 0xB893,
+ 0xB8A5, 0xB8AF, 0xB8B7, 0xB8BD, 0xB8C1, 0xB8C7, 0xB8CD, 0xB8D5,
+ 0xB8EB, 0xB8F7, 0xB8F9, 0xB903, 0xB915, 0xB91B, 0xB91D, 0xB92F,
+ 0xB939, 0xB93B, 0xB947, 0xB951, 0xB963, 0xB983, 0xB989, 0xB98D,
+ 0xB993, 0xB999, 0xB9A1, 0xB9A7, 0xB9AD, 0xB9B7, 0xB9CB, 0xB9D1,
+ 0xB9DD, 0xB9E7, 0xB9EF, 0xB9F9, 0xBA07, 0xBA0D, 0xBA17, 0xBA25,
+ 0xBA29, 0xBA2B, 0xBA41, 0xBA53, 0xBA55, 0xBA5F, 0xBA61, 0xBA65,
+ 0xBA79, 0xBA7D, 0xBA7F, 0xBAA1, 0xBAA3, 0xBAAF, 0xBAB5, 0xBABF,
+ 0xBAC1, 0xBACB, 0xBADD, 0xBAE3, 0xBAF1, 0xBAFD, 0xBB09, 0xBB1F,
+ 0xBB27, 0xBB2D, 0xBB3D, 0xBB43, 0xBB4B, 0xBB4F, 0xBB5B, 0xBB61,
+ 0xBB69, 0xBB6D, 0xBB91, 0xBB97, 0xBB9D, 0xBBB1, 0xBBC9, 0xBBCF,
+ 0xBBDB, 0xBBED, 0xBBF7, 0xBBF9, 0xBC03, 0xBC1D, 0xBC23, 0xBC33,
+ 0xBC3B, 0xBC41, 0xBC45, 0xBC5D, 0xBC6F, 0xBC77, 0xBC83, 0xBC8F,
+ 0xBC99, 0xBCAB, 0xBCB7, 0xBCB9, 0xBCD1, 0xBCD5, 0xBCE1, 0xBCF3,
+ 0xBCFF, 0xBD0D, 0xBD17, 0xBD19, 0xBD1D, 0xBD35, 0xBD41, 0xBD4F,
+ 0xBD59, 0xBD5F, 0xBD61, 0xBD67, 0xBD6B, 0xBD71, 0xBD8B, 0xBD8F,
+ 0xBD95, 0xBD9B, 0xBD9D, 0xBDB3, 0xBDBB, 0xBDCD, 0xBDD1, 0xBDE3,
+ 0xBDEB, 0xBDEF, 0xBE07, 0xBE09, 0xBE15, 0xBE21, 0xBE25, 0xBE27,
+ 0xBE5B, 0xBE5D, 0xBE6F, 0xBE75, 0xBE79, 0xBE7F, 0xBE8B, 0xBE8D,
+ 0xBE93, 0xBE9F, 0xBEA9, 0xBEB1, 0xBEB5, 0xBEB7, 0xBECF, 0xBED9,
+ 0xBEDB, 0xBEE5, 0xBEE7, 0xBEF3, 0xBEF9, 0xBF0B, 0xBF33, 0xBF39,
+ 0xBF4D, 0xBF5D, 0xBF5F, 0xBF6B, 0xBF71, 0xBF7B, 0xBF87, 0xBF89,
+ 0xBF8D, 0xBF93, 0xBFA1, 0xBFAD, 0xBFB9, 0xBFCF, 0xBFD5, 0xBFDD,
+ 0xBFE1, 0xBFE3, 0xBFF3, 0xC005, 0xC011, 0xC013, 0xC019, 0xC029,
+ 0xC02F, 0xC031, 0xC037, 0xC03B, 0xC047, 0xC065, 0xC06D, 0xC07D,
+ 0xC07F, 0xC091, 0xC09B, 0xC0B3, 0xC0B5, 0xC0BB, 0xC0D3, 0xC0D7,
+ 0xC0D9, 0xC0EF, 0xC0F1, 0xC101, 0xC103, 0xC109, 0xC115, 0xC119,
+ 0xC12B, 0xC133, 0xC137, 0xC145, 0xC149, 0xC15B, 0xC173, 0xC179,
+ 0xC17B, 0xC181, 0xC18B, 0xC18D, 0xC197, 0xC1BD, 0xC1C3, 0xC1CD,
+ 0xC1DB, 0xC1E1, 0xC1E7, 0xC1FF, 0xC203, 0xC205, 0xC211, 0xC221,
+ 0xC22F, 0xC23F, 0xC24B, 0xC24D, 0xC253, 0xC25D, 0xC277, 0xC27B,
+ 0xC27D, 0xC289, 0xC28F, 0xC293, 0xC29F, 0xC2A7, 0xC2B3, 0xC2BD,
+ 0xC2CF, 0xC2D5, 0xC2E3, 0xC2FF, 0xC301, 0xC307, 0xC311, 0xC313,
+ 0xC317, 0xC325, 0xC347, 0xC349, 0xC34F, 0xC365, 0xC367, 0xC371,
+ 0xC37F, 0xC383, 0xC385, 0xC395, 0xC39D, 0xC3A7, 0xC3AD, 0xC3B5,
+ 0xC3BF, 0xC3C7, 0xC3CB, 0xC3D1, 0xC3D3, 0xC3E3, 0xC3E9, 0xC3EF,
+ 0xC401, 0xC41F, 0xC42D, 0xC433, 0xC437, 0xC455, 0xC457, 0xC461,
+ 0xC46F, 0xC473, 0xC487, 0xC491, 0xC499, 0xC49D, 0xC4A5, 0xC4B7,
+ 0xC4BB, 0xC4C9, 0xC4CF, 0xC4D3, 0xC4EB, 0xC4F1, 0xC4F7, 0xC509,
+ 0xC51B, 0xC51D, 0xC541, 0xC547, 0xC551, 0xC55F, 0xC56B, 0xC56F,
+ 0xC575, 0xC577, 0xC595, 0xC59B, 0xC59F, 0xC5A1, 0xC5A7, 0xC5C3,
+ 0xC5D7, 0xC5DB, 0xC5EF, 0xC5FB, 0xC613, 0xC623, 0xC635, 0xC641,
+ 0xC64F, 0xC655, 0xC659, 0xC665, 0xC685, 0xC691, 0xC697, 0xC6A1,
+ 0xC6A9, 0xC6B3, 0xC6B9, 0xC6CB, 0xC6CD, 0xC6DD, 0xC6EB, 0xC6F1,
+ 0xC707, 0xC70D, 0xC719, 0xC71B, 0xC72D, 0xC731, 0xC739, 0xC757,
+ 0xC763, 0xC767, 0xC773, 0xC775, 0xC77F, 0xC7A5, 0xC7BB, 0xC7BD,
+ 0xC7C1, 0xC7CF, 0xC7D5, 0xC7E1, 0xC7F9, 0xC7FD, 0xC7FF, 0xC803,
+ 0xC811, 0xC81D, 0xC827, 0xC829, 0xC839, 0xC83F, 0xC853, 0xC857,
+ 0xC86B, 0xC881, 0xC88D, 0xC88F, 0xC893, 0xC895, 0xC8A1, 0xC8B7,
+ 0xC8CF, 0xC8D5, 0xC8DB, 0xC8DD, 0xC8E3, 0xC8E7, 0xC8ED, 0xC8EF,
+ 0xC8F9, 0xC905, 0xC911, 0xC917, 0xC919, 0xC91F, 0xC92F, 0xC937,
+ 0xC93D, 0xC941, 0xC953, 0xC95F, 0xC96B, 0xC979, 0xC97D, 0xC989,
+ 0xC98F, 0xC997, 0xC99D, 0xC9AF, 0xC9B5, 0xC9BF, 0xC9CB, 0xC9D9,
+ 0xC9DF, 0xC9E3, 0xC9EB, 0xCA01, 0xCA07, 0xCA09, 0xCA25, 0xCA37,
+ 0xCA39, 0xCA4B, 0xCA55, 0xCA5B, 0xCA69, 0xCA73, 0xCA75, 0xCA7F,
+ 0xCA8D, 0xCA93, 0xCA9D, 0xCA9F, 0xCAB5, 0xCABB, 0xCAC3, 0xCAC9,
+ 0xCAD9, 0xCAE5, 0xCAED, 0xCB03, 0xCB05, 0xCB09, 0xCB17, 0xCB29,
+ 0xCB35, 0xCB3B, 0xCB53, 0xCB59, 0xCB63, 0xCB65, 0xCB71, 0xCB87,
+ 0xCB99, 0xCB9F, 0xCBB3, 0xCBB9, 0xCBC3, 0xCBD1, 0xCBD5, 0xCBD7,
+ 0xCBDD, 0xCBE9, 0xCBFF, 0xCC0D, 0xCC19, 0xCC1D, 0xCC23, 0xCC2B,
+ 0xCC41, 0xCC43, 0xCC4D, 0xCC59, 0xCC61, 0xCC89, 0xCC8B, 0xCC91,
+ 0xCC9B, 0xCCA3, 0xCCA7, 0xCCD1, 0xCCE5, 0xCCE9, 0xCD09, 0xCD15,
+ 0xCD1F, 0xCD25, 0xCD31, 0xCD3D, 0xCD3F, 0xCD49, 0xCD51, 0xCD57,
+ 0xCD5B, 0xCD63, 0xCD67, 0xCD81, 0xCD93, 0xCD97, 0xCD9F, 0xCDBB,
+ 0xCDC1, 0xCDD3, 0xCDD9, 0xCDE5, 0xCDE7, 0xCDF1, 0xCDF7, 0xCDFD,
+ 0xCE0B, 0xCE15, 0xCE21, 0xCE2F, 0xCE47, 0xCE4D, 0xCE51, 0xCE65,
+ 0xCE7B, 0xCE7D, 0xCE8F, 0xCE93, 0xCE99, 0xCEA5, 0xCEA7, 0xCEB7,
+ 0xCEC9, 0xCED7, 0xCEDD, 0xCEE3, 0xCEE7, 0xCEED, 0xCEF5, 0xCF07,
+ 0xCF0B, 0xCF19, 0xCF37, 0xCF3B, 0xCF4D, 0xCF55, 0xCF5F, 0xCF61,
+ 0xCF65, 0xCF6D, 0xCF79, 0xCF7D, 0xCF89, 0xCF9B, 0xCF9D, 0xCFA9,
+ 0xCFB3, 0xCFB5, 0xCFC5, 0xCFCD, 0xCFD1, 0xCFEF, 0xCFF1, 0xCFF7,
+ 0xD013, 0xD015, 0xD01F, 0xD021, 0xD033, 0xD03D, 0xD04B, 0xD04F,
+ 0xD069, 0xD06F, 0xD081, 0xD085, 0xD099, 0xD09F, 0xD0A3, 0xD0AB,
+ 0xD0BD, 0xD0C1, 0xD0CD, 0xD0E7, 0xD0FF, 0xD103, 0xD117, 0xD12D,
+ 0xD12F, 0xD141, 0xD157, 0xD159, 0xD15D, 0xD169, 0xD16B, 0xD171,
+ 0xD177, 0xD17D, 0xD181, 0xD187, 0xD195, 0xD199, 0xD1B1, 0xD1BD,
+ 0xD1C3, 0xD1D5, 0xD1D7, 0xD1E3, 0xD1FF, 0xD20D, 0xD211, 0xD217,
+ 0xD21F, 0xD235, 0xD23B, 0xD247, 0xD259, 0xD261, 0xD265, 0xD279,
+ 0xD27F, 0xD283, 0xD289, 0xD28B, 0xD29D, 0xD2A3, 0xD2A7, 0xD2B3,
+ 0xD2BF, 0xD2C7, 0xD2E3, 0xD2E9, 0xD2F1, 0xD2FB, 0xD2FD, 0xD315,
+ 0xD321, 0xD32B, 0xD343, 0xD34B, 0xD355, 0xD369, 0xD375, 0xD37B,
+ 0xD387, 0xD393, 0xD397, 0xD3A5, 0xD3B1, 0xD3C9, 0xD3EB, 0xD3FD,
+ 0xD405, 0xD40F, 0xD415, 0xD427, 0xD42F, 0xD433, 0xD43B, 0xD44B,
+ 0xD459, 0xD45F, 0xD463, 0xD469, 0xD481, 0xD483, 0xD489, 0xD48D,
+ 0xD493, 0xD495, 0xD4A5, 0xD4AB, 0xD4B1, 0xD4C5, 0xD4DD, 0xD4E1,
+ 0xD4E3, 0xD4E7, 0xD4F5, 0xD4F9, 0xD50B, 0xD50D, 0xD513, 0xD51F,
+ 0xD523, 0xD531, 0xD535, 0xD537, 0xD549, 0xD559, 0xD55F, 0xD565,
+ 0xD567, 0xD577, 0xD58B, 0xD591, 0xD597, 0xD5B5, 0xD5B9, 0xD5C1,
+ 0xD5C7, 0xD5DF, 0xD5EF, 0xD5F5, 0xD5FB, 0xD603, 0xD60F, 0xD62D,
+ 0xD631, 0xD643, 0xD655, 0xD65D, 0xD661, 0xD67B, 0xD685, 0xD687,
+ 0xD69D, 0xD6A5, 0xD6AF, 0xD6BD, 0xD6C3, 0xD6C7, 0xD6D9, 0xD6E1,
+ 0xD6ED, 0xD709, 0xD70B, 0xD711, 0xD715, 0xD721, 0xD727, 0xD73F,
+ 0xD745, 0xD74D, 0xD757, 0xD76B, 0xD77B, 0xD783, 0xD7A1, 0xD7A7,
+ 0xD7AD, 0xD7B1, 0xD7B3, 0xD7BD, 0xD7CB, 0xD7D1, 0xD7DB, 0xD7FB,
+ 0xD811, 0xD823, 0xD825, 0xD829, 0xD82B, 0xD82F, 0xD837, 0xD84D,
+ 0xD855, 0xD867, 0xD873, 0xD88F, 0xD891, 0xD8A1, 0xD8AD, 0xD8BF,
+ 0xD8CD, 0xD8D7, 0xD8E9, 0xD8F5, 0xD8FB, 0xD91B, 0xD925, 0xD933,
+ 0xD939, 0xD943, 0xD945, 0xD94F, 0xD951, 0xD957, 0xD96D, 0xD96F,
+ 0xD973, 0xD979, 0xD981, 0xD98B, 0xD991, 0xD99F, 0xD9A5, 0xD9A9,
+ 0xD9B5, 0xD9D3, 0xD9EB, 0xD9F1, 0xD9F7, 0xD9FF, 0xDA05, 0xDA09,
+ 0xDA0B, 0xDA0F, 0xDA15, 0xDA1D, 0xDA23, 0xDA29, 0xDA3F, 0xDA51,
+ 0xDA59, 0xDA5D, 0xDA5F, 0xDA71, 0xDA77, 0xDA7B, 0xDA7D, 0xDA8D,
+ 0xDA9F, 0xDAB3, 0xDABD, 0xDAC3, 0xDAC9, 0xDAE7, 0xDAE9, 0xDAF5,
+ 0xDB11, 0xDB17, 0xDB1D, 0xDB23, 0xDB25, 0xDB31, 0xDB3B, 0xDB43,
+ 0xDB55, 0xDB67, 0xDB6B, 0xDB73, 0xDB85, 0xDB8F, 0xDB91, 0xDBAD,
+ 0xDBAF, 0xDBB9, 0xDBC7, 0xDBCB, 0xDBCD, 0xDBEB, 0xDBF7, 0xDC0D,
+ 0xDC27, 0xDC31, 0xDC39, 0xDC3F, 0xDC49, 0xDC51, 0xDC61, 0xDC6F,
+ 0xDC75, 0xDC7B, 0xDC85, 0xDC93, 0xDC99, 0xDC9D, 0xDC9F, 0xDCA9,
+ 0xDCB5, 0xDCB7, 0xDCBD, 0xDCC7, 0xDCCF, 0xDCD3, 0xDCD5, 0xDCDF,
+ 0xDCF9, 0xDD0F, 0xDD15, 0xDD17, 0xDD23, 0xDD35, 0xDD39, 0xDD53,
+ 0xDD57, 0xDD5F, 0xDD69, 0xDD6F, 0xDD7D, 0xDD87, 0xDD89, 0xDD9B,
+ 0xDDA1, 0xDDAB, 0xDDBF, 0xDDC5, 0xDDCB, 0xDDCF, 0xDDE7, 0xDDE9,
+ 0xDDED, 0xDDF5, 0xDDFB, 0xDE0B, 0xDE19, 0xDE29, 0xDE3B, 0xDE3D,
+ 0xDE41, 0xDE4D, 0xDE4F, 0xDE59, 0xDE5B, 0xDE61, 0xDE6D, 0xDE77,
+ 0xDE7D, 0xDE83, 0xDE97, 0xDE9D, 0xDEA1, 0xDEA7, 0xDECD, 0xDED1,
+ 0xDED7, 0xDEE3, 0xDEF1, 0xDEF5, 0xDF01, 0xDF09, 0xDF13, 0xDF1F,
+ 0xDF2B, 0xDF33, 0xDF37, 0xDF3D, 0xDF4B, 0xDF55, 0xDF5B, 0xDF67,
+ 0xDF69, 0xDF73, 0xDF85, 0xDF87, 0xDF99, 0xDFA3, 0xDFAB, 0xDFB5,
+ 0xDFB7, 0xDFC3, 0xDFC7, 0xDFD5, 0xDFF1, 0xDFF3, 0xE003, 0xE005,
+ 0xE017, 0xE01D, 0xE027, 0xE02D, 0xE035, 0xE045, 0xE053, 0xE071,
+ 0xE07B, 0xE08F, 0xE095, 0xE09F, 0xE0B7, 0xE0B9, 0xE0D5, 0xE0D7,
+ 0xE0E3, 0xE0F3, 0xE0F9, 0xE101, 0xE125, 0xE129, 0xE131, 0xE135,
+ 0xE143, 0xE14F, 0xE159, 0xE161, 0xE16D, 0xE171, 0xE177, 0xE17F,
+ 0xE183, 0xE189, 0xE197, 0xE1AD, 0xE1B5, 0xE1BB, 0xE1BF, 0xE1C1,
+ 0xE1CB, 0xE1D1, 0xE1E5, 0xE1EF, 0xE1F7, 0xE1FD, 0xE203, 0xE219,
+ 0xE22B, 0xE22D, 0xE23D, 0xE243, 0xE257, 0xE25B, 0xE275, 0xE279,
+ 0xE287, 0xE29D, 0xE2AB, 0xE2AF, 0xE2BB, 0xE2C1, 0xE2C9, 0xE2CD,
+ 0xE2D3, 0xE2D9, 0xE2F3, 0xE2FD, 0xE2FF, 0xE311, 0xE323, 0xE327,
+ 0xE329, 0xE339, 0xE33B, 0xE34D, 0xE351, 0xE357, 0xE35F, 0xE363,
+ 0xE369, 0xE375, 0xE377, 0xE37D, 0xE383, 0xE39F, 0xE3C5, 0xE3C9,
+ 0xE3D1, 0xE3E1, 0xE3FB, 0xE3FF, 0xE401, 0xE40B, 0xE417, 0xE419,
+ 0xE423, 0xE42B, 0xE431, 0xE43B, 0xE447, 0xE449, 0xE453, 0xE455,
+ 0xE46D, 0xE471, 0xE48F, 0xE4A9, 0xE4AF, 0xE4B5, 0xE4C7, 0xE4CD,
+ 0xE4D3, 0xE4E9, 0xE4EB, 0xE4F5, 0xE507, 0xE521, 0xE525, 0xE537,
+ 0xE53F, 0xE545, 0xE54B, 0xE557, 0xE567, 0xE56D, 0xE575, 0xE585,
+ 0xE58B, 0xE593, 0xE5A3, 0xE5A5, 0xE5CF, 0xE609, 0xE611, 0xE615,
+ 0xE61B, 0xE61D, 0xE621, 0xE629, 0xE639, 0xE63F, 0xE653, 0xE657,
+ 0xE663, 0xE66F, 0xE675, 0xE681, 0xE683, 0xE68D, 0xE68F, 0xE695,
+ 0xE6AB, 0xE6AD, 0xE6B7, 0xE6BD, 0xE6C5, 0xE6CB, 0xE6D5, 0xE6E3,
+ 0xE6E9, 0xE6EF, 0xE6F3, 0xE705, 0xE70D, 0xE717, 0xE71F, 0xE72F,
+ 0xE73D, 0xE747, 0xE749, 0xE753, 0xE755, 0xE761, 0xE767, 0xE76B,
+ 0xE77F, 0xE789, 0xE791, 0xE7C5, 0xE7CD, 0xE7D7, 0xE7DD, 0xE7DF,
+ 0xE7E9, 0xE7F1, 0xE7FB, 0xE801, 0xE807, 0xE80F, 0xE819, 0xE81B,
+ 0xE831, 0xE833, 0xE837, 0xE83D, 0xE84B, 0xE84F, 0xE851, 0xE869,
+ 0xE875, 0xE879, 0xE893, 0xE8A5, 0xE8A9, 0xE8AF, 0xE8BD, 0xE8DB,
+ 0xE8E1, 0xE8E5, 0xE8EB, 0xE8ED, 0xE903, 0xE90B, 0xE90F, 0xE915,
+ 0xE917, 0xE92D, 0xE933, 0xE93B, 0xE94B, 0xE951, 0xE95F, 0xE963,
+ 0xE969, 0xE97B, 0xE983, 0xE98F, 0xE995, 0xE9A1, 0xE9B9, 0xE9D7,
+ 0xE9E7, 0xE9EF, 0xEA11, 0xEA19, 0xEA2F, 0xEA35, 0xEA43, 0xEA4D,
+ 0xEA5F, 0xEA6D, 0xEA71, 0xEA7D, 0xEA85, 0xEA89, 0xEAAD, 0xEAB3,
+ 0xEAB9, 0xEABB, 0xEAC5, 0xEAC7, 0xEACB, 0xEADF, 0xEAE5, 0xEAEB,
+ 0xEAF5, 0xEB01, 0xEB07, 0xEB09, 0xEB31, 0xEB39, 0xEB3F, 0xEB5B,
+ 0xEB61, 0xEB63, 0xEB6F, 0xEB81, 0xEB85, 0xEB9D, 0xEBAB, 0xEBB1,
+ 0xEBB7, 0xEBC1, 0xEBD5, 0xEBDF, 0xEBED, 0xEBFD, 0xEC0B, 0xEC1B,
+ 0xEC21, 0xEC29, 0xEC4D, 0xEC51, 0xEC5D, 0xEC69, 0xEC6F, 0xEC7B,
+ 0xECAD, 0xECB9, 0xECBF, 0xECC3, 0xECC9, 0xECCF, 0xECD7, 0xECDD,
+ 0xECE7, 0xECE9, 0xECF3, 0xECF5, 0xED07, 0xED11, 0xED1F, 0xED2F,
+ 0xED37, 0xED3D, 0xED41, 0xED55, 0xED59, 0xED5B, 0xED65, 0xED6B,
+ 0xED79, 0xED8B, 0xED95, 0xEDBB, 0xEDC5, 0xEDD7, 0xEDD9, 0xEDE3,
+ 0xEDE5, 0xEDF1, 0xEDF5, 0xEDF7, 0xEDFB, 0xEE09, 0xEE0F, 0xEE19,
+ 0xEE21, 0xEE49, 0xEE4F, 0xEE63, 0xEE67, 0xEE73, 0xEE7B, 0xEE81,
+ 0xEEA3, 0xEEAB, 0xEEC1, 0xEEC9, 0xEED5, 0xEEDF, 0xEEE1, 0xEEF1,
+ 0xEF1B, 0xEF27, 0xEF2F, 0xEF45, 0xEF4D, 0xEF63, 0xEF6B, 0xEF71,
+ 0xEF93, 0xEF95, 0xEF9B, 0xEF9F, 0xEFAD, 0xEFB3, 0xEFC3, 0xEFC5,
+ 0xEFDB, 0xEFE1, 0xEFE9, 0xF001, 0xF017, 0xF01D, 0xF01F, 0xF02B,
+ 0xF02F, 0xF035, 0xF043, 0xF047, 0xF04F, 0xF067, 0xF06B, 0xF071,
+ 0xF077, 0xF079, 0xF08F, 0xF0A3, 0xF0A9, 0xF0AD, 0xF0BB, 0xF0BF,
+ 0xF0C5, 0xF0CB, 0xF0D3, 0xF0D9, 0xF0E3, 0xF0E9, 0xF0F1, 0xF0F7,
+ 0xF107, 0xF115, 0xF11B, 0xF121, 0xF137, 0xF13D, 0xF155, 0xF175,
+ 0xF17B, 0xF18D, 0xF193, 0xF1A5, 0xF1AF, 0xF1B7, 0xF1D5, 0xF1E7,
+ 0xF1ED, 0xF1FD, 0xF209, 0xF20F, 0xF21B, 0xF21D, 0xF223, 0xF227,
+ 0xF233, 0xF23B, 0xF241, 0xF257, 0xF25F, 0xF265, 0xF269, 0xF277,
+ 0xF281, 0xF293, 0xF2A7, 0xF2B1, 0xF2B3, 0xF2B9, 0xF2BD, 0xF2BF,
+ 0xF2DB, 0xF2ED, 0xF2EF, 0xF2F9, 0xF2FF, 0xF305, 0xF30B, 0xF319,
+ 0xF341, 0xF359, 0xF35B, 0xF35F, 0xF367, 0xF373, 0xF377, 0xF38B,
+ 0xF38F, 0xF3AF, 0xF3C1, 0xF3D1, 0xF3D7, 0xF3FB, 0xF403, 0xF409,
+ 0xF40D, 0xF413, 0xF421, 0xF425, 0xF42B, 0xF445, 0xF44B, 0xF455,
+ 0xF463, 0xF475, 0xF47F, 0xF485, 0xF48B, 0xF499, 0xF4A3, 0xF4A9,
+ 0xF4AF, 0xF4BD, 0xF4C3, 0xF4DB, 0xF4DF, 0xF4ED, 0xF503, 0xF50B,
+ 0xF517, 0xF521, 0xF529, 0xF535, 0xF547, 0xF551, 0xF563, 0xF56B,
+ 0xF583, 0xF58D, 0xF595, 0xF599, 0xF5B1, 0xF5B7, 0xF5C9, 0xF5CF,
+ 0xF5D1, 0xF5DB, 0xF5F9, 0xF5FB, 0xF605, 0xF607, 0xF60B, 0xF60D,
+ 0xF635, 0xF637, 0xF653, 0xF65B, 0xF661, 0xF667, 0xF679, 0xF67F,
+ 0xF689, 0xF697, 0xF69B, 0xF6AD, 0xF6CB, 0xF6DD, 0xF6DF, 0xF6EB,
+ 0xF709, 0xF70F, 0xF72D, 0xF731, 0xF743, 0xF74F, 0xF751, 0xF755,
+ 0xF763, 0xF769, 0xF773, 0xF779, 0xF781, 0xF787, 0xF791, 0xF79D,
+ 0xF79F, 0xF7A5, 0xF7B1, 0xF7BB, 0xF7BD, 0xF7CF, 0xF7D3, 0xF7E7,
+ 0xF7EB, 0xF7F1, 0xF7FF, 0xF805, 0xF80B, 0xF821, 0xF827, 0xF82D,
+ 0xF835, 0xF847, 0xF859, 0xF863, 0xF865, 0xF86F, 0xF871, 0xF877,
+ 0xF87B, 0xF881, 0xF88D, 0xF89F, 0xF8A1, 0xF8AB, 0xF8B3, 0xF8B7,
+ 0xF8C9, 0xF8CB, 0xF8D1, 0xF8D7, 0xF8DD, 0xF8E7, 0xF8EF, 0xF8F9,
+ 0xF8FF, 0xF911, 0xF91D, 0xF925, 0xF931, 0xF937, 0xF93B, 0xF941,
+ 0xF94F, 0xF95F, 0xF961, 0xF96D, 0xF971, 0xF977, 0xF99D, 0xF9A3,
+ 0xF9A9, 0xF9B9, 0xF9CD, 0xF9E9, 0xF9FD, 0xFA07, 0xFA0D, 0xFA13,
+ 0xFA21, 0xFA25, 0xFA3F, 0xFA43, 0xFA51, 0xFA5B, 0xFA6D, 0xFA7B,
+ 0xFA97, 0xFA99, 0xFA9D, 0xFAAB, 0xFABB, 0xFABD, 0xFAD9, 0xFADF,
+ 0xFAE7, 0xFAED, 0xFB0F, 0xFB17, 0xFB1B, 0xFB2D, 0xFB2F, 0xFB3F,
+ 0xFB47, 0xFB4D, 0xFB75, 0xFB7D, 0xFB8F, 0xFB93, 0xFBB1, 0xFBB7,
+ 0xFBC3, 0xFBC5, 0xFBE3, 0xFBE9, 0xFBF3, 0xFC01, 0xFC29, 0xFC37,
+ 0xFC41, 0xFC43, 0xFC4F, 0xFC59, 0xFC61, 0xFC65, 0xFC6D, 0xFC73,
+ 0xFC79, 0xFC95, 0xFC97, 0xFC9B, 0xFCA7, 0xFCB5, 0xFCC5, 0xFCCD,
+ 0xFCEB, 0xFCFB, 0xFD0D, 0xFD0F, 0xFD19, 0xFD2B, 0xFD31, 0xFD51,
+ 0xFD55, 0xFD67, 0xFD6D, 0xFD6F, 0xFD7B, 0xFD85, 0xFD97, 0xFD99,
+ 0xFD9F, 0xFDA9, 0xFDB7, 0xFDC9, 0xFDE5, 0xFDEB, 0xFDF3, 0xFE03,
+ 0xFE05, 0xFE09, 0xFE1D, 0xFE27, 0xFE2F, 0xFE41, 0xFE4B, 0xFE4D,
+ 0xFE57, 0xFE5F, 0xFE63, 0xFE69, 0xFE75, 0xFE7B, 0xFE8F, 0xFE93,
+ 0xFE95, 0xFE9B, 0xFE9F, 0xFEB3, 0xFEBD, 0xFED7, 0xFEE9, 0xFEF3,
+ 0xFEF5, 0xFF07, 0xFF0D, 0xFF1D, 0xFF2B, 0xFF2F, 0xFF49, 0xFF4D,
+ 0xFF5B, 0xFF65, 0xFF71, 0xFF7F, 0xFF85, 0xFF8B, 0xFF8F, 0xFF9D,
+ 0xFFA7, 0xFFA9, 0xFFC7, 0xFFD9, 0xFFEF, 0xFFF1,
+#endif
+};
diff --git a/security/nss/lib/freebl/mpi/stats b/security/nss/lib/freebl/mpi/stats
new file mode 100755
index 000000000..a5deb94c0
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/stats
@@ -0,0 +1,39 @@
+#!/usr/bin/perl
+
+#
+# Treat each line as a sequence of comma and/or space delimited
+# floating point numbers, and compute basic statistics on them.
+# These are written to standard output
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+$min = 1.7976931348623157E+308;
+$max = 2.2250738585072014E-308;
+$sum = $num = 0;
+
+while(<>) {
+ chomp;
+
+ @nums = split(/[\s,]+/, $_);
+ next if($#nums < 0);
+
+ $num += scalar @nums;
+ foreach (@nums) {
+ $min = $_ if($_ < $min);
+ $max = $_ if($_ > $max);
+ $sum += $_;
+ }
+}
+
+if($num) {
+ $avg = $sum / $num;
+} else {
+ $min = $max = 0;
+}
+
+printf "%d\tmin=%.2f, avg=%.2f, max=%.2f, sum=%.2f\n",
+ $num, $min, $avg, $max, $sum;
+
+# end
diff --git a/security/nss/lib/freebl/mpi/target.mk b/security/nss/lib/freebl/mpi/target.mk
new file mode 100644
index 000000000..dd74564b1
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/target.mk
@@ -0,0 +1,233 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+##
+## Define CFLAGS to contain any local options your compiler
+## setup requires.
+##
+## Conditional compilation options are no longer here; see
+## the file 'mpi-config.h' instead.
+##
+MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
+CFLAGS= -O $(MPICMN)
+#CFLAGS=-ansi -fullwarn -woff 1521 -O3 $(MPICMN)
+#CFLAGS=-ansi -pedantic -Wall -O3 $(MPICMN)
+#CFLAGS=-ansi -pedantic -Wall -g -O2 -DMP_DEBUG=1 $(MPICMN)
+
+ifeq ($(TARGET),mipsIRIX)
+#IRIX
+#MPICMN += -DMP_MONT_USE_MP_MUL
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+MPICMN += -DMP_USE_UINT_DIGIT
+#MPICMN += -DMP_NO_MP_WORD
+AS_OBJS = mpi_mips.o
+#ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 -exceptions
+ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3
+#CFLAGS=-ansi -n32 -O3 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
+CFLAGS=-ansi -n32 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
+#CFLAGS=-ansi -n32 -g -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
+#CFLAGS=-ansi -64 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE -DMP_NO_MP_WORD \
+ $(MPICMN)
+endif
+
+ifeq ($(TARGET),alphaOSF1)
+#Alpha/OSF1
+MPICMN += -DMP_ASSEMBLY_MULTIPLY
+AS_OBJS+= mpvalpha.o
+#CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT $(MPICMN)
+CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT \
+ -DMP_NO_MP_WORD $(MPICMN)
+endif
+
+ifeq ($(TARGET),v9SOLARIS)
+#Solaris 64
+SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt
+#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v9a -KPIC -mt
+SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v9a -KPIC -mt
+AS_OBJS += montmulfv9.o
+AS_OBJS += mpi_sparc.o mpv_sparcv9.o
+MPICMN += -DMP_USE_UINT_DIGIT
+#MPICMN += -DMP_NO_MP_WORD
+MPICMN += -DMP_ASSEMBLY_MULTIPLY
+MPICMN += -DMP_USING_MONT_MULF
+CFLAGS= -O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
+ -DSOLARIS2_8 -xarch=v9 -DXP_UNIX $(MPICMN)
+#CFLAGS= -g -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
+ -DSOLARIS2_8 -xarch=v9 -DXP_UNIX $(MPICMN)
+endif
+
+ifeq ($(TARGET),v8plusSOLARIS)
+#Solaris 32
+SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8plusa -KPIC -mt
+SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt
+AS_OBJS += montmulfv8.o
+AS_OBJS += mpi_sparc.o mpv_sparcv8.o
+#AS_OBJS = montmulf.o
+MPICMN += -DMP_ASSEMBLY_MULTIPLY
+MPICMN += -DMP_USING_MONT_MULF
+MPICMN += -DMP_USE_UINT_DIGIT
+MPICMN += -DMP_NO_MP_WORD
+CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
+ -DSOLARIS2_6 -xarch=v8plus -DXP_UNIX $(MPICMN)
+endif
+
+ifeq ($(TARGET),v8SOLARIS)
+#Solaris 32
+#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8 -KPIC -mt
+#SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt
+#AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o
+#AS_OBJS = montmulf.o
+#MPICMN += -DMP_USING_MONT_MULF
+#MPICMN += -DMP_ASSEMBLY_MULTIPLY
+MPICMN += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT
+MPICMN += -DMP_NO_MP_WORD
+CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
+ -DSOLARIS2_6 -xarch=v8 -DXP_UNIX $(MPICMN)
+endif
+
+ifeq ($(TARGET),ia64HPUX)
+#HPUX 32 on ia64 -- 64 bit digits SCREAM.
+# This one is for DD32 which is the 32-bit ABI with 64-bit registers.
+CFLAGS= +O3 -DHPUX10 -D_POSIX_C_SOURCE=199506L -Aa +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +p +DD32 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
+#CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Aa +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +p +DD32 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
+#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +p +DD32 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
+endif
+
+ifeq ($(TARGET),ia64HPUX64)
+#HPUX 32 on ia64
+# This one is for DD64 which is the 64-bit ABI
+CFLAGS= +O3 -DHPUX10 -D_POSIX_C_SOURCE=199506L -Aa +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +p +DD64 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
+#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +p +DD64 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
+endif
+
+ifeq ($(TARGET),PA2.0WHPUX)
+#HPUX64 (HP PA 2.0 Wide) using MAXPY and 64-bit digits
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+AS_OBJS = mpi_hp.o hpma512.o hppa20.o
+CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +O3 +DChpux -DHPUX11 -DXP_UNIX \
+ $(MPICMN)
+#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
+ $(MPICMN)
+AS = $(CC) $(CFLAGS) -c
+endif
+
+ifeq ($(TARGET),PA2.0NHPUX)
+#HPUX32 (HP PA 2.0 Narrow) hybrid model, using 32-bit digits
+# This one is for DA2.0 (N) which is the 32-bit ABI with 64-bit registers.
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+AS_OBJS = mpi_hp.o hpma512.o hppa20.o
+CFLAGS= +O3 -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
+ -Wl,+k $(MPICMN)
+#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
+ -Wl,+k $(MPICMN)
+AS = $(CC) $(CFLAGS) -c
+endif
+
+ifeq ($(TARGET),PA1.1HPUX)
+#HPUX32 (HP PA 1.1) Pure 32 bit
+MPICMN += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
+#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
+CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+ -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
+##CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
+# -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
+endif
+
+ifeq ($(TARGET),32AIX)
+#
+CC = xlC_r
+MPICMN += -DMP_USE_UINT_DIGIT
+MPICMN += -DMP_NO_DIV_WORD
+#MPICMN += -DMP_NO_MUL_WORD
+MPICMN += -DMP_NO_ADD_WORD
+MPICMN += -DMP_NO_SUB_WORD
+#MPICMN += -DMP_NO_MP_WORD
+#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
+CFLAGS = -O -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
+#CFLAGS = -g -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
+#CFLAGS += -pg
+endif
+
+ifeq ($(TARGET),64AIX)
+#
+CC = xlC_r
+MPICMN += -DMP_USE_UINT_DIGIT
+CFLAGS = -O -O2 -DAIX -DSYSV -qarch=com -DAIX_64BIT -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
+OBJECT_MODE=64
+export OBJECT_MODE
+endif
+
+ifeq ($(TARGET),x86LINUX)
+#Linux
+AS_OBJS = mpi_x86.o
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
+MPICMN += -DMP_MONT_USE_MP_MUL -DMP_IS_LITTLE_ENDIAN
+CFLAGS= -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
+ -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
+ -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
+#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
+ -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
+ -DXP_UNIX -DDEBUG -UNDEBUG -D_REENTRANT $(MPICMN)
+#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
+ -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
+ -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
+endif
+
+ifeq ($(TARGET),armLINUX)
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+MPICMN += -DMP_USE_UINT_DIGIT
+AS_OBJS += mpi_arm.o
+endif
+
+ifeq ($(TARGET),AMD64SOLARIS)
+ASFLAGS += -xarch=generic64
+AS_OBJS = mpi_amd64.o mpi_amd64_sun.o
+MP_CONFIG = -DMP_ASSEMBLY_MULTIPLY -DMPI_AMD64
+MP_CONFIG += -DMP_IS_LITTLE_ENDIAN
+CFLAGS = -xarch=generic64 -xO4 -I. -DMP_API_COMPATIBLE -DMP_IOFUNC $(MP_CONFIG)
+MPICMN += $(MP_CONFIG)
+
+mpi_amd64_asm.o: mpi_amd64_sun.s
+ $(AS) -xarch=generic64 -P -D_ASM mpi_amd64_sun.s
+endif
+
+ifeq ($(TARGET),WIN32)
+ifeq ($(CPU_ARCH),x86_64)
+AS_OBJS = mpi_amd64.obj mpi_amd64_masm.obj mp_comba_amd64_masm.asm
+CFLAGS = -Od -Z7 -MDd -W3 -nologo -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USER)
+CFLAGS += -DWIN32 -DWIN64 -D_WINDOWS -D_AMD_64_ -D_M_AMD64 -DWIN95 -DXP_PC
+CFLAGS += $(MPICMN)
+
+$(AS_OBJS): %.obj : %.asm
+ ml64 -Cp -Sn -Zi -coff -nologo -c $<
+
+$(LIBOBJS): %.obj : %.c
+ cl $(CFLAGS) -Fo$@ -c $<
+else
+AS_OBJS = mpi_x86.obj
+MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
+MPICMN += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD -DMP_API_COMPATIBLE
+MPICMN += -DMP_MONT_USE_MP_MUL
+MPICMN += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
+CFLAGS = -Od -Z7 -MDd -W3 -nologo -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USER)
+CFLAGS += -DWIN32 -D_WINDOWS -D_X86_ -DWIN95 -DXP_PC
+CFLAGS += $(MPICMN)
+
+$(AS_OBJS): %.obj : %.asm
+ ml -Cp -Sn -Zi -coff -nologo -c $<
+
+$(LIBOBJS): %.obj : %.c
+ cl $(CFLAGS) -Fo$@ -c $<
+
+endif
+endif
diff --git a/security/nss/lib/freebl/mpi/test-arrays.txt b/security/nss/lib/freebl/mpi/test-arrays.txt
new file mode 100644
index 000000000..6c8908c1a
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/test-arrays.txt
@@ -0,0 +1,55 @@
+#
+# Test suite table for MPI library
+#
+# Format of entries:
+# suite-name:function-name:description
+#
+# suite-name The name used to identify this test in mpi-test
+# function-name The function called to perform this test in mpi-test.c
+# description A brief description of what the suite tests
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+list:test_list:print out a list of the available test suites
+copy:test_copy:test assignment of mp-int structures
+exchange:test_exch:test exchange of mp-int structures
+zero:test_zero:test zeroing of an mp-int
+set:test_set:test setting an mp-int to a small constant
+absolute-value:test_abs:test the absolute value function
+negate:test_neg:test the arithmetic negation function
+add-digit:test_add_d:test digit addition
+add:test_add:test full addition
+subtract-digit:test_sub_d:test digit subtraction
+subtract:test_sub:test full subtraction
+multiply-digit:test_mul_d:test digit multiplication
+multiply:test_mul:test full multiplication
+square:test_sqr:test full squaring function
+divide-digit:test_div_d:test digit division
+divide-2:test_div_2:test division by two
+divide-2d:test_div_2d:test division & remainder by 2^d
+divide:test_div:test full division
+expt-digit:test_expt_d:test digit exponentiation
+expt:test_expt:test full exponentiation
+expt-2:test_2expt:test power-of-two exponentiation
+modulo-digit:test_mod_d:test digit modular reduction
+modulo:test_mod:test full modular reduction
+mod-add:test_addmod:test modular addition
+mod-subtract:test_submod:test modular subtraction
+mod-multiply:test_mulmod:test modular multiplication
+mod-square:test_sqrmod:test modular squaring function
+mod-expt:test_exptmod:test full modular exponentiation
+mod-expt-digit:test_exptmod_d:test digit modular exponentiation
+mod-inverse:test_invmod:test modular inverse function
+compare-digit:test_cmp_d:test digit comparison function
+compare-zero:test_cmp_z:test zero comparison function
+compare:test_cmp:test general signed comparison
+compare-magnitude:test_cmp_mag:test general magnitude comparison
+parity:test_parity:test parity comparison functions
+gcd:test_gcd:test greatest common divisor functions
+lcm:test_lcm:test least common multiple function
+conversion:test_convert:test general radix conversion facilities
+binary:test_raw:test raw output format
+pprime:test_pprime:test probabilistic primality tester
+fermat:test_fermat:test Fermat pseudoprimality tester
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE b/security/nss/lib/freebl/mpi/tests/LICENSE
new file mode 100644
index 000000000..c2c5d0190
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/LICENSE
@@ -0,0 +1,6 @@
+Within this directory, each of the file listed below is licensed under
+the terms given in the file LICENSE-MPL, also in this directory.
+
+pi1k.txt
+pi2k.txt
+pi5k.txt
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
new file mode 100644
index 000000000..41dc2327f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
@@ -0,0 +1,3 @@
+This Source Code Form is subject to the terms of the Mozilla Public
+License, v. 2.0. If a copy of the MPL was not distributed with this
+file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-1.c b/security/nss/lib/freebl/mpi/tests/mptest-1.c
new file mode 100644
index 000000000..449134668
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-1.c
@@ -0,0 +1,43 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 1: Simple input test (drives single-digit multiply and add,
+ * as well as I/O routines)
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#ifdef MAC_CW_SIOUX
+#include <console.h>
+#endif
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ int ix;
+ mp_int mp;
+
+#ifdef MAC_CW_SIOUX
+ argc = ccommand(&argv);
+#endif
+
+ mp_init(&mp);
+
+ for (ix = 1; ix < argc; ix++) {
+ mp_read_radix(&mp, argv[ix], 10);
+ mp_print(&mp, stdout);
+ fputc('\n', stdout);
+ }
+
+ mp_clear(&mp);
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-2.c b/security/nss/lib/freebl/mpi/tests/mptest-2.c
new file mode 100644
index 000000000..1505e6afd
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-2.c
@@ -0,0 +1,62 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 2: Basic addition and subtraction test
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, b, c;
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 2: Basic addition and subtraction\n\n");
+
+ mp_init(&a);
+ mp_init(&b);
+
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&b, argv[2], 10);
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+
+ mp_init(&c);
+ printf("c = a + b\n");
+
+ mp_add(&a, &b, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("c = a - b\n");
+
+ mp_sub(&a, &b, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mp_clear(&c);
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3.c b/security/nss/lib/freebl/mpi/tests/mptest-3.c
new file mode 100644
index 000000000..86fb24654
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-3.c
@@ -0,0 +1,105 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 3: Multiplication, division, and exponentiation test
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include <time.h>
+
+#include "mpi.h"
+
+#define EXPT 0 /* define nonzero to get exponentiate test */
+
+int
+main(int argc, char *argv[])
+{
+ int ix;
+ mp_int a, b, c, d;
+ mp_digit r;
+ mp_err res;
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 3: Multiplication and division\n\n");
+ srand(time(NULL));
+
+ mp_init(&a);
+ mp_init(&b);
+
+ mp_read_variable_radix(&a, argv[1], 10);
+ mp_read_variable_radix(&b, argv[2], 10);
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+
+ mp_init(&c);
+ printf("\nc = a * b\n");
+
+ mp_mul(&a, &b, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = b * 32523\n");
+
+ mp_mul_d(&b, 32523, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mp_init(&d);
+ printf("\nc = a / b, d = a mod b\n");
+
+ mp_div(&a, &b, &c, &d);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("d = ");
+ mp_print(&d, stdout);
+ fputc('\n', stdout);
+
+ ix = rand() % 256;
+ printf("\nc = a / %d, r = a mod %d\n", ix, ix);
+ mp_div_d(&a, (mp_digit)ix, &c, &r);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("r = %04X\n", r);
+
+#if EXPT
+ printf("\nc = a ** b\n");
+ mp_expt(&a, &b, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+#endif
+
+ ix = rand() % 256;
+ printf("\nc = 2^%d\n", ix);
+ mp_2expt(&c, ix);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mp_clear(&d);
+ mp_clear(&c);
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3a.c b/security/nss/lib/freebl/mpi/tests/mptest-3a.c
new file mode 100644
index 000000000..c6cea7046
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-3a.c
@@ -0,0 +1,123 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 3a: Multiplication vs. squaring timing test
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include <time.h>
+
+#include "mpi.h"
+#include "mpprime.h"
+
+int
+main(int argc, char *argv[])
+{
+ int ix, num, prec = 8;
+ double d1, d2;
+ clock_t start, finish;
+ time_t seed;
+ mp_int a, c, d;
+
+ seed = time(NULL);
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
+ return 1;
+ }
+
+ if ((num = atoi(argv[1])) < 0)
+ num = -num;
+
+ if (!num) {
+ fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
+ return 1;
+ }
+
+ if (argc > 2) {
+ if ((prec = atoi(argv[2])) <= 0)
+ prec = 8;
+ else
+ prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
+ }
+
+ printf("Test 3a: Multiplication vs squaring timing test\n"
+ "Precision: %d digits (%u bits)\n"
+ "# of tests: %d\n\n",
+ prec, prec * DIGIT_BIT, num);
+
+ mp_init_size(&a, prec);
+
+ mp_init(&c);
+ mp_init(&d);
+
+ printf("Verifying accuracy ... \n");
+ srand((unsigned int)seed);
+ for (ix = 0; ix < num; ix++) {
+ mpp_random_size(&a, prec);
+ mp_mul(&a, &a, &c);
+ mp_sqr(&a, &d);
+
+ if (mp_cmp(&c, &d) != 0) {
+ printf("Error! Results not accurate:\n");
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("d = ");
+ mp_print(&d, stdout);
+ fputc('\n', stdout);
+ mp_sub(&c, &d, &d);
+ printf("dif ");
+ mp_print(&d, stdout);
+ fputc('\n', stdout);
+ mp_clear(&c);
+ mp_clear(&d);
+ mp_clear(&a);
+ return 1;
+ }
+ }
+ printf("Accuracy is confirmed for the %d test samples\n", num);
+ mp_clear(&d);
+
+ printf("Testing squaring ... \n");
+ srand((unsigned int)seed);
+ start = clock();
+ for (ix = 0; ix < num; ix++) {
+ mpp_random_size(&a, prec);
+ mp_sqr(&a, &c);
+ }
+ finish = clock();
+
+ d2 = (double)(finish - start) / CLOCKS_PER_SEC;
+
+ printf("Testing multiplication ... \n");
+ srand((unsigned int)seed);
+ start = clock();
+ for (ix = 0; ix < num; ix++) {
+ mpp_random(&a);
+ mp_mul(&a, &a, &c);
+ }
+ finish = clock();
+
+ d1 = (double)(finish - start) / CLOCKS_PER_SEC;
+
+ printf("Multiplication time: %.3f sec (%.3f each)\n", d1, d1 / num);
+ printf("Squaring time: %.3f sec (%.3f each)\n", d2, d2 / num);
+ printf("Improvement: %.2f%%\n", (1.0 - (d2 / d1)) * 100.0);
+
+ mp_clear(&c);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4.c b/security/nss/lib/freebl/mpi/tests/mptest-4.c
new file mode 100644
index 000000000..0f326ac2c
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-4.c
@@ -0,0 +1,111 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 4: Modular arithmetic tests
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ int ix;
+ mp_int a, b, c, m;
+ mp_digit r;
+
+ if (argc < 4) {
+ fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 4: Modular arithmetic\n\n");
+
+ mp_init(&a);
+ mp_init(&b);
+ mp_init(&m);
+
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&b, argv[2], 10);
+ mp_read_radix(&m, argv[3], 10);
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("m = ");
+ mp_print(&m, stdout);
+ fputc('\n', stdout);
+
+ mp_init(&c);
+ printf("\nc = a (mod m)\n");
+
+ mp_mod(&a, &m, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = b (mod m)\n");
+
+ mp_mod(&b, &m, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = b (mod 1853)\n");
+
+ mp_mod_d(&b, 1853, &r);
+ printf("c = %04X\n", r);
+
+ printf("\nc = (a + b) mod m\n");
+
+ mp_addmod(&a, &b, &m, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = (a - b) mod m\n");
+
+ mp_submod(&a, &b, &m, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = (a * b) mod m\n");
+
+ mp_mulmod(&a, &b, &m, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = (a ** b) mod m\n");
+
+ mp_exptmod(&a, &b, &m, &c);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ printf("\nIn-place modular squaring test:\n");
+ for (ix = 0; ix < 5; ix++) {
+ printf("a = (a * a) mod m a = ");
+ mp_sqrmod(&a, &m, &a);
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ }
+
+ mp_clear(&c);
+ mp_clear(&m);
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4a.c b/security/nss/lib/freebl/mpi/tests/mptest-4a.c
new file mode 100644
index 000000000..0c8e18872
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-4a.c
@@ -0,0 +1,109 @@
+/*
+ * mptest4a - modular exponentiation speed test
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <time.h>
+
+#include <sys/time.h>
+
+#include "mpi.h"
+#include "mpprime.h"
+
+typedef struct {
+ unsigned int sec;
+ unsigned int usec;
+} instant_t;
+
+instant_t
+now(void)
+{
+ struct timeval clk;
+ instant_t res;
+
+ res.sec = res.usec = 0;
+
+ if (gettimeofday(&clk, NULL) != 0)
+ return res;
+
+ res.sec = clk.tv_sec;
+ res.usec = clk.tv_usec;
+
+ return res;
+}
+
+extern mp_err s_mp_pad();
+
+int
+main(int argc, char *argv[])
+{
+ int ix, num, prec = 8;
+ unsigned int d;
+ instant_t start, finish;
+ time_t seed;
+ mp_int a, m, c;
+
+ seed = time(NULL);
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
+ return 1;
+ }
+
+ if ((num = atoi(argv[1])) < 0)
+ num = -num;
+
+ if (!num) {
+ fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
+ return 1;
+ }
+
+ if (argc > 2) {
+ if ((prec = atoi(argv[2])) <= 0)
+ prec = 8;
+ }
+
+ printf("Test 3a: Modular exponentiation timing test\n"
+ "Precision: %d digits (%d bits)\n"
+ "# of tests: %d\n\n",
+ prec, prec * DIGIT_BIT, num);
+
+ mp_init_size(&a, prec);
+ mp_init_size(&m, prec);
+ mp_init_size(&c, prec);
+ s_mp_pad(&a, prec);
+ s_mp_pad(&m, prec);
+ s_mp_pad(&c, prec);
+
+ printf("Testing modular exponentiation ... \n");
+ srand((unsigned int)seed);
+
+ start = now();
+ for (ix = 0; ix < num; ix++) {
+ mpp_random(&a);
+ mpp_random(&c);
+ mpp_random(&m);
+ mp_exptmod(&a, &c, &m, &c);
+ }
+ finish = now();
+
+ d = (finish.sec - start.sec) * 1000000;
+ d -= start.usec;
+ d += finish.usec;
+
+ printf("Total time elapsed: %u usec\n", d);
+ printf("Time per exponentiation: %u usec (%.3f sec)\n",
+ (d / num), (double)(d / num) / 1000000);
+
+ mp_clear(&c);
+ mp_clear(&a);
+ mp_clear(&m);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4b.c b/security/nss/lib/freebl/mpi/tests/mptest-4b.c
new file mode 100644
index 000000000..1bb2f911f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-4b.c
@@ -0,0 +1,107 @@
+/*
+ * mptest-4b.c
+ *
+ * Test speed of a large modular exponentiation of a primitive element
+ * modulo a prime.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <time.h>
+
+#include <sys/time.h>
+
+#include "mpi.h"
+#include "mpprime.h"
+
+char *g_prime =
+ "34BD53C07350E817CCD49721020F1754527959C421C1533244769D4CF060A8B1C3DA"
+ "25094BE723FB1E2369B55FEEBBE0FAC16425161BF82684062B5EC5D7D47D1B23C117"
+ "0FA19745E44A55E148314E582EB813AC9EE5126295E2E380CACC2F6D206B293E5ED9"
+ "23B54EE961A8C69CD625CE4EC38B70C649D7F014432AEF3A1C93";
+char *g_gen = "5";
+
+typedef struct {
+ unsigned int sec;
+ unsigned int usec;
+} instant_t;
+
+instant_t
+now(void)
+{
+ struct timeval clk;
+ instant_t res;
+
+ res.sec = res.usec = 0;
+
+ if (gettimeofday(&clk, NULL) != 0)
+ return res;
+
+ res.sec = clk.tv_sec;
+ res.usec = clk.tv_usec;
+
+ return res;
+}
+
+extern mp_err s_mp_pad();
+
+int
+main(int argc, char *argv[])
+{
+ instant_t start, finish;
+ mp_int prime, gen, expt, res;
+ unsigned int ix, diff;
+ int num;
+
+ srand(time(NULL));
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
+ return 1;
+ }
+
+ if ((num = atoi(argv[1])) < 0)
+ num = -num;
+
+ if (num == 0)
+ ++num;
+
+ mp_init(&prime);
+ mp_init(&gen);
+ mp_init(&res);
+ mp_read_radix(&prime, g_prime, 16);
+ mp_read_radix(&gen, g_gen, 16);
+
+ mp_init_size(&expt, USED(&prime) - 1);
+ s_mp_pad(&expt, USED(&prime) - 1);
+
+ printf("Testing %d modular exponentations ... \n", num);
+
+ start = now();
+ for (ix = 0; ix < num; ix++) {
+ mpp_random(&expt);
+ mp_exptmod(&gen, &expt, &prime, &res);
+ }
+ finish = now();
+
+ diff = (finish.sec - start.sec) * 1000000;
+ diff += finish.usec;
+ diff -= start.usec;
+
+ printf("%d operations took %u usec (%.3f sec)\n",
+ num, diff, (double)diff / 1000000.0);
+ printf("That is %.3f sec per operation.\n",
+ ((double)diff / 1000000.0) / num);
+
+ mp_clear(&expt);
+ mp_clear(&res);
+ mp_clear(&gen);
+ mp_clear(&prime);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5.c b/security/nss/lib/freebl/mpi/tests/mptest-5.c
new file mode 100644
index 000000000..dff3ed470
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-5.c
@@ -0,0 +1,85 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 5: Other number theoretic functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, b, c, x, y;
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 5: Number theoretic functions\n\n");
+
+ mp_init(&a);
+ mp_init(&b);
+
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&b, argv[2], 10);
+
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+
+ mp_init(&c);
+ printf("\nc = (a, b)\n");
+
+ mp_gcd(&a, &b, &c);
+ printf("Euclid: c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ /*
+ mp_bgcd(&a, &b, &c);
+ printf("Binary: c = "); mp_print(&c, stdout); fputc('\n', stdout);
+ */
+ mp_init(&x);
+ mp_init(&y);
+ printf("\nc = (a, b) = ax + by\n");
+
+ mp_xgcd(&a, &b, &c, &x, &y);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("x = ");
+ mp_print(&x, stdout);
+ fputc('\n', stdout);
+ printf("y = ");
+ mp_print(&y, stdout);
+ fputc('\n', stdout);
+
+ printf("\nc = a^-1 (mod b)\n");
+ if (mp_invmod(&a, &b, &c) == MP_UNDEF) {
+ printf("a has no inverse mod b\n");
+ } else {
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ }
+
+ mp_clear(&y);
+ mp_clear(&x);
+ mp_clear(&c);
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5a.c b/security/nss/lib/freebl/mpi/tests/mptest-5a.c
new file mode 100644
index 000000000..c410a6a84
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-5a.c
@@ -0,0 +1,147 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 5a: Greatest common divisor speed test, binary vs. Euclid
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+#include <time.h>
+
+#include <sys/time.h>
+
+#include "mpi.h"
+#include "mpprime.h"
+
+typedef struct {
+ unsigned int sec;
+ unsigned int usec;
+} instant_t;
+
+instant_t
+now(void)
+{
+ struct timeval clk;
+ instant_t res;
+
+ res.sec = res.usec = 0;
+
+ if (gettimeofday(&clk, NULL) != 0)
+ return res;
+
+ res.sec = clk.tv_sec;
+ res.usec = clk.tv_usec;
+
+ return res;
+}
+
+#define PRECISION 16
+
+int
+main(int argc, char *argv[])
+{
+ int ix, num, prec = PRECISION;
+ mp_int a, b, c, d;
+ instant_t start, finish;
+ time_t seed;
+ unsigned int d1, d2;
+
+ seed = time(NULL);
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
+ return 1;
+ }
+
+ if ((num = atoi(argv[1])) < 0)
+ num = -num;
+
+ printf("Test 5a: Euclid vs. Binary, a GCD speed test\n\n"
+ "Number of tests: %d\n"
+ "Precision: %d digits\n\n",
+ num, prec);
+
+ mp_init_size(&a, prec);
+ mp_init_size(&b, prec);
+ mp_init(&c);
+ mp_init(&d);
+
+ printf("Verifying accuracy ... \n");
+ srand((unsigned int)seed);
+ for (ix = 0; ix < num; ix++) {
+ mpp_random_size(&a, prec);
+ mpp_random_size(&b, prec);
+
+ mp_gcd(&a, &b, &c);
+ mp_bgcd(&a, &b, &d);
+
+ if (mp_cmp(&c, &d) != 0) {
+ printf("Error! Results not accurate:\n");
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("d = ");
+ mp_print(&d, stdout);
+ fputc('\n', stdout);
+
+ mp_clear(&a);
+ mp_clear(&b);
+ mp_clear(&c);
+ mp_clear(&d);
+ return 1;
+ }
+ }
+ mp_clear(&d);
+ printf("Accuracy confirmed for the %d test samples\n", num);
+
+ printf("Testing Euclid ... \n");
+ srand((unsigned int)seed);
+ start = now();
+ for (ix = 0; ix < num; ix++) {
+ mpp_random_size(&a, prec);
+ mpp_random_size(&b, prec);
+ mp_gcd(&a, &b, &c);
+ }
+ finish = now();
+
+ d1 = (finish.sec - start.sec) * 1000000;
+ d1 -= start.usec;
+ d1 += finish.usec;
+
+ printf("Testing binary ... \n");
+ srand((unsigned int)seed);
+ start = now();
+ for (ix = 0; ix < num; ix++) {
+ mpp_random_size(&a, prec);
+ mpp_random_size(&b, prec);
+ mp_bgcd(&a, &b, &c);
+ }
+ finish = now();
+
+ d2 = (finish.sec - start.sec) * 1000000;
+ d2 -= start.usec;
+ d2 += finish.usec;
+
+ printf("Euclidean algorithm time: %u usec\n", d1);
+ printf("Binary algorithm time: %u usec\n", d2);
+ printf("Improvement: %.2f%%\n",
+ (1.0 - ((double)d2 / (double)d1)) * 100.0);
+
+ mp_clear(&c);
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-6.c b/security/nss/lib/freebl/mpi/tests/mptest-6.c
new file mode 100644
index 000000000..4febf39c5
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-6.c
@@ -0,0 +1,78 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 6: Output functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include "mpi.h"
+
+void
+print_buf(FILE *ofp, char *buf, int len)
+{
+ int ix, brk = 0;
+
+ for (ix = 0; ix < len; ix++) {
+ fprintf(ofp, "%02X ", buf[ix]);
+
+ brk = (brk + 1) & 0xF;
+ if (!brk)
+ fputc('\n', ofp);
+ }
+
+ if (brk)
+ fputc('\n', ofp);
+}
+
+int
+main(int argc, char *argv[])
+{
+ int ix, size;
+ mp_int a;
+ char *buf;
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <a>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 6: Output functions\n\n");
+
+ mp_init(&a);
+
+ mp_read_radix(&a, argv[1], 10);
+
+ printf("\nConverting to a string:\n");
+
+ printf("Rx Size Representation\n");
+ for (ix = 2; ix <= MAX_RADIX; ix++) {
+ size = mp_radix_size(&a, ix);
+
+ buf = calloc(size, sizeof(char));
+ mp_toradix(&a, buf, ix);
+ printf("%2d: %3d: %s\n", ix, size, buf);
+ free(buf);
+ }
+
+ printf("\nRaw output:\n");
+ size = mp_raw_size(&a);
+ buf = calloc(size, sizeof(char));
+
+ printf("Size: %d bytes\n", size);
+
+ mp_toraw(&a, buf);
+ print_buf(stdout, buf, size);
+ free(buf);
+
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-7.c b/security/nss/lib/freebl/mpi/tests/mptest-7.c
new file mode 100644
index 000000000..1e83fbf96
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-7.c
@@ -0,0 +1,85 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 7: Random and divisibility tests
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+#include <time.h>
+
+#define MP_IOFUNC 1
+#include "mpi.h"
+
+#include "mpprime.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_digit num;
+ mp_int a, b;
+
+ srand(time(NULL));
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 7: Random & divisibility tests\n\n");
+
+ mp_init(&a);
+ mp_init(&b);
+
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&b, argv[2], 10);
+
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+
+ if (mpp_divis(&a, &b) == MP_YES)
+ printf("a is divisible by b\n");
+ else
+ printf("a is not divisible by b\n");
+
+ if (mpp_divis(&b, &a) == MP_YES)
+ printf("b is divisible by a\n");
+ else
+ printf("b is not divisible by a\n");
+
+ printf("\nb = mpp_random()\n");
+ mpp_random(&b);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ mpp_random(&b);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ mpp_random(&b);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+
+ printf("\nTesting a for divisibility by first 170 primes\n");
+ num = 170;
+ if (mpp_divis_primes(&a, &num) == MP_YES)
+ printf("It is divisible by at least one of them\n");
+ else
+ printf("It is not divisible by any of them\n");
+
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-8.c b/security/nss/lib/freebl/mpi/tests/mptest-8.c
new file mode 100644
index 000000000..a9d3afff9
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-8.c
@@ -0,0 +1,68 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test 8: Probabilistic primality tester
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+#include <time.h>
+
+#define MP_IOFUNC 1
+#include "mpi.h"
+
+#include "mpprime.h"
+
+int
+main(int argc, char *argv[])
+{
+ int ix;
+ mp_digit num;
+ mp_int a;
+
+ srand(time(NULL));
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <a>\n", argv[0]);
+ return 1;
+ }
+
+ printf("Test 8: Probabilistic primality testing\n\n");
+
+ mp_init(&a);
+
+ mp_read_radix(&a, argv[1], 10);
+
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+
+ printf("\nChecking for divisibility by small primes ... \n");
+ num = 170;
+ if (mpp_divis_primes(&a, &num) == MP_YES) {
+ printf("it is not prime\n");
+ goto CLEANUP;
+ }
+ printf("Passed that test (not divisible by any small primes).\n");
+
+ for (ix = 0; ix < 10; ix++) {
+ printf("\nPerforming Rabin-Miller test, iteration %d\n", ix + 1);
+
+ if (mpp_pprime(&a, 5) == MP_NO) {
+ printf("it is not prime\n");
+ goto CLEANUP;
+ }
+ }
+ printf("All tests passed; a is probably prime\n");
+
+CLEANUP:
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-9.c b/security/nss/lib/freebl/mpi/tests/mptest-9.c
new file mode 100644
index 000000000..133264e89
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-9.c
@@ -0,0 +1,109 @@
+/*
+ * mptest-9.c
+ *
+ * Test logical functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+#include <time.h>
+
+#include "mpi.h"
+#include "mplogic.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, b, c;
+ int pco;
+ mp_err res;
+
+ printf("Test 9: Logical functions\n\n");
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_init(&b);
+ mp_init(&c);
+ mp_read_radix(&a, argv[1], 16);
+ mp_read_radix(&b, argv[2], 16);
+
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+
+ mpl_not(&a, &c);
+ printf("~a = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mpl_and(&a, &b, &c);
+ printf("a & b = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mpl_or(&a, &b, &c);
+ printf("a | b = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mpl_xor(&a, &b, &c);
+ printf("a ^ b = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mpl_rsh(&a, &c, 1);
+ printf("a >> 1 = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ mpl_rsh(&a, &c, 5);
+ printf("a >> 5 = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ mpl_rsh(&a, &c, 16);
+ printf("a >> 16 = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mpl_lsh(&a, &c, 1);
+ printf("a << 1 = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ mpl_lsh(&a, &c, 5);
+ printf("a << 5 = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ mpl_lsh(&a, &c, 16);
+ printf("a << 16 = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+
+ mpl_num_set(&a, &pco);
+ printf("population(a) = %d\n", pco);
+ mpl_num_set(&b, &pco);
+ printf("population(b) = %d\n", pco);
+
+ res = mpl_parity(&a);
+ if (res == MP_EVEN)
+ printf("a has even parity\n");
+ else
+ printf("a has odd parity\n");
+
+ mp_clear(&c);
+ mp_clear(&b);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-b.c b/security/nss/lib/freebl/mpi/tests/mptest-b.c
new file mode 100644
index 000000000..07f30eaf8
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/mptest-b.c
@@ -0,0 +1,230 @@
+/*
+ * Simple test driver for MPI library
+ *
+ * Test GF2m: Binary Polynomial Arithmetic
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <limits.h>
+
+#include "mp_gf2m.h"
+
+int
+main(int argc, char *argv[])
+{
+ int ix;
+ mp_int pp, a, b, x, y, order;
+ mp_int c, d, e;
+ mp_digit r;
+ mp_err res;
+ unsigned int p[] = { 163, 7, 6, 3, 0 };
+ unsigned int ptemp[10];
+
+ printf("Test b: Binary Polynomial Arithmetic\n\n");
+
+ mp_init(&pp);
+ mp_init(&a);
+ mp_init(&b);
+ mp_init(&x);
+ mp_init(&y);
+ mp_init(&order);
+
+ mp_read_radix(&pp, "0800000000000000000000000000000000000000C9", 16);
+ mp_read_radix(&a, "1", 16);
+ mp_read_radix(&b, "020A601907B8C953CA1481EB10512F78744A3205FD", 16);
+ mp_read_radix(&x, "03F0EBA16286A2D57EA0991168D4994637E8343E36", 16);
+ mp_read_radix(&y, "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", 16);
+ mp_read_radix(&order, "040000000000000000000292FE77E70C12A4234C33", 16);
+ printf("pp = ");
+ mp_print(&pp, stdout);
+ fputc('\n', stdout);
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("x = ");
+ mp_print(&x, stdout);
+ fputc('\n', stdout);
+ printf("y = ");
+ mp_print(&y, stdout);
+ fputc('\n', stdout);
+ printf("order = ");
+ mp_print(&order, stdout);
+ fputc('\n', stdout);
+
+ mp_init(&c);
+ mp_init(&d);
+ mp_init(&e);
+
+ /* Test polynomial conversion */
+ ix = mp_bpoly2arr(&pp, ptemp, 10);
+ if (
+ (ix != 5) ||
+ (ptemp[0] != p[0]) ||
+ (ptemp[1] != p[1]) ||
+ (ptemp[2] != p[2]) ||
+ (ptemp[3] != p[3]) ||
+ (ptemp[4] != p[4])) {
+ printf("Polynomial to array conversion not correct\n");
+ return -1;
+ }
+
+ printf("Polynomial conversion test #1 successful.\n");
+ MP_CHECKOK(mp_barr2poly(p, &c));
+ if (mp_cmp(&pp, &c) != 0) {
+ printf("Array to polynomial conversion not correct\n");
+ return -1;
+ }
+ printf("Polynomial conversion test #2 successful.\n");
+
+ /* Test addition */
+ MP_CHECKOK(mp_badd(&a, &a, &c));
+ if (mp_cmp_z(&c) != 0) {
+ printf("a+a should equal zero\n");
+ return -1;
+ }
+ printf("Addition test #1 successful.\n");
+ MP_CHECKOK(mp_badd(&a, &b, &c));
+ MP_CHECKOK(mp_badd(&b, &c, &c));
+ if (mp_cmp(&c, &a) != 0) {
+ printf("c = (a + b) + b should equal a\n");
+ printf("a = ");
+ mp_print(&a, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Addition test #2 successful.\n");
+
+ /* Test multiplication */
+ mp_set(&c, 2);
+ MP_CHECKOK(mp_bmul(&b, &c, &c));
+ MP_CHECKOK(mp_badd(&b, &c, &c));
+ mp_set(&d, 3);
+ MP_CHECKOK(mp_bmul(&b, &d, &d));
+ if (mp_cmp(&c, &d) != 0) {
+ printf("c = (2 * b) + b should equal c = 3 * b\n");
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("d = ");
+ mp_print(&d, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Multiplication test #1 successful.\n");
+
+ /* Test modular reduction */
+ MP_CHECKOK(mp_bmod(&b, p, &c));
+ if (mp_cmp(&b, &c) != 0) {
+ printf("c = b mod p should equal b\n");
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular reduction test #1 successful.\n");
+ MP_CHECKOK(mp_badd(&b, &pp, &c));
+ MP_CHECKOK(mp_bmod(&c, p, &c));
+ if (mp_cmp(&b, &c) != 0) {
+ printf("c = (b + p) mod p should equal b\n");
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular reduction test #2 successful.\n");
+ MP_CHECKOK(mp_bmul(&b, &pp, &c));
+ MP_CHECKOK(mp_bmod(&c, p, &c));
+ if (mp_cmp_z(&c) != 0) {
+ printf("c = (b * p) mod p should equal 0\n");
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular reduction test #3 successful.\n");
+
+ /* Test modular multiplication */
+ MP_CHECKOK(mp_bmulmod(&b, &pp, p, &c));
+ if (mp_cmp_z(&c) != 0) {
+ printf("c = (b * p) mod p should equal 0\n");
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular multiplication test #1 successful.\n");
+ mp_set(&c, 1);
+ MP_CHECKOK(mp_badd(&pp, &c, &c));
+ MP_CHECKOK(mp_bmulmod(&b, &c, p, &c));
+ if (mp_cmp(&b, &c) != 0) {
+ printf("c = (b * (p + 1)) mod p should equal b\n");
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular multiplication test #2 successful.\n");
+
+ /* Test modular squaring */
+ MP_CHECKOK(mp_copy(&b, &c));
+ MP_CHECKOK(mp_bmulmod(&b, &c, p, &c));
+ MP_CHECKOK(mp_bsqrmod(&b, p, &d));
+ if (mp_cmp(&c, &d) != 0) {
+ printf("c = (b * b) mod p should equal d = b^2 mod p\n");
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ printf("d = ");
+ mp_print(&d, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular squaring test #1 successful.\n");
+
+ /* Test modular division */
+ MP_CHECKOK(mp_bdivmod(&b, &x, &pp, p, &c));
+ MP_CHECKOK(mp_bmulmod(&c, &x, p, &c));
+ if (mp_cmp(&b, &c) != 0) {
+ printf("c = (b / x) * x mod p should equal b\n");
+ printf("b = ");
+ mp_print(&b, stdout);
+ fputc('\n', stdout);
+ printf("c = ");
+ mp_print(&c, stdout);
+ fputc('\n', stdout);
+ return -1;
+ }
+ printf("Modular division test #1 successful.\n");
+
+CLEANUP:
+
+ mp_clear(&order);
+ mp_clear(&y);
+ mp_clear(&x);
+ mp_clear(&b);
+ mp_clear(&a);
+ mp_clear(&pp);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/tests/pi1k.txt b/security/nss/lib/freebl/mpi/tests/pi1k.txt
new file mode 100644
index 000000000..5ff6209ff
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/pi1k.txt
@@ -0,0 +1 @@
+31415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989
diff --git a/security/nss/lib/freebl/mpi/tests/pi2k.txt b/security/nss/lib/freebl/mpi/tests/pi2k.txt
new file mode 100644
index 000000000..9ce82acd1
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/pi2k.txt
@@ -0,0 +1 @@
+314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759010
diff --git a/security/nss/lib/freebl/mpi/tests/pi5k.txt b/security/nss/lib/freebl/mpi/tests/pi5k.txt
new file mode 100644
index 000000000..901fac2ea
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/tests/pi5k.txt
@@ -0,0 +1 @@
+314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759009946576407895126946839835259570982582262052248940772671947826848260147699090264013639443745530506820349625245174939965143142980919065925093722169646151570985838741059788595977297549893016175392846813826868386894277415599185592524595395943104997252468084598727364469584865383673622262609912460805124388439045124413654976278079771569143599770012961608944169486855584840635342207222582848864815845602850601684273945226746767889525213852254995466672782398645659611635488623057745649803559363456817432411251507606947945109659609402522887971089314566913686722874894056010150330861792868092087476091782493858900971490967598526136554978189312978482168299894872265880485756401427047755513237964145152374623436454285844479526586782105114135473573952311342716610213596953623144295248493718711014576540359027993440374200731057853906219838744780847848968332144571386875194350643021845319104848100537061468067491927819119793995206141966342875444064374512371819217999839101591956181467514269123974894090718649423196156794520809514655022523160388193014209376213785595663893778708303906979207734672218256259966150142150306803844773454920260541466592520149744285073251866600213243408819071048633173464965145390579626856100550810665879699816357473638405257145910289706414011097120628043903975951567715770042033786993600723055876317635942187312514712053292819182618612586732157919841484882916447060957527069572209175671167229109816909152801735067127485832228718352093539657251210835791513698820914442100675103346711031412671113699086585163983150197016515116851714376576183515565088490998985998238734552833163550764791853589322618548963213293308985706420467525907091548141654985946163718027098199430992448895757128289059232332609729971208443357326548938239119325974636673058360414281388303203824903758985243744170291327656180937734440307074692112019130203303801976211011004492932151608424448596376698389522868478312355265821314495768572624334418930396864262434107732269780280731891544110104468232527162010526522721116603966655730925471105578537634668206531098965269186205647693125705863566201855810072936065987648611791045334885034611365768675324944166803962657978771855608455296541266540853061434443185867697514566140680070023787765913440171274947042056223053899456131407112700040785473326993908145466464588079727082668306343285878569830523580893306575740679545716377525420211495576158140025012622859413021647155097925923099079654737612551765675135751782966645477917450112996148903046399471329621073404375189573596145890193897131117904297828564750320319869151402870808599048010941214722131794764777262241425485454033215718530614228813758504306332175182979866223717215916077166925474873898665494945011465406284336639379003976926567214638530673609657120918076383271664162748888007869256029022847210403172118608204190004229661711963779213375751149595015660496318629472654736425230817703675159067350235072835405670403867435136222247715891504953098444893330963408780769325993978054193414473774418426312986080998886874132604721
diff --git a/security/nss/lib/freebl/mpi/timetest b/security/nss/lib/freebl/mpi/timetest
new file mode 100755
index 000000000..c6f07bb30
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/timetest
@@ -0,0 +1,99 @@
+#!/bin/sh
+
+# Simple timing test for the MPI library. Basically, we use prime
+# generation as a timing test, since it exercises most of the pathways
+# of the library fairly heavily. The 'primegen' tool outputs a line
+# summarizing timing results. We gather these and process them for
+# statistical information, which is collected into a file.
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Avoid using built-in shell echoes
+ECHO=/bin/echo
+MAKE=gmake
+PERL=perl
+
+# Use a fixed seed so timings will be more consistent
+# This one is the 11th-18th decimal digits of 'e'
+#export SEED=45904523
+SEED=45904523; export SEED
+
+#------------------------------------------------------------------------
+
+$ECHO "\n** Running timing tests for MPI library\n"
+
+$ECHO "Bringing 'metime' up to date ... "
+if $MAKE metime ; then
+ :
+else
+ $ECHO "\nMake failed to build metime.\n"
+ exit 1
+fi
+
+if [ ! -x ./metime ] ; then
+ $ECHO "\nCannot find 'metime' program, testing cannot continue.\n"
+ exit 1
+fi
+
+#------------------------------------------------------------------------
+
+$ECHO "Bringing 'primegen' up to date ... "
+if $MAKE primegen ; then
+ :
+else
+ $ECHO "\nMake failed to build primegen.\n"
+ exit 1
+fi
+
+if [ ! -x ./primegen ] ; then
+ $ECHO "\nCannot find 'primegen' program, testing cannot continue.\n"
+ exit 1
+fi
+
+#------------------------------------------------------------------------
+
+rm -f timing-results.txt
+touch timing-results.txt
+
+sizes="256 512 1024 2048"
+ntests=10
+
+trap 'echo "oop!";rm -f tt*.tmp timing-results.txt;exit 0' INT HUP
+
+$ECHO "\n-- Modular exponentiation\n"
+$ECHO "Modular exponentiation:" >> timing-results.txt
+
+$ECHO "Running $ntests modular exponentiations per test:"
+for size in $sizes ; do
+ $ECHO "- Gathering statistics for $size bits ... "
+ secs=`./metime $ntests $size | tail -1 | awk '{print $2}'`
+ $ECHO "$size: " $secs " seconds per op" >> timing-results.txt
+ tail -1 timing-results.txt
+done
+
+$ECHO "<done>";
+
+sizes="256 512 1024"
+ntests=1
+
+$ECHO "\n-- Prime generation\n"
+$ECHO "Prime generation:" >> timing-results.txt
+
+$ECHO "Generating $ntests prime values per test:"
+for size in $sizes ; do
+ $ECHO "- Gathering statistics for $size bits ... "
+ ./primegen $size $ntests | grep ticks | awk '{print $7}' | tr -d '(' > tt$$.tmp
+ $ECHO "$size:" >> timing-results.txt
+ $PERL stats tt$$.tmp >> timing-results.txt
+ tail -1 timing-results.txt
+ rm -f tt$$.tmp
+done
+
+$ECHO "<done>"
+
+trap 'rm -f tt*.tmp timing-results.txt' INT HUP
+
+exit 0
+
diff --git a/security/nss/lib/freebl/mpi/types.pl b/security/nss/lib/freebl/mpi/types.pl
new file mode 100755
index 000000000..c5f38afa5
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/types.pl
@@ -0,0 +1,127 @@
+#!/usr/bin/perl
+
+#
+# types.pl - find recommended type definitions for digits and words
+#
+# This script scans the Makefile for the C compiler and compilation
+# flags currently in use, and using this combination, attempts to
+# compile a simple test program that outputs the sizes of the various
+# unsigned integer types, in bytes. Armed with these, it finds all
+# the "viable" type combinations for mp_digit and mp_word, where
+# viability is defined by the requirement that mp_word be at least two
+# times the precision of mp_digit.
+#
+# Of these, the one with the largest digit size is chosen, and
+# appropriate typedef statements are written to standard output.
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+@_=split(/\//,$0);chomp($prog=pop(@_));
+
+# The array of integer types to be considered...
+@TYPES = (
+ "unsigned char",
+ "unsigned short",
+ "unsigned int",
+ "unsigned long"
+);
+
+# Macro names for the maximum unsigned value of each type
+%TMAX = (
+ "unsigned char" => "UCHAR_MAX",
+ "unsigned short" => "USHRT_MAX",
+ "unsigned int" => "UINT_MAX",
+ "unsigned long" => "ULONG_MAX"
+);
+
+# Read the Makefile to find out which C compiler to use
+open(MFP, "<Makefile") or die "$prog: Makefile: $!\n";
+while(<MFP>) {
+ chomp;
+ if(/^CC=(.*)$/) {
+ $cc = $1;
+ last if $cflags;
+ } elsif(/^CFLAGS=(.*)$/) {
+ $cflags = $1;
+ last if $cc;
+ }
+}
+close(MFP);
+
+# If we couldn't find that, use 'cc' by default
+$cc = "cc" unless $cc;
+
+printf STDERR "Using '%s' as the C compiler.\n", $cc;
+
+print STDERR "Determining type sizes ... \n";
+open(OFP, ">tc$$.c") or die "$prog: tc$$.c: $!\n";
+print OFP "#include <stdio.h>\n\nint main(void)\n{\n";
+foreach $type (@TYPES) {
+ printf OFP "\tprintf(\"%%d\\n\", (int)sizeof(%s));\n", $type;
+}
+print OFP "\n\treturn 0;\n}\n";
+close(OFP);
+
+system("$cc $cflags -o tc$$ tc$$.c");
+
+die "$prog: unable to build test program\n" unless(-x "tc$$");
+
+open(IFP, "./tc$$|") or die "$prog: can't execute test program\n";
+$ix = 0;
+while(<IFP>) {
+ chomp;
+ $size{$TYPES[$ix++]} = $_;
+}
+close(IFP);
+
+unlink("tc$$");
+unlink("tc$$.c");
+
+print STDERR "Selecting viable combinations ... \n";
+while(($type, $size) = each(%size)) {
+ push(@ts, [ $size, $type ]);
+}
+
+# Sort them ascending by size
+@ts = sort { $a->[0] <=> $b->[0] } @ts;
+
+# Try all possible combinations, finding pairs in which the word size
+# is twice the digit size. The number of possible pairs is too small
+# to bother doing this more efficiently than by brute force
+for($ix = 0; $ix <= $#ts; $ix++) {
+ $w = $ts[$ix];
+
+ for($jx = 0; $jx <= $#ts; $jx++) {
+ $d = $ts[$jx];
+
+ if($w->[0] == 2 * $d->[0]) {
+ push(@valid, [ $d, $w ]);
+ }
+ }
+}
+
+# Sort descending by digit size
+@valid = sort { $b->[0]->[0] <=> $a->[0]->[0] } @valid;
+
+# Select the maximum as the recommended combination
+$rec = shift(@valid);
+
+printf("typedef %-18s mp_sign;\n", "char");
+printf("typedef %-18s mp_digit; /* %d byte type */\n",
+ $rec->[0]->[1], $rec->[0]->[0]);
+printf("typedef %-18s mp_word; /* %d byte type */\n",
+ $rec->[1]->[1], $rec->[1]->[0]);
+printf("typedef %-18s mp_size;\n", "unsigned int");
+printf("typedef %-18s mp_err;\n\n", "int");
+
+printf("#define %-18s (CHAR_BIT*sizeof(mp_digit))\n", "DIGIT_BIT");
+printf("#define %-18s %s\n", "DIGIT_MAX", $TMAX{$rec->[0]->[1]});
+printf("#define %-18s (CHAR_BIT*sizeof(mp_word))\n", "MP_WORD_BIT");
+printf("#define %-18s %s\n\n", "MP_WORD_MAX", $TMAX{$rec->[1]->[1]});
+printf("#define %-18s (DIGIT_MAX+1)\n\n", "RADIX");
+
+printf("#define %-18s \"%%0%dX\"\n", "DIGIT_FMT", (2 * $rec->[0]->[0]));
+
+exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE b/security/nss/lib/freebl/mpi/utils/LICENSE
new file mode 100644
index 000000000..5f96df7ab
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/LICENSE
@@ -0,0 +1,4 @@
+Within this directory, each of the file listed below is licensed under
+the terms given in the file LICENSE-MPL, also in this directory.
+
+PRIMES
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
new file mode 100644
index 000000000..41dc2327f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
@@ -0,0 +1,3 @@
+This Source Code Form is subject to the terms of the Mozilla Public
+License, v. 2.0. If a copy of the MPL was not distributed with this
+file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/lib/freebl/mpi/utils/PRIMES b/security/nss/lib/freebl/mpi/utils/PRIMES
new file mode 100644
index 000000000..ed65703ff
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/PRIMES
@@ -0,0 +1,41 @@
+Probable primes (sorted by number of significant bits)
+
+ 128: 81386202757205669562183851789305348631
+
+ 128: 180241813863264101444573802809858694397
+
+ 128: 245274683055224433281596312431122059021
+
+ 128: 187522309397665259809392608791686659539
+
+ 256: 83252422946206411852330647237287722547866360773229941071371588246436\
+ 513990159
+
+ 256: 79132571131322331023736933767063051273085304521895229780914612117520\
+ 058517909
+
+ 256: 72081815425552909748220041100909735706208853818662000557743644603407\
+ 965465527
+
+ 256: 87504602391905701494845474079163412737334477797316409702279059573654\
+ 274811271
+
+ 512: 12233064210800062190450937494718705259777386009095453001870729392786\
+ 63450255179083524798507997690270500580265258111668148238355016411719\
+ 9168737693316468563
+
+ 512: 12003639081420725322369909586347545220275253633035565716386136197501\
+ 88208318984400479275215620499883521216480724155582768193682335576385\
+ 2069481074929084063
+
+1024: 16467877625718912296741904171202513097057724053648819680815842057593\
+ 20371835940722471475475803725455063836431454757000451907612224427007\
+ 63984592414360595161051906727075047683803534852982766542661204179549\
+ 77327573530800542562611753617736693359790119074768292178493884576587\
+ 0230450429880021317876149636714743053
+
+1024: 16602953991090311275234291158294516471009930684624948451178742895360\
+ 86073703307475884280944414508444679430090561246728195735962931545473\
+ 40743240318558456247740186704660778277799687988031119436541068736925\
+ 20563780233711166724859277827382391527748470939542560819625727876091\
+ 5372193745283891895989104479029844957
diff --git a/security/nss/lib/freebl/mpi/utils/README b/security/nss/lib/freebl/mpi/utils/README
new file mode 100644
index 000000000..61c8e2efa
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/README
@@ -0,0 +1,206 @@
+This Source Code Form is subject to the terms of the Mozilla Public
+License, v. 2.0. If a copy of the MPL was not distributed with this
+file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+Additional MPI utilities
+------------------------
+
+The files 'mpprime.h' and 'mpprime.c' define some useful extensions to
+the MPI library for dealing with prime numbers (in particular, testing
+for divisbility, and the Rabin-Miller probabilistic primality test).
+
+The files 'mplogic.h' and 'mplogic.c' define extensions to the MPI
+library for doing bitwise logical operations and shifting.
+
+This document assumes you have read the help file for the MPI library
+and understand its conventions.
+
+Divisibility (mpprime.h)
+------------
+
+To test a number for divisibility by another number:
+
+mpp_divis(a, b) - test if b|a
+mpp_divis_d(a, d) - test if d|a
+
+Each of these functions returns MP_YES if its initial argument is
+divisible by its second, or MP_NO if it is not. Other errors may be
+returned as appropriate (such as MP_RANGE if you try to test for
+divisibility by zero).
+
+Randomness (mpprime.h)
+----------
+
+To generate random data:
+
+mpp_random(a) - fill a with random data
+mpp_random_size(a, p) - fill a with p digits of random data
+
+The mpp_random_size() function increases the precision of a to at
+least p, then fills all those digits randomly. The mp_random()
+function fills a to its current precision (as determined by the number
+of significant digits, USED(a))
+
+Note that these functions simply use the C library's rand() function
+to fill a with random digits up to its precision. This should be
+adequate for primality testing, but should not be used for
+cryptographic applications where truly random values are required for
+security.
+
+You should call srand() in your driver program in order to seed the
+random generator; this function doesn't call it.
+
+Primality Testing (mpprime.h)
+-----------------
+
+mpp_divis_vector(a, v, s, w) - is a divisible by any of the s values
+ in v, and if so, w = which.
+mpp_divis_primes(a, np) - is a divisible by any of the first np primes?
+mpp_fermat(a, w) - is a pseudoprime with respect to witness w?
+mpp_pprime(a, nt) - run nt iterations of Rabin-Miller on a.
+
+The mpp_divis_vector() function tests a for divisibility by each
+member of an array of digits. The array is v, the size of that array
+is s. Returns MP_YES if a is divisible, and stores the index of the
+offending digit in w. Returns MP_NO if a is not divisible by any of
+the digits in the array.
+
+A small table of primes is compiled into the library (typically the
+first 128 primes, although you can change this by editing the file
+'primes.c' before you build). The global variable prime_tab_size
+contains the number of primes in the table, and the values themselves
+are in the array prime_tab[], which is an array of mp_digit.
+
+The mpp_divis_primes() function is basically just a wrapper around
+mpp_divis_vector() that uses prime_tab[] as the test vector. The np
+parameter is a pointer to an mp_digit -- on input, it should specify
+the number of primes to be tested against. If a is divisible by any
+of the primes, MP_YES is returned and np is given the prime value that
+divided a (you can use this if you're factoring, for example).
+Otherwise, MP_NO is returned and np is untouched.
+
+The function mpp_fermat() performs Fermat's test, using w as a
+witness. This test basically relies on the fact that if a is prime,
+and w is relatively prime to a, then:
+
+ w^a = w (mod a)
+
+That is,
+
+ w^(a - 1) = 1 (mod a)
+
+The function returns MP_YES if the test passes, MP_NO if it fails. If
+w is relatively prime to a, and the test fails, a is definitely
+composite. If w is relatively prime to a and the test passes, then a
+is either prime, or w is a false witness (the probability of this
+happening depends on the choice of w and of a ... consult a number
+theory textbook for more information about this).
+
+Note: If (w, a) != 1, the output of this test is meaningless.
+----
+
+The function mpp_pprime() performs the Rabin-Miller probabilistic
+primality test for nt rounds. If all the tests pass, MP_YES is
+returned, and a is probably prime. The probability that an answer of
+MP_YES is incorrect is no greater than 1 in 4^nt, and in fact is
+usually much less than that (this is a pessimistic estimate). If any
+test fails, MP_NO is returned, and a is definitely composite.
+
+Bruce Schneier recommends at least 5 iterations of this test for most
+cryptographic applications; Knuth suggests that 25 are reasonable.
+Run it as many times as you feel are necessary.
+
+See the programs 'makeprime.c' and 'isprime.c' for reasonable examples
+of how to use these functions for primality testing.
+
+
+Bitwise Logic (mplogic.c)
+-------------
+
+The four commonest logical operations are implemented as:
+
+mpl_not(a, b) - Compute bitwise (one's) complement, b = ~a
+
+mpl_and(a, b, c) - Compute bitwise AND, c = a & b
+
+mpl_or(a, b, c) - Compute bitwise OR, c = a | b
+
+mpl_xor(a, b, c) - Compute bitwise XOR, c = a ^ b
+
+Left and right shifts are available as well. These take a number to
+shift, a destination, and a shift amount. The shift amount must be a
+digit value between 0 and DIGIT_BIT inclusive; if it is not, MP_RANGE
+will be returned and the shift will not happen.
+
+mpl_rsh(a, b, d) - Compute logical right shift, b = a >> d
+
+mpl_lsh(a, b, d) - Compute logical left shift, b = a << d
+
+Since these are logical shifts, they fill with zeroes (the library
+uses a signed magnitude representation, so there are no sign bits to
+extend anyway).
+
+
+Command-line Utilities
+----------------------
+
+A handful of interesting command-line utilities are provided. These
+are:
+
+lap.c - Find the order of a mod m. Usage is 'lap <a> <m>'.
+ This uses a dumb algorithm, so don't use it for
+ a really big modulus.
+
+invmod.c - Find the inverse of a mod m, if it exists. Usage
+ is 'invmod <a> <m>'
+
+sieve.c - A simple bitmap-based implementation of the Sieve
+ of Eratosthenes. Used to generate the table of
+ primes in primes.c. Usage is 'sieve <nbits>'
+
+prng.c - Uses the routines in bbs_rand.{h,c} to generate
+ one or more 32-bit pseudo-random integers. This
+ is mainly an example, not intended for use in a
+ cryptographic application (the system time is
+ the only source of entropy used)
+
+dec2hex.c - Convert decimal to hexadecimal
+
+hex2dec.c - Convert hexadecimal to decimal
+
+basecvt.c - General radix conversion tool (supports 2-64)
+
+isprime.c - Probabilistically test an integer for primality
+ using the Rabin-Miller pseudoprime test combined
+ with division by small primes.
+
+primegen.c - Generate primes at random.
+
+exptmod.c - Perform modular exponentiation
+
+ptab.pl - A Perl script to munge the output of the sieve
+ program into a compilable C structure.
+
+
+Other Files
+-----------
+
+PRIMES - Some randomly generated numbers which are prime with
+ extremely high probability.
+
+README - You're reading me already.
+
+
+About the Author
+----------------
+
+This software was written by Michael J. Fromberger. You can contact
+the author as follows:
+
+E-mail: <sting@linguist.dartmouth.edu>
+
+Postal: 8000 Cummings Hall, Thayer School of Engineering
+ Dartmouth College, Hanover, New Hampshire, USA
+
+PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html
+ 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907
diff --git a/security/nss/lib/freebl/mpi/utils/basecvt.c b/security/nss/lib/freebl/mpi/utils/basecvt.c
new file mode 100644
index 000000000..0e9915406
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/basecvt.c
@@ -0,0 +1,68 @@
+/*
+ * basecvt.c
+ *
+ * Convert integer values specified on the command line from one input
+ * base to another. Accepts input and output bases between 2 and 36
+ * inclusive.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+
+#define IBASE 10
+#define OBASE 16
+#define USAGE "Usage: %s ibase obase [value]\n"
+#define MAXBASE 64
+#define MINBASE 2
+
+int
+main(int argc, char *argv[])
+{
+ int ix, ibase = IBASE, obase = OBASE;
+ mp_int val;
+
+ ix = 1;
+ if (ix < argc) {
+ ibase = atoi(argv[ix++]);
+
+ if (ibase < MINBASE || ibase > MAXBASE) {
+ fprintf(stderr, "%s: input radix must be between %d and %d inclusive\n",
+ argv[0], MINBASE, MAXBASE);
+ return 1;
+ }
+ }
+ if (ix < argc) {
+ obase = atoi(argv[ix++]);
+
+ if (obase < MINBASE || obase > MAXBASE) {
+ fprintf(stderr, "%s: output radix must be between %d and %d inclusive\n",
+ argv[0], MINBASE, MAXBASE);
+ return 1;
+ }
+ }
+
+ mp_init(&val);
+ while (ix < argc) {
+ char *out;
+ int outlen;
+
+ mp_read_radix(&val, argv[ix++], ibase);
+
+ outlen = mp_radix_size(&val, obase);
+ out = calloc(outlen, sizeof(char));
+ mp_toradix(&val, out, obase);
+
+ printf("%s\n", out);
+ free(out);
+ }
+
+ mp_clear(&val);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.c b/security/nss/lib/freebl/mpi/utils/bbs_rand.c
new file mode 100644
index 000000000..fed2fe2e6
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/bbs_rand.c
@@ -0,0 +1,65 @@
+/*
+ * Blum, Blum & Shub PRNG using the MPI library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "bbs_rand.h"
+
+#define SEED 1
+#define MODULUS 2
+
+/* This modulus is the product of two randomly generated 512-bit
+ prime integers, each of which is congruent to 3 (mod 4). */
+static char *bbs_modulus =
+ "75A2A6E1D27393B86562B9CE7279A8403CB4258A637DAB5233465373E37837383EDC"
+ "332282B8575927BC4172CE8C147B4894050EE9D2BDEED355C121037270CA2570D127"
+ "7D2390CD1002263326635CC6B259148DE3A1A03201980A925E395E646A5E9164B0EC"
+ "28559EBA58C87447245ADD0651EDA507056A1129E3A3E16E903D64B437";
+
+static int bbs_init = 0; /* flag set when library is initialized */
+static mp_int bbs_state; /* the current state of the generator */
+
+/* Suggested size of random seed data */
+int bbs_seed_size = (sizeof(bbs_modulus) / 2);
+
+void
+bbs_srand(unsigned char *data, int len)
+{
+ if ((bbs_init & SEED) == 0) {
+ mp_init(&bbs_state);
+ bbs_init |= SEED;
+ }
+
+ mp_read_raw(&bbs_state, (char *)data, len);
+
+} /* end bbs_srand() */
+
+unsigned int
+bbs_rand(void)
+{
+ static mp_int modulus;
+ unsigned int result = 0, ix;
+
+ if ((bbs_init & MODULUS) == 0) {
+ mp_init(&modulus);
+ mp_read_radix(&modulus, bbs_modulus, 16);
+ bbs_init |= MODULUS;
+ }
+
+ for (ix = 0; ix < sizeof(unsigned int); ix++) {
+ mp_digit d;
+
+ mp_sqrmod(&bbs_state, &modulus, &bbs_state);
+ d = DIGIT(&bbs_state, 0);
+
+ result = (result << CHAR_BIT) | (d & UCHAR_MAX);
+ }
+
+ return result;
+
+} /* end bbs_rand() */
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.h b/security/nss/lib/freebl/mpi/utils/bbs_rand.h
new file mode 100644
index 000000000..d12269bf9
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/bbs_rand.h
@@ -0,0 +1,24 @@
+/*
+ * bbs_rand.h
+ *
+ * Blum, Blum & Shub PRNG using the MPI library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _H_BBSRAND_
+#define _H_BBSRAND_
+
+#include <limits.h>
+#include "mpi.h"
+
+#define BBS_RAND_MAX UINT_MAX
+
+/* Suggested length of seed data */
+extern int bbs_seed_size;
+
+void bbs_srand(unsigned char *data, int len);
+unsigned int bbs_rand(void);
+
+#endif /* end _H_BBSRAND_ */
diff --git a/security/nss/lib/freebl/mpi/utils/bbsrand.c b/security/nss/lib/freebl/mpi/utils/bbsrand.c
new file mode 100644
index 000000000..d9151e005
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/bbsrand.c
@@ -0,0 +1,35 @@
+/*
+ * bbsrand.c
+ *
+ * Test driver for routines in bbs_rand.h
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <limits.h>
+
+#include "bbs_rand.h"
+
+#define NUM_TESTS 100
+
+int
+main(void)
+{
+ unsigned int seed, result, ix;
+
+ seed = time(NULL);
+ bbs_srand((unsigned char *)&seed, sizeof(seed));
+
+ for (ix = 0; ix < NUM_TESTS; ix++) {
+ result = bbs_rand();
+
+ printf("Test %3u: %08X\n", ix + 1, result);
+ }
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/dec2hex.c b/security/nss/lib/freebl/mpi/utils/dec2hex.c
new file mode 100644
index 000000000..ef3a52095
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/dec2hex.c
@@ -0,0 +1,40 @@
+/*
+ * dec2hex.c
+ *
+ * Convert decimal integers into hexadecimal
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a;
+ char *buf;
+ int len;
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <a>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_read_radix(&a, argv[1], 10);
+ len = mp_radix_size(&a, 16);
+ buf = malloc(len);
+ mp_toradix(&a, buf, 16);
+
+ printf("%s\n", buf);
+
+ free(buf);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/exptmod.c b/security/nss/lib/freebl/mpi/utils/exptmod.c
new file mode 100644
index 000000000..3ac9078f4
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/exptmod.c
@@ -0,0 +1,55 @@
+/*
+ * exptmod.c
+ *
+ * Command line tool to perform modular exponentiation on arbitrary
+ * precision integers.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, b, m;
+ mp_err res;
+ char *str;
+ int len, rval = 0;
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_init(&b);
+ mp_init(&m);
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&b, argv[2], 10);
+ mp_read_radix(&m, argv[3], 10);
+
+ if ((res = mp_exptmod(&a, &b, &m, &a)) != MP_OKAY) {
+ fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
+ rval = 1;
+ } else {
+ len = mp_radix_size(&a, 10);
+ str = calloc(len, sizeof(char));
+ mp_toradix(&a, str, 10);
+
+ printf("%s\n", str);
+
+ free(str);
+ }
+
+ mp_clear(&a);
+ mp_clear(&b);
+ mp_clear(&m);
+
+ return rval;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/fact.c b/security/nss/lib/freebl/mpi/utils/fact.c
new file mode 100644
index 000000000..da8e61a32
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/fact.c
@@ -0,0 +1,84 @@
+/*
+ * fact.c
+ *
+ * Compute factorial of input integer
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+
+mp_err mp_fact(mp_int *a, mp_int *b);
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a;
+ mp_err res;
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <number>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_read_radix(&a, argv[1], 10);
+
+ if ((res = mp_fact(&a, &a)) != MP_OKAY) {
+ fprintf(stderr, "%s: error: %s\n", argv[0],
+ mp_strerror(res));
+ mp_clear(&a);
+ return 1;
+ }
+
+ {
+ char *buf;
+ int len;
+
+ len = mp_radix_size(&a, 10);
+ buf = malloc(len);
+ mp_todecimal(&a, buf);
+
+ puts(buf);
+
+ free(buf);
+ }
+
+ mp_clear(&a);
+ return 0;
+}
+
+mp_err
+mp_fact(mp_int *a, mp_int *b)
+{
+ mp_int ix, s;
+ mp_err res = MP_OKAY;
+
+ if (mp_cmp_z(a) < 0)
+ return MP_UNDEF;
+
+ mp_init(&s);
+ mp_add_d(&s, 1, &s); /* s = 1 */
+ mp_init(&ix);
+ mp_add_d(&ix, 1, &ix); /* ix = 1 */
+
+ for (/* */; mp_cmp(&ix, a) <= 0; mp_add_d(&ix, 1, &ix)) {
+ if ((res = mp_mul(&s, &ix, &s)) != MP_OKAY)
+ break;
+ }
+
+ mp_clear(&ix);
+
+ /* Copy out results if we got them */
+ if (res == MP_OKAY)
+ mp_copy(&s, b);
+
+ mp_clear(&s);
+
+ return res;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/gcd.c b/security/nss/lib/freebl/mpi/utils/gcd.c
new file mode 100644
index 000000000..9f11a250b
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/gcd.c
@@ -0,0 +1,95 @@
+/*
+ * gcd.c
+ *
+ * Greatest common divisor
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+
+char *g_prog = NULL;
+
+void print_mp_int(mp_int *mp, FILE *ofp);
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, b, x, y;
+ mp_err res;
+ int ext = 0;
+
+ g_prog = argv[0];
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <b>\n", g_prog);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_read_radix(&a, argv[1], 10);
+ mp_init(&b);
+ mp_read_radix(&b, argv[2], 10);
+
+ /* If we were called 'xgcd', compute x, y so that g = ax + by */
+ if (strcmp(g_prog, "xgcd") == 0) {
+ ext = 1;
+ mp_init(&x);
+ mp_init(&y);
+ }
+
+ if (ext) {
+ if ((res = mp_xgcd(&a, &b, &a, &x, &y)) != MP_OKAY) {
+ fprintf(stderr, "%s: error: %s\n", g_prog, mp_strerror(res));
+ mp_clear(&a);
+ mp_clear(&b);
+ mp_clear(&x);
+ mp_clear(&y);
+ return 1;
+ }
+ } else {
+ if ((res = mp_gcd(&a, &b, &a)) != MP_OKAY) {
+ fprintf(stderr, "%s: error: %s\n", g_prog,
+ mp_strerror(res));
+ mp_clear(&a);
+ mp_clear(&b);
+ return 1;
+ }
+ }
+
+ print_mp_int(&a, stdout);
+ if (ext) {
+ fputs("x = ", stdout);
+ print_mp_int(&x, stdout);
+ fputs("y = ", stdout);
+ print_mp_int(&y, stdout);
+ }
+
+ mp_clear(&a);
+ mp_clear(&b);
+
+ if (ext) {
+ mp_clear(&x);
+ mp_clear(&y);
+ }
+
+ return 0;
+}
+
+void
+print_mp_int(mp_int *mp, FILE *ofp)
+{
+ char *buf;
+ int len;
+
+ len = mp_radix_size(mp, 10);
+ buf = calloc(len, sizeof(char));
+ mp_todecimal(mp, buf);
+ fprintf(ofp, "%s\n", buf);
+ free(buf);
+}
diff --git a/security/nss/lib/freebl/mpi/utils/hex2dec.c b/security/nss/lib/freebl/mpi/utils/hex2dec.c
new file mode 100644
index 000000000..9b21d22e0
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/hex2dec.c
@@ -0,0 +1,40 @@
+/*
+ * hex2dec.c
+ *
+ * Convert decimal integers into hexadecimal
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a;
+ char *buf;
+ int len;
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <a>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_read_radix(&a, argv[1], 16);
+ len = mp_radix_size(&a, 10);
+ buf = malloc(len);
+ mp_toradix(&a, buf, 10);
+
+ printf("%s\n", buf);
+
+ free(buf);
+ mp_clear(&a);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/identest.c b/security/nss/lib/freebl/mpi/utils/identest.c
new file mode 100644
index 000000000..321d2c2b0
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/identest.c
@@ -0,0 +1,84 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "mpi.h"
+#include "mpprime.h"
+#include <sys/types.h>
+#include <time.h>
+
+#define MAX_PREC (4096 / MP_DIGIT_BIT)
+
+mp_err
+identity_test(void)
+{
+ mp_size preca, precb;
+ mp_err res;
+ mp_int a, b;
+ mp_int t1, t2, t3, t4, t5;
+
+ preca = (rand() % MAX_PREC) + 1;
+ precb = (rand() % MAX_PREC) + 1;
+
+ MP_DIGITS(&a) = 0;
+ MP_DIGITS(&b) = 0;
+ MP_DIGITS(&t1) = 0;
+ MP_DIGITS(&t2) = 0;
+ MP_DIGITS(&t3) = 0;
+ MP_DIGITS(&t4) = 0;
+ MP_DIGITS(&t5) = 0;
+
+ MP_CHECKOK(mp_init(&a));
+ MP_CHECKOK(mp_init(&b));
+ MP_CHECKOK(mp_init(&t1));
+ MP_CHECKOK(mp_init(&t2));
+ MP_CHECKOK(mp_init(&t3));
+ MP_CHECKOK(mp_init(&t4));
+ MP_CHECKOK(mp_init(&t5));
+
+ MP_CHECKOK(mpp_random_size(&a, preca));
+ MP_CHECKOK(mpp_random_size(&b, precb));
+
+ if (mp_cmp(&a, &b) < 0)
+ mp_exch(&a, &b);
+
+ MP_CHECKOK(mp_mod(&a, &b, &t1)); /* t1 = a%b */
+ MP_CHECKOK(mp_div(&a, &b, &t2, NULL)); /* t2 = a/b */
+ MP_CHECKOK(mp_mul(&b, &t2, &t3)); /* t3 = (a/b)*b */
+ MP_CHECKOK(mp_add(&t1, &t3, &t4)); /* t4 = a%b + (a/b)*b */
+ MP_CHECKOK(mp_sub(&t4, &a, &t5)); /* t5 = a%b + (a/b)*b - a */
+ if (mp_cmp_z(&t5) != 0) {
+ res = MP_UNDEF;
+ goto CLEANUP;
+ }
+
+CLEANUP:
+ mp_clear(&t5);
+ mp_clear(&t4);
+ mp_clear(&t3);
+ mp_clear(&t2);
+ mp_clear(&t1);
+ mp_clear(&b);
+ mp_clear(&a);
+ return res;
+}
+
+int
+main(void)
+{
+ unsigned int seed = (unsigned int)time(NULL);
+ unsigned long count = 0;
+ mp_err res;
+
+ srand(seed);
+
+ while (MP_OKAY == (res = identity_test())) {
+ if ((++count % 100) == 0)
+ fputc('.', stderr);
+ }
+
+ fprintf(stderr, "\ntest failed, err %d\n", res);
+ return res;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/invmod.c b/security/nss/lib/freebl/mpi/utils/invmod.c
new file mode 100644
index 000000000..9b4b04d3f
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/invmod.c
@@ -0,0 +1,61 @@
+/*
+ * invmod.c
+ *
+ * Compute modular inverses
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "mpi.h"
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, m;
+ mp_err res;
+ char *buf;
+ int len, out = 0;
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_init(&m);
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&m, argv[2], 10);
+
+ if (mp_cmp(&a, &m) > 0)
+ mp_mod(&a, &m, &a);
+
+ switch ((res = mp_invmod(&a, &m, &a))) {
+ case MP_OKAY:
+ len = mp_radix_size(&a, 10);
+ buf = malloc(len);
+
+ mp_toradix(&a, buf, 10);
+ printf("%s\n", buf);
+ free(buf);
+ break;
+
+ case MP_UNDEF:
+ printf("No inverse\n");
+ out = 1;
+ break;
+
+ default:
+ printf("error: %s (%d)\n", mp_strerror(res), res);
+ out = 2;
+ break;
+ }
+
+ mp_clear(&a);
+ mp_clear(&m);
+
+ return out;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/isprime.c b/security/nss/lib/freebl/mpi/utils/isprime.c
new file mode 100644
index 000000000..d2d86957e
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/isprime.c
@@ -0,0 +1,89 @@
+/*
+ * isprime.c
+ *
+ * Probabilistic primality tester command-line tool
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mpi.h"
+#include "mpprime.h"
+
+#define RM_TESTS 15 /* how many iterations of Rabin-Miller? */
+#define MINIMUM 1024 /* don't bother us with a < this */
+
+int g_tests = RM_TESTS;
+char *g_prog = NULL;
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a;
+ mp_digit np = prime_tab_size; /* from mpprime.h */
+ int res = 0;
+
+ g_prog = argv[0];
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <a>, where <a> is a decimal integer\n"
+ "Use '0x' prefix for a hexadecimal value\n",
+ g_prog);
+ return 1;
+ }
+
+ /* Read number of tests from environment, if present */
+ {
+ char *tmp;
+
+ if ((tmp = PR_GetEnvSecure("RM_TESTS")) != NULL) {
+ if ((g_tests = atoi(tmp)) <= 0)
+ g_tests = RM_TESTS;
+ }
+ }
+
+ mp_init(&a);
+ if (argv[1][0] == '0' && argv[1][1] == 'x')
+ mp_read_radix(&a, argv[1] + 2, 16);
+ else
+ mp_read_radix(&a, argv[1], 10);
+
+ if (mp_cmp_d(&a, MINIMUM) <= 0) {
+ fprintf(stderr, "%s: please use a value greater than %d\n",
+ g_prog, MINIMUM);
+ mp_clear(&a);
+ return 1;
+ }
+
+ /* Test for divisibility by small primes */
+ if (mpp_divis_primes(&a, &np) != MP_NO) {
+ printf("Not prime (divisible by small prime %d)\n", np);
+ res = 2;
+ goto CLEANUP;
+ }
+
+ /* Test with Fermat's test, using 2 as a witness */
+ if (mpp_fermat(&a, 2) != MP_YES) {
+ printf("Not prime (failed Fermat test)\n");
+ res = 2;
+ goto CLEANUP;
+ }
+
+ /* Test with Rabin-Miller probabilistic test */
+ if (mpp_pprime(&a, g_tests) == MP_NO) {
+ printf("Not prime (failed pseudoprime test)\n");
+ res = 2;
+ goto CLEANUP;
+ }
+
+ printf("Probably prime, 1 in 4^%d chance of false positive\n", g_tests);
+
+CLEANUP:
+ mp_clear(&a);
+
+ return res;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/lap.c b/security/nss/lib/freebl/mpi/utils/lap.c
new file mode 100644
index 000000000..501e4531d
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/lap.c
@@ -0,0 +1,90 @@
+/*
+ * lap.c
+ *
+ * Find least annihilating power of a mod m
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+
+#include "mpi.h"
+
+void sig_catch(int ign);
+
+int g_quit = 0;
+
+int
+main(int argc, char *argv[])
+{
+ mp_int a, m, p, k;
+
+ if (argc < 3) {
+ fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&a);
+ mp_init(&m);
+ mp_init(&p);
+ mp_add_d(&p, 1, &p);
+
+ mp_read_radix(&a, argv[1], 10);
+ mp_read_radix(&m, argv[2], 10);
+
+ mp_init_copy(&k, &a);
+
+ signal(SIGINT, sig_catch);
+#ifndef __OS2__
+ signal(SIGHUP, sig_catch);
+#endif
+ signal(SIGTERM, sig_catch);
+
+ while (mp_cmp(&p, &m) < 0) {
+ if (g_quit) {
+ int len;
+ char *buf;
+
+ len = mp_radix_size(&p, 10);
+ buf = malloc(len);
+ mp_toradix(&p, buf, 10);
+
+ fprintf(stderr, "Terminated at: %s\n", buf);
+ free(buf);
+ return 1;
+ }
+ if (mp_cmp_d(&k, 1) == 0) {
+ int len;
+ char *buf;
+
+ len = mp_radix_size(&p, 10);
+ buf = malloc(len);
+ mp_toradix(&p, buf, 10);
+
+ printf("%s\n", buf);
+
+ free(buf);
+ break;
+ }
+
+ mp_mulmod(&k, &a, &m, &k);
+ mp_add_d(&p, 1, &p);
+ }
+
+ if (mp_cmp(&p, &m) >= 0)
+ printf("No annihilating power.\n");
+
+ mp_clear(&p);
+ mp_clear(&m);
+ mp_clear(&a);
+ return 0;
+}
+
+void
+sig_catch(int ign)
+{
+ g_quit = 1;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/makeprime.c b/security/nss/lib/freebl/mpi/utils/makeprime.c
new file mode 100644
index 000000000..401b7532b
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/makeprime.c
@@ -0,0 +1,116 @@
+/*
+ * makeprime.c
+ *
+ * A simple prime generator function (and test driver). Prints out the
+ * first prime it finds greater than or equal to the starting value.
+ *
+ * Usage: makeprime <start>
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+/* These two must be included for make_prime() to work */
+
+#include "mpi.h"
+#include "mpprime.h"
+
+/*
+ make_prime(p, nr)
+
+ Find the smallest prime integer greater than or equal to p, where
+ primality is verified by 'nr' iterations of the Rabin-Miller
+ probabilistic primality test. The caller is responsible for
+ generating the initial value of p.
+
+ Returns MP_OKAY if a prime has been generated, otherwise the error
+ code indicates some other problem. The value of p is clobbered; the
+ caller should keep a copy if the value is needed.
+ */
+mp_err make_prime(mp_int *p, int nr);
+
+/* The main() is not required -- it's just a test driver */
+int
+main(int argc, char *argv[])
+{
+ mp_int start;
+ mp_err res;
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <start-value>\n", argv[0]);
+ return 1;
+ }
+
+ mp_init(&start);
+ if (argv[1][0] == '0' && tolower(argv[1][1]) == 'x') {
+ mp_read_radix(&start, argv[1] + 2, 16);
+ } else {
+ mp_read_radix(&start, argv[1], 10);
+ }
+ mp_abs(&start, &start);
+
+ if ((res = make_prime(&start, 5)) != MP_OKAY) {
+ fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
+ mp_clear(&start);
+
+ return 1;
+
+ } else {
+ char *buf = malloc(mp_radix_size(&start, 10));
+
+ mp_todecimal(&start, buf);
+ printf("%s\n", buf);
+ free(buf);
+
+ mp_clear(&start);
+
+ return 0;
+ }
+
+} /* end main() */
+
+/*------------------------------------------------------------------------*/
+
+mp_err
+make_prime(mp_int *p, int nr)
+{
+ mp_err res;
+
+ if (mp_iseven(p)) {
+ mp_add_d(p, 1, p);
+ }
+
+ do {
+ mp_digit which = prime_tab_size;
+
+ /* First test for divisibility by a few small primes */
+ if ((res = mpp_divis_primes(p, &which)) == MP_YES)
+ continue;
+ else if (res != MP_NO)
+ goto CLEANUP;
+
+ /* If that passes, try one iteration of Fermat's test */
+ if ((res = mpp_fermat(p, 2)) == MP_NO)
+ continue;
+ else if (res != MP_YES)
+ goto CLEANUP;
+
+ /* If that passes, run Rabin-Miller as often as requested */
+ if ((res = mpp_pprime(p, nr)) == MP_YES)
+ break;
+ else if (res != MP_NO)
+ goto CLEANUP;
+
+ } while ((res = mp_add_d(p, 2, p)) == MP_OKAY);
+
+CLEANUP:
+ return res;
+
+} /* end make_prime() */
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/metime.c b/security/nss/lib/freebl/mpi/utils/metime.c
new file mode 100644
index 000000000..122875ee0
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/metime.c
@@ -0,0 +1,102 @@
+/*
+ * metime.c
+ *
+ * Modular exponentiation timing test
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <time.h>
+
+#include "mpi.h"
+#include "mpprime.h"
+
+double clk_to_sec(clock_t start, clock_t stop);
+
+int
+main(int argc, char *argv[])
+{
+ int ix, num, prec = 8;
+ unsigned int seed;
+ clock_t start, stop;
+ double sec;
+
+ mp_int a, m, c;
+
+ if (PR_GetEnvSecure("SEED") != NULL)
+ seed = abs(atoi(PR_GetEnvSecure("SEED")));
+ else
+ seed = (unsigned int)time(NULL);
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <num-tests> [<nbits>]\n", argv[0]);
+ return 1;
+ }
+
+ if ((num = atoi(argv[1])) < 0)
+ num = -num;
+
+ if (!num) {
+ fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
+ return 1;
+ }
+
+ if (argc > 2) {
+ if ((prec = atoi(argv[2])) <= 0)
+ prec = 8;
+ else
+ prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
+ }
+
+ printf("Modular exponentiation timing test\n"
+ "Precision: %d digits (%d bits)\n"
+ "# of tests: %d\n\n",
+ prec, prec * DIGIT_BIT, num);
+
+ mp_init_size(&a, prec);
+ mp_init_size(&m, prec);
+ mp_init_size(&c, prec);
+
+ srand(seed);
+
+ start = clock();
+ for (ix = 0; ix < num; ix++) {
+
+ mpp_random_size(&a, prec);
+ mpp_random_size(&c, prec);
+ mpp_random_size(&m, prec);
+ /* set msb and lsb of m */
+ DIGIT(&m, 0) |= 1;
+ DIGIT(&m, USED(&m) - 1) |= (mp_digit)1 << (DIGIT_BIT - 1);
+ if (mp_cmp(&a, &m) > 0)
+ mp_sub(&a, &m, &a);
+
+ mp_exptmod(&a, &c, &m, &c);
+ }
+ stop = clock();
+
+ sec = clk_to_sec(start, stop);
+
+ printf("Total: %.3f seconds\n", sec);
+ printf("Individual: %.3f seconds\n", sec / num);
+
+ mp_clear(&c);
+ mp_clear(&a);
+ mp_clear(&m);
+
+ return 0;
+}
+
+double
+clk_to_sec(clock_t start, clock_t stop)
+{
+ return (double)(stop - start) / CLOCKS_PER_SEC;
+}
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/pi.c b/security/nss/lib/freebl/mpi/utils/pi.c
new file mode 100644
index 000000000..7e3109786
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/pi.c
@@ -0,0 +1,171 @@
+/*
+ * pi.c
+ *
+ * Compute pi to an arbitrary number of digits. Uses Machin's formula,
+ * like everyone else on the planet:
+ *
+ * pi = 16 * arctan(1/5) - 4 * arctan(1/239)
+ *
+ * This is pretty effective for up to a few thousand digits, but it
+ * gets pretty slow after that.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <time.h>
+
+#include "mpi.h"
+
+mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum);
+
+int
+main(int argc, char *argv[])
+{
+ mp_err res;
+ mp_digit ndigits;
+ mp_int sum1, sum2;
+ clock_t start, stop;
+ int out = 0;
+
+ /* Make the user specify precision on the command line */
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <num-digits>\n", argv[0]);
+ return 1;
+ }
+
+ if ((ndigits = abs(atoi(argv[1]))) == 0) {
+ fprintf(stderr, "%s: you must request at least 1 digit\n", argv[0]);
+ return 1;
+ }
+
+ start = clock();
+ mp_init(&sum1);
+ mp_init(&sum2);
+
+ /* sum1 = 16 * arctan(1/5) */
+ if ((res = arctan(16, 5, ndigits, &sum1)) != MP_OKAY) {
+ fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
+ out = 1;
+ goto CLEANUP;
+ }
+
+ /* sum2 = 4 * arctan(1/239) */
+ if ((res = arctan(4, 239, ndigits, &sum2)) != MP_OKAY) {
+ fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
+ out = 1;
+ goto CLEANUP;
+ }
+
+ /* pi = sum1 - sum2 */
+ if ((res = mp_sub(&sum1, &sum2, &sum1)) != MP_OKAY) {
+ fprintf(stderr, "%s: mp_sub: %s\n", argv[0], mp_strerror(res));
+ out = 1;
+ goto CLEANUP;
+ }
+ stop = clock();
+
+ /* Write the output in decimal */
+ {
+ char *buf = malloc(mp_radix_size(&sum1, 10));
+
+ if (buf == NULL) {
+ fprintf(stderr, "%s: out of memory\n", argv[0]);
+ out = 1;
+ goto CLEANUP;
+ }
+ mp_todecimal(&sum1, buf);
+ printf("%s\n", buf);
+ free(buf);
+ }
+
+ fprintf(stderr, "Computation took %.2f sec.\n",
+ (double)(stop - start) / CLOCKS_PER_SEC);
+
+CLEANUP:
+ mp_clear(&sum1);
+ mp_clear(&sum2);
+
+ return out;
+}
+
+/* Compute sum := mul * arctan(1/x), to 'prec' digits of precision */
+mp_err
+arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum)
+{
+ mp_int t, v;
+ mp_digit q = 1, rd;
+ mp_err res;
+ int sign = 1;
+
+ prec += 3; /* push inaccuracies off the end */
+
+ mp_init(&t);
+ mp_set(&t, 10);
+ mp_init(&v);
+ if ((res = mp_expt_d(&t, prec, &t)) != MP_OKAY || /* get 10^prec */
+ (res = mp_mul_d(&t, mul, &t)) != MP_OKAY || /* ... times mul */
+ (res = mp_mul_d(&t, x, &t)) != MP_OKAY) /* ... times x */
+ goto CLEANUP;
+
+ /*
+ The extra multiplication by x in the above takes care of what
+ would otherwise have to be a special case for 1 / x^1 during the
+ first loop iteration. A little sneaky, but effective.
+
+ We compute arctan(1/x) by the formula:
+
+ 1 1 1 1
+ - - ----- + ----- - ----- + ...
+ x 3 x^3 5 x^5 7 x^7
+
+ We multiply through by 'mul' beforehand, which gives us a couple
+ more iterations and more precision
+ */
+
+ x *= x; /* works as long as x < sqrt(RADIX), which it is here */
+
+ mp_zero(sum);
+
+ do {
+ if ((res = mp_div_d(&t, x, &t, &rd)) != MP_OKAY)
+ goto CLEANUP;
+
+ if (sign < 0 && rd != 0)
+ mp_add_d(&t, 1, &t);
+
+ if ((res = mp_div_d(&t, q, &v, &rd)) != MP_OKAY)
+ goto CLEANUP;
+
+ if (sign < 0 && rd != 0)
+ mp_add_d(&v, 1, &v);
+
+ if (sign > 0)
+ res = mp_add(sum, &v, sum);
+ else
+ res = mp_sub(sum, &v, sum);
+
+ if (res != MP_OKAY)
+ goto CLEANUP;
+
+ sign *= -1;
+ q += 2;
+
+ } while (mp_cmp_z(&t) != 0);
+
+ /* Chop off inaccurate low-order digits */
+ mp_div_d(sum, 1000, sum, NULL);
+
+CLEANUP:
+ mp_clear(&v);
+ mp_clear(&t);
+
+ return res;
+}
+
+/*------------------------------------------------------------------------*/
+/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/primegen.c b/security/nss/lib/freebl/mpi/utils/primegen.c
new file mode 100644
index 000000000..f62a56a4e
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/primegen.c
@@ -0,0 +1,159 @@
+/*
+ * primegen.c
+ *
+ * Generates random integers which are prime with a high degree of
+ * probability using the Miller-Rabin probabilistic primality testing
+ * algorithm.
+ *
+ * Usage:
+ * primegen <bits> [<num>]
+ *
+ * <bits> - number of significant bits each prime should have
+ * <num> - number of primes to generate
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <time.h>
+
+#include "mpi.h"
+#include "mplogic.h"
+#include "mpprime.h"
+
+#define NUM_TESTS 5 /* Number of Rabin-Miller iterations to test with */
+
+#ifdef DEBUG
+#define FPUTC(x, y) fputc(x, y)
+#else
+#define FPUTC(x, y)
+#endif
+
+int
+main(int argc, char *argv[])
+{
+ unsigned char *raw;
+ char *out;
+ unsigned long nTries;
+ int rawlen, bits, outlen, ngen, ix, jx;
+ int g_strong = 0;
+ mp_int testval;
+ mp_err res;
+ clock_t start, end;
+
+ /* We'll just use the C library's rand() for now, although this
+ won't be good enough for cryptographic purposes */
+ if ((out = PR_GetEnvSecure("SEED")) == NULL) {
+ srand((unsigned int)time(NULL));
+ } else {
+ srand((unsigned int)atoi(out));
+ }
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <bits> [<count> [strong]]\n", argv[0]);
+ return 1;
+ }
+
+ if ((bits = abs(atoi(argv[1]))) < CHAR_BIT) {
+ fprintf(stderr, "%s: please request at least %d bits.\n",
+ argv[0], CHAR_BIT);
+ return 1;
+ }
+
+ /* If optional third argument is given, use that as the number of
+ primes to generate; otherwise generate one prime only.
+ */
+ if (argc < 3) {
+ ngen = 1;
+ } else {
+ ngen = abs(atoi(argv[2]));
+ }
+
+ /* If fourth argument is given, and is the word "strong", we'll
+ generate strong (Sophie Germain) primes.
+ */
+ if (argc > 3 && strcmp(argv[3], "strong") == 0)
+ g_strong = 1;
+
+ /* testval - candidate being tested; nTries - number tried so far */
+ if ((res = mp_init(&testval)) != MP_OKAY) {
+ fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
+ return 1;
+ }
+
+ if (g_strong) {
+ printf("Requested %d strong prime value(s) of %d bits.\n",
+ ngen, bits);
+ } else {
+ printf("Requested %d prime value(s) of %d bits.\n", ngen, bits);
+ }
+
+ rawlen = (bits / CHAR_BIT) + ((bits % CHAR_BIT) ? 1 : 0) + 1;
+
+ if ((raw = calloc(rawlen, sizeof(unsigned char))) == NULL) {
+ fprintf(stderr, "%s: out of memory, sorry.\n", argv[0]);
+ return 1;
+ }
+
+ /* This loop is one for each prime we need to generate */
+ for (jx = 0; jx < ngen; jx++) {
+
+ raw[0] = 0; /* sign is positive */
+
+ /* Pack the initializer with random bytes */
+ for (ix = 1; ix < rawlen; ix++)
+ raw[ix] = (rand() * rand()) & UCHAR_MAX;
+
+ raw[1] |= 0x80; /* set high-order bit of test value */
+ raw[rawlen - 1] |= 1; /* set low-order bit of test value */
+
+ /* Make an mp_int out of the initializer */
+ mp_read_raw(&testval, (char *)raw, rawlen);
+
+ /* Initialize candidate counter */
+ nTries = 0;
+
+ start = clock(); /* time generation for this prime */
+ do {
+ res = mpp_make_prime(&testval, bits, g_strong, &nTries);
+ if (res != MP_NO)
+ break;
+ /* This code works whether digits are 16 or 32 bits */
+ res = mp_add_d(&testval, 32 * 1024, &testval);
+ res = mp_add_d(&testval, 32 * 1024, &testval);
+ FPUTC(',', stderr);
+ } while (1);
+ end = clock();
+
+ if (res != MP_YES) {
+ break;
+ }
+ FPUTC('\n', stderr);
+ puts("The following value is probably prime:");
+ outlen = mp_radix_size(&testval, 10);
+ out = calloc(outlen, sizeof(unsigned char));
+ mp_toradix(&testval, (char *)out, 10);
+ printf("10: %s\n", out);
+ mp_toradix(&testval, (char *)out, 16);
+ printf("16: %s\n\n", out);
+ free(out);
+
+ printf("Number of candidates tried: %lu\n", nTries);
+ printf("This computation took %ld clock ticks (%.2f seconds)\n",
+ (end - start), ((double)(end - start) / CLOCKS_PER_SEC));
+
+ FPUTC('\n', stderr);
+ } /* end of loop to generate all requested primes */
+
+ if (res != MP_OKAY)
+ fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
+
+ free(raw);
+ mp_clear(&testval);
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/prng.c b/security/nss/lib/freebl/mpi/utils/prng.c
new file mode 100644
index 000000000..38748d18e
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/prng.c
@@ -0,0 +1,57 @@
+/*
+ * prng.c
+ *
+ * Command-line pseudo-random number generator
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <time.h>
+
+#ifdef __OS2__
+#include <types.h>
+#include <process.h>
+#else
+#include <unistd.h>
+#endif
+
+#include "bbs_rand.h"
+
+int
+main(int argc, char *argv[])
+{
+ unsigned char *seed;
+ unsigned int ix, num = 1;
+ pid_t pid;
+
+ if (argc > 1) {
+ num = atoi(argv[1]);
+ if (num <= 0)
+ num = 1;
+ }
+
+ pid = getpid();
+ srand(time(NULL) * (unsigned int)pid);
+
+ /* Not a perfect seed, but not bad */
+ seed = malloc(bbs_seed_size);
+ for (ix = 0; ix < bbs_seed_size; ix++) {
+ seed[ix] = rand() % UCHAR_MAX;
+ }
+
+ bbs_srand(seed, bbs_seed_size);
+ memset(seed, 0, bbs_seed_size);
+ free(seed);
+
+ while (num-- > 0) {
+ ix = bbs_rand();
+
+ printf("%u\n", ix);
+ }
+
+ return 0;
+}
diff --git a/security/nss/lib/freebl/mpi/utils/ptab.pl b/security/nss/lib/freebl/mpi/utils/ptab.pl
new file mode 100755
index 000000000..ef2e565be
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/ptab.pl
@@ -0,0 +1,26 @@
+#!/usr/bin/perl
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+while(<>) {
+ chomp;
+ push(@primes, $_);
+}
+
+printf("mp_size prime_tab_size = %d;\n", ($#primes + 1));
+print "mp_digit prime_tab[] = {\n";
+
+print "\t";
+$last = pop(@primes);
+foreach $prime (sort {$a<=>$b} @primes) {
+ printf("0x%04X, ", $prime);
+ $brk = ($brk + 1) % 8;
+ print "\n\t" if(!$brk);
+}
+printf("0x%04X", $last);
+print "\n" if($brk);
+print "};\n\n";
+
+exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/sieve.c b/security/nss/lib/freebl/mpi/utils/sieve.c
new file mode 100644
index 000000000..57768af9e
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/utils/sieve.c
@@ -0,0 +1,243 @@
+/*
+ * sieve.c
+ *
+ * Finds prime numbers using the Sieve of Eratosthenes
+ *
+ * This implementation uses a bitmap to represent all odd integers in a
+ * given range. We iterate over this bitmap, crossing off the
+ * multiples of each prime we find. At the end, all the remaining set
+ * bits correspond to prime integers.
+ *
+ * Here, we make two passes -- once we have generated a sieve-ful of
+ * primes, we copy them out, reset the sieve using the highest
+ * generated prime from the first pass as a base. Then we cross out
+ * all the multiples of all the primes we found the first time through,
+ * and re-sieve. In this way, we get double use of the memory we
+ * allocated for the sieve the first time though. Since we also
+ * implicitly ignore multiples of 2, this amounts to 4 times the
+ * values.
+ *
+ * This could (and probably will) be generalized to re-use the sieve a
+ * few more times.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <limits.h>
+
+typedef unsigned char byte;
+
+typedef struct {
+ int size;
+ byte *bits;
+ long base;
+ int next;
+ int nbits;
+} sieve;
+
+void sieve_init(sieve *sp, long base, int nbits);
+void sieve_grow(sieve *sp, int nbits);
+long sieve_next(sieve *sp);
+void sieve_reset(sieve *sp, long base);
+void sieve_cross(sieve *sp, long val);
+void sieve_clear(sieve *sp);
+
+#define S_ISSET(S, B) (((S)->bits[(B) / CHAR_BIT] >> ((B) % CHAR_BIT)) & 1)
+#define S_SET(S, B) ((S)->bits[(B) / CHAR_BIT] |= (1 << ((B) % CHAR_BIT)))
+#define S_CLR(S, B) ((S)->bits[(B) / CHAR_BIT] &= ~(1 << ((B) % CHAR_BIT)))
+#define S_VAL(S, B) ((S)->base + (2 * (B)))
+#define S_BIT(S, V) (((V) - ((S)->base)) / 2)
+
+int
+main(int argc, char *argv[])
+{
+ sieve s;
+ long pr, *p;
+ int c, ix, cur = 0;
+
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s <width>\n", argv[0]);
+ return 1;
+ }
+
+ c = atoi(argv[1]);
+ if (c < 0)
+ c = -c;
+
+ fprintf(stderr, "%s: sieving to %d positions\n", argv[0], c);
+
+ sieve_init(&s, 3, c);
+
+ c = 0;
+ while ((pr = sieve_next(&s)) > 0) {
+ ++c;
+ }
+
+ p = calloc(c, sizeof(long));
+ if (!p) {
+ fprintf(stderr, "%s: out of memory after first half\n", argv[0]);
+ sieve_clear(&s);
+ exit(1);
+ }
+
+ fprintf(stderr, "%s: half done ... \n", argv[0]);
+
+ for (ix = 0; ix < s.nbits; ix++) {
+ if (S_ISSET(&s, ix)) {
+ p[cur] = S_VAL(&s, ix);
+ printf("%ld\n", p[cur]);
+ ++cur;
+ }
+ }
+
+ sieve_reset(&s, p[cur - 1]);
+ fprintf(stderr, "%s: crossing off %d found primes ... \n", argv[0], cur);
+ for (ix = 0; ix < cur; ix++) {
+ sieve_cross(&s, p[ix]);
+ if (!(ix % 1000))
+ fputc('.', stderr);
+ }
+ fputc('\n', stderr);
+
+ free(p);
+
+ fprintf(stderr, "%s: sieving again from %ld ... \n", argv[0], p[cur - 1]);
+ c = 0;
+ while ((pr = sieve_next(&s)) > 0) {
+ ++c;
+ }
+
+ fprintf(stderr, "%s: done!\n", argv[0]);
+ for (ix = 0; ix < s.nbits; ix++) {
+ if (S_ISSET(&s, ix)) {
+ printf("%ld\n", S_VAL(&s, ix));
+ }
+ }
+
+ sieve_clear(&s);
+
+ return 0;
+}
+
+void
+sieve_init(sieve *sp, long base, int nbits)
+{
+ sp->size = (nbits / CHAR_BIT);
+
+ if (nbits % CHAR_BIT)
+ ++sp->size;
+
+ sp->bits = calloc(sp->size, sizeof(byte));
+ memset(sp->bits, UCHAR_MAX, sp->size);
+ if (!(base & 1))
+ ++base;
+ sp->base = base;
+
+ sp->next = 0;
+ sp->nbits = sp->size * CHAR_BIT;
+}
+
+void
+sieve_grow(sieve *sp, int nbits)
+{
+ int ns = (nbits / CHAR_BIT);
+
+ if (nbits % CHAR_BIT)
+ ++ns;
+
+ if (ns > sp->size) {
+ byte *tmp;
+ int ix;
+
+ tmp = calloc(ns, sizeof(byte));
+ if (tmp == NULL) {
+ fprintf(stderr, "Error: out of memory in sieve_grow\n");
+ return;
+ }
+
+ memcpy(tmp, sp->bits, sp->size);
+ for (ix = sp->size; ix < ns; ix++) {
+ tmp[ix] = UCHAR_MAX;
+ }
+
+ free(sp->bits);
+ sp->bits = tmp;
+ sp->size = ns;
+
+ sp->nbits = sp->size * CHAR_BIT;
+ }
+}
+
+long
+sieve_next(sieve *sp)
+{
+ long out;
+ int ix = 0;
+ long val;
+
+ if (sp->next > sp->nbits)
+ return -1;
+
+ out = S_VAL(sp, sp->next);
+#ifdef DEBUG
+ fprintf(stderr, "Sieving %ld\n", out);
+#endif
+
+ /* Sieve out all multiples of the current prime */
+ val = out;
+ while (ix < sp->nbits) {
+ val += out;
+ ix = S_BIT(sp, val);
+ if ((val & 1) && ix < sp->nbits) { /* && S_ISSET(sp, ix)) { */
+ S_CLR(sp, ix);
+#ifdef DEBUG
+ fprintf(stderr, "Crossing out %ld (bit %d)\n", val, ix);
+#endif
+ }
+ }
+
+ /* Scan ahead to the next prime */
+ ++sp->next;
+ while (sp->next < sp->nbits && !S_ISSET(sp, sp->next))
+ ++sp->next;
+
+ return out;
+}
+
+void
+sieve_cross(sieve *sp, long val)
+{
+ int ix = 0;
+ long cur = val;
+
+ while (cur < sp->base)
+ cur += val;
+
+ ix = S_BIT(sp, cur);
+ while (ix < sp->nbits) {
+ if (cur & 1)
+ S_CLR(sp, ix);
+ cur += val;
+ ix = S_BIT(sp, cur);
+ }
+}
+
+void
+sieve_reset(sieve *sp, long base)
+{
+ memset(sp->bits, UCHAR_MAX, sp->size);
+ sp->base = base;
+ sp->next = 0;
+}
+
+void
+sieve_clear(sieve *sp)
+{
+ if (sp->bits)
+ free(sp->bits);
+
+ sp->bits = NULL;
+}
diff --git a/security/nss/lib/freebl/mpi/vis_32.il b/security/nss/lib/freebl/mpi/vis_32.il
new file mode 100644
index 000000000..d2e8024ac
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/vis_32.il
@@ -0,0 +1,1291 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+! The interface to the VIS instructions as declared below (and in the VIS
+! User's Manual) will not change, but the macro implementation might change
+! in the future.
+
+!--------------------------------------------------------------------
+! Pure edge handling instructions
+!
+! int vis_edge8(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8,8
+ edge8 %o0,%o1,%o0
+ .end
+!
+! int vis_edge8l(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8l,8
+ edge8l %o0,%o1,%o0
+ .end
+!
+! int vis_edge16(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16,8
+ edge16 %o0,%o1,%o0
+ .end
+!
+! int vis_edge16l(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16l,8
+ edge16l %o0,%o1,%o0
+ .end
+!
+! int vis_edge32(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32,8
+ edge32 %o0,%o1,%o0
+ .end
+!
+! int vis_edge32l(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32l,8
+ edge32l %o0,%o1,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Edge handling instructions with negative return values if cc set
+!
+! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8cc,8
+ edge8 %o0,%o1,%o0
+ mov 0,%o1
+ movgu %icc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8lcc,8
+ edge8l %o0,%o1,%o0
+ mov 0,%o1
+ movgu %icc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16cc,8
+ edge16 %o0,%o1,%o0
+ mov 0,%o1
+ movgu %icc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16lcc,8
+ edge16l %o0,%o1,%o0
+ mov 0,%o1
+ movgu %icc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32cc,8
+ edge32 %o0,%o1,%o0
+ mov 0,%o1
+ movgu %icc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32lcc,8
+ edge32l %o0,%o1,%o0
+ mov 0,%o1
+ movgu %icc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Alignment instructions
+!
+! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
+!
+ .inline vis_alignaddr,8
+ alignaddr %o0,%o1,%o0
+ .end
+!
+! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
+!
+ .inline vis_alignaddrl,8
+ alignaddrl %o0,%o1,%o0
+ .end
+!
+! double vis_faligndata(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_faligndata,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ faligndata %f4,%f10,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Partitioned comparison instructions
+!
+! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmple16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmple16 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpne16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmpne16 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmple32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmple32 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpne32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmpne32 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpgt16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmpgt16 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpeq16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmpeq16 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpgt32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmpgt32 %f4,%f10,%o0
+ .end
+!
+! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpeq32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fcmpeq32 %f4,%f10,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Partitioned arithmetic
+!
+! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fmul8x16,12
+ st %o0,[%sp+0x44]
+ ld [%sp+0x44],%f4
+ st %o1,[%sp+0x48]
+ st %o2,[%sp+0x4c]
+ ldd [%sp+0x48],%f10
+ fmul8x16 %f4,%f10,%f0
+ .end
+!
+! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
+!
+ .inline vis_fmul8x16_dummy,16
+ st %o0,[%sp+0x44]
+ ld [%sp+0x44],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fmul8x16 %f4,%f10,%f0
+ .end
+!
+! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmul8x16au,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fmul8x16au %f4,%f10,%f0
+ .end
+!
+! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmul8x16al,8
+ st %o0,[%sp+0x44]
+ ld [%sp+0x44],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fmul8x16al %f4,%f10,%f0
+ .end
+!
+! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fmul8sux16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fmul8sux16 %f4,%f10,%f0
+ .end
+!
+! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fmul8ulx16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fmul8ulx16 %f4,%f10,%f0
+ .end
+!
+! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmuld8sux16,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fmuld8sux16 %f4,%f10,%f0
+ .end
+!
+! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmuld8ulx16,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fmuld8ulx16 %f4,%f10,%f0
+ .end
+!
+! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpadd16,16
+ std %o0,[%sp+0x40]
+ ldd [%sp+0x40],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpadd16 %f4,%f10,%f0
+ .end
+!
+! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpadd16s,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fpadd16s %f4,%f10,%f0
+ .end
+!
+! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpadd32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpadd32 %f4,%f10,%f0
+ .end
+!
+! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpadd32s,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fpadd32s %f4,%f10,%f0
+ .end
+!
+! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpsub16,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpsub16 %f4,%f10,%f0
+ .end
+!
+! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpsub16s,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fpsub16s %f4,%f10,%f0
+ .end
+!
+! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpsub32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpsub32 %f4,%f10,%f0
+ .end
+!
+! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpsub32s,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fpsub32s %f4,%f10,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Pixel packing
+!
+! float vis_fpack16(double /*frs2*/);
+!
+ .inline vis_fpack16,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fpack16 %f4,%f0
+ .end
+
+!
+! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
+!
+ .inline vis_fpack16_pair,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpack16 %f4,%f0
+ fpack16 %f10,%f1
+ .end
+!
+! void vis_st2_fpack16(double, double, double *)
+!
+ .inline vis_st2_fpack16,20
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpack16 %f4,%f0
+ fpack16 %f10,%f1
+ st %f0,[%o4+0]
+ st %f1,[%o4+4]
+ .end
+!
+! void vis_std_fpack16(double, double, double *)
+!
+ .inline vis_std_fpack16,20
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpack16 %f4,%f0
+ fpack16 %f10,%f1
+ std %f0,[%o4]
+ .end
+!
+! void vis_st2_fpackfix(double, double, double *)
+!
+ .inline vis_st2_fpackfix,20
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpackfix %f4,%f0
+ fpackfix %f10,%f1
+ st %f0,[%o4+0]
+ st %f1,[%o4+4]
+ .end
+!
+! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpack16_to_hi,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f0
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fpack16 %f4,%f0
+ .end
+
+! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpack16_to_lo,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f0
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fpack16 %f4,%f3
+ fmovs %f3,%f1 /* without this, optimizer goes wrong */
+ .end
+
+!
+! double vis_fpack32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpack32,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fpack32 %f4,%f10,%f0
+ .end
+!
+! float vis_fpackfix(double /*frs2*/);
+!
+ .inline vis_fpackfix,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fpackfix %f4,%f0
+ .end
+!
+! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
+!
+ .inline vis_fpackfix_pair,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f6
+ fpackfix %f4,%f0
+ fpackfix %f6,%f1
+ .end
+
+!--------------------------------------------------------------------
+! Motion estimation
+!
+! double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
+!
+ .inline vis_pdist,24
+ std %o4,[%sp+0x48]
+ ldd [%sp+0x48],%f0
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ pdist %f4,%f10,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Channel merging
+!
+! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpmerge,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fpmerge %f4,%f10,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Pixel expansion
+!
+! double vis_fexpand(float /*frs2*/);
+!
+ .inline vis_fexpand,4
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ fexpand %f4,%f0
+ .end
+
+! double vis_fexpand_hi(double /*frs2*/);
+!
+ .inline vis_fexpand_hi,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fexpand %f4,%f0
+ .end
+
+! double vis_fexpand_lo(double /*frs2*/);
+!
+ .inline vis_fexpand_lo,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fmovs %f5, %f2
+ fexpand %f2,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Bitwise logical operations
+!
+! double vis_fnor(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fnor,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fnor %f4,%f10,%f0
+ .end
+!
+! float vis_fnors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fnors,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fnors %f4,%f10,%f0
+ .end
+!
+! double vis_fandnot(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fandnot,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fandnot1 %f4,%f10,%f0
+ .end
+!
+! float vis_fandnots(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fandnots,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fandnot1s %f4,%f10,%f0
+ .end
+!
+! double vis_fnot(double /*frs1*/);
+!
+ .inline vis_fnot,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fnot1 %f4,%f0
+ .end
+!
+! float vis_fnots(float /*frs1*/);
+!
+ .inline vis_fnots,4
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ fnot1s %f4,%f0
+ .end
+!
+! double vis_fxor(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fxor,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fxor %f4,%f10,%f0
+ .end
+!
+! float vis_fxors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fxors,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fxors %f4,%f10,%f0
+ .end
+!
+! double vis_fnand(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fnand,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fnand %f4,%f10,%f0
+ .end
+!
+! float vis_fnands(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fnands,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fnands %f4,%f10,%f0
+ .end
+!
+! double vis_fand(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fand,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fand %f4,%f10,%f0
+ .end
+!
+! float vis_fands(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fands,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fands %f4,%f10,%f0
+ .end
+!
+! double vis_fxnor(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fxnor,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fxnor %f4,%f10,%f0
+ .end
+!
+! float vis_fxnors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fxnors,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fxnors %f4,%f10,%f0
+ .end
+!
+! double vis_fsrc(double /*frs1*/);
+!
+ .inline vis_fsrc,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ fsrc1 %f4,%f0
+ .end
+!
+! float vis_fsrcs(float /*frs1*/);
+!
+ .inline vis_fsrcs,4
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ fsrc1s %f4,%f0
+ .end
+!
+! double vis_fornot(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fornot,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ fornot1 %f4,%f10,%f0
+ .end
+!
+! float vis_fornots(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fornots,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fornot1s %f4,%f10,%f0
+ .end
+!
+! double vis_for(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_for,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ std %o2,[%sp+0x48]
+ ldd [%sp+0x48],%f10
+ for %f4,%f10,%f0
+ .end
+!
+! float vis_fors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fors,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ st %o1,[%sp+0x48]
+ ld [%sp+0x48],%f10
+ fors %f4,%f10,%f0
+ .end
+!
+! double vis_fzero(/* void */)
+!
+ .inline vis_fzero,0
+ fzero %f0
+ .end
+!
+! float vis_fzeros(/* void */)
+!
+ .inline vis_fzeros,0
+ fzeros %f0
+ .end
+!
+! double vis_fone(/* void */)
+!
+ .inline vis_fone,0
+ fone %f0
+ .end
+!
+! float vis_fones(/* void */)
+!
+ .inline vis_fones,0
+ fones %f0
+ .end
+
+!--------------------------------------------------------------------
+! Partial store instructions
+!
+! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST8P,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
+ .end
+!
+! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST8PL,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc8 ! ASI_PST8_PL
+ .end
+!
+! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
+!
+ .inline vis_stdfa_ASI_PST8P_int_pair,16
+ ld [%o0],%f4
+ ld [%o1],%f5
+ stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
+ .end
+!
+! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST8S,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc1 ! ASI_PST8_S
+ .end
+!
+! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST16P,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc2 ! ASI_PST16_P
+ .end
+!
+! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST16S,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc3 ! ASI_PST16_S
+ .end
+!
+! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST32P,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc4 ! ASI_PST32_P
+ .end
+!
+! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST32S,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]%o3,0xc5 ! ASI_PST32_S
+ .end
+
+!--------------------------------------------------------------------
+! Short store instructions
+!
+! vis_stdfa_ASI_FL8P(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8P,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xd0 ! ASI_FL8_P
+ .end
+!
+! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
+!
+ .inline vis_stdfa_ASI_FL8P_index,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2+%o3]0xd0 ! ASI_FL8_P
+ .end
+!
+! vis_stdfa_ASI_FL8S(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8S,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xd1 ! ASI_FL8_S
+ .end
+!
+! vis_stdfa_ASI_FL16P(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16P,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xd2 ! ASI_FL16_P
+ .end
+!
+! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
+!
+ .inline vis_stdfa_ASI_FL16P_index,16
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2+%o3]0xd2 ! ASI_FL16_P
+ .end
+!
+! vis_stdfa_ASI_FL16S(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16S,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xd3 ! ASI_FL16_S
+ .end
+!
+! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8PL,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xd8 ! ASI_FL8_PL
+ .end
+!
+! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8SL,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xd9 ! ASI_FL8_SL
+ .end
+!
+! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16PL,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xda ! ASI_FL16_PL
+ .end
+!
+! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16SL,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0xdb ! ASI_FL16_SL
+ .end
+
+!--------------------------------------------------------------------
+! Short load instructions
+!
+! double vis_lddfa_ASI_FL8P(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8P,4
+ ldda [%o0]0xd0,%f4 ! ASI_FL8_P
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL8P_index,8
+ ldda [%o0+%o1]0xd0,%f4
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
+!
+ .inline vis_lddfa_ASI_FL8P_hi,8
+ sra %o1,16,%o1
+ ldda [%o0+%o1]0xd0,%f4
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
+!
+ .inline vis_lddfa_ASI_FL8P_lo,8
+ sll %o1,16,%o1
+ sra %o1,16,%o1
+ ldda [%o0+%o1]0xd0,%f4
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8S(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8S,4
+ ldda [%o0]0xd1,%f4 ! ASI_FL8_S
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16P(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16P,4
+ ldda [%o0]0xd2,%f4 ! ASI_FL16_P
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL16P_index,8
+ ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16S(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16S,4
+ ldda [%o0]0xd3,%f4 ! ASI_FL16_S
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8PL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8PL,4
+ ldda [%o0]0xd8,%f4 ! ASI_FL8_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL8PL_index,8
+ ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8SL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8SL,4
+ ldda [%o0]0xd9,%f4 ! ASI_FL8_SL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16PL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16PL,4
+ ldda [%o0]0xda,%f4 ! ASI_FL16_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL16PL_index,8
+ ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16SL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16SL,4
+ ldda [%o0]0xdb,%f4 ! ASI_FL16_SL
+ fmovd %f4,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Graphics status register
+!
+! unsigned int vis_read_gsr(void)
+!
+ .inline vis_read_gsr,0
+ rd %gsr,%o0
+ .end
+!
+! void vis_write_gsr(unsigned int /* GSR */)
+!
+ .inline vis_write_gsr,4
+ wr %g0,%o0,%gsr
+ .end
+
+!--------------------------------------------------------------------
+! Voxel texture mapping
+!
+! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
+!
+ .inline vis_array8,12
+ sllx %o0,32,%o0
+ srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
+ or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
+ array8 %o3,%o2,%o0
+ .end
+!
+! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
+!
+ .inline vis_array16,12
+ sllx %o0,32,%o0
+ srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
+ or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
+ array16 %o3,%o2,%o0
+ .end
+!
+! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
+!
+ .inline vis_array32,12
+ sllx %o0,32,%o0
+ srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
+ or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
+ array32 %o3,%o2,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Register aliasing and type casts
+!
+! float vis_read_hi(double /* frs1 */);
+!
+ .inline vis_read_hi,8
+ std %o0,[%sp+0x48] ! store double frs1
+ ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; return %f0;
+ .end
+!
+! float vis_read_lo(double /* frs1 */);
+!
+ .inline vis_read_lo,8
+ std %o0,[%sp+0x48] ! store double frs1
+ ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
+ fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0;
+ .end
+!
+! double vis_write_hi(double /* frs1 */, float /* frs2 */);
+!
+ .inline vis_write_hi,12
+ std %o0,[%sp+0x48] ! store double frs1;
+ ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
+ st %o2,[%sp+0x44] ! store float frs2;
+ ld [%sp+0x44],%f2 ! %f2 = float frs2;
+ fmovs %f2,%f0 ! %f0 = float frs2; return %f0:f1;
+ .end
+!
+! double vis_write_lo(double /* frs1 */, float /* frs2 */);
+!
+ .inline vis_write_lo,12
+ std %o0,[%sp+0x48] ! store double frs1;
+ ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
+ st %o2,[%sp+0x44] ! store float frs2;
+ ld [%sp+0x44],%f2 ! %f2 = float frs2;
+ fmovs %f2,%f1 ! %f1 = float frs2; return %f0:f1;
+ .end
+!
+! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
+!
+ .inline vis_freg_pair,8
+ st %o0,[%sp+0x48] ! store float frs1
+ ld [%sp+0x48],%f0
+ st %o1,[%sp+0x48] ! store float frs2
+ ld [%sp+0x48],%f1
+ .end
+!
+! float vis_to_float(unsigned int /*value*/);
+!
+ .inline vis_to_float,4
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f0
+ .end
+!
+! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
+!
+ .inline vis_to_double,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f0
+ .end
+!
+! double vis_to_double_dup(unsigned int /*value*/);
+!
+ .inline vis_to_double_dup,4
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f1
+ fmovs %f1,%f0 ! duplicate value
+ .end
+!
+! double vis_ll_to_double(unsigned long long /*value*/);
+!
+ .inline vis_ll_to_double,8
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f0
+ .end
+
+!--------------------------------------------------------------------
+! Address space identifier (ASI) register
+!
+! unsigned int vis_read_asi(void)
+!
+ .inline vis_read_asi,0
+ rd %asi,%o0
+ .end
+!
+! void vis_write_asi(unsigned int /* ASI */)
+!
+ .inline vis_write_asi,4
+ wr %g0,%o0,%asi
+ .end
+
+!--------------------------------------------------------------------
+! Load/store from/into alternate space
+!
+! float vis_ldfa_ASI_REG(void *rs1)
+!
+ .inline vis_ldfa_ASI_REG,4
+ lda [%o0+0]%asi,%f4
+ fmovs %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! float vis_ldfa_ASI_P(void *rs1)
+!
+ .inline vis_ldfa_ASI_P,4
+ lda [%o0]0x80,%f4 ! ASI_P
+ fmovs %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! float vis_ldfa_ASI_PL(void *rs1)
+!
+ .inline vis_ldfa_ASI_PL,4
+ lda [%o0]0x88,%f4 ! ASI_PL
+ fmovs %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_REG(void *rs1)
+!
+ .inline vis_lddfa_ASI_REG,4
+ ldda [%o0+0]%asi,%f4
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_P(void *rs1)
+!
+ .inline vis_lddfa_ASI_P,4
+ ldda [%o0]0x80,%f4 ! ASI_P
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_PL(void *rs1)
+!
+ .inline vis_lddfa_ASI_PL,4
+ ldda [%o0]0x88,%f4 ! ASI_PL
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! vis_stfa_ASI_REG(float frs, void *rs1)
+!
+ .inline vis_stfa_ASI_REG,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ sta %f4,[%o1+0]%asi
+ .end
+!
+! vis_stfa_ASI_P(float frs, void *rs1)
+!
+ .inline vis_stfa_ASI_P,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ sta %f4,[%o1]0x80 ! ASI_P
+ .end
+!
+! vis_stfa_ASI_PL(float frs, void *rs1)
+!
+ .inline vis_stfa_ASI_PL,8
+ st %o0,[%sp+0x48]
+ ld [%sp+0x48],%f4
+ sta %f4,[%o1]0x88 ! ASI_PL
+ .end
+!
+! vis_stdfa_ASI_REG(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_REG,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2+0]%asi
+ .end
+!
+! vis_stdfa_ASI_P(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_P,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0x80 ! ASI_P
+ .end
+!
+! vis_stdfa_ASI_PL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_PL,12
+ std %o0,[%sp+0x48]
+ ldd [%sp+0x48],%f4
+ stda %f4,[%o2]0x88 ! ASI_PL
+ .end
+!
+! unsigned short vis_lduha_ASI_REG(void *rs1)
+!
+ .inline vis_lduha_ASI_REG,4
+ lduha [%o0+0]%asi,%o0
+ .end
+!
+! unsigned short vis_lduha_ASI_P(void *rs1)
+!
+ .inline vis_lduha_ASI_P,4
+ lduha [%o0]0x80,%o0 ! ASI_P
+ .end
+!
+! unsigned short vis_lduha_ASI_PL(void *rs1)
+!
+ .inline vis_lduha_ASI_PL,4
+ lduha [%o0]0x88,%o0 ! ASI_PL
+ .end
+!
+! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
+!
+ .inline vis_lduha_ASI_P_index,8
+ lduha [%o0+%o1]0x80,%o0 ! ASI_P
+ .end
+!
+! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
+!
+ .inline vis_lduha_ASI_PL_index,8
+ lduha [%o0+%o1]0x88,%o0 ! ASI_PL
+ .end
+
+!--------------------------------------------------------------------
+! Prefetch
+!
+! void vis_prefetch_read(void * /*address*/);
+!
+ .inline vis_prefetch_read,4
+ prefetch [%o0+0],0
+ .end
+!
+! void vis_prefetch_write(void * /*address*/);
+!
+ .inline vis_prefetch_write,4
+ prefetch [%o0+0],2
+ .end
diff --git a/security/nss/lib/freebl/mpi/vis_64.il b/security/nss/lib/freebl/mpi/vis_64.il
new file mode 100644
index 000000000..cbe2b5aa2
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/vis_64.il
@@ -0,0 +1,997 @@
+!
+! This Source Code Form is subject to the terms of the Mozilla Public
+! License, v. 2.0. If a copy of the MPL was not distributed with this
+! file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+! This file is to be used in place of vis.il in 64-bit builds.
+
+!--------------------------------------------------------------------
+! Pure edge handling instructions
+!
+! int vis_edge8(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8,16
+ edge8 %o0,%o1,%o0
+ .end
+!
+! int vis_edge8l(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8l,16
+ edge8l %o0,%o1,%o0
+ .end
+!
+! int vis_edge16(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16,16
+ edge16 %o0,%o1,%o0
+ .end
+!
+! int vis_edge16l(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16l,16
+ edge16l %o0,%o1,%o0
+ .end
+!
+! int vis_edge32(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32,16
+ edge32 %o0,%o1,%o0
+ .end
+!
+! int vis_edge32l(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32l,16
+ edge32l %o0,%o1,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Edge handling instructions with negative return values if cc set
+!
+! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8cc,16
+ edge8 %o0,%o1,%o0
+ mov 0,%o1
+ movgu %xcc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge8lcc,16
+ edge8l %o0,%o1,%o0
+ mov 0,%o1
+ movgu %xcc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16cc,16
+ edge16 %o0,%o1,%o0
+ mov 0,%o1
+ movgu %xcc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge16lcc,16
+ edge16l %o0,%o1,%o0
+ mov 0,%o1
+ movgu %xcc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32cc,16
+ edge32 %o0,%o1,%o0
+ mov 0,%o1
+ movgu %xcc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+!
+! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
+!
+ .inline vis_edge32lcc,16
+ edge32l %o0,%o1,%o0
+ mov 0,%o1
+ movgu %xcc,-1024,%o1
+ or %o1,%o0,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Alignment instructions
+!
+! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
+!
+ .inline vis_alignaddr,12
+ alignaddr %o0,%o1,%o0
+ .end
+!
+! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
+!
+ .inline vis_alignaddrl,12
+ alignaddrl %o0,%o1,%o0
+ .end
+!
+! double vis_faligndata(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_faligndata,16
+ faligndata %f0,%f2,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Partitioned comparison instructions
+!
+! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmple16,16
+ fcmple16 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpne16,16
+ fcmpne16 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmple32,16
+ fcmple32 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpne32,16
+ fcmpne32 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpgt16,16
+ fcmpgt16 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpeq16,16
+ fcmpeq16 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpgt32,16
+ fcmpgt32 %f0,%f2,%o0
+ .end
+!
+! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fcmpeq32,16
+ fcmpeq32 %f0,%f2,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Partitioned arithmetic
+!
+! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fmul8x16,12
+ fmul8x16 %f1,%f2,%f0
+ .end
+!
+! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
+!
+ .inline vis_fmul8x16_dummy,16
+ fmul8x16 %f1,%f4,%f0
+ .end
+!
+! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmul8x16au,8
+ fmul8x16au %f1,%f3,%f0
+ .end
+!
+! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmul8x16al,8
+ fmul8x16al %f1,%f3,%f0
+ .end
+!
+! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fmul8sux16,16
+ fmul8sux16 %f0,%f2,%f0
+ .end
+!
+! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fmul8ulx16,16
+ fmul8ulx16 %f0,%f2,%f0
+ .end
+!
+! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmuld8sux16,8
+ fmuld8sux16 %f1,%f3,%f0
+ .end
+!
+! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fmuld8ulx16,8
+ fmuld8ulx16 %f1,%f3,%f0
+ .end
+!
+! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpadd16,16
+ fpadd16 %f0,%f2,%f0
+ .end
+!
+! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpadd16s,8
+ fpadd16s %f1,%f3,%f0
+ .end
+!
+! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpadd32,16
+ fpadd32 %f0,%f2,%f0
+ .end
+!
+! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpadd32s,8
+ fpadd32s %f1,%f3,%f0
+ .end
+!
+! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpsub16,16
+ fpsub16 %f0,%f2,%f0
+ .end
+!
+! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpsub16s,8
+ fpsub16s %f1,%f3,%f0
+ .end
+!
+! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpsub32,16
+ fpsub32 %f0,%f2,%f0
+ .end
+!
+! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpsub32s,8
+ fpsub32s %f1,%f3,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Pixel packing
+!
+! float vis_fpack16(double /*frs2*/);
+!
+ .inline vis_fpack16,8
+ fpack16 %f0,%f0
+ .end
+!
+! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
+!
+ .inline vis_fpack16_pair,16
+ fpack16 %f0,%f0
+ fpack16 %f2,%f1
+ .end
+!
+! void vis_st2_fpack16(double, double, double *)
+!
+ .inline vis_st2_fpack16,24
+ fpack16 %f0,%f0
+ fpack16 %f2,%f1
+ st %f0,[%o2+0]
+ st %f1,[%o2+4]
+ .end
+!
+! void vis_std_fpack16(double, double, double *)
+!
+ .inline vis_std_fpack16,24
+ fpack16 %f0,%f0
+ fpack16 %f2,%f1
+ std %f0,[%o2]
+ .end
+!
+! void vis_st2_fpackfix(double, double, double *)
+!
+ .inline vis_st2_fpackfix,24
+ fpackfix %f0,%f0
+ fpackfix %f2,%f1
+ st %f0,[%o2+0]
+ st %f1,[%o2+4]
+ .end
+!
+! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpack16_to_hi,16
+ fpack16 %f2,%f0
+ .end
+
+! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpack16_to_lo,16
+ fpack16 %f2,%f3
+ fmovs %f3,%f1 /* without this, optimizer goes wrong */
+ .end
+
+!
+! double vis_fpack32(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fpack32,16
+ fpack32 %f0,%f2,%f0
+ .end
+!
+! float vis_fpackfix(double /*frs2*/);
+!
+ .inline vis_fpackfix,8
+ fpackfix %f0,%f0
+ .end
+!
+! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
+!
+ .inline vis_fpackfix_pair,16
+ fpackfix %f0,%f0
+ fpackfix %f2,%f1
+ .end
+
+!--------------------------------------------------------------------
+! Motion estimation
+!
+! double vis_pxldist64(double accum /*frd*/, double pxls1 /*frs1*/,
+! double pxls2 /*frs2*/);
+!
+ .inline vis_pxldist64,24
+ pdist %f2,%f4,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Channel merging
+!
+! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fpmerge,8
+ fpmerge %f1,%f3,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Pixel expansion
+!
+! double vis_fexpand(float /*frs2*/);
+!
+ .inline vis_fexpand,4
+ fexpand %f1,%f0
+ .end
+
+! double vis_fexpand_hi(double /*frs2*/);
+!
+ .inline vis_fexpand_hi,8
+ fexpand %f0,%f0
+ .end
+
+! double vis_fexpand_lo(double /*frs2*/);
+!
+ .inline vis_fexpand_lo,8
+ fexpand %f1,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Bitwise logical operations
+!
+! double vis_fnor(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fnor,16
+ fnor %f0,%f2,%f0
+ .end
+!
+! float vis_fnors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fnors,8
+ fnors %f1,%f3,%f0
+ .end
+!
+! double vis_fandnot(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fandnot,16
+ fandnot1 %f0,%f2,%f0
+ .end
+!
+! float vis_fandnots(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fandnots,8
+ fandnot1s %f1,%f3,%f0
+ .end
+!
+! double vis_fnot(double /*frs1*/);
+!
+ .inline vis_fnot,8
+ fnot1 %f0,%f0
+ .end
+!
+! float vis_fnots(float /*frs1*/);
+!
+ .inline vis_fnots,4
+ fnot1s %f1,%f0
+ .end
+!
+! double vis_fxor(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fxor,16
+ fxor %f0,%f2,%f0
+ .end
+!
+! float vis_fxors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fxors,8
+ fxors %f1,%f3,%f0
+ .end
+!
+! double vis_fnand(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fnand,16
+ fnand %f0,%f2,%f0
+ .end
+!
+! float vis_fnands(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fnands,8
+ fnands %f1,%f3,%f0
+ .end
+!
+! double vis_fand(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fand,16
+ fand %f0,%f2,%f0
+ .end
+!
+! float vis_fands(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fands,8
+ fands %f1,%f3,%f0
+ .end
+!
+! double vis_fxnor(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fxnor,16
+ fxnor %f0,%f2,%f0
+ .end
+!
+! float vis_fxnors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fxnors,8
+ fxnors %f1,%f3,%f0
+ .end
+!
+! double vis_fsrc(double /*frs1*/);
+!
+ .inline vis_fsrc,8
+ fsrc1 %f0,%f0
+ .end
+!
+! float vis_fsrcs(float /*frs1*/);
+!
+ .inline vis_fsrcs,4
+ fsrc1s %f1,%f0
+ .end
+!
+! double vis_fornot(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_fornot,16
+ fornot1 %f0,%f2,%f0
+ .end
+!
+! float vis_fornots(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fornots,8
+ fornot1s %f1,%f3,%f0
+ .end
+!
+! double vis_for(double /*frs1*/, double /*frs2*/);
+!
+ .inline vis_for,16
+ for %f0,%f2,%f0
+ .end
+!
+! float vis_fors(float /*frs1*/, float /*frs2*/);
+!
+ .inline vis_fors,8
+ fors %f1,%f3,%f0
+ .end
+!
+! double vis_fzero(/* void */)
+!
+ .inline vis_fzero,0
+ fzero %f0
+ .end
+!
+! float vis_fzeros(/* void */)
+!
+ .inline vis_fzeros,0
+ fzeros %f0
+ .end
+!
+! double vis_fone(/* void */)
+!
+ .inline vis_fone,0
+ fone %f0
+ .end
+!
+! float vis_fones(/* void */)
+!
+ .inline vis_fones,0
+ fones %f0
+ .end
+
+!--------------------------------------------------------------------
+! Partial store instructions
+!
+! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST8P,20
+ stda %f0,[%o1]%o2,0xc0 ! ASI_PST8_P
+ .end
+!
+! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST8PL,20
+ stda %f0,[%o1]%o2,0xc8 ! ASI_PST8_PL
+ .end
+!
+! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
+!
+ .inline vis_stdfa_ASI_PST8P_int_pair,28
+ ld [%o0],%f4
+ ld [%o1],%f5
+ stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
+ .end
+!
+! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST8S,20
+ stda %f0,[%o1]%o2,0xc1 ! ASI_PST8_S
+ .end
+!
+! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST16P,20
+ stda %f0,[%o1]%o2,0xc2 ! ASI_PST16_P
+ .end
+!
+! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST16S,20
+ stda %f0,[%o1]%o2,0xc3 ! ASI_PST16_S
+ .end
+!
+! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST32P,20
+ stda %f0,[%o1]%o2,0xc4 ! ASI_PST32_P
+ .end
+!
+! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
+!
+ .inline vis_stdfa_ASI_PST32S,20
+ stda %f0,[%o1]%o2,0xc5 ! ASI_PST32_S
+ .end
+
+!--------------------------------------------------------------------
+! Short store instructions
+!
+! vis_stdfa_ASI_FL8P(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8P,16
+ stda %f0,[%o1]0xd0 ! ASI_FL8_P
+ .end
+!
+! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
+!
+ .inline vis_stdfa_ASI_FL8P_index,24
+ stda %f0,[%o1+%o2]0xd0 ! ASI_FL8_P
+ .end
+!
+! vis_stdfa_ASI_FL8S(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8S,16
+ stda %f0,[%o1]0xd1 ! ASI_FL8_S
+ .end
+!
+! vis_stdfa_ASI_FL16P(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16P,16
+ stda %f0,[%o1]0xd2 ! ASI_FL16_P
+ .end
+!
+! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
+!
+ .inline vis_stdfa_ASI_FL16P_index,24
+ stda %f0,[%o1+%o2]0xd2 ! ASI_FL16_P
+ .end
+!
+! vis_stdfa_ASI_FL16S(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16S,16
+ stda %f0,[%o1]0xd3 ! ASI_FL16_S
+ .end
+!
+! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8PL,16
+ stda %f0,[%o1]0xd8 ! ASI_FL8_PL
+ .end
+!
+! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL8SL,16
+ stda %f0,[%o1]0xd9 ! ASI_FL8_SL
+ .end
+!
+! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16PL,16
+ stda %f0,[%o1]0xda ! ASI_FL16_PL
+ .end
+!
+! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_FL16SL,16
+ stda %f0,[%o1]0xdb ! ASI_FL16_SL
+ .end
+
+!--------------------------------------------------------------------
+! Short load instructions
+!
+! double vis_lddfa_ASI_FL8P(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8P,8
+ ldda [%o0]0xd0,%f4 ! ASI_FL8_P
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL8P_index,16
+ ldda [%o0+%o1]0xd0,%f4
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
+!
+ .inline vis_lddfa_ASI_FL8P_hi,12
+ sra %o1,16,%o1
+ ldda [%o0+%o1]0xd0,%f4
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
+!
+ .inline vis_lddfa_ASI_FL8P_lo,12
+ sll %o1,16,%o1
+ sra %o1,16,%o1
+ ldda [%o0+%o1]0xd0,%f4
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8S(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8S,8
+ ldda [%o0]0xd1,%f4 ! ASI_FL8_S
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16P(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16P,8
+ ldda [%o0]0xd2,%f4 ! ASI_FL16_P
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL16P_index,16
+ ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16S(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16S,8
+ ldda [%o0]0xd3,%f4 ! ASI_FL16_S
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8PL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8PL,8
+ ldda [%o0]0xd8,%f4 ! ASI_FL8_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL8PL_index,16
+ ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL8SL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL8SL,8
+ ldda [%o0]0xd9,%f4 ! ASI_FL8_SL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16PL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16PL,8
+ ldda [%o0]0xda,%f4 ! ASI_FL16_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
+!
+ .inline vis_lddfa_ASI_FL16PL_index,16
+ ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL
+ fmovd %f4,%f0
+ .end
+!
+! double vis_lddfa_ASI_FL16SL(void *rs1)
+!
+ .inline vis_lddfa_ASI_FL16SL,8
+ ldda [%o0]0xdb,%f4 ! ASI_FL16_SL
+ fmovd %f4,%f0
+ .end
+
+!--------------------------------------------------------------------
+! Graphics status register
+!
+! unsigned int vis_read_gsr(void)
+!
+ .inline vis_read_gsr,0
+ rd %gsr,%o0
+ .end
+!
+! void vis_write_gsr(unsigned int /* GSR */)
+!
+ .inline vis_write_gsr,4
+ wr %g0,%o0,%gsr
+ .end
+
+!--------------------------------------------------------------------
+! Voxel texture mapping
+!
+! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
+!
+ .inline vis_array8,12
+ array8 %o0,%o1,%o0
+ .end
+!
+! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
+!
+ .inline vis_array16,12
+ array16 %o0,%o1,%o0
+ .end
+!
+! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
+!
+ .inline vis_array32,12
+ array32 %o0,%o1,%o0
+ .end
+
+!--------------------------------------------------------------------
+! Register aliasing and type casts
+!
+! float vis_read_hi(double /* frs1 */);
+!
+ .inline vis_read_hi,8
+ fmovs %f0,%f0
+ .end
+!
+! float vis_read_lo(double /* frs1 */);
+!
+ .inline vis_read_lo,8
+ fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0;
+ .end
+!
+! double vis_write_hi(double /* frs1 */, float /* frs2 */);
+!
+ .inline vis_write_hi,12
+ fmovs %f3,%f0 ! %f3 = float frs2; return %f0:f1;
+ .end
+!
+! double vis_write_lo(double /* frs1 */, float /* frs2 */);
+!
+ .inline vis_write_lo,12
+ fmovs %f3,%f1 ! %f3 = float frs2; return %f0:f1;
+ .end
+!
+! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
+!
+ .inline vis_freg_pair,8
+ fmovs %f1,%f0 ! %f1 = float frs1; put in hi;
+ fmovs %f3,%f1 ! %f3 = float frs2; put in lo; return %f0:f1;
+ .end
+!
+! float vis_to_float(unsigned int /*value*/);
+!
+ .inline vis_to_float,4
+ st %o0,[%sp+2183]
+ ld [%sp+2183],%f0
+ .end
+!
+! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
+!
+ .inline vis_to_double,8
+ st %o0,[%sp+2183]
+ ld [%sp+2183],%f0
+ st %o1,[%sp+2183]
+ ld [%sp+2183],%f1
+ .end
+!
+! double vis_to_double_dup(unsigned int /*value*/);
+!
+ .inline vis_to_double_dup,4
+ st %o0,[%sp+2183]
+ ld [%sp+2183],%f1
+ fmovs %f1,%f0 ! duplicate value
+ .end
+!
+! double vis_ll_to_double(unsigned long long /*value*/);
+!
+ .inline vis_ll_to_double,8
+ stx %o0,[%sp+2183]
+ ldd [%sp+2183],%f0
+ .end
+
+!--------------------------------------------------------------------
+! Address space identifier (ASI) register
+!
+! unsigned int vis_read_asi(void)
+!
+ .inline vis_read_asi,0
+ rd %asi,%o0
+ .end
+!
+! void vis_write_asi(unsigned int /* ASI */)
+!
+ .inline vis_write_asi,4
+ wr %g0,%o0,%asi
+ .end
+
+!--------------------------------------------------------------------
+! Load/store from/into alternate space
+!
+! float vis_ldfa_ASI_REG(void *rs1)
+!
+ .inline vis_ldfa_ASI_REG,8
+ lda [%o0+0]%asi,%f4
+ fmovs %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! float vis_ldfa_ASI_P(void *rs1)
+!
+ .inline vis_ldfa_ASI_P,8
+ lda [%o0]0x80,%f4 ! ASI_P
+ fmovs %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! float vis_ldfa_ASI_PL(void *rs1)
+!
+ .inline vis_ldfa_ASI_PL,8
+ lda [%o0]0x88,%f4 ! ASI_PL
+ fmovs %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_REG(void *rs1)
+!
+ .inline vis_lddfa_ASI_REG,8
+ ldda [%o0+0]%asi,%f4
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_P(void *rs1)
+!
+ .inline vis_lddfa_ASI_P,8
+ ldda [%o0]0x80,%f4 ! ASI_P
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! double vis_lddfa_ASI_PL(void *rs1)
+!
+ .inline vis_lddfa_ASI_PL,8
+ ldda [%o0]0x88,%f4 ! ASI_PL
+ fmovd %f4,%f0 ! Compiler can clean this up
+ .end
+!
+! vis_stfa_ASI_REG(float frs, void *rs1)
+!
+ .inline vis_stfa_ASI_REG,12
+ sta %f1,[%o1+0]%asi
+ .end
+!
+! vis_stfa_ASI_P(float frs, void *rs1)
+!
+ .inline vis_stfa_ASI_P,12
+ sta %f1,[%o1]0x80 ! ASI_P
+ .end
+!
+! vis_stfa_ASI_PL(float frs, void *rs1)
+!
+ .inline vis_stfa_ASI_PL,12
+ sta %f1,[%o1]0x88 ! ASI_PL
+ .end
+!
+! vis_stdfa_ASI_REG(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_REG,16
+ stda %f0,[%o1+0]%asi
+ .end
+!
+! vis_stdfa_ASI_P(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_P,16
+ stda %f0,[%o1]0x80 ! ASI_P
+ .end
+!
+! vis_stdfa_ASI_PL(double frd, void *rs1)
+!
+ .inline vis_stdfa_ASI_PL,16
+ stda %f0,[%o1]0x88 ! ASI_PL
+ .end
+!
+! unsigned short vis_lduha_ASI_REG(void *rs1)
+!
+ .inline vis_lduha_ASI_REG,8
+ lduha [%o0+0]%asi,%o0
+ .end
+!
+! unsigned short vis_lduha_ASI_P(void *rs1)
+!
+ .inline vis_lduha_ASI_P,8
+ lduha [%o0]0x80,%o0 ! ASI_P
+ .end
+!
+! unsigned short vis_lduha_ASI_PL(void *rs1)
+!
+ .inline vis_lduha_ASI_PL,8
+ lduha [%o0]0x88,%o0 ! ASI_PL
+ .end
+!
+! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
+!
+ .inline vis_lduha_ASI_P_index,16
+ lduha [%o0+%o1]0x80,%o0 ! ASI_P
+ .end
+!
+! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
+!
+ .inline vis_lduha_ASI_PL_index,16
+ lduha [%o0+%o1]0x88,%o0 ! ASI_PL
+ .end
+
+!--------------------------------------------------------------------
+! Prefetch
+!
+! void vis_prefetch_read(void * /*address*/);
+!
+ .inline vis_prefetch_read,8
+ prefetch [%o0+0],0
+ .end
+!
+! void vis_prefetch_write(void * /*address*/);
+!
+ .inline vis_prefetch_write,8
+ prefetch [%o0+0],2
+ .end
diff --git a/security/nss/lib/freebl/mpi/vis_proto.h b/security/nss/lib/freebl/mpi/vis_proto.h
new file mode 100644
index 000000000..275de59df
--- /dev/null
+++ b/security/nss/lib/freebl/mpi/vis_proto.h
@@ -0,0 +1,234 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Prototypes for the inline templates in vis.il
+ */
+
+#ifndef VIS_PROTO_H
+#define VIS_PROTO_H
+
+#pragma ident "@(#)vis_proto.h 1.3 97/03/30 SMI"
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+/* Pure edge handling instructions */
+int vis_edge8(void * /*frs1*/, void * /*frs2*/);
+int vis_edge8l(void * /*frs1*/, void * /*frs2*/);
+int vis_edge16(void * /*frs1*/, void * /*frs2*/);
+int vis_edge16l(void * /*frs1*/, void * /*frs2*/);
+int vis_edge32(void * /*frs1*/, void * /*frs2*/);
+int vis_edge32l(void * /*frs1*/, void * /*frs2*/);
+
+/* Edge handling instructions with negative return values if cc set. */
+int vis_edge8cc(void * /*frs1*/, void * /*frs2*/);
+int vis_edge8lcc(void * /*frs1*/, void * /*frs2*/);
+int vis_edge16cc(void * /*frs1*/, void * /*frs2*/);
+int vis_edge16lcc(void * /*frs1*/, void * /*frs2*/);
+int vis_edge32cc(void * /*frs1*/, void * /*frs2*/);
+int vis_edge32lcc(void * /*frs1*/, void * /*frs2*/);
+
+/* Alignment instructions. */
+void *vis_alignaddr(void * /*rs1*/, int /*rs2*/);
+void *vis_alignaddrl(void * /*rs1*/, int /*rs2*/);
+double vis_faligndata(double /*frs1*/, double /*frs2*/);
+
+/* Partitioned comparison instructions. */
+int vis_fcmple16(double /*frs1*/, double /*frs2*/);
+int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
+int vis_fcmple32(double /*frs1*/, double /*frs2*/);
+int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
+int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
+int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
+int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
+int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
+
+/* Partitioned multiplication. */
+#if 0
+double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
+#endif
+double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
+double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
+double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
+double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
+double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
+double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
+double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
+
+/* Partitioned addition & subtraction. */
+double vis_fpadd16(double /*frs1*/, double /*frs2*/);
+float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
+double vis_fpadd32(double /*frs1*/, double /*frs2*/);
+float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
+double vis_fpsub16(double /*frs1*/, double /*frs2*/);
+float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
+double vis_fpsub32(double /*frs1*/, double /*frs2*/);
+float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
+
+/* Pixel packing & clamping. */
+float vis_fpack16(double /*frs2*/);
+double vis_fpack32(double /*frs1*/, double /*frs2*/);
+float vis_fpackfix(double /*frs2*/);
+
+/* Combined pack ops. */
+double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
+double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
+void vis_st2_fpack16(double, double, double *);
+void vis_std_fpack16(double, double, double *);
+void vis_st2_fpackfix(double, double, double *);
+
+double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
+double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
+
+/* Motion estimation. */
+double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
+
+/* Channel merging. */
+double vis_fpmerge(float /*frs1*/, float /*frs2*/);
+
+/* Pixel expansion. */
+double vis_fexpand(float /*frs2*/);
+double vis_fexpand_hi(double /*frs2*/);
+double vis_fexpand_lo(double /*frs2*/);
+
+/* Bitwise logical operators. */
+double vis_fnor(double /*frs1*/, double /*frs2*/);
+float vis_fnors(float /*frs1*/, float /*frs2*/);
+double vis_fandnot(double /*frs1*/, double /*frs2*/);
+float vis_fandnots(float /*frs1*/, float /*frs2*/);
+double vis_fnot(double /*frs1*/);
+float vis_fnots(float /*frs1*/);
+double vis_fxor(double /*frs1*/, double /*frs2*/);
+float vis_fxors(float /*frs1*/, float /*frs2*/);
+double vis_fnand(double /*frs1*/, double /*frs2*/);
+float vis_fnands(float /*frs1*/, float /*frs2*/);
+double vis_fand(double /*frs1*/, double /*frs2*/);
+float vis_fands(float /*frs1*/, float /*frs2*/);
+double vis_fxnor(double /*frs1*/, double /*frs2*/);
+float vis_fxnors(float /*frs1*/, float /*frs2*/);
+double vis_fsrc(double /*frs1*/);
+float vis_fsrcs(float /*frs1*/);
+double vis_fornot(double /*frs1*/, double /*frs2*/);
+float vis_fornots(float /*frs1*/, float /*frs2*/);
+double vis_for(double /*frs1*/, double /*frs2*/);
+float vis_fors(float /*frs1*/, float /*frs2*/);
+double vis_fzero(void);
+float vis_fzeros(void);
+double vis_fone(void);
+float vis_fones(void);
+
+/* Partial stores. */
+void vis_stdfa_ASI_PST8P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+void vis_stdfa_ASI_PST8PL(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+void vis_stdfa_ASI_PST8P_int_pair(void * /*rs1*/, void * /*rs2*/,
+ void * /*rs3*/, int /*rmask*/);
+void vis_stdfa_ASI_PST8S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+void vis_stdfa_ASI_PST16P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+void vis_stdfa_ASI_PST16S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+void vis_stdfa_ASI_PST32P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+void vis_stdfa_ASI_PST32S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
+
+/* Byte & short stores. */
+void vis_stdfa_ASI_FL8P(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL8P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
+void vis_stdfa_ASI_FL8S(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL16P(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL16P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
+void vis_stdfa_ASI_FL16S(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL8PL(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL8SL(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL16PL(double /*frd*/, void * /*rs1*/);
+void vis_stdfa_ASI_FL16SL(double /*frd*/, void * /*rs1*/);
+
+/* Byte & short loads. */
+double vis_lddfa_ASI_FL8P(void * /*rs1*/);
+double vis_lddfa_ASI_FL8P_index(void * /*rs1*/, long /*index*/);
+double vis_lddfa_ASI_FL8P_hi(void * /*rs1*/, unsigned int /*index*/);
+double vis_lddfa_ASI_FL8P_lo(void * /*rs1*/, unsigned int /*index*/);
+double vis_lddfa_ASI_FL8S(void * /*rs1*/);
+double vis_lddfa_ASI_FL16P(void * /*rs1*/);
+double vis_lddfa_ASI_FL16P_index(void * /*rs1*/, long /*index*/);
+double vis_lddfa_ASI_FL16S(void * /*rs1*/);
+double vis_lddfa_ASI_FL8PL(void * /*rs1*/);
+double vis_lddfa_ASI_FL8SL(void * /*rs1*/);
+double vis_lddfa_ASI_FL16PL(void * /*rs1*/);
+double vis_lddfa_ASI_FL16SL(void * /*rs1*/);
+
+/* Direct write to GSR, read from GSR */
+void vis_write_gsr(unsigned int /*GSR*/);
+unsigned int vis_read_gsr(void);
+
+/* Voxel texture mapping. */
+#if !defined(_NO_LONGLONG)
+unsigned long vis_array8(unsigned long long /*rs1*/, int /*rs2*/);
+unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/);
+unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/);
+#endif /* !defined(_NO_LONGLONG) */
+
+/* Register aliasing and type casts. */
+float vis_read_hi(double /*frs1*/);
+float vis_read_lo(double /*frs1*/);
+double vis_write_hi(double /*frs1*/, float /*frs2*/);
+double vis_write_lo(double /*frs1*/, float /*frs2*/);
+double vis_freg_pair(float /*frs1*/, float /*frs2*/);
+float vis_to_float(unsigned int /*value*/);
+double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
+double vis_to_double_dup(unsigned int /*value*/);
+#if !defined(_NO_LONGLONG)
+double vis_ll_to_double(unsigned long long /*value*/);
+#endif /* !defined(_NO_LONGLONG) */
+
+/* Miscellany (no inlines) */
+void vis_error(char * /*fmt*/, int /*a0*/);
+void vis_sim_init(void);
+
+/* For better performance */
+#define vis_fmul8x16(farg, darg) vis_fmul8x16_dummy((farg), 0, (darg))
+
+/* Nicknames for explicit ASI loads and stores. */
+#define vis_st_u8 vis_stdfa_ASI_FL8P
+#define vis_st_u8_i vis_stdfa_ASI_FL8P_index
+#define vis_st_u8_le vis_stdfa_ASI_FL8PL
+#define vis_st_u16 vis_stdfa_ASI_FL16P
+#define vis_st_u16_i vis_stdfa_ASI_FL16P_index
+#define vis_st_u16_le vis_stdfa_ASI_FL16PL
+
+#define vis_ld_u8 vis_lddfa_ASI_FL8P
+#define vis_ld_u8_i vis_lddfa_ASI_FL8P_index
+#define vis_ld_u8_le vis_lddfa_ASI_FL8PL
+#define vis_ld_u16 vis_lddfa_ASI_FL16P
+#define vis_ld_u16_i vis_lddfa_ASI_FL16P_index
+#define vis_ld_u16_le vis_lddfa_ASI_FL16PL
+
+#define vis_pst_8 vis_stdfa_ASI_PST8P
+#define vis_pst_16 vis_stdfa_ASI_PST16P
+#define vis_pst_32 vis_stdfa_ASI_PST32P
+
+#define vis_st_u8s vis_stdfa_ASI_FL8S
+#define vis_st_u8s_le vis_stdfa_ASI_FL8SL
+#define vis_st_u16s vis_stdfa_ASI_FL16S
+#define vis_st_u16s_le vis_stdfa_ASI_FL16SL
+
+#define vis_ld_u8s vis_lddfa_ASI_FL8S
+#define vis_ld_u8s_le vis_lddfa_ASI_FL8SL
+#define vis_ld_u16s vis_lddfa_ASI_FL16S
+#define vis_ld_u16s_le vis_lddfa_ASI_FL16SL
+
+#define vis_pst_8s vis_stdfa_ASI_PST8S
+#define vis_pst_16s vis_stdfa_ASI_PST16S
+#define vis_pst_32s vis_stdfa_ASI_PST32S
+
+/* "<" and ">=" may be implemented in terms of ">" and "<=". */
+#define vis_fcmplt16(a, b) vis_fcmpgt16((b), (a))
+#define vis_fcmplt32(a, b) vis_fcmpgt32((b), (a))
+#define vis_fcmpge16(a, b) vis_fcmple16((b), (a))
+#define vis_fcmpge32(a, b) vis_fcmple32((b), (a))
+
+#ifdef __cplusplus
+} // End of extern "C"
+#endif /* __cplusplus */
+
+#endif /* VIS_PROTO_H */
diff --git a/security/nss/lib/freebl/nsslowhash.c b/security/nss/lib/freebl/nsslowhash.c
new file mode 100644
index 000000000..5ed039689
--- /dev/null
+++ b/security/nss/lib/freebl/nsslowhash.c
@@ -0,0 +1,150 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+#include "prtypes.h"
+#include "secerr.h"
+#include "blapi.h"
+#include "hasht.h"
+#include "plhash.h"
+#include "nsslowhash.h"
+#include "blapii.h"
+
+struct NSSLOWInitContextStr {
+ int count;
+};
+
+struct NSSLOWHASHContextStr {
+ const SECHashObject *hashObj;
+ void *hashCtxt;
+};
+
+static int
+nsslow_GetFIPSEnabled(void)
+{
+#ifdef LINUX
+ FILE *f;
+ char d;
+ size_t size;
+
+ f = fopen("/proc/sys/crypto/fips_enabled", "r");
+ if (!f)
+ return 0;
+
+ size = fread(&d, 1, 1, f);
+ fclose(f);
+ if (size != 1)
+ return 0;
+ if (d != '1')
+ return 0;
+#endif
+ return 1;
+}
+
+static NSSLOWInitContext dummyContext = { 0 };
+static PRBool post_failed = PR_TRUE;
+
+NSSLOWInitContext *
+NSSLOW_Init(void)
+{
+#ifdef FREEBL_NO_DEPEND
+ (void)FREEBL_InitStubs();
+#endif
+
+ /* make sure the FIPS product is installed if we are trying to
+ * go into FIPS mode */
+ if (nsslow_GetFIPSEnabled()) {
+ if (BL_FIPSEntryOK(PR_TRUE) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ post_failed = PR_TRUE;
+ return NULL;
+ }
+ }
+ post_failed = PR_FALSE;
+
+ return &dummyContext;
+}
+
+void
+NSSLOW_Shutdown(NSSLOWInitContext *context)
+{
+ PORT_Assert(context == &dummyContext);
+ return;
+}
+
+void
+NSSLOW_Reset(NSSLOWInitContext *context)
+{
+ PORT_Assert(context == &dummyContext);
+ return;
+}
+
+NSSLOWHASHContext *
+NSSLOWHASH_NewContext(NSSLOWInitContext *initContext,
+ HASH_HashType hashType)
+{
+ NSSLOWHASHContext *context;
+
+ if (post_failed) {
+ PORT_SetError(SEC_ERROR_PKCS11_DEVICE_ERROR);
+ return NULL;
+ }
+
+ if (initContext != &dummyContext) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return (NULL);
+ }
+
+ context = PORT_ZNew(NSSLOWHASHContext);
+ if (!context) {
+ return NULL;
+ }
+ context->hashObj = HASH_GetRawHashObject(hashType);
+ if (!context->hashObj) {
+ PORT_Free(context);
+ return NULL;
+ }
+ context->hashCtxt = context->hashObj->create();
+ if (!context->hashCtxt) {
+ PORT_Free(context);
+ return NULL;
+ }
+
+ return context;
+}
+
+void
+NSSLOWHASH_Begin(NSSLOWHASHContext *context)
+{
+ return context->hashObj->begin(context->hashCtxt);
+}
+
+void
+NSSLOWHASH_Update(NSSLOWHASHContext *context, const unsigned char *buf,
+ unsigned int len)
+{
+ return context->hashObj->update(context->hashCtxt, buf, len);
+}
+
+void
+NSSLOWHASH_End(NSSLOWHASHContext *context, unsigned char *buf,
+ unsigned int *ret, unsigned int len)
+{
+ return context->hashObj->end(context->hashCtxt, buf, ret, len);
+}
+
+void
+NSSLOWHASH_Destroy(NSSLOWHASHContext *context)
+{
+ context->hashObj->destroy(context->hashCtxt, PR_TRUE);
+ PORT_Free(context);
+}
+
+unsigned int
+NSSLOWHASH_Length(NSSLOWHASHContext *context)
+{
+ return context->hashObj->length;
+}
diff --git a/security/nss/lib/freebl/nsslowhash.h b/security/nss/lib/freebl/nsslowhash.h
new file mode 100644
index 000000000..d8f058715
--- /dev/null
+++ b/security/nss/lib/freebl/nsslowhash.h
@@ -0,0 +1,33 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Provide FIPS validated hashing for applications that only need hashing.
+ * NOTE: mac'ing requires keys and will not work in this interface.
+ * Also NOTE: this only works with Hashing. Only the FIPS interface is enabled.
+ */
+
+#ifndef _NSSLOWHASH_H_
+#define _NSSLOWHASH_H_
+
+typedef struct NSSLOWInitContextStr NSSLOWInitContext;
+typedef struct NSSLOWHASHContextStr NSSLOWHASHContext;
+
+NSSLOWInitContext *NSSLOW_Init(void);
+void NSSLOW_Shutdown(NSSLOWInitContext *context);
+void NSSLOW_Reset(NSSLOWInitContext *context);
+NSSLOWHASHContext *NSSLOWHASH_NewContext(
+ NSSLOWInitContext *initContext,
+ HASH_HashType hashType);
+void NSSLOWHASH_Begin(NSSLOWHASHContext *context);
+void NSSLOWHASH_Update(NSSLOWHASHContext *context,
+ const unsigned char *buf,
+ unsigned int len);
+void NSSLOWHASH_End(NSSLOWHASHContext *context,
+ unsigned char *buf,
+ unsigned int *ret, unsigned int len);
+void NSSLOWHASH_Destroy(NSSLOWHASHContext *context);
+unsigned int NSSLOWHASH_Length(NSSLOWHASHContext *context);
+
+#endif
diff --git a/security/nss/lib/freebl/os2_rand.c b/security/nss/lib/freebl/os2_rand.c
new file mode 100644
index 000000000..407b08014
--- /dev/null
+++ b/security/nss/lib/freebl/os2_rand.c
@@ -0,0 +1,334 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#define INCL_DOS
+#define INCL_DOSERRORS
+#include <os2.h>
+#include "secrng.h"
+#include "prerror.h"
+#include <stdlib.h>
+#include <time.h>
+#include <stdio.h>
+#include <sys/stat.h>
+
+static BOOL
+clockTickTime(unsigned long *phigh, unsigned long *plow)
+{
+ APIRET rc = NO_ERROR;
+ QWORD qword = { 0, 0 };
+
+ rc = DosTmrQueryTime(&qword);
+ if (rc != NO_ERROR)
+ return FALSE;
+
+ *phigh = qword.ulHi;
+ *plow = qword.ulLo;
+
+ return TRUE;
+}
+
+size_t
+RNG_GetNoise(void *buf, size_t maxbuf)
+{
+ unsigned long high = 0;
+ unsigned long low = 0;
+ clock_t val = 0;
+ int n = 0;
+ int nBytes = 0;
+ time_t sTime;
+
+ if (maxbuf <= 0)
+ return 0;
+
+ clockTickTime(&high, &low);
+
+ /* get the maximally changing bits first */
+ nBytes = sizeof(low) > maxbuf ? maxbuf : sizeof(low);
+ memcpy(buf, &low, nBytes);
+ n += nBytes;
+ maxbuf -= nBytes;
+
+ if (maxbuf <= 0)
+ return n;
+
+ nBytes = sizeof(high) > maxbuf ? maxbuf : sizeof(high);
+ memcpy(((char *)buf) + n, &high, nBytes);
+ n += nBytes;
+ maxbuf -= nBytes;
+
+ if (maxbuf <= 0)
+ return n;
+
+ /* get the number of milliseconds that have elapsed since application started */
+ val = clock();
+
+ nBytes = sizeof(val) > maxbuf ? maxbuf : sizeof(val);
+ memcpy(((char *)buf) + n, &val, nBytes);
+ n += nBytes;
+ maxbuf -= nBytes;
+
+ if (maxbuf <= 0)
+ return n;
+
+ /* get the time in seconds since midnight Jan 1, 1970 */
+ time(&sTime);
+ nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
+ memcpy(((char *)buf) + n, &sTime, nBytes);
+ n += nBytes;
+
+ return n;
+}
+
+static BOOL
+EnumSystemFiles(void (*func)(const char *))
+{
+ APIRET rc;
+ ULONG sysInfo = 0;
+ char bootLetter[2];
+ char sysDir[_MAX_PATH] = "";
+ char filename[_MAX_PATH];
+ HDIR hdir = HDIR_CREATE;
+ ULONG numFiles = 1;
+ FILEFINDBUF3 fileBuf = { 0 };
+ ULONG buflen = sizeof(FILEFINDBUF3);
+
+ if (DosQuerySysInfo(QSV_BOOT_DRIVE, QSV_BOOT_DRIVE, (PVOID)&sysInfo,
+ sizeof(ULONG)) == NO_ERROR) {
+ bootLetter[0] = sysInfo + 'A' - 1;
+ bootLetter[1] = '\0';
+ strcpy(sysDir, bootLetter);
+ strcpy(sysDir + 1, ":\\OS2\\");
+
+ strcpy(filename, sysDir);
+ strcat(filename, "*.*");
+ }
+
+ rc = DosFindFirst(filename, &hdir, FILE_NORMAL, &fileBuf, buflen,
+ &numFiles, FIL_STANDARD);
+ if (rc == NO_ERROR) {
+ do {
+ // pass the full pathname to the callback
+ sprintf(filename, "%s%s", sysDir, fileBuf.achName);
+ (*func)(filename);
+
+ numFiles = 1;
+ rc = DosFindNext(hdir, &fileBuf, buflen, &numFiles);
+ if (rc != NO_ERROR && rc != ERROR_NO_MORE_FILES)
+ printf("DosFindNext errod code = %d\n", rc);
+ } while (rc == NO_ERROR);
+
+ rc = DosFindClose(hdir);
+ if (rc != NO_ERROR)
+ printf("DosFindClose error code = %d", rc);
+ } else
+ printf("DosFindFirst error code = %d", rc);
+
+ return TRUE;
+}
+
+static int dwNumFiles, dwReadEvery, dwFileToRead = 0;
+
+static void
+CountFiles(const char *file)
+{
+ dwNumFiles++;
+}
+
+static void
+ReadFiles(const char *file)
+{
+ if ((dwNumFiles % dwReadEvery) == 0)
+ RNG_FileForRNG(file);
+
+ dwNumFiles++;
+}
+
+static void
+ReadSingleFile(const char *filename)
+{
+ unsigned char buffer[1024];
+ FILE *file;
+
+ file = fopen((char *)filename, "rb");
+ if (file != NULL) {
+ while (fread(buffer, 1, sizeof(buffer), file) > 0)
+ ;
+ fclose(file);
+ }
+}
+
+static void
+ReadOneFile(const char *file)
+{
+ if (dwNumFiles == dwFileToRead) {
+ ReadSingleFile(file);
+ }
+
+ dwNumFiles++;
+}
+
+static void
+ReadSystemFiles(void)
+{
+ // first count the number of files
+ dwNumFiles = 0;
+ if (!EnumSystemFiles(CountFiles))
+ return;
+
+ RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
+
+ // now read 10 files
+ if (dwNumFiles == 0)
+ return;
+
+ dwReadEvery = dwNumFiles / 10;
+ if (dwReadEvery == 0)
+ dwReadEvery = 1; // less than 10 files
+
+ dwNumFiles = 0;
+ EnumSystemFiles(ReadFiles);
+}
+
+void
+RNG_SystemInfoForRNG(void)
+{
+ unsigned long *plong = 0;
+ PTIB ptib;
+ PPIB ppib;
+ APIRET rc = NO_ERROR;
+ DATETIME dt;
+ COUNTRYCODE cc = { 0 };
+ COUNTRYINFO ci = { 0 };
+ unsigned long actual = 0;
+ char path[_MAX_PATH] = "";
+ char fullpath[_MAX_PATH] = "";
+ unsigned long pathlength = sizeof(path);
+ FSALLOCATE fsallocate;
+ FILESTATUS3 fstatus;
+ unsigned long defaultdrive = 0;
+ unsigned long logicaldrives = 0;
+ unsigned long sysInfo[QSV_MAX] = { 0 };
+ char buffer[20];
+ int nBytes = 0;
+
+ nBytes = RNG_GetNoise(buffer, sizeof(buffer));
+ RNG_RandomUpdate(buffer, nBytes);
+
+ /* allocate memory and use address and memory */
+ plong = (unsigned long *)malloc(sizeof(*plong));
+ RNG_RandomUpdate(&plong, sizeof(plong));
+ RNG_RandomUpdate(plong, sizeof(*plong));
+ free(plong);
+
+ /* process info */
+ rc = DosGetInfoBlocks(&ptib, &ppib);
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(ptib, sizeof(*ptib));
+ RNG_RandomUpdate(ppib, sizeof(*ppib));
+ }
+
+ /* time */
+ rc = DosGetDateTime(&dt);
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(&dt, sizeof(dt));
+ }
+
+ /* country */
+ rc = DosQueryCtryInfo(sizeof(ci), &cc, &ci, &actual);
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(&cc, sizeof(cc));
+ RNG_RandomUpdate(&ci, sizeof(ci));
+ RNG_RandomUpdate(&actual, sizeof(actual));
+ }
+
+ /* current directory */
+ rc = DosQueryCurrentDir(0, path, &pathlength);
+ strcat(fullpath, "\\");
+ strcat(fullpath, path);
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(fullpath, strlen(fullpath));
+ // path info
+ rc = DosQueryPathInfo(fullpath, FIL_STANDARD, &fstatus, sizeof(fstatus));
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(&fstatus, sizeof(fstatus));
+ }
+ }
+
+ /* file system info */
+ rc = DosQueryFSInfo(0, FSIL_ALLOC, &fsallocate, sizeof(fsallocate));
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(&fsallocate, sizeof(fsallocate));
+ }
+
+ /* drive info */
+ rc = DosQueryCurrentDisk(&defaultdrive, &logicaldrives);
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(&defaultdrive, sizeof(defaultdrive));
+ RNG_RandomUpdate(&logicaldrives, sizeof(logicaldrives));
+ }
+
+ /* system info */
+ rc = DosQuerySysInfo(1L, QSV_MAX, (PVOID)&sysInfo, sizeof(ULONG) * QSV_MAX);
+ if (rc == NO_ERROR) {
+ RNG_RandomUpdate(&sysInfo, sizeof(sysInfo));
+ }
+
+ // now let's do some files
+ ReadSystemFiles();
+
+ /* more noise */
+ nBytes = RNG_GetNoise(buffer, sizeof(buffer));
+ RNG_RandomUpdate(buffer, nBytes);
+}
+
+void
+RNG_FileForRNG(const char *filename)
+{
+ struct stat stat_buf;
+ unsigned char buffer[1024];
+ FILE *file = 0;
+ int nBytes = 0;
+ static int totalFileBytes = 0;
+
+ if (stat((char *)filename, &stat_buf) < 0)
+ return;
+
+ RNG_RandomUpdate((unsigned char *)&stat_buf, sizeof(stat_buf));
+
+ file = fopen((char *)filename, "r");
+ if (file != NULL) {
+ for (;;) {
+ size_t bytes = fread(buffer, 1, sizeof(buffer), file);
+
+ if (bytes == 0)
+ break;
+
+ RNG_RandomUpdate(buffer, bytes);
+ totalFileBytes += bytes;
+ if (totalFileBytes > 250000)
+ break;
+ }
+ fclose(file);
+ }
+
+ nBytes = RNG_GetNoise(buffer, 20);
+ RNG_RandomUpdate(buffer, nBytes);
+}
+
+static void
+rng_systemJitter(void)
+{
+ dwNumFiles = 0;
+ EnumSystemFiles(ReadOneFile);
+ dwFileToRead++;
+ if (dwFileToRead >= dwNumFiles) {
+ dwFileToRead = 0;
+ }
+}
+
+size_t
+RNG_SystemRNG(void *dest, size_t maxLen)
+{
+ return rng_systemFromNoise(dest, maxLen);
+}
diff --git a/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c b/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c
new file mode 100644
index 000000000..3c803c167
--- /dev/null
+++ b/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c
@@ -0,0 +1,881 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This implementation of poly1305 is by Andrew Moon
+ * (https://github.com/floodyberry/poly1305-donna) and released as public
+ * domain. It implements SIMD vectorization based on the algorithm described in
+ * http://cr.yp.to/papers.html#neoncrypto. Unrolled to 2 powers, i.e. 64 byte
+ * block size. */
+
+#include <emmintrin.h>
+#include <stdint.h>
+
+#include "poly1305.h"
+#include "blapii.h"
+
+#define ALIGN(x) __attribute__((aligned(x)))
+#define INLINE inline
+#define U8TO64_LE(m) (*(uint64_t *)(m))
+#define U8TO32_LE(m) (*(uint32_t *)(m))
+#define U64TO8_LE(m, v) (*(uint64_t *)(m)) = v
+
+typedef __m128i xmmi;
+typedef unsigned __int128 uint128_t;
+
+static const uint32_t ALIGN(16) poly1305_x64_sse2_message_mask[4] = { (1 << 26) - 1, 0, (1 << 26) - 1, 0 };
+static const uint32_t ALIGN(16) poly1305_x64_sse2_5[4] = { 5, 0, 5, 0 };
+static const uint32_t ALIGN(16) poly1305_x64_sse2_1shl128[4] = { (1 << 24), 0, (1 << 24), 0 };
+
+static uint128_t INLINE
+add128(uint128_t a, uint128_t b)
+{
+ return a + b;
+}
+
+static uint128_t INLINE
+add128_64(uint128_t a, uint64_t b)
+{
+ return a + b;
+}
+
+static uint128_t INLINE
+mul64x64_128(uint64_t a, uint64_t b)
+{
+ return (uint128_t)a * b;
+}
+
+static uint64_t INLINE
+lo128(uint128_t a)
+{
+ return (uint64_t)a;
+}
+
+static uint64_t INLINE
+shr128(uint128_t v, const int shift)
+{
+ return (uint64_t)(v >> shift);
+}
+
+static uint64_t INLINE
+shr128_pair(uint64_t hi, uint64_t lo, const int shift)
+{
+ return (uint64_t)((((uint128_t)hi << 64) | lo) >> shift);
+}
+
+typedef struct poly1305_power_t {
+ union {
+ xmmi v;
+ uint64_t u[2];
+ uint32_t d[4];
+ } R20, R21, R22, R23, R24, S21, S22, S23, S24;
+} poly1305_power;
+
+typedef struct poly1305_state_internal_t {
+ poly1305_power P[2]; /* 288 bytes, top 32 bit halves unused = 144 bytes of free storage */
+ union {
+ xmmi H[5]; /* 80 bytes */
+ uint64_t HH[10];
+ };
+ /* uint64_t r0,r1,r2; [24 bytes] */
+ /* uint64_t pad0,pad1; [16 bytes] */
+ uint64_t started; /* 8 bytes */
+ uint64_t leftover; /* 8 bytes */
+ uint8_t buffer[64]; /* 64 bytes */
+} poly1305_state_internal; /* 448 bytes total + 63 bytes for alignment = 511 bytes raw */
+
+static poly1305_state_internal INLINE
+ *
+ poly1305_aligned_state(poly1305_state *state)
+{
+ return (poly1305_state_internal *)(((uint64_t)state + 63) & ~63);
+}
+
+/* copy 0-63 bytes */
+static void INLINE NO_SANITIZE_ALIGNMENT
+poly1305_block_copy(uint8_t *dst, const uint8_t *src, size_t bytes)
+{
+ size_t offset = src - dst;
+ if (bytes & 32) {
+ _mm_storeu_si128((xmmi *)(dst + 0), _mm_loadu_si128((xmmi *)(dst + offset + 0)));
+ _mm_storeu_si128((xmmi *)(dst + 16), _mm_loadu_si128((xmmi *)(dst + offset + 16)));
+ dst += 32;
+ }
+ if (bytes & 16) {
+ _mm_storeu_si128((xmmi *)dst, _mm_loadu_si128((xmmi *)(dst + offset)));
+ dst += 16;
+ }
+ if (bytes & 8) {
+ *(uint64_t *)dst = *(uint64_t *)(dst + offset);
+ dst += 8;
+ }
+ if (bytes & 4) {
+ *(uint32_t *)dst = *(uint32_t *)(dst + offset);
+ dst += 4;
+ }
+ if (bytes & 2) {
+ *(uint16_t *)dst = *(uint16_t *)(dst + offset);
+ dst += 2;
+ }
+ if (bytes & 1) {
+ *(uint8_t *)dst = *(uint8_t *)(dst + offset);
+ }
+}
+
+/* zero 0-15 bytes */
+static void INLINE
+poly1305_block_zero(uint8_t *dst, size_t bytes)
+{
+ if (bytes & 8) {
+ *(uint64_t *)dst = 0;
+ dst += 8;
+ }
+ if (bytes & 4) {
+ *(uint32_t *)dst = 0;
+ dst += 4;
+ }
+ if (bytes & 2) {
+ *(uint16_t *)dst = 0;
+ dst += 2;
+ }
+ if (bytes & 1) {
+ *(uint8_t *)dst = 0;
+ }
+}
+
+static size_t INLINE
+poly1305_min(size_t a, size_t b)
+{
+ return (a < b) ? a : b;
+}
+
+void
+Poly1305Init(poly1305_state *state, const unsigned char key[32])
+{
+ poly1305_state_internal *st = poly1305_aligned_state(state);
+ poly1305_power *p;
+ uint64_t r0, r1, r2;
+ uint64_t t0, t1;
+
+ /* clamp key */
+ t0 = U8TO64_LE(key + 0);
+ t1 = U8TO64_LE(key + 8);
+ r0 = t0 & 0xffc0fffffff;
+ t0 >>= 44;
+ t0 |= t1 << 20;
+ r1 = t0 & 0xfffffc0ffff;
+ t1 >>= 24;
+ r2 = t1 & 0x00ffffffc0f;
+
+ /* store r in un-used space of st->P[1] */
+ p = &st->P[1];
+ p->R20.d[1] = (uint32_t)(r0);
+ p->R20.d[3] = (uint32_t)(r0 >> 32);
+ p->R21.d[1] = (uint32_t)(r1);
+ p->R21.d[3] = (uint32_t)(r1 >> 32);
+ p->R22.d[1] = (uint32_t)(r2);
+ p->R22.d[3] = (uint32_t)(r2 >> 32);
+
+ /* store pad */
+ p->R23.d[1] = U8TO32_LE(key + 16);
+ p->R23.d[3] = U8TO32_LE(key + 20);
+ p->R24.d[1] = U8TO32_LE(key + 24);
+ p->R24.d[3] = U8TO32_LE(key + 28);
+
+ /* H = 0 */
+ st->H[0] = _mm_setzero_si128();
+ st->H[1] = _mm_setzero_si128();
+ st->H[2] = _mm_setzero_si128();
+ st->H[3] = _mm_setzero_si128();
+ st->H[4] = _mm_setzero_si128();
+
+ st->started = 0;
+ st->leftover = 0;
+}
+
+static void
+poly1305_first_block(poly1305_state_internal *st, const uint8_t *m)
+{
+ const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask);
+ const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5);
+ const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128);
+ xmmi T5, T6;
+ poly1305_power *p;
+ uint128_t d[3];
+ uint64_t r0, r1, r2;
+ uint64_t r20, r21, r22, s22;
+ uint64_t pad0, pad1;
+ uint64_t c;
+ uint64_t i;
+
+ /* pull out stored info */
+ p = &st->P[1];
+
+ r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1];
+ r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
+ r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
+ pad0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1];
+ pad1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1];
+
+ /* compute powers r^2,r^4 */
+ r20 = r0;
+ r21 = r1;
+ r22 = r2;
+ for (i = 0; i < 2; i++) {
+ s22 = r22 * (5 << 2);
+
+ d[0] = add128(mul64x64_128(r20, r20), mul64x64_128(r21 * 2, s22));
+ d[1] = add128(mul64x64_128(r22, s22), mul64x64_128(r20 * 2, r21));
+ d[2] = add128(mul64x64_128(r21, r21), mul64x64_128(r22 * 2, r20));
+
+ r20 = lo128(d[0]) & 0xfffffffffff;
+ c = shr128(d[0], 44);
+ d[1] = add128_64(d[1], c);
+ r21 = lo128(d[1]) & 0xfffffffffff;
+ c = shr128(d[1], 44);
+ d[2] = add128_64(d[2], c);
+ r22 = lo128(d[2]) & 0x3ffffffffff;
+ c = shr128(d[2], 42);
+ r20 += c * 5;
+ c = (r20 >> 44);
+ r20 = r20 & 0xfffffffffff;
+ r21 += c;
+
+ p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
+ p->R21.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
+ p->R22.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 8)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
+ p->R23.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 34) | (r22 << 10)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
+ p->R24.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r22 >> 16))), _MM_SHUFFLE(1, 0, 1, 0));
+ p->S21.v = _mm_mul_epu32(p->R21.v, FIVE);
+ p->S22.v = _mm_mul_epu32(p->R22.v, FIVE);
+ p->S23.v = _mm_mul_epu32(p->R23.v, FIVE);
+ p->S24.v = _mm_mul_epu32(p->R24.v, FIVE);
+ p--;
+ }
+
+ /* put saved info back */
+ p = &st->P[1];
+ p->R20.d[1] = (uint32_t)(r0);
+ p->R20.d[3] = (uint32_t)(r0 >> 32);
+ p->R21.d[1] = (uint32_t)(r1);
+ p->R21.d[3] = (uint32_t)(r1 >> 32);
+ p->R22.d[1] = (uint32_t)(r2);
+ p->R22.d[3] = (uint32_t)(r2 >> 32);
+ p->R23.d[1] = (uint32_t)(pad0);
+ p->R23.d[3] = (uint32_t)(pad0 >> 32);
+ p->R24.d[1] = (uint32_t)(pad1);
+ p->R24.d[3] = (uint32_t)(pad1 >> 32);
+
+ /* H = [Mx,My] */
+ T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16)));
+ T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24)));
+ st->H[0] = _mm_and_si128(MMASK, T5);
+ st->H[1] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
+ st->H[2] = _mm_and_si128(MMASK, T5);
+ st->H[3] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ st->H[4] = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
+}
+
+static void
+poly1305_blocks(poly1305_state_internal *st, const uint8_t *m, size_t bytes)
+{
+ const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask);
+ const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5);
+ const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128);
+
+ poly1305_power *p;
+ xmmi H0, H1, H2, H3, H4;
+ xmmi T0, T1, T2, T3, T4, T5, T6;
+ xmmi M0, M1, M2, M3, M4;
+ xmmi C1, C2;
+
+ H0 = st->H[0];
+ H1 = st->H[1];
+ H2 = st->H[2];
+ H3 = st->H[3];
+ H4 = st->H[4];
+
+ while (bytes >= 64) {
+ /* H *= [r^4,r^4] */
+ p = &st->P[0];
+ T0 = _mm_mul_epu32(H0, p->R20.v);
+ T1 = _mm_mul_epu32(H0, p->R21.v);
+ T2 = _mm_mul_epu32(H0, p->R22.v);
+ T3 = _mm_mul_epu32(H0, p->R23.v);
+ T4 = _mm_mul_epu32(H0, p->R24.v);
+ T5 = _mm_mul_epu32(H1, p->S24.v);
+ T6 = _mm_mul_epu32(H1, p->R20.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H2, p->S23.v);
+ T6 = _mm_mul_epu32(H2, p->S24.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H3, p->S22.v);
+ T6 = _mm_mul_epu32(H3, p->S23.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H4, p->S21.v);
+ T6 = _mm_mul_epu32(H4, p->S22.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H1, p->R21.v);
+ T6 = _mm_mul_epu32(H1, p->R22.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H2, p->R20.v);
+ T6 = _mm_mul_epu32(H2, p->R21.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H3, p->S24.v);
+ T6 = _mm_mul_epu32(H3, p->R20.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H4, p->S23.v);
+ T6 = _mm_mul_epu32(H4, p->S24.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H1, p->R23.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H2, p->R22.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H3, p->R21.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H4, p->R20.v);
+ T4 = _mm_add_epi64(T4, T5);
+
+ /* H += [Mx,My]*[r^2,r^2] */
+ T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16)));
+ T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24)));
+ M0 = _mm_and_si128(MMASK, T5);
+ M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
+ M2 = _mm_and_si128(MMASK, T5);
+ M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
+
+ p = &st->P[1];
+ T5 = _mm_mul_epu32(M0, p->R20.v);
+ T6 = _mm_mul_epu32(M0, p->R21.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(M1, p->S24.v);
+ T6 = _mm_mul_epu32(M1, p->R20.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(M2, p->S23.v);
+ T6 = _mm_mul_epu32(M2, p->S24.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(M3, p->S22.v);
+ T6 = _mm_mul_epu32(M3, p->S23.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(M4, p->S21.v);
+ T6 = _mm_mul_epu32(M4, p->S22.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(M0, p->R22.v);
+ T6 = _mm_mul_epu32(M0, p->R23.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(M1, p->R21.v);
+ T6 = _mm_mul_epu32(M1, p->R22.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(M2, p->R20.v);
+ T6 = _mm_mul_epu32(M2, p->R21.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(M3, p->S24.v);
+ T6 = _mm_mul_epu32(M3, p->R20.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(M4, p->S23.v);
+ T6 = _mm_mul_epu32(M4, p->S24.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(M0, p->R24.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(M1, p->R23.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(M2, p->R22.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(M3, p->R21.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(M4, p->R20.v);
+ T4 = _mm_add_epi64(T4, T5);
+
+ /* H += [Mx,My] */
+ T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 32)), _mm_loadl_epi64((xmmi *)(m + 48)));
+ T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 40)), _mm_loadl_epi64((xmmi *)(m + 56)));
+ M0 = _mm_and_si128(MMASK, T5);
+ M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
+ M2 = _mm_and_si128(MMASK, T5);
+ M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
+
+ T0 = _mm_add_epi64(T0, M0);
+ T1 = _mm_add_epi64(T1, M1);
+ T2 = _mm_add_epi64(T2, M2);
+ T3 = _mm_add_epi64(T3, M3);
+ T4 = _mm_add_epi64(T4, M4);
+
+ /* reduce */
+ C1 = _mm_srli_epi64(T0, 26);
+ C2 = _mm_srli_epi64(T3, 26);
+ T0 = _mm_and_si128(T0, MMASK);
+ T3 = _mm_and_si128(T3, MMASK);
+ T1 = _mm_add_epi64(T1, C1);
+ T4 = _mm_add_epi64(T4, C2);
+ C1 = _mm_srli_epi64(T1, 26);
+ C2 = _mm_srli_epi64(T4, 26);
+ T1 = _mm_and_si128(T1, MMASK);
+ T4 = _mm_and_si128(T4, MMASK);
+ T2 = _mm_add_epi64(T2, C1);
+ T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE));
+ C1 = _mm_srli_epi64(T2, 26);
+ C2 = _mm_srli_epi64(T0, 26);
+ T2 = _mm_and_si128(T2, MMASK);
+ T0 = _mm_and_si128(T0, MMASK);
+ T3 = _mm_add_epi64(T3, C1);
+ T1 = _mm_add_epi64(T1, C2);
+ C1 = _mm_srli_epi64(T3, 26);
+ T3 = _mm_and_si128(T3, MMASK);
+ T4 = _mm_add_epi64(T4, C1);
+
+ /* H = (H*[r^4,r^4] + [Mx,My]*[r^2,r^2] + [Mx,My]) */
+ H0 = T0;
+ H1 = T1;
+ H2 = T2;
+ H3 = T3;
+ H4 = T4;
+
+ m += 64;
+ bytes -= 64;
+ }
+
+ st->H[0] = H0;
+ st->H[1] = H1;
+ st->H[2] = H2;
+ st->H[3] = H3;
+ st->H[4] = H4;
+}
+
+static size_t
+poly1305_combine(poly1305_state_internal *st, const uint8_t *m, size_t bytes)
+{
+ const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask);
+ const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128);
+ const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5);
+
+ poly1305_power *p;
+ xmmi H0, H1, H2, H3, H4;
+ xmmi M0, M1, M2, M3, M4;
+ xmmi T0, T1, T2, T3, T4, T5, T6;
+ xmmi C1, C2;
+
+ uint64_t r0, r1, r2;
+ uint64_t t0, t1, t2, t3, t4;
+ uint64_t c;
+ size_t consumed = 0;
+
+ H0 = st->H[0];
+ H1 = st->H[1];
+ H2 = st->H[2];
+ H3 = st->H[3];
+ H4 = st->H[4];
+
+ /* p = [r^2,r^2] */
+ p = &st->P[1];
+
+ if (bytes >= 32) {
+ /* H *= [r^2,r^2] */
+ T0 = _mm_mul_epu32(H0, p->R20.v);
+ T1 = _mm_mul_epu32(H0, p->R21.v);
+ T2 = _mm_mul_epu32(H0, p->R22.v);
+ T3 = _mm_mul_epu32(H0, p->R23.v);
+ T4 = _mm_mul_epu32(H0, p->R24.v);
+ T5 = _mm_mul_epu32(H1, p->S24.v);
+ T6 = _mm_mul_epu32(H1, p->R20.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H2, p->S23.v);
+ T6 = _mm_mul_epu32(H2, p->S24.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H3, p->S22.v);
+ T6 = _mm_mul_epu32(H3, p->S23.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H4, p->S21.v);
+ T6 = _mm_mul_epu32(H4, p->S22.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H1, p->R21.v);
+ T6 = _mm_mul_epu32(H1, p->R22.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H2, p->R20.v);
+ T6 = _mm_mul_epu32(H2, p->R21.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H3, p->S24.v);
+ T6 = _mm_mul_epu32(H3, p->R20.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H4, p->S23.v);
+ T6 = _mm_mul_epu32(H4, p->S24.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H1, p->R23.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H2, p->R22.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H3, p->R21.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H4, p->R20.v);
+ T4 = _mm_add_epi64(T4, T5);
+
+ /* H += [Mx,My] */
+ T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16)));
+ T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24)));
+ M0 = _mm_and_si128(MMASK, T5);
+ M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
+ M2 = _mm_and_si128(MMASK, T5);
+ M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
+ M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
+
+ T0 = _mm_add_epi64(T0, M0);
+ T1 = _mm_add_epi64(T1, M1);
+ T2 = _mm_add_epi64(T2, M2);
+ T3 = _mm_add_epi64(T3, M3);
+ T4 = _mm_add_epi64(T4, M4);
+
+ /* reduce */
+ C1 = _mm_srli_epi64(T0, 26);
+ C2 = _mm_srli_epi64(T3, 26);
+ T0 = _mm_and_si128(T0, MMASK);
+ T3 = _mm_and_si128(T3, MMASK);
+ T1 = _mm_add_epi64(T1, C1);
+ T4 = _mm_add_epi64(T4, C2);
+ C1 = _mm_srli_epi64(T1, 26);
+ C2 = _mm_srli_epi64(T4, 26);
+ T1 = _mm_and_si128(T1, MMASK);
+ T4 = _mm_and_si128(T4, MMASK);
+ T2 = _mm_add_epi64(T2, C1);
+ T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE));
+ C1 = _mm_srli_epi64(T2, 26);
+ C2 = _mm_srli_epi64(T0, 26);
+ T2 = _mm_and_si128(T2, MMASK);
+ T0 = _mm_and_si128(T0, MMASK);
+ T3 = _mm_add_epi64(T3, C1);
+ T1 = _mm_add_epi64(T1, C2);
+ C1 = _mm_srli_epi64(T3, 26);
+ T3 = _mm_and_si128(T3, MMASK);
+ T4 = _mm_add_epi64(T4, C1);
+
+ /* H = (H*[r^2,r^2] + [Mx,My]) */
+ H0 = T0;
+ H1 = T1;
+ H2 = T2;
+ H3 = T3;
+ H4 = T4;
+
+ consumed = 32;
+ }
+
+ /* finalize, H *= [r^2,r] */
+ r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1];
+ r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
+ r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
+
+ p->R20.d[2] = (uint32_t)(r0)&0x3ffffff;
+ p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff;
+ p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff;
+ p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff;
+ p->R24.d[2] = (uint32_t)((r2 >> 16));
+ p->S21.d[2] = p->R21.d[2] * 5;
+ p->S22.d[2] = p->R22.d[2] * 5;
+ p->S23.d[2] = p->R23.d[2] * 5;
+ p->S24.d[2] = p->R24.d[2] * 5;
+
+ /* H *= [r^2,r] */
+ T0 = _mm_mul_epu32(H0, p->R20.v);
+ T1 = _mm_mul_epu32(H0, p->R21.v);
+ T2 = _mm_mul_epu32(H0, p->R22.v);
+ T3 = _mm_mul_epu32(H0, p->R23.v);
+ T4 = _mm_mul_epu32(H0, p->R24.v);
+ T5 = _mm_mul_epu32(H1, p->S24.v);
+ T6 = _mm_mul_epu32(H1, p->R20.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H2, p->S23.v);
+ T6 = _mm_mul_epu32(H2, p->S24.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H3, p->S22.v);
+ T6 = _mm_mul_epu32(H3, p->S23.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H4, p->S21.v);
+ T6 = _mm_mul_epu32(H4, p->S22.v);
+ T0 = _mm_add_epi64(T0, T5);
+ T1 = _mm_add_epi64(T1, T6);
+ T5 = _mm_mul_epu32(H1, p->R21.v);
+ T6 = _mm_mul_epu32(H1, p->R22.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H2, p->R20.v);
+ T6 = _mm_mul_epu32(H2, p->R21.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H3, p->S24.v);
+ T6 = _mm_mul_epu32(H3, p->R20.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H4, p->S23.v);
+ T6 = _mm_mul_epu32(H4, p->S24.v);
+ T2 = _mm_add_epi64(T2, T5);
+ T3 = _mm_add_epi64(T3, T6);
+ T5 = _mm_mul_epu32(H1, p->R23.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H2, p->R22.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H3, p->R21.v);
+ T4 = _mm_add_epi64(T4, T5);
+ T5 = _mm_mul_epu32(H4, p->R20.v);
+ T4 = _mm_add_epi64(T4, T5);
+
+ C1 = _mm_srli_epi64(T0, 26);
+ C2 = _mm_srli_epi64(T3, 26);
+ T0 = _mm_and_si128(T0, MMASK);
+ T3 = _mm_and_si128(T3, MMASK);
+ T1 = _mm_add_epi64(T1, C1);
+ T4 = _mm_add_epi64(T4, C2);
+ C1 = _mm_srli_epi64(T1, 26);
+ C2 = _mm_srli_epi64(T4, 26);
+ T1 = _mm_and_si128(T1, MMASK);
+ T4 = _mm_and_si128(T4, MMASK);
+ T2 = _mm_add_epi64(T2, C1);
+ T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE));
+ C1 = _mm_srli_epi64(T2, 26);
+ C2 = _mm_srli_epi64(T0, 26);
+ T2 = _mm_and_si128(T2, MMASK);
+ T0 = _mm_and_si128(T0, MMASK);
+ T3 = _mm_add_epi64(T3, C1);
+ T1 = _mm_add_epi64(T1, C2);
+ C1 = _mm_srli_epi64(T3, 26);
+ T3 = _mm_and_si128(T3, MMASK);
+ T4 = _mm_add_epi64(T4, C1);
+
+ /* H = H[0]+H[1] */
+ H0 = _mm_add_epi64(T0, _mm_srli_si128(T0, 8));
+ H1 = _mm_add_epi64(T1, _mm_srli_si128(T1, 8));
+ H2 = _mm_add_epi64(T2, _mm_srli_si128(T2, 8));
+ H3 = _mm_add_epi64(T3, _mm_srli_si128(T3, 8));
+ H4 = _mm_add_epi64(T4, _mm_srli_si128(T4, 8));
+
+ t0 = _mm_cvtsi128_si32(H0);
+ c = (t0 >> 26);
+ t0 &= 0x3ffffff;
+ t1 = _mm_cvtsi128_si32(H1) + c;
+ c = (t1 >> 26);
+ t1 &= 0x3ffffff;
+ t2 = _mm_cvtsi128_si32(H2) + c;
+ c = (t2 >> 26);
+ t2 &= 0x3ffffff;
+ t3 = _mm_cvtsi128_si32(H3) + c;
+ c = (t3 >> 26);
+ t3 &= 0x3ffffff;
+ t4 = _mm_cvtsi128_si32(H4) + c;
+ c = (t4 >> 26);
+ t4 &= 0x3ffffff;
+ t0 = t0 + (c * 5);
+ c = (t0 >> 26);
+ t0 &= 0x3ffffff;
+ t1 = t1 + c;
+
+ st->HH[0] = ((t0) | (t1 << 26)) & 0xfffffffffffull;
+ st->HH[1] = ((t1 >> 18) | (t2 << 8) | (t3 << 34)) & 0xfffffffffffull;
+ st->HH[2] = ((t3 >> 10) | (t4 << 16)) & 0x3ffffffffffull;
+
+ return consumed;
+}
+
+void
+Poly1305Update(poly1305_state *state, const unsigned char *m, size_t bytes)
+{
+ poly1305_state_internal *st = poly1305_aligned_state(state);
+ size_t want;
+
+ /* need at least 32 initial bytes to start the accelerated branch */
+ if (!st->started) {
+ if ((st->leftover == 0) && (bytes > 32)) {
+ poly1305_first_block(st, m);
+ m += 32;
+ bytes -= 32;
+ } else {
+ want = poly1305_min(32 - st->leftover, bytes);
+ poly1305_block_copy(st->buffer + st->leftover, m, want);
+ bytes -= want;
+ m += want;
+ st->leftover += want;
+ if ((st->leftover < 32) || (bytes == 0))
+ return;
+ poly1305_first_block(st, st->buffer);
+ st->leftover = 0;
+ }
+ st->started = 1;
+ }
+
+ /* handle leftover */
+ if (st->leftover) {
+ want = poly1305_min(64 - st->leftover, bytes);
+ poly1305_block_copy(st->buffer + st->leftover, m, want);
+ bytes -= want;
+ m += want;
+ st->leftover += want;
+ if (st->leftover < 64)
+ return;
+ poly1305_blocks(st, st->buffer, 64);
+ st->leftover = 0;
+ }
+
+ /* process 64 byte blocks */
+ if (bytes >= 64) {
+ want = (bytes & ~63);
+ poly1305_blocks(st, m, want);
+ m += want;
+ bytes -= want;
+ }
+
+ if (bytes) {
+ poly1305_block_copy(st->buffer + st->leftover, m, bytes);
+ st->leftover += bytes;
+ }
+}
+
+void
+Poly1305Finish(poly1305_state *state, unsigned char mac[16])
+{
+ poly1305_state_internal *st = poly1305_aligned_state(state);
+ size_t leftover = st->leftover;
+ uint8_t *m = st->buffer;
+ uint128_t d[3];
+ uint64_t h0, h1, h2;
+ uint64_t t0, t1;
+ uint64_t g0, g1, g2, c, nc;
+ uint64_t r0, r1, r2, s1, s2;
+ poly1305_power *p;
+
+ if (st->started) {
+ size_t consumed = poly1305_combine(st, m, leftover);
+ leftover -= consumed;
+ m += consumed;
+ }
+
+ /* st->HH will either be 0 or have the combined result */
+ h0 = st->HH[0];
+ h1 = st->HH[1];
+ h2 = st->HH[2];
+
+ p = &st->P[1];
+ r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1];
+ r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
+ r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
+ s1 = r1 * (5 << 2);
+ s2 = r2 * (5 << 2);
+
+ if (leftover < 16)
+ goto poly1305_donna_atmost15bytes;
+
+poly1305_donna_atleast16bytes:
+ t0 = U8TO64_LE(m + 0);
+ t1 = U8TO64_LE(m + 8);
+ h0 += t0 & 0xfffffffffff;
+ t0 = shr128_pair(t1, t0, 44);
+ h1 += t0 & 0xfffffffffff;
+ h2 += (t1 >> 24) | ((uint64_t)1 << 40);
+
+poly1305_donna_mul:
+ d[0] = add128(add128(mul64x64_128(h0, r0), mul64x64_128(h1, s2)), mul64x64_128(h2, s1));
+ d[1] = add128(add128(mul64x64_128(h0, r1), mul64x64_128(h1, r0)), mul64x64_128(h2, s2));
+ d[2] = add128(add128(mul64x64_128(h0, r2), mul64x64_128(h1, r1)), mul64x64_128(h2, r0));
+ h0 = lo128(d[0]) & 0xfffffffffff;
+ c = shr128(d[0], 44);
+ d[1] = add128_64(d[1], c);
+ h1 = lo128(d[1]) & 0xfffffffffff;
+ c = shr128(d[1], 44);
+ d[2] = add128_64(d[2], c);
+ h2 = lo128(d[2]) & 0x3ffffffffff;
+ c = shr128(d[2], 42);
+ h0 += c * 5;
+
+ m += 16;
+ leftover -= 16;
+ if (leftover >= 16)
+ goto poly1305_donna_atleast16bytes;
+
+/* final bytes */
+poly1305_donna_atmost15bytes:
+ if (!leftover)
+ goto poly1305_donna_finish;
+
+ m[leftover++] = 1;
+ poly1305_block_zero(m + leftover, 16 - leftover);
+ leftover = 16;
+
+ t0 = U8TO64_LE(m + 0);
+ t1 = U8TO64_LE(m + 8);
+ h0 += t0 & 0xfffffffffff;
+ t0 = shr128_pair(t1, t0, 44);
+ h1 += t0 & 0xfffffffffff;
+ h2 += (t1 >> 24);
+
+ goto poly1305_donna_mul;
+
+poly1305_donna_finish:
+ c = (h0 >> 44);
+ h0 &= 0xfffffffffff;
+ h1 += c;
+ c = (h1 >> 44);
+ h1 &= 0xfffffffffff;
+ h2 += c;
+ c = (h2 >> 42);
+ h2 &= 0x3ffffffffff;
+ h0 += c * 5;
+
+ g0 = h0 + 5;
+ c = (g0 >> 44);
+ g0 &= 0xfffffffffff;
+ g1 = h1 + c;
+ c = (g1 >> 44);
+ g1 &= 0xfffffffffff;
+ g2 = h2 + c - ((uint64_t)1 << 42);
+
+ c = (g2 >> 63) - 1;
+ nc = ~c;
+ h0 = (h0 & nc) | (g0 & c);
+ h1 = (h1 & nc) | (g1 & c);
+ h2 = (h2 & nc) | (g2 & c);
+
+ /* pad */
+ t0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1];
+ t1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1];
+ h0 += (t0 & 0xfffffffffff);
+ c = (h0 >> 44);
+ h0 &= 0xfffffffffff;
+ t0 = shr128_pair(t1, t0, 44);
+ h1 += (t0 & 0xfffffffffff) + c;
+ c = (h1 >> 44);
+ h1 &= 0xfffffffffff;
+ t1 = (t1 >> 24);
+ h2 += (t1) + c;
+
+ U64TO8_LE(mac + 0, ((h0) | (h1 << 44)));
+ U64TO8_LE(mac + 8, ((h1 >> 20) | (h2 << 24)));
+}
diff --git a/security/nss/lib/freebl/poly1305.c b/security/nss/lib/freebl/poly1305.c
new file mode 100644
index 000000000..eb3e3cd55
--- /dev/null
+++ b/security/nss/lib/freebl/poly1305.c
@@ -0,0 +1,314 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This implementation of poly1305 is by Andrew Moon
+ * (https://github.com/floodyberry/poly1305-donna) and released as public
+ * domain. */
+
+#include <string.h>
+
+#include "poly1305.h"
+
+#if defined(_MSC_VER) && _MSC_VER < 1600
+#include "prtypes.h"
+typedef PRUint32 uint32_t;
+typedef PRUint64 uint64_t;
+#else
+#include <stdint.h>
+#endif
+
+#if defined(NSS_X86) || defined(NSS_X64)
+/* We can assume little-endian. */
+static uint32_t
+U8TO32_LE(const unsigned char *m)
+{
+ uint32_t r;
+ memcpy(&r, m, sizeof(r));
+ return r;
+}
+
+static void
+U32TO8_LE(unsigned char *m, uint32_t v)
+{
+ memcpy(m, &v, sizeof(v));
+}
+#else
+static uint32_t
+U8TO32_LE(const unsigned char *m)
+{
+ return (uint32_t)m[0] |
+ (uint32_t)m[1] << 8 |
+ (uint32_t)m[2] << 16 |
+ (uint32_t)m[3] << 24;
+}
+
+static void
+U32TO8_LE(unsigned char *m, uint32_t v)
+{
+ m[0] = v;
+ m[1] = v >> 8;
+ m[2] = v >> 16;
+ m[3] = v >> 24;
+}
+#endif
+
+static uint64_t
+mul32x32_64(uint32_t a, uint32_t b)
+{
+ return (uint64_t)a * b;
+}
+
+struct poly1305_state_st {
+ uint32_t r0, r1, r2, r3, r4;
+ uint32_t s1, s2, s3, s4;
+ uint32_t h0, h1, h2, h3, h4;
+ unsigned char buf[16];
+ unsigned int buf_used;
+ unsigned char key[16];
+};
+
+/* update updates |state| given some amount of input data. This function may
+ * only be called with a |len| that is not a multiple of 16 at the end of the
+ * data. Otherwise the input must be buffered into 16 byte blocks. */
+static void
+update(struct poly1305_state_st *state, const unsigned char *in,
+ size_t len)
+{
+ uint32_t t0, t1, t2, t3;
+ uint64_t t[5];
+ uint32_t b;
+ uint64_t c;
+ size_t j;
+ unsigned char mp[16];
+
+ if (len < 16)
+ goto poly1305_donna_atmost15bytes;
+
+poly1305_donna_16bytes:
+ t0 = U8TO32_LE(in);
+ t1 = U8TO32_LE(in + 4);
+ t2 = U8TO32_LE(in + 8);
+ t3 = U8TO32_LE(in + 12);
+
+ in += 16;
+ len -= 16;
+
+ state->h0 += t0 & 0x3ffffff;
+ state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff;
+ state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff;
+ state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff;
+ state->h4 += (t3 >> 8) | (1 << 24);
+
+poly1305_donna_mul:
+ t[0] = mul32x32_64(state->h0, state->r0) +
+ mul32x32_64(state->h1, state->s4) +
+ mul32x32_64(state->h2, state->s3) +
+ mul32x32_64(state->h3, state->s2) +
+ mul32x32_64(state->h4, state->s1);
+ t[1] = mul32x32_64(state->h0, state->r1) +
+ mul32x32_64(state->h1, state->r0) +
+ mul32x32_64(state->h2, state->s4) +
+ mul32x32_64(state->h3, state->s3) +
+ mul32x32_64(state->h4, state->s2);
+ t[2] = mul32x32_64(state->h0, state->r2) +
+ mul32x32_64(state->h1, state->r1) +
+ mul32x32_64(state->h2, state->r0) +
+ mul32x32_64(state->h3, state->s4) +
+ mul32x32_64(state->h4, state->s3);
+ t[3] = mul32x32_64(state->h0, state->r3) +
+ mul32x32_64(state->h1, state->r2) +
+ mul32x32_64(state->h2, state->r1) +
+ mul32x32_64(state->h3, state->r0) +
+ mul32x32_64(state->h4, state->s4);
+ t[4] = mul32x32_64(state->h0, state->r4) +
+ mul32x32_64(state->h1, state->r3) +
+ mul32x32_64(state->h2, state->r2) +
+ mul32x32_64(state->h3, state->r1) +
+ mul32x32_64(state->h4, state->r0);
+
+ state->h0 = (uint32_t)t[0] & 0x3ffffff;
+ c = (t[0] >> 26);
+ t[1] += c;
+ state->h1 = (uint32_t)t[1] & 0x3ffffff;
+ b = (uint32_t)(t[1] >> 26);
+ t[2] += b;
+ state->h2 = (uint32_t)t[2] & 0x3ffffff;
+ b = (uint32_t)(t[2] >> 26);
+ t[3] += b;
+ state->h3 = (uint32_t)t[3] & 0x3ffffff;
+ b = (uint32_t)(t[3] >> 26);
+ t[4] += b;
+ state->h4 = (uint32_t)t[4] & 0x3ffffff;
+ b = (uint32_t)(t[4] >> 26);
+ state->h0 += b * 5;
+
+ if (len >= 16)
+ goto poly1305_donna_16bytes;
+
+/* final bytes */
+poly1305_donna_atmost15bytes:
+ if (!len)
+ return;
+
+ for (j = 0; j < len; j++)
+ mp[j] = in[j];
+ mp[j++] = 1;
+ for (; j < 16; j++)
+ mp[j] = 0;
+ len = 0;
+
+ t0 = U8TO32_LE(mp + 0);
+ t1 = U8TO32_LE(mp + 4);
+ t2 = U8TO32_LE(mp + 8);
+ t3 = U8TO32_LE(mp + 12);
+
+ state->h0 += t0 & 0x3ffffff;
+ state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff;
+ state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff;
+ state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff;
+ state->h4 += (t3 >> 8);
+
+ goto poly1305_donna_mul;
+}
+
+void
+Poly1305Init(poly1305_state *statep, const unsigned char key[32])
+{
+ struct poly1305_state_st *state = (struct poly1305_state_st *)statep;
+ uint32_t t0, t1, t2, t3;
+
+ t0 = U8TO32_LE(key + 0);
+ t1 = U8TO32_LE(key + 4);
+ t2 = U8TO32_LE(key + 8);
+ t3 = U8TO32_LE(key + 12);
+
+ /* precompute multipliers */
+ state->r0 = t0 & 0x3ffffff;
+ t0 >>= 26;
+ t0 |= t1 << 6;
+ state->r1 = t0 & 0x3ffff03;
+ t1 >>= 20;
+ t1 |= t2 << 12;
+ state->r2 = t1 & 0x3ffc0ff;
+ t2 >>= 14;
+ t2 |= t3 << 18;
+ state->r3 = t2 & 0x3f03fff;
+ t3 >>= 8;
+ state->r4 = t3 & 0x00fffff;
+
+ state->s1 = state->r1 * 5;
+ state->s2 = state->r2 * 5;
+ state->s3 = state->r3 * 5;
+ state->s4 = state->r4 * 5;
+
+ /* init state */
+ state->h0 = 0;
+ state->h1 = 0;
+ state->h2 = 0;
+ state->h3 = 0;
+ state->h4 = 0;
+
+ state->buf_used = 0;
+ memcpy(state->key, key + 16, sizeof(state->key));
+}
+
+void
+Poly1305Update(poly1305_state *statep, const unsigned char *in,
+ size_t in_len)
+{
+ unsigned int i;
+ struct poly1305_state_st *state = (struct poly1305_state_st *)statep;
+
+ if (state->buf_used) {
+ unsigned int todo = 16 - state->buf_used;
+ if (todo > in_len)
+ todo = in_len;
+ for (i = 0; i < todo; i++)
+ state->buf[state->buf_used + i] = in[i];
+ state->buf_used += todo;
+ in_len -= todo;
+ in += todo;
+
+ if (state->buf_used == 16) {
+ update(state, state->buf, 16);
+ state->buf_used = 0;
+ }
+ }
+
+ if (in_len >= 16) {
+ size_t todo = in_len & ~0xf;
+ update(state, in, todo);
+ in += todo;
+ in_len &= 0xf;
+ }
+
+ if (in_len) {
+ for (i = 0; i < in_len; i++)
+ state->buf[i] = in[i];
+ state->buf_used = in_len;
+ }
+}
+
+void
+Poly1305Finish(poly1305_state *statep, unsigned char mac[16])
+{
+ struct poly1305_state_st *state = (struct poly1305_state_st *)statep;
+ uint64_t f0, f1, f2, f3;
+ uint32_t g0, g1, g2, g3, g4;
+ uint32_t b, nb;
+
+ if (state->buf_used)
+ update(state, state->buf, state->buf_used);
+
+ b = state->h0 >> 26;
+ state->h0 = state->h0 & 0x3ffffff;
+ state->h1 += b;
+ b = state->h1 >> 26;
+ state->h1 = state->h1 & 0x3ffffff;
+ state->h2 += b;
+ b = state->h2 >> 26;
+ state->h2 = state->h2 & 0x3ffffff;
+ state->h3 += b;
+ b = state->h3 >> 26;
+ state->h3 = state->h3 & 0x3ffffff;
+ state->h4 += b;
+ b = state->h4 >> 26;
+ state->h4 = state->h4 & 0x3ffffff;
+ state->h0 += b * 5;
+
+ g0 = state->h0 + 5;
+ b = g0 >> 26;
+ g0 &= 0x3ffffff;
+ g1 = state->h1 + b;
+ b = g1 >> 26;
+ g1 &= 0x3ffffff;
+ g2 = state->h2 + b;
+ b = g2 >> 26;
+ g2 &= 0x3ffffff;
+ g3 = state->h3 + b;
+ b = g3 >> 26;
+ g3 &= 0x3ffffff;
+ g4 = state->h4 + b - (1 << 26);
+
+ b = (g4 >> 31) - 1;
+ nb = ~b;
+ state->h0 = (state->h0 & nb) | (g0 & b);
+ state->h1 = (state->h1 & nb) | (g1 & b);
+ state->h2 = (state->h2 & nb) | (g2 & b);
+ state->h3 = (state->h3 & nb) | (g3 & b);
+ state->h4 = (state->h4 & nb) | (g4 & b);
+
+ f0 = ((state->h0) | (state->h1 << 26)) + (uint64_t)U8TO32_LE(&state->key[0]);
+ f1 = ((state->h1 >> 6) | (state->h2 << 20)) + (uint64_t)U8TO32_LE(&state->key[4]);
+ f2 = ((state->h2 >> 12) | (state->h3 << 14)) + (uint64_t)U8TO32_LE(&state->key[8]);
+ f3 = ((state->h3 >> 18) | (state->h4 << 8)) + (uint64_t)U8TO32_LE(&state->key[12]);
+
+ U32TO8_LE(&mac[0], (uint32_t)f0);
+ f1 += (f0 >> 32);
+ U32TO8_LE(&mac[4], (uint32_t)f1);
+ f2 += (f1 >> 32);
+ U32TO8_LE(&mac[8], (uint32_t)f2);
+ f3 += (f2 >> 32);
+ U32TO8_LE(&mac[12], (uint32_t)f3);
+}
diff --git a/security/nss/lib/freebl/poly1305.h b/security/nss/lib/freebl/poly1305.h
new file mode 100644
index 000000000..0a463483f
--- /dev/null
+++ b/security/nss/lib/freebl/poly1305.h
@@ -0,0 +1,28 @@
+/*
+ * poly1305.h - header file for Poly1305 implementation.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef FREEBL_POLY1305_H_
+#define FREEBL_POLY1305_H_
+
+typedef unsigned char poly1305_state[512];
+
+/* Poly1305Init sets up |state| so that it can be used to calculate an
+ * authentication tag with the one-time key |key|. Note that |key| is a
+ * one-time key and therefore there is no `reset' method because that would
+ * enable several messages to be authenticated with the same key. */
+extern void Poly1305Init(poly1305_state* state, const unsigned char key[32]);
+
+/* Poly1305Update processes |in_len| bytes from |in|. It can be called zero or
+ * more times after poly1305_init. */
+extern void Poly1305Update(poly1305_state* state, const unsigned char* in,
+ size_t inLen);
+
+/* Poly1305Finish completes the poly1305 calculation and writes a 16 byte
+ * authentication tag to |mac|. */
+extern void Poly1305Finish(poly1305_state* state, unsigned char mac[16]);
+
+#endif /* FREEBL_POLY1305_H_ */
diff --git a/security/nss/lib/freebl/pqg.c b/security/nss/lib/freebl/pqg.c
new file mode 100644
index 000000000..2f24afd24
--- /dev/null
+++ b/security/nss/lib/freebl/pqg.c
@@ -0,0 +1,1878 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * PQG parameter generation/verification. Based on FIPS 186-3.
+ */
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerr.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "blapi.h"
+#include "secitem.h"
+#include "mpi.h"
+#include "mpprime.h"
+#include "mplogic.h"
+#include "secmpi.h"
+
+#define MAX_ITERATIONS 1000 /* Maximum number of iterations of primegen */
+
+typedef enum {
+ FIPS186_1_TYPE, /* Probablistic */
+ FIPS186_3_TYPE, /* Probablistic */
+ FIPS186_3_ST_TYPE /* Shawe-Taylor provable */
+} pqgGenType;
+
+/*
+ * These test iterations are quite a bit larger than we previously had.
+ * This is because FIPS 186-3 is worried about the primes in PQG generation.
+ * It may be possible to purposefully construct composites which more
+ * iterations of Miller-Rabin than the for your normal randomly selected
+ * numbers.There are 3 ways to counter this: 1) use one of the cool provably
+ * prime algorithms (which would require a lot more work than DSA-2 deservers.
+ * 2) add a Lucas primality test (which requires coding a Lucas primality test,
+ * or 3) use a larger M-R test count. I chose the latter. It increases the time
+ * that it takes to prove the selected prime, but it shouldn't increase the
+ * overall time to run the algorithm (non-primes should still faile M-R
+ * realively quickly). If you want to get that last bit of performance,
+ * implement Lucas and adjust these two functions. See FIPS 186-3 Appendix C
+ * and F for more information.
+ */
+static int
+prime_testcount_p(int L, int N)
+{
+ switch (L) {
+ case 1024:
+ return 40;
+ case 2048:
+ return 56;
+ case 3072:
+ return 64;
+ default:
+ break;
+ }
+ return 50; /* L = 512-960 */
+}
+
+/* The q numbers are different if you run M-R followd by Lucas. I created
+ * a separate function so if someone wanted to add the Lucas check, they
+ * could do so fairly easily */
+static int
+prime_testcount_q(int L, int N)
+{
+ return prime_testcount_p(L, N);
+}
+
+/*
+ * generic function to make sure our input matches DSA2 requirements
+ * this gives us one place to go if we need to bump the requirements in the
+ * future.
+ */
+static SECStatus
+pqg_validate_dsa2(unsigned int L, unsigned int N)
+{
+
+ switch (L) {
+ case 1024:
+ if (N != DSA1_Q_BITS) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ break;
+ case 2048:
+ if ((N != 224) && (N != 256)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ break;
+ case 3072:
+ if (N != 256) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static unsigned int
+pqg_get_default_N(unsigned int L)
+{
+ unsigned int N = 0;
+ switch (L) {
+ case 1024:
+ N = DSA1_Q_BITS;
+ break;
+ case 2048:
+ N = 224;
+ break;
+ case 3072:
+ N = 256;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ break; /* N already set to zero */
+ }
+ return N;
+}
+
+/*
+ * Select the lowest hash algorithm usable
+ */
+static HASH_HashType
+getFirstHash(unsigned int L, unsigned int N)
+{
+ if (N < 224) {
+ return HASH_AlgSHA1;
+ }
+ if (N < 256) {
+ return HASH_AlgSHA224;
+ }
+ if (N < 384) {
+ return HASH_AlgSHA256;
+ }
+ if (N < 512) {
+ return HASH_AlgSHA384;
+ }
+ return HASH_AlgSHA512;
+}
+
+/*
+ * find the next usable hash algorthim
+ */
+static HASH_HashType
+getNextHash(HASH_HashType hashtype)
+{
+ switch (hashtype) {
+ case HASH_AlgSHA1:
+ hashtype = HASH_AlgSHA224;
+ break;
+ case HASH_AlgSHA224:
+ hashtype = HASH_AlgSHA256;
+ break;
+ case HASH_AlgSHA256:
+ hashtype = HASH_AlgSHA384;
+ break;
+ case HASH_AlgSHA384:
+ hashtype = HASH_AlgSHA512;
+ break;
+ case HASH_AlgSHA512:
+ default:
+ hashtype = HASH_AlgTOTAL;
+ break;
+ }
+ return hashtype;
+}
+
+static unsigned int
+HASH_ResultLen(HASH_HashType type)
+{
+ const SECHashObject *hash_obj = HASH_GetRawHashObject(type);
+ PORT_Assert(hash_obj != NULL);
+ if (hash_obj == NULL) {
+ /* type is always a valid HashType. Thus a null hash_obj must be a bug */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return 0;
+ }
+ PORT_Assert(hash_obj->length != 0);
+ return hash_obj->length;
+}
+
+static SECStatus
+HASH_HashBuf(HASH_HashType type, unsigned char *dest,
+ const unsigned char *src, PRUint32 src_len)
+{
+ const SECHashObject *hash_obj = HASH_GetRawHashObject(type);
+ void *hashcx = NULL;
+ unsigned int dummy;
+
+ if (hash_obj == NULL) {
+ return SECFailure;
+ }
+
+ hashcx = hash_obj->create();
+ if (hashcx == NULL) {
+ return SECFailure;
+ }
+ hash_obj->begin(hashcx);
+ hash_obj->update(hashcx, src, src_len);
+ hash_obj->end(hashcx, dest, &dummy, hash_obj->length);
+ hash_obj->destroy(hashcx, PR_TRUE);
+ return SECSuccess;
+}
+
+unsigned int
+PQG_GetLength(const SECItem *obj)
+{
+ unsigned int len = obj->len;
+
+ if (obj->data == NULL) {
+ return 0;
+ }
+ if (len > 1 && obj->data[0] == 0) {
+ len--;
+ }
+ return len;
+}
+
+SECStatus
+PQG_Check(const PQGParams *params)
+{
+ unsigned int L, N;
+ SECStatus rv = SECSuccess;
+
+ if (params == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ L = PQG_GetLength(&params->prime) * PR_BITS_PER_BYTE;
+ N = PQG_GetLength(&params->subPrime) * PR_BITS_PER_BYTE;
+
+ if (L < 1024) {
+ int j;
+
+ /* handle DSA1 pqg parameters with less thatn 1024 bits*/
+ if (N != DSA1_Q_BITS) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ j = PQG_PBITS_TO_INDEX(L);
+ if (j < 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ } else {
+ /* handle DSA2 parameters (includes DSA1, 1024 bits) */
+ rv = pqg_validate_dsa2(L, N);
+ }
+ return rv;
+}
+
+HASH_HashType
+PQG_GetHashType(const PQGParams *params)
+{
+ unsigned int L, N;
+
+ if (params == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return HASH_AlgNULL;
+ }
+
+ L = PQG_GetLength(&params->prime) * PR_BITS_PER_BYTE;
+ N = PQG_GetLength(&params->subPrime) * PR_BITS_PER_BYTE;
+ return getFirstHash(L, N);
+}
+
+/* Get a seed for generating P and Q. If in testing mode, copy in the
+** seed from FIPS 186-1 appendix 5. Otherwise, obtain bytes from the
+** global random number generator.
+*/
+static SECStatus
+getPQseed(SECItem *seed, PLArenaPool *arena)
+{
+ SECStatus rv;
+
+ if (!seed->data) {
+ seed->data = (unsigned char *)PORT_ArenaZAlloc(arena, seed->len);
+ }
+ if (!seed->data) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = RNG_GenerateGlobalRandomBytes(seed->data, seed->len);
+ /*
+ * NIST CMVP disallows a sequence of 20 bytes with the most
+ * significant byte equal to 0. Perhaps they interpret
+ * "a sequence of at least 160 bits" as "a number >= 2^159".
+ * So we always set the most significant bit to 1. (bug 334533)
+ */
+ seed->data[0] |= 0x80;
+ return rv;
+}
+
+/* Generate a candidate h value. If in testing mode, use the h value
+** specified in FIPS 186-1 appendix 5, h = 2. Otherwise, obtain bytes
+** from the global random number generator.
+*/
+static SECStatus
+generate_h_candidate(SECItem *hit, mp_int *H)
+{
+ SECStatus rv = SECSuccess;
+ mp_err err = MP_OKAY;
+#ifdef FIPS_186_1_A5_TEST
+ memset(hit->data, 0, hit->len);
+ hit->data[hit->len - 1] = 0x02;
+#else
+ rv = RNG_GenerateGlobalRandomBytes(hit->data, hit->len);
+#endif
+ if (rv)
+ return SECFailure;
+ err = mp_read_unsigned_octets(H, hit->data, hit->len);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+addToSeed(const SECItem *seed,
+ unsigned long addend,
+ int seedlen, /* g in 186-1 */
+ SECItem *seedout)
+{
+ mp_int s, sum, modulus, tmp;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ MP_DIGITS(&s) = 0;
+ MP_DIGITS(&sum) = 0;
+ MP_DIGITS(&modulus) = 0;
+ MP_DIGITS(&tmp) = 0;
+ CHECK_MPI_OK(mp_init(&s));
+ CHECK_MPI_OK(mp_init(&sum));
+ CHECK_MPI_OK(mp_init(&modulus));
+ SECITEM_TO_MPINT(*seed, &s); /* s = seed */
+ /* seed += addend */
+ if (addend < MP_DIGIT_MAX) {
+ CHECK_MPI_OK(mp_add_d(&s, (mp_digit)addend, &s));
+ } else {
+ CHECK_MPI_OK(mp_init(&tmp));
+ CHECK_MPI_OK(mp_set_ulong(&tmp, addend));
+ CHECK_MPI_OK(mp_add(&s, &tmp, &s));
+ }
+ /*sum = s mod 2**seedlen */
+ CHECK_MPI_OK(mp_div_2d(&s, (mp_digit)seedlen, NULL, &sum));
+ if (seedout->data != NULL) {
+ SECITEM_ZfreeItem(seedout, PR_FALSE);
+ }
+ MPINT_TO_SECITEM(&sum, seedout, NULL);
+cleanup:
+ mp_clear(&s);
+ mp_clear(&sum);
+ mp_clear(&modulus);
+ mp_clear(&tmp);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return rv;
+}
+
+/* Compute Hash[(SEED + addend) mod 2**g]
+** Result is placed in shaOutBuf.
+** This computation is used in steps 2 and 7 of FIPS 186 Appendix 2.2 and
+** step 11.2 of FIPS 186-3 Appendix A.1.1.2 .
+*/
+static SECStatus
+addToSeedThenHash(HASH_HashType hashtype,
+ const SECItem *seed,
+ unsigned long addend,
+ int seedlen, /* g in 186-1 */
+ unsigned char *hashOutBuf)
+{
+ SECItem str = { 0, 0, 0 };
+ SECStatus rv;
+ rv = addToSeed(seed, addend, seedlen, &str);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ rv = HASH_HashBuf(hashtype, hashOutBuf, str.data, str.len); /* hash result */
+ if (str.data)
+ SECITEM_ZfreeItem(&str, PR_FALSE);
+ return rv;
+}
+
+/*
+** Perform steps 2 and 3 of FIPS 186-1, appendix 2.2.
+** Generate Q from seed.
+*/
+static SECStatus
+makeQfromSeed(
+ unsigned int g, /* input. Length of seed in bits. */
+ const SECItem *seed, /* input. */
+ mp_int *Q) /* output. */
+{
+ unsigned char sha1[SHA1_LENGTH];
+ unsigned char sha2[SHA1_LENGTH];
+ unsigned char U[SHA1_LENGTH];
+ SECStatus rv = SECSuccess;
+ mp_err err = MP_OKAY;
+ int i;
+ /* ******************************************************************
+ ** Step 2.
+ ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
+ **/
+ CHECK_SEC_OK(SHA1_HashBuf(sha1, seed->data, seed->len));
+ CHECK_SEC_OK(addToSeedThenHash(HASH_AlgSHA1, seed, 1, g, sha2));
+ for (i = 0; i < SHA1_LENGTH; ++i)
+ U[i] = sha1[i] ^ sha2[i];
+ /* ******************************************************************
+ ** Step 3.
+ ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
+ ** and the least signficant bit to 1. In terms of boolean operations,
+ ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160."
+ */
+ U[0] |= 0x80; /* U is MSB first */
+ U[SHA1_LENGTH - 1] |= 0x01;
+ err = mp_read_unsigned_octets(Q, U, SHA1_LENGTH);
+cleanup:
+ memset(U, 0, SHA1_LENGTH);
+ memset(sha1, 0, SHA1_LENGTH);
+ memset(sha2, 0, SHA1_LENGTH);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return rv;
+}
+
+/*
+** Perform steps 6 and 7 of FIPS 186-3, appendix A.1.1.2.
+** Generate Q from seed.
+*/
+static SECStatus
+makeQ2fromSeed(
+ HASH_HashType hashtype, /* selected Hashing algorithm */
+ unsigned int N, /* input. Length of q in bits. */
+ const SECItem *seed, /* input. */
+ mp_int *Q) /* output. */
+{
+ unsigned char U[HASH_LENGTH_MAX];
+ SECStatus rv = SECSuccess;
+ mp_err err = MP_OKAY;
+ int N_bytes = N / PR_BITS_PER_BYTE; /* length of N in bytes rather than bits */
+ int hashLen = HASH_ResultLen(hashtype);
+ int offset = 0;
+
+ /* ******************************************************************
+ ** Step 6.
+ ** "Compute U = hash[SEED] mod 2**N-1]."
+ **/
+ CHECK_SEC_OK(HASH_HashBuf(hashtype, U, seed->data, seed->len));
+ /* mod 2**N . Step 7 will explicitly set the top bit to 1, so no need
+ * to handle mod 2**N-1 */
+ if (hashLen > N_bytes) {
+ offset = hashLen - N_bytes;
+ }
+ /* ******************************************************************
+ ** Step 7.
+ ** computed_q = 2**(N-1) + U + 1 - (U mod 2)
+ **
+ ** This is the same as:
+ ** computed_q = 2**(N-1) | U | 1;
+ */
+ U[offset] |= 0x80; /* U is MSB first */
+ U[hashLen - 1] |= 0x01;
+ err = mp_read_unsigned_octets(Q, &U[offset], N_bytes);
+cleanup:
+ memset(U, 0, HASH_LENGTH_MAX);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return rv;
+}
+
+/*
+** Perform steps from FIPS 186-3, Appendix A.1.2.1 and Appendix C.6
+**
+** This generates a provable prime from two smaller prime. The resulting
+** prime p will have q0 as a multiple of p-1. q0 can be 1.
+**
+** This implments steps 4 thorough 22 of FIPS 186-3 A.1.2.1 and
+** steps 16 through 34 of FIPS 186-2 C.6
+*/
+#define MAX_ST_SEED_BITS (HASH_LENGTH_MAX * PR_BITS_PER_BYTE)
+static SECStatus
+makePrimefromPrimesShaweTaylor(
+ HASH_HashType hashtype, /* selected Hashing algorithm */
+ unsigned int length, /* input. Length of prime in bits. */
+ mp_int *c0, /* seed prime */
+ mp_int *q, /* sub prime, can be 1 */
+ mp_int *prime, /* output. */
+ SECItem *prime_seed, /* input/output. */
+ unsigned int *prime_gen_counter) /* input/output. */
+{
+ mp_int c;
+ mp_int c0_2;
+ mp_int t;
+ mp_int a;
+ mp_int z;
+ mp_int two_length_minus_1;
+ SECStatus rv = SECFailure;
+ int hashlen = HASH_ResultLen(hashtype);
+ int outlen = hashlen * PR_BITS_PER_BYTE;
+ int offset;
+ unsigned char bit, mask;
+ /* x needs to hold roundup(L/outlen)*outlen.
+ * This can be no larger than L+outlen-1, So we set it's size to
+ * our max L + max outlen and know we are safe */
+ unsigned char x[DSA_MAX_P_BITS / 8 + HASH_LENGTH_MAX];
+ mp_err err = MP_OKAY;
+ int i;
+ int iterations;
+ int old_counter;
+
+ MP_DIGITS(&c) = 0;
+ MP_DIGITS(&c0_2) = 0;
+ MP_DIGITS(&t) = 0;
+ MP_DIGITS(&a) = 0;
+ MP_DIGITS(&z) = 0;
+ MP_DIGITS(&two_length_minus_1) = 0;
+ CHECK_MPI_OK(mp_init(&c));
+ CHECK_MPI_OK(mp_init(&c0_2));
+ CHECK_MPI_OK(mp_init(&t));
+ CHECK_MPI_OK(mp_init(&a));
+ CHECK_MPI_OK(mp_init(&z));
+ CHECK_MPI_OK(mp_init(&two_length_minus_1));
+
+ /*
+ ** There is a slight mapping of variable names depending on which
+ ** FIPS 186 steps are being carried out. The mapping is as follows:
+ ** variable A.1.2.1 C.6
+ ** c0 p0 c0
+ ** q q 1
+ ** c p c
+ ** c0_2 2*p0*q 2*c0
+ ** length L length
+ ** prime_seed pseed prime_seed
+ ** prime_gen_counter pgen_counter prime_gen_counter
+ **
+ ** Also note: or iterations variable is actually iterations+1, since
+ ** iterations+1 works better in C.
+ */
+
+ /* Step 4/16 iterations = ceiling(length/outlen)-1 */
+ iterations = (length + outlen - 1) / outlen; /* NOTE: iterations +1 */
+ /* Step 5/17 old_counter = prime_gen_counter */
+ old_counter = *prime_gen_counter;
+ /*
+ ** Comment: Generate a pseudorandom integer x in the interval
+ ** [2**(lenght-1), 2**length].
+ **
+ ** Step 6/18 x = 0
+ */
+ PORT_Memset(x, 0, sizeof(x));
+ /*
+ ** Step 7/19 for i = 0 to iterations do
+ ** x = x + (HASH(prime_seed + i) * 2^(i*outlen))
+ */
+ for (i = 0; i < iterations; i++) {
+ /* is bigger than prime_seed should get to */
+ CHECK_SEC_OK(addToSeedThenHash(hashtype, prime_seed, i,
+ MAX_ST_SEED_BITS, &x[(iterations - i - 1) * hashlen]));
+ }
+ /* Step 8/20 prime_seed = prime_seed + iterations + 1 */
+ CHECK_SEC_OK(addToSeed(prime_seed, iterations, MAX_ST_SEED_BITS,
+ prime_seed));
+ /*
+ ** Step 9/21 x = 2 ** (length-1) + x mod 2 ** (length-1)
+ **
+ ** This step mathematically sets the high bit and clears out
+ ** all the other bits higher than length. 'x' is stored
+ ** in the x array, MSB first. The above formula gives us an 'x'
+ ** which is length bytes long and has the high bit set. We also know
+ ** that length <= iterations*outlen since
+ ** iterations=ceiling(length/outlen). First we find the offset in
+ ** bytes into the array where the high bit is.
+ */
+ offset = (outlen * iterations - length) / PR_BITS_PER_BYTE;
+ /* now we want to set the 'high bit', since length may not be a
+ * multiple of 8,*/
+ bit = 1 << ((length - 1) & 0x7); /* select the proper bit in the byte */
+ /* we need to zero out the rest of the bits in the byte above */
+ mask = (bit - 1);
+ /* now we set it */
+ x[offset] = (mask & x[offset]) | bit;
+ /*
+ ** Comment: Generate a candidate prime c in the interval
+ ** [2**(lenght-1), 2**length].
+ **
+ ** Step 10 t = ceiling(x/(2q(p0)))
+ ** Step 22 t = ceiling(x/(2(c0)))
+ */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&t, &x[offset],
+ hashlen * iterations - offset)); /* t = x */
+ CHECK_MPI_OK(mp_mul(c0, q, &c0_2)); /* c0_2 is now c0*q */
+ CHECK_MPI_OK(mp_add(&c0_2, &c0_2, &c0_2)); /* c0_2 is now 2*q*c0 */
+ CHECK_MPI_OK(mp_add(&t, &c0_2, &t)); /* t = x+2*q*c0 */
+ CHECK_MPI_OK(mp_sub_d(&t, (mp_digit)1, &t)); /* t = x+2*q*c0 -1 */
+ /* t = floor((x+2qc0-1)/2qc0) = ceil(x/2qc0) */
+ CHECK_MPI_OK(mp_div(&t, &c0_2, &t, NULL));
+ /*
+ ** step 11: if (2tqp0 +1 > 2**length), then t = ceiling(2**(length-1)/2qp0)
+ ** step 12: t = 2tqp0 +1.
+ **
+ ** step 23: if (2tc0 +1 > 2**length), then t = ceiling(2**(length-1)/2c0)
+ ** step 24: t = 2tc0 +1.
+ */
+ CHECK_MPI_OK(mp_2expt(&two_length_minus_1, length - 1));
+step_23:
+ CHECK_MPI_OK(mp_mul(&t, &c0_2, &c)); /* c = t*2qc0 */
+ CHECK_MPI_OK(mp_add_d(&c, (mp_digit)1, &c)); /* c= 2tqc0 + 1*/
+ if (mpl_significant_bits(&c) > length) { /* if c > 2**length */
+ CHECK_MPI_OK(mp_sub_d(&c0_2, (mp_digit)1, &t)); /* t = 2qc0-1 */
+ /* t = 2**(length-1) + 2qc0 -1 */
+ CHECK_MPI_OK(mp_add(&two_length_minus_1, &t, &t));
+ /* t = floor((2**(length-1)+2qc0 -1)/2qco)
+ * = ceil(2**(lenght-2)/2qc0) */
+ CHECK_MPI_OK(mp_div(&t, &c0_2, &t, NULL));
+ CHECK_MPI_OK(mp_mul(&t, &c0_2, &c));
+ CHECK_MPI_OK(mp_add_d(&c, (mp_digit)1, &c)); /* c= 2tqc0 + 1*/
+ }
+ /* Step 13/25 prime_gen_counter = prime_gen_counter + 1*/
+ (*prime_gen_counter)++;
+ /*
+ ** Comment: Test the candidate prime c for primality; first pick an
+ ** integer a between 2 and c-2.
+ **
+ ** Step 14/26 a=0
+ */
+ PORT_Memset(x, 0, sizeof(x)); /* use x for a */
+ /*
+ ** Step 15/27 for i = 0 to iterations do
+ ** a = a + (HASH(prime_seed + i) * 2^(i*outlen))
+ **
+ ** NOTE: we reuse the x array for 'a' initially.
+ */
+ for (i = 0; i < iterations; i++) {
+ /* MAX_ST_SEED_BITS is bigger than prime_seed should get to */
+ CHECK_SEC_OK(addToSeedThenHash(hashtype, prime_seed, i,
+ MAX_ST_SEED_BITS, &x[(iterations - i - 1) * hashlen]));
+ }
+ /* Step 16/28 prime_seed = prime_seed + iterations + 1 */
+ CHECK_SEC_OK(addToSeed(prime_seed, iterations, MAX_ST_SEED_BITS,
+ prime_seed));
+ /* Step 17/29 a = 2 + (a mod (c-3)). */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&a, x, iterations * hashlen));
+ CHECK_MPI_OK(mp_sub_d(&c, (mp_digit)3, &z)); /* z = c -3 */
+ CHECK_MPI_OK(mp_mod(&a, &z, &a)); /* a = a mod c -3 */
+ CHECK_MPI_OK(mp_add_d(&a, (mp_digit)2, &a)); /* a = 2 + a mod c -3 */
+ /*
+ ** Step 18 z = a**(2tq) mod p.
+ ** Step 30 z = a**(2t) mod c.
+ */
+ CHECK_MPI_OK(mp_mul(&t, q, &z)); /* z = tq */
+ CHECK_MPI_OK(mp_add(&z, &z, &z)); /* z = 2tq */
+ CHECK_MPI_OK(mp_exptmod(&a, &z, &c, &z)); /* z = a**(2tq) mod c */
+ /*
+ ** Step 19 if (( 1 == GCD(z-1,p)) and ( 1 == z**p0 mod p )), then
+ ** Step 31 if (( 1 == GCD(z-1,c)) and ( 1 == z**c0 mod c )), then
+ */
+ CHECK_MPI_OK(mp_sub_d(&z, (mp_digit)1, &a));
+ CHECK_MPI_OK(mp_gcd(&a, &c, &a));
+ if (mp_cmp_d(&a, (mp_digit)1) == 0) {
+ CHECK_MPI_OK(mp_exptmod(&z, c0, &c, &a));
+ if (mp_cmp_d(&a, (mp_digit)1) == 0) {
+ /* Step 31.1 prime = c */
+ CHECK_MPI_OK(mp_copy(&c, prime));
+ /*
+ ** Step 31.2 return Success, prime, prime_seed,
+ ** prime_gen_counter
+ */
+ rv = SECSuccess;
+ goto cleanup;
+ }
+ }
+ /*
+ ** Step 20/32 If (prime_gen_counter > 4 * length + old_counter then
+ ** return (FAILURE, 0, 0, 0).
+ ** NOTE: the test is reversed, so we fall through on failure to the
+ ** cleanup routine
+ */
+ if (*prime_gen_counter < (4 * length + old_counter)) {
+ /* Step 21/33 t = t + 1 */
+ CHECK_MPI_OK(mp_add_d(&t, (mp_digit)1, &t));
+ /* Step 22/34 Go to step 23/11 */
+ goto step_23;
+ }
+
+ /* if (prime_gencont > (4*length + old_counter), fall through to failure */
+ rv = SECFailure; /* really is already set, but paranoia is good */
+
+cleanup:
+ mp_clear(&c);
+ mp_clear(&c0_2);
+ mp_clear(&t);
+ mp_clear(&a);
+ mp_clear(&z);
+ mp_clear(&two_length_minus_1);
+ PORT_Memset(x, 0, sizeof(x));
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv == SECFailure) {
+ mp_zero(prime);
+ if (prime_seed->data) {
+ SECITEM_FreeItem(prime_seed, PR_FALSE);
+ }
+ *prime_gen_counter = 0;
+ }
+ return rv;
+}
+
+/*
+** Perform steps from FIPS 186-3, Appendix C.6
+**
+** This generates a provable prime from a seed
+*/
+static SECStatus
+makePrimefromSeedShaweTaylor(
+ HASH_HashType hashtype, /* selected Hashing algorithm */
+ unsigned int length, /* input. Length of prime in bits. */
+ const SECItem *input_seed, /* input. */
+ mp_int *prime, /* output. */
+ SECItem *prime_seed, /* output. */
+ unsigned int *prime_gen_counter) /* output. */
+{
+ mp_int c;
+ mp_int c0;
+ mp_int one;
+ SECStatus rv = SECFailure;
+ int hashlen = HASH_ResultLen(hashtype);
+ int outlen = hashlen * PR_BITS_PER_BYTE;
+ int offset;
+ unsigned char bit, mask;
+ unsigned char x[HASH_LENGTH_MAX * 2];
+ mp_digit dummy;
+ mp_err err = MP_OKAY;
+ int i;
+
+ MP_DIGITS(&c) = 0;
+ MP_DIGITS(&c0) = 0;
+ MP_DIGITS(&one) = 0;
+ CHECK_MPI_OK(mp_init(&c));
+ CHECK_MPI_OK(mp_init(&c0));
+ CHECK_MPI_OK(mp_init(&one));
+
+ /* Step 1. if length < 2 then return (FAILURE, 0, 0, 0) */
+ if (length < 2) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+ /* Step 2. if length >= 33 then goto step 14 */
+ if (length >= 33) {
+ mp_zero(&one);
+ CHECK_MPI_OK(mp_add_d(&one, (mp_digit)1, &one));
+
+ /* Step 14 (status, c0, prime_seed, prime_gen_counter) =
+ ** (ST_Random_Prime((ceil(length/2)+1, input_seed)
+ */
+ rv = makePrimefromSeedShaweTaylor(hashtype, (length + 1) / 2 + 1,
+ input_seed, &c0, prime_seed, prime_gen_counter);
+ /* Step 15 if FAILURE is returned, return (FAILURE, 0, 0, 0). */
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+ /* Steps 16-34 */
+ rv = makePrimefromPrimesShaweTaylor(hashtype, length, &c0, &one,
+ prime, prime_seed, prime_gen_counter);
+ goto cleanup; /* we're done, one way or the other */
+ }
+ /* Step 3 prime_seed = input_seed */
+ CHECK_SEC_OK(SECITEM_CopyItem(NULL, prime_seed, input_seed));
+ /* Step 4 prime_gen_count = 0 */
+ *prime_gen_counter = 0;
+
+step_5:
+ /* Step 5 c = Hash(prime_seed) xor Hash(prime_seed+1). */
+ CHECK_SEC_OK(HASH_HashBuf(hashtype, x, prime_seed->data, prime_seed->len));
+ CHECK_SEC_OK(addToSeedThenHash(hashtype, prime_seed, 1,
+ MAX_ST_SEED_BITS, &x[hashlen]));
+ for (i = 0; i < hashlen; i++) {
+ x[i] = x[i] ^ x[i + hashlen];
+ }
+ /* Step 6 c = 2**length-1 + c mod 2**length-1 */
+ /* This step mathematically sets the high bit and clears out
+ ** all the other bits higher than length. Right now c is stored
+ ** in the x array, MSB first. The above formula gives us a c which
+ ** is length bytes long and has the high bit set. We also know that
+ ** length < outlen since the smallest outlen is 160 bits and the largest
+ ** length at this point is 32 bits. So first we find the offset in bytes
+ ** into the array where the high bit is.
+ */
+ offset = (outlen - length) / PR_BITS_PER_BYTE;
+ /* now we want to set the 'high bit'. We have to calculate this since
+ * length may not be a multiple of 8.*/
+ bit = 1 << ((length - 1) & 0x7); /* select the proper bit in the byte */
+ /* we need to zero out the rest of the bits in the byte above */
+ mask = (bit - 1);
+ /* now we set it */
+ x[offset] = (mask & x[offset]) | bit;
+ /* Step 7 c = c*floor(c/2) + 1 */
+ /* set the low bit. much easier to find (the end of the array) */
+ x[hashlen - 1] |= 1;
+ /* now that we've set our bits, we can create our candidate "c" */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&c, &x[offset], hashlen - offset));
+ /* Step 8 prime_gen_counter = prime_gen_counter + 1 */
+ (*prime_gen_counter)++;
+ /* Step 9 prime_seed = prime_seed + 2 */
+ CHECK_SEC_OK(addToSeed(prime_seed, 2, MAX_ST_SEED_BITS, prime_seed));
+ /* Step 10 Perform deterministic primality test on c. For example, since
+ ** c is small, it's primality can be tested by trial division, See
+ ** See Appendic C.7.
+ **
+ ** We in fact test with trial division. mpi has a built int trial divider
+ ** that divides all divisors up to 2^16.
+ */
+ if (prime_tab[prime_tab_size - 1] < 0xFFF1) {
+ /* we aren't testing all the primes between 0 and 2^16, we really
+ * can't use this construction. Just fail. */
+ rv = SECFailure;
+ goto cleanup;
+ }
+ dummy = prime_tab_size;
+ err = mpp_divis_primes(&c, &dummy);
+ /* Step 11 if c is prime then */
+ if (err == MP_NO) {
+ /* Step 11.1 prime = c */
+ CHECK_MPI_OK(mp_copy(&c, prime));
+ /* Step 11.2 return SUCCESS prime, prime_seed, prime_gen_counter */
+ err = MP_OKAY;
+ rv = SECSuccess;
+ goto cleanup;
+ } else if (err != MP_YES) {
+ goto cleanup; /* function failed, bail out */
+ } else {
+ /* reset mp_err */
+ err = MP_OKAY;
+ }
+ /*
+ ** Step 12 if (prime_gen_counter > (4*len))
+ ** then return (FAILURE, 0, 0, 0))
+ ** Step 13 goto step 5
+ */
+ if (*prime_gen_counter <= (4 * length)) {
+ goto step_5;
+ }
+ /* if (prime_gencont > 4*length), fall through to failure */
+ rv = SECFailure; /* really is already set, but paranoia is good */
+
+cleanup:
+ mp_clear(&c);
+ mp_clear(&c0);
+ mp_clear(&one);
+ PORT_Memset(x, 0, sizeof(x));
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv == SECFailure) {
+ mp_zero(prime);
+ if (prime_seed->data) {
+ SECITEM_FreeItem(prime_seed, PR_FALSE);
+ }
+ *prime_gen_counter = 0;
+ }
+ return rv;
+}
+
+/*
+ * Find a Q and algorithm from Seed.
+ */
+static SECStatus
+findQfromSeed(
+ unsigned int L, /* input. Length of p in bits. */
+ unsigned int N, /* input. Length of q in bits. */
+ unsigned int g, /* input. Length of seed in bits. */
+ const SECItem *seed, /* input. */
+ mp_int *Q, /* input. */
+ mp_int *Q_, /* output. */
+ unsigned int *qseed_len, /* output */
+ HASH_HashType *hashtypePtr, /* output. Hash uses */
+ pqgGenType *typePtr) /* output. Generation Type used */
+{
+ HASH_HashType hashtype;
+ SECItem firstseed = { 0, 0, 0 };
+ SECItem qseed = { 0, 0, 0 };
+ SECStatus rv;
+
+ *qseed_len = 0; /* only set if FIPS186_3_ST_TYPE */
+
+ /* handle legacy small DSA first can only be FIPS186_1_TYPE */
+ if (L < 1024) {
+ rv = makeQfromSeed(g, seed, Q_);
+ if ((rv == SECSuccess) && (mp_cmp(Q, Q_) == 0)) {
+ *hashtypePtr = HASH_AlgSHA1;
+ *typePtr = FIPS186_1_TYPE;
+ return SECSuccess;
+ }
+ return SECFailure;
+ }
+ /* 1024 could use FIPS186_1 or FIPS186_3 algorithms, we need to try
+ * them both */
+ if (L == 1024) {
+ rv = makeQfromSeed(g, seed, Q_);
+ if (rv == SECSuccess) {
+ if (mp_cmp(Q, Q_) == 0) {
+ *hashtypePtr = HASH_AlgSHA1;
+ *typePtr = FIPS186_1_TYPE;
+ return SECSuccess;
+ }
+ }
+ /* fall through for FIPS186_3 types */
+ }
+ /* at this point we know we aren't using FIPS186_1, start trying FIPS186_3
+ * with appropriate hash types */
+ for (hashtype = getFirstHash(L, N); hashtype != HASH_AlgTOTAL;
+ hashtype = getNextHash(hashtype)) {
+ rv = makeQ2fromSeed(hashtype, N, seed, Q_);
+ if (rv != SECSuccess) {
+ continue;
+ }
+ if (mp_cmp(Q, Q_) == 0) {
+ *hashtypePtr = hashtype;
+ *typePtr = FIPS186_3_TYPE;
+ return SECSuccess;
+ }
+ }
+ /*
+ * OK finally try FIPS186_3 Shawe-Taylor
+ */
+ firstseed = *seed;
+ firstseed.len = seed->len / 3;
+ for (hashtype = getFirstHash(L, N); hashtype != HASH_AlgTOTAL;
+ hashtype = getNextHash(hashtype)) {
+ unsigned int count;
+
+ rv = makePrimefromSeedShaweTaylor(hashtype, N, &firstseed, Q_,
+ &qseed, &count);
+ if (rv != SECSuccess) {
+ continue;
+ }
+ if (mp_cmp(Q, Q_) == 0) {
+ /* check qseed as well... */
+ int offset = seed->len - qseed.len;
+ if ((offset < 0) ||
+ (PORT_Memcmp(&seed->data[offset], qseed.data, qseed.len) != 0)) {
+ /* we found q, but the seeds don't match. This isn't an
+ * accident, someone has been tweeking with the seeds, just
+ * fail a this point. */
+ SECITEM_FreeItem(&qseed, PR_FALSE);
+ return SECFailure;
+ }
+ *qseed_len = qseed.len;
+ *hashtypePtr = hashtype;
+ *typePtr = FIPS186_3_ST_TYPE;
+ SECITEM_FreeItem(&qseed, PR_FALSE);
+ return SECSuccess;
+ }
+ SECITEM_FreeItem(&qseed, PR_FALSE);
+ }
+ /* no hash algorithms found which match seed to Q, fail */
+ return SECFailure;
+}
+
+/*
+** Perform steps 7, 8 and 9 of FIPS 186, appendix 2.2.
+** which are the same as steps 11.1-11.5 of FIPS 186-2, App A.1.1.2
+** Generate P from Q, seed, L, and offset.
+*/
+static SECStatus
+makePfromQandSeed(
+ HASH_HashType hashtype, /* selected Hashing algorithm */
+ unsigned int L, /* Length of P in bits. Per FIPS 186. */
+ unsigned int N, /* Length of Q in bits. Per FIPS 186. */
+ unsigned int offset, /* Per FIPS 186, App 2.2. & 186-3 App A.1.1.2 */
+ unsigned int seedlen, /* input. Length of seed in bits. (g in 186-1)*/
+ const SECItem *seed, /* input. */
+ const mp_int *Q, /* input. */
+ mp_int *P) /* output. */
+{
+ unsigned int j; /* Per FIPS 186-3 App. A.1.1.2 (k in 186-1)*/
+ unsigned int n; /* Per FIPS 186, appendix 2.2. */
+ mp_digit b; /* Per FIPS 186, appendix 2.2. */
+ unsigned int outlen; /* Per FIPS 186-3 App. A.1.1.2 */
+ unsigned int hashlen; /* outlen in bytes */
+ unsigned char V_j[HASH_LENGTH_MAX];
+ mp_int W, X, c, twoQ, V_n, tmp;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ /* Initialize bignums */
+ MP_DIGITS(&W) = 0;
+ MP_DIGITS(&X) = 0;
+ MP_DIGITS(&c) = 0;
+ MP_DIGITS(&twoQ) = 0;
+ MP_DIGITS(&V_n) = 0;
+ MP_DIGITS(&tmp) = 0;
+ CHECK_MPI_OK(mp_init(&W));
+ CHECK_MPI_OK(mp_init(&X));
+ CHECK_MPI_OK(mp_init(&c));
+ CHECK_MPI_OK(mp_init(&twoQ));
+ CHECK_MPI_OK(mp_init(&tmp));
+ CHECK_MPI_OK(mp_init(&V_n));
+
+ hashlen = HASH_ResultLen(hashtype);
+ outlen = hashlen * PR_BITS_PER_BYTE;
+
+ /* L - 1 = n*outlen + b */
+ n = (L - 1) / outlen;
+ b = (L - 1) % outlen;
+
+ /* ******************************************************************
+ ** Step 11.1 (Step 7 in 186-1)
+ ** "for j = 0 ... n let
+ ** V_j = SHA[(SEED + offset + j) mod 2**seedlen]."
+ **
+ ** Step 11.2 (Step 8 in 186-1)
+ ** "W = V_0 + (V_1 * 2**outlen) + ... + (V_n-1 * 2**((n-1)*outlen))
+ ** + ((V_n mod 2**b) * 2**(n*outlen))
+ */
+ for (j = 0; j < n; ++j) { /* Do the first n terms of V_j */
+ /* Do step 11.1 for iteration j.
+ ** V_j = HASH[(seed + offset + j) mod 2**g]
+ */
+ CHECK_SEC_OK(addToSeedThenHash(hashtype, seed, offset + j, seedlen, V_j));
+ /* Do step 11.2 for iteration j.
+ ** W += V_j * 2**(j*outlen)
+ */
+ OCTETS_TO_MPINT(V_j, &tmp, hashlen); /* get bignum V_j */
+ CHECK_MPI_OK(mpl_lsh(&tmp, &tmp, j * outlen)); /* tmp=V_j << j*outlen */
+ CHECK_MPI_OK(mp_add(&W, &tmp, &W)); /* W += tmp */
+ }
+ /* Step 11.2, continued.
+ ** [W += ((V_n mod 2**b) * 2**(n*outlen))]
+ */
+ CHECK_SEC_OK(addToSeedThenHash(hashtype, seed, offset + n, seedlen, V_j));
+ OCTETS_TO_MPINT(V_j, &V_n, hashlen); /* get bignum V_n */
+ CHECK_MPI_OK(mp_div_2d(&V_n, b, NULL, &tmp)); /* tmp = V_n mod 2**b */
+ CHECK_MPI_OK(mpl_lsh(&tmp, &tmp, n * outlen)); /* tmp = tmp << n*outlen */
+ CHECK_MPI_OK(mp_add(&W, &tmp, &W)); /* W += tmp */
+ /* Step 11.3, (Step 8 in 186-1)
+ ** "X = W + 2**(L-1).
+ ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
+ */
+ CHECK_MPI_OK(mpl_set_bit(&X, (mp_size)(L - 1), 1)); /* X = 2**(L-1) */
+ CHECK_MPI_OK(mp_add(&X, &W, &X)); /* X += W */
+ /*************************************************************
+ ** Step 11.4. (Step 9 in 186-1)
+ ** "c = X mod 2q"
+ */
+ CHECK_MPI_OK(mp_mul_2(Q, &twoQ)); /* 2q */
+ CHECK_MPI_OK(mp_mod(&X, &twoQ, &c)); /* c = X mod 2q */
+ /*************************************************************
+ ** Step 11.5. (Step 9 in 186-1)
+ ** "p = X - (c - 1).
+ ** Note that p is congruent to 1 mod 2q."
+ */
+ CHECK_MPI_OK(mp_sub_d(&c, 1, &c)); /* c -= 1 */
+ CHECK_MPI_OK(mp_sub(&X, &c, P)); /* P = X - c */
+cleanup:
+ mp_clear(&W);
+ mp_clear(&X);
+ mp_clear(&c);
+ mp_clear(&twoQ);
+ mp_clear(&V_n);
+ mp_clear(&tmp);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ return SECFailure;
+ }
+ return rv;
+}
+
+/*
+** Generate G from h, P, and Q.
+*/
+static SECStatus
+makeGfromH(const mp_int *P, /* input. */
+ const mp_int *Q, /* input. */
+ mp_int *H, /* input and output. */
+ mp_int *G, /* output. */
+ PRBool *passed)
+{
+ mp_int exp, pm1;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ *passed = PR_FALSE;
+ MP_DIGITS(&exp) = 0;
+ MP_DIGITS(&pm1) = 0;
+ CHECK_MPI_OK(mp_init(&exp));
+ CHECK_MPI_OK(mp_init(&pm1));
+ CHECK_MPI_OK(mp_sub_d(P, 1, &pm1)); /* P - 1 */
+ if (mp_cmp(H, &pm1) >= 0) /* H >= P-1 */
+ CHECK_MPI_OK(mp_sub(H, &pm1, H)); /* H = H mod (P-1) */
+ /* Let b = 2**n (smallest power of 2 greater than P).
+ ** Since P-1 >= b/2, and H < b, quotient(H/(P-1)) = 0 or 1
+ ** so the above operation safely computes H mod (P-1)
+ */
+ /* Check for H = to 0 or 1. Regen H if so. (Regen means return error). */
+ if (mp_cmp_d(H, 1) <= 0) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+ /* Compute G, according to the equation G = (H ** ((P-1)/Q)) mod P */
+ CHECK_MPI_OK(mp_div(&pm1, Q, &exp, NULL)); /* exp = (P-1)/Q */
+ CHECK_MPI_OK(mp_exptmod(H, &exp, P, G)); /* G = H ** exp mod P */
+ /* Check for G == 0 or G == 1, return error if so. */
+ if (mp_cmp_d(G, 1) <= 0) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+ *passed = PR_TRUE;
+cleanup:
+ mp_clear(&exp);
+ mp_clear(&pm1);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+** Generate G from seed, index, P, and Q.
+*/
+static SECStatus
+makeGfromIndex(HASH_HashType hashtype,
+ const mp_int *P, /* input. */
+ const mp_int *Q, /* input. */
+ const SECItem *seed, /* input. */
+ unsigned char index, /* input. */
+ mp_int *G) /* input/output */
+{
+ mp_int e, pm1, W;
+ unsigned int count;
+ unsigned char data[HASH_LENGTH_MAX];
+ unsigned int len;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ const SECHashObject *hashobj = NULL;
+ void *hashcx = NULL;
+
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&pm1) = 0;
+ MP_DIGITS(&W) = 0;
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&pm1));
+ CHECK_MPI_OK(mp_init(&W));
+
+ /* initialize our hash stuff */
+ hashobj = HASH_GetRawHashObject(hashtype);
+ if (hashobj == NULL) {
+ /* shouldn't happen */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ hashcx = hashobj->create();
+ if (hashcx == NULL) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+
+ CHECK_MPI_OK(mp_sub_d(P, 1, &pm1)); /* P - 1 */
+ /* Step 3 e = (p-1)/q */
+ CHECK_MPI_OK(mp_div(&pm1, Q, &e, NULL)); /* e = (P-1)/Q */
+/* Steps 4, 5, and 6 */
+/* count is a 16 bit value in the spec. We actually represent count
+ * as more than 16 bits so we can easily detect the 16 bit overflow */
+#define MAX_COUNT 0x10000
+ for (count = 1; count < MAX_COUNT; count++) {
+ /* step 7
+ * U = domain_param_seed || "ggen" || index || count
+ * step 8
+ * W = HASH(U)
+ */
+ hashobj->begin(hashcx);
+ hashobj->update(hashcx, seed->data, seed->len);
+ hashobj->update(hashcx, (unsigned char *)"ggen", 4);
+ hashobj->update(hashcx, &index, 1);
+ data[0] = (count >> 8) & 0xff;
+ data[1] = count & 0xff;
+ hashobj->update(hashcx, data, 2);
+ hashobj->end(hashcx, data, &len, sizeof(data));
+ OCTETS_TO_MPINT(data, &W, len);
+ /* step 9. g = W**e mod p */
+ CHECK_MPI_OK(mp_exptmod(&W, &e, P, G));
+ /* step 10. if (g < 2) then goto step 5 */
+ /* NOTE: this weird construct is to keep the flow according to the spec.
+ * the continue puts us back to step 5 of the for loop */
+ if (mp_cmp_d(G, 2) < 0) {
+ continue;
+ }
+ break; /* step 11 follows step 10 if the test condition is false */
+ }
+ if (count >= MAX_COUNT) {
+ rv = SECFailure; /* last part of step 6 */
+ }
+/* step 11.
+ * return valid G */
+cleanup:
+ PORT_Memset(data, 0, sizeof(data));
+ if (hashcx) {
+ hashobj->destroy(hashcx, PR_TRUE);
+ }
+ mp_clear(&e);
+ mp_clear(&pm1);
+ mp_clear(&W);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/* This code uses labels and gotos, so that it can follow the numbered
+** steps in the algorithms from FIPS 186-3 appendix A.1.1.2 very closely,
+** and so that the correctness of this code can be easily verified.
+** So, please forgive the ugly c code.
+**/
+static SECStatus
+pqg_ParamGen(unsigned int L, unsigned int N, pqgGenType type,
+ unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy)
+{
+ unsigned int n; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
+ unsigned int seedlen; /* Per FIPS 186-3 app A.1.1.2 (was 'g' 186-1)*/
+ unsigned int counter; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
+ unsigned int offset; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
+ unsigned int outlen; /* Per FIPS 186-3, appendix A.1.1.2. */
+ unsigned int maxCount;
+ HASH_HashType hashtype;
+ SECItem *seed; /* Per FIPS 186, app 2.2. 186-3 app A.1.1.2 */
+ PLArenaPool *arena = NULL;
+ PQGParams *params = NULL;
+ PQGVerify *verify = NULL;
+ PRBool passed;
+ SECItem hit = { 0, 0, 0 };
+ SECItem firstseed = { 0, 0, 0 };
+ SECItem qseed = { 0, 0, 0 };
+ SECItem pseed = { 0, 0, 0 };
+ mp_int P, Q, G, H, l, p0;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECFailure;
+ int iterations = 0;
+
+ /* Step 1. L and N already checked by caller*/
+ /* Step 2. if (seedlen < N) return INVALID; */
+ if (seedBytes < N / PR_BITS_PER_BYTE || !pParams || !pVfy) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Initialize bignums */
+ MP_DIGITS(&P) = 0;
+ MP_DIGITS(&Q) = 0;
+ MP_DIGITS(&G) = 0;
+ MP_DIGITS(&H) = 0;
+ MP_DIGITS(&l) = 0;
+ MP_DIGITS(&p0) = 0;
+ CHECK_MPI_OK(mp_init(&P));
+ CHECK_MPI_OK(mp_init(&Q));
+ CHECK_MPI_OK(mp_init(&G));
+ CHECK_MPI_OK(mp_init(&H));
+ CHECK_MPI_OK(mp_init(&l));
+ CHECK_MPI_OK(mp_init(&p0));
+
+ /* parameters have been passed in, only generate G */
+ if (*pParams != NULL) {
+ /* we only support G index generation if generating separate from PQ */
+ if ((*pVfy == NULL) || (type == FIPS186_1_TYPE) ||
+ ((*pVfy)->h.len != 1) || ((*pVfy)->h.data == NULL) ||
+ ((*pVfy)->seed.data == NULL) || ((*pVfy)->seed.len == 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ params = *pParams;
+ verify = *pVfy;
+
+ /* fill in P Q, */
+ SECITEM_TO_MPINT((*pParams)->prime, &P);
+ SECITEM_TO_MPINT((*pParams)->subPrime, &Q);
+ hashtype = getFirstHash(L, N);
+ CHECK_SEC_OK(makeGfromIndex(hashtype, &P, &Q, &(*pVfy)->seed,
+ (*pVfy)->h.data[0], &G));
+ MPINT_TO_SECITEM(&G, &(*pParams)->base, (*pParams)->arena);
+ goto cleanup;
+ }
+ /* Initialize an arena for the params. */
+ arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
+ if (!params) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+ params->arena = arena;
+ /* Initialize an arena for the verify. */
+ arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(params->arena, PR_TRUE);
+ return SECFailure;
+ }
+ verify = (PQGVerify *)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
+ if (!verify) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(arena, PR_TRUE);
+ PORT_FreeArena(params->arena, PR_TRUE);
+ return SECFailure;
+ }
+ verify->arena = arena;
+ seed = &verify->seed;
+ arena = NULL;
+
+ /* Select Hash and Compute lengths. */
+ /* getFirstHash gives us the smallest acceptable hash for this key
+ * strength */
+ hashtype = getFirstHash(L, N);
+ outlen = HASH_ResultLen(hashtype) * PR_BITS_PER_BYTE;
+
+ /* Step 3: n = Ceil(L/outlen)-1; (same as n = Floor((L-1)/outlen)) */
+ n = (L - 1) / outlen;
+ /* Step 4: (skipped since we don't use b): b = L -1 - (n*outlen); */
+ seedlen = seedBytes * PR_BITS_PER_BYTE; /* bits in seed */
+step_5:
+ /* ******************************************************************
+ ** Step 5. (Step 1 in 186-1)
+ ** "Choose an abitrary sequence of at least N bits and call it SEED.
+ ** Let g be the length of SEED in bits."
+ */
+ if (++iterations > MAX_ITERATIONS) { /* give up after a while */
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+ seed->len = seedBytes;
+ CHECK_SEC_OK(getPQseed(seed, verify->arena));
+ /* ******************************************************************
+ ** Step 6. (Step 2 in 186-1)
+ **
+ ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]. (186-1)"
+ ** "Compute U = HASH[SEED] 2**(N-1). (186-3)"
+ **
+ ** Step 7. (Step 3 in 186-1)
+ ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
+ ** and the least signficant bit to 1. In terms of boolean operations,
+ ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160. (186-1)"
+ **
+ ** "q = 2**(N-1) + U + 1 - (U mod 2) (186-3)
+ **
+ ** Note: Both formulations are the same for U < 2**(N-1) and N=160
+ **
+ ** If using Shawe-Taylor, We do the entire A.1.2.1.2 setps in the block
+ ** FIPS186_3_ST_TYPE.
+ */
+ if (type == FIPS186_1_TYPE) {
+ CHECK_SEC_OK(makeQfromSeed(seedlen, seed, &Q));
+ } else if (type == FIPS186_3_TYPE) {
+ CHECK_SEC_OK(makeQ2fromSeed(hashtype, N, seed, &Q));
+ } else {
+ /* FIPS186_3_ST_TYPE */
+ unsigned int qgen_counter, pgen_counter;
+
+ /* Step 1 (L,N) already checked for acceptability */
+
+ firstseed = *seed;
+ qgen_counter = 0;
+ /* Step 2. Use N and firstseed to generate random prime q
+ * using Apendix C.6 */
+ CHECK_SEC_OK(makePrimefromSeedShaweTaylor(hashtype, N, &firstseed, &Q,
+ &qseed, &qgen_counter));
+ /* Step 3. Use floor(L/2+1) and qseed to generate random prime p0
+ * using Appendix C.6 */
+ pgen_counter = 0;
+ CHECK_SEC_OK(makePrimefromSeedShaweTaylor(hashtype, (L + 1) / 2 + 1,
+ &qseed, &p0, &pseed, &pgen_counter));
+ /* Steps 4-22 FIPS 186-3 appendix A.1.2.1.2 */
+ CHECK_SEC_OK(makePrimefromPrimesShaweTaylor(hashtype, L,
+ &p0, &Q, &P, &pseed, &pgen_counter));
+
+ /* combine all the seeds */
+ seed->len = firstseed.len + qseed.len + pseed.len;
+ seed->data = PORT_ArenaZAlloc(verify->arena, seed->len);
+ if (seed->data == NULL) {
+ goto cleanup;
+ }
+ PORT_Memcpy(seed->data, firstseed.data, firstseed.len);
+ PORT_Memcpy(seed->data + firstseed.len, pseed.data, pseed.len);
+ PORT_Memcpy(seed->data + firstseed.len + pseed.len, qseed.data, qseed.len);
+ counter = 0; /* (qgen_counter << 16) | pgen_counter; */
+
+ /* we've generated both P and Q now, skip to generating G */
+ goto generate_G;
+ }
+ /* ******************************************************************
+ ** Step 8. (Step 4 in 186-1)
+ ** "Use a robust primality testing algorithm to test whether q is prime."
+ **
+ ** Appendix 2.1 states that a Rabin test with at least 50 iterations
+ ** "will give an acceptable probability of error."
+ */
+ /*CHECK_SEC_OK( prm_RabinTest(&Q, &passed) );*/
+ err = mpp_pprime(&Q, prime_testcount_q(L, N));
+ passed = (err == MP_YES) ? SECSuccess : SECFailure;
+ /* ******************************************************************
+ ** Step 9. (Step 5 in 186-1) "If q is not prime, goto step 5 (1 in 186-1)."
+ */
+ if (passed != SECSuccess)
+ goto step_5;
+ /* ******************************************************************
+ ** Step 10.
+ ** offset = 1;
+ **( Step 6b 186-1)"Let counter = 0 and offset = 2."
+ */
+ offset = (type == FIPS186_1_TYPE) ? 2 : 1;
+ /*
+ ** Step 11. (Step 6a,13a,14 in 186-1)
+ ** For counter - 0 to (4L-1) do
+ **
+ */
+ maxCount = L >= 1024 ? (4 * L - 1) : 4095;
+ for (counter = 0; counter <= maxCount; counter++) {
+ /* ******************************************************************
+ ** Step 11.1 (Step 7 in 186-1)
+ ** "for j = 0 ... n let
+ ** V_j = HASH[(SEED + offset + j) mod 2**seedlen]."
+ **
+ ** Step 11.2 (Step 8 in 186-1)
+ ** "W = V_0 + V_1*2**outlen+...+ V_n-1 * 2**((n-1)*outlen) +
+ ** ((Vn* mod 2**b)*2**(n*outlen))"
+ ** Step 11.3 (Step 8 in 186-1)
+ ** "X = W + 2**(L-1)
+ ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
+ **
+ ** Step 11.4 (Step 9 in 186-1).
+ ** "c = X mod 2q"
+ **
+ ** Step 11.5 (Step 9 in 186-1).
+ ** " p = X - (c - 1).
+ ** Note that p is congruent to 1 mod 2q."
+ */
+ CHECK_SEC_OK(makePfromQandSeed(hashtype, L, N, offset, seedlen,
+ seed, &Q, &P));
+ /*************************************************************
+ ** Step 11.6. (Step 10 in 186-1)
+ ** "if p < 2**(L-1), then goto step 11.9. (step 13 in 186-1)"
+ */
+ CHECK_MPI_OK(mpl_set_bit(&l, (mp_size)(L - 1), 1)); /* l = 2**(L-1) */
+ if (mp_cmp(&P, &l) < 0)
+ goto step_11_9;
+ /************************************************************
+ ** Step 11.7 (step 11 in 186-1)
+ ** "Perform a robust primality test on p."
+ */
+ /*CHECK_SEC_OK( prm_RabinTest(&P, &passed) );*/
+ err = mpp_pprime(&P, prime_testcount_p(L, N));
+ passed = (err == MP_YES) ? SECSuccess : SECFailure;
+ /* ******************************************************************
+ ** Step 11.8. "If p is determined to be primed return VALID
+ ** values of p, q, seed and counter."
+ */
+ if (passed == SECSuccess)
+ break;
+ step_11_9:
+ /* ******************************************************************
+ ** Step 11.9. "offset = offset + n + 1."
+ */
+ offset += n + 1;
+ }
+ /* ******************************************************************
+ ** Step 12. "goto step 5."
+ **
+ ** NOTE: if counter <= maxCount, then we exited the loop at Step 11.8
+ ** and now need to return p,q, seed, and counter.
+ */
+ if (counter > maxCount)
+ goto step_5;
+
+generate_G:
+ /* ******************************************************************
+ ** returning p, q, seed and counter
+ */
+ if (type == FIPS186_1_TYPE) {
+ /* Generate g, This is called the "Unverifiable Generation of g
+ * in FIPA186-3 Appedix A.2.1. For compatibility we maintain
+ * this version of the code */
+ SECITEM_AllocItem(NULL, &hit, L / 8); /* h is no longer than p */
+ if (!hit.data)
+ goto cleanup;
+ do {
+ /* loop generate h until 1<h<p-1 and (h**[(p-1)/q])mod p > 1 */
+ CHECK_SEC_OK(generate_h_candidate(&hit, &H));
+ CHECK_SEC_OK(makeGfromH(&P, &Q, &H, &G, &passed));
+ } while (passed != PR_TRUE);
+ MPINT_TO_SECITEM(&H, &verify->h, verify->arena);
+ } else {
+ unsigned char index = 1; /* default to 1 */
+ verify->h.data = (unsigned char *)PORT_ArenaZAlloc(verify->arena, 1);
+ if (verify->h.data == NULL) {
+ goto cleanup;
+ }
+ verify->h.len = 1;
+ verify->h.data[0] = index;
+ /* Generate g, using the FIPS 186-3 Appendix A.23 */
+ CHECK_SEC_OK(makeGfromIndex(hashtype, &P, &Q, seed, index, &G));
+ }
+ /* All generation is done. Now, save the PQG params. */
+ MPINT_TO_SECITEM(&P, &params->prime, params->arena);
+ MPINT_TO_SECITEM(&Q, &params->subPrime, params->arena);
+ MPINT_TO_SECITEM(&G, &params->base, params->arena);
+ verify->counter = counter;
+ *pParams = params;
+ *pVfy = verify;
+cleanup:
+ if (pseed.data) {
+ PORT_Free(pseed.data);
+ }
+ if (qseed.data) {
+ PORT_Free(qseed.data);
+ }
+ mp_clear(&P);
+ mp_clear(&Q);
+ mp_clear(&G);
+ mp_clear(&H);
+ mp_clear(&l);
+ mp_clear(&p0);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv) {
+ if (params) {
+ PORT_FreeArena(params->arena, PR_TRUE);
+ }
+ if (verify) {
+ PORT_FreeArena(verify->arena, PR_TRUE);
+ }
+ }
+ if (hit.data) {
+ SECITEM_FreeItem(&hit, PR_FALSE);
+ }
+ return rv;
+}
+
+SECStatus
+PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
+{
+ unsigned int L; /* Length of P in bits. Per FIPS 186. */
+ unsigned int seedBytes;
+
+ if (j > 8 || !pParams || !pVfy) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ L = 512 + (j * 64); /* bits in P */
+ seedBytes = L / 8;
+ return pqg_ParamGen(L, DSA1_Q_BITS, FIPS186_1_TYPE, seedBytes,
+ pParams, pVfy);
+}
+
+SECStatus
+PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy)
+{
+ unsigned int L; /* Length of P in bits. Per FIPS 186. */
+
+ if (j > 8 || !pParams || !pVfy) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ L = 512 + (j * 64); /* bits in P */
+ return pqg_ParamGen(L, DSA1_Q_BITS, FIPS186_1_TYPE, seedBytes,
+ pParams, pVfy);
+}
+
+SECStatus
+PQG_ParamGenV2(unsigned int L, unsigned int N, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy)
+{
+ if (N == 0) {
+ N = pqg_get_default_N(L);
+ }
+ if (seedBytes == 0) {
+ /* seedBytes == L/8 for probable primes, N/8 for Shawe-Taylor Primes */
+ seedBytes = N / 8;
+ }
+ if (pqg_validate_dsa2(L, N) != SECSuccess) {
+ /* error code already set */
+ return SECFailure;
+ }
+ return pqg_ParamGen(L, N, FIPS186_3_ST_TYPE, seedBytes, pParams, pVfy);
+}
+
+/*
+ * verify can use vfy structures returned from either FIPS186-1 or
+ * FIPS186-2, and can handle differences in selected Hash functions to
+ * generate the parameters.
+ */
+SECStatus
+PQG_VerifyParams(const PQGParams *params,
+ const PQGVerify *vfy, SECStatus *result)
+{
+ SECStatus rv = SECSuccess;
+ unsigned int g, n, L, N, offset, outlen;
+ mp_int p0, P, Q, G, P_, Q_, G_, r, h;
+ mp_err err = MP_OKAY;
+ int j;
+ unsigned int counter_max = 0; /* handle legacy L < 1024 */
+ unsigned int qseed_len;
+ SECItem pseed_ = { 0, 0, 0 };
+ HASH_HashType hashtype;
+ pqgGenType type;
+
+#define CHECKPARAM(cond) \
+ if (!(cond)) { \
+ *result = SECFailure; \
+ goto cleanup; \
+ }
+ if (!params || !vfy || !result) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* always need at least p, q, and seed for any meaningful check */
+ if ((params->prime.len == 0) || (params->subPrime.len == 0) ||
+ (vfy->seed.len == 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* we want to either check PQ or G or both. If we don't have G, make
+ * sure we have count so we can check P. */
+ if ((params->base.len == 0) && (vfy->counter == -1)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ MP_DIGITS(&p0) = 0;
+ MP_DIGITS(&P) = 0;
+ MP_DIGITS(&Q) = 0;
+ MP_DIGITS(&G) = 0;
+ MP_DIGITS(&P_) = 0;
+ MP_DIGITS(&Q_) = 0;
+ MP_DIGITS(&G_) = 0;
+ MP_DIGITS(&r) = 0;
+ MP_DIGITS(&h) = 0;
+ CHECK_MPI_OK(mp_init(&p0));
+ CHECK_MPI_OK(mp_init(&P));
+ CHECK_MPI_OK(mp_init(&Q));
+ CHECK_MPI_OK(mp_init(&G));
+ CHECK_MPI_OK(mp_init(&P_));
+ CHECK_MPI_OK(mp_init(&Q_));
+ CHECK_MPI_OK(mp_init(&G_));
+ CHECK_MPI_OK(mp_init(&r));
+ CHECK_MPI_OK(mp_init(&h));
+ *result = SECSuccess;
+ SECITEM_TO_MPINT(params->prime, &P);
+ SECITEM_TO_MPINT(params->subPrime, &Q);
+ /* if G isn't specified, just check P and Q */
+ if (params->base.len != 0) {
+ SECITEM_TO_MPINT(params->base, &G);
+ }
+ /* 1. Check (L,N) pair */
+ N = mpl_significant_bits(&Q);
+ L = mpl_significant_bits(&P);
+ if (L < 1024) {
+ /* handle DSA1 pqg parameters with less thatn 1024 bits*/
+ CHECKPARAM(N == DSA1_Q_BITS);
+ j = PQG_PBITS_TO_INDEX(L);
+ CHECKPARAM(j >= 0 && j <= 8);
+ counter_max = 4096;
+ } else {
+ /* handle DSA2 parameters (includes DSA1, 1024 bits) */
+ CHECKPARAM(pqg_validate_dsa2(L, N) == SECSuccess);
+ counter_max = 4 * L;
+ }
+ /* 3. G < P */
+ if (params->base.len != 0) {
+ CHECKPARAM(mp_cmp(&G, &P) < 0);
+ }
+ /* 4. P % Q == 1 */
+ CHECK_MPI_OK(mp_mod(&P, &Q, &r));
+ CHECKPARAM(mp_cmp_d(&r, 1) == 0);
+ /* 5. Q is prime */
+ CHECKPARAM(mpp_pprime(&Q, prime_testcount_q(L, N)) == MP_YES);
+ /* 6. P is prime */
+ CHECKPARAM(mpp_pprime(&P, prime_testcount_p(L, N)) == MP_YES);
+ /* Steps 7-12 are done only if the optional PQGVerify is supplied. */
+ /* continue processing P */
+ /* 7. counter < 4*L */
+ CHECKPARAM((vfy->counter == -1) || (vfy->counter < counter_max));
+ /* 8. g >= N and g < 2*L (g is length of seed in bits) */
+ g = vfy->seed.len * 8;
+ CHECKPARAM(g >= N && g < counter_max / 2);
+ /* 9. Q generated from SEED matches Q in PQGParams. */
+ /* This function checks all possible hash and generation types to
+ * find a Q_ which matches Q. */
+ CHECKPARAM(findQfromSeed(L, N, g, &vfy->seed, &Q, &Q_, &qseed_len,
+ &hashtype, &type) == SECSuccess);
+ CHECKPARAM(mp_cmp(&Q, &Q_) == 0);
+ if (type == FIPS186_3_ST_TYPE) {
+ SECItem qseed = { 0, 0, 0 };
+ SECItem pseed = { 0, 0, 0 };
+ unsigned int first_seed_len;
+ unsigned int pgen_counter = 0;
+
+ /* extract pseed and qseed from domain_parameter_seed, which is
+ * first_seed || pseed || qseed. qseed is first_seed + small_integer
+ * pseed is qseed + small_integer. This means most of the time
+ * first_seed.len == qseed.len == pseed.len. Rarely qseed.len and/or
+ * pseed.len will be one greater than first_seed.len, so we can
+ * depend on the fact that
+ * first_seed.len = floor(domain_parameter_seed.len/3).
+ * findQfromSeed returned qseed.len, so we can calculate pseed.len as
+ * pseed.len = domain_parameter_seed.len - first_seed.len - qseed.len
+ * this is probably over kill, since 99.999% of the time they will all
+ * be equal.
+ *
+ * With the lengths, we can now find the offsets;
+ * first_seed.data = domain_parameter_seed.data + 0
+ * pseed.data = domain_parameter_seed.data + first_seed.len
+ * qseed.data = domain_parameter_seed.data
+ * + domain_paramter_seed.len - qseed.len
+ *
+ */
+ first_seed_len = vfy->seed.len / 3;
+ CHECKPARAM(qseed_len < vfy->seed.len);
+ CHECKPARAM(first_seed_len * 8 > N - 1);
+ CHECKPARAM(first_seed_len + qseed_len < vfy->seed.len);
+ qseed.len = qseed_len;
+ qseed.data = vfy->seed.data + vfy->seed.len - qseed.len;
+ pseed.len = vfy->seed.len - (first_seed_len + qseed_len);
+ pseed.data = vfy->seed.data + first_seed_len;
+
+ /*
+ * now complete FIPS 186-3 A.1.2.1.2. Step 1 was completed
+ * above in our initial checks, Step 2 was completed by
+ * findQfromSeed */
+
+ /* Step 3 (status, c0, prime_seed, prime_gen_counter) =
+ ** (ST_Random_Prime((ceil(length/2)+1, input_seed)
+ */
+ CHECK_SEC_OK(makePrimefromSeedShaweTaylor(hashtype, (L + 1) / 2 + 1,
+ &qseed, &p0, &pseed_, &pgen_counter));
+ /* Steps 4-22 FIPS 186-3 appendix A.1.2.1.2 */
+ CHECK_SEC_OK(makePrimefromPrimesShaweTaylor(hashtype, L,
+ &p0, &Q_, &P_, &pseed_, &pgen_counter));
+ CHECKPARAM(mp_cmp(&P, &P_) == 0);
+ /* make sure pseed wasn't tampered with (since it is part of
+ * calculating G) */
+ CHECKPARAM(SECITEM_CompareItem(&pseed, &pseed_) == SECEqual);
+ } else if (vfy->counter == -1) {
+ /* If counter is set to -1, we are really only verifying G, skip
+ * the remainder of the checks for P */
+ CHECKPARAM(type != FIPS186_1_TYPE); /* we only do this for DSA2 */
+ } else {
+ /* 10. P generated from (L, counter, g, SEED, Q) matches P
+ * in PQGParams. */
+ outlen = HASH_ResultLen(hashtype) * PR_BITS_PER_BYTE;
+ n = (L - 1) / outlen;
+ offset = vfy->counter * (n + 1) + ((type == FIPS186_1_TYPE) ? 2 : 1);
+ CHECK_SEC_OK(makePfromQandSeed(hashtype, L, N, offset, g, &vfy->seed,
+ &Q, &P_));
+ CHECKPARAM(mp_cmp(&P, &P_) == 0);
+ }
+
+ /* now check G, skip if don't have a g */
+ if (params->base.len == 0)
+ goto cleanup;
+
+ /* first Always check that G is OK FIPS186-3 A.2.2 & A.2.4*/
+ /* 1. 2 < G < P-1 */
+ /* P is prime, p-1 == zero 1st bit */
+ CHECK_MPI_OK(mpl_set_bit(&P, 0, 0));
+ CHECKPARAM(mp_cmp_d(&G, 2) > 0 && mp_cmp(&G, &P) < 0);
+ CHECK_MPI_OK(mpl_set_bit(&P, 0, 1)); /* set it back */
+ /* 2. verify g**q mod p == 1 */
+ CHECK_MPI_OK(mp_exptmod(&G, &Q, &P, &h)); /* h = G ** Q mod P */
+ CHECKPARAM(mp_cmp_d(&h, 1) == 0);
+
+ /* no h, the above is the best we can do */
+ if (vfy->h.len == 0) {
+ if (type != FIPS186_1_TYPE) {
+ *result = SECWouldBlock;
+ }
+ goto cleanup;
+ }
+
+ /*
+ * If h is one byte and FIPS186-3 was used to generate Q (we've verified
+ * Q was generated from seed already, then we assume that FIPS 186-3
+ * appendix A.2.3 was used to generate G. Otherwise we assume A.2.1 was
+ * used to generate G.
+ */
+ if ((vfy->h.len == 1) && (type != FIPS186_1_TYPE)) {
+ /* A.2.3 */
+ CHECK_SEC_OK(makeGfromIndex(hashtype, &P, &Q, &vfy->seed,
+ vfy->h.data[0], &G_));
+ CHECKPARAM(mp_cmp(&G, &G_) == 0);
+ } else {
+ int passed;
+ /* A.2.1 */
+ SECITEM_TO_MPINT(vfy->h, &h);
+ /* 11. 1 < h < P-1 */
+ /* P is prime, p-1 == zero 1st bit */
+ CHECK_MPI_OK(mpl_set_bit(&P, 0, 0));
+ CHECKPARAM(mp_cmp_d(&G, 2) > 0 && mp_cmp(&G, &P));
+ CHECK_MPI_OK(mpl_set_bit(&P, 0, 1)); /* set it back */
+ /* 12. G generated from h matches G in PQGParams. */
+ CHECK_SEC_OK(makeGfromH(&P, &Q, &h, &G_, &passed));
+ CHECKPARAM(passed && mp_cmp(&G, &G_) == 0);
+ }
+cleanup:
+ mp_clear(&p0);
+ mp_clear(&P);
+ mp_clear(&Q);
+ mp_clear(&G);
+ mp_clear(&P_);
+ mp_clear(&Q_);
+ mp_clear(&G_);
+ mp_clear(&r);
+ mp_clear(&h);
+ if (pseed_.data) {
+ SECITEM_FreeItem(&pseed_, PR_FALSE);
+ }
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/**************************************************************************
+ * Free the PQGParams struct and the things it points to. *
+ **************************************************************************/
+void
+PQG_DestroyParams(PQGParams *params)
+{
+ if (params == NULL)
+ return;
+ if (params->arena != NULL) {
+ PORT_FreeArena(params->arena, PR_FALSE); /* don't zero it */
+ } else {
+ SECITEM_FreeItem(&params->prime, PR_FALSE); /* don't free prime */
+ SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
+ SECITEM_FreeItem(&params->base, PR_FALSE); /* don't free base */
+ PORT_Free(params);
+ }
+}
+
+/**************************************************************************
+ * Free the PQGVerify struct and the things it points to. *
+ **************************************************************************/
+
+void
+PQG_DestroyVerify(PQGVerify *vfy)
+{
+ if (vfy == NULL)
+ return;
+ if (vfy->arena != NULL) {
+ PORT_FreeArena(vfy->arena, PR_FALSE); /* don't zero it */
+ } else {
+ SECITEM_FreeItem(&vfy->seed, PR_FALSE); /* don't free seed */
+ SECITEM_FreeItem(&vfy->h, PR_FALSE); /* don't free h */
+ PORT_Free(vfy);
+ }
+}
diff --git a/security/nss/lib/freebl/pqg.h b/security/nss/lib/freebl/pqg.h
new file mode 100644
index 000000000..c4eecd590
--- /dev/null
+++ b/security/nss/lib/freebl/pqg.h
@@ -0,0 +1,25 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * pqg.h
+ *
+ * header file for pqg functions exported just to freebl
+ */
+
+#ifndef _PQG_H_
+#define _PQG_H_ 1
+
+/* PQG_GetLength returns the significant bytes in the SECItem object (that is
+ * the length of the object minus any leading zeros. Any SECItem may be used,
+ * though this function is usually used for P, Q, or G values */
+unsigned int PQG_GetLength(const SECItem *obj);
+/* Check to see the PQG parameters patch a NIST defined DSA size,
+ * returns SECFaillure and sets SEC_ERROR_INVALID_ARGS if it doesn't.
+ * See blapi.h for legal DSA PQG sizes. */
+SECStatus PQG_Check(const PQGParams *params);
+/* Return the prefered hash algorithm for the given PQGParameters. */
+HASH_HashType PQG_GetHashType(const PQGParams *params);
+
+#endif /* _PQG_H_ */
diff --git a/security/nss/lib/freebl/rawhash.c b/security/nss/lib/freebl/rawhash.c
new file mode 100644
index 000000000..551727b89
--- /dev/null
+++ b/security/nss/lib/freebl/rawhash.c
@@ -0,0 +1,154 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "nspr.h"
+#include "hasht.h"
+#include "blapi.h" /* below the line */
+#include "secerr.h"
+
+static void *
+null_hash_new_context(void)
+{
+ return NULL;
+}
+
+static void *
+null_hash_clone_context(void *v)
+{
+ PORT_Assert(v == NULL);
+ return NULL;
+}
+
+static void
+null_hash_begin(void *v)
+{
+}
+
+static void
+null_hash_update(void *v, const unsigned char *input, unsigned int length)
+{
+}
+
+static void
+null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
+ unsigned int maxOut)
+{
+ *outLen = 0;
+}
+
+static void
+null_hash_destroy_context(void *v, PRBool b)
+{
+ PORT_Assert(v == NULL);
+}
+
+const SECHashObject SECRawHashObjects[] = {
+ { 0,
+ (void *(*)(void))null_hash_new_context,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))null_hash_destroy_context,
+ (void (*)(void *))null_hash_begin,
+ (void (*)(void *, const unsigned char *, unsigned int))null_hash_update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))null_hash_end,
+ 0,
+ HASH_AlgNULL,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))null_hash_end },
+ {
+ MD2_LENGTH,
+ (void *(*)(void))MD2_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))MD2_DestroyContext,
+ (void (*)(void *))MD2_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))MD2_Update,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))MD2_End,
+ MD2_BLOCK_LENGTH,
+ HASH_AlgMD2,
+ NULL /* end_raw */
+ },
+ { MD5_LENGTH,
+ (void *(*)(void))MD5_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))MD5_DestroyContext,
+ (void (*)(void *))MD5_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))MD5_Update,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))MD5_End,
+ MD5_BLOCK_LENGTH,
+ HASH_AlgMD5,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))MD5_EndRaw },
+ { SHA1_LENGTH,
+ (void *(*)(void))SHA1_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))SHA1_DestroyContext,
+ (void (*)(void *))SHA1_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))SHA1_Update,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))SHA1_End,
+ SHA1_BLOCK_LENGTH,
+ HASH_AlgSHA1,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ SHA1_EndRaw },
+ { SHA256_LENGTH,
+ (void *(*)(void))SHA256_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))SHA256_DestroyContext,
+ (void (*)(void *))SHA256_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))SHA256_Update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA256_End,
+ SHA256_BLOCK_LENGTH,
+ HASH_AlgSHA256,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA256_EndRaw },
+ { SHA384_LENGTH,
+ (void *(*)(void))SHA384_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))SHA384_DestroyContext,
+ (void (*)(void *))SHA384_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))SHA384_Update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA384_End,
+ SHA384_BLOCK_LENGTH,
+ HASH_AlgSHA384,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA384_EndRaw },
+ { SHA512_LENGTH,
+ (void *(*)(void))SHA512_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))SHA512_DestroyContext,
+ (void (*)(void *))SHA512_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))SHA512_Update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA512_End,
+ SHA512_BLOCK_LENGTH,
+ HASH_AlgSHA512,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA512_EndRaw },
+ { SHA224_LENGTH,
+ (void *(*)(void))SHA224_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))SHA224_DestroyContext,
+ (void (*)(void *))SHA224_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))SHA224_Update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA224_End,
+ SHA224_BLOCK_LENGTH,
+ HASH_AlgSHA224,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SHA224_EndRaw },
+};
+
+const SECHashObject *
+HASH_GetRawHashObject(HASH_HashType hashType)
+{
+ if (hashType <= HASH_AlgNULL || hashType >= HASH_AlgTOTAL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ return &SECRawHashObjects[hashType];
+}
diff --git a/security/nss/lib/freebl/ret_cr16.s b/security/nss/lib/freebl/ret_cr16.s
new file mode 100644
index 000000000..1f53fc900
--- /dev/null
+++ b/security/nss/lib/freebl/ret_cr16.s
@@ -0,0 +1,27 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef __LP64__
+ .LEVEL 2.0W
+#else
+ .LEVEL 1.1
+#endif
+
+ .CODE ; equivalent to the following two lines
+; .SPACE $TEXT$,SORT=8
+; .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
+
+ret_cr16
+ .PROC
+ .CALLINFO FRAME=0, NO_CALLS
+ .EXPORT ret_cr16,ENTRY
+ .ENTRY
+; BV %r0(%rp)
+ BV 0(%rp)
+ MFCTL %cr16,%ret0
+ BV %r0(%rp)
+ .EXIT
+ NOP
+ .PROCEND
+ .END
diff --git a/security/nss/lib/freebl/rijndael.c b/security/nss/lib/freebl/rijndael.c
new file mode 100644
index 000000000..4bb182693
--- /dev/null
+++ b/security/nss/lib/freebl/rijndael.c
@@ -0,0 +1,1375 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prinit.h"
+#include "prenv.h"
+#include "prerr.h"
+#include "secerr.h"
+
+#include "prtypes.h"
+#include "blapi.h"
+#include "rijndael.h"
+
+#include "cts.h"
+#include "ctr.h"
+#include "gcm.h"
+
+#ifdef USE_HW_AES
+#include "intel-aes.h"
+#endif
+
+#include "mpi.h"
+
+#ifdef USE_HW_AES
+static int has_intel_aes = 0;
+static PRBool use_hw_aes = PR_FALSE;
+
+#ifdef INTEL_GCM
+#include "intel-gcm.h"
+static int has_intel_avx = 0;
+static int has_intel_clmul = 0;
+static PRBool use_hw_gcm = PR_FALSE;
+#if defined(_MSC_VER) && !defined(_M_IX86)
+#include <intrin.h> /* for _xgetbv() */
+#endif
+#endif
+#endif /* USE_HW_AES */
+
+/*
+ * There are currently five ways to build this code, varying in performance
+ * and code size.
+ *
+ * RIJNDAEL_INCLUDE_TABLES Include all tables from rijndael32.tab
+ * RIJNDAEL_GENERATE_TABLES Generate tables on first
+ * encryption/decryption, then store them;
+ * use the function gfm
+ * RIJNDAEL_GENERATE_TABLES_MACRO Same as above, but use macros to do
+ * the generation
+ * RIJNDAEL_GENERATE_VALUES Do not store tables, generate the table
+ * values "on-the-fly", using gfm
+ * RIJNDAEL_GENERATE_VALUES_MACRO Same as above, but use macros
+ *
+ * The default is RIJNDAEL_INCLUDE_TABLES.
+ */
+
+/*
+ * When building RIJNDAEL_INCLUDE_TABLES, includes S**-1, Rcon, T[0..4],
+ * T**-1[0..4], IMXC[0..4]
+ * When building anything else, includes S, S**-1, Rcon
+ */
+#include "rijndael32.tab"
+
+#if defined(RIJNDAEL_INCLUDE_TABLES)
+/*
+ * RIJNDAEL_INCLUDE_TABLES
+ */
+#define T0(i) _T0[i]
+#define T1(i) _T1[i]
+#define T2(i) _T2[i]
+#define T3(i) _T3[i]
+#define TInv0(i) _TInv0[i]
+#define TInv1(i) _TInv1[i]
+#define TInv2(i) _TInv2[i]
+#define TInv3(i) _TInv3[i]
+#define IMXC0(b) _IMXC0[b]
+#define IMXC1(b) _IMXC1[b]
+#define IMXC2(b) _IMXC2[b]
+#define IMXC3(b) _IMXC3[b]
+/* The S-box can be recovered from the T-tables */
+#ifdef IS_LITTLE_ENDIAN
+#define SBOX(b) ((PRUint8)_T3[b])
+#else
+#define SBOX(b) ((PRUint8)_T1[b])
+#endif
+#define SINV(b) (_SInv[b])
+
+#else /* not RIJNDAEL_INCLUDE_TABLES */
+
+/*
+ * Code for generating T-table values.
+ */
+
+#ifdef IS_LITTLE_ENDIAN
+#define WORD4(b0, b1, b2, b3) \
+ ((((PRUint32)b3) << 24) | \
+ (((PRUint32)b2) << 16) | \
+ (((PRUint32)b1) << 8) | \
+ ((PRUint32)b0))
+#else
+#define WORD4(b0, b1, b2, b3) \
+ ((((PRUint32)b0) << 24) | \
+ (((PRUint32)b1) << 16) | \
+ (((PRUint32)b2) << 8) | \
+ ((PRUint32)b3))
+#endif
+
+/*
+ * Define the S and S**-1 tables (both have been stored)
+ */
+#define SBOX(b) (_S[b])
+#define SINV(b) (_SInv[b])
+
+/*
+ * The function xtime, used for Galois field multiplication
+ */
+#define XTIME(a) \
+ ((a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1))
+
+/* Choose GFM method (macros or function) */
+#if defined(RIJNDAEL_GENERATE_TABLES_MACRO) || \
+ defined(RIJNDAEL_GENERATE_VALUES_MACRO)
+
+/*
+ * Galois field GF(2**8) multipliers, in macro form
+ */
+#define GFM01(a) \
+ (a) /* a * 01 = a, the identity */
+#define GFM02(a) \
+ (XTIME(a) & 0xff) /* a * 02 = xtime(a) */
+#define GFM04(a) \
+ (GFM02(GFM02(a))) /* a * 04 = xtime**2(a) */
+#define GFM08(a) \
+ (GFM02(GFM04(a))) /* a * 08 = xtime**3(a) */
+#define GFM03(a) \
+ (GFM01(a) ^ GFM02(a)) /* a * 03 = a * (01 + 02) */
+#define GFM09(a) \
+ (GFM01(a) ^ GFM08(a)) /* a * 09 = a * (01 + 08) */
+#define GFM0B(a) \
+ (GFM01(a) ^ GFM02(a) ^ GFM08(a)) /* a * 0B = a * (01 + 02 + 08) */
+#define GFM0D(a) \
+ (GFM01(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0D = a * (01 + 04 + 08) */
+#define GFM0E(a) \
+ (GFM02(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0E = a * (02 + 04 + 08) */
+
+#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_VALUES */
+
+/* GF_MULTIPLY
+ *
+ * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
+ */
+PRUint8
+gfm(PRUint8 a, PRUint8 b)
+{
+ PRUint8 res = 0;
+ while (b > 0) {
+ res = (b & 0x01) ? res ^ a : res;
+ a = XTIME(a);
+ b >>= 1;
+ }
+ return res;
+}
+
+#define GFM01(a) \
+ (a) /* a * 01 = a, the identity */
+#define GFM02(a) \
+ (XTIME(a) & 0xff) /* a * 02 = xtime(a) */
+#define GFM03(a) \
+ (gfm(a, 0x03)) /* a * 03 */
+#define GFM09(a) \
+ (gfm(a, 0x09)) /* a * 09 */
+#define GFM0B(a) \
+ (gfm(a, 0x0B)) /* a * 0B */
+#define GFM0D(a) \
+ (gfm(a, 0x0D)) /* a * 0D */
+#define GFM0E(a) \
+ (gfm(a, 0x0E)) /* a * 0E */
+
+#endif /* choosing GFM function */
+
+/*
+ * The T-tables
+ */
+#define G_T0(i) \
+ (WORD4(GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i))))
+#define G_T1(i) \
+ (WORD4(GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i))))
+#define G_T2(i) \
+ (WORD4(GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i))))
+#define G_T3(i) \
+ (WORD4(GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i))))
+
+/*
+ * The inverse T-tables
+ */
+#define G_TInv0(i) \
+ (WORD4(GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i))))
+#define G_TInv1(i) \
+ (WORD4(GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i))))
+#define G_TInv2(i) \
+ (WORD4(GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i))))
+#define G_TInv3(i) \
+ (WORD4(GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i))))
+
+/*
+ * The inverse mix column tables
+ */
+#define G_IMXC0(i) \
+ (WORD4(GFM0E(i), GFM09(i), GFM0D(i), GFM0B(i)))
+#define G_IMXC1(i) \
+ (WORD4(GFM0B(i), GFM0E(i), GFM09(i), GFM0D(i)))
+#define G_IMXC2(i) \
+ (WORD4(GFM0D(i), GFM0B(i), GFM0E(i), GFM09(i)))
+#define G_IMXC3(i) \
+ (WORD4(GFM09(i), GFM0D(i), GFM0B(i), GFM0E(i)))
+
+/* Now choose the T-table indexing method */
+#if defined(RIJNDAEL_GENERATE_VALUES)
+/* generate values for the tables with a function*/
+static PRUint32
+gen_TInvXi(PRUint8 tx, PRUint8 i)
+{
+ PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
+ si01 = SINV(i);
+ si02 = XTIME(si01);
+ si04 = XTIME(si02);
+ si08 = XTIME(si04);
+ si03 = si02 ^ si01;
+ si09 = si08 ^ si01;
+ si0B = si08 ^ si03;
+ si0D = si09 ^ si04;
+ si0E = si08 ^ si04 ^ si02;
+ switch (tx) {
+ case 0:
+ return WORD4(si0E, si09, si0D, si0B);
+ case 1:
+ return WORD4(si0B, si0E, si09, si0D);
+ case 2:
+ return WORD4(si0D, si0B, si0E, si09);
+ case 3:
+ return WORD4(si09, si0D, si0B, si0E);
+ }
+ return -1;
+}
+#define T0(i) G_T0(i)
+#define T1(i) G_T1(i)
+#define T2(i) G_T2(i)
+#define T3(i) G_T3(i)
+#define TInv0(i) gen_TInvXi(0, i)
+#define TInv1(i) gen_TInvXi(1, i)
+#define TInv2(i) gen_TInvXi(2, i)
+#define TInv3(i) gen_TInvXi(3, i)
+#define IMXC0(b) G_IMXC0(b)
+#define IMXC1(b) G_IMXC1(b)
+#define IMXC2(b) G_IMXC2(b)
+#define IMXC3(b) G_IMXC3(b)
+#elif defined(RIJNDAEL_GENERATE_VALUES_MACRO)
+/* generate values for the tables with macros */
+#define T0(i) G_T0(i)
+#define T1(i) G_T1(i)
+#define T2(i) G_T2(i)
+#define T3(i) G_T3(i)
+#define TInv0(i) G_TInv0(i)
+#define TInv1(i) G_TInv1(i)
+#define TInv2(i) G_TInv2(i)
+#define TInv3(i) G_TInv3(i)
+#define IMXC0(b) G_IMXC0(b)
+#define IMXC1(b) G_IMXC1(b)
+#define IMXC2(b) G_IMXC2(b)
+#define IMXC3(b) G_IMXC3(b)
+#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_TABLES_MACRO */
+/* Generate T and T**-1 table values and store, then index */
+/* The inverse mix column tables are still generated */
+#define T0(i) rijndaelTables->T0[i]
+#define T1(i) rijndaelTables->T1[i]
+#define T2(i) rijndaelTables->T2[i]
+#define T3(i) rijndaelTables->T3[i]
+#define TInv0(i) rijndaelTables->TInv0[i]
+#define TInv1(i) rijndaelTables->TInv1[i]
+#define TInv2(i) rijndaelTables->TInv2[i]
+#define TInv3(i) rijndaelTables->TInv3[i]
+#define IMXC0(b) G_IMXC0(b)
+#define IMXC1(b) G_IMXC1(b)
+#define IMXC2(b) G_IMXC2(b)
+#define IMXC3(b) G_IMXC3(b)
+#endif /* choose T-table indexing method */
+
+#endif /* not RIJNDAEL_INCLUDE_TABLES */
+
+#if defined(RIJNDAEL_GENERATE_TABLES) || \
+ defined(RIJNDAEL_GENERATE_TABLES_MACRO)
+
+/* Code to generate and store the tables */
+
+struct rijndael_tables_str {
+ PRUint32 T0[256];
+ PRUint32 T1[256];
+ PRUint32 T2[256];
+ PRUint32 T3[256];
+ PRUint32 TInv0[256];
+ PRUint32 TInv1[256];
+ PRUint32 TInv2[256];
+ PRUint32 TInv3[256];
+};
+
+static struct rijndael_tables_str *rijndaelTables = NULL;
+static PRCallOnceType coRTInit = { 0, 0, 0 };
+static PRStatus
+init_rijndael_tables(void)
+{
+ PRUint32 i;
+ PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
+ struct rijndael_tables_str *rts;
+ rts = (struct rijndael_tables_str *)
+ PORT_Alloc(sizeof(struct rijndael_tables_str));
+ if (!rts)
+ return PR_FAILURE;
+ for (i = 0; i < 256; i++) {
+ /* The forward values */
+ si01 = SBOX(i);
+ si02 = XTIME(si01);
+ si03 = si02 ^ si01;
+ rts->T0[i] = WORD4(si02, si01, si01, si03);
+ rts->T1[i] = WORD4(si03, si02, si01, si01);
+ rts->T2[i] = WORD4(si01, si03, si02, si01);
+ rts->T3[i] = WORD4(si01, si01, si03, si02);
+ /* The inverse values */
+ si01 = SINV(i);
+ si02 = XTIME(si01);
+ si04 = XTIME(si02);
+ si08 = XTIME(si04);
+ si03 = si02 ^ si01;
+ si09 = si08 ^ si01;
+ si0B = si08 ^ si03;
+ si0D = si09 ^ si04;
+ si0E = si08 ^ si04 ^ si02;
+ rts->TInv0[i] = WORD4(si0E, si09, si0D, si0B);
+ rts->TInv1[i] = WORD4(si0B, si0E, si09, si0D);
+ rts->TInv2[i] = WORD4(si0D, si0B, si0E, si09);
+ rts->TInv3[i] = WORD4(si09, si0D, si0B, si0E);
+ }
+ /* wait until all the values are in to set */
+ rijndaelTables = rts;
+ return PR_SUCCESS;
+}
+
+#endif /* code to generate tables */
+
+/**************************************************************************
+ *
+ * Stuff related to the Rijndael key schedule
+ *
+ *************************************************************************/
+
+#define SUBBYTE(w) \
+ ((((PRUint32)SBOX((w >> 24) & 0xff)) << 24) | \
+ (((PRUint32)SBOX((w >> 16) & 0xff)) << 16) | \
+ (((PRUint32)SBOX((w >> 8) & 0xff)) << 8) | \
+ (((PRUint32)SBOX((w)&0xff))))
+
+#ifdef IS_LITTLE_ENDIAN
+#define ROTBYTE(b) \
+ ((b >> 8) | (b << 24))
+#else
+#define ROTBYTE(b) \
+ ((b << 8) | (b >> 24))
+#endif
+
+/* rijndael_key_expansion7
+ *
+ * Generate the expanded key from the key input by the user.
+ * XXX
+ * Nk == 7 (224 key bits) is a weird case. Since Nk > 6, an added SubByte
+ * transformation is done periodically. The period is every 4 bytes, and
+ * since 7%4 != 0 this happens at different times for each key word (unlike
+ * Nk == 8 where it happens twice in every key word, in the same positions).
+ * For now, I'm implementing this case "dumbly", w/o any unrolling.
+ */
+static SECStatus
+rijndael_key_expansion7(AESContext *cx, const unsigned char *key, unsigned int Nk)
+{
+ unsigned int i;
+ PRUint32 *W;
+ PRUint32 *pW;
+ PRUint32 tmp;
+ W = cx->expandedKey;
+ /* 1. the first Nk words contain the cipher key */
+ memcpy(W, key, Nk * 4);
+ i = Nk;
+ /* 2. loop until full expanded key is obtained */
+ pW = W + i - 1;
+ for (; i < cx->Nb * (cx->Nr + 1); ++i) {
+ tmp = *pW++;
+ if (i % Nk == 0)
+ tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
+ else if (i % Nk == 4)
+ tmp = SUBBYTE(tmp);
+ *pW = W[i - Nk] ^ tmp;
+ }
+ return SECSuccess;
+}
+
+/* rijndael_key_expansion
+ *
+ * Generate the expanded key from the key input by the user.
+ */
+static SECStatus
+rijndael_key_expansion(AESContext *cx, const unsigned char *key, unsigned int Nk)
+{
+ unsigned int i;
+ PRUint32 *W;
+ PRUint32 *pW;
+ PRUint32 tmp;
+ unsigned int round_key_words = cx->Nb * (cx->Nr + 1);
+ if (Nk == 7)
+ return rijndael_key_expansion7(cx, key, Nk);
+ W = cx->expandedKey;
+ /* The first Nk words contain the input cipher key */
+ memcpy(W, key, Nk * 4);
+ i = Nk;
+ pW = W + i - 1;
+ /* Loop over all sets of Nk words, except the last */
+ while (i < round_key_words - Nk) {
+ tmp = *pW++;
+ tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
+ *pW = W[i++ - Nk] ^ tmp;
+ tmp = *pW++;
+ *pW = W[i++ - Nk] ^ tmp;
+ tmp = *pW++;
+ *pW = W[i++ - Nk] ^ tmp;
+ tmp = *pW++;
+ *pW = W[i++ - Nk] ^ tmp;
+ if (Nk == 4)
+ continue;
+ switch (Nk) {
+ case 8:
+ tmp = *pW++;
+ tmp = SUBBYTE(tmp);
+ *pW = W[i++ - Nk] ^ tmp;
+ case 7:
+ tmp = *pW++;
+ *pW = W[i++ - Nk] ^ tmp;
+ case 6:
+ tmp = *pW++;
+ *pW = W[i++ - Nk] ^ tmp;
+ case 5:
+ tmp = *pW++;
+ *pW = W[i++ - Nk] ^ tmp;
+ }
+ }
+ /* Generate the last word */
+ tmp = *pW++;
+ tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
+ *pW = W[i++ - Nk] ^ tmp;
+ /* There may be overflow here, if Nk % (Nb * (Nr + 1)) > 0. However,
+ * since the above loop generated all but the last Nk key words, there
+ * is no more need for the SubByte transformation.
+ */
+ if (Nk < 8) {
+ for (; i < round_key_words; ++i) {
+ tmp = *pW++;
+ *pW = W[i - Nk] ^ tmp;
+ }
+ } else {
+ /* except in the case when Nk == 8. Then one more SubByte may have
+ * to be performed, at i % Nk == 4.
+ */
+ for (; i < round_key_words; ++i) {
+ tmp = *pW++;
+ if (i % Nk == 4)
+ tmp = SUBBYTE(tmp);
+ *pW = W[i - Nk] ^ tmp;
+ }
+ }
+ return SECSuccess;
+}
+
+/* rijndael_invkey_expansion
+ *
+ * Generate the expanded key for the inverse cipher from the key input by
+ * the user.
+ */
+static SECStatus
+rijndael_invkey_expansion(AESContext *cx, const unsigned char *key, unsigned int Nk)
+{
+ unsigned int r;
+ PRUint32 *roundkeyw;
+ PRUint8 *b;
+ int Nb = cx->Nb;
+ /* begins like usual key expansion ... */
+ if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
+ return SECFailure;
+ /* ... but has the additional step of InvMixColumn,
+ * excepting the first and last round keys.
+ */
+ roundkeyw = cx->expandedKey + cx->Nb;
+ for (r = 1; r < cx->Nr; ++r) {
+ /* each key word, roundkeyw, represents a column in the key
+ * matrix. Each column is multiplied by the InvMixColumn matrix.
+ * [ 0E 0B 0D 09 ] [ b0 ]
+ * [ 09 0E 0B 0D ] * [ b1 ]
+ * [ 0D 09 0E 0B ] [ b2 ]
+ * [ 0B 0D 09 0E ] [ b3 ]
+ */
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
+ if (Nb <= 4)
+ continue;
+ switch (Nb) {
+ case 8:
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
+ IMXC2(b[2]) ^ IMXC3(b[3]);
+ case 7:
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
+ IMXC2(b[2]) ^ IMXC3(b[3]);
+ case 6:
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
+ IMXC2(b[2]) ^ IMXC3(b[3]);
+ case 5:
+ b = (PRUint8 *)roundkeyw;
+ *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
+ IMXC2(b[2]) ^ IMXC3(b[3]);
+ }
+ }
+ return SECSuccess;
+}
+/**************************************************************************
+ *
+ * Stuff related to Rijndael encryption/decryption, optimized for
+ * a 128-bit blocksize.
+ *
+ *************************************************************************/
+
+#ifdef IS_LITTLE_ENDIAN
+#define BYTE0WORD(w) ((w)&0x000000ff)
+#define BYTE1WORD(w) ((w)&0x0000ff00)
+#define BYTE2WORD(w) ((w)&0x00ff0000)
+#define BYTE3WORD(w) ((w)&0xff000000)
+#else
+#define BYTE0WORD(w) ((w)&0xff000000)
+#define BYTE1WORD(w) ((w)&0x00ff0000)
+#define BYTE2WORD(w) ((w)&0x0000ff00)
+#define BYTE3WORD(w) ((w)&0x000000ff)
+#endif
+
+typedef union {
+ PRUint32 w[4];
+ PRUint8 b[16];
+} rijndael_state;
+
+#define COLUMN_0(state) state.w[0]
+#define COLUMN_1(state) state.w[1]
+#define COLUMN_2(state) state.w[2]
+#define COLUMN_3(state) state.w[3]
+
+#define STATE_BYTE(i) state.b[i]
+
+static SECStatus NO_SANITIZE_ALIGNMENT
+rijndael_encryptBlock128(AESContext *cx,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ unsigned int r;
+ PRUint32 *roundkeyw;
+ rijndael_state state;
+ PRUint32 C0, C1, C2, C3;
+#if defined(NSS_X86_OR_X64)
+#define pIn input
+#define pOut output
+#else
+ unsigned char *pIn, *pOut;
+ PRUint32 inBuf[4], outBuf[4];
+
+ if ((ptrdiff_t)input & 0x3) {
+ memcpy(inBuf, input, sizeof inBuf);
+ pIn = (unsigned char *)inBuf;
+ } else {
+ pIn = (unsigned char *)input;
+ }
+ if ((ptrdiff_t)output & 0x3) {
+ pOut = (unsigned char *)outBuf;
+ } else {
+ pOut = (unsigned char *)output;
+ }
+#endif
+ roundkeyw = cx->expandedKey;
+ /* Step 1: Add Round Key 0 to initial state */
+ COLUMN_0(state) = *((PRUint32 *)(pIn)) ^ *roundkeyw++;
+ COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw++;
+ COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw++;
+ COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw++;
+ /* Step 2: Loop over rounds [1..NR-1] */
+ for (r = 1; r < cx->Nr; ++r) {
+ /* Do ShiftRow, ByteSub, and MixColumn all at once */
+ C0 = T0(STATE_BYTE(0)) ^
+ T1(STATE_BYTE(5)) ^
+ T2(STATE_BYTE(10)) ^
+ T3(STATE_BYTE(15));
+ C1 = T0(STATE_BYTE(4)) ^
+ T1(STATE_BYTE(9)) ^
+ T2(STATE_BYTE(14)) ^
+ T3(STATE_BYTE(3));
+ C2 = T0(STATE_BYTE(8)) ^
+ T1(STATE_BYTE(13)) ^
+ T2(STATE_BYTE(2)) ^
+ T3(STATE_BYTE(7));
+ C3 = T0(STATE_BYTE(12)) ^
+ T1(STATE_BYTE(1)) ^
+ T2(STATE_BYTE(6)) ^
+ T3(STATE_BYTE(11));
+ /* Round key addition */
+ COLUMN_0(state) = C0 ^ *roundkeyw++;
+ COLUMN_1(state) = C1 ^ *roundkeyw++;
+ COLUMN_2(state) = C2 ^ *roundkeyw++;
+ COLUMN_3(state) = C3 ^ *roundkeyw++;
+ }
+ /* Step 3: Do the last round */
+ /* Final round does not employ MixColumn */
+ C0 = ((BYTE0WORD(T2(STATE_BYTE(0)))) |
+ (BYTE1WORD(T3(STATE_BYTE(5)))) |
+ (BYTE2WORD(T0(STATE_BYTE(10)))) |
+ (BYTE3WORD(T1(STATE_BYTE(15))))) ^
+ *roundkeyw++;
+ C1 = ((BYTE0WORD(T2(STATE_BYTE(4)))) |
+ (BYTE1WORD(T3(STATE_BYTE(9)))) |
+ (BYTE2WORD(T0(STATE_BYTE(14)))) |
+ (BYTE3WORD(T1(STATE_BYTE(3))))) ^
+ *roundkeyw++;
+ C2 = ((BYTE0WORD(T2(STATE_BYTE(8)))) |
+ (BYTE1WORD(T3(STATE_BYTE(13)))) |
+ (BYTE2WORD(T0(STATE_BYTE(2)))) |
+ (BYTE3WORD(T1(STATE_BYTE(7))))) ^
+ *roundkeyw++;
+ C3 = ((BYTE0WORD(T2(STATE_BYTE(12)))) |
+ (BYTE1WORD(T3(STATE_BYTE(1)))) |
+ (BYTE2WORD(T0(STATE_BYTE(6)))) |
+ (BYTE3WORD(T1(STATE_BYTE(11))))) ^
+ *roundkeyw++;
+ *((PRUint32 *)pOut) = C0;
+ *((PRUint32 *)(pOut + 4)) = C1;
+ *((PRUint32 *)(pOut + 8)) = C2;
+ *((PRUint32 *)(pOut + 12)) = C3;
+#if defined(NSS_X86_OR_X64)
+#undef pIn
+#undef pOut
+#else
+ if ((ptrdiff_t)output & 0x3) {
+ memcpy(output, outBuf, sizeof outBuf);
+ }
+#endif
+ return SECSuccess;
+}
+
+static SECStatus NO_SANITIZE_ALIGNMENT
+rijndael_decryptBlock128(AESContext *cx,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ int r;
+ PRUint32 *roundkeyw;
+ rijndael_state state;
+ PRUint32 C0, C1, C2, C3;
+#if defined(NSS_X86_OR_X64)
+#define pIn input
+#define pOut output
+#else
+ unsigned char *pIn, *pOut;
+ PRUint32 inBuf[4], outBuf[4];
+
+ if ((ptrdiff_t)input & 0x3) {
+ memcpy(inBuf, input, sizeof inBuf);
+ pIn = (unsigned char *)inBuf;
+ } else {
+ pIn = (unsigned char *)input;
+ }
+ if ((ptrdiff_t)output & 0x3) {
+ pOut = (unsigned char *)outBuf;
+ } else {
+ pOut = (unsigned char *)output;
+ }
+#endif
+ roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
+ /* reverse the final key addition */
+ COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw--;
+ COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw--;
+ COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw--;
+ COLUMN_0(state) = *((PRUint32 *)(pIn)) ^ *roundkeyw--;
+ /* Loop over rounds in reverse [NR..1] */
+ for (r = cx->Nr; r > 1; --r) {
+ /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
+ C0 = TInv0(STATE_BYTE(0)) ^
+ TInv1(STATE_BYTE(13)) ^
+ TInv2(STATE_BYTE(10)) ^
+ TInv3(STATE_BYTE(7));
+ C1 = TInv0(STATE_BYTE(4)) ^
+ TInv1(STATE_BYTE(1)) ^
+ TInv2(STATE_BYTE(14)) ^
+ TInv3(STATE_BYTE(11));
+ C2 = TInv0(STATE_BYTE(8)) ^
+ TInv1(STATE_BYTE(5)) ^
+ TInv2(STATE_BYTE(2)) ^
+ TInv3(STATE_BYTE(15));
+ C3 = TInv0(STATE_BYTE(12)) ^
+ TInv1(STATE_BYTE(9)) ^
+ TInv2(STATE_BYTE(6)) ^
+ TInv3(STATE_BYTE(3));
+ /* Invert the key addition step */
+ COLUMN_3(state) = C3 ^ *roundkeyw--;
+ COLUMN_2(state) = C2 ^ *roundkeyw--;
+ COLUMN_1(state) = C1 ^ *roundkeyw--;
+ COLUMN_0(state) = C0 ^ *roundkeyw--;
+ }
+ /* inverse sub */
+ pOut[0] = SINV(STATE_BYTE(0));
+ pOut[1] = SINV(STATE_BYTE(13));
+ pOut[2] = SINV(STATE_BYTE(10));
+ pOut[3] = SINV(STATE_BYTE(7));
+ pOut[4] = SINV(STATE_BYTE(4));
+ pOut[5] = SINV(STATE_BYTE(1));
+ pOut[6] = SINV(STATE_BYTE(14));
+ pOut[7] = SINV(STATE_BYTE(11));
+ pOut[8] = SINV(STATE_BYTE(8));
+ pOut[9] = SINV(STATE_BYTE(5));
+ pOut[10] = SINV(STATE_BYTE(2));
+ pOut[11] = SINV(STATE_BYTE(15));
+ pOut[12] = SINV(STATE_BYTE(12));
+ pOut[13] = SINV(STATE_BYTE(9));
+ pOut[14] = SINV(STATE_BYTE(6));
+ pOut[15] = SINV(STATE_BYTE(3));
+ /* final key addition */
+ *((PRUint32 *)(pOut + 12)) ^= *roundkeyw--;
+ *((PRUint32 *)(pOut + 8)) ^= *roundkeyw--;
+ *((PRUint32 *)(pOut + 4)) ^= *roundkeyw--;
+ *((PRUint32 *)pOut) ^= *roundkeyw--;
+#if defined(NSS_X86_OR_X64)
+#undef pIn
+#undef pOut
+#else
+ if ((ptrdiff_t)output & 0x3) {
+ memcpy(output, outBuf, sizeof outBuf);
+ }
+#endif
+ return SECSuccess;
+}
+
+/**************************************************************************
+ *
+ * Stuff related to general Rijndael encryption/decryption, for blocksizes
+ * greater than 128 bits.
+ *
+ * XXX This code is currently untested! So far, AES specs have only been
+ * released for 128 bit blocksizes. This will be tested, but for now
+ * only the code above has been tested using known values.
+ *
+ *************************************************************************/
+
+#define COLUMN(array, j) *((PRUint32 *)(array + j))
+
+SECStatus
+rijndael_encryptBlock(AESContext *cx,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ return SECFailure;
+#ifdef rijndael_large_blocks_fixed
+ unsigned int j, r, Nb;
+ unsigned int c2 = 0, c3 = 0;
+ PRUint32 *roundkeyw;
+ PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
+ Nb = cx->Nb;
+ roundkeyw = cx->expandedKey;
+ /* Step 1: Add Round Key 0 to initial state */
+ for (j = 0; j < 4 * Nb; j += 4) {
+ COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw++;
+ }
+ /* Step 2: Loop over rounds [1..NR-1] */
+ for (r = 1; r < cx->Nr; ++r) {
+ for (j = 0; j < Nb; ++j) {
+ COLUMN(output, j) = T0(STATE_BYTE(4 * j)) ^
+ T1(STATE_BYTE(4 * ((j + 1) % Nb) + 1)) ^
+ T2(STATE_BYTE(4 * ((j + c2) % Nb) + 2)) ^
+ T3(STATE_BYTE(4 * ((j + c3) % Nb) + 3));
+ }
+ for (j = 0; j < 4 * Nb; j += 4) {
+ COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw++;
+ }
+ }
+ /* Step 3: Do the last round */
+ /* Final round does not employ MixColumn */
+ for (j = 0; j < Nb; ++j) {
+ COLUMN(output, j) = ((BYTE0WORD(T2(STATE_BYTE(4 * j)))) |
+ (BYTE1WORD(T3(STATE_BYTE(4 * (j + 1) % Nb) + 1))) |
+ (BYTE2WORD(T0(STATE_BYTE(4 * (j + c2) % Nb) + 2))) |
+ (BYTE3WORD(T1(STATE_BYTE(4 * (j + c3) % Nb) + 3)))) ^
+ *roundkeyw++;
+ }
+ return SECSuccess;
+#endif
+}
+
+SECStatus
+rijndael_decryptBlock(AESContext *cx,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ return SECFailure;
+#ifdef rijndael_large_blocks_fixed
+ int j, r, Nb;
+ int c2 = 0, c3 = 0;
+ PRUint32 *roundkeyw;
+ PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
+ Nb = cx->Nb;
+ roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
+ /* reverse key addition */
+ for (j = 4 * Nb; j >= 0; j -= 4) {
+ COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw--;
+ }
+ /* Loop over rounds in reverse [NR..1] */
+ for (r = cx->Nr; r > 1; --r) {
+ /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
+ for (j = 0; j < Nb; ++j) {
+ COLUMN(output, 4 * j) = TInv0(STATE_BYTE(4 * j)) ^
+ TInv1(STATE_BYTE(4 * (j + Nb - 1) % Nb) + 1) ^
+ TInv2(STATE_BYTE(4 * (j + Nb - c2) % Nb) + 2) ^
+ TInv3(STATE_BYTE(4 * (j + Nb - c3) % Nb) + 3);
+ }
+ /* Invert the key addition step */
+ for (j = 4 * Nb; j >= 0; j -= 4) {
+ COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw--;
+ }
+ }
+ /* inverse sub */
+ for (j = 0; j < 4 * Nb; ++j) {
+ output[j] = SINV(clone[j]);
+ }
+ /* final key addition */
+ for (j = 4 * Nb; j >= 0; j -= 4) {
+ COLUMN(output, j) ^= *roundkeyw--;
+ }
+ return SECSuccess;
+#endif
+}
+
+/**************************************************************************
+ *
+ * Rijndael modes of operation (ECB and CBC)
+ *
+ *************************************************************************/
+
+static SECStatus
+rijndael_encryptECB(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ unsigned int blocksize)
+{
+ SECStatus rv;
+ AESBlockFunc *encryptor;
+
+ encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
+ ? &rijndael_encryptBlock128
+ : &rijndael_encryptBlock;
+ while (inputLen > 0) {
+ rv = (*encryptor)(cx, output, input);
+ if (rv != SECSuccess)
+ return rv;
+ output += blocksize;
+ input += blocksize;
+ inputLen -= blocksize;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+rijndael_encryptCBC(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ unsigned int blocksize)
+{
+ unsigned int j;
+ SECStatus rv;
+ AESBlockFunc *encryptor;
+ unsigned char *lastblock;
+ unsigned char inblock[RIJNDAEL_MAX_STATE_SIZE * 8];
+
+ if (!inputLen)
+ return SECSuccess;
+ lastblock = cx->iv;
+ encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
+ ? &rijndael_encryptBlock128
+ : &rijndael_encryptBlock;
+ while (inputLen > 0) {
+ /* XOR with the last block (IV if first block) */
+ for (j = 0; j < blocksize; ++j)
+ inblock[j] = input[j] ^ lastblock[j];
+ /* encrypt */
+ rv = (*encryptor)(cx, output, inblock);
+ if (rv != SECSuccess)
+ return rv;
+ /* move to the next block */
+ lastblock = output;
+ output += blocksize;
+ input += blocksize;
+ inputLen -= blocksize;
+ }
+ memcpy(cx->iv, lastblock, blocksize);
+ return SECSuccess;
+}
+
+static SECStatus
+rijndael_decryptECB(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ unsigned int blocksize)
+{
+ SECStatus rv;
+ AESBlockFunc *decryptor;
+
+ decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
+ ? &rijndael_decryptBlock128
+ : &rijndael_decryptBlock;
+ while (inputLen > 0) {
+ rv = (*decryptor)(cx, output, input);
+ if (rv != SECSuccess)
+ return rv;
+ output += blocksize;
+ input += blocksize;
+ inputLen -= blocksize;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+rijndael_decryptCBC(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen,
+ unsigned int blocksize)
+{
+ SECStatus rv;
+ AESBlockFunc *decryptor;
+ const unsigned char *in;
+ unsigned char *out;
+ unsigned int j;
+ unsigned char newIV[RIJNDAEL_MAX_BLOCKSIZE];
+
+ if (!inputLen)
+ return SECSuccess;
+ PORT_Assert(output - input >= 0 || input - output >= (int)inputLen);
+ decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
+ ? &rijndael_decryptBlock128
+ : &rijndael_decryptBlock;
+ in = input + (inputLen - blocksize);
+ memcpy(newIV, in, blocksize);
+ out = output + (inputLen - blocksize);
+ while (inputLen > blocksize) {
+ rv = (*decryptor)(cx, out, in);
+ if (rv != SECSuccess)
+ return rv;
+ for (j = 0; j < blocksize; ++j)
+ out[j] ^= in[(int)(j - blocksize)];
+ out -= blocksize;
+ in -= blocksize;
+ inputLen -= blocksize;
+ }
+ if (in == input) {
+ rv = (*decryptor)(cx, out, in);
+ if (rv != SECSuccess)
+ return rv;
+ for (j = 0; j < blocksize; ++j)
+ out[j] ^= cx->iv[j];
+ }
+ memcpy(cx->iv, newIV, blocksize);
+ return SECSuccess;
+}
+
+/************************************************************************
+ *
+ * BLAPI Interface functions
+ *
+ * The following functions implement the encryption routines defined in
+ * BLAPI for the AES cipher, Rijndael.
+ *
+ ***********************************************************************/
+
+AESContext *
+AES_AllocateContext(void)
+{
+ return PORT_ZNew(AESContext);
+}
+
+#ifdef INTEL_GCM
+/*
+ * Adapted from the example code in "How to detect New Instruction support in
+ * the 4th generation Intel Core processor family" by Max Locktyukhin.
+ *
+ * XGETBV:
+ * Reads an extended control register (XCR) specified by ECX into EDX:EAX.
+ */
+static PRBool
+check_xcr0_ymm()
+{
+ PRUint32 xcr0;
+#if defined(_MSC_VER)
+#if defined(_M_IX86)
+ __asm {
+ mov ecx, 0
+ xgetbv
+ mov xcr0, eax
+ }
+#else
+ xcr0 = (PRUint32)_xgetbv(0); /* Requires VS2010 SP1 or later. */
+#endif
+#else
+ __asm__("xgetbv"
+ : "=a"(xcr0)
+ : "c"(0)
+ : "%edx");
+#endif
+ /* Check if xmm and ymm state are enabled in XCR0. */
+ return (xcr0 & 6) == 6;
+}
+#endif
+
+/*
+** Initialize a new AES context suitable for AES encryption/decryption in
+** the ECB or CBC mode.
+** "mode" the mode of operation, which must be NSS_AES or NSS_AES_CBC
+*/
+static SECStatus
+aes_InitContext(AESContext *cx, const unsigned char *key, unsigned int keysize,
+ const unsigned char *iv, int mode, unsigned int encrypt,
+ unsigned int blocksize)
+{
+ unsigned int Nk;
+ /* According to Rijndael AES Proposal, section 12.1, block and key
+ * lengths between 128 and 256 bits are supported, as long as the
+ * length in bytes is divisible by 4.
+ */
+ if (key == NULL ||
+ keysize < RIJNDAEL_MIN_BLOCKSIZE ||
+ keysize > RIJNDAEL_MAX_BLOCKSIZE ||
+ keysize % 4 != 0 ||
+ blocksize < RIJNDAEL_MIN_BLOCKSIZE ||
+ blocksize > RIJNDAEL_MAX_BLOCKSIZE ||
+ blocksize % 4 != 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (mode != NSS_AES && mode != NSS_AES_CBC) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (mode == NSS_AES_CBC && iv == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+#ifdef USE_HW_AES
+ if (has_intel_aes == 0) {
+ unsigned long eax, ebx, ecx, edx;
+ char *disable_hw_aes = PR_GetEnvSecure("NSS_DISABLE_HW_AES");
+
+ if (disable_hw_aes == NULL) {
+ freebl_cpuid(1, &eax, &ebx, &ecx, &edx);
+ has_intel_aes = (ecx & (1 << 25)) != 0 ? 1 : -1;
+#ifdef INTEL_GCM
+ has_intel_clmul = (ecx & (1 << 1)) != 0 ? 1 : -1;
+ if ((ecx & (1 << 27)) != 0 && (ecx & (1 << 28)) != 0 &&
+ check_xcr0_ymm()) {
+ has_intel_avx = 1;
+ } else {
+ has_intel_avx = -1;
+ }
+#endif
+ } else {
+ has_intel_aes = -1;
+#ifdef INTEL_GCM
+ has_intel_avx = -1;
+ has_intel_clmul = -1;
+#endif
+ }
+ }
+ use_hw_aes = (PRBool)(has_intel_aes > 0 && (keysize % 8) == 0 && blocksize == 16);
+#ifdef INTEL_GCM
+ use_hw_gcm = (PRBool)(use_hw_aes && has_intel_avx > 0 && has_intel_clmul > 0);
+#endif
+#endif /* USE_HW_AES */
+ /* Nb = (block size in bits) / 32 */
+ cx->Nb = blocksize / 4;
+ /* Nk = (key size in bits) / 32 */
+ Nk = keysize / 4;
+ /* Obtain number of rounds from "table" */
+ cx->Nr = RIJNDAEL_NUM_ROUNDS(Nk, cx->Nb);
+ /* copy in the iv, if neccessary */
+ if (mode == NSS_AES_CBC) {
+ memcpy(cx->iv, iv, blocksize);
+#ifdef USE_HW_AES
+ if (use_hw_aes) {
+ cx->worker = (freeblCipherFunc)
+ intel_aes_cbc_worker(encrypt, keysize);
+ } else
+#endif
+ {
+ cx->worker = (freeblCipherFunc)(encrypt
+ ? &rijndael_encryptCBC
+ : &rijndael_decryptCBC);
+ }
+ } else {
+#ifdef USE_HW_AES
+ if (use_hw_aes) {
+ cx->worker = (freeblCipherFunc)
+ intel_aes_ecb_worker(encrypt, keysize);
+ } else
+#endif
+ {
+ cx->worker = (freeblCipherFunc)(encrypt
+ ? &rijndael_encryptECB
+ : &rijndael_decryptECB);
+ }
+ }
+ PORT_Assert((cx->Nb * (cx->Nr + 1)) <= RIJNDAEL_MAX_EXP_KEY_SIZE);
+ if ((cx->Nb * (cx->Nr + 1)) > RIJNDAEL_MAX_EXP_KEY_SIZE) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ goto cleanup;
+ }
+#ifdef USE_HW_AES
+ if (use_hw_aes) {
+ intel_aes_init(encrypt, keysize);
+ } else
+#endif
+ {
+
+#if defined(RIJNDAEL_GENERATE_TABLES) || \
+ defined(RIJNDAEL_GENERATE_TABLES_MACRO)
+ if (rijndaelTables == NULL) {
+ if (PR_CallOnce(&coRTInit, init_rijndael_tables) != PR_SUCCESS) {
+ return SecFailure;
+ }
+ }
+#endif
+ /* Generate expanded key */
+ if (encrypt) {
+ if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
+ goto cleanup;
+ } else {
+ if (rijndael_invkey_expansion(cx, key, Nk) != SECSuccess)
+ goto cleanup;
+ }
+ }
+ cx->worker_cx = cx;
+ cx->destroy = NULL;
+ cx->isBlock = PR_TRUE;
+ return SECSuccess;
+cleanup:
+ return SECFailure;
+}
+
+SECStatus
+AES_InitContext(AESContext *cx, const unsigned char *key, unsigned int keysize,
+ const unsigned char *iv, int mode, unsigned int encrypt,
+ unsigned int blocksize)
+{
+ int basemode = mode;
+ PRBool baseencrypt = encrypt;
+ SECStatus rv;
+
+ switch (mode) {
+ case NSS_AES_CTS:
+ basemode = NSS_AES_CBC;
+ break;
+ case NSS_AES_GCM:
+ case NSS_AES_CTR:
+ basemode = NSS_AES;
+ baseencrypt = PR_TRUE;
+ break;
+ }
+ /* make sure enough is initializes so we can safely call Destroy */
+ cx->worker_cx = NULL;
+ cx->destroy = NULL;
+ rv = aes_InitContext(cx, key, keysize, iv, basemode,
+ baseencrypt, blocksize);
+ if (rv != SECSuccess) {
+ AES_DestroyContext(cx, PR_FALSE);
+ return rv;
+ }
+ cx->mode = mode;
+
+ /* finally, set up any mode specific contexts */
+ switch (mode) {
+ case NSS_AES_CTS:
+ cx->worker_cx = CTS_CreateContext(cx, cx->worker, iv, blocksize);
+ cx->worker = (freeblCipherFunc)(encrypt ? CTS_EncryptUpdate : CTS_DecryptUpdate);
+ cx->destroy = (freeblDestroyFunc)CTS_DestroyContext;
+ cx->isBlock = PR_FALSE;
+ break;
+ case NSS_AES_GCM:
+#ifdef INTEL_GCM
+ if (use_hw_gcm) {
+ cx->worker_cx = intel_AES_GCM_CreateContext(cx, cx->worker, iv, blocksize);
+ cx->worker = (freeblCipherFunc)(encrypt ? intel_AES_GCM_EncryptUpdate : intel_AES_GCM_DecryptUpdate);
+ cx->destroy = (freeblDestroyFunc)intel_AES_GCM_DestroyContext;
+ cx->isBlock = PR_FALSE;
+ } else
+#endif
+ {
+ cx->worker_cx = GCM_CreateContext(cx, cx->worker, iv, blocksize);
+ cx->worker = (freeblCipherFunc)(encrypt ? GCM_EncryptUpdate : GCM_DecryptUpdate);
+ cx->destroy = (freeblDestroyFunc)GCM_DestroyContext;
+ cx->isBlock = PR_FALSE;
+ }
+ break;
+ case NSS_AES_CTR:
+ cx->worker_cx = CTR_CreateContext(cx, cx->worker, iv, blocksize);
+#if defined(USE_HW_AES) && defined(_MSC_VER)
+ if (use_hw_aes) {
+ cx->worker = (freeblCipherFunc)CTR_Update_HW_AES;
+ } else
+#endif
+ {
+ cx->worker = (freeblCipherFunc)CTR_Update;
+ }
+ cx->destroy = (freeblDestroyFunc)CTR_DestroyContext;
+ cx->isBlock = PR_FALSE;
+ break;
+ default:
+ /* everything has already been set up by aes_InitContext, just
+ * return */
+ return SECSuccess;
+ }
+ /* check to see if we succeeded in getting the worker context */
+ if (cx->worker_cx == NULL) {
+ /* no, just destroy the existing context */
+ cx->destroy = NULL; /* paranoia, though you can see a dozen lines */
+ /* below that this isn't necessary */
+ AES_DestroyContext(cx, PR_FALSE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* AES_CreateContext
+ *
+ * create a new context for Rijndael operations
+ */
+AESContext *
+AES_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, int encrypt,
+ unsigned int keysize, unsigned int blocksize)
+{
+ AESContext *cx = AES_AllocateContext();
+ if (cx) {
+ SECStatus rv = AES_InitContext(cx, key, keysize, iv, mode, encrypt,
+ blocksize);
+ if (rv != SECSuccess) {
+ AES_DestroyContext(cx, PR_TRUE);
+ cx = NULL;
+ }
+ }
+ return cx;
+}
+
+/*
+ * AES_DestroyContext
+ *
+ * Zero an AES cipher context. If freeit is true, also free the pointer
+ * to the context.
+ */
+void
+AES_DestroyContext(AESContext *cx, PRBool freeit)
+{
+ if (cx->worker_cx && cx->destroy) {
+ (*cx->destroy)(cx->worker_cx, PR_TRUE);
+ cx->worker_cx = NULL;
+ cx->destroy = NULL;
+ }
+ if (freeit)
+ PORT_Free(cx);
+}
+
+/*
+ * AES_Encrypt
+ *
+ * Encrypt an arbitrary-length buffer. The output buffer must already be
+ * allocated to at least inputLen.
+ */
+SECStatus
+AES_Encrypt(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ int blocksize;
+ /* Check args */
+ if (cx == NULL || output == NULL || (input == NULL && inputLen != 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ blocksize = 4 * cx->Nb;
+ if (cx->isBlock && (inputLen % blocksize != 0)) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outputLen = inputLen;
+#if UINT_MAX > MP_32BIT_MAX
+ /*
+ * we can guarentee that GSM won't overlfow if we limit the input to
+ * 2^36 bytes. For simplicity, we are limiting it to 2^32 for now.
+ *
+ * We do it here to cover both hardware and software GCM operations.
+ */
+ {
+ PR_STATIC_ASSERT(sizeof(unsigned int) > 4);
+ }
+ if ((cx->mode == NSS_AES_GCM) && (inputLen > MP_32BIT_MAX)) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+#else
+ /* if we can't pass in a 32_bit number, then no such check needed */
+ {
+ PR_STATIC_ASSERT(sizeof(unsigned int) <= 4);
+ }
+#endif
+
+ return (*cx->worker)(cx->worker_cx, output, outputLen, maxOutputLen,
+ input, inputLen, blocksize);
+}
+
+/*
+ * AES_Decrypt
+ *
+ * Decrypt and arbitrary-length buffer. The output buffer must already be
+ * allocated to at least inputLen.
+ */
+SECStatus
+AES_Decrypt(AESContext *cx, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ int blocksize;
+ /* Check args */
+ if (cx == NULL || output == NULL || (input == NULL && inputLen != 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ blocksize = 4 * cx->Nb;
+ if (cx->isBlock && (inputLen % blocksize != 0)) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ if (maxOutputLen < inputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outputLen = inputLen;
+ return (*cx->worker)(cx->worker_cx, output, outputLen, maxOutputLen,
+ input, inputLen, blocksize);
+}
diff --git a/security/nss/lib/freebl/rijndael.h b/security/nss/lib/freebl/rijndael.h
new file mode 100644
index 000000000..0e14ec2fc
--- /dev/null
+++ b/security/nss/lib/freebl/rijndael.h
@@ -0,0 +1,67 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _RIJNDAEL_H_
+#define _RIJNDAEL_H_ 1
+
+#include "blapii.h"
+
+#define RIJNDAEL_MIN_BLOCKSIZE 16 /* bytes */
+#define RIJNDAEL_MAX_BLOCKSIZE 32 /* bytes */
+
+typedef SECStatus AESBlockFunc(AESContext *cx,
+ unsigned char *output,
+ const unsigned char *input);
+
+/* RIJNDAEL_NUM_ROUNDS
+ *
+ * Number of rounds per execution
+ * Nk - number of key bytes
+ * Nb - blocksize (in bytes)
+ */
+#define RIJNDAEL_NUM_ROUNDS(Nk, Nb) \
+ (PR_MAX(Nk, Nb) + 6)
+
+/* RIJNDAEL_MAX_STATE_SIZE
+ *
+ * Maximum number of bytes in the state (spec includes up to 256-bit block
+ * size)
+ */
+#define RIJNDAEL_MAX_STATE_SIZE 32
+
+/*
+ * This magic number is (Nb_max * (Nr_max + 1))
+ * where Nb_max is the maximum block size in 32-bit words,
+ * Nr_max is the maximum number of rounds, which is Nb_max + 6
+ */
+#define RIJNDAEL_MAX_EXP_KEY_SIZE (8 * 15)
+
+/* AESContextStr
+ *
+ * Values which maintain the state for Rijndael encryption/decryption.
+ *
+ * iv - initialization vector for CBC mode
+ * Nb - the number of bytes in a block, specified by user
+ * Nr - the number of rounds, specified by a table
+ * expandedKey - the round keys in 4-byte words, the length is Nr * Nb
+ * worker - the encryption/decryption function to use with worker_cx
+ * destroy - if not NULL, the destroy function to use with worker_cx
+ * worker_cx - the context for worker and destroy
+ * isBlock - is the mode of operation a block cipher or a stream cipher?
+ */
+struct AESContextStr {
+ unsigned int Nb;
+ unsigned int Nr;
+ freeblCipherFunc worker;
+ /* NOTE: The offsets of iv and expandedKey are hardcoded in intel-aes.s.
+ * Don't add new members before them without updating intel-aes.s. */
+ unsigned char iv[RIJNDAEL_MAX_BLOCKSIZE];
+ PRUint32 expandedKey[RIJNDAEL_MAX_EXP_KEY_SIZE];
+ freeblDestroyFunc destroy;
+ void *worker_cx;
+ PRBool isBlock;
+ int mode;
+};
+
+#endif /* _RIJNDAEL_H_ */
diff --git a/security/nss/lib/freebl/rijndael32.tab b/security/nss/lib/freebl/rijndael32.tab
new file mode 100644
index 000000000..59be7c2c0
--- /dev/null
+++ b/security/nss/lib/freebl/rijndael32.tab
@@ -0,0 +1,1219 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef RIJNDAEL_INCLUDE_TABLES
+static const PRUint8 _S[256] =
+{
+ 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
+202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
+183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
+ 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
+ 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
+ 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
+208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
+ 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
+205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
+ 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
+224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
+231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
+186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
+112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
+225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
+140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22
+};
+#endif /* not RIJNDAEL_INCLUDE_TABLES */
+
+static const PRUint8 _SInv[256] =
+{
+ 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
+124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
+ 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
+ 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
+114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
+108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
+144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
+208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
+ 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
+150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
+ 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
+252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
+ 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
+ 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
+160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
+ 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125
+};
+
+#ifdef RIJNDAEL_INCLUDE_TABLES
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _T0[256] =
+{
+0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 0xbd6b6bd6,
+0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56,
+0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, 0x45caca8f, 0x9d82821f,
+0x40c9c989, 0x877d7dfa, 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb,
+0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
+0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
+0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 0x5c343468, 0xf4a5a551,
+0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
+0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637,
+0x0f05050a, 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
+0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 0x9e83831d,
+0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
+0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, 0x7b292952, 0x3ee3e3dd,
+0x712f2f5e, 0x97848413, 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1,
+0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
+0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
+0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 0xc5434386, 0xd74d4d9a,
+0x55333366, 0x94858511, 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe,
+0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d,
+0xc0404080, 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
+0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 0x1affffe5,
+0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
+0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, 0x57c4c493, 0xf2a7a755,
+0x827e7efc, 0x473d3d7a, 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
+0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
+0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
+0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 0x3be0e0db, 0x56323264,
+0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8,
+0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531,
+0x37e4e4d3, 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
+0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 0xfa5656ac,
+0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
+0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, 0x241c1c38, 0xf1a6a657,
+0xc7b4b473, 0x51c6c697, 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
+0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
+0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c,
+0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 0x91868617, 0x58c1c199,
+0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
+0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c,
+0x92878715, 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
+0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 0x31e6e6d7,
+0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
+0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c
+};
+#else
+static const PRUint32 _T0[256] =
+{
+0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
+0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
+0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
+0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
+0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
+0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
+0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
+0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
+0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
+0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
+0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
+0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
+0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
+0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
+0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
+0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
+0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
+0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
+0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
+0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
+0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
+0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _T1[256] =
+{
+0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 0x6b6bd6bd,
+0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d,
+0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a, 0xcaca8f45, 0x82821f9d,
+0xc9c98940, 0x7d7dfa87, 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
+0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7,
+0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
+0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, 0x3434685c, 0xa5a551f4,
+0xe5e5d134, 0xf1f1f908, 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
+0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1,
+0x05050a0f, 0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
+0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, 0x83831d9e,
+0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
+0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce, 0x2929527b, 0xe3e3dd3e,
+0x2f2f5e71, 0x84841397, 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c,
+0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46,
+0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
+0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, 0x434386c5, 0x4d4d9ad7,
+0x33336655, 0x85851194, 0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81,
+0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe,
+0x404080c0, 0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
+0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, 0xffffe51a,
+0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f,
+0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39, 0xc4c49357, 0xa7a755f2,
+0x7e7efc82, 0x3d3d7a47, 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
+0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e,
+0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
+0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, 0xe0e0db3b, 0x32326456,
+0x3a3a744e, 0x0a0a141e, 0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4,
+0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4,
+0xe4e4d337, 0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
+0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, 0x5656acfa,
+0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018,
+0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72, 0x1c1c3824, 0xa6a657f1,
+0xb4b473c7, 0xc6c69751, 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
+0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42,
+0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12,
+0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, 0x86861791, 0xc1c19958,
+0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
+0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22,
+0x87871592, 0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
+0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, 0xe6e6d731,
+0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11,
+0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a
+};
+#else
+static const PRUint32 _T1[256] =
+{
+0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, 0x0dfff2f2, 0xbdd66b6b,
+0xb1de6f6f, 0x5491c5c5, 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
+0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, 0x458fcaca, 0x9d1f8282,
+0x4089c9c9, 0x87fa7d7d, 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
+0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, 0xbf239c9c, 0xf753a4a4,
+0x96e47272, 0x5b9bc0c0, 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
+0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, 0x5c683434, 0xf451a5a5,
+0x34d1e5e5, 0x08f9f1f1, 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
+0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, 0x28301818, 0xa1379696,
+0x0f0a0505, 0xb52f9a9a, 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
+0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, 0x1b120909, 0x9e1d8383,
+0x74582c2c, 0x2e341a1a, 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
+0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, 0x7b522929, 0x3edde3e3,
+0x715e2f2f, 0x97138484, 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
+0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, 0xbed46a6a, 0x468dcbcb,
+0xd967bebe, 0x4b723939, 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
+0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, 0xc5864343, 0xd79a4d4d,
+0x55663333, 0x94118585, 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
+0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, 0xf3a25151, 0xfe5da3a3,
+0xc0804040, 0x8a058f8f, 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
+0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, 0x30201010, 0x1ae5ffff,
+0x0efdf3f3, 0x6dbfd2d2, 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
+0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, 0x5793c4c4, 0xf255a7a7,
+0x82fc7e7e, 0x477a3d3d, 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
+0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, 0x66442222, 0x7e542a2a,
+0xab3b9090, 0x830b8888, 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
+0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, 0x3bdbe0e0, 0x56643232,
+0x4e743a3a, 0x1e140a0a, 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
+0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, 0xa8399191, 0xa4319595,
+0x37d3e4e4, 0x8bf27979, 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
+0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, 0xb4d86c6c, 0xfaac5656,
+0x07f3f4f4, 0x25cfeaea, 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
+0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, 0x24381c1c, 0xf157a6a6,
+0xc773b4b4, 0x5197c6c6, 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
+0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, 0x90e07070, 0x427c3e3e,
+0xc471b5b5, 0xaacc6666, 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
+0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, 0x91178686, 0x5899c1c1,
+0x273a1d1d, 0xb9279e9e, 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
+0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, 0xb62d9b9b, 0x223c1e1e,
+0x92158787, 0x20c9e9e9, 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
+0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, 0xda65bfbf, 0x31d7e6e6,
+0xc6844242, 0xb8d06868, 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
+0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _T2[256] =
+{
+0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 0x6bd6bd6b,
+0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b,
+0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76, 0xca8f45ca, 0x821f9d82,
+0xc98940c9, 0x7dfa877d, 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
+0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4,
+0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
+0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, 0x34685c34, 0xa551f4a5,
+0xe5d134e5, 0xf1f908f1, 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
+0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196,
+0x050a0f05, 0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
+0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, 0x831d9e83,
+0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
+0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3, 0x29527b29, 0xe3dd3ee3,
+0x2f5e712f, 0x84139784, 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced,
+0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb,
+0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
+0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, 0x4386c543, 0x4d9ad74d,
+0x33665533, 0x85119485, 0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f,
+0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3,
+0x4080c040, 0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
+0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, 0xffe51aff,
+0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec,
+0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917, 0xc49357c4, 0xa755f2a7,
+0x7efc827e, 0x3d7a473d, 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
+0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a,
+0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
+0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, 0xe0db3be0, 0x32645632,
+0x3a744e3a, 0x0a141e0a, 0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c,
+0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495,
+0xe4d337e4, 0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
+0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, 0x56acfa56,
+0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808,
+0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e, 0x1c38241c, 0xa657f1a6,
+0xb473c7b4, 0xc69751c6, 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
+0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e,
+0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e,
+0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, 0x86179186, 0xc19958c1,
+0x1d3a271d, 0x9e27b99e, 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
+0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e,
+0x87159287, 0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
+0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, 0xe6d731e6,
+0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f,
+0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16
+};
+#else
+static const PRUint32 _T2[256] =
+{
+0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, 0xf20dfff2, 0x6bbdd66b,
+0x6fb1de6f, 0xc55491c5, 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b,
+0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, 0xca458fca, 0x829d1f82,
+0xc94089c9, 0x7d87fa7d, 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0,
+0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, 0x9cbf239c, 0xa4f753a4,
+0x7296e472, 0xc05b9bc0, 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26,
+0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, 0x345c6834, 0xa5f451a5,
+0xe534d1e5, 0xf108f9f1, 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15,
+0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, 0x18283018, 0x96a13796,
+0x050f0a05, 0x9ab52f9a, 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2,
+0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, 0x091b1209, 0x839e1d83,
+0x2c74582c, 0x1a2e341a, 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0,
+0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, 0x297b5229, 0xe33edde3,
+0x2f715e2f, 0x84971384, 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed,
+0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, 0x6abed46a, 0xcb468dcb,
+0xbed967be, 0x394b7239, 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf,
+0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, 0x43c58643, 0x4dd79a4d,
+0x33556633, 0x85941185, 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f,
+0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, 0x51f3a251, 0xa3fe5da3,
+0x40c08040, 0x8f8a058f, 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5,
+0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, 0x10302010, 0xff1ae5ff,
+0xf30efdf3, 0xd26dbfd2, 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec,
+0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, 0xc45793c4, 0xa7f255a7,
+0x7e82fc7e, 0x3d477a3d, 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673,
+0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, 0x22664422, 0x2a7e542a,
+0x90ab3b90, 0x88830b88, 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814,
+0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, 0xe03bdbe0, 0x32566432,
+0x3a4e743a, 0x0a1e140a, 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c,
+0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, 0x91a83991, 0x95a43195,
+0xe437d3e4, 0x798bf279, 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d,
+0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, 0x6cb4d86c, 0x56faac56,
+0xf407f3f4, 0xea25cfea, 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008,
+0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, 0x1c24381c, 0xa6f157a6,
+0xb4c773b4, 0xc65197c6, 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f,
+0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, 0x7090e070, 0x3e427c3e,
+0xb5c471b5, 0x66aacc66, 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e,
+0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, 0x86911786, 0xc15899c1,
+0x1d273a1d, 0x9eb9279e, 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211,
+0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, 0x9bb62d9b, 0x1e223c1e,
+0x87921587, 0xe920c9e9, 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df,
+0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, 0xbfda65bf, 0xe631d7e6,
+0x42c68442, 0x68b8d068, 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f,
+0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _T3[256] =
+{
+0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 0xd6bd6b6b,
+0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b,
+0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676, 0x8f45caca, 0x1f9d8282,
+0x8940c9c9, 0xfa877d7d, 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
+0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4,
+0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
+0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, 0x685c3434, 0x51f4a5a5,
+0xd134e5e5, 0xf908f1f1, 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
+0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696,
+0x0a0f0505, 0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
+0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, 0x1d9e8383,
+0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
+0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3, 0x527b2929, 0xdd3ee3e3,
+0x5e712f2f, 0x13978484, 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded,
+0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb,
+0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
+0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, 0x86c54343, 0x9ad74d4d,
+0x66553333, 0x11948585, 0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f,
+0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3,
+0x80c04040, 0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
+0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, 0xe51affff,
+0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
+0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717, 0x9357c4c4, 0x55f2a7a7,
+0xfc827e7e, 0x7a473d3d, 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
+0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a,
+0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
+0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, 0xdb3be0e0, 0x64563232,
+0x744e3a3a, 0x141e0a0a, 0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c,
+0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595,
+0xd337e4e4, 0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
+0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, 0xacfa5656,
+0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
+0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e, 0x38241c1c, 0x57f1a6a6,
+0x73c7b4b4, 0x9751c6c6, 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
+0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e,
+0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e,
+0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, 0x17918686, 0x9958c1c1,
+0x3a271d1d, 0x27b99e9e, 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
+0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e,
+0x15928787, 0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
+0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, 0xd731e6e6,
+0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
+0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616
+};
+#else
+static const PRUint32 _T3[256] =
+{
+0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, 0xf2f20dff, 0x6b6bbdd6,
+0x6f6fb1de, 0xc5c55491, 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56,
+0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, 0xcaca458f, 0x82829d1f,
+0xc9c94089, 0x7d7d87fa, 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb,
+0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, 0x9c9cbf23, 0xa4a4f753,
+0x727296e4, 0xc0c05b9b, 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c,
+0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, 0x34345c68, 0xa5a5f451,
+0xe5e534d1, 0xf1f108f9, 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a,
+0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, 0x18182830, 0x9696a137,
+0x05050f0a, 0x9a9ab52f, 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf,
+0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, 0x09091b12, 0x83839e1d,
+0x2c2c7458, 0x1a1a2e34, 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b,
+0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, 0x29297b52, 0xe3e33edd,
+0x2f2f715e, 0x84849713, 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1,
+0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, 0x6a6abed4, 0xcbcb468d,
+0xbebed967, 0x39394b72, 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85,
+0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, 0x4343c586, 0x4d4dd79a,
+0x33335566, 0x85859411, 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe,
+0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, 0x5151f3a2, 0xa3a3fe5d,
+0x4040c080, 0x8f8f8a05, 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1,
+0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, 0x10103020, 0xffff1ae5,
+0xf3f30efd, 0xd2d26dbf, 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3,
+0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, 0xc4c45793, 0xa7a7f255,
+0x7e7e82fc, 0x3d3d477a, 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6,
+0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, 0x22226644, 0x2a2a7e54,
+0x9090ab3b, 0x8888830b, 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28,
+0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, 0xe0e03bdb, 0x32325664,
+0x3a3a4e74, 0x0a0a1e14, 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8,
+0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, 0x9191a839, 0x9595a431,
+0xe4e437d3, 0x79798bf2, 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da,
+0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, 0x6c6cb4d8, 0x5656faac,
+0xf4f407f3, 0xeaea25cf, 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810,
+0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, 0x1c1c2438, 0xa6a6f157,
+0xb4b4c773, 0xc6c65197, 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e,
+0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, 0x707090e0, 0x3e3e427c,
+0xb5b5c471, 0x6666aacc, 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c,
+0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, 0x86869117, 0xc1c15899,
+0x1d1d273a, 0x9e9eb927, 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322,
+0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, 0x9b9bb62d, 0x1e1e223c,
+0x87879215, 0xe9e920c9, 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5,
+0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, 0xbfbfda65, 0xe6e631d7,
+0x4242c684, 0x6868b8d0, 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e,
+0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _TInv0[256] =
+{
+0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f,
+0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
+0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, 0x495ab1de, 0x671bba25,
+0x980eea45, 0xe1c0fe5d, 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
+0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
+0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
+0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 0x184adf63, 0x82311ae5,
+0x60335197, 0x457f5362, 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
+0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72,
+0x578f1fe3, 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
+0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 0x92b479a7,
+0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
+0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, 0x39ec830b, 0xaaef6040,
+0x069f715e, 0x51106ebd, 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
+0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
+0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
+0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 0x83868009, 0x48ed2b32,
+0xac70111e, 0x4e725a6c, 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
+0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793,
+0xd296eeb4, 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
+0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 0xadc78bf2,
+0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
+0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, 0x7629438b, 0xdcc623cb,
+0x68fcedb6, 0x63f1e4b8, 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
+0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
+0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
+0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 0xc74e4987, 0xc1d138d9,
+0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
+0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890,
+0x5ef7392e, 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
+0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 0xf418596e,
+0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef,
+0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, 0xafb2a431, 0x31233f2a,
+0x3094a5c6, 0xc066a235, 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
+0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
+0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
+0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 0x5a1d67b3, 0x52d2db92,
+0x335610e9, 0x1347d66d, 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
+0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255,
+0x79ce1418, 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
+0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 0x0c25e2bc,
+0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
+0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0
+};
+#else
+static const PRUint32 _TInv0[256] =
+{
+0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1,
+0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67,
+0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3,
+0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182,
+0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2,
+0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0xa779b492,
+0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa,
+0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997,
+0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48,
+0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f,
+0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad,
+0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc,
+0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3,
+0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1,
+0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8,
+0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4,
+0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331,
+0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, 0x764dd68d, 0x43efb04d,
+0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252,
+0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f,
+0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c,
+0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _TInv1[256] =
+{
+0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 0x459d1ff1,
+0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525,
+0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f, 0x5ab1de49, 0x1bba2567,
+0x0eea4598, 0xc0fe5de1, 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6,
+0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3,
+0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd,
+0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, 0x4adf6318, 0x311ae582,
+0x33519760, 0x7f536245, 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994,
+0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2,
+0x8f1fe357, 0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5,
+0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, 0xb479a792,
+0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a,
+0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475, 0xec830b39, 0xef6040aa,
+0x9f715e06, 0x106ebd51, 0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46,
+0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697,
+0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db,
+0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, 0x86800983, 0xed2b3248,
+0x70111eac, 0x725a6c4e, 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627,
+0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f,
+0x96eeb4d2, 0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
+0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, 0xc78bf2ad,
+0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd,
+0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34, 0x29438b76, 0xc623cbdc,
+0xfcedb668, 0xf1e4b863, 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420,
+0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3,
+0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722,
+0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, 0x4e4987c7, 0xd138d9c1,
+0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4,
+0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8,
+0xf7392e5e, 0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
+0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, 0x18596ef4,
+0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6,
+0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6, 0xb2a431af, 0x233f2a31,
+0x94a5c630, 0x66a235c0, 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315,
+0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d,
+0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f,
+0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, 0x1d67b35a, 0xd2db9252,
+0x5610e933, 0x47d66d13, 0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89,
+0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f,
+0xce141879, 0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
+0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, 0x25e2bc0c,
+0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490,
+0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042
+};
+#else
+static const PRUint32 _TInv1[256] =
+{
+0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, 0xcb3bab6b, 0xf11f9d45,
+0xabacfa58, 0x934be303, 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
+0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, 0x49deb15a, 0x6725ba1b,
+0x9845ea0e, 0xe15dfec0, 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
+0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, 0x2dd4be83, 0xd3587421,
+0x2949e069, 0x448ec9c8, 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
+0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, 0x1863df4a, 0x82e51a31,
+0x60975133, 0x4562537f, 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
+0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, 0x23ab73d3, 0xe2724b02,
+0x57e31f8f, 0x2a6655ab, 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
+0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, 0x2b8acf1c, 0x92a779b4,
+0xf0f307f2, 0xa14e69e2, 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
+0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, 0x390b83ec, 0xaa4060ef,
+0x065e719f, 0x51bd6e10, 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
+0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, 0x241998fb, 0x97d6bde9,
+0xcc894043, 0x7767d99e, 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
+0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, 0x83098086, 0x48322bed,
+0xac1e1170, 0x4e6c5a72, 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
+0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, 0xb10c0a67, 0x0f9357e7,
+0xd2b4ee96, 0x9e1b9b91, 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
+0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, 0x0b0e090d, 0xadf28bc7,
+0xb92db6a8, 0xc8141ea9, 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
+0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, 0x768b4329, 0xdccb23c6,
+0x68b6edfc, 0x63b8e4f1, 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
+0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, 0x4b1d9e2f, 0xf3dcb230,
+0xec0d8652, 0xd077c1e3, 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
+0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, 0xc787494e, 0xc1d938d1,
+0xfe8ccaa2, 0x3698d40b, 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
+0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, 0xc2f68d13, 0xe890d8b8,
+0x5e2e39f7, 0xf582c3af, 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
+0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, 0x09cd2678, 0xf46e5918,
+0x01ec9ab7, 0xa8834f9a, 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
+0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, 0xaf31a4b2, 0x312a3f23,
+0x30c6a594, 0xc035a266, 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
+0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, 0x8d764dd6, 0x4d43efb0,
+0x54ccaa4d, 0xdfe49604, 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
+0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, 0x5ab3671d, 0x5292dbd2,
+0x33e91056, 0x136dd647, 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
+0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, 0x599cd2df, 0x3f55f273,
+0x791814ce, 0xbf73c737, 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
+0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, 0x72161dc3, 0x0cbce225,
+0x8b283c49, 0x41ff0d95, 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
+0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _TInv2[256] =
+{
+0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 0x9d1ff145,
+0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c,
+0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3, 0xb1de495a, 0xba25671b,
+0xea45980e, 0xfe5de1c0, 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9,
+0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321,
+0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71,
+0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, 0xdf63184a, 0x1ae58231,
+0x51976033, 0x5362457f, 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b,
+0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202,
+0x1fe3578f, 0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
+0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, 0x79a792b4,
+0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe,
+0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb, 0x830b39ec, 0x6040aaef,
+0x715e069f, 0x6ebd5110, 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd,
+0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9,
+0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee,
+0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, 0x80098386, 0x2b3248ed,
+0x111eac70, 0x5a6c4e72, 0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739,
+0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7,
+0xeeb4d296, 0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
+0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, 0x8bf2adc7,
+0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60,
+0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e, 0x438b7629, 0x23cbdcc6,
+0xedb668fc, 0xe4b863f1, 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011,
+0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330,
+0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264,
+0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, 0x4987c74e, 0x38d9c1d1,
+0xca8cfea2, 0xd498360b, 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf,
+0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8,
+0x392e5ef7, 0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
+0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, 0x596ef418,
+0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8,
+0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c, 0xa431afb2, 0x3f2a3123,
+0xa5c63094, 0xa235c066, 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8,
+0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0,
+0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51,
+0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, 0x67b35a1d, 0xdb9252d2,
+0x10e93356, 0xd66d1347, 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c,
+0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73,
+0x141879ce, 0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
+0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, 0xe2bc0c25,
+0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1,
+0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257
+};
+#else
+static const PRUint32 _TInv2[256] =
+{
+0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, 0x6bcb3bab, 0x45f11f9d,
+0x58abacfa, 0x03934be3, 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502,
+0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, 0x5a49deb1, 0x1b6725ba,
+0x0e9845ea, 0xc0e15dfe, 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3,
+0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, 0x832dd4be, 0x21d35874,
+0x692949e0, 0xc8448ec9, 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9,
+0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, 0x4a1863df, 0x3182e51a,
+0x33609751, 0x7f456253, 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908,
+0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, 0xd323ab73, 0x02e2724b,
+0x8f57e31f, 0xab2a6655, 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337,
+0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, 0x1c2b8acf, 0xb492a779,
+0xf2f0f307, 0xe2a14e69, 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6,
+0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, 0xec390b83, 0xefaa4060,
+0x9f065e71, 0x1051bd6e, 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6,
+0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, 0xfb241998, 0xe997d6bd,
+0x43cc8940, 0x9e7767d9, 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8,
+0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, 0x86830980, 0xed48322b,
+0x70ac1e11, 0x724e6c5a, 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d,
+0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, 0x67b10c0a, 0xe70f9357,
+0x96d2b4ee, 0x919e1b9b, 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12,
+0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, 0x0d0b0e09, 0xc7adf28b,
+0xa8b92db6, 0xa9c8141e, 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f,
+0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, 0x29768b43, 0xc6dccb23,
+0xfc68b6ed, 0xf163b8e4, 0xdccad731, 0x85104263, 0x22401397, 0x112084c6,
+0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, 0x2f4b1d9e, 0x30f3dcb2,
+0x52ec0d86, 0xe3d077c1, 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9,
+0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, 0x4ec78749, 0xd1c1d938,
+0xa2fe8cca, 0x0b3698d4, 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad,
+0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, 0x13c2f68d, 0xb8e890d8,
+0xf75e2e39, 0xaff582c3, 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25,
+0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, 0x7809cd26, 0x18f46e59,
+0xb701ec9a, 0x9aa8834f, 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15,
+0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, 0xb2af31a4, 0x23312a3f,
+0x9430c6a5, 0x66c035a2, 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7,
+0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, 0xd68d764d, 0xb04d43ef,
+0x4d54ccaa, 0x04dfe496, 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665,
+0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, 0x1d5ab367, 0xd25292db,
+0x5633e910, 0x47136dd6, 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13,
+0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, 0xdf599cd2, 0x733f55f2,
+0xce791814, 0x37bf73c7, 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844,
+0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, 0xc372161d, 0x250cbce2,
+0x498b283c, 0x9541ff0d, 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456,
+0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _TInv3[256] =
+{
+0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 0x1ff1459d,
+0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02,
+0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362, 0xde495ab1, 0x25671bba,
+0x45980eea, 0x5de1c0fe, 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3,
+0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174,
+0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9,
+0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, 0x63184adf, 0xe582311a,
+0x97603351, 0x62457f53, 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08,
+0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b,
+0xe3578f1f, 0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
+0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, 0xa792b479,
+0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6,
+0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6, 0x0b39ec83, 0x40aaef60,
+0x5e069f71, 0xbd51106e, 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6,
+0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd,
+0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8,
+0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, 0x09838680, 0x3248ed2b,
+0x1eac7011, 0x6c4e725a, 0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d,
+0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757,
+0xb4d296ee, 0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
+0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, 0xf2adc78b,
+0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f,
+0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb, 0x8b762943, 0xcbdcc623,
+0xb668fced, 0xb863f1e4, 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6,
+0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2,
+0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9,
+0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, 0x87c74e49, 0xd9c1d138,
+0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad,
+0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8,
+0x2e5ef739, 0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
+0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, 0x6ef41859,
+0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815,
+0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0, 0x31afb2a4, 0x2a31233f,
+0xc63094a5, 0x35c066a2, 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7,
+0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef,
+0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165,
+0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, 0xb35a1d67, 0x9252d2db,
+0xe9335610, 0x6d1347d6, 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13,
+0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2,
+0x1879ce14, 0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
+0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, 0xbc0c25e2,
+0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156,
+0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8
+};
+#else
+static const PRUint32 _TInv3[256] =
+{
+0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f,
+0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5,
+0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725,
+0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b,
+0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358,
+0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27,
+0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5,
+0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9,
+0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272,
+0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3,
+0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7,
+0x07f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4,
+0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40,
+0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d,
+0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6,
+0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79,
+0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, 0x80868309, 0x2bed4832,
+0x1170ac1e, 0x5a724e6c, 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736,
+0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0x0a67b10c, 0x57e70f93,
+0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c,
+0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x090d0b0e, 0x8bc7adf2,
+0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3,
+0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb,
+0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084,
+0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc,
+0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247,
+0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9,
+0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f,
+0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890,
+0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf,
+0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e,
+0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef,
+0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a,
+0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533,
+0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43,
+0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46,
+0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, 0x671d5ab3, 0xdbd25292,
+0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb,
+0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55,
+0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678,
+0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc,
+0x3c498b28, 0x0d9541ff, 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064,
+0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _IMXC0[256] =
+{
+0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, 0x2c342438, 0x27392d36,
+0x3a2e3624, 0x31233f2a, 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362,
+0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, 0xb0d090e0, 0xbbdd99ee,
+0xa6ca82fc, 0xadc78bf2, 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca,
+0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, 0xc48cfca8, 0xcf81f5a6,
+0xd296eeb4, 0xd99be7ba, 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9,
+0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, 0x23d373ab, 0x28de7aa5,
+0x35c961b7, 0x3ec468b9, 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81,
+0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, 0xe75f8f03, 0xec52860d,
+0xf1459d1f, 0xfa489411, 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859,
+0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, 0xf66d76ad, 0xfd607fa3,
+0xe07764b1, 0xeb7a6dbf, 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987,
+0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, 0x82311ae5, 0x893c13eb,
+0x942b08f9, 0x9f2601f7, 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f,
+0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, 0x1ed5ae3d, 0x15d8a733,
+0x08cfbc21, 0x03c2b52f, 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117,
+0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, 0xa1e2694e, 0xaaef6040,
+0xb7f87b52, 0xbcf5725c, 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14,
+0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, 0x3d06dd96, 0x360bd498,
+0x2b1ccf8a, 0x2011c684, 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc,
+0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, 0x495ab1de, 0x4257b8d0,
+0x5f40a3c2, 0x544daacc, 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753,
+0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, 0xafb2a431, 0xa4bfad3f,
+0xb9a8b62d, 0xb2a5bf23, 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b,
+0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, 0x6b3e5899, 0x60335197,
+0x7d244a85, 0x7629438b, 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3,
+0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, 0x8c61d79a, 0x876cde94,
+0x9a7bc586, 0x9176cc88, 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0,
+0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, 0xf83dbbd2, 0xf330b2dc,
+0xee27a9ce, 0xe52aa0c0, 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68,
+0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, 0x64d90f0a, 0x6fd40604,
+0x72c31d16, 0x79ce1418, 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020,
+0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, 0x2d83bed4, 0x268eb7da,
+0x3b99acc8, 0x3094a5c6, 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e,
+0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, 0xb1670a0c, 0xba6a0302,
+0xa77d1810, 0xac70111e, 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526,
+0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, 0xc53b6644, 0xce366f4a,
+0xd3217458, 0xd82c7d56, 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25,
+0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, 0x2264e947, 0x2969e049,
+0x347efb5b, 0x3f73f255, 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d,
+0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, 0xe6e815ef, 0xede51ce1,
+0xf0f207f3, 0xfbff0efd, 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5,
+0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d
+};
+#else
+static const PRUint32 _IMXC0[256] =
+{
+0x00000000, 0x0e090d0b, 0x1c121a16, 0x121b171d, 0x3824342c, 0x362d3927,
+0x24362e3a, 0x2a3f2331, 0x70486858, 0x7e416553, 0x6c5a724e, 0x62537f45,
+0x486c5c74, 0x4665517f, 0x547e4662, 0x5a774b69, 0xe090d0b0, 0xee99ddbb,
+0xfc82caa6, 0xf28bc7ad, 0xd8b4e49c, 0xd6bde997, 0xc4a6fe8a, 0xcaaff381,
+0x90d8b8e8, 0x9ed1b5e3, 0x8ccaa2fe, 0x82c3aff5, 0xa8fc8cc4, 0xa6f581cf,
+0xb4ee96d2, 0xbae79bd9, 0xdb3bbb7b, 0xd532b670, 0xc729a16d, 0xc920ac66,
+0xe31f8f57, 0xed16825c, 0xff0d9541, 0xf104984a, 0xab73d323, 0xa57ade28,
+0xb761c935, 0xb968c43e, 0x9357e70f, 0x9d5eea04, 0x8f45fd19, 0x814cf012,
+0x3bab6bcb, 0x35a266c0, 0x27b971dd, 0x29b07cd6, 0x038f5fe7, 0x0d8652ec,
+0x1f9d45f1, 0x119448fa, 0x4be30393, 0x45ea0e98, 0x57f11985, 0x59f8148e,
+0x73c737bf, 0x7dce3ab4, 0x6fd52da9, 0x61dc20a2, 0xad766df6, 0xa37f60fd,
+0xb16477e0, 0xbf6d7aeb, 0x955259da, 0x9b5b54d1, 0x894043cc, 0x87494ec7,
+0xdd3e05ae, 0xd33708a5, 0xc12c1fb8, 0xcf2512b3, 0xe51a3182, 0xeb133c89,
+0xf9082b94, 0xf701269f, 0x4de6bd46, 0x43efb04d, 0x51f4a750, 0x5ffdaa5b,
+0x75c2896a, 0x7bcb8461, 0x69d0937c, 0x67d99e77, 0x3daed51e, 0x33a7d815,
+0x21bccf08, 0x2fb5c203, 0x058ae132, 0x0b83ec39, 0x1998fb24, 0x1791f62f,
+0x764dd68d, 0x7844db86, 0x6a5fcc9b, 0x6456c190, 0x4e69e2a1, 0x4060efaa,
+0x527bf8b7, 0x5c72f5bc, 0x0605bed5, 0x080cb3de, 0x1a17a4c3, 0x141ea9c8,
+0x3e218af9, 0x302887f2, 0x223390ef, 0x2c3a9de4, 0x96dd063d, 0x98d40b36,
+0x8acf1c2b, 0x84c61120, 0xaef93211, 0xa0f03f1a, 0xb2eb2807, 0xbce2250c,
+0xe6956e65, 0xe89c636e, 0xfa877473, 0xf48e7978, 0xdeb15a49, 0xd0b85742,
+0xc2a3405f, 0xccaa4d54, 0x41ecdaf7, 0x4fe5d7fc, 0x5dfec0e1, 0x53f7cdea,
+0x79c8eedb, 0x77c1e3d0, 0x65daf4cd, 0x6bd3f9c6, 0x31a4b2af, 0x3fadbfa4,
+0x2db6a8b9, 0x23bfa5b2, 0x09808683, 0x07898b88, 0x15929c95, 0x1b9b919e,
+0xa17c0a47, 0xaf75074c, 0xbd6e1051, 0xb3671d5a, 0x99583e6b, 0x97513360,
+0x854a247d, 0x8b432976, 0xd134621f, 0xdf3d6f14, 0xcd267809, 0xc32f7502,
+0xe9105633, 0xe7195b38, 0xf5024c25, 0xfb0b412e, 0x9ad7618c, 0x94de6c87,
+0x86c57b9a, 0x88cc7691, 0xa2f355a0, 0xacfa58ab, 0xbee14fb6, 0xb0e842bd,
+0xea9f09d4, 0xe49604df, 0xf68d13c2, 0xf8841ec9, 0xd2bb3df8, 0xdcb230f3,
+0xcea927ee, 0xc0a02ae5, 0x7a47b13c, 0x744ebc37, 0x6655ab2a, 0x685ca621,
+0x42638510, 0x4c6a881b, 0x5e719f06, 0x5078920d, 0x0a0fd964, 0x0406d46f,
+0x161dc372, 0x1814ce79, 0x322bed48, 0x3c22e043, 0x2e39f75e, 0x2030fa55,
+0xec9ab701, 0xe293ba0a, 0xf088ad17, 0xfe81a01c, 0xd4be832d, 0xdab78e26,
+0xc8ac993b, 0xc6a59430, 0x9cd2df59, 0x92dbd252, 0x80c0c54f, 0x8ec9c844,
+0xa4f6eb75, 0xaaffe67e, 0xb8e4f163, 0xb6edfc68, 0x0c0a67b1, 0x02036aba,
+0x10187da7, 0x1e1170ac, 0x342e539d, 0x3a275e96, 0x283c498b, 0x26354480,
+0x7c420fe9, 0x724b02e2, 0x605015ff, 0x6e5918f4, 0x44663bc5, 0x4a6f36ce,
+0x587421d3, 0x567d2cd8, 0x37a10c7a, 0x39a80171, 0x2bb3166c, 0x25ba1b67,
+0x0f853856, 0x018c355d, 0x13972240, 0x1d9e2f4b, 0x47e96422, 0x49e06929,
+0x5bfb7e34, 0x55f2733f, 0x7fcd500e, 0x71c45d05, 0x63df4a18, 0x6dd64713,
+0xd731dcca, 0xd938d1c1, 0xcb23c6dc, 0xc52acbd7, 0xef15e8e6, 0xe11ce5ed,
+0xf307f2f0, 0xfd0efffb, 0xa779b492, 0xa970b999, 0xbb6bae84, 0xb562a38f,
+0x9f5d80be, 0x91548db5, 0x834f9aa8, 0x8d4697a3
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _IMXC1[256] =
+{
+0x00000000, 0x0d090e0b, 0x1a121c16, 0x171b121d, 0x3424382c, 0x392d3627,
+0x2e36243a, 0x233f2a31, 0x68487058, 0x65417e53, 0x725a6c4e, 0x7f536245,
+0x5c6c4874, 0x5165467f, 0x467e5462, 0x4b775a69, 0xd090e0b0, 0xdd99eebb,
+0xca82fca6, 0xc78bf2ad, 0xe4b4d89c, 0xe9bdd697, 0xfea6c48a, 0xf3afca81,
+0xb8d890e8, 0xb5d19ee3, 0xa2ca8cfe, 0xafc382f5, 0x8cfca8c4, 0x81f5a6cf,
+0x96eeb4d2, 0x9be7bad9, 0xbb3bdb7b, 0xb632d570, 0xa129c76d, 0xac20c966,
+0x8f1fe357, 0x8216ed5c, 0x950dff41, 0x9804f14a, 0xd373ab23, 0xde7aa528,
+0xc961b735, 0xc468b93e, 0xe757930f, 0xea5e9d04, 0xfd458f19, 0xf04c8112,
+0x6bab3bcb, 0x66a235c0, 0x71b927dd, 0x7cb029d6, 0x5f8f03e7, 0x52860dec,
+0x459d1ff1, 0x489411fa, 0x03e34b93, 0x0eea4598, 0x19f15785, 0x14f8598e,
+0x37c773bf, 0x3ace7db4, 0x2dd56fa9, 0x20dc61a2, 0x6d76adf6, 0x607fa3fd,
+0x7764b1e0, 0x7a6dbfeb, 0x595295da, 0x545b9bd1, 0x434089cc, 0x4e4987c7,
+0x053eddae, 0x0837d3a5, 0x1f2cc1b8, 0x1225cfb3, 0x311ae582, 0x3c13eb89,
+0x2b08f994, 0x2601f79f, 0xbde64d46, 0xb0ef434d, 0xa7f45150, 0xaafd5f5b,
+0x89c2756a, 0x84cb7b61, 0x93d0697c, 0x9ed96777, 0xd5ae3d1e, 0xd8a73315,
+0xcfbc2108, 0xc2b52f03, 0xe18a0532, 0xec830b39, 0xfb981924, 0xf691172f,
+0xd64d768d, 0xdb447886, 0xcc5f6a9b, 0xc1566490, 0xe2694ea1, 0xef6040aa,
+0xf87b52b7, 0xf5725cbc, 0xbe0506d5, 0xb30c08de, 0xa4171ac3, 0xa91e14c8,
+0x8a213ef9, 0x872830f2, 0x903322ef, 0x9d3a2ce4, 0x06dd963d, 0x0bd49836,
+0x1ccf8a2b, 0x11c68420, 0x32f9ae11, 0x3ff0a01a, 0x28ebb207, 0x25e2bc0c,
+0x6e95e665, 0x639ce86e, 0x7487fa73, 0x798ef478, 0x5ab1de49, 0x57b8d042,
+0x40a3c25f, 0x4daacc54, 0xdaec41f7, 0xd7e54ffc, 0xc0fe5de1, 0xcdf753ea,
+0xeec879db, 0xe3c177d0, 0xf4da65cd, 0xf9d36bc6, 0xb2a431af, 0xbfad3fa4,
+0xa8b62db9, 0xa5bf23b2, 0x86800983, 0x8b890788, 0x9c921595, 0x919b1b9e,
+0x0a7ca147, 0x0775af4c, 0x106ebd51, 0x1d67b35a, 0x3e58996b, 0x33519760,
+0x244a857d, 0x29438b76, 0x6234d11f, 0x6f3ddf14, 0x7826cd09, 0x752fc302,
+0x5610e933, 0x5b19e738, 0x4c02f525, 0x410bfb2e, 0x61d79a8c, 0x6cde9487,
+0x7bc5869a, 0x76cc8891, 0x55f3a2a0, 0x58faacab, 0x4fe1beb6, 0x42e8b0bd,
+0x099fead4, 0x0496e4df, 0x138df6c2, 0x1e84f8c9, 0x3dbbd2f8, 0x30b2dcf3,
+0x27a9ceee, 0x2aa0c0e5, 0xb1477a3c, 0xbc4e7437, 0xab55662a, 0xa65c6821,
+0x85634210, 0x886a4c1b, 0x9f715e06, 0x9278500d, 0xd90f0a64, 0xd406046f,
+0xc31d1672, 0xce141879, 0xed2b3248, 0xe0223c43, 0xf7392e5e, 0xfa302055,
+0xb79aec01, 0xba93e20a, 0xad88f017, 0xa081fe1c, 0x83bed42d, 0x8eb7da26,
+0x99acc83b, 0x94a5c630, 0xdfd29c59, 0xd2db9252, 0xc5c0804f, 0xc8c98e44,
+0xebf6a475, 0xe6ffaa7e, 0xf1e4b863, 0xfcedb668, 0x670a0cb1, 0x6a0302ba,
+0x7d1810a7, 0x70111eac, 0x532e349d, 0x5e273a96, 0x493c288b, 0x44352680,
+0x0f427ce9, 0x024b72e2, 0x155060ff, 0x18596ef4, 0x3b6644c5, 0x366f4ace,
+0x217458d3, 0x2c7d56d8, 0x0ca1377a, 0x01a83971, 0x16b32b6c, 0x1bba2567,
+0x38850f56, 0x358c015d, 0x22971340, 0x2f9e1d4b, 0x64e94722, 0x69e04929,
+0x7efb5b34, 0x73f2553f, 0x50cd7f0e, 0x5dc47105, 0x4adf6318, 0x47d66d13,
+0xdc31d7ca, 0xd138d9c1, 0xc623cbdc, 0xcb2ac5d7, 0xe815efe6, 0xe51ce1ed,
+0xf207f3f0, 0xff0efdfb, 0xb479a792, 0xb970a999, 0xae6bbb84, 0xa362b58f,
+0x805d9fbe, 0x8d5491b5, 0x9a4f83a8, 0x97468da3
+};
+#else
+static const PRUint32 _IMXC1[256] =
+{
+0x00000000, 0x0b0e090d, 0x161c121a, 0x1d121b17, 0x2c382434, 0x27362d39,
+0x3a24362e, 0x312a3f23, 0x58704868, 0x537e4165, 0x4e6c5a72, 0x4562537f,
+0x74486c5c, 0x7f466551, 0x62547e46, 0x695a774b, 0xb0e090d0, 0xbbee99dd,
+0xa6fc82ca, 0xadf28bc7, 0x9cd8b4e4, 0x97d6bde9, 0x8ac4a6fe, 0x81caaff3,
+0xe890d8b8, 0xe39ed1b5, 0xfe8ccaa2, 0xf582c3af, 0xc4a8fc8c, 0xcfa6f581,
+0xd2b4ee96, 0xd9bae79b, 0x7bdb3bbb, 0x70d532b6, 0x6dc729a1, 0x66c920ac,
+0x57e31f8f, 0x5ced1682, 0x41ff0d95, 0x4af10498, 0x23ab73d3, 0x28a57ade,
+0x35b761c9, 0x3eb968c4, 0x0f9357e7, 0x049d5eea, 0x198f45fd, 0x12814cf0,
+0xcb3bab6b, 0xc035a266, 0xdd27b971, 0xd629b07c, 0xe7038f5f, 0xec0d8652,
+0xf11f9d45, 0xfa119448, 0x934be303, 0x9845ea0e, 0x8557f119, 0x8e59f814,
+0xbf73c737, 0xb47dce3a, 0xa96fd52d, 0xa261dc20, 0xf6ad766d, 0xfda37f60,
+0xe0b16477, 0xebbf6d7a, 0xda955259, 0xd19b5b54, 0xcc894043, 0xc787494e,
+0xaedd3e05, 0xa5d33708, 0xb8c12c1f, 0xb3cf2512, 0x82e51a31, 0x89eb133c,
+0x94f9082b, 0x9ff70126, 0x464de6bd, 0x4d43efb0, 0x5051f4a7, 0x5b5ffdaa,
+0x6a75c289, 0x617bcb84, 0x7c69d093, 0x7767d99e, 0x1e3daed5, 0x1533a7d8,
+0x0821bccf, 0x032fb5c2, 0x32058ae1, 0x390b83ec, 0x241998fb, 0x2f1791f6,
+0x8d764dd6, 0x867844db, 0x9b6a5fcc, 0x906456c1, 0xa14e69e2, 0xaa4060ef,
+0xb7527bf8, 0xbc5c72f5, 0xd50605be, 0xde080cb3, 0xc31a17a4, 0xc8141ea9,
+0xf93e218a, 0xf2302887, 0xef223390, 0xe42c3a9d, 0x3d96dd06, 0x3698d40b,
+0x2b8acf1c, 0x2084c611, 0x11aef932, 0x1aa0f03f, 0x07b2eb28, 0x0cbce225,
+0x65e6956e, 0x6ee89c63, 0x73fa8774, 0x78f48e79, 0x49deb15a, 0x42d0b857,
+0x5fc2a340, 0x54ccaa4d, 0xf741ecda, 0xfc4fe5d7, 0xe15dfec0, 0xea53f7cd,
+0xdb79c8ee, 0xd077c1e3, 0xcd65daf4, 0xc66bd3f9, 0xaf31a4b2, 0xa43fadbf,
+0xb92db6a8, 0xb223bfa5, 0x83098086, 0x8807898b, 0x9515929c, 0x9e1b9b91,
+0x47a17c0a, 0x4caf7507, 0x51bd6e10, 0x5ab3671d, 0x6b99583e, 0x60975133,
+0x7d854a24, 0x768b4329, 0x1fd13462, 0x14df3d6f, 0x09cd2678, 0x02c32f75,
+0x33e91056, 0x38e7195b, 0x25f5024c, 0x2efb0b41, 0x8c9ad761, 0x8794de6c,
+0x9a86c57b, 0x9188cc76, 0xa0a2f355, 0xabacfa58, 0xb6bee14f, 0xbdb0e842,
+0xd4ea9f09, 0xdfe49604, 0xc2f68d13, 0xc9f8841e, 0xf8d2bb3d, 0xf3dcb230,
+0xeecea927, 0xe5c0a02a, 0x3c7a47b1, 0x37744ebc, 0x2a6655ab, 0x21685ca6,
+0x10426385, 0x1b4c6a88, 0x065e719f, 0x0d507892, 0x640a0fd9, 0x6f0406d4,
+0x72161dc3, 0x791814ce, 0x48322bed, 0x433c22e0, 0x5e2e39f7, 0x552030fa,
+0x01ec9ab7, 0x0ae293ba, 0x17f088ad, 0x1cfe81a0, 0x2dd4be83, 0x26dab78e,
+0x3bc8ac99, 0x30c6a594, 0x599cd2df, 0x5292dbd2, 0x4f80c0c5, 0x448ec9c8,
+0x75a4f6eb, 0x7eaaffe6, 0x63b8e4f1, 0x68b6edfc, 0xb10c0a67, 0xba02036a,
+0xa710187d, 0xac1e1170, 0x9d342e53, 0x963a275e, 0x8b283c49, 0x80263544,
+0xe97c420f, 0xe2724b02, 0xff605015, 0xf46e5918, 0xc544663b, 0xce4a6f36,
+0xd3587421, 0xd8567d2c, 0x7a37a10c, 0x7139a801, 0x6c2bb316, 0x6725ba1b,
+0x560f8538, 0x5d018c35, 0x40139722, 0x4b1d9e2f, 0x2247e964, 0x2949e069,
+0x345bfb7e, 0x3f55f273, 0x0e7fcd50, 0x0571c45d, 0x1863df4a, 0x136dd647,
+0xcad731dc, 0xc1d938d1, 0xdccb23c6, 0xd7c52acb, 0xe6ef15e8, 0xede11ce5,
+0xf0f307f2, 0xfbfd0eff, 0x92a779b4, 0x99a970b9, 0x84bb6bae, 0x8fb562a3,
+0xbe9f5d80, 0xb591548d, 0xa8834f9a, 0xa38d4697
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _IMXC2[256] =
+{
+0x00000000, 0x090e0b0d, 0x121c161a, 0x1b121d17, 0x24382c34, 0x2d362739,
+0x36243a2e, 0x3f2a3123, 0x48705868, 0x417e5365, 0x5a6c4e72, 0x5362457f,
+0x6c48745c, 0x65467f51, 0x7e546246, 0x775a694b, 0x90e0b0d0, 0x99eebbdd,
+0x82fca6ca, 0x8bf2adc7, 0xb4d89ce4, 0xbdd697e9, 0xa6c48afe, 0xafca81f3,
+0xd890e8b8, 0xd19ee3b5, 0xca8cfea2, 0xc382f5af, 0xfca8c48c, 0xf5a6cf81,
+0xeeb4d296, 0xe7bad99b, 0x3bdb7bbb, 0x32d570b6, 0x29c76da1, 0x20c966ac,
+0x1fe3578f, 0x16ed5c82, 0x0dff4195, 0x04f14a98, 0x73ab23d3, 0x7aa528de,
+0x61b735c9, 0x68b93ec4, 0x57930fe7, 0x5e9d04ea, 0x458f19fd, 0x4c8112f0,
+0xab3bcb6b, 0xa235c066, 0xb927dd71, 0xb029d67c, 0x8f03e75f, 0x860dec52,
+0x9d1ff145, 0x9411fa48, 0xe34b9303, 0xea45980e, 0xf1578519, 0xf8598e14,
+0xc773bf37, 0xce7db43a, 0xd56fa92d, 0xdc61a220, 0x76adf66d, 0x7fa3fd60,
+0x64b1e077, 0x6dbfeb7a, 0x5295da59, 0x5b9bd154, 0x4089cc43, 0x4987c74e,
+0x3eddae05, 0x37d3a508, 0x2cc1b81f, 0x25cfb312, 0x1ae58231, 0x13eb893c,
+0x08f9942b, 0x01f79f26, 0xe64d46bd, 0xef434db0, 0xf45150a7, 0xfd5f5baa,
+0xc2756a89, 0xcb7b6184, 0xd0697c93, 0xd967779e, 0xae3d1ed5, 0xa73315d8,
+0xbc2108cf, 0xb52f03c2, 0x8a0532e1, 0x830b39ec, 0x981924fb, 0x91172ff6,
+0x4d768dd6, 0x447886db, 0x5f6a9bcc, 0x566490c1, 0x694ea1e2, 0x6040aaef,
+0x7b52b7f8, 0x725cbcf5, 0x0506d5be, 0x0c08deb3, 0x171ac3a4, 0x1e14c8a9,
+0x213ef98a, 0x2830f287, 0x3322ef90, 0x3a2ce49d, 0xdd963d06, 0xd498360b,
+0xcf8a2b1c, 0xc6842011, 0xf9ae1132, 0xf0a01a3f, 0xebb20728, 0xe2bc0c25,
+0x95e6656e, 0x9ce86e63, 0x87fa7374, 0x8ef47879, 0xb1de495a, 0xb8d04257,
+0xa3c25f40, 0xaacc544d, 0xec41f7da, 0xe54ffcd7, 0xfe5de1c0, 0xf753eacd,
+0xc879dbee, 0xc177d0e3, 0xda65cdf4, 0xd36bc6f9, 0xa431afb2, 0xad3fa4bf,
+0xb62db9a8, 0xbf23b2a5, 0x80098386, 0x8907888b, 0x9215959c, 0x9b1b9e91,
+0x7ca1470a, 0x75af4c07, 0x6ebd5110, 0x67b35a1d, 0x58996b3e, 0x51976033,
+0x4a857d24, 0x438b7629, 0x34d11f62, 0x3ddf146f, 0x26cd0978, 0x2fc30275,
+0x10e93356, 0x19e7385b, 0x02f5254c, 0x0bfb2e41, 0xd79a8c61, 0xde94876c,
+0xc5869a7b, 0xcc889176, 0xf3a2a055, 0xfaacab58, 0xe1beb64f, 0xe8b0bd42,
+0x9fead409, 0x96e4df04, 0x8df6c213, 0x84f8c91e, 0xbbd2f83d, 0xb2dcf330,
+0xa9ceee27, 0xa0c0e52a, 0x477a3cb1, 0x4e7437bc, 0x55662aab, 0x5c6821a6,
+0x63421085, 0x6a4c1b88, 0x715e069f, 0x78500d92, 0x0f0a64d9, 0x06046fd4,
+0x1d1672c3, 0x141879ce, 0x2b3248ed, 0x223c43e0, 0x392e5ef7, 0x302055fa,
+0x9aec01b7, 0x93e20aba, 0x88f017ad, 0x81fe1ca0, 0xbed42d83, 0xb7da268e,
+0xacc83b99, 0xa5c63094, 0xd29c59df, 0xdb9252d2, 0xc0804fc5, 0xc98e44c8,
+0xf6a475eb, 0xffaa7ee6, 0xe4b863f1, 0xedb668fc, 0x0a0cb167, 0x0302ba6a,
+0x1810a77d, 0x111eac70, 0x2e349d53, 0x273a965e, 0x3c288b49, 0x35268044,
+0x427ce90f, 0x4b72e202, 0x5060ff15, 0x596ef418, 0x6644c53b, 0x6f4ace36,
+0x7458d321, 0x7d56d82c, 0xa1377a0c, 0xa8397101, 0xb32b6c16, 0xba25671b,
+0x850f5638, 0x8c015d35, 0x97134022, 0x9e1d4b2f, 0xe9472264, 0xe0492969,
+0xfb5b347e, 0xf2553f73, 0xcd7f0e50, 0xc471055d, 0xdf63184a, 0xd66d1347,
+0x31d7cadc, 0x38d9c1d1, 0x23cbdcc6, 0x2ac5d7cb, 0x15efe6e8, 0x1ce1ede5,
+0x07f3f0f2, 0x0efdfbff, 0x79a792b4, 0x70a999b9, 0x6bbb84ae, 0x62b58fa3,
+0x5d9fbe80, 0x5491b58d, 0x4f83a89a, 0x468da397
+};
+#else
+static const PRUint32 _IMXC2[256] =
+{
+0x00000000, 0x0d0b0e09, 0x1a161c12, 0x171d121b, 0x342c3824, 0x3927362d,
+0x2e3a2436, 0x23312a3f, 0x68587048, 0x65537e41, 0x724e6c5a, 0x7f456253,
+0x5c74486c, 0x517f4665, 0x4662547e, 0x4b695a77, 0xd0b0e090, 0xddbbee99,
+0xcaa6fc82, 0xc7adf28b, 0xe49cd8b4, 0xe997d6bd, 0xfe8ac4a6, 0xf381caaf,
+0xb8e890d8, 0xb5e39ed1, 0xa2fe8cca, 0xaff582c3, 0x8cc4a8fc, 0x81cfa6f5,
+0x96d2b4ee, 0x9bd9bae7, 0xbb7bdb3b, 0xb670d532, 0xa16dc729, 0xac66c920,
+0x8f57e31f, 0x825ced16, 0x9541ff0d, 0x984af104, 0xd323ab73, 0xde28a57a,
+0xc935b761, 0xc43eb968, 0xe70f9357, 0xea049d5e, 0xfd198f45, 0xf012814c,
+0x6bcb3bab, 0x66c035a2, 0x71dd27b9, 0x7cd629b0, 0x5fe7038f, 0x52ec0d86,
+0x45f11f9d, 0x48fa1194, 0x03934be3, 0x0e9845ea, 0x198557f1, 0x148e59f8,
+0x37bf73c7, 0x3ab47dce, 0x2da96fd5, 0x20a261dc, 0x6df6ad76, 0x60fda37f,
+0x77e0b164, 0x7aebbf6d, 0x59da9552, 0x54d19b5b, 0x43cc8940, 0x4ec78749,
+0x05aedd3e, 0x08a5d337, 0x1fb8c12c, 0x12b3cf25, 0x3182e51a, 0x3c89eb13,
+0x2b94f908, 0x269ff701, 0xbd464de6, 0xb04d43ef, 0xa75051f4, 0xaa5b5ffd,
+0x896a75c2, 0x84617bcb, 0x937c69d0, 0x9e7767d9, 0xd51e3dae, 0xd81533a7,
+0xcf0821bc, 0xc2032fb5, 0xe132058a, 0xec390b83, 0xfb241998, 0xf62f1791,
+0xd68d764d, 0xdb867844, 0xcc9b6a5f, 0xc1906456, 0xe2a14e69, 0xefaa4060,
+0xf8b7527b, 0xf5bc5c72, 0xbed50605, 0xb3de080c, 0xa4c31a17, 0xa9c8141e,
+0x8af93e21, 0x87f23028, 0x90ef2233, 0x9de42c3a, 0x063d96dd, 0x0b3698d4,
+0x1c2b8acf, 0x112084c6, 0x3211aef9, 0x3f1aa0f0, 0x2807b2eb, 0x250cbce2,
+0x6e65e695, 0x636ee89c, 0x7473fa87, 0x7978f48e, 0x5a49deb1, 0x5742d0b8,
+0x405fc2a3, 0x4d54ccaa, 0xdaf741ec, 0xd7fc4fe5, 0xc0e15dfe, 0xcdea53f7,
+0xeedb79c8, 0xe3d077c1, 0xf4cd65da, 0xf9c66bd3, 0xb2af31a4, 0xbfa43fad,
+0xa8b92db6, 0xa5b223bf, 0x86830980, 0x8b880789, 0x9c951592, 0x919e1b9b,
+0x0a47a17c, 0x074caf75, 0x1051bd6e, 0x1d5ab367, 0x3e6b9958, 0x33609751,
+0x247d854a, 0x29768b43, 0x621fd134, 0x6f14df3d, 0x7809cd26, 0x7502c32f,
+0x5633e910, 0x5b38e719, 0x4c25f502, 0x412efb0b, 0x618c9ad7, 0x6c8794de,
+0x7b9a86c5, 0x769188cc, 0x55a0a2f3, 0x58abacfa, 0x4fb6bee1, 0x42bdb0e8,
+0x09d4ea9f, 0x04dfe496, 0x13c2f68d, 0x1ec9f884, 0x3df8d2bb, 0x30f3dcb2,
+0x27eecea9, 0x2ae5c0a0, 0xb13c7a47, 0xbc37744e, 0xab2a6655, 0xa621685c,
+0x85104263, 0x881b4c6a, 0x9f065e71, 0x920d5078, 0xd9640a0f, 0xd46f0406,
+0xc372161d, 0xce791814, 0xed48322b, 0xe0433c22, 0xf75e2e39, 0xfa552030,
+0xb701ec9a, 0xba0ae293, 0xad17f088, 0xa01cfe81, 0x832dd4be, 0x8e26dab7,
+0x993bc8ac, 0x9430c6a5, 0xdf599cd2, 0xd25292db, 0xc54f80c0, 0xc8448ec9,
+0xeb75a4f6, 0xe67eaaff, 0xf163b8e4, 0xfc68b6ed, 0x67b10c0a, 0x6aba0203,
+0x7da71018, 0x70ac1e11, 0x539d342e, 0x5e963a27, 0x498b283c, 0x44802635,
+0x0fe97c42, 0x02e2724b, 0x15ff6050, 0x18f46e59, 0x3bc54466, 0x36ce4a6f,
+0x21d35874, 0x2cd8567d, 0x0c7a37a1, 0x017139a8, 0x166c2bb3, 0x1b6725ba,
+0x38560f85, 0x355d018c, 0x22401397, 0x2f4b1d9e, 0x642247e9, 0x692949e0,
+0x7e345bfb, 0x733f55f2, 0x500e7fcd, 0x5d0571c4, 0x4a1863df, 0x47136dd6,
+0xdccad731, 0xd1c1d938, 0xc6dccb23, 0xcbd7c52a, 0xe8e6ef15, 0xe5ede11c,
+0xf2f0f307, 0xfffbfd0e, 0xb492a779, 0xb999a970, 0xae84bb6b, 0xa38fb562,
+0x80be9f5d, 0x8db59154, 0x9aa8834f, 0x97a38d46
+};
+#endif
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 _IMXC3[256] =
+{
+0x00000000, 0x0e0b0d09, 0x1c161a12, 0x121d171b, 0x382c3424, 0x3627392d,
+0x243a2e36, 0x2a31233f, 0x70586848, 0x7e536541, 0x6c4e725a, 0x62457f53,
+0x48745c6c, 0x467f5165, 0x5462467e, 0x5a694b77, 0xe0b0d090, 0xeebbdd99,
+0xfca6ca82, 0xf2adc78b, 0xd89ce4b4, 0xd697e9bd, 0xc48afea6, 0xca81f3af,
+0x90e8b8d8, 0x9ee3b5d1, 0x8cfea2ca, 0x82f5afc3, 0xa8c48cfc, 0xa6cf81f5,
+0xb4d296ee, 0xbad99be7, 0xdb7bbb3b, 0xd570b632, 0xc76da129, 0xc966ac20,
+0xe3578f1f, 0xed5c8216, 0xff41950d, 0xf14a9804, 0xab23d373, 0xa528de7a,
+0xb735c961, 0xb93ec468, 0x930fe757, 0x9d04ea5e, 0x8f19fd45, 0x8112f04c,
+0x3bcb6bab, 0x35c066a2, 0x27dd71b9, 0x29d67cb0, 0x03e75f8f, 0x0dec5286,
+0x1ff1459d, 0x11fa4894, 0x4b9303e3, 0x45980eea, 0x578519f1, 0x598e14f8,
+0x73bf37c7, 0x7db43ace, 0x6fa92dd5, 0x61a220dc, 0xadf66d76, 0xa3fd607f,
+0xb1e07764, 0xbfeb7a6d, 0x95da5952, 0x9bd1545b, 0x89cc4340, 0x87c74e49,
+0xddae053e, 0xd3a50837, 0xc1b81f2c, 0xcfb31225, 0xe582311a, 0xeb893c13,
+0xf9942b08, 0xf79f2601, 0x4d46bde6, 0x434db0ef, 0x5150a7f4, 0x5f5baafd,
+0x756a89c2, 0x7b6184cb, 0x697c93d0, 0x67779ed9, 0x3d1ed5ae, 0x3315d8a7,
+0x2108cfbc, 0x2f03c2b5, 0x0532e18a, 0x0b39ec83, 0x1924fb98, 0x172ff691,
+0x768dd64d, 0x7886db44, 0x6a9bcc5f, 0x6490c156, 0x4ea1e269, 0x40aaef60,
+0x52b7f87b, 0x5cbcf572, 0x06d5be05, 0x08deb30c, 0x1ac3a417, 0x14c8a91e,
+0x3ef98a21, 0x30f28728, 0x22ef9033, 0x2ce49d3a, 0x963d06dd, 0x98360bd4,
+0x8a2b1ccf, 0x842011c6, 0xae1132f9, 0xa01a3ff0, 0xb20728eb, 0xbc0c25e2,
+0xe6656e95, 0xe86e639c, 0xfa737487, 0xf478798e, 0xde495ab1, 0xd04257b8,
+0xc25f40a3, 0xcc544daa, 0x41f7daec, 0x4ffcd7e5, 0x5de1c0fe, 0x53eacdf7,
+0x79dbeec8, 0x77d0e3c1, 0x65cdf4da, 0x6bc6f9d3, 0x31afb2a4, 0x3fa4bfad,
+0x2db9a8b6, 0x23b2a5bf, 0x09838680, 0x07888b89, 0x15959c92, 0x1b9e919b,
+0xa1470a7c, 0xaf4c0775, 0xbd51106e, 0xb35a1d67, 0x996b3e58, 0x97603351,
+0x857d244a, 0x8b762943, 0xd11f6234, 0xdf146f3d, 0xcd097826, 0xc302752f,
+0xe9335610, 0xe7385b19, 0xf5254c02, 0xfb2e410b, 0x9a8c61d7, 0x94876cde,
+0x869a7bc5, 0x889176cc, 0xa2a055f3, 0xacab58fa, 0xbeb64fe1, 0xb0bd42e8,
+0xead4099f, 0xe4df0496, 0xf6c2138d, 0xf8c91e84, 0xd2f83dbb, 0xdcf330b2,
+0xceee27a9, 0xc0e52aa0, 0x7a3cb147, 0x7437bc4e, 0x662aab55, 0x6821a65c,
+0x42108563, 0x4c1b886a, 0x5e069f71, 0x500d9278, 0x0a64d90f, 0x046fd406,
+0x1672c31d, 0x1879ce14, 0x3248ed2b, 0x3c43e022, 0x2e5ef739, 0x2055fa30,
+0xec01b79a, 0xe20aba93, 0xf017ad88, 0xfe1ca081, 0xd42d83be, 0xda268eb7,
+0xc83b99ac, 0xc63094a5, 0x9c59dfd2, 0x9252d2db, 0x804fc5c0, 0x8e44c8c9,
+0xa475ebf6, 0xaa7ee6ff, 0xb863f1e4, 0xb668fced, 0x0cb1670a, 0x02ba6a03,
+0x10a77d18, 0x1eac7011, 0x349d532e, 0x3a965e27, 0x288b493c, 0x26804435,
+0x7ce90f42, 0x72e2024b, 0x60ff1550, 0x6ef41859, 0x44c53b66, 0x4ace366f,
+0x58d32174, 0x56d82c7d, 0x377a0ca1, 0x397101a8, 0x2b6c16b3, 0x25671bba,
+0x0f563885, 0x015d358c, 0x13402297, 0x1d4b2f9e, 0x472264e9, 0x492969e0,
+0x5b347efb, 0x553f73f2, 0x7f0e50cd, 0x71055dc4, 0x63184adf, 0x6d1347d6,
+0xd7cadc31, 0xd9c1d138, 0xcbdcc623, 0xc5d7cb2a, 0xefe6e815, 0xe1ede51c,
+0xf3f0f207, 0xfdfbff0e, 0xa792b479, 0xa999b970, 0xbb84ae6b, 0xb58fa362,
+0x9fbe805d, 0x91b58d54, 0x83a89a4f, 0x8da39746
+};
+#else
+static const PRUint32 _IMXC3[256] =
+{
+0x00000000, 0x090d0b0e, 0x121a161c, 0x1b171d12, 0x24342c38, 0x2d392736,
+0x362e3a24, 0x3f23312a, 0x48685870, 0x4165537e, 0x5a724e6c, 0x537f4562,
+0x6c5c7448, 0x65517f46, 0x7e466254, 0x774b695a, 0x90d0b0e0, 0x99ddbbee,
+0x82caa6fc, 0x8bc7adf2, 0xb4e49cd8, 0xbde997d6, 0xa6fe8ac4, 0xaff381ca,
+0xd8b8e890, 0xd1b5e39e, 0xcaa2fe8c, 0xc3aff582, 0xfc8cc4a8, 0xf581cfa6,
+0xee96d2b4, 0xe79bd9ba, 0x3bbb7bdb, 0x32b670d5, 0x29a16dc7, 0x20ac66c9,
+0x1f8f57e3, 0x16825ced, 0x0d9541ff, 0x04984af1, 0x73d323ab, 0x7ade28a5,
+0x61c935b7, 0x68c43eb9, 0x57e70f93, 0x5eea049d, 0x45fd198f, 0x4cf01281,
+0xab6bcb3b, 0xa266c035, 0xb971dd27, 0xb07cd629, 0x8f5fe703, 0x8652ec0d,
+0x9d45f11f, 0x9448fa11, 0xe303934b, 0xea0e9845, 0xf1198557, 0xf8148e59,
+0xc737bf73, 0xce3ab47d, 0xd52da96f, 0xdc20a261, 0x766df6ad, 0x7f60fda3,
+0x6477e0b1, 0x6d7aebbf, 0x5259da95, 0x5b54d19b, 0x4043cc89, 0x494ec787,
+0x3e05aedd, 0x3708a5d3, 0x2c1fb8c1, 0x2512b3cf, 0x1a3182e5, 0x133c89eb,
+0x082b94f9, 0x01269ff7, 0xe6bd464d, 0xefb04d43, 0xf4a75051, 0xfdaa5b5f,
+0xc2896a75, 0xcb84617b, 0xd0937c69, 0xd99e7767, 0xaed51e3d, 0xa7d81533,
+0xbccf0821, 0xb5c2032f, 0x8ae13205, 0x83ec390b, 0x98fb2419, 0x91f62f17,
+0x4dd68d76, 0x44db8678, 0x5fcc9b6a, 0x56c19064, 0x69e2a14e, 0x60efaa40,
+0x7bf8b752, 0x72f5bc5c, 0x05bed506, 0x0cb3de08, 0x17a4c31a, 0x1ea9c814,
+0x218af93e, 0x2887f230, 0x3390ef22, 0x3a9de42c, 0xdd063d96, 0xd40b3698,
+0xcf1c2b8a, 0xc6112084, 0xf93211ae, 0xf03f1aa0, 0xeb2807b2, 0xe2250cbc,
+0x956e65e6, 0x9c636ee8, 0x877473fa, 0x8e7978f4, 0xb15a49de, 0xb85742d0,
+0xa3405fc2, 0xaa4d54cc, 0xecdaf741, 0xe5d7fc4f, 0xfec0e15d, 0xf7cdea53,
+0xc8eedb79, 0xc1e3d077, 0xdaf4cd65, 0xd3f9c66b, 0xa4b2af31, 0xadbfa43f,
+0xb6a8b92d, 0xbfa5b223, 0x80868309, 0x898b8807, 0x929c9515, 0x9b919e1b,
+0x7c0a47a1, 0x75074caf, 0x6e1051bd, 0x671d5ab3, 0x583e6b99, 0x51336097,
+0x4a247d85, 0x4329768b, 0x34621fd1, 0x3d6f14df, 0x267809cd, 0x2f7502c3,
+0x105633e9, 0x195b38e7, 0x024c25f5, 0x0b412efb, 0xd7618c9a, 0xde6c8794,
+0xc57b9a86, 0xcc769188, 0xf355a0a2, 0xfa58abac, 0xe14fb6be, 0xe842bdb0,
+0x9f09d4ea, 0x9604dfe4, 0x8d13c2f6, 0x841ec9f8, 0xbb3df8d2, 0xb230f3dc,
+0xa927eece, 0xa02ae5c0, 0x47b13c7a, 0x4ebc3774, 0x55ab2a66, 0x5ca62168,
+0x63851042, 0x6a881b4c, 0x719f065e, 0x78920d50, 0x0fd9640a, 0x06d46f04,
+0x1dc37216, 0x14ce7918, 0x2bed4832, 0x22e0433c, 0x39f75e2e, 0x30fa5520,
+0x9ab701ec, 0x93ba0ae2, 0x88ad17f0, 0x81a01cfe, 0xbe832dd4, 0xb78e26da,
+0xac993bc8, 0xa59430c6, 0xd2df599c, 0xdbd25292, 0xc0c54f80, 0xc9c8448e,
+0xf6eb75a4, 0xffe67eaa, 0xe4f163b8, 0xedfc68b6, 0x0a67b10c, 0x036aba02,
+0x187da710, 0x1170ac1e, 0x2e539d34, 0x275e963a, 0x3c498b28, 0x35448026,
+0x420fe97c, 0x4b02e272, 0x5015ff60, 0x5918f46e, 0x663bc544, 0x6f36ce4a,
+0x7421d358, 0x7d2cd856, 0xa10c7a37, 0xa8017139, 0xb3166c2b, 0xba1b6725,
+0x8538560f, 0x8c355d01, 0x97224013, 0x9e2f4b1d, 0xe9642247, 0xe0692949,
+0xfb7e345b, 0xf2733f55, 0xcd500e7f, 0xc45d0571, 0xdf4a1863, 0xd647136d,
+0x31dccad7, 0x38d1c1d9, 0x23c6dccb, 0x2acbd7c5, 0x15e8e6ef, 0x1ce5ede1,
+0x07f2f0f3, 0x0efffbfd, 0x79b492a7, 0x70b999a9, 0x6bae84bb, 0x62a38fb5,
+0x5d80be9f, 0x548db591, 0x4f9aa883, 0x4697a38d
+};
+#endif
+
+#endif /* RIJNDAEL_INCLUDE_TABLES */
+
+#ifdef IS_LITTLE_ENDIAN
+static const PRUint32 Rcon[30] = {
+0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020,
+0x00000040, 0x00000080, 0x0000001b, 0x00000036, 0x0000006c, 0x000000d8,
+0x000000ab, 0x0000004d, 0x0000009a, 0x0000002f, 0x0000005e, 0x000000bc,
+0x00000063, 0x000000c6, 0x00000097, 0x00000035, 0x0000006a, 0x000000d4,
+0x000000b3, 0x0000007d, 0x000000fa, 0x000000ef, 0x000000c5, 0x00000091
+};
+#else
+static const PRUint32 Rcon[30] = {
+0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
+0x40000000, 0x80000000, 0x1b000000, 0x36000000, 0x6c000000, 0xd8000000,
+0xab000000, 0x4d000000, 0x9a000000, 0x2f000000, 0x5e000000, 0xbc000000,
+0x63000000, 0xc6000000, 0x97000000, 0x35000000, 0x6a000000, 0xd4000000,
+0xb3000000, 0x7d000000, 0xfa000000, 0xef000000, 0xc5000000, 0x91000000
+};
+#endif
+
diff --git a/security/nss/lib/freebl/rijndael_tables.c b/security/nss/lib/freebl/rijndael_tables.c
new file mode 100644
index 000000000..78dd85a96
--- /dev/null
+++ b/security/nss/lib/freebl/rijndael_tables.c
@@ -0,0 +1,215 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "stdio.h"
+#include "prtypes.h"
+#include "blapi.h"
+
+/*
+ * what follows is code thrown together to generate the myriad of tables
+ * used by Rijndael, the AES cipher.
+ */
+
+#define WORD_LE(b0, b1, b2, b3) \
+ (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | b0)
+
+#define WORD_BE(b0, b1, b2, b3) \
+ (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | b3)
+
+static const PRUint8 __S[256] =
+ {
+ 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
+ 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
+ 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
+ 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
+ 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
+ 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
+ 208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
+ 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
+ 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
+ 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
+ 224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
+ 231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
+ 186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
+ 112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
+ 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
+ 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22,
+ };
+
+static const PRUint8 __SInv[256] =
+ {
+ 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
+ 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
+ 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
+ 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
+ 114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
+ 108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
+ 144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
+ 208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
+ 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
+ 150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
+ 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
+ 252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
+ 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
+ 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
+ 160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
+ 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125
+ };
+
+/* GF_MULTIPLY
+ *
+ * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
+ */
+PRUint8
+gf_multiply(PRUint8 a, PRUint8 b)
+{
+ PRUint8 res = 0;
+ while (b > 0) {
+ res = (b & 0x01) ? res ^ a : res;
+ a = (a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1);
+ b >>= 1;
+ }
+ return res;
+}
+
+void
+make_T_Table(char *table, const PRUint8 Sx[256], FILE *file,
+ unsigned char m0, unsigned char m1,
+ unsigned char m2, unsigned char m3)
+{
+ PRUint32 Ti;
+ int i;
+ fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
+ fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
+ for (i = 0; i < 256; i++) {
+ Ti = WORD_LE(gf_multiply(Sx[i], m0),
+ gf_multiply(Sx[i], m1),
+ gf_multiply(Sx[i], m2),
+ gf_multiply(Sx[i], m3));
+ if (Ti == 0)
+ fprintf(file, "0x00000000%c%c", (i == 255) ? ' ' : ',',
+ (i % 6 == 5) ? '\n' : ' ');
+ else
+ fprintf(file, "%#.8x%c%c", Ti, (i == 255) ? ' ' : ',',
+ (i % 6 == 5) ? '\n' : ' ');
+ }
+ fprintf(file, "\n};\n");
+ fprintf(file, "#else\n");
+ fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
+ for (i = 0; i < 256; i++) {
+ Ti = WORD_BE(gf_multiply(Sx[i], m0),
+ gf_multiply(Sx[i], m1),
+ gf_multiply(Sx[i], m2),
+ gf_multiply(Sx[i], m3));
+ if (Ti == 0)
+ fprintf(file, "0x00000000%c%c", (i == 255) ? ' ' : ',',
+ (i % 6 == 5) ? '\n' : ' ');
+ else
+ fprintf(file, "%#.8x%c%c", Ti, (i == 255) ? ' ' : ',',
+ (i % 6 == 5) ? '\n' : ' ');
+ }
+ fprintf(file, "\n};\n");
+ fprintf(file, "#endif\n\n");
+}
+
+void
+make_InvMixCol_Table(int num, FILE *file, PRUint8 m0, PRUint8 m1, PRUint8 m2, PRUint8 m3)
+{
+ PRUint16 i;
+ PRUint8 b0, b1, b2, b3;
+ fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
+ fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
+ for (i = 0; i < 256; i++) {
+ b0 = gf_multiply(i, m0);
+ b1 = gf_multiply(i, m1);
+ b2 = gf_multiply(i, m2);
+ b3 = gf_multiply(i, m3);
+ fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b3, b2, b1, b0, (i == 255) ? ' ' : ',', (i % 6 == 5) ? '\n' : ' ');
+ }
+ fprintf(file, "\n};\n");
+ fprintf(file, "#else\n");
+ fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
+ for (i = 0; i < 256; i++) {
+ b0 = gf_multiply(i, m0);
+ b1 = gf_multiply(i, m1);
+ b2 = gf_multiply(i, m2);
+ b3 = gf_multiply(i, m3);
+ fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b0, b1, b2, b3, (i == 255) ? ' ' : ',', (i % 6 == 5) ? '\n' : ' ');
+ }
+ fprintf(file, "\n};\n");
+ fprintf(file, "#endif\n\n");
+}
+
+int
+main()
+{
+ int i, j;
+ PRUint8 cur, last;
+ PRUint32 tmp;
+ FILE *optfile;
+ optfile = fopen("rijndael32.tab", "w");
+ /* output S, if there are no T tables */
+ fprintf(optfile, "#ifndef RIJNDAEL_INCLUDE_TABLES\n");
+ fprintf(optfile, "static const PRUint8 _S[256] = \n{\n");
+ for (i = 0; i < 256; i++) {
+ fprintf(optfile, "%3d%c%c", __S[i], (i == 255) ? ' ' : ',',
+ (i % 16 == 15) ? '\n' : ' ');
+ }
+ fprintf(optfile, "};\n#endif /* not RIJNDAEL_INCLUDE_TABLES */\n\n");
+ /* output S**-1 */
+ fprintf(optfile, "static const PRUint8 _SInv[256] = \n{\n");
+ for (i = 0; i < 256; i++) {
+ fprintf(optfile, "%3d%c%c", __SInv[i], (i == 255) ? ' ' : ',',
+ (i % 16 == 15) ? '\n' : ' ');
+ }
+ fprintf(optfile, "};\n\n");
+ fprintf(optfile, "#ifdef RIJNDAEL_INCLUDE_TABLES\n");
+ /* The 32-bit word tables for optimized implementation */
+ /* T0 = [ S[a] * 02, S[a], S[a], S[a] * 03 ] */
+ make_T_Table("0", __S, optfile, 0x02, 0x01, 0x01, 0x03);
+ /* T1 = [ S[a] * 03, S[a] * 02, S[a], S[a] ] */
+ make_T_Table("1", __S, optfile, 0x03, 0x02, 0x01, 0x01);
+ /* T2 = [ S[a], S[a] * 03, S[a] * 02, S[a] ] */
+ make_T_Table("2", __S, optfile, 0x01, 0x03, 0x02, 0x01);
+ /* T3 = [ S[a], S[a], S[a] * 03, S[a] * 02 ] */
+ make_T_Table("3", __S, optfile, 0x01, 0x01, 0x03, 0x02);
+ /* TInv0 = [ Si[a] * 0E, Si[a] * 09, Si[a] * 0D, Si[a] * 0B ] */
+ make_T_Table("Inv0", __SInv, optfile, 0x0e, 0x09, 0x0d, 0x0b);
+ /* TInv1 = [ Si[a] * 0B, Si[a] * 0E, Si[a] * 09, Si[a] * 0D ] */
+ make_T_Table("Inv1", __SInv, optfile, 0x0b, 0x0e, 0x09, 0x0d);
+ /* TInv2 = [ Si[a] * 0D, Si[a] * 0B, Si[a] * 0E, Si[a] * 09 ] */
+ make_T_Table("Inv2", __SInv, optfile, 0x0d, 0x0b, 0x0e, 0x09);
+ /* TInv3 = [ Si[a] * 09, Si[a] * 0D, Si[a] * 0B, Si[a] * 0E ] */
+ make_T_Table("Inv3", __SInv, optfile, 0x09, 0x0d, 0x0b, 0x0e);
+ /* byte multiply tables for inverse key expansion (mimics InvMixColumn) */
+ make_InvMixCol_Table(0, optfile, 0x0e, 0x09, 0x0d, 0x0b);
+ make_InvMixCol_Table(1, optfile, 0x0b, 0x0E, 0x09, 0x0d);
+ make_InvMixCol_Table(2, optfile, 0x0d, 0x0b, 0x0e, 0x09);
+ make_InvMixCol_Table(3, optfile, 0x09, 0x0d, 0x0b, 0x0e);
+ fprintf(optfile, "#endif /* RIJNDAEL_INCLUDE_TABLES */\n\n");
+ /* round constants for key expansion */
+ fprintf(optfile, "#ifdef IS_LITTLE_ENDIAN\n");
+ fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
+ cur = 0x01;
+ for (i = 0; i < 30; i++) {
+ fprintf(optfile, "%#.8x%c%c", WORD_LE(cur, 0, 0, 0),
+ (i == 29) ? ' ' : ',', (i % 6 == 5) ? '\n' : ' ');
+ last = cur;
+ cur = gf_multiply(last, 0x02);
+ }
+ fprintf(optfile, "};\n");
+ fprintf(optfile, "#else\n");
+ fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
+ cur = 0x01;
+ for (i = 0; i < 30; i++) {
+ fprintf(optfile, "%#.8x%c%c", WORD_BE(cur, 0, 0, 0),
+ (i == 29) ? ' ' : ',', (i % 6 == 5) ? '\n' : ' ');
+ last = cur;
+ cur = gf_multiply(last, 0x02);
+ }
+ fprintf(optfile, "};\n");
+ fprintf(optfile, "#endif\n\n");
+ fclose(optfile);
+ return 0;
+}
diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c
new file mode 100644
index 000000000..ff8c40ed9
--- /dev/null
+++ b/security/nss/lib/freebl/rsa.c
@@ -0,0 +1,1625 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * RSA key generation, public key op, private key op.
+ */
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "secerr.h"
+
+#include "prclist.h"
+#include "nssilock.h"
+#include "prinit.h"
+#include "blapi.h"
+#include "mpi.h"
+#include "mpprime.h"
+#include "mplogic.h"
+#include "secmpi.h"
+#include "secitem.h"
+#include "blapii.h"
+
+/*
+** Number of times to attempt to generate a prime (p or q) from a random
+** seed (the seed changes for each iteration).
+*/
+#define MAX_PRIME_GEN_ATTEMPTS 10
+/*
+** Number of times to attempt to generate a key. The primes p and q change
+** for each attempt.
+*/
+#define MAX_KEY_GEN_ATTEMPTS 10
+
+/* Blinding Parameters max cache size */
+#define RSA_BLINDING_PARAMS_MAX_CACHE_SIZE 20
+
+/* exponent should not be greater than modulus */
+#define BAD_RSA_KEY_SIZE(modLen, expLen) \
+ ((expLen) > (modLen) || (modLen) > RSA_MAX_MODULUS_BITS / 8 || \
+ (expLen) > RSA_MAX_EXPONENT_BITS / 8)
+
+struct blindingParamsStr;
+typedef struct blindingParamsStr blindingParams;
+
+struct blindingParamsStr {
+ blindingParams *next;
+ mp_int f, g; /* blinding parameter */
+ int counter; /* number of remaining uses of (f, g) */
+};
+
+/*
+** RSABlindingParamsStr
+**
+** For discussion of Paul Kocher's timing attack against an RSA private key
+** operation, see http://www.cryptography.com/timingattack/paper.html. The
+** countermeasure to this attack, known as blinding, is also discussed in
+** the Handbook of Applied Cryptography, 11.118-11.119.
+*/
+struct RSABlindingParamsStr {
+ /* Blinding-specific parameters */
+ PRCList link; /* link to list of structs */
+ SECItem modulus; /* list element "key" */
+ blindingParams *free, *bp; /* Blinding parameters queue */
+ blindingParams array[RSA_BLINDING_PARAMS_MAX_CACHE_SIZE];
+};
+typedef struct RSABlindingParamsStr RSABlindingParams;
+
+/*
+** RSABlindingParamsListStr
+**
+** List of key-specific blinding params. The arena holds the volatile pool
+** of memory for each entry and the list itself. The lock is for list
+** operations, in this case insertions and iterations, as well as control
+** of the counter for each set of blinding parameters.
+*/
+struct RSABlindingParamsListStr {
+ PZLock *lock; /* Lock for the list */
+ PRCondVar *cVar; /* Condidtion Variable */
+ int waitCount; /* Number of threads waiting on cVar */
+ PRCList head; /* Pointer to the list */
+};
+
+/*
+** The master blinding params list.
+*/
+static struct RSABlindingParamsListStr blindingParamsList = { 0 };
+
+/* Number of times to reuse (f, g). Suggested by Paul Kocher */
+#define RSA_BLINDING_PARAMS_MAX_REUSE 50
+
+/* Global, allows optional use of blinding. On by default. */
+/* Cannot be changed at the moment, due to thread-safety issues. */
+static PRBool nssRSAUseBlinding = PR_TRUE;
+
+static SECStatus
+rsa_build_from_primes(const mp_int *p, const mp_int *q,
+ mp_int *e, PRBool needPublicExponent,
+ mp_int *d, PRBool needPrivateExponent,
+ RSAPrivateKey *key, unsigned int keySizeInBits)
+{
+ mp_int n, phi;
+ mp_int psub1, qsub1, tmp;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&phi) = 0;
+ MP_DIGITS(&psub1) = 0;
+ MP_DIGITS(&qsub1) = 0;
+ MP_DIGITS(&tmp) = 0;
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&phi));
+ CHECK_MPI_OK(mp_init(&psub1));
+ CHECK_MPI_OK(mp_init(&qsub1));
+ CHECK_MPI_OK(mp_init(&tmp));
+ /* p and q must be distinct. */
+ if (mp_cmp(p, q) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ /* 1. Compute n = p*q */
+ CHECK_MPI_OK(mp_mul(p, q, &n));
+ /* verify that the modulus has the desired number of bits */
+ if ((unsigned)mpl_significant_bits(&n) != keySizeInBits) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ rv = SECFailure;
+ goto cleanup;
+ }
+
+ /* at least one exponent must be given */
+ PORT_Assert(!(needPublicExponent && needPrivateExponent));
+
+ /* 2. Compute phi = (p-1)*(q-1) */
+ CHECK_MPI_OK(mp_sub_d(p, 1, &psub1));
+ CHECK_MPI_OK(mp_sub_d(q, 1, &qsub1));
+ if (needPublicExponent || needPrivateExponent) {
+ CHECK_MPI_OK(mp_lcm(&psub1, &qsub1, &phi));
+ /* 3. Compute d = e**-1 mod(phi) */
+ /* or e = d**-1 mod(phi) as necessary */
+ if (needPublicExponent) {
+ err = mp_invmod(d, &phi, e);
+ } else {
+ err = mp_invmod(e, &phi, d);
+ }
+ } else {
+ err = MP_OKAY;
+ }
+ /* Verify that phi(n) and e have no common divisors */
+ if (err != MP_OKAY) {
+ if (err == MP_UNDEF) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ err = MP_OKAY; /* to keep PORT_SetError from being called again */
+ rv = SECFailure;
+ }
+ goto cleanup;
+ }
+
+ /* 4. Compute exponent1 = d mod (p-1) */
+ CHECK_MPI_OK(mp_mod(d, &psub1, &tmp));
+ MPINT_TO_SECITEM(&tmp, &key->exponent1, key->arena);
+ /* 5. Compute exponent2 = d mod (q-1) */
+ CHECK_MPI_OK(mp_mod(d, &qsub1, &tmp));
+ MPINT_TO_SECITEM(&tmp, &key->exponent2, key->arena);
+ /* 6. Compute coefficient = q**-1 mod p */
+ CHECK_MPI_OK(mp_invmod(q, p, &tmp));
+ MPINT_TO_SECITEM(&tmp, &key->coefficient, key->arena);
+
+ /* copy our calculated results, overwrite what is there */
+ key->modulus.data = NULL;
+ MPINT_TO_SECITEM(&n, &key->modulus, key->arena);
+ key->privateExponent.data = NULL;
+ MPINT_TO_SECITEM(d, &key->privateExponent, key->arena);
+ key->publicExponent.data = NULL;
+ MPINT_TO_SECITEM(e, &key->publicExponent, key->arena);
+ key->prime1.data = NULL;
+ MPINT_TO_SECITEM(p, &key->prime1, key->arena);
+ key->prime2.data = NULL;
+ MPINT_TO_SECITEM(q, &key->prime2, key->arena);
+cleanup:
+ mp_clear(&n);
+ mp_clear(&phi);
+ mp_clear(&psub1);
+ mp_clear(&qsub1);
+ mp_clear(&tmp);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+static SECStatus
+generate_prime(mp_int *prime, int primeLen)
+{
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ unsigned long counter = 0;
+ int piter;
+ unsigned char *pb = NULL;
+ pb = PORT_Alloc(primeLen);
+ if (!pb) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto cleanup;
+ }
+ for (piter = 0; piter < MAX_PRIME_GEN_ATTEMPTS; piter++) {
+ CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(pb, primeLen));
+ pb[0] |= 0xC0; /* set two high-order bits */
+ pb[primeLen - 1] |= 0x01; /* set low-order bit */
+ CHECK_MPI_OK(mp_read_unsigned_octets(prime, pb, primeLen));
+ err = mpp_make_prime(prime, primeLen * 8, PR_FALSE, &counter);
+ if (err != MP_NO)
+ goto cleanup;
+ /* keep going while err == MP_NO */
+ }
+cleanup:
+ if (pb)
+ PORT_ZFree(pb, primeLen);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+ * make sure the key components meet fips186 requirements.
+ */
+static PRBool
+rsa_fips186_verify(mp_int *p, mp_int *q, mp_int *d, int keySizeInBits)
+{
+ mp_int pq_diff;
+ mp_err err = MP_OKAY;
+ PRBool ret = PR_FALSE;
+
+ if (keySizeInBits < 250) {
+ /* not a valid FIPS length, no point in our other tests */
+ /* if you are here, and in FIPS mode, you are outside the security
+ * policy */
+ return PR_TRUE;
+ }
+
+ /* p & q are already known to be greater then sqrt(2)*2^(keySize/2-1) */
+ /* we also know that gcd(p-1,e) = 1 and gcd(q-1,e) = 1 because the
+ * mp_invmod() function will fail. */
+ /* now check p-q > 2^(keysize/2-100) */
+ MP_DIGITS(&pq_diff) = 0;
+ CHECK_MPI_OK(mp_init(&pq_diff));
+ /* NSS always has p > q, so we know pq_diff is positive */
+ CHECK_MPI_OK(mp_sub(p, q, &pq_diff));
+ if ((unsigned)mpl_significant_bits(&pq_diff) < (keySizeInBits / 2 - 100)) {
+ goto cleanup;
+ }
+ /* now verify d is large enough*/
+ if ((unsigned)mpl_significant_bits(d) < (keySizeInBits / 2)) {
+ goto cleanup;
+ }
+ ret = PR_TRUE;
+
+cleanup:
+ mp_clear(&pq_diff);
+ return ret;
+}
+
+/*
+** Generate and return a new RSA public and private key.
+** Both keys are encoded in a single RSAPrivateKey structure.
+** "cx" is the random number generator context
+** "keySizeInBits" is the size of the key to be generated, in bits.
+** 512, 1024, etc.
+** "publicExponent" when not NULL is a pointer to some data that
+** represents the public exponent to use. The data is a byte
+** encoded integer, in "big endian" order.
+*/
+RSAPrivateKey *
+RSA_NewKey(int keySizeInBits, SECItem *publicExponent)
+{
+ unsigned int primeLen;
+ mp_int p, q, e, d;
+ int kiter;
+ int max_attempts;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ int prerr = 0;
+ RSAPrivateKey *key = NULL;
+ PLArenaPool *arena = NULL;
+ /* Require key size to be a multiple of 16 bits. */
+ if (!publicExponent || keySizeInBits % 16 != 0 ||
+ BAD_RSA_KEY_SIZE((unsigned int)keySizeInBits / 8, publicExponent->len)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ /* 1. Allocate arena & key */
+ arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ key = PORT_ArenaZNew(arena, RSAPrivateKey);
+ if (!key) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+ }
+ key->arena = arena;
+ /* length of primes p and q (in bytes) */
+ primeLen = keySizeInBits / (2 * PR_BITS_PER_BYTE);
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&d) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&d));
+ /* 2. Set the version number (PKCS1 v1.5 says it should be zero) */
+ SECITEM_AllocItem(arena, &key->version, 1);
+ key->version.data[0] = 0;
+ /* 3. Set the public exponent */
+ SECITEM_TO_MPINT(*publicExponent, &e);
+ kiter = 0;
+ max_attempts = 5 * (keySizeInBits / 2); /* FIPS 186-4 B.3.3 steps 4.7 and 5.8 */
+ do {
+ prerr = 0;
+ PORT_SetError(0);
+ CHECK_SEC_OK(generate_prime(&p, primeLen));
+ CHECK_SEC_OK(generate_prime(&q, primeLen));
+ /* Assure p > q */
+ /* NOTE: PKCS #1 does not require p > q, and NSS doesn't use any
+ * implementation optimization that requires p > q. We can remove
+ * this code in the future.
+ */
+ if (mp_cmp(&p, &q) < 0)
+ mp_exch(&p, &q);
+ /* Attempt to use these primes to generate a key */
+ rv = rsa_build_from_primes(&p, &q,
+ &e, PR_FALSE, /* needPublicExponent=false */
+ &d, PR_TRUE, /* needPrivateExponent=true */
+ key, keySizeInBits);
+ if (rv == SECSuccess) {
+ if (rsa_fips186_verify(&p, &q, &d, keySizeInBits)) {
+ break;
+ }
+ prerr = SEC_ERROR_NEED_RANDOM; /* retry with different values */
+ } else {
+ prerr = PORT_GetError();
+ }
+ kiter++;
+ /* loop until have primes */
+ } while (prerr == SEC_ERROR_NEED_RANDOM && kiter < max_attempts);
+ if (prerr)
+ goto cleanup;
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&e);
+ mp_clear(&d);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv && arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ key = NULL;
+ }
+ return key;
+}
+
+mp_err
+rsa_is_prime(mp_int *p)
+{
+ int res;
+
+ /* run a Fermat test */
+ res = mpp_fermat(p, 2);
+ if (res != MP_OKAY) {
+ return res;
+ }
+
+ /* If that passed, run some Miller-Rabin tests */
+ res = mpp_pprime(p, 2);
+ return res;
+}
+
+/*
+ * Factorize a RSA modulus n into p and q by using the exponents e and d.
+ *
+ * In: e, d, n
+ * Out: p, q
+ *
+ * See Handbook of Applied Cryptography, 8.2.2(i).
+ *
+ * The algorithm is probabilistic, it is run 64 times and each run has a 50%
+ * chance of succeeding with a runtime of O(log(e*d)).
+ *
+ * The returned p might be smaller than q.
+ */
+static mp_err
+rsa_factorize_n_from_exponents(mp_int *e, mp_int *d, mp_int *p, mp_int *q,
+ mp_int *n)
+{
+ /* lambda is the private modulus: e*d = 1 mod lambda */
+ /* so: e*d - 1 = k*lambda = t*2^s where t is odd */
+ mp_int klambda;
+ mp_int t, onetwentyeight;
+ unsigned long s = 0;
+ unsigned long i;
+
+ /* cand = a^(t * 2^i) mod n, next_cand = a^(t * 2^(i+1)) mod n */
+ mp_int a;
+ mp_int cand;
+ mp_int next_cand;
+
+ mp_int n_minus_one;
+ mp_err err = MP_OKAY;
+
+ MP_DIGITS(&klambda) = 0;
+ MP_DIGITS(&t) = 0;
+ MP_DIGITS(&a) = 0;
+ MP_DIGITS(&cand) = 0;
+ MP_DIGITS(&n_minus_one) = 0;
+ MP_DIGITS(&next_cand) = 0;
+ MP_DIGITS(&onetwentyeight) = 0;
+ CHECK_MPI_OK(mp_init(&klambda));
+ CHECK_MPI_OK(mp_init(&t));
+ CHECK_MPI_OK(mp_init(&a));
+ CHECK_MPI_OK(mp_init(&cand));
+ CHECK_MPI_OK(mp_init(&n_minus_one));
+ CHECK_MPI_OK(mp_init(&next_cand));
+ CHECK_MPI_OK(mp_init(&onetwentyeight));
+
+ mp_set_int(&onetwentyeight, 128);
+
+ /* calculate k*lambda = e*d - 1 */
+ CHECK_MPI_OK(mp_mul(e, d, &klambda));
+ CHECK_MPI_OK(mp_sub_d(&klambda, 1, &klambda));
+
+ /* factorize klambda into t*2^s */
+ CHECK_MPI_OK(mp_copy(&klambda, &t));
+ while (mpp_divis_d(&t, 2) == MP_YES) {
+ CHECK_MPI_OK(mp_div_2(&t, &t));
+ s += 1;
+ }
+
+ /* precompute n_minus_one = n - 1 */
+ CHECK_MPI_OK(mp_copy(n, &n_minus_one));
+ CHECK_MPI_OK(mp_sub_d(&n_minus_one, 1, &n_minus_one));
+
+ /* pick random bases a, each one has a 50% leading to a factorization */
+ CHECK_MPI_OK(mp_set_int(&a, 2));
+ /* The following is equivalent to for (a=2, a <= 128, a+=2) */
+ while (mp_cmp(&a, &onetwentyeight) <= 0) {
+ /* compute the base cand = a^(t * 2^0) [i = 0] */
+ CHECK_MPI_OK(mp_exptmod(&a, &t, n, &cand));
+
+ for (i = 0; i < s; i++) {
+ /* condition 1: skip the base if we hit a trivial factor of n */
+ if (mp_cmp(&cand, &n_minus_one) == 0 || mp_cmp_d(&cand, 1) == 0) {
+ break;
+ }
+
+ /* increase i in a^(t * 2^i) by squaring the number */
+ CHECK_MPI_OK(mp_exptmod_d(&cand, 2, n, &next_cand));
+
+ /* condition 2: a^(t * 2^(i+1)) = 1 mod n */
+ if (mp_cmp_d(&next_cand, 1) == 0) {
+ /* conditions verified, gcd(a^(t * 2^i) - 1, n) is a factor */
+ CHECK_MPI_OK(mp_sub_d(&cand, 1, &cand));
+ CHECK_MPI_OK(mp_gcd(&cand, n, p));
+ if (mp_cmp_d(p, 1) == 0) {
+ CHECK_MPI_OK(mp_add_d(&cand, 1, &cand));
+ break;
+ }
+ CHECK_MPI_OK(mp_div(n, p, q, NULL));
+ goto cleanup;
+ }
+ CHECK_MPI_OK(mp_copy(&next_cand, &cand));
+ }
+
+ CHECK_MPI_OK(mp_add_d(&a, 2, &a));
+ }
+
+ /* if we reach here it's likely (2^64 - 1 / 2^64) that d is wrong */
+ err = MP_RANGE;
+
+cleanup:
+ mp_clear(&klambda);
+ mp_clear(&t);
+ mp_clear(&a);
+ mp_clear(&cand);
+ mp_clear(&n_minus_one);
+ mp_clear(&next_cand);
+ mp_clear(&onetwentyeight);
+ return err;
+}
+
+/*
+ * Try to find the two primes based on 2 exponents plus a prime.
+ *
+ * In: e, d and p.
+ * Out: p,q.
+ *
+ * Step 1, Since d = e**-1 mod phi, we know that d*e == 1 mod phi, or
+ * d*e = 1+k*phi, or d*e-1 = k*phi. since d is less than phi and e is
+ * usually less than d, then k must be an integer between e-1 and 1
+ * (probably on the order of e).
+ * Step 1a, We can divide k*phi by prime-1 and get k*(q-1). This will reduce
+ * the size of our division through the rest of the loop.
+ * Step 2, Loop through the values k=e-1 to 1 looking for k. k should be on
+ * the order or e, and e is typically small. This may take a while for
+ * a large random e. We are looking for a k that divides kphi
+ * evenly. Once we find a k that divides kphi evenly, we assume it
+ * is the true k. It's possible this k is not the 'true' k but has
+ * swapped factors of p-1 and/or q-1. Because of this, we
+ * tentatively continue Steps 3-6 inside this loop, and may return looking
+ * for another k on failure.
+ * Step 3, Calculate our tentative phi=kphi/k. Note: real phi is (p-1)*(q-1).
+ * Step 4a, kphi is k*(q-1), so phi is our tenative q-1. q = phi+1.
+ * If k is correct, q should be the right length and prime.
+ * Step 4b, It's possible q-1 and k could have swapped factors. We now have a
+ * possible solution that meets our criteria. It may not be the only
+ * solution, however, so we keep looking. If we find more than one,
+ * we will fail since we cannot determine which is the correct
+ * solution, and returning the wrong modulus will compromise both
+ * moduli. If no other solution is found, we return the unique solution.
+ *
+ * This will return p & q. q may be larger than p in the case that p was given
+ * and it was the smaller prime.
+ */
+static mp_err
+rsa_get_prime_from_exponents(mp_int *e, mp_int *d, mp_int *p, mp_int *q,
+ mp_int *n, unsigned int keySizeInBits)
+{
+ mp_int kphi; /* k*phi */
+ mp_int k; /* current guess at 'k' */
+ mp_int phi; /* (p-1)(q-1) */
+ mp_int r; /* remainder */
+ mp_int tmp; /* p-1 if p is given */
+ mp_err err = MP_OKAY;
+ unsigned int order_k;
+
+ MP_DIGITS(&kphi) = 0;
+ MP_DIGITS(&phi) = 0;
+ MP_DIGITS(&k) = 0;
+ MP_DIGITS(&r) = 0;
+ MP_DIGITS(&tmp) = 0;
+ CHECK_MPI_OK(mp_init(&kphi));
+ CHECK_MPI_OK(mp_init(&phi));
+ CHECK_MPI_OK(mp_init(&k));
+ CHECK_MPI_OK(mp_init(&r));
+ CHECK_MPI_OK(mp_init(&tmp));
+
+ /* our algorithm looks for a factor k whose maximum size is dependent
+ * on the size of our smallest exponent, which had better be the public
+ * exponent (if it's the private, the key is vulnerable to a brute force
+ * attack).
+ *
+ * since our factor search is linear, we need to limit the maximum
+ * size of the public key. this should not be a problem normally, since
+ * public keys are usually small.
+ *
+ * if we want to handle larger public key sizes, we should have
+ * a version which tries to 'completely' factor k*phi (where completely
+ * means 'factor into primes, or composites with which are products of
+ * large primes). Once we have all the factors, we can sort them out and
+ * try different combinations to form our phi. The risk is if (p-1)/2,
+ * (q-1)/2, and k are all large primes. In any case if the public key
+ * is small (order of 20 some bits), then a linear search for k is
+ * manageable.
+ */
+ if (mpl_significant_bits(e) > 23) {
+ err = MP_RANGE;
+ goto cleanup;
+ }
+
+ /* calculate k*phi = e*d - 1 */
+ CHECK_MPI_OK(mp_mul(e, d, &kphi));
+ CHECK_MPI_OK(mp_sub_d(&kphi, 1, &kphi));
+
+ /* kphi is (e*d)-1, which is the same as k*(p-1)(q-1)
+ * d < (p-1)(q-1), therefor k must be less than e-1
+ * We can narrow down k even more, though. Since p and q are odd and both
+ * have their high bit set, then we know that phi must be on order of
+ * keySizeBits.
+ */
+ order_k = (unsigned)mpl_significant_bits(&kphi) - keySizeInBits;
+
+ /* for (k=kinit; order(k) >= order_k; k--) { */
+ /* k=kinit: k can't be bigger than kphi/2^(keySizeInBits -1) */
+ CHECK_MPI_OK(mp_2expt(&k, keySizeInBits - 1));
+ CHECK_MPI_OK(mp_div(&kphi, &k, &k, NULL));
+ if (mp_cmp(&k, e) >= 0) {
+ /* also can't be bigger then e-1 */
+ CHECK_MPI_OK(mp_sub_d(e, 1, &k));
+ }
+
+ /* calculate our temp value */
+ /* This saves recalculating this value when the k guess is wrong, which
+ * is reasonably frequent. */
+ /* tmp = p-1 (used to calculate q-1= phi/tmp) */
+ CHECK_MPI_OK(mp_sub_d(p, 1, &tmp));
+ CHECK_MPI_OK(mp_div(&kphi, &tmp, &kphi, &r));
+ if (mp_cmp_z(&r) != 0) {
+ /* p-1 doesn't divide kphi, some parameter wasn't correct */
+ err = MP_RANGE;
+ goto cleanup;
+ }
+ mp_zero(q);
+ /* kphi is now k*(q-1) */
+
+ /* rest of the for loop */
+ for (; (err == MP_OKAY) && (mpl_significant_bits(&k) >= order_k);
+ err = mp_sub_d(&k, 1, &k)) {
+ CHECK_MPI_OK(err);
+ /* looking for k as a factor of kphi */
+ CHECK_MPI_OK(mp_div(&kphi, &k, &phi, &r));
+ if (mp_cmp_z(&r) != 0) {
+ /* not a factor, try the next one */
+ continue;
+ }
+ /* we have a possible phi, see if it works */
+ if ((unsigned)mpl_significant_bits(&phi) != keySizeInBits / 2) {
+ /* phi is not the right size */
+ continue;
+ }
+ /* phi should be divisible by 2, since
+ * q is odd and phi=(q-1). */
+ if (mpp_divis_d(&phi, 2) == MP_NO) {
+ /* phi is not divisible by 4 */
+ continue;
+ }
+ /* we now have a candidate for the second prime */
+ CHECK_MPI_OK(mp_add_d(&phi, 1, &tmp));
+
+ /* check to make sure it is prime */
+ err = rsa_is_prime(&tmp);
+ if (err != MP_OKAY) {
+ if (err == MP_NO) {
+ /* No, then we still have the wrong phi */
+ continue;
+ }
+ goto cleanup;
+ }
+ /*
+ * It is possible that we have the wrong phi if
+ * k_guess*(q_guess-1) = k*(q-1) (k and q-1 have swapped factors).
+ * since our q_quess is prime, however. We have found a valid
+ * rsa key because:
+ * q is the correct order of magnitude.
+ * phi = (p-1)(q-1) where p and q are both primes.
+ * e*d mod phi = 1.
+ * There is no way to know from the info given if this is the
+ * original key. We never want to return the wrong key because if
+ * two moduli with the same factor is known, then euclid's gcd
+ * algorithm can be used to find that factor. Even though the
+ * caller didn't pass the original modulus, it doesn't mean the
+ * modulus wasn't known or isn't available somewhere. So to be safe
+ * if we can't be sure we have the right q, we don't return any.
+ *
+ * So to make sure we continue looking for other valid q's. If none
+ * are found, then we can safely return this one, otherwise we just
+ * fail */
+ if (mp_cmp_z(q) != 0) {
+ /* this is the second valid q, don't return either,
+ * just fail */
+ err = MP_RANGE;
+ break;
+ }
+ /* we only have one q so far, save it and if no others are found,
+ * it's safe to return it */
+ CHECK_MPI_OK(mp_copy(&tmp, q));
+ continue;
+ }
+ if ((unsigned)mpl_significant_bits(&k) < order_k) {
+ if (mp_cmp_z(q) == 0) {
+ /* If we get here, something was wrong with the parameters we
+ * were given */
+ err = MP_RANGE;
+ }
+ }
+cleanup:
+ mp_clear(&kphi);
+ mp_clear(&phi);
+ mp_clear(&k);
+ mp_clear(&r);
+ mp_clear(&tmp);
+ return err;
+}
+
+/*
+ * take a private key with only a few elements and fill out the missing pieces.
+ *
+ * All the entries will be overwritten with data allocated out of the arena
+ * If no arena is supplied, one will be created.
+ *
+ * The following fields must be supplied in order for this function
+ * to succeed:
+ * one of either publicExponent or privateExponent
+ * two more of the following 5 parameters.
+ * modulus (n)
+ * prime1 (p)
+ * prime2 (q)
+ * publicExponent (e)
+ * privateExponent (d)
+ *
+ * NOTE: if only the publicExponent, privateExponent, and one prime is given,
+ * then there may be more than one RSA key that matches that combination.
+ *
+ * All parameters will be replaced in the key structure with new parameters
+ * Allocated out of the arena. There is no attempt to free the old structures.
+ * Prime1 will always be greater than prime2 (even if the caller supplies the
+ * smaller prime as prime1 or the larger prime as prime2). The parameters are
+ * not overwritten on failure.
+ *
+ * How it works:
+ * We can generate all the parameters from one of the exponents, plus the
+ * two primes. (rsa_build_key_from_primes)
+ * If we are given one of the exponents and both primes, we are done.
+ * If we are given one of the exponents, the modulus and one prime, we
+ * caclulate the second prime by dividing the modulus by the given
+ * prime, giving us an exponent and 2 primes.
+ * If we are given 2 exponents and one of the primes we calculate
+ * k*phi = d*e-1, where k is an integer less than d which
+ * divides d*e-1. We find factor k so we can isolate phi.
+ * phi = (p-1)(q-1)
+ * We can use phi to find the other prime as follows:
+ * q = (phi/(p-1)) + 1. We now have 2 primes and an exponent.
+ * (NOTE: if more then one prime meets this condition, the operation
+ * will fail. See comments elsewhere in this file about this).
+ * (rsa_get_prime_from_exponents)
+ * If we are given 2 exponents and the modulus we factor the modulus to
+ * get the 2 missing primes (rsa_factorize_n_from_exponents)
+ *
+ */
+SECStatus
+RSA_PopulatePrivateKey(RSAPrivateKey *key)
+{
+ PLArenaPool *arena = NULL;
+ PRBool needPublicExponent = PR_TRUE;
+ PRBool needPrivateExponent = PR_TRUE;
+ PRBool hasModulus = PR_FALSE;
+ unsigned int keySizeInBits = 0;
+ int prime_count = 0;
+ /* standard RSA nominclature */
+ mp_int p, q, e, d, n;
+ /* remainder */
+ mp_int r;
+ mp_err err = 0;
+ SECStatus rv = SECFailure;
+
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&d) = 0;
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&r) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&d));
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&r));
+
+ /* if the key didn't already have an arena, create one. */
+ if (key->arena == NULL) {
+ arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ goto cleanup;
+ }
+ key->arena = arena;
+ }
+
+ /* load up the known exponents */
+ if (key->publicExponent.data) {
+ SECITEM_TO_MPINT(key->publicExponent, &e);
+ needPublicExponent = PR_FALSE;
+ }
+ if (key->privateExponent.data) {
+ SECITEM_TO_MPINT(key->privateExponent, &d);
+ needPrivateExponent = PR_FALSE;
+ }
+ if (needPrivateExponent && needPublicExponent) {
+ /* Not enough information, we need at least one exponent */
+ err = MP_BADARG;
+ goto cleanup;
+ }
+
+ /* load up the known primes. If only one prime is given, it will be
+ * assigned 'p'. Once we have both primes, well make sure p is the larger.
+ * The value prime_count tells us howe many we have acquired.
+ */
+ if (key->prime1.data) {
+ int primeLen = key->prime1.len;
+ if (key->prime1.data[0] == 0) {
+ primeLen--;
+ }
+ keySizeInBits = primeLen * 2 * PR_BITS_PER_BYTE;
+ SECITEM_TO_MPINT(key->prime1, &p);
+ prime_count++;
+ }
+ if (key->prime2.data) {
+ int primeLen = key->prime2.len;
+ if (key->prime2.data[0] == 0) {
+ primeLen--;
+ }
+ keySizeInBits = primeLen * 2 * PR_BITS_PER_BYTE;
+ SECITEM_TO_MPINT(key->prime2, prime_count ? &q : &p);
+ prime_count++;
+ }
+ /* load up the modulus */
+ if (key->modulus.data) {
+ int modLen = key->modulus.len;
+ if (key->modulus.data[0] == 0) {
+ modLen--;
+ }
+ keySizeInBits = modLen * PR_BITS_PER_BYTE;
+ SECITEM_TO_MPINT(key->modulus, &n);
+ hasModulus = PR_TRUE;
+ }
+ /* if we have the modulus and one prime, calculate the second. */
+ if ((prime_count == 1) && (hasModulus)) {
+ if (mp_div(&n, &p, &q, &r) != MP_OKAY || mp_cmp_z(&r) != 0) {
+ /* p is not a factor or n, fail */
+ err = MP_BADARG;
+ goto cleanup;
+ }
+ prime_count++;
+ }
+
+ /* If we didn't have enough primes try to calculate the primes from
+ * the exponents */
+ if (prime_count < 2) {
+ /* if we don't have at least 2 primes at this point, then we need both
+ * exponents and one prime or a modulus*/
+ if (!needPublicExponent && !needPrivateExponent &&
+ (prime_count > 0)) {
+ CHECK_MPI_OK(rsa_get_prime_from_exponents(&e, &d, &p, &q, &n,
+ keySizeInBits));
+ } else if (!needPublicExponent && !needPrivateExponent && hasModulus) {
+ CHECK_MPI_OK(rsa_factorize_n_from_exponents(&e, &d, &p, &q, &n));
+ } else {
+ /* not enough given parameters to get both primes */
+ err = MP_BADARG;
+ goto cleanup;
+ }
+ }
+
+ /* Assure p > q */
+ /* NOTE: PKCS #1 does not require p > q, and NSS doesn't use any
+ * implementation optimization that requires p > q. We can remove
+ * this code in the future.
+ */
+ if (mp_cmp(&p, &q) < 0)
+ mp_exch(&p, &q);
+
+ /* we now have our 2 primes and at least one exponent, we can fill
+ * in the key */
+ rv = rsa_build_from_primes(&p, &q,
+ &e, needPublicExponent,
+ &d, needPrivateExponent,
+ key, keySizeInBits);
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&e);
+ mp_clear(&d);
+ mp_clear(&n);
+ mp_clear(&r);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ if (rv && arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ key->arena = NULL;
+ }
+ return rv;
+}
+
+static unsigned int
+rsa_modulusLen(SECItem *modulus)
+{
+ unsigned char byteZero = modulus->data[0];
+ unsigned int modLen = modulus->len - !byteZero;
+ return modLen;
+}
+
+/*
+** Perform a raw public-key operation
+** Length of input and output buffers are equal to key's modulus len.
+*/
+SECStatus
+RSA_PublicKeyOp(RSAPublicKey *key,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ unsigned int modLen, expLen, offset;
+ mp_int n, e, m, c;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ if (!key || !output || !input) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&m) = 0;
+ MP_DIGITS(&c) = 0;
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&m));
+ CHECK_MPI_OK(mp_init(&c));
+ modLen = rsa_modulusLen(&key->modulus);
+ expLen = rsa_modulusLen(&key->publicExponent);
+ /* 1. Obtain public key (n, e) */
+ if (BAD_RSA_KEY_SIZE(modLen, expLen)) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ SECITEM_TO_MPINT(key->modulus, &n);
+ SECITEM_TO_MPINT(key->publicExponent, &e);
+ if (e.used > n.used) {
+ /* exponent should not be greater than modulus */
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ /* 2. check input out of range (needs to be in range [0..n-1]) */
+ offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */
+ if (memcmp(input, key->modulus.data + offset, modLen) >= 0) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ rv = SECFailure;
+ goto cleanup;
+ }
+ /* 2 bis. Represent message as integer in range [0..n-1] */
+ CHECK_MPI_OK(mp_read_unsigned_octets(&m, input, modLen));
+/* 3. Compute c = m**e mod n */
+#ifdef USE_MPI_EXPT_D
+ /* XXX see which is faster */
+ if (MP_USED(&e) == 1) {
+ CHECK_MPI_OK(mp_exptmod_d(&m, MP_DIGIT(&e, 0), &n, &c));
+ } else
+#endif
+ CHECK_MPI_OK(mp_exptmod(&m, &e, &n, &c));
+ /* 4. result c is ciphertext */
+ err = mp_to_fixlen_octets(&c, output, modLen);
+ if (err >= 0)
+ err = MP_OKAY;
+cleanup:
+ mp_clear(&n);
+ mp_clear(&e);
+ mp_clear(&m);
+ mp_clear(&c);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+** RSA Private key operation (no CRT).
+*/
+static SECStatus
+rsa_PrivateKeyOpNoCRT(RSAPrivateKey *key, mp_int *m, mp_int *c, mp_int *n,
+ unsigned int modLen)
+{
+ mp_int d;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ MP_DIGITS(&d) = 0;
+ CHECK_MPI_OK(mp_init(&d));
+ SECITEM_TO_MPINT(key->privateExponent, &d);
+ /* 1. m = c**d mod n */
+ CHECK_MPI_OK(mp_exptmod(c, &d, n, m));
+cleanup:
+ mp_clear(&d);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+** RSA Private key operation using CRT.
+*/
+static SECStatus
+rsa_PrivateKeyOpCRTNoCheck(RSAPrivateKey *key, mp_int *m, mp_int *c)
+{
+ mp_int p, q, d_p, d_q, qInv;
+ mp_int m1, m2, h, ctmp;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&d_p) = 0;
+ MP_DIGITS(&d_q) = 0;
+ MP_DIGITS(&qInv) = 0;
+ MP_DIGITS(&m1) = 0;
+ MP_DIGITS(&m2) = 0;
+ MP_DIGITS(&h) = 0;
+ MP_DIGITS(&ctmp) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&d_p));
+ CHECK_MPI_OK(mp_init(&d_q));
+ CHECK_MPI_OK(mp_init(&qInv));
+ CHECK_MPI_OK(mp_init(&m1));
+ CHECK_MPI_OK(mp_init(&m2));
+ CHECK_MPI_OK(mp_init(&h));
+ CHECK_MPI_OK(mp_init(&ctmp));
+ /* copy private key parameters into mp integers */
+ SECITEM_TO_MPINT(key->prime1, &p); /* p */
+ SECITEM_TO_MPINT(key->prime2, &q); /* q */
+ SECITEM_TO_MPINT(key->exponent1, &d_p); /* d_p = d mod (p-1) */
+ SECITEM_TO_MPINT(key->exponent2, &d_q); /* d_q = d mod (q-1) */
+ SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
+ /* 1. m1 = c**d_p mod p */
+ CHECK_MPI_OK(mp_mod(c, &p, &ctmp));
+ CHECK_MPI_OK(mp_exptmod(&ctmp, &d_p, &p, &m1));
+ /* 2. m2 = c**d_q mod q */
+ CHECK_MPI_OK(mp_mod(c, &q, &ctmp));
+ CHECK_MPI_OK(mp_exptmod(&ctmp, &d_q, &q, &m2));
+ /* 3. h = (m1 - m2) * qInv mod p */
+ CHECK_MPI_OK(mp_submod(&m1, &m2, &p, &h));
+ CHECK_MPI_OK(mp_mulmod(&h, &qInv, &p, &h));
+ /* 4. m = m2 + h * q */
+ CHECK_MPI_OK(mp_mul(&h, &q, m));
+ CHECK_MPI_OK(mp_add(m, &m2, m));
+cleanup:
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&d_p);
+ mp_clear(&d_q);
+ mp_clear(&qInv);
+ mp_clear(&m1);
+ mp_clear(&m2);
+ mp_clear(&h);
+ mp_clear(&ctmp);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/*
+** An attack against RSA CRT was described by Boneh, DeMillo, and Lipton in:
+** "On the Importance of Eliminating Errors in Cryptographic Computations",
+** http://theory.stanford.edu/~dabo/papers/faults.ps.gz
+**
+** As a defense against the attack, carry out the private key operation,
+** followed up with a public key operation to invert the result.
+** Verify that result against the input.
+*/
+static SECStatus
+rsa_PrivateKeyOpCRTCheckedPubKey(RSAPrivateKey *key, mp_int *m, mp_int *c)
+{
+ mp_int n, e, v;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&v) = 0;
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&v));
+ CHECK_SEC_OK(rsa_PrivateKeyOpCRTNoCheck(key, m, c));
+ SECITEM_TO_MPINT(key->modulus, &n);
+ SECITEM_TO_MPINT(key->publicExponent, &e);
+ /* Perform a public key operation v = m ** e mod n */
+ CHECK_MPI_OK(mp_exptmod(m, &e, &n, &v));
+ if (mp_cmp(&v, c) != 0) {
+ rv = SECFailure;
+ }
+cleanup:
+ mp_clear(&n);
+ mp_clear(&e);
+ mp_clear(&v);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+static PRCallOnceType coBPInit = { 0, 0, 0 };
+static PRStatus
+init_blinding_params_list(void)
+{
+ blindingParamsList.lock = PZ_NewLock(nssILockOther);
+ if (!blindingParamsList.lock) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return PR_FAILURE;
+ }
+ blindingParamsList.cVar = PR_NewCondVar(blindingParamsList.lock);
+ if (!blindingParamsList.cVar) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return PR_FAILURE;
+ }
+ blindingParamsList.waitCount = 0;
+ PR_INIT_CLIST(&blindingParamsList.head);
+ return PR_SUCCESS;
+}
+
+static SECStatus
+generate_blinding_params(RSAPrivateKey *key, mp_int *f, mp_int *g, mp_int *n,
+ unsigned int modLen)
+{
+ SECStatus rv = SECSuccess;
+ mp_int e, k;
+ mp_err err = MP_OKAY;
+ unsigned char *kb = NULL;
+
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&k) = 0;
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&k));
+ SECITEM_TO_MPINT(key->publicExponent, &e);
+ /* generate random k < n */
+ kb = PORT_Alloc(modLen);
+ if (!kb) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto cleanup;
+ }
+ CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(kb, modLen));
+ CHECK_MPI_OK(mp_read_unsigned_octets(&k, kb, modLen));
+ /* k < n */
+ CHECK_MPI_OK(mp_mod(&k, n, &k));
+ /* f = k**e mod n */
+ CHECK_MPI_OK(mp_exptmod(&k, &e, n, f));
+ /* g = k**-1 mod n */
+ CHECK_MPI_OK(mp_invmod(&k, n, g));
+cleanup:
+ if (kb)
+ PORT_ZFree(kb, modLen);
+ mp_clear(&k);
+ mp_clear(&e);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+static SECStatus
+init_blinding_params(RSABlindingParams *rsabp, RSAPrivateKey *key,
+ mp_int *n, unsigned int modLen)
+{
+ blindingParams *bp = rsabp->array;
+ int i = 0;
+
+ /* Initialize the list pointer for the element */
+ PR_INIT_CLIST(&rsabp->link);
+ for (i = 0; i < RSA_BLINDING_PARAMS_MAX_CACHE_SIZE; ++i, ++bp) {
+ bp->next = bp + 1;
+ MP_DIGITS(&bp->f) = 0;
+ MP_DIGITS(&bp->g) = 0;
+ bp->counter = 0;
+ }
+ /* The last bp->next value was initialized with out
+ * of rsabp->array pointer and must be set to NULL
+ */
+ rsabp->array[RSA_BLINDING_PARAMS_MAX_CACHE_SIZE - 1].next = NULL;
+
+ bp = rsabp->array;
+ rsabp->bp = NULL;
+ rsabp->free = bp;
+
+ /* List elements are keyed using the modulus */
+ return SECITEM_CopyItem(NULL, &rsabp->modulus, &key->modulus);
+}
+
+static SECStatus
+get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen,
+ mp_int *f, mp_int *g)
+{
+ RSABlindingParams *rsabp = NULL;
+ blindingParams *bpUnlinked = NULL;
+ blindingParams *bp;
+ PRCList *el;
+ SECStatus rv = SECSuccess;
+ mp_err err = MP_OKAY;
+ int cmp = -1;
+ PRBool holdingLock = PR_FALSE;
+
+ do {
+ if (blindingParamsList.lock == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* Acquire the list lock */
+ PZ_Lock(blindingParamsList.lock);
+ holdingLock = PR_TRUE;
+
+ /* Walk the list looking for the private key */
+ for (el = PR_NEXT_LINK(&blindingParamsList.head);
+ el != &blindingParamsList.head;
+ el = PR_NEXT_LINK(el)) {
+ rsabp = (RSABlindingParams *)el;
+ cmp = SECITEM_CompareItem(&rsabp->modulus, &key->modulus);
+ if (cmp >= 0) {
+ /* The key is found or not in the list. */
+ break;
+ }
+ }
+
+ if (cmp) {
+ /* At this point, the key is not in the list. el should point to
+ ** the list element before which this key should be inserted.
+ */
+ rsabp = PORT_ZNew(RSABlindingParams);
+ if (!rsabp) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto cleanup;
+ }
+
+ rv = init_blinding_params(rsabp, key, n, modLen);
+ if (rv != SECSuccess) {
+ PORT_ZFree(rsabp, sizeof(RSABlindingParams));
+ goto cleanup;
+ }
+
+ /* Insert the new element into the list
+ ** If inserting in the middle of the list, el points to the link
+ ** to insert before. Otherwise, the link needs to be appended to
+ ** the end of the list, which is the same as inserting before the
+ ** head (since el would have looped back to the head).
+ */
+ PR_INSERT_BEFORE(&rsabp->link, el);
+ }
+
+ /* We've found (or created) the RSAblindingParams struct for this key.
+ * Now, search its list of ready blinding params for a usable one.
+ */
+ while (0 != (bp = rsabp->bp)) {
+ if (--(bp->counter) > 0) {
+ /* Found a match and there are still remaining uses left */
+ /* Return the parameters */
+ CHECK_MPI_OK(mp_copy(&bp->f, f));
+ CHECK_MPI_OK(mp_copy(&bp->g, g));
+
+ PZ_Unlock(blindingParamsList.lock);
+ return SECSuccess;
+ }
+ /* exhausted this one, give its values to caller, and
+ * then retire it.
+ */
+ mp_exch(&bp->f, f);
+ mp_exch(&bp->g, g);
+ mp_clear(&bp->f);
+ mp_clear(&bp->g);
+ bp->counter = 0;
+ /* Move to free list */
+ rsabp->bp = bp->next;
+ bp->next = rsabp->free;
+ rsabp->free = bp;
+ /* In case there're threads waiting for new blinding
+ * value - notify 1 thread the value is ready
+ */
+ if (blindingParamsList.waitCount > 0) {
+ PR_NotifyCondVar(blindingParamsList.cVar);
+ blindingParamsList.waitCount--;
+ }
+ PZ_Unlock(blindingParamsList.lock);
+ return SECSuccess;
+ }
+ /* We did not find a usable set of blinding params. Can we make one? */
+ /* Find a free bp struct. */
+ if ((bp = rsabp->free) != NULL) {
+ /* unlink this bp */
+ rsabp->free = bp->next;
+ bp->next = NULL;
+ bpUnlinked = bp; /* In case we fail */
+
+ PZ_Unlock(blindingParamsList.lock);
+ holdingLock = PR_FALSE;
+ /* generate blinding parameter values for the current thread */
+ CHECK_SEC_OK(generate_blinding_params(key, f, g, n, modLen));
+
+ /* put the blinding parameter values into cache */
+ CHECK_MPI_OK(mp_init(&bp->f));
+ CHECK_MPI_OK(mp_init(&bp->g));
+ CHECK_MPI_OK(mp_copy(f, &bp->f));
+ CHECK_MPI_OK(mp_copy(g, &bp->g));
+
+ /* Put this at head of queue of usable params. */
+ PZ_Lock(blindingParamsList.lock);
+ holdingLock = PR_TRUE;
+ (void)holdingLock;
+ /* initialize RSABlindingParamsStr */
+ bp->counter = RSA_BLINDING_PARAMS_MAX_REUSE;
+ bp->next = rsabp->bp;
+ rsabp->bp = bp;
+ bpUnlinked = NULL;
+ /* In case there're threads waiting for new blinding value
+ * just notify them the value is ready
+ */
+ if (blindingParamsList.waitCount > 0) {
+ PR_NotifyAllCondVar(blindingParamsList.cVar);
+ blindingParamsList.waitCount = 0;
+ }
+ PZ_Unlock(blindingParamsList.lock);
+ return SECSuccess;
+ }
+ /* Here, there are no usable blinding parameters available,
+ * and no free bp blocks, presumably because they're all
+ * actively having parameters generated for them.
+ * So, we need to wait here and not eat up CPU until some
+ * change happens.
+ */
+ blindingParamsList.waitCount++;
+ PR_WaitCondVar(blindingParamsList.cVar, PR_INTERVAL_NO_TIMEOUT);
+ PZ_Unlock(blindingParamsList.lock);
+ holdingLock = PR_FALSE;
+ (void)holdingLock;
+ } while (1);
+
+cleanup:
+ /* It is possible to reach this after the lock is already released. */
+ if (bpUnlinked) {
+ if (!holdingLock) {
+ PZ_Lock(blindingParamsList.lock);
+ holdingLock = PR_TRUE;
+ }
+ bp = bpUnlinked;
+ mp_clear(&bp->f);
+ mp_clear(&bp->g);
+ bp->counter = 0;
+ /* Must put the unlinked bp back on the free list */
+ bp->next = rsabp->free;
+ rsabp->free = bp;
+ }
+ if (holdingLock) {
+ PZ_Unlock(blindingParamsList.lock);
+ }
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ }
+ return SECFailure;
+}
+
+/*
+** Perform a raw private-key operation
+** Length of input and output buffers are equal to key's modulus len.
+*/
+static SECStatus
+rsa_PrivateKeyOp(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input,
+ PRBool check)
+{
+ unsigned int modLen;
+ unsigned int offset;
+ SECStatus rv = SECSuccess;
+ mp_err err;
+ mp_int n, c, m;
+ mp_int f, g;
+ if (!key || !output || !input) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* check input out of range (needs to be in range [0..n-1]) */
+ modLen = rsa_modulusLen(&key->modulus);
+ offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */
+ if (memcmp(input, key->modulus.data + offset, modLen) >= 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&c) = 0;
+ MP_DIGITS(&m) = 0;
+ MP_DIGITS(&f) = 0;
+ MP_DIGITS(&g) = 0;
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&c));
+ CHECK_MPI_OK(mp_init(&m));
+ CHECK_MPI_OK(mp_init(&f));
+ CHECK_MPI_OK(mp_init(&g));
+ SECITEM_TO_MPINT(key->modulus, &n);
+ OCTETS_TO_MPINT(input, &c, modLen);
+ /* If blinding, compute pre-image of ciphertext by multiplying by
+ ** blinding factor
+ */
+ if (nssRSAUseBlinding) {
+ CHECK_SEC_OK(get_blinding_params(key, &n, modLen, &f, &g));
+ /* c' = c*f mod n */
+ CHECK_MPI_OK(mp_mulmod(&c, &f, &n, &c));
+ }
+ /* Do the private key operation m = c**d mod n */
+ if (key->prime1.len == 0 ||
+ key->prime2.len == 0 ||
+ key->exponent1.len == 0 ||
+ key->exponent2.len == 0 ||
+ key->coefficient.len == 0) {
+ CHECK_SEC_OK(rsa_PrivateKeyOpNoCRT(key, &m, &c, &n, modLen));
+ } else if (check) {
+ CHECK_SEC_OK(rsa_PrivateKeyOpCRTCheckedPubKey(key, &m, &c));
+ } else {
+ CHECK_SEC_OK(rsa_PrivateKeyOpCRTNoCheck(key, &m, &c));
+ }
+ /* If blinding, compute post-image of plaintext by multiplying by
+ ** blinding factor
+ */
+ if (nssRSAUseBlinding) {
+ /* m = m'*g mod n */
+ CHECK_MPI_OK(mp_mulmod(&m, &g, &n, &m));
+ }
+ err = mp_to_fixlen_octets(&m, output, modLen);
+ if (err >= 0)
+ err = MP_OKAY;
+cleanup:
+ mp_clear(&n);
+ mp_clear(&c);
+ mp_clear(&m);
+ mp_clear(&f);
+ mp_clear(&g);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+SECStatus
+RSA_PrivateKeyOp(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ return rsa_PrivateKeyOp(key, output, input, PR_FALSE);
+}
+
+SECStatus
+RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
+ unsigned char *output,
+ const unsigned char *input)
+{
+ return rsa_PrivateKeyOp(key, output, input, PR_TRUE);
+}
+
+SECStatus
+RSA_PrivateKeyCheck(const RSAPrivateKey *key)
+{
+ mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;
+ mp_err err = MP_OKAY;
+ SECStatus rv = SECSuccess;
+ MP_DIGITS(&p) = 0;
+ MP_DIGITS(&q) = 0;
+ MP_DIGITS(&n) = 0;
+ MP_DIGITS(&psub1) = 0;
+ MP_DIGITS(&qsub1) = 0;
+ MP_DIGITS(&e) = 0;
+ MP_DIGITS(&d) = 0;
+ MP_DIGITS(&d_p) = 0;
+ MP_DIGITS(&d_q) = 0;
+ MP_DIGITS(&qInv) = 0;
+ MP_DIGITS(&res) = 0;
+ CHECK_MPI_OK(mp_init(&p));
+ CHECK_MPI_OK(mp_init(&q));
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&psub1));
+ CHECK_MPI_OK(mp_init(&qsub1));
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&d));
+ CHECK_MPI_OK(mp_init(&d_p));
+ CHECK_MPI_OK(mp_init(&d_q));
+ CHECK_MPI_OK(mp_init(&qInv));
+ CHECK_MPI_OK(mp_init(&res));
+
+ if (!key->modulus.data || !key->prime1.data || !key->prime2.data ||
+ !key->publicExponent.data || !key->privateExponent.data ||
+ !key->exponent1.data || !key->exponent2.data ||
+ !key->coefficient.data) {
+ /* call RSA_PopulatePrivateKey first, if the application wishes to
+ * recover these parameters */
+ err = MP_BADARG;
+ goto cleanup;
+ }
+
+ SECITEM_TO_MPINT(key->modulus, &n);
+ SECITEM_TO_MPINT(key->prime1, &p);
+ SECITEM_TO_MPINT(key->prime2, &q);
+ SECITEM_TO_MPINT(key->publicExponent, &e);
+ SECITEM_TO_MPINT(key->privateExponent, &d);
+ SECITEM_TO_MPINT(key->exponent1, &d_p);
+ SECITEM_TO_MPINT(key->exponent2, &d_q);
+ SECITEM_TO_MPINT(key->coefficient, &qInv);
+ /* p and q must be distinct. */
+ if (mp_cmp(&p, &q) == 0) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+#define VERIFY_MPI_EQUAL(m1, m2) \
+ if (mp_cmp(m1, m2) != 0) { \
+ rv = SECFailure; \
+ goto cleanup; \
+ }
+#define VERIFY_MPI_EQUAL_1(m) \
+ if (mp_cmp_d(m, 1) != 0) { \
+ rv = SECFailure; \
+ goto cleanup; \
+ }
+ /* n == p * q */
+ CHECK_MPI_OK(mp_mul(&p, &q, &res));
+ VERIFY_MPI_EQUAL(&res, &n);
+ /* gcd(e, p-1) == 1 */
+ CHECK_MPI_OK(mp_sub_d(&p, 1, &psub1));
+ CHECK_MPI_OK(mp_gcd(&e, &psub1, &res));
+ VERIFY_MPI_EQUAL_1(&res);
+ /* gcd(e, q-1) == 1 */
+ CHECK_MPI_OK(mp_sub_d(&q, 1, &qsub1));
+ CHECK_MPI_OK(mp_gcd(&e, &qsub1, &res));
+ VERIFY_MPI_EQUAL_1(&res);
+ /* d*e == 1 mod p-1 */
+ CHECK_MPI_OK(mp_mulmod(&d, &e, &psub1, &res));
+ VERIFY_MPI_EQUAL_1(&res);
+ /* d*e == 1 mod q-1 */
+ CHECK_MPI_OK(mp_mulmod(&d, &e, &qsub1, &res));
+ VERIFY_MPI_EQUAL_1(&res);
+ /* d_p == d mod p-1 */
+ CHECK_MPI_OK(mp_mod(&d, &psub1, &res));
+ VERIFY_MPI_EQUAL(&res, &d_p);
+ /* d_q == d mod q-1 */
+ CHECK_MPI_OK(mp_mod(&d, &qsub1, &res));
+ VERIFY_MPI_EQUAL(&res, &d_q);
+ /* q * q**-1 == 1 mod p */
+ CHECK_MPI_OK(mp_mulmod(&q, &qInv, &p, &res));
+ VERIFY_MPI_EQUAL_1(&res);
+
+cleanup:
+ mp_clear(&n);
+ mp_clear(&p);
+ mp_clear(&q);
+ mp_clear(&psub1);
+ mp_clear(&qsub1);
+ mp_clear(&e);
+ mp_clear(&d);
+ mp_clear(&d_p);
+ mp_clear(&d_q);
+ mp_clear(&qInv);
+ mp_clear(&res);
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+static SECStatus
+RSA_Init(void)
+{
+ if (PR_CallOnce(&coBPInit, init_blinding_params_list) != PR_SUCCESS) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+BL_Init(void)
+{
+ return RSA_Init();
+}
+
+/* cleanup at shutdown */
+void
+RSA_Cleanup(void)
+{
+ blindingParams *bp = NULL;
+ if (!coBPInit.initialized)
+ return;
+
+ while (!PR_CLIST_IS_EMPTY(&blindingParamsList.head)) {
+ RSABlindingParams *rsabp =
+ (RSABlindingParams *)PR_LIST_HEAD(&blindingParamsList.head);
+ PR_REMOVE_LINK(&rsabp->link);
+ /* clear parameters cache */
+ while (rsabp->bp != NULL) {
+ bp = rsabp->bp;
+ rsabp->bp = rsabp->bp->next;
+ mp_clear(&bp->f);
+ mp_clear(&bp->g);
+ }
+ SECITEM_FreeItem(&rsabp->modulus, PR_FALSE);
+ PORT_Free(rsabp);
+ }
+
+ if (blindingParamsList.cVar) {
+ PR_DestroyCondVar(blindingParamsList.cVar);
+ blindingParamsList.cVar = NULL;
+ }
+
+ if (blindingParamsList.lock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(blindingParamsList.lock));
+ blindingParamsList.lock = NULL;
+ }
+
+ coBPInit.initialized = 0;
+ coBPInit.inProgress = 0;
+ coBPInit.status = 0;
+}
+
+/*
+ * need a central place for this function to free up all the memory that
+ * free_bl may have allocated along the way. Currently only RSA does this,
+ * so I've put it here for now.
+ */
+void
+BL_Cleanup(void)
+{
+ RSA_Cleanup();
+}
+
+PRBool bl_parentForkedAfterC_Initialize;
+
+/*
+ * Set fork flag so it can be tested in SKIP_AFTER_FORK on relevant platforms.
+ */
+void
+BL_SetForkState(PRBool forked)
+{
+ bl_parentForkedAfterC_Initialize = forked;
+}
diff --git a/security/nss/lib/freebl/rsapkcs.c b/security/nss/lib/freebl/rsapkcs.c
new file mode 100644
index 000000000..577fe1f61
--- /dev/null
+++ b/security/nss/lib/freebl/rsapkcs.c
@@ -0,0 +1,1385 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * RSA PKCS#1 v2.1 (RFC 3447) operations
+ */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "secerr.h"
+
+#include "blapi.h"
+#include "secitem.h"
+#include "blapii.h"
+
+#define RSA_BLOCK_MIN_PAD_LEN 8
+#define RSA_BLOCK_FIRST_OCTET 0x00
+#define RSA_BLOCK_PRIVATE_PAD_OCTET 0xff
+#define RSA_BLOCK_AFTER_PAD_OCTET 0x00
+
+/*
+ * RSA block types
+ *
+ * The values of RSA_BlockPrivate and RSA_BlockPublic are fixed.
+ * The value of RSA_BlockRaw isn't fixed by definition, but we are keeping
+ * the value that NSS has been using in the past.
+ */
+typedef enum {
+ RSA_BlockPrivate = 1, /* pad for a private-key operation */
+ RSA_BlockPublic = 2, /* pad for a public-key operation */
+ RSA_BlockRaw = 4 /* simply justify the block appropriately */
+} RSA_BlockType;
+
+/* Needed for RSA-PSS functions */
+static const unsigned char eightZeros[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
+
+/* Constant time comparison of a single byte.
+ * Returns 1 iff a == b, otherwise returns 0.
+ * Note: For ranges of bytes, use constantTimeCompare.
+ */
+static unsigned char
+constantTimeEQ8(unsigned char a, unsigned char b)
+{
+ unsigned char c = ~((a - b) | (b - a));
+ c >>= 7;
+ return c;
+}
+
+/* Constant time comparison of a range of bytes.
+ * Returns 1 iff len bytes of a are identical to len bytes of b, otherwise
+ * returns 0.
+ */
+static unsigned char
+constantTimeCompare(const unsigned char *a,
+ const unsigned char *b,
+ unsigned int len)
+{
+ unsigned char tmp = 0;
+ unsigned int i;
+ for (i = 0; i < len; ++i, ++a, ++b)
+ tmp |= *a ^ *b;
+ return constantTimeEQ8(0x00, tmp);
+}
+
+/* Constant time conditional.
+ * Returns a if c is 1, or b if c is 0. The result is undefined if c is
+ * not 0 or 1.
+ */
+static unsigned int
+constantTimeCondition(unsigned int c,
+ unsigned int a,
+ unsigned int b)
+{
+ return (~(c - 1) & a) | ((c - 1) & b);
+}
+
+static unsigned int
+rsa_modulusLen(SECItem *modulus)
+{
+ unsigned char byteZero = modulus->data[0];
+ unsigned int modLen = modulus->len - !byteZero;
+ return modLen;
+}
+
+/*
+ * Format one block of data for public/private key encryption using
+ * the rules defined in PKCS #1.
+ */
+static unsigned char *
+rsa_FormatOneBlock(unsigned modulusLen,
+ RSA_BlockType blockType,
+ SECItem *data)
+{
+ unsigned char *block;
+ unsigned char *bp;
+ int padLen;
+ int i, j;
+ SECStatus rv;
+
+ block = (unsigned char *)PORT_Alloc(modulusLen);
+ if (block == NULL)
+ return NULL;
+
+ bp = block;
+
+ /*
+ * All RSA blocks start with two octets:
+ * 0x00 || BlockType
+ */
+ *bp++ = RSA_BLOCK_FIRST_OCTET;
+ *bp++ = (unsigned char)blockType;
+
+ switch (blockType) {
+
+ /*
+ * Blocks intended for private-key operation.
+ */
+ case RSA_BlockPrivate: /* preferred method */
+ /*
+ * 0x00 || BT || Pad || 0x00 || ActualData
+ * 1 1 padLen 1 data->len
+ * Pad is either all 0x00 or all 0xff bytes, depending on blockType.
+ */
+ padLen = modulusLen - data->len - 3;
+ PORT_Assert(padLen >= RSA_BLOCK_MIN_PAD_LEN);
+ if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
+ PORT_Free(block);
+ return NULL;
+ }
+ PORT_Memset(bp, RSA_BLOCK_PRIVATE_PAD_OCTET, padLen);
+ bp += padLen;
+ *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
+ PORT_Memcpy(bp, data->data, data->len);
+ break;
+
+ /*
+ * Blocks intended for public-key operation.
+ */
+ case RSA_BlockPublic:
+ /*
+ * 0x00 || BT || Pad || 0x00 || ActualData
+ * 1 1 padLen 1 data->len
+ * Pad is all non-zero random bytes.
+ *
+ * Build the block left to right.
+ * Fill the entire block from Pad to the end with random bytes.
+ * Use the bytes after Pad as a supply of extra random bytes from
+ * which to find replacements for the zero bytes in Pad.
+ * If we need more than that, refill the bytes after Pad with
+ * new random bytes as necessary.
+ */
+ padLen = modulusLen - (data->len + 3);
+ PORT_Assert(padLen >= RSA_BLOCK_MIN_PAD_LEN);
+ if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
+ PORT_Free(block);
+ return NULL;
+ }
+ j = modulusLen - 2;
+ rv = RNG_GenerateGlobalRandomBytes(bp, j);
+ if (rv == SECSuccess) {
+ for (i = 0; i < padLen;) {
+ unsigned char repl;
+ /* Pad with non-zero random data. */
+ if (bp[i] != RSA_BLOCK_AFTER_PAD_OCTET) {
+ ++i;
+ continue;
+ }
+ if (j <= padLen) {
+ rv = RNG_GenerateGlobalRandomBytes(bp + padLen,
+ modulusLen - (2 + padLen));
+ if (rv != SECSuccess)
+ break;
+ j = modulusLen - 2;
+ }
+ do {
+ repl = bp[--j];
+ } while (repl == RSA_BLOCK_AFTER_PAD_OCTET && j > padLen);
+ if (repl != RSA_BLOCK_AFTER_PAD_OCTET) {
+ bp[i++] = repl;
+ }
+ }
+ }
+ if (rv != SECSuccess) {
+ PORT_Free(block);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ bp += padLen;
+ *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
+ PORT_Memcpy(bp, data->data, data->len);
+ break;
+
+ default:
+ PORT_Assert(0);
+ PORT_Free(block);
+ return NULL;
+ }
+
+ return block;
+}
+
+static SECStatus
+rsa_FormatBlock(SECItem *result,
+ unsigned modulusLen,
+ RSA_BlockType blockType,
+ SECItem *data)
+{
+ switch (blockType) {
+ case RSA_BlockPrivate:
+ case RSA_BlockPublic:
+ /*
+ * 0x00 || BT || Pad || 0x00 || ActualData
+ *
+ * The "3" below is the first octet + the second octet + the 0x00
+ * octet that always comes just before the ActualData.
+ */
+ PORT_Assert(data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
+
+ result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
+ if (result->data == NULL) {
+ result->len = 0;
+ return SECFailure;
+ }
+ result->len = modulusLen;
+
+ break;
+
+ case RSA_BlockRaw:
+ /*
+ * Pad || ActualData
+ * Pad is zeros. The application is responsible for recovering
+ * the actual data.
+ */
+ if (data->len > modulusLen) {
+ return SECFailure;
+ }
+ result->data = (unsigned char *)PORT_ZAlloc(modulusLen);
+ result->len = modulusLen;
+ PORT_Memcpy(result->data + (modulusLen - data->len),
+ data->data, data->len);
+ break;
+
+ default:
+ PORT_Assert(0);
+ result->data = NULL;
+ result->len = 0;
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Mask generation function MGF1 as defined in PKCS #1 v2.1 / RFC 3447.
+ */
+static SECStatus
+MGF1(HASH_HashType hashAlg,
+ unsigned char *mask,
+ unsigned int maskLen,
+ const unsigned char *mgfSeed,
+ unsigned int mgfSeedLen)
+{
+ unsigned int digestLen;
+ PRUint32 counter;
+ PRUint32 rounds;
+ unsigned char *tempHash;
+ unsigned char *temp;
+ const SECHashObject *hash;
+ void *hashContext;
+ unsigned char C[4];
+
+ hash = HASH_GetRawHashObject(hashAlg);
+ if (hash == NULL)
+ return SECFailure;
+
+ hashContext = (*hash->create)();
+ rounds = (maskLen + hash->length - 1) / hash->length;
+ for (counter = 0; counter < rounds; counter++) {
+ C[0] = (unsigned char)((counter >> 24) & 0xff);
+ C[1] = (unsigned char)((counter >> 16) & 0xff);
+ C[2] = (unsigned char)((counter >> 8) & 0xff);
+ C[3] = (unsigned char)(counter & 0xff);
+
+ /* This could be optimized when the clone functions in
+ * rawhash.c are implemented. */
+ (*hash->begin)(hashContext);
+ (*hash->update)(hashContext, mgfSeed, mgfSeedLen);
+ (*hash->update)(hashContext, C, sizeof C);
+
+ tempHash = mask + counter * hash->length;
+ if (counter != (rounds - 1)) {
+ (*hash->end)(hashContext, tempHash, &digestLen, hash->length);
+ } else { /* we're in the last round and need to cut the hash */
+ temp = (unsigned char *)PORT_Alloc(hash->length);
+ (*hash->end)(hashContext, temp, &digestLen, hash->length);
+ PORT_Memcpy(tempHash, temp, maskLen - counter * hash->length);
+ PORT_Free(temp);
+ }
+ }
+ (*hash->destroy)(hashContext, PR_TRUE);
+
+ return SECSuccess;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_SignRaw(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *data,
+ unsigned int dataLen)
+{
+ SECStatus rv = SECSuccess;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ SECItem formatted;
+ SECItem unformatted;
+
+ if (maxOutputLen < modulusLen)
+ return SECFailure;
+
+ unformatted.len = dataLen;
+ unformatted.data = (unsigned char *)data;
+ formatted.data = NULL;
+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockRaw, &unformatted);
+ if (rv != SECSuccess)
+ goto done;
+
+ rv = RSA_PrivateKeyOpDoubleChecked(key, output, formatted.data);
+ *outputLen = modulusLen;
+
+done:
+ if (formatted.data != NULL)
+ PORT_ZFree(formatted.data, modulusLen);
+ return rv;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_CheckSignRaw(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned char *buffer;
+
+ if (sigLen != modulusLen)
+ goto failure;
+ if (hashLen > modulusLen)
+ goto failure;
+
+ buffer = (unsigned char *)PORT_Alloc(modulusLen + 1);
+ if (!buffer)
+ goto failure;
+
+ rv = RSA_PublicKeyOp(key, buffer, sig);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * make sure we get the same results
+ */
+ /* XXX(rsleevi): Constant time */
+ /* NOTE: should we verify the leading zeros? */
+ if (PORT_Memcmp(buffer + (modulusLen - hashLen), hash, hashLen) != 0)
+ goto loser;
+
+ PORT_Free(buffer);
+ return SECSuccess;
+
+loser:
+ PORT_Free(buffer);
+failure:
+ return SECFailure;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_CheckSignRecoverRaw(RSAPublicKey *key,
+ unsigned char *data,
+ unsigned int *dataLen,
+ unsigned int maxDataLen,
+ const unsigned char *sig,
+ unsigned int sigLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+
+ if (sigLen != modulusLen)
+ goto failure;
+ if (maxDataLen < modulusLen)
+ goto failure;
+
+ rv = RSA_PublicKeyOp(key, data, sig);
+ if (rv != SECSuccess)
+ goto failure;
+
+ *dataLen = modulusLen;
+ return SECSuccess;
+
+failure:
+ return SECFailure;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_EncryptRaw(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ SECItem formatted;
+ SECItem unformatted;
+
+ formatted.data = NULL;
+ if (maxOutputLen < modulusLen)
+ goto failure;
+
+ unformatted.len = inputLen;
+ unformatted.data = (unsigned char *)input;
+ formatted.data = NULL;
+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockRaw, &unformatted);
+ if (rv != SECSuccess)
+ goto failure;
+
+ rv = RSA_PublicKeyOp(key, output, formatted.data);
+ if (rv != SECSuccess)
+ goto failure;
+
+ PORT_ZFree(formatted.data, modulusLen);
+ *outputLen = modulusLen;
+ return SECSuccess;
+
+failure:
+ if (formatted.data != NULL)
+ PORT_ZFree(formatted.data, modulusLen);
+ return SECFailure;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_DecryptRaw(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+
+ if (modulusLen > maxOutputLen)
+ goto failure;
+ if (inputLen != modulusLen)
+ goto failure;
+
+ rv = RSA_PrivateKeyOp(key, output, input);
+ if (rv != SECSuccess)
+ goto failure;
+
+ *outputLen = modulusLen;
+ return SECSuccess;
+
+failure:
+ return SECFailure;
+}
+
+/*
+ * Decodes an EME-OAEP encoded block, validating the encoding in constant
+ * time.
+ * Described in RFC 3447, section 7.1.2.
+ * input contains the encoded block, after decryption.
+ * label is the optional value L that was associated with the message.
+ * On success, the original message and message length will be stored in
+ * output and outputLen.
+ */
+static SECStatus
+eme_oaep_decode(unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen)
+{
+ const SECHashObject *hash;
+ void *hashContext;
+ SECStatus rv = SECFailure;
+ unsigned char labelHash[HASH_LENGTH_MAX];
+ unsigned int i;
+ unsigned int maskLen;
+ unsigned int paddingOffset;
+ unsigned char *mask = NULL;
+ unsigned char *tmpOutput = NULL;
+ unsigned char isGood;
+ unsigned char foundPaddingEnd;
+
+ hash = HASH_GetRawHashObject(hashAlg);
+
+ /* 1.c */
+ if (inputLen < (hash->length * 2) + 2) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ /* Step 3.a - Generate lHash */
+ hashContext = (*hash->create)();
+ if (hashContext == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ (*hash->begin)(hashContext);
+ if (labelLen > 0)
+ (*hash->update)(hashContext, label, labelLen);
+ (*hash->end)(hashContext, labelHash, &i, sizeof(labelHash));
+ (*hash->destroy)(hashContext, PR_TRUE);
+
+ tmpOutput = (unsigned char *)PORT_Alloc(inputLen);
+ if (tmpOutput == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto done;
+ }
+
+ maskLen = inputLen - hash->length - 1;
+ mask = (unsigned char *)PORT_Alloc(maskLen);
+ if (mask == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto done;
+ }
+
+ PORT_Memcpy(tmpOutput, input, inputLen);
+
+ /* 3.c - Generate seedMask */
+ MGF1(maskHashAlg, mask, hash->length, &tmpOutput[1 + hash->length],
+ inputLen - hash->length - 1);
+ /* 3.d - Unmask seed */
+ for (i = 0; i < hash->length; ++i)
+ tmpOutput[1 + i] ^= mask[i];
+
+ /* 3.e - Generate dbMask */
+ MGF1(maskHashAlg, mask, maskLen, &tmpOutput[1], hash->length);
+ /* 3.f - Unmask DB */
+ for (i = 0; i < maskLen; ++i)
+ tmpOutput[1 + hash->length + i] ^= mask[i];
+
+ /* 3.g - Compare Y, lHash, and PS in constant time
+ * Warning: This code is timing dependent and must not disclose which of
+ * these were invalid.
+ */
+ paddingOffset = 0;
+ isGood = 1;
+ foundPaddingEnd = 0;
+
+ /* Compare Y */
+ isGood &= constantTimeEQ8(0x00, tmpOutput[0]);
+
+ /* Compare lHash and lHash' */
+ isGood &= constantTimeCompare(&labelHash[0],
+ &tmpOutput[1 + hash->length],
+ hash->length);
+
+ /* Compare that the padding is zero or more zero octets, followed by a
+ * 0x01 octet */
+ for (i = 1 + (hash->length * 2); i < inputLen; ++i) {
+ unsigned char isZero = constantTimeEQ8(0x00, tmpOutput[i]);
+ unsigned char isOne = constantTimeEQ8(0x01, tmpOutput[i]);
+ /* non-constant time equivalent:
+ * if (tmpOutput[i] == 0x01 && !foundPaddingEnd)
+ * paddingOffset = i;
+ */
+ paddingOffset = constantTimeCondition(isOne & ~foundPaddingEnd, i,
+ paddingOffset);
+ /* non-constant time equivalent:
+ * if (tmpOutput[i] == 0x01)
+ * foundPaddingEnd = true;
+ *
+ * Note: This may yield false positives, as it will be set whenever
+ * a 0x01 byte is encountered. If there was bad padding (eg:
+ * 0x03 0x02 0x01), foundPaddingEnd will still be set to true, and
+ * paddingOffset will still be set to 2.
+ */
+ foundPaddingEnd = constantTimeCondition(isOne, 1, foundPaddingEnd);
+ /* non-constant time equivalent:
+ * if (tmpOutput[i] != 0x00 && tmpOutput[i] != 0x01 &&
+ * !foundPaddingEnd) {
+ * isGood = false;
+ * }
+ *
+ * Note: This may yield false positives, as a message (and padding)
+ * that is entirely zeros will result in isGood still being true. Thus
+ * it's necessary to check foundPaddingEnd is positive below.
+ */
+ isGood = constantTimeCondition(~foundPaddingEnd & ~isZero, 0, isGood);
+ }
+
+ /* While both isGood and foundPaddingEnd may have false positives, they
+ * cannot BOTH have false positives. If both are not true, then an invalid
+ * message was received. Note, this comparison must still be done in constant
+ * time so as not to leak either condition.
+ */
+ if (!(isGood & foundPaddingEnd)) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ goto done;
+ }
+
+ /* End timing dependent code */
+
+ ++paddingOffset; /* Skip the 0x01 following the end of PS */
+
+ *outputLen = inputLen - paddingOffset;
+ if (*outputLen > maxOutputLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ goto done;
+ }
+
+ if (*outputLen)
+ PORT_Memcpy(output, &tmpOutput[paddingOffset], *outputLen);
+ rv = SECSuccess;
+
+done:
+ if (mask)
+ PORT_ZFree(mask, maskLen);
+ if (tmpOutput)
+ PORT_ZFree(tmpOutput, inputLen);
+ return rv;
+}
+
+/*
+ * Generate an EME-OAEP encoded block for encryption
+ * Described in RFC 3447, section 7.1.1
+ * We use input instead of M for the message to be encrypted
+ * label is the optional value L to be associated with the message.
+ */
+static SECStatus
+eme_oaep_encode(unsigned char *em,
+ unsigned int emLen,
+ const unsigned char *input,
+ unsigned int inputLen,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ const unsigned char *seed,
+ unsigned int seedLen)
+{
+ const SECHashObject *hash;
+ void *hashContext;
+ SECStatus rv;
+ unsigned char *mask;
+ unsigned int reservedLen;
+ unsigned int dbMaskLen;
+ unsigned int i;
+
+ hash = HASH_GetRawHashObject(hashAlg);
+ PORT_Assert(seed == NULL || seedLen == hash->length);
+
+ /* Step 1.b */
+ reservedLen = (2 * hash->length) + 2;
+ if (emLen < reservedLen || inputLen > (emLen - reservedLen)) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ /*
+ * From RFC 3447, Section 7.1
+ * +----------+---------+-------+
+ * DB = | lHash | PS | M |
+ * +----------+---------+-------+
+ * |
+ * +----------+ V
+ * | seed |--> MGF ---> xor
+ * +----------+ |
+ * | |
+ * +--+ V |
+ * |00| xor <----- MGF <-----|
+ * +--+ | |
+ * | | |
+ * V V V
+ * +--+----------+----------------------------+
+ * EM = |00|maskedSeed| maskedDB |
+ * +--+----------+----------------------------+
+ *
+ * We use mask to hold the result of the MGF functions, and all other
+ * values are generated in their final resting place.
+ */
+ *em = 0x00;
+
+ /* Step 2.a - Generate lHash */
+ hashContext = (*hash->create)();
+ if (hashContext == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ (*hash->begin)(hashContext);
+ if (labelLen > 0)
+ (*hash->update)(hashContext, label, labelLen);
+ (*hash->end)(hashContext, &em[1 + hash->length], &i, hash->length);
+ (*hash->destroy)(hashContext, PR_TRUE);
+
+ /* Step 2.b - Generate PS */
+ if (emLen - reservedLen - inputLen > 0) {
+ PORT_Memset(em + 1 + (hash->length * 2), 0x00,
+ emLen - reservedLen - inputLen);
+ }
+
+ /* Step 2.c. - Generate DB
+ * DB = lHash || PS || 0x01 || M
+ * Note that PS and lHash have already been placed into em at their
+ * appropriate offsets. This just copies M into place
+ */
+ em[emLen - inputLen - 1] = 0x01;
+ if (inputLen)
+ PORT_Memcpy(em + emLen - inputLen, input, inputLen);
+
+ if (seed == NULL) {
+ /* Step 2.d - Generate seed */
+ rv = RNG_GenerateGlobalRandomBytes(em + 1, hash->length);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ } else {
+ /* For Known Answer Tests, copy the supplied seed. */
+ PORT_Memcpy(em + 1, seed, seedLen);
+ }
+
+ /* Step 2.e - Generate dbMask*/
+ dbMaskLen = emLen - hash->length - 1;
+ mask = (unsigned char *)PORT_Alloc(dbMaskLen);
+ if (mask == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ MGF1(maskHashAlg, mask, dbMaskLen, em + 1, hash->length);
+ /* Step 2.f - Compute maskedDB*/
+ for (i = 0; i < dbMaskLen; ++i)
+ em[1 + hash->length + i] ^= mask[i];
+
+ /* Step 2.g - Generate seedMask */
+ MGF1(maskHashAlg, mask, hash->length, &em[1 + hash->length], dbMaskLen);
+ /* Step 2.h - Compute maskedSeed */
+ for (i = 0; i < hash->length; ++i)
+ em[1 + i] ^= mask[i];
+
+ PORT_ZFree(mask, dbMaskLen);
+ return SECSuccess;
+}
+
+SECStatus
+RSA_EncryptOAEP(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ const unsigned char *seed,
+ unsigned int seedLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned char *oaepEncoded = NULL;
+
+ if (maxOutputLen < modulusLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ if ((hashAlg == HASH_AlgNULL) || (maskHashAlg == HASH_AlgNULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ if ((labelLen == 0 && label != NULL) ||
+ (labelLen > 0 && label == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ oaepEncoded = (unsigned char *)PORT_Alloc(modulusLen);
+ if (oaepEncoded == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = eme_oaep_encode(oaepEncoded, modulusLen, input, inputLen,
+ hashAlg, maskHashAlg, label, labelLen, seed, seedLen);
+ if (rv != SECSuccess)
+ goto done;
+
+ rv = RSA_PublicKeyOp(key, output, oaepEncoded);
+ if (rv != SECSuccess)
+ goto done;
+ *outputLen = modulusLen;
+
+done:
+ PORT_Free(oaepEncoded);
+ return rv;
+}
+
+SECStatus
+RSA_DecryptOAEP(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *label,
+ unsigned int labelLen,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned char *oaepEncoded = NULL;
+
+ if ((hashAlg == HASH_AlgNULL) || (maskHashAlg == HASH_AlgNULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ if (inputLen != modulusLen) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+
+ if ((labelLen == 0 && label != NULL) ||
+ (labelLen > 0 && label == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ oaepEncoded = (unsigned char *)PORT_Alloc(modulusLen);
+ if (oaepEncoded == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ rv = RSA_PrivateKeyOpDoubleChecked(key, oaepEncoded, input);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ rv = eme_oaep_decode(output, outputLen, maxOutputLen, oaepEncoded,
+ modulusLen, hashAlg, maskHashAlg, label,
+ labelLen);
+
+done:
+ if (oaepEncoded)
+ PORT_ZFree(oaepEncoded, modulusLen);
+ return rv;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_EncryptBlock(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ SECItem formatted;
+ SECItem unformatted;
+
+ formatted.data = NULL;
+ if (maxOutputLen < modulusLen)
+ goto failure;
+
+ unformatted.len = inputLen;
+ unformatted.data = (unsigned char *)input;
+ formatted.data = NULL;
+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockPublic,
+ &unformatted);
+ if (rv != SECSuccess)
+ goto failure;
+
+ rv = RSA_PublicKeyOp(key, output, formatted.data);
+ if (rv != SECSuccess)
+ goto failure;
+
+ PORT_ZFree(formatted.data, modulusLen);
+ *outputLen = modulusLen;
+ return SECSuccess;
+
+failure:
+ if (formatted.data != NULL)
+ PORT_ZFree(formatted.data, modulusLen);
+ return SECFailure;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_DecryptBlock(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned int i;
+ unsigned char *buffer;
+
+ if (inputLen != modulusLen)
+ goto failure;
+
+ buffer = (unsigned char *)PORT_Alloc(modulusLen + 1);
+ if (!buffer)
+ goto failure;
+
+ rv = RSA_PrivateKeyOp(key, buffer, input);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* XXX(rsleevi): Constant time */
+ if (buffer[0] != RSA_BLOCK_FIRST_OCTET ||
+ buffer[1] != (unsigned char)RSA_BlockPublic) {
+ goto loser;
+ }
+ *outputLen = 0;
+ for (i = 2; i < modulusLen; i++) {
+ if (buffer[i] == RSA_BLOCK_AFTER_PAD_OCTET) {
+ *outputLen = modulusLen - i - 1;
+ break;
+ }
+ }
+ if (*outputLen == 0)
+ goto loser;
+ if (*outputLen > maxOutputLen)
+ goto loser;
+
+ PORT_Memcpy(output, buffer + modulusLen - *outputLen, *outputLen);
+
+ PORT_Free(buffer);
+ return SECSuccess;
+
+loser:
+ PORT_Free(buffer);
+failure:
+ return SECFailure;
+}
+
+/*
+ * Encode a RSA-PSS signature.
+ * Described in RFC 3447, section 9.1.1.
+ * We use mHash instead of M as input.
+ * emBits from the RFC is just modBits - 1, see section 8.1.1.
+ * We only support MGF1 as the MGF.
+ *
+ * NOTE: this code assumes modBits is a multiple of 8.
+ */
+static SECStatus
+emsa_pss_encode(unsigned char *em,
+ unsigned int emLen,
+ const unsigned char *mHash,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *salt,
+ unsigned int saltLen)
+{
+ const SECHashObject *hash;
+ void *hash_context;
+ unsigned char *dbMask;
+ unsigned int dbMaskLen;
+ unsigned int i;
+ SECStatus rv;
+
+ hash = HASH_GetRawHashObject(hashAlg);
+ dbMaskLen = emLen - hash->length - 1;
+
+ /* Step 3 */
+ if (emLen < hash->length + saltLen + 2) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ /* Step 4 */
+ if (salt == NULL) {
+ rv = RNG_GenerateGlobalRandomBytes(&em[dbMaskLen - saltLen], saltLen);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ } else {
+ PORT_Memcpy(&em[dbMaskLen - saltLen], salt, saltLen);
+ }
+
+ /* Step 5 + 6 */
+ /* Compute H and store it at its final location &em[dbMaskLen]. */
+ hash_context = (*hash->create)();
+ if (hash_context == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ (*hash->begin)(hash_context);
+ (*hash->update)(hash_context, eightZeros, 8);
+ (*hash->update)(hash_context, mHash, hash->length);
+ (*hash->update)(hash_context, &em[dbMaskLen - saltLen], saltLen);
+ (*hash->end)(hash_context, &em[dbMaskLen], &i, hash->length);
+ (*hash->destroy)(hash_context, PR_TRUE);
+
+ /* Step 7 + 8 */
+ PORT_Memset(em, 0, dbMaskLen - saltLen - 1);
+ em[dbMaskLen - saltLen - 1] = 0x01;
+
+ /* Step 9 */
+ dbMask = (unsigned char *)PORT_Alloc(dbMaskLen);
+ if (dbMask == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ MGF1(maskHashAlg, dbMask, dbMaskLen, &em[dbMaskLen], hash->length);
+
+ /* Step 10 */
+ for (i = 0; i < dbMaskLen; i++)
+ em[i] ^= dbMask[i];
+ PORT_Free(dbMask);
+
+ /* Step 11 */
+ em[0] &= 0x7f;
+
+ /* Step 12 */
+ em[emLen - 1] = 0xbc;
+
+ return SECSuccess;
+}
+
+/*
+ * Verify a RSA-PSS signature.
+ * Described in RFC 3447, section 9.1.2.
+ * We use mHash instead of M as input.
+ * emBits from the RFC is just modBits - 1, see section 8.1.2.
+ * We only support MGF1 as the MGF.
+ *
+ * NOTE: this code assumes modBits is a multiple of 8.
+ */
+static SECStatus
+emsa_pss_verify(const unsigned char *mHash,
+ const unsigned char *em,
+ unsigned int emLen,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ unsigned int saltLen)
+{
+ const SECHashObject *hash;
+ void *hash_context;
+ unsigned char *db;
+ unsigned char *H_; /* H' from the RFC */
+ unsigned int i;
+ unsigned int dbMaskLen;
+ SECStatus rv;
+
+ hash = HASH_GetRawHashObject(hashAlg);
+ dbMaskLen = emLen - hash->length - 1;
+
+ /* Step 3 + 4 + 6 */
+ if ((emLen < (hash->length + saltLen + 2)) ||
+ (em[emLen - 1] != 0xbc) ||
+ ((em[0] & 0x80) != 0)) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+
+ /* Step 7 */
+ db = (unsigned char *)PORT_Alloc(dbMaskLen);
+ if (db == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ /* &em[dbMaskLen] points to H, used as mgfSeed */
+ MGF1(maskHashAlg, db, dbMaskLen, &em[dbMaskLen], hash->length);
+
+ /* Step 8 */
+ for (i = 0; i < dbMaskLen; i++) {
+ db[i] ^= em[i];
+ }
+
+ /* Step 9 */
+ db[0] &= 0x7f;
+
+ /* Step 10 */
+ for (i = 0; i < (dbMaskLen - saltLen - 1); i++) {
+ if (db[i] != 0) {
+ PORT_Free(db);
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+ }
+ if (db[dbMaskLen - saltLen - 1] != 0x01) {
+ PORT_Free(db);
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+
+ /* Step 12 + 13 */
+ H_ = (unsigned char *)PORT_Alloc(hash->length);
+ if (H_ == NULL) {
+ PORT_Free(db);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ hash_context = (*hash->create)();
+ if (hash_context == NULL) {
+ PORT_Free(db);
+ PORT_Free(H_);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ (*hash->begin)(hash_context);
+ (*hash->update)(hash_context, eightZeros, 8);
+ (*hash->update)(hash_context, mHash, hash->length);
+ (*hash->update)(hash_context, &db[dbMaskLen - saltLen], saltLen);
+ (*hash->end)(hash_context, H_, &i, hash->length);
+ (*hash->destroy)(hash_context, PR_TRUE);
+
+ PORT_Free(db);
+
+ /* Step 14 */
+ if (PORT_Memcmp(H_, &em[dbMaskLen], hash->length) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ } else {
+ rv = SECSuccess;
+ }
+
+ PORT_Free(H_);
+ return rv;
+}
+
+SECStatus
+RSA_SignPSS(RSAPrivateKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ const unsigned char *salt,
+ unsigned int saltLength,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv = SECSuccess;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned char *pssEncoded = NULL;
+
+ if (maxOutputLen < modulusLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ if ((hashAlg == HASH_AlgNULL) || (maskHashAlg == HASH_AlgNULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ pssEncoded = (unsigned char *)PORT_Alloc(modulusLen);
+ if (pssEncoded == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = emsa_pss_encode(pssEncoded, modulusLen, input, hashAlg,
+ maskHashAlg, salt, saltLength);
+ if (rv != SECSuccess)
+ goto done;
+
+ rv = RSA_PrivateKeyOpDoubleChecked(key, output, pssEncoded);
+ *outputLen = modulusLen;
+
+done:
+ PORT_Free(pssEncoded);
+ return rv;
+}
+
+SECStatus
+RSA_CheckSignPSS(RSAPublicKey *key,
+ HASH_HashType hashAlg,
+ HASH_HashType maskHashAlg,
+ unsigned int saltLength,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *hash,
+ unsigned int hashLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned char *buffer;
+
+ if (sigLen != modulusLen) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+
+ if ((hashAlg == HASH_AlgNULL) || (maskHashAlg == HASH_AlgNULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ buffer = (unsigned char *)PORT_Alloc(modulusLen);
+ if (!buffer) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ rv = RSA_PublicKeyOp(key, buffer, sig);
+ if (rv != SECSuccess) {
+ PORT_Free(buffer);
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ return SECFailure;
+ }
+
+ rv = emsa_pss_verify(hash, buffer, modulusLen, hashAlg,
+ maskHashAlg, saltLength);
+ PORT_Free(buffer);
+
+ return rv;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_Sign(RSAPrivateKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input,
+ unsigned int inputLen)
+{
+ SECStatus rv = SECSuccess;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ SECItem formatted;
+ SECItem unformatted;
+
+ if (maxOutputLen < modulusLen)
+ return SECFailure;
+
+ unformatted.len = inputLen;
+ unformatted.data = (unsigned char *)input;
+ formatted.data = NULL;
+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockPrivate,
+ &unformatted);
+ if (rv != SECSuccess)
+ goto done;
+
+ rv = RSA_PrivateKeyOpDoubleChecked(key, output, formatted.data);
+ *outputLen = modulusLen;
+
+ goto done;
+
+done:
+ if (formatted.data != NULL)
+ PORT_ZFree(formatted.data, modulusLen);
+ return rv;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_CheckSign(RSAPublicKey *key,
+ const unsigned char *sig,
+ unsigned int sigLen,
+ const unsigned char *data,
+ unsigned int dataLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned int i;
+ unsigned char *buffer;
+
+ if (sigLen != modulusLen)
+ goto failure;
+ /*
+ * 0x00 || BT || Pad || 0x00 || ActualData
+ *
+ * The "3" below is the first octet + the second octet + the 0x00
+ * octet that always comes just before the ActualData.
+ */
+ if (dataLen > modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN))
+ goto failure;
+
+ buffer = (unsigned char *)PORT_Alloc(modulusLen + 1);
+ if (!buffer)
+ goto failure;
+
+ rv = RSA_PublicKeyOp(key, buffer, sig);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * check the padding that was used
+ */
+ if (buffer[0] != RSA_BLOCK_FIRST_OCTET ||
+ buffer[1] != (unsigned char)RSA_BlockPrivate) {
+ goto loser;
+ }
+ for (i = 2; i < modulusLen - dataLen - 1; i++) {
+ if (buffer[i] != RSA_BLOCK_PRIVATE_PAD_OCTET)
+ goto loser;
+ }
+ if (buffer[i] != RSA_BLOCK_AFTER_PAD_OCTET)
+ goto loser;
+
+ /*
+ * make sure we get the same results
+ */
+ if (PORT_Memcmp(buffer + modulusLen - dataLen, data, dataLen) != 0)
+ goto loser;
+
+ PORT_Free(buffer);
+ return SECSuccess;
+
+loser:
+ PORT_Free(buffer);
+failure:
+ return SECFailure;
+}
+
+/* XXX Doesn't set error code */
+SECStatus
+RSA_CheckSignRecover(RSAPublicKey *key,
+ unsigned char *output,
+ unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *sig,
+ unsigned int sigLen)
+{
+ SECStatus rv;
+ unsigned int modulusLen = rsa_modulusLen(&key->modulus);
+ unsigned int i;
+ unsigned char *buffer;
+
+ if (sigLen != modulusLen)
+ goto failure;
+
+ buffer = (unsigned char *)PORT_Alloc(modulusLen + 1);
+ if (!buffer)
+ goto failure;
+
+ rv = RSA_PublicKeyOp(key, buffer, sig);
+ if (rv != SECSuccess)
+ goto loser;
+ *outputLen = 0;
+
+ /*
+ * check the padding that was used
+ */
+ if (buffer[0] != RSA_BLOCK_FIRST_OCTET ||
+ buffer[1] != (unsigned char)RSA_BlockPrivate) {
+ goto loser;
+ }
+ for (i = 2; i < modulusLen; i++) {
+ if (buffer[i] == RSA_BLOCK_AFTER_PAD_OCTET) {
+ *outputLen = modulusLen - i - 1;
+ break;
+ }
+ if (buffer[i] != RSA_BLOCK_PRIVATE_PAD_OCTET)
+ goto loser;
+ }
+ if (*outputLen == 0)
+ goto loser;
+ if (*outputLen > maxOutputLen)
+ goto loser;
+
+ PORT_Memcpy(output, buffer + modulusLen - *outputLen, *outputLen);
+
+ PORT_Free(buffer);
+ return SECSuccess;
+
+loser:
+ PORT_Free(buffer);
+failure:
+ return SECFailure;
+}
diff --git a/security/nss/lib/freebl/secmpi.h b/security/nss/lib/freebl/secmpi.h
new file mode 100644
index 000000000..5e8fd1105
--- /dev/null
+++ b/security/nss/lib/freebl/secmpi.h
@@ -0,0 +1,54 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mpi.h"
+
+#define CHECK_SEC_OK(func) \
+ if (SECSuccess != (rv = func)) \
+ goto cleanup
+
+#define CHECK_MPI_OK(func) \
+ if (MP_OKAY > (err = func)) \
+ goto cleanup
+
+#define OCTETS_TO_MPINT(oc, mp, len) \
+ CHECK_MPI_OK(mp_read_unsigned_octets((mp), oc, len))
+
+#define SECITEM_TO_MPINT(it, mp) \
+ CHECK_MPI_OK(mp_read_unsigned_octets((mp), (it).data, (it).len))
+
+#define MPINT_TO_SECITEM(mp, it, arena) \
+ do { \
+ int mpintLen = mp_unsigned_octet_size(mp); \
+ if (mpintLen <= 0) { \
+ err = MP_RANGE; \
+ goto cleanup; \
+ } \
+ SECITEM_AllocItem(arena, (it), mpintLen); \
+ if ((it)->data == NULL) { \
+ err = MP_MEM; \
+ goto cleanup; \
+ } \
+ err = mp_to_unsigned_octets(mp, (it)->data, (it)->len); \
+ if (err < 0) \
+ goto cleanup; \
+ else \
+ err = MP_OKAY; \
+ } while (0)
+
+#define MP_TO_SEC_ERROR(err) \
+ switch (err) { \
+ case MP_MEM: \
+ PORT_SetError(SEC_ERROR_NO_MEMORY); \
+ break; \
+ case MP_RANGE: \
+ PORT_SetError(SEC_ERROR_BAD_DATA); \
+ break; \
+ case MP_BADARG: \
+ PORT_SetError(SEC_ERROR_INVALID_ARGS); \
+ break; \
+ default: \
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); \
+ break; \
+ }
diff --git a/security/nss/lib/freebl/secrng.h b/security/nss/lib/freebl/secrng.h
new file mode 100644
index 000000000..19eae4833
--- /dev/null
+++ b/security/nss/lib/freebl/secrng.h
@@ -0,0 +1,65 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECRNG_H_
+#define _SECRNG_H_
+/*
+ * secrng.h - public data structures and prototypes for the secure random
+ * number generator
+ */
+
+/******************************************/
+/*
+** Random number generation. A cryptographically strong random number
+** generator.
+*/
+
+#include "blapi.h"
+
+/* the number of bytes to read from the system random number generator */
+#define SYSTEM_RNG_SEED_COUNT 1024
+
+SEC_BEGIN_PROTOS
+
+/*
+** The following functions are provided by the security library
+** but are differently implemented for the UNIX, Win, and OS/2
+** versions
+*/
+
+/*
+** Get the "noisiest" information available on the system.
+** The amount of data returned depends on the system implementation.
+** It will not exceed maxbytes, but may be (much) less.
+** Returns number of noise bytes copied into buf, or zero if error.
+*/
+extern size_t RNG_GetNoise(void *buf, size_t maxbytes);
+
+/*
+** RNG_SystemInfoForRNG should be called before any use of SSL. It
+** gathers up the system specific information to help seed the
+** state of the global random number generator.
+*/
+extern void RNG_SystemInfoForRNG(void);
+
+/*
+** Use the contents (and stat) of a file to help seed the
+** global random number generator.
+*/
+extern void RNG_FileForRNG(const char *filename);
+
+/*
+** Get maxbytes bytes of random data from the system random number
+** generator.
+** Returns the number of bytes copied into buf -- maxbytes if success
+** or zero if error.
+** Errors:
+** PR_NOT_IMPLEMENTED_ERROR There is no system RNG on the platform.
+** SEC_ERROR_NEED_RANDOM The system RNG failed.
+*/
+extern size_t RNG_SystemRNG(void *buf, size_t maxbytes);
+
+SEC_END_PROTOS
+
+#endif /* _SECRNG_H_ */
diff --git a/security/nss/lib/freebl/seed.c b/security/nss/lib/freebl/seed.c
new file mode 100644
index 000000000..f198cce45
--- /dev/null
+++ b/security/nss/lib/freebl/seed.c
@@ -0,0 +1,641 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stddef.h>
+#ifdef WIN32
+#include <memory.h>
+#endif
+
+#include "seed.h"
+#include "secerr.h"
+
+static const seed_word SS[4][256] = {
+ { 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0,
+ 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
+ 0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c,
+ 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
+ 0x28082028, 0x04444044, 0x20002020, 0x1d8d919c,
+ 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
+ 0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378,
+ 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
+ 0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8,
+ 0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
+ 0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354,
+ 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
+ 0x24042024, 0x1c0c101c, 0x33437370, 0x18889098,
+ 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
+ 0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380,
+ 0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
+ 0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8,
+ 0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
+ 0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078,
+ 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
+ 0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140,
+ 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
+ 0x1f0f131c, 0x19899198, 0x00000000, 0x19091118,
+ 0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
+ 0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324,
+ 0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
+ 0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c,
+ 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
+ 0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4,
+ 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
+ 0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218,
+ 0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
+ 0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288,
+ 0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
+ 0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4,
+ 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
+ 0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac,
+ 0x36063234, 0x15051114, 0x22022220, 0x38083038,
+ 0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c,
+ 0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
+ 0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c,
+ 0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
+ 0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8,
+ 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
+ 0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364,
+ 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
+ 0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320,
+ 0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
+ 0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0,
+ 0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
+ 0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0,
+ 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
+ 0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c,
+ 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
+ 0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244,
+ 0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
+ 0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c,
+ 0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
+ 0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c,
+ 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
+ 0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4,
+ 0x22426260, 0x29092128, 0x07070304, 0x33033330,
+ 0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178,
+ 0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298 },
+ { 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2,
+ 0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
+ 0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3,
+ 0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
+ 0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1,
+ 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
+ 0xd013c3d3, 0x90118191, 0x10110111, 0x04060602,
+ 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
+ 0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0,
+ 0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
+ 0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2,
+ 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
+ 0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32,
+ 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
+ 0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72,
+ 0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
+ 0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0,
+ 0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
+ 0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13,
+ 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
+ 0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1,
+ 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
+ 0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1,
+ 0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
+ 0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131,
+ 0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
+ 0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202,
+ 0x20220222, 0x04040400, 0x68284860, 0x70314171,
+ 0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991,
+ 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
+ 0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0,
+ 0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
+ 0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12,
+ 0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
+ 0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2,
+ 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
+ 0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32,
+ 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
+ 0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292,
+ 0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
+ 0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571,
+ 0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
+ 0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470,
+ 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
+ 0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040,
+ 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
+ 0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22,
+ 0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
+ 0x84058581, 0x14140410, 0x88098981, 0x981b8b93,
+ 0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
+ 0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282,
+ 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
+ 0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11,
+ 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
+ 0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3,
+ 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
+ 0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30,
+ 0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
+ 0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622,
+ 0x30320232, 0x84048480, 0x68294961, 0x90138393,
+ 0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0,
+ 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
+ 0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83,
+ 0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3 },
+ { 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3,
+ 0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
+ 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e,
+ 0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
+ 0x20282808, 0x40440444, 0x20202000, 0x919c1d8d,
+ 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
+ 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b,
+ 0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
+ 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888,
+ 0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
+ 0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747,
+ 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
+ 0x20242404, 0x101c1c0c, 0x73703343, 0x90981888,
+ 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
+ 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383,
+ 0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
+ 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb,
+ 0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
+ 0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848,
+ 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
+ 0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141,
+ 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
+ 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909,
+ 0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
+ 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707,
+ 0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
+ 0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d,
+ 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
+ 0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5,
+ 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
+ 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a,
+ 0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
+ 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a,
+ 0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
+ 0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5,
+ 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
+ 0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e,
+ 0x32343606, 0x11141505, 0x22202202, 0x30383808,
+ 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c,
+ 0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
+ 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c,
+ 0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
+ 0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8,
+ 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
+ 0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747,
+ 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
+ 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303,
+ 0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
+ 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2,
+ 0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
+ 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1,
+ 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
+ 0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f,
+ 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
+ 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646,
+ 0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
+ 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f,
+ 0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
+ 0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f,
+ 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
+ 0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4,
+ 0x62602242, 0x21282909, 0x03040707, 0x33303303,
+ 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949,
+ 0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a },
+ { 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
+ 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
+ 0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
+ 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
+ 0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
+ 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
+ 0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
+ 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
+ 0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
+ 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
+ 0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
+ 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
+ 0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
+ 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
+ 0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
+ 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
+ 0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
+ 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
+ 0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
+ 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
+ 0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
+ 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
+ 0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
+ 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
+ 0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
+ 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
+ 0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
+ 0x02222022, 0x04000404, 0x48606828, 0x41717031,
+ 0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
+ 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
+ 0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
+ 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
+ 0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
+ 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
+ 0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
+ 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
+ 0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
+ 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
+ 0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
+ 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
+ 0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
+ 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
+ 0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
+ 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
+ 0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
+ 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
+ 0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
+ 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
+ 0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
+ 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
+ 0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
+ 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
+ 0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
+ 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
+ 0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
+ 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
+ 0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
+ 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
+ 0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
+ 0x02323032, 0x84808404, 0x49616829, 0x83939013,
+ 0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
+ 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
+ 0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
+ 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437 }
+};
+
+/* key schedule constants - golden ratio */
+#define KC0 0x9e3779b9
+#define KC1 0x3c6ef373
+#define KC2 0x78dde6e6
+#define KC3 0xf1bbcdcc
+#define KC4 0xe3779b99
+#define KC5 0xc6ef3733
+#define KC6 0x8dde6e67
+#define KC7 0x1bbcdccf
+#define KC8 0x3779b99e
+#define KC9 0x6ef3733c
+#define KC10 0xdde6e678
+#define KC11 0xbbcdccf1
+#define KC12 0x779b99e3
+#define KC13 0xef3733c6
+#define KC14 0xde6e678d
+#define KC15 0xbcdccf1b
+
+void
+SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks)
+{
+ seed_word K0, K1, K2, K3;
+ seed_word t0, t1;
+
+ char2word(rawkey, K0);
+ char2word(rawkey + 4, K1);
+ char2word(rawkey + 8, K2);
+ char2word(rawkey + 12, K3);
+
+ t0 = (K0 + K2 - KC0);
+ t1 = (K1 - K3 + KC0);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC1);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC2);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC3);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC4);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC5);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC6);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC7);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC8);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC9);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC10);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC11);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC12);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC13);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
+ KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC14);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
+ KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC15);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
+}
+
+void
+SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks)
+{
+ seed_word L0, L1, R0, R1;
+ seed_word t0, t1;
+
+ char2word(s, L0);
+ char2word(s + 4, L1);
+ char2word(s + 8, R0);
+ char2word(s + 12, R1);
+
+ E_SEED(t0, t1, L0, L1, R0, R1, 0);
+ E_SEED(t0, t1, R0, R1, L0, L1, 2);
+ E_SEED(t0, t1, L0, L1, R0, R1, 4);
+ E_SEED(t0, t1, R0, R1, L0, L1, 6);
+ E_SEED(t0, t1, L0, L1, R0, R1, 8);
+ E_SEED(t0, t1, R0, R1, L0, L1, 10);
+ E_SEED(t0, t1, L0, L1, R0, R1, 12);
+ E_SEED(t0, t1, R0, R1, L0, L1, 14);
+ E_SEED(t0, t1, L0, L1, R0, R1, 16);
+ E_SEED(t0, t1, R0, R1, L0, L1, 18);
+ E_SEED(t0, t1, L0, L1, R0, R1, 20);
+ E_SEED(t0, t1, R0, R1, L0, L1, 22);
+ E_SEED(t0, t1, L0, L1, R0, R1, 24);
+ E_SEED(t0, t1, R0, R1, L0, L1, 26);
+ E_SEED(t0, t1, L0, L1, R0, R1, 28);
+ E_SEED(t0, t1, R0, R1, L0, L1, 30);
+
+ word2char(R0, d);
+ word2char(R1, d + 4);
+ word2char(L0, d + 8);
+ word2char(L1, d + 12);
+}
+
+void
+SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks)
+{
+ seed_word L0, L1, R0, R1;
+ seed_word t0, t1;
+
+ char2word(s, L0);
+ char2word(s + 4, L1);
+ char2word(s + 8, R0);
+ char2word(s + 12, R1);
+
+ E_SEED(t0, t1, L0, L1, R0, R1, 30);
+ E_SEED(t0, t1, R0, R1, L0, L1, 28);
+ E_SEED(t0, t1, L0, L1, R0, R1, 26);
+ E_SEED(t0, t1, R0, R1, L0, L1, 24);
+ E_SEED(t0, t1, L0, L1, R0, R1, 22);
+ E_SEED(t0, t1, R0, R1, L0, L1, 20);
+ E_SEED(t0, t1, L0, L1, R0, R1, 18);
+ E_SEED(t0, t1, R0, R1, L0, L1, 16);
+ E_SEED(t0, t1, L0, L1, R0, R1, 14);
+ E_SEED(t0, t1, R0, R1, L0, L1, 12);
+ E_SEED(t0, t1, L0, L1, R0, R1, 10);
+ E_SEED(t0, t1, R0, R1, L0, L1, 8);
+ E_SEED(t0, t1, L0, L1, R0, R1, 6);
+ E_SEED(t0, t1, R0, R1, L0, L1, 4);
+ E_SEED(t0, t1, L0, L1, R0, R1, 2);
+ E_SEED(t0, t1, R0, R1, L0, L1, 0);
+
+ word2char(R0, d);
+ word2char(R1, d + 4);
+ word2char(L0, d + 8);
+ word2char(L1, d + 12);
+}
+
+void
+SEED_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const SEED_KEY_SCHEDULE *ks, int enc)
+{
+ if (enc) {
+ SEED_encrypt(in, out, ks);
+ } else {
+ SEED_decrypt(in, out, ks);
+ }
+}
+
+void
+SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int enc)
+{
+ size_t n;
+ unsigned char tmp[SEED_BLOCK_SIZE];
+ const unsigned char *iv = ivec;
+
+ if (enc) {
+ while (len >= SEED_BLOCK_SIZE) {
+ for (n = 0; n < SEED_BLOCK_SIZE; ++n)
+ out[n] = in[n] ^ iv[n];
+
+ SEED_encrypt(out, out, ks);
+ iv = out;
+ len -= SEED_BLOCK_SIZE;
+ in += SEED_BLOCK_SIZE;
+ out += SEED_BLOCK_SIZE;
+ }
+
+ if (len) {
+ for (n = 0; n < len; ++n)
+ out[n] = in[n] ^ iv[n];
+
+ for (n = len; n < SEED_BLOCK_SIZE; ++n)
+ out[n] = iv[n];
+
+ SEED_encrypt(out, out, ks);
+ iv = out;
+ }
+
+ memcpy(ivec, iv, SEED_BLOCK_SIZE);
+ } else if (in != out) {
+ while (len >= SEED_BLOCK_SIZE) {
+ SEED_decrypt(in, out, ks);
+
+ for (n = 0; n < SEED_BLOCK_SIZE; ++n)
+ out[n] ^= iv[n];
+
+ iv = in;
+ len -= SEED_BLOCK_SIZE;
+ in += SEED_BLOCK_SIZE;
+ out += SEED_BLOCK_SIZE;
+ }
+
+ if (len) {
+ SEED_decrypt(in, tmp, ks);
+
+ for (n = 0; n < len; ++n)
+ out[n] = tmp[n] ^ iv[n];
+
+ iv = in;
+ }
+
+ memcpy(ivec, iv, SEED_BLOCK_SIZE);
+ } else {
+ while (len >= SEED_BLOCK_SIZE) {
+ memcpy(tmp, in, SEED_BLOCK_SIZE);
+ SEED_decrypt(in, out, ks);
+
+ for (n = 0; n < SEED_BLOCK_SIZE; ++n)
+ out[n] ^= ivec[n];
+
+ memcpy(ivec, tmp, SEED_BLOCK_SIZE);
+ len -= SEED_BLOCK_SIZE;
+ in += SEED_BLOCK_SIZE;
+ out += SEED_BLOCK_SIZE;
+ }
+
+ if (len) {
+ memcpy(tmp, in, SEED_BLOCK_SIZE);
+ SEED_decrypt(tmp, tmp, ks);
+
+ for (n = 0; n < len; ++n)
+ out[n] = tmp[n] ^ ivec[n];
+
+ memcpy(ivec, tmp, SEED_BLOCK_SIZE);
+ }
+ }
+}
+
+SEEDContext *
+SEED_AllocateContext(void)
+{
+ return PORT_ZNew(SEEDContext);
+}
+
+SECStatus
+SEED_InitContext(SEEDContext *cx, const unsigned char *key,
+ unsigned int keylen, const unsigned char *iv,
+ int mode, unsigned int encrypt, unsigned int unused)
+{
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ switch (mode) {
+ case NSS_SEED:
+ SEED_set_key(key, &cx->ks);
+ cx->mode = NSS_SEED;
+ cx->encrypt = encrypt;
+ break;
+
+ case NSS_SEED_CBC:
+ memcpy(cx->iv, iv, 16);
+ SEED_set_key(key, &cx->ks);
+ cx->mode = NSS_SEED_CBC;
+ cx->encrypt = encrypt;
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SEEDContext *
+SEED_CreateContext(const unsigned char *key, const unsigned char *iv,
+ int mode, PRBool encrypt)
+{
+ SEEDContext *cx = PORT_ZNew(SEEDContext);
+ SECStatus rv = SEED_InitContext(cx, key, SEED_KEY_LENGTH, iv, mode,
+ encrypt, 0);
+
+ if (rv != SECSuccess) {
+ PORT_ZFree(cx, sizeof *cx);
+ cx = NULL;
+ }
+
+ return cx;
+}
+
+void
+SEED_DestroyContext(SEEDContext *cx, PRBool freeit)
+{
+ if (cx) {
+ memset(cx, 0, sizeof *cx);
+
+ if (freeit)
+ PORT_Free(cx);
+ }
+}
+
+SECStatus
+SEED_Encrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
+ unsigned int maxOutLen, const unsigned char *in,
+ unsigned int inLen)
+{
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!cx->encrypt) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ switch (cx->mode) {
+ case NSS_SEED:
+ SEED_ecb_encrypt(in, out, &cx->ks, 1);
+ *outLen = inLen;
+ break;
+
+ case NSS_SEED_CBC:
+ SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 1);
+ *outLen = inLen;
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SEED_Decrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
+ unsigned int maxOutLen, const unsigned char *in,
+ unsigned int inLen)
+{
+ if (!cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (cx->encrypt) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ switch (cx->mode) {
+ case NSS_SEED:
+ SEED_ecb_encrypt(in, out, &cx->ks, 0);
+ *outLen = inLen;
+ break;
+
+ case NSS_SEED_CBC:
+ SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 0);
+ *outLen = inLen;
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/freebl/seed.h b/security/nss/lib/freebl/seed.h
new file mode 100644
index 000000000..f527165b7
--- /dev/null
+++ b/security/nss/lib/freebl/seed.h
@@ -0,0 +1,125 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef HEADER_SEED_H
+#define HEADER_SEED_H
+
+#include <string.h>
+#include "blapi.h"
+
+#if !defined(NO_SYS_TYPES_H)
+#include <sys/types.h>
+#endif
+
+typedef PRUint32 seed_word;
+
+#define G_FUNC(v) \
+ SS[0][((v)&0xff)] ^ \
+ SS[1][((v) >> 8 & 0xff)] ^ \
+ SS[2][((v) >> 16 & 0xff)] ^ \
+ SS[3][((v) >> 24 & 0xff)]
+
+#define char2word(c, i) \
+ (i) = ((((seed_word)((c)[0])) << 24) | \
+ (((seed_word)((c)[1])) << 16) | \
+ (((seed_word)((c)[2])) << 8) | \
+ ((seed_word)((c)[3])))
+
+#define word2char(l, c) \
+ *((c) + 0) = (unsigned char)((l) >> 24); \
+ *((c) + 1) = (unsigned char)((l) >> 16); \
+ *((c) + 2) = (unsigned char)((l) >> 8); \
+ *((c) + 3) = (unsigned char)((l))
+
+#define KEYSCHEDULE_UPDATE0(T0, T1, K0, K1, K2, K3, KC) \
+ (T0) = (K2); \
+ (K2) = (((K2) << 8) ^ ((K3) >> 24)); \
+ (K3) = (((K3) << 8) ^ ((T0) >> 24)); \
+ (T0) = ((K0) + (K2) - (KC)); \
+ (T1) = ((K1) + (KC) - (K3))
+
+#define KEYSCHEDULE_UPDATE1(T0, T1, K0, K1, K2, K3, KC) \
+ (T0) = (K0); \
+ (K0) = (((K0) >> 8) ^ ((K1) << 24)); \
+ (K1) = (((K1) >> 8) ^ ((T0) << 24)); \
+ (T0) = ((K0) + (K2) - (KC)); \
+ (T1) = ((K1) + (KC) - (K3))
+
+#define KEYUPDATE_TEMP(T0, T1, K) \
+ (K)[0] = G_FUNC((T0)); \
+ (K)[1] = G_FUNC((T1))
+
+#define XOR_SEEDBLOCK(DST, SRC) \
+ (DST)[0] ^= (SRC)[0]; \
+ (DST)[1] ^= (SRC)[1]; \
+ (DST)[2] ^= (SRC)[2]; \
+ (DST)[3] ^= (SRC)[3]
+
+#define MOV_SEEDBLOCK(DST, SRC) \
+ (DST)[0] = (SRC)[0]; \
+ (DST)[1] = (SRC)[1]; \
+ (DST)[2] = (SRC)[2]; \
+ (DST)[3] = (SRC)[3]
+
+#define CHAR2WORD(C, I) \
+ char2word((C), (I)[0]); \
+ char2word((C) + 4, (I)[1]); \
+ char2word((C) + 8, (I)[2]); \
+ char2word((C) + 12, (I)[3])
+
+#define WORD2CHAR(I, C) \
+ word2char((I)[0], (C)); \
+ word2char((I)[1], (C + 4)); \
+ word2char((I)[2], (C + 8)); \
+ word2char((I)[3], (C + 12))
+
+#define E_SEED(T0, T1, X1, X2, X3, X4, rbase) \
+ (T0) = (X3) ^ (ks->data)[(rbase)]; \
+ (T1) = (X4) ^ (ks->data)[(rbase) + 1]; \
+ (T1) ^= (T0); \
+ (T1) = G_FUNC(T1); \
+ (T0) += (T1); \
+ (T0) = G_FUNC(T0); \
+ (T1) += (T0); \
+ (T1) = G_FUNC(T1); \
+ (T0) += (T1); \
+ (X1) ^= (T0); \
+ (X2) ^= (T1)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct seed_key_st {
+ PRUint32 data[32];
+} SEED_KEY_SCHEDULE;
+
+struct SEEDContextStr {
+ unsigned char iv[SEED_BLOCK_SIZE];
+ SEED_KEY_SCHEDULE ks;
+ int mode;
+ unsigned int encrypt;
+};
+
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks);
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks);
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks);
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const SEED_KEY_SCHEDULE *ks, int enc);
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int enc);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HEADER_SEED_H */
diff --git a/security/nss/lib/freebl/sha-fast-amd64-sun.s b/security/nss/lib/freebl/sha-fast-amd64-sun.s
new file mode 100644
index 000000000..6430469a4
--- /dev/null
+++ b/security/nss/lib/freebl/sha-fast-amd64-sun.s
@@ -0,0 +1,2151 @@
+/ This Source Code Form is subject to the terms of the Mozilla Public
+/ License, v. 2.0. If a copy of the MPL was not distributed with this
+/ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ .file "sha_fast.c"
+ .text
+ .align 16
+.globl SHA1_Begin
+ .type SHA1_Begin, @function
+SHA1_Begin:
+.LFB4:
+ movl $4023233417, %ecx
+ movl $2562383102, %edx
+ movl $3285377520, %eax
+ movq $0, 64(%rdi)
+ movq $1732584193, 72(%rdi)
+ movq %rcx, 80(%rdi)
+ movq %rdx, 88(%rdi)
+ movq $271733878, 96(%rdi)
+ movq %rax, 104(%rdi)
+ ret
+.LFE4:
+ .size SHA1_Begin, .-SHA1_Begin
+ .align 16
+ .type shaCompress, @function
+shaCompress:
+.LFB7:
+ pushq %r15
+.LCFI0:
+ pushq %r14
+.LCFI1:
+ pushq %r13
+.LCFI2:
+ pushq %r12
+.LCFI3:
+ movq -88(%rdi), %r12
+ movq -80(%rdi), %r10
+ movq -72(%rdi), %r13
+ movq -64(%rdi), %r8
+ pushq %rbx
+.LCFI4:
+ movq -56(%rdi), %rcx
+ movl (%rsi), %eax
+ movl %r12d, %edx
+ movq %r13, %r9
+ roll $5, %edx
+ movl 4(%rsi), %ebx
+ xorq %r8, %r9
+/APP
+ bswap %eax
+/NO_APP
+ andq %r10, %r9
+ mov %eax, %r15d
+ roll $30, %r10d
+ movq %r15, -48(%rdi)
+ xorq %r8, %r9
+ movq -48(%rdi), %r14
+ addq %r9, %rdx
+ movq %r10, %rax
+ movl %r12d, %r15d
+ addq %rcx, %rdx
+ xorq %r13, %rax
+ roll $30, %r15d
+ leaq 1518500249(%rdx,%r14), %rdx
+ andq %r12, %rax
+ movq %r15, %r12
+/APP
+ bswap %ebx
+/NO_APP
+ movl %edx, %ecx
+ mov %ebx, %r11d
+ xorq %r13, %rax
+ movq %r11, -40(%rdi)
+ roll $5, %ecx
+ movq -40(%rdi), %r9
+ addq %rax, %rcx
+ xorq %r10, %r12
+ movl 8(%rsi), %r14d
+ addq %r8, %rcx
+ andq %rdx, %r12
+ movl %edx, %r11d
+ leaq 1518500249(%rcx,%r9), %rcx
+ xorq %r10, %r12
+ roll $30, %r11d
+/APP
+ bswap %r14d
+/NO_APP
+ movl %ecx, %r8d
+ mov %r14d, %ebx
+ movl 12(%rsi), %r9d
+ movq %rbx, -32(%rdi)
+ roll $5, %r8d
+ movq -32(%rdi), %rax
+ addq %r12, %r8
+ movq %r11, %r12
+ movl %ecx, %ebx
+ addq %r13, %r8
+ xorq %r15, %r12
+ roll $30, %ebx
+ leaq 1518500249(%r8,%rax), %r8
+ andq %rcx, %r12
+ movl 16(%rsi), %eax
+/APP
+ bswap %r9d
+/NO_APP
+ movl %r8d, %edx
+ mov %r9d, %r14d
+ xorq %r15, %r12
+ movq %r14, -24(%rdi)
+ roll $5, %edx
+ movq -24(%rdi), %r13
+ addq %r12, %rdx
+ movq %rbx, %r12
+ movl %r8d, %r14d
+ addq %r10, %rdx
+ leaq 1518500249(%rdx,%r13), %rdx
+ movl 20(%rsi), %r13d
+/APP
+ bswap %eax
+/NO_APP
+ movl %edx, %ecx
+ mov %eax, %r9d
+ roll $5, %ecx
+ xorq %r11, %r12
+ movq %r9, -16(%rdi)
+ andq %r8, %r12
+ movq -16(%rdi), %r10
+ roll $30, %r14d
+ xorq %r11, %r12
+ movq %r14, %rax
+ movl %edx, %r9d
+ addq %r12, %rcx
+ xorq %rbx, %rax
+ roll $30, %r9d
+ addq %r15, %rcx
+ andq %rdx, %rax
+ leaq 1518500249(%rcx,%r10), %rcx
+ xorq %rbx, %rax
+ movl 24(%rsi), %r10d
+/APP
+ bswap %r13d
+/NO_APP
+ movl %ecx, %r8d
+ mov %r13d, %r15d
+ movq %r15, -8(%rdi)
+ roll $5, %r8d
+ movq -8(%rdi), %r12
+ addq %rax, %r8
+ movl %ecx, %r15d
+ addq %r11, %r8
+ movq %r9, %r11
+ roll $30, %r15d
+ leaq 1518500249(%r8,%r12), %r8
+ xorq %r14, %r11
+ movl 28(%rsi), %r12d
+/APP
+ bswap %r10d
+/NO_APP
+ andq %rcx, %r11
+ mov %r10d, %r13d
+ movl %r8d, %edx
+ movq %r13, (%rdi)
+ xorq %r14, %r11
+ movq (%rdi), %rax
+ roll $5, %edx
+ movq %r15, %r10
+ movl %r8d, %r13d
+ addq %r11, %rdx
+ xorq %r9, %r10
+ roll $30, %r13d
+ addq %rbx, %rdx
+ andq %r8, %r10
+ leaq 1518500249(%rdx,%rax), %rdx
+ xorq %r9, %r10
+ movl 32(%rsi), %eax
+/APP
+ bswap %r12d
+/NO_APP
+ movl %edx, %ecx
+ mov %r12d, %ebx
+ movq %rbx, 8(%rdi)
+ roll $5, %ecx
+ movq 8(%rdi), %r11
+ addq %r10, %rcx
+ movq %r13, %r10
+ movl %edx, %ebx
+ addq %r14, %rcx
+ leaq 1518500249(%rcx,%r11), %rcx
+/APP
+ bswap %eax
+/NO_APP
+ movl %ecx, %r8d
+ mov %eax, %r12d
+ roll $5, %r8d
+ xorq %r15, %r10
+ movq %r12, 16(%rdi)
+ andq %rdx, %r10
+ movq 16(%rdi), %r14
+ roll $30, %ebx
+ xorq %r15, %r10
+ movq %rbx, %rax
+ movl 36(%rsi), %r11d
+ addq %r10, %r8
+ xorq %r13, %rax
+ movl %ecx, %r12d
+ addq %r9, %r8
+ andq %rcx, %rax
+ roll $30, %r12d
+ leaq 1518500249(%r8,%r14), %r8
+ xorq %r13, %rax
+ movl 40(%rsi), %r14d
+/APP
+ bswap %r11d
+/NO_APP
+ movl %r8d, %edx
+ mov %r11d, %r9d
+ movq %r12, %r11
+ movq %r9, 24(%rdi)
+ roll $5, %edx
+ movq 24(%rdi), %r10
+ addq %rax, %rdx
+ xorq %rbx, %r11
+ movl %r8d, %r9d
+ addq %r15, %rdx
+ andq %r8, %r11
+ roll $30, %r9d
+ leaq 1518500249(%rdx,%r10), %rdx
+ xorq %rbx, %r11
+ movl 44(%rsi), %r10d
+/APP
+ bswap %r14d
+/NO_APP
+ movl %edx, %ecx
+ mov %r14d, %r15d
+ movq %r15, 32(%rdi)
+ roll $5, %ecx
+ movq 32(%rdi), %rax
+ addq %r11, %rcx
+ movq %r9, %r11
+ movl %edx, %r15d
+ addq %r13, %rcx
+ xorq %r12, %r11
+ roll $30, %r15d
+ leaq 1518500249(%rcx,%rax), %rcx
+ andq %rdx, %r11
+ movl 48(%rsi), %eax
+/APP
+ bswap %r10d
+/NO_APP
+ movl %ecx, %r8d
+ mov %r10d, %r14d
+ xorq %r12, %r11
+ movq %r14, 40(%rdi)
+ roll $5, %r8d
+ movq 40(%rdi), %r13
+ addq %r11, %r8
+ movq %r15, %r10
+ movl %ecx, %r14d
+ addq %rbx, %r8
+ xorq %r9, %r10
+ leaq 1518500249(%r8,%r13), %r8
+ movl 52(%rsi), %r13d
+/APP
+ bswap %eax
+/NO_APP
+ movl %r8d, %edx
+ mov %eax, %ebx
+ roll $5, %edx
+ andq %rcx, %r10
+ movq %rbx, 48(%rdi)
+ xorq %r9, %r10
+ movq 48(%rdi), %r11
+ roll $30, %r14d
+ addq %r10, %rdx
+ movq %r14, %rax
+ movl %r8d, %ebx
+ addq %r12, %rdx
+ xorq %r15, %rax
+ roll $30, %ebx
+ leaq 1518500249(%rdx,%r11), %rdx
+ andq %r8, %rax
+ movl 56(%rsi), %r11d
+/APP
+ bswap %r13d
+/NO_APP
+ movl %edx, %ecx
+ mov %r13d, %r12d
+ xorq %r15, %rax
+ movq %r12, 56(%rdi)
+ roll $5, %ecx
+ movq 56(%rdi), %r10
+ addq %rax, %rcx
+ movl %edx, %r12d
+ addq %r9, %rcx
+ movq %rbx, %r9
+ roll $30, %r12d
+ leaq 1518500249(%rcx,%r10), %rcx
+ xorq %r14, %r9
+ movl 60(%rsi), %r10d
+/APP
+ bswap %r11d
+/NO_APP
+ andq %rdx, %r9
+ mov %r11d, %r13d
+ movl %ecx, %r8d
+ movq %r13, 64(%rdi)
+ xorq %r14, %r9
+ movq 64(%rdi), %rax
+ roll $5, %r8d
+ movq %r12, %r11
+ movl %ecx, %r13d
+ addq %r9, %r8
+ xorq %rbx, %r11
+ roll $30, %r13d
+ addq %r15, %r8
+ andq %rcx, %r11
+ leaq 1518500249(%r8,%rax), %r8
+ xorq %rbx, %r11
+/APP
+ bswap %r10d
+/NO_APP
+ movl %r8d, %esi
+ mov %r10d, %r15d
+ movq %r15, 72(%rdi)
+ roll $5, %esi
+ movq 72(%rdi), %r9
+ movq 56(%rdi), %r10
+ movq 16(%rdi), %rcx
+ addq %r11, %rsi
+ movq -32(%rdi), %rdx
+ addq %r14, %rsi
+ movq -48(%rdi), %rax
+ leaq 1518500249(%rsi,%r9), %r14
+ movq %r13, %r11
+ movl %r8d, %r15d
+ xorq %rcx, %r10
+ xorq %rdx, %r10
+ movl %r14d, %ecx
+ xorl %eax, %r10d
+ roll %r10d
+ roll $5, %ecx
+ xorq %r12, %r11
+ andq %r8, %r11
+ movq %r10, -48(%rdi)
+ movq -48(%rdi), %r9
+ xorq %r12, %r11
+ roll $30, %r15d
+ movl %r14d, %r10d
+ addq %r11, %rcx
+ movq 64(%rdi), %r11
+ movq 24(%rdi), %rdx
+ addq %rbx, %rcx
+ movq -24(%rdi), %rbx
+ movq -40(%rdi), %rax
+ leaq 1518500249(%rcx,%r9), %rcx
+ movq %r15, %r8
+ roll $30, %r10d
+ xorq %rdx, %r11
+ xorq %r13, %r8
+ xorq %rbx, %r11
+ andq %r14, %r8
+ movl %ecx, %r9d
+ xorl %eax, %r11d
+ xorq %r13, %r8
+ roll $5, %r9d
+ roll %r11d
+ addq %r8, %r9
+ movq %r10, %rax
+ movq %r11, -40(%rdi)
+ movq -40(%rdi), %rsi
+ addq %r12, %r9
+ movq 72(%rdi), %rbx
+ movq 32(%rdi), %rdx
+ xorq %r15, %rax
+ movq -16(%rdi), %r14
+ movq -32(%rdi), %r12
+ andq %rcx, %rax
+ leaq 1518500249(%r9,%rsi), %r9
+ xorq %r15, %rax
+ movl %ecx, %r11d
+ xorq %rdx, %rbx
+ roll $30, %r11d
+ xorq %r14, %rbx
+ movl %r9d, %esi
+ xorl %r12d, %ebx
+ roll $5, %esi
+ roll %ebx
+ addq %rax, %rsi
+ movq %rbx, -32(%rdi)
+ movq -32(%rdi), %r8
+ addq %r13, %rsi
+ movq -48(%rdi), %r12
+ movq 40(%rdi), %rdx
+ movq %r11, %r13
+ movq -8(%rdi), %r14
+ movq -24(%rdi), %rcx
+ movl %r9d, %ebx
+ leaq 1518500249(%rsi,%r8), %rsi
+ xorq %rdx, %r12
+ xorq %r14, %r12
+ movl %esi, %r8d
+ xorl %ecx, %r12d
+ roll %r12d
+ roll $5, %r8d
+ xorq %r10, %r13
+ andq %r9, %r13
+ movq %r12, -24(%rdi)
+ movq -24(%rdi), %rax
+ xorq %r10, %r13
+ roll $30, %ebx
+ movl %esi, %r12d
+ addq %r13, %r8
+ xorq %rbx, %rsi
+ roll $30, %r12d
+ addq %r15, %r8
+ movq -40(%rdi), %r15
+ movq 48(%rdi), %rdx
+ movq (%rdi), %r14
+ movq -16(%rdi), %r9
+ leaq 1518500249(%r8,%rax), %r13
+ xorq %r11, %rsi
+ xorq %rdx, %r15
+ movl %r13d, %ecx
+ xorq %r14, %r15
+ roll $5, %ecx
+ xorl %r9d, %r15d
+ addq %rsi, %rcx
+ roll %r15d
+ addq %r10, %rcx
+ movq %r15, -16(%rdi)
+ movq -16(%rdi), %rsi
+ movl %r13d, %r15d
+ movq -32(%rdi), %r14
+ movq 56(%rdi), %rax
+ xorq %r12, %r13
+ movq 8(%rdi), %rdx
+ movq -8(%rdi), %r10
+ xorq %rbx, %r13
+ leaq 1859775393(%rcx,%rsi), %r9
+ roll $30, %r15d
+ xorq %rax, %r14
+ xorq %rdx, %r14
+ movl %r9d, %esi
+ xorl %r10d, %r14d
+ roll $5, %esi
+ roll %r14d
+ addq %r13, %rsi
+ movq %r14, -8(%rdi)
+ movq -8(%rdi), %r8
+ addq %r11, %rsi
+ movq -24(%rdi), %r13
+ movq 64(%rdi), %rax
+ movl %r9d, %r14d
+ movq 16(%rdi), %rdx
+ movq (%rdi), %r11
+ xorq %r15, %r9
+ leaq 1859775393(%rsi,%r8), %r10
+ xorq %rax, %r13
+ xorq %rdx, %r13
+ movl %r10d, %r8d
+ xorl %r11d, %r13d
+ roll $5, %r8d
+ roll %r13d
+ xorq %r12, %r9
+ roll $30, %r14d
+ addq %r9, %r8
+ movq %r13, (%rdi)
+ movq (%rdi), %rcx
+ addq %rbx, %r8
+ movq -16(%rdi), %rbx
+ movq 72(%rdi), %rax
+ movq 24(%rdi), %rdx
+ movq 8(%rdi), %r9
+ movl %r10d, %r13d
+ leaq 1859775393(%r8,%rcx), %r11
+ xorq %r14, %r10
+ roll $30, %r13d
+ xorq %rax, %rbx
+ xorq %r15, %r10
+ xorq %rdx, %rbx
+ movl %r11d, %ecx
+ xorl %r9d, %ebx
+ roll $5, %ecx
+ roll %ebx
+ addq %r10, %rcx
+ movq %rbx, 8(%rdi)
+ movq 8(%rdi), %rsi
+ addq %r12, %rcx
+ movq -8(%rdi), %r12
+ movq -48(%rdi), %rax
+ movl %r11d, %ebx
+ movq 32(%rdi), %rdx
+ movq 16(%rdi), %r9
+ xorq %r13, %r11
+ leaq 1859775393(%rcx,%rsi), %r10
+ xorq %r14, %r11
+ roll $30, %ebx
+ xorq %rax, %r12
+ xorq %rdx, %r12
+ movl %r10d, %esi
+ xorl %r9d, %r12d
+ roll $5, %esi
+ roll %r12d
+ addq %r11, %rsi
+ movq %r12, 16(%rdi)
+ addq %r15, %rsi
+ movq 16(%rdi), %r8
+ movq (%rdi), %r15
+ movq -40(%rdi), %rax
+ movl %r10d, %r12d
+ movq 40(%rdi), %rdx
+ movq 24(%rdi), %r9
+ xorq %rbx, %r10
+ leaq 1859775393(%rsi,%r8), %r11
+ xorq %r13, %r10
+ xorq %rax, %r15
+ xorq %rdx, %r15
+ movl %r11d, %r8d
+ xorl %r9d, %r15d
+ roll $5, %r8d
+ roll %r15d
+ addq %r10, %r8
+ movq %r15, 24(%rdi)
+ movq 24(%rdi), %rcx
+ addq %r14, %r8
+ movq 8(%rdi), %r14
+ movq -32(%rdi), %rax
+ roll $30, %r12d
+ movq 48(%rdi), %rdx
+ movq 32(%rdi), %r10
+ movl %r11d, %r15d
+ leaq 1859775393(%r8,%rcx), %r9
+ xorq %r12, %r11
+ roll $30, %r15d
+ xorq %rax, %r14
+ xorq %rbx, %r11
+ xorq %rdx, %r14
+ movl %r9d, %ecx
+ xorl %r10d, %r14d
+ roll $5, %ecx
+ roll %r14d
+ addq %r11, %rcx
+ movq %r14, 32(%rdi)
+ addq %r13, %rcx
+ movq 32(%rdi), %rsi
+ movq 16(%rdi), %r13
+ movq -24(%rdi), %rax
+ movl %r9d, %r14d
+ movq 56(%rdi), %rdx
+ movq 40(%rdi), %r11
+ xorq %r15, %r9
+ leaq 1859775393(%rcx,%rsi), %r10
+ xorq %r12, %r9
+ roll $30, %r14d
+ xorq %rax, %r13
+ xorq %rdx, %r13
+ movl %r10d, %esi
+ xorl %r11d, %r13d
+ roll $5, %esi
+ roll %r13d
+ addq %r9, %rsi
+ movq %r13, 40(%rdi)
+ movq 40(%rdi), %r8
+ addq %rbx, %rsi
+ movq 24(%rdi), %rbx
+ movq -16(%rdi), %rax
+ movl %r10d, %r13d
+ movq 64(%rdi), %rdx
+ movq 48(%rdi), %r9
+ xorq %r14, %r10
+ leaq 1859775393(%rsi,%r8), %r11
+ xorq %r15, %r10
+ roll $30, %r13d
+ xorq %rax, %rbx
+ xorq %rdx, %rbx
+ movl %r11d, %r8d
+ xorl %r9d, %ebx
+ roll $5, %r8d
+ roll %ebx
+ addq %r10, %r8
+ movq %rbx, 48(%rdi)
+ addq %r12, %r8
+ movq 48(%rdi), %rcx
+ movq 32(%rdi), %r12
+ movq -8(%rdi), %rax
+ movl %r11d, %ebx
+ movq 72(%rdi), %rdx
+ movq 56(%rdi), %r9
+ leaq 1859775393(%r8,%rcx), %r10
+ xorq %rax, %r12
+ xorq %rdx, %r12
+ movl %r10d, %ecx
+ xorl %r9d, %r12d
+ xorq %r13, %r11
+ roll $5, %ecx
+ xorq %r14, %r11
+ roll %r12d
+ roll $30, %ebx
+ addq %r11, %rcx
+ movq %r12, 56(%rdi)
+ movq 56(%rdi), %rsi
+ addq %r15, %rcx
+ movq 40(%rdi), %r15
+ movq (%rdi), %rax
+ movq -48(%rdi), %rdx
+ movq 64(%rdi), %r9
+ movl %r10d, %r12d
+ leaq 1859775393(%rcx,%rsi), %r11
+ xorq %rbx, %r10
+ roll $30, %r12d
+ xorq %rax, %r15
+ xorq %r13, %r10
+ xorq %rdx, %r15
+ movl %r11d, %esi
+ xorl %r9d, %r15d
+ roll $5, %esi
+ roll %r15d
+ addq %r10, %rsi
+ movq %r15, 64(%rdi)
+ movq 64(%rdi), %r8
+ addq %r14, %rsi
+ movq 48(%rdi), %r14
+ movq 8(%rdi), %rax
+ movl %r11d, %r15d
+ movq -40(%rdi), %rdx
+ movq 72(%rdi), %r10
+ xorq %r12, %r11
+ leaq 1859775393(%rsi,%r8), %r9
+ xorq %rbx, %r11
+ roll $30, %r15d
+ xorq %rax, %r14
+ xorq %rdx, %r14
+ movl %r9d, %r8d
+ xorl %r10d, %r14d
+ roll $5, %r8d
+ roll %r14d
+ addq %r11, %r8
+ movq %r14, 72(%rdi)
+ addq %r13, %r8
+ movq 72(%rdi), %rcx
+ movq 56(%rdi), %r13
+ movq 16(%rdi), %rax
+ movl %r9d, %r14d
+ movq -32(%rdi), %rdx
+ movq -48(%rdi), %r11
+ leaq 1859775393(%r8,%rcx), %r10
+ xorq %rax, %r13
+ xorq %rdx, %r13
+ movl %r10d, %ecx
+ xorl %r11d, %r13d
+ roll $5, %ecx
+ roll %r13d
+ xorq %r15, %r9
+ roll $30, %r14d
+ xorq %r12, %r9
+ movq %r13, -48(%rdi)
+ movq -48(%rdi), %rsi
+ addq %r9, %rcx
+ movl %r10d, %r13d
+ xorq %r14, %r10
+ addq %rbx, %rcx
+ movq 64(%rdi), %rbx
+ movq 24(%rdi), %rax
+ movq -24(%rdi), %rdx
+ leaq 1859775393(%rcx,%rsi), %r11
+ movq -40(%rdi), %r9
+ xorq %r15, %r10
+ roll $30, %r13d
+ xorq %rax, %rbx
+ movl %r11d, %esi
+ xorq %rdx, %rbx
+ roll $5, %esi
+ xorl %r9d, %ebx
+ addq %r10, %rsi
+ roll %ebx
+ addq %r12, %rsi
+ movq %rbx, -40(%rdi)
+ movq -40(%rdi), %r8
+ movl %r11d, %ebx
+ movq 72(%rdi), %r12
+ movq 32(%rdi), %rax
+ xorq %r13, %r11
+ movq -16(%rdi), %rdx
+ movq -32(%rdi), %r9
+ xorq %r14, %r11
+ leaq 1859775393(%rsi,%r8), %r10
+ roll $30, %ebx
+ xorq %rax, %r12
+ xorq %rdx, %r12
+ movl %r10d, %r8d
+ xorl %r9d, %r12d
+ roll $5, %r8d
+ roll %r12d
+ addq %r11, %r8
+ movq %r12, -32(%rdi)
+ movq -32(%rdi), %rcx
+ addq %r15, %r8
+ movq -48(%rdi), %r15
+ movq 40(%rdi), %rax
+ movl %r10d, %r12d
+ movq -8(%rdi), %rdx
+ movq -24(%rdi), %r9
+ xorq %rbx, %r10
+ leaq 1859775393(%r8,%rcx), %r11
+ xorq %r13, %r10
+ xorq %rax, %r15
+ xorq %rdx, %r15
+ movl %r11d, %ecx
+ xorl %r9d, %r15d
+ roll $5, %ecx
+ roll %r15d
+ addq %r10, %rcx
+ addq %r14, %rcx
+ movq %r15, -24(%rdi)
+ movq -24(%rdi), %rsi
+ movq -40(%rdi), %r14
+ movq 48(%rdi), %rax
+ roll $30, %r12d
+ movq (%rdi), %rdx
+ movq -16(%rdi), %r10
+ movl %r11d, %r15d
+ leaq 1859775393(%rcx,%rsi), %r9
+ xorq %r12, %r11
+ roll $30, %r15d
+ xorq %rax, %r14
+ xorq %rbx, %r11
+ xorq %rdx, %r14
+ movl %r9d, %esi
+ xorl %r10d, %r14d
+ roll $5, %esi
+ roll %r14d
+ addq %r11, %rsi
+ movq %r14, -16(%rdi)
+ movq -16(%rdi), %r8
+ addq %r13, %rsi
+ movq -32(%rdi), %r11
+ movq 56(%rdi), %rax
+ movl %r9d, %r14d
+ movq 8(%rdi), %rdx
+ movq -8(%rdi), %r10
+ xorq %r15, %r9
+ leaq 1859775393(%rsi,%r8), %r13
+ xorq %r12, %r9
+ roll $30, %r14d
+ xorq %rax, %r11
+ xorq %rdx, %r11
+ movl %r13d, %r8d
+ xorl %r10d, %r11d
+ roll $5, %r8d
+ movl %r13d, %r10d
+ roll %r11d
+ addq %r9, %r8
+ xorq %r14, %r13
+ movq %r11, -8(%rdi)
+ addq %rbx, %r8
+ movq -8(%rdi), %rbx
+ movq -24(%rdi), %r9
+ movq 64(%rdi), %rax
+ xorq %r15, %r13
+ movq 16(%rdi), %rdx
+ movq (%rdi), %rcx
+ leaq 1859775393(%r8,%rbx), %r11
+ xorq %rax, %r9
+ xorq %rdx, %r9
+ movl %r11d, %ebx
+ xorl %ecx, %r9d
+ roll $5, %ebx
+ roll %r9d
+ addq %r13, %rbx
+ movq %r9, (%rdi)
+ movq (%rdi), %rsi
+ addq %r12, %rbx
+ movq -16(%rdi), %r12
+ movq 72(%rdi), %r13
+ movl %r11d, %r9d
+ leaq 1859775393(%rbx,%rsi), %rcx
+ movl %r10d, %ebx
+ movq 24(%rdi), %r10
+ movq 8(%rdi), %rax
+ xorq %r13, %r12
+ roll $30, %ebx
+ movl %ecx, %esi
+ xorq %r10, %r12
+ xorq %rbx, %r11
+ roll $5, %esi
+ xorl %eax, %r12d
+ xorq %r14, %r11
+ roll $30, %r9d
+ roll %r12d
+ addq %r11, %rsi
+ movq %rcx, %rax
+ movq %r12, 8(%rdi)
+ movq 8(%rdi), %rdx
+ addq %r15, %rsi
+ movq -8(%rdi), %r11
+ movq -48(%rdi), %r13
+ movl %ecx, %r12d
+ movq 32(%rdi), %r10
+ movq 16(%rdi), %r8
+ orq %r9, %rcx
+ leaq 1859775393(%rsi,%rdx), %rsi
+ andq %rbx, %rcx
+ andq %r9, %rax
+ xorq %r13, %r11
+ orq %rcx, %rax
+ roll $30, %r12d
+ xorq %r10, %r11
+ movq %rsi, %r10
+ xorl %r8d, %r11d
+ movl %esi, %r8d
+ andq %r12, %r10
+ roll %r11d
+ roll $5, %r8d
+ movq %r11, 16(%rdi)
+ addq %rax, %r8
+ movq 16(%rdi), %r15
+ movq (%rdi), %r13
+ movq -40(%rdi), %rdx
+ addq %r14, %r8
+ movq 40(%rdi), %r14
+ movq 24(%rdi), %rcx
+ movl %esi, %r11d
+ addq %r15, %r8
+ movl $2400959708, %r15d
+ orq %r12, %rsi
+ xorq %rdx, %r13
+ addq %r15, %r8
+ andq %r9, %rsi
+ xorq %r14, %r13
+ orq %rsi, %r10
+ xorl %ecx, %r13d
+ movl %r8d, %ecx
+ roll %r13d
+ roll $5, %ecx
+ movq %r13, 24(%rdi)
+ addq %r10, %rcx
+ movq 24(%rdi), %rax
+ movq 8(%rdi), %r14
+ movq -32(%rdi), %rdx
+ addq %rbx, %rcx
+ movq 48(%rdi), %rbx
+ movq 32(%rdi), %rsi
+ roll $30, %r11d
+ addq %rax, %rcx
+ movl %r8d, %r13d
+ movq %r8, %r10
+ xorq %rdx, %r14
+ addq %r15, %rcx
+ orq %r11, %r8
+ xorq %rbx, %r14
+ andq %r12, %r8
+ andq %r11, %r10
+ xorl %esi, %r14d
+ movl %ecx, %esi
+ orq %r8, %r10
+ roll $5, %esi
+ roll %r14d
+ roll $30, %r13d
+ addq %r10, %rsi
+ movq %r14, 32(%rdi)
+ movq 32(%rdi), %rax
+ addq %r9, %rsi
+ movq 16(%rdi), %r9
+ movq -24(%rdi), %rdx
+ movq 56(%rdi), %rbx
+ movq 40(%rdi), %r8
+ movl %ecx, %r14d
+ addq %rax, %rsi
+ movq %rcx, %r10
+ orq %r13, %rcx
+ xorq %rdx, %r9
+ addq %r15, %rsi
+ andq %r11, %rcx
+ xorq %rbx, %r9
+ andq %r13, %r10
+ roll $30, %r14d
+ xorl %r8d, %r9d
+ movl %esi, %r8d
+ orq %rcx, %r10
+ roll %r9d
+ roll $5, %r8d
+ movq %r9, 40(%rdi)
+ addq %r10, %r8
+ movq 40(%rdi), %rax
+ movq 24(%rdi), %r10
+ movq -16(%rdi), %rdx
+ addq %r12, %r8
+ movq 64(%rdi), %rbx
+ movq 48(%rdi), %rcx
+ movl %esi, %r9d
+ addq %rax, %r8
+ movq %rsi, %r12
+ xorq %rdx, %r10
+ addq %r15, %r8
+ xorq %rbx, %r10
+ orq %r14, %rsi
+ andq %r14, %r12
+ andq %r13, %rsi
+ xorl %ecx, %r10d
+ movl %r8d, %ecx
+ orq %rsi, %r12
+ roll %r10d
+ roll $5, %ecx
+ movq %r10, 48(%rdi)
+ addq %r12, %rcx
+ movq 48(%rdi), %rax
+ movq 32(%rdi), %r12
+ movq -8(%rdi), %rdx
+ addq %r11, %rcx
+ movq 72(%rdi), %rbx
+ movq 56(%rdi), %rsi
+ roll $30, %r9d
+ addq %rax, %rcx
+ movl %r8d, %r10d
+ movq %r8, %r11
+ xorq %rdx, %r12
+ addq %r15, %rcx
+ orq %r9, %r8
+ xorq %rbx, %r12
+ andq %r14, %r8
+ andq %r9, %r11
+ xorl %esi, %r12d
+ movl %ecx, %esi
+ orq %r8, %r11
+ roll %r12d
+ roll $5, %esi
+ roll $30, %r10d
+ movq %r12, 56(%rdi)
+ addq %r11, %rsi
+ movq 56(%rdi), %rax
+ movq 40(%rdi), %r11
+ movq (%rdi), %rdx
+ addq %r13, %rsi
+ movq -48(%rdi), %rbx
+ movq 64(%rdi), %r8
+ movq %rcx, %r13
+ addq %rax, %rsi
+ andq %r10, %r13
+ movl %ecx, %r12d
+ xorq %rdx, %r11
+ addq %r15, %rsi
+ xorq %rbx, %r11
+ xorl %r8d, %r11d
+ movl %esi, %r8d
+ roll %r11d
+ roll $5, %r8d
+ orq %r10, %rcx
+ andq %r9, %rcx
+ movq %r11, 64(%rdi)
+ movq 64(%rdi), %rax
+ orq %rcx, %r13
+ roll $30, %r12d
+ movl %esi, %r11d
+ addq %r13, %r8
+ movq 48(%rdi), %r13
+ movq 8(%rdi), %rdx
+ movq -40(%rdi), %rbx
+ addq %r14, %r8
+ movq 72(%rdi), %rcx
+ addq %rax, %r8
+ movq %rsi, %r14
+ orq %r12, %rsi
+ xorq %rdx, %r13
+ addq %r15, %r8
+ andq %r10, %rsi
+ xorq %rbx, %r13
+ andq %r12, %r14
+ roll $30, %r11d
+ xorl %ecx, %r13d
+ movl %r8d, %ecx
+ orq %rsi, %r14
+ roll %r13d
+ roll $5, %ecx
+ movq %r13, 72(%rdi)
+ addq %r14, %rcx
+ movq 72(%rdi), %rax
+ movq 56(%rdi), %r14
+ movq 16(%rdi), %rdx
+ addq %r9, %rcx
+ movq -32(%rdi), %rbx
+ movq -48(%rdi), %rsi
+ movl %r8d, %r13d
+ addq %rax, %rcx
+ movq %r8, %r9
+ orq %r11, %r8
+ xorq %rdx, %r14
+ addq %r15, %rcx
+ andq %r12, %r8
+ xorq %rbx, %r14
+ andq %r11, %r9
+ xorl %esi, %r14d
+ movl %ecx, %esi
+ orq %r8, %r9
+ roll $5, %esi
+ roll %r14d
+ addq %r9, %rsi
+ movq %r14, -48(%rdi)
+ movq -48(%rdi), %rax
+ addq %r10, %rsi
+ movq 64(%rdi), %r10
+ movq 24(%rdi), %rdx
+ movq -24(%rdi), %rbx
+ movq -40(%rdi), %r8
+ movl %ecx, %r14d
+ addq %rax, %rsi
+ roll $30, %r13d
+ movq %rcx, %r9
+ xorq %rdx, %r10
+ addq %r15, %rsi
+ orq %r13, %rcx
+ xorq %rbx, %r10
+ andq %r11, %rcx
+ andq %r13, %r9
+ xorl %r8d, %r10d
+ movl %esi, %r8d
+ orq %rcx, %r9
+ roll $5, %r8d
+ roll %r10d
+ roll $30, %r14d
+ addq %r9, %r8
+ movq %r10, -40(%rdi)
+ movq -40(%rdi), %rax
+ addq %r12, %r8
+ movq 72(%rdi), %r12
+ movq 32(%rdi), %rdx
+ movq -16(%rdi), %rbx
+ movq -32(%rdi), %rcx
+ movl %esi, %r10d
+ addq %rax, %r8
+ movq %rsi, %r9
+ orq %r14, %rsi
+ xorq %rdx, %r12
+ addq %r15, %r8
+ andq %r13, %rsi
+ xorq %rbx, %r12
+ andq %r14, %r9
+ roll $30, %r10d
+ xorl %ecx, %r12d
+ movl %r8d, %ecx
+ orq %rsi, %r9
+ roll $5, %ecx
+ roll %r12d
+ addq %r9, %rcx
+ movq %r12, -32(%rdi)
+ movq -32(%rdi), %rax
+ addq %r11, %rcx
+ movq -48(%rdi), %r11
+ movq 40(%rdi), %rdx
+ movq -8(%rdi), %rbx
+ movq -24(%rdi), %rsi
+ movl %r8d, %r12d
+ addq %rax, %rcx
+ movq %r8, %r9
+ xorq %rdx, %r11
+ addq %r15, %rcx
+ xorq %rbx, %r11
+ xorl %esi, %r11d
+ orq %r10, %r8
+ andq %r10, %r9
+ andq %r14, %r8
+ movl %ecx, %esi
+ roll %r11d
+ orq %r8, %r9
+ roll $5, %esi
+ movq %r11, -24(%rdi)
+ addq %r9, %rsi
+ movq -24(%rdi), %rax
+ roll $30, %r12d
+ addq %r13, %rsi
+ movq -40(%rdi), %r13
+ movq 48(%rdi), %rdx
+ movq (%rdi), %rbx
+ movq -16(%rdi), %r8
+ movl %ecx, %r11d
+ addq %rax, %rsi
+ movq %rcx, %r9
+ orq %r12, %rcx
+ xorq %rdx, %r13
+ addq %r15, %rsi
+ andq %r10, %rcx
+ xorq %rbx, %r13
+ andq %r12, %r9
+ roll $30, %r11d
+ xorl %r8d, %r13d
+ movl %esi, %r8d
+ orq %rcx, %r9
+ roll %r13d
+ roll $5, %r8d
+ movq %r13, -16(%rdi)
+ addq %r9, %r8
+ movq -16(%rdi), %rax
+ movq -32(%rdi), %r9
+ movq 56(%rdi), %rdx
+ addq %r14, %r8
+ movq 8(%rdi), %rcx
+ movq -8(%rdi), %rbx
+ movl %esi, %r13d
+ addq %rax, %r8
+ movq %rsi, %r14
+ orq %r11, %rsi
+ xorq %rdx, %r9
+ addq %r15, %r8
+ andq %r11, %r14
+ xorq %rcx, %r9
+ xorl %ebx, %r9d
+ movl %r8d, %ebx
+ roll %r9d
+ roll $5, %ebx
+ andq %r12, %rsi
+ orq %rsi, %r14
+ movq %r9, -8(%rdi)
+ movq -8(%rdi), %rax
+ addq %r14, %rbx
+ movq -24(%rdi), %r14
+ movq 64(%rdi), %rdx
+ movq 16(%rdi), %rcx
+ addq %r10, %rbx
+ movq (%rdi), %rsi
+ roll $30, %r13d
+ addq %rax, %rbx
+ movl %r8d, %r9d
+ xorq %rdx, %r14
+ addq %r15, %rbx
+ movq %r8, %r10
+ xorq %rcx, %r14
+ orq %r13, %r8
+ andq %r13, %r10
+ andq %r11, %r8
+ xorl %esi, %r14d
+ movl %ebx, %esi
+ orq %r8, %r10
+ roll $5, %esi
+ roll %r14d
+ addq %r10, %rsi
+ movq %r14, (%rdi)
+ movq (%rdi), %rax
+ addq %r12, %rsi
+ movq -16(%rdi), %r12
+ movq 72(%rdi), %rdx
+ movq 24(%rdi), %rcx
+ movq 8(%rdi), %r8
+ roll $30, %r9d
+ addq %rax, %rsi
+ movl %ebx, %r14d
+ movq %rbx, %r10
+ xorq %rdx, %r12
+ addq %r15, %rsi
+ orq %r9, %rbx
+ xorq %rcx, %r12
+ andq %r13, %rbx
+ andq %r9, %r10
+ xorl %r8d, %r12d
+ movl %esi, %r8d
+ orq %rbx, %r10
+ roll %r12d
+ roll $5, %r8d
+ movq %r12, 8(%rdi)
+ movq 8(%rdi), %rax
+ addq %r10, %r8
+ movq -8(%rdi), %rbx
+ movq -48(%rdi), %rdx
+ addq %r11, %r8
+ movq 32(%rdi), %r11
+ movq 16(%rdi), %rcx
+ movl %esi, %r12d
+ addq %rax, %r8
+ movq %rsi, %r10
+ addq %r15, %r8
+ xorq %rdx, %rbx
+ roll $30, %r14d
+ xorq %r11, %rbx
+ orq %r14, %rsi
+ andq %r14, %r10
+ xorl %ecx, %ebx
+ andq %r9, %rsi
+ movl %r8d, %ecx
+ roll %ebx
+ orq %rsi, %r10
+ roll $5, %ecx
+ movq %rbx, 16(%rdi)
+ movq 16(%rdi), %rsi
+ addq %r10, %rcx
+ movq (%rdi), %r11
+ movq -40(%rdi), %rax
+ addq %r13, %rcx
+ movq 40(%rdi), %rdx
+ movq 24(%rdi), %r13
+ roll $30, %r12d
+ addq %rsi, %rcx
+ movl %r8d, %ebx
+ movq %r8, %r10
+ xorq %rax, %r11
+ addq %r15, %rcx
+ orq %r12, %r8
+ xorq %rdx, %r11
+ andq %r14, %r8
+ andq %r12, %r10
+ xorl %r13d, %r11d
+ movl %ecx, %r13d
+ orq %r8, %r10
+ roll %r11d
+ roll $5, %r13d
+ roll $30, %ebx
+ movq %r11, 24(%rdi)
+ addq %r10, %r13
+ movq 24(%rdi), %rsi
+ movq 8(%rdi), %r10
+ movq -32(%rdi), %rax
+ addq %r9, %r13
+ movq 48(%rdi), %rdx
+ movq 32(%rdi), %r8
+ movl %ecx, %r11d
+ addq %rsi, %r13
+ movq %rcx, %r9
+ xorq %rax, %r10
+ addq %r15, %r13
+ xorq %rdx, %r10
+ xorl %r8d, %r10d
+ movl %r13d, %r8d
+ roll %r10d
+ orq %rbx, %rcx
+ andq %rbx, %r9
+ movq %r10, 32(%rdi)
+ andq %r12, %rcx
+ movl %r13d, %r10d
+ orq %rcx, %r9
+ roll $5, %r10d
+ movq 32(%rdi), %rsi
+ addq %r9, %r10
+ roll $30, %r11d
+ movq %r13, %rcx
+ addq %r14, %r10
+ movq 16(%rdi), %r14
+ movq -24(%rdi), %rax
+ movq 56(%rdi), %rdx
+ movq 40(%rdi), %r9
+ addq %rsi, %r10
+ addq %r15, %r10
+ orq %r11, %r13
+ andq %r11, %rcx
+ xorq %rax, %r14
+ andq %rbx, %r13
+ xorq %rdx, %r14
+ orq %r13, %rcx
+ xorl %r9d, %r14d
+ movl %r10d, %r9d
+ roll %r14d
+ roll $5, %r9d
+ movq %r14, 40(%rdi)
+ movq 40(%rdi), %rsi
+ addq %rcx, %r9
+ movq 24(%rdi), %r13
+ addq %r12, %r9
+ movq -16(%rdi), %r12
+ movq 64(%rdi), %rax
+ movl %r10d, %r14d
+ addq %rsi, %r9
+ movl %r8d, %esi
+ addq %r15, %r9
+ movq 48(%rdi), %r15
+ xorq %r12, %r13
+ roll $30, %esi
+ xorq %rax, %r13
+ xorq %rsi, %r10
+ xorl %r15d, %r13d
+ movl %r9d, %r15d
+ xorq %r11, %r10
+ roll $5, %r15d
+ roll %r13d
+ addq %r10, %r15
+ movq %r13, 48(%rdi)
+ movq 48(%rdi), %r10
+ addq %rbx, %r15
+ movq 32(%rdi), %rbx
+ movq -8(%rdi), %r8
+ movq 72(%rdi), %rdx
+ movq 56(%rdi), %rcx
+ roll $30, %r14d
+ addq %r10, %r15
+ movl $3395469782, %r10d
+ movl %r9d, %r13d
+ xorq %r8, %rbx
+ addq %r10, %r15
+ xorq %r14, %r9
+ xorq %rdx, %rbx
+ xorq %rsi, %r9
+ roll $30, %r13d
+ xorl %ecx, %ebx
+ movl %r15d, %ecx
+ roll %ebx
+ roll $5, %ecx
+ movq %rbx, 56(%rdi)
+ addq %r9, %rcx
+ movq 56(%rdi), %r12
+ movq 40(%rdi), %r9
+ movq (%rdi), %rax
+ addq %r11, %rcx
+ movq -48(%rdi), %r8
+ movq 64(%rdi), %r11
+ movl %r15d, %ebx
+ addq %r12, %rcx
+ xorq %r13, %r15
+ roll $30, %ebx
+ xorq %rax, %r9
+ addq %r10, %rcx
+ xorq %r14, %r15
+ xorq %r8, %r9
+ xorl %r11d, %r9d
+ movl %ecx, %r11d
+ roll %r9d
+ roll $5, %r11d
+ movq %r9, 64(%rdi)
+ addq %r15, %r11
+ movq 64(%rdi), %rdx
+ movq 48(%rdi), %r15
+ movq 8(%rdi), %r12
+ addq %rsi, %r11
+ movq -40(%rdi), %rax
+ movq 72(%rdi), %r8
+ movl %ecx, %r9d
+ addq %rdx, %r11
+ xorq %r12, %r15
+ addq %r10, %r11
+ xorq %rax, %r15
+ xorl %r8d, %r15d
+ movl %r11d, %r8d
+ roll %r15d
+ roll $5, %r8d
+ xorq %rbx, %rcx
+ xorq %r13, %rcx
+ movq %r15, 72(%rdi)
+ movq 72(%rdi), %rsi
+ addq %rcx, %r8
+ movq 56(%rdi), %r12
+ movq 16(%rdi), %rcx
+ movq -32(%rdi), %rdx
+ addq %r14, %r8
+ movq -48(%rdi), %r14
+ addq %rsi, %r8
+ roll $30, %r9d
+ movl %r11d, %r15d
+ xorq %rcx, %r12
+ addq %r10, %r8
+ xorq %r9, %r11
+ xorq %rdx, %r12
+ xorq %rbx, %r11
+ roll $30, %r15d
+ xorl %r14d, %r12d
+ movl %r8d, %r14d
+ roll $5, %r14d
+ roll %r12d
+ addq %r11, %r14
+ movq %r12, -48(%rdi)
+ movq -48(%rdi), %rax
+ addq %r13, %r14
+ movq 64(%rdi), %r13
+ movq 24(%rdi), %rsi
+ movq -24(%rdi), %rcx
+ movq -40(%rdi), %r11
+ movl %r8d, %r12d
+ addq %rax, %r14
+ xorq %r15, %r8
+ roll $30, %r12d
+ xorq %rsi, %r13
+ addq %r10, %r14
+ xorq %r9, %r8
+ xorq %rcx, %r13
+ xorl %r11d, %r13d
+ movl %r14d, %r11d
+ roll $5, %r11d
+ roll %r13d
+ addq %r8, %r11
+ movq %r13, -40(%rdi)
+ movq -40(%rdi), %rdx
+ addq %rbx, %r11
+ movq 72(%rdi), %rbx
+ movq 32(%rdi), %rax
+ movq -16(%rdi), %rsi
+ movq -32(%rdi), %r8
+ movl %r14d, %r13d
+ addq %rdx, %r11
+ xorq %rax, %rbx
+ addq %r10, %r11
+ xorq %rsi, %rbx
+ xorl %r8d, %ebx
+ xorq %r12, %r14
+ movl %r11d, %r8d
+ xorq %r15, %r14
+ roll %ebx
+ roll $5, %r8d
+ movq %rbx, -32(%rdi)
+ addq %r14, %r8
+ movq -32(%rdi), %rcx
+ movq -48(%rdi), %r14
+ movq 40(%rdi), %rdx
+ addq %r9, %r8
+ movq -8(%rdi), %rax
+ movq -24(%rdi), %r9
+ roll $30, %r13d
+ addq %rcx, %r8
+ movl %r11d, %ebx
+ xorq %r13, %r11
+ xorq %rdx, %r14
+ addq %r10, %r8
+ xorq %r12, %r11
+ xorq %rax, %r14
+ roll $30, %ebx
+ xorl %r9d, %r14d
+ movl %r8d, %r9d
+ roll $5, %r9d
+ roll %r14d
+ addq %r11, %r9
+ movq %r14, -24(%rdi)
+ movq -24(%rdi), %rsi
+ addq %r15, %r9
+ movq -40(%rdi), %r15
+ movq 48(%rdi), %rcx
+ movq (%rdi), %rdx
+ movq -16(%rdi), %r11
+ movl %r8d, %r14d
+ addq %rsi, %r9
+ xorq %rbx, %r8
+ xorq %rcx, %r15
+ addq %r10, %r9
+ xorq %r13, %r8
+ xorq %rdx, %r15
+ xorl %r11d, %r15d
+ movl %r9d, %r11d
+ roll %r15d
+ roll $5, %r11d
+ movq %r15, -16(%rdi)
+ addq %r8, %r11
+ movq -16(%rdi), %rax
+ addq %r12, %r11
+ movq -32(%rdi), %r12
+ movq 56(%rdi), %rsi
+ movq 8(%rdi), %rcx
+ movq -8(%rdi), %r8
+ movl %r9d, %r15d
+ addq %rax, %r11
+ addq %r10, %r11
+ roll $30, %r14d
+ xorq %rsi, %r12
+ xorq %rcx, %r12
+ xorq %r14, %r9
+ roll $30, %r15d
+ xorl %r8d, %r12d
+ movl %r11d, %r8d
+ xorq %rbx, %r9
+ roll $5, %r8d
+ roll %r12d
+ addq %r9, %r8
+ movq %r12, -8(%rdi)
+ movq -8(%rdi), %rdx
+ addq %r13, %r8
+ movq -24(%rdi), %r13
+ movq 64(%rdi), %rax
+ movq 16(%rdi), %rsi
+ movq (%rdi), %rcx
+ movl %r11d, %r12d
+ addq %rdx, %r8
+ xorq %r15, %r11
+ roll $30, %r12d
+ xorq %rax, %r13
+ addq %r10, %r8
+ xorq %r14, %r11
+ xorq %rsi, %r13
+ xorl %ecx, %r13d
+ movl %r8d, %ecx
+ roll $5, %ecx
+ roll %r13d
+ addq %r11, %rcx
+ movq %r13, (%rdi)
+ movq (%rdi), %r9
+ addq %rbx, %rcx
+ movq -16(%rdi), %rbx
+ movq 72(%rdi), %rdx
+ movq 24(%rdi), %rax
+ movq 8(%rdi), %rsi
+ movl %r8d, %r13d
+ addq %r9, %rcx
+ xorq %r12, %r8
+ xorq %rdx, %rbx
+ addq %r10, %rcx
+ xorq %r15, %r8
+ xorq %rax, %rbx
+ xorl %esi, %ebx
+ movl %ecx, %esi
+ roll $5, %esi
+ roll %ebx
+ addq %r8, %rsi
+ movq %rbx, 8(%rdi)
+ movq 8(%rdi), %r11
+ addq %r14, %rsi
+ movq -8(%rdi), %r14
+ movq -48(%rdi), %r9
+ movq 32(%rdi), %rdx
+ movq 16(%rdi), %r8
+ roll $30, %r13d
+ addq %r11, %rsi
+ movl %ecx, %ebx
+ xorq %r13, %rcx
+ xorq %r9, %r14
+ addq %r10, %rsi
+ xorq %r12, %rcx
+ xorq %rdx, %r14
+ roll $30, %ebx
+ xorl %r8d, %r14d
+ movl %esi, %r8d
+ roll $5, %r8d
+ roll %r14d
+ addq %rcx, %r8
+ movq %r14, 16(%rdi)
+ movq 16(%rdi), %rax
+ addq %r15, %r8
+ movq (%rdi), %r15
+ movq -40(%rdi), %r11
+ movq 40(%rdi), %r9
+ movq 24(%rdi), %rcx
+ movl %esi, %r14d
+ addq %rax, %r8
+ xorq %rbx, %rsi
+ roll $30, %r14d
+ xorq %r11, %r15
+ addq %r10, %r8
+ xorq %r13, %rsi
+ xorq %r9, %r15
+ xorl %ecx, %r15d
+ movl %r8d, %ecx
+ roll %r15d
+ roll $5, %ecx
+ movq %r15, 24(%rdi)
+ addq %rsi, %rcx
+ movq 24(%rdi), %rdx
+ movq 8(%rdi), %r11
+ movq -32(%rdi), %rax
+ addq %r12, %rcx
+ movq 48(%rdi), %r12
+ movq 32(%rdi), %rsi
+ movl %r8d, %r15d
+ addq %rdx, %rcx
+ xorq %rax, %r11
+ addq %r10, %rcx
+ xorq %r12, %r11
+ xorl %esi, %r11d
+ movl %ecx, %esi
+ roll %r11d
+ movq %r11, 32(%rdi)
+ movl %ecx, %r11d
+ movq 32(%rdi), %r9
+ roll $5, %r11d
+ xorq %r14, %r8
+ movq 16(%rdi), %r12
+ xorq %rbx, %r8
+ movq -24(%rdi), %rdx
+ movq 56(%rdi), %rax
+ addq %r8, %r11
+ movq 40(%rdi), %r8
+ roll $30, %r15d
+ addq %r13, %r11
+ xorq %r15, %rcx
+ addq %r9, %r11
+ xorq %rdx, %r12
+ xorq %r14, %rcx
+ addq %r10, %r11
+ xorq %rax, %r12
+ xorl %r8d, %r12d
+ movl %r11d, %r8d
+ roll $5, %r8d
+ roll %r12d
+ addq %rcx, %r8
+ movq %r12, 40(%rdi)
+ movq 40(%rdi), %r13
+ addq %rbx, %r8
+ movq 24(%rdi), %rbx
+ movq -16(%rdi), %r9
+ movq 64(%rdi), %rdx
+ movq 48(%rdi), %rcx
+ movl %r11d, %r12d
+ addq %r13, %r8
+ movl %esi, %r13d
+ roll $30, %r12d
+ xorq %r9, %rbx
+ addq %r10, %r8
+ roll $30, %r13d
+ xorq %rdx, %rbx
+ xorq %r13, %r11
+ xorl %ecx, %ebx
+ movl %r8d, %ecx
+ xorq %r15, %r11
+ roll %ebx
+ roll $5, %ecx
+ movq %rbx, 48(%rdi)
+ addq %r11, %rcx
+ movq 48(%rdi), %rax
+ movq 32(%rdi), %r11
+ movq -8(%rdi), %rsi
+ addq %r14, %rcx
+ movq 72(%rdi), %r9
+ movq 56(%rdi), %r14
+ movl %r8d, %ebx
+ addq %rax, %rcx
+ xorq %rsi, %r11
+ addq %r10, %rcx
+ xorq %r9, %r11
+ xorl %r14d, %r11d
+ xorq %r12, %r8
+ movl %ecx, %r14d
+ xorq %r13, %r8
+ roll %r11d
+ roll $5, %r14d
+ movq %r11, 56(%rdi)
+ addq %r8, %r14
+ movq 56(%rdi), %rdx
+ movq 40(%rdi), %r8
+ movq (%rdi), %rax
+ addq %r15, %r14
+ movq -48(%rdi), %r15
+ movq 64(%rdi), %rsi
+ roll $30, %ebx
+ addq %rdx, %r14
+ movl %ecx, %r11d
+ xorq %rbx, %rcx
+ xorq %rax, %r8
+ addq %r10, %r14
+ xorq %r12, %rcx
+ xorq %r15, %r8
+ roll $30, %r11d
+ xorl %esi, %r8d
+ movl %r14d, %esi
+ roll %r8d
+ roll $5, %esi
+ movq %r8, 64(%rdi)
+ movq 64(%rdi), %r9
+ addq %rcx, %rsi
+ movq 48(%rdi), %r15
+ movq 8(%rdi), %rcx
+ addq %r13, %rsi
+ movq -40(%rdi), %rdx
+ movq 72(%rdi), %rax
+ movl %r14d, %r8d
+ addq %r9, %rsi
+ xorq %r11, %r14
+ addq %r10, %rsi
+ xorq %rcx, %r15
+ xorq %rbx, %r14
+ xorq %rdx, %r15
+ movl %esi, %r13d
+ xorl %eax, %r15d
+ roll $5, %r13d
+ roll %r15d
+ addq %r14, %r13
+ movq %r15, 72(%rdi)
+ addq %r12, %r13
+ movq 72(%rdi), %r12
+ addq %r12, %r13
+ addq %r10, %r13
+ movq -88(%rdi), %r10
+ roll $30, %r8d
+ addq %r13, %r10
+ movq %r10, -88(%rdi)
+ movq -80(%rdi), %r9
+ addq %rsi, %r9
+ movq %r9, -80(%rdi)
+ movq -72(%rdi), %rcx
+ addq %r8, %rcx
+ movq %rcx, -72(%rdi)
+ movq -64(%rdi), %rdx
+ addq %r11, %rdx
+ movq %rdx, -64(%rdi)
+ movq -56(%rdi), %rax
+ addq %rbx, %rax
+ popq %rbx
+ popq %r12
+ popq %r13
+ popq %r14
+ popq %r15
+ movq %rax, -56(%rdi)
+ ret
+.LFE7:
+ .size shaCompress, .-shaCompress
+ .align 16
+.globl SHA1_Update
+ .type SHA1_Update, @function
+SHA1_Update:
+.LFB5:
+ pushq %rbp
+.LCFI5:
+ movq %rsp, %rbp
+.LCFI6:
+ movq %r13, -24(%rbp)
+.LCFI7:
+ movq %r14, -16(%rbp)
+.LCFI8:
+ movl %edx, %r13d
+ movq %r15, -8(%rbp)
+.LCFI9:
+ movq %rbx, -40(%rbp)
+.LCFI10:
+ movq %rdi, %r15
+ movq %r12, -32(%rbp)
+.LCFI11:
+ subq $48, %rsp
+.LCFI12:
+ testl %edx, %edx
+ movq %rsi, %r14
+ je .L243
+ movq 64(%rdi), %rdx
+ mov %r13d, %ecx
+ leaq (%rdx,%rcx), %rax
+ movq %rax, 64(%rdi)
+ movl %edx, %eax
+ andl $63, %eax
+ movl %eax, -44(%rbp)
+ jne .L256
+.L245:
+ cmpl $63, %r13d
+ jbe .L253
+ leaq 160(%r15), %rbx
+ .align 16
+.L250:
+ movq %r14, %rsi
+ subl $64, %r13d
+ movq %rbx, %rdi
+ call shaCompress
+ addq $64, %r14
+ cmpl $63, %r13d
+ ja .L250
+.L253:
+ testl %r13d, %r13d
+ je .L243
+ mov %r13d, %edx
+ movq %r14, %rsi
+ movq %r15, %rdi
+ movq -40(%rbp), %rbx
+ movq -32(%rbp), %r12
+ movq -24(%rbp), %r13
+ movq -16(%rbp), %r14
+ movq -8(%rbp), %r15
+ leave
+ jmp memcpy@PLT
+ .align 16
+.L243:
+ movq -40(%rbp), %rbx
+ movq -32(%rbp), %r12
+ movq -24(%rbp), %r13
+ movq -16(%rbp), %r14
+ movq -8(%rbp), %r15
+ leave
+ ret
+.L256:
+ movl $64, %ebx
+ mov %eax, %edi
+ subl %eax, %ebx
+ cmpl %ebx, %r13d
+ cmovb %r13d, %ebx
+ addq %r15, %rdi
+ mov %ebx, %r12d
+ subl %ebx, %r13d
+ movq %r12, %rdx
+ addq %r12, %r14
+ call memcpy@PLT
+ addl -44(%rbp), %ebx
+ andl $63, %ebx
+ jne .L245
+ leaq 160(%r15), %rdi
+ movq %r15, %rsi
+ call shaCompress
+ jmp .L245
+.LFE5:
+ .size SHA1_Update, .-SHA1_Update
+ .section .rodata
+ .align 32
+ .type bulk_pad.0, @object
+ .size bulk_pad.0, 64
+bulk_pad.0:
+ .byte -128
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .byte 0
+ .text
+ .align 16
+.globl SHA1_End
+ .type SHA1_End, @function
+SHA1_End:
+.LFB6:
+ pushq %rbp
+.LCFI13:
+ movq %rsp, %rbp
+.LCFI14:
+ movq %r12, -24(%rbp)
+.LCFI15:
+ movq %r13, -16(%rbp)
+.LCFI16:
+ movq %rsi, %r13
+ movq %r14, -8(%rbp)
+.LCFI17:
+ movq %rbx, -32(%rbp)
+.LCFI18:
+ subq $32, %rsp
+.LCFI19:
+ movq 64(%rdi), %rbx
+ movq %rdx, %r14
+ movl $119, %edx
+ leaq bulk_pad.0(%rip), %rsi
+ movq %rdi, %r12
+ movl %ebx, %r8d
+ salq $3, %rbx
+ andl $63, %r8d
+ subl %r8d, %edx
+ andl $63, %edx
+ incl %edx
+ call SHA1_Update@PLT
+ movq %rbx, %rdi
+ movq %r12, %rsi
+ shrq $32, %rdi
+/APP
+ bswap %edi
+/NO_APP
+ movl %edi, 56(%r12)
+ leaq 160(%r12), %rdi
+/APP
+ bswap %ebx
+/NO_APP
+ movl %ebx, 60(%r12)
+ call shaCompress
+ movl 72(%r12), %esi
+ movl 80(%r12), %ebx
+ movl 88(%r12), %ecx
+ movl 96(%r12), %edx
+ movl 104(%r12), %eax
+ movq 8(%rsp), %r12
+/APP
+ bswap %ebx
+ bswap %esi
+/NO_APP
+ movl %ebx, 4(%r13)
+ movl %esi, (%r13)
+/APP
+ bswap %ecx
+ bswap %edx
+/NO_APP
+ movl %ecx, 8(%r13)
+ movl %edx, 12(%r13)
+/APP
+ bswap %eax
+/NO_APP
+ movq (%rsp), %rbx
+ movl %eax, 16(%r13)
+ cmpq $0, %r14
+ je .L133
+ movl $20, (%r14)
+.L133:
+ movq 16(%rsp), %r13
+ movq 24(%rsp), %r14
+ leave
+ ret
+.LFE6:
+ .size SHA1_End, .-SHA1_End
+ .align 16
+.globl SHA1_NewContext
+ .type SHA1_NewContext, @function
+SHA1_NewContext:
+.LFB8:
+ movl $248, %edi
+ jmp PORT_Alloc_Util@PLT
+.LFE8:
+ .size SHA1_NewContext, .-SHA1_NewContext
+ .align 16
+.globl SHA1_DestroyContext
+ .type SHA1_DestroyContext, @function
+SHA1_DestroyContext:
+.LFB9:
+ pushq %rbp
+.LCFI20:
+ movl $248, %edx
+ movq %rsp, %rbp
+.LCFI21:
+ movq %rbx, -16(%rbp)
+.LCFI22:
+ movq %r12, -8(%rbp)
+.LCFI23:
+ movl %esi, %ebx
+ subq $16, %rsp
+.LCFI24:
+ xorl %esi, %esi
+ movq %rdi, %r12
+ call memset@PLT
+ testl %ebx, %ebx
+ jne .L268
+ movq (%rsp), %rbx
+ movq 8(%rsp), %r12
+ leave
+ ret
+ .align 16
+.L268:
+ movq %r12, %rdi
+ movq (%rsp), %rbx
+ movq 8(%rsp), %r12
+ leave
+ jmp PORT_Free_Util@PLT
+.LFE9:
+ .size SHA1_DestroyContext, .-SHA1_DestroyContext
+ .align 16
+.globl SHA1_HashBuf
+ .type SHA1_HashBuf, @function
+SHA1_HashBuf:
+.LFB10:
+ pushq %rbp
+.LCFI25:
+ movq %rsp, %rbp
+.LCFI26:
+ movq %rbx, -32(%rbp)
+.LCFI27:
+ leaq -288(%rbp), %rbx
+ movq %r12, -24(%rbp)
+.LCFI28:
+ movq %r13, -16(%rbp)
+.LCFI29:
+ movq %r14, -8(%rbp)
+.LCFI30:
+ movq %rsi, %r13
+ subq $304, %rsp
+.LCFI31:
+ movq %rdi, %r14
+ movl %edx, %r12d
+ movq %rbx, %rdi
+ call SHA1_Begin@PLT
+ movl %r12d, %edx
+ movq %r13, %rsi
+ movq %rbx, %rdi
+ call SHA1_Update@PLT
+ leaq -292(%rbp), %rdx
+ movq %r14, %rsi
+ movq %rbx, %rdi
+ movl $20, %ecx
+ call SHA1_End@PLT
+ movq -32(%rbp), %rbx
+ movq -24(%rbp), %r12
+ xorl %eax, %eax
+ movq -16(%rbp), %r13
+ movq -8(%rbp), %r14
+ leave
+ ret
+.LFE10:
+ .size SHA1_HashBuf, .-SHA1_HashBuf
+ .align 16
+.globl SHA1_Hash
+ .type SHA1_Hash, @function
+SHA1_Hash:
+.LFB11:
+ pushq %rbp
+.LCFI32:
+ movq %rsp, %rbp
+.LCFI33:
+ movq %rbx, -16(%rbp)
+.LCFI34:
+ movq %r12, -8(%rbp)
+.LCFI35:
+ movq %rsi, %rbx
+ subq $16, %rsp
+.LCFI36:
+ movq %rdi, %r12
+ movq %rsi, %rdi
+ call strlen@PLT
+ movq %rbx, %rsi
+ movq %r12, %rdi
+ movq (%rsp), %rbx
+ movq 8(%rsp), %r12
+ leave
+ movl %eax, %edx
+ jmp SHA1_HashBuf@PLT
+.LFE11:
+ .size SHA1_Hash, .-SHA1_Hash
+ .align 16
+.globl SHA1_FlattenSize
+ .type SHA1_FlattenSize, @function
+SHA1_FlattenSize:
+.LFB12:
+ movl $248, %eax
+ ret
+.LFE12:
+ .size SHA1_FlattenSize, .-SHA1_FlattenSize
+ .align 16
+.globl SHA1_Flatten
+ .type SHA1_Flatten, @function
+SHA1_Flatten:
+.LFB13:
+ pushq %rbp
+.LCFI37:
+ movq %rsi, %rax
+ movl $248, %edx
+ movq %rdi, %rsi
+ movq %rax, %rdi
+ movq %rsp, %rbp
+.LCFI38:
+ call memcpy@PLT
+ leave
+ xorl %eax, %eax
+ ret
+.LFE13:
+ .size SHA1_Flatten, .-SHA1_Flatten
+ .align 16
+.globl SHA1_Resurrect
+ .type SHA1_Resurrect, @function
+SHA1_Resurrect:
+.LFB14:
+ pushq %rbp
+.LCFI39:
+ movq %rsp, %rbp
+.LCFI40:
+ movq %rbx, -16(%rbp)
+.LCFI41:
+ movq %r12, -8(%rbp)
+.LCFI42:
+ subq $16, %rsp
+.LCFI43:
+ movq %rdi, %r12
+ call SHA1_NewContext@PLT
+ movq %rax, %rbx
+ xorl %eax, %eax
+ testq %rbx, %rbx
+ je .L273
+ movl $248, %edx
+ movq %r12, %rsi
+ movq %rbx, %rdi
+ call memcpy@PLT
+ movq %rbx, %rax
+.L273:
+ movq (%rsp), %rbx
+ movq 8(%rsp), %r12
+ leave
+ ret
+.LFE14:
+ .size SHA1_Resurrect, .-SHA1_Resurrect
+ .align 16
+.globl SHA1_Clone
+ .type SHA1_Clone, @function
+SHA1_Clone:
+.LFB15:
+ movl $248, %edx
+ jmp memcpy@PLT
+.LFE15:
+ .size SHA1_Clone, .-SHA1_Clone
+ .align 16
+.globl SHA1_TraceState
+ .type SHA1_TraceState, @function
+SHA1_TraceState:
+.LFB16:
+ movl $-5992, %edi
+ jmp PORT_SetError_Util@PLT
+.LFE16:
+ .size SHA1_TraceState, .-SHA1_TraceState
+ .align 16
+.globl SHA1_EndRaw
+ .type SHA1_EndRaw, @function
+SHA1_EndRaw:
+.LFB50:
+ movq 72(%rdi), %rax
+/APP
+ bswap %eax
+/NO_APP
+ movl %eax, (%rsi)
+ movq 80(%rdi), %rax
+/APP
+ bswap %eax
+/NO_APP
+ movl %eax, 4(%rsi)
+ movq 88(%rdi), %rax
+/APP
+ bswap %eax
+/NO_APP
+ movl %eax, 8(%rsi)
+ movq 96(%rdi), %rax
+/APP
+ bswap %eax
+/NO_APP
+ movl %eax, 12(%rsi)
+ movq 104(%rdi), %rax
+/APP
+ bswap %eax
+/NO_APP
+ testq %rdx, %rdx
+ movl %eax, 16(%rsi)
+ je .L14
+ movl $20, (%rdx)
+.L14:
+ rep
+ ret
+.LFE50:
+ .size SHA1_EndRaw, .-SHA1_EndRaw
diff --git a/security/nss/lib/freebl/sha256.h b/security/nss/lib/freebl/sha256.h
new file mode 100644
index 000000000..c65ca152d
--- /dev/null
+++ b/security/nss/lib/freebl/sha256.h
@@ -0,0 +1,19 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SHA_256_H_
+#define _SHA_256_H_
+
+#include "prtypes.h"
+
+struct SHA256ContextStr {
+ union {
+ PRUint32 w[64]; /* message schedule, input buffer, plus 48 words */
+ PRUint8 b[256];
+ } u;
+ PRUint32 h[8]; /* 8 state variables */
+ PRUint32 sizeHi, sizeLo; /* 64-bit count of hashed bytes. */
+};
+
+#endif /* _SHA_256_H_ */
diff --git a/security/nss/lib/freebl/sha512.c b/security/nss/lib/freebl/sha512.c
new file mode 100644
index 000000000..528f884b2
--- /dev/null
+++ b/security/nss/lib/freebl/sha512.c
@@ -0,0 +1,1655 @@
+/*
+ * sha512.c - implementation of SHA224, SHA256, SHA384 and SHA512
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prcpucfg.h"
+#if defined(NSS_X86) || defined(SHA_NO_LONG_LONG)
+#define NOUNROLL512 1
+#undef HAVE_LONG_LONG
+#endif
+#include "prtypes.h" /* for PRUintXX */
+#include "prlong.h"
+#include "secport.h" /* for PORT_XXX */
+#include "blapi.h"
+#include "sha256.h" /* for struct SHA256ContextStr */
+
+/* ============= Common constants and defines ======================= */
+
+#define W ctx->u.w
+#define B ctx->u.b
+#define H ctx->h
+
+#define SHR(x, n) (x >> n)
+#define SHL(x, n) (x << n)
+#define Ch(x, y, z) ((x & y) ^ (~x & z))
+#define Maj(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
+#define SHA_MIN(a, b) (a < b ? a : b)
+
+/* Padding used with all flavors of SHA */
+static const PRUint8 pad[240] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ /* compiler will fill the rest in with zeros */
+};
+
+/* ============= SHA256 implementation ================================== */
+
+/* SHA-256 constants, K256. */
+static const PRUint32 K256[64] = {
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+/* SHA-256 initial hash values */
+static const PRUint32 H256[8] = {
+ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
+ 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
+};
+
+#if defined(IS_LITTLE_ENDIAN)
+#if (_MSC_VER >= 1300)
+#include <stdlib.h>
+#pragma intrinsic(_byteswap_ulong)
+#define SHA_HTONL(x) _byteswap_ulong(x)
+#elif defined(_MSC_VER) && defined(NSS_X86_OR_X64)
+#ifndef FORCEINLINE
+#if (_MSC_VER >= 1200)
+#define FORCEINLINE __forceinline
+#else
+#define FORCEINLINE __inline
+#endif
+#endif
+#define FASTCALL __fastcall
+
+static FORCEINLINE PRUint32 FASTCALL
+swap4b(PRUint32 dwd)
+{
+ __asm {
+ mov eax,dwd
+ bswap eax
+ }
+}
+
+#define SHA_HTONL(x) swap4b(x)
+
+#elif defined(__GNUC__) && defined(NSS_X86_OR_X64)
+static __inline__ PRUint32
+swap4b(PRUint32 value)
+{
+ __asm__("bswap %0"
+ : "+r"(value));
+ return (value);
+}
+#define SHA_HTONL(x) swap4b(x)
+
+#elif defined(__GNUC__) && (defined(__thumb2__) || \
+ (!defined(__thumb__) && \
+ (defined(__ARM_ARCH_6__) || \
+ defined(__ARM_ARCH_6J__) || \
+ defined(__ARM_ARCH_6K__) || \
+ defined(__ARM_ARCH_6Z__) || \
+ defined(__ARM_ARCH_6ZK__) || \
+ defined(__ARM_ARCH_6T2__) || \
+ defined(__ARM_ARCH_7__) || \
+ defined(__ARM_ARCH_7A__) || \
+ defined(__ARM_ARCH_7R__))))
+static __inline__ PRUint32
+swap4b(PRUint32 value)
+{
+ PRUint32 ret;
+ __asm__("rev %0, %1"
+ : "=r"(ret)
+ : "r"(value));
+ return ret;
+}
+#define SHA_HTONL(x) swap4b(x)
+
+#else
+#define SWAP4MASK 0x00FF00FF
+static PRUint32
+swap4b(PRUint32 value)
+{
+ PRUint32 t1 = (value << 16) | (value >> 16);
+ return ((t1 & SWAP4MASK) << 8) | ((t1 >> 8) & SWAP4MASK);
+}
+#define SHA_HTONL(x) swap4b(x)
+#endif
+#define BYTESWAP4(x) x = SHA_HTONL(x)
+#endif /* defined(IS_LITTLE_ENDIAN) */
+
+#if defined(_MSC_VER)
+#pragma intrinsic(_lrotr, _lrotl)
+#define ROTR32(x, n) _lrotr(x, n)
+#define ROTL32(x, n) _lrotl(x, n)
+#else
+#define ROTR32(x, n) ((x >> n) | (x << ((8 * sizeof x) - n)))
+#define ROTL32(x, n) ((x << n) | (x >> ((8 * sizeof x) - n)))
+#endif
+
+/* Capitol Sigma and lower case sigma functions */
+#define S0(x) (ROTR32(x, 2) ^ ROTR32(x, 13) ^ ROTR32(x, 22))
+#define S1(x) (ROTR32(x, 6) ^ ROTR32(x, 11) ^ ROTR32(x, 25))
+#define s0(x) (ROTR32(x, 7) ^ ROTR32(x, 18) ^ SHR(x, 3))
+#define s1(x) (ROTR32(x, 17) ^ ROTR32(x, 19) ^ SHR(x, 10))
+
+SHA256Context *
+SHA256_NewContext(void)
+{
+ SHA256Context *ctx = PORT_New(SHA256Context);
+ return ctx;
+}
+
+void
+SHA256_DestroyContext(SHA256Context *ctx, PRBool freeit)
+{
+ memset(ctx, 0, sizeof *ctx);
+ if (freeit) {
+ PORT_Free(ctx);
+ }
+}
+
+void
+SHA256_Begin(SHA256Context *ctx)
+{
+ memset(ctx, 0, sizeof *ctx);
+ memcpy(H, H256, sizeof H256);
+}
+
+static void
+SHA256_Compress(SHA256Context *ctx)
+{
+ {
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP4(W[0]);
+ BYTESWAP4(W[1]);
+ BYTESWAP4(W[2]);
+ BYTESWAP4(W[3]);
+ BYTESWAP4(W[4]);
+ BYTESWAP4(W[5]);
+ BYTESWAP4(W[6]);
+ BYTESWAP4(W[7]);
+ BYTESWAP4(W[8]);
+ BYTESWAP4(W[9]);
+ BYTESWAP4(W[10]);
+ BYTESWAP4(W[11]);
+ BYTESWAP4(W[12]);
+ BYTESWAP4(W[13]);
+ BYTESWAP4(W[14]);
+ BYTESWAP4(W[15]);
+#endif
+
+#define INITW(t) W[t] = (s1(W[t - 2]) + W[t - 7] + s0(W[t - 15]) + W[t - 16])
+
+/* prepare the "message schedule" */
+#ifdef NOUNROLL256
+ {
+ int t;
+ for (t = 16; t < 64; ++t) {
+ INITW(t);
+ }
+ }
+#else
+ INITW(16);
+ INITW(17);
+ INITW(18);
+ INITW(19);
+
+ INITW(20);
+ INITW(21);
+ INITW(22);
+ INITW(23);
+ INITW(24);
+ INITW(25);
+ INITW(26);
+ INITW(27);
+ INITW(28);
+ INITW(29);
+
+ INITW(30);
+ INITW(31);
+ INITW(32);
+ INITW(33);
+ INITW(34);
+ INITW(35);
+ INITW(36);
+ INITW(37);
+ INITW(38);
+ INITW(39);
+
+ INITW(40);
+ INITW(41);
+ INITW(42);
+ INITW(43);
+ INITW(44);
+ INITW(45);
+ INITW(46);
+ INITW(47);
+ INITW(48);
+ INITW(49);
+
+ INITW(50);
+ INITW(51);
+ INITW(52);
+ INITW(53);
+ INITW(54);
+ INITW(55);
+ INITW(56);
+ INITW(57);
+ INITW(58);
+ INITW(59);
+
+ INITW(60);
+ INITW(61);
+ INITW(62);
+ INITW(63);
+
+#endif
+#undef INITW
+ }
+ {
+ PRUint32 a, b, c, d, e, f, g, h;
+
+ a = H[0];
+ b = H[1];
+ c = H[2];
+ d = H[3];
+ e = H[4];
+ f = H[5];
+ g = H[6];
+ h = H[7];
+
+#define ROUND(n, a, b, c, d, e, f, g, h) \
+ h += S1(e) + Ch(e, f, g) + K256[n] + W[n]; \
+ d += h; \
+ h += S0(a) + Maj(a, b, c);
+
+#ifdef NOUNROLL256
+ {
+ int t;
+ for (t = 0; t < 64; t += 8) {
+ ROUND(t + 0, a, b, c, d, e, f, g, h)
+ ROUND(t + 1, h, a, b, c, d, e, f, g)
+ ROUND(t + 2, g, h, a, b, c, d, e, f)
+ ROUND(t + 3, f, g, h, a, b, c, d, e)
+ ROUND(t + 4, e, f, g, h, a, b, c, d)
+ ROUND(t + 5, d, e, f, g, h, a, b, c)
+ ROUND(t + 6, c, d, e, f, g, h, a, b)
+ ROUND(t + 7, b, c, d, e, f, g, h, a)
+ }
+ }
+#else
+ ROUND(0, a, b, c, d, e, f, g, h)
+ ROUND(1, h, a, b, c, d, e, f, g)
+ ROUND(2, g, h, a, b, c, d, e, f)
+ ROUND(3, f, g, h, a, b, c, d, e)
+ ROUND(4, e, f, g, h, a, b, c, d)
+ ROUND(5, d, e, f, g, h, a, b, c)
+ ROUND(6, c, d, e, f, g, h, a, b)
+ ROUND(7, b, c, d, e, f, g, h, a)
+
+ ROUND(8, a, b, c, d, e, f, g, h)
+ ROUND(9, h, a, b, c, d, e, f, g)
+ ROUND(10, g, h, a, b, c, d, e, f)
+ ROUND(11, f, g, h, a, b, c, d, e)
+ ROUND(12, e, f, g, h, a, b, c, d)
+ ROUND(13, d, e, f, g, h, a, b, c)
+ ROUND(14, c, d, e, f, g, h, a, b)
+ ROUND(15, b, c, d, e, f, g, h, a)
+
+ ROUND(16, a, b, c, d, e, f, g, h)
+ ROUND(17, h, a, b, c, d, e, f, g)
+ ROUND(18, g, h, a, b, c, d, e, f)
+ ROUND(19, f, g, h, a, b, c, d, e)
+ ROUND(20, e, f, g, h, a, b, c, d)
+ ROUND(21, d, e, f, g, h, a, b, c)
+ ROUND(22, c, d, e, f, g, h, a, b)
+ ROUND(23, b, c, d, e, f, g, h, a)
+
+ ROUND(24, a, b, c, d, e, f, g, h)
+ ROUND(25, h, a, b, c, d, e, f, g)
+ ROUND(26, g, h, a, b, c, d, e, f)
+ ROUND(27, f, g, h, a, b, c, d, e)
+ ROUND(28, e, f, g, h, a, b, c, d)
+ ROUND(29, d, e, f, g, h, a, b, c)
+ ROUND(30, c, d, e, f, g, h, a, b)
+ ROUND(31, b, c, d, e, f, g, h, a)
+
+ ROUND(32, a, b, c, d, e, f, g, h)
+ ROUND(33, h, a, b, c, d, e, f, g)
+ ROUND(34, g, h, a, b, c, d, e, f)
+ ROUND(35, f, g, h, a, b, c, d, e)
+ ROUND(36, e, f, g, h, a, b, c, d)
+ ROUND(37, d, e, f, g, h, a, b, c)
+ ROUND(38, c, d, e, f, g, h, a, b)
+ ROUND(39, b, c, d, e, f, g, h, a)
+
+ ROUND(40, a, b, c, d, e, f, g, h)
+ ROUND(41, h, a, b, c, d, e, f, g)
+ ROUND(42, g, h, a, b, c, d, e, f)
+ ROUND(43, f, g, h, a, b, c, d, e)
+ ROUND(44, e, f, g, h, a, b, c, d)
+ ROUND(45, d, e, f, g, h, a, b, c)
+ ROUND(46, c, d, e, f, g, h, a, b)
+ ROUND(47, b, c, d, e, f, g, h, a)
+
+ ROUND(48, a, b, c, d, e, f, g, h)
+ ROUND(49, h, a, b, c, d, e, f, g)
+ ROUND(50, g, h, a, b, c, d, e, f)
+ ROUND(51, f, g, h, a, b, c, d, e)
+ ROUND(52, e, f, g, h, a, b, c, d)
+ ROUND(53, d, e, f, g, h, a, b, c)
+ ROUND(54, c, d, e, f, g, h, a, b)
+ ROUND(55, b, c, d, e, f, g, h, a)
+
+ ROUND(56, a, b, c, d, e, f, g, h)
+ ROUND(57, h, a, b, c, d, e, f, g)
+ ROUND(58, g, h, a, b, c, d, e, f)
+ ROUND(59, f, g, h, a, b, c, d, e)
+ ROUND(60, e, f, g, h, a, b, c, d)
+ ROUND(61, d, e, f, g, h, a, b, c)
+ ROUND(62, c, d, e, f, g, h, a, b)
+ ROUND(63, b, c, d, e, f, g, h, a)
+#endif
+
+ H[0] += a;
+ H[1] += b;
+ H[2] += c;
+ H[3] += d;
+ H[4] += e;
+ H[5] += f;
+ H[6] += g;
+ H[7] += h;
+ }
+#undef ROUND
+}
+
+#undef s0
+#undef s1
+#undef S0
+#undef S1
+
+void
+SHA256_Update(SHA256Context *ctx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ unsigned int inBuf = ctx->sizeLo & 0x3f;
+ if (!inputLen)
+ return;
+
+ /* Add inputLen into the count of bytes processed, before processing */
+ if ((ctx->sizeLo += inputLen) < inputLen)
+ ctx->sizeHi++;
+
+ /* if data already in buffer, attemp to fill rest of buffer */
+ if (inBuf) {
+ unsigned int todo = SHA256_BLOCK_LENGTH - inBuf;
+ if (inputLen < todo)
+ todo = inputLen;
+ memcpy(B + inBuf, input, todo);
+ input += todo;
+ inputLen -= todo;
+ if (inBuf + todo == SHA256_BLOCK_LENGTH)
+ SHA256_Compress(ctx);
+ }
+
+ /* if enough data to fill one or more whole buffers, process them. */
+ while (inputLen >= SHA256_BLOCK_LENGTH) {
+ memcpy(B, input, SHA256_BLOCK_LENGTH);
+ input += SHA256_BLOCK_LENGTH;
+ inputLen -= SHA256_BLOCK_LENGTH;
+ SHA256_Compress(ctx);
+ }
+ /* if data left over, fill it into buffer */
+ if (inputLen)
+ memcpy(B, input, inputLen);
+}
+
+void
+SHA256_End(SHA256Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ unsigned int inBuf = ctx->sizeLo & 0x3f;
+ unsigned int padLen = (inBuf < 56) ? (56 - inBuf) : (56 + 64 - inBuf);
+ PRUint32 hi, lo;
+
+ hi = (ctx->sizeHi << 3) | (ctx->sizeLo >> 29);
+ lo = (ctx->sizeLo << 3);
+
+ SHA256_Update(ctx, pad, padLen);
+
+#if defined(IS_LITTLE_ENDIAN)
+ W[14] = SHA_HTONL(hi);
+ W[15] = SHA_HTONL(lo);
+#else
+ W[14] = hi;
+ W[15] = lo;
+#endif
+ SHA256_Compress(ctx);
+
+/* now output the answer */
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP4(H[0]);
+ BYTESWAP4(H[1]);
+ BYTESWAP4(H[2]);
+ BYTESWAP4(H[3]);
+ BYTESWAP4(H[4]);
+ BYTESWAP4(H[5]);
+ BYTESWAP4(H[6]);
+ BYTESWAP4(H[7]);
+#endif
+ padLen = PR_MIN(SHA256_LENGTH, maxDigestLen);
+ memcpy(digest, H, padLen);
+ if (digestLen)
+ *digestLen = padLen;
+}
+
+void
+SHA256_EndRaw(SHA256Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ PRUint32 h[8];
+ unsigned int len;
+
+ memcpy(h, ctx->h, sizeof(h));
+
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP4(h[0]);
+ BYTESWAP4(h[1]);
+ BYTESWAP4(h[2]);
+ BYTESWAP4(h[3]);
+ BYTESWAP4(h[4]);
+ BYTESWAP4(h[5]);
+ BYTESWAP4(h[6]);
+ BYTESWAP4(h[7]);
+#endif
+
+ len = PR_MIN(SHA256_LENGTH, maxDigestLen);
+ memcpy(digest, h, len);
+ if (digestLen)
+ *digestLen = len;
+}
+
+SECStatus
+SHA256_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length)
+{
+ SHA256Context ctx;
+ unsigned int outLen;
+
+ SHA256_Begin(&ctx);
+ SHA256_Update(&ctx, src, src_length);
+ SHA256_End(&ctx, dest, &outLen, SHA256_LENGTH);
+ memset(&ctx, 0, sizeof ctx);
+
+ return SECSuccess;
+}
+
+SECStatus
+SHA256_Hash(unsigned char *dest, const char *src)
+{
+ return SHA256_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+void
+SHA256_TraceState(SHA256Context *ctx)
+{
+}
+
+unsigned int
+SHA256_FlattenSize(SHA256Context *ctx)
+{
+ return sizeof *ctx;
+}
+
+SECStatus
+SHA256_Flatten(SHA256Context *ctx, unsigned char *space)
+{
+ PORT_Memcpy(space, ctx, sizeof *ctx);
+ return SECSuccess;
+}
+
+SHA256Context *
+SHA256_Resurrect(unsigned char *space, void *arg)
+{
+ SHA256Context *ctx = SHA256_NewContext();
+ if (ctx)
+ PORT_Memcpy(ctx, space, sizeof *ctx);
+ return ctx;
+}
+
+void
+SHA256_Clone(SHA256Context *dest, SHA256Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
+
+/* ============= SHA224 implementation ================================== */
+
+/* SHA-224 initial hash values */
+static const PRUint32 H224[8] = {
+ 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
+ 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4
+};
+
+SHA224Context *
+SHA224_NewContext(void)
+{
+ return SHA256_NewContext();
+}
+
+void
+SHA224_DestroyContext(SHA224Context *ctx, PRBool freeit)
+{
+ SHA256_DestroyContext(ctx, freeit);
+}
+
+void
+SHA224_Begin(SHA224Context *ctx)
+{
+ memset(ctx, 0, sizeof *ctx);
+ memcpy(H, H224, sizeof H224);
+}
+
+void
+SHA224_Update(SHA224Context *ctx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ SHA256_Update(ctx, input, inputLen);
+}
+
+void
+SHA224_End(SHA256Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ unsigned int maxLen = SHA_MIN(maxDigestLen, SHA224_LENGTH);
+ SHA256_End(ctx, digest, digestLen, maxLen);
+}
+
+void
+SHA224_EndRaw(SHA256Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ unsigned int maxLen = SHA_MIN(maxDigestLen, SHA224_LENGTH);
+ SHA256_EndRaw(ctx, digest, digestLen, maxLen);
+}
+
+SECStatus
+SHA224_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length)
+{
+ SHA256Context ctx;
+ unsigned int outLen;
+
+ SHA224_Begin(&ctx);
+ SHA256_Update(&ctx, src, src_length);
+ SHA256_End(&ctx, dest, &outLen, SHA224_LENGTH);
+ memset(&ctx, 0, sizeof ctx);
+
+ return SECSuccess;
+}
+
+SECStatus
+SHA224_Hash(unsigned char *dest, const char *src)
+{
+ return SHA224_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+void
+SHA224_TraceState(SHA224Context *ctx)
+{
+}
+
+unsigned int
+SHA224_FlattenSize(SHA224Context *ctx)
+{
+ return SHA256_FlattenSize(ctx);
+}
+
+SECStatus
+SHA224_Flatten(SHA224Context *ctx, unsigned char *space)
+{
+ return SHA256_Flatten(ctx, space);
+}
+
+SHA224Context *
+SHA224_Resurrect(unsigned char *space, void *arg)
+{
+ return SHA256_Resurrect(space, arg);
+}
+
+void
+SHA224_Clone(SHA224Context *dest, SHA224Context *src)
+{
+ SHA256_Clone(dest, src);
+}
+
+/* ======= SHA512 and SHA384 common constants and defines ================= */
+
+/* common #defines for SHA512 and SHA384 */
+#if defined(HAVE_LONG_LONG)
+#if defined(_MSC_VER)
+#pragma intrinsic(_rotr64, _rotl64)
+#define ROTR64(x, n) _rotr64(x, n)
+#define ROTL64(x, n) _rotl64(x, n)
+#else
+#define ROTR64(x, n) ((x >> n) | (x << (64 - n)))
+#define ROTL64(x, n) ((x << n) | (x >> (64 - n)))
+#endif
+
+#define S0(x) (ROTR64(x, 28) ^ ROTR64(x, 34) ^ ROTR64(x, 39))
+#define S1(x) (ROTR64(x, 14) ^ ROTR64(x, 18) ^ ROTR64(x, 41))
+#define s0(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ SHR(x, 7))
+#define s1(x) (ROTR64(x, 19) ^ ROTR64(x, 61) ^ SHR(x, 6))
+
+#if PR_BYTES_PER_LONG == 8
+#define ULLC(hi, lo) 0x##hi##lo##UL
+#elif defined(_MSC_VER)
+#define ULLC(hi, lo) 0x##hi##lo##ui64
+#else
+#define ULLC(hi, lo) 0x##hi##lo##ULL
+#endif
+
+#if defined(IS_LITTLE_ENDIAN)
+#if defined(_MSC_VER)
+#pragma intrinsic(_byteswap_uint64)
+#define SHA_HTONLL(x) _byteswap_uint64(x)
+
+#elif defined(__GNUC__) && (defined(__x86_64__) || defined(__x86_64))
+static __inline__ PRUint64
+swap8b(PRUint64 value)
+{
+ __asm__("bswapq %0"
+ : "+r"(value));
+ return (value);
+}
+#define SHA_HTONLL(x) swap8b(x)
+
+#else
+#define SHA_MASK16 ULLC(0000FFFF, 0000FFFF)
+#define SHA_MASK8 ULLC(00FF00FF, 00FF00FF)
+static PRUint64
+swap8b(PRUint64 x)
+{
+ PRUint64 t1 = x;
+ t1 = ((t1 & SHA_MASK8) << 8) | ((t1 >> 8) & SHA_MASK8);
+ t1 = ((t1 & SHA_MASK16) << 16) | ((t1 >> 16) & SHA_MASK16);
+ return (t1 >> 32) | (t1 << 32);
+}
+#define SHA_HTONLL(x) swap8b(x)
+#endif
+#define BYTESWAP8(x) x = SHA_HTONLL(x)
+#endif /* defined(IS_LITTLE_ENDIAN) */
+
+#else /* no long long */
+
+#if defined(IS_LITTLE_ENDIAN)
+#define ULLC(hi, lo) \
+ { \
+ 0x##lo##U, 0x##hi##U \
+ }
+#define SHA_HTONLL(x) (BYTESWAP4(x.lo), BYTESWAP4(x.hi), \
+ x.hi ^= x.lo ^= x.hi ^= x.lo, x)
+#define BYTESWAP8(x) \
+ do { \
+ PRUint32 tmp; \
+ BYTESWAP4(x.lo); \
+ BYTESWAP4(x.hi); \
+ tmp = x.lo; \
+ x.lo = x.hi; \
+ x.hi = tmp; \
+ } while (0)
+#else
+#define ULLC(hi, lo) \
+ { \
+ 0x##hi##U, 0x##lo##U \
+ }
+#endif
+
+#endif
+
+/* SHA-384 and SHA-512 constants, K512. */
+static const PRUint64 K512[80] = {
+#if PR_BYTES_PER_LONG == 8
+ 0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+ 0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+ 0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+ 0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+ 0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+ 0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+ 0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+ 0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+ 0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+ 0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+ 0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+ 0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+ 0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+ 0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+ 0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+ 0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+ 0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+ 0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+ 0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+ 0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+ 0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+ 0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+ 0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+ 0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+ 0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+ 0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+ 0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+ 0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+ 0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+ 0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+ 0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+ 0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+ 0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+ 0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+ 0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+ 0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+ 0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+ 0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+ 0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+ 0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL
+#else
+ ULLC(428a2f98, d728ae22), ULLC(71374491, 23ef65cd),
+ ULLC(b5c0fbcf, ec4d3b2f), ULLC(e9b5dba5, 8189dbbc),
+ ULLC(3956c25b, f348b538), ULLC(59f111f1, b605d019),
+ ULLC(923f82a4, af194f9b), ULLC(ab1c5ed5, da6d8118),
+ ULLC(d807aa98, a3030242), ULLC(12835b01, 45706fbe),
+ ULLC(243185be, 4ee4b28c), ULLC(550c7dc3, d5ffb4e2),
+ ULLC(72be5d74, f27b896f), ULLC(80deb1fe, 3b1696b1),
+ ULLC(9bdc06a7, 25c71235), ULLC(c19bf174, cf692694),
+ ULLC(e49b69c1, 9ef14ad2), ULLC(efbe4786, 384f25e3),
+ ULLC(0fc19dc6, 8b8cd5b5), ULLC(240ca1cc, 77ac9c65),
+ ULLC(2de92c6f, 592b0275), ULLC(4a7484aa, 6ea6e483),
+ ULLC(5cb0a9dc, bd41fbd4), ULLC(76f988da, 831153b5),
+ ULLC(983e5152, ee66dfab), ULLC(a831c66d, 2db43210),
+ ULLC(b00327c8, 98fb213f), ULLC(bf597fc7, beef0ee4),
+ ULLC(c6e00bf3, 3da88fc2), ULLC(d5a79147, 930aa725),
+ ULLC(06ca6351, e003826f), ULLC(14292967, 0a0e6e70),
+ ULLC(27b70a85, 46d22ffc), ULLC(2e1b2138, 5c26c926),
+ ULLC(4d2c6dfc, 5ac42aed), ULLC(53380d13, 9d95b3df),
+ ULLC(650a7354, 8baf63de), ULLC(766a0abb, 3c77b2a8),
+ ULLC(81c2c92e, 47edaee6), ULLC(92722c85, 1482353b),
+ ULLC(a2bfe8a1, 4cf10364), ULLC(a81a664b, bc423001),
+ ULLC(c24b8b70, d0f89791), ULLC(c76c51a3, 0654be30),
+ ULLC(d192e819, d6ef5218), ULLC(d6990624, 5565a910),
+ ULLC(f40e3585, 5771202a), ULLC(106aa070, 32bbd1b8),
+ ULLC(19a4c116, b8d2d0c8), ULLC(1e376c08, 5141ab53),
+ ULLC(2748774c, df8eeb99), ULLC(34b0bcb5, e19b48a8),
+ ULLC(391c0cb3, c5c95a63), ULLC(4ed8aa4a, e3418acb),
+ ULLC(5b9cca4f, 7763e373), ULLC(682e6ff3, d6b2b8a3),
+ ULLC(748f82ee, 5defb2fc), ULLC(78a5636f, 43172f60),
+ ULLC(84c87814, a1f0ab72), ULLC(8cc70208, 1a6439ec),
+ ULLC(90befffa, 23631e28), ULLC(a4506ceb, de82bde9),
+ ULLC(bef9a3f7, b2c67915), ULLC(c67178f2, e372532b),
+ ULLC(ca273ece, ea26619c), ULLC(d186b8c7, 21c0c207),
+ ULLC(eada7dd6, cde0eb1e), ULLC(f57d4f7f, ee6ed178),
+ ULLC(06f067aa, 72176fba), ULLC(0a637dc5, a2c898a6),
+ ULLC(113f9804, bef90dae), ULLC(1b710b35, 131c471b),
+ ULLC(28db77f5, 23047d84), ULLC(32caab7b, 40c72493),
+ ULLC(3c9ebe0a, 15c9bebc), ULLC(431d67c4, 9c100d4c),
+ ULLC(4cc5d4be, cb3e42b6), ULLC(597f299c, fc657e2a),
+ ULLC(5fcb6fab, 3ad6faec), ULLC(6c44198c, 4a475817)
+#endif
+};
+
+struct SHA512ContextStr {
+ union {
+ PRUint64 w[80]; /* message schedule, input buffer, plus 64 words */
+ PRUint32 l[160];
+ PRUint8 b[640];
+ } u;
+ PRUint64 h[8]; /* 8 state variables */
+ PRUint64 sizeLo; /* 64-bit count of hashed bytes. */
+};
+
+/* =========== SHA512 implementation ===================================== */
+
+/* SHA-512 initial hash values */
+static const PRUint64 H512[8] = {
+#if PR_BYTES_PER_LONG == 8
+ 0x6a09e667f3bcc908UL, 0xbb67ae8584caa73bUL,
+ 0x3c6ef372fe94f82bUL, 0xa54ff53a5f1d36f1UL,
+ 0x510e527fade682d1UL, 0x9b05688c2b3e6c1fUL,
+ 0x1f83d9abfb41bd6bUL, 0x5be0cd19137e2179UL
+#else
+ ULLC(6a09e667, f3bcc908), ULLC(bb67ae85, 84caa73b),
+ ULLC(3c6ef372, fe94f82b), ULLC(a54ff53a, 5f1d36f1),
+ ULLC(510e527f, ade682d1), ULLC(9b05688c, 2b3e6c1f),
+ ULLC(1f83d9ab, fb41bd6b), ULLC(5be0cd19, 137e2179)
+#endif
+};
+
+SHA512Context *
+SHA512_NewContext(void)
+{
+ SHA512Context *ctx = PORT_New(SHA512Context);
+ return ctx;
+}
+
+void
+SHA512_DestroyContext(SHA512Context *ctx, PRBool freeit)
+{
+ memset(ctx, 0, sizeof *ctx);
+ if (freeit) {
+ PORT_Free(ctx);
+ }
+}
+
+void
+SHA512_Begin(SHA512Context *ctx)
+{
+ memset(ctx, 0, sizeof *ctx);
+ memcpy(H, H512, sizeof H512);
+}
+
+#if defined(SHA512_TRACE)
+#if defined(HAVE_LONG_LONG)
+#define DUMP(n, a, d, e, h) printf(" t = %2d, %s = %016lx, %s = %016lx\n", \
+ n, #e, d, #a, h);
+#else
+#define DUMP(n, a, d, e, h) printf(" t = %2d, %s = %08x%08x, %s = %08x%08x\n", \
+ n, #e, d.hi, d.lo, #a, h.hi, h.lo);
+#endif
+#else
+#define DUMP(n, a, d, e, h)
+#endif
+
+#if defined(HAVE_LONG_LONG)
+
+#define ADDTO(x, y) y += x
+
+#define INITW(t) W[t] = (s1(W[t - 2]) + W[t - 7] + s0(W[t - 15]) + W[t - 16])
+
+#define ROUND(n, a, b, c, d, e, f, g, h) \
+ h += S1(e) + Ch(e, f, g) + K512[n] + W[n]; \
+ d += h; \
+ h += S0(a) + Maj(a, b, c); \
+ DUMP(n, a, d, e, h)
+
+#else /* use only 32-bit variables, and don't unroll loops */
+
+#undef NOUNROLL512
+#define NOUNROLL512 1
+
+#define ADDTO(x, y) \
+ y.lo += x.lo; \
+ y.hi += x.hi + (x.lo > y.lo)
+
+#define ROTR64a(x, n, lo, hi) (x.lo >> n | x.hi << (32 - n))
+#define ROTR64A(x, n, lo, hi) (x.lo << (64 - n) | x.hi >> (n - 32))
+#define SHR64a(x, n, lo, hi) (x.lo >> n | x.hi << (32 - n))
+
+/* Capitol Sigma and lower case sigma functions */
+#define s0lo(x) (ROTR64a(x, 1, lo, hi) ^ ROTR64a(x, 8, lo, hi) ^ SHR64a(x, 7, lo, hi))
+#define s0hi(x) (ROTR64a(x, 1, hi, lo) ^ ROTR64a(x, 8, hi, lo) ^ (x.hi >> 7))
+
+#define s1lo(x) (ROTR64a(x, 19, lo, hi) ^ ROTR64A(x, 61, lo, hi) ^ SHR64a(x, 6, lo, hi))
+#define s1hi(x) (ROTR64a(x, 19, hi, lo) ^ ROTR64A(x, 61, hi, lo) ^ (x.hi >> 6))
+
+#define S0lo(x) (ROTR64a(x, 28, lo, hi) ^ ROTR64A(x, 34, lo, hi) ^ ROTR64A(x, 39, lo, hi))
+#define S0hi(x) (ROTR64a(x, 28, hi, lo) ^ ROTR64A(x, 34, hi, lo) ^ ROTR64A(x, 39, hi, lo))
+
+#define S1lo(x) (ROTR64a(x, 14, lo, hi) ^ ROTR64a(x, 18, lo, hi) ^ ROTR64A(x, 41, lo, hi))
+#define S1hi(x) (ROTR64a(x, 14, hi, lo) ^ ROTR64a(x, 18, hi, lo) ^ ROTR64A(x, 41, hi, lo))
+
+/* 32-bit versions of Ch and Maj */
+#define Chxx(x, y, z, lo) ((x.lo & y.lo) ^ (~x.lo & z.lo))
+#define Majx(x, y, z, lo) ((x.lo & y.lo) ^ (x.lo & z.lo) ^ (y.lo & z.lo))
+
+#define INITW(t) \
+ do { \
+ PRUint32 lo, tm; \
+ PRUint32 cy = 0; \
+ lo = s1lo(W[t - 2]); \
+ lo += (tm = W[t - 7].lo); \
+ if (lo < tm) \
+ cy++; \
+ lo += (tm = s0lo(W[t - 15])); \
+ if (lo < tm) \
+ cy++; \
+ lo += (tm = W[t - 16].lo); \
+ if (lo < tm) \
+ cy++; \
+ W[t].lo = lo; \
+ W[t].hi = cy + s1hi(W[t - 2]) + W[t - 7].hi + s0hi(W[t - 15]) + W[t - 16].hi; \
+ } while (0)
+
+#define ROUND(n, a, b, c, d, e, f, g, h) \
+ { \
+ PRUint32 lo, tm, cy; \
+ lo = S1lo(e); \
+ lo += (tm = Chxx(e, f, g, lo)); \
+ cy = (lo < tm); \
+ lo += (tm = K512[n].lo); \
+ if (lo < tm) \
+ cy++; \
+ lo += (tm = W[n].lo); \
+ if (lo < tm) \
+ cy++; \
+ h.lo += lo; \
+ if (h.lo < lo) \
+ cy++; \
+ h.hi += cy + S1hi(e) + Chxx(e, f, g, hi) + K512[n].hi + W[n].hi; \
+ d.lo += h.lo; \
+ d.hi += h.hi + (d.lo < h.lo); \
+ lo = S0lo(a); \
+ lo += (tm = Majx(a, b, c, lo)); \
+ cy = (lo < tm); \
+ h.lo += lo; \
+ if (h.lo < lo) \
+ cy++; \
+ h.hi += cy + S0hi(a) + Majx(a, b, c, hi); \
+ DUMP(n, a, d, e, h) \
+ }
+#endif
+
+static void
+SHA512_Compress(SHA512Context *ctx)
+{
+#if defined(IS_LITTLE_ENDIAN)
+ {
+ BYTESWAP8(W[0]);
+ BYTESWAP8(W[1]);
+ BYTESWAP8(W[2]);
+ BYTESWAP8(W[3]);
+ BYTESWAP8(W[4]);
+ BYTESWAP8(W[5]);
+ BYTESWAP8(W[6]);
+ BYTESWAP8(W[7]);
+ BYTESWAP8(W[8]);
+ BYTESWAP8(W[9]);
+ BYTESWAP8(W[10]);
+ BYTESWAP8(W[11]);
+ BYTESWAP8(W[12]);
+ BYTESWAP8(W[13]);
+ BYTESWAP8(W[14]);
+ BYTESWAP8(W[15]);
+ }
+#endif
+
+ {
+#ifdef NOUNROLL512
+ {
+ /* prepare the "message schedule" */
+ int t;
+ for (t = 16; t < 80; ++t) {
+ INITW(t);
+ }
+ }
+#else
+ INITW(16);
+ INITW(17);
+ INITW(18);
+ INITW(19);
+
+ INITW(20);
+ INITW(21);
+ INITW(22);
+ INITW(23);
+ INITW(24);
+ INITW(25);
+ INITW(26);
+ INITW(27);
+ INITW(28);
+ INITW(29);
+
+ INITW(30);
+ INITW(31);
+ INITW(32);
+ INITW(33);
+ INITW(34);
+ INITW(35);
+ INITW(36);
+ INITW(37);
+ INITW(38);
+ INITW(39);
+
+ INITW(40);
+ INITW(41);
+ INITW(42);
+ INITW(43);
+ INITW(44);
+ INITW(45);
+ INITW(46);
+ INITW(47);
+ INITW(48);
+ INITW(49);
+
+ INITW(50);
+ INITW(51);
+ INITW(52);
+ INITW(53);
+ INITW(54);
+ INITW(55);
+ INITW(56);
+ INITW(57);
+ INITW(58);
+ INITW(59);
+
+ INITW(60);
+ INITW(61);
+ INITW(62);
+ INITW(63);
+ INITW(64);
+ INITW(65);
+ INITW(66);
+ INITW(67);
+ INITW(68);
+ INITW(69);
+
+ INITW(70);
+ INITW(71);
+ INITW(72);
+ INITW(73);
+ INITW(74);
+ INITW(75);
+ INITW(76);
+ INITW(77);
+ INITW(78);
+ INITW(79);
+#endif
+ }
+#ifdef SHA512_TRACE
+ {
+ int i;
+ for (i = 0; i < 80; ++i) {
+#ifdef HAVE_LONG_LONG
+ printf("W[%2d] = %016lx\n", i, W[i]);
+#else
+ printf("W[%2d] = %08x%08x\n", i, W[i].hi, W[i].lo);
+#endif
+ }
+ }
+#endif
+ {
+ PRUint64 a, b, c, d, e, f, g, h;
+
+ a = H[0];
+ b = H[1];
+ c = H[2];
+ d = H[3];
+ e = H[4];
+ f = H[5];
+ g = H[6];
+ h = H[7];
+
+#ifdef NOUNROLL512
+ {
+ int t;
+ for (t = 0; t < 80; t += 8) {
+ ROUND(t + 0, a, b, c, d, e, f, g, h)
+ ROUND(t + 1, h, a, b, c, d, e, f, g)
+ ROUND(t + 2, g, h, a, b, c, d, e, f)
+ ROUND(t + 3, f, g, h, a, b, c, d, e)
+ ROUND(t + 4, e, f, g, h, a, b, c, d)
+ ROUND(t + 5, d, e, f, g, h, a, b, c)
+ ROUND(t + 6, c, d, e, f, g, h, a, b)
+ ROUND(t + 7, b, c, d, e, f, g, h, a)
+ }
+ }
+#else
+ ROUND(0, a, b, c, d, e, f, g, h)
+ ROUND(1, h, a, b, c, d, e, f, g)
+ ROUND(2, g, h, a, b, c, d, e, f)
+ ROUND(3, f, g, h, a, b, c, d, e)
+ ROUND(4, e, f, g, h, a, b, c, d)
+ ROUND(5, d, e, f, g, h, a, b, c)
+ ROUND(6, c, d, e, f, g, h, a, b)
+ ROUND(7, b, c, d, e, f, g, h, a)
+
+ ROUND(8, a, b, c, d, e, f, g, h)
+ ROUND(9, h, a, b, c, d, e, f, g)
+ ROUND(10, g, h, a, b, c, d, e, f)
+ ROUND(11, f, g, h, a, b, c, d, e)
+ ROUND(12, e, f, g, h, a, b, c, d)
+ ROUND(13, d, e, f, g, h, a, b, c)
+ ROUND(14, c, d, e, f, g, h, a, b)
+ ROUND(15, b, c, d, e, f, g, h, a)
+
+ ROUND(16, a, b, c, d, e, f, g, h)
+ ROUND(17, h, a, b, c, d, e, f, g)
+ ROUND(18, g, h, a, b, c, d, e, f)
+ ROUND(19, f, g, h, a, b, c, d, e)
+ ROUND(20, e, f, g, h, a, b, c, d)
+ ROUND(21, d, e, f, g, h, a, b, c)
+ ROUND(22, c, d, e, f, g, h, a, b)
+ ROUND(23, b, c, d, e, f, g, h, a)
+
+ ROUND(24, a, b, c, d, e, f, g, h)
+ ROUND(25, h, a, b, c, d, e, f, g)
+ ROUND(26, g, h, a, b, c, d, e, f)
+ ROUND(27, f, g, h, a, b, c, d, e)
+ ROUND(28, e, f, g, h, a, b, c, d)
+ ROUND(29, d, e, f, g, h, a, b, c)
+ ROUND(30, c, d, e, f, g, h, a, b)
+ ROUND(31, b, c, d, e, f, g, h, a)
+
+ ROUND(32, a, b, c, d, e, f, g, h)
+ ROUND(33, h, a, b, c, d, e, f, g)
+ ROUND(34, g, h, a, b, c, d, e, f)
+ ROUND(35, f, g, h, a, b, c, d, e)
+ ROUND(36, e, f, g, h, a, b, c, d)
+ ROUND(37, d, e, f, g, h, a, b, c)
+ ROUND(38, c, d, e, f, g, h, a, b)
+ ROUND(39, b, c, d, e, f, g, h, a)
+
+ ROUND(40, a, b, c, d, e, f, g, h)
+ ROUND(41, h, a, b, c, d, e, f, g)
+ ROUND(42, g, h, a, b, c, d, e, f)
+ ROUND(43, f, g, h, a, b, c, d, e)
+ ROUND(44, e, f, g, h, a, b, c, d)
+ ROUND(45, d, e, f, g, h, a, b, c)
+ ROUND(46, c, d, e, f, g, h, a, b)
+ ROUND(47, b, c, d, e, f, g, h, a)
+
+ ROUND(48, a, b, c, d, e, f, g, h)
+ ROUND(49, h, a, b, c, d, e, f, g)
+ ROUND(50, g, h, a, b, c, d, e, f)
+ ROUND(51, f, g, h, a, b, c, d, e)
+ ROUND(52, e, f, g, h, a, b, c, d)
+ ROUND(53, d, e, f, g, h, a, b, c)
+ ROUND(54, c, d, e, f, g, h, a, b)
+ ROUND(55, b, c, d, e, f, g, h, a)
+
+ ROUND(56, a, b, c, d, e, f, g, h)
+ ROUND(57, h, a, b, c, d, e, f, g)
+ ROUND(58, g, h, a, b, c, d, e, f)
+ ROUND(59, f, g, h, a, b, c, d, e)
+ ROUND(60, e, f, g, h, a, b, c, d)
+ ROUND(61, d, e, f, g, h, a, b, c)
+ ROUND(62, c, d, e, f, g, h, a, b)
+ ROUND(63, b, c, d, e, f, g, h, a)
+
+ ROUND(64, a, b, c, d, e, f, g, h)
+ ROUND(65, h, a, b, c, d, e, f, g)
+ ROUND(66, g, h, a, b, c, d, e, f)
+ ROUND(67, f, g, h, a, b, c, d, e)
+ ROUND(68, e, f, g, h, a, b, c, d)
+ ROUND(69, d, e, f, g, h, a, b, c)
+ ROUND(70, c, d, e, f, g, h, a, b)
+ ROUND(71, b, c, d, e, f, g, h, a)
+
+ ROUND(72, a, b, c, d, e, f, g, h)
+ ROUND(73, h, a, b, c, d, e, f, g)
+ ROUND(74, g, h, a, b, c, d, e, f)
+ ROUND(75, f, g, h, a, b, c, d, e)
+ ROUND(76, e, f, g, h, a, b, c, d)
+ ROUND(77, d, e, f, g, h, a, b, c)
+ ROUND(78, c, d, e, f, g, h, a, b)
+ ROUND(79, b, c, d, e, f, g, h, a)
+#endif
+
+ ADDTO(a, H[0]);
+ ADDTO(b, H[1]);
+ ADDTO(c, H[2]);
+ ADDTO(d, H[3]);
+ ADDTO(e, H[4]);
+ ADDTO(f, H[5]);
+ ADDTO(g, H[6]);
+ ADDTO(h, H[7]);
+ }
+}
+
+void
+SHA512_Update(SHA512Context *ctx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ unsigned int inBuf;
+ if (!inputLen)
+ return;
+
+#if defined(HAVE_LONG_LONG)
+ inBuf = (unsigned int)ctx->sizeLo & 0x7f;
+ /* Add inputLen into the count of bytes processed, before processing */
+ ctx->sizeLo += inputLen;
+#else
+ inBuf = (unsigned int)ctx->sizeLo.lo & 0x7f;
+ ctx->sizeLo.lo += inputLen;
+ if (ctx->sizeLo.lo < inputLen)
+ ctx->sizeLo.hi++;
+#endif
+
+ /* if data already in buffer, attemp to fill rest of buffer */
+ if (inBuf) {
+ unsigned int todo = SHA512_BLOCK_LENGTH - inBuf;
+ if (inputLen < todo)
+ todo = inputLen;
+ memcpy(B + inBuf, input, todo);
+ input += todo;
+ inputLen -= todo;
+ if (inBuf + todo == SHA512_BLOCK_LENGTH)
+ SHA512_Compress(ctx);
+ }
+
+ /* if enough data to fill one or more whole buffers, process them. */
+ while (inputLen >= SHA512_BLOCK_LENGTH) {
+ memcpy(B, input, SHA512_BLOCK_LENGTH);
+ input += SHA512_BLOCK_LENGTH;
+ inputLen -= SHA512_BLOCK_LENGTH;
+ SHA512_Compress(ctx);
+ }
+ /* if data left over, fill it into buffer */
+ if (inputLen)
+ memcpy(B, input, inputLen);
+}
+
+void
+SHA512_End(SHA512Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+#if defined(HAVE_LONG_LONG)
+ unsigned int inBuf = (unsigned int)ctx->sizeLo & 0x7f;
+#else
+ unsigned int inBuf = (unsigned int)ctx->sizeLo.lo & 0x7f;
+#endif
+ unsigned int padLen = (inBuf < 112) ? (112 - inBuf) : (112 + 128 - inBuf);
+ PRUint64 lo;
+ LL_SHL(lo, ctx->sizeLo, 3);
+
+ SHA512_Update(ctx, pad, padLen);
+
+#if defined(HAVE_LONG_LONG)
+ W[14] = 0;
+#else
+ W[14].lo = 0;
+ W[14].hi = 0;
+#endif
+
+ W[15] = lo;
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP8(W[15]);
+#endif
+ SHA512_Compress(ctx);
+
+/* now output the answer */
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP8(H[0]);
+ BYTESWAP8(H[1]);
+ BYTESWAP8(H[2]);
+ BYTESWAP8(H[3]);
+ BYTESWAP8(H[4]);
+ BYTESWAP8(H[5]);
+ BYTESWAP8(H[6]);
+ BYTESWAP8(H[7]);
+#endif
+ padLen = PR_MIN(SHA512_LENGTH, maxDigestLen);
+ memcpy(digest, H, padLen);
+ if (digestLen)
+ *digestLen = padLen;
+}
+
+void
+SHA512_EndRaw(SHA512Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ PRUint64 h[8];
+ unsigned int len;
+
+ memcpy(h, ctx->h, sizeof(h));
+
+#if defined(IS_LITTLE_ENDIAN)
+ BYTESWAP8(h[0]);
+ BYTESWAP8(h[1]);
+ BYTESWAP8(h[2]);
+ BYTESWAP8(h[3]);
+ BYTESWAP8(h[4]);
+ BYTESWAP8(h[5]);
+ BYTESWAP8(h[6]);
+ BYTESWAP8(h[7]);
+#endif
+ len = PR_MIN(SHA512_LENGTH, maxDigestLen);
+ memcpy(digest, h, len);
+ if (digestLen)
+ *digestLen = len;
+}
+
+SECStatus
+SHA512_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length)
+{
+ SHA512Context ctx;
+ unsigned int outLen;
+
+ SHA512_Begin(&ctx);
+ SHA512_Update(&ctx, src, src_length);
+ SHA512_End(&ctx, dest, &outLen, SHA512_LENGTH);
+ memset(&ctx, 0, sizeof ctx);
+
+ return SECSuccess;
+}
+
+SECStatus
+SHA512_Hash(unsigned char *dest, const char *src)
+{
+ return SHA512_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+void
+SHA512_TraceState(SHA512Context *ctx)
+{
+}
+
+unsigned int
+SHA512_FlattenSize(SHA512Context *ctx)
+{
+ return sizeof *ctx;
+}
+
+SECStatus
+SHA512_Flatten(SHA512Context *ctx, unsigned char *space)
+{
+ PORT_Memcpy(space, ctx, sizeof *ctx);
+ return SECSuccess;
+}
+
+SHA512Context *
+SHA512_Resurrect(unsigned char *space, void *arg)
+{
+ SHA512Context *ctx = SHA512_NewContext();
+ if (ctx)
+ PORT_Memcpy(ctx, space, sizeof *ctx);
+ return ctx;
+}
+
+void
+SHA512_Clone(SHA512Context *dest, SHA512Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
+
+/* ======================================================================= */
+/* SHA384 uses a SHA512Context as the real context.
+** The only differences between SHA384 an SHA512 are:
+** a) the intialization values for the context, and
+** b) the number of bytes of data produced as output.
+*/
+
+/* SHA-384 initial hash values */
+static const PRUint64 H384[8] = {
+#if PR_BYTES_PER_LONG == 8
+ 0xcbbb9d5dc1059ed8UL, 0x629a292a367cd507UL,
+ 0x9159015a3070dd17UL, 0x152fecd8f70e5939UL,
+ 0x67332667ffc00b31UL, 0x8eb44a8768581511UL,
+ 0xdb0c2e0d64f98fa7UL, 0x47b5481dbefa4fa4UL
+#else
+ ULLC(cbbb9d5d, c1059ed8), ULLC(629a292a, 367cd507),
+ ULLC(9159015a, 3070dd17), ULLC(152fecd8, f70e5939),
+ ULLC(67332667, ffc00b31), ULLC(8eb44a87, 68581511),
+ ULLC(db0c2e0d, 64f98fa7), ULLC(47b5481d, befa4fa4)
+#endif
+};
+
+SHA384Context *
+SHA384_NewContext(void)
+{
+ return SHA512_NewContext();
+}
+
+void
+SHA384_DestroyContext(SHA384Context *ctx, PRBool freeit)
+{
+ SHA512_DestroyContext(ctx, freeit);
+}
+
+void
+SHA384_Begin(SHA384Context *ctx)
+{
+ memset(ctx, 0, sizeof *ctx);
+ memcpy(H, H384, sizeof H384);
+}
+
+void
+SHA384_Update(SHA384Context *ctx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ SHA512_Update(ctx, input, inputLen);
+}
+
+void
+SHA384_End(SHA384Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ unsigned int maxLen = SHA_MIN(maxDigestLen, SHA384_LENGTH);
+ SHA512_End(ctx, digest, digestLen, maxLen);
+}
+
+void
+SHA384_EndRaw(SHA384Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ unsigned int maxLen = SHA_MIN(maxDigestLen, SHA384_LENGTH);
+ SHA512_EndRaw(ctx, digest, digestLen, maxLen);
+}
+
+SECStatus
+SHA384_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length)
+{
+ SHA512Context ctx;
+ unsigned int outLen;
+
+ SHA384_Begin(&ctx);
+ SHA512_Update(&ctx, src, src_length);
+ SHA512_End(&ctx, dest, &outLen, SHA384_LENGTH);
+ memset(&ctx, 0, sizeof ctx);
+
+ return SECSuccess;
+}
+
+SECStatus
+SHA384_Hash(unsigned char *dest, const char *src)
+{
+ return SHA384_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+void
+SHA384_TraceState(SHA384Context *ctx)
+{
+}
+
+unsigned int
+SHA384_FlattenSize(SHA384Context *ctx)
+{
+ return sizeof(SHA384Context);
+}
+
+SECStatus
+SHA384_Flatten(SHA384Context *ctx, unsigned char *space)
+{
+ return SHA512_Flatten(ctx, space);
+}
+
+SHA384Context *
+SHA384_Resurrect(unsigned char *space, void *arg)
+{
+ return SHA512_Resurrect(space, arg);
+}
+
+void
+SHA384_Clone(SHA384Context *dest, SHA384Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
+
+/* ======================================================================= */
+#ifdef SELFTEST
+#include <stdio.h>
+
+static const char abc[] = { "abc" };
+static const char abcdbc[] = {
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+};
+static const char abcdef[] = {
+ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+ "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+};
+
+void
+dumpHash32(const unsigned char *buf, unsigned int bufLen)
+{
+ unsigned int i;
+ for (i = 0; i < bufLen; i += 4) {
+ printf(" %02x%02x%02x%02x", buf[i], buf[i + 1], buf[i + 2], buf[i + 3]);
+ }
+ printf("\n");
+}
+
+void
+test256(void)
+{
+ unsigned char outBuf[SHA256_LENGTH];
+
+ printf("SHA256, input = %s\n", abc);
+ SHA256_Hash(outBuf, abc);
+ dumpHash32(outBuf, sizeof outBuf);
+
+ printf("SHA256, input = %s\n", abcdbc);
+ SHA256_Hash(outBuf, abcdbc);
+ dumpHash32(outBuf, sizeof outBuf);
+}
+
+void
+test224(void)
+{
+ SHA224Context ctx;
+ unsigned char a1000times[1000];
+ unsigned int outLen;
+ unsigned char outBuf[SHA224_LENGTH];
+ int i;
+
+ /* Test Vector 1 */
+ printf("SHA224, input = %s\n", abc);
+ SHA224_Hash(outBuf, abc);
+ dumpHash32(outBuf, sizeof outBuf);
+
+ /* Test Vector 2 */
+ printf("SHA224, input = %s\n", abcdbc);
+ SHA224_Hash(outBuf, abcdbc);
+ dumpHash32(outBuf, sizeof outBuf);
+
+ /* Test Vector 3 */
+
+ /* to hash one million 'a's perform 1000
+ * sha224 updates on a buffer with 1000 'a's
+ */
+ memset(a1000times, 'a', 1000);
+ printf("SHA224, input = %s\n", "a one million times");
+ SHA224_Begin(&ctx);
+ for (i = 0; i < 1000; i++)
+ SHA224_Update(&ctx, a1000times, 1000);
+ SHA224_End(&ctx, outBuf, &outLen, SHA224_LENGTH);
+ dumpHash32(outBuf, sizeof outBuf);
+}
+
+void
+dumpHash64(const unsigned char *buf, unsigned int bufLen)
+{
+ unsigned int i;
+ for (i = 0; i < bufLen; i += 8) {
+ if (i % 32 == 0)
+ printf("\n");
+ printf(" %02x%02x%02x%02x%02x%02x%02x%02x",
+ buf[i], buf[i + 1], buf[i + 2], buf[i + 3],
+ buf[i + 4], buf[i + 5], buf[i + 6], buf[i + 7]);
+ }
+ printf("\n");
+}
+
+void
+test512(void)
+{
+ unsigned char outBuf[SHA512_LENGTH];
+
+ printf("SHA512, input = %s\n", abc);
+ SHA512_Hash(outBuf, abc);
+ dumpHash64(outBuf, sizeof outBuf);
+
+ printf("SHA512, input = %s\n", abcdef);
+ SHA512_Hash(outBuf, abcdef);
+ dumpHash64(outBuf, sizeof outBuf);
+}
+
+void
+time512(void)
+{
+ unsigned char outBuf[SHA512_LENGTH];
+
+ SHA512_Hash(outBuf, abc);
+ SHA512_Hash(outBuf, abcdef);
+}
+
+void
+test384(void)
+{
+ unsigned char outBuf[SHA384_LENGTH];
+
+ printf("SHA384, input = %s\n", abc);
+ SHA384_Hash(outBuf, abc);
+ dumpHash64(outBuf, sizeof outBuf);
+
+ printf("SHA384, input = %s\n", abcdef);
+ SHA384_Hash(outBuf, abcdef);
+ dumpHash64(outBuf, sizeof outBuf);
+}
+
+int
+main(int argc, char *argv[], char *envp[])
+{
+ int i = 1;
+ if (argc > 1) {
+ i = atoi(argv[1]);
+ }
+ if (i < 2) {
+ test224();
+ test256();
+ test384();
+ test512();
+ } else {
+ while (i-- > 0) {
+ time512();
+ }
+ printf("done\n");
+ }
+ return 0;
+}
+
+void *
+PORT_Alloc(size_t len)
+{
+ return malloc(len);
+}
+void
+PORT_Free(void *ptr)
+{
+ free(ptr);
+}
+void
+PORT_ZFree(void *ptr, size_t len)
+{
+ memset(ptr, 0, len);
+ free(ptr);
+}
+#endif
diff --git a/security/nss/lib/freebl/sha_fast.c b/security/nss/lib/freebl/sha_fast.c
new file mode 100644
index 000000000..52071f0c9
--- /dev/null
+++ b/security/nss/lib/freebl/sha_fast.c
@@ -0,0 +1,545 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include <memory.h>
+#include "blapi.h"
+#include "sha_fast.h"
+#include "prerror.h"
+
+#ifdef TRACING_SSL
+#include "ssl.h"
+#include "ssltrace.h"
+#endif
+
+static void shaCompress(volatile SHA_HW_t *X, const PRUint32 *datain);
+
+#define W u.w
+#define B u.b
+
+#define SHA_F1(X, Y, Z) ((((Y) ^ (Z)) & (X)) ^ (Z))
+#define SHA_F2(X, Y, Z) ((X) ^ (Y) ^ (Z))
+#define SHA_F3(X, Y, Z) (((X) & (Y)) | ((Z) & ((X) | (Y))))
+#define SHA_F4(X, Y, Z) ((X) ^ (Y) ^ (Z))
+
+#define SHA_MIX(n, a, b, c) XW(n) = SHA_ROTL(XW(a) ^ XW(b) ^ XW(c) ^ XW(n), 1)
+
+/*
+ * SHA: initialize context
+ */
+void
+SHA1_Begin(SHA1Context *ctx)
+{
+ ctx->size = 0;
+ /*
+ * Initialize H with constants from FIPS180-1.
+ */
+ ctx->H[0] = 0x67452301L;
+ ctx->H[1] = 0xefcdab89L;
+ ctx->H[2] = 0x98badcfeL;
+ ctx->H[3] = 0x10325476L;
+ ctx->H[4] = 0xc3d2e1f0L;
+}
+
+/* Explanation of H array and index values:
+ * The context's H array is actually the concatenation of two arrays
+ * defined by SHA1, the H array of state variables (5 elements),
+ * and the W array of intermediate values, of which there are 16 elements.
+ * The W array starts at H[5], that is W[0] is H[5].
+ * Although these values are defined as 32-bit values, we use 64-bit
+ * variables to hold them because the AMD64 stores 64 bit values in
+ * memory MUCH faster than it stores any smaller values.
+ *
+ * Rather than passing the context structure to shaCompress, we pass
+ * this combined array of H and W values. We do not pass the address
+ * of the first element of this array, but rather pass the address of an
+ * element in the middle of the array, element X. Presently X[0] is H[11].
+ * So we pass the address of H[11] as the address of array X to shaCompress.
+ * Then shaCompress accesses the members of the array using positive AND
+ * negative indexes.
+ *
+ * Pictorially: (each element is 8 bytes)
+ * H | H0 H1 H2 H3 H4 W0 W1 W2 W3 W4 W5 W6 W7 W8 W9 Wa Wb Wc Wd We Wf |
+ * X |-11-10 -9 -8 -7 -6 -5 -4 -3 -2 -1 X0 X1 X2 X3 X4 X5 X6 X7 X8 X9 |
+ *
+ * The byte offset from X[0] to any member of H and W is always
+ * representable in a signed 8-bit value, which will be encoded
+ * as a single byte offset in the X86-64 instruction set.
+ * If we didn't pass the address of H[11], and instead passed the
+ * address of H[0], the offsets to elements H[16] and above would be
+ * greater than 127, not representable in a signed 8-bit value, and the
+ * x86-64 instruction set would encode every such offset as a 32-bit
+ * signed number in each instruction that accessed element H[16] or
+ * higher. This results in much bigger and slower code.
+ */
+#if !defined(SHA_PUT_W_IN_STACK)
+#define H2X 11 /* X[0] is H[11], and H[0] is X[-11] */
+#define W2X 6 /* X[0] is W[6], and W[0] is X[-6] */
+#else
+#define H2X 0
+#endif
+
+/*
+ * SHA: Add data to context.
+ */
+void
+SHA1_Update(SHA1Context *ctx, const unsigned char *dataIn, unsigned int len)
+{
+ register unsigned int lenB;
+ register unsigned int togo;
+
+ if (!len)
+ return;
+
+ /* accumulate the byte count. */
+ lenB = (unsigned int)(ctx->size) & 63U;
+
+ ctx->size += len;
+
+ /*
+ * Read the data into W and process blocks as they get full
+ */
+ if (lenB > 0) {
+ togo = 64U - lenB;
+ if (len < togo)
+ togo = len;
+ memcpy(ctx->B + lenB, dataIn, togo);
+ len -= togo;
+ dataIn += togo;
+ lenB = (lenB + togo) & 63U;
+ if (!lenB) {
+ shaCompress(&ctx->H[H2X], ctx->W);
+ }
+ }
+#if !defined(HAVE_UNALIGNED_ACCESS)
+ if ((ptrdiff_t)dataIn % sizeof(PRUint32)) {
+ while (len >= 64U) {
+ memcpy(ctx->B, dataIn, 64);
+ len -= 64U;
+ shaCompress(&ctx->H[H2X], ctx->W);
+ dataIn += 64U;
+ }
+ } else
+#endif
+ {
+ while (len >= 64U) {
+ len -= 64U;
+ shaCompress(&ctx->H[H2X], (PRUint32 *)dataIn);
+ dataIn += 64U;
+ }
+ }
+ if (len) {
+ memcpy(ctx->B, dataIn, len);
+ }
+}
+
+/*
+ * SHA: Generate hash value from context
+ */
+void NO_SANITIZE_ALIGNMENT
+SHA1_End(SHA1Context *ctx, unsigned char *hashout,
+ unsigned int *pDigestLen, unsigned int maxDigestLen)
+{
+ register PRUint64 size;
+ register PRUint32 lenB;
+
+ static const unsigned char bulk_pad[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
+#define tmp lenB
+
+ PORT_Assert(maxDigestLen >= SHA1_LENGTH);
+
+ /*
+ * Pad with a binary 1 (e.g. 0x80), then zeroes, then length in bits
+ */
+ size = ctx->size;
+
+ lenB = (PRUint32)size & 63;
+ SHA1_Update(ctx, bulk_pad, (((55 + 64) - lenB) & 63) + 1);
+ PORT_Assert(((PRUint32)ctx->size & 63) == 56);
+ /* Convert size from bytes to bits. */
+ size <<= 3;
+ ctx->W[14] = SHA_HTONL((PRUint32)(size >> 32));
+ ctx->W[15] = SHA_HTONL((PRUint32)size);
+ shaCompress(&ctx->H[H2X], ctx->W);
+
+ /*
+ * Output hash
+ */
+ SHA_STORE_RESULT;
+ if (pDigestLen) {
+ *pDigestLen = SHA1_LENGTH;
+ }
+#undef tmp
+}
+
+void
+SHA1_EndRaw(SHA1Context *ctx, unsigned char *hashout,
+ unsigned int *pDigestLen, unsigned int maxDigestLen)
+{
+#if defined(SHA_NEED_TMP_VARIABLE)
+ register PRUint32 tmp;
+#endif
+ PORT_Assert(maxDigestLen >= SHA1_LENGTH);
+
+ SHA_STORE_RESULT;
+ if (pDigestLen)
+ *pDigestLen = SHA1_LENGTH;
+}
+
+#undef B
+/*
+ * SHA: Compression function, unrolled.
+ *
+ * Some operations in shaCompress are done as 5 groups of 16 operations.
+ * Others are done as 4 groups of 20 operations.
+ * The code below shows that structure.
+ *
+ * The functions that compute the new values of the 5 state variables
+ * A-E are done in 4 groups of 20 operations (or you may also think
+ * of them as being done in 16 groups of 5 operations). They are
+ * done by the SHA_RNDx macros below, in the right column.
+ *
+ * The functions that set the 16 values of the W array are done in
+ * 5 groups of 16 operations. The first group is done by the
+ * LOAD macros below, the latter 4 groups are done by SHA_MIX below,
+ * in the left column.
+ *
+ * gcc's optimizer observes that each member of the W array is assigned
+ * a value 5 times in this code. It reduces the number of store
+ * operations done to the W array in the context (that is, in the X array)
+ * by creating a W array on the stack, and storing the W values there for
+ * the first 4 groups of operations on W, and storing the values in the
+ * context's W array only in the fifth group. This is undesirable.
+ * It is MUCH bigger code than simply using the context's W array, because
+ * all the offsets to the W array in the stack are 32-bit signed offsets,
+ * and it is no faster than storing the values in the context's W array.
+ *
+ * The original code for sha_fast.c prevented this creation of a separate
+ * W array in the stack by creating a W array of 80 members, each of
+ * whose elements is assigned only once. It also separated the computations
+ * of the W array values and the computations of the values for the 5
+ * state variables into two separate passes, W's, then A-E's so that the
+ * second pass could be done all in registers (except for accessing the W
+ * array) on machines with fewer registers. The method is suboptimal
+ * for machines with enough registers to do it all in one pass, and it
+ * necessitates using many instructions with 32-bit offsets.
+ *
+ * This code eliminates the separate W array on the stack by a completely
+ * different means: by declaring the X array volatile. This prevents
+ * the optimizer from trying to reduce the use of the X array by the
+ * creation of a MORE expensive W array on the stack. The result is
+ * that all instructions use signed 8-bit offsets and not 32-bit offsets.
+ *
+ * The combination of this code and the -O3 optimizer flag on GCC 3.4.3
+ * results in code that is 3 times faster than the previous NSS sha_fast
+ * code on AMD64.
+ */
+static void NO_SANITIZE_ALIGNMENT
+shaCompress(volatile SHA_HW_t *X, const PRUint32 *inbuf)
+{
+ register SHA_HW_t A, B, C, D, E;
+
+#if defined(SHA_NEED_TMP_VARIABLE)
+ register PRUint32 tmp;
+#endif
+
+#if !defined(SHA_PUT_W_IN_STACK)
+#define XH(n) X[n - H2X]
+#define XW(n) X[n - W2X]
+#else
+ SHA_HW_t w_0, w_1, w_2, w_3, w_4, w_5, w_6, w_7,
+ w_8, w_9, w_10, w_11, w_12, w_13, w_14, w_15;
+#define XW(n) w_##n
+#define XH(n) X[n]
+#endif
+
+#define K0 0x5a827999L
+#define K1 0x6ed9eba1L
+#define K2 0x8f1bbcdcL
+#define K3 0xca62c1d6L
+
+#define SHA_RND1(a, b, c, d, e, n) \
+ a = SHA_ROTL(b, 5) + SHA_F1(c, d, e) + a + XW(n) + K0; \
+ c = SHA_ROTL(c, 30)
+#define SHA_RND2(a, b, c, d, e, n) \
+ a = SHA_ROTL(b, 5) + SHA_F2(c, d, e) + a + XW(n) + K1; \
+ c = SHA_ROTL(c, 30)
+#define SHA_RND3(a, b, c, d, e, n) \
+ a = SHA_ROTL(b, 5) + SHA_F3(c, d, e) + a + XW(n) + K2; \
+ c = SHA_ROTL(c, 30)
+#define SHA_RND4(a, b, c, d, e, n) \
+ a = SHA_ROTL(b, 5) + SHA_F4(c, d, e) + a + XW(n) + K3; \
+ c = SHA_ROTL(c, 30)
+
+#define LOAD(n) XW(n) = SHA_HTONL(inbuf[n])
+
+ A = XH(0);
+ B = XH(1);
+ C = XH(2);
+ D = XH(3);
+ E = XH(4);
+
+ LOAD(0);
+ SHA_RND1(E, A, B, C, D, 0);
+ LOAD(1);
+ SHA_RND1(D, E, A, B, C, 1);
+ LOAD(2);
+ SHA_RND1(C, D, E, A, B, 2);
+ LOAD(3);
+ SHA_RND1(B, C, D, E, A, 3);
+ LOAD(4);
+ SHA_RND1(A, B, C, D, E, 4);
+ LOAD(5);
+ SHA_RND1(E, A, B, C, D, 5);
+ LOAD(6);
+ SHA_RND1(D, E, A, B, C, 6);
+ LOAD(7);
+ SHA_RND1(C, D, E, A, B, 7);
+ LOAD(8);
+ SHA_RND1(B, C, D, E, A, 8);
+ LOAD(9);
+ SHA_RND1(A, B, C, D, E, 9);
+ LOAD(10);
+ SHA_RND1(E, A, B, C, D, 10);
+ LOAD(11);
+ SHA_RND1(D, E, A, B, C, 11);
+ LOAD(12);
+ SHA_RND1(C, D, E, A, B, 12);
+ LOAD(13);
+ SHA_RND1(B, C, D, E, A, 13);
+ LOAD(14);
+ SHA_RND1(A, B, C, D, E, 14);
+ LOAD(15);
+ SHA_RND1(E, A, B, C, D, 15);
+
+ SHA_MIX(0, 13, 8, 2);
+ SHA_RND1(D, E, A, B, C, 0);
+ SHA_MIX(1, 14, 9, 3);
+ SHA_RND1(C, D, E, A, B, 1);
+ SHA_MIX(2, 15, 10, 4);
+ SHA_RND1(B, C, D, E, A, 2);
+ SHA_MIX(3, 0, 11, 5);
+ SHA_RND1(A, B, C, D, E, 3);
+
+ SHA_MIX(4, 1, 12, 6);
+ SHA_RND2(E, A, B, C, D, 4);
+ SHA_MIX(5, 2, 13, 7);
+ SHA_RND2(D, E, A, B, C, 5);
+ SHA_MIX(6, 3, 14, 8);
+ SHA_RND2(C, D, E, A, B, 6);
+ SHA_MIX(7, 4, 15, 9);
+ SHA_RND2(B, C, D, E, A, 7);
+ SHA_MIX(8, 5, 0, 10);
+ SHA_RND2(A, B, C, D, E, 8);
+ SHA_MIX(9, 6, 1, 11);
+ SHA_RND2(E, A, B, C, D, 9);
+ SHA_MIX(10, 7, 2, 12);
+ SHA_RND2(D, E, A, B, C, 10);
+ SHA_MIX(11, 8, 3, 13);
+ SHA_RND2(C, D, E, A, B, 11);
+ SHA_MIX(12, 9, 4, 14);
+ SHA_RND2(B, C, D, E, A, 12);
+ SHA_MIX(13, 10, 5, 15);
+ SHA_RND2(A, B, C, D, E, 13);
+ SHA_MIX(14, 11, 6, 0);
+ SHA_RND2(E, A, B, C, D, 14);
+ SHA_MIX(15, 12, 7, 1);
+ SHA_RND2(D, E, A, B, C, 15);
+
+ SHA_MIX(0, 13, 8, 2);
+ SHA_RND2(C, D, E, A, B, 0);
+ SHA_MIX(1, 14, 9, 3);
+ SHA_RND2(B, C, D, E, A, 1);
+ SHA_MIX(2, 15, 10, 4);
+ SHA_RND2(A, B, C, D, E, 2);
+ SHA_MIX(3, 0, 11, 5);
+ SHA_RND2(E, A, B, C, D, 3);
+ SHA_MIX(4, 1, 12, 6);
+ SHA_RND2(D, E, A, B, C, 4);
+ SHA_MIX(5, 2, 13, 7);
+ SHA_RND2(C, D, E, A, B, 5);
+ SHA_MIX(6, 3, 14, 8);
+ SHA_RND2(B, C, D, E, A, 6);
+ SHA_MIX(7, 4, 15, 9);
+ SHA_RND2(A, B, C, D, E, 7);
+
+ SHA_MIX(8, 5, 0, 10);
+ SHA_RND3(E, A, B, C, D, 8);
+ SHA_MIX(9, 6, 1, 11);
+ SHA_RND3(D, E, A, B, C, 9);
+ SHA_MIX(10, 7, 2, 12);
+ SHA_RND3(C, D, E, A, B, 10);
+ SHA_MIX(11, 8, 3, 13);
+ SHA_RND3(B, C, D, E, A, 11);
+ SHA_MIX(12, 9, 4, 14);
+ SHA_RND3(A, B, C, D, E, 12);
+ SHA_MIX(13, 10, 5, 15);
+ SHA_RND3(E, A, B, C, D, 13);
+ SHA_MIX(14, 11, 6, 0);
+ SHA_RND3(D, E, A, B, C, 14);
+ SHA_MIX(15, 12, 7, 1);
+ SHA_RND3(C, D, E, A, B, 15);
+
+ SHA_MIX(0, 13, 8, 2);
+ SHA_RND3(B, C, D, E, A, 0);
+ SHA_MIX(1, 14, 9, 3);
+ SHA_RND3(A, B, C, D, E, 1);
+ SHA_MIX(2, 15, 10, 4);
+ SHA_RND3(E, A, B, C, D, 2);
+ SHA_MIX(3, 0, 11, 5);
+ SHA_RND3(D, E, A, B, C, 3);
+ SHA_MIX(4, 1, 12, 6);
+ SHA_RND3(C, D, E, A, B, 4);
+ SHA_MIX(5, 2, 13, 7);
+ SHA_RND3(B, C, D, E, A, 5);
+ SHA_MIX(6, 3, 14, 8);
+ SHA_RND3(A, B, C, D, E, 6);
+ SHA_MIX(7, 4, 15, 9);
+ SHA_RND3(E, A, B, C, D, 7);
+ SHA_MIX(8, 5, 0, 10);
+ SHA_RND3(D, E, A, B, C, 8);
+ SHA_MIX(9, 6, 1, 11);
+ SHA_RND3(C, D, E, A, B, 9);
+ SHA_MIX(10, 7, 2, 12);
+ SHA_RND3(B, C, D, E, A, 10);
+ SHA_MIX(11, 8, 3, 13);
+ SHA_RND3(A, B, C, D, E, 11);
+
+ SHA_MIX(12, 9, 4, 14);
+ SHA_RND4(E, A, B, C, D, 12);
+ SHA_MIX(13, 10, 5, 15);
+ SHA_RND4(D, E, A, B, C, 13);
+ SHA_MIX(14, 11, 6, 0);
+ SHA_RND4(C, D, E, A, B, 14);
+ SHA_MIX(15, 12, 7, 1);
+ SHA_RND4(B, C, D, E, A, 15);
+
+ SHA_MIX(0, 13, 8, 2);
+ SHA_RND4(A, B, C, D, E, 0);
+ SHA_MIX(1, 14, 9, 3);
+ SHA_RND4(E, A, B, C, D, 1);
+ SHA_MIX(2, 15, 10, 4);
+ SHA_RND4(D, E, A, B, C, 2);
+ SHA_MIX(3, 0, 11, 5);
+ SHA_RND4(C, D, E, A, B, 3);
+ SHA_MIX(4, 1, 12, 6);
+ SHA_RND4(B, C, D, E, A, 4);
+ SHA_MIX(5, 2, 13, 7);
+ SHA_RND4(A, B, C, D, E, 5);
+ SHA_MIX(6, 3, 14, 8);
+ SHA_RND4(E, A, B, C, D, 6);
+ SHA_MIX(7, 4, 15, 9);
+ SHA_RND4(D, E, A, B, C, 7);
+ SHA_MIX(8, 5, 0, 10);
+ SHA_RND4(C, D, E, A, B, 8);
+ SHA_MIX(9, 6, 1, 11);
+ SHA_RND4(B, C, D, E, A, 9);
+ SHA_MIX(10, 7, 2, 12);
+ SHA_RND4(A, B, C, D, E, 10);
+ SHA_MIX(11, 8, 3, 13);
+ SHA_RND4(E, A, B, C, D, 11);
+ SHA_MIX(12, 9, 4, 14);
+ SHA_RND4(D, E, A, B, C, 12);
+ SHA_MIX(13, 10, 5, 15);
+ SHA_RND4(C, D, E, A, B, 13);
+ SHA_MIX(14, 11, 6, 0);
+ SHA_RND4(B, C, D, E, A, 14);
+ SHA_MIX(15, 12, 7, 1);
+ SHA_RND4(A, B, C, D, E, 15);
+
+ XH(0) += A;
+ XH(1) += B;
+ XH(2) += C;
+ XH(3) += D;
+ XH(4) += E;
+}
+
+/*************************************************************************
+** Code below this line added to make SHA code support BLAPI interface
+*/
+
+SHA1Context *
+SHA1_NewContext(void)
+{
+ SHA1Context *cx;
+
+ /* no need to ZNew, SHA1_Begin will init the context */
+ cx = PORT_New(SHA1Context);
+ return cx;
+}
+
+/* Zero and free the context */
+void
+SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
+{
+ memset(cx, 0, sizeof *cx);
+ if (freeit) {
+ PORT_Free(cx);
+ }
+}
+
+SECStatus
+SHA1_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ SHA1Context ctx;
+ unsigned int outLen;
+
+ SHA1_Begin(&ctx);
+ SHA1_Update(&ctx, src, src_length);
+ SHA1_End(&ctx, dest, &outLen, SHA1_LENGTH);
+ memset(&ctx, 0, sizeof ctx);
+ return SECSuccess;
+}
+
+/* Hash a null-terminated character string. */
+SECStatus
+SHA1_Hash(unsigned char *dest, const char *src)
+{
+ return SHA1_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+/*
+ * need to support save/restore state in pkcs11. Stores all the info necessary
+ * for a structure into just a stream of bytes.
+ */
+unsigned int
+SHA1_FlattenSize(SHA1Context *cx)
+{
+ return sizeof(SHA1Context);
+}
+
+SECStatus
+SHA1_Flatten(SHA1Context *cx, unsigned char *space)
+{
+ PORT_Memcpy(space, cx, sizeof(SHA1Context));
+ return SECSuccess;
+}
+
+SHA1Context *
+SHA1_Resurrect(unsigned char *space, void *arg)
+{
+ SHA1Context *cx = SHA1_NewContext();
+ if (cx == NULL)
+ return NULL;
+
+ PORT_Memcpy(cx, space, sizeof(SHA1Context));
+ return cx;
+}
+
+void
+SHA1_Clone(SHA1Context *dest, SHA1Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
+
+void
+SHA1_TraceState(SHA1Context *ctx)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+}
diff --git a/security/nss/lib/freebl/sha_fast.h b/security/nss/lib/freebl/sha_fast.h
new file mode 100644
index 000000000..4f37d13d0
--- /dev/null
+++ b/security/nss/lib/freebl/sha_fast.h
@@ -0,0 +1,176 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SHA_FAST_H_
+#define _SHA_FAST_H_
+
+#include "prlong.h"
+#include "blapii.h"
+
+#define SHA1_INPUT_LEN 64
+
+#if defined(IS_64) && !defined(__sparc)
+typedef PRUint64 SHA_HW_t;
+#define SHA1_USING_64_BIT 1
+#else
+typedef PRUint32 SHA_HW_t;
+#endif
+
+struct SHA1ContextStr {
+ union {
+ PRUint32 w[16]; /* input buffer */
+ PRUint8 b[64];
+ } u;
+ PRUint64 size; /* count of hashed bytes. */
+ SHA_HW_t H[22]; /* 5 state variables, 16 tmp values, 1 extra */
+};
+
+#if defined(_MSC_VER)
+#include <stdlib.h>
+#if defined(IS_LITTLE_ENDIAN)
+#if (_MSC_VER >= 1300)
+#pragma intrinsic(_byteswap_ulong)
+#define SHA_HTONL(x) _byteswap_ulong(x)
+#elif defined(NSS_X86_OR_X64)
+#ifndef FORCEINLINE
+#if (_MSC_VER >= 1200)
+#define FORCEINLINE __forceinline
+#else
+#define FORCEINLINE __inline
+#endif /* _MSC_VER */
+#endif /* !defined FORCEINLINE */
+#define FASTCALL __fastcall
+
+static FORCEINLINE PRUint32 FASTCALL
+swap4b(PRUint32 dwd)
+{
+ __asm {
+ mov eax,dwd
+ bswap eax
+ }
+}
+
+#define SHA_HTONL(x) swap4b(x)
+#endif /* NSS_X86_OR_X64 */
+#endif /* IS_LITTLE_ENDIAN */
+
+#pragma intrinsic(_lrotr, _lrotl)
+#define SHA_ROTL(x, n) _lrotl(x, n)
+#define SHA_ROTL_IS_DEFINED 1
+#endif /* _MSC_VER */
+
+#if defined(__GNUC__)
+/* __x86_64__ and __x86_64 are defined by GCC on x86_64 CPUs */
+#if defined(SHA1_USING_64_BIT)
+static __inline__ PRUint64
+SHA_ROTL(PRUint64 x, PRUint32 n)
+{
+ PRUint32 t = (PRUint32)x;
+ return ((t << n) | (t >> (32 - n)));
+}
+#else
+static __inline__ PRUint32
+SHA_ROTL(PRUint32 t, PRUint32 n)
+{
+ return ((t << n) | (t >> (32 - n)));
+}
+#endif
+#define SHA_ROTL_IS_DEFINED 1
+
+#if defined(NSS_X86_OR_X64)
+static __inline__ PRUint32
+swap4b(PRUint32 value)
+{
+ __asm__("bswap %0"
+ : "+r"(value));
+ return (value);
+}
+#define SHA_HTONL(x) swap4b(x)
+
+#elif defined(__thumb2__) || \
+ (!defined(__thumb__) && \
+ (defined(__ARM_ARCH_6__) || \
+ defined(__ARM_ARCH_6J__) || \
+ defined(__ARM_ARCH_6K__) || \
+ defined(__ARM_ARCH_6Z__) || \
+ defined(__ARM_ARCH_6ZK__) || \
+ defined(__ARM_ARCH_6T2__) || \
+ defined(__ARM_ARCH_7__) || \
+ defined(__ARM_ARCH_7A__) || \
+ defined(__ARM_ARCH_7R__)))
+static __inline__ PRUint32
+swap4b(PRUint32 value)
+{
+ PRUint32 ret;
+ __asm__("rev %0, %1"
+ : "=r"(ret)
+ : "r"(value));
+ return ret;
+}
+#define SHA_HTONL(x) swap4b(x)
+
+#endif /* x86 family */
+
+#endif /* __GNUC__ */
+
+#if !defined(SHA_ROTL_IS_DEFINED)
+#define SHA_NEED_TMP_VARIABLE 1
+#define SHA_ROTL(X, n) (tmp = (X), ((tmp) << (n)) | ((tmp) >> (32 - (n))))
+#endif
+
+#if !defined(SHA_HTONL)
+#define SHA_MASK 0x00FF00FF
+#if defined(IS_LITTLE_ENDIAN)
+#undef SHA_NEED_TMP_VARIABLE
+#define SHA_NEED_TMP_VARIABLE 1
+#define SHA_HTONL(x) (tmp = (x), tmp = (tmp << 16) | (tmp >> 16), \
+ ((tmp & SHA_MASK) << 8) | ((tmp >> 8) & SHA_MASK))
+#else
+#define SHA_HTONL(x) (x)
+#endif
+#endif
+
+#define SHA_BYTESWAP(x) x = SHA_HTONL(x)
+
+#define SHA_STORE(n) ((PRUint32*)hashout)[n] = SHA_HTONL(ctx->H[n])
+#if defined(HAVE_UNALIGNED_ACCESS)
+#define SHA_STORE_RESULT \
+ SHA_STORE(0); \
+ SHA_STORE(1); \
+ SHA_STORE(2); \
+ SHA_STORE(3); \
+ SHA_STORE(4);
+
+#elif defined(IS_LITTLE_ENDIAN) || defined(SHA1_USING_64_BIT)
+#define SHA_STORE_RESULT \
+ if (!((ptrdiff_t)hashout % sizeof(PRUint32))) { \
+ SHA_STORE(0); \
+ SHA_STORE(1); \
+ SHA_STORE(2); \
+ SHA_STORE(3); \
+ SHA_STORE(4); \
+ } else { \
+ PRUint32 tmpbuf[5]; \
+ tmpbuf[0] = SHA_HTONL(ctx->H[0]); \
+ tmpbuf[1] = SHA_HTONL(ctx->H[1]); \
+ tmpbuf[2] = SHA_HTONL(ctx->H[2]); \
+ tmpbuf[3] = SHA_HTONL(ctx->H[3]); \
+ tmpbuf[4] = SHA_HTONL(ctx->H[4]); \
+ memcpy(hashout, tmpbuf, SHA1_LENGTH); \
+ }
+
+#else
+#define SHA_STORE_RESULT \
+ if (!((ptrdiff_t)hashout % sizeof(PRUint32))) { \
+ SHA_STORE(0); \
+ SHA_STORE(1); \
+ SHA_STORE(2); \
+ SHA_STORE(3); \
+ SHA_STORE(4); \
+ } else { \
+ memcpy(hashout, ctx->H, SHA1_LENGTH); \
+ }
+#endif
+
+#endif /* _SHA_FAST_H_ */
diff --git a/security/nss/lib/freebl/shsign.h b/security/nss/lib/freebl/shsign.h
new file mode 100644
index 000000000..590c0e6b3
--- /dev/null
+++ b/security/nss/lib/freebl/shsign.h
@@ -0,0 +1,14 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SHSIGN_H_
+#define _SHSIGN_H_
+
+#define SGN_SUFFIX ".chk"
+#define NSS_SIGN_CHK_MAGIC1 0xf1
+#define NSS_SIGN_CHK_MAGIC2 0xc5
+#define NSS_SIGN_CHK_MAJOR_VERSION 0x01
+#define NSS_SIGN_CHK_MINOR_VERSION 0x02
+
+#endif /* _SHSIGN_H_ */
diff --git a/security/nss/lib/freebl/shvfy.c b/security/nss/lib/freebl/shvfy.c
new file mode 100644
index 000000000..af4a34fb0
--- /dev/null
+++ b/security/nss/lib/freebl/shvfy.c
@@ -0,0 +1,534 @@
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "shsign.h"
+#include "prlink.h"
+#include "prio.h"
+#include "blapi.h"
+#include "seccomon.h"
+#include "stdio.h"
+#include "prmem.h"
+#include "hasht.h"
+#include "pqg.h"
+#include "blapii.h"
+
+/*
+ * Most modern version of Linux support a speed optimization scheme where an
+ * application called prelink modifies programs and shared libraries to quickly
+ * load if they fit into an already designed address space. In short, prelink
+ * scans the list of programs and libraries on your system, assigns them a
+ * predefined space in the the address space, then provides the fixups to the
+ * library.
+
+ * The modification of the shared library is correctly detected by the freebl
+ * FIPS checksum scheme where we check a signed hash of the library against the
+ * library itself.
+ *
+ * The prelink command itself can reverse the process of modification and
+ * output the prestine shared library as it was before prelink made it's
+ * changes. If FREEBL_USE_PRELINK is set Freebl uses prelink to output the
+ * original copy of the shared library before prelink modified it.
+ */
+#ifdef FREEBL_USE_PRELINK
+#ifndef FREELB_PRELINK_COMMAND
+#define FREEBL_PRELINK_COMMAND "/usr/sbin/prelink -u -o -"
+#endif
+#include "private/pprio.h"
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+
+/*
+ * This function returns an NSPR PRFileDesc * which the caller can read to
+ * obtain the prestine value of the shared library, before any OS related
+ * changes to it (usually address fixups).
+ *
+ * If prelink is installed, this
+ * file descriptor is a pipe connecting the output of
+ * /usr/sbin/prelink -u -o - {Library}
+ * and *pid returns the process id of the prelink child.
+ *
+ * If prelink is not installed, it returns a normal readonly handle to the
+ * library itself and *pid is set to '0'.
+ */
+PRFileDesc *
+bl_OpenUnPrelink(const char *shName, int *pid)
+{
+ char *command = strdup(FREEBL_PRELINK_COMMAND);
+ char *argString = NULL;
+ char **argv = NULL;
+ char *shNameArg = NULL;
+ char *cp;
+ pid_t child;
+ int argc = 0, argNext = 0;
+ struct stat statBuf;
+ int pipefd[2] = { -1, -1 };
+ int ret;
+
+ *pid = 0;
+
+ /* make sure the prelink command exists first. If not, fall back to
+ * just reading the file */
+ for (cp = command; *cp; cp++) {
+ if (*cp == ' ') {
+ *cp++ = 0;
+ argString = cp;
+ break;
+ }
+ }
+ memset(&statBuf, 0, sizeof(statBuf));
+ /* stat the file, follow the link */
+ ret = stat(command, &statBuf);
+ if (ret < 0) {
+ free(command);
+ return PR_Open(shName, PR_RDONLY, 0);
+ }
+ /* file exits, make sure it's an executable */
+ if (!S_ISREG(statBuf.st_mode) ||
+ ((statBuf.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0)) {
+ free(command);
+ return PR_Open(shName, PR_RDONLY, 0);
+ }
+
+ /* OK, the prelink command exists and looks correct, use it */
+ /* build the arglist while we can still malloc */
+ /* count the args if any */
+ if (argString && *argString) {
+ /* argString may have leading spaces, strip them off*/
+ for (cp = argString; *cp && *cp == ' '; cp++)
+ ;
+ argString = cp;
+ if (*cp) {
+ /* there is at least one arg.. */
+ argc = 1;
+ }
+
+ /* count the rest: Note there is no provision for escaped
+ * spaces here */
+ for (cp = argString; *cp; cp++) {
+ if (*cp == ' ') {
+ while (*cp && *cp == ' ')
+ cp++;
+ if (*cp)
+ argc++;
+ }
+ }
+ }
+
+ /* add the additional args: argv[0] (command), shName, NULL*/
+ argc += 3;
+ argv = PORT_NewArray(char *, argc);
+ if (argv == NULL) {
+ goto loser;
+ }
+
+ /* fill in the arglist */
+ argv[argNext++] = command;
+ if (argString && *argString) {
+ argv[argNext++] = argString;
+ for (cp = argString; *cp; cp++) {
+ if (*cp == ' ') {
+ *cp++ = 0;
+ while (*cp && *cp == ' ')
+ cp++;
+ if (*cp)
+ argv[argNext++] = cp;
+ }
+ }
+ }
+ /* exec doesn't advertise taking const char **argv, do the paranoid
+ * copy */
+ shNameArg = strdup(shName);
+ if (shNameArg == NULL) {
+ goto loser;
+ }
+ argv[argNext++] = shNameArg;
+ argv[argNext++] = 0;
+
+ ret = pipe(pipefd);
+ if (ret < 0) {
+ goto loser;
+ }
+
+ /* use vfork() so we don't trigger the pthread_at_fork() handlers */
+ child = vfork();
+ if (child < 0)
+ goto loser;
+ if (child == 0) {
+ /* set up the file descriptors */
+ /* if we need to support BSD, this will need to be an open of
+ * /dev/null and dup2(nullFD, 0)*/
+ close(0);
+ /* associate pipefd[1] with stdout */
+ if (pipefd[1] != 1)
+ dup2(pipefd[1], 1);
+ close(2);
+ close(pipefd[0]);
+ /* should probably close the other file descriptors? */
+
+ execv(command, argv);
+ /* avoid at_exit() handlers */
+ _exit(1); /* shouldn't reach here except on an error */
+ }
+ close(pipefd[1]);
+ pipefd[1] = -1;
+
+ /* this is safe because either vfork() as full fork() semantics, and thus
+ * already has it's own address space, or because vfork() has paused
+ * the parent util the exec or exit */
+ free(command);
+ free(shNameArg);
+ PORT_Free(argv);
+
+ *pid = child;
+
+ return PR_ImportPipe(pipefd[0]);
+
+loser:
+ if (pipefd[0] != -1) {
+ close(pipefd[0]);
+ }
+ if (pipefd[1] != -1) {
+ close(pipefd[1]);
+ }
+ free(command);
+ free(shNameArg);
+ PORT_Free(argv);
+
+ return NULL;
+}
+
+/*
+ * bl_CloseUnPrelink -
+ *
+ * This closes the file descripter and reaps and children openned and crated by
+ * b;_OpenUnprelink. It's primary difference between it and just close is
+ * that it calls wait on the pid if one is supplied, preventing zombie children
+ * from hanging around.
+ */
+void
+bl_CloseUnPrelink(PRFileDesc *file, int pid)
+{
+ /* close the file descriptor */
+ PR_Close(file);
+ /* reap the child */
+ if (pid) {
+ waitpid(pid, NULL, 0);
+ }
+}
+#endif
+
+/* #define DEBUG_SHVERIFY 1 */
+
+static char *
+mkCheckFileName(const char *libName)
+{
+ int ln_len = PORT_Strlen(libName);
+ char *output = PORT_Alloc(ln_len + sizeof(SGN_SUFFIX));
+ int index = ln_len + 1 - sizeof("." SHLIB_SUFFIX);
+
+ if ((index > 0) &&
+ (PORT_Strncmp(&libName[index],
+ "." SHLIB_SUFFIX, sizeof("." SHLIB_SUFFIX)) == 0)) {
+ ln_len = index;
+ }
+ PORT_Memcpy(output, libName, ln_len);
+ PORT_Memcpy(&output[ln_len], SGN_SUFFIX, sizeof(SGN_SUFFIX));
+ return output;
+}
+
+static int
+decodeInt(unsigned char *buf)
+{
+ return (buf[3]) | (buf[2] << 8) | (buf[1] << 16) | (buf[0] << 24);
+}
+
+static SECStatus
+readItem(PRFileDesc *fd, SECItem *item)
+{
+ unsigned char buf[4];
+ int bytesRead;
+
+ bytesRead = PR_Read(fd, buf, 4);
+ if (bytesRead != 4) {
+ return SECFailure;
+ }
+ item->len = decodeInt(buf);
+
+ item->data = PORT_Alloc(item->len);
+ if (item->data == NULL) {
+ item->len = 0;
+ return SECFailure;
+ }
+ bytesRead = PR_Read(fd, item->data, item->len);
+ if (bytesRead != item->len) {
+ PORT_Free(item->data);
+ item->data = NULL;
+ item->len = 0;
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static PRBool blapi_SHVerifyFile(const char *shName, PRBool self);
+
+static PRBool
+blapi_SHVerify(const char *name, PRFuncPtr addr, PRBool self)
+{
+ PRBool result = PR_FALSE; /* if anything goes wrong,
+ * the signature does not verify */
+ /* find our shared library name */
+ char *shName = PR_GetLibraryFilePathname(name, addr);
+ if (!shName) {
+ goto loser;
+ }
+ result = blapi_SHVerifyFile(shName, self);
+
+loser:
+ if (shName != NULL) {
+ PR_Free(shName);
+ }
+
+ return result;
+}
+
+PRBool
+BLAPI_SHVerify(const char *name, PRFuncPtr addr)
+{
+ return blapi_SHVerify(name, addr, PR_FALSE);
+}
+
+PRBool
+BLAPI_SHVerifyFile(const char *shName)
+{
+ return blapi_SHVerifyFile(shName, PR_FALSE);
+}
+
+static PRBool
+blapi_SHVerifyFile(const char *shName, PRBool self)
+{
+ char *checkName = NULL;
+ PRFileDesc *checkFD = NULL;
+ PRFileDesc *shFD = NULL;
+ void *hashcx = NULL;
+ const SECHashObject *hashObj = NULL;
+ SECItem signature = { 0, NULL, 0 };
+ SECItem hash;
+ int bytesRead, offset;
+ SECStatus rv;
+ DSAPublicKey key;
+ int count;
+#ifdef FREEBL_USE_PRELINK
+ int pid = 0;
+#endif
+
+ PRBool result = PR_FALSE; /* if anything goes wrong,
+ * the signature does not verify */
+ unsigned char buf[4096];
+ unsigned char hashBuf[HASH_LENGTH_MAX];
+
+ PORT_Memset(&key, 0, sizeof(key));
+ hash.data = hashBuf;
+ hash.len = sizeof(hashBuf);
+
+ /* If our integrity check was never ran or failed, fail any other
+ * integrity checks to prevent any token going into FIPS mode. */
+ if (!self && (BL_FIPSEntryOK(PR_FALSE) != SECSuccess)) {
+ return PR_FALSE;
+ }
+
+ if (!shName) {
+ goto loser;
+ }
+
+ /* figure out the name of our check file */
+ checkName = mkCheckFileName(shName);
+ if (!checkName) {
+ goto loser;
+ }
+
+ /* open the check File */
+ checkFD = PR_Open(checkName, PR_RDONLY, 0);
+ if (checkFD == NULL) {
+#ifdef DEBUG_SHVERIFY
+ fprintf(stderr, "Failed to open the check file %s: (%d, %d)\n",
+ checkName, (int)PR_GetError(), (int)PR_GetOSError());
+#endif /* DEBUG_SHVERIFY */
+ goto loser;
+ }
+
+ /* read and Verify the headerthe header */
+ bytesRead = PR_Read(checkFD, buf, 12);
+ if (bytesRead != 12) {
+ goto loser;
+ }
+ if ((buf[0] != NSS_SIGN_CHK_MAGIC1) || (buf[1] != NSS_SIGN_CHK_MAGIC2)) {
+ goto loser;
+ }
+ if ((buf[2] != NSS_SIGN_CHK_MAJOR_VERSION) ||
+ (buf[3] < NSS_SIGN_CHK_MINOR_VERSION)) {
+ goto loser;
+ }
+#ifdef notdef
+ if (decodeInt(&buf[8]) != CKK_DSA) {
+ goto loser;
+ }
+#endif
+
+ /* seek past any future header extensions */
+ offset = decodeInt(&buf[4]);
+ if (PR_Seek(checkFD, offset, PR_SEEK_SET) < 0) {
+ goto loser;
+ }
+
+ /* read the key */
+ rv = readItem(checkFD, &key.params.prime);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = readItem(checkFD, &key.params.subPrime);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = readItem(checkFD, &key.params.base);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = readItem(checkFD, &key.publicValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* read the siganture */
+ rv = readItem(checkFD, &signature);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* done with the check file */
+ PR_Close(checkFD);
+ checkFD = NULL;
+
+ hashObj = HASH_GetRawHashObject(PQG_GetHashType(&key.params));
+ if (hashObj == NULL) {
+ goto loser;
+ }
+
+/* open our library file */
+#ifdef FREEBL_USE_PRELINK
+ shFD = bl_OpenUnPrelink(shName, &pid);
+#else
+ shFD = PR_Open(shName, PR_RDONLY, 0);
+#endif
+ if (shFD == NULL) {
+#ifdef DEBUG_SHVERIFY
+ fprintf(stderr, "Failed to open the library file %s: (%d, %d)\n",
+ shName, (int)PR_GetError(), (int)PR_GetOSError());
+#endif /* DEBUG_SHVERIFY */
+ goto loser;
+ }
+
+ /* hash our library file with SHA1 */
+ hashcx = hashObj->create();
+ if (hashcx == NULL) {
+ goto loser;
+ }
+ hashObj->begin(hashcx);
+
+ count = 0;
+ while ((bytesRead = PR_Read(shFD, buf, sizeof(buf))) > 0) {
+ hashObj->update(hashcx, buf, bytesRead);
+ count += bytesRead;
+ }
+#ifdef FREEBL_USE_PRELINK
+ bl_CloseUnPrelink(shFD, pid);
+#else
+ PR_Close(shFD);
+#endif
+ shFD = NULL;
+
+ hashObj->end(hashcx, hash.data, &hash.len, hash.len);
+
+ /* verify the hash against the check file */
+ if (DSA_VerifyDigest(&key, &signature, &hash) == SECSuccess) {
+ result = PR_TRUE;
+ }
+#ifdef DEBUG_SHVERIFY
+ {
+ int i, j;
+ fprintf(stderr, "File %s: %d bytes\n", shName, count);
+ fprintf(stderr, " hash: %d bytes\n", hash.len);
+#define STEP 10
+ for (i = 0; i < hash.len; i += STEP) {
+ fprintf(stderr, " ");
+ for (j = 0; j < STEP && (i + j) < hash.len; j++) {
+ fprintf(stderr, " %02x", hash.data[i + j]);
+ }
+ fprintf(stderr, "\n");
+ }
+ fprintf(stderr, " signature: %d bytes\n", signature.len);
+ for (i = 0; i < signature.len; i += STEP) {
+ fprintf(stderr, " ");
+ for (j = 0; j < STEP && (i + j) < signature.len; j++) {
+ fprintf(stderr, " %02x", signature.data[i + j]);
+ }
+ fprintf(stderr, "\n");
+ }
+ fprintf(stderr, "Verified : %s\n", result ? "TRUE" : "FALSE");
+ }
+#endif /* DEBUG_SHVERIFY */
+
+loser:
+ if (checkName != NULL) {
+ PORT_Free(checkName);
+ }
+ if (checkFD != NULL) {
+ PR_Close(checkFD);
+ }
+ if (shFD != NULL) {
+ PR_Close(shFD);
+ }
+ if (hashcx != NULL) {
+ if (hashObj) {
+ hashObj->destroy(hashcx, PR_TRUE);
+ }
+ }
+ if (signature.data != NULL) {
+ PORT_Free(signature.data);
+ }
+ if (key.params.prime.data != NULL) {
+ PORT_Free(key.params.prime.data);
+ }
+ if (key.params.subPrime.data != NULL) {
+ PORT_Free(key.params.subPrime.data);
+ }
+ if (key.params.base.data != NULL) {
+ PORT_Free(key.params.base.data);
+ }
+ if (key.publicValue.data != NULL) {
+ PORT_Free(key.publicValue.data);
+ }
+
+ return result;
+}
+
+PRBool
+BLAPI_VerifySelf(const char *name)
+{
+ if (name == NULL) {
+ /*
+ * If name is NULL, freebl is statically linked into softoken.
+ * softoken will call BLAPI_SHVerify next to verify itself.
+ */
+ return PR_TRUE;
+ }
+ return blapi_SHVerify(name, (PRFuncPtr)decodeInt, PR_TRUE);
+}
diff --git a/security/nss/lib/freebl/stubs.c b/security/nss/lib/freebl/stubs.c
new file mode 100644
index 000000000..8e0784935
--- /dev/null
+++ b/security/nss/lib/freebl/stubs.c
@@ -0,0 +1,711 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Allow freebl and softoken to be loaded without util or NSPR.
+ *
+ * These symbols are overridden once real NSPR, and libutil are attached.
+ */
+#define _GNU_SOURCE 1
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <time.h>
+#include <unistd.h>
+#include <sys/time.h>
+#include <dlfcn.h>
+#include <prio.h>
+#include <prlink.h>
+#include <prlog.h>
+#include <prthread.h>
+#include <plstr.h>
+#include <prinit.h>
+#include <prlock.h>
+#include <prmem.h>
+#include <prerror.h>
+#include <prmon.h>
+#include <pratom.h>
+#include <prsystem.h>
+#include <prinrval.h>
+#include <prtime.h>
+#include <prcvar.h>
+#include <secasn1.h>
+#include <secdig.h>
+#include <secport.h>
+#include <secitem.h>
+#include <blapi.h>
+#include <private/pprio.h>
+
+#define FREEBL_NO_WEAK 1
+
+#define WEAK __attribute__((weak))
+
+#ifdef FREEBL_NO_WEAK
+
+/*
+ * This uses function pointers.
+ *
+ * CONS: A separate function is needed to
+ * fill in the function pointers.
+ *
+ * PROS: it works on all platforms.
+ * it allows for dynamically finding nspr and libutil, even once
+ * softoken is loaded and running. (NOTE: this may be a problem if
+ * we switch between the stubs and real NSPR on the fly. NSPR will
+ * do bad things if passed an _FakeArena to free or allocate from).
+ */
+#define STUB_DECLARE(ret, fn, args) \
+ typedef ret(*type_##fn) args; \
+ static type_##fn ptr_##fn = NULL
+
+#define STUB_SAFE_CALL0(fn) \
+ if (ptr_##fn) { \
+ return ptr_##fn(); \
+ }
+#define STUB_SAFE_CALL1(fn, a1) \
+ if (ptr_##fn) { \
+ return ptr_##fn(a1); \
+ }
+#define STUB_SAFE_CALL2(fn, a1, a2) \
+ if (ptr_##fn) { \
+ return ptr_##fn(a1, a2); \
+ }
+#define STUB_SAFE_CALL3(fn, a1, a2, a3) \
+ if (ptr_##fn) { \
+ return ptr_##fn(a1, a2, a3); \
+ }
+#define STUB_SAFE_CALL4(fn, a1, a2, a3, a4) \
+ if (ptr_##fn) { \
+ return ptr_##fn(a1, a2, a3, a4); \
+ }
+#define STUB_SAFE_CALL6(fn, a1, a2, a3, a4, a5, a6) \
+ if (ptr_##fn) { \
+ return ptr_##fn(a1, a2, a3, a4, a5, a6); \
+ }
+
+#define STUB_FETCH_FUNCTION(fn) \
+ ptr_##fn = (type_##fn)dlsym(lib, #fn); \
+ if (ptr_##fn == NULL) { \
+ return SECFailure; \
+ }
+
+#else
+/*
+ * this uses the loader weak attribute. it works automatically, but once
+ * freebl is loaded, the symbols are 'fixed' (later loading of NSPR or
+ * libutil will not resolve these symbols).
+ */
+
+#define STUB_DECLARE(ret, fn, args) \
+ WEAK extern ret fn args
+
+#define STUB_SAFE_CALL0(fn) \
+ if (fn) { \
+ return fn(); \
+ }
+#define STUB_SAFE_CALL1(fn, a1) \
+ if (fn) { \
+ return fn(a1); \
+ }
+#define STUB_SAFE_CALL2(fn, a1, a2) \
+ if (fn) { \
+ return fn(a1, a2); \
+ }
+#define STUB_SAFE_CALL3(fn, a1, a2, a3) \
+ if (fn) { \
+ return fn(a1, a2, a3); \
+ }
+#define STUB_SAFE_CALL4(fn, a1, a2, a3, a4) \
+ if (fn) { \
+ return fn(a1, a2, a3, a4); \
+ }
+#define STUB_SAFE_CALL6(fn, a1, a2, a3, a4, a5, a6) \
+ if (fn) { \
+ return fn(a1, a2, a3, a4, a5, a6); \
+ }
+#endif
+
+STUB_DECLARE(void *, PORT_Alloc_Util, (size_t len));
+STUB_DECLARE(void *, PORT_ArenaAlloc_Util, (PLArenaPool * arena, size_t size));
+STUB_DECLARE(void *, PORT_ArenaZAlloc_Util, (PLArenaPool * arena, size_t size));
+STUB_DECLARE(void, PORT_Free_Util, (void *ptr));
+STUB_DECLARE(void, PORT_FreeArena_Util, (PLArenaPool * arena, PRBool zero));
+STUB_DECLARE(int, PORT_GetError_Util, (void));
+STUB_DECLARE(PLArenaPool *, PORT_NewArena_Util, (unsigned long chunksize));
+STUB_DECLARE(void, PORT_SetError_Util, (int value));
+STUB_DECLARE(void *, PORT_ZAlloc_Util, (size_t len));
+STUB_DECLARE(void, PORT_ZFree_Util, (void *ptr, size_t len));
+
+STUB_DECLARE(void, PR_Assert, (const char *s, const char *file, PRIntn ln));
+STUB_DECLARE(PRStatus, PR_Access, (const char *name, PRAccessHow how));
+STUB_DECLARE(PRStatus, PR_CallOnce, (PRCallOnceType * once, PRCallOnceFN func));
+STUB_DECLARE(PRStatus, PR_Close, (PRFileDesc * fd));
+STUB_DECLARE(void, PR_DestroyLock, (PRLock * lock));
+STUB_DECLARE(void, PR_DestroyCondVar, (PRCondVar * cvar));
+STUB_DECLARE(void, PR_Free, (void *ptr));
+STUB_DECLARE(char *, PR_GetLibraryFilePathname, (const char *name,
+ PRFuncPtr addr));
+STUB_DECLARE(PRFileDesc *, PR_ImportPipe, (PROsfd osfd));
+STUB_DECLARE(void, PR_Lock, (PRLock * lock));
+STUB_DECLARE(PRCondVar *, PR_NewCondVar, (PRLock * lock));
+STUB_DECLARE(PRLock *, PR_NewLock, (void));
+STUB_DECLARE(PRStatus, PR_NotifyCondVar, (PRCondVar * cvar));
+STUB_DECLARE(PRStatus, PR_NotifyAllCondVar, (PRCondVar * cvar));
+STUB_DECLARE(PRFileDesc *, PR_Open, (const char *name, PRIntn flags,
+ PRIntn mode));
+STUB_DECLARE(PRInt32, PR_Read, (PRFileDesc * fd, void *buf, PRInt32 amount));
+STUB_DECLARE(PROffset32, PR_Seek, (PRFileDesc * fd, PROffset32 offset,
+ PRSeekWhence whence));
+STUB_DECLARE(PRStatus, PR_Sleep, (PRIntervalTime ticks));
+STUB_DECLARE(PRStatus, PR_Unlock, (PRLock * lock));
+STUB_DECLARE(PRStatus, PR_WaitCondVar, (PRCondVar * cvar,
+ PRIntervalTime timeout));
+STUB_DECLARE(char *, PR_GetEnvSecure, (const char *));
+
+STUB_DECLARE(SECItem *, SECITEM_AllocItem_Util, (PLArenaPool * arena,
+ SECItem *item, unsigned int len));
+STUB_DECLARE(SECComparison, SECITEM_CompareItem_Util, (const SECItem *a,
+ const SECItem *b));
+STUB_DECLARE(SECStatus, SECITEM_CopyItem_Util, (PLArenaPool * arena,
+ SECItem *to, const SECItem *from));
+STUB_DECLARE(void, SECITEM_FreeItem_Util, (SECItem * zap, PRBool freeit));
+STUB_DECLARE(void, SECITEM_ZfreeItem_Util, (SECItem * zap, PRBool freeit));
+STUB_DECLARE(SECOidTag, SECOID_FindOIDTag_Util, (const SECItem *oid));
+STUB_DECLARE(int, NSS_SecureMemcmp, (const void *a, const void *b, size_t n));
+
+#define PORT_ZNew_stub(type) (type *)PORT_ZAlloc_stub(sizeof(type))
+#define PORT_New_stub(type) (type *)PORT_Alloc_stub(sizeof(type))
+#define PORT_ZNewArray_stub(type, num) \
+ (type *)PORT_ZAlloc_stub(sizeof(type) * (num))
+
+/*
+ * NOTE: in order to support hashing only the memory allocation stubs,
+ * the get library name stubs, and the file io stubs are needed (the latter
+ * two are for the library verification). The remaining stubs are simply to
+ * compile. Attempts to use the library for other operations without NSPR
+ * will most likely fail.
+ */
+
+/* memory */
+extern void *
+PORT_Alloc_stub(size_t len)
+{
+ STUB_SAFE_CALL1(PORT_Alloc_Util, len);
+ return malloc(len);
+}
+
+extern void
+PORT_Free_stub(void *ptr)
+{
+ STUB_SAFE_CALL1(PORT_Free_Util, ptr);
+ return free(ptr);
+}
+
+extern void *
+PORT_ZAlloc_stub(size_t len)
+{
+ STUB_SAFE_CALL1(PORT_ZAlloc_Util, len);
+ void *ptr = malloc(len);
+ if (ptr) {
+ memset(ptr, 0, len);
+ }
+ return ptr;
+}
+
+extern void
+PORT_ZFree_stub(void *ptr, size_t len)
+{
+ STUB_SAFE_CALL2(PORT_ZFree_Util, ptr, len);
+ memset(ptr, 0, len);
+ return free(ptr);
+}
+
+extern void
+PR_Free_stub(void *ptr)
+{
+ STUB_SAFE_CALL1(PR_Free, ptr);
+ return free(ptr);
+}
+
+/*
+ * arenas
+ *
+ */
+extern PLArenaPool *
+PORT_NewArena_stub(unsigned long chunksize)
+{
+ STUB_SAFE_CALL1(PORT_NewArena_Util, chunksize);
+ abort();
+ return NULL;
+}
+
+extern void *
+PORT_ArenaAlloc_stub(PLArenaPool *arena, size_t size)
+{
+
+ STUB_SAFE_CALL2(PORT_ArenaZAlloc_Util, arena, size);
+ abort();
+ return NULL;
+}
+
+extern void *
+PORT_ArenaZAlloc_stub(PLArenaPool *arena, size_t size)
+{
+
+ STUB_SAFE_CALL2(PORT_ArenaZAlloc_Util, arena, size);
+ abort();
+ return NULL;
+}
+
+extern void
+PORT_FreeArena_stub(PLArenaPool *arena, PRBool zero)
+{
+
+ STUB_SAFE_CALL2(PORT_FreeArena_Util, arena, zero);
+ abort();
+}
+
+/* io */
+extern PRFileDesc *
+PR_Open_stub(const char *name, PRIntn flags, PRIntn mode)
+{
+ int *lfd = NULL;
+ int fd;
+ int lflags = 0;
+
+ STUB_SAFE_CALL3(PR_Open, name, flags, mode);
+
+ if (flags & PR_RDWR) {
+ lflags = O_RDWR;
+ } else if (flags & PR_WRONLY) {
+ lflags = O_WRONLY;
+ } else {
+ lflags = O_RDONLY;
+ }
+
+ if (flags & PR_EXCL)
+ lflags |= O_EXCL;
+ if (flags & PR_APPEND)
+ lflags |= O_APPEND;
+ if (flags & PR_TRUNCATE)
+ lflags |= O_TRUNC;
+
+ fd = open(name, lflags, mode);
+ if (fd >= 0) {
+ lfd = PORT_New_stub(int);
+ if (lfd != NULL) {
+ *lfd = fd;
+ } else {
+ close(fd);
+ }
+ }
+ return (PRFileDesc *)lfd;
+}
+
+extern PRFileDesc *
+PR_ImportPipe_stub(PROsfd fd)
+{
+ int *lfd = NULL;
+
+ STUB_SAFE_CALL1(PR_ImportPipe, fd);
+
+ lfd = PORT_New_stub(int);
+ if (lfd != NULL) {
+ *lfd = fd;
+ }
+ return (PRFileDesc *)lfd;
+}
+
+extern PRStatus
+PR_Close_stub(PRFileDesc *fd)
+{
+ int *lfd;
+ STUB_SAFE_CALL1(PR_Close, fd);
+
+ lfd = (int *)fd;
+ close(*lfd);
+ PORT_Free_stub(lfd);
+
+ return PR_SUCCESS;
+}
+
+extern PRInt32
+PR_Read_stub(PRFileDesc *fd, void *buf, PRInt32 amount)
+{
+ int *lfd;
+ STUB_SAFE_CALL3(PR_Read, fd, buf, amount);
+
+ lfd = (int *)fd;
+ return read(*lfd, buf, amount);
+}
+
+extern PROffset32
+PR_Seek_stub(PRFileDesc *fd, PROffset32 offset, PRSeekWhence whence)
+{
+ int *lfd;
+ int lwhence = SEEK_SET;
+ STUB_SAFE_CALL3(PR_Seek, fd, offset, whence);
+ lfd = (int *)fd;
+ switch (whence) {
+ case PR_SEEK_CUR:
+ lwhence = SEEK_CUR;
+ break;
+ case PR_SEEK_END:
+ lwhence = SEEK_END;
+ break;
+ case PR_SEEK_SET:
+ break;
+ }
+
+ return lseek(*lfd, offset, lwhence);
+}
+
+PRStatus
+PR_Access_stub(const char *name, PRAccessHow how)
+{
+ int mode = F_OK;
+ int rv;
+ STUB_SAFE_CALL2(PR_Access, name, how);
+ switch (how) {
+ case PR_ACCESS_WRITE_OK:
+ mode = W_OK;
+ break;
+ case PR_ACCESS_READ_OK:
+ mode = R_OK;
+ break;
+ /* assume F_OK for all others */
+ default:
+ break;
+ }
+ rv = access(name, mode);
+ if (rv == 0) {
+ return PR_SUCCESS;
+ }
+ return PR_FAILURE;
+}
+
+/*
+ * library
+ */
+extern char *
+PR_GetLibraryFilePathname_stub(const char *name, PRFuncPtr addr)
+{
+ Dl_info dli;
+ char *result;
+
+ STUB_SAFE_CALL2(PR_GetLibraryFilePathname, name, addr);
+
+ if (dladdr((void *)addr, &dli) == 0) {
+ return NULL;
+ }
+ result = PORT_Alloc_stub(strlen(dli.dli_fname) + 1);
+ if (result != NULL) {
+ strcpy(result, dli.dli_fname);
+ }
+ return result;
+}
+
+#include <errno.h>
+
+/* errors */
+extern int
+PORT_GetError_stub(void)
+{
+ STUB_SAFE_CALL0(PORT_GetError_Util);
+ return errno;
+}
+
+extern void
+PORT_SetError_stub(int value)
+{
+ STUB_SAFE_CALL1(PORT_SetError_Util, value);
+ errno = value;
+}
+
+/* misc */
+extern void
+PR_Assert_stub(const char *s, const char *file, PRIntn ln)
+{
+ STUB_SAFE_CALL3(PR_Assert, s, file, ln);
+ fprintf(stderr, "%s line %d: %s\n", file, ln, s);
+ abort();
+}
+
+/* time */
+extern PRStatus
+PR_Sleep_stub(PRIntervalTime ticks)
+{
+ STUB_SAFE_CALL1(PR_Sleep, ticks);
+ usleep(ticks * 1000);
+ return PR_SUCCESS;
+}
+
+/* locking */
+extern PRLock *
+PR_NewLock_stub(void)
+{
+ STUB_SAFE_CALL0(PR_NewLock);
+ abort();
+ return NULL;
+}
+
+extern PRStatus
+PR_Unlock_stub(PRLock *lock)
+{
+ STUB_SAFE_CALL1(PR_Unlock, lock);
+ abort();
+ return PR_FAILURE;
+}
+
+extern void
+PR_Lock_stub(PRLock *lock)
+{
+ STUB_SAFE_CALL1(PR_Lock, lock);
+ abort();
+ return;
+}
+
+extern void
+PR_DestroyLock_stub(PRLock *lock)
+{
+ STUB_SAFE_CALL1(PR_DestroyLock, lock);
+ abort();
+ return;
+}
+
+extern PRCondVar *
+PR_NewCondVar_stub(PRLock *lock)
+{
+ STUB_SAFE_CALL1(PR_NewCondVar, lock);
+ abort();
+ return NULL;
+}
+
+extern PRStatus
+PR_NotifyCondVar_stub(PRCondVar *cvar)
+{
+ STUB_SAFE_CALL1(PR_NotifyCondVar, cvar);
+ abort();
+ return PR_FAILURE;
+}
+
+extern PRStatus
+PR_NotifyAllCondVar_stub(PRCondVar *cvar)
+{
+ STUB_SAFE_CALL1(PR_NotifyAllCondVar, cvar);
+ abort();
+ return PR_FAILURE;
+}
+
+extern PRStatus
+PR_WaitCondVar_stub(PRCondVar *cvar, PRIntervalTime timeout)
+{
+ STUB_SAFE_CALL2(PR_WaitCondVar, cvar, timeout);
+ abort();
+ return PR_FAILURE;
+}
+
+extern char *
+PR_GetEnvSecure_stub(const char *var)
+{
+ STUB_SAFE_CALL1(PR_GetEnvSecure, var);
+ abort();
+ return NULL;
+}
+
+extern void
+PR_DestroyCondVar_stub(PRCondVar *cvar)
+{
+ STUB_SAFE_CALL1(PR_DestroyCondVar, cvar);
+ abort();
+ return;
+}
+
+/*
+ * NOTE: this presupposes GCC 4.1
+ */
+extern PRStatus
+PR_CallOnce_stub(PRCallOnceType *once, PRCallOnceFN func)
+{
+ STUB_SAFE_CALL2(PR_CallOnce, once, func);
+ abort();
+ return PR_FAILURE;
+}
+
+/*
+ * SECITEMS implement Item Utilities
+ */
+extern void
+SECITEM_FreeItem_stub(SECItem *zap, PRBool freeit)
+{
+ STUB_SAFE_CALL2(SECITEM_FreeItem_Util, zap, freeit);
+ abort();
+}
+
+extern SECItem *
+SECITEM_AllocItem_stub(PLArenaPool *arena, SECItem *item, unsigned int len)
+{
+ STUB_SAFE_CALL3(SECITEM_AllocItem_Util, arena, item, len);
+ abort();
+ return NULL;
+}
+
+extern SECComparison
+SECITEM_CompareItem_stub(const SECItem *a, const SECItem *b)
+{
+ STUB_SAFE_CALL2(SECITEM_CompareItem_Util, a, b);
+ abort();
+ return SECEqual;
+}
+
+extern SECStatus
+SECITEM_CopyItem_stub(PLArenaPool *arena, SECItem *to, const SECItem *from)
+{
+ STUB_SAFE_CALL3(SECITEM_CopyItem_Util, arena, to, from);
+ abort();
+ return SECFailure;
+}
+
+extern SECOidTag
+SECOID_FindOIDTag_stub(const SECItem *oid)
+{
+ STUB_SAFE_CALL1(SECOID_FindOIDTag_Util, oid);
+ abort();
+ return SEC_OID_UNKNOWN;
+}
+
+extern void
+SECITEM_ZfreeItem_stub(SECItem *zap, PRBool freeit)
+{
+ STUB_SAFE_CALL2(SECITEM_ZfreeItem_Util, zap, freeit);
+ abort();
+}
+
+extern int
+NSS_SecureMemcmp_stub(const void *a, const void *b, size_t n)
+{
+ STUB_SAFE_CALL3(NSS_SecureMemcmp, a, b, n);
+ abort();
+}
+
+#ifdef FREEBL_NO_WEAK
+
+static const char *nsprLibName = SHLIB_PREFIX "nspr4." SHLIB_SUFFIX;
+static const char *nssutilLibName = SHLIB_PREFIX "nssutil3." SHLIB_SUFFIX;
+
+static SECStatus
+freebl_InitNSPR(void *lib)
+{
+ STUB_FETCH_FUNCTION(PR_Free);
+ STUB_FETCH_FUNCTION(PR_Open);
+ STUB_FETCH_FUNCTION(PR_ImportPipe);
+ STUB_FETCH_FUNCTION(PR_Close);
+ STUB_FETCH_FUNCTION(PR_Read);
+ STUB_FETCH_FUNCTION(PR_Seek);
+ STUB_FETCH_FUNCTION(PR_GetLibraryFilePathname);
+ STUB_FETCH_FUNCTION(PR_Assert);
+ STUB_FETCH_FUNCTION(PR_Access);
+ STUB_FETCH_FUNCTION(PR_Sleep);
+ STUB_FETCH_FUNCTION(PR_CallOnce);
+ STUB_FETCH_FUNCTION(PR_NewCondVar);
+ STUB_FETCH_FUNCTION(PR_NotifyCondVar);
+ STUB_FETCH_FUNCTION(PR_NotifyAllCondVar);
+ STUB_FETCH_FUNCTION(PR_WaitCondVar);
+ STUB_FETCH_FUNCTION(PR_DestroyCondVar);
+ STUB_FETCH_FUNCTION(PR_NewLock);
+ STUB_FETCH_FUNCTION(PR_Unlock);
+ STUB_FETCH_FUNCTION(PR_Lock);
+ STUB_FETCH_FUNCTION(PR_DestroyLock);
+ STUB_FETCH_FUNCTION(PR_GetEnvSecure);
+ return SECSuccess;
+}
+
+static SECStatus
+freebl_InitNSSUtil(void *lib)
+{
+ STUB_FETCH_FUNCTION(PORT_Alloc_Util);
+ STUB_FETCH_FUNCTION(PORT_Free_Util);
+ STUB_FETCH_FUNCTION(PORT_ZAlloc_Util);
+ STUB_FETCH_FUNCTION(PORT_ZFree_Util);
+ STUB_FETCH_FUNCTION(PORT_NewArena_Util);
+ STUB_FETCH_FUNCTION(PORT_ArenaAlloc_Util);
+ STUB_FETCH_FUNCTION(PORT_ArenaZAlloc_Util);
+ STUB_FETCH_FUNCTION(PORT_FreeArena_Util);
+ STUB_FETCH_FUNCTION(PORT_GetError_Util);
+ STUB_FETCH_FUNCTION(PORT_SetError_Util);
+ STUB_FETCH_FUNCTION(SECITEM_FreeItem_Util);
+ STUB_FETCH_FUNCTION(SECITEM_AllocItem_Util);
+ STUB_FETCH_FUNCTION(SECITEM_CompareItem_Util);
+ STUB_FETCH_FUNCTION(SECITEM_CopyItem_Util);
+ STUB_FETCH_FUNCTION(SECITEM_ZfreeItem_Util);
+ STUB_FETCH_FUNCTION(SECOID_FindOIDTag_Util);
+ STUB_FETCH_FUNCTION(NSS_SecureMemcmp);
+ return SECSuccess;
+}
+
+/*
+ * fetch the library if it's loaded. For NSS it should already be loaded
+ */
+#define freebl_getLibrary(libName) \
+ dlopen(libName, RTLD_LAZY | RTLD_NOLOAD)
+
+#define freebl_releaseLibrary(lib) \
+ if (lib) \
+ dlclose(lib)
+
+static void *FREEBLnsprGlobalLib = NULL;
+static void *FREEBLnssutilGlobalLib = NULL;
+
+void __attribute((destructor)) FREEBL_unload()
+{
+ freebl_releaseLibrary(FREEBLnsprGlobalLib);
+ freebl_releaseLibrary(FREEBLnssutilGlobalLib);
+}
+#endif
+
+/*
+ * load the symbols from the real libraries if available.
+ *
+ * if force is set, explicitly load the libraries if they are not already
+ * loaded. If we could not use the real libraries, return failure.
+ */
+extern SECStatus
+FREEBL_InitStubs()
+{
+ SECStatus rv = SECSuccess;
+#ifdef FREEBL_NO_WEAK
+ void *nspr = NULL;
+ void *nssutil = NULL;
+
+ /* NSPR should be first */
+ if (!FREEBLnsprGlobalLib) {
+ nspr = freebl_getLibrary(nsprLibName);
+ if (!nspr) {
+ return SECFailure;
+ }
+ rv = freebl_InitNSPR(nspr);
+ if (rv != SECSuccess) {
+ freebl_releaseLibrary(nspr);
+ return rv;
+ }
+ FREEBLnsprGlobalLib = nspr; /* adopt */
+ }
+ /* now load NSSUTIL */
+ if (!FREEBLnssutilGlobalLib) {
+ nssutil = freebl_getLibrary(nssutilLibName);
+ if (!nssutil) {
+ return SECFailure;
+ }
+ rv = freebl_InitNSSUtil(nssutil);
+ if (rv != SECSuccess) {
+ freebl_releaseLibrary(nssutil);
+ return rv;
+ }
+ FREEBLnssutilGlobalLib = nssutil; /* adopt */
+ }
+#endif
+
+ return rv;
+}
diff --git a/security/nss/lib/freebl/stubs.h b/security/nss/lib/freebl/stubs.h
new file mode 100644
index 000000000..25ec394ec
--- /dev/null
+++ b/security/nss/lib/freebl/stubs.h
@@ -0,0 +1,66 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Allow freebl and softoken to be loaded without util or NSPR.
+ *
+ * These symbols are overridden once real NSPR, and libutil are attached.
+ */
+
+#ifndef _STUBS_H
+#define _STUBS_H_ 1
+
+#ifdef _LIBUTIL_H_
+/* must be included before util */
+/*#error stubs.h included too late */
+#define MP_DIGITES(x) "stubs included too late"
+#endif
+
+/* hide libutil rename */
+#define _LIBUTIL_H_ 1
+
+#define PORT_Alloc PORT_Alloc_stub
+#define PORT_ArenaAlloc PORT_ArenaAlloc_stub
+#define PORT_ArenaZAlloc PORT_ArenaZAlloc_stub
+#define PORT_Free PORT_Free_stub
+#define PORT_FreeArena PORT_FreeArena_stub
+#define PORT_GetError PORT_GetError_stub
+#define PORT_NewArena PORT_NewArena_stub
+#define PORT_SetError PORT_SetError_stub
+#define PORT_ZAlloc PORT_ZAlloc_stub
+#define PORT_ZFree PORT_ZFree_stub
+
+#define SECITEM_AllocItem SECITEM_AllocItem_stub
+#define SECITEM_CompareItem SECITEM_CompareItem_stub
+#define SECITEM_CopyItem SECITEM_CopyItem_stub
+#define SECITEM_FreeItem SECITEM_FreeItem_stub
+#define SECITEM_ZfreeItem SECITEM_ZfreeItem_stub
+#define SECOID_FindOIDTag SECOID_FindOIDTag_stub
+#define NSS_SecureMemcmp NSS_SecureMemcmp_stub
+
+#define PR_Assert PR_Assert_stub
+#define PR_Access PR_Access_stub
+#define PR_CallOnce PR_CallOnce_stub
+#define PR_Close PR_Close_stub
+#define PR_DestroyCondVar PR_DestroyCondVar_stub
+#define PR_DestroyLock PR_DestroyLock_stub
+#define PR_Free PR_Free_stub
+#define PR_GetLibraryFilePathname PR_GetLibraryFilePathname_stub
+#define PR_ImportPipe PR_ImportPipe_stub
+#define PR_Lock PR_Lock_stub
+#define PR_NewCondVar PR_NewCondVar_stub
+#define PR_NewLock PR_NewLock_stub
+#define PR_NotifyCondVar PR_NotifyCondVar_stub
+#define PR_NotifyAllCondVar PR_NotifyAllCondVar_stub
+#define PR_Open PR_Open_stub
+#define PR_Read PR_Read_stub
+#define PR_Seek PR_Seek_stub
+#define PR_Sleep PR_Sleep_stub
+#define PR_Unlock PR_Unlock_stub
+#define PR_WaitCondVar PR_WaitCondVar_stub
+#define PR_GetEnvSecure PR_GetEnvSecure_stub
+
+extern int FREEBL_InitStubs(void);
+
+#endif
diff --git a/security/nss/lib/freebl/sysrand.c b/security/nss/lib/freebl/sysrand.c
new file mode 100644
index 000000000..0128fa0ee
--- /dev/null
+++ b/security/nss/lib/freebl/sysrand.c
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "seccomon.h"
+
+#ifndef XP_WIN
+static size_t rng_systemFromNoise(unsigned char *dest, size_t maxLen);
+#endif
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+#include "unix_rand.c"
+#endif
+#ifdef XP_WIN
+#include "win_rand.c"
+#endif
+#ifdef XP_OS2
+#include "os2_rand.c"
+#endif
+
+#ifndef XP_WIN
+/*
+ * Normal RNG_SystemRNG() isn't available, use the system noise to collect
+ * the required amount of entropy.
+ */
+static size_t
+rng_systemFromNoise(unsigned char *dest, size_t maxLen)
+{
+ size_t retBytes = maxLen;
+
+ while (maxLen) {
+ size_t nbytes = RNG_GetNoise(dest, maxLen);
+
+ PORT_Assert(nbytes != 0);
+
+ dest += nbytes;
+ maxLen -= nbytes;
+
+ /* some hw op to try to introduce more entropy into the next
+ * RNG_GetNoise call */
+ rng_systemJitter();
+ }
+ return retBytes;
+}
+#endif
diff --git a/security/nss/lib/freebl/tlsprfalg.c b/security/nss/lib/freebl/tlsprfalg.c
new file mode 100644
index 000000000..1e5e67886
--- /dev/null
+++ b/security/nss/lib/freebl/tlsprfalg.c
@@ -0,0 +1,134 @@
+/* tlsprfalg.c - TLS Pseudo Random Function (PRF) implementation
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "hasht.h"
+#include "alghmac.h"
+
+#define PHASH_STATE_MAX_LEN HASH_LENGTH_MAX
+
+/* TLS P_hash function */
+SECStatus
+TLS_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label,
+ SECItem *seed, SECItem *result, PRBool isFIPS)
+{
+ unsigned char state[PHASH_STATE_MAX_LEN];
+ unsigned char outbuf[PHASH_STATE_MAX_LEN];
+ unsigned int state_len = 0, label_len = 0, outbuf_len = 0, chunk_size;
+ unsigned int remaining;
+ unsigned char *res;
+ SECStatus status;
+ HMACContext *cx;
+ SECStatus rv = SECFailure;
+ const SECHashObject *hashObj = HASH_GetRawHashObject(hashType);
+
+ PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
+ PORT_Assert((seed != NULL) && (seed->data != NULL));
+ PORT_Assert((result != NULL) && (result->data != NULL));
+
+ remaining = result->len;
+ res = result->data;
+
+ if (label != NULL)
+ label_len = PORT_Strlen(label);
+
+ cx = HMAC_Create(hashObj, secret->data, secret->len, isFIPS);
+ if (cx == NULL)
+ goto loser;
+
+ /* initialize the state = A(1) = HMAC_hash(secret, seed) */
+ HMAC_Begin(cx);
+ HMAC_Update(cx, (unsigned char *)label, label_len);
+ HMAC_Update(cx, seed->data, seed->len);
+ status = HMAC_Finish(cx, state, &state_len, sizeof(state));
+ if (status != SECSuccess)
+ goto loser;
+
+ /* generate a block at a time until we're done */
+ while (remaining > 0) {
+
+ HMAC_Begin(cx);
+ HMAC_Update(cx, state, state_len);
+ if (label_len)
+ HMAC_Update(cx, (unsigned char *)label, label_len);
+ HMAC_Update(cx, seed->data, seed->len);
+ status = HMAC_Finish(cx, outbuf, &outbuf_len, sizeof(outbuf));
+ if (status != SECSuccess)
+ goto loser;
+
+ /* Update the state = A(i) = HMAC_hash(secret, A(i-1)) */
+ HMAC_Begin(cx);
+ HMAC_Update(cx, state, state_len);
+ status = HMAC_Finish(cx, state, &state_len, sizeof(state));
+ if (status != SECSuccess)
+ goto loser;
+
+ chunk_size = PR_MIN(outbuf_len, remaining);
+ PORT_Memcpy(res, &outbuf, chunk_size);
+ res += chunk_size;
+ remaining -= chunk_size;
+ }
+
+ rv = SECSuccess;
+
+loser:
+ /* clear out state so it's not left on the stack */
+ if (cx)
+ HMAC_Destroy(cx, PR_TRUE);
+ PORT_Memset(state, 0, sizeof(state));
+ PORT_Memset(outbuf, 0, sizeof(outbuf));
+ return rv;
+}
+
+SECStatus
+TLS_PRF(const SECItem *secret, const char *label, SECItem *seed,
+ SECItem *result, PRBool isFIPS)
+{
+ SECStatus rv = SECFailure, status;
+ unsigned int i;
+ SECItem tmp = { siBuffer, NULL, 0 };
+ SECItem S1;
+ SECItem S2;
+
+ PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
+ PORT_Assert((seed != NULL) && (seed->data != NULL));
+ PORT_Assert((result != NULL) && (result->data != NULL));
+
+ S1.type = siBuffer;
+ S1.len = (secret->len / 2) + (secret->len & 1);
+ S1.data = secret->data;
+
+ S2.type = siBuffer;
+ S2.len = S1.len;
+ S2.data = secret->data + (secret->len - S2.len);
+
+ tmp.data = (unsigned char *)PORT_Alloc(result->len);
+ if (tmp.data == NULL)
+ goto loser;
+ tmp.len = result->len;
+
+ status = TLS_P_hash(HASH_AlgMD5, &S1, label, seed, result, isFIPS);
+ if (status != SECSuccess)
+ goto loser;
+
+ status = TLS_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp, isFIPS);
+ if (status != SECSuccess)
+ goto loser;
+
+ for (i = 0; i < result->len; i++)
+ result->data[i] ^= tmp.data[i];
+
+ rv = SECSuccess;
+
+loser:
+ if (tmp.data != NULL)
+ PORT_ZFree(tmp.data, tmp.len);
+ return rv;
+}
diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c
new file mode 100644
index 000000000..ea3b6af3d
--- /dev/null
+++ b/security/nss/lib/freebl/unix_rand.c
@@ -0,0 +1,1176 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <string.h>
+#include <signal.h>
+#include <unistd.h>
+#include <limits.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <sys/time.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <dirent.h>
+#include "secrng.h"
+#include "secerr.h"
+#include "prerror.h"
+#include "prthread.h"
+#include "prprf.h"
+#include "prenv.h"
+
+size_t RNG_FileUpdate(const char *fileName, size_t limit);
+
+/*
+ * When copying data to the buffer we want the least signicant bytes
+ * from the input since those bits are changing the fastest. The address
+ * of least significant byte depends upon whether we are running on
+ * a big-endian or little-endian machine.
+ *
+ * Does this mean the least signicant bytes are the most significant
+ * to us? :-)
+ */
+
+static size_t
+CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen)
+{
+ union endianness {
+ PRInt32 i;
+ char c[4];
+ } u;
+
+ if (srclen <= dstlen) {
+ memcpy(dst, src, srclen);
+ return srclen;
+ }
+ u.i = 0x01020304;
+ if (u.c[0] == 0x01) {
+ /* big-endian case */
+ memcpy(dst, (char *)src + (srclen - dstlen), dstlen);
+ } else {
+ /* little-endian case */
+ memcpy(dst, src, dstlen);
+ }
+ return dstlen;
+}
+
+#ifdef SOLARIS
+
+#include <kstat.h>
+
+static const PRUint32 entropy_buf_len = 4096; /* buffer up to 4 KB */
+
+/* Buffer entropy data, and feed it to the RNG, entropy_buf_len bytes at a time.
+ * Returns error if RNG_RandomUpdate fails. Also increments *total_fed
+ * by the number of bytes successfully buffered.
+ */
+static SECStatus
+BufferEntropy(char *inbuf, PRUint32 inlen,
+ char *entropy_buf, PRUint32 *entropy_buffered,
+ PRUint32 *total_fed)
+{
+ PRUint32 tocopy = 0;
+ PRUint32 avail = 0;
+ SECStatus rv = SECSuccess;
+
+ while (inlen) {
+ avail = entropy_buf_len - *entropy_buffered;
+ if (!avail) {
+ /* Buffer is full, time to feed it to the RNG. */
+ rv = RNG_RandomUpdate(entropy_buf, entropy_buf_len);
+ if (SECSuccess != rv) {
+ break;
+ }
+ *entropy_buffered = 0;
+ avail = entropy_buf_len;
+ }
+ tocopy = PR_MIN(avail, inlen);
+ memcpy(entropy_buf + *entropy_buffered, inbuf, tocopy);
+ *entropy_buffered += tocopy;
+ inlen -= tocopy;
+ inbuf += tocopy;
+ *total_fed += tocopy;
+ }
+ return rv;
+}
+
+/* Feed kernel statistics structures and ks_data field to the RNG.
+ * Returns status as well as the number of bytes successfully fed to the RNG.
+ */
+static SECStatus
+RNG_kstat(PRUint32 *fed)
+{
+ kstat_ctl_t *kc = NULL;
+ kstat_t *ksp = NULL;
+ PRUint32 entropy_buffered = 0;
+ char *entropy_buf = NULL;
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(fed);
+ if (!fed) {
+ return SECFailure;
+ }
+ *fed = 0;
+
+ kc = kstat_open();
+ PORT_Assert(kc);
+ if (!kc) {
+ return SECFailure;
+ }
+ entropy_buf = (char *)PORT_Alloc(entropy_buf_len);
+ PORT_Assert(entropy_buf);
+ if (entropy_buf) {
+ for (ksp = kc->kc_chain; ksp != NULL; ksp = ksp->ks_next) {
+ if (-1 == kstat_read(kc, ksp, NULL)) {
+ /* missing data from a single kstat shouldn't be fatal */
+ continue;
+ }
+ rv = BufferEntropy((char *)ksp, sizeof(kstat_t),
+ entropy_buf, &entropy_buffered,
+ fed);
+ if (SECSuccess != rv) {
+ break;
+ }
+
+ if (ksp->ks_data && ksp->ks_data_size > 0 && ksp->ks_ndata > 0) {
+ rv = BufferEntropy((char *)ksp->ks_data, ksp->ks_data_size,
+ entropy_buf, &entropy_buffered,
+ fed);
+ if (SECSuccess != rv) {
+ break;
+ }
+ }
+ }
+ if (SECSuccess == rv && entropy_buffered) {
+ /* Buffer is not empty, time to feed it to the RNG */
+ rv = RNG_RandomUpdate(entropy_buf, entropy_buffered);
+ }
+ PORT_Free(entropy_buf);
+ } else {
+ rv = SECFailure;
+ }
+ if (kstat_close(kc)) {
+ PORT_Assert(0);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+#endif
+
+#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) || defined(NETBSD) || defined(DARWIN) || defined(OPENBSD) || defined(NTO) || defined(__riscos__)
+#include <sys/times.h>
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ int ticks;
+ struct tms buffer;
+
+ ticks = times(&buffer);
+ return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
+}
+
+static void
+GiveSystemInfo(void)
+{
+ long si;
+
+ /*
+ * Is this really necessary? Why not use rand48 or something?
+ */
+ si = sysconf(_SC_CHILD_MAX);
+ RNG_RandomUpdate(&si, sizeof(si));
+
+ si = sysconf(_SC_STREAM_MAX);
+ RNG_RandomUpdate(&si, sizeof(si));
+
+ si = sysconf(_SC_OPEN_MAX);
+ RNG_RandomUpdate(&si, sizeof(si));
+}
+#endif
+
+#if defined(__sun)
+#if defined(__svr4) || defined(SVR4)
+#include <sys/systeminfo.h>
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+static void
+GiveSystemInfo(void)
+{
+ int rv;
+ char buf[2000];
+
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ hrtime_t t;
+ t = gethrtime();
+ if (t) {
+ return CopyLowBits(buf, maxbytes, &t, sizeof(t));
+ }
+ return 0;
+}
+#else /* SunOS (Sun, but not SVR4) */
+
+extern long sysconf(int name);
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ return 0;
+}
+
+static void
+GiveSystemInfo(void)
+{
+ long si;
+
+ /* This is not very good */
+ si = sysconf(_SC_CHILD_MAX);
+ RNG_RandomUpdate(&si, sizeof(si));
+}
+#endif
+#endif /* Sun */
+
+#if defined(__hpux)
+#include <sys/unistd.h>
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+#if defined(__ia64)
+#include <ia64/sys/inline.h>
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ PRUint64 t;
+
+ t = _Asm_mov_from_ar(_AREG44);
+ return CopyLowBits(buf, maxbytes, &t, sizeof(t));
+}
+#else
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ extern int ret_cr16();
+ int cr16val;
+
+ cr16val = ret_cr16();
+ return CopyLowBits(buf, maxbytes, &cr16val, sizeof(cr16val));
+}
+#endif
+
+static void
+GiveSystemInfo(void)
+{
+ long si;
+
+ /* This is not very good */
+ si = sysconf(_AES_OS_VERSION);
+ RNG_RandomUpdate(&si, sizeof(si));
+ si = sysconf(_SC_CPU_VERSION);
+ RNG_RandomUpdate(&si, sizeof(si));
+}
+#endif /* HPUX */
+
+#if defined(OSF1)
+#include <sys/types.h>
+#include <sys/sysinfo.h>
+#include <sys/systeminfo.h>
+#include <c_asm.h>
+
+static void
+GiveSystemInfo(void)
+{
+ char buf[BUFSIZ];
+ int rv;
+ int off = 0;
+
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+
+/*
+ * Use the "get the cycle counter" instruction on the alpha.
+ * The low 32 bits completely turn over in less than a minute.
+ * The high 32 bits are some non-counter gunk that changes sometimes.
+ */
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ unsigned long t;
+
+ t = asm("rpcc %v0");
+ return CopyLowBits(buf, maxbytes, &t, sizeof(t));
+}
+
+#endif /* Alpha */
+
+#if defined(_IBMR2)
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ return 0;
+}
+
+static void
+GiveSystemInfo(void)
+{
+ /* XXX haven't found any yet! */
+}
+#endif /* IBM R2 */
+
+#if defined(LINUX)
+#include <sys/sysinfo.h>
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ return 0;
+}
+
+static void
+GiveSystemInfo(void)
+{
+#ifndef NO_SYSINFO
+ struct sysinfo si;
+ if (sysinfo(&si) == 0) {
+ RNG_RandomUpdate(&si, sizeof(si));
+ }
+#endif
+}
+#endif /* LINUX */
+
+#if defined(NCR)
+
+#include <sys/utsname.h>
+#include <sys/systeminfo.h>
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ return 0;
+}
+
+static void
+GiveSystemInfo(void)
+{
+ int rv;
+ char buf[2000];
+
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+
+#endif /* NCR */
+
+#if defined(sgi)
+#include <fcntl.h>
+#undef PRIVATE
+#include <sys/mman.h>
+#include <sys/syssgi.h>
+#include <sys/immu.h>
+#include <sys/systeminfo.h>
+#include <sys/utsname.h>
+#include <wait.h>
+
+static void
+GiveSystemInfo(void)
+{
+ int rv;
+ char buf[4096];
+
+ rv = syssgi(SGI_SYSID, &buf[0]);
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, MAXSYSIDSIZE);
+ }
+#ifdef SGI_RDUBLK
+ rv = syssgi(SGI_RDUBLK, getpid(), &buf[0], sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, sizeof(buf));
+ }
+#endif /* SGI_RDUBLK */
+ rv = syssgi(SGI_INVENT, SGI_INV_READ, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, sizeof(buf));
+ }
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+
+static size_t
+GetHighResClock(void *buf, size_t maxbuf)
+{
+ unsigned phys_addr, raddr, cycleval;
+ static volatile unsigned *iotimer_addr = NULL;
+ static int tries = 0;
+ static int cntr_size;
+ int mfd;
+ long s0[2];
+ struct timeval tv;
+
+#ifndef SGI_CYCLECNTR_SIZE
+#define SGI_CYCLECNTR_SIZE 165 /* Size user needs to use to read CC */
+#endif
+
+ if (iotimer_addr == NULL) {
+ if (tries++ > 1) {
+ /* Don't keep trying if it didn't work */
+ return 0;
+ }
+
+ /*
+ ** For SGI machines we can use the cycle counter, if it has one,
+ ** to generate some truly random numbers
+ */
+ phys_addr = syssgi(SGI_QUERY_CYCLECNTR, &cycleval);
+ if (phys_addr) {
+ int pgsz = getpagesize();
+ int pgoffmask = pgsz - 1;
+
+ raddr = phys_addr & ~pgoffmask;
+ mfd = open("/dev/mmem", O_RDONLY);
+ if (mfd < 0) {
+ return 0;
+ }
+ iotimer_addr = (unsigned *)
+ mmap(0, pgoffmask, PROT_READ, MAP_PRIVATE, mfd, (int)raddr);
+ if (iotimer_addr == (void *)-1) {
+ close(mfd);
+ iotimer_addr = NULL;
+ return 0;
+ }
+ iotimer_addr = (unsigned *)((__psint_t)iotimer_addr | (phys_addr & pgoffmask));
+ /*
+ * The file 'mfd' is purposefully not closed.
+ */
+ cntr_size = syssgi(SGI_CYCLECNTR_SIZE);
+ if (cntr_size < 0) {
+ struct utsname utsinfo;
+
+ /*
+ * We must be executing on a 6.0 or earlier system, since the
+ * SGI_CYCLECNTR_SIZE call is not supported.
+ *
+ * The only pre-6.1 platforms with 64-bit counters are
+ * IP19 and IP21 (Challenge, PowerChallenge, Onyx).
+ */
+ uname(&utsinfo);
+ if (!strncmp(utsinfo.machine, "IP19", 4) ||
+ !strncmp(utsinfo.machine, "IP21", 4))
+ cntr_size = 64;
+ else
+ cntr_size = 32;
+ }
+ cntr_size /= 8; /* Convert from bits to bytes */
+ }
+ }
+
+ s0[0] = *iotimer_addr;
+ if (cntr_size > 4)
+ s0[1] = *(iotimer_addr + 1);
+ memcpy(buf, (char *)&s0[0], cntr_size);
+ return CopyLowBits(buf, maxbuf, &s0, cntr_size);
+}
+#endif
+
+#if defined(sony)
+#include <sys/systeminfo.h>
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ return 0;
+}
+
+static void
+GiveSystemInfo(void)
+{
+ int rv;
+ char buf[2000];
+
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+#endif /* sony */
+
+#if defined(sinix)
+#include <sys/systeminfo.h>
+#include <sys/times.h>
+
+int gettimeofday(struct timeval *, struct timezone *);
+int gethostname(char *, int);
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ int ticks;
+ struct tms buffer;
+
+ ticks = times(&buffer);
+ return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
+}
+
+static void
+GiveSystemInfo(void)
+{
+ int rv;
+ char buf[2000];
+
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+#endif /* sinix */
+
+#ifdef BEOS
+#include <be/kernel/OS.h>
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ bigtime_t bigtime; /* Actually a int64 */
+
+ bigtime = real_time_clock_usecs();
+ return CopyLowBits(buf, maxbytes, &bigtime, sizeof(bigtime));
+}
+
+static void
+GiveSystemInfo(void)
+{
+ system_info *info = NULL;
+ PRInt32 val;
+ get_system_info(info);
+ if (info) {
+ val = info->boot_time;
+ RNG_RandomUpdate(&val, sizeof(val));
+ val = info->used_pages;
+ RNG_RandomUpdate(&val, sizeof(val));
+ val = info->used_ports;
+ RNG_RandomUpdate(&val, sizeof(val));
+ val = info->used_threads;
+ RNG_RandomUpdate(&val, sizeof(val));
+ val = info->used_teams;
+ RNG_RandomUpdate(&val, sizeof(val));
+ }
+}
+#endif /* BEOS */
+
+#if defined(nec_ews)
+#include <sys/systeminfo.h>
+
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+
+static size_t
+GetHighResClock(void *buf, size_t maxbytes)
+{
+ return 0;
+}
+
+static void
+GiveSystemInfo(void)
+{
+ int rv;
+ char buf[2000];
+
+ rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+ rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
+ if (rv > 0) {
+ RNG_RandomUpdate(buf, rv);
+ }
+}
+#endif /* nec_ews */
+
+size_t
+RNG_GetNoise(void *buf, size_t maxbytes)
+{
+ struct timeval tv;
+ int n = 0;
+ int c;
+
+ n = GetHighResClock(buf, maxbytes);
+ maxbytes -= n;
+
+ (void)gettimeofday(&tv, 0);
+ c = CopyLowBits((char *)buf + n, maxbytes, &tv.tv_usec, sizeof(tv.tv_usec));
+ n += c;
+ maxbytes -= c;
+ c = CopyLowBits((char *)buf + n, maxbytes, &tv.tv_sec, sizeof(tv.tv_sec));
+ n += c;
+ return n;
+}
+
+#define SAFE_POPEN_MAXARGS 10 /* must be at least 2 */
+
+/*
+ * safe_popen is static to this module and we know what arguments it is
+ * called with. Note that this version only supports a single open child
+ * process at any time.
+ */
+static pid_t safe_popen_pid;
+static struct sigaction oldact;
+
+static FILE *
+safe_popen(char *cmd)
+{
+ int p[2], fd, argc;
+ pid_t pid;
+ char *argv[SAFE_POPEN_MAXARGS + 1];
+ FILE *fp;
+ static char blank[] = " \t";
+ static struct sigaction newact;
+
+ if (pipe(p) < 0)
+ return 0;
+
+ fp = fdopen(p[0], "r");
+ if (fp == 0) {
+ close(p[0]);
+ close(p[1]);
+ return 0;
+ }
+
+ /* Setup signals so that SIGCHLD is ignored as we want to do waitpid */
+ newact.sa_handler = SIG_DFL;
+ newact.sa_flags = 0;
+ sigfillset(&newact.sa_mask);
+ sigaction(SIGCHLD, &newact, &oldact);
+
+ pid = fork();
+ switch (pid) {
+ int ndesc;
+
+ case -1:
+ fclose(fp); /* this closes p[0], the fd associated with fp */
+ close(p[1]);
+ sigaction(SIGCHLD, &oldact, NULL);
+ return 0;
+
+ case 0:
+ /* dup write-side of pipe to stderr and stdout */
+ if (p[1] != 1)
+ dup2(p[1], 1);
+ if (p[1] != 2)
+ dup2(p[1], 2);
+
+ /*
+ * close the other file descriptors, except stdin which we
+ * try reassociating with /dev/null, first (bug 174993)
+ */
+ if (!freopen("/dev/null", "r", stdin))
+ close(0);
+ ndesc = getdtablesize();
+ for (fd = PR_MIN(65536, ndesc); --fd > 2; close(fd))
+ ;
+
+ /* clean up environment in the child process */
+ putenv("PATH=/bin:/usr/bin:/sbin:/usr/sbin:/etc:/usr/etc");
+ putenv("SHELL=/bin/sh");
+ putenv("IFS= \t");
+
+ /*
+ * The caller may have passed us a string that is in text
+ * space. It may be illegal to modify the string
+ */
+ cmd = strdup(cmd);
+ /* format argv */
+ argv[0] = strtok(cmd, blank);
+ argc = 1;
+ while ((argv[argc] = strtok(0, blank)) != 0) {
+ if (++argc == SAFE_POPEN_MAXARGS) {
+ argv[argc] = 0;
+ break;
+ }
+ }
+
+ /* and away we go */
+ execvp(argv[0], argv);
+ exit(127);
+ break;
+
+ default:
+ close(p[1]);
+ break;
+ }
+
+ /* non-zero means there's a cmd running */
+ safe_popen_pid = pid;
+ return fp;
+}
+
+static int
+safe_pclose(FILE *fp)
+{
+ pid_t pid;
+ int status = -1, rv;
+
+ if ((pid = safe_popen_pid) == 0)
+ return -1;
+ safe_popen_pid = 0;
+
+ fclose(fp);
+
+ /* yield the processor so the child gets some time to exit normally */
+ PR_Sleep(PR_INTERVAL_NO_WAIT);
+
+ /* if the child hasn't exited, kill it -- we're done with its output */
+ while ((rv = waitpid(pid, &status, WNOHANG)) == -1 && errno == EINTR)
+ ;
+ if (rv == 0) {
+ kill(pid, SIGKILL);
+ while ((rv = waitpid(pid, &status, 0)) == -1 && errno == EINTR)
+ ;
+ }
+
+ /* Reset SIGCHLD signal hander before returning */
+ sigaction(SIGCHLD, &oldact, NULL);
+
+ return status;
+}
+
+#ifdef DARWIN
+#include <TargetConditionals.h>
+#if !TARGET_OS_IPHONE
+#include <crt_externs.h>
+#endif
+#endif
+
+/* Fork netstat to collect its output by default. Do not unset this unless
+ * another source of entropy is available
+ */
+#define DO_NETSTAT 1
+
+void
+RNG_SystemInfoForRNG(void)
+{
+ FILE *fp;
+ char buf[BUFSIZ];
+ size_t bytes;
+ const char *const *cp;
+ char *randfile;
+#ifdef DARWIN
+#if TARGET_OS_IPHONE
+ /* iOS does not expose a way to access environ. */
+ char **environ = NULL;
+#else
+ char **environ = *_NSGetEnviron();
+#endif
+#else
+ extern char **environ;
+#endif
+#ifdef BEOS
+ static const char *const files[] = {
+ "/boot/var/swap",
+ "/boot/var/log/syslog",
+ "/boot/var/tmp",
+ "/boot/home/config/settings",
+ "/boot/home",
+ 0
+ };
+#else
+ static const char *const files[] = {
+ "/etc/passwd",
+ "/etc/utmp",
+ "/tmp",
+ "/var/tmp",
+ "/usr/tmp",
+ 0
+ };
+#endif
+
+#if defined(BSDI)
+ static char netstat_ni_cmd[] = "netstat -nis";
+#else
+ static char netstat_ni_cmd[] = "netstat -ni";
+#endif
+
+ GiveSystemInfo();
+
+ bytes = RNG_GetNoise(buf, sizeof(buf));
+ RNG_RandomUpdate(buf, bytes);
+
+ /*
+ * Pass the C environment and the addresses of the pointers to the
+ * hash function. This makes the random number function depend on the
+ * execution environment of the user and on the platform the program
+ * is running on.
+ */
+ if (environ != NULL) {
+ cp = (const char *const *)environ;
+ while (*cp) {
+ RNG_RandomUpdate(*cp, strlen(*cp));
+ cp++;
+ }
+ RNG_RandomUpdate(environ, (char *)cp - (char *)environ);
+ }
+
+ /* Give in system information */
+ if (gethostname(buf, sizeof(buf)) == 0) {
+ RNG_RandomUpdate(buf, strlen(buf));
+ }
+ GiveSystemInfo();
+
+ /* grab some data from system's PRNG before any other files. */
+ bytes = RNG_FileUpdate("/dev/urandom", SYSTEM_RNG_SEED_COUNT);
+
+ /* If the user points us to a random file, pass it through the rng */
+ randfile = PR_GetEnvSecure("NSRANDFILE");
+ if ((randfile != NULL) && (randfile[0] != '\0')) {
+ char *randCountString = PR_GetEnvSecure("NSRANDCOUNT");
+ int randCount = randCountString ? atoi(randCountString) : 0;
+ if (randCount != 0) {
+ RNG_FileUpdate(randfile, randCount);
+ } else {
+ RNG_FileForRNG(randfile);
+ }
+ }
+
+ /* pass other files through */
+ for (cp = files; *cp; cp++)
+ RNG_FileForRNG(*cp);
+
+/*
+ * Bug 100447: On BSD/OS 4.2 and 4.3, we have problem calling safe_popen
+ * in a pthreads environment. Therefore, we call safe_popen last and on
+ * BSD/OS we do not call safe_popen when we succeeded in getting data
+ * from /dev/urandom.
+ *
+ * Bug 174993: On platforms providing /dev/urandom, don't fork netstat
+ * either, if data has been gathered successfully.
+ */
+
+#if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) || defined(HPUX)
+ if (bytes)
+ return;
+#endif
+
+#ifdef SOLARIS
+
+/*
+ * On Solaris, NSS may be initialized automatically from libldap in
+ * applications that are unaware of the use of NSS. safe_popen forks, and
+ * sometimes creates issues with some applications' pthread_atfork handlers.
+ * We always have /dev/urandom on Solaris 9 and above as an entropy source,
+ * and for Solaris 8 we have the libkstat interface, so we don't need to
+ * fork netstat.
+ */
+
+#undef DO_NETSTAT
+ if (!bytes) {
+ /* On Solaris 8, /dev/urandom isn't available, so we use libkstat. */
+ PRUint32 kstat_bytes = 0;
+ if (SECSuccess != RNG_kstat(&kstat_bytes)) {
+ PORT_Assert(0);
+ }
+ bytes += kstat_bytes;
+ PORT_Assert(bytes);
+ }
+#endif
+
+#ifdef DO_NETSTAT
+ fp = safe_popen(netstat_ni_cmd);
+ if (fp != NULL) {
+ while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
+ RNG_RandomUpdate(buf, bytes);
+ safe_pclose(fp);
+ }
+#endif
+}
+
+#define TOTAL_FILE_LIMIT 1000000 /* one million */
+
+size_t
+RNG_FileUpdate(const char *fileName, size_t limit)
+{
+ FILE *file;
+ int fd;
+ int bytes;
+ size_t fileBytes = 0;
+ struct stat stat_buf;
+ unsigned char buffer[BUFSIZ];
+ static size_t totalFileBytes = 0;
+
+ /* suppress valgrind warnings due to holes in struct stat */
+ memset(&stat_buf, 0, sizeof(stat_buf));
+
+ if (stat((char *)fileName, &stat_buf) < 0)
+ return fileBytes;
+ RNG_RandomUpdate(&stat_buf, sizeof(stat_buf));
+
+ file = fopen(fileName, "r");
+ if (file != NULL) {
+ /* Read from the underlying file descriptor directly to bypass stdio
+ * buffering and avoid reading more bytes than we need from
+ * /dev/urandom. NOTE: we can't use fread with unbuffered I/O because
+ * fread may return EOF in unbuffered I/O mode on Android.
+ *
+ * Moreover, we read into a buffer of size BUFSIZ, so buffered I/O
+ * has no performance advantage. */
+ fd = fileno(file);
+ /* 'file' was just opened, so this should not fail. */
+ PORT_Assert(fd != -1);
+ while (limit > fileBytes && fd != -1) {
+ bytes = PR_MIN(sizeof buffer, limit - fileBytes);
+ bytes = read(fd, buffer, bytes);
+ if (bytes <= 0)
+ break;
+ RNG_RandomUpdate(buffer, bytes);
+ fileBytes += bytes;
+ totalFileBytes += bytes;
+ /* after TOTAL_FILE_LIMIT has been reached, only read in first
+ ** buffer of data from each subsequent file.
+ */
+ if (totalFileBytes > TOTAL_FILE_LIMIT)
+ break;
+ }
+ fclose(file);
+ }
+ /*
+ * Pass yet another snapshot of our highest resolution clock into
+ * the hash function.
+ */
+ bytes = RNG_GetNoise(buffer, sizeof(buffer));
+ RNG_RandomUpdate(buffer, bytes);
+ return fileBytes;
+}
+
+void
+RNG_FileForRNG(const char *fileName)
+{
+ RNG_FileUpdate(fileName, TOTAL_FILE_LIMIT);
+}
+
+void
+ReadSingleFile(const char *fileName)
+{
+ FILE *file;
+ unsigned char buffer[BUFSIZ];
+
+ file = fopen(fileName, "rb");
+ if (file != NULL) {
+ while (fread(buffer, 1, sizeof(buffer), file) > 0)
+ ;
+ fclose(file);
+ }
+}
+
+#define _POSIX_PTHREAD_SEMANTICS
+#include <dirent.h>
+
+PRBool
+ReadFileOK(char *dir, char *file)
+{
+ struct stat stat_buf;
+ char filename[PATH_MAX];
+ int count = snprintf(filename, sizeof filename, "%s/%s", dir, file);
+
+ if (count <= 0) {
+ return PR_FALSE; /* name too long, can't read it anyway */
+ }
+
+ if (stat(filename, &stat_buf) < 0)
+ return PR_FALSE; /* can't stat, probably can't read it then as well */
+ return S_ISREG(stat_buf.st_mode) ? PR_TRUE : PR_FALSE;
+}
+
+/*
+ * read one file out of either /etc or the user's home directory.
+ * fileToRead tells which file to read.
+ *
+ * return 1 if it's time to reset the fileToRead (no more files to read).
+ */
+static int
+ReadOneFile(int fileToRead)
+{
+ char *dir = "/etc";
+ DIR *fd = opendir(dir);
+ int resetCount = 0;
+ struct dirent *entry;
+#if defined(__sun)
+ char firstName[256];
+#else
+ char firstName[NAME_MAX + 1];
+#endif
+ const char *name = NULL;
+ int i;
+
+ if (fd == NULL) {
+ dir = PR_GetEnvSecure("HOME");
+ if (dir) {
+ fd = opendir(dir);
+ }
+ }
+ if (fd == NULL) {
+ return 1;
+ }
+
+ firstName[0] = '\0';
+ for (i = 0; i <= fileToRead; i++) {
+ do {
+ /* readdir() isn't guaranteed to be thread safe on every platform;
+ * this code assumes the same directory isn't read concurrently.
+ * This usage is confirmed safe on Linux, see bug 1254334. */
+ entry = readdir(fd);
+ } while (entry != NULL && !ReadFileOK(dir, &entry->d_name[0]));
+ if (entry == NULL) {
+ resetCount = 1; /* read to the end, start again at the beginning */
+ if (firstName[0]) {
+ /* ran out of entries in the directory, use the first one */
+ name = firstName;
+ }
+ break;
+ }
+ name = entry->d_name;
+ if (i == 0) {
+ /* copy the name of the first in case we run out of entries */
+ PORT_Assert(PORT_Strlen(name) < sizeof(firstName));
+ PORT_Strncpy(firstName, name, sizeof(firstName) - 1);
+ firstName[sizeof(firstName) - 1] = '\0';
+ }
+ }
+
+ if (name) {
+ char filename[PATH_MAX];
+ int count = snprintf(filename, sizeof(filename), "%s/%s", dir, name);
+ if (count >= 1) {
+ ReadSingleFile(filename);
+ }
+ }
+
+ closedir(fd);
+ return resetCount;
+}
+
+/*
+ * do something to try to introduce more noise into the 'GetNoise' call
+ */
+static void
+rng_systemJitter(void)
+{
+ static int fileToRead = 1;
+
+ if (ReadOneFile(fileToRead)) {
+ fileToRead = 1;
+ } else {
+ fileToRead++;
+ }
+}
+
+size_t
+RNG_SystemRNG(void *dest, size_t maxLen)
+{
+ FILE *file;
+ int fd;
+ int bytes;
+ size_t fileBytes = 0;
+ unsigned char *buffer = dest;
+
+ file = fopen("/dev/urandom", "r");
+ if (file == NULL) {
+ return rng_systemFromNoise(dest, maxLen);
+ }
+ /* Read from the underlying file descriptor directly to bypass stdio
+ * buffering and avoid reading more bytes than we need from /dev/urandom.
+ * NOTE: we can't use fread with unbuffered I/O because fread may return
+ * EOF in unbuffered I/O mode on Android.
+ */
+ fd = fileno(file);
+ /* 'file' was just opened, so this should not fail. */
+ PORT_Assert(fd != -1);
+ while (maxLen > fileBytes && fd != -1) {
+ bytes = maxLen - fileBytes;
+ bytes = read(fd, buffer, bytes);
+ if (bytes <= 0)
+ break;
+ fileBytes += bytes;
+ buffer += bytes;
+ }
+ fclose(file);
+ if (fileBytes != maxLen) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */
+ fileBytes = 0;
+ }
+ return fileBytes;
+}
diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c
new file mode 100644
index 000000000..b863776d2
--- /dev/null
+++ b/security/nss/lib/freebl/win_rand.c
@@ -0,0 +1,161 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secrng.h"
+
+#ifdef XP_WIN
+#include <windows.h>
+#include <time.h>
+
+static BOOL
+CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow)
+{
+ LARGE_INTEGER liCount;
+
+ if (!QueryPerformanceCounter(&liCount))
+ return FALSE;
+
+ *lpdwHigh = liCount.u.HighPart;
+ *lpdwLow = liCount.u.LowPart;
+ return TRUE;
+}
+
+size_t
+RNG_GetNoise(void *buf, size_t maxbuf)
+{
+ DWORD dwHigh, dwLow, dwVal;
+ int n = 0;
+ int nBytes;
+ time_t sTime;
+
+ if (maxbuf <= 0)
+ return 0;
+
+ CurrentClockTickTime(&dwHigh, &dwLow);
+
+ // get the maximally changing bits first
+ nBytes = sizeof(dwLow) > maxbuf ? maxbuf : sizeof(dwLow);
+ memcpy((char *)buf, &dwLow, nBytes);
+ n += nBytes;
+ maxbuf -= nBytes;
+
+ if (maxbuf <= 0)
+ return n;
+
+ nBytes = sizeof(dwHigh) > maxbuf ? maxbuf : sizeof(dwHigh);
+ memcpy(((char *)buf) + n, &dwHigh, nBytes);
+ n += nBytes;
+ maxbuf -= nBytes;
+
+ if (maxbuf <= 0)
+ return n;
+
+ // get the number of milliseconds that have elapsed since Windows started
+ dwVal = GetTickCount();
+
+ nBytes = sizeof(dwVal) > maxbuf ? maxbuf : sizeof(dwVal);
+ memcpy(((char *)buf) + n, &dwVal, nBytes);
+ n += nBytes;
+ maxbuf -= nBytes;
+
+ if (maxbuf <= 0)
+ return n;
+
+ // get the time in seconds since midnight Jan 1, 1970
+ time(&sTime);
+ nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
+ memcpy(((char *)buf) + n, &sTime, nBytes);
+ n += nBytes;
+
+ return n;
+}
+
+void
+RNG_SystemInfoForRNG(void)
+{
+ DWORD dwVal;
+ char buffer[256];
+ int nBytes;
+ MEMORYSTATUS sMem;
+ HANDLE hVal;
+ DWORD dwSerialNum;
+ DWORD dwComponentLen;
+ DWORD dwSysFlags;
+ char volName[128];
+ DWORD dwSectors, dwBytes, dwFreeClusters, dwNumClusters;
+
+ nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
+ RNG_RandomUpdate(buffer, nBytes);
+
+ sMem.dwLength = sizeof(sMem);
+ GlobalMemoryStatus(&sMem); // assorted memory stats
+ RNG_RandomUpdate(&sMem, sizeof(sMem));
+
+ dwVal = GetLogicalDrives();
+ RNG_RandomUpdate(&dwVal, sizeof(dwVal)); // bitfields in bits 0-25
+
+ dwVal = sizeof(buffer);
+ if (GetComputerName(buffer, &dwVal))
+ RNG_RandomUpdate(buffer, dwVal);
+
+ hVal = GetCurrentProcess(); // 4 or 8 byte pseudo handle (a
+ // constant!) of current process
+ RNG_RandomUpdate(&hVal, sizeof(hVal));
+
+ dwVal = GetCurrentProcessId(); // process ID (4 bytes)
+ RNG_RandomUpdate(&dwVal, sizeof(dwVal));
+
+ dwVal = GetCurrentThreadId(); // thread ID (4 bytes)
+ RNG_RandomUpdate(&dwVal, sizeof(dwVal));
+
+ volName[0] = '\0';
+ buffer[0] = '\0';
+ GetVolumeInformation(NULL,
+ volName,
+ sizeof(volName),
+ &dwSerialNum,
+ &dwComponentLen,
+ &dwSysFlags,
+ buffer,
+ sizeof(buffer));
+
+ RNG_RandomUpdate(volName, strlen(volName));
+ RNG_RandomUpdate(&dwSerialNum, sizeof(dwSerialNum));
+ RNG_RandomUpdate(&dwComponentLen, sizeof(dwComponentLen));
+ RNG_RandomUpdate(&dwSysFlags, sizeof(dwSysFlags));
+ RNG_RandomUpdate(buffer, strlen(buffer));
+
+ if (GetDiskFreeSpace(NULL, &dwSectors, &dwBytes, &dwFreeClusters,
+ &dwNumClusters)) {
+ RNG_RandomUpdate(&dwSectors, sizeof(dwSectors));
+ RNG_RandomUpdate(&dwBytes, sizeof(dwBytes));
+ RNG_RandomUpdate(&dwFreeClusters, sizeof(dwFreeClusters));
+ RNG_RandomUpdate(&dwNumClusters, sizeof(dwNumClusters));
+ }
+
+ nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
+ RNG_RandomUpdate(buffer, nBytes);
+}
+
+/*
+ * The RtlGenRandom function is declared in <ntsecapi.h>, but the
+ * declaration is missing a calling convention specifier. So we
+ * declare it manually here.
+ */
+#define RtlGenRandom SystemFunction036
+DECLSPEC_IMPORT BOOLEAN WINAPI RtlGenRandom(
+ PVOID RandomBuffer,
+ ULONG RandomBufferLength);
+
+size_t
+RNG_SystemRNG(void *dest, size_t maxLen)
+{
+ size_t bytes = 0;
+
+ if (RtlGenRandom(dest, maxLen)) {
+ bytes = maxLen;
+ }
+ return bytes;
+}
+#endif /* is XP_WIN */
diff --git a/security/nss/lib/jar/Makefile b/security/nss/lib/jar/Makefile
new file mode 100644
index 000000000..245c127a4
--- /dev/null
+++ b/security/nss/lib/jar/Makefile
@@ -0,0 +1,11 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+include $(CORE_DEPTH)/coreconf/rules.mk
+
diff --git a/security/nss/lib/jar/config.mk b/security/nss/lib/jar/config.mk
new file mode 100644
index 000000000..1412dcc59
--- /dev/null
+++ b/security/nss/lib/jar/config.mk
@@ -0,0 +1,26 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+# NSS_X86 means the target is a 32-bits x86 CPU architecture
+# NSS_X64 means the target is a 64-bits x64 CPU architecture
+# NSS_X86_OR_X64 means the target is either x86 or x64
+ifeq (,$(filter-out i386 x386 x86 x86_64,$(CPU_ARCH)))
+ DEFINES += -DNSS_X86_OR_X64
+ifdef USE_64
+ DEFINES += -DNSS_X64
+else
+ DEFINES += -DNSS_X86
+endif
+endif
diff --git a/security/nss/lib/jar/exports.gyp b/security/nss/lib/jar/exports.gyp
new file mode 100644
index 000000000..94ee144e8
--- /dev/null
+++ b/security/nss/lib/jar/exports.gyp
@@ -0,0 +1,27 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_jar_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'jar-ds.h',
+ 'jar.h',
+ 'jarfile.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/jar/jar-ds.c b/security/nss/lib/jar/jar-ds.c
new file mode 100644
index 000000000..8962305ca
--- /dev/null
+++ b/security/nss/lib/jar/jar-ds.c
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "jar.h"
+
+/* These are old DS_* routines renamed to ZZ_* */
+ZZList *
+ZZ_NewList(void)
+{
+ ZZList *list = (ZZList *)PORT_ZAlloc(sizeof(ZZList));
+ if (list)
+ ZZ_InitList(list);
+ return list;
+}
+
+ZZLink *
+ZZ_NewLink(JAR_Item *thing)
+{
+ ZZLink *link = (ZZLink *)PORT_ZAlloc(sizeof(ZZLink));
+ if (link)
+ link->thing = thing;
+ return link;
+}
+
+void
+ZZ_DestroyLink(ZZLink *link)
+{
+ PORT_Free(link);
+}
+
+void
+ZZ_DestroyList(ZZList *list)
+{
+ PORT_Free(list);
+}
diff --git a/security/nss/lib/jar/jar-ds.h b/security/nss/lib/jar/jar-ds.h
new file mode 100644
index 000000000..9818c66c9
--- /dev/null
+++ b/security/nss/lib/jar/jar-ds.h
@@ -0,0 +1,77 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __JAR_DS_h_
+#define __JAR_DS_h_
+
+/* Typedefs */
+typedef struct ZZLinkStr ZZLink;
+typedef struct ZZListStr ZZList;
+
+/*
+** Circular linked list. Each link contains a pointer to the object that
+** is actually in the list.
+*/
+struct ZZLinkStr {
+ ZZLink *next;
+ ZZLink *prev;
+ JAR_Item *thing;
+};
+
+struct ZZListStr {
+ ZZLink link;
+};
+
+#define ZZ_InitList(lst) \
+ { \
+ (lst)->link.next = &(lst)->link; \
+ (lst)->link.prev = &(lst)->link; \
+ (lst)->link.thing = 0; \
+ }
+
+#define ZZ_ListEmpty(lst) ((lst)->link.next == &(lst)->link)
+
+#define ZZ_ListHead(lst) ((lst)->link.next)
+
+#define ZZ_ListTail(lst) ((lst)->link.prev)
+
+#define ZZ_ListIterDone(lst, lnk) ((lnk) == &(lst)->link)
+
+#define ZZ_AppendLink(lst, lnk) \
+ { \
+ (lnk)->next = &(lst)->link; \
+ (lnk)->prev = (lst)->link.prev; \
+ (lst)->link.prev->next = (lnk); \
+ (lst)->link.prev = (lnk); \
+ }
+
+#define ZZ_InsertLink(lst, lnk) \
+ { \
+ (lnk)->next = (lst)->link.next; \
+ (lnk)->prev = &(lst)->link; \
+ (lst)->link.next->prev = (lnk); \
+ (lst)->link.next = (lnk); \
+ }
+
+#define ZZ_RemoveLink(lnk) \
+ { \
+ (lnk)->next->prev = (lnk)->prev; \
+ (lnk)->prev->next = (lnk)->next; \
+ (lnk)->next = 0; \
+ (lnk)->prev = 0; \
+ }
+
+extern ZZLink *
+ZZ_NewLink(JAR_Item *thing);
+
+extern void
+ZZ_DestroyLink(ZZLink *link);
+
+extern ZZList *
+ZZ_NewList(void);
+
+extern void
+ZZ_DestroyList(ZZList *list);
+
+#endif /* __JAR_DS_h_ */
diff --git a/security/nss/lib/jar/jar.c b/security/nss/lib/jar/jar.c
new file mode 100644
index 000000000..00a55463e
--- /dev/null
+++ b/security/nss/lib/jar/jar.c
@@ -0,0 +1,687 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * JAR.C
+ *
+ * Jarnature.
+ * Routines common to signing and validating.
+ *
+ */
+
+#include "jar.h"
+#include "jarint.h"
+#include "portreg.h"
+
+static void
+jar_destroy_list(ZZList *list);
+
+static int
+jar_find_first_cert(JAR_Signer *signer, int type, JAR_Item **it);
+
+/*
+ * J A R _ n e w
+ *
+ * Create a new instantiation of a manifest representation.
+ * Use this as a token to any calls to this API.
+ *
+ */
+JAR *
+JAR_new(void)
+{
+ JAR *jar;
+
+ if ((jar = (JAR *)PORT_ZAlloc(sizeof(JAR))) == NULL)
+ goto loser;
+ if ((jar->manifest = ZZ_NewList()) == NULL)
+ goto loser;
+ if ((jar->hashes = ZZ_NewList()) == NULL)
+ goto loser;
+ if ((jar->phy = ZZ_NewList()) == NULL)
+ goto loser;
+ if ((jar->metainfo = ZZ_NewList()) == NULL)
+ goto loser;
+ if ((jar->signers = ZZ_NewList()) == NULL)
+ goto loser;
+ return jar;
+
+loser:
+ if (jar) {
+ if (jar->manifest)
+ ZZ_DestroyList(jar->manifest);
+ if (jar->hashes)
+ ZZ_DestroyList(jar->hashes);
+ if (jar->phy)
+ ZZ_DestroyList(jar->phy);
+ if (jar->metainfo)
+ ZZ_DestroyList(jar->metainfo);
+ if (jar->signers)
+ ZZ_DestroyList(jar->signers);
+ PORT_Free(jar);
+ }
+ return NULL;
+}
+
+/*
+ * J A R _ d e s t r o y
+ */
+void PR_CALLBACK
+JAR_destroy(JAR *jar)
+{
+ PORT_Assert(jar != NULL);
+
+ if (jar == NULL)
+ return;
+
+ if (jar->fp)
+ JAR_FCLOSE((PRFileDesc *)jar->fp);
+ if (jar->url)
+ PORT_Free(jar->url);
+ if (jar->filename)
+ PORT_Free(jar->filename);
+ if (jar->globalmeta)
+ PORT_Free(jar->globalmeta);
+
+ /* Free the linked list elements */
+ jar_destroy_list(jar->manifest);
+ ZZ_DestroyList(jar->manifest);
+ jar_destroy_list(jar->hashes);
+ ZZ_DestroyList(jar->hashes);
+ jar_destroy_list(jar->phy);
+ ZZ_DestroyList(jar->phy);
+ jar_destroy_list(jar->metainfo);
+ ZZ_DestroyList(jar->metainfo);
+ jar_destroy_list(jar->signers);
+ ZZ_DestroyList(jar->signers);
+ PORT_Free(jar);
+}
+
+static void
+jar_destroy_list(ZZList *list)
+{
+ ZZLink *link, *oldlink;
+ JAR_Item *it;
+ JAR_Physical *phy;
+ JAR_Digest *dig;
+ JAR_Cert *fing;
+ JAR_Metainfo *met;
+ JAR_Signer *signer;
+
+ if (list && !ZZ_ListEmpty(list)) {
+ link = ZZ_ListHead(list);
+ while (!ZZ_ListIterDone(list, link)) {
+ it = link->thing;
+ if (!it)
+ goto next;
+ if (it->pathname)
+ PORT_Free(it->pathname);
+
+ switch (it->type) {
+ case jarTypeMeta:
+ met = (JAR_Metainfo *)it->data;
+ if (met) {
+ if (met->header)
+ PORT_Free(met->header);
+ if (met->info)
+ PORT_Free(met->info);
+ PORT_Free(met);
+ }
+ break;
+
+ case jarTypePhy:
+ phy = (JAR_Physical *)it->data;
+ if (phy)
+ PORT_Free(phy);
+ break;
+
+ case jarTypeSign:
+ fing = (JAR_Cert *)it->data;
+ if (fing) {
+ if (fing->cert)
+ CERT_DestroyCertificate(fing->cert);
+ if (fing->key)
+ PORT_Free(fing->key);
+ PORT_Free(fing);
+ }
+ break;
+
+ case jarTypeSect:
+ case jarTypeMF:
+ case jarTypeSF:
+ dig = (JAR_Digest *)it->data;
+ if (dig) {
+ PORT_Free(dig);
+ }
+ break;
+
+ case jarTypeOwner:
+ signer = (JAR_Signer *)it->data;
+ if (signer)
+ JAR_destroy_signer(signer);
+ break;
+
+ default:
+ /* PORT_Assert( 1 != 2 ); */
+ break;
+ }
+ PORT_Free(it);
+
+ next:
+ oldlink = link;
+ link = link->next;
+ ZZ_DestroyLink(oldlink);
+ }
+ }
+}
+
+/*
+ * J A R _ g e t _ m e t a i n f o
+ *
+ * Retrieve meta information from the manifest file.
+ * It doesn't matter whether it's from .MF or .SF, does it?
+ *
+ */
+
+int
+JAR_get_metainfo(JAR *jar, char *name, char *header, void **info,
+ unsigned long *length)
+{
+ JAR_Item *it;
+ ZZLink *link;
+ ZZList *list;
+
+ PORT_Assert(jar != NULL && header != NULL);
+
+ if (jar == NULL || header == NULL)
+ return JAR_ERR_PNF;
+
+ list = jar->metainfo;
+
+ if (ZZ_ListEmpty(list))
+ return JAR_ERR_PNF;
+
+ for (link = ZZ_ListHead(list);
+ !ZZ_ListIterDone(list, link);
+ link = link->next) {
+ it = link->thing;
+ if (it->type == jarTypeMeta) {
+ JAR_Metainfo *met;
+
+ if ((name && !it->pathname) || (!name && it->pathname))
+ continue;
+ if (name && it->pathname && strcmp(it->pathname, name))
+ continue;
+ met = (JAR_Metainfo *)it->data;
+ if (!PORT_Strcasecmp(met->header, header)) {
+ *info = PORT_Strdup(met->info);
+ *length = PORT_Strlen(met->info);
+ return 0;
+ }
+ }
+ }
+ return JAR_ERR_PNF;
+}
+
+/*
+ * J A R _ f i n d
+ *
+ * Establish the search pattern for use
+ * by JAR_find_next, to traverse the filenames
+ * or certificates in the JAR structure.
+ *
+ * See jar.h for a description on how to use.
+ *
+ */
+JAR_Context *
+JAR_find(JAR *jar, char *pattern, jarType type)
+{
+ JAR_Context *ctx;
+
+ PORT_Assert(jar != NULL);
+
+ if (!jar)
+ return NULL;
+
+ ctx = (JAR_Context *)PORT_ZAlloc(sizeof(JAR_Context));
+ if (ctx == NULL)
+ return NULL;
+
+ ctx->jar = jar;
+ if (pattern) {
+ if ((ctx->pattern = PORT_Strdup(pattern)) == NULL) {
+ PORT_Free(ctx);
+ return NULL;
+ }
+ }
+ ctx->finding = type;
+
+ switch (type) {
+ case jarTypeMF:
+ ctx->next = ZZ_ListHead(jar->hashes);
+ break;
+
+ case jarTypeSF:
+ case jarTypeSign:
+ ctx->next = NULL;
+ ctx->nextsign = ZZ_ListHead(jar->signers);
+ break;
+
+ case jarTypeSect:
+ ctx->next = ZZ_ListHead(jar->manifest);
+ break;
+
+ case jarTypePhy:
+ ctx->next = ZZ_ListHead(jar->phy);
+ break;
+
+ case jarTypeOwner:
+ if (jar->signers)
+ ctx->next = ZZ_ListHead(jar->signers);
+ else
+ ctx->next = NULL;
+ break;
+
+ case jarTypeMeta:
+ ctx->next = ZZ_ListHead(jar->metainfo);
+ break;
+
+ default:
+ PORT_Assert(1 != 2);
+ break;
+ }
+ return ctx;
+}
+
+/*
+ * J A R _ f i n d _ e n d
+ *
+ * Destroy the find iterator context.
+ *
+ */
+void
+JAR_find_end(JAR_Context *ctx)
+{
+ PORT_Assert(ctx != NULL);
+ if (ctx) {
+ if (ctx->pattern)
+ PORT_Free(ctx->pattern);
+ PORT_Free(ctx);
+ }
+}
+
+/*
+ * J A R _ f i n d _ n e x t
+ *
+ * Return the next item of the given type
+ * from one of the JAR linked lists.
+ *
+ */
+
+int
+JAR_find_next(JAR_Context *ctx, JAR_Item **it)
+{
+ JAR *jar;
+ ZZList *list = NULL;
+ int finding;
+ JAR_Signer *signer = NULL;
+
+ PORT_Assert(ctx != NULL);
+ PORT_Assert(ctx->jar != NULL);
+
+ jar = ctx->jar;
+
+ /* Internally, convert jarTypeSign to jarTypeSF, and return
+ the actual attached certificate later */
+ finding = (ctx->finding == jarTypeSign) ? jarTypeSF : ctx->finding;
+ if (ctx->nextsign) {
+ if (ZZ_ListIterDone(jar->signers, ctx->nextsign)) {
+ *it = NULL;
+ return -1;
+ }
+ PORT_Assert(ctx->nextsign->thing != NULL);
+ signer = (JAR_Signer *)ctx->nextsign->thing->data;
+ }
+
+ /* Find out which linked list to traverse. Then if
+ necessary, advance to the next linked list. */
+ while (1) {
+ switch (finding) {
+ case jarTypeSign: /* not any more */
+ PORT_Assert(finding != jarTypeSign);
+ list = signer->certs;
+ break;
+
+ case jarTypeSect:
+ list = jar->manifest;
+ break;
+
+ case jarTypePhy:
+ list = jar->phy;
+ break;
+
+ case jarTypeSF: /* signer, not jar */
+ PORT_Assert(signer != NULL);
+ list = signer ? signer->sf : NULL;
+ break;
+
+ case jarTypeMF:
+ list = jar->hashes;
+ break;
+
+ case jarTypeOwner:
+ list = jar->signers;
+ break;
+
+ case jarTypeMeta:
+ list = jar->metainfo;
+ break;
+
+ default:
+ PORT_Assert(1 != 2);
+ list = NULL;
+ break;
+ }
+ if (list == NULL) {
+ *it = NULL;
+ return -1;
+ }
+ /* When looping over lists of lists, advance to the next signer.
+ This is done when multiple signers are possible. */
+ if (ZZ_ListIterDone(list, ctx->next)) {
+ if (ctx->nextsign && jar->signers) {
+ ctx->nextsign = ctx->nextsign->next;
+ if (!ZZ_ListIterDone(jar->signers, ctx->nextsign)) {
+ PORT_Assert(ctx->nextsign->thing != NULL);
+ signer = (JAR_Signer *)ctx->nextsign->thing->data;
+ PORT_Assert(signer != NULL);
+ ctx->next = NULL;
+ continue;
+ }
+ }
+ *it = NULL;
+ return -1;
+ }
+
+ /* if the signer changed, still need to fill in the "next" link */
+ if (ctx->nextsign && ctx->next == NULL) {
+ switch (finding) {
+ case jarTypeSF:
+ ctx->next = ZZ_ListHead(signer->sf);
+ break;
+
+ case jarTypeSign:
+ ctx->next = ZZ_ListHead(signer->certs);
+ break;
+ }
+ }
+ PORT_Assert(ctx->next != NULL);
+ if (ctx->next == NULL) {
+ *it = NULL;
+ return -1;
+ }
+ while (!ZZ_ListIterDone(list, ctx->next)) {
+ *it = ctx->next->thing;
+ ctx->next = ctx->next->next;
+ if (!*it || (*it)->type != finding)
+ continue;
+ if (ctx->pattern && *ctx->pattern) {
+ if (PORT_RegExpSearch((*it)->pathname, ctx->pattern))
+ continue;
+ }
+ /* We have a valid match. If this is a jarTypeSign
+ return the certificate instead.. */
+ if (ctx->finding == jarTypeSign) {
+ JAR_Item *itt;
+
+ /* just the first one for now */
+ if (jar_find_first_cert(signer, jarTypeSign, &itt) >= 0) {
+ *it = itt;
+ return 0;
+ }
+ continue;
+ }
+ return 0;
+ }
+ } /* end while */
+}
+
+static int
+jar_find_first_cert(JAR_Signer *signer, int type, JAR_Item **it)
+{
+ ZZLink *link;
+ ZZList *list = signer->certs;
+ int status = JAR_ERR_PNF;
+
+ *it = NULL;
+ if (ZZ_ListEmpty(list)) {
+ /* empty list */
+ return JAR_ERR_PNF;
+ }
+
+ for (link = ZZ_ListHead(list);
+ !ZZ_ListIterDone(list, link);
+ link = link->next) {
+ if (link->thing->type == type) {
+ *it = link->thing;
+ status = 0;
+ break;
+ }
+ }
+ return status;
+}
+
+JAR_Signer *
+JAR_new_signer(void)
+{
+ JAR_Signer *signer = (JAR_Signer *)PORT_ZAlloc(sizeof(JAR_Signer));
+ if (signer == NULL)
+ goto loser;
+
+ /* certs */
+ signer->certs = ZZ_NewList();
+ if (signer->certs == NULL)
+ goto loser;
+
+ /* sf */
+ signer->sf = ZZ_NewList();
+ if (signer->sf == NULL)
+ goto loser;
+ return signer;
+
+loser:
+ if (signer) {
+ if (signer->certs)
+ ZZ_DestroyList(signer->certs);
+ if (signer->sf)
+ ZZ_DestroyList(signer->sf);
+ PORT_Free(signer);
+ }
+ return NULL;
+}
+
+void
+JAR_destroy_signer(JAR_Signer *signer)
+{
+ if (signer) {
+ if (signer->owner)
+ PORT_Free(signer->owner);
+ if (signer->digest)
+ PORT_Free(signer->digest);
+ jar_destroy_list(signer->sf);
+ ZZ_DestroyList(signer->sf);
+ jar_destroy_list(signer->certs);
+ ZZ_DestroyList(signer->certs);
+ PORT_Free(signer);
+ }
+}
+
+JAR_Signer *
+jar_get_signer(JAR *jar, char *basename)
+{
+ JAR_Item *it;
+ JAR_Context *ctx = JAR_find(jar, NULL, jarTypeOwner);
+ JAR_Signer *candidate;
+ JAR_Signer *signer = NULL;
+
+ if (ctx == NULL)
+ return NULL;
+
+ while (JAR_find_next(ctx, &it) >= 0) {
+ candidate = (JAR_Signer *)it->data;
+ if (*basename == '*' || !PORT_Strcmp(candidate->owner, basename)) {
+ signer = candidate;
+ break;
+ }
+ }
+ JAR_find_end(ctx);
+ return signer;
+}
+
+/*
+ * J A R _ g e t _ f i l e n a m e
+ *
+ * Returns the filename associated with
+ * a JAR structure.
+ *
+ */
+char *
+JAR_get_filename(JAR *jar)
+{
+ return jar->filename;
+}
+
+/*
+ * J A R _ g e t _ u r l
+ *
+ * Returns the URL associated with
+ * a JAR structure. Nobody really uses this now.
+ *
+ */
+char *
+JAR_get_url(JAR *jar)
+{
+ return jar->url;
+}
+
+/*
+ * J A R _ s e t _ c a l l b a c k
+ *
+ * Register some manner of callback function for this jar.
+ *
+ */
+int
+JAR_set_callback(int type, JAR *jar, jar_settable_callback_fn *fn)
+{
+ if (type == JAR_CB_SIGNAL) {
+ jar->signal = fn;
+ return 0;
+ }
+ return -1;
+}
+
+/*
+ * Callbacks
+ *
+ */
+
+/* To return an error string */
+char *(*jar_fn_GetString)(int) = NULL;
+
+/* To return an MWContext for Java */
+void *(*jar_fn_FindSomeContext)(void) = NULL;
+
+/* To fabricate an MWContext for FE_GetPassword */
+void *(*jar_fn_GetInitContext)(void) = NULL;
+
+void
+JAR_init_callbacks(char *(*string_cb)(int),
+ void *(*find_cx)(void),
+ void *(*init_cx)(void))
+{
+ jar_fn_GetString = string_cb;
+ jar_fn_FindSomeContext = find_cx;
+ jar_fn_GetInitContext = init_cx;
+}
+
+/*
+ * J A R _ g e t _ e r r o r
+ *
+ * This is provided to map internal JAR errors to strings for
+ * the Java console. Also, a DLL may call this function if it does
+ * not have access to the XP_GetString function.
+ *
+ * These strings aren't UI, since they are Java console only.
+ *
+ */
+char *
+JAR_get_error(int status)
+{
+ char *errstring = NULL;
+
+ switch (status) {
+ case JAR_ERR_GENERAL:
+ errstring = "General JAR file error";
+ break;
+
+ case JAR_ERR_FNF:
+ errstring = "JAR file not found";
+ break;
+
+ case JAR_ERR_CORRUPT:
+ errstring = "Corrupt JAR file";
+ break;
+
+ case JAR_ERR_MEMORY:
+ errstring = "Out of memory";
+ break;
+
+ case JAR_ERR_DISK:
+ errstring = "Disk error (perhaps out of space)";
+ break;
+
+ case JAR_ERR_ORDER:
+ errstring = "Inconsistent files in META-INF directory";
+ break;
+
+ case JAR_ERR_SIG:
+ errstring = "Invalid digital signature file";
+ break;
+
+ case JAR_ERR_METADATA:
+ errstring = "JAR metadata failed verification";
+ break;
+
+ case JAR_ERR_ENTRY:
+ errstring = "No Manifest entry for this JAR entry";
+ break;
+
+ case JAR_ERR_HASH:
+ errstring = "Invalid Hash of this JAR entry";
+ break;
+
+ case JAR_ERR_PK7:
+ errstring = "Strange PKCS7 or RSA failure";
+ break;
+
+ case JAR_ERR_PNF:
+ errstring = "Path not found inside JAR file";
+ break;
+
+ default:
+ if (jar_fn_GetString) {
+ errstring = jar_fn_GetString(status);
+ } else {
+ /* this is not a normal situation, and would only be
+ called in cases of improper initialization */
+ char *err = (char *)PORT_Alloc(40);
+ if (err)
+ PR_snprintf(err, 39, "Error %d\n", status); /* leak me! */
+ else
+ err = "Error! Bad! Out of memory!";
+ return err;
+ }
+ break;
+ }
+ return errstring;
+}
diff --git a/security/nss/lib/jar/jar.gyp b/security/nss/lib/jar/jar.gyp
new file mode 100644
index 000000000..e38b4ab99
--- /dev/null
+++ b/security/nss/lib/jar/jar.gyp
@@ -0,0 +1,76 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'jar',
+ 'type': 'static_library',
+ 'sources': [
+ 'jar-ds.c',
+ 'jar.c',
+ 'jarfile.c',
+ 'jarint.c',
+ 'jarsign.c',
+ 'jarver.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'MOZILLA_CLIENT=1',
+ ],
+ 'conditions': [
+ [ 'OS=="win"', {
+ 'configurations': {
+ 'x86_Base': {
+ 'msvs_settings': {
+ 'VCCLCompilerTool': {
+ 'PreprocessorDefinitions': [
+ 'NSS_X86_OR_X64',
+ 'NSS_X86',
+ ],
+ },
+ },
+ },
+ 'x64_Base': {
+ 'msvs_settings': {
+ 'VCCLCompilerTool': {
+ 'PreprocessorDefinitions': [
+ 'NSS_USE_64',
+ 'NSS_X86_OR_X64',
+ 'NSS_X64',
+ ],
+ },
+ },
+ },
+ },
+ }, {
+ 'conditions': [
+ [ 'target_arch=="x64"', {
+ 'defines': [
+ 'NSS_USE_64',
+ 'NSS_X86_OR_X64',
+ 'NSS_X64',
+ ],
+ }],
+ [ 'target_arch=="ia32"', {
+ 'defines': [
+ 'NSS_X86_OR_X64',
+ 'NSS_X86',
+ ],
+ }],
+ ],
+ }],
+ ],
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/jar/jar.h b/security/nss/lib/jar/jar.h
new file mode 100644
index 000000000..d337cef37
--- /dev/null
+++ b/security/nss/lib/jar/jar.h
@@ -0,0 +1,372 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __JAR_h_
+#define __JAR_h_
+
+/*
+ * In general, any functions that return pointers
+ * have memory owned by the caller.
+ *
+ */
+
+/* security includes */
+#include "cert.h"
+#include "hasht.h"
+
+/* nspr 2.0 includes */
+#include "prio.h"
+
+#define ZHUGEP
+
+#include <stdio.h>
+
+/* various types */
+
+typedef enum {
+ jarTypeMF = 2,
+ jarTypeSF = 3,
+ jarTypeMeta = 6,
+ jarTypePhy = 7,
+ jarTypeSign = 10,
+ jarTypeSect = 11,
+ jarTypeOwner = 13
+} jarType;
+
+/* void data in ZZList's contain JAR_Item type */
+typedef struct JAR_Item_ {
+ char *pathname; /* relative. inside zip file */
+ jarType type; /* various types */
+ size_t size; /* size of data below */
+ void *data; /* totally opaque */
+} JAR_Item;
+
+/* hashes */
+typedef enum {
+ jarHashNone = 0,
+ jarHashBad = 1,
+ jarHashPresent = 2
+} jarHash;
+
+typedef struct JAR_Digest_ {
+ jarHash md5_status;
+ unsigned char md5[MD5_LENGTH];
+ jarHash sha1_status;
+ unsigned char sha1[SHA1_LENGTH];
+} JAR_Digest;
+
+/* physical archive formats */
+typedef enum {
+ jarArchGuess = 0,
+ jarArchNone = 1,
+ jarArchZip = 2,
+ jarArchTar = 3
+} jarArch;
+
+#include "jar-ds.h"
+
+struct JAR_;
+
+typedef int jar_settable_callback_fn(int status, struct JAR_ *jar,
+ const char *metafile, char *pathname,
+ char *errortext);
+
+/* jar object */
+typedef struct JAR_ {
+ jarArch format; /* physical archive format */
+
+ char *url; /* Where it came from */
+ char *filename; /* Disk location */
+ FILE *fp; /* For multiple extractions */
+ /* JAR_FILE */
+
+ /* various linked lists */
+ ZZList *manifest; /* Digests of MF sections */
+ ZZList *hashes; /* Digests of actual signed files */
+ ZZList *phy; /* Physical layout of JAR file */
+ ZZList *metainfo; /* Global metainfo */
+
+ JAR_Digest *globalmeta; /* digest of .MF global portion */
+
+ /* Below will change to a linked list to support multiple sigs */
+ int pkcs7; /* Enforced opaqueness */
+ int valid; /* PKCS7 signature validated */
+
+ ZZList *signers; /* the above, per signer */
+
+ /* Window context, very necessary for PKCS11 now */
+ void *mw; /* MWContext window context */
+
+ /* Signal callback function */
+ jar_settable_callback_fn *signal;
+} JAR;
+
+/*
+ * Iterator
+ *
+ * Context for iterative operations. Certain operations
+ * require iterating multiple linked lists because of
+ * multiple signers. "nextsign" is used for this purpose.
+ *
+ */
+typedef struct JAR_Context_ {
+ JAR *jar; /* Jar we are searching */
+ char *pattern; /* Regular expression */
+ jarType finding; /* Type of item to find */
+ ZZLink *next; /* Next item in find */
+ ZZLink *nextsign; /* Next signer, sometimes */
+} JAR_Context;
+
+typedef struct JAR_Signer_ {
+ int pkcs7; /* Enforced opaqueness */
+ int valid; /* PKCS7 signature validated */
+ char *owner; /* name of .RSA file */
+ JAR_Digest *digest; /* of .SF file */
+ ZZList *sf; /* Linked list of .SF file contents */
+ ZZList *certs; /* Signing information */
+} JAR_Signer;
+
+/* Meta informaton, or "policy", from the manifest file.
+ Right now just one tuple per JAR_Item. */
+typedef struct JAR_Metainfo_ {
+ char *header;
+ char *info;
+} JAR_Metainfo;
+
+/* This should not be global */
+typedef struct JAR_Physical_ {
+ unsigned char compression;
+ unsigned long offset;
+ unsigned long length;
+ unsigned long uncompressed_length;
+#if defined(XP_UNIX) || defined(XP_BEOS)
+ PRUint16 mode;
+#endif
+} JAR_Physical;
+
+typedef struct JAR_Cert_ {
+ size_t length;
+ void *key;
+ CERTCertificate *cert;
+} JAR_Cert;
+
+/* certificate stuff */
+typedef enum {
+ jarCertCompany = 1,
+ jarCertCA = 2,
+ jarCertSerial = 3,
+ jarCertExpires = 4,
+ jarCertNickname = 5,
+ jarCertFinger = 6,
+ jarCertJavaHack = 100
+} jarCert;
+
+/* callback types */
+#define JAR_CB_SIGNAL 1
+
+/*
+ * This is the base for the JAR error codes. It will
+ * change when these are incorporated into allxpstr.c,
+ * but right now they won't let me put them there.
+ *
+ */
+#ifndef SEC_ERR_BASE
+#define SEC_ERR_BASE (-0x2000)
+#endif
+
+#define JAR_BASE SEC_ERR_BASE + 300
+
+/* Jar specific error definitions */
+
+#define JAR_ERR_GENERAL (JAR_BASE + 1)
+#define JAR_ERR_FNF (JAR_BASE + 2)
+#define JAR_ERR_CORRUPT (JAR_BASE + 3)
+#define JAR_ERR_MEMORY (JAR_BASE + 4)
+#define JAR_ERR_DISK (JAR_BASE + 5)
+#define JAR_ERR_ORDER (JAR_BASE + 6)
+#define JAR_ERR_SIG (JAR_BASE + 7)
+#define JAR_ERR_METADATA (JAR_BASE + 8)
+#define JAR_ERR_ENTRY (JAR_BASE + 9)
+#define JAR_ERR_HASH (JAR_BASE + 10)
+#define JAR_ERR_PK7 (JAR_BASE + 11)
+#define JAR_ERR_PNF (JAR_BASE + 12)
+
+/* Function declarations */
+
+extern JAR *JAR_new(void);
+
+extern void PR_CALLBACK JAR_destroy(JAR *jar);
+
+extern char *JAR_get_error(int status);
+
+extern int JAR_set_callback(int type, JAR *jar, jar_settable_callback_fn *fn);
+
+extern void
+JAR_init_callbacks(char *(*string_cb)(int),
+ void *(*find_cx)(void),
+ void *(*init_cx)(void));
+
+/*
+ * JAR_set_context
+ *
+ * PKCS11 may require a password to be entered by the user
+ * before any crypto routines may be called. This will require
+ * a window context if used from inside Mozilla.
+ *
+ * Call this routine with your context before calling
+ * verifying or signing. If you have no context, call with NULL
+ * and one will be chosen for you.
+ *
+ */
+int JAR_set_context(JAR *jar, void /*MWContext*/ *mw);
+
+/*
+ * Iterative operations
+ *
+ * JAR_find sets up for repeated calls with JAR_find_next.
+ * I never liked findfirst and findnext, this is nicer.
+ *
+ * Pattern contains a relative pathname to match inside the
+ * archive. It is currently assumed to be "*".
+ *
+ * To use:
+ *
+ * JAR_Item *item;
+ * JAR_find (jar, "*.class", jarTypeMF);
+ * while (JAR_find_next (jar, &item) >= 0)
+ * { do stuff }
+ *
+ */
+
+/* Replacement functions with an external context */
+
+extern JAR_Context *JAR_find(JAR *jar, char *pattern, jarType type);
+
+extern int JAR_find_next(JAR_Context *ctx, JAR_Item **it);
+
+extern void JAR_find_end(JAR_Context *ctx);
+
+/*
+ * Function to parse manifest file:
+ *
+ * Many signatures may be attached to a single filename located
+ * inside the zip file. We only support one.
+ *
+ * Several manifests may be included in the zip file.
+ *
+ * You must pass the MANIFEST.MF file before any .SF files.
+ *
+ * Right now this returns a big ole list, privately in the jar structure.
+ * If you need to traverse it, use JAR_find if possible.
+ *
+ * The path is needed to determine what type of binary signature is
+ * being passed, though it is technically not needed for manifest files.
+ *
+ * When parsing an ASCII file, null terminate the ASCII raw_manifest
+ * prior to sending it, and indicate a length of 0. For binary digital
+ * signatures only, indicate the true length of the signature.
+ * (This is legacy behavior.)
+ *
+ * You may free the manifest after parsing it.
+ *
+ */
+
+extern int
+JAR_parse_manifest(JAR *jar, char *raw_manifest, long length, const char *path,
+ const char *url);
+
+/*
+ * Verify data (nonstreaming). The signature is actually
+ * checked by JAR_parse_manifest or JAR_pass_archive.
+ *
+ */
+
+extern JAR_Digest *PR_CALLBACK
+JAR_calculate_digest(void *data, long length);
+
+extern int PR_CALLBACK
+JAR_verify_digest(JAR *jar, const char *name, JAR_Digest *dig);
+
+extern int
+JAR_digest_file(char *filename, JAR_Digest *dig);
+
+/*
+ * Meta information
+ *
+ * Currently, since this call does not support passing of an owner
+ * (certificate, or physical name of the .sf file), it is restricted to
+ * returning information located in the manifest.mf file.
+ *
+ * Meta information is a name/value pair inside the archive file. Here,
+ * the name is passed in *header and value returned in **info.
+ *
+ * Pass a NULL as the name to retrieve metainfo from the global section.
+ *
+ * Data is returned in **info, of size *length. The return value
+ * will indicate if no data was found.
+ *
+ */
+
+extern int
+JAR_get_metainfo(JAR *jar, char *name, char *header, void **info,
+ unsigned long *length);
+
+extern char *JAR_get_filename(JAR *jar);
+
+extern char *JAR_get_url(JAR *jar);
+
+/* save the certificate with this fingerprint in persistent
+ storage, somewhere, for retrieval in a future session when there
+ is no corresponding JAR structure. */
+extern int PR_CALLBACK
+JAR_stash_cert(JAR *jar, long keylen, void *key);
+
+/* retrieve a certificate presumably stashed with the above
+ function, but may be any certificate. Type is &CERTCertificate */
+CERTCertificate *
+JAR_fetch_cert(long length, void *key);
+
+/*
+ * New functions to handle archives alone
+ * (call JAR_new beforehand)
+ *
+ * JAR_pass_archive acts much like parse_manifest. Certificates
+ * are returned in the JAR structure but as opaque data. When calling
+ * JAR_verified_extract you still need to decide which of these
+ * certificates to honor.
+ *
+ * Code to examine a JAR structure is in jarbert.c. You can obtain both
+ * a list of filenames and certificates from traversing the linked list.
+ *
+ */
+extern int
+JAR_pass_archive(JAR *jar, jarArch format, char *filename, const char *url);
+
+/*
+ * Same thing, but don't check signatures
+ */
+extern int
+JAR_pass_archive_unverified(JAR *jar, jarArch format, char *filename,
+ const char *url);
+
+/*
+ * Extracts a relative pathname from the archive and places it
+ * in the filename specified.
+ *
+ * Call JAR_set_nailed if you want to keep the file descriptors
+ * open between multiple calls to JAR_verify_extract.
+ *
+ */
+extern int
+JAR_verified_extract(JAR *jar, char *path, char *outpath);
+
+/*
+ * JAR_extract does no crypto checking. This can be used if you
+ * need to extract a manifest file or signature, etc.
+ *
+ */
+extern int
+JAR_extract(JAR *jar, char *path, char *outpath);
+
+#endif /* __JAR_h_ */
diff --git a/security/nss/lib/jar/jarfile.c b/security/nss/lib/jar/jarfile.c
new file mode 100644
index 000000000..e2470a121
--- /dev/null
+++ b/security/nss/lib/jar/jarfile.c
@@ -0,0 +1,966 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * JARFILE
+ *
+ * Parsing of a Jar file
+ */
+#define JAR_SIZE 256
+
+#include "jar.h"
+#include "jarint.h"
+#include "jarfile.h"
+
+/* commercial compression */
+#include "jzlib.h"
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+#include "sys/stat.h"
+#endif
+
+#include "sechash.h" /* for HASH_GetHashObject() */
+
+PR_STATIC_ASSERT(46 == sizeof(struct ZipCentral));
+PR_STATIC_ASSERT(30 == sizeof(struct ZipLocal));
+PR_STATIC_ASSERT(22 == sizeof(struct ZipEnd));
+PR_STATIC_ASSERT(512 == sizeof(union TarEntry));
+
+/* extracting */
+static int
+jar_guess_jar(const char *filename, JAR_FILE fp);
+
+static int
+jar_inflate_memory(unsigned int method, long *length, long expected_out_len,
+ char **data);
+
+static int
+jar_physical_extraction(JAR_FILE fp, char *outpath, unsigned long offset,
+ unsigned long length);
+
+static int
+jar_physical_inflate(JAR_FILE fp, char *outpath, unsigned long offset,
+ unsigned long length, unsigned int method);
+
+static int
+jar_verify_extract(JAR *jar, char *path, char *physical_path);
+
+static JAR_Physical *
+jar_get_physical(JAR *jar, char *pathname);
+
+static int
+jar_extract_manifests(JAR *jar, jarArch format, JAR_FILE fp);
+
+static int
+jar_extract_mf(JAR *jar, jarArch format, JAR_FILE fp, char *ext);
+
+/* indexing */
+static int
+jar_gen_index(JAR *jar, jarArch format, JAR_FILE fp);
+
+static int
+jar_listtar(JAR *jar, JAR_FILE fp);
+
+static int
+jar_listzip(JAR *jar, JAR_FILE fp);
+
+/* conversions */
+static int
+dosdate(char *date, const char *s);
+
+static int
+dostime(char *time, const char *s);
+
+#ifdef NSS_X86_OR_X64
+/* The following macros throw up warnings. */
+#if defined(__GNUC__) && !defined(NSS_NO_GCC48)
+#pragma GCC diagnostic ignored "-Wstrict-aliasing"
+#endif
+#define x86ShortToUint32(ii) ((const PRUint32) * ((const PRUint16 *)(ii)))
+#define x86LongToUint32(ii) (*(const PRUint32 *)(ii))
+#else
+static PRUint32
+x86ShortToUint32(const void *ii);
+
+static PRUint32
+x86LongToUint32(const void *ll);
+#endif
+
+static long
+octalToLong(const char *s);
+
+/*
+ * J A R _ p a s s _ a r c h i v e
+ *
+ * For use by naive clients. Slam an entire archive file
+ * into this function. We extract manifests, parse, index
+ * the archive file, and do whatever nastiness.
+ *
+ */
+int
+JAR_pass_archive(JAR *jar, jarArch format, char *filename, const char *url)
+{
+ JAR_FILE fp;
+ int status = 0;
+
+ if (filename == NULL)
+ return JAR_ERR_GENERAL;
+
+ if ((fp = JAR_FOPEN(filename, "rb")) != NULL) {
+ if (format == jarArchGuess)
+ format = (jarArch)jar_guess_jar(filename, fp);
+
+ jar->format = format;
+ jar->url = url ? PORT_Strdup(url) : NULL;
+ jar->filename = PORT_Strdup(filename);
+
+ status = jar_gen_index(jar, format, fp);
+ if (status == 0)
+ status = jar_extract_manifests(jar, format, fp);
+
+ JAR_FCLOSE(fp);
+ if (status < 0)
+ return status;
+
+ /* people were expecting it this way */
+ return jar->valid;
+ }
+ /* file not found */
+ return JAR_ERR_FNF;
+}
+
+/*
+ * J A R _ p a s s _ a r c h i v e _ u n v e r i f i e d
+ *
+ * Same as JAR_pass_archive, but doesn't parse signatures.
+ *
+ */
+int
+JAR_pass_archive_unverified(JAR *jar, jarArch format, char *filename,
+ const char *url)
+{
+ JAR_FILE fp;
+ int status = 0;
+
+ if (filename == NULL) {
+ return JAR_ERR_GENERAL;
+ }
+
+ if ((fp = JAR_FOPEN(filename, "rb")) != NULL) {
+ if (format == jarArchGuess) {
+ format = (jarArch)jar_guess_jar(filename, fp);
+ }
+
+ jar->format = format;
+ jar->url = url ? PORT_Strdup(url) : NULL;
+ jar->filename = PORT_Strdup(filename);
+
+ status = jar_gen_index(jar, format, fp);
+ if (status == 0) {
+ status = jar_extract_mf(jar, format, fp, "mf");
+ }
+
+ JAR_FCLOSE(fp);
+ if (status < 0) {
+ return status;
+ }
+
+ /* people were expecting it this way */
+ return jar->valid;
+ }
+ /* file not found */
+ return JAR_ERR_FNF;
+}
+
+/*
+ * J A R _ v e r i f i e d _ e x t r a c t
+ *
+ * Optimization: keep a file descriptor open
+ * inside the JAR structure, so we don't have to
+ * open the file 25 times to run java.
+ *
+ */
+
+int
+JAR_verified_extract(JAR *jar, char *path, char *outpath)
+{
+ int status = JAR_extract(jar, path, outpath);
+
+ if (status >= 0)
+ return jar_verify_extract(jar, path, outpath);
+ return status;
+}
+
+int
+JAR_extract(JAR *jar, char *path, char *outpath)
+{
+ int result;
+ JAR_Physical *phy;
+
+ if (jar->fp == NULL && jar->filename) {
+ jar->fp = (FILE *)JAR_FOPEN(jar->filename, "rb");
+ }
+ if (jar->fp == NULL) {
+ /* file not found */
+ return JAR_ERR_FNF;
+ }
+
+ phy = jar_get_physical(jar, path);
+ if (phy) {
+ if (phy->compression != 0 && phy->compression != 8) {
+ /* unsupported compression method */
+ result = JAR_ERR_CORRUPT;
+ }
+ if (phy->compression == 0) {
+ result = jar_physical_extraction((PRFileDesc *)jar->fp, outpath, phy->offset, phy->length);
+ } else {
+ result = jar_physical_inflate((PRFileDesc *)jar->fp, outpath,
+ phy->offset, phy->length,
+ (unsigned int)phy->compression);
+ }
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+ if (phy->mode)
+ chmod(outpath, 0400 | (mode_t)phy->mode);
+#endif
+ } else {
+ /* pathname not found in archive */
+ result = JAR_ERR_PNF;
+ }
+ return result;
+}
+
+/*
+ * p h y s i c a l _ e x t r a c t i o n
+ *
+ * This needs to be done in chunks of say 32k, instead of
+ * in one bulk calloc. (Necessary under Win16 platform.)
+ * This is done for uncompressed entries only.
+ *
+ */
+
+#define CHUNK 32768
+
+static int
+jar_physical_extraction(JAR_FILE fp, char *outpath, unsigned long offset,
+ unsigned long length)
+{
+ JAR_FILE out;
+ char *buffer = (char *)PORT_ZAlloc(CHUNK);
+ int status = 0;
+
+ if (buffer == NULL)
+ return JAR_ERR_MEMORY;
+
+ if ((out = JAR_FOPEN(outpath, "wb")) != NULL) {
+ unsigned long at = 0;
+
+ JAR_FSEEK(fp, offset, (PRSeekWhence)0);
+ while (at < length) {
+ long chunk = (at + CHUNK <= length) ? CHUNK : length - at;
+ if (JAR_FREAD(fp, buffer, chunk) != chunk) {
+ status = JAR_ERR_DISK;
+ break;
+ }
+ at += chunk;
+ if (JAR_FWRITE(out, buffer, chunk) < chunk) {
+ /* most likely a disk full error */
+ status = JAR_ERR_DISK;
+ break;
+ }
+ }
+ JAR_FCLOSE(out);
+ } else {
+ /* error opening output file */
+ status = JAR_ERR_DISK;
+ }
+ PORT_Free(buffer);
+ return status;
+}
+
+/*
+ * j a r _ p h y s i c a l _ i n f l a t e
+ *
+ * Inflate a range of bytes in a file, writing the inflated
+ * result to "outpath". Chunk based.
+ *
+ */
+/* input and output chunks differ, assume 4x compression */
+
+#define ICHUNK 8192
+#define OCHUNK 32768
+
+static int
+jar_physical_inflate(JAR_FILE fp, char *outpath, unsigned long offset, unsigned long length,
+ unsigned int method)
+{
+ char *inbuf, *outbuf;
+ int status = 0;
+ z_stream zs;
+ JAR_FILE out;
+
+ /* Raw inflate in zlib 1.1.4 needs an extra dummy byte at the end */
+ if ((inbuf = (char *)PORT_ZAlloc(ICHUNK + 1)) == NULL)
+ return JAR_ERR_MEMORY;
+
+ if ((outbuf = (char *)PORT_ZAlloc(OCHUNK)) == NULL) {
+ PORT_Free(inbuf);
+ return JAR_ERR_MEMORY;
+ }
+
+ PORT_Memset(&zs, 0, sizeof(zs));
+ status = inflateInit2(&zs, -MAX_WBITS);
+ if (status != Z_OK) {
+ PORT_Free(inbuf);
+ PORT_Free(outbuf);
+ return JAR_ERR_GENERAL;
+ }
+
+ if ((out = JAR_FOPEN(outpath, "wb")) != NULL) {
+ unsigned long at = 0;
+
+ JAR_FSEEK(fp, offset, (PRSeekWhence)0);
+ while (at < length) {
+ unsigned long chunk = (at + ICHUNK <= length) ? ICHUNK : length - at;
+ unsigned long tin;
+
+ if (JAR_FREAD(fp, inbuf, chunk) != chunk) {
+ /* incomplete read */
+ JAR_FCLOSE(out);
+ PORT_Free(inbuf);
+ PORT_Free(outbuf);
+ return JAR_ERR_CORRUPT;
+ }
+ at += chunk;
+ if (at == length) {
+ /* add an extra dummy byte at the end */
+ inbuf[chunk++] = 0xDD;
+ }
+ zs.next_in = (Bytef *)inbuf;
+ zs.avail_in = chunk;
+ zs.avail_out = OCHUNK;
+ tin = zs.total_in;
+ while ((zs.total_in - tin < chunk) || (zs.avail_out == 0)) {
+ unsigned long prev_total = zs.total_out;
+ unsigned long ochunk;
+
+ zs.next_out = (Bytef *)outbuf;
+ zs.avail_out = OCHUNK;
+ status = inflate(&zs, Z_NO_FLUSH);
+ if (status != Z_OK && status != Z_STREAM_END) {
+ /* error during decompression */
+ JAR_FCLOSE(out);
+ PORT_Free(inbuf);
+ PORT_Free(outbuf);
+ return JAR_ERR_CORRUPT;
+ }
+ ochunk = zs.total_out - prev_total;
+ if (JAR_FWRITE(out, outbuf, ochunk) < (long)ochunk) {
+ /* most likely a disk full error */
+ status = JAR_ERR_DISK;
+ break;
+ }
+ if (status == Z_STREAM_END)
+ break;
+ }
+ }
+ JAR_FCLOSE(out);
+ status = inflateEnd(&zs);
+ } else {
+ /* error opening output file */
+ status = JAR_ERR_DISK;
+ }
+ PORT_Free(inbuf);
+ PORT_Free(outbuf);
+ return status;
+}
+
+/*
+ * j a r _ i n f l a t e _ m e m o r y
+ *
+ * Call zlib to inflate the given memory chunk. It is re-XP_ALLOC'd,
+ * and thus appears to operate inplace to the caller.
+ *
+ */
+static int
+jar_inflate_memory(unsigned int method, long *length, long expected_out_len,
+ char **data)
+{
+ char *inbuf = *data;
+ char *outbuf = (char *)PORT_ZAlloc(expected_out_len);
+ long insz = *length;
+ int status;
+ z_stream zs;
+
+ if (outbuf == NULL)
+ return JAR_ERR_MEMORY;
+
+ PORT_Memset(&zs, 0, sizeof zs);
+ status = inflateInit2(&zs, -MAX_WBITS);
+ if (status < 0) {
+ /* error initializing zlib stream */
+ PORT_Free(outbuf);
+ return JAR_ERR_GENERAL;
+ }
+
+ zs.next_in = (Bytef *)inbuf;
+ zs.next_out = (Bytef *)outbuf;
+ zs.avail_in = insz;
+ zs.avail_out = expected_out_len;
+
+ status = inflate(&zs, Z_FINISH);
+ if (status != Z_OK && status != Z_STREAM_END) {
+ /* error during deflation */
+ PORT_Free(outbuf);
+ return JAR_ERR_GENERAL;
+ }
+
+ status = inflateEnd(&zs);
+ if (status != Z_OK) {
+ /* error during deflation */
+ PORT_Free(outbuf);
+ return JAR_ERR_GENERAL;
+ }
+ PORT_Free(*data);
+ *data = outbuf;
+ *length = zs.total_out;
+ return 0;
+}
+
+/*
+ * v e r i f y _ e x t r a c t
+ *
+ * Validate signature on the freshly extracted file.
+ *
+ */
+static int
+jar_verify_extract(JAR *jar, char *path, char *physical_path)
+{
+ int status;
+ JAR_Digest dig;
+
+ PORT_Memset(&dig, 0, sizeof dig);
+ status = JAR_digest_file(physical_path, &dig);
+ if (!status)
+ status = JAR_verify_digest(jar, path, &dig);
+ return status;
+}
+
+/*
+ * g e t _ p h y s i c a l
+ *
+ * Let's get physical.
+ * Obtains the offset and length of this file in the jar file.
+ *
+ */
+static JAR_Physical *
+jar_get_physical(JAR *jar, char *pathname)
+{
+ ZZLink *link;
+ ZZList *list = jar->phy;
+
+ if (ZZ_ListEmpty(list))
+ return NULL;
+
+ for (link = ZZ_ListHead(list);
+ !ZZ_ListIterDone(list, link);
+ link = link->next) {
+ JAR_Item *it = link->thing;
+
+ if (it->type == jarTypePhy &&
+ it->pathname && !PORT_Strcmp(it->pathname, pathname)) {
+ JAR_Physical *phy = (JAR_Physical *)it->data;
+ return phy;
+ }
+ }
+ return NULL;
+}
+
+/*
+ * j a r _ e x t r a c t _ m a n i f e s t s
+ *
+ * Extract the manifest files and parse them,
+ * from an open archive file whose contents are known.
+ *
+ */
+static int
+jar_extract_manifests(JAR *jar, jarArch format, JAR_FILE fp)
+{
+ int status, signatures;
+
+ if (format != jarArchZip && format != jarArchTar)
+ return JAR_ERR_CORRUPT;
+
+ if ((status = jar_extract_mf(jar, format, fp, "mf")) < 0)
+ return status;
+ if (!status)
+ return JAR_ERR_ORDER;
+ if ((status = jar_extract_mf(jar, format, fp, "sf")) < 0)
+ return status;
+ if (!status)
+ return JAR_ERR_ORDER;
+ if ((status = jar_extract_mf(jar, format, fp, "rsa")) < 0)
+ return status;
+ signatures = status;
+ if ((status = jar_extract_mf(jar, format, fp, "dsa")) < 0)
+ return status;
+ if (!(signatures += status))
+ return JAR_ERR_SIG;
+ return 0;
+}
+
+/*
+ * j a r _ e x t r a c t _ m f
+ *
+ * Extracts manifest files based on an extension, which
+ * should be .MF, .SF, .RSA, etc. Order of the files is now no
+ * longer important when zipping jar files.
+ *
+ */
+static int
+jar_extract_mf(JAR *jar, jarArch format, JAR_FILE fp, char *ext)
+{
+ ZZLink *link;
+ ZZList *list = jar->phy;
+ int ret = 0;
+
+ if (ZZ_ListEmpty(list))
+ return JAR_ERR_PNF;
+
+ for (link = ZZ_ListHead(list);
+ ret >= 0 && !ZZ_ListIterDone(list, link);
+ link = link->next) {
+ JAR_Item *it = link->thing;
+
+ if (it->type == jarTypePhy &&
+ !PORT_Strncmp(it->pathname, "META-INF", 8)) {
+ JAR_Physical *phy = (JAR_Physical *)it->data;
+ char *fn = it->pathname + 8;
+ char *e;
+ char *manifest;
+ long length;
+ int num, status;
+
+ if (PORT_Strlen(it->pathname) < 8)
+ continue;
+
+ if (*fn == '/' || *fn == '\\')
+ fn++;
+ if (*fn == 0) {
+ /* just a directory entry */
+ continue;
+ }
+
+ /* skip to extension */
+ for (e = fn; *e && *e != '.'; e++)
+ /* yip */;
+
+ /* and skip dot */
+ if (*e == '.')
+ e++;
+ if (PORT_Strcasecmp(ext, e)) {
+ /* not the right extension */
+ continue;
+ }
+ if (phy->length == 0 || phy->length > 0xFFFF) {
+ /* manifest files cannot be zero length or too big! */
+ /* the 0xFFFF limit is per J2SE SDK */
+ return JAR_ERR_CORRUPT;
+ }
+
+ /* Read in the manifest and parse it */
+ /* Raw inflate in zlib 1.1.4 needs an extra dummy byte at the end */
+ manifest = (char *)PORT_ZAlloc(phy->length + 1);
+ if (!manifest)
+ return JAR_ERR_MEMORY;
+
+ JAR_FSEEK(fp, phy->offset, (PRSeekWhence)0);
+ num = JAR_FREAD(fp, manifest, phy->length);
+ if (num != phy->length) {
+ /* corrupt archive file */
+ PORT_Free(manifest);
+ return JAR_ERR_CORRUPT;
+ }
+
+ if (phy->compression == 8) {
+ length = phy->length;
+ /* add an extra dummy byte at the end */
+ manifest[length++] = 0xDD;
+ status = jar_inflate_memory((unsigned int)phy->compression,
+ &length,
+ phy->uncompressed_length,
+ &manifest);
+ if (status < 0) {
+ PORT_Free(manifest);
+ return status;
+ }
+ } else if (phy->compression) {
+ /* unsupported compression method */
+ PORT_Free(manifest);
+ return JAR_ERR_CORRUPT;
+ } else
+ length = phy->length;
+
+ status = JAR_parse_manifest(jar, manifest, length,
+ it->pathname, "url");
+ PORT_Free(manifest);
+ if (status < 0)
+ ret = status;
+ else
+ ++ret;
+ } else if (it->type == jarTypePhy) {
+ /* ordinary file */
+ }
+ }
+ return ret;
+}
+
+/*
+ * j a r _ g e n _ i n d e x
+ *
+ * Generate an index for the various types of
+ * known archive files. Right now .ZIP and .TAR
+ *
+ */
+static int
+jar_gen_index(JAR *jar, jarArch format, JAR_FILE fp)
+{
+ int result = JAR_ERR_CORRUPT;
+
+ JAR_FSEEK(fp, 0, (PRSeekWhence)0);
+ switch (format) {
+ case jarArchZip:
+ result = jar_listzip(jar, fp);
+ break;
+
+ case jarArchTar:
+ result = jar_listtar(jar, fp);
+ break;
+
+ case jarArchGuess:
+ case jarArchNone:
+ return JAR_ERR_GENERAL;
+ }
+ JAR_FSEEK(fp, 0, (PRSeekWhence)0);
+ return result;
+}
+
+/*
+ * j a r _ l i s t z i p
+ *
+ * List the physical contents of a Phil Katz
+ * style .ZIP file into the JAR linked list.
+ *
+ */
+static int
+jar_listzip(JAR *jar, JAR_FILE fp)
+{
+ ZZLink *ent;
+ JAR_Item *it = NULL;
+ JAR_Physical *phy = NULL;
+ struct ZipLocal *Local = PORT_ZNew(struct ZipLocal);
+ struct ZipCentral *Central = PORT_ZNew(struct ZipCentral);
+ struct ZipEnd *End = PORT_ZNew(struct ZipEnd);
+
+ int err = 0;
+ long pos = 0L;
+ unsigned int compression;
+ unsigned int filename_len, extra_len;
+
+ char filename[JAR_SIZE];
+ char date[9], time[9];
+ char sig[4];
+
+ if (!Local || !Central || !End) {
+ /* out of memory */
+ err = JAR_ERR_MEMORY;
+ goto loser;
+ }
+
+ while (1) {
+ PRUint32 sigVal;
+ JAR_FSEEK(fp, pos, (PRSeekWhence)0);
+
+ if (JAR_FREAD(fp, sig, sizeof sig) != sizeof sig) {
+ /* zip file ends prematurely */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+
+ JAR_FSEEK(fp, pos, (PRSeekWhence)0);
+ sigVal = x86LongToUint32(sig);
+ if (sigVal == LSIG) {
+ JAR_FREAD(fp, Local, sizeof *Local);
+
+ filename_len = x86ShortToUint32(Local->filename_len);
+ extra_len = x86ShortToUint32(Local->extrafield_len);
+ if (filename_len >= JAR_SIZE) {
+ /* corrupt zip file */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+
+ if (JAR_FREAD(fp, filename, filename_len) != filename_len) {
+ /* truncated archive file */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+ filename[filename_len] = 0;
+ /* Add this to our jar chain */
+ phy = PORT_ZNew(JAR_Physical);
+ if (phy == NULL) {
+ err = JAR_ERR_MEMORY;
+ goto loser;
+ }
+
+ /* We will index any file that comes our way, but when it comes
+ to actually extraction, compression must be 0 or 8 */
+ compression = x86ShortToUint32(Local->method);
+ phy->compression = (compression <= 255) ? compression : 222;
+ /* XXX 222 is bad magic. */
+
+ phy->offset = pos + (sizeof *Local) + filename_len + extra_len;
+ phy->length = x86LongToUint32(Local->size);
+ phy->uncompressed_length = x86LongToUint32(Local->orglen);
+
+ dosdate(date, Local->date);
+ dostime(time, Local->time);
+
+ it = PORT_ZNew(JAR_Item);
+ if (it == NULL) {
+ err = JAR_ERR_MEMORY;
+ goto loser;
+ }
+
+ it->pathname = PORT_Strdup(filename);
+ it->type = jarTypePhy;
+ it->data = (unsigned char *)phy;
+ it->size = sizeof(JAR_Physical);
+
+ ent = ZZ_NewLink(it);
+ if (ent == NULL) {
+ err = JAR_ERR_MEMORY;
+ goto loser;
+ }
+
+ ZZ_AppendLink(jar->phy, ent);
+ pos = phy->offset + phy->length;
+ } else if (sigVal == CSIG) {
+ unsigned int attr = 0;
+ if (JAR_FREAD(fp, Central, sizeof *Central) != sizeof *Central) {
+ /* apparently truncated archive */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+ /* with unix we need to locate any bits from
+ the protection mask in the external attributes. */
+ attr = Central->external_attributes[2]; /* magic */
+ if (attr) {
+ /* we have to read the filename, again */
+ filename_len = x86ShortToUint32(Central->filename_len);
+ if (filename_len >= JAR_SIZE) {
+ /* corrupt in central directory */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+
+ if (JAR_FREAD(fp, filename, filename_len) != filename_len) {
+ /* truncated in central directory */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+ filename[filename_len] = 0;
+
+ /* look up this name again */
+ phy = jar_get_physical(jar, filename);
+ if (phy) {
+ /* always allow access by self */
+ phy->mode = 0400 | attr;
+ }
+ }
+#endif
+ pos += sizeof(struct ZipCentral) +
+ x86ShortToUint32(Central->filename_len) +
+ x86ShortToUint32(Central->commentfield_len) +
+ x86ShortToUint32(Central->extrafield_len);
+ } else if (sigVal == ESIG) {
+ if (JAR_FREAD(fp, End, sizeof *End) != sizeof *End) {
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+ break;
+ } else {
+ /* garbage in archive */
+ err = JAR_ERR_CORRUPT;
+ goto loser;
+ }
+ }
+
+loser:
+ if (Local)
+ PORT_Free(Local);
+ if (phy && it == NULL)
+ PORT_Free(phy);
+ if (Central)
+ PORT_Free(Central);
+ if (End)
+ PORT_Free(End);
+ return err;
+}
+
+/*
+ * j a r _ l i s t t a r
+ *
+ * List the physical contents of a Unix
+ * .tar file into the JAR linked list.
+ *
+ */
+static int
+jar_listtar(JAR *jar, JAR_FILE fp)
+{
+ char *s;
+ JAR_Physical *phy;
+ long pos = 0L;
+ long sz;
+ union TarEntry tarball;
+
+ while (1) {
+ JAR_FSEEK(fp, pos, (PRSeekWhence)0);
+
+ if (JAR_FREAD(fp, &tarball, sizeof tarball) < sizeof tarball)
+ break;
+
+ if (!*tarball.val.filename)
+ break;
+
+ sz = octalToLong(tarball.val.size);
+
+ /* Tag the end of filename */
+ s = tarball.val.filename;
+ while (*s && *s != ' ')
+ s++;
+ *s = 0;
+
+ /* Add to our linked list */
+ phy = PORT_ZNew(JAR_Physical);
+ if (phy == NULL)
+ return JAR_ERR_MEMORY;
+
+ phy->compression = 0;
+ phy->offset = pos + sizeof tarball;
+ phy->length = sz;
+
+ ADDITEM(jar->phy, jarTypePhy, tarball.val.filename, phy,
+ sizeof *phy);
+
+ /* Advance to next file entry */
+ sz = PR_ROUNDUP(sz, sizeof tarball);
+ pos += sz + sizeof tarball;
+ }
+
+ return 0;
+}
+
+/*
+ * d o s d a t e
+ *
+ * Not used right now, but keep it in here because
+ * it will be needed.
+ *
+ */
+static int
+dosdate(char *date, const char *s)
+{
+ PRUint32 num = x86ShortToUint32(s);
+
+ PR_snprintf(date, 9, "%02d-%02d-%02d", ((num >> 5) & 0x0F), (num & 0x1F),
+ ((num >> 9) + 80));
+ return 0;
+}
+
+/*
+ * d o s t i m e
+ *
+ * Not used right now, but keep it in here because
+ * it will be needed.
+ *
+ */
+static int
+dostime(char *time, const char *s)
+{
+ PRUint32 num = x86ShortToUint32(s);
+
+ PR_snprintf(time, 6, "%02d:%02d", ((num >> 11) & 0x1F),
+ ((num >> 5) & 0x3F));
+ return 0;
+}
+
+#ifndef NSS_X86_OR_X64
+/*
+ * Simulates an x86 (little endian, unaligned) ushort fetch from any address.
+ */
+static PRUint32
+x86ShortToUint32(const void *v)
+{
+ const unsigned char *ii = (const unsigned char *)v;
+ PRUint32 ret = (PRUint32)(ii[0]) | ((PRUint32)(ii[1]) << 8);
+ return ret;
+}
+
+/*
+ * Simulates an x86 (little endian, unaligned) uint fetch from any address.
+ */
+static PRUint32
+x86LongToUint32(const void *v)
+{
+ const unsigned char *ll = (const unsigned char *)v;
+ PRUint32 ret;
+
+ ret = ((((PRUint32)(ll[0])) << 0) |
+ (((PRUint32)(ll[1])) << 8) |
+ (((PRUint32)(ll[2])) << 16) |
+ (((PRUint32)(ll[3])) << 24));
+ return ret;
+}
+#endif
+
+/*
+ * ASCII octal to binary long.
+ * Used for integer encoding inside tar files.
+ *
+ */
+static long
+octalToLong(const char *s)
+{
+ long num = 0L;
+
+ while (*s == ' ')
+ s++;
+ while (*s >= '0' && *s <= '7') {
+ num <<= 3;
+ num += *s++ - '0';
+ }
+ return num;
+}
+
+/*
+ * g u e s s _ j a r
+ *
+ * Try to guess what kind of JAR file this is.
+ * Maybe tar, maybe zip. Look in the file for magic
+ * or at its filename.
+ *
+ */
+static int
+jar_guess_jar(const char *filename, JAR_FILE fp)
+{
+ PRInt32 len = PORT_Strlen(filename);
+ const char *ext = filename + len - 4; /* 4 for ".tar" */
+
+ if (len >= 4 && !PL_strcasecmp(ext, ".tar"))
+ return jarArchTar;
+ return jarArchZip;
+}
diff --git a/security/nss/lib/jar/jarfile.h b/security/nss/lib/jar/jarfile.h
new file mode 100644
index 000000000..52d4f1fc7
--- /dev/null
+++ b/security/nss/lib/jar/jarfile.h
@@ -0,0 +1,76 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * JARFILE.H
+ *
+ * Certain constants and structures for the archive format.
+ *
+ */
+
+/* ZIP */
+struct ZipLocal { /* 30 bytes */
+ char signature[4];
+ char word[2];
+ char bitflag[2];
+ char method[2];
+ char time[2];
+ char date[2];
+ char crc32[4];
+ char size[4];
+ char orglen[4];
+ char filename_len[2];
+ char extrafield_len[2];
+};
+
+struct ZipCentral { /* 46 bytes */
+ char signature[4];
+ char version_made_by[2];
+ char version[2];
+ char bitflag[2];
+ char method[2];
+ char time[2];
+ char date[2];
+ char crc32[4];
+ char size[4];
+ char orglen[4];
+ char filename_len[2];
+ char extrafield_len[2];
+ char commentfield_len[2];
+ char diskstart_number[2];
+ char internal_attributes[2];
+ char external_attributes[4];
+ char localhdr_offset[4];
+};
+
+struct ZipEnd { /* 22 bytes */
+ char signature[4];
+ char disk_nr[2];
+ char start_central_dir[2];
+ char total_entries_disk[2];
+ char total_entries_archive[2];
+ char central_dir_size[4];
+ char offset_central_dir[4];
+ char commentfield_len[2];
+};
+
+#define LSIG 0x04034B50l
+#define CSIG 0x02014B50l
+#define ESIG 0x06054B50l
+
+/* TAR */
+union TarEntry { /* 512 bytes */
+ struct header { /* 257 bytes */
+ char filename[100];
+ char mode[8];
+ char uid[8];
+ char gid[8];
+ char size[12];
+ char time[12];
+ char checksum[8];
+ char linkflag;
+ char linkname[100];
+ } val;
+ char buffer[512];
+};
diff --git a/security/nss/lib/jar/jarint.c b/security/nss/lib/jar/jarint.c
new file mode 100644
index 000000000..b0ef7fb21
--- /dev/null
+++ b/security/nss/lib/jar/jarint.c
@@ -0,0 +1,52 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Internal libjar routines.
+ */
+
+#include "jar.h"
+#include "jarint.h"
+
+/*-----------------------------------------------------------------------
+ * JAR_FOPEN_to_PR_Open
+ * Translate JAR_FOPEN arguments to PR_Open arguments
+ */
+PRFileDesc*
+JAR_FOPEN_to_PR_Open(const char* name, const char* mode)
+{
+
+ PRIntn prflags = 0, prmode = 0;
+
+ /* Get read/write flags */
+ if (strchr(mode, 'r') && !strchr(mode, '+')) {
+ prflags |= PR_RDONLY;
+ } else if ((strchr(mode, 'w') || strchr(mode, 'a')) &&
+ !strchr(mode, '+')) {
+ prflags |= PR_WRONLY;
+ } else {
+ prflags |= PR_RDWR;
+ }
+
+ /* Create a new file? */
+ if (strchr(mode, 'w') || strchr(mode, 'a')) {
+ prflags |= PR_CREATE_FILE;
+ }
+
+ /* Append? */
+ if (strchr(mode, 'a')) {
+ prflags |= PR_APPEND;
+ }
+
+ /* Truncate? */
+ if (strchr(mode, 'w')) {
+ prflags |= PR_TRUNCATE;
+ }
+
+ /* We can't do umask because it isn't XP. Choose some default
+ mode for created files */
+ prmode = 0755;
+
+ return PR_Open(name, prflags, prmode);
+}
diff --git a/security/nss/lib/jar/jarint.h b/security/nss/lib/jar/jarint.h
new file mode 100644
index 000000000..21aecef89
--- /dev/null
+++ b/security/nss/lib/jar/jarint.h
@@ -0,0 +1,54 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* JAR internal routines */
+
+#include "nspr.h"
+#include "key.h"
+#include "base64.h"
+
+extern CERTCertDBHandle *JAR_open_database(void);
+
+extern int JAR_close_database(CERTCertDBHandle *certdb);
+
+extern int jar_close_key_database(void *keydb);
+
+extern void *jar_open_key_database(void);
+
+extern JAR_Signer *JAR_new_signer(void);
+
+extern void JAR_destroy_signer(JAR_Signer *signer);
+
+extern JAR_Signer *jar_get_signer(JAR *jar, char *basename);
+
+extern int
+jar_append(ZZList *list, int type, char *pathname, void *data, size_t size);
+
+/* Translate fopen mode arg to PR_Open flags and mode */
+PRFileDesc *
+JAR_FOPEN_to_PR_Open(const char *name, const char *mode);
+
+#define ADDITEM(list, type, pathname, data, size) \
+ { \
+ int err = jar_append(list, type, pathname, data, size); \
+ if (err < 0) \
+ return err; \
+ }
+
+/* Here is some ugliness in the event it is necessary to link
+ with NSPR 1.0 libraries, which do not include an FSEEK. It is
+ difficult to fudge an FSEEK into 1.0 so we use stdio. */
+
+/* nspr 2.0 suite */
+#define JAR_FILE PRFileDesc *
+#define JAR_FOPEN(fn, mode) JAR_FOPEN_to_PR_Open(fn, mode)
+#define JAR_FCLOSE PR_Close
+#define JAR_FSEEK PR_Seek
+#define JAR_FREAD PR_Read
+#define JAR_FWRITE PR_Write
+
+int
+jar_create_pk7(CERTCertDBHandle *certdb, void *keydb,
+ CERTCertificate *cert, char *password, JAR_FILE infp,
+ JAR_FILE outfp);
diff --git a/security/nss/lib/jar/jarnav.c b/security/nss/lib/jar/jarnav.c
new file mode 100644
index 000000000..8b72a52d8
--- /dev/null
+++ b/security/nss/lib/jar/jarnav.c
@@ -0,0 +1,63 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * JARNAV.C
+ *
+ * JAR stuff needed for client only.
+ *
+ */
+
+#include "jar.h"
+#include "jarint.h"
+
+/* from proto.h */
+extern MWContext *FE_GetInitContext(void);
+
+/* To return an MWContext for Java */
+static MWContext *(*jar_fn_FindSomeContext)(void) = NULL;
+
+/* To fabricate an MWContext for FE_GetPassword */
+static MWContext *(*jar_fn_GetInitContext)(void) = NULL;
+
+/*
+ * J A R _ i n i t
+ *
+ * Initialize the JAR functions.
+ *
+ */
+
+void
+JAR_init(void)
+{
+ JAR_init_callbacks(XP_GetString, NULL, NULL);
+}
+
+/*
+ * J A R _ s e t _ c o n t e x t
+ *
+ * Set the jar window context for use by PKCS11, since
+ * it may be needed to prompt the user for a password.
+ *
+ */
+int
+JAR_set_context(JAR *jar, MWContext *mw)
+{
+ if (mw) {
+ jar->mw = mw;
+ } else {
+ /* jar->mw = XP_FindSomeContext(); */
+ jar->mw = NULL;
+ /*
+ * We can't find a context because we're in startup state and none
+ * exist yet. go get an FE_InitContext that only works at
+ * initialization time.
+ */
+ /* Turn on the mac when we get the FE_ function */
+ if (jar->mw == NULL) {
+ jar->mw = jar_fn_GetInitContext();
+ }
+ }
+ return 0;
+}
diff --git a/security/nss/lib/jar/jarsign.c b/security/nss/lib/jar/jarsign.c
new file mode 100644
index 000000000..601a7fd04
--- /dev/null
+++ b/security/nss/lib/jar/jarsign.c
@@ -0,0 +1,250 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * JARSIGN
+ *
+ * Routines used in signing archives.
+ */
+
+#include "jar.h"
+#include "jarint.h"
+#include "secpkcs7.h"
+#include "pk11func.h"
+#include "sechash.h"
+
+/* from libevent.h */
+typedef void (*ETVoidPtrFunc)(void *data);
+
+/* key database wrapper */
+/* static SECKEYKeyDBHandle *jar_open_key_database (void); */
+/* CHUNQ is our bite size */
+
+#define CHUNQ 64000
+#define FILECHUNQ 32768
+
+/*
+ * J A R _ c a l c u l a t e _ d i g e s t
+ *
+ * Quick calculation of a digest for
+ * the specified block of memory. Will calculate
+ * for all supported algorithms, now MD5.
+ *
+ * This version supports huge pointers for WIN16.
+ *
+ */
+JAR_Digest *PR_CALLBACK
+JAR_calculate_digest(void *data, long length)
+{
+ PK11Context *md5 = 0;
+ PK11Context *sha1 = 0;
+ JAR_Digest *dig = PORT_ZNew(JAR_Digest);
+ long chunq;
+ unsigned int md5_length, sha1_length;
+
+ if (dig == NULL) {
+ /* out of memory allocating digest */
+ return NULL;
+ }
+
+ md5 = PK11_CreateDigestContext(SEC_OID_MD5);
+ if (md5 == NULL) {
+ PORT_ZFree(dig, sizeof(JAR_Digest));
+ return NULL;
+ }
+ sha1 = PK11_CreateDigestContext(SEC_OID_SHA1);
+ if (sha1 == NULL) {
+ PK11_DestroyContext(md5, PR_TRUE);
+ /* added due to bug Bug 1250214 - prevent the 2nd memory leak */
+ PORT_ZFree(dig, sizeof(JAR_Digest));
+ return NULL;
+ }
+
+ if (length >= 0) {
+ PK11_DigestBegin(md5);
+ PK11_DigestBegin(sha1);
+
+ do {
+ chunq = length;
+
+ PK11_DigestOp(md5, (unsigned char *)data, chunq);
+ PK11_DigestOp(sha1, (unsigned char *)data, chunq);
+ length -= chunq;
+ data = ((char *)data + chunq);
+ } while (length > 0);
+
+ PK11_DigestFinal(md5, dig->md5, &md5_length, MD5_LENGTH);
+ PK11_DigestFinal(sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
+
+ PK11_DestroyContext(md5, PR_TRUE);
+ PK11_DestroyContext(sha1, PR_TRUE);
+ }
+ return dig;
+}
+
+/*
+ * J A R _ d i g e s t _ f i l e
+ *
+ * Calculates the MD5 and SHA1 digests for a file
+ * present on disk, and returns these in JAR_Digest struct.
+ *
+ */
+int
+JAR_digest_file(char *filename, JAR_Digest *dig)
+{
+ JAR_FILE fp;
+ PK11Context *md5 = 0;
+ PK11Context *sha1 = 0;
+ unsigned char *buf = (unsigned char *)PORT_ZAlloc(FILECHUNQ);
+ int num;
+ unsigned int md5_length, sha1_length;
+
+ if (buf == NULL) {
+ /* out of memory */
+ return JAR_ERR_MEMORY;
+ }
+
+ if ((fp = JAR_FOPEN(filename, "rb")) == 0) {
+ /* perror (filename); FIX XXX XXX XXX XXX XXX XXX */
+ PORT_Free(buf);
+ return JAR_ERR_FNF;
+ }
+
+ md5 = PK11_CreateDigestContext(SEC_OID_MD5);
+ sha1 = PK11_CreateDigestContext(SEC_OID_SHA1);
+
+ if (md5 == NULL || sha1 == NULL) {
+ if (md5) {
+ PK11_DestroyContext(md5, PR_TRUE);
+ }
+ if (sha1) {
+ PK11_DestroyContext(sha1, PR_TRUE);
+ }
+ /* can't generate digest contexts */
+ PORT_Free(buf);
+ JAR_FCLOSE(fp);
+ return JAR_ERR_GENERAL;
+ }
+
+ PK11_DigestBegin(md5);
+ PK11_DigestBegin(sha1);
+
+ while (1) {
+ if ((num = JAR_FREAD(fp, buf, FILECHUNQ)) == 0)
+ break;
+
+ PK11_DigestOp(md5, buf, num);
+ PK11_DigestOp(sha1, buf, num);
+ }
+
+ PK11_DigestFinal(md5, dig->md5, &md5_length, MD5_LENGTH);
+ PK11_DigestFinal(sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
+
+ PK11_DestroyContext(md5, PR_TRUE);
+ PK11_DestroyContext(sha1, PR_TRUE);
+
+ PORT_Free(buf);
+ JAR_FCLOSE(fp);
+
+ return 0;
+}
+
+/*
+ * J A R _ o p e n _ k e y _ d a t a b a s e
+ *
+ */
+
+void *
+jar_open_key_database(void)
+{
+ return NULL;
+}
+
+int
+jar_close_key_database(void *keydb)
+{
+ /* We never do close it */
+ return 0;
+}
+
+/*
+ * j a r _ c r e a t e _ p k 7
+ *
+ */
+
+static void
+jar_pk7_out(void *arg, const char *buf, unsigned long len)
+{
+ JAR_FWRITE((JAR_FILE)arg, buf, len);
+}
+
+int
+jar_create_pk7(CERTCertDBHandle *certdb, void *keydb, CERTCertificate *cert,
+ char *password, JAR_FILE infp, JAR_FILE outfp)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ const SECHashObject *hashObj;
+ void *mw = NULL;
+ void *hashcx;
+ unsigned int len;
+ int status = 0;
+ SECStatus rv;
+ SECItem digest;
+ unsigned char digestdata[32];
+ unsigned char buffer[4096];
+
+ if (outfp == NULL || infp == NULL || cert == NULL)
+ return JAR_ERR_GENERAL;
+
+ /* we sign with SHA */
+ hashObj = HASH_GetHashObject(HASH_AlgSHA1);
+
+ hashcx = (*hashObj->create)();
+ if (hashcx == NULL)
+ return JAR_ERR_GENERAL;
+
+ (*hashObj->begin)(hashcx);
+ while (1) {
+ int nb = JAR_FREAD(infp, buffer, sizeof buffer);
+ if (nb == 0) { /* eof */
+ break;
+ }
+ (*hashObj->update)(hashcx, buffer, nb);
+ }
+ (*hashObj->end)(hashcx, digestdata, &len, 32);
+ (*hashObj->destroy)(hashcx, PR_TRUE);
+
+ digest.data = digestdata;
+ digest.len = len;
+
+ /* signtool must use any old context it can find since it's
+ calling from inside javaland. */
+ PORT_SetError(0);
+ cinfo = SEC_PKCS7CreateSignedData(cert, certUsageObjectSigner, NULL,
+ SEC_OID_SHA1, &digest, NULL, mw);
+ if (cinfo == NULL)
+ return JAR_ERR_PK7;
+
+ rv = SEC_PKCS7IncludeCertChain(cinfo, NULL);
+ if (rv != SECSuccess) {
+ status = PORT_GetError();
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return status;
+ }
+
+ /* Having this here forces signtool to always include signing time. */
+ rv = SEC_PKCS7AddSigningTime(cinfo);
+ /* don't check error */
+ PORT_SetError(0);
+
+ /* if calling from mozilla thread*/
+ rv = SEC_PKCS7Encode(cinfo, jar_pk7_out, outfp, NULL, NULL, mw);
+ if (rv != SECSuccess)
+ status = PORT_GetError();
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ if (rv != SECSuccess) {
+ return ((status < 0) ? status : JAR_ERR_GENERAL);
+ }
+ return 0;
+}
diff --git a/security/nss/lib/jar/jarver.c b/security/nss/lib/jar/jarver.c
new file mode 100644
index 000000000..38d73c21c
--- /dev/null
+++ b/security/nss/lib/jar/jarver.c
@@ -0,0 +1,1167 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * JARVER
+ *
+ * Jarnature Parsing & Verification
+ */
+
+#include "nssrenam.h"
+#include "jar.h"
+#include "jarint.h"
+#include "certdb.h"
+#include "certt.h"
+#include "secpkcs7.h"
+#include "secder.h"
+
+#define SZ 512
+
+static int
+jar_validate_pkcs7(JAR *jar, JAR_Signer *signer, char *data, long length);
+
+static void
+jar_catch_bytes(void *arg, const char *buf, unsigned long len);
+
+static int
+jar_gather_signers(JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo);
+
+static char *
+jar_eat_line(int lines, int eating, char *data, long *len);
+
+static JAR_Digest *
+jar_digest_section(char *manifest, long length);
+
+static JAR_Digest *jar_get_mf_digest(JAR *jar, char *path);
+
+static int
+jar_parse_digital_signature(char *raw_manifest, JAR_Signer *signer,
+ long length, JAR *jar);
+
+static int
+jar_add_cert(JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert);
+
+static char *jar_basename(const char *path);
+
+static int
+jar_signal(int status, JAR *jar, const char *metafile, char *pathname);
+
+#ifdef DEBUG
+static int jar_insanity_check(char *data, long length);
+#endif
+
+int
+jar_parse_mf(JAR *jar, char *raw_manifest, long length,
+ const char *path, const char *url);
+
+int
+jar_parse_sf(JAR *jar, char *raw_manifest, long length,
+ const char *path, const char *url);
+
+int
+jar_parse_sig(JAR *jar, const char *path, char *raw_manifest,
+ long length);
+
+int
+jar_parse_any(JAR *jar, int type, JAR_Signer *signer,
+ char *raw_manifest, long length, const char *path,
+ const char *url);
+
+static int
+jar_internal_digest(JAR *jar, const char *path, char *x_name, JAR_Digest *dig);
+
+/*
+ * J A R _ p a r s e _ m a n i f e s t
+ *
+ * Pass manifest files to this function. They are
+ * decoded and placed into internal representations.
+ *
+ * Accepts both signature and manifest files. Use
+ * the same "jar" for both.
+ *
+ */
+int
+JAR_parse_manifest(JAR *jar, char *raw_manifest, long length,
+ const char *path, const char *url)
+{
+ int filename_free = 0;
+
+ /* fill in the path, if supplied. This is the location
+ of the jar file on disk, if known */
+
+ if (jar->filename == NULL && path) {
+ jar->filename = PORT_Strdup(path);
+ if (jar->filename == NULL)
+ return JAR_ERR_MEMORY;
+ filename_free = 1;
+ }
+
+ /* fill in the URL, if supplied. This is the place
+ from which the jar file was retrieved. */
+
+ if (jar->url == NULL && url) {
+ jar->url = PORT_Strdup(url);
+ if (jar->url == NULL) {
+ if (filename_free) {
+ PORT_Free(jar->filename);
+ }
+ return JAR_ERR_MEMORY;
+ }
+ }
+
+ /* Determine what kind of file this is from the META-INF
+ directory. It could be MF, SF, or a binary RSA/DSA file */
+
+ if (!PORT_Strncasecmp(raw_manifest, "Manifest-Version:", 17)) {
+ return jar_parse_mf(jar, raw_manifest, length, path, url);
+ } else if (!PORT_Strncasecmp(raw_manifest, "Signature-Version:", 18)) {
+ return jar_parse_sf(jar, raw_manifest, length, path, url);
+ } else {
+ /* This is probably a binary signature */
+ return jar_parse_sig(jar, path, raw_manifest, length);
+ }
+}
+
+/*
+ * j a r _ p a r s e _ s i g
+ *
+ * Pass some manner of RSA or DSA digital signature
+ * on, after checking to see if it comes at an appropriate state.
+ *
+ */
+int
+jar_parse_sig(JAR *jar, const char *path, char *raw_manifest,
+ long length)
+{
+ JAR_Signer *signer;
+ int status = JAR_ERR_ORDER;
+
+ if (length <= 128) {
+ /* signature is way too small */
+ return JAR_ERR_SIG;
+ }
+
+ /* make sure that MF and SF have already been processed */
+
+ if (jar->globalmeta == NULL)
+ return JAR_ERR_ORDER;
+
+ /* Determine whether or not this RSA file has
+ has an associated SF file */
+
+ if (path) {
+ char *owner;
+ owner = jar_basename(path);
+
+ if (owner == NULL)
+ return JAR_ERR_MEMORY;
+
+ signer = jar_get_signer(jar, owner);
+ PORT_Free(owner);
+ } else
+ signer = jar_get_signer(jar, "*");
+
+ if (signer == NULL)
+ return JAR_ERR_ORDER;
+
+ /* Do not pass a huge pointer to this function,
+ since the underlying security code is unaware. We will
+ never pass >64k through here. */
+
+ if (length > 64000) {
+ /* this digital signature is way too big */
+ return JAR_ERR_SIG;
+ }
+
+ /* don't expense unneeded calloc overhead on non-win16 */
+ status = jar_parse_digital_signature(raw_manifest, signer, length, jar);
+
+ return status;
+}
+
+/*
+ * j a r _ p a r s e _ m f
+ *
+ * Parse the META-INF/manifest.mf file, whose
+ * information applies to all signers.
+ *
+ */
+int
+jar_parse_mf(JAR *jar, char *raw_manifest, long length,
+ const char *path, const char *url)
+{
+ if (jar->globalmeta) {
+ /* refuse a second manifest file, if passed for some reason */
+ return JAR_ERR_ORDER;
+ }
+
+ /* remember a digest for the global section */
+ jar->globalmeta = jar_digest_section(raw_manifest, length);
+ if (jar->globalmeta == NULL)
+ return JAR_ERR_MEMORY;
+ return jar_parse_any(jar, jarTypeMF, NULL, raw_manifest, length,
+ path, url);
+}
+
+/*
+ * j a r _ p a r s e _ s f
+ *
+ * Parse META-INF/xxx.sf, a digitally signed file
+ * pointing to a subset of MF sections.
+ *
+ */
+int
+jar_parse_sf(JAR *jar, char *raw_manifest, long length,
+ const char *path, const char *url)
+{
+ JAR_Signer *signer = NULL;
+ int status = JAR_ERR_MEMORY;
+
+ if (jar->globalmeta == NULL) {
+ /* It is a requirement that the MF file be passed before the SF file */
+ return JAR_ERR_ORDER;
+ }
+
+ signer = JAR_new_signer();
+ if (signer == NULL)
+ goto loser;
+
+ if (path) {
+ signer->owner = jar_basename(path);
+ if (signer->owner == NULL)
+ goto loser;
+ }
+
+ /* check for priors. When someone doctors a jar file
+ to contain identical path entries, prevent the second
+ one from affecting JAR functions */
+ if (jar_get_signer(jar, signer->owner)) {
+ /* someone is trying to spoof us */
+ status = JAR_ERR_ORDER;
+ goto loser;
+ }
+
+ /* remember its digest */
+ signer->digest = JAR_calculate_digest(raw_manifest, length);
+ if (signer->digest == NULL)
+ goto loser;
+
+ /* Add this signer to the jar */
+ ADDITEM(jar->signers, jarTypeOwner, signer->owner, signer,
+ sizeof(JAR_Signer));
+
+ return jar_parse_any(jar, jarTypeSF, signer, raw_manifest, length,
+ path, url);
+
+loser:
+ if (signer)
+ JAR_destroy_signer(signer);
+ return status;
+}
+
+/*
+ * j a r _ p a r s e _ a n y
+ *
+ * Parse a MF or SF manifest file.
+ *
+ */
+int
+jar_parse_any(JAR *jar, int type, JAR_Signer *signer,
+ char *raw_manifest, long length, const char *path,
+ const char *url)
+{
+ int status;
+ long raw_len;
+ JAR_Digest *dig, *mfdig = NULL;
+ char line[SZ];
+ char x_name[SZ], x_md5[SZ], x_sha[SZ];
+ char *x_info;
+ char *sf_md5 = NULL, *sf_sha1 = NULL;
+
+ *x_name = 0;
+ *x_md5 = 0;
+ *x_sha = 0;
+
+ PORT_Assert(length > 0);
+ raw_len = length;
+
+#ifdef DEBUG
+ if ((status = jar_insanity_check(raw_manifest, raw_len)) < 0)
+ return status;
+#endif
+
+ /* null terminate the first line */
+ raw_manifest = jar_eat_line(0, PR_TRUE, raw_manifest, &raw_len);
+
+ /* skip over the preliminary section */
+ /* This is one section at the top of the file with global metainfo */
+ while (raw_len > 0) {
+ JAR_Metainfo *met;
+
+ raw_manifest = jar_eat_line(1, PR_TRUE, raw_manifest, &raw_len);
+ if (raw_len <= 0 || !*raw_manifest)
+ break;
+
+ met = PORT_ZNew(JAR_Metainfo);
+ if (met == NULL)
+ return JAR_ERR_MEMORY;
+
+ /* Parse out the header & info */
+ if (PORT_Strlen(raw_manifest) >= SZ) {
+ /* almost certainly nonsense */
+ PORT_Free(met);
+ continue;
+ }
+
+ PORT_Strcpy(line, raw_manifest);
+ x_info = line;
+
+ while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
+ x_info++;
+
+ if (*x_info)
+ *x_info++ = 0;
+
+ while (*x_info == ' ' || *x_info == '\t')
+ x_info++;
+
+ /* metainfo (name, value) pair is now (line, x_info) */
+ met->header = PORT_Strdup(line);
+ met->info = PORT_Strdup(x_info);
+
+ if (type == jarTypeMF) {
+ ADDITEM(jar->metainfo, jarTypeMeta,
+ /* pathname */ NULL, met, sizeof(JAR_Metainfo));
+ }
+
+ /* For SF files, this metadata may be the digests
+ of the MF file, still in the "met" structure. */
+
+ if (type == jarTypeSF) {
+ if (!PORT_Strcasecmp(line, "MD5-Digest")) {
+ sf_md5 = (char *)met->info;
+ } else if (!PORT_Strcasecmp(line, "SHA1-Digest") ||
+ !PORT_Strcasecmp(line, "SHA-Digest")) {
+ sf_sha1 = (char *)met->info;
+ } else {
+ PORT_Free(met->info);
+ met->info = NULL;
+ }
+ }
+
+ if (type != jarTypeMF) {
+ PORT_Free(met->header);
+ if ((type != jarTypeSF || !jar->globalmeta) && met->info) {
+ PORT_Free(met->info);
+ }
+ PORT_Free(met);
+ }
+ }
+
+ if (type == jarTypeSF && jar->globalmeta) {
+ /* this is a SF file which may contain a digest of the manifest.mf's
+ global metainfo. */
+
+ int match = 0;
+ JAR_Digest *glob = jar->globalmeta;
+
+ if (sf_md5) {
+ unsigned int md5_length;
+ unsigned char *md5_digest;
+
+ md5_digest = ATOB_AsciiToData(sf_md5, &md5_length);
+ PORT_Assert(md5_length == MD5_LENGTH);
+ PORT_Free(sf_md5);
+
+ if (md5_length != MD5_LENGTH)
+ return JAR_ERR_CORRUPT;
+
+ match = PORT_Memcmp(md5_digest, glob->md5, MD5_LENGTH);
+ PORT_Free(md5_digest);
+ }
+
+ if (sf_sha1 && match == 0) {
+ unsigned int sha1_length;
+ unsigned char *sha1_digest;
+
+ sha1_digest = ATOB_AsciiToData(sf_sha1, &sha1_length);
+ PORT_Assert(sha1_length == SHA1_LENGTH);
+ PORT_Free(sf_sha1);
+
+ if (sha1_length != SHA1_LENGTH)
+ return JAR_ERR_CORRUPT;
+
+ match = PORT_Memcmp(sha1_digest, glob->sha1, SHA1_LENGTH);
+ PORT_Free(sha1_digest);
+ }
+
+ if (match != 0) {
+ /* global digest doesn't match, SF file therefore invalid */
+ jar->valid = JAR_ERR_METADATA;
+ return JAR_ERR_METADATA;
+ }
+ }
+
+ /* done with top section of global data */
+ while (raw_len > 0) {
+ *x_md5 = 0;
+ *x_sha = 0;
+ *x_name = 0;
+
+ /* If this is a manifest file, attempt to get a digest of the following
+ section, without damaging it. This digest will be saved later. */
+
+ if (type == jarTypeMF) {
+ char *sec;
+ long sec_len = raw_len;
+
+ if (!*raw_manifest || *raw_manifest == '\n') {
+ /* skip the blank line */
+ sec = jar_eat_line(1, PR_FALSE, raw_manifest, &sec_len);
+ } else
+ sec = raw_manifest;
+
+ if (sec_len > 0 && !PORT_Strncasecmp(sec, "Name:", 5)) {
+ if (type == jarTypeMF)
+ mfdig = jar_digest_section(sec, sec_len);
+ else
+ mfdig = NULL;
+ }
+ }
+
+ while (raw_len > 0) {
+ raw_manifest = jar_eat_line(1, PR_TRUE, raw_manifest, &raw_len);
+ if (raw_len <= 0 || !*raw_manifest)
+ break; /* blank line, done with this entry */
+
+ if (PORT_Strlen(raw_manifest) >= SZ) {
+ /* almost certainly nonsense */
+ continue;
+ }
+
+ /* Parse out the name/value pair */
+ PORT_Strcpy(line, raw_manifest);
+ x_info = line;
+
+ while (*x_info && *x_info != ' ' && *x_info != '\t' &&
+ *x_info != ':')
+ x_info++;
+
+ if (*x_info)
+ *x_info++ = 0;
+
+ while (*x_info == ' ' || *x_info == '\t')
+ x_info++;
+
+ if (!PORT_Strcasecmp(line, "Name"))
+ PORT_Strcpy(x_name, x_info);
+ else if (!PORT_Strcasecmp(line, "MD5-Digest"))
+ PORT_Strcpy(x_md5, x_info);
+ else if (!PORT_Strcasecmp(line, "SHA1-Digest") ||
+ !PORT_Strcasecmp(line, "SHA-Digest"))
+ PORT_Strcpy(x_sha, x_info);
+
+ /* Algorithm list is meta info we don't care about; keeping it out
+ of metadata saves significant space for large jar files */
+ else if (!PORT_Strcasecmp(line, "Digest-Algorithms") ||
+ !PORT_Strcasecmp(line, "Hash-Algorithms"))
+ continue;
+
+ /* Meta info is only collected for the manifest.mf file,
+ since the JAR_get_metainfo call does not support identity */
+ else if (type == jarTypeMF) {
+ JAR_Metainfo *met;
+
+ /* this is meta-data */
+ met = PORT_ZNew(JAR_Metainfo);
+ if (met == NULL)
+ return JAR_ERR_MEMORY;
+
+ /* metainfo (name, value) pair is now (line, x_info) */
+ if ((met->header = PORT_Strdup(line)) == NULL) {
+ PORT_Free(met);
+ return JAR_ERR_MEMORY;
+ }
+
+ if ((met->info = PORT_Strdup(x_info)) == NULL) {
+ PORT_Free(met->header);
+ PORT_Free(met);
+ return JAR_ERR_MEMORY;
+ }
+
+ ADDITEM(jar->metainfo, jarTypeMeta,
+ x_name, met, sizeof(JAR_Metainfo));
+ }
+ }
+
+ if (!*x_name) {
+ /* Whatever that was, it wasn't an entry, because we didn't get a
+ name. We don't really have anything, so don't record this. */
+ continue;
+ }
+
+ dig = PORT_ZNew(JAR_Digest);
+ if (dig == NULL)
+ return JAR_ERR_MEMORY;
+
+ if (*x_md5) {
+ unsigned int binary_length;
+ unsigned char *binary_digest;
+
+ binary_digest = ATOB_AsciiToData(x_md5, &binary_length);
+ PORT_Assert(binary_length == MD5_LENGTH);
+ if (binary_length != MD5_LENGTH) {
+ PORT_Free(dig);
+ return JAR_ERR_CORRUPT;
+ }
+ memcpy(dig->md5, binary_digest, MD5_LENGTH);
+ dig->md5_status = jarHashPresent;
+ PORT_Free(binary_digest);
+ }
+
+ if (*x_sha) {
+ unsigned int binary_length;
+ unsigned char *binary_digest;
+
+ binary_digest = ATOB_AsciiToData(x_sha, &binary_length);
+ PORT_Assert(binary_length == SHA1_LENGTH);
+ if (binary_length != SHA1_LENGTH) {
+ PORT_Free(dig);
+ return JAR_ERR_CORRUPT;
+ }
+ memcpy(dig->sha1, binary_digest, SHA1_LENGTH);
+ dig->sha1_status = jarHashPresent;
+ PORT_Free(binary_digest);
+ }
+
+ PORT_Assert(type == jarTypeMF || type == jarTypeSF);
+ if (type == jarTypeMF) {
+ ADDITEM(jar->hashes, jarTypeMF, x_name, dig, sizeof(JAR_Digest));
+ } else if (type == jarTypeSF) {
+ ADDITEM(signer->sf, jarTypeSF, x_name, dig, sizeof(JAR_Digest));
+ } else {
+ PORT_Free(dig);
+ return JAR_ERR_ORDER;
+ }
+
+ /* we're placing these calculated digests of manifest.mf
+ sections in a list where they can subsequently be forgotten */
+ if (type == jarTypeMF && mfdig) {
+ ADDITEM(jar->manifest, jarTypeSect,
+ x_name, mfdig, sizeof(JAR_Digest));
+ mfdig = NULL;
+ }
+
+ /* Retrieve our saved SHA1 digest from saved copy and check digests.
+ This is just comparing the digest of the MF section as indicated in
+ the SF file with the one we remembered from parsing the MF file */
+
+ if (type == jarTypeSF) {
+ if ((status = jar_internal_digest(jar, path, x_name, dig)) < 0)
+ return status;
+ }
+ }
+
+ return 0;
+}
+
+static int
+jar_internal_digest(JAR *jar, const char *path, char *x_name, JAR_Digest *dig)
+{
+ int cv;
+ int status;
+
+ JAR_Digest *savdig;
+
+ savdig = jar_get_mf_digest(jar, x_name);
+ if (savdig == NULL) {
+ /* no .mf digest for this pathname */
+ status = jar_signal(JAR_ERR_ENTRY, jar, path, x_name);
+ if (status < 0)
+ return 0; /* was continue; */
+ return status;
+ }
+
+ /* check for md5 consistency */
+ if (dig->md5_status) {
+ cv = PORT_Memcmp(savdig->md5, dig->md5, MD5_LENGTH);
+ /* md5 hash of .mf file is not what expected */
+ if (cv) {
+ status = jar_signal(JAR_ERR_HASH, jar, path, x_name);
+
+ /* bad hash, man */
+ dig->md5_status = jarHashBad;
+ savdig->md5_status = jarHashBad;
+
+ if (status < 0)
+ return 0; /* was continue; */
+ return status;
+ }
+ }
+
+ /* check for sha1 consistency */
+ if (dig->sha1_status) {
+ cv = PORT_Memcmp(savdig->sha1, dig->sha1, SHA1_LENGTH);
+ /* sha1 hash of .mf file is not what expected */
+ if (cv) {
+ status = jar_signal(JAR_ERR_HASH, jar, path, x_name);
+
+ /* bad hash, man */
+ dig->sha1_status = jarHashBad;
+ savdig->sha1_status = jarHashBad;
+
+ if (status < 0)
+ return 0; /* was continue; */
+ return status;
+ }
+ }
+ return 0;
+}
+
+#ifdef DEBUG
+/*
+ * j a r _ i n s a n i t y _ c h e c k
+ *
+ * Check for illegal characters (or possibly so)
+ * in the manifest files, to detect potential memory
+ * corruption by our neighbors. Debug only, since
+ * not I18N safe.
+ *
+ */
+static int
+jar_insanity_check(char *data, long length)
+{
+ int c;
+ long off;
+
+ for (off = 0; off < length; off++) {
+ c = data[off];
+ if (c == '\n' || c == '\r' || (c >= ' ' && c <= 128))
+ continue;
+ return JAR_ERR_CORRUPT;
+ }
+ return 0;
+}
+#endif
+
+/*
+ * j a r _ p a r s e _ d i g i t a l _ s i g n a t u r e
+ *
+ * Parse an RSA or DSA (or perhaps other) digital signature.
+ * Right now everything is PKCS7.
+ *
+ */
+static int
+jar_parse_digital_signature(char *raw_manifest, JAR_Signer *signer,
+ long length, JAR *jar)
+{
+ return jar_validate_pkcs7(jar, signer, raw_manifest, length);
+}
+
+/*
+ * j a r _ a d d _ c e r t
+ *
+ * Add information for the given certificate
+ * (or whatever) to the JAR linked list. A pointer
+ * is passed for some relevant reference, say
+ * for example the original certificate.
+ *
+ */
+static int
+jar_add_cert(JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert)
+{
+ JAR_Cert *fing;
+ unsigned char *keyData;
+
+ if (cert == NULL)
+ return JAR_ERR_ORDER;
+
+ fing = PORT_ZNew(JAR_Cert);
+ if (fing == NULL)
+ goto loser;
+
+ fing->cert = CERT_DupCertificate(cert);
+
+ /* get the certkey */
+ fing->length = cert->derIssuer.len + 2 + cert->serialNumber.len;
+ fing->key = keyData = (unsigned char *)PORT_ZAlloc(fing->length);
+ if (fing->key == NULL)
+ goto loser;
+ keyData[0] = ((cert->derIssuer.len) >> 8) & 0xff;
+ keyData[1] = ((cert->derIssuer.len) & 0xff);
+ PORT_Memcpy(&keyData[2], cert->derIssuer.data, cert->derIssuer.len);
+ PORT_Memcpy(&keyData[2 + cert->derIssuer.len], cert->serialNumber.data,
+ cert->serialNumber.len);
+
+ ADDITEM(signer->certs, type, NULL, fing, sizeof(JAR_Cert));
+ return 0;
+
+loser:
+ if (fing) {
+ if (fing->cert)
+ CERT_DestroyCertificate(fing->cert);
+ PORT_Free(fing);
+ }
+ return JAR_ERR_MEMORY;
+}
+
+/*
+ * e a t _ l i n e
+ *
+ * Reads and/or modifies input buffer "data" of length "*len".
+ * This function does zero, one or two of the following tasks:
+ * 1) if "lines" is non-zero, it reads and discards that many lines from
+ * the input. NUL characters are treated as end-of-line characters,
+ * not as end-of-input characters. The input is NOT NUL terminated.
+ * Note: presently, all callers pass either 0 or 1 for lines.
+ * 2) After skipping the specified number of input lines, if "eating" is
+ * non-zero, it finds the end of the next line of input and replaces
+ * the end of line character(s) with a NUL character.
+ * This function modifies the input buffer, containing the file, in place.
+ * This function handles PC, Mac, and Unix style text files.
+ * On entry, *len contains the maximum number of characters that this
+ * function should ever examine, starting with the character in *data.
+ * On return, *len is reduced by the number of characters skipped by the
+ * first task, if any;
+ * If lines is zero and eating is false, this function returns
+ * the value in the data argument, but otherwise does nothing.
+ */
+static char *
+jar_eat_line(int lines, int eating, char *data, long *len)
+{
+ char *start = data;
+ long maxLen = *len;
+
+ if (maxLen <= 0)
+ return start;
+
+#define GO_ON ((data - start) < maxLen)
+
+ /* Eat the requisite number of lines, if any;
+ prior to terminating the current line with a 0. */
+ for (/* yip */; lines > 0; lines--) {
+ while (GO_ON && *data && *data != '\r' && *data != '\n')
+ data++;
+
+ /* Eat any leading CR */
+ if (GO_ON && *data == '\r')
+ data++;
+
+ /* After the CR, ok to eat one LF */
+ if (GO_ON && *data == '\n')
+ data++;
+
+ /* If there are NULs, this function probably put them there */
+ while (GO_ON && !*data)
+ data++;
+ }
+ maxLen -= data - start; /* we have this many characters left. */
+ *len = maxLen;
+ start = data; /* now start again here. */
+ if (maxLen > 0 && eating) {
+ /* Terminate this line with a 0 */
+ while (GO_ON && *data && *data != '\n' && *data != '\r')
+ data++;
+
+ /* If not past the end, we are allowed to eat one CR */
+ if (GO_ON && *data == '\r')
+ *data++ = 0;
+
+ /* After the CR (if any), if not past the end, ok to eat one LF */
+ if (GO_ON && *data == '\n')
+ *data++ = 0;
+ }
+ return start;
+}
+#undef GO_ON
+
+/*
+ * j a r _ d i g e s t _ s e c t i o n
+ *
+ * Return the digests of the next section of the manifest file.
+ * Does not damage the manifest file, unlike parse_manifest.
+ *
+ */
+static JAR_Digest *
+jar_digest_section(char *manifest, long length)
+{
+ long global_len;
+ char *global_end;
+
+ global_end = manifest;
+ global_len = length;
+
+ while (global_len > 0) {
+ global_end = jar_eat_line(1, PR_FALSE, global_end, &global_len);
+ if (global_len > 0 && (*global_end == 0 || *global_end == '\n'))
+ break;
+ }
+ return JAR_calculate_digest(manifest, global_end - manifest);
+}
+
+/*
+ * J A R _ v e r i f y _ d i g e s t
+ *
+ * Verifies that a precalculated digest matches the
+ * expected value in the manifest.
+ *
+ */
+int PR_CALLBACK
+JAR_verify_digest(JAR *jar, const char *name, JAR_Digest *dig)
+{
+ JAR_Item *it;
+ JAR_Digest *shindig;
+ ZZLink *link;
+ ZZList *list = jar->hashes;
+ int result1 = 0;
+ int result2 = 0;
+
+ if (jar->valid < 0) {
+ /* signature not valid */
+ return JAR_ERR_SIG;
+ }
+ if (ZZ_ListEmpty(list)) {
+ /* empty list */
+ return JAR_ERR_PNF;
+ }
+
+ for (link = ZZ_ListHead(list);
+ !ZZ_ListIterDone(list, link);
+ link = link->next) {
+ it = link->thing;
+ if (it->type == jarTypeMF &&
+ it->pathname && !PORT_Strcmp(it->pathname, name)) {
+ shindig = (JAR_Digest *)it->data;
+ if (shindig->md5_status) {
+ if (shindig->md5_status == jarHashBad)
+ return JAR_ERR_HASH;
+ result1 = memcmp(dig->md5, shindig->md5, MD5_LENGTH);
+ }
+ if (shindig->sha1_status) {
+ if (shindig->sha1_status == jarHashBad)
+ return JAR_ERR_HASH;
+ result2 = memcmp(dig->sha1, shindig->sha1, SHA1_LENGTH);
+ }
+ return (result1 == 0 && result2 == 0) ? 0 : JAR_ERR_HASH;
+ }
+ }
+ return JAR_ERR_PNF;
+}
+
+/*
+ * J A R _ f e t c h _ c e r t
+ *
+ * Given an opaque identifier of a certificate,
+ * return the full certificate.
+ *
+ * The new function, which retrieves by key.
+ *
+ */
+CERTCertificate *
+JAR_fetch_cert(long length, void *key)
+{
+ CERTIssuerAndSN issuerSN;
+ CERTCertificate *cert = NULL;
+ CERTCertDBHandle *certdb;
+
+ certdb = JAR_open_database();
+ if (certdb) {
+ unsigned char *keyData = (unsigned char *)key;
+ issuerSN.derIssuer.len = (keyData[0] << 8) + keyData[0];
+ issuerSN.derIssuer.data = &keyData[2];
+ issuerSN.serialNumber.len = length - (2 + issuerSN.derIssuer.len);
+ issuerSN.serialNumber.data = &keyData[2 + issuerSN.derIssuer.len];
+ cert = CERT_FindCertByIssuerAndSN(certdb, &issuerSN);
+ JAR_close_database(certdb);
+ }
+ return cert;
+}
+
+/*
+ * j a r _ g e t _ m f _ d i g e s t
+ *
+ * Retrieve a corresponding saved digest over a section
+ * of the main manifest file.
+ *
+ */
+static JAR_Digest *
+jar_get_mf_digest(JAR *jar, char *pathname)
+{
+ JAR_Item *it;
+ JAR_Digest *dig;
+ ZZLink *link;
+ ZZList *list = jar->manifest;
+
+ if (ZZ_ListEmpty(list))
+ return NULL;
+
+ for (link = ZZ_ListHead(list);
+ !ZZ_ListIterDone(list, link);
+ link = link->next) {
+ it = link->thing;
+ if (it->type == jarTypeSect &&
+ it->pathname && !PORT_Strcmp(it->pathname, pathname)) {
+ dig = (JAR_Digest *)it->data;
+ return dig;
+ }
+ }
+ return NULL;
+}
+
+/*
+ * j a r _ b a s e n a m e
+ *
+ * Return the basename -- leading components of path stripped off,
+ * extension ripped off -- of a path.
+ *
+ */
+static char *
+jar_basename(const char *path)
+{
+ char *pith, *e, *basename, *ext;
+
+ if (path == NULL)
+ return PORT_Strdup("");
+
+ pith = PORT_Strdup(path);
+ basename = pith;
+ while (1) {
+ for (e = basename; *e && *e != '/' && *e != '\\'; e++)
+ /* yip */;
+ if (*e)
+ basename = ++e;
+ else
+ break;
+ }
+
+ if ((ext = PORT_Strrchr(basename, '.')) != NULL)
+ *ext = 0;
+
+ /* We already have the space allocated */
+ PORT_Strcpy(pith, basename);
+ return pith;
+}
+
+/*
+ * + + + + + + + + + + + + + + +
+ *
+ * CRYPTO ROUTINES FOR JAR
+ *
+ * The following functions are the cryptographic
+ * interface to PKCS7 for Jarnatures.
+ *
+ * + + + + + + + + + + + + + + +
+ *
+ */
+
+/*
+ * j a r _ c a t c h _ b y t e s
+ *
+ * In the event signatures contain enveloped data, it will show up here.
+ * But note that the lib/pkcs7 routines aren't ready for it.
+ *
+ */
+static void
+jar_catch_bytes(void *arg, const char *buf, unsigned long len)
+{
+ /* Actually this should never be called, since there is
+ presumably no data in the signature itself. */
+}
+
+/*
+ * j a r _ v a l i d a t e _ p k c s 7
+ *
+ * Validate (and decode, if necessary) a binary pkcs7
+ * signature in DER format.
+ *
+ */
+static int
+jar_validate_pkcs7(JAR *jar, JAR_Signer *signer, char *data, long length)
+{
+
+ SEC_PKCS7ContentInfo *cinfo = NULL;
+ SEC_PKCS7DecoderContext *dcx;
+ PRBool goodSig;
+ int status = 0;
+ SECItem detdig;
+
+ PORT_Assert(jar != NULL && signer != NULL);
+
+ if (jar == NULL || signer == NULL)
+ return JAR_ERR_ORDER;
+
+ signer->valid = JAR_ERR_SIG;
+
+ /* We need a context if we can get one */
+ dcx = SEC_PKCS7DecoderStart(jar_catch_bytes, NULL /*cb_arg*/,
+ NULL /*getpassword*/, jar->mw,
+ NULL, NULL, NULL);
+ if (dcx == NULL) {
+ /* strange pkcs7 failure */
+ return JAR_ERR_PK7;
+ }
+
+ SEC_PKCS7DecoderUpdate(dcx, data, length);
+ cinfo = SEC_PKCS7DecoderFinish(dcx);
+ if (cinfo == NULL) {
+ /* strange pkcs7 failure */
+ return JAR_ERR_PK7;
+ }
+ if (SEC_PKCS7ContentIsEncrypted(cinfo)) {
+ /* content was encrypted, fail */
+ return JAR_ERR_PK7;
+ }
+ if (SEC_PKCS7ContentIsSigned(cinfo) == PR_FALSE) {
+ /* content was not signed, fail */
+ return JAR_ERR_PK7;
+ }
+
+ PORT_SetError(0);
+
+ /* use SHA1 only */
+ detdig.len = SHA1_LENGTH;
+ detdig.data = signer->digest->sha1;
+ goodSig = SEC_PKCS7VerifyDetachedSignature(cinfo,
+ certUsageObjectSigner,
+ &detdig, HASH_AlgSHA1,
+ PR_FALSE);
+ jar_gather_signers(jar, signer, cinfo);
+ if (goodSig == PR_TRUE) {
+ /* signature is valid */
+ signer->valid = 0;
+ } else {
+ status = PORT_GetError();
+ PORT_Assert(status < 0);
+ if (status >= 0)
+ status = JAR_ERR_SIG;
+ jar->valid = status;
+ signer->valid = status;
+ }
+ jar->pkcs7 = PR_TRUE;
+ signer->pkcs7 = PR_TRUE;
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return status;
+}
+
+/*
+ * j a r _ g a t h e r _ s i g n e r s
+ *
+ * Add the single signer of this signature to the
+ * certificate linked list.
+ *
+ */
+static int
+jar_gather_signers(JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo)
+{
+ int result;
+ CERTCertificate *cert;
+ CERTCertDBHandle *certdb;
+ SEC_PKCS7SignedData *sdp = cinfo->content.signedData;
+ SEC_PKCS7SignerInfo **pksigners, *pksigner;
+
+ if (sdp == NULL)
+ return JAR_ERR_PK7;
+
+ pksigners = sdp->signerInfos;
+ /* permit exactly one signer */
+ if (pksigners == NULL || pksigners[0] == NULL || pksigners[1] != NULL)
+ return JAR_ERR_PK7;
+
+ pksigner = *pksigners;
+ cert = pksigner->cert;
+
+ if (cert == NULL)
+ return JAR_ERR_PK7;
+
+ certdb = JAR_open_database();
+ if (certdb == NULL)
+ return JAR_ERR_GENERAL;
+
+ result = jar_add_cert(jar, signer, jarTypeSign, cert);
+ JAR_close_database(certdb);
+ return result;
+}
+
+/*
+ * j a r _ o p e n _ d a t a b a s e
+ *
+ * Open the certificate database,
+ * for use by JAR functions.
+ *
+ */
+CERTCertDBHandle *
+JAR_open_database(void)
+{
+ return CERT_GetDefaultCertDB();
+}
+
+/*
+ * j a r _ c l o s e _ d a t a b a s e
+ *
+ * Close the certificate database.
+ * For use by JAR functions.
+ *
+ */
+int
+JAR_close_database(CERTCertDBHandle *certdb)
+{
+ return 0;
+}
+
+/*
+ * j a r _ s i g n a l
+ *
+ * Nonfatal errors come here to callback Java.
+ *
+ */
+static int
+jar_signal(int status, JAR *jar, const char *metafile, char *pathname)
+{
+ char *errstring = JAR_get_error(status);
+ if (jar->signal) {
+ (*jar->signal)(status, jar, metafile, pathname, errstring);
+ return 0;
+ }
+ return status;
+}
+
+/*
+ * j a r _ a p p e n d
+ *
+ * Tack on an element to one of a JAR's linked
+ * lists, with rudimentary error handling.
+ *
+ */
+int
+jar_append(ZZList *list, int type, char *pathname, void *data, size_t size)
+{
+ JAR_Item *it = PORT_ZNew(JAR_Item);
+ ZZLink *entity;
+
+ if (it == NULL)
+ goto loser;
+
+ if (pathname) {
+ it->pathname = PORT_Strdup(pathname);
+ if (it->pathname == NULL)
+ goto loser;
+ }
+
+ it->type = (jarType)type;
+ it->data = (unsigned char *)data;
+ it->size = size;
+ entity = ZZ_NewLink(it);
+ if (entity) {
+ ZZ_AppendLink(list, entity);
+ return 0;
+ }
+
+loser:
+ if (it) {
+ if (it->pathname)
+ PORT_Free(it->pathname);
+ PORT_Free(it);
+ }
+ return JAR_ERR_MEMORY;
+}
diff --git a/security/nss/lib/jar/jzconf.h b/security/nss/lib/jar/jzconf.h
new file mode 100644
index 000000000..7687eb3a5
--- /dev/null
+++ b/security/nss/lib/jar/jzconf.h
@@ -0,0 +1,189 @@
+/* zconf.h -- configuration of the zlib compression library
+ * Copyright (C) 1995-1996 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+/* This file was modified since it was taken from the zlib distribution */
+
+#ifndef _ZCONF_H
+#define _ZCONF_H
+
+/*
+ * If you *really* need a unique prefix for all types and library functions,
+ * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
+ */
+#ifdef Z_PREFIX
+#define deflateInit_ z_deflateInit_
+#define deflate z_deflate
+#define deflateEnd z_deflateEnd
+#define inflateInit_ z_inflateInit_
+#define inflate z_inflate
+#define inflateEnd z_inflateEnd
+#define deflateInit2_ z_deflateInit2_
+#define deflateSetDictionary z_deflateSetDictionary
+#define deflateCopy z_deflateCopy
+#define deflateReset z_deflateReset
+#define deflateParams z_deflateParams
+#define inflateInit2_ z_inflateInit2_
+#define inflateSetDictionary z_inflateSetDictionary
+#define inflateSync z_inflateSync
+#define inflateReset z_inflateReset
+#define compress z_compress
+#define uncompress z_uncompress
+#define adler32 z_adler32
+#define crc32 z_crc32
+#define get_crc_table z_get_crc_table
+
+#define Byte z_Byte
+#define uInt z_uInt
+#define uLong z_uLong
+#define Bytef z_Bytef
+#define charf z_charf
+#define intf z_intf
+#define uIntf z_uIntf
+#define uLongf z_uLongf
+#define voidpf z_voidpf
+#define voidp z_voidp
+#endif
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
+#ifndef __32BIT__
+#define __32BIT__
+#endif
+#endif
+#if defined(__MSDOS__) && !defined(MSDOS)
+#define MSDOS
+#endif
+
+/*
+ * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
+ * than 64k bytes at a time (needed on systems with 16-bit int).
+ */
+#if defined(MSDOS) && !defined(__32BIT__)
+#define MAXSEG_64K
+#endif
+#ifdef MSDOS
+#define UNALIGNED_OK
+#endif
+
+#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2)) && !defined(STDC)
+#define STDC
+#endif
+#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
+#define STDC
+#endif
+
+#ifndef STDC
+#ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
+#define const
+#endif
+#endif
+
+/* Some Mac compilers merge all .h files incorrectly: */
+#if defined(__MWERKS__) || defined(applec) || defined(THINK_C) || defined(__SC__)
+#define NO_DUMMY_DECL
+#endif
+
+/* Maximum value for memLevel in deflateInit2 */
+#ifndef MAX_MEM_LEVEL
+#ifdef MAXSEG_64K
+#define MAX_MEM_LEVEL 8
+#else
+#define MAX_MEM_LEVEL 9
+#endif
+#endif
+
+/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
+#ifndef MAX_WBITS
+#define MAX_WBITS 15 /* 32K LZ77 window */
+#endif
+
+/* The memory requirements for deflate are (in bytes):
+ 1 << (windowBits+2) + 1 << (memLevel+9)
+ that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
+ plus a few kilobytes for small objects. For example, if you want to reduce
+ the default memory requirements from 256K to 128K, compile with
+ make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
+ Of course this will generally degrade compression (there's no free lunch).
+
+ The memory requirements for inflate are (in bytes) 1 << windowBits
+ that is, 32K for windowBits=15 (default value) plus a few kilobytes
+ for small objects.
+*/
+
+/* Type declarations */
+
+#ifndef OF /* function prototypes */
+#ifdef STDC
+#define OF(args) args
+#else
+#define OF(args) ()
+#endif
+#endif
+
+/* The following definitions for FAR are needed only for MSDOS mixed
+ * model programming (small or medium model with some far allocations).
+ * This was tested only with MSC; for other MSDOS compilers you may have
+ * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
+ * just define FAR to be empty.
+ */
+#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
+/* MSC small or medium model */
+#define SMALL_MEDIUM
+#ifdef _MSC_VER
+#define FAR __far
+#else
+#define FAR far
+#endif
+#endif
+#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
+#ifndef __32BIT__
+#define SMALL_MEDIUM
+#define FAR __far
+#endif
+#endif
+#ifndef FAR
+#define FAR
+#endif
+
+typedef unsigned char Byte; /* 8 bits */
+typedef unsigned int uInt; /* 16 bits or more */
+typedef unsigned long uLong; /* 32 bits or more */
+
+#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
+/* Borland C/C++ ignores FAR inside typedef */
+#define Bytef Byte FAR
+#else
+typedef Byte FAR Bytef;
+#endif
+typedef char FAR charf;
+typedef int FAR intf;
+typedef uInt FAR uIntf;
+typedef uLong FAR uLongf;
+
+#ifdef STDC
+typedef void FAR *voidpf;
+typedef void *voidp;
+#else
+typedef Byte FAR *voidpf;
+typedef Byte *voidp;
+#endif
+
+#ifdef MOZILLA_CLIENT
+#include "prtypes.h"
+#else
+/* Compile with -DZLIB_DLL for Windows DLL support */
+#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
+#include <windows.h>
+#define EXPORT WINAPI
+#else
+#define EXPORT
+#endif
+
+#define PR_PUBLIC_API(type) type
+
+#endif /* MOZILLA_CLIENT */
+
+#endif /* _ZCONF_H */
diff --git a/security/nss/lib/jar/jzlib.h b/security/nss/lib/jar/jzlib.h
new file mode 100644
index 000000000..92d3d5b21
--- /dev/null
+++ b/security/nss/lib/jar/jzlib.h
@@ -0,0 +1,916 @@
+/* zlib.h -- interface of the 'zlib' general purpose compression library
+ version 1.0.4, Jul 24th, 1996.
+
+ Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ gzip@prep.ai.mit.edu madler@alumni.caltech.edu
+
+
+ The data format used by the zlib library is described by RFCs (Request for
+ Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
+ (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
+*/
+/* This file was modified since it was taken from the zlib distribution */
+
+#ifndef _ZLIB_H
+#define _ZLIB_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef MOZILLA_CLIENT
+#include "jzconf.h"
+#else
+#include "zconf.h"
+#endif
+
+#define ZLIB_VERSION "1.0.4"
+
+/*
+ The 'zlib' compression library provides in-memory compression and
+ decompression functions, including integrity checks of the uncompressed
+ data. This version of the library supports only one compression method
+ (deflation) but other algorithms may be added later and will have the same
+ stream interface.
+
+ For compression the application must provide the output buffer and
+ may optionally provide the input buffer for optimization. For decompression,
+ the application must provide the input buffer and may optionally provide
+ the output buffer for optimization.
+
+ Compression can be done in a single step if the buffers are large
+ enough (for example if an input file is mmap'ed), or can be done by
+ repeated calls of the compression function. In the latter case, the
+ application must provide more input and/or consume the output
+ (providing more output space) before each call.
+
+ The library does not install any signal handler. It is recommended to
+ add at least a handler for SIGSEGV when decompressing; the library checks
+ the consistency of the input data whenever possible but may go nuts
+ for some forms of corrupted input.
+*/
+
+typedef voidpf(*alloc_func) OF((voidpf opaque, uInt items, uInt size));
+typedef void(*free_func) OF((voidpf opaque, voidpf address));
+
+struct internal_state;
+
+typedef struct z_stream_s {
+ Bytef *next_in; /* next input byte */
+ uInt avail_in; /* number of bytes available at next_in */
+ uLong total_in; /* total nb of input bytes read so far */
+
+ Bytef *next_out; /* next output byte should be put there */
+ uInt avail_out; /* remaining free space at next_out */
+ uLong total_out; /* total nb of bytes output so far */
+
+ char *msg; /* last error message, NULL if no error */
+ struct internal_state FAR *state; /* not visible by applications */
+
+ alloc_func zalloc; /* used to allocate the internal state */
+ free_func zfree; /* used to free the internal state */
+ voidpf opaque; /* private data object passed to zalloc and zfree */
+
+ int data_type; /* best guess about the data type: ascii or binary */
+ uLong adler; /* adler32 value of the uncompressed data */
+ uLong reserved; /* reserved for future use */
+} z_stream;
+
+typedef z_stream FAR *z_streamp;
+
+/*
+ The application must update next_in and avail_in when avail_in has
+ dropped to zero. It must update next_out and avail_out when avail_out
+ has dropped to zero. The application must initialize zalloc, zfree and
+ opaque before calling the init function. All other fields are set by the
+ compression library and must not be updated by the application.
+
+ The opaque value provided by the application will be passed as the first
+ parameter for calls of zalloc and zfree. This can be useful for custom
+ memory management. The compression library attaches no meaning to the
+ opaque value.
+
+ zalloc must return Z_NULL if there is not enough memory for the object.
+ On 16-bit systems, the functions zalloc and zfree must be able to allocate
+ exactly 65536 bytes, but will not be required to allocate more than this
+ if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
+ pointers returned by zalloc for objects of exactly 65536 bytes *must*
+ have their offset normalized to zero. The default allocation function
+ provided by this library ensures this (see zutil.c). To reduce memory
+ requirements and avoid any allocation of 64K objects, at the expense of
+ compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
+
+ The fields total_in and total_out can be used for statistics or
+ progress reports. After compression, total_in holds the total size of
+ the uncompressed data and may be saved for use in the decompressor
+ (particularly if the decompressor wants to decompress everything in
+ a single step).
+*/
+
+/* constants */
+
+#define Z_NO_FLUSH 0
+#define Z_PARTIAL_FLUSH 1
+#define Z_SYNC_FLUSH 2
+#define Z_FULL_FLUSH 3
+#define Z_FINISH 4
+/* Allowed flush values; see deflate() below for details */
+
+#define Z_OK 0
+#define Z_STREAM_END 1
+#define Z_NEED_DICT 2
+#define Z_ERRNO (-1)
+#define Z_STREAM_ERROR (-2)
+#define Z_DATA_ERROR (-3)
+#define Z_MEM_ERROR (-4)
+#define Z_BUF_ERROR (-5)
+#define Z_VERSION_ERROR (-6)
+/* Return codes for the compression/decompression functions. Negative
+ * values are errors, positive values are used for special but normal events.
+ */
+
+#define Z_NO_COMPRESSION 0
+#define Z_BEST_SPEED 1
+#define Z_BEST_COMPRESSION 9
+#define Z_DEFAULT_COMPRESSION (-1)
+/* compression levels */
+
+#define Z_FILTERED 1
+#define Z_HUFFMAN_ONLY 2
+#define Z_DEFAULT_STRATEGY 0
+/* compression strategy; see deflateInit2() below for details */
+
+#define Z_BINARY 0
+#define Z_ASCII 1
+#define Z_UNKNOWN 2
+/* Possible values of the data_type field */
+
+#define Z_DEFLATED 8
+/* The deflate compression method (the only one supported in this version) */
+
+#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
+
+#define zlib_version zlibVersion()
+/* for compatibility with versions < 1.0.2 */
+
+/* basic functions */
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(const char *)
+zlibVersion(void);
+#else
+extern const char *EXPORT zlibVersion OF((void));
+#endif
+/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
+ If the first character differs, the library code actually used is
+ not compatible with the zlib.h header file used by the application.
+ This check is automatically made by deflateInit and inflateInit.
+ */
+
+/*
+extern int EXPORT deflateInit OF((z_streamp strm, int level));
+
+ Initializes the internal stream state for compression. The fields
+ zalloc, zfree and opaque must be initialized before by the caller.
+ If zalloc and zfree are set to Z_NULL, deflateInit updates them to
+ use default allocation functions.
+
+ The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
+ 1 gives best speed, 9 gives best compression, 0 gives no compression at
+ all (the input data is simply copied a block at a time).
+ Z_DEFAULT_COMPRESSION requests a default compromise between speed and
+ compression (currently equivalent to level 6).
+
+ deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if level is not a valid compression level,
+ Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
+ with the version assumed by the caller (ZLIB_VERSION).
+ msg is set to null if there is no error message. deflateInit does not
+ perform any compression: this will be done by deflate().
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflate(z_streamp strm, int flush);
+#else
+extern int EXPORT deflate OF((z_streamp strm, int flush));
+#endif
+/*
+ Performs one or both of the following actions:
+
+ - Compress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in and avail_in are updated and
+ processing will resume at this point for the next call of deflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. This action is forced if the parameter flush is non zero.
+ Forcing flush frequently degrades the compression ratio, so this parameter
+ should be set only when necessary (in interactive applications).
+ Some output may be provided even if flush is not set.
+
+ Before the call of deflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming
+ more output, and updating avail_in or avail_out accordingly; avail_out
+ should never be zero before the call. The application can consume the
+ compressed output when it wants, for example when the output buffer is full
+ (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
+ and with zero avail_out, it must be called again after making room in the
+ output buffer because there might be more output pending.
+
+ If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
+ block is terminated and flushed to the output buffer so that the
+ decompressor can get all input data available so far. For method 9, a future
+ variant on method 8, the current block will be flushed but not terminated.
+ Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
+ output is byte aligned (the compressor can clear its internal bit buffer)
+ and the current block is always terminated; this can be useful if the
+ compressor has to be restarted from scratch after an interruption (in which
+ case the internal state of the compressor may be lost).
+ If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
+ special marker is output and the compression dictionary is discarded; this
+ is useful to allow the decompressor to synchronize if one compressed block
+ has been damaged (see inflateSync below). Flushing degrades compression and
+ so should be used only when necessary. Using Z_FULL_FLUSH too often can
+ seriously degrade the compression. If deflate returns with avail_out == 0,
+ this function must be called again with the same value of the flush
+ parameter and more output space (updated avail_out), until the flush is
+ complete (deflate returns with non-zero avail_out).
+
+ If the parameter flush is set to Z_FINISH, pending input is processed,
+ pending output is flushed and deflate returns with Z_STREAM_END if there
+ was enough output space; if deflate returns with Z_OK, this function must be
+ called again with Z_FINISH and more output space (updated avail_out) but no
+ more input data, until it returns with Z_STREAM_END or an error. After
+ deflate has returned Z_STREAM_END, the only possible operations on the
+ stream are deflateReset or deflateEnd.
+
+ Z_FINISH can be used immediately after deflateInit if all the compression
+ is to be done in a single step. In this case, avail_out must be at least
+ 0.1% larger than avail_in plus 12 bytes. If deflate does not return
+ Z_STREAM_END, then it must be called again as described above.
+
+ deflate() may update data_type if it can make a good guess about
+ the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
+ binary. This field is only for information purposes and does not affect
+ the compression algorithm in any manner.
+
+ deflate() returns Z_OK if some progress has been made (more input
+ processed or more output produced), Z_STREAM_END if all input has been
+ consumed and all output has been produced (only when flush is set to
+ Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
+ if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflateEnd(z_streamp strm);
+#else
+extern int EXPORT deflateEnd OF((z_streamp strm));
+#endif
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any
+ pending output.
+
+ deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
+ stream state was inconsistent, Z_DATA_ERROR if the stream was freed
+ prematurely (some input or output was discarded). In the error case,
+ msg may be set but then points to a static string (which must not be
+ deallocated).
+*/
+
+/*
+extern int EXPORT inflateInit OF((z_streamp strm));
+
+ Initializes the internal stream state for decompression. The fields
+ zalloc, zfree and opaque must be initialized before by the caller. If
+ zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
+ allocation functions.
+
+ inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
+ with the version assumed by the caller. msg is set to null if there is no
+ error message. inflateInit does not perform any decompression: this will be
+ done by inflate().
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+inflate(z_streamp strm, int flush);
+#else
+extern int EXPORT inflate OF((z_streamp strm, int flush));
+#endif
+/*
+ Performs one or both of the following actions:
+
+ - Decompress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in is updated and processing
+ will resume at this point for the next call of inflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. inflate() provides as much output as possible, until there
+ is no more input data or no more space in the output buffer (see below
+ about the flush parameter).
+
+ Before the call of inflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming
+ more output, and updating the next_* and avail_* values accordingly.
+ The application can consume the uncompressed output when it wants, for
+ example when the output buffer is full (avail_out == 0), or after each
+ call of inflate(). If inflate returns Z_OK and with zero avail_out, it
+ must be called again after making room in the output buffer because there
+ might be more output pending.
+
+ If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
+ output as possible to the output buffer. The flushing behavior of inflate is
+ not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
+ and Z_FINISH, but the current implementation actually flushes as much output
+ as possible anyway.
+
+ inflate() should normally be called until it returns Z_STREAM_END or an
+ error. However if all decompression is to be performed in a single step
+ (a single call of inflate), the parameter flush should be set to
+ Z_FINISH. In this case all pending input is processed and all pending
+ output is flushed; avail_out must be large enough to hold all the
+ uncompressed data. (The size of the uncompressed data may have been saved
+ by the compressor for this purpose.) The next operation on this stream must
+ be inflateEnd to deallocate the decompression state. The use of Z_FINISH
+ is never required, but can be used to inform inflate that a faster routine
+ may be used for the single inflate() call.
+
+ inflate() returns Z_OK if some progress has been made (more input
+ processed or more output produced), Z_STREAM_END if the end of the
+ compressed data has been reached and all uncompressed output has been
+ produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
+ inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
+ Z_STREAM_ERROR if the stream structure was inconsistent (for example if
+ next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
+ Z_BUF_ERROR if no progress is possible or if there was not enough room in
+ the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
+ application may then call inflateSync to look for a good compression block.
+ In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
+ dictionary chosen by the compressor.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+inflateEnd(z_streamp strm);
+#else
+extern int EXPORT inflateEnd OF((z_streamp strm));
+#endif
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any
+ pending output.
+
+ inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
+ was inconsistent. In the error case, msg may be set but then points to a
+ static string (which must not be deallocated).
+*/
+
+/* Advanced functions */
+
+/*
+ The following functions are needed only in some special applications.
+*/
+
+/*
+extern int EXPORT deflateInit2 OF((z_streamp strm,
+ int level,
+ int method,
+ int windowBits,
+ int memLevel,
+ int strategy));
+
+ This is another version of deflateInit with more compression options. The
+ fields next_in, zalloc, zfree and opaque must be initialized before by
+ the caller.
+
+ The method parameter is the compression method. It must be Z_DEFLATED in
+ this version of the library. (Method 9 will allow a 64K history buffer and
+ partial block flushes.)
+
+ The windowBits parameter is the base two logarithm of the window size
+ (the size of the history buffer). It should be in the range 8..15 for this
+ version of the library (the value 16 will be allowed for method 9). Larger
+ values of this parameter result in better compression at the expense of
+ memory usage. The default value is 15 if deflateInit is used instead.
+
+ The memLevel parameter specifies how much memory should be allocated
+ for the internal compression state. memLevel=1 uses minimum memory but
+ is slow and reduces compression ratio; memLevel=9 uses maximum memory
+ for optimal speed. The default value is 8. See zconf.h for total memory
+ usage as a function of windowBits and memLevel.
+
+ The strategy parameter is used to tune the compression algorithm. Use the
+ value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
+ filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
+ string match). Filtered data consists mostly of small values with a
+ somewhat random distribution. In this case, the compression algorithm is
+ tuned to compress them better. The effect of Z_FILTERED is to force more
+ Huffman coding and less string matching; it is somewhat intermediate
+ between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
+ the compression ratio but not the correctness of the compressed output even
+ if it is not set appropriately.
+
+ If next_in is not null, the library will use this buffer to hold also
+ some history information; the buffer must either hold the entire input
+ data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
+ is null, the library will allocate its own history buffer (and leave next_in
+ null). next_out need not be provided here but must be provided by the
+ application for the next call of deflate().
+
+ If the history buffer is provided by the application, next_in must
+ must never be changed by the application since the compressor maintains
+ information inside this buffer from call to call; the application
+ must provide more input only by increasing avail_in. next_in is always
+ reset by the library in this case.
+
+ deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
+ not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
+ an invalid method). msg is set to null if there is no error message.
+ deflateInit2 does not perform any compression: this will be done by
+ deflate().
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflateSetDictionary(z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength);
+#else
+extern int EXPORT deflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+#endif
+/*
+ Initializes the compression dictionary (history buffer) from the given
+ byte sequence without producing any compressed output. This function must
+ be called immediately after deflateInit or deflateInit2, before any call
+ of deflate. The compressor and decompressor must use exactly the same
+ dictionary (see inflateSetDictionary).
+ The dictionary should consist of strings (byte sequences) that are likely
+ to be encountered later in the data to be compressed, with the most commonly
+ used strings preferably put towards the end of the dictionary. Using a
+ dictionary is most useful when the data to be compressed is short and
+ can be predicted with good accuracy; the data can then be compressed better
+ than with the default empty dictionary. In this version of the library,
+ only the last 32K bytes of the dictionary are used.
+ Upon return of this function, strm->adler is set to the Adler32 value
+ of the dictionary; the decompressor may later use this value to determine
+ which dictionary has been used by the compressor. (The Adler32 value
+ applies to the whole dictionary even if only a subset of the dictionary is
+ actually used by the compressor.)
+
+ deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
+ parameter is invalid (such as NULL dictionary) or the stream state
+ is inconsistent (for example if deflate has already been called for this
+ stream). deflateSetDictionary does not perform any compression: this will
+ be done by deflate().
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflateCopy(z_streamp dest, z_streamp source);
+#else
+extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
+#endif
+/*
+ Sets the destination stream as a complete copy of the source stream. If
+ the source stream is using an application-supplied history buffer, a new
+ buffer is allocated for the destination stream. The compressed output
+ buffer is always application-supplied. It's the responsibility of the
+ application to provide the correct values of next_out and avail_out for the
+ next call of deflate.
+
+ This function can be useful when several compression strategies will be
+ tried, for example when there are several ways of pre-processing the input
+ data with a filter. The streams that will be discarded should then be freed
+ by calling deflateEnd. Note that deflateCopy duplicates the internal
+ compression state which can be quite large, so this strategy is slow and
+ can consume lots of memory.
+
+ deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflateReset(z_streamp strm);
+#else
+extern int EXPORT deflateReset OF((z_streamp strm));
+#endif
+/*
+ This function is equivalent to deflateEnd followed by deflateInit,
+ but does not free and reallocate all the internal compression state.
+ The stream will keep the same compression level and any other attributes
+ that may have been set by deflateInit2.
+
+ deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being NULL).
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflateParams(z_streamp strm, int level, int strategy);
+#else
+extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
+#endif
+/*
+ Dynamically update the compression level and compression strategy.
+ This can be used to switch between compression and straight copy of
+ the input data, or to switch to a different kind of input data requiring
+ a different strategy. If the compression level is changed, the input
+ available so far is compressed with the old level (and may be flushed);
+ the new level will take effect only at the next call of deflate().
+
+ Before the call of deflateParams, the stream state must be set as for
+ a call of deflate(), since the currently available input may have to
+ be compressed and flushed. In particular, strm->avail_out must be non-zero.
+
+ deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
+ stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
+ if strm->avail_out was zero.
+*/
+
+/*
+extern int EXPORT inflateInit2 OF((z_streamp strm,
+ int windowBits));
+
+ This is another version of inflateInit with more compression options. The
+ fields next_out, zalloc, zfree and opaque must be initialized before by
+ the caller.
+
+ The windowBits parameter is the base two logarithm of the maximum window
+ size (the size of the history buffer). It should be in the range 8..15 for
+ this version of the library (the value 16 will be allowed soon). The
+ default value is 15 if inflateInit is used instead. If a compressed stream
+ with a larger window size is given as input, inflate() will return with
+ the error code Z_DATA_ERROR instead of trying to allocate a larger window.
+
+ If next_out is not null, the library will use this buffer for the history
+ buffer; the buffer must either be large enough to hold the entire output
+ data, or have at least 1<<windowBits bytes. If next_out is null, the
+ library will allocate its own buffer (and leave next_out null). next_in
+ need not be provided here but must be provided by the application for the
+ next call of inflate().
+
+ If the history buffer is provided by the application, next_out must
+ never be changed by the application since the decompressor maintains
+ history information inside this buffer from call to call; the application
+ can only reset next_out to the beginning of the history buffer when
+ avail_out is zero and all output has been consumed.
+
+ inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
+ not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
+ windowBits < 8). msg is set to null if there is no error message.
+ inflateInit2 does not perform any decompression: this will be done by
+ inflate().
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+inflateSetDictionary(z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength);
+#else
+extern int EXPORT inflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+#endif
+/*
+ Initializes the decompression dictionary (history buffer) from the given
+ uncompressed byte sequence. This function must be called immediately after
+ a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
+ by the compressor can be determined from the Adler32 value returned by this
+ call of inflate. The compressor and decompressor must use exactly the same
+ dictionary (see deflateSetDictionary).
+
+ inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
+ parameter is invalid (such as NULL dictionary) or the stream state is
+ inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
+ expected one (incorrect Adler32 value). inflateSetDictionary does not
+ perform any decompression: this will be done by subsequent calls of
+ inflate().
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+inflateSync(z_streamp strm);
+#else
+extern int EXPORT inflateSync OF((z_streamp strm));
+#endif
+/*
+ Skips invalid compressed data until the special marker (see deflate()
+ above) can be found, or until all available input is skipped. No output
+ is provided.
+
+ inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
+ if no more input was provided, Z_DATA_ERROR if no marker has been found,
+ or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
+ case, the application may save the current current value of total_in which
+ indicates where valid compressed data was found. In the error case, the
+ application may repeatedly call inflateSync, providing more input each time,
+ until success or end of the input data.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+inflateReset(z_streamp strm);
+#else
+extern int EXPORT inflateReset OF((z_streamp strm));
+#endif
+/*
+ This function is equivalent to inflateEnd followed by inflateInit,
+ but does not free and reallocate all the internal decompression state.
+ The stream will keep attributes that may have been set by inflateInit2.
+
+ inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being NULL).
+*/
+
+/* utility functions */
+
+/*
+ The following utility functions are implemented on top of the
+ basic stream-oriented functions. To simplify the interface, some
+ default options are assumed (compression level, window size,
+ standard memory allocation functions). The source code of these
+ utility functions can easily be modified if you need special options.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+compress(Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen);
+#else
+extern int EXPORT compress OF((Bytef * dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+#endif
+/*
+ Compresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total
+ size of the destination buffer, which must be at least 0.1% larger than
+ sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
+ compressed buffer.
+ This function can be used to compress a whole file at once if the
+ input file is mmap'ed.
+ compress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+uncompress(Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen);
+#else
+extern int EXPORT uncompress OF((Bytef * dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+#endif
+/*
+ Decompresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total
+ size of the destination buffer, which must be large enough to hold the
+ entire uncompressed data. (The size of the uncompressed data must have
+ been saved previously by the compressor and transmitted to the decompressor
+ by some mechanism outside the scope of this compression library.)
+ Upon exit, destLen is the actual size of the compressed buffer.
+ This function can be used to decompress a whole file at once if the
+ input file is mmap'ed.
+
+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer, or Z_DATA_ERROR if the input data was corrupted.
+*/
+
+typedef voidp gzFile;
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(gzFile)
+gzopen(const char *path, const char *mode);
+#else
+extern gzFile EXPORT gzopen OF((const char *path, const char *mode));
+#endif
+/*
+ Opens a gzip (.gz) file for reading or writing. The mode parameter
+ is as in fopen ("rb" or "wb") but can also include a compression level
+ ("wb9"). gzopen can be used to read a file which is not in gzip format;
+ in this case gzread will directly read from the file without decompression.
+ gzopen returns NULL if the file could not be opened or if there was
+ insufficient memory to allocate the (de)compression state; errno
+ can be checked to distinguish the two cases (if errno is zero, the
+ zlib error is Z_MEM_ERROR).
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(gzFile)
+gzdopen(int fd, const char *mode);
+#else
+extern gzFile EXPORT gzdopen OF((int fd, const char *mode));
+#endif
+/*
+ gzdopen() associates a gzFile with the file descriptor fd. File
+ descriptors are obtained from calls like open, dup, creat, pipe or
+ fileno (in the file has been previously opened with fopen).
+ The mode parameter is as in gzopen.
+ The next call of gzclose on the returned gzFile will also close the
+ file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
+ descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
+ gzdopen returns NULL if there was insufficient memory to allocate
+ the (de)compression state.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+gzread(gzFile file, voidp buf, unsigned len);
+#else
+extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len));
+#endif
+/*
+ Reads the given number of uncompressed bytes from the compressed file.
+ If the input file was not in gzip format, gzread copies the given number
+ of bytes into the buffer.
+ gzread returns the number of uncompressed bytes actually read (0 for
+ end of file, -1 for error). */
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+gzwrite(gzFile file, const voidp buf, unsigned len);
+#else
+extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len));
+#endif
+/*
+ Writes the given number of uncompressed bytes into the compressed file.
+ gzwrite returns the number of uncompressed bytes actually written
+ (0 in case of error).
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+gzflush(gzFile file, int flush);
+#else
+extern int EXPORT gzflush OF((gzFile file, int flush));
+#endif
+/*
+ Flushes all pending output into the compressed file. The parameter
+ flush is as in the deflate() function. The return value is the zlib
+ error number (see function gzerror below). gzflush returns Z_OK if
+ the flush parameter is Z_FINISH and all output could be flushed.
+ gzflush should be called only when strictly necessary because it can
+ degrade compression.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+gzclose(gzFile file);
+#else
+extern int EXPORT gzclose OF((gzFile file));
+#endif
+/*
+ Flushes all pending output if necessary, closes the compressed file
+ and deallocates all the (de)compression state. The return value is the zlib
+ error number (see function gzerror below).
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(const char *)
+gzerror(gzFile file, int *errnum);
+#else
+extern const char *EXPORT gzerror OF((gzFile file, int *errnum));
+#endif
+/*
+ Returns the error message for the last error which occurred on the
+ given compressed file. errnum is set to zlib error number. If an
+ error occurred in the file system and not in the compression library,
+ errnum is set to Z_ERRNO and the application may consult errno
+ to get the exact error code.
+*/
+
+/* checksum functions */
+
+/*
+ These functions are not related to compression but are exported
+ anyway because they might be useful in applications using the
+ compression library.
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(uLong)
+adler32(uLong adler, const Bytef *buf, uInt len);
+#else
+extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
+#endif
+
+/*
+ Update a running Adler-32 checksum with the bytes buf[0..len-1] and
+ return the updated checksum. If buf is NULL, this function returns
+ the required initial value for the checksum.
+ An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
+ much faster. Usage example:
+
+ uLong adler = adler32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ adler = adler32(adler, buffer, length);
+ }
+ if (adler != original_adler) error();
+*/
+
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(uLong)
+crc32(uLong crc, const Bytef *buf, uInt len);
+#else
+extern uLong EXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
+#endif
+/*
+ Update a running crc with the bytes buf[0..len-1] and return the updated
+ crc. If buf is NULL, this function returns the required initial value
+ for the crc. Pre- and post-conditioning (one's complement) is performed
+ within this function so it shouldn't be done by the application.
+ Usage example:
+
+ uLong crc = crc32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ crc = crc32(crc, buffer, length);
+ }
+ if (crc != original_crc) error();
+*/
+
+/* various hacks, don't look :) */
+
+/* deflateInit and inflateInit are macros to allow checking the zlib version
+ * and the compiler's view of z_stream:
+ */
+#ifdef MOZILLA_CLIENT
+PR_EXTERN(int)
+deflateInit(z_streamp strm, int level, const char *version,
+ int stream_size);
+PR_EXTERN(int)
+inflateInit_(z_streamp strm, const char *version,
+ int stream_size);
+PR_EXTERN(int)
+deflateInit2_(z_streamp strm, int level, int method,
+ int windowBits, int memLevel, int strategy,
+ const char *version, int stream_size);
+PR_EXTERN(int)
+inflateInit2_(z_streamp strm, int windowBits,
+ const char *version, int stream_size);
+#else
+extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version,
+ int stream_size));
+extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version,
+ int stream_size));
+extern int EXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
+ int windowBits, int memLevel, int strategy,
+ const char *version, int stream_size));
+extern int EXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
+ const char *version, int stream_size));
+#endif /* MOZILLA_CLIENT */
+
+#define deflateInit(strm, level) \
+ deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
+#define inflateInit(strm) \
+ inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
+#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
+ deflateInit2_((strm), (level), (method), (windowBits), (memLevel), \
+ (strategy), ZLIB_VERSION, sizeof(z_stream))
+#define inflateInit2(strm, windowBits) \
+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
+
+#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
+struct internal_state {
+ int dummy;
+}; /* hack for buggy compilers */
+#endif
+
+uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _ZLIB_H */
diff --git a/security/nss/lib/jar/manifest.mn b/security/nss/lib/jar/manifest.mn
new file mode 100644
index 000000000..5b516886a
--- /dev/null
+++ b/security/nss/lib/jar/manifest.mn
@@ -0,0 +1,25 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+MODULE = nss
+
+LIBRARY_NAME = jar
+
+CORE_DEPTH = ../..
+
+CSRCS = \
+ jarver.c \
+ jarsign.c \
+ jar.c \
+ jar-ds.c \
+ jarfile.c \
+ jarint.c \
+ $(NULL)
+
+EXPORTS = jar.h jar-ds.h jarfile.h
+
+DEFINES = -DMOZILLA_CLIENT=1
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/libpkix/Makefile b/security/nss/lib/libpkix/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/config.mk b/security/nss/lib/libpkix/config.mk
new file mode 100755
index 000000000..5d75e1c04
--- /dev/null
+++ b/security/nss/lib/libpkix/config.mk
@@ -0,0 +1,16 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+# DEFINES+=-DPKIX_LISTDEBUG Can be used to turn on debug compilation
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/include/Makefile b/security/nss/lib/libpkix/include/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/include/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/include/config.mk b/security/nss/lib/libpkix/include/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/include/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/include/exports.gyp b/security/nss/lib/libpkix/include/exports.gyp
new file mode 100644
index 000000000..92baaaa9d
--- /dev/null
+++ b/security/nss/lib/libpkix/include/exports.gyp
@@ -0,0 +1,38 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_include_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix.h',
+ 'pkix_certsel.h',
+ 'pkix_certstore.h',
+ 'pkix_checker.h',
+ 'pkix_crlsel.h',
+ 'pkix_errorstrings.h',
+ 'pkix_params.h',
+ 'pkix_pl_pki.h',
+ 'pkix_pl_system.h',
+ 'pkix_results.h',
+ 'pkix_revchecker.h',
+ 'pkix_sample_modules.h',
+ 'pkix_util.h',
+ 'pkixt.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/include/include.gyp b/security/nss/lib/libpkix/include/include.gyp
new file mode 100644
index 000000000..c43501591
--- /dev/null
+++ b/security/nss/lib/libpkix/include/include.gyp
@@ -0,0 +1,12 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/include/manifest.mn b/security/nss/lib/libpkix/include/manifest.mn
new file mode 100755
index 000000000..cc74890cf
--- /dev/null
+++ b/security/nss/lib/libpkix/include/manifest.mn
@@ -0,0 +1,32 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix.h \
+ pkix_crlsel.h \
+ pkix_errorstrings.h \
+ pkix_results.h \
+ pkixt.h \
+ pkix_certsel.h \
+ pkix_params.h \
+ pkix_revchecker.h \
+ pkix_certstore.h \
+ pkix_pl_pki.h \
+ pkix_sample_modules.h \
+ pkix_checker.h \
+ pkix_pl_system.h \
+ pkix_util.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ $(NULL)
+
+REQUIRES = dbm
diff --git a/security/nss/lib/libpkix/include/pkix.h b/security/nss/lib/libpkix/include/pkix.h
new file mode 100755
index 000000000..4ef3cf1fb
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix.h
@@ -0,0 +1,301 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines the public API for libpkix. These are the top-level
+ * functions in the library. They perform the primary operations of this
+ * library: building and validating chains of X.509 certificates.
+ *
+ */
+
+#ifndef _PKIX_H
+#define _PKIX_H
+
+#include "pkixt.h"
+#include "pkix_util.h"
+#include "pkix_results.h"
+#include "pkix_certstore.h"
+#include "pkix_certsel.h"
+#include "pkix_crlsel.h"
+#include "pkix_checker.h"
+#include "pkix_revchecker.h"
+#include "pkix_pl_system.h"
+#include "pkix_pl_pki.h"
+#include "pkix_params.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/*
+ * FUNCTION: PKIX_Initialize
+ * DESCRIPTION:
+ *
+ * No PKIX_* types and functions should be used before this function is called
+ * and returns successfully. This function should only be called once. If it
+ * is called more than once, the behavior is undefined.
+ *
+ * NSS applications are expected to call NSS_Init, and need not know that
+ * NSS will call this function (with "platformInitNeeded" set to PKIX_FALSE).
+ * PKIX applications are expected instead to call this function with
+ * "platformInitNeeded" set to PKIX_TRUE.
+ *
+ * This function initializes data structures critical to the operation of
+ * libpkix. It also ensures that the API version (major.minor) desired by the
+ * caller (the "desiredMajorVersion", "minDesiredMinorVersion", and
+ * "maxDesiredMinorVersion") is compatible with the API version supported by
+ * the library. As such, the library must support the "desiredMajorVersion"
+ * of the API and must support a minor version that falls between
+ * "minDesiredMinorVersion" and "maxDesiredMinorVersion", inclusive. If
+ * compatibility exists, the function returns NULL and stores the library's
+ * actual minor version at "pActualMinorVersion" (which may be greater than
+ * "desiredMinorVersion"). If no compatibility exists, the function returns a
+ * PKIX_Error pointer. If the caller wishes to specify that the largest
+ * minor version available should be used, then maxDesiredMinorVersion should
+ * be set to the macro PKIX_MAX_MINOR_VERSION (defined in pkixt.h).
+ *
+ * PARAMETERS:
+ * "platformInitNeeded"
+ * Boolean indicating whether the platform layer initialization code
+ * has previously been run, or should be called from this function.
+ * "desiredMajorVersion"
+ * The major version of the libpkix API the application wishes to use.
+ * "minDesiredMinorVersion"
+ * The minimum minor version of the libpkix API the application wishes
+ * to use.
+ * "maxDesiredMinorVersion"
+ * The maximum minor version of the libpkix API the application wishes
+ * to use.
+ * "pActualMinorVersion"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "pPlContext"
+ * Address at which platform-specific context pointer is stored. Must
+ * be non-NULL.
+ * THREAD SAFETY:
+ * Not Thread Safe
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Initialize Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Initialize(
+ PKIX_Boolean platformInitNeeded,
+ PKIX_UInt32 desiredMajorVersion,
+ PKIX_UInt32 minDesiredMinorVersion,
+ PKIX_UInt32 maxDesiredMinorVersion,
+ PKIX_UInt32 *pActualMinorVersion,
+ void **pPlContext);
+
+/*
+ * FUNCTION: PKIX_Shutdown
+ * DESCRIPTION:
+ *
+ * This function deallocates any memory used by libpkix and shuts down any
+ * ongoing operations. This function should only be called once. If it is
+ * called more than once, the behavior is undefined.
+ *
+ * No PKIX_* types and functions should be used after this function is called
+ * and returns successfully.
+ * PARAMETERS:
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Shutdown(void *plContext);
+
+/*
+ * FUNCTION: PKIX_ValidateChain
+ * DESCRIPTION:
+ *
+ * This function attempts to validate the CertChain that has been set in the
+ * ValidateParams pointed to by "params" using an RFC 3280-compliant
+ * algorithm. If successful, this function returns NULL and stores the
+ * ValidateResult at "pResult", which holds additional information, such as
+ * the policy tree and the target's public key. If unsuccessful, an Error is
+ * returned. Note: This function does not currently support non-blocking I/O.
+ *
+ * If "pVerifyTree" is non-NULL, a chain of VerifyNodes is created which
+ * tracks the results of the validation. That is, either each node in the
+ * chain has a NULL Error component, or the last node contains an Error
+ * which indicates why the validation failed.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ValidateParams used to validate CertChain. Must be non-NULL.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "pVerifyTree"
+ * Address where a VerifyTree is stored, if non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (See Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateChain(
+ PKIX_ValidateParams *params,
+ PKIX_ValidateResult **pResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ValidateChain_NB
+ * DESCRIPTION:
+ *
+ * This function is the equivalent of PKIX_ValidateChain, except that it
+ * supports non-blocking I/O. When called with "pNBIOContext" pointing to NULL
+ * it initiates a new chain validation as in PKIX_ValidateChain, ignoring the
+ * value in all input variables except "params". If forced to suspend
+ * processing by a WOULDBLOCK return from some operation, such as a CertStore
+ * request, it stores the platform-dependent I/O context at "pNBIOContext" and
+ * stores other intermediate variables at "pCertIndex", "pAnchorIndex",
+ * "pCheckerIndex", "pRevChecking", and "pCheckers".
+ *
+ * When called subsequently with that non-NULL value at "pNBIOContext", it
+ * relies on those intermediate values to be untouched, and it resumes chain
+ * validation where it left off. Its behavior is undefined if any of the
+ * intermediate values was not preserved.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ValidateParams used to validate CertChain. Must be non-NULL.
+ * "pCertIndex"
+ * The UInt32 value of the index to the Cert chain, indicating which Cert
+ * is currently being processed.
+ * "pAnchorIndex"
+ * The UInt32 value of the index to the Anchor chain, indicating which
+ * Trust Anchor is currently being processed.
+ * "pCheckerIndex"
+ * The UInt32 value of the index to the List of CertChainCheckers,
+ * indicating which Checker is currently processing.
+ * "pRevChecking"
+ * The Boolean flag indicating whether normal checking or revocation
+ * checking is occurring for the Cert indicated by "pCertIndex".
+ * "pCheckers"
+ * The address of the List of CertChainCheckers. Must be non-NULL.
+ * "pNBIOContext"
+ * The address of the platform-dependend I/O context. Must be a non-NULL
+ * pointer to a NULL value for the call to initiate chain validation.
+ * "pResult"
+ * Address where ValidateResult object pointer will be stored. Must be
+ * non-NULL.
+ * "pVerifyTree"
+ * Address where a VerifyTree is stored, if non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a VALIDATE Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */PKIX_Error *
+PKIX_ValidateChain_NB(
+ PKIX_ValidateParams *params,
+ PKIX_UInt32 *pCertIndex,
+ PKIX_UInt32 *pAnchorIndex,
+ PKIX_UInt32 *pCheckerIndex,
+ PKIX_Boolean *pRevChecking,
+ PKIX_List **pCheckers,
+ void **pNBIOContext,
+ PKIX_ValidateResult **pResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_BuildChain
+ * DESCRIPTION:
+ *
+ * If called with a NULL "state", this function attempts to build and validate
+ * a CertChain according to the ProcessingParams pointed to by "params", using
+ * an RFC 3280-compliant validation algorithm. If successful, this function
+ * returns NULL and stores the BuildResult at "pResult", which holds the built
+ * CertChain, as well as additional information, such as the policy tree and
+ * the target's public key. If unsuccessful, an Error is returned.
+ *
+ * If the chain building is blocked by a CertStore using non-blocking I/O, this
+ * function stores platform-dependent non-blocking I/O context at
+ * "pNBIOContext", its state at "pState", and NULL at "pResult". The caller
+ * may be able to determine, in a platform-dependent way, when the I/O has
+ * completed. In any case, calling the function again with "pState" containing
+ * the returned value will allow the chain building to resume.
+ *
+ * If chain building is completed, either successfully or unsuccessfully, NULL
+ * is stored at "pNBIOContext".
+ *
+ * If "pVerifyTree" is non-NULL, a tree of VerifyNodes is created which
+ * tracks the results of the building. That is, each node of the tree either
+ * has a NULL Error component, or it is a leaf node and it contains an Error
+ * which indicates why the chain building could not proceed on this branch.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams used to build and validate CertChain.
+ * Must be non-NULL.
+ * "pNBIOContext"
+ * Address where platform-dependent information is store if the build
+ * is suspended waiting for non-blocking I/O. Must be non-NULL.
+ * "pState"
+ * Address of BuildChain state. Must be NULL on initial call, and the
+ * value previously returned on subsequent calls.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "pVerifyTree"
+ * Address where a VerifyTree is stored, if non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (See Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_BuildChain(
+ PKIX_ProcessingParams *params,
+ void **pNBIOContext,
+ void **pState,
+ PKIX_BuildResult **pResult,
+ PKIX_VerifyNode **pVerifyNode,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_H */
diff --git a/security/nss/lib/libpkix/include/pkix_certsel.h b/security/nss/lib/libpkix/include/pkix_certsel.h
new file mode 100755
index 000000000..e6b20c8c5
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_certsel.h
@@ -0,0 +1,1826 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the PKIX_CertSelector and the
+ * PKIX_ComCertSelParams types.
+ *
+ */
+
+#ifndef _PKIX_CERTSEL_H
+#define _PKIX_CERTSEL_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_CertSelector
+ *
+ * PKIX_CertSelectors provide a standard way for the caller to select
+ * certificates based on particular criteria. A CertSelector is typically used
+ * by the caller to specify the constraints they wish to impose on the target
+ * certificate in a chain. (see pkix_params.h) A CertSelector is also often
+ * used to retrieve certificates from a CertStore that match the selector's
+ * criteria. (See pkix_certstore.h) For example, the caller may wish to only
+ * select those certificates that have a particular Subject Distinguished Name
+ * and a particular value for a private certificate extension. The
+ * MatchCallback allows the caller to specify the custom matching logic to be
+ * used by a CertSelector.
+ *
+ * By default, the MatchCallback is set to point to the default implementation
+ * provided by libpkix, which understands how to process the most common
+ * parameters. If the default implementation is used, the caller should set
+ * these common parameters using PKIX_CertSelector_SetCommonCertSelectorParams.
+ * Any common parameter that is not set is assumed to be disabled, which means
+ * the default MatchCallback implementation will select all certificates
+ * without regard to that particular disabled parameter. For example, if the
+ * SerialNumber parameter is not set, MatchCallback will not filter out any
+ * certificate based on its serial number. As such, if no parameters are set,
+ * all are disabled and any certificate will match. If a parameter is
+ * disabled, its associated PKIX_ComCertSelParams_Get* function returns a
+ * default value of NULL, or -1 for PKIX_ComCertSelParams_GetBasicConstraints
+ * and PKIX_ComCertSelParams_GetVersion, or 0 for
+ * PKIX_ComCertSelParams_GetKeyUsage.
+ *
+ * If a custom implementation is desired, the default implementation can be
+ * overridden by calling PKIX_CertSelector_SetMatchCallback. In this case, the
+ * CertSelector can be initialized with a certSelectorContext, which is where
+ * the caller can specify the desired parameters the caller wishes to match
+ * against. Note that this certSelectorContext must be an Object (although any
+ * object type), allowing it to be reference-counted and allowing it to
+ * provide the standard Object functions (Equals, Hashcode, ToString, Compare,
+ * Duplicate).
+ *
+ */
+
+/*
+ * FUNCTION: PKIX_CertSelector_MatchCallback
+ * DESCRIPTION:
+ *
+ * This callback function determines whether the specified Cert pointed to by
+ * "cert" matches the criteria of the CertSelector pointed to by "selector".
+ * If the Cert does not matches the CertSelector's criteria, an exception will
+ * be thrown.
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CertSelector whose MatchCallback logic and parameters are
+ * to be used. Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched using "selector".
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertSelector_MatchCallback)(
+ PKIX_CertSelector *selector,
+ PKIX_PL_Cert *cert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertSelector_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CertSelector using the Object pointed to by
+ * "certSelectorContext" (if any) and stores it at "pSelector". As noted
+ * above, by default, the MatchCallback is set to point to the default
+ * implementation provided by libpkix, which understands how to process
+ * ComCertSelParams objects. This is overridden if the MatchCallback pointed
+ * to by "callback" is not NULL, in which case the parameters are specified
+ * using the certSelectorContext.
+ *
+ * PARAMETERS:
+ * "callback"
+ * The MatchCallback function to be used.
+ * "certSelectorContext"
+ * Address of Object representing the CertSelector's context (if any).
+ * "pSelector"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertSelector_Create(
+ PKIX_CertSelector_MatchCallback callback,
+ PKIX_PL_Object *certSelectorContext,
+ PKIX_CertSelector **pSelector,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertSelector_GetMatchCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "selector's" Match callback function and puts it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "selector"
+ * The CertSelector whose Match callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where Match callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertSelector_GetMatchCallback(
+ PKIX_CertSelector *selector,
+ PKIX_CertSelector_MatchCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertSelector_GetCertSelectorContext
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a PKIX_PL_Object representing the context (if any)
+ * of the CertSelector pointed to by "selector" and stores it at
+ * "pCertSelectorContext".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CertSelector whose context is to be stored.
+ * Must be non-NULL.
+ * "pCertSelectorContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertSelector_GetCertSelectorContext(
+ PKIX_CertSelector *selector,
+ PKIX_PL_Object **pCertSelectorContext,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertSelector_GetCommonCertSelectorParams
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ComCertSelParams object that represent the
+ * common parameters of the CertSelector pointed to by "selector" and stores
+ * it at "pCommonCertSelectorParams". If there are no common parameters
+ * stored with the CertSelector, this function stores NULL at
+ * "pCommonCertSelectorParams".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CertSelector whose ComCertSelParams object is to be stored.
+ * Must be non-NULL.
+ * "pCommonCertSelectorParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertSelector_GetCommonCertSelectorParams(
+ PKIX_CertSelector *selector,
+ PKIX_ComCertSelParams **pCommonCertSelectorParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertSelector_SetCommonCertSelectorParams
+ * DESCRIPTION:
+ *
+ * Sets the common parameters for the CertSelector pointed to by "selector"
+ * using the ComCertSelParams object pointed to by "commonCertSelectorParams".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CertSelector whose common parameters are to be set.
+ * Must be non-NULL.
+ * "commonCertSelectorParams"
+ * Address of ComCertSelParams object representing the common parameters.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "selector"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertSelector_SetCommonCertSelectorParams(
+ PKIX_CertSelector *selector,
+ PKIX_ComCertSelParams *commonCertSelectorParams,
+ void *plContext);
+
+/* PKIX_ComCertSelParams
+ *
+ * PKIX_ComCertSelParams objects are X.509 parameters commonly used with
+ * CertSelectors, especially when enforcing constraints on a target
+ * certificate or determining which certificates to retrieve from a CertStore.
+ * ComCertSelParams objects are typically used with those CertSelectors that
+ * use the default implementation of MatchCallback, which understands how to
+ * process ComCertSelParams objects.
+ */
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ComCertSelParams object and stores it at "pParams".
+ *
+ * PARAMETERS:
+ * "pParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_Create(
+ PKIX_ComCertSelParams **pParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjAltNames
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of GeneralNames (if any) representing the
+ * subject alternative names criterion that is set in the ComCertSelParams
+ * object pointed to by "params" and stores it at "pNames". In order to match
+ * against this criterion, a certificate must contain all or at least one of
+ * the criterion's subject alternative names (depending on the result of
+ * PKIX_ComCertSelParams_GetMatchAllSubjAltNames). The default behavior
+ * requires a certificate to contain all of the criterion's subject
+ * alternative names in order to match.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pNames", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject alternative names
+ * criterion (if any) is to be stored. Must be non-NULL.
+ * "pNames"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pNames, /* list of PKIX_PL_GeneralName */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjAltNames
+ * DESCRIPTION:
+ *
+ * Sets the subject alternative names criterion of the ComCertSelParams object
+ * pointed to by "params" using a List of GeneralNames pointed to by "names".
+ * In order to match against this criterion, a certificate must contain all or
+ * at least one of the criterion's subject alternative names (depending on the
+ * result of PKIX_ComCertSelParams_GetMatchAllSubjAltNames). The default
+ * behavior requires a certificate to contain all of the criterion's subject
+ * alternative names in order to match.
+ *
+ * If "names" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject alternative
+ * names criterion is to be set. Must be non-NULL.
+ * "names"
+ * Address of List of GeneralNames used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *names, /* list of PKIX_PL_GeneralName */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_AddSubjAltName
+ * DESCRIPTION:
+ *
+ * Adds to the subject alternative names criterion of the ComCertSelParams
+ * object pointed to by "params" using the GeneralName pointed to by "name".
+ * In order to match against this criterion, a certificate must contain all
+ * or at least one of the criterion's subject alternative names (depending on
+ * the result of PKIX_ComCertSelParams_GetMatchAllSubjAltNames). The default
+ * behavior requires a certificate to contain all of the criterion's subject
+ * alternative names in order to match.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject alternative names
+ * criterion is to be added to. Must be non-NULL.
+ * "name"
+ * Address of GeneralName to be added.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_AddSubjAltName(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_GeneralName *name,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetPathToNames
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of GeneralNames (if any) representing the
+ * path to names criterion that is set in the ComCertSelParams object pointed
+ * to by "params" and stores it at "pNames". In order to match against this
+ * criterion, a certificate must not include name constraints that would
+ * prohibit building a path to the criterion's specified names.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pNames", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose path to names criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pNames"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetPathToNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pNames, /* list of PKIX_PL_GeneralName */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetPathToNames
+ * DESCRIPTION:
+ *
+ * Sets the path to names criterion of the ComCertSelParams object pointed to
+ * by "params" using a List of GeneralNames pointed to by "names". In order to
+ * match against this criterion, a certificate must not include name
+ * constraints that would prohibit building a path to the criterion's
+ * specified names.
+ *
+ * If "names" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose path to names criterion
+ * is to be set. Must be non-NULL.
+ * "names"
+ * Address of List of GeneralNames used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetPathToNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *names, /* list of PKIX_PL_GeneralName */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_AddPathToName
+ * DESCRIPTION:
+ *
+ * Adds to the path to names criterion of the ComCertSelParams object pointed
+ * to by "params" using the GeneralName pointed to by "pathToName". In order
+ * to match against this criterion, a certificate must not include name
+ * constraints that would prohibit building a path to the criterion's
+ * specified names.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose path to names criterion is to
+ * be added to. Must be non-NULL.
+ * "pathToName"
+ * Address of GeneralName to be added.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_AddPathToName(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_GeneralName *pathToName,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetAuthorityKeyIdentifier
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ByteArray (if any) representing the authority
+ * key identifier criterion that is set in the ComCertSelParams object
+ * pointed to by "params" and stores it at "pAuthKeyId". In order to match
+ * against this criterion, a certificate must contain an
+ * AuthorityKeyIdentifier extension whose value matches the criterion's
+ * authority key identifier value.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pAuthKeyId", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose authority key identifier
+ * criterion (if any) is to be stored. Must be non-NULL.
+ * "pAuthKeyId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetAuthorityKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray **pAuthKeyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetAuthorityKeyIdentifier
+ * DESCRIPTION:
+ *
+ * Sets the authority key identifier criterion of the ComCertSelParams object
+ * pointed to by "params" to the ByteArray pointed to by "authKeyId". In
+ * order to match against this criterion, a certificate must contain an
+ * AuthorityKeyIdentifier extension whose value matches the criterion's
+ * authority key identifier value.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose authority key identifier
+ * criterion is to be set. Must be non-NULL.
+ * "authKeyId"
+ * Address of ByteArray used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetAuthorityKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray *authKeyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjKeyIdentifier
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ByteArray (if any) representing the subject key
+ * identifier criterion that is set in the ComCertSelParams object pointed to
+ * by "params" and stores it at "pSubjKeyId". In order to match against this
+ * criterion, a certificate must contain a SubjectKeyIdentifier extension
+ * whose value matches the criterion's subject key identifier value.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pSubjKeyId", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject key identifier
+ * criterion (if any) is to be stored. Must be non-NULL.
+ * "pSubjKeyId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray **pSubjKeyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjKeyIdentifier
+ * DESCRIPTION:
+ *
+ * Sets the subject key identifier criterion of the ComCertSelParams object
+ * pointed to by "params" using a ByteArray pointed to by "subjKeyId". In
+ * order to match against this criterion, a certificate must contain an
+ * SubjectKeyIdentifier extension whose value matches the criterion's subject
+ * key identifier value.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject key identifier
+ * criterion is to be set. Must be non-NULL.
+ * "subjKeyId"
+ * Address of ByteArray used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray *subKeyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjPubKey
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the PublicKey (if any) representing the subject
+ * public key criterion that is set in the ComCertSelParams object pointed to
+ * by "params" and stores it at "pPubKey". In order to match against this
+ * criterion, a certificate must contain a SubjectPublicKey that matches the
+ * criterion's public key.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pPubKey", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject public key criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pPubKey"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjPubKey(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_PublicKey **pPubKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjPubKey
+ * DESCRIPTION:
+ *
+ * Sets the subject public key criterion of the ComCertSelParams object
+ * pointed to by "params" using a PublicKey pointed to by "pubKey". In order
+ * to match against this criterion, a certificate must contain a
+ * SubjectPublicKey that matches the criterion's public key.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject public key
+ * criterion is to be set. Must be non-NULL.
+ * "pubKey"
+ * Address of PublicKey used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjPubKey(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_PublicKey *pubKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjPKAlgId
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the OID (if any) representing the subject public key
+ * algorithm identifier criterion that is set in the ComCertSelParams object
+ * pointed to by "params" and stores it at "pPubKey". In order to match
+ * against this criterion, a certificate must contain a SubjectPublicKey with
+ * an algorithm that matches the criterion's algorithm.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pAlgId", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject public key algorithm
+ * identifier (if any) is to be stored. Must be non-NULL.
+ * "pAlgId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjPKAlgId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_OID **pAlgId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjPKAlgId
+ * DESCRIPTION:
+ *
+ * Sets the subject public key algorithm identifier criterion of the
+ * ComCertSelParams object pointed to by "params" using an OID pointed to by
+ * "algId". In order to match against this criterion, a certificate must
+ * contain a SubjectPublicKey with an algorithm that matches the criterion's
+ * algorithm.
+ *
+ * If "algId" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject public key
+ * algorithm identifier criterion is to be set. Must be non-NULL.
+ * "algId"
+ * Address of OID used to set criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjPKAlgId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_OID *algId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetBasicConstraints
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the minimum path length (if any) representing the
+ * basic constraints criterion that is set in the ComCertSelParams object
+ * pointed to by "params" and stores it at "pMinPathLength". In order to
+ * match against this criterion, there are several possibilities.
+ *
+ * 1) If the criterion's minimum path length is greater than or equal to zero,
+ * a certificate must include a BasicConstraints extension with a pathLen of
+ * at least this value.
+ *
+ * 2) If the criterion's minimum path length is -2, a certificate must be an
+ * end-entity certificate.
+ *
+ * 3) If the criterion's minimum path length is -1, no basic constraints check
+ * is done and all certificates are considered to match this criterion.
+ *
+ * The semantics of other values of the criterion's minimum path length are
+ * undefined but may be defined in future versions of the API.
+ *
+ * If "params" does not have this criterion set, this function stores -1 at
+ * "pMinPathLength", in which case all certificates are considered to match
+ * this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose basic constraints criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pMinPathLength"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetBasicConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_Int32 *pMinPathLength,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetBasicConstraints
+ * DESCRIPTION:
+ *
+ * Sets the basic constraints criterion of the ComCertSelParams object
+ * pointed to by "params" using the integer value of "minPathLength". In
+ * order to match against this criterion, there are several possibilities.
+ *
+ * 1) If the criterion's minimum path length is greater than or equal to zero,
+ * a certificate must include a BasicConstraints extension with a pathLen of
+ * at least this value.
+ *
+ * 2) If the criterion's minimum path length is -2, a certificate must be an
+ * end-entity certificate.
+ *
+ * 3) If the criterion's minimum path length is -1, no basic constraints check
+ * is done and all certificates are considered to match this criterion.
+ *
+ * The semantics of other values of the criterion's minimum path length are
+ * undefined but may be defined in future versions of the API.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose basic constraints
+ * criterion is to be set. Must be non-NULL.
+ * "minPathLength"
+ * Value of PKIX_Int32 used to set the criterion
+ * (or -1 to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetBasicConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_Int32 minPathLength,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetCertificate
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Cert (if any) representing the certificate
+ * criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pCert". In order to match against this
+ * criterion, a certificate must be equal to the criterion's certificate. If
+ * this criterion is specified, it is usually not necessary to specify any
+ * other criteria, since this criterion requires an exact certificate match.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pCert", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose certificate criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pCert"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetCertificate(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert **pCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetCertificate
+ * DESCRIPTION:
+ *
+ * Sets the certificate criterion of the ComCertSelParams object pointed to by
+ * "params" using a Cert pointed to by "cert". In order to match against this
+ * criterion, a certificate must be equal to the criterion's certificate.
+ * If this criterion is specified, it is usually not necessary to specify
+ * any other criteria, since this criterion requires an exact certificate
+ * match.
+ *
+ * If "cert" is NULL, all certificates are considered to match this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose certificate criterion is to be
+ * set. Must be non-NULL.
+ * "cert"
+ * Address of Cert used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetCertificate(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetCertificateValid
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Date (if any) representing the certificate
+ * validity criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pDate". In order to match against this
+ * criterion, a certificate's validity period must include the criterion's
+ * Date.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pDate", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose certificate validity criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetCertificateValid(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetCertificateValid
+ * DESCRIPTION:
+ *
+ * Sets the certificate validity criterion of the ComCertSelParams object
+ * pointed to by "params" using a Date pointed to by "date". In order to
+ * match against this criterion, a certificate's validity period must include
+ * the criterion's Date.
+ *
+ * If "date" is NULL, all certificates are considered to match this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose certificate validity criterion
+ * is to be set. Must be non-NULL.
+ * "date"
+ * Address of Date used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetCertificateValid(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Date *date,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSerialNumber
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the BigInt (if any) representing the serial number
+ * criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pSerialNumber". In order to match against this
+ * criterion, a certificate must have a serial number equal to the
+ * criterion's serial number.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pSerialNumber", in which case all certificates are considered to match
+ * this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose serial number criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pSerialNumber"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSerialNumber(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_BigInt **pSerialNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSerialNumber
+ * DESCRIPTION:
+ *
+ * Sets the serial number criterion of the ComCertSelParams object pointed to
+ * by "params" using a BigInt pointed to by "serialNumber". In order to match
+ * against this criterion, a certificate must have a serial number equal to
+ * the criterion's serial number.
+ *
+ * If "serialNumber" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose serial number criterion is to
+ * be set. Must be non-NULL.
+ * "serialNumber"
+ * Address of BigInt used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSerialNumber(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_BigInt *serialNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetVersion
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the version criterion that is
+ * set in the ComCertSelParams object pointed to by "params" and stores it at
+ * "pVersion". In order to match against this criterion, a certificate's
+ * version must be equal to the criterion's version.
+ *
+ * The version number will either be 0, 1, or 2 (corresponding to
+ * v1, v2, or v3, respectively).
+ *
+ * If "params" does not have this criterion set, this function stores
+ * 0xFFFFFFFF at "pVersion", in which case all certificates are considered
+ * to match this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose version criterion (if any) is
+ * to be stored. Must be non-NULL.
+ * "pVersion"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetVersion(
+ PKIX_ComCertSelParams *params,
+ PKIX_UInt32 *pVersion,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetVersion
+ * DESCRIPTION:
+ *
+ * Sets the version criterion of the ComCertSelParams object pointed to by
+ * "params" using the integer value of "version". In order to match against
+ * this criterion, a certificate's version must be equal to the criterion's
+ * version. If the criterion's version is -1, no version check is done and
+ * all certificates are considered to match this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose version criterion is to be
+ * set. Must be non-NULL.
+ * "version"
+ * Value of PKIX_Int32 used to set the criterion
+ * (or -1 to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetVersion(
+ PKIX_ComCertSelParams *params,
+ PKIX_Int32 version,
+ void *plContext);
+
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetKeyUsage
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the key usage criterion that
+ * is set in the ComCertSelParams object pointed to by "params" and stores it
+ * at "pKeyUsage". In order to match against this criterion, a certificate
+ * must allow the criterion's key usage values. Note that a certificate that
+ * has no KeyUsage extension implicity allows all key usages. Note also that
+ * this functions supports a maximum of 32 key usage bits.
+ *
+ * If "params" does not have this criterion set, this function stores zero at
+ * "pKeyUsage", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose key usage criterion (if any)
+ * is to be stored. Must be non-NULL.
+ * "pKeyUsage"
+ * Address where PKIX_UInt32 will be stored. Must not be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_UInt32 *pKeyUsage,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetKeyUsage
+ * DESCRIPTION:
+ *
+ * Sets the key usage criterion of the ComCertSelParams object pointed to by
+ * "params" using the integer value of "keyUsage". In order to match against
+ * this criterion, a certificate must allow the criterion's key usage values.
+ * Note that a certificate that has no KeyUsage extension implicity allows
+ * all key usages. Note also that this functions supports a maximum of 32 key
+ * usage bits.
+ *
+ * If the criterion's key usage value is zero, no key usage check is done and
+ * all certificates are considered to match this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose key usage criterion is to be
+ * set. Must be non-NULL.
+ * "keyUsage"
+ * Value of PKIX_Int32 used to set the criterion
+ * (or zero to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_UInt32 keyUsage,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetExtendedKeyUsage
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of OIDs (if any) representing the extended
+ * key usage criterion that is set in the ComCertSelParams object pointed to
+ * by "params" and stores it at "pExtKeyUsage". In order to match against this
+ * criterion, a certificate's ExtendedKeyUsage extension must allow the
+ * criterion's extended key usages. Note that a certificate that has no
+ * ExtendedKeyUsage extension implicity allows all key purposes.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pExtKeyUsage", in which case all certificates are considered to match
+ * this criterion.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose extended key usage criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pExtKeyUsage"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetExtendedKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pExtKeyUsage, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetExtendedKeyUsage
+ * DESCRIPTION:
+ *
+ * Sets the extended key usage criterion of the ComCertSelParams object
+ * pointed to by "params" using a List of OIDs pointed to by "extKeyUsage".
+ * In order to match against this criterion, a certificate's ExtendedKeyUsage
+ * extension must allow the criterion's extended key usages. Note that a
+ * certificate that has no ExtendedKeyUsage extension implicitly allows all
+ * key purposes.
+ *
+ * If "extKeyUsage" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose extended key usage criterion
+ * is to be set. Must be non-NULL.
+ * "extKeyUsage"
+ * Address of List of OIDs used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetExtendedKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *extKeyUsage, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetPolicy
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of OIDs (if any) representing the policy
+ * criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pPolicy". In order to match against this
+ * criterion, a certificate's CertificatePolicies extension must include at
+ * least one of the criterion's policies. If "params" has this criterion set,
+ * but the List of OIDs is empty, then a certificate's CertificatePolicies
+ * extension must include at least some policy.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pPolicy", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose policy criterion (if any) is
+ * to be stored. Must be non-NULL.
+ * "pPolicy"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetPolicy(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pPolicy, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetPolicy
+ * DESCRIPTION:
+ *
+ * Sets the policy criterion of the ComCertSelParams object pointed to by
+ * "params" using a List of OIDs pointed to by "policy". In order to match
+ * against this criterion, a certificate's CertificatePolicies extension must
+ * include at least one of the criterion's policies. If "params" has this
+ * criterion set, but the List of OIDs is empty, then a certificate's
+ * CertificatePolicies extension must include at least some policy.
+ *
+ * If "policy" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose policy criterion is to be set.
+ * Must be non-NULL.
+ * "policy"
+ * Address of List of OIDs used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetPolicy(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *policy, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetIssuer
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the X500Name (if any) representing the issuer
+ * criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pIssuer". In order to match against this
+ * criterion, a certificate's IssuerName must match the criterion's issuer
+ * name.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pIssuer", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose issuer criterion (if any) is
+ * to be stored. Must be non-NULL.
+ * "pIssuer"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetIssuer(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name **pIssuer,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetIssuer
+ * DESCRIPTION:
+ *
+ * Sets the issuer criterion of the ComCertSelParams object pointed to by
+ * "params" using an X500Name pointed to by "issuer". In order to match
+ * against this criterion, a certificate's IssuerName must match the
+ * criterion's issuer name.
+ *
+ * If "issuer" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose issuer criterion is to be set.
+ * Must be non-NULL.
+ * "issuer"
+ * Address of X500Name used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetIssuer(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name *issuer,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubject
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the X500Name (if any) representing the subject
+ * criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pSubject". In order to match against this
+ * criterion, a certificate's SubjectName must match the criterion's subject
+ * name.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pSubject", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject criterion (if any) is
+ * to be stored. Must be non-NULL.
+ * "pSubject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubject(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name **pSubject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubject
+ * DESCRIPTION:
+ *
+ * Sets the subject criterion of the ComCertSelParams object pointed to by
+ * "params" using an X500Name pointed to by "subject". In order to match
+ * against this criterion, a certificate's SubjectName must match the
+ * criterion's subject name.
+ *
+ * If "subject" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject criterion is to be
+ * set. Must be non-NULL.
+ * "subject"
+ * Address of X500Name used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubject(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name *subject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjectAsByteArray
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ByteArray (if any) representing the subject
+ * criterion that is set in the ComCertSelParams object pointed to by
+ * "params" and stores it at "pSubject". In order to match against this
+ * criterion, a certificate's SubjectName must match the criterion's subject
+ * name.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pSubject", in which case all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject criterion (if any) is
+ * to be stored. Must be non-NULL.
+ * "pSubject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjectAsByteArray(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray **pSubject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjectAsByteArray
+ * DESCRIPTION:
+ *
+ * Sets the subject criterion of the ComCertSelParams object pointed to by
+ * "params" using a ByteArray pointed to by "subject". In order to match
+ * against this criterion, a certificate's SubjectName must match the
+ * criterion's subject name.
+ *
+ * If "subject" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose subject criterion is to be
+ * set. Must be non-NULL.
+ * "subject"
+ * Address of ByteArray used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjectAsByteArray(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray *subject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetNameConstraints
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the X500Name (if any) representing the name
+ * constraints criterion that is set in the ComCertSelParams object pointed
+ * to by "params" and stores it at "pConstraints". In order to match against
+ * this criterion, a certificate's subject and subject alternative names must
+ * be allowed by the criterion's name constraints.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pConstraints", in which case all certificates are considered to match
+ * this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose name constraints criterion
+ * (if any) is to be stored. Must be non-NULL.
+ * "pConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetNameConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_CertNameConstraints **pConstraints,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetNameConstraints
+ * DESCRIPTION:
+ *
+ * Sets the name constraints criterion of the ComCertSelParams object pointed
+ * to by "params" using the CertNameConstraints pointed to by "constraints".
+ * In order to match against this criterion, a certificate's subject and
+ * subject alternative names must be allowed by the criterion's name
+ * constraints.
+ *
+ * If "constraints" is NULL, all certificates are considered to match this
+ * criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose name constraints criterion is
+ * to be set. Must be non-NULL.
+ * "constraints"
+ * Address of CertNameConstraints used to set the criterion
+ * (or NULL to disable the criterion).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetNameConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_CertNameConstraints *constraints,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetMatchAllSubjAltNames
+ * DESCRIPTION:
+ *
+ * Checks whether the ComCertSelParams object pointed to by "params" indicate
+ * that all subject alternative names are to be matched and stores the Boolean
+ * result at "pMatch". This Boolean value determines the behavior of the
+ * subject alternative names criterion.
+ *
+ * In order to match against the subject alternative names criterion, if the
+ * Boolean value at "pMatch" is PKIX_TRUE, a certificate must contain all of
+ * the criterion's subject alternative names. If the Boolean value at
+ * "pMatch" is PKIX_FALSE, a certificate must contain at least one of the
+ * criterion's subject alternative names. The default behavior is as if the
+ * Boolean value at "pMatch" is PKIX_TRUE.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object used to determine whether all
+ * subject alternative names must be matched. Must be non-NULL.
+ * "pMatch"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetMatchAllSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean *pMatch,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetMatchAllSubjAltNames
+ * DESCRIPTION:
+ *
+ * Sets the match flag of the ComCertSelParams object pointed to by "params"
+ * using the Boolean value of "match". This Boolean value determines the
+ * behavior of the subject alternative names criterion.
+ *
+ * In order to match against the subject alternative names criterion, if the
+ * "match" is PKIX_TRUE, a certificate must contain all of the criterion's
+ * subject alternative names. If the "match" is PKIX_FALSE, a certificate
+ * must contain at least one of the criterion's subject alternative names.
+ * The default behavior is as if "match" is PKIX_TRUE.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose match flag is to be set.
+ * Must be non-NULL.
+ * "match"
+ * Boolean value used to set the match flag.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetMatchAllSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean match,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetLeafCertFlag
+ * DESCRIPTION:
+ *
+ * Return "leafCert" flag of the ComCertSelParams structure. If set to true,
+ * the flag indicates that a selector should filter out all cert that are not
+ * qualified to be a leaf cert according to the specified key/ekey usages.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object used to determine whether all
+ * subject alternative names must be matched. Must be non-NULL.
+ * "pLeafFlag"
+ * Address of returned value.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error*
+PKIX_ComCertSelParams_GetLeafCertFlag(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean *pLeafFlag,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetLeafCertFlag
+ * DESCRIPTION:
+ *
+ * Sets a flag that if its value is true, indicates that the selector
+ * should only pick certs that qualifies to be leaf for this cert path
+ * validation.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams object whose match flag is to be set.
+ * Must be non-NULL.
+ * "leafFlag"
+ * Boolean value used to set the leaf flag.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetLeafCertFlag(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean leafFlag,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CERTSEL_H */
diff --git a/security/nss/lib/libpkix/include/pkix_certstore.h b/security/nss/lib/libpkix/include/pkix_certstore.h
new file mode 100755
index 000000000..fb705644e
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_certstore.h
@@ -0,0 +1,714 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the PKIX_CertStore type.
+ *
+ */
+
+#ifndef _PKIX_CERTSTORE_H
+#define _PKIX_CERTSTORE_H
+
+#include "pkixt.h"
+#include "certt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_CertStore
+ *
+ * A PKIX_CertStore provides a standard way for the caller to retrieve
+ * certificates and CRLs from a particular repository (or "store") of
+ * certificates and CRLs, including LDAP directories, flat files, local
+ * databases, etc. The CertCallback allows custom certificate retrieval logic
+ * to be used while the CRLCallback allows custom CRL retrieval logic to be
+ * used. Additionally, a CertStore can be initialized with a certStoreContext,
+ * which is where the caller can specify configuration data such as the host
+ * name of an LDAP server. Note that this certStoreContext must be an
+ * Object (although any object type), allowing it to be reference-counted and
+ * allowing it to provide the standard Object functions (Equals, Hashcode,
+ * ToString, Compare, Duplicate). Please note that each certStoreContext must
+ * provide Equals and Hashcode functions in order for the caching (on Cert and
+ * CertChain) to work correctly. When providing those two functions, it is not
+ * required that all the components of the object be hashed or checked for
+ * equality, but merely that the functions distinguish between unique
+ * instances of the certStoreContext.
+ *
+ * Once the caller has created the CertStore object, the caller then specifies
+ * these CertStore objects in a ProcessingParams object and passes that object
+ * to PKIX_ValidateChain or PKIX_BuildChain, which uses the objects to call the
+ * user's callback functions as needed during the validation or building
+ * process.
+ *
+ * The order of CertStores stored (as a list) at ProcessingParams determines
+ * the order in which certificates are retrieved. Trusted CertStores should
+ * precede non-trusted ones on the list of CertStores so their certificates
+ * are evaluated ahead of other certificates selected on the basis of the same
+ * selector criteria.
+ *
+ * The CheckTrustCallback function is used when the CertStore object
+ * supports trust status, which means a Cert's trust status can be altered
+ * dynamically. When a CertStore object is created, if the
+ * CheckTrustCallback is initialized to be non-NULL, this CertStore is
+ * defaulted as supporting trust. Then whenever a Cert needs to (re)check its
+ * trust status, this callback can be invoked. When a Cert is retrieved by
+ * a CertStore supports trust, at its GetCertCallback, the CertStore
+ * information should be updated in Cert's data structure so the link between
+ * the Cert and CertStore exists.
+ *
+ */
+
+/*
+ * FUNCTION: PKIX_CertStore_CertCallback
+ * DESCRIPTION:
+ *
+ * This callback function retrieves from the CertStore pointed to by "store"
+ * all the certificates that match the CertSelector pointed to by "selector".
+ * It places these certificates in a List and stores a pointer to the List at
+ * "pCerts". If no certificates are found which match the CertSelector's
+ * criteria, this function stores an empty List at "pCerts". In either case, if
+ * the operation is completed, NULL is stored at "pNBIOContext".
+ *
+ * A CertStore which uses non-blocking I/O may store platform-dependent
+ * information at "pNBIOContext" and NULL at "pCerts" to indicate that I/O is
+ * pending. A subsequent call to PKIX_CertStore_CertContinue is required to
+ * finish the operation and to obtain the List of Certs.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which Certs are to be retrieved.
+ * Must be non-NULL.
+ * "selector"
+ * Address of CertSelector whose criteria must be satisfied.
+ * Must be non-NULL.
+ * "verifyNode"
+ * Parent log node for tracking of filtered out certs.
+ * "pNBIOContext"
+ * Address at which platform-dependent information is stored if the
+ * operation is suspended for non-blocking I/O. Must be non-NULL.
+ * "pCerts"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertStore_CertCallback)(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCerts, /* list of PKIX_PL_Cert */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_CertContinue
+ * DESCRIPTION:
+ *
+ * This function continues the non-blocking operation initiated by an earlier
+ * call to the CertCallback function, for the CertStore pointed to by "store".
+ * If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL
+ * value returned in "pNBIOContext") calling this function will return a fatal
+ * error. If the operation is completed the certificates found are placed in a
+ * List, a pointer to which is stored at "pCerts". If no certificates are found
+ * which match the CertSelector's criteria, this function stores an empty List
+ * at "pCerts". In either case, if the operation is completed, NULL is stored
+ * at "pNBIOContext".
+ *
+ * If non-blocking I/O is still pending this function stores platform-dependent
+ * information at "pNBIOContext" and NULL at "pCerts". A subsequent call to
+ * PKIX_CertStore_CertContinue is required to finish the operation and to
+ * obtain the List of Certs.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which Certs are to be retrieved.
+ * Must be non-NULL.
+ * "selector"
+ * Address of CertSelector whose criteria must be satisfied.
+ * Must be non-NULL.
+ * "verifyNode"
+ * Parent log node for tracking of filtered out certs.
+ * "pNBIOContext"
+ * Address at which platform-dependent information is stored if the
+ * operation is suspended for non-blocking I/O. Must be non-NULL.
+ * "pCerts"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_CertContinue(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCerts, /* list of PKIX_PL_Cert */
+ void *plContext);
+
+typedef PKIX_Error *
+(*PKIX_CertStore_CertContinueFunction)(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCerts, /* list of PKIX_PL_Cert */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_CRLCallback
+ * DESCRIPTION:
+ *
+ * This callback function retrieves from the CertStore pointed to by "store"
+ * all the CRLs that match the CRLSelector pointed to by "selector". It
+ * places these CRLs in a List and stores a pointer to the List at "pCRLs".
+ * If no CRLs are found which match the CRLSelector's criteria, this function
+ * stores an empty List at "pCRLs". In either case, if the operation is
+ * completed, NULL is stored at "pNBIOContext".
+ *
+ * A CertStore which uses non-blocking I/O may store platform-dependent
+ * information at "pNBIOContext" and NULL at "pCrls" to indicate that I/O is
+ * pending. A subsequent call to PKIX_CertStore_CRLContinue is required to
+ * finish the operation and to obtain the List of Crls.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which CRLs are to be retrieved.
+ * Must be non-NULL.
+ * "selector"
+ * Address of CRLSelector whose criteria must be satisfied.
+ * Must be non-NULL.
+ * "pCrls"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertStore_CRLCallback)(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrls, /* list of PKIX_PL_CRL */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_ImportCrlCallback
+ * DESCRIPTION:
+ *
+ * The function imports crl list into a cert store. Stores that
+ * have local cache may only have that function defined.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which CRLs are to be retrieved.
+ * Must be non-NULL.
+ * "issuerName"
+ * Name of the issuer that will be used to track bad der crls.
+ * "crlList"
+ * Address on the importing crl list.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertStore_ImportCrlCallback)(
+ PKIX_CertStore *store,
+ PKIX_PL_X500Name *issuerName,
+ PKIX_List *crlList,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_CheckRevokationByCrlCallback
+ * DESCRIPTION:
+ *
+ * The function checks revocation status of a cert with specified
+ * issuer, date. It returns revocation status of a cert and
+ * a reason code(if any) if a cert was revoked.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which CRLs are to be retrieved.
+ * Must be non-NULL.
+ * "cert"
+ * Certificate which revocation status will be checked.
+ * "issuer"
+ * Issuer certificate of the "crl".
+ * "date"
+ * Date of the revocation check.
+ * "crlDownloadDone"
+ * Indicates, that all needed crl downloads are done by the time of
+ * the revocation check.
+ * "reasonCode"
+ * If cert is revoked, returned reason code for which a cert was revoked.
+ * "revStatus"
+ * Returned revocation status of the cert. See PKIX_RevocationStatus
+ * for more details
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertStore_CheckRevokationByCrlCallback)(
+ PKIX_CertStore *store,
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ PKIX_Boolean crlDownloadDone,
+ CERTCRLEntryReasonCode *reasonCode,
+ PKIX_RevocationStatus *revStatus,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_CrlContinue
+ * DESCRIPTION:
+ *
+ * This function continues the non-blocking operation initiated by an earlier
+ * call to the CRLCallback function, for the CertStore pointed to by "store".
+ * If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL
+ * value returned in "pNBIOContext") calling this function will return a fatal
+ * error. If the operation is completed the crls found are placed in a List, a
+ * pointer to which is stored at "pCrls". If no crls are found which match the
+ * CRLSelector's criteria, this function stores an empty List at "pCrls". In
+ * either case, if the operation is completed, NULL is stored at "pNBIOContext".
+ *
+ * If non-blocking I/O is still pending this function stores platform-dependent
+ * information at "pNBIOContext" and NULL at "pCrls". A subsequent call to
+ * PKIX_CertStore_CrlContinue is required to finish the operation and to
+ * obtain the List of Crls.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which Crls are to be retrieved.
+ * Must be non-NULL.
+ * "selector"
+ * Address of CRLSelector whose criteria must be satisfied.
+ * Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which platform-dependent information is stored if the
+ * operation is suspended for non-blocking I/O. Must be non-NULL.
+ * "pCrls"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_CrlContinue(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrls, /* list of PKIX_PL_CRL */
+ void *plContext);
+
+typedef PKIX_Error *
+(*PKIX_CertStore_CrlContinueFunction)(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrls, /* list of PKIX_PL_CRL */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_CheckTrustCallback
+ * DESCRIPTION:
+ *
+ * This callback function rechecks "cert's" trust status from the CertStore
+ * pointed to by "store".
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore from which Certs are to be checked.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert whose trust status needs to be rechecked.
+ * Must be non-NULL.
+ * "pTrusted"
+ * Address of PKIX_Boolean where the trust status is returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertStore_CheckTrustCallback)(
+ PKIX_CertStore *store,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pTrusted,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CertStore and stores it at "pStore". The new CertStore uses
+ * the CertCallback pointed to by "certCallback" and the CRLCallback pointed
+ * to by "crlCallback" as its callback functions and uses the Object pointed
+ * to by "certStoreContext" as its context . Note that this certStoreContext
+ * must be an Object (although any object type), allowing it to be
+ * reference-counted and allowing it to provide the standard Object functions
+ * (Equals, Hashcode, ToString, Compare, Duplicate). Once created, a
+ * CertStore object is immutable, although the underlying repository can
+ * change. For example, a CertStore will often be a front-end for a database
+ * or directory. The contents of that directory can change after the
+ * CertStore object is created, but the CertStore object remains immutable.
+ *
+ * PARAMETERS:
+ * "certCallback"
+ * The CertCallback function to be used. Must be non-NULL.
+ * "crlCallback"
+ * The CRLCallback function to be used. Must be non-NULL.
+ * "certContinue"
+ * The function to be used to resume a certCallback that returned with a
+ * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking
+ * I/O.
+ * "crlContinue"
+ * The function to be used to resume a crlCallback that returned with a
+ * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking
+ * I/O.
+ * "trustCallback"
+ * Address of PKIX_CertStore_CheckTrustCallback which is called to
+ * verify the trust status of Certs in this CertStore.
+ * "certStoreContext"
+ * Address of Object representing the CertStore's context (if any).
+ * "cachedFlag"
+ * If TRUE indicates data retrieved from CertStore should be cached.
+ * "localFlag"
+ * Boolean value indicating whether this CertStore is local.
+ * "pStore"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_Create(
+ PKIX_CertStore_CertCallback certCallback,
+ PKIX_CertStore_CRLCallback crlCallback,
+ PKIX_CertStore_CertContinueFunction certContinue,
+ PKIX_CertStore_CrlContinueFunction crlContinue,
+ PKIX_CertStore_CheckTrustCallback trustCallback,
+ PKIX_CertStore_ImportCrlCallback importCrlCallback,
+ PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback,
+ PKIX_PL_Object *certStoreContext,
+ PKIX_Boolean cachedFlag,
+ PKIX_Boolean localFlag,
+ PKIX_CertStore **pStore,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCertCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "store's" Cert callback function and put it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "store"
+ * The CertStore whose Cert callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where Cert callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetCertCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CertCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCRLCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "store's" CRL callback function and put it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "store"
+ * The CertStore whose CRL callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where CRL callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetCRLCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CRLCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetImportCrlCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "store's" Import CRL callback function and put it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "store"
+ * The CertStore whose CRL callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where CRL callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetImportCrlCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_ImportCrlCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCheckRevByCrl
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "store's" CRL revocation checker callback function
+ * and put it in "pCallback".
+ *
+ * PARAMETERS:
+ * "store"
+ * The CertStore whose CRL callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where CRL callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetCrlCheckerFn(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CheckRevokationByCrlCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetTrustCallback
+ * DESCRIPTION:
+ *
+ * Retrieves the function pointer to the CheckTrust callback function of the
+ * CertStore pointed to by "store" and stores it at "pCallback".
+ *
+ * PARAMETERS:
+ * "store"
+ * The CertStore whose CheckTrust callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where CheckTrust callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetTrustCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CheckTrustCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCertStoreContext
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Object representing the context (if any)
+ * of the CertStore pointed to by "store" and stores it at
+ * "pCertStoreContext".
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore whose context is to be stored. Must be non-NULL.
+ * "pCertStoreContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetCertStoreContext(
+ PKIX_CertStore *store,
+ PKIX_PL_Object **pCertStoreContext,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCertStoreCacheFlag
+ * DESCRIPTION:
+ *
+ * Retrieves the Boolean cache flag of the CertStore pointed to by "store" and
+ * stores it at "pCachedFlag".
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore whose cache flag is to be stored. Must be non-NULL.
+ * "pCacheFlag"
+ * Address where the result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetCertStoreCacheFlag(
+ PKIX_CertStore *store,
+ PKIX_Boolean *pCacheFlag,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertStore_GetLocalFlag
+ * DESCRIPTION:
+ *
+ * Retrieves the Boolean localFlag for the CertStore pointed to by "store" and
+ * stores it at "pLocalFlag". The localFlag is TRUE if the CertStore can
+ * fulfill a request without performing network I/O.
+ *
+ * PARAMETERS:
+ * "store"
+ * The CertStore whose Local flag is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where the Boolean LocalFlag will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertStore_GetLocalFlag(
+ PKIX_CertStore *store,
+ PKIX_Boolean *pLocalFlag,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CERTSTORE_H */
diff --git a/security/nss/lib/libpkix/include/pkix_checker.h b/security/nss/lib/libpkix/include/pkix_checker.h
new file mode 100755
index 000000000..97e29a840
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_checker.h
@@ -0,0 +1,394 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the PKIX_CertChainChecker type.
+ *
+ */
+
+#ifndef _PKIX_CHECKER_H
+#define _PKIX_CHECKER_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_CertChainChecker
+ *
+ * PKIX_CertChainCheckers provide a standard way for the caller to insert their
+ * own custom checks to validate certificates. This may be useful in many
+ * scenarios, including when the caller wishes to validate private certificate
+ * extensions. The CheckCallback allows custom certificate processing to take
+ * place. Additionally, a CertChainChecker can optionally maintain state
+ * between successive calls to the CheckCallback. This certChainCheckerState
+ * must be an Object (although any object type), allowing it to be
+ * reference-counted and allowing it to provide the standard Object functions
+ * (Equals, Hashcode, ToString, Compare, Duplicate). If the caller wishes
+ * their CertChainChecker to be used during chain building, their
+ * certChainCheckerState object must implement an appropriate Duplicate
+ * function. The builder uses this Duplicate function when backtracking.
+ *
+ * Once the caller has created a CertChainChecker object, the caller then
+ * specifies a CertChainChecker object in a ProcessingParams object
+ * and passes the ProcessingParams object to PKIX_ValidateChain or
+ * PKIX_BuildChain, which uses the objects to call the user's callback
+ * functions as needed during the validation or building process.
+ *
+ * A CertChainChecker may be presented certificates in the "reverse" direction
+ * (from trust anchor to target) or in the "forward" direction (from target to
+ * trust anchor). All CertChainCheckers must support "reverse checking", while
+ * support for "forward checking" is optional, but recommended. If "forward
+ * checking" is not supported, building chains may be much less efficient. The
+ * PKIX_CertChainChecker_IsForwardCheckingSupported function is used to
+ * determine whether forward checking is supported, and the
+ * PKIX_CertChainChecker_IsForwardDirectionExpected function is used to
+ * determine whether the CertChainChecker has been initialized to expect the
+ * certificates to be presented in the "forward" direction.
+ */
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_CheckCallback
+ * DESCRIPTION:
+ *
+ * This callback function checks whether the specified Cert pointed to by
+ * "cert" is valid using "checker's" internal certChainCheckerState (if any)
+ * and removes the critical extensions that it processes (if any) from the
+ * List of OIDs (possibly empty) pointed to by "unresolvedCriticalExtensions".
+ * If the checker finds that the certificate is not valid, an Error pointer is
+ * returned.
+ *
+ * If the checker uses non-blocking I/O, the address of a platform-dependent
+ * non-blocking I/O context ("nbioContext") will be stored at "pNBIOContext",
+ * which the caller may use, in a platform-dependent way, to wait, poll, or
+ * otherwise determine when to try again. If the checker does not use
+ * non-blocking I/O, NULL will always be stored at "pNBIOContext". If a non-NULL
+ * value was stored, on a subsequent call the checker will attempt to complete
+ * the pending I/O and, if successful, NULL will be stored at "pNBIOContext".
+ *
+ * PARAMETERS:
+ * "checker"
+ * Address of CertChainChecker whose certChainCheckerState and
+ * CheckCallback logic is to be used. Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be validated using "checker".
+ * Must be non-NULL.
+ * "unresolvedCriticalExtensions"
+ * Address of List of OIDs that represents the critical certificate
+ * extensions that have yet to be resolved. This parameter may be
+ * modified during the function call. Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which is stored a platform-dependent structure indicating
+ * whether checking was suspended for non-blocking I/O. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CertChainChecker_CheckCallback)(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions, /* list of PKIX_PL_OID */
+ void **pNBIOContext,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CertChainChecker and stores it at "pChecker". The new
+ * CertChainChecker uses the CheckCallback pointed to by "callback" as its
+ * callback function. It uses the Object pointed to by "initialState" (if
+ * any) as its initial state. As noted above, the initial state Object must
+ * provide a custom implementation of PKIX_PL_Object_Duplicate if the
+ * CertChainChecker is to be used during certificate chain building.
+ *
+ * A CertChainChecker may be presented certificates in the "reverse"
+ * direction (from trust anchor to target) or in the "forward" direction
+ * (from target to trust anchor). All CertChainCheckers must support
+ * "reverse checking", while support for "forward checking" is optional. The
+ * CertChainChecker is initialized with two Boolean flags that deal with this
+ * distinction: "forwardCheckingSupported" and "forwardDirectionExpected".
+ * If the "forwardCheckingSupported" Boolean flag is TRUE, it indicates that
+ * this CertChainChecker is capable of checking certificates in the "forward"
+ * direction (as well as the "reverse" direction, which all CertChainCheckers
+ * MUST support). The "forwardDirectionExpected" Boolean flag indicates in
+ * which direction the CertChainChecker should expect the certificates to be
+ * presented. This is particularly useful for CertChainCheckers that are
+ * capable of checking in either the "forward" direction or the "reverse"
+ * direction, but have different processing steps depending on the direction.
+ *
+ * The CertChainChecker also uses the List of OIDs pointed to by "extensions"
+ * as the supported certificate extensions. All certificate extensions that
+ * the CertChainChecker might possibly recognize and be able to process
+ * should be included in the List of supported extensions. If "checker" does
+ * not recognize or process any certificate extensions, "extensions" should
+ * be set to NULL.
+ *
+ * PARAMETERS:
+ * "callback"
+ * The CheckCallback function to be used. Must be non-NULL.
+ * "forwardCheckingSupported"
+ * A Boolean value indicating whether or not this CertChainChecker is
+ * capable of checking certificates in the "forward" direction.
+ * "forwardDirectionExpected"
+ * A Boolean value indicating whether or not this CertChainChecker should
+ * be used to check in the "forward" direction.
+ * "extensions"
+ * Address of List of OIDs representing the supported extensions.
+ * "initialState"
+ * Address of Object representing the CertChainChecker's initial state
+ * (if any).
+ * "pChecker"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_Create(
+ PKIX_CertChainChecker_CheckCallback callback,
+ PKIX_Boolean forwardCheckingSupported,
+ PKIX_Boolean forwardDirectionExpected,
+ PKIX_List *extensions, /* list of PKIX_PL_OID */
+ PKIX_PL_Object *initialState,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_GetCheckCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "checker's" Check callback function and puts it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "checker"
+ * The CertChainChecker whose Check callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where Check callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_GetCheckCallback(
+ PKIX_CertChainChecker *checker,
+ PKIX_CertChainChecker_CheckCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported
+ * DESCRIPTION:
+ *
+ * Checks whether forward checking is supported by the CertChainChecker
+ * pointed to by "checker" and stores the Boolean result at
+ * "pForwardCheckingSupported".
+ *
+ * A CertChainChecker may be presented certificates in the "reverse"
+ * direction (from trust anchor to target) or in the "forward" direction
+ * (from target to trust anchor). All CertChainCheckers must support
+ * "reverse checking", while support for "forward checking" is optional. This
+ * function is used to determine whether forward checking is supported.
+ *
+ * PARAMETERS:
+ * "checker"
+ * The CertChainChecker whose ability to validate certificates in the
+ * "forward" direction is to be checked. Must be non-NULL.
+ * "pForwardCheckingSupported"
+ * Destination of the Boolean result. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_IsForwardCheckingSupported(
+ PKIX_CertChainChecker *checker,
+ PKIX_Boolean *pForwardCheckingSupported,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected
+ * DESCRIPTION:
+ *
+ * Checks whether the CertChainChecker pointed to by "checker" has been
+ * initialized to expect the certificates to be presented in the "forward"
+ * direction and stores the Boolean result at "pForwardDirectionExpected".
+ *
+ * A CertChainChecker may be presented certificates in the "reverse"
+ * direction (from trust anchor to target) or in the "forward" direction
+ * (from target to trust anchor). All CertChainCheckers must support
+ * "reverse checking", while support for "forward checking" is optional. This
+ * function is used to determine in which direction the CertChainChecker
+ * expects the certificates to be presented.
+ *
+ * PARAMETERS:
+ * "checker"
+ * The CertChainChecker that has been initialized to expect certificates
+ * in either the "forward" or "reverse" directions. Must be non-NULL.
+ * "pForwardDirectionExpected"
+ * Destination of the Boolean result. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_IsForwardDirectionExpected(
+ PKIX_CertChainChecker *checker,
+ PKIX_Boolean *pForwardDirectionExpected,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a List of OIDs (each OID corresponding to a
+ * certificate extension supported by the CertChainChecker pointed to by
+ * "checker") and stores it at "pExtensions". All certificate extensions that
+ * the CertChainChecker might possibly recognize and be able to process
+ * should be included in the List of supported extensions. If "checker" does
+ * not recognize or process any certificate extensions, this function stores
+ * NULL at "pExtensions".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "checker"
+ * Address of CertChainChecker whose supported extension OIDs are to be
+ * stored. Must be non-NULL.
+ * "pExtensions"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_GetSupportedExtensions(
+ PKIX_CertChainChecker *checker,
+ PKIX_List **pExtensions, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a PKIX_PL_Object representing the internal state
+ * (if any) of the CertChainChecker pointed to by "checker" and stores it at
+ * "pCertChainCheckerState".
+ *
+ * PARAMETERS:
+ * "checker"
+ * Address of CertChainChecker whose state is to be stored.
+ * Must be non-NULL.
+ * "pCertChainCheckerState"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_GetCertChainCheckerState(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Object **pCertChainCheckerState,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState
+ * DESCRIPTION:
+ *
+ * Sets the internal state of the CertChainChecker pointed to by "checker"
+ * using the Object pointed to by "certChainCheckerState". If "checker" needs
+ * a NULL internal state, "certChainCheckerState" should be set to NULL.
+ *
+ * PARAMETERS:
+ * "checker"
+ * Address of CertChainChecker whose state is to be set. Must be non-NULL.
+ * "certChainCheckerState"
+ * Address of Object representing internal state.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "checker"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CertChainChecker_SetCertChainCheckerState(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Object *certChainCheckerState,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CHECKER_H */
diff --git a/security/nss/lib/libpkix/include/pkix_crlsel.h b/security/nss/lib/libpkix/include/pkix_crlsel.h
new file mode 100755
index 000000000..491e72f43
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_crlsel.h
@@ -0,0 +1,759 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the PKIX_CRLSelector and the
+ * PKIX_ComCRLSelParams types.
+ *
+ */
+
+
+#ifndef _PKIX_CRLSEL_H
+#define _PKIX_CRLSEL_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_CRLSelector
+ *
+ * PKIX_CRLSelectors provide a standard way for the caller to select CRLs
+ * based on particular criteria. A CRLSelector is typically used by libpkix
+ * to retrieve CRLs from a CertStore during certificate chain validation or
+ * building. (see pkix_certstore.h) For example, the caller may wish to only
+ * select those CRLs that have a particular issuer or a particular value for a
+ * private CRL extension. The MatchCallback allows the caller to specify the
+ * custom matching logic to be used by a CRLSelector.
+
+ * By default, the MatchCallback is set to point to the default implementation
+ * provided by libpkix, which understands how to process the most common
+ * parameters. If the default implementation is used, the caller should set
+ * these common parameters using PKIX_CRLSelector_SetCommonCRLSelectorParams.
+ * Any common parameter that is not set is assumed to be disabled, which means
+ * the default MatchCallback implementation will select all CRLs without
+ * regard to that particular disabled parameter. For example, if the
+ * MaxCRLNumber parameter is not set, MatchCallback will not filter out any
+ * CRL based on its CRL number. As such, if no parameters are set, all are
+ * disabled and any CRL will match. If a parameter is disabled, its associated
+ * PKIX_ComCRLSelParams_Get* function returns a default value of NULL.
+ *
+ * If a custom implementation is desired, the default implementation can be
+ * overridden by calling PKIX_CRLSelector_SetMatchCallback. In this case, the
+ * CRLSelector can be initialized with a crlSelectorContext, which is where
+ * the caller can specify the desired parameters the caller wishes to match
+ * against. Note that this crlSelectorContext must be a PKIX_PL_Object,
+ * allowing it to be reference-counted and allowing it to provide the standard
+ * PKIX_PL_Object functions (Equals, Hashcode, ToString, Compare, Duplicate).
+ *
+ */
+
+/*
+ * FUNCTION: PKIX_CRLSelector_MatchCallback
+ * DESCRIPTION:
+ *
+ * This callback function determines whether the specified CRL pointed to by
+ * "crl" matches the criteria of the CRLSelector pointed to by "selector".
+ * If the CRL matches the CRLSelector's criteria, PKIX_TRUE is stored at
+ * "pMatch". Otherwise PKIX_FALSE is stored at "pMatch".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CRLSelector whose MatchCallback logic and parameters are
+ * to be used. Must be non-NULL.
+ * "crl"
+ * Address of CRL that is to be matched using "selector". Must be non-NULL.
+ * "pMatch"
+ * Address at which Boolean result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_CRLSelector_MatchCallback)(
+ PKIX_CRLSelector *selector,
+ PKIX_PL_CRL *crl,
+ PKIX_Boolean *pMatch,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CRLSelector_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CRLSelector using the Object pointed to by
+ * "crlSelectorContext" (if any) and stores it at "pSelector". As noted
+ * above, by default, the MatchCallback is set to point to the default
+ * implementation provided by libpkix, which understands how to process
+ * ComCRLSelParams. This is overridden if the MatchCallback pointed to by
+ * "callback" is not NULL, in which case the parameters are specified using
+ * the Object pointed to by "crlSelectorContext".
+ *
+ * PARAMETERS:
+ * "issue"
+ * crl issuer.
+ * "crlDpList"
+ * distribution points list
+ * "callback"
+ * The MatchCallback function to be used.
+ * "pSelector"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CRLSelector_Create(
+ PKIX_PL_Cert *issuer,
+ PKIX_List *crlDpList,
+ PKIX_PL_Date *date,
+ PKIX_CRLSelector **pSelector,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CRLSelector_GetMatchCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "selector's" Match callback function and puts it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "selector"
+ * The CRLSelector whose Match callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where Match callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CRLSelector_GetMatchCallback(
+ PKIX_CRLSelector *selector,
+ PKIX_CRLSelector_MatchCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CRLSelector_GetCRLSelectorContext
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a PKIX_PL_Object representing the context (if any)
+ * of the CRLSelector pointed to by "selector" and stores it at
+ * "pCRLSelectorContext".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CRLSelector whose context is to be stored. Must be non-NULL.
+ * "pCRLSelectorContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CRLSelector_GetCRLSelectorContext(
+ PKIX_CRLSelector *selector,
+ void **pCRLSelectorContext,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CRLSelector_GetCommonCRLSelectorParams
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ComCRLSelParams object that represent the common
+ * parameters of the CRLSelector pointed to by "selector" and stores it at
+ * "pCommonCRLSelectorParams". If there are no common parameters stored with
+ * the CRLSelector, this function stores NULL at "pCommonCRLSelectorParams".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CRLSelector whose ComCRLSelParams are to be stored.
+ * Must be non-NULL.
+ * "pCommonCRLSelectorParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CRLSelector_GetCommonCRLSelectorParams(
+ PKIX_CRLSelector *selector,
+ PKIX_ComCRLSelParams **pCommonCRLSelectorParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_CRLSelector_SetCommonCRLSelectorParams
+ * DESCRIPTION:
+ *
+ * Sets the common parameters for the CRLSelector pointed to by "selector"
+ * using the ComCRLSelParams pointed to by "commonCRLSelectorParams".
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CRLSelector whose common parameters are to be set.
+ * Must be non-NULL.
+ * "commonCRLSelectorParams"
+ * Address of ComCRLSelParams representing the common parameters.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "selector"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_CRLSelector_SetCommonCRLSelectorParams(
+ PKIX_CRLSelector *selector,
+ PKIX_ComCRLSelParams *commonCRLSelectorParams,
+ void *plContext);
+
+/* PKIX_ComCRLSelParams
+ *
+ * PKIX_ComCRLSelParams are X.509 parameters commonly used with CRLSelectors,
+ * especially determining which CRLs to retrieve from a CertStore.
+ * PKIX_ComCRLSelParams are typically used with those CRLSelectors that use
+ * the default implementation of MatchCallback, which understands how to
+ * process ComCRLSelParams.
+ */
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ComCRLSelParams object and stores it at "pParams".
+ *
+ * PARAMETERS:
+ * "pParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_Create(
+ PKIX_ComCRLSelParams **pParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetIssuerNames
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of X500Names (if any) representing the
+ * issuer names criterion that is set in the ComCRLSelParams pointed to by
+ * "params" and stores it at "pNames". In order to match against this
+ * criterion, a CRL's IssuerName must match at least one of the criterion's
+ * issuer names.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pNames", in which case all CRLs are considered to match.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose issuer names criterion (if any) is to
+ * be stored. Must be non-NULL.
+ * "pNames"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetIssuerNames(
+ PKIX_ComCRLSelParams *params,
+ PKIX_List **pNames, /* list of PKIX_PL_X500Name */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetIssuerNames
+ * DESCRIPTION:
+ *
+ * Sets the issuer names criterion of the ComCRLSelParams pointed to by
+ * "params" using a List of X500Names pointed to by "names". In order to match
+ * against this criterion, a CRL's IssuerName must match at least one of the
+ * criterion's issuer names.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParamsParams whose issuer names criterion is to be
+ * set. Must be non-NULL.
+ * "names"
+ * Address of List of X500Names used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetIssuerNames(
+ PKIX_ComCRLSelParams *params,
+ PKIX_List *names, /* list of PKIX_PL_X500Name */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_AddIssuerName
+ * DESCRIPTION:
+ *
+ * Adds to the issuer names criterion of the ComCRLSelParams pointed to by
+ * "params" using the X500Name pointed to by "name". In order to match
+ * against this criterion, a CRL's IssuerName must match at least one of the
+ * criterion's issuer names.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose issuer names criterion is to be added
+ * to. Must be non-NULL.
+ * "name"
+ * Address of X500Name to be added.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_AddIssuerName(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_X500Name *name,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetCertificateChecking
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Cert (if any) representing the certificate whose
+ * revocation status is being checked. This is not a criterion. It is simply
+ * optional information that may help a CertStore find relevant CRLs.
+ *
+ * If "params" does not have a certificate set, this function stores NULL at
+ * "pCert", in which case there is no optional information to provide.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose certificate being checked (if any) is
+ * to be stored. Must be non-NULL.
+ * "pCert"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetCertificateChecking(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Cert **pCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetCertificateChecking
+ * DESCRIPTION:
+ *
+ * Sets the ComCRLSelParams pointed to by "params" with the certificate
+ * (pointed to by "cert") whose revocation status is being checked. This is
+ * not a criterion. It is simply optional information that may help a
+ * CertStore find relevant CRLs.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose certificate being checked is to be
+ * set. Must be non-NULL.
+ * "cert"
+ * Address of Cert whose revocation status is being checked
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetCertificateChecking(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Cert *cert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetDateAndTime
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Date (if any) representing the dateAndTime
+ * criterion that is set in the ComCRLSelParams pointed to by "params" and
+ * stores it at "pDate". In order to match against this criterion, a CRL's
+ * thisUpdate component must be less than or equal to the criterion's
+ * dateAndTime and the CRL's nextUpdate component must be later than the
+ * criterion's dateAndTime. There is no match if the CRL does not contain a
+ * nextUpdate component.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pDate", in which case all CRLs are considered to match.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose dateAndTime criterion (if any) is to
+ * be stored. Must be non-NULL.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetDateAndTime(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetDateAndTime
+ * DESCRIPTION:
+ *
+ * Sets the dateAndTime criterion of the ComCRLSelParams pointed to by
+ * "params" using a Date pointed to by "date". In order to match against this
+ * criterion, a CRL's thisUpdate component must be less than or equal to the
+ * criterion's dateAndTime and the CRL's nextUpdate component must be later
+ * than the criterion's dateAndTime. There is no match if the CRL does not
+ * contain a nextUpdate component.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParamsParams whose dateAndTime criterion is to be
+ * set. Must be non-NULL.
+ * "date"
+ * Address of Date used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetDateAndTime(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Date *date,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetNISTPolicyEnabled
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Boolean representing the NIST CRL policy
+ * activation flag that is set in the ComCRLSelParams pointed to by "params"
+ * and stores it at "enabled". If enabled, a CRL must have nextUpdate field.
+ *
+ * Default value for this flag is TRUE.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose NIST CRL policy criterion is to
+ * be stored. Must be non-NULL.
+ * "pEnabled"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetNISTPolicyEnabled(
+ PKIX_ComCRLSelParams *params,
+ PKIX_Boolean *pEnabled,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetNISTPolicyEnabled
+ * DESCRIPTION:
+ *
+ * Sets the NIST crl policy criterion of the ComCRLSelParams pointed to by
+ * "params" using a "enabled" flag. In order to match against this
+ * criterion, a CRL's nextUpdate must be available and criterion's
+ * dataAndTime must be within thisUpdate and nextUpdate time period.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParamsParams whose NIST CRL policy criterion
+ * is to be set. Must be non-NULL.
+ * "enabled"
+ * Address of Bollean used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetNISTPolicyEnabled(
+ PKIX_ComCRLSelParams *params,
+ PKIX_Boolean enabled,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetMaxCRLNumber
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the BigInt (if any) representing the maxCRLNumber
+ * criterion that is set in the ComCRLSelParams pointed to by "params" and
+ * stores it at "pNumber". In order to match against this criterion, a CRL
+ * must have a CRL number extension whose value is less than or equal to the
+ * criterion's value.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pNumber", in which case all CRLs are considered to match.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose maxCRLNumber criterion (if any) is to
+ * be stored. Must be non-NULL.
+ * "pNumber"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetMaxCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt **pNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetMaxCRLNumber
+ * DESCRIPTION:
+ *
+ * Sets the maxCRLNumber criterion of the ComCRLSelParams pointed to by
+ * "params" using a BigInt pointed to by "number". In order to match against
+ * this criterion, a CRL must have a CRL number extension whose value is less
+ * than or equal to the criterion's value.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParamsParams whose maxCRLNumber criterion is to be
+ * set. Must be non-NULL.
+ * "number"
+ * Address of BigInt used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetMaxCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt *number,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetMinCRLNumber
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the BigInt (if any) representing the minCRLNumber
+ * criterion that is set in the ComCRLSelParams pointed to by "params" and
+ * stores it at "pNumber". In order to match against this criterion, a CRL
+ * must have a CRL number extension whose value is greater than or equal to
+ * the criterion's value.
+ *
+ * If "params" does not have this criterion set, this function stores NULL at
+ * "pNumber", in which case all CRLs are considered to match.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParams whose minCRLNumber criterion (if any) is to
+ * be stored. Must be non-NULL.
+ * "pNumber"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetMinCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt **pNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetMinCRLNumber
+ * DESCRIPTION:
+ *
+ * Sets the minCRLNumber criterion of the ComCRLSelParams pointed to by
+ * "params" using a BigInt pointed to by "number". In order to match against
+ * this criterion, a CRL must have a CRL number extension whose value is
+ * greater than or equal to the criterion's value.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParamsParams whose minCRLNumber criterion is to be
+ * set. Must be non-NULL.
+ * "number"
+ * Address of BigInt used to set the criterion
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetMinCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt *number,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetCrlDp
+ * DESCRIPTION:
+ *
+ * Sets crldp list that can be used to download a crls.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCRLSelParamsParams whose minCRLNumber criterion is to be
+ * set. Must be non-NULL.
+ * "crldpList"
+ * A list of CRLDPs. Can be an emptry list.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error*
+PKIX_ComCRLSelParams_SetCrlDp(
+ PKIX_ComCRLSelParams *params,
+ PKIX_List *crldpList,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CRLSEL_H */
diff --git a/security/nss/lib/libpkix/include/pkix_errorstrings.h b/security/nss/lib/libpkix/include/pkix_errorstrings.h
new file mode 100755
index 000000000..e7e898f60
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_errorstrings.h
@@ -0,0 +1,1099 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * This file is intended to be included after different definitions of
+ * PKIX_ERRORENTRY. It is included in pkixt.h to define a number for each error
+ * by defining PKIX_ERRORENTRY(x,y) as PKIX_ ## x and then listing thim within
+ * an enum. It is included in pkix_error.c to define an array of error strings
+ * by defining PKIX_ERRORENTRY(x,y) #y and then listing thim within an array
+ * const char * const PKIX_ErrorText[]
+ */
+/* ALLOCERROR should always be the first */
+PKIX_ERRORENTRY(ALLOCERROR,Allocation Error,SEC_ERROR_NO_MEMORY),
+PKIX_ERRORENTRY(ADDHEADERFUNCTIONNOTSUPPORTED,AddHeader function not supported,0),
+PKIX_ERRORENTRY(ADDTOVERIFYLOGFAILED,pkix_AddToVerifyLog failed,0),
+PKIX_ERRORENTRY(AIAMGRCREATEFAILED,PKIX_PL_AIAMgr_Create failed,0),
+PKIX_ERRORENTRY(AIAMGRFINDLDAPCLIENTFAILED,pkix_pl_AiaMgr_FindLDAPClient failed,0),
+PKIX_ERRORENTRY(AIAMGRGETAIACERTSFAILED,PKIX_PL_AIAMgr_GetAIACerts failed,SEC_ERROR_UNKNOWN_ISSUER),
+PKIX_ERRORENTRY(AIAMGRGETHTTPCERTSFAILED,pkix_pl_AIAMgr_GetHTTPCerts failed,0),
+PKIX_ERRORENTRY(AIAMGRGETLDAPCERTSFAILED,pkix_pl_AIAMgr_GetLDAPCerts failed,0),
+PKIX_ERRORENTRY(ALGORITHMBYTESLENGTH0,Algorithm bytes length is 0,0),
+PKIX_ERRORENTRY(ALLOCATENEWCERTGENERALNAMEFAILED,Allocate new CERTGeneralName failed,0),
+PKIX_ERRORENTRY(AMBIGUOUSPARENTAGEOFVERIFYNODE,Ambiguous parentage of VerifyNode,0),
+PKIX_ERRORENTRY(ANCHORDIDNOTCHAINTOCERT,Anchor did not chain to Cert,SEC_ERROR_UNKNOWN_ISSUER),
+PKIX_ERRORENTRY(ANCHORDIDNOTPASSCERTSELECTORCRITERIA,Anchor did not pass CertSelector criteria,0),
+PKIX_ERRORENTRY(APPENDLISTFAILED,pkix_pl_AppendList failed,0),
+PKIX_ERRORENTRY(ARGUMENTNOTSTRING,Argument is not a String,0),
+PKIX_ERRORENTRY(ARGUMENTSNOTBIGINTS,Arguments are not BigInts,0),
+PKIX_ERRORENTRY(ARGUMENTSNOTBYTEARRAYS,Arguments are not Byte Arrays,0),
+PKIX_ERRORENTRY(ARGUMENTSNOTDATES,Arguments are not Dates,0),
+PKIX_ERRORENTRY(ARGUMENTSNOTOIDS,Arguments are not OIDs,0),
+PKIX_ERRORENTRY(ATTEMPTTOADDDUPLICATEKEY,Attempt to add duplicate key,0),
+PKIX_ERRORENTRY(ATTEMPTTODECODEANINCOMPLETERESPONSE,Attempt to decode an incomplete response,SEC_ERROR_BAD_DER),
+PKIX_ERRORENTRY(ATTEMPTTODECREFALLOCERROR,Attempt to DecRef Alloc Error,0),
+PKIX_ERRORENTRY(ATTEMPTTOINCREFALLOCERROR,Attempt to IncRef Alloc Error,0),
+PKIX_ERRORENTRY(BADHTTPRESPONSE,Bad Http Response,SEC_ERROR_BAD_HTTP_RESPONSE),
+PKIX_ERRORENTRY(BASICCONSTRAINTSCHECKERINITIALIZEFAILED,pkix_BasicConstraintsChecker_Initialize failed,0),
+PKIX_ERRORENTRY(BASICCONSTRAINTSCHECKERSTATECREATEFAILED,PKIX_BasicConstraintsCheckerState_Create failed,0),
+PKIX_ERRORENTRY(BASICCONSTRAINTSGETCAFLAGFAILED,PKIX_PL_BasicConstraints_GetCAFlag failed,0),
+PKIX_ERRORENTRY(BASICCONSTRAINTSGETPATHLENCONSTRAINTFAILED,PKIX_PL_BasicConstraints_GetPathLenConstraint failed,0),
+PKIX_ERRORENTRY(BASICCONSTRAINTSVALIDATIONFAILEDCA,PKIX_BasicConstraints validation failed: CA Flag not set,SEC_ERROR_CA_CERT_INVALID),
+PKIX_ERRORENTRY(BASICCONSTRAINTSVALIDATIONFAILEDLN,PKIX_BasicConstraints validation failed: maximum length mismatch,SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID),
+PKIX_ERRORENTRY(BIGINTCOMPARATORFAILED,pkix_pl_BigInt_Comparator failed,0),
+PKIX_ERRORENTRY(BIGINTCREATEWITHBYTESFAILED,pkix_pl_BigInt_CreateWithBytes failed,0),
+PKIX_ERRORENTRY(BIGINTEQUALSFAILED,PKIX_PL_BigInt_Equals failed,0),
+PKIX_ERRORENTRY(BIGINTLENGTH0INVALID,BigInt length 0 is invalid,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(BIGINTTOSTRINGFAILED,pkix_pl_BigInt_ToString failed,0),
+PKIX_ERRORENTRY(BIGINTTOSTRINGHELPERFAILED,PKIX_PL_BigInt_ToString_Helper failed,0),
+PKIX_ERRORENTRY(BINDREJECTEDBYSERVER,BIND rejected by server,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(BUILDANDVALIDATECHAINFAILED,Failed to build and validate a chain,0),
+PKIX_ERRORENTRY(BUILDBUILDSELECTORANDPARAMSFAILED,pkix_Build_BuildSelectorAndParams failed,0),
+PKIX_ERRORENTRY(BUILDCOMBINEWITHTRUSTFAILED,pkix_Build_CombineWithTrust failed,0),
+PKIX_ERRORENTRY(BUILDFORWARDDEPTHFIRSTSEARCHFAILED,pkix_BuildForwardDepthFirstSearch failed,0),
+PKIX_ERRORENTRY(BUILDGATHERCERTSFAILED,pkix_Build_GatherCerts failed,0),
+PKIX_ERRORENTRY(BUILDGETRESOURCELIMITSFAILED,pkix_Build_GetResourceLimits failed,0),
+PKIX_ERRORENTRY(BUILDINITIATEBUILDCHAINFAILED,pkix_Build_InitiateBuildChain failed,0),
+PKIX_ERRORENTRY(BUILDRESULTCREATEFAILED,pkix_BuildResult_Create failed,0),
+PKIX_ERRORENTRY(BUILDRESULTGETCERTCHAINFAILED,PKIX_BuildResult_GetCertChain failed,0),
+PKIX_ERRORENTRY(BUILDRESULTGETVALIDATERESULTFAILED,PKIX_BuildResult_GetValidateResult failed,0),
+PKIX_ERRORENTRY(BUILDREVCHECKPREPFAILED,pkix_Build_RevCheckPrep failed,0),
+PKIX_ERRORENTRY(BUILDSORTCANDIDATECERTSFAILED,pkix_Build_SortCandidateCerts failed,0),
+PKIX_ERRORENTRY(BUILDSTATECREATEFAILED,pkix_BuildState_Create failed,0),
+PKIX_ERRORENTRY(BUILDTRYSHORTCUTFAILED,pkix_Build_TryShortcut failed,0),
+PKIX_ERRORENTRY(BUILDUPDATEDATEFAILED,pkix_Build_UpdateDate failed,0),
+PKIX_ERRORENTRY(BUILDVALIDATEENTIRECHAINFAILED,pkix_Build_ValidateEntireChain failed,0),
+PKIX_ERRORENTRY(BUILDVALIDATIONCHECKERSFAILED,pkix_Build_ValidationCheckers failed,0),
+PKIX_ERRORENTRY(BUILDVERIFYCERTIFICATEFAILED,pkix_Build_VerifyCertificate failed,0),
+PKIX_ERRORENTRY(BYTEARRAYCOMPARATORFAILED,pkix_pl_ByteArray_Comparator failed,0),
+PKIX_ERRORENTRY(BYTEARRAYCREATEFAILED,PKIX_PL_ByteArray_Create failed,0),
+PKIX_ERRORENTRY(BYTEARRAYEQUALSFAILED,PKIX_PL_ByteArray_Equals failed,0),
+PKIX_ERRORENTRY(BYTEARRAYGETLENGTHFAILED,PKIX_PL_ByteArray_GetLength failed,0),
+PKIX_ERRORENTRY(BYTEARRAYGETPOINTERFAILED,PKIX_PL_ByteArray_GetPointer failed,0),
+PKIX_ERRORENTRY(BYTEARRAYTOHEXSTRINGFAILED,pkix_pl_ByteArray_ToHexString failed,0),
+PKIX_ERRORENTRY(BYTEARRAYTOSTRINGFAILED,PKIX_PL_ByteArray_ToString failed,0),
+PKIX_ERRORENTRY(CACHECERTADDFAILED,pkix_CacheCert_Add failed,0),
+PKIX_ERRORENTRY(CACHECERTCHAINADDFAILED,pkix_CacheCertChain_Add failed,0),
+PKIX_ERRORENTRY(CACHECERTCHAINLOOKUPFAILED,pkix_CacheCertChain_Lookup failed,0),
+PKIX_ERRORENTRY(CACHECERTCHAINREMOVEFAILED,pkix_CacheCertChain_Remove failed,0),
+PKIX_ERRORENTRY(CACHECRLENTRYADDFAILED,pkix_CacheCrlEntry_Add failed,0),
+PKIX_ERRORENTRY(CACHECRLENTRYLOOKUPFAILED,pkix_CacheCrlEntry_Lookup failed,0),
+PKIX_ERRORENTRY(CALLOCFAILED,PKIX_PL_Calloc failed,0),
+PKIX_ERRORENTRY(CANNOTAQUIRECRLDER,Failed to get DER CRL,0),
+PKIX_ERRORENTRY(CANNOTCONVERTCERTUSAGETOPKIXKEYANDEKUSAGES, Fail to convert certificate usage to pkix KU and EKU,0),
+PKIX_ERRORENTRY(CANNOTOPENCOLLECTIONCERTSTORECONTEXTDIRECTORY,Cannot open CollectionCertStoreContext directory,0),
+PKIX_ERRORENTRY(CANTCREATESTRING,Cannot create PKIX_PL_String,0),
+PKIX_ERRORENTRY(CANTDECODEBINDRESPONSEFROMSERVER,Cannot decode BIND response from server,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(CANTDECODESEARCHRESPONSEFROMSERVER,Cannot decode SEARCH response from server,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(CANTENABLEREVOCATIONWITHOUTCERTSTORE,Cannot enable Revocation without CertStore,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(CANTLOADLIBSMIME,Cannot load smime3 library,0),
+PKIX_ERRORENTRY(CANTREREGISTERSYSTEMTYPE,Cannot reregister system type,0),
+PKIX_ERRORENTRY(CERTARECERTPOLICIESCRITICALFAILED,PKIX_PL_Cert_AreCertPoliciesCritical failed,0),
+PKIX_ERRORENTRY(CERTBASICCONSTRAINTSCREATEFAILED,pkix_pl_CertBasicConstraints_Create failed,0),
+PKIX_ERRORENTRY(CERTBASICCONSTRAINTSTOSTRINGFAILED,PKIX_PL_CertBasicConstraints_ToString failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERCHECKCALLBACKFAILED,PKIX_CertChainChecker_CheckCallback failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERCHECKFAILED,PKIX_CertChainChecker_Check failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERCREATEFAILED,PKIX_CertChainChecker_Create failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED,PKIX_CertChainChecker_GetCertChainCheckerState failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERGETCHECKCALLBACKFAILED,PKIX_CertChainChecker_GetCheckCallback failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERGETSUPPORTEDEXTENSIONSFAILED,PKIX_CertChainChecker_GetSupportedExtensions failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERISFORWARDCHECKINGSUPPORTEDFAILED,PKIX_CertChainChecker_IsForwardCheckingSupported failed,0),
+PKIX_ERRORENTRY(CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED,PKIX_CertChainChecker_SetCertChainCheckerState failed,0),
+PKIX_ERRORENTRY(CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION,CertChain fails Certificate Policy validation,SEC_ERROR_POLICY_VALIDATION_FAILED),
+PKIX_ERRORENTRY(CERTCHAINTONSSCHAINFAILED,Fail to convert pkix cert chain to nss cert chain,0),
+PKIX_ERRORENTRY(CERTCHAINTOPKIXCERTLISTFAILED,Failed to convert nss cert chain to pkix cert chain,0),
+PKIX_ERRORENTRY(CERTCHECKCERTTYPEFAILED,Check cert type failed,SEC_ERROR_INADEQUATE_CERT_TYPE),
+PKIX_ERRORENTRY(CERTCHECKCERTVALIDTIMESFAILED,CERT_CheckCertValidTimes failed,SEC_ERROR_EXPIRED_CERTIFICATE),
+PKIX_ERRORENTRY(CERTCHECKCRLFAILED,Fail to get crl cache issued by cert,0),
+PKIX_ERRORENTRY(CERTCHECKEXTENDEDKEYUSAGEFAILED,pkix_pl_Cert_CheckExtendedKeyUsage failed,0),
+PKIX_ERRORENTRY(CERTCHECKKEYUSAGEFAILED,CERT_CheckKeyUsage failed,SEC_ERROR_INADEQUATE_KEY_USAGE),
+PKIX_ERRORENTRY(CERTCHECKNAMECONSTRAINTSFAILED,PKIX_PL_Cert_CheckNameConstraints failed,0),
+PKIX_ERRORENTRY(CERTCHECKVALIDITYFAILED,PKIX_PL_Cert_CheckValidity failed,0),
+PKIX_ERRORENTRY(CERTCOMPLETECRLDECODEDENTRIESFAILED,CERT_CompleteCRLDecodedEntries failed,0),
+PKIX_ERRORENTRY(CERTCOPYNAMECONSTRAINTFAILED,CERT_CopyNameConstraint failed,0),
+PKIX_ERRORENTRY(CERTCOPYNAMEFAILED,CERT_CopyName failed,0),
+PKIX_ERRORENTRY(CERTCREATEFAILED,PKIX_PL_Cert_Create failed,0),
+PKIX_ERRORENTRY(CERTCREATEGENERALNAMELISTFAILED,CERT_CreateGeneralNameList failed,0),
+PKIX_ERRORENTRY(CERTCREATETOLISTFAILED,pkix_pl_Cert_CreateToList failed,0),
+PKIX_ERRORENTRY(CERTCREATEWITHNSSCERTFAILED,pkix_pl_Cert_CreateWithNSSCert failed,0),
+PKIX_ERRORENTRY(CERTDECODEALTNAMEEXTENSIONFAILED,CERT_DecodeAltNameExtension failed,0),
+PKIX_ERRORENTRY(CERTDECODECERTIFICATEPOLICIESEXTENSIONFAILED,CERT_DecodeCertificatePoliciesExtension failed,0),
+PKIX_ERRORENTRY(CERTDECODEDERCERTIFICATEFAILED,CERT_DecodeDERCertificate failed,0),
+PKIX_ERRORENTRY(CERTDECODEDERCRLFAILED,CERT_DecodeDERCrl failed,0),
+PKIX_ERRORENTRY(CERTDECODEINHIBITANYEXTENSIONFAILED,CERT_DecodeInhibitAnyExtension failed,0),
+PKIX_ERRORENTRY(CERTDECODEINHIBITANYPOLICYFAILED,pkix_pl_Cert_DecodeInhibitAnyPolicy failed,0),
+PKIX_ERRORENTRY(CERTDECODEOIDSEQUENCEFAILED,CERT_DecodeOidSequence failed,0),
+PKIX_ERRORENTRY(CERTDECODEPOLICYCONSTRAINTSEXTENSIONFAILED,CERT_DecodePolicyConstraintsExtension failed,0),
+PKIX_ERRORENTRY(CERTDECODEPOLICYCONSTRAINTSFAILED,pkix_pl_Cert_DecodePolicyConstraints failed,0),
+PKIX_ERRORENTRY(CERTDECODEPOLICYINFOFAILED,pkix_pl_Cert_DecodePolicyInfo failed,0),
+PKIX_ERRORENTRY(CERTDECODEPOLICYMAPPINGFAILED,pkix_pl_Cert_DecodePolicyMapping failed,0),
+PKIX_ERRORENTRY(CERTDECODEPOLICYMAPPINGSEXTENSIONFAILED,CERT_DecodePolicyMappingsExtension failed,0),
+PKIX_ERRORENTRY(CERTEQUALSFAILED,pkix_pl_Cert_Equals failed,0),
+PKIX_ERRORENTRY(CERTFAILEDNAMECONSTRAINTSCHECKING,Cert failed NameConstraints checking,SEC_ERROR_CERT_NOT_IN_NAME_SPACE),
+PKIX_ERRORENTRY(CERTGETALLSUBJECTNAMESFAILED,PKIX_PL_Cert_GetAllSubjectNames failed,0),
+PKIX_ERRORENTRY(CERTGETAUTHORITYINFOACCESSFAILED,PKIX_PL_Cert_GetAuthorityInfoAccess failed,0),
+PKIX_ERRORENTRY(CERTGETAUTHORITYKEYIDENTIFIERFAILED,PKIX_PL_Cert_GetAuthorityKeyIdentifier failed,0),
+PKIX_ERRORENTRY(CERTGETBASICCONSTRAINTFAILED,PKIX_PL_Cert_GetBasicConstraint failed,0),
+PKIX_ERRORENTRY(CERTGETBASICCONSTRAINTSFAILED,PKIX_PL_Cert_GetBasicConstraints failed,0),
+PKIX_ERRORENTRY(CERTGETCACHEFLAGFAILED,PKIX_Cert_GetCacheFlag failed,0),
+PKIX_ERRORENTRY(CERTGETCERTCERTIFICATEFAILED,PKIX_PL_Cert_GetCERTCertificate failed,0),
+PKIX_ERRORENTRY(CERTGETCRITICALEXTENSIONOIDSFAILED,PKIX_PL_Cert_GetCriticalExtensionOIDs failed,0),
+PKIX_ERRORENTRY(CERTGETCRLDPFAILED,Failed to get cert crldp extension, 0),
+PKIX_ERRORENTRY(CERTGETEXTENDEDKEYUSAGEFAILED,PKIX_PL_Cert_GetExtendedKeyUsage failed,0),
+PKIX_ERRORENTRY(CERTGETINHIBITANYPOLICYFAILED,PKIX_PL_Cert_GetInhibitAnyPolicy failed,0),
+PKIX_ERRORENTRY(CERTGETISSUERFAILED,PKIX_PL_Cert_GetIssuer failed,0),
+PKIX_ERRORENTRY(CERTGETNAMECONSTRAINTSFAILED,PKIX_PL_CertGetNameConstraints failed,0),
+PKIX_ERRORENTRY(CERTGETNSSSUBJECTALTNAMESFAILED,pkix_pl_Cert_GetNssSubjectAltNames failed,0),
+PKIX_ERRORENTRY(CERTGETPOLICYINFORMATIONFAILED,PKIX_PL_Cert_GetPolicyInformation failed,0),
+PKIX_ERRORENTRY(CERTGETPOLICYMAPPINGINHIBITEDFAILED,PKIX_PL_Cert_GetPolicyMappingInhibited failed,0),
+PKIX_ERRORENTRY(CERTGETPOLICYMAPPINGSFAILED,PKIX_PL_Cert_GetPolicyMappings failed,0),
+PKIX_ERRORENTRY(CERTGETREQUIREEXPLICITPOLICYFAILED,PKIX_PL_Cert_GetRequireExplicitPolicy failed,0),
+PKIX_ERRORENTRY(CERTGETSERIALNUMBERFAILED,PKIX_PL_Cert_GetSerialNumber failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJALTNAMESFAILED,PKIX_PL_Cert_GetSubjAltNames failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJECTALTNAMESFAILED,PKIX_PL_Cert_GetSubjectAltNames failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJECTFAILED,PKIX_PL_Cert_GetSubject failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJECTINFOACCESSFAILED,PKIX_PL_Cert_GetSubjectInfoAccess failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJECTKEYIDENTIFIERFAILED,PKIX_PL_Cert_GetSubjectKeyIdentifier failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJECTPUBLICKEYALGIDFAILED,PKIX_PL_Cert_GetSubjectPublicKeyAlgId failed,0),
+PKIX_ERRORENTRY(CERTGETSUBJECTPUBLICKEYFAILED,PKIX_PL_Cert_GetSubjectPublicKey failed,0),
+PKIX_ERRORENTRY(CERTGETVALIDITYNOTAFTERFAILED,PKIX_PL_Cert_GetValidityNotAfter failed,0),
+PKIX_ERRORENTRY(CERTGETVERSIONFAILED,PKIX_PL_Cert_GetVersion failed,0),
+PKIX_ERRORENTRY(CERTHASHCODEFAILED,PKIX_PL_Cert_Hashcode failed,0),
+PKIX_ERRORENTRY(CERTIFICATEDOESNTHAVEVALIDCRL,Certificate does not have a valid CRL,SEC_ERROR_CRL_NOT_FOUND),
+PKIX_ERRORENTRY(CERTIFICATEREVOKED,Certificate is revoked,SEC_ERROR_REVOKED_CERTIFICATE),
+PKIX_ERRORENTRY(CERTIMPORTCERTIFICATEFUNCTIONFAILED,CERTImportCertificate function failed,0),
+PKIX_ERRORENTRY(CERTISCERTTRUSTEDFAILED,PKIX_PL_Cert_IsCertTrusted failed,SEC_ERROR_UNTRUSTED_CERT),
+PKIX_ERRORENTRY(CERTISEXTENSIONCRITICALFAILED,pkix_pl_Cert_IsExtensionCritical failed,0),
+PKIX_ERRORENTRY(CERTMERGENAMECONSTRAINTSFAILED,PKIX_PL_Cert_MergeNameConstraints failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCHECKNAMEINNAMESPACEFAILED,PKIX_PL_CertNameConstraints_CheckNameInNameSpace failed,SEC_ERROR_CERT_NOT_IN_NAME_SPACE),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCHECKNAMESINNAMESPACEFAILED,PKIX_PL_CertNameConstraints_CheckNamesInNameSpace failed,SEC_ERROR_CERT_NOT_IN_NAME_SPACE),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCHECKNAMESPACENSSNAMESFAILED,pkix_pl_CertNameConstraints_CheckNameSpaceNssNames failed,SEC_ERROR_CERT_NOT_IN_NAME_SPACE),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED,pkix_pl_CertNameConstraints_CopyNssNameConstraints failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCREATEBYMERGEFAILED,pkix_pl_CertNameConstraints_CreateByMerge failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCREATEFAILED,pkix_pl_CertNameConstraints_Create failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSCREATEHELPERFAILED,pkix_pl_CertNameConstraints_Create_Helper failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSGETEXCLUDEDFAILED,pkix_pl_CertNameConstraints_GetExcluded failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSGETPERMITTEDFAILED,pkix_pl_CertNameConstraints_GetPermitted failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSMERGEFAILED,pkix_pl_CertNameConstraints_Merge failed,0),
+PKIX_ERRORENTRY(CERTNAMECONSTRAINTSTOSTRINGHELPERFAILED,pkix_pl_CertNameConstraints_ToString_Helper failed,0),
+PKIX_ERRORENTRY(CERTNAMETOASCIIFAILED,CERT_NameToAscii failed,0),
+PKIX_ERRORENTRY(CERTNOTALLOWEDTOSIGNCERTIFICATES,Cert not allowed to sign certificates,SEC_ERROR_CA_CERT_INVALID),
+PKIX_ERRORENTRY(CERTPOLICYINFOCREATEFAILED,pkix_pl_CertPolicyInfo_Create failed,0),
+PKIX_ERRORENTRY(CERTPOLICYINFOGETPOLICYIDFAILED,PKIX_PL_CertPolicyInfo_GetPolicyId failed,0),
+PKIX_ERRORENTRY(CERTPOLICYINFOGETPOLQUALIFIERSFAILED,PKIX_PL_CertPolicyInfo_GetPolQualifiers failed,0),
+PKIX_ERRORENTRY(CERTPOLICYMAPCREATEFAILED,pkix_pl_CertPolicyMap_Create failed,0),
+PKIX_ERRORENTRY(CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED,PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy failed,0),
+PKIX_ERRORENTRY(CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED,PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy failed,0),
+PKIX_ERRORENTRY(CERTPOLICYQUALIFIERCREATEFAILED,pkix_pl_CertPolicyQualifier_Create failed,0),
+PKIX_ERRORENTRY(CERTREJECTEDBYREVOCATIONCHECKER,Cert rejected by revocation checker,0),
+PKIX_ERRORENTRY(CERTSELECTORCHECKFAILED,Validation failed: CertSelector check failed,0),
+PKIX_ERRORENTRY(CERTSELECTORCREATEFAILED,PKIX_CertSelector_Create failed,0),
+PKIX_ERRORENTRY(CERTSELECTORFAILED,certSelector failed,0),
+PKIX_ERRORENTRY(CERTSELECTORGETCOMCERTSELPARAMSFAILED,PKIX_CertSelector_GetComCertSelParams failed,0),
+PKIX_ERRORENTRY(CERTSELECTORGETCOMMONCERTSELECTORPARAMFAILED,PKIX_CertSelector_GetCommonCertSelectorParam failed,0),
+PKIX_ERRORENTRY(CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED,PKIX_CertSelector_GetCommonCertSelectorParams failed,0),
+PKIX_ERRORENTRY(CERTSELECTORGETMATCHCALLBACKFAILED,PKIX_CertSelector_GetMatchCallback failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHAUTHKEYIDFAILED,pkix_CertSelector_Match_AuthKeyId failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHBASICCONSTRAINTFAILED,pkix_CertSelector_Match_BasicConstraint failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCALLBACKFAILED,PKIX_CertSelector_MatchCallback failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCERTIFICATEVALIDFAILED,pkix_CertSelector_Match_CertificateValid failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCERTISSUERFAILED,cert does not match issuer name,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCERTOBJECTFAILED,cert does not match cert object,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCERTSERIALNUMFAILED,cert does not match serial number,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCERTSUBJECTFAILED,cert does not match subject name,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHCERTVERSIONFAILED,cert does not match cert version,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHEXTENDEDKEYUSAGEFAILED,pkix_CertSelector_Match_ExtendedKeyUsage failed,SEC_ERROR_INADEQUATE_CERT_TYPE),
+PKIX_ERRORENTRY(CERTSELECTORMATCHFAILED,certSelectorMatch failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHKEYUSAGEFAILED,pkix_CertSelector_Match_KeyUsage failed,SEC_ERROR_INADEQUATE_KEY_USAGE),
+PKIX_ERRORENTRY(CERTSELECTORMATCHNAMECONSTRAINTSFAILED,pkix_CertSelector_Match_NameConstraints failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHPATHTONAMESFAILED,pkix_CertSelector_Match_PathToNames failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHPOLICIESFAILED,pkix_CertSelector_Match_Policies failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHSUBJALTNAMESFAILED,pkix_CertSelector_Match_SubjAltNames failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHSUBJKEYIDFAILED,pkix_CertSelector_Match_SubjKeyId failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHSUBJPKALGIDFAILED,pkix_CertSelector_Match_SubjPKAlgId failed,0),
+PKIX_ERRORENTRY(CERTSELECTORMATCHSUBJPUBKEYFAILED,pkix_CertSelector_Match_SubjPubKey failed,0),
+PKIX_ERRORENTRY(CERTSELECTORSELECTFAILED,pkix_CertSelector_Select failed,0),
+PKIX_ERRORENTRY(CERTSELECTORSETCOMMONCERTSELECTORPARAMSFAILED,PKIX_CertSelector_SetCommonCertSelectorParams failed,0),
+PKIX_ERRORENTRY(CERTSETASTRUSTANCHORFAILED, PKIX_PL_Cert_SetAsTrustAnchor failed, 0),
+PKIX_ERRORENTRY(CERTSETCACHEFLAGFAILED,PKIX_PL_Cert_SetCacheFlag failed,0),
+PKIX_ERRORENTRY(CERTSETTRUSTCERTSTOREFAILED,PKIX_PL_Cert_SetTrustCertStore failed,0),
+PKIX_ERRORENTRY(CERTSTORECERTCONTINUEFAILED,PKIX_CertStore_CertContinue failed,0),
+PKIX_ERRORENTRY(CERTSTORECERTCONTINUEFUNCTIONFAILED,PKIX_CertStore_CertContinueFunction failed,0),
+PKIX_ERRORENTRY(CERTSTORECREATEFAILED,PKIX_CertStore_Create failed,0),
+PKIX_ERRORENTRY(CERTSTORECRLCONTINUEFAILED,PKIX_CertStore_CrlContinue failed,0),
+PKIX_ERRORENTRY(CERTSTOREEQUALSFAILED,pkix_CertStore_Equals failed,0),
+PKIX_ERRORENTRY(CERTSTORECRLCHECKFAILED,Fail to check cert crl revocation,0),
+PKIX_ERRORENTRY(CERTSTOREGETCHECKREVBYCRLFAILED,Can not get revocation check function,0),
+PKIX_ERRORENTRY(CERTSTOREFAILTOIMPORTCRLLIST,Fail to import crls,0),
+PKIX_ERRORENTRY(CERTSTOREGETCERTCALLBACKFAILED,PKIX_CertStore_GetCertCallback failed,0),
+PKIX_ERRORENTRY(CERTSTOREGETCERTSTORECACHEFLAGFAILED,PKIX_CertStore_GetCertStoreCacheFlag failed,0),
+PKIX_ERRORENTRY(CERTSTOREGETCERTSTORECONTEXTFAILED,PKIX_CertStore_GetCertStoreContext failed,0),
+PKIX_ERRORENTRY(CERTSTOREGETCRLCALLBACKFAILED,PKIX_CertStore_GetCRLCallback failed,0),
+PKIX_ERRORENTRY(CERTSTOREGETLOCALFLAGFAILED,PKIX_CertStore_GetLocalFlag failed,0),
+PKIX_ERRORENTRY(CERTSTOREGETTRUSTCALLBACKFAILED,PKIX_CertStore_GetTrustCallback failed,0),
+PKIX_ERRORENTRY(CERTSTOREHASHCODEFAILED,pkix_CertStore_Hashcode failed,0),
+PKIX_ERRORENTRY(CERTTOSTRINGFAILED,PKIX_PL_Cert_ToString failed,0),
+PKIX_ERRORENTRY(CERTTOSTRINGHELPERFAILED,pkix_pl_Cert_ToString_Helper failed,0),
+PKIX_ERRORENTRY(CERTVERIFYCERTTYPEFAILED,PKIX_PL_Cert_VerifyCertAndKeyType failed,0),
+PKIX_ERRORENTRY(CERTVERIFYKEYUSAGEFAILED,PKIX_PL_Cert_VerifyKeyUsage failed,0),
+PKIX_ERRORENTRY(CERTVERIFYSIGNATUREFAILED,PKIX_PL_Cert_VerifySignature failed,0),
+PKIX_ERRORENTRY(CHAINVERIFYCALLBACKFAILED,Chain rejected by Application Callback,SEC_ERROR_APPLICATION_CALLBACK_ERROR),
+PKIX_ERRORENTRY(CHECKCERTAGAINSTANCHORFAILED,pkix_CheckCertAgainstAnchor failed,0),
+PKIX_ERRORENTRY(CHECKCERTFAILED,pkix_CheckCert failed,0),
+PKIX_ERRORENTRY(CHECKCHAINFAILED,pkix_CheckChain failed,0),
+PKIX_ERRORENTRY(CHECKTRUSTCALLBACKFAILED,CheckTrustCallback failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTOREPOPULATECERTFAILED,pkix_pl_CollectionCertStoreContext_PopulateCert failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTOREPOPULATECRLFAILED,pkix_pl_CollectionCertStoreContext_PopulateCrl failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTORECONTEXTCREATECERTFAILED,pkix_pl_CollectionCertStoreContext_CreateCert failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTORECONTEXTCREATECRLFAILED,pkix_pl_CollectionCertStoreContext_CreateCRL failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTORECONTEXTGETSELECTCERTFAILED,pkix_pl_CollectionCertStoreContext_GetSelectCert failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTORECONTEXTGETSELECTCRLFAILED,pkix_pl_CollectionCertStoreContext_GetSelectCRL failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTORECONTEXTPOPULATECERTFAILED,pkix_pl_CollectionCertStoreContext_PopulateCert failed,0),
+PKIX_ERRORENTRY(COLLECTIONCERTSTORECONTEXTPOPULATECRLFAILED,pkix_pl_CollectionCertStoreContext_PopulateCRL failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSCREATEFAILED,PKIX_ComCertSelParams_Create failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETAUTHORITYKEYIDENTIFIERFAILED,PKIX_ComCertSelParams_GetAuthorityKeyIdentifier failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED,PKIX_ComCertSelParams_GetBasicConstraints failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETCERTIFICATEFAILED,PKIX_ComCertSelParams_GetCertificate failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETCERTIFICATEVALIDFAILED,PKIX_ComCertSelParams_GetCertificateValid failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED,PKIX_ComCertSelParams_GetExtendedKeyUsage failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETISSUERFAILED,PKIX_ComCertSelParams_GetIssuer failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETKEYUSAGEFAILED,PKIX_ComCertSelParams_GetKeyUsage failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETLEAFCERTFLAGFAILED,PKIX_ComCertSelParams_GetLeafCertFlag failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETMATCHALLSUBJALTNAMESFAILED,PKIX_ComCertSelParams_GetMatchAllSubjAltNames failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETNAMECONSTRAINTSFAILED,PKIX_ComCertSelParams_GetNameConstraints failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETPATHTONAMESFAILED,PKIX_ComCertSelParams_GetPathToNames failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETPOLICYFAILED,PKIX_ComCertSelParams_GetPolicy failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETSERIALNUMBERFAILED,PKIX_ComCertSelParams_GetSerialNumber failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETSUBJALTNAMESFAILED,PKIX_ComCertSelParams_GetSubjAltNames failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETSUBJECTFAILED,PKIX_ComCertSelParams_GetSubject failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETSUBJKEYIDENTIFIERFAILED,PKIX_ComCertSelParams_GetSubjKeyIdentifier failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETSUBJPKALGIDFAILED,PKIX_ComCertSelParams_GetSubjPKAlgId failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETSUBJPUBKEYFAILED,PKIX_ComCertSelParams_GetSubjPubKey failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSGETVERSIONFAILED,PKIX_ComCertSelParams_GetVersion failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETBASICCONSTRAINTSFAILED,PKIX_ComCertSelParams_SetBasicConstraints failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETCERTIFICATEFAILED,PKIX_ComCertSelParams_SetCertificate failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETCERTIFICATEVALIDFAILED,PKIX_ComCertSelParams_SetCertificateValid failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETEXTKEYUSAGEFAILED,PKIX_ComCertSelParams_SetExtendedKeyUsage failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETKEYUSAGEFAILED,PKIX_ComCertSelParams_SetKeyUsage failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETLEAFCERTFLAGFAILED,PKIX_ComCertSelParams_SetLeafCertFlag failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETNISTPOLICYENABLEDFAILED,PKIX_ComCertSelParams_SetNISTPolicyEnabled failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETPATHTONAMESFAILED,PKIX_ComCertSelParams_SetPathToNames failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETSUBJECTFAILED,PKIX_ComCertSelParams_SetSubject failed,0),
+PKIX_ERRORENTRY(COMCERTSELPARAMSSETSUBJKEYIDENTIFIERFAILED,PKIX_ComCertSelParams_SetSubjKeyIdentifier failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSADDISSUERNAMEFAILED,PKIX_ComCRLSelParams_AddIssuerName failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSCREATEFAILED,PKIX_ComCRLSelParams_Create failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSEQUALSFAILED,pkix_ComCRLSelParams_Equals failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSGETDATEANDTIMEFAILED,PKIX_ComCRLSelParams_GetDateAndTime failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSGETISSUERNAMESFAILED,PKIX_ComCRLSelParams_GetIssuerNames failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSGETMAXCRLNUMBERFAILED,PKIX_ComCRLSelParams_GetMaxCRLNumber failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSGETMINCRLNUMBERFAILED,PKIX_ComCRLSelParams_GetMinCRLNumber failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSGETNISTPOLICYENABLEDFAILED,PKIX_ComCRLSelParams_GetNISTPolicyEnabled failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSSETCERTFAILED,PKIX_ComCRLSelParams_SetCertificateChecking failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSSETDATEANDTIMEFAILED,PKIX_ComCRLSelParams_SetDateAndTime failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSTOSTRINGFAILED,pkix_ComCRLSelParams_ToString failed,0),
+PKIX_ERRORENTRY(COMCRLSELPARAMSTOSTRINGHELPERFAILED,pkix_ComCRLSelParams_ToString_Helper failed,0),
+PKIX_ERRORENTRY(COMPARATORCALLBACKFAILED,comparator callback failed,0),
+PKIX_ERRORENTRY(CONTENTTYPENOTPKCS7MIME,Content type is not application/pkcs7-mime,0),
+PKIX_ERRORENTRY(CONTENTTYPENOTPKIXCRL,Content type is not application/pkix-crl,SEC_ERROR_BAD_HTTP_RESPONSE),
+PKIX_ERRORENTRY(COULDNOTALLOCATEMEMORY,Could not allocate memory,0),
+PKIX_ERRORENTRY(COULDNOTALLOCATENEWSTRINGOBJECT,Could not allocate new string object,0),
+PKIX_ERRORENTRY(COULDNOTAPPENDCHILDTOPARENTSPOLICYNODELIST,Could not append child to parent PolicyNode list,0),
+PKIX_ERRORENTRY(COULDNOTAPPENDCHILDTOPARENTSVERIFYNODELIST,Could not append child to parent VerifyNode list,0),
+PKIX_ERRORENTRY(COULDNOTCREATEAIAMGROBJECT,Could not create AiaMgr object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEBASICCONSTRAINTSSTATEOBJECT,Could not create basic constraints state object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEBUILDPARAMSOBJECT,Could not create build params object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEBUILDRESULTOBJECT,Could not create build result object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTBASICCONSTRAINTSOBJECT,Could not create a CertBasicConstraints object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTCHAINCHECKEROBJECT,Could not create cert chain checker object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTNAMECONSTRAINTSOBJECT,Could not create CertNameConstraints object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTPOLICYINFOOBJECT,Could not create a CertPolicyInfo object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTPOLICYMAPOBJECT,Could not create a CertPolicyMap object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTPOLICYQUALIFIEROBJECT,Could not create a CertPolicyQualifier object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTSELECTOROBJECT,Could not create cert selector object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECERTSTOREOBJECT,Could not create CertStore object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT,Could not create CollectionCertStoreContext object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECOMMONCERTSELPARAMSOBJECT,Could not create common certsel params object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECOMMONCRLSELECTORPARAMSOBJECT,Could not create common crl selector params object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECRLENTRYOBJECT,Could not create CRLENTRY object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECRLOBJECT,Could not create CRL object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECRLSELECTOROBJECT,Could not create CRLSelector object,0),
+PKIX_ERRORENTRY(COULDNOTCREATECRLCHECKEROBJECT,Could not create CRLChecker object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEOCSPCHECKEROBJECT,Could not create OcspChecker object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEREVOCATIONMETHODOBJECT,Could not create RevocationMethod object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEDEFAULTREVOCATIONCHECKEROBJECT,Could not create DefaultRevocationChecker object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEEKUCHECKERSTATEOBJECT,Could not create EkuCheckerState object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEFORWARDBUILDERSTATEOBJECT,Could not create forwardBuilder state object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEHASHTABLEOBJECT,Could not create HashTable object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEHTTPDEFAULTCLIENTOBJECT,Could not create HttpDefaultClient object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEINFOACCESSOBJECT,Could not create InfoAccess object,0),
+PKIX_ERRORENTRY(COULDNOTCREATELDAPDEFAULTCLIENTOBJECT,Could not create LdapDefaultClient object,0),
+PKIX_ERRORENTRY(COULDNOTCREATELOCKOBJECT,Could not create lock object,0),
+PKIX_ERRORENTRY(COULDNOTCREATELOGGEROBJECT,Could not create Logger object,0),
+PKIX_ERRORENTRY(COULDNOTCREATENAMECONSTRAINTSCHECKERSTATEOBJECT,Could not create NameConstraintsCheckerState object,0),
+PKIX_ERRORENTRY(COULDNOTCREATENSSDN,Could not create NSS DN,0),
+PKIX_ERRORENTRY(COULDNOTCREATEOBJECT,Could not create object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEOBJECTSTORAGE,Could not create object storage,0),
+PKIX_ERRORENTRY(COULDNOTCREATEPOLICYCHECKERSTATEOBJECT,Could not create policyChecker state object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEPOLICYNODEOBJECT,Could not create a PolicyNode object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEPROCESSINGPARAMSOBJECT,Could not create processing params object,0),
+PKIX_ERRORENTRY(COULDNOTCREATERESOURCELIMITOBJECT,Could not create ResourceLimit object,0),
+PKIX_ERRORENTRY(COULDNOTCREATESIGNATURECHECKERSTATEOBJECT,Could not create SignatureCheckerState object,0),
+PKIX_ERRORENTRY(COULDNOTCREATESOCKETOBJECT,Could not create Socket object,0),
+PKIX_ERRORENTRY(COULDNOTCREATESTRING,Could not create string,0),
+PKIX_ERRORENTRY(COULDNOTCREATETARGETCERTCHECKERSTATEOBJECT,Could not create target cert checker state object,0),
+PKIX_ERRORENTRY(COULDNOTCREATETRUSTANCHOROBJECT,Could not create trust anchor object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEVALIDATEPARAMSOBJECT,Could not create validate params object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEVALIDATERESULTOBJECT,Could not create validate result object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEVERIFYNODEOBJECT,Could not create a VerifyNode object,0),
+PKIX_ERRORENTRY(COULDNOTCREATEX500NAMEOBJECT,Could not create X500Name object,0),
+PKIX_ERRORENTRY(COULDNOTGETFIRSTOBJECTTYPE,Could not get first object type,0),
+PKIX_ERRORENTRY(COULDNOTGETSECONDOBJECTTYPE,Could not get second object type,0),
+PKIX_ERRORENTRY(COULDNOTGETTYPEOFSECONDARGUMENT,Could not get type of second argument,0),
+PKIX_ERRORENTRY(COULDNOTLOOKUPINHASHTABLE,Could not lookup in hashtable,0),
+PKIX_ERRORENTRY(COULDNOTMALLOCNEWKEY,Could not malloc new key,0),
+PKIX_ERRORENTRY(COULDNOTTESTWHETHERKEYSEQUAL,Could not test whether keys are equal,0),
+PKIX_ERRORENTRY(CREATECERTFAILED,CreateCert failed,0),
+PKIX_ERRORENTRY(CREATECRLSELECTORDUPLICATEOBJECTFAILED,Create CRLSelector Duplicate Object failed,0),
+PKIX_ERRORENTRY(CREATEPROCESSINGPARAMSFAILED,Failed to create processing parameters,0),
+PKIX_ERRORENTRY(CRLCHECKERCREATEFAILED,pkix_CRLChecker_Create failed,0),
+PKIX_ERRORENTRY(CRLCHECKERINITIALIZEFAILED,pkix_CRLChecker_Initialize failed,0),
+PKIX_ERRORENTRY(CRLCHECKERNOLOCALCERTSTOREFOUND,No local cert store found, 0),
+PKIX_ERRORENTRY(CRLCHECKERSETSELECTORFAILED,pkix_CRLChecker_SetSelector failed,0),
+PKIX_ERRORENTRY(CRLCREATEFAILED,PKIX_PL_CRL_Create failed,0),
+PKIX_ERRORENTRY(CRLCREATETOLISTFAILED,pkix_pl_CRL_CreateToList failed,0),
+PKIX_ERRORENTRY(CRLCREATEWITHSIGNEDCRLFAILED,pkix_pl_CRL_CreateWithSignedCRL failed,0),
+PKIX_ERRORENTRY(CRLCRITICALEXTENSIONOIDSNOTPROCESSED,CRL Critical Extension OIDs not processed,0),
+PKIX_ERRORENTRY(CRLDPCREATEFAILED, Failed to create CRL DP,0),
+PKIX_ERRORENTRY(CRLENTRYCREATEFAILED,pkix_pl_CRLEntry_Create failed,0),
+PKIX_ERRORENTRY(CRLENTRYCRITICALEXTENSIONWASNOTPROCESSED,CRLEntry Critical Extension was not processed,0),
+PKIX_ERRORENTRY(CRLENTRYEXTENSIONSEQUALSFAILED,PKIX_PL_CRLEntry_Extensions_Equals failed,0),
+PKIX_ERRORENTRY(CRLENTRYEXTENSIONSHASHCODEFAILED,pkix_pl_CRLEntry_Extensions_Hashcode failed,0),
+PKIX_ERRORENTRY(CRLENTRYGETCRITICALEXTENSIONOIDSFAILED,PKIX_PL_CRLEntry_GetCriticalExtensionOIDs failed,0),
+PKIX_ERRORENTRY(CRLENTRYGETCRLENTRYREASONCODEFAILED,PKIX_PL_CRLEntry_GetCRLEntryReasonCode failed,0),
+PKIX_ERRORENTRY(CRLENTRYTOSTRINGHELPERFAILED,pkix_pl_CRLEntry_ToString_Helper failed,0),
+PKIX_ERRORENTRY(CRLGETCRITICALEXTENSIONOIDSFAILED,PKIX_PL_CRL_GetCriticalExtensionOIDs failed,0),
+PKIX_ERRORENTRY(CRLGETCRLENTRIESFAILED,pkix_pl_CRL_GetCRLEntries failed,0),
+PKIX_ERRORENTRY(CRLGETCRLENTRYFORSERIALNUMBERFAILED,PKIX_PL_CRL_GetCRLEntryForSerialNumber failed,0),
+PKIX_ERRORENTRY(CRLGETCRLNUMBERFAILED,PKIX_PL_CRL_GetCRLNumber failed,0),
+PKIX_ERRORENTRY(CRLGETISSUERFAILED,PKIX_PL_CRL_GetIssuer failed,0),
+PKIX_ERRORENTRY(CRLGETPARTITIONEDFLAGFAILED,PKIX_PL_CRL_IsPartitioned failed,0),
+PKIX_ERRORENTRY(CRLGETSIGNATUREALGIDFAILED,pkix_pl_CRL_GetSignatureAlgId failed,0),
+PKIX_ERRORENTRY(CRLGETVERSIONFAILED,pkix_pl_CRL_GetVersion failed,0),
+PKIX_ERRORENTRY(CRLISSUECERTEXPIRED,CRL issue cert has expired,0),
+PKIX_ERRORENTRY(CRLMAXNUMBERRANGEMATCHFAILED,CRL MaxNumber Range Match Failed,0),
+PKIX_ERRORENTRY(CRLSELECTORCREATEFAILED,PKIX_CRLSelector_Create failed,0),
+PKIX_ERRORENTRY(CRLSELECTORFAILED,crlSelector failed,0),
+PKIX_ERRORENTRY(CRLSELECTORGETCOMCERTSELPARAMSFAILED,PKIX_CRLSelector_GetComCertSelParams failed,0),
+PKIX_ERRORENTRY(CRLSELECTORGETMATCHCALLBACKFAILED,PKIX_CRLSelector_GetMatchCallback failed,0),
+PKIX_ERRORENTRY(CRLSELECTORMATCHCALLBACKFAILED,PKIX_CRLSelector_MatchCallback failed,0),
+PKIX_ERRORENTRY(CRLSELECTORMATCHFAILED,crlSelectorMatch failed,0),
+PKIX_ERRORENTRY(CRLSELECTORSELECTFAILED,pkix_CRLSelector_Select failed,0),
+PKIX_ERRORENTRY(CRLSELECTORSETCOMMONCRLSELECTORPARAMSFAILED,PKIX_CRLSelector_SetCommonCRLSelectorParams failed,0),
+PKIX_ERRORENTRY(CRLSELECTORTOSTRINGHELPERFAILED,pkix_CRLSelector_ToString_Helper failed,0),
+PKIX_ERRORENTRY(CRLTOSTRINGHELPERFAILED,pkix_pl_CRL_ToString_Helper failed,0),
+PKIX_ERRORENTRY(CRLVERIFYUPDATETIMEFAILED,pkix_pl_CRL_VerifyUpdateTime failed,0),
+PKIX_ERRORENTRY(DATECREATECURRENTOFFBYSECONDSFAILED,PKIX_PL_Date_Create_CurrentOffBySeconds failed,0),
+PKIX_ERRORENTRY(DATECREATEFROMPRTIMEFAILED,pkix_pl_Date_CreateFromPRTime failed,0),
+PKIX_ERRORENTRY(DATECREATEUTCTIMEFAILED,PKIX_PL_Date_Create_UTCTime failed,0),
+PKIX_ERRORENTRY(DATEDERTIMETOPRTIMEFAILED,Fail to convert encoded time to PRTime,0),
+PKIX_ERRORENTRY(DATEEQUALSFAILED,PKIX_PL_Date_Equals failed,0),
+PKIX_ERRORENTRY(DATEGETPRTIMEFAILED,pkix_pl_Date_GetPRTime failed,0),
+PKIX_ERRORENTRY(DATEHASHCODEFAILED,PKIX_PL_Date_Hashcode failed,0),
+PKIX_ERRORENTRY(DATETOSTRINGFAILED,PKIX_Date_ToString failed,0),
+PKIX_ERRORENTRY(DATETOSTRINGHELPERFAILED,pkix_pl_Date_ToString_Helper failed,0),
+PKIX_ERRORENTRY(DECIPHERONLYKEYUSAGENOTSUPPORTED,decipherOnly key usage not supported,0),
+PKIX_ERRORENTRY(DECODINGCERTNAMECONSTRAINTSFAILED,Decoding Cert NameConstraints failed,0),
+PKIX_ERRORENTRY(DEFAULTREVCHECKERCREATEFAILED,pkix_DefaultRevChecker_Create failed,0),
+PKIX_ERRORENTRY(DEFAULTREVCHECKERINITIALIZEFAILED,pkix_DefaultRevChecker_Initialize failed,0),
+PKIX_ERRORENTRY(DEPTHWOULDEXCEEDRESOURCELIMITS,Depth would exceed Resource Limits,SEC_ERROR_OUT_OF_SEARCH_LIMITS),
+PKIX_ERRORENTRY(DERASCIITOTIMEFAILED,DER_AsciiToTime failed,0),
+PKIX_ERRORENTRY(DERDECODETIMECHOICEFAILED,DER_DecodeTimeChoice failed,0),
+PKIX_ERRORENTRY(DERDECODETIMECHOICEFORLASTUPDATEFAILED,DER_DecodeTimeChoice for lastUpdate failed,0),
+PKIX_ERRORENTRY(DERDECODETIMECHOICEFORNEXTUPDATEFAILED,DER_DecodeTimeChoice for nextUpdate failed,0),
+PKIX_ERRORENTRY(DERENCODETIMECHOICEFAILED,DER_EncodeTimeChoice failed,0),
+PKIX_ERRORENTRY(DERGENERALIZEDDAYTOASCIIFAILED,DER_GeneralizedDayToAscii failed,0),
+PKIX_ERRORENTRY(DERTIMETOUTCTIMEFAILED,DER_TimeToUTCTime failed,0),
+PKIX_ERRORENTRY(DERUTCTIMETOASCIIFAILED,DER_UTCTimeToAscii failed,0),
+PKIX_ERRORENTRY(DESTROYSPKIFAILED,pkix_pl_DestroySPKI failed,0),
+PKIX_ERRORENTRY(DIRECTORYNAMECREATEFAILED,pkix_pl_DirectoryName_Create failed,0),
+PKIX_ERRORENTRY(DUPLICATEIMMUTABLEFAILED,pkix_duplicateImmutable failed,0),
+PKIX_ERRORENTRY(CANNOTSORTIMMUTABLELIST,pkix_List_BubbleSort can not sort immutable list,0),
+PKIX_ERRORENTRY(EKUCHECKERGETREQUIREDEKUFAILED,pkix_pl_EkuChecker_GetRequiredEku failed,0),
+PKIX_ERRORENTRY(EKUCHECKERINITIALIZEFAILED,PKIX_PL_EkuChecker_Initialize failed,0),
+PKIX_ERRORENTRY(EKUCHECKERSTATECREATEFAILED,pkix_pl_EkuCheckerState_Create failed,0),
+PKIX_ERRORENTRY(ENABLEREVOCATIONWITHOUTCERTSTORE,Enable Revocation without CertStore,0),
+PKIX_ERRORENTRY(ERRORALLOCATINGMONITORLOCK,Error Allocating MonitorLock,0),
+PKIX_ERRORENTRY(ERRORALLOCATINGRWLOCK,Error Allocating RWLock,0),
+PKIX_ERRORENTRY(ERRORCREATINGCHILDSTRING,Error creating child string,0),
+PKIX_ERRORENTRY(ERRORCREATINGFORMATSTRING,Error creating format string,0),
+PKIX_ERRORENTRY(ERRORCREATINGINDENTSTRING,Error creating indent string,0),
+PKIX_ERRORENTRY(ERRORCREATINGITEMSTRING,Error creating item string,0),
+PKIX_ERRORENTRY(ERRORCREATINGLISTITEM,Error Creating List Item,0),
+PKIX_ERRORENTRY(ERRORCREATINGSUBTREESTRING,Error creating subtree string,0),
+PKIX_ERRORENTRY(ERRORCREATINGTABLELOCK,Error creating table lock,0),
+PKIX_ERRORENTRY(ERRORFINDINGORPROCESSINGURI,Error finding or processing URI,0),
+PKIX_ERRORENTRY(ERRORGETTINGCAUSESTRING,Error getting cause string,0),
+PKIX_ERRORENTRY(ERRORGETTINGCLASSTABLEENTRY,Error getting class table entry,0),
+PKIX_ERRORENTRY(ERRORGETTINGHASHCODE,Error getting hashcode,0),
+PKIX_ERRORENTRY(ERRORGETTINGSECONDOBJECTTYPE,Error getting second object type,0),
+PKIX_ERRORENTRY(ERRORINBYTEARRAYHASHCODE,Error in PKIX_PL_ByteArray_Hashcode,0),
+PKIX_ERRORENTRY(ERRORINGETTINGDESTRUCTOR,Error in getting destructor,0),
+PKIX_ERRORENTRY(ERRORINHASH,Error in pkix_hash,0),
+PKIX_ERRORENTRY(ERRORINLISTHASHCODE,Error in PKIX_List_Hashcode,0),
+PKIX_ERRORENTRY(ERRORINOBJECTDEFINEDESTROY,Error in object-defined destroy callback,0),
+PKIX_ERRORENTRY(ERRORINOIDHASHCODE,Error in PKIX_PL_OID_Hashcode,0),
+PKIX_ERRORENTRY(ERRORINRECURSIVEEQUALSCALL,Error in recursive equals call,0),
+PKIX_ERRORENTRY(ERRORINSINGLEPOLICYNODETOSTRING,Error in pkix_SinglePolicyNode_ToString,0),
+PKIX_ERRORENTRY(ERRORINSINGLEVERIFYNODETOSTRING,Error in pkix_SingleVerifyNode_ToString,0),
+PKIX_ERRORENTRY(ERRORINSPRINTF,Error in PKIX_PL_Sprintf,0),
+PKIX_ERRORENTRY(ERRORINSTRINGCREATE,Error in PKIX_PL_String_Create,0),
+PKIX_ERRORENTRY(ERRORLOCKINGOBJECT,Error locking object,0),
+PKIX_ERRORENTRY(ERRORTOSTRINGFAILED,PKIX_Error_ToString failed,0),
+PKIX_ERRORENTRY(ERRORTRAVERSINGBUCKET,Error traversing bucket,0),
+PKIX_ERRORENTRY(ERRORUNLOCKINGMUTEX,Error unlocking mutex,0),
+PKIX_ERRORENTRY(ERRORUNLOCKINGOBJECT,Error unlocking object,0),
+PKIX_ERRORENTRY(ESCASCIITOUTF16FAILED,pkix_EscASCII_to_UTF16 failed,0),
+PKIX_ERRORENTRY(EXPIRATIONCHECKERINITIALIZEFAILED,pkix_ExpirationChecker_Initialize failed,0),
+PKIX_ERRORENTRY(EXTENDEDKEYUSAGECHECKINGFAILED,Extended Key Usage Checking failed,SEC_ERROR_INADEQUATE_CERT_TYPE),
+PKIX_ERRORENTRY(EXTENDEDKEYUSAGEUSEROBJECT,Extended Key Usage User Object,0),
+PKIX_ERRORENTRY(EXTRACTPARAMETERSFAILED,pkix_ExtractParameters failed,0),
+PKIX_ERRORENTRY(FAILEDINENCODINGSEARCHREQUEST,failed in encoding searchRequest,SEC_ERROR_FAILED_TO_ENCODE_DATA),
+PKIX_ERRORENTRY(FAILEDTODECODECRL, failed to decode CRL,SEC_ERROR_BAD_DER),
+PKIX_ERRORENTRY(FAILEDTOGETNSSTRUSTANCHORS,Failed to get nss trusted roots,0),
+PKIX_ERRORENTRY(FAILEDTOGETTRUST, failed to get trust from the cert,0),
+PKIX_ERRORENTRY(FAILTOREMOVEDPFROMLIST, failed to remove dp from the list,0),
+PKIX_ERRORENTRY(FAILTOSELECTCERTSFROMANCHORS,failed to select certs from anchors,0),
+PKIX_ERRORENTRY(FAILUREHASHINGCERT,Failure hashing Cert,0),
+PKIX_ERRORENTRY(FAILUREHASHINGERROR,Failure hashing Error,0),
+PKIX_ERRORENTRY(FAILUREHASHINGLISTEXPECTEDPOLICYSET,Failure hashing PKIX_List expectedPolicySet,0),
+PKIX_ERRORENTRY(FAILUREHASHINGLISTQUALIFIERSET,Failure hashing PKIX_List qualifierSet,0),
+PKIX_ERRORENTRY(FAILUREHASHINGOIDVALIDPOLICY,Failure hashing PKIX_PL_OID validPolicy,0),
+PKIX_ERRORENTRY(FANOUTEXCEEDSRESOURCELIMITS,Fanout exceeds Resource Limits,0),
+PKIX_ERRORENTRY(FETCHINGCACHEDCRLFAILED,Fetching Cached CRLfailed,0),
+PKIX_ERRORENTRY(FILLINPROCESSINGPARAMSFAILED,Fail to fill in parameters,0),
+PKIX_ERRORENTRY(FILLINRETURNRESULTSFAILED,Fail to fill in return results,0),
+PKIX_ERRORENTRY(FIRSTARGUMENTNOTBYTEARRAY,FirstObject is not a ByteArray,0),
+PKIX_ERRORENTRY(FIRSTARGUMENTNOTCERTBASICCONSTRAINTSOBJECT,First argument is not a CertBasicConstraints Object,0),
+PKIX_ERRORENTRY(FIRSTDOUBLEHEXMUSTNOTBE00,First DoubleHex MUST NOT be 00,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(FIRSTFIELDMUSTBEBETWEEN02,First field must be between 0-2,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(FIRSTOBJARGUMENTNOTANOCSPRESPONSE,FirstObject is not an OcspResponse,0),
+PKIX_ERRORENTRY(FIRSTOBJARGUMENTNOTLDAPREQUEST,FirstObject is not a LdapRequest,0),
+PKIX_ERRORENTRY(FIRSTOBJARGUMENTNOTLDAPRESPONSE,FirstObject is not a LdapResponse,0),
+PKIX_ERRORENTRY(FIRSTOBJARGUMENTNOTOCSPREQUEST,FirstObject is not a OcspRequest,0),
+PKIX_ERRORENTRY(FIRSTOBJECTARGUMENTNOTANX500NAME,FirstObject is not an X500Name,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTANERROROBJECT,FirstObject is not an Error object,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTBIGINT,FirstObject not a BigInt,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTBUILDPARAMS,FirstObject is not a BuildParams,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTBUILDRESULT,FirstObject is not a BuildResult,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCERT,FirstObject is not a Cert,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCERTBASICCONSTRAINTS,FirstObject is not a CertBasicConstraints,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCERTNAMECONSTRAINTS,FirstObject is not a CertNameConstraints,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCERTPOLICYINFO,FirstObject is not a CertPolicyInfo,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCERTPOLICYMAP,FirstObject is not a CertPolicyMap,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCERTPOLICYQUALIFIER,FirstObject is not a CertPolicyQualifier,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCOMCRLSELPARAMS,FirstObject is not a ComCRLSelParams,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCRL,FirstObject is not a CRL,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCRLENTRY,FirstObject is not a CRLEntry,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTCRLSELECTOR,FirstObject is not a CRLSelector,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTDATE,FirstObject is not a Date,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTERROR,FirstObject is not an Error,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTGENERALNAME,FirstObject is not a GeneralName,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTINFOACCESS,FirstObject is not a InfoAccess,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTLIST,FirstObject is not a List,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTLOGGER,FirstObject is not a Logger,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTPOLICYNODE,FirstObject is not a PolicyNode,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTPROCESSINGPARAMS,FirstObject is not a ProcessingParams,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTPUBLICKEY,FirstObject is not a PublicKey,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTRESOURCELIMITS,FirstObject is not a ResourceLimits,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTSTRING,FirstObject is not a String,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTTRUSTANCHOR,FirstObject is not a TrustAnchor,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTVALIDATEPARAMS,FirstObject is not a ValidateParams,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTVALIDATERESULT,FirstObject is not a ValidateResult,0),
+PKIX_ERRORENTRY(FIRSTOBJECTNOTVERIFYNODE,FirstObject is not a VerifyNode,0),
+PKIX_ERRORENTRY(FIRSTPUBKEYTYPENULLKEY,firstPubKeyType is nullKey,0),
+PKIX_ERRORENTRY(FUNCTIONMUSTNOTBEUSED,Function MUST not be used,SEC_ERROR_LIBPKIX_INTERNAL),
+PKIX_ERRORENTRY(FORWARDBUILDERSTATEDUMPSTATEFAILED,pkix_ForwardBuilderState_DumpState failed,0),
+PKIX_ERRORENTRY(FORWARDBUILDERSTATEISIOPENDINGFAILED,pkix_ForwardBuilderState_IsIOPending failed,0),
+PKIX_ERRORENTRY(FORWARDBUILDSTATECREATEFAILED,pkix_ForwardBuildState_Create failed,0),
+PKIX_ERRORENTRY(FREEFAILED,PKIX_PL_Free failed,0),
+PKIX_ERRORENTRY(GENERALNAMECREATEFAILED,pkix_pl_GeneralName_Create failed,0),
+PKIX_ERRORENTRY(GENERALNAMEGETNSSGENERALNAMEFAILED,pkix_pl_GeneralName_GetNssGeneralName failed,0),
+PKIX_ERRORENTRY(GENERALNAMESTRINGMISSINGDOUBLESLASH,GeneralName string missing double slash,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+PKIX_ERRORENTRY(GENERALNAMESTRINGMISSINGLOCATIONTYPE,GeneralName string missing location type,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+PKIX_ERRORENTRY(GENERALNAMESTRINGMISSINGSERVERSITE,GeneralName string missing server-site,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+PKIX_ERRORENTRY(GENERALNAMETOSTRINGFAILED,pkix_pl_GeneralName_ToString failed,0),
+PKIX_ERRORENTRY(GENERALNAMETOSTRINGHELPERFAILED,pkix_pl_GeneralName_ToString_Helper failed,0),
+PKIX_ERRORENTRY(GENERICCLIENTNOTANLDAPDEFAULTCLIENT,genericClient is not an LdapDefaultClient,0),
+PKIX_ERRORENTRY(GETATTRIBUTESCALLEDFORNONENTRYMESSAGE,GetAttributes called for non-Entry message,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(GETCERTSFAILED,getCerts failed,0),
+PKIX_ERRORENTRY(GETCRITICALEXTENSIONOIDSFAILED,pkix_GetCriticalExtensionOIDs failed,0),
+PKIX_ERRORENTRY(GETCRLSFAILED,getCrls failed,0),
+PKIX_ERRORENTRY(GETOIDTOKENFAILED,pkix_pl_getOIDToken failed,0),
+PKIX_ERRORENTRY(GETPKIXERRORCODEFAILED,Get PKIX error code failed,0),
+PKIX_ERRORENTRY(GETREQCERTIFICATEUSAGESFAILED,Fail to get required certificate usages,0),
+PKIX_ERRORENTRY(GETRESULTCODECALLEDFORNONRESULTMESSAGE,GetResultCode called for non-Result message,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(GETRETCERTIFICATEUSAGESFAILED,Fail to get returned certificate usages,0),
+PKIX_ERRORENTRY(GETTRUSTEDCERTLISTFAILED,Fail to get trusted cert list,0),
+PKIX_ERRORENTRY(HASHFAILED,pkix_hash failed,0),
+PKIX_ERRORENTRY(HASHTABLEADDFAILED,PKIX_PL_HashTable_Add failed,0),
+PKIX_ERRORENTRY(HASHTABLECREATEFAILED,PKIX_PL_HashTable_Create failed,0),
+PKIX_ERRORENTRY(HASHTABLELOOKUPFAILED,PKIX_PL_HashTable_Lookup failed,0),
+PKIX_ERRORENTRY(HASHTABLEREMOVEFAILED,PKIX_PL_HashTable_Remove failed,0),
+PKIX_ERRORENTRY(HELPERBYTES2ASCIIFAILED,pkix_pl_helperBytes2Ascii failed,0),
+PKIX_ERRORENTRY(HELPERBYTES2ASCIINUMTOKENSZERO,pkix_pl_helperBytes2Ascii: numTokens is zero,0),
+PKIX_ERRORENTRY(HTTPCERTSTORECREATEREQUESTSESSIONFAILED,pkix_pl_HttpCertStore_CreateRequestSession failed,0),
+PKIX_ERRORENTRY(HTTPCERTSTORECREATEWITHASCIINAMEFAILED,PKIX_PL_HttpCertStore_CreateWithAsciiName failed,0),
+PKIX_ERRORENTRY(HTTPCERTSTOREDECODECERTPACKAGEFAILED,pkix_pl_HttpCertStore_DecodeCertPackage failed,0),
+PKIX_ERRORENTRY(HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED,pkix_HttpCertStore_FindSocketConnection failed,0),
+PKIX_ERRORENTRY(HTTPCERTSTOREPROCESSCERTRESPONSEFAILED,pkix_pl_HttpCertStore_ProcessCertResponse failed,0),
+PKIX_ERRORENTRY(HTTPCERTSTOREPROCESSCRLRESPONSEFAILED,pkix_pl_HttpCertStore_ProcessCrlResponse failed,0),
+PKIX_ERRORENTRY(HTTPCLIENTCREATESESSIONFAILED,HttpClient->CreateSession failed,0),
+PKIX_ERRORENTRY(HTTPCLIENTININVALIDSTATE,HttpClient in invalid state,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTCONNECTCONTINUEFAILED,pkix_pl_HttpDefaultClient_ConnectContinue failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTCREATEFAILED,pkix_pl_HttpDefaultClient_Create failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTDISPATCHFAILED,pkix_pl_HttpDefaultClient_Dispatch failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED,pkix_pl_HttpDefaultClient_HdrCheckComplete failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTINILLEGALSTATE,HttpDefaultClient in illegal state,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTRECVBODYCONTINUEFAILED,pkix_pl_HttpDefaultClient_RecvBodyContinue failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTRECVBODYFAILED,pkix_pl_HttpDefaultClient_RecvBody failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTRECVHDRCONTINUEFAILED,pkix_pl_HttpDefaultClient_RecvHdrContinue failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTRECVHDRFAILED,pkix_pl_HttpDefaultClient_RecvHdr failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTSENDCONTINUEFAILED,pkix_pl_HttpDefaultClient_SendContinue failed,0),
+PKIX_ERRORENTRY(HTTPDEFAULTCLIENTSENDFAILED,pkix_pl_HttpDefaultClient_Send failed,0),
+PKIX_ERRORENTRY(HTTPSERVERERROR,HTTP Server Error,0),
+PKIX_ERRORENTRY(ILLEGALCHARACTERINESCAPEDASCII,Illegal character in Escaped ASCII String,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(ILLEGALCHARACTERINOID,Illegal character in OID,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(ILLEGALDOTINOID,Illegal period in OID,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(ILLEGALSURROGATEPAIR,Illegal surrogate pair in EscapedASCII,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(ILLEGALUNICODECHARACTER,Illegal Unicode character in EscapedASCII,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(ILLEGALUSEOFAMP,Illegal use of ampersand character,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(IMPOSSIBLECRITERIONFORCRLQUERY,Impossible criterion for Crl Query,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(INDEXOUTOFBOUNDS,Index out of bounds,SEC_ERROR_LIBPKIX_INTERNAL),
+PKIX_ERRORENTRY(INESCAPEDASCII,in EscapedASCII,0),
+PKIX_ERRORENTRY(INFOACCESSCREATEFAILED,pkix_pl_InfoAccess_Create failed,0),
+PKIX_ERRORENTRY(INFOACCESSCREATELISTFAILED,pkix_pl_InfoAccess_CreateList failed,0),
+PKIX_ERRORENTRY(INFOACCESSGETLOCATIONFAILED,PKIX_PL_InfoAccess_GetLocation failed,0),
+PKIX_ERRORENTRY(INFOACCESSGETLOCATIONTYPEFAILED,PKIX_PL_InfoAccess_GetLocationType failed,0),
+PKIX_ERRORENTRY(INFOACCESSGETMETHODFAILED,PKIX_PL_InfoAccess_GetMethod failed,0),
+#ifndef NSS_PKIX_NO_LDAP
+PKIX_ERRORENTRY(INFOACCESSPARSELOCATIONFAILED,pkix_pl_InfoAccess_ParseLocation failed,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+#endif
+PKIX_ERRORENTRY(INFOACCESSPARSETOKENSFAILED,pkix_pl_InfoAccess_ParseTokens failed,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+PKIX_ERRORENTRY(INITIALIZECHECKERSFAILED,pkix_InitializeCheckers failed,0),
+PKIX_ERRORENTRY(INITIALIZEFAILED,PKIX_PL_Initialize failed,0),
+PKIX_ERRORENTRY(INPUTLISTMUSTBEHEADER,Input List must be header,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(INPUTLISTSMUSTBELISTHEADERS,Input Lists must be list headers,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(INSUFFICIENTCRITERIAFORCERTQUERY,Insufficient criteria for Cert query,0),
+PKIX_ERRORENTRY(INSUFFICIENTCRITERIAFORCRLQUERY,Insufficient criteria for Crl Query,0),
+PKIX_ERRORENTRY(INTRUSTEDCERT,in Trusted Cert,0),
+PKIX_ERRORENTRY(INVALIDCHARACTERINBIGINT,Invalid character in BigInt,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(INVALIDDERENCODINGFOROID,Invalid DER-encoding for OID,0),
+PKIX_ERRORENTRY(INVALIDENCODINGOIDTOKENVALUETOOBIG,Invalid encoding: OID token value too big,0),
+PKIX_ERRORENTRY(INVALIDPOLICYMAPPINGINCLUDESANYPOLICY,Invalid policyMapping includes anyPolicy,SEC_ERROR_INVALID_POLICY_MAPPING),
+PKIX_ERRORENTRY(INVALIDREVOCATIONMETHOD,Invalid revocation method,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(INVALIDSIGNINGCERTINOCSPRESPONSE,Invalid signing Cert in OCSP response,SEC_ERROR_OCSP_INVALID_SIGNING_CERT),
+PKIX_ERRORENTRY(INVALIDSTATUS,INVALID STATUS,0),
+PKIX_ERRORENTRY(INVALIDSTORETYPEFORSETTINGCONFIGDIR,Invalid Store type for Setting ConfigDir,0),
+PKIX_ERRORENTRY(IPADDRBYTES2ASCIIDATALENGTHZERO,pkix_pl_ipAddrBytes2Ascii: data length is zero,0),
+PKIX_ERRORENTRY(IPADDRBYTES2ASCIIFAILED,pkix_pl_ipAddrBytes2Ascii failed,0),
+PKIX_ERRORENTRY(ISCERTSELFISSUEDFAILED,pkix_IsCertSelfIssued failed,0),
+PKIX_ERRORENTRY(ISCERTSELFISSUEFAILED,pkix_IsCertSelfIssue failed,0),
+PKIX_ERRORENTRY(KEYUSAGEKEYCERTSIGNBITNOTON,Validation failed: KeyUsage KeyCertSign bit is not on,SEC_ERROR_CA_CERT_INVALID),
+PKIX_ERRORENTRY(KEYUSAGEKEYCRLSIGNBITNOTON,Validation failed: KeyUsage CRLSign bit is not on,0),
+PKIX_ERRORENTRY(LDAPCERTSTOREBUILDCERTLISTFAILED,pkix_pl_LdapCertStore_BuildCertList failed,0),
+PKIX_ERRORENTRY(LDAPCERTSTOREBUILDCRLLISTFAILED,pkix_pl_LdapCertStore_BuildCrlList failed,0),
+PKIX_ERRORENTRY(LDAPCERTSTOREDECODECROSSCERTPAIRFAILED,pkix_pl_LdapCertStore_DecodeCrossCertPair failed,0),
+PKIX_ERRORENTRY(LDAPCERTSTOREDESTROYAVALISTFAILED,pkix_pl_LdapCertStore_DestroyAVAList failed,0),
+PKIX_ERRORENTRY(LDAPCERTSTOREINILLEGALSTATE,LDAP CertStore in illegal state,0),
+PKIX_ERRORENTRY(LDAPCERTSTOREMAKENAMEAVALISTFAILED,pkix_pl_LdapCertStore_MakeNameAVAList failed,0),
+PKIX_ERRORENTRY(LDAPCLIENTINITIATEREQUESTFAILED,PKIX_PL_LdapClient_InitiateRequest failed,0),
+PKIX_ERRORENTRY(LDAPCLIENTRESUMEREQUESTFAILED,PKIX_PL_LdapClient_ResumeRequest failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTABANDONCONTINUEFAILED,pkix_pl_LdapDefaultClient_AbandonContinue failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTBINDCONTINUEFAILED,pkix_pl_LdapDefaultClient_BindContinue failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTBINDFAILED,pkix_pl_LdapDefaultClient_Bind failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTBINDRESPONSECONTINUEFAILED,pkix_pl_LdapDefaultClient_BindResponseContinue failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTBINDRESPONSEFAILED,pkix_pl_LdapDefaultClient_BindResponse failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTCONNECTCONTINUEFAILED,pkix_pl_LdapDefaultClient_ConnectContinue failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTCREATEBYNAMEFAILED,PKIX_PL_LdapDefaultClient_CreateByName failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTCREATEHELPERFAILED,pkix_pl_LdapDefaultClient_CreateHelper failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTDECODEBINDRESPONSEFAILED,pkix_pl_LdapDefaultClient_DecodeBindResponse failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTDISPATCHFAILED,pkix_pl_LdapDefaultClient_Dispatch failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTINILLEGALSTATE,LDAP DefaultClient in illegal state,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTMAKEABANDONFAILED,pkix_pl_LdapDefaultClient_MakeAbandon failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTMAKEANDFILTERFAILED,pkix_pl_LdapDefaultClient_MakeAndFilter failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTMAKEBINDFAILED,pkix_pl_LdapDefaultClient_MakeBind failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTMAKEUNBINDFAILED,pkix_pl_LdapDefaultClient_MakeUnbind failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTRECVCHECKCOMPLETEFAILED,pkix_pl_LdapDefaultClient_RecvCheckComplete failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTRECVCONTINUEFAILED,pkix_pl_LdapDefaultClient_RecvContinue failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTRECVFAILED,pkix_pl_LdapDefaultClient_Recv failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTRECVINITIALFAILED,pkix_pl_LdapDefaultClient_RecvInitial failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTRECVNONINITIALFAILED,pkix_pl_LdapDefaultClient_RecvNonInitial failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTSENDCONTINUEFAILED,pkix_pl_LdapDefaultClient_SendContinue failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTSENDFAILED,pkix_pl_LdapDefaultClient_Send failed,0),
+PKIX_ERRORENTRY(LDAPDEFAULTCLIENTVERIFYBINDRESPONSEFAILED,pkix_pl_LdapDefaultClient_VerifyBindResponse failed,0),
+PKIX_ERRORENTRY(LDAPREQUESTATTRSTRINGTOBITFAILED,pkix_pl_LdapRequest_AttrStringToBit failed,0),
+PKIX_ERRORENTRY(LDAPREQUESTATTRTYPETOBITFAILED,pkix_pl_LdapRequest_AttrTypeToBit failed,0),
+PKIX_ERRORENTRY(LDAPREQUESTCREATEFAILED,pkix_pl_LdapRequest_Create failed,0),
+PKIX_ERRORENTRY(LDAPREQUESTENCODEATTRSFAILED,pkix_pl_LdapRequest_EncodeAttrs failed,0),
+PKIX_ERRORENTRY(LDAPREQUESTGETENCODEDFAILED,pkix_pl_LdapRequest_GetEncoded failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEAPPENDFAILED,pkix_pl_LdapResponse_Append failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSECREATEFAILED,pkix_pl_LdapResponseCreate failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEDECODEFAILED,pkix_pl_LDAPResponse_Decode failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEGETCAPACITYFAILED,pkix_pl_LdapResponse_GetCapacity failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEGETMESSAGEFAILED,pkix_pl_LdapResponse_GetMessage failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEGETMESSAGETYPEFAILED,pkix_pl_LdapResponse_GetMessageType failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEGETRESULTCODEFAILED,pkix_pl_LdapResponse_GetResultCode failed,0),
+PKIX_ERRORENTRY(LDAPRESPONSEISCOMPLETEFAILED,pkix_pl_LdapResponse_IsComplete failed,0),
+PKIX_ERRORENTRY(LISTAPPENDFAILED,PKIX_List_Append failed,0),
+PKIX_ERRORENTRY(LISTAPPENDITEMFAILED,PKIX_List_AppendItem failed,0),
+PKIX_ERRORENTRY(LISTAPPENDLISTFAILED,pkix_List_AppendList failed,0),
+PKIX_ERRORENTRY(LISTAPPENDUNIQUEFAILED,pkix_List_AppendUnique failed,0),
+PKIX_ERRORENTRY(LISTBUBBLESORTFAILED,pkix_List_BubbleSort failed,0),
+PKIX_ERRORENTRY(LISTCONTAINSFAILED,pkix_List_Contains failed,0),
+PKIX_ERRORENTRY(LISTCREATEFAILED,PKIX_List_Create failed,0),
+PKIX_ERRORENTRY(LISTCREATEINTERNALFAILED,pkix_List_Create_Internal failed,0),
+PKIX_ERRORENTRY(LISTDELETEITEMFAILED,PKIX_List_DeleteItem failed,0),
+PKIX_ERRORENTRY(LISTDUPLICATEFAILED,pkix_List_Duplicate failed,0),
+PKIX_ERRORENTRY(LISTEQUALSFAILED,PKIX_List_Equals failed,0),
+PKIX_ERRORENTRY(LISTGETELEMENTFAILED,pkix_List_GetElement failed,0),
+PKIX_ERRORENTRY(LISTGETITEMFAILED,PKIX_List_GetItem failed,0),
+PKIX_ERRORENTRY(LISTGETLENGTHFAILED,PKIX_List_GetLength failed,0),
+PKIX_ERRORENTRY(LISTHASHCODEFAILED,pkix_List_Hashcode failed,0),
+PKIX_ERRORENTRY(LISTINSERTITEMFAILED,PKIX_List_InsertItem failed,0),
+PKIX_ERRORENTRY(LISTISEMPTYFAILED,PKIX_List_IsEmpty failed,0),
+PKIX_ERRORENTRY(LISTMERGEFAILED,pkix_List_MergeList failed,0),
+PKIX_ERRORENTRY(LISTQUICKSORTFAILED,pkix_List_QuickSort failed,0),
+PKIX_ERRORENTRY(LISTREMOVEFAILED,pkix_List_Remove failed,0),
+PKIX_ERRORENTRY(LISTREMOVEITEMSFAILED,pkix_List_RemoveItems failed,0),
+PKIX_ERRORENTRY(LISTREVERSELISTFAILED,PKIX_List_ReverseList failed,0),
+PKIX_ERRORENTRY(LISTSETIMMUTABLEFAILED,PKIX_List_SetImmutable failed,0),
+PKIX_ERRORENTRY(LISTSETITEMFAILED,PKIX_List_SetItem failed,0),
+PKIX_ERRORENTRY(LISTTOSTRINGFAILED,pkix_List_ToString failed,0),
+PKIX_ERRORENTRY(LISTTOSTRINGHELPERFAILED,pkix_List_ToString Helper failed,0),
+PKIX_ERRORENTRY(LOCATIONSTRINGNOTPROPERLYTERMINATED,Location string not properly terminated,0),
+PKIX_ERRORENTRY(LOCKHASNONZEROREADCOUNT,Lock has non-zero read count,0),
+PKIX_ERRORENTRY(LOCKOBJECTFAILED,pkix_LockObject failed,0),
+PKIX_ERRORENTRY(LOGGERDUPLICATEFAILED,pkix_Logger_Duplicate failed,0),
+PKIX_ERRORENTRY(LOGGINGLEVELEXCEEDSMAXIMUM,Logging Level exceeds Maximum,0),
+PKIX_ERRORENTRY(LOOPDISCOVEREDDUPCERTSNOTALLOWED,Loop discovered: duplicate certificates not allowed,SEC_ERROR_UNTRUSTED_ISSUER),
+PKIX_ERRORENTRY(LOOPOFERRORCAUSEDETECTED,Loop of error causes detected,0),
+PKIX_ERRORENTRY(MAJORVERSIONSDONTMATCH,Major versions do not match,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(MALLOCFAILED,PKIX_PL_Malloc failed,0),
+PKIX_ERRORENTRY(MEMLEAKGENERATEDERROR,Error generated for memory leak testing,SEC_ERROR_NO_MEMORY),
+PKIX_ERRORENTRY(MINORVERSIONNOTBETWEENDESIREDMINANDMAX,Minor version does not fall between desired minimum and maximum,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(MISSINGDSAPARAMETERS,Missing DSA parameters in Trusted Cert,SEC_ERROR_INVALID_KEY),
+PKIX_ERRORENTRY(MONITORLOCKCREATEFAILED,PKIX_PL_MonitorLock_Create failed,0),
+PKIX_ERRORENTRY(MONITORLOCKENTERFAILED,PKIX_PL_MonitorLock_Enter failed,0),
+PKIX_ERRORENTRY(MONITORLOCKEXITFAILED,PKIX_PL_MonitorLock_Exit failed,0),
+PKIX_ERRORENTRY(MUTEXLOCKFAILED,PKIX_PL_Mutex_Lock failed,0),
+PKIX_ERRORENTRY(NAMECHAININGCHECKERINITIALIZEFAILED,pkix_NameChainingChecker_Initialize failed,0),
+PKIX_ERRORENTRY(NAMECHAININGCHECKFAILED,Name Chaining Check failed,SEC_ERROR_UNKNOWN_ISSUER),
+PKIX_ERRORENTRY(NAMECOMPONENTWITHNOEQ,Name Component with no equal sign,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+PKIX_ERRORENTRY(NAMECONSTRAINTSCHECKERINITIALIZEFAILED,pkix_NameConstraintsChecker_Initialize failed,0),
+PKIX_ERRORENTRY(NAMECONSTRAINTSCHECKERSTATECREATEFAILED,pkix_NameConstraintsCheckerState_Create failed,0),
+PKIX_ERRORENTRY(NAMETYPENOTSUPPORTED,name type not supported,0),
+PKIX_ERRORENTRY(NOCONTENTTYPEINHTTPRESPONSE,No content type in Http Response,SEC_ERROR_BAD_HTTP_RESPONSE),
+PKIX_ERRORENTRY(NODESMISSINGFROMCHAIN,Nodes missing from chain,0),
+PKIX_ERRORENTRY(NOREGISTEREDHTTPCLIENT,No registered Http Client,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(NORESPONSEDATAINHTTPRESPONSE,No responseData in Http Response,SEC_ERROR_BAD_HTTP_RESPONSE),
+PKIX_ERRORENTRY(NOTARGETCERTSUPPLIED,No target cert supplied,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(NOTCONFORMINGCRLDP,Cert CRL DP does not conform to the rfc, 0),
+PKIX_ERRORENTRY(NOTDERPACKAGE,Not a DER package,0),
+PKIX_ERRORENTRY(NOTENOUGHNAMECOMPONENTSINGENERALNAME,Not enough name components in GeneralName,SEC_ERROR_BAD_INFO_ACCESS_LOCATION),
+PKIX_ERRORENTRY(NSSCERTIFICATEUSAGETOPKIXKUANDEKUFAILED,Failed to convert nss certificate usage to pkix ku and eku data structures,0),
+PKIX_ERRORENTRY(NSSCONTEXTCREATEFAILED,PKIX_PL_NssContext_Create failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTDESTROYFAILED,PKIX_PL_NssContext_Destroy failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTGETCHECKALLUSAGESFAILED, pkix_pl_NssContext_GetCheckAllUsages failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTGETRETURNUSAGESFAILED, pkix_pl_NssContext_GetReturnUsages failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTGETWINCXFAILED,pkix_pl_NssContext_GetWincx failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTSETCERTSIGNCHECKFAILED, pkix_pl_NssContext_SetCertSignatureCheck,0),
+PKIX_ERRORENTRY(NSSCONTEXTSETCERTUSAGEFAILED, pkix_pl_NssContext_SetCertUsage failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTSETCHECKALLUSAGESFAILED, pkix_pl_NssContext_SetCheckAllUsages failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTSETRETURNEDCERTUSAGEFAILED, pkix_pl_NssContext_SetReturnedCertUsage,0),
+PKIX_ERRORENTRY(NSSCONTEXTSETRETURNUSAGESFAILED, pkix_pl_NssContext_SetReturnUsages failed,0),
+PKIX_ERRORENTRY(NSSCONTEXTVALIDATINGRESPONDERCERTFAILED,pkix_pl_NssContext_ValidatingResponderCert failed,0),
+PKIX_ERRORENTRY(NSSTRUSTEDLISTISEMPTY,nss trusted roots list is empty,0),
+PKIX_ERRORENTRY(NULLARGUMENT,Null argument,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(NUMBUCKETSEQUALSZERO,NumBuckets equals zero,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(OBJECTALLOCFAILED,PKIX_PL_Object_Alloc failed,0),
+PKIX_ERRORENTRY(OBJECTARGUMENTNOTPOLICYMAP,object argument is not a PolicyMap,0),
+PKIX_ERRORENTRY(OBJECTCOMPARATORFAILED,PKIX_PL_Object_Comparator failed,0),
+PKIX_ERRORENTRY(OBJECTDEFINED,object-defined ,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATECERTFAILED,PKIX_PL_Object_Duplicate Cert failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATECONTEXTFAILED,PKIX_PL_Object_Duplicate Context failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATEDATEFAILED,PKIX_PL_Object_Duplicate Date failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATEFAILED,PKIX_PL_Object_Duplicate failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATEISSUERNAMESFAILED,PKIX_PL_Object_Duplicate IssuerNames failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATELISTFAILED,PKIX_PL_Object_Duplicate List failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATEMAXCRLNUMBERFAILED,PKIX_PL_Object_Duplicate maxCRLNumber failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATEMINCRLNUMBERFAILED,PKIX_PL_Object_Duplicate minCRLNumber failed,0),
+PKIX_ERRORENTRY(OBJECTDUPLICATEPARAMSFAILED,PKIX_PL_Object_Duplicate Params failed,0),
+PKIX_ERRORENTRY(OBJECTEQUALSFAILED,PKIX_PL_Object_Equals failed,0),
+PKIX_ERRORENTRY(OBJECTEQUALSFAILEDONCHILDREN,PKIX_PL_Object_Equals failed on children,0),
+PKIX_ERRORENTRY(OBJECTEQUALSFAILEDONEXPECTEDPOLICYSETS,PKIX_PL_Object_Equals failed on expectedPolicySets,0),
+PKIX_ERRORENTRY(OBJECTGETTYPEFAILED,PKIX_PL_Object_GetType failed,0),
+PKIX_ERRORENTRY(OBJECTHASHCODEFAILED,PKIX_PL_Object_Hashcode failed,0),
+PKIX_ERRORENTRY(OBJECTINVALIDATECACHEFAILED,PKIX_PL_Object_InvalidateCache failed,0),
+PKIX_ERRORENTRY(OBJECTISTYPEREGISTEREDFAILED,PKIX_PL_Object_IsTypeRegistered failed,0),
+PKIX_ERRORENTRY(OBJECTLOCKFAILED,PKIX_PL_Object_Lock failed,0),
+PKIX_ERRORENTRY(OBJECTNOTAIAMGR,Object is not a AIAMgr,0),
+PKIX_ERRORENTRY(OBJECTNOTANEKUCHECKERSTATE,Object is not an EKU Checker State,0),
+PKIX_ERRORENTRY(OBJECTNOTANERROR,Object is not an Error,0),
+PKIX_ERRORENTRY(OBJECTNOTANHTTPCERTSTORECONTEXT,Object is not an HttpCertStoreContext,0),
+PKIX_ERRORENTRY(OBJECTNOTANHTTPDEFAULTCLIENT,Object is not an HttpDefaultClient,0),
+PKIX_ERRORENTRY(OBJECTNOTANINFOACCESS,Object is not an InfoAccess,0),
+PKIX_ERRORENTRY(OBJECTNOTANLDAPDEFAULTCLIENT,Object is not an LdapDefaultClient,0),
+PKIX_ERRORENTRY(OBJECTNOTANOCSPRESPONSE,Object is not an OcspResponse,0),
+PKIX_ERRORENTRY(OBJECTNOTANOID,Object is not an OID,0),
+PKIX_ERRORENTRY(OBJECTNOTANSOCKET,Object is not an Socket,0),
+PKIX_ERRORENTRY(OBJECTNOTANX500NAME,Object is not an X500Name,0),
+PKIX_ERRORENTRY(OBJECTNOTBASICCONSTRAINTSCHECKERSTATE,Object is not a basic constraints checker state,0),
+PKIX_ERRORENTRY(OBJECTNOTBIGINT,Object is not a BigInt,0),
+PKIX_ERRORENTRY(OBJECTNOTBUILDPARAMS,Object is not a BuildParams,0),
+PKIX_ERRORENTRY(OBJECTNOTBUILDRESULT,Object is not a BuildResult,0),
+PKIX_ERRORENTRY(OBJECTNOTBYTEARRAY,Object is not a bytearray,0),
+PKIX_ERRORENTRY(OBJECTNOTCERT,Object is not a Cert,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTBASICCONSTRAINTS,Object is not a CertBasicConstraints,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTCHAINCHECKER,Object is not a cert chain checker,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTNAMECONSTRAINTS,Object is not a CertNameConstraints,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTPOLICYINFO,Object is not a CertPolicyInfo,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTPOLICYMAP,Object is not a CertPolicyMap,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTPOLICYQUALIFIER,Object is not a CertPolicyQualifier,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTSELECTOR,Object is not a cert selector,0),
+PKIX_ERRORENTRY(OBJECTNOTCERTSTORE,Object is not a CertStore,0),
+PKIX_ERRORENTRY(OBJECTNOTCOLLECTIONCERTSTORECONTEXT,Object is not a CollectionCertStoreContext,0),
+PKIX_ERRORENTRY(OBJECTNOTCOMCERTSELPARAMS,Object is not a comCertSelParams,0),
+PKIX_ERRORENTRY(OBJECTNOTCOMCRLSELPARAMS,Object is not a ComCRLSelParams,0),
+PKIX_ERRORENTRY(OBJECTNOTCRL,Object is not a CRL,0),
+PKIX_ERRORENTRY(OBJECTNOTCRLENTRY,Object is not a CRLEntry,0),
+PKIX_ERRORENTRY(OBJECTNOTCRLSELECTOR,Object is not a CRLSelector,0),
+PKIX_ERRORENTRY(OBJECTNOTDATE,Object is not a Date,0),
+PKIX_ERRORENTRY(OBJECTNOTCRLCHECKER,Object is not a CRLChecker,0),
+PKIX_ERRORENTRY(OBJECTNOTDEFAULTREVOCATIONCHECKER,Object is not a DefaultRevocationChecker,0),
+PKIX_ERRORENTRY(OBJECTNOTFORWARDBUILDERSTATE,Object is not a PKIX_ForwardBuilderState,0),
+PKIX_ERRORENTRY(OBJECTNOTGENERALNAME,Object is not a GeneralName,0),
+PKIX_ERRORENTRY(OBJECTNOTHASHTABLE,Object is not a hashtable,0),
+PKIX_ERRORENTRY(OBJECTNOTINFOACCESS,Object is not a InfoAccess,0),
+PKIX_ERRORENTRY(OBJECTNOTLDAPREQUEST,Object is not a LdapRequest,0),
+PKIX_ERRORENTRY(OBJECTNOTLDAPRESPONSE,Object is not a LdapResponse,0),
+PKIX_ERRORENTRY(OBJECTNOTLIST,Object is not a list,0),
+PKIX_ERRORENTRY(OBJECTNOTLOGGER,Object is not a Logger,0),
+PKIX_ERRORENTRY(OBJECTNOTMONITORLOCK,Object is not a MonitorLock,0),
+PKIX_ERRORENTRY(OBJECTNOTMUTEX,Object is not a Mutex,0),
+PKIX_ERRORENTRY(OBJECTNOTNAMECONSTRAINTSCHECKERSTATE,Object is not a name constraints checker state,0),
+PKIX_ERRORENTRY(OBJECTNOTOCSPCERTID,Object is not an OcspCertID,0),
+PKIX_ERRORENTRY(OBJECTNOTOCSPCHECKER,Object is not an OCSPChecker,0),
+PKIX_ERRORENTRY(OBJECTNOTOCSPREQUEST,Object is not an OcspRequest,0),
+PKIX_ERRORENTRY(OBJECTNOTPOLICYCHECKERSTATE,Object is not a PKIX_PolicyCheckerState,0),
+PKIX_ERRORENTRY(OBJECTNOTPOLICYNODE,Object is not a PolicyNode,0),
+PKIX_ERRORENTRY(OBJECTNOTPROCESSINGPARAMS,Object is not a ProcessingParams,0),
+PKIX_ERRORENTRY(OBJECTNOTPUBLICKEY,Object is not a PublicKey,0),
+PKIX_ERRORENTRY(OBJECTNOTRESOURCELIMITS,Object is not a ResourceLimits,0),
+PKIX_ERRORENTRY(OBJECTNOTREVOCATIONCHECKER,Object is not a revocation checker,0),
+PKIX_ERRORENTRY(OBJECTNOTRWLOCK,Object is not a RWLock,0),
+PKIX_ERRORENTRY(OBJECTNOTSIGNATURECHECKERSTATE,Object is not a signature checker state,0),
+PKIX_ERRORENTRY(OBJECTNOTSOCKET,Object is not a Socket,0),
+PKIX_ERRORENTRY(OBJECTNOTSTRING,Object is not a string,0),
+PKIX_ERRORENTRY(OBJECTNOTTARGETCERTCHECKERSTATE,Object is not a target cert checker state,0),
+PKIX_ERRORENTRY(OBJECTNOTTRUSTANCHOR,Object is not a trustAnchor,0),
+PKIX_ERRORENTRY(OBJECTNOTVALIDATEPARAMS,Object is not a ValidateParams,0),
+PKIX_ERRORENTRY(OBJECTNOTVALIDATERESULT,Object is not a ValidateResult,0),
+PKIX_ERRORENTRY(OBJECTNOTVERIFYNODE,Object is not a VerifyNode,0),
+PKIX_ERRORENTRY(OBJECTREGISTERTYPEFAILED,PKIX_PL_Object_RegisterType failed,0),
+PKIX_ERRORENTRY(OBJECTRETRIEVEEQUALSCALLBACKFAILED,pkix_pl_Object_RetrieveEqualsCallback failed,0),
+PKIX_ERRORENTRY(OBJECTSPECIFICFUNCTIONFAILED,object-specific function failed,0),
+PKIX_ERRORENTRY(OBJECTSTILLREFERENCED,Object is still referenced,0),
+PKIX_ERRORENTRY(OBJECTTOSTRINGFAILED,PKIX_PL_Object_ToString failed,0),
+PKIX_ERRORENTRY(OBJECTTYPESDONOTMATCH,Object types do not match,0),
+PKIX_ERRORENTRY(OBJECTWITHNONPOSITIVEREFERENCES,Object with non-positive references,0),
+PKIX_ERRORENTRY(OCSPCERTIDCREATEFAILED,PKIX_PL_OcspCertID_Create failed,0),
+PKIX_ERRORENTRY(OCSPCERTIDGETFRESHCACHESTATUSFAILED,PKIX_PL_OcspCertID_GetFreshCacheStatus returned an error,0),
+PKIX_ERRORENTRY(OCSPCERTIDREMEMBEROCSPFAILUREDFAILED,PKIX_PL_OcspCertID_RememberOCSPProcessingFailure,0),
+PKIX_ERRORENTRY(OCSPCHECKERCREATEFAILED,PKIX_OcspChecker_Create failed,0),
+PKIX_ERRORENTRY(OCSPBADHTTPRESPONSE,Bad Http Response,SEC_ERROR_OCSP_BAD_HTTP_RESPONSE),
+PKIX_ERRORENTRY(OCSPREQUESTCREATEFAILED,PKIX_PL_OcspRequest_Create failed,0),
+PKIX_ERRORENTRY(OCSPREQUESTGETCERTIDFAILED,pkix_pl_OcspRequest_GetCertID failed,0),
+PKIX_ERRORENTRY(OCSPREQUESTGETENCODEDFAILED,pkix_pl_OcspRequest_GetEncoded failed,0),
+PKIX_ERRORENTRY(OCSPREQUESTGETLOCATIONFAILED,pkix_pl_OcspRequest_GetLocation failed,0),
+PKIX_ERRORENTRY(OCSPRESPONSECREATEFAILED,pkix_pl_OcspResponse_Create failed,0),
+PKIX_ERRORENTRY(OCSPRESPONSEDECODEFAILED,pkix_pl_OcspResponse_Decode failed,0),
+PKIX_ERRORENTRY(OCSPRESPONSEGETSTATUSFORCERTFAILED,pkix_pl_OcspResponse_GetStatusForCert failed,0),
+PKIX_ERRORENTRY(OCSPRESPONSEGETSTATUSRETURNEDANERROR,pkix_pl_OcspResponse_GetStatus returned an error,0),
+PKIX_ERRORENTRY(OCSPRESPONSESAYSCERTREVOKED,OCSP response says Cert revoked,SEC_ERROR_REVOKED_CERTIFICATE_OCSP),
+PKIX_ERRORENTRY(OCSPRESPONSEVERIFYSIGNATUREFAILED,pkix_pl_OcspResponse_VerifySignature failed,0),
+PKIX_ERRORENTRY(OCSPSERVERERROR,OCSP Server Error,SEC_ERROR_OCSP_SERVER_ERROR),
+PKIX_ERRORENTRY(OIDBYTES2ASCIIDATALENGTHZERO,pkix_pl_oidBytes2Ascii: data length is zero,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(OIDBYTES2ASCIIFAILED,pkix_pl_oidBytes2Ascii failed,0),
+PKIX_ERRORENTRY(OIDBYTESLENGTH0,Oid bytes length is 0,0),
+PKIX_ERRORENTRY(OIDCOMPARATORFAILED,pkix_pl_OID_Comparator failed,0),
+PKIX_ERRORENTRY(OIDCOMPONENTTOOBIG,Overflow error: OID component > 2^32,0),
+PKIX_ERRORENTRY(OIDCREATEFAILED,PKIX_PL_OID_Create failed,0),
+PKIX_ERRORENTRY(OIDEQUALFAILED,PKIX_PL_OID_Equal failed,0),
+PKIX_ERRORENTRY(OIDEQUALSFAILED,PKIX_PL_OID_Equals failed,0),
+PKIX_ERRORENTRY(OIDGETNEXTTOKENFAILED,pkix_pl_OID_GetNextToken failed,0),
+PKIX_ERRORENTRY(OIDHASHCODEFAILED,PKIX_PL_OID_Hashcode failed,0),
+PKIX_ERRORENTRY(OIDLENGTHTOOSHORT,OID length too short,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(OIDNEEDS2ORMOREFIELDS,OID needs 2 or more fields,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(OIDTOSTRINGFAILED,PKIX_PL_OID_ToString failed,0),
+PKIX_ERRORENTRY(OPERATIONNOTPERMITTEDONIMMUTABLELIST,Operation not permitted on Immutable List,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(OTHERNAMECREATEFAILED,pkix_pl_OtherName_Create failed,0),
+PKIX_ERRORENTRY(OUTOFMEMORY,Out of Memory,0),
+PKIX_ERRORENTRY(PATHLENCONSTRAINTINVALID,Certificate path length constraint is invalid,SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID),
+PKIX_ERRORENTRY(PK11CERTSTORECERTQUERYFAILED,pkix_pl_Pk11CertStore_CertQuery failed,0),
+PKIX_ERRORENTRY(PK11CERTSTORECREATEFAILED,PKIX_PL_Pk11CertStore_Create failed,0),
+PKIX_ERRORENTRY(PK11CERTSTORECRLQUERYFAILED,pkix_pl_Pk11CertStore_CrlQuery failed,0),
+PKIX_ERRORENTRY(PKIXUNKNOWNERROR,PKIX uninitialized error code,0),
+PKIX_ERRORENTRY(POLICYCHECKERCALCULATEINTERSECTIONFAILED,pkix_PolicyChecker_CalculateIntersection failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERCHECKANYFAILED,pkix_PolicyChecker_CheckAny failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERCHECKPOLICYRECURSIVEFAILED,pkix_PolicyChecker_CheckPolicyRecursive failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERERROR,PolicyChecker Error,0),
+PKIX_ERRORENTRY(POLICYCHECKERINITIALIZEFAILED,pkix_PolicyChecker_Initialize failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERMAKEMUTABLECOPYFAILED,pkix_PolicyChecker_MakeMutableCopy failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERMAKESINGLETONFAILED,pkix_PolicyChecker_MakeSingleton failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERMAPCONTAINSFAILED,pkix_PolicyChecker_MapContains failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERMAPGETMAPPEDPOLICIESFAILED,pkix_PolicyChecker_MapGetMappedPolicies failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED,pkix_PolicyChecker_MapGetSubjectDomainPolicies failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERSPAWNFAILED,pkix_PolicyChecker_Spawn failed,0),
+PKIX_ERRORENTRY(POLICYCHECKERSTATECREATEFAILED,PKIX_PolicyCheckerState_Create failed,0),
+PKIX_ERRORENTRY(POLICYNODEADDTOPARENTFAILED,pkix_PolicyNode_AddToParent failed,0),
+PKIX_ERRORENTRY(POLICYNODECREATEFAILED,pkix_PolicyNode_Create failed,0),
+PKIX_ERRORENTRY(POLICYNODEDUPLICATEHELPERFAILED,pkix_PolicyNode_DuplicateHelper failed,0),
+PKIX_ERRORENTRY(POLICYNODEGETCHILDRENMUTABLEFAILED,pkix_PolicyNode_GetChildrenMutable failed,0),
+PKIX_ERRORENTRY(POLICYNODEGETDEPTHFAILED,PKIX_PolicyNode_GetDepth failed,0),
+PKIX_ERRORENTRY(POLICYNODEGETEXPECTEDPOLICIESFAILED,PKIX_PolicyNode_GetExpectedPolicies failed,0),
+PKIX_ERRORENTRY(POLICYNODEGETPARENTFAILED,PKIX_PolicyNode_GetParent failed,0),
+PKIX_ERRORENTRY(POLICYNODEGETPOLICYQUALIFIERSFAILED,PKIX_PolicyNode_GetPolicyQualifiers failed,0),
+PKIX_ERRORENTRY(POLICYNODEGETVALIDPOLICYFAILED,PKIX_PolicyNode_GetValidPolicy failed,0),
+PKIX_ERRORENTRY(POLICYNODEISCRITICALFAILED,PKIX_PolicyNode_IsCritical failed,0),
+PKIX_ERRORENTRY(POLICYNODEPRUNEFAILED,pkix_PolicyNode_Prune failed,0),
+PKIX_ERRORENTRY(POLICYTREETOOIDSFAILED,Failed to convert policy tree to oid,0),
+PKIX_ERRORENTRY(PORTARENAALLOCFAILED,PORT Arena Allocation failed, 0),
+PKIX_ERRORENTRY(PORTUCS2UTF8CONVERSIONFAILED,PORT_UCS2_UTF8Conversion failed.,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(PRACCEPTFAILED,PR_Accept failed,0),
+PKIX_ERRORENTRY(PRBINDFAILED,PR_Bind failed,0),
+PKIX_ERRORENTRY(PRCONNECTCONTINUEFAILED,PR_ConnectContinue failed,0),
+PKIX_ERRORENTRY(PRCONNECTFAILED,PR_Connect failed,0),
+PKIX_ERRORENTRY(PRECONDITIONFAILED,Function precondition failed,SEC_ERROR_LIBPKIX_INTERNAL),
+PKIX_ERRORENTRY(PRENUMERATEHOSTENTFAILED,PR_EnumerateHostEnt failed.,0),
+PKIX_ERRORENTRY(PRGETHOSTBYNAMEREJECTSHOSTNAMEARGUMENT,PR_GetHostByName rejects hostname argument.,0),
+PKIX_ERRORENTRY(PRIMHASHTABLEADDFAILED,pkix_pl_PrimHashTable_Add failed,0),
+PKIX_ERRORENTRY(PRIMHASHTABLECREATEFAILED,pkix_pl_PrimHashTable_Create failed,0),
+PKIX_ERRORENTRY(PRIMHASHTABLEDESTROYFAILED,pkix_pl_PrimHashTable_Destroy failed,0),
+PKIX_ERRORENTRY(PRIMHASHTABLEGETBUCKETSIZEFAILED,pkix_pl_PrimHashTable_GetBucketSize failed,0),
+PKIX_ERRORENTRY(PRIMHASHTABLELOOKUPFAILED,pkix_pl_PrimHashTable_Lookup failed,0),
+PKIX_ERRORENTRY(PRIMHASHTABLEREMOVEFAILED,pkix_pl_PrimHashTable_Remove failed,0),
+PKIX_ERRORENTRY(PRLISTENFAILED,PR_Listen failed,0),
+PKIX_ERRORENTRY(PRNEWTCPSOCKETFAILED,PR_NewTCPSocket failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSADDCERTCHAINCHECKERFAILED,PKIX_ProcessingParams_AddCertChainChecker failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSADDCERTSTOREFAILED,PKIX_ProcessingParams_AddCertStore failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSADDREVMETHODFAILED,PKIX_ProcessingParams_AddRevocationMethod failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSCREATEFAILED,PKIX_ProcessingParams_Create failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETCERTCHAINCHECKERSFAILED,PKIX_ProcessingParams_GetCertChainCheckers failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETCERTSTORESFAILED,PKIX_ProcessingParams_GetCertStores failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETDATEFAILED,PKIX_ProcessingParams_GetDate failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETHINTCERTSFAILED,PKIX_ProcessingParams_GetHintCerts failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETINITIALPOLICIESFAILED,PKIX_ProcessingParams_GetInitialPolicies failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETNISTREVPOLICYENABLEDFAILED,pkix_ProcessingParams_GetNISTRevocationPolicyEnabled failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETPOLICYQUALIFIERSREJECTEDFAILED,PKIX_ProcessingParams_GetPolicyQualifiersRejected failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETRESOURCELIMITSFAILED,PKIX_ProcessingParams_GetResourceLimits failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETREVOCATIONCHECKERFAILED,PKIX_ProcessingParams_GetRevocationChecker failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETREVOCATIONENABLEDFAILED,PKIX_ProcessingParams_GetRevocationEnabled failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED,PKIX_ProcessingParams_GetTargetCertConstraints failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSGETTRUSTANCHORSFAILED,PKIX_ProcessingParams_GetTrustAnchors failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSISANYPOLICYINHIBITEDFAILED,PKIX_ProcessingParams_IsAnyPolicyInhibited failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSISEXPLICITPOLICYREQUIREDFAILED,PKIX_ProcessingParams_IsExplicitPolicyRequired failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSISPOLICYMAPPINGINHIBITEDFAILED,PKIX_ProcessingParams_IsPolicyMappingInhibited failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETANYPOLICYINHIBITED,PKIX_ProcessingParams_SetAnyPolicyInhibited failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETCERTSTORESFAILED,PKIX_ProcessingParams_SetCertStores failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETDATEFAILED,PKIX_ProcessingParams_SetDate failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETEXPLICITPOLICYREQUIRED,PKIX_ProcessingParams_SetExplicitPolicyRequired failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETHINTCERTSFAILED,PKIX_ProcessingParams_SetHintCerts failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETINITIALPOLICIESFAILED,PKIX_ProcessingParams_SetInitialPolicies failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETNISTREVOCATIONENABLEDFAILED,PKIX_ProcessingParams_SetNISTRevocationEnabled failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETPOLICYMAPPINGINHIBITED,PKIX_ProcessingParams_SetPolicyMappingInhibited failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETREVOCATIONCHECKERFAILED,PKIX_ProcessingParams_SetRevocationChecker failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETTARGETCERTCONSTRAINTSFAILED,PKIX_ProcessingParams_SetTargetCertConstraints failed,0),
+PKIX_ERRORENTRY(PROCESSINGPARAMSSETQUALIFYTARGETCERTFLAGFAILED,ProcessingParams_SetQualifyTargetCertFlag failed,0),
+PKIX_ERRORENTRY(PRPOLLFAILED,PR_Poll failed,0),
+PKIX_ERRORENTRY(PRPOLLRETBADFILENUM,PR_Poll failed,0),
+PKIX_ERRORENTRY(PRRECVFAILED,PR_Recv failed,0),
+PKIX_ERRORENTRY(PRRECVREPORTSNETWORKCONNECTIONCLOSED,PR_Recv reports network connection is closed,0),
+PKIX_ERRORENTRY(PRSENDFAILED,PR_Send failed,0),
+PKIX_ERRORENTRY(PRSHUTDOWNFAILED,PR_Shutdown failed,0),
+PKIX_ERRORENTRY(PRSMPRINTFFAILED,PR_smprintf failed,0),
+PKIX_ERRORENTRY(PRSNPRINTFFAILED,PR_snprintf failed,0),
+PKIX_ERRORENTRY(PUBKEYTYPENULLKEY,pubKeyType is nullKey,0),
+PKIX_ERRORENTRY(PUBLICKEYMAKEINHERITEDDSAPUBLICKEYFAILED,PKIX_PL_PublicKey_MakeInheritedDSAPublicKey failed,0),
+PKIX_ERRORENTRY(PUBLICKEYNEEDSDSAPARAMETERSFAILED,PKIX_PL_PublicKey_NeedsDSAParameters failed,0),
+PKIX_ERRORENTRY(PUBLICKEYTOSTRINGFAILED,PKIX_PL_PublicKey_ToString failed,0),
+PKIX_ERRORENTRY(PUBLICKEYTOSTRINGHELPERFAILED,pkix_pl_PublicKey_ToString_Helper failed,0),
+PKIX_ERRORENTRY(QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION,Qualifiers in critical Certificate Policy extension,0),
+PKIX_ERRORENTRY(REALLOCFAILED,PKIX_PL_Realloc failed,0),
+PKIX_ERRORENTRY(RECEIVEDCORRUPTEDOBJECTARGUMENT,Received corrupted object argument,0),
+PKIX_ERRORENTRY(REGISTERCERTSTOREFAILED,RegisterCertStores failed,0),
+PKIX_ERRORENTRY(REMOVEDUPUNTRUSTEDCERTSFAILED, pkix_Build_RemoveDupUntrustedCerts failed,0),
+PKIX_ERRORENTRY(REQUESTNOTANHTTPDEFAULTCLIENT,request is not an HttpDefaultClient,0),
+PKIX_ERRORENTRY(RESOURCELIMITSGETMAXDEPTHFAILED,PKIX_ResourceLimits_GetMaxDepth failed,0),
+PKIX_ERRORENTRY(RESOURCELIMITSGETMAXFANOUTFAILED,PKIX_ResourceLimits_GetMaxFanout failed,0),
+PKIX_ERRORENTRY(RESOURCELIMITSGETMAXTIMEFAILED,PKIX_ResourceLimits_GetMaxTime failed,0),
+PKIX_ERRORENTRY(RETRIEVEOUTPUTSFAILED,pkix_RetrieveOutputs failed,0),
+PKIX_ERRORENTRY(REVCHECKCERTFAILED,pkix_RevCheckCert failed,0),
+PKIX_ERRORENTRY(REVCHECKERCHECKFAILED,revCheckerCheck failed,0),
+PKIX_ERRORENTRY(REVOCATIONCHECKERADDMETHODFAILED,Can not add revocation method,0),
+PKIX_ERRORENTRY(REVOCATIONCHECKERCREATEFAILED,PKIX_RevocationChecker_Create failed,0),
+PKIX_ERRORENTRY(REVOCATIONCHECKERGETREVCALLBACKFAILED,PKIX_RevocationChecker_GetRevCallback failed,0),
+PKIX_ERRORENTRY(REVOCATIONCHECKERGETREVCHECKERCONTEXTFAILED,PKIX_RevocationChecker_GetRevCheckerContext failed,0),
+PKIX_ERRORENTRY(REVOCATIONCHECKERWASNOTSET,Revocation chekcer was not set,0),
+PKIX_ERRORENTRY(REVOKEDBYUNKNOWNCRLREASONCODE,Revoked by Unknown CRL ReasonCode,0),
+PKIX_ERRORENTRY(SEARCHRESPONSEPACKETOFUNKNOWNTYPE,SearchResponse packet of unknown type,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(SECASN1ENCODEITEMFAILED,SEC_ASN1EncodeItem failed,SEC_ERROR_FAILED_TO_ENCODE_DATA),
+PKIX_ERRORENTRY(SECERRORUNKNOWNISSUER,Nss legacy err code: build failed. Issuer is unknown.,SEC_ERROR_UNKNOWN_ISSUER),
+PKIX_ERRORENTRY(SECKEYCOPYSUBJECTPUBLICKEYINFOFAILED,SECKEY_CopySubjectPublicKeyInfo failed,0),
+PKIX_ERRORENTRY(SECKEYEXTRACTPUBLICKEYFAILED,SECKEY_ExtractPublicKey failed,0),
+PKIX_ERRORENTRY(SECOIDCOPYALGORITHMIDFAILED,SECOID_CopyAlgorithmID failed,0),
+PKIX_ERRORENTRY(SECOIDFINDOIDTAGDESCRIPTIONFAILED,SECOID_FindOIDTag Description failed,0),
+PKIX_ERRORENTRY(SECONDFIELDMUSTBEBETWEEN039,Second field must be between 0-39,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(SECONDKEYDSAPUBLICKEY,Second key is a DSA public key but has null parameters,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(SECONDKEYNOTDSAPUBLICKEY,Second key is not a DSA public key,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(SECONDPUBKEYTYPENULLKEY,secondPubKeyType is nullKey,0),
+PKIX_ERRORENTRY(SECQUICKDERDECODERFAILED,SEC_QuickDERDecodeItem failed,0),
+PKIX_ERRORENTRY(SECREADPKCS7CERTSFAILED,SEC_ReadPKCS7Certs failed,0),
+PKIX_ERRORENTRY(SELECTORMATCHFAILED,selectorMatch failed,0),
+PKIX_ERRORENTRY(SESSIONNOTANHTTPDEFAULTCLIENT,session is not an HttpDefaultClient,0),
+PKIX_ERRORENTRY(SETPOLICIESFAILED,Fail to set cert validation policies,0),
+PKIX_ERRORENTRY(SHUTDOWNFAILED,PKIX_PL_Shutdown failed,0),
+PKIX_ERRORENTRY(SIGNATURECHECKERINITIALIZEFAILED,pkix_SignatureChecker_Initialize failed,0),
+PKIX_ERRORENTRY(SIGNATURECHECKERSTATECREATEFAILED,pkix_SignatureCheckerState_Create failed,0),
+PKIX_ERRORENTRY(SIGNATUREDIDNOTVERIFYWITHTHEPUBLICKEY,Signature did not verify with the public key,0),
+PKIX_ERRORENTRY(SINGLEPOLICYNODEEQUALSFAILED,PKIX_PL_SinglePolicyNode_Equals failed,0),
+PKIX_ERRORENTRY(SINGLEPOLICYNODEHASHCODEFAILED,pkix_SinglePolicyNode_Hashcode failed,0),
+PKIX_ERRORENTRY(SINGLEPOLICYNODETOSTRINGFAILED,pkix_SinglePolicyNode_ToString failed,0),
+PKIX_ERRORENTRY(SINGLEVERIFYNODEEQUALSFAILED,PKIX_PL_SingleVerifyNode_Equals failed,0),
+PKIX_ERRORENTRY(SINGLEVERIFYNODEHASHCODEFAILED,pkix_SingleVerifyNode_Hashcode failed,0),
+PKIX_ERRORENTRY(SOCKETCONNECTCONTINUEFAILED,pkix_pl_Socket_ConnectContinue failed,0),
+PKIX_ERRORENTRY(SOCKETCONNECTFAILED,pkix_pl_Socket_Connect failed,0),
+PKIX_ERRORENTRY(SOCKETCREATEBYHOSTANDPORTFAILED,pkix_pl_Socket_CreateByHostAndPort failed,0),
+PKIX_ERRORENTRY(SOCKETCREATEBYNAMEFAILED,pkix_pl_Socket_CreateByName failed,0),
+PKIX_ERRORENTRY(SOCKETCREATECLIENTFAILED,pkix_pl_Socket_CreateClient failed,0),
+PKIX_ERRORENTRY(SOCKETCREATEFAILED,pkix_pl_Socket_Create failed,0),
+PKIX_ERRORENTRY(SOCKETCREATESERVERFAILED,pkix_pl_Socket_CreateServer failed,0),
+PKIX_ERRORENTRY(SOCKETEQUALSFAILED,PKIX_PL_Socket_Equals failed,0),
+PKIX_ERRORENTRY(SOCKETGETCALLBACKLISTFAILED,pkix_pl_Socket_GetCallbackList failed,0),
+PKIX_ERRORENTRY(SOCKETGETPRFILEDESCFAILED,pkix_pl_Socket_GetPRFileDesc failed,0),
+PKIX_ERRORENTRY(SOCKETHASHCODEFAILED,PKIX_PL_Socket_Hashcode failed,0),
+PKIX_ERRORENTRY(SOCKETPOLLFAILED,pkix_pl_Socket_Poll failed,0),
+PKIX_ERRORENTRY(SOCKETRECVFAILED,pkix_pl_Socket_Recv failed,0),
+PKIX_ERRORENTRY(SOCKETSENDFAILED,pkix_pl_Socket_Send failed,0),
+PKIX_ERRORENTRY(SOCKETSETNONBLOCKINGFAILED,pkix_pl_Socket_SetNonBlocking failed,0),
+PKIX_ERRORENTRY(SOURCESTRINGHASINVALIDLENGTH,Source string has invalid length,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(SPRINTFFAILED,PKIX_PL_Sprintf failed,0),
+PKIX_ERRORENTRY(STRINGCOMPARATORFAILED,pkix_pl_String_Comparator failed,0),
+PKIX_ERRORENTRY(STRINGCREATEFAILED,PKIX_PL_String_Create failed,0),
+PKIX_ERRORENTRY(STRINGEQUALSFAILED,pkix_pl_String_Equals failed,0),
+PKIX_ERRORENTRY(STRINGGETENCODEDFAILED,PKIX_PL_String_GetEncoded failed,0),
+PKIX_ERRORENTRY(STRINGHASHCODEFAILED,pkix_pl_String_Hashcode failed,0),
+PKIX_ERRORENTRY(SUBJALTNAMECHECKFAILED,Validation failed: SubjAltNamecheck failed,0),
+PKIX_ERRORENTRY(TARGETCERTCHECKERINITIALIZEFAILED,pkix_TargetCertChecker_Initialize failed,0),
+PKIX_ERRORENTRY(TARGETCERTCHECKERSTATECREATEFAILED,pkix_TargetCertCheckerState_Create failed,0),
+PKIX_ERRORENTRY(TESTANOTHERERRORMESSAGE, Another Error Message,0),
+PKIX_ERRORENTRY(TESTERRORMESSAGE, Error Message,0),
+PKIX_ERRORENTRY(TESTNOMATCHINGPOLICY, No Matching Policy,0),
+PKIX_ERRORENTRY(TESTNOTANERRORCRLSELECTMISMATCH, Not an error CRL Select mismatch,0),
+PKIX_ERRORENTRY(TESTPOLICYEXTWITHNOPOLICYQUALIFIERS, Policies extension but no Policy Qualifiers,0),
+PKIX_ERRORENTRY(TIMECONSUMEDEXCEEDSRESOURCELIMITS,Time consumed exceeds Resource Limits,SEC_ERROR_OUT_OF_SEARCH_LIMITS),
+PKIX_ERRORENTRY(TOOLITTLEDATAINDERSEQUENCE,Too little data in DER Sequence,0),
+PKIX_ERRORENTRY(TOOMUCHDATAINDERSEQUENCE,Too much data in DER Sequence,0),
+PKIX_ERRORENTRY(TOSTRINGFORTHISGENERALNAMETYPENOTSUPPORTED,ToString for this GeneralName type not supported,0),
+PKIX_ERRORENTRY(TRUNCATEDUNICODEINESCAPEDASCII,Truncated Unicode in EscapedASCII,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(TRUSTANCHORCREATEWITHCERTFAILED,PKIX_TrustAnchor_CreateWithCert failed,0),
+PKIX_ERRORENTRY(TRUSTANCHORGETCANAMEFAILED,PKIX_TrustAnchor_GetCAName failed,0),
+PKIX_ERRORENTRY(TRUSTANCHORGETCAPUBLICKEYFAILED,PKIX_TrustAnchor_GetCAPublicKey failed,0),
+PKIX_ERRORENTRY(TRUSTANCHORGETNAMECONSTRAINTSFAILED,PKIX_TrustAnchor_GetNameConstraints failed,0),
+PKIX_ERRORENTRY(TRUSTANCHORGETTRUSTEDCERTFAILED,PKIX_TrustAnchor_GetTrustedCert failed,0),
+PKIX_ERRORENTRY(TRUSTANCHORTOCERTFAILED,Fail to convert trust anchor to cert,0),
+PKIX_ERRORENTRY(TYPEALREADYREGISTERED,Type is already registered,0),
+PKIX_ERRORENTRY(UNABLETOADDACCEPTABLERESPONSESTOREQUEST,Unable to add acceptableResponses to request,0),
+PKIX_ERRORENTRY(UNABLETOADDCERTTOCERTLIST,Unable to add Cert to CertList,0),
+PKIX_ERRORENTRY(UNABLETOBUILDCHAIN,Unable to build chain,0),
+PKIX_ERRORENTRY(UNABLETOCREATECERTOCSPREQUEST,Unable to create a CertOCSPRequest,0),
+PKIX_ERRORENTRY(UNABLETOCREATECRLSTRING,Unable to create crlString,0),
+PKIX_ERRORENTRY(UNABLETOCREATEGENERALNAMEOFTHISTYPE,Unable to create GeneralName of this type,0),
+PKIX_ERRORENTRY(UNABLETOCREATEISSUER,Unable to create Issuer,0),
+PKIX_ERRORENTRY(UNABLETOCREATELIST,Unable to create list,0),
+PKIX_ERRORENTRY(UNABLETOCREATENEWCERTLIST,Unable to create a new CertList,0),
+PKIX_ERRORENTRY(UNABLETOCREATEPSTRING,Unable to create pString,0),
+PKIX_ERRORENTRY(UNABLETOFINDSTATUSINOCSPRESPONSE,Unable to find status in OCSP response,SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS),
+PKIX_ERRORENTRY(UNABLETOMAKELISTIMMUTABLE,Unable to make list immutable,0),
+PKIX_ERRORENTRY(UNABLETOOPENCERTFILE,Unable to open cert file,0),
+PKIX_ERRORENTRY(UNABLETOOPENCRLFILE,Unable to open crl file,0),
+PKIX_ERRORENTRY(UNABLETOPARSEOCSPRESPONSE,Unable to parse OCSP response,SEC_ERROR_OCSP_MALFORMED_RESPONSE),
+PKIX_ERRORENTRY(UNABLETOREADDERFROMCERTFILE,Unable to read DER from cert file,0),
+PKIX_ERRORENTRY(UNABLETOREADDERFROMCRLFILE,Unable to read DER from crl file,0),
+PKIX_ERRORENTRY(UNABLETOSETSOCKETTONONBLOCKING,Unable to set socket to non-blocking I/O,0),
+PKIX_ERRORENTRY(UNDEFINEDCALLBACK,Undefined callback,0),
+PKIX_ERRORENTRY(UNDEFINEDCLASSTABLEENTRY,Undefined class table entry,0),
+PKIX_ERRORENTRY(UNDEFINEDCOMPARATOR,Undefined Comparator,0),
+PKIX_ERRORENTRY(UNDEFINEDDUPLICATEFUNCTION,Undefined Duplicate function,0),
+PKIX_ERRORENTRY(UNDEFINEDEQUALSCALLBACK,Undefined equals callback,0),
+PKIX_ERRORENTRY(UNEXPECTEDERRORINESTABLISHINGCONNECTION,Unexpected error in establishing connection,0),
+PKIX_ERRORENTRY(UNEXPECTEDRESULTCODEINRESPONSE,Unexpected result code in Response,SEC_ERROR_BAD_LDAP_RESPONSE),
+PKIX_ERRORENTRY(UNKNOWNFORMAT,Unknown format,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(UNKNOWNINFOACCESSMETHOD,Unknown InfoAccess method,SEC_ERROR_BAD_INFO_ACCESS_METHOD),
+PKIX_ERRORENTRY(UNKNOWNOBJECTOID,Unknown object OID,0),
+PKIX_ERRORENTRY(UNKNOWNOBJECTTYPE,Unknown object type,0),
+PKIX_ERRORENTRY(UNKNOWNTYPEARGUMENT,Unknown type argument,0),
+PKIX_ERRORENTRY(UNLOCKOBJECTFAILED,pkix_UnlockObject failed,0),
+PKIX_ERRORENTRY(UNRECOGNIZEDCRITICALEXTENSION,Unrecognized Critical Extension,SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION),
+PKIX_ERRORENTRY(UNRECOGNIZEDCRLENTRYCRITICALEXTENSION,Unrecognized CRLEntry Critical Extension,SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION),
+PKIX_ERRORENTRY(UNRECOGNIZEDPROTOCOLREQUESTED,Unrecognized protocol requested,0),
+PKIX_ERRORENTRY(UNRECOGNIZEDREQUESTMETHOD,Unrecognized request method,0),
+PKIX_ERRORENTRY(UNRECOGNIZEDTIMETYPE,Unrecognized time type,0),
+PKIX_ERRORENTRY(UNSUPPORTEDCRLDPTYPE,CrlDp type is not supported,0),
+PKIX_ERRORENTRY(UNSUPPORTEDVERSIONOFHTTPCLIENT,Unsupported version of Http Client,0),
+PKIX_ERRORENTRY(UNSUPPORTEDCERTUSAGE,Specified certificate usage is unsupported,SEC_ERROR_CERT_USAGES_INVALID),
+PKIX_ERRORENTRY(URLPARSINGFAILED,URL Parsing failed,0),
+PKIX_ERRORENTRY(USERCHECKERCHECKFAILED,userCheckerCheck failed,0),
+PKIX_ERRORENTRY(UTF16ALIGNMENTERROR,UTF16 Alignment Error,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(UTF16HIGHZONEALIGNMENTERROR,UTF16 High Zone Alignment Error,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(UTF16LOWZONEERROR,UTF16 Low Zone Error,SEC_ERROR_INVALID_ARGS),
+PKIX_ERRORENTRY(UTF16TOESCASCIIFAILED,pkix_UTF16_to_EscASCII failed,0),
+PKIX_ERRORENTRY(UTF16TOUTF8FAILED,pkix_UTF16_to_UTF8 failed,0),
+PKIX_ERRORENTRY(UTF8TOUTF16FAILED,pkix_UTF8_to_UTF16 failed,0),
+PKIX_ERRORENTRY(VALIDATEBUILDUSEROIDSFAILED,pkix_Validate_BuildUserOIDs failed,0),
+PKIX_ERRORENTRY(VALIDATECERTCHAINFAILED,Failed to validate cert chain,0),
+PKIX_ERRORENTRY(VALIDATECHAINFAILED,PKIX_ValidateChain failed,0),
+PKIX_ERRORENTRY(VALIDATEPARAMSGETCERTCHAINFAILED,PKIX_ValidateParams_GetCertChain failed,0),
+PKIX_ERRORENTRY(VALIDATEPARAMSGETPROCESSINGPARAMSFAILED,PKIX_ValidateParams_GetProcessingParams failed,0),
+PKIX_ERRORENTRY(VALIDATERESULTCREATEFAILED,pkix_ValidateResult_Create failed,0),
+PKIX_ERRORENTRY(VALIDATERESULTGETPOLICYTREEFAILED,PKIX_ValidateResult_GetPolicyTree failed,0),
+PKIX_ERRORENTRY(VALIDATERESULTGETTRUSTANCHORFAILED,PKIX_ValidateResult_GetTrustAnchor failed,0),
+PKIX_ERRORENTRY(VALIDATIONFAILEDCERTSIGNATURECHECKING,Validation failed: Cert Signature checking,0),
+PKIX_ERRORENTRY(VALIDATIONFAILEDNULLCERTPOINTER,Validation failed: NULL Cert pointer,0),
+PKIX_ERRORENTRY(VALIDATIONFAILEDPATHTONAMECHECKFAILED,Validation failed: PathToName check failed,SEC_ERROR_CERT_NOT_IN_NAME_SPACE),
+PKIX_ERRORENTRY(VALUEINESCAPEDASCII,value in EscapedASCII,0),
+PKIX_ERRORENTRY(VERIFYNODEADDTOCHAINFAILED,pkix_VerifyNode_AddToChain failed,0),
+PKIX_ERRORENTRY(VERIFYNODEADDTOTREEFAILED,pkix_VerifyNode_AddToTree failed,0),
+PKIX_ERRORENTRY(VERIFYNODECREATEFAILED,pkix_VerifyNode_Create failed,0),
+PKIX_ERRORENTRY(VERIFYNODEDUPLICATEHELPERFAILED,pkix_VerifyNode_DuplicateHelper failed,0),
+PKIX_ERRORENTRY(VERIFYNODEFINDERRORFAILED,pkix_VerifyNode_FindError failed,0),
+PKIX_ERRORENTRY(VERIFYNODESETDEPTHFAILED,pkix_VerifyNode_SetDepth failed,0),
+PKIX_ERRORENTRY(VERIFYNODESETERRORFAILED,pkix_VerifyNode_SetError failed,0),
+PKIX_ERRORENTRY(VERSIONVALUEMUSTBEV1ORV2,Version value must be V1(0) or V2(1),SEC_ERROR_CRL_INVALID),
+PKIX_ERRORENTRY(VERSIONVALUEMUSTBEV1V2ORV3,Version value must be v1(0) v2(1) or v3(2),SEC_ERROR_CERT_VALID),
+PKIX_ERRORENTRY(X500NAMECOMPAREDERBYTESFAILED,pkix_pl_X500Name_CompareDERBytes failed,0),
+PKIX_ERRORENTRY(X500NAMECREATEFAILED,PKIX_PL_X500Name_Create failed,0),
+PKIX_ERRORENTRY(X500NAMECREATEFROMCERTNAMEFAILED,pkix_pl_X500Name_CreateFromCERTName failed,0),
+PKIX_ERRORENTRY(X500NAMECREATEFROMUTF8FAILED,pkix_pl_X500Name_CreateFromUtf8 failed,0),
+PKIX_ERRORENTRY(X500NAMEEQUALSFAILED,PKIX_PL_X500Name_Equals failed,0),
+PKIX_ERRORENTRY(X500NAMEGETCOMMONNAMEFAILED,pkix_pl_X500Name_GetCommonName failed,0),
+PKIX_ERRORENTRY(X500NAMEGETCOUNTRYNAMEFAILED,pkix_pl_X500Name_GetCountryName failed,0),
+PKIX_ERRORENTRY(X500NAMEGETORGNAMEFAILED,pkix_pl_X500Name_GetOrgName failed,0),
+PKIX_ERRORENTRY(X500NAMEGETSECNAMEFAILED,pkix_pl_X500Name_GetSECName failed,0),
+PKIX_ERRORENTRY(X500NAMEHASHCODEFAILED,PKIX_PL_X500Name_Hashcode failed,0),
+PKIX_ERRORENTRY(X500NAMEMATCHFAILED,PKIX_PL_X500Name_Match failed,0),
+PKIX_ERRORENTRY(X500NAMETOSTRINGFAILED,PKIX_PL_X500Name_ToString failed,0),
+PKIX_ERRORENTRY(ZEROLENGTHBYTEARRAYFORCRLENCODING,Zero-length ByteArray for CRL encoding,0),
+PKIX_ERRORENTRY(INVALIDOCSPHTTPMETHOD,Unsupported HTTP Method for OCSP retrieval,0),
+PKIX_ERRORENTRY(OCSPGETREQUESTTOOBIG,OCSP request too big for HTTP GET method,0),
+PKIX_ERRORENTRY(CERTISBLACKLISTEDATISSUANCETIME,Issuer Certificate is distrusted at the time the subordinate certifiate was issued,SEC_ERROR_UNTRUSTED_ISSUER)
diff --git a/security/nss/lib/libpkix/include/pkix_params.h b/security/nss/lib/libpkix/include/pkix_params.h
new file mode 100755
index 000000000..a4d8e485c
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_params.h
@@ -0,0 +1,1793 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the various parameters used
+ * by the top-level functions.
+ *
+ */
+
+#ifndef _PKIX_PARAMS_H
+#define _PKIX_PARAMS_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_ProcessingParams
+ *
+ * PKIX_ProcessingParams are parameters used when validating or building a
+ * chain of certificates. Using the parameters, the caller can specify several
+ * things, including the various inputs to the PKIX chain validation
+ * algorithm (such as trust anchors, initial policies, etc), any customized
+ * functionality (such as CertChainCheckers, RevocationCheckers, CertStores),
+ * and whether revocation checking should be disabled.
+ *
+ * Once the caller has created the ProcessingParams object, the caller then
+ * passes it to PKIX_ValidateChain or PKIX_BuildChain, which uses it to call
+ * the user's callback functions as needed during the validation or building
+ * process.
+ *
+ * If a parameter is not set (or is set to NULL), it will be set to the
+ * default value for that parameter. The default value for the Date parameter
+ * is NULL, which indicates the current time when the path is validated. The
+ * default for the remaining parameters is the least constrained.
+ */
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ProcessingParams object. Trust anchor list is set to
+ * newly created empty list of trust. In this case trust anchors will
+ * be taken from provided cert store. Pointed to the created
+ * ProcessingParams object is stored in "pParams".
+ *
+ * PARAMETERS:
+ * "anchors"
+ * Address of List of (non-empty) TrustAnchors to be used.
+ * Must be non-NULL.
+ * "pParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_Create(
+ PKIX_ProcessingParams **pParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetCertChainCheckers
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of CertChainCheckers (if any) that are set
+ * in the ProcessingParams pointed to by "params" and stores it at
+ * "pCheckers". Each CertChainChecker represents a custom certificate
+ * validation check used by PKIX_ValidateChain or PKIX_BuildChain as needed
+ * during the validation or building process. If "params" does not have any
+ * CertChainCheckers, this function stores an empty List at "pCheckers".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of CertChainCheckers (if any)
+ * are to be stored. Must be non-NULL.
+ * "pCheckers"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetCertChainCheckers(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pCheckers, /* list of PKIX_CertChainChecker */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetCertChainCheckers
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a List of
+ * CertChainCheckers pointed to by "checkers". Each CertChainChecker
+ * represents a custom certificate validation check used by
+ * PKIX_ValidateChain or PKIX_BuildChain as needed during the validation or
+ * building process. If "checkers" is NULL, no CertChainCheckers will be used.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of CertChainCheckers is to be
+ * set. Must be non-NULL.
+ * "checkers"
+ * Address of List of CertChainCheckers to be set. If NULL, no
+ * CertChainCheckers will be used.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params" and "checkers"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetCertChainCheckers(
+ PKIX_ProcessingParams *params,
+ PKIX_List *checkers, /* list of PKIX_CertChainChecker */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_AddCertChainChecker
+ * DESCRIPTION:
+ *
+ * Adds the CertChainChecker pointed to by "checker" to the ProcessingParams
+ * pointed to by "params". The CertChainChecker represents a custom
+ * certificate validation check used by PKIX_ValidateChain or PKIX_BuildChain
+ * as needed during the validation or building process.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams to be added to. Must be non-NULL.
+ * "checker"
+ * Address of CertChainChecker to be added. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_AddCertChainChecker(
+ PKIX_ProcessingParams *params,
+ PKIX_CertChainChecker *checker,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the RevocationChecker that are set
+ * in the ProcessingParams pointed to by "params" and stores it at
+ * "pRevChecker". Each RevocationChecker represents a revocation
+ * check used by PKIX_ValidateChain or PKIX_BuildChain as needed during the
+ * validation or building process. If "params" does not have any
+ * RevocationCheckers, this function stores an empty List at "pRevChecker".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of RevocationCheckers
+ * is to be stored. Must be non-NULL.
+ * "pRevChecker"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetRevocationChecker(
+ PKIX_ProcessingParams *params,
+ PKIX_RevocationChecker **pChecker,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a
+ * RevocationChecker pointed to by "revChecker". Revocation
+ * checker object should be created and assigned to processing
+ * parameters before chain build or validation can begin.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of RevocationCheckers is to be
+ * set. Must be non-NULL.
+ * "revChecker"
+ * Address of RevocationChecker to be set. Must be set before chain
+ * building or validation.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetRevocationChecker(
+ PKIX_ProcessingParams *params,
+ PKIX_RevocationChecker *revChecker,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetCertStores
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of CertStores (if any) that are set in the
+ * ProcessingParams pointed to by "params" and stores it at "pStores". Each
+ * CertStore represents a particular repository from which certificates and
+ * CRLs can be retrieved by PKIX_ValidateChain or PKIX_BuildChain as needed
+ * during the validation or building process. If "params" does not have any
+ * CertStores, this function stores an empty List at "pStores".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of CertStores (if any) are to
+ * be stored. Must be non-NULL.
+ * "pStores"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetCertStores(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pStores, /* list of PKIX_CertStore */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetCertStores
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a List of CertStores
+ * pointed to by "stores". Each CertStore represents a particular repository
+ * from which certificates and CRLs can be retrieved by PKIX_ValidateChain or
+ * PKIX_BuildChain as needed during the validation or building process. If
+ * "stores" is NULL, no CertStores will be used.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of CertStores is to be set.
+ * Must be non-NULL.
+ * "stores"
+ * Address of List of CertStores to be set. If NULL, no CertStores will
+ * be used.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetCertStores(
+ PKIX_ProcessingParams *params,
+ PKIX_List *stores, /* list of PKIX_CertStore */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_AddCertStore
+ * DESCRIPTION:
+ *
+ * Adds the CertStore pointed to by "store" to the ProcessingParams pointed
+ * to by "params". The CertStore represents a particular repository from
+ * which certificates and CRLs can be retrieved by PKIX_ValidateChain or
+ * PKIX_BuildChain as needed during the validation or building process.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams to be added to. Must be non-NULL.
+ * "store"
+ * Address of CertStore to be added.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_AddCertStore(
+ PKIX_ProcessingParams *params,
+ PKIX_CertStore *store,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetDate
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Date (if any) that is set in the
+ * ProcessingParams pointed to by "params" and stores it at "pDate". The
+ * Date represents the time for which the validation of the certificate chain
+ * should be determined. If "params" does not have any Date set, this function
+ * stores NULL at "pDate".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose Date (if any) is to be stored.
+ * Must be non-NULL.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetDate(
+ PKIX_ProcessingParams *params,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetDate
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a Date pointed to by
+ * "date". The Date represents the time for which the validation of the
+ * certificate chain should be determined. If "date" is NULL, the current
+ * time is used during validation.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose Date is to be set. Must be non-NULL.
+ * "date"
+ * Address of Date to be set. If NULL, current time is used.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetDate(
+ PKIX_ProcessingParams *params,
+ PKIX_PL_Date *date,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetInitialPolicies
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of OIDs (if any) that are set in the
+ * ProcessingParams pointed to by "params" and stores it at "pInitPolicies".
+ * Each OID represents an initial policy identifier, indicating that any
+ * one of these policies would be acceptable to the certificate user for
+ * the purposes of certification path processing. If "params" does not have
+ * any initial policies, this function stores an empty List at
+ * "pInitPolicies".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of OIDs (if any) are to be
+ * stored. Must be non-NULL.
+ * "pInitPolicies"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetInitialPolicies(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pInitPolicies, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetInitialPolicies
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a List of OIDs
+ * pointed to by "initPolicies".
+ *
+ * Each OID represents an initial policy identifier, indicating that any
+ * one of these policies would be acceptable to the certificate user for
+ * the purposes of certification path processing. By default, any policy
+ * is acceptable (i.e. all policies), so a user that wants to allow any
+ * policy as acceptable does not need to call this method. Similarly, if
+ * initPolicies is NULL or points to an empty List, all policies are
+ * acceptable.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of OIDs is to be set.
+ * Must be non-NULL.
+ * "initPolicies"
+ * Address of List of OIDs to be set. If NULL or if pointing to an empty
+ * List, all policies are acceptable.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetInitialPolicies(
+ PKIX_ProcessingParams *params,
+ PKIX_List *initPolicies, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetPolicyQualifiersRejected
+ * DESCRIPTION:
+ *
+ * Checks whether the ProcessingParams pointed to by "params" indicate that
+ * policy qualifiers should be rejected and stores the Boolean result at
+ * "pRejected".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams used to determine whether or not policy
+ * qualifiers should be rejected. Must be non-NULL.
+ * "pRejected"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetPolicyQualifiersRejected(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pRejected,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetPolicyQualifiersRejected
+ * DESCRIPTION:
+ *
+ * Specifies in the ProcessingParams pointed to by "params" whether policy
+ * qualifiers are rejected using the Boolean value of "rejected".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams to be set. Must be non-NULL.
+ * "rejected"
+ * Boolean value indicating whether policy qualifiers are to be rejected.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetPolicyQualifiersRejected(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean rejected,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetTargetCertConstraints
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the CertSelector (if any) that is set in the
+ * ProcessingParams pointed to by "params" and stores it at "pConstraints".
+ * The CertSelector represents the constraints to be placed on the target
+ * certificate. If "params" does not have any CertSelector set, this function
+ * stores NULL at "pConstraints".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose CertSelector (if any) is to be
+ * stored. Must be non-NULL.
+ * "pConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetTargetCertConstraints(
+ PKIX_ProcessingParams *params,
+ PKIX_CertSelector **pConstraints,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetTargetCertConstraints
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a CertSelector
+ * pointed to by "constraints". The CertSelector represents the constraints
+ * to be placed on the target certificate. If "constraints" is NULL, no
+ * constraints are defined.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose CertSelector is to be set.
+ * Must be non-NULL.
+ * "constraints"
+ * Address of CertSelector to be set. If NULL, no constraints are defined.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetTargetCertConstraints(
+ PKIX_ProcessingParams *params,
+ PKIX_CertSelector *constraints,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetTrustAnchors
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of TrustAnchors that are set in
+ * the ProcessingParams pointed to by "params" and stores it at "pAnchors".
+ * If the function succeeds, the pointer to the List is guaranteed to be
+ * non-NULL and the List is guaranteed to be non-empty.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of TrustAnchors are to
+ * be stored. Must be non-NULL.
+ * "pAnchors"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pAnchors, /* list of TrustAnchor */
+ void *plContext);
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors
+ * DESCRIPTION:
+ *
+ * Sets user defined set of trust anchors. The handling of the trust anchors
+ * may be furthered alter via PKIX_ProcessingParams_SetUseOnlyTrustAnchors.
+ * By default, a certificate will be considered invalid if it does not chain
+ * to a trusted anchor from this list.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of TrustAnchors are to
+ * be stored. Must be non-NULL.
+ * "anchors"
+ * Address of the trust anchors list object. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_List *pAnchors, /* list of TrustAnchor */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetUseOnlyTrustAnchors
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Boolean. The boolean value represents
+ * the switch value that is used to identify whether trust anchors, if
+ * specified, should be the exclusive source of trust information.
+ * If the function succeeds, the pointer to the Boolean is guaranteed to be
+ * non-NULL.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams. Must be non-NULL.
+ * "pUseOnlyTrustAnchors"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetUseOnlyTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pUseOnlyTrustAnchors,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors
+ * DESCRIPTION:
+ *
+ * Configures whether trust anchors are used as the exclusive source of trust.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams. Must be non-NULL.
+ * "useOnlyTrustAnchors"
+ * If true, indicates that trust anchors should be used exclusively when
+ * they have been specified via PKIX_ProcessingParams_SetTrustAnchors. A
+ * certificate will be considered invalid if it does not chain to a
+ * trusted anchor from that list.
+ * If false, indicates that the trust anchors are additive to whatever
+ * existing trust stores are configured. A certificate is considered
+ * valid if it chains to EITHER a trusted anchor from that list OR a
+ * certificate marked trusted in a trust store.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetUseOnlyTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean useOnlyTrustAnchors,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetUseAIAForCertFetching
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Boolean. The boolean value represents
+ * the switch value that is used to identify if url in cert AIA extension
+ * may be used for cert fetching.
+ * If the function succeeds, the pointer to the Boolean is guaranteed to be
+ * non-NULL.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams. Must be non-NULL.
+ * "pUseAIA"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetUseAIAForCertFetching(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pUseAIA, /* list of TrustAnchor */
+ void *plContext);
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors
+ * DESCRIPTION:
+ *
+ * Sets switch value that defines if url in cert AIA extension
+ * may be used for cert fetching.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams.
+ * "useAIA"
+ * Address of the trust anchors list object. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetUseAIAForCertFetching(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean useAIA,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetQualifyTargetCert
+ * DESCRIPTION:
+ *
+ * Sets a boolean value that tells if libpkix needs to check that
+ * the target certificate satisfies the conditions set in processing
+ * parameters. Includes but not limited to date, ku and eku checks.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of TrustAnchors are to
+ * be stored. Must be non-NULL.
+ * "qualifyTargetCert"
+ * boolean value if set to true will trigger qualification of the
+ * target certificate.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetQualifyTargetCert(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean qualifyTargetCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetHintCerts
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a List of Certs supplied by the user as a suggested
+ * partial CertChain (subject to verification), that are set in the
+ * ProcessingParams pointed to by "params", and stores it at "pHintCerts".
+ * The List returned may be empty or NULL.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of TrustAnchors are to
+ * be stored. Must be non-NULL.
+ * "pHintCerts"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetHintCerts(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pHintCerts,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetHintCerts
+ * DESCRIPTION:
+ *
+ * Stores a pointer to a List of Certs supplied by the user as a suggested
+ * partial CertChain (subject to verification), as an element in the
+ * ProcessingParams pointed to by "params". The List may be empty or NULL.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose List of HintCerts is to be stored.
+ * Must be non-NULL.
+ * "hintCerts"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetHintCerts(
+ PKIX_ProcessingParams *params,
+ PKIX_List *hintCerts,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetResourceLimits
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ResourceLimits (if any) that is set in the
+ * ProcessingParams pointed to by "params" and stores it at "pResourceLimits".
+ * The ResourceLimits represent the maximum resource usage that the caller
+ * desires (such as MaxTime). The ValidateChain or BuildChain call will not
+ * exceed these maximum limits. If "params" does not have any ResourceLimits
+ * set, this function stores NULL at "pResourceLimits".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose ResourceLimits (if any) are to be
+ * stored. Must be non-NULL.
+ * "pResourceLimits"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetResourceLimits(
+ PKIX_ProcessingParams *params,
+ PKIX_ResourceLimits **pResourceLimits,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetResourceLimits
+ * DESCRIPTION:
+ *
+ * Sets the ProcessingParams pointed to by "params" with a ResourceLimits
+ * object pointed to by "resourceLimits". The ResourceLimits represent the
+ * maximum resource usage that the caller desires (such as MaxTime). The
+ * ValidateChain or BuildChain call will not exceed these maximum limits.
+ * If "resourceLimits" is NULL, no ResourceLimits are defined.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams whose ResourceLimits are to be set.
+ * Must be non-NULL.
+ * "resourceLimits"
+ * Address of ResourceLimits to be set. If NULL, no limits are defined.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetResourceLimits(
+ PKIX_ProcessingParams *params,
+ PKIX_ResourceLimits *resourceLimits,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_IsAnyPolicyInhibited
+ * DESCRIPTION:
+ *
+ * Checks whether the ProcessingParams pointed to by "params" indicate that
+ * anyPolicy is inhibited and stores the Boolean result at "pInhibited".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams used to determine whether or not anyPolicy
+ * inhibited. Must be non-NULL.
+ * "pInhibited"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_IsAnyPolicyInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pInhibited,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetAnyPolicyInhibited
+ * DESCRIPTION:
+ *
+ * Specifies in the ProcessingParams pointed to by "params" whether anyPolicy
+ * is inhibited using the Boolean value of "inhibited".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams to be set. Must be non-NULL.
+ * "inhibited"
+ * Boolean value indicating whether anyPolicy is to be inhibited.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetAnyPolicyInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean inhibited,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_IsExplicitPolicyRequired
+ * DESCRIPTION:
+ *
+ * Checks whether the ProcessingParams pointed to by "params" indicate that
+ * explicit policies are required and stores the Boolean result at
+ * "pRequired".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams used to determine whether or not explicit
+ * policies are required. Must be non-NULL.
+ * "pRequired"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_IsExplicitPolicyRequired(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pRequired,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetExplicitPolicyRequired
+ * DESCRIPTION:
+ *
+ * Specifies in the ProcessingParams pointed to by "params" whether explicit
+ * policies are required using the Boolean value of "required".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams to be set. Must be non-NULL.
+ * "required"
+ * Boolean value indicating whether explicit policies are to be required.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetExplicitPolicyRequired(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean required,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_IsPolicyMappingInhibited
+ * DESCRIPTION:
+ *
+ * Checks whether the ProcessingParams pointed to by "params" indicate that
+ * policyMapping is inhibited and stores the Boolean result at "pInhibited".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams used to determine whether or not policy
+ * mappings are inhibited. Must be non-NULL.
+ * "pInhibited"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_IsPolicyMappingInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pInhibited,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetPolicyMappingInhibited
+ * DESCRIPTION:
+ *
+ * Specifies in the ProcessingParams pointed to by "params" whether policy
+ * mapping is inhibited using the Boolean value of "inhibited".
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ProcessingParams to be set. Must be non-NULL.
+ * "inhibited"
+ * Boolean value indicating whether policy mapping is to be inhibited.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetPolicyMappingInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean inhibited,
+ void *plContext);
+
+
+/* PKIX_ValidateParams
+ *
+ * PKIX_ValidateParams consists of a ProcessingParams object as well as the
+ * List of Certs (certChain) that the caller is trying to validate.
+ */
+
+/*
+ * FUNCTION: PKIX_ValidateParams_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ValidateParams object and stores it at "pParams".
+ *
+ * PARAMETERS:
+ * "procParams"
+ * Address of ProcessingParams to be used. Must be non-NULL.
+ * "chain"
+ * Address of List of Certs (certChain) to be validated. Must be non-NULL.
+ * "pParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateParams_Create(
+ PKIX_ProcessingParams *procParams,
+ PKIX_List *chain,
+ PKIX_ValidateParams **pParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ValidateParams_GetProcessingParams
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the ProcessingParams that represent the basic
+ * certificate processing parameters used during chain validation and chain
+ * building from the ValidateParams pointed to by "valParams" and stores it
+ * at "pProcParams". If the function succeeds, the pointer to the
+ * ProcessingParams is guaranteed to be non-NULL.
+ *
+ * PARAMETERS:
+ * "valParams"
+ * Address of ValidateParams whose ProcessingParams are to be stored.
+ * Must be non-NULL.
+ * "pProcParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateParams_GetProcessingParams(
+ PKIX_ValidateParams *valParams,
+ PKIX_ProcessingParams **pProcParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ValidateParams_GetCertChain
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of Certs (certChain) that is set in the
+ * ValidateParams pointed to by "valParams" and stores it at "pChain". If the
+ * function succeeds, the pointer to the CertChain is guaranteed to be
+ * non-NULL.
+ *
+ * PARAMETERS:
+ * "valParams"
+ * Address of ValidateParams whose CertChain is to be stored.
+ * Must be non-NULL.
+ * "pChain"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateParams_GetCertChain(
+ PKIX_ValidateParams *valParams,
+ PKIX_List **pChain,
+ void *plContext);
+
+/* PKIX_TrustAnchor
+ *
+ * A PKIX_TrustAnchor represents a trusted entity and can be specified using a
+ * self-signed certificate or using the trusted CA's name and public key. In
+ * order to limit the trust in the trusted entity, name constraints can also
+ * be imposed on the trust anchor.
+ */
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_CreateWithCert
+ * DESCRIPTION:
+ *
+ * Creates a new TrustAnchor object using the Cert pointed to by "cert" as
+ * the trusted certificate and stores it at "pAnchor". Once created, a
+ * TrustAnchor is immutable.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert to use as trusted certificate. Must be non-NULL.
+ * "pAnchor"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_TrustAnchor_CreateWithCert(
+ PKIX_PL_Cert *cert,
+ PKIX_TrustAnchor **pAnchor,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_CreateWithNameKeyPair
+ * DESCRIPTION:
+ *
+ * Creates a new TrustAnchor object using the X500Name pointed to by "name",
+ * and the PublicKey pointed to by "pubKey" and stores it at "pAnchor". The
+ * CertNameConstraints pointed to by "nameConstraints" (if any) are used to
+ * limit the trust placed in this trust anchor. To indicate that name
+ * constraints don't apply, set "nameConstraints" to NULL. Once created, a
+ * TrustAnchor is immutable.
+ *
+ * PARAMETERS:
+ * "name"
+ * Address of X500Name to use as name of trusted CA. Must be non-NULL.
+ * "pubKey"
+ * Address of PublicKey to use as trusted public key. Must be non-NULL.
+ * "nameConstraints"
+ * Address of CertNameConstraints to use as initial name constraints.
+ * If NULL, no name constraints are applied.
+ * "pAnchor"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_TrustAnchor_CreateWithNameKeyPair(
+ PKIX_PL_X500Name *name,
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_TrustAnchor **pAnchor,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetTrustedCert
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Cert that is set in the TrustAnchor pointed to
+ * by "anchor" and stores it at "pCert". If "anchor" does not have a Cert
+ * set, this function stores NULL at "pCert".
+ *
+ * PARAMETERS:
+ * "anchor"
+ * Address of TrustAnchor whose Cert is to be stored. Must be non-NULL.
+ * "pChain"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetTrustedCert(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_Cert **pCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetCAName
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the CA's X500Name (if any) that is set in the
+ * TrustAnchor pointed to by "anchor" and stores it at "pCAName". If "anchor"
+ * does not have an X500Name set, this function stores NULL at "pCAName".
+ *
+ * PARAMETERS:
+ * "anchor"
+ * Address of TrustAnchor whose CA Name is to be stored. Must be non-NULL.
+ * "pCAName"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetCAName(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_X500Name **pCAName,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetCAPublicKey
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the CA's PublicKey (if any) that is set in the
+ * TrustAnchor pointed to by "anchor" and stores it at "pPubKey". If "anchor"
+ * does not have a PublicKey set, this function stores NULL at "pPubKey".
+ *
+ * PARAMETERS:
+ * "anchor"
+ * Address of TrustAnchor whose CA PublicKey is to be stored.
+ * Must be non-NULL.
+ * "pPubKey"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetCAPublicKey(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_PublicKey **pPubKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetNameConstraints
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the CertNameConstraints (if any) set in the
+ * TrustAnchor pointed to by "anchor" and stores it at "pConstraints". If
+ * "anchor" does not have any CertNameConstraints set, this function stores
+ * NULL at "pConstraints".
+ *
+ * PARAMETERS:
+ * "anchor"
+ * Address of TrustAnchor whose CertNameConstraints are to be stored.
+ * Must be non-NULL.
+ * "pConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Params Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetNameConstraints(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext);
+
+/* PKIX_ResourceLimits
+ *
+ * A PKIX_ResourceLimits object represents the maximum resource usage that
+ * the caller desires. The ValidateChain or BuildChain call
+ * will not exceed these maximum limits. For example, the caller may want
+ * a timeout value of 1 minute, meaning that if the ValidateChain or
+ * BuildChain function is unable to finish in 1 minute, it should abort
+ * with an Error.
+ */
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ResourceLimits object and stores it at "pResourceLimits".
+ *
+ * PARAMETERS:
+ * "pResourceLimits"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_Create(
+ PKIX_ResourceLimits **pResourceLimits,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxTime
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the maximum time that is
+ * set in the ResourceLimits object pointed to by "resourceLimits" and stores
+ * it at "pMaxTime". This maximum time (in seconds) should not be exceeded
+ * by the function whose ProcessingParams contain this ResourceLimits object
+ * (typically ValidateChain or BuildChain). It essentially functions as a
+ * time-out value and is only appropriate if blocking I/O is being used.
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum time (in seconds) is
+ * to be stored. Must be non-NULL.
+ * "pMaxTime"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxTime(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 *pMaxTime,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxTime
+ * DESCRIPTION:
+ *
+ * Sets the maximum time of the ResourceLimits object pointed to by
+ * "resourceLimits" using the PKIX_UInt32 value of "maxTime". This
+ * maximum time (in seconds) should not be exceeded by the function
+ * whose ProcessingParams contain this ResourceLimits object
+ * (typically ValidateChain or BuildChain). It essentially functions as a
+ * time-out value and is only appropriate if blocking I/O is being used.
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum time (in seconds) is
+ * to be set. Must be non-NULL.
+ * "maxTime"
+ * Value of PKIX_UInt32 representing the maximum time (in seconds)
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxTime(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 maxTime,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxFanout
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the maximum fanout that is
+ * set in the ResourceLimits object pointed to by "resourceLimits" and stores
+ * it at "pMaxFanout". This maximum fanout (number of certs) should not be
+ * exceeded by the function whose ProcessingParams contain this ResourceLimits
+ * object (typically ValidateChain or BuildChain). If the builder encounters
+ * more than this maximum number of certificates when searching for the next
+ * candidate certificate, it should abort and return an error. This
+ * parameter is only relevant for ValidateChain if it needs to internally call
+ * BuildChain (e.g. in order to build the chain to a CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum fanout (number of certs)
+ * is to be stored. Must be non-NULL.
+ * "pMaxFanout"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxFanout(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 *pMaxFanout,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxFanout
+ * DESCRIPTION:
+ *
+ * Sets the maximum fanout of the ResourceLimits object pointed to by
+ * "resourceLimits" using the PKIX_UInt32 value of "maxFanout". This maximum
+ * fanout (number of certs) should not be exceeded by the function whose
+ * ProcessingParams contain this ResourceLimits object (typically ValidateChain
+ * or BuildChain). If the builder encounters more than this maximum number of
+ * certificates when searching for the next candidate certificate, it should
+ * abort and return an Error. This parameter is only relevant for ValidateChain
+ * if it needs to internally call BuildChain (e.g. in order to build the
+ * chain to a CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum fanout (number of certs)
+ * is to be set. Must be non-NULL.
+ * "maxFanout"
+ * Value of PKIX_UInt32 representing the maximum fanout (number of certs)
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxFanout(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 maxFanout,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxDepth
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the maximum depth that is
+ * set in the ResourceLimits object pointed to by "resourceLimits" and stores
+ * it at "pMaxDepth". This maximum depth (number of certs) should not be
+ * exceeded by the function whose ProcessingParams contain this ResourceLimits
+ * object (typically ValidateChain or BuildChain). If the builder encounters
+ * more than this maximum number of certificates when searching for the next
+ * candidate certificate, it should abort and return an error. This
+ * parameter is only relevant for ValidateChain if it needs to internally call
+ * BuildChain (e.g. in order to build the chain to a CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum depth (number of certs)
+ * is to be stored. Must be non-NULL.
+ * "pMaxDepth"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxDepth(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 *pMaxDepth,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxDepth
+ * DESCRIPTION:
+ *
+ * Sets the maximum depth of the ResourceLimits object pointed to by
+ * "resourceLimits" using the PKIX_UInt32 value of "maxDepth". This maximum
+ * depth (number of certs) should not be exceeded by the function whose
+ * ProcessingParams contain this ResourceLimits object (typically ValidateChain
+ * or BuildChain). If the builder encounters more than this maximum number of
+ * certificates when searching for the next candidate certificate, it should
+ * abort and return an Error. This parameter is only relevant for ValidateChain
+ * if it needs to internally call BuildChain (e.g. in order to build the
+ * chain to a CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum depth (number of certs)
+ * is to be set. Must be non-NULL.
+ * "maxDepth"
+ * Value of PKIX_UInt32 representing the maximum depth (number of certs)
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxDepth(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 maxDepth,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxNumberOfCerts
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the maximum number of traversed
+ * certs that is set in the ResourceLimits object pointed to by "resourceLimits"
+ * and stores it at "pMaxNumber". This maximum number of traversed certs should
+ * not be exceeded by the function whose ProcessingParams contain this ResourceLimits
+ * object (typically ValidateChain or BuildChain). If the builder traverses more
+ * than this number of certs during the build process, it should abort and
+ * return an Error. This parameter is only relevant for ValidateChain if it
+ * needs to internally call BuildChain (e.g. in order to build the chain to a
+ * CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum number of traversed certs
+ * is to be stored. Must be non-NULL.
+ * "pMaxNumber"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxNumberOfCerts(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 *pMaxNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxNumberOfCerts
+ * DESCRIPTION:
+ *
+ * Sets the maximum number of traversed certs of the ResourceLimits object
+ * pointed to by "resourceLimits" using the PKIX_UInt32 value of "maxNumber".
+ * This maximum number of traversed certs should not be exceeded by the function
+ * whose ProcessingParams contain this ResourceLimits object (typically ValidateChain
+ * or BuildChain). If the builder traverses more than this number of certs
+ * during the build process, it should abort and return an Error. This parameter
+ * is only relevant for ValidateChain if it needs to internally call BuildChain
+ * (e.g. in order to build the chain to a CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum number of traversed certs
+ * is to be set. Must be non-NULL.
+ * "maxNumber"
+ * Value of PKIX_UInt32 representing the maximum number of traversed certs
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxNumberOfCerts(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 maxNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxNumberOfCRLs
+ * DESCRIPTION:
+ *
+ * Retrieves a PKIX_UInt32 (if any) representing the maximum number of traversed
+ * CRLs that is set in the ResourceLimits object pointed to by "resourceLimits"
+ * and stores it at "pMaxNumber". This maximum number of traversed CRLs should
+ * not be exceeded by the function whose ProcessingParams contain this ResourceLimits
+ * object (typically ValidateChain or BuildChain). If the builder traverses more
+ * than this number of CRLs during the build process, it should abort and
+ * return an Error. This parameter is only relevant for ValidateChain if it
+ * needs to internally call BuildChain (e.g. in order to build the chain to a
+ * CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum number of traversed CRLs
+ * is to be stored. Must be non-NULL.
+ * "pMaxNumber"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxNumberOfCRLs(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 *pMaxNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxNumberOfCRLs
+ * DESCRIPTION:
+ *
+ * Sets the maximum number of traversed CRLs of the ResourceLimits object
+ * pointed to by "resourceLimits" using the PKIX_UInt32 value of "maxNumber".
+ * This maximum number of traversed CRLs should not be exceeded by the function
+ * whose ProcessingParams contain this ResourceLimits object (typically ValidateChain
+ * or BuildChain). If the builder traverses more than this number of CRLs
+ * during the build process, it should abort and return an Error. This parameter
+ * is only relevant for ValidateChain if it needs to internally call BuildChain
+ * (e.g. in order to build the chain to a CRL's issuer).
+ *
+ * PARAMETERS:
+ * "resourceLimits"
+ * Address of ResourceLimits object whose maximum number of traversed CRLs
+ * is to be set. Must be non-NULL.
+ * "maxNumber"
+ * Value of PKIX_UInt32 representing the maximum number of traversed CRLs
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "params"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ResourceLimits Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxNumberOfCRLs(
+ PKIX_ResourceLimits *resourceLimits,
+ PKIX_UInt32 maxNumber,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PARAMS_H */
diff --git a/security/nss/lib/libpkix/include/pkix_pl_pki.h b/security/nss/lib/libpkix/include/pkix_pl_pki.h
new file mode 100755
index 000000000..0a449b94a
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_pl_pki.h
@@ -0,0 +1,2735 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines several platform independent functions to
+ * manipulate certificates and CRLs in a portable manner.
+ *
+ */
+
+#ifndef _PKIX_PL_PKI_H
+#define _PKIX_PL_PKI_H
+
+#include "pkixt.h"
+#include "seccomon.h"
+#include "certt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/*
+ * Cert
+ *
+ * A Cert represents an X.509 certificate. It can be created using the bytes
+ * of a valid ASN.1 DER encoding. Once created, a Cert is immutable. The
+ * following functions include accessors (gettors) for the various components
+ * of an X.509 certificate. Also included are functions to perform various
+ * checks on a certificate, including name constraints, key usage, validity
+ * (expiration), and signature verification.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_Cert_Create
+ * DESCRIPTION:
+ *
+ * Creates a new certificate using the bytes in the ByteArray pointed to by
+ * "byteArray" and stores it at "pCert". If the bytes are not a valid ASN.1
+ * DER encoding of a certificate, a PKIX_Error pointer is returned. Once
+ * created, a Cert is immutable.
+ *
+ * Certificate ::= SEQUENCE {
+ * tbsCertificate TBSCertificate,
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signatureValue BIT STRING }
+ *
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL }
+ *
+ * TBSCertificate ::= SEQUENCE {
+ * version [0] EXPLICIT Version DEFAULT v1,
+ * serialNumber CertificateSerialNumber,
+ * signature AlgorithmIdentifier,
+ * issuer Name,
+ * validity Validity,
+ * subject Name,
+ * subjectPublicKeyInfo SubjectPublicKeyInfo,
+ * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
+ * -- If present, version MUST be v2 or v3
+ * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
+ * -- If present, version MUST be v2 or v3
+ * extensions [3] EXPLICIT Extensions OPTIONAL
+ * -- If present, version MUST be v3
+ * }
+ *
+ * Version ::= INTEGER { v1(0), v2(1), v3(2) }
+ *
+ * CertificateSerialNumber ::= INTEGER
+ *
+ * Validity ::= SEQUENCE {
+ * notBefore Time,
+ * notAfter Time }
+ *
+ * Time ::= CHOICE {
+ * utcTime UTCTime,
+ * generalTime GeneralizedTime }
+ *
+ * UniqueIdentifier ::= BIT STRING
+ *
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING }
+ *
+ * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
+ *
+ * Extension ::= SEQUENCE {
+ * extnID OBJECT IDENTIFIER,
+ * critical BOOLEAN DEFAULT FALSE,
+ * extnValue OCTET STRING }
+ *
+ * PARAMETERS:
+ * "byteArray"
+ * Address of ByteArray representing the CERT's DER encoding.
+ * Must be non-NULL.
+ * "pCert"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_Create(
+ PKIX_PL_ByteArray *byteArray,
+ PKIX_PL_Cert **pCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_CreateFromCERTCertificate
+ * DESCRIPTION:
+ *
+ * Creates a new certificate using passed in CERTCertificate object.
+ *
+ * PARAMETERS:
+ * "nssCert"
+ * The object that will be used to create new PKIX_PL_Cert.
+ * "pCert"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_CreateFromCERTCertificate(
+ const CERTCertificate *nssCert,
+ PKIX_PL_Cert **pCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCERTCertificate
+ * DESCRIPTION:
+ *
+ * Returns underlying CERTCertificate structure. Return CERTCertificate
+ * object is duplicated and should be destroyed by caller.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of PKIX_PL_Cert. Must be non-NULL.
+ * "pCert"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCERTCertificate(
+ PKIX_PL_Cert *cert,
+ CERTCertificate **pnssCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetVersion
+ * DESCRIPTION:
+ *
+ * Retrieves the version of the Cert pointed to by "cert" and stores it at
+ * "pVersion". The version number will either be 0, 1, or 2 (corresponding to
+ * v1, v2, or v3, respectively).
+ *
+ * Version ::= INTEGER { v1(0), v2(1), v3(2) }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose version is to be stored. Must be non-NULL.
+ * "pVersion"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetVersion(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 *pVersion,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSerialNumber
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the BigInt that represents the serial number of the
+ * Cert pointed to by "cert" and stores it at "pSerialNumber".
+ *
+ * CertificateSerialNumber ::= INTEGER
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose serial number is to be stored. Must be non-NULL.
+ * "pSerial"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSerialNumber(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_BigInt **pSerial,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetIssuer
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the X500Name that represents the issuer DN of the
+ * Cert pointed to by "cert" and stores it at "pIssuer".
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose issuer is to be stored. Must be non-NULL.
+ * "pIssuer"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetIssuer(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_X500Name **pIssuer,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubject
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the X500Name that represents the subject DN of the
+ * Cert pointed to by "cert" and stores it at "pSubject". If the Cert does not
+ * have a subject DN, this function stores NULL at "pSubject".
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subject is to be stored. Must be non-NULL.
+ * "pSubject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubject(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_X500Name **pSubject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectPublicKeyAlgId
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the OID that represents the subject public key
+ * algorithm of the Cert pointed to by "cert" and stores it at
+ * "pSubjKeyAlgId".
+ *
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING }
+ *
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subject public key algorithm OID is to be stored.
+ * Must be non-NULL.
+ * "pSubjKeyAlgId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectPublicKeyAlgId(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_OID **pSubjKeyAlgId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectPublicKey
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the PublicKey that represents the subject public key
+ * of the Cert pointed to by "cert" and stores it at "pPublicKey".
+ *
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subject public key is to be stored.
+ * Must be non-NULL.
+ * "pPublicKey"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectPublicKey(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_PublicKey **pPublicKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_PublicKey_NeedsDSAParameters
+ * DESCRIPTION:
+ *
+ * Determines if the PublicKey pointed to by "pubKey" is a DSA Key with null
+ * parameters and stores the result at "pNeedsParams".
+ *
+ * PARAMETERS:
+ * "pubKey"
+ * Address of the Public Key of interest. Must be non-NULL.
+ * "pNeedsParams"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PublicKey Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_PublicKey_NeedsDSAParameters(
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_Boolean *pNeedsParams,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_PublicKey_MakeInheritedDSAPublicKey
+ * DESCRIPTION:
+ *
+ * This function is used for DSA key parameter inheritance, which allows a
+ * first DSA key with omitted parameters (pointed to by "firstKey") to inherit
+ * the PQG parameters of a second DSA key that does have parameters. (pointed
+ * to by "secondKey"). Once created, a PublicKey is immutable.
+ *
+ * Specifically, the algorithm used by the function is:
+ *
+ * If the first PublicKey is not a DSA public key with omitted parameters,
+ * the function stores NULL at "pResultKey". (No Error is returned)
+ * Else if the second PublicKey is not a DSA public key with non-NULL,
+ * parameters, the function returns an Error.
+ * Else
+ * the function creates a third PublicKey with a "Y" value from the
+ * first PublicKey and the DSA parameters from the second PublicKey,
+ * and stores it at "pResultKey".
+ *
+ * PARAMETERS:
+ * "firstKey"
+ * Address of a Public Key that needs to inherit DSA parameters.
+ * Must be non-NULL.
+ * "secondKey"
+ * Address of a Public Key that has DSA parameters that will be inherited
+ * by "firstKey". Must be non-NULL.
+ * "pResultKey"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PublicKey Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_PublicKey_MakeInheritedDSAPublicKey(
+ PKIX_PL_PublicKey *firstKey,
+ PKIX_PL_PublicKey *secondKey,
+ PKIX_PL_PublicKey **pResultKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCriticalExtensionOIDs
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of OIDs (each OID corresponding to a
+ * critical extension of the Cert pointed to by "cert") and stores it at
+ * "pExtensions". If "cert" does not have any critical extensions, this
+ * function stores an empty List at "pExtensions".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose critical extension OIDs are to be stored.
+ * Must be non-NULL.
+ * "pExtensions"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCriticalExtensionOIDs(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pExtensions, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetAuthorityKeyIdentifier
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a ByteArray representing the authority key
+ * identifier extension of the Cert pointed to by "cert" and stores it at
+ * "pAuthKeyId".
+ *
+ * Note that this function only retrieves the keyIdentifier component
+ * (OCTET STRING) of the AuthorityKeyIdentifier extension, when present.
+ *
+ * If "cert" does not have an AuthorityKeyIdentifier extension or if the
+ * keyIdentifier component of the AuthorityKeyIdentifier extension is not
+ * present, this function stores NULL at "pAuthKeyId".
+ *
+ * AuthorityKeyIdentifier ::= SEQUENCE {
+ * keyIdentifier [0] KeyIdentifier OPTIONAL,
+ * authorityCertIssuer [1] GeneralNames OPTIONAL,
+ * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose authority key identifier is to be stored.
+ * Must be non-NULL.
+ * "pAuthKeyId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetAuthorityKeyIdentifier(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_ByteArray **pAuthKeyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectKeyIdentifier
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a ByteArray representing the subject key identifier
+ * extension of the Cert pointed to by "cert" and stores it at "pSubjKeyId".
+ * If "cert" does not have a SubjectKeyIdentifier extension, this function
+ * stores NULL at "pSubjKeyId".
+ *
+ * SubjectKeyIdentifier ::= KeyIdentifier
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subject key identifier is to be stored.
+ * Must be non-NULL.
+ * "pSubjKeyId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectKeyIdentifier(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_ByteArray **pSubjKeyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectAltNames
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of GeneralNames (each GeneralName
+ * representing a subject alternative name found in the subject alternative
+ * names extension of the Cert pointed to by "cert") and stores it at
+ * "pSubjectAltNames". If "cert" does not have a SubjectAlternativeNames
+ * extension, this function stores NULL at "pSubjectAltNames".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * SubjectAltName ::= GeneralNames
+ *
+ * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+ *
+ * GeneralName ::= CHOICE {
+ * otherName [0] OtherName,
+ * rfc822Name [1] IA5String,
+ * dNSName [2] IA5String,
+ * x400Address [3] ORAddress,
+ * directoryName [4] Name,
+ * ediPartyName [5] EDIPartyName,
+ * uniformResourceIdentifier [6] IA5String,
+ * iPAddress [7] OCTET STRING,
+ * registeredID [8] OBJECT IDENTIFIER }
+ *
+ * OtherName ::= SEQUENCE {
+ * type-id OBJECT IDENTIFIER,
+ * value [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ * EDIPartyName ::= SEQUENCE {
+ * nameAssigner [0] DirectoryString OPTIONAL,
+ * partyName [1] DirectoryString }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subjectAltNames are to be stored.
+ * Must be non-NULL.
+ * "pSubjectAltNames"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectAltNames(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pSubjectAltNames, /* list of PKIX_PL_GeneralName */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetAllSubjectNames
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of GeneralNames (each GeneralName
+ * representing a subject DN or a subject alternative name found in the
+ * subject alternative names extension of the Cert pointed to by "cert") and
+ * stores it at "pAllSubjectNames".If the Subject DN of "cert" is empty and
+ * it does not have a SubjectAlternativeNames extension, this function stores
+ * NULL at "pAllSubjectNames".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subject DN and subjectAltNames are to be stored.
+ * Must be non-NULL.
+ * "pAllSubjectNames"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetAllSubjectNames(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pAllSubjectNames, /* list of PKIX_PL_GeneralName */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetExtendedKeyUsage
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a List of OIDs (each OID corresponding to an
+ * extended key usage of the Cert pointed to by "cert") and stores it at
+ * "pKeyUsage". If "cert" does not have an extended key usage extension, this
+ * function stores a NULL at "pKeyUsage".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ *
+ * KeyPurposeId ::= OBJECT IDENTIFIER
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose extended key usage OIDs are to be stored.
+ * Must be non-NULL.
+ * "pKeyUsage"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetExtendedKeyUsage(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pKeyUsage, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetNameConstraints
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a CertNameConstraints object representing the name
+ * constraints extension of the Cert pointed to by "cert" and stores it at
+ * "pNameConstraints".
+ *
+ * If "cert" does not have a name constraints extension, this function stores
+ * NULL at "pNameConstraints".
+ *
+ * NameConstraints ::= SEQUENCE {
+ * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
+ * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
+ *
+ * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+ *
+ * GeneralSubtree ::= SEQUENCE {
+ * base GeneralName,
+ * minimum [0] BaseDistance DEFAULT 0,
+ * maximum [1] BaseDistance OPTIONAL }
+ *
+ * BaseDistance ::= INTEGER (0..MAX)
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose name constraints extension is to be stored.
+ * Must be non-NULL.
+ * "pNameConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetNameConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetBasicConstraints
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a CertBasicConstraints object representing the basic
+ * constraints extension of the Cert pointed to by "cert" and stores it at
+ * "pBasicConstraints".
+ *
+ * If "cert" does not have a basic constraints extension, this function stores
+ * NULL at "pBasicConstraints". Once created, a CertBasicConstraints object
+ * is immutable.
+ *
+ * BasicConstraints ::= SEQUENCE {
+ * cA BOOLEAN DEFAULT FALSE,
+ * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose basic constraints extension is to be stored.
+ * Must be non-NULL.
+ * "pBasicConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetBasicConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertBasicConstraints **pBasicConstraints,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_BasicConstraints_GetCAFlag
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a Boolean value representing the cA Flag component
+ * of the CertBasicConstraints object pointed to by "basicConstraints" and
+ * stores it at "pResult".
+ *
+ * BasicConstraints ::= SEQUENCE {
+ * cA BOOLEAN DEFAULT FALSE,
+ * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
+ *
+ * PARAMETERS:
+ * "basicConstraints"
+ * Address of CertBasicConstraints whose cA Flag is to be stored.
+ * Must be non-NULL.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_BasicConstraints_GetCAFlag(
+ PKIX_PL_CertBasicConstraints *basicConstraints,
+ PKIX_Boolean *pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_BasicConstraints_GetPathLenConstraint
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to an integer value representing the pathLenConstraint
+ * component of the CertBasicConstraints object pointed to by
+ * "basicConstraints" and stores it at "pPathLenConstraint". If the
+ * pathLenConstraint component is not present, this function stores -1 at
+ * "pPathLenConstraint".
+ *
+ * PARAMETERS:
+ * "basicConstraints"
+ * Address of CertBasicConstraints whose pathLen is to be stored.
+ * Must be non-NULL.
+ * "pPathLenConstraint"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_BasicConstraints_GetPathLenConstraint(
+ PKIX_PL_CertBasicConstraints *basicConstraints,
+ PKIX_Int32 *pPathLenConstraint,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetPolicyInformation
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a List of CertPolicyInfos found in the certificate
+ * policies extension of the Cert pointed to by "cert" and stores it at
+ * "pPolicyInfo". If "cert" does not have a certificate policies extension,
+ * this function stores NULL at "pPolicyInfo". Once created, a CertPolicyInfo
+ * object is immutable.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+ *
+ * PolicyInformation ::= SEQUENCE {
+ * policyIdentifier CertPolicyId,
+ * policyQualifiers SEQUENCE SIZE (1..MAX) OF
+ * PolicyQualifierInfo OPTIONAL }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose CertPolicyInfos are to be stored.
+ * Must be non-NULL.
+ * "pPolicyInfo"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetPolicyInformation(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pPolicyInfo, /* list of PKIX_PL_CertPolicyInfo */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyInfo_GetPolicyId
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to an OID representing the policyIdentifier of the
+ * CertPolicyInfo pointed to by "policyInfo" and stores it at "pCertPolicyId".
+ *
+ * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+ *
+ * PolicyInformation ::= SEQUENCE {
+ * policyIdentifier CertPolicyId,
+ * policyQualifiers SEQUENCE SIZE (1..MAX) OF
+ * PolicyQualifierInfo OPTIONAL }
+ *
+ * CertPolicyId ::= OBJECT IDENTIFIER
+ *
+ * PARAMETERS:
+ * "policyInfo"
+ * Address of CertPolicyInfo whose policy identifier is to be stored.
+ * Must be non-NULL.
+ * "pCertPolicyId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyInfo_GetPolicyId(
+ PKIX_PL_CertPolicyInfo *policyInfo,
+ PKIX_PL_OID **pCertPolicyId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyInfo_GetPolQualifiers
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a List of the CertPolicyQualifiers representing
+ * the policyQualifiers of the CertPolicyInfo pointed to by "policyInfo" and
+ * stores it at "pPolicyQualifiers". If "policyInfo" does not have any
+ * policyQualifiers, this function stores NULL at "pPolicyQualifiers". Once
+ * created, a CertPolicyQualifier is immutable.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+ *
+ * PolicyInformation ::= SEQUENCE {
+ * policyIdentifier CertPolicyId,
+ * policyQualifiers SEQUENCE SIZE (1..MAX) OF
+ * PolicyQualifierInfo OPTIONAL }
+ *
+ * PolicyQualifierInfo ::= SEQUENCE {
+ * policyQualifierId PolicyQualifierId,
+ * qualifier ANY DEFINED BY policyQualifierId }
+ *
+ * PARAMETERS:
+ * "policyInfo"
+ * Address of CertPolicyInfo whose policy qualifiers List is to be stored.
+ * Must be non-NULL.
+ * "pPolicyQualifiers"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyInfo_GetPolQualifiers(
+ PKIX_PL_CertPolicyInfo *policyInfo,
+ PKIX_List **pPolicyQualifiers, /* list of PKIX_PL_CertPolicyQualifier */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_PolicyQualifier_GetPolicyQualifierId
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to an OID representing the policyQualifierId of the
+ * CertPolicyQualifier pointed to by "policyQualifier" and stores it at
+ * "pPolicyQualifierId".
+ *
+ * PolicyQualifierInfo ::= SEQUENCE {
+ * policyQualifierId PolicyQualifierId,
+ * qualifier ANY DEFINED BY policyQualifierId }
+ *
+ * PolicyQualifierId ::=
+ * OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+ *
+ * PARAMETERS:
+ * "policyQualifier"
+ * Address of CertPolQualifier whose policyQualifierId is to be stored.
+ * Must be non-NULL.
+ * "pPolicyQualifierId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_PolicyQualifier_GetPolicyQualifierId(
+ PKIX_PL_CertPolicyQualifier *policyQualifier,
+ PKIX_PL_OID **pPolicyQualifierId,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_PolicyQualifier_GetQualifier
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a ByteArray representing the qualifier of the
+ * CertPolicyQualifier pointed to by "policyQualifier" and stores it at
+ * "pQualifier".
+ *
+ * PolicyQualifierInfo ::= SEQUENCE {
+ * policyQualifierId PolicyQualifierId,
+ * qualifier ANY DEFINED BY policyQualifierId }
+ *
+ * PARAMETERS:
+ * "policyQualifier"
+ * Address of CertPolicyQualifier whose qualifier is to be stored.
+ * Must be non-NULL.
+ * "pQualifier"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_PolicyQualifier_GetQualifier(
+ PKIX_PL_CertPolicyQualifier *policyQualifier,
+ PKIX_PL_ByteArray **pQualifier,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetPolicyMappings
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a List of CertPolicyMaps found in the policy
+ * mappings extension of the Cert pointed to by "cert" and stores it at
+ * "pPolicyMappings". If "cert" does not have a policy mappings extension,
+ * this function stores NULL at "pPolicyMappings". Once created, a
+ * CertPolicyMap is immutable.
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
+ * issuerDomainPolicy CertPolicyId,
+ * subjectDomainPolicy CertPolicyId }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose CertPolicyMaps are to be stored.
+ * Must be non-NULL.
+ * "pPolicyMappings"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetPolicyMappings(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pPolicyMappings, /* list of PKIX_PL_CertPolicyMap */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to an OID representing the issuerDomainPolicy of the
+ * CertPolicyMap pointed to by "policyMapping" and stores it at
+ * "pIssuerDomainPolicy".
+ *
+ * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
+ * issuerDomainPolicy CertPolicyId,
+ * subjectDomainPolicy CertPolicyId }
+ *
+ * PARAMETERS:
+ * "policyMapping"
+ * Address of CertPolicyMap whose issuerDomainPolicy is to be stored.
+ * Must be non-NULL.
+ * "pIssuerDomainPolicy"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy(
+ PKIX_PL_CertPolicyMap *policyMapping,
+ PKIX_PL_OID **pIssuerDomainPolicy,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to an OID representing the subjectDomainPolicy of the
+ * CertPolicyMap pointed to by "policyMapping" and stores it at
+ * "pSubjectDomainPolicy".
+ *
+ * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
+ * issuerDomainPolicy CertPolicyId,
+ * subjectDomainPolicy CertPolicyId }
+ *
+ * PARAMETERS:
+ * "policyMapping"
+ * Address of CertPolicyMap whose subjectDomainPolicy is to be stored.
+ * Must be non-NULL.
+ * "pSubjectDomainPolicy"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy(
+ PKIX_PL_CertPolicyMap *policyMapping,
+ PKIX_PL_OID **pSubjectDomainPolicy,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetRequireExplicitPolicy
+ * DESCRIPTION:
+ *
+ * Retrieves the requireExplicitPolicy value of the policy constraints
+ * extension of the Cert pointed to by "cert" and stores it at "pSkipCerts".
+ * If "cert" does not have a policy constraints extension or the
+ * requireExplicitPolicy component is not populated, this function stores -1
+ * at "pSkipCerts".
+ *
+ * PolicyConstraints ::= SEQUENCE {
+ * requireExplicitPolicy [0] SkipCerts OPTIONAL,
+ * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
+ *
+ * SkipCerts ::= INTEGER (0..MAX)
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose requireExplicitPolicy value is to be stored.
+ * Must be non-NULL.
+ * "pSkipCerts"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetRequireExplicitPolicy(
+ PKIX_PL_Cert *cert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetPolicyMappingInhibited
+ * DESCRIPTION:
+ *
+ * Retrieves the inhibitPolicyMapping value of the policy constraints
+ * extension of the Cert pointed to by "cert" and stores it at "pSkipCerts".
+ * If "cert" does not have a policy constraints extension or the
+ * inhibitPolicyMapping component is not populated, this function stores -1
+ * at "pSkipCerts".
+ *
+ * PolicyConstraints ::= SEQUENCE {
+ * requireExplicitPolicy [0] SkipCerts OPTIONAL,
+ * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
+ *
+ * SkipCerts ::= INTEGER (0..MAX)
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose requireExplicitPolicy value is to be stored.
+ * Must be non-NULL.
+ * "pSkipCerts"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetPolicyMappingInhibited(
+ PKIX_PL_Cert *cert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetInhibitAnyPolicy
+ * DESCRIPTION:
+ *
+ * Retrieves the value of the inhibit any-policy extension of the Cert
+ * pointed to by "cert" and stores it at "pSkipCerts". If "cert" does not have
+ * an inhibit any-policy extension, this function stores -1 at "pSkipCerts".
+ *
+ * InhibitAnyPolicy ::= SkipCerts
+ *
+ * SkipCerts ::= INTEGER (0..MAX)
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose inhibit any-policy extensions value is to be
+ * stored. Must be non-NULL.
+ * "pSkipCerts"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetInhibitAnyPolicy(
+ PKIX_PL_Cert *cert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext);
+
+/* policy processing functions */
+
+/*
+ * FUNCTION: PKIX_PL_Cert_AreCertPoliciesCritical
+ * DESCRIPTION:
+ *
+ * Checks whether the certificate policies extension of the Cert pointed to
+ * by "cert" is critical and stores the Boolean result at "pCritical". If
+ * "cert" does not have a certificate policies extension, this function
+ * stores NULL at "pCritical".
+ *
+ * XXX what distinguishes NULL from PKIX_FALSE?
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose certificate policies extension's criticality is
+ * to be determined. Must be non-NULL.
+ * "pCritical"
+ * Address where PKIX_Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_AreCertPoliciesCritical(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pCritical,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_CheckNameConstraints
+ * DESCRIPTION:
+ *
+ * Checks whether the subject distinguished name and subject alternative names
+ * of the Cert pointed to by "cert" satisfy the CertNameConstraints pointed
+ * to by "nameConstraints". If the CertNameConstraints are not satisfied, a
+ * PKIX_Error pointer is returned. If "nameConstraints" is NULL, the function
+ * does nothing.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose subject names are to be checked.
+ * Must be non-NULL.
+ * "nameConstraints"
+ * Address of CertNameConstraints that need to be satisfied.
+ * "treatCommonNameAsDNSName"
+ * PKIX_TRUE if the subject common name should be considered a dNSName
+ * when evaluating name constraints.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_CheckNameConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean treatCommonNameAsDNSName,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_MergeNameConstraints
+ * DESCRIPTION:
+ *
+ * Merges the CertNameConstraints pointed to by "firstNC" and the
+ * CertNameConstraints pointed to by "secondNC" and stores the merged
+ * CertNameConstraints at "pResultNC". If "secondNC" is NULL, the
+ * CertNameConstraints pointed to by "firstNC" is stored at "pResultNC".
+ *
+ * Once created, a CertNameConstraints object is immutable.
+ *
+ * PARAMETERS:
+ * "firstNC"
+ * Address of first CertNameConstraints to be merged. Must be non-NULL.
+ * "secondNC"
+ * Address of second CertNameConstraints to be merged
+ * "pResultNC"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_MergeNameConstraints(
+ PKIX_PL_CertNameConstraints *firstNC,
+ PKIX_PL_CertNameConstraints *secondNC,
+ PKIX_PL_CertNameConstraints **pResultNC,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_VerifyKeyUsage
+ * DESCRIPTION:
+ *
+ * Verifies that the keyUsage bit(s) specified by "keyUsage" appear in the
+ * keyUsage extension of the Cert pointed to by "cert". The keyUsage bit
+ * values specified in pkixt.h are supported, and can be bitwise or'ed if
+ * multiple bit values are to be verified. If the keyUsages do not all appear
+ * in the keyUsage extension of "cert", a PKIX_Error pointer is returned.
+ *
+ * KeyUsage ::= BIT STRING {
+ * digitalSignature (0),
+ * nonRepudiation (1),
+ * keyEncipherment (2),
+ * dataEncipherment (3),
+ * keyAgreement (4),
+ * keyCertSign (5),
+ * cRLSign (6),
+ * encipherOnly (7),
+ * decipherOnly (8) }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose keyUsage bits are to be verified.
+ * Must be non-NULL.
+ * "keyUsage"
+ * Constant representing keyUsage bit(s) that all must appear in keyUsage
+ * extension of "cert".
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_VerifyKeyUsage(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 keyUsage,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_VerifyCertAndKeyType
+ * DESCRIPTION:
+ *
+ * Verifies cert and key types against certificate usage that is
+ * a part of plContext(pkix_pl_nsscontext) structure. Throws an error
+ * if cert or key types does not match.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose keyUsage bits are to be verified.
+ * Must be non-NULL.
+ * "isLeafCert"
+ * What type of a cert has been verified.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_VerifyCertAndKeyType(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean isChainCert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_CheckValidity
+ * DESCRIPTION:
+ *
+ * Checks whether the Cert pointed to by "cert" would be valid at the time
+ * represented by the Date pointed to by "date". If "date" is NULL, then this
+ * function checks whether the Cert would be valid at the current time. If the
+ * Cert would not be valid at the specified Date, a PKIX_Error pointer is
+ * returned.
+ *
+ * Validity ::= SEQUENCE {
+ * notBefore Time,
+ * notAfter Time }
+ *
+ * Time ::= CHOICE {
+ * utcTime UTCTime,
+ * generalTime GeneralizedTime }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose validity is to be checked. Must be non-NULL.
+ * "date"
+ * Address of Date at which the Cert is being checked for validity.
+ * If NULL, the current time is used for the Date.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_CheckValidity(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Date *date,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetValidityNotAfter
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the Date that represents the notAfter time of the
+ * Certificate pointed to by "cert" and stores it at "pDate".
+ *
+ * Validity ::= SEQUENCE {
+ * notBefore Time,
+ * notAfter Time }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose validity time is to be retrieved. Must be
+ * non-NULL.
+ * "date"
+ * Address of Date at which the Cert's notAfter time is being retrieved.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetValidityNotAfter(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_VerifySignature
+ * DESCRIPTION:
+ *
+ * Verifies the signature on the Cert pointed to by "cert" using the
+ * PublicKey pointed to by "pubKey". If the signature doesn't verify, an
+ * Error pointer is returned.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose signature is to be verified. Must be non-NULL.
+ * "pubKey"
+ * Address of a Public Key used to verify the signature. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_VerifySignature(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_PublicKey *pubKey,
+ void *plContext);
+
+/* A set of flags to indicate how explicitly configured trust anchors should be
+ * handled by PKIX_PL_Cert_IsCertTrusted
+ */
+typedef enum PKIX_PL_TrustAnchorModeEnum {
+ /* Indicates trust anchors should be ignored; only the underlying
+ * platform's trust settings should be used.
+ */
+ PKIX_PL_TrustAnchorMode_Ignore,
+
+ /* Indicates that explicitly configured trust anchors may be considered
+ * trustworthy, if present.
+ * Note: If the underlying platform supports marking a certificate as
+ * explicitly untrustworthy, explicitly configured trust anchors
+ * MAY be ignored/rejected.
+ */
+ PKIX_PL_TrustAnchorMode_Additive,
+
+ /* Indicates that ONLY trust anchors should be considered as
+ * trustworthy.
+ * Note: If the underlying platform supports marking a certificate as
+ * explicitly untrustworthy, explicitly configured trust anchors
+ * MAY be ignored/rejected.
+ */
+ PKIX_PL_TrustAnchorMode_Exclusive
+} PKIX_PL_TrustAnchorMode;
+
+/*
+ * FUNCTION: PKIX_PL_Cert_IsCertTrusted
+ * DESCRIPTION:
+ *
+ * Checks the Cert specified by "cert" to determine, in a manner that depends
+ * on the underlying platform, whether it is trusted, and stores the result in
+ * "pTrusted". If a certificate is trusted it means that a chain built to that
+ * certificate, and satisfying all the usage, policy, validity, and other
+ * tests, is a valid chain and the End Entity certificate from which it was
+ * built can be trusted.
+ *
+ * If the Certificate is not intrinsically trustworthy, it still might end up a
+ * component in a successful chain.
+ *
+ * If the Certificate is intrinsically untrustworthy, this function will return
+ * an error.
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of Cert whose trustworthiness is to be determined. Must be
+ * non-NULL.
+ * "trustAnchorMode"
+ * A PKIX_PL_TrustAnchorMode that indicates how explicitly defined user
+ * trust anchors should be handled.
+ * "pTrusted"
+ * Address where the Boolean value will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CERT Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_IsCertTrusted(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_TrustAnchorMode trustAnchorMode,
+ PKIX_Boolean *pTrusted,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_IsLeafCertTrusted
+ * DESCRIPTION:
+ *
+ * Checks the Leaf Cert specified by "cert" to determine, in a manner that
+ * depends on the underlying platform, whether it is trusted, and stores the
+ * result in "pTrusted". If a certificate is trusted it means that this
+ * End Entify certificate has been marked as trusted for the requested usage,
+ * policy, validity, and other tests.
+ *
+ * If the Certificate is not intrinsically trustworthy, we can still try to
+ * build a successful chain.
+ *
+ * If the Certificate is intrinsically untrustworthy, this function will return
+ * an error.
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of Cert whose trustworthiness is to be determined. Must be
+ * non-NULL.
+ * "pTrusted"
+ * Address where the Boolean value will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CERT Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_IsLeafCertTrusted(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pTrusted,
+ void *plContext);
+
+/* FUNCTION: PKIX_PL_Cert_SetAsTrustAnchor */
+PKIX_Error*
+PKIX_PL_Cert_SetAsTrustAnchor(PKIX_PL_Cert *cert,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCacheFlag
+ * DESCRIPTION:
+ *
+ * Retrieves the value of the cache flag in "cert" and return it at address
+ * pointed by "pCacheFlag". The initila cache flag is determined by the
+ * CertStore this "cert" is fetched from. When CertStore is created, user
+ * need to specify if the data should be cached.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose cache flag is fetched. Must be non-NULL.
+ * "pCacheFlag"
+ * Address where PKIX_Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCacheFlag(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pCacheFlag,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_SetCacheFlag
+ * DESCRIPTION:
+ *
+ * Set the value of the cache flag in "cert" base on the boolean value stored
+ * at "cacheFlag". This function is meant to be used by CertStore after a
+ * Cert is created.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert where "cacheFlag" is stored. Must be non-NULL.
+ * "cacheFlag"
+ * PKIX_Boolean flag for cache flag.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_SetCacheFlag(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean cacheFlag,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetTrustCertStore
+ * DESCRIPTION:
+ *
+ * Retrieves the value of the CertStore in "cert" and return it at address
+ * pointed by "pCertStore".
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose CertStore is fetched. Must be non-NULL.
+ * "pTrustCertStore"
+ * Address where CertStore will be stored and returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetTrustCertStore(
+ PKIX_PL_Cert *cert,
+ PKIX_CertStore **pTrustCertStore,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Cert_SetTrustCertStore
+ * DESCRIPTION:
+ *
+ * Set the value of the CertStore "certStore" in "cert".
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert where "certStore" will be stored. Must be non-NULL.
+ * "trustCertStore"
+ * Address where the CertStore is. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_SetTrustCertStore(
+ PKIX_PL_Cert *cert,
+ PKIX_CertStore *trustCertStore,
+ void *plContext);
+
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetAuthorityInfoAccess
+ * DESCRIPTION:
+ *
+ * Retrieves the value(s) of the Authority Information Access in "cert" and
+ * returns it in a list at address pointed by "pAuthorityInfoAccess".
+ *
+ * SubjectInfoAccess ::=
+ * SEQUENCE SIZE (1..MAX) of AccessDescription
+ * AccessDescription ::= SEQUENCE {
+ * accessMethod OBJECT IDENTIFIER,
+ * accessLocation GeneralName
+ * }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose Authority Information Access is fetched.
+ * Must be non-NULL.
+ * "pAuthorityInfoAccess"
+ * Address where Authority InfoAccess will be stored and returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetAuthorityInfoAccess(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pAiaList, /* of PKIX_PL_InfoAccess */
+ void *plContext);
+
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectInfoAccess
+ * DESCRIPTION:
+ *
+ * Retrieves the value(s) of the Subject Information Access in "cert" and
+ * returns it in a list at address pointed by "pSubjectInfoAccess".
+ *
+ * SubjectInfoAccess ::=
+ * SEQUENCE SIZE (1..MAX) of AccessDescription
+ * AccessDescription ::= SEQUENCE {
+ * accessMethod OBJECT IDENTIFIER,
+ * accessLocation GeneralName
+ * }
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose Subject Information Access is fetched.
+ * Must be non-NULL.
+ * "pSubjectInfoAccess"
+ * Address where Subject InfoAccess will be stored and returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectInfoAccess(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pSiaList, /* of PKIX_PL_InfoAccess */
+ void *plContext);
+
+
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCrlDp
+ * DESCRIPTION:
+ *
+ * Retrieves the value(s) of the CRL Distribution Point Extension and
+ * returns it in a list at address pointed by "pDpList".
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose Subject Information Access is fetched.
+ * Must be non-NULL.
+ * "pDpList"
+ * Address where CRL DP will be stored and returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCrlDp(PKIX_PL_Cert *cert,
+ PKIX_List **pDpList,
+ void *plContext);
+
+
+/*
+ * InfoAccess
+ *
+ * To hold Authority Information Access or Subject Information Access
+ * retrieved from a Certificate.
+ */
+
+#define PKIX_INFOACCESS_OCSP 1
+#define PKIX_INFOACCESS_CA_ISSUERS 2
+#define PKIX_INFOACCESS_TIMESTAMPING 3
+#define PKIX_INFOACCESS_CA_REPOSITORY 5
+
+#define PKIX_INFOACCESS_LOCATION_UNKNOWN 0
+#define PKIX_INFOACCESS_LOCATION_HTTP 1
+#ifndef NSS_PKIX_NO_LDAP
+#define PKIX_INFOACCESS_LOCATION_LDAP 2
+#endif
+
+/*
+ * FUNCTION: PKIX_PL_InfoAccess_GetMethod
+ * DESCRIPTION:
+ *
+ * Stores the method of the Information Access from "infoAccess" and
+ * returns in "pMethod".
+ *
+ * SubjectInfoAccess ::=
+ * AccessDescription ::= SEQUENCE {
+ * accessMethod OBJECT IDENTIFIER,
+ * accessLocation GeneralName
+ * }
+ *
+ * PARAMETERS:
+ * "infoAccess"
+ * Address of PKIX_PL_InfoAccess that has the access data.
+ * Must be non-NULL.
+ * "pMethod"
+ * Address where access method will be stored and returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_InfoAccess_GetMethod(
+ PKIX_PL_InfoAccess *infoAccess,
+ PKIX_UInt32 *pMethod,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_InfoAccess_GetLocation
+ * DESCRIPTION:
+ *
+ * Stores the location of the Information Access from "infoAccess" and
+ * returns in "pLocation".
+ *
+ * SubjectInfoAccess ::=
+ * AccessDescription ::= SEQUENCE {
+ * accessMethod OBJECT IDENTIFIER,
+ * accessLocation GeneralName
+ * }
+ *
+ * PARAMETERS:
+ * "infoAccess"
+ * Address of PKIX_PL_InfoAccess that has the access data.
+ * Must be non-NULL.
+ * "pLocation"
+ * Address where access location will be stored and returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_InfoAccess_GetLocation(
+ PKIX_PL_InfoAccess *infoAccess,
+ PKIX_PL_GeneralName **pLocation,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_InfoAccess_GetLocationType
+ * DESCRIPTION:
+ *
+ * Stores the type of location of the Information Access from "infoAccess" and
+ * returns in "pType".
+ *
+ * SubjectInfoAccess ::=
+ * AccessDescription ::= SEQUENCE {
+ * accessMethod OBJECT IDENTIFIER,
+ * accessLocation GeneralName
+ * }
+ *
+ * PARAMETERS:
+ * "infoAccess"
+ * Address of PKIX_PL_InfoAccess that has the access data.
+ * Must be non-NULL.
+ * "pType"
+ * Address where access location type will be stored and returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_InfoAccess_GetLocationType(
+ PKIX_PL_InfoAccess *infoAccess,
+ PKIX_UInt32 *pType,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_InfoAccess_GetAIACerts(
+ PKIX_PL_InfoAccess *ia,
+ void **pNBIOContext,
+ void **pHandle,
+ PKIX_List **pCerts,
+ void *plContext);
+
+/*
+ * CRL
+ *
+ * A CRL represents an X.509 certificate revocation list. It can be created
+ * using the bytes of a valid ASN.1 DER encoding. Once created, a CRL is
+ * immutable. The following functions include accessors (gettors) for the
+ * various components of an X.509 CRL, as well as a function for signature
+ * verification.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_CRL_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CRL using the bytes in the ByteArray pointed to by
+ * "byteArray" and stores it at "pCRL". If the bytes are not a valid ASN.1
+ * DER encoding of a CRL, a PKIX_Error pointer is returned. Once created, a
+ * CRL is immutable.
+ *
+ * CertificateList ::= SEQUENCE {
+ * tbsCertList TBSCertList,
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signatureValue BIT STRING }
+ *
+ * TBSCertList ::= SEQUENCE {
+ * version Version OPTIONAL,
+ * -- if present, MUST be v2
+ * signature AlgorithmIdentifier,
+ * issuer Name,
+ * thisUpdate Time,
+ * nextUpdate Time OPTIONAL,
+ * revokedCertificates SEQUENCE OF SEQUENCE {
+ * userCertificate CertificateSerialNumber,
+ * revocationDate Time,
+ * crlEntryExtensions Extensions OPTIONAL
+ * -- if present, MUST be v2
+ * } OPTIONAL,
+ * crlExtensions [0] EXPLICIT Extensions OPTIONAL
+ * -- if present, MUST be v2
+ * }
+ *
+ * PARAMETERS:
+ * "byteArray"
+ * Address of ByteArray representing the CRL's DER encoding.
+ * Must be non-NULL.
+ * "pCRL"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_Create(
+ PKIX_PL_ByteArray *byteArray,
+ PKIX_PL_CRL **pCRL,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetIssuer
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the X500Name that represents the issuer of the CRL
+ * pointed to by "crl" and stores it at "pCRLIssuer".
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose issuer is to be stored. Must be non-NULL.
+ * "pCRLIssuer"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetIssuer(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_X500Name **pCRLIssuer,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetCriticalExtensionOIDs
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of OIDs (each OID corresponding to a
+ * critical extension of the CRL pointed to by "crl") and stores it at
+ * "pExtensions". If "crl" does not have any critical extensions, this
+ * function stores an empty List at "pExtensions".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose critical extension OIDs are to be stored.
+ * Must be non-NULL.
+ * "pExtensions"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetCriticalExtensionOIDs(
+ PKIX_PL_CRL *crl,
+ PKIX_List **pExtensions, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetCRLEntryForSerialNumber
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the CRLEntry (found in the CRL pointed to by "crl")
+ * corresponding to the BigInt pointed to by "serialNumber" and stores it at
+ * "pCRLEntry". If there is no such CRLEntry, this functions stores NULL at
+ * "pCRLEntry". Once created, a CRLEntry is immutable.
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose CRL Entries are to be searched. Must be non-NULL.
+ * "serialNumber"
+ * Address of BigInt representing serial number of certificate whose
+ * CRLEntry is to be found. Must be non-NULL.
+ * "pCRLEntry"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetCRLEntryForSerialNumber(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_BigInt *serialNumber,
+ PKIX_PL_CRLEntry **pCRLEntry,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetCRLNumber
+ * DESCRIPTION:
+ * Retrieves the CRL Number from extension. This is non-critical extension.
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose version is to be stored. Must be non-NULL.
+ * "pCrlNumber"
+ * Address where a CRL Number will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetCRLNumber(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_BigInt **pCrlNumber,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_VerifyUpdateTime
+ * DESCRIPTION:
+ *
+ * Checks whether the CRL pointed to by "crl" would be valid at the time
+ * represented by the Date pointed to by "date" and stores the Boolean result
+ * at "pResult". This check is done only when NIST policy is enforced.
+ *
+ * Time ::= CHOICE {
+ * utcTime UTCTime,
+ * generalTime GeneralizedTime }
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose validity is to be checked. Must be non-NULL.
+ * "date"
+ * Address of Date at which the CRL is being checked for validity.
+ * Must be non-NULL.
+ * "pResult"
+ * Address of Boolean result. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_VerifyUpdateTime(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_Date *date,
+ PKIX_Boolean *pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_VerifySignature
+ * DESCRIPTION:
+ *
+ * Verifies the signature on the CRL pointed to by "crl" using the PublicKey
+ * pointed to by "pubKey". If the signature doesn't verify, a PKIX_Error
+ * pointer is returned.
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose signature is to be verified. Must be non-NULL.
+ * "pubKey"
+ * Address of a Public Key used to verify the signature. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_VerifySignature(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_PublicKey *pubKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRL_ReleaseDerCrl
+ * DESCRIPTION:
+ *
+ * Relinguish the ownership for the crl der. The operation will succeed if
+ * a crl owns the der. If the crl was created from existing crl and does not
+ * own the der, then the function will return null.
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose signature is to be verified. Must be non-NULL.
+ * "derCrl"
+ * Pointer to a SECItem that has der crl.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_ReleaseDerCrl(PKIX_PL_CRL *crl,
+ SECItem **derCrl,
+ void *plContext);
+/*
+ * FUNCTION: PKIX_PL_CRL_AdoptDerCrl
+ * DESCRIPTION:
+ *
+ * Adopt memory of the der. The secItem that contains der will be
+ * freed with destruction of parent pkix crl structure.
+ *
+ * * PARAMETERS:
+ * "crl"
+ * Address of CRL whose signature is to be verified. Must be non-NULL.
+ * "derCrl"
+ * Pointer to a SECItem that has der crl.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRL_AdoptDerCrl(PKIX_PL_CRL *crl,
+ SECItem *derCrl,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRLEntry_GetCRLEntryReasonCode
+ * DESCRIPTION:
+ *
+ * Retrieves the value of the reason code extension of the CRLEntry pointed
+ * to by "crlEntry" and stores it at "pReason". If the "crlEntry" has no
+ * reason code extension, this function stores -1 at "pReason".
+ *
+ * CRLReason ::= ENUMERATED {
+ * unspecified (0),
+ * keyCompromise (1),
+ * cACompromise (2),
+ * affiliationChanged (3),
+ * superseded (4),
+ * cessationOfOperation (5),
+ * certificateHold (6),
+ * removeFromCRL (8),
+ * privilegeWithdrawn (9),
+ * aACompromise (10) }
+ *
+ * PARAMETERS:
+ * "crlEntry"
+ * Address of CRLEntry whose reason code bit values are to be returned
+ * at "pReason". Must be non-NULL.
+ * "pReason"
+ * Address of PKIX_Int32 where reason code is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRLEntry_GetCRLEntryReasonCode(
+ PKIX_PL_CRLEntry *crlEntry,
+ PKIX_Int32 *pReason,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_CRLEntry_GetCriticalExtensionOIDs
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of OIDs (each OID corresponding to a
+ * critical extension of the CRLEntry pointed to by "crlEntry") and stores it
+ * at "pExtensions". If "crlEntry" does not have any critical extensions, this
+ * function stores an empty List at "pExtensions".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "crlEntry"
+ * Address of CRLEntry whose critical extension OIDs are to be stored.
+ * Must be non-NULL.
+ * "pExtensions"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CRLEntry_GetCriticalExtensionOIDs(
+ PKIX_PL_CRLEntry *crlEntry,
+ PKIX_List **pExtensions, /* list of PKIX_PL_OID */
+ void *plContext);
+
+#ifdef BUILD_LIBPKIX_TESTS
+/*
+ * FUNCTION: PKIX_PL_X500Name_Create
+ * DESCRIPTION:
+ *
+ * Creates a new X500Name using the UTF8 string representation pointed to by
+ * "stringRep" and stores it at "pName". Once created, an X500Name is
+ * immutable.
+ *
+ * Name ::= CHOICE {
+ * RDNSequence }
+ *
+ * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ *
+ * RelativeDistinguishedName ::=
+ * SET OF AttributeTypeAndValue
+ *
+ * AttributeTypeAndValue ::= SEQUENCE {
+ * type AttributeType,
+ * value AttributeValue }
+ *
+ * AttributeType ::= OBJECT IDENTIFIER
+ *
+ * AttributeValue ::= ANY DEFINED BY AttributeType
+ *
+ * DirectoryString ::= CHOICE {
+ * teletexString TeletexString (SIZE (1..MAX)),
+ * printableString PrintableString (SIZE (1..MAX)),
+ * universalString UniversalString (SIZE (1..MAX)),
+ * utf8String UTF8String (SIZE (1..MAX)),
+ * bmpString BMPString (SIZE (1..MAX)) }
+ *
+ * PARAMETERS:
+ * "stringRep"
+ * Address of UTF8 String representation of X500Name. Must be non-NULL.
+ * "pName"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an X500Name Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_X500Name_Create (
+ PKIX_PL_String *stringRep,
+ PKIX_PL_X500Name **pName,
+ void *plContext);
+
+#endif /* BUILD_LIBPKIX_TESTS */
+
+/*
+ * FUNCTION: PKIX_PL_X500Name_CreateFromCERTName
+ * DESCRIPTION:
+ *
+ * The function creates x500Name using der encoded DN and/or pointer to
+ * CERTName. If arument "name" is NULL, but derName is supplied when
+ * the function generates nssDN(CERTName type) from der data. If derName
+ * is not supplied, CERTName *name will not be used to generate DN DER
+ * encoding.
+ *
+ * PARAMETERS:
+ * "derName"
+ * Address of DER representation of X500Name. Can be NULL
+ * "name"
+ * Address of CERTName representation of X500Name. Can be NULL
+ * "pName"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an X500Name Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_X500Name_CreateFromCERTName(
+ SECItem *derName,
+ CERTName *name,
+ PKIX_PL_X500Name **pName,
+ void *plContext);
+
+
+/*
+ * TYPE: PKIX_PL_X500Name_Match
+ * DESCRIPTION:
+ * Checks whether the X500Name pointed to by "firstX500Name" MATCHES the
+ * X500Name pointed to by "secondX500Name" and stores the boolean result at
+ * "pResult". Two X500Names MATCH if they meet the conditions specified by
+ * RFC 3280 (section 4.1.2.4). Namely:
+ *
+ * "This specification requires only a subset of the name comparison
+ * functionality specified in the X.500 series of specifications.
+ * Conforming implementations are REQUIRED to implement the following
+ * name comparison rules:
+ *
+ * (a) attribute values encoded in different types (e.g., PrintableString
+ * and BMPString) MAY be assumed to represent different strings;
+ *
+ * (b) attribute values in types other than PrintableString are case
+ * sensitive (this permits matching of attribute values as binary objects)
+ *
+ * (c) attribute values in PrintableString are not case sensitive
+ * (e.g., "Marianne Swanson" is the same as "MARIANNE SWANSON"); and
+ *
+ * (d) attribute values in PrintableString are compared after removing
+ * leading and trailing white space and converting internal substrings of
+ * one or more consecutive white space characters to a single space."
+ *
+ * PARAMETERS:
+ * "firstX500Name"
+ * Address of first X500Name to compare. Must be non-NULL.
+ * "secondX500Name"
+ * Address of second X500Name to compare. Must be non-NULL.
+ * "pResult"
+ * Address of Boolean result. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an X500Name Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_X500Name_Match(
+ PKIX_PL_X500Name *firstX500Name,
+ PKIX_PL_X500Name *secondX500Name,
+ PKIX_Boolean *pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Date_Create_UTCTime
+ * DESCRIPTION:
+ * Creates a new Date of type UTCTime using the string representation pointed
+ * to by "stringRep" and stores it at "pDate". The UTCTime restriction means
+ * that the year can only be specified by the least significant two digits
+ * (YY). As such, Only the years 1950-2049 can be represented. If "stringRep"
+ * is NULL, this function creates a new Date representing the current time
+ * and stores it at "pDate". Once created, a Date is immutable.
+ *
+ * If YY is greater than or equal to 50, the year is interpreted as 19YY.
+ * If YY is less than 50, the year is interpreted as 20YY.
+ *
+ * The string representation of the date must be in the following form:
+ * "YYMMDDhhmmssZ" where:
+ *
+ * YY is the least significant two digits of the year
+ * MM is the month (01 to 12)
+ * DD is the day (01 to 31)
+ * hh is the hour (00 to 23)
+ * mm are the minutes (00 to 59)
+ * ss are the seconds (00 to 59)
+ * Z indicates that local time is GMT
+ *
+ * PARAMETERS:
+ * "stringRep"
+ * Address of String representation of Date.
+ * If NULL, current time is used.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Date Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Date_Create_UTCTime (
+ PKIX_PL_String *stringRep,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Date_Create_UTCTime
+ * DESCRIPTION:
+ * Creates a new Date from PRTime data.
+ *
+ * PARAMETERS:
+ * "time"
+ * Represented time in PRTime type.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Date Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Date_CreateFromPRTime(
+ PRTime time,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Date_Create_CurrentOffBySeconds
+ * DESCRIPTION:
+ * Creates a new Date of type UTCTime for current time with seconds off by
+ * "secondsOffset" and returns it at "pDate".
+ *
+ * PARAMETERS:
+ * "secondsOffset"
+ * A PKIX_Int32 indicates the time offset from current. If "secondsOffset"
+ * is negative, the time is in past.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Date Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Date_Create_CurrentOffBySeconds(
+ PKIX_Int32 secondsOffset,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+#ifdef BUILD_LIBPKIX_TESTS
+/*
+ * FUNCTION: PKIX_PL_GeneralName_Create
+ * DESCRIPTION:
+ *
+ * Creates a new GeneralName of type "nameType" using the string
+ * representation pointed to by "stringRep" and stores it at "pGName".
+ * All of the GeneralName type format values specified in pkixt.h are
+ * supported, with the exception of PKIX_OTHER_NAME, PKIX_EDIPARTY_NAME,
+ * PKIX_IP_NAME, and PKIX_X400_ADDRESS. A PKIX_ESCASCII string representation
+ * should be used for all supported nameTypes, with the exception of
+ * registeredID and directoryName. For registeredID, the string representation
+ * should be the same as that used by PKIX_PL_OID_Create. For directoryName,
+ * the string representation should be the same as that used by
+ * PKIX_PL_X500Name_Create. If an unsupported name type is used, an Error is
+ * returned. Once created, a GeneralName is immutable.
+ *
+ * GeneralName ::= CHOICE {
+ * otherName [0] OtherName,
+ * rfc822Name [1] IA5String,
+ * dNSName [2] IA5String,
+ * x400Address [3] ORAddress,
+ * directoryName [4] Name,
+ * ediPartyName [5] EDIPartyName,
+ * uniformResourceIdentifier [6] IA5String,
+ * iPAddress [7] OCTET STRING,
+ * registeredID [8] OBJECT IDENTIFIER }
+ *
+ *
+ * NOTE: This function is allowed to be called only by pkix tests programs.
+ *
+ * PARAMETERS:
+ * "nameType"
+ * Type of GeneralName to be created. This must be one of the GeneralName
+ * type format values specified in pkixt.h
+ * "stringRep"
+ * Address of String representation of GeneralName. Must be non-NULL.
+ * "pGName"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a GeneralName Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_GeneralName_Create (
+ PKIX_UInt32 nameType,
+ PKIX_PL_String *stringRep,
+ PKIX_PL_GeneralName **pGName,
+ void *plContext);
+#endif /* BUILD_LIBPKIX_TESTS */
+
+/*
+ * FUNCTION: PKIX_PL_CertNameConstraints_CheckNamesInNameSpace
+ * DESCRIPTION:
+ *
+ * This function checks whether names in "nameList" comply with
+ * "nameConstraints". It stores PKIX_TRUE at "pCheckPass" if the names meet the
+ * requirement of the NameConstraints, PKIX_FALSE otherwise.
+ *
+ * PARAMETERS
+ * "nameList"
+ * List of GeneralNames that are checked for compliance. May be empty
+ * or NULL.
+ * "nameConstraints"
+ * Address of CertNameConstraints that provides lists of permitted
+ * and excluded names. Must be non-NULL.
+ * "pCheckPass"
+ * Address where PKIX_TRUE is returned if the all names in "nameList" are
+ * valid. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CertNameConstraints_CheckNamesInNameSpace(
+ PKIX_List *nameList, /* List of PKIX_PL_GeneralName */
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean *pCheckPass,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_AIAMgr_Create
+ * DESCRIPTION:
+ *
+ * This function creates an AIAMgr to handle retrieval of Certs and CRLs
+ * from servers given by AIA Certificate extensions. It manages connections
+ * and caches. The manager created is stored at "pAIAMgr".
+ *
+ * PARAMETERS:
+ * "pAIAMgr"
+ * The address at which the result is stored. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an AIAMgr Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_AIAMgr_Create(
+ PKIX_PL_AIAMgr **pAIAMgr,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_AIAMgr_GetAIACerts
+ * DESCRIPTION:
+ *
+ * This function uses the AIAMgr pointed to by "aiaMgr" to retrieve the Certs
+ * specified by an AIA certificate extension, if any, in the Cert pointed to by
+ * "prevCert", storing the results at "pCerts". If the certificate has no such
+ * extension, this function stores NULL at "pCerts".
+ *
+ * If the request is suspended for non-blocking I/O, a platform-dependent
+ * context is stored at "pNBIOContext" and NULL is stored at "pCerts". This
+ * return is referred to as the WOULDBLOCK state. Note that the caller must
+ * check for a non-NULL value at "pNBIOContext", to distinguish this state from
+ * the "no such extension" return described in the first paragraph. (The
+ * alternative would be to return an empty List, but it seemed wrong to incur
+ * the overhead of creating and destroying an empty List for the most common
+ * situation.)
+ *
+ * After a WOULDBLOCK return, the user may continue the operation by calling
+ * pkix_AIAMgr_GetAIACerts (possibly more than once, if the function again
+ * returns in the WOULDBLOCK state) with the previously-returned non-NULL
+ * value of "pNBIOContext". When results are complete, NULL is stored at
+ * "pNBIOContext", and the results (which may be NULL) are stored at "pCerts".
+ *
+ * PARAMETERS:
+ * "aiaMgr"
+ * The AIAMgr which controls the retrieval of certificates. Must be
+ * non-NULL.
+ * "prevCert"
+ * Address of PKIX_PL_Cert which may provide an AIA or SIA extension. Must
+ * be non-NULL.
+ * "pNBIOContext"
+ * Address at which platform-dependent information is returned if request
+ * is suspended for non-blocking I/O. Must be non-NULL.
+ * "pCerts"
+ * Address at which the returned List is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an AIAMgr Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_AIAMgr_GetAIACerts(
+ PKIX_PL_AIAMgr *aiaMgr,
+ PKIX_PL_Cert *prevCert,
+ void **pNBIOContext,
+ PKIX_List **pCerts,
+ void *plContext);
+
+typedef PKIX_Error *
+(*PKIX_PL_VerifyCallback)(
+ PKIX_PL_Object *signedObject,
+ PKIX_PL_Cert *signerCert, /* can be unknown */
+ PKIX_PL_Date *producedAt,
+ PKIX_ProcessingParams *procParams,
+ void **pNBIOContext,
+ void **pState,
+ PKIX_BuildResult **pBuildResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_PKI_H */
diff --git a/security/nss/lib/libpkix/include/pkix_pl_system.h b/security/nss/lib/libpkix/include/pkix_pl_system.h
new file mode 100755
index 000000000..57d5df7cc
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_pl_system.h
@@ -0,0 +1,1545 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines several platform independent functions to make system
+ * calls in a portable manner.
+ *
+ */
+
+#ifndef _PKIX_PL_SYSTEM_H
+#define _PKIX_PL_SYSTEM_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/*
+ * FUNCTION: PKIX_PL_Initialize
+ * DESCRIPTION:
+ *
+ * XXX If this function is really only meant to be used by PKIX_Initialize,
+ * why don't we just put it in a private header file rather than the public
+ * API. I think it may confuse users.
+ *
+ * This function should NOT be called by applications. It is only meant to
+ * be used internally. The application needs only to call PKIX_Initialize,
+ * which in turn will call this function.
+ *
+ * This function initializes data structures critical to the operation of
+ * libpkix. If initialization is not successful, an Error pointer is
+ * returned. This function should only be called once. If it is called more
+ * than once, the behavior is undefined.
+ *
+ * No PKIX_* types and functions should be used before this function is
+ * called and returns successfully.
+ *
+ * PARAMETERS:
+ * "platformInitNeeded"
+ * Boolean indicating whether platform initialization is to be called
+ * "useArenas"
+ * Boolean indicating whether allocation is to be done using arenas or
+ * individual allocation (malloc).
+ * "pPlContext"
+ * Address at which platform-specific context pointer is stored. Must be
+ * non-NULL.
+ * THREAD SAFETY:
+ * Not Thread Safe
+ *
+ * This function assumes that no other thread is calling this function while
+ * it is executing.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Initialize(
+ PKIX_Boolean platformInitNeeded,
+ PKIX_Boolean useArenas,
+ void **pPlContext);
+
+/*
+ * FUNCTION: PKIX_PL_Shutdown
+ * DESCRIPTION:
+ *
+ * XXX If this function is really only meant to be used by PKIX_Shutdown,
+ * why don't we just put it in a private header file rather than the public
+ * API. I think it may confuse users.
+ *
+ * This function should NOT be called by applications. It is only meant to
+ * be used internally. The application needs only to call PKIX_Shutdown,
+ * which in turn will call this function.
+ *
+ * This function deallocates any memory used by the Portability Layer (PL)
+ * component of the libpkix library and shuts down any ongoing operations.
+ * This function should only be called once. If it is called more than once,
+ * the behavior is undefined.
+ *
+ * No PKIX_* types and functions should be used after this function is called
+ * and returns successfully.
+ *
+ * PARAMETERS:
+ * "platformInitNeeded"
+ * Boolean value of whether PKIX initialized NSS: PKIX_TRUE if we
+ * called nssInit, PKIX_FALSE otherwise
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe
+ *
+ * This function makes use of global variables and should only be called once.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Shutdown(void *plContext);
+
+/* standard memory management operations (not reference-counted) */
+
+/*
+ * FUNCTION: PKIX_PL_Malloc
+ * DESCRIPTION:
+ *
+ * Allocates a block of "size" bytes. The bytes are not initialized. A
+ * pointer to the newly allocated memory will be stored at "pMemory". The
+ * memory allocated by PKIX_PL_Malloc() may only be freed by PKIX_PL_Free().
+ * If "size" equals zero, this function stores NULL at "pMemory".
+ *
+ * PARAMETERS:
+ * "size"
+ * Number of bytes to allocate.
+ * "pMemory"
+ * Address where newly allocated pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on underlying thread safety of platform used by PL.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Malloc(
+ PKIX_UInt32 size,
+ void **pMemory,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Calloc
+ * DESCRIPTION:
+ *
+ * Allocates memory for an array of "nElem" elements, with each element
+ * requiring "elSize" bytes, and with all the bits initialized to zero. A
+ * pointer to the newly allocated memory will be stored at "pMemory". The
+ * memory allocated by PKIX_PL_Calloc() may only be freed by PKIX_PL_Free().
+ * If "nElem" equals zero or "elSize" equals zero, this function stores NULL
+ * at "pMemory".
+ *
+ * PARAMETERS:
+ * "nElem"
+ * Number of elements needed.
+ * "elSize"
+ * Number of bytes needed per element.
+ * "pMemory"
+ * Address where newly allocated pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on underlying thread safety of platform used by PL.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Calloc(
+ PKIX_UInt32 nElem,
+ PKIX_UInt32 elSize,
+ void **pMemory,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Realloc
+ * DESCRIPTION:
+ *
+ * Resizes an existing block of memory (pointed to by "ptr") to "size" bytes.
+ * Stores a pointer to the resized memory at "pNewPtr". The "ptr" must
+ * originate from either PKIX_PL_Malloc(), PKIX_PL_Realloc(), or
+ * PKIX_PL_Calloc(). If "ptr" is NULL, this function behaves as if
+ * PKIX_PL_Malloc were called. If "ptr" is not NULL and "size" equals zero,
+ * the memory pointed to by "ptr" is deallocated and this function stores
+ * NULL at "pPtr".
+ *
+ * PARAMETERS:
+ * "ptr"
+ * A pointer to an existing block of memory.
+ * "size"
+ * New size in bytes.
+ * "pPtr"
+ * Address where newly allocated pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on underlying thread safety of platform used by PL.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Realloc(
+ void *ptr,
+ PKIX_UInt32 size,
+ void **pNewPtr,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Free
+ * DESCRIPTION:
+ *
+ * Frees a block of memory pointed to by "ptr". This value must originate with
+ * either PKIX_PL_Malloc(), PKIX_PL_Calloc, or PKIX_PL_Realloc(). If "ptr" is
+ * NULL, the function has no effect.
+ *
+ * PARAMETERS:
+ * "ptr"
+ * A pointer to an existing block of memory.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on underlying thread safety of platform used by PL.
+ * RETURNS:
+ * Returns NULL always.
+ */
+PKIX_Error *
+PKIX_PL_Free(
+ void *ptr,
+ void *plContext);
+
+/* Callback Types
+ *
+ * The next few typedefs define function pointer types for the standard
+ * functions associated with every object type. See the Implementation
+ * Guidelines or the comments below for more information.
+ */
+
+/*
+ * TYPE: PKIX_PL_DestructorCallback
+ * DESCRIPTION:
+ *
+ * This callback function destroys (or DecRef's) any pointers contained in
+ * the user data for the Object pointed to by "object" before the Object is
+ * destroyed.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object to destroy. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts (as long as they're not operating on the same
+ * object and nobody else is performing an operation on the object at the
+ * same time). Both of these conditions should be guaranteed by the fact that
+ * the object's ref count was reduced to 0 in a lock that's still held when
+ * this callback is called.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_PL_DestructorCallback)(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+/*
+ * TYPE: PKIX_PL_EqualsCallback
+ * DESCRIPTION:
+ *
+ * This callback function compares the Object pointed to by "firstObject" with
+ * the Object pointed to by "secondObject" for equality and stores the result
+ * at "pResult" (PKIX_TRUE if equal; PKIX_FALSE if not).
+ *
+ * PARAMETERS:
+ * "firstObject"
+ * Address of first object to compare. Must be non-NULL.
+ * "secondObject"
+ * Address of second object to compare. Must be non-NULL.
+ * "pResult"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_PL_EqualsCallback)(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext);
+
+/*
+ * TYPE: PKIX_PL_HashcodeCallback
+ * DESCRIPTION:
+ *
+ * This callback function computes the hashcode of the Object pointed to by
+ * "object" and stores the result at "pValue".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose hashcode is desired. Must be non-NULL.
+ * "pValue"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_PL_HashcodeCallback)(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pValue,
+ void *plContext);
+
+/*
+ * TYPE: PKIX_PL_ToStringCallback
+ * DESCRIPTION:
+ *
+ * This callback function converts the Object pointed to by "object" to a
+ * string representation and stores the result at "pString".
+ *
+ * PARAMETERS:
+ * "object"
+ * Object to get a string representation from. Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_PL_ToStringCallback)(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+/*
+ * TYPE: PKIX_PL_ComparatorCallback
+ * DESCRIPTION:
+ *
+ * This callback function determines how the Object pointed to by
+ * "firstObject" compares to the Object pointed to by "secondObject" and
+ * stores the result at "pResult".
+ *
+ * Result is less than 0 if firstObject < secondObject
+ * Result equals 0 if firstObject = secondObject
+ * Result is greater than 0 if firstObject > secondObject
+ *
+ * PARAMETERS:
+ * "firstObject"
+ * Address of the first Object to compare. Must be non-NULL.
+ * "secondObject"
+ * Address of the second Object to compare. Must be non-NULL.
+ * "pResult"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_PL_ComparatorCallback)(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext);
+
+/*
+ * TYPE: PKIX_PL_DuplicateCallback
+ * DESCRIPTION:
+ *
+ * This callback function creates a copy of the Object pointed to by "object"
+ * and stores it at "pNewObject". Changes to the copy will not affect the
+ * original and vice versa.
+ *
+ * Note that if "object" is immutable, the Duplicate callback function simply
+ * needs to increment the reference count on "object" and return a reference
+ * to "object".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of the object to be copied. Must be non-NULL.
+ * "pNewObject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_PL_DuplicateCallback)(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext);
+
+/* reference-counted objects */
+
+/*
+ * FUNCTION: PKIX_PL_Object_Alloc
+ * DESCRIPTION:
+ *
+ * Allocates a new Object of type "type" with "size" bytes and stores the
+ * resulting pointer at "pObject". The reference count of the newly
+ * allocated object will be initialized to 1. To improve performance, each
+ * object maintains a small cache for the results of Hashcode and ToString.
+ * Mutable objects should call InvalidateCache whenever changes are made to
+ * the object's state (after creation). If an error occurs during allocation,
+ * "pObject" will be set to NULL. If "size" equals zero, this function creates
+ * an Object with a reference count of 1, and places a pointer to unallocated
+ * memory at "pMemory".
+ *
+ * PARAMETERS:
+ * "type"
+ * The type code of this object. See pkixt.h for codes. The type code
+ * must be previously registered with PKIX_PL_Object_RegisterType().
+ * "size"
+ * The number of bytes needed for this object.
+ * "pMemory"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Alloc(
+ PKIX_TYPENUM type,
+ PKIX_UInt32 size,
+ PKIX_PL_Object **pObject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_IsTypeRegistered
+ * DESCRIPTION:
+ *
+ * Checks whether "type" has been registered by a previous call to
+ * PKIX_PL_Object_RegisterType() and stores the Boolean result at "pBool".
+ * This function will typically only be called by constructors for specific
+ * types.
+ *
+ * PARAMETERS:
+ * "type"
+ * The type code to check if valid.
+ * "pBool"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_IsTypeRegistered(
+ PKIX_UInt32 type,
+ PKIX_Boolean *pBool,
+ void *plContext);
+
+#ifdef PKIX_USER_OBJECT_TYPE
+/*
+ * FUNCTION: PKIX_PL_Object_RegisterType
+ * DESCRIPTION:
+ *
+ * Registers a new Object with type value "type" and associates it with a set
+ * of functions ("destructor", "equalsFunction", "hashcodeFunction",
+ * "toStringFunction", "comparator", "duplicateFunction"). The new type value
+ * is also associated with a string pointed to by "description", which is used
+ * by the default ToStringCallback. This function may only be called with a
+ * particular "type" value once. If "destructor", "equalsFunction",
+ * "hashcodeFunction", or "toStringFunction" are NULL, default functions will
+ * be registered. However, if "comparator" and "duplicateFunction" are NULL,
+ * no functions will be registered and calls to PKIX_PL_Object_Compare and
+ * PKIX_PL_Object_Duplicate will result in an error.
+ *
+ * PARAMETERS:
+ * "type"
+ * The type code.
+ * "description"
+ * The string used by the default ToStringCallback. Default used if NULL.
+ * "destructor"
+ * The DestructorCallback function to be set. Default used if NULL.
+ * "equalsFunction"
+ * The EqualsCallback function to be set. Default used if NULL.
+ * "hashcodeFunction"
+ * The HashcodeCallback function to be set. Default used if NULL.
+ * "toStringFunction"
+ * The ToStringCallback function to be set. Default used if NULL.
+ * "comparator"
+ * The ComparatorCallback function to be set. None set if NULL. If no
+ * callback function is set in this field, calls to
+ * PKIX_PL_Object_Compare() will result in an error.
+ * "duplicateFunction"
+ * The DuplicateCallback function to be set. None set if NULL. If no
+ * callback function is set in this field, calls to
+ * PKIX_PL_Object_Duplicate() will result in an error.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if "type" is already registered.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_RegisterType(
+ PKIX_UInt32 type,
+ char *description,
+ PKIX_PL_DestructorCallback destructor,
+ PKIX_PL_EqualsCallback equalsFunction,
+ PKIX_PL_HashcodeCallback hashcodeFunction,
+ PKIX_PL_ToStringCallback toStringFunction,
+ PKIX_PL_ComparatorCallback comparator,
+ PKIX_PL_DuplicateCallback duplicateFunction,
+ void *plContext);
+
+#endif
+/*
+ * FUNCTION: PKIX_PL_Object_InvalidateCache
+ * DESCRIPTION:
+ *
+ * Invalidates the cache of the Object pointed to by "object". The cache
+ * contains results of Hashcode and ToString. This function should be used by
+ * mutable objects whenever changes are made to the Object's state (after
+ * creation).
+ *
+ * For example, if ToString is called on a mutable Object, the result will be
+ * computed, cached, and returned. If the Object's state does not change, a
+ * subsequent call to ToString will recognize that the relevant result is
+ * cached and will simply return the result (without calling the Object's
+ * ToStringCallback to recompute it). However, when the Object's state
+ * changes, the cache needs to be invalidated in order to force a subsequent
+ * call to ToString to recompute the result.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose cache is to be invalidated. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY
+ * Thread Safe - Object Type Table is locked during modification.
+ *
+ * Multiple threads can safely call this function without worrying about
+ * conflicts, even if they're operating on the same object.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_InvalidateCache(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_IncRef
+ * DESCRIPTION:
+ *
+ * Increments the reference count of the Object pointed to by "object".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose reference count is to be incremented.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_IncRef(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_DecRef
+ * DESCRIPTION:
+ *
+ * Decrements the reference count of the Object pointed to by "object". If the
+ * resulting reference count is zero, the destructor (if any) registered for
+ * the Object's type (by PKIX_PL_RegisterType) will be called and then the
+ * Object will be destroyed.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose reference count is to be decremented.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * If destructor is not called, multiple threads can safely call this function
+ * without worrying about conflicts, even if they're operating on the same
+ * object. If destructor is called, thread safety depends on the callback
+ * defined by PKIX_PL_RegisterType().
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_DecRef(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_Equals
+ * DESCRIPTION:
+ *
+ * Compares the Object pointed to by "firstObject" with the Object pointed to
+ * by "secondObject" for equality using the callback function registered for
+ * "firstObject"'s type, and stores the Boolean result at "pResult". While
+ * typical callbacks will return PKIX_FALSE if the objects are of different
+ * types, other callbacks may be capable of comparing objects of different
+ * types [which may correctly result in cases where Equals(first, second)
+ * differs from Equals(second, first)].
+ *
+ * PARAMETERS:
+ * "firstObject"
+ * Address of the first Object to compare. Must be non-NULL.
+ * The EqualsCallback for this Object will be called.
+ * "secondObject"
+ * Address of the second Object to compare. Must be non-NULL.
+ * "pResult"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on the callback defined by PKIX_PL_RegisterType().
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_Hashcode
+ * DESCRIPTION:
+ *
+ * Computes a hashcode of the Object pointed to by "object" using the
+ * callback registered for "object"'s type and stores it at "pValue". Two
+ * objects which are equal should have the same hashcode. Once a call to
+ * Hashcode has been made, the results are cached and subsequent calls to
+ * Hashcode will return the cached value. For mutable objects, an
+ * InvalidateCache function is provided, which should be called whenever
+ * changes are made to the object's state (after creation).
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of the Object whose hashcode is desired. Must be non-NULL.
+ * The HashcodeCallback for this object will be called.
+ * "pValue"
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread safety depends on the callback defined by PKIX_PL_RegisterType().
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pValue,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_ToString
+ * DESCRIPTION:
+ *
+ * Creates a string representation of the Object pointed to by "object" using
+ * the callback registered for "object"'s type and stores it at "pString".
+ * Once a call to ToString has been made, the results are cached and
+ * subsequent calls to ToString will return the cached value. For mutable
+ * objects, an InvalidateCache function is provided, which should be called
+ * whenever changes are made to the object's state (after creation).
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose string representation is desired.
+ * Must be non-NULL. The ToStringCallback for this object will be called.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on the callback defined by PKIX_PL_RegisterType().
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_Compare
+ * DESCRIPTION:
+ *
+ * Compares the Object pointed to by "firstObject" and the Object pointed to
+ * by "secondObject" using the comparator registered for "firstObject"'s type
+ * and stores the result at "pResult". Different types may be compared. This
+ * may correctly result in cases where Compare(first, second) is not the
+ * opposite of Compare(second, first). The PKIX_Int32 value stored at
+ * "pResult" will be:
+ * Less than 0 if "firstObject" < "secondObject"
+ * Equals to 0 if "firstObject" = "secondObject"
+ * Greater than 0 if "firstObject" > "secondObject"
+ *
+ * PARAMETERS:
+ * "firstObject"
+ * Address of first Object to compare. Must be non-NULL.
+ * The ComparatorCallback for this object will be called.
+ * "secondObject"
+ * Address of second object to compare. Must be non-NULL.
+ * "pResult
+ * Address where PKIX_Int32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on the comparator defined by PKIX_PL_RegisterType().
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Compare(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_Duplicate
+ * DESCRIPTION:
+ *
+ * Creates a duplicate copy of the Object pointed to by "object" using the
+ * callback registered for "object"'s type and stores the copy at
+ * "pNewObject". Changes to the new object will not affect the original and
+ * vice versa.
+ *
+ * Note that if "object" is immutable, the Duplicate callback function simply
+ * needs to increment the reference count on "object" and return a reference
+ * to "object".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object to be duplicated. Must be non-NULL.
+ * The DuplicateCallback for this Object will be called.
+ * "pNewObject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread safety depends on the callback defined by PKIX_PL_RegisterType().
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_GetType
+ * DESCRIPTION:
+ *
+ * Retrieves the type code of the Object pointed to by "object" and stores it
+ * at "pType". See pkixt.h for type codes.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose type is desired. Must be non-NULL.
+ * "pType"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_GetType(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pType,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_Lock
+ * DESCRIPTION:
+ *
+ * Locks the Mutex associated with the Object pointed to by "object". When an
+ * object is created, it is associated with an object-specific Mutex to allow
+ * for synchronization when the fields of the object are modified.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose Mutex is to be locked. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Lock(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Object_Unlock
+ * DESCRIPTION:
+ *
+ * Unlocks the Mutex associated with the Object pointed to by "object". When
+ * an object is created, it is associated with an object-specific Mutex to
+ * allow for synchronization when the fields of the object are modified.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose Mutex is to be unlocked. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Object_Unlock(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+/* mutexes (locks) */
+
+/*
+ * FUNCTION: PKIX_PL_Mutex_Create
+ * DESCRIPTION:
+ *
+ * Creates a new Mutex and stores it at "pNewLock".
+ *
+ * PARAMETERS:
+ * "pNewLock"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Mutex_Create(
+ PKIX_PL_Mutex **pNewLock,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Mutex_Lock
+ * DESCRIPTION:
+ *
+ * Locks the Mutex pointed to by "lock". If the Mutex is already locked, this
+ * function will block the current thread until the mutex can be locked by
+ * this thread.
+ *
+ * PARAMETERS:
+ * "lock"
+ * Address of Mutex to lock. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Mutex_Lock(
+ PKIX_PL_Mutex *lock,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Mutex_Unlock
+ * DESCRIPTION:
+ *
+ * Unlocks the Mutex pointed to by "lock" if the current thread holds the
+ * Mutex.
+ *
+ * PARAMETERS:
+ * "lock"
+ * Address of Mutex to unlock. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Mutex_Unlock(
+ PKIX_PL_Mutex *lock,
+ void *plContext);
+
+/* monitor (locks) */
+
+/*
+ * FUNCTION: PKIX_PL_MonitorLock_Create
+ * DESCRIPTION:
+ *
+ * Creates a new PKIX_PL_MonitorLock and stores it at "pNewLock".
+ *
+ * PARAMETERS:
+ * "pNewLock"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_MonitorLock_Create(
+ PKIX_PL_MonitorLock **pNewLock,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_MonitorLock_Enter
+ * DESCRIPTION:
+ *
+ * Locks the MonitorLock pointed to by "lock". If the MonitorLock is already
+ * locked by other thread, this function will block the current thread. If
+ * the "lock" had been locked by current thread, this function will NOT block.
+ *
+ * PARAMETERS:
+ * "lock"
+ * Address of MonitorLock to lock. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_MonitorLock_Enter(
+ PKIX_PL_MonitorLock *lock,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_MonitorLock_Exit
+ * DESCRIPTION:
+ *
+ * Unlocks the MonitorLock pointed to by "lock" if the lock counter of
+ * current thread holds the MonitorLock reach 0, the lock is released.
+ *
+ * PARAMETERS:
+ * "lock"
+ * Address of MonitorLock to unlock. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_MonitorLock_Exit(
+ PKIX_PL_MonitorLock *lock,
+ void *plContext);
+
+/* strings and formatted printing */
+
+/*
+ * FUNCTION: PKIX_PL_String_Create
+ * DESCRIPTION:
+ *
+ * Creates a new String using the data pointed to by "pString", the
+ * PKIX_UInt32 pointed to by "stringLen", and the PKIX_UInt32 pointed to by
+ * "fmtIndicator" and stores it at "pString". If the format is PKIX_ESCASCII
+ * the "stringLen" parameter is ignored and the string extends until a zero
+ * byte is found. Once created, a String object is immutable.
+ *
+ * Valid formats are:
+ * PKIX_ESCASCII
+ * PKIX_ESCASCII_DEBUG
+ * PKIX_UTF8
+ * PKIX_UTF8_NULL_TERM
+ * PKIX_UTF16
+ *
+ * PARAMETERS:
+ * "fmtIndicator"
+ * Format that "stringRep" is encoded with. Must be non-NULL.
+ * "stringRep"
+ * Address of encoded string representation. Must be non-NULL.
+ * "stringLen"
+ * Length of data stored at stringRep.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_String_Create(
+ PKIX_UInt32 fmtIndicator,
+ const void *stringRep,
+ PKIX_UInt32 stringLen,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_Sprintf
+ * DESCRIPTION:
+ *
+ * Creates a formatted string at "pOut" using the given format "fmt" and a
+ * variable length list of arguments. The format flags are identical to
+ * standard C with the exception that %s expects a PKIX_PL_String*, rather
+ * than a char *, and that {%d, %i, %o, %u, %x, %X} expect PKIX_UInt32 or
+ * PKIX_Int32 instead of int or unsigned int.
+ *
+ * PARAMETERS:
+ * "pOut"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * "fmt"
+ * Address of format string. Must be non-NULL.
+ * THREAD SAFETY:
+ * Not Thread Safe - Caller must have exclusive access to all arguments.
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Sprintf(
+ PKIX_PL_String **pOut,
+ void *plContext,
+ const PKIX_PL_String *fmt, ...);
+
+/*
+ * FUNCTION: PKIX_PL_GetString
+ * DESCRIPTION:
+ *
+ * Retrieves the String associated with the value of "stringID" (if any) and
+ * stores it at "pString". If no such string is associated with "stringID",
+ * this function uses "defaultString" to create a String and stores it at
+ * "pString".
+ *
+ * PARAMETERS:
+ * "stringID"
+ * PKIX_UInt32 valud of string identifier.
+ * "defaultString"
+ * Address of a PKIX_ESCASCII encoded string representation.
+ * Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_GetString(
+ PKIX_UInt32 stringID,
+ char *defaultString,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_String_GetEncoded
+ * DESCRIPTION:
+ *
+ * Retrieves the value of the String pointed to by "string" in the encoding
+ * specified by "fmtIndicator" and stores the result in "pStringRep" and
+ * "pLength", respectively. Note that "pStringRep" is not reference counted
+ * and will need to be freed with PKIX_PL_Free().
+ *
+ * PARAMETERS:
+ * "string"
+ * Address of String whose encoded value is desired. Must be non-NULL.
+ * "fmtIndicator"
+ * Format of encoding. Supported formats are:
+ * PKIX_ESCASCII, PKIX_ESCASII_DEBUG, PKIX_UTF8, PKIX_UTF8_NULL_TERM, and
+ * PKIX_UTF16. XXX Where are these documented?
+ * "pStringRep"
+ * Address where pointer to encoded value will be stored.
+ * Must be non-NULL.
+ * "pLength"
+ * Address where byte length of encoded value will be stored.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_String_GetEncoded(
+ PKIX_PL_String *string,
+ PKIX_UInt32 fmtIndicator,
+ void **pStringRep,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+/*
+ * Hashtable
+ *
+ * A hashtable is a very efficient data structure used for mapping keys to
+ * values. Any non-null PKIX_PL_Object can be used as a key or as a value,
+ * provided that it correctly implements the PKIX_PL_EqualsCallback and the
+ * PKIX_PL_HashcodeCallback. A hashtable consists of several buckets, with
+ * each bucket capable of holding a linked list of key/value mappings. When
+ * adding, retrieving, or deleting a value, the hashcode of the key is used to
+ * determine which bucket's linked list is relevant. The corresponding
+ * key/value pair is then appended, retrieved, or deleted.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Create
+ * DESCRIPTION:
+ *
+ * Creates a new Hashtable with an initial capacity of "numBuckets" buckets
+ * and "maxEntriesPerBucket" of entries limit for each bucket and stores it
+ * at "pResult".
+ *
+ * PARAMETERS:
+ * "numBuckets"
+ * The initial number of hash table buckets. Must be non-zero.
+ * "maxEntriesPerBucket"
+ * The limit of entries per bucket. Zero means no limit.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Create(
+ PKIX_UInt32 numBuckets,
+ PKIX_UInt32 maxEntriesPerBucket,
+ PKIX_PL_HashTable **pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Add
+ * DESCRIPTION:
+ *
+ * Adds a key/value mapping using the Objects pointed to by "key" and "value"
+ * to the Hashtable pointed to by "ht".
+ *
+ * Function increments key/value reference counts. Caller is responsible to
+ * to decrement(destroy) key/value ref counts(objects).
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of Hashtable to be added to. Must be non-NULL.
+ * "key"
+ * Address of Object to be associated with "value". Must be non-NULL.
+ * "value"
+ * Address of Object to be added to Hashtable. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Hashtable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Add(
+ PKIX_PL_HashTable *ht,
+ PKIX_PL_Object *key,
+ PKIX_PL_Object *value,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Remove
+ * DESCRIPTION:
+ *
+ * Removes the Object value whose key is equal to the Object pointed to by
+ * "key" from the Hashtable pointed to by "ht". If no such object exists,
+ * this function throws an Error.
+ *
+ * Function frees "value" object. Caller is responsible to free "key"
+ * object.
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of Hashtable to remove object from. Must be non-NULL.
+ * "key"
+ * Address of Object used for lookup. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Hashtable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Remove(
+ PKIX_PL_HashTable *ht,
+ PKIX_PL_Object *key,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Lookup
+ * DESCRIPTION:
+ *
+ * Retrieves the Object whose key equals the Object pointed to by "key" from
+ * the Hashtable associated with "ht" and stores it at "pResult". If no
+ * Object is found, this function stores NULL at "pResult".
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of Hashtable to lookup Object from. Must be non-NULL.
+ * "key"
+ * Address of key Object used for lookup. Must be non-NULL.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Hashtable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Lookup(
+ PKIX_PL_HashTable *ht,
+ PKIX_PL_Object *key,
+ PKIX_PL_Object **pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_ByteArray_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ByteArray using "length" bytes of data pointed to by "array"
+ * and stores it at "pByteArray". Once created, a ByteArray is immutable.
+ *
+ * PARAMETERS:
+ * "array"
+ * Address of source data.
+ * "length"
+ * Number of bytes to copy.
+ * "pByteArray"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_ByteArray_Create(
+ void *array,
+ PKIX_UInt32 length,
+ PKIX_PL_ByteArray **pByteArray,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_ByteArray_GetPointer
+ * DESCRIPTION:
+ *
+ * Allocates enough memory to hold the contents of the ByteArray pointed to
+ * by "byteArray", copies the data from the ByteArray pointed to by
+ * "byteArray" into the newly allocated memory, and stores a pointer to the
+ * memory at "pArray". Note that "pArray" is not reference counted. It will
+ * need to be freed with PKIX_PL_Free().
+ *
+ * PARAMETERS:
+ * "byteArray"
+ * Address of ByteArray whose data is desired. Must be non-NULL.
+ * "pArray"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_ByteArray_GetPointer(
+ PKIX_PL_ByteArray *byteArray,
+ void **pArray,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_ByteArray_GetLength
+ * DESCRIPTION:
+ *
+ * Retrieves the length of the ByteArray pointed to by "byteArray" and stores
+ * the length at "pLength".
+ *
+ * PARAMETERS:
+ * "byteArray"
+ * Address of ByteArray whose length is desired. Must be non-NULL.
+ * "pLength"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_ByteArray_GetLength(
+ PKIX_PL_ByteArray *byteArray,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_OID_Create
+ * DESCRIPTION:
+ *
+ * Creates a new OID using NSS oid tag.
+ *
+ * PARAMETERS:
+ * "idtag"
+ * nss oid id tag.
+ * "pOID"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_OID_Create(
+ SECOidTag idtag,
+ PKIX_PL_OID **pOID,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_OID_CreateBySECItem
+ * DESCRIPTION:
+ *
+ * Creates a new OID using a DER encoded OID stored as SECItem.
+ *
+ * PARAMETERS:
+ * "derOid"
+ * Address of SECItem that holds DER encoded OID.
+ * "pOID"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_OID_CreateBySECItem(
+ SECItem *derOid,
+ PKIX_PL_OID **pOID,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_BigInt_Create
+ * DESCRIPTION:
+ *
+ * Creates a new BigInt using the source String pointed to by "stringRep" and
+ * stores it at "pBigInt". Valid source Strings consist of an even number of
+ * hexadecimal digits, which are always interpreted as a positive number.
+ * Once created, a BigInt is immutable.
+ *
+ * The regexp format is:
+ * HexDigit ::= [0-9] | [A-F] | [a-f]
+ * DoubleHex ::= HexDigit HexDigit
+ * BigIntSrc ::= (DoubleHex)+
+ *
+ * Note that since we are using DoubleHex, the number of characters in the
+ * source MUST be even. Additionally, the first DoubleHex MUST NOT be "00"
+ * unless it is the only DoubleHex.
+ *
+ * Valid : "09"
+ * Valid : "00" (special case where first and only DoubleHex is "00")
+ * Invalid: "9" (not DoubleHex: odd number of characters)
+ * Invalid: "0009" (first DoubleHex is "00")
+ *
+ * XXX Why does this take a String object while OID_Create takes a char* ?
+ * Perhaps because OID_Create is often used with constant strings and
+ * this function isn't. That's a good reason, but we should explain it
+ * (if it's right)
+ * PARAMETERS:
+ * "stringRep"
+ * Address of String representing a BigInt. Must be non-NULL.
+ * "pBigInt"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a BigInt Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_BigInt_Create(
+ PKIX_PL_String *stringRep,
+ PKIX_PL_BigInt **pBigInt,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+/*
+ * FUNCTION: PKIX_PL_GetPLErrorCode
+ * DESCRIPTION:
+ *
+ * Returns error code from PL layer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * PL layer error code.
+ */
+int
+PKIX_PL_GetPLErrorCode();
+
+#endif /* _LIBPKIX_SYSTEM_H */
diff --git a/security/nss/lib/libpkix/include/pkix_results.h b/security/nss/lib/libpkix/include/pkix_results.h
new file mode 100755
index 000000000..bf4a381fa
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_results.h
@@ -0,0 +1,425 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the results used
+ * by the top-level functions.
+ *
+ */
+
+#ifndef _PKIX_RESULTS_H
+#define _PKIX_RESULTS_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+/* PKIX_ValidateResult
+ *
+ * PKIX_ValidateResult represents the result of a PKIX_ValidateChain call. It
+ * consists of the valid policy tree and public key resulting from validation,
+ * as well as the trust anchor used for this chain. Once created, a
+ * ValidateResult object is immutable.
+ */
+
+/*
+ * FUNCTION: PKIX_ValidateResult_GetPolicyTree
+ * DESCRIPTION:
+ *
+ * Retrieves the PolicyNode component (representing the valid_policy_tree)
+ * from the ValidateResult object pointed to by "result" and stores it at
+ * "pPolicyTree".
+ *
+ * PARAMETERS:
+ * "result"
+ * Address of ValidateResult whose policy tree is to be stored. Must be
+ * non-NULL.
+ * "pPolicyTree"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateResult_GetPolicyTree(
+ PKIX_ValidateResult *result,
+ PKIX_PolicyNode **pPolicyTree,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ValidateResult_GetPublicKey
+ * DESCRIPTION:
+ *
+ * Retrieves the PublicKey component (representing the valid public_key) of
+ * the ValidateResult object pointed to by "result" and stores it at
+ * "pPublicKey".
+ *
+ * PARAMETERS:
+ * "result"
+ * Address of ValidateResult whose public key is to be stored.
+ * Must be non-NULL.
+ * "pPublicKey"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateResult_GetPublicKey(
+ PKIX_ValidateResult *result,
+ PKIX_PL_PublicKey **pPublicKey,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_ValidateResult_GetTrustAnchor
+ * DESCRIPTION:
+ *
+ * Retrieves the TrustAnchor component (representing the trust anchor used
+ * during chain validation) of the ValidateResult object pointed to by
+ * "result" and stores it at "pTrustAnchor".
+ *
+ * PARAMETERS:
+ * "result"
+ * Address of ValidateResult whose trust anchor is to be stored.
+ * Must be non-NULL.
+ * "pTrustAnchor"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_ValidateResult_GetTrustAnchor(
+ PKIX_ValidateResult *result,
+ PKIX_TrustAnchor **pTrustAnchor,
+ void *plContext);
+
+/* PKIX_BuildResult
+ *
+ * PKIX_BuildResult represents the result of a PKIX_BuildChain call. It
+ * consists of a ValidateResult object, as well as the built and validated
+ * CertChain. Once created, a BuildResult object is immutable.
+ */
+
+/*
+ * FUNCTION: PKIX_BuildResult_GetValidateResult
+ * DESCRIPTION:
+ *
+ * Retrieves the ValidateResult component (representing the build's validate
+ * result) of the BuildResult object pointed to by "result" and stores it at
+ * "pResult".
+ *
+ * PARAMETERS:
+ * "result"
+ * Address of BuildResult whose ValidateResult component is to be stored.
+ * Must be non-NULL.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_BuildResult_GetValidateResult(
+ PKIX_BuildResult *result,
+ PKIX_ValidateResult **pResult,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_BuildResult_GetCertChain
+ * DESCRIPTION:
+ *
+ * Retrieves the List of Certs (certChain) component (representing the built
+ * and validated CertChain) of the BuildResult object pointed to by "result"
+ * and stores it at "pChain".
+ *
+ * PARAMETERS:
+ * "result"
+ * Address of BuildResult whose CertChain component is to be stored.
+ * Must be non-NULL.
+ * "pChain"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_BuildResult_GetCertChain(
+ PKIX_BuildResult *result,
+ PKIX_List **pChain,
+ void *plContext);
+
+/* PKIX_PolicyNode
+ *
+ * PKIX_PolicyNode represents a node in the policy tree returned in
+ * ValidateResult. The policy tree is the same length as the validated
+ * certificate chain and the nodes are associated with a particular depth
+ * (corresponding to a particular certificate in the chain).
+ * PKIX_ValidateResult_GetPolicyTree returns the root node of the valid policy
+ * tree. Other nodes can be accessed using the getChildren and getParents
+ * functions, and individual elements of a node can be accessed with the
+ * appropriate gettors. Once created, a PolicyNode is immutable.
+ */
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetChildren
+ * DESCRIPTION:
+ *
+ * Retrieves the List of PolicyNodes representing the child nodes of the
+ * Policy Node pointed to by "node" and stores it at "pChildren". If "node"
+ * has no child nodes, this function stores an empty List at "pChildren".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose child nodes are to be stored.
+ * Must be non-NULL.
+ * "pChildren"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetChildren(
+ PKIX_PolicyNode *node,
+ PKIX_List **pChildren, /* list of PKIX_PolicyNode */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetParent
+ * DESCRIPTION:
+ *
+ * Retrieves the PolicyNode representing the parent node of the PolicyNode
+ * pointed to by "node" and stores it at "pParent". If "node" has no parent
+ * node, this function stores NULL at "pParent".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose parent node is to be stored.
+ * Must be non-NULL.
+ * "pParent"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetParent(
+ PKIX_PolicyNode *node,
+ PKIX_PolicyNode **pParent,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetValidPolicy
+ * DESCRIPTION:
+ *
+ * Retrieves the OID representing the valid policy of the PolicyNode pointed
+ * to by "node" and stores it at "pValidPolicy".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose valid policy is to be stored.
+ * Must be non-NULL.
+ * "pValidPolicy"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetValidPolicy(
+ PKIX_PolicyNode *node,
+ PKIX_PL_OID **pValidPolicy,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetPolicyQualifiers
+ * DESCRIPTION:
+ *
+ * Retrieves the List of CertPolicyQualifiers representing the policy
+ * qualifiers associated with the PolicyNode pointed to by "node" and stores
+ * it at "pQualifiers". If "node" has no policy qualifiers, this function
+ * stores an empty List at "pQualifiers".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose policy qualifiers are to be stored.
+ * Must be non-NULL.
+ * "pQualifiers"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetPolicyQualifiers(
+ PKIX_PolicyNode *node,
+ PKIX_List **pQualifiers, /* list of PKIX_PL_CertPolicyQualifier */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetExpectedPolicies
+ * DESCRIPTION:
+ *
+ * Retrieves the List of OIDs representing the expected policies associated
+ * with the PolicyNode pointed to by "node" and stores it at "pExpPolicies".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose expected policies are to be stored.
+ * Must be non-NULL.
+ * "pExpPolicies"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetExpectedPolicies(
+ PKIX_PolicyNode *node,
+ PKIX_List **pExpPolicies, /* list of PKIX_PL_OID */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PolicyNode_IsCritical
+ * DESCRIPTION:
+ *
+ * Checks the criticality field of the PolicyNode pointed to by "node" and
+ * stores the Boolean result at "pCritical".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose criticality field is examined.
+ * Must be non-NULL.
+ * "pCritical"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_IsCritical(
+ PKIX_PolicyNode *node,
+ PKIX_Boolean *pCritical,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetDepth
+ * DESCRIPTION:
+ *
+ * Retrieves the depth component of the PolicyNode pointed to by "node" and
+ * stores it at "pDepth".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose depth component is to be stored.
+ * Must be non-NULL.
+ * "pDepth"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Result Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetDepth(
+ PKIX_PolicyNode *node,
+ PKIX_UInt32 *pDepth,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_RESULTS_H */
diff --git a/security/nss/lib/libpkix/include/pkix_revchecker.h b/security/nss/lib/libpkix/include/pkix_revchecker.h
new file mode 100755
index 000000000..a16d23a93
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_revchecker.h
@@ -0,0 +1,215 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with the PKIX_RevocationChecker
+ * type.
+ *
+ */
+
+#ifndef _PKIX_REVCHECKER_H
+#define _PKIX_REVCHECKER_H
+
+#include "pkixt.h"
+#include "pkix_pl_pki.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_RevocationChecker
+ *
+ * PKIX_RevocationChecker provides a standard way of revocation checking.
+ * Caller should configure two set of tests(represented at lists of
+ * RevocationMethod objects) to be performed on the leaf and on the rest of
+ * the chain certificates.
+ *
+ * PKIX_RevocationMethods provide a standard way for the caller to insert
+ * their own custom revocation checks to verify the revocation status of
+ * certificates. This may be useful in many scenarios, including when the
+ * caller wishes to use their own revocation checking mechanism instead of (or
+ * in addition to) the default revocation checking mechanism provided by
+ * libpkix, which uses CRLs and OCSP.
+ *
+ * Once the caller has created the RevocationMethod object(s), the caller
+ * then specifies the RevocationMethod object(s) in a RevocationCheck object
+ * and sets it into a ProcessingParams.
+ */
+
+/*
+ * FUNCTION: PKIX_RevocationChecker_Create
+ * DESCRIPTION:
+ *
+ * Creates a revocation checker object with the given flags. Revocation will
+ * be checked at the current date.
+ *
+ * PARAMETERS:
+ * "leafMethodListFlags"
+ * Defines a set of method independent flags that will be used to check
+ * revocation of the leaf cert in the chain.
+ * "chainMethodListFlags"
+ * Defines a set of method independent flags that will be used to check
+ * revocation of the remaining certs in the chain.
+ * "pChecker"
+ * The return address of created checker.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a RevocationChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_RevocationChecker_Create(
+ PKIX_UInt32 leafMethodListFlags,
+ PKIX_UInt32 chainMethodListFlags,
+ PKIX_RevocationChecker **pChecker,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_RevocationChecker_CreateAndAddMethod
+ * DESCRIPTION:
+ *
+ * Creates revocation method object with given parameters and adds it
+ * to revocation checker method list.
+ *
+ * PARAMETERS:
+ * "revChecker"
+ * Address of revocation checker structure.
+ * "procParams"
+ * Address of ProcessingParams used to initialize the checker.
+ * Must be non-NULL.
+ * "methodType"
+ * Type of the method. Currently only two types are
+ * supported: crl and ocsp. (See PKIX_RevocationMethodType enum).
+ * "methodFlags"
+ * Set of flags for the method.
+ * "methodPriority"
+ * Method priority. (0 corresponds to the highest priority)
+ * "verificationFn"
+ * User call back function that will perform validation of fetched
+ * revocation information(new crl or ocsp response)
+ * "isLeafMethod"
+ * Boolean flag that if set to true indicates that the method should
+ * should be used for leaf cert revocation test(false for chain set
+ * methods).
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a RevocationChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_RevocationChecker_CreateAndAddMethod(
+ PKIX_RevocationChecker *revChecker,
+ PKIX_ProcessingParams *params,
+ PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 methodFlags,
+ PKIX_UInt32 methodPriority,
+ PKIX_PL_VerifyCallback verificationFn,
+ PKIX_Boolean isLeafMethod,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_RevocationChecker_Check
+ * DESCRIPTION:
+ *
+ * Verifies revocation status of the certificate. Issuer cert is given to
+ * be used in verification of revocation information. Performed verification
+ * check depends on configured revocation methods(ocsp, crl. See
+ * PKIX_RevocationChecker_CreateAndAddMethod function) and a point of chain
+ * building process at which PKIX_RevocationChecker_Check was invoked.
+ * For security reasons, the cert status is checked only against cached
+ * revocation information during chain building stage(no trust anchor yes has
+ * been found). The fresh revocation information fetching is done only at chain
+ * verification stage after trust anchor was identified.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert whose revocation status is to be determined.
+ * Must be non-NULL.
+ * "issuer"
+ * Issuer cert that potentially holds public key that will be used
+ * to verify revocation info.
+ * "revChecker"
+ * Address of revocation checker structure.
+ * "procParams"
+ * Address of ProcessingParams used to initialize the checker.
+ * Must be non-NULL.
+ * "chainVerificationState"
+ * Need to be set to true, if the check was called during chain verification
+ * as an opposite to chain building.
+ * "testingLeafCert"
+ * Set to true if verifying revocation status of a leaf cert.
+ * "revStatus"
+ * Address of the returned revocation status of the cert.
+ * "pResultCode"
+ * Address where revocation status will be stored. Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which platform-dependent non-blocking I/O context is stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a RevocationChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_RevocationChecker_Check(PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_RevocationChecker *revChecker,
+ PKIX_ProcessingParams *procParams,
+ PKIX_Boolean chainVerificationState,
+ PKIX_Boolean testingLeafCert,
+ PKIX_RevocationStatus *revStatus,
+ PKIX_UInt32 *pReasonCode,
+ void **pNbioContext,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_REVCHECKER_H */
diff --git a/security/nss/lib/libpkix/include/pkix_sample_modules.h b/security/nss/lib/libpkix/include/pkix_sample_modules.h
new file mode 100755
index 000000000..75d9618c5
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_sample_modules.h
@@ -0,0 +1,420 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines functions associated with CertStore types.
+ *
+ */
+
+
+#ifndef _PKIX_SAMPLEMODULES_H
+#define _PKIX_SAMPLEMODULES_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_PL_CollectionCertStore
+ *
+ * A PKIX_CollectionCertStore provides an example for showing how to retrieve
+ * certificates and CRLs from a repository, such as a directory in the system.
+ * It is expected the directory is an absolute directory which contains CRL
+ * and Cert data files. CRL files are expected to have the suffix of .crl
+ * and Cert files are expected to have the suffix of .crt .
+ *
+ * Once the caller has created the CollectionCertStoreContext object, the caller
+ * then can call pkix_pl_CollectionCertStore_GetCert or
+ * pkix_pl_CollectionCertStore_GetCRL to obtain Lists of PKIX_PL_Cert or
+ * PKIX_PL_CRL objects, respectively.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_CollectionCertStore_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CollectionCertStore and returns it at
+ * "pColCertStore".
+ *
+ * PARAMETERS:
+ * "storeDir"
+ * The absolute path where *.crl files are located.
+ * "pColCertStoreContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_CollectionCertStore_Create(
+ PKIX_PL_String *storeDir,
+ PKIX_CertStore **pCertStore,
+ void *plContext);
+
+/* PKIX_PL_PK11CertStore
+ *
+ * A PKIX_PL_PK11CertStore retrieves certificates and CRLs from a PKCS11
+ * database. The directory that contains the cert8.db, key3.db, and secmod.db
+ * files that comprise a PKCS11 database are specified in NSS initialization.
+ *
+ * Once the caller has created the Pk11CertStore object, the caller can call
+ * pkix_pl_Pk11CertStore_GetCert or pkix_pl_Pk11CertStore_GetCert to obtain
+ * a List of PKIX_PL_Certs or PKIX_PL_CRL objects, respectively.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_Pk11CertStore_Create
+ * DESCRIPTION:
+ *
+ * Creates a new Pk11CertStore and returns it at "pPk11CertStore".
+ *
+ * PARAMETERS:
+ * "pPk11CertStore"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_Pk11CertStore_Create(
+ PKIX_CertStore **pPk11CertStore,
+ void *plContext);
+
+#ifndef NSS_PKIX_NO_LDAP
+/* PKIX_PL_LdapCertStore
+ *
+ * A PKIX_PL_LdapCertStore retrieves certificates and CRLs from an LDAP server
+ * over a socket connection. It used the LDAP protocol as described in RFC1777.
+ *
+ * Once the caller has created the LdapCertStore object, the caller can call
+ * pkix_pl_LdapCertStore_GetCert or pkix_pl_LdapCertStore_GetCert to obtain
+ * a List of PKIX_PL_Certs or PKIX_PL_CRL objects, respectively.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_LdapDefaultClient_Create
+ * DESCRIPTION:
+ *
+ * Creates an LdapDefaultClient using the PRNetAddr poined to by "sockaddr",
+ * with a timeout value of "timeout", and a BindAPI pointed to by "bindAPI";
+ * and stores the address of the default LdapClient at "pClient".
+ *
+ * At the time of this version, there are unresolved questions about the LDAP
+ * protocol. Although RFC1777 describes a BIND and UNBIND message, it is not
+ * clear whether they are appropriate to this application. We have tested only
+ * using servers that do not expect authentication, and that reject BIND
+ * messages. It is not clear what values might be appropriate for the bindname
+ * and authentication fields, which are currently implemented as char strings
+ * supplied by the caller. (If this changes, the API and possibly the templates
+ * will have to change.) Therefore the Client_Create API contains a BindAPI
+ * structure, a union, which will have to be revised and extended when this
+ * area of the protocol is better understood.
+ *
+ * PARAMETERS:
+ * "sockaddr"
+ * Address of the PRNetAddr to be used for the socket connection. Must be
+ * non-NULL.
+ * "timeout"
+ * The PRIntervalTime value to be used as a timeout value in socket calls;
+ * a zero value indicates non-blocking I/O is to be used.
+ * "bindAPI"
+ * The address of a BindAPI to be used if a BIND message is required. If
+ * this argument is NULL, no Bind (or Unbind) will be sent.
+ * "pClient"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_LdapDefaultClient_Create(
+ PRNetAddr *sockaddr,
+ PRIntervalTime timeout,
+ LDAPBindAPI *bindAPI,
+ PKIX_PL_LdapDefaultClient **pClient,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_LdapDefaultClient_CreateByName
+ * DESCRIPTION:
+ *
+ * Creates an LdapDefaultClient using the hostname poined to by "hostname",
+ * with a timeout value of "timeout", and a BindAPI pointed to by "bindAPI";
+ * and stores the address of the default LdapClient at "pClient".
+ *
+ * At the time of this version, there are unresolved questions about the LDAP
+ * protocol. Although RFC1777 describes a BIND and UNBIND message, it is not
+ * clear whether they are appropriate to this application. We have tested only
+ * using servers that do not expect authentication, and that reject BIND
+ * messages. It is not clear what values might be appropriate for the bindname
+ * and authentication fields, which are currently implemented as char strings
+ * supplied by the caller. (If this changes, the API and possibly the templates
+ * will have to change.) Therefore the Client_Create API contains a BindAPI
+ * structure, a union, which will have to be revised and extended when this
+ * area of the protocol is better understood.
+ *
+ * PARAMETERS:
+ * "hostname"
+ * Address of the hostname to be used for the socket connection. Must be
+ * non-NULL.
+ * "timeout"
+ * The PRIntervalTime value to be used as a timeout value in socket calls;
+ * a zero value indicates non-blocking I/O is to be used.
+ * "bindAPI"
+ * The address of a BindAPI to be used if a BIND message is required. If
+ * this argument is NULL, no Bind (or Unbind) will be sent.
+ * "pClient"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_LdapDefaultClient_CreateByName(
+ char *hostname,
+ PRIntervalTime timeout,
+ LDAPBindAPI *bindAPI,
+ PKIX_PL_LdapDefaultClient **pClient,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_LdapCertStore_Create
+ * DESCRIPTION:
+ *
+ * Creates a new LdapCertStore using the LdapClient pointed to by "client",
+ * and stores the address of the CertStore at "pCertStore".
+ *
+ * PARAMETERS:
+ * "client"
+ * Address of the LdapClient to be used. Must be non-NULL.
+ * "pCertStore"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_LdapCertStore_Create(
+ PKIX_PL_LdapClient *client,
+ PKIX_CertStore **pCertStore,
+ void *plContext);
+#endif /* !NSS_PKIX_NO_LDAP */
+
+/* PKIX_PL_NssContext
+ *
+ * A PKIX_PL_NssContext provides an example showing how the "plContext"
+ * argument, that is part of every libpkix function call, can be used.
+ * The "plContext" is the Portability Layer Context, which can be used
+ * to communicate layer-specific information from the application to the
+ * underlying Portability Layer (while bypassing the Portable Code, which
+ * blindly passes the plContext on to every function call).
+ *
+ * In this case, NSS serves as both the application and the Portability Layer.
+ * We define an NSS-specific structure, which includes an arena and a number
+ * of SECCertificateUsage bit flags encoded as a PKIX_UInt32. A third argument,
+ * wincx, is used on Windows platforms for PKCS11 access, and should be set to
+ * NULL for other platforms.
+ * Before calling any of the libpkix functions, the caller should create the NSS
+ * context, by calling PKIX_PL_NssContext_Create, and provide that NSS context
+ * as the "plContext" argument in every libpkix function call the caller makes.
+ * When the caller is finished using the NSS context (usually just after he
+ * calls PKIX_Shutdown), the caller should call PKIX_PL_NssContext_Destroy to
+ * free the NSS context structure.
+ */
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_Create
+ * DESCRIPTION:
+ *
+ * Creates a new NssContext using the certificate usage(s) specified by
+ * "certUsage" and stores it at "pNssContext". This function also internally
+ * creates an arena and stores it as part of the NssContext structure. Unlike
+ * most other libpkix API functions, this function does not take a "plContext"
+ * parameter.
+ *
+ * PARAMETERS:
+ * "certUsage"
+ * The desired SECCertificateUsage(s).
+ * "useNssArena"
+ * Boolean flag indicates NSS Arena is used for memory allocation.
+ * "wincx"
+ * A Windows-dependent pointer for PKCS11 token handling.
+ * "pNssContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Context Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_NssContext_Create(
+ PKIX_UInt32 certificateUsage,
+ PKIX_Boolean useNssArena,
+ void *wincx,
+ void **pNssContext);
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_Destroy
+ * DESCRIPTION:
+ *
+ * Frees the structure pointed to by "nssContext" along with any of its
+ * associated memory. Unlike most other libpkix API functions, this function
+ * does not take a "plContext" parameter.
+ *
+ * PARAMETERS:
+ * "nssContext"
+ * Address of NssContext to be destroyed. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Context Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_NssContext_Destroy(
+ void *nssContext);
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetTimeout
+ * DESCRIPTION:
+ *
+ * Sets IO timeout for network operations like OCSP response and cert
+ * fetching.
+ *
+ * PARAMETERS:
+ * "nssContext"
+ * Address of NssContext to be destroyed. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Context Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetTimeout(PKIX_UInt32 timeout, PKIX_PL_NssContext *nssContext);
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetMaxResponseLen
+ * DESCRIPTION:
+ *
+ * Sets maximum responce length allowed during network IO operations.
+ *
+ * PARAMETERS:
+ * "nssContext"
+ * Address of NssContext to be destroyed. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Context Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetMaxResponseLen(PKIX_UInt32 len, PKIX_PL_NssContext *nssContext);
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetCrlReloadDelay
+ * DESCRIPTION:
+ *
+ * Sets user defined timeout between attempts to load crl using
+ * CRLDP.
+ *
+ * PARAMETERS:
+ * "delaySeconds"
+ * Reload delay in seconds.
+ * "nssContext"
+ * Address of NssContext to be destroyed. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Context Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetCrlReloadDelay(PKIX_UInt32 delaySeconds,
+ PKIX_PL_NssContext *nssContext);
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetBadDerCrlReloadDelay
+ * DESCRIPTION:
+ *
+ * Sets user defined timeout between attempts to load crls
+ * that failed to decode.
+ *
+ * PARAMETERS:
+ * "delaySeconds"
+ * Reload delay in seconds.
+ * "nssContext"
+ * Address of NssContext to be destroyed. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Context Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetBadDerCrlReloadDelay(PKIX_UInt32 delaySeconds,
+ PKIX_PL_NssContext *nssContext);
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_SAMPLEMODULES_H */
diff --git a/security/nss/lib/libpkix/include/pkix_util.h b/security/nss/lib/libpkix/include/pkix_util.h
new file mode 100755
index 000000000..e42f608c1
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkix_util.h
@@ -0,0 +1,941 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * These functions provide support for a number of other functions
+ * by creating and manipulating data structures used by those functions.
+ *
+ */
+
+#ifndef _PKIX_UTIL_H
+#define _PKIX_UTIL_H
+
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* General
+ *
+ * Please refer to the libpkix Programmer's Guide for detailed information
+ * about how to use the libpkix library. Certain key warnings and notices from
+ * that document are repeated here for emphasis.
+ *
+ * All identifiers in this file (and all public identifiers defined in
+ * libpkix) begin with "PKIX_". Private identifiers only intended for use
+ * within the library begin with "pkix_".
+ *
+ * A function returns NULL upon success, and a PKIX_Error pointer upon failure.
+ *
+ * Unless otherwise noted, for all accessor (gettor) functions that return a
+ * PKIX_PL_Object pointer, callers should assume that this pointer refers to a
+ * shared object. Therefore, the caller should treat this shared object as
+ * read-only and should not modify this shared object. When done using the
+ * shared object, the caller should release the reference to the object by
+ * using the PKIX_PL_Object_DecRef function.
+ *
+ * While a function is executing, if its arguments (or anything referred to by
+ * its arguments) are modified, free'd, or destroyed, the function's behavior
+ * is undefined.
+ *
+ */
+
+/* PKIX_Logger
+ *
+ * PKIX_Loggers provide a standard way for the caller to insert custom logging
+ * facilities. These are used by libpkix to log errors, debug information,
+ * status, etc. The LogCallback allows custom logging to take place.
+ * Additionally, a Logger can be initialized with a loggerContext, which is
+ * where the caller can specify configuration data such as the name of a
+ * logfile or database. Note that this loggerContext must be a PKIX_PL_Object,
+ * allowing it to be reference-counted and allowing it to provide the standard
+ * PKIX_PL_Object functions (Equals, Hashcode, ToString, Compare, Duplicate).
+ *
+ * Once the caller has created the Logger object(s) (and set the loggerContext
+ * (if any) and the Log callback), the caller then registers these Loggers
+ * with the system by calling PKIX_SetLoggers or PKIX_AddLogger. All log
+ * entries will then be logged using the specified Loggers. If multiple
+ * Loggers are specified, every log entry will be logged with each of them.
+ *
+ * XXX Maybe give some guidance somewhere on how much detail each logging
+ * level should have and where component boundaries should be. Maybe in
+ * Implementor's Guide or Programmer's Guide.
+ */
+
+#define PKIX_LOGGER_LEVEL_TRACE 5
+#define PKIX_LOGGER_LEVEL_DEBUG 4
+#define PKIX_LOGGER_LEVEL_WARNING 3
+#define PKIX_LOGGER_LEVEL_ERROR 2
+#define PKIX_LOGGER_LEVEL_FATALERROR 1
+
+#define PKIX_LOGGER_LEVEL_MAX 5
+
+/*
+ * FUNCTION: PKIX_Logger_LogCallback
+ * DESCRIPTION:
+ *
+ * This callback function logs a log entry containing the String pointed to
+ * by "message", the integer value of logLevel, and the String pointed to by
+ * "logComponent". A log entry can be associated with a particular log
+ * level (i.e. level 3) and a particular log component (i.e. "CertStore").
+ * For example, someone reading the log may only be interested in very general
+ * log entries so they look only for log level 1. Similarly, they may only be
+ * interested in log entries pertaining to the CertStore component so they
+ * look only for that log component. This function can be used before calling
+ * PKIX_Initialize.
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of logger whose LogCallback is to be used. Must be non-NULL.
+ * "message"
+ * Address of String that is to be logged used "logger". Must be non-NULL.
+ * "logLevel"
+ * Integer value representing the log level for this entry. The higher the
+ * level, the more detail. Must be non-NULL.
+ * "logComponent"
+ * PKIXERRORNUM value (defined in pkixt.h) designating the log component
+ * for this entry.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe
+ *
+ * Multiple threads must be able to safely call this function without
+ * worrying about conflicts, even if they're operating on the same objects.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+typedef PKIX_Error *
+(*PKIX_Logger_LogCallback)(
+ PKIX_Logger *logger,
+ PKIX_PL_String *message,
+ PKIX_UInt32 logLevel,
+ PKIX_ERRORCLASS logComponent,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_Create
+ * DESCRIPTION:
+ *
+ * Creates a new Logger using the Object pointed to by "loggerContext"
+ * (if any) and stores it at "pLogger". The new Logger uses the LogCallback
+ * pointed to by "callback". The Logger's maximum logging level is initially
+ * set to a very high level and its logging component is set to NULL (all
+ * components).
+ *
+ * PARAMETERS:
+ * "callback"
+ * The LogCallback function to be used. Must be non-NULL.
+ * "loggerContext"
+ * Address of Object representing the Logger's context (if any).
+ * "pLogger"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_Create(
+ PKIX_Logger_LogCallback callback,
+ PKIX_PL_Object *loggerContext,
+ PKIX_Logger **pLogger,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_GetLogCallback
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to "logger's" Log callback function and puts it in
+ * "pCallback".
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger whose Log callback is desired. Must be non-NULL.
+ * "pCallback"
+ * Address where Log callback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_GetLogCallback(
+ PKIX_Logger *logger,
+ PKIX_Logger_LogCallback *pCallback,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_GetLoggerContext
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a PKIX_PL_Object representing the context (if any)
+ * of the Logger pointed to by "logger" and stores it at "pLoggerContext".
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger whose context is to be stored. Must be non-NULL.
+ * "pLoggerContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_GetLoggerContext(
+ PKIX_Logger *logger,
+ PKIX_PL_Object **pLoggerContext,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_GetMaxLoggingLevel
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a PKIX_UInt32 representing the maximum logging
+ * level of the Logger pointed to by "logger" and stores it at "pLevel". Only
+ * log entries whose log level is less than or equal to this maximum logging
+ * level will be logged.
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger whose maximum logging level is to be stored.
+ * Must be non-NULL.
+ * "pLevel"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_GetMaxLoggingLevel(
+ PKIX_Logger *logger,
+ PKIX_UInt32 *pLevel,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_SetMaxLoggingLevel
+ * DESCRIPTION:
+ *
+ * Sets the maximum logging level of the Logger pointed to by "logger" with
+ * the integer value of "level".
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger whose maximum logging level is to be set.
+ * Must be non-NULL.
+ * "level"
+ * Maximum logging level to be set
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "logger"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_SetMaxLoggingLevel(
+ PKIX_Logger *logger,
+ PKIX_UInt32 level,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_GetLoggingComponent
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to a String representing the logging component of the
+ * Logger pointed to by "logger" and stores it at "pComponent". Only log
+ * entries whose log component matches the specified logging component will
+ * be logged.
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger whose logging component is to be stored.
+ * Must be non-NULL.
+ * "pComponent"
+ * Address where PKIXERRORNUM will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_GetLoggingComponent(
+ PKIX_Logger *logger,
+ PKIX_ERRORCLASS *pComponent,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Logger_SetLoggingComponent
+ * DESCRIPTION:
+ *
+ * Sets the logging component of the Logger pointed to by "logger" with the
+ * PKIXERRORNUM pointed to by "component". To match a small set of components,
+ * create a Logger for each.
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger whose logging component is to be set.
+ * Must be non-NULL.
+ * "component"
+ * PKIXERRORNUM value representing logging component to be set.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "logger"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Logger_SetLoggingComponent(
+ PKIX_Logger *logger,
+ PKIX_ERRORCLASS component,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_GetLoggers
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of Loggers (if any) being used for logging
+ * by libpkix and stores it at "pLoggers". If no loggers are being used, this
+ * function stores an empty List at "pLoggers".
+ *
+ * Note that the List returned by this function is immutable.
+ *
+ * PARAMETERS:
+ * "pLoggers"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_GetLoggers(
+ PKIX_List **pLoggers, /* list of PKIX_Logger */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_SetLoggers
+ * DESCRIPTION:
+ *
+ * Sets the Loggers to be used by libpkix to the List of Loggers pointed to
+ * by "loggers". If "loggers" is NULL, no Loggers will be used.
+ *
+ * PARAMETERS:
+ * "loggers"
+ * Address of List of Loggers to be set. NULL for no Loggers.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_SetLoggers(
+ PKIX_List *loggers, /* list of PKIX_Logger */
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_AddLogger
+ * DESCRIPTION:
+ *
+ * Adds the Logger pointed to by "logger" to the List of Loggers used by
+ * libpkix.
+ *
+ * PARAMETERS:
+ * "logger"
+ * Address of Logger to be added. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Logger Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_AddLogger(
+ PKIX_Logger *logger,
+ void *plContext);
+
+/* Functions pertaining to the PKIX_Error type */
+
+/* Error
+ *
+ * An Error object is returned by a function upon encountering some error
+ * condition. Each Error is associated with an errorCode specified in pkixt.h.
+ * The remaining components of an Error are optional. An Error's description
+ * specifies a text message describing the Error. An Error's supplementary info
+ * specifies additional information that might be useful. Finally, an Error's
+ * cause specifies the underlying Error (if any) that resulted in this Error
+ * being returned, thereby allowing Errors to be chained so that an entire
+ * "error stack trace" can be represented. Once created, an Error is immutable.
+ *
+ * Note that the Error's supplementary info must be an Object (although any
+ * object type), allowing it to be reference-counted and allowing it to
+ * provide the standard Object functions (Equals, Hashcode, ToString, Compare,
+ * Duplicate).
+ *
+ * Errors are classified as either being fatal or non-fatal. If a function
+ * fails in an unrecoverable way, it returns an Error whose errorCode is
+ * PKIX_FATAL_ERROR. If such an error is encountered, the caller should
+ * not attempt to recover since something seriously wrong has happened
+ * (e.g. corrupted memory, memory finished, etc.). All other errorCodes
+ * are considered non-fatal errors and can be handled by the caller as they
+ * see fit.
+ */
+
+/*
+ * FUNCTION: PKIX_Error_Create
+ * DESCRIPTION:
+ *
+ * Creates a new Error using the value of "errorCode", the Error pointed to by
+ * "cause" (if any), the Object pointed to by "info" (if any), and the String
+ * pointed to by "desc" and stores it at "pError". If any error occurs during
+ * error allocation, it will be returned without chaining, since new errors
+ * cannot be created. Once created, an Error is immutable.
+ *
+ * PARAMETERS:
+ * "errorCode"
+ * Value of error code.
+ * "cause"
+ * Address of Error representing error's cause.
+ * NULL if none or unspecified.
+ * "info"
+ * Address of Object representing error's supplementary information.
+ * NULL if none.
+ * "desc"
+ * Address of String representing error's description. NULL if none.
+ * "pError"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Error_Create(
+ PKIX_ERRORCLASS errClass,
+ PKIX_Error *cause,
+ PKIX_PL_Object *info,
+ PKIX_ERRORCODE errCode,
+ PKIX_Error **pError,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Error_GetErrorClass
+ * DESCRIPTION:
+ *
+ * Retrieves the error class of the Error pointed to by "error" and
+ * stores it at "pClass". Supported error codes are defined in pkixt.h.
+ *
+ * PARAMETERS:
+ * "error"
+ * Address of Error whose error code is desired. Must be non-NULL.
+ * "pClass"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Error_GetErrorClass(
+ PKIX_Error *error,
+ PKIX_ERRORCLASS *pClass,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Error_GetErrorCode
+ * DESCRIPTION:
+ *
+ * Retrieves the error code of the Error pointed to by "error" and
+ * stores it at "pCode". Supported error codes are defined in pkixt.h.
+ *
+ * PARAMETERS:
+ * "error"
+ * Address of Error whose error code is desired. Must be non-NULL.
+ * "pCode"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Error_GetErrorCode(
+ PKIX_Error *error,
+ PKIX_ERRORCODE *pCode,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Error_GetCause
+ * DESCRIPTION:
+ *
+ * Retrieves the cause of the Error pointed to by "error" and stores it at
+ * "pCause". If no cause was specified, NULL will be stored at "pCause".
+ *
+ * PARAMETERS:
+ * "error"
+ * Address of Error whose cause is desired. Must be non-NULL.
+ * "pCause"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Error_GetCause(
+ PKIX_Error *error,
+ PKIX_Error **pCause,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Error_GetSupplementaryInfo
+ * DESCRIPTION:
+ *
+ * Retrieves the supplementary info of the Error pointed to by "error" and
+ * stores it at "pInfo".
+ *
+ * PARAMETERS:
+ * "error"
+ * Address of Error whose info is desired. Must be non-NULL.
+ * "pInfo"
+ * Address where info pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Error_GetSupplementaryInfo(
+ PKIX_Error *error,
+ PKIX_PL_Object **pInfo,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_Error_GetDescription
+ * DESCRIPTION:
+ *
+ * Retrieves the description of the Error pointed to by "error" and stores it
+ * at "pDesc". If no description was specified, NULL will be stored at
+ * "pDesc".
+ *
+ * PARAMETERS:
+ * "error"
+ * Address of Error whose description is desired. Must be non-NULL.
+ * "pDesc"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_Error_GetDescription(
+ PKIX_Error *error,
+ PKIX_PL_String **pDesc,
+ void *plContext);
+
+/* PKIX_List
+ *
+ * Represents a collection of items. NULL is considered a valid item.
+ */
+
+/*
+ * FUNCTION: PKIX_List_Create
+ * DESCRIPTION:
+ *
+ * Creates a new List and stores it at "pList". The List is initially empty
+ * and holds no items. To initially add items to the List, use
+ * PKIX_List_AppendItem
+ *
+ * PARAMETERS:
+ * "pList"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_Create(
+ PKIX_List **pList,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_SetImmutable
+ * DESCRIPTION:
+ *
+ * Sets the List pointed to by "list" to be immutable. If a caller tries to
+ * change a List after it has been marked immutable (i.e. by calling
+ * PKIX_List_AppendItem, PKIX_List_InsertItem, PKIX_List_SetItem, or
+ * PKIX_List_DeleteItem), an Error is returned.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to be marked immutable. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "list"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_SetImmutable(
+ PKIX_List *list,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_IsImmutable
+ * DESCRIPTION:
+ *
+ * Checks whether the List pointed to by "list" is immutable and stores
+ * the Boolean result at "pImmutable". If a caller tries to change a List
+ * after it has been marked immutable (i.e. by calling PKIX_List_AppendItem,
+ * PKIX_List_InsertItem, PKIX_List_SetItem, or PKIX_List_DeleteItem), an
+ * Error is returned.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List whose immutability is to be determined.
+ * Must be non-NULL.
+ * "pImmutable"
+ * Address where PKIX_Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_IsImmutable(
+ PKIX_List *list,
+ PKIX_Boolean *pImmutable,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_GetLength
+ * DESCRIPTION:
+ *
+ * Retrieves the length of the List pointed to by "list" and stores it at
+ * "pLength".
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List whose length is desired. Must be non-NULL.
+ * "pLength"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_GetLength(
+ PKIX_List *list,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_IsEmpty
+ * DESCRIPTION:
+ *
+ * Checks whether the List pointed to by "list" is empty and stores
+ * the Boolean result at "pEmpty".
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List whose emptiness is to be determined. Must be non-NULL.
+ * "pEmpty"
+ * Address where PKIX_Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_IsEmpty(
+ PKIX_List *list,
+ PKIX_Boolean *pEmpty,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_AppendItem
+ * DESCRIPTION:
+ *
+ * Appends the Object pointed to by "item" after the last non-NULL item in
+ * List pointed to by "list", if any. Note that a List may validly contain
+ * NULL items. Appending "c" into the List ("a", NULL, "b", NULL) will result
+ * in ("a", NULL, "b", "c").
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to append to. Must be non-NULL.
+ * "item"
+ * Address of new item to append.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "list"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_AppendItem(
+ PKIX_List *list,
+ PKIX_PL_Object *item,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_InsertItem
+ * DESCRIPTION:
+ *
+ * Inserts the Object pointed to by "item" into the List pointed to by "list"
+ * at the given "index". The index counts from zero and must be less than the
+ * List's length. Existing list entries at or after this index will be moved
+ * to the next highest index.
+ *
+ * XXX why not allow equal to length which would be equivalent to AppendItem?
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to insert into. Must be non-NULL.
+ * "index"
+ * Position to insert into. Must be less than List's length.
+ * "item"
+ * Address of new item to append.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "list"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_InsertItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_PL_Object *item,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_GetItem
+ * DESCRIPTION:
+ *
+ * Copies the "list"'s item at "index" into "pItem". The index counts from
+ * zero and must be less than the list's length. Increments the reference
+ * count on the returned object, if non-NULL.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to get item from. Must be non-NULL.
+ * "index"
+ * Index of list to get item from. Must be less than List's length.
+ * "pItem"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_GetItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_PL_Object **pItem,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_SetItem
+ * DESCRIPTION:
+ *
+ * Sets the item at "index" of the List pointed to by "list" with the Object
+ * pointed to by "item". The index counts from zero and must be less than the
+ * List's length. The previous entry at this index will have its reference
+ * count decremented and the new entry will have its reference count
+ * incremented.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to modify. Must be non-NULL.
+ * "index"
+ * Position in List to set. Must be less than List's length.
+ * "item"
+ * Address of Object to set at "index".
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "list"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_SetItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_PL_Object *item,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_DeleteItem
+ *
+ * Deletes the item at "index" from the List pointed to by "list". The index
+ * counts from zero and must be less than the List's length. Note that this
+ * function does not destroy the List. It simply decrements the reference
+ * count of the item at "index" in the List, deletes that item from the list
+ * and moves all subsequent entries to a lower index in the list. If there is
+ * only a single element in the List and that element is deleted, then the
+ * List will be empty.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to delete from. Must be non-NULL.
+ * "index"
+ * Position in List to delete. Must be less than List's length.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "list"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_DeleteItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_List_ReverseList
+ * DESCRIPTION:
+ *
+ * Creates a new List whose elements are in the reverse order as the elements
+ * of the Object pointed to by "list" and stores the copy at "pReversedList".
+ * If "list" is empty, the new reversed List will be a copy of "list".
+ * Changes to the new object will not affect the original and vice versa.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List whose elements are to be reversed. Must be non-NULL.
+ * "pReversedList"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_List_ReverseList(
+ PKIX_List *list,
+ PKIX_List **pReversedList,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_UTIL_H */
diff --git a/security/nss/lib/libpkix/include/pkixt.h b/security/nss/lib/libpkix/include/pkixt.h
new file mode 100755
index 000000000..71997f700
--- /dev/null
+++ b/security/nss/lib/libpkix/include/pkixt.h
@@ -0,0 +1,485 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file defines the types in the libpkix API.
+ * XXX Maybe we should specify the API version number in all API header files
+ *
+ */
+
+#ifndef _PKIXT_H
+#define _PKIXT_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "secerr.h"
+
+/* Types
+ *
+ * This header file provides typedefs for the abstract types used by libpkix.
+ * It also provides several useful macros.
+ *
+ * Note that all these abstract types are typedef'd as opaque structures. This
+ * is intended to discourage the caller from looking at the contents directly,
+ * since the format of the contents may change from one version of the library
+ * to the next. Instead, callers should only access these types using the
+ * functions defined in the public header files.
+ *
+ * An instance of an abstract type defined in this file is called an "object"
+ * here, although C does not have real support for objects.
+ *
+ * Because C does not typically have automatic garbage collection, the caller
+ * is expected to release the reference to any object that they create or that
+ * is returned to them by a libpkix function. The caller should do this by
+ * using the PKIX_PL_Object_DecRef function. Note that the caller should not
+ * release the reference to an object if the object has been passed to a
+ * libpkix function and that function has not returned.
+ *
+ * Please refer to libpkix Programmer's Guide for more details.
+ */
+
+/* Version
+ *
+ * These macros specify the major and minor version of the libpkix API defined
+ * by this header file.
+ */
+
+#define PKIX_MAJOR_VERSION ((PKIX_UInt32) 0)
+#define PKIX_MINOR_VERSION ((PKIX_UInt32) 3)
+
+/* Maximum minor version
+ *
+ * This macro is used to specify that the caller wants the largest minor
+ * version available.
+ */
+
+#define PKIX_MAX_MINOR_VERSION ((PKIX_UInt32) 4000000000)
+
+/* Define Cert Store type for database access */
+#define PKIX_STORE_TYPE_NONE 0
+#define PKIX_STORE_TYPE_PK11 1
+
+/* Portable Code (PC) data types
+ *
+ * These types are used to perform the primary operations of this library:
+ * building and validating chains of X.509 certificates.
+ */
+
+typedef struct PKIX_ErrorStruct PKIX_Error;
+typedef struct PKIX_ProcessingParamsStruct PKIX_ProcessingParams;
+typedef struct PKIX_ValidateParamsStruct PKIX_ValidateParams;
+typedef struct PKIX_ValidateResultStruct PKIX_ValidateResult;
+typedef struct PKIX_ResourceLimitsStruct PKIX_ResourceLimits;
+typedef struct PKIX_BuildResultStruct PKIX_BuildResult;
+typedef struct PKIX_CertStoreStruct PKIX_CertStore;
+typedef struct PKIX_CertChainCheckerStruct PKIX_CertChainChecker;
+typedef struct PKIX_RevocationCheckerStruct PKIX_RevocationChecker;
+typedef struct PKIX_CertSelectorStruct PKIX_CertSelector;
+typedef struct PKIX_CRLSelectorStruct PKIX_CRLSelector;
+typedef struct PKIX_ComCertSelParamsStruct PKIX_ComCertSelParams;
+typedef struct PKIX_ComCRLSelParamsStruct PKIX_ComCRLSelParams;
+typedef struct PKIX_TrustAnchorStruct PKIX_TrustAnchor;
+typedef struct PKIX_PolicyNodeStruct PKIX_PolicyNode;
+typedef struct PKIX_LoggerStruct PKIX_Logger;
+typedef struct PKIX_ListStruct PKIX_List;
+typedef struct PKIX_ForwardBuilderStateStruct PKIX_ForwardBuilderState;
+typedef struct PKIX_DefaultRevocationCheckerStruct
+ PKIX_DefaultRevocationChecker;
+typedef struct PKIX_VerifyNodeStruct PKIX_VerifyNode;
+
+/* Portability Layer (PL) data types
+ *
+ * These types are used are used as portable data types that are defined
+ * consistently across platforms
+ */
+
+typedef struct PKIX_PL_NssContextStruct PKIX_PL_NssContext;
+typedef struct PKIX_PL_ObjectStruct PKIX_PL_Object;
+typedef struct PKIX_PL_ByteArrayStruct PKIX_PL_ByteArray;
+typedef struct PKIX_PL_HashTableStruct PKIX_PL_HashTable;
+typedef struct PKIX_PL_MutexStruct PKIX_PL_Mutex;
+typedef struct PKIX_PL_RWLockStruct PKIX_PL_RWLock;
+typedef struct PKIX_PL_MonitorLockStruct PKIX_PL_MonitorLock;
+typedef struct PKIX_PL_BigIntStruct PKIX_PL_BigInt;
+typedef struct PKIX_PL_StringStruct PKIX_PL_String;
+typedef struct PKIX_PL_OIDStruct PKIX_PL_OID;
+typedef struct PKIX_PL_CertStruct PKIX_PL_Cert;
+typedef struct PKIX_PL_GeneralNameStruct PKIX_PL_GeneralName;
+typedef struct PKIX_PL_X500NameStruct PKIX_PL_X500Name;
+typedef struct PKIX_PL_PublicKeyStruct PKIX_PL_PublicKey;
+typedef struct PKIX_PL_DateStruct PKIX_PL_Date;
+typedef struct PKIX_PL_CertNameConstraintsStruct PKIX_PL_CertNameConstraints;
+typedef struct PKIX_PL_CertBasicConstraintsStruct PKIX_PL_CertBasicConstraints;
+typedef struct PKIX_PL_CertPoliciesStruct PKIX_PL_CertPolicies;
+typedef struct PKIX_PL_CertPolicyInfoStruct PKIX_PL_CertPolicyInfo;
+typedef struct PKIX_PL_CertPolicyQualifierStruct PKIX_PL_CertPolicyQualifier;
+typedef struct PKIX_PL_CertPolicyMapStruct PKIX_PL_CertPolicyMap;
+typedef struct PKIX_PL_CRLStruct PKIX_PL_CRL;
+typedef struct PKIX_PL_CRLEntryStruct PKIX_PL_CRLEntry;
+typedef struct PKIX_PL_CollectionCertStoreStruct PKIX_PL_CollectionCertStore;
+typedef struct PKIX_PL_CollectionCertStoreContext
+ PKIX_PL_CollectionCertStoreContext;
+typedef struct PKIX_PL_LdapCertStoreContext PKIX_PL_LdapCertStoreContext;
+typedef struct PKIX_PL_LdapRequestStruct PKIX_PL_LdapRequest;
+typedef struct PKIX_PL_LdapResponseStruct PKIX_PL_LdapResponse;
+typedef struct PKIX_PL_LdapDefaultClientStruct PKIX_PL_LdapDefaultClient;
+typedef struct PKIX_PL_SocketStruct PKIX_PL_Socket;
+typedef struct PKIX_PL_InfoAccessStruct PKIX_PL_InfoAccess;
+typedef struct PKIX_PL_AIAMgrStruct PKIX_PL_AIAMgr;
+typedef struct PKIX_PL_OcspCertIDStruct PKIX_PL_OcspCertID;
+typedef struct PKIX_PL_OcspRequestStruct PKIX_PL_OcspRequest;
+typedef struct PKIX_PL_OcspResponseStruct PKIX_PL_OcspResponse;
+typedef struct PKIX_PL_HttpClientStruct PKIX_PL_HttpClient;
+typedef struct PKIX_PL_HttpDefaultClientStruct PKIX_PL_HttpDefaultClient;
+typedef struct PKIX_PL_HttpCertStoreContextStruct PKIX_PL_HttpCertStoreContext;
+
+/* Primitive types
+ *
+ * In order to guarantee desired behavior as well as platform-independence, we
+ * typedef these types depending on the platform. XXX This needs more work!
+ */
+
+/* XXX Try compiling these files (and maybe the whole libpkix-nss) on Win32.
+ * We don't know what type is at least 32 bits long. ISO C probably requires
+ * at least 32 bits for long. we could default to that and only list platforms
+ * where that's not true.
+ *
+ * #elif
+ * #error
+ * #endif
+ */
+
+/* currently, int is 32 bits on all our supported platforms */
+
+typedef unsigned int PKIX_UInt32;
+typedef int PKIX_Int32;
+
+typedef int PKIX_Boolean;
+
+/* Object Types
+ *
+ * Every reference-counted PKIX_PL_Object is associated with an integer type.
+ */
+#define PKIX_TYPES \
+ TYPEMACRO(AIAMGR), \
+ TYPEMACRO(BASICCONSTRAINTSCHECKERSTATE), \
+ TYPEMACRO(BIGINT), \
+ TYPEMACRO(BUILDRESULT), \
+ TYPEMACRO(BYTEARRAY), \
+ TYPEMACRO(CERT), \
+ TYPEMACRO(CERTBASICCONSTRAINTS), \
+ TYPEMACRO(CERTCHAINCHECKER), \
+ TYPEMACRO(CERTNAMECONSTRAINTS), \
+ TYPEMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \
+ TYPEMACRO(CERTPOLICYCHECKERSTATE), \
+ TYPEMACRO(CERTPOLICYINFO), \
+ TYPEMACRO(CERTPOLICYMAP), \
+ TYPEMACRO(CERTPOLICYNODE), \
+ TYPEMACRO(CERTPOLICYQUALIFIER), \
+ TYPEMACRO(CERTSELECTOR), \
+ TYPEMACRO(CERTSTORE), \
+ TYPEMACRO(COLLECTIONCERTSTORECONTEXT), \
+ TYPEMACRO(COMCERTSELPARAMS), \
+ TYPEMACRO(COMCRLSELPARAMS), \
+ TYPEMACRO(CRL), \
+ TYPEMACRO(CRLDP), \
+ TYPEMACRO(CRLENTRY), \
+ TYPEMACRO(CRLSELECTOR), \
+ TYPEMACRO(DATE), \
+ TYPEMACRO(CRLCHECKER), \
+ TYPEMACRO(EKUCHECKER), \
+ TYPEMACRO(ERROR), \
+ TYPEMACRO(FORWARDBUILDERSTATE), \
+ TYPEMACRO(GENERALNAME), \
+ TYPEMACRO(HASHTABLE), \
+ TYPEMACRO(HTTPCERTSTORECONTEXT), \
+ TYPEMACRO(HTTPDEFAULTCLIENT), \
+ TYPEMACRO(INFOACCESS), \
+ TYPEMACRO(LDAPDEFAULTCLIENT), \
+ TYPEMACRO(LDAPREQUEST), \
+ TYPEMACRO(LDAPRESPONSE), \
+ TYPEMACRO(LIST), \
+ TYPEMACRO(LOGGER), \
+ TYPEMACRO(MONITORLOCK), \
+ TYPEMACRO(MUTEX), \
+ TYPEMACRO(OBJECT), \
+ TYPEMACRO(OCSPCERTID), \
+ TYPEMACRO(OCSPCHECKER), \
+ TYPEMACRO(OCSPREQUEST), \
+ TYPEMACRO(OCSPRESPONSE), \
+ TYPEMACRO(OID), \
+ TYPEMACRO(REVOCATIONCHECKER), \
+ TYPEMACRO(PROCESSINGPARAMS), \
+ TYPEMACRO(PUBLICKEY), \
+ TYPEMACRO(RESOURCELIMITS), \
+ TYPEMACRO(RWLOCK), \
+ TYPEMACRO(SIGNATURECHECKERSTATE), \
+ TYPEMACRO(SOCKET), \
+ TYPEMACRO(STRING), \
+ TYPEMACRO(TARGETCERTCHECKERSTATE), \
+ TYPEMACRO(TRUSTANCHOR), \
+ TYPEMACRO(VALIDATEPARAMS), \
+ TYPEMACRO(VALIDATERESULT), \
+ TYPEMACRO(VERIFYNODE), \
+ TYPEMACRO(X500NAME)
+
+#define TYPEMACRO(type) PKIX_ ## type ## _TYPE
+
+typedef enum { /* Now invoke all those TYPEMACROs to assign the numbers */
+ PKIX_TYPES,
+ PKIX_NUMTYPES /* This gets PKIX_NUMTYPES defined as the total number */
+} PKIX_TYPENUM;
+
+
+#ifdef PKIX_USER_OBJECT_TYPE
+
+/* User Define Object Types
+ *
+ * User may define their own object types offset from PKIX_USER_OBJECT_TYPE
+ */
+#define PKIX_USER_OBJECT_TYPEBASE 1000
+
+#endif /* PKIX_USER_OBJECT_TYPE */
+
+/* Error Codes
+ *
+ * This list is used to define a set of PKIX_Error exception class numbers.
+ * ERRMACRO is redefined to produce a corresponding set of
+ * strings in the table "const char *PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES]" in
+ * pkix_error.c. For example, since the fifth ERRMACRO entry is MUTEX, then
+ * PKIX_MUTEX_ERROR is defined in pkixt.h as 4, and PKIX_ERRORCLASSNAMES[4] is
+ * initialized in pkix_error.c with the value "MUTEX".
+ */
+#define PKIX_ERRORCLASSES \
+ ERRMACRO(AIAMGR), \
+ ERRMACRO(BASICCONSTRAINTSCHECKERSTATE), \
+ ERRMACRO(BIGINT), \
+ ERRMACRO(BUILD), \
+ ERRMACRO(BUILDRESULT), \
+ ERRMACRO(BYTEARRAY), \
+ ERRMACRO(CERT), \
+ ERRMACRO(CERTBASICCONSTRAINTS), \
+ ERRMACRO(CERTCHAINCHECKER), \
+ ERRMACRO(CERTNAMECONSTRAINTS), \
+ ERRMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \
+ ERRMACRO(CERTPOLICYCHECKERSTATE), \
+ ERRMACRO(CERTPOLICYINFO), \
+ ERRMACRO(CERTPOLICYMAP), \
+ ERRMACRO(CERTPOLICYNODE), \
+ ERRMACRO(CERTPOLICYQUALIFIER), \
+ ERRMACRO(CERTSELECTOR), \
+ ERRMACRO(CERTSTORE), \
+ ERRMACRO(CERTVFYPKIX), \
+ ERRMACRO(COLLECTIONCERTSTORECONTEXT), \
+ ERRMACRO(COMCERTSELPARAMS), \
+ ERRMACRO(COMCRLSELPARAMS), \
+ ERRMACRO(CONTEXT), \
+ ERRMACRO(CRL), \
+ ERRMACRO(CRLDP), \
+ ERRMACRO(CRLENTRY), \
+ ERRMACRO(CRLSELECTOR), \
+ ERRMACRO(CRLCHECKER), \
+ ERRMACRO(DATE), \
+ ERRMACRO(EKUCHECKER), \
+ ERRMACRO(ERROR), \
+ ERRMACRO(FATAL), \
+ ERRMACRO(FORWARDBUILDERSTATE), \
+ ERRMACRO(GENERALNAME), \
+ ERRMACRO(HASHTABLE), \
+ ERRMACRO(HTTPCERTSTORECONTEXT), \
+ ERRMACRO(HTTPDEFAULTCLIENT), \
+ ERRMACRO(INFOACCESS), \
+ ERRMACRO(LDAPCLIENT), \
+ ERRMACRO(LDAPDEFAULTCLIENT), \
+ ERRMACRO(LDAPREQUEST), \
+ ERRMACRO(LDAPRESPONSE), \
+ ERRMACRO(LIFECYCLE), \
+ ERRMACRO(LIST), \
+ ERRMACRO(LOGGER), \
+ ERRMACRO(MEM), \
+ ERRMACRO(MONITORLOCK), \
+ ERRMACRO(MUTEX), \
+ ERRMACRO(OBJECT), \
+ ERRMACRO(OCSPCERTID), \
+ ERRMACRO(OCSPCHECKER), \
+ ERRMACRO(OCSPREQUEST), \
+ ERRMACRO(OCSPRESPONSE), \
+ ERRMACRO(OID), \
+ ERRMACRO(PROCESSINGPARAMS), \
+ ERRMACRO(PUBLICKEY), \
+ ERRMACRO(RESOURCELIMITS), \
+ ERRMACRO(REVOCATIONMETHOD), \
+ ERRMACRO(REVOCATIONCHECKER), \
+ ERRMACRO(RWLOCK), \
+ ERRMACRO(SIGNATURECHECKERSTATE), \
+ ERRMACRO(SOCKET), \
+ ERRMACRO(STRING), \
+ ERRMACRO(TARGETCERTCHECKERSTATE), \
+ ERRMACRO(TRUSTANCHOR), \
+ ERRMACRO(USERDEFINEDMODULES), \
+ ERRMACRO(VALIDATE), \
+ ERRMACRO(VALIDATEPARAMS), \
+ ERRMACRO(VALIDATERESULT), \
+ ERRMACRO(VERIFYNODE), \
+ ERRMACRO(X500NAME)
+
+#define ERRMACRO(type) PKIX_ ## type ## _ERROR
+
+typedef enum { /* Now invoke all those ERRMACROs to assign the numbers */
+ PKIX_ERRORCLASSES,
+ PKIX_NUMERRORCLASSES /* This gets PKIX_NUMERRORCLASSES defined as the total number */
+} PKIX_ERRORCLASS;
+
+/* Now define error strings (for internationalization) */
+
+#define PKIX_ERRORENTRY(name,desc,plerr) PKIX_ ## name
+
+/* Define all the error numbers */
+typedef enum {
+#include "pkix_errorstrings.h"
+, PKIX_NUMERRORCODES
+} PKIX_ERRORCODE;
+
+extern const char * const PKIX_ErrorText[];
+
+/* String Formats
+ *
+ * These formats specify supported encoding formats for Strings.
+ */
+
+#define PKIX_ESCASCII 0
+#define PKIX_UTF8 1
+#define PKIX_UTF16 2
+#define PKIX_UTF8_NULL_TERM 3
+#define PKIX_ESCASCII_DEBUG 4
+
+/* Name Types
+ *
+ * These types specify supported formats for GeneralNames.
+ */
+
+#define PKIX_OTHER_NAME 1
+#define PKIX_RFC822_NAME 2
+#define PKIX_DNS_NAME 3
+#define PKIX_X400_ADDRESS 4
+#define PKIX_DIRECTORY_NAME 5
+#define PKIX_EDIPARTY_NAME 6
+#define PKIX_URI_NAME 7
+#define PKIX_IP_NAME 8
+#define PKIX_OID_NAME 9
+
+/* Key Usages
+ *
+ * These types specify supported Key Usages
+ */
+
+#define PKIX_DIGITAL_SIGNATURE 0x001
+#define PKIX_NON_REPUDIATION 0x002
+#define PKIX_KEY_ENCIPHERMENT 0x004
+#define PKIX_DATA_ENCIPHERMENT 0x008
+#define PKIX_KEY_AGREEMENT 0x010
+#define PKIX_KEY_CERT_SIGN 0x020
+#define PKIX_CRL_SIGN 0x040
+#define PKIX_ENCIPHER_ONLY 0x080
+#define PKIX_DECIPHER_ONLY 0x100
+
+/* Reason Flags
+ *
+ * These macros specify supported Reason Flags
+ */
+
+#define PKIX_UNUSED 0x001
+#define PKIX_KEY_COMPROMISE 0x002
+#define PKIX_CA_COMPROMISE 0x004
+#define PKIX_AFFILIATION_CHANGED 0x008
+#define PKIX_SUPERSEDED 0x010
+#define PKIX_CESSATION_OF_OPERATION 0x020
+#define PKIX_CERTIFICATE_HOLD 0x040
+#define PKIX_PRIVILEGE_WITHDRAWN 0x080
+#define PKIX_AA_COMPROMISE 0x100
+
+/* Boolean values
+ *
+ * These macros specify the Boolean values of TRUE and FALSE
+ * XXX Is it the case that any non-zero value is actually considered TRUE
+ * and this is just a convenient mnemonic macro?
+ */
+
+#define PKIX_TRUE ((PKIX_Boolean) 1)
+#define PKIX_FALSE ((PKIX_Boolean) 0)
+
+/*
+ * Define constants for basic constraints selector
+ * (see comments in pkix_certsel.h)
+ */
+
+#define PKIX_CERTSEL_ENDENTITY_MIN_PATHLENGTH (-2)
+#define PKIX_CERTSEL_ALL_MATCH_MIN_PATHLENGTH (-1)
+
+/*
+ * PKIX_ALLOC_ERROR is a special error object hard-coded into the pkix_error.o
+ * object file. It is thrown if system memory cannot be allocated or may be
+ * thrown for other unrecoverable errors. PKIX_ALLOC_ERROR is immutable.
+ * IncRef, DecRef and all Settor functions cannot be called.
+ * XXX Does anyone actually need to know about this?
+ * XXX Why no DecRef? Would be good to handle it the same.
+ */
+
+PKIX_Error* PKIX_ALLOC_ERROR(void);
+
+/*
+ * In a CertBasicConstraints extension, if the CA flag is set,
+ * indicating the certificate refers to a Certification
+ * Authority, then the pathLen field indicates how many intermediate
+ * certificates (not counting self-signed ones) can exist in a valid
+ * chain following this certificate. If the pathLen has the value
+ * of this constant, then the length of the chain is unlimited
+ */
+#define PKIX_UNLIMITED_PATH_CONSTRAINT ((PKIX_Int32) -1)
+
+/*
+ * Define Certificate Extension hard-coded OID's
+ */
+#define PKIX_UNKNOWN_OID SEC_OID_UNKNOWN
+#define PKIX_CERTKEYUSAGE_OID SEC_OID_X509_KEY_USAGE
+#define PKIX_CERTSUBJALTNAME_OID SEC_OID_X509_SUBJECT_ALT_NAME
+#define PKIX_BASICCONSTRAINTS_OID SEC_OID_X509_BASIC_CONSTRAINTS
+#define PKIX_CRLREASONCODE_OID SEC_OID_X509_REASON_CODE
+#define PKIX_NAMECONSTRAINTS_OID SEC_OID_X509_NAME_CONSTRAINTS
+#define PKIX_CERTIFICATEPOLICIES_OID SEC_OID_X509_CERTIFICATE_POLICIES
+#define PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID SEC_OID_X509_ANY_POLICY
+#define PKIX_POLICYMAPPINGS_OID SEC_OID_X509_POLICY_MAPPINGS
+#define PKIX_POLICYCONSTRAINTS_OID SEC_OID_X509_POLICY_CONSTRAINTS
+#define PKIX_EXTENDEDKEYUSAGE_OID SEC_OID_X509_EXT_KEY_USAGE
+#define PKIX_INHIBITANYPOLICY_OID SEC_OID_X509_INHIBIT_ANY_POLICY
+#define PKIX_NSCERTTYPE_OID SEC_OID_NS_CERT_EXT_CERT_TYPE
+#define PKIX_KEY_USAGE_SERVER_AUTH_OID SEC_OID_EXT_KEY_USAGE_SERVER_AUTH
+#define PKIX_KEY_USAGE_CLIENT_AUTH_OID SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH
+#define PKIX_KEY_USAGE_CODE_SIGN_OID SEC_OID_EXT_KEY_USAGE_CODE_SIGN
+#define PKIX_KEY_USAGE_EMAIL_PROTECT_OID SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT
+#define PKIX_KEY_USAGE_TIME_STAMP_OID SEC_OID_EXT_KEY_USAGE_TIME_STAMP
+#define PKIX_KEY_USAGE_OCSP_RESPONDER_OID SEC_OID_OCSP_RESPONDER
+
+
+/* Available revocation method types. */
+typedef enum PKIX_RevocationMethodTypeEnum {
+ PKIX_RevocationMethod_CRL = 0,
+ PKIX_RevocationMethod_OCSP,
+ PKIX_RevocationMethod_MAX
+} PKIX_RevocationMethodType;
+
+/* A set of statuses revocation checker operates on */
+typedef enum PKIX_RevocationStatusEnum {
+ PKIX_RevStatus_NoInfo = 0,
+ PKIX_RevStatus_Revoked,
+ PKIX_RevStatus_Success
+} PKIX_RevocationStatus;
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIXT_H */
diff --git a/security/nss/lib/libpkix/manifest.mn b/security/nss/lib/libpkix/manifest.mn
new file mode 100755
index 000000000..31990da63
--- /dev/null
+++ b/security/nss/lib/libpkix/manifest.mn
@@ -0,0 +1,13 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+DEPTH = ../..
+
+#
+DIRS = include pkix pkix_pl_nss \
+ $(NULL)
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/libpkix/pkix/Makefile b/security/nss/lib/libpkix/pkix/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/certsel/Makefile b/security/nss/lib/libpkix/pkix/certsel/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/certsel/certsel.gyp b/security/nss/lib/libpkix/pkix/certsel/certsel.gyp
new file mode 100644
index 000000000..a7ff65ce7
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/certsel.gyp
@@ -0,0 +1,24 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixcertsel',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_certselector.c',
+ 'pkix_comcertselparams.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/certsel/config.mk b/security/nss/lib/libpkix/pkix/certsel/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/certsel/exports.gyp b/security/nss/lib/libpkix/pkix/certsel/exports.gyp
new file mode 100644
index 000000000..9cbd847e7
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/exports.gyp
@@ -0,0 +1,26 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_certsel_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_certselector.h',
+ 'pkix_comcertselparams.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/certsel/manifest.mn b/security/nss/lib/libpkix/pkix/certsel/manifest.mn
new file mode 100755
index 000000000..525ee09ca
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/manifest.mn
@@ -0,0 +1,23 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_certselector.h \
+ pkix_comcertselparams.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_certselector.c \
+ pkix_comcertselparams.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixcertsel
+
diff --git a/security/nss/lib/libpkix/pkix/certsel/pkix_certselector.c b/security/nss/lib/libpkix/pkix/certsel/pkix_certselector.c
new file mode 100755
index 000000000..89bddd98b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/pkix_certselector.c
@@ -0,0 +1,1637 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_certselector.c
+ *
+ * CertSelector Object Functions
+ *
+ */
+
+#include "pkix_certselector.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_CertSelector_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertSelector_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_CertSelector *selector = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a cert selector */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCERTSELECTOR);
+
+ selector = (PKIX_CertSelector *)object;
+ PKIX_DECREF(selector->params);
+ PKIX_DECREF(selector->context);
+
+cleanup:
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertSelector_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_CertSelector *certSelectorDuplicate = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCERTSELECTOR);
+
+ certSelector = (PKIX_CertSelector *)object;
+
+ PKIX_CHECK(PKIX_CertSelector_Create
+ (certSelector->matchCallback,
+ certSelector->context,
+ &certSelectorDuplicate,
+ plContext),
+ PKIX_CERTSELECTORCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)certSelector->params,
+ (PKIX_PL_Object **)&certSelectorDuplicate->params,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)certSelectorDuplicate;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(certSelectorDuplicate);
+ }
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_BasicConstraint
+ * DESCRIPTION:
+ *
+ * Determines whether the Cert pointed to by "cert" matches the basic
+ * constraints criterion using the basic constraints field of the
+ * ComCertSelParams pointed to by "params". If the basic constraints field is
+ * -1, no basic constraints check is done and the Cert is considered to match
+ * the basic constraints criterion. If the Cert does not match the basic
+ * constraints criterion, an Error pointer is returned.
+ *
+ * In order to match against this criterion, there are several possibilities.
+ *
+ * 1) If the criterion's minimum path length is greater than or equal to zero,
+ * a certificate must include a BasicConstraints extension with a pathLen of
+ * at least this value.
+ *
+ * 2) If the criterion's minimum path length is -2, a certificate must be an
+ * end-entity certificate.
+ *
+ * 3) If the criterion's minimum path length is -1, no basic constraints check
+ * is done and all certificates are considered to match this criterion.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose basic constraints field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * OUTPUT PARAMETERS ON FAILURE:
+ * If the function returns a failure,
+ * the output parameters of this function are undefined.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_BasicConstraint(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
+ PKIX_Boolean caFlag = PKIX_FALSE; /* EE Cert by default */
+ PKIX_Int32 pathLength = 0;
+ PKIX_Int32 minPathLength = 0;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_BasicConstraint");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+ *pResult = PKIX_TRUE;
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetBasicConstraints
+ (params, &minPathLength, plContext),
+ PKIX_COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED);
+
+ /* If the minPathLength is unlimited (-1), no checking */
+ if (minPathLength == PKIX_CERTSEL_ALL_MATCH_MIN_PATHLENGTH) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_GetBasicConstraints
+ (cert, &basicConstraints, plContext),
+ PKIX_CERTGETBASICCONSTRAINTSFAILED);
+
+ if (basicConstraints != NULL) {
+ PKIX_CHECK(PKIX_PL_BasicConstraints_GetCAFlag
+ (basicConstraints, &caFlag, plContext),
+ PKIX_BASICCONSTRAINTSGETCAFLAGFAILED);
+
+ PKIX_CHECK(PKIX_PL_BasicConstraints_GetPathLenConstraint
+ (basicConstraints, &pathLength, plContext),
+ PKIX_BASICCONSTRAINTSGETPATHLENCONSTRAINTFAILED);
+ }
+
+ /*
+ * if minPathLength >= 0, the cert must have a BasicConstraints ext and
+ * the pathLength in this cert
+ * BasicConstraints needs to be >= minPathLength.
+ */
+ if (minPathLength >= 0){
+ if ((!basicConstraints) || (caFlag == PKIX_FALSE)){
+ PKIX_ERROR(PKIX_CERTNOTALLOWEDTOSIGNCERTIFICATES);
+ } else if ((pathLength != PKIX_UNLIMITED_PATH_CONSTRAINT) &&
+ (pathLength < minPathLength)){
+ PKIX_CERTSELECTOR_DEBUG
+ ("Basic Constraints path length match failed\n");
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_PATHLENCONSTRAINTINVALID);
+ }
+ }
+
+ /* if the minPathLength is -2, this cert must be an end-entity cert. */
+ if (minPathLength == PKIX_CERTSEL_ENDENTITY_MIN_PATHLENGTH) {
+ if (caFlag == PKIX_TRUE) {
+ PKIX_CERTSELECTOR_DEBUG
+ ("Basic Constraints end-entity match failed\n");
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_PATHLENCONSTRAINTINVALID);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(basicConstraints);
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_Policies
+ * DESCRIPTION:
+ *
+ * Determines whether the Cert pointed to by "cert" matches the policy
+ * constraints specified in the ComCertsSelParams given by "params".
+ * If "params" specifies a policy constraint of NULL, all certificates
+ * match. If "params" specifies an empty list, "cert" must have at least
+ * some policy. Otherwise "cert" must include at least one of the
+ * policies in the list. See the description of PKIX_CertSelector in
+ * pkix_certsel.h for more.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose policy criterion (if any) is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_Policies(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 numConstraintPolicies = 0;
+ PKIX_UInt32 numCertPolicies = 0;
+ PKIX_UInt32 certPolicyIndex = 0;
+ PKIX_Boolean result = PKIX_FALSE;
+ PKIX_List *constraintPolicies = NULL; /* List of PKIX_PL_OID */
+ PKIX_List *certPolicyInfos = NULL; /* List of PKIX_PL_CertPolicyInfo */
+ PKIX_PL_CertPolicyInfo *policyInfo = NULL;
+ PKIX_PL_OID *polOID = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_Policies");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetPolicy
+ (params, &constraintPolicies, plContext),
+ PKIX_COMCERTSELPARAMSGETPOLICYFAILED);
+
+ /* If constraintPolicies is NULL, all certificates "match" */
+ if (constraintPolicies) {
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyInformation
+ (cert, &certPolicyInfos, plContext),
+ PKIX_CERTGETPOLICYINFORMATIONFAILED);
+
+ /* No hope of a match if cert has no policies */
+ if (!certPolicyInfos) {
+ PKIX_CERTSELECTOR_DEBUG("Certificate has no policies\n");
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHPOLICIESFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (constraintPolicies, &numConstraintPolicies, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numConstraintPolicies > 0) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (certPolicyInfos, &numCertPolicies, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (certPolicyIndex = 0;
+ ((!result) && (certPolicyIndex < numCertPolicies));
+ certPolicyIndex++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (certPolicyInfos,
+ certPolicyIndex,
+ (PKIX_PL_Object **)&policyInfo,
+ plContext),
+ PKIX_LISTGETELEMENTFAILED);
+ PKIX_CHECK(PKIX_PL_CertPolicyInfo_GetPolicyId
+ (policyInfo, &polOID, plContext),
+ PKIX_CERTPOLICYINFOGETPOLICYIDFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (constraintPolicies,
+ (PKIX_PL_Object *)polOID,
+ &result,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+ PKIX_DECREF(policyInfo);
+ PKIX_DECREF(polOID);
+ }
+ if (!result) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHPOLICIESFAILED);
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(constraintPolicies);
+ PKIX_DECREF(certPolicyInfos);
+ PKIX_DECREF(policyInfo);
+ PKIX_DECREF(polOID);
+
+ PKIX_RETURN(CERTSELECTOR);
+
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_CertificateValid
+ * DESCRIPTION:
+ *
+ * Determines whether the Cert pointed to by "cert" matches the certificate
+ * validity criterion using the CertificateValid field of the
+ * ComCertSelParams pointed to by "params". If the CertificateValid field is
+ * NULL, no validity check is done and the Cert is considered to match
+ * the CertificateValid criterion. If the CertificateValid field specifies a
+ * Date prior to the notBefore field in the Cert, or greater than the notAfter
+ * field in the Cert, an Error is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose certValid field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_CertificateValid(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_Date *validityTime = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_CertificateValid");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetCertificateValid
+ (params, &validityTime, plContext),
+ PKIX_COMCERTSELPARAMSGETCERTIFICATEVALIDFAILED);
+
+ /* If the validityTime is not set, all certificates are acceptable */
+ if (validityTime) {
+ PKIX_CHECK(PKIX_PL_Cert_CheckValidity
+ (cert, validityTime, plContext),
+ PKIX_CERTCHECKVALIDITYFAILED);
+ }
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ *pResult = PKIX_FALSE;
+ }
+ PKIX_DECREF(validityTime);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_NameConstraints
+ * DESCRIPTION:
+ *
+ * Determines whether the Cert pointed to by "cert" matches the name
+ * constraints criterion specified in the ComCertSelParams pointed to by
+ * "params". If the name constraints field is NULL, no name constraints check
+ * is done and the Cert is considered to match the name constraints criterion.
+ * If the Cert does not match the name constraints criterion, an Error pointer
+ * is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose name constraints field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_NameConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_NameConstraints");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetNameConstraints
+ (params, &nameConstraints, plContext),
+ PKIX_COMCERTSELPARAMSGETNAMECONSTRAINTSFAILED);
+
+ if (nameConstraints != NULL) {
+ /* As only the end-entity certificate should have
+ * the common name constrained as if it was a dNSName,
+ * do not constrain the common name when building a
+ * forward path.
+ */
+ PKIX_CHECK(PKIX_PL_Cert_CheckNameConstraints
+ (cert, nameConstraints, PKIX_FALSE, plContext),
+ PKIX_CERTCHECKNAMECONSTRAINTSFAILED);
+ }
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ *pResult = PKIX_FALSE;
+ }
+
+ PKIX_DECREF(nameConstraints);
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_PathToNames
+ * DESCRIPTION:
+ *
+ * Determines whether the names at pathToNames in "params" complies with the
+ * NameConstraints pointed to by "cert". If the pathToNames field is NULL
+ * or there is no name constraints for this "cert", no checking is done
+ * and the Cert is considered to match the name constraints criterion.
+ * If the Cert does not match the name constraints criterion, an Error
+ * pointer is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose PathToNames field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_PathToNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_List *pathToNamesList = NULL;
+ PKIX_Boolean passed = PKIX_FALSE;
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_PathToNames");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetPathToNames
+ (params, &pathToNamesList, plContext),
+ PKIX_COMCERTSELPARAMSGETPATHTONAMESFAILED);
+
+ if (pathToNamesList != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
+ (cert, &nameConstraints, plContext),
+ PKIX_CERTGETNAMECONSTRAINTSFAILED);
+
+ if (nameConstraints != NULL) {
+
+ PKIX_CHECK(PKIX_PL_CertNameConstraints_CheckNamesInNameSpace
+ (pathToNamesList, nameConstraints, &passed, plContext),
+ PKIX_CERTNAMECONSTRAINTSCHECKNAMESINNAMESPACEFAILED);
+
+ if (passed != PKIX_TRUE) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHPATHTONAMESFAILED);
+ }
+ }
+
+ }
+
+cleanup:
+
+ PKIX_DECREF(nameConstraints);
+ PKIX_DECREF(pathToNamesList);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_SubjAltNames
+ * DESCRIPTION:
+ *
+ * Determines whether the names at subjAltNames in "params" match with the
+ * SubjAltNames pointed to by "cert". If the subjAltNames field is NULL,
+ * no name checking is done and the Cert is considered to match the
+ * criterion. If the Cert does not match the criterion, an Error pointer
+ * is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose SubjAltNames field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_SubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_List *subjAltNamesList = NULL;
+ PKIX_List *certSubjAltNames = NULL;
+ PKIX_PL_GeneralName *name = NULL;
+ PKIX_Boolean checkPassed = PKIX_FALSE;
+ PKIX_Boolean matchAll = PKIX_TRUE;
+ PKIX_UInt32 i, numItems;
+ PKIX_UInt32 matchCount = 0;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_SubjAltNames");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetMatchAllSubjAltNames
+ (params, &matchAll, plContext),
+ PKIX_COMCERTSELPARAMSGETMATCHALLSUBJALTNAMESFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubjAltNames
+ (params, &subjAltNamesList, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJALTNAMESFAILED);
+
+ if (subjAltNamesList != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectAltNames
+ (cert, &certSubjAltNames, plContext),
+ PKIX_CERTGETSUBJALTNAMESFAILED);
+
+ if (certSubjAltNames == NULL) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJALTNAMESFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (subjAltNamesList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (subjAltNamesList,
+ i,
+ (PKIX_PL_Object **) &name,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (certSubjAltNames,
+ (PKIX_PL_Object *) name,
+ &checkPassed,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ PKIX_DECREF(name);
+
+ if (checkPassed == PKIX_TRUE) {
+
+ if (matchAll == PKIX_FALSE) {
+ /* one match is good enough */
+ matchCount = numItems;
+ break;
+ } else {
+ /* else continue checking next */
+ matchCount++;
+ }
+
+ }
+
+ }
+
+ if (matchCount != numItems) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJALTNAMESFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(name);
+ PKIX_DECREF(certSubjAltNames);
+ PKIX_DECREF(subjAltNamesList);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_ExtendedKeyUsage
+ * DESCRIPTION:
+ *
+ * Determines whether the names at ExtKeyUsage in "params" matches with the
+ * ExtKeyUsage pointed to by "cert". If the ExtKeyUsage criterion or
+ * ExtKeyUsage in "cert" is NULL, no checking is done and the Cert is
+ * considered a match. If the Cert does not match, an Error pointer is
+ * returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose ExtKeyUsage field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_ExtendedKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_List *extKeyUsageList = NULL;
+ PKIX_List *certExtKeyUsageList = NULL;
+ PKIX_PL_OID *ekuOid = NULL;
+ PKIX_Boolean isContained = PKIX_FALSE;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_ExtendedKeyUsage");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsage
+ (params, &extKeyUsageList, plContext),
+ PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED);
+
+ if (extKeyUsageList == NULL) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_GetExtendedKeyUsage
+ (cert, &certExtKeyUsageList, plContext),
+ PKIX_CERTGETEXTENDEDKEYUSAGEFAILED);
+
+ if (certExtKeyUsageList != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (extKeyUsageList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (extKeyUsageList, i, (PKIX_PL_Object **)&ekuOid, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (certExtKeyUsageList,
+ (PKIX_PL_Object *)ekuOid,
+ &isContained,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ PKIX_DECREF(ekuOid);
+
+ if (isContained != PKIX_TRUE) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHEXTENDEDKEYUSAGEFAILED);
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(ekuOid);
+ PKIX_DECREF(extKeyUsageList);
+ PKIX_DECREF(certExtKeyUsageList);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_KeyUsage
+ * DESCRIPTION:
+ *
+ * Determines whether the bits at KeyUsage in "params" matches with the
+ * KeyUsage pointed to by "cert". If the KeyUsage in params is 0
+ * no checking is done and the Cert is considered a match. If the Cert does
+ * not match, an Error pointer is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose ExtKeyUsage field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_KeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 keyUsage = 0;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_KeyUsage");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetKeyUsage
+ (params, &keyUsage, plContext),
+ PKIX_COMCERTSELPARAMSGETKEYUSAGEFAILED);
+
+ if (keyUsage != 0) {
+
+ PKIX_CHECK(PKIX_PL_Cert_VerifyKeyUsage
+ (cert, keyUsage, plContext),
+ PKIX_CERTVERIFYKEYUSAGEFAILED);
+
+ }
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ *pResult = PKIX_FALSE;
+ }
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_SubjKeyId
+ * DESCRIPTION:
+ *
+ * Determines whether the bytes at subjKeyId in "params" matches with the
+ * Subject Key Identifier pointed to by "cert". If the subjKeyId in params is
+ * set to NULL or the Cert doesn't have a Subject Key Identifier, no checking
+ * is done and the Cert is considered a match. If the Cert does not match, an
+ * Error pointer is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose subjKeyId field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_SubjKeyId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *selSubjKeyId = NULL;
+ PKIX_PL_ByteArray *certSubjKeyId = NULL;
+ PKIX_Boolean equals = PKIX_FALSE;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_SubjKeyId");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubjKeyIdentifier
+ (params, &selSubjKeyId, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJKEYIDENTIFIERFAILED);
+
+ if (selSubjKeyId != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectKeyIdentifier
+ (cert, &certSubjKeyId, plContext),
+ PKIX_CERTGETSUBJECTKEYIDENTIFIERFAILED);
+
+ if (certSubjKeyId == NULL) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)selSubjKeyId,
+ (PKIX_PL_Object *)certSubjKeyId,
+ &equals,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (equals == PKIX_FALSE) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJKEYIDFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(selSubjKeyId);
+ PKIX_DECREF(certSubjKeyId);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_AuthKeyId
+ * DESCRIPTION:
+ *
+ * Determines whether the bytes at authKeyId in "params" matches with the
+ * Authority Key Identifier pointed to by "cert". If the authKeyId in params
+ * is set to NULL, no checking is done and the Cert is considered a match. If
+ * the Cert does not match, an Error pointer is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose authKeyId field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_AuthKeyId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *selAuthKeyId = NULL;
+ PKIX_PL_ByteArray *certAuthKeyId = NULL;
+ PKIX_Boolean equals = PKIX_FALSE;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_AuthKeyId");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetAuthorityKeyIdentifier
+ (params, &selAuthKeyId, plContext),
+ PKIX_COMCERTSELPARAMSGETAUTHORITYKEYIDENTIFIERFAILED);
+
+ if (selAuthKeyId != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetAuthorityKeyIdentifier
+ (cert, &certAuthKeyId, plContext),
+ PKIX_CERTGETAUTHORITYKEYIDENTIFIERFAILED);
+
+ if (certAuthKeyId == NULL) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHAUTHKEYIDFAILED);
+ }
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)selAuthKeyId,
+ (PKIX_PL_Object *)certAuthKeyId,
+ &equals,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (equals != PKIX_TRUE) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHAUTHKEYIDFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(selAuthKeyId);
+ PKIX_DECREF(certAuthKeyId);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_SubjPKAlgId
+ * DESCRIPTION:
+ *
+ * Determines whether the OID at subjPKAlgId in "params" matches with the
+ * Subject Public Key Alg Id pointed to by "cert". If the subjPKAlgId in params
+ * is set to NULL, no checking is done and the Cert is considered a match. If
+ * the Cert does not match, an Error pointer is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose subjPKAlgId field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_SubjPKAlgId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_OID *selPKAlgId = NULL;
+ PKIX_PL_OID *certPKAlgId = NULL;
+ PKIX_Boolean equals = PKIX_FALSE;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_SubjPKAlgId");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubjPKAlgId
+ (params, &selPKAlgId, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJPKALGIDFAILED);
+
+ if (selPKAlgId != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKeyAlgId
+ (cert, &certPKAlgId, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYALGIDFAILED);
+
+ if (certPKAlgId != NULL) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJPKALGIDFAILED);
+ }
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)selPKAlgId,
+ (PKIX_PL_Object *)certPKAlgId,
+ &equals,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (equals != PKIX_TRUE) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJPKALGIDFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(selPKAlgId);
+ PKIX_DECREF(certPKAlgId);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Match_SubjPubKey
+ * DESCRIPTION:
+ *
+ * Determines whether the key at subjPubKey in "params" matches with the
+ * Subject Public Key pointed to by "cert". If the subjPubKey in params
+ * is set to NULL, no checking is done and the Cert is considered a match. If
+ * the Cert does not match, an Error pointer is returned.
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of ComCertSelParams whose subPubKey field is used.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched. Must be non-NULL.
+ * "pResult"
+ * Address of PKIX_Boolean that returns the match result.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_Match_SubjPubKey(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *selPK = NULL;
+ PKIX_PL_PublicKey *certPK = NULL;
+ PKIX_Boolean equals = PKIX_FALSE;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_Match_SubjPubKey");
+ PKIX_NULLCHECK_THREE(params, cert, pResult);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubjPubKey
+ (params, &selPK, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJPUBKEYFAILED);
+
+ if (selPK != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (cert, &certPK, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+
+ if (certPK == NULL) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJPUBKEYFAILED);
+ }
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)selPK,
+ (PKIX_PL_Object *)certPK,
+ &equals,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (equals != PKIX_TRUE) {
+ *pResult = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHSUBJPUBKEYFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(selPK);
+ PKIX_DECREF(certPK);
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_DefaultMatch
+ * DESCRIPTION:
+ *
+ * This default match function determines whether the specified Cert pointed
+ * to by "cert" matches the criteria of the CertSelector pointed to by
+ * "selector". If the Cert does not match the CertSelector's
+ * criteria, an error will be thrown.
+ *
+ * This default match function understands how to process the most common
+ * parameters. Any common parameter that is not set is assumed to be disabled,
+ * which means this function will select all certificates without regard to
+ * that particular disabled parameter. For example, if the SerialNumber
+ * parameter is not set, this function will not filter out any certificate
+ * based on its serial number. As such, if no parameters are set, all are
+ * disabled and any certificate will match. If a parameter is disabled, its
+ * associated PKIX_ComCertSelParams_Get* function returns a default value.
+ * That value is -1 for PKIX_ComCertSelParams_GetBasicConstraints and
+ * PKIX_ComCertSelParams_GetVersion, 0 for PKIX_ComCertSelParams_GetKeyUsage,
+ * and NULL for all other Get functions.
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CertSelector whose MatchCallback logic and parameters are
+ * to be used. Must be non-NULL.
+ * "cert"
+ * Address of Cert that is to be matched using "selector".
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CertSelector_DefaultMatch(
+ PKIX_CertSelector *selector,
+ PKIX_PL_Cert *cert,
+ void *plContext)
+{
+ PKIX_ComCertSelParams *params = NULL;
+ PKIX_PL_X500Name *certSubject = NULL;
+ PKIX_PL_X500Name *selSubject = NULL;
+ PKIX_PL_X500Name *certIssuer = NULL;
+ PKIX_PL_X500Name *selIssuer = NULL;
+ PKIX_PL_BigInt *certSerialNumber = NULL;
+ PKIX_PL_BigInt *selSerialNumber = NULL;
+ PKIX_PL_Cert *selCert = NULL;
+ PKIX_PL_Date *selDate = NULL;
+ PKIX_UInt32 selVersion = 0xFFFFFFFF;
+ PKIX_UInt32 certVersion = 0;
+ PKIX_Boolean result = PKIX_TRUE;
+ PKIX_Boolean isLeafCert = PKIX_TRUE;
+
+#ifdef PKIX_BUILDDEBUG
+ PKIX_PL_String *certString = NULL;
+ void *certAscii = NULL;
+ PKIX_UInt32 certAsciiLen;
+#endif
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_DefaultMatch");
+ PKIX_NULLCHECK_TWO(selector, cert);
+
+ PKIX_INCREF(selector->params);
+ params = selector->params;
+
+ /* Are we looking for CAs? */
+ PKIX_CHECK(PKIX_ComCertSelParams_GetLeafCertFlag
+ (params, &isLeafCert, plContext),
+ PKIX_COMCERTSELPARAMSGETLEAFCERTFLAGFAILED);
+
+ if (params == NULL){
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetVersion
+ (params, &selVersion, plContext),
+ PKIX_COMCERTSELPARAMSGETVERSIONFAILED);
+
+ if (selVersion != 0xFFFFFFFF){
+ PKIX_CHECK(PKIX_PL_Cert_GetVersion
+ (cert, &certVersion, plContext),
+ PKIX_CERTGETVERSIONFAILED);
+
+ if (selVersion != certVersion) {
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHCERTVERSIONFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubject
+ (params, &selSubject, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJECTFAILED);
+
+ if (selSubject){
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject
+ (cert, &certSubject, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+
+ if (certSubject){
+ PKIX_CHECK(PKIX_PL_X500Name_Match
+ (selSubject, certSubject, &result, plContext),
+ PKIX_X500NAMEMATCHFAILED);
+
+ if (result == PKIX_FALSE){
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHCERTSUBJECTFAILED);
+ }
+ } else { /* cert has no subject */
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHCERTSUBJECTFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetIssuer
+ (params, &selIssuer, plContext),
+ PKIX_COMCERTSELPARAMSGETISSUERFAILED);
+
+ if (selIssuer){
+ PKIX_CHECK(PKIX_PL_Cert_GetIssuer
+ (cert, &certIssuer, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ PKIX_CHECK(PKIX_PL_X500Name_Match
+ (selIssuer, certIssuer, &result, plContext),
+ PKIX_X500NAMEMATCHFAILED);
+
+ if (result == PKIX_FALSE){
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHCERTISSUERFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSerialNumber
+ (params, &selSerialNumber, plContext),
+ PKIX_COMCERTSELPARAMSGETSERIALNUMBERFAILED);
+
+ if (selSerialNumber){
+ PKIX_CHECK(PKIX_PL_Cert_GetSerialNumber
+ (cert, &certSerialNumber, plContext),
+ PKIX_CERTGETSERIALNUMBERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)selSerialNumber,
+ (PKIX_PL_Object *)certSerialNumber,
+ &result,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (result == PKIX_FALSE){
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHCERTSERIALNUMFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetCertificate
+ (params, &selCert, plContext),
+ PKIX_COMCERTSELPARAMSGETCERTIFICATEFAILED);
+
+ if (selCert){
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *) selCert,
+ (PKIX_PL_Object *) cert,
+ &result,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (result == PKIX_FALSE){
+ PKIX_ERROR(PKIX_CERTSELECTORMATCHCERTOBJECTFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetCertificateValid
+ (params, &selDate, plContext),
+ PKIX_COMCERTSELPARAMSGETCERTIFICATEVALIDFAILED);
+
+ if (selDate){
+ PKIX_CHECK(PKIX_PL_Cert_CheckValidity
+ (cert, selDate, plContext),
+ PKIX_CERTCHECKVALIDITYFAILED);
+ }
+
+ PKIX_CHECK(pkix_CertSelector_Match_BasicConstraint
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHBASICCONSTRAINTFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_Policies
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHPOLICIESFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_CertificateValid
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHCERTIFICATEVALIDFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_NameConstraints
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHNAMECONSTRAINTSFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_PathToNames
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHPATHTONAMESFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_SubjAltNames
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHSUBJALTNAMESFAILED);
+
+ /* Check key usage and cert type based on certificate usage. */
+ PKIX_CHECK(PKIX_PL_Cert_VerifyCertAndKeyType(cert, !isLeafCert,
+ plContext),
+ PKIX_CERTVERIFYCERTTYPEFAILED);
+
+ /* Next two check are for user supplied additional KU and EKU. */
+ PKIX_CHECK(pkix_CertSelector_Match_ExtendedKeyUsage
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHEXTENDEDKEYUSAGEFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_KeyUsage
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHKEYUSAGEFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_SubjKeyId
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHSUBJKEYIDFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_AuthKeyId
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHAUTHKEYIDFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_SubjPKAlgId
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHSUBJPKALGIDFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Match_SubjPubKey
+ (params, cert, &result, plContext),
+ PKIX_CERTSELECTORMATCHSUBJPUBKEYFAILED);
+
+ /* if we reach here, the cert has successfully matched criteria */
+
+
+#ifdef PKIX_BUILDDEBUG
+
+ PKIX_CHECK(pkix_pl_Cert_ToString_Helper
+ (cert, PKIX_TRUE, &certString, plContext),
+ PKIX_CERTTOSTRINGHELPERFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (certString,
+ PKIX_ESCASCII,
+ &certAscii,
+ &certAsciiLen,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_CERTSELECTOR_DEBUG_ARG("Cert Selected:\n%s\n", certAscii);
+
+#endif
+
+cleanup:
+
+#ifdef PKIX_BUILDDEBUG
+ PKIX_DECREF(certString);
+ PKIX_FREE(certAscii);
+#endif
+
+ PKIX_DECREF(certSubject);
+ PKIX_DECREF(selSubject);
+ PKIX_DECREF(certIssuer);
+ PKIX_DECREF(selIssuer);
+ PKIX_DECREF(certSerialNumber);
+ PKIX_DECREF(selSerialNumber);
+ PKIX_DECREF(selCert);
+ PKIX_DECREF(selDate);
+ PKIX_DECREF(params);
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTSELECTOR_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_CertSelector_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTSELECTOR, "pkix_CertSelector_RegisterSelf");
+
+ entry.description = "CertSelector";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_CertSelector);
+ entry.destructor = pkix_CertSelector_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_CertSelector_Duplicate;
+
+ systemClasses[PKIX_CERTSELECTOR_TYPE] = entry;
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+
+/*
+ * FUNCTION: PKIX_CertSelector_Create (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_CertSelector_Create(
+ PKIX_CertSelector_MatchCallback callback,
+ PKIX_PL_Object *certSelectorContext,
+ PKIX_CertSelector **pSelector,
+ void *plContext)
+{
+ PKIX_CertSelector *selector = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "PKIX_CertSelector_Create");
+ PKIX_NULLCHECK_ONE(pSelector);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTSELECTOR_TYPE,
+ sizeof (PKIX_CertSelector),
+ (PKIX_PL_Object **)&selector,
+ plContext),
+ PKIX_COULDNOTCREATECERTSELECTOROBJECT);
+
+ /*
+ * if user specified a particular match callback, we use that one.
+ * otherwise, we use the default match implementation which
+ * understands how to process PKIX_ComCertSelParams
+ */
+
+ if (callback){
+ selector->matchCallback = callback;
+ } else {
+ selector->matchCallback = pkix_CertSelector_DefaultMatch;
+ }
+
+ /* initialize other fields */
+ selector->params = NULL;
+
+ PKIX_INCREF(certSelectorContext);
+ selector->context = certSelectorContext;
+
+ *pSelector = selector;
+
+cleanup:
+
+ PKIX_RETURN(CERTSELECTOR);
+
+}
+
+/*
+ * FUNCTION: PKIX_CertSelector_GetMatchCallback
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_CertSelector_GetMatchCallback(
+ PKIX_CertSelector *selector,
+ PKIX_CertSelector_MatchCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSELECTOR, "PKIX_CertSelector_GetMatchCallback");
+ PKIX_NULLCHECK_TWO(selector, pCallback);
+
+ *pCallback = selector->matchCallback;
+
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: PKIX_CertSelector_GetCertSelectorContext
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_CertSelector_GetCertSelectorContext(
+ PKIX_CertSelector *selector,
+ PKIX_PL_Object **pCertSelectorContext,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSELECTOR, "PKIX_CertSelector_GetCertSelectorContext");
+ PKIX_NULLCHECK_TWO(selector, pCertSelectorContext);
+
+ PKIX_INCREF(selector->context);
+
+ *pCertSelectorContext = selector->context;
+
+cleanup:
+ PKIX_RETURN(CERTSELECTOR);
+}
+
+/*
+ * FUNCTION: PKIX_CertSelector_GetCommonCertSelectorParams
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_CertSelector_GetCommonCertSelectorParams(
+ PKIX_CertSelector *selector,
+ PKIX_ComCertSelParams **pParams,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSELECTOR,
+ "PKIX_CertSelector_GetCommonCertSelectorParams");
+
+ PKIX_NULLCHECK_TWO(selector, pParams);
+
+ PKIX_INCREF(selector->params);
+ *pParams = selector->params;
+
+cleanup:
+ PKIX_RETURN(CERTSELECTOR);
+
+}
+
+/*
+ * FUNCTION: PKIX_CertSelector_SetCommonCertSelectorParams
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_CertSelector_SetCommonCertSelectorParams(
+ PKIX_CertSelector *selector,
+ PKIX_ComCertSelParams *params,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSELECTOR,
+ "PKIX_CertSelector_SetCommonCertSelectorParams");
+
+ PKIX_NULLCHECK_ONE(selector);
+
+ PKIX_DECREF(selector->params);
+ PKIX_INCREF(params);
+ selector->params = params;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)selector, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CERTSELECTOR);
+
+}
+
+/*
+ * FUNCTION: pkix_CertSelector_Select
+ * DESCRIPTION:
+ *
+ * This function applies the selector pointed to by "selector" to each Cert,
+ * in turn, in the List pointed to by "before", and creates a List containing
+ * all the Certs that matched, or passed the selection process, storing that
+ * List at "pAfter". If no Certs match, an empty List is stored at "pAfter".
+ *
+ * The List returned in "pAfter" is immutable.
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CertSelelector to be applied to the List. Must be non-NULL.
+ * "before"
+ * Address of List that is to be filtered. Must be non-NULL.
+ * "pAfter"
+ * Address at which resulting List, possibly empty, is stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CertSelector_Select(
+ PKIX_CertSelector *selector,
+ PKIX_List *before,
+ PKIX_List **pAfter,
+ void *plContext)
+{
+ PKIX_UInt32 numBefore = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_List *filtered = NULL;
+ PKIX_PL_Cert *candidate = NULL;
+
+ PKIX_ENTER(CERTSELECTOR, "PKIX_CertSelector_Select");
+ PKIX_NULLCHECK_THREE(selector, before, pAfter);
+
+ PKIX_CHECK(PKIX_List_Create(&filtered, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(before, &numBefore, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numBefore; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (before, i, (PKIX_PL_Object **)&candidate, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK_ONLY_FATAL(selector->matchCallback
+ (selector, candidate, plContext),
+ PKIX_CERTSELECTORMATCHCALLBACKFAILED);
+
+ if (!(PKIX_ERROR_RECEIVED)) {
+
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_AppendItem
+ (filtered,
+ (PKIX_PL_Object *)candidate,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ pkixTempErrorReceived = PKIX_FALSE;
+ PKIX_DECREF(candidate);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(filtered, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ /* Don't throw away the list if one Cert was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+
+ *pAfter = filtered;
+ filtered = NULL;
+
+cleanup:
+
+ PKIX_DECREF(filtered);
+ PKIX_DECREF(candidate);
+
+ PKIX_RETURN(CERTSELECTOR);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/certsel/pkix_certselector.h b/security/nss/lib/libpkix/pkix/certsel/pkix_certselector.h
new file mode 100755
index 000000000..33b648354
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/pkix_certselector.h
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_certselector.h
+ *
+ * CertSelector Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_CERTSELECTOR_H
+#define _PKIX_CERTSELECTOR_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_CertSelectorStruct {
+ PKIX_CertSelector_MatchCallback matchCallback;
+ PKIX_ComCertSelParams *params;
+ PKIX_PL_Object *context;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_CertSelector_Select(
+ PKIX_CertSelector *selector,
+ PKIX_List *before,
+ PKIX_List **pAfter,
+ void *plContext);
+
+PKIX_Error *pkix_CertSelector_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CERTSELECTOR_H */
diff --git a/security/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.c b/security/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.c
new file mode 100755
index 000000000..a62f78d23
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.c
@@ -0,0 +1,1188 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_comcertselparams.c
+ *
+ * ComCertSelParams Object Functions
+ *
+ */
+
+#include "pkix_comcertselparams.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_ComCertSelParams_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCertSelParams_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ComCertSelParams *params = NULL;
+
+ PKIX_ENTER(COMCERTSELPARAMS, "pkix_ComCertSelParams_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a comCertSelParams object */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_COMCERTSELPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTCOMCERTSELPARAMS);
+
+ params = (PKIX_ComCertSelParams *)object;
+
+ PKIX_DECREF(params->subject);
+ PKIX_DECREF(params->policies);
+ PKIX_DECREF(params->cert);
+ PKIX_DECREF(params->nameConstraints);
+ PKIX_DECREF(params->pathToNames);
+ PKIX_DECREF(params->subjAltNames);
+ PKIX_DECREF(params->date);
+ PKIX_DECREF(params->extKeyUsage);
+ PKIX_DECREF(params->certValid);
+ PKIX_DECREF(params->issuer);
+ PKIX_DECREF(params->serialNumber);
+ PKIX_DECREF(params->authKeyId);
+ PKIX_DECREF(params->subjKeyId);
+ PKIX_DECREF(params->subjPubKey);
+ PKIX_DECREF(params->subjPKAlgId);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCertSelParams_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCertSelParams_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_ComCertSelParams *params = NULL;
+ PKIX_ComCertSelParams *paramsDuplicate = NULL;
+
+ PKIX_ENTER(COMCERTSELPARAMS, "pkix_ComCertSelParams_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_COMCERTSELPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTCOMCERTSELPARAMS);
+
+ params = (PKIX_ComCertSelParams *)object;
+
+ PKIX_CHECK(PKIX_ComCertSelParams_Create(&paramsDuplicate, plContext),
+ PKIX_COMCERTSELPARAMSCREATEFAILED);
+
+ paramsDuplicate->minPathLength = params->minPathLength;
+ paramsDuplicate->matchAllSubjAltNames = params->matchAllSubjAltNames;
+
+ PKIX_DUPLICATE(params->subject, &paramsDuplicate->subject, plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->policies, &paramsDuplicate->policies, plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ if (params->cert){
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)params->cert,
+ (PKIX_PL_Object **)&paramsDuplicate->cert,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+ }
+
+ PKIX_DUPLICATE
+ (params->nameConstraints,
+ &paramsDuplicate->nameConstraints,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->pathToNames,
+ &paramsDuplicate->pathToNames,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->subjAltNames,
+ &paramsDuplicate->subjAltNames,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ if (params->date){
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)params->date,
+ (PKIX_PL_Object **)&paramsDuplicate->date,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+ }
+
+ paramsDuplicate->keyUsage = params->keyUsage;
+
+ PKIX_DUPLICATE(params->certValid,
+ &paramsDuplicate->certValid,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->issuer,
+ &paramsDuplicate->issuer,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->serialNumber,
+ &paramsDuplicate->serialNumber,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->authKeyId,
+ &paramsDuplicate->authKeyId,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->subjKeyId,
+ &paramsDuplicate->subjKeyId,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->subjPubKey,
+ &paramsDuplicate->subjPubKey,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE(params->subjPKAlgId,
+ &paramsDuplicate->subjPKAlgId,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ paramsDuplicate->leafCertFlag = params->leafCertFlag;
+
+ *pNewObject = (PKIX_PL_Object *)paramsDuplicate;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(paramsDuplicate);
+ }
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCertSelParams_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_COMCERTSELPARAMS_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ComCertSelParams_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry* entry = &systemClasses[PKIX_COMCERTSELPARAMS_TYPE];
+
+ PKIX_ENTER(COMCERTSELPARAMS, "pkix_ComCertSelParams_RegisterSelf");
+
+ entry->description = "ComCertSelParams";
+ entry->typeObjectSize = sizeof(PKIX_ComCertSelParams);
+ entry->destructor = pkix_ComCertSelParams_Destroy;
+ entry->duplicateFunction = pkix_ComCertSelParams_Duplicate;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_Create (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_Create(
+ PKIX_ComCertSelParams **pParams,
+ void *plContext)
+{
+ PKIX_ComCertSelParams *params = NULL;
+
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_Create");
+ PKIX_NULLCHECK_ONE(pParams);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_COMCERTSELPARAMS_TYPE,
+ sizeof (PKIX_ComCertSelParams),
+ (PKIX_PL_Object **)&params,
+ plContext),
+ PKIX_COULDNOTCREATECOMMONCERTSELPARAMSOBJECT);
+
+ /* initialize fields */
+ params->version = 0xFFFFFFFF;
+ params->minPathLength = -1;
+ params->matchAllSubjAltNames = PKIX_TRUE;
+ params->subject = NULL;
+ params->policies = NULL;
+ params->cert = NULL;
+ params->nameConstraints = NULL;
+ params->pathToNames = NULL;
+ params->subjAltNames = NULL;
+ params->extKeyUsage = NULL;
+ params->keyUsage = 0;
+ params->extKeyUsage = NULL;
+ params->keyUsage = 0;
+ params->date = NULL;
+ params->certValid = NULL;
+ params->issuer = NULL;
+ params->serialNumber = NULL;
+ params->authKeyId = NULL;
+ params->subjKeyId = NULL;
+ params->subjPubKey = NULL;
+ params->subjPKAlgId = NULL;
+ params->leafCertFlag = PKIX_FALSE;
+
+ *pParams = params;
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubject (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubject(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name **pSubject,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetSubject");
+ PKIX_NULLCHECK_TWO(params, pSubject);
+
+ PKIX_INCREF(params->subject);
+
+ *pSubject = params->subject;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubject (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubject(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name *subject,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetSubject");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->subject);
+
+ PKIX_INCREF(subject);
+
+ params->subject = subject;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetBasicConstraints
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetBasicConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_Int32 *pMinPathLength,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetBasicConstraints");
+ PKIX_NULLCHECK_TWO(params, pMinPathLength);
+
+ *pMinPathLength = params->minPathLength;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetBasicConstraints
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetBasicConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_Int32 minPathLength,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetBasicConstraints");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->minPathLength = minPathLength;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetPolicy (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetPolicy(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pPolicy, /* List of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetPolicy");
+ PKIX_NULLCHECK_TWO(params, pPolicy);
+
+ PKIX_INCREF(params->policies);
+ *pPolicy = params->policies;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetPolicy (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetPolicy(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *policy, /* List of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetPolicy");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->policies);
+ PKIX_INCREF(policy);
+ params->policies = policy;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetCertificate
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetCertificate(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetCertificate");
+ PKIX_NULLCHECK_TWO(params, pCert);
+
+ PKIX_INCREF(params->cert);
+ *pCert = params->cert;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetCertificate
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetCertificate(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Cert *cert,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetCertificate");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->cert);
+ PKIX_INCREF(cert);
+ params->cert = cert;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetCertificateValid
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetCertificateValid(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetCertificateValid");
+
+ PKIX_NULLCHECK_TWO(params, pDate);
+
+ PKIX_INCREF(params->date);
+ *pDate = params->date;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetCertificateValid
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetCertificateValid(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_Date *date,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetCertificateValid");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->date);
+ PKIX_INCREF(date);
+ params->date = date;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetNameConstraints
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetNameConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetNameConstraints");
+ PKIX_NULLCHECK_TWO(params, pNameConstraints);
+
+ PKIX_INCREF(params->nameConstraints);
+
+ *pNameConstraints = params->nameConstraints;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetNameConstraints
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetNameConstraints(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetNameConstraints");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->nameConstraints);
+ PKIX_INCREF(nameConstraints);
+ params->nameConstraints = nameConstraints;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetPathToNames
+ * (see comments in pkix_certsel.h)
+ */PKIX_Error *
+PKIX_ComCertSelParams_GetPathToNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pNames, /* list of PKIX_PL_GeneralName */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetPathToNames");
+ PKIX_NULLCHECK_TWO(params, pNames);
+
+ PKIX_INCREF(params->pathToNames);
+
+ *pNames = params->pathToNames;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetPathToNames
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetPathToNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *names, /* list of PKIX_PL_GeneralName */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetPathToNames");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->pathToNames);
+ PKIX_INCREF(names);
+
+ params->pathToNames = names;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_AddPathToName
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_AddPathToName(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_GeneralName *name,
+ void *plContext)
+{
+ PKIX_List *pathToNamesList = NULL;
+
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_AddPathToName");
+ PKIX_NULLCHECK_ONE(params);
+
+ if (name == NULL) {
+ goto cleanup;
+ }
+
+ if (params->pathToNames == NULL) {
+ /* Create a list for name item */
+ PKIX_CHECK(PKIX_List_Create(&pathToNamesList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ params->pathToNames = pathToNamesList;
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (params->pathToNames, (PKIX_PL_Object *)name, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjAltNames
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pNames, /* list of PKIX_PL_GeneralName */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetSubjAltNames");
+ PKIX_NULLCHECK_TWO(params, pNames);
+
+ PKIX_INCREF(params->subjAltNames);
+
+ *pNames = params->subjAltNames;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjAltNames
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *names, /* list of PKIX_PL_GeneralName */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetSubjAltNames");
+ PKIX_NULLCHECK_TWO(params, names);
+
+ PKIX_DECREF(params->subjAltNames);
+ PKIX_INCREF(names);
+
+ params->subjAltNames = names;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_AddSubjAltNames
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_AddSubjAltName(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_GeneralName *name,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_AddSubjAltName");
+ PKIX_NULLCHECK_TWO(params, name);
+
+ if (params->subjAltNames == NULL) {
+ PKIX_CHECK(PKIX_List_Create(&list, plContext),
+ PKIX_LISTCREATEFAILED);
+ params->subjAltNames = list;
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (params->subjAltNames, (PKIX_PL_Object *)name, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS)
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetMatchAllSubjAltNames
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetMatchAllSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean *pMatch,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetMatchAllSubjAltNames");
+ PKIX_NULLCHECK_TWO(params, pMatch);
+
+ *pMatch = params->matchAllSubjAltNames;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetMatchAllSubjAltNames
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetMatchAllSubjAltNames(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean match,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetMatchAllSubjAltNames");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->matchAllSubjAltNames = match;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetExtendedKeyUsage
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetExtendedKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pExtKeyUsage, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetExtendedKeyUsage");
+ PKIX_NULLCHECK_TWO(params, pExtKeyUsage);
+
+ PKIX_INCREF(params->extKeyUsage);
+ *pExtKeyUsage = params->extKeyUsage;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetExtendedKeyUsage
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetExtendedKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_List *extKeyUsage, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetExtendedKeyUsage");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->extKeyUsage);
+ PKIX_INCREF(extKeyUsage);
+
+ params->extKeyUsage = extKeyUsage;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetKeyUsage
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_UInt32 *pKeyUsage,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetKeyUsage");
+ PKIX_NULLCHECK_TWO(params, pKeyUsage);
+
+ *pKeyUsage = params->keyUsage;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetKeyUsage
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetKeyUsage(
+ PKIX_ComCertSelParams *params,
+ PKIX_UInt32 keyUsage,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetKeyUsage");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->keyUsage = keyUsage;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetIssuer
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetIssuer(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name **pIssuer,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetIssuer");
+ PKIX_NULLCHECK_TWO(params, pIssuer);
+
+ PKIX_INCREF(params->issuer);
+ *pIssuer = params->issuer;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetIssuer
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetIssuer(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_X500Name *issuer,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetIssuer");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->issuer);
+ PKIX_INCREF(issuer);
+ params->issuer = issuer;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSerialNumber
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSerialNumber(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_BigInt **pSerialNumber,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetSerialNumber");
+ PKIX_NULLCHECK_TWO(params, pSerialNumber);
+
+ PKIX_INCREF(params->serialNumber);
+ *pSerialNumber = params->serialNumber;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSerialNumber
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSerialNumber(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_BigInt *serialNumber,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetSerialNumber");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->serialNumber);
+ PKIX_INCREF(serialNumber);
+ params->serialNumber = serialNumber;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetVersion
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetVersion(
+ PKIX_ComCertSelParams *params,
+ PKIX_UInt32 *pVersion,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetVersion");
+ PKIX_NULLCHECK_TWO(params, pVersion);
+
+ *pVersion = params->version;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetVersion
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetVersion(
+ PKIX_ComCertSelParams *params,
+ PKIX_Int32 version,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetVersion");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->version = version;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjKeyIdentifier
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray **pSubjKeyId,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetSubjKeyIdentifier");
+ PKIX_NULLCHECK_TWO(params, pSubjKeyId);
+
+ PKIX_INCREF(params->subjKeyId);
+
+ *pSubjKeyId = params->subjKeyId;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjKeyIdentifier
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray *subjKeyId,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetSubjKeyIdentifier");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->subjKeyId);
+ PKIX_INCREF(subjKeyId);
+
+ params->subjKeyId = subjKeyId;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetAuthorityKeyIdentifier
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetAuthorityKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray **pAuthKeyId,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_GetAuthorityKeyIdentifier");
+ PKIX_NULLCHECK_TWO(params, pAuthKeyId);
+
+ PKIX_INCREF(params->authKeyId);
+
+ *pAuthKeyId = params->authKeyId;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetAuthorityKeyIdentifier
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetAuthorityKeyIdentifier(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_ByteArray *authKeyId,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetAuthKeyIdentifier");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->authKeyId);
+ PKIX_INCREF(authKeyId);
+
+ params->authKeyId = authKeyId;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjPubKey
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjPubKey(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_PublicKey **pSubjPubKey,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetSubjPubKey");
+ PKIX_NULLCHECK_TWO(params, pSubjPubKey);
+
+ PKIX_INCREF(params->subjPubKey);
+
+ *pSubjPubKey = params->subjPubKey;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjPubKey
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjPubKey(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_PublicKey *subjPubKey,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS,
+ "PKIX_ComCertSelParams_SetSubjPubKey");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->subjPubKey);
+ PKIX_INCREF(subjPubKey);
+
+ params->subjPubKey = subjPubKey;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetSubjPKAlgId
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_GetSubjPKAlgId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_OID **pAlgId,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetSubjPKAlgId");
+ PKIX_NULLCHECK_TWO(params, pAlgId);
+
+ PKIX_INCREF(params->subjPKAlgId);
+
+ *pAlgId = params->subjPKAlgId;
+
+cleanup:
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetSubjPKAlgId
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetSubjPKAlgId(
+ PKIX_ComCertSelParams *params,
+ PKIX_PL_OID *algId,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetSubjPKAlgId");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->subjPKAlgId);
+ PKIX_INCREF(algId);
+
+ params->subjPKAlgId = algId;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_GetLeafCertFlag
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error*
+PKIX_ComCertSelParams_GetLeafCertFlag(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean *pLeafFlag,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_GetLeafCertFlag");
+ PKIX_NULLCHECK_TWO(params, pLeafFlag);
+
+ *pLeafFlag = params->leafCertFlag;
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCertSelParams_SetLeafCertFlag
+ * (see comments in pkix_certsel.h)
+ */
+PKIX_Error *
+PKIX_ComCertSelParams_SetLeafCertFlag(
+ PKIX_ComCertSelParams *params,
+ PKIX_Boolean leafFlag,
+ void *plContext)
+{
+ PKIX_ENTER(COMCERTSELPARAMS, "PKIX_ComCertSelParams_SetLeafCertFlag");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->leafCertFlag = leafFlag;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCERTSELPARAMS);
+}
diff --git a/security/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.h b/security/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.h
new file mode 100755
index 000000000..935c639f0
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/certsel/pkix_comcertselparams.h
@@ -0,0 +1,57 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_comcertselparams.h
+ *
+ * ComCertSelParams Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_COMCERTSELPARAMS_H
+#define _PKIX_COMCERTSELPARAMS_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * pathToNamesConstraint is Name Constraints generated based on the
+ * pathToNames. We save a cached copy to save regeneration for each
+ * check. SubjAltNames also has its cache, since SubjAltNames are
+ * verified by checker, its cache copy is stored in checkerstate.
+ */
+struct PKIX_ComCertSelParamsStruct {
+ PKIX_Int32 version;
+ PKIX_Int32 minPathLength;
+ PKIX_Boolean matchAllSubjAltNames;
+ PKIX_PL_X500Name *subject;
+ PKIX_List *policies; /* List of PKIX_PL_OID */
+ PKIX_PL_Cert *cert;
+ PKIX_PL_CertNameConstraints *nameConstraints;
+ PKIX_List *pathToNames; /* List of PKIX_PL_GeneralNames */
+ PKIX_List *subjAltNames; /* List of PKIX_PL_GeneralNames */
+ PKIX_List *extKeyUsage; /* List of PKIX_PL_OID */
+ PKIX_UInt32 keyUsage;
+ PKIX_PL_Date *date;
+ PKIX_PL_Date *certValid;
+ PKIX_PL_X500Name *issuer;
+ PKIX_PL_BigInt *serialNumber;
+ PKIX_PL_ByteArray *authKeyId;
+ PKIX_PL_ByteArray *subjKeyId;
+ PKIX_PL_PublicKey *subjPubKey;
+ PKIX_PL_OID *subjPKAlgId;
+ PKIX_Boolean leafCertFlag;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_ComCertSelParams_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_COMCERTSELPARAMS_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/Makefile b/security/nss/lib/libpkix/pkix/checker/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/checker/checker.gyp b/security/nss/lib/libpkix/pkix/checker/checker.gyp
new file mode 100644
index 000000000..ac260fc24
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/checker.gyp
@@ -0,0 +1,35 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixchecker',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_basicconstraintschecker.c',
+ 'pkix_certchainchecker.c',
+ 'pkix_crlchecker.c',
+ 'pkix_ekuchecker.c',
+ 'pkix_expirationchecker.c',
+ 'pkix_namechainingchecker.c',
+ 'pkix_nameconstraintschecker.c',
+ 'pkix_ocspchecker.c',
+ 'pkix_policychecker.c',
+ 'pkix_revocationchecker.c',
+ 'pkix_revocationmethod.c',
+ 'pkix_signaturechecker.c',
+ 'pkix_targetcertchecker.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/checker/config.mk b/security/nss/lib/libpkix/pkix/checker/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/checker/exports.gyp b/security/nss/lib/libpkix/pkix/checker/exports.gyp
new file mode 100644
index 000000000..4bd68b39c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/exports.gyp
@@ -0,0 +1,37 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_checker_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_basicconstraintschecker.h',
+ 'pkix_certchainchecker.h',
+ 'pkix_crlchecker.h',
+ 'pkix_ekuchecker.h',
+ 'pkix_expirationchecker.h',
+ 'pkix_namechainingchecker.h',
+ 'pkix_nameconstraintschecker.h',
+ 'pkix_ocspchecker.h',
+ 'pkix_policychecker.h',
+ 'pkix_revocationchecker.h',
+ 'pkix_revocationmethod.h',
+ 'pkix_signaturechecker.h',
+ 'pkix_targetcertchecker.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/manifest.mn b/security/nss/lib/libpkix/pkix/checker/manifest.mn
new file mode 100755
index 000000000..eba69d0ce
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/manifest.mn
@@ -0,0 +1,45 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_basicconstraintschecker.h \
+ pkix_certchainchecker.h \
+ pkix_crlchecker.h \
+ pkix_ekuchecker.h \
+ pkix_expirationchecker.h \
+ pkix_namechainingchecker.h \
+ pkix_nameconstraintschecker.h \
+ pkix_ocspchecker.h \
+ pkix_policychecker.h \
+ pkix_revocationmethod.h \
+ pkix_revocationchecker.h \
+ pkix_signaturechecker.h \
+ pkix_targetcertchecker.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_basicconstraintschecker.c \
+ pkix_certchainchecker.c \
+ pkix_crlchecker.c \
+ pkix_ekuchecker.c \
+ pkix_expirationchecker.c \
+ pkix_namechainingchecker.c \
+ pkix_nameconstraintschecker.c \
+ pkix_ocspchecker.c \
+ pkix_revocationmethod.c \
+ pkix_revocationchecker.c \
+ pkix_policychecker.c \
+ pkix_signaturechecker.c \
+ pkix_targetcertchecker.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixchecker
+
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c
new file mode 100755
index 000000000..0e7a87997
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.c
@@ -0,0 +1,306 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_basicconstraintschecker.c
+ *
+ * Functions for basic constraints validation
+ *
+ */
+
+#include "pkix_basicconstraintschecker.h"
+
+/* --Private-BasicConstraintsCheckerState-Functions------------------------- */
+
+/*
+ * FUNCTION: pkix_BasicConstraintsCheckerState_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_BasicConstraintsCheckerState_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_BasicConstraintsCheckerState *state = NULL;
+
+ PKIX_ENTER(BASICCONSTRAINTSCHECKERSTATE,
+ "pkix_BasicConstraintsCheckerState_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a basic constraints checker state */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_BASICCONSTRAINTSCHECKERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTBASICCONSTRAINTSCHECKERSTATE);
+
+ state = (pkix_BasicConstraintsCheckerState *)object;
+
+ PKIX_DECREF(state->basicConstraintsOID);
+
+cleanup:
+
+ PKIX_RETURN(BASICCONSTRAINTSCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_BasicConstraintsCheckerState_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERT_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_BasicConstraintsCheckerState_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(BASICCONSTRAINTSCHECKERSTATE,
+ "pkix_BasicConstraintsCheckerState_RegisterSelf");
+
+ entry.description = "BasicConstraintsCheckerState";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(pkix_BasicConstraintsCheckerState);
+ entry.destructor = pkix_BasicConstraintsCheckerState_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_BASICCONSTRAINTSCHECKERSTATE_TYPE] = entry;
+
+ PKIX_RETURN(BASICCONSTRAINTSCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_BasicConstraintsCheckerState_Create
+ * DESCRIPTION:
+ *
+ * Creates a new BasicConstraintsCheckerState using the number of certs in
+ * the chain represented by "certsRemaining" and stores it at "pState".
+ *
+ * PARAMETERS:
+ * "certsRemaining"
+ * Number of certificates in the chain.
+ * "pState"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a BasicConstraintsCheckerState Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_BasicConstraintsCheckerState_Create(
+ PKIX_UInt32 certsRemaining,
+ pkix_BasicConstraintsCheckerState **pState,
+ void *plContext)
+{
+ pkix_BasicConstraintsCheckerState *state = NULL;
+
+ PKIX_ENTER(BASICCONSTRAINTSCHECKERSTATE,
+ "pkix_BasicConstraintsCheckerState_Create");
+
+ PKIX_NULLCHECK_ONE(pState);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_BASICCONSTRAINTSCHECKERSTATE_TYPE,
+ sizeof (pkix_BasicConstraintsCheckerState),
+ (PKIX_PL_Object **)&state,
+ plContext),
+ PKIX_COULDNOTCREATEBASICCONSTRAINTSSTATEOBJECT);
+
+ /* initialize fields */
+ state->certsRemaining = certsRemaining;
+ state->maxPathLength = PKIX_UNLIMITED_PATH_CONSTRAINT;
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_BASICCONSTRAINTS_OID,
+ &state->basicConstraintsOID,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ *pState = state;
+ state = NULL;
+
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(BASICCONSTRAINTSCHECKERSTATE);
+}
+
+/* --Private-BasicConstraintsChecker-Functions------------------------------ */
+
+/*
+ * FUNCTION: pkix_BasicConstraintsChecker_Check
+ * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+ */
+PKIX_Error *
+pkix_BasicConstraintsChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions, /* list of PKIX_PL_OID */
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
+ pkix_BasicConstraintsCheckerState *state = NULL;
+ PKIX_Boolean caFlag = PKIX_FALSE;
+ PKIX_Int32 pathLength = 0;
+ PKIX_Int32 maxPathLength_now;
+ PKIX_Boolean isSelfIssued = PKIX_FALSE;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_BasicConstraintsChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ state->certsRemaining--;
+
+ if (state->certsRemaining != 0) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetBasicConstraints
+ (cert, &basicConstraints, plContext),
+ PKIX_CERTGETBASICCONSTRAINTSFAILED);
+
+ /* get CA Flag and path length */
+ if (basicConstraints != NULL) {
+ PKIX_CHECK(PKIX_PL_BasicConstraints_GetCAFlag
+ (basicConstraints,
+ &caFlag,
+ plContext),
+ PKIX_BASICCONSTRAINTSGETCAFLAGFAILED);
+
+ if (caFlag == PKIX_TRUE) {
+ PKIX_CHECK
+ (PKIX_PL_BasicConstraints_GetPathLenConstraint
+ (basicConstraints,
+ &pathLength,
+ plContext),
+ PKIX_BASICCONSTRAINTSGETPATHLENCONSTRAINTFAILED);
+ }
+
+ }else{
+ caFlag = PKIX_FALSE;
+ pathLength = PKIX_UNLIMITED_PATH_CONSTRAINT;
+ }
+
+ PKIX_CHECK(pkix_IsCertSelfIssued
+ (cert,
+ &isSelfIssued,
+ plContext),
+ PKIX_ISCERTSELFISSUEDFAILED);
+
+ maxPathLength_now = state->maxPathLength;
+
+ if (isSelfIssued != PKIX_TRUE) {
+
+ /* Not last CA Cert, but maxPathLength is down to zero */
+ if (maxPathLength_now == 0) {
+ PKIX_ERROR(PKIX_BASICCONSTRAINTSVALIDATIONFAILEDLN);
+ }
+
+ if (caFlag == PKIX_FALSE) {
+ PKIX_ERROR(PKIX_BASICCONSTRAINTSVALIDATIONFAILEDCA);
+ }
+
+ if (maxPathLength_now > 0) { /* can be unlimited (-1) */
+ maxPathLength_now--;
+ }
+
+ }
+
+ if (caFlag == PKIX_TRUE) {
+ if (maxPathLength_now == PKIX_UNLIMITED_PATH_CONSTRAINT){
+ maxPathLength_now = pathLength;
+ } else {
+ /* If pathLength is not specified, don't set */
+ if (pathLength != PKIX_UNLIMITED_PATH_CONSTRAINT) {
+ maxPathLength_now =
+ (maxPathLength_now > pathLength)?
+ pathLength:maxPathLength_now;
+ }
+ }
+ }
+
+ state->maxPathLength = maxPathLength_now;
+ }
+
+ /* Remove Basic Constraints Extension OID from list */
+ if (unresolvedCriticalExtensions != NULL) {
+
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticalExtensions,
+ (PKIX_PL_Object *) state->basicConstraintsOID,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+ }
+
+
+ PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
+ (checker, (PKIX_PL_Object *)state, plContext),
+ PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
+
+
+cleanup:
+ PKIX_DECREF(state);
+ PKIX_DECREF(basicConstraints);
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_BasicConstraintsChecker_Initialize
+ * DESCRIPTION:
+ * Registers PKIX_CERT_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_BasicConstraintsChecker_Initialize(
+ PKIX_UInt32 certsRemaining,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ pkix_BasicConstraintsCheckerState *state = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_BasicConstraintsChecker_Initialize");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(pkix_BasicConstraintsCheckerState_Create
+ (certsRemaining, &state, plContext),
+ PKIX_BASICCONSTRAINTSCHECKERSTATECREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_BasicConstraintsChecker_Check,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ NULL,
+ (PKIX_PL_Object *)state,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCHECKFAILED);
+
+cleanup:
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.h
new file mode 100755
index 000000000..7a8b09c37
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_basicconstraintschecker.h
@@ -0,0 +1,42 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_basicconstraintschecker.h
+ *
+ * Header file for basic constraints checker.
+ *
+ */
+
+#ifndef _PKIX_BASICCONSTRAINTSCHECKER_H
+#define _PKIX_BASICCONSTRAINTSCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkix_BasicConstraintsCheckerStateStruct \
+ pkix_BasicConstraintsCheckerState;
+
+struct pkix_BasicConstraintsCheckerStateStruct{
+ PKIX_PL_OID *basicConstraintsOID;
+ PKIX_Int32 certsRemaining;
+ PKIX_Int32 maxPathLength;
+};
+
+PKIX_Error *
+pkix_BasicConstraintsChecker_Initialize(
+ PKIX_UInt32 numCerts,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+PKIX_Error *
+pkix_BasicConstraintsCheckerState_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_BASICCONSTRAINTSCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c
new file mode 100755
index 000000000..a6ea50d02
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.c
@@ -0,0 +1,322 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_certchainchecker.c
+ *
+ * CertChainChecker Object Functions
+ *
+ */
+
+#include "pkix_certchainchecker.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_CertChainChecker_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertChainChecker_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_CertChainChecker *checker = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a cert chain checker */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTCERTCHAINCHECKER);
+
+ checker = (PKIX_CertChainChecker *)object;
+
+ PKIX_DECREF(checker->extensions);
+ PKIX_DECREF(checker->state);
+
+cleanup:
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_CertChainChecker_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertChainChecker_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_CertChainChecker *checker = NULL;
+ PKIX_CertChainChecker *checkerDuplicate = NULL;
+ PKIX_List *extensionsDuplicate = NULL;
+ PKIX_PL_Object *stateDuplicate = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTCHAINCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTCERTCHAINCHECKER);
+
+ checker = (PKIX_CertChainChecker *)object;
+
+ if (checker->extensions){
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)checker->extensions,
+ (PKIX_PL_Object **)&extensionsDuplicate,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+ }
+
+ if (checker->state){
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)checker->state,
+ (PKIX_PL_Object **)&stateDuplicate,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (checker->checkCallback,
+ checker->forwardChecking,
+ checker->isForwardDirectionExpected,
+ extensionsDuplicate,
+ stateDuplicate,
+ &checkerDuplicate,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)checkerDuplicate;
+
+cleanup:
+
+ PKIX_DECREF(extensionsDuplicate);
+ PKIX_DECREF(stateDuplicate);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_CertChainChecker_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTCHAINCHECKER_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_CertChainChecker_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_CertChainChecker_RegisterSelf");
+
+ entry.description = "CertChainChecker";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_CertChainChecker);
+ entry.destructor = pkix_CertChainChecker_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_CertChainChecker_Duplicate;
+
+ systemClasses[PKIX_CERTCHAINCHECKER_TYPE] = entry;
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_Create (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_Create(
+ PKIX_CertChainChecker_CheckCallback callback,
+ PKIX_Boolean forwardCheckingSupported,
+ PKIX_Boolean isForwardDirectionExpected,
+ PKIX_List *list, /* list of PKIX_PL_OID */
+ PKIX_PL_Object *initialState,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ PKIX_CertChainChecker *checker = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_Create");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTCHAINCHECKER_TYPE,
+ sizeof (PKIX_CertChainChecker),
+ (PKIX_PL_Object **)&checker,
+ plContext),
+ PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
+
+ /* initialize fields */
+ checker->checkCallback = callback;
+ checker->forwardChecking = forwardCheckingSupported;
+ checker->isForwardDirectionExpected = isForwardDirectionExpected;
+
+ PKIX_INCREF(list);
+ checker->extensions = list;
+
+ PKIX_INCREF(initialState);
+ checker->state = initialState;
+
+ *pChecker = checker;
+ checker = NULL;
+cleanup:
+
+ PKIX_DECREF(checker);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_GetCheckCallback
+ * (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_GetCheckCallback(
+ PKIX_CertChainChecker *checker,
+ PKIX_CertChainChecker_CheckCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CertChainChecker_GetCheckCallback");
+ PKIX_NULLCHECK_TWO(checker, pCallback);
+
+ *pCallback = checker->checkCallback;
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported
+ * (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_IsForwardCheckingSupported(
+ PKIX_CertChainChecker *checker,
+ PKIX_Boolean *pForwardCheckingSupported,
+ void *plContext)
+{
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "PKIX_CertChainChecker_IsForwardCheckingSupported");
+ PKIX_NULLCHECK_TWO(checker, pForwardCheckingSupported);
+
+ *pForwardCheckingSupported = checker->forwardChecking;
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected
+ * (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_IsForwardDirectionExpected(
+ PKIX_CertChainChecker *checker,
+ PKIX_Boolean *pForwardDirectionExpected,
+ void *plContext)
+{
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "PKIX_CertChainChecker_IsForwardDirectionExpected");
+ PKIX_NULLCHECK_TWO(checker, pForwardDirectionExpected);
+
+ *pForwardDirectionExpected = checker->isForwardDirectionExpected;
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState
+ * (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_GetCertChainCheckerState(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Object **pCertChainCheckerState,
+ void *plContext)
+{
+ PKIX_ENTER(CERTCHAINCHECKER,
+ "PKIX_CertChainChecker_GetCertChainCheckerState");
+
+ PKIX_NULLCHECK_TWO(checker, pCertChainCheckerState);
+
+ PKIX_INCREF(checker->state);
+
+ *pCertChainCheckerState = checker->state;
+
+cleanup:
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState
+ * (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_SetCertChainCheckerState(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Object *certChainCheckerState,
+ void *plContext)
+{
+ PKIX_ENTER(CERTCHAINCHECKER,
+ "PKIX_CertChainChecker_SetCertChainCheckerState");
+
+ PKIX_NULLCHECK_ONE(checker);
+
+ /* DecRef old contents */
+ PKIX_DECREF(checker->state);
+
+ PKIX_INCREF(certChainCheckerState);
+ checker->state = certChainCheckerState;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)checker, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions
+ * (see comments in pkix_checker.h)
+ */
+PKIX_Error *
+PKIX_CertChainChecker_GetSupportedExtensions(
+ PKIX_CertChainChecker *checker,
+ PKIX_List **pExtensions, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_ENTER(CERTCHAINCHECKER,
+ "PKIX_CertChainChecker_GetSupportedExtensions");
+
+ PKIX_NULLCHECK_TWO(checker, pExtensions);
+
+ PKIX_INCREF(checker->extensions);
+
+ *pExtensions = checker->extensions;
+
+cleanup:
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.h
new file mode 100755
index 000000000..ff6454761
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_certchainchecker.h
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_certchainchecker.h
+ *
+ * CertChainChecker Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_CERTCHAINCHECKER_H
+#define _PKIX_CERTCHAINCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_CertChainCheckerStruct {
+ PKIX_CertChainChecker_CheckCallback checkCallback;
+ PKIX_List *extensions;
+ PKIX_PL_Object *state;
+ PKIX_Boolean forwardChecking;
+ PKIX_Boolean isForwardDirectionExpected;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_CertChainChecker_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CERTCHAINCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.c
new file mode 100644
index 000000000..d6f5b6bcc
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.c
@@ -0,0 +1,438 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_defaultcrlchecker.c
+ *
+ * Functions for default CRL Checkers
+ *
+ */
+#include "pkix.h"
+#include "pkix_crlchecker.h"
+#include "pkix_tools.h"
+
+/* --Private-CRLChecker-Data-and-Types------------------------------- */
+
+typedef struct pkix_CrlCheckerStruct {
+ /* RevocationMethod is the super class of CrlChecker. */
+ pkix_RevocationMethod method;
+ PKIX_List *certStores; /* list of CertStore */
+ PKIX_PL_VerifyCallback crlVerifyFn;
+} pkix_CrlChecker;
+
+
+/* --Private-CRLChecker-Functions----------------------------------- */
+
+/*
+ * FUNCTION: pkix_CrlCheckerstate_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CrlChecker_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_CrlChecker *state = NULL;
+
+ PKIX_ENTER(CRLCHECKER, "pkix_CrlChecker_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a default CRL checker state */
+ PKIX_CHECK(
+ pkix_CheckType(object, PKIX_CRLCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTCRLCHECKER);
+
+ state = (pkix_CrlChecker *)object;
+
+ PKIX_DECREF(state->certStores);
+
+cleanup:
+
+ PKIX_RETURN(CRLCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_CrlChecker_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_CRLCHECKER_TYPE and its related functions
+ * with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_CrlChecker_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry* entry = &systemClasses[PKIX_CRLCHECKER_TYPE];
+
+ PKIX_ENTER(CRLCHECKER, "pkix_CrlChecker_RegisterSelf");
+
+ entry->description = "CRLChecker";
+ entry->typeObjectSize = sizeof(pkix_CrlChecker);
+ entry->destructor = pkix_CrlChecker_Destroy;
+
+ PKIX_RETURN(CRLCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_CrlChecker_Create
+ *
+ * DESCRIPTION:
+ * Allocate and initialize CRLChecker state data.
+ *
+ * PARAMETERS
+ * "certStores"
+ * Address of CertStore List to be stored in state. Must be non-NULL.
+ * "testDate"
+ * Address of PKIX_PL_Date to be checked. May be NULL.
+ * "trustedPubKey"
+ * Trusted Anchor Public Key for verifying first Cert in the chain.
+ * Must be non-NULL.
+ * "certsRemaining"
+ * Number of certificates remaining in the chain.
+ * "nistCRLPolicyEnabled"
+ * If enabled, enforce nist crl policy.
+ * "pChecker"
+ * Address of CRLChecker that is returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a DefaultCrlChecker Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error
+ */
+PKIX_Error *
+pkix_CrlChecker_Create(PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ pkix_LocalRevocationCheckFn localRevChecker,
+ pkix_ExternalRevocationCheckFn externalRevChecker,
+ PKIX_List *certStores,
+ PKIX_PL_VerifyCallback crlVerifyFn,
+ pkix_RevocationMethod **pChecker,
+ void *plContext)
+{
+ pkix_CrlChecker *crlChecker = NULL;
+
+ PKIX_ENTER(CRLCHECKER, "pkix_CrlChecker_Create");
+ PKIX_NULLCHECK_TWO(certStores, pChecker);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CRLCHECKER_TYPE,
+ sizeof (pkix_CrlChecker),
+ (PKIX_PL_Object **)&crlChecker,
+ plContext),
+ PKIX_COULDNOTCREATECRLCHECKEROBJECT);
+
+ pkixErrorResult = pkix_RevocationMethod_Init(
+ (pkix_RevocationMethod*)crlChecker, methodType, flags, priority,
+ localRevChecker, externalRevChecker, plContext);
+ if (pkixErrorResult) {
+ goto cleanup;
+ }
+
+ /* Initialize fields */
+ PKIX_INCREF(certStores);
+ crlChecker->certStores = certStores;
+
+ crlChecker->crlVerifyFn = crlVerifyFn;
+ *pChecker = (pkix_RevocationMethod*)crlChecker;
+ crlChecker = NULL;
+
+cleanup:
+ PKIX_DECREF(crlChecker);
+
+ PKIX_RETURN(CRLCHECKER);
+}
+
+/* --Private-CRLChecker-Functions------------------------------------ */
+
+/*
+ * FUNCTION: pkix_CrlChecker_CheckLocal
+ *
+ * DESCRIPTION:
+ * Check if the Cert has been revoked based the CRLs data. This function
+ * maintains the checker state to be current.
+ *
+ * PARAMETERS
+ * "checker"
+ * Address of CertChainChecker which has the state data.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Certificate that is to be validated. Must be non-NULL.
+ * "unreslvdCrtExts"
+ * A List OIDs. Not **yet** used in this checker function.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error
+ */
+PKIX_Error *
+pkix_CrlChecker_CheckLocal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean chainVerificationState,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *pReasonCode,
+ void *plContext)
+{
+ PKIX_CertStore_CheckRevokationByCrlCallback storeCheckRevocationFn;
+ PKIX_CertStore *certStore = NULL;
+ pkix_CrlChecker *state = NULL;
+ PKIX_UInt32 crlStoreIndex = 0;
+ PKIX_UInt32 numCrlStores = 0;
+ PKIX_Boolean storeIsLocal = PKIX_FALSE;
+ PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_CrlChecker_CheckLocal");
+ PKIX_NULLCHECK_FOUR(cert, issuer, checkerObject, checkerObject);
+
+ state = (pkix_CrlChecker*)checkerObject;
+
+ PKIX_CHECK(
+ PKIX_List_GetLength(state->certStores, &numCrlStores, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (;crlStoreIndex < numCrlStores;crlStoreIndex++) {
+ PKIX_CHECK(
+ PKIX_List_GetItem(state->certStores, crlStoreIndex,
+ (PKIX_PL_Object **)&certStore,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ PKIX_CertStore_GetLocalFlag(certStore, &storeIsLocal,
+ plContext),
+ PKIX_CERTSTOREGETLOCALFLAGFAILED);
+ if (storeIsLocal) {
+ PKIX_CHECK(
+ PKIX_CertStore_GetCrlCheckerFn(certStore,
+ &storeCheckRevocationFn,
+ plContext),
+ PKIX_CERTSTOREGETCHECKREVBYCRLFAILED);
+
+ if (storeCheckRevocationFn) {
+ PKIX_CHECK(
+ (*storeCheckRevocationFn)(certStore, cert, issuer,
+ /* delay sig check if building
+ * a chain by not specifying the time*/
+ chainVerificationState ? date : NULL,
+ /* crl downloading is not done. */
+ PKIX_FALSE,
+ pReasonCode, &revStatus, plContext),
+ PKIX_CERTSTORECRLCHECKFAILED);
+ if (revStatus == PKIX_RevStatus_Revoked) {
+ break;
+ }
+ }
+ }
+ PKIX_DECREF(certStore);
+ } /* while */
+
+cleanup:
+ *pRevStatus = revStatus;
+ PKIX_DECREF(certStore);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_CrlChecker_CheckRemote
+ *
+ * DESCRIPTION:
+ * Check if the Cert has been revoked based the CRLs data. This function
+ * maintains the checker state to be current.
+ *
+ * PARAMETERS
+ * "checker"
+ * Address of CertChainChecker which has the state data.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Certificate that is to be validated. Must be non-NULL.
+ * "unreslvdCrtExts"
+ * A List OIDs. Not **yet** used in this checker function.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error
+ */
+PKIX_Error *
+pkix_CrlChecker_CheckExternal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *pReasonCode,
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_CertStore_CheckRevokationByCrlCallback storeCheckRevocationFn = NULL;
+ PKIX_CertStore_ImportCrlCallback storeImportCrlFn = NULL;
+ PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
+ PKIX_CertStore *certStore = NULL;
+ PKIX_CertStore *localStore = NULL;
+ PKIX_CRLSelector *crlSelector = NULL;
+ PKIX_PL_X500Name *issuerName = NULL;
+ pkix_CrlChecker *state = NULL;
+ PKIX_UInt32 crlStoreIndex = 0;
+ PKIX_UInt32 numCrlStores = 0;
+ PKIX_Boolean storeIsLocal = PKIX_FALSE;
+ PKIX_List *crlList = NULL;
+ PKIX_List *dpList = NULL;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_CrlChecker_CheckExternal");
+ PKIX_NULLCHECK_FOUR(cert, issuer, checkerObject, pNBIOContext);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL; /* prepare for Error exit */
+
+ state = (pkix_CrlChecker*)checkerObject;
+
+ PKIX_CHECK(
+ PKIX_List_GetLength(state->certStores, &numCrlStores, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ /* Find a cert store that is capable of storing crls */
+ for (;crlStoreIndex < numCrlStores;crlStoreIndex++) {
+ PKIX_CHECK(
+ PKIX_List_GetItem(state->certStores, crlStoreIndex,
+ (PKIX_PL_Object **)&certStore,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ PKIX_CertStore_GetLocalFlag(certStore, &storeIsLocal,
+ plContext),
+ PKIX_CERTSTOREGETLOCALFLAGFAILED);
+ if (storeIsLocal) {
+ PKIX_CHECK(
+ PKIX_CertStore_GetImportCrlCallback(certStore,
+ &storeImportCrlFn,
+ plContext),
+ PKIX_CERTSTOREGETCHECKREVBYCRLFAILED);
+
+ PKIX_CHECK(
+ PKIX_CertStore_GetCrlCheckerFn(certStore,
+ &storeCheckRevocationFn,
+ plContext),
+ PKIX_CERTSTOREGETCHECKREVBYCRLFAILED);
+
+ if (storeImportCrlFn && storeCheckRevocationFn) {
+ localStore = certStore;
+ certStore = NULL;
+ break;
+ }
+ }
+ PKIX_DECREF(certStore);
+ } /* while */
+
+ /* Report unknown status if we can not check crl in one of the
+ * local stores. */
+ if (!localStore) {
+ PKIX_ERROR_FATAL(PKIX_CRLCHECKERNOLOCALCERTSTOREFOUND);
+ }
+ PKIX_CHECK(
+ PKIX_PL_Cert_VerifyKeyUsage(issuer, PKIX_CRL_SIGN, plContext),
+ PKIX_CERTCHECKKEYUSAGEFAILED);
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetCrlDp(cert, &dpList, plContext),
+ PKIX_CERTGETCRLDPFAILED);
+ if (!(methodFlags & PKIX_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE) &&
+ (!dpList || !dpList->length)) {
+ goto cleanup;
+ }
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetIssuer(cert, &issuerName, plContext),
+ PKIX_CERTGETISSUERFAILED);
+ PKIX_CHECK(
+ PKIX_CRLSelector_Create(issuer, dpList, date, &crlSelector, plContext),
+ PKIX_CRLCHECKERSETSELECTORFAILED);
+ /* Fetch crl and store in a local cert store */
+ for (crlStoreIndex = 0;crlStoreIndex < numCrlStores;crlStoreIndex++) {
+ PKIX_CertStore_CRLCallback getCrlsFn;
+
+ PKIX_CHECK(
+ PKIX_List_GetItem(state->certStores, crlStoreIndex,
+ (PKIX_PL_Object **)&certStore,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ PKIX_CertStore_GetCRLCallback(certStore, &getCrlsFn,
+ plContext),
+ PKIX_CERTSTOREGETCRLCALLBACKFAILED);
+
+ PKIX_CHECK(
+ (*getCrlsFn)(certStore, crlSelector, &nbioContext,
+ &crlList, plContext),
+ PKIX_GETCRLSFAILED);
+
+ PKIX_CHECK(
+ (*storeImportCrlFn)(localStore, issuerName, crlList, plContext),
+ PKIX_CERTSTOREFAILTOIMPORTCRLLIST);
+
+ PKIX_CHECK(
+ (*storeCheckRevocationFn)(certStore, cert, issuer, date,
+ /* done with crl downloading */
+ PKIX_TRUE,
+ pReasonCode, &revStatus, plContext),
+ PKIX_CERTSTORECRLCHECKFAILED);
+ if (revStatus != PKIX_RevStatus_NoInfo) {
+ break;
+ }
+ PKIX_DECREF(crlList);
+ PKIX_DECREF(certStore);
+ } /* while */
+
+cleanup:
+ /* Update return flags */
+ if (revStatus == PKIX_RevStatus_NoInfo &&
+ ((dpList && dpList->length > 0) ||
+ (methodFlags & PKIX_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE)) &&
+ methodFlags & PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO) {
+ revStatus = PKIX_RevStatus_Revoked;
+ }
+ *pRevStatus = revStatus;
+
+ PKIX_DECREF(dpList);
+ PKIX_DECREF(crlList);
+ PKIX_DECREF(certStore);
+ PKIX_DECREF(issuerName);
+ PKIX_DECREF(localStore);
+ PKIX_DECREF(crlSelector);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.h
new file mode 100644
index 000000000..35f1a4745
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_crlchecker.h
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_defaultcrlchecker.h
+ *
+ * Header file for default CRL function
+ *
+ */
+
+#ifndef _PKIX_CRLCHECKER_H
+#define _PKIX_CRLCHECKER_H
+
+#include "pkixt.h"
+#include "pkix_revocationmethod.h"
+#include "pkix_crlsel.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* NOTE: nbio logic removed. Will be replaced later. */
+
+PKIX_Error *
+pkix_CrlChecker_CheckLocal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean chainVerificationState,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *reasonCode,
+ void *plContext);
+
+PKIX_Error *
+pkix_CrlChecker_CheckExternal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *reasonCode,
+ void **pNBIOContext,
+ void *plContext);
+
+PKIX_Error *
+pkix_CrlChecker_Create(PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ pkix_LocalRevocationCheckFn localRevChecker,
+ pkix_ExternalRevocationCheckFn externalRevChecker,
+ PKIX_List *certStores,
+ PKIX_PL_VerifyCallback crlVerifyFn,
+ pkix_RevocationMethod **pChecker,
+ void *plContext);
+
+PKIX_Error *
+pkix_CrlChecker_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CRLCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.c
new file mode 100644
index 000000000..a2b843739
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.c
@@ -0,0 +1,328 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_ekuchecker.c
+ *
+ * User Defined ExtenedKeyUsage Function Definitions
+ *
+ */
+
+#include "pkix_ekuchecker.h"
+
+SECOidTag ekuOidStrings[] = {
+ PKIX_KEY_USAGE_SERVER_AUTH_OID,
+ PKIX_KEY_USAGE_CLIENT_AUTH_OID,
+ PKIX_KEY_USAGE_CODE_SIGN_OID,
+ PKIX_KEY_USAGE_EMAIL_PROTECT_OID,
+ PKIX_KEY_USAGE_TIME_STAMP_OID,
+ PKIX_KEY_USAGE_OCSP_RESPONDER_OID,
+ PKIX_UNKNOWN_OID
+};
+
+typedef struct pkix_EkuCheckerStruct {
+ PKIX_List *requiredExtKeyUsageOids;
+ PKIX_PL_OID *ekuOID;
+} pkix_EkuChecker;
+
+
+/*
+ * FUNCTION: pkix_EkuChecker_Destroy
+ * (see comments for PKIX_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_EkuChecker_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_EkuChecker *ekuCheckerState = NULL;
+
+ PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_EKUCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTANEKUCHECKERSTATE);
+
+ ekuCheckerState = (pkix_EkuChecker *)object;
+
+ PKIX_DECREF(ekuCheckerState->ekuOID);
+ PKIX_DECREF(ekuCheckerState->requiredExtKeyUsageOids);
+
+cleanup:
+
+ PKIX_RETURN(EKUCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_EkuChecker_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_PL_HTTPCERTSTORECONTEXT_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_EkuChecker_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry = &systemClasses[PKIX_EKUCHECKER_TYPE];
+
+ PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_RegisterSelf");
+
+ entry->description = "EkuChecker";
+ entry->typeObjectSize = sizeof(pkix_EkuChecker);
+ entry->destructor = pkix_EkuChecker_Destroy;
+
+ PKIX_RETURN(EKUCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_EkuChecker_Create
+ * DESCRIPTION:
+ *
+ * Creates a new Extend Key Usage CheckerState using "params" to retrieve
+ * application specified EKU for verification and stores it at "pState".
+ *
+ * PARAMETERS:
+ * "params"
+ * a PKIX_ProcessingParams links to PKIX_ComCertSelParams where a list of
+ * Extended Key Usage OIDs specified by application can be retrieved for
+ * verification.
+ * "pState"
+ * Address where state pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a UserDefinedModules Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_EkuChecker_Create(
+ PKIX_ProcessingParams *params,
+ pkix_EkuChecker **pState,
+ void *plContext)
+{
+ pkix_EkuChecker *state = NULL;
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_ComCertSelParams *comCertSelParams = NULL;
+ PKIX_List *requiredOids = NULL;
+
+ PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Create");
+ PKIX_NULLCHECK_TWO(params, pState);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_EKUCHECKER_TYPE,
+ sizeof (pkix_EkuChecker),
+ (PKIX_PL_Object **)&state,
+ plContext),
+ PKIX_COULDNOTCREATEEKUCHECKERSTATEOBJECT);
+
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraints
+ (params, &certSelector, plContext),
+ PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
+
+ if (certSelector != NULL) {
+
+ /* Get initial EKU OIDs from ComCertSelParams, if set */
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (certSelector, &comCertSelParams, plContext),
+ PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED);
+
+ if (comCertSelParams != NULL) {
+ PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsage
+ (comCertSelParams, &requiredOids, plContext),
+ PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED);
+
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_EXTENDEDKEYUSAGE_OID,
+ &state->ekuOID,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ state->requiredExtKeyUsageOids = requiredOids;
+ requiredOids = NULL;
+ *pState = state;
+ state = NULL;
+
+cleanup:
+
+ PKIX_DECREF(certSelector);
+ PKIX_DECREF(comCertSelParams);
+ PKIX_DECREF(requiredOids);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(EKUCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_EkuChecker_Check
+ * DESCRIPTION:
+ *
+ * This function determines the Extended Key Usage OIDs specified by the
+ * application is included in the Extended Key Usage OIDs of this "cert".
+ *
+ * PARAMETERS:
+ * "checker"
+ * Address of CertChainChecker which has the state data.
+ * Must be non-NULL.
+ * "cert"
+ * Address of Certificate that is to be validated. Must be non-NULL.
+ * "unresolvedCriticalExtensions"
+ * A List OIDs. The OID for Extended Key Usage is removed.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a UserDefinedModules Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_EkuChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions,
+ void **pNBIOContext,
+ void *plContext)
+{
+ pkix_EkuChecker *state = NULL;
+ PKIX_List *requiredExtKeyUsageList = NULL;
+ PKIX_List *certExtKeyUsageList = NULL;
+ PKIX_PL_OID *ekuOid = NULL;
+ PKIX_Boolean isContained = PKIX_FALSE;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+ PKIX_Boolean checkResult = PKIX_TRUE;
+
+ PKIX_ENTER(EKUCHECKER, "pkix_EkuChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* no non-blocking IO */
+
+ PKIX_CHECK(
+ PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ requiredExtKeyUsageList = state->requiredExtKeyUsageOids;
+ if (requiredExtKeyUsageList == NULL) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(
+ PKIX_List_GetLength(requiredExtKeyUsageList, &numItems,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ if (numItems == 0) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetExtendedKeyUsage(cert, &certExtKeyUsageList,
+ plContext),
+ PKIX_CERTGETEXTENDEDKEYUSAGEFAILED);
+
+ if (certExtKeyUsageList == NULL) {
+ goto cleanup;
+ }
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(
+ PKIX_List_GetItem(requiredExtKeyUsageList, i,
+ (PKIX_PL_Object **)&ekuOid, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ pkix_List_Contains(certExtKeyUsageList,
+ (PKIX_PL_Object *)ekuOid,
+ &isContained,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ PKIX_DECREF(ekuOid);
+ if (isContained != PKIX_TRUE) {
+ checkResult = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+
+cleanup:
+ if (!pkixErrorResult && checkResult == PKIX_FALSE) {
+ pkixErrorReceived = PKIX_TRUE;
+ pkixErrorCode = PKIX_EXTENDEDKEYUSAGECHECKINGFAILED;
+ }
+
+ PKIX_DECREF(ekuOid);
+ PKIX_DECREF(certExtKeyUsageList);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(EKUCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_EkuChecker_Initialize
+ * (see comments in pkix_sample_modules.h)
+ */
+PKIX_Error *
+PKIX_EkuChecker_Create(
+ PKIX_ProcessingParams *params,
+ PKIX_CertChainChecker **pEkuChecker,
+ void *plContext)
+{
+ pkix_EkuChecker *state = NULL;
+ PKIX_List *critExtOIDsList = NULL;
+
+ PKIX_ENTER(EKUCHECKER, "PKIX_EkuChecker_Initialize");
+ PKIX_NULLCHECK_ONE(params);
+
+ /*
+ * This function and functions in this file provide an example of how
+ * an application defined checker can be hooked into libpkix.
+ */
+
+ PKIX_CHECK(pkix_EkuChecker_Create
+ (params, &state, plContext),
+ PKIX_EKUCHECKERSTATECREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&critExtOIDsList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (critExtOIDsList,
+ (PKIX_PL_Object *)state->ekuOID,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_EkuChecker_Check,
+ PKIX_TRUE, /* forwardCheckingSupported */
+ PKIX_FALSE, /* forwardDirectionExpected */
+ critExtOIDsList,
+ (PKIX_PL_Object *) state,
+ pEkuChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+cleanup:
+
+ PKIX_DECREF(critExtOIDsList);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(EKUCHECKER);
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.h
new file mode 100644
index 000000000..e542dda20
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_ekuchecker.h
@@ -0,0 +1,92 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_ekuchecker.h
+ *
+ * User Defined Object Type Extended Key Usage Definition
+ *
+ */
+
+#ifndef _PKIX_EKUCHECKER_H
+#define _PKIX_EKUCHECKER_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * FUNCTION: PKIX_PL_EkuChecker_Create
+ *
+ * DESCRIPTION:
+ * Create a CertChainChecker with EkuCheckerState and add it into
+ * PKIX_ProcessingParams object.
+ *
+ * PARAMETERS
+ * "params"
+ * a PKIX_ProcessingParams links to PKIX_ComCertSelParams where a list of
+ * Extended Key Usage OIDs specified by application can be retrieved for
+ * verification.
+ * "ekuChecker"
+ * Address of created ekuchecker.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a UserDefinedModules Error if the function fails in a non-fatal
+ * way.
+ * Returns a Fatal Error
+ */
+PKIX_Error *
+PKIX_EkuChecker_Create(
+ PKIX_ProcessingParams *params,
+ PKIX_CertChainChecker **ekuChecker,
+ void *plContext);
+
+/*
+ * FUNCTION: PKIX_PL_EkuChecker_GetRequiredEku
+ *
+ * DESCRIPTION:
+ * This function retrieves application specified ExtenedKeyUsage(s) from
+ * ComCertSetparams and converts its OID representations to SECCertUsageEnum.
+ * The result is stored and returned in bit mask at "pRequiredExtKeyUsage".
+ *
+ * PARAMETERS
+ * "certSelector"
+ * a PKIX_CertSelector links to PKIX_ComCertSelParams where a list of
+ * Extended Key Usage OIDs specified by application can be retrieved for
+ * verification. Must be non-NULL.
+ * "pRequiredExtKeyUsage"
+ * Address where the result is returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a UserDefinedModules Error if the function fails in a non-fatal
+ * way.
+ * Returns a Fatal Error
+ */
+PKIX_Error *
+pkix_EkuChecker_GetRequiredEku(
+ PKIX_CertSelector *certSelector,
+ PKIX_UInt32 *pRequiredExtKeyUsage,
+ void *plContext);
+
+/* see source file for function documentation */
+PKIX_Error *pkix_EkuChecker_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_EKUCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.c
new file mode 100755
index 000000000..4f101ee29
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.c
@@ -0,0 +1,113 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_expirationchecker.c
+ *
+ * Functions for expiration validation
+ *
+ */
+
+
+#include "pkix_expirationchecker.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_ExpirationChecker_Check
+ * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+ */
+PKIX_Error *
+pkix_ExpirationChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions,
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_PL_Date *testDate = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_ExpirationChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&testDate, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_CheckValidity(cert, testDate, plContext),
+ PKIX_CERTCHECKVALIDITYFAILED);
+
+cleanup:
+
+ PKIX_DECREF(testDate);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_ExpirationChecker_Initialize
+ * DESCRIPTION:
+ *
+ * Creates a new CertChainChecker and stores it at "pChecker", where it will
+ * used by pkix_ExpirationChecker_Check to check that the certificate has not
+ * expired with respect to the Date pointed to by "testDate." If "testDate"
+ * is NULL, then the CertChainChecker will check that a certificate has not
+ * expired with respect to the current date and time.
+ *
+ * PARAMETERS:
+ * "testDate"
+ * Address of Date representing the point in time at which the cert is to
+ * be validated. If "testDate" is NULL, the current date and time is used.
+ * "pChecker"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_ExpirationChecker_Initialize(
+ PKIX_PL_Date *testDate,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ PKIX_PL_Date *myDate = NULL;
+ PKIX_PL_Date *nowDate = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_ExpirationChecker_Initialize");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ /* if testDate is NULL, we use the current time */
+ if (!testDate){
+ PKIX_CHECK(PKIX_PL_Date_Create_UTCTime
+ (NULL, &nowDate, plContext),
+ PKIX_DATECREATEUTCTIMEFAILED);
+ myDate = nowDate;
+ } else {
+ myDate = testDate;
+ }
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_ExpirationChecker_Check,
+ PKIX_TRUE,
+ PKIX_FALSE,
+ NULL,
+ (PKIX_PL_Object *)myDate,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(nowDate);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.h
new file mode 100755
index 000000000..17b5c1bc1
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_expirationchecker.h
@@ -0,0 +1,30 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_expirationchecker.h
+ *
+ * Header file for validate expiration function
+ *
+ */
+
+#ifndef _PKIX_EXPIRATIONCHECKER_H
+#define _PKIX_EXPIRATIONCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+PKIX_Error *
+pkix_ExpirationChecker_Initialize(
+ PKIX_PL_Date *testDate,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_EXPIRATIONCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.c
new file mode 100755
index 000000000..873d19cd0
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.c
@@ -0,0 +1,121 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_namechainingchecker.c
+ *
+ * Functions for name chaining validation
+ *
+ */
+
+
+#include "pkix_namechainingchecker.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_NameChainingChecker_Check
+ * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+ */
+PKIX_Error *
+pkix_NameChainingChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions,
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_PL_X500Name *prevSubject = NULL;
+ PKIX_PL_X500Name *currIssuer = NULL;
+ PKIX_PL_X500Name *currSubject = NULL;
+ PKIX_Boolean result;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_NameChainingChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&prevSubject, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetIssuer(cert, &currIssuer, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ if (prevSubject){
+ PKIX_CHECK(PKIX_PL_X500Name_Match
+ (prevSubject, currIssuer, &result, plContext),
+ PKIX_X500NAMEMATCHFAILED);
+ if (!result){
+ PKIX_ERROR(PKIX_NAMECHAININGCHECKFAILED);
+ }
+ } else {
+ PKIX_ERROR(PKIX_NAMECHAININGCHECKFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject(cert, &currSubject, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
+ (checker, (PKIX_PL_Object *)currSubject, plContext),
+ PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(prevSubject);
+ PKIX_DECREF(currIssuer);
+ PKIX_DECREF(currSubject);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_NameChainingChecker_Initialize
+ * DESCRIPTION:
+ *
+ * Creates a new CertChainChecker and stores it at "pChecker", where it will
+ * be used by pkix_NameChainingChecker_Check to check that the issuer name
+ * of the certificate matches the subject name in the checker's state. The
+ * X500Name pointed to by "trustedCAName" is used to initialize the checker's
+ * state.
+ *
+ * PARAMETERS:
+ * "trustedCAName"
+ * Address of X500Name representing the trusted CA Name used to
+ * initialize the state of this checker. Must be non-NULL.
+ * "pChecker"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_NameChainingChecker_Initialize(
+ PKIX_PL_X500Name *trustedCAName,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ PKIX_ENTER(CERTCHAINCHECKER, "PKIX_NameChainingChecker_Initialize");
+ PKIX_NULLCHECK_TWO(pChecker, trustedCAName);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_NameChainingChecker_Check,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ NULL,
+ (PKIX_PL_Object *)trustedCAName,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.h
new file mode 100755
index 000000000..bc413f456
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_namechainingchecker.h
@@ -0,0 +1,30 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_namechainingchecker.h
+ *
+ * Header file for name chaining checker.
+ *
+ */
+
+#ifndef _PKIX_NAMECHAININGCHECKER_H
+#define _PKIX_NAMECHAININGCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+PKIX_Error *
+pkix_NameChainingChecker_Initialize(
+ PKIX_PL_X500Name *trustedCAName,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_NAMECHAININGCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.c
new file mode 100755
index 000000000..7c9430d3c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.c
@@ -0,0 +1,308 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_nameconstraintschecker.c
+ *
+ * Functions for Name Constraints Checkers
+ *
+ */
+
+#include "pkix_nameconstraintschecker.h"
+
+/* --Private-NameConstraintsCheckerState-Functions---------------------- */
+
+/*
+ * FUNCTION: pkix_NameConstraintsCheckerstate_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_NameConstraintsCheckerState_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_NameConstraintsCheckerState *state = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTSCHECKERSTATE,
+ "pkix_NameConstraintsCheckerState_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that object type */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTNAMECONSTRAINTSCHECKERSTATE);
+
+ state = (pkix_NameConstraintsCheckerState *)object;
+
+ PKIX_DECREF(state->nameConstraints);
+ PKIX_DECREF(state->nameConstraintsOID);
+
+cleanup:
+
+ PKIX_RETURN(CERTNAMECONSTRAINTSCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_NameConstraintsCheckerState_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_NameConstraintsCheckerState_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTSCHECKERSTATE,
+ "pkix_NameConstraintsCheckerState_RegisterSelf");
+
+ entry.description = "NameConstraintsCheckerState";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(pkix_NameConstraintsCheckerState);
+ entry.destructor = pkix_NameConstraintsCheckerState_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_TYPE] = entry;
+
+ PKIX_RETURN(CERTNAMECONSTRAINTSCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_NameConstraintsCheckerState_Create
+ *
+ * DESCRIPTION:
+ * Allocate and initialize NameConstraintsChecker state data.
+ *
+ * PARAMETERS
+ * "nameConstraints"
+ * Address of NameConstraints to be stored in state. May be NULL.
+ * "numCerts"
+ * Number of certificates in the validation chain. This data is used
+ * to identify end-entity.
+ * "pCheckerState"
+ * Address of NameConstraintsCheckerState that is returned. Must be
+ * non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CERTNAMECONSTRAINTSCHECKERSTATE Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error
+ */
+static PKIX_Error *
+pkix_NameConstraintsCheckerState_Create(
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_UInt32 numCerts,
+ pkix_NameConstraintsCheckerState **pCheckerState,
+ void *plContext)
+{
+ pkix_NameConstraintsCheckerState *state = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTSCHECKERSTATE,
+ "pkix_NameConstraintsCheckerState_Create");
+ PKIX_NULLCHECK_ONE(pCheckerState);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_TYPE,
+ sizeof (pkix_NameConstraintsCheckerState),
+ (PKIX_PL_Object **)&state,
+ plContext),
+ PKIX_COULDNOTCREATENAMECONSTRAINTSCHECKERSTATEOBJECT);
+
+ /* Initialize fields */
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_NAMECONSTRAINTS_OID,
+ &state->nameConstraintsOID,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_INCREF(nameConstraints);
+
+ state->nameConstraints = nameConstraints;
+ state->certsRemaining = numCerts;
+
+ *pCheckerState = state;
+ state = NULL;
+
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTNAMECONSTRAINTSCHECKERSTATE);
+}
+
+/* --Private-NameConstraintsChecker-Functions------------------------- */
+
+/*
+ * FUNCTION: pkix_NameConstraintsChecker_Check
+ * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+ */
+static PKIX_Error *
+pkix_NameConstraintsChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions,
+ void **pNBIOContext,
+ void *plContext)
+{
+ pkix_NameConstraintsCheckerState *state = NULL;
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ PKIX_PL_CertNameConstraints *mergedNameConstraints = NULL;
+ PKIX_Boolean selfIssued = PKIX_FALSE;
+ PKIX_Boolean lastCert = PKIX_FALSE;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_NameConstraintsChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ state->certsRemaining--;
+ lastCert = state->certsRemaining == 0;
+
+ /* Get status of self issued */
+ PKIX_CHECK(pkix_IsCertSelfIssued(cert, &selfIssued, plContext),
+ PKIX_ISCERTSELFISSUEDFAILED);
+
+ /* Check on non self-issued and if so only for last cert */
+ if (selfIssued == PKIX_FALSE ||
+ (selfIssued == PKIX_TRUE && lastCert)) {
+ PKIX_CHECK(PKIX_PL_Cert_CheckNameConstraints
+ (cert, state->nameConstraints, lastCert,
+ plContext),
+ PKIX_CERTCHECKNAMECONSTRAINTSFAILED);
+ }
+
+ if (!lastCert) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
+ (cert, &nameConstraints, plContext),
+ PKIX_CERTGETNAMECONSTRAINTSFAILED);
+
+ /* Merge with previous name constraints kept in state */
+
+ if (nameConstraints != NULL) {
+
+ if (state->nameConstraints == NULL) {
+
+ state->nameConstraints = nameConstraints;
+
+ } else {
+
+ PKIX_CHECK(PKIX_PL_Cert_MergeNameConstraints
+ (nameConstraints,
+ state->nameConstraints,
+ &mergedNameConstraints,
+ plContext),
+ PKIX_CERTMERGENAMECONSTRAINTSFAILED);
+
+ PKIX_DECREF(nameConstraints);
+ PKIX_DECREF(state->nameConstraints);
+
+ state->nameConstraints = mergedNameConstraints;
+ }
+
+ /* Remove Name Constraints Extension OID from list */
+ if (unresolvedCriticalExtensions != NULL) {
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticalExtensions,
+ (PKIX_PL_Object *)state->nameConstraintsOID,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+ }
+ }
+ }
+
+ PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
+ (checker, (PKIX_PL_Object *)state, plContext),
+ PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_NameConstraintsChecker_Initialize
+ *
+ * DESCRIPTION:
+ * Create a CertChainChecker with a NameConstraintsCheckerState. The
+ * NameConstraintsCheckerState is created with "trustedNC" and "numCerts"
+ * as its initial state. The CertChainChecker for the NameConstraints is
+ * returned at address of "pChecker".
+ *
+ * PARAMETERS
+ * "trustedNC"
+ * The NameConstraints from trusted anchor Cert is stored at "trustedNC"
+ * for initialization. May be NULL.
+ * "numCerts"
+ * Number of certificates in the validation chain. This data is used
+ * to identify end-entity.
+ * "pChecker"
+ * Address of CertChainChecker to bo created and returned.
+ * Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CERTCHAINCHECKER Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error
+ */
+PKIX_Error *
+pkix_NameConstraintsChecker_Initialize(
+ PKIX_PL_CertNameConstraints *trustedNC,
+ PKIX_UInt32 numCerts,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ pkix_NameConstraintsCheckerState *state = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_NameConstraintsChecker_Initialize");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(pkix_NameConstraintsCheckerState_Create
+ (trustedNC, numCerts, &state, plContext),
+ PKIX_NAMECONSTRAINTSCHECKERSTATECREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_NameConstraintsChecker_Check,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ NULL,
+ (PKIX_PL_Object *) state,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.h
new file mode 100755
index 000000000..ac3de346d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_nameconstraintschecker.h
@@ -0,0 +1,43 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_nameconstraintschecker.h
+ *
+ * Header file for validate Name Constraints Checker function
+ *
+ */
+
+#ifndef _PKIX_NAMECONSTRAINTSCHECKER_H
+#define _PKIX_NAMECONSTRAINTSCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkix_NameConstraintsCheckerState \
+ pkix_NameConstraintsCheckerState;
+
+struct pkix_NameConstraintsCheckerState {
+ PKIX_PL_CertNameConstraints *nameConstraints;
+ PKIX_PL_OID *nameConstraintsOID;
+ PKIX_UInt32 certsRemaining;
+};
+
+PKIX_Error *
+pkix_NameConstraintsChecker_Initialize(
+ PKIX_PL_CertNameConstraints *trustedNC,
+ PKIX_UInt32 numCerts,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+PKIX_Error *
+pkix_NameConstraintsCheckerState_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_NAMECONSTRAINTSCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.c
new file mode 100644
index 000000000..b6fca9a35
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.c
@@ -0,0 +1,419 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_ocspchecker.c
+ *
+ * OcspChecker Object Functions
+ *
+ */
+
+#include "pkix_ocspchecker.h"
+#include "pkix_pl_ocspcertid.h"
+#include "pkix_error.h"
+
+
+/* --Private-Data-and-Types--------------------------------------- */
+
+typedef struct pkix_OcspCheckerStruct {
+ /* RevocationMethod is the super class of OcspChecker. */
+ pkix_RevocationMethod method;
+ PKIX_PL_VerifyCallback certVerifyFcn;
+} pkix_OcspChecker;
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_OcspChecker_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_OcspChecker_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ return NULL;
+}
+
+/*
+ * FUNCTION: pkix_OcspChecker_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_OCSPCHECKER_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_OcspChecker_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry* entry = &systemClasses[PKIX_OCSPCHECKER_TYPE];
+
+ PKIX_ENTER(OCSPCHECKER, "pkix_OcspChecker_RegisterSelf");
+
+ entry->description = "OcspChecker";
+ entry->typeObjectSize = sizeof(pkix_OcspChecker);
+ entry->destructor = pkix_OcspChecker_Destroy;
+
+ PKIX_RETURN(OCSPCHECKER);
+}
+
+
+/*
+ * FUNCTION: pkix_OcspChecker_Create
+ */
+PKIX_Error *
+pkix_OcspChecker_Create(PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ pkix_LocalRevocationCheckFn localRevChecker,
+ pkix_ExternalRevocationCheckFn externalRevChecker,
+ PKIX_PL_VerifyCallback verifyFn,
+ pkix_RevocationMethod **pChecker,
+ void *plContext)
+{
+ pkix_OcspChecker *method = NULL;
+
+ PKIX_ENTER(OCSPCHECKER, "pkix_OcspChecker_Create");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_OCSPCHECKER_TYPE,
+ sizeof (pkix_OcspChecker),
+ (PKIX_PL_Object **)&method,
+ plContext),
+ PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
+
+ pkixErrorResult = pkix_RevocationMethod_Init(
+ (pkix_RevocationMethod*)method, methodType, flags, priority,
+ localRevChecker, externalRevChecker, plContext);
+ if (pkixErrorResult) {
+ goto cleanup;
+ }
+ method->certVerifyFcn = (PKIX_PL_VerifyCallback)verifyFn;
+
+ *pChecker = (pkix_RevocationMethod*)method;
+ method = NULL;
+
+cleanup:
+ PKIX_DECREF(method);
+
+ PKIX_RETURN(OCSPCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_OcspChecker_MapResultCodeToRevStatus
+ */
+PKIX_RevocationStatus
+pkix_OcspChecker_MapResultCodeToRevStatus(SECErrorCodes resultCode)
+{
+ switch (resultCode) {
+ case SEC_ERROR_REVOKED_CERTIFICATE:
+ return PKIX_RevStatus_Revoked;
+ default:
+ return PKIX_RevStatus_NoInfo;
+ }
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_OcspChecker_Check (see comments in pkix_checker.h)
+ */
+
+/*
+ * The OCSPChecker is created in an idle state, and remains in this state until
+ * either (a) the default Responder has been set and enabled, and a Check
+ * request is received with no responder specified, or (b) a Check request is
+ * received with a specified responder. A request message is constructed and
+ * given to the HttpClient. If non-blocking I/O is used the client may return
+ * with WOULDBLOCK, in which case the OCSPChecker returns the WOULDBLOCK
+ * condition to its caller in turn. On a subsequent call the I/O is resumed.
+ * When a response is received it is decoded and the results provided to the
+ * caller.
+ *
+ */
+PKIX_Error *
+pkix_OcspChecker_CheckLocal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean chainVerificationState,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *pReasonCode,
+ void *plContext)
+{
+ PKIX_PL_OcspCertID *cid = NULL;
+ PKIX_Boolean hasFreshStatus = PKIX_FALSE;
+ PKIX_Boolean statusIsGood = PKIX_FALSE;
+ SECErrorCodes resultCode = SEC_ERROR_REVOKED_CERTIFICATE_OCSP;
+ PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
+
+ PKIX_ENTER(OCSPCHECKER, "pkix_OcspChecker_CheckLocal");
+
+ PKIX_CHECK(
+ PKIX_PL_OcspCertID_Create(cert, NULL, &cid,
+ plContext),
+ PKIX_OCSPCERTIDCREATEFAILED);
+ if (!cid) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(
+ PKIX_PL_OcspCertID_GetFreshCacheStatus(cid, date,
+ &hasFreshStatus,
+ &statusIsGood,
+ &resultCode,
+ plContext),
+ PKIX_OCSPCERTIDGETFRESHCACHESTATUSFAILED);
+ if (hasFreshStatus) {
+ if (statusIsGood) {
+ revStatus = PKIX_RevStatus_Success;
+ resultCode = 0;
+ } else {
+ revStatus = pkix_OcspChecker_MapResultCodeToRevStatus(resultCode);
+ }
+ }
+
+cleanup:
+ *pRevStatus = revStatus;
+
+ /* ocsp carries only tree statuses: good, bad, and unknown.
+ * revStatus is used to pass them. reasonCode is always set
+ * to be unknown. */
+ *pReasonCode = crlEntryReasonUnspecified;
+ PKIX_DECREF(cid);
+
+ PKIX_RETURN(OCSPCHECKER);
+}
+
+
+/*
+ * The OCSPChecker is created in an idle state, and remains in this state until
+ * either (a) the default Responder has been set and enabled, and a Check
+ * request is received with no responder specified, or (b) a Check request is
+ * received with a specified responder. A request message is constructed and
+ * given to the HttpClient. When a response is received it is decoded and the
+ * results provided to the caller.
+ *
+ * During the most recent enhancement of this function, it has been found that
+ * it doesn't correctly implement non-blocking I/O.
+ *
+ * The nbioContext is used in two places, for "response-obtaining" and
+ * for "response-verification".
+ *
+ * However, if this function gets called to resume, it always
+ * repeats the "request creation" and "response fetching" steps!
+ * As a result, the earlier operation is never resumed.
+ */
+PKIX_Error *
+pkix_OcspChecker_CheckExternal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *pReasonCode,
+ void **pNBIOContext,
+ void *plContext)
+{
+ SECErrorCodes resultCode = SEC_ERROR_REVOKED_CERTIFICATE_OCSP;
+ PKIX_Boolean uriFound = PKIX_FALSE;
+ PKIX_Boolean passed = PKIX_TRUE;
+ pkix_OcspChecker *checker = NULL;
+ PKIX_PL_OcspCertID *cid = NULL;
+ PKIX_PL_OcspRequest *request = NULL;
+ PKIX_PL_OcspResponse *response = NULL;
+ PKIX_PL_Date *validity = NULL;
+ PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
+ void *nbioContext = NULL;
+ enum { stageGET, stagePOST } currentStage;
+ PRBool retry = PR_FALSE;
+
+ PKIX_ENTER(OCSPCHECKER, "pkix_OcspChecker_CheckExternal");
+
+ PKIX_CHECK(
+ pkix_CheckType((PKIX_PL_Object*)checkerObject,
+ PKIX_OCSPCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTOCSPCHECKER);
+
+ checker = (pkix_OcspChecker *)checkerObject;
+
+ PKIX_CHECK(
+ PKIX_PL_OcspCertID_Create(cert, NULL, &cid,
+ plContext),
+ PKIX_OCSPCERTIDCREATEFAILED);
+
+ /* create request */
+ PKIX_CHECK(
+ pkix_pl_OcspRequest_Create(cert, cid, validity, NULL,
+ methodFlags, &uriFound, &request,
+ plContext),
+ PKIX_OCSPREQUESTCREATEFAILED);
+
+ if (uriFound == PKIX_FALSE) {
+ /* no caching for certs lacking URI */
+ resultCode = 0;
+ goto cleanup;
+ }
+
+ if (methodFlags & CERT_REV_M_FORCE_POST_METHOD_FOR_OCSP) {
+ /* Do not try HTTP GET, only HTTP POST */
+ currentStage = stagePOST;
+ } else {
+ /* Try HTTP GET first, falling back to POST */
+ currentStage = stageGET;
+ }
+
+ do {
+ const char *method;
+ passed = PKIX_TRUE;
+
+ retry = PR_FALSE;
+ if (currentStage == stageGET) {
+ method = "GET";
+ } else {
+ PORT_Assert(currentStage == stagePOST);
+ method = "POST";
+ }
+
+ /* send request and create a response object */
+ PKIX_CHECK_NO_GOTO(
+ pkix_pl_OcspResponse_Create(request, method, NULL,
+ checker->certVerifyFcn,
+ &nbioContext,
+ &response,
+ plContext),
+ PKIX_OCSPRESPONSECREATEFAILED);
+
+ if (pkixErrorResult) {
+ passed = PKIX_FALSE;
+ }
+
+ if (passed && nbioContext != 0) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ if (passed){
+ PKIX_CHECK_NO_GOTO(
+ pkix_pl_OcspResponse_Decode(response, &passed,
+ &resultCode, plContext),
+ PKIX_OCSPRESPONSEDECODEFAILED);
+ if (pkixErrorResult) {
+ passed = PKIX_FALSE;
+ }
+ }
+
+ if (passed){
+ PKIX_CHECK_NO_GOTO(
+ pkix_pl_OcspResponse_GetStatus(response, &passed,
+ &resultCode, plContext),
+ PKIX_OCSPRESPONSEGETSTATUSRETURNEDANERROR);
+ if (pkixErrorResult) {
+ passed = PKIX_FALSE;
+ }
+ }
+
+ if (passed){
+ PKIX_CHECK_NO_GOTO(
+ pkix_pl_OcspResponse_VerifySignature(response, cert,
+ procParams, &passed,
+ &nbioContext, plContext),
+ PKIX_OCSPRESPONSEVERIFYSIGNATUREFAILED);
+ if (pkixErrorResult) {
+ passed = PKIX_FALSE;
+ } else {
+ if (nbioContext != 0) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+ }
+ }
+
+ if (!passed && currentStage == stagePOST) {
+ /* We won't retry a POST failure, so it's final.
+ * Because the following block with its call to
+ * pkix_pl_OcspResponse_GetStatusForCert
+ * will take care of caching good or bad state,
+ * but we only execute that next block if there hasn't
+ * been a failure yet, we must cache the POST
+ * failure now.
+ */
+
+ if (cid && cid->certID) {
+ /* Caching MIGHT consume the cid. */
+ PKIX_Error *err;
+ err = PKIX_PL_OcspCertID_RememberOCSPProcessingFailure(
+ cid, plContext);
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)err, plContext);
+ }
+ }
+ }
+
+ if (passed){
+ PKIX_Boolean allowCachingOfFailures =
+ (currentStage == stagePOST) ? PKIX_TRUE : PKIX_FALSE;
+
+ PKIX_CHECK_NO_GOTO(
+ pkix_pl_OcspResponse_GetStatusForCert(cid, response,
+ allowCachingOfFailures,
+ date,
+ &passed, &resultCode,
+ plContext),
+ PKIX_OCSPRESPONSEGETSTATUSFORCERTFAILED);
+ if (pkixErrorResult) {
+ passed = PKIX_FALSE;
+ } else if (passed == PKIX_FALSE) {
+ revStatus = pkix_OcspChecker_MapResultCodeToRevStatus(resultCode);
+ } else {
+ revStatus = PKIX_RevStatus_Success;
+ }
+ }
+
+ if (currentStage == stageGET && revStatus != PKIX_RevStatus_Success &&
+ revStatus != PKIX_RevStatus_Revoked) {
+ /* we'll retry */
+ PKIX_DECREF(response);
+ retry = PR_TRUE;
+ currentStage = stagePOST;
+ revStatus = PKIX_RevStatus_NoInfo;
+ if (pkixErrorResult) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResult,
+ plContext);
+ pkixErrorResult = NULL;
+ }
+ }
+ } while (retry);
+
+cleanup:
+ if (revStatus == PKIX_RevStatus_NoInfo && (uriFound ||
+ methodFlags & PKIX_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE) &&
+ methodFlags & PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO) {
+ revStatus = PKIX_RevStatus_Revoked;
+ }
+ *pRevStatus = revStatus;
+
+ /* ocsp carries only three statuses: good, bad, and unknown.
+ * revStatus is used to pass them. reasonCode is always set
+ * to be unknown. */
+ *pReasonCode = crlEntryReasonUnspecified;
+
+ PKIX_DECREF(cid);
+ PKIX_DECREF(request);
+ PKIX_DECREF(response);
+
+ PKIX_RETURN(OCSPCHECKER);
+}
+
+
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.h
new file mode 100644
index 000000000..fbec315f9
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_ocspchecker.h
@@ -0,0 +1,67 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_ocspchecker.h
+ *
+ * OcspChecker Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_OCSPCHECKER_H
+#define _PKIX_OCSPCHECKER_H
+
+#include "pkix_tools.h"
+#include "pkix_revocationmethod.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* NOTE: nbio logic removed. Will be replaced later. */
+
+PKIX_Error *
+pkix_OcspChecker_CheckLocal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean chainVerificationState,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *reasonCode,
+ void *plContext);
+
+PKIX_Error *
+pkix_OcspChecker_CheckExternal(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *reasonCode,
+ void **pNBIOContext,
+ void *plContext);
+
+PKIX_Error *
+pkix_OcspChecker_Create(PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ pkix_LocalRevocationCheckFn localRevChecker,
+ pkix_ExternalRevocationCheckFn externalRevChecker,
+ PKIX_PL_VerifyCallback certVerifyFn,
+ pkix_RevocationMethod **pChecker,
+ void *plContext);
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_OcspChecker_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_OCSPCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_policychecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_policychecker.c
new file mode 100755
index 000000000..8e4059654
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_policychecker.c
@@ -0,0 +1,2783 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_policychecker.c
+ *
+ * Functions for Policy Checker
+ *
+ */
+#include "pkix_policychecker.h"
+
+/* --Forward declarations----------------------------------------------- */
+
+static PKIX_Error *
+pkix_PolicyChecker_MakeSingleton(
+ PKIX_PL_Object *listItem,
+ PKIX_Boolean immutability,
+ PKIX_List **pList,
+ void *plContext);
+
+/* --Private-PolicyCheckerState-Functions---------------------------------- */
+
+/*
+ * FUNCTION:pkix_PolicyCheckerState_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyCheckerState_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PolicyCheckerState *checkerState = NULL;
+
+ PKIX_ENTER(CERTPOLICYCHECKERSTATE, "pkix_PolicyCheckerState_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTPOLICYCHECKERSTATE);
+
+ checkerState = (PKIX_PolicyCheckerState *)object;
+
+ PKIX_DECREF(checkerState->certPoliciesExtension);
+ PKIX_DECREF(checkerState->policyMappingsExtension);
+ PKIX_DECREF(checkerState->policyConstraintsExtension);
+ PKIX_DECREF(checkerState->inhibitAnyPolicyExtension);
+ PKIX_DECREF(checkerState->anyPolicyOID);
+ PKIX_DECREF(checkerState->validPolicyTree);
+ PKIX_DECREF(checkerState->userInitialPolicySet);
+ PKIX_DECREF(checkerState->mappedUserInitialPolicySet);
+
+ checkerState->policyQualifiersRejected = PKIX_FALSE;
+ checkerState->explicitPolicy = 0;
+ checkerState->inhibitAnyPolicy = 0;
+ checkerState->policyMapping = 0;
+ checkerState->numCerts = 0;
+ checkerState->certsProcessed = 0;
+ checkerState->certPoliciesCritical = PKIX_FALSE;
+
+ PKIX_DECREF(checkerState->anyPolicyNodeAtBottom);
+ PKIX_DECREF(checkerState->newAnyPolicyNode);
+ PKIX_DECREF(checkerState->mappedPolicyOIDs);
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyCheckerState_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyCheckerState_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pCheckerStateString,
+ void *plContext)
+{
+ PKIX_PolicyCheckerState *state = NULL;
+ PKIX_PL_String *resultString = NULL;
+ PKIX_PL_String *policiesExtOIDString = NULL;
+ PKIX_PL_String *policyMapOIDString = NULL;
+ PKIX_PL_String *policyConstrOIDString = NULL;
+ PKIX_PL_String *inhAnyPolOIDString = NULL;
+ PKIX_PL_String *anyPolicyOIDString = NULL;
+ PKIX_PL_String *validPolicyTreeString = NULL;
+ PKIX_PL_String *userInitialPolicySetString = NULL;
+ PKIX_PL_String *mappedUserPolicySetString = NULL;
+ PKIX_PL_String *mappedPolicyOIDsString = NULL;
+ PKIX_PL_String *anyAtBottomString = NULL;
+ PKIX_PL_String *newAnyPolicyString = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *trueString = NULL;
+ PKIX_PL_String *falseString = NULL;
+ PKIX_PL_String *nullString = NULL;
+ PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE;
+ PKIX_Boolean initialExplicitPolicy = PKIX_FALSE;
+ PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE;
+ PKIX_Boolean initialIsAnyPolicy = PKIX_FALSE;
+ PKIX_Boolean policyQualifiersRejected = PKIX_FALSE;
+ PKIX_Boolean certPoliciesCritical = PKIX_FALSE;
+ char *asciiFormat =
+ "{\n"
+ "\tcertPoliciesExtension: \t%s\n"
+ "\tpolicyMappingsExtension: \t%s\n"
+ "\tpolicyConstraintsExtension:\t%s\n"
+ "\tinhibitAnyPolicyExtension:\t%s\n"
+ "\tanyPolicyOID: \t%s\n"
+ "\tinitialIsAnyPolicy: \t%s\n"
+ "\tvalidPolicyTree: \t%s\n"
+ "\tuserInitialPolicySet: \t%s\n"
+ "\tmappedUserPolicySet: \t%s\n"
+ "\tpolicyQualifiersRejected: \t%s\n"
+ "\tinitialPolMappingInhibit: \t%s\n"
+ "\tinitialExplicitPolicy: \t%s\n"
+ "\tinitialAnyPolicyInhibit: \t%s\n"
+ "\texplicitPolicy: \t%d\n"
+ "\tinhibitAnyPolicy: \t%d\n"
+ "\tpolicyMapping: \t%d\n"
+ "\tnumCerts: \t%d\n"
+ "\tcertsProcessed: \t%d\n"
+ "\tanyPolicyNodeAtBottom: \t%s\n"
+ "\tnewAnyPolicyNode: \t%s\n"
+ "\tcertPoliciesCritical: \t%s\n"
+ "\tmappedPolicyOIDs: \t%s\n"
+ "}";
+
+ PKIX_ENTER(CERTPOLICYCHECKERSTATE, "pkix_PolicyCheckerState_ToString");
+
+ PKIX_NULLCHECK_TWO(object, pCheckerStateString);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYCHECKERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTPOLICYCHECKERSTATE);
+
+ state = (PKIX_PolicyCheckerState *)object;
+ PKIX_NULLCHECK_THREE
+ (state->certPoliciesExtension,
+ state->policyMappingsExtension,
+ state->policyConstraintsExtension);
+ PKIX_NULLCHECK_THREE
+ (state->inhibitAnyPolicyExtension,
+ state->anyPolicyOID,
+ state->userInitialPolicySet);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+ /*
+ * Create TRUE, FALSE, and "NULL" PKIX_PL_Strings. But creating a
+ * PKIX_PL_String is complicated enough, it's worth checking, for
+ * each, to make sure the string is needed.
+ */
+ initialPolicyMappingInhibit = state->initialPolicyMappingInhibit;
+ initialExplicitPolicy = state->initialExplicitPolicy;
+ initialAnyPolicyInhibit = state->initialAnyPolicyInhibit;
+ initialIsAnyPolicy = state->initialIsAnyPolicy;
+ policyQualifiersRejected = state->policyQualifiersRejected;
+ certPoliciesCritical = state->certPoliciesCritical;
+
+ if (initialPolicyMappingInhibit || initialExplicitPolicy ||
+ initialAnyPolicyInhibit || initialIsAnyPolicy ||
+ policyQualifiersRejected || certPoliciesCritical) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "TRUE", 0, &trueString, plContext),
+ PKIX_STRINGCREATEFAILED);
+ }
+ if (!initialPolicyMappingInhibit || !initialExplicitPolicy ||
+ !initialAnyPolicyInhibit || !initialIsAnyPolicy ||
+ !policyQualifiersRejected || !certPoliciesCritical) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "FALSE", 0, &falseString, plContext),
+ PKIX_STRINGCREATEFAILED);
+ }
+ if (!(state->anyPolicyNodeAtBottom) || !(state->newAnyPolicyNode)) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "(null)", 0, &nullString, plContext),
+ PKIX_STRINGCREATEFAILED);
+ }
+
+ PKIX_TOSTRING
+ (state->certPoliciesExtension, &policiesExtOIDString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->policyMappingsExtension,
+ &policyMapOIDString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->policyConstraintsExtension,
+ &policyConstrOIDString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->inhibitAnyPolicyExtension,
+ &inhAnyPolOIDString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(state->anyPolicyOID, &anyPolicyOIDString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(state->validPolicyTree, &validPolicyTreeString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->userInitialPolicySet,
+ &userInitialPolicySetString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->mappedUserInitialPolicySet,
+ &mappedUserPolicySetString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ if (state->anyPolicyNodeAtBottom) {
+ PKIX_CHECK(pkix_SinglePolicyNode_ToString
+ (state->anyPolicyNodeAtBottom,
+ &anyAtBottomString,
+ plContext),
+ PKIX_SINGLEPOLICYNODETOSTRINGFAILED);
+ } else {
+ PKIX_INCREF(nullString);
+ anyAtBottomString = nullString;
+ }
+
+ if (state->newAnyPolicyNode) {
+ PKIX_CHECK(pkix_SinglePolicyNode_ToString
+ (state->newAnyPolicyNode,
+ &newAnyPolicyString,
+ plContext),
+ PKIX_SINGLEPOLICYNODETOSTRINGFAILED);
+ } else {
+ PKIX_INCREF(nullString);
+ newAnyPolicyString = nullString;
+ }
+
+ PKIX_TOSTRING
+ (state->mappedPolicyOIDs,
+ &mappedPolicyOIDsString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ formatString,
+ policiesExtOIDString,
+ policyMapOIDString,
+ policyConstrOIDString,
+ inhAnyPolOIDString,
+ anyPolicyOIDString,
+ initialIsAnyPolicy?trueString:falseString,
+ validPolicyTreeString,
+ userInitialPolicySetString,
+ mappedUserPolicySetString,
+ policyQualifiersRejected?trueString:falseString,
+ initialPolicyMappingInhibit?trueString:falseString,
+ initialExplicitPolicy?trueString:falseString,
+ initialAnyPolicyInhibit?trueString:falseString,
+ state->explicitPolicy,
+ state->inhibitAnyPolicy,
+ state->policyMapping,
+ state->numCerts,
+ state->certsProcessed,
+ anyAtBottomString,
+ newAnyPolicyString,
+ certPoliciesCritical?trueString:falseString,
+ mappedPolicyOIDsString),
+ PKIX_SPRINTFFAILED);
+
+ *pCheckerStateString = resultString;
+
+cleanup:
+ PKIX_DECREF(policiesExtOIDString);
+ PKIX_DECREF(policyMapOIDString);
+ PKIX_DECREF(policyConstrOIDString);
+ PKIX_DECREF(inhAnyPolOIDString);
+ PKIX_DECREF(anyPolicyOIDString);
+ PKIX_DECREF(validPolicyTreeString);
+ PKIX_DECREF(userInitialPolicySetString);
+ PKIX_DECREF(mappedUserPolicySetString);
+ PKIX_DECREF(anyAtBottomString);
+ PKIX_DECREF(newAnyPolicyString);
+ PKIX_DECREF(mappedPolicyOIDsString);
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(trueString);
+ PKIX_DECREF(falseString);
+ PKIX_DECREF(nullString);
+
+ PKIX_RETURN(CERTPOLICYCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyCheckerState_RegisterSelf
+ * DESCRIPTION:
+ *
+ * Registers PKIX_POLICYCHECKERSTATE_TYPE and its related functions
+ * with systemClasses[]
+ *
+ * PARAMETERS:
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_PolicyCheckerState_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER
+ (CERTPOLICYCHECKERSTATE,
+ "pkix_PolicyCheckerState_RegisterSelf");
+
+ entry.description = "PolicyCheckerState";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PolicyCheckerState);
+ entry.destructor = pkix_PolicyCheckerState_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = pkix_PolicyCheckerState_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_CERTPOLICYCHECKERSTATE_TYPE] = entry;
+
+ PKIX_RETURN(CERTPOLICYCHECKERSTATE);
+}
+
+/*
+ * FUNCTION:pkix_PolicyCheckerState_Create
+ * DESCRIPTION:
+ *
+ * Creates a PolicyCheckerState Object, using the List pointed to
+ * by "initialPolicies" for the user-initial-policy-set, the Boolean value
+ * of "policyQualifiersRejected" for the policyQualifiersRejected parameter,
+ * the Boolean value of "initialPolicyMappingInhibit" for the
+ * inhibitPolicyMappings parameter, the Boolean value of
+ * "initialExplicitPolicy" for the initialExplicitPolicy parameter, the
+ * Boolean value of "initialAnyPolicyInhibit" for the inhibitAnyPolicy
+ * parameter, and the UInt32 value of "numCerts" as the number of
+ * certificates in the chain; and stores the Object at "pCheckerState".
+ *
+ * PARAMETERS:
+ * "initialPolicies"
+ * Address of List of OIDs comprising the user-initial-policy-set; the List
+ * may be empty, but must be non-NULL
+ * "policyQualifiersRejected"
+ * Boolean value of the policyQualifiersRejected parameter
+ * "initialPolicyMappingInhibit"
+ * Boolean value of the inhibitPolicyMappings parameter
+ * "initialExplicitPolicy"
+ * Boolean value of the initialExplicitPolicy parameter
+ * "initialAnyPolicyInhibit"
+ * Boolean value of the inhibitAnyPolicy parameter
+ * "numCerts"
+ * Number of certificates in the chain to be validated
+ * "pCheckerState"
+ * Address where PolicyCheckerState will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertPolicyCheckerState Error if the functions fails in a
+ * non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyCheckerState_Create(
+ PKIX_List *initialPolicies,
+ PKIX_Boolean policyQualifiersRejected,
+ PKIX_Boolean initialPolicyMappingInhibit,
+ PKIX_Boolean initialExplicitPolicy,
+ PKIX_Boolean initialAnyPolicyInhibit,
+ PKIX_UInt32 numCerts,
+ PKIX_PolicyCheckerState **pCheckerState,
+ void *plContext)
+{
+ PKIX_PolicyCheckerState *checkerState = NULL;
+ PKIX_PolicyNode *policyNode = NULL;
+ PKIX_List *anyPolicyList = NULL;
+ PKIX_Boolean initialPoliciesIsEmpty = PKIX_FALSE;
+
+ PKIX_ENTER(CERTPOLICYCHECKERSTATE, "pkix_PolicyCheckerState_Create");
+ PKIX_NULLCHECK_TWO(initialPolicies, pCheckerState);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTPOLICYCHECKERSTATE_TYPE,
+ sizeof (PKIX_PolicyCheckerState),
+ (PKIX_PL_Object **)&checkerState,
+ plContext),
+ PKIX_COULDNOTCREATEPOLICYCHECKERSTATEOBJECT);
+
+ /* Create constant PKIX_PL_OIDs: */
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_CERTIFICATEPOLICIES_OID,
+ &(checkerState->certPoliciesExtension),
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_POLICYMAPPINGS_OID,
+ &(checkerState->policyMappingsExtension),
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_POLICYCONSTRAINTS_OID,
+ &(checkerState->policyConstraintsExtension),
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_INHIBITANYPOLICY_OID,
+ &(checkerState->inhibitAnyPolicyExtension),
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID,
+ &(checkerState->anyPolicyOID),
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* Create an initial policy set from argument supplied */
+ PKIX_INCREF(initialPolicies);
+ checkerState->userInitialPolicySet = initialPolicies;
+ PKIX_INCREF(initialPolicies);
+ checkerState->mappedUserInitialPolicySet = initialPolicies;
+
+ PKIX_CHECK(PKIX_List_IsEmpty
+ (initialPolicies,
+ &initialPoliciesIsEmpty,
+ plContext),
+ PKIX_LISTISEMPTYFAILED);
+ if (initialPoliciesIsEmpty) {
+ checkerState->initialIsAnyPolicy = PKIX_TRUE;
+ } else {
+ PKIX_CHECK(pkix_List_Contains
+ (initialPolicies,
+ (PKIX_PL_Object *)(checkerState->anyPolicyOID),
+ &(checkerState->initialIsAnyPolicy),
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+ }
+
+ checkerState->policyQualifiersRejected =
+ policyQualifiersRejected;
+ checkerState->initialExplicitPolicy = initialExplicitPolicy;
+ checkerState->explicitPolicy =
+ (initialExplicitPolicy? 0: numCerts + 1);
+ checkerState->initialAnyPolicyInhibit = initialAnyPolicyInhibit;
+ checkerState->inhibitAnyPolicy =
+ (initialAnyPolicyInhibit? 0: numCerts + 1);
+ checkerState->initialPolicyMappingInhibit = initialPolicyMappingInhibit;
+ checkerState->policyMapping =
+ (initialPolicyMappingInhibit? 0: numCerts + 1);
+ ;
+ checkerState->numCerts = numCerts;
+ checkerState->certsProcessed = 0;
+ checkerState->certPoliciesCritical = PKIX_FALSE;
+
+ /* Create a valid_policy_tree as in RFC3280 6.1.2(a) */
+ PKIX_CHECK(pkix_PolicyChecker_MakeSingleton
+ ((PKIX_PL_Object *)(checkerState->anyPolicyOID),
+ PKIX_TRUE,
+ &anyPolicyList,
+ plContext),
+ PKIX_POLICYCHECKERMAKESINGLETONFAILED);
+
+ PKIX_CHECK(pkix_PolicyNode_Create
+ (checkerState->anyPolicyOID, /* validPolicy */
+ NULL, /* qualifier set */
+ PKIX_FALSE, /* criticality */
+ anyPolicyList, /* expectedPolicySet */
+ &policyNode,
+ plContext),
+ PKIX_POLICYNODECREATEFAILED);
+ checkerState->validPolicyTree = policyNode;
+
+ /*
+ * Since the initial validPolicyTree specifies
+ * ANY_POLICY, begin with a pointer to the root node.
+ */
+ PKIX_INCREF(policyNode);
+ checkerState->anyPolicyNodeAtBottom = policyNode;
+
+ checkerState->newAnyPolicyNode = NULL;
+
+ checkerState->mappedPolicyOIDs = NULL;
+
+ *pCheckerState = checkerState;
+ checkerState = NULL;
+
+cleanup:
+
+ PKIX_DECREF(checkerState);
+
+ PKIX_DECREF(anyPolicyList);
+
+ PKIX_RETURN(CERTPOLICYCHECKERSTATE);
+}
+
+/* --Private-PolicyChecker-Functions--------------------------------------- */
+
+/*
+ * FUNCTION: pkix_PolicyChecker_MapContains
+ * DESCRIPTION:
+ *
+ * Checks the List of CertPolicyMaps pointed to by "certPolicyMaps", to
+ * determine whether the OID pointed to by "policy" is among the
+ * issuerDomainPolicies or subjectDomainPolicies of "certPolicyMaps", and
+ * stores the result in "pFound".
+ *
+ * This function is intended to allow an efficient check that the proscription
+ * against anyPolicy being mapped, described in RFC3280 Section 6.1.4(a), is
+ * not violated.
+ *
+ * PARAMETERS:
+ * "certPolicyMaps"
+ * Address of List of CertPolicyMaps to be searched. May be empty, but
+ * must be non-NULL
+ * "policy"
+ * Address of OID to be checked for. Must be non-NULL
+ * "pFound"
+ * Address where the result of the search will be stored. Must be non-NULL.
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_PolicyChecker_MapContains(
+ PKIX_List *certPolicyMaps,
+ PKIX_PL_OID *policy,
+ PKIX_Boolean *pFound,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *map = NULL;
+ PKIX_UInt32 numEntries = 0;
+ PKIX_UInt32 index = 0;
+ PKIX_Boolean match = PKIX_FALSE;
+ PKIX_PL_OID *issuerDomainPolicy = NULL;
+ PKIX_PL_OID *subjectDomainPolicy = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_MapContains");
+ PKIX_NULLCHECK_THREE(certPolicyMaps, policy, pFound);
+
+ PKIX_CHECK(PKIX_List_GetLength(certPolicyMaps, &numEntries, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (index = 0; (!match) && (index < numEntries); index++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (certPolicyMaps, index, (PKIX_PL_Object **)&map, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_NULLCHECK_ONE(map);
+
+ PKIX_CHECK(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy
+ (map, &issuerDomainPolicy, plContext),
+ PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED);
+
+ PKIX_EQUALS
+ (policy, issuerDomainPolicy, &match, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!match) {
+ PKIX_CHECK(PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy
+ (map, &subjectDomainPolicy, plContext),
+ PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED);
+
+ PKIX_EQUALS
+ (policy, subjectDomainPolicy, &match, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+ }
+
+ PKIX_DECREF(map);
+ PKIX_DECREF(issuerDomainPolicy);
+ PKIX_DECREF(subjectDomainPolicy);
+ }
+
+ *pFound = match;
+
+cleanup:
+
+ PKIX_DECREF(map);
+ PKIX_DECREF(issuerDomainPolicy);
+ PKIX_DECREF(subjectDomainPolicy);
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_MapGetSubjectDomainPolicies
+ * DESCRIPTION:
+ *
+ * Checks the List of CertPolicyMaps pointed to by "certPolicyMaps", to create
+ * a list of all SubjectDomainPolicies for which the IssuerDomainPolicy is the
+ * policy pointed to by "policy", and stores the result in
+ * "pSubjectDomainPolicies".
+ *
+ * If the List of CertPolicyMaps provided in "certPolicyMaps" is NULL, the
+ * resulting List will be NULL. If there are CertPolicyMaps, but none that
+ * include "policy" as an IssuerDomainPolicy, the returned List pointer will
+ * be NULL. Otherwise, the returned List will contain the SubjectDomainPolicies
+ * of all CertPolicyMaps for which "policy" is the IssuerDomainPolicy. If a
+ * List is returned it will be immutable.
+ *
+ * PARAMETERS:
+ * "certPolicyMaps"
+ * Address of List of CertPolicyMaps to be searched. May be empty or NULL.
+ * "policy"
+ * Address of OID to be checked for. Must be non-NULL
+ * "pSubjectDomainPolicies"
+ * Address where the result of the search will be stored. Must be non-NULL.
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_PolicyChecker_MapGetSubjectDomainPolicies(
+ PKIX_List *certPolicyMaps,
+ PKIX_PL_OID *policy,
+ PKIX_List **pSubjectDomainPolicies,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *map = NULL;
+ PKIX_List *subjectList = NULL;
+ PKIX_UInt32 numEntries = 0;
+ PKIX_UInt32 index = 0;
+ PKIX_Boolean match = PKIX_FALSE;
+ PKIX_PL_OID *issuerDomainPolicy = NULL;
+ PKIX_PL_OID *subjectDomainPolicy = NULL;
+
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "pkix_PolicyChecker_MapGetSubjectDomainPolicies");
+ PKIX_NULLCHECK_TWO(policy, pSubjectDomainPolicies);
+
+ if (certPolicyMaps) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (certPolicyMaps,
+ &numEntries,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ for (index = 0; index < numEntries; index++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (certPolicyMaps, index, (PKIX_PL_Object **)&map, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_NULLCHECK_ONE(map);
+
+ PKIX_CHECK(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy
+ (map, &issuerDomainPolicy, plContext),
+ PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED);
+
+ PKIX_EQUALS
+ (policy, issuerDomainPolicy, &match, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (match) {
+ if (!subjectList) {
+ PKIX_CHECK(PKIX_List_Create(&subjectList, plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy
+ (map, &subjectDomainPolicy, plContext),
+ PKIX_CERTPOLICYMAPGETSUBJECTDOMAINPOLICYFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (subjectList,
+ (PKIX_PL_Object *)subjectDomainPolicy,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ PKIX_DECREF(map);
+ PKIX_DECREF(issuerDomainPolicy);
+ PKIX_DECREF(subjectDomainPolicy);
+ }
+
+ if (subjectList) {
+ PKIX_CHECK(PKIX_List_SetImmutable(subjectList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+ }
+
+ *pSubjectDomainPolicies = subjectList;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(subjectList);
+ }
+
+ PKIX_DECREF(map);
+ PKIX_DECREF(issuerDomainPolicy);
+ PKIX_DECREF(subjectDomainPolicy);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_MapGetMappedPolicies
+ * DESCRIPTION:
+ *
+ * Checks the List of CertPolicyMaps pointed to by "certPolicyMaps" to create a
+ * List of all IssuerDomainPolicies, and stores the result in
+ * "pMappedPolicies".
+ *
+ * The caller may not rely on the IssuerDomainPolicies to be in any particular
+ * order. IssuerDomainPolicies that appear in more than one CertPolicyMap will
+ * only appear once in "pMappedPolicies". If "certPolicyMaps" is empty the
+ * result will be an empty List. The created List is mutable.
+ *
+ * PARAMETERS:
+ * "certPolicyMaps"
+ * Address of List of CertPolicyMaps to be searched. May be empty, but
+ * must be non-NULL.
+ * "pMappedPolicies"
+ * Address where the result will be stored. Must be non-NULL.
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_PolicyChecker_MapGetMappedPolicies(
+ PKIX_List *certPolicyMaps,
+ PKIX_List **pMappedPolicies,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *map = NULL;
+ PKIX_List *mappedList = NULL;
+ PKIX_UInt32 numEntries = 0;
+ PKIX_UInt32 index = 0;
+ PKIX_Boolean isContained = PKIX_FALSE;
+ PKIX_PL_OID *issuerDomainPolicy = NULL;
+
+ PKIX_ENTER
+ (CERTCHAINCHECKER, "pkix_PolicyChecker_MapGetMappedPolicies");
+ PKIX_NULLCHECK_TWO(certPolicyMaps, pMappedPolicies);
+
+ PKIX_CHECK(PKIX_List_Create(&mappedList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(certPolicyMaps, &numEntries, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (index = 0; index < numEntries; index++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (certPolicyMaps, index, (PKIX_PL_Object **)&map, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_NULLCHECK_ONE(map);
+
+ PKIX_CHECK(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy
+ (map, &issuerDomainPolicy, plContext),
+ PKIX_CERTPOLICYMAPGETISSUERDOMAINPOLICYFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (mappedList,
+ (PKIX_PL_Object *)issuerDomainPolicy,
+ &isContained,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ if (isContained == PKIX_FALSE) {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (mappedList,
+ (PKIX_PL_Object *)issuerDomainPolicy,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ PKIX_DECREF(map);
+ PKIX_DECREF(issuerDomainPolicy);
+ }
+
+ *pMappedPolicies = mappedList;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(mappedList);
+ }
+
+ PKIX_DECREF(map);
+ PKIX_DECREF(issuerDomainPolicy);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_MakeMutableCopy
+ * DESCRIPTION:
+ *
+ * Creates a mutable copy of the List pointed to by "list", which may or may
+ * not be immutable, and stores the address at "pMutableCopy".
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List to be copied. Must be non-NULL.
+ * "pMutableCopy"
+ * Address where mutable copy will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_MakeMutableCopy(
+ PKIX_List *list,
+ PKIX_List **pMutableCopy,
+ void *plContext)
+{
+ PKIX_List *newList = NULL;
+ PKIX_UInt32 listLen = 0;
+ PKIX_UInt32 listIx = 0;
+ PKIX_PL_Object *object = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_MakeMutableCopy");
+ PKIX_NULLCHECK_TWO(list, pMutableCopy);
+
+ PKIX_CHECK(PKIX_List_Create(&newList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(list, &listLen, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (listIx = 0; listIx < listLen; listIx++) {
+
+ PKIX_CHECK(PKIX_List_GetItem(list, listIx, &object, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem(newList, object, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(object);
+ }
+
+ *pMutableCopy = newList;
+ newList = NULL;
+
+cleanup:
+ PKIX_DECREF(newList);
+ PKIX_DECREF(object);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_MakeSingleton
+ * DESCRIPTION:
+ *
+ * Creates a new List containing the Object pointed to by "listItem", using
+ * the Boolean value of "immutability" to determine whether to set the List
+ * immutable, and stores the address at "pList".
+ *
+ * PARAMETERS:
+ * "listItem"
+ * Address of Object to be inserted into the new List. Must be non-NULL.
+ * "immutability"
+ * Boolean value indicating whether new List is to be immutable
+ * "pList"
+ * Address where List will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_MakeSingleton(
+ PKIX_PL_Object *listItem,
+ PKIX_Boolean immutability,
+ PKIX_List **pList,
+ void *plContext)
+{
+ PKIX_List *newList = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_MakeSingleton");
+ PKIX_NULLCHECK_TWO(listItem, pList);
+
+ PKIX_CHECK(PKIX_List_Create(&newList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (newList, (PKIX_PL_Object *)listItem, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ if (immutability) {
+ PKIX_CHECK(PKIX_List_SetImmutable(newList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+ }
+
+ *pList = newList;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(newList);
+ }
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_Spawn
+ * DESCRIPTION:
+ *
+ * Creates a new childNode for the parent pointed to by "parent", using
+ * the OID pointed to by "policyOID", the List of CertPolicyQualifiers
+ * pointed to by "qualifiers", the List of OIDs pointed to by
+ * "subjectDomainPolicies", and the PolicyCheckerState pointed to by
+ * "state". The new node will be added to "parent".
+ *
+ * The validPolicy of the new node is set from the OID pointed to by
+ * "policyOID". The policy qualifiers for the new node is set from the
+ * List of qualifiers pointed to by "qualifiers", and may be NULL or
+ * empty if the argument provided was NULL or empty. The criticality is
+ * set according to the criticality obtained from the PolicyCheckerState.
+ * If "subjectDomainPolicies" is NULL, the expectedPolicySet of the
+ * child is set to contain the same policy as the validPolicy. If
+ * "subjectDomainPolicies" is not NULL, it is used as the value for
+ * the expectedPolicySet.
+ *
+ * The PolicyCheckerState also contains a constant, anyPolicy, which is
+ * compared to "policyOID". If they match, the address of the childNode
+ * is saved in the state's newAnyPolicyNode.
+ *
+ * PARAMETERS:
+ * "parent"
+ * Address of PolicyNode to which the child will be linked. Must be
+ * non-NULL.
+ * "policyOID"
+ * Address of OID of the new child's validPolicy and also, if
+ * subjectDomainPolicies is NULL, of the new child's expectedPolicySet.
+ * Must be non-NULL.
+ * "qualifiers"
+ * Address of List of CertPolicyQualifiers. May be NULL or empty.
+ * "subjectDomainPolicies"
+ * Address of List of OIDs indicating the policies to which "policy" is
+ * mapped. May be empty or NULL.
+ * "state"
+ * Address of the current PKIX_PolicyCheckerState. Must be non-NULL..
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_Spawn(
+ PKIX_PolicyNode *parent,
+ PKIX_PL_OID *policyOID,
+ PKIX_List *qualifiers, /* CertPolicyQualifiers */
+ PKIX_List *subjectDomainPolicies,
+ PKIX_PolicyCheckerState *state,
+ void *plContext)
+{
+ PKIX_List *expectedSet = NULL; /* OIDs */
+ PKIX_PolicyNode *childNode = NULL;
+ PKIX_Boolean match = PKIX_FALSE;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_Spawn");
+ PKIX_NULLCHECK_THREE(policyOID, parent, state);
+
+ if (subjectDomainPolicies) {
+
+ PKIX_INCREF(subjectDomainPolicies);
+ expectedSet = subjectDomainPolicies;
+
+ } else {
+ /* Create the child's ExpectedPolicy Set */
+ PKIX_CHECK(pkix_PolicyChecker_MakeSingleton
+ ((PKIX_PL_Object *)policyOID,
+ PKIX_TRUE, /* make expectedPolicySet immutable */
+ &expectedSet,
+ plContext),
+ PKIX_POLICYCHECKERMAKESINGLETONFAILED);
+ }
+
+ PKIX_CHECK(pkix_PolicyNode_Create
+ (policyOID,
+ qualifiers,
+ state->certPoliciesCritical,
+ expectedSet,
+ &childNode,
+ plContext),
+ PKIX_POLICYNODECREATEFAILED);
+
+ /*
+ * If we had a non-empty mapping, we know the new node could not
+ * have been created with a validPolicy of anyPolicy. Otherwise,
+ * check whether we just created a new node with anyPolicy, because
+ * in that case we want to save the child pointer in newAnyPolicyNode.
+ */
+ if (!subjectDomainPolicies) {
+ PKIX_EQUALS(policyOID, state->anyPolicyOID, &match, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (match) {
+ PKIX_DECREF(state->newAnyPolicyNode);
+ PKIX_INCREF(childNode);
+ state->newAnyPolicyNode = childNode;
+ }
+ }
+
+ PKIX_CHECK(pkix_PolicyNode_AddToParent(parent, childNode, plContext),
+ PKIX_POLICYNODEADDTOPARENTFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+ PKIX_DECREF(childNode);
+ PKIX_DECREF(expectedSet);
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_CheckPolicyRecursive
+ * DESCRIPTION:
+ *
+ * Performs policy processing for the policy whose OID is pointed to by
+ * "policyOID" and whose List of CertPolicyQualifiers is pointed to by
+ * "policyQualifiers", using the List of policy OIDs pointed to by
+ * "subjectDomainPolicies" and the PolicyNode pointed to by "currentNode",
+ * in accordance with the current PolicyCheckerState pointed to by "state",
+ * and setting "pChildNodeCreated" to TRUE if a new childNode is created.
+ * Note: "pChildNodeCreated" is not set to FALSE if no childNode is created.
+ * The intent of the design is that the caller can set a variable to FALSE
+ * initially, prior to a recursive set of calls. At the end, the variable
+ * can be tested to see whether *any* of the calls created a child node.
+ *
+ * If the currentNode is not at the bottom of the tree, this function
+ * calls itself recursively for each child of currentNode. At the bottom of
+ * the tree, it creates new child nodes as appropriate. This function will
+ * never be called with policy = anyPolicy.
+ *
+ * This function implements the processing described in RFC3280
+ * Section 6.1.3(d)(1)(i).
+ *
+ * PARAMETERS:
+ * "policyOID"
+ * Address of OID of the policy to be checked for. Must be non-NULL.
+ * "policyQualifiers"
+ * Address of List of CertPolicyQualifiers of the policy to be checked for.
+ * May be empty or NULL.
+ * "subjectDomainPolicies"
+ * Address of List of OIDs indicating the policies to which "policy" is
+ * mapped. May be empty or NULL.
+ * "currentNode"
+ * Address of PolicyNode whose descendants will be checked, if not at the
+ * bottom of the tree; or whose expectedPolicySet will be compared to
+ * "policy", if at the bottom. Must be non-NULL.
+ * "state"
+ * Address of PolicyCheckerState of the current PolicyChecker. Must be
+ * non-NULL.
+ * "pChildNodeCreated"
+ * Address of the Boolean that will be set TRUE if this function
+ * creates a child node. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_CheckPolicyRecursive(
+ PKIX_PL_OID *policyOID,
+ PKIX_List *policyQualifiers,
+ PKIX_List *subjectDomainPolicies,
+ PKIX_PolicyNode *currentNode,
+ PKIX_PolicyCheckerState *state,
+ PKIX_Boolean *pChildNodeCreated,
+ void *plContext)
+{
+ PKIX_UInt32 depth = 0;
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 childIx = 0;
+ PKIX_Boolean isIncluded = PKIX_FALSE;
+ PKIX_List *children = NULL; /* PolicyNodes */
+ PKIX_PolicyNode *childNode = NULL;
+ PKIX_List *expectedPolicies = NULL; /* OIDs */
+
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "pkix_PolicyChecker_CheckPolicyRecursive");
+ PKIX_NULLCHECK_FOUR(policyOID, currentNode, state, pChildNodeCreated);
+
+ /* if not at the bottom of the tree */
+ PKIX_CHECK(PKIX_PolicyNode_GetDepth
+ (currentNode, &depth, plContext),
+ PKIX_POLICYNODEGETDEPTHFAILED);
+
+ if (depth < (state->certsProcessed)) {
+ PKIX_CHECK(pkix_PolicyNode_GetChildrenMutable
+ (currentNode, &children, plContext),
+ PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED);
+
+ if (children) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ for (childIx = 0; childIx < numChildren; childIx++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (children,
+ childIx,
+ (PKIX_PL_Object **)&childNode,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_CheckPolicyRecursive
+ (policyOID,
+ policyQualifiers,
+ subjectDomainPolicies,
+ childNode,
+ state,
+ pChildNodeCreated,
+ plContext),
+ PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED);
+
+ PKIX_DECREF(childNode);
+ }
+ } else { /* if at the bottom of the tree */
+
+ /* Check whether policy is in this node's expectedPolicySet */
+ PKIX_CHECK(PKIX_PolicyNode_GetExpectedPolicies
+ (currentNode, &expectedPolicies, plContext),
+ PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED);
+
+ PKIX_NULLCHECK_ONE(expectedPolicies);
+
+ PKIX_CHECK(pkix_List_Contains
+ (expectedPolicies,
+ (PKIX_PL_Object *)policyOID,
+ &isIncluded,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ if (isIncluded) {
+ PKIX_CHECK(pkix_PolicyChecker_Spawn
+ (currentNode,
+ policyOID,
+ policyQualifiers,
+ subjectDomainPolicies,
+ state,
+ plContext),
+ PKIX_POLICYCHECKERSPAWNFAILED);
+
+ *pChildNodeCreated = PKIX_TRUE;
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(children);
+ PKIX_DECREF(childNode);
+ PKIX_DECREF(expectedPolicies);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_CheckPolicy
+ * DESCRIPTION:
+ *
+ * Performs the non-recursive portion of the policy processing for the policy
+ * whose OID is pointed to by "policyOID" and whose List of
+ * CertPolicyQualifiers is pointed to by "policyQualifiers", for the
+ * Certificate pointed to by "cert" with the List of CertPolicyMaps pointed
+ * to by "maps", in accordance with the current PolicyCheckerState pointed
+ * to by "state".
+ *
+ * This function implements the processing described in RFC3280
+ * Section 6.1.3(d)(1)(i).
+ *
+ * PARAMETERS:
+ * "policyOID"
+ * Address of OID of the policy to be checked for. Must be non-NULL.
+ * "policyQualifiers"
+ * Address of List of CertPolicyQualifiers of the policy to be checked for.
+ * May be empty or NULL.
+ * "cert"
+ * Address of the current certificate. Must be non-NULL.
+ * "maps"
+ * Address of List of CertPolicyMaps for the current certificate
+ * "state"
+ * Address of PolicyCheckerState of the current PolicyChecker. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_CheckPolicy(
+ PKIX_PL_OID *policyOID,
+ PKIX_List *policyQualifiers,
+ PKIX_PL_Cert *cert,
+ PKIX_List *maps,
+ PKIX_PolicyCheckerState *state,
+ void *plContext)
+{
+ PKIX_Boolean childNodeCreated = PKIX_FALSE;
+ PKIX_Boolean okToSpawn = PKIX_FALSE;
+ PKIX_Boolean found = PKIX_FALSE;
+ PKIX_List *subjectDomainPolicies = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_CheckPolicy");
+ PKIX_NULLCHECK_THREE(policyOID, cert, state);
+
+ /*
+ * If this is not the last certificate, get the set of
+ * subjectDomainPolicies that "policy" maps to, according to the
+ * current cert's policy mapping extension. That set will be NULL
+ * if the current cert does not have a policy mapping extension,
+ * or if the current policy is not mapped.
+ */
+ if (state->certsProcessed != (state->numCerts - 1)) {
+ PKIX_CHECK(pkix_PolicyChecker_MapGetSubjectDomainPolicies
+ (maps, policyOID, &subjectDomainPolicies, plContext),
+ PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED);
+ }
+
+ /*
+ * Section 6.1.4(b)(2) tells us that if policyMapping is zero, we
+ * will have to delete any nodes created with validPolicies equal to
+ * policies that appear as issuerDomainPolicies in a policy mapping
+ * extension. Let's avoid creating any such nodes.
+ */
+ if ((state->policyMapping) == 0) {
+ if (subjectDomainPolicies) {
+ goto cleanup;
+ }
+ }
+
+ PKIX_CHECK(pkix_PolicyChecker_CheckPolicyRecursive
+ (policyOID,
+ policyQualifiers,
+ subjectDomainPolicies,
+ state->validPolicyTree,
+ state,
+ &childNodeCreated,
+ plContext),
+ PKIX_POLICYCHECKERCHECKPOLICYRECURSIVEFAILED);
+
+ if (!childNodeCreated) {
+ /*
+ * Section 6.1.3(d)(1)(ii)
+ * There was no match. If there was a node at
+ * depth i-1 with valid policy anyPolicy,
+ * generate a node subordinate to that.
+ *
+ * But that means this created node would be in
+ * the valid-policy-node-set, and will be
+ * pruned in 6.1.5(g)(iii)(2) unless it is in
+ * the user-initial-policy-set or the user-
+ * initial-policy-set is {anyPolicy}. So check,
+ * and don't create it if it will be pruned.
+ */
+ if (state->anyPolicyNodeAtBottom) {
+ if (state->initialIsAnyPolicy) {
+ okToSpawn = PKIX_TRUE;
+ } else {
+ PKIX_CHECK(pkix_List_Contains
+ (state->mappedUserInitialPolicySet,
+ (PKIX_PL_Object *)policyOID,
+ &okToSpawn,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+ }
+ if (okToSpawn) {
+ PKIX_CHECK(pkix_PolicyChecker_Spawn
+ (state->anyPolicyNodeAtBottom,
+ policyOID,
+ policyQualifiers,
+ subjectDomainPolicies,
+ state,
+ plContext),
+ PKIX_POLICYCHECKERSPAWNFAILED);
+ childNodeCreated = PKIX_TRUE;
+ }
+ }
+ }
+
+ if (childNodeCreated) {
+ /*
+ * If this policy had qualifiers, and the certificate policies
+ * extension was marked critical, and the user cannot deal with
+ * policy qualifiers, throw an error.
+ */
+ if (policyQualifiers &&
+ state->certPoliciesCritical &&
+ state->policyQualifiersRejected) {
+ PKIX_ERROR
+ (PKIX_QUALIFIERSINCRITICALCERTIFICATEPOLICYEXTENSION);
+ }
+ /*
+ * If the policy we just propagated was in the list of mapped
+ * policies, remove it from the list. That list is used, at the
+ * end, to determine policies that have not been propagated.
+ */
+ if (state->mappedPolicyOIDs) {
+ PKIX_CHECK(pkix_List_Contains
+ (state->mappedPolicyOIDs,
+ (PKIX_PL_Object *)policyOID,
+ &found,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+ if (found) {
+ PKIX_CHECK(pkix_List_Remove
+ (state->mappedPolicyOIDs,
+ (PKIX_PL_Object *)policyOID,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(subjectDomainPolicies);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_CheckAny
+ * DESCRIPTION:
+ * Performs the creation of PolicyNodes, for the PolicyNode pointed to by
+ * "currentNode" and PolicyNodes subordinate to it, using the List of
+ * qualifiers pointed to by "qualsOfAny", in accordance with the current
+ * certificate's PolicyMaps pointed to by "policyMaps" and the current
+ * PolicyCheckerState pointed to by "state".
+ *
+ * If the currentNode is not just above the bottom of the validPolicyTree, this
+ * function calls itself recursively for each child of currentNode. At the
+ * level just above the bottom, for each policy in the currentNode's
+ * expectedPolicySet not already present in a child node, it creates a new
+ * child node. The validPolicy of the child created, and its expectedPolicySet,
+ * will be the policy from the currentNode's expectedPolicySet. The policy
+ * qualifiers will be the qualifiers from the current certificate's anyPolicy,
+ * the "qualsOfAny" parameter. If the currentNode's expectedSet includes
+ * anyPolicy, a childNode will be created with a policy of anyPolicy. This is
+ * the only way such a node can be created.
+ *
+ * This function is called only when anyPolicy is one of the current
+ * certificate's policies. This function implements the processing described
+ * in RFC3280 Section 6.1.3(d)(2).
+ *
+ * PARAMETERS:
+ * "currentNode"
+ * Address of PolicyNode whose descendants will be checked, if not at the
+ * bottom of the tree; or whose expectedPolicySet will be compared to those
+ * in "alreadyPresent", if at the bottom. Must be non-NULL.
+ * "qualsOfAny"
+ * Address of List of qualifiers of the anyPolicy in the current
+ * certificate. May be empty or NULL.
+ * "policyMaps"
+ * Address of the List of PolicyMaps of the current certificate. May be
+ * empty or NULL.
+ * "state"
+ * Address of the current state of the PKIX_PolicyChecker.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_CheckAny(
+ PKIX_PolicyNode *currentNode,
+ PKIX_List *qualsOfAny, /* CertPolicyQualifiers */
+ PKIX_List *policyMaps, /* CertPolicyMaps */
+ PKIX_PolicyCheckerState *state,
+ void *plContext)
+{
+ PKIX_UInt32 depth = 0;
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 childIx = 0;
+ PKIX_UInt32 numPolicies = 0;
+ PKIX_UInt32 polx = 0;
+ PKIX_Boolean isIncluded = PKIX_FALSE;
+ PKIX_List *children = NULL; /* PolicyNodes */
+ PKIX_PolicyNode *childNode = NULL;
+ PKIX_List *expectedPolicies = NULL; /* OIDs */
+ PKIX_PL_OID *policyOID = NULL;
+ PKIX_PL_OID *childPolicy = NULL;
+ PKIX_List *subjectDomainPolicies = NULL; /* OIDs */
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_CheckAny");
+ PKIX_NULLCHECK_TWO(currentNode, state);
+
+ PKIX_CHECK(PKIX_PolicyNode_GetDepth
+ (currentNode, &depth, plContext),
+ PKIX_POLICYNODEGETDEPTHFAILED);
+
+ PKIX_CHECK(pkix_PolicyNode_GetChildrenMutable
+ (currentNode, &children, plContext),
+ PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED);
+
+ if (children) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ if (depth < (state->certsProcessed)) {
+ for (childIx = 0; childIx < numChildren; childIx++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (children,
+ childIx,
+ (PKIX_PL_Object **)&childNode,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_NULLCHECK_ONE(childNode);
+ PKIX_CHECK(pkix_PolicyChecker_CheckAny
+ (childNode,
+ qualsOfAny,
+ policyMaps,
+ state,
+ plContext),
+ PKIX_POLICYCHECKERCHECKANYFAILED);
+
+ PKIX_DECREF(childNode);
+ }
+ } else { /* if at the bottom of the tree */
+
+ PKIX_CHECK(PKIX_PolicyNode_GetExpectedPolicies
+ (currentNode, &expectedPolicies, plContext),
+ PKIX_POLICYNODEGETEXPECTEDPOLICIESFAILED);
+
+ /* Expected Policy Set is not allowed to be NULL */
+ PKIX_NULLCHECK_ONE(expectedPolicies);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (expectedPolicies, &numPolicies, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (polx = 0; polx < numPolicies; polx++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (expectedPolicies,
+ polx,
+ (PKIX_PL_Object **)&policyOID,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_NULLCHECK_ONE(policyOID);
+
+ isIncluded = PKIX_FALSE;
+
+ for (childIx = 0;
+ (!isIncluded && (childIx < numChildren));
+ childIx++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (children,
+ childIx,
+ (PKIX_PL_Object **)&childNode,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_NULLCHECK_ONE(childNode);
+
+ PKIX_CHECK(PKIX_PolicyNode_GetValidPolicy
+ (childNode, &childPolicy, plContext),
+ PKIX_POLICYNODEGETVALIDPOLICYFAILED);
+
+ PKIX_NULLCHECK_ONE(childPolicy);
+
+ PKIX_EQUALS(policyOID, childPolicy, &isIncluded, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ PKIX_DECREF(childNode);
+ PKIX_DECREF(childPolicy);
+ }
+
+ if (!isIncluded) {
+ if (policyMaps) {
+ PKIX_CHECK
+ (pkix_PolicyChecker_MapGetSubjectDomainPolicies
+ (policyMaps,
+ policyOID,
+ &subjectDomainPolicies,
+ plContext),
+ PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED);
+ }
+ PKIX_CHECK(pkix_PolicyChecker_Spawn
+ (currentNode,
+ policyOID,
+ qualsOfAny,
+ subjectDomainPolicies,
+ state,
+ plContext),
+ PKIX_POLICYCHECKERSPAWNFAILED);
+ PKIX_DECREF(subjectDomainPolicies);
+ }
+
+ PKIX_DECREF(policyOID);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(children);
+ PKIX_DECREF(childNode);
+ PKIX_DECREF(expectedPolicies);
+ PKIX_DECREF(policyOID);
+ PKIX_DECREF(childPolicy);
+ PKIX_DECREF(subjectDomainPolicies);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_CalculateIntersection
+ * DESCRIPTION:
+ *
+ * Processes the PolicyNode pointed to by "currentNode", and its descendants,
+ * using the PolicyCheckerState pointed to by "state", using the List at
+ * the address pointed to by "nominees" the OIDs of policies that are in the
+ * user-initial-policy-set but are not represented among the nodes at the
+ * bottom of the tree, and storing at "pShouldBePruned" the value TRUE if
+ * currentNode is childless at the end of this processing, FALSE if it has
+ * children or is at the bottom of the tree.
+ *
+ * When this function is called at the top level, "nominees" should be the List
+ * of all policies in the user-initial-policy-set. Policies that are
+ * represented in the valid-policy-node-set are removed from this List. As a
+ * result when nodes are created according to 6.1.5.(g)(iii)(3)(b), a node will
+ * be created for each policy remaining in this List.
+ *
+ * This function implements the calculation of the intersection of the
+ * validPolicyTree with the user-initial-policy-set, as described in
+ * RFC 3280 6.1.5(g)(iii).
+ *
+ * PARAMETERS:
+ * "currentNode"
+ * Address of PolicyNode whose descendants will be processed as described.
+ * Must be non-NULL.
+ * "state"
+ * Address of the current state of the PKIX_PolicyChecker. Must be non-NULL
+ * "nominees"
+ * Address of List of the OIDs for which nodes should be created to replace
+ * anyPolicy nodes. Must be non-NULL but may be empty.
+ * "pShouldBePruned"
+ * Address where Boolean return value, set to TRUE if this PolicyNode
+ * should be deleted, is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_CalculateIntersection(
+ PKIX_PolicyNode *currentNode,
+ PKIX_PolicyCheckerState *state,
+ PKIX_List *nominees, /* OIDs */
+ PKIX_Boolean *pShouldBePruned,
+ void *plContext)
+{
+ PKIX_Boolean currentPolicyIsAny = PKIX_FALSE;
+ PKIX_Boolean parentPolicyIsAny = PKIX_FALSE;
+ PKIX_Boolean currentPolicyIsValid = PKIX_FALSE;
+ PKIX_Boolean shouldBePruned = PKIX_FALSE;
+ PKIX_Boolean priorCriticality = PKIX_FALSE;
+ PKIX_UInt32 depth = 0;
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 childIndex = 0;
+ PKIX_UInt32 numNominees = 0;
+ PKIX_UInt32 polIx = 0;
+ PKIX_PL_OID *currentPolicy = NULL;
+ PKIX_PL_OID *parentPolicy = NULL;
+ PKIX_PL_OID *substPolicy = NULL;
+ PKIX_PolicyNode *parent = NULL;
+ PKIX_PolicyNode *child = NULL;
+ PKIX_List *children = NULL; /* PolicyNodes */
+ PKIX_List *policyQualifiers = NULL;
+
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "pkix_PolicyChecker_CalculateIntersection");
+
+ /*
+ * We call this function if the valid_policy_tree is not NULL and
+ * the user-initial-policy-set is not any-policy.
+ */
+ if (!state->validPolicyTree || state->initialIsAnyPolicy) {
+ PKIX_ERROR(PKIX_PRECONDITIONFAILED);
+ }
+
+ PKIX_NULLCHECK_FOUR(currentNode, state, nominees, pShouldBePruned);
+
+ PKIX_CHECK(PKIX_PolicyNode_GetValidPolicy
+ (currentNode, &currentPolicy, plContext),
+ PKIX_POLICYNODEGETVALIDPOLICYFAILED);
+
+ PKIX_NULLCHECK_TWO(state->anyPolicyOID, currentPolicy);
+
+ PKIX_EQUALS
+ (state->anyPolicyOID,
+ currentPolicy,
+ &currentPolicyIsAny,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ PKIX_CHECK(PKIX_PolicyNode_GetParent(currentNode, &parent, plContext),
+ PKIX_POLICYNODEGETPARENTFAILED);
+
+ if (currentPolicyIsAny == PKIX_FALSE) {
+
+ /*
+ * If we are at the top of the tree, or if our
+ * parent's validPolicy is anyPolicy, we are in
+ * the valid policy node set.
+ */
+ if (parent) {
+ PKIX_CHECK(PKIX_PolicyNode_GetValidPolicy
+ (parent, &parentPolicy, plContext),
+ PKIX_POLICYNODEGETVALIDPOLICYFAILED);
+
+ PKIX_NULLCHECK_ONE(parentPolicy);
+
+ PKIX_EQUALS
+ (state->anyPolicyOID,
+ parentPolicy,
+ &parentPolicyIsAny,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+ }
+
+ /*
+ * Section 6.1.5(g)(iii)(2)
+ * If this node's policy is not in the user-initial-policy-set,
+ * it is not in the intersection. Prune it.
+ */
+ if (!parent || parentPolicyIsAny) {
+ PKIX_CHECK(pkix_List_Contains
+ (state->userInitialPolicySet,
+ (PKIX_PL_Object *)currentPolicy,
+ &currentPolicyIsValid,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+ if (!currentPolicyIsValid) {
+ *pShouldBePruned = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If this node's policy is in the user-initial-policy-
+ * set, it will propagate that policy into the next
+ * level of the tree. Remove the policy from the list
+ * of policies that an anyPolicy will spawn.
+ */
+ PKIX_CHECK(pkix_List_Remove
+ (nominees,
+ (PKIX_PL_Object *)currentPolicy,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+ }
+ }
+
+
+ /* Are we at the bottom of the tree? */
+
+ PKIX_CHECK(PKIX_PolicyNode_GetDepth
+ (currentNode, &depth, plContext),
+ PKIX_POLICYNODEGETDEPTHFAILED);
+
+ if (depth == (state->numCerts)) {
+ /*
+ * Section 6.1.5(g)(iii)(3)
+ * Replace anyPolicy nodes...
+ */
+ if (currentPolicyIsAny == PKIX_TRUE) {
+
+ /* replace this node */
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (nominees, &numNominees, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numNominees) {
+
+ PKIX_CHECK(PKIX_PolicyNode_GetPolicyQualifiers
+ (currentNode,
+ &policyQualifiers,
+ plContext),
+ PKIX_POLICYNODEGETPOLICYQUALIFIERSFAILED);
+
+ PKIX_CHECK(PKIX_PolicyNode_IsCritical
+ (currentNode, &priorCriticality, plContext),
+ PKIX_POLICYNODEISCRITICALFAILED);
+ }
+
+ PKIX_NULLCHECK_ONE(parent);
+
+ for (polIx = 0; polIx < numNominees; polIx++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (nominees,
+ polIx,
+ (PKIX_PL_Object **)&substPolicy,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_Spawn
+ (parent,
+ substPolicy,
+ policyQualifiers,
+ NULL,
+ state,
+ plContext),
+ PKIX_POLICYCHECKERSPAWNFAILED);
+
+ PKIX_DECREF(substPolicy);
+
+ }
+ /* remove currentNode from parent */
+ *pShouldBePruned = PKIX_TRUE;
+ /*
+ * We can get away with augmenting the parent's List
+ * of children because we started at the end and went
+ * toward the beginning. New nodes are added at the end.
+ */
+ }
+ } else {
+ /*
+ * Section 6.1.5(g)(iii)(4)
+ * Prune any childless nodes above the bottom level
+ */
+ PKIX_CHECK(pkix_PolicyNode_GetChildrenMutable
+ (currentNode, &children, plContext),
+ PKIX_POLICYNODEGETCHILDRENMUTABLEFAILED);
+
+ /* CurrentNode should have been pruned if childless. */
+ PKIX_NULLCHECK_ONE(children);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (childIndex = numChildren; childIndex > 0; childIndex--) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (children,
+ childIndex - 1,
+ (PKIX_PL_Object **)&child,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_CalculateIntersection
+ (child, state, nominees, &shouldBePruned, plContext),
+ PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED);
+
+ if (PKIX_TRUE == shouldBePruned) {
+
+ PKIX_CHECK(PKIX_List_DeleteItem
+ (children, childIndex - 1, plContext),
+ PKIX_LISTDELETEITEMFAILED);
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ }
+
+ PKIX_DECREF(child);
+ }
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numChildren == 0) {
+ *pShouldBePruned = PKIX_TRUE;
+ }
+ }
+cleanup:
+ PKIX_DECREF(currentPolicy);
+ PKIX_DECREF(parentPolicy);
+ PKIX_DECREF(substPolicy);
+ PKIX_DECREF(parent);
+ PKIX_DECREF(child);
+ PKIX_DECREF(children);
+ PKIX_DECREF(policyQualifiers);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_PolicyMapProcessing
+ * DESCRIPTION:
+ *
+ * Performs the processing of Policies in the List of CertPolicyMaps pointed
+ * to by "policyMaps", using and updating the PolicyCheckerState pointed to by
+ * "state".
+ *
+ * This function implements the policyMap processing described in RFC3280
+ * Section 6.1.4(b)(1), after certificate i has been processed, in preparation
+ * for certificate i+1. Section references are to that document.
+ *
+ * PARAMETERS:
+ * "policyMaps"
+ * Address of the List of CertPolicyMaps presented by certificate i.
+ * Must be non-NULL.
+ * "certPoliciesIncludeAny"
+ * Boolean value which is PKIX_TRUE if the current certificate asserts
+ * anyPolicy, PKIX_FALSE otherwise.
+ * "qualsOfAny"
+ * Address of List of qualifiers of the anyPolicy in the current
+ * certificate. May be empty or NULL.
+ * "state"
+ * Address of the current state of the PKIX_PolicyChecker.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_PolicyMapProcessing(
+ PKIX_List *policyMaps, /* CertPolicyMaps */
+ PKIX_Boolean certPoliciesIncludeAny,
+ PKIX_List *qualsOfAny,
+ PKIX_PolicyCheckerState *state,
+ void *plContext)
+{
+ PKIX_UInt32 numPolicies = 0;
+ PKIX_UInt32 polX = 0;
+ PKIX_PL_OID *policyOID = NULL;
+ PKIX_List *newMappedPolicies = NULL; /* OIDs */
+ PKIX_List *subjectDomainPolicies = NULL; /* OIDs */
+
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "pkix_PolicyChecker_PolicyMapProcessing");
+ PKIX_NULLCHECK_THREE
+ (policyMaps,
+ state,
+ state->mappedUserInitialPolicySet);
+
+ /*
+ * For each policy in mappedUserInitialPolicySet, if it is not mapped,
+ * append it to new policySet; if it is mapped, append its
+ * subjectDomainPolicies to new policySet. When done, this new
+ * policySet will replace mappedUserInitialPolicySet.
+ */
+ PKIX_CHECK(PKIX_List_Create
+ (&newMappedPolicies, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->mappedUserInitialPolicySet,
+ &numPolicies,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (polX = 0; polX < numPolicies; polX++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->mappedUserInitialPolicySet,
+ polX,
+ (PKIX_PL_Object **)&policyOID,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_MapGetSubjectDomainPolicies
+ (policyMaps,
+ policyOID,
+ &subjectDomainPolicies,
+ plContext),
+ PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED);
+
+ if (subjectDomainPolicies) {
+
+ PKIX_CHECK(pkix_List_AppendUnique
+ (newMappedPolicies,
+ subjectDomainPolicies,
+ plContext),
+ PKIX_LISTAPPENDUNIQUEFAILED);
+
+ PKIX_DECREF(subjectDomainPolicies);
+
+ } else {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (newMappedPolicies,
+ (PKIX_PL_Object *)policyOID,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ PKIX_DECREF(policyOID);
+ }
+
+ /*
+ * For each policy ID-P remaining in mappedPolicyOIDs, it has not been
+ * propagated to the bottom of the tree (depth i). If policyMapping
+ * is greater than zero and this cert contains anyPolicy and the tree
+ * contains an anyPolicy node at depth i-1, then we must create a node
+ * with validPolicy ID-P, the policy qualifiers of anyPolicy in
+ * this certificate, and expectedPolicySet the subjectDomainPolicies
+ * that ID-P maps to. We also then add those subjectDomainPolicies to
+ * the list of policies that will be accepted in the next certificate,
+ * the mappedUserInitialPolicySet.
+ */
+
+ if ((state->policyMapping > 0) && (certPoliciesIncludeAny) &&
+ (state->anyPolicyNodeAtBottom) && (state->mappedPolicyOIDs)) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->mappedPolicyOIDs,
+ &numPolicies,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (polX = 0; polX < numPolicies; polX++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->mappedPolicyOIDs,
+ polX,
+ (PKIX_PL_Object **)&policyOID,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_MapGetSubjectDomainPolicies
+ (policyMaps,
+ policyOID,
+ &subjectDomainPolicies,
+ plContext),
+ PKIX_POLICYCHECKERMAPGETSUBJECTDOMAINPOLICIESFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_Spawn
+ (state->anyPolicyNodeAtBottom,
+ policyOID,
+ qualsOfAny,
+ subjectDomainPolicies,
+ state,
+ plContext),
+ PKIX_POLICYCHECKERSPAWNFAILED);
+
+ PKIX_CHECK(pkix_List_AppendUnique
+ (newMappedPolicies,
+ subjectDomainPolicies,
+ plContext),
+ PKIX_LISTAPPENDUNIQUEFAILED);
+
+ PKIX_DECREF(subjectDomainPolicies);
+ PKIX_DECREF(policyOID);
+ }
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(newMappedPolicies, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ PKIX_DECREF(state->mappedUserInitialPolicySet);
+ PKIX_INCREF(newMappedPolicies);
+
+ state->mappedUserInitialPolicySet = newMappedPolicies;
+
+cleanup:
+
+ PKIX_DECREF(policyOID);
+ PKIX_DECREF(newMappedPolicies);
+ PKIX_DECREF(subjectDomainPolicies);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_WrapUpProcessing
+ * DESCRIPTION:
+ *
+ * Performs the wrap-up processing for the Cert pointed to by "cert",
+ * using and updating the PolicyCheckerState pointed to by "state".
+ *
+ * This function implements the wrap-up processing described in RFC3280
+ * Section 6.1.5, after the final certificate has been processed. Section
+ * references in the comments are to that document.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of the current (presumably the end entity) certificate.
+ * Must be non-NULL.
+ * "state"
+ * Address of the current state of the PKIX_PolicyChecker.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+static PKIX_Error *
+pkix_PolicyChecker_WrapUpProcessing(
+ PKIX_PL_Cert *cert,
+ PKIX_PolicyCheckerState *state,
+ void *plContext)
+{
+ PKIX_Int32 explicitPolicySkipCerts = 0;
+ PKIX_Boolean isSelfIssued = PKIX_FALSE;
+ PKIX_Boolean shouldBePruned = PKIX_FALSE;
+ PKIX_List *nominees = NULL; /* OIDs */
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ PKIX_PL_String *stateString = NULL;
+ char *stateAscii = NULL;
+ PKIX_UInt32 length;
+#endif
+
+ PKIX_ENTER
+ (CERTCHAINCHECKER,
+ "pkix_PolicyChecker_WrapUpProcessing");
+ PKIX_NULLCHECK_THREE(cert, state, state->userInitialPolicySet);
+
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)state, &stateString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stateString,
+ PKIX_ESCASCII,
+ (void **)&stateAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_DEBUG_ARG("%s\n", stateAscii);
+
+ PKIX_FREE(stateAscii);
+ PKIX_DECREF(stateString);
+#endif
+
+ /* Section 6.1.5(a) ... */
+ PKIX_CHECK(pkix_IsCertSelfIssued
+ (cert, &isSelfIssued, plContext),
+ PKIX_ISCERTSELFISSUEDFAILED);
+
+ if (!isSelfIssued) {
+ if (state->explicitPolicy > 0) {
+
+ state->explicitPolicy--;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ }
+ }
+
+ /* Section 6.1.5(b) ... */
+ PKIX_CHECK(PKIX_PL_Cert_GetRequireExplicitPolicy
+ (cert, &explicitPolicySkipCerts, plContext),
+ PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED);
+
+ if (explicitPolicySkipCerts == 0) {
+ state->explicitPolicy = 0;
+ }
+
+ /* Section 6.1.5(g)(i) ... */
+
+ if (!(state->validPolicyTree)) {
+ goto cleanup;
+ }
+
+ /* Section 6.1.5(g)(ii) ... */
+
+ if (state->initialIsAnyPolicy) {
+ goto cleanup;
+ }
+
+ /*
+ * Section 6.1.5(g)(iii) ...
+ * Create a list of policies which could be substituted for anyPolicy.
+ * Start with a (mutable) copy of user-initial-policy-set.
+ */
+ PKIX_CHECK(pkix_PolicyChecker_MakeMutableCopy
+ (state->userInitialPolicySet, &nominees, plContext),
+ PKIX_POLICYCHECKERMAKEMUTABLECOPYFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_CalculateIntersection
+ (state->validPolicyTree, /* node at top of tree */
+ state,
+ nominees,
+ &shouldBePruned,
+ plContext),
+ PKIX_POLICYCHECKERCALCULATEINTERSECTIONFAILED);
+
+ if (PKIX_TRUE == shouldBePruned) {
+ PKIX_DECREF(state->validPolicyTree);
+ }
+
+ if (state->validPolicyTree) {
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state->validPolicyTree, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ if (state->validPolicyTree) {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)state, &stateString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stateString,
+ PKIX_ESCASCII,
+ (void **)&stateAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_DEBUG_ARG
+ ("After CalculateIntersection:\n%s\n", stateAscii);
+
+ PKIX_FREE(stateAscii);
+ PKIX_DECREF(stateString);
+ } else {
+ PKIX_DEBUG("validPolicyTree is NULL\n");
+ }
+#endif
+
+ /* Section 6.1.5(g)(iii)(4) ... */
+
+ if (state->validPolicyTree) {
+
+ PKIX_CHECK(pkix_PolicyNode_Prune
+ (state->validPolicyTree,
+ state->numCerts,
+ &shouldBePruned,
+ plContext),
+ PKIX_POLICYNODEPRUNEFAILED);
+
+ if (shouldBePruned) {
+ PKIX_DECREF(state->validPolicyTree);
+ }
+ }
+
+ if (state->validPolicyTree) {
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state->validPolicyTree, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)state, &stateString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stateString,
+ PKIX_ESCASCII,
+ (void **)&stateAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+ PKIX_DEBUG_ARG("%s\n", stateAscii);
+
+ PKIX_FREE(stateAscii);
+ PKIX_DECREF(stateString);
+#endif
+
+cleanup:
+
+ PKIX_DECREF(nominees);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+
+/*
+ * FUNCTION: pkix_PolicyChecker_Check
+ * (see comments in pkix_checker.h for PKIX_CertChainChecker_CheckCallback)
+ *
+ * Labels referring to sections, such as "Section 6.1.3(d)", refer to
+ * sections of RFC3280, Section 6.1.3 Basic Certificate Processing.
+ *
+ * If a non-fatal error occurs, it is unlikely that policy processing can
+ * continue. But it is still possible that chain validation could succeed if
+ * policy processing is non-critical. So if this function receives a non-fatal
+ * error from a lower level routine, it aborts policy processing by setting
+ * the validPolicyTree to NULL and tries to continue.
+ *
+ */
+static PKIX_Error *
+pkix_PolicyChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticals, /* OIDs */
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_UInt32 numPolicies = 0;
+ PKIX_UInt32 polX = 0;
+ PKIX_Boolean result = PKIX_FALSE;
+ PKIX_Int32 inhibitMappingSkipCerts = 0;
+ PKIX_Int32 explicitPolicySkipCerts = 0;
+ PKIX_Int32 inhibitAnyPolicySkipCerts = 0;
+ PKIX_Boolean shouldBePruned = PKIX_FALSE;
+ PKIX_Boolean isSelfIssued = PKIX_FALSE;
+ PKIX_Boolean certPoliciesIncludeAny = PKIX_FALSE;
+ PKIX_Boolean doAnyPolicyProcessing = PKIX_FALSE;
+
+ PKIX_PolicyCheckerState *state = NULL;
+ PKIX_List *certPolicyInfos = NULL; /* CertPolicyInfos */
+ PKIX_PL_CertPolicyInfo *policy = NULL;
+ PKIX_PL_OID *policyOID = NULL;
+ PKIX_List *qualsOfAny = NULL; /* CertPolicyQualifiers */
+ PKIX_List *policyQualifiers = NULL; /* CertPolicyQualifiers */
+ PKIX_List *policyMaps = NULL; /* CertPolicyMaps */
+ PKIX_List *mappedPolicies = NULL; /* OIDs */
+ PKIX_Error *subroutineErr = NULL;
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ PKIX_PL_String *stateString = NULL;
+ char *stateAscii = NULL;
+ PKIX_PL_String *certString = NULL;
+ char *certAscii = NULL;
+ PKIX_UInt32 length;
+#endif
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_Check");
+ PKIX_NULLCHECK_FOUR(checker, cert, unresolvedCriticals, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ PKIX_NULLCHECK_TWO(state, state->certPoliciesExtension);
+
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)state, &stateString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stateString,
+ PKIX_ESCASCII,
+ (void **)&stateAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+ PKIX_DEBUG_ARG("On entry %s\n", stateAscii);
+ PKIX_FREE(stateAscii);
+ PKIX_DECREF(stateString);
+#endif
+
+ /*
+ * Section 6.1.4(a)
+ * If this is not the last certificate, and if
+ * policyMapping extension is present, check that no
+ * issuerDomainPolicy or subjectDomainPolicy is equal to the
+ * special policy anyPolicy.
+ */
+ if (state->certsProcessed != (state->numCerts - 1)) {
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyMappings
+ (cert, &policyMaps, plContext),
+ PKIX_CERTGETPOLICYMAPPINGSFAILED);
+ }
+
+ if (policyMaps) {
+
+ PKIX_CHECK(pkix_PolicyChecker_MapContains
+ (policyMaps, state->anyPolicyOID, &result, plContext),
+ PKIX_POLICYCHECKERMAPCONTAINSFAILED);
+
+ if (result) {
+ PKIX_ERROR(PKIX_INVALIDPOLICYMAPPINGINCLUDESANYPOLICY);
+ }
+
+ PKIX_CHECK(pkix_PolicyChecker_MapGetMappedPolicies
+ (policyMaps, &mappedPolicies, plContext),
+ PKIX_POLICYCHECKERMAPGETMAPPEDPOLICIESFAILED);
+
+ PKIX_DECREF(state->mappedPolicyOIDs);
+ PKIX_INCREF(mappedPolicies);
+ state->mappedPolicyOIDs = mappedPolicies;
+ }
+
+ /* Section 6.1.3(d) */
+ if (state->validPolicyTree) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyInformation
+ (cert, &certPolicyInfos, plContext),
+ PKIX_CERTGETPOLICYINFORMATIONFAILED);
+
+ if (certPolicyInfos) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (certPolicyInfos, &numPolicies, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ if (numPolicies > 0) {
+
+ PKIX_CHECK(PKIX_PL_Cert_AreCertPoliciesCritical
+ (cert, &(state->certPoliciesCritical), plContext),
+ PKIX_CERTARECERTPOLICIESCRITICALFAILED);
+
+ /* Section 6.1.3(d)(1) For each policy not equal to anyPolicy */
+ for (polX = 0; polX < numPolicies; polX++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (certPolicyInfos,
+ polX,
+ (PKIX_PL_Object **)&policy,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_CertPolicyInfo_GetPolicyId
+ (policy, &policyOID, plContext),
+ PKIX_CERTPOLICYINFOGETPOLICYIDFAILED);
+
+ PKIX_CHECK(PKIX_PL_CertPolicyInfo_GetPolQualifiers
+ (policy, &policyQualifiers, plContext),
+ PKIX_CERTPOLICYINFOGETPOLQUALIFIERSFAILED);
+
+ PKIX_EQUALS
+ (state->anyPolicyOID,
+ policyOID,
+ &result,
+ plContext,
+ PKIX_OIDEQUALFAILED);
+
+ if (result == PKIX_FALSE) {
+
+ /* Section 6.1.3(d)(1)(i) */
+ subroutineErr = pkix_PolicyChecker_CheckPolicy
+ (policyOID,
+ policyQualifiers,
+ cert,
+ policyMaps,
+ state,
+ plContext);
+ if (subroutineErr) {
+ goto subrErrorCleanup;
+ }
+
+ } else {
+ /*
+ * No descent (yet) for anyPolicy, but we will need
+ * the policyQualifiers for anyPolicy in 6.1.3(d)(2)
+ */
+ PKIX_DECREF(qualsOfAny);
+ PKIX_INCREF(policyQualifiers);
+ qualsOfAny = policyQualifiers;
+ certPoliciesIncludeAny = PKIX_TRUE;
+ }
+ PKIX_DECREF(policy);
+ PKIX_DECREF(policyOID);
+ PKIX_DECREF(policyQualifiers);
+ }
+
+ /* Section 6.1.3(d)(2) */
+ if (certPoliciesIncludeAny == PKIX_TRUE) {
+ if (state->inhibitAnyPolicy > 0) {
+ doAnyPolicyProcessing = PKIX_TRUE;
+ } else {
+ /* We haven't yet counted the current cert */
+ if (((state->certsProcessed) + 1) <
+ (state->numCerts)) {
+
+ PKIX_CHECK(pkix_IsCertSelfIssued
+ (cert,
+ &doAnyPolicyProcessing,
+ plContext),
+ PKIX_ISCERTSELFISSUEDFAILED);
+ }
+ }
+ if (doAnyPolicyProcessing) {
+ subroutineErr = pkix_PolicyChecker_CheckAny
+ (state->validPolicyTree,
+ qualsOfAny,
+ policyMaps,
+ state,
+ plContext);
+ if (subroutineErr) {
+ goto subrErrorCleanup;
+ }
+ }
+ }
+
+ /* Section 6.1.3(d)(3) */
+ if (state->validPolicyTree) {
+ subroutineErr = pkix_PolicyNode_Prune
+ (state->validPolicyTree,
+ state->certsProcessed + 1,
+ &shouldBePruned,
+ plContext);
+ if (subroutineErr) {
+ goto subrErrorCleanup;
+ }
+ if (shouldBePruned) {
+ PKIX_DECREF(state->validPolicyTree);
+ PKIX_DECREF(state->anyPolicyNodeAtBottom);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ } else {
+ /* Section 6.1.3(e) */
+ PKIX_DECREF(state->validPolicyTree);
+ PKIX_DECREF(state->anyPolicyNodeAtBottom);
+ PKIX_DECREF(state->newAnyPolicyNode);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ }
+ }
+
+ /* Section 6.1.3(f) */
+ if ((0 == state->explicitPolicy) && (!state->validPolicyTree)) {
+ PKIX_ERROR(PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION);
+ }
+
+ /*
+ * Remove Policy OIDs from list of unresolved critical
+ * extensions, if present.
+ */
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticals,
+ (PKIX_PL_Object *)state->certPoliciesExtension,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticals,
+ (PKIX_PL_Object *)state->policyMappingsExtension,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticals,
+ (PKIX_PL_Object *)state->policyConstraintsExtension,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticals,
+ (PKIX_PL_Object *)state->inhibitAnyPolicyExtension,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+
+ state->certsProcessed++;
+
+ /* If this was not the last certificate, do next-cert preparation */
+ if (state->certsProcessed != state->numCerts) {
+
+ if (policyMaps) {
+ subroutineErr = pkix_PolicyChecker_PolicyMapProcessing
+ (policyMaps,
+ certPoliciesIncludeAny,
+ qualsOfAny,
+ state,
+ plContext);
+ if (subroutineErr) {
+ goto subrErrorCleanup;
+ }
+ }
+
+ /* update anyPolicyNodeAtBottom pointer */
+ PKIX_DECREF(state->anyPolicyNodeAtBottom);
+ state->anyPolicyNodeAtBottom = state->newAnyPolicyNode;
+ state->newAnyPolicyNode = NULL;
+
+ /* Section 6.1.4(h) */
+ PKIX_CHECK(pkix_IsCertSelfIssued
+ (cert, &isSelfIssued, plContext),
+ PKIX_ISCERTSELFISSUEDFAILED);
+
+ if (!isSelfIssued) {
+ if (state->explicitPolicy > 0) {
+ state->explicitPolicy--;
+ }
+ if (state->policyMapping > 0) {
+ state->policyMapping--;
+ }
+ if (state->inhibitAnyPolicy > 0) {
+ state->inhibitAnyPolicy--;
+ }
+ }
+
+ /* Section 6.1.4(i) */
+ PKIX_CHECK(PKIX_PL_Cert_GetRequireExplicitPolicy
+ (cert, &explicitPolicySkipCerts, plContext),
+ PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED);
+
+ if (explicitPolicySkipCerts != -1) {
+ if (((PKIX_UInt32)explicitPolicySkipCerts) <
+ (state->explicitPolicy)) {
+ state->explicitPolicy =
+ ((PKIX_UInt32) explicitPolicySkipCerts);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyMappingInhibited
+ (cert, &inhibitMappingSkipCerts, plContext),
+ PKIX_CERTGETPOLICYMAPPINGINHIBITEDFAILED);
+
+ if (inhibitMappingSkipCerts != -1) {
+ if (((PKIX_UInt32)inhibitMappingSkipCerts) <
+ (state->policyMapping)) {
+ state->policyMapping =
+ ((PKIX_UInt32)inhibitMappingSkipCerts);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_GetInhibitAnyPolicy
+ (cert, &inhibitAnyPolicySkipCerts, plContext),
+ PKIX_CERTGETINHIBITANYPOLICYFAILED);
+
+ if (inhibitAnyPolicySkipCerts != -1) {
+ if (((PKIX_UInt32)inhibitAnyPolicySkipCerts) <
+ (state->inhibitAnyPolicy)) {
+ state->inhibitAnyPolicy =
+ ((PKIX_UInt32)inhibitAnyPolicySkipCerts);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ } else { /* If this was the last certificate, do wrap-up processing */
+
+ /* Section 6.1.5 */
+ subroutineErr = pkix_PolicyChecker_WrapUpProcessing
+ (cert, state, plContext);
+ if (subroutineErr) {
+ goto subrErrorCleanup;
+ }
+
+ if ((0 == state->explicitPolicy) && (!state->validPolicyTree)) {
+ PKIX_ERROR(PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION);
+ }
+
+ PKIX_DECREF(state->anyPolicyNodeAtBottom);
+ PKIX_DECREF(state->newAnyPolicyNode);
+ }
+
+
+ if (subroutineErr) {
+
+subrErrorCleanup:
+ /* We had an error. Was it a fatal error? */
+ pkixErrorClass = subroutineErr->errClass;
+ if (pkixErrorClass == PKIX_FATAL_ERROR) {
+ pkixErrorResult = subroutineErr;
+ subroutineErr = NULL;
+ goto cleanup;
+ }
+ /*
+ * Abort policy processing, and then determine whether
+ * we can continue without policy processing.
+ */
+ PKIX_DECREF(state->validPolicyTree);
+ PKIX_DECREF(state->anyPolicyNodeAtBottom);
+ PKIX_DECREF(state->newAnyPolicyNode);
+ if (state->explicitPolicy == 0) {
+ PKIX_ERROR
+ (PKIX_CERTCHAINFAILSCERTIFICATEPOLICYVALIDATION);
+ }
+ }
+
+ /* Checking is complete. Save state for the next certificate. */
+ PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
+ (checker, (PKIX_PL_Object *)state, plContext),
+ PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
+
+cleanup:
+
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+ if (cert) {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)cert, &certString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (certString,
+ PKIX_ESCASCII,
+ (void **)&certAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+ PKIX_DEBUG_ARG("Cert was %s\n", certAscii);
+ PKIX_FREE(certAscii);
+ PKIX_DECREF(certString);
+ }
+ if (state) {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)state, &stateString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stateString,
+ PKIX_ESCASCII,
+ (void **)&stateAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+ PKIX_DEBUG_ARG("On exit %s\n", stateAscii);
+ PKIX_FREE(stateAscii);
+ PKIX_DECREF(stateString);
+ }
+#endif
+
+ PKIX_DECREF(state);
+ PKIX_DECREF(certPolicyInfos);
+ PKIX_DECREF(policy);
+ PKIX_DECREF(qualsOfAny);
+ PKIX_DECREF(policyQualifiers);
+ PKIX_DECREF(policyOID);
+ PKIX_DECREF(subroutineErr);
+ PKIX_DECREF(policyMaps);
+ PKIX_DECREF(mappedPolicies);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_PolicyChecker_Initialize
+ * DESCRIPTION:
+ *
+ * Creates and initializes a PolicyChecker, using the List pointed to
+ * by "initialPolicies" for the user-initial-policy-set, the Boolean value
+ * of "policyQualifiersRejected" for the policyQualifiersRejected parameter,
+ * the Boolean value of "initialPolicyMappingInhibit" for the
+ * inhibitPolicyMappings parameter, the Boolean value of
+ * "initialExplicitPolicy" for the initialExplicitPolicy parameter, the
+ * Boolean value of "initialAnyPolicyInhibit" for the inhibitAnyPolicy
+ * parameter, and the UInt32 value of "numCerts" as the number of
+ * certificates in the chain; and stores the Checker at "pChecker".
+ *
+ * PARAMETERS:
+ * "initialPolicies"
+ * Address of List of OIDs comprising the user-initial-policy-set; the List
+ * may be empty or NULL
+ * "policyQualifiersRejected"
+ * Boolean value of the policyQualifiersRejected parameter
+ * "initialPolicyMappingInhibit"
+ * Boolean value of the inhibitPolicyMappings parameter
+ * "initialExplicitPolicy"
+ * Boolean value of the initialExplicitPolicy parameter
+ * "initialAnyPolicyInhibit"
+ * Boolean value of the inhibitAnyPolicy parameter
+ * "numCerts"
+ * Number of certificates in the chain to be validated
+ * "pChecker"
+ * Address to store the created PolicyChecker. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a CertChainChecker Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_PolicyChecker_Initialize(
+ PKIX_List *initialPolicies,
+ PKIX_Boolean policyQualifiersRejected,
+ PKIX_Boolean initialPolicyMappingInhibit,
+ PKIX_Boolean initialExplicitPolicy,
+ PKIX_Boolean initialAnyPolicyInhibit,
+ PKIX_UInt32 numCerts,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ PKIX_PolicyCheckerState *polCheckerState = NULL;
+ PKIX_List *policyExtensions = NULL; /* OIDs */
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_PolicyChecker_Initialize");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(pkix_PolicyCheckerState_Create
+ (initialPolicies,
+ policyQualifiersRejected,
+ initialPolicyMappingInhibit,
+ initialExplicitPolicy,
+ initialAnyPolicyInhibit,
+ numCerts,
+ &polCheckerState,
+ plContext),
+ PKIX_POLICYCHECKERSTATECREATEFAILED);
+
+ /* Create the list of extensions that we handle */
+ PKIX_CHECK(pkix_PolicyChecker_MakeSingleton
+ ((PKIX_PL_Object *)(polCheckerState->certPoliciesExtension),
+ PKIX_TRUE,
+ &policyExtensions,
+ plContext),
+ PKIX_POLICYCHECKERMAKESINGLETONFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_PolicyChecker_Check,
+ PKIX_FALSE, /* forwardCheckingSupported */
+ PKIX_FALSE,
+ policyExtensions,
+ (PKIX_PL_Object *)polCheckerState,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+cleanup:
+ PKIX_DECREF(polCheckerState);
+ PKIX_DECREF(policyExtensions);
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_policychecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_policychecker.h
new file mode 100755
index 000000000..8b87ac122
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_policychecker.h
@@ -0,0 +1,73 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_policychecker.h
+ *
+ * Header file for policy checker.
+ *
+ */
+
+#ifndef _PKIX_POLICYCHECKER_H
+#define _PKIX_POLICYCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct PKIX_PolicyCheckerStateStruct PKIX_PolicyCheckerState;
+
+struct PKIX_PolicyCheckerStateStruct{
+ PKIX_PL_OID *certPoliciesExtension; /* const */
+ PKIX_PL_OID *policyMappingsExtension; /* const */
+ PKIX_PL_OID *policyConstraintsExtension; /* const */
+ PKIX_PL_OID *inhibitAnyPolicyExtension; /* const */
+ PKIX_PL_OID *anyPolicyOID; /* const */
+ PKIX_Boolean initialIsAnyPolicy; /* const */
+ PKIX_PolicyNode *validPolicyTree;
+ PKIX_List *userInitialPolicySet; /* immutable */
+ PKIX_List *mappedUserInitialPolicySet;
+ PKIX_Boolean policyQualifiersRejected;
+ PKIX_Boolean initialPolicyMappingInhibit;
+ PKIX_Boolean initialExplicitPolicy;
+ PKIX_Boolean initialAnyPolicyInhibit;
+ PKIX_UInt32 explicitPolicy;
+ PKIX_UInt32 inhibitAnyPolicy;
+ PKIX_UInt32 policyMapping;
+ PKIX_UInt32 numCerts;
+ PKIX_UInt32 certsProcessed;
+ PKIX_PolicyNode *anyPolicyNodeAtBottom;
+ PKIX_PolicyNode *newAnyPolicyNode;
+ /*
+ * The following variables do not survive from one
+ * certificate to the next. They are needed at each
+ * level of recursive routines, any by placing them
+ * in the state object we can pass fewer arguments.
+ */
+ PKIX_Boolean certPoliciesCritical;
+ PKIX_List *mappedPolicyOIDs;
+};
+
+PKIX_Error *
+pkix_PolicyChecker_Initialize(
+ PKIX_List *initialPolicies,
+ PKIX_Boolean policyQualifiersRejected,
+ PKIX_Boolean initialPolicyMappingInhibit,
+ PKIX_Boolean initialExplicitPolicy,
+ PKIX_Boolean initialAnyPolicyInhibit,
+ PKIX_UInt32 numCerts,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+/* --Private-Functions-------------------------------------------- */
+
+PKIX_Error *
+pkix_PolicyCheckerState_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_POLICYCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c
new file mode 100755
index 000000000..7bed9b886
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c
@@ -0,0 +1,475 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_revocationchecker.c
+ *
+ * RevocationChecker Object Functions
+ *
+ */
+
+#include "pkix_revocationchecker.h"
+#include "pkix_tools.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_RevocationChecker_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_RevocationChecker_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_RevocationChecker *checker = NULL;
+
+ PKIX_ENTER(REVOCATIONCHECKER, "pkix_RevocationChecker_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a revocation checker */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_REVOCATIONCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTREVOCATIONCHECKER);
+
+ checker = (PKIX_RevocationChecker *)object;
+
+ PKIX_DECREF(checker->leafMethodList);
+ PKIX_DECREF(checker->chainMethodList);
+
+cleanup:
+
+ PKIX_RETURN(REVOCATIONCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_RevocationChecker_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_RevocationChecker_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_RevocationChecker *checker = NULL;
+ PKIX_RevocationChecker *checkerDuplicate = NULL;
+ PKIX_List *dupLeafList = NULL;
+ PKIX_List *dupChainList = NULL;
+
+ PKIX_ENTER(REVOCATIONCHECKER, "pkix_RevocationChecker_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_REVOCATIONCHECKER_TYPE, plContext),
+ PKIX_OBJECTNOTCERTCHAINCHECKER);
+
+ checker = (PKIX_RevocationChecker *)object;
+
+ if (checker->leafMethodList){
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)checker->leafMethodList,
+ (PKIX_PL_Object **)&dupLeafList,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+ }
+ if (checker->chainMethodList){
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)checker->chainMethodList,
+ (PKIX_PL_Object **)&dupChainList,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+ }
+
+ PKIX_CHECK(
+ PKIX_RevocationChecker_Create(checker->leafMethodListFlags,
+ checker->chainMethodListFlags,
+ &checkerDuplicate,
+ plContext),
+ PKIX_REVOCATIONCHECKERCREATEFAILED);
+
+ checkerDuplicate->leafMethodList = dupLeafList;
+ checkerDuplicate->chainMethodList = dupChainList;
+ dupLeafList = NULL;
+ dupChainList = NULL;
+
+ *pNewObject = (PKIX_PL_Object *)checkerDuplicate;
+
+cleanup:
+ PKIX_DECREF(dupLeafList);
+ PKIX_DECREF(dupChainList);
+
+ PKIX_RETURN(REVOCATIONCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_RevocationChecker_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_REVOCATIONCHECKER_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_RevocationChecker_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(REVOCATIONCHECKER, "pkix_RevocationChecker_RegisterSelf");
+
+ entry.description = "RevocationChecker";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_RevocationChecker);
+ entry.destructor = pkix_RevocationChecker_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_RevocationChecker_Duplicate;
+
+ systemClasses[PKIX_REVOCATIONCHECKER_TYPE] = entry;
+
+ PKIX_RETURN(REVOCATIONCHECKER);
+}
+
+/* Sort methods by their priorities (lower priority = higher preference) */
+static PKIX_Error *
+pkix_RevocationChecker_SortComparator(
+ PKIX_PL_Object *obj1,
+ PKIX_PL_Object *obj2,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ pkix_RevocationMethod *method1 = NULL, *method2 = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_RevocationChecker_SortComparator");
+
+ method1 = (pkix_RevocationMethod *)obj1;
+ method2 = (pkix_RevocationMethod *)obj2;
+
+ if (method1->priority < method2->priority) {
+ *pResult = -1;
+ } else if (method1->priority > method2->priority) {
+ *pResult = 1;
+ } else {
+ *pResult = 0;
+ }
+
+ PKIX_RETURN(BUILD);
+}
+
+
+/* --Public-Functions--------------------------------------------- */
+
+
+/*
+ * FUNCTION: PKIX_RevocationChecker_Create (see comments in pkix_revchecker.h)
+ */
+PKIX_Error *
+PKIX_RevocationChecker_Create(
+ PKIX_UInt32 leafMethodListFlags,
+ PKIX_UInt32 chainMethodListFlags,
+ PKIX_RevocationChecker **pChecker,
+ void *plContext)
+{
+ PKIX_RevocationChecker *checker = NULL;
+
+ PKIX_ENTER(REVOCATIONCHECKER, "PKIX_RevocationChecker_Create");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(
+ PKIX_PL_Object_Alloc(PKIX_REVOCATIONCHECKER_TYPE,
+ sizeof (PKIX_RevocationChecker),
+ (PKIX_PL_Object **)&checker,
+ plContext),
+ PKIX_COULDNOTCREATECERTCHAINCHECKEROBJECT);
+
+ checker->leafMethodListFlags = leafMethodListFlags;
+ checker->chainMethodListFlags = chainMethodListFlags;
+ checker->leafMethodList = NULL;
+ checker->chainMethodList = NULL;
+
+ *pChecker = checker;
+ checker = NULL;
+
+cleanup:
+ PKIX_DECREF(checker);
+
+ PKIX_RETURN(REVOCATIONCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_RevocationChecker_CreateAndAddMethod
+ */
+PKIX_Error *
+PKIX_RevocationChecker_CreateAndAddMethod(
+ PKIX_RevocationChecker *revChecker,
+ PKIX_ProcessingParams *params,
+ PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ PKIX_PL_VerifyCallback verificationFn,
+ PKIX_Boolean isLeafMethod,
+ void *plContext)
+{
+ PKIX_List **methodList = NULL;
+ PKIX_List *unsortedList = NULL;
+ PKIX_List *certStores = NULL;
+ pkix_RevocationMethod *method = NULL;
+ pkix_LocalRevocationCheckFn *localRevChecker = NULL;
+ pkix_ExternalRevocationCheckFn *externRevChecker = NULL;
+ PKIX_UInt32 miFlags;
+
+ PKIX_ENTER(REVOCATIONCHECKER, "PKIX_RevocationChecker_CreateAndAddMethod");
+ PKIX_NULLCHECK_ONE(revChecker);
+
+ /* If the caller has said "Either one is sufficient, then don't let the
+ * absence of any one method's info lead to an overall failure.
+ */
+ miFlags = isLeafMethod ? revChecker->leafMethodListFlags
+ : revChecker->chainMethodListFlags;
+ if (miFlags & PKIX_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE)
+ flags &= ~PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO;
+
+ switch (methodType) {
+ case PKIX_RevocationMethod_CRL:
+ localRevChecker = pkix_CrlChecker_CheckLocal;
+ externRevChecker = pkix_CrlChecker_CheckExternal;
+ PKIX_CHECK(
+ PKIX_ProcessingParams_GetCertStores(params, &certStores,
+ plContext),
+ PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
+ PKIX_CHECK(
+ pkix_CrlChecker_Create(methodType, flags, priority,
+ localRevChecker, externRevChecker,
+ certStores, verificationFn,
+ &method,
+ plContext),
+ PKIX_COULDNOTCREATECRLCHECKEROBJECT);
+ break;
+ case PKIX_RevocationMethod_OCSP:
+ localRevChecker = pkix_OcspChecker_CheckLocal;
+ externRevChecker = pkix_OcspChecker_CheckExternal;
+ PKIX_CHECK(
+ pkix_OcspChecker_Create(methodType, flags, priority,
+ localRevChecker, externRevChecker,
+ verificationFn,
+ &method,
+ plContext),
+ PKIX_COULDNOTCREATEOCSPCHECKEROBJECT);
+ break;
+ default:
+ PKIX_ERROR(PKIX_INVALIDREVOCATIONMETHOD);
+ }
+
+ if (isLeafMethod) {
+ methodList = &revChecker->leafMethodList;
+ } else {
+ methodList = &revChecker->chainMethodList;
+ }
+
+ if (*methodList == NULL) {
+ PKIX_CHECK(
+ PKIX_List_Create(methodList, plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+ unsortedList = *methodList;
+ PKIX_CHECK(
+ PKIX_List_AppendItem(unsortedList, (PKIX_PL_Object*)method, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_CHECK(
+ pkix_List_BubbleSort(unsortedList,
+ pkix_RevocationChecker_SortComparator,
+ methodList, plContext),
+ PKIX_LISTBUBBLESORTFAILED);
+
+cleanup:
+ PKIX_DECREF(method);
+ PKIX_DECREF(unsortedList);
+ PKIX_DECREF(certStores);
+
+ PKIX_RETURN(REVOCATIONCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_RevocationChecker_Check
+ */
+PKIX_Error *
+PKIX_RevocationChecker_Check(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Cert *issuer,
+ PKIX_RevocationChecker *revChecker,
+ PKIX_ProcessingParams *procParams,
+ PKIX_Boolean chainVerificationState,
+ PKIX_Boolean testingLeafCert,
+ PKIX_RevocationStatus *pRevStatus,
+ PKIX_UInt32 *pReasonCode,
+ void **pNbioContext,
+ void *plContext)
+{
+ PKIX_RevocationStatus overallStatus = PKIX_RevStatus_NoInfo;
+ PKIX_RevocationStatus methodStatus[PKIX_RevocationMethod_MAX];
+ PKIX_Boolean onlyUseRemoteMethods = PKIX_FALSE;
+ PKIX_UInt32 revFlags = 0;
+ PKIX_List *revList = NULL;
+ PKIX_PL_Date *date = NULL;
+ pkix_RevocationMethod *method = NULL;
+ void *nbioContext;
+ int tries;
+
+ PKIX_ENTER(REVOCATIONCHECKER, "PKIX_RevocationChecker_Check");
+ PKIX_NULLCHECK_TWO(revChecker, procParams);
+
+ nbioContext = *pNbioContext;
+ *pNbioContext = NULL;
+
+ if (testingLeafCert) {
+ revList = revChecker->leafMethodList;
+ revFlags = revChecker->leafMethodListFlags;
+ } else {
+ revList = revChecker->chainMethodList;
+ revFlags = revChecker->chainMethodListFlags;
+ }
+ if (!revList) {
+ /* Return NoInfo status */
+ goto cleanup;
+ }
+
+ PORT_Memset(methodStatus, PKIX_RevStatus_NoInfo,
+ sizeof(PKIX_RevocationStatus) * PKIX_RevocationMethod_MAX);
+
+ date = procParams->date;
+
+ /* Need to have two loops if we testing all local info first:
+ * first we are going to test all local(cached) info
+ * second, all remote info(fetching) */
+ for (tries = 0;tries < 2;tries++) {
+ unsigned int methodNum = 0;
+ for (;methodNum < revList->length;methodNum++) {
+ PKIX_UInt32 methodFlags = 0;
+
+ PKIX_DECREF(method);
+ PKIX_CHECK(
+ PKIX_List_GetItem(revList, methodNum,
+ (PKIX_PL_Object**)&method, plContext),
+ PKIX_LISTGETITEMFAILED);
+ methodFlags = method->flags;
+ if (!(methodFlags & PKIX_REV_M_TEST_USING_THIS_METHOD)) {
+ /* Will not check with this method. Skipping... */
+ continue;
+ }
+ if (!onlyUseRemoteMethods &&
+ methodStatus[methodNum] == PKIX_RevStatus_NoInfo) {
+ PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
+ PKIX_CHECK_NO_GOTO(
+ (*method->localRevChecker)(cert, issuer, date,
+ method, procParams,
+ methodFlags,
+ chainVerificationState,
+ &revStatus,
+ (CERTCRLEntryReasonCode *)pReasonCode,
+ plContext),
+ PKIX_REVCHECKERCHECKFAILED);
+ methodStatus[methodNum] = revStatus;
+ if (revStatus == PKIX_RevStatus_Revoked) {
+ /* if error was generated use it as final error. */
+ overallStatus = PKIX_RevStatus_Revoked;
+ goto cleanup;
+ }
+ if (pkixErrorResult) {
+ /* Disregard errors. Only returned revStatus matters. */
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResult,
+ plContext);
+ pkixErrorResult = NULL;
+ }
+ }
+ if ((!(revFlags & PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST) ||
+ onlyUseRemoteMethods) &&
+ chainVerificationState &&
+ methodStatus[methodNum] == PKIX_RevStatus_NoInfo) {
+ if (!(methodFlags & PKIX_REV_M_FORBID_NETWORK_FETCHING)) {
+ PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
+ PKIX_CHECK_NO_GOTO(
+ (*method->externalRevChecker)(cert, issuer, date,
+ method,
+ procParams, methodFlags,
+ &revStatus,
+ (CERTCRLEntryReasonCode *)pReasonCode,
+ &nbioContext, plContext),
+ PKIX_REVCHECKERCHECKFAILED);
+ methodStatus[methodNum] = revStatus;
+ if (revStatus == PKIX_RevStatus_Revoked) {
+ /* if error was generated use it as final error. */
+ overallStatus = PKIX_RevStatus_Revoked;
+ goto cleanup;
+ }
+ if (pkixErrorResult) {
+ /* Disregard errors. Only returned revStatus matters. */
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResult,
+ plContext);
+ pkixErrorResult = NULL;
+ }
+ } else if (methodFlags &
+ PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO) {
+ /* Info is not in the local cache. Network fetching is not
+ * allowed. If need to fail on missing fresh info for the
+ * the method, then we should fail right here.*/
+ overallStatus = PKIX_RevStatus_Revoked;
+ goto cleanup;
+ }
+ }
+ /* If success and we should not check the next method, then
+ * return a success. */
+ if (methodStatus[methodNum] == PKIX_RevStatus_Success &&
+ !(methodFlags & PKIX_REV_M_CONTINUE_TESTING_ON_FRESH_INFO)) {
+ overallStatus = PKIX_RevStatus_Success;
+ goto cleanup;
+ }
+ } /* inner loop */
+ if (!onlyUseRemoteMethods &&
+ revFlags & PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST &&
+ chainVerificationState) {
+ onlyUseRemoteMethods = PKIX_TRUE;
+ continue;
+ }
+ break;
+ } /* outer loop */
+
+ if (overallStatus == PKIX_RevStatus_NoInfo &&
+ chainVerificationState) {
+ /* The following check makes sence only for chain
+ * validation step, sinse we do not fetch info while
+ * in the process of finding trusted anchor.
+ * For chain building step it is enough to know, that
+ * the cert was not directly revoked by any of the
+ * methods. */
+
+ /* Still have no info. But one of the method could
+ * have returned success status(possible if CONTINUE
+ * TESTING ON FRESH INFO flag was used).
+ * If any of the methods have returned Success status,
+ * the overallStatus should be success. */
+ int methodNum = 0;
+ for (;methodNum < PKIX_RevocationMethod_MAX;methodNum++) {
+ if (methodStatus[methodNum] == PKIX_RevStatus_Success) {
+ overallStatus = PKIX_RevStatus_Success;
+ goto cleanup;
+ }
+ }
+ if (revFlags & PKIX_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE) {
+ overallStatus = PKIX_RevStatus_Revoked;
+ }
+ }
+
+cleanup:
+ *pRevStatus = overallStatus;
+ PKIX_DECREF(method);
+
+ PKIX_RETURN(REVOCATIONCHECKER);
+}
+
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.h
new file mode 100755
index 000000000..20dfe3778
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.h
@@ -0,0 +1,151 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_revocationchecker.h
+ *
+ * RevocationChecker Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_REVOCATIONCHECKER_H
+#define _PKIX_REVOCATIONCHECKER_H
+
+#include "pkixt.h"
+#include "certt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* NOTE: nbio logistic removed. Will be replaced later. */
+
+/*
+ * All Flags are prefixed by CERT_REV_M_, where _M_ indicates
+ * this is a method dependent flag.
+ */
+
+/*
+ * Whether or not to use a method for revocation testing.
+ * If set to "do not test", then all other flags are ignored.
+ */
+#define PKIX_REV_M_DO_NOT_TEST_USING_THIS_METHOD 0x00L
+#define PKIX_REV_M_TEST_USING_THIS_METHOD 0x01L
+
+/*
+ * Whether or not NSS is allowed to attempt to fetch fresh information
+ * from the network.
+ * (Although fetching will never happen if fresh information for the
+ * method is already locally available.)
+ */
+#define PKIX_REV_M_ALLOW_NETWORK_FETCHING 0x00L
+#define PKIX_REV_M_FORBID_NETWORK_FETCHING 0x02L
+
+/*
+ * Example for an implicit default source:
+ * The globally configured default OCSP responder.
+ * IGNORE means:
+ * ignore the implicit default source, whether it's configured or not.
+ * ALLOW means:
+ * if an implicit default source is configured,
+ * then it overrides any available or missing source in the cert.
+ * if no implicit default source is configured,
+ * then we continue to use what's available (or not available)
+ * in the certs.
+ */
+#define PKIX_REV_M_ALLOW_IMPLICIT_DEFAULT_SOURCE 0x00L
+#define PKIX_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE 0x04L /* OCSP only */
+
+/*
+ * Defines the behavior if no fresh information is available,
+ * fetching from the network is allowed, but the source of revocation
+ * information is unknown (even after considering implicit sources,
+ * if allowed by other flags).
+ * SKIPT_TEST means:
+ * We ignore that no fresh information is available and
+ * skip this test.
+ * REQUIRE_INFO means:
+ * We still require that fresh information is available.
+ * Other flags define what happens on missing fresh info.
+ */
+
+#define PKIX_REV_M_SKIP_TEST_ON_MISSING_SOURCE 0x00L
+#define PKIX_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE 0x08L
+
+/*
+ * Defines the behavior if we are unable to obtain fresh information.
+ * INGORE means:
+ * Return "cert status unknown"
+ * FAIL means:
+ * Return "cert revoked".
+ */
+
+#define PKIX_REV_M_IGNORE_MISSING_FRESH_INFO 0x00L
+#define PKIX_REV_M_FAIL_ON_MISSING_FRESH_INFO 0x10L
+
+/*
+ * What should happen if we were able to find fresh information using
+ * this method, and the data indicated the cert is good?
+ * STOP_TESTING means:
+ * Our success is sufficient, do not continue testing
+ * other methods.
+ * CONTINUE_TESTING means:
+ * We will continue and test the next allowed
+ * specified method.
+ */
+
+#define PKIX_REV_M_STOP_TESTING_ON_FRESH_INFO 0x00L
+#define PKIX_REV_M_CONTINUE_TESTING_ON_FRESH_INFO 0x20L
+
+/*
+ * All Flags are prefixed by PKIX_REV_MI_, where _MI_ indicates
+ * this is a method independent flag.
+ */
+
+/*
+ * This defines the order to checking.
+ * EACH_METHOD_SEPARATELY means:
+ * Do all tests related to a particular allowed method
+ * (both local information and network fetching) in a single step.
+ * Only after testing for a particular method is done,
+ * then switching to the next method will happen.
+ * ALL_LOCAL_INFORMATION_FIRST means:
+ * Start by testing the information for all allowed methods
+ * which are already locally available. Only after that is done
+ * consider to fetch from the network (as allowed by other flags).
+ */
+#define PKIX_REV_MI_TEST_EACH_METHOD_SEPARATELY 0x00L
+#define PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST 0x01L
+
+/*
+ * Use this flag to specify that it's necessary that fresh information
+ * is available for at least one of the allowed methods, but it's
+ * irrelevant which of the mechanisms succeeded.
+ * NO_OVERALL_INFO_REQUIREMENT means:
+ * We strictly follow the requirements for each individual method.
+ * REQUIRE_SOME_FRESH_INFO_AVAILABLE means:
+ * After the individual tests have been executed, we must have
+ * been able to find fresh information using at least one method.
+ * If we were unable to find fresh info, it's a failure.
+ */
+#define PKIX_REV_MI_NO_OVERALL_INFO_REQUIREMENT 0x00L
+#define PKIX_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE 0x02L
+
+/* Defines check time for the cert, revocation methods lists and
+ * flags for leaf and chain certs revocation tests. */
+struct PKIX_RevocationCheckerStruct {
+ PKIX_List *leafMethodList;
+ PKIX_List *chainMethodList;
+ PKIX_UInt32 leafMethodListFlags;
+ PKIX_UInt32 chainMethodListFlags;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_RevocationChecker_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_REVOCATIONCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.c b/security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.c
new file mode 100644
index 000000000..ee18ddef9
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.c
@@ -0,0 +1,66 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_revocationmethod.c
+ *
+ * RevocationMethod Object Functions
+ *
+ */
+
+#include "pkix_revocationmethod.h"
+#include "pkix_tools.h"
+
+/* Constructor of revocation method object. Does not create an object,
+ * but just initializez PKIX_RevocationMethodStruct fields. Object
+ * suppose to be already created. */
+PKIX_Error *
+pkix_RevocationMethod_Init(
+ pkix_RevocationMethod *method,
+ PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ pkix_LocalRevocationCheckFn localRevChecker,
+ pkix_ExternalRevocationCheckFn externalRevChecker,
+ void *plContext)
+{
+ PKIX_ENTER(REVOCATIONMETHOD, "PKIX_RevocationMethod_Init");
+
+ method->methodType = methodType;
+ method->flags = flags;
+ method->priority = priority;
+ method->localRevChecker = localRevChecker;
+ method->externalRevChecker = externalRevChecker;
+
+ PKIX_RETURN(REVOCATIONMETHOD);
+}
+
+/* Data duplication data. Not create an object. Only initializes fields
+ * in the new object by data from "object". */
+PKIX_Error *
+pkix_RevocationMethod_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object *newObject,
+ void *plContext)
+{
+ pkix_RevocationMethod *method = NULL;
+
+ PKIX_ENTER(REVOCATIONMETHOD, "pkix_RevocationMethod_Duplicate");
+ PKIX_NULLCHECK_TWO(object, newObject);
+
+ method = (pkix_RevocationMethod *)object;
+
+ PKIX_CHECK(
+ pkix_RevocationMethod_Init((pkix_RevocationMethod*)newObject,
+ method->methodType,
+ method->flags,
+ method->priority,
+ method->localRevChecker,
+ method->externalRevChecker,
+ plContext),
+ PKIX_COULDNOTCREATEREVOCATIONMETHODOBJECT);
+
+cleanup:
+
+ PKIX_RETURN(REVOCATIONMETHOD);
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.h b/security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.h
new file mode 100644
index 000000000..a97c7620a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_revocationmethod.h
@@ -0,0 +1,81 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_revocationmethod.h
+ *
+ * RevocationMethod Object
+ *
+ */
+
+#ifndef _PKIX_REVOCATIONMETHOD_H
+#define _PKIX_REVOCATIONMETHOD_H
+
+#include "pkixt.h"
+#include "pkix_revocationchecker.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkix_RevocationMethodStruct pkix_RevocationMethod;
+
+/* Local revocation check function prototype definition.
+ * Revocation methods capable of checking revocation though local
+ * means(cache) should implement this prototype. */
+typedef PKIX_Error *
+pkix_LocalRevocationCheckFn(PKIX_PL_Cert *cert, PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean chainVerificationState,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *reasonCode,
+ void *plContext);
+
+/* External revocation check function prototype definition.
+ * Revocation methods that required external communications(crldp
+ * ocsp) shoult implement this prototype. */
+typedef PKIX_Error *
+pkix_ExternalRevocationCheckFn(PKIX_PL_Cert *cert, PKIX_PL_Cert *issuer,
+ PKIX_PL_Date *date,
+ pkix_RevocationMethod *checkerObject,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 methodFlags,
+ PKIX_RevocationStatus *pRevStatus,
+ CERTCRLEntryReasonCode *reasonCode,
+ void **pNBIOContext, void *plContext);
+
+/* Revocation method structure assosiates revocation types with
+ * a set of flags on the method, a priority of the method (0
+ * corresponds to the highest priority), and method local/external
+ * checker functions. */
+struct pkix_RevocationMethodStruct {
+ PKIX_RevocationMethodType methodType;
+ PKIX_UInt32 flags;
+ PKIX_UInt32 priority;
+ pkix_LocalRevocationCheckFn (*localRevChecker);
+ pkix_ExternalRevocationCheckFn (*externalRevChecker);
+};
+
+PKIX_Error *
+pkix_RevocationMethod_Duplicate(PKIX_PL_Object *object,
+ PKIX_PL_Object *newObject,
+ void *plContext);
+
+PKIX_Error *
+pkix_RevocationMethod_Init(pkix_RevocationMethod *method,
+ PKIX_RevocationMethodType methodType,
+ PKIX_UInt32 flags,
+ PKIX_UInt32 priority,
+ pkix_LocalRevocationCheckFn localRevChecker,
+ pkix_ExternalRevocationCheckFn externalRevChecker,
+ void *plContext);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_REVOCATIONMETHOD_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c
new file mode 100755
index 000000000..0ed9ffaec
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.c
@@ -0,0 +1,443 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_signaturechecker.c
+ *
+ * Functions for signature validation
+ *
+ */
+
+#include "pkix_signaturechecker.h"
+
+/*
+ * FUNCTION: pkix_SignatureCheckerstate_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_SignatureCheckerState_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_SignatureCheckerState *state = NULL;
+
+ PKIX_ENTER(SIGNATURECHECKERSTATE,
+ "pkix_SignatureCheckerState_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a signature checker state */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_SIGNATURECHECKERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTSIGNATURECHECKERSTATE);
+
+ state = (pkix_SignatureCheckerState *) object;
+
+ state->prevCertCertSign = PKIX_FALSE;
+
+ PKIX_DECREF(state->prevPublicKey);
+ PKIX_DECREF(state->prevPublicKeyList);
+ PKIX_DECREF(state->keyUsageOID);
+
+cleanup:
+
+ PKIX_RETURN(SIGNATURECHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_SignatureCheckerState_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_SIGNATURECHECKERSTATE_TYPE and its related functions
+ * with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_SignatureCheckerState_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(SIGNATURECHECKERSTATE,
+ "pkix_SignatureCheckerState_RegisterSelf");
+
+ entry.description = "SignatureCheckerState";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(pkix_SignatureCheckerState);
+ entry.destructor = pkix_SignatureCheckerState_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_SIGNATURECHECKERSTATE_TYPE] = entry;
+
+ PKIX_RETURN(SIGNATURECHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_SignatureCheckerState_Create
+ *
+ * DESCRIPTION:
+ * Allocate and initialize SignatureChecker state data.
+ *
+ * PARAMETERS
+ * "trustedPubKey"
+ * Address of trusted Anchor Public Key for verifying first Cert in the
+ * chain. Must be non-NULL.
+ * "certsRemaining"
+ * Number of certificates remaining in the chain.
+ * "pCheckerState"
+ * Address where SignatureCheckerState will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a SignatureCheckerState Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_SignatureCheckerState_Create(
+ PKIX_PL_PublicKey *trustedPubKey,
+ PKIX_UInt32 certsRemaining,
+ pkix_SignatureCheckerState **pCheckerState,
+ void *plContext)
+{
+ pkix_SignatureCheckerState *state = NULL;
+ PKIX_PL_OID *keyUsageOID = NULL;
+
+ PKIX_ENTER(SIGNATURECHECKERSTATE, "pkix_SignatureCheckerState_Create");
+ PKIX_NULLCHECK_TWO(trustedPubKey, pCheckerState);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_SIGNATURECHECKERSTATE_TYPE,
+ sizeof (pkix_SignatureCheckerState),
+ (PKIX_PL_Object **)&state,
+ plContext),
+ PKIX_COULDNOTCREATESIGNATURECHECKERSTATEOBJECT);
+
+ /* Initialize fields */
+
+ state->prevCertCertSign = PKIX_TRUE;
+ state->prevPublicKeyList = NULL;
+ state->certsRemaining = certsRemaining;
+
+ PKIX_INCREF(trustedPubKey);
+ state->prevPublicKey = trustedPubKey;
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_CERTKEYUSAGE_OID,
+ &keyUsageOID,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ state->keyUsageOID = keyUsageOID;
+ keyUsageOID = NULL;
+
+ *pCheckerState = state;
+ state = NULL;
+
+cleanup:
+
+ PKIX_DECREF(keyUsageOID);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(SIGNATURECHECKERSTATE);
+}
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_SignatureChecker_Check
+ * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+ */
+PKIX_Error *
+pkix_SignatureChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions,
+ void **pNBIOContext,
+ void *plContext)
+{
+ pkix_SignatureCheckerState *state = NULL;
+ PKIX_PL_PublicKey *prevPubKey = NULL;
+ PKIX_PL_PublicKey *currPubKey = NULL;
+ PKIX_PL_PublicKey *newPubKey = NULL;
+ PKIX_PL_PublicKey *pKey = NULL;
+ PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
+ PKIX_Error *checkKeyUsageFail = NULL;
+ PKIX_Error *verifyFail = NULL;
+ PKIX_Boolean certVerified = PKIX_FALSE;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_SignatureChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ (state->certsRemaining)--;
+
+ PKIX_INCREF(state->prevPublicKey);
+ prevPubKey = state->prevPublicKey;
+
+ /*
+ * Previous Cert doesn't have CertSign bit on for signature
+ * verification and it is not a self-issued Cert so there is no
+ * old key saved. This is considered error.
+ */
+ if (state->prevCertCertSign == PKIX_FALSE &&
+ state->prevPublicKeyList == NULL) {
+ PKIX_ERROR(PKIX_KEYUSAGEKEYCERTSIGNBITNOTON);
+ }
+
+ /* Previous Cert is valid for signature verification, try it first */
+ if (state->prevCertCertSign == PKIX_TRUE) {
+ verifyFail = PKIX_PL_Cert_VerifySignature
+ (cert, prevPubKey, plContext);
+ if (verifyFail == NULL) {
+ certVerified = PKIX_TRUE;
+ } else {
+ certVerified = PKIX_FALSE;
+ }
+ }
+
+#ifdef NIST_TEST_4_5_4_AND_4_5_6
+
+ /*
+ * Following codes under this compiler flag is implemented for
+ * special cases of NIST tests 4.5.4 and 4.5.6. We are not sure
+ * we should handle these two tests as what is implemented so the
+ * codes are commented out, and the tests fails (for now).
+ * For Cert chain validation, our assumption is all the Certs on
+ * the chain are using its previous Cert's public key to decode
+ * its current key. But for thses two tests, keys are used not
+ * in this precedent order, we can either
+ * 1) Use what is implemented here: take in what Cert order NIST
+ * specified and for continuous self-issued Certs, stacking up
+ * their keys and tries all of them in FILO order.
+ * But this method breaks the idea of chain key presdency.
+ * 2) Use Build Chain facility: we will specify the valid Certs
+ * order (means key precedency is kept) and count on Build Chain
+ * to get the Certs that can fill for the needed keys. This may have
+ * performance impact.
+ * 3) Fetch Certs from CertStore: we will specifiy the valid Certs
+ * order and use CertSelector on SubjectName to get a list of
+ * candidates Certs to fill in for the needed keys.
+ * Anyhow, the codes are kept around just in case we want to use
+ * solution one...
+ */
+
+ /* If failed and previous key is self-issued, try its old key(s) */
+ if (certVerified == PKIX_FALSE && state->prevPublicKeyList != NULL) {
+
+ /* Verify from keys on the list */
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->prevPublicKeyList, &numKeys, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = numKeys - 1; i >= 0; i--) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->prevPublicKeyList,
+ i,
+ (PKIX_PL_Object **) &pKey,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_DECREF(verifyFail);
+ verifyFail = PKIX_PL_Cert_VerifySignature
+ (cert, pKey, plContext);
+
+ if (verifyFail == NULL) {
+ certVerified = PKIX_TRUE;
+ break;
+ } else {
+ certVerified = PKIX_FALSE;
+ }
+
+ PKIX_DECREF(pKey);
+ }
+ }
+#endif
+
+ if (certVerified == PKIX_FALSE) {
+ pkixErrorResult = verifyFail;
+ verifyFail = NULL;
+ PKIX_ERROR(PKIX_VALIDATIONFAILEDCERTSIGNATURECHECKING);
+ }
+
+#ifdef NIST_TEST_4_5_4_AND_4_5_6
+ /*
+ * Check if Cert is self-issued. If so, the old key(s) is saved, in
+ * conjunction to the new key, for verifying CERT validity later.
+ */
+ PKIX_CHECK(pkix_IsCertSelfIssued(cert, &selfIssued, plContext),
+ PKIX_ISCERTSELFISSUEFAILED);
+
+ /*
+ * Check if Cert is self-issued. If so, the public key of the Cert
+ * that issues this Cert (old key) can be used together with this
+ * current key (new key) for key verification. If there are multiple
+ * self-issued certs, keys of those Certs (old keys) can also be used
+ * for key verification. Old key(s) is saved in a list (PrevPublickKey-
+ * List) and cleared when a Cert is no longer self-issued. PrevPublic-
+ * Key keep key of the previous Cert.
+ */
+ if (selfIssued == PKIX_TRUE) {
+
+ /* Make sure previous Cert is valid for signature verification */
+ if (state->prevCertCertSign == PKIX_TRUE) {
+
+ if (state->prevPublicKeyList == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create
+ (&state->prevPublicKeyList, plContext),
+ PKIX_LISTCREATEFALIED);
+
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (state->prevPublicKeyList,
+ (PKIX_PL_Object *) state->prevPublicKey,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ } else {
+ /* Not self-issued Cert any more, clear old key(s) saved */
+ PKIX_DECREF(state->prevPublicKeyList);
+ }
+#endif
+
+ /* Save current key as prevPublicKey */
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (cert, &currPubKey, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+
+ PKIX_CHECK(PKIX_PL_PublicKey_MakeInheritedDSAPublicKey
+ (currPubKey, prevPubKey, &newPubKey, plContext),
+ PKIX_PUBLICKEYMAKEINHERITEDDSAPUBLICKEYFAILED);
+
+ if (newPubKey == NULL){
+ PKIX_INCREF(currPubKey);
+ newPubKey = currPubKey;
+ }
+
+ PKIX_INCREF(newPubKey);
+ PKIX_DECREF(state->prevPublicKey);
+
+ state->prevPublicKey = newPubKey;
+
+ /* Save this Cert key usage CertSign bit */
+ if (state->certsRemaining != 0) {
+ checkKeyUsageFail = PKIX_PL_Cert_VerifyKeyUsage
+ (cert, PKIX_KEY_CERT_SIGN, plContext);
+
+ state->prevCertCertSign = (checkKeyUsageFail == NULL)?
+ PKIX_TRUE:PKIX_FALSE;
+
+ PKIX_DECREF(checkKeyUsageFail);
+ }
+
+ /* Remove Key Usage Extension OID from list */
+ if (unresolvedCriticalExtensions != NULL) {
+
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticalExtensions,
+ (PKIX_PL_Object *) state->keyUsageOID,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_CertChainChecker_SetCertChainCheckerState
+ (checker, (PKIX_PL_Object *)state, plContext),
+ PKIX_CERTCHAINCHECKERSETCERTCHAINCHECKERSTATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(state);
+ PKIX_DECREF(pKey);
+ PKIX_DECREF(prevPubKey);
+ PKIX_DECREF(currPubKey);
+ PKIX_DECREF(newPubKey);
+ PKIX_DECREF(basicConstraints);
+ PKIX_DECREF(verifyFail);
+ PKIX_DECREF(checkKeyUsageFail);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_SignatureChecker_Initialize
+ * DESCRIPTION:
+ *
+ * Creates a new CertChainChecker and stores it at "pChecker", where it will
+ * be used by pkix_SignatureChecker_Check to check that the public key in
+ * the checker's state is able to successfully validate the certificate's
+ * signature. The PublicKey pointed to by "trustedPubKey" is used to
+ * initialize the checker's state.
+ *
+ * PARAMETERS:
+ * "trustedPubKey"
+ * Address of PublicKey representing the trusted public key used to
+ * initialize the state of this checker. Must be non-NULL.
+ * "certsRemaining"
+ * Number of certificates remaining in the chain.
+ * "pChecker"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_SignatureChecker_Initialize(
+ PKIX_PL_PublicKey *trustedPubKey,
+ PKIX_UInt32 certsRemaining,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ pkix_SignatureCheckerState* state = NULL;
+ PKIX_ENTER(CERTCHAINCHECKER, "PKIX_SignatureChecker_Initialize");
+ PKIX_NULLCHECK_TWO(pChecker, trustedPubKey);
+
+ PKIX_CHECK(pkix_SignatureCheckerState_Create
+ (trustedPubKey, certsRemaining, &state, plContext),
+ PKIX_SIGNATURECHECKERSTATECREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_SignatureChecker_Check,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ NULL,
+ (PKIX_PL_Object *) state,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.h
new file mode 100755
index 000000000..ccfb57857
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_signaturechecker.h
@@ -0,0 +1,44 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_signaturechecker.h
+ *
+ * Header file for validate signature function
+ *
+ */
+
+#ifndef _PKIX_SIGNATURECHECKER_H
+#define _PKIX_SIGNATURECHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkix_SignatureCheckerState pkix_SignatureCheckerState;
+
+struct pkix_SignatureCheckerState {
+ PKIX_Boolean prevCertCertSign;
+ PKIX_UInt32 certsRemaining;
+ PKIX_PL_PublicKey *prevPublicKey; /* Subject PubKey of last cert */
+ PKIX_List *prevPublicKeyList; /* of PKIX_PL_PublicKey */
+ PKIX_PL_OID *keyUsageOID;
+};
+
+PKIX_Error *
+pkix_SignatureChecker_Initialize(
+ PKIX_PL_PublicKey *trustedPubKey,
+ PKIX_UInt32 certsRemaining,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+PKIX_Error *
+pkix_SignatureCheckerState_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_SIGNATURECHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.c
new file mode 100755
index 000000000..46fe07112
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.c
@@ -0,0 +1,516 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_targetcertchecker.c
+ *
+ * Functions for target cert validation
+ *
+ */
+
+
+#include "pkix_targetcertchecker.h"
+
+/* --Private-TargetCertCheckerState-Functions------------------------------- */
+
+/*
+ * FUNCTION: pkix_TargetCertCheckerState_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_TargetCertCheckerState_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_TargetCertCheckerState *state = NULL;
+
+ PKIX_ENTER(TARGETCERTCHECKERSTATE,
+ "pkix_TargetCertCheckerState_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a target cert checker state */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_TARGETCERTCHECKERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTTARGETCERTCHECKERSTATE);
+
+ state = (pkix_TargetCertCheckerState *)object;
+
+ PKIX_DECREF(state->certSelector);
+ PKIX_DECREF(state->extKeyUsageOID);
+ PKIX_DECREF(state->subjAltNameOID);
+ PKIX_DECREF(state->pathToNameList);
+ PKIX_DECREF(state->extKeyUsageList);
+ PKIX_DECREF(state->subjAltNameList);
+
+cleanup:
+
+ PKIX_RETURN(TARGETCERTCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_TargetCertCheckerState_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_TARGETCERTCHECKERSTATE_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_TargetCertCheckerState_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(TARGETCERTCHECKERSTATE,
+ "pkix_TargetCertCheckerState_RegisterSelf");
+
+ entry.description = "TargetCertCheckerState";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(pkix_TargetCertCheckerState);
+ entry.destructor = pkix_TargetCertCheckerState_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_TARGETCERTCHECKERSTATE_TYPE] = entry;
+
+ PKIX_RETURN(TARGETCERTCHECKERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_TargetCertCheckerState_Create
+ * DESCRIPTION:
+ *
+ * Creates a new TargetCertCheckerState using the CertSelector pointed to
+ * by "certSelector" and the number of certs represented by "certsRemaining"
+ * and stores it at "pState".
+ *
+ * PARAMETERS:
+ * "certSelector"
+ * Address of CertSelector representing the criteria against which the
+ * final certificate in a chain is to be matched. Must be non-NULL.
+ * "certsRemaining"
+ * Number of certificates remaining in the chain.
+ * "pState"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a TargetCertCheckerState Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_TargetCertCheckerState_Create(
+ PKIX_CertSelector *certSelector,
+ PKIX_UInt32 certsRemaining,
+ pkix_TargetCertCheckerState **pState,
+ void *plContext)
+{
+ pkix_TargetCertCheckerState *state = NULL;
+ PKIX_ComCertSelParams *certSelectorParams = NULL;
+ PKIX_List *pathToNameList = NULL;
+ PKIX_List *extKeyUsageList = NULL;
+ PKIX_List *subjAltNameList = NULL;
+ PKIX_PL_OID *extKeyUsageOID = NULL;
+ PKIX_PL_OID *subjAltNameOID = NULL;
+ PKIX_Boolean subjAltNameMatchAll = PKIX_TRUE;
+
+ PKIX_ENTER(TARGETCERTCHECKERSTATE,
+ "pkix_TargetCertCheckerState_Create");
+ PKIX_NULLCHECK_ONE(pState);
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_EXTENDEDKEYUSAGE_OID,
+ &extKeyUsageOID,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (PKIX_CERTSUBJALTNAME_OID,
+ &subjAltNameOID,
+ plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_TARGETCERTCHECKERSTATE_TYPE,
+ sizeof (pkix_TargetCertCheckerState),
+ (PKIX_PL_Object **)&state,
+ plContext),
+ PKIX_COULDNOTCREATETARGETCERTCHECKERSTATEOBJECT);
+
+ /* initialize fields */
+
+ if (certSelector != NULL) {
+
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (certSelector, &certSelectorParams, plContext),
+ PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMFAILED);
+
+ if (certSelectorParams != NULL) {
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetPathToNames
+ (certSelectorParams,
+ &pathToNameList,
+ plContext),
+ PKIX_COMCERTSELPARAMSGETPATHTONAMESFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsage
+ (certSelectorParams,
+ &extKeyUsageList,
+ plContext),
+ PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubjAltNames
+ (certSelectorParams,
+ &subjAltNameList,
+ plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJALTNAMESFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetMatchAllSubjAltNames
+ (certSelectorParams,
+ &subjAltNameMatchAll,
+ plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJALTNAMESFAILED);
+ }
+ }
+
+ state->certsRemaining = certsRemaining;
+ state->subjAltNameMatchAll = subjAltNameMatchAll;
+
+ PKIX_INCREF(certSelector);
+ state->certSelector = certSelector;
+
+ state->pathToNameList = pathToNameList;
+ pathToNameList = NULL;
+
+ state->extKeyUsageList = extKeyUsageList;
+ extKeyUsageList = NULL;
+
+ state->subjAltNameList = subjAltNameList;
+ subjAltNameList = NULL;
+
+ state->extKeyUsageOID = extKeyUsageOID;
+ extKeyUsageOID = NULL;
+
+ state->subjAltNameOID = subjAltNameOID;
+ subjAltNameOID = NULL;
+
+ *pState = state;
+ state = NULL;
+
+cleanup:
+
+ PKIX_DECREF(extKeyUsageOID);
+ PKIX_DECREF(subjAltNameOID);
+ PKIX_DECREF(pathToNameList);
+ PKIX_DECREF(extKeyUsageList);
+ PKIX_DECREF(subjAltNameList);
+ PKIX_DECREF(state);
+
+ PKIX_DECREF(certSelectorParams);
+
+ PKIX_RETURN(TARGETCERTCHECKERSTATE);
+
+}
+
+/* --Private-TargetCertChecker-Functions------------------------------- */
+
+/*
+ * FUNCTION: pkix_TargetCertChecker_Check
+ * (see comments for PKIX_CertChainChecker_CheckCallback in pkix_checker.h)
+ */
+PKIX_Error *
+pkix_TargetCertChecker_Check(
+ PKIX_CertChainChecker *checker,
+ PKIX_PL_Cert *cert,
+ PKIX_List *unresolvedCriticalExtensions,
+ void **pNBIOContext,
+ void *plContext)
+{
+ pkix_TargetCertCheckerState *state = NULL;
+ PKIX_CertSelector_MatchCallback certSelectorMatch = NULL;
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ PKIX_List *certSubjAltNames = NULL;
+ PKIX_List *certExtKeyUsageList = NULL;
+ PKIX_PL_GeneralName *name = NULL;
+ PKIX_PL_X500Name *certSubjectName = NULL;
+ PKIX_Boolean checkPassed = PKIX_FALSE;
+ PKIX_UInt32 numItems, i;
+ PKIX_UInt32 matchCount = 0;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_TargetCertChecker_Check");
+ PKIX_NULLCHECK_THREE(checker, cert, pNBIOContext);
+
+ *pNBIOContext = NULL; /* we never block on pending I/O */
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, (PKIX_PL_Object **)&state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ (state->certsRemaining)--;
+
+ if (state->pathToNameList != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
+ (cert, &nameConstraints, plContext),
+ PKIX_CERTGETNAMECONSTRAINTSFAILED);
+
+ /*
+ * XXX We should either make the following call a public one
+ * so it is legal to call from the portability layer or we
+ * should try to create pathToNameList as CertNameConstraints
+ * then call the existing check function.
+ */
+ PKIX_CHECK(PKIX_PL_CertNameConstraints_CheckNamesInNameSpace
+ (state->pathToNameList,
+ nameConstraints,
+ &checkPassed,
+ plContext),
+ PKIX_CERTNAMECONSTRAINTSCHECKNAMEINNAMESPACEFAILED);
+
+ if (checkPassed != PKIX_TRUE) {
+ PKIX_ERROR(PKIX_VALIDATIONFAILEDPATHTONAMECHECKFAILED);
+ }
+
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectAltNames
+ (cert, &certSubjAltNames, plContext),
+ PKIX_CERTGETSUBJALTNAMESFAILED);
+
+ if (state->subjAltNameList != NULL && certSubjAltNames != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->subjAltNameList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->subjAltNameList,
+ i,
+ (PKIX_PL_Object **) &name,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (certSubjAltNames,
+ (PKIX_PL_Object *) name,
+ &checkPassed,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ PKIX_DECREF(name);
+
+ if (checkPassed == PKIX_TRUE) {
+
+ if (state->subjAltNameMatchAll == PKIX_FALSE) {
+ matchCount = numItems;
+ break;
+ } else {
+ /* else continue checking next */
+ matchCount++;
+ }
+
+ }
+ }
+
+ if (matchCount != numItems) {
+ PKIX_ERROR(PKIX_SUBJALTNAMECHECKFAILED);
+
+ }
+ }
+
+ if (state->certsRemaining == 0) {
+
+ if (state->certSelector != NULL) {
+ PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
+ (state->certSelector,
+ &certSelectorMatch,
+ plContext),
+ PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
+
+ PKIX_CHECK(certSelectorMatch
+ (state->certSelector,
+ cert,
+ plContext),
+ PKIX_CERTSELECTORMATCHFAILED);
+ } else {
+ /* Check at least cert/key usages if target cert selector
+ * is not set. */
+ PKIX_CHECK(PKIX_PL_Cert_VerifyCertAndKeyType(cert,
+ PKIX_FALSE /* is chain cert*/,
+ plContext),
+ PKIX_CERTVERIFYCERTTYPEFAILED);
+ }
+ /*
+ * There are two Extended Key Usage Checkings
+ * available :
+ * 1) here at the targetcertchecker where we
+ * verify the Extended Key Usage OIDs application
+ * specifies via ComCertSelParams are included
+ * in Cert's Extended Key Usage OID's. Note,
+ * this is an OID to OID comparison and only last
+ * Cert is checked.
+ * 2) at user defined ekuchecker where checking
+ * is applied to all Certs on the chain and
+ * the NSS Extended Key Usage algorithm is
+ * used. In order to invoke this checking, not
+ * only does the ComCertSelparams needs to be
+ * set, the EKU initialize call is required to
+ * activate the checking.
+ *
+ * XXX We use the same ComCertSelParams Set/Get
+ * functions to set the parameters for both cases.
+ * We may want to separate them in the future.
+ */
+
+ PKIX_CHECK(PKIX_PL_Cert_GetExtendedKeyUsage
+ (cert, &certExtKeyUsageList, plContext),
+ PKIX_CERTGETEXTENDEDKEYUSAGEFAILED);
+
+
+ if (state->extKeyUsageList != NULL &&
+ certExtKeyUsageList != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->extKeyUsageList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->extKeyUsageList,
+ i,
+ (PKIX_PL_Object **) &name,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (certExtKeyUsageList,
+ (PKIX_PL_Object *) name,
+ &checkPassed,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ PKIX_DECREF(name);
+
+ if (checkPassed != PKIX_TRUE) {
+ PKIX_ERROR
+ (PKIX_EXTENDEDKEYUSAGECHECKINGFAILED);
+
+ }
+ }
+ }
+ } else {
+ /* Check key usage and cert type based on certificate usage. */
+ PKIX_CHECK(PKIX_PL_Cert_VerifyCertAndKeyType(cert, PKIX_TRUE,
+ plContext),
+ PKIX_CERTVERIFYCERTTYPEFAILED);
+ }
+
+ /* Remove Critical Extension OID from list */
+ if (unresolvedCriticalExtensions != NULL) {
+
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticalExtensions,
+ (PKIX_PL_Object *) state->extKeyUsageOID,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject
+ (cert, &certSubjectName, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+
+ if (certSubjAltNames != NULL) {
+ PKIX_CHECK(pkix_List_Remove
+ (unresolvedCriticalExtensions,
+ (PKIX_PL_Object *) state->subjAltNameOID,
+ plContext),
+ PKIX_LISTREMOVEFAILED);
+ }
+
+ }
+
+cleanup:
+
+ PKIX_DECREF(name);
+ PKIX_DECREF(nameConstraints);
+ PKIX_DECREF(certSubjAltNames);
+ PKIX_DECREF(certExtKeyUsageList);
+ PKIX_DECREF(certSubjectName);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+
+}
+
+/*
+ * FUNCTION: pkix_TargetCertChecker_Initialize
+ * DESCRIPTION:
+ *
+ * Creates a new CertChainChecker and stores it at "pChecker", where it will
+ * used by pkix_TargetCertChecker_Check to check that the final certificate
+ * of a chain meets the criteria of the CertSelector pointed to by
+ * "certSelector". The number of certs remaining in the chain, represented by
+ * "certsRemaining" is used to initialize the checker's state.
+ *
+ * PARAMETERS:
+ * "certSelector"
+ * Address of CertSelector representing the criteria against which the
+ * final certificate in a chain is to be matched. May be NULL.
+ * "certsRemaining"
+ * Number of certificates remaining in the chain.
+ * "pChecker"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertChainChecker Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_TargetCertChecker_Initialize(
+ PKIX_CertSelector *certSelector,
+ PKIX_UInt32 certsRemaining,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext)
+{
+ pkix_TargetCertCheckerState *state = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "pkix_TargetCertChecker_Initialize");
+ PKIX_NULLCHECK_ONE(pChecker);
+
+ PKIX_CHECK(pkix_TargetCertCheckerState_Create
+ (certSelector, certsRemaining, &state, plContext),
+ PKIX_TARGETCERTCHECKERSTATECREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_Create
+ (pkix_TargetCertChecker_Check,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ NULL,
+ (PKIX_PL_Object *)state,
+ pChecker,
+ plContext),
+ PKIX_CERTCHAINCHECKERCREATEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.h b/security/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.h
new file mode 100755
index 000000000..4592d10a9
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_targetcertchecker.h
@@ -0,0 +1,47 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_targetcertchecker.h
+ *
+ * Header file for validate target cert function
+ *
+ */
+
+#ifndef _PKIX_TARGETCERTCHECKER_H
+#define _PKIX_TARGETCERTCHECKER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkix_TargetCertCheckerState pkix_TargetCertCheckerState;
+
+struct pkix_TargetCertCheckerState {
+ PKIX_CertSelector *certSelector;
+ PKIX_List *pathToNameList;
+ PKIX_List *extKeyUsageList; /* List of PKIX_PL_OID */
+ PKIX_List *subjAltNameList;
+ PKIX_Boolean subjAltNameMatchAll;
+ PKIX_UInt32 certsRemaining;
+ PKIX_PL_OID *extKeyUsageOID;
+ PKIX_PL_OID *subjAltNameOID;
+};
+
+PKIX_Error *
+pkix_TargetCertChecker_Initialize(
+ PKIX_CertSelector *certSelector,
+ PKIX_UInt32 certsRemaining,
+ PKIX_CertChainChecker **pChecker,
+ void *plContext);
+
+PKIX_Error *
+pkix_TargetCertCheckerState_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_TARGETCERTCHECKER_H */
diff --git a/security/nss/lib/libpkix/pkix/config.mk b/security/nss/lib/libpkix/pkix/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/crlsel/Makefile b/security/nss/lib/libpkix/pkix/crlsel/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/crlsel/config.mk b/security/nss/lib/libpkix/pkix/crlsel/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/crlsel/crlsel.gyp b/security/nss/lib/libpkix/pkix/crlsel/crlsel.gyp
new file mode 100644
index 000000000..894569ef6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/crlsel.gyp
@@ -0,0 +1,24 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixcrlsel',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_comcrlselparams.c',
+ 'pkix_crlselector.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/crlsel/exports.gyp b/security/nss/lib/libpkix/pkix/crlsel/exports.gyp
new file mode 100644
index 000000000..a7001ffed
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/exports.gyp
@@ -0,0 +1,26 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_crlsel_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_comcrlselparams.h',
+ 'pkix_crlselector.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/crlsel/manifest.mn b/security/nss/lib/libpkix/pkix/crlsel/manifest.mn
new file mode 100755
index 000000000..8ea0f59c6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/manifest.mn
@@ -0,0 +1,23 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_comcrlselparams.h \
+ pkix_crlselector.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_crlselector.c \
+ pkix_comcrlselparams.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixcrlsel
+
diff --git a/security/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.c b/security/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.c
new file mode 100755
index 000000000..90380c5b2
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.c
@@ -0,0 +1,826 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_comcrlselparams.c
+ *
+ * ComCRLSelParams Function Definitions
+ *
+ */
+
+#include "pkix_comcrlselparams.h"
+
+/* --ComCRLSelParams-Private-Functions------------------------------------ */
+
+/*
+ * FUNCTION: pkix_ComCrlSelParams_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCRLSelParams_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ComCRLSelParams *params = NULL;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_COMCRLSELPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTCOMCRLSELPARAMS);
+
+ params = (PKIX_ComCRLSelParams *)object;
+
+ PKIX_DECREF(params->issuerNames);
+ PKIX_DECREF(params->cert);
+ PKIX_DECREF(params->date);
+ PKIX_DECREF(params->maxCRLNumber);
+ PKIX_DECREF(params->minCRLNumber);
+ PKIX_DECREF(params->crldpList);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCRLSelParams_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of ComCRLSelParams
+ * pointed to by "crlParams" and stores the result at "pString".
+ *
+ * PARAMETERS
+ * "crlParams"
+ * Address of ComCRLSelParams whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address of object pointer's destination. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLEntry Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_ComCRLSelParams_ToString_Helper(
+ PKIX_ComCRLSelParams *crlParams,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *crlIssuerNamesString = NULL;
+ PKIX_PL_String *crlDateString = NULL;
+ PKIX_PL_String *crlMaxCRLNumberString = NULL;
+ PKIX_PL_String *crlMinCRLNumberString = NULL;
+ PKIX_PL_String *crlCertString = NULL;
+ PKIX_PL_String *crlParamsString = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_ToString_Helper");
+ PKIX_NULLCHECK_TWO(crlParams, pString);
+
+ asciiFormat =
+ "\n\t[\n"
+ "\tIssuerNames: %s\n"
+ "\tDate: %s\n"
+ "\tmaxCRLNumber: %s\n"
+ "\tminCRLNumber: %s\n"
+ "\tCertificate: %s\n"
+ "\t]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_TOSTRING
+ (crlParams->issuerNames, &crlIssuerNamesString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(crlParams->date, &crlDateString, plContext,
+ PKIX_DATETOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (crlParams->maxCRLNumber, &crlMaxCRLNumberString, plContext,
+ PKIX_BIGINTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (crlParams->minCRLNumber, &crlMinCRLNumberString, plContext,
+ PKIX_BIGINTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(crlParams->cert, &crlCertString, plContext,
+ PKIX_CERTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&crlParamsString,
+ plContext,
+ formatString,
+ crlIssuerNamesString,
+ crlDateString,
+ crlMaxCRLNumberString,
+ crlMinCRLNumberString,
+ crlCertString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = crlParamsString;
+
+cleanup:
+
+ PKIX_DECREF(crlIssuerNamesString);
+ PKIX_DECREF(crlDateString);
+ PKIX_DECREF(crlMaxCRLNumberString);
+ PKIX_DECREF(crlMinCRLNumberString);
+ PKIX_DECREF(crlCertString);
+ PKIX_DECREF(formatString);
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCRLSelParams_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCRLSelParams_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *crlParamsString = NULL;
+ PKIX_ComCRLSelParams *crlParams = NULL;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_COMCRLSELPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTCOMCRLSELPARAMS);
+
+ crlParams = (PKIX_ComCRLSelParams *) object;
+
+ PKIX_CHECK(pkix_ComCRLSelParams_ToString_Helper
+ (crlParams, &crlParamsString, plContext),
+ PKIX_COMCRLSELPARAMSTOSTRINGHELPERFAILED);
+
+ *pString = crlParamsString;
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCRLSelParams_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCRLSelParams_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_ComCRLSelParams *crlParams = NULL;
+ PKIX_UInt32 namesHash = 0;
+ PKIX_UInt32 certHash = 0;
+ PKIX_UInt32 dateHash = 0;
+ PKIX_UInt32 maxCRLNumberHash = 0;
+ PKIX_UInt32 minCRLNumberHash = 0;
+ PKIX_UInt32 hash = 0;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_COMCRLSELPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTCOMCRLSELPARAMS);
+
+ crlParams = (PKIX_ComCRLSelParams *)object;
+
+ PKIX_HASHCODE(crlParams->issuerNames, &namesHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(crlParams->cert, &certHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(crlParams->date, &dateHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(crlParams->maxCRLNumber, &maxCRLNumberHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(crlParams->minCRLNumber, &minCRLNumberHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+
+ hash = (((namesHash << 3) + certHash) << 3) + dateHash;
+ hash = (hash << 3) + maxCRLNumberHash + minCRLNumberHash;
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCRLSelParams_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCRLSelParams_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_ComCRLSelParams *firstCrlParams = NULL;
+ PKIX_ComCRLSelParams *secondCrlParams = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a ComCRLSelParams */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_COMCRLSELPARAMS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCOMCRLSELPARAMS);
+
+ firstCrlParams = (PKIX_ComCRLSelParams *)firstObject;
+ secondCrlParams = (PKIX_ComCRLSelParams *)secondObject;
+
+ /*
+ * Since we know firstObject is a ComCRLSelParams, if both references
+ * are identical, they must be equal
+ */
+ if (firstCrlParams == secondCrlParams){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondComCRLSelParams isn't a ComCRLSelParams, we don't
+ * throw an error. We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ ((PKIX_PL_Object *)secondCrlParams, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ if (secondType != PKIX_COMCRLSELPARAMS_TYPE) {
+ goto cleanup;
+ }
+
+ /* Compare Issuer Names */
+ PKIX_EQUALS
+ (firstCrlParams->issuerNames,
+ secondCrlParams->issuerNames,
+ &cmpResult,
+ plContext,
+ PKIX_LISTEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE) {
+ goto cleanup;
+ }
+
+ /* Compare Date */
+ PKIX_EQUALS
+ (firstCrlParams->date,
+ secondCrlParams->date,
+ &cmpResult,
+ plContext,
+ PKIX_DATEEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE) {
+ goto cleanup;
+ }
+
+ /* Compare Max CRL Number */
+ PKIX_EQUALS
+ (firstCrlParams->maxCRLNumber,
+ secondCrlParams->maxCRLNumber,
+ &cmpResult,
+ plContext,
+ PKIX_BIGINTEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE) {
+ goto cleanup;
+ }
+
+ /* Compare Min CRL Number */
+ PKIX_EQUALS
+ (firstCrlParams->minCRLNumber,
+ secondCrlParams->minCRLNumber,
+ &cmpResult,
+ plContext,
+ PKIX_BIGINTEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE) {
+ goto cleanup;
+ }
+
+ /* Compare Cert */
+ PKIX_EQUALS
+ (firstCrlParams->cert,
+ secondCrlParams->cert,
+ &cmpResult,
+ plContext,
+ PKIX_CERTEQUALSFAILED);
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCRLSelParams_Duplicate
+ * (see comments for PKIX_PL_Duplicate_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ComCRLSelParams_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_ComCRLSelParams *old;
+ PKIX_ComCRLSelParams *new = NULL;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_COMCRLSELPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTCOMCRLSELPARAMS);
+
+ old = (PKIX_ComCRLSelParams *)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_COMCRLSELPARAMS_TYPE,
+ (PKIX_UInt32)(sizeof (PKIX_ComCRLSelParams)),
+ (PKIX_PL_Object **)&new,
+ plContext),
+ PKIX_OBJECTALLOCFAILED);
+
+ PKIX_DUPLICATE(old->cert, &new->cert, plContext,
+ PKIX_OBJECTDUPLICATECERTFAILED);
+
+ PKIX_DUPLICATE(old->crldpList, &new->crldpList, plContext,
+ PKIX_OBJECTDUPLICATECERTFAILED);
+
+ PKIX_DUPLICATE(old->issuerNames, &new->issuerNames, plContext,
+ PKIX_OBJECTDUPLICATEISSUERNAMESFAILED);
+
+ PKIX_DUPLICATE(old->date, &new->date, plContext,
+ PKIX_OBJECTDUPLICATEDATEFAILED);
+
+ PKIX_DUPLICATE(old->maxCRLNumber, &new->maxCRLNumber, plContext,
+ PKIX_OBJECTDUPLICATEMAXCRLNUMBERFAILED);
+
+ PKIX_DUPLICATE(old->minCRLNumber, &new->minCRLNumber, plContext,
+ PKIX_OBJECTDUPLICATEMINCRLNUMBERFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)new;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(new);
+ }
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ComCrlSelParams_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_COMCRLSELPARAMS_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ComCRLSelParams_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "pkix_ComCRLSelParams_RegisterSelf");
+
+ entry.description = "ComCRLSelParams";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_ComCRLSelParams);
+ entry.destructor = pkix_ComCRLSelParams_Destroy;
+ entry.equalsFunction = pkix_ComCRLSelParams_Equals;
+ entry.hashcodeFunction = pkix_ComCRLSelParams_Hashcode;
+ entry.toStringFunction = pkix_ComCRLSelParams_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_ComCRLSelParams_Duplicate;
+
+ systemClasses[PKIX_COMCRLSELPARAMS_TYPE] = entry;
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/* --ComCRLSelParams-Public-Functions------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_Create (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_Create(
+ PKIX_ComCRLSelParams **pParams,
+ void *plContext)
+{
+ PKIX_ComCRLSelParams *params = NULL;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "PKIX_ComCRLSelParams_Create");
+ PKIX_NULLCHECK_ONE(pParams);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_COMCRLSELPARAMS_TYPE,
+ sizeof (PKIX_ComCRLSelParams),
+ (PKIX_PL_Object **)&params,
+ plContext),
+ PKIX_COULDNOTCREATECOMMONCRLSELECTORPARAMSOBJECT);
+
+ /* initialize fields */
+ params->issuerNames = NULL;
+ params->cert = NULL;
+ params->crldpList = NULL;
+ params->date = NULL;
+ params->nistPolicyEnabled = PKIX_TRUE;
+ params->maxCRLNumber = NULL;
+ params->minCRLNumber = NULL;
+
+ *pParams = params;
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetIssuerNames (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetIssuerNames(
+ PKIX_ComCRLSelParams *params,
+ PKIX_List **pIssuerNames,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS, "PKIX_ComCRLSelParams_GetIssuerNames");
+ PKIX_NULLCHECK_TWO(params, pIssuerNames);
+
+ PKIX_INCREF(params->issuerNames);
+
+ *pIssuerNames = params->issuerNames;
+
+cleanup:
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetIssuerNames (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetIssuerNames(
+ PKIX_ComCRLSelParams *params,
+ PKIX_List *names,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS, "PKIX_ComCRLSelParams_SetIssuerNames");
+ PKIX_NULLCHECK_ONE(params); /* allows null for names from spec */
+
+ PKIX_DECREF(params->issuerNames);
+
+ PKIX_INCREF(names); /* if NULL, allows to reset for no action */
+
+ params->issuerNames = names;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_AddIssuerName (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_AddIssuerName(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_X500Name *name,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+
+ PKIX_ENTER(COMCRLSELPARAMS, "PKIX_ComCRLSelParams_AddIssuerName");
+ PKIX_NULLCHECK_ONE(params);
+
+ if (name != NULL) {
+
+ if (params->issuerNames == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&list, plContext),
+ PKIX_LISTCREATEFAILED);
+ params->issuerNames = list;
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (params->issuerNames, (PKIX_PL_Object *)name, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ }
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetCertificateChecking
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetCertificateChecking(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_GetCertificateChecking");
+ PKIX_NULLCHECK_TWO(params, pCert);
+
+ PKIX_INCREF(params->cert);
+
+ *pCert = params->cert;
+
+cleanup:
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetCertificateChecking
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetCertificateChecking(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Cert *cert,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_SetCertificateChecking");
+ PKIX_NULLCHECK_ONE(params); /* allows cert to be NULL from spec */
+
+ PKIX_DECREF(params->cert);
+
+ PKIX_INCREF(cert);
+
+ params->cert = cert;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetDateAndTime (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetDateAndTime(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_GetDateAndTime");
+ PKIX_NULLCHECK_TWO(params, pDate);
+
+ PKIX_INCREF(params->date);
+
+ *pDate = params->date;
+
+cleanup:
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetDateAndTime (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetDateAndTime(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_Date *date,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_SetDateAndTime");
+ PKIX_NULLCHECK_ONE(params); /* allows date to be NULL from spec */
+
+ PKIX_DECREF (params->date);
+
+ PKIX_INCREF(date);
+
+ params->date = date;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetDateAndTime (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetNISTPolicyEnabled(
+ PKIX_ComCRLSelParams *params,
+ PKIX_Boolean *pEnabled,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_GetNISTPolicyEnabled");
+ PKIX_NULLCHECK_TWO(params, pEnabled);
+
+ *pEnabled = params->nistPolicyEnabled;
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetDateAndTime (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetNISTPolicyEnabled(
+ PKIX_ComCRLSelParams *params,
+ PKIX_Boolean enabled,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_SetNISTPolicyEnabled");
+ PKIX_NULLCHECK_ONE(params); /* allows date to be NULL from spec */
+
+ params->nistPolicyEnabled = enabled;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetMaxCRLNumber
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetMaxCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt **pMaxCRLNumber,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_GetMaxCRLNumber");
+ PKIX_NULLCHECK_TWO(params, pMaxCRLNumber);
+
+ PKIX_INCREF(params->maxCRLNumber);
+
+ *pMaxCRLNumber = params->maxCRLNumber;
+
+cleanup:
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetMaxCRLNumber
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetMaxCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt *maxCRLNumber,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_SetMaxCRLNumber");
+ PKIX_NULLCHECK_ONE(params); /* maxCRLNumber can be NULL - from spec */
+
+ PKIX_DECREF(params->maxCRLNumber);
+
+ PKIX_INCREF(maxCRLNumber);
+
+ params->maxCRLNumber = maxCRLNumber;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_GetMinCRLNumber
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_GetMinCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt **pMinCRLNumber,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_GetMinCRLNumber");
+ PKIX_NULLCHECK_TWO(params, pMinCRLNumber);
+
+ PKIX_INCREF(params->minCRLNumber);
+
+ *pMinCRLNumber = params->minCRLNumber;
+
+cleanup:
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ComCRLSelParams_SetMinCRLNumber
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_ComCRLSelParams_SetMinCRLNumber(
+ PKIX_ComCRLSelParams *params,
+ PKIX_PL_BigInt *minCRLNumber,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS,
+ "PKIX_ComCRLSelParams_SetMinCRLNumber");
+ PKIX_NULLCHECK_ONE(params); /* minCRLNumber can be NULL - from spec */
+
+ PKIX_DECREF(params->minCRLNumber);
+
+ PKIX_INCREF(minCRLNumber);
+
+ params->minCRLNumber = minCRLNumber;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
+
+
+PKIX_Error*
+PKIX_ComCRLSelParams_SetCrlDp(
+ PKIX_ComCRLSelParams *params,
+ PKIX_List *crldpList,
+ void *plContext)
+{
+ PKIX_ENTER(COMCRLSELPARAMS, "PKIX_ComCRLSelParams_SetCrlDp");
+ PKIX_NULLCHECK_ONE(params); /* minCRLNumber can be NULL - from spec */
+
+ PKIX_INCREF(crldpList);
+ params->crldpList = crldpList;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+cleanup:
+
+ PKIX_RETURN(COMCRLSELPARAMS);
+}
diff --git a/security/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.h b/security/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.h
new file mode 100755
index 000000000..08351375d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/pkix_comcrlselparams.h
@@ -0,0 +1,38 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_comcrlselparams.h
+ *
+ * ComCrlSelParams Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_COMCRLSELPARAMS_H
+#define _PKIX_COMCRLSELPARAMS_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_ComCRLSelParamsStruct {
+ PKIX_List *issuerNames; /* list of PKIX_PL_X500Name */
+ PKIX_PL_Cert *cert; /* certificate being checked */
+ PKIX_List *crldpList;
+ PKIX_PL_Date *date;
+ PKIX_Boolean nistPolicyEnabled;
+ PKIX_PL_BigInt *maxCRLNumber;
+ PKIX_PL_BigInt *minCRLNumber;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_ComCRLSelParams_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_COMCRLSELPARAMS_H */
diff --git a/security/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.c b/security/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.c
new file mode 100755
index 000000000..e9a9c03df
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.c
@@ -0,0 +1,870 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_crlselector.c
+ *
+ * CRLSelector Function Definitions
+ *
+ */
+
+#include "pkix_crlselector.h"
+
+/* --CRLSelector Private-Functions-------------------------------------- */
+
+/*
+ * FUNCTION: pkix_CRLSelector_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CRLSelector_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_CRLSelector *selector = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
+
+ selector = (PKIX_CRLSelector *)object;
+
+ selector->matchCallback = NULL;
+
+ PKIX_DECREF(selector->params);
+ PKIX_DECREF(selector->context);
+
+cleanup:
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_ToString_Helper
+ *
+ * DESCRIPTION:
+ * Helper function that creates a string representation of CRLSelector
+ * pointed to by "crlParams" and stores its address in the object pointed to
+ * by "pString".
+ *
+ * PARAMETERS
+ * "list"
+ * Address of CRLSelector whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address of object pointer's destination. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CRLSelector_ToString_Helper(
+ PKIX_CRLSelector *crlSelector,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *crlSelectorString = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *crlParamsString = NULL;
+ PKIX_PL_String *crlContextString = NULL;
+ char *asciiFormat = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_ToString_Helper");
+ PKIX_NULLCHECK_TWO(crlSelector, pString);
+ PKIX_NULLCHECK_ONE(crlSelector->params);
+
+ asciiFormat =
+ "\n\t[\n"
+ "\tMatchCallback: 0x%x\n"
+ "\tParams: %s\n"
+ "\tContext: %s\n"
+ "\t]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* Params */
+ PKIX_TOSTRING
+ ((PKIX_PL_Object *)crlSelector->params,
+ &crlParamsString,
+ plContext,
+ PKIX_COMCRLSELPARAMSTOSTRINGFAILED);
+
+ /* Context */
+ PKIX_TOSTRING(crlSelector->context, &crlContextString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&crlSelectorString,
+ plContext,
+ formatString,
+ crlSelector->matchCallback,
+ crlParamsString,
+ crlContextString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = crlSelectorString;
+
+cleanup:
+
+ PKIX_DECREF(crlParamsString);
+ PKIX_DECREF(crlContextString);
+ PKIX_DECREF(formatString);
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CRLSelector_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *crlSelectorString = NULL;
+ PKIX_CRLSelector *crlSelector = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
+
+ crlSelector = (PKIX_CRLSelector *) object;
+
+ PKIX_CHECK(pkix_CRLSelector_ToString_Helper
+ (crlSelector, &crlSelectorString, plContext),
+ PKIX_CRLSELECTORTOSTRINGHELPERFAILED);
+
+ *pString = crlSelectorString;
+
+cleanup:
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CRLSelector_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 paramsHash = 0;
+ PKIX_UInt32 contextHash = 0;
+ PKIX_UInt32 hash = 0;
+
+ PKIX_CRLSelector *crlSelector = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
+
+ crlSelector = (PKIX_CRLSelector *)object;
+
+ PKIX_HASHCODE(crlSelector->params, &paramsHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(crlSelector->context, &contextHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = 31 * ((PKIX_UInt32)((char *)crlSelector->matchCallback - (char *)NULL) +
+ (contextHash << 3)) + paramsHash;
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CRLSelector_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_CRLSelector *firstCrlSelector = NULL;
+ PKIX_CRLSelector *secondCrlSelector = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CRLSelector */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCRLSELECTOR);
+
+ firstCrlSelector = (PKIX_CRLSelector *)firstObject;
+ secondCrlSelector = (PKIX_CRLSelector *)secondObject;
+
+ /*
+ * Since we know firstObject is a CRLSelector, if both references are
+ * identical, they must be equal
+ */
+ if (firstCrlSelector == secondCrlSelector){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondCRLSelector isn't a CRLSelector, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ ((PKIX_PL_Object *)secondCrlSelector,
+ &secondType,
+ plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ if (secondType != PKIX_CRLSELECTOR_TYPE) {
+ goto cleanup;
+ }
+
+ /* Compare MatchCallback address */
+ cmpResult = (firstCrlSelector->matchCallback ==
+ secondCrlSelector->matchCallback);
+
+ if (cmpResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ /* Compare Common CRL Selector Params */
+ PKIX_EQUALS
+ (firstCrlSelector->params,
+ secondCrlSelector->params,
+ &cmpResult,
+ plContext,
+ PKIX_COMCRLSELPARAMSEQUALSFAILED);
+
+
+ if (cmpResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ /* Compare Context */
+ PKIX_EQUALS
+ (firstCrlSelector->context,
+ secondCrlSelector->context,
+ &cmpResult,
+ plContext,
+ PKIX_COMCRLSELPARAMSEQUALSFAILED);
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_Duplicate
+ * (see comments for PKIX_PL_Duplicate_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CRLSelector_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_CRLSelector *old;
+ PKIX_CRLSelector *new = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CRLSELECTOR_TYPE, plContext),
+ PKIX_OBJECTNOTCRLSELECTOR);
+
+ old = (PKIX_CRLSelector *)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CRLSELECTOR_TYPE,
+ (PKIX_UInt32)(sizeof (PKIX_CRLSelector)),
+ (PKIX_PL_Object **)&new,
+ plContext),
+ PKIX_CREATECRLSELECTORDUPLICATEOBJECTFAILED);
+
+ new->matchCallback = old->matchCallback;
+
+ PKIX_DUPLICATE(old->params, &new->params, plContext,
+ PKIX_OBJECTDUPLICATEPARAMSFAILED);
+
+ PKIX_DUPLICATE(old->context, &new->context, plContext,
+ PKIX_OBJECTDUPLICATECONTEXTFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)new;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(new);
+ }
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_DefaultMatch
+ *
+ * DESCRIPTION:
+ * This function compares the parameter values (Issuer, date, and CRL number)
+ * set in the ComCRLSelParams of the CRLSelector pointed to by "selector" with
+ * the corresponding values in the CRL pointed to by "crl". When all the
+ * criteria set in the parameter values match the values in "crl", PKIX_TRUE is
+ * stored at "pMatch". If the CRL does not match the CRLSelector's criteria,
+ * PKIX_FALSE is stored at "pMatch".
+ *
+ * PARAMETERS
+ * "selector"
+ * Address of CRLSelector which is verified for a match
+ * Must be non-NULL.
+ * "crl"
+ * Address of the CRL object to be verified. Must be non-NULL.
+ * "pMatch"
+ * Address at which Boolean result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CRLSelector_DefaultMatch(
+ PKIX_CRLSelector *selector,
+ PKIX_PL_CRL *crl,
+ PKIX_Boolean *pMatch,
+ void *plContext)
+{
+ PKIX_ComCRLSelParams *params = NULL;
+ PKIX_PL_X500Name *crlIssuerName = NULL;
+ PKIX_PL_X500Name *issuerName = NULL;
+ PKIX_List *selIssuerNames = NULL;
+ PKIX_PL_Date *selDate = NULL;
+ PKIX_Boolean result = PKIX_TRUE;
+ PKIX_UInt32 numIssuers = 0;
+ PKIX_UInt32 i;
+ PKIX_PL_BigInt *minCRLNumber = NULL;
+ PKIX_PL_BigInt *maxCRLNumber = NULL;
+ PKIX_PL_BigInt *crlNumber = NULL;
+ PKIX_Boolean nistPolicyEnabled = PKIX_FALSE;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_DefaultMatch");
+ PKIX_NULLCHECK_TWO(selector, crl);
+
+ *pMatch = PKIX_TRUE;
+ params = selector->params;
+
+ /* No matching parameter provided, just a match */
+ if (params == NULL) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetIssuerNames
+ (params, &selIssuerNames, plContext),
+ PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED);
+
+ /* Check for Issuers */
+ if (selIssuerNames != NULL){
+
+ result = PKIX_FALSE;
+
+ PKIX_CHECK(PKIX_PL_CRL_GetIssuer
+ (crl, &crlIssuerName, plContext),
+ PKIX_CRLGETISSUERFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (selIssuerNames, &numIssuers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numIssuers; i++){
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (selIssuerNames,
+ i,
+ (PKIX_PL_Object **)&issuerName,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_X500Name_Match
+ (crlIssuerName,
+ issuerName,
+ &result,
+ plContext),
+ PKIX_X500NAMEMATCHFAILED);
+
+ PKIX_DECREF(issuerName);
+
+ if (result == PKIX_TRUE) {
+ break;
+ }
+ }
+
+ if (result == PKIX_FALSE) {
+ PKIX_CRLSELECTOR_DEBUG("Issuer Match Failed\N");
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ }
+
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetDateAndTime
+ (params, &selDate, plContext),
+ PKIX_COMCRLSELPARAMSGETDATEANDTIMEFAILED);
+
+ /* Check for Date */
+ if (selDate != NULL){
+
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetNISTPolicyEnabled
+ (params, &nistPolicyEnabled, plContext),
+ PKIX_COMCRLSELPARAMSGETNISTPOLICYENABLEDFAILED);
+
+ /* check crl dates only for if NIST policies enforced */
+ if (nistPolicyEnabled) {
+ result = PKIX_FALSE;
+
+ PKIX_CHECK(PKIX_PL_CRL_VerifyUpdateTime
+ (crl, selDate, &result, plContext),
+ PKIX_CRLVERIFYUPDATETIMEFAILED);
+
+ if (result == PKIX_FALSE) {
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+
+ }
+
+ /* Check for CRL number in range */
+ PKIX_CHECK(PKIX_PL_CRL_GetCRLNumber(crl, &crlNumber, plContext),
+ PKIX_CRLGETCRLNUMBERFAILED);
+
+ if (crlNumber != NULL) {
+ result = PKIX_FALSE;
+
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetMinCRLNumber
+ (params, &minCRLNumber, plContext),
+ PKIX_COMCRLSELPARAMSGETMINCRLNUMBERFAILED);
+
+ if (minCRLNumber != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)minCRLNumber,
+ (PKIX_PL_Object *)crlNumber,
+ &result,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+
+ if (result == 1) {
+ PKIX_CRLSELECTOR_DEBUG
+ ("CRL MinNumber Range Match Failed\n");
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetMaxCRLNumber
+ (params, &maxCRLNumber, plContext),
+ PKIX_COMCRLSELPARAMSGETMAXCRLNUMBERFAILED);
+
+ if (maxCRLNumber != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)crlNumber,
+ (PKIX_PL_Object *)maxCRLNumber,
+ &result,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+
+ if (result == 1) {
+ PKIX_CRLSELECTOR_DEBUG
+ (PKIX_CRLMAXNUMBERRANGEMATCHFAILED);
+ *pMatch = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(selIssuerNames);
+ PKIX_DECREF(selDate);
+ PKIX_DECREF(crlIssuerName);
+ PKIX_DECREF(issuerName);
+ PKIX_DECREF(crlNumber);
+ PKIX_DECREF(minCRLNumber);
+ PKIX_DECREF(maxCRLNumber);
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CRLSELECTOR_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_CRLSelector_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CRLSELECTOR, "pkix_CRLSelector_RegisterSelf");
+
+ entry.description = "CRLSelector";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_CRLSelector);
+ entry.destructor = pkix_CRLSelector_Destroy;
+ entry.equalsFunction = pkix_CRLSelector_Equals;
+ entry.hashcodeFunction = pkix_CRLSelector_Hashcode;
+ entry.toStringFunction = pkix_CRLSelector_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_CRLSelector_Duplicate;
+
+ systemClasses[PKIX_CRLSELECTOR_TYPE] = entry;
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/* --CRLSelector-Public-Functions---------------------------------------- */
+PKIX_Error *
+pkix_CRLSelector_Create(
+ PKIX_CRLSelector_MatchCallback callback,
+ PKIX_PL_Object *crlSelectorContext,
+ PKIX_CRLSelector **pSelector,
+ void *plContext)
+{
+ PKIX_CRLSelector *selector = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_Create");
+ PKIX_NULLCHECK_ONE(pSelector);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CRLSELECTOR_TYPE,
+ sizeof (PKIX_CRLSelector),
+ (PKIX_PL_Object **)&selector,
+ plContext),
+ PKIX_COULDNOTCREATECRLSELECTOROBJECT);
+
+ /*
+ * if user specified a particular match callback, we use that one.
+ * otherwise, we use the default match provided.
+ */
+
+ if (callback != NULL){
+ selector->matchCallback = callback;
+ } else {
+ selector->matchCallback = pkix_CRLSelector_DefaultMatch;
+ }
+
+ /* initialize other fields */
+ selector->params = NULL;
+
+ PKIX_INCREF(crlSelectorContext);
+ selector->context = crlSelectorContext;
+
+ *pSelector = selector;
+ selector = NULL;
+
+cleanup:
+
+ PKIX_DECREF(selector);
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: PKIX_CRLSelector_Create (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_CRLSelector_Create(
+ PKIX_PL_Cert *issuer,
+ PKIX_List *crldpList,
+ PKIX_PL_Date *date,
+ PKIX_CRLSelector **pCrlSelector,
+ void *plContext)
+{
+ PKIX_PL_X500Name *issuerName = NULL;
+ PKIX_PL_Date *nowDate = NULL;
+ PKIX_ComCRLSelParams *comCrlSelParams = NULL;
+ PKIX_CRLSelector *crlSelector = NULL;
+
+ PKIX_ENTER(CERTCHAINCHECKER, "PKIX_CrlSelector_Create");
+ PKIX_NULLCHECK_ONE(issuer);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetSubject(issuer, &issuerName, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ if (date != NULL) {
+ PKIX_INCREF(date);
+ nowDate = date;
+ } else {
+ PKIX_CHECK(
+ PKIX_PL_Date_Create_UTCTime(NULL, &nowDate, plContext),
+ PKIX_DATECREATEUTCTIMEFAILED);
+ }
+
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_Create(&comCrlSelParams, plContext),
+ PKIX_COMCRLSELPARAMSCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_AddIssuerName(comCrlSelParams, issuerName,
+ plContext),
+ PKIX_COMCRLSELPARAMSADDISSUERNAMEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_SetCrlDp(comCrlSelParams, crldpList,
+ plContext),
+ PKIX_COMCRLSELPARAMSSETCERTFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCRLSelParams_SetDateAndTime(comCrlSelParams, nowDate,
+ plContext),
+ PKIX_COMCRLSELPARAMSSETDATEANDTIMEFAILED);
+
+ PKIX_CHECK(
+ pkix_CRLSelector_Create(NULL, NULL, &crlSelector, plContext),
+ PKIX_CRLSELECTORCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_CRLSelector_SetCommonCRLSelectorParams(crlSelector,
+ comCrlSelParams,
+ plContext),
+ PKIX_CRLSELECTORSETCOMMONCRLSELECTORPARAMSFAILED);
+
+ *pCrlSelector = crlSelector;
+ crlSelector = NULL;
+
+cleanup:
+
+ PKIX_DECREF(issuerName);
+ PKIX_DECREF(nowDate);
+ PKIX_DECREF(comCrlSelParams);
+ PKIX_DECREF(crlSelector);
+
+ PKIX_RETURN(CERTCHAINCHECKER);
+}
+
+/*
+ * FUNCTION: PKIX_CRLSelector_GetMatchCallback (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_CRLSelector_GetMatchCallback(
+ PKIX_CRLSelector *selector,
+ PKIX_CRLSelector_MatchCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetMatchCallback");
+ PKIX_NULLCHECK_TWO(selector, pCallback);
+
+ *pCallback = selector->matchCallback;
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+
+/*
+ * FUNCTION: PKIX_CRLSelector_GetCRLSelectorContext
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_CRLSelector_GetCRLSelectorContext(
+ PKIX_CRLSelector *selector,
+ void **pCrlSelectorContext,
+ void *plContext)
+{
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetCRLSelectorContext");
+ PKIX_NULLCHECK_TWO(selector, pCrlSelectorContext);
+
+ PKIX_INCREF(selector->context);
+
+ *pCrlSelectorContext = selector->context;
+
+cleanup:
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: PKIX_CRLSelector_GetCommonCRLSelectorParams
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_CRLSelector_GetCommonCRLSelectorParams(
+ PKIX_CRLSelector *selector,
+ PKIX_ComCRLSelParams **pParams,
+ void *plContext)
+{
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_GetCommonCRLSelectorParams");
+ PKIX_NULLCHECK_TWO(selector, pParams);
+
+ PKIX_INCREF(selector->params);
+
+ *pParams = selector->params;
+
+cleanup:
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: PKIX_CRLSelector_SetCommonCRLSelectorParams
+ * (see comments in pkix_crlsel.h)
+ */
+PKIX_Error *
+PKIX_CRLSelector_SetCommonCRLSelectorParams(
+ PKIX_CRLSelector *selector,
+ PKIX_ComCRLSelParams *params,
+ void *plContext)
+{
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_SetCommonCRLSelectorParams");
+ PKIX_NULLCHECK_TWO(selector, params);
+
+ PKIX_DECREF(selector->params);
+
+ PKIX_INCREF(params);
+ selector->params = params;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)selector, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CRLSELECTOR);
+}
+
+/*
+ * FUNCTION: pkix_CRLSelector_Select
+ * DESCRIPTION:
+ *
+ * This function applies the selector pointed to by "selector" to each CRL,
+ * in turn, in the List pointed to by "before", and creates a List containing
+ * all the CRLs that matched, or passed the selection process, storing that
+ * List at "pAfter". If no CRLs match, an empty List is stored at "pAfter".
+ *
+ * The List returned in "pAfter" is immutable.
+ *
+ * PARAMETERS:
+ * "selector"
+ * Address of CRLSelelector to be applied to the List. Must be non-NULL.
+ * "before"
+ * Address of List that is to be filtered. Must be non-NULL.
+ * "pAfter"
+ * Address at which resulting List, possibly empty, is stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLSelector Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CRLSelector_Select(
+ PKIX_CRLSelector *selector,
+ PKIX_List *before,
+ PKIX_List **pAfter,
+ void *plContext)
+{
+ PKIX_Boolean match = PKIX_FALSE;
+ PKIX_UInt32 numBefore = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_List *filtered = NULL;
+ PKIX_PL_CRL *candidate = NULL;
+
+ PKIX_ENTER(CRLSELECTOR, "PKIX_CRLSelector_Select");
+ PKIX_NULLCHECK_THREE(selector, before, pAfter);
+
+ PKIX_CHECK(PKIX_List_Create(&filtered, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(before, &numBefore, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numBefore; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (before, i, (PKIX_PL_Object **)&candidate, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK_ONLY_FATAL(selector->matchCallback
+ (selector, candidate, &match, plContext),
+ PKIX_CRLSELECTORMATCHCALLBACKFAILED);
+
+ if (!(PKIX_ERROR_RECEIVED) && match == PKIX_TRUE) {
+
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_AppendItem
+ (filtered,
+ (PKIX_PL_Object *)candidate,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ pkixTempErrorReceived = PKIX_FALSE;
+ PKIX_DECREF(candidate);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(filtered, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ /* Don't throw away the list if one CRL was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+
+ *pAfter = filtered;
+ filtered = NULL;
+
+cleanup:
+
+ PKIX_DECREF(filtered);
+ PKIX_DECREF(candidate);
+
+ PKIX_RETURN(CRLSELECTOR);
+
+}
diff --git a/security/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.h b/security/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.h
new file mode 100755
index 000000000..4f44cc768
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/crlsel/pkix_crlselector.h
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_crlselector.h
+ *
+ * CrlSelector Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_CRLSELECTOR_H
+#define _PKIX_CRLSELECTOR_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_CRLSelectorStruct {
+ PKIX_CRLSelector_MatchCallback matchCallback;
+ PKIX_ComCRLSelParams *params;
+ PKIX_PL_Object *context;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_CRLSelector_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_CRLSelector_Select(
+ PKIX_CRLSelector *selector,
+ PKIX_List *before,
+ PKIX_List **pAfter,
+ void *plContext);
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_CRLSELECTOR_H */
diff --git a/security/nss/lib/libpkix/pkix/manifest.mn b/security/nss/lib/libpkix/pkix/manifest.mn
new file mode 100755
index 000000000..dcb6f0ce6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/manifest.mn
@@ -0,0 +1,11 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../..
+DEPTH = ../../..
+
+#
+DIRS = certsel crlsel checker params results store top util \
+ $(NULL)
+
diff --git a/security/nss/lib/libpkix/pkix/params/Makefile b/security/nss/lib/libpkix/pkix/params/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/params/config.mk b/security/nss/lib/libpkix/pkix/params/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/params/exports.gyp b/security/nss/lib/libpkix/pkix/params/exports.gyp
new file mode 100644
index 000000000..921f2ceae
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/exports.gyp
@@ -0,0 +1,28 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_params_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_procparams.h',
+ 'pkix_resourcelimits.h',
+ 'pkix_trustanchor.h',
+ 'pkix_valparams.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/params/manifest.mn b/security/nss/lib/libpkix/pkix/params/manifest.mn
new file mode 100755
index 000000000..f26e588f5
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/manifest.mn
@@ -0,0 +1,27 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_procparams.h \
+ pkix_trustanchor.h \
+ pkix_valparams.h \
+ pkix_resourcelimits.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_trustanchor.c \
+ pkix_procparams.c \
+ pkix_valparams.c \
+ pkix_resourcelimits.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixparams
+
diff --git a/security/nss/lib/libpkix/pkix/params/params.gyp b/security/nss/lib/libpkix/pkix/params/params.gyp
new file mode 100644
index 000000000..a1463c4c7
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/params.gyp
@@ -0,0 +1,26 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixparams',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_procparams.c',
+ 'pkix_resourcelimits.c',
+ 'pkix_trustanchor.c',
+ 'pkix_valparams.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_procparams.c b/security/nss/lib/libpkix/pkix/params/pkix_procparams.c
new file mode 100755
index 000000000..260b0074c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_procparams.c
@@ -0,0 +1,1417 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_procparams.c
+ *
+ * ProcessingParams Object Functions
+ *
+ */
+
+#include "pkix_procparams.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_ProcessingParams_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ProcessingParams_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ProcessingParams *params = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a processing params object */
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTPROCESSINGPARAMS);
+
+ params = (PKIX_ProcessingParams *)object;
+
+ PKIX_DECREF(params->trustAnchors);
+ PKIX_DECREF(params->hintCerts);
+ PKIX_DECREF(params->constraints);
+ PKIX_DECREF(params->date);
+ PKIX_DECREF(params->initialPolicies);
+ PKIX_DECREF(params->certChainCheckers);
+ PKIX_DECREF(params->revChecker);
+ PKIX_DECREF(params->certStores);
+ PKIX_DECREF(params->resourceLimits);
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ProcessingParams_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ProcessingParams_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_ProcessingParams *firstProcParams = NULL;
+ PKIX_ProcessingParams *secondProcParams = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_PROCESSINGPARAMS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTPROCESSINGPARAMS);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_PROCESSINGPARAMS_TYPE) goto cleanup;
+
+ firstProcParams = (PKIX_ProcessingParams *)first;
+ secondProcParams = (PKIX_ProcessingParams *)second;
+
+ /* Do the simplest tests first */
+ if ((firstProcParams->qualifiersRejected) !=
+ (secondProcParams->qualifiersRejected)) {
+ goto cleanup;
+ }
+
+ if (firstProcParams->isCrlRevocationCheckingEnabled !=
+ secondProcParams->isCrlRevocationCheckingEnabled) {
+ goto cleanup;
+ }
+ if (firstProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy !=
+ secondProcParams->isCrlRevocationCheckingEnabledWithNISTPolicy) {
+ goto cleanup;
+ }
+
+ /* trustAnchors can never be NULL */
+
+ PKIX_EQUALS
+ (firstProcParams->trustAnchors,
+ secondProcParams->trustAnchors,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_EQUALS
+ (firstProcParams->hintCerts,
+ secondProcParams->hintCerts,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_EQUALS
+ (firstProcParams->date,
+ secondProcParams->date,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_EQUALS
+ (firstProcParams->constraints,
+ secondProcParams->constraints,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_EQUALS
+ (firstProcParams->initialPolicies,
+ secondProcParams->initialPolicies,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ /* There is no Equals function for CertChainCheckers */
+
+ PKIX_EQUALS
+ ((PKIX_PL_Object *)firstProcParams->certStores,
+ (PKIX_PL_Object *)secondProcParams->certStores,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_EQUALS
+ (firstProcParams->resourceLimits,
+ secondProcParams->resourceLimits,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (cmpResult == PKIX_FALSE) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ProcessingParams_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ProcessingParams_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 anchorsHash = 0;
+ PKIX_UInt32 hintCertsHash = 0;
+ PKIX_UInt32 dateHash = 0;
+ PKIX_UInt32 constraintsHash = 0;
+ PKIX_UInt32 initialHash = 0;
+ PKIX_UInt32 rejectedHash = 0;
+ PKIX_UInt32 certChainCheckersHash = 0;
+ PKIX_UInt32 revCheckerHash = 0;
+ PKIX_UInt32 certStoresHash = 0;
+ PKIX_UInt32 resourceLimitsHash = 0;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTPROCESSINGPARAMS);
+
+ procParams = (PKIX_ProcessingParams*)object;
+
+ PKIX_HASHCODE(procParams->trustAnchors, &anchorsHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(procParams->hintCerts, &hintCertsHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(procParams->date, &dateHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(procParams->constraints, &constraintsHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(procParams->initialPolicies, &initialHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ rejectedHash = procParams->qualifiersRejected;
+
+ /* There is no Hash function for CertChainCheckers */
+
+ PKIX_HASHCODE(procParams->certStores, &certStoresHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(procParams->resourceLimits,
+ &resourceLimitsHash,
+ plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = (31 * ((31 * anchorsHash) + hintCertsHash + dateHash)) +
+ constraintsHash + initialHash + rejectedHash;
+
+ hash += ((((certStoresHash + resourceLimitsHash) << 7) +
+ certChainCheckersHash + revCheckerHash +
+ procParams->isCrlRevocationCheckingEnabled +
+ procParams->isCrlRevocationCheckingEnabledWithNISTPolicy) << 7);
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ProcessingParams_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ProcessingParams_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_ProcessingParams *procParams = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *procParamsString = NULL;
+ PKIX_PL_String *anchorsString = NULL;
+ PKIX_PL_String *dateString = NULL;
+ PKIX_PL_String *constraintsString = NULL;
+ PKIX_PL_String *InitialPoliciesString = NULL;
+ PKIX_PL_String *qualsRejectedString = NULL;
+ PKIX_List *certStores = NULL;
+ PKIX_PL_String *certStoresString = NULL;
+ PKIX_PL_String *resourceLimitsString = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTPROCESSINGPARAMS);
+
+ asciiFormat =
+ "[\n"
+ "\tTrust Anchors: \n"
+ "\t********BEGIN LIST OF TRUST ANCHORS********\n"
+ "\t\t%s\n"
+ "\t********END LIST OF TRUST ANCHORS********\n"
+ "\tDate: \t\t%s\n"
+ "\tTarget Constraints: %s\n"
+ "\tInitial Policies: %s\n"
+ "\tQualifiers Rejected: %s\n"
+ "\tCert Stores: %s\n"
+ "\tResource Limits: %s\n"
+ "\tCRL Checking Enabled: %d\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ procParams = (PKIX_ProcessingParams*)object;
+
+ PKIX_TOSTRING(procParams->trustAnchors, &anchorsString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(procParams->date, &dateString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(procParams->constraints, &constraintsString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (procParams->initialPolicies, &InitialPoliciesString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ (procParams->qualifiersRejected)?"TRUE":"FALSE",
+ 0,
+ &qualsRejectedString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* There is no ToString function for CertChainCheckers */
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
+ (procParams, &certStores, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
+
+ PKIX_TOSTRING(certStores, &certStoresString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_TOSTRING(procParams->resourceLimits,
+ &resourceLimitsString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&procParamsString,
+ plContext,
+ formatString,
+ anchorsString,
+ dateString,
+ constraintsString,
+ InitialPoliciesString,
+ qualsRejectedString,
+ certStoresString,
+ resourceLimitsString,
+ procParams->isCrlRevocationCheckingEnabled,
+ procParams->isCrlRevocationCheckingEnabledWithNISTPolicy),
+ PKIX_SPRINTFFAILED);
+
+ *pString = procParamsString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(anchorsString);
+ PKIX_DECREF(dateString);
+ PKIX_DECREF(constraintsString);
+ PKIX_DECREF(InitialPoliciesString);
+ PKIX_DECREF(qualsRejectedString);
+ PKIX_DECREF(certStores);
+ PKIX_DECREF(certStoresString);
+ PKIX_DECREF(resourceLimitsString);
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ProcessingParams_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ProcessingParams_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_ProcessingParams *params = NULL;
+ PKIX_ProcessingParams *paramsDuplicate = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_PROCESSINGPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTPROCESSINGPARAMS);
+
+ params = (PKIX_ProcessingParams *)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_PROCESSINGPARAMS_TYPE,
+ sizeof (PKIX_ProcessingParams),
+ (PKIX_PL_Object **)&paramsDuplicate,
+ plContext),
+ PKIX_PROCESSINGPARAMSCREATEFAILED);
+
+ /* initialize fields */
+ PKIX_DUPLICATE
+ (params->trustAnchors,
+ &(paramsDuplicate->trustAnchors),
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->hintCerts, &(paramsDuplicate->hintCerts), plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->constraints,
+ &(paramsDuplicate->constraints),
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->date, &(paramsDuplicate->date), plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->initialPolicies,
+ &(paramsDuplicate->initialPolicies),
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ paramsDuplicate->initialPolicyMappingInhibit =
+ params->initialPolicyMappingInhibit;
+ paramsDuplicate->initialAnyPolicyInhibit =
+ params->initialAnyPolicyInhibit;
+ paramsDuplicate->initialExplicitPolicy = params->initialExplicitPolicy;
+ paramsDuplicate->qualifiersRejected = params->qualifiersRejected;
+
+ PKIX_DUPLICATE
+ (params->certChainCheckers,
+ &(paramsDuplicate->certChainCheckers),
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->revChecker,
+ &(paramsDuplicate->revChecker),
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->certStores, &(paramsDuplicate->certStores), plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_DUPLICATE
+ (params->resourceLimits,
+ &(paramsDuplicate->resourceLimits),
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ paramsDuplicate->isCrlRevocationCheckingEnabled =
+ params->isCrlRevocationCheckingEnabled;
+
+ paramsDuplicate->isCrlRevocationCheckingEnabledWithNISTPolicy =
+ params->isCrlRevocationCheckingEnabledWithNISTPolicy;
+
+ *pNewObject = (PKIX_PL_Object *)paramsDuplicate;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(paramsDuplicate);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+
+}
+
+/*
+ * FUNCTION: pkix_ProcessingParams_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_PROCESSINGPARAMS_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ProcessingParams_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "pkix_ProcessingParams_RegisterSelf");
+
+ entry.description = "ProcessingParams";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_ProcessingParams);
+ entry.destructor = pkix_ProcessingParams_Destroy;
+ entry.equalsFunction = pkix_ProcessingParams_Equals;
+ entry.hashcodeFunction = pkix_ProcessingParams_Hashcode;
+ entry.toStringFunction = pkix_ProcessingParams_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_ProcessingParams_Duplicate;
+
+ systemClasses[PKIX_PROCESSINGPARAMS_TYPE] = entry;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_Create (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_Create(
+ PKIX_ProcessingParams **pParams,
+ void *plContext)
+{
+ PKIX_ProcessingParams *params = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_Create");
+ PKIX_NULLCHECK_ONE(pParams);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_PROCESSINGPARAMS_TYPE,
+ sizeof (PKIX_ProcessingParams),
+ (PKIX_PL_Object **)&params,
+ plContext),
+ PKIX_COULDNOTCREATEPROCESSINGPARAMSOBJECT);
+
+ /* initialize fields */
+ PKIX_CHECK(PKIX_List_Create(&params->trustAnchors, plContext),
+ PKIX_LISTCREATEFAILED);
+ PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Date_Create_UTCTime
+ (NULL, &params->date, plContext),
+ PKIX_DATECREATEUTCTIMEFAILED);
+
+ params->hintCerts = NULL;
+ params->constraints = NULL;
+ params->initialPolicies = NULL;
+ params->initialPolicyMappingInhibit = PKIX_FALSE;
+ params->initialAnyPolicyInhibit = PKIX_FALSE;
+ params->initialExplicitPolicy = PKIX_FALSE;
+ params->qualifiersRejected = PKIX_FALSE;
+ params->certChainCheckers = NULL;
+ params->revChecker = NULL;
+ params->certStores = NULL;
+ params->resourceLimits = NULL;
+
+ params->isCrlRevocationCheckingEnabled = PKIX_TRUE;
+
+ params->isCrlRevocationCheckingEnabledWithNISTPolicy = PKIX_TRUE;
+
+ params->useAIAForCertFetching = PKIX_FALSE;
+ params->qualifyTargetCert = PKIX_TRUE;
+ params->useOnlyTrustAnchors = PKIX_TRUE;
+
+ *pParams = params;
+ params = NULL;
+
+cleanup:
+
+ PKIX_DECREF(params);
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetUseAIAForCertFetching
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetUseAIAForCertFetching(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pUseAIA, /* list of TrustAnchor */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetUseAIAForCertFetching");
+ PKIX_NULLCHECK_TWO(params, pUseAIA);
+
+ *pUseAIA = params->useAIAForCertFetching;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetUseAIAForCertFetching
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetUseAIAForCertFetching(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean useAIA,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetUseAIAForCertFetching");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->useAIAForCertFetching = useAIA;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetQualifyTargetCert
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetValidateTargetCert(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pQualifyTargetCert,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_GetValidateTargetCert");
+ PKIX_NULLCHECK_TWO(params, pQualifyTargetCert);
+
+ *pQualifyTargetCert = params->qualifyTargetCert;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetQualifyTargetCert
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetQualifyTargetCert(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean qualifyTargetCert,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetQualifyTargetCert");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->qualifyTargetCert = qualifyTargetCert;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetTrustAnchors
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_List *anchors, /* list of TrustAnchor */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetTrustAnchors");
+ PKIX_NULLCHECK_TWO(params, anchors);
+
+ PKIX_DECREF(params->trustAnchors);
+
+ PKIX_INCREF(anchors);
+ params->trustAnchors = anchors;
+ PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetTrustAnchors
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pAnchors, /* list of TrustAnchor */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetTrustAnchors");
+ PKIX_NULLCHECK_TWO(params, pAnchors);
+
+ PKIX_INCREF(params->trustAnchors);
+
+ *pAnchors = params->trustAnchors;
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/**
+ * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetUseOnlyTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pUseOnlyTrustAnchors,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetUseTrustAnchorsOnly");
+ PKIX_NULLCHECK_TWO(params, pUseOnlyTrustAnchors);
+
+ *pUseOnlyTrustAnchors = params->useOnlyTrustAnchors;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/**
+ * FUNCTION: PKIX_ProcessingParams_SetUseOnlyTrustAnchors
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetUseOnlyTrustAnchors(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean useOnlyTrustAnchors,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetUseTrustAnchorsOnly");
+ PKIX_NULLCHECK_ONE(params);
+
+ params->useOnlyTrustAnchors = useOnlyTrustAnchors;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetDate (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetDate(
+ PKIX_ProcessingParams *params,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetDate");
+ PKIX_NULLCHECK_TWO(params, pDate);
+
+ PKIX_INCREF(params->date);
+ *pDate = params->date;
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetDate (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetDate(
+ PKIX_ProcessingParams *params,
+ PKIX_PL_Date *date,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetDate");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->date);
+
+ PKIX_INCREF(date);
+ params->date = date;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->date);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetTargetCertConstraints
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetTargetCertConstraints(
+ PKIX_ProcessingParams *params,
+ PKIX_CertSelector **pConstraints,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_GetTargetCertConstraints");
+
+ PKIX_NULLCHECK_TWO(params, pConstraints);
+
+ PKIX_INCREF(params->constraints);
+ *pConstraints = params->constraints;
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetTargetCertConstraints
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetTargetCertConstraints(
+ PKIX_ProcessingParams *params,
+ PKIX_CertSelector *constraints,
+ void *plContext)
+{
+
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetTargetCertConstraints");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->constraints);
+
+ PKIX_INCREF(constraints);
+ params->constraints = constraints;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->constraints);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetInitialPolicies
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetInitialPolicies(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pInitPolicies, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_GetInitialPolicies");
+
+ PKIX_NULLCHECK_TWO(params, pInitPolicies);
+
+ if (params->initialPolicies == NULL) {
+ PKIX_CHECK(PKIX_List_Create
+ (&params->initialPolicies, plContext),
+ PKIX_UNABLETOCREATELIST);
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (params->initialPolicies, plContext),
+ PKIX_UNABLETOMAKELISTIMMUTABLE);
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ }
+
+ PKIX_INCREF(params->initialPolicies);
+ *pInitPolicies = params->initialPolicies;
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetInitialPolicies
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetInitialPolicies(
+ PKIX_ProcessingParams *params,
+ PKIX_List *initPolicies, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetInitialPolicies");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->initialPolicies);
+
+ PKIX_INCREF(initPolicies);
+ params->initialPolicies = initPolicies;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->initialPolicies);
+ }
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetPolicyQualifiersRejected
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetPolicyQualifiersRejected(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pRejected,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_GetPolicyQualifiersRejected");
+
+ PKIX_NULLCHECK_TWO(params, pRejected);
+
+ *pRejected = params->qualifiersRejected;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetPolicyQualifiersRejected
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetPolicyQualifiersRejected(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean rejected,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetPolicyQualifiersRejected");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ params->qualifiersRejected = rejected;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetCertChainCheckers
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetCertChainCheckers(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pCheckers, /* list of PKIX_CertChainChecker */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_GetCertChainCheckers");
+ PKIX_NULLCHECK_TWO(params, pCheckers);
+
+ PKIX_INCREF(params->certChainCheckers);
+ *pCheckers = params->certChainCheckers;
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetCertChainCheckers
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetCertChainCheckers(
+ PKIX_ProcessingParams *params,
+ PKIX_List *checkers, /* list of PKIX_CertChainChecker */
+ void *plContext)
+{
+
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetCertChainCheckers");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->certChainCheckers);
+
+ PKIX_INCREF(checkers);
+ params->certChainCheckers = checkers;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->certChainCheckers);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_AddCertChainCheckers
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_AddCertChainChecker(
+ PKIX_ProcessingParams *params,
+ PKIX_CertChainChecker *checker,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_AddCertChainChecker");
+ PKIX_NULLCHECK_TWO(params, checker);
+
+ if (params->certChainCheckers == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&list, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ params->certChainCheckers = list;
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (params->certChainCheckers, (PKIX_PL_Object *)checker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ list = NULL;
+
+cleanup:
+
+ if (list && params) {
+ PKIX_DECREF(params->certChainCheckers);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetRevocationChecker(
+ PKIX_ProcessingParams *params,
+ PKIX_RevocationChecker **pChecker,
+ void *plContext)
+{
+
+ PKIX_ENTER
+ (PROCESSINGPARAMS, "PKIX_ProcessingParams_GetRevocationCheckers");
+ PKIX_NULLCHECK_TWO(params, pChecker);
+
+ PKIX_INCREF(params->revChecker);
+ *pChecker = params->revChecker;
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetRevocationChecker(
+ PKIX_ProcessingParams *params,
+ PKIX_RevocationChecker *checker,
+ void *plContext)
+{
+
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_InitRevocationChecker");
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->revChecker);
+ PKIX_INCREF(checker);
+ params->revChecker = checker;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetCertStores
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetCertStores(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pStores, /* list of PKIX_CertStore */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetCertStores");
+
+ PKIX_NULLCHECK_TWO(params, pStores);
+
+ if (!params->certStores){
+ PKIX_CHECK(PKIX_List_Create(&params->certStores, plContext),
+ PKIX_UNABLETOCREATELIST);
+ }
+
+ PKIX_INCREF(params->certStores);
+ *pStores = params->certStores;
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetCertStores
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetCertStores(
+ PKIX_ProcessingParams *params,
+ PKIX_List *stores, /* list of PKIX_CertStore */
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetCertStores");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->certStores);
+
+ PKIX_INCREF(stores);
+ params->certStores = stores;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->certStores);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_AddCertStore
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_AddCertStore(
+ PKIX_ProcessingParams *params,
+ PKIX_CertStore *store,
+ void *plContext)
+{
+ PKIX_List *certStores = NULL;
+
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_AddCertStore");
+ PKIX_NULLCHECK_TWO(params, store);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
+ (params, &certStores, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (certStores, (PKIX_PL_Object *)store, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(certStores);
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetResourceLimits
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetResourceLimits(
+ PKIX_ProcessingParams *params,
+ PKIX_ResourceLimits *resourceLimits,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetResourceLimits");
+
+ PKIX_NULLCHECK_TWO(params, resourceLimits);
+
+ PKIX_DECREF(params->resourceLimits);
+ PKIX_INCREF(resourceLimits);
+ params->resourceLimits = resourceLimits;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->resourceLimits);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetResourceLimits
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetResourceLimits(
+ PKIX_ProcessingParams *params,
+ PKIX_ResourceLimits **pResourceLimits,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_GetResourceLimits");
+
+ PKIX_NULLCHECK_TWO(params, pResourceLimits);
+
+ PKIX_INCREF(params->resourceLimits);
+ *pResourceLimits = params->resourceLimits;
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_IsAnyPolicyInhibited
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_IsAnyPolicyInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pInhibited,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_IsAnyPolicyInhibited");
+
+ PKIX_NULLCHECK_TWO(params, pInhibited);
+
+ *pInhibited = params->initialAnyPolicyInhibit;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetAnyPolicyInhibited
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetAnyPolicyInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean inhibited,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetAnyPolicyInhibited");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ params->initialAnyPolicyInhibit = inhibited;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_IsExplicitPolicyRequired
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_IsExplicitPolicyRequired(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pRequired,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_IsExplicitPolicyRequired");
+
+ PKIX_NULLCHECK_TWO(params, pRequired);
+
+ *pRequired = params->initialExplicitPolicy;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetExplicitPolicyRequired
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetExplicitPolicyRequired(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean required,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetExplicitPolicyRequired");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ params->initialExplicitPolicy = required;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_IsPolicyMappingInhibited
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_IsPolicyMappingInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean *pInhibited,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_IsPolicyMappingInhibited");
+
+ PKIX_NULLCHECK_TWO(params, pInhibited);
+
+ *pInhibited = params->initialPolicyMappingInhibit;
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetPolicyMappingInhibited
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetPolicyMappingInhibited(
+ PKIX_ProcessingParams *params,
+ PKIX_Boolean inhibited,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS,
+ "PKIX_ProcessingParams_SetPolicyMappingInhibited");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ params->initialPolicyMappingInhibit = inhibited;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)params, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_SetHintCerts
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_SetHintCerts(
+ PKIX_ProcessingParams *params,
+ PKIX_List *hintCerts,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_SetHintCerts");
+
+ PKIX_NULLCHECK_ONE(params);
+
+ PKIX_DECREF(params->hintCerts);
+ PKIX_INCREF(hintCerts);
+ params->hintCerts = hintCerts;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED && params) {
+ PKIX_DECREF(params->hintCerts);
+ }
+
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ProcessingParams_GetHintCerts
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ProcessingParams_GetHintCerts(
+ PKIX_ProcessingParams *params,
+ PKIX_List **pHintCerts,
+ void *plContext)
+{
+ PKIX_ENTER(PROCESSINGPARAMS, "PKIX_ProcessingParams_GetHintCerts");
+
+ PKIX_NULLCHECK_TWO(params, pHintCerts);
+
+ PKIX_INCREF(params->hintCerts);
+ *pHintCerts = params->hintCerts;
+
+cleanup:
+ PKIX_RETURN(PROCESSINGPARAMS);
+}
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_procparams.h b/security/nss/lib/libpkix/pkix/params/pkix_procparams.h
new file mode 100755
index 000000000..599f5d498
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_procparams.h
@@ -0,0 +1,50 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_procparams.h
+ *
+ * ProcessingParams Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PROCESSINGPARAMS_H
+#define _PKIX_PROCESSINGPARAMS_H
+
+#include "pkix_tools.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_ProcessingParamsStruct {
+ PKIX_List *trustAnchors; /* Never NULL */
+ PKIX_List *hintCerts; /* user-supplied partial chain, may be NULL */
+ PKIX_CertSelector *constraints;
+ PKIX_PL_Date *date;
+ PKIX_List *initialPolicies; /* list of PKIX_PL_OID */
+ PKIX_Boolean initialPolicyMappingInhibit;
+ PKIX_Boolean initialAnyPolicyInhibit;
+ PKIX_Boolean initialExplicitPolicy;
+ PKIX_Boolean qualifiersRejected;
+ PKIX_List *certChainCheckers;
+ PKIX_List *certStores;
+ PKIX_Boolean isCrlRevocationCheckingEnabled;
+ PKIX_Boolean isCrlRevocationCheckingEnabledWithNISTPolicy;
+ PKIX_RevocationChecker *revChecker;
+ PKIX_ResourceLimits *resourceLimits;
+ PKIX_Boolean useAIAForCertFetching;
+ PKIX_Boolean qualifyTargetCert;
+ PKIX_Boolean useOnlyTrustAnchors;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_ProcessingParams_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PROCESSINGPARAMS_H */
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_resourcelimits.c b/security/nss/lib/libpkix/pkix/params/pkix_resourcelimits.c
new file mode 100755
index 000000000..de93e9d77
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_resourcelimits.c
@@ -0,0 +1,433 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_resourcelimits.c
+ *
+ * Resourcelimits Params Object Functions
+ *
+ */
+
+#include "pkix_resourcelimits.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_ResourceLimits_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ResourceLimits_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ResourceLimits *rLimits = NULL;
+
+ PKIX_ENTER(RESOURCELIMITS, "pkix_ResourceLimits_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a ResourceLimits object */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_RESOURCELIMITS_TYPE, plContext),
+ PKIX_OBJECTNOTRESOURCELIMITS);
+
+ rLimits = (PKIX_ResourceLimits *)object;
+
+ rLimits->maxTime = 0;
+ rLimits->maxFanout = 0;
+ rLimits->maxDepth = 0;
+ rLimits->maxCertsNumber = 0;
+ rLimits->maxCrlsNumber = 0;
+
+cleanup:
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: pkix_ResourceLimits_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ResourceLimits_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_ResourceLimits *firstRLimits = NULL;
+ PKIX_ResourceLimits *secondRLimits = NULL;
+
+ PKIX_ENTER(RESOURCELIMITS, "pkix_ResourceLimits_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_RESOURCELIMITS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTRESOURCELIMITS);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_RESOURCELIMITS_TYPE) goto cleanup;
+
+ firstRLimits = (PKIX_ResourceLimits *)first;
+ secondRLimits = (PKIX_ResourceLimits *)second;
+
+ cmpResult = (firstRLimits->maxTime == secondRLimits->maxTime) &&
+ (firstRLimits->maxFanout == secondRLimits->maxFanout) &&
+ (firstRLimits->maxDepth == secondRLimits->maxDepth) &&
+ (firstRLimits->maxCertsNumber ==
+ secondRLimits->maxCertsNumber) &&
+ (firstRLimits->maxCrlsNumber ==
+ secondRLimits->maxCrlsNumber);
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: pkix_ResourceLimits_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ResourceLimits_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_ResourceLimits *rLimits = NULL;
+ PKIX_UInt32 hash = 0;
+
+ PKIX_ENTER(RESOURCELIMITS, "pkix_ResourceLimits_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_RESOURCELIMITS_TYPE, plContext),
+ PKIX_OBJECTNOTRESOURCELIMITS);
+
+ rLimits = (PKIX_ResourceLimits*)object;
+
+ hash = 31 * rLimits->maxTime + (rLimits->maxFanout << 1) +
+ (rLimits->maxDepth << 2) + (rLimits->maxCertsNumber << 3) +
+ rLimits->maxCrlsNumber;
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: pkix_ResourceLimits_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ResourceLimits_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_ResourceLimits *rLimits = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *rLimitsString = NULL;
+
+ PKIX_ENTER(RESOURCELIMITS, "pkix_ResourceLimits_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_RESOURCELIMITS_TYPE, plContext),
+ PKIX_OBJECTNOTRESOURCELIMITS);
+
+ /* maxCertsNumber and maxCrlsNumber are not supported */
+ asciiFormat =
+ "[\n"
+ "\tMaxTime: \t\t%d\n"
+ "\tMaxFanout: \t\t%d\n"
+ "\tMaxDepth: \t\t%d\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ rLimits = (PKIX_ResourceLimits*)object;
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&rLimitsString,
+ plContext,
+ formatString,
+ rLimits->maxTime,
+ rLimits->maxFanout,
+ rLimits->maxDepth),
+ PKIX_SPRINTFFAILED);
+
+ *pString = rLimitsString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: pkix_ResourceLimits_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_RESOURCELIMITS_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ResourceLimits_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(RESOURCELIMITS, "pkix_ResourceLimits_RegisterSelf");
+
+ entry.description = "ResourceLimits";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_ResourceLimits);
+ entry.destructor = pkix_ResourceLimits_Destroy;
+ entry.equalsFunction = pkix_ResourceLimits_Equals;
+ entry.hashcodeFunction = pkix_ResourceLimits_Hashcode;
+ entry.toStringFunction = pkix_ResourceLimits_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_RESOURCELIMITS_TYPE] = entry;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_Create (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_Create(
+ PKIX_ResourceLimits **pResourceLimits,
+ void *plContext)
+{
+ PKIX_ResourceLimits *rLimits = NULL;
+
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_Create");
+ PKIX_NULLCHECK_ONE(pResourceLimits);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_RESOURCELIMITS_TYPE,
+ sizeof (PKIX_ResourceLimits),
+ (PKIX_PL_Object **)&rLimits,
+ plContext),
+ PKIX_COULDNOTCREATERESOURCELIMITOBJECT);
+
+ /* initialize fields */
+ rLimits->maxTime = 0;
+ rLimits->maxFanout = 0;
+ rLimits->maxDepth = 0;
+ rLimits->maxCertsNumber = 0;
+ rLimits->maxCrlsNumber = 0;
+
+ *pResourceLimits = rLimits;
+
+cleanup:
+
+ PKIX_RETURN(RESOURCELIMITS);
+
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxTime
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxTime(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 *pMaxTime,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_GetMaxTime");
+ PKIX_NULLCHECK_TWO(rLimits, pMaxTime);
+
+ *pMaxTime = rLimits->maxTime;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxTime
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxTime(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 maxTime,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_SetMaxTime");
+ PKIX_NULLCHECK_ONE(rLimits);
+
+ rLimits->maxTime = maxTime;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxFanout
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxFanout(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 *pMaxFanout,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_GetMaxFanout");
+ PKIX_NULLCHECK_TWO(rLimits, pMaxFanout);
+
+ *pMaxFanout = rLimits->maxFanout;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxFanout
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxFanout(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 maxFanout,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_SetMaxFanout");
+ PKIX_NULLCHECK_ONE(rLimits);
+
+ rLimits->maxFanout = maxFanout;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxDepth
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxDepth(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 *pMaxDepth,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_GetMaxDepth");
+ PKIX_NULLCHECK_TWO(rLimits, pMaxDepth);
+
+ *pMaxDepth = rLimits->maxDepth;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxDepth
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxDepth(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 maxDepth,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_SetMaxDepth");
+ PKIX_NULLCHECK_ONE(rLimits);
+
+ rLimits->maxDepth = maxDepth;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxNumberOfCerts
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxNumberOfCerts(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 *pMaxNumber,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_GetMaxNumberOfCerts");
+ PKIX_NULLCHECK_TWO(rLimits, pMaxNumber);
+
+ *pMaxNumber = rLimits->maxCertsNumber;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxNumberOfCerts
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxNumberOfCerts(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 maxNumber,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_SetMaxNumberOfCerts");
+ PKIX_NULLCHECK_ONE(rLimits);
+
+ rLimits->maxCertsNumber = maxNumber;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_GetMaxNumberOfCRLs
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_GetMaxNumberOfCRLs(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 *pMaxNumber,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_GetMaxNumberOfCRLs");
+ PKIX_NULLCHECK_TWO(rLimits, pMaxNumber);
+
+ *pMaxNumber = rLimits->maxCrlsNumber;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
+
+/*
+ * FUNCTION: PKIX_ResourceLimits_SetMaxNumberOfCRLs
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ResourceLimits_SetMaxNumberOfCRLs(
+ PKIX_ResourceLimits *rLimits,
+ PKIX_UInt32 maxNumber,
+ void *plContext)
+{
+ PKIX_ENTER(RESOURCELIMITS, "PKIX_ResourceLimits_SetMaxNumberOfCRLs");
+ PKIX_NULLCHECK_ONE(rLimits);
+
+ rLimits->maxCrlsNumber = maxNumber;
+
+ PKIX_RETURN(RESOURCELIMITS);
+}
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_resourcelimits.h b/security/nss/lib/libpkix/pkix/params/pkix_resourcelimits.h
new file mode 100755
index 000000000..c4f582ce6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_resourcelimits.h
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_resourcelimits.h
+ *
+ * ResourceLimits Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_RESOURCELIMITS_H
+#define _PKIX_RESOURCELIMITS_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_ResourceLimitsStruct {
+ PKIX_UInt32 maxTime;
+ PKIX_UInt32 maxFanout;
+ PKIX_UInt32 maxDepth;
+ PKIX_UInt32 maxCertsNumber;
+ PKIX_UInt32 maxCrlsNumber;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_ResourceLimits_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_RESOURCELIMITS_H */
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_trustanchor.c b/security/nss/lib/libpkix/pkix/params/pkix_trustanchor.c
new file mode 100755
index 000000000..ced16d290
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_trustanchor.c
@@ -0,0 +1,525 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_trustanchor.c
+ *
+ * TrustAnchor Object Functions
+ *
+ */
+
+#include "pkix_trustanchor.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_TrustAnchor_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_TrustAnchor_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_TrustAnchor *anchor = NULL;
+
+ PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a trust anchor */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_TRUSTANCHOR_TYPE, plContext),
+ PKIX_OBJECTNOTTRUSTANCHOR);
+
+ anchor = (PKIX_TrustAnchor *)object;
+
+ PKIX_DECREF(anchor->trustedCert);
+ PKIX_DECREF(anchor->caName);
+ PKIX_DECREF(anchor->caPubKey);
+ PKIX_DECREF(anchor->nameConstraints);
+
+cleanup:
+
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/*
+ * FUNCTION: pkix_TrustAnchor_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_TrustAnchor_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_TrustAnchor *firstAnchor = NULL;
+ PKIX_TrustAnchor *secondAnchor = NULL;
+ PKIX_PL_Cert *firstCert = NULL;
+ PKIX_PL_Cert *secondCert = NULL;
+
+ PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_TRUSTANCHOR_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTTRUSTANCHOR);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_TRUSTANCHOR_TYPE) goto cleanup;
+
+ firstAnchor = (PKIX_TrustAnchor *)first;
+ secondAnchor = (PKIX_TrustAnchor *)second;
+
+ firstCert = firstAnchor->trustedCert;
+ secondCert = secondAnchor->trustedCert;
+
+ if ((firstCert && !secondCert) || (!firstCert && secondCert)){
+ goto cleanup;
+ }
+
+ if (firstCert && secondCert){
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstCert,
+ (PKIX_PL_Object *)secondCert,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+ } else {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstAnchor->caName,
+ (PKIX_PL_Object *)secondAnchor->caName,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstAnchor->caPubKey,
+ (PKIX_PL_Object *)secondAnchor->caPubKey,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_EQUALS
+ (firstAnchor->nameConstraints,
+ secondAnchor->nameConstraints,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/*
+ * FUNCTION: pkix_TrustAnchor_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_TrustAnchor_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_TrustAnchor *anchor = NULL;
+ PKIX_PL_Cert *cert = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 certHash = 0;
+ PKIX_UInt32 nameHash = 0;
+ PKIX_UInt32 pubKeyHash = 0;
+ PKIX_UInt32 ncHash = 0;
+
+ PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_TRUSTANCHOR_TYPE, plContext),
+ PKIX_OBJECTNOTTRUSTANCHOR);
+
+ anchor = (PKIX_TrustAnchor*)object;
+ cert = anchor->trustedCert;
+
+ if (cert){
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)cert,
+ &certHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = certHash;
+
+ } else {
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)anchor->caName,
+ &nameHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)anchor->caPubKey,
+ &pubKeyHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE(anchor->nameConstraints, &ncHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = 31 * nameHash + pubKeyHash + ncHash;
+
+ }
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/*
+ * FUNCTION: pkix_TrustAnchor_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_TrustAnchor_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_TrustAnchor *anchor = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *anchorString = NULL;
+ PKIX_PL_String *certString = NULL;
+ PKIX_PL_String *nameString = NULL;
+ PKIX_PL_String *pubKeyString = NULL;
+ PKIX_PL_String *nameConstraintsString = NULL;
+
+ PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_TRUSTANCHOR_TYPE, plContext),
+ PKIX_OBJECTNOTTRUSTANCHOR);
+
+ anchor = (PKIX_TrustAnchor*)object;
+
+ if (anchor->trustedCert){
+ asciiFormat =
+ "[\n"
+ "\tTrusted Cert: %s\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)anchor->trustedCert,
+ &certString,
+ plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&anchorString,
+ plContext,
+ formatString,
+ certString),
+ PKIX_SPRINTFFAILED);
+ } else {
+ asciiFormat =
+ "[\n"
+ "\tTrusted CA Name: %s\n"
+ "\tTrusted CA PublicKey: %s\n"
+ "\tInitial Name Constraints:%s\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)anchor->caName,
+ &nameString,
+ plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)anchor->caPubKey,
+ &pubKeyString,
+ plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (anchor->nameConstraints,
+ &nameConstraintsString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&anchorString,
+ plContext,
+ formatString,
+ nameString,
+ pubKeyString,
+ nameConstraintsString),
+ PKIX_SPRINTFFAILED);
+ }
+
+ *pString = anchorString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(certString);
+ PKIX_DECREF(nameString);
+ PKIX_DECREF(pubKeyString);
+ PKIX_DECREF(nameConstraintsString);
+
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/*
+ * FUNCTION: pkix_TrustAnchor_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_TRUSTANCHOR_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_TrustAnchor_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(TRUSTANCHOR, "pkix_TrustAnchor_RegisterSelf");
+
+ entry.description = "TrustAnchor";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_TrustAnchor);
+ entry.destructor = pkix_TrustAnchor_Destroy;
+ entry.equalsFunction = pkix_TrustAnchor_Equals;
+ entry.hashcodeFunction = pkix_TrustAnchor_Hashcode;
+ entry.toStringFunction = pkix_TrustAnchor_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_TRUSTANCHOR_TYPE] = entry;
+
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_CreateWithCert (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_TrustAnchor_CreateWithCert(
+ PKIX_PL_Cert *cert,
+ PKIX_TrustAnchor **pAnchor,
+ void *plContext)
+{
+ PKIX_TrustAnchor *anchor = NULL;
+
+ PKIX_ENTER(TRUSTANCHOR, "PKIX_TrustAnchor_CreateWithCert");
+ PKIX_NULLCHECK_TWO(cert, pAnchor);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_TRUSTANCHOR_TYPE,
+ sizeof (PKIX_TrustAnchor),
+ (PKIX_PL_Object **)&anchor,
+ plContext),
+ PKIX_COULDNOTCREATETRUSTANCHOROBJECT);
+
+ /* initialize fields */
+ PKIX_CHECK(
+ PKIX_PL_Cert_SetAsTrustAnchor(cert, plContext),
+ PKIX_CERTSETASTRUSTANCHORFAILED);
+
+ PKIX_INCREF(cert);
+ anchor->trustedCert = cert;
+
+ anchor->caName = NULL;
+ anchor->caPubKey = NULL;
+
+ PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
+ (anchor->trustedCert, &anchor->nameConstraints, plContext),
+ PKIX_CERTGETNAMECONSTRAINTSFAILED);
+
+
+ *pAnchor = anchor;
+ anchor = NULL;
+
+cleanup:
+
+ PKIX_DECREF(anchor);
+
+ PKIX_RETURN(TRUSTANCHOR);
+
+}
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_CreateWithNameKeyPair
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_TrustAnchor_CreateWithNameKeyPair(
+ PKIX_PL_X500Name *name,
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_TrustAnchor **pAnchor,
+ void *plContext)
+{
+ PKIX_TrustAnchor *anchor = NULL;
+
+ PKIX_ENTER(TRUSTANCHOR, "PKIX_TrustAnchor_CreateWithNameKeyPair");
+
+#ifndef BUILD_LIBPKIX_TESTS
+ /* Nss creates trust anchors by using PKIX_TrustAnchor_CreateWithCert
+ * function as the complete trusted cert structure, and not only cert
+ * public key, is required for chain building and validation processes.
+ * Restricting this function for been used only in libpkix unit
+ * tests. */
+ PKIX_ERROR(PKIX_FUNCTIONMUSTNOTBEUSED);
+#endif
+
+ PKIX_NULLCHECK_THREE(name, pubKey, pAnchor);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_TRUSTANCHOR_TYPE,
+ sizeof (PKIX_TrustAnchor),
+ (PKIX_PL_Object **)&anchor,
+ plContext),
+ PKIX_COULDNOTCREATETRUSTANCHOROBJECT);
+
+ /* initialize fields */
+ anchor->trustedCert = NULL;
+
+ PKIX_INCREF(name);
+ anchor->caName = name;
+
+ PKIX_INCREF(pubKey);
+ anchor->caPubKey = pubKey;
+
+ PKIX_INCREF(nameConstraints);
+ anchor->nameConstraints = nameConstraints;
+
+ *pAnchor = anchor;
+ anchor = NULL;
+cleanup:
+
+ PKIX_DECREF(anchor);
+
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetTrustedCert (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetTrustedCert(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ PKIX_ENTER(TRUSTANCHOR, "PKIX_TrustAnchor_GetTrustedCert");
+ PKIX_NULLCHECK_TWO(anchor, pCert);
+
+ PKIX_INCREF(anchor->trustedCert);
+
+ *pCert = anchor->trustedCert;
+
+cleanup:
+ PKIX_RETURN(TRUSTANCHOR);
+
+}
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetCAName (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetCAName(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_X500Name **pCAName,
+ void *plContext)
+{
+ PKIX_ENTER(TRUSTANCHOR, "PKIX_TrustAnchor_GetCAName");
+ PKIX_NULLCHECK_TWO(anchor, pCAName);
+
+ PKIX_INCREF(anchor->caName);
+
+ *pCAName = anchor->caName;
+
+cleanup:
+ PKIX_RETURN(TRUSTANCHOR);
+
+}
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetCAPublicKey (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetCAPublicKey(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_PublicKey **pPubKey,
+ void *plContext)
+{
+ PKIX_ENTER(TRUSTANCHOR, "PKIX_TrustAnchor_GetCAPublicKey");
+ PKIX_NULLCHECK_TWO(anchor, pPubKey);
+
+ PKIX_INCREF(anchor->caPubKey);
+
+ *pPubKey = anchor->caPubKey;
+
+cleanup:
+ PKIX_RETURN(TRUSTANCHOR);
+}
+
+/*
+ * FUNCTION: PKIX_TrustAnchor_GetNameConstraints
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_TrustAnchor_GetNameConstraints(
+ PKIX_TrustAnchor *anchor,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext)
+{
+ PKIX_ENTER(TRUSTANCHOR, "PKIX_TrustAnchor_GetNameConstraints");
+ PKIX_NULLCHECK_TWO(anchor, pNameConstraints);
+
+ PKIX_INCREF(anchor->nameConstraints);
+
+ *pNameConstraints = anchor->nameConstraints;
+
+cleanup:
+ PKIX_RETURN(TRUSTANCHOR);
+}
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_trustanchor.h b/security/nss/lib/libpkix/pkix/params/pkix_trustanchor.h
new file mode 100755
index 000000000..e3ceb7fd3
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_trustanchor.h
@@ -0,0 +1,35 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_trustanchor.h
+ *
+ * TrustAnchor Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_TRUSTANCHOR_H
+#define _PKIX_TRUSTANCHOR_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_TrustAnchorStruct {
+ PKIX_PL_Cert *trustedCert;
+ PKIX_PL_X500Name *caName;
+ PKIX_PL_PublicKey *caPubKey;
+ PKIX_PL_CertNameConstraints *nameConstraints;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_TrustAnchor_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_TRUSTANCHOR_H */
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_valparams.c b/security/nss/lib/libpkix/pkix/params/pkix_valparams.c
new file mode 100755
index 000000000..83c3d2b08
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_valparams.c
@@ -0,0 +1,335 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_valparams.c
+ *
+ * Validate Params Object Functions
+ *
+ */
+
+#include "pkix_valparams.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_ValidateParams_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateParams_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ValidateParams *params = NULL;
+
+ PKIX_ENTER(VALIDATEPARAMS, "pkix_ValidateParams_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a validate params object */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATEPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTVALIDATEPARAMS);
+
+ params = (PKIX_ValidateParams *)object;
+
+ PKIX_DECREF(params->procParams);
+ PKIX_DECREF(params->chain);
+
+cleanup:
+
+ PKIX_RETURN(VALIDATEPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ValidateParams_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateParams_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_ValidateParams *firstValParams = NULL;
+ PKIX_ValidateParams *secondValParams = NULL;
+
+ PKIX_ENTER(VALIDATEPARAMS, "pkix_ValidateParams_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_VALIDATEPARAMS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTVALIDATEPARAMS);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_VALIDATEPARAMS_TYPE) goto cleanup;
+
+ firstValParams = (PKIX_ValidateParams *)first;
+ secondValParams = (PKIX_ValidateParams *)second;
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstValParams->procParams,
+ (PKIX_PL_Object *)secondValParams->procParams,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstValParams->chain,
+ (PKIX_PL_Object *)secondValParams->chain,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(VALIDATEPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ValidateParams_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateParams_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_ValidateParams *valParams = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 procParamsHash = 0;
+ PKIX_UInt32 chainHash = 0;
+
+ PKIX_ENTER(VALIDATEPARAMS, "pkix_ValidateParams_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATEPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTVALIDATEPARAMS);
+
+ valParams = (PKIX_ValidateParams*)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)valParams->procParams,
+ &procParamsHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)valParams->chain,
+ &chainHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = 31 * procParamsHash + chainHash;
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(VALIDATEPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ValidateParams_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateParams_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_ValidateParams *valParams = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *valParamsString = NULL;
+
+ PKIX_PL_String *procParamsString = NULL;
+ PKIX_PL_String *chainString = NULL;
+
+ PKIX_ENTER(VALIDATEPARAMS, "pkix_ValidateParams_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATEPARAMS_TYPE, plContext),
+ PKIX_OBJECTNOTVALIDATEPARAMS);
+
+ asciiFormat =
+ "[\n"
+ "\tProcessing Params: \n"
+ "\t********BEGIN PROCESSING PARAMS********\n"
+ "\t\t%s\n"
+ "\t********END PROCESSING PARAMS********\n"
+ "\tChain: \t\t%s\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ valParams = (PKIX_ValidateParams*)object;
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)valParams->procParams,
+ &procParamsString,
+ plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)valParams->chain,
+ &chainString,
+ plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&valParamsString,
+ plContext,
+ formatString,
+ procParamsString,
+ chainString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = valParamsString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(procParamsString);
+ PKIX_DECREF(chainString);
+
+ PKIX_RETURN(VALIDATEPARAMS);
+}
+
+/*
+ * FUNCTION: pkix_ValidateParams_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_VALIDATEPARAMS_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ValidateParams_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(VALIDATEPARAMS, "pkix_ValidateParams_RegisterSelf");
+
+ entry.description = "ValidateParams";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_ValidateParams);
+ entry.destructor = pkix_ValidateParams_Destroy;
+ entry.equalsFunction = pkix_ValidateParams_Equals;
+ entry.hashcodeFunction = pkix_ValidateParams_Hashcode;
+ entry.toStringFunction = pkix_ValidateParams_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_VALIDATEPARAMS_TYPE] = entry;
+
+ PKIX_RETURN(VALIDATEPARAMS);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_ValidateParams_Create (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ValidateParams_Create(
+ PKIX_ProcessingParams *procParams,
+ PKIX_List *chain,
+ PKIX_ValidateParams **pParams,
+ void *plContext)
+{
+ PKIX_ValidateParams *params = NULL;
+
+ PKIX_ENTER(VALIDATEPARAMS, "PKIX_ValidateParams_Create");
+ PKIX_NULLCHECK_THREE(procParams, chain, pParams);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_VALIDATEPARAMS_TYPE,
+ sizeof (PKIX_ValidateParams),
+ (PKIX_PL_Object **)&params,
+ plContext),
+ PKIX_COULDNOTCREATEVALIDATEPARAMSOBJECT);
+
+ /* initialize fields */
+ PKIX_INCREF(procParams);
+ params->procParams = procParams;
+
+ PKIX_INCREF(chain);
+ params->chain = chain;
+
+ *pParams = params;
+ params = NULL;
+
+cleanup:
+
+ PKIX_DECREF(params);
+
+ PKIX_RETURN(VALIDATEPARAMS);
+
+}
+
+/*
+ * FUNCTION: PKIX_ValidateParams_GetProcessingParams
+ * (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ValidateParams_GetProcessingParams(
+ PKIX_ValidateParams *valParams,
+ PKIX_ProcessingParams **pProcParams,
+ void *plContext)
+{
+ PKIX_ENTER(VALIDATEPARAMS, "PKIX_ValidateParams_GetProcessingParams");
+ PKIX_NULLCHECK_TWO(valParams, pProcParams);
+
+ PKIX_INCREF(valParams->procParams);
+
+ *pProcParams = valParams->procParams;
+
+cleanup:
+ PKIX_RETURN(VALIDATEPARAMS);
+}
+
+/*
+ * FUNCTION: PKIX_ValidateParams_GetCertChain (see comments in pkix_params.h)
+ */
+PKIX_Error *
+PKIX_ValidateParams_GetCertChain(
+ PKIX_ValidateParams *valParams,
+ PKIX_List **pChain,
+ void *plContext)
+{
+ PKIX_ENTER(VALIDATEPARAMS, "PKIX_ValidateParams_GetCertChain");
+ PKIX_NULLCHECK_TWO(valParams, pChain);
+
+ PKIX_INCREF(valParams->chain);
+
+ *pChain = valParams->chain;
+
+cleanup:
+ PKIX_RETURN(VALIDATEPARAMS);
+}
diff --git a/security/nss/lib/libpkix/pkix/params/pkix_valparams.h b/security/nss/lib/libpkix/pkix/params/pkix_valparams.h
new file mode 100755
index 000000000..93b754f71
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/params/pkix_valparams.h
@@ -0,0 +1,33 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_valparams.h
+ *
+ * ValidateParams Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_VALIDATEPARAMS_H
+#define _PKIX_VALIDATEPARAMS_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_ValidateParamsStruct {
+ PKIX_ProcessingParams *procParams; /* Never NULL */
+ PKIX_List *chain; /* Never NULL */
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_ValidateParams_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_VALIDATEPARAMS_H */
diff --git a/security/nss/lib/libpkix/pkix/results/Makefile b/security/nss/lib/libpkix/pkix/results/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/results/config.mk b/security/nss/lib/libpkix/pkix/results/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/results/exports.gyp b/security/nss/lib/libpkix/pkix/results/exports.gyp
new file mode 100644
index 000000000..dfff68903
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/exports.gyp
@@ -0,0 +1,28 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_results_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_buildresult.h',
+ 'pkix_policynode.h',
+ 'pkix_valresult.h',
+ 'pkix_verifynode.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/results/manifest.mn b/security/nss/lib/libpkix/pkix/results/manifest.mn
new file mode 100755
index 000000000..c082ada1f
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/manifest.mn
@@ -0,0 +1,27 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_buildresult.h \
+ pkix_policynode.h \
+ pkix_valresult.h \
+ pkix_verifynode.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_buildresult.c \
+ pkix_policynode.c \
+ pkix_valresult.c \
+ pkix_verifynode.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixresults
+
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_buildresult.c b/security/nss/lib/libpkix/pkix/results/pkix_buildresult.c
new file mode 100755
index 000000000..7d35119bc
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_buildresult.c
@@ -0,0 +1,362 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_buildresult.c
+ *
+ * BuildResult Object Functions
+ *
+ */
+
+#include "pkix_buildresult.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_BuildResult_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_BuildResult_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_BuildResult *result = NULL;
+
+ PKIX_ENTER(BUILDRESULT, "pkix_BuildResult_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a build result object */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BUILDRESULT_TYPE, plContext),
+ PKIX_OBJECTNOTBUILDRESULT);
+
+ result = (PKIX_BuildResult *)object;
+
+ PKIX_DECREF(result->valResult);
+ PKIX_DECREF(result->certChain);
+
+cleanup:
+
+ PKIX_RETURN(BUILDRESULT);
+}
+
+/*
+ * FUNCTION: pkix_BuildResult_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_BuildResult_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_BuildResult *firstBuildResult = NULL;
+ PKIX_BuildResult *secondBuildResult = NULL;
+
+ PKIX_ENTER(BUILDRESULT, "pkix_BuildResult_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_BUILDRESULT_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTBUILDRESULT);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_BUILDRESULT_TYPE) goto cleanup;
+
+ firstBuildResult = (PKIX_BuildResult *)first;
+ secondBuildResult = (PKIX_BuildResult *)second;
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstBuildResult->valResult,
+ (PKIX_PL_Object *)secondBuildResult->valResult,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstBuildResult->certChain,
+ (PKIX_PL_Object *)secondBuildResult->certChain,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ /*
+ * The remaining case is that both are null,
+ * which we consider equality.
+ * cmpResult = PKIX_TRUE;
+ */
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(BUILDRESULT);
+}
+
+/*
+ * FUNCTION: pkix_BuildResult_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_BuildResult_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_BuildResult *buildResult = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 valResultHash = 0;
+ PKIX_UInt32 certChainHash = 0;
+
+ PKIX_ENTER(BUILDRESULT, "pkix_BuildResult_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BUILDRESULT_TYPE, plContext),
+ PKIX_OBJECTNOTBUILDRESULT);
+
+ buildResult = (PKIX_BuildResult*)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)buildResult->valResult,
+ &valResultHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)buildResult->certChain,
+ &certChainHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = 31*(31 * valResultHash + certChainHash);
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(BUILDRESULT);
+}
+
+/*
+ * FUNCTION: pkix_BuildResult_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_BuildResult_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_BuildResult *buildResult = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *buildResultString = NULL;
+
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_List *certChain = NULL;
+
+ PKIX_PL_String *valResultString = NULL;
+ PKIX_PL_String *certChainString = NULL;
+
+ char *asciiFormat =
+ "[\n"
+ "\tValidateResult: \t\t%s"
+ "\tCertChain: \t\t%s\n"
+ "]\n";
+
+ PKIX_ENTER(BUILDRESULT, "pkix_BuildResult_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BUILDRESULT_TYPE, plContext),
+ PKIX_OBJECTNOTBUILDRESULT);
+
+ buildResult = (PKIX_BuildResult*)object;
+
+ valResult = buildResult->valResult;
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)valResult, &valResultString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ certChain = buildResult->certChain;
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)certChain, &certChainString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&buildResultString,
+ plContext,
+ formatString,
+ valResultString,
+ certChainString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = buildResultString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(valResultString);
+ PKIX_DECREF(certChainString);
+
+ PKIX_RETURN(BUILDRESULT);
+}
+
+/*
+ * FUNCTION: pkix_BuildResult_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_BUILDRESULT_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_BuildResult_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(BUILDRESULT, "pkix_BuildResult_RegisterSelf");
+
+ entry.description = "BuildResult";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_BuildResult);
+ entry.destructor = pkix_BuildResult_Destroy;
+ entry.equalsFunction = pkix_BuildResult_Equals;
+ entry.hashcodeFunction = pkix_BuildResult_Hashcode;
+ entry.toStringFunction = pkix_BuildResult_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_BUILDRESULT_TYPE] = entry;
+
+ PKIX_RETURN(BUILDRESULT);
+}
+
+/*
+ * FUNCTION: pkix_BuildResult_Create
+ * DESCRIPTION:
+ *
+ * Creates a new BuildResult Object using the ValidateResult pointed to by
+ * "valResult" and the List pointed to by "certChain", and stores it at
+ * "pResult".
+ *
+ * PARAMETERS
+ * "valResult"
+ * Address of ValidateResult component. Must be non-NULL.
+ * "certChain
+ * Address of List component. Must be non-NULL.
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_BuildResult_Create(
+ PKIX_ValidateResult *valResult,
+ PKIX_List *certChain,
+ PKIX_BuildResult **pResult,
+ void *plContext)
+{
+ PKIX_BuildResult *result = NULL;
+
+ PKIX_ENTER(BUILDRESULT, "pkix_BuildResult_Create");
+ PKIX_NULLCHECK_THREE(valResult, certChain, pResult);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_BUILDRESULT_TYPE,
+ sizeof (PKIX_BuildResult),
+ (PKIX_PL_Object **)&result,
+ plContext),
+ PKIX_COULDNOTCREATEBUILDRESULTOBJECT);
+
+ /* initialize fields */
+
+ PKIX_INCREF(valResult);
+ result->valResult = valResult;
+
+ PKIX_INCREF(certChain);
+ result->certChain = certChain;
+
+ PKIX_CHECK(PKIX_List_SetImmutable(result->certChain, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pResult = result;
+ result = NULL;
+
+cleanup:
+
+ PKIX_DECREF(result);
+
+ PKIX_RETURN(BUILDRESULT);
+
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+
+/*
+ * FUNCTION: PKIX_BuildResult_GetValidateResult
+ * (see comments in pkix_result.h)
+ */
+PKIX_Error *
+PKIX_BuildResult_GetValidateResult(
+ PKIX_BuildResult *result,
+ PKIX_ValidateResult **pResult,
+ void *plContext)
+{
+ PKIX_ENTER(BUILDRESULT, "PKIX_BuildResult_GetValidateResult");
+ PKIX_NULLCHECK_TWO(result, pResult);
+
+ PKIX_INCREF(result->valResult);
+ *pResult = result->valResult;
+
+cleanup:
+ PKIX_RETURN(BUILDRESULT);
+}
+
+
+
+/*
+ * FUNCTION: PKIX_BuildResult_GetCertChain
+ * (see comments in pkix_result.h)
+ */
+PKIX_Error *
+PKIX_BuildResult_GetCertChain(
+ PKIX_BuildResult *result,
+ PKIX_List **pChain,
+ void *plContext)
+{
+ PKIX_ENTER(BUILDRESULT, "PKIX_BuildResult_GetCertChain");
+ PKIX_NULLCHECK_TWO(result, pChain);
+
+ PKIX_INCREF(result->certChain);
+ *pChain = result->certChain;
+
+cleanup:
+ PKIX_RETURN(BUILDRESULT);
+}
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_buildresult.h b/security/nss/lib/libpkix/pkix/results/pkix_buildresult.h
new file mode 100755
index 000000000..b43f12ba1
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_buildresult.h
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_buildresult.h
+ *
+ * BuildResult Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_BUILDRESULT_H
+#define _PKIX_BUILDRESULT_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_BuildResultStruct {
+ PKIX_ValidateResult *valResult;
+ PKIX_List *certChain;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_BuildResult_Create(
+ PKIX_ValidateResult *valResult,
+ PKIX_List *certChain,
+ PKIX_BuildResult **pResult,
+ void *plContext);
+
+PKIX_Error *pkix_BuildResult_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_BUILDRESULT_H */
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_policynode.c b/security/nss/lib/libpkix/pkix/results/pkix_policynode.c
new file mode 100755
index 000000000..fd8cee982
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_policynode.c
@@ -0,0 +1,1377 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_policynode.c
+ *
+ * Policy Node Object Type Definition
+ *
+ */
+
+#include "pkix_policynode.h"
+
+/* --Private-PolicyNode-Functions---------------------------------- */
+
+/*
+ * FUNCTION: pkix_PolicyNode_GetChildrenMutable
+ * DESCRIPTION:
+ *
+ * Retrieves the List of PolicyNodes representing the child nodes of the
+ * Policy Node pointed to by "node" and stores it at "pChildren". If "node"
+ * has no List of child nodes, this function stores NULL at "pChildren".
+ *
+ * Note that the List returned by this function may be mutable. This function
+ * differs from the public function PKIX_PolicyNode_GetChildren in that
+ * respect. (It also differs in that the public function creates an empty
+ * List, if necessary, rather than storing NULL.)
+ *
+ * During certificate processing, children Lists are created and modified.
+ * Once the list is accessed using the public call, the List is set immutable.
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode whose child nodes are to be stored.
+ * Must be non-NULL.
+ * "pChildren"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_PolicyNode_GetChildrenMutable(
+ PKIX_PolicyNode *node,
+ PKIX_List **pChildren, /* list of PKIX_PolicyNode */
+ void *plContext)
+{
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_GetChildrenMutable");
+
+ PKIX_NULLCHECK_TWO(node, pChildren);
+
+ PKIX_INCREF(node->children);
+
+ *pChildren = node->children;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_Create
+ * DESCRIPTION:
+ *
+ * Creates a new PolicyNode using the OID pointed to by "validPolicy", the List
+ * of CertPolicyQualifiers pointed to by "qualifierSet", the criticality
+ * indicated by the Boolean value of "criticality", and the List of OIDs
+ * pointed to by "expectedPolicySet", and stores the result at "pObject". The
+ * criticality should be derived from whether the certificate policy extension
+ * was marked as critical in the certificate that led to creation of this
+ * PolicyNode. The "qualifierSet" and "expectedPolicySet" Lists are made
+ * immutable. The PolicyNode pointers to parent and to children are initialized
+ * to NULL, and the depth is set to zero; those values should be set by using
+ * the pkix_PolicyNode_AddToParent function.
+ *
+ * PARAMETERS
+ * "validPolicy"
+ * Address of OID of the valid policy for the path. Must be non-NULL
+ * "qualifierSet"
+ * Address of List of CertPolicyQualifiers associated with the validpolicy.
+ * May be NULL
+ * "criticality"
+ * Boolean indicator of whether the criticality should be set in this
+ * PolicyNode
+ * "expectedPolicySet"
+ * Address of List of OIDs that would satisfy this policy in the next
+ * certificate. Must be non-NULL
+ * "pObject"
+ * Address where the PolicyNode pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_PolicyNode_Create(
+ PKIX_PL_OID *validPolicy,
+ PKIX_List *qualifierSet,
+ PKIX_Boolean criticality,
+ PKIX_List *expectedPolicySet,
+ PKIX_PolicyNode **pObject,
+ void *plContext)
+{
+ PKIX_PolicyNode *node = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_Create");
+
+ PKIX_NULLCHECK_THREE(validPolicy, expectedPolicySet, pObject);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTPOLICYNODE_TYPE,
+ sizeof (PKIX_PolicyNode),
+ (PKIX_PL_Object **)&node,
+ plContext),
+ PKIX_COULDNOTCREATEPOLICYNODEOBJECT);
+
+ PKIX_INCREF(validPolicy);
+ node->validPolicy = validPolicy;
+
+ PKIX_INCREF(qualifierSet);
+ node->qualifierSet = qualifierSet;
+ if (qualifierSet) {
+ PKIX_CHECK(PKIX_List_SetImmutable(qualifierSet, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+ }
+
+ node->criticality = criticality;
+
+ PKIX_INCREF(expectedPolicySet);
+ node->expectedPolicySet = expectedPolicySet;
+ PKIX_CHECK(PKIX_List_SetImmutable(expectedPolicySet, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ node->parent = NULL;
+ node->children = NULL;
+ node->depth = 0;
+
+ *pObject = node;
+ node = NULL;
+
+cleanup:
+
+ PKIX_DECREF(node);
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_AddToParent
+ * DESCRIPTION:
+ *
+ * Adds the PolicyNode pointed to by "child" to the List of children of
+ * the PolicyNode pointed to by "parentNode". If "parentNode" had a
+ * NULL pointer for the List of children, a new List is created containing
+ * "child". Otherwise "child" is appended to the existing List. The
+ * parent field in "child" is set to "parent", and the depth field is
+ * set to one more than the corresponding value in "parent".
+ *
+ * Depth, in this context, means distance from the root node, which
+ * is at depth zero.
+ *
+ * PARAMETERS:
+ * "parentNode"
+ * Address of PolicyNode whose List of child PolicyNodes is to be
+ * created or appended to. Must be non-NULL.
+ * "child"
+ * Address of PolicyNode to be added to parentNode's List. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_PolicyNode_AddToParent(
+ PKIX_PolicyNode *parentNode,
+ PKIX_PolicyNode *child,
+ void *plContext)
+{
+ PKIX_List *listOfChildren = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_AddToParent");
+
+ PKIX_NULLCHECK_TWO(parentNode, child);
+
+ listOfChildren = parentNode->children;
+ if (listOfChildren == NULL) {
+ PKIX_CHECK(PKIX_List_Create(&listOfChildren, plContext),
+ PKIX_LISTCREATEFAILED);
+ parentNode->children = listOfChildren;
+ }
+
+ /*
+ * Note: this link is not reference-counted. The link from parent
+ * to child is counted (actually, the parent "owns" a List which
+ * "owns" children), but the children do not "own" the parent.
+ * Otherwise, there would be loops.
+ */
+ child->parent = parentNode;
+
+ child->depth = 1 + (parentNode->depth);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (listOfChildren, (PKIX_PL_Object *)child, plContext),
+ PKIX_COULDNOTAPPENDCHILDTOPARENTSPOLICYNODELIST);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)parentNode, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)child, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_Prune
+ * DESCRIPTION:
+ *
+ * Prunes a tree below the PolicyNode whose address is pointed to by "node",
+ * using the UInt32 value of "height" as the distance from the leaf level,
+ * and storing at "pDelete" the Boolean value of whether this PolicyNode is,
+ * after pruning, childless and should be pruned.
+ *
+ * Any PolicyNode at height 0 is allowed to survive. If the height is greater
+ * than zero, pkix_PolicyNode_Prune is called recursively for each child of
+ * the current PolicyNode. After this process, a node with no children
+ * stores PKIX_TRUE in "pDelete" to indicate that it should be deleted.
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of the PolicyNode to be pruned. Must be non-NULL.
+ * "height"
+ * UInt32 value for the distance from the leaf level
+ * "pDelete"
+ * Address to store the Boolean return value of PKIX_TRUE if this node
+ * should be pruned, or PKIX_FALSE if there remains at least one
+ * branch of the required height. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_PolicyNode_Prune(
+ PKIX_PolicyNode *node,
+ PKIX_UInt32 height,
+ PKIX_Boolean *pDelete,
+ void *plContext)
+{
+ PKIX_Boolean childless = PKIX_FALSE;
+ PKIX_Boolean shouldBePruned = PKIX_FALSE;
+ PKIX_UInt32 listSize = 0;
+ PKIX_UInt32 listIndex = 0;
+ PKIX_PolicyNode *candidate = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_Prune");
+
+ PKIX_NULLCHECK_TWO(node, pDelete);
+
+ /* Don't prune at the leaf */
+ if (height == 0) {
+ goto cleanup;
+ }
+
+ /* Above the bottom level, childless nodes get pruned */
+ if (!(node->children)) {
+ childless = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * This node has children. If they are leaf nodes,
+ * we know they will live. Otherwise, check them out.
+ */
+ if (height > 1) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (node->children, &listSize, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ /*
+ * By working backwards from the end of the list,
+ * we avoid having to worry about possible
+ * decreases in the size of the list, as we
+ * delete items. The only nuisance is that since the
+ * index is UInt32, we can't check for it to reach -1;
+ * we have to use the 1-based index, rather than the
+ * 0-based index that PKIX_List functions require.
+ */
+ for (listIndex = listSize; listIndex > 0; listIndex--) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (node->children,
+ (listIndex - 1),
+ (PKIX_PL_Object **)&candidate,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyNode_Prune
+ (candidate,
+ height - 1,
+ &shouldBePruned,
+ plContext),
+ PKIX_POLICYNODEPRUNEFAILED);
+
+ if (shouldBePruned == PKIX_TRUE) {
+ PKIX_CHECK(PKIX_List_DeleteItem
+ (node->children,
+ (listIndex - 1),
+ plContext),
+ PKIX_LISTDELETEITEMFAILED);
+ }
+
+ PKIX_DECREF(candidate);
+ }
+ }
+
+ /* Prune if this node has *become* childless */
+ PKIX_CHECK(PKIX_List_GetLength
+ (node->children, &listSize, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ if (listSize == 0) {
+ childless = PKIX_TRUE;
+ }
+
+ /*
+ * Even if we did not change this node, or any of its children,
+ * maybe a [great-]*grandchild was pruned.
+ */
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)node, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+ *pDelete = childless;
+
+ PKIX_DECREF(candidate);
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_SinglePolicyNode_ToString
+ * DESCRIPTION:
+ *
+ * Creates a String representation of the attributes of the PolicyNode
+ * pointed to by "node", other than its parents or children, and
+ * stores the result at "pString".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode to be described by the string. Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+PKIX_Error *
+pkix_SinglePolicyNode_ToString(
+ PKIX_PolicyNode *node,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *fmtString = NULL;
+ PKIX_PL_String *validString = NULL;
+ PKIX_PL_String *qualifierString = NULL;
+ PKIX_PL_String *criticalityString = NULL;
+ PKIX_PL_String *expectedString = NULL;
+ PKIX_PL_String *outString = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_SinglePolicyNode_ToString");
+ PKIX_NULLCHECK_TWO(node, pString);
+ PKIX_NULLCHECK_TWO(node->validPolicy, node->expectedPolicySet);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "{%s,%s,%s,%s,%d}",
+ 0,
+ &fmtString,
+ plContext),
+ PKIX_CANTCREATESTRING);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)(node->validPolicy),
+ &validString,
+ plContext),
+ PKIX_OIDTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)(node->expectedPolicySet),
+ &expectedString,
+ plContext),
+ PKIX_LISTTOSTRINGFAILED);
+
+ if (node->qualifierSet) {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)(node->qualifierSet),
+ &qualifierString,
+ plContext),
+ PKIX_LISTTOSTRINGFAILED);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "{}",
+ 0,
+ &qualifierString,
+ plContext),
+ PKIX_CANTCREATESTRING);
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ (node->criticality)?"Critical":"Not Critical",
+ 0,
+ &criticalityString,
+ plContext),
+ PKIX_CANTCREATESTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString,
+ plContext,
+ fmtString,
+ validString,
+ qualifierString,
+ criticalityString,
+ expectedString,
+ node->depth),
+ PKIX_SPRINTFFAILED);
+
+ *pString = outString;
+
+cleanup:
+
+ PKIX_DECREF(fmtString);
+ PKIX_DECREF(validString);
+ PKIX_DECREF(qualifierString);
+ PKIX_DECREF(criticalityString);
+ PKIX_DECREF(expectedString);
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Produces a String representation of a PolicyNode tree below the PolicyNode
+ * pointed to by "rootNode", with each line of output prefixed by the String
+ * pointed to by "indent", and stores the result at "pTreeString". It is
+ * called recursively, with ever-increasing indentation, for successively
+ * lower nodes on the tree.
+ *
+ * PARAMETERS:
+ * "rootNode"
+ * Address of PolicyNode subtree. Must be non-NULL.
+ * "indent"
+ * Address of String to be prefixed to each line of output. May be NULL
+ * if no indentation is desired
+ * "pTreeString"
+ * Address where the resulting String will be stored; must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_PolicyNode_ToString_Helper(
+ PKIX_PolicyNode *rootNode,
+ PKIX_PL_String *indent,
+ PKIX_PL_String **pTreeString,
+ void *plContext)
+{
+ PKIX_PL_String *nextIndentFormat = NULL;
+ PKIX_PL_String *thisNodeFormat = NULL;
+ PKIX_PL_String *childrenFormat = NULL;
+ PKIX_PL_String *nextIndentString = NULL;
+ PKIX_PL_String *resultString = NULL;
+ PKIX_PL_String *thisItemString = NULL;
+ PKIX_PL_String *childString = NULL;
+ PKIX_PolicyNode *childNode = NULL;
+ PKIX_UInt32 numberOfChildren = 0;
+ PKIX_UInt32 childIndex = 0;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_ToString_Helper");
+
+ PKIX_NULLCHECK_TWO(rootNode, pTreeString);
+
+ /* Create a string for this node */
+ PKIX_CHECK(pkix_SinglePolicyNode_ToString
+ (rootNode, &thisItemString, plContext),
+ PKIX_ERRORINSINGLEPOLICYNODETOSTRING);
+
+ if (indent) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s%s",
+ 0,
+ &thisNodeFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ thisNodeFormat,
+ indent,
+ thisItemString),
+ PKIX_ERRORINSPRINTF);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s",
+ 0,
+ &thisNodeFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ thisNodeFormat,
+ thisItemString),
+ PKIX_ERRORINSPRINTF);
+ }
+
+ PKIX_DECREF(thisItemString);
+ thisItemString = resultString;
+
+ /* if no children, we are done */
+ if (rootNode->children) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (rootNode->children, &numberOfChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ if (numberOfChildren != 0) {
+ /*
+ * We create a string for each child in turn,
+ * concatenating them to thisItemString.
+ */
+
+ /* Prepare an indent string for each child */
+ if (indent) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s. ",
+ 0,
+ &nextIndentFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&nextIndentString,
+ plContext,
+ nextIndentFormat,
+ indent),
+ PKIX_ERRORINSPRINTF);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ ". ",
+ 0,
+ &nextIndentString,
+ plContext),
+ PKIX_ERRORCREATINGINDENTSTRING);
+ }
+
+ /* Prepare the format for concatenation. */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s\n%s",
+ 0,
+ &childrenFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ for (childIndex = 0;
+ childIndex < numberOfChildren;
+ childIndex++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (rootNode->children,
+ childIndex,
+ (PKIX_PL_Object **)&childNode,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyNode_ToString_Helper
+ (childNode,
+ nextIndentString,
+ &childString,
+ plContext),
+ PKIX_ERRORCREATINGCHILDSTRING);
+
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ childrenFormat,
+ thisItemString,
+ childString),
+ PKIX_ERRORINSPRINTF);
+
+ PKIX_DECREF(childNode);
+ PKIX_DECREF(childString);
+ PKIX_DECREF(thisItemString);
+
+ thisItemString = resultString;
+ }
+ }
+
+ *pTreeString = thisItemString;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(thisItemString);
+ }
+
+ PKIX_DECREF(nextIndentFormat);
+ PKIX_DECREF(thisNodeFormat);
+ PKIX_DECREF(childrenFormat);
+ PKIX_DECREF(nextIndentString);
+ PKIX_DECREF(childString);
+ PKIX_DECREF(childNode);
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyNode_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pTreeString,
+ void *plContext)
+{
+ PKIX_PolicyNode *rootNode = NULL;
+ PKIX_PL_String *resultString = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_ToString");
+
+ PKIX_NULLCHECK_TWO(object, pTreeString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTPOLICYNODE);
+
+ rootNode = (PKIX_PolicyNode *)object;
+
+ PKIX_CHECK(pkix_PolicyNode_ToString_Helper
+ (rootNode, NULL, &resultString, plContext),
+ PKIX_ERRORCREATINGSUBTREESTRING);
+
+ *pTreeString = resultString;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyNode_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PolicyNode *node = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTPOLICYNODE);
+
+ node = (PKIX_PolicyNode*)object;
+
+ node->criticality = PKIX_FALSE;
+ PKIX_DECREF(node->validPolicy);
+ PKIX_DECREF(node->qualifierSet);
+ PKIX_DECREF(node->expectedPolicySet);
+ PKIX_DECREF(node->children);
+
+ /*
+ * Note: the link to parent is not reference-counted. See comment
+ * in pkix_PolicyNode_AddToParent for more details.
+ */
+ node->parent = NULL;
+ node->depth = 0;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_SinglePolicyNode_Hashcode
+ * DESCRIPTION:
+ *
+ * Computes the hashcode of the attributes of the PolicyNode pointed to by
+ * "node", other than its parents and children, and stores the result at
+ * "pHashcode".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of PolicyNode to be hashcoded; must be non-NULL
+ * "pHashcode"
+ * Address where UInt32 result will be stored; must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+static PKIX_Error *
+pkix_SinglePolicyNode_Hashcode(
+ PKIX_PolicyNode *node,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 componentHash = 0;
+ PKIX_UInt32 nodeHash = 0;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_SinglePolicyNode_Hashcode");
+ PKIX_NULLCHECK_TWO(node, pHashcode);
+ PKIX_NULLCHECK_TWO(node->validPolicy, node->expectedPolicySet);
+
+ PKIX_HASHCODE
+ (node->qualifierSet,
+ &nodeHash,
+ plContext,
+ PKIX_FAILUREHASHINGLISTQUALIFIERSET);
+
+ if (PKIX_TRUE == (node->criticality)) {
+ nodeHash = 31*nodeHash + 0xff;
+ } else {
+ nodeHash = 31*nodeHash + 0x00;
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)node->validPolicy,
+ &componentHash,
+ plContext),
+ PKIX_FAILUREHASHINGOIDVALIDPOLICY);
+
+ nodeHash = 31*nodeHash + componentHash;
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)node->expectedPolicySet,
+ &componentHash,
+ plContext),
+ PKIX_FAILUREHASHINGLISTEXPECTEDPOLICYSET);
+
+ nodeHash = 31*nodeHash + componentHash;
+
+ *pHashcode = nodeHash;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyNode_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PolicyNode *node = NULL;
+ PKIX_UInt32 childrenHash = 0;
+ PKIX_UInt32 nodeHash = 0;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTPOLICYNODE);
+
+ node = (PKIX_PolicyNode *)object;
+
+ PKIX_CHECK(pkix_SinglePolicyNode_Hashcode
+ (node, &nodeHash, plContext),
+ PKIX_SINGLEPOLICYNODEHASHCODEFAILED);
+
+ nodeHash = 31*nodeHash + (PKIX_UInt32)((char *)node->parent - (char *)NULL);
+
+ PKIX_HASHCODE
+ (node->children,
+ &childrenHash,
+ plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ nodeHash = 31*nodeHash + childrenHash;
+
+ *pHashcode = nodeHash;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_SinglePolicyNode_Equals
+ * DESCRIPTION:
+ *
+ * Compares for equality the components of the PolicyNode pointed to by
+ * "firstPN", other than its parents and children, with those of the
+ * PolicyNode pointed to by "secondPN" and stores the result at "pResult"
+ * (PKIX_TRUE if equal; PKIX_FALSE if not).
+ *
+ * PARAMETERS:
+ * "firstPN"
+ * Address of first of the PolicyNodes to be compared; must be non-NULL
+ * "secondPN"
+ * Address of second of the PolicyNodes to be compared; must be non-NULL
+ * "pResult"
+ * Address where Boolean will be stored; must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+static PKIX_Error *
+pkix_SinglePolicyNode_Equals(
+ PKIX_PolicyNode *firstPN,
+ PKIX_PolicyNode *secondPN,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_Boolean compResult = PKIX_FALSE;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_SinglePolicyNode_Equals");
+ PKIX_NULLCHECK_THREE(firstPN, secondPN, pResult);
+
+ /* If both references are identical, they must be equal */
+ if (firstPN == secondPN) {
+ compResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * It seems we have to do the comparisons. Do
+ * the easiest ones first.
+ */
+ if ((firstPN->criticality) != (secondPN->criticality)) {
+ goto cleanup;
+ }
+ if ((firstPN->depth) != (secondPN->depth)) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS
+ (firstPN->qualifierSet,
+ secondPN->qualifierSet,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (compResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ /* These fields must be non-NULL */
+ PKIX_NULLCHECK_TWO(firstPN->validPolicy, secondPN->validPolicy);
+
+ PKIX_EQUALS
+ (firstPN->validPolicy,
+ secondPN->validPolicy,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (compResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ /* These fields must be non-NULL */
+ PKIX_NULLCHECK_TWO
+ (firstPN->expectedPolicySet, secondPN->expectedPolicySet);
+
+ PKIX_EQUALS
+ (firstPN->expectedPolicySet,
+ secondPN->expectedPolicySet,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILEDONEXPECTEDPOLICYSETS);
+
+cleanup:
+
+ *pResult = compResult;
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyNode_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PolicyNode *firstPN = NULL;
+ PKIX_PolicyNode *secondPN = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean compResult = PKIX_FALSE;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a PolicyNode */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CERTPOLICYNODE_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTPOLICYNODE);
+
+ /*
+ * Since we know firstObject is a PolicyNode,
+ * if both references are identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ compResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a PolicyNode, we
+ * don't throw an error. We simply return FALSE.
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ if (secondType != PKIX_CERTPOLICYNODE_TYPE) {
+ goto cleanup;
+ }
+
+ /*
+ * Oh, well, we have to do the comparisons. Do
+ * the easiest ones first.
+ */
+ firstPN = (PKIX_PolicyNode *)firstObject;
+ secondPN = (PKIX_PolicyNode *)secondObject;
+
+ /*
+ * We don't require the parents to be identical. In the
+ * course of traversing the tree, we will have checked the
+ * attributes of the parent nodes, and checking the lists
+ * of children will determine whether they match.
+ */
+
+ PKIX_EQUALS
+ (firstPN->children,
+ secondPN->children,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILEDONCHILDREN);
+
+ if (compResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_SinglePolicyNode_Equals
+ (firstPN, secondPN, &compResult, plContext),
+ PKIX_SINGLEPOLICYNODEEQUALSFAILED);
+
+cleanup:
+
+ *pResult = compResult;
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_DuplicateHelper
+ * DESCRIPTION:
+ *
+ * Duplicates the PolicyNode whose address is pointed to by "original",
+ * and stores the result at "pNewNode", if a non-NULL pointer is provided
+ * for "pNewNode". In addition, the created PolicyNode is added as a child
+ * to "parent", if a non-NULL pointer is provided for "parent". Then this
+ * function is called recursively to duplicate each of the children of
+ * "original". At the top level this function is called with a null
+ * "parent" and a non-NULL "pNewNode". Below the top level "parent" will
+ * be non-NULL and "pNewNode" will be NULL.
+ *
+ * PARAMETERS:
+ * "original"
+ * Address of PolicyNode to be copied; must be non-NULL
+ * "parent"
+ * Address of PolicyNode to which the created node is to be added as a
+ * child; NULL for the top-level call and non-NULL below the top level
+ * "pNewNode"
+ * Address to store the node created; should be NULL if "parent" is
+ * non-NULL and vice versa
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a PolicyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+static PKIX_Error *
+pkix_PolicyNode_DuplicateHelper(
+ PKIX_PolicyNode *original,
+ PKIX_PolicyNode *parent,
+ PKIX_PolicyNode **pNewNode,
+ void *plContext)
+{
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 childIndex = 0;
+ PKIX_List *children = NULL; /* List of PKIX_PolicyNode */
+ PKIX_PolicyNode *copy = NULL;
+ PKIX_PolicyNode *child = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_DuplicateHelper");
+
+ PKIX_NULLCHECK_THREE
+ (original, original->validPolicy, original->expectedPolicySet);
+
+ /*
+ * These components are immutable, so copying the pointers
+ * is sufficient. The create function increments the reference
+ * counts as it stores the pointers into the new object.
+ */
+ PKIX_CHECK(pkix_PolicyNode_Create
+ (original->validPolicy,
+ original->qualifierSet,
+ original->criticality,
+ original->expectedPolicySet,
+ &copy,
+ plContext),
+ PKIX_POLICYNODECREATEFAILED);
+
+ if (parent) {
+ PKIX_CHECK(pkix_PolicyNode_AddToParent(parent, copy, plContext),
+ PKIX_POLICYNODEADDTOPARENTFAILED);
+ }
+
+ /* Are there any children to duplicate? */
+ children = original->children;
+
+ if (children) {
+ PKIX_CHECK(PKIX_List_GetLength(children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ for (childIndex = 0; childIndex < numChildren; childIndex++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (children,
+ childIndex,
+ (PKIX_PL_Object **)&child,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_PolicyNode_DuplicateHelper
+ (child, copy, NULL, plContext),
+ PKIX_POLICYNODEDUPLICATEHELPERFAILED);
+
+ PKIX_DECREF(child);
+ }
+
+ if (pNewNode) {
+ *pNewNode = copy;
+ copy = NULL; /* no DecRef if we give our handle away */
+ }
+
+cleanup:
+ PKIX_DECREF(copy);
+ PKIX_DECREF(child);
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_Duplicate
+ * (see comments for PKIX_PL_Duplicate_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_PolicyNode_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_PolicyNode *original = NULL;
+ PKIX_PolicyNode *copy = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_Duplicate");
+
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTPOLICYNODE);
+
+ original = (PKIX_PolicyNode *)object;
+
+ PKIX_CHECK(pkix_PolicyNode_DuplicateHelper
+ (original, NULL, &copy, plContext),
+ PKIX_POLICYNODEDUPLICATEHELPERFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)copy;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: pkix_PolicyNode_RegisterSelf
+ * DESCRIPTION:
+ *
+ * Registers PKIX_CERTPOLICYNODE_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize,
+ * which should only be called once, it is acceptable that
+ * this function is not thread-safe.
+ */
+PKIX_Error *
+pkix_PolicyNode_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTPOLICYNODE, "pkix_PolicyNode_RegisterSelf");
+
+ entry.description = "PolicyNode";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PolicyNode);
+ entry.destructor = pkix_PolicyNode_Destroy;
+ entry.equalsFunction = pkix_PolicyNode_Equals;
+ entry.hashcodeFunction = pkix_PolicyNode_Hashcode;
+ entry.toStringFunction = pkix_PolicyNode_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_PolicyNode_Duplicate;
+
+ systemClasses[PKIX_CERTPOLICYNODE_TYPE] = entry;
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+
+/* --Public-PolicyNode-Functions----------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetChildren
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetChildren(
+ PKIX_PolicyNode *node,
+ PKIX_List **pChildren, /* list of PKIX_PolicyNode */
+ void *plContext)
+{
+ PKIX_List *children = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_GetChildren");
+
+ PKIX_NULLCHECK_TWO(node, pChildren);
+
+ PKIX_INCREF(node->children);
+ children = node->children;
+
+ if (!children) {
+ PKIX_CHECK(PKIX_List_Create(&children, plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(children, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pChildren = children;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(children);
+ }
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetParent
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetParent(
+ PKIX_PolicyNode *node,
+ PKIX_PolicyNode **pParent,
+ void *plContext)
+{
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_GetParent");
+
+ PKIX_NULLCHECK_TWO(node, pParent);
+
+ PKIX_INCREF(node->parent);
+ *pParent = node->parent;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetValidPolicy
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetValidPolicy(
+ PKIX_PolicyNode *node,
+ PKIX_PL_OID **pValidPolicy,
+ void *plContext)
+{
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_GetValidPolicy");
+
+ PKIX_NULLCHECK_TWO(node, pValidPolicy);
+
+ PKIX_INCREF(node->validPolicy);
+ *pValidPolicy = node->validPolicy;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetPolicyQualifiers
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetPolicyQualifiers(
+ PKIX_PolicyNode *node,
+ PKIX_List **pQualifiers, /* list of PKIX_PL_CertPolicyQualifier */
+ void *plContext)
+{
+ PKIX_List *qualifiers = NULL;
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_GetPolicyQualifiers");
+
+ PKIX_NULLCHECK_TWO(node, pQualifiers);
+
+ PKIX_INCREF(node->qualifierSet);
+ qualifiers = node->qualifierSet;
+
+ if (!qualifiers) {
+ PKIX_CHECK(PKIX_List_Create(&qualifiers, plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(qualifiers, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pQualifiers = qualifiers;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetExpectedPolicies
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetExpectedPolicies(
+ PKIX_PolicyNode *node,
+ PKIX_List **pExpPolicies, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_GetExpectedPolicies");
+
+ PKIX_NULLCHECK_TWO(node, pExpPolicies);
+
+ PKIX_INCREF(node->expectedPolicySet);
+ *pExpPolicies = node->expectedPolicySet;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_PolicyNode_IsCritical
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_IsCritical(
+ PKIX_PolicyNode *node,
+ PKIX_Boolean *pCritical,
+ void *plContext)
+{
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_IsCritical");
+
+ PKIX_NULLCHECK_TWO(node, pCritical);
+
+ *pCritical = node->criticality;
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_PolicyNode_GetDepth
+ * (see description of this function in pkix_results.h)
+ */
+PKIX_Error *
+PKIX_PolicyNode_GetDepth(
+ PKIX_PolicyNode *node,
+ PKIX_UInt32 *pDepth,
+ void *plContext)
+{
+
+ PKIX_ENTER(CERTPOLICYNODE, "PKIX_PolicyNode_GetDepth");
+
+ PKIX_NULLCHECK_TWO(node, pDepth);
+
+ *pDepth = node->depth;
+
+ PKIX_RETURN(CERTPOLICYNODE);
+}
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_policynode.h b/security/nss/lib/libpkix/pkix/results/pkix_policynode.h
new file mode 100755
index 000000000..799b7a60a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_policynode.h
@@ -0,0 +1,74 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_policynode.h
+ *
+ * PolicyNode Type Definitions
+ *
+ */
+
+#ifndef _PKIX_POLICYNODE_H
+#define _PKIX_POLICYNODE_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This structure reflects the contents of a policy node...
+ */
+struct PKIX_PolicyNodeStruct {
+ PKIX_PL_OID *validPolicy;
+ PKIX_List *qualifierSet; /* CertPolicyQualifiers */
+ PKIX_Boolean criticality;
+ PKIX_List *expectedPolicySet; /* OIDs */
+ PKIX_PolicyNode *parent;
+ PKIX_List *children; /* PolicyNodes */
+ PKIX_UInt32 depth;
+};
+
+PKIX_Error *
+pkix_SinglePolicyNode_ToString(
+ PKIX_PolicyNode *node,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+PKIX_Error *
+pkix_PolicyNode_GetChildrenMutable(
+ PKIX_PolicyNode *node,
+ PKIX_List **pChildren, /* PolicyNodes */
+ void *plContext);
+
+PKIX_Error *
+pkix_PolicyNode_Create(
+ PKIX_PL_OID *validPolicy,
+ PKIX_List *qualifierSet, /* CertPolicyQualifiers */
+ PKIX_Boolean criticality,
+ PKIX_List *expectedPolicySet, /* OIDs */
+ PKIX_PolicyNode **pObject,
+ void *plContext);
+
+PKIX_Error *
+pkix_PolicyNode_AddToParent(
+ PKIX_PolicyNode *parentNode,
+ PKIX_PolicyNode *child,
+ void *plContext);
+
+PKIX_Error *
+pkix_PolicyNode_Prune(
+ PKIX_PolicyNode *node,
+ PKIX_UInt32 depth,
+ PKIX_Boolean *pDelete,
+ void *plContext);
+
+PKIX_Error *
+pkix_PolicyNode_RegisterSelf(
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_POLICYNODE_H */
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_valresult.c b/security/nss/lib/libpkix/pkix/results/pkix_valresult.c
new file mode 100755
index 000000000..25b69e59c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_valresult.c
@@ -0,0 +1,442 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_valresult.c
+ *
+ * ValidateResult Object Functions
+ *
+ */
+
+#include "pkix_valresult.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_ValidateResult_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateResult_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ValidateResult *result = NULL;
+
+ PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a validate result object */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATERESULT_TYPE, plContext),
+ PKIX_OBJECTNOTVALIDATERESULT);
+
+ result = (PKIX_ValidateResult *)object;
+
+ PKIX_DECREF(result->anchor);
+ PKIX_DECREF(result->pubKey);
+ PKIX_DECREF(result->policyTree);
+
+cleanup:
+
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: pkix_ValidateResult_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateResult_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_ValidateResult *firstValResult = NULL;
+ PKIX_ValidateResult *secondValResult = NULL;
+ PKIX_TrustAnchor *firstAnchor = NULL;
+ PKIX_TrustAnchor *secondAnchor = NULL;
+ PKIX_PolicyNode *firstTree = NULL;
+ PKIX_PolicyNode *secondTree = NULL;
+
+ PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_VALIDATERESULT_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTVALIDATERESULT);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_VALIDATERESULT_TYPE) goto cleanup;
+
+ firstValResult = (PKIX_ValidateResult *)first;
+ secondValResult = (PKIX_ValidateResult *)second;
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstValResult->pubKey,
+ (PKIX_PL_Object *)secondValResult->pubKey,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (!cmpResult) goto cleanup;
+
+ firstAnchor = firstValResult->anchor;
+ secondAnchor = secondValResult->anchor;
+
+ if ((firstAnchor != NULL) && (secondAnchor != NULL)) {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstAnchor,
+ (PKIX_PL_Object *)secondAnchor,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+ } else {
+ cmpResult = (firstAnchor == secondAnchor);
+ }
+
+ if (!cmpResult) goto cleanup;
+
+ firstTree = firstValResult->policyTree;
+ secondTree = secondValResult->policyTree;
+
+ if ((firstTree != NULL) && (secondTree != NULL)) {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstTree,
+ (PKIX_PL_Object *)secondTree,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+ } else {
+ cmpResult = (firstTree == secondTree);
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: pkix_ValidateResult_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateResult_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 pubKeyHash = 0;
+ PKIX_UInt32 anchorHash = 0;
+ PKIX_UInt32 policyTreeHash = 0;
+
+ PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATERESULT_TYPE, plContext),
+ PKIX_OBJECTNOTVALIDATERESULT);
+
+ valResult = (PKIX_ValidateResult*)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)valResult->pubKey, &pubKeyHash, plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ if (valResult->anchor) {
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)valResult->anchor,
+ &anchorHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+ }
+
+ if (valResult->policyTree) {
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)valResult->policyTree,
+ &policyTreeHash,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+ }
+
+ hash = 31*(31 * pubKeyHash + anchorHash) + policyTreeHash;
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: pkix_ValidateResult_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ValidateResult_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *valResultString = NULL;
+
+ PKIX_TrustAnchor *anchor = NULL;
+ PKIX_PL_PublicKey *pubKey = NULL;
+ PKIX_PolicyNode *policyTree = NULL;
+
+ PKIX_PL_String *anchorString = NULL;
+ PKIX_PL_String *pubKeyString = NULL;
+ PKIX_PL_String *treeString = NULL;
+ char *asciiNullString = "(null)";
+ char *asciiFormat =
+ "[\n"
+ "\tTrustAnchor: \t\t%s"
+ "\tPubKey: \t\t%s\n"
+ "\tPolicyTree: \t\t%s\n"
+ "]\n";
+
+ PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VALIDATERESULT_TYPE, plContext),
+ PKIX_OBJECTNOTVALIDATERESULT);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ valResult = (PKIX_ValidateResult*)object;
+
+ anchor = valResult->anchor;
+
+ if (anchor) {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)anchor, &anchorString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiNullString,
+ 0,
+ &anchorString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ }
+
+ pubKey = valResult->pubKey;
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)pubKey, &pubKeyString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ policyTree = valResult->policyTree;
+
+ if (policyTree) {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)policyTree, &treeString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiNullString,
+ 0,
+ &treeString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&valResultString,
+ plContext,
+ formatString,
+ anchorString,
+ pubKeyString,
+ treeString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = valResultString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(anchorString);
+ PKIX_DECREF(pubKeyString);
+ PKIX_DECREF(treeString);
+
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: pkix_ValidateResult_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_VALIDATERESULT_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ValidateResult_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_RegisterSelf");
+
+ entry.description = "ValidateResult";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_ValidateResult);
+ entry.destructor = pkix_ValidateResult_Destroy;
+ entry.equalsFunction = pkix_ValidateResult_Equals;
+ entry.hashcodeFunction = pkix_ValidateResult_Hashcode;
+ entry.toStringFunction = pkix_ValidateResult_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_VALIDATERESULT_TYPE] = entry;
+
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: pkix_ValidateResult_Create
+ * DESCRIPTION:
+ *
+ * Creates a new ValidateResult Object using the PublicKey pointed to by
+ * "pubKey", the TrustAnchor pointed to by "anchor", and the PolicyNode
+ * pointed to by "policyTree", and stores it at "pResult".
+ *
+ * PARAMETERS
+ * "pubKey"
+ * PublicKey of the desired ValidateResult. Must be non-NULL.
+ * "anchor"
+ * TrustAnchor of the desired Validateresult. May be NULL.
+ * "policyTree"
+ * PolicyNode of the desired ValidateResult; may be NULL
+ * "pResult"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_ValidateResult_Create(
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_TrustAnchor *anchor,
+ PKIX_PolicyNode *policyTree,
+ PKIX_ValidateResult **pResult,
+ void *plContext)
+{
+ PKIX_ValidateResult *result = NULL;
+
+ PKIX_ENTER(VALIDATERESULT, "pkix_ValidateResult_Create");
+ PKIX_NULLCHECK_TWO(pubKey, pResult);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_VALIDATERESULT_TYPE,
+ sizeof (PKIX_ValidateResult),
+ (PKIX_PL_Object **)&result,
+ plContext),
+ PKIX_COULDNOTCREATEVALIDATERESULTOBJECT);
+
+ /* initialize fields */
+
+ PKIX_INCREF(pubKey);
+ result->pubKey = pubKey;
+
+ PKIX_INCREF(anchor);
+ result->anchor = anchor;
+
+ PKIX_INCREF(policyTree);
+ result->policyTree = policyTree;
+
+ *pResult = result;
+ result = NULL;
+
+cleanup:
+
+ PKIX_DECREF(result);
+
+ PKIX_RETURN(VALIDATERESULT);
+
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_ValidateResult_GetPublicKey
+ * (see comments in pkix_result.h)
+ */
+PKIX_Error *
+PKIX_ValidateResult_GetPublicKey(
+ PKIX_ValidateResult *result,
+ PKIX_PL_PublicKey **pPublicKey,
+ void *plContext)
+{
+ PKIX_ENTER(VALIDATERESULT, "PKIX_ValidateResult_GetPublicKey");
+ PKIX_NULLCHECK_TWO(result, pPublicKey);
+
+ PKIX_INCREF(result->pubKey);
+ *pPublicKey = result->pubKey;
+
+cleanup:
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: PKIX_ValidateResult_GetTrustAnchor
+ * (see comments in pkix_result.h)
+ */
+PKIX_Error *
+PKIX_ValidateResult_GetTrustAnchor(
+ PKIX_ValidateResult *result,
+ PKIX_TrustAnchor **pTrustAnchor,
+ void *plContext)
+{
+ PKIX_ENTER(VALIDATERESULT, "PKIX_ValidateResult_GetTrustAnchor");
+ PKIX_NULLCHECK_TWO(result, pTrustAnchor);
+
+ PKIX_INCREF(result->anchor);
+ *pTrustAnchor = result->anchor;
+
+cleanup:
+ PKIX_RETURN(VALIDATERESULT);
+}
+
+/*
+ * FUNCTION: PKIX_ValidateResult_GetPolicyTree
+ * (see comments in pkix_result.h)
+ */
+PKIX_Error *
+PKIX_ValidateResult_GetPolicyTree(
+ PKIX_ValidateResult *result,
+ PKIX_PolicyNode **pPolicyTree,
+ void *plContext)
+{
+ PKIX_ENTER(VALIDATERESULT, "PKIX_ValidateResult_GetPolicyTree");
+ PKIX_NULLCHECK_TWO(result, pPolicyTree);
+
+ PKIX_INCREF(result->policyTree);
+ (*pPolicyTree) = result->policyTree;
+
+cleanup:
+ PKIX_RETURN(VALIDATERESULT);
+}
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_valresult.h b/security/nss/lib/libpkix/pkix/results/pkix_valresult.h
new file mode 100755
index 000000000..8011ae8c8
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_valresult.h
@@ -0,0 +1,43 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_valresult.h
+ *
+ * ValidateResult Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_VALIDATERESULT_H
+#define _PKIX_VALIDATERESULT_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_ValidateResultStruct {
+ PKIX_PL_PublicKey *pubKey;
+ PKIX_TrustAnchor *anchor;
+ PKIX_PolicyNode *policyTree;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_ValidateResult_Create(
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_TrustAnchor *anchor,
+ PKIX_PolicyNode *policyTree,
+ PKIX_ValidateResult **pResult,
+ void *plContext);
+
+PKIX_Error *pkix_ValidateResult_RegisterSelf(void *plContext);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_VALIDATERESULT_H */
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c b/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c
new file mode 100755
index 000000000..b52f83fca
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c
@@ -0,0 +1,1182 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_verifynode.c
+ *
+ * Verify Node Object Type Definition
+ *
+ */
+
+#include "pkix_verifynode.h"
+
+/* --Private-VerifyNode-Functions---------------------------------- */
+
+/*
+ * FUNCTION: pkix_VerifyNode_Create
+ * DESCRIPTION:
+ *
+ * This function creates a VerifyNode using the Cert pointed to by "cert",
+ * the depth given by "depth", and the Error pointed to by "error", storing
+ * the result at "pObject".
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of Cert for the node. Must be non-NULL
+ * "depth"
+ * UInt32 value of the depth for this node.
+ * "error"
+ * Address of Error for the node.
+ * "pObject"
+ * Address where the VerifyNode pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_VerifyNode_Create(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 depth,
+ PKIX_Error *error,
+ PKIX_VerifyNode **pObject,
+ void *plContext)
+{
+ PKIX_VerifyNode *node = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_Create");
+ PKIX_NULLCHECK_TWO(cert, pObject);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_VERIFYNODE_TYPE,
+ sizeof (PKIX_VerifyNode),
+ (PKIX_PL_Object **)&node,
+ plContext),
+ PKIX_COULDNOTCREATEVERIFYNODEOBJECT);
+
+ PKIX_INCREF(cert);
+ node->verifyCert = cert;
+
+ PKIX_INCREF(error);
+ node->error = error;
+
+ node->depth = depth;
+
+ node->children = NULL;
+
+ *pObject = node;
+ node = NULL;
+
+cleanup:
+
+ PKIX_DECREF(node);
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_AddToChain
+ * DESCRIPTION:
+ *
+ * Adds the VerifyNode pointed to by "child", at the appropriate depth, to the
+ * List of children of the VerifyNode pointed to by "parentNode". The chain of
+ * VerifyNodes is traversed until a VerifyNode is found at a depth one less
+ * than that specified in "child". An Error is returned if there is no parent
+ * at a suitable depth.
+ *
+ * If "parentNode" has a NULL pointer for the List of children, a new List is
+ * created containing "child". Otherwise "child" is appended to the existing
+ * List.
+ *
+ * Depth, in this context, means distance from the root node, which
+ * is at depth zero.
+ *
+ * PARAMETERS:
+ * "parentNode"
+ * Address of VerifyNode whose List of child VerifyNodes is to be
+ * created or appended to. Must be non-NULL.
+ * "child"
+ * Address of VerifyNode to be added to parentNode's List. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a VerifyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_VerifyNode_AddToChain(
+ PKIX_VerifyNode *parentNode,
+ PKIX_VerifyNode *child,
+ void *plContext)
+{
+ PKIX_VerifyNode *successor = NULL;
+ PKIX_List *listOfChildren = NULL;
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 parentDepth = 0;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_AddToChain");
+ PKIX_NULLCHECK_TWO(parentNode, child);
+
+ parentDepth = parentNode->depth;
+ listOfChildren = parentNode->children;
+ if (listOfChildren == NULL) {
+
+ if (parentDepth != (child->depth - 1)) {
+ PKIX_ERROR(PKIX_NODESMISSINGFROMCHAIN);
+ }
+
+ PKIX_CHECK(PKIX_List_Create(&listOfChildren, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (listOfChildren, (PKIX_PL_Object *)child, plContext),
+ PKIX_COULDNOTAPPENDCHILDTOPARENTSVERIFYNODELIST);
+
+ parentNode->children = listOfChildren;
+ } else {
+ /* get number of children */
+ PKIX_CHECK(PKIX_List_GetLength
+ (listOfChildren, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numChildren != 1) {
+ PKIX_ERROR(PKIX_AMBIGUOUSPARENTAGEOFVERIFYNODE);
+ }
+
+ /* successor = listOfChildren[0] */
+ PKIX_CHECK(PKIX_List_GetItem
+ (listOfChildren,
+ 0,
+ (PKIX_PL_Object **)&successor,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_VerifyNode_AddToChain
+ (successor, child, plContext),
+ PKIX_VERIFYNODEADDTOCHAINFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)parentNode, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+ PKIX_DECREF(successor);
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_SetDepth
+ * DESCRIPTION:
+ *
+ * The function sets the depth field of each VerifyNode in the List "children"
+ * to the value given by "depth", and recursively sets the depth of any
+ * successive generations to the successive values.
+ *
+ * PARAMETERS:
+ * "children"
+ * The List of VerifyNodes. Must be non-NULL.
+ * "depth"
+ * The value of the depth field to be set in members of the List.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_VerifyNode_SetDepth(PKIX_List *children,
+ PKIX_UInt32 depth,
+ void *plContext)
+{
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 chIx = 0;
+ PKIX_VerifyNode *child = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_SetDepth");
+ PKIX_NULLCHECK_ONE(children);
+
+ PKIX_CHECK(PKIX_List_GetLength(children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (chIx = 0; chIx < numChildren; chIx++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (children, chIx, (PKIX_PL_Object **)&child, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ child->depth = depth;
+
+ if (child->children != NULL) {
+ PKIX_CHECK(pkix_VerifyNode_SetDepth
+ (child->children, depth + 1, plContext),
+ PKIX_VERIFYNODESETDEPTHFAILED);
+ }
+
+ PKIX_DECREF(child);
+ }
+
+cleanup:
+
+ PKIX_DECREF(child);
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_AddToTree
+ * DESCRIPTION:
+ *
+ * Adds the VerifyNode pointed to by "child" to the List of children of the
+ * VerifyNode pointed to by "parentNode". If "parentNode" has a NULL pointer
+ * for the List of children, a new List is created containing "child".
+ * Otherwise "child" is appended to the existing List. The depth field of
+ * "child" is set to one more than the corresponding value in "parent", and
+ * if the "child" itself has child nodes, their depth fields are updated
+ * accordingly.
+ *
+ * Depth, in this context, means distance from the root node, which
+ * is at depth zero.
+ *
+ * PARAMETERS:
+ * "parentNode"
+ * Address of VerifyNode whose List of child VerifyNodes is to be
+ * created or appended to. Must be non-NULL.
+ * "child"
+ * Address of VerifyNode to be added to parentNode's List. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_VerifyNode_AddToTree(
+ PKIX_VerifyNode *parentNode,
+ PKIX_VerifyNode *child,
+ void *plContext)
+{
+ PKIX_List *listOfChildren = NULL;
+ PKIX_UInt32 parentDepth = 0;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_AddToTree");
+ PKIX_NULLCHECK_TWO(parentNode, child);
+
+ parentDepth = parentNode->depth;
+ listOfChildren = parentNode->children;
+ if (listOfChildren == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&listOfChildren, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ parentNode->children = listOfChildren;
+ }
+
+ child->depth = parentDepth + 1;
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (parentNode->children, (PKIX_PL_Object *)child, plContext),
+ PKIX_COULDNOTAPPENDCHILDTOPARENTSVERIFYNODELIST);
+
+ if (child->children != NULL) {
+ PKIX_CHECK(pkix_VerifyNode_SetDepth
+ (child->children, child->depth + 1, plContext),
+ PKIX_VERIFYNODESETDEPTHFAILED);
+ }
+
+
+cleanup:
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_SingleVerifyNode_ToString
+ * DESCRIPTION:
+ *
+ * Creates a String representation of the attributes of the VerifyNode pointed
+ * to by "node", other than its children, and stores the result at "pString".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of VerifyNode to be described by the string. Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a VerifyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+PKIX_Error *
+pkix_SingleVerifyNode_ToString(
+ PKIX_VerifyNode *node,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *fmtString = NULL;
+ PKIX_PL_String *errorString = NULL;
+ PKIX_PL_String *outString = NULL;
+
+ PKIX_PL_X500Name *issuerName = NULL;
+ PKIX_PL_X500Name *subjectName = NULL;
+ PKIX_PL_String *issuerString = NULL;
+ PKIX_PL_String *subjectString = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_SingleVerifyNode_ToString");
+ PKIX_NULLCHECK_THREE(node, pString, node->verifyCert);
+
+ PKIX_TOSTRING(node->error, &errorString, plContext,
+ PKIX_ERRORTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetIssuer
+ (node->verifyCert, &issuerName, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ PKIX_TOSTRING(issuerName, &issuerString, plContext,
+ PKIX_X500NAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject
+ (node->verifyCert, &subjectName, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+
+ PKIX_TOSTRING(subjectName, &subjectString, plContext,
+ PKIX_X500NAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "CERT[Issuer:%s, Subject:%s], depth=%d, error=%s",
+ 0,
+ &fmtString,
+ plContext),
+ PKIX_CANTCREATESTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString,
+ plContext,
+ fmtString,
+ issuerString,
+ subjectString,
+ node->depth,
+ errorString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = outString;
+
+cleanup:
+
+ PKIX_DECREF(fmtString);
+ PKIX_DECREF(errorString);
+ PKIX_DECREF(issuerName);
+ PKIX_DECREF(subjectName);
+ PKIX_DECREF(issuerString);
+ PKIX_DECREF(subjectString);
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Produces a String representation of a VerifyNode tree below the VerifyNode
+ * pointed to by "rootNode", with each line of output prefixed by the String
+ * pointed to by "indent", and stores the result at "pTreeString". It is
+ * called recursively, with ever-increasing indentation, for successively
+ * lower nodes on the tree.
+ *
+ * PARAMETERS:
+ * "rootNode"
+ * Address of VerifyNode subtree. Must be non-NULL.
+ * "indent"
+ * Address of String to be prefixed to each line of output. May be NULL
+ * if no indentation is desired
+ * "pTreeString"
+ * Address where the resulting String will be stored; must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a VerifyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_VerifyNode_ToString_Helper(
+ PKIX_VerifyNode *rootNode,
+ PKIX_PL_String *indent,
+ PKIX_PL_String **pTreeString,
+ void *plContext)
+{
+ PKIX_PL_String *nextIndentFormat = NULL;
+ PKIX_PL_String *thisNodeFormat = NULL;
+ PKIX_PL_String *childrenFormat = NULL;
+ PKIX_PL_String *nextIndentString = NULL;
+ PKIX_PL_String *resultString = NULL;
+ PKIX_PL_String *thisItemString = NULL;
+ PKIX_PL_String *childString = NULL;
+ PKIX_VerifyNode *childNode = NULL;
+ PKIX_UInt32 numberOfChildren = 0;
+ PKIX_UInt32 childIndex = 0;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_ToString_Helper");
+
+ PKIX_NULLCHECK_TWO(rootNode, pTreeString);
+
+ /* Create a string for this node */
+ PKIX_CHECK(pkix_SingleVerifyNode_ToString
+ (rootNode, &thisItemString, plContext),
+ PKIX_ERRORINSINGLEVERIFYNODETOSTRING);
+
+ if (indent) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s%s",
+ 0,
+ &thisNodeFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ thisNodeFormat,
+ indent,
+ thisItemString),
+ PKIX_ERRORINSPRINTF);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s",
+ 0,
+ &thisNodeFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ thisNodeFormat,
+ thisItemString),
+ PKIX_ERRORINSPRINTF);
+ }
+
+ PKIX_DECREF(thisItemString);
+ thisItemString = resultString;
+
+ /* if no children, we are done */
+ if (rootNode->children) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (rootNode->children, &numberOfChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ if (numberOfChildren != 0) {
+ /*
+ * We create a string for each child in turn,
+ * concatenating them to thisItemString.
+ */
+
+ /* Prepare an indent string for each child */
+ if (indent) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s. ",
+ 0,
+ &nextIndentFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&nextIndentString,
+ plContext,
+ nextIndentFormat,
+ indent),
+ PKIX_ERRORINSPRINTF);
+ } else {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ ". ",
+ 0,
+ &nextIndentString,
+ plContext),
+ PKIX_ERRORCREATINGINDENTSTRING);
+ }
+
+ /* Prepare the format for concatenation. */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s\n%s",
+ 0,
+ &childrenFormat,
+ plContext),
+ PKIX_ERRORCREATINGFORMATSTRING);
+
+ for (childIndex = 0;
+ childIndex < numberOfChildren;
+ childIndex++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (rootNode->children,
+ childIndex,
+ (PKIX_PL_Object **)&childNode,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_VerifyNode_ToString_Helper
+ (childNode,
+ nextIndentString,
+ &childString,
+ plContext),
+ PKIX_ERRORCREATINGCHILDSTRING);
+
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ childrenFormat,
+ thisItemString,
+ childString),
+ PKIX_ERRORINSPRINTF);
+
+ PKIX_DECREF(childNode);
+ PKIX_DECREF(childString);
+ PKIX_DECREF(thisItemString);
+
+ thisItemString = resultString;
+ }
+ }
+
+ *pTreeString = thisItemString;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(thisItemString);
+ }
+
+ PKIX_DECREF(nextIndentFormat);
+ PKIX_DECREF(thisNodeFormat);
+ PKIX_DECREF(childrenFormat);
+ PKIX_DECREF(nextIndentString);
+ PKIX_DECREF(childString);
+ PKIX_DECREF(childNode);
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_VerifyNode_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pTreeString,
+ void *plContext)
+{
+ PKIX_VerifyNode *rootNode = NULL;
+ PKIX_PL_String *resultString = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_ToString");
+
+ PKIX_NULLCHECK_TWO(object, pTreeString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VERIFYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTVERIFYNODE);
+
+ rootNode = (PKIX_VerifyNode *)object;
+
+ PKIX_CHECK(pkix_VerifyNode_ToString_Helper
+ (rootNode, NULL, &resultString, plContext),
+ PKIX_ERRORCREATINGSUBTREESTRING);
+
+ *pTreeString = resultString;
+
+cleanup:
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_VerifyNode_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_VerifyNode *node = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_VERIFYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTVERIFYNODE);
+
+ node = (PKIX_VerifyNode*)object;
+
+ PKIX_DECREF(node->verifyCert);
+ PKIX_DECREF(node->children);
+ PKIX_DECREF(node->error);
+
+ node->depth = 0;
+
+cleanup:
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_SingleVerifyNode_Hashcode
+ * DESCRIPTION:
+ *
+ * Computes the hashcode of the attributes of the VerifyNode pointed to by
+ * "node", other than its parents and children, and stores the result at
+ * "pHashcode".
+ *
+ * PARAMETERS:
+ * "node"
+ * Address of VerifyNode to be hashcoded; must be non-NULL
+ * "pHashcode"
+ * Address where UInt32 result will be stored; must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a VerifyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+static PKIX_Error *
+pkix_SingleVerifyNode_Hashcode(
+ PKIX_VerifyNode *node,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 errorHash = 0;
+ PKIX_UInt32 nodeHash = 0;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_SingleVerifyNode_Hashcode");
+ PKIX_NULLCHECK_TWO(node, pHashcode);
+
+ PKIX_HASHCODE
+ (node->verifyCert,
+ &nodeHash,
+ plContext,
+ PKIX_FAILUREHASHINGCERT);
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)node->error,
+ &errorHash,
+ plContext),
+ PKIX_FAILUREHASHINGERROR);
+
+ nodeHash = 31*nodeHash + errorHash;
+ *pHashcode = nodeHash;
+
+cleanup:
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_VerifyNode_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_VerifyNode *node = NULL;
+ PKIX_UInt32 childrenHash = 0;
+ PKIX_UInt32 nodeHash = 0;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_VERIFYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTVERIFYNODE);
+
+ node = (PKIX_VerifyNode *)object;
+
+ PKIX_CHECK(pkix_SingleVerifyNode_Hashcode
+ (node, &nodeHash, plContext),
+ PKIX_SINGLEVERIFYNODEHASHCODEFAILED);
+
+ PKIX_HASHCODE
+ (node->children,
+ &childrenHash,
+ plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ nodeHash = 31*nodeHash + childrenHash;
+
+ *pHashcode = nodeHash;
+
+cleanup:
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_SingleVerifyNode_Equals
+ * DESCRIPTION:
+ *
+ * Compares for equality the components of the VerifyNode pointed to by
+ * "firstPN", other than its parents and children, with those of the
+ * VerifyNode pointed to by "secondPN" and stores the result at "pResult"
+ * (PKIX_TRUE if equal; PKIX_FALSE if not).
+ *
+ * PARAMETERS:
+ * "firstPN"
+ * Address of first of the VerifyNodes to be compared; must be non-NULL
+ * "secondPN"
+ * Address of second of the VerifyNodes to be compared; must be non-NULL
+ * "pResult"
+ * Address where Boolean will be stored; must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a VerifyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+static PKIX_Error *
+pkix_SingleVerifyNode_Equals(
+ PKIX_VerifyNode *firstVN,
+ PKIX_VerifyNode *secondVN,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_Boolean compResult = PKIX_FALSE;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_SingleVerifyNode_Equals");
+ PKIX_NULLCHECK_THREE(firstVN, secondVN, pResult);
+
+ /* If both references are identical, they must be equal */
+ if (firstVN == secondVN) {
+ compResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * It seems we have to do the comparisons. Do
+ * the easiest ones first.
+ */
+ if ((firstVN->depth) != (secondVN->depth)) {
+ goto cleanup;
+ }
+
+ /* These fields must be non-NULL */
+ PKIX_NULLCHECK_TWO(firstVN->verifyCert, secondVN->verifyCert);
+
+ PKIX_EQUALS
+ (firstVN->verifyCert,
+ secondVN->verifyCert,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (compResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS
+ (firstVN->error,
+ secondVN->error,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+cleanup:
+
+ *pResult = compResult;
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_VerifyNode_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_VerifyNode *firstVN = NULL;
+ PKIX_VerifyNode *secondVN = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean compResult = PKIX_FALSE;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a VerifyNode */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_VERIFYNODE_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTVERIFYNODE);
+
+ /*
+ * Since we know firstObject is a VerifyNode,
+ * if both references are identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ compResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a VerifyNode, we
+ * don't throw an error. We simply return FALSE.
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ if (secondType != PKIX_VERIFYNODE_TYPE) {
+ goto cleanup;
+ }
+
+ /*
+ * Oh, well, we have to do the comparisons. Do
+ * the easiest ones first.
+ */
+ firstVN = (PKIX_VerifyNode *)firstObject;
+ secondVN = (PKIX_VerifyNode *)secondObject;
+
+ PKIX_CHECK(pkix_SingleVerifyNode_Equals
+ (firstVN, secondVN, &compResult, plContext),
+ PKIX_SINGLEVERIFYNODEEQUALSFAILED);
+
+ if (compResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS
+ (firstVN->children,
+ secondVN->children,
+ &compResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILEDONCHILDREN);
+
+cleanup:
+
+ *pResult = compResult;
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_DuplicateHelper
+ * DESCRIPTION:
+ *
+ * Duplicates the VerifyNode whose address is pointed to by "original",
+ * and stores the result at "pNewNode", if a non-NULL pointer is provided
+ * for "pNewNode". In addition, the created VerifyNode is added as a child
+ * to "parent", if a non-NULL pointer is provided for "parent". Then this
+ * function is called recursively to duplicate each of the children of
+ * "original". At the top level this function is called with a null
+ * "parent" and a non-NULL "pNewNode". Below the top level "parent" will
+ * be non-NULL and "pNewNode" will be NULL.
+ *
+ * PARAMETERS:
+ * "original"
+ * Address of VerifyNode to be copied; must be non-NULL
+ * "parent"
+ * Address of VerifyNode to which the created node is to be added as a
+ * child; NULL for the top-level call and non-NULL below the top level
+ * "pNewNode"
+ * Address to store the node created; should be NULL if "parent" is
+ * non-NULL and vice versa
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if function succeeds
+ * Returns a VerifyNode Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in a fatal way
+ */
+static PKIX_Error *
+pkix_VerifyNode_DuplicateHelper(
+ PKIX_VerifyNode *original,
+ PKIX_VerifyNode *parent,
+ PKIX_VerifyNode **pNewNode,
+ void *plContext)
+{
+ PKIX_UInt32 numChildren = 0;
+ PKIX_UInt32 childIndex = 0;
+ PKIX_List *children = NULL; /* List of PKIX_VerifyNode */
+ PKIX_VerifyNode *copy = NULL;
+ PKIX_VerifyNode *child = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_DuplicateHelper");
+
+ PKIX_NULLCHECK_TWO
+ (original, original->verifyCert);
+
+ /*
+ * These components are immutable, so copying the pointers
+ * is sufficient. The create function increments the reference
+ * counts as it stores the pointers into the new object.
+ */
+ PKIX_CHECK(pkix_VerifyNode_Create
+ (original->verifyCert,
+ original->depth,
+ original->error,
+ &copy,
+ plContext),
+ PKIX_VERIFYNODECREATEFAILED);
+
+ /* Are there any children to duplicate? */
+ children = original->children;
+
+ if (children) {
+ PKIX_CHECK(PKIX_List_GetLength(children, &numChildren, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ for (childIndex = 0; childIndex < numChildren; childIndex++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (children,
+ childIndex,
+ (PKIX_PL_Object **)&child,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_VerifyNode_DuplicateHelper
+ (child, copy, NULL, plContext),
+ PKIX_VERIFYNODEDUPLICATEHELPERFAILED);
+
+ PKIX_DECREF(child);
+ }
+
+ if (pNewNode) {
+ *pNewNode = copy;
+ copy = NULL; /* no DecRef if we give our handle away */
+ }
+
+cleanup:
+ PKIX_DECREF(copy);
+ PKIX_DECREF(child);
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_Duplicate
+ * (see comments for PKIX_PL_Duplicate_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_VerifyNode_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_VerifyNode *original = NULL;
+ PKIX_VerifyNode *copy = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_Duplicate");
+
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_VERIFYNODE_TYPE, plContext),
+ PKIX_OBJECTNOTVERIFYNODE);
+
+ original = (PKIX_VerifyNode *)object;
+
+ PKIX_CHECK(pkix_VerifyNode_DuplicateHelper
+ (original, NULL, &copy, plContext),
+ PKIX_VERIFYNODEDUPLICATEHELPERFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)copy;
+
+cleanup:
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: pkix_VerifyNode_RegisterSelf
+ * DESCRIPTION:
+ *
+ * Registers PKIX_VERIFYNODE_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize,
+ * which should only be called once, it is acceptable that
+ * this function is not thread-safe.
+ */
+PKIX_Error *
+pkix_VerifyNode_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_RegisterSelf");
+
+ entry.description = "VerifyNode";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_VerifyNode);
+ entry.destructor = pkix_VerifyNode_Destroy;
+ entry.equalsFunction = pkix_VerifyNode_Equals;
+ entry.hashcodeFunction = pkix_VerifyNode_Hashcode;
+ entry.toStringFunction = pkix_VerifyNode_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_VerifyNode_Duplicate;
+
+ systemClasses[PKIX_VERIFYNODE_TYPE] = entry;
+
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/* --Public-VerifyNode-Functions----------------------------------- */
+
+/*
+ * FUNCTION: PKIX_VerifyNode_SetError
+ * DESCRIPTION:
+ *
+ * This function sets the Error field of the VerifyNode pointed to by "node"
+ * to contain the Error pointed to by "error".
+ *
+ * PARAMETERS:
+ * "node"
+ * The address of the VerifyNode to be modified. Must be non-NULL.
+ * "error"
+ * The address of the Error to be stored.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_VerifyNode_SetError(
+ PKIX_VerifyNode *node,
+ PKIX_Error *error,
+ void *plContext)
+{
+
+ PKIX_ENTER(VERIFYNODE, "PKIX_VerifyNode_SetError");
+
+ PKIX_NULLCHECK_TWO(node, error);
+
+ PKIX_DECREF(node->error); /* should have been NULL */
+ PKIX_INCREF(error);
+ node->error = error;
+
+cleanup:
+ PKIX_RETURN(VERIFYNODE);
+}
+
+/*
+ * FUNCTION: PKIX_VerifyNode_FindError
+ * DESCRIPTION:
+ *
+ * Finds meaningful error in the log. For now, just returns the first
+ * error it finds in. In the future the function should be changed to
+ * return a top priority error.
+ *
+ * PARAMETERS:
+ * "node"
+ * The address of the VerifyNode to be modified. Must be non-NULL.
+ * "error"
+ * The address of a pointer the error will be returned to.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_VerifyNode_FindError(
+ PKIX_VerifyNode *node,
+ PKIX_Error **error,
+ void *plContext)
+{
+ PKIX_VerifyNode *childNode = NULL;
+
+ PKIX_ENTER(VERIFYNODE, "PKIX_VerifyNode_FindError");
+
+ /* Make sure the return address is initialized with NULL */
+ PKIX_DECREF(*error);
+
+ if (!node)
+ goto cleanup;
+
+ /* First, try to get error from lowest level. */
+ if (node->children) {
+ PKIX_UInt32 length = 0;
+ PKIX_UInt32 index = 0;
+
+ PKIX_CHECK(
+ PKIX_List_GetLength(node->children, &length,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ for (index = 0;index < length;index++) {
+ PKIX_CHECK(
+ PKIX_List_GetItem(node->children, index,
+ (PKIX_PL_Object**)&childNode, plContext),
+ PKIX_LISTGETITEMFAILED);
+ if (!childNode)
+ continue;
+ PKIX_CHECK(
+ pkix_VerifyNode_FindError(childNode, error,
+ plContext),
+ PKIX_VERIFYNODEFINDERRORFAILED);
+ PKIX_DECREF(childNode);
+ if (*error) {
+ goto cleanup;
+ }
+ }
+ }
+
+ if (node->error && node->error->plErr) {
+ PKIX_INCREF(node->error);
+ *error = node->error;
+ }
+
+cleanup:
+ PKIX_DECREF(childNode);
+
+ PKIX_RETURN(VERIFYNODE);
+}
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_verifynode.h b/security/nss/lib/libpkix/pkix/results/pkix_verifynode.h
new file mode 100755
index 000000000..c943ae4dd
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/pkix_verifynode.h
@@ -0,0 +1,75 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_verifynode.h
+ *
+ * VerifyNode Type Definitions
+ *
+ */
+
+#ifndef _PKIX_VERIFYNODE_H
+#define _PKIX_VERIFYNODE_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This structure reflects the contents of a verify node...
+ */
+struct PKIX_VerifyNodeStruct {
+ PKIX_PL_Cert *verifyCert;
+ PKIX_List *children; /* VerifyNodes */
+ PKIX_UInt32 depth;
+ PKIX_Error *error;
+};
+
+PKIX_Error *
+pkix_SingleVerifyNode_ToString(
+ PKIX_VerifyNode *node,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+PKIX_Error *
+pkix_VerifyNode_Create(
+ PKIX_PL_Cert *verifyCert,
+ PKIX_UInt32 depth,
+ PKIX_Error *error,
+ PKIX_VerifyNode **pObject,
+ void *plContext);
+
+PKIX_Error *
+pkix_VerifyNode_AddToChain(
+ PKIX_VerifyNode *parentNode,
+ PKIX_VerifyNode *child,
+ void *plContext);
+
+PKIX_Error *
+pkix_VerifyNode_AddToTree(
+ PKIX_VerifyNode *parentNode,
+ PKIX_VerifyNode *child,
+ void *plContext);
+
+PKIX_Error *
+pkix_VerifyNode_SetError(
+ PKIX_VerifyNode *node,
+ PKIX_Error *error,
+ void *plContext);
+
+PKIX_Error *
+pkix_VerifyNode_RegisterSelf(
+ void *plContext);
+
+PKIX_Error *
+pkix_VerifyNode_FindError(
+ PKIX_VerifyNode *node,
+ PKIX_Error **error,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_VERIFYNODE_H */
diff --git a/security/nss/lib/libpkix/pkix/results/results.gyp b/security/nss/lib/libpkix/pkix/results/results.gyp
new file mode 100644
index 000000000..962fdb948
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/results/results.gyp
@@ -0,0 +1,26 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixresults',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_buildresult.c',
+ 'pkix_policynode.c',
+ 'pkix_valresult.c',
+ 'pkix_verifynode.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/store/Makefile b/security/nss/lib/libpkix/pkix/store/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/store/config.mk b/security/nss/lib/libpkix/pkix/store/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/store/exports.gyp b/security/nss/lib/libpkix/pkix/store/exports.gyp
new file mode 100644
index 000000000..52f13f5ae
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/exports.gyp
@@ -0,0 +1,25 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_store_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_store.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/store/manifest.mn b/security/nss/lib/libpkix/pkix/store/manifest.mn
new file mode 100755
index 000000000..4df8eb64b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/manifest.mn
@@ -0,0 +1,21 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_store.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_store.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixstore
+
diff --git a/security/nss/lib/libpkix/pkix/store/pkix_store.c b/security/nss/lib/libpkix/pkix/store/pkix_store.c
new file mode 100755
index 000000000..af8be2bb2
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/pkix_store.c
@@ -0,0 +1,415 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_store.c
+ *
+ * CertStore Function Definitions
+ *
+ */
+
+#include "pkix_store.h"
+
+/* --CertStore-Private-Functions----------------------------------------- */
+
+/*
+ * FUNCTION: pkix_CertStore_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertStore_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_CertStore *certStore = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_CertStore_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a CertStore object */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTSTORE_TYPE, plContext),
+ PKIX_OBJECTNOTCERTSTORE);
+
+ certStore = (PKIX_CertStore *)object;
+
+ certStore->certCallback = NULL;
+ certStore->crlCallback = NULL;
+ certStore->certContinue = NULL;
+ certStore->crlContinue = NULL;
+ certStore->trustCallback = NULL;
+
+ PKIX_DECREF(certStore->certStoreContext);
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_CertStore_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertStore_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_CertStore *certStore = NULL;
+ PKIX_UInt32 tempHash = 0;
+
+ PKIX_ENTER(CERTSTORE, "pkix_CertStore_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTSTORE_TYPE, plContext),
+ PKIX_OBJECTNOTCERTSTORE);
+
+ certStore = (PKIX_CertStore *)object;
+
+ if (certStore->certStoreContext) {
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *) certStore->certStoreContext,
+ &tempHash,
+ plContext),
+ PKIX_CERTSTOREHASHCODEFAILED);
+ }
+
+ *pHashcode = (PKIX_UInt32)((char *)certStore->certCallback - (char *)NULL) +
+ (PKIX_UInt32)((char *)certStore->crlCallback - (char *)NULL) +
+ (PKIX_UInt32)((char *)certStore->certContinue - (char *)NULL) +
+ (PKIX_UInt32)((char *)certStore->crlContinue - (char *)NULL) +
+ (PKIX_UInt32)((char *)certStore->trustCallback - (char *)NULL) +
+ (tempHash << 7);
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_CertStore_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_CertStore_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_CertStore *firstCS = NULL;
+ PKIX_CertStore *secondCS = NULL;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
+
+ PKIX_ENTER(CERTSTORE, "pkix_CertStore_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject, secondObject, PKIX_CERTSTORE_TYPE, plContext),
+ PKIX_ARGUMENTSNOTDATES);
+
+ firstCS = (PKIX_CertStore *)firstObject;
+ secondCS = (PKIX_CertStore *)secondObject;
+
+ cmpResult = (firstCS->certCallback == secondCS->certCallback) &&
+ (firstCS->crlCallback == secondCS->crlCallback) &&
+ (firstCS->certContinue == secondCS->certContinue) &&
+ (firstCS->crlContinue == secondCS->crlContinue) &&
+ (firstCS->trustCallback == secondCS->trustCallback);
+
+ if (cmpResult &&
+ (firstCS->certStoreContext != secondCS->certStoreContext)) {
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *) firstCS->certStoreContext,
+ (PKIX_PL_Object *) secondCS->certStoreContext,
+ &cmpResult,
+ plContext),
+ PKIX_CERTSTOREEQUALSFAILED);
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_CertStore_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTSTORE_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_CertStore_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTSTORE, "pkix_CertStore_RegisterSelf");
+
+ entry.description = "CertStore";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_CertStore);
+ entry.destructor = pkix_CertStore_Destroy;
+ entry.equalsFunction = pkix_CertStore_Equals;
+ entry.hashcodeFunction = pkix_CertStore_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CERTSTORE_TYPE] = entry;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/* --CertStore-Public-Functions------------------------------------------ */
+
+/*
+ * FUNCTION: PKIX_CertStore_Create (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_Create(
+ PKIX_CertStore_CertCallback certCallback,
+ PKIX_CertStore_CRLCallback crlCallback,
+ PKIX_CertStore_CertContinueFunction certContinue,
+ PKIX_CertStore_CrlContinueFunction crlContinue,
+ PKIX_CertStore_CheckTrustCallback trustCallback,
+ PKIX_CertStore_ImportCrlCallback importCrlCallback,
+ PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback,
+ PKIX_PL_Object *certStoreContext,
+ PKIX_Boolean cacheFlag,
+ PKIX_Boolean localFlag,
+ PKIX_CertStore **pStore,
+ void *plContext)
+{
+ PKIX_CertStore *certStore = NULL;
+
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_Create");
+ PKIX_NULLCHECK_THREE(certCallback, crlCallback, pStore);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTSTORE_TYPE,
+ sizeof (PKIX_CertStore),
+ (PKIX_PL_Object **)&certStore,
+ plContext),
+ PKIX_COULDNOTCREATECERTSTOREOBJECT);
+
+ certStore->certCallback = certCallback;
+ certStore->crlCallback = crlCallback;
+ certStore->certContinue = certContinue;
+ certStore->crlContinue = crlContinue;
+ certStore->trustCallback = trustCallback;
+ certStore->importCrlCallback = importCrlCallback;
+ certStore->checkRevByCrlCallback = checkRevByCrlCallback;
+ certStore->cacheFlag = cacheFlag;
+ certStore->localFlag = localFlag;
+
+ PKIX_INCREF(certStoreContext);
+ certStore->certStoreContext = certStoreContext;
+
+ *pStore = certStore;
+ certStore = NULL;
+
+cleanup:
+
+ PKIX_DECREF(certStore);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCertCallback (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetCertCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CertCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetCertCallback");
+ PKIX_NULLCHECK_TWO(store, pCallback);
+
+ *pCallback = store->certCallback;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCRLCallback (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetCRLCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CRLCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetCRLCallback");
+ PKIX_NULLCHECK_TWO(store, pCallback);
+
+ *pCallback = store->crlCallback;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_CertContinue (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_CertContinue(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_CertContinue");
+ PKIX_NULLCHECK_FOUR(store, selector, pNBIOContext, pCertList);
+
+ PKIX_CHECK(store->certContinue
+ (store, selector, verifyNode,
+ pNBIOContext, pCertList, plContext),
+ PKIX_CERTSTORECERTCONTINUEFUNCTIONFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_CrlContinue (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_CrlContinue(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_CrlContinue");
+ PKIX_NULLCHECK_FOUR(store, selector, pNBIOContext, pCrlList);
+
+ PKIX_CHECK(store->crlContinue
+ (store, selector, pNBIOContext, pCrlList, plContext),
+ PKIX_CERTSTORECRLCONTINUEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetTrustCallback (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetTrustCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CheckTrustCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetTrustCallback");
+ PKIX_NULLCHECK_TWO(store, pCallback);
+
+ *pCallback = store->trustCallback;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetImportCrlCallback (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetImportCrlCallback(
+ PKIX_CertStore *store,
+ PKIX_CertStore_ImportCrlCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetTrustCallback");
+ PKIX_NULLCHECK_TWO(store, pCallback);
+
+ *pCallback = store->importCrlCallback;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCheckRevByCrl (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetCrlCheckerFn(
+ PKIX_CertStore *store,
+ PKIX_CertStore_CheckRevokationByCrlCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetTrustCallback");
+ PKIX_NULLCHECK_TWO(store, pCallback);
+
+ *pCallback = store->checkRevByCrlCallback;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCertStoreContext
+ * (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetCertStoreContext(
+ PKIX_CertStore *store,
+ PKIX_PL_Object **pCertStoreContext,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetCertStoreContext");
+ PKIX_NULLCHECK_TWO(store, pCertStoreContext);
+
+ PKIX_INCREF(store->certStoreContext);
+ *pCertStoreContext = store->certStoreContext;
+
+cleanup:
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetCertStoreCacheFlag
+ * (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetCertStoreCacheFlag(
+ PKIX_CertStore *store,
+ PKIX_Boolean *pCacheFlag,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetCertStoreCacheFlag");
+ PKIX_NULLCHECK_TWO(store, pCacheFlag);
+
+ *pCacheFlag = store->cacheFlag;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_CertStore_GetLocalFlag
+ * (see comments in pkix_certstore.h)
+ */
+PKIX_Error *
+PKIX_CertStore_GetLocalFlag(
+ PKIX_CertStore *store,
+ PKIX_Boolean *pLocalFlag,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "PKIX_CertStore_GetLocalFlag");
+ PKIX_NULLCHECK_TWO(store, pLocalFlag);
+
+ *pLocalFlag = store->localFlag;
+
+ PKIX_RETURN(CERTSTORE);
+}
diff --git a/security/nss/lib/libpkix/pkix/store/pkix_store.h b/security/nss/lib/libpkix/pkix/store/pkix_store.h
new file mode 100755
index 000000000..9d116ffbd
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/pkix_store.h
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_store.h
+ *
+ * CertStore Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_STORE_H
+#define _PKIX_STORE_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_CertStoreStruct {
+ PKIX_CertStore_CertCallback certCallback;
+ PKIX_CertStore_CRLCallback crlCallback;
+ PKIX_CertStore_CertContinueFunction certContinue;
+ PKIX_CertStore_CrlContinueFunction crlContinue;
+ PKIX_CertStore_CheckTrustCallback trustCallback;
+ PKIX_CertStore_ImportCrlCallback importCrlCallback;
+ PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback;
+ PKIX_PL_Object *certStoreContext;
+ PKIX_Boolean cacheFlag;
+ PKIX_Boolean localFlag; /* TRUE if CertStore is local */
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_CertStore_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_STORE_H */
diff --git a/security/nss/lib/libpkix/pkix/store/store.gyp b/security/nss/lib/libpkix/pkix/store/store.gyp
new file mode 100644
index 000000000..43aa17768
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/store/store.gyp
@@ -0,0 +1,23 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixstore',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_store.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/top/Makefile b/security/nss/lib/libpkix/pkix/top/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/top/config.mk b/security/nss/lib/libpkix/pkix/top/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/top/exports.gyp b/security/nss/lib/libpkix/pkix/top/exports.gyp
new file mode 100644
index 000000000..d41f2b5ec
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/exports.gyp
@@ -0,0 +1,27 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_top_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_build.h',
+ 'pkix_lifecycle.h',
+ 'pkix_validate.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/top/manifest.mn b/security/nss/lib/libpkix/pkix/top/manifest.mn
new file mode 100755
index 000000000..c49941034
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/manifest.mn
@@ -0,0 +1,25 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_build.h \
+ pkix_lifecycle.h \
+ pkix_validate.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_validate.c \
+ pkix_lifecycle.c \
+ pkix_build.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixtop
+
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_build.c b/security/nss/lib/libpkix/pkix/top/pkix_build.c
new file mode 100755
index 000000000..0c87ba3f3
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/pkix_build.c
@@ -0,0 +1,3763 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_build.c
+ *
+ * Top level buildChain function
+ *
+ */
+
+/* #define PKIX_BUILDDEBUG 1 */
+/* #define PKIX_FORWARDBUILDERSTATEDEBUG 1 */
+
+#include "pkix_build.h"
+
+extern PRLogModuleInfo *pkixLog;
+
+/*
+ * List of critical extension OIDs associate with what build chain has
+ * checked. Those OIDs need to be removed from the unresolved critical
+ * extension OIDs list manually (instead of by checker automatically).
+ */
+static SECOidTag buildCheckedCritExtOIDs[] = {
+ PKIX_CERTKEYUSAGE_OID,
+ PKIX_CERTSUBJALTNAME_OID,
+ PKIX_BASICCONSTRAINTS_OID,
+ PKIX_NAMECONSTRAINTS_OID,
+ PKIX_EXTENDEDKEYUSAGE_OID,
+ PKIX_NSCERTTYPE_OID,
+ PKIX_UNKNOWN_OID
+};
+
+/* --Private-ForwardBuilderState-Functions---------------------------------- */
+
+/*
+ * FUNCTION: pkix_ForwardBuilderState_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ForwardBuilderState_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ForwardBuilderState *state = NULL;
+
+ PKIX_ENTER(FORWARDBUILDERSTATE, "pkix_ForwardBuilderState_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_FORWARDBUILDERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTFORWARDBUILDERSTATE);
+
+ state = (PKIX_ForwardBuilderState *)object;
+
+ state->status = BUILD_INITIAL;
+ state->traversedCACerts = 0;
+ state->certStoreIndex = 0;
+ state->numCerts = 0;
+ state->numAias = 0;
+ state->certIndex = 0;
+ state->aiaIndex = 0;
+ state->certCheckedIndex = 0;
+ state->checkerIndex = 0;
+ state->hintCertIndex = 0;
+ state->numFanout = 0;
+ state->numDepth = 0;
+ state->reasonCode = 0;
+ state->canBeCached = PKIX_FALSE;
+ state->useOnlyLocal = PKIX_FALSE;
+ state->revChecking = PKIX_FALSE;
+ state->usingHintCerts = PKIX_FALSE;
+ state->certLoopingDetected = PKIX_FALSE;
+ PKIX_DECREF(state->validityDate);
+ PKIX_DECREF(state->prevCert);
+ PKIX_DECREF(state->candidateCert);
+ PKIX_DECREF(state->traversedSubjNames);
+ PKIX_DECREF(state->trustChain);
+ PKIX_DECREF(state->aia);
+ PKIX_DECREF(state->candidateCerts);
+ PKIX_DECREF(state->reversedCertChain);
+ PKIX_DECREF(state->checkedCritExtOIDs);
+ PKIX_DECREF(state->checkerChain);
+ PKIX_DECREF(state->certSel);
+ PKIX_DECREF(state->verifyNode);
+ PKIX_DECREF(state->client);
+
+ /*
+ * If we ever add a child link we have to be careful not to have loops
+ * in the Destroy process. But with one-way links we should be okay.
+ */
+ if (state->parentState == NULL) {
+ state->buildConstants.numAnchors = 0;
+ state->buildConstants.numCertStores = 0;
+ state->buildConstants.numHintCerts = 0;
+ state->buildConstants.procParams = 0;
+ PKIX_DECREF(state->buildConstants.testDate);
+ PKIX_DECREF(state->buildConstants.timeLimit);
+ PKIX_DECREF(state->buildConstants.targetCert);
+ PKIX_DECREF(state->buildConstants.targetPubKey);
+ PKIX_DECREF(state->buildConstants.certStores);
+ PKIX_DECREF(state->buildConstants.anchors);
+ PKIX_DECREF(state->buildConstants.userCheckers);
+ PKIX_DECREF(state->buildConstants.hintCerts);
+ PKIX_DECREF(state->buildConstants.revChecker);
+ PKIX_DECREF(state->buildConstants.aiaMgr);
+ } else {
+ PKIX_DECREF(state->parentState);
+ }
+
+cleanup:
+
+ PKIX_RETURN(FORWARDBUILDERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_ForwardBuilderState_Create
+ *
+ * DESCRIPTION:
+ * Allocate and initialize a ForwardBuilderState.
+ *
+ * PARAMETERS
+ * "traversedCACerts"
+ * Number of CA certificates traversed.
+ * "numFanout"
+ * Number of Certs that can be considered at this level (0 = no limit)
+ * "numDepth"
+ * Number of additional levels that can be searched (0 = no limit)
+ * "canBeCached"
+ * Boolean value indicating whether all certs on the chain can be cached.
+ * "validityDate"
+ * Address of Date at which build chain Certs' most restricted validity
+ * time is kept. May be NULL.
+ * "prevCert"
+ * Address of Cert just traversed. Must be non-NULL.
+ * "traversedSubjNames"
+ * Address of List of GeneralNames that have been traversed.
+ * Must be non-NULL.
+ * "trustChain"
+ * Address of List of certificates traversed. Must be non-NULL.
+ * "parentState"
+ * Address of previous ForwardBuilderState
+ * "pState"
+ * Address where ForwardBuilderState will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_ForwardBuilderState_Create(
+ PKIX_Int32 traversedCACerts,
+ PKIX_UInt32 numFanout,
+ PKIX_UInt32 numDepth,
+ PKIX_Boolean canBeCached,
+ PKIX_PL_Date *validityDate,
+ PKIX_PL_Cert *prevCert,
+ PKIX_List *traversedSubjNames,
+ PKIX_List *trustChain,
+ PKIX_ForwardBuilderState *parentState,
+ PKIX_ForwardBuilderState **pState,
+ void *plContext)
+{
+ PKIX_ForwardBuilderState *state = NULL;
+
+ PKIX_ENTER(FORWARDBUILDERSTATE, "pkix_ForwardBuilderState_Create");
+ PKIX_NULLCHECK_FOUR(prevCert, traversedSubjNames, pState, trustChain);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_FORWARDBUILDERSTATE_TYPE,
+ sizeof (PKIX_ForwardBuilderState),
+ (PKIX_PL_Object **)&state,
+ plContext),
+ PKIX_COULDNOTCREATEFORWARDBUILDERSTATEOBJECT);
+
+ state->status = BUILD_INITIAL;
+ state->traversedCACerts = traversedCACerts;
+ state->certStoreIndex = 0;
+ state->numCerts = 0;
+ state->numAias = 0;
+ state->certIndex = 0;
+ state->aiaIndex = 0;
+ state->certCheckedIndex = 0;
+ state->checkerIndex = 0;
+ state->hintCertIndex = 0;
+ state->numFanout = numFanout;
+ state->numDepth = numDepth;
+ state->reasonCode = 0;
+ state->revChecking = numDepth;
+ state->canBeCached = canBeCached;
+ state->useOnlyLocal = PKIX_TRUE;
+ state->revChecking = PKIX_FALSE;
+ state->usingHintCerts = PKIX_FALSE;
+ state->certLoopingDetected = PKIX_FALSE;
+
+ PKIX_INCREF(validityDate);
+ state->validityDate = validityDate;
+
+ PKIX_INCREF(prevCert);
+ state->prevCert = prevCert;
+
+ state->candidateCert = NULL;
+
+ PKIX_INCREF(traversedSubjNames);
+ state->traversedSubjNames = traversedSubjNames;
+
+ PKIX_INCREF(trustChain);
+ state->trustChain = trustChain;
+
+ state->aia = NULL;
+ state->candidateCerts = NULL;
+ state->reversedCertChain = NULL;
+ state->checkedCritExtOIDs = NULL;
+ state->checkerChain = NULL;
+ state->certSel = NULL;
+ state->verifyNode = NULL;
+ state->client = NULL;
+
+ PKIX_INCREF(parentState);
+ state->parentState = parentState;
+
+ if (parentState != NULL) {
+ state->buildConstants.numAnchors =
+ parentState->buildConstants.numAnchors;
+ state->buildConstants.numCertStores =
+ parentState->buildConstants.numCertStores;
+ state->buildConstants.numHintCerts =
+ parentState->buildConstants.numHintCerts;
+ state->buildConstants.maxFanout =
+ parentState->buildConstants.maxFanout;
+ state->buildConstants.maxDepth =
+ parentState->buildConstants.maxDepth;
+ state->buildConstants.maxTime =
+ parentState->buildConstants.maxTime;
+ state->buildConstants.procParams =
+ parentState->buildConstants.procParams;
+ state->buildConstants.testDate =
+ parentState->buildConstants.testDate;
+ state->buildConstants.timeLimit =
+ parentState->buildConstants.timeLimit;
+ state->buildConstants.targetCert =
+ parentState->buildConstants.targetCert;
+ state->buildConstants.targetPubKey =
+ parentState->buildConstants.targetPubKey;
+ state->buildConstants.certStores =
+ parentState->buildConstants.certStores;
+ state->buildConstants.anchors =
+ parentState->buildConstants.anchors;
+ state->buildConstants.userCheckers =
+ parentState->buildConstants.userCheckers;
+ state->buildConstants.hintCerts =
+ parentState->buildConstants.hintCerts;
+ state->buildConstants.revChecker =
+ parentState->buildConstants.revChecker;
+ state->buildConstants.aiaMgr =
+ parentState->buildConstants.aiaMgr;
+ state->buildConstants.trustOnlyUserAnchors =
+ parentState->buildConstants.trustOnlyUserAnchors;
+ }
+
+ *pState = state;
+ state = NULL;
+cleanup:
+
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(FORWARDBUILDERSTATE);
+}
+
+/*
+ * FUNCTION: pkix_Build_GetResourceLimits
+ *
+ * DESCRIPTION:
+ * Retrieve Resource Limits from ProcessingParams and initialize them in
+ * BuildConstants.
+ *
+ * PARAMETERS
+ * "buildConstants"
+ * Address of a BuildConstants structure containing objects and values
+ * that remain constant throughout the building of a chain. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_GetResourceLimits(
+ BuildConstants *buildConstants,
+ void *plContext)
+{
+ PKIX_ResourceLimits *resourceLimits = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_GetResourceLimits");
+ PKIX_NULLCHECK_ONE(buildConstants);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetResourceLimits
+ (buildConstants->procParams, &resourceLimits, plContext),
+ PKIX_PROCESSINGPARAMSGETRESOURCELIMITSFAILED);
+
+ buildConstants->maxFanout = 0;
+ buildConstants->maxDepth = 0;
+ buildConstants->maxTime = 0;
+
+ if (resourceLimits) {
+
+ PKIX_CHECK(PKIX_ResourceLimits_GetMaxFanout
+ (resourceLimits, &buildConstants->maxFanout, plContext),
+ PKIX_RESOURCELIMITSGETMAXFANOUTFAILED);
+
+ PKIX_CHECK(PKIX_ResourceLimits_GetMaxDepth
+ (resourceLimits, &buildConstants->maxDepth, plContext),
+ PKIX_RESOURCELIMITSGETMAXDEPTHFAILED);
+
+ PKIX_CHECK(PKIX_ResourceLimits_GetMaxTime
+ (resourceLimits, &buildConstants->maxTime, plContext),
+ PKIX_RESOURCELIMITSGETMAXTIMEFAILED);
+ }
+
+cleanup:
+
+ PKIX_DECREF(resourceLimits);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_ForwardBuilderState_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_ForwardBuilderState_ToString
+ (PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_ForwardBuilderState *state = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *resultString = NULL;
+ PKIX_PL_String *buildStatusString = NULL;
+ PKIX_PL_String *validityDateString = NULL;
+ PKIX_PL_String *prevCertString = NULL;
+ PKIX_PL_String *candidateCertString = NULL;
+ PKIX_PL_String *traversedSubjNamesString = NULL;
+ PKIX_PL_String *trustChainString = NULL;
+ PKIX_PL_String *candidateCertsString = NULL;
+ PKIX_PL_String *certSelString = NULL;
+ PKIX_PL_String *verifyNodeString = NULL;
+ PKIX_PL_String *parentStateString = NULL;
+ char *asciiFormat = "\n"
+ "\t{buildStatus: \t%s\n"
+ "\ttraversedCACerts: \t%d\n"
+ "\tcertStoreIndex: \t%d\n"
+ "\tnumCerts: \t%d\n"
+ "\tnumAias: \t%d\n"
+ "\tcertIndex: \t%d\n"
+ "\taiaIndex: \t%d\n"
+ "\tnumFanout: \t%d\n"
+ "\tnumDepth: \t%d\n"
+ "\treasonCode: \t%d\n"
+ "\tcanBeCached: \t%d\n"
+ "\tuseOnlyLocal: \t%d\n"
+ "\trevChecking: \t%d\n"
+ "\tvalidityDate: \t%s\n"
+ "\tprevCert: \t%s\n"
+ "\tcandidateCert: \t%s\n"
+ "\ttraversedSubjNames: \t%s\n"
+ "\ttrustChain: \t%s\n"
+ "\tcandidateCerts: \t%s\n"
+ "\tcertSel: \t%s\n"
+ "\tverifyNode: \t%s\n"
+ "\tparentState: \t%s}\n";
+ char *asciiStatus = NULL;
+
+ PKIX_ENTER(FORWARDBUILDERSTATE, "pkix_ForwardBuilderState_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_FORWARDBUILDERSTATE_TYPE, plContext),
+ PKIX_OBJECTNOTFORWARDBUILDERSTATE);
+
+ state = (PKIX_ForwardBuilderState *)object;
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ switch (state->status) {
+ case BUILD_SHORTCUTPENDING: asciiStatus = "BUILD_SHORTCUTPENDING";
+ break;
+ case BUILD_INITIAL: asciiStatus = "BUILD_INITIAL";
+ break;
+ case BUILD_TRYAIA: asciiStatus = "BUILD_TRYAIA";
+ break;
+ case BUILD_AIAPENDING: asciiStatus = "BUILD_AIAPENDING";
+ break;
+ case BUILD_COLLECTINGCERTS: asciiStatus = "BUILD_COLLECTINGCERTS";
+ break;
+ case BUILD_GATHERPENDING: asciiStatus = "BUILD_GATHERPENDING";
+ break;
+ case BUILD_CERTVALIDATING: asciiStatus = "BUILD_CERTVALIDATING";
+ break;
+ case BUILD_ABANDONNODE: asciiStatus = "BUILD_ABANDONNODE";
+ break;
+ case BUILD_DATEPREP: asciiStatus = "BUILD_DATEPREP";
+ break;
+ case BUILD_CHECKTRUSTED: asciiStatus = "BUILD_CHECKTRUSTED";
+ break;
+ case BUILD_CHECKTRUSTED2: asciiStatus = "BUILD_CHECKTRUSTED2";
+ break;
+ case BUILD_ADDTOCHAIN: asciiStatus = "BUILD_ADDTOCHAIN";
+ break;
+ case BUILD_VALCHAIN: asciiStatus = "BUILD_VALCHAIN";
+ break;
+ case BUILD_VALCHAIN2: asciiStatus = "BUILD_VALCHAIN2";
+ break;
+ case BUILD_EXTENDCHAIN: asciiStatus = "BUILD_EXTENDCHAIN";
+ break;
+ case BUILD_GETNEXTCERT: asciiStatus = "BUILD_GETNEXTCERT";
+ break;
+ default: asciiStatus = "INVALID STATUS";
+ break;
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiStatus, 0, &buildStatusString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_TOSTRING
+ (state->validityDate, &validityDateString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->prevCert, &prevCertString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->candidateCert, &candidateCertString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->traversedSubjNames,
+ &traversedSubjNamesString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->trustChain, &trustChainString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->candidateCerts, &candidateCertsString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->certSel, &certSelString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->verifyNode, &verifyNodeString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (state->parentState, &parentStateString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&resultString,
+ plContext,
+ formatString,
+ buildStatusString,
+ (PKIX_Int32)state->traversedCACerts,
+ (PKIX_UInt32)state->certStoreIndex,
+ (PKIX_UInt32)state->numCerts,
+ (PKIX_UInt32)state->numAias,
+ (PKIX_UInt32)state->certIndex,
+ (PKIX_UInt32)state->aiaIndex,
+ (PKIX_UInt32)state->numFanout,
+ (PKIX_UInt32)state->numDepth,
+ (PKIX_UInt32)state->reasonCode,
+ state->canBeCached,
+ state->useOnlyLocal,
+ state->revChecking,
+ validityDateString,
+ prevCertString,
+ candidateCertString,
+ traversedSubjNamesString,
+ trustChainString,
+ candidateCertsString,
+ certSelString,
+ verifyNodeString,
+ parentStateString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = resultString;
+
+cleanup:
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(buildStatusString);
+ PKIX_DECREF(validityDateString);
+ PKIX_DECREF(prevCertString);
+ PKIX_DECREF(candidateCertString);
+ PKIX_DECREF(traversedSubjNamesString);
+ PKIX_DECREF(trustChainString);
+ PKIX_DECREF(candidateCertsString);
+ PKIX_DECREF(certSelString);
+ PKIX_DECREF(verifyNodeString);
+ PKIX_DECREF(parentStateString);
+
+ PKIX_RETURN(FORWARDBUILDERSTATE);
+
+}
+
+/*
+ * FUNCTION: pkix_ForwardBuilderState_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_FORWARDBUILDERSTATE_TYPE and its related functions
+ * with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_ForwardBuilderState_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(FORWARDBUILDERSTATE,
+ "pkix_ForwardBuilderState_RegisterSelf");
+
+ entry.description = "ForwardBuilderState";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_ForwardBuilderState);
+ entry.destructor = pkix_ForwardBuilderState_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = pkix_ForwardBuilderState_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_FORWARDBUILDERSTATE_TYPE] = entry;
+
+ PKIX_RETURN(FORWARDBUILDERSTATE);
+}
+
+#if PKIX_FORWARDBUILDERSTATEDEBUG
+/*
+ * FUNCTION: pkix_ForwardBuilderState_DumpState
+ *
+ * DESCRIPTION:
+ * This function invokes the ToString function on the argument pointed to
+ * by "state".
+ * PARAMETERS:
+ * "state"
+ * The address of the ForwardBuilderState object. Must be non-NULL.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ */
+PKIX_Error *
+pkix_ForwardBuilderState_DumpState(
+ PKIX_ForwardBuilderState *state,
+ void *plContext)
+{
+ PKIX_PL_String *stateString = NULL;
+ char *stateAscii = NULL;
+ PKIX_UInt32 length;
+
+ PKIX_ENTER(FORWARDBUILDERSTATE,"pkix_ForwardBuilderState_DumpState");
+ PKIX_NULLCHECK_ONE(state);
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)state, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)state, &stateString, plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stateString,
+ PKIX_ESCASCII,
+ (void **)&stateAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_DEBUG_ARG("In Phase 1: state = %s\n", stateAscii);
+
+ PKIX_FREE(stateAscii);
+ PKIX_DECREF(stateString);
+
+cleanup:
+ PKIX_RETURN(FORWARDBUILDERSTATE);
+}
+#endif
+
+/*
+ * FUNCTION: pkix_ForwardBuilderState_IsIOPending
+ * DESCRIPTION:
+ *
+ * This function determines whether the state of the ForwardBuilderState
+ * pointed to by "state" indicates I/O is in progress, and stores the Boolean
+ * result at "pPending".
+ *
+ * PARAMETERS:
+ * "state"
+ * The address of the ForwardBuilderState object. Must be non-NULL.
+ * "pPending"
+ * The address at which the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a ForwardBuilderState Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error*
+pkix_ForwardBuilderState_IsIOPending(
+ PKIX_ForwardBuilderState *state,
+ PKIX_Boolean *pPending,
+ void *plContext)
+{
+ PKIX_ENTER(FORWARDBUILDERSTATE, "pkix_ForwardBuilderState_IsIOPending");
+ PKIX_NULLCHECK_TWO(state, pPending);
+
+ if ((state->status == BUILD_GATHERPENDING) ||
+ (state->status == BUILD_CHECKTRUSTED2) ||
+ (state->status == BUILD_VALCHAIN2) ||
+ (state->status == BUILD_AIAPENDING)) {
+ *pPending = PKIX_TRUE;
+ } else {
+ *pPending = PKIX_FALSE;
+ }
+
+ PKIX_RETURN(FORWARDBUILDERSTATE);
+}
+
+/* --Private-BuildChain-Functions------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_Build_SortCertComparator
+ * DESCRIPTION:
+ *
+ * This Function takes two Certificates cast in "obj1" and "obj2",
+ * compares them to determine which is a more preferable certificate
+ * for chain building. This Function is suitable for use as a
+ * comparator callback for pkix_List_BubbleSort, setting "*pResult" to
+ * > 0 if "obj1" is less desirable than "obj2" and < 0 if "obj1"
+ * is more desirable than "obj2".
+ *
+ * PARAMETERS:
+ * "obj1"
+ * Address of the PKIX_PL_Object that is a cast of PKIX_PL_Cert.
+ * Must be non-NULL.
+ * "obj2"
+ * Address of the PKIX_PL_Object that is a cast of PKIX_PL_Cert.
+ * Must be non-NULL.
+ * "pResult"
+ * Address where the comparison result is returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_SortCertComparator(
+ PKIX_PL_Object *obj1,
+ PKIX_PL_Object *obj2,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_Date *date1 = NULL;
+ PKIX_PL_Date *date2 = NULL;
+ PKIX_Int32 result = 0;
+
+ PKIX_ENTER(BUILD, "pkix_Build_SortCertComparator");
+ PKIX_NULLCHECK_THREE(obj1, obj2, pResult);
+
+ /*
+ * For sorting candidate certificates, we use NotAfter date as the
+ * comparison key for now (can be expanded if desired in the future).
+ *
+ * In PKIX_BuildChain, the List of CertStores was reordered so that
+ * trusted CertStores are ahead of untrusted CertStores. That sort, or
+ * this one, could be taken out if it is determined that it doesn't help
+ * performance, or in some way hinders the solution of choosing desired
+ * candidates.
+ */
+
+ PKIX_CHECK(pkix_CheckType(obj1, PKIX_CERT_TYPE, plContext),
+ PKIX_OBJECTNOTCERT);
+ PKIX_CHECK(pkix_CheckType(obj2, PKIX_CERT_TYPE, plContext),
+ PKIX_OBJECTNOTCERT);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetValidityNotAfter
+ ((PKIX_PL_Cert *)obj1, &date1, plContext),
+ PKIX_CERTGETVALIDITYNOTAFTERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetValidityNotAfter
+ ((PKIX_PL_Cert *)obj2, &date2, plContext),
+ PKIX_CERTGETVALIDITYNOTAFTERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)date1,
+ (PKIX_PL_Object *)date2,
+ &result,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+
+ /*
+ * Invert the result, so that if date1 is greater than date2,
+ * obj1 is sorted before obj2. This is because pkix_List_BubbleSort
+ * sorts in ascending order.
+ */
+ *pResult = -result;
+
+cleanup:
+
+ PKIX_DECREF(date1);
+ PKIX_DECREF(date2);
+
+ PKIX_RETURN(BUILD);
+}
+
+/* This local error check macro */
+#define ERROR_CHECK(errCode) \
+ if (pkixErrorResult) { \
+ if (pkixLog) { \
+ PR_LOG(pkixLog, PR_LOG_DEBUG, ("====> ERROR_CHECK code %s\n", #errCode)); \
+ } \
+ pkixTempErrorReceived = PKIX_TRUE; \
+ pkixErrorClass = pkixErrorResult->errClass; \
+ if (pkixErrorClass == PKIX_FATAL_ERROR) { \
+ goto cleanup; \
+ } \
+ if (verifyNode) { \
+ PKIX_DECREF(verifyNode->error); \
+ PKIX_INCREF(pkixErrorResult); \
+ verifyNode->error = pkixErrorResult; \
+ } \
+ pkixErrorCode = errCode; \
+ goto cleanup; \
+ }
+
+/*
+ * FUNCTION: pkix_Build_VerifyCertificate
+ * DESCRIPTION:
+ *
+ * Checks whether the previous Cert stored in the ForwardBuilderState pointed
+ * to by "state" successfully chains, including signature verification, to the
+ * candidate Cert also stored in "state", using the Boolean value in "trusted"
+ * to determine whether "candidateCert" is trusted.
+ *
+ * First it checks whether "candidateCert" has already been traversed by
+ * determining whether it is contained in the List of traversed Certs. It then
+ * checks the candidate Cert with user checkers, if any, in the List pointed to
+ * by "userCheckers". Finally, it runs the signature validation.
+ *
+ * If this Certificate fails verification, and state->verifyNode is non-NULL,
+ * this function sets the Error code into the verifyNode.
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "userCheckers"
+ * Address of a List of CertChainCheckers to be used, if present, to
+ * validate the candidateCert.
+ * "trusted"
+ * Boolean value of trust for the candidate Cert
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_VerifyCertificate(
+ PKIX_ForwardBuilderState *state,
+ PKIX_List *userCheckers,
+ PKIX_Boolean *pTrusted,
+ PKIX_VerifyNode *verifyNode,
+ void *plContext)
+{
+ PKIX_UInt32 numUserCheckers = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_Boolean loopFound = PKIX_FALSE;
+ PKIX_Boolean supportForwardChecking = PKIX_FALSE;
+ PKIX_Boolean trusted = PKIX_FALSE;
+ PKIX_PL_Cert *candidateCert = NULL;
+ PKIX_PL_PublicKey *candidatePubKey = NULL;
+ PKIX_CertChainChecker *userChecker = NULL;
+ PKIX_CertChainChecker_CheckCallback checkerCheck = NULL;
+ PKIX_PL_TrustAnchorMode trustAnchorMode =
+ PKIX_PL_TrustAnchorMode_Ignore;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_VerifyCertificate");
+ PKIX_NULLCHECK_TWO(state, pTrusted);
+ PKIX_NULLCHECK_THREE
+ (state->candidateCerts, state->prevCert, state->trustChain);
+
+ PKIX_INCREF(state->candidateCert);
+ candidateCert = state->candidateCert;
+
+ if (state->buildConstants.numAnchors) {
+ if (state->buildConstants.trustOnlyUserAnchors) {
+ trustAnchorMode = PKIX_PL_TrustAnchorMode_Exclusive;
+ } else {
+ trustAnchorMode = PKIX_PL_TrustAnchorMode_Additive;
+ }
+ } else {
+ trustAnchorMode = PKIX_PL_TrustAnchorMode_Ignore;
+ }
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_IsCertTrusted(candidateCert, trustAnchorMode,
+ &trusted, plContext),
+ PKIX_CERTISCERTTRUSTEDFAILED);
+
+ *pTrusted = trusted;
+
+ /* check for loops */
+ PKIX_CHECK(pkix_List_Contains
+ (state->trustChain,
+ (PKIX_PL_Object *)candidateCert,
+ &loopFound,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ if (loopFound) {
+ if (verifyNode != NULL) {
+ PKIX_Error *verifyError = NULL;
+ PKIX_ERROR_CREATE
+ (BUILD,
+ PKIX_LOOPDISCOVEREDDUPCERTSNOTALLOWED,
+ verifyError);
+ PKIX_DECREF(verifyNode->error);
+ verifyNode->error = verifyError;
+ }
+ /* Even if error logged, still need to abort
+ * if cert is not trusted. */
+ if (!trusted) {
+ PKIX_ERROR(PKIX_LOOPDISCOVEREDDUPCERTSNOTALLOWED);
+ }
+ state->certLoopingDetected = PKIX_TRUE;
+ }
+
+ if (userCheckers != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (userCheckers, &numUserCheckers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numUserCheckers; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (userCheckers,
+ i,
+ (PKIX_PL_Object **) &userChecker,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK
+ (PKIX_CertChainChecker_IsForwardCheckingSupported
+ (userChecker, &supportForwardChecking, plContext),
+ PKIX_CERTCHAINCHECKERISFORWARDCHECKINGSUPPORTEDFAILED);
+
+ if (supportForwardChecking == PKIX_TRUE) {
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCheckCallback
+ (userChecker, &checkerCheck, plContext),
+ PKIX_CERTCHAINCHECKERGETCHECKCALLBACKFAILED);
+
+ pkixErrorResult =
+ checkerCheck(userChecker, candidateCert, NULL,
+ &nbioContext, plContext);
+
+ ERROR_CHECK(PKIX_USERCHECKERCHECKFAILED);
+ }
+
+ PKIX_DECREF(userChecker);
+ }
+ }
+
+ /* Check that public key of the trusted dsa cert has
+ * dsa parameters */
+ if (trusted) {
+ PKIX_Boolean paramsNeeded = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (candidateCert, &candidatePubKey, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+ PKIX_CHECK(PKIX_PL_PublicKey_NeedsDSAParameters
+ (candidatePubKey, &paramsNeeded, plContext),
+ PKIX_PUBLICKEYNEEDSDSAPARAMETERSFAILED);
+ if (paramsNeeded) {
+ PKIX_ERROR(PKIX_MISSINGDSAPARAMETERS);
+ }
+ }
+
+cleanup:
+ PKIX_DECREF(candidateCert);
+ PKIX_DECREF(candidatePubKey);
+ PKIX_DECREF(userChecker);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_ValidationCheckers
+ * DESCRIPTION:
+ *
+ * Creates a List of Objects to be used in determining whether the List of
+ * Certs pointed to by "certChain" successfully validates using the
+ * ForwardBuilderState pointed to by "state", and the TrustAnchor pointed to by
+ * "anchor". These objects are a reversed Cert Chain, consisting of the certs
+ * in "certChain" in reversed order, suitable for presenting to the
+ * CertChainCheckers; a List of critical extension OIDS that have already been
+ * processed in forward building; a List of CertChainCheckers to be called, and
+ * a List of RevocationCheckers to be called. These results are stored in
+ * fields of "state".
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "certChain"
+ * Address of List of Certs to be validated. Must be non-NULL.
+ * "anchor"
+ * Address of TrustAnchor to be used. Must be non-NULL.
+ * "addEkuChecker"
+ * Boolean flags that tells to add eku checker to the list
+ * of checkers. Only needs to be done for existing chain revalidation.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_ValidationCheckers(
+ PKIX_ForwardBuilderState *state,
+ PKIX_List *certChain,
+ PKIX_TrustAnchor *anchor,
+ PKIX_Boolean chainRevalidationStage,
+ void *plContext)
+{
+ PKIX_List *checkers = NULL;
+ PKIX_List *initialPolicies = NULL;
+ PKIX_List *reversedCertChain = NULL;
+ PKIX_List *buildCheckedCritExtOIDsList = NULL;
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_PL_PublicKey *trustedPubKey = NULL;
+ PKIX_PL_CertNameConstraints *trustedNC = NULL;
+ PKIX_CertChainChecker *sigChecker = NULL;
+ PKIX_CertChainChecker *policyChecker = NULL;
+ PKIX_CertChainChecker *userChecker = NULL;
+ PKIX_CertChainChecker *nameConstraintsChecker = NULL;
+ PKIX_CertChainChecker *checker = NULL;
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_List *userCheckerExtOIDs = NULL;
+ PKIX_PL_OID *oid = NULL;
+ PKIX_Boolean supportForwardChecking = PKIX_FALSE;
+ PKIX_Boolean policyQualifiersRejected = PKIX_FALSE;
+ PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE;
+ PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE;
+ PKIX_Boolean initialExplicitPolicy = PKIX_FALSE;
+ PKIX_UInt32 numChainCerts;
+ PKIX_UInt32 numCertCheckers;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(BUILD, "pkix_Build_ValidationCheckers");
+ PKIX_NULLCHECK_THREE(state, certChain, anchor);
+
+ PKIX_CHECK(PKIX_List_Create(&checkers, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_ReverseList
+ (certChain, &reversedCertChain, plContext),
+ PKIX_LISTREVERSELISTFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (reversedCertChain, &numChainCerts, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ procParams = state->buildConstants.procParams;
+
+ /* Do need to add a number of checker to revalidate
+ * a built chain. KU, EKU, CertType and Validity Date
+ * get checked by certificate selector during chain
+ * construction, but needed to be checked for chain from
+ * the cache.*/
+ if (chainRevalidationStage) {
+ PKIX_CHECK(pkix_ExpirationChecker_Initialize
+ (state->buildConstants.testDate, &checker, plContext),
+ PKIX_EXPIRATIONCHECKERINITIALIZEFAILED);
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)checker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(checker);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraints
+ (procParams, &certSelector, plContext),
+ PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
+
+ PKIX_CHECK(pkix_TargetCertChecker_Initialize
+ (certSelector, numChainCerts, &checker, plContext),
+ PKIX_EXPIRATIONCHECKERINITIALIZEFAILED);
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)checker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(checker);
+ }
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetInitialPolicies
+ (procParams, &initialPolicies, plContext),
+ PKIX_PROCESSINGPARAMSGETINITIALPOLICIESFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetPolicyQualifiersRejected
+ (procParams, &policyQualifiersRejected, plContext),
+ PKIX_PROCESSINGPARAMSGETPOLICYQUALIFIERSREJECTEDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_IsPolicyMappingInhibited
+ (procParams, &initialPolicyMappingInhibit, plContext),
+ PKIX_PROCESSINGPARAMSISPOLICYMAPPINGINHIBITEDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_IsAnyPolicyInhibited
+ (procParams, &initialAnyPolicyInhibit, plContext),
+ PKIX_PROCESSINGPARAMSISANYPOLICYINHIBITEDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_IsExplicitPolicyRequired
+ (procParams, &initialExplicitPolicy, plContext),
+ PKIX_PROCESSINGPARAMSISEXPLICITPOLICYREQUIREDFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_Initialize
+ (initialPolicies,
+ policyQualifiersRejected,
+ initialPolicyMappingInhibit,
+ initialExplicitPolicy,
+ initialAnyPolicyInhibit,
+ numChainCerts,
+ &policyChecker,
+ plContext),
+ PKIX_POLICYCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)policyChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ /*
+ * Create an OID list that contains critical extensions processed
+ * by BuildChain. These are specified in a static const array.
+ */
+ PKIX_CHECK(PKIX_List_Create(&buildCheckedCritExtOIDsList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (i = 0; buildCheckedCritExtOIDs[i] != PKIX_UNKNOWN_OID; i++) {
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (buildCheckedCritExtOIDs[i], &oid, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (buildCheckedCritExtOIDsList,
+ (PKIX_PL_Object *) oid,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(oid);
+ }
+
+ if (state->buildConstants.userCheckers != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->buildConstants.userCheckers,
+ &numCertCheckers,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numCertCheckers; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->buildConstants.userCheckers,
+ i,
+ (PKIX_PL_Object **) &userChecker,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK
+ (PKIX_CertChainChecker_IsForwardCheckingSupported
+ (userChecker, &supportForwardChecking, plContext),
+ PKIX_CERTCHAINCHECKERGETSUPPORTEDEXTENSIONSFAILED);
+
+ /*
+ * If this userChecker supports forwardChecking then it
+ * should have been checked during build chain. Skip
+ * checking but need to add checker's extension OIDs
+ * to buildCheckedCritExtOIDsList.
+ */
+ if (supportForwardChecking == PKIX_TRUE) {
+
+ PKIX_CHECK
+ (PKIX_CertChainChecker_GetSupportedExtensions
+ (userChecker, &userCheckerExtOIDs, plContext),
+ PKIX_CERTCHAINCHECKERGETSUPPORTEDEXTENSIONSFAILED);
+
+ if (userCheckerExtOIDs != NULL) {
+ PKIX_CHECK(pkix_List_AppendList
+ (buildCheckedCritExtOIDsList,
+ userCheckerExtOIDs,
+ plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ }
+
+ } else {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers,
+ (PKIX_PL_Object *)userChecker,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ PKIX_DECREF(userCheckerExtOIDs);
+ PKIX_DECREF(userChecker);
+ }
+ }
+
+ /* Enabling post chain building signature check on the certs. */
+ PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
+ (anchor, &trustedCert, plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (trustedCert, &trustedPubKey, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+
+ PKIX_CHECK(pkix_SignatureChecker_Initialize
+ (trustedPubKey,
+ numChainCerts,
+ &sigChecker,
+ plContext),
+ PKIX_SIGNATURECHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers,
+ (PKIX_PL_Object *)sigChecker,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ /* Enabling post chain building name constraints check on the certs. */
+ PKIX_CHECK(PKIX_TrustAnchor_GetNameConstraints
+ (anchor, &trustedNC, plContext),
+ PKIX_TRUSTANCHORGETNAMECONSTRAINTSFAILED);
+
+ PKIX_CHECK(pkix_NameConstraintsChecker_Initialize
+ (trustedNC, numChainCerts, &nameConstraintsChecker,
+ plContext),
+ PKIX_NAMECONSTRAINTSCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers,
+ (PKIX_PL_Object *)nameConstraintsChecker,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+
+ PKIX_DECREF(state->reversedCertChain);
+ PKIX_INCREF(reversedCertChain);
+ state->reversedCertChain = reversedCertChain;
+ PKIX_DECREF(state->checkedCritExtOIDs);
+ PKIX_INCREF(buildCheckedCritExtOIDsList);
+ state->checkedCritExtOIDs = buildCheckedCritExtOIDsList;
+ PKIX_DECREF(state->checkerChain);
+ state->checkerChain = checkers;
+ checkers = NULL;
+ state->certCheckedIndex = 0;
+ state->checkerIndex = 0;
+ state->revChecking = PKIX_FALSE;
+
+
+cleanup:
+
+ PKIX_DECREF(oid);
+ PKIX_DECREF(reversedCertChain);
+ PKIX_DECREF(buildCheckedCritExtOIDsList);
+ PKIX_DECREF(checker);
+ PKIX_DECREF(checkers);
+ PKIX_DECREF(initialPolicies);
+ PKIX_DECREF(trustedCert);
+ PKIX_DECREF(trustedPubKey);
+ PKIX_DECREF(certSelector);
+ PKIX_DECREF(sigChecker);
+ PKIX_DECREF(trustedNC);
+ PKIX_DECREF(nameConstraintsChecker);
+ PKIX_DECREF(policyChecker);
+ PKIX_DECREF(userChecker);
+ PKIX_DECREF(userCheckerExtOIDs);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_ValidateEntireChain
+ * DESCRIPTION:
+ *
+ * Checks whether the current List of Certs successfully validates using the
+ * TrustAnchor pointed to by "anchor" and other parameters contained, as was
+ * the Cert List, in "state".
+ *
+ * If a checker using non-blocking I/O returns with a non-NULL non-blocking I/O
+ * context (NBIOContext), an indication that I/O is in progress and the
+ * checking has not been completed, this function stores that context at
+ * "pNBIOContext". Otherwise, it stores NULL at "pNBIOContext".
+ *
+ * If not awaiting I/O and if successful, a ValidateResult is created
+ * containing the Public Key of the target certificate (including DSA parameter
+ * inheritance, if any) and the PolicyNode representing the policy tree output
+ * by the validation algorithm. If not successful, an Error pointer is
+ * returned.
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "anchor"
+ * Address of TrustAnchor to be used. Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which the NBIOContext is stored indicating whether the
+ * validation is complete. Must be non-NULL.
+ * "pValResult"
+ * Address at which the ValidateResult is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_ValidateEntireChain(
+ PKIX_ForwardBuilderState *state,
+ PKIX_TrustAnchor *anchor,
+ void **pNBIOContext,
+ PKIX_ValidateResult **pValResult,
+ PKIX_VerifyNode *verifyNode,
+ void *plContext)
+{
+ PKIX_UInt32 numChainCerts = 0;
+ PKIX_PL_PublicKey *subjPubKey = NULL;
+ PKIX_PolicyNode *policyTree = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_ValidateEntireChain");
+ PKIX_NULLCHECK_FOUR(state, anchor, pNBIOContext, pValResult);
+
+ *pNBIOContext = NULL; /* prepare for case of error exit */
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->reversedCertChain, &numChainCerts, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ pkixErrorResult =
+ pkix_CheckChain(state->reversedCertChain, numChainCerts, anchor,
+ state->checkerChain,
+ state->buildConstants.revChecker,
+ state->checkedCritExtOIDs,
+ state->buildConstants.procParams,
+ &state->certCheckedIndex, &state->checkerIndex,
+ &state->revChecking, &state->reasonCode,
+ &nbioContext, &subjPubKey, &policyTree, NULL,
+ plContext);
+
+ if (nbioContext != NULL) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ ERROR_CHECK(PKIX_CHECKCHAINFAILED);
+
+ /* XXX Remove this assertion after 2014-12-31. See bug 946984. */
+ PORT_Assert(state->reasonCode == 0);
+
+ PKIX_CHECK(pkix_ValidateResult_Create
+ (subjPubKey, anchor, policyTree, &valResult, plContext),
+ PKIX_VALIDATERESULTCREATEFAILED);
+
+ *pValResult = valResult;
+ valResult = NULL;
+
+cleanup:
+ PKIX_DECREF(subjPubKey);
+ PKIX_DECREF(policyTree);
+ PKIX_DECREF(valResult);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_SortCandidateCerts
+ * DESCRIPTION:
+ *
+ * This function sorts a List of candidate Certs pointed to by "candidates"
+ * using an algorithm that places Certs most likely to produce a successful
+ * chain at the front of the list, storing the resulting sorted List at
+ * "pSortedCandidates".
+ *
+ * At present the only sort criterion is that trusted Certs go ahead of
+ * untrusted Certs.
+ *
+ * PARAMETERS:
+ * "candidates"
+ * Address of List of Candidate Certs to be sorted. Must be non-NULL.
+ * "pSortedCandidates"
+ * Address at which sorted List is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_SortCandidateCerts(
+ PKIX_List *candidates,
+ PKIX_List **pSortedCandidates,
+ void *plContext)
+{
+ PKIX_List *sortedList = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_SortCandidateCerts");
+ PKIX_NULLCHECK_TWO(candidates, pSortedCandidates);
+
+ /*
+ * Both bubble and quick sort algorithms are available.
+ * For a list of fewer than around 100 items, the bubble sort is more
+ * efficient. (This number was determined by experimenting with both
+ * algorithms on a Java List.)
+ * If the candidate list is very small, using the sort can drag down
+ * the performance a little bit.
+ */
+
+ PKIX_CHECK(pkix_List_BubbleSort
+ (candidates,
+ pkix_Build_SortCertComparator,
+ &sortedList,
+ plContext),
+ PKIX_LISTBUBBLESORTFAILED);
+
+ *pSortedCandidates = sortedList;
+
+cleanup:
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_BuildSelectorAndParams
+ * DESCRIPTION:
+ *
+ * This function creates a CertSelector, initialized with an appropriate
+ * ComCertSelParams, using the variables provided in the ForwardBuilderState
+ * pointed to by "state". The CertSelector created is stored in the certsel
+ * element of "state".
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_BuildSelectorAndParams(
+ PKIX_ForwardBuilderState *state,
+ void *plContext)
+{
+ PKIX_ComCertSelParams *certSelParams = NULL;
+ PKIX_CertSelector *certSel = NULL;
+ PKIX_PL_X500Name *currentIssuer = NULL;
+ PKIX_PL_ByteArray *authKeyId = NULL;
+ PKIX_PL_Date *testDate = NULL;
+ PKIX_CertSelector *callerCertSelector = NULL;
+ PKIX_ComCertSelParams *callerComCertSelParams = NULL;
+ PKIX_UInt32 reqKu = 0;
+ PKIX_List *reqEkuOids = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_BuildSelectorAndParams");
+ PKIX_NULLCHECK_THREE(state, state->prevCert, state->traversedSubjNames);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetIssuer
+ (state->prevCert, &currentIssuer, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetAuthorityKeyIdentifier
+ (state->prevCert, &authKeyId, plContext),
+ PKIX_CERTGETAUTHORITYKEYIDENTIFIERFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_Create(&certSelParams, plContext),
+ PKIX_COMCERTSELPARAMSCREATEFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_SetSubject
+ (certSelParams, currentIssuer, plContext),
+ PKIX_COMCERTSELPARAMSSETSUBJECTFAILED);
+
+ if (authKeyId != NULL) {
+ PKIX_CHECK(PKIX_ComCertSelParams_SetSubjKeyIdentifier
+ (certSelParams, authKeyId, plContext),
+ PKIX_COMCERTSELPARAMSSETSUBJKEYIDENTIFIERFAILED);
+ }
+
+ PKIX_INCREF(state->buildConstants.testDate);
+ testDate = state->buildConstants.testDate;
+
+ PKIX_CHECK(PKIX_ComCertSelParams_SetCertificateValid
+ (certSelParams, testDate, plContext),
+ PKIX_COMCERTSELPARAMSSETCERTIFICATEVALIDFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_SetBasicConstraints
+ (certSelParams, state->traversedCACerts, plContext),
+ PKIX_COMCERTSELPARAMSSETBASICCONSTRAINTSFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_SetPathToNames
+ (certSelParams, state->traversedSubjNames, plContext),
+ PKIX_COMCERTSELPARAMSSETPATHTONAMESFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraints
+ (state->buildConstants.procParams,
+ &callerCertSelector, plContext),
+ PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
+
+ if (callerCertSelector != NULL) {
+
+ /* Get initial EKU OIDs from ComCertSelParams, if set */
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (callerCertSelector, &callerComCertSelParams, plContext),
+ PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED);
+
+ if (callerComCertSelParams != NULL) {
+ PKIX_CHECK(PKIX_ComCertSelParams_GetExtendedKeyUsage
+ (callerComCertSelParams, &reqEkuOids, plContext),
+ PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetKeyUsage
+ (callerComCertSelParams, &reqKu, plContext),
+ PKIX_COMCERTSELPARAMSGETEXTENDEDKEYUSAGEFAILED);
+ }
+ }
+
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_SetKeyUsage(certSelParams, reqKu,
+ plContext),
+ PKIX_COMCERTSELPARAMSSETKEYUSAGEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_SetExtendedKeyUsage(certSelParams,
+ reqEkuOids,
+ plContext),
+ PKIX_COMCERTSELPARAMSSETEXTKEYUSAGEFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_Create
+ (NULL, NULL, &state->certSel, plContext),
+ PKIX_CERTSELECTORCREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_SetCommonCertSelectorParams
+ (state->certSel, certSelParams, plContext),
+ PKIX_CERTSELECTORSETCOMMONCERTSELECTORPARAMSFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&state->candidateCerts, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ state->certStoreIndex = 0;
+
+cleanup:
+ PKIX_DECREF(certSelParams);
+ PKIX_DECREF(certSel);
+ PKIX_DECREF(currentIssuer);
+ PKIX_DECREF(authKeyId);
+ PKIX_DECREF(testDate);
+ PKIX_DECREF(reqEkuOids);
+ PKIX_DECREF(callerComCertSelParams);
+ PKIX_DECREF(callerCertSelector);
+
+ PKIX_RETURN(BUILD);
+}
+
+/* Match trust anchor to select params in order to find next cert. */
+static PKIX_Error*
+pkix_Build_SelectCertsFromTrustAnchors(
+ PKIX_List *trustAnchorsList,
+ PKIX_ComCertSelParams *certSelParams,
+ PKIX_List **pMatchList,
+ void *plContext)
+{
+ unsigned int anchorIndex = 0;
+ PKIX_TrustAnchor *anchor = NULL;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_List *matchList = NULL;
+ PKIX_CertSelector *certSel = NULL;
+ PKIX_CertSelector_MatchCallback selectorMatchCB = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_SelectCertsFromTrustAnchors");
+
+ PKIX_CHECK(PKIX_CertSelector_Create
+ (NULL, NULL, &certSel, plContext),
+ PKIX_CERTSELECTORCREATEFAILED);
+ PKIX_CHECK(PKIX_CertSelector_SetCommonCertSelectorParams
+ (certSel, certSelParams, plContext),
+ PKIX_CERTSELECTORSETCOMMONCERTSELECTORPARAMSFAILED);
+ PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
+ (certSel, &selectorMatchCB, plContext),
+ PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
+
+ for (anchorIndex = 0;anchorIndex < trustAnchorsList->length; anchorIndex++) {
+ PKIX_CHECK(
+ PKIX_List_GetItem(trustAnchorsList,
+ anchorIndex,
+ (PKIX_PL_Object **)&anchor,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+ PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
+ (anchor, &trustedCert, plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+ pkixErrorResult =
+ (*selectorMatchCB)(certSel, trustedCert, plContext);
+ if (!pkixErrorResult) {
+ if (!matchList) {
+ PKIX_CHECK(PKIX_List_Create(&matchList,
+ plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+ PKIX_CHECK(
+ PKIX_List_AppendItem(matchList,
+ (PKIX_PL_Object*)trustedCert,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ } else {
+ PKIX_DECREF(pkixErrorResult);
+ }
+ PKIX_DECREF(trustedCert);
+ PKIX_DECREF(anchor);
+ }
+
+ *pMatchList = matchList;
+ matchList = NULL;
+
+cleanup:
+ PKIX_DECREF(matchList);
+ PKIX_DECREF(trustedCert);
+ PKIX_DECREF(anchor);
+ PKIX_DECREF(certSel);
+
+ PKIX_RETURN(BUILD);
+}
+
+
+static PKIX_Error*
+pkix_Build_RemoveDupUntrustedCerts(
+ PKIX_List *trustedCertList,
+ PKIX_List *certsFound,
+ void *plContext)
+{
+ PKIX_UInt32 trustIndex;
+ PKIX_PL_Cert *trustCert = NULL, *cert = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_RemoveDupUntrustedCerts");
+ if (trustedCertList == NULL || certsFound == NULL) {
+ goto cleanup;
+ }
+ for (trustIndex = 0;trustIndex < trustedCertList->length;
+ trustIndex++) {
+ PKIX_UInt32 certIndex = 0;
+ PKIX_CHECK(
+ PKIX_List_GetItem(trustedCertList,
+ trustIndex,
+ (PKIX_PL_Object **)&trustCert,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ while (certIndex < certsFound->length) {
+ PKIX_Boolean result = PKIX_FALSE;
+ PKIX_DECREF(cert);
+ PKIX_CHECK(
+ PKIX_List_GetItem(certsFound, certIndex,
+ (PKIX_PL_Object **)&cert,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+ PKIX_CHECK(
+ PKIX_PL_Object_Equals((PKIX_PL_Object *)trustCert,
+ (PKIX_PL_Object *)cert,
+ &result,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+ if (!result) {
+ certIndex += 1;
+ continue;
+ }
+ PKIX_CHECK(
+ PKIX_List_DeleteItem(certsFound, certIndex,
+ plContext),
+ PKIX_LISTDELETEITEMFAILED);
+ }
+ PKIX_DECREF(trustCert);
+ }
+cleanup:
+ PKIX_DECREF(cert);
+ PKIX_DECREF(trustCert);
+
+ PKIX_RETURN(BUILD);
+}
+
+
+/*
+ * FUNCTION: pkix_Build_GatherCerts
+ * DESCRIPTION:
+ *
+ * This function traverses the CertStores in the List of CertStores contained
+ * in "state", using the certSelector and other parameters contained in
+ * "state", to obtain a List of all available Certs that satisfy the criteria.
+ * If a CertStore has a cache, "certSelParams" is used both to query the cache
+ * and, if an actual CertStore search occurred, to update the cache. (Behavior
+ * is undefined if "certSelParams" is different from the parameters that were
+ * used to initialize the certSelector in "state".)
+ *
+ * If a CertStore using non-blocking I/O returns with an indication that I/O is
+ * in progress and the checking has not been completed, this function stores
+ * platform-dependent information at "pNBIOContext". Otherwise it stores NULL
+ * at "pNBIOContext", and state is updated with the results of the search.
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "certSelParams"
+ * Address of ComCertSelParams which were used in creating the current
+ * CertSelector, and to be used in querying and updating any caches that
+ * may be associated with with the CertStores.
+ * "pNBIOContext"
+ * Address at which platform-dependent information is returned if request
+ * is suspended for non-blocking I/O. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+/* return NULL if wouldblock, empty list if none found, else list of found */
+static PKIX_Error *
+pkix_Build_GatherCerts(
+ PKIX_ForwardBuilderState *state,
+ PKIX_ComCertSelParams *certSelParams,
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_Boolean certStoreIsCached = PKIX_FALSE;
+ PKIX_Boolean certStoreIsLocal = PKIX_FALSE;
+ PKIX_Boolean foundInCache = PKIX_FALSE;
+ PKIX_CertStore *certStore = NULL;
+ PKIX_CertStore_CertCallback getCerts = NULL;
+ PKIX_List *certsFound = NULL;
+ PKIX_List *trustedCertList = NULL;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_GatherCerts");
+ PKIX_NULLCHECK_THREE(state, certSelParams, pNBIOContext);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ PKIX_DECREF(state->candidateCerts);
+
+ while (state->certStoreIndex < state->buildConstants.numCertStores) {
+
+ /* Get the current CertStore */
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->buildConstants.certStores,
+ state->certStoreIndex,
+ (PKIX_PL_Object **)&certStore,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_CertStore_GetLocalFlag
+ (certStore, &certStoreIsLocal, plContext),
+ PKIX_CERTSTOREGETLOCALFLAGFAILED);
+
+ if (state->useOnlyLocal == certStoreIsLocal) {
+ /* If GATHERPENDING, we've already checked the cache */
+ if (state->status == BUILD_GATHERPENDING) {
+ certStoreIsCached = PKIX_FALSE;
+ foundInCache = PKIX_FALSE;
+ } else {
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreCacheFlag
+ (certStore, &certStoreIsCached, plContext),
+ PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED);
+
+ if (certStoreIsCached) {
+ /*
+ * Look for Certs in the cache, using the SubjectName as
+ * the key. Then the ComCertSelParams are used to filter
+ * for qualified certs. If none are found, then the
+ * certStores are queried. When we eventually add items
+ * to the cache, we will only add items that passed the
+ * ComCertSelParams filter, rather than all Certs which
+ * matched the SubjectName.
+ */
+
+ PKIX_CHECK(pkix_CacheCert_Lookup
+ (certStore,
+ certSelParams,
+ state->buildConstants.testDate,
+ &foundInCache,
+ &certsFound,
+ plContext),
+ PKIX_CACHECERTCHAINLOOKUPFAILED);
+
+ }
+ }
+
+ /*
+ * XXX need to verify if Cert is trusted, hence may not
+ * be worth it to have the Cert Cached or
+ * If it is trusted, don't cache, but once there is cached
+ * certs, we won't get certs from database any more.
+ * can use flag to force not getting certs from cache
+ */
+ if (!foundInCache) {
+
+ if (nbioContext == NULL) {
+ PKIX_CHECK(PKIX_CertStore_GetCertCallback
+ (certStore, &getCerts, plContext),
+ PKIX_CERTSTOREGETCERTCALLBACKFAILED);
+
+ PKIX_CHECK(getCerts
+ (certStore,
+ state->certSel,
+ state->verifyNode,
+ &nbioContext,
+ &certsFound,
+ plContext),
+ PKIX_GETCERTSFAILED);
+ } else {
+ PKIX_CHECK(PKIX_CertStore_CertContinue
+ (certStore,
+ state->certSel,
+ state->verifyNode,
+ &nbioContext,
+ &certsFound,
+ plContext),
+ PKIX_CERTSTORECERTCONTINUEFAILED);
+ }
+
+ if (certStoreIsCached && certsFound) {
+
+ PKIX_CHECK(pkix_CacheCert_Add
+ (certStore,
+ certSelParams,
+ certsFound,
+ plContext),
+ PKIX_CACHECERTADDFAILED);
+ }
+ }
+
+ /*
+ * getCerts returns an empty list for "NONE FOUND",
+ * a NULL list for "would block"
+ */
+ if (certsFound == NULL) {
+ state->status = BUILD_GATHERPENDING;
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+ }
+
+ /* Are there any more certStores to query? */
+ PKIX_DECREF(certStore);
+ ++(state->certStoreIndex);
+ }
+
+ if (certsFound && certsFound->length > 1) {
+ PKIX_List *sorted = NULL;
+
+ /* sort Certs to try to optimize search */
+ PKIX_CHECK(pkix_Build_SortCandidateCerts
+ (certsFound, &sorted, plContext),
+ PKIX_BUILDSORTCANDIDATECERTSFAILED);
+ PKIX_DECREF(certsFound);
+ certsFound = sorted;
+ }
+
+ PKIX_CHECK(
+ pkix_Build_SelectCertsFromTrustAnchors(
+ state->buildConstants.anchors,
+ certSelParams, &trustedCertList,
+ plContext),
+ PKIX_FAILTOSELECTCERTSFROMANCHORS);
+ PKIX_CHECK(
+ pkix_Build_RemoveDupUntrustedCerts(trustedCertList,
+ certsFound,
+ plContext),
+ PKIX_REMOVEDUPUNTRUSTEDCERTSFAILED);
+
+ PKIX_CHECK(
+ pkix_List_MergeLists(trustedCertList,
+ certsFound,
+ &state->candidateCerts,
+ plContext),
+ PKIX_LISTMERGEFAILED);
+
+ /* No, return the list we have gathered */
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->candidateCerts, &state->numCerts, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ state->certIndex = 0;
+
+cleanup:
+ PKIX_DECREF(trustedCertList);
+ PKIX_DECREF(certStore);
+ PKIX_DECREF(certsFound);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_UpdateDate
+ * DESCRIPTION:
+ *
+ * This function updates the validityDate contained in "state", for the current
+ * CertChain contained in "state", to include the validityDate of the
+ * candidateCert contained in "state". The validityDate of a chain is the
+ * earliest of all the notAfter dates contained in the respective Certificates.
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_UpdateDate(
+ PKIX_ForwardBuilderState *state,
+ void *plContext)
+{
+ PKIX_Boolean canBeCached = PKIX_FALSE;
+ PKIX_Int32 comparison = 0;
+ PKIX_PL_Date *notAfter = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_UpdateDate");
+ PKIX_NULLCHECK_ONE(state);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetCacheFlag
+ (state->candidateCert, &canBeCached, plContext),
+ PKIX_CERTGETCACHEFLAGFAILED);
+
+ state->canBeCached = state->canBeCached && canBeCached;
+ if (state->canBeCached == PKIX_TRUE) {
+
+ /*
+ * So far, all certs can be cached. Update cert
+ * chain validity time, which is the earliest of
+ * all certs' notAfter times.
+ */
+ PKIX_CHECK(PKIX_PL_Cert_GetValidityNotAfter
+ (state->candidateCert, &notAfter, plContext),
+ PKIX_CERTGETVALIDITYNOTAFTERFAILED);
+
+ if (state->validityDate == NULL) {
+ state->validityDate = notAfter;
+ notAfter = NULL;
+ } else {
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)state->validityDate,
+ (PKIX_PL_Object *)notAfter,
+ &comparison,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+ if (comparison > 0) {
+ PKIX_DECREF(state->validityDate);
+ state->validityDate = notAfter;
+ notAfter = NULL;
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(notAfter);
+
+ PKIX_RETURN(BUILD);
+}
+
+/* Prepare 'state' for the AIA round. */
+static void
+pkix_PrepareForwardBuilderStateForAIA(
+ PKIX_ForwardBuilderState *state)
+{
+ PORT_Assert(state->useOnlyLocal == PKIX_TRUE);
+ state->useOnlyLocal = PKIX_FALSE;
+ state->certStoreIndex = 0;
+ state->numFanout = state->buildConstants.maxFanout;
+ state->status = BUILD_TRYAIA;
+}
+
+extern SECStatus
+isIssuerCertAllowedAtCertIssuanceTime(CERTCertificate *issuerCert,
+ CERTCertificate *referenceCert);
+
+/*
+ * FUNCTION: pkix_BuildForwardDepthFirstSearch
+ * DESCRIPTION:
+ *
+ * This function performs a depth first search in the "forward" direction (from
+ * the target Cert to the trust anchor). A non-NULL targetCert must be stored
+ * in the ForwardBuilderState before this function is called. It is not written
+ * recursively since execution may be suspended in in any of several places
+ * pending completion of non-blocking I/O. This iterative structure makes it
+ * much easier to resume where it left off.
+ *
+ * Since the nature of the search is recursive, the recursion is handled by
+ * chaining states. That is, each new step involves creating a new
+ * ForwardBuilderState linked to its predecessor. If a step turns out to be
+ * fruitless, the state of the predecessor is restored and the next alternative
+ * is tried. When a search is successful, values needed from the last state
+ * (canBeCached and validityDate) are copied to the state provided by the
+ * caller, so that the caller can retrieve those values.
+ *
+ * There are three return arguments, the NBIOContext, the ValidateResult and
+ * the ForwardBuilderState. If NBIOContext is non-NULL, it means the search is
+ * suspended until the results of a non-blocking IO become available. The
+ * caller may wait for the completion using platform-dependent methods and then
+ * call this function again, allowing it to resume the search. If NBIOContext
+ * is NULL and the ValidateResult is non-NULL, it means the search has
+ * concluded successfully. If the NBIOContext is NULL but the ValidateResult is
+ * NULL, it means the search was unsuccessful.
+ *
+ * This function performs several steps at each node in the constructed chain:
+ *
+ * 1) It retrieves Certs from the registered CertStores that match the
+ * criteria established by the ForwardBuilderState pointed to by "state", such
+ * as a subject name matching the issuer name of the previous Cert. If there
+ * are no matching Certs, the function returns to the previous, or "parent",
+ * state and tries to continue the chain building with another of the Certs
+ * obtained from the CertStores as possible issuers for that parent Cert.
+ *
+ * 2) For each candidate Cert returned by the CertStores, this function checks
+ * whether the Cert is valid. If it is trusted, this function checks whether
+ * this Cert might serve as a TrustAnchor for a complete chain.
+ *
+ * 3) It determines whether this Cert, in conjunction with any of the
+ * TrustAnchors, might complete a chain. A complete chain, from this or the
+ * preceding step, is checked to see whether it is valid as a complete
+ * chain, including the checks that cannot be done in the forward direction.
+ *
+ * 4) If this Cert chains successfully, but is not a complete chain, that is,
+ * we have not reached a trusted Cert, a new ForwardBuilderState is created
+ * with this Cert as the immediate predecessor, and we continue in step (1),
+ * attempting to get Certs from the CertStores with this Certs "issuer" as
+ * their subject.
+ *
+ * 5) If an entire chain validates successfully, then we are done. A
+ * ValidateResult is created containing the Public Key of the target
+ * certificate (including DSA parameter inheritance, if any) and the
+ * PolicyNode representing the policy tree output by the validation algorithm,
+ * and stored at pValResult, and the function exits returning NULL.
+ *
+ * 5) If the entire chain does not validate successfully, the algorithm
+ * discards the latest Cert and continues in step 2 with the next candidate
+ * Cert, backing up to a parent state when no more possibilities exist at a
+ * given level, and returning failure when we try to back up but discover we
+ * are at the top level.
+ *
+ * PARAMETERS:
+ * "pNBIOContext"
+ * Address at which platform-dependent information is returned if building
+ * is suspended for non-blocking I/O. Must be non-NULL.
+ * "pState"
+ * Address at which input ForwardBuilderState is found, and at which output
+ * ForwardBuilderState is stored. Must be non-NULL.
+ * "pValResult"
+ * Address at which the ValidateResult is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_BuildForwardDepthFirstSearch(
+ void **pNBIOContext,
+ PKIX_ForwardBuilderState *state,
+ PKIX_ValidateResult **pValResult,
+ void *plContext)
+{
+ PKIX_Boolean outOfOptions = PKIX_FALSE;
+ PKIX_Boolean trusted = PKIX_FALSE;
+ PKIX_Boolean isSelfIssued = PKIX_FALSE;
+ PKIX_Boolean canBeCached = PKIX_FALSE;
+ PKIX_Boolean ioPending = PKIX_FALSE;
+ PKIX_PL_Date *validityDate = NULL;
+ PKIX_PL_Date *currTime = NULL;
+ PKIX_Int32 childTraversedCACerts = 0;
+ PKIX_UInt32 numSubjectNames = 0;
+ PKIX_UInt32 numChained = 0;
+ PKIX_Int32 cmpTimeResult = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_UInt32 certsSoFar = 0;
+ PKIX_List *childTraversedSubjNames = NULL;
+ PKIX_List *subjectNames = NULL;
+ PKIX_List *unfilteredCerts = NULL;
+ PKIX_List *filteredCerts = NULL;
+ PKIX_PL_Object *subjectName = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_ForwardBuilderState *childState = NULL;
+ PKIX_ForwardBuilderState *parentState = NULL;
+ PKIX_PL_Object *revCheckerState = NULL;
+ PKIX_ComCertSelParams *certSelParams = NULL;
+ PKIX_TrustAnchor *trustAnchor = NULL;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_PL_Cert *targetCert = NULL;
+ PKIX_VerifyNode *verifyNode = NULL;
+ PKIX_Error *verifyError = NULL;
+ PKIX_Error *finalError = NULL;
+ void *nbio = NULL;
+ PKIX_UInt32 numIterations = 0;
+
+ PKIX_ENTER(BUILD, "pkix_BuildForwardDepthFirstSearch");
+ PKIX_NULLCHECK_THREE(pNBIOContext, state, pValResult);
+
+ nbio = *pNBIOContext;
+ *pNBIOContext = NULL;
+ PKIX_INCREF(state->validityDate);
+ validityDate = state->validityDate;
+ canBeCached = state->canBeCached;
+ PKIX_DECREF(*pValResult);
+ targetCert = state->buildConstants.targetCert;
+
+ /*
+ * We return if successful; if we fall off the end
+ * of this "while" clause our search has failed.
+ */
+ while (outOfOptions == PKIX_FALSE) {
+ /*
+ * The maximum number of iterations works around a bug that
+ * causes this while loop to never exit when AIA and cross
+ * certificates are involved. See bug xxxxx.
+ */
+ if (numIterations++ > 250)
+ PKIX_ERROR(PKIX_TIMECONSUMEDEXCEEDSRESOURCELIMITS);
+
+ if (state->buildConstants.maxTime != 0) {
+ PKIX_DECREF(currTime);
+ PKIX_CHECK(PKIX_PL_Date_Create_UTCTime
+ (NULL, &currTime, plContext),
+ PKIX_DATECREATEUTCTIMEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)state->buildConstants.timeLimit,
+ (PKIX_PL_Object *)currTime,
+ &cmpTimeResult,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+
+ if (cmpTimeResult < 0) {
+ if (state->verifyNode != NULL) {
+ PKIX_ERROR_CREATE
+ (BUILD,
+ PKIX_TIMECONSUMEDEXCEEDSRESOURCELIMITS,
+ verifyError);
+ PKIX_CHECK_FATAL(pkix_VerifyNode_SetError
+ (state->verifyNode,
+ verifyError,
+ plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_DECREF(finalError);
+ finalError = verifyError;
+ verifyError = NULL;
+ }
+ /* Even if we logged error, we still have to abort */
+ PKIX_ERROR(PKIX_TIMECONSUMEDEXCEEDSRESOURCELIMITS);
+ }
+ }
+
+ if (state->status == BUILD_INITIAL) {
+
+ PKIX_CHECK(pkix_Build_BuildSelectorAndParams(state, plContext),
+ PKIX_BUILDBUILDSELECTORANDPARAMSFAILED);
+
+ /*
+ * If the caller supplied a partial certChain (hintCerts) try
+ * the next one from that List before we go to the certStores.
+ */
+ if (state->buildConstants.numHintCerts > 0) {
+ /* How many Certs does our trust chain have already? */
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->trustChain, &certsSoFar, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ /* That includes the target Cert. Don't count it. */
+ certsSoFar--;
+
+ /* Are we still within range of the partial chain? */
+ if (certsSoFar >= state->buildConstants.numHintCerts) {
+ state->status = BUILD_TRYAIA;
+ } else {
+ /*
+ * If we already have n certs, we want the n+1th
+ * (i.e., index = n) from the list of hints.
+ */
+ PKIX_DECREF(state->candidateCert);
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->buildConstants.hintCerts,
+ certsSoFar,
+ (PKIX_PL_Object **)&state->candidateCert,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (state->candidateCerts,
+ (PKIX_PL_Object *)state->candidateCert,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ state->numCerts = 1;
+ state->usingHintCerts = PKIX_TRUE;
+ state->status = BUILD_CERTVALIDATING;
+ }
+ } else {
+ state->status = BUILD_TRYAIA;
+ }
+
+ }
+
+ if (state->status == BUILD_TRYAIA) {
+ if (state->useOnlyLocal == PKIX_TRUE) {
+ state->status = BUILD_COLLECTINGCERTS;
+ } else {
+ state->status = BUILD_AIAPENDING;
+ }
+ }
+
+ if (state->status == BUILD_AIAPENDING &&
+ state->buildConstants.aiaMgr) {
+ pkixErrorResult = PKIX_PL_AIAMgr_GetAIACerts
+ (state->buildConstants.aiaMgr,
+ state->prevCert,
+ &nbio,
+ &unfilteredCerts,
+ plContext);
+
+ if (nbio != NULL) {
+ /* IO still pending, resume later */
+ *pNBIOContext = nbio;
+ goto cleanup;
+ }
+ state->numCerts = 0;
+ if (pkixErrorResult) {
+ pkixErrorClass = pkixErrorResult->errClass;
+ if (pkixErrorClass == PKIX_FATAL_ERROR) {
+ goto fatal;
+ }
+ PKIX_DECREF(finalError);
+ finalError = pkixErrorResult;
+ pkixErrorResult = NULL;
+ if (state->verifyNode != NULL) {
+ /* state->verifyNode is the object that contains a list
+ * of verifyNodes. verifyNodes contains cert chain
+ * build failures that occurred on this level of chain
+ * building. Here, creating new verify node
+ * to log the failure and adding it to the list. */
+ PKIX_CHECK_FATAL(pkix_VerifyNode_Create
+ (state->prevCert,
+ 0, NULL,
+ &verifyNode,
+ plContext),
+ PKIX_VERIFYNODECREATEFAILED);
+ PKIX_CHECK_FATAL(pkix_VerifyNode_SetError
+ (verifyNode, finalError, plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
+ (state->verifyNode,
+ verifyNode,
+ plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ }
+ }
+#ifdef PKIX_BUILDDEBUG
+ /* Turn this on to trace the List of Certs, before CertSelect */
+ {
+ PKIX_PL_String *unString;
+ char *unAscii;
+ PKIX_UInt32 length;
+ PKIX_TOSTRING
+ ((PKIX_PL_Object*)unfilteredCerts,
+ &unString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (unString,
+ PKIX_ESCASCII,
+ (void **)&unAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_DEBUG_ARG
+ ("unfilteredCerts = %s\n", unAscii);
+ PKIX_DECREF(unString);
+ PKIX_FREE(unAscii);
+ }
+#endif
+
+ /* Note: Certs winnowed here don't get into VerifyTree. */
+ if (unfilteredCerts) {
+ PKIX_CHECK(pkix_CertSelector_Select
+ (state->certSel,
+ unfilteredCerts,
+ &filteredCerts,
+ plContext),
+ PKIX_CERTSELECTORSELECTFAILED);
+
+ PKIX_DECREF(unfilteredCerts);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (filteredCerts, &(state->numCerts), plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+#ifdef PKIX_BUILDDEBUG
+ /* Turn this on to trace the List of Certs, after CertSelect */
+ {
+ PKIX_PL_String *unString;
+ char *unAscii;
+ PKIX_UInt32 length;
+ PKIX_TOSTRING
+ ((PKIX_PL_Object*)filteredCerts,
+ &unString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (unString,
+ PKIX_ESCASCII,
+ (void **)&unAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_DEBUG_ARG("filteredCerts = %s\n", unAscii);
+ PKIX_DECREF(unString);
+ PKIX_FREE(unAscii);
+ }
+#endif
+
+ PKIX_DECREF(state->candidateCerts);
+ state->candidateCerts = filteredCerts;
+ state->certIndex = 0;
+ filteredCerts = NULL;
+ }
+
+ /* Are there any Certs to try? */
+ if (state->numCerts > 0) {
+ state->status = BUILD_CERTVALIDATING;
+ } else {
+ state->status = BUILD_COLLECTINGCERTS;
+ }
+ }
+
+ PKIX_DECREF(certSelParams);
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (state->certSel, &certSelParams, plContext),
+ PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED);
+
+ /* **** Querying the CertStores ***** */
+ if ((state->status == BUILD_COLLECTINGCERTS) ||
+ (state->status == BUILD_GATHERPENDING)) {
+
+#if PKIX_FORWARDBUILDERSTATEDEBUG
+ PKIX_CHECK(pkix_ForwardBuilderState_DumpState
+ (state, plContext),
+ PKIX_FORWARDBUILDERSTATEDUMPSTATEFAILED);
+#endif
+
+ PKIX_CHECK(pkix_Build_GatherCerts
+ (state, certSelParams, &nbio, plContext),
+ PKIX_BUILDGATHERCERTSFAILED);
+
+ if (nbio != NULL) {
+ /* IO still pending, resume later */
+ *pNBIOContext = nbio;
+ goto cleanup;
+ }
+
+ /* Are there any Certs to try? */
+ if (state->numCerts > 0) {
+ state->status = BUILD_CERTVALIDATING;
+ } else {
+ state->status = BUILD_ABANDONNODE;
+ }
+ }
+
+ /* ****Phase 2 - Chain building***** */
+
+#if PKIX_FORWARDBUILDERSTATEDEBUG
+ PKIX_CHECK(pkix_ForwardBuilderState_DumpState(state, plContext),
+ PKIX_FORWARDBUILDERSTATEDUMPSTATEFAILED);
+#endif
+
+ if (state->status == BUILD_CERTVALIDATING) {
+ PKIX_DECREF(state->candidateCert);
+ PKIX_CHECK(PKIX_List_GetItem
+ (state->candidateCerts,
+ state->certIndex,
+ (PKIX_PL_Object **)&(state->candidateCert),
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (isIssuerCertAllowedAtCertIssuanceTime(
+ state->candidateCert->nssCert, targetCert->nssCert)
+ != SECSuccess) {
+ PKIX_ERROR(PKIX_CERTISBLACKLISTEDATISSUANCETIME);
+ }
+
+ if ((state->verifyNode) != NULL) {
+ PKIX_CHECK_FATAL(pkix_VerifyNode_Create
+ (state->candidateCert,
+ 0,
+ NULL,
+ &verifyNode,
+ plContext),
+ PKIX_VERIFYNODECREATEFAILED);
+ }
+
+ /* If failure, this function sets Error in verifyNode */
+ verifyError = pkix_Build_VerifyCertificate
+ (state,
+ state->buildConstants.userCheckers,
+ &trusted,
+ verifyNode,
+ plContext);
+
+ if (verifyError) {
+ pkixTempErrorReceived = PKIX_TRUE;
+ pkixErrorClass = verifyError->errClass;
+ if (pkixErrorClass == PKIX_FATAL_ERROR) {
+ pkixErrorResult = verifyError;
+ verifyError = NULL;
+ goto fatal;
+ }
+ }
+
+ if (PKIX_ERROR_RECEIVED) {
+ if (state->verifyNode != NULL) {
+ PKIX_CHECK_FATAL(pkix_VerifyNode_SetError
+ (verifyNode, verifyError, plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
+ (state->verifyNode,
+ verifyNode,
+ plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ }
+ pkixTempErrorReceived = PKIX_FALSE;
+ PKIX_DECREF(finalError);
+ finalError = verifyError;
+ verifyError = NULL;
+ if (state->certLoopingDetected) {
+ PKIX_ERROR
+ (PKIX_LOOPDISCOVEREDDUPCERTSNOTALLOWED);
+ }
+ state->status = BUILD_GETNEXTCERT;
+ } else {
+ state->status = BUILD_DATEPREP;
+ }
+ }
+
+ if (state->status == BUILD_DATEPREP) {
+ /* Keep track of whether this chain can be cached */
+ PKIX_CHECK(pkix_Build_UpdateDate(state, plContext),
+ PKIX_BUILDUPDATEDATEFAILED);
+
+ canBeCached = state->canBeCached;
+ PKIX_DECREF(validityDate);
+ PKIX_INCREF(state->validityDate);
+ validityDate = state->validityDate;
+ if (trusted == PKIX_TRUE) {
+ state->status = BUILD_CHECKTRUSTED;
+ } else {
+ state->status = BUILD_ADDTOCHAIN;
+ }
+ }
+
+ if (state->status == BUILD_CHECKTRUSTED) {
+
+ /*
+ * If this cert is trusted, try to validate the entire
+ * chain using this certificate as trust anchor.
+ */
+ PKIX_CHECK(PKIX_TrustAnchor_CreateWithCert
+ (state->candidateCert,
+ &trustAnchor,
+ plContext),
+ PKIX_TRUSTANCHORCREATEWITHCERTFAILED);
+
+ PKIX_CHECK(pkix_Build_ValidationCheckers
+ (state,
+ state->trustChain,
+ trustAnchor,
+ PKIX_FALSE, /* do not add eku checker
+ * since eku was already
+ * checked */
+ plContext),
+ PKIX_BUILDVALIDATIONCHECKERSFAILED);
+
+ state->status = BUILD_CHECKTRUSTED2;
+ }
+
+ if (state->status == BUILD_CHECKTRUSTED2) {
+ verifyError =
+ pkix_Build_ValidateEntireChain(state,
+ trustAnchor,
+ &nbio, &valResult,
+ verifyNode,
+ plContext);
+ if (nbio != NULL) {
+ /* IO still pending, resume later */
+ goto cleanup;
+ } else {
+ /* checking the error for fatal status */
+ if (verifyError) {
+ pkixTempErrorReceived = PKIX_TRUE;
+ pkixErrorClass = verifyError->errClass;
+ if (pkixErrorClass == PKIX_FATAL_ERROR) {
+ pkixErrorResult = verifyError;
+ verifyError = NULL;
+ goto fatal;
+ }
+ }
+ if (state->verifyNode != NULL) {
+ PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
+ (state->verifyNode,
+ verifyNode,
+ plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ }
+ if (!PKIX_ERROR_RECEIVED) {
+ *pValResult = valResult;
+ valResult = NULL;
+ /* Change state so IsIOPending is FALSE */
+ state->status = BUILD_CHECKTRUSTED;
+ goto cleanup;
+ }
+ PKIX_DECREF(finalError);
+ finalError = verifyError;
+ verifyError = NULL;
+ /* Reset temp error that was set by
+ * PKIX_CHECK_ONLY_FATAL and continue */
+ pkixTempErrorReceived = PKIX_FALSE;
+ PKIX_DECREF(trustAnchor);
+ }
+
+ /*
+ * If chain doesn't validate with a trusted Cert,
+ * adding more Certs to it can't help.
+ */
+ if (state->certLoopingDetected) {
+ PKIX_DECREF(verifyError);
+ PKIX_ERROR_CREATE(BUILD,
+ PKIX_LOOPDISCOVEREDDUPCERTSNOTALLOWED,
+ verifyError);
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_SetError(state->verifyNode,
+ verifyError,
+ plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_DECREF(verifyError);
+ }
+ state->status = BUILD_GETNEXTCERT;
+ }
+
+ /*
+ * This Cert was not trusted. Add it to our chain, and
+ * continue building. If we don't reach a trust anchor,
+ * we'll take it off later and continue without it.
+ */
+ if (state->status == BUILD_ADDTOCHAIN) {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (state->trustChain,
+ (PKIX_PL_Object *)state->candidateCert,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ state->status = BUILD_EXTENDCHAIN;
+ }
+
+ if (state->status == BUILD_EXTENDCHAIN) {
+
+ /* Check whether we are allowed to extend the chain */
+ if ((state->buildConstants.maxDepth != 0) &&
+ (state->numDepth <= 1)) {
+
+ if (state->verifyNode != NULL) {
+ PKIX_ERROR_CREATE
+ (BUILD,
+ PKIX_DEPTHWOULDEXCEEDRESOURCELIMITS,
+ verifyError);
+ PKIX_CHECK_FATAL(pkix_VerifyNode_SetError
+ (verifyNode, verifyError, plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
+ (state->verifyNode, verifyNode, plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ PKIX_DECREF(finalError);
+ finalError = verifyError;
+ verifyError = NULL;
+ }
+ /* Even if error logged, still need to abort */
+ PKIX_ERROR(PKIX_DEPTHWOULDEXCEEDRESOURCELIMITS);
+ }
+
+ PKIX_CHECK(pkix_IsCertSelfIssued
+ (state->candidateCert, &isSelfIssued, plContext),
+ PKIX_ISCERTSELFISSUEDFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)state->traversedSubjNames,
+ (PKIX_PL_Object **)&childTraversedSubjNames,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ if (isSelfIssued) {
+ childTraversedCACerts = state->traversedCACerts;
+ } else {
+ childTraversedCACerts = state->traversedCACerts + 1;
+
+ PKIX_CHECK(PKIX_PL_Cert_GetAllSubjectNames
+ (state->candidateCert,
+ &subjectNames,
+ plContext),
+ PKIX_CERTGETALLSUBJECTNAMESFAILED);
+
+ if (subjectNames) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (subjectNames,
+ &numSubjectNames,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ } else {
+ numSubjectNames = 0;
+ }
+
+ for (i = 0; i < numSubjectNames; i++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (subjectNames,
+ i,
+ &subjectName,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+ PKIX_NULLCHECK_ONE
+ (state->traversedSubjNames);
+ PKIX_CHECK(PKIX_List_AppendItem
+ (state->traversedSubjNames,
+ subjectName,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(subjectName);
+ }
+ PKIX_DECREF(subjectNames);
+ }
+
+ PKIX_CHECK(pkix_ForwardBuilderState_Create
+ (childTraversedCACerts,
+ state->buildConstants.maxFanout,
+ state->numDepth - 1,
+ canBeCached,
+ validityDate,
+ state->candidateCert,
+ childTraversedSubjNames,
+ state->trustChain,
+ state,
+ &childState,
+ plContext),
+ PKIX_FORWARDBUILDSTATECREATEFAILED);
+
+ PKIX_DECREF(childTraversedSubjNames);
+ PKIX_DECREF(certSelParams);
+ childState->verifyNode = verifyNode;
+ verifyNode = NULL;
+ PKIX_DECREF(state);
+ state = childState; /* state->status == BUILD_INITIAL */
+ childState = NULL;
+ continue; /* with while (!outOfOptions) */
+ }
+
+ if (state->status == BUILD_GETNEXTCERT) {
+ pkixTempErrorReceived = PKIX_FALSE;
+ PKIX_DECREF(state->candidateCert);
+
+ /*
+ * If we were using a Cert from the callier-supplied partial
+ * chain, delete it and go to the certStores.
+ */
+ if (state->usingHintCerts == PKIX_TRUE) {
+ PKIX_DECREF(state->candidateCerts);
+ PKIX_CHECK(PKIX_List_Create
+ (&state->candidateCerts, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ state->numCerts = 0;
+ state->usingHintCerts = PKIX_FALSE;
+ state->status = BUILD_TRYAIA;
+ continue;
+ } else if (++(state->certIndex) < (state->numCerts)) {
+ if ((state->buildConstants.maxFanout != 0) &&
+ (--(state->numFanout) == 0)) {
+
+ if (state->verifyNode != NULL) {
+ PKIX_ERROR_CREATE
+ (BUILD,
+ PKIX_FANOUTEXCEEDSRESOURCELIMITS,
+ verifyError);
+ PKIX_CHECK_FATAL
+ (pkix_VerifyNode_SetError
+ (state->verifyNode,
+ verifyError,
+ plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_DECREF(finalError);
+ finalError = verifyError;
+ verifyError = NULL;
+ }
+ /* Even if error logged, still need to abort */
+ PKIX_ERROR
+ (PKIX_FANOUTEXCEEDSRESOURCELIMITS);
+ }
+ state->status = BUILD_CERTVALIDATING;
+ continue;
+ }
+ }
+
+ /*
+ * Adding the current cert to the chain didn't help. If our search
+ * has been restricted to local certStores, try opening up the
+ * search and see whether that helps. Otherwise, back up to the
+ * parent cert, and see if there are any more to try.
+ */
+ if (state->useOnlyLocal == PKIX_TRUE) {
+ pkix_PrepareForwardBuilderStateForAIA(state);
+ } else do {
+ if (state->parentState == NULL) {
+ /* We are at the top level, and can't back up! */
+ outOfOptions = PKIX_TRUE;
+ } else {
+ /*
+ * Try the next cert, if any, for this parent.
+ * Otherwise keep backing up until we reach a
+ * parent with more certs to try.
+ */
+ PKIX_CHECK(PKIX_List_GetLength
+ (state->trustChain, &numChained, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ PKIX_CHECK(PKIX_List_DeleteItem
+ (state->trustChain, numChained - 1, plContext),
+ PKIX_LISTDELETEITEMFAILED);
+
+ /* local and aia fetching returned no good certs.
+ * Creating a verify node in the parent that tells
+ * us this. */
+ if (!state->verifyNode) {
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_Create(state->prevCert,
+ 0, NULL,
+ &state->verifyNode,
+ plContext),
+ PKIX_VERIFYNODECREATEFAILED);
+ }
+ /* Updating the log with the error. */
+ PKIX_DECREF(verifyError);
+ PKIX_ERROR_CREATE(BUILD, PKIX_SECERRORUNKNOWNISSUER,
+ verifyError);
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_SetError(state->verifyNode,
+ verifyError,
+ plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ PKIX_DECREF(verifyError);
+
+ PKIX_INCREF(state->parentState);
+ parentState = state->parentState;
+ PKIX_DECREF(verifyNode);
+ verifyNode = state->verifyNode;
+ state->verifyNode = NULL;
+ PKIX_DECREF(state);
+ state = parentState;
+ parentState = NULL;
+ if (state->verifyNode != NULL && verifyNode) {
+ PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
+ (state->verifyNode,
+ verifyNode,
+ plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ }
+ PKIX_DECREF(validityDate);
+ PKIX_INCREF(state->validityDate);
+ validityDate = state->validityDate;
+ canBeCached = state->canBeCached;
+
+ /* Are there any more Certs to try? */
+ if (++(state->certIndex) < (state->numCerts)) {
+ state->status = BUILD_CERTVALIDATING;
+ PKIX_DECREF(state->candidateCert);
+ break;
+ }
+ if (state->useOnlyLocal == PKIX_TRUE) {
+ /* Clean up and go for AIA round. */
+ pkix_PrepareForwardBuilderStateForAIA(state);
+ break;
+ }
+ }
+ PKIX_DECREF(state->candidateCert);
+ } while (outOfOptions == PKIX_FALSE);
+
+ } /* while (outOfOptions == PKIX_FALSE) */
+
+cleanup:
+
+ if (pkixErrorClass == PKIX_FATAL_ERROR) {
+ goto fatal;
+ }
+
+ /* verifyNode should be equal to NULL at this point. Assert it.
+ * Temporarelly use verifyError to store an error ref to which we
+ * have in pkixErrorResult. This is done to prevent error cloberring
+ * while using macros below. */
+ PORT_Assert(verifyError == NULL);
+ verifyError = pkixErrorResult;
+
+ /*
+ * We were called with an initialState that had no parent. If we are
+ * returning with an error or with a result, we must destroy any state
+ * that we created (any state with a parent).
+ */
+
+ PKIX_CHECK_FATAL(pkix_ForwardBuilderState_IsIOPending
+ (state, &ioPending, plContext),
+ PKIX_FORWARDBUILDERSTATEISIOPENDINGFAILED);
+
+ if (ioPending == PKIX_FALSE) {
+ while (state->parentState) {
+ PKIX_INCREF(state->parentState);
+ parentState = state->parentState;
+ PKIX_DECREF(verifyNode);
+ verifyNode = state->verifyNode;
+ state->verifyNode = NULL;
+ PKIX_DECREF(state);
+ state = parentState;
+ parentState = NULL;
+ if (state->verifyNode != NULL && verifyNode) {
+ PKIX_CHECK_FATAL(pkix_VerifyNode_AddToTree
+ (state->verifyNode,
+ verifyNode,
+ plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ }
+ }
+ state->canBeCached = canBeCached;
+ PKIX_DECREF(state->validityDate);
+ state->validityDate = validityDate;
+ validityDate = NULL;
+ }
+ if (!*pValResult && !verifyError) {
+ if (!finalError) {
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_FindError(state->verifyNode,
+ &finalError,
+ plContext),
+ PKIX_VERIFYNODEFINDERRORFAILED);
+ }
+ if (finalError) {
+ pkixErrorResult = finalError;
+ pkixErrorCode = PKIX_BUILDFORWARDDEPTHFIRSTSEARCHFAILED;
+ finalError = NULL;
+ goto fatal;
+ }
+ pkixErrorCode = PKIX_SECERRORUNKNOWNISSUER;
+ pkixErrorReceived = PKIX_TRUE;
+ PKIX_ERROR_CREATE(BUILD, PKIX_SECERRORUNKNOWNISSUER,
+ verifyError);
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_SetError(state->verifyNode, verifyError,
+ plContext),
+ PKIX_VERIFYNODESETERRORFAILED);
+ } else {
+ pkixErrorResult = verifyError;
+ verifyError = NULL;
+ }
+
+fatal:
+ if (state->parentState) {
+ /* parentState in "state" object should be NULL at this point.
+ * If itn't, that means that we got fatal error(we have jumped to
+ * "fatal" label) and we should destroy all state except the top one. */
+ while (state->parentState) {
+ PKIX_Error *error = NULL;
+ PKIX_ForwardBuilderState *prntState = state->parentState;
+ /* Dumb: need to increment parentState to avoid destruction
+ * of "build constants"(they get destroyed when parentState is
+ * set to NULL. */
+ PKIX_INCREF(prntState);
+ error = PKIX_PL_Object_DecRef((PKIX_PL_Object*)state, plContext);
+ if (error) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)error, plContext);
+ }
+ /* No need to decref the parent state. It was already done by
+ * pkix_ForwardBuilderState_Destroy function. */
+ state = prntState;
+ }
+ }
+ PKIX_DECREF(parentState);
+ PKIX_DECREF(childState);
+ PKIX_DECREF(valResult);
+ PKIX_DECREF(verifyError);
+ PKIX_DECREF(finalError);
+ PKIX_DECREF(verifyNode);
+ PKIX_DECREF(childTraversedSubjNames);
+ PKIX_DECREF(certSelParams);
+ PKIX_DECREF(subjectNames);
+ PKIX_DECREF(subjectName);
+ PKIX_DECREF(trustAnchor);
+ PKIX_DECREF(validityDate);
+ PKIX_DECREF(revCheckerState);
+ PKIX_DECREF(currTime);
+ PKIX_DECREF(filteredCerts);
+ PKIX_DECREF(unfilteredCerts);
+ PKIX_DECREF(trustedCert);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_CheckInCache
+ * DESCRIPTION:
+ *
+ * The function tries to locate a chain for a cert in the cert chain cache.
+ * If found, the chain goes through revocation chacking and returned back to
+ * caller. Chains that fail revocation check get removed from cache.
+ *
+ * PARAMETERS:
+ * "state"
+ * Address of ForwardBuilderState to be used. Must be non-NULL.
+ * "pBuildResult"
+ * Address at which the BuildResult is stored, after a successful build.
+ * Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which the NBIOContext is stored indicating whether the
+ * validation is complete. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error*
+pkix_Build_CheckInCache(
+ PKIX_ForwardBuilderState *state,
+ PKIX_BuildResult **pBuildResult,
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_PL_Cert *targetCert = NULL;
+ PKIX_List *anchors = NULL;
+ PKIX_PL_Date *testDate = NULL;
+ PKIX_BuildResult *buildResult = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_Error *buildError = NULL;
+ PKIX_TrustAnchor *matchingAnchor = NULL;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_List *certList = NULL;
+ PKIX_Boolean cacheHit = PKIX_FALSE;
+ PKIX_Boolean trusted = PKIX_FALSE;
+ PKIX_Boolean stillValid = PKIX_FALSE;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_CheckInCache");
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ targetCert = state->buildConstants.targetCert;
+ anchors = state->buildConstants.anchors;
+ testDate = state->buildConstants.testDate;
+
+ /* Check whether this cert verification has been cached. */
+ PKIX_CHECK(pkix_CacheCertChain_Lookup
+ (targetCert,
+ anchors,
+ testDate,
+ &cacheHit,
+ &buildResult,
+ plContext),
+ PKIX_CACHECERTCHAINLOOKUPFAILED);
+
+ if (!cacheHit) {
+ goto cleanup;
+ }
+
+ /*
+ * We found something in cache. Verify that the anchor
+ * cert is still trusted,
+ */
+ PKIX_CHECK(PKIX_BuildResult_GetValidateResult
+ (buildResult, &valResult, plContext),
+ PKIX_BUILDRESULTGETVALIDATERESULTFAILED);
+
+ PKIX_CHECK(PKIX_ValidateResult_GetTrustAnchor
+ (valResult, &matchingAnchor, plContext),
+ PKIX_VALIDATERESULTGETTRUSTANCHORFAILED);
+
+ PKIX_DECREF(valResult);
+
+ PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
+ (matchingAnchor, &trustedCert, plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+
+ if (anchors && state->buildConstants.numAnchors) {
+ /* Check if it is one of the trust anchors */
+ PKIX_CHECK(
+ pkix_List_Contains(anchors,
+ (PKIX_PL_Object *)matchingAnchor,
+ &trusted,
+ plContext),
+ PKIX_LISTCONTAINSFAILED);
+ }
+
+ if ((!trusted && !state->buildConstants.trustOnlyUserAnchors) ||
+ !state->buildConstants.numAnchors) {
+ /* If it is not one of the trust anchors and the trust anchors
+ * are supplemental, or if there are no trust anchors, then check
+ * if the cert is trusted directly.
+ */
+ PKIX_CHECK(
+ PKIX_PL_Cert_IsCertTrusted(trustedCert,
+ PKIX_PL_TrustAnchorMode_Ignore,
+ &trusted, plContext),
+ PKIX_CERTISCERTTRUSTEDFAILED);
+ }
+
+ if (!trusted) {
+ goto cleanup;
+ }
+ /*
+ * Since the key usage may vary for different
+ * applications, we need to verify the chain again.
+ * Reverification will be improved with a fix for 397805.
+ */
+ PKIX_CHECK(PKIX_BuildResult_GetCertChain
+ (buildResult, &certList, plContext),
+ PKIX_BUILDRESULTGETCERTCHAINFAILED);
+
+ PKIX_CHECK(pkix_Build_ValidationCheckers
+ (state,
+ certList,
+ matchingAnchor,
+ PKIX_TRUE, /* Chain revalidation stage. */
+ plContext),
+ PKIX_BUILDVALIDATIONCHECKERSFAILED);
+
+ PKIX_CHECK_ONLY_FATAL(
+ pkix_Build_ValidateEntireChain(state, matchingAnchor,
+ &nbioContext, &valResult,
+ state->verifyNode, plContext),
+ PKIX_BUILDVALIDATEENTIRECHAINFAILED);
+
+ if (nbioContext != NULL) {
+ /* IO still pending, resume later */
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+ if (!PKIX_ERROR_RECEIVED) {
+ /* The result from cache is still valid. But we replace an old*/
+ *pBuildResult = buildResult;
+ buildResult = NULL;
+ stillValid = PKIX_TRUE;
+ }
+
+cleanup:
+
+ if (!nbioContext && cacheHit && !(trusted && stillValid)) {
+ /* The anchor of this chain is no longer trusted or
+ * chain cert(s) has been revoked.
+ * Invalidate this result in the cache */
+ buildError = pkixErrorResult;
+ PKIX_CHECK_FATAL(pkix_CacheCertChain_Remove
+ (targetCert,
+ anchors,
+ plContext),
+ PKIX_CACHECERTCHAINREMOVEFAILED);
+ pkixErrorResult = buildError;
+ buildError = NULL;
+ }
+
+fatal:
+ PKIX_DECREF(buildResult);
+ PKIX_DECREF(valResult);
+ PKIX_DECREF(buildError);
+ PKIX_DECREF(certList);
+ PKIX_DECREF(matchingAnchor);
+ PKIX_DECREF(trustedCert);
+
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_InitiateBuildChain
+ * DESCRIPTION:
+ *
+ * This function initiates the search for a BuildChain, using the parameters
+ * provided in "procParams" and, if continuing a search that was suspended
+ * for I/O, using the ForwardBuilderState pointed to by "pState".
+ *
+ * If a successful chain is built, this function stores the BuildResult at
+ * "pBuildResult". Alternatively, if an operation using non-blocking I/O
+ * is in progress and the operation has not been completed, this function
+ * stores the platform-dependent non-blocking I/O context (nbioContext) at
+ * "pNBIOContext", the FowardBuilderState at "pState", and NULL at
+ * "pBuildResult". Finally, if chain building was unsuccessful, this function
+ * stores NULL at both "pState" and at "pBuildResult".
+ *
+ * Note: This function is re-entered only for the case of non-blocking I/O
+ * in the "short-cut" attempt to build a chain using the target Certificate
+ * directly with one of the trustAnchors. For all other cases, resumption
+ * after non-blocking I/O is via pkix_Build_ResumeBuildChain.
+ *
+ * PARAMETERS:
+ * "procParams"
+ * Address of the ProcessingParams for the search. Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which the NBIOContext is stored indicating whether the
+ * validation is complete. Must be non-NULL.
+ * "pState"
+ * Address at which the ForwardBuilderState is stored, if the chain
+ * building is suspended for waiting I/O; also, the address at which the
+ * ForwardBuilderState is provided for resumption of the chain building
+ * attempt. Must be non-NULL.
+ * "pBuildResult"
+ * Address at which the BuildResult is stored, after a successful build.
+ * Must be non-NULL.
+ * "pVerifyNode"
+ * Address at which a VerifyNode chain is returned, if non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_InitiateBuildChain(
+ PKIX_ProcessingParams *procParams,
+ void **pNBIOContext,
+ PKIX_ForwardBuilderState **pState,
+ PKIX_BuildResult **pBuildResult,
+ PKIX_VerifyNode **pVerifyNode,
+ void *plContext)
+{
+ PKIX_UInt32 numAnchors = 0;
+ PKIX_UInt32 numCertStores = 0;
+ PKIX_UInt32 numHintCerts = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_Boolean isDuplicate = PKIX_FALSE;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_CertSelector *targetConstraints = NULL;
+ PKIX_ComCertSelParams *targetParams = NULL;
+ PKIX_List *anchors = NULL;
+ PKIX_List *targetSubjNames = NULL;
+ PKIX_PL_Cert *targetCert = NULL;
+ PKIX_PL_Object *firstHintCert = NULL;
+ PKIX_RevocationChecker *revChecker = NULL;
+ PKIX_List *certStores = NULL;
+ PKIX_CertStore *certStore = NULL;
+ PKIX_List *userCheckers = NULL;
+ PKIX_List *hintCerts = NULL;
+ PKIX_PL_Date *testDate = NULL;
+ PKIX_PL_PublicKey *targetPubKey = NULL;
+ void *nbioContext = NULL;
+ BuildConstants buildConstants;
+
+ PKIX_List *tentativeChain = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_BuildResult *buildResult = NULL;
+ PKIX_List *certList = NULL;
+ PKIX_ForwardBuilderState *state = NULL;
+ PKIX_CertStore_CheckTrustCallback trustCallback = NULL;
+ PKIX_CertSelector_MatchCallback selectorCallback = NULL;
+ PKIX_Boolean trusted = PKIX_FALSE;
+ PKIX_PL_AIAMgr *aiaMgr = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_InitiateBuildChain");
+ PKIX_NULLCHECK_FOUR(procParams, pNBIOContext, pState, pBuildResult);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ state = *pState;
+ *pState = NULL; /* no net change in reference count */
+
+ if (state == NULL) {
+ PKIX_CHECK(PKIX_ProcessingParams_GetDate
+ (procParams, &testDate, plContext),
+ PKIX_PROCESSINGPARAMSGETDATEFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetTrustAnchors
+ (procParams, &anchors, plContext),
+ PKIX_PROCESSINGPARAMSGETTRUSTANCHORSFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(anchors, &numAnchors, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ /* retrieve stuff from targetCertConstraints */
+ PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraints
+ (procParams, &targetConstraints, plContext),
+ PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (targetConstraints, &targetParams, plContext),
+ PKIX_CERTSELECTORGETCOMMONCERTSELECTORPARAMSFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetCertificate
+ (targetParams, &targetCert, plContext),
+ PKIX_COMCERTSELPARAMSGETCERTIFICATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_SetLeafCertFlag(targetParams,
+ PKIX_TRUE, plContext),
+ PKIX_COMCERTSELPARAMSSETLEAFCERTFLAGFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetHintCerts
+ (procParams, &hintCerts, plContext),
+ PKIX_PROCESSINGPARAMSGETHINTCERTSFAILED);
+
+ if (hintCerts != NULL) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (hintCerts, &numHintCerts, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ /*
+ * Caller must provide either a target Cert
+ * (in ComCertSelParams->Certificate) or a partial Cert
+ * chain (in ProcParams->HintCerts).
+ */
+
+ if (targetCert == NULL) {
+
+ /* Use first cert of hintCerts as the targetCert */
+ if (numHintCerts == 0) {
+ PKIX_ERROR(PKIX_NOTARGETCERTSUPPLIED);
+ }
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (hintCerts,
+ 0,
+ (PKIX_PL_Object **)&targetCert,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_DeleteItem(hintCerts, 0, plContext),
+ PKIX_LISTGETITEMFAILED);
+ } else {
+
+ /*
+ * If the first hintCert is the same as the targetCert,
+ * delete it from hintCerts.
+ */
+ if (numHintCerts != 0) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (hintCerts, 0, &firstHintCert, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)targetCert,
+ firstHintCert,
+ &isDuplicate,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (isDuplicate) {
+ PKIX_CHECK(PKIX_List_DeleteItem
+ (hintCerts, 0, plContext),
+ PKIX_LISTGETITEMFAILED);
+ }
+ PKIX_DECREF(firstHintCert);
+ }
+
+ }
+
+ if (targetCert == NULL) {
+ PKIX_ERROR(PKIX_NOTARGETCERTSUPPLIED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Cert_IsLeafCertTrusted
+ (targetCert,
+ &trusted,
+ plContext),
+ PKIX_CERTISCERTTRUSTEDFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetAllSubjectNames
+ (targetCert,
+ &targetSubjNames,
+ plContext),
+ PKIX_CERTGETALLSUBJECTNAMESFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (targetCert, &targetPubKey, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&tentativeChain, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (tentativeChain, (PKIX_PL_Object *)targetCert, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ if (procParams->qualifyTargetCert) {
+ /* EE cert validation */
+ /* Sync up the time on the target selector parameter struct. */
+ PKIX_CHECK(
+ PKIX_ComCertSelParams_SetCertificateValid(targetParams,
+ testDate,
+ plContext),
+ PKIX_COMCERTSELPARAMSSETCERTIFICATEVALIDFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
+ (targetConstraints, &selectorCallback, plContext),
+ PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
+
+ pkixErrorResult =
+ (*selectorCallback)(targetConstraints, targetCert,
+ plContext);
+ if (pkixErrorResult) {
+ pkixErrorClass = pkixErrorResult->errClass;
+ if (pkixErrorClass == PKIX_FATAL_ERROR) {
+ goto cleanup;
+ }
+ if (pVerifyNode != NULL) {
+ PKIX_Error *tempResult =
+ pkix_VerifyNode_Create(targetCert, 0,
+ pkixErrorResult,
+ pVerifyNode,
+ plContext);
+ if (tempResult) {
+ PKIX_DECREF(pkixErrorResult);
+ pkixErrorResult = tempResult;
+ pkixErrorCode = PKIX_VERIFYNODECREATEFAILED;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+ }
+ }
+ pkixErrorCode = PKIX_CERTCHECKVALIDITYFAILED;
+ goto cleanup;
+ }
+ }
+
+ /* If the EE cert is trusted, force success. We only want to do
+ * this if we aren't validating against a policy (like EV). */
+ if (trusted && procParams->initialPolicies == NULL) {
+ if (pVerifyNode != NULL) {
+ PKIX_Error *tempResult =
+ pkix_VerifyNode_Create(targetCert, 0, NULL,
+ pVerifyNode,
+ plContext);
+ if (tempResult) {
+ pkixErrorResult = tempResult;
+ pkixErrorCode = PKIX_VERIFYNODECREATEFAILED;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+ }
+ }
+ PKIX_CHECK(pkix_ValidateResult_Create
+ (targetPubKey, NULL /* anchor */,
+ NULL /* policyTree */, &valResult, plContext),
+ PKIX_VALIDATERESULTCREATEFAILED);
+ PKIX_CHECK(
+ pkix_BuildResult_Create(valResult, tentativeChain,
+ &buildResult, plContext),
+ PKIX_BUILDRESULTCREATEFAILED);
+ *pBuildResult = buildResult;
+ /* Note that *pState is NULL. The only side effect is that
+ * the cert chain won't be cached in PKIX_BuildChain, which
+ * is fine. */
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
+ (procParams, &certStores, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (certStores, &numCertStores, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ /* Reorder CertStores so trusted are at front of the List */
+ if (numCertStores > 1) {
+ for (i = numCertStores - 1; i > 0; i--) {
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_GetItem
+ (certStores,
+ i,
+ (PKIX_PL_Object **)&certStore,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+ PKIX_CHECK_ONLY_FATAL(PKIX_CertStore_GetTrustCallback
+ (certStore, &trustCallback, plContext),
+ PKIX_CERTSTOREGETTRUSTCALLBACKFAILED);
+
+ if (trustCallback != NULL) {
+ /* Is a trusted Cert, move CertStore to front */
+ PKIX_CHECK(PKIX_List_DeleteItem
+ (certStores, i, plContext),
+ PKIX_LISTDELETEITEMFAILED);
+ PKIX_CHECK(PKIX_List_InsertItem
+ (certStores,
+ 0,
+ (PKIX_PL_Object *)certStore,
+ plContext),
+ PKIX_LISTINSERTITEMFAILED);
+
+ }
+
+ PKIX_DECREF(certStore);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertChainCheckers
+ (procParams, &userCheckers, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTCHAINCHECKERSFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetRevocationChecker
+ (procParams, &revChecker, plContext),
+ PKIX_PROCESSINGPARAMSGETREVOCATIONCHECKERFAILED);
+ /* Do not initialize AIA manager if we are not going to fetch
+ * cert using aia url. */
+ if (procParams->useAIAForCertFetching) {
+ PKIX_CHECK(PKIX_PL_AIAMgr_Create(&aiaMgr, plContext),
+ PKIX_AIAMGRCREATEFAILED);
+ }
+
+ /*
+ * We initialize all the fields of buildConstants here, in one place,
+ * just to help keep track and ensure that we got everything.
+ */
+
+ buildConstants.numAnchors = numAnchors;
+ buildConstants.numCertStores = numCertStores;
+ buildConstants.numHintCerts = numHintCerts;
+ buildConstants.procParams = procParams;
+ buildConstants.testDate = testDate;
+ buildConstants.timeLimit = NULL;
+ buildConstants.targetCert = targetCert;
+ buildConstants.targetPubKey = targetPubKey;
+ buildConstants.certStores = certStores;
+ buildConstants.anchors = anchors;
+ buildConstants.userCheckers = userCheckers;
+ buildConstants.hintCerts = hintCerts;
+ buildConstants.revChecker = revChecker;
+ buildConstants.aiaMgr = aiaMgr;
+ buildConstants.trustOnlyUserAnchors =
+ procParams->useOnlyTrustAnchors;
+
+ PKIX_CHECK(pkix_Build_GetResourceLimits(&buildConstants, plContext),
+ PKIX_BUILDGETRESOURCELIMITSFAILED);
+
+ PKIX_CHECK(pkix_ForwardBuilderState_Create
+ (0, /* PKIX_UInt32 traversedCACerts */
+ buildConstants.maxFanout,
+ buildConstants.maxDepth,
+ PKIX_TRUE, /* PKIX_Boolean canBeCached */
+ NULL, /* PKIX_Date *validityDate */
+ targetCert, /* PKIX_PL_Cert *prevCert */
+ targetSubjNames, /* PKIX_List *traversedSubjNames */
+ tentativeChain, /* PKIX_List *trustChain */
+ NULL, /* PKIX_ForwardBuilderState *parent */
+ &state, /* PKIX_ForwardBuilderState **pState */
+ plContext),
+ PKIX_BUILDSTATECREATEFAILED);
+
+ state->buildConstants.numAnchors = buildConstants.numAnchors;
+ state->buildConstants.numCertStores = buildConstants.numCertStores;
+ state->buildConstants.numHintCerts = buildConstants.numHintCerts;
+ state->buildConstants.maxFanout = buildConstants.maxFanout;
+ state->buildConstants.maxDepth = buildConstants.maxDepth;
+ state->buildConstants.maxTime = buildConstants.maxTime;
+ state->buildConstants.procParams = buildConstants.procParams;
+ PKIX_INCREF(buildConstants.testDate);
+ state->buildConstants.testDate = buildConstants.testDate;
+ state->buildConstants.timeLimit = buildConstants.timeLimit;
+ PKIX_INCREF(buildConstants.targetCert);
+ state->buildConstants.targetCert = buildConstants.targetCert;
+ PKIX_INCREF(buildConstants.targetPubKey);
+ state->buildConstants.targetPubKey =
+ buildConstants.targetPubKey;
+ PKIX_INCREF(buildConstants.certStores);
+ state->buildConstants.certStores = buildConstants.certStores;
+ PKIX_INCREF(buildConstants.anchors);
+ state->buildConstants.anchors = buildConstants.anchors;
+ PKIX_INCREF(buildConstants.userCheckers);
+ state->buildConstants.userCheckers =
+ buildConstants.userCheckers;
+ PKIX_INCREF(buildConstants.hintCerts);
+ state->buildConstants.hintCerts = buildConstants.hintCerts;
+ PKIX_INCREF(buildConstants.revChecker);
+ state->buildConstants.revChecker = buildConstants.revChecker;
+ state->buildConstants.aiaMgr = buildConstants.aiaMgr;
+ aiaMgr = NULL;
+ state->buildConstants.trustOnlyUserAnchors =
+ buildConstants.trustOnlyUserAnchors;
+
+ if (buildConstants.maxTime != 0) {
+ PKIX_CHECK(PKIX_PL_Date_Create_CurrentOffBySeconds
+ (buildConstants.maxTime,
+ &state->buildConstants.timeLimit,
+ plContext),
+ PKIX_DATECREATECURRENTOFFBYSECONDSFAILED);
+ }
+
+ if (pVerifyNode != NULL) {
+ PKIX_Error *tempResult =
+ pkix_VerifyNode_Create(targetCert, 0, NULL,
+ &(state->verifyNode),
+ plContext);
+ if (tempResult) {
+ pkixErrorResult = tempResult;
+ pkixErrorCode = PKIX_VERIFYNODECREATEFAILED;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+ }
+ }
+
+ PKIX_CHECK_ONLY_FATAL(
+ pkix_Build_CheckInCache(state, &buildResult,
+ &nbioContext, plContext),
+ PKIX_UNABLETOBUILDCHAIN);
+ if (nbioContext) {
+ *pNBIOContext = nbioContext;
+ *pState = state;
+ state = NULL;
+ goto cleanup;
+ }
+ if (buildResult) {
+ *pBuildResult = buildResult;
+ if (pVerifyNode != NULL) {
+ *pVerifyNode = state->verifyNode;
+ state->verifyNode = NULL;
+ }
+ goto cleanup;
+ }
+ }
+
+ /* If we're resuming after non-blocking I/O we need to get SubjNames */
+ if (targetSubjNames == NULL) {
+ PKIX_CHECK(PKIX_PL_Cert_GetAllSubjectNames
+ (state->buildConstants.targetCert,
+ &targetSubjNames,
+ plContext),
+ PKIX_CERTGETALLSUBJECTNAMESFAILED);
+ }
+
+ state->status = BUILD_INITIAL;
+
+ pkixErrorResult =
+ pkix_BuildForwardDepthFirstSearch(&nbioContext, state,
+ &valResult, plContext);
+
+ /* non-null nbioContext means the build would block */
+ if (pkixErrorResult == NULL && nbioContext != NULL) {
+
+ *pNBIOContext = nbioContext;
+ *pBuildResult = NULL;
+
+ /* no valResult means the build has failed */
+ } else {
+ if (pVerifyNode != NULL) {
+ PKIX_INCREF(state->verifyNode);
+ *pVerifyNode = state->verifyNode;
+ }
+
+ if (valResult == NULL || pkixErrorResult)
+ PKIX_ERROR(PKIX_UNABLETOBUILDCHAIN);
+ PKIX_CHECK(
+ pkix_BuildResult_Create(valResult, state->trustChain,
+ &buildResult, plContext),
+ PKIX_BUILDRESULTCREATEFAILED);
+ *pBuildResult = buildResult;
+ }
+
+ *pState = state;
+ state = NULL;
+
+cleanup:
+
+ PKIX_DECREF(targetConstraints);
+ PKIX_DECREF(targetParams);
+ PKIX_DECREF(anchors);
+ PKIX_DECREF(targetSubjNames);
+ PKIX_DECREF(targetCert);
+ PKIX_DECREF(revChecker);
+ PKIX_DECREF(certStores);
+ PKIX_DECREF(certStore);
+ PKIX_DECREF(userCheckers);
+ PKIX_DECREF(hintCerts);
+ PKIX_DECREF(firstHintCert);
+ PKIX_DECREF(testDate);
+ PKIX_DECREF(targetPubKey);
+ PKIX_DECREF(tentativeChain);
+ PKIX_DECREF(valResult);
+ PKIX_DECREF(certList);
+ PKIX_DECREF(trustedCert);
+ PKIX_DECREF(state);
+ PKIX_DECREF(aiaMgr);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_Build_ResumeBuildChain
+ * DESCRIPTION:
+ *
+ * This function continues the search for a BuildChain, using the parameters
+ * provided in "procParams" and the ForwardBuilderState pointed to by "state".
+ *
+ * If a successful chain is built, this function stores the BuildResult at
+ * "pBuildResult". Alternatively, if an operation using non-blocking I/O
+ * is in progress and the operation has not been completed, this function
+ * stores the FowardBuilderState at "pState" and NULL at "pBuildResult".
+ * Finally, if chain building was unsuccessful, this function stores NULL
+ * at both "pState" and at "pBuildResult".
+ *
+ * PARAMETERS:
+ * "pNBIOContext"
+ * Address at which the NBIOContext is stored indicating whether the
+ * validation is complete. Must be non-NULL.
+ * "pState"
+ * Address at which the ForwardBuilderState is provided for resumption of
+ * the chain building attempt; also, the address at which the
+ * ForwardBuilderStateis stored, if the chain building is suspended for
+ * waiting I/O. Must be non-NULL.
+ * "pBuildResult"
+ * Address at which the BuildResult is stored, after a successful build.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Build Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Build_ResumeBuildChain(
+ void **pNBIOContext,
+ PKIX_ForwardBuilderState *state,
+ PKIX_BuildResult **pBuildResult,
+ PKIX_VerifyNode **pVerifyNode,
+ void *plContext)
+{
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_BuildResult *buildResult = NULL;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_Build_ResumeBuildChain");
+ PKIX_NULLCHECK_TWO(state, pBuildResult);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ pkixErrorResult =
+ pkix_BuildForwardDepthFirstSearch(&nbioContext, state,
+ &valResult, plContext);
+
+ /* non-null nbioContext means the build would block */
+ if (pkixErrorResult == NULL && nbioContext != NULL) {
+
+ *pNBIOContext = nbioContext;
+ *pBuildResult = NULL;
+
+ /* no valResult means the build has failed */
+ } else {
+ if (pVerifyNode != NULL) {
+ PKIX_INCREF(state->verifyNode);
+ *pVerifyNode = state->verifyNode;
+ }
+
+ if (valResult == NULL || pkixErrorResult)
+ PKIX_ERROR(PKIX_UNABLETOBUILDCHAIN);
+
+ PKIX_CHECK(
+ pkix_BuildResult_Create(valResult, state->trustChain,
+ &buildResult, plContext),
+ PKIX_BUILDRESULTCREATEFAILED);
+ *pBuildResult = buildResult;
+ }
+
+cleanup:
+
+ PKIX_DECREF(valResult);
+
+ PKIX_RETURN(BUILD);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_BuildChain (see comments in pkix.h)
+ */
+PKIX_Error *
+PKIX_BuildChain(
+ PKIX_ProcessingParams *procParams,
+ void **pNBIOContext,
+ void **pState,
+ PKIX_BuildResult **pBuildResult,
+ PKIX_VerifyNode **pVerifyNode,
+ void *plContext)
+{
+ PKIX_ForwardBuilderState *state = NULL;
+ PKIX_BuildResult *buildResult = NULL;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(BUILD, "PKIX_BuildChain");
+ PKIX_NULLCHECK_FOUR(procParams, pNBIOContext, pState, pBuildResult);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ if (*pState == NULL) {
+ PKIX_CHECK(pkix_Build_InitiateBuildChain
+ (procParams,
+ &nbioContext,
+ &state,
+ &buildResult,
+ pVerifyNode,
+ plContext),
+ PKIX_BUILDINITIATEBUILDCHAINFAILED);
+ } else {
+ state = (PKIX_ForwardBuilderState *)(*pState);
+ *pState = NULL; /* no net change in reference count */
+ if (state->status == BUILD_SHORTCUTPENDING) {
+ PKIX_CHECK(pkix_Build_InitiateBuildChain
+ (procParams,
+ &nbioContext,
+ &state,
+ &buildResult,
+ pVerifyNode,
+ plContext),
+ PKIX_BUILDINITIATEBUILDCHAINFAILED);
+ } else {
+ PKIX_CHECK(pkix_Build_ResumeBuildChain
+ (&nbioContext,
+ state,
+ &buildResult,
+ pVerifyNode,
+ plContext),
+ PKIX_BUILDINITIATEBUILDCHAINFAILED);
+ }
+ }
+
+ /* non-null nbioContext means the build would block */
+ if (nbioContext != NULL) {
+
+ *pNBIOContext = nbioContext;
+ *pState = state;
+ state = NULL;
+ *pBuildResult = NULL;
+
+ /* no buildResult means the build has failed */
+ } else if (buildResult == NULL) {
+ PKIX_ERROR(PKIX_UNABLETOBUILDCHAIN);
+ } else {
+ /*
+ * If we made a successful chain by combining the target Cert
+ * with one of the Trust Anchors, we may have never created a
+ * validityDate. We treat this situation as
+ * canBeCached = PKIX_FALSE.
+ */
+ if ((state != NULL) &&
+ ((state->validityDate) != NULL) &&
+ (state->canBeCached)) {
+ PKIX_CHECK(pkix_CacheCertChain_Add
+ (state->buildConstants.targetCert,
+ state->buildConstants.anchors,
+ state->validityDate,
+ buildResult,
+ plContext),
+ PKIX_CACHECERTCHAINADDFAILED);
+ }
+
+ *pState = NULL;
+ *pBuildResult = buildResult;
+ buildResult = NULL;
+ }
+
+cleanup:
+ PKIX_DECREF(buildResult);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(BUILD);
+}
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_build.h b/security/nss/lib/libpkix/pkix/top/pkix_build.h
new file mode 100755
index 000000000..eeba9239d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/pkix_build.h
@@ -0,0 +1,120 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_build.h
+ *
+ * Header file for buildChain function
+ *
+ */
+
+#ifndef _PKIX_BUILD_H
+#define _PKIX_BUILD_H
+#include "pkix_tools.h"
+#ifndef NSS_PKIX_NO_LDAP
+#include "pkix_pl_ldapt.h"
+#endif
+#include "pkix_ekuchecker.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum {
+ BUILD_SHORTCUTPENDING,
+ BUILD_INITIAL,
+ BUILD_TRYAIA,
+ BUILD_AIAPENDING,
+ BUILD_COLLECTINGCERTS,
+ BUILD_GATHERPENDING,
+ BUILD_CERTVALIDATING,
+ BUILD_ABANDONNODE,
+ BUILD_DATEPREP,
+ BUILD_CHECKTRUSTED,
+ BUILD_CHECKTRUSTED2,
+ BUILD_ADDTOCHAIN,
+ BUILD_VALCHAIN,
+ BUILD_VALCHAIN2,
+ BUILD_EXTENDCHAIN,
+ BUILD_GETNEXTCERT
+} BuildStatus;
+
+typedef struct BuildConstantsStruct BuildConstants;
+
+/*
+ * These fields (the ones that are objects) are not reference-counted
+ * in *each* state, but only in the root, the state that has no parent.
+ * That saves time in creation and destruction of child states, but is
+ * safe enough since they are constants.
+ */
+struct BuildConstantsStruct {
+ PKIX_UInt32 numAnchors;
+ PKIX_UInt32 numCertStores;
+ PKIX_UInt32 numHintCerts;
+ PKIX_UInt32 maxDepth;
+ PKIX_UInt32 maxFanout;
+ PKIX_UInt32 maxTime;
+ PKIX_ProcessingParams *procParams;
+ PKIX_PL_Date *testDate;
+ PKIX_PL_Date *timeLimit;
+ PKIX_PL_Cert *targetCert;
+ PKIX_PL_PublicKey *targetPubKey;
+ PKIX_List *certStores;
+ PKIX_List *anchors;
+ PKIX_List *userCheckers;
+ PKIX_List *hintCerts;
+ PKIX_RevocationChecker *revChecker;
+ PKIX_PL_AIAMgr *aiaMgr;
+ PKIX_Boolean useAIAForCertFetching;
+ PKIX_Boolean trustOnlyUserAnchors;
+};
+
+struct PKIX_ForwardBuilderStateStruct{
+ BuildStatus status;
+ PKIX_Int32 traversedCACerts;
+ PKIX_UInt32 certStoreIndex;
+ PKIX_UInt32 numCerts;
+ PKIX_UInt32 numAias;
+ PKIX_UInt32 certIndex;
+ PKIX_UInt32 aiaIndex;
+ PKIX_UInt32 certCheckedIndex;
+ PKIX_UInt32 checkerIndex;
+ PKIX_UInt32 hintCertIndex;
+ PKIX_UInt32 numFanout;
+ PKIX_UInt32 numDepth;
+ PKIX_UInt32 reasonCode;
+ PKIX_Boolean canBeCached;
+ PKIX_Boolean useOnlyLocal;
+ PKIX_Boolean revChecking;
+ PKIX_Boolean usingHintCerts;
+ PKIX_Boolean certLoopingDetected;
+ PKIX_PL_Date *validityDate;
+ PKIX_PL_Cert *prevCert;
+ PKIX_PL_Cert *candidateCert;
+ PKIX_List *traversedSubjNames;
+ PKIX_List *trustChain;
+ PKIX_List *aia;
+ PKIX_List *candidateCerts;
+ PKIX_List *reversedCertChain;
+ PKIX_List *checkedCritExtOIDs;
+ PKIX_List *checkerChain;
+ PKIX_CertSelector *certSel;
+ PKIX_VerifyNode *verifyNode;
+ void *client; /* messageHandler, such as LDAPClient */
+ PKIX_ForwardBuilderState *parentState;
+ BuildConstants buildConstants;
+};
+
+/* --Private-Functions-------------------------------------------- */
+
+PKIX_Error *
+pkix_ForwardBuilderState_RegisterSelf(void *plContext);
+
+PKIX_Error *
+PKIX_Build_GetNBIOContext(void *state, void **pNBIOContext, void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_BUILD_H */
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_lifecycle.c b/security/nss/lib/libpkix/pkix/top/pkix_lifecycle.c
new file mode 100755
index 000000000..aad0e1aaf
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/pkix_lifecycle.c
@@ -0,0 +1,210 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_lifecycle.c
+ *
+ * Top level initialize and shutdown functions
+ *
+ */
+
+#include "pkix_lifecycle.h"
+
+static PKIX_Boolean pkixIsInitialized;
+
+/* Lock used by Logger - is reentrant by the same thread */
+extern PKIX_PL_MonitorLock *pkixLoggerLock;
+
+/*
+ * Following pkix_* variables are for debugging purpose. They should be taken
+ * out eventually. The purpose is to verify cache tables usage (via debugger).
+ */
+int pkix_ccAddCount = 0;
+int pkix_ccLookupCount = 0;
+int pkix_ccRemoveCount = 0;
+int pkix_cAddCount = 0;
+int pkix_cLookupCount = 0;
+int pkix_cRemoveCount = 0;
+int pkix_ceAddCount = 0;
+int pkix_ceLookupCount = 0;
+
+PKIX_PL_HashTable *cachedCrlSigTable = NULL;
+PKIX_PL_HashTable *cachedCertSigTable = NULL;
+PKIX_PL_HashTable *cachedCertChainTable = NULL;
+PKIX_PL_HashTable *cachedCertTable = NULL;
+PKIX_PL_HashTable *cachedCrlEntryTable = NULL;
+PKIX_PL_HashTable *aiaConnectionCache = NULL;
+PKIX_PL_HashTable *httpSocketCache = NULL;
+
+extern PKIX_List *pkixLoggers;
+extern PKIX_List *pkixLoggersErrors;
+extern PKIX_List *pkixLoggersDebugTrace;
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_Initialize (see comments in pkix.h)
+ */
+PKIX_Error *
+PKIX_Initialize(
+ PKIX_Boolean platformInitNeeded,
+ PKIX_UInt32 desiredMajorVersion,
+ PKIX_UInt32 minDesiredMinorVersion,
+ PKIX_UInt32 maxDesiredMinorVersion,
+ PKIX_UInt32 *pActualMinorVersion,
+ void **pPlContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(LIFECYCLE, "PKIX_Initialize");
+ PKIX_NULLCHECK_ONE(pPlContext);
+
+ /*
+ * If we are called a second time other than in the situation handled
+ * above, we return a positive status.
+ */
+ if (pkixIsInitialized){
+ /* Already initialized */
+ PKIX_RETURN(LIFECYCLE);
+ }
+
+ PKIX_CHECK(PKIX_PL_Initialize
+ (platformInitNeeded, PKIX_FALSE, &plContext),
+ PKIX_INITIALIZEFAILED);
+
+ *pPlContext = plContext;
+
+ if (desiredMajorVersion != PKIX_MAJOR_VERSION){
+ PKIX_ERROR(PKIX_MAJORVERSIONSDONTMATCH);
+ }
+
+ if ((minDesiredMinorVersion > PKIX_MINOR_VERSION) ||
+ (maxDesiredMinorVersion < PKIX_MINOR_VERSION)){
+ PKIX_ERROR(PKIX_MINORVERSIONNOTBETWEENDESIREDMINANDMAX);
+ }
+
+ *pActualMinorVersion = PKIX_MINOR_VERSION;
+
+ /* Create Cache Tables
+ * Do not initialize hash tables for object leak test */
+#if !defined(PKIX_OBJECT_LEAK_TEST)
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (32, 0, &cachedCertSigTable, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (32, 0, &cachedCrlSigTable, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (32, 10, &cachedCertChainTable, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (32, 10, &cachedCertTable, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (32, 10, &cachedCrlEntryTable, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (5, 5, &aiaConnectionCache, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+#ifdef PKIX_SOCKETCACHE
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (5, 5, &httpSocketCache, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+#endif
+ if (pkixLoggerLock == NULL) {
+ PKIX_CHECK(PKIX_PL_MonitorLock_Create
+ (&pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKCREATEFAILED);
+ }
+#else
+ fnInvTable = PL_NewHashTable(0, pkix_ErrorGen_Hash,
+ PL_CompareValues,
+ PL_CompareValues, NULL, NULL);
+ if (!fnInvTable) {
+ PKIX_ERROR(PKIX_HASHTABLECREATEFAILED);
+ }
+
+ fnStackNameArr = PORT_ZNewArray(char*, MAX_STACK_DEPTH);
+ if (!fnStackNameArr) {
+ PKIX_ERROR(PKIX_HASHTABLECREATEFAILED);
+ }
+
+ fnStackInvCountArr = PORT_ZNewArray(PKIX_UInt32, MAX_STACK_DEPTH);
+ if (!fnStackInvCountArr) {
+ PKIX_ERROR(PKIX_HASHTABLECREATEFAILED);
+ }
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ pkixIsInitialized = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(LIFECYCLE);
+}
+
+/*
+ * FUNCTION: PKIX_Shutdown (see comments in pkix.h)
+ */
+PKIX_Error *
+PKIX_Shutdown(void *plContext)
+{
+ PKIX_List *savedPkixLoggers = NULL;
+ PKIX_List *savedPkixLoggersErrors = NULL;
+ PKIX_List *savedPkixLoggersDebugTrace = NULL;
+
+ PKIX_ENTER(LIFECYCLE, "PKIX_Shutdown");
+
+ if (!pkixIsInitialized){
+ /* The library was not initialized */
+ PKIX_RETURN(LIFECYCLE);
+ }
+
+ pkixIsInitialized = PKIX_FALSE;
+
+ if (pkixLoggers) {
+ savedPkixLoggers = pkixLoggers;
+ savedPkixLoggersErrors = pkixLoggersErrors;
+ savedPkixLoggersDebugTrace = pkixLoggersDebugTrace;
+ pkixLoggers = NULL;
+ pkixLoggersErrors = NULL;
+ pkixLoggersDebugTrace = NULL;
+ PKIX_DECREF(savedPkixLoggers);
+ PKIX_DECREF(savedPkixLoggersErrors);
+ PKIX_DECREF(savedPkixLoggersDebugTrace);
+ }
+ PKIX_DECREF(pkixLoggerLock);
+
+ /* Destroy Cache Tables */
+ PKIX_DECREF(cachedCertSigTable);
+ PKIX_DECREF(cachedCrlSigTable);
+ PKIX_DECREF(cachedCertChainTable);
+ PKIX_DECREF(cachedCertTable);
+ PKIX_DECREF(cachedCrlEntryTable);
+ PKIX_DECREF(aiaConnectionCache);
+ PKIX_DECREF(httpSocketCache);
+
+ /* Clean up any temporary errors that happened during shutdown */
+ if (pkixErrorList) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorList, plContext);
+ pkixErrorList = NULL;
+ }
+
+ PKIX_CHECK(PKIX_PL_Shutdown(plContext),
+ PKIX_SHUTDOWNFAILED);
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ PORT_Free(fnStackInvCountArr);
+ PORT_Free(fnStackNameArr);
+ PL_HashTableDestroy(fnInvTable);
+#endif
+
+cleanup:
+
+ PKIX_RETURN(LIFECYCLE);
+}
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_lifecycle.h b/security/nss/lib/libpkix/pkix/top/pkix_lifecycle.h
new file mode 100755
index 000000000..02631229c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/pkix_lifecycle.h
@@ -0,0 +1,23 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_lifecycle.h
+ *
+ * Header file for initialize and shutdown functions.
+ *
+ */
+
+#ifndef _PKIX_LIFECYCLE_H
+#define _PKIX_LIFECYCLE_H
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_LIFECYCLE_H */
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_validate.c b/security/nss/lib/libpkix/pkix/top/pkix_validate.c
new file mode 100755
index 000000000..1e5dec795
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/pkix_validate.c
@@ -0,0 +1,1451 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_validate.c
+ *
+ * Top level validateChain function
+ *
+ */
+
+#include "pkix_validate.h"
+#include "pkix_pl_common.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_AddToVerifyLog
+ * DESCRIPTION:
+ *
+ * This function returns immediately if the address for the VerifyNode tree
+ * pointed to by "pVerifyTree" is NULL. Otherwise it creates a new VerifyNode
+ * from the Cert pointed to by "cert" and the Error pointed to by "error",
+ * and inserts it at the depth in the VerifyNode tree determined by "depth". A
+ * depth of zero means that this function creates the root node of a new tree.
+ *
+ * Note: this function does not include the means of choosing among branches
+ * of a tree. It is intended for non-branching trees, that is, where each
+ * parent node has only a single child node.
+ *
+ * PARAMETERS:
+ * "cert"
+ * The address of the Cert to be included in the new VerifyNode. Must be
+ * non-NULL.
+ * "depth"
+ * The UInt32 value of the depth.
+ * "error"
+ * The address of the Error to be included in the new VerifyNode.
+ * "pVerifyTree"
+ * The address of the VerifyNode tree into which the created VerifyNode
+ * is to be inserted. The node is not created if VerifyTree is NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_AddToVerifyLog(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 depth,
+ PKIX_Error *error,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext)
+{
+
+ PKIX_VerifyNode *verifyNode = NULL;
+
+ PKIX_ENTER(VALIDATE, "pkix_AddToVerifyLog");
+ PKIX_NULLCHECK_ONE(cert);
+
+ if (pVerifyTree) { /* nothing to do if no address given for log */
+
+ PKIX_CHECK(pkix_VerifyNode_Create
+ (cert, depth, error, &verifyNode, plContext),
+ PKIX_VERIFYNODECREATEFAILED);
+
+ if (depth == 0) {
+ /* We just created the root node */
+ *pVerifyTree = verifyNode;
+ } else {
+ PKIX_CHECK(pkix_VerifyNode_AddToChain
+ (*pVerifyTree, verifyNode, plContext),
+ PKIX_VERIFYNODEADDTOCHAINFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(VALIDATE);
+
+}
+
+/*
+ * FUNCTION: pkix_CheckCert
+ * DESCRIPTION:
+ *
+ * Checks whether the Cert pointed to by "cert" successfully validates
+ * using the List of CertChainCheckers pointed to by "checkers". If the
+ * certificate does not validate, an Error pointer is returned.
+ *
+ * This function should be called initially with the UInt32 pointed to by
+ * "pCheckerIndex" containing zero, and the pointer at "pNBIOContext"
+ * containing NULL. If a checker does non-blocking I/O, this function will
+ * return with the index of that checker stored at "pCheckerIndex" and a
+ * platform-dependent non-blocking I/O context stored at "pNBIOContext".
+ * A subsequent call to this function with those values intact will allow the
+ * checking to resume where it left off. This should be repeated until the
+ * function returns with NULL stored at "pNBIOContext".
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert to validate. Must be non-NULL.
+ * "checkers"
+ * List of CertChainCheckers which must each validate the certificate.
+ * Must be non-NULL.
+ * "checkedExtOIDs"
+ * List of PKIX_PL_OID that has been processed. If called from building
+ * chain, it is the list of critical extension OIDs that has been
+ * processed prior to validation. May be NULL.
+ * "pCheckerIndex"
+ * Address at which is stored the the index, within the List "checkers",
+ * of a checker whose processing was interrupted by non-blocking I/O.
+ * Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which is stored platform-specific non-blocking I/O context.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_CheckCert(
+ PKIX_PL_Cert *cert,
+ PKIX_List *checkers,
+ PKIX_List *checkedExtOIDsList,
+ PKIX_UInt32 *pCheckerIndex,
+ void **pNBIOContext,
+ void *plContext)
+{
+ PKIX_CertChainChecker_CheckCallback checkerCheck = NULL;
+ PKIX_CertChainChecker *checker = NULL;
+ PKIX_List *unresCritExtOIDs = NULL;
+ PKIX_UInt32 numCheckers;
+ PKIX_UInt32 numUnresCritExtOIDs = 0;
+ PKIX_UInt32 checkerIndex = 0;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(VALIDATE, "pkix_CheckCert");
+ PKIX_NULLCHECK_FOUR(cert, checkers, pCheckerIndex, pNBIOContext);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL; /* prepare for case of error exit */
+
+ PKIX_CHECK(PKIX_PL_Cert_GetCriticalExtensionOIDs
+ (cert, &unresCritExtOIDs, plContext),
+ PKIX_CERTGETCRITICALEXTENSIONOIDSFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(checkers, &numCheckers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (checkerIndex = *pCheckerIndex;
+ checkerIndex < numCheckers;
+ checkerIndex++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (checkers,
+ checkerIndex,
+ (PKIX_PL_Object **)&checker,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCheckCallback
+ (checker, &checkerCheck, plContext),
+ PKIX_CERTCHAINCHECKERGETCHECKCALLBACKFAILED);
+
+ PKIX_CHECK(checkerCheck(checker, cert, unresCritExtOIDs,
+ &nbioContext, plContext),
+ PKIX_CERTCHAINCHECKERCHECKFAILED);
+
+ if (nbioContext != NULL) {
+ *pCheckerIndex = checkerIndex;
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ PKIX_DECREF(checker);
+ }
+
+ if (unresCritExtOIDs){
+
+#ifdef PKIX_VALIDATEDEBUG
+ {
+ PKIX_PL_String *oidString = NULL;
+ PKIX_UInt32 length;
+ char *oidAscii = NULL;
+ PKIX_TOSTRING(unresCritExtOIDs, &oidString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (oidString,
+ PKIX_ESCASCII,
+ (void **) &oidAscii,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+ PKIX_VALIDATE_DEBUG_ARG
+ ("unrecognized critical extension OIDs:"
+ " %s\n", oidAscii);
+ PKIX_DECREF(oidString);
+ PKIX_PL_Free(oidAscii, plContext);
+ }
+#endif
+
+ if (checkedExtOIDsList != NULL) {
+ /* Take out OID's that had been processed, if any */
+ PKIX_CHECK(pkix_List_RemoveItems
+ (unresCritExtOIDs,
+ checkedExtOIDsList,
+ plContext),
+ PKIX_LISTREMOVEITEMSFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (unresCritExtOIDs, &numUnresCritExtOIDs, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numUnresCritExtOIDs != 0){
+ PKIX_ERROR(PKIX_UNRECOGNIZEDCRITICALEXTENSION);
+ }
+
+ }
+
+cleanup:
+
+ PKIX_DECREF(checker);
+ PKIX_DECREF(unresCritExtOIDs);
+
+ PKIX_RETURN(VALIDATE);
+
+}
+
+/*
+ * FUNCTION: pkix_InitializeCheckers
+ * DESCRIPTION:
+ *
+ * Creates several checkers and initializes them with values derived from the
+ * TrustAnchor pointed to by "anchor", the ProcessingParams pointed to by
+ * "procParams", and the number of Certs in the Chain, represented by
+ * "numCerts". The List of checkers is stored at "pCheckers".
+ *
+ * PARAMETERS:
+ * "anchor"
+ * Address of TrustAnchor used to initialize the SignatureChecker and
+ * NameChainingChecker. Must be non-NULL.
+ * "procParams"
+ * Address of ProcessingParams used to initialize the ExpirationChecker
+ * and TargetCertChecker. Must be non-NULL.
+ * "numCerts"
+ * Number of certificates in the CertChain.
+ * "pCheckers"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_InitializeCheckers(
+ PKIX_TrustAnchor *anchor,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 numCerts,
+ PKIX_List **pCheckers,
+ void *plContext)
+{
+ PKIX_CertChainChecker *targetCertChecker = NULL;
+ PKIX_CertChainChecker *expirationChecker = NULL;
+ PKIX_CertChainChecker *nameChainingChecker = NULL;
+ PKIX_CertChainChecker *nameConstraintsChecker = NULL;
+ PKIX_CertChainChecker *basicConstraintsChecker = NULL;
+ PKIX_CertChainChecker *policyChecker = NULL;
+ PKIX_CertChainChecker *sigChecker = NULL;
+ PKIX_CertChainChecker *defaultCrlChecker = NULL;
+ PKIX_CertChainChecker *userChecker = NULL;
+ PKIX_PL_X500Name *trustedCAName = NULL;
+ PKIX_PL_PublicKey *trustedPubKey = NULL;
+ PKIX_List *checkers = NULL;
+ PKIX_PL_Date *testDate = NULL;
+ PKIX_CertSelector *certSelector = NULL;
+ PKIX_PL_Cert *trustedCert = NULL;
+ PKIX_PL_CertNameConstraints *trustedNC = NULL;
+ PKIX_List *initialPolicies = NULL;
+ PKIX_Boolean policyQualifiersRejected = PKIX_FALSE;
+ PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE;
+ PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE;
+ PKIX_Boolean initialExplicitPolicy = PKIX_FALSE;
+ PKIX_List *userCheckersList = NULL;
+ PKIX_List *certStores = NULL;
+ PKIX_UInt32 numCertCheckers = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(VALIDATE, "pkix_InitializeCheckers");
+ PKIX_NULLCHECK_THREE(anchor, procParams, pCheckers);
+ PKIX_CHECK(PKIX_List_Create(&checkers, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /*
+ * The TrustAnchor may have been created using CreateWithCert
+ * (in which case GetCAPublicKey and GetCAName will return NULL)
+ * or may have been created using CreateWithNameKeyPair (in which
+ * case GetTrustedCert will return NULL. So we call GetTrustedCert
+ * and populate trustedPubKey and trustedCAName accordingly.
+ */
+
+ PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
+ (anchor, &trustedCert, plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+
+ if (trustedCert){
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (trustedCert, &trustedPubKey, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject
+ (trustedCert, &trustedCAName, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+ } else {
+ PKIX_CHECK(PKIX_TrustAnchor_GetCAPublicKey
+ (anchor, &trustedPubKey, plContext),
+ PKIX_TRUSTANCHORGETCAPUBLICKEYFAILED);
+
+ PKIX_CHECK(PKIX_TrustAnchor_GetCAName
+ (anchor, &trustedCAName, plContext),
+ PKIX_TRUSTANCHORGETCANAMEFAILED);
+ }
+
+ PKIX_NULLCHECK_TWO(trustedPubKey, trustedCAName);
+
+ PKIX_CHECK(PKIX_TrustAnchor_GetNameConstraints
+ (anchor, &trustedNC, plContext),
+ PKIX_TRUSTANCHORGETNAMECONSTRAINTSFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetTargetCertConstraints
+ (procParams, &certSelector, plContext),
+ PKIX_PROCESSINGPARAMSGETTARGETCERTCONSTRAINTSFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetDate
+ (procParams, &testDate, plContext),
+ PKIX_PROCESSINGPARAMSGETDATEFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetInitialPolicies
+ (procParams, &initialPolicies, plContext),
+ PKIX_PROCESSINGPARAMSGETINITIALPOLICIESFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetPolicyQualifiersRejected
+ (procParams, &policyQualifiersRejected, plContext),
+ PKIX_PROCESSINGPARAMSGETPOLICYQUALIFIERSREJECTEDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_IsPolicyMappingInhibited
+ (procParams, &initialPolicyMappingInhibit, plContext),
+ PKIX_PROCESSINGPARAMSISPOLICYMAPPINGINHIBITEDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_IsAnyPolicyInhibited
+ (procParams, &initialAnyPolicyInhibit, plContext),
+ PKIX_PROCESSINGPARAMSISANYPOLICYINHIBITEDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_IsExplicitPolicyRequired
+ (procParams, &initialExplicitPolicy, plContext),
+ PKIX_PROCESSINGPARAMSISEXPLICITPOLICYREQUIREDFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertStores
+ (procParams, &certStores, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTSTORESFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertChainCheckers
+ (procParams, &userCheckersList, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTCHAINCHECKERSFAILED);
+
+ /* now, initialize all the checkers */
+ PKIX_CHECK(pkix_TargetCertChecker_Initialize
+ (certSelector, numCerts, &targetCertChecker, plContext),
+ PKIX_TARGETCERTCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(pkix_ExpirationChecker_Initialize
+ (testDate, &expirationChecker, plContext),
+ PKIX_EXPIRATIONCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(pkix_NameChainingChecker_Initialize
+ (trustedCAName, &nameChainingChecker, plContext),
+ PKIX_NAMECHAININGCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(pkix_NameConstraintsChecker_Initialize
+ (trustedNC, numCerts, &nameConstraintsChecker, plContext),
+ PKIX_NAMECONSTRAINTSCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(pkix_BasicConstraintsChecker_Initialize
+ (numCerts, &basicConstraintsChecker, plContext),
+ PKIX_BASICCONSTRAINTSCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(pkix_PolicyChecker_Initialize
+ (initialPolicies,
+ policyQualifiersRejected,
+ initialPolicyMappingInhibit,
+ initialExplicitPolicy,
+ initialAnyPolicyInhibit,
+ numCerts,
+ &policyChecker,
+ plContext),
+ PKIX_POLICYCHECKERINITIALIZEFAILED);
+
+ PKIX_CHECK(pkix_SignatureChecker_Initialize
+ (trustedPubKey, numCerts, &sigChecker, plContext),
+ PKIX_SIGNATURECHECKERINITIALIZEFAILED);
+
+ if (userCheckersList != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (userCheckersList, &numCertCheckers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numCertCheckers; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (userCheckersList,
+ i,
+ (PKIX_PL_Object **) &userChecker,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers,
+ (PKIX_PL_Object *)userChecker,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(userChecker);
+ }
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)targetCertChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)expirationChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)nameChainingChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)nameConstraintsChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)basicConstraintsChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)policyChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (checkers, (PKIX_PL_Object *)sigChecker, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ *pCheckers = checkers;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(checkers);
+ }
+
+ PKIX_DECREF(certSelector);
+ PKIX_DECREF(testDate);
+ PKIX_DECREF(initialPolicies);
+ PKIX_DECREF(targetCertChecker);
+ PKIX_DECREF(expirationChecker);
+ PKIX_DECREF(nameChainingChecker);
+ PKIX_DECREF(nameConstraintsChecker);
+ PKIX_DECREF(basicConstraintsChecker);
+ PKIX_DECREF(policyChecker);
+ PKIX_DECREF(sigChecker);
+ PKIX_DECREF(trustedCAName);
+ PKIX_DECREF(trustedPubKey);
+ PKIX_DECREF(trustedNC);
+ PKIX_DECREF(trustedCert);
+ PKIX_DECREF(defaultCrlChecker);
+ PKIX_DECREF(userCheckersList);
+ PKIX_DECREF(certStores);
+ PKIX_DECREF(userChecker);
+
+ PKIX_RETURN(VALIDATE);
+}
+
+/*
+ * FUNCTION: pkix_RetrieveOutputs
+ * DESCRIPTION:
+ *
+ * This function queries the respective states of the List of checkers in
+ * "checkers" to to obtain the final public key from the SignatureChecker
+ * and the policy tree from the PolicyChecker, storing those values at
+ * "pFinalSubjPubKey" and "pPolicyTree", respectively.
+ *
+ * PARAMETERS:
+ * "checkers"
+ * Address of List of checkers to be queried. Must be non-NULL.
+ * "pFinalSubjPubKey"
+ * Address where final public key will be stored. Must be non-NULL.
+ * "pPolicyTree"
+ * Address where policy tree will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_RetrieveOutputs(
+ PKIX_List *checkers,
+ PKIX_PL_PublicKey **pFinalSubjPubKey,
+ PKIX_PolicyNode **pPolicyTree,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *finalSubjPubKey = NULL;
+ PKIX_PolicyNode *validPolicyTree = NULL;
+ PKIX_CertChainChecker *checker = NULL;
+ PKIX_PL_Object *state = NULL;
+ PKIX_UInt32 numCheckers = 0;
+ PKIX_UInt32 type;
+ PKIX_Int32 j;
+
+ PKIX_ENTER(VALIDATE, "pkix_RetrieveOutputs");
+
+ PKIX_NULLCHECK_TWO(checkers, pPolicyTree);
+
+ /*
+ * To optimize the search, we guess that the sigChecker is
+ * last in the tree and is preceded by the policyChecker. We
+ * search toward the front of the chain. Remember that List
+ * items are indexed 0..(numItems - 1).
+ */
+
+ PKIX_CHECK(PKIX_List_GetLength(checkers, &numCheckers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (j = numCheckers - 1; j >= 0; j--){
+ PKIX_CHECK(PKIX_List_GetItem
+ (checkers, j, (PKIX_PL_Object **)&checker, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetCertChainCheckerState
+ (checker, &state, plContext),
+ PKIX_CERTCHAINCHECKERGETCERTCHAINCHECKERSTATEFAILED);
+
+ /* user defined checker may have no state */
+ if (state != NULL) {
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(state, &type, plContext),
+ PKIX_OBJECTGETTYPEFAILED);
+
+ if (type == PKIX_SIGNATURECHECKERSTATE_TYPE){
+ /* final pubKey will include any inherited DSA params */
+ finalSubjPubKey =
+ ((pkix_SignatureCheckerState *)state)->
+ prevPublicKey;
+ PKIX_INCREF(finalSubjPubKey);
+ *pFinalSubjPubKey = finalSubjPubKey;
+ }
+
+ if (type == PKIX_CERTPOLICYCHECKERSTATE_TYPE) {
+ validPolicyTree =
+ ((PKIX_PolicyCheckerState *)state)->validPolicyTree;
+ break;
+ }
+ }
+
+ PKIX_DECREF(checker);
+ PKIX_DECREF(state);
+ }
+
+ PKIX_INCREF(validPolicyTree);
+ *pPolicyTree = validPolicyTree;
+
+cleanup:
+
+ PKIX_DECREF(checker);
+ PKIX_DECREF(state);
+
+ PKIX_RETURN(VALIDATE);
+
+}
+
+/*
+ * FUNCTION: pkix_CheckChain
+ * DESCRIPTION:
+ *
+ * Checks whether the List of Certs pointed to by "certs", containing
+ * "numCerts" entries, successfully validates using each CertChainChecker in
+ * the List pointed to by "checkers" and has not been revoked, according to any
+ * of the Revocation Checkers in the List pointed to by "revChecker". Checkers
+ * are expected to remove from "removeCheckedExtOIDs" and extensions that they
+ * process. Indices to the certChain and the checkerChain are obtained and
+ * returned in "pCertCheckedIndex" and "pCheckerIndex", respectively. These
+ * should be set to zero prior to the initial call, but may be changed (and
+ * must be supplied on subsequent calls) if processing is suspended for non-
+ * blocking I/O. Each time a Cert passes from being validated by one of the
+ * CertChainCheckers to being checked by a Revocation Checker, the Boolean
+ * stored at "pRevChecking" is changed from FALSE to TRUE. If the Cert is
+ * rejected by a Revocation Checker, its reason code is returned at
+ * "pReasonCode. If the List of Certs successfully validates, the public key i
+ * the final certificate is obtained and stored at "pFinalSubjPubKey" and the
+ * validPolicyTree, which could be NULL, is stored at pPolicyTree. If the List
+ * of Certs fails to validate, an Error pointer is returned.
+ *
+ * If "pVerifyTree" is non-NULL, a chain of VerifyNodes is created which
+ * tracks the results of the validation. That is, either each node in the
+ * chain has a NULL Error component, or the last node contains an Error
+ * which indicates why the validation failed.
+ *
+ * The number of Certs in the List, represented by "numCerts", is used to
+ * determine which Cert is the final Cert.
+ *
+ * PARAMETERS:
+ * "certs"
+ * Address of List of Certs to validate. Must be non-NULL.
+ * "numCerts"
+ * Number of certificates in the List of certificates.
+ * "checkers"
+ * List of CertChainCheckers which must each validate the List of
+ * certificates. Must be non-NULL.
+ * "revChecker"
+ * List of RevocationCheckers which must each not reject the List of
+ * certificates. May be empty, but must be non-NULL.
+ * "removeCheckedExtOIDs"
+ * List of PKIX_PL_OID that has been processed. If called from building
+ * chain, it is the list of critical extension OIDs that has been
+ * processed prior to validation. Extension OIDs that may be processed by
+ * user defined checker processes are also in the list. May be NULL.
+ * "procParams"
+ * Address of ProcessingParams used to initialize various checkers. Must
+ * be non-NULL.
+ * "pCertCheckedIndex"
+ * Address where Int32 index to the Cert chain is obtained and
+ * returned. Must be non-NULL.
+ * "pCheckerIndex"
+ * Address where Int32 index to the CheckerChain is obtained and
+ * returned. Must be non-NULL.
+ * "pRevChecking"
+ * Address where Boolean is obtained and returned, indicating, if FALSE,
+ * that CertChainCheckers are being called; or, if TRUE, that RevChecker
+ * are being called. Must be non-NULL.
+ * "pReasonCode"
+ * Address where UInt32 results of revocation checking are stored. Must be
+ * non-NULL.
+ * "pNBIOContext"
+ * Address where platform-dependent context is stored if checking is
+ * suspended for non-blocking I/O. Must be non-NULL.
+ * "pFinalSubjPubKey"
+ * Address where the final public key will be stored. Must be non-NULL.
+ * "pPolicyTree"
+ * Address where the final validPolicyTree is stored. Must be non-NULL.
+ * "pVerifyTree"
+ * Address where a VerifyTree is stored, if non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CheckChain(
+ PKIX_List *certs,
+ PKIX_UInt32 numCerts,
+ PKIX_TrustAnchor *anchor,
+ PKIX_List *checkers,
+ PKIX_RevocationChecker *revChecker,
+ PKIX_List *removeCheckedExtOIDs,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 *pCertCheckedIndex,
+ PKIX_UInt32 *pCheckerIndex,
+ PKIX_Boolean *pRevChecking,
+ PKIX_UInt32 *pReasonCode,
+ void **pNBIOContext,
+ PKIX_PL_PublicKey **pFinalSubjPubKey,
+ PKIX_PolicyNode **pPolicyTree,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext)
+{
+ PKIX_UInt32 j = 0;
+ PKIX_Boolean revChecking = PKIX_FALSE;
+ PKIX_Error *checkCertError = NULL;
+ void *nbioContext = NULL;
+ PKIX_PL_Cert *cert = NULL;
+ PKIX_PL_Cert *issuer = NULL;
+ PKIX_PL_NssContext *nssContext = NULL;
+ CERTCertList *certList = NULL;
+ const CERTChainVerifyCallback *chainVerifyCallback = NULL;
+ CERTCertificate *nssCert = NULL;
+
+ PKIX_ENTER(VALIDATE, "pkix_CheckChain");
+ PKIX_NULLCHECK_FOUR(certs, checkers, revChecker, pCertCheckedIndex);
+ PKIX_NULLCHECK_FOUR(pCheckerIndex, pRevChecking, pReasonCode, anchor);
+ PKIX_NULLCHECK_THREE(pNBIOContext, pFinalSubjPubKey, pPolicyTree);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+ revChecking = *pRevChecking;
+ nssContext = (PKIX_PL_NssContext *)plContext;
+ chainVerifyCallback = &nssContext->chainVerifyCallback;
+
+ if (chainVerifyCallback->isChainValid != NULL) {
+ PRBool chainOK = PR_FALSE; /*assume failure*/
+ SECStatus rv;
+
+ certList = CERT_NewCertList();
+ if (certList == NULL) {
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+
+ /* Add the trust anchor to the list */
+ PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
+ (anchor, &cert, plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetCERTCertificate(cert, &nssCert, plContext),
+ PKIX_CERTGETCERTCERTIFICATEFAILED);
+
+ rv = CERT_AddCertToListHead(certList, nssCert);
+ if (rv != SECSuccess) {
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+ /* the certList takes ownership of nssCert on success */
+ nssCert = NULL;
+ PKIX_DECREF(cert);
+
+ /* Add the rest of the chain to the list */
+ for (j = *pCertCheckedIndex; j < numCerts; j++) {
+ PKIX_CHECK(PKIX_List_GetItem(
+ certs, j, (PKIX_PL_Object **)&cert, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetCERTCertificate(cert, &nssCert, plContext),
+ PKIX_CERTGETCERTCERTIFICATEFAILED);
+
+ rv = CERT_AddCertToListHead(certList, nssCert);
+ if (rv != SECSuccess) {
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+ /* the certList takes ownership of nssCert on success */
+ nssCert = NULL;
+ PKIX_DECREF(cert);
+ }
+
+ rv = (*chainVerifyCallback->isChainValid)
+ (chainVerifyCallback->isChainValidArg, certList, &chainOK);
+ if (rv != SECSuccess) {
+ PKIX_ERROR_FATAL(PKIX_CHAINVERIFYCALLBACKFAILED);
+ }
+
+ if (!chainOK) {
+ PKIX_ERROR(PKIX_CHAINVERIFYCALLBACKFAILED);
+ }
+
+ }
+
+ PKIX_CHECK(PKIX_TrustAnchor_GetTrustedCert
+ (anchor, &cert, plContext),
+ PKIX_TRUSTANCHORGETTRUSTEDCERTFAILED);
+
+ for (j = *pCertCheckedIndex; j < numCerts; j++) {
+
+ PORT_Assert(cert);
+ PKIX_DECREF(issuer);
+ issuer = cert;
+ cert = NULL;
+
+ PKIX_CHECK(PKIX_List_GetItem(
+ certs, j, (PKIX_PL_Object **)&cert, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /* check if cert pointer is valid */
+ PORT_Assert(cert);
+ if (cert == NULL) {
+ continue;
+ }
+
+ if (revChecking == PKIX_FALSE) {
+
+ PKIX_CHECK(pkix_CheckCert
+ (cert,
+ checkers,
+ removeCheckedExtOIDs,
+ pCheckerIndex,
+ &nbioContext,
+ plContext),
+ PKIX_CHECKCERTFAILED);
+
+ if (nbioContext != NULL) {
+ *pCertCheckedIndex = j;
+ *pRevChecking = revChecking;
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ revChecking = PKIX_TRUE;
+ *pCheckerIndex = 0;
+ }
+
+ if (revChecking == PKIX_TRUE) {
+ PKIX_RevocationStatus revStatus;
+ pkixErrorResult =
+ PKIX_RevocationChecker_Check(
+ cert, issuer, revChecker,
+ procParams, PKIX_TRUE,
+ (j == numCerts - 1) ? PKIX_TRUE : PKIX_FALSE,
+ &revStatus, pReasonCode,
+ &nbioContext, plContext);
+ if (nbioContext != NULL) {
+ *pCertCheckedIndex = j;
+ *pRevChecking = revChecking;
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+ if (revStatus == PKIX_RevStatus_Revoked ||
+ pkixErrorResult) {
+ if (!pkixErrorResult) {
+ /* if pkixErrorResult is returned then
+ * use it as it has a detailed revocation
+ * error code. Otherwise create a new error */
+ PKIX_ERROR_CREATE(VALIDATE,
+ PKIX_CERTIFICATEREVOKED,
+ pkixErrorResult);
+ }
+ goto cleanup;
+ }
+ revChecking = PKIX_FALSE;
+ *pCheckerIndex = 0;
+ }
+
+ PKIX_CHECK(pkix_AddToVerifyLog
+ (cert, j, NULL, pVerifyTree, plContext),
+ PKIX_ADDTOVERIFYLOGFAILED);
+ }
+
+ PKIX_CHECK(pkix_RetrieveOutputs
+ (checkers, pFinalSubjPubKey, pPolicyTree, plContext),
+ PKIX_RETRIEVEOUTPUTSFAILED);
+
+ *pNBIOContext = NULL;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED && cert) {
+ checkCertError = pkixErrorResult;
+
+ PKIX_CHECK_FATAL(
+ pkix_AddToVerifyLog(cert, j, checkCertError, pVerifyTree,
+ plContext),
+ PKIX_ADDTOVERIFYLOGFAILED);
+ pkixErrorResult = checkCertError;
+ pkixErrorCode = pkixErrorResult->errCode;
+ checkCertError = NULL;
+ }
+
+fatal:
+ if (nssCert) {
+ CERT_DestroyCertificate(nssCert);
+ }
+
+ if (certList) {
+ CERT_DestroyCertList(certList);
+ }
+
+ PKIX_DECREF(checkCertError);
+ PKIX_DECREF(cert);
+ PKIX_DECREF(issuer);
+
+ PKIX_RETURN(VALIDATE);
+}
+
+/*
+ * FUNCTION: pkix_ExtractParameters
+ * DESCRIPTION:
+ *
+ * Extracts several parameters from the ValidateParams object pointed to by
+ * "valParams" and stores the CertChain at "pChain", the List of Certs at
+ * "pCerts", the number of Certs in the chain at "pNumCerts", the
+ * ProcessingParams object at "pProcParams", the List of TrustAnchors at
+ * "pAnchors", and the number of TrustAnchors at "pNumAnchors".
+ *
+ * PARAMETERS:
+ * "valParams"
+ * Address of ValidateParams from which the parameters are extracted.
+ * Must be non-NULL.
+ * "pCerts"
+ * Address where object pointer for List of Certs will be stored.
+ * Must be non-NULL.
+ * "pNumCerts"
+ * Address where number of Certs will be stored. Must be non-NULL.
+ * "pProcParams"
+ * Address where object pointer for ProcessingParams will be stored.
+ * Must be non-NULL.
+ * "pAnchors"
+ * Address where object pointer for List of Anchors will be stored.
+ * Must be non-NULL.
+ * "pNumAnchors"
+ * Address where number of Anchors will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Validate Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_ExtractParameters(
+ PKIX_ValidateParams *valParams,
+ PKIX_List **pCerts,
+ PKIX_UInt32 *pNumCerts,
+ PKIX_ProcessingParams **pProcParams,
+ PKIX_List **pAnchors,
+ PKIX_UInt32 *pNumAnchors,
+ void *plContext)
+{
+ PKIX_ENTER(VALIDATE, "pkix_ExtractParameters");
+ PKIX_NULLCHECK_THREE(valParams, pCerts, pNumCerts);
+ PKIX_NULLCHECK_THREE(pProcParams, pAnchors, pNumAnchors);
+
+ /* extract relevant parameters from chain */
+ PKIX_CHECK(PKIX_ValidateParams_GetCertChain
+ (valParams, pCerts, plContext),
+ PKIX_VALIDATEPARAMSGETCERTCHAINFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(*pCerts, pNumCerts, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ /* extract relevant parameters from procParams */
+ PKIX_CHECK(PKIX_ValidateParams_GetProcessingParams
+ (valParams, pProcParams, plContext),
+ PKIX_VALIDATEPARAMSGETPROCESSINGPARAMSFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetTrustAnchors
+ (*pProcParams, pAnchors, plContext),
+ PKIX_PROCESSINGPARAMSGETTRUSTANCHORSFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(*pAnchors, pNumAnchors, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+cleanup:
+
+ PKIX_RETURN(VALIDATE);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_ValidateChain (see comments in pkix.h)
+ */
+PKIX_Error *
+PKIX_ValidateChain(
+ PKIX_ValidateParams *valParams,
+ PKIX_ValidateResult **pResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext)
+{
+ PKIX_Error *chainFailed = NULL;
+
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_CertChainChecker *userChecker = NULL;
+ PKIX_RevocationChecker *revChecker = NULL;
+ PKIX_List *certs = NULL;
+ PKIX_List *checkers = NULL;
+ PKIX_List *anchors = NULL;
+ PKIX_List *userCheckers = NULL;
+ PKIX_List *userCheckerExtOIDs = NULL;
+ PKIX_List *validateCheckedCritExtOIDsList = NULL;
+ PKIX_TrustAnchor *anchor = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_PL_PublicKey *finalPubKey = NULL;
+ PKIX_PolicyNode *validPolicyTree = NULL;
+ PKIX_Boolean supportForwarding = PKIX_FALSE;
+ PKIX_Boolean revChecking = PKIX_FALSE;
+ PKIX_UInt32 i, numCerts, numAnchors;
+ PKIX_UInt32 numUserCheckers = 0;
+ PKIX_UInt32 certCheckedIndex = 0;
+ PKIX_UInt32 checkerIndex = 0;
+ PKIX_UInt32 reasonCode = 0;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(VALIDATE, "PKIX_ValidateChain");
+ PKIX_NULLCHECK_TWO(valParams, pResult);
+
+ /* extract various parameters from valParams */
+ PKIX_CHECK(pkix_ExtractParameters
+ (valParams,
+ &certs,
+ &numCerts,
+ &procParams,
+ &anchors,
+ &numAnchors,
+ plContext),
+ PKIX_EXTRACTPARAMETERSFAILED);
+
+ /*
+ * setup an extension OID list that user had defined for his checker
+ * processing. User checker is not responsible for taking out OIDs
+ * from unresolved critical extension list as the libpkix checker
+ * is doing. Here we add those user checkers' OIDs to the removal
+ * list to be taken out by CheckChain
+ */
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertChainCheckers
+ (procParams, &userCheckers, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTCHAINCHECKERSFAILED);
+
+ if (userCheckers != NULL) {
+
+ PKIX_CHECK(PKIX_List_Create
+ (&validateCheckedCritExtOIDsList,
+ plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (userCheckers, &numUserCheckers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numUserCheckers; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (userCheckers,
+ i,
+ (PKIX_PL_Object **) &userChecker,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK
+ (PKIX_CertChainChecker_IsForwardCheckingSupported
+ (userChecker, &supportForwarding, plContext),
+ PKIX_CERTCHAINCHECKERISFORWARDCHECKINGSUPPORTEDFAILED);
+
+ if (supportForwarding == PKIX_FALSE) {
+
+ PKIX_CHECK
+ (PKIX_CertChainChecker_GetSupportedExtensions
+ (userChecker, &userCheckerExtOIDs, plContext),
+ PKIX_CERTCHAINCHECKERGETSUPPORTEDEXTENSIONSFAILED);
+
+ if (userCheckerExtOIDs != NULL) {
+ PKIX_CHECK(pkix_List_AppendList
+ (validateCheckedCritExtOIDsList,
+ userCheckerExtOIDs,
+ plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ }
+ }
+
+ PKIX_DECREF(userCheckerExtOIDs);
+ PKIX_DECREF(userChecker);
+ }
+ }
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetRevocationChecker
+ (procParams, &revChecker, plContext),
+ PKIX_PROCESSINGPARAMSGETREVOCATIONCHECKERFAILED);
+
+ /* try to validate the chain with each anchor */
+ for (i = 0; i < numAnchors; i++){
+
+ /* get trust anchor */
+ PKIX_CHECK(PKIX_List_GetItem
+ (anchors, i, (PKIX_PL_Object **)&anchor, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /* initialize checkers using information from trust anchor */
+ PKIX_CHECK(pkix_InitializeCheckers
+ (anchor, procParams, numCerts, &checkers, plContext),
+ PKIX_INITIALIZECHECKERSFAILED);
+
+ /*
+ * Validate the chain using this trust anchor and these
+ * checkers. (WARNING: checkers that use non-blocking I/O
+ * are not currently supported.)
+ */
+ certCheckedIndex = 0;
+ checkerIndex = 0;
+ revChecking = PKIX_FALSE;
+ chainFailed = pkix_CheckChain
+ (certs,
+ numCerts,
+ anchor,
+ checkers,
+ revChecker,
+ validateCheckedCritExtOIDsList,
+ procParams,
+ &certCheckedIndex,
+ &checkerIndex,
+ &revChecking,
+ &reasonCode,
+ &nbioContext,
+ &finalPubKey,
+ &validPolicyTree,
+ pVerifyTree,
+ plContext);
+
+ if (chainFailed) {
+
+ /* cert chain failed to validate */
+
+ PKIX_DECREF(chainFailed);
+ PKIX_DECREF(anchor);
+ PKIX_DECREF(checkers);
+ PKIX_DECREF(validPolicyTree);
+
+ /* if last anchor, we fail; else, we try next anchor */
+ if (i == (numAnchors - 1)) { /* last anchor */
+ PKIX_ERROR(PKIX_VALIDATECHAINFAILED);
+ }
+
+ } else {
+
+ /* XXX Remove this assertion after 2014-12-31.
+ * See bug 946984. */
+ PORT_Assert(reasonCode == 0);
+
+ /* cert chain successfully validated! */
+ PKIX_CHECK(pkix_ValidateResult_Create
+ (finalPubKey,
+ anchor,
+ validPolicyTree,
+ &valResult,
+ plContext),
+ PKIX_VALIDATERESULTCREATEFAILED);
+
+ *pResult = valResult;
+
+ /* no need to try any more anchors in the loop */
+ goto cleanup;
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(finalPubKey);
+ PKIX_DECREF(certs);
+ PKIX_DECREF(anchors);
+ PKIX_DECREF(anchor);
+ PKIX_DECREF(checkers);
+ PKIX_DECREF(revChecker);
+ PKIX_DECREF(validPolicyTree);
+ PKIX_DECREF(chainFailed);
+ PKIX_DECREF(procParams);
+ PKIX_DECREF(userCheckers);
+ PKIX_DECREF(validateCheckedCritExtOIDsList);
+
+ PKIX_RETURN(VALIDATE);
+}
+
+/*
+ * FUNCTION: pkix_Validate_BuildUserOIDs
+ * DESCRIPTION:
+ *
+ * This function creates a List of the OIDs that are processed by the user
+ * checkers in the List pointed to by "userCheckers", storing the resulting
+ * List at "pUserCritOIDs". If the List of userCheckers is NULL, the output
+ * List will be NULL. Otherwise the output List will be non-NULL, but may be
+ * empty.
+ *
+ * PARAMETERS:
+ * "userCheckers"
+ * The address of the List of userCheckers.
+ * "pUserCritOIDs"
+ * The address at which the List is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a VALIDATE Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_Validate_BuildUserOIDs(
+ PKIX_List *userCheckers,
+ PKIX_List **pUserCritOIDs,
+ void *plContext)
+{
+ PKIX_UInt32 numUserCheckers = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_List *userCritOIDs = NULL;
+ PKIX_List *userCheckerExtOIDs = NULL;
+ PKIX_Boolean supportForwarding = PKIX_FALSE;
+ PKIX_CertChainChecker *userChecker = NULL;
+
+ PKIX_ENTER(VALIDATE, "pkix_Validate_BuildUserOIDs");
+ PKIX_NULLCHECK_ONE(pUserCritOIDs);
+
+ if (userCheckers != NULL) {
+ PKIX_CHECK(PKIX_List_Create(&userCritOIDs, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (userCheckers, &numUserCheckers, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numUserCheckers; i++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (userCheckers,
+ i,
+ (PKIX_PL_Object **) &userChecker,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_CertChainChecker_IsForwardCheckingSupported
+ (userChecker, &supportForwarding, plContext),
+ PKIX_CERTCHAINCHECKERISFORWARDCHECKINGSUPPORTEDFAILED);
+
+ if (supportForwarding == PKIX_FALSE) {
+
+ PKIX_CHECK(PKIX_CertChainChecker_GetSupportedExtensions
+ (userChecker, &userCheckerExtOIDs, plContext),
+ PKIX_CERTCHAINCHECKERGETSUPPORTEDEXTENSIONSFAILED);
+
+ if (userCheckerExtOIDs != NULL) {
+ PKIX_CHECK(pkix_List_AppendList
+ (userCritOIDs, userCheckerExtOIDs, plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ }
+ }
+
+ PKIX_DECREF(userCheckerExtOIDs);
+ PKIX_DECREF(userChecker);
+ }
+ }
+
+ *pUserCritOIDs = userCritOIDs;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(userCritOIDs);
+ }
+
+ PKIX_DECREF(userCheckerExtOIDs);
+ PKIX_DECREF(userChecker);
+
+ PKIX_RETURN(VALIDATE);
+}
+
+/*
+ * FUNCTION: PKIX_ValidateChain_nb (see comments in pkix.h)
+ */
+PKIX_Error *
+PKIX_ValidateChain_NB(
+ PKIX_ValidateParams *valParams,
+ PKIX_UInt32 *pCertIndex,
+ PKIX_UInt32 *pAnchorIndex,
+ PKIX_UInt32 *pCheckerIndex,
+ PKIX_Boolean *pRevChecking,
+ PKIX_List **pCheckers,
+ void **pNBIOContext,
+ PKIX_ValidateResult **pResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext)
+{
+ PKIX_UInt32 numCerts = 0;
+ PKIX_UInt32 numAnchors = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_UInt32 certIndex = 0;
+ PKIX_UInt32 anchorIndex = 0;
+ PKIX_UInt32 checkerIndex = 0;
+ PKIX_UInt32 reasonCode = 0;
+ PKIX_Boolean revChecking = PKIX_FALSE;
+ PKIX_List *certs = NULL;
+ PKIX_List *anchors = NULL;
+ PKIX_List *checkers = NULL;
+ PKIX_List *userCheckers = NULL;
+ PKIX_List *validateCheckedCritExtOIDsList = NULL;
+ PKIX_TrustAnchor *anchor = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_PL_PublicKey *finalPubKey = NULL;
+ PKIX_PolicyNode *validPolicyTree = NULL;
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_RevocationChecker *revChecker = NULL;
+ PKIX_Error *chainFailed = NULL;
+ void *nbioContext = NULL;
+
+ PKIX_ENTER(VALIDATE, "PKIX_ValidateChain_NB");
+ PKIX_NULLCHECK_FOUR
+ (valParams, pCertIndex, pAnchorIndex, pCheckerIndex);
+ PKIX_NULLCHECK_FOUR(pRevChecking, pCheckers, pNBIOContext, pResult);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ /* extract various parameters from valParams */
+ PKIX_CHECK(pkix_ExtractParameters
+ (valParams,
+ &certs,
+ &numCerts,
+ &procParams,
+ &anchors,
+ &numAnchors,
+ plContext),
+ PKIX_EXTRACTPARAMETERSFAILED);
+
+ /*
+ * Create a List of the OIDs that will be processed by the user
+ * checkers. User checkers are not responsible for removing OIDs from
+ * the List of unresolved critical extensions, as libpkix checkers are.
+ * So we add those user checkers' OIDs to the removal list to be taken
+ * out by CheckChain.
+ */
+ PKIX_CHECK(PKIX_ProcessingParams_GetCertChainCheckers
+ (procParams, &userCheckers, plContext),
+ PKIX_PROCESSINGPARAMSGETCERTCHAINCHECKERSFAILED);
+
+ PKIX_CHECK(pkix_Validate_BuildUserOIDs
+ (userCheckers, &validateCheckedCritExtOIDsList, plContext),
+ PKIX_VALIDATEBUILDUSEROIDSFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_GetRevocationChecker
+ (procParams, &revChecker, plContext),
+ PKIX_PROCESSINGPARAMSGETREVOCATIONCHECKERFAILED);
+
+ /* Are we resuming after a WOULDBLOCK return, or starting anew ? */
+ if (nbioContext != NULL) {
+ /* Resuming */
+ certIndex = *pCertIndex;
+ anchorIndex = *pAnchorIndex;
+ checkerIndex = *pCheckerIndex;
+ revChecking = *pRevChecking;
+ checkers = *pCheckers;
+ *pCheckers = NULL;
+ }
+
+ /* try to validate the chain with each anchor */
+ for (i = anchorIndex; i < numAnchors; i++) {
+
+ /* get trust anchor */
+ PKIX_CHECK(PKIX_List_GetItem
+ (anchors, i, (PKIX_PL_Object **)&anchor, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /* initialize checkers using information from trust anchor */
+ if (nbioContext == NULL) {
+ PKIX_CHECK(pkix_InitializeCheckers
+ (anchor,
+ procParams,
+ numCerts,
+ &checkers,
+ plContext),
+ PKIX_INITIALIZECHECKERSFAILED);
+ }
+
+ /*
+ * Validate the chain using this trust anchor and these
+ * checkers.
+ */
+ chainFailed = pkix_CheckChain
+ (certs,
+ numCerts,
+ anchor,
+ checkers,
+ revChecker,
+ validateCheckedCritExtOIDsList,
+ procParams,
+ &certIndex,
+ &checkerIndex,
+ &revChecking,
+ &reasonCode,
+ &nbioContext,
+ &finalPubKey,
+ &validPolicyTree,
+ pVerifyTree,
+ plContext);
+
+ if (nbioContext != NULL) {
+ *pCertIndex = certIndex;
+ *pAnchorIndex = anchorIndex;
+ *pCheckerIndex = checkerIndex;
+ *pRevChecking = revChecking;
+ PKIX_INCREF(checkers);
+ *pCheckers = checkers;
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ if (chainFailed) {
+
+ /* cert chain failed to validate */
+
+ PKIX_DECREF(chainFailed);
+ PKIX_DECREF(anchor);
+ PKIX_DECREF(checkers);
+ PKIX_DECREF(validPolicyTree);
+
+ /* if last anchor, we fail; else, we try next anchor */
+ if (i == (numAnchors - 1)) { /* last anchor */
+ PKIX_ERROR(PKIX_VALIDATECHAINFAILED);
+ }
+
+ } else {
+
+ /* XXX Remove this assertion after 2014-12-31.
+ * See bug 946984. */
+ PORT_Assert(reasonCode == 0);
+
+ /* cert chain successfully validated! */
+ PKIX_CHECK(pkix_ValidateResult_Create
+ (finalPubKey,
+ anchor,
+ validPolicyTree,
+ &valResult,
+ plContext),
+ PKIX_VALIDATERESULTCREATEFAILED);
+
+ *pResult = valResult;
+
+ /* no need to try any more anchors in the loop */
+ goto cleanup;
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(finalPubKey);
+ PKIX_DECREF(certs);
+ PKIX_DECREF(anchors);
+ PKIX_DECREF(anchor);
+ PKIX_DECREF(checkers);
+ PKIX_DECREF(revChecker);
+ PKIX_DECREF(validPolicyTree);
+ PKIX_DECREF(chainFailed);
+ PKIX_DECREF(procParams);
+ PKIX_DECREF(userCheckers);
+ PKIX_DECREF(validateCheckedCritExtOIDsList);
+
+ PKIX_RETURN(VALIDATE);
+}
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_validate.h b/security/nss/lib/libpkix/pkix/top/pkix_validate.h
new file mode 100755
index 000000000..7692e3bab
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/pkix_validate.h
@@ -0,0 +1,42 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_validate.h
+ *
+ * Header file for validateChain function
+ *
+ */
+
+#ifndef _PKIX_VALIDATE_H
+#define _PKIX_VALIDATE_H
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+PKIX_Error *
+pkix_CheckChain(
+ PKIX_List *certs,
+ PKIX_UInt32 numCerts,
+ PKIX_TrustAnchor *anchor,
+ PKIX_List *checkers,
+ PKIX_RevocationChecker *revChecker,
+ PKIX_List *buildCheckedExtOIDs,
+ PKIX_ProcessingParams *procParams,
+ PKIX_UInt32 *pCertCheckedIndex,
+ PKIX_UInt32 *pCheckerIndex,
+ PKIX_Boolean *pRevChecking,
+ PKIX_UInt32 *pReasonCode,
+ void **pNBIOContext,
+ PKIX_PL_PublicKey **pFinalSubjPubKey,
+ PKIX_PolicyNode **pPolicyTree,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_VALIDATE_H */
diff --git a/security/nss/lib/libpkix/pkix/top/top.gyp b/security/nss/lib/libpkix/pkix/top/top.gyp
new file mode 100644
index 000000000..fb1b08ecb
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/top/top.gyp
@@ -0,0 +1,25 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixtop',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_build.c',
+ 'pkix_lifecycle.c',
+ 'pkix_validate.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix/util/Makefile b/security/nss/lib/libpkix/pkix/util/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix/util/config.mk b/security/nss/lib/libpkix/pkix/util/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix/util/exports.gyp b/security/nss/lib/libpkix/pkix/util/exports.gyp
new file mode 100644
index 000000000..8318c6c34
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/exports.gyp
@@ -0,0 +1,28 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_util_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_error.h',
+ 'pkix_list.h',
+ 'pkix_logger.h',
+ 'pkix_tools.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix/util/manifest.mn b/security/nss/lib/libpkix/pkix/util/manifest.mn
new file mode 100755
index 000000000..9c068ae73
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/manifest.mn
@@ -0,0 +1,28 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_tools.h \
+ pkix_error.h \
+ pkix_logger.h \
+ pkix_list.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_tools.c \
+ pkix_error.c \
+ pkix_logger.c \
+ pkix_list.c \
+ pkix_errpaths.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixutil
+
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_error.c b/security/nss/lib/libpkix/pkix/util/pkix_error.c
new file mode 100755
index 000000000..9d730ca16
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_error.c
@@ -0,0 +1,565 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_error.c
+ *
+ * Error Object Functions
+ *
+ */
+
+#include "pkix_error.h"
+
+#undef PKIX_ERRORENTRY
+
+#define PKIX_ERRORENTRY(name,desc,nsserr) #desc
+
+#if defined PKIX_ERROR_DESCRIPTION
+
+const char * const PKIX_ErrorText[] =
+{
+#include "pkix_errorstrings.h"
+};
+
+#else
+
+#include "prprf.h"
+
+#endif /* PKIX_ERROR_DESCRIPTION */
+
+extern const PKIX_Int32 PKIX_PLErrorIndex[];
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_Error_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Error_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_Error *firstError = NULL;
+ PKIX_Error *secondError = NULL;
+ PKIX_Error *firstCause = NULL;
+ PKIX_Error *secondCause = NULL;
+ PKIX_PL_Object *firstInfo = NULL;
+ PKIX_PL_Object *secondInfo = NULL;
+ PKIX_ERRORCLASS firstClass, secondClass;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean boolResult, unequalFlag;
+
+ PKIX_ENTER(ERROR, "pkix_Error_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ unequalFlag = PKIX_FALSE;
+
+ /* First just compare pointer values to save time */
+ if (firstObject == secondObject) {
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ } else {
+ /* Result will only be set to true if all tests pass */
+ *pResult = PKIX_FALSE;
+ }
+
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_ERROR_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTANERROROBJECT);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_ERRORGETTINGSECONDOBJECTTYPE);
+
+ /* If types differ, then return false. Result is already set */
+ if (secondType != PKIX_ERROR_TYPE) goto cleanup;
+
+ /* It is safe to cast to PKIX_Error */
+ firstError = (PKIX_Error *) firstObject;
+ secondError = (PKIX_Error *) secondObject;
+
+ /* Compare error codes */
+ firstClass = firstError->errClass;
+ secondClass = secondError->errClass;
+
+ /* If codes differ, return false. Result is already set */
+ if (firstClass != secondClass) goto cleanup;
+
+ /* Compare causes */
+ firstCause = firstError->cause;
+ secondCause = secondError->cause;
+
+ /* Ensure that either both or none of the causes are NULL */
+ if (((firstCause != NULL) && (secondCause == NULL))||
+ ((firstCause == NULL) && (secondCause != NULL)))
+ unequalFlag = PKIX_TRUE;
+
+ if ((firstCause != NULL) && (secondCause != NULL)) {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object*)firstCause,
+ (PKIX_PL_Object*)secondCause,
+ &boolResult,
+ plContext),
+ PKIX_ERRORINRECURSIVEEQUALSCALL);
+
+ /* Set the unequalFlag so that we return after dec refing */
+ if (boolResult == 0) unequalFlag = PKIX_TRUE;
+ }
+
+ /* If the cause errors are not equal, return null */
+ if (unequalFlag) goto cleanup;
+
+ /* Compare info fields */
+ firstInfo = firstError->info;
+ secondInfo = secondError->info;
+
+ if (firstInfo != secondInfo) goto cleanup;
+
+ /* Ensure that either both or none of the infos are NULL */
+ if (((firstInfo != NULL) && (secondInfo == NULL))||
+ ((firstInfo == NULL) && (secondInfo != NULL)))
+ unequalFlag = PKIX_TRUE;
+
+ if ((firstInfo != NULL) && (secondInfo != NULL)) {
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object*)firstInfo,
+ (PKIX_PL_Object*)secondInfo,
+ &boolResult,
+ plContext),
+ PKIX_ERRORINRECURSIVEEQUALSCALL);
+
+ /* Set the unequalFlag so that we return after dec refing */
+ if (boolResult == 0) unequalFlag = PKIX_TRUE;
+ }
+
+ /* If the infos are not equal, return null */
+ if (unequalFlag) goto cleanup;
+
+
+ /* Compare descs */
+ if (firstError->errCode != secondError->errCode) {
+ unequalFlag = PKIX_TRUE;
+ }
+
+ if (firstError->plErr != secondError->plErr) {
+ unequalFlag = PKIX_TRUE;
+ }
+
+ /* If the unequalFlag was set, return false */
+ if (unequalFlag) goto cleanup;
+
+ /* Errors are equal in all fields at this point */
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: pkix_Error_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Error_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_Error *error = NULL;
+
+ PKIX_ENTER(ERROR, "pkix_Error_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_ERROR_TYPE, plContext),
+ PKIX_OBJECTNOTANERROR);
+
+ error = (PKIX_Error *)object;
+
+ PKIX_DECREF(error->cause);
+
+ PKIX_DECREF(error->info);
+
+cleanup:
+
+ PKIX_RETURN(ERROR);
+}
+
+
+/* XXX This is not thread safe */
+static PKIX_UInt32 pkix_error_cause_depth = 1;
+
+/*
+ * FUNCTION: pkix_Error_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Error_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_Error *error = NULL;
+ PKIX_Error *cause = NULL;
+ PKIX_PL_String *desc = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *causeString = NULL;
+ PKIX_PL_String *optCauseString = NULL;
+ PKIX_PL_String *errorNameString = NULL;
+ char *format = NULL;
+ PKIX_ERRORCLASS errClass;
+
+ PKIX_ENTER(ERROR, "pkix_Error_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_ERROR_TYPE, plContext),
+ PKIX_OBJECTNOTANERROR);
+
+ error = (PKIX_Error *)object;
+
+ /* Get this error's errClass, description and the string of its cause */
+ errClass = error->errClass;
+
+ /* Get the description string */
+ PKIX_Error_GetDescription(error, &desc, plContext);
+
+ /* Get the cause */
+ cause = error->cause;
+
+ /* Get the causes's description string */
+ if (cause != NULL) {
+ pkix_error_cause_depth++;
+
+ /* Get the cause string */
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)cause, &causeString, plContext),
+ PKIX_ERRORGETTINGCAUSESTRING);
+
+ format = "\n*** Cause (%d): %s";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ format,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* Create the optional Cause String */
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&optCauseString,
+ plContext,
+ formatString,
+ pkix_error_cause_depth,
+ causeString),
+ PKIX_SPRINTFFAILED);
+
+ PKIX_DECREF(formatString);
+
+ pkix_error_cause_depth--;
+ }
+
+ /* Create the Format String */
+ if (optCauseString != NULL) {
+ format = "*** %s Error- %s%s";
+ } else {
+ format = "*** %s Error- %s";
+ }
+
+ /* Ensure that error errClass is known, otherwise default to Object */
+ if (errClass >= PKIX_NUMERRORCLASSES) {
+ errClass = 0;
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ (void *)PKIX_ERRORCLASSNAMES[errClass],
+ 0,
+ &errorNameString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ format,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* Create the output String */
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (pString,
+ plContext,
+ formatString,
+ errorNameString,
+ desc,
+ optCauseString),
+ PKIX_SPRINTFFAILED);
+
+cleanup:
+
+ PKIX_DECREF(desc);
+ PKIX_DECREF(causeString);
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(optCauseString);
+ PKIX_DECREF(errorNameString);
+
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: pkix_Error_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Error_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pResult,
+ void *plContext)
+{
+ PKIX_ENTER(ERROR, "pkix_Error_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pResult);
+
+ /* XXX Unimplemented */
+ /* XXX Need to make hashcodes equal when two errors are equal */
+ *pResult = (PKIX_UInt32)((char *)object - (char *)NULL);
+
+ PKIX_RETURN(ERROR);
+}
+
+/* --Initializers------------------------------------------------- */
+
+/*
+ * PKIX_ERRORCLASSNAMES is an array of strings, with each string holding a
+ * descriptive name for an error errClass. This is used by the default
+ * PKIX_PL_Error_ToString function.
+ *
+ * Note: PKIX_ERRORCLASSES is defined in pkixt.h as a list of error types.
+ * (More precisely, as a list of invocations of ERRMACRO(type).) The
+ * macro is expanded in pkixt.h to define error numbers, and here to
+ * provide corresponding strings. For example, since the fifth ERRMACRO
+ * entry is MUTEX, then PKIX_MUTEX_ERROR is defined in pkixt.h as 4, and
+ * PKIX_ERRORCLASSNAMES[4] is initialized here with the value "MUTEX".
+ */
+#undef ERRMACRO
+#define ERRMACRO(type) #type
+
+const char *
+PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES] =
+{
+ PKIX_ERRORCLASSES
+};
+
+/*
+ * FUNCTION: pkix_Error_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_ERROR_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_Error_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(ERROR, "pkix_Error_RegisterSelf");
+
+ entry.description = "Error";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_Error);
+ entry.destructor = pkix_Error_Destroy;
+ entry.equalsFunction = pkix_Error_Equals;
+ entry.hashcodeFunction = pkix_Error_Hashcode;
+ entry.toStringFunction = pkix_Error_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_ERROR_TYPE] = entry;
+
+ PKIX_RETURN(ERROR);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_Error_Create (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Error_Create(
+ PKIX_ERRORCLASS errClass,
+ PKIX_Error *cause,
+ PKIX_PL_Object *info,
+ PKIX_ERRORCODE errCode,
+ PKIX_Error **pError,
+ void *plContext)
+{
+ PKIX_Error *tempCause = NULL;
+ PKIX_Error *error = NULL;
+
+ PKIX_ENTER(ERROR, "PKIX_Error_Create");
+
+ PKIX_NULLCHECK_ONE(pError);
+
+ /*
+ * when called here, if PKIX_PL_Object_Alloc returns an error,
+ * it must be a PKIX_ALLOC_ERROR
+ */
+ pkixErrorResult = PKIX_PL_Object_Alloc
+ (PKIX_ERROR_TYPE,
+ ((PKIX_UInt32)(sizeof (PKIX_Error))),
+ (PKIX_PL_Object **)&error,
+ plContext);
+
+ if (pkixErrorResult) return (pkixErrorResult);
+
+ error->errClass = errClass;
+
+ /* Ensure we don't have a loop. Follow causes until NULL */
+ for (tempCause = cause;
+ tempCause != NULL;
+ tempCause = tempCause->cause) {
+ /* If we detect a loop, throw a new error */
+ if (tempCause == error) {
+ PKIX_ERROR(PKIX_LOOPOFERRORCAUSEDETECTED);
+ }
+ }
+
+ PKIX_INCREF(cause);
+ error->cause = cause;
+
+ PKIX_INCREF(info);
+ error->info = info;
+
+ error->errCode = errCode;
+
+ error->plErr = PKIX_PLErrorIndex[error->errCode];
+
+ *pError = error;
+ error = NULL;
+
+cleanup:
+ /* PKIX-XXX Fix for leak during error creation */
+ PKIX_DECREF(error);
+
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: PKIX_Error_GetErrorClass (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Error_GetErrorClass(
+ PKIX_Error *error,
+ PKIX_ERRORCLASS *pClass,
+ void *plContext)
+{
+ PKIX_ENTER(ERROR, "PKIX_Error_GetErrorClass");
+ PKIX_NULLCHECK_TWO(error, pClass);
+
+ *pClass = error->errClass;
+
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: PKIX_Error_GetErrorCode (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Error_GetErrorCode(
+ PKIX_Error *error,
+ PKIX_ERRORCODE *pCode,
+ void *plContext)
+{
+ PKIX_ENTER(ERROR, "PKIX_Error_GetErrorCode");
+ PKIX_NULLCHECK_TWO(error, pCode);
+
+ *pCode = error->errCode;
+
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: PKIX_Error_GetCause (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Error_GetCause(
+ PKIX_Error *error,
+ PKIX_Error **pCause,
+ void *plContext)
+{
+ PKIX_ENTER(ERROR, "PKIX_Error_GetCause");
+ PKIX_NULLCHECK_TWO(error, pCause);
+
+ if (error->cause != PKIX_ALLOC_ERROR()){
+ PKIX_INCREF(error->cause);
+ }
+
+ *pCause = error->cause;
+
+cleanup:
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: PKIX_Error_GetSupplementaryInfo (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Error_GetSupplementaryInfo(
+ PKIX_Error *error,
+ PKIX_PL_Object **pInfo,
+ void *plContext)
+{
+ PKIX_ENTER(ERROR, "PKIX_Error_GetSupplementaryInfo");
+ PKIX_NULLCHECK_TWO(error, pInfo);
+
+ PKIX_INCREF(error->info);
+
+ *pInfo = error->info;
+
+cleanup:
+ PKIX_RETURN(ERROR);
+}
+
+/*
+ * FUNCTION: PKIX_Error_GetDescription (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Error_GetDescription(
+ PKIX_Error *error,
+ PKIX_PL_String **pDesc,
+ void *plContext)
+{
+ PKIX_PL_String *descString = NULL;
+#ifndef PKIX_ERROR_DESCRIPTION
+ char errorStr[32];
+#endif
+
+ PKIX_ENTER(ERROR, "PKIX_Error_GetDescription");
+ PKIX_NULLCHECK_TWO(error, pDesc);
+
+#ifndef PKIX_ERROR_DESCRIPTION
+ PR_snprintf(errorStr, 32, "Error code: %d", error->errCode);
+#endif
+
+ PKIX_PL_String_Create(PKIX_ESCASCII,
+#if defined PKIX_ERROR_DESCRIPTION
+ (void *)PKIX_ErrorText[error->errCode],
+#else
+ errorStr,
+#endif
+ 0,
+ &descString,
+ plContext);
+
+ *pDesc = descString;
+
+ PKIX_RETURN(ERROR);
+}
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_error.h b/security/nss/lib/libpkix/pkix/util/pkix_error.h
new file mode 100755
index 000000000..ca4171ab1
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_error.h
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_error.h
+ *
+ * Error Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_ERROR_H
+#define _PKIX_ERROR_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_ErrorStruct {
+ PKIX_ERRORCODE errCode;
+ PKIX_ERRORCLASS errClass; /* was formerly "code" */
+ PKIX_Int32 plErr;
+ PKIX_Error *cause;
+ PKIX_PL_Object *info;
+};
+
+/* see source file for function documentation */
+
+extern PKIX_Error * pkix_Error_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_ERROR_H */
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_errpaths.c b/security/nss/lib/libpkix/pkix/util/pkix_errpaths.c
new file mode 100644
index 000000000..a33ccf7dd
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_errpaths.c
@@ -0,0 +1,103 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_errpaths.c
+ *
+ * Error Handling Helper Functions
+ *
+ */
+
+#define PKIX_STDVARS_POINTER
+#include "pkix_error.h"
+
+const PKIX_StdVars zeroStdVars;
+
+PKIX_Error*
+PKIX_DoThrow(PKIX_StdVars * stdVars, PKIX_ERRORCLASS errClass,
+ PKIX_ERRORCODE errCode, PKIX_ERRORCLASS overrideClass,
+ void *plContext)
+{
+ if (!pkixErrorReceived && !pkixErrorResult && pkixErrorList) {
+ pkixTempResult = PKIX_List_GetItem(pkixErrorList, 0,
+ (PKIX_PL_Object**)&pkixReturnResult,
+ plContext);
+ } else {
+ pkixTempResult = (PKIX_Error*)pkix_Throw(errClass, myFuncName, errCode,
+ overrideClass, pkixErrorResult,
+ &pkixReturnResult, plContext);
+ }
+ if (pkixReturnResult) {
+ if (pkixErrorResult != PKIX_ALLOC_ERROR()) {
+ PKIX_DECREF(pkixErrorResult);
+ }
+ pkixTempResult = pkixReturnResult;
+ } else if (pkixErrorResult) {
+ if (pkixTempResult != PKIX_ALLOC_ERROR()) {
+ PKIX_DECREF(pkixTempResult);
+ }
+ pkixTempResult = pkixErrorResult;
+ }
+ if (pkixErrorList) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorList, plContext);
+ pkixErrorList = NULL;
+ }
+ return pkixTempResult;
+}
+
+PKIX_Error *
+PKIX_DoReturn(PKIX_StdVars * stdVars, PKIX_ERRORCLASS errClass,
+ PKIX_Boolean doLogger, void *plContext)
+{
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ if (pkixErrorReceived || pkixErrorResult || pkixErrorList)
+ return PKIX_DoThrow(stdVars, errClass, pkixErrorCode, pkixErrorClass,
+ plContext);
+ /* PKIX_DEBUG_EXIT(type); */
+ if (doLogger)
+ _PKIX_DEBUG_TRACE(pkixLoggersDebugTrace, "<<<", PKIX_LOGGER_LEVEL_TRACE);
+ return NULL;
+}
+
+/* PKIX_DoAddError - creates the list of received error if it does not exist
+ * yet and adds newly received error into the list. */
+void
+PKIX_DoAddError(PKIX_StdVars *stdVars, PKIX_Error *error, void * plContext)
+{
+ PKIX_List *localList = NULL;
+ PKIX_Error *localError = NULL;
+ PKIX_Boolean listCreated = PKIX_FALSE;
+
+ if (!pkixErrorList) {
+ localError = PKIX_List_Create(&localList, plContext);
+ if (localError)
+ goto cleanup;
+ listCreated = PKIX_TRUE;
+ } else {
+ localList = pkixErrorList;
+ }
+
+ localError = PKIX_List_AppendItem(localList, (PKIX_PL_Object*)error,
+ plContext);
+ PORT_Assert (localError == NULL);
+ if (localError != NULL) {
+ if (listCreated) {
+ /* ignore the error code of DecRef function */
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)localList, plContext);
+ localList = NULL;
+ }
+ } else {
+ pkixErrorList = localList;
+ }
+
+cleanup:
+
+ if (localError && localError != PKIX_ALLOC_ERROR()) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)localError, plContext);
+ }
+
+ if (error && error != PKIX_ALLOC_ERROR()) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)error, plContext);
+ }
+}
+
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_list.c b/security/nss/lib/libpkix/pkix/util/pkix_list.c
new file mode 100755
index 000000000..d02b66e6d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_list.c
@@ -0,0 +1,1701 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_list.c
+ *
+ * List Object Functions
+ *
+ */
+
+#include "pkix_list.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_List_Create_Internal
+ * DESCRIPTION:
+ *
+ * Creates a new List, using the Boolean value of "isHeader" to determine
+ * whether the new List should be a header, and stores it at "pList". The
+ * List is initially empty and holds no items. To initially add items to
+ * the List, use PKIX_List_AppendItem.
+ *
+ * PARAMETERS:
+ * "isHeader"
+ * Boolean value indicating whether new List should be a header.
+ * "pList"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_List_Create_Internal(
+ PKIX_Boolean isHeader,
+ PKIX_List **pList,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+
+ PKIX_ENTER(LIST, "pkix_List_Create_Internal");
+ PKIX_NULLCHECK_ONE(pList);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_LIST_TYPE,
+ ((PKIX_UInt32)(sizeof (PKIX_List))),
+ (PKIX_PL_Object **)&list, plContext),
+ PKIX_ERRORCREATINGLISTITEM);
+
+ list->item = NULL;
+ list->next = NULL;
+ list->immutable = PKIX_FALSE;
+ list->length = 0;
+ list->isHeader = isHeader;
+
+ *pList = list;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_List_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_List *nextItem = NULL;
+
+ PKIX_ENTER(LIST, "pkix_List_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a list */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LIST_TYPE, plContext),
+ PKIX_OBJECTNOTLIST);
+
+ list = (PKIX_List *)object;
+
+ /* We have a valid list. DecRef its item and recurse on next */
+ PKIX_DECREF(list->item);
+ while ((nextItem = list->next) != NULL) {
+ list->next = nextItem->next;
+ nextItem->next = NULL;
+ PKIX_DECREF(nextItem);
+ }
+ list->immutable = PKIX_FALSE;
+ list->length = 0;
+ list->isHeader = PKIX_FALSE;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the List pointed
+ * to by "list" and stores its address in the object pointed to by "pString".
+ *
+ * PARAMETERS
+ * "list"
+ * Address of List whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address of object pointer's destination. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a List Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_List_ToString_Helper(
+ PKIX_List *list,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *itemString = NULL;
+ PKIX_PL_String *nextString = NULL;
+ PKIX_PL_String *format = NULL;
+ PKIX_Boolean empty;
+
+ PKIX_ENTER(LIST, "pkix_List_ToString_Helper");
+ PKIX_NULLCHECK_TWO(list, pString);
+
+ /* special case when list is the header */
+ if (list->isHeader){
+
+ PKIX_CHECK(PKIX_List_IsEmpty(list, &empty, plContext),
+ PKIX_LISTISEMPTYFAILED);
+
+ if (empty){
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "EMPTY",
+ 0,
+ &itemString,
+ plContext),
+ PKIX_ERRORCREATINGITEMSTRING);
+ (*pString) = itemString;
+ PKIX_DEBUG_EXIT(LIST);
+ return (NULL);
+ } else {
+ PKIX_CHECK(pkix_List_ToString_Helper
+ (list->next, &itemString, plContext),
+ PKIX_LISTTOSTRINGHELPERFAILED);
+ }
+
+ /* Create a string object from the format */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "%s", 0, &format, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (pString, plContext, format, itemString),
+ PKIX_SPRINTFFAILED);
+ } else {
+ /* Get a string for this list's item */
+ if (list->item == NULL) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "(null)",
+ 0,
+ &itemString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ } else {
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)list->item,
+ &itemString,
+ plContext),
+ PKIX_OBJECTTOSTRINGFAILED);
+ }
+ if (list->next == NULL) {
+ /* Just return the itemstring */
+ (*pString) = itemString;
+ PKIX_DEBUG_EXIT(LIST);
+ return (NULL);
+ }
+
+ /* Recursive call to get string for this list's next pointer */
+ PKIX_CHECK(pkix_List_ToString_Helper
+ (list->next, &nextString, plContext),
+ PKIX_LISTTOSTRINGHELPERFAILED);
+
+ /* Create a string object from the format */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ "%s, %s",
+ 0,
+ &format,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (pString,
+ plContext,
+ format,
+ itemString,
+ nextString),
+ PKIX_SPRINTFFAILED);
+ }
+
+cleanup:
+
+ PKIX_DECREF(itemString);
+ PKIX_DECREF(nextString);
+ PKIX_DECREF(format);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_List_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_PL_String *listString = NULL;
+ PKIX_PL_String *format = NULL;
+
+ PKIX_ENTER(LIST, "pkix_List_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LIST_TYPE, plContext),
+ PKIX_OBJECTNOTLIST);
+
+ list = (PKIX_List *)object;
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ PKIX_CHECK(pkix_List_ToString_Helper(list, &listString, plContext),
+ PKIX_LISTTOSTRINGHELPERFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "(%s)", 0, &format, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf(pString, plContext, format, listString),
+ PKIX_SPRINTFFAILED);
+
+cleanup:
+
+ PKIX_DECREF(listString);
+ PKIX_DECREF(format);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_List_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_List *firstList = NULL;
+ PKIX_List *secondList = NULL;
+ PKIX_UInt32 firstLength = 0;
+ PKIX_UInt32 secondLength = 0;
+ PKIX_PL_Object *firstItem = NULL;
+ PKIX_PL_Object *secondItem = NULL;
+ PKIX_UInt32 i = 0;
+
+ PKIX_ENTER(LIST, "pkix_List_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ /* test that first is a List */
+ PKIX_CHECK(pkix_CheckType(first, PKIX_LIST_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTLIST);
+
+ /*
+ * Since we know first is a List, if both references are
+ * identical, they must be equal
+ */
+ if (first == second){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If second isn't a List, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_LIST_TYPE) goto cleanup;
+
+ firstList = (PKIX_List *)first;
+ secondList = (PKIX_List *)second;
+
+ if ((!firstList->isHeader) && (!secondList->isHeader)){
+ PKIX_ERROR(PKIX_INPUTLISTSMUSTBELISTHEADERS);
+ }
+
+ firstLength = firstList->length;
+ secondLength = secondList->length;
+
+ cmpResult = PKIX_FALSE;
+ if (firstLength == secondLength){
+ for (i = 0, cmpResult = PKIX_TRUE;
+ ((i < firstLength) && cmpResult);
+ i++){
+ PKIX_CHECK(PKIX_List_GetItem
+ (firstList, i, &firstItem, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (secondList, i, &secondItem, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if ((!firstItem && secondItem) ||
+ (firstItem && !secondItem)){
+ cmpResult = PKIX_FALSE;
+ } else if (!firstItem && !secondItem){
+ continue;
+ } else {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ (firstItem,
+ secondItem,
+ &cmpResult,
+ plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ PKIX_DECREF(firstItem);
+ PKIX_DECREF(secondItem);
+ }
+ }
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_DECREF(firstItem);
+ PKIX_DECREF(secondItem);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_List_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_PL_Object *element = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 tempHash = 0;
+ PKIX_UInt32 length, i;
+
+ PKIX_ENTER(LIST, "pkix_List_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LIST_TYPE, plContext),
+ PKIX_OBJECTNOTLIST);
+
+ list = (PKIX_List *)object;
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ length = list->length;
+
+ for (i = 0; i < length; i++){
+ PKIX_CHECK(PKIX_List_GetItem(list, i, &element, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (!element){
+ tempHash = 100;
+ } else {
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ (element, &tempHash, plContext),
+ PKIX_LISTHASHCODEFAILED);
+ }
+
+ hash = 31 * hash + tempHash;
+
+ PKIX_DECREF(element);
+ }
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_DECREF(element);
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_List_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_List *listDuplicate = NULL;
+
+ PKIX_ENTER(LIST, "pkix_List_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LIST_TYPE, plContext),
+ PKIX_OBJECTNOTLIST);
+
+ list = (PKIX_List *)object;
+
+ if (list->immutable){
+ PKIX_CHECK(pkix_duplicateImmutable
+ (object, pNewObject, plContext),
+ PKIX_DUPLICATEIMMUTABLEFAILED);
+ } else {
+
+ PKIX_CHECK(pkix_List_Create_Internal
+ (list->isHeader, &listDuplicate, plContext),
+ PKIX_LISTCREATEINTERNALFAILED);
+
+ listDuplicate->length = list->length;
+
+ PKIX_INCREF(list->item);
+ listDuplicate->item = list->item;
+
+ if (list->next == NULL){
+ listDuplicate->next = NULL;
+ } else {
+ /* Recursively Duplicate list */
+ PKIX_CHECK(pkix_List_Duplicate
+ ((PKIX_PL_Object *)list->next,
+ (PKIX_PL_Object **)&listDuplicate->next,
+ plContext),
+ PKIX_LISTDUPLICATEFAILED);
+ }
+
+ *pNewObject = (PKIX_PL_Object *)listDuplicate;
+ }
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(listDuplicate);
+ }
+
+ PKIX_RETURN(LIST);
+}
+
+
+/*
+ * FUNCTION: pkix_List_GetElement
+ * DESCRIPTION:
+ *
+ * Copies the "list"'s element at "index" into "element". The input List must
+ * be the header of the List (as opposed to being an element of the List). The
+ * index counts from zero and must be less than the List's length. This
+ * function does NOT increment the reference count of the List element since
+ * the returned element's reference will not be stored by the calling
+ * function.
+ *
+ * PARAMETERS:
+ * "list"
+ * Address of List (must be header) to get element from. Must be non-NULL.
+ * "index"
+ * Index of list to get element from. Must be less than List's length.
+ * "pElement"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_List_GetElement(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_List **pElement,
+ void *plContext)
+{
+ PKIX_List *iterator = NULL;
+ PKIX_UInt32 length;
+ PKIX_UInt32 position = 0;
+
+ PKIX_ENTER(LIST, "pkix_List_GetElement");
+ PKIX_NULLCHECK_TWO(list, pElement);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ length = list->length;
+
+ if (index >= length) {
+ PKIX_ERROR(PKIX_INDEXOUTOFBOUNDS);
+ }
+
+ for (iterator = list; position++ <= index; iterator = iterator->next)
+ ;
+
+ (*pElement) = iterator;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+
+/*
+ * FUNCTION: pkix_List_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_LIST_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_List_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(LIST, "pkix_List_RegisterSelf");
+
+ entry.description = "List";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_List);
+ entry.destructor = pkix_List_Destroy;
+ entry.equalsFunction = pkix_List_Equals;
+ entry.hashcodeFunction = pkix_List_Hashcode;
+ entry.toStringFunction = pkix_List_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_List_Duplicate;
+
+ systemClasses[PKIX_LIST_TYPE] = entry;
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_Contains
+ * DESCRIPTION:
+ *
+ * Checks a List pointed to by "list", to determine whether it includes
+ * an entry that is equal to the Object pointed to by "object", and stores
+ * the result in "pFound".
+ *
+ * PARAMETERS:
+ * "list"
+ * List to be searched; may be empty; must be non-NULL
+ * "object"
+ * Object to be checked for; must be non-NULL
+ * "pFound"
+ * Address where the result of the search will be stored. Must
+ * be non-NULL
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_Contains(
+ PKIX_List *list,
+ PKIX_PL_Object *object,
+ PKIX_Boolean *pFound,
+ void *plContext)
+{
+ PKIX_PL_Object *current = NULL;
+ PKIX_UInt32 numEntries = 0;
+ PKIX_UInt32 index = 0;
+ PKIX_Boolean match = PKIX_FALSE;
+
+ PKIX_ENTER(LIST, "pkix_List_Contains");
+ PKIX_NULLCHECK_THREE(list, object, pFound);
+
+ PKIX_CHECK(PKIX_List_GetLength(list, &numEntries, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (index = 0; index < numEntries; index++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (list, index, &current, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (current) {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ (object, current, &match, plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ PKIX_DECREF(current);
+ }
+
+ if (match) {
+ break;
+ }
+ }
+
+ *pFound = match;
+
+cleanup:
+
+ PKIX_DECREF(current);
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_Remove
+ * DESCRIPTION:
+ *
+ * Traverses the List pointed to by "list", to find and delete an entry
+ * that is equal to the Object pointed to by "object". If no such entry
+ * is found the function does not return an error.
+ *
+ * PARAMETERS:
+ * "list"
+ * List to be searched; may be empty; must be non-NULL
+ * "object"
+ * Object to be checked for and deleted, if found; must be non-NULL
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Validate Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_Remove(
+ PKIX_List *list,
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Object *current = NULL;
+ PKIX_UInt32 numEntries = 0;
+ PKIX_UInt32 index = 0;
+ PKIX_Boolean match = PKIX_FALSE;
+
+ PKIX_ENTER(LIST, "pkix_List_Remove");
+ PKIX_NULLCHECK_TWO(list, object);
+
+ PKIX_CHECK(PKIX_List_GetLength(list, &numEntries, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (index = 0; index < numEntries; index++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (list, index, &current, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (current) {
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ (object, current, &match, plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ PKIX_DECREF(current);
+ }
+
+ if (match) {
+ PKIX_CHECK(PKIX_List_DeleteItem
+ (list, index, plContext),
+ PKIX_LISTDELETEITEMFAILED);
+ break;
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(current);
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_RemoveItems
+ * DESCRIPTION:
+ *
+ * Traverses the List pointed to by "list", to find and delete an entry
+ * that is equal to the Object in the "deleteList". If no such entry
+ * is found the function does not return an error.
+ *
+ * PARAMETERS:
+ * "list"
+ * Object in "list" is checked for object in "deleteList" and deleted if
+ * found; may be empty; must be non-NULL
+ * "deleteList"
+ * List of objects to be searched ; may be empty; must be non-NULL
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Validate Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_RemoveItems(
+ PKIX_List *list,
+ PKIX_List *deleteList,
+ void *plContext)
+{
+ PKIX_PL_Object *current = NULL;
+ PKIX_UInt32 numEntries = 0;
+ PKIX_UInt32 index = 0;
+
+ PKIX_ENTER(LIST, "pkix_List_RemoveItems");
+ PKIX_NULLCHECK_TWO(list, deleteList);
+
+ PKIX_CHECK(PKIX_List_GetLength(deleteList, &numEntries, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (index = 0; index < numEntries; index++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (deleteList, index, &current, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (current) {
+ PKIX_CHECK(pkix_List_Remove
+ (list, current, plContext),
+ PKIX_OBJECTEQUALSFAILED);
+
+ PKIX_DECREF(current);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(current);
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_MergeLists
+ * DESCRIPTION:
+ *
+ * Creates a new list consisting of the items from "firstList", followed by
+ * the items on "secondList", returns the new list at "pMergedList". If
+ * both input lists are NULL or empty, the result is an empty list. If an error
+ * occurs, the result is NULL.
+ *
+ * PARAMETERS:
+ * "firstList"
+ * Address of list to be merged from. May be NULL or empty.
+ * "secondList"
+ * Address of list to be merged from. May be NULL or empty.
+ * "pMergedList"
+ * Address where returned object is stored.
+ * "plContext"
+ * platform-specific context pointer * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a List Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_MergeLists(
+ PKIX_List *firstList,
+ PKIX_List *secondList,
+ PKIX_List **pMergedList,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_PL_Object *item = NULL;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(LIST, "pkix_List_MergeLists");
+ PKIX_NULLCHECK_ONE(pMergedList);
+
+ *pMergedList = NULL;
+
+ PKIX_CHECK(PKIX_List_Create(&list, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ if (firstList != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength(firstList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem(firstList, i, &item, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem(list, item, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(item);
+ }
+
+ numItems = 0;
+ if (secondList != NULL) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (secondList,
+ &numItems,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ }
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (secondList, i, &item, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (list, item, plContext), PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(item);
+ }
+
+ *pMergedList = list;
+ list = NULL;
+
+cleanup:
+ PKIX_DECREF(list);
+ PKIX_DECREF(item);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_AppendList
+ * DESCRIPTION:
+ *
+ * Append items on "fromList" to the "toList". Item reference count on
+ * "toList" is not incremented, but items appended from "fromList" are
+ * incremented.
+ *
+ * PARAMETERS:
+ * "toList"
+ * Address of list to be appended to. Must be non-NULL.
+ * "fromList"
+ * Address of list to be appended from. May be NULL or empty.
+ * "plContext"
+ * platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a List Error if the functions fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_AppendList(
+ PKIX_List *toList,
+ PKIX_List *fromList,
+ void *plContext)
+{
+ PKIX_PL_Object *item = NULL;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(LIST, "pkix_List_AppendList");
+ PKIX_NULLCHECK_ONE(toList);
+
+ /* if fromList is NULL or is an empty list, no action */
+
+ if (fromList == NULL) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_List_GetLength(fromList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numItems == 0) {
+ goto cleanup;
+ }
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (fromList, i, &item, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem(toList, item, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(item);
+ }
+
+cleanup:
+
+ PKIX_DECREF(item);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_AppendUnique
+ * DESCRIPTION:
+ *
+ * Adds each Object in the List pointed to by "fromList" to the List pointed
+ * to by "toList", if it is not already a member of that List. In other words,
+ * "toList" becomes the union of the two sets.
+ *
+ * PARAMETERS:
+ * "toList"
+ * Address of a List of Objects to be augmented by "fromList". Must be
+ * non-NULL, but may be empty.
+ * "fromList"
+ * Address of a List of Objects to be added, if not already present, to
+ * "toList". Must be non-NULL, but may be empty.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "toList"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_AppendUnique(
+ PKIX_List *toList,
+ PKIX_List *fromList,
+ void *plContext)
+{
+ PKIX_Boolean isContained = PKIX_FALSE;
+ PKIX_UInt32 listLen = 0;
+ PKIX_UInt32 listIx = 0;
+ PKIX_PL_Object *object = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_List_AppendUnique");
+ PKIX_NULLCHECK_TWO(fromList, toList);
+
+ PKIX_CHECK(PKIX_List_GetLength(fromList, &listLen, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (listIx = 0; listIx < listLen; listIx++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (fromList, listIx, &object, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_List_Contains
+ (toList, object, &isContained, plContext),
+ PKIX_LISTCONTAINSFAILED);
+
+ if (isContained == PKIX_FALSE) {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (toList, object, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ PKIX_DECREF(object);
+ }
+
+cleanup:
+
+ PKIX_DECREF(object);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_QuickSort
+ * DESCRIPTION:
+ *
+ * Sorts List of Objects "fromList" using "comparatorCallback"'s result as
+ * comasrison key and returns the sorted List at "pSortedList". The sorting
+ * algorithm used is quick sort (n*logn).
+ *
+ * PARAMETERS:
+ * "fromList"
+ * Address of a List of Objects to be sorted. Must be non-NULL, but may be
+ * empty.
+ * "comparatorCallback"
+ * Address of callback function that will compare two Objects on the List.
+ * It should return -1 for less, 0 for equal and 1 for greater. The
+ * callback implementation chooses what in Objects to be compared. Must be
+ * non-NULL.
+ * "pSortedList"
+ * Address of a List of Objects that shall be sorted and returned. Must be
+ * non-NULL, but may be empty.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "toList"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_QuickSort(
+ PKIX_List *fromList,
+ PKIX_List_SortComparatorCallback comparator,
+ PKIX_List **pSortedList,
+ void *plContext)
+{
+ PKIX_List *sortedList = NULL;
+ PKIX_List *lessList = NULL;
+ PKIX_List *greaterList = NULL;
+ PKIX_List *sortedLessList = NULL;
+ PKIX_List *sortedGreaterList = NULL;
+ PKIX_PL_Object *object = NULL;
+ PKIX_PL_Object *cmpObj = NULL;
+ PKIX_Int32 cmpResult = 0;
+ PKIX_UInt32 size = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(BUILD, "pkix_List_QuickSort");
+ PKIX_NULLCHECK_THREE(fromList, comparator, pSortedList);
+
+ PKIX_CHECK(PKIX_List_GetLength(fromList, &size, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&lessList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&greaterList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (fromList, 0, &object, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /*
+ * Pick the first item on the list as the one to be compared.
+ * Separate rest of the itmes into two lists: less-than or greater-
+ * than lists. Sort those two lists recursively. Insert sorted
+ * less-than list before the picked item and append the greater-
+ * than list after the picked item.
+ */
+ for (i = 1; i < size; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (fromList, i, &cmpObj, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(comparator(object, cmpObj, &cmpResult, plContext),
+ PKIX_COMPARATORCALLBACKFAILED);
+
+ if (cmpResult >= 0) {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (lessList, cmpObj, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ } else {
+ PKIX_CHECK(PKIX_List_AppendItem
+ (greaterList, cmpObj, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ PKIX_DECREF(cmpObj);
+ }
+
+ PKIX_CHECK(PKIX_List_Create(&sortedList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(lessList, &size, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (size > 1) {
+
+ PKIX_CHECK(pkix_List_QuickSort
+ (lessList, comparator, &sortedLessList, plContext),
+ PKIX_LISTQUICKSORTFAILED);
+
+ PKIX_CHECK(pkix_List_AppendList
+ (sortedList, sortedLessList, plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ } else {
+ PKIX_CHECK(pkix_List_AppendList
+ (sortedList, lessList, plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem(sortedList, object, plContext),
+ PKIX_LISTAPPENDFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(greaterList, &size, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (size > 1) {
+
+ PKIX_CHECK(pkix_List_QuickSort
+ (greaterList, comparator, &sortedGreaterList, plContext),
+ PKIX_LISTQUICKSORTFAILED);
+
+ PKIX_CHECK(pkix_List_AppendList
+ (sortedList, sortedGreaterList, plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ } else {
+ PKIX_CHECK(pkix_List_AppendList
+ (sortedList, greaterList, plContext),
+ PKIX_LISTAPPENDLISTFAILED);
+ }
+
+ *pSortedList = sortedList;
+
+cleanup:
+
+ PKIX_DECREF(cmpObj);
+ PKIX_DECREF(object);
+ PKIX_DECREF(sortedGreaterList);
+ PKIX_DECREF(sortedLessList);
+ PKIX_DECREF(greaterList);
+ PKIX_DECREF(lessList);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: pkix_List_BubbleSort
+ * DESCRIPTION:
+ *
+ * Sorts List of Objects "fromList" using "comparatorCallback"'s result as
+ * comasrison key and returns the sorted List at "pSortedList". The sorting
+ * algorithm used is bubble sort (n*n).
+ *
+ * PARAMETERS:
+ * "fromList"
+ * Address of a List of Objects to be sorted. Must be non-NULL, but may be
+ * empty.
+ * "comparatorCallback"
+ * Address of callback function that will compare two Objects on the List.
+ * It should return -1 for less, 0 for equal and 1 for greater. The
+ * callback implementation chooses what in Objects to be compared. Must be
+ * non-NULL.
+ * "pSortedList"
+ * Address of a List of Objects that shall be sorted and returned. Must be
+ * non-NULL, but may be empty.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "toList"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_List_BubbleSort(
+ PKIX_List *fromList,
+ PKIX_List_SortComparatorCallback comparator,
+ PKIX_List **pSortedList,
+ void *plContext)
+{
+ PKIX_List *sortedList = NULL;
+ PKIX_PL_Object *cmpObj = NULL;
+ PKIX_PL_Object *leastObj = NULL;
+ PKIX_Int32 cmpResult = 0;
+ PKIX_UInt32 size = 0;
+ PKIX_UInt32 i, j;
+
+ PKIX_ENTER(BUILD, "pkix_List_BubbleSort");
+ PKIX_NULLCHECK_THREE(fromList, comparator, pSortedList);
+
+ if (fromList->immutable) {
+ PKIX_ERROR(PKIX_CANNOTSORTIMMUTABLELIST);
+ }
+ PKIX_CHECK(pkix_List_Duplicate
+ ((PKIX_PL_Object *) fromList,
+ (PKIX_PL_Object **) &sortedList,
+ plContext),
+ PKIX_LISTDUPLICATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(sortedList, &size, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (size > 1) {
+
+ /*
+ * Move from the first of the item on the list, For each iteration,
+ * compare and swap the least value to the head of the comparisoning
+ * sub-list.
+ */
+ for (i = 0; i < size - 1; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (sortedList, i, &leastObj, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ for (j = i + 1; j < size; j++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (sortedList, j, &cmpObj, plContext),
+ PKIX_LISTGETITEMFAILED);
+ PKIX_CHECK(comparator
+ (leastObj, cmpObj, &cmpResult, plContext),
+ PKIX_COMPARATORCALLBACKFAILED);
+ if (cmpResult > 0) {
+ PKIX_CHECK(PKIX_List_SetItem
+ (sortedList, j, leastObj, plContext),
+ PKIX_LISTSETITEMFAILED);
+
+ PKIX_DECREF(leastObj);
+ leastObj = cmpObj;
+ cmpObj = NULL;
+ } else {
+ PKIX_DECREF(cmpObj);
+ }
+ }
+ PKIX_CHECK(PKIX_List_SetItem
+ (sortedList, i, leastObj, plContext),
+ PKIX_LISTSETITEMFAILED);
+
+ PKIX_DECREF(leastObj);
+ }
+
+ }
+
+ *pSortedList = sortedList;
+ sortedList = NULL;
+cleanup:
+
+ PKIX_DECREF(sortedList);
+ PKIX_DECREF(leastObj);
+ PKIX_DECREF(cmpObj);
+
+ PKIX_RETURN(LIST);
+}
+
+/* --Public-List-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_List_Create (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_Create(
+ PKIX_List **pList,
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+
+ PKIX_ENTER(LIST, "PKIX_List_Create");
+ PKIX_NULLCHECK_ONE(pList);
+
+ PKIX_CHECK(pkix_List_Create_Internal(PKIX_TRUE, &list, plContext),
+ PKIX_LISTCREATEINTERNALFAILED);
+
+ *pList = list;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_SetImmutable (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_SetImmutable(
+ PKIX_List *list,
+ void *plContext)
+{
+ PKIX_ENTER(LIST, "PKIX_List_SetImmutable");
+ PKIX_NULLCHECK_ONE(list);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ list->immutable = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_IsImmutable (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_IsImmutable(
+ PKIX_List *list,
+ PKIX_Boolean *pImmutable,
+ void *plContext)
+{
+ PKIX_ENTER(LIST, "PKIX_List_IsImmutable");
+ PKIX_NULLCHECK_TWO(list, pImmutable);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ *pImmutable = list->immutable;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_GetLength (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_GetLength(
+ PKIX_List *list,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ PKIX_ENTER(LIST, "PKIX_List_GetLength");
+ PKIX_NULLCHECK_TWO(list, pLength);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ *pLength = list->length;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_IsEmpty (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_IsEmpty(
+ PKIX_List *list,
+ PKIX_Boolean *pEmpty,
+ void *plContext)
+{
+ PKIX_UInt32 length;
+
+ PKIX_ENTER(LIST, "PKIX_List_IsEmpty");
+ PKIX_NULLCHECK_TWO(list, pEmpty);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ length = list->length;
+
+ if (length == 0){
+ *pEmpty = PKIX_TRUE;
+ } else {
+ *pEmpty = PKIX_FALSE;
+ }
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_AppendItem (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_AppendItem(
+ PKIX_List *list,
+ PKIX_PL_Object *item,
+ void *plContext)
+{
+ PKIX_List *lastElement = NULL;
+ PKIX_List *newElement = NULL;
+ PKIX_UInt32 length, i;
+
+ PKIX_ENTER(LIST, "PKIX_List_AppendItem");
+ PKIX_NULLCHECK_ONE(list);
+
+ if (list->immutable){
+ PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
+ }
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ length = list->length;
+
+ /* find last element of list and create new element there */
+
+ lastElement = list;
+ for (i = 0; i < length; i++){
+ lastElement = lastElement->next;
+ }
+
+ PKIX_CHECK(pkix_List_Create_Internal
+ (PKIX_FALSE, &newElement, plContext),
+ PKIX_LISTCREATEINTERNALFAILED);
+
+ PKIX_INCREF(item);
+ newElement->item = item;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)list, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ lastElement->next = newElement;
+ newElement = NULL;
+ list->length += 1;
+
+cleanup:
+
+ PKIX_DECREF(newElement);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_InsertItem (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_InsertItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_PL_Object *item,
+ void *plContext)
+{
+ PKIX_List *element = NULL;
+ PKIX_List *newElem = NULL;
+
+ PKIX_ENTER(LIST, "PKIX_List_InsertItem");
+ PKIX_NULLCHECK_ONE(list);
+
+
+ if (list->immutable){
+ PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
+ }
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ /* Create a new list object */
+ PKIX_CHECK(pkix_List_Create_Internal(PKIX_FALSE, &newElem, plContext),
+ PKIX_LISTCREATEINTERNALFAILED);
+
+ if (list->length) {
+ PKIX_CHECK(pkix_List_GetElement(list, index, &element, plContext),
+ PKIX_LISTGETELEMENTFAILED);
+ /* Copy the old element's contents into the new element */
+ newElem->item = element->item;
+ /* Add new item to the list */
+ PKIX_INCREF(item);
+ element->item = item;
+ /* Set the new element's next pointer to the old element's next */
+ newElem->next = element->next;
+ /* Set the old element's next pointer to the new element */
+ element->next = newElem;
+ newElem = NULL;
+ } else {
+ PKIX_INCREF(item);
+ newElem->item = item;
+ newElem->next = NULL;
+ list->next = newElem;
+ newElem = NULL;
+ }
+ list->length++;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)list, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+cleanup:
+ PKIX_DECREF(newElem);
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_GetItem (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_GetItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_PL_Object **pItem,
+ void *plContext)
+{
+ PKIX_List *element = NULL;
+
+ PKIX_ENTER(LIST, "PKIX_List_GetItem");
+ PKIX_NULLCHECK_TWO(list, pItem);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ PKIX_CHECK(pkix_List_GetElement(list, index, &element, plContext),
+ PKIX_LISTGETELEMENTFAILED);
+
+ PKIX_INCREF(element->item);
+ *pItem = element->item;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_SetItem (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_SetItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ PKIX_PL_Object *item,
+ void *plContext)
+{
+ PKIX_List *element;
+
+ PKIX_ENTER(LIST, "PKIX_List_SetItem");
+ PKIX_NULLCHECK_ONE(list);
+
+ if (list->immutable){
+ PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
+ }
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ PKIX_CHECK(pkix_List_GetElement(list, index, &element, plContext),
+ PKIX_LISTGETELEMENTFAILED);
+
+ /* DecRef old contents */
+ PKIX_DECREF(element->item);
+
+ /* Set New Contents */
+ PKIX_INCREF(item);
+ element->item = item;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)list, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_DeleteItem (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_DeleteItem(
+ PKIX_List *list,
+ PKIX_UInt32 index,
+ void *plContext)
+{
+ PKIX_List *element = NULL;
+ PKIX_List *prevElement = NULL;
+ PKIX_List *nextElement = NULL;
+
+ PKIX_ENTER(LIST, "PKIX_List_DeleteItem");
+ PKIX_NULLCHECK_ONE(list);
+
+ if (list->immutable){
+ PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
+ }
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ PKIX_CHECK(pkix_List_GetElement(list, index, &element, plContext),
+ PKIX_LISTGETELEMENTFAILED);
+
+ /* DecRef old contents */
+ PKIX_DECREF(element->item);
+
+ nextElement = element->next;
+
+ if (nextElement != NULL) {
+ /* If the next element exists, splice it out. */
+
+ /* Don't need to change ref counts for targets of next */
+ element->item = nextElement->item;
+ nextElement->item = NULL;
+
+ /* Don't need to change ref counts for targets of next */
+ element->next = nextElement->next;
+ nextElement->next = NULL;
+
+ PKIX_DECREF(nextElement);
+
+ } else { /* The element is at the tail of the list */
+ if (index != 0) {
+ PKIX_CHECK(pkix_List_GetElement
+ (list, index-1, &prevElement, plContext),
+ PKIX_LISTGETELEMENTFAILED);
+ } else if (index == 0){ /* prevElement must be header */
+ prevElement = list;
+ }
+ prevElement->next = NULL;
+
+ /* Delete the element */
+ PKIX_DECREF(element);
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)list, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ list->length = list->length - 1;
+
+cleanup:
+
+ PKIX_RETURN(LIST);
+}
+
+/*
+ * FUNCTION: PKIX_List_ReverseList (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_List_ReverseList(
+ PKIX_List *list,
+ PKIX_List **pReversedList,
+ void *plContext)
+{
+ PKIX_List *reversedList = NULL;
+ PKIX_PL_Object *item = NULL;
+ PKIX_PL_Object *duplicateItem = NULL;
+ PKIX_UInt32 length, i;
+
+ PKIX_ENTER(LIST, "pkix_List_ReverseList");
+ PKIX_NULLCHECK_TWO(list, pReversedList);
+
+ if (!list->isHeader){
+ PKIX_ERROR(PKIX_INPUTLISTMUSTBEHEADER);
+ }
+
+ length = list->length;
+
+ /* Create a new list object */
+ PKIX_CHECK(PKIX_List_Create(&reversedList, plContext),
+ PKIX_LISTCREATEINTERNALFAILED);
+
+ /*
+ * Starting with the last item and traversing backwards (from
+ * the original list), append each item to the reversed list
+ */
+
+ for (i = 1; i <= length; i++){
+ PKIX_CHECK(PKIX_List_GetItem
+ (list, (length - i), &item, plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ (item, &duplicateItem, plContext),
+ PKIX_LISTDUPLICATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (reversedList, duplicateItem, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(item);
+ PKIX_DECREF(duplicateItem);
+ }
+
+ *pReversedList = reversedList;
+
+cleanup:
+
+ PKIX_DECREF(item);
+ PKIX_DECREF(duplicateItem);
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(reversedList);
+ }
+
+ PKIX_RETURN(LIST);
+}
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_list.h b/security/nss/lib/libpkix/pkix/util/pkix_list.h
new file mode 100755
index 000000000..13e104f21
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_list.h
@@ -0,0 +1,95 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_list.h
+ *
+ * List Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_LIST_H
+#define _PKIX_LIST_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef PKIX_Error *
+(*PKIX_List_SortComparatorCallback)(
+ PKIX_PL_Object *obj1,
+ PKIX_PL_Object *obj2,
+ PKIX_Int32 *pResult,
+ void *plContext);
+
+struct PKIX_ListStruct {
+ PKIX_PL_Object *item;
+ PKIX_List *next;
+ PKIX_Boolean immutable;
+ PKIX_UInt32 length;
+ PKIX_Boolean isHeader;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_List_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_List_Contains(
+ PKIX_List *list,
+ PKIX_PL_Object *object,
+ PKIX_Boolean *pFound,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_Remove(
+ PKIX_List *list,
+ PKIX_PL_Object *target,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_MergeLists(
+ PKIX_List *firstList,
+ PKIX_List *secondList,
+ PKIX_List **pMergedList,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_AppendList(
+ PKIX_List *toList,
+ PKIX_List *fromList,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_AppendUnique(
+ PKIX_List *toList,
+ PKIX_List *fromList,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_RemoveItems(
+ PKIX_List *list,
+ PKIX_List *deleteList,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_QuickSort(
+ PKIX_List *fromList,
+ PKIX_List_SortComparatorCallback comparator,
+ PKIX_List **pSortedList,
+ void *plContext);
+
+PKIX_Error *
+pkix_List_BubbleSort(
+ PKIX_List *fromList,
+ PKIX_List_SortComparatorCallback comparator,
+ PKIX_List **pSortedList,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_LIST_H */
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_logger.c b/security/nss/lib/libpkix/pkix/util/pkix_logger.c
new file mode 100644
index 000000000..a916e6e4f
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_logger.c
@@ -0,0 +1,1088 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_logger.c
+ *
+ * Logger Object Functions
+ *
+ */
+
+#include "pkix_logger.h"
+#ifndef PKIX_ERROR_DESCRIPTION
+#include "prprf.h"
+#endif
+
+/* Global variable to keep PKIX_Logger List */
+PKIX_List *pkixLoggers = NULL;
+
+/*
+ * Once the Logger has been set, for any logging related operations, we have
+ * to go through the List to find a match, and if found, issue the
+ * corresponding callback. The overhead to check for DEBUG and TRACE in each
+ * PKIX function entering and exiting is very expensive (400X), and redundant
+ * if they are not the interest of the Logger. Therefore, the PKIX_Logger List
+ * pkixLoggers is separated into two lists based on its Loggers' trace level.
+ *
+ * Whenever the pkixLoggers List is updated by PKIX_Logger_AddLogger() or
+ * PKIX_Logger_SetLoggers(), we destroy and reconstruct pkixLoggersErrors
+ * and pkixLoggersDebugTrace Logger Lists. The ERROR, FATAL_ERROR and
+ * WARNING goes to pkixLoggersErrors and the DEBUG and TRACE goes to
+ * pkixLoggersDebugTrace.
+ *
+ * Currently we provide five logging levels and the default setting are by:
+ *
+ * PKIX_FATAL_ERROR() macro invokes pkix_Logger_Check of FATAL_ERROR level
+ * PKIX_ERROR() macro invokes pkix_Logger_Check of ERROR level
+ * WARNING is not invoked as default
+ * PKIX_DEBUG() macro invokes pkix_Logger_Check of DEBUG level. This needs
+ * compilation -DPKIX_<component>DEBUG flag to turn on
+ * PKIX_ENTER() and PKIX_RETURN() macros invoke pkix_Logger_Check of TRACE
+ * level. TRACE provides duplicate information of DEBUG, but needs no
+ * recompilation and cannot choose component. To allow application
+ * to use DEBUG level, TRACE is put as last.
+ *
+ */
+PKIX_List *pkixLoggersErrors = NULL;
+PKIX_List *pkixLoggersDebugTrace = NULL;
+
+/* To ensure atomic update on pkixLoggers lists */
+PKIX_PL_MonitorLock *pkixLoggerLock = NULL;
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_Logger_CheckErrors
+ * DESCRIPTION:
+ *
+ * This function goes through each PKIX_Logger at "pkixLoggersList" and
+ * checks if "maxLevel" and "logComponent" satisfies what is specified in the
+ * PKIX_Logger. If satisfies, it invokes the callback in PKIX_Logger and
+ * passes a PKIX_PL_String that is the concatenation of "message" and
+ * "message2" to the application for processing.
+ * Since this call is inserted into a handful of PKIX macros, no macros are
+ * applied in this function, to avoid infinite recursion.
+ * If an error occurs, this call is aborted.
+ *
+ * PARAMETERS:
+ * "pkixLoggersList"
+ * A list of PKIX_Loggers to be examined for invoking callback. Must be
+ * non-NULL.
+ * "message"
+ * Address of "message" to be logged. Must be non-NULL.
+ * "message2"
+ * Address of "message2" to be concatenated and logged. May be NULL.
+ * "logComponent"
+ * A PKIX_UInt32 that indicates the component the message is from.
+ * "maxLevel"
+ * A PKIX_UInt32 that represents the level of severity of the message.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Fatal Error if the function fails in an unrecoverable way
+ */
+PKIX_Error *
+pkix_Logger_Check(
+ PKIX_List *pkixLoggersList,
+ const char *message,
+ const char *message2,
+ PKIX_ERRORCLASS logComponent,
+ PKIX_UInt32 currentLevel,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+ PKIX_List *savedPkixLoggersErrors = NULL;
+ PKIX_List *savedPkixLoggersDebugTrace = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *messageString = NULL;
+ PKIX_PL_String *message2String = NULL;
+ PKIX_PL_String *msgString = NULL;
+ PKIX_Error *error = NULL;
+ PKIX_Boolean needLogging = PKIX_FALSE;
+ PKIX_UInt32 i, length;
+
+ /*
+ * We cannot use any the PKIX_ macros here, since this function is
+ * called from some of these macros. It can create infinite recursion.
+ */
+
+ if ((pkixLoggersList == NULL) || (message == NULL)) {
+ return(NULL);
+ }
+
+ /*
+ * Disable all subsequent loggings to avoid recursion. The result is
+ * if other thread is calling this function at the same time, there
+ * won't be any logging because the pkixLoggersErrors and
+ * pkixLoggersDebugTrace are set to null.
+ * It would be nice if we provide control per thread (e.g. make
+ * plContext threadable) then we can avoid the recursion by setting
+ * flag at plContext. Then other thread's logging won't be affected.
+ *
+ * Also we need to use a reentrant Lock. Although we avoid recursion
+ * for TRACE. When there is an ERROR occurs in subsequent call, this
+ * function will be called.
+ */
+
+ error = PKIX_PL_MonitorLock_Enter(pkixLoggerLock, plContext);
+ if (error) { return(NULL); }
+
+ savedPkixLoggersDebugTrace = pkixLoggersDebugTrace;
+ pkixLoggersDebugTrace = NULL;
+ savedPkixLoggersErrors = pkixLoggersErrors;
+ pkixLoggersErrors = NULL;
+
+ /* Convert message and message2 to String */
+ error = PKIX_PL_String_Create
+ (PKIX_ESCASCII, message, 0, &messageString, plContext);
+ if (error) { goto cleanup; }
+
+ if (message2) {
+ error = PKIX_PL_String_Create
+ (PKIX_ESCASCII, message2, 0, &message2String, plContext);
+ if (error) { goto cleanup; }
+ error = PKIX_PL_String_Create
+ (PKIX_ESCASCII, "%s %s", 0, &formatString, plContext);
+ if (error) { goto cleanup; }
+
+ } else {
+ error = PKIX_PL_String_Create
+ (PKIX_ESCASCII, "%s", 0, &formatString, plContext);
+ if (error) { goto cleanup; }
+
+ }
+
+ error = PKIX_PL_Sprintf
+ (&msgString,
+ plContext,
+ formatString,
+ messageString,
+ message2String);
+ if (error) { goto cleanup; }
+
+ /* Go through the Logger list */
+
+ error = PKIX_List_GetLength(pkixLoggersList, &length, plContext);
+ if (error) { goto cleanup; }
+
+ for (i = 0; i < length; i++) {
+
+ error = PKIX_List_GetItem
+ (pkixLoggersList,
+ i,
+ (PKIX_PL_Object **) &logger,
+ plContext);
+ if (error) { goto cleanup; }
+
+ /* Intended logging level less or equal than the max */
+ needLogging = (currentLevel <= logger->maxLevel);
+
+ if (needLogging && (logger->callback)) {
+
+ /*
+ * We separate Logger into two lists based on log level
+ * but log level is not modified. We need to check here to
+ * avoid logging the higher log level (lower value) twice.
+ */
+ if (pkixLoggersList == pkixLoggersErrors) {
+ needLogging = needLogging &&
+ (currentLevel <= PKIX_LOGGER_LEVEL_WARNING);
+ } else if (pkixLoggersList == pkixLoggersDebugTrace) {
+ needLogging = needLogging &&
+ (currentLevel > PKIX_LOGGER_LEVEL_WARNING);
+ }
+
+ if (needLogging) {
+ if (logComponent == logger->logComponent) {
+ needLogging = PKIX_TRUE;
+ } else {
+ needLogging = PKIX_FALSE;
+ }
+ }
+
+ if (needLogging) {
+ error = logger->callback
+ (logger,
+ msgString,
+ currentLevel,
+ logComponent,
+ plContext);
+ if (error) { goto cleanup; }
+ }
+ }
+
+ error = PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)logger, plContext);
+ logger = NULL;
+ if (error) { goto cleanup; }
+
+ }
+
+cleanup:
+
+ if (formatString) {
+ error = PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)formatString, plContext);
+ }
+
+ if (messageString) {
+ error = PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)messageString, plContext);
+ }
+
+ if (message2String) {
+ error = PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)message2String, plContext);
+ }
+
+ if (msgString) {
+ error = PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)msgString, plContext);
+ }
+
+ if (logger) {
+ error = PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)logger, plContext);
+ }
+
+ if (pkixLoggersErrors == NULL && savedPkixLoggersErrors != NULL) {
+ pkixLoggersErrors = savedPkixLoggersErrors;
+ }
+
+ if (pkixLoggersDebugTrace == NULL &&
+ savedPkixLoggersDebugTrace != NULL) {
+ pkixLoggersDebugTrace = savedPkixLoggersDebugTrace;
+ }
+
+ error = PKIX_PL_MonitorLock_Exit(pkixLoggerLock, plContext);
+ if (error) { return(NULL); }
+
+ return(NULL);
+}
+
+PKIX_Error *
+pkix_Logger_CheckWithCode(
+ PKIX_List *pkixLoggersList,
+ PKIX_UInt32 errorCode,
+ const char *message2,
+ PKIX_ERRORCLASS logComponent,
+ PKIX_UInt32 currentLevel,
+ void *plContext)
+{
+ char error[32];
+ char *errorString = NULL;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_CheckWithCode");
+#if defined PKIX_ERROR_DESCRIPTION
+ errorString = PKIX_ErrorText[errorCode];
+#else
+ PR_snprintf(error, 32, "Error code: %d", errorCode);
+ errorString = error;
+#endif /* PKIX_ERROR_DESCRIPTION */
+
+ pkixErrorResult = pkix_Logger_Check(pkixLoggersList, errorString,
+ message2, logComponent,
+ currentLevel, plContext);
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: pkix_Logger_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Logger_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a logger */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LOGGER_TYPE, plContext),
+ PKIX_OBJECTNOTLOGGER);
+
+ logger = (PKIX_Logger *)object;
+
+ /* We have a valid logger. DecRef its item and recurse on next */
+
+ logger->callback = NULL;
+ PKIX_DECREF(logger->context);
+ logger->logComponent = (PKIX_ERRORCLASS)NULL;
+
+cleanup:
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: pkix_Logger_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Logger_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *contextString = NULL;
+ PKIX_PL_String *componentString = NULL;
+ PKIX_PL_String *loggerString = NULL;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_ToString_Helper");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ /* Check that this object is a logger */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LOGGER_TYPE, plContext),
+ PKIX_OBJECTNOTLOGGER);
+
+ logger = (PKIX_Logger *)object;
+
+ asciiFormat =
+ "[\n"
+ "\tLogger: \n"
+ "\tContext: %s\n"
+ "\tMaximum Level: %d\n"
+ "\tComponent Name: %s\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_TOSTRING(logger->context, &contextString, plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ (void *)PKIX_ERRORCLASSNAMES[logger->logComponent],
+ 0,
+ &componentString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&loggerString,
+ plContext,
+ formatString,
+ contextString,
+ logger->maxLevel,
+ componentString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = loggerString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(contextString);
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: pkix_Logger_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Logger_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+ PKIX_Logger *firstLogger = NULL;
+ PKIX_Logger *secondLogger = NULL;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ /* test that first is a Logger */
+ PKIX_CHECK(pkix_CheckType(first, PKIX_LOGGER_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTLOGGER);
+
+ /*
+ * Since we know first is a Logger, if both references are
+ * identical, they must be equal
+ */
+ if (first == second){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If second isn't a Logger, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_LOGGER_TYPE) goto cleanup;
+
+ firstLogger = (PKIX_Logger *)first;
+ secondLogger = (PKIX_Logger *)second;
+
+ cmpResult = PKIX_FALSE;
+
+ if (firstLogger->callback != secondLogger->callback) {
+ goto cleanup;
+ }
+
+ if (firstLogger->logComponent != secondLogger->logComponent) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS
+ (firstLogger->context,
+ secondLogger->context,
+ &cmpResult,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (cmpResult == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ if (firstLogger->maxLevel != secondLogger->maxLevel) {
+ goto cleanup;
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: pkix_Logger_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Logger_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+ PKIX_UInt32 hash = 0;
+ PKIX_UInt32 tempHash = 0;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LOGGER_TYPE, plContext),
+ PKIX_OBJECTNOTLOGGER);
+
+ logger = (PKIX_Logger *)object;
+
+ PKIX_HASHCODE(logger->context, &tempHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ hash = (((((PKIX_UInt32)((char *)logger->callback - (char *)NULL) + tempHash) << 7) +
+ logger->maxLevel) << 7) + (PKIX_UInt32)logger->logComponent;
+
+ *pHashcode = hash;
+
+cleanup:
+
+ PKIX_RETURN(LOGGER);
+}
+
+
+/*
+ * FUNCTION: pkix_Logger_Duplicate
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_Logger_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+ PKIX_Logger *dupLogger = NULL;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_Duplicate");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)object, PKIX_LOGGER_TYPE, plContext),
+ PKIX_OBJECTNOTLOGGER);
+
+ logger = (PKIX_Logger *) object;
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_LOGGER_TYPE,
+ sizeof (PKIX_Logger),
+ (PKIX_PL_Object **)&dupLogger,
+ plContext),
+ PKIX_COULDNOTCREATELOGGEROBJECT);
+
+ dupLogger->callback = logger->callback;
+ dupLogger->maxLevel = logger->maxLevel;
+
+ PKIX_DUPLICATE
+ (logger->context,
+ &dupLogger->context,
+ plContext,
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ dupLogger->logComponent = logger->logComponent;
+
+ *pNewObject = (PKIX_PL_Object *) dupLogger;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(dupLogger);
+ }
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: pkix_Logger_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_LOGGER_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_Logger_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(LOGGER, "pkix_Logger_RegisterSelf");
+
+ entry.description = "Logger";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_Logger);
+ entry.destructor = pkix_Logger_Destroy;
+ entry.equalsFunction = pkix_Logger_Equals;
+ entry.hashcodeFunction = pkix_Logger_Hashcode;
+ entry.toStringFunction = pkix_Logger_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_Logger_Duplicate;
+
+ systemClasses[PKIX_LOGGER_TYPE] = entry;
+
+ PKIX_RETURN(LOGGER);
+}
+
+/* --Public-Logger-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_Logger_Create (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_Create(
+ PKIX_Logger_LogCallback callback,
+ PKIX_PL_Object *loggerContext,
+ PKIX_Logger **pLogger,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+
+ PKIX_ENTER(LOGGER, "PKIX_Logger_Create");
+ PKIX_NULLCHECK_ONE(pLogger);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_LOGGER_TYPE,
+ sizeof (PKIX_Logger),
+ (PKIX_PL_Object **)&logger,
+ plContext),
+ PKIX_COULDNOTCREATELOGGEROBJECT);
+
+ logger->callback = callback;
+ logger->maxLevel = 0;
+ logger->logComponent = (PKIX_ERRORCLASS)NULL;
+
+ PKIX_INCREF(loggerContext);
+ logger->context = loggerContext;
+
+ *pLogger = logger;
+ logger = NULL;
+
+cleanup:
+
+ PKIX_DECREF(logger);
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_GetLogCallback (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_GetLogCallback(
+ PKIX_Logger *logger,
+ PKIX_Logger_LogCallback *pCallback,
+ void *plContext)
+{
+ PKIX_ENTER(LOGGER, "PKIX_Logger_GetLogCallback");
+ PKIX_NULLCHECK_TWO(logger, pCallback);
+
+ *pCallback = logger->callback;
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_GetLoggerContext (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_GetLoggerContext(
+ PKIX_Logger *logger,
+ PKIX_PL_Object **pLoggerContext,
+ void *plContext)
+{
+ PKIX_ENTER(LOGGER, "PKIX_Logger_GetLoggerContex");
+ PKIX_NULLCHECK_TWO(logger, pLoggerContext);
+
+ PKIX_INCREF(logger->context);
+ *pLoggerContext = logger->context;
+
+cleanup:
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_GetMaxLoggingLevel (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_GetMaxLoggingLevel(
+ PKIX_Logger *logger,
+ PKIX_UInt32 *pLevel,
+ void *plContext)
+{
+ PKIX_ENTER(LOGGER, "PKIX_Logger_GetMaxLoggingLevel");
+ PKIX_NULLCHECK_TWO(logger, pLevel);
+
+ *pLevel = logger->maxLevel;
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_SetMaxLoggingLevel (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_SetMaxLoggingLevel(
+ PKIX_Logger *logger,
+ PKIX_UInt32 level,
+ void *plContext)
+{
+ PKIX_ENTER(LOGGER, "PKIX_Logger_SetMaxLoggingLevel");
+ PKIX_NULLCHECK_ONE(logger);
+
+ if (level > PKIX_LOGGER_LEVEL_MAX) {
+ PKIX_ERROR(PKIX_LOGGINGLEVELEXCEEDSMAXIMUM);
+ } else {
+ logger->maxLevel = level;
+ }
+
+cleanup:
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_GetLoggingComponent (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_GetLoggingComponent(
+ PKIX_Logger *logger,
+ PKIX_ERRORCLASS *pComponent,
+ void *plContext)
+{
+ PKIX_ENTER(LOGGER, "PKIX_Logger_GetLoggingComponent");
+ PKIX_NULLCHECK_TWO(logger, pComponent);
+
+ *pComponent = logger->logComponent;
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_SetLoggingComponent (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_Logger_SetLoggingComponent(
+ PKIX_Logger *logger,
+ PKIX_ERRORCLASS component,
+ void *plContext)
+{
+ PKIX_ENTER(LOGGER, "PKIX_Logger_SetLoggingComponent");
+ PKIX_NULLCHECK_ONE(logger);
+
+ logger->logComponent = component;
+
+ PKIX_RETURN(LOGGER);
+}
+
+
+/*
+ * Following PKIX_GetLoggers(), PKIX_SetLoggers() and PKIX_AddLogger() are
+ * documented as not thread-safe. However they are thread-safe now. We need
+ * the lock when accessing the logger lists.
+ */
+
+/*
+ * FUNCTION: PKIX_Logger_GetLoggers (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_GetLoggers(
+ PKIX_List **pLoggers, /* list of PKIX_Logger */
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_List *savedPkixLoggersDebugTrace = NULL;
+ PKIX_List *savedPkixLoggersErrors = NULL;
+ PKIX_Logger *logger = NULL;
+ PKIX_Logger *dupLogger = NULL;
+ PKIX_UInt32 i, length;
+ PKIX_Boolean locked = PKIX_FALSE;
+
+ PKIX_ENTER(LOGGER, "PKIX_Logger_GetLoggers");
+ PKIX_NULLCHECK_ONE(pLoggers);
+
+ PKIX_CHECK(PKIX_PL_MonitorLock_Enter(pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKENTERFAILED);
+ locked = PKIX_TRUE;
+
+ /*
+ * Temporarily disable DEBUG/TRACE Logging to avoid possible
+ * deadlock:
+ * When the Logger List is being accessed, e.g. by PKIX_ENTER or
+ * PKIX_DECREF, pkix_Logger_Check may check whether logging
+ * is requested, creating a deadlock situation.
+ */
+ savedPkixLoggersDebugTrace = pkixLoggersDebugTrace;
+ pkixLoggersDebugTrace = NULL;
+ savedPkixLoggersErrors = pkixLoggersErrors;
+ pkixLoggersErrors = NULL;
+
+ if (pkixLoggers == NULL) {
+ length = 0;
+ } else {
+ PKIX_CHECK(PKIX_List_GetLength
+ (pkixLoggers, &length, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ /* Create a list and copy the pkixLoggers item to the list */
+ PKIX_CHECK(PKIX_List_Create(&list, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (i = 0; i < length; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (pkixLoggers,
+ i,
+ (PKIX_PL_Object **) &logger,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_Logger_Duplicate
+ ((PKIX_PL_Object *)logger,
+ (PKIX_PL_Object **)&dupLogger,
+ plContext),
+ PKIX_LOGGERDUPLICATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (list,
+ (PKIX_PL_Object *) dupLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(logger);
+ PKIX_DECREF(dupLogger);
+ }
+
+ /* Set the list to be immutable */
+ PKIX_CHECK(PKIX_List_SetImmutable(list, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pLoggers = list;
+
+cleanup:
+
+ PKIX_DECREF(logger);
+
+ /* Restore logging capability */
+ pkixLoggersDebugTrace = savedPkixLoggersDebugTrace;
+ pkixLoggersErrors = savedPkixLoggersErrors;
+
+ if (locked) {
+ PKIX_CHECK(PKIX_PL_MonitorLock_Exit(pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKEXITFAILED);
+ }
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_SetLoggers (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_SetLoggers(
+ PKIX_List *loggers, /* list of PKIX_Logger */
+ void *plContext)
+{
+ PKIX_List *list = NULL;
+ PKIX_List *savedPkixLoggersErrors = NULL;
+ PKIX_List *savedPkixLoggersDebugTrace = NULL;
+ PKIX_Logger *logger = NULL;
+ PKIX_Logger *dupLogger = NULL;
+ PKIX_Boolean locked = PKIX_FALSE;
+ PKIX_UInt32 i, length;
+
+ PKIX_ENTER(LOGGER, "PKIX_SetLoggers");
+
+ PKIX_CHECK(PKIX_PL_MonitorLock_Enter(pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKENTERFAILED);
+ locked = PKIX_TRUE;
+
+ /* Disable tracing, etc. to avoid recursion and deadlock */
+ savedPkixLoggersDebugTrace = pkixLoggersDebugTrace;
+ pkixLoggersDebugTrace = NULL;
+ savedPkixLoggersErrors = pkixLoggersErrors;
+ pkixLoggersErrors = NULL;
+
+ /* discard any prior loggers */
+ PKIX_DECREF(pkixLoggers);
+ PKIX_DECREF(savedPkixLoggersErrors);
+ PKIX_DECREF(savedPkixLoggersDebugTrace);
+
+ if (loggers != NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&list, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(loggers, &length, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < length; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (loggers,
+ i,
+ (PKIX_PL_Object **) &logger,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_Logger_Duplicate
+ ((PKIX_PL_Object *)logger,
+ (PKIX_PL_Object **)&dupLogger,
+ plContext),
+ PKIX_LOGGERDUPLICATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (list,
+ (PKIX_PL_Object *) dupLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ /* Make two lists */
+
+ /* Put in pkixLoggersErrors in any case*/
+
+ if (savedPkixLoggersErrors == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create
+ (&savedPkixLoggersErrors,
+ plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (savedPkixLoggersErrors,
+ (PKIX_PL_Object *) dupLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ if (logger->maxLevel > PKIX_LOGGER_LEVEL_WARNING) {
+
+ /* Put in pkixLoggersDebugTrace */
+
+ if (savedPkixLoggersDebugTrace == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create
+ (&savedPkixLoggersDebugTrace,
+ plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (savedPkixLoggersDebugTrace,
+ (PKIX_PL_Object *) dupLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ PKIX_DECREF(logger);
+ PKIX_DECREF(dupLogger);
+
+ }
+
+ pkixLoggers = list;
+ }
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(list);
+ PKIX_DECREF(savedPkixLoggersErrors);
+ PKIX_DECREF(savedPkixLoggersDebugTrace);
+ pkixLoggers = NULL;
+ }
+
+ PKIX_DECREF(logger);
+
+ /* Reenable logging capability with new lists */
+ pkixLoggersErrors = savedPkixLoggersErrors;
+ pkixLoggersDebugTrace = savedPkixLoggersDebugTrace;
+
+ if (locked) {
+ PKIX_CHECK(PKIX_PL_MonitorLock_Exit(pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKEXITFAILED);
+ }
+
+ PKIX_RETURN(LOGGER);
+}
+
+/*
+ * FUNCTION: PKIX_Logger_AddLogger (see comments in pkix_util.h)
+ */
+PKIX_Error *
+PKIX_AddLogger(
+ PKIX_Logger *logger,
+ void *plContext)
+{
+ PKIX_Logger *dupLogger = NULL;
+ PKIX_Logger *addLogger = NULL;
+ PKIX_List *savedPkixLoggersErrors = NULL;
+ PKIX_List *savedPkixLoggersDebugTrace = NULL;
+ PKIX_Boolean locked = PKIX_FALSE;
+ PKIX_UInt32 i, length;
+
+ PKIX_ENTER(LOGGER, "PKIX_Logger_AddLogger");
+ PKIX_NULLCHECK_ONE(logger);
+
+ PKIX_CHECK(PKIX_PL_MonitorLock_Enter(pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKENTERFAILED);
+ locked = PKIX_TRUE;
+
+ savedPkixLoggersDebugTrace = pkixLoggersDebugTrace;
+ pkixLoggersDebugTrace = NULL;
+ savedPkixLoggersErrors = pkixLoggersErrors;
+ pkixLoggersErrors = NULL;
+
+ PKIX_DECREF(savedPkixLoggersErrors);
+ PKIX_DECREF(savedPkixLoggersDebugTrace);
+
+ if (pkixLoggers == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&pkixLoggers, plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(pkix_Logger_Duplicate
+ ((PKIX_PL_Object *)logger,
+ (PKIX_PL_Object **)&dupLogger,
+ plContext),
+ PKIX_LOGGERDUPLICATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (pkixLoggers,
+ (PKIX_PL_Object *) dupLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(pkixLoggers, &length, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ /* Reconstruct pkixLoggersErrors and pkixLoggersDebugTrace */
+ for (i = 0; i < length; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (pkixLoggers,
+ i,
+ (PKIX_PL_Object **) &addLogger,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+
+ /* Put in pkixLoggersErrors */
+
+ if (savedPkixLoggersErrors == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create
+ (&savedPkixLoggersErrors,
+ plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (savedPkixLoggersErrors,
+ (PKIX_PL_Object *) addLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ if (addLogger->maxLevel > PKIX_LOGGER_LEVEL_WARNING) {
+
+ /* Put in pkixLoggersDebugTrace */
+
+ if (savedPkixLoggersDebugTrace == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create
+ (&savedPkixLoggersDebugTrace,
+ plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (savedPkixLoggersDebugTrace,
+ (PKIX_PL_Object *) addLogger,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+
+ PKIX_DECREF(addLogger);
+
+ }
+
+cleanup:
+
+ PKIX_DECREF(dupLogger);
+ PKIX_DECREF(addLogger);
+
+ /* Restore logging capability */
+ pkixLoggersErrors = savedPkixLoggersErrors;
+ pkixLoggersDebugTrace = savedPkixLoggersDebugTrace;
+
+ if (locked) {
+ PKIX_CHECK(PKIX_PL_MonitorLock_Exit(pkixLoggerLock, plContext),
+ PKIX_MONITORLOCKEXITFAILED);
+ }
+
+ PKIX_RETURN(LOGGER);
+}
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_logger.h b/security/nss/lib/libpkix/pkix/util/pkix_logger.h
new file mode 100644
index 000000000..9411aed2e
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_logger.h
@@ -0,0 +1,57 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_logger.h
+ *
+ * Logger Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_LOGGER_H
+#define _PKIX_LOGGER_H
+
+#include "pkix_tools.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern PKIX_List *pkixLoggers;
+extern PKIX_List *pkixLoggersErrors;
+extern PKIX_List *pkixLoggersDebugTrace;
+
+struct PKIX_LoggerStruct {
+ PKIX_Logger_LogCallback callback;
+ PKIX_PL_Object *context;
+ PKIX_UInt32 maxLevel;
+ PKIX_ERRORCLASS logComponent;
+};
+
+PKIX_Error *
+pkix_Logger_Check(
+ PKIX_List *pkixLoggersList,
+ const char *message,
+ const char *message2,
+ PKIX_ERRORCLASS logComponent,
+ PKIX_UInt32 maxLevel,
+ void *plContext);
+
+PKIX_Error *
+pkix_Logger_CheckWithCode(
+ PKIX_List *pkixLoggersList,
+ PKIX_UInt32 errorCode,
+ const char *message2,
+ PKIX_ERRORCLASS logComponent,
+ PKIX_UInt32 maxLevel,
+ void *plContext);
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_Logger_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_LOGGER_H */
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_tools.c b/security/nss/lib/libpkix/pkix/util/pkix_tools.c
new file mode 100755
index 000000000..6348b8936
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_tools.c
@@ -0,0 +1,1519 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_tools.c
+ *
+ * Private Utility Functions
+ *
+ */
+
+#include "pkix_tools.h"
+
+#define CACHE_ITEM_PERIOD_SECONDS (3600) /* one hour */
+
+/*
+ * This cahce period is only for CertCache. A Cert from a trusted CertStore
+ * should be checked more frequently for update new arrival, etc.
+ */
+#define CACHE_TRUST_ITEM_PERIOD_SECONDS (CACHE_ITEM_PERIOD_SECONDS/10)
+
+extern PKIX_PL_HashTable *cachedCertChainTable;
+extern PKIX_PL_HashTable *cachedCertTable;
+extern PKIX_PL_HashTable *cachedCrlEntryTable;
+
+/* Following variables are used to checked cache hits - can be taken out */
+extern int pkix_ccAddCount;
+extern int pkix_ccLookupCount;
+extern int pkix_ccRemoveCount;
+extern int pkix_cAddCount;
+extern int pkix_cLookupCount;
+extern int pkix_cRemoveCount;
+extern int pkix_ceAddCount;
+extern int pkix_ceLookupCount;
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+/* Following variables are used for object leak test */
+char *nonNullValue = "Non Empty Value";
+PKIX_Boolean noErrorState = PKIX_TRUE;
+PKIX_Boolean runningLeakTest;
+PKIX_Boolean errorGenerated;
+PKIX_UInt32 stackPosition;
+PKIX_UInt32 *fnStackInvCountArr;
+char **fnStackNameArr;
+PLHashTable *fnInvTable;
+PKIX_UInt32 testStartFnStackPosition;
+char *errorFnStackString;
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+/* --Private-Functions-------------------------------------------- */
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+/*
+ * FUNCTION: pkix_ErrorGen_Hash
+ * DESCRIPTION:
+ *
+ * Hash function to be used in object leak test hash table.
+ *
+ */
+PLHashNumber PR_CALLBACK
+pkix_ErrorGen_Hash (const void *key)
+{
+ char *str = NULL;
+ PLHashNumber rv = (*(PRUint8*)key) << 5;
+ PRUint32 i, counter = 0;
+ PRUint8 *rvc = (PRUint8 *)&rv;
+
+ while ((str = fnStackNameArr[counter++]) != NULL) {
+ PRUint32 len = strlen(str);
+ for( i = 0; i < len; i++ ) {
+ rvc[ i % sizeof(rv) ] ^= *str;
+ str++;
+ }
+ }
+
+ return rv;
+}
+
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+/*
+ * FUNCTION: pkix_IsCertSelfIssued
+ * DESCRIPTION:
+ *
+ * Checks whether the Cert pointed to by "cert" is self-issued and stores the
+ * Boolean result at "pSelfIssued". A Cert is considered self-issued if the
+ * Cert's issuer matches the Cert's subject. If the subject or issuer is
+ * not specified, a PKIX_FALSE is returned.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of Cert used to determine whether Cert is self-issued.
+ * Must be non-NULL.
+ * "pSelfIssued"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_IsCertSelfIssued(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pSelfIssued,
+ void *plContext)
+{
+ PKIX_PL_X500Name *subject = NULL;
+ PKIX_PL_X500Name *issuer = NULL;
+
+ PKIX_ENTER(CERT, "pkix_IsCertSelfIssued");
+ PKIX_NULLCHECK_TWO(cert, pSelfIssued);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject(cert, &subject, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetIssuer(cert, &issuer, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ if (subject == NULL || issuer == NULL) {
+ *pSelfIssued = PKIX_FALSE;
+ } else {
+
+ PKIX_CHECK(PKIX_PL_X500Name_Match
+ (subject, issuer, pSelfIssued, plContext),
+ PKIX_X500NAMEMATCHFAILED);
+ }
+
+cleanup:
+ PKIX_DECREF(subject);
+ PKIX_DECREF(issuer);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_Throw
+ * DESCRIPTION:
+ *
+ * Creates an Error using the value of "errorCode", the character array
+ * pointed to by "funcName", the character array pointed to by "errorText",
+ * and the Error pointed to by "cause" (if any), and stores it at "pError".
+ *
+ * If "cause" is not NULL and has an errorCode of "PKIX_FATAL_ERROR",
+ * then there is no point creating a new Error object. Rather, we simply
+ * store "cause" at "pError".
+ *
+ * PARAMETERS:
+ * "errorCode"
+ * Value of error code.
+ * "funcName"
+ * Address of EscASCII array representing name of function throwing error.
+ * Must be non-NULL.
+ * "errnum"
+ * PKIX_ERRMSGNUM of error description for new error.
+ * "cause"
+ * Address of Error representing error's cause.
+ * "pError"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_Throw(
+ PKIX_ERRORCLASS errorClass,
+ const char *funcName,
+ PKIX_ERRORCODE errorCode,
+ PKIX_ERRORCLASS overrideClass,
+ PKIX_Error *cause,
+ PKIX_Error **pError,
+ void *plContext)
+{
+ PKIX_Error *error = NULL;
+
+ PKIX_ENTER(ERROR, "pkix_Throw");
+ PKIX_NULLCHECK_TWO(funcName, pError);
+
+ *pError = NULL;
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ noErrorState = PKIX_TRUE;
+ if (pkixLog) {
+#ifdef PKIX_ERROR_DESCRIPTION
+ PR_LOG(pkixLog, 4, ("Error in function \"%s\":\"%s\" with cause \"%s\"\n",
+ funcName, PKIX_ErrorText[errorCode],
+ (cause ? PKIX_ErrorText[cause->errCode] : "null")));
+#else
+ PR_LOG(pkixLog, 4, ("Error in function \"%s\": error code \"%d\"\n",
+ funcName, errorCode));
+#endif /* PKIX_ERROR_DESCRIPTION */
+ PORT_Assert(strcmp(funcName, "PKIX_PL_Object_DecRef"));
+ }
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ /* if cause has error class of PKIX_FATAL_ERROR, return immediately */
+ if (cause) {
+ if (cause->errClass == PKIX_FATAL_ERROR){
+ PKIX_INCREF(cause);
+ *pError = cause;
+ goto cleanup;
+ }
+ }
+
+ if (overrideClass == PKIX_FATAL_ERROR){
+ errorClass = overrideClass;
+ }
+
+ pkixTempResult = PKIX_Error_Create(errorClass, cause, NULL,
+ errorCode, &error, plContext);
+
+ if (!pkixTempResult) {
+ /* Setting plErr error code:
+ * get it from PORT_GetError if it is a leaf error and
+ * default error code does not exist(eq 0) */
+ if (!cause && !error->plErr) {
+ error->plErr = PKIX_PL_GetPLErrorCode();
+ }
+ }
+
+ *pError = error;
+
+cleanup:
+
+ PKIX_DEBUG_EXIT(ERROR);
+ pkixErrorClass = 0;
+#ifdef PKIX_OBJECT_LEAK_TEST
+ noErrorState = PKIX_FALSE;
+
+ if (runningLeakTest && fnStackNameArr) {
+ PR_LOG(pkixLog, 5,
+ ("%s%*s<- %s(%d) - %s\n", (errorGenerated ? "*" : " "),
+ stackPosition, " ", fnStackNameArr[stackPosition],
+ stackPosition, myFuncName));
+ fnStackNameArr[stackPosition--] = NULL;
+ }
+#endif /* PKIX_OBJECT_LEAK_TEST */
+ return (pkixTempResult);
+}
+
+/*
+ * FUNCTION: pkix_CheckTypes
+ * DESCRIPTION:
+ *
+ * Checks that the types of the Object pointed to by "first" and the Object
+ * pointed to by "second" are both equal to the value of "type". If they
+ * are not equal, a PKIX_Error is returned.
+ *
+ * PARAMETERS:
+ * "first"
+ * Address of first Object. Must be non-NULL.
+ * "second"
+ * Address of second Object. Must be non-NULL.
+ * "type"
+ * Value of type to check against.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CheckTypes(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_UInt32 type,
+ void *plContext)
+{
+ PKIX_UInt32 firstType, secondType;
+
+ PKIX_ENTER(OBJECT, "pkix_CheckTypes");
+ PKIX_NULLCHECK_TWO(first, second);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(first, &firstType, plContext),
+ PKIX_COULDNOTGETFIRSTOBJECTTYPE);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETSECONDOBJECTTYPE);
+
+ if ((firstType != type)||(firstType != secondType)) {
+ PKIX_ERROR(PKIX_OBJECTTYPESDONOTMATCH);
+ }
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_CheckType
+ * DESCRIPTION:
+ *
+ * Checks that the type of the Object pointed to by "object" is equal to the
+ * value of "type". If it is not equal, a PKIX_Error is returned.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object. Must be non-NULL.
+ * "type"
+ * Value of type to check against.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CheckType(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 type,
+ void *plContext)
+{
+ return (pkix_CheckTypes(object, object, type, plContext));
+}
+
+/*
+ * FUNCTION: pkix_hash
+ * DESCRIPTION:
+ *
+ * Computes a hash value for "length" bytes starting at the array of bytes
+ * pointed to by "bytes" and stores the result at "pHash".
+ *
+ * XXX To speed this up, we could probably read 32 bits at a time from
+ * bytes (maybe even 64 bits on some platforms)
+ *
+ * PARAMETERS:
+ * "bytes"
+ * Address of array of bytes to hash. Must be non-NULL.
+ * "length"
+ * Number of bytes to hash.
+ * "pHash"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_hash(
+ const unsigned char *bytes,
+ PKIX_UInt32 length,
+ PKIX_UInt32 *pHash,
+ void *plContext)
+{
+ PKIX_UInt32 i;
+ PKIX_UInt32 hash;
+
+ PKIX_ENTER(OBJECT, "pkix_hash");
+ if (length != 0) {
+ PKIX_NULLCHECK_ONE(bytes);
+ }
+ PKIX_NULLCHECK_ONE(pHash);
+
+ hash = 0;
+ for (i = 0; i < length; i++) {
+ /* hash = 31 * hash + bytes[i]; */
+ hash = (hash << 5) - hash + bytes[i];
+ }
+
+ *pHash = hash;
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_countArray
+ * DESCRIPTION:
+ *
+ * Counts the number of elements in the null-terminated array of pointers
+ * pointed to by "array" and returns the result.
+ *
+ * PARAMETERS
+ * "array"
+ * Address of null-terminated array of pointers.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns the number of elements in the array.
+ */
+PKIX_UInt32
+pkix_countArray(void **array)
+{
+ PKIX_UInt32 count = 0;
+
+ if (array) {
+ while (*array++) {
+ count++;
+ }
+ }
+ return (count);
+}
+
+/*
+ * FUNCTION: pkix_duplicateImmutable
+ * DESCRIPTION:
+ *
+ * Convenience callback function used for duplicating immutable objects.
+ * Since the objects can not be modified, this function simply increments the
+ * reference count on the object, and returns a reference to that object.
+ *
+ * (see comments for PKIX_PL_DuplicateCallback in pkix_pl_system.h)
+ */
+PKIX_Error *
+pkix_duplicateImmutable(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_ENTER(OBJECT, "pkix_duplicateImmutable");
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_INCREF(object);
+
+ *pNewObject = object;
+
+cleanup:
+ PKIX_RETURN(OBJECT);
+}
+
+/* --String-Encoding-Conversion-Functions------------------------ */
+
+/*
+ * FUNCTION: pkix_hex2i
+ * DESCRIPTION:
+ *
+ * Converts hexadecimal character "c" to its integer value and returns result.
+ *
+ * PARAMETERS
+ * "c"
+ * Character to convert to a hex value.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * The hexadecimal value of "c". Otherwise -1. (Unsigned 0xFFFFFFFF).
+ */
+PKIX_UInt32
+pkix_hex2i(char c)
+{
+ if ((c >= '0')&&(c <= '9'))
+ return (c-'0');
+ else if ((c >= 'a')&&(c <= 'f'))
+ return (c-'a'+10);
+ else if ((c >= 'A')&&(c <= 'F'))
+ return (c-'A'+10);
+ else
+ return ((PKIX_UInt32)(-1));
+}
+
+/*
+ * FUNCTION: pkix_i2hex
+ * DESCRIPTION:
+ *
+ * Converts integer value "digit" to its ASCII hex value
+ *
+ * PARAMETERS
+ * "digit"
+ * Value of integer to convert to ASCII hex value. Must be 0-15.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * The ASCII hexadecimal value of "digit".
+ */
+char
+pkix_i2hex(char digit)
+{
+ if ((digit >= 0)&&(digit <= 9))
+ return (digit+'0');
+ else if ((digit >= 0xa)&&(digit <= 0xf))
+ return (digit - 10 + 'a');
+ else
+ return (-1);
+}
+
+/*
+ * FUNCTION: pkix_isPlaintext
+ * DESCRIPTION:
+ *
+ * Returns whether character "c" is plaintext using EscASCII or EscASCII_Debug
+ * depending on the value of "debug".
+ *
+ * In EscASCII, [01, 7E] except '&' are plaintext.
+ * In EscASCII_Debug [20, 7E] except '&' are plaintext.
+ *
+ * PARAMETERS:
+ * "c"
+ * Character to check.
+ * "debug"
+ * Value of debug flag.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * True if "c" is plaintext.
+ */
+PKIX_Boolean
+pkix_isPlaintext(unsigned char c, PKIX_Boolean debug) {
+ return ((c >= 0x01)&&(c <= 0x7E)&&(c != '&')&&(!debug || (c >= 20)));
+}
+
+/* --Cache-Functions------------------------ */
+
+/*
+ * FUNCTION: pkix_CacheCertChain_Lookup
+ * DESCRIPTION:
+ *
+ * Look up CertChain Hash Table for a cached BuildResult based on "targetCert"
+ * and "anchors" as the hash keys. If there is no item to match the key,
+ * PKIX_FALSE is stored at "pFound". If an item is found, its cache time is
+ * compared to "testDate". If expired, the item is removed and PKIX_FALSE is
+ * stored at "pFound". Otherwise, PKIX_TRUE is stored at "pFound" and the
+ * BuildResult is stored at "pBuildResult".
+ * The hashtable is maintained in the following ways:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ * 2) A PKIX_PL_Date created with current time offset by constant
+ * CACHE_ITEM_PERIOD_SECONDS is attached to each item in the Hash Table.
+ * When an item is retrieved, this date is compared against "testDate" for
+ * validity. If comparison indicates this item is expired, the item is
+ * removed from the bucket.
+ *
+ * PARAMETERS:
+ * "targetCert"
+ * Address of Target Cert as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "anchors"
+ * Address of PKIX_List of "anchors" is used as key to retrive CertChain.
+ * Must be non-NULL.
+ * "testDate"
+ * Address of PKIX_PL_Date for verifying time validity and cache validity.
+ * May be NULL. If testDate is NULL, this cache item will not be out-dated.
+ * "pFound"
+ * Address of PKIX_Boolean indicating valid data is found.
+ * Must be non-NULL.
+ * "pBuildResult"
+ * Address where BuildResult will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCertChain_Lookup(
+ PKIX_PL_Cert* targetCert,
+ PKIX_List* anchors,
+ PKIX_PL_Date *testDate,
+ PKIX_Boolean *pFound,
+ PKIX_BuildResult **pBuildResult,
+ void *plContext)
+{
+ PKIX_List *cachedValues = NULL;
+ PKIX_List *cachedKeys = NULL;
+ PKIX_Error *cachedCertChainError = NULL;
+ PKIX_PL_Date *cacheValidUntilDate = NULL;
+ PKIX_PL_Date *validityDate = NULL;
+ PKIX_Int32 cmpValidTimeResult = 0;
+ PKIX_Int32 cmpCacheTimeResult = 0;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCertChain_Lookup");
+
+ PKIX_NULLCHECK_FOUR(targetCert, anchors, pFound, pBuildResult);
+
+ *pFound = PKIX_FALSE;
+
+ /* use trust anchors and target cert as hash key */
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys,
+ (PKIX_PL_Object *)targetCert,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys,
+ (PKIX_PL_Object *)anchors,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ cachedCertChainError = PKIX_PL_HashTable_Lookup
+ (cachedCertChainTable,
+ (PKIX_PL_Object *) cachedKeys,
+ (PKIX_PL_Object **) &cachedValues,
+ plContext);
+
+ pkix_ccLookupCount++;
+
+ /* retrieve data from hashed value list */
+
+ if (cachedValues != NULL && cachedCertChainError == NULL) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (cachedValues,
+ 0,
+ (PKIX_PL_Object **) &cacheValidUntilDate,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /* check validity time and cache age time */
+ PKIX_CHECK(PKIX_List_GetItem
+ (cachedValues,
+ 1,
+ (PKIX_PL_Object **) &validityDate,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /* if testDate is not set, this cache item is not out-dated */
+ if (testDate) {
+
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)testDate,
+ (PKIX_PL_Object *)cacheValidUntilDate,
+ &cmpCacheTimeResult,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)testDate,
+ (PKIX_PL_Object *)validityDate,
+ &cmpValidTimeResult,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+ }
+
+ /* certs' date are all valid and cache item is not old */
+ if (cmpValidTimeResult <= 0 && cmpCacheTimeResult <=0) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (cachedValues,
+ 2,
+ (PKIX_PL_Object **) pBuildResult,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ *pFound = PKIX_TRUE;
+
+ } else {
+
+ pkix_ccRemoveCount++;
+ *pFound = PKIX_FALSE;
+
+ /* out-dated item, remove it from cache */
+ PKIX_CHECK(PKIX_PL_HashTable_Remove
+ (cachedCertChainTable,
+ (PKIX_PL_Object *) cachedKeys,
+ plContext),
+ PKIX_HASHTABLEREMOVEFAILED);
+ }
+ }
+
+cleanup:
+
+ PKIX_DECREF(cachedValues);
+ PKIX_DECREF(cachedKeys);
+ PKIX_DECREF(cachedCertChainError);
+ PKIX_DECREF(cacheValidUntilDate);
+ PKIX_DECREF(validityDate);
+
+ PKIX_RETURN(BUILD);
+
+}
+
+/*
+ * FUNCTION: pkix_CacheCertChain_Remove
+ * DESCRIPTION:
+ *
+ * Remove CertChain Hash Table entry based on "targetCert" and "anchors"
+ * as the hash keys. If there is no item to match the key, no action is
+ * taken.
+ * The hashtable is maintained in the following ways:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ * 2) A PKIX_PL_Date created with current time offset by constant
+ * CACHE_ITEM_PERIOD_SECONDS is attached to each item in the Hash Table.
+ * When an item is retrieved, this date is compared against "testDate" for
+ * validity. If comparison indicates this item is expired, the item is
+ * removed from the bucket.
+ *
+ * PARAMETERS:
+ * "targetCert"
+ * Address of Target Cert as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "anchors"
+ * Address of PKIX_List of "anchors" is used as key to retrive CertChain.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCertChain_Remove(
+ PKIX_PL_Cert* targetCert,
+ PKIX_List* anchors,
+ void *plContext)
+{
+ PKIX_List *cachedKeys = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCertChain_Remove");
+ PKIX_NULLCHECK_TWO(targetCert, anchors);
+
+ /* use trust anchors and target cert as hash key */
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys,
+ (PKIX_PL_Object *)targetCert,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys,
+ (PKIX_PL_Object *)anchors,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK_ONLY_FATAL(PKIX_PL_HashTable_Remove
+ (cachedCertChainTable,
+ (PKIX_PL_Object *) cachedKeys,
+ plContext),
+ PKIX_HASHTABLEREMOVEFAILED);
+
+ pkix_ccRemoveCount++;
+
+cleanup:
+
+ PKIX_DECREF(cachedKeys);
+
+ PKIX_RETURN(BUILD);
+
+}
+
+/*
+ * FUNCTION: pkix_CacheCertChain_Add
+ * DESCRIPTION:
+ *
+ * Add a BuildResult to the CertChain Hash Table for a "buildResult" with
+ * "targetCert" and "anchors" as the hash keys.
+ * "validityDate" is the most restricted notAfter date of all Certs in
+ * this CertChain and is verified when this BuildChain is retrieved.
+ * The hashtable is maintained in the following ways:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ * 2) A PKIX_PL_Date created with current time offset by constant
+ * CACHE_ITEM_PERIOD_SECONDS is attached to each item in the Hash Table.
+ * When an item is retrieved, this date is compared against "testDate" for
+ * validity. If comparison indicates this item is expired, the item is
+ * removed from the bucket.
+ *
+ * PARAMETERS:
+ * "targetCert"
+ * Address of Target Cert as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "anchors"
+ * Address of PKIX_List of "anchors" is used as key to retrive CertChain.
+ * Must be non-NULL.
+ * "validityDate"
+ * Address of PKIX_PL_Date contains the most restriced notAfter time of
+ * all "certs". Must be non-NULL.
+ * Address of PKIX_Boolean indicating valid data is found.
+ * Must be non-NULL.
+ * "buildResult"
+ * Address of BuildResult to be cached. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCertChain_Add(
+ PKIX_PL_Cert* targetCert,
+ PKIX_List* anchors,
+ PKIX_PL_Date *validityDate,
+ PKIX_BuildResult *buildResult,
+ void *plContext)
+{
+ PKIX_List *cachedValues = NULL;
+ PKIX_List *cachedKeys = NULL;
+ PKIX_Error *cachedCertChainError = NULL;
+ PKIX_PL_Date *cacheValidUntilDate = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCertChain_Add");
+
+ PKIX_NULLCHECK_FOUR(targetCert, anchors, validityDate, buildResult);
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)targetCert, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)anchors, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&cachedValues, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Date_Create_CurrentOffBySeconds
+ (CACHE_ITEM_PERIOD_SECONDS,
+ &cacheValidUntilDate,
+ plContext),
+ PKIX_DATECREATECURRENTOFFBYSECONDSFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedValues,
+ (PKIX_PL_Object *)cacheValidUntilDate,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedValues, (PKIX_PL_Object *)validityDate, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedValues, (PKIX_PL_Object *)buildResult, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ cachedCertChainError = PKIX_PL_HashTable_Add
+ (cachedCertChainTable,
+ (PKIX_PL_Object *) cachedKeys,
+ (PKIX_PL_Object *) cachedValues,
+ plContext);
+
+ pkix_ccAddCount++;
+
+ if (cachedCertChainError != NULL) {
+ PKIX_DEBUG("PKIX_PL_HashTable_Add for CertChain skipped: "
+ "entry existed\n");
+ }
+
+cleanup:
+
+ PKIX_DECREF(cachedValues);
+ PKIX_DECREF(cachedKeys);
+ PKIX_DECREF(cachedCertChainError);
+ PKIX_DECREF(cacheValidUntilDate);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_CacheCert_Lookup
+ * DESCRIPTION:
+ *
+ * Look up Cert Hash Table for a cached item based on "store" and Subject in
+ * "certSelParams" as the hash keys and returns values Certs in "pCerts".
+ * If there isn't an item to match the key, a PKIX_FALSE is returned at
+ * "pFound". The item's cache time is verified with "testDate". If out-dated,
+ * this item is removed and PKIX_FALSE is returned at "pFound".
+ * This hashtable is maintained in the following ways:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ * 2) A PKIX_PL_Date created with current time offset by constant
+ * CACHE_ITEM_PERIOD_SECONDS is attached to each item in the Hash Table.
+ * If the CertStore this Cert is from is a trusted one, the cache period is
+ * shorter so cache can be updated more frequently.
+ * When an item is retrieved, this date is compared against "testDate" for
+ * validity. If comparison indicates this item is expired, the item is
+ * removed from the bucket.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "certSelParams"
+ * Address of ComCertSelParams that its subject is used as key to retrieve
+ * this CertChain. Must be non-NULL.
+ * "testDate"
+ * Address of PKIX_PL_Date for verifying time cache validity.
+ * Must be non-NULL. If testDate is NULL, this cache item won't be out
+ * dated.
+ * "pFound"
+ * Address of KPKIX_Boolean indicating valid data is found.
+ * Must be non-NULL.
+ * "pCerts"
+ * Address PKIX_List where the CertChain will be stored. Must be no-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCert_Lookup(
+ PKIX_CertStore *store,
+ PKIX_ComCertSelParams *certSelParams,
+ PKIX_PL_Date *testDate,
+ PKIX_Boolean *pFound,
+ PKIX_List** pCerts,
+ void *plContext)
+{
+ PKIX_PL_Cert *cert = NULL;
+ PKIX_List *cachedKeys = NULL;
+ PKIX_List *cachedValues = NULL;
+ PKIX_List *cachedCertList = NULL;
+ PKIX_List *selCertList = NULL;
+ PKIX_PL_X500Name *subject = NULL;
+ PKIX_PL_Date *invalidAfterDate = NULL;
+ PKIX_PL_Date *cacheValidUntilDate = NULL;
+ PKIX_CertSelector *certSel = NULL;
+ PKIX_Error *cachedCertError = NULL;
+ PKIX_Error *selectorError = NULL;
+ PKIX_CertSelector_MatchCallback selectorMatch = NULL;
+ PKIX_Int32 cmpValidTimeResult = PKIX_FALSE;
+ PKIX_Int32 cmpCacheTimeResult = 0;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCert_Lookup");
+ PKIX_NULLCHECK_TWO(store, certSelParams);
+ PKIX_NULLCHECK_TWO(pFound, pCerts);
+
+ *pFound = PKIX_FALSE;
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)store, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubject
+ (certSelParams, &subject, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJECTFAILED);
+
+ PKIX_NULLCHECK_ONE(subject);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)subject, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ cachedCertError = PKIX_PL_HashTable_Lookup
+ (cachedCertTable,
+ (PKIX_PL_Object *) cachedKeys,
+ (PKIX_PL_Object **) &cachedValues,
+ plContext);
+ pkix_cLookupCount++;
+
+ if (cachedValues != NULL && cachedCertError == NULL) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (cachedValues,
+ 0,
+ (PKIX_PL_Object **) &cacheValidUntilDate,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (testDate) {
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)testDate,
+ (PKIX_PL_Object *)cacheValidUntilDate,
+ &cmpCacheTimeResult,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+ }
+
+ if (cmpCacheTimeResult <= 0) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (cachedValues,
+ 1,
+ (PKIX_PL_Object **) &cachedCertList,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /*
+ * Certs put on cache satifies only for Subject,
+ * user selector and ComCertSelParams to filter.
+ */
+ PKIX_CHECK(PKIX_CertSelector_Create
+ (NULL, NULL, &certSel, plContext),
+ PKIX_CERTSELECTORCREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_SetCommonCertSelectorParams
+ (certSel, certSelParams, plContext),
+ PKIX_CERTSELECTORSETCOMMONCERTSELECTORPARAMSFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
+ (certSel, &selectorMatch, plContext),
+ PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&selCertList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /*
+ * If any of the Cert on the list is out-dated, invalidate
+ * this cache item.
+ */
+ PKIX_CHECK(PKIX_List_GetLength
+ (cachedCertList, &numItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numItems; i++){
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (cachedCertList,
+ i,
+ (PKIX_PL_Object **)&cert,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetValidityNotAfter
+ (cert, &invalidAfterDate, plContext),
+ PKIX_CERTGETVALIDITYNOTAFTERFAILED);
+
+ if (testDate) {
+ PKIX_CHECK(PKIX_PL_Object_Compare
+ ((PKIX_PL_Object *)invalidAfterDate,
+ (PKIX_PL_Object *)testDate,
+ &cmpValidTimeResult,
+ plContext),
+ PKIX_OBJECTCOMPARATORFAILED);
+ }
+
+ if (cmpValidTimeResult < 0) {
+
+ pkix_cRemoveCount++;
+ *pFound = PKIX_FALSE;
+
+ /* one cert is out-dated, remove item from cache */
+ PKIX_CHECK(PKIX_PL_HashTable_Remove
+ (cachedCertTable,
+ (PKIX_PL_Object *) cachedKeys,
+ plContext),
+ PKIX_HASHTABLEREMOVEFAILED);
+ goto cleanup;
+ }
+
+ selectorError = selectorMatch(certSel, cert, plContext);
+ if (!selectorError){
+ /* put on the return list */
+ PKIX_CHECK(PKIX_List_AppendItem
+ (selCertList,
+ (PKIX_PL_Object *)cert,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ } else {
+ PKIX_DECREF(selectorError);
+ }
+
+ PKIX_DECREF(cert);
+ PKIX_DECREF(invalidAfterDate);
+
+ }
+
+ if (*pFound) {
+ PKIX_INCREF(selCertList);
+ *pCerts = selCertList;
+ }
+
+ } else {
+
+ pkix_cRemoveCount++;
+ *pFound = PKIX_FALSE;
+ /* cache item is out-dated, remove it from cache */
+ PKIX_CHECK(PKIX_PL_HashTable_Remove
+ (cachedCertTable,
+ (PKIX_PL_Object *) cachedKeys,
+ plContext),
+ PKIX_HASHTABLEREMOVEFAILED);
+ }
+
+ }
+
+cleanup:
+
+ PKIX_DECREF(subject);
+ PKIX_DECREF(certSel);
+ PKIX_DECREF(cachedKeys);
+ PKIX_DECREF(cachedValues);
+ PKIX_DECREF(cacheValidUntilDate);
+ PKIX_DECREF(cert);
+ PKIX_DECREF(cachedCertList);
+ PKIX_DECREF(selCertList);
+ PKIX_DECREF(invalidAfterDate);
+ PKIX_DECREF(cachedCertError);
+ PKIX_DECREF(selectorError);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_CacheCert_Add
+ * DESCRIPTION:
+ *
+ * Add Cert Hash Table for a cached item based on "store" and Subject in
+ * "certSelParams" as the hash keys and have "certs" as the key value.
+ * This hashtable is maintained in the following ways:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ * 2) A PKIX_PL_Date created with current time offset by constant
+ * CACHE_ITEM_PERIOD_SECONDS is attached to each item in the Hash Table.
+ * If the CertStore this Cert is from is a trusted one, the cache period is
+ * shorter so cache can be updated more frequently.
+ * When an item is retrieved, this date is compared against "testDate" for
+ * validity. If comparison indicates this item is expired, the item is
+ * removed from the bucket.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "certSelParams"
+ * Address of ComCertSelParams that its subject is used as key to retrieve
+ * this CertChain. Must be non-NULL.
+ * "certs"
+ * Address PKIX_List of Certs will be stored. Must be no-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCert_Add(
+ PKIX_CertStore *store,
+ PKIX_ComCertSelParams *certSelParams,
+ PKIX_List* certs,
+ void *plContext)
+{
+ PKIX_List *cachedKeys = NULL;
+ PKIX_List *cachedValues = NULL;
+ PKIX_PL_Date *cacheValidUntilDate = NULL;
+ PKIX_PL_X500Name *subject = NULL;
+ PKIX_Error *cachedCertError = NULL;
+ PKIX_CertStore_CheckTrustCallback trustCallback = NULL;
+ PKIX_UInt32 cachePeriod = CACHE_ITEM_PERIOD_SECONDS;
+ PKIX_UInt32 numCerts = 0;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCert_Add");
+ PKIX_NULLCHECK_THREE(store, certSelParams, certs);
+
+ PKIX_CHECK(PKIX_List_GetLength(certs, &numCerts,
+ plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ if (numCerts == 0) {
+ /* Don't want to add an empty list. */
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)store, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubject
+ (certSelParams, &subject, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJECTFAILED);
+
+ PKIX_NULLCHECK_ONE(subject);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)subject, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&cachedValues, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_CertStore_GetTrustCallback
+ (store, &trustCallback, plContext),
+ PKIX_CERTSTOREGETTRUSTCALLBACKFAILED);
+
+ if (trustCallback) {
+ cachePeriod = CACHE_TRUST_ITEM_PERIOD_SECONDS;
+ }
+
+ PKIX_CHECK(PKIX_PL_Date_Create_CurrentOffBySeconds
+ (cachePeriod, &cacheValidUntilDate, plContext),
+ PKIX_DATECREATECURRENTOFFBYSECONDSFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedValues,
+ (PKIX_PL_Object *)cacheValidUntilDate,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedValues,
+ (PKIX_PL_Object *)certs,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ cachedCertError = PKIX_PL_HashTable_Add
+ (cachedCertTable,
+ (PKIX_PL_Object *) cachedKeys,
+ (PKIX_PL_Object *) cachedValues,
+ plContext);
+
+ pkix_cAddCount++;
+
+ if (cachedCertError != NULL) {
+ PKIX_DEBUG("PKIX_PL_HashTable_Add for Certs skipped: "
+ "entry existed\n");
+ }
+
+cleanup:
+
+ PKIX_DECREF(subject);
+ PKIX_DECREF(cachedKeys);
+ PKIX_DECREF(cachedValues);
+ PKIX_DECREF(cacheValidUntilDate);
+ PKIX_DECREF(cachedCertError);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_CacheCrlEntry_Lookup
+ * DESCRIPTION:
+ *
+ * Look up CrlEntry Hash Table for a cached item based on "store",
+ * "certIssuer" and "certSerialNumber" as the hash keys and returns values
+ * "pCrls". If there isn't an item to match the key, a PKIX_FALSE is
+ * returned at "pFound".
+ * This hashtable is maintained in the following way:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "certIssuer"
+ * Address of X500Name that is used as key to retrieve the CRLEntries.
+ * Must be non-NULL.
+ * "certSerialNumber"
+ * Address of BigInt that is used as key to retrieve the CRLEntries.
+ * Must be non-NULL.
+ * "pFound"
+ * Address of KPKIX_Boolean indicating valid data is found.
+ * Must be non-NULL.
+ * "pCrls"
+ * Address PKIX_List where the CRLEntry will be stored. Must be no-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCrlEntry_Lookup(
+ PKIX_CertStore *store,
+ PKIX_PL_X500Name *certIssuer,
+ PKIX_PL_BigInt *certSerialNumber,
+ PKIX_Boolean *pFound,
+ PKIX_List** pCrls,
+ void *plContext)
+{
+ PKIX_List *cachedKeys = NULL;
+ PKIX_List *cachedCrlEntryList = NULL;
+ PKIX_Error *cachedCrlEntryError = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCrlEntry_Lookup");
+ PKIX_NULLCHECK_THREE(store, certIssuer, certSerialNumber);
+ PKIX_NULLCHECK_TWO(pFound, pCrls);
+
+ *pFound = PKIX_FALSE;
+
+ /* Find CrlEntry(s) by issuer and serial number */
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)store, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)certIssuer, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys,
+ (PKIX_PL_Object *)certSerialNumber,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ cachedCrlEntryError = PKIX_PL_HashTable_Lookup
+ (cachedCrlEntryTable,
+ (PKIX_PL_Object *) cachedKeys,
+ (PKIX_PL_Object **) &cachedCrlEntryList,
+ plContext);
+ pkix_ceLookupCount++;
+
+ /*
+ * We don't need check Date to invalidate this cache item,
+ * the item is uniquely defined and won't be reverted. Let
+ * the FIFO for cleaning up.
+ */
+
+ if (cachedCrlEntryList != NULL && cachedCrlEntryError == NULL ) {
+
+ PKIX_INCREF(cachedCrlEntryList);
+ *pCrls = cachedCrlEntryList;
+
+ *pFound = PKIX_TRUE;
+
+ } else {
+
+ *pFound = PKIX_FALSE;
+ }
+
+cleanup:
+
+ PKIX_DECREF(cachedKeys);
+ PKIX_DECREF(cachedCrlEntryList);
+ PKIX_DECREF(cachedCrlEntryError);
+
+ PKIX_RETURN(BUILD);
+}
+
+/*
+ * FUNCTION: pkix_CacheCrlEntry_Add
+ * DESCRIPTION:
+ *
+ * Look up CrlEntry Hash Table for a cached item based on "store",
+ * "certIssuer" and "certSerialNumber" as the hash keys and have "pCrls" as
+ * the hash value. If there isn't an item to match the key, a PKIX_FALSE is
+ * returned at "pFound".
+ * This hashtable is maintained in the following way:
+ * 1) When creating the hashtable, maximum bucket size can be specified (0 for
+ * unlimited). If items in a bucket reaches its full size, an new addition
+ * will trigger the removal of the old as FIFO sequence.
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of CertStore as key to retrieve this CertChain. Must be
+ * non-NULL.
+ * "certIssuer"
+ * Address of X500Name that is used as key to retrieve the CRLEntries.
+ * Must be non-NULL.
+ * "certSerialNumber"
+ * Address of BigInt that is used as key to retrieve the CRLEntries.
+ * Must be non-NULL.
+ * "crls"
+ * Address PKIX_List where the CRLEntry is stored. Must be no-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Error Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_CacheCrlEntry_Add(
+ PKIX_CertStore *store,
+ PKIX_PL_X500Name *certIssuer,
+ PKIX_PL_BigInt *certSerialNumber,
+ PKIX_List* crls,
+ void *plContext)
+{
+ PKIX_List *cachedKeys = NULL;
+ PKIX_Error *cachedCrlEntryError = NULL;
+
+ PKIX_ENTER(BUILD, "pkix_CacheCrlEntry_Add");
+ PKIX_NULLCHECK_THREE(store, certIssuer, certSerialNumber);
+ PKIX_NULLCHECK_ONE(crls);
+
+ /* Add CrlEntry(s) by issuer and serial number */
+
+ PKIX_CHECK(PKIX_List_Create(&cachedKeys, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)store, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys, (PKIX_PL_Object *)certIssuer, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (cachedKeys,
+ (PKIX_PL_Object *)certSerialNumber,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ cachedCrlEntryError = PKIX_PL_HashTable_Add
+ (cachedCrlEntryTable,
+ (PKIX_PL_Object *) cachedKeys,
+ (PKIX_PL_Object *) crls,
+ plContext);
+ pkix_ceAddCount++;
+
+cleanup:
+
+ PKIX_DECREF(cachedKeys);
+ PKIX_DECREF(cachedCrlEntryError);
+
+ PKIX_RETURN(BUILD);
+}
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+
+/* TEST_START_FN and testStartFnStackPosition define at what state
+ * of the stack the object leak testing should begin. The condition
+ * in pkix_CheckForGeneratedError works the following way: do leak
+ * testing if at position testStartFnStackPosition in stack array
+ * (fnStackNameArr) we have called function TEST_START_FN.
+ * Note, that stack array get filled only when executing libpkix
+ * functions.
+ * */
+#define TEST_START_FN "PKIX_BuildChain"
+
+PKIX_Error*
+pkix_CheckForGeneratedError(PKIX_StdVars * stdVars,
+ PKIX_ERRORCLASS errClass,
+ char * fnName,
+ PKIX_Boolean *errSetFlag,
+ void * plContext)
+{
+ PKIX_Error *genErr = NULL;
+ PKIX_UInt32 pos = 0;
+ PKIX_UInt32 strLen = 0;
+
+ if (fnName) {
+ if (fnStackNameArr[testStartFnStackPosition] == NULL ||
+ strcmp(fnStackNameArr[testStartFnStackPosition], TEST_START_FN)
+ ) {
+ /* return with out error if not with in boundary */
+ return NULL;
+ }
+ if (!strcmp(fnName, TEST_START_FN)) {
+ *errSetFlag = PKIX_TRUE;
+ noErrorState = PKIX_FALSE;
+ errorGenerated = PKIX_FALSE;
+ }
+ }
+
+ if (noErrorState || errorGenerated) return NULL;
+
+ if (fnName && (
+ !strcmp(fnName, "PKIX_PL_Object_DecRef") ||
+ !strcmp(fnName, "PKIX_PL_Object_Unlock") ||
+ !strcmp(fnName, "pkix_UnlockObject") ||
+ !strcmp(fnName, "pkix_Throw") ||
+ !strcmp(fnName, "pkix_trace_dump_cert") ||
+ !strcmp(fnName, "PKIX_PL_Free"))) {
+ /* do not generate error for this functions */
+ noErrorState = PKIX_TRUE;
+ *errSetFlag = PKIX_TRUE;
+ return NULL;
+ }
+
+ if (PL_HashTableLookup(fnInvTable, &fnStackInvCountArr[stackPosition - 1])) {
+ return NULL;
+ }
+
+ PL_HashTableAdd(fnInvTable, &fnStackInvCountArr[stackPosition - 1], nonNullValue);
+ errorGenerated = PKIX_TRUE;
+ noErrorState = PKIX_TRUE;
+ genErr = PKIX_DoThrow(stdVars, errClass, PKIX_MEMLEAKGENERATEDERROR,
+ errClass, plContext);
+ while(fnStackNameArr[pos]) {
+ strLen += PORT_Strlen(fnStackNameArr[pos++]) + 1;
+ }
+ strLen += 1; /* end of line. */
+ pos = 0;
+ errorFnStackString = PORT_ZAlloc(strLen);
+ while(fnStackNameArr[pos]) {
+ strcat(errorFnStackString, "/");
+ strcat(errorFnStackString, fnStackNameArr[pos++]);
+ }
+ noErrorState = PKIX_FALSE;
+
+ return genErr;
+}
+#endif /* PKIX_OBJECT_LEAK_TEST */
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_tools.h b/security/nss/lib/libpkix/pkix/util/pkix_tools.h
new file mode 100755
index 000000000..5a8ef2741
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/pkix_tools.h
@@ -0,0 +1,1588 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_tools.h
+ *
+ * Header for Utility Functions and Macros
+ *
+ */
+
+#ifndef _PKIX_TOOLS_H
+#define _PKIX_TOOLS_H
+
+#include "pkix.h"
+#include <stddef.h>
+#include <stdio.h>
+#include "secport.h"
+#include "prlong.h"
+
+/* private PKIX system headers */
+#include "pkix_basicconstraintschecker.h"
+#include "pkix_buildresult.h"
+#include "pkix_certchainchecker.h"
+#include "pkix_certselector.h"
+#include "pkix_comcertselparams.h"
+#include "pkix_comcrlselparams.h"
+#include "pkix_crlselector.h"
+#include "pkix_error.h"
+#include "pkix_expirationchecker.h"
+#include "pkix_list.h"
+#include "pkix_logger.h"
+#include "pkix_namechainingchecker.h"
+#include "pkix_nameconstraintschecker.h"
+#include "pkix_policychecker.h"
+#include "pkix_policynode.h"
+#include "pkix_procparams.h"
+#include "pkix_resourcelimits.h"
+#include "pkix_revocationmethod.h"
+#include "pkix_revocationchecker.h"
+#include "pkix_crlchecker.h"
+#include "pkix_ocspchecker.h"
+#include "pkix_signaturechecker.h"
+#include "pkix_store.h"
+#include "pkix_targetcertchecker.h"
+#include "pkix_validate.h"
+#include "pkix_valresult.h"
+#include "pkix_verifynode.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkixStdVarsStr {
+ const char *aMyFuncName;
+ PKIX_Error *aPkixErrorResult;
+ PKIX_Error *aPkixTempResult;
+ PKIX_Error *aPkixReturnResult;
+ PKIX_ERRORCODE aPkixErrorCode;
+ PKIX_Boolean aPkixErrorReceived;
+ PKIX_Boolean aPkixTempErrorReceived;
+ PKIX_ERRORCLASS aPkixErrorClass;
+ PKIX_UInt32 aPkixType;
+ PKIX_PL_Object *aLockedObject;
+ PKIX_List *aPkixErrorList;
+} PKIX_StdVars;
+
+#ifdef PKIX_STDVARS_POINTER
+#define myFuncName stdVars->aMyFuncName
+#define pkixErrorResult stdVars->aPkixErrorResult
+#define pkixTempResult stdVars->aPkixTempResult
+#define pkixReturnResult stdVars->aPkixReturnResult
+#define pkixErrorCode stdVars->aPkixErrorCode
+#define pkixErrorReceived stdVars->aPkixErrorReceived
+#define pkixTempErrorReceived stdVars->aPkixTempErrorReceived
+#define pkixErrorClass stdVars->aPkixErrorClass
+#define pkixType stdVars->aPkixType
+#define lockedObject stdVars->aLockedObject
+#define pkixErrorList stdVars->aPkixErrorList
+#define stdVarsPtr stdVars
+#else
+#define myFuncName stdVars.aMyFuncName
+#define pkixErrorResult stdVars.aPkixErrorResult
+#define pkixTempResult stdVars.aPkixTempResult
+#define pkixReturnResult stdVars.aPkixReturnResult
+#define pkixErrorCode stdVars.aPkixErrorCode
+#define pkixErrorReceived stdVars.aPkixErrorReceived
+#define pkixTempErrorReceived stdVars.aPkixTempErrorReceived
+#define pkixErrorClass stdVars.aPkixErrorClass
+#define pkixType stdVars.aPkixType
+#define lockedObject stdVars.aLockedObject
+#define pkixErrorList stdVars.aPkixErrorList
+#define stdVarsPtr &stdVars
+#endif
+
+extern PKIX_Error * PKIX_DoReturn(PKIX_StdVars * stdVars,
+ PKIX_ERRORCLASS errClass,
+ PKIX_Boolean doLogger,
+ void * plContext);
+
+extern PKIX_Error * PKIX_DoThrow(PKIX_StdVars * stdVars,
+ PKIX_ERRORCLASS errClass,
+ PKIX_ERRORCODE errCode,
+ PKIX_ERRORCLASS overrideClass,
+ void * plContext);
+
+extern void PKIX_DoAddError(PKIX_StdVars * stdVars,
+ PKIX_Error * error,
+ void * plContext);
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+extern PKIX_Error * pkix_CheckForGeneratedError(PKIX_StdVars * stdVars,
+ PKIX_ERRORCLASS errClass,
+ char * fnName,
+ PKIX_Boolean *errorStateSet,
+ void * plContext);
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+extern const PKIX_StdVars zeroStdVars;
+
+extern PRLogModuleInfo *pkixLog;
+
+/*
+ * UTILITY MACROS
+ * Documentation for these common utility macros can be found in the
+ * Implementation Guidelines document (Section 4.3)
+ *
+ * In general, macros with multiple statements (or a single "if" statement)
+ * use the "do {<body>} while (0)" technique in order to convert the multiple
+ * statements into one statement, thus avoiding the dangling else problem.
+ * For macros which ALWAYS exit with a "return" or "goto", there is no
+ * need to use this technique (and it yields compiler warnings of "statement
+ * not reached"), so we just use "{<body>}" to group the statements together.
+ */
+
+#if !defined (PKIX_OBJECT_LEAK_TEST)
+
+#define PKIX_STD_VARS(funcName) \
+ static const char cMyFuncName[] = {funcName}; \
+ PKIX_StdVars stdVars = zeroStdVars; \
+ myFuncName = cMyFuncName
+
+
+#else /* PKIX_OBJECT_LEAK_TEST */
+
+extern char **fnStackNameArr;
+extern PKIX_UInt32 *fnStackInvCountArr;
+extern PKIX_UInt32 stackPosition;
+extern PKIX_Boolean noErrorState;
+extern PKIX_Boolean errorGenerated;
+extern PKIX_Boolean runningLeakTest;
+extern PLHashTable *fnInvTable;
+extern PKIX_UInt32 testStartFnStackPosition;
+extern char *errorFnStackString;
+
+extern PLHashNumber PR_CALLBACK pkix_ErrorGen_Hash (const void *key);
+
+#define PKIX_STD_VARS(funcName) \
+ static const char cMyFuncName[] = {funcName}; \
+ PKIX_StdVars stdVars = zeroStdVars; \
+ PKIX_Boolean errorSetFlag = PKIX_FALSE; \
+ myFuncName = cMyFuncName; \
+ if (runningLeakTest) { \
+ if (fnStackNameArr) { \
+ fnStackInvCountArr[stackPosition] += 1; \
+ stackPosition += 1; \
+ fnStackInvCountArr[stackPosition] = 0; \
+ fnStackNameArr[stackPosition] = (char*)myFuncName; \
+ fnStackNameArr[stackPosition + 1] = NULL; \
+ PR_LOG(pkixLog, 5, \
+ ("%s%*s+> %s(%d) - %s\n", (errorGenerated ? "*" : " "), \
+ stackPosition, " ", fnStackNameArr[stackPosition], \
+ stackPosition, myFuncName)); \
+ } \
+ do { \
+ pkixErrorResult = pkix_CheckForGeneratedError(&stdVars, PKIX_MEM_ERROR, \
+ funcName, &errorSetFlag, \
+ plContext); \
+ if (pkixErrorResult) { \
+ PR_LOG(pkixLog, 5, \
+ ("%s%*s<- %s(%d) - %s\n", (errorGenerated ? "*" : " "), \
+ stackPosition, " ", fnStackNameArr[stackPosition], \
+ stackPosition, myFuncName)); \
+ fnStackNameArr[stackPosition--] = NULL; \
+ if (errorSetFlag) { \
+ noErrorState = (noErrorState) ? PKIX_FALSE : PKIX_TRUE; \
+ } \
+ return pkixErrorResult; \
+ } \
+ } while (0); \
+ }
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+#ifdef DEBUG
+#define _PKIX_DEBUG_TRACE(cond, prefix, level) \
+ do { \
+ if (cond) { \
+ pkix_Logger_Check(pkixLoggersDebugTrace, myFuncName, \
+ prefix, pkixType, level, plContext); \
+ } \
+ } while (0)
+#else
+#define _PKIX_DEBUG_TRACE(cond, prefix, level)
+#endif
+
+#define _PKIX_LOG_ERROR(code, level) \
+ { \
+ if (pkixLoggersErrors) { \
+ pkix_Logger_CheckWithCode(pkixLoggersErrors, code, \
+ NULL, pkixType, level, plContext); \
+ } \
+ }
+
+#define PKIX_ENTER(type, funcName) \
+ PKIX_STD_VARS(funcName); \
+ pkixType = PKIX_ ## type ## _ERROR; \
+ PKIX_DEBUG_ENTER(type); \
+ _PKIX_DEBUG_TRACE(pkixLoggersDebugTrace, ">>>", PKIX_LOGGER_LEVEL_TRACE);
+
+#define PKIX_ENTER_NO_LOGGER(type, funcName) \
+ PKIX_STD_VARS(funcName); \
+ pkixType = PKIX_ ## type ## _ERROR; \
+ PKIX_DEBUG_ENTER(type);
+
+#define PKIX_DEBUG_ENTER(type) \
+ PKIX_ ## type ## _DEBUG_ARG("( Entering %s).\n", myFuncName)
+
+#define PKIX_DEBUG_EXIT(type) \
+ PKIX_ ## type ## _DEBUG_ARG("( Exiting %s).\n", myFuncName)
+
+#define PKIX_OBJECT_UNLOCK(obj) \
+ do { \
+ if (obj && lockedObject == (PKIX_PL_Object *)(obj)){ \
+ pkixTempResult = \
+ PKIX_PL_Object_Unlock \
+ ((PKIX_PL_Object *)(obj), plContext); \
+ if (pkixTempResult) { \
+ PKIX_DoAddError(stdVarsPtr, pkixTempResult, plContext); \
+ pkixTempResult = NULL; \
+ } \
+ lockedObject = NULL; \
+ } else { \
+ PORT_Assert(lockedObject == NULL); \
+ } \
+ } while (0)
+
+#define PKIX_DECREF(obj) \
+ do { \
+ if (obj){ \
+ pkixTempResult = PKIX_PL_Object_DecRef \
+ ((PKIX_PL_Object *)(obj), plContext); \
+ if (pkixTempResult) { \
+ PKIX_DoAddError(stdVarsPtr, pkixTempResult, plContext); \
+ pkixTempResult = NULL; \
+ } \
+ obj = NULL; \
+ } \
+ } while (0)
+
+#define PKIX_THROW(type, descNum) \
+ return PKIX_DoThrow(&stdVars, (PKIX_ ## type ## _ERROR), descNum, \
+ pkixErrorClass, plContext);
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+#define PKIX_RETURN(type) \
+ if (runningLeakTest && fnStackNameArr) { \
+ PR_LOG(pkixLog, 5, \
+ ("%s%*s<- %s(%d) - %s\n", (errorGenerated ? "*" : " "), \
+ stackPosition, " ", fnStackNameArr[stackPosition], \
+ stackPosition, myFuncName)); \
+ fnStackNameArr[stackPosition--] = NULL; \
+ if (errorSetFlag) noErrorState = (noErrorState) ? PKIX_FALSE : PKIX_TRUE; \
+ } \
+ return PKIX_DoReturn(&stdVars, (PKIX_ ## type ## _ERROR), PKIX_TRUE, plContext);
+#else
+#define PKIX_RETURN(type) \
+ return PKIX_DoReturn(&stdVars, (PKIX_ ## type ## _ERROR), PKIX_TRUE, plContext);
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+
+#if defined(DEBUG) && !defined(DEBUG_nb95248)
+#define PKIX_RETURN_NO_LOGGER(type) \
+ { \
+ PKIX_OBJECT_UNLOCK(lockedObject); \
+ if ((pkixErrorReceived) || (pkixErrorResult) || pkixErrorList) \
+ PKIX_THROW(type, pkixErrorCode); \
+ PKIX_DEBUG_EXIT(type); \
+ return NULL; \
+ }
+#else
+#define PKIX_RETURN_NO_LOGGER(type) \
+ return PKIX_DoReturn(&stdVars, (PKIX_ ## type ## _ERROR), PKIX_FALSE, plContext);
+#endif
+
+/* disable to disable ;-) */
+/* #define WANT_TRACE_CHECK_FAILURES */
+
+#ifdef WANT_TRACE_CHECK_FAILURES
+#define TRACE_CHECK_FAILURE(what, errorstring) \
+ if (pkixLog) { \
+ PR_LOG(pkixLog, PR_LOG_DEBUG, \
+ ("====> [%s] failed: %s\n", #what, errorstring)); \
+ }
+#else
+#define TRACE_CHECK_FAILURE(what, errorstring)
+#endif
+
+#define PKIX_CHECK(func, descNum) \
+ do { \
+ pkixErrorResult = (func); \
+ if (pkixErrorResult) { \
+ TRACE_CHECK_FAILURE((func), PKIX_ErrorText[descNum]) \
+ pkixErrorClass = pkixErrorResult->errClass; \
+ pkixErrorCode = descNum; \
+ goto cleanup; \
+ } \
+ } while (0)
+
+/* like PKIX_CHECK but without goto cleanup */
+#define PKIX_CHECK_NO_GOTO(func, descNum) \
+ do { \
+ pkixErrorResult = (func); \
+ if (pkixErrorResult) { \
+ TRACE_CHECK_FAILURE((func), PKIX_ErrorText[descNum]) \
+ pkixErrorClass = pkixErrorResult->errClass; \
+ pkixErrorCode = descNum; \
+ } \
+ } while (0)
+
+#define PKIX_CHECK_ONLY_FATAL(func, descNum) \
+ do { \
+ pkixTempErrorReceived = PKIX_FALSE; \
+ pkixErrorResult = (func); \
+ if (pkixErrorResult) { \
+ TRACE_CHECK_FAILURE((func), PKIX_ErrorText[descNum]) \
+ pkixTempErrorReceived = PKIX_TRUE; \
+ pkixErrorClass = pkixErrorResult->errClass; \
+ if (pkixErrorClass == PKIX_FATAL_ERROR) { \
+ goto cleanup; \
+ } \
+ PKIX_DECREF(pkixErrorResult); \
+ } \
+ } while (0)
+
+#define PKIX_LOG_ERROR(descNum) \
+ _PKIX_LOG_ERROR(descNum, PKIX_LOGGER_LEVEL_ERROR)
+
+#define PKIX_ERROR(descNum) \
+ { \
+ PKIX_LOG_ERROR(descNum) \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = descNum; \
+ goto cleanup; \
+ }
+
+#define PKIX_ERROR_ALLOC_ERROR() \
+ { \
+ PKIX_LOG_ERROR(PKIX_ALLOCERROR) \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorResult = PKIX_ALLOC_ERROR(); \
+ goto cleanup; \
+ }
+
+#define PKIX_ERROR_FATAL(descNum) \
+ { \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = descNum; \
+ pkixErrorClass = PKIX_FATAL_ERROR; \
+ _PKIX_LOG_ERROR(pkixErrorCode, PKIX_LOGGER_LEVEL_FATALERROR); \
+ goto cleanup; \
+ }
+
+#define PKIX_CHECK_FATAL(func, descNum) \
+ do { \
+ pkixErrorResult = (func); \
+ if (pkixErrorResult) { \
+ TRACE_CHECK_FAILURE((func), PKIX_ErrorText[descNum]) \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = descNum; \
+ pkixErrorClass = PKIX_FATAL_ERROR; \
+ _PKIX_LOG_ERROR(pkixErrorCode, PKIX_LOGGER_LEVEL_FATALERROR); \
+ goto fatal; \
+ } \
+ } while (0)
+
+#define PKIX_NULLCHECK_ONE(a) \
+ do { \
+ if ((a) == NULL){ \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = PKIX_NULLARGUMENT; \
+ PKIX_RETURN(FATAL); \
+ } \
+ } while (0)
+
+#define PKIX_NULLCHECK_TWO(a, b) \
+ do { \
+ if (((a) == NULL) || ((b) == NULL)){ \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = PKIX_NULLARGUMENT; \
+ PKIX_RETURN(FATAL); \
+ } \
+ } while (0)
+
+#define PKIX_NULLCHECK_THREE(a, b, c) \
+ do { \
+ if (((a) == NULL) || ((b) == NULL) || ((c) == NULL)){ \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = PKIX_NULLARGUMENT; \
+ PKIX_RETURN(FATAL); \
+ } \
+ } while (0)
+
+#define PKIX_NULLCHECK_FOUR(a, b, c, d) \
+ do { \
+ if (((a) == NULL) || ((b) == NULL) || \
+ ((c) == NULL) || ((d) == NULL)){ \
+ pkixErrorReceived = PKIX_TRUE; \
+ pkixErrorCode = PKIX_NULLARGUMENT; \
+ PKIX_RETURN(FATAL); \
+ } \
+ } while (0)
+
+#define PKIX_OBJECT_LOCK(obj) \
+ do { \
+ if (obj) { \
+ pkixTempResult = \
+ PKIX_PL_Object_Lock((PKIX_PL_Object*)(obj), plContext); \
+ if (pkixTempResult) { \
+ PKIX_DoAddError(stdVarsPtr, pkixTempResult, plContext); \
+ pkixTempResult = NULL; \
+ pkixErrorCode = PKIX_OBJECTLOCKFAILED; \
+ goto cleanup; \
+ } \
+ lockedObject = (PKIX_PL_Object *)(obj); \
+ } \
+ } while (0)
+
+#define PKIX_ERROR_CREATE(type, descNum, error) \
+ { \
+ pkixTempResult = (PKIX_Error*)pkix_Throw \
+ (PKIX_ ## type ## _ERROR, myFuncName, \
+ descNum, PKIX_ ## type ## _ERROR, pkixErrorResult, \
+ &error, plContext); \
+ if (pkixTempResult) { \
+ error = pkixTempResult; \
+ pkixTempResult = NULL; \
+ } \
+ }
+
+
+#define PKIX_ERROR_RECEIVED \
+ (pkixErrorReceived || pkixErrorResult || pkixTempErrorReceived || \
+ pkixErrorList)
+
+#define PKIX_INCREF(obj) \
+ do { \
+ if (obj){ \
+ pkixTempResult = PKIX_PL_Object_IncRef \
+ ((PKIX_PL_Object *)(obj), plContext); \
+ if (pkixTempResult) { \
+ PKIX_DoAddError(&stdVars, pkixTempResult, plContext); \
+ pkixTempResult = NULL; \
+ goto cleanup; \
+ } \
+ } \
+ } while (0)
+
+#define PKIX_FREE(obj) \
+ do { \
+ if (obj) { \
+ pkixTempResult = PKIX_PL_Free((obj), plContext); \
+ if (pkixTempResult) { \
+ PKIX_DoAddError(&stdVars, pkixTempResult, plContext); \
+ pkixTempResult = NULL; \
+ } \
+ obj = NULL; \
+ } \
+ } while (0)
+
+#define PKIX_EXACTLY_ONE_NULL(a, b) (((a) && !(b)) || ((b) && !(a)))
+
+/* DIGIT MACROS */
+
+#define PKIX_ISDIGIT(c) (((c) >= '0') && ((c) <= '9'))
+
+#define PKIX_ISXDIGIT(c) \
+ (PKIX_ISDIGIT(c) || ( (((c)|0x20) >= 'a') && (((c)|0x20) <= 'f') ))
+
+#define PKIX_TOSTRING(a, b, c, d) \
+ do { \
+ int descNum; \
+ if ((a) != NULL) { \
+ pkixErrorResult = \
+ PKIX_PL_Object_ToString((PKIX_PL_Object *)(a), (b), (c)); \
+ descNum = (d); \
+ } else { \
+ pkixErrorResult = \
+ PKIX_PL_String_Create(PKIX_ESCASCII, "(null)", 0, (b), (c)); \
+ descNum = PKIX_STRINGCREATEFAILED; \
+ } \
+ PKIX_CHECK(pkixErrorResult, descNum); \
+ } while (0)
+
+#define PKIX_EQUALS(a, b, c, d, e) \
+ do { \
+ if ((a) != NULL && (b) != NULL) { \
+ PKIX_CHECK(PKIX_PL_Object_Equals\
+ ((PKIX_PL_Object *)(a), \
+ (PKIX_PL_Object*)(b), \
+ (c), \
+ (d)), \
+ (e)); \
+ } else if ((a) == NULL && (b) == NULL) { \
+ *(c) = PKIX_TRUE; \
+ } else { \
+ *(c) = PKIX_FALSE; \
+ } \
+ } while (0)
+
+#define PKIX_HASHCODE(a, b, c, d) \
+ do { \
+ if ((a) != NULL) { \
+ PKIX_CHECK(PKIX_PL_Object_Hashcode\
+ ((PKIX_PL_Object *)(a), (b), (c)), (d)); \
+ } else { \
+ *(b) = 0; \
+ } \
+ } while (0)
+
+#define PKIX_DUPLICATE(a, b, c, d) \
+ do { \
+ if ((a) != NULL) { \
+ PKIX_CHECK(PKIX_PL_Object_Duplicate\
+ ((PKIX_PL_Object *)(a), \
+ (PKIX_PL_Object **)(b), \
+ (c)), \
+ (d)); \
+ } else { \
+ *(b) = (a); \
+ } \
+ } while (0)
+
+/*
+ * DEBUG MACROS
+ *
+ * Each type has an associated debug flag, which can
+ * be set on the compiler line using "-D<debugflag>". For convenience,
+ * "-DPKIX_DEBUGALL" turns on debug for all the components.
+ *
+ * If a type's debug flag is defined, then its two associated macros
+ * are defined: PKIX_type_DEBUG(expr) and PKIX_type_DEBUG_ARG(expr, arg),
+ * which call PKIX_DEBUG(expr) and PKIX_DEBUG_ARG(expr, arg) respectively,
+ * which, in turn, enable standard and consistently formatted output.
+ *
+ * If a type's debug flag is not defined, the two associated macros
+ * are defined as a NO-OP. As such, any PKIX_type_DEBUG or PKIX_type_DEBUG_ARG
+ * macros for an undefined type will be stripped from the code during
+ * pre-processing, thereby reducing code size.
+ */
+
+#ifdef PKIX_DEBUGALL
+#define PKIX_REFCOUNTDEBUG 1
+#define PKIX_MEMDEBUG 1
+#define PKIX_MUTEXDEBUG 1
+#define PKIX_OBJECTDEBUG 1
+#define PKIX_STRINGDEBUG 1
+#define PKIX_OIDDEBUG 1
+#define PKIX_LISTDEBUG 1
+#define PKIX_ERRORDEBUG 1
+#define PKIX_BYTEARRAYDEBUG 1
+#define PKIX_RWLOCKDEBUG 1
+#define PKIX_BIGINTDEBUG 1
+#define PKIX_HASHTABLEDEBUG 1
+#define PKIX_X500NAMEDEBUG 1
+#define PKIX_GENERALNAMEDEBUG 1
+#define PKIX_PUBLICKEYDEBUG 1
+#define PKIX_CERTDEBUG 1
+#define PKIX_HTTPCLIENTDEBUG 1
+#define PKIX_DATEDEBUG 1
+#define PKIX_TRUSTANCHORDEBUG 1
+#define PKIX_PROCESSINGPARAMSDEBUG 1
+#define PKIX_VALIDATEPARAMSDEBUG 1
+#define PKIX_VALIDATERESULTDEBUG 1
+#define PKIX_VALIDATEDEBUG 1
+#define PKIX_CERTCHAINCHECKERDEBUG 1
+#define PKIX_REVOCATIONCHECKERDEBUG 1
+#define PKIX_CERTSELECTORDEBUG 1
+#define PKIX_COMCERTSELPARAMSDEBUG 1
+#define PKIX_TARGETCERTCHECKERSTATEDEBUG 1
+#define PKIX_INITIALIZEPARAMSDEBUG 1
+#define PKIX_CERTBASICCONSTRAINTSDEBUG 1
+#define PKIX_CERTNAMECONSTRAINTSDEBUG 1
+#define PKIX_CERTNAMECONSTRAINTSCHECKERSTATEDEBUG 1
+#define PKIX_SUBJALTNAMECHECKERSTATEDEBUG 1
+
+#define PKIX_CERTPOLICYQUALIFIERDEBUG 1
+#define PKIX_CERTPOLICYINFODEBUG 1
+#define PKIX_CERTPOLICYNODEDEBUG 1
+#define PKIX_CERTPOLICYCHECKERSTATEDEBUG 1
+#define PKIX_LIFECYCLEDEBUG 1
+#define PKIX_BASICCONSTRAINTSCHECKERSTATEDEBUG 1
+#define PKIX_CRLDEBUG 1
+#define PKIX_CRLENTRYDEBUG 1
+#define PKIX_CRLSELECTORDEBUG 1
+#define PKIX_COMCRLSELPARAMSDEBUG 1
+#define PKIX_CERTSTOREDEBUG 1
+#define PKIX_COLLECTIONCERTSTORECONTEXTDEBUG 1
+#define PKIX_DEFAULTCRLCHECKERSTATEDEBUG 1
+#define PKIX_CERTPOLICYMAPDEBUG 1
+#define PKIX_BUILDDEBUG 1
+#define PKIX_BUILDRESULTDEBUG 1
+#define PKIX_FORWARDBUILDERSTATEDEBUG 1
+#define PKIX_SIGNATURECHECKERSTATEDEBUG 1
+#define PKIX_USERDEFINEDMODULESDEBUG 1
+#define PKIX_CONTEXTDEBUG 1
+#define PKIX_DEFAULTREVOCATIONCHECKERDEBUG 1
+#define PKIX_LDAPREQUESTDEBUG 1
+#define PKIX_LDAPRESPONSEDEBUG 1
+#define PKIX_LDAPCLIENTDEBUG 1
+#define PKIX_LDAPDEFAULTCLIENTDEBUG 1
+#define PKIX_SOCKETDEBUG 1
+#define PKIX_RESOURCELIMITSDEBUG 1
+#define PKIX_LOGGERDEBUG 1
+#define PKIX_MONITORLOCKDEBUG 1
+#define PKIX_INFOACCESSDEBUG 1
+#define PKIX_AIAMGRDEBUG 1
+#define PKIX_OCSPCHECKERDEBUG 1
+#define PKIX_OCSPREQUESTDEBUG 1
+#define PKIX_OCSPRESPONSEDEBUG 1
+#define PKIX_HTTPDEFAULTCLIENTDEBUG 1
+#define PKIX_HTTPCERTSTORECONTEXTDEBUG 1
+#define PKIX_VERIFYNODEDEBUG 1
+#endif
+
+/*
+ * XXX Both PKIX_DEBUG and PKIX_DEBUG_ARG currently use printf.
+ * This needs to be replaced with Loggers.
+ */
+
+#ifdef DEBUG
+#define PKIX_DEBUG(expr) \
+ do { \
+ _PKIX_DEBUG_TRACE(pkixLoggersErrors, expr, PKIX_LOGGER_LEVEL_DEBUG); \
+ (void) fprintf(stderr, "(%s: ", myFuncName); \
+ (void) fprintf(stderr, expr); \
+ } while (0)
+#else
+#define PKIX_DEBUG(expr)
+#endif
+
+/* Logging doesn't support DEBUG with ARG: cannot convert control and arg */
+#define PKIX_DEBUG_ARG(expr, arg) \
+ do { \
+ (void) printf("(%s: ", myFuncName); \
+ (void) printf(expr, arg); \
+ } while (0)
+
+#if PKIX_FATALDEBUG
+#define PKIX_FATAL_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_FATAL_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_FATAL_DEBUG(expr)
+#define PKIX_FATAL_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_REFCOUNTDEBUG
+#define PKIX_REF_COUNT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_REF_COUNT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_REF_COUNT_DEBUG(expr)
+#define PKIX_REF_COUNT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_MEMDEBUG
+#define PKIX_MEM_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_MEM_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_MEM_DEBUG(expr)
+#define PKIX_MEM_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_MUTEXDEBUG
+#define PKIX_MUTEX_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_MUTEX_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_MUTEX_DEBUG(expr)
+#define PKIX_MUTEX_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_OBJECTDEBUG
+#define PKIX_OBJECT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_OBJECT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_OBJECT_DEBUG(expr)
+#define PKIX_OBJECT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_ERRORDEBUG
+#define PKIX_ERROR_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_ERROR_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_ERROR_DEBUG(expr)
+#define PKIX_ERROR_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_STRINGDEBUG
+#define PKIX_STRING_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_STRING_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_STRING_DEBUG(expr)
+#define PKIX_STRING_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_OIDDEBUG
+#define PKIX_OID_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_OID_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_OID_DEBUG(expr)
+#define PKIX_OID_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LISTDEBUG
+#define PKIX_LIST_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LIST_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LIST_DEBUG(expr)
+#define PKIX_LIST_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_RWLOCKDEBUG
+#define PKIX_RWLOCK_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_RWLOCK_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_RWLOCK_DEBUG(expr)
+#define PKIX_RWLOCK_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_BYTEARRAYDEBUG
+#define PKIX_BYTEARRAY_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_BYTEARRAY_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_BYTEARRAY_DEBUG(expr)
+#define PKIX_BYTEARRAY_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_HASHTABLEDEBUG
+#define PKIX_HASHTABLE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_HASHTABLE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_HASHTABLE_DEBUG(expr)
+#define PKIX_HASHTABLE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_X500NAMEDEBUG
+#define PKIX_X500NAME_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_X500NAME_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_X500NAME_DEBUG(expr)
+#define PKIX_X500NAME_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_GENERALNAMEDEBUG
+#define PKIX_GENERALNAME_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_GENERALNAME_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_GENERALNAME_DEBUG(expr)
+#define PKIX_GENERALNAME_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_PUBLICKEYDEBUG
+#define PKIX_PUBLICKEY_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_PUBLICKEY_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_PUBLICKEY_DEBUG(expr)
+#define PKIX_PUBLICKEY_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTDEBUG
+#define PKIX_CERT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERT_DEBUG(expr)
+#define PKIX_CERT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CRLDPDEBUG
+#define PKIX_CRLDP_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CRLDP_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CRLDP_DEBUG(expr)
+#define PKIX_CRLDP_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_HTTPCLIENTDEBUG
+#define PKIX_HTTPCLIENT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_HTTPCLIENT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_HTTPCLIENT_DEBUG(expr)
+#define PKIX_HTTPCLIENT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_BIGINTDEBUG
+#define PKIX_BIGINT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_BIGINT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_BIGINT_DEBUG(expr)
+#define PKIX_BIGINT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_DATEDEBUG
+#define PKIX_DATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_DATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_DATE_DEBUG(expr)
+#define PKIX_DATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_TRUSTANCHORDEBUG
+#define PKIX_TRUSTANCHOR_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_TRUSTANCHOR_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_TRUSTANCHOR_DEBUG(expr)
+#define PKIX_TRUSTANCHOR_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_PROCESSINGPARAMSDEBUG
+#define PKIX_PROCESSINGPARAMS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_PROCESSINGPARAMS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_PROCESSINGPARAMS_DEBUG(expr)
+#define PKIX_PROCESSINGPARAMS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_VALIDATEPARAMSDEBUG
+#define PKIX_VALIDATEPARAMS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_VALIDATEPARAMS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_VALIDATEPARAMS_DEBUG(expr)
+#define PKIX_VALIDATEPARAMS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_VALIDATERESULTDEBUG
+#define PKIX_VALIDATERESULT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_VALIDATERESULT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_VALIDATERESULT_DEBUG(expr)
+#define PKIX_VALIDATERESULT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_VALIDATEDEBUG
+#define PKIX_VALIDATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_VALIDATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_VALIDATE_DEBUG(expr)
+#define PKIX_VALIDATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_BUILDDEBUG
+#define PKIX_BUILD_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_BUILD_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_BUILD_DEBUG(expr)
+#define PKIX_BUILD_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTCHAINCHECKERDEBUG
+#define PKIX_CERTCHAINCHECKER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTCHAINCHECKER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTCHAINCHECKER_DEBUG(expr)
+#define PKIX_CERTCHAINCHECKER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_REVOCATIONCHECKERDEBUG
+#define PKIX_REVOCATIONCHECKER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_REVOCATIONCHECKER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_REVOCATIONCHECKER_DEBUG(expr)
+#define PKIX_REVOCATIONCHECKER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_REVOCATIONMETHODDEBUG
+#define PKIX_REVOCATIONMETHOD_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_REVOCATIONMETHOD_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_REVOCATIONMETHOD_DEBUG(expr)
+#define PKIX_REVOCATIONMETHOD_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTSELECTORDEBUG
+#define PKIX_CERTSELECTOR_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTSELECTOR_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTSELECTOR_DEBUG(expr)
+#define PKIX_CERTSELECTOR_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_COMCERTSELPARAMSDEBUG
+#define PKIX_COMCERTSELPARAMS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_COMCERTSELPARAMS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_COMCERTSELPARAMS_DEBUG(expr)
+#define PKIX_COMCERTSELPARAMS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_TARGETCERTCHECKERSTATEDEBUG
+#define PKIX_TARGETCERTCHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_TARGETCERTCHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_TARGETCERTCHECKERSTATE_DEBUG(expr)
+#define PKIX_TARGETCERTCHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_BASICCONSTRAINTSCHECKERSTATEDEBUG
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG(expr)
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_INITIALIZEPARAMSDEBUG
+#define PKIX_INITIALIZEPARAMS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_INITIALIZEPARAMS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_INITIALIZEPARAMS_DEBUG(expr)
+#define PKIX_INITIALIZEPARAMS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTBASICCONSTRAINTSDEBUG
+#define PKIX_CERTBASICCONSTRAINTS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTBASICCONSTRAINTS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTBASICCONSTRAINTS_DEBUG(expr)
+#define PKIX_CERTBASICCONSTRAINTS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTNAMECONSTRAINTSDEBUG
+#define PKIX_CERTNAMECONSTRAINTS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTNAMECONSTRAINTS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTNAMECONSTRAINTS_DEBUG(expr)
+#define PKIX_CERTNAMECONSTRAINTS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTNAMECONSTRAINTSCHECKERSTATEDEBUG
+#define PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_DEBUG(expr)
+#define PKIX_CERTNAMECONSTRAINTSCHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_SUBJALTNAMECHECKERSTATEDEBUG
+#define PKIX_SUBJALTNAMECHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_SUBJALTNAMECHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_SUBJALTNAMECHECKERSTATE_DEBUG(expr)
+#define PKIX_SUBJALTNAMECHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTPOLICYQUALIFIERDEBUG
+#define PKIX_CERTPOLICYQUALIFIER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTPOLICYQUALIFIER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTPOLICYQUALIFIER_DEBUG(expr)
+#define PKIX_CERTPOLICYQUALIFIER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTPOLICYINFODEBUG
+#define PKIX_CERTPOLICYINFO_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTPOLICYINFO_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTPOLICYINFO_DEBUG(expr)
+#define PKIX_CERTPOLICYINFO_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTPOLICYNODEDEBUG
+#define PKIX_CERTPOLICYNODE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTPOLICYNODE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTPOLICYNODE_DEBUG(expr)
+#define PKIX_CERTPOLICYNODE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTPOLICYCHECKERSTATEDEBUG
+#define PKIX_CERTPOLICYCHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTPOLICYCHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTPOLICYCHECKERSTATE_DEBUG(expr)
+#define PKIX_CERTPOLICYCHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LIFECYCLEDEBUG
+#define PKIX_LIFECYCLE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LIFECYCLE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LIFECYCLE_DEBUG(expr)
+#define PKIX_LIFECYCLE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_BASICCONSTRAINTSCHECKERSTATEDEBUG
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG(expr)
+#define PKIX_BASICCONSTRAINTSCHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CRLDEBUG
+#define PKIX_CRL_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CRL_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CRL_DEBUG(expr)
+#define PKIX_CRL_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CRLENTRYDEBUG
+#define PKIX_CRLENTRY_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CRLENTRY_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CRLENTRY_DEBUG(expr)
+#define PKIX_CRLENTRY_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CRLSELECTORDEBUG
+#define PKIX_CRLSELECTOR_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CRLSELECTOR_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CRLSELECTOR_DEBUG(expr)
+#define PKIX_CRLSELECTOR_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_COMCRLSELPARAMSDEBUG
+#define PKIX_COMCRLSELPARAMS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_COMCRLSELPARAMS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_COMCRLSELPARAMS_DEBUG(expr)
+#define PKIX_COMCRLSELPARAMS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTSTOREDEBUG
+#define PKIX_CERTSTORE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTSTORE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTSTORE_DEBUG(expr)
+#define PKIX_CERTSTORE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_COLLECTIONCERTSTORECONTEXTDEBUG
+#define PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG(expr)
+#define PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CRLCHECKERDEBUG
+#define PKIX_CRLCHECKER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CRLCHECKER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CRLCHECKER_DEBUG(expr)
+#define PKIX_CRLCHECKER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTPOLICYMAPDEBUG
+#define PKIX_CERTPOLICYMAP_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTPOLICYMAP_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTPOLICYMAP_DEBUG(expr)
+#define PKIX_CERTPOLICYMAP_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_BUILDRESULTDEBUG
+#define PKIX_BUILDRESULT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_BUILDRESULT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_BUILDRESULT_DEBUG(expr)
+#define PKIX_BUILDRESULT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_FORWARDBUILDERSTATEDEBUG
+#define PKIX_FORWARDBUILDERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_FORWARDBUILDERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_FORWARDBUILDERSTATE_DEBUG(expr)
+#define PKIX_FORWARDBUILDERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_SIGNATURECHECKERSTATEDEBUG
+#define PKIX_SIGNATURECHECKERSTATE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_SIGNATURECHECKERSTATE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_SIGNATURECHECKERSTATE_DEBUG(expr)
+#define PKIX_SIGNATURECHECKERSTATE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_USERDEFINEDMODULESDEBUG
+#define PKIX_USERDEFINEDMODULES_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_USERDEFINEDMODULES_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_USERDEFINEDMODULES_DEBUG(expr)
+#define PKIX_USERDEFINEDMODULES_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CONTEXTDEBUG
+#define PKIX_CONTEXT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CONTEXT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CONTEXT_DEBUG(expr)
+#define PKIX_CONTEXT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_REVOCATIONCHECKERDEBUG
+#define PKIX_REVOCATIONCHECKER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_REVOCATIONCHECKER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_REVOCATIONCHECKER_DEBUG(expr)
+#define PKIX_REVOCATIONCHECKER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LDAPREQUESTDEBUG
+#define PKIX_LDAPREQUEST_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LDAPREQUEST_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LDAPREQUEST_DEBUG(expr)
+#define PKIX_LDAPREQUEST_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LDAPRESPONSEDEBUG
+#define PKIX_LDAPRESPONSE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LDAPRESPONSE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LDAPRESPONSE_DEBUG(expr)
+#define PKIX_LDAPRESPONSE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LDAPCLIENTDEBUG
+#define PKIX_LDAPCLIENT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LDAPCLIENT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LDAPCLIENT_DEBUG(expr)
+#define PKIX_LDAPCLIENT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LDAPDEFAULTCLIENTDEBUG
+#define PKIX_LDAPDEFAULTCLIENT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LDAPDEFAULTCLIENT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LDAPDEFAULTCLIENT_DEBUG(expr)
+#define PKIX_LDAPDEFAULTCLIENT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_SOCKETDEBUG
+#define PKIX_SOCKET_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_SOCKET_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_SOCKET_DEBUG(expr)
+#define PKIX_SOCKET_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_RESOURCELIMITSDEBUG
+#define PKIX_RESOURCELIMITS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_RESOURCELIMITS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_RESOURCELIMITS_DEBUG(expr)
+#define PKIX_RESOURCELIMITS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_LOGGERDEBUG
+#define PKIX_LOGGER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_LOGGER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_LOGGER_DEBUG(expr)
+#define PKIX_LOGGER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_MONITORLOCKDEBUG
+#define PKIX_MONITORLOCK_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_MONITORLOCK_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_MONITORLOCK_DEBUG(expr)
+#define PKIX_MONITORLOCK_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_INFOACCESSDEBUG
+#define PKIX_INFOACCESS_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_INFOACCESS_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_INFOACCESS_DEBUG(expr)
+#define PKIX_INFOACCESS_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_AIAMGRDEBUG
+#define PKIX_AIAMGR_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_AIAMGR_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_AIAMGR_DEBUG(expr)
+#define PKIX_AIAMGR_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_OCSPCHECKERDEBUG
+#define PKIX_OCSPCHECKER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_OCSPCHECKER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_OCSPCHECKER_DEBUG(expr)
+#define PKIX_OCSPCHECKER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_OCSPCERTIDDEBUG
+#define PKIX_OCSPCERTID_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_OCSPCERTID_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_OCSPCERTID_DEBUG(expr)
+#define PKIX_OCSPCERTID_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_OCSPREQUESTDEBUG
+#define PKIX_OCSPREQUEST_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_OCSPREQUEST_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_OCSPREQUEST_DEBUG(expr)
+#define PKIX_OCSPREQUEST_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_OCSPRESPONSEDEBUG
+#define PKIX_OCSPRESPONSE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_OCSPRESPONSE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_OCSPRESPONSE_DEBUG(expr)
+#define PKIX_OCSPRESPONSE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_HTTPDEFAULTCLIENTDEBUG
+#define PKIX_HTTPDEFAULTCLIENT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_HTTPDEFAULTCLIENT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_HTTPDEFAULTCLIENT_DEBUG(expr)
+#define PKIX_HTTPDEFAULTCLIENT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_HTTPCERTSTORECONTEXTDEBUG
+#define PKIX_HTTPCERTSTORECONTEXT_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_HTTPCERTSTORECONTEXT_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_HTTPCERTSTORECONTEXT_DEBUG(expr)
+#define PKIX_HTTPCERTSTORECONTEXT_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_VERIFYNODEDEBUG
+#define PKIX_VERIFYNODE_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_VERIFYNODE_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_VERIFYNODE_DEBUG(expr)
+#define PKIX_VERIFYNODE_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_EKUCHECKER
+#define PKIX_EKUCHECKER_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_EKUCHECKER_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_EKUCHECKER_DEBUG(expr)
+#define PKIX_EKUCHECKER_DEBUG_ARG(expr, arg)
+#endif
+
+#if PKIX_CERTVFYPKIXDEBUG
+#define PKIX_CERTVFYPKIX_DEBUG(expr) \
+ PKIX_DEBUG(expr)
+#define PKIX_CERTVFYPKIX_DEBUG_ARG(expr, arg) \
+ PKIX_DEBUG_ARG(expr, arg)
+#else
+#define PKIX_CERTVFYPKIX_DEBUG(expr)
+#define PKIX_CERTVFYPKIX_DEBUG_ARG(expr, arg)
+#endif
+
+/*
+ * All object types register themselves with the system using a
+ * pkix_ClassTable_Entry, which consists of a set of functions for that
+ * type and an ASCII string (char *) which is used by the default
+ * ToStringCallback (if necessary). System types register themselves directly
+ * when their respective PKIX_"type"_RegisterSelf functions are called.
+ * User-defined types can be registered using PKIX_PL_Object_RegisterType.
+ * (see comments in pkix_pl_system.h)
+ */
+
+typedef struct pkix_ClassTable_EntryStruct pkix_ClassTable_Entry;
+struct pkix_ClassTable_EntryStruct {
+ char *description;
+ PKIX_UInt32 objCounter;
+ PKIX_UInt32 typeObjectSize;
+ PKIX_PL_DestructorCallback destructor;
+ PKIX_PL_EqualsCallback equalsFunction;
+ PKIX_PL_HashcodeCallback hashcodeFunction;
+ PKIX_PL_ToStringCallback toStringFunction;
+ PKIX_PL_ComparatorCallback comparator;
+ PKIX_PL_DuplicateCallback duplicateFunction;
+};
+
+/*
+ * PKIX_ERRORCLASSNAMES is an array of strings, with each string holding a
+ * descriptive name for an error code. This is used by the default
+ * PKIX_PL_Error_ToString function.
+ */
+extern const char *PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES];
+
+#define MAX_STACK_DEPTH 1000
+
+extern PRLogModuleInfo *pkixLog;
+
+#define PKIX_MAGIC_HEADER PR_UINT64(0xFEEDC0FFEEFACADE)
+#define PKIX_MAGIC_HEADER_DESTROYED PR_UINT64(0xBAADF00DDEADBEEF)
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_IsCertSelfIssued(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pSelfIssued,
+ void *plContext);
+
+PKIX_Error *
+pkix_Throw(
+ PKIX_ERRORCLASS errClass,
+ const char *funcName,
+ PKIX_ERRORCODE errorTextCode,
+ PKIX_ERRORCLASS overrideClass,
+ PKIX_Error *cause,
+ PKIX_Error **pError,
+ void *plContext);
+
+PKIX_Error *
+pkix_CheckTypes(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_UInt32 type,
+ void *plContext);
+
+PKIX_Error *
+pkix_CheckType(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 type,
+ void *plContext);
+
+PKIX_Error *
+pkix_hash(
+ const unsigned char *bytes,
+ PKIX_UInt32 length,
+ PKIX_UInt32 *hash,
+ void *plContext);
+
+PKIX_Error *
+pkix_duplicateImmutable(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext);
+
+PKIX_UInt32
+pkix_countArray(void **array);
+
+PKIX_UInt32
+pkix_hex2i(char c);
+
+char
+pkix_i2hex(char c);
+
+PKIX_Boolean
+pkix_isPlaintext(unsigned char c, PKIX_Boolean debug);
+
+PKIX_Error *
+pkix_CacheCertChain_Lookup(
+ PKIX_PL_Cert* targetCert,
+ PKIX_List* anchors,
+ PKIX_PL_Date *testDate,
+ PKIX_Boolean *pFound,
+ PKIX_BuildResult **pBuildResult,
+ void *plContext);
+
+PKIX_Error *
+pkix_CacheCertChain_Remove(
+ PKIX_PL_Cert* targetCert,
+ PKIX_List* anchors,
+ void *plContext);
+
+PKIX_Error *
+pkix_CacheCertChain_Add(
+ PKIX_PL_Cert* targetCert,
+ PKIX_List* anchors,
+ PKIX_PL_Date *validityDate,
+ PKIX_BuildResult *buildResult,
+ void *plContext);
+
+PKIX_Error *
+pkix_CacheCert_Lookup(
+ PKIX_CertStore *store,
+ PKIX_ComCertSelParams *certSelParams,
+ PKIX_PL_Date *testDate,
+ PKIX_Boolean *pFound,
+ PKIX_List** pCerts,
+ void *plContext);
+
+PKIX_Error *
+pkix_CacheCert_Add(
+ PKIX_CertStore *store,
+ PKIX_ComCertSelParams *certSelParams,
+ PKIX_List* certs,
+ void *plContext);
+
+PKIX_Error *
+pkix_CacheCrlEntry_Lookup(
+ PKIX_CertStore *store,
+ PKIX_PL_X500Name *certIssuer,
+ PKIX_PL_BigInt *certSerialNumber,
+ PKIX_Boolean *pFound,
+ PKIX_List** pCrlEntryList,
+ void *plContext);
+
+PKIX_Error *
+pkix_CacheCrlEntry_Add(
+ PKIX_CertStore *store,
+ PKIX_PL_X500Name *certIssuer,
+ PKIX_PL_BigInt *certSerialNumber,
+ PKIX_List* crlEntryList,
+ void *plContext);
+
+#ifdef PR_LOGGING
+void
+pkix_trace_dump_cert(
+ const char *info,
+ PKIX_PL_Cert *cert,
+ void *plContext);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_TOOLS_H */
diff --git a/security/nss/lib/libpkix/pkix/util/util.gyp b/security/nss/lib/libpkix/pkix/util/util.gyp
new file mode 100644
index 000000000..078852f52
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix/util/util.gyp
@@ -0,0 +1,27 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixutil',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_error.c',
+ 'pkix_errpaths.c',
+ 'pkix_list.c',
+ 'pkix_logger.c',
+ 'pkix_tools.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/Makefile b/security/nss/lib/libpkix/pkix_pl_nss/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/config.mk b/security/nss/lib/libpkix/pkix_pl_nss/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/manifest.mn b/security/nss/lib/libpkix/pkix_pl_nss/manifest.mn
new file mode 100755
index 000000000..f3c83511a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/manifest.mn
@@ -0,0 +1,11 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../..
+DEPTH = ../../..
+
+#
+DIRS = pki system module \
+ $(NULL)
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/Makefile b/security/nss/lib/libpkix/pkix_pl_nss/module/Makefile
new file mode 100755
index 000000000..36524f56a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/config.mk b/security/nss/lib/libpkix/pkix_pl_nss/module/config.mk
new file mode 100755
index 000000000..2926747a2
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/config.mk
@@ -0,0 +1,35 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+ifdef NSS_PKIX_NO_LDAP
+LDAP_HEADERS =
+LDAP_CSRCS =
+else
+LDAP_HEADERS = \
+ pkix_pl_ldapt.h \
+ pkix_pl_ldapcertstore.h \
+ pkix_pl_ldapresponse.h \
+ pkix_pl_ldaprequest.h \
+ pkix_pl_ldapdefaultclient.h \
+ $(NULL)
+
+LDAP_CSRCS = \
+ pkix_pl_ldaptemplates.c \
+ pkix_pl_ldapcertstore.c \
+ pkix_pl_ldapresponse.c \
+ pkix_pl_ldaprequest.c \
+ pkix_pl_ldapdefaultclient.c \
+ $(NULL)
+endif
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/exports.gyp b/security/nss/lib/libpkix/pkix_pl_nss/module/exports.gyp
new file mode 100644
index 000000000..064a17ce4
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/exports.gyp
@@ -0,0 +1,36 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_pl_nss_module_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_pl_aiamgr.h',
+ 'pkix_pl_colcertstore.h',
+ 'pkix_pl_httpcertstore.h',
+ 'pkix_pl_httpdefaultclient.h',
+ 'pkix_pl_ldapcertstore.h',
+ 'pkix_pl_ldapdefaultclient.h',
+ 'pkix_pl_ldaprequest.h',
+ 'pkix_pl_ldapresponse.h',
+ 'pkix_pl_ldapt.h',
+ 'pkix_pl_nsscontext.h',
+ 'pkix_pl_pk11certstore.h',
+ 'pkix_pl_socket.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/manifest.mn b/security/nss/lib/libpkix/pkix_pl_nss/module/manifest.mn
new file mode 100755
index 000000000..63bfd707e
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/manifest.mn
@@ -0,0 +1,38 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_pl_aiamgr.h \
+ pkix_pl_colcertstore.h \
+ pkix_pl_httpcertstore.h \
+ pkix_pl_httpdefaultclient.h \
+ $(LDAP_HEADERS) \
+ pkix_pl_nsscontext.h \
+ pkix_pl_pk11certstore.h \
+ pkix_pl_socket.h \
+ $(NULL)
+
+MODULE = nss
+
+DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
+
+
+CSRCS = \
+ pkix_pl_aiamgr.c \
+ pkix_pl_colcertstore.c \
+ pkix_pl_httpcertstore.c \
+ pkix_pl_httpdefaultclient.c \
+ $(LDAP_CSRCS) \
+ pkix_pl_nsscontext.c \
+ pkix_pl_pk11certstore.c \
+ pkix_pl_socket.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixmodule
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/module.gyp b/security/nss/lib/libpkix/pkix_pl_nss/module/module.gyp
new file mode 100644
index 000000000..8d7459ded
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/module.gyp
@@ -0,0 +1,41 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixmodule',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_pl_aiamgr.c',
+ 'pkix_pl_colcertstore.c',
+ 'pkix_pl_httpcertstore.c',
+ 'pkix_pl_httpdefaultclient.c',
+ 'pkix_pl_ldapcertstore.c',
+ 'pkix_pl_ldapdefaultclient.c',
+ 'pkix_pl_ldaprequest.c',
+ 'pkix_pl_ldapresponse.c',
+ 'pkix_pl_ldaptemplates.c',
+ 'pkix_pl_nsscontext.c',
+ 'pkix_pl_pk11certstore.c',
+ 'pkix_pl_socket.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'SHLIB_SUFFIX=\"<(dll_suffix)\"',
+ 'SHLIB_PREFIX=\"<(dll_prefix)\"',
+ 'SHLIB_VERSION=\"\"'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
new file mode 100644
index 000000000..d9f566230
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
@@ -0,0 +1,699 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_aiamgr.c
+ *
+ * AIAMgr Object Definitions
+ *
+ */
+
+#include "pkix_pl_aiamgr.h"
+extern PKIX_PL_HashTable *aiaConnectionCache;
+
+#ifndef NSS_PKIX_NO_LDAP
+/* --Virtual-LdapClient-Functions------------------------------------ */
+
+PKIX_Error *
+PKIX_PL_LdapClient_InitiateRequest(
+ PKIX_PL_LdapClient *client,
+ LDAPRequestParams *requestParams,
+ void **pNBIO,
+ PKIX_List **pResponse,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPCLIENT, "PKIX_PL_LdapClient_InitiateRequest");
+ PKIX_NULLCHECK_TWO(client, client->initiateFcn);
+
+ PKIX_CHECK(client->initiateFcn
+ (client, requestParams, pNBIO, pResponse, plContext),
+ PKIX_LDAPCLIENTINITIATEREQUESTFAILED);
+cleanup:
+
+ PKIX_RETURN(LDAPCLIENT);
+
+}
+
+PKIX_Error *
+PKIX_PL_LdapClient_ResumeRequest(
+ PKIX_PL_LdapClient *client,
+ void **pNBIO,
+ PKIX_List **pResponse,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPCLIENT, "PKIX_PL_LdapClient_ResumeRequest");
+ PKIX_NULLCHECK_TWO(client, client->resumeFcn);
+
+ PKIX_CHECK(client->resumeFcn
+ (client, pNBIO, pResponse, plContext),
+ PKIX_LDAPCLIENTRESUMEREQUESTFAILED);
+cleanup:
+
+ PKIX_RETURN(LDAPCLIENT);
+
+}
+#endif /* !NSS_PKIX_NO_LDAP */
+
+/* --Private-AIAMgr-Functions----------------------------------*/
+
+/*
+ * FUNCTION: pkix_pl_AIAMgr_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_pki.h)
+ */
+static PKIX_Error *
+pkix_pl_AIAMgr_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_AIAMgr *aiaMgr = NULL;
+
+ PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_AIAMGR_TYPE, plContext),
+ PKIX_OBJECTNOTAIAMGR);
+
+ aiaMgr = (PKIX_PL_AIAMgr *)object;
+
+ /* pointer to cert cache */
+ /* pointer to crl cache */
+ aiaMgr->method = 0;
+ aiaMgr->aiaIndex = 0;
+ aiaMgr->numAias = 0;
+ PKIX_DECREF(aiaMgr->aia);
+ PKIX_DECREF(aiaMgr->location);
+ PKIX_DECREF(aiaMgr->results);
+#ifndef NSS_PKIX_NO_LDAP
+ PKIX_DECREF(aiaMgr->client.ldapClient);
+#endif
+
+cleanup:
+
+ PKIX_RETURN(AIAMGR);
+}
+
+/*
+ * FUNCTION: pkix_pl_AIAMgr_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_AIAMGR_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_AIAMgr_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry = &systemClasses[PKIX_AIAMGR_TYPE];
+
+ PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_RegisterSelf");
+
+ entry->description = "AIAMgr";
+ entry->typeObjectSize = sizeof(PKIX_PL_AIAMgr);
+ entry->destructor = pkix_pl_AIAMgr_Destroy;
+
+ PKIX_RETURN(AIAMGR);
+}
+
+#ifndef NSS_PKIX_NO_LDAP
+/*
+ * FUNCTION: pkix_pl_AiaMgr_FindLDAPClient
+ * DESCRIPTION:
+ *
+ * This function checks the collection of LDAPClient connections held by the
+ * AIAMgr pointed to by "aiaMgr" for one matching the domain name given by
+ * "domainName". The string may include a port number: e.g., "betty.nist.gov"
+ * or "nss.red.iplanet.com:1389". If a match is found, that LDAPClient is
+ * stored at "pClient". Otherwise, an LDAPClient is created and added to the
+ * collection, and then stored at "pClient".
+ *
+ * PARAMETERS:
+ * "aiaMgr"
+ * The AIAMgr whose LDAPClient connected are to be managed. Must be
+ * non-NULL.
+ * "domainName"
+ * Address of a string pointing to a server name. Must be non-NULL.
+ * An empty string (which means no <host> is given in the LDAP URL) is
+ * not supported.
+ * "pClient"
+ * Address at which the returned LDAPClient is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an AIAMgr Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_AiaMgr_FindLDAPClient(
+ PKIX_PL_AIAMgr *aiaMgr,
+ char *domainName,
+ PKIX_PL_LdapClient **pClient,
+ void *plContext)
+{
+ PKIX_PL_String *domainString = NULL;
+ PKIX_PL_LdapDefaultClient *client = NULL;
+
+ PKIX_ENTER(AIAMGR, "pkix_pl_AiaMgr_FindLDAPClient");
+ PKIX_NULLCHECK_THREE(aiaMgr, domainName, pClient);
+
+ /*
+ * An LDAP URL may not have a <host> part, for example,
+ * ldap:///o=University%20of%20Michigan,c=US
+ * PKIX_PL_LdapDefaultClient doesn't know how to discover the default
+ * LDAP server, so we don't support this kind of LDAP URL.
+ */
+ if (*domainName == '\0') {
+ /* Simulate a PKIX_PL_LdapDefaultClient_CreateByName failure. */
+ PKIX_ERROR(PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED);
+ }
+
+ /* create PKIX_PL_String from domain name */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, domainName, 0, &domainString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* Is this domainName already in cache? */
+ PKIX_CHECK(PKIX_PL_HashTable_Lookup
+ (aiaConnectionCache,
+ (PKIX_PL_Object *)domainString,
+ (PKIX_PL_Object **)&client,
+ plContext),
+ PKIX_HASHTABLELOOKUPFAILED);
+
+ if (client == NULL) {
+
+ /* No, create a connection (and cache it) */
+ PKIX_CHECK(PKIX_PL_LdapDefaultClient_CreateByName
+ (domainName,
+ /* Do not use NBIO until we verify, that
+ * it is working. For now use 1 min timeout. */
+ PR_SecondsToInterval(
+ ((PKIX_PL_NssContext*)plContext)->timeoutSeconds),
+ NULL,
+ &client,
+ plContext),
+ PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED);
+
+ PKIX_CHECK(PKIX_PL_HashTable_Add
+ (aiaConnectionCache,
+ (PKIX_PL_Object *)domainString,
+ (PKIX_PL_Object *)client,
+ plContext),
+ PKIX_HASHTABLEADDFAILED);
+
+ }
+
+ *pClient = (PKIX_PL_LdapClient *)client;
+
+cleanup:
+
+ PKIX_DECREF(domainString);
+
+ PKIX_RETURN(AIAMGR);
+}
+#endif /* !NSS_PKIX_NO_LDAP */
+
+PKIX_Error *
+pkix_pl_AIAMgr_GetHTTPCerts(
+ PKIX_PL_AIAMgr *aiaMgr,
+ PKIX_PL_InfoAccess *ia,
+ void **pNBIOContext,
+ PKIX_List **pCerts,
+ void *plContext)
+{
+ PKIX_PL_GeneralName *location = NULL;
+ PKIX_PL_String *locationString = NULL;
+ PKIX_UInt32 len = 0;
+ PRUint16 port = 0;
+ const SEC_HttpClientFcn *httpClient = NULL;
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ SECStatus rv = SECFailure;
+ SEC_HTTP_SERVER_SESSION serverSession = NULL;
+ SEC_HTTP_REQUEST_SESSION requestSession = NULL;
+ char *path = NULL;
+ char *hostname = NULL;
+ char *locationAscii = NULL;
+ void *nbio = NULL;
+ PRUint16 responseCode = 0;
+ const char *responseContentType = NULL;
+ const char *responseData = NULL;
+
+ PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_GetHTTPCerts");
+ PKIX_NULLCHECK_FOUR(aiaMgr, ia, pNBIOContext, pCerts);
+
+ nbio = *pNBIOContext;
+ *pNBIOContext = NULL;
+ *pCerts = NULL;
+
+ if (nbio == NULL) { /* a new request */
+
+ PKIX_CHECK(PKIX_PL_InfoAccess_GetLocation
+ (ia, &location, plContext),
+ PKIX_INFOACCESSGETLOCATIONFAILED);
+
+ /* find or create httpClient = default client */
+ httpClient = SEC_GetRegisteredHttpClient();
+ aiaMgr->client.hdata.httpClient = httpClient;
+ if (!httpClient)
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+
+ if (httpClient->version == 1) {
+
+ PKIX_UInt32 timeout =
+ ((PKIX_PL_NssContext*)plContext)->timeoutSeconds;
+
+ hcv1 = &(httpClient->fcnTable.ftable1);
+
+ /* create server session */
+ PKIX_TOSTRING(location, &locationString, plContext,
+ PKIX_GENERALNAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (locationString,
+ PKIX_ESCASCII,
+ (void **)&locationAscii,
+ &len,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ rv = CERT_ParseURL(locationAscii, &hostname, &port,
+ &path);
+ if ((rv != SECSuccess) ||
+ (hostname == NULL) ||
+ (path == NULL)) {
+ PKIX_ERROR(PKIX_URLPARSINGFAILED);
+ }
+
+ rv = (*hcv1->createSessionFcn)(hostname, port,
+ &serverSession);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPCLIENTCREATESESSIONFAILED);
+ }
+
+ aiaMgr->client.hdata.serverSession = serverSession;
+
+ /* create request session */
+ rv = (*hcv1->createFcn)(serverSession, "http", path,
+ "GET", PR_SecondsToInterval(timeout),
+ &requestSession);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+
+ aiaMgr->client.hdata.requestSession = requestSession;
+ } else {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+ }
+
+ httpClient = aiaMgr->client.hdata.httpClient;
+
+ if (httpClient->version == 1) {
+ PRUint32 responseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+
+ hcv1 = &(httpClient->fcnTable.ftable1);
+ requestSession = aiaMgr->client.hdata.requestSession;
+
+ /* trySendAndReceive */
+ rv = (*hcv1->trySendAndReceiveFcn)(requestSession,
+ (PRPollDesc **)&nbio,
+ &responseCode,
+ (const char **)&responseContentType,
+ NULL, /* &responseHeaders */
+ (const char **)&responseData,
+ &responseDataLen);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+
+ if (nbio != 0) {
+ *pNBIOContext = nbio;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCertResponse
+ (responseCode,
+ responseContentType,
+ responseData,
+ responseDataLen,
+ pCerts,
+ plContext),
+ PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED);
+
+ /* Session and request cleanup in case of success */
+ if (aiaMgr->client.hdata.requestSession != NULL) {
+ (*hcv1->freeFcn)(aiaMgr->client.hdata.requestSession);
+ aiaMgr->client.hdata.requestSession = NULL;
+ }
+ if (aiaMgr->client.hdata.serverSession != NULL) {
+ (*hcv1->freeSessionFcn)(aiaMgr->client.hdata.serverSession);
+ aiaMgr->client.hdata.serverSession = NULL;
+ }
+ aiaMgr->client.hdata.httpClient = 0; /* callback fn */
+
+ } else {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+
+cleanup:
+ /* Session and request cleanup in case of error. Passing through without cleanup
+ * if interrupted by blocked IO. */
+ if (PKIX_ERROR_RECEIVED) {
+ if (aiaMgr->client.hdata.requestSession != NULL) {
+ (*hcv1->freeFcn)(aiaMgr->client.hdata.requestSession);
+ aiaMgr->client.hdata.requestSession = NULL;
+ }
+ if (aiaMgr->client.hdata.serverSession != NULL) {
+ (*hcv1->freeSessionFcn)(aiaMgr->client.hdata.serverSession);
+ aiaMgr->client.hdata.serverSession = NULL;
+ }
+ aiaMgr->client.hdata.httpClient = 0; /* callback fn */
+ }
+
+ PKIX_DECREF(location);
+ PKIX_DECREF(locationString);
+
+ if (locationAscii) {
+ PORT_Free(locationAscii);
+ }
+ if (hostname) {
+ PORT_Free(hostname);
+ }
+ if (path) {
+ PORT_Free(path);
+ }
+
+ PKIX_RETURN(AIAMGR);
+}
+
+#ifndef NSS_PKIX_NO_LDAP
+PKIX_Error *
+pkix_pl_AIAMgr_GetLDAPCerts(
+ PKIX_PL_AIAMgr *aiaMgr,
+ PKIX_PL_InfoAccess *ia,
+ void **pNBIOContext,
+ PKIX_List **pCerts,
+ void *plContext)
+{
+ PKIX_List *result = NULL;
+ PKIX_PL_GeneralName *location = NULL;
+ PKIX_PL_LdapClient *client = NULL;
+ LDAPRequestParams request;
+ PLArenaPool *arena = NULL;
+ char *domainName = NULL;
+ void *nbio = NULL;
+
+ PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_GetLDAPCerts");
+ PKIX_NULLCHECK_FOUR(aiaMgr, ia, pNBIOContext, pCerts);
+
+ nbio = *pNBIOContext;
+ *pNBIOContext = NULL;
+ *pCerts = NULL;
+
+ if (nbio == NULL) { /* a new request */
+
+ /* Initiate an LDAP request */
+
+ request.scope = WHOLE_SUBTREE;
+ request.derefAliases = NEVER_DEREF;
+ request.sizeLimit = 0;
+ request.timeLimit = 0;
+
+ PKIX_CHECK(PKIX_PL_InfoAccess_GetLocation
+ (ia, &location, plContext),
+ PKIX_INFOACCESSGETLOCATIONFAILED);
+
+ /*
+ * Get a short-lived arena. We'll be done with
+ * this space once the request is encoded.
+ */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CHECK(pkix_pl_InfoAccess_ParseLocation
+ (location, arena, &request, &domainName, plContext),
+ PKIX_INFOACCESSPARSELOCATIONFAILED);
+
+ PKIX_DECREF(location);
+
+ /* Find or create a connection to LDAP server */
+ PKIX_CHECK(pkix_pl_AiaMgr_FindLDAPClient
+ (aiaMgr, domainName, &client, plContext),
+ PKIX_AIAMGRFINDLDAPCLIENTFAILED);
+
+ aiaMgr->client.ldapClient = client;
+
+ PKIX_CHECK(PKIX_PL_LdapClient_InitiateRequest
+ (aiaMgr->client.ldapClient,
+ &request,
+ &nbio,
+ &result,
+ plContext),
+ PKIX_LDAPCLIENTINITIATEREQUESTFAILED);
+
+ PKIX_PL_NSSCALL(AIAMGR, PORT_FreeArena, (arena, PR_FALSE));
+
+ } else {
+
+ PKIX_CHECK(PKIX_PL_LdapClient_ResumeRequest
+ (aiaMgr->client.ldapClient, &nbio, &result, plContext),
+ PKIX_LDAPCLIENTRESUMEREQUESTFAILED);
+
+ }
+
+ if (nbio != NULL) { /* WOULDBLOCK */
+ *pNBIOContext = nbio;
+ *pCerts = NULL;
+ goto cleanup;
+ }
+
+ PKIX_DECREF(aiaMgr->client.ldapClient);
+
+ if (result == NULL) {
+ *pCerts = NULL;
+ } else {
+ PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertList
+ (result, pCerts, plContext),
+ PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED);
+ }
+
+ *pNBIOContext = nbio;
+
+cleanup:
+
+ if (arena && (PKIX_ERROR_RECEIVED)) {
+ PKIX_PL_NSSCALL(AIAMGR, PORT_FreeArena, (arena, PR_FALSE));
+ }
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(aiaMgr->client.ldapClient);
+ }
+
+ PKIX_DECREF(location);
+
+ PKIX_RETURN(AIAMGR);
+}
+#endif /* !NSS_PKIX_NO_LDAP */
+
+/*
+ * FUNCTION: PKIX_PL_AIAMgr_Create
+ * DESCRIPTION:
+ *
+ * This function creates an AIAMgr, storing the result at "pAIAMgr".
+ *
+ * PARAMETERS:
+ * "pAIAMGR"
+ * Address at which the returned AIAMgr is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an AIAMgr Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_AIAMgr_Create(
+ PKIX_PL_AIAMgr **pAIAMgr,
+ void *plContext)
+{
+ PKIX_PL_AIAMgr *aiaMgr = NULL;
+
+ PKIX_ENTER(AIAMGR, "PKIX_PL_AIAMgr_Create");
+ PKIX_NULLCHECK_ONE(pAIAMgr);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_AIAMGR_TYPE,
+ sizeof(PKIX_PL_AIAMgr),
+ (PKIX_PL_Object **)&aiaMgr,
+ plContext),
+ PKIX_COULDNOTCREATEAIAMGROBJECT);
+ /* pointer to cert cache */
+ /* pointer to crl cache */
+ aiaMgr->method = 0;
+ aiaMgr->aiaIndex = 0;
+ aiaMgr->numAias = 0;
+ aiaMgr->aia = NULL;
+ aiaMgr->location = NULL;
+ aiaMgr->results = NULL;
+ aiaMgr->client.hdata.httpClient = NULL;
+ aiaMgr->client.hdata.serverSession = NULL;
+ aiaMgr->client.hdata.requestSession = NULL;
+
+ *pAIAMgr = aiaMgr;
+
+cleanup:
+
+ PKIX_RETURN(AIAMGR);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_AIAMgr_GetAIACerts (see description in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_AIAMgr_GetAIACerts(
+ PKIX_PL_AIAMgr *aiaMgr,
+ PKIX_PL_Cert *prevCert,
+ void **pNBIOContext,
+ PKIX_List **pCerts,
+ void *plContext)
+{
+ PKIX_UInt32 numAias = 0;
+ PKIX_UInt32 aiaIndex = 0;
+ PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN;
+ PKIX_List *certs = NULL;
+ PKIX_PL_InfoAccess *ia = NULL;
+ void *nbio = NULL;
+
+ PKIX_ENTER(AIAMGR, "PKIX_PL_AIAMgr_GetAIACerts");
+ PKIX_NULLCHECK_FOUR(aiaMgr, prevCert, pNBIOContext, pCerts);
+
+ nbio = *pNBIOContext;
+ *pCerts = NULL;
+ *pNBIOContext = NULL;
+
+ if (nbio == NULL) { /* a new request */
+
+ /* Does this Cert have an AIA extension? */
+ PKIX_CHECK(PKIX_PL_Cert_GetAuthorityInfoAccess
+ (prevCert, &aiaMgr->aia, plContext),
+ PKIX_CERTGETAUTHORITYINFOACCESSFAILED);
+
+ if (aiaMgr->aia != NULL) {
+ PKIX_CHECK(PKIX_List_GetLength
+ (aiaMgr->aia, &numAias, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ /* And if so, does it have any entries? */
+ if ((aiaMgr->aia == NULL) || (numAias == 0)) {
+ *pCerts = NULL;
+ goto cleanup;
+ }
+
+ aiaMgr->aiaIndex = 0;
+ aiaMgr->numAias = numAias;
+ aiaMgr->results = NULL;
+
+ }
+
+ for (aiaIndex = aiaMgr->aiaIndex;
+ aiaIndex < aiaMgr->numAias;
+ aiaIndex ++) {
+ PKIX_UInt32 method = 0;
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (aiaMgr->aia,
+ aiaIndex,
+ (PKIX_PL_Object **)&ia,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(PKIX_PL_InfoAccess_GetMethod
+ (ia, &method, plContext),
+ PKIX_INFOACCESSGETMETHODFAILED);
+
+ if (method != PKIX_INFOACCESS_CA_ISSUERS &&
+ method != PKIX_INFOACCESS_CA_REPOSITORY) {
+ PKIX_DECREF(ia);
+ continue;
+ }
+
+ PKIX_CHECK(PKIX_PL_InfoAccess_GetLocationType
+ (ia, &iaType, plContext),
+ PKIX_INFOACCESSGETLOCATIONTYPEFAILED);
+
+ if (iaType == PKIX_INFOACCESS_LOCATION_HTTP) {
+ PKIX_CHECK(pkix_pl_AIAMgr_GetHTTPCerts
+ (aiaMgr, ia, &nbio, &certs, plContext),
+ PKIX_AIAMGRGETHTTPCERTSFAILED);
+#ifndef NSS_PKIX_NO_LDAP
+ } else if (iaType == PKIX_INFOACCESS_LOCATION_LDAP) {
+ PKIX_CHECK(pkix_pl_AIAMgr_GetLDAPCerts
+ (aiaMgr, ia, &nbio, &certs, plContext),
+ PKIX_AIAMGRGETLDAPCERTSFAILED);
+#endif
+ } else {
+ /* We only support http and ldap requests. */
+ PKIX_DECREF(ia);
+ continue;
+ }
+
+ if (nbio != NULL) { /* WOULDBLOCK */
+ aiaMgr->aiaIndex = aiaIndex;
+ *pNBIOContext = nbio;
+ *pCerts = NULL;
+ goto cleanup;
+ }
+
+ /*
+ * We can't just use and modify the List we received.
+ * Because it's cached, it's set immutable.
+ */
+ if (aiaMgr->results == NULL) {
+ PKIX_CHECK(PKIX_List_Create
+ (&(aiaMgr->results), plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+ PKIX_CHECK(pkix_List_AppendList
+ (aiaMgr->results, certs, plContext),
+ PKIX_APPENDLISTFAILED);
+ PKIX_DECREF(certs);
+
+ PKIX_DECREF(ia);
+ }
+
+ PKIX_DECREF(aiaMgr->aia);
+
+ *pNBIOContext = NULL;
+ *pCerts = aiaMgr->results;
+ aiaMgr->results = NULL;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(aiaMgr->aia);
+ PKIX_DECREF(aiaMgr->results);
+#ifndef NSS_PKIX_NO_LDAP
+ PKIX_DECREF(aiaMgr->client.ldapClient);
+#endif
+ }
+
+ PKIX_DECREF(certs);
+ PKIX_DECREF(ia);
+
+ PKIX_RETURN(AIAMGR);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h
new file mode 100644
index 000000000..356c1ecdf
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h
@@ -0,0 +1,65 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_aiamgr.h
+ *
+ * AIAMgr Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_AIAMGR_H
+#define _PKIX_PL_AIAMGR_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_AIAMgrStruct {
+ /* pointer to cert cache */
+ /* pointer to crl cache */
+ PKIX_UInt32 method;
+ PKIX_UInt32 aiaIndex;
+ PKIX_UInt32 numAias;
+ PKIX_List *aia;
+ PKIX_PL_GeneralName *location;
+ PKIX_List *results;
+ union {
+#ifndef NSS_PKIX_NO_LDAP
+ PKIX_PL_LdapClient *ldapClient;
+#endif
+ struct {
+ const SEC_HttpClientFcn *httpClient;
+ SEC_HTTP_SERVER_SESSION serverSession;
+ SEC_HTTP_REQUEST_SESSION requestSession;
+ char *path;
+ } hdata;
+ } client;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_AIAMgr_RegisterSelf(void *plContext);
+
+#ifndef NSS_PKIX_NO_LDAP
+PKIX_Error *PKIX_PL_LdapClient_InitiateRequest(
+ PKIX_PL_LdapClient *client,
+ LDAPRequestParams *requestParams,
+ void **pPollDesc,
+ PKIX_List **pResponse,
+ void *plContext);
+
+PKIX_Error *PKIX_PL_LdapClient_ResumeRequest(
+ PKIX_PL_LdapClient *client,
+ void **pPollDesc,
+ PKIX_List **pResponse,
+ void *plContext);
+#endif /* !NSS_PKIX_NO_LDAP */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_AIAMGR_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c
new file mode 100755
index 000000000..57004b770
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c
@@ -0,0 +1,1282 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_colcertstore.c
+ *
+ * CollectionCertStore Function Definitions
+ *
+ */
+
+#include "pkix_pl_colcertstore.h"
+
+/*
+ * This Object is going to be taken out from libpkix SOON. The following
+ * function is copied from nss/cmd library, but not supported by NSS as
+ * public API. We use it since ColCertStore are read in Cert/Crl from
+ * files and need this support.
+ */
+
+static SECStatus
+SECU_FileToItem(SECItem *dst, PRFileDesc *src)
+{
+ PRFileInfo info;
+ PRInt32 numBytes;
+ PRStatus prStatus;
+
+ prStatus = PR_GetOpenFileInfo(src, &info);
+
+ if (prStatus != PR_SUCCESS) {
+ PORT_SetError(SEC_ERROR_IO);
+ return SECFailure;
+ }
+
+ /* XXX workaround for 3.1, not all utils zero dst before sending */
+ dst->data = 0;
+ if (!SECITEM_AllocItem(NULL, dst, info.size))
+ goto loser;
+
+ numBytes = PR_Read(src, dst->data, info.size);
+ if (numBytes != info.size) {
+ PORT_SetError(SEC_ERROR_IO);
+ goto loser;
+ }
+
+ return SECSuccess;
+loser:
+ SECITEM_FreeItem(dst, PR_FALSE);
+ return SECFailure;
+}
+
+static SECStatus
+SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
+{
+ SECStatus rv;
+ if (ascii) {
+ /* First convert ascii to binary */
+ SECItem filedata;
+ char *asc, *body;
+
+ /* Read in ascii data */
+ rv = SECU_FileToItem(&filedata, inFile);
+ asc = (char *)filedata.data;
+ if (!asc) {
+ fprintf(stderr, "unable to read data from input file\n");
+ return SECFailure;
+ }
+
+ /* check for headers and trailers and remove them */
+ if ((body = strstr(asc, "-----BEGIN")) != NULL) {
+ char *trailer = NULL;
+ asc = body;
+ body = PORT_Strchr(body, '\n');
+ if (!body)
+ body = PORT_Strchr(asc, '\r'); /* maybe this is a MAC file */
+ if (body)
+ trailer = strstr(++body, "-----END");
+ if (trailer != NULL) {
+ *trailer = '\0';
+ } else {
+ fprintf(stderr, "input has header but no trailer\n");
+ PORT_Free(filedata.data);
+ return SECFailure;
+ }
+ } else {
+ body = asc;
+ }
+
+ /* Convert to binary */
+ rv = ATOB_ConvertAsciiToItem(der, body);
+ if (rv) {
+ return SECFailure;
+ }
+
+ PORT_Free(filedata.data);
+ } else {
+ /* Read in binary der */
+ rv = SECU_FileToItem(der, inFile);
+ if (rv) {
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: PKIX_PL_CollectionCertStoreContext_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CollectionCertStoreContext using the String pointed to
+ * by "storeDir" and stores it at "pColCertStoreContext".
+ *
+ * PARAMETERS:
+ * "storeDir"
+ * The absolute path where *.crl and *.crt files are located.
+ * "pColCertStoreContext"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_Create(
+ PKIX_PL_String *storeDir,
+ PKIX_PL_CollectionCertStoreContext **pColCertStoreContext,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_Create");
+ PKIX_NULLCHECK_TWO(storeDir, pColCertStoreContext);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
+ sizeof (PKIX_PL_CollectionCertStoreContext),
+ (PKIX_PL_Object **)&colCertStoreContext,
+ plContext),
+ PKIX_COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT);
+
+ PKIX_INCREF(storeDir);
+ colCertStoreContext->storeDir = storeDir;
+
+ colCertStoreContext->crlList = NULL;
+ colCertStoreContext->certList = NULL;
+
+ *pColCertStoreContext = colCertStoreContext;
+ colCertStoreContext = NULL;
+
+cleanup:
+
+ PKIX_DECREF(colCertStoreContext);
+
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_COLLECTIONCERTSTORECONTEXT_TYPE, plContext),
+ PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);
+
+ colCertStoreContext = (PKIX_PL_CollectionCertStoreContext *)object;
+
+ PKIX_DECREF(colCertStoreContext->storeDir);
+ PKIX_DECREF(colCertStoreContext->crlList);
+ PKIX_DECREF(colCertStoreContext->certList);
+
+cleanup:
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *collectionCSContext = NULL;
+ PKIX_UInt32 tempHash = 0;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object,
+ PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
+ plContext),
+ PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);
+
+ collectionCSContext = (PKIX_PL_CollectionCertStoreContext *)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *) collectionCSContext->storeDir,
+ &tempHash,
+ plContext),
+ PKIX_STRINGHASHCODEFAILED);
+
+ *pHashcode = tempHash << 7;
+
+ /* should not hash on crlList and certList, values are dynamic */
+
+cleanup:
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *firstCCSContext = NULL;
+ PKIX_PL_CollectionCertStoreContext *secondCCSContext = NULL;
+ PKIX_Boolean cmpResult = 0;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject,
+ secondObject,
+ PKIX_COLLECTIONCERTSTORECONTEXT_TYPE,
+ plContext),
+ PKIX_OBJECTNOTCOLLECTIONCERTSTORECONTEXT);
+
+ firstCCSContext = (PKIX_PL_CollectionCertStoreContext *)firstObject;
+ secondCCSContext = (PKIX_PL_CollectionCertStoreContext *)secondObject;
+
+ if (firstCCSContext->storeDir == secondCCSContext->storeDir) {
+
+ cmpResult = PKIX_TRUE;
+
+ } else {
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *) firstCCSContext->storeDir,
+ (PKIX_PL_Object *) secondCCSContext->storeDir,
+ &cmpResult,
+ plContext),
+ PKIX_STRINGEQUALSFAILED);
+ }
+
+ *pResult = cmpResult;
+
+ /* should not check equal on crlList and certList, data are dynamic */
+
+cleanup:
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStore_CheckTrust
+ * DESCRIPTION:
+ * This function checks the trust status of this "cert" that was retrieved
+ * from the CertStore "store" and returns its trust status at "pTrusted".
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of the CertStore. Must be non-NULL.
+ * "cert"
+ * Address of the Cert. Must be non-NULL.
+ * "pTrusted"
+ * Address of PKIX_Boolean where the "cert" trust status is returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStore_CheckTrust(
+ PKIX_CertStore *store,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pTrusted,
+ void *plContext)
+{
+ PKIX_ENTER(CERTSTORE, "pkix_pl_CollectionCertStore_CheckTrust");
+ PKIX_NULLCHECK_THREE(store, cert, pTrusted);
+
+ *pTrusted = PKIX_TRUE;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_CreateCert
+ * DESCRIPTION:
+ *
+ * Creates Cert using data file path name pointed to by "certFileName" and
+ * stores it at "pCert". If the Cert can not be decoded, NULL is stored
+ * at "pCert".
+ *
+ * PARAMETERS
+ * "certFileName" - Address of Cert data file path name. Must be non-NULL.
+ * "pCert" - Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_CreateCert(
+ const char *certFileName,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *byteArray = NULL;
+ PKIX_PL_Cert *cert = NULL;
+ PRFileDesc *inFile = NULL;
+ SECItem certDER;
+ void *buf = NULL;
+ PKIX_UInt32 len;
+ SECStatus rv;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_CreateCert");
+ PKIX_NULLCHECK_TWO(certFileName, pCert);
+
+ *pCert = NULL;
+ certDER.data = NULL;
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_Open.\n");
+ inFile = PR_Open(certFileName, PR_RDONLY, 0);
+
+ if (!inFile){
+ PKIX_ERROR(PKIX_UNABLETOOPENCERTFILE);
+ } else {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling SECU_ReadDerFromFile.\n");
+ rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE);
+ if (!rv){
+ buf = (void *)certDER.data;
+ len = certDER.len;
+
+ PKIX_CHECK(PKIX_PL_ByteArray_Create
+ (buf, len, &byteArray, plContext),
+ PKIX_BYTEARRAYCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_Create
+ (byteArray, &cert, plContext),
+ PKIX_CERTCREATEFAILED);
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling SECITEM_FreeItem.\n");
+ SECITEM_FreeItem(&certDER, PR_FALSE);
+
+ } else {
+ PKIX_ERROR(PKIX_UNABLETOREADDERFROMCERTFILE);
+ }
+ }
+
+ *pCert = cert;
+
+cleanup:
+ if (inFile){
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_CloseDir.\n");
+ PR_Close(inFile);
+ }
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&certDER, PR_FALSE);
+
+ PKIX_DECREF(cert);
+ }
+ PKIX_DECREF(byteArray);
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_CreateCRL
+ * DESCRIPTION:
+ *
+ * Creates CRL using data file path name pointed to by "crlFileName" and
+ * stores it at "pCrl". If the CRL can not be decoded, NULL is stored
+ * at "pCrl".
+ *
+ * PARAMETERS
+ * "crlFileName" - Address of CRL data file path name. Must be non-NULL.
+ * "pCrl" - Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_CreateCRL(
+ const char *crlFileName,
+ PKIX_PL_CRL **pCrl,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *byteArray = NULL;
+ PKIX_PL_CRL *crl = NULL;
+ PRFileDesc *inFile = NULL;
+ SECItem crlDER;
+ void *buf = NULL;
+ PKIX_UInt32 len;
+ SECStatus rv;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_CreateCRL");
+ PKIX_NULLCHECK_TWO(crlFileName, pCrl);
+
+ *pCrl = NULL;
+ crlDER.data = NULL;
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_Open.\n");
+ inFile = PR_Open(crlFileName, PR_RDONLY, 0);
+
+ if (!inFile){
+ PKIX_ERROR(PKIX_UNABLETOOPENCRLFILE);
+ } else {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling SECU_ReadDerFromFile.\n");
+ rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE);
+ if (!rv){
+ buf = (void *)crlDER.data;
+ len = crlDER.len;
+
+ PKIX_CHECK(PKIX_PL_ByteArray_Create
+ (buf, len, &byteArray, plContext),
+ PKIX_BYTEARRAYCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_CRL_Create
+ (byteArray, &crl, plContext),
+ PKIX_CRLCREATEFAILED);
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling SECITEM_FreeItem.\n");
+ SECITEM_FreeItem(&crlDER, PR_FALSE);
+
+ } else {
+ PKIX_ERROR(PKIX_UNABLETOREADDERFROMCRLFILE);
+ }
+ }
+
+ *pCrl = crl;
+
+cleanup:
+ if (inFile){
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_CloseDir.\n");
+ PR_Close(inFile);
+ }
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&crlDER, PR_FALSE);
+
+ PKIX_DECREF(crl);
+ if (crlDER.data != NULL) {
+ SECITEM_FreeItem(&crlDER, PR_FALSE);
+ }
+ }
+
+ PKIX_DECREF(byteArray);
+
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_PopulateCert
+ * DESCRIPTION:
+ *
+ * Create list of Certs from *.crt files at directory specified in dirName,
+ * Not recursive to sub-directory. Also assume the directory contents are
+ * not changed dynamically.
+ *
+ * PARAMETERS
+ * "colCertStoreContext" - Address of CollectionCertStoreContext
+ * where the dirName is specified and where the return
+ * Certs are stored as a list. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - A lock at top level is required.
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_PopulateCert(
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext,
+ void *plContext)
+{
+ PKIX_List *certList = NULL;
+ PKIX_PL_Cert *certItem = NULL;
+ char *dirName = NULL;
+ char *pathName = NULL;
+ PKIX_UInt32 dirNameLen = 0;
+ PRErrorCode prError = 0;
+ PRDir *dir = NULL;
+ PRDirEntry *dirEntry = NULL;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_PopulateCert");
+ PKIX_NULLCHECK_ONE(colCertStoreContext);
+
+ /* convert directory to ascii */
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (colCertStoreContext->storeDir,
+ PKIX_ESCASCII,
+ (void **)&dirName,
+ &dirNameLen,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ /* create cert list, if no cert file, should return an empty list */
+
+ PKIX_CHECK(PKIX_List_Create(&certList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /* open directory and read in .crt files */
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_OpenDir.\n");
+ dir = PR_OpenDir(dirName);
+
+ if (!dir) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG_ARG
+ ("\t\t Directory Name:%s\n", dirName);
+ PKIX_ERROR(PKIX_CANNOTOPENCOLLECTIONCERTSTORECONTEXTDIRECTORY);
+ }
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_ReadDir.\n");
+ dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
+
+ if (!dirEntry) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Empty directory.\n");
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_GetError.\n");
+ prError = PR_GetError();
+ }
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_SetError.\n");
+ PR_SetError(0, 0);
+
+ while (dirEntry != NULL && prError == 0) {
+ if (PL_strrstr(dirEntry->name, ".crt") ==
+ dirEntry->name + PL_strlen(dirEntry->name) - 4) {
+
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_PL_Malloc
+ (dirNameLen + PL_strlen(dirEntry->name) + 2,
+ (void **)&pathName,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ if ((!PKIX_ERROR_RECEIVED) && (pathName != NULL)){
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PL_strcpy for dirName.\n");
+ PL_strcpy(pathName, dirName);
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PL_strcat for dirName.\n");
+ PL_strcat(pathName, "/");
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PL_strcat for /.\n");
+ PL_strcat(pathName, dirEntry->name);
+
+ PKIX_CHECK_ONLY_FATAL
+ (pkix_pl_CollectionCertStoreContext_CreateCert
+ (pathName, &certItem, plContext),
+ PKIX_COLLECTIONCERTSTORECONTEXTCREATECERTFAILED);
+
+ if (!PKIX_ERROR_RECEIVED){
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_List_AppendItem
+ (certList,
+ (PKIX_PL_Object *)certItem,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ }
+
+ PKIX_DECREF(certItem);
+ PKIX_FREE(pathName);
+ }
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_SetError.\n");
+ PR_SetError(0, 0);
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_ReadDir.\n");
+ dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
+
+ if (!dirEntry) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_GetError.\n");
+ prError = PR_GetError();
+ }
+ }
+
+ if ((prError != 0) && (prError != PR_NO_MORE_FILES_ERROR)) {
+ PKIX_ERROR(PKIX_COLLECTIONCERTSTOREPOPULATECERTFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(certList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ PKIX_INCREF(certList);
+ colCertStoreContext->certList = certList;
+
+cleanup:
+ if (dir) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_CloseDir.\n");
+ PR_CloseDir(dir);
+ }
+
+ PKIX_FREE(pathName);
+ PKIX_FREE(dirName);
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(certList);
+ }
+
+ PKIX_DECREF(certItem);
+ PKIX_DECREF(certList);
+
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_PopulateCRL
+ * DESCRIPTION:
+ *
+ * Create list of CRLs from *.crl files at directory specified in dirName,
+ * Not recursive to sub-dirctory. Also assume the directory contents are
+ * not changed dynamically.
+ *
+ * PARAMETERS
+ * "colCertStoreContext" - Address of CollectionCertStoreContext
+ * where the dirName is specified and where the return
+ * CRLs are stored as a list. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - A lock at top level is required.
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_PopulateCRL(
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext,
+ void *plContext)
+{
+ PKIX_List *crlList = NULL;
+ PKIX_PL_CRL *crlItem = NULL;
+ char *dirName = NULL;
+ char *pathName = NULL;
+ PKIX_UInt32 dirNameLen = 0;
+ PRErrorCode prError = 0;
+ PRDir *dir = NULL;
+ PRDirEntry *dirEntry = NULL;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_PopulateCRL");
+ PKIX_NULLCHECK_ONE(colCertStoreContext);
+
+ /* convert directory to ascii */
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (colCertStoreContext->storeDir,
+ PKIX_ESCASCII,
+ (void **)&dirName,
+ &dirNameLen,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ /* create CRL list, if no CRL file, should return an empty list */
+
+ PKIX_CHECK(PKIX_List_Create(&crlList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /* open directory and read in .crl files */
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_OpenDir.\n");
+ dir = PR_OpenDir(dirName);
+
+ if (!dir) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG_ARG
+ ("\t\t Directory Name:%s\n", dirName);
+ PKIX_ERROR(PKIX_CANNOTOPENCOLLECTIONCERTSTORECONTEXTDIRECTORY);
+ }
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_ReadDir.\n");
+ dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
+
+ if (!dirEntry) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Empty directory.\n");
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_GetError.\n");
+ prError = PR_GetError();
+ }
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG("\t\t Calling PR_SetError.\n");
+ PR_SetError(0, 0);
+
+ while (dirEntry != NULL && prError == 0) {
+ if (PL_strrstr(dirEntry->name, ".crl") ==
+ dirEntry->name + PL_strlen(dirEntry->name) - 4) {
+
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_PL_Malloc
+ (dirNameLen + PL_strlen(dirEntry->name) + 2,
+ (void **)&pathName,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ if ((!PKIX_ERROR_RECEIVED) && (pathName != NULL)){
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PL_strcpy for dirName.\n");
+ PL_strcpy(pathName, dirName);
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PL_strcat for dirName.\n");
+ PL_strcat(pathName, "/");
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PL_strcat for /.\n");
+ PL_strcat(pathName, dirEntry->name);
+
+ PKIX_CHECK_ONLY_FATAL
+ (pkix_pl_CollectionCertStoreContext_CreateCRL
+ (pathName, &crlItem, plContext),
+ PKIX_COLLECTIONCERTSTORECONTEXTCREATECRLFAILED);
+
+ if (!PKIX_ERROR_RECEIVED){
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_List_AppendItem
+ (crlList,
+ (PKIX_PL_Object *)crlItem,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ }
+
+ PKIX_DECREF(crlItem);
+ PKIX_FREE(pathName);
+ }
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_SetError.\n");
+ PR_SetError(0, 0);
+
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_ReadDir.\n");
+ dirEntry = PR_ReadDir(dir, PR_SKIP_HIDDEN | PR_SKIP_BOTH);
+
+ if (!dirEntry) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_GetError.\n");
+ prError = PR_GetError();
+ }
+ }
+
+ if ((prError != 0) && (prError != PR_NO_MORE_FILES_ERROR)) {
+ PKIX_ERROR(PKIX_COLLECTIONCERTSTORECONTEXTGETSELECTCRLFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(crlList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ PKIX_INCREF(crlList);
+ colCertStoreContext->crlList = crlList;
+
+cleanup:
+ if (dir) {
+ PKIX_COLLECTIONCERTSTORECONTEXT_DEBUG
+ ("\t\t Calling PR_CloseDir.\n");
+ PR_CloseDir(dir);
+ }
+
+ PKIX_FREE(pathName);
+ PKIX_FREE(dirName);
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(crlList);
+ }
+
+ PKIX_DECREF(crlItem);
+ PKIX_DECREF(crlList);
+
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_GetSelectedCert
+ * DESCRIPTION:
+ *
+ * Finds the Certs that match the criterion of the CertSelector pointed
+ * to by "selector" using the List of Certs pointed to by "certList" and
+ * stores the matching Certs at "pSelectedCertList".
+ *
+ * Not recursive to sub-directory.
+ *
+ * PARAMETERS
+ * "certList" - Address of List of Certs to be searched. Must be non-NULL.
+ * "colCertStoreContext" - Address of CollectionCertStoreContext
+ * where the cached Certs are stored.
+ * "selector" - CertSelector for chosing Cert based on Params set
+ * "pSelectedCertList" - Certs that qualified by selector.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - A lock at top level is required.
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_GetSelectedCert(
+ PKIX_List *certList,
+ PKIX_CertSelector *selector,
+ PKIX_List **pSelectedCertList,
+ void *plContext)
+{
+ PKIX_List *selectCertList = NULL;
+ PKIX_PL_Cert *certItem = NULL;
+ PKIX_CertSelector_MatchCallback certSelectorMatch = NULL;
+ PKIX_UInt32 numCerts = 0;
+ PKIX_UInt32 i = 0;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_GetSelectedCert");
+ PKIX_NULLCHECK_THREE(certList, selector, pSelectedCertList);
+
+ PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
+ (selector, &certSelectorMatch, plContext),
+ PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(certList, &numCerts, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (certSelectorMatch) {
+
+ PKIX_CHECK(PKIX_List_Create(&selectCertList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (i = 0; i < numCerts; i++) {
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_List_GetItem
+ (certList,
+ i,
+ (PKIX_PL_Object **) &certItem,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (!PKIX_ERROR_RECEIVED){
+ PKIX_CHECK_ONLY_FATAL
+ (certSelectorMatch
+ (selector, certItem, plContext),
+ PKIX_CERTSELECTORMATCHFAILED);
+
+ if (!PKIX_ERROR_RECEIVED){
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_List_AppendItem
+ (selectCertList,
+ (PKIX_PL_Object *)certItem,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ }
+
+ PKIX_DECREF(certItem);
+ }
+
+ } else {
+
+ PKIX_INCREF(certList);
+
+ selectCertList = certList;
+ }
+
+ *pSelectedCertList = selectCertList;
+
+cleanup:
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_GetSelectedCRL
+ * DESCRIPTION:
+ *
+ * Finds the CRLs that match the criterion of the CRLSelector pointed
+ * to by "selector" using the List of CRLs pointed to by "crlList" and
+ * stores the matching CRLs at "pSelectedCrlList".
+ *
+ * Not recursive to sub-directory.
+ *
+ * PARAMETERS
+ * "crlList" - Address of List of CRLs to be searched. Must be non-NULL
+ * "selector" - CRLSelector for chosing CRL based on Params set
+ * "pSelectedCrlList" - CRLs that qualified by selector.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - A lock at top level is required.
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CollectionCertStoreContext Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CollectionCertStoreContext_GetSelectedCRL(
+ PKIX_List *crlList,
+ PKIX_CRLSelector *selector,
+ PKIX_List **pSelectedCrlList,
+ void *plContext)
+{
+ PKIX_List *selectCrlList = NULL;
+ PKIX_PL_CRL *crlItem = NULL;
+ PKIX_CRLSelector_MatchCallback crlSelectorMatch = NULL;
+ PKIX_UInt32 numCrls = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_Boolean match = PKIX_FALSE;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_GetSelectedCRL");
+ PKIX_NULLCHECK_THREE(crlList, selector, pSelectedCrlList);
+
+ PKIX_CHECK(PKIX_CRLSelector_GetMatchCallback
+ (selector, &crlSelectorMatch, plContext),
+ PKIX_CRLSELECTORGETMATCHCALLBACKFAILED);
+
+ PKIX_CHECK(PKIX_List_GetLength(crlList, &numCrls, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (crlSelectorMatch) {
+
+ PKIX_CHECK(PKIX_List_Create(&selectCrlList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (i = 0; i < numCrls; i++) {
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_GetItem
+ (crlList,
+ i,
+ (PKIX_PL_Object **) &crlItem,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (!PKIX_ERROR_RECEIVED){
+ PKIX_CHECK_ONLY_FATAL
+ (crlSelectorMatch
+ (selector, crlItem, &match, plContext),
+ PKIX_CRLSELECTORMATCHFAILED);
+
+ if (!(PKIX_ERROR_RECEIVED) && match) {
+ PKIX_CHECK_ONLY_FATAL
+ (PKIX_List_AppendItem
+ (selectCrlList,
+ (PKIX_PL_Object *)crlItem,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ }
+ }
+
+ PKIX_DECREF(crlItem);
+ }
+ } else {
+
+ PKIX_INCREF(crlList);
+
+ selectCrlList = crlList;
+ }
+
+ /* Don't throw away the list if one CRL was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+
+ *pSelectedCrlList = selectCrlList;
+
+cleanup:
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStore_GetCert
+ * DESCRIPTION:
+ *
+ * Retrieve Certs in a list of PKIX_PL_Cert object.
+ *
+ * PARAMETERS:
+ * "colCertStoreContext"
+ * The object CertStore is the object passed in by checker call.
+ * "crlSelector"
+ * CRLSelector specifies criteria for chosing CRL's
+ * "pNBIOContext"
+ * Address where platform-dependent information is returned for CertStores
+ * that use non-blocking I/O. Must be non-NULL.
+ * "pCertList"
+ * Address where object pointer will be returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CollectionCertStore_GetCert(
+ PKIX_CertStore *certStore,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCerts,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
+ PKIX_List *selectedCerts = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_CollectionCertStore_GetCert");
+ PKIX_NULLCHECK_FOUR(certStore, selector, pNBIOContext, pCerts);
+
+ *pNBIOContext = NULL; /* We don't use non-blocking I/O */
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (certStore,
+ (PKIX_PL_Object **) &colCertStoreContext,
+ plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ if (colCertStoreContext->certList == NULL) {
+
+ PKIX_OBJECT_LOCK(colCertStoreContext);
+
+ /*
+ * Certs in the directory are cached based on the
+ * assumption that the directory contents won't be
+ * changed dynamically.
+ */
+ if (colCertStoreContext->certList == NULL){
+ PKIX_CHECK(pkix_pl_CollectionCertStoreContext_PopulateCert
+ (colCertStoreContext, plContext),
+ PKIX_COLLECTIONCERTSTORECONTEXTPOPULATECERTFAILED);
+ }
+
+ PKIX_OBJECT_UNLOCK(colCertStoreContext);
+ }
+
+ PKIX_CHECK(pkix_pl_CollectionCertStoreContext_GetSelectedCert
+ (colCertStoreContext->certList,
+ selector,
+ &selectedCerts,
+ plContext),
+ PKIX_COLLECTIONCERTSTORECONTEXTGETSELECTCERTFAILED);
+
+ *pCerts = selectedCerts;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_DECREF(colCertStoreContext);
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStore_GetCRL
+ * DESCRIPTION:
+ *
+ * Retrieve CRL's in a list of PKIX_PL_CRL object.
+ *
+ * PARAMETERS:
+ * "colCertStoreContext"
+ * The object CertStore is passed in by checker call.
+ * "crlSelector"
+ * CRLSelector specifies criteria for chosing CRL's
+ * "pNBIOContext"
+ * Address where platform-dependent information is returned for CertStores
+ * that use non-blocking I/O. Must be non-NULL.
+ * "pCrlList"
+ * Address where object pointer will be returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CollectionCertStore_GetCRL(
+ PKIX_CertStore *certStore,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
+ PKIX_List *selectCrl = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_CollectionCertStore_GetCRL");
+ PKIX_NULLCHECK_FOUR(certStore, selector, pNBIOContext, pCrlList);
+
+ *pNBIOContext = NULL; /* We don't use non-blocking I/O */
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (certStore,
+ (PKIX_PL_Object **) &colCertStoreContext,
+ plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ if (colCertStoreContext->crlList == NULL) {
+
+ PKIX_OBJECT_LOCK(colCertStoreContext);
+
+ /*
+ * CRLs in the directory are cached based on the
+ * assumption that the directory contents won't be
+ * changed dynamically.
+ */
+ if (colCertStoreContext->crlList == NULL){
+ PKIX_CHECK(pkix_pl_CollectionCertStoreContext_PopulateCRL
+ (colCertStoreContext, plContext),
+ PKIX_COLLECTIONCERTSTORECONTEXTPOPULATECRLFAILED);
+ }
+
+ PKIX_OBJECT_UNLOCK(colCertStoreContext);
+
+ }
+
+ PKIX_CHECK(pkix_pl_CollectionCertStoreContext_GetSelectedCRL
+ (colCertStoreContext->crlList,
+ selector,
+ &selectCrl,
+ plContext),
+ PKIX_COLLECTIONCERTSTORECONTEXTGETSELECTCRLFAILED);
+
+ *pCrlList = selectCrl;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_DECREF(colCertStoreContext);
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_CollectionCertStoreContext_RegisterSelf
+ * DESCRIPTION:
+ *
+ * Registers PKIX_PL_COLLECTIONCERTSTORECONTEXT_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CollectionCertStoreContext_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(COLLECTIONCERTSTORECONTEXT,
+ "pkix_pl_CollectionCertStoreContext_RegisterSelf");
+
+ entry.description = "CollectionCertStoreContext";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CollectionCertStoreContext);
+ entry.destructor = pkix_pl_CollectionCertStoreContext_Destroy;
+ entry.equalsFunction = pkix_pl_CollectionCertStoreContext_Equals;
+ entry.hashcodeFunction = pkix_pl_CollectionCertStoreContext_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_COLLECTIONCERTSTORECONTEXT_TYPE] = entry;
+
+ PKIX_RETURN(COLLECTIONCERTSTORECONTEXT);
+}
+
+/* --Public-CollectionCertStoreContext-Functions--------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_CollectionCertStore_Create
+ * (see comments in pkix_samples_modules.h)
+ */
+PKIX_Error *
+PKIX_PL_CollectionCertStore_Create(
+ PKIX_PL_String *storeDir,
+ PKIX_CertStore **pCertStore,
+ void *plContext)
+{
+ PKIX_PL_CollectionCertStoreContext *colCertStoreContext = NULL;
+ PKIX_CertStore *certStore = NULL;
+
+ PKIX_ENTER(CERTSTORE, "PKIX_PL_CollectionCertStore_Create");
+ PKIX_NULLCHECK_TWO(storeDir, pCertStore);
+
+ PKIX_CHECK(pkix_pl_CollectionCertStoreContext_Create
+ (storeDir, &colCertStoreContext, plContext),
+ PKIX_COULDNOTCREATECOLLECTIONCERTSTORECONTEXTOBJECT);
+
+ PKIX_CHECK(PKIX_CertStore_Create
+ (pkix_pl_CollectionCertStore_GetCert,
+ pkix_pl_CollectionCertStore_GetCRL,
+ NULL, /* GetCertContinue */
+ NULL, /* GetCRLContinue */
+ pkix_pl_CollectionCertStore_CheckTrust,
+ NULL, /* can not store crls */
+ NULL, /* can not do revocation check */
+ (PKIX_PL_Object *)colCertStoreContext,
+ PKIX_TRUE, /* cache flag */
+ PKIX_TRUE, /* local - no network I/O */
+ &certStore,
+ plContext),
+ PKIX_CERTSTORECREATEFAILED);
+
+ PKIX_DECREF(colCertStoreContext);
+
+ *pCertStore = certStore;
+
+cleanup:
+ PKIX_RETURN(CERTSTORE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.h
new file mode 100755
index 000000000..f41e6fa5e
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.h
@@ -0,0 +1,34 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_colcertstore.h
+ *
+ * CollectionCertstore Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_COLCERTSTORE_H
+#define _PKIX_PL_COLCERTSTORE_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_CollectionCertStoreContext {
+ PKIX_PL_String *storeDir;
+ PKIX_List *crlList;
+ PKIX_List *certList;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_CollectionCertStoreContext_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_COLCERTSTORE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
new file mode 100755
index 000000000..471f92004
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
@@ -0,0 +1,1147 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_httpcertstore.c
+ *
+ * HTTPCertStore Function Definitions
+ *
+ */
+
+/* We can't decode the length of a message without at least this many bytes */
+
+#include "pkix_pl_httpcertstore.h"
+extern PKIX_PL_HashTable *httpSocketCache;
+SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
+SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
+
+SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate)
+/* SEC_ASN1_CHOOSER_DECLARE(SEC_SetOfAnyTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate)
+
+const SEC_ASN1Template CERT_IssuerAndSNTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(CERTIssuerAndSN) },
+ { SEC_ASN1_SAVE,
+ offsetof(CERTIssuerAndSN,derIssuer) },
+ { SEC_ASN1_INLINE,
+ offsetof(CERTIssuerAndSN,issuer),
+ CERT_NameTemplate },
+ { SEC_ASN1_INTEGER,
+ offsetof(CERTIssuerAndSN,serialNumber) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SECAlgorithmID) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SECAlgorithmID,algorithm) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+ offsetof(SECAlgorithmID,parameters) },
+ { 0 }
+}; */
+
+/* --Private-HttpCertStoreContext-Object Functions----------------------- */
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStoreContext_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_HttpCertStoreContext_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ PKIX_PL_HttpCertStoreContext *context = NULL;
+
+ PKIX_ENTER
+ (HTTPCERTSTORECONTEXT, "pkix_pl_HttpCertStoreContext_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_HTTPCERTSTORECONTEXT_TYPE, plContext),
+ PKIX_OBJECTNOTANHTTPCERTSTORECONTEXT);
+
+ context = (PKIX_PL_HttpCertStoreContext *)object;
+ hcv1 = (const SEC_HttpClientFcnV1 *)(context->client);
+ if (context->requestSession != NULL) {
+ (*hcv1->freeFcn)(context->requestSession);
+ context->requestSession = NULL;
+ }
+ if (context->serverSession != NULL) {
+ (*hcv1->freeSessionFcn)(context->serverSession);
+ context->serverSession = NULL;
+ }
+ if (context->path != NULL) {
+ PORT_Free(context->path);
+ context->path = NULL;
+ }
+
+cleanup:
+
+ PKIX_RETURN(HTTPCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStoreContext_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_PL_HTTPCERTSTORECONTEXT_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_HttpCertStoreContext_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry = &systemClasses[PKIX_HTTPCERTSTORECONTEXT_TYPE];
+
+ PKIX_ENTER(HTTPCERTSTORECONTEXT,
+ "pkix_pl_HttpCertStoreContext_RegisterSelf");
+
+ entry->description = "HttpCertStoreContext";
+ entry->typeObjectSize = sizeof(PKIX_PL_HttpCertStoreContext);
+ entry->destructor = pkix_pl_HttpCertStoreContext_Destroy;
+
+ PKIX_RETURN(HTTPCERTSTORECONTEXT);
+}
+
+
+/* --Private-Http-CertStore-Database-Functions----------------------- */
+
+typedef struct callbackContextStruct {
+ PKIX_List *pkixCertList;
+ PKIX_Error *error;
+ void *plContext;
+} callbackContext;
+
+
+/*
+ * FUNCTION: certCallback
+ * DESCRIPTION:
+ *
+ * This function processes the null-terminated array of SECItems produced by
+ * extracting the contents of a signedData message received in response to an
+ * HTTP cert query. Its address is supplied as a callback function to
+ * CERT_DecodeCertPackage; it is not expected to be called directly.
+ *
+ * Note that it does not conform to the libpkix API standard of returning
+ * a PKIX_Error*. It returns a SECStatus.
+ *
+ * PARAMETERS:
+ * "arg"
+ * The address of the callbackContext provided as a void* argument to
+ * CERT_DecodeCertPackage. Must be non-NULL.
+ * "secitemCerts"
+ * The address of the null-terminated array of SECItems. Must be non-NULL.
+ * "numcerts"
+ * The number of SECItems found in the signedData. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns SECSuccess if the function succeeds.
+ * Returns SECFailure if the function fails.
+ */
+static SECStatus
+certCallback(void *arg, SECItem **secitemCerts, int numcerts)
+{
+ callbackContext *cbContext;
+ PKIX_List *pkixCertList = NULL;
+ PKIX_Error *error = NULL;
+ void *plContext = NULL;
+ int itemNum = 0;
+
+ if ((arg == NULL) || (secitemCerts == NULL)) {
+ return (SECFailure);
+ }
+
+ cbContext = (callbackContext *)arg;
+ plContext = cbContext->plContext;
+ pkixCertList = cbContext->pkixCertList;
+
+ for (; itemNum < numcerts; itemNum++ ) {
+ error = pkix_pl_Cert_CreateToList(secitemCerts[itemNum],
+ pkixCertList, plContext);
+ if (error != NULL) {
+ if (error->errClass == PKIX_FATAL_ERROR) {
+ cbContext->error = error;
+ return SECFailure;
+ }
+ /* reuse "error" since we could not destruct the old *
+ * value */
+ error = PKIX_PL_Object_DecRef((PKIX_PL_Object *)error,
+ plContext);
+ if (error) {
+ /* Treat decref failure as a fatal error.
+ * In this case will leak error, but can not do
+ * anything about it. */
+ error->errClass = PKIX_FATAL_ERROR;
+ cbContext->error = error;
+ return SECFailure;
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+
+typedef SECStatus (*pkix_DecodeCertsFunc)(char *certbuf, int certlen,
+ CERTImportCertificateFunc f, void *arg);
+
+
+struct pkix_DecodeFuncStr {
+ pkix_DecodeCertsFunc func; /* function pointer to the
+ * CERT_DecodeCertPackage function */
+ PRLibrary *smimeLib; /* Pointer to the smime shared lib*/
+ PRCallOnceType once;
+};
+
+static struct pkix_DecodeFuncStr pkix_decodeFunc;
+static const PRCallOnceType pkix_pristine;
+
+#define SMIME_LIB_NAME SHLIB_PREFIX"smime3."SHLIB_SUFFIX
+
+/*
+ * load the smime library and look up the SEC_ReadPKCS7Certs function.
+ * we do this so we don't have a circular depenency on the smime library,
+ * and also so we don't have to load the smime library in applications that
+ * don't use it.
+ */
+static PRStatus PR_CALLBACK pkix_getDecodeFunction(void)
+{
+ pkix_decodeFunc.smimeLib =
+ PR_LoadLibrary(SHLIB_PREFIX"smime3."SHLIB_SUFFIX);
+ if (pkix_decodeFunc.smimeLib == NULL) {
+ return PR_FAILURE;
+ }
+
+ pkix_decodeFunc.func = (pkix_DecodeCertsFunc) PR_FindFunctionSymbol(
+ pkix_decodeFunc.smimeLib, "CERT_DecodeCertPackage");
+ if (!pkix_decodeFunc.func) {
+ return PR_FAILURE;
+ }
+ return PR_SUCCESS;
+
+}
+
+/*
+ * clears our global state on shutdown.
+ */
+void
+pkix_pl_HttpCertStore_Shutdown(void *plContext)
+{
+ if (pkix_decodeFunc.smimeLib) {
+ PR_UnloadLibrary(pkix_decodeFunc.smimeLib);
+ pkix_decodeFunc.smimeLib = NULL;
+ }
+ /* the function pointer just need to be cleared, not freed */
+ pkix_decodeFunc.func = NULL;
+ pkix_decodeFunc.once = pkix_pristine;
+}
+
+/*
+ * This function is based on CERT_DecodeCertPackage from lib/pkcs7/certread.c
+ * read an old style ascii or binary certificate chain
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_DecodeCertPackage
+ (const char *certbuf,
+ int certlen,
+ CERTImportCertificateFunc f,
+ void *arg,
+ void *plContext)
+{
+
+ PRStatus status;
+ SECStatus rv;
+
+ PKIX_ENTER
+ (HTTPCERTSTORECONTEXT,
+ "pkix_pl_HttpCertStore_DecodeCertPackage");
+ PKIX_NULLCHECK_TWO(certbuf, f);
+
+ status = PR_CallOnce(&pkix_decodeFunc.once, pkix_getDecodeFunction);
+
+ if (status != PR_SUCCESS) {
+ PKIX_ERROR(PKIX_CANTLOADLIBSMIME);
+ }
+
+ /* paranoia, shouldn't happen if status == PR_SUCCESS); */
+ if (!pkix_decodeFunc.func) {
+ PKIX_ERROR(PKIX_CANTLOADLIBSMIME);
+ }
+
+ rv = (*pkix_decodeFunc.func)((char*)certbuf, certlen, f, arg);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR (PKIX_SECREADPKCS7CERTSFAILED);
+ }
+
+
+cleanup:
+
+ PKIX_RETURN(HTTPCERTSTORECONTEXT);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_ProcessCertResponse
+ * DESCRIPTION:
+ *
+ * This function verifies that the response code pointed to by "responseCode"
+ * and the content type pointed to by "responseContentType" are as expected,
+ * and then decodes the data pointed to by "responseData", of length
+ * "responseDataLen", into a List of Certs, possibly empty, which is returned
+ * at "pCertList".
+ *
+ * PARAMETERS:
+ * "responseCode"
+ * The value of the HTTP response code.
+ * "responseContentType"
+ * The address of the Content-type string. Must be non-NULL.
+ * "responseData"
+ * The address of the message data. Must be non-NULL.
+ * "responseDataLen"
+ * The length of the message data.
+ * "pCertList"
+ * The address of the List that is created. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpCertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_ProcessCertResponse(
+ PRUint16 responseCode,
+ const char *responseContentType,
+ const char *responseData,
+ PRUint32 responseDataLen,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ callbackContext cbContext;
+
+ PKIX_ENTER(HTTPCERTSTORECONTEXT,
+ "pkix_pl_HttpCertStore_ProcessCertResponse");
+
+ cbContext.error = NULL;
+ cbContext.plContext = plContext;
+ cbContext.pkixCertList = NULL;
+
+ PKIX_NULLCHECK_ONE(pCertList);
+
+ if (responseCode != 200) {
+ PKIX_ERROR(PKIX_BADHTTPRESPONSE);
+ }
+
+ /* check that response type is application/pkcs7-mime */
+ if (responseContentType == NULL) {
+ PKIX_ERROR(PKIX_NOCONTENTTYPEINHTTPRESPONSE);
+ }
+
+ if (responseData == NULL) {
+ PKIX_ERROR(PKIX_NORESPONSEDATAINHTTPRESPONSE);
+ }
+
+ PKIX_CHECK(
+ PKIX_List_Create(&cbContext.pkixCertList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK_ONLY_FATAL(
+ pkix_pl_HttpCertStore_DecodeCertPackage(responseData,
+ responseDataLen,
+ certCallback,
+ &cbContext,
+ plContext),
+ PKIX_HTTPCERTSTOREDECODECERTPACKAGEFAILED);
+ if (cbContext.error) {
+ /* Aborting on a fatal error(See certCallback fn) */
+ pkixErrorResult = cbContext.error;
+ goto cleanup;
+ }
+
+ *pCertList = cbContext.pkixCertList;
+ cbContext.pkixCertList = NULL;
+
+cleanup:
+
+ PKIX_DECREF(cbContext.pkixCertList);
+
+ PKIX_RETURN(HTTPCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_ProcessCrlResponse
+ * DESCRIPTION:
+ *
+ * This function verifies that the response code pointed to by "responseCode"
+ * and the content type pointed to by "responseContentType" are as expected,
+ * and then decodes the data pointed to by "responseData", of length
+ * "responseDataLen", into a List of Crls, possibly empty, which is returned
+ * at "pCrlList".
+ *
+ * PARAMETERS:
+ * "responseCode"
+ * The value of the HTTP response code.
+ * "responseContentType"
+ * The address of the Content-type string. Must be non-NULL.
+ * "responseData"
+ * The address of the message data. Must be non-NULL.
+ * "responseDataLen"
+ * The length of the message data.
+ * "pCrlList"
+ * The address of the List that is created. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpCertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_ProcessCrlResponse(
+ PRUint16 responseCode,
+ const char *responseContentType,
+ const char *responseData,
+ PRUint32 responseDataLen,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ SECItem encodedResponse;
+ PRInt16 compareVal = 0;
+ PKIX_List *crls = NULL;
+ SECItem *derCrlCopy = NULL;
+ CERTSignedCrl *nssCrl = NULL;
+ PKIX_PL_CRL *crl = NULL;
+
+ PKIX_ENTER(HTTPCERTSTORECONTEXT,
+ "pkix_pl_HttpCertStore_ProcessCrlResponse");
+ PKIX_NULLCHECK_ONE(pCrlList);
+
+ if (responseCode != 200) {
+ PKIX_ERROR(PKIX_BADHTTPRESPONSE);
+ }
+
+ /* check that response type is application/pkix-crl */
+ if (responseContentType == NULL) {
+ PKIX_ERROR(PKIX_NOCONTENTTYPEINHTTPRESPONSE);
+ }
+
+ compareVal = PORT_Strcasecmp(responseContentType,
+ "application/pkix-crl");
+ if (compareVal != 0) {
+ PKIX_ERROR(PKIX_CONTENTTYPENOTPKIXCRL);
+ }
+ encodedResponse.type = siBuffer;
+ encodedResponse.data = (void*)responseData;
+ encodedResponse.len = responseDataLen;
+
+ derCrlCopy = SECITEM_DupItem(&encodedResponse);
+ if (!derCrlCopy) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ /* crl will be based on derCrlCopy, but will not own the der. */
+ nssCrl =
+ CERT_DecodeDERCrlWithFlags(NULL, derCrlCopy, SEC_CRL_TYPE,
+ CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_SKIP_ENTRIES);
+ if (!nssCrl) {
+ PKIX_ERROR(PKIX_FAILEDTODECODECRL);
+ }
+ /* pkix crls own the der. */
+ PKIX_CHECK(
+ pkix_pl_CRL_CreateWithSignedCRL(nssCrl, derCrlCopy, NULL,
+ &crl, plContext),
+ PKIX_CRLCREATEWITHSIGNEDCRLFAILED);
+ /* Left control over memory pointed by derCrlCopy and
+ * nssCrl to pkix crl. */
+ derCrlCopy = NULL;
+ nssCrl = NULL;
+ PKIX_CHECK(PKIX_List_Create(&crls, plContext),
+ PKIX_LISTCREATEFAILED);
+ PKIX_CHECK(PKIX_List_AppendItem
+ (crls, (PKIX_PL_Object *) crl, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ *pCrlList = crls;
+ crls = NULL;
+cleanup:
+ if (derCrlCopy) {
+ SECITEM_FreeItem(derCrlCopy, PR_TRUE);
+ }
+ if (nssCrl) {
+ SEC_DestroyCrl(nssCrl);
+ }
+ PKIX_DECREF(crl);
+ PKIX_DECREF(crls);
+
+ PKIX_RETURN(HTTPCERTSTORECONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_CreateRequestSession
+ * DESCRIPTION:
+ *
+ * This function takes elements from the HttpCertStoreContext pointed to by
+ * "context" (path, client, and serverSession) and creates a RequestSession.
+ * See the HTTPClient API described in ocspt.h for further details.
+ *
+ * PARAMETERS:
+ * "context"
+ * The address of the HttpCertStoreContext. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpCertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_CreateRequestSession(
+ PKIX_PL_HttpCertStoreContext *context,
+ void *plContext)
+{
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER
+ (HTTPCERTSTORECONTEXT,
+ "pkix_pl_HttpCertStore_CreateRequestSession");
+ PKIX_NULLCHECK_TWO(context, context->serverSession);
+
+ if (context->client->version != 1) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+
+ hcv1 = &(context->client->fcnTable.ftable1);
+ if (context->requestSession != NULL) {
+ (*hcv1->freeFcn)(context->requestSession);
+ context->requestSession = 0;
+ }
+
+ rv = (*hcv1->createFcn)(context->serverSession, "http",
+ context->path, "GET",
+ PR_SecondsToInterval(
+ ((PKIX_PL_NssContext*)plContext)->timeoutSeconds),
+ &(context->requestSession));
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+cleanup:
+
+ PKIX_RETURN(HTTPCERTSTORECONTEXT);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_GetCert
+ * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_GetCert(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ PKIX_PL_HttpCertStoreContext *context = NULL;
+ void *nbioContext = NULL;
+ SECStatus rv = SECFailure;
+ PRUint16 responseCode = 0;
+ const char *responseContentType = NULL;
+ const char *responseData = NULL;
+ PRUint32 responseDataLen = 0;
+ PKIX_List *certList = NULL;
+
+ PKIX_ENTER(HTTPCERTSTORECONTEXT, "pkix_pl_HttpCertStore_GetCert");
+ PKIX_NULLCHECK_THREE(store, selector, pCertList);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&context, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ if (context->client->version != 1) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+
+ hcv1 = &(context->client->fcnTable.ftable1);
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_CreateRequestSession
+ (context, plContext),
+ PKIX_HTTPCERTSTORECREATEREQUESTSESSIONFAILED);
+
+ responseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+
+ rv = (*hcv1->trySendAndReceiveFcn)(context->requestSession,
+ (PRPollDesc **)&nbioContext,
+ &responseCode,
+ (const char **)&responseContentType,
+ NULL, /* &responseHeaders */
+ (const char **)&responseData,
+ &responseDataLen);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+
+ if (nbioContext != 0) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCertResponse
+ (responseCode,
+ responseContentType,
+ responseData,
+ responseDataLen,
+ &certList,
+ plContext),
+ PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED);
+
+ *pCertList = certList;
+
+cleanup:
+ PKIX_DECREF(context);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_GetCertContinue
+ * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_GetCertContinue(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ PKIX_PL_HttpCertStoreContext *context = NULL;
+ void *nbioContext = NULL;
+ SECStatus rv = SECFailure;
+ PRUint16 responseCode = 0;
+ const char *responseContentType = NULL;
+ const char *responseData = NULL;
+ PRUint32 responseDataLen = 0;
+ PKIX_List *certList = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_HttpCertStore_GetCertContinue");
+ PKIX_NULLCHECK_THREE(store, selector, pCertList);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&context, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ if (context->client->version != 1) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+
+ hcv1 = &(context->client->fcnTable.ftable1);
+ PKIX_NULLCHECK_ONE(context->requestSession);
+
+ responseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+
+ rv = (*hcv1->trySendAndReceiveFcn)(context->requestSession,
+ (PRPollDesc **)&nbioContext,
+ &responseCode,
+ (const char **)&responseContentType,
+ NULL, /* &responseHeaders */
+ (const char **)&responseData,
+ &responseDataLen);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+
+ if (nbioContext != 0) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCertResponse
+ (responseCode,
+ responseContentType,
+ responseData,
+ responseDataLen,
+ &certList,
+ plContext),
+ PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED);
+
+ *pCertList = certList;
+
+cleanup:
+ PKIX_DECREF(context);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_GetCRL
+ * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_GetCRL(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ PKIX_PL_HttpCertStoreContext *context = NULL;
+ void *nbioContext = NULL;
+ SECStatus rv = SECFailure;
+ PRUint16 responseCode = 0;
+ const char *responseContentType = NULL;
+ const char *responseData = NULL;
+ PRUint32 responseDataLen = 0;
+ PKIX_List *crlList = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_HttpCertStore_GetCRL");
+ PKIX_NULLCHECK_THREE(store, selector, pCrlList);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&context, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ if (context->client->version != 1) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+
+ hcv1 = &(context->client->fcnTable.ftable1);
+ PKIX_CHECK(pkix_pl_HttpCertStore_CreateRequestSession
+ (context, plContext),
+ PKIX_HTTPCERTSTORECREATEREQUESTSESSIONFAILED);
+
+ responseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+
+ rv = (*hcv1->trySendAndReceiveFcn)(context->requestSession,
+ (PRPollDesc **)&nbioContext,
+ &responseCode,
+ (const char **)&responseContentType,
+ NULL, /* &responseHeaders */
+ (const char **)&responseData,
+ &responseDataLen);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+
+ if (nbioContext != 0) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCrlResponse
+ (responseCode,
+ responseContentType,
+ responseData,
+ responseDataLen,
+ &crlList,
+ plContext),
+ PKIX_HTTPCERTSTOREPROCESSCRLRESPONSEFAILED);
+
+ *pCrlList = crlList;
+
+cleanup:
+ PKIX_DECREF(context);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_GetCRLContinue
+ * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_GetCRLContinue(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ PKIX_PL_HttpCertStoreContext *context = NULL;
+ void *nbioContext = NULL;
+ SECStatus rv = SECFailure;
+ PRUint16 responseCode = 0;
+ const char *responseContentType = NULL;
+ const char *responseData = NULL;
+ PRUint32 responseDataLen = 0;
+ PKIX_List *crlList = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_HttpCertStore_GetCRLContinue");
+ PKIX_NULLCHECK_FOUR(store, selector, pNBIOContext, pCrlList);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&context, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ if (context->client->version != 1) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+ hcv1 = &(context->client->fcnTable.ftable1);
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_CreateRequestSession
+ (context, plContext),
+ PKIX_HTTPCERTSTORECREATEREQUESTSESSIONFAILED);
+
+ responseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+
+ rv = (*hcv1->trySendAndReceiveFcn)(context->requestSession,
+ (PRPollDesc **)&nbioContext,
+ &responseCode,
+ (const char **)&responseContentType,
+ NULL, /* &responseHeaders */
+ (const char **)&responseData,
+ &responseDataLen);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPSERVERERROR);
+ }
+
+ if (nbioContext != 0) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCrlResponse
+ (responseCode,
+ responseContentType,
+ responseData,
+ responseDataLen,
+ &crlList,
+ plContext),
+ PKIX_HTTPCERTSTOREPROCESSCRLRESPONSEFAILED);
+
+ *pCrlList = crlList;
+
+cleanup:
+ PKIX_DECREF(context);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/* --Public-HttpCertStore-Functions----------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_HttpCertStore_CreateWithAsciiName
+ * DESCRIPTION:
+ *
+ * This function uses the HttpClient pointed to by "client" and the string
+ * (hostname:portnum/path, with portnum optional) pointed to by "locationAscii"
+ * to create an HttpCertStore connected to the desired location, storing the
+ * created CertStore at "pCertStore".
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpClient. Must be non-NULL.
+ * "locationAscii"
+ * The address of the character string indicating the hostname, port, and
+ * path to be queried for Certs or Crls. Must be non-NULL.
+ * "pCertStore"
+ * The address in which the object is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpCertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_HttpCertStore_CreateWithAsciiName(
+ PKIX_PL_HttpClient *client,
+ char *locationAscii,
+ PKIX_CertStore **pCertStore,
+ void *plContext)
+{
+ const SEC_HttpClientFcn *clientFcn = NULL;
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ PKIX_PL_HttpCertStoreContext *httpCertStore = NULL;
+ PKIX_CertStore *certStore = NULL;
+ char *hostname = NULL;
+ char *path = NULL;
+ PRUint16 port = 0;
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_HttpCertStore_CreateWithAsciiName");
+ PKIX_NULLCHECK_TWO(locationAscii, pCertStore);
+
+ if (client == NULL) {
+ clientFcn = SEC_GetRegisteredHttpClient();
+ if (clientFcn == NULL) {
+ PKIX_ERROR(PKIX_NOREGISTEREDHTTPCLIENT);
+ }
+ } else {
+ clientFcn = (const SEC_HttpClientFcn *)client;
+ }
+
+ if (clientFcn->version != 1) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT);
+ }
+
+ /* create a PKIX_PL_HttpCertStore object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_HTTPCERTSTORECONTEXT_TYPE,
+ sizeof (PKIX_PL_HttpCertStoreContext),
+ (PKIX_PL_Object **)&httpCertStore,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* Initialize fields */
+ httpCertStore->client = clientFcn; /* not a PKIX object! */
+
+ /* parse location -> hostname, port, path */
+ rv = CERT_ParseURL(locationAscii, &hostname, &port, &path);
+ if (rv == SECFailure || hostname == NULL || path == NULL) {
+ PKIX_ERROR(PKIX_URLPARSINGFAILED);
+ }
+
+ httpCertStore->path = path;
+ path = NULL;
+
+ hcv1 = &(clientFcn->fcnTable.ftable1);
+ rv = (*hcv1->createSessionFcn)(hostname, port,
+ &(httpCertStore->serverSession));
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_HTTPCLIENTCREATESESSIONFAILED);
+ }
+
+ httpCertStore->requestSession = NULL;
+
+ PKIX_CHECK(PKIX_CertStore_Create
+ (pkix_pl_HttpCertStore_GetCert,
+ pkix_pl_HttpCertStore_GetCRL,
+ pkix_pl_HttpCertStore_GetCertContinue,
+ pkix_pl_HttpCertStore_GetCRLContinue,
+ NULL, /* don't support trust */
+ NULL, /* can not store crls */
+ NULL, /* can not do revocation check */
+ (PKIX_PL_Object *)httpCertStore,
+ PKIX_TRUE, /* cache flag */
+ PKIX_FALSE, /* not local */
+ &certStore,
+ plContext),
+ PKIX_CERTSTORECREATEFAILED);
+
+ *pCertStore = certStore;
+ certStore = NULL;
+
+cleanup:
+ PKIX_DECREF(httpCertStore);
+ if (hostname) {
+ PORT_Free(hostname);
+ }
+ if (path) {
+ PORT_Free(path);
+ }
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: PKIX_PL_HttpCertStore_Create
+ * (see comments in pkix_samples_modules.h)
+ */
+PKIX_Error *
+PKIX_PL_HttpCertStore_Create(
+ PKIX_PL_HttpClient *client,
+ PKIX_PL_GeneralName *location,
+ PKIX_CertStore **pCertStore,
+ void *plContext)
+{
+ PKIX_PL_String *locationString = NULL;
+ char *locationAscii = NULL;
+ PKIX_UInt32 len = 0;
+
+ PKIX_ENTER(CERTSTORE, "PKIX_PL_HttpCertStore_Create");
+ PKIX_NULLCHECK_TWO(location, pCertStore);
+
+ PKIX_TOSTRING(location, &locationString, plContext,
+ PKIX_GENERALNAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (locationString,
+ PKIX_ESCASCII,
+ (void **)&locationAscii,
+ &len,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_CHECK(pkix_pl_HttpCertStore_CreateWithAsciiName
+ (client, locationAscii, pCertStore, plContext),
+ PKIX_HTTPCERTSTORECREATEWITHASCIINAMEFAILED);
+
+cleanup:
+
+ PKIX_DECREF(locationString);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_HttpCertStore_FindSocketConnection
+ * DESCRIPTION:
+ *
+ PRIntervalTime timeout,
+ char *hostname,
+ PRUint16 portnum,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+
+ * This function checks for an existing socket, creating a new one if unable
+ * to find an existing one, for the host pointed to by "hostname" and the port
+ * pointed to by "portnum". If a new socket is created the PRIntervalTime in
+ * "timeout" will be used for the timeout value and a creation status is
+ * returned at "pStatus". The address of the socket is stored at "pSocket".
+ *
+ * PARAMETERS:
+ * "timeout"
+ * The PRIntervalTime of the timeout value.
+ * "hostname"
+ * The address of the string containing the hostname. Must be non-NULL.
+ * "portnum"
+ * The port number for the desired socket.
+ * "pStatus"
+ * The address at which the status is stored. Must be non-NULL.
+ * "pSocket"
+ * The address at which the socket is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpCertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_HttpCertStore_FindSocketConnection(
+ PRIntervalTime timeout,
+ char *hostname,
+ PRUint16 portnum,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+ void *plContext)
+{
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *hostString = NULL;
+ PKIX_PL_String *domainString = NULL;
+ PKIX_PL_Socket *socket = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_HttpCertStore_FindSocketConnection");
+ PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket);
+
+ *pStatus = 0;
+
+ /* create PKIX_PL_String from hostname and port */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "%s:%d", 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+#if 0
+hostname = "variation.red.iplanet.com";
+portnum = 2001;
+#endif
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, hostname, 0, &hostString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&domainString, plContext, formatString, hostString, portnum),
+ PKIX_STRINGCREATEFAILED);
+
+#ifdef PKIX_SOCKETCACHE
+ /* Is this domainName already in cache? */
+ PKIX_CHECK(PKIX_PL_HashTable_Lookup
+ (httpSocketCache,
+ (PKIX_PL_Object *)domainString,
+ (PKIX_PL_Object **)&socket,
+ plContext),
+ PKIX_HASHTABLELOOKUPFAILED);
+#endif
+ if (socket == NULL) {
+
+ /* No, create a connection (and cache it) */
+ PKIX_CHECK(pkix_pl_Socket_CreateByHostAndPort
+ (PKIX_FALSE, /* create a client, not a server */
+ timeout,
+ hostname,
+ portnum,
+ pStatus,
+ &socket,
+ plContext),
+ PKIX_SOCKETCREATEBYHOSTANDPORTFAILED);
+
+#ifdef PKIX_SOCKETCACHE
+ PKIX_CHECK(PKIX_PL_HashTable_Add
+ (httpSocketCache,
+ (PKIX_PL_Object *)domainString,
+ (PKIX_PL_Object *)socket,
+ plContext),
+ PKIX_HASHTABLEADDFAILED);
+#endif
+ }
+
+ *pSocket = socket;
+ socket = NULL;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(hostString);
+ PKIX_DECREF(domainString);
+ PKIX_DECREF(socket);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.h
new file mode 100644
index 000000000..a03ea94d8
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.h
@@ -0,0 +1,62 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_httpcertstore.h
+ *
+ * HTTPCertstore Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_HTTPCERTSTORE_H
+#define _PKIX_PL_HTTPCERTSTORE_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_HttpCertStoreContextStruct {
+ const SEC_HttpClientFcn *client;
+ SEC_HTTP_SERVER_SESSION serverSession;
+ SEC_HTTP_REQUEST_SESSION requestSession;
+ char *path;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_HttpCertStoreContext_RegisterSelf(void *plContext);
+
+void pkix_pl_HttpCertStore_Shutdown(void *plContext);
+
+PKIX_Error *
+pkix_pl_HttpCertStore_CreateWithAsciiName(
+ PKIX_PL_HttpClient *client,
+ char *locationAscii,
+ PKIX_CertStore **pCertStore,
+ void *plContext);
+
+PKIX_Error *
+pkix_HttpCertStore_FindSocketConnection(
+ PRIntervalTime timeout,
+ char *hostname,
+ PRUint16 portnum,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_HttpCertStore_ProcessCertResponse(
+ PRUint16 responseCode,
+ const char *responseContentType,
+ const char *responseData,
+ PRUint32 responseDataLen,
+ PKIX_List **pCertList,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_HTTPCERTSTORE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c
new file mode 100644
index 000000000..9954f0ca6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c
@@ -0,0 +1,1654 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_httpdefaultclient.c
+ *
+ * HTTPDefaultClient Function Definitions
+ *
+ */
+
+#include "pkix_pl_httpdefaultclient.h"
+
+static void *plContext = NULL;
+
+/*
+ * The interface specification for an http client requires that it register
+ * a function table of type SEC_HttpClientFcn, which is defined as a union
+ * of tables, of which only version 1 is defined at present.
+ *
+ * Note: these functions violate the PKIX calling conventions, in that they
+ * return SECStatus rather than PKIX_Error*, and that they do not provide a
+ * plContext argument. They are implemented here as calls to PKIX functions,
+ * but the plContext value is circularly defined - a true kludge. Its value
+ * is saved at the time of the call to pkix_pl_HttpDefaultClient_Create for
+ * subsequent use, but since that initial call comes from the
+ * pkix_pl_HttpDefaultClient_CreateSessionFcn, it's not really getting saved.
+ */
+static SEC_HttpClientFcnV1 vtable = {
+ pkix_pl_HttpDefaultClient_CreateSessionFcn,
+ pkix_pl_HttpDefaultClient_KeepAliveSessionFcn,
+ pkix_pl_HttpDefaultClient_FreeSessionFcn,
+ pkix_pl_HttpDefaultClient_RequestCreateFcn,
+ pkix_pl_HttpDefaultClient_SetPostDataFcn,
+ pkix_pl_HttpDefaultClient_AddHeaderFcn,
+ pkix_pl_HttpDefaultClient_TrySendAndReceiveFcn,
+ pkix_pl_HttpDefaultClient_CancelFcn,
+ pkix_pl_HttpDefaultClient_FreeFcn
+};
+
+static SEC_HttpClientFcn httpClient;
+
+static const char *eohMarker = "\r\n\r\n";
+static const PKIX_UInt32 eohMarkLen = 4; /* strlen(eohMarker) */
+static const char *crlf = "\r\n";
+static const PKIX_UInt32 crlfLen = 2; /* strlen(crlf) */
+static const char *httpprotocol = "HTTP/";
+static const PKIX_UInt32 httpprotocolLen = 5; /* strlen(httpprotocol) */
+
+
+#define HTTP_UNKNOWN_CONTENT_LENGTH -1
+
+/* --Private-HttpDefaultClient-Functions------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_HdrCheckComplete
+ * DESCRIPTION:
+ *
+ * This function determines whether the headers in the current receive buffer
+ * in the HttpDefaultClient pointed to by "client" are complete. If so, the
+ * input data is checked for status code, content-type and content-length are
+ * extracted, and the client is set up to read the body of the response.
+ * Otherwise, the client is set up to continue reading header data.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "bytesRead"
+ * The UInt32 number of bytes received in the latest read.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_HdrCheckComplete(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_UInt32 bytesRead,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_UInt32 alreadyScanned = 0;
+ PKIX_UInt32 comp = 0;
+ PKIX_UInt32 headerLength = 0;
+ PKIX_Int32 contentLength = HTTP_UNKNOWN_CONTENT_LENGTH;
+ char *eoh = NULL;
+ char *statusLineEnd = NULL;
+ char *space = NULL;
+ char *nextHeader = NULL;
+ const char *httpcode = NULL;
+ char *thisHeaderEnd = NULL;
+ char *value = NULL;
+ char *colon = NULL;
+ char *copy = NULL;
+ char *body = NULL;
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_HdrCheckComplete");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ *pKeepGoing = PKIX_FALSE;
+
+ /* Does buffer contain end-of-header marker? */
+
+ /* Copy number of scanned bytes into a variable. */
+ alreadyScanned = client->filledupBytes;
+ /*
+ * If this is the initial buffer, we have to scan from the beginning.
+ * If we scanned, failed to find eohMarker, and read some more, we
+ * only have to scan from where we left off.
+ */
+ if (alreadyScanned > eohMarkLen) {
+ /* Back up and restart scanning over a few bytes that were
+ * scanned before */
+ PKIX_UInt32 searchStartPos = alreadyScanned - eohMarkLen;
+ eoh = PL_strnstr(&(client->rcvBuf[searchStartPos]), eohMarker,
+ bytesRead + searchStartPos);
+ } else {
+ /* A search from the beginning of the buffer. */
+ eoh = PL_strnstr(client->rcvBuf, eohMarker, bytesRead);
+ }
+
+ client->filledupBytes += bytesRead;
+
+ if (eoh == NULL) { /* did we see end-of-header? */
+ /* No. Continue to read header data */
+ client->connectStatus = HTTP_RECV_HDR;
+ *pKeepGoing = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /* Yes. Calculate how many bytes in header (not counting eohMarker) */
+ headerLength = (eoh - client->rcvBuf);
+
+ /* allocate space to copy header (and for the NULL terminator) */
+ PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)&copy, plContext),
+ PKIX_MALLOCFAILED);
+
+ /* copy header data before we corrupt it (by storing NULLs) */
+ PORT_Memcpy(copy, client->rcvBuf, headerLength);
+ /* Store the NULL terminator */
+ copy[headerLength] = '\0';
+ client->rcvHeaders = copy;
+
+ /* Did caller want a pointer to header? */
+ if (client->rcv_http_headers != NULL) {
+ /* store pointer for caller */
+ *(client->rcv_http_headers) = copy;
+ }
+
+ /* Check that message status is okay. */
+ statusLineEnd = PL_strnstr(client->rcvBuf, crlf, client->capacity);
+ if (statusLineEnd == NULL) {
+ client->connectStatus = HTTP_ERROR;
+ PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
+ goto cleanup;
+ }
+
+ *statusLineEnd = '\0';
+
+ space = strchr((const char *)client->rcvBuf, ' ');
+ if (space == NULL) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+
+ comp = PORT_Strncasecmp((const char *)client->rcvBuf, httpprotocol,
+ httpprotocolLen);
+ if (comp != 0) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+
+ httpcode = space + 1;
+ space = strchr(httpcode, ' ');
+ if (space == NULL) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+ *space = '\0';
+
+ client->responseCode = atoi(httpcode);
+ if (client->responseCode != 200) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+
+ /* Find the content-type and content-length */
+ nextHeader = statusLineEnd + crlfLen;
+ *eoh = '\0';
+ do {
+ thisHeaderEnd = NULL;
+ value = NULL;
+
+ colon = strchr(nextHeader, ':');
+ if (colon == NULL) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+ *colon = '\0';
+ value = colon + 1;
+ if (*value != ' ') {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+ value++;
+ thisHeaderEnd = strstr(value, crlf);
+ if (thisHeaderEnd != NULL) {
+ *thisHeaderEnd = '\0';
+ }
+ comp = PORT_Strcasecmp(nextHeader, "content-type");
+ if (comp == 0) {
+ client->rcvContentType = PORT_Strdup(value);
+ } else {
+ comp = PORT_Strcasecmp(nextHeader, "content-length");
+ if (comp == 0) {
+ contentLength = atoi(value);
+ }
+ }
+ if (thisHeaderEnd != NULL) {
+ nextHeader = thisHeaderEnd + crlfLen;
+ } else {
+ nextHeader = NULL;
+ }
+ } while ((nextHeader != NULL) && (nextHeader < (eoh + crlfLen)));
+
+ /* Did caller provide a pointer to return content-type? */
+ if (client->rcv_http_content_type != NULL) {
+ *(client->rcv_http_content_type) = client->rcvContentType;
+ }
+
+ if (client->rcvContentType == NULL) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+
+ /* How many bytes remain in current buffer, beyond the header? */
+ headerLength += eohMarkLen;
+ client->filledupBytes -= headerLength;
+
+ /*
+ * The headers have passed validation. Now figure out whether the
+ * message is within the caller's size limit (if one was specified).
+ */
+ switch (contentLength) {
+ case 0:
+ client->rcv_http_data_len = 0;
+ client->connectStatus = HTTP_COMPLETE;
+ *pKeepGoing = PKIX_FALSE;
+ break;
+
+ case HTTP_UNKNOWN_CONTENT_LENGTH:
+ /* Unknown contentLength indicator.Will be set by
+ * pkix_pl_HttpDefaultClient_RecvBody whey connection get closed */
+ client->rcv_http_data_len = HTTP_UNKNOWN_CONTENT_LENGTH;
+ contentLength = /* Try to reserve 4K+ buffer */
+ client->filledupBytes + HTTP_DATA_BUFSIZE;
+ if (client->maxResponseLen > 0 &&
+ contentLength > (PKIX_Int32)client->maxResponseLen) {
+ if (client->filledupBytes < client->maxResponseLen) {
+ contentLength = client->maxResponseLen;
+ } else {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+ }
+ /* set available number of bytes in the buffer */
+ client->capacity = contentLength;
+ client->connectStatus = HTTP_RECV_BODY;
+ *pKeepGoing = PKIX_TRUE;
+ break;
+
+ default:
+ client->rcv_http_data_len = contentLength;
+ if (client->maxResponseLen > 0 &&
+ (PKIX_Int32)client->maxResponseLen < contentLength) {
+ client->connectStatus = HTTP_ERROR;
+ goto cleanup;
+ }
+
+ /*
+ * Do we have all of the message body, or do we need to read some more?
+ */
+ if ((PKIX_Int32)client->filledupBytes < contentLength) {
+ client->connectStatus = HTTP_RECV_BODY;
+ *pKeepGoing = PKIX_TRUE;
+ } else {
+ client->connectStatus = HTTP_COMPLETE;
+ *pKeepGoing = PKIX_FALSE;
+ }
+ }
+
+ if (contentLength > 0) {
+ /* allocate a buffer of size contentLength for the content */
+ PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plContext),
+ PKIX_MALLOCFAILED);
+
+ /* copy any remaining bytes in current buffer into new buffer */
+ if (client->filledupBytes > 0) {
+ PORT_Memcpy(body, &(client->rcvBuf[headerLength]),
+ client->filledupBytes);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plContext),
+ PKIX_FREEFAILED);
+ client->rcvBuf = body;
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_HttpDefaultClient_Create
+ * DESCRIPTION:
+ *
+ * This function creates a new HttpDefaultClient, and stores the result at
+ * "pClient".
+ *
+ * The HttpClient API does not include a plContext argument in its
+ * function calls. Its value at the time of this Create call must be the
+ * same as when the client is invoked.
+ *
+ * PARAMETERS:
+ * "host"
+ * The name of the server with which we hope to exchange messages. Must
+ * be non-NULL.
+ * "portnum"
+ * The port number to be used for our connection to the server.
+ * "pClient"
+ * The address at which the created HttpDefaultClient is to be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_Create(
+ const char *host,
+ PRUint16 portnum,
+ PKIX_PL_HttpDefaultClient **pClient,
+ void *plContext)
+{
+ PKIX_PL_HttpDefaultClient *client = NULL;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "PKIX_PL_HttpDefaultClient_Create");
+ PKIX_NULLCHECK_TWO(pClient, host);
+
+ /* allocate an HttpDefaultClient */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_HTTPDEFAULTCLIENT_TYPE,
+ sizeof (PKIX_PL_HttpDefaultClient),
+ (PKIX_PL_Object **)&client,
+ plContext),
+ PKIX_COULDNOTCREATEHTTPDEFAULTCLIENTOBJECT);
+
+ /* Client timeout is overwritten in HttpDefaultClient_RequestCreate
+ * function. Default value will be ignored. */
+ client->timeout = 0;
+ client->connectStatus = HTTP_NOT_CONNECTED;
+ client->portnum = portnum;
+ client->bytesToWrite = 0;
+ client->send_http_data_len = 0;
+ client->rcv_http_data_len = 0;
+ client->capacity = 0;
+ client->filledupBytes = 0;
+ client->responseCode = 0;
+ client->maxResponseLen = 0;
+ client->GETLen = 0;
+ client->POSTLen = 0;
+ client->pRcv_http_data_len = NULL;
+ client->callbackList = NULL;
+ client->GETBuf = NULL;
+ client->POSTBuf = NULL;
+ client->rcvBuf = NULL;
+ /* "host" is a parsing result by CERT_GetURL function that adds
+ * "end of line" to the value. OK to dup the string. */
+ client->host = PORT_Strdup(host);
+ if (!client->host) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ client->path = NULL;
+ client->rcvContentType = NULL;
+ client->rcvHeaders = NULL;
+ client->send_http_method = HTTP_POST_METHOD;
+ client->send_http_content_type = NULL;
+ client->send_http_data = NULL;
+ client->rcv_http_response_code = NULL;
+ client->rcv_http_content_type = NULL;
+ client->rcv_http_headers = NULL;
+ client->rcv_http_data = NULL;
+ client->socket = NULL;
+
+ /*
+ * The HttpClient API does not include a plContext argument in its
+ * function calls. Save it here.
+ */
+ client->plContext = plContext;
+
+ *pClient = client;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(client);
+ }
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_HttpDefaultClient *client = NULL;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_HTTPDEFAULTCLIENT_TYPE, plContext),
+ PKIX_OBJECTNOTANHTTPDEFAULTCLIENT);
+
+ client = (PKIX_PL_HttpDefaultClient *)object;
+
+ if (client->rcvHeaders) {
+ PKIX_PL_Free(client->rcvHeaders, plContext);
+ client->rcvHeaders = NULL;
+ }
+ if (client->rcvContentType) {
+ PORT_Free(client->rcvContentType);
+ client->rcvContentType = NULL;
+ }
+ if (client->GETBuf != NULL) {
+ PR_smprintf_free(client->GETBuf);
+ client->GETBuf = NULL;
+ }
+ if (client->POSTBuf != NULL) {
+ PKIX_PL_Free(client->POSTBuf, plContext);
+ client->POSTBuf = NULL;
+ }
+ if (client->rcvBuf != NULL) {
+ PKIX_PL_Free(client->rcvBuf, plContext);
+ client->rcvBuf = NULL;
+ }
+ if (client->host) {
+ PORT_Free(client->host);
+ client->host = NULL;
+ }
+ if (client->path) {
+ PORT_Free(client->path);
+ client->path = NULL;
+ }
+ PKIX_DECREF(client->socket);
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_PL_HTTPDEFAULTCLIENT_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry =
+ &systemClasses[PKIX_HTTPDEFAULTCLIENT_TYPE];
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_RegisterSelf");
+
+ entry->description = "HttpDefaultClient";
+ entry->typeObjectSize = sizeof(PKIX_PL_HttpDefaultClient);
+ entry->destructor = pkix_pl_HttpDefaultClient_Destroy;
+
+ httpClient.version = 1;
+ httpClient.fcnTable.ftable1 = vtable;
+ (void)SEC_RegisterDefaultHttpClient(&httpClient);
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/* --Private-HttpDefaultClient-I/O-Functions---------------------------- */
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_ConnectContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether a socket Connect initiated earlier for the
+ * HttpDefaultClient "client" has completed, and stores in "pKeepGoing" a flag
+ * indicating whether processing can continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_ConnectContinue(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PRErrorCode status;
+ PKIX_Boolean keepGoing = PKIX_FALSE;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_ConnectContinue");
+ PKIX_NULLCHECK_ONE(client);
+
+ callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
+
+ PKIX_CHECK(callbackList->connectcontinueCallback
+ (client->socket, &status, plContext),
+ PKIX_SOCKETCONNECTCONTINUEFAILED);
+
+ if (status == 0) {
+ client->connectStatus = HTTP_CONNECTED;
+ keepGoing = PKIX_TRUE;
+ } else if (status != PR_IN_PROGRESS_ERROR) {
+ PKIX_ERROR(PKIX_UNEXPECTEDERRORINESTABLISHINGCONNECTION);
+ }
+
+ *pKeepGoing = keepGoing;
+
+cleanup:
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_Send
+ * DESCRIPTION:
+ *
+ * This function creates and sends HTTP-protocol headers and, if applicable,
+ * data, for the HttpDefaultClient "client", and stores in "pKeepGoing" a flag
+ * indicating whether processing can continue without further input, and at
+ * "pBytesTransferred" the number of bytes sent.
+ *
+ * If "pBytesTransferred" is zero, it indicates that non-blocking I/O is in use
+ * and that transmission has not completed.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "pBytesTransferred"
+ * The address at which the number of bytes sent is stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_Send(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ PKIX_UInt32 *pBytesTransferred,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_Int32 lenToWrite = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+ char *dataToWrite = NULL;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Send");
+ PKIX_NULLCHECK_THREE(client, pKeepGoing, pBytesTransferred);
+
+ *pKeepGoing = PKIX_FALSE;
+
+ /* Do we have anything waiting to go? */
+ if ((client->GETBuf) || (client->POSTBuf)) {
+
+ if (client->GETBuf) {
+ dataToWrite = client->GETBuf;
+ lenToWrite = client->GETLen;
+ } else {
+ dataToWrite = client->POSTBuf;
+ lenToWrite = client->POSTLen;
+ }
+
+ callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
+
+ PKIX_CHECK(callbackList->sendCallback
+ (client->socket,
+ dataToWrite,
+ lenToWrite,
+ &bytesWritten,
+ plContext),
+ PKIX_SOCKETSENDFAILED);
+
+ client->rcvBuf = NULL;
+ client->capacity = 0;
+ client->filledupBytes = 0;
+
+ /*
+ * If the send completed we can proceed to try for the
+ * response. If the send did not complete we will have
+ * to poll for completion later.
+ */
+ if (bytesWritten >= 0) {
+ client->connectStatus = HTTP_RECV_HDR;
+ *pKeepGoing = PKIX_TRUE;
+ } else {
+ client->connectStatus = HTTP_SEND_PENDING;
+ *pKeepGoing = PKIX_FALSE;
+ }
+
+ }
+
+ *pBytesTransferred = bytesWritten;
+
+cleanup:
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_SendContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the sending of the HTTP message for the
+ * HttpDefaultClient "client" has completed, and stores in "pKeepGoing" a
+ * flag indicating whether processing can continue without further input, and
+ * at "pBytesTransferred" the number of bytes sent.
+ *
+ * If "pBytesTransferred" is zero, it indicates that non-blocking I/O is in use
+ * and that transmission has not completed.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "pBytesTransferred"
+ * The address at which the number of bytes sent is stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_SendContinue(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ PKIX_UInt32 *pBytesTransferred,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_SendContinue");
+ PKIX_NULLCHECK_THREE(client, pKeepGoing, pBytesTransferred);
+
+ *pKeepGoing = PKIX_FALSE;
+
+ callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->socket, &bytesWritten, NULL, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ /*
+ * If the send completed we can proceed to try for the
+ * response. If the send did not complete we will have
+ * continue to poll.
+ */
+ if (bytesWritten >= 0) {
+ client->connectStatus = HTTP_RECV_HDR;
+ *pKeepGoing = PKIX_TRUE;
+ }
+
+ *pBytesTransferred = bytesWritten;
+
+cleanup:
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_RecvHdr
+ * DESCRIPTION:
+ *
+ * This function receives HTTP headers for the HttpDefaultClient "client", and
+ * stores in "pKeepGoing" a flag indicating whether processing can continue
+ * without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_RecvHdr(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_UInt32 bytesToRead = 0;
+ PKIX_Int32 bytesRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_RecvHdr");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ /*
+ * rcvbuf, capacity, and filledupBytes were
+ * initialized when we wrote the headers. We begin by reading
+ * HTTP_HEADER_BUFSIZE bytes, repeatedly increasing the buffersize and
+ * reading again if necessary, until we have read the end-of-header
+ * marker, "\r\n\r\n", or have reached our maximum.
+ */
+ client->capacity += HTTP_HEADER_BUFSIZE;
+ PKIX_CHECK(PKIX_PL_Realloc
+ (client->rcvBuf,
+ client->capacity,
+ (void **)&(client->rcvBuf),
+ plContext),
+ PKIX_REALLOCFAILED);
+
+ bytesToRead = client->capacity - client->filledupBytes;
+
+ callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
+
+ PKIX_CHECK(callbackList->recvCallback
+ (client->socket,
+ (void *)&(client->rcvBuf[client->filledupBytes]),
+ bytesToRead,
+ &bytesRead,
+ plContext),
+ PKIX_SOCKETRECVFAILED);
+
+ if (bytesRead > 0) {
+ /* client->filledupBytes will be adjusted by
+ * pkix_pl_HttpDefaultClient_HdrCheckComplete */
+ PKIX_CHECK(
+ pkix_pl_HttpDefaultClient_HdrCheckComplete(client, bytesRead,
+ pKeepGoing,
+ plContext),
+ PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED);
+ } else {
+ client->connectStatus = HTTP_RECV_HDR_PENDING;
+ *pKeepGoing = PKIX_FALSE;
+ }
+
+cleanup:
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_RecvHdrContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the receiving of the HTTP headers for the
+ * HttpDefaultClient "client" has completed, and stores in "pKeepGoing" a flag
+ * indicating whether processing can continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_RecvHdrContinue(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_RecvHdrContinue");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->socket, NULL, &bytesRead, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ if (bytesRead > 0) {
+ client->filledupBytes += bytesRead;
+
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_HdrCheckComplete
+ (client, bytesRead, pKeepGoing, plContext),
+ PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED);
+
+ } else {
+
+ *pKeepGoing = PKIX_FALSE;
+
+ }
+
+cleanup:
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_RecvBody
+ * DESCRIPTION:
+ *
+ * This function processes the contents of the first buffer of a received
+ * HTTP-protocol message for the HttpDefaultClient "client", and stores in
+ * "pKeepGoing" a flag indicating whether processing can continue without
+ * further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_RecvBody(
+ PKIX_PL_HttpDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesRead = 0;
+ PKIX_Int32 bytesToRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_RecvBody");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
+
+ if (client->rcv_http_data_len != HTTP_UNKNOWN_CONTENT_LENGTH) {
+ bytesToRead = client->rcv_http_data_len -
+ client->filledupBytes;
+ } else {
+ /* Reading till the EOF. Context length is not known.*/
+ /* Check the buffer capacity: increase and
+ * reallocate if it is low. */
+ int freeBuffSize = client->capacity - client->filledupBytes;
+ if (freeBuffSize < HTTP_MIN_AVAILABLE_BUFFER_SIZE) {
+ /* New length will be consist of available(downloaded) bytes,
+ * plus remaining capacity, plus new expansion. */
+ int currBuffSize = client->capacity;
+ /* Try to increase the buffer by 4K */
+ unsigned int newLength = currBuffSize + HTTP_DATA_BUFSIZE;
+ if (client->maxResponseLen > 0 &&
+ newLength > client->maxResponseLen) {
+ newLength = client->maxResponseLen;
+ }
+ /* Check if we can grow the buffer and report an error if
+ * new size is not larger than the current size of the buffer.*/
+ if (newLength <= client->filledupBytes) {
+ client->rcv_http_data_len = client->filledupBytes;
+ client->connectStatus = HTTP_ERROR;
+ *pKeepGoing = PKIX_FALSE;
+ goto cleanup;
+ }
+ if (client->capacity < newLength) {
+ client->capacity = newLength;
+ PKIX_CHECK(
+ PKIX_PL_Realloc(client->rcvBuf, newLength,
+ (void**)&client->rcvBuf, plContext),
+ PKIX_REALLOCFAILED);
+ freeBuffSize = client->capacity -
+ client->filledupBytes;
+ }
+ }
+ bytesToRead = freeBuffSize;
+ }
+
+ /* Use poll callback if waiting on non-blocking IO */
+ if (client->connectStatus == HTTP_RECV_BODY_PENDING) {
+ PKIX_CHECK(callbackList->pollCallback
+ (client->socket, NULL, &bytesRead, plContext),
+ PKIX_SOCKETPOLLFAILED);
+ } else {
+ PKIX_CHECK(callbackList->recvCallback
+ (client->socket,
+ (void *)&(client->rcvBuf[client->filledupBytes]),
+ bytesToRead,
+ &bytesRead,
+ plContext),
+ PKIX_SOCKETRECVFAILED);
+ }
+
+ /* If bytesRead < 0, an error will be thrown by recvCallback, so
+ * need to handle >= 0 cases. */
+
+ /* bytesRead == 0 - IO was blocked. */
+ if (bytesRead == 0) {
+ client->connectStatus = HTTP_RECV_BODY_PENDING;
+ *pKeepGoing = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /* We got something. Did we get it all? */
+ client->filledupBytes += bytesRead;
+
+ /* continue if not enough bytes read or if complete size of
+ * transfer is unknown */
+ if (bytesToRead > bytesRead ||
+ client->rcv_http_data_len == HTTP_UNKNOWN_CONTENT_LENGTH) {
+ *pKeepGoing = PKIX_TRUE;
+ goto cleanup;
+ }
+ client->connectStatus = HTTP_COMPLETE;
+ *pKeepGoing = PKIX_FALSE;
+
+cleanup:
+ if (pkixErrorResult && pkixErrorResult->errCode ==
+ PKIX_PRRECVREPORTSNETWORKCONNECTIONCLOSED) {
+ if (client->rcv_http_data_len == HTTP_UNKNOWN_CONTENT_LENGTH) {
+ client->rcv_http_data_len = client->filledupBytes;
+ client->connectStatus = HTTP_COMPLETE;
+ *pKeepGoing = PKIX_FALSE;
+ PKIX_DECREF(pkixErrorResult);
+ } else {
+ client->connectStatus = HTTP_ERROR;
+ }
+ }
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_HttpDefaultClient_Dispatch
+ * DESCRIPTION:
+ *
+ * This function is the state machine dispatcher for the HttpDefaultClient
+ * pointed to by "client". Results are returned by changes to various fields
+ * in the context.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the HttpDefaultClient object. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HttpDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_HttpDefaultClient_Dispatch(
+ PKIX_PL_HttpDefaultClient *client,
+ void *plContext)
+{
+ PKIX_UInt32 bytesTransferred = 0;
+ PKIX_Boolean keepGoing = PKIX_TRUE;
+
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Dispatch");
+ PKIX_NULLCHECK_ONE(client);
+
+ while (keepGoing) {
+ switch (client->connectStatus) {
+ case HTTP_CONNECT_PENDING:
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_ConnectContinue
+ (client, &keepGoing, plContext),
+ PKIX_HTTPDEFAULTCLIENTCONNECTCONTINUEFAILED);
+ break;
+ case HTTP_CONNECTED:
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_Send
+ (client, &keepGoing, &bytesTransferred, plContext),
+ PKIX_HTTPDEFAULTCLIENTSENDFAILED);
+ break;
+ case HTTP_SEND_PENDING:
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_SendContinue
+ (client, &keepGoing, &bytesTransferred, plContext),
+ PKIX_HTTPDEFAULTCLIENTSENDCONTINUEFAILED);
+ break;
+ case HTTP_RECV_HDR:
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdr
+ (client, &keepGoing, plContext),
+ PKIX_HTTPDEFAULTCLIENTRECVHDRFAILED);
+ break;
+ case HTTP_RECV_HDR_PENDING:
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdrContinue
+ (client, &keepGoing, plContext),
+ PKIX_HTTPDEFAULTCLIENTRECVHDRCONTINUEFAILED);
+ break;
+ case HTTP_RECV_BODY:
+ case HTTP_RECV_BODY_PENDING:
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvBody
+ (client, &keepGoing, plContext),
+ PKIX_HTTPDEFAULTCLIENTRECVBODYFAILED);
+ break;
+ case HTTP_ERROR:
+ case HTTP_COMPLETE:
+ keepGoing = PKIX_FALSE;
+ break;
+ case HTTP_NOT_CONNECTED:
+ default:
+ PKIX_ERROR(PKIX_HTTPDEFAULTCLIENTINILLEGALSTATE);
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+}
+
+/*
+ * --HttpClient vtable functions
+ * See comments in ocspt.h for the function (wrappers) that return SECStatus.
+ * The functions that return PKIX_Error* are the libpkix implementations.
+ */
+
+PKIX_Error *
+pkix_pl_HttpDefaultClient_CreateSession(
+ const char *host,
+ PRUint16 portnum,
+ SEC_HTTP_SERVER_SESSION *pSession,
+ void *plContext)
+{
+ PKIX_PL_HttpDefaultClient *client = NULL;
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_CreateSession");
+ PKIX_NULLCHECK_TWO(host, pSession);
+
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_Create
+ (host, portnum, &client, plContext),
+ PKIX_HTTPDEFAULTCLIENTCREATEFAILED);
+
+ *pSession = (SEC_HTTP_SERVER_SESSION)client;
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+
+}
+
+PKIX_Error *
+pkix_pl_HttpDefaultClient_KeepAliveSession(
+ SEC_HTTP_SERVER_SESSION session,
+ PRPollDesc **pPollDesc,
+ void *plContext)
+{
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_KeepAliveSession");
+ PKIX_NULLCHECK_TWO(session, pPollDesc);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)session,
+ PKIX_HTTPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
+
+ /* XXX Not implemented */
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+
+}
+
+PKIX_Error *
+pkix_pl_HttpDefaultClient_RequestCreate(
+ SEC_HTTP_SERVER_SESSION session,
+ const char *http_protocol_variant, /* usually "http" */
+ const char *path_and_query_string,
+ const char *http_request_method,
+ const PRIntervalTime timeout,
+ SEC_HTTP_REQUEST_SESSION *pRequest,
+ void *plContext)
+{
+ PKIX_PL_HttpDefaultClient *client = NULL;
+ PKIX_PL_Socket *socket = NULL;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+ PRFileDesc *fileDesc = NULL;
+ PRErrorCode status = 0;
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_RequestCreate");
+ PKIX_NULLCHECK_TWO(session, pRequest);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)session,
+ PKIX_HTTPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
+
+ client = (PKIX_PL_HttpDefaultClient *)session;
+
+ /* We only know how to do http */
+ if (PORT_Strncasecmp(http_protocol_variant, "http", 4) != 0) {
+ PKIX_ERROR(PKIX_UNRECOGNIZEDPROTOCOLREQUESTED);
+ }
+
+ if (PORT_Strncasecmp(http_request_method, "POST", 4) == 0) {
+ client->send_http_method = HTTP_POST_METHOD;
+ } else if (PORT_Strncasecmp(http_request_method, "GET", 3) == 0) {
+ client->send_http_method = HTTP_GET_METHOD;
+ } else {
+ /* We only know how to do POST and GET */
+ PKIX_ERROR(PKIX_UNRECOGNIZEDREQUESTMETHOD);
+ }
+
+ if (path_and_query_string) {
+ /* "path_and_query_string" is a parsing result by CERT_GetURL
+ * function that adds "end of line" to the value. OK to dup
+ * the string. */
+ client->path = PORT_Strdup(path_and_query_string);
+ if (!client->path) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ }
+
+ client->timeout = timeout;
+
+#if 0
+ PKIX_CHECK(pkix_HttpCertStore_FindSocketConnection
+ (timeout,
+ "variation.red.iplanet.com", /* (char *)client->host, */
+ 2001, /* client->portnum, */
+ &status,
+ &socket,
+ plContext),
+ PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED);
+#else
+ PKIX_CHECK(pkix_HttpCertStore_FindSocketConnection
+ (timeout,
+ (char *)client->host,
+ client->portnum,
+ &status,
+ &socket,
+ plContext),
+ PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED);
+#endif
+
+ client->socket = socket;
+
+ PKIX_CHECK(pkix_pl_Socket_GetCallbackList
+ (socket, &callbackList, plContext),
+ PKIX_SOCKETGETCALLBACKLISTFAILED);
+
+ client->callbackList = (void *)callbackList;
+
+ PKIX_CHECK(pkix_pl_Socket_GetPRFileDesc
+ (socket, &fileDesc, plContext),
+ PKIX_SOCKETGETPRFILEDESCFAILED);
+
+ client->pollDesc.fd = fileDesc;
+ client->pollDesc.in_flags = 0;
+ client->pollDesc.out_flags = 0;
+
+ client->send_http_data = NULL;
+ client->send_http_data_len = 0;
+ client->send_http_content_type = NULL;
+
+ client->connectStatus =
+ ((status == 0) ? HTTP_CONNECTED : HTTP_CONNECT_PENDING);
+
+ /* Request object is the same object as Session object */
+ PKIX_INCREF(client);
+ *pRequest = client;
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+
+}
+
+PKIX_Error *
+pkix_pl_HttpDefaultClient_SetPostData(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_data,
+ const PRUint32 http_data_len,
+ const char *http_content_type,
+ void *plContext)
+{
+ PKIX_PL_HttpDefaultClient *client = NULL;
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_SetPostData");
+ PKIX_NULLCHECK_ONE(request);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)request,
+ PKIX_HTTPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_REQUESTNOTANHTTPDEFAULTCLIENT);
+
+ client = (PKIX_PL_HttpDefaultClient *)request;
+
+ client->send_http_data = http_data;
+ client->send_http_data_len = http_data_len;
+ client->send_http_content_type = http_content_type;
+
+ /* Caller is allowed to give NULL or empty string for content_type */
+ if ((client->send_http_content_type == NULL) ||
+ (*(client->send_http_content_type) == '\0')) {
+ client->send_http_content_type = "application/ocsp-request";
+ }
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+
+}
+
+PKIX_Error *
+pkix_pl_HttpDefaultClient_TrySendAndReceive(
+ SEC_HTTP_REQUEST_SESSION request,
+ PRUint16 *http_response_code,
+ const char **http_response_content_type,
+ const char **http_response_headers,
+ const char **http_response_data,
+ PRUint32 *http_response_data_len,
+ PRPollDesc **pPollDesc,
+ SECStatus *pSECReturn,
+ void *plContext)
+{
+ PKIX_PL_HttpDefaultClient *client = NULL;
+ PKIX_UInt32 postLen = 0;
+ PRPollDesc *pollDesc = NULL;
+ char *sendbuf = NULL;
+ char portstr[16];
+
+ PKIX_ENTER
+ (HTTPDEFAULTCLIENT,
+ "pkix_pl_HttpDefaultClient_TrySendAndReceive");
+
+ PKIX_NULLCHECK_ONE(request);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)request,
+ PKIX_HTTPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_REQUESTNOTANHTTPDEFAULTCLIENT);
+
+ client = (PKIX_PL_HttpDefaultClient *)request;
+
+ if (!pPollDesc && client->timeout == 0) {
+ PKIX_ERROR_FATAL(PKIX_NULLARGUMENT);
+ }
+
+ if (pPollDesc) {
+ pollDesc = *pPollDesc;
+ }
+
+ /* if not continuing from an earlier WOULDBLOCK return... */
+ if (pollDesc == NULL) {
+
+ if (!((client->connectStatus == HTTP_CONNECTED) ||
+ (client->connectStatus == HTTP_CONNECT_PENDING))) {
+ PKIX_ERROR(PKIX_HTTPCLIENTININVALIDSTATE);
+ }
+
+ /* Did caller provide a value for response length? */
+ if (http_response_data_len != NULL) {
+ client->pRcv_http_data_len = http_response_data_len;
+ client->maxResponseLen = *http_response_data_len;
+ }
+
+ client->rcv_http_response_code = http_response_code;
+ client->rcv_http_content_type = http_response_content_type;
+ client->rcv_http_headers = http_response_headers;
+ client->rcv_http_data = http_response_data;
+
+ /* prepare the message */
+ portstr[0] = '\0';
+ if (client->portnum != 80) {
+ PR_snprintf(portstr, sizeof(portstr), ":%d",
+ client->portnum);
+ }
+
+ if (client->send_http_method == HTTP_POST_METHOD) {
+ sendbuf = PR_smprintf
+ ("POST %s HTTP/1.0\r\nHost: %s%s\r\n"
+ "Content-Type: %s\r\nContent-Length: %u\r\n\r\n",
+ client->path,
+ client->host,
+ portstr,
+ client->send_http_content_type,
+ client->send_http_data_len);
+ postLen = PORT_Strlen(sendbuf);
+
+ client->POSTLen = postLen + client->send_http_data_len;
+
+ /* allocate postBuffer big enough for header + data */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (client->POSTLen,
+ (void **)&(client->POSTBuf),
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ /* copy header into postBuffer */
+ PORT_Memcpy(client->POSTBuf, sendbuf, postLen);
+
+ /* append data after header */
+ PORT_Memcpy(&client->POSTBuf[postLen],
+ client->send_http_data,
+ client->send_http_data_len);
+
+ /* PR_smprintf_free original header buffer */
+ PR_smprintf_free(sendbuf);
+ sendbuf = NULL;
+
+ } else if (client->send_http_method == HTTP_GET_METHOD) {
+ client->GETBuf = PR_smprintf
+ ("GET %s HTTP/1.0\r\nHost: %s%s\r\n\r\n",
+ client->path,
+ client->host,
+ portstr);
+ client->GETLen = PORT_Strlen(client->GETBuf);
+ }
+
+ }
+
+ /* continue according to state */
+ PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plContext),
+ PKIX_HTTPDEFAULTCLIENTDISPATCHFAILED);
+
+ switch (client->connectStatus) {
+ case HTTP_CONNECT_PENDING:
+ case HTTP_SEND_PENDING:
+ case HTTP_RECV_HDR_PENDING:
+ case HTTP_RECV_BODY_PENDING:
+ pollDesc = &(client->pollDesc);
+ *pSECReturn = SECWouldBlock;
+ break;
+ case HTTP_ERROR:
+ /* Did caller provide a pointer for length? */
+ if (client->pRcv_http_data_len != NULL) {
+ /* Was error "response too big?" */
+ if (client->rcv_http_data_len !=
+ HTTP_UNKNOWN_CONTENT_LENGTH &&
+ client->maxResponseLen >=
+ client->rcv_http_data_len) {
+ /* Yes, report needed space */
+ *(client->pRcv_http_data_len) =
+ client->rcv_http_data_len;
+ } else {
+ /* No, report problem other than size */
+ *(client->pRcv_http_data_len) = 0;
+ }
+ }
+
+ pollDesc = NULL;
+ *pSECReturn = SECFailure;
+ break;
+ case HTTP_COMPLETE:
+ *(client->rcv_http_response_code) =
+ client->responseCode;
+ if (client->pRcv_http_data_len != NULL) {
+ *http_response_data_len =
+ client->rcv_http_data_len;
+ }
+ if (client->rcv_http_data != NULL) {
+ *(client->rcv_http_data) = client->rcvBuf;
+ }
+ pollDesc = NULL;
+ *pSECReturn = SECSuccess;
+ break;
+ case HTTP_NOT_CONNECTED:
+ case HTTP_CONNECTED:
+ case HTTP_RECV_HDR:
+ case HTTP_RECV_BODY:
+ default:
+ pollDesc = NULL;
+ *pSECReturn = SECFailure;
+ PKIX_ERROR(PKIX_HTTPCLIENTININVALIDSTATE);
+ break;
+ }
+
+ if (pPollDesc) {
+ *pPollDesc = pollDesc;
+ }
+
+cleanup:
+ if (sendbuf) {
+ PR_smprintf_free(sendbuf);
+ }
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+
+}
+
+PKIX_Error *
+pkix_pl_HttpDefaultClient_Cancel(
+ SEC_HTTP_REQUEST_SESSION request,
+ void *plContext)
+{
+ PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Cancel");
+ PKIX_NULLCHECK_ONE(request);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)request,
+ PKIX_HTTPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_REQUESTNOTANHTTPDEFAULTCLIENT);
+
+ /* XXX Not implemented */
+
+cleanup:
+
+ PKIX_RETURN(HTTPDEFAULTCLIENT);
+
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_CreateSessionFcn(
+ const char *host,
+ PRUint16 portnum,
+ SEC_HTTP_SERVER_SESSION *pSession)
+{
+ PKIX_Error *err = pkix_pl_HttpDefaultClient_CreateSession
+ (host, portnum, pSession, plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_KeepAliveSessionFcn(
+ SEC_HTTP_SERVER_SESSION session,
+ PRPollDesc **pPollDesc)
+{
+ PKIX_Error *err = pkix_pl_HttpDefaultClient_KeepAliveSession
+ (session, pPollDesc, plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_FreeSessionFcn(
+ SEC_HTTP_SERVER_SESSION session)
+{
+ PKIX_Error *err =
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)(session), plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_RequestCreateFcn(
+ SEC_HTTP_SERVER_SESSION session,
+ const char *http_protocol_variant, /* usually "http" */
+ const char *path_and_query_string,
+ const char *http_request_method,
+ const PRIntervalTime timeout,
+ SEC_HTTP_REQUEST_SESSION *pRequest)
+{
+ PKIX_Error *err = pkix_pl_HttpDefaultClient_RequestCreate
+ (session,
+ http_protocol_variant,
+ path_and_query_string,
+ http_request_method,
+ timeout,
+ pRequest,
+ plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_SetPostDataFcn(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_data,
+ const PRUint32 http_data_len,
+ const char *http_content_type)
+{
+ PKIX_Error *err =
+ pkix_pl_HttpDefaultClient_SetPostData(request, http_data,
+ http_data_len,
+ http_content_type,
+ plContext);
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_AddHeaderFcn(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_header_name,
+ const char *http_header_value)
+{
+ /* Not supported */
+ return SECFailure;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_TrySendAndReceiveFcn(
+ SEC_HTTP_REQUEST_SESSION request,
+ PRPollDesc **pPollDesc,
+ PRUint16 *http_response_code,
+ const char **http_response_content_type,
+ const char **http_response_headers,
+ const char **http_response_data,
+ PRUint32 *http_response_data_len)
+{
+ SECStatus rv = SECFailure;
+
+ PKIX_Error *err = pkix_pl_HttpDefaultClient_TrySendAndReceive
+ (request,
+ http_response_code,
+ http_response_content_type,
+ http_response_headers,
+ http_response_data,
+ http_response_data_len,
+ pPollDesc,
+ &rv,
+ plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return rv;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_CancelFcn(
+ SEC_HTTP_REQUEST_SESSION request)
+{
+ PKIX_Error *err = pkix_pl_HttpDefaultClient_Cancel(request, plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+pkix_pl_HttpDefaultClient_FreeFcn(
+ SEC_HTTP_REQUEST_SESSION request)
+{
+ PKIX_Error *err =
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)(request), plContext);
+
+ if (err) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object *)err, plContext);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.h
new file mode 100644
index 000000000..91916a0ab
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.h
@@ -0,0 +1,139 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_httpdefaultclient.h
+ *
+ * HTTPDefaultClient Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_HTTPDEFAULTCLIENT_H
+#define _PKIX_PL_HTTPDEFAULTCLIENT_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define HTTP_DATA_BUFSIZE 4096
+#define HTTP_HEADER_BUFSIZE 1024
+#define HTTP_MIN_AVAILABLE_BUFFER_SIZE 512
+
+typedef enum {
+ HTTP_NOT_CONNECTED,
+ HTTP_CONNECT_PENDING,
+ HTTP_CONNECTED,
+ HTTP_SEND_PENDING,
+ HTTP_RECV_HDR,
+ HTTP_RECV_HDR_PENDING,
+ HTTP_RECV_BODY,
+ HTTP_RECV_BODY_PENDING,
+ HTTP_COMPLETE,
+ HTTP_ERROR
+} HttpConnectStatus;
+
+typedef enum {
+ HTTP_POST_METHOD,
+ HTTP_GET_METHOD
+} HttpMethod;
+
+struct PKIX_PL_HttpDefaultClientStruct {
+ HttpConnectStatus connectStatus;
+ PRUint16 portnum;
+ PRIntervalTime timeout;
+ PKIX_UInt32 bytesToWrite;
+ PKIX_UInt32 send_http_data_len;
+ PKIX_UInt32 rcv_http_data_len;
+ PKIX_UInt32 capacity;
+ PKIX_UInt32 filledupBytes;
+ PKIX_UInt32 responseCode;
+ PKIX_UInt32 maxResponseLen;
+ PKIX_UInt32 GETLen;
+ PKIX_UInt32 POSTLen;
+ PRUint32 *pRcv_http_data_len;
+ PRPollDesc pollDesc;
+ void *callbackList; /* cast this to (PKIX_PL_Socket_Callback *) */
+ char *GETBuf;
+ char *POSTBuf;
+ char *rcvBuf;
+ char *host;
+ char *path;
+ char *rcvContentType;
+ void *rcvHeaders;
+ HttpMethod send_http_method;
+ const char *send_http_content_type;
+ const char *send_http_data;
+ PRUint16 *rcv_http_response_code;
+ const char **rcv_http_content_type;
+ const char **rcv_http_headers;
+ const char **rcv_http_data;
+ PKIX_PL_Socket *socket;
+ void *plContext;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext);
+
+SECStatus
+pkix_pl_HttpDefaultClient_CreateSessionFcn(
+ const char *host,
+ PRUint16 portnum,
+ SEC_HTTP_SERVER_SESSION *pSession);
+
+SECStatus
+pkix_pl_HttpDefaultClient_KeepAliveSessionFcn(
+ SEC_HTTP_SERVER_SESSION session,
+ PRPollDesc **pPollDesc);
+
+SECStatus
+pkix_pl_HttpDefaultClient_FreeSessionFcn(
+ SEC_HTTP_SERVER_SESSION session);
+
+SECStatus
+pkix_pl_HttpDefaultClient_RequestCreateFcn(
+ SEC_HTTP_SERVER_SESSION session,
+ const char *http_protocol_variant, /* usually "http" */
+ const char *path_and_query_string,
+ const char *http_request_method,
+ const PRIntervalTime timeout,
+ SEC_HTTP_REQUEST_SESSION *pRequest);
+
+SECStatus
+pkix_pl_HttpDefaultClient_SetPostDataFcn(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_data,
+ const PRUint32 http_data_len,
+ const char *http_content_type);
+
+SECStatus
+pkix_pl_HttpDefaultClient_AddHeaderFcn(
+ SEC_HTTP_REQUEST_SESSION request,
+ const char *http_header_name,
+ const char *http_header_value);
+
+SECStatus
+pkix_pl_HttpDefaultClient_TrySendAndReceiveFcn(
+ SEC_HTTP_REQUEST_SESSION request,
+ PRPollDesc **pPollDesc,
+ PRUint16 *http_response_code,
+ const char **http_response_content_type,
+ const char **http_response_headers,
+ const char **http_response_data,
+ PRUint32 *http_response_data_len);
+
+SECStatus
+pkix_pl_HttpDefaultClient_CancelFcn(
+ SEC_HTTP_REQUEST_SESSION request);
+
+SECStatus
+pkix_pl_HttpDefaultClient_FreeFcn(
+ SEC_HTTP_REQUEST_SESSION request);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_HTTPDEFAULTCLIENT_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.c
new file mode 100644
index 000000000..1b5d7577e
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.c
@@ -0,0 +1,1116 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldapcertstore.c
+ *
+ * LDAPCertStore Function Definitions
+ *
+ */
+
+/* We can't decode the length of a message without at least this many bytes */
+#define MINIMUM_MSG_LENGTH 5
+
+#include "pkix_pl_ldapcertstore.h"
+
+/* --Private-Ldap-CertStore-Database-Functions----------------------- */
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_DecodeCrossCertPair
+ * DESCRIPTION:
+ *
+ * This function decodes a DER-encoded CrossCertPair pointed to by
+ * "responseList" and extracts and decodes the Certificates in that pair,
+ * adding the resulting Certs, if the decoding was successful, to the List
+ * (possibly empty) pointed to by "certList". If none of the objects
+ * can be decoded into a Cert, the List is returned unchanged.
+ *
+ * PARAMETERS:
+ * "derCCPItem"
+ * The address of the SECItem containing the DER representation of the
+ * CrossCertPair. Must be non-NULL.
+ * "certList"
+ * The address of the List to which the decoded Certs are added. May be
+ * empty, but must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_DecodeCrossCertPair(
+ SECItem *derCCPItem,
+ PKIX_List *certList,
+ void *plContext)
+{
+ LDAPCertPair certPair = {{ siBuffer, NULL, 0 }, { siBuffer, NULL, 0 }};
+ SECStatus rv = SECFailure;
+
+ PLArenaPool *tempArena = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_DecodeCrossCertPair");
+ PKIX_NULLCHECK_TWO(derCCPItem, certList);
+
+ tempArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!tempArena) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ rv = SEC_ASN1DecodeItem(tempArena, &certPair, PKIX_PL_LDAPCrossCertPairTemplate,
+ derCCPItem);
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+
+ if (certPair.forward.data != NULL) {
+
+ PKIX_CHECK(
+ pkix_pl_Cert_CreateToList(&certPair.forward, certList,
+ plContext),
+ PKIX_CERTCREATETOLISTFAILED);
+ }
+
+ if (certPair.reverse.data != NULL) {
+
+ PKIX_CHECK(
+ pkix_pl_Cert_CreateToList(&certPair.reverse, certList,
+ plContext),
+ PKIX_CERTCREATETOLISTFAILED);
+ }
+
+cleanup:
+ if (tempArena) {
+ PORT_FreeArena(tempArena, PR_FALSE);
+ }
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_BuildCertList
+ * DESCRIPTION:
+ *
+ * This function takes a List of LdapResponse objects pointed to by
+ * "responseList" and extracts and decodes the Certificates in those responses,
+ * storing the List of those Certificates at "pCerts". If none of the objects
+ * can be decoded into a Cert, the returned List is empty.
+ *
+ * PARAMETERS:
+ * "responseList"
+ * The address of the List of LdapResponses. Must be non-NULL.
+ * "pCerts"
+ * The address at which the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_BuildCertList(
+ PKIX_List *responseList,
+ PKIX_List **pCerts,
+ void *plContext)
+{
+ PKIX_UInt32 numResponses = 0;
+ PKIX_UInt32 respIx = 0;
+ LdapAttrMask attrBits = 0;
+ PKIX_PL_LdapResponse *response = NULL;
+ PKIX_List *certList = NULL;
+ LDAPMessage *message = NULL;
+ LDAPSearchResponseEntry *sre = NULL;
+ LDAPSearchResponseAttr **sreAttrArray = NULL;
+ LDAPSearchResponseAttr *sreAttr = NULL;
+ SECItem *attrType = NULL;
+ SECItem **attrVal = NULL;
+ SECItem *derCertItem = NULL;
+
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_BuildCertList");
+ PKIX_NULLCHECK_TWO(responseList, pCerts);
+
+ PKIX_CHECK(PKIX_List_Create(&certList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /* extract certs from response */
+ PKIX_CHECK(PKIX_List_GetLength
+ (responseList, &numResponses, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (respIx = 0; respIx < numResponses; respIx++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (responseList,
+ respIx,
+ (PKIX_PL_Object **)&response,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapResponse_GetMessage
+ (response, &message, plContext),
+ PKIX_LDAPRESPONSEGETMESSAGEFAILED);
+
+ sre = &(message->protocolOp.op.searchResponseEntryMsg);
+ sreAttrArray = sre->attributes;
+
+ /* Get next element of null-terminated array */
+ sreAttr = *sreAttrArray++;
+ while (sreAttr != NULL) {
+ attrType = &(sreAttr->attrType);
+ PKIX_CHECK(pkix_pl_LdapRequest_AttrTypeToBit
+ (attrType, &attrBits, plContext),
+ PKIX_LDAPREQUESTATTRTYPETOBITFAILED);
+ /* Is this attrVal a Certificate? */
+ if (((LDAPATTR_CACERT | LDAPATTR_USERCERT) &
+ attrBits) == attrBits) {
+ attrVal = sreAttr->val;
+ derCertItem = *attrVal++;
+ while (derCertItem != 0) {
+ /* create a PKIX_PL_Cert from derCert */
+ PKIX_CHECK(pkix_pl_Cert_CreateToList
+ (derCertItem, certList, plContext),
+ PKIX_CERTCREATETOLISTFAILED);
+ derCertItem = *attrVal++;
+ }
+ } else if ((LDAPATTR_CROSSPAIRCERT & attrBits) == attrBits){
+ /* Is this attrVal a CrossPairCertificate? */
+ attrVal = sreAttr->val;
+ derCertItem = *attrVal++;
+ while (derCertItem != 0) {
+ /* create PKIX_PL_Certs from derCert */
+ PKIX_CHECK(pkix_pl_LdapCertStore_DecodeCrossCertPair
+ (derCertItem, certList, plContext),
+ PKIX_LDAPCERTSTOREDECODECROSSCERTPAIRFAILED);
+ derCertItem = *attrVal++;
+ }
+ }
+ sreAttr = *sreAttrArray++;
+ }
+ PKIX_DECREF(response);
+ }
+
+ *pCerts = certList;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(certList);
+ }
+
+ PKIX_DECREF(response);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_BuildCrlList
+ * DESCRIPTION:
+ *
+ * This function takes a List of LdapResponse objects pointed to by
+ * "responseList" and extracts and decodes the CRLs in those responses, storing
+ * the List of those CRLs at "pCrls". If none of the objects can be decoded
+ * into a CRL, the returned List is empty.
+ *
+ * PARAMETERS:
+ * "responseList"
+ * The address of the List of LdapResponses. Must be non-NULL.
+ * "pCrls"
+ * The address at which the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_BuildCrlList(
+ PKIX_List *responseList,
+ PKIX_List **pCrls,
+ void *plContext)
+{
+ PKIX_UInt32 numResponses = 0;
+ PKIX_UInt32 respIx = 0;
+ LdapAttrMask attrBits = 0;
+ CERTSignedCrl *nssCrl = NULL;
+ PKIX_PL_LdapResponse *response = NULL;
+ PKIX_List *crlList = NULL;
+ PKIX_PL_CRL *crl = NULL;
+ LDAPMessage *message = NULL;
+ LDAPSearchResponseEntry *sre = NULL;
+ LDAPSearchResponseAttr **sreAttrArray = NULL;
+ LDAPSearchResponseAttr *sreAttr = NULL;
+ SECItem *attrType = NULL;
+ SECItem **attrVal = NULL;
+ SECItem *derCrlCopy = NULL;
+ SECItem *derCrlItem = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_BuildCrlList");
+ PKIX_NULLCHECK_TWO(responseList, pCrls);
+
+ PKIX_CHECK(PKIX_List_Create(&crlList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /* extract crls from response */
+ PKIX_CHECK(PKIX_List_GetLength
+ (responseList, &numResponses, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (respIx = 0; respIx < numResponses; respIx++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (responseList,
+ respIx,
+ (PKIX_PL_Object **)&response,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapResponse_GetMessage
+ (response, &message, plContext),
+ PKIX_LDAPRESPONSEGETMESSAGEFAILED);
+
+ sre = &(message->protocolOp.op.searchResponseEntryMsg);
+ sreAttrArray = sre->attributes;
+
+ /* Get next element of null-terminated array */
+ sreAttr = *sreAttrArray++;
+ while (sreAttr != NULL) {
+ attrType = &(sreAttr->attrType);
+ PKIX_CHECK(pkix_pl_LdapRequest_AttrTypeToBit
+ (attrType, &attrBits, plContext),
+ PKIX_LDAPREQUESTATTRTYPETOBITFAILED);
+ /* Is this attrVal a Revocation List? */
+ if (((LDAPATTR_CERTREVLIST | LDAPATTR_AUTHREVLIST) &
+ attrBits) == attrBits) {
+ attrVal = sreAttr->val;
+ derCrlItem = *attrVal++;
+ while (derCrlItem != 0) {
+ /* create a PKIX_PL_Crl from derCrl */
+ derCrlCopy = SECITEM_DupItem(derCrlItem);
+ if (!derCrlCopy) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ /* crl will be based on derCrlCopy, but wont
+ * own the der. */
+ nssCrl =
+ CERT_DecodeDERCrlWithFlags(NULL, derCrlCopy,
+ SEC_CRL_TYPE,
+ CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_SKIP_ENTRIES);
+ if (!nssCrl) {
+ SECITEM_FreeItem(derCrlCopy, PKIX_TRUE);
+ continue;
+ }
+ /* pkix crl own the der. */
+ PKIX_CHECK(
+ pkix_pl_CRL_CreateWithSignedCRL(nssCrl,
+ derCrlCopy, NULL, &crl, plContext),
+ PKIX_CRLCREATEWITHSIGNEDCRLFAILED);
+ /* Left control over memory pointed by derCrlCopy and
+ * nssCrl to pkix crl. */
+ derCrlCopy = NULL;
+ nssCrl = NULL;
+ PKIX_CHECK(PKIX_List_AppendItem
+ (crlList, (PKIX_PL_Object *) crl, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(crl);
+ derCrlItem = *attrVal++;
+ }
+ /* Clean up after PKIX_CHECK_ONLY_FATAL */
+ pkixTempErrorReceived = PKIX_FALSE;
+ }
+ sreAttr = *sreAttrArray++;
+ }
+ PKIX_DECREF(response);
+ }
+
+ *pCrls = crlList;
+ crlList = NULL;
+cleanup:
+ if (derCrlCopy) {
+ SECITEM_FreeItem(derCrlCopy, PKIX_TRUE);
+ }
+ if (nssCrl) {
+ SEC_DestroyCrl(nssCrl);
+ }
+ PKIX_DECREF(crl);
+ PKIX_DECREF(crlList);
+ PKIX_DECREF(response);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_DestroyAVAList
+ * DESCRIPTION:
+ *
+ * This function frees the space allocated for the components of the
+ * equalFilters that make up the andFilter pointed to by "filter".
+ *
+ * PARAMETERS:
+ * "requestParams"
+ * The address of the andFilter whose components are to be freed. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapCertStore_DestroyAVAList(
+ LDAPNameComponent **nameComponents,
+ void *plContext)
+{
+ LDAPNameComponent **currentNC = NULL;
+ unsigned char *component = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_DestroyAVAList");
+ PKIX_NULLCHECK_ONE(nameComponents);
+
+ /* Set currentNC to point to first AVA pointer */
+ currentNC = nameComponents;
+
+ while ((*currentNC) != NULL) {
+ component = (*currentNC)->attrValue;
+ if (component != NULL) {
+ PORT_Free(component);
+ }
+ currentNC++;
+ }
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_MakeNameAVAList
+ * DESCRIPTION:
+ *
+ * This function allocates space from the arena pointed to by "arena" to
+ * construct a filter that will match components of the X500Name pointed to
+ * by "name", and stores the resulting filter at "pFilter".
+ *
+ * "name" is checked for commonName and organizationName components (cn=,
+ * and o=). The component strings are extracted using the family of
+ * CERT_Get* functions, and each must be freed with PORT_Free.
+ *
+ * It is not clear which components should be in a request, so, for now,
+ * we stop adding components after we have found one.
+ *
+ * PARAMETERS:
+ * "arena"
+ * The address of the PLArenaPool used in creating the filter. Must be
+ * non-NULL.
+ * "name"
+ * The address of the X500Name whose components define the desired
+ * matches. Must be non-NULL.
+ * "pList"
+ * The address at which the result is stored.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapCertStore_MakeNameAVAList(
+ PLArenaPool *arena,
+ PKIX_PL_X500Name *subjectName,
+ LDAPNameComponent ***pList,
+ void *plContext)
+{
+ LDAPNameComponent **setOfNameComponents;
+ LDAPNameComponent *currentNameComponent = NULL;
+ PKIX_UInt32 componentsPresent = 0;
+ void *v = NULL;
+ unsigned char *component = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_MakeNameAVAList");
+ PKIX_NULLCHECK_THREE(arena, subjectName, pList);
+
+ /* Increase this if additional components may be extracted */
+#define MAX_NUM_COMPONENTS 3
+
+ /* Space for (MAX_NUM_COMPONENTS + 1) pointers to LDAPNameComponents */
+ PKIX_PL_NSSCALLRV(CERTSTORE, v, PORT_ArenaZAlloc,
+ (arena, (MAX_NUM_COMPONENTS + 1)*sizeof(LDAPNameComponent *)));
+ setOfNameComponents = (LDAPNameComponent **)v;
+
+ /* Space for MAX_NUM_COMPONENTS LDAPNameComponents */
+ PKIX_PL_NSSCALLRV(CERTSTORE, v, PORT_ArenaZNewArray,
+ (arena, LDAPNameComponent, MAX_NUM_COMPONENTS));
+
+ currentNameComponent = (LDAPNameComponent *)v;
+
+ /* Try for commonName */
+ PKIX_CHECK(pkix_pl_X500Name_GetCommonName
+ (subjectName, &component, plContext),
+ PKIX_X500NAMEGETCOMMONNAMEFAILED);
+ if (component) {
+ setOfNameComponents[componentsPresent] = currentNameComponent;
+ currentNameComponent->attrType = (unsigned char *)"cn";
+ currentNameComponent->attrValue = component;
+ componentsPresent++;
+ currentNameComponent++;
+ }
+
+ /*
+ * The LDAP specification says we can send multiple name components
+ * in an "AND" filter, but the LDAP Servers don't seem to be able to
+ * handle such requests. So we'll quit after the cn component.
+ */
+#if 0
+ /* Try for orgName */
+ PKIX_CHECK(pkix_pl_X500Name_GetOrgName
+ (subjectName, &component, plContext),
+ PKIX_X500NAMEGETORGNAMEFAILED);
+ if (component) {
+ setOfNameComponents[componentsPresent] = currentNameComponent;
+ currentNameComponent->attrType = (unsigned char *)"o";
+ currentNameComponent->attrValue = component;
+ componentsPresent++;
+ currentNameComponent++;
+ }
+
+ /* Try for countryName */
+ PKIX_CHECK(pkix_pl_X500Name_GetCountryName
+ (subjectName, &component, plContext),
+ PKIX_X500NAMEGETCOUNTRYNAMEFAILED);
+ if (component) {
+ setOfNameComponents[componentsPresent] = currentNameComponent;
+ currentNameComponent->attrType = (unsigned char *)"c";
+ currentNameComponent->attrValue = component;
+ componentsPresent++;
+ currentNameComponent++;
+ }
+#endif
+
+ setOfNameComponents[componentsPresent] = NULL;
+
+ *pList = setOfNameComponents;
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+
+}
+
+#if 0
+/*
+ * FUNCTION: pkix_pl_LdapCertstore_ConvertCertResponses
+ * DESCRIPTION:
+ *
+ * This function processes the List of LDAPResponses pointed to by "responses"
+ * into a List of resulting Certs, storing the result at "pCerts". If there
+ * are no responses converted successfully, a NULL may be stored.
+ *
+ * PARAMETERS:
+ * "responses"
+ * The LDAPResponses whose contents are to be converted. Must be non-NULL.
+ * "pCerts"
+ * Address at which the returned List is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_ConvertCertResponses(
+ PKIX_List *responses,
+ PKIX_List **pCerts,
+ void *plContext)
+{
+ PKIX_List *unfiltered = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_ConvertCertResponses");
+ PKIX_NULLCHECK_TWO(responses, pCerts);
+
+ /*
+ * We have a List of LdapResponse objects that have to be
+ * turned into Certs.
+ */
+ PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertList
+ (responses, &unfiltered, plContext),
+ PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED);
+
+ *pCerts = unfiltered;
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
+#endif
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_GetCert
+ * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_GetCert(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ PLArenaPool *requestArena = NULL;
+ LDAPRequestParams requestParams;
+ void *pollDesc = NULL;
+ PKIX_Int32 minPathLen = 0;
+ PKIX_Boolean cacheFlag = PKIX_FALSE;
+ PKIX_ComCertSelParams *params = NULL;
+ PKIX_PL_LdapCertStoreContext *lcs = NULL;
+ PKIX_List *responses = NULL;
+ PKIX_List *unfilteredCerts = NULL;
+ PKIX_List *filteredCerts = NULL;
+ PKIX_PL_X500Name *subjectName = 0;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCert");
+ PKIX_NULLCHECK_THREE(store, selector, pCertList);
+
+ requestParams.baseObject = "c=US";
+ requestParams.scope = WHOLE_SUBTREE;
+ requestParams.derefAliases = NEVER_DEREF;
+ requestParams.sizeLimit = 0;
+ requestParams.timeLimit = 0;
+
+ /* Prepare elements for request filter */
+
+ /*
+ * Get a short-lived arena. We'll be done with this space once
+ * the request is encoded.
+ */
+ requestArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!requestArena) {
+ PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (selector, &params, plContext),
+ PKIX_CERTSELECTORGETCOMCERTSELPARAMSFAILED);
+
+ /*
+ * If we have the subject name for the desired subject,
+ * ask the server for Certs with that subject.
+ */
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubject
+ (params, &subjectName, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJECTFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetBasicConstraints
+ (params, &minPathLen, plContext),
+ PKIX_COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED);
+
+ if (subjectName) {
+ PKIX_CHECK(pkix_pl_LdapCertStore_MakeNameAVAList
+ (requestArena,
+ subjectName,
+ &(requestParams.nc),
+ plContext),
+ PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED);
+
+ if (*requestParams.nc == NULL) {
+ /*
+ * The subjectName may not include any components
+ * that we know how to encode. We do not return
+ * an error, because the caller did not necessarily
+ * do anything wrong, but we return an empty List.
+ */
+ PKIX_PL_NSSCALL(CERTSTORE, PORT_FreeArena,
+ (requestArena, PR_FALSE));
+
+ PKIX_CHECK(PKIX_List_Create(&filteredCerts, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (filteredCerts, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pNBIOContext = NULL;
+ *pCertList = filteredCerts;
+ filteredCerts = NULL;
+ goto cleanup;
+ }
+ } else {
+ PKIX_ERROR(PKIX_INSUFFICIENTCRITERIAFORCERTQUERY);
+ }
+
+ /* Prepare attribute field of request */
+
+ requestParams.attributes = 0;
+
+ if (minPathLen < 0) {
+ requestParams.attributes |= LDAPATTR_USERCERT;
+ }
+
+ if (minPathLen > -2) {
+ requestParams.attributes |=
+ LDAPATTR_CACERT | LDAPATTR_CROSSPAIRCERT;
+ }
+
+ /* All request fields are done */
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&lcs, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ PKIX_CHECK(PKIX_PL_LdapClient_InitiateRequest
+ ((PKIX_PL_LdapClient *)lcs,
+ &requestParams,
+ &pollDesc,
+ &responses,
+ plContext),
+ PKIX_LDAPCLIENTINITIATEREQUESTFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapCertStore_DestroyAVAList
+ (requestParams.nc, plContext),
+ PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED);
+
+ if (requestArena) {
+ PKIX_PL_NSSCALL(CERTSTORE, PORT_FreeArena,
+ (requestArena, PR_FALSE));
+ requestArena = NULL;
+ }
+
+ if (pollDesc != NULL) {
+ /* client is waiting for non-blocking I/O to complete */
+ *pNBIOContext = (void *)pollDesc;
+ *pCertList = NULL;
+ goto cleanup;
+ }
+ /* LdapClient has given us a response! */
+
+ if (responses) {
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreCacheFlag
+ (store, &cacheFlag, plContext),
+ PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertList
+ (responses, &unfilteredCerts, plContext),
+ PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Select
+ (selector, unfilteredCerts, &filteredCerts, plContext),
+ PKIX_CERTSELECTORSELECTFAILED);
+ }
+
+ *pNBIOContext = NULL;
+ *pCertList = filteredCerts;
+ filteredCerts = NULL;
+
+cleanup:
+
+ PKIX_DECREF(params);
+ PKIX_DECREF(subjectName);
+ PKIX_DECREF(responses);
+ PKIX_DECREF(unfilteredCerts);
+ PKIX_DECREF(filteredCerts);
+ PKIX_DECREF(lcs);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_GetCertContinue
+ * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_GetCertContinue(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *verifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ PKIX_Boolean cacheFlag = PKIX_FALSE;
+ PKIX_PL_LdapCertStoreContext *lcs = NULL;
+ void *pollDesc = NULL;
+ PKIX_List *responses = NULL;
+ PKIX_List *unfilteredCerts = NULL;
+ PKIX_List *filteredCerts = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCertContinue");
+ PKIX_NULLCHECK_THREE(store, selector, pCertList);
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&lcs, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ PKIX_CHECK(PKIX_PL_LdapClient_ResumeRequest
+ ((PKIX_PL_LdapClient *)lcs, &pollDesc, &responses, plContext),
+ PKIX_LDAPCLIENTRESUMEREQUESTFAILED);
+
+ if (pollDesc != NULL) {
+ /* client is waiting for non-blocking I/O to complete */
+ *pNBIOContext = (void *)pollDesc;
+ *pCertList = NULL;
+ goto cleanup;
+ }
+ /* LdapClient has given us a response! */
+
+ if (responses) {
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreCacheFlag
+ (store, &cacheFlag, plContext),
+ PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertList
+ (responses, &unfilteredCerts, plContext),
+ PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED);
+
+ PKIX_CHECK(pkix_CertSelector_Select
+ (selector, unfilteredCerts, &filteredCerts, plContext),
+ PKIX_CERTSELECTORSELECTFAILED);
+ }
+
+ *pNBIOContext = NULL;
+ *pCertList = filteredCerts;
+
+cleanup:
+
+ PKIX_DECREF(responses);
+ PKIX_DECREF(unfilteredCerts);
+ PKIX_DECREF(lcs);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_GetCRL
+ * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_GetCRL(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ LDAPRequestParams requestParams;
+ void *pollDesc = NULL;
+ PLArenaPool *requestArena = NULL;
+ PKIX_UInt32 numNames = 0;
+ PKIX_UInt32 thisName = 0;
+ PKIX_PL_CRL *candidate = NULL;
+ PKIX_List *responses = NULL;
+ PKIX_List *issuerNames = NULL;
+ PKIX_List *filteredCRLs = NULL;
+ PKIX_List *unfilteredCRLs = NULL;
+ PKIX_PL_X500Name *issuer = NULL;
+ PKIX_PL_LdapCertStoreContext *lcs = NULL;
+ PKIX_ComCRLSelParams *params = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCRL");
+ PKIX_NULLCHECK_THREE(store, selector, pCrlList);
+
+ requestParams.baseObject = "c=US";
+ requestParams.scope = WHOLE_SUBTREE;
+ requestParams.derefAliases = NEVER_DEREF;
+ requestParams.sizeLimit = 0;
+ requestParams.timeLimit = 0;
+ requestParams.attributes = LDAPATTR_CERTREVLIST | LDAPATTR_AUTHREVLIST;
+ /* Prepare elements for request filter */
+
+ /* XXX Place CRLDP code here. Handle the case when */
+ /* RFC 5280. Paragraph: 4.2.1.13: */
+ /* If the distributionPoint field contains a directoryName, the entry */
+ /* for that directoryName contains the current CRL for the associated */
+ /* reasons and the CRL is issued by the associated cRLIssuer. The CRL */
+ /* may be stored in either the certificateRevocationList or */
+ /* authorityRevocationList attribute. The CRL is to be obtained by the */
+ /* application from whatever directory server is locally configured. */
+ /* The protocol the application uses to access the directory (e.g., DAP */
+ /* or LDAP) is a local matter. */
+
+
+
+ /*
+ * Get a short-lived arena. We'll be done with this space once
+ * the request is encoded.
+ */
+ PKIX_PL_NSSCALLRV
+ (CERTSTORE, requestArena, PORT_NewArena, (DER_DEFAULT_CHUNKSIZE));
+
+ if (!requestArena) {
+ PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CHECK(PKIX_CRLSelector_GetCommonCRLSelectorParams
+ (selector, &params, plContext),
+ PKIX_CRLSELECTORGETCOMCERTSELPARAMSFAILED);
+
+ PKIX_CHECK(PKIX_ComCRLSelParams_GetIssuerNames
+ (params, &issuerNames, plContext),
+ PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED);
+
+ /*
+ * The specification for PKIX_ComCRLSelParams_GetIssuerNames in
+ * pkix_crlsel.h says that if the criterion is not set we get a null
+ * pointer. If we get an empty List the criterion is impossible to
+ * meet ("must match at least one of the names in the List").
+ */
+ if (issuerNames) {
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (issuerNames, &numNames, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ if (numNames > 0) {
+ for (thisName = 0; thisName < numNames; thisName++) {
+ PKIX_CHECK(PKIX_List_GetItem
+ (issuerNames,
+ thisName,
+ (PKIX_PL_Object **)&issuer,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK
+ (pkix_pl_LdapCertStore_MakeNameAVAList
+ (requestArena,
+ issuer,
+ &(requestParams.nc),
+ plContext),
+ PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED);
+
+ PKIX_DECREF(issuer);
+
+ if (*requestParams.nc == NULL) {
+ /*
+ * The issuer may not include any
+ * components that we know how to
+ * encode. We do not return an error,
+ * because the caller did not
+ * necessarily do anything wrong, but
+ * we return an empty List.
+ */
+ PKIX_PL_NSSCALL
+ (CERTSTORE, PORT_FreeArena,
+ (requestArena, PR_FALSE));
+
+ PKIX_CHECK(PKIX_List_Create
+ (&filteredCRLs, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (filteredCRLs, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pNBIOContext = NULL;
+ *pCrlList = filteredCRLs;
+ goto cleanup;
+ }
+
+ /*
+ * LDAP Servers don't seem to be able to handle
+ * requests with more than more than one name.
+ */
+ break;
+ }
+ } else {
+ PKIX_ERROR(PKIX_IMPOSSIBLECRITERIONFORCRLQUERY);
+ }
+ } else {
+ PKIX_ERROR(PKIX_IMPOSSIBLECRITERIONFORCRLQUERY);
+ }
+
+ /* All request fields are done */
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&lcs, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ PKIX_CHECK(PKIX_PL_LdapClient_InitiateRequest
+ ((PKIX_PL_LdapClient *)lcs,
+ &requestParams,
+ &pollDesc,
+ &responses,
+ plContext),
+ PKIX_LDAPCLIENTINITIATEREQUESTFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapCertStore_DestroyAVAList
+ (requestParams.nc, plContext),
+ PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED);
+
+ if (requestArena) {
+ PKIX_PL_NSSCALL(CERTSTORE, PORT_FreeArena,
+ (requestArena, PR_FALSE));
+ }
+
+ if (pollDesc != NULL) {
+ /* client is waiting for non-blocking I/O to complete */
+ *pNBIOContext = (void *)pollDesc;
+ *pCrlList = NULL;
+ goto cleanup;
+ }
+ /* client has finished! */
+
+ if (responses) {
+
+ /*
+ * We have a List of LdapResponse objects that still have to be
+ * turned into Crls.
+ */
+ PKIX_CHECK(pkix_pl_LdapCertStore_BuildCrlList
+ (responses, &unfilteredCRLs, plContext),
+ PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED);
+
+ PKIX_CHECK(pkix_CRLSelector_Select
+ (selector, unfilteredCRLs, &filteredCRLs, plContext),
+ PKIX_CRLSELECTORSELECTFAILED);
+
+ }
+
+ /* Don't throw away the list if one CRL was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+
+ *pNBIOContext = NULL;
+ *pCrlList = filteredCRLs;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(filteredCRLs);
+ }
+
+ PKIX_DECREF(params);
+ PKIX_DECREF(issuerNames);
+ PKIX_DECREF(issuer);
+ PKIX_DECREF(candidate);
+ PKIX_DECREF(responses);
+ PKIX_DECREF(unfilteredCRLs);
+ PKIX_DECREF(lcs);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapCertStore_GetCRLContinue
+ * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_LdapCertStore_GetCRLContinue(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ void *nbio = NULL;
+ PKIX_PL_CRL *candidate = NULL;
+ PKIX_List *responses = NULL;
+ PKIX_PL_LdapCertStoreContext *lcs = NULL;
+ PKIX_List *filteredCRLs = NULL;
+ PKIX_List *unfilteredCRLs = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCRLContinue");
+ PKIX_NULLCHECK_FOUR(store, selector, pNBIOContext, pCrlList);
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreContext
+ (store, (PKIX_PL_Object **)&lcs, plContext),
+ PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED);
+
+ PKIX_CHECK(PKIX_PL_LdapClient_ResumeRequest
+ ((PKIX_PL_LdapClient *)lcs, &nbio, &responses, plContext),
+ PKIX_LDAPCLIENTRESUMEREQUESTFAILED);
+
+ if (nbio != NULL) {
+ /* client is waiting for non-blocking I/O to complete */
+ *pNBIOContext = (void *)nbio;
+ *pCrlList = NULL;
+ goto cleanup;
+ }
+ /* client has finished! */
+
+ if (responses) {
+
+ /*
+ * We have a List of LdapResponse objects that still have to be
+ * turned into Crls.
+ */
+ PKIX_CHECK(pkix_pl_LdapCertStore_BuildCrlList
+ (responses, &unfilteredCRLs, plContext),
+ PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED);
+
+ PKIX_CHECK(pkix_CRLSelector_Select
+ (selector, unfilteredCRLs, &filteredCRLs, plContext),
+ PKIX_CRLSELECTORSELECTFAILED);
+
+ PKIX_CHECK(PKIX_List_SetImmutable(filteredCRLs, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ }
+
+ /* Don't throw away the list if one CRL was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+
+ *pCrlList = filteredCRLs;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(filteredCRLs);
+ }
+
+ PKIX_DECREF(candidate);
+ PKIX_DECREF(responses);
+ PKIX_DECREF(unfilteredCRLs);
+ PKIX_DECREF(lcs);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/* --Public-LdapCertStore-Functions----------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_LdapCertStore_Create
+ * (see comments in pkix_samples_modules.h)
+ */
+PKIX_Error *
+PKIX_PL_LdapCertStore_Create(
+ PKIX_PL_LdapClient *client,
+ PKIX_CertStore **pCertStore,
+ void *plContext)
+{
+ PKIX_CertStore *certStore = NULL;
+
+ PKIX_ENTER(CERTSTORE, "PKIX_PL_LdapCertStore_Create");
+ PKIX_NULLCHECK_TWO(client, pCertStore);
+
+ PKIX_CHECK(PKIX_CertStore_Create
+ (pkix_pl_LdapCertStore_GetCert,
+ pkix_pl_LdapCertStore_GetCRL,
+ pkix_pl_LdapCertStore_GetCertContinue,
+ pkix_pl_LdapCertStore_GetCRLContinue,
+ NULL, /* don't support trust */
+ NULL, /* can not store crls */
+ NULL, /* can not do revocation check */
+ (PKIX_PL_Object *)client,
+ PKIX_TRUE, /* cache flag */
+ PKIX_FALSE, /* not local */
+ &certStore,
+ plContext),
+ PKIX_CERTSTORECREATEFAILED);
+
+ *pCertStore = certStore;
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.h
new file mode 100644
index 000000000..5bbe5385c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.h
@@ -0,0 +1,75 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldapcertstore.h
+ *
+ * LDAPCertstore Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_LDAPCERTSTORE_H
+#define _PKIX_PL_LDAPCERTSTORE_H
+
+#include "pkix_pl_ldapt.h"
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * At the time of this version, there are unresolved questions about the LDAP
+ * protocol. Although RFC1777 describes a BIND and UNBIND message, it is not
+ * clear whether they are appropriate to this application. We have tested only
+ * using servers that do not expect authentication, and that reject BIND
+ * messages. It is not clear what values might be appropriate for the bindname
+ * and authentication fields, which are currently implemented as char strings
+ * supplied by the caller. (If this changes, the API and possibly the templates
+ * will have to change.) Therefore the CertStore_Create API contains a BindAPI
+ * structure, a union, which will have to be revised and extended when this
+ * area of the protocol is better understood.
+ *
+ * It is further assumed that a given LdapCertStore will connect only to a
+ * single server, and that the creation of the socket will initiate the
+ * CONNECT. Therefore the LdapCertStore handles only the case of continuing
+ * the connection, if nonblocking I/O is being used.
+ */
+
+typedef enum {
+ LDAP_CONNECT_PENDING,
+ LDAP_CONNECTED,
+ LDAP_BIND_PENDING,
+ LDAP_BIND_RESPONSE,
+ LDAP_BIND_RESPONSE_PENDING,
+ LDAP_BOUND,
+ LDAP_SEND_PENDING,
+ LDAP_RECV,
+ LDAP_RECV_PENDING,
+ LDAP_RECV_INITIAL,
+ LDAP_RECV_NONINITIAL,
+ LDAP_ABANDON_PENDING
+} LDAPConnectStatus;
+
+#define LDAP_CACHEBUCKETS 128
+#define RCVBUFSIZE 512
+
+struct PKIX_PL_LdapCertStoreContext {
+ PKIX_PL_LdapClient *client;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_LdapCertStoreContext_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapCertStore_BuildCertList(
+ PKIX_List *responseList,
+ PKIX_List **pCerts,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_LDAPCERTSTORE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.c
new file mode 100644
index 000000000..3dc06be9a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.c
@@ -0,0 +1,2493 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldapdefaultclient.c
+ *
+ * LDAPDefaultClient Function Definitions
+ *
+ */
+
+/* We can't decode the length of a message without at least this many bytes */
+#define MINIMUM_MSG_LENGTH 5
+
+#include "pkix_pl_ldapdefaultclient.h"
+
+/* --Private-LdapDefaultClient-Message-Building-Functions---------------- */
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_MakeBind
+ * DESCRIPTION:
+ *
+ * This function creates and encodes a Bind message, using the arena pointed
+ * to by "arena", the version number contained in "versionData", the
+ * LDAPBindAPI pointed to by "bindAPI", and the messageID contained in
+ * "msgNum", and stores a pointer to the encoded string at "pBindMsg".
+ *
+ * See pkix_pl_ldaptemplates.c for the ASN.1 description of a Bind message.
+ *
+ * This code is not used if the DefaultClient was created with a NULL pointer
+ * supplied for the LDAPBindAPI structure. (Bind and Unbind do not seem to be
+ * expected for anonymous Search requests.)
+ *
+ * PARAMETERS:
+ * "arena"
+ * The address of the PLArenaPool used in encoding the message. Must be
+ * non-NULL.
+ * "versionData"
+ * The Int32 containing the version number to be encoded in the Bind
+ * message.
+ * "bindAPI"
+ * The address of the LDAPBindAPI to be encoded in the Bind message. Must
+ * be non-NULL.
+ * "msgNum"
+ * The Int32 containing the MessageID to be encoded in the Bind message.
+ * "pBindMsg"
+ * The address at which the encoded Bind message will be stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_MakeBind(
+ PLArenaPool *arena,
+ PKIX_Int32 versionData,
+ LDAPBindAPI *bindAPI,
+ PKIX_UInt32 msgNum,
+ SECItem **pBindMsg,
+ void *plContext)
+{
+ LDAPMessage msg;
+ char version = '\0';
+ SECItem *encoded = NULL;
+ PKIX_UInt32 len = 0;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_MakeBind");
+ PKIX_NULLCHECK_TWO(arena, pBindMsg);
+
+ PKIX_PL_NSSCALL(LDAPDEFAULTCLIENT, PORT_Memset,
+ (&msg, 0, sizeof (LDAPMessage)));
+
+ version = (char)versionData;
+
+ msg.messageID.type = siUnsignedInteger;
+ msg.messageID.data = (void*)&msgNum;
+ msg.messageID.len = sizeof (msgNum);
+
+ msg.protocolOp.selector = LDAP_BIND_TYPE;
+
+ msg.protocolOp.op.bindMsg.version.type = siUnsignedInteger;
+ msg.protocolOp.op.bindMsg.version.data = (void *)&version;
+ msg.protocolOp.op.bindMsg.version.len = sizeof (char);
+
+ /*
+ * XXX At present we only know how to handle anonymous requests (no
+ * authentication), and we are guessing how to do simple authentication.
+ * This section will need to be revised and extended when other
+ * authentication is needed.
+ */
+ if (bindAPI->selector == SIMPLE_AUTH) {
+ msg.protocolOp.op.bindMsg.bindName.type = siAsciiString;
+ msg.protocolOp.op.bindMsg.bindName.data =
+ (void *)bindAPI->chooser.simple.bindName;
+ len = PL_strlen(bindAPI->chooser.simple.bindName);
+ msg.protocolOp.op.bindMsg.bindName.len = len;
+
+ msg.protocolOp.op.bindMsg.authentication.type = siAsciiString;
+ msg.protocolOp.op.bindMsg.authentication.data =
+ (void *)bindAPI->chooser.simple.authentication;
+ len = PL_strlen(bindAPI->chooser.simple.authentication);
+ msg.protocolOp.op.bindMsg.authentication.len = len;
+ }
+
+ PKIX_PL_NSSCALLRV(LDAPDEFAULTCLIENT, encoded, SEC_ASN1EncodeItem,
+ (arena, NULL, (void *)&msg, PKIX_PL_LDAPMessageTemplate));
+ if (!encoded) {
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ *pBindMsg = encoded;
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_MakeUnbind
+ * DESCRIPTION:
+ *
+ * This function creates and encodes a Unbind message, using the arena pointed
+ * to by "arena" and the messageID contained in "msgNum", and stores a pointer
+ * to the encoded string at "pUnbindMsg".
+ *
+ * See pkix_pl_ldaptemplates.c for the ASN.1 description of an Unbind message.
+ *
+ * This code is not used if the DefaultClient was created with a NULL pointer
+ * supplied for the LDAPBindAPI structure. (Bind and Unbind do not seem to be
+ * expected for anonymous Search requests.)
+ *
+ * PARAMETERS:
+ * "arena"
+ * The address of the PLArenaPool used in encoding the message. Must be
+ * non-NULL.
+ * "msgNum"
+ * The Int32 containing the MessageID to be encoded in the Unbind message.
+ * "pUnbindMsg"
+ * The address at which the encoded Unbind message will be stored. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_MakeUnbind(
+ PLArenaPool *arena,
+ PKIX_UInt32 msgNum,
+ SECItem **pUnbindMsg,
+ void *plContext)
+{
+ LDAPMessage msg;
+ SECItem *encoded = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_MakeUnbind");
+ PKIX_NULLCHECK_TWO(arena, pUnbindMsg);
+
+ PKIX_PL_NSSCALL(LDAPDEFAULTCLIENT, PORT_Memset,
+ (&msg, 0, sizeof (LDAPMessage)));
+
+ msg.messageID.type = siUnsignedInteger;
+ msg.messageID.data = (void*)&msgNum;
+ msg.messageID.len = sizeof (msgNum);
+
+ msg.protocolOp.selector = LDAP_UNBIND_TYPE;
+
+ msg.protocolOp.op.unbindMsg.dummy.type = siBuffer;
+ msg.protocolOp.op.unbindMsg.dummy.data = NULL;
+ msg.protocolOp.op.unbindMsg.dummy.len = 0;
+
+ PKIX_PL_NSSCALLRV(LDAPDEFAULTCLIENT, encoded, SEC_ASN1EncodeItem,
+ (arena, NULL, (void *)&msg, PKIX_PL_LDAPMessageTemplate));
+ if (!encoded) {
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ *pUnbindMsg = encoded;
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_MakeAbandon
+ * DESCRIPTION:
+ *
+ * This function creates and encodes a Abandon message, using the arena pointed
+ * to by "arena" and the messageID contained in "msgNum", and stores a pointer
+ * to the encoded string at "pAbandonMsg".
+ *
+ * See pkix_pl_ldaptemplates.c for the ASN.1 description of an Abandon message.
+ *
+ * PARAMETERS:
+ * "arena"
+ * The address of the PLArenaPool used in encoding the message. Must be
+ * non-NULL.
+ * "msgNum"
+ * The Int32 containing the MessageID to be encoded in the Abandon message.
+ * "pAbandonMsg"
+ * The address at which the encoded Abandon message will be stored. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_MakeAbandon(
+ PLArenaPool *arena,
+ PKIX_UInt32 msgNum,
+ SECItem **pAbandonMsg,
+ void *plContext)
+{
+ LDAPMessage msg;
+ SECItem *encoded = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_MakeAbandon");
+ PKIX_NULLCHECK_TWO(arena, pAbandonMsg);
+
+ PKIX_PL_NSSCALL(LDAPDEFAULTCLIENT, PORT_Memset,
+ (&msg, 0, sizeof (LDAPMessage)));
+
+ msg.messageID.type = siUnsignedInteger;
+ msg.messageID.data = (void*)&msgNum;
+ msg.messageID.len = sizeof (msgNum);
+
+ msg.protocolOp.selector = LDAP_ABANDONREQUEST_TYPE;
+
+ msg.protocolOp.op.abandonRequestMsg.messageID.type = siBuffer;
+ msg.protocolOp.op.abandonRequestMsg.messageID.data = (void*)&msgNum;
+ msg.protocolOp.op.abandonRequestMsg.messageID.len = sizeof (msgNum);
+
+ PKIX_PL_NSSCALLRV(LDAPDEFAULTCLIENT, encoded, SEC_ASN1EncodeItem,
+ (arena, NULL, (void *)&msg, PKIX_PL_LDAPMessageTemplate));
+ if (!encoded) {
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ *pAbandonMsg = encoded;
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_DecodeBindResponse
+ * DESCRIPTION:
+ *
+ * This function decodes the encoded data pointed to by "src", using the arena
+ * pointed to by "arena", storing the decoded LDAPMessage at "pBindResponse"
+ * and the decoding status at "pStatus".
+ *
+ * PARAMETERS:
+ * "arena"
+ * The address of the PLArenaPool to be used in decoding the message. Must
+ * be non-NULL.
+ * "src"
+ * The address of the SECItem containing the DER- (or BER-)encoded string.
+ * Must be non-NULL.
+ * "pBindResponse"
+ * The address at which the LDAPMessage is stored, if the decoding is
+ * successful (the returned status is SECSuccess). Must be non-NULL.
+ * "pStatus"
+ * The address at which the decoding status is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_DecodeBindResponse(
+ PLArenaPool *arena,
+ SECItem *src,
+ LDAPMessage *pBindResponse,
+ SECStatus *pStatus,
+ void *plContext)
+{
+ SECStatus rv = SECFailure;
+ LDAPMessage response;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_DecodeBindResponse");
+ PKIX_NULLCHECK_FOUR(arena, src, pBindResponse, pStatus);
+
+ PKIX_PL_NSSCALL
+ (LDAPDEFAULTCLIENT,
+ PORT_Memset,
+ (&response, 0, sizeof (LDAPMessage)));
+
+ PKIX_PL_NSSCALLRV(LDAPDEFAULTCLIENT, rv, SEC_ASN1DecodeItem,
+ (arena, &response, PKIX_PL_LDAPMessageTemplate, src));
+
+ if (rv == SECSuccess) {
+ *pBindResponse = response;
+ }
+
+ *pStatus = rv;
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_VerifyBindResponse
+ * DESCRIPTION:
+ *
+ * This function verifies that the contents of the message in the rcvbuf of
+ * the LdapDefaultClient object pointed to by "client", and whose length is
+ * provided by "buflen", is a response to a successful Bind.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "buflen"
+ * The value of the number of bytes in the receive buffer.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_VerifyBindResponse(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_UInt32 bufLen,
+ void *plContext)
+{
+ SECItem decode = {siBuffer, NULL, 0};
+ SECStatus rv = SECFailure;
+ LDAPMessage msg;
+ LDAPBindResponse *ldapBindResponse = NULL;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_VerifyBindResponse");
+ PKIX_NULLCHECK_TWO(client, client->rcvBuf);
+
+ decode.data = (unsigned char *)(client->rcvBuf);
+ decode.len = bufLen;
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_DecodeBindResponse
+ (client->arena, &decode, &msg, &rv, plContext),
+ PKIX_LDAPDEFAULTCLIENTDECODEBINDRESPONSEFAILED);
+
+ if (rv == SECSuccess) {
+ ldapBindResponse = &msg.protocolOp.op.bindResponseMsg;
+ if (*(ldapBindResponse->resultCode.data) == SUCCESS) {
+ client->connectStatus = BOUND;
+ } else {
+ PKIX_ERROR(PKIX_BINDREJECTEDBYSERVER);
+ }
+ } else {
+ PKIX_ERROR(PKIX_CANTDECODEBINDRESPONSEFROMSERVER);
+ }
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_RecvCheckComplete
+ * DESCRIPTION:
+ *
+ * This function determines whether the current response in the
+ * LdapDefaultClient pointed to by "client" is complete, in the sense that all
+ * bytes required to satisfy the message length field in the encoding have been
+ * received. If so, the pointer to input data is updated to reflect the number
+ * of bytes consumed, provided by "bytesProcessed". The state machine flag
+ * pointed to by "pKeepGoing" is updated to indicate whether processing can
+ * continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "bytesProcessed"
+ * The UInt32 value of the number of bytes consumed from the current
+ * buffer.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_RecvCheckComplete(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_UInt32 bytesProcessed,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Boolean complete = PKIX_FALSE;
+ SECStatus rv = SECFailure;
+ LDAPMessageType messageType = 0;
+ LDAPResultCode resultCode = 0;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_RecvCheckComplete");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ PKIX_CHECK(pkix_pl_LdapResponse_IsComplete
+ (client->currentResponse, &complete, plContext),
+ PKIX_LDAPRESPONSEISCOMPLETEFAILED);
+
+ if (complete) {
+ PKIX_CHECK(pkix_pl_LdapResponse_Decode
+ (client->arena, client->currentResponse, &rv, plContext),
+ PKIX_LDAPRESPONSEDECODEFAILED);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_CANTDECODESEARCHRESPONSEFROMSERVER);
+ }
+
+ PKIX_CHECK(pkix_pl_LdapResponse_GetMessageType
+ (client->currentResponse, &messageType, plContext),
+ PKIX_LDAPRESPONSEGETMESSAGETYPEFAILED);
+
+ if (messageType == LDAP_SEARCHRESPONSEENTRY_TYPE) {
+
+ if (client->entriesFound == NULL) {
+ PKIX_CHECK(PKIX_List_Create
+ (&(client->entriesFound), plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (client->entriesFound,
+ (PKIX_PL_Object *)client->currentResponse,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(client->currentResponse);
+
+ /* current receive buffer empty? */
+ if (client->currentBytesAvailable == 0) {
+ client->connectStatus = RECV;
+ *pKeepGoing = PKIX_TRUE;
+ } else {
+ client->connectStatus = RECV_INITIAL;
+ client->currentInPtr = &((char *)
+ (client->currentInPtr))[bytesProcessed];
+ *pKeepGoing = PKIX_TRUE;
+ }
+
+ } else if (messageType == LDAP_SEARCHRESPONSERESULT_TYPE) {
+ PKIX_CHECK(pkix_pl_LdapResponse_GetResultCode
+ (client->currentResponse,
+ &resultCode,
+ plContext),
+ PKIX_LDAPRESPONSEGETRESULTCODEFAILED);
+
+ if ((client->entriesFound == NULL) &&
+ ((resultCode == SUCCESS) ||
+ (resultCode == NOSUCHOBJECT))) {
+ PKIX_CHECK(PKIX_List_Create
+ (&(client->entriesFound), plContext),
+ PKIX_LISTCREATEFAILED);
+ } else if (resultCode == SUCCESS) {
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (client->entriesFound, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+ PKIX_CHECK(PKIX_PL_HashTable_Add
+ (client->cachePtr,
+ (PKIX_PL_Object *)client->currentRequest,
+ (PKIX_PL_Object *)client->entriesFound,
+ plContext),
+ PKIX_HASHTABLEADDFAILED);
+ } else {
+ PKIX_ERROR(PKIX_UNEXPECTEDRESULTCODEINRESPONSE);
+ }
+
+ client->connectStatus = BOUND;
+ *pKeepGoing = PKIX_FALSE;
+ PKIX_DECREF(client->currentResponse);
+
+ } else {
+ PKIX_ERROR(PKIX_SEARCHRESPONSEPACKETOFUNKNOWNTYPE);
+ }
+ } else {
+ client->connectStatus = RECV;
+ *pKeepGoing = PKIX_TRUE;
+ }
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/* --Private-LdapDefaultClient-Object-Functions------------------------- */
+
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_InitiateRequest(
+ PKIX_PL_LdapClient *client,
+ LDAPRequestParams *requestParams,
+ void **pPollDesc,
+ PKIX_List **pResponse,
+ void *plContext);
+
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_ResumeRequest(
+ PKIX_PL_LdapClient *client,
+ void **pPollDesc,
+ PKIX_List **pResponse,
+ void *plContext);
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_CreateHelper
+ * DESCRIPTION:
+ *
+ * This function creates a new LdapDefaultClient using the Socket pointed to
+ * by "socket", the PRIntervalTime pointed to by "timeout", and the
+ * LDAPBindAPI pointed to by "bindAPI", and stores the result at "pClient".
+ *
+ * A value of zero for "timeout" means the LDAPClient will use non-blocking
+ * I/O.
+ *
+ * PARAMETERS:
+ * "socket"
+ * Address of the Socket to be used for the client. Must be non-NULL.
+ * "bindAPI"
+ * The address of the LDAPBindAPI containing the Bind information to be
+ * encoded in the Bind message.
+ * "pClient"
+ * The address at which the created LdapDefaultClient is to be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapDefaultClient_CreateHelper(
+ PKIX_PL_Socket *socket,
+ LDAPBindAPI *bindAPI,
+ PKIX_PL_LdapDefaultClient **pClient,
+ void *plContext)
+{
+ PKIX_PL_HashTable *ht;
+ PKIX_PL_LdapDefaultClient *ldapDefaultClient = NULL;
+ PKIX_PL_Socket_Callback *callbackList;
+ PRFileDesc *fileDesc = NULL;
+ PLArenaPool *arena = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_CreateHelper");
+ PKIX_NULLCHECK_TWO(socket, pClient);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_LDAPDEFAULTCLIENT_TYPE,
+ sizeof (PKIX_PL_LdapDefaultClient),
+ (PKIX_PL_Object **)&ldapDefaultClient,
+ plContext),
+ PKIX_COULDNOTCREATELDAPDEFAULTCLIENTOBJECT);
+
+ ldapDefaultClient->vtable.initiateFcn =
+ pkix_pl_LdapDefaultClient_InitiateRequest;
+ ldapDefaultClient->vtable.resumeFcn =
+ pkix_pl_LdapDefaultClient_ResumeRequest;
+
+ PKIX_CHECK(pkix_pl_Socket_GetPRFileDesc
+ (socket, &fileDesc, plContext),
+ PKIX_SOCKETGETPRFILEDESCFAILED);
+
+ ldapDefaultClient->pollDesc.fd = fileDesc;
+ ldapDefaultClient->pollDesc.in_flags = 0;
+ ldapDefaultClient->pollDesc.out_flags = 0;
+
+ ldapDefaultClient->bindAPI = bindAPI;
+
+ PKIX_CHECK(PKIX_PL_HashTable_Create
+ (LDAP_CACHEBUCKETS, 0, &ht, plContext),
+ PKIX_HASHTABLECREATEFAILED);
+
+ ldapDefaultClient->cachePtr = ht;
+
+ PKIX_CHECK(pkix_pl_Socket_GetCallbackList
+ (socket, &callbackList, plContext),
+ PKIX_SOCKETGETCALLBACKLISTFAILED);
+
+ ldapDefaultClient->callbackList = callbackList;
+
+ PKIX_INCREF(socket);
+ ldapDefaultClient->clientSocket = socket;
+
+ ldapDefaultClient->messageID = 0;
+
+ ldapDefaultClient->bindAPI = bindAPI;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY);
+ }
+ ldapDefaultClient->arena = arena;
+
+ ldapDefaultClient->sendBuf = NULL;
+ ldapDefaultClient->bytesToWrite = 0;
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (RCVBUFSIZE, &ldapDefaultClient->rcvBuf, plContext),
+ PKIX_MALLOCFAILED);
+ ldapDefaultClient->capacity = RCVBUFSIZE;
+
+ ldapDefaultClient->bindMsg = NULL;
+ ldapDefaultClient->bindMsgLen = 0;
+
+ ldapDefaultClient->entriesFound = NULL;
+ ldapDefaultClient->currentRequest = NULL;
+ ldapDefaultClient->currentResponse = NULL;
+
+ *pClient = ldapDefaultClient;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(ldapDefaultClient);
+ }
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_LdapDefaultClient_Create
+ * DESCRIPTION:
+ *
+ * This function creates a new LdapDefaultClient using the PRNetAddr pointed to
+ * by "sockaddr", the PRIntervalTime pointed to by "timeout", and the
+ * LDAPBindAPI pointed to by "bindAPI", and stores the result at "pClient".
+ *
+ * A value of zero for "timeout" means the LDAPClient will use non-blocking
+ * I/O.
+ *
+ * PARAMETERS:
+ * "sockaddr"
+ * Address of the PRNetAddr to be used for the socket connection. Must be
+ * non-NULL.
+ * "timeout"
+ * The PRIntervalTime to be used in I/O requests for this client.
+ * "bindAPI"
+ * The address of the LDAPBindAPI containing the Bind information to be
+ * encoded in the Bind message.
+ * "pClient"
+ * The address at which the created LdapDefaultClient is to be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_LdapDefaultClient_Create(
+ PRNetAddr *sockaddr,
+ PRIntervalTime timeout,
+ LDAPBindAPI *bindAPI,
+ PKIX_PL_LdapDefaultClient **pClient,
+ void *plContext)
+{
+ PRErrorCode status = 0;
+ PKIX_PL_Socket *socket = NULL;
+ PKIX_PL_LdapDefaultClient *client = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "PKIX_PL_LdapDefaultClient_Create");
+ PKIX_NULLCHECK_TWO(sockaddr, pClient);
+
+ PKIX_CHECK(pkix_pl_Socket_Create
+ (PKIX_FALSE, timeout, sockaddr, &status, &socket, plContext),
+ PKIX_SOCKETCREATEFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_CreateHelper
+ (socket, bindAPI, &client, plContext),
+ PKIX_LDAPDEFAULTCLIENTCREATEHELPERFAILED);
+
+ /* Did Socket_Create say the connection was made? */
+ if (status == 0) {
+ if (client->bindAPI != NULL) {
+ client->connectStatus = CONNECTED;
+ } else {
+ client->connectStatus = BOUND;
+ }
+ } else {
+ client->connectStatus = CONNECT_PENDING;
+ }
+
+ *pClient = client;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(client);
+ }
+
+ PKIX_DECREF(socket);
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_LdapDefaultClient_CreateByName
+ * DESCRIPTION:
+ *
+ * This function creates a new LdapDefaultClient using the hostname pointed to
+ * by "hostname", the PRIntervalTime pointed to by "timeout", and the
+ * LDAPBindAPI pointed to by "bindAPI", and stores the result at "pClient".
+ *
+ * A value of zero for "timeout" means the LDAPClient will use non-blocking
+ * I/O.
+ *
+ * PARAMETERS:
+ * "hostname"
+ * Address of the hostname to be used for the socket connection. Must be
+ * non-NULL.
+ * "timeout"
+ * The PRIntervalTime to be used in I/O requests for this client.
+ * "bindAPI"
+ * The address of the LDAPBindAPI containing the Bind information to be
+ * encoded in the Bind message.
+ * "pClient"
+ * The address at which the created LdapDefaultClient is to be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_LdapDefaultClient_CreateByName(
+ char *hostname,
+ PRIntervalTime timeout,
+ LDAPBindAPI *bindAPI,
+ PKIX_PL_LdapDefaultClient **pClient,
+ void *plContext)
+{
+ PRErrorCode status = 0;
+ PKIX_PL_Socket *socket = NULL;
+ PKIX_PL_LdapDefaultClient *client = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "PKIX_PL_LdapDefaultClient_CreateByName");
+ PKIX_NULLCHECK_TWO(hostname, pClient);
+
+ PKIX_CHECK(pkix_pl_Socket_CreateByName
+ (PKIX_FALSE, timeout, hostname, &status, &socket, plContext),
+ PKIX_SOCKETCREATEBYNAMEFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_CreateHelper
+ (socket, bindAPI, &client, plContext),
+ PKIX_LDAPDEFAULTCLIENTCREATEHELPERFAILED);
+
+ /* Did Socket_Create say the connection was made? */
+ if (status == 0) {
+ if (client->bindAPI != NULL) {
+ client->connectStatus = CONNECTED;
+ } else {
+ client->connectStatus = BOUND;
+ }
+ } else {
+ client->connectStatus = CONNECT_PENDING;
+ }
+
+ *pClient = client;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(client);
+ }
+
+ PKIX_DECREF(socket);
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_LdapDefaultClient *client = NULL;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+ SECItem *encoded = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_LDAPDEFAULTCLIENT_TYPE, plContext),
+ PKIX_OBJECTNOTANLDAPDEFAULTCLIENT);
+
+ client = (PKIX_PL_LdapDefaultClient *)object;
+
+ switch (client->connectStatus) {
+ case CONNECT_PENDING:
+ break;
+ case CONNECTED:
+ case BIND_PENDING:
+ case BIND_RESPONSE:
+ case BIND_RESPONSE_PENDING:
+ case BOUND:
+ case SEND_PENDING:
+ case RECV:
+ case RECV_PENDING:
+ case RECV_INITIAL:
+ case RECV_NONINITIAL:
+ case ABANDON_PENDING:
+ if (client->bindAPI != NULL) {
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_MakeUnbind
+ (client->arena,
+ ++(client->messageID),
+ &encoded,
+ plContext),
+ PKIX_LDAPDEFAULTCLIENTMAKEUNBINDFAILED);
+
+ callbackList =
+ (PKIX_PL_Socket_Callback *)(client->callbackList);
+ PKIX_CHECK(callbackList->sendCallback
+ (client->clientSocket,
+ encoded->data,
+ encoded->len,
+ &bytesWritten,
+ plContext),
+ PKIX_SOCKETSENDFAILED);
+ }
+ break;
+ default:
+ PKIX_ERROR(PKIX_LDAPDEFAULTCLIENTINILLEGALSTATE);
+ }
+
+ PKIX_DECREF(client->cachePtr);
+ PKIX_DECREF(client->clientSocket);
+ PKIX_DECREF(client->entriesFound);
+ PKIX_DECREF(client->currentRequest);
+ PKIX_DECREF(client->currentResponse);
+
+ PKIX_CHECK(PKIX_PL_Free
+ (client->rcvBuf, plContext), PKIX_FREEFAILED);
+
+ PKIX_PL_NSSCALL
+ (LDAPDEFAULTCLIENT,
+ PORT_FreeArena,
+ (client->arena, PR_FALSE));
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_LdapDefaultClient *ldapDefaultClient = NULL;
+ PKIX_UInt32 tempHash = 0;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_LDAPDEFAULTCLIENT_TYPE, plContext),
+ PKIX_OBJECTNOTANLDAPDEFAULTCLIENT);
+
+ ldapDefaultClient = (PKIX_PL_LdapDefaultClient *)object;
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)ldapDefaultClient->clientSocket,
+ &tempHash,
+ plContext),
+ PKIX_SOCKETHASHCODEFAILED);
+
+ if (ldapDefaultClient->bindAPI != NULL) {
+ tempHash = (tempHash << 7) +
+ ldapDefaultClient->bindAPI->selector;
+ }
+
+ *pHashcode = tempHash;
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_LdapDefaultClient *firstClientContext = NULL;
+ PKIX_PL_LdapDefaultClient *secondClientContext = NULL;
+ PKIX_Int32 compare = 0;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ *pResult = PKIX_FALSE;
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject,
+ secondObject,
+ PKIX_LDAPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_OBJECTNOTANLDAPDEFAULTCLIENT);
+
+ firstClientContext = (PKIX_PL_LdapDefaultClient *)firstObject;
+ secondClientContext = (PKIX_PL_LdapDefaultClient *)secondObject;
+
+ if (firstClientContext == secondClientContext) {
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstClientContext->clientSocket,
+ (PKIX_PL_Object *)secondClientContext->clientSocket,
+ &compare,
+ plContext),
+ PKIX_SOCKETEQUALSFAILED);
+
+ if (!compare) {
+ goto cleanup;
+ }
+
+ if (PKIX_EXACTLY_ONE_NULL
+ (firstClientContext->bindAPI, secondClientContext->bindAPI)) {
+ goto cleanup;
+ }
+
+ if (firstClientContext->bindAPI) {
+ if (firstClientContext->bindAPI->selector !=
+ secondClientContext->bindAPI->selector) {
+ goto cleanup;
+ }
+ }
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_PL_LDAPDEFAULTCLIENT_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_LdapDefaultClient_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_RegisterSelf");
+
+ entry.description = "LdapDefaultClient";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_LdapDefaultClient);
+ entry.destructor = pkix_pl_LdapDefaultClient_Destroy;
+ entry.equalsFunction = pkix_pl_LdapDefaultClient_Equals;
+ entry.hashcodeFunction = pkix_pl_LdapDefaultClient_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_LDAPDEFAULTCLIENT_TYPE] = entry;
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_GetPollDesc
+ * DESCRIPTION:
+ *
+ * This function retrieves the PRPollDesc from the LdapDefaultClient
+ * pointed to by "context" and stores the address at "pPollDesc".
+ *
+ * PARAMETERS:
+ * "context"
+ * The LdapDefaultClient whose PRPollDesc is desired. Must be non-NULL.
+ * "pPollDesc"
+ * Address where PRPollDesc will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapDefaultClient_GetPollDesc(
+ PKIX_PL_LdapDefaultClient *context,
+ PRPollDesc **pPollDesc,
+ void *plContext)
+{
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_GetPollDesc");
+ PKIX_NULLCHECK_TWO(context, pPollDesc);
+
+ *pPollDesc = &(context->pollDesc);
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/* --Private-Ldap-CertStore-I/O-Functions---------------------------- */
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_ConnectContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether a socket Connect initiated earlier for the
+ * CertStore embodied in the LdapDefaultClient "client" has completed, and
+ * stores in "pKeepGoing" a flag indicating whether processing can continue
+ * without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_ConnectContinue(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_PL_Socket_Callback *callbackList;
+ PRErrorCode status;
+ PKIX_Boolean keepGoing = PKIX_FALSE;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_ConnectContinue");
+ PKIX_NULLCHECK_ONE(client);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->connectcontinueCallback
+ (client->clientSocket, &status, plContext),
+ PKIX_SOCKETCONNECTCONTINUEFAILED);
+
+ if (status == 0) {
+ if (client->bindAPI != NULL) {
+ client->connectStatus = CONNECTED;
+ } else {
+ client->connectStatus = BOUND;
+ }
+ keepGoing = PKIX_FALSE;
+ } else if (status != PR_IN_PROGRESS_ERROR) {
+ PKIX_ERROR(PKIX_UNEXPECTEDERRORINESTABLISHINGCONNECTION);
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ *pKeepGoing = keepGoing;
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Bind
+ * DESCRIPTION:
+ *
+ * This function creates and sends the LDAP-protocol Bind message for the
+ * CertStore embodied in the LdapDefaultClient "client", and stores in
+ * "pKeepGoing" a flag indicating whether processing can continue without
+ * further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Bind(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ SECItem *encoded = NULL;
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_Bind");
+ PKIX_NULLCHECK_ONE(client);
+
+ /* if we have not yet constructed the BIND message, build it now */
+ if (!(client->bindMsg)) {
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_MakeBind
+ (client->arena,
+ 3,
+ client->bindAPI,
+ client->messageID,
+ &encoded,
+ plContext),
+ PKIX_LDAPDEFAULTCLIENTMAKEBINDFAILED);
+ client->bindMsg = encoded->data;
+ client->bindMsgLen = encoded->len;
+ }
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->sendCallback
+ (client->clientSocket,
+ client->bindMsg,
+ client->bindMsgLen,
+ &bytesWritten,
+ plContext),
+ PKIX_SOCKETSENDFAILED);
+
+ client->lastIO = PR_Now();
+
+ if (bytesWritten < 0) {
+ client->connectStatus = BIND_PENDING;
+ *pKeepGoing = PKIX_FALSE;
+ } else {
+ client->connectStatus = BIND_RESPONSE;
+ *pKeepGoing = PKIX_TRUE;
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_BindContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the LDAP-protocol Bind message for the
+ * CertStore embodied in the LdapDefaultClient "client" has completed, and
+ * stores in "pKeepGoing" a flag indicating whether processing can continue
+ * without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *pkix_pl_LdapDefaultClient_BindContinue(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_BindContinue");
+ PKIX_NULLCHECK_ONE(client);
+
+ *pKeepGoing = PKIX_FALSE;
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->clientSocket, &bytesWritten, NULL, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ /*
+ * If the send completed we can proceed to try for the
+ * response. If the send did not complete we will have
+ * continue to poll.
+ */
+ if (bytesWritten >= 0) {
+
+ client->connectStatus = BIND_RESPONSE;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ *pKeepGoing = PKIX_TRUE;
+ }
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_BindResponse
+ * DESCRIPTION:
+ *
+ * This function attempts to read the LDAP-protocol BindResponse message for
+ * the CertStore embodied in the LdapDefaultClient "client", and stores in
+ * "pKeepGoing" a flag indicating whether processing can continue without
+ * further input.
+ *
+ * If a BindResponse is received with a Result code of 0 (success), we
+ * continue with the connection. If a non-zero Result code is received,
+ * we throw an Error. Some more sophisticated handling of that condition
+ * might be in order in the future.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_BindResponse(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_BindResponse");
+ PKIX_NULLCHECK_TWO(client, client->rcvBuf);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->recvCallback
+ (client->clientSocket,
+ client->rcvBuf,
+ client->capacity,
+ &bytesRead,
+ plContext),
+ PKIX_SOCKETRECVFAILED);
+
+ client->lastIO = PR_Now();
+
+ if (bytesRead > 0) {
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_VerifyBindResponse
+ (client, bytesRead, plContext),
+ PKIX_LDAPDEFAULTCLIENTVERIFYBINDRESPONSEFAILED);
+ /*
+ * XXX What should we do if failure? At present if
+ * VerifyBindResponse throws an Error, we do too.
+ */
+ client->connectStatus = BOUND;
+ } else {
+ client->connectStatus = BIND_RESPONSE_PENDING;
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ *pKeepGoing = PKIX_TRUE;
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_BindResponseContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the LDAP-protocol BindResponse message for
+ * the CertStore embodied in the LdapDefaultClient "client" has completed, and
+ * stores in "pKeepGoing" a flag indicating whether processing can continue
+ * without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_BindResponseContinue(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_BindResponseContinue");
+ PKIX_NULLCHECK_ONE(client);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->clientSocket, NULL, &bytesRead, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ if (bytesRead > 0) {
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_VerifyBindResponse
+ (client, bytesRead, plContext),
+ PKIX_LDAPDEFAULTCLIENTVERIFYBINDRESPONSEFAILED);
+ client->connectStatus = BOUND;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ *pKeepGoing = PKIX_TRUE;
+ } else {
+ *pKeepGoing = PKIX_FALSE;
+ }
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Send
+ * DESCRIPTION:
+ *
+ * This function creates and sends an LDAP-protocol message for the
+ * CertStore embodied in the LdapDefaultClient "client", and stores in
+ * "pKeepGoing" a flag indicating whether processing can continue without
+ * further input, and at "pBytesTransferred" the number of bytes sent.
+ *
+ * If "pBytesTransferred" is zero, it indicates that non-blocking I/O is in use
+ * and that transmission has not completed.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "pBytesTransferred"
+ * The address at which the number of bytes sent is stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Send(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ PKIX_UInt32 *pBytesTransferred,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_Send");
+ PKIX_NULLCHECK_THREE(client, pKeepGoing, pBytesTransferred);
+
+ *pKeepGoing = PKIX_FALSE;
+
+ /* Do we have anything waiting to go? */
+ if (client->sendBuf) {
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->sendCallback
+ (client->clientSocket,
+ client->sendBuf,
+ client->bytesToWrite,
+ &bytesWritten,
+ plContext),
+ PKIX_SOCKETSENDFAILED);
+
+ client->lastIO = PR_Now();
+
+ /*
+ * If the send completed we can proceed to try for the
+ * response. If the send did not complete we will have
+ * to poll for completion later.
+ */
+ if (bytesWritten >= 0) {
+ client->sendBuf = NULL;
+ client->connectStatus = RECV;
+ *pKeepGoing = PKIX_TRUE;
+
+ } else {
+ *pKeepGoing = PKIX_FALSE;
+ client->connectStatus = SEND_PENDING;
+ }
+
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ *pBytesTransferred = bytesWritten;
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_SendContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the sending of the LDAP-protocol message
+ * for the CertStore embodied in the LdapDefaultClient "client" has completed,
+ * and stores in "pKeepGoing" a flag indicating whether processing can continue
+ * without further input, and at "pBytesTransferred" the number of bytes sent.
+ *
+ * If "pBytesTransferred" is zero, it indicates that non-blocking I/O is in use
+ * and that transmission has not completed.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "pBytesTransferred"
+ * The address at which the number of bytes sent is stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_SendContinue(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ PKIX_UInt32 *pBytesTransferred,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_SendContinue");
+ PKIX_NULLCHECK_THREE(client, pKeepGoing, pBytesTransferred);
+
+ *pKeepGoing = PKIX_FALSE;
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->clientSocket, &bytesWritten, NULL, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ /*
+ * If the send completed we can proceed to try for the
+ * response. If the send did not complete we will have
+ * continue to poll.
+ */
+ if (bytesWritten >= 0) {
+ client->sendBuf = NULL;
+ client->connectStatus = RECV;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+ *pKeepGoing = PKIX_TRUE;
+ }
+
+ *pBytesTransferred = bytesWritten;
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Recv
+ * DESCRIPTION:
+ *
+ * This function receives an LDAP-protocol message for the CertStore embodied
+ * in the LdapDefaultClient "client", and stores in "pKeepGoing" a flag
+ * indicating whether processing can continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Recv(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesRead = 0;
+ PKIX_UInt32 bytesToRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_Recv");
+ PKIX_NULLCHECK_THREE(client, pKeepGoing, client->rcvBuf);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ /*
+ * If we attempt to fill our buffer with every read, we increase
+ * the risk of an ugly situation: one or two bytes of a new message
+ * left over at the end of processing one message. With such a
+ * fragment, we can't decode a byte count and so won't know how much
+ * space to allocate for the next LdapResponse. We try to avoid that
+ * case by reading just enough to complete the current message, unless
+ * there will be at least MINIMUM_MSG_LENGTH bytes left over.
+ */
+ if (client->currentResponse) {
+ PKIX_CHECK(pkix_pl_LdapResponse_GetCapacity
+ (client->currentResponse, &bytesToRead, plContext),
+ PKIX_LDAPRESPONSEGETCAPACITYFAILED);
+ if ((bytesToRead > client->capacity) ||
+ ((bytesToRead + MINIMUM_MSG_LENGTH) < client->capacity)) {
+ bytesToRead = client->capacity;
+ }
+ } else {
+ bytesToRead = client->capacity;
+ }
+
+ client->currentBytesAvailable = 0;
+
+ PKIX_CHECK(callbackList->recvCallback
+ (client->clientSocket,
+ (void *)client->rcvBuf,
+ bytesToRead,
+ &bytesRead,
+ plContext),
+ PKIX_SOCKETRECVFAILED);
+
+ client->currentInPtr = client->rcvBuf;
+ client->lastIO = PR_Now();
+
+ if (bytesRead > 0) {
+ client->currentBytesAvailable = bytesRead;
+ client->connectStatus = RECV_INITIAL;
+ *pKeepGoing = PKIX_TRUE;
+ } else {
+ client->connectStatus = RECV_PENDING;
+ *pKeepGoing = PKIX_FALSE;
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_RecvContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the receiving of the LDAP-protocol message
+ * for the CertStore embodied in the LdapDefaultClient "client" has completed,
+ * and stores in "pKeepGoing" a flag indicating whether processing can continue
+ * without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_RecvContinue(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_RecvContinue");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->clientSocket, NULL, &bytesRead, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ if (bytesRead > 0) {
+ client->currentBytesAvailable += bytesRead;
+ client->connectStatus = RECV_INITIAL;
+ *pKeepGoing = PKIX_TRUE;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ } else {
+ *pKeepGoing = PKIX_FALSE;
+ }
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_AbandonContinue
+ * DESCRIPTION:
+ *
+ * This function determines whether the abandon-message request of the
+ * LDAP-protocol message for the CertStore embodied in the LdapDefaultClient
+ * "client" has completed, and stores in "pKeepGoing" a flag indicating whether
+ * processing can continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_AbandonContinue(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_AbandonContinue");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+
+ PKIX_CHECK(callbackList->pollCallback
+ (client->clientSocket, &bytesWritten, NULL, plContext),
+ PKIX_SOCKETPOLLFAILED);
+
+ if (bytesWritten > 0) {
+ client->connectStatus = BOUND;
+ *pKeepGoing = PKIX_TRUE;
+
+ PKIX_CHECK(PKIX_PL_Object_InvalidateCache
+ ((PKIX_PL_Object *)client, plContext),
+ PKIX_OBJECTINVALIDATECACHEFAILED);
+ } else {
+ *pKeepGoing = PKIX_FALSE;
+ }
+
+cleanup:
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_RecvInitial
+ * DESCRIPTION:
+ *
+ * This function processes the contents of the first buffer of a received
+ * LDAP-protocol message for the CertStore embodied in the LdapDefaultClient
+ * "client", and stores in "pKeepGoing" a flag indicating whether processing can
+ * continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_RecvInitial(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+ unsigned char *msgBuf = NULL;
+ unsigned char *to = NULL;
+ unsigned char *from = NULL;
+ PKIX_UInt32 dataIndex = 0;
+ PKIX_UInt32 messageIdLen = 0;
+ PKIX_UInt32 messageLength = 0;
+ PKIX_UInt32 sizeofLength = 0;
+ PKIX_UInt32 bytesProcessed = 0;
+ unsigned char messageChar = 0;
+ LDAPMessageType messageType = 0;
+ PKIX_Int32 bytesRead = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_RecvInitial");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ /*
+ * Is there an LDAPResponse in progress? I.e., have we
+ * already processed the tag and length at the beginning of
+ * the message?
+ */
+ if (client->currentResponse) {
+ client->connectStatus = RECV_NONINITIAL;
+ *pKeepGoing = PKIX_TRUE;
+ goto cleanup;
+ }
+ msgBuf = client->currentInPtr;
+
+ /* Do we have enough of the message to decode the message length? */
+ if (client->currentBytesAvailable < MINIMUM_MSG_LENGTH) {
+ /*
+ * No! Move these few bytes to the beginning of rcvBuf
+ * and hang another read.
+ */
+
+ to = (unsigned char *)client->rcvBuf;
+ from = client->currentInPtr;
+ for (dataIndex = 0;
+ dataIndex < client->currentBytesAvailable;
+ dataIndex++) {
+ *to++ = *from++;
+ }
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+ PKIX_CHECK(callbackList->recvCallback
+ (client->clientSocket,
+ (void *)to,
+ client->capacity - client->currentBytesAvailable,
+ &bytesRead,
+ plContext),
+ PKIX_SOCKETRECVFAILED);
+
+ client->currentInPtr = client->rcvBuf;
+ client->lastIO = PR_Now();
+
+ if (bytesRead <= 0) {
+ client->connectStatus = RECV_PENDING;
+ *pKeepGoing = PKIX_FALSE;
+ goto cleanup;
+ } else {
+ client->currentBytesAvailable += bytesRead;
+ }
+ }
+
+ /*
+ * We have to determine whether the response is an entry, with
+ * application-specific tag LDAP_SEARCHRESPONSEENTRY_TYPE, or a
+ * resultCode, with application tag LDAP_SEARCHRESPONSERESULT_TYPE.
+ * First, we have to figure out where to look for the tag.
+ */
+
+ /* Is the message length short form (one octet) or long form? */
+ if ((msgBuf[1] & 0x80) != 0) {
+ sizeofLength = msgBuf[1] & 0x7F;
+ for (dataIndex = 0; dataIndex < sizeofLength; dataIndex++) {
+ messageLength =
+ (messageLength << 8) + msgBuf[dataIndex + 2];
+ }
+ } else {
+ messageLength = msgBuf[1];
+ }
+
+ /* How many bytes did the messageID require? */
+ messageIdLen = msgBuf[dataIndex + 3];
+
+ messageChar = msgBuf[dataIndex + messageIdLen + 4];
+
+ /* Are we looking at an Entry message or a ResultCode message? */
+ if ((SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION |
+ LDAP_SEARCHRESPONSEENTRY_TYPE) == messageChar) {
+
+ messageType = LDAP_SEARCHRESPONSEENTRY_TYPE;
+
+ } else if ((SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION |
+ LDAP_SEARCHRESPONSERESULT_TYPE) == messageChar) {
+
+ messageType = LDAP_SEARCHRESPONSERESULT_TYPE;
+
+ } else {
+
+ PKIX_ERROR(PKIX_SEARCHRESPONSEPACKETOFUNKNOWNTYPE);
+
+ }
+
+ /*
+ * messageLength is the length from (tag, length, value).
+ * We have to allocate space for the tag and length bits too.
+ */
+ PKIX_CHECK(pkix_pl_LdapResponse_Create
+ (messageType,
+ messageLength + dataIndex + 2,
+ client->currentBytesAvailable,
+ msgBuf,
+ &bytesProcessed,
+ &(client->currentResponse),
+ plContext),
+ PKIX_LDAPRESPONSECREATEFAILED);
+
+ client->currentBytesAvailable -= bytesProcessed;
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_RecvCheckComplete
+ (client, bytesProcessed, pKeepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTRECVCHECKCOMPLETEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_RecvNonInitial
+ * DESCRIPTION:
+ *
+ * This function processes the contents of buffers, after the first, of a
+ * received LDAP-protocol message for the CertStore embodied in the
+ * LdapDefaultClient "client", and stores in "pKeepGoing" a flag indicating
+ * whether processing can continue without further input.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pKeepGoing"
+ * The address at which the Boolean state machine flag is stored to
+ * indicate whether processing can continue without further input.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_RecvNonInitial(
+ PKIX_PL_LdapDefaultClient *client,
+ PKIX_Boolean *pKeepGoing,
+ void *plContext)
+{
+
+ PKIX_UInt32 bytesProcessed = 0;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_RecvNonInitial");
+ PKIX_NULLCHECK_TWO(client, pKeepGoing);
+
+ PKIX_CHECK(pkix_pl_LdapResponse_Append
+ (client->currentResponse,
+ client->currentBytesAvailable,
+ client->currentInPtr,
+ &bytesProcessed,
+ plContext),
+ PKIX_LDAPRESPONSEAPPENDFAILED);
+
+ client->currentBytesAvailable -= bytesProcessed;
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_RecvCheckComplete
+ (client, bytesProcessed, pKeepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTRECVCHECKCOMPLETEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_Dispatch
+ * DESCRIPTION:
+ *
+ * This function is the state machine dispatcher for the CertStore embodied in
+ * the LdapDefaultClient pointed to by "client". Results are returned by
+ * changes to various fields in the context.
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_Dispatch(
+ PKIX_PL_LdapDefaultClient *client,
+ void *plContext)
+{
+ PKIX_UInt32 bytesTransferred = 0;
+ PKIX_Boolean keepGoing = PKIX_TRUE;
+
+ PKIX_ENTER(LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_Dispatch");
+ PKIX_NULLCHECK_ONE(client);
+
+ while (keepGoing) {
+ switch (client->connectStatus) {
+ case CONNECT_PENDING:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_ConnectContinue
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTCONNECTCONTINUEFAILED);
+ break;
+ case CONNECTED:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_Bind
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTBINDFAILED);
+ break;
+ case BIND_PENDING:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_BindContinue
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTBINDCONTINUEFAILED);
+ break;
+ case BIND_RESPONSE:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_BindResponse
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTBINDRESPONSEFAILED);
+ break;
+ case BIND_RESPONSE_PENDING:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_BindResponseContinue
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTBINDRESPONSECONTINUEFAILED);
+ break;
+ case BOUND:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_Send
+ (client, &keepGoing, &bytesTransferred, plContext),
+ PKIX_LDAPDEFAULTCLIENTSENDFAILED);
+ break;
+ case SEND_PENDING:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_SendContinue
+ (client, &keepGoing, &bytesTransferred, plContext),
+ PKIX_LDAPDEFAULTCLIENTSENDCONTINUEFAILED);
+ break;
+ case RECV:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_Recv
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTRECVFAILED);
+ break;
+ case RECV_PENDING:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_RecvContinue
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTRECVCONTINUEFAILED);
+ break;
+ case RECV_INITIAL:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_RecvInitial
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTRECVINITIALFAILED);
+ break;
+ case RECV_NONINITIAL:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_RecvNonInitial
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTRECVNONINITIALFAILED);
+ break;
+ case ABANDON_PENDING:
+ PKIX_CHECK
+ (pkix_pl_LdapDefaultClient_AbandonContinue
+ (client, &keepGoing, plContext),
+ PKIX_LDAPDEFAULTCLIENTABANDONCONTINUEFAILED);
+ break;
+ default:
+ PKIX_ERROR(PKIX_LDAPCERTSTOREINILLEGALSTATE);
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_MakeAndFilter
+ * DESCRIPTION:
+ *
+ * This function allocates space from the arena pointed to by "arena" to
+ * construct a filter that will match components of the X500Name pointed to by
+ * XXX...
+ *
+ * PARAMETERS:
+ * "arena"
+ * The address of the PLArenaPool used in creating the filter. Must be
+ * non-NULL.
+ * "nameComponent"
+ * The address of a NULL-terminated list of LDAPNameComponents
+ * Must be non-NULL.
+ * "pFilter"
+ * The address at which the result is stored.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_MakeAndFilter(
+ PLArenaPool *arena,
+ LDAPNameComponent **nameComponents,
+ LDAPFilter **pFilter,
+ void *plContext)
+{
+ LDAPFilter **setOfFilter;
+ LDAPFilter *andFilter = NULL;
+ LDAPFilter *currentFilter = NULL;
+ PKIX_UInt32 componentsPresent = 0;
+ void *v = NULL;
+ unsigned char *component = NULL;
+ LDAPNameComponent **componentP = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_LdapDefaultClient_MakeAndFilter");
+ PKIX_NULLCHECK_THREE(arena, nameComponents, pFilter);
+
+ /* count how many components we were provided */
+ for (componentP = nameComponents, componentsPresent = 0;
+ *(componentP++) != NULL;
+ componentsPresent++) {}
+
+ /* Space for (componentsPresent + 1) pointers to LDAPFilter */
+ PKIX_PL_NSSCALLRV(CERTSTORE, v, PORT_ArenaZAlloc,
+ (arena, (componentsPresent + 1)*sizeof(LDAPFilter *)));
+ setOfFilter = (LDAPFilter **)v;
+
+ /* Space for AndFilter and <componentsPresent> EqualFilters */
+ PKIX_PL_NSSCALLRV(CERTSTORE, v, PORT_ArenaZNewArray,
+ (arena, LDAPFilter, componentsPresent + 1));
+ setOfFilter[0] = (LDAPFilter *)v;
+
+ /* Claim the first array element for the ANDFilter */
+ andFilter = setOfFilter[0];
+
+ /* Set ANDFilter to point to the first EqualFilter pointer */
+ andFilter->selector = LDAP_ANDFILTER_TYPE;
+ andFilter->filter.andFilter.filters = setOfFilter;
+
+ currentFilter = andFilter + 1;
+
+ for (componentP = nameComponents, componentsPresent = 0;
+ *(componentP) != NULL; componentP++) {
+ setOfFilter[componentsPresent++] = currentFilter;
+ currentFilter->selector = LDAP_EQUALFILTER_TYPE;
+ component = (*componentP)->attrType;
+ currentFilter->filter.equalFilter.attrType.data = component;
+ currentFilter->filter.equalFilter.attrType.len =
+ PL_strlen((const char *)component);
+ component = (*componentP)->attrValue;
+ currentFilter->filter.equalFilter.attrValue.data = component;
+ currentFilter->filter.equalFilter.attrValue.len =
+ PL_strlen((const char *)component);
+ currentFilter++;
+ }
+
+ setOfFilter[componentsPresent] = NULL;
+
+ *pFilter = andFilter;
+
+ PKIX_RETURN(CERTSTORE);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_InitiateRequest
+ * DESCRIPTION:
+ *
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "requestParams"
+ * The address of an LdapClientParams object. Must be non-NULL.
+ * "pPollDesc"
+ * The location where the address of the PRPollDesc is stored, if the
+ * client returns with I/O pending.
+ * "pResponse"
+ * The address where the List of LDAPResponses, or NULL for an
+ * unfinished request, is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_InitiateRequest(
+ PKIX_PL_LdapClient *genericClient,
+ LDAPRequestParams *requestParams,
+ void **pPollDesc,
+ PKIX_List **pResponse,
+ void *plContext)
+{
+ PKIX_List *searchResponseList = NULL;
+ SECItem *encoded = NULL;
+ LDAPFilter *filter = NULL;
+ PKIX_PL_LdapDefaultClient *client = 0;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT,
+ "pkix_pl_LdapDefaultClient_InitiateRequest");
+ PKIX_NULLCHECK_FOUR(genericClient, requestParams, pPollDesc, pResponse);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)genericClient,
+ PKIX_LDAPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_GENERICCLIENTNOTANLDAPDEFAULTCLIENT);
+
+ client = (PKIX_PL_LdapDefaultClient *)genericClient;
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_MakeAndFilter
+ (client->arena, requestParams->nc, &filter, plContext),
+ PKIX_LDAPDEFAULTCLIENTMAKEANDFILTERFAILED);
+
+ PKIX_CHECK(pkix_pl_LdapRequest_Create
+ (client->arena,
+ client->messageID++,
+ requestParams->baseObject,
+ requestParams->scope,
+ requestParams->derefAliases,
+ requestParams->sizeLimit,
+ requestParams->timeLimit,
+ PKIX_FALSE, /* attrs only */
+ filter,
+ requestParams->attributes,
+ &client->currentRequest,
+ plContext),
+ PKIX_LDAPREQUESTCREATEFAILED);
+
+ /* check hashtable for matching request */
+ PKIX_CHECK(PKIX_PL_HashTable_Lookup
+ (client->cachePtr,
+ (PKIX_PL_Object *)(client->currentRequest),
+ (PKIX_PL_Object **)&searchResponseList,
+ plContext),
+ PKIX_HASHTABLELOOKUPFAILED);
+
+ if (searchResponseList != NULL) {
+ *pPollDesc = NULL;
+ *pResponse = searchResponseList;
+ PKIX_DECREF(client->currentRequest);
+ goto cleanup;
+ }
+
+ /* It wasn't cached. We'll have to actually send it. */
+
+ PKIX_CHECK(pkix_pl_LdapRequest_GetEncoded
+ (client->currentRequest, &encoded, plContext),
+ PKIX_LDAPREQUESTGETENCODEDFAILED);
+
+ client->sendBuf = encoded->data;
+ client->bytesToWrite = encoded->len;
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_Dispatch(client, plContext),
+ PKIX_LDAPDEFAULTCLIENTDISPATCHFAILED);
+
+ /*
+ * It's not enough that we may be done with a particular read.
+ * We're still processing the transaction until we've gotten the
+ * SearchResponseResult message and returned to the BOUND state.
+ * Otherwise we must still have a read pending, and must hold off
+ * on returning results.
+ */
+ if ((client->connectStatus == BOUND) &&
+ (client->entriesFound != NULL)) {
+ *pPollDesc = NULL;
+ *pResponse = client->entriesFound;
+ client->entriesFound = NULL;
+ PKIX_DECREF(client->currentRequest);
+ } else {
+ *pPollDesc = &client->pollDesc;
+ *pResponse = NULL;
+ }
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapDefaultClient_ResumeRequest
+ * DESCRIPTION:
+ *
+ *
+ * PARAMETERS:
+ * "client"
+ * The address of the LdapDefaultClient object. Must be non-NULL.
+ * "pPollDesc"
+ * The location where the address of the PRPollDesc is stored, if the
+ * client returns with I/O pending.
+ * "pResponse"
+ * The address where the List of LDAPResponses, or NULL for an
+ * unfinished request, is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a LdapDefaultClient Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapDefaultClient_ResumeRequest(
+ PKIX_PL_LdapClient *genericClient,
+ void **pPollDesc,
+ PKIX_List **pResponse,
+ void *plContext)
+{
+ PKIX_PL_LdapDefaultClient *client = 0;
+
+ PKIX_ENTER
+ (LDAPDEFAULTCLIENT, "pkix_pl_LdapDefaultClient_ResumeRequest");
+ PKIX_NULLCHECK_THREE(genericClient, pPollDesc, pResponse);
+
+ PKIX_CHECK(pkix_CheckType
+ ((PKIX_PL_Object *)genericClient,
+ PKIX_LDAPDEFAULTCLIENT_TYPE,
+ plContext),
+ PKIX_GENERICCLIENTNOTANLDAPDEFAULTCLIENT);
+
+ client = (PKIX_PL_LdapDefaultClient *)genericClient;
+
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_Dispatch(client, plContext),
+ PKIX_LDAPDEFAULTCLIENTDISPATCHFAILED);
+
+ /*
+ * It's not enough that we may be done with a particular read.
+ * We're still processing the transaction until we've gotten the
+ * SearchResponseResult message and returned to the BOUND state.
+ * Otherwise we must still have a read pending, and must hold off
+ * on returning results.
+ */
+ if ((client->connectStatus == BOUND) &&
+ (client->entriesFound != NULL)) {
+ *pPollDesc = NULL;
+ *pResponse = client->entriesFound;
+ client->entriesFound = NULL;
+ PKIX_DECREF(client->currentRequest);
+ } else {
+ *pPollDesc = &client->pollDesc;
+ *pResponse = NULL;
+ }
+
+cleanup:
+
+ PKIX_RETURN(LDAPDEFAULTCLIENT);
+
+}
+
+/* --Public-LdapDefaultClient-Functions----------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_LdapDefaultClient_AbandonRequest
+ * DESCRIPTION:
+ *
+ * This function creates and sends an LDAP-protocol "Abandon" message to the
+ * server connected to the LdapDefaultClient pointed to by "client".
+ *
+ * PARAMETERS:
+ * "client"
+ * The LdapDefaultClient whose connection is to be abandoned. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_LdapDefaultClient_AbandonRequest(
+ PKIX_PL_LdapDefaultClient *client,
+ void *plContext)
+{
+ PKIX_Int32 bytesWritten = 0;
+ PKIX_PL_Socket_Callback *callbackList = NULL;
+ SECItem *encoded = NULL;
+
+ PKIX_ENTER(CERTSTORE, "PKIX_PL_LdapDefaultClient_AbandonRequest");
+ PKIX_NULLCHECK_ONE(client);
+
+ if (client->connectStatus == RECV_PENDING) {
+ PKIX_CHECK(pkix_pl_LdapDefaultClient_MakeAbandon
+ (client->arena,
+ (client->messageID) - 1,
+ &encoded,
+ plContext),
+ PKIX_LDAPDEFAULTCLIENTMAKEABANDONFAILED);
+
+ callbackList = (PKIX_PL_Socket_Callback *)(client->callbackList);
+ PKIX_CHECK(callbackList->sendCallback
+ (client->clientSocket,
+ encoded->data,
+ encoded->len,
+ &bytesWritten,
+ plContext),
+ PKIX_SOCKETSENDFAILED);
+
+ if (bytesWritten < 0) {
+ client->connectStatus = ABANDON_PENDING;
+ } else {
+ client->connectStatus = BOUND;
+ }
+ }
+
+ PKIX_DECREF(client->entriesFound);
+ PKIX_DECREF(client->currentRequest);
+ PKIX_DECREF(client->currentResponse);
+
+cleanup:
+
+ PKIX_DECREF(client);
+
+ PKIX_RETURN(CERTSTORE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.h
new file mode 100644
index 000000000..4abe04328
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapdefaultclient.h
@@ -0,0 +1,82 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldapdefaultclient.h
+ *
+ * LDAPDefaultClient Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_LDAPDEFAULTCLIENT_H
+#define _PKIX_PL_LDAPDEFAULTCLIENT_H
+
+#include "pkix_pl_ldapt.h"
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * At the time of this version, there are unresolved questions about the LDAP
+ * protocol. Although RFC1777 describes a BIND and UNBIND message, it is not
+ * clear whether they are appropriate to this application. We have tested only
+ * using servers that do not expect authentication, and that reject BIND
+ * messages. It is not clear what values might be appropriate for the bindname
+ * and authentication fields, which are currently implemented as char strings
+ * supplied by the caller. (If this changes, the API and possibly the templates
+ * will have to change.) Therefore the LDAPClient_Create API contains a
+ * BindAPI structure, a union, which will have to be revised and extended when
+ * this area of the protocol is better understood.
+ *
+ */
+
+typedef enum {
+ CONNECT_PENDING,
+ CONNECTED,
+ BIND_PENDING,
+ BIND_RESPONSE,
+ BIND_RESPONSE_PENDING,
+ BOUND,
+ SEND_PENDING,
+ RECV,
+ RECV_PENDING,
+ RECV_INITIAL,
+ RECV_NONINITIAL,
+ ABANDON_PENDING
+} LdapClientConnectStatus;
+
+struct PKIX_PL_LdapDefaultClientStruct {
+ PKIX_PL_LdapClient vtable;
+ LdapClientConnectStatus connectStatus;
+ PKIX_UInt32 messageID;
+ PKIX_PL_HashTable *cachePtr;
+ PKIX_PL_Socket *clientSocket;
+ PRPollDesc pollDesc;
+ void *callbackList; /* cast this to (PKIX_PL_Socket_Callback *) */
+ LDAPBindAPI *bindAPI;
+ PLArenaPool *arena;
+ PRTime lastIO;
+ void *sendBuf;
+ PKIX_UInt32 bytesToWrite;
+ void *rcvBuf;
+ PKIX_UInt32 capacity;
+ void *currentInPtr;
+ PKIX_UInt32 currentBytesAvailable;
+ void *bindMsg;
+ PKIX_UInt32 bindMsgLen;
+ PKIX_List *entriesFound;
+ PKIX_PL_LdapRequest *currentRequest;
+ PKIX_PL_LdapResponse *currentResponse;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_LdapDefaultClient_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_LDAPDEFAULTCLIENT_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.c
new file mode 100644
index 000000000..4546e339a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.c
@@ -0,0 +1,757 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldaprequest.c
+ *
+ */
+
+#include "pkix_pl_ldaprequest.h"
+
+/* --Private-LdapRequest-Functions------------------------------------- */
+
+/* Note: lengths do not include the NULL terminator */
+static const char caAttr[] = "caCertificate;binary";
+static unsigned int caAttrLen = sizeof(caAttr) - 1;
+static const char uAttr[] = "userCertificate;binary";
+static unsigned int uAttrLen = sizeof(uAttr) - 1;
+static const char ccpAttr[] = "crossCertificatePair;binary";
+static unsigned int ccpAttrLen = sizeof(ccpAttr) - 1;
+static const char crlAttr[] = "certificateRevocationList;binary";
+static unsigned int crlAttrLen = sizeof(crlAttr) - 1;
+static const char arlAttr[] = "authorityRevocationList;binary";
+static unsigned int arlAttrLen = sizeof(arlAttr) - 1;
+
+/*
+ * XXX If this function were moved into pkix_pl_ldapcertstore.c then all of
+ * LdapRequest and LdapResponse could be considered part of the LDAP client.
+ * But the constants, above, would have to be copied as well, and they are
+ * also needed in pkix_pl_LdapRequest_EncodeAttrs. So there would have to be
+ * two copies.
+ */
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_AttrTypeToBit
+ * DESCRIPTION:
+ *
+ * This function creates an attribute mask bit corresponding to the SECItem
+ * pointed to by "attrType", storing the result at "pAttrBit". The comparison
+ * is case-insensitive. If "attrType" does not match any of the known types,
+ * zero is stored at "pAttrBit".
+ *
+ * PARAMETERS
+ * "attrType"
+ * The address of the SECItem whose string contents are to be compared to
+ * the various known attribute types. Must be non-NULL.
+ * "pAttrBit"
+ * The address where the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapRequest Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapRequest_AttrTypeToBit(
+ SECItem *attrType,
+ LdapAttrMask *pAttrBit,
+ void *plContext)
+{
+ LdapAttrMask attrBit = 0;
+ unsigned int attrLen = 0;
+ const char *s = NULL;
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_AttrTypeToBit");
+ PKIX_NULLCHECK_TWO(attrType, pAttrBit);
+
+ s = (const char *)attrType->data;
+ attrLen = attrType->len;
+
+ /*
+ * Taking note of the fact that all of the comparand strings are
+ * different lengths, we do a slight optimization. If a string
+ * length matches but the string does not match, we skip comparing
+ * to the other strings. If new strings are added to the comparand
+ * list, and any are of equal length, be careful to change the
+ * grouping of tests accordingly.
+ */
+ if (attrLen == caAttrLen) {
+ if (PORT_Strncasecmp(caAttr, s, attrLen) == 0) {
+ attrBit = LDAPATTR_CACERT;
+ }
+ } else if (attrLen == uAttrLen) {
+ if (PORT_Strncasecmp(uAttr, s, attrLen) == 0) {
+ attrBit = LDAPATTR_USERCERT;
+ }
+ } else if (attrLen == ccpAttrLen) {
+ if (PORT_Strncasecmp(ccpAttr, s, attrLen) == 0) {
+ attrBit = LDAPATTR_CROSSPAIRCERT;
+ }
+ } else if (attrLen == crlAttrLen) {
+ if (PORT_Strncasecmp(crlAttr, s, attrLen) == 0) {
+ attrBit = LDAPATTR_CERTREVLIST;
+ }
+ } else if (attrLen == arlAttrLen) {
+ if (PORT_Strncasecmp(arlAttr, s, attrLen) == 0) {
+ attrBit = LDAPATTR_AUTHREVLIST;
+ }
+ }
+
+ *pAttrBit = attrBit;
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_AttrStringToBit
+ * DESCRIPTION:
+ *
+ * This function creates an attribute mask bit corresponding to the null-
+ * terminated string pointed to by "attrString", storing the result at
+ * "pAttrBit". The comparison is case-insensitive. If "attrString" does not
+ * match any of the known types, zero is stored at "pAttrBit".
+ *
+ * PARAMETERS
+ * "attrString"
+ * The address of the null-terminated string whose contents are to be compared to
+ * the various known attribute types. Must be non-NULL.
+ * "pAttrBit"
+ * The address where the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapRequest Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapRequest_AttrStringToBit(
+ char *attrString,
+ LdapAttrMask *pAttrBit,
+ void *plContext)
+{
+ LdapAttrMask attrBit = 0;
+ unsigned int attrLen = 0;
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_AttrStringToBit");
+ PKIX_NULLCHECK_TWO(attrString, pAttrBit);
+
+ attrLen = PL_strlen(attrString);
+
+ /*
+ * Taking note of the fact that all of the comparand strings are
+ * different lengths, we do a slight optimization. If a string
+ * length matches but the string does not match, we skip comparing
+ * to the other strings. If new strings are added to the comparand
+ * list, and any are of equal length, be careful to change the
+ * grouping of tests accordingly.
+ */
+ if (attrLen == caAttrLen) {
+ if (PORT_Strncasecmp(caAttr, attrString, attrLen) == 0) {
+ attrBit = LDAPATTR_CACERT;
+ }
+ } else if (attrLen == uAttrLen) {
+ if (PORT_Strncasecmp(uAttr, attrString, attrLen) == 0) {
+ attrBit = LDAPATTR_USERCERT;
+ }
+ } else if (attrLen == ccpAttrLen) {
+ if (PORT_Strncasecmp(ccpAttr, attrString, attrLen) == 0) {
+ attrBit = LDAPATTR_CROSSPAIRCERT;
+ }
+ } else if (attrLen == crlAttrLen) {
+ if (PORT_Strncasecmp(crlAttr, attrString, attrLen) == 0) {
+ attrBit = LDAPATTR_CERTREVLIST;
+ }
+ } else if (attrLen == arlAttrLen) {
+ if (PORT_Strncasecmp(arlAttr, attrString, attrLen) == 0) {
+ attrBit = LDAPATTR_AUTHREVLIST;
+ }
+ }
+
+ *pAttrBit = attrBit;
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_EncodeAttrs
+ * DESCRIPTION:
+ *
+ * This function obtains the attribute mask bits from the LdapRequest pointed
+ * to by "request", creates the corresponding array of AttributeTypes for the
+ * encoding of the SearchRequest message.
+ *
+ * PARAMETERS
+ * "request"
+ * The address of the LdapRequest whose attributes are to be encoded. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapRequest Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_LdapRequest_EncodeAttrs(
+ PKIX_PL_LdapRequest *request,
+ void *plContext)
+{
+ SECItem **attrArray = NULL;
+ PKIX_UInt32 attrIndex = 0;
+ LdapAttrMask attrBits;
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_EncodeAttrs");
+ PKIX_NULLCHECK_ONE(request);
+
+ /* construct "attrs" according to bits in request->attrBits */
+ attrBits = request->attrBits;
+ attrArray = request->attrArray;
+ if ((attrBits & LDAPATTR_CACERT) == LDAPATTR_CACERT) {
+ attrArray[attrIndex] = &(request->attributes[attrIndex]);
+ request->attributes[attrIndex].type = siAsciiString;
+ request->attributes[attrIndex].data = (unsigned char *)caAttr;
+ request->attributes[attrIndex].len = caAttrLen;
+ attrIndex++;
+ }
+ if ((attrBits & LDAPATTR_USERCERT) == LDAPATTR_USERCERT) {
+ attrArray[attrIndex] = &(request->attributes[attrIndex]);
+ request->attributes[attrIndex].type = siAsciiString;
+ request->attributes[attrIndex].data = (unsigned char *)uAttr;
+ request->attributes[attrIndex].len = uAttrLen;
+ attrIndex++;
+ }
+ if ((attrBits & LDAPATTR_CROSSPAIRCERT) == LDAPATTR_CROSSPAIRCERT) {
+ attrArray[attrIndex] = &(request->attributes[attrIndex]);
+ request->attributes[attrIndex].type = siAsciiString;
+ request->attributes[attrIndex].data = (unsigned char *)ccpAttr;
+ request->attributes[attrIndex].len = ccpAttrLen;
+ attrIndex++;
+ }
+ if ((attrBits & LDAPATTR_CERTREVLIST) == LDAPATTR_CERTREVLIST) {
+ attrArray[attrIndex] = &(request->attributes[attrIndex]);
+ request->attributes[attrIndex].type = siAsciiString;
+ request->attributes[attrIndex].data = (unsigned char *)crlAttr;
+ request->attributes[attrIndex].len = crlAttrLen;
+ attrIndex++;
+ }
+ if ((attrBits & LDAPATTR_AUTHREVLIST) == LDAPATTR_AUTHREVLIST) {
+ attrArray[attrIndex] = &(request->attributes[attrIndex]);
+ request->attributes[attrIndex].type = siAsciiString;
+ request->attributes[attrIndex].data = (unsigned char *)arlAttr;
+ request->attributes[attrIndex].len = arlAttrLen;
+ attrIndex++;
+ }
+ attrArray[attrIndex] = (SECItem *)NULL;
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapRequest_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LDAPREQUEST_TYPE, plContext),
+ PKIX_OBJECTNOTLDAPREQUEST);
+
+ /*
+ * All dynamic fields in an LDAPRequest are allocated
+ * in an arena, and will be freed when the arena is destroyed.
+ */
+
+cleanup:
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapRequest_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 dataLen = 0;
+ PKIX_UInt32 dindex = 0;
+ PKIX_UInt32 sizeOfLength = 0;
+ PKIX_UInt32 idLen = 0;
+ const unsigned char *msgBuf = NULL;
+ PKIX_PL_LdapRequest *ldapRq = NULL;
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LDAPREQUEST_TYPE, plContext),
+ PKIX_OBJECTNOTLDAPREQUEST);
+
+ ldapRq = (PKIX_PL_LdapRequest *)object;
+
+ *pHashcode = 0;
+
+ /*
+ * Two requests that differ only in msgnum are a match! Therefore,
+ * start hashcoding beyond the encoded messageID field.
+ */
+ if (ldapRq->encoded) {
+ msgBuf = (const unsigned char *)ldapRq->encoded->data;
+ /* Is message length short form (one octet) or long form? */
+ if ((msgBuf[1] & 0x80) != 0) {
+ sizeOfLength = msgBuf[1] & 0x7F;
+ for (dindex = 0; dindex < sizeOfLength; dindex++) {
+ dataLen = (dataLen << 8) + msgBuf[dindex + 2];
+ }
+ } else {
+ dataLen = msgBuf[1];
+ }
+
+ /* How many bytes for the messageID? (Assume short form) */
+ idLen = msgBuf[dindex + 3] + 2;
+ dindex += idLen;
+ dataLen -= idLen;
+ msgBuf = &msgBuf[dindex + 2];
+
+ PKIX_CHECK(pkix_hash(msgBuf, dataLen, pHashcode, plContext),
+ PKIX_HASHFAILED);
+ }
+
+cleanup:
+
+ PKIX_RETURN(LDAPREQUEST);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapRequest_Equals(
+ PKIX_PL_Object *firstObj,
+ PKIX_PL_Object *secondObj,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_LdapRequest *firstReq = NULL;
+ PKIX_PL_LdapRequest *secondReq = NULL;
+ PKIX_UInt32 secondType = 0;
+ PKIX_UInt32 firstLen = 0;
+ const unsigned char *firstData = NULL;
+ const unsigned char *secondData = NULL;
+ PKIX_UInt32 sizeOfLength = 0;
+ PKIX_UInt32 dindex = 0;
+ PKIX_UInt32 i = 0;
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_Equals");
+ PKIX_NULLCHECK_THREE(firstObj, secondObj, pResult);
+
+ /* test that firstObj is a LdapRequest */
+ PKIX_CHECK(pkix_CheckType(firstObj, PKIX_LDAPREQUEST_TYPE, plContext),
+ PKIX_FIRSTOBJARGUMENTNOTLDAPREQUEST);
+
+ /*
+ * Since we know firstObj is a LdapRequest, if both references are
+ * identical, they must be equal
+ */
+ if (firstObj == secondObj){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObj isn't a LdapRequest, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObj, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_LDAPREQUEST_TYPE) {
+ goto cleanup;
+ }
+
+ firstReq = (PKIX_PL_LdapRequest *)firstObj;
+ secondReq = (PKIX_PL_LdapRequest *)secondObj;
+
+ /* If either lacks an encoded string, they cannot be compared */
+ if (!(firstReq->encoded) || !(secondReq->encoded)) {
+ goto cleanup;
+ }
+
+ if (firstReq->encoded->len != secondReq->encoded->len) {
+ goto cleanup;
+ }
+
+ firstData = (const unsigned char *)firstReq->encoded->data;
+ secondData = (const unsigned char *)secondReq->encoded->data;
+
+ /*
+ * Two requests that differ only in msgnum are equal! Therefore,
+ * start the byte comparison beyond the encoded messageID field.
+ */
+
+ /* Is message length short form (one octet) or long form? */
+ if ((firstData[1] & 0x80) != 0) {
+ sizeOfLength = firstData[1] & 0x7F;
+ for (dindex = 0; dindex < sizeOfLength; dindex++) {
+ firstLen = (firstLen << 8) + firstData[dindex + 2];
+ }
+ } else {
+ firstLen = firstData[1];
+ }
+
+ /* How many bytes for the messageID? (Assume short form) */
+ i = firstData[dindex + 3] + 2;
+ dindex += i;
+ firstLen -= i;
+ firstData = &firstData[dindex + 2];
+
+ /*
+ * In theory, we have to calculate where the second message data
+ * begins by checking its length encodings. But if these messages
+ * are equal, we can re-use the calculation we already did. If they
+ * are not equal, the byte comparisons will surely fail.
+ */
+
+ secondData = &secondData[dindex + 2];
+
+ for (i = 0; i < firstLen; i++) {
+ if (firstData[i] != secondData[i]) {
+ goto cleanup;
+ }
+ }
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_LDAPREQUEST_TYPE and its related functions with
+ * systemClasses[]
+ * PARAMETERS:
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_LdapRequest_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_RegisterSelf");
+
+ entry.description = "LdapRequest";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_LdapRequest);
+ entry.destructor = pkix_pl_LdapRequest_Destroy;
+ entry.equalsFunction = pkix_pl_LdapRequest_Equals;
+ entry.hashcodeFunction = pkix_pl_LdapRequest_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_LDAPREQUEST_TYPE] = entry;
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_Create
+ * DESCRIPTION:
+ *
+ * This function creates an LdapRequest using the PLArenaPool pointed to by
+ * "arena", a message number whose value is "msgnum", a base object pointed to
+ * by "issuerDN", a scope whose value is "scope", a derefAliases flag whose
+ * value is "derefAliases", a sizeLimit whose value is "sizeLimit", a timeLimit
+ * whose value is "timeLimit", an attrsOnly flag whose value is "attrsOnly", a
+ * filter whose value is "filter", and attribute bits whose value is
+ * "attrBits"; storing the result at "pRequestMsg".
+ *
+ * See pkix_pl_ldaptemplates.c (and below) for the ASN.1 representation of
+ * message components, and see pkix_pl_ldapt.h for data types.
+ *
+ * PARAMETERS
+ * "arena"
+ * The address of the PLArenaPool to be used in the encoding. Must be
+ * non-NULL.
+ * "msgnum"
+ * The UInt32 message number to be used for the messageID component of the
+ * LDAP message exchange.
+ * "issuerDN"
+ * The address of the string to be used for the baseObject component of the
+ * LDAP SearchRequest message. Must be non-NULL.
+ * "scope"
+ * The (enumerated) ScopeType to be used for the scope component of the
+ * LDAP SearchRequest message
+ * "derefAliases"
+ * The (enumerated) DerefType to be used for the derefAliases component of
+ * the LDAP SearchRequest message
+ * "sizeLimit"
+ * The UInt32 value to be used for the sizeLimit component of the LDAP
+ * SearchRequest message
+ * "timeLimit"
+ * The UInt32 value to be used for the timeLimit component of the LDAP
+ * SearchRequest message
+ * "attrsOnly"
+ * The Boolean value to be used for the attrsOnly component of the LDAP
+ * SearchRequest message
+ * "filter"
+ * The filter to be used for the filter component of the LDAP
+ * SearchRequest message
+ * "attrBits"
+ * The LdapAttrMask bits indicating the attributes to be included in the
+ * attributes sequence of the LDAP SearchRequest message
+ * "pRequestMsg"
+ * The address at which the address of the LdapRequest is stored. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapRequest Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+/*
+ * SearchRequest ::=
+ * [APPLICATION 3] SEQUENCE {
+ * baseObject LDAPDN,
+ * scope ENUMERATED {
+ * baseObject (0),
+ * singleLevel (1),
+ * wholeSubtree (2)
+ * },
+ * derefAliases ENUMERATED {
+ * neverDerefAliases (0),
+ * derefInSearching (1),
+ * derefFindingBaseObj (2),
+ * alwaysDerefAliases (3)
+ * },
+ * sizeLimit INTEGER (0 .. MAXINT),
+ * -- value of 0 implies no sizeLimit
+ * timeLimit INTEGER (0 .. MAXINT),
+ * -- value of 0 implies no timeLimit
+ * attrsOnly BOOLEAN,
+ * -- TRUE, if only attributes (without values)
+ * -- to be returned
+ * filter Filter,
+ * attributes SEQUENCE OF AttributeType
+ * }
+ *
+ * Filter ::=
+ * CHOICE {
+ * and [0] SET OF Filter,
+ * or [1] SET OF Filter,
+ * not [2] Filter,
+ * equalityMatch [3] AttributeValueAssertion,
+ * substrings [4] SubstringFilter,
+ * greaterOrEqual [5] AttributeValueAssertion,
+ * lessOrEqual [6] AttributeValueAssertion,
+ * present [7] AttributeType,
+ * approxMatch [8] AttributeValueAssertion
+ * }
+ *
+ * SubstringFilter ::=
+ * SEQUENCE {
+ * type AttributeType,
+ * SEQUENCE OF CHOICE {
+ * initial [0] LDAPString,
+ * any [1] LDAPString,
+ * final [2] LDAPString,
+ * }
+ * }
+ *
+ * AttributeValueAssertion ::=
+ * SEQUENCE {
+ * attributeType AttributeType,
+ * attributeValue AttributeValue,
+ * }
+ *
+ * AttributeValue ::= OCTET STRING
+ *
+ * AttributeType ::= LDAPString
+ * -- text name of the attribute, or dotted
+ * -- OID representation
+ *
+ * LDAPDN ::= LDAPString
+ *
+ * LDAPString ::= OCTET STRING
+ *
+ */
+PKIX_Error *
+pkix_pl_LdapRequest_Create(
+ PLArenaPool *arena,
+ PKIX_UInt32 msgnum,
+ char *issuerDN,
+ ScopeType scope,
+ DerefType derefAliases,
+ PKIX_UInt32 sizeLimit,
+ PKIX_UInt32 timeLimit,
+ char attrsOnly,
+ LDAPFilter *filter,
+ LdapAttrMask attrBits,
+ PKIX_PL_LdapRequest **pRequestMsg,
+ void *plContext)
+{
+ LDAPMessage msg;
+ LDAPSearch *search;
+ PKIX_PL_LdapRequest *ldapRequest = NULL;
+ char scopeTypeAsChar;
+ char derefAliasesTypeAsChar;
+ SECItem *attrArray[MAX_LDAPATTRS + 1];
+
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_Create");
+ PKIX_NULLCHECK_THREE(arena, issuerDN, pRequestMsg);
+
+ /* create a PKIX_PL_LdapRequest object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_LDAPREQUEST_TYPE,
+ sizeof (PKIX_PL_LdapRequest),
+ (PKIX_PL_Object **)&ldapRequest,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ ldapRequest->arena = arena;
+ ldapRequest->msgnum = msgnum;
+ ldapRequest->issuerDN = issuerDN;
+ ldapRequest->scope = scope;
+ ldapRequest->derefAliases = derefAliases;
+ ldapRequest->sizeLimit = sizeLimit;
+ ldapRequest->timeLimit = timeLimit;
+ ldapRequest->attrsOnly = attrsOnly;
+ ldapRequest->filter = filter;
+ ldapRequest->attrBits = attrBits;
+
+ ldapRequest->attrArray = attrArray;
+
+ PKIX_CHECK(pkix_pl_LdapRequest_EncodeAttrs
+ (ldapRequest, plContext),
+ PKIX_LDAPREQUESTENCODEATTRSFAILED);
+
+ PKIX_PL_NSSCALL
+ (LDAPREQUEST, PORT_Memset, (&msg, 0, sizeof (LDAPMessage)));
+
+ msg.messageID.type = siUnsignedInteger;
+ msg.messageID.data = (void*)&msgnum;
+ msg.messageID.len = sizeof (msgnum);
+
+ msg.protocolOp.selector = LDAP_SEARCH_TYPE;
+
+ search = &(msg.protocolOp.op.searchMsg);
+
+ search->baseObject.type = siAsciiString;
+ search->baseObject.data = (void *)issuerDN;
+ search->baseObject.len = PL_strlen(issuerDN);
+ scopeTypeAsChar = (char)scope;
+ search->scope.type = siUnsignedInteger;
+ search->scope.data = (void *)&scopeTypeAsChar;
+ search->scope.len = sizeof (scopeTypeAsChar);
+ derefAliasesTypeAsChar = (char)derefAliases;
+ search->derefAliases.type = siUnsignedInteger;
+ search->derefAliases.data =
+ (void *)&derefAliasesTypeAsChar;
+ search->derefAliases.len =
+ sizeof (derefAliasesTypeAsChar);
+ search->sizeLimit.type = siUnsignedInteger;
+ search->sizeLimit.data = (void *)&sizeLimit;
+ search->sizeLimit.len = sizeof (PKIX_UInt32);
+ search->timeLimit.type = siUnsignedInteger;
+ search->timeLimit.data = (void *)&timeLimit;
+ search->timeLimit.len = sizeof (PKIX_UInt32);
+ search->attrsOnly.type = siBuffer;
+ search->attrsOnly.data = (void *)&attrsOnly;
+ search->attrsOnly.len = sizeof (attrsOnly);
+
+ PKIX_PL_NSSCALL
+ (LDAPREQUEST,
+ PORT_Memcpy,
+ (&search->filter, filter, sizeof (LDAPFilter)));
+
+ search->attributes = attrArray;
+
+ PKIX_PL_NSSCALLRV
+ (LDAPREQUEST, ldapRequest->encoded, SEC_ASN1EncodeItem,
+ (arena, NULL, (void *)&msg, PKIX_PL_LDAPMessageTemplate));
+
+ if (!(ldapRequest->encoded)) {
+ PKIX_ERROR(PKIX_FAILEDINENCODINGSEARCHREQUEST);
+ }
+
+ *pRequestMsg = ldapRequest;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(ldapRequest);
+ }
+
+ PKIX_RETURN(LDAPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapRequest_GetEncoded
+ * DESCRIPTION:
+ *
+ * This function obtains the encoded message from the LdapRequest pointed to
+ * by "request", storing the result at "pRequestBuf".
+ *
+ * PARAMETERS
+ * "request"
+ * The address of the LdapRequest whose encoded message is to be
+ * retrieved. Must be non-NULL.
+ * "pRequestBuf"
+ * The address at which is stored the address of the encoded message. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapRequest Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapRequest_GetEncoded(
+ PKIX_PL_LdapRequest *request,
+ SECItem **pRequestBuf,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPREQUEST, "pkix_pl_LdapRequest_GetEncoded");
+ PKIX_NULLCHECK_TWO(request, pRequestBuf);
+
+ *pRequestBuf = request->encoded;
+
+ PKIX_RETURN(LDAPREQUEST);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.h
new file mode 100644
index 000000000..1d05a9447
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaprequest.h
@@ -0,0 +1,86 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldaprequest.h
+ *
+ * LdapRequest Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_LDAPREQUEST_H
+#define _PKIX_PL_LDAPREQUEST_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum {
+ USER_CERT,
+ CA_CERT,
+ CROSS_CERT,
+ CRL,
+ ARL,
+ DELTA_CRL
+} PKIX_PL_LdapAttr;
+
+struct PKIX_PL_LdapRequestStruct{
+ PLArenaPool *arena;
+ PKIX_UInt32 msgnum;
+ char *issuerDN;
+ ScopeType scope;
+ DerefType derefAliases;
+ PKIX_UInt32 sizeLimit;
+ PKIX_UInt32 timeLimit;
+ char attrsOnly;
+ LDAPFilter *filter;
+ LdapAttrMask attrBits;
+ SECItem attributes[MAX_LDAPATTRS];
+ SECItem **attrArray;
+ SECItem *encoded;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_LdapRequest_Create(
+ PLArenaPool *arena,
+ PKIX_UInt32 msgnum,
+ char *issuerDN,
+ ScopeType scope,
+ DerefType derefAliases,
+ PKIX_UInt32 sizeLimit,
+ PKIX_UInt32 timeLimit,
+ char attrsOnly,
+ LDAPFilter *filter,
+ LdapAttrMask attrBits,
+ PKIX_PL_LdapRequest **pRequestMsg,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapRequest_AttrTypeToBit(
+ SECItem *attrType,
+ LdapAttrMask *pAttrBit,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapRequest_AttrStringToBit(
+ char *attrString,
+ LdapAttrMask *pAttrBit,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapRequest_GetEncoded(
+ PKIX_PL_LdapRequest *request,
+ SECItem **pRequestBuf,
+ void *plContext);
+
+PKIX_Error *pkix_pl_LdapRequest_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_LDAPREQUEST_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.c
new file mode 100644
index 000000000..cd2543f3b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.c
@@ -0,0 +1,786 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldapresponse.c
+ *
+ */
+
+#include <fcntl.h>
+#include "pkix_pl_ldapresponse.h"
+
+/* --Private-LdapResponse-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapResponse_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_LdapResponse *ldapRsp = NULL;
+ LDAPMessage *m = NULL;
+ LDAPSearchResponseEntry *entry = NULL;
+ LDAPSearchResponseResult *result = NULL;
+ LDAPSearchResponseAttr **attributes = NULL;
+ LDAPSearchResponseAttr *attr = NULL;
+ SECItem **valp = NULL;
+ SECItem *val = NULL;
+
+ PKIX_ENTER(LDAPRESPONSE, "pkix_pl_LdapResponse_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LDAPRESPONSE_TYPE, plContext),
+ PKIX_OBJECTNOTLDAPRESPONSE);
+
+ ldapRsp = (PKIX_PL_LdapResponse *)object;
+
+ m = &ldapRsp->decoded;
+
+ if (m->messageID.data != NULL) {
+ PR_Free(m->messageID.data);
+ }
+
+ if (m->protocolOp.selector ==
+ LDAP_SEARCHRESPONSEENTRY_TYPE) {
+ entry = &m->protocolOp.op.searchResponseEntryMsg;
+ if (entry->objectName.data != NULL) {
+ PR_Free(entry->objectName.data);
+ }
+ if (entry->attributes != NULL) {
+ for (attributes = entry->attributes;
+ *attributes != NULL;
+ attributes++) {
+ attr = *attributes;
+ PR_Free(attr->attrType.data);
+ for (valp = attr->val; *valp != NULL; valp++) {
+ val = *valp;
+ if (val->data != NULL) {
+ PR_Free(val->data);
+ }
+ PR_Free(val);
+ }
+ PR_Free(attr->val);
+ PR_Free(attr);
+ }
+ PR_Free(entry->attributes);
+ }
+ } else if (m->protocolOp.selector ==
+ LDAP_SEARCHRESPONSERESULT_TYPE) {
+ result = &m->protocolOp.op.searchResponseResultMsg;
+ if (result->resultCode.data != NULL) {
+ PR_Free(result->resultCode.data);
+ }
+ }
+
+ PKIX_FREE(ldapRsp->derEncoded.data);
+
+cleanup:
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapResponse_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 dataLen = 0;
+ PKIX_UInt32 dindex = 0;
+ PKIX_UInt32 sizeOfLength = 0;
+ PKIX_UInt32 idLen = 0;
+ const unsigned char *msgBuf = NULL;
+ PKIX_PL_LdapResponse *ldapRsp = NULL;
+
+ PKIX_ENTER(LDAPRESPONSE, "pkix_pl_LdapResponse_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_LDAPRESPONSE_TYPE, plContext),
+ PKIX_OBJECTNOTLDAPRESPONSE);
+
+ ldapRsp = (PKIX_PL_LdapResponse *)object;
+
+ *pHashcode = 0;
+
+ /*
+ * Two responses that differ only in msgnum are a match! Therefore,
+ * start hashcoding beyond the encoded messageID field.
+ */
+ if (ldapRsp->derEncoded.data) {
+ msgBuf = (const unsigned char *)ldapRsp->derEncoded.data;
+ /* Is message length short form (one octet) or long form? */
+ if ((msgBuf[1] & 0x80) != 0) {
+ sizeOfLength = msgBuf[1] & 0x7F;
+ for (dindex = 0; dindex < sizeOfLength; dindex++) {
+ dataLen = (dataLen << 8) + msgBuf[dindex + 2];
+ }
+ } else {
+ dataLen = msgBuf[1];
+ }
+
+ /* How many bytes for the messageID? (Assume short form) */
+ idLen = msgBuf[dindex + 3] + 2;
+ dindex += idLen;
+ dataLen -= idLen;
+ msgBuf = &msgBuf[dindex + 2];
+
+ PKIX_CHECK(pkix_hash(msgBuf, dataLen, pHashcode, plContext),
+ PKIX_HASHFAILED);
+ }
+
+cleanup:
+
+ PKIX_RETURN(LDAPRESPONSE);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_LdapResponse_Equals(
+ PKIX_PL_Object *firstObj,
+ PKIX_PL_Object *secondObj,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_LdapResponse *rsp1 = NULL;
+ PKIX_PL_LdapResponse *rsp2 = NULL;
+ PKIX_UInt32 secondType = 0;
+ PKIX_UInt32 firstLen = 0;
+ const unsigned char *firstData = NULL;
+ const unsigned char *secondData = NULL;
+ PKIX_UInt32 sizeOfLength = 0;
+ PKIX_UInt32 dindex = 0;
+ PKIX_UInt32 i = 0;
+
+ PKIX_ENTER(LDAPRESPONSE, "pkix_pl_LdapResponse_Equals");
+ PKIX_NULLCHECK_THREE(firstObj, secondObj, pResult);
+
+ /* test that firstObj is a LdapResponse */
+ PKIX_CHECK(pkix_CheckType(firstObj, PKIX_LDAPRESPONSE_TYPE, plContext),
+ PKIX_FIRSTOBJARGUMENTNOTLDAPRESPONSE);
+
+ /*
+ * Since we know firstObj is a LdapResponse, if both references are
+ * identical, they must be equal
+ */
+ if (firstObj == secondObj){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObj isn't a LdapResponse, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType(secondObj, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_LDAPRESPONSE_TYPE) {
+ goto cleanup;
+ }
+
+ rsp1 = (PKIX_PL_LdapResponse *)firstObj;
+ rsp2 = (PKIX_PL_LdapResponse *)secondObj;
+
+ /* If either lacks an encoded string, they cannot be compared */
+ if (!(rsp1->derEncoded.data) || !(rsp2->derEncoded.data)) {
+ goto cleanup;
+ }
+
+ if (rsp1->derEncoded.len != rsp2->derEncoded.len) {
+ goto cleanup;
+ }
+
+ firstData = (const unsigned char *)rsp1->derEncoded.data;
+ secondData = (const unsigned char *)rsp2->derEncoded.data;
+
+ /*
+ * Two responses that differ only in msgnum are equal! Therefore,
+ * start the byte comparison beyond the encoded messageID field.
+ */
+
+ /* Is message length short form (one octet) or long form? */
+ if ((firstData[1] & 0x80) != 0) {
+ sizeOfLength = firstData[1] & 0x7F;
+ for (dindex = 0; dindex < sizeOfLength; dindex++) {
+ firstLen = (firstLen << 8) + firstData[dindex + 2];
+ }
+ } else {
+ firstLen = firstData[1];
+ }
+
+ /* How many bytes for the messageID? (Assume short form) */
+ i = firstData[dindex + 3] + 2;
+ dindex += i;
+ firstLen -= i;
+ firstData = &firstData[dindex + 2];
+
+ /*
+ * In theory, we have to calculate where the second message data
+ * begins by checking its length encodings. But if these messages
+ * are equal, we can re-use the calculation we already did. If they
+ * are not equal, the byte comparisons will surely fail.
+ */
+
+ secondData = &secondData[dindex + 2];
+
+ for (i = 0; i < firstLen; i++) {
+ if (firstData[i] != secondData[i]) {
+ goto cleanup;
+ }
+ }
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_LDAPRESPONSE_TYPE and its related functions with
+ * systemClasses[]
+ * PARAMETERS:
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(LDAPRESPONSE, "pkix_pl_LdapResponse_RegisterSelf");
+
+ entry.description = "LdapResponse";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_LdapResponse);
+ entry.destructor = pkix_pl_LdapResponse_Destroy;
+ entry.equalsFunction = pkix_pl_LdapResponse_Equals;
+ entry.hashcodeFunction = pkix_pl_LdapResponse_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_LDAPRESPONSE_TYPE] = entry;
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_Create
+ * DESCRIPTION:
+ *
+ * This function creates an LdapResponse for the LDAPMessageType provided in
+ * "responseType" and a buffer capacity provided by "totalLength". It copies
+ * into its buffer either "totalLength" or "bytesAvailable" bytes, whichever
+ * is less, from the buffer pointed to by "partialData", storing the number of
+ * bytes copied at "pBytesConsumed" and storing the address of the LdapResponse
+ * at "pLdapResponse".
+ *
+ * If a message is complete in a single I/O buffer, the LdapResponse will be
+ * complete when this function returns. If the message carries over into
+ * additional buffers, their contents will be added to the LdapResponse by
+ * susequent calls to pkix_pl_LdapResponse_Append.
+ *
+ * PARAMETERS
+ * "responseType"
+ * The value of the message type (LDAP_SEARCHRESPONSEENTRY_TYPE or
+ * LDAP_SEARCHRESPONSERESULT_TYPE) for the LdapResponse being created
+ * "totalLength"
+ * The UInt32 value for the total length of the encoded message to be
+ * stored in the LdapResponse
+ * "bytesAvailable"
+ * The UInt32 value for the number of bytes of data available in the
+ * current buffer.
+ * "partialData"
+ * The address from which data is to be copied.
+ * "pBytesConsumed"
+ * The address at which is stored the UInt32 number of bytes taken from the
+ * current buffer. If this number is less than "bytesAvailable", then bytes
+ * remain in the buffer for the next LdapResponse. Must be non-NULL.
+ * "pLdapResponse"
+ * The address where the created LdapResponse is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_Create(
+ LDAPMessageType responseType,
+ PKIX_UInt32 totalLength,
+ PKIX_UInt32 bytesAvailable,
+ void *partialData,
+ PKIX_UInt32 *pBytesConsumed,
+ PKIX_PL_LdapResponse **pLdapResponse,
+ void *plContext)
+{
+ PKIX_UInt32 bytesConsumed = 0;
+ PKIX_PL_LdapResponse *ldapResponse = NULL;
+ void *data = NULL;
+
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_Create");
+ PKIX_NULLCHECK_ONE(pLdapResponse);
+
+ if (bytesAvailable <= totalLength) {
+ bytesConsumed = bytesAvailable;
+ } else {
+ bytesConsumed = totalLength;
+ }
+
+ /* create a PKIX_PL_LdapResponse object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_LDAPRESPONSE_TYPE,
+ sizeof (PKIX_PL_LdapResponse),
+ (PKIX_PL_Object **)&ldapResponse,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ ldapResponse->decoded.protocolOp.selector = responseType;
+ ldapResponse->totalLength = totalLength;
+ ldapResponse->partialLength = bytesConsumed;
+
+ if (totalLength != 0){
+ /* Alloc space for array */
+ PKIX_NULLCHECK_ONE(partialData);
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (totalLength,
+ &data,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_PL_NSSCALL
+ (LDAPRESPONSE,
+ PORT_Memcpy,
+ (data, partialData, bytesConsumed));
+ }
+
+ ldapResponse->derEncoded.type = siBuffer;
+ ldapResponse->derEncoded.data = data;
+ ldapResponse->derEncoded.len = totalLength;
+ *pBytesConsumed = bytesConsumed;
+ *pLdapResponse = ldapResponse;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(ldapResponse);
+ }
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_Append
+ * DESCRIPTION:
+ *
+ * This function updates the LdapResponse pointed to by "response" with up to
+ * "incrLength" from the buffer pointer to by "incrData", storing the number of
+ * bytes copied at "pBytesConsumed".
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse being updated. Must be non-zero.
+ * "incrLength"
+ * The UInt32 value for the number of bytes of data available in the
+ * current buffer.
+ * "incrData"
+ * The address from which data is to be copied.
+ * "pBytesConsumed"
+ * The address at which is stored the UInt32 number of bytes taken from the
+ * current buffer. If this number is less than "incrLength", then bytes
+ * remain in the buffer for the next LdapResponse. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_Append(
+ PKIX_PL_LdapResponse *response,
+ PKIX_UInt32 incrLength,
+ void *incrData,
+ PKIX_UInt32 *pBytesConsumed,
+ void *plContext)
+{
+ PKIX_UInt32 newPartialLength = 0;
+ PKIX_UInt32 bytesConsumed = 0;
+ void *dest = NULL;
+
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_Append");
+ PKIX_NULLCHECK_TWO(response, pBytesConsumed);
+
+ if (incrLength > 0) {
+
+ /* Calculate how many bytes we have room for. */
+ bytesConsumed =
+ response->totalLength - response->partialLength;
+
+ if (bytesConsumed > incrLength) {
+ bytesConsumed = incrLength;
+ }
+
+ newPartialLength = response->partialLength + bytesConsumed;
+
+ PKIX_NULLCHECK_ONE(incrData);
+
+ dest = &(((char *)response->derEncoded.data)[
+ response->partialLength]);
+
+ PKIX_PL_NSSCALL
+ (LDAPRESPONSE,
+ PORT_Memcpy,
+ (dest, incrData, bytesConsumed));
+
+ response->partialLength = newPartialLength;
+ }
+
+ *pBytesConsumed = bytesConsumed;
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_IsComplete
+ * DESCRIPTION:
+ *
+ * This function determines whether the LdapResponse pointed to by "response"
+ * contains all the data called for by the "totalLength" parameter provided
+ * when it was created, storing PKIX_TRUE at "pIsComplete" if so, and
+ * PKIX_FALSE otherwise.
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse being evaluaTED. Must be non-zero.
+ * "incrLength"
+ * The UInt32 value for the number of bytes of data available in the
+ * current buffer.
+ * "incrData"
+ * The address from which data is to be copied.
+ * "pIsComplete"
+ * The address at which is stored the Boolean indication of whether the
+ * LdapResponse is complete. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_IsComplete(
+ PKIX_PL_LdapResponse *response,
+ PKIX_Boolean *pIsComplete,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_IsComplete");
+ PKIX_NULLCHECK_TWO(response, pIsComplete);
+
+ if (response->totalLength == response->partialLength) {
+ *pIsComplete = PKIX_TRUE;
+ } else {
+ *pIsComplete = PKIX_FALSE;
+ }
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_Decode
+ * DESCRIPTION:
+ *
+ * This function decodes the DER data contained in the LdapResponse pointed to
+ * by "response", using the arena pointed to by "arena", and storing at
+ * "pStatus" SECSuccess if the decoding was successful and SECFailure
+ * otherwise. The decoded message is stored in an element of "response".
+ *
+ * PARAMETERS
+ * "arena"
+ * The address of the PLArenaPool to be used in the decoding. Must be
+ * non-NULL.
+ * "response"
+ * The address of the LdapResponse whose DER data is to be decoded. Must
+ * be non-NULL.
+ * "pStatus"
+ * The address at which is stored the status from the decoding, SECSuccess
+ * if successful, SECFailure otherwise. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_Decode(
+ PLArenaPool *arena,
+ PKIX_PL_LdapResponse *response,
+ SECStatus *pStatus,
+ void *plContext)
+{
+ LDAPMessage *msg;
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_Decode");
+ PKIX_NULLCHECK_THREE(arena, response, pStatus);
+
+ if (response->totalLength != response->partialLength) {
+ PKIX_ERROR(PKIX_ATTEMPTTODECODEANINCOMPLETERESPONSE);
+ }
+
+ msg = &(response->decoded);
+
+ PKIX_PL_NSSCALL
+ (LDAPRESPONSE, PORT_Memset, (msg, 0, sizeof (LDAPMessage)));
+
+ PKIX_PL_NSSCALLRV(LDAPRESPONSE, rv, SEC_ASN1DecodeItem,
+ (NULL, msg, PKIX_PL_LDAPMessageTemplate, &(response->derEncoded)));
+
+ *pStatus = rv;
+cleanup:
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_GetMessage
+ * DESCRIPTION:
+ *
+ * This function obtains the decoded message from the LdapResponse pointed to
+ * by "response", storing the result at "pMessage".
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse whose decoded message is to be
+ * retrieved. Must be non-NULL.
+ * "pMessage"
+ * The address at which is stored the address of the decoded message. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_GetMessage(
+ PKIX_PL_LdapResponse *response,
+ LDAPMessage **pMessage,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_GetMessage");
+ PKIX_NULLCHECK_TWO(response, pMessage);
+
+ *pMessage = &response->decoded;
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_GetCapacity
+ * DESCRIPTION:
+ *
+ * This function obtains from the LdapResponse pointed to by "response" the
+ * number of bytes remaining to be read, based on the totalLength that was
+ * provided to LdapResponse_Create and the data subsequently provided to
+ * LdapResponse_Append, storing the result at "pMessage".
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse whose remaining capacity is to be
+ * retrieved. Must be non-NULL.
+ * "pCapacity"
+ * The address at which is stored the address of the decoded message. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_GetCapacity(
+ PKIX_PL_LdapResponse *response,
+ PKIX_UInt32 *pCapacity,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_GetCapacity");
+ PKIX_NULLCHECK_TWO(response, pCapacity);
+
+ *pCapacity = response->totalLength - response->partialLength;
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_GetMessageType
+ * DESCRIPTION:
+ *
+ * This function obtains the message type from the LdapResponse pointed to
+ * by "response", storing the result at "pMessageType".
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse whose message type is to be
+ * retrieved. Must be non-NULL.
+ * "pMessageType"
+ * The address at which is stored the type of the response message. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_GetMessageType(
+ PKIX_PL_LdapResponse *response,
+ LDAPMessageType *pMessageType,
+ void *plContext)
+{
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_GetMessageType");
+ PKIX_NULLCHECK_TWO(response, pMessageType);
+
+ *pMessageType = response->decoded.protocolOp.selector;
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_GetResultCode
+ * DESCRIPTION:
+ *
+ * This function obtains the result code from the LdapResponse pointed to
+ * by "response", storing the result at "pResultCode".
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse whose result code is to be
+ * retrieved. Must be non-NULL.
+ * "pResultCode"
+ * The address at which is stored the address of the decoded message. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_GetResultCode(
+ PKIX_PL_LdapResponse *response,
+ LDAPResultCode *pResultCode,
+ void *plContext)
+{
+ LDAPMessageType messageType = 0;
+ LDAPSearchResponseResult *resultMsg = NULL;
+
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_GetResultCode");
+ PKIX_NULLCHECK_TWO(response, pResultCode);
+
+ messageType = response->decoded.protocolOp.selector;
+
+ if (messageType != LDAP_SEARCHRESPONSERESULT_TYPE) {
+ PKIX_ERROR(PKIX_GETRESULTCODECALLEDFORNONRESULTMESSAGE);
+ }
+
+ resultMsg = &response->decoded.protocolOp.op.searchResponseResultMsg;
+
+ *pResultCode = *(resultMsg->resultCode.data);
+
+cleanup:
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_LdapResponse_GetAttributes
+ * DESCRIPTION:
+ *
+ * This function obtains the attributes from the LdapResponse pointed to
+ * by "response", storing the result at "pAttributes".
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the LdapResponse whose decoded message is to be
+ * retrieved. Must be non-NULL.
+ * "pAttributes"
+ * The address at which is stored the attributes of the message. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an LdapResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_LdapResponse_GetAttributes(
+ PKIX_PL_LdapResponse *response,
+ LDAPSearchResponseAttr ***pAttributes,
+ void *plContext)
+{
+ LDAPMessageType messageType = 0;
+
+ PKIX_ENTER(LDAPRESPONSE, "PKIX_PL_LdapResponse_GetResultCode");
+ PKIX_NULLCHECK_TWO(response, pAttributes);
+
+ messageType = response->decoded.protocolOp.selector;
+
+ if (messageType != LDAP_SEARCHRESPONSEENTRY_TYPE) {
+ PKIX_ERROR(PKIX_GETATTRIBUTESCALLEDFORNONENTRYMESSAGE);
+ }
+
+ *pAttributes = response->
+ decoded.protocolOp.op.searchResponseEntryMsg.attributes;
+
+cleanup:
+
+ PKIX_RETURN(LDAPRESPONSE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.h
new file mode 100644
index 000000000..37dc916b1
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapresponse.h
@@ -0,0 +1,96 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ldapresponse.h
+ *
+ * LdapResponse Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_LDAPRESPONSE_H
+#define _PKIX_PL_LDAPRESPONSE_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_LdapResponseStruct{
+ LDAPMessage decoded;
+ PKIX_UInt32 partialLength;
+ PKIX_UInt32 totalLength;
+ SECItem derEncoded;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_LdapResponse_Create(
+ LDAPMessageType responseType,
+ PKIX_UInt32 totalLength,
+ PKIX_UInt32 bytesAvailable,
+ void *partialData,
+ PKIX_UInt32 *pBytesConsumed,
+ PKIX_PL_LdapResponse **pResponse,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_Append(
+ PKIX_PL_LdapResponse *response,
+ PKIX_UInt32 partialLength,
+ void *partialData,
+ PKIX_UInt32 *bytesConsumed,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_IsComplete(
+ PKIX_PL_LdapResponse *response,
+ PKIX_Boolean *pIsComplete,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_Decode(
+ PLArenaPool *arena,
+ PKIX_PL_LdapResponse *response,
+ SECStatus *pStatus,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_GetMessage(
+ PKIX_PL_LdapResponse *response,
+ LDAPMessage **pMessage,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_GetMessageType(
+ PKIX_PL_LdapResponse *response,
+ LDAPMessageType *pMessageType,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_GetCapacity(
+ PKIX_PL_LdapResponse *response,
+ PKIX_UInt32 *pCapacity,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_GetResultCode(
+ PKIX_PL_LdapResponse *response,
+ LDAPResultCode *pResultCode,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_LdapResponse_GetAttributes(
+ PKIX_PL_LdapResponse *response,
+ LDAPSearchResponseAttr ***pAttributes,
+ void *plContext);
+
+PKIX_Error *pkix_pl_LdapResponse_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_LDAPRESPONSE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapt.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapt.h
new file mode 100644
index 000000000..539803638
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapt.h
@@ -0,0 +1,314 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _LDAP_H_
+#define _LDAP_H_
+
+#include "certt.h"
+#include "pkixt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPCrossCertPairTemplate)
+extern const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(PKIX_PL_LDAPMessageTemplate)
+extern const SEC_ASN1Template LDAPFilterTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(LDAPFilterTemplate)
+
+/* ********************************************************************** */
+
+#define SEC_ASN1_LDAP_STRING SEC_ASN1_OCTET_STRING
+
+#define LDAPATTR_CACERT (1<<0)
+#define LDAPATTR_USERCERT (1<<1)
+#define LDAPATTR_CROSSPAIRCERT (1<<2)
+#define LDAPATTR_CERTREVLIST (1<<3)
+#define LDAPATTR_AUTHREVLIST (1<<4)
+#define MAX_LDAPATTRS 5
+typedef PKIX_UInt32 LdapAttrMask;
+
+typedef enum {
+ SIMPLE_AUTH = 0,
+ KRBV42LDAP_AUTH = 1,
+ KRBV42DSA_AUTH = 2
+} AuthType;
+
+typedef enum {
+ BASE_OBJECT = 0,
+ SINGLE_LEVEL = 1,
+ WHOLE_SUBTREE = 2
+} ScopeType;
+
+typedef enum {
+ NEVER_DEREF = 0,
+ DEREF_IN_SEARCHING = 1,
+ DEREF_FINDING_BASEOBJ = 2,
+ ALWAYS_DEREF = 3
+} DerefType;
+
+typedef enum {
+ LDAP_INITIALSUBSTRING_TYPE = 0,
+ LDAP_ANYSUBSTRING_TYPE = 1,
+ LDAP_FINALSUBSTRING_TYPE = 2
+} LDAPSubstringFilterType;
+
+typedef enum {
+ LDAP_ANDFILTER_TYPE = 0,
+ LDAP_ORFILTER_TYPE = 1,
+ LDAP_NOTFILTER_TYPE = 2,
+ LDAP_EQUALFILTER_TYPE = 3,
+ LDAP_SUBSTRINGFILTER_TYPE = 4,
+ LDAP_GREATEROREQUALFILTER_TYPE = 5,
+ LDAP_LESSOREQUALFILTER_TYPE = 6,
+ LDAP_PRESENTFILTER_TYPE = 7,
+ LDAP_APPROXMATCHFILTER_TYPE = 8
+} LDAPFilterType;
+
+typedef enum {
+ LDAP_BIND_TYPE = 0,
+ LDAP_BINDRESPONSE_TYPE = 1,
+ LDAP_UNBIND_TYPE = 2,
+ LDAP_SEARCH_TYPE = 3,
+ LDAP_SEARCHRESPONSEENTRY_TYPE = 4,
+ LDAP_SEARCHRESPONSERESULT_TYPE = 5,
+ LDAP_ABANDONREQUEST_TYPE = 16
+} LDAPMessageType;
+
+typedef enum {
+ SUCCESS = 0,
+ OPERATIONSERROR = 1,
+ PROTOCOLERROR = 2,
+ TIMELIMITEXCEEDED = 3,
+ SIZELIMITEXCEEDED = 4,
+ COMPAREFALSE = 5,
+ COMPARETRUE = 6,
+ AUTHMETHODNOTSUPPORTED = 7,
+ STRONGAUTHREQUIRED = 8,
+ NOSUCHATTRIBUTE = 16,
+ UNDEFINEDATTRIBUTETYPE = 17,
+ INAPPROPRIATEMATCHING = 18,
+ CONSTRAINTVIOLATION = 19,
+ ATTRIBUTEORVALUEEXISTS = 20,
+ INVALIDATTRIBUTESYNTAX = 21,
+ NOSUCHOBJECT = 32,
+ ALIASPROBLEM = 33,
+ INVALIDDNSYNTAX = 34,
+ ISLEAF = 35,
+ ALIASDEREFERENCINGPROBLEM = 36,
+ INAPPROPRIATEAUTHENTICATION = 48,
+ INVALIDCREDENTIALS = 49,
+ INSUFFICIENTACCESSRIGHTS = 50,
+ BUSY = 51,
+ UNAVAILABLE = 52,
+ UNWILLINGTOPERFORM = 53,
+ LOOPDETECT = 54,
+ NAMINGVIOLATION = 64,
+ OBJECTCLASSVIOLATION = 65,
+ NOTALLOWEDONNONLEAF = 66,
+ NOTALLOWEDONRDN = 67,
+ ENTRYALREADYEXISTS = 68,
+ OBJECTCLASSMODSPROHIBITED = 69,
+ OTHER = 80
+} LDAPResultCode;
+
+typedef struct LDAPLocationStruct LDAPLocation;
+typedef struct LDAPCertPairStruct LDAPCertPair;
+typedef struct LDAPSimpleBindStruct LDAPSimpleBind;
+typedef struct LDAPBindAPIStruct LDAPBindAPI;
+typedef struct LDAPBindStruct LDAPBind;
+typedef struct LDAPResultStruct LDAPBindResponse;
+typedef struct LDAPResultStruct LDAPResult;
+typedef struct LDAPSearchResponseAttrStruct LDAPSearchResponseAttr;
+typedef struct LDAPSearchResponseEntryStruct LDAPSearchResponseEntry;
+typedef struct LDAPResultStruct LDAPSearchResponseResult;
+typedef struct LDAPUnbindStruct LDAPUnbind;
+typedef struct LDAPFilterStruct LDAPFilter;
+typedef struct LDAPAndFilterStruct LDAPAndFilter;
+typedef struct LDAPNotFilterStruct LDAPNotFilter;
+typedef struct LDAPSubstringStruct LDAPSubstring;
+typedef struct LDAPSubstringFilterStruct LDAPSubstringFilter;
+typedef struct LDAPPresentFilterStruct LDAPPresentFilter;
+typedef struct LDAPAttributeValueAssertionStruct LDAPAttributeValueAssertion;
+typedef struct LDAPNameComponentStruct LDAPNameComponent;
+typedef struct LDAPRequestParamsStruct LDAPRequestParams;
+typedef struct LDAPSearchStruct LDAPSearch;
+typedef struct LDAPAbandonRequestStruct LDAPAbandonRequest;
+typedef struct protocolOpStruct LDAPProtocolOp;
+typedef struct LDAPMessageStruct LDAPMessage;
+typedef LDAPAndFilter LDAPOrFilter;
+typedef LDAPAttributeValueAssertion LDAPEqualFilter;
+typedef LDAPAttributeValueAssertion LDAPGreaterOrEqualFilter;
+typedef LDAPAttributeValueAssertion LDAPLessOrEqualFilter;
+typedef LDAPAttributeValueAssertion LDAPApproxMatchFilter;
+
+struct LDAPLocationStruct {
+ PLArenaPool *arena;
+ void *serverSite;
+ void **filterString;
+ void **attrBitString;
+};
+
+struct LDAPCertPairStruct {
+ SECItem forward;
+ SECItem reverse;
+};
+
+struct LDAPSimpleBindStruct {
+ char *bindName;
+ char *authentication;
+};
+
+struct LDAPBindAPIStruct {
+ AuthType selector;
+ union {
+ LDAPSimpleBind simple;
+ } chooser;
+};
+
+struct LDAPBindStruct {
+ SECItem version;
+ SECItem bindName;
+ SECItem authentication;
+};
+
+struct LDAPResultStruct {
+ SECItem resultCode;
+ SECItem matchedDN;
+ SECItem errorMessage;
+};
+
+struct LDAPSearchResponseAttrStruct {
+ SECItem attrType;
+ SECItem **val;
+};
+
+struct LDAPSearchResponseEntryStruct {
+ SECItem objectName;
+ LDAPSearchResponseAttr **attributes;
+};
+
+struct LDAPUnbindStruct {
+ SECItem dummy;
+};
+
+struct LDAPAndFilterStruct {
+ LDAPFilter **filters;
+};
+
+struct LDAPNotFilterStruct {
+ LDAPFilter *filter;
+};
+
+struct LDAPSubstringStruct {
+ LDAPSubstringFilterType selector;
+ SECItem item;
+};
+
+struct LDAPSubstringFilterStruct {
+ SECItem attrType;
+ LDAPSubstring *strings;
+};
+
+struct LDAPPresentFilterStruct {
+ SECItem attrType;
+};
+
+struct LDAPAttributeValueAssertionStruct {
+ SECItem attrType;
+ SECItem attrValue;
+};
+
+struct LDAPFilterStruct {
+ LDAPFilterType selector;
+ union {
+ LDAPAndFilter andFilter;
+ LDAPOrFilter orFilter;
+ LDAPNotFilter notFilter;
+ LDAPEqualFilter equalFilter;
+ LDAPSubstringFilter substringFilter;
+ LDAPGreaterOrEqualFilter greaterOrEqualFilter;
+ LDAPLessOrEqualFilter lessOrEqualFilter;
+ LDAPPresentFilter presentFilter;
+ LDAPApproxMatchFilter approxMatchFilter;
+ } filter;
+};
+
+struct LDAPNameComponentStruct {
+ unsigned char *attrType;
+ unsigned char *attrValue;
+};
+
+struct LDAPRequestParamsStruct {
+ char *baseObject; /* e.g. "c=US" */
+ ScopeType scope;
+ DerefType derefAliases;
+ PKIX_UInt32 sizeLimit; /* 0 = no limit */
+ PRIntervalTime timeLimit; /* 0 = no limit */
+ LDAPNameComponent **nc; /* e.g. {{"cn","xxx"},{"o","yyy"},NULL} */
+ LdapAttrMask attributes;
+};
+
+struct LDAPSearchStruct {
+ SECItem baseObject;
+ SECItem scope;
+ SECItem derefAliases;
+ SECItem sizeLimit;
+ SECItem timeLimit;
+ SECItem attrsOnly;
+ LDAPFilter filter;
+ SECItem **attributes;
+};
+
+struct LDAPAbandonRequestStruct {
+ SECItem messageID;
+};
+
+struct protocolOpStruct {
+ LDAPMessageType selector;
+ union {
+ LDAPBind bindMsg;
+ LDAPBindResponse bindResponseMsg;
+ LDAPUnbind unbindMsg;
+ LDAPSearch searchMsg;
+ LDAPSearchResponseEntry searchResponseEntryMsg;
+ LDAPSearchResponseResult searchResponseResultMsg;
+ LDAPAbandonRequest abandonRequestMsg;
+ } op;
+};
+
+struct LDAPMessageStruct {
+ SECItem messageID;
+ LDAPProtocolOp protocolOp;
+};
+
+typedef struct PKIX_PL_LdapClientStruct PKIX_PL_LdapClient;
+
+typedef PKIX_Error *
+(*PKIX_PL_LdapClient_InitiateFcn)(
+ PKIX_PL_LdapClient *client,
+ LDAPRequestParams *requestParams,
+ void **pNBIO,
+ PKIX_List **pResponse,
+ void *plContext);
+
+typedef PKIX_Error *
+(*PKIX_PL_LdapClient_ResumeFcn)(
+ PKIX_PL_LdapClient *client,
+ void **pNBIO,
+ PKIX_List **pResponse,
+ void *plContext);
+
+struct PKIX_PL_LdapClientStruct {
+ PKIX_PL_LdapClient_InitiateFcn initiateFcn;
+ PKIX_PL_LdapClient_ResumeFcn resumeFcn;
+};
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaptemplates.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaptemplates.c
new file mode 100644
index 000000000..ecb681929
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldaptemplates.c
@@ -0,0 +1,417 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkix_pl_ldapt.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_NullTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+
+/*
+ * CertificatePair ::= SEQUENCE {
+ * forward [0] Certificate OPTIONAL,
+ * reverse [1] Certificate OPTIONAL
+ * -- at least one of the pair shall be present --
+ * }
+ */
+
+const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(LDAPCertPair) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | 0,
+ offsetof(LDAPCertPair, forward), SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | 1,
+ offsetof(LDAPCertPair, reverse), SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+/*
+ * BindRequest ::=
+ * [APPLICATION 0] SEQUENCE {
+ * version INTEGER (1..127),
+ * name LDAPDN,
+ * authentication CHOICE {
+ * simple [0] OCTET STRING,
+ * krbv42LDAP [1] OCTET STRING,
+ * krbv42DSA [2] OCTET STRING
+ * }
+ * }
+ *
+ * LDAPDN ::= LDAPString
+ *
+ * LDAPString ::= OCTET STRING
+ */
+
+#define LDAPStringTemplate SEC_ASN1_SUB(SEC_OctetStringTemplate)
+
+static const SEC_ASN1Template LDAPBindApplTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL },
+ { SEC_ASN1_INTEGER, offsetof(LDAPBind, version) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPBind, bindName) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPBind, authentication) },
+ { 0 }
+};
+
+static const SEC_ASN1Template LDAPBindTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_BIND_TYPE, 0,
+ LDAPBindApplTemplate, sizeof (LDAPBind) }
+};
+
+/*
+ * BindResponse ::= [APPLICATION 1] LDAPResult
+ *
+ * LDAPResult ::=
+ * SEQUENCE {
+ * resultCode ENUMERATED {
+ * success (0),
+ * operationsError (1),
+ * protocolError (2),
+ * timeLimitExceeded (3),
+ * sizeLimitExceeded (4),
+ * compareFalse (5),
+ * compareTrue (6),
+ * authMethodNotSupported (7),
+ * strongAuthRequired (8),
+ * noSuchAttribute (16),
+ * undefinedAttributeType (17),
+ * inappropriateMatching (18),
+ * constraintViolation (19),
+ * attributeOrValueExists (20),
+ * invalidAttributeSyntax (21),
+ * noSuchObject (32),
+ * aliasProblem (33),
+ * invalidDNSyntax (34),
+ * isLeaf (35),
+ * aliasDereferencingProblem (36),
+ * inappropriateAuthentication (48),
+ * invalidCredentials (49),
+ * insufficientAccessRights (50),
+ * busy (51),
+ * unavailable (52),
+ * unwillingToPerform (53),
+ * loopDetect (54),
+ * namingViolation (64),
+ * objectClassViolation (65),
+ * notAllowedOnNonLeaf (66),
+ * notAllowedOnRDN (67),
+ * entryAlreadyExists (68),
+ * objectClassModsProhibited (69),
+ * other (80)
+ * },
+ * matchedDN LDAPDN,
+ * errorMessage LDAPString
+ * }
+ */
+
+static const SEC_ASN1Template LDAPResultTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL },
+ { SEC_ASN1_ENUMERATED, offsetof(LDAPResult, resultCode) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPResult, matchedDN) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPResult, errorMessage) },
+ { 0 }
+};
+
+static const SEC_ASN1Template LDAPBindResponseTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_BINDRESPONSE_TYPE, 0,
+ LDAPResultTemplate, sizeof (LDAPBindResponse) }
+};
+
+/*
+ * UnbindRequest ::= [APPLICATION 2] NULL
+ */
+
+static const SEC_ASN1Template LDAPUnbindTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | SEC_ASN1_XTRN |
+ LDAP_UNBIND_TYPE , 0, SEC_ASN1_SUB(SEC_NullTemplate) }
+};
+
+/*
+ * AttributeValueAssertion ::=
+ * SEQUENCE {
+ * attributeType AttributeType,
+ * attributeValue AttributeValue,
+ * }
+ *
+ * AttributeType ::= LDAPString
+ * -- text name of the attribute, or dotted
+ * -- OID representation
+ *
+ * AttributeValue ::= OCTET STRING
+ */
+
+#define LDAPAttributeTypeTemplate LDAPStringTemplate
+
+/*
+ * SubstringFilter ::=
+ * SEQUENCE {
+ * type AttributeType,
+ * SEQUENCE OF CHOICE {
+ * initial [0] LDAPString,
+ * any [1] LDAPString,
+ * final [2] LDAPString,
+ * }
+ * }
+ */
+
+#define LDAPSubstringFilterInitialTemplate LDAPStringTemplate
+#define LDAPSubstringFilterAnyTemplate LDAPStringTemplate
+#define LDAPSubstringFilterFinalTemplate LDAPStringTemplate
+
+static const SEC_ASN1Template LDAPSubstringFilterChoiceTemplate[] = {
+ { SEC_ASN1_CHOICE, offsetof(LDAPSubstring, selector), 0,
+ sizeof (LDAPFilter) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(LDAPSubstring, item),
+ LDAPSubstringFilterInitialTemplate,
+ LDAP_INITIALSUBSTRING_TYPE },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(LDAPSubstring, item),
+ LDAPSubstringFilterAnyTemplate,
+ LDAP_ANYSUBSTRING_TYPE },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
+ offsetof(LDAPSubstring, item),
+ LDAPSubstringFilterFinalTemplate,
+ LDAP_FINALSUBSTRING_TYPE },
+ { 0 }
+};
+
+/*
+ * Filter ::=
+ * CHOICE {
+ * and [0] SET OF Filter,
+ * or [1] SET OF Filter,
+ * not [2] Filter,
+ * equalityMatch [3] AttributeValueAssertion,
+ * substrings [4] SubstringFilter,
+ * greaterOrEqual [5] AttributeValueAssertion,
+ * lessOrEqual [6] AttributeValueAssertion,
+ * present [7] AttributeType,
+ * approxMatch [8] AttributeValueAssertion
+ }
+ */
+
+static const SEC_ASN1Template LDAPSubstringFilterTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (LDAPSubstringFilter) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPSubstringFilter, attrType) },
+ { SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSubstringFilter, strings),
+ LDAPSubstringFilterChoiceTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template LDAPFilterTemplate[]; /* forward reference */
+
+static const SEC_ASN1Template LDAPSetOfFiltersTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, LDAPFilterTemplate }
+};
+
+static const SEC_ASN1Template LDAPAVAFilterTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (LDAPAttributeValueAssertion) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPAttributeValueAssertion, attrType) },
+ { SEC_ASN1_OCTET_STRING, offsetof(LDAPAttributeValueAssertion, attrValue) },
+ { 0 }
+};
+
+static const SEC_ASN1Template LDAPPresentFilterTemplate[] = {
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPPresentFilter, attrType) }
+};
+
+#define LDAPEqualFilterTemplate LDAPAVAFilterTemplate
+#define LDAPGreaterOrEqualFilterTemplate LDAPAVAFilterTemplate
+#define LDAPLessOrEqualFilterTemplate LDAPAVAFilterTemplate
+#define LDAPApproxMatchFilterTemplate LDAPAVAFilterTemplate
+
+const SEC_ASN1Template LDAPFilterTemplate[] = {
+ { SEC_ASN1_CHOICE, offsetof(LDAPFilter, selector), 0, sizeof(LDAPFilter) },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_ANDFILTER_TYPE,
+ offsetof(LDAPFilter, filter.andFilter.filters),
+ LDAPSetOfFiltersTemplate, LDAP_ANDFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_ORFILTER_TYPE,
+ offsetof(LDAPFilter, filter.orFilter.filters),
+ LDAPSetOfFiltersTemplate, LDAP_ORFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_NOTFILTER_TYPE | SEC_ASN1_POINTER,
+ offsetof(LDAPFilter, filter.notFilter),
+ LDAPFilterTemplate, LDAP_NOTFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_EQUALFILTER_TYPE,
+ offsetof(LDAPFilter, filter.equalFilter),
+ LDAPEqualFilterTemplate, LDAP_EQUALFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_SUBSTRINGFILTER_TYPE, offsetof(LDAPFilter, filter.substringFilter),
+ LDAPSubstringFilterTemplate, LDAP_SUBSTRINGFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_GREATEROREQUALFILTER_TYPE,
+ offsetof(LDAPFilter, filter.greaterOrEqualFilter),
+ LDAPGreaterOrEqualFilterTemplate, LDAP_GREATEROREQUALFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_LESSOREQUALFILTER_TYPE,
+ offsetof(LDAPFilter, filter.lessOrEqualFilter),
+ LDAPLessOrEqualFilterTemplate, LDAP_LESSOREQUALFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_PRESENTFILTER_TYPE,
+ offsetof(LDAPFilter, filter.presentFilter),
+ LDAPPresentFilterTemplate, LDAP_PRESENTFILTER_TYPE },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ LDAP_APPROXMATCHFILTER_TYPE,
+ offsetof(LDAPFilter, filter.approxMatchFilter),
+ LDAPApproxMatchFilterTemplate, LDAP_APPROXMATCHFILTER_TYPE },
+ { 0 }
+};
+
+/*
+ * SearchRequest ::=
+ * [APPLICATION 3] SEQUENCE {
+ * baseObject LDAPDN,
+ * scope ENUMERATED {
+ * baseObject (0),
+ * singleLevel (1),
+ * wholeSubtree (2)
+ * },
+ * derefAliases ENUMERATED {
+ * neverDerefAliases (0),
+ * derefInSearching (1),
+ * derefFindingBaseObj (2),
+ * alwaysDerefAliases (3)
+ * },
+ * sizeLimit INTEGER (0 .. MAXINT),
+ * -- value of 0 implies no sizeLimit
+ * timeLimit INTEGER (0 .. MAXINT),
+ * -- value of 0 implies no timeLimit
+ * attrsOnly BOOLEAN,
+ * -- TRUE, if only attributes (without values)
+ * -- to be returned
+ * filter Filter,
+ * attributes SEQUENCE OF AttributeType
+ * }
+ */
+
+static const SEC_ASN1Template LDAPAttributeTemplate[] = {
+ { SEC_ASN1_LDAP_STRING, 0, NULL, sizeof (SECItem) }
+};
+
+static const SEC_ASN1Template LDAPSearchApplTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPSearch, baseObject) },
+ { SEC_ASN1_ENUMERATED, offsetof(LDAPSearch, scope) },
+ { SEC_ASN1_ENUMERATED, offsetof(LDAPSearch, derefAliases) },
+ { SEC_ASN1_INTEGER, offsetof(LDAPSearch, sizeLimit) },
+ { SEC_ASN1_INTEGER, offsetof(LDAPSearch, timeLimit) },
+ { SEC_ASN1_BOOLEAN, offsetof(LDAPSearch, attrsOnly) },
+ { SEC_ASN1_INLINE, offsetof(LDAPSearch, filter), LDAPFilterTemplate },
+ { SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSearch, attributes), LDAPAttributeTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template LDAPSearchTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_SEARCH_TYPE, 0,
+ LDAPSearchApplTemplate, sizeof (LDAPSearch) }
+};
+
+/*
+ * SearchResponse ::=
+ * CHOICE {
+ * entry [APPLICATION 4] SEQUENCE {
+ * objectName LDAPDN,
+ * attributes SEQUENCE OF SEQUENCE {
+ * AttributeType,
+ * SET OF AttributeValue
+ * }
+ * }
+ * resultCode [APPLICATION 5] LDAPResult
+ * }
+ */
+
+static const SEC_ASN1Template LDAPSearchResponseAttrTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(LDAPSearchResponseAttr) },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPSearchResponseAttr, attrType) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(LDAPSearchResponseAttr, val),
+ LDAPStringTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template LDAPEntryTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL },
+ { SEC_ASN1_LDAP_STRING, offsetof(LDAPSearchResponseEntry, objectName) },
+ { SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSearchResponseEntry, attributes),
+ LDAPSearchResponseAttrTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template LDAPSearchResponseEntryTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_SEARCHRESPONSEENTRY_TYPE, 0,
+ LDAPEntryTemplate, sizeof (LDAPSearchResponseEntry) }
+};
+
+static const SEC_ASN1Template LDAPSearchResponseResultTemplate[] = {
+ { SEC_ASN1_APPLICATION | LDAP_SEARCHRESPONSERESULT_TYPE, 0,
+ LDAPResultTemplate, sizeof (LDAPSearchResponseResult) }
+};
+
+/*
+ * AbandonRequest ::=
+ * [APPLICATION 16] MessageID
+ */
+
+static const SEC_ASN1Template LDAPAbandonTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(LDAPAbandonRequest, messageID) }
+};
+
+static const SEC_ASN1Template LDAPAbandonRequestTemplate[] = {
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_ABANDONREQUEST_TYPE, 0,
+ LDAPAbandonTemplate, sizeof (LDAPAbandonRequest) }
+};
+
+/*
+ * LDAPMessage ::=
+ * SEQUENCE {
+ * messageID MessageID,
+ * protocolOp CHOICE {
+ * bindRequest BindRequest,
+ * bindResponse BindResponse,
+ * unbindRequest UnbindRequest,
+ * searchRequest SearchRequest,
+ * searchResponse SearchResponse,
+ * abandonRequest AbandonRequest
+ * }
+ * }
+ *
+ * (other choices exist, not shown)
+ *
+ * MessageID ::= INTEGER (0 .. maxInt)
+ */
+
+static const SEC_ASN1Template LDAPMessageProtocolOpTemplate[] = {
+ { SEC_ASN1_CHOICE, offsetof(LDAPProtocolOp, selector), 0, sizeof (LDAPProtocolOp) },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.bindMsg),
+ LDAPBindTemplate, LDAP_BIND_TYPE },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.bindResponseMsg),
+ LDAPBindResponseTemplate, LDAP_BINDRESPONSE_TYPE },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.unbindMsg),
+ LDAPUnbindTemplate, LDAP_UNBIND_TYPE },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchMsg),
+ LDAPSearchTemplate, LDAP_SEARCH_TYPE },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchResponseEntryMsg),
+ LDAPSearchResponseEntryTemplate, LDAP_SEARCHRESPONSEENTRY_TYPE },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchResponseResultMsg),
+ LDAPSearchResponseResultTemplate, LDAP_SEARCHRESPONSERESULT_TYPE },
+ { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.abandonRequestMsg),
+ LDAPAbandonRequestTemplate, LDAP_ABANDONREQUEST_TYPE },
+ { 0 }
+};
+
+const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL },
+ { SEC_ASN1_INTEGER, offsetof(LDAPMessage, messageID) },
+ { SEC_ASN1_INLINE, offsetof(LDAPMessage, protocolOp),
+ LDAPMessageProtocolOpTemplate },
+ { 0 }
+};
+
+/* This function simply returns the address of the message template.
+ * This is necessary for Windows DLLs.
+ */
+SEC_ASN1_CHOOSER_IMPLEMENT(PKIX_PL_LDAPMessageTemplate)
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c
new file mode 100755
index 000000000..171427558
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c
@@ -0,0 +1,319 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_nsscontext.c
+ *
+ * NSSContext Function Definitions
+ *
+ */
+
+
+#include "pkix_pl_nsscontext.h"
+
+#define PKIX_DEFAULT_MAX_RESPONSE_LENGTH 64 * 1024
+#define PKIX_DEFAULT_COMM_TIMEOUT_SECONDS 60
+
+#define PKIX_DEFAULT_CRL_RELOAD_DELAY_SECONDS 6 * 24 * 60 * 60
+#define PKIX_DEFAULT_BAD_CRL_RELOAD_DELAY_SECONDS 60 * 60
+
+/* --Public-NSSContext-Functions--------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_Create
+ * (see comments in pkix_samples_modules.h)
+ */
+PKIX_Error *
+PKIX_PL_NssContext_Create(
+ PKIX_UInt32 certificateUsage,
+ PKIX_Boolean useNssArena,
+ void *wincx,
+ void **pNssContext)
+{
+ PKIX_PL_NssContext *context = NULL;
+ PLArenaPool *arena = NULL;
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_Create");
+ PKIX_NULLCHECK_ONE(pNssContext);
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (sizeof(PKIX_PL_NssContext), (void **)&context, NULL),
+ PKIX_MALLOCFAILED);
+
+ if (useNssArena == PKIX_TRUE) {
+ PKIX_CONTEXT_DEBUG("\t\tCalling PORT_NewArena\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ }
+
+ context->arena = arena;
+ context->certificateUsage = (SECCertificateUsage)certificateUsage;
+ context->wincx = wincx;
+ context->timeoutSeconds = PKIX_DEFAULT_COMM_TIMEOUT_SECONDS;
+ context->maxResponseLength = PKIX_DEFAULT_MAX_RESPONSE_LENGTH;
+ context->crlReloadDelay = PKIX_DEFAULT_CRL_RELOAD_DELAY_SECONDS;
+ context->badDerCrlReloadDelay =
+ PKIX_DEFAULT_BAD_CRL_RELOAD_DELAY_SECONDS;
+ context->chainVerifyCallback.isChainValid = NULL;
+ context->chainVerifyCallback.isChainValidArg = NULL;
+ *pNssContext = context;
+
+cleanup:
+
+ PKIX_RETURN(CONTEXT);
+}
+
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_Destroy
+ * (see comments in pkix_samples_modules.h)
+ */
+PKIX_Error *
+PKIX_PL_NssContext_Destroy(
+ void *nssContext)
+{
+ void *plContext = NULL;
+ PKIX_PL_NssContext *context = NULL;
+
+ PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_Destroy");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ context = (PKIX_PL_NssContext*)nssContext;
+
+ if (context->arena != NULL) {
+ PKIX_CONTEXT_DEBUG("\t\tCalling PORT_FreeArena\n");
+ PORT_FreeArena(context->arena, PKIX_FALSE);
+ }
+
+ PKIX_PL_Free(nssContext, NULL);
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_NssContext_GetCertUsage
+ * DESCRIPTION:
+ *
+ * This function obtains the platform-dependent SECCertificateUsage parameter
+ * from the context object pointed to by "nssContext", storing the result at
+ * "pCertUsage".
+ *
+ * PARAMETERS:
+ * "nssContext"
+ * The address of the context object whose wincx parameter is to be
+ * obtained. Must be non-NULL.
+ * "pCertUsage"
+ * The address where the result is stored. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_NssContext_GetCertUsage(
+ PKIX_PL_NssContext *nssContext,
+ SECCertificateUsage *pCertUsage)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_GetCertUsage");
+ PKIX_NULLCHECK_TWO(nssContext, pCertUsage);
+
+ *pCertUsage = nssContext->certificateUsage;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_NssContext_SetCertUsage
+ * DESCRIPTION:
+ *
+ * This function sets the platform-dependent SECCertificateUsage parameter in
+ * the context object pointed to by "nssContext" to the value provided in
+ * "certUsage".
+ *
+ * PARAMETERS:
+ * "certUsage"
+ * Platform-dependent value to be stored.
+ * "nssContext"
+ * The address of the context object whose wincx parameter is to be
+ * obtained. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_NssContext_SetCertUsage(
+ SECCertificateUsage certUsage,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_SetCertUsage");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->certificateUsage = certUsage;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_NssContext_GetWincx
+ * DESCRIPTION:
+ *
+ * This function obtains the platform-dependent wincx parameter from the
+ * context object pointed to by "nssContext", storing the result at "pWincx".
+ *
+ * PARAMETERS:
+ * "nssContext"
+ * The address of the context object whose wincx parameter is to be
+ * obtained. Must be non-NULL.
+ * "pWincx"
+ * The address where the result is stored. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_NssContext_GetWincx(
+ PKIX_PL_NssContext *nssContext,
+ void **pWincx)
+{
+ void *plContext = NULL;
+ PKIX_PL_NssContext *context = NULL;
+
+ PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_GetWincx");
+ PKIX_NULLCHECK_TWO(nssContext, pWincx);
+
+ context = (PKIX_PL_NssContext *)nssContext;
+
+ *pWincx = context->wincx;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_NssContext_SetWincx
+ * DESCRIPTION:
+ *
+ * This function sets the platform-dependent wincx parameter in the context
+ * object pointed to by "nssContext" to the value provided in "wincx".
+ *
+ * PARAMETERS:
+ * "wincx"
+ * Platform-dependent value to be stored.
+ * "nssContext"
+ * The address of the context object whose wincx parameter is to be
+ * obtained. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_NssContext_SetWincx(
+ void *wincx,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_SetWincx");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->wincx = wincx;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetTimeout
+ * DESCRIPTION:
+ *
+ * Sets user defined socket timeout for the validation
+ * session. Default is 60 seconds.
+ *
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetTimeout(PKIX_UInt32 timeout,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetTimeout");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->timeoutSeconds = timeout;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetMaxResponseLen
+ * DESCRIPTION:
+ *
+ * Sets user defined maximum transmission length of a message.
+ *
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetMaxResponseLen(PKIX_UInt32 len,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetMaxResponseLen");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->maxResponseLength = len;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetCrlReloadDelay
+ * DESCRIPTION:
+ *
+ * Sets user defined delay between attempts to load crl using
+ * CRLDP.
+ *
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetCrlReloadDelay(PKIX_UInt32 delay,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetCrlReloadDelay");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->crlReloadDelay = delay;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_NssContext_SetBadDerCrlReloadDelay
+ * DESCRIPTION:
+ *
+ * Sets user defined delay between attempts to load crl that
+ * failed to decode.
+ *
+ */
+PKIX_Error *
+PKIX_PL_NssContext_SetBadDerCrlReloadDelay(PKIX_UInt32 delay,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "PKIX_PL_NssContext_SetBadDerCrlReloadDelay");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->badDerCrlReloadDelay = delay;
+
+ PKIX_RETURN(CONTEXT);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h
new file mode 100755
index 000000000..04441c2b2
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h
@@ -0,0 +1,52 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_nsscontext.h
+ *
+ * NSSContext Object Type Definition
+ *
+ */
+
+
+#ifndef _PKIX_PL_NSSCONTEXT_H
+#define _PKIX_PL_NSSCONTEXT_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_NssContextStruct {
+ SECCertificateUsage certificateUsage;
+ PLArenaPool *arena;
+ void *wincx;
+ PKIX_UInt32 timeoutSeconds;
+ PKIX_UInt32 maxResponseLength;
+ PRTime crlReloadDelay;
+ PRTime badDerCrlReloadDelay;
+ CERTChainVerifyCallback chainVerifyCallback;
+};
+
+PKIX_Error *
+pkix_pl_NssContext_GetCertUsage
+ (PKIX_PL_NssContext *nssContext, SECCertificateUsage *pCertUsage);
+
+/* XXX move the setter into the public header. */
+PKIX_Error *
+pkix_pl_NssContext_SetCertUsage
+ (SECCertificateUsage certUsage, PKIX_PL_NssContext *nssContext);
+
+PKIX_Error *
+pkix_pl_NssContext_GetWincx(PKIX_PL_NssContext *nssContext, void **pWincx);
+
+/* XXX move the setter into the public header. */
+PKIX_Error *
+pkix_pl_NssContext_SetWincx(void *wincx, PKIX_PL_NssContext *nssContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_NSSCONTEXT_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c
new file mode 100755
index 000000000..7de614ea6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c
@@ -0,0 +1,1039 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_pk11certstore.c
+ *
+ * PKCS11CertStore Function Definitions
+ *
+ */
+
+#include "pkix_pl_pk11certstore.h"
+
+/*
+ * PKIX_DEFAULT_MAX_RESPONSE_LENGTH (64 * 1024) is too small for downloading
+ * CRLs. We observed CRLs of sizes 338759 and 439035 in practice. So we
+ * need to use a higher max response length for CRLs.
+ */
+#define PKIX_DEFAULT_MAX_CRL_RESPONSE_LENGTH (512 * 1024)
+
+/* --Private-Pk11CertStore-Functions---------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_CheckTrust
+ * DESCRIPTION:
+ * This function checks the trust status of this "cert" that was retrieved
+ * from the CertStore "store" and returns its trust status at "pTrusted".
+ *
+ * PARAMETERS:
+ * "store"
+ * Address of the CertStore. Must be non-NULL.
+ * "cert"
+ * Address of the Cert. Must be non-NULL.
+ * "pTrusted"
+ * Address of PKIX_Boolean where the "cert" trust status is returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Pk11CertStore_CheckTrust(
+ PKIX_CertStore *store,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pTrusted,
+ void *plContext)
+{
+ SECStatus rv = SECFailure;
+ PKIX_Boolean trusted = PKIX_FALSE;
+ SECCertUsage certUsage = 0;
+ SECCertificateUsage certificateUsage;
+ unsigned int requiredFlags;
+ SECTrustType trustType;
+ CERTCertTrust trust;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_CheckTrust");
+ PKIX_NULLCHECK_THREE(store, cert, pTrusted);
+ PKIX_NULLCHECK_ONE(cert->nssCert);
+
+ certificateUsage = ((PKIX_PL_NssContext*)plContext)->certificateUsage;
+
+ /* ensure we obtained a single usage bit only */
+ PORT_Assert(!(certificateUsage & (certificateUsage - 1)));
+
+ /* convert SECertificateUsage (bit mask) to SECCertUsage (enum) */
+ while (0 != (certificateUsage = certificateUsage >> 1)) { certUsage++; }
+
+ rv = CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags, &trustType);
+ if (rv == SECSuccess) {
+ rv = CERT_GetCertTrust(cert->nssCert, &trust);
+ }
+
+ if (rv == SECSuccess) {
+ unsigned int certFlags;
+
+ if (certUsage != certUsageAnyCA &&
+ certUsage != certUsageStatusResponder) {
+ CERTCertificate *nssCert = cert->nssCert;
+
+ if (certUsage == certUsageVerifyCA) {
+ if (nssCert->nsCertType & NS_CERT_TYPE_EMAIL_CA) {
+ trustType = trustEmail;
+ } else if (nssCert->nsCertType & NS_CERT_TYPE_SSL_CA) {
+ trustType = trustSSL;
+ } else {
+ trustType = trustObjectSigning;
+ }
+ }
+
+ certFlags = SEC_GET_TRUST_FLAGS((&trust), trustType);
+ if ((certFlags & requiredFlags) == requiredFlags) {
+ trusted = PKIX_TRUE;
+ }
+ } else {
+ for (trustType = trustSSL; trustType < trustTypeNone;
+ trustType++) {
+ certFlags =
+ SEC_GET_TRUST_FLAGS((&trust), trustType);
+ if ((certFlags & requiredFlags) == requiredFlags) {
+ trusted = PKIX_TRUE;
+ break;
+ }
+ }
+ }
+ }
+
+ *pTrusted = trusted;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_CertQuery
+ * DESCRIPTION:
+ *
+ * This function obtains from the database the Certs specified by the
+ * ComCertSelParams pointed to by "params" and stores the resulting
+ * List at "pSelected". If no matching Certs are found, a NULL pointer
+ * will be stored.
+ *
+ * This function uses a "smart" database query if the Subject has been set
+ * in ComCertSelParams. Otherwise, it uses a very inefficient call to
+ * retrieve all Certs in the database (and run them through the selector).
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of the ComCertSelParams. Must be non-NULL.
+ * "pSelected"
+ * Address at which List will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Pk11CertStore_CertQuery(
+ PKIX_ComCertSelParams *params,
+ PKIX_List **pSelected,
+ void *plContext)
+{
+ PRBool validOnly = PR_FALSE;
+ PRTime prtime = 0;
+ PKIX_PL_X500Name *subjectName = NULL;
+ PKIX_PL_Date *certValid = NULL;
+ PKIX_List *certList = NULL;
+ PKIX_PL_Cert *cert = NULL;
+ CERTCertList *pk11CertList = NULL;
+ CERTCertListNode *node = NULL;
+ CERTCertificate *nssCert = NULL;
+ CERTCertDBHandle *dbHandle = NULL;
+
+ PLArenaPool *arena = NULL;
+ SECItem *nameItem = NULL;
+ void *wincx = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_CertQuery");
+ PKIX_NULLCHECK_TWO(params, pSelected);
+
+ /* avoid multiple calls to retrieve a constant */
+ PKIX_PL_NSSCALLRV(CERTSTORE, dbHandle, CERT_GetDefaultCertDB, ());
+
+ /*
+ * Any of the ComCertSelParams may be obtained and used to constrain
+ * the database query, to allow the use of a "smart" query. See
+ * pkix_certsel.h for a list of the PKIX_ComCertSelParams_Get*
+ * calls available. No corresponding "smart" queries exist at present,
+ * except for CERT_CreateSubjectCertList based on Subject. When others
+ * are added, corresponding code should be added to
+ * pkix_pl_Pk11CertStore_CertQuery to use them when appropriate
+ * selector parameters have been set.
+ */
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetSubject
+ (params, &subjectName, plContext),
+ PKIX_COMCERTSELPARAMSGETSUBJECTFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_GetCertificateValid
+ (params, &certValid, plContext),
+ PKIX_COMCERTSELPARAMSGETCERTIFICATEVALIDFAILED);
+
+ /* If caller specified a Date, convert it to PRTime */
+ if (certValid) {
+ PKIX_CHECK(pkix_pl_Date_GetPRTime
+ (certValid, &prtime, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ validOnly = PR_TRUE;
+ }
+
+ /*
+ * If we have the subject name for the desired subject,
+ * ask the database for Certs with that subject. Otherwise
+ * ask the database for all Certs.
+ */
+ if (subjectName) {
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena) {
+
+ PKIX_CHECK(pkix_pl_X500Name_GetDERName
+ (subjectName, arena, &nameItem, plContext),
+ PKIX_X500NAMEGETSECNAMEFAILED);
+
+ if (nameItem) {
+
+ PKIX_PL_NSSCALLRV
+ (CERTSTORE,
+ pk11CertList,
+ CERT_CreateSubjectCertList,
+ (NULL, dbHandle, nameItem, prtime, validOnly));
+ }
+ PKIX_PL_NSSCALL
+ (CERTSTORE, PORT_FreeArena, (arena, PR_FALSE));
+ arena = NULL;
+ }
+
+ } else {
+
+ PKIX_CHECK(pkix_pl_NssContext_GetWincx
+ ((PKIX_PL_NssContext *)plContext, &wincx),
+ PKIX_NSSCONTEXTGETWINCXFAILED);
+
+ PKIX_PL_NSSCALLRV
+ (CERTSTORE,
+ pk11CertList,
+ PK11_ListCerts,
+ (PK11CertListAll, wincx));
+ }
+
+ if (pk11CertList) {
+
+ PKIX_CHECK(PKIX_List_Create(&certList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (node = CERT_LIST_HEAD(pk11CertList);
+ !(CERT_LIST_END(node, pk11CertList));
+ node = CERT_LIST_NEXT(node)) {
+
+ PKIX_PL_NSSCALLRV
+ (CERTSTORE,
+ nssCert,
+ CERT_DupCertificate,
+ (node->cert));
+
+ if (!nssCert) {
+ continue; /* just skip bad certs */
+ }
+
+ PKIX_CHECK_ONLY_FATAL(pkix_pl_Cert_CreateWithNSSCert
+ (nssCert, &cert, plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+
+ if (PKIX_ERROR_RECEIVED) {
+ CERT_DestroyCertificate(nssCert);
+ nssCert = NULL;
+ continue; /* just skip bad certs */
+ }
+
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_AppendItem
+ (certList, (PKIX_PL_Object *)cert, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(cert);
+
+ }
+
+ /* Don't throw away the list if one cert was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+ }
+
+ *pSelected = certList;
+ certList = NULL;
+
+cleanup:
+
+ if (pk11CertList) {
+ CERT_DestroyCertList(pk11CertList);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PKIX_DECREF(subjectName);
+ PKIX_DECREF(certValid);
+ PKIX_DECREF(cert);
+ PKIX_DECREF(certList);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_ImportCrl
+ * DESCRIPTION:
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of the ComCRLSelParams. Must be non-NULL.
+ * "pSelected"
+ * Address at which List will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Pk11CertStore_ImportCrl(
+ PKIX_CertStore *store,
+ PKIX_PL_X500Name *issuerName,
+ PKIX_List *crlList,
+ void *plContext)
+{
+ CERTCertDBHandle *certHandle = CERT_GetDefaultCertDB();
+ PKIX_PL_CRL *crl = NULL;
+ SECItem *derCrl = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_ImportCrl");
+ PKIX_NULLCHECK_TWO(store, plContext);
+
+ if (!crlList) {
+ goto cleanup;
+ }
+ while (crlList->length > 0) {
+ PKIX_CHECK(
+ PKIX_List_GetItem(crlList, 0, (PKIX_PL_Object**)&crl,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ /* Delete crl from the list to keep controll of the
+ * last reference. crl need to be destroyed right after
+ * it released the ownership of the crl der. */
+ PKIX_CHECK(
+ PKIX_List_DeleteItem(crlList, 0, plContext),
+ PKIX_LISTDELETEITEMFAILED);
+
+ /* acquire the crlder ownership */
+ pkixErrorResult =
+ PKIX_PL_CRL_ReleaseDerCrl(crl, &derCrl, plContext);
+ PORT_Assert(!pkixErrorResult && derCrl);
+ if (pkixErrorResult || !derCrl) {
+ /* All pkix delivered crls should be able to
+ * release their ders. */
+ PKIX_DECREF(pkixErrorResult);
+ PKIX_DECREF(crl);
+ continue;
+ }
+ cert_CacheCRLByGeneralName(certHandle, derCrl,
+ crl->derGenName);
+ /* Do not check the status. If it is a SECFailure,
+ * derCrl is already destroyed. */
+ derCrl = NULL;
+ PKIX_DECREF(crl);
+ }
+
+cleanup:
+ PKIX_DECREF(crl);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+static PKIX_Error *
+NameCacheHasFetchedCrlInfo(PKIX_PL_Cert *pkixCert,
+ PRTime time,
+ PKIX_Boolean *pHasFetchedCrlInCache,
+ void *plContext)
+{
+ /* Returning true result in this case will mean, that case info
+ * is currect and should used as is. */
+ NamedCRLCache* nameCrlCache = NULL;
+ PKIX_Boolean hasFetchedCrlInCache = PKIX_TRUE;
+ PKIX_List *dpList = NULL;
+ pkix_pl_CrlDp *dp = NULL;
+ PKIX_UInt32 dpIndex = 0;
+ SECStatus rv = SECSuccess;
+ PRTime reloadDelay = 0, badCrlInvalDelay = 0;
+
+ PKIX_ENTER(CERTSTORE, "ChechCacheHasFetchedCrl");
+
+ reloadDelay =
+ ((PKIX_PL_NssContext*)plContext)->crlReloadDelay *
+ PR_USEC_PER_SEC;
+ badCrlInvalDelay =
+ ((PKIX_PL_NssContext*)plContext)->badDerCrlReloadDelay *
+ PR_USEC_PER_SEC;
+ if (!time) {
+ time = PR_Now();
+ }
+ /* If we already download the crl and inserted into the cache, then
+ * there is no need to check for fetched crl. We have what we have. */
+ PKIX_CHECK(
+ PKIX_PL_Cert_GetCrlDp(pkixCert, &dpList, plContext),
+ PKIX_CERTGETCRLDPFAILED);
+ if (dpList && dpList->length) {
+ hasFetchedCrlInCache = PKIX_FALSE;
+ rv = cert_AcquireNamedCRLCache(&nameCrlCache);
+ if (rv != SECSuccess) {
+ PKIX_DECREF(dpList);
+ }
+ } else {
+ /* If no dp then treat it as if we already have
+ * a fetched crl. */
+ PKIX_DECREF(dpList);
+ }
+ for (;!hasFetchedCrlInCache &&
+ dpList && dpIndex < dpList->length;dpIndex++) {
+ SECItem **derDpNames = NULL;
+ pkixErrorResult =
+ PKIX_List_GetItem(dpList, dpIndex, (PKIX_PL_Object **)&dp,
+ plContext);
+ if (pkixErrorResult) {
+ PKIX_DECREF(pkixErrorResult);
+ continue;
+ }
+ if (dp->nssdp->distPointType == generalName) {
+ /* dp can only be created from nssdp. */
+ derDpNames = dp->nssdp->derFullName;
+ }
+ while (derDpNames && *derDpNames != NULL) {
+ NamedCRLCacheEntry* cacheEntry = NULL;
+ const SECItem *derDpName = *derDpNames++;
+ rv = cert_FindCRLByGeneralName(nameCrlCache, derDpName,
+ &cacheEntry);
+ if (rv == SECSuccess && cacheEntry) {
+ if ((cacheEntry->inCRLCache &&
+ (cacheEntry->successfulInsertionTime + reloadDelay > time ||
+ (cacheEntry->dupe &&
+ cacheEntry->lastAttemptTime + reloadDelay > time))) ||
+ (cacheEntry->badDER &&
+ cacheEntry->lastAttemptTime + badCrlInvalDelay > time)) {
+ hasFetchedCrlInCache = PKIX_TRUE;
+ break;
+ }
+ }
+ }
+ PKIX_DECREF(dp);
+ }
+cleanup:
+ *pHasFetchedCrlInCache = hasFetchedCrlInCache;
+ if (nameCrlCache) {
+ cert_ReleaseNamedCRLCache(nameCrlCache);
+ }
+ PKIX_DECREF(dpList);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_CheckCrl
+ * DESCRIPTION:
+ *
+ * PARAMETERS:
+ * "params"
+ * Address of the ComCRLSelParams. Must be non-NULL.
+ * "pSelected"
+ * Address at which List will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertStore Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Pk11CertStore_CheckRevByCrl(
+ PKIX_CertStore *store,
+ PKIX_PL_Cert *pkixCert,
+ PKIX_PL_Cert *pkixIssuer,
+ PKIX_PL_Date *date,
+ PKIX_Boolean crlDownloadDone,
+ CERTCRLEntryReasonCode *pReasonCode,
+ PKIX_RevocationStatus *pStatus,
+ void *plContext)
+{
+ PKIX_RevocationStatus pkixRevStatus = PKIX_RevStatus_NoInfo;
+ CERTRevocationStatus revStatus = certRevocationStatusUnknown;
+ PKIX_Boolean hasFetchedCrlInCache = PKIX_TRUE;
+ CERTCertificate *cert = NULL, *issuer = NULL;
+ SECStatus rv = SECSuccess;
+ void *wincx = NULL;
+ PRTime time = 0;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_CheckRevByCrl");
+ PKIX_NULLCHECK_FOUR(store, pkixCert, pkixIssuer, plContext);
+
+ cert = pkixCert->nssCert;
+ issuer = pkixIssuer->nssCert;
+ if (date) {
+ PKIX_CHECK(
+ pkix_pl_Date_GetPRTime(date, &time, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ }
+ PKIX_CHECK(
+ pkix_pl_NssContext_GetWincx((PKIX_PL_NssContext*)plContext,
+ &wincx),
+ PKIX_NSSCONTEXTGETWINCXFAILED);
+ /* No need to check any cDPs, since partitioned crls are not
+ * supported. If a ds does not point to partitioned crl, then
+ * the crl should be in issuer cache that is unrelated to any
+ * dp. Using NULL as a dp pointer to check it.*/
+ rv = cert_CheckCertRevocationStatus(cert, issuer, NULL,
+ /* Will not validate the signature
+ * on the crl if time is not specified.*/
+ time, wincx, &revStatus, pReasonCode);
+ if (rv == SECFailure) {
+ pkixRevStatus = PKIX_RevStatus_Revoked;
+ goto cleanup;
+ }
+ if (crlDownloadDone) {
+ if (revStatus == certRevocationStatusRevoked) {
+ pkixRevStatus = PKIX_RevStatus_Revoked;
+ } else if (revStatus == certRevocationStatusValid) {
+ pkixRevStatus = PKIX_RevStatus_Success;
+ }
+ } else {
+ pkixErrorResult =
+ NameCacheHasFetchedCrlInfo(pkixCert, time, &hasFetchedCrlInCache,
+ plContext);
+ if (pkixErrorResult) {
+ goto cleanup;
+ }
+ if (revStatus == certRevocationStatusRevoked &&
+ (hasFetchedCrlInCache ||
+ *pReasonCode != crlEntryReasoncertificatedHold)) {
+ pkixRevStatus = PKIX_RevStatus_Revoked;
+ } else if (revStatus == certRevocationStatusValid &&
+ hasFetchedCrlInCache) {
+ pkixRevStatus = PKIX_RevStatus_Success;
+ }
+ }
+cleanup:
+ *pStatus = pkixRevStatus;
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_GetCert
+ * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h)
+ */
+PKIX_Error *
+pkix_pl_Pk11CertStore_GetCert(
+ PKIX_CertStore *store,
+ PKIX_CertSelector *selector,
+ PKIX_VerifyNode *parentVerifyNode,
+ void **pNBIOContext,
+ PKIX_List **pCertList,
+ void *plContext)
+{
+ PKIX_UInt32 i = 0;
+ PKIX_UInt32 numFound = 0;
+ PKIX_PL_Cert *candidate = NULL;
+ PKIX_List *selected = NULL;
+ PKIX_List *filtered = NULL;
+ PKIX_CertSelector_MatchCallback selectorCallback = NULL;
+ PKIX_CertStore_CheckTrustCallback trustCallback = NULL;
+ PKIX_ComCertSelParams *params = NULL;
+ PKIX_Boolean cacheFlag = PKIX_FALSE;
+ PKIX_VerifyNode *verifyNode = NULL;
+ PKIX_Error *selectorError = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_GetCert");
+ PKIX_NULLCHECK_FOUR(store, selector, pNBIOContext, pCertList);
+
+ *pNBIOContext = NULL; /* We don't use non-blocking I/O */
+
+ PKIX_CHECK(PKIX_CertSelector_GetMatchCallback
+ (selector, &selectorCallback, plContext),
+ PKIX_CERTSELECTORGETMATCHCALLBACKFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParams
+ (selector, &params, plContext),
+ PKIX_CERTSELECTORGETCOMCERTSELPARAMSFAILED);
+
+ PKIX_CHECK(pkix_pl_Pk11CertStore_CertQuery
+ (params, &selected, plContext),
+ PKIX_PK11CERTSTORECERTQUERYFAILED);
+
+ if (selected) {
+ PKIX_CHECK(PKIX_List_GetLength(selected, &numFound, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+ }
+
+ PKIX_CHECK(PKIX_CertStore_GetCertStoreCacheFlag
+ (store, &cacheFlag, plContext),
+ PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED);
+
+ PKIX_CHECK(PKIX_CertStore_GetTrustCallback
+ (store, &trustCallback, plContext),
+ PKIX_CERTSTOREGETTRUSTCALLBACKFAILED);
+
+ PKIX_CHECK(PKIX_List_Create(&filtered, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ for (i = 0; i < numFound; i++) {
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_GetItem
+ (selected,
+ i,
+ (PKIX_PL_Object **)&candidate,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ if (PKIX_ERROR_RECEIVED) {
+ continue; /* just skip bad certs */
+ }
+
+ selectorError =
+ selectorCallback(selector, candidate, plContext);
+ if (!selectorError) {
+ PKIX_CHECK(PKIX_PL_Cert_SetCacheFlag
+ (candidate, cacheFlag, plContext),
+ PKIX_CERTSETCACHEFLAGFAILED);
+
+ if (trustCallback) {
+ PKIX_CHECK(PKIX_PL_Cert_SetTrustCertStore
+ (candidate, store, plContext),
+ PKIX_CERTSETTRUSTCERTSTOREFAILED);
+ }
+
+ PKIX_CHECK_ONLY_FATAL(PKIX_List_AppendItem
+ (filtered,
+ (PKIX_PL_Object *)candidate,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ } else if (parentVerifyNode) {
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_Create(candidate, 0, selectorError,
+ &verifyNode, plContext),
+ PKIX_VERIFYNODECREATEFAILED);
+ PKIX_CHECK_FATAL(
+ pkix_VerifyNode_AddToTree(parentVerifyNode,
+ verifyNode,
+ plContext),
+ PKIX_VERIFYNODEADDTOTREEFAILED);
+ PKIX_DECREF(verifyNode);
+ }
+ PKIX_DECREF(selectorError);
+ PKIX_DECREF(candidate);
+ }
+
+ /* Don't throw away the list if one cert was bad! */
+ pkixTempErrorReceived = PKIX_FALSE;
+
+ *pCertList = filtered;
+ filtered = NULL;
+
+cleanup:
+fatal:
+ PKIX_DECREF(filtered);
+ PKIX_DECREF(candidate);
+ PKIX_DECREF(selected);
+ PKIX_DECREF(params);
+ PKIX_DECREF(verifyNode);
+ PKIX_DECREF(selectorError);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+static PKIX_Error *
+RemovePartitionedDpsFromList(PKIX_List *dpList, PKIX_PL_Date *date,
+ void *plContext)
+{
+ NamedCRLCache* nameCrlCache = NULL;
+ pkix_pl_CrlDp *dp = NULL;
+ unsigned int dpIndex = 0;
+ PRTime time;
+ PRTime reloadDelay = 0, badCrlInvalDelay = 0;
+ SECStatus rv;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_ListRemovePrtDp");
+
+ if (!dpList || !dpList->length) {
+ PKIX_RETURN(CERTSTORE);
+ }
+ reloadDelay =
+ ((PKIX_PL_NssContext*)plContext)->crlReloadDelay *
+ PR_USEC_PER_SEC;
+ badCrlInvalDelay =
+ ((PKIX_PL_NssContext*)plContext)->badDerCrlReloadDelay *
+ PR_USEC_PER_SEC;
+ PKIX_CHECK(pkix_pl_Date_GetPRTime(date, &time, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ rv = cert_AcquireNamedCRLCache(&nameCrlCache);
+ if (rv == SECFailure) {
+ /* Baling out. Wont find out any thing useful. */
+ PKIX_RETURN(CERTSTORE);
+ }
+ while (dpIndex < dpList->length) {
+ SECItem **derDpNames = NULL;
+ PKIX_Boolean removeDp = PKIX_FALSE;
+
+ PKIX_CHECK(
+ PKIX_List_GetItem(dpList, dpIndex, (PKIX_PL_Object **)&dp,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+ if (!dp->isPartitionedByReasonCode) {
+ /* See if we know about this dp anything why we should
+ * not use it to download a crl. */
+ if (dp->nssdp->distPointType == generalName) {
+ /* dp can only be created from nssdp. */
+ derDpNames = dp->nssdp->derFullName;
+ } else {
+ removeDp = PKIX_TRUE;
+ }
+ while (derDpNames && *derDpNames != NULL) {
+ NamedCRLCacheEntry* cacheEntry = NULL;
+ const SECItem *derDpName = *derDpNames++;
+ /* Removing from the list all dps that we know about. */
+ rv = cert_FindCRLByGeneralName(nameCrlCache, derDpName,
+ &cacheEntry);
+ if (rv && cacheEntry) {
+ if (cacheEntry->unsupported ||
+ (cacheEntry->inCRLCache &&
+ (cacheEntry->successfulInsertionTime + reloadDelay > time ||
+ (cacheEntry->dupe &&
+ cacheEntry->lastAttemptTime + reloadDelay > time))) ||
+ (cacheEntry->badDER &&
+ cacheEntry->lastAttemptTime + badCrlInvalDelay > time)) {
+ removeDp = PKIX_TRUE;
+ }
+ }
+ }
+ } else {
+ /* Remove dp that point to a partitioned crl . RFC 5280
+ * recommends against crl partitioned by reason code.
+ * Will skip such crls */
+ removeDp = PKIX_TRUE;
+ }
+ if (removeDp) {
+ PKIX_CHECK_ONLY_FATAL(
+ pkix_List_Remove(dpList,(PKIX_PL_Object*)dp,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+ } else {
+ dpIndex += 1;
+ }
+ PKIX_DECREF(dp);
+ }
+
+cleanup:
+ if (nameCrlCache) {
+ cert_ReleaseNamedCRLCache(nameCrlCache);
+ }
+ PKIX_DECREF(dp);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_DownloadCrl
+ */
+static PKIX_Error *
+DownloadCrl(pkix_pl_CrlDp *dp, PKIX_PL_CRL **crl,
+ const SEC_HttpClientFcnV1 *hcv1, void *plContext)
+{
+ char *location = NULL;
+ char *hostname = NULL;
+ char *path = NULL;
+ PRUint16 port;
+ SEC_HTTP_SERVER_SESSION pServerSession = NULL;
+ SEC_HTTP_REQUEST_SESSION pRequestSession = NULL;
+ PRUint16 myHttpResponseCode;
+ const char *myHttpResponseData = NULL;
+ PRUint32 myHttpResponseDataLen;
+ SECItem *uri = NULL;
+ SECItem *derCrlCopy = NULL;
+ CERTSignedCrl *nssCrl = NULL;
+ CERTGeneralName *genName = NULL;
+ SECItem **derGenNames = NULL;
+ SECItem *derGenName = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_DownloadCrl");
+
+ /* Do not support dps others than a one with GeneralName
+ * name type. */
+ if (dp->distPointType != generalName ||
+ !dp->nssdp->derFullName) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDCRLDPTYPE);
+ }
+ genName = dp->name.fullName;
+ derGenNames = dp->nssdp->derFullName;
+ do {
+ derGenName = *derGenNames;
+ do {
+ if (!derGenName ||
+ !genName->name.other.data) {
+ /* get to next name if no data. */
+ break;
+ }
+ uri = &genName->name.other;
+ location = (char*)PR_Malloc(1 + uri->len);
+ if (!location) {
+ break;
+ }
+ PORT_Memcpy(location, uri->data, uri->len);
+ location[uri->len] = 0;
+ if (CERT_ParseURL(location, &hostname,
+ &port, &path) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_CRL_DP_URL);
+ break;
+ }
+
+ PORT_Assert(hostname != NULL);
+ PORT_Assert(path != NULL);
+
+ if ((*hcv1->createSessionFcn)(hostname, port,
+ &pServerSession) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_CRL_DP_URL);
+ break;
+ }
+
+ if ((*hcv1->createFcn)(pServerSession, "http", path, "GET",
+ /* Users with slow connections might not get CRL revocation
+ checking for certs that use big CRLs because of the timeout
+ We absolutely need code that limits our retry attempts.
+ */
+ PR_SecondsToInterval(
+ ((PKIX_PL_NssContext*)plContext)->timeoutSeconds),
+ &pRequestSession) != SECSuccess) {
+ break;
+ }
+
+ myHttpResponseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+ if (myHttpResponseDataLen < PKIX_DEFAULT_MAX_CRL_RESPONSE_LENGTH)
+ myHttpResponseDataLen = PKIX_DEFAULT_MAX_CRL_RESPONSE_LENGTH;
+
+ /* We use a non-zero timeout, which means:
+ - the client will use blocking I/O
+ - TryFcn will not return WOULD_BLOCK nor a poll descriptor
+ - it's sufficient to call TryFcn once
+ */
+ /* we don't want result objects larger than this: */
+ if ((*hcv1->trySendAndReceiveFcn)(
+ pRequestSession,
+ NULL,
+ &myHttpResponseCode,
+ NULL,
+ NULL,
+ &myHttpResponseData,
+ &myHttpResponseDataLen) != SECSuccess) {
+ break;
+ }
+
+ if (myHttpResponseCode != 200) {
+ break;
+ }
+ } while(0);
+ if (!myHttpResponseData) {
+ /* Going to the next one. */
+ genName = CERT_GetNextGeneralName(genName);
+ derGenNames++;
+ }
+ /* Staing in the loop through all the names until
+ * we have a successful download. */
+ } while (!myHttpResponseData && *derGenNames &&
+ genName != dp->name.fullName);
+ /* Need this name to track the crl source location. */
+ PORT_Assert(derGenName);
+
+ if (!myHttpResponseData) {
+ /* Generating fake bad CRL to keep track of this dp */
+ SECItem derCrl = {siBuffer, (void*)"BadCrl", 6 };
+
+ derCrlCopy = SECITEM_DupItem(&derCrl);
+ if (!derCrlCopy) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ derGenName = *dp->nssdp->derFullName;
+ } else {
+ SECItem derCrl = { siBuffer,
+ (void*)myHttpResponseData,
+ myHttpResponseDataLen };
+ derCrlCopy = SECITEM_DupItem(&derCrl);
+ if (!derCrlCopy) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ /* crl will be based on derCrlCopy, but will not own the der. */
+ nssCrl =
+ CERT_DecodeDERCrlWithFlags(NULL, derCrlCopy, SEC_CRL_TYPE,
+ CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_SKIP_ENTRIES);
+ }
+ /* pkix crl owns the der. */
+ PKIX_CHECK(
+ pkix_pl_CRL_CreateWithSignedCRL(nssCrl, derCrlCopy,
+ derGenName,
+ crl, plContext),
+ PKIX_CRLCREATEWITHSIGNEDCRLFAILED);
+ /* pkix crl now own both objects. */
+ derCrlCopy = NULL;
+ nssCrl = NULL;
+
+cleanup:
+ if (derCrlCopy)
+ PORT_Free(derCrlCopy);
+ if (nssCrl)
+ SEC_DestroyCrl(nssCrl);
+ if (pRequestSession != NULL)
+ (*hcv1->freeFcn)(pRequestSession);
+ if (pServerSession != NULL)
+ (*hcv1->freeSessionFcn)(pServerSession);
+ if (path != NULL)
+ PORT_Free(path);
+ if (hostname != NULL)
+ PORT_Free(hostname);
+ if (location) {
+ PORT_Free(location);
+ }
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Pk11CertStore_GetCRL
+ * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h)
+ */
+static PKIX_Error *
+pkix_pl_Pk11CertStore_GetCRL(
+ PKIX_CertStore *store,
+ PKIX_CRLSelector *selector,
+ void **pNBIOContext,
+ PKIX_List **pCrlList,
+ void *plContext)
+{
+ PKIX_UInt32 dpIndex = 0;
+ PKIX_PL_CRL *crl = NULL;
+ PKIX_List *crlList = NULL;
+ PKIX_List *dpList = NULL;
+ pkix_pl_CrlDp *dp = NULL;
+ PKIX_PL_Date *date = NULL;
+ const SEC_HttpClientFcn *registeredHttpClient = NULL;
+
+ PKIX_ENTER(CERTSTORE, "pkix_pl_Pk11CertStore_GetCRL");
+ PKIX_NULLCHECK_THREE(store, pNBIOContext, pCrlList);
+ PKIX_NULLCHECK_TWO(selector, selector->params);
+
+ registeredHttpClient = SEC_GetRegisteredHttpClient();
+ if (!registeredHttpClient || registeredHttpClient->version != 1) {
+ goto cleanup;
+ }
+ dpList = selector->params->crldpList;
+ date = selector->params->date;
+ PKIX_CHECK(
+ RemovePartitionedDpsFromList(dpList, date,
+ plContext),
+ PKIX_FAILTOREMOVEDPFROMLIST);
+ for (;dpIndex < dpList->length;dpIndex++) {
+ PKIX_DECREF(dp);
+ pkixErrorResult =
+ PKIX_List_GetItem(dpList, dpIndex,
+ (PKIX_PL_Object **)&dp,
+ plContext);
+ if (pkixErrorResult) {
+ PKIX_DECREF(pkixErrorResult);
+ continue;
+ }
+ pkixErrorResult =
+ DownloadCrl(dp, &crl,
+ &registeredHttpClient->fcnTable.ftable1,
+ plContext);
+ if (pkixErrorResult || !crl) {
+ /* continue to next dp in case of unsuccesfull
+ * download attempt. */
+ PKIX_DECREF(pkixErrorResult);
+ continue;
+ }
+ if (!crlList) {
+ PKIX_CHECK(PKIX_List_Create(&crlList, plContext),
+ PKIX_LISTCREATEFAILED);
+ }
+ pkixErrorResult =
+ PKIX_List_AppendItem(crlList, (PKIX_PL_Object *)crl,
+ plContext);
+ if (pkixErrorResult) {
+ PKIX_DECREF(pkixErrorResult);
+ }
+ PKIX_DECREF(crl);
+ }
+ *pCrlList = crlList;
+ crlList = NULL;
+
+cleanup:
+ PKIX_DECREF(dp);
+ PKIX_DECREF(crl);
+ PKIX_DECREF(crlList);
+
+ PKIX_RETURN(CERTSTORE);
+}
+
+
+/* --Public-Pk11CertStore-Functions----------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_Pk11CertStore_Create
+ * (see comments in pkix_samples_modules.h)
+ */
+PKIX_Error *
+PKIX_PL_Pk11CertStore_Create(
+ PKIX_CertStore **pCertStore,
+ void *plContext)
+{
+ PKIX_CertStore *certStore = NULL;
+
+ PKIX_ENTER(CERTSTORE, "PKIX_PL_Pk11CertStore_Create");
+ PKIX_NULLCHECK_ONE(pCertStore);
+
+ PKIX_CHECK(PKIX_CertStore_Create
+ (pkix_pl_Pk11CertStore_GetCert,
+ pkix_pl_Pk11CertStore_GetCRL,
+ NULL, /* getCertContinue */
+ NULL, /* getCrlContinue */
+ pkix_pl_Pk11CertStore_CheckTrust,
+ pkix_pl_Pk11CertStore_ImportCrl,
+ pkix_pl_Pk11CertStore_CheckRevByCrl,
+ NULL,
+ PKIX_TRUE, /* cache flag */
+ PKIX_TRUE, /* local - no network I/O */
+ &certStore,
+ plContext),
+ PKIX_CERTSTORECREATEFAILED);
+
+ *pCertStore = certStore;
+
+cleanup:
+
+ PKIX_RETURN(CERTSTORE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.h
new file mode 100755
index 000000000..506707683
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.h
@@ -0,0 +1,31 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_pk11certstore.h
+ *
+ * PK11Certstore Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_PK11CERTSTORE_H
+#define _PKIX_PL_PK11CERTSTORE_H
+
+#include "pkix_pl_common.h"
+#include "certi.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* see source file for function documentation */
+PKIX_Error *
+PKIX_PL_Pk11CertStore_Create(
+ PKIX_CertStore **pCertStore,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_PK11CERTSTORE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
new file mode 100644
index 000000000..e8698376b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
@@ -0,0 +1,1695 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_socket.c
+ *
+ * Socket Function Definitions
+ *
+ */
+
+/*
+ * If Socket Tracing is active, messages sent and received will be
+ * timestamped and dumped (to stdout) in standard hex-dump format. E.g.,
+ *
+ * 1116612359156140:
+ * 28F0: 48 65 6C 6C 6F 2C 20 77 6F 72 6C 64 21 00 Hello, world!.
+ *
+ * The timestamp is not formatted to be meaningful except as an increasing
+ * value of seconds.microseconds, which is good enough to correlate two
+ * sides of a message exchange and to figure durations.
+ *
+ * Code to perform Socket tracing will be compiled in if PKIX_SOCKETTRACE
+ * is defined, but that doesn't mean socket tracing is active. Tracing also
+ * requires that the Boolean socketTraceFlag is set to PKIX_TRUE. That is
+ * the default value, but it can be overridden by using the debugger to
+ * change its value -- allowing tracing to be turned on and off at various
+ * breakpoints -- or by setting the environment variable SOCKETTRACE. A
+ * value of 1 sets socketTraceFlag to PKIX_TRUE (tracing on), and any other
+ * value sets socketTraceFlag to PKIX_FALSE (tracing off). The environment
+ * value is checked during system initialization.
+ */
+#ifndef BUILD_OPT
+#define PKIX_SOCKETTRACE 1
+#endif
+
+#ifdef PKIX_SOCKETDEBUG
+#define PKIX_SOCKETTRACE 1
+#endif
+
+#include "pkix_pl_socket.h"
+
+/* --Private-Socket-Functions---------------------------------- */
+
+#ifdef PKIX_SOCKETTRACE
+static PKIX_Boolean socketTraceFlag = PKIX_FALSE;
+
+/*
+ * FUNCTION: pkix_pl_socket_timestamp
+ * DESCRIPTION:
+ *
+ * This functions prints to stdout the time of day, as obtained from the
+ * system function gettimeofday, as seconds.microseconds. Its resolution
+ * is whatever the system call provides.
+ *
+ * PARAMETERS:
+ * none
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static void pkix_pl_socket_timestamp() {
+ PRInt64 prTime;
+ prTime = PR_Now();
+/* We shouldn't use PR_ALTERNATE_INT64_TYPEDEF, but nor can we use PRId64 */
+#if PR_BYTES_PER_LONG == 8 && !defined(PR_ALTERNATE_INT64_TYPEDEF)
+ printf("%ld:\n", prTime);
+#else
+ printf("%lld:\n", prTime);
+#endif
+}
+
+/*
+ * FUNCTION: pkix_pl_socket_hexDigit
+ * DESCRIPTION:
+ *
+ * This functions prints to stdout the byte "byteVal" as two hex digits.
+ *
+ * PARAMETERS:
+ * "byteVal"
+ * The value to be printed.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static void pkix_pl_socket_hexDigit(char byteVal) {
+ int n = 0;
+ char cHi = '\0';
+ char cLow = '\0';
+ n = ((byteVal >> 4) & 0xf);
+ if (n > 9) {
+ cHi = (char) ((n - 10) + 'A');
+ } else {
+ cHi = (char) (n + '0');
+ }
+ n = byteVal & 0xf;
+ if (n > 9) {
+ cLow = (char) ((n - 10) + 'A');
+ } else {
+ cLow = (char) (n + '0');
+ }
+ (void) printf("%c%c", cHi, cLow);
+}
+
+/*
+ * FUNCTION: pkix_pl_socket_linePrefix
+ * DESCRIPTION:
+ *
+ * This functions prints to stdout the address provided by "addr" as four
+ * hexadecimal digits followed by a colon and a space.
+ *
+ * PARAMETERS:
+ * "addr"
+ * The address to be printed
+ * none
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static void pkix_pl_socket_linePrefix(PKIX_UInt32 addr) {
+ pkix_pl_socket_hexDigit((char)((addr >> 8) & 0xff));
+ pkix_pl_socket_hexDigit((char)(addr & 0xff));
+ (void) printf(": ");
+}
+
+/*
+ * FUNCTION: pkix_pl_socket_traceLine
+ * DESCRIPTION:
+ *
+ * This functions prints to stdout the sixteen bytes beginning at the
+ * address pointed to by "ptr". The bytes are printed as sixteen pairs
+ * of hexadecimal characters followed by an ascii interpretation, in which
+ * characters from 0x20 to 0x7d are shown as their ascii equivalents, and
+ * other values are represented as periods.
+ *
+ * PARAMETERS:
+ * "ptr"
+ * The address of the first of the bytes to be printed
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static void pkix_pl_socket_traceLine(char *ptr) {
+ PKIX_UInt32 i = 0;
+ pkix_pl_socket_linePrefix((PKIX_UInt32)((char *)ptr - (char *)NULL));
+ for (i = 0; i < 16; i++) {
+ printf(" ");
+ pkix_pl_socket_hexDigit(ptr[i]);
+ if (i == 7) {
+ printf(" ");
+ }
+ }
+ printf(" ");
+ for (i = 0; i < 16; i++) {
+ if ((ptr[i] < ' ') || (ptr[i] > '}')) {
+ printf(".");
+ } else {
+ printf("%c", ptr[i]);
+ }
+ }
+ printf("\n");
+}
+
+/*
+ * FUNCTION: pkix_pl_socket_tracePartialLine
+ * DESCRIPTION:
+ *
+ * This functions prints to stdout the number of bytes given by "nBytes",
+ * beginning at the address pointed to by "ptr". The bytes are printed as
+ * pairs of hexadecimal characters followed by an ascii interpretation, in
+ * which characters from 0x20 to 0x7d are shown as their ascii equivalents,
+ * and other values are represented as periods.
+ *
+ * PARAMETERS:
+ * "ptr"
+ * The address of the first of the bytes to be printed
+ * "nBytes"
+ * The Int32 value giving the number of bytes to be printed. If "nBytes"
+ * is greater than sixteen, the results will be unattractive.
+ * none
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static void pkix_pl_socket_tracePartialLine(char *ptr, PKIX_UInt32 nBytes) {
+ PKIX_UInt32 i = 0;
+ if (nBytes > 0) {
+ pkix_pl_socket_linePrefix((PKIX_UInt32)((char *)ptr - (char *)NULL));
+ }
+ for (i = 0; i < nBytes; i++) {
+ printf(" ");
+ pkix_pl_socket_hexDigit(ptr[i]);
+ if (i == 7) {
+ printf(" ");
+ }
+ }
+ for (i = nBytes; i < 16; i++) {
+ printf(" ");
+ if (i == 7) {
+ printf(" ");
+ }
+ }
+ printf(" ");
+ for (i = 0; i < nBytes; i++) {
+ if ((ptr[i] < ' ') || (ptr[i] > '}')) {
+ printf(".");
+ } else {
+ printf("%c", ptr[i]);
+ }
+ }
+ printf("\n");
+}
+
+/*
+ * FUNCTION: pkix_pl_socket_tracebuff
+ * DESCRIPTION:
+ *
+ * This functions prints to stdout the number of bytes given by "nBytes",
+ * beginning with the byte pointed to by "buf". The output is preceded by
+ * a timestamp, and each group of sixteen (and a remainder, if any) is
+ * preceded by its address. The contents are shown in hexadecimal and as
+ * ascii characters. If "nBytes" is zero, the timestamp and starting
+ * address are displayed.
+ *
+ * PARAMETERS:
+ * "buf"
+ * The starting address of the bytes to be printed
+ * "nBytes"
+ * The number of bytes to be printed
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+void pkix_pl_socket_tracebuff(void *buf, PKIX_UInt32 nBytes) {
+ PKIX_UInt32 bytesRemaining = nBytes;
+ PKIX_UInt32 offset = 0;
+ char *bufptr = (char *)buf;
+
+ if (socketTraceFlag == PKIX_FALSE) return;
+
+ pkix_pl_socket_timestamp();
+ /*
+ * Special case: if called with length of zero, just do address
+ */
+ if (nBytes == 0) {
+ pkix_pl_socket_linePrefix((PKIX_UInt32)((char *)buf - (char *)NULL));
+ printf("\n");
+ } else {
+ while (bytesRemaining >= 16) {
+ pkix_pl_socket_traceLine(&bufptr[offset]);
+ bytesRemaining -= 16;
+ offset += 16;
+ }
+ pkix_pl_socket_tracePartialLine
+ (&bufptr[offset], bytesRemaining);
+ }
+}
+
+#endif
+
+/*
+ * FUNCTION: pkix_pl_Socket_SetNonBlocking
+ * DESCRIPTION:
+ *
+ * This functions sets the socket represented by the PRFileDesc "fileDesc"
+ * to nonblocking mode.
+ *
+ * PARAMETERS:
+ * "fileDesc"
+ * The address of the PRFileDesc whose I/O mode is to be set
+ * non-blocking. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_SetNonBlocking(
+ PRFileDesc *fileDesc,
+ void *plContext)
+{
+ PRStatus rv = PR_FAILURE;
+ PRSocketOptionData sockOptionData;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_SetNonBlocking");
+ PKIX_NULLCHECK_ONE(fileDesc);
+
+ sockOptionData.option = PR_SockOpt_Nonblocking;
+ sockOptionData.value.non_blocking = PR_TRUE;
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, fileDesc->methods->setsocketoption,
+ (fileDesc, &sockOptionData));
+
+ if (rv != PR_SUCCESS) {
+ PKIX_ERROR(PKIX_UNABLETOSETSOCKETTONONBLOCKING);
+ }
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_CreateClient
+ * DESCRIPTION:
+ *
+ * This functions creates a client socket for the PKIX_PL_Socket pointed to
+ * by "socket". If "socket" was created with a timeout value of zero, the
+ * client socket is set to use nonblocking I/O.
+ *
+ * PARAMETERS:
+ * "socket"
+ * The address of the Socket for which a client socket is to be
+ * created. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+
+static PKIX_Error *
+pkix_pl_Socket_CreateClient(
+ PKIX_PL_Socket *socket,
+ void *plContext)
+{
+#ifdef PKIX_SOCKETDEBUG
+ PRErrorCode errorcode = 0;
+#endif
+ PRFileDesc *mySock = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateClient");
+ PKIX_NULLCHECK_ONE(socket);
+
+ PKIX_PL_NSSCALLRV(SOCKET, mySock, PR_NewTCPSocket, ());
+ if (!mySock) {
+#ifdef PKIX_SOCKETDEBUG
+ errorcode = PR_GetError();
+ printf
+ ("pkix_pl_Socket_CreateClient: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+ }
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Created socket, PRFileDesc @ %#X\n", mySock);
+#endif
+
+ socket->clientSock = mySock;
+ socket->status = SOCKET_UNCONNECTED;
+ if (socket->timeout == 0) {
+ PKIX_CHECK(pkix_pl_Socket_SetNonBlocking(mySock, plContext),
+ PKIX_SOCKETSETNONBLOCKINGFAILED);
+ }
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_CreateServer
+ * DESCRIPTION:
+ *
+ * This functions creates a server socket for the PKIX_PL_Socket pointed to
+ * by "socket". If "socket" was created with a timeout value of zero, the
+ * server socket is set to use nonblocking I/O.
+ *
+ * Warning: there seems to be a problem with operating a server socket in
+ * non-blocking mode. If the server calls Recv prior to a corresponding
+ * Send, the message may be lost.
+ *
+ * PARAMETERS:
+ * "socket"
+ * The address of the Socket for which a server socket is to be
+ * created. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_CreateServer(
+ PKIX_PL_Socket *socket,
+ void *plContext)
+{
+/* #ifdef PKIX_SOCKETDEBUG */
+ PRErrorCode errorcode = 0;
+/* #endif */
+ PRStatus rv = PR_FAILURE;
+ PRFileDesc *serverSock = NULL;
+ PRSocketOptionData sockOptionData;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateServer");
+ PKIX_NULLCHECK_ONE(socket);
+
+ PKIX_PL_NSSCALLRV(SOCKET, serverSock, PR_NewTCPSocket, ());
+ if (!serverSock) {
+#ifdef PKIX_SOCKETDEBUG
+ errorcode = PR_GetError();
+ printf
+ ("pkix_pl_Socket_CreateServer: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+ }
+
+ socket->serverSock = serverSock;
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Created socket, PRFileDesc @ %#X\n", serverSock);
+#endif
+
+ if (socket->timeout == 0) {
+ PKIX_CHECK(pkix_pl_Socket_SetNonBlocking(serverSock, plContext),
+ PKIX_SOCKETSETNONBLOCKINGFAILED);
+ }
+
+ sockOptionData.option = PR_SockOpt_Reuseaddr;
+ sockOptionData.value.reuse_addr = PR_TRUE;
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, serverSock->methods->setsocketoption,
+ (serverSock, &sockOptionData));
+
+ if (rv != PR_SUCCESS) {
+ PKIX_ERROR(PKIX_UNABLETOSETSOCKETTONONBLOCKING);
+ }
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, PR_Bind, (serverSock, socket->netAddr));
+
+ if (rv == PR_FAILURE) {
+/* #ifdef PKIX_SOCKETDEBUG */
+ errorcode = PR_GetError();
+ printf
+ ("pkix_pl_Socket_CreateServer: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+/* #endif */
+ PKIX_ERROR(PKIX_PRBINDFAILED);
+ }
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Successful bind!\n");
+#endif
+
+ socket->status = SOCKET_BOUND;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Connect
+ * DESCRIPTION:
+ *
+ * This functions performs the connect function for the client socket
+ * specified in "socket", storing the status at "pStatus".
+ *
+ * PARAMETERS:
+ * "socket"
+ * The address of the Socket for which a connect is to be performed.
+ * Must be non-NULL.
+ * "pStatus"
+ * The address at which the connection status is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Connect(
+ PKIX_PL_Socket *socket,
+ PRErrorCode *pStatus,
+ void *plContext)
+{
+ PRStatus rv = PR_FAILURE;
+ PRErrorCode errorcode = 0;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Connect");
+ PKIX_NULLCHECK_TWO(socket, socket->clientSock);
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, PR_Connect,
+ (socket->clientSock, socket->netAddr, socket->timeout));
+
+ if (rv == PR_FAILURE) {
+ errorcode = PR_GetError();
+ *pStatus = errorcode;
+ if (errorcode == PR_IN_PROGRESS_ERROR) {
+ socket->status = SOCKET_CONNECTPENDING;
+ goto cleanup;
+ } else {
+#ifdef PKIX_SOCKETDEBUG
+ printf
+ ("pkix_pl_Socket_Connect: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRCONNECTFAILED);
+ }
+ }
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Successful connect!\n");
+#endif
+
+ *pStatus = 0;
+ socket->status = SOCKET_CONNECTED;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_ConnectContinue
+ * DESCRIPTION:
+ *
+ * This functions continues the connect function for the client socket
+ * specified in "socket", storing the status at "pStatus". It is expected that
+ * the non-blocking connect has returned PR_IN_PROGRESS_ERROR.
+ *
+ * PARAMETERS:
+ * "socket"
+ * The address of the Socket for which a connect is to be continued.
+ * Must be non-NULL.
+ * "pStatus"
+ * The address at which the connection status is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_ConnectContinue(
+ PKIX_PL_Socket *socket,
+ PRErrorCode *pStatus,
+ void *plContext)
+{
+ PRStatus rv = PR_FAILURE;
+ PRErrorCode errorcode = 0;
+ PRPollDesc pollDesc;
+ PRInt32 numEvents = 0;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_ConnectContinue");
+ PKIX_NULLCHECK_TWO(socket, socket->clientSock);
+
+ pollDesc.fd = socket->clientSock;
+ pollDesc.in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
+ pollDesc.out_flags = 0;
+ PKIX_PL_NSSCALLRV(SOCKET, numEvents, PR_Poll, (&pollDesc, 1, 0));
+ if (numEvents < 0) {
+ PKIX_ERROR(PKIX_PRPOLLFAILED);
+ }
+
+ if (numEvents == 0) {
+ *pStatus = PR_IN_PROGRESS_ERROR;
+ goto cleanup;
+ }
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, PR_ConnectContinue,
+ (socket->clientSock, pollDesc.out_flags));
+
+ /*
+ * PR_ConnectContinue sometimes lies. It returns PR_SUCCESS
+ * even though the connection is not yet ready. But its deceit
+ * is betrayed by the contents of out_flags!
+ */
+ if ((rv == PR_SUCCESS) && (pollDesc.out_flags == PR_POLL_ERR)) {
+ *pStatus = PR_IN_PROGRESS_ERROR;
+ goto cleanup;
+ }
+
+ if (rv == PR_FAILURE) {
+ errorcode = PR_GetError();
+ *pStatus = errorcode;
+ if (errorcode == PR_IN_PROGRESS_ERROR) {
+ goto cleanup;
+ } else {
+#ifdef PKIX_SOCKETDEBUG
+ printf
+ ("pkix_pl_Socket_ConnectContinue: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRCONNECTCONTINUEFAILED);
+ }
+ }
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Successful connect!\n");
+#endif
+
+ *pStatus = 0;
+ socket->status = SOCKET_CONNECTED;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Socket_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Socket *socket = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_SOCKET_TYPE, plContext),
+ PKIX_OBJECTNOTANSOCKET);
+
+ socket = (PKIX_PL_Socket *)object;
+
+ if (socket->isServer) {
+ if (socket->serverSock) {
+ PR_Close(socket->serverSock);
+ }
+ } else {
+ if (socket->clientSock) {
+ PR_Close(socket->clientSock);
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Socket_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_Socket *socket = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_SOCKET_TYPE, plContext),
+ PKIX_OBJECTNOTSOCKET);
+
+ socket = (PKIX_PL_Socket *)object;
+
+ *pHashcode = (((socket->timeout << 3) +
+ (socket->netAddr->inet.family << 3)) +
+ (*((PKIX_UInt32 *)&(socket->netAddr->inet.ip)))) +
+ socket->netAddr->inet.port;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Socket_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_Socket *firstSocket = NULL;
+ PKIX_PL_Socket *secondSocket = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ *pResult = PKIX_FALSE;
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject, secondObject, PKIX_SOCKET_TYPE, plContext),
+ PKIX_OBJECTNOTSOCKET);
+
+ firstSocket = (PKIX_PL_Socket *)firstObject;
+ secondSocket = (PKIX_PL_Socket *)secondObject;
+
+ if (firstSocket->timeout != secondSocket->timeout) {
+ goto cleanup;
+ }
+
+ if (firstSocket->netAddr == secondSocket->netAddr) {
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ if ((firstSocket->netAddr->inet.family !=
+ secondSocket->netAddr->inet.family) ||
+ (*((PKIX_UInt32 *)&(firstSocket->netAddr->inet.ip)) !=
+ *((PKIX_UInt32 *)&(secondSocket->netAddr->inet.ip))) ||
+ (firstSocket->netAddr->inet.port !=
+ secondSocket->netAddr->inet.port)) {
+
+ goto cleanup;
+
+ }
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_PL_SOCKET_TYPE and its related
+ * functions with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_Socket_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_RegisterSelf");
+
+ entry.description = "Socket";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_Socket);
+ entry.destructor = pkix_pl_Socket_Destroy;
+ entry.equalsFunction = pkix_pl_Socket_Equals;
+ entry.hashcodeFunction = pkix_pl_Socket_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_SOCKET_TYPE] = entry;
+
+#ifdef PKIX_SOCKETTRACE
+ {
+ char *val = NULL;
+ val = PR_GetEnvSecure("SOCKETTRACE");
+ /* Is SOCKETTRACE set in the environment? */
+ if ((val != NULL) && (*val != '\0')) {
+ socketTraceFlag =
+ ((*val == '1')?PKIX_TRUE:PKIX_FALSE);
+ }
+ }
+#endif
+
+ PKIX_RETURN(SOCKET);
+}
+
+/* --Public-Socket-Functions----------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_Socket_Listen
+ * DESCRIPTION:
+ *
+ * This functions establishes a listening queue for the server Socket
+ * pointed to by "socket".
+ *
+ * PARAMETERS:
+ * "socket"
+ * The address of the server socket for which the queue is to be
+ * established. Must be non-NULL.
+ * "backlog"
+ * The UInt32 value of the length of the queue to be established.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Listen(
+ PKIX_PL_Socket *socket,
+ PKIX_UInt32 backlog,
+ void *plContext)
+{
+#ifdef PKIX_SOCKETDEBUG
+ PRErrorCode errorcode = 0;
+#endif
+ PRStatus rv = PR_FAILURE;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Listen");
+ PKIX_NULLCHECK_TWO(socket, socket->serverSock);
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, PR_Listen,
+ (socket->serverSock, (PRIntn)backlog));
+
+ if (rv == PR_FAILURE) {
+#ifdef PKIX_SOCKETDEBUG
+ errorcode = PR_GetError();
+ printf
+ ("pkix_pl_Socket_Listen: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRLISTENFAILED);
+ }
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Successful listen!\n");
+#endif
+
+ socket->status = SOCKET_LISTENING;
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Shutdown
+ * DESCRIPTION:
+ *
+ * This functions performs the shutdown of any connections controlled by the
+ * socket pointed to by "socket".
+ *
+ * PARAMETERS:
+ * "socket"
+ * The address of the socket to be shut down. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Shutdown(
+ PKIX_PL_Socket *socket,
+ void *plContext)
+{
+#ifdef PKIX_SOCKETDEBUG
+ PRErrorCode errorcode = 0;
+#endif
+ PRStatus rv = PR_FAILURE;
+ PRFileDesc *fileDesc = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Shutdown");
+ PKIX_NULLCHECK_ONE(socket);
+
+ fileDesc =
+ (socket->isServer)?(socket->serverSock):(socket->clientSock);
+
+ PKIX_PL_NSSCALLRV(SOCKET, rv, PR_Shutdown,
+ (fileDesc, PR_SHUTDOWN_BOTH));
+
+ if (rv == PR_FAILURE) {
+#ifdef PKIX_SOCKETDEBUG
+ errorcode = PR_GetError();
+ printf
+ ("pkix_pl_Socket_Shutdown: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRSHUTDOWNFAILED);
+ }
+ socket->status = SOCKET_SHUTDOWN;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Send
+ * DESCRIPTION:
+ *
+ * This functions sends a message using the socket pointed to by "sendSock",
+ * from the buffer pointed to by "buf", of the number of bytes given by
+ * "bytesToWrite", storing the number of bytes actually written at
+ * "pBytesWritten". If "socket" is in non-blocking mode, the send operation
+ * may store -1 at "pBytesWritten" and the write is not complete until a
+ * corresponding pkix_pl_Poll call has indicated its completion by returning
+ * a non-negative value for bytes written.
+ *
+ * PARAMETERS:
+ * "sendSock"
+ * The address of the Socket on which the message is to be sent. Must
+ * be non-NULL.
+ * "buf"
+ * The address of the data to be sent. Must be non-NULL.
+ * "bytesToWrite""
+ * The UInt32 value indicating the number of bytes to write.
+ * "pBytesWritten"
+ * The address at which the Int32 value indicating the number of bytes
+ * actually written is to be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Send(
+ PKIX_PL_Socket *sendSock,
+ void *buf,
+ PKIX_UInt32 bytesToWrite,
+ PKIX_Int32 *pBytesWritten,
+ void *plContext)
+{
+ PRInt32 bytesWritten = 0;
+ PRErrorCode errorcode = 0;
+ PRFileDesc *fd = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Send");
+ PKIX_NULLCHECK_TWO(buf, pBytesWritten);
+
+ fd = sendSock->clientSock;
+
+ PKIX_PL_NSSCALLRV(SOCKET, bytesWritten, PR_Send,
+ (fd, buf, (PRInt32)bytesToWrite, 0, sendSock->timeout));
+
+ if (bytesWritten >= 0) {
+ if (sendSock->status == SOCKET_SENDRCVPENDING) {
+ sendSock->status = SOCKET_RCVPENDING;
+ } else {
+ sendSock->status = SOCKET_CONNECTED;
+ }
+#ifdef PKIX_SOCKETTRACE
+ pkix_pl_socket_tracebuff(buf, bytesWritten);
+#endif
+ } else {
+ errorcode = PR_GetError();
+ if (errorcode != PR_WOULD_BLOCK_ERROR) {
+#ifdef PKIX_SOCKETDEBUG
+ printf
+ ("pkix_pl_Socket_Send: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRSENDFAILED);
+ }
+
+ sendSock->writeBuf = buf;
+ sendSock->writeBufSize = bytesToWrite;
+ if (sendSock->status == SOCKET_RCVPENDING) {
+ sendSock->status = SOCKET_SENDRCVPENDING;
+ } else {
+ sendSock->status = SOCKET_SENDPENDING;
+ }
+ }
+
+ *pBytesWritten = (PKIX_Int32)bytesWritten;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Recv
+ * DESCRIPTION:
+ *
+ * This functions receives a message on the socket pointed to by "rcvSock",
+ * into the buffer pointed to by "buf", of capacity given by "capacity",
+ * storing the number of bytes actually received at "pBytesRead". If "socket"
+ * is in non-blocking mode, the receive operation may store -1 at
+ * "pBytesWritten". In that case the write is not complete until a
+ * corresponding pkix_pl_Poll call has indicated its completion by returning
+ * a non-negative value for bytes read.
+ *
+ * PARAMETERS:
+ * "rcvSock"
+ * The address of the Socket on which the message is to be received.
+ * Must be non-NULL.
+ * "buf"
+ * The address of the buffer into which the message is to be received.
+ * Must be non-NULL.
+ * "capacity"
+ * The UInt32 value of the size of the buffer; that is, the maximum
+ * number of bytes that can be received.
+ * "pBytesRead"
+ * The address at which is stored the Int32 value of the number of bytes
+ * actually received.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Recv(
+ PKIX_PL_Socket *rcvSock,
+ void *buf,
+ PKIX_UInt32 capacity,
+ PKIX_Int32 *pBytesRead,
+ void *plContext)
+{
+ PRErrorCode errorcode = 0;
+ PRInt32 bytesRead = 0;
+ PRFileDesc *fd = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Recv");
+ PKIX_NULLCHECK_THREE(rcvSock, buf, pBytesRead);
+
+ fd = rcvSock->clientSock;
+
+ PKIX_PL_NSSCALLRV(SOCKET, bytesRead, PR_Recv,
+ (fd, buf, (PRInt32)capacity, 0, rcvSock->timeout));
+
+ if (bytesRead > 0) {
+ if (rcvSock->status == SOCKET_SENDRCVPENDING) {
+ rcvSock->status = SOCKET_SENDPENDING;
+ } else {
+ rcvSock->status = SOCKET_CONNECTED;
+ }
+#ifdef PKIX_SOCKETTRACE
+ pkix_pl_socket_tracebuff(buf, bytesRead);
+#endif
+ } else if (bytesRead == 0) {
+ PKIX_ERROR(PKIX_PRRECVREPORTSNETWORKCONNECTIONCLOSED);
+ } else {
+ errorcode = PR_GetError();
+ if (errorcode != PR_WOULD_BLOCK_ERROR) {
+#ifdef PKIX_SOCKETDEBUG
+ printf
+ ("pkix_pl_Socket_Recv: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRRECVFAILED);
+ }
+ rcvSock->readBuf = buf;
+ rcvSock->readBufSize = capacity;
+ if (rcvSock->status == SOCKET_SENDPENDING) {
+ rcvSock->status = SOCKET_SENDRCVPENDING;
+ } else {
+ rcvSock->status = SOCKET_RCVPENDING;
+ }
+
+ }
+
+ *pBytesRead = (PKIX_Int32)bytesRead;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Poll
+ * DESCRIPTION:
+ *
+ * This functions checks for completion of an earlier Send or Recv on the
+ * socket pointed to by "sock", storing in "pBytesWritten" the number of bytes
+ * written by a completed Send and in "pBytesRead" the number of bytes
+ * received in a completed Recv. A value of -1 returned indicates the
+ * operation has still not completed. A NULL pointer may be supplied for
+ * "pBytesWritten" to avoid checking for completion of a Send. A NULL pointer
+ * may be supplied for "pBytesRead" to avoid checking for completion of a Recv.
+ *
+ * PARAMETERS:
+ * "sock"
+ * The address of the socket for which completions are to be checked.
+ * "pBytesWritten"
+ * The address at which the number of bytes written is to be stored, if
+ * a pending Send has completed. If NULL, Sends are not checked.
+ * "pBytesRead"
+ * The address at which the number of bytes read is to be stored, if
+ * a pending Recv has completed. If NULL, Recvs are not checked.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Poll(
+ PKIX_PL_Socket *sock,
+ PKIX_Int32 *pBytesWritten,
+ PKIX_Int32 *pBytesRead,
+ void *plContext)
+{
+ PRPollDesc pollDesc;
+ PRInt32 numEvents = 0;
+ PKIX_Int32 bytesRead = 0;
+ PKIX_Int32 bytesWritten = 0;
+ PRErrorCode errorcode = 0;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Poll");
+ PKIX_NULLCHECK_ONE(sock);
+
+ pollDesc.fd = sock->clientSock;
+ pollDesc.in_flags = 0;
+ pollDesc.out_flags = 0;
+
+ if ((pBytesWritten) &&
+ ((sock->status == SOCKET_SENDPENDING) ||
+ (sock->status == SOCKET_SENDRCVPENDING))) {
+ pollDesc.in_flags = PR_POLL_WRITE;
+ }
+
+ if ((pBytesRead) &&
+ ((sock->status == SOCKET_RCVPENDING) ||
+ (sock->status == SOCKET_SENDRCVPENDING))) {
+ pollDesc.in_flags |= PR_POLL_READ;
+ }
+
+ PKIX_PL_NSSCALLRV(SOCKET, numEvents, PR_Poll, (&pollDesc, 1, 0));
+
+ if (numEvents < 0) {
+ PKIX_ERROR(PKIX_PRPOLLFAILED);
+ } else if (numEvents > 0) {
+ if (pollDesc.out_flags & PR_POLL_WRITE) {
+ PKIX_CHECK(pkix_pl_Socket_Send
+ (sock,
+ sock->writeBuf,
+ sock->writeBufSize,
+ &bytesWritten,
+ plContext),
+ PKIX_SOCKETSENDFAILED);
+ *pBytesWritten = (PKIX_Int32)bytesWritten;
+ if (bytesWritten >= 0) {
+ sock->writeBuf = NULL;
+ sock->writeBufSize = 0;
+ }
+ }
+
+ if (pollDesc.out_flags & PR_POLL_READ) {
+ PKIX_CHECK(pkix_pl_Socket_Recv
+ (sock,
+ sock->readBuf,
+ sock->readBufSize,
+ &bytesRead,
+ plContext),
+ PKIX_SOCKETRECVFAILED);
+ *pBytesRead = (PKIX_Int32)bytesRead;
+ if (bytesRead >= 0) {
+ sock->readBuf = NULL;
+ sock->readBufSize = 0;
+ }
+ }
+ } else if (numEvents == 0) {
+ errorcode = PR_GetError();
+ if (errorcode != PR_WOULD_BLOCK_ERROR) {
+#ifdef PKIX_SOCKETDEBUG
+ printf
+ ("pkix_pl_Socket_Poll: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRPOLLFAILED);
+ }
+ if (pBytesWritten) {
+ *pBytesWritten = 0;
+ }
+ if (pBytesRead) {
+ *pBytesRead = 0;
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Accept
+ * DESCRIPTION:
+ *
+ * This functions accepts a client connection for the server Socket pointed
+ * to by "serverSocket", creating a new Socket and storing the result at
+ * "pRendezvousSocket". If "serverSocket" is in non-blocking mode, this
+ * function will return NULL if there is no client connection to accept.
+ * Otherwise this function will block until a connection is available.
+ * When a client connection is available the new Socket will have the same
+ * blocking/non-blocking property as "serverSocket".
+ *
+ * PARAMETERS:
+ * "serverSocket"
+ * The address of the Socket for which a client connection is to be
+ * accepted. Must be non-NULL.
+ * "pRendezvousSocket"
+ * The address at which the created Socket is stored, when a client
+ * connection is available, or at which NULL is stored, if no connection
+ * is available for a non-blocking "serverSocket". Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety definitions in Programmer's Guide)
+ * RETURNS:
+ * none
+ */
+static PKIX_Error *
+pkix_pl_Socket_Accept(
+ PKIX_PL_Socket *serverSocket,
+ PKIX_PL_Socket **pRendezvousSocket,
+ void *plContext)
+{
+ PRErrorCode errorcode = 0;
+ PRFileDesc *rendezvousSock = NULL;
+ PRNetAddr *clientAddr = NULL;
+ PKIX_PL_Socket *newSocket = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Accept");
+ PKIX_NULLCHECK_TWO(serverSocket, pRendezvousSocket);
+
+ PKIX_PL_NSSCALLRV(SOCKET, rendezvousSock, PR_Accept,
+ (serverSocket->serverSock, clientAddr, serverSocket->timeout));
+
+ if (!rendezvousSock) {
+ errorcode = PR_GetError();
+ if (errorcode != PR_WOULD_BLOCK_ERROR) {
+#ifdef PKIX_SOCKETDEBUG
+ printf
+ ("pkix_pl_Socket_Accept: %s\n",
+ PR_ErrorToString(errorcode, PR_LANGUAGE_EN));
+#endif
+ PKIX_ERROR(PKIX_PRACCEPTFAILED);
+ }
+ serverSocket->status = SOCKET_ACCEPTPENDING;
+ *pRendezvousSocket = NULL;
+ goto cleanup;
+
+ }
+
+#ifdef PKIX_SOCKETDEBUG
+ printf("Successful accept!\n");
+#endif
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_SOCKET_TYPE,
+ sizeof (PKIX_PL_Socket),
+ (PKIX_PL_Object **)&newSocket,
+ plContext),
+ PKIX_COULDNOTCREATESOCKETOBJECT);
+
+ newSocket->isServer = PKIX_FALSE;
+ newSocket->timeout = serverSocket->timeout;
+ newSocket->clientSock = rendezvousSock;
+ newSocket->serverSock = NULL;
+ newSocket->netAddr = NULL;
+ newSocket->status = SOCKET_CONNECTED;
+ newSocket->callbackList.shutdownCallback = pkix_pl_Socket_Shutdown;
+ newSocket->callbackList.listenCallback = pkix_pl_Socket_Listen;
+ newSocket->callbackList.acceptCallback = pkix_pl_Socket_Accept;
+ newSocket->callbackList.connectcontinueCallback =
+ pkix_pl_Socket_ConnectContinue;
+ newSocket->callbackList.sendCallback = pkix_pl_Socket_Send;
+ newSocket->callbackList.recvCallback = pkix_pl_Socket_Recv;
+ newSocket->callbackList.pollCallback = pkix_pl_Socket_Poll;
+
+ if (serverSocket->timeout == 0) {
+ PKIX_CHECK(pkix_pl_Socket_SetNonBlocking
+ (rendezvousSock, plContext),
+ PKIX_SOCKETSETNONBLOCKINGFAILED);
+ }
+
+ *pRendezvousSocket = newSocket;
+
+cleanup:
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_Create
+ * DESCRIPTION:
+ *
+ * This function creates a new Socket, setting it to be a server or a client
+ * according to the value of "isServer", setting its timeout value from
+ * "timeout" and server address from "netAddr", and stores the created Socket
+ * at "pSocket".
+ *
+ * PARAMETERS:
+ * "isServer"
+ * The Boolean value indicating if PKIX_TRUE, that a server socket (using
+ * Bind, Listen, and Accept) is to be created, or if PKIX_FALSE, that a
+ * client socket (using Connect) is to be created.
+ * "timeout"
+ * A PRTimeInterval value to be used for I/O waits for this socket. If
+ * zero, non-blocking I/O is to be used.
+ * "netAddr"
+ * The PRNetAddr to be used for the Bind function, if this is a server
+ * socket, or for the Connect, if this is a client socket.
+ * "pSocket"
+ * The address at which the Socket is to be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Socket Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Socket_Create(
+ PKIX_Boolean isServer,
+ PRIntervalTime timeout,
+ PRNetAddr *netAddr,
+ PRErrorCode *status,
+ PKIX_PL_Socket **pSocket,
+ void *plContext)
+{
+ PKIX_PL_Socket *socket = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_Create");
+ PKIX_NULLCHECK_ONE(pSocket);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_SOCKET_TYPE,
+ sizeof (PKIX_PL_Socket),
+ (PKIX_PL_Object **)&socket,
+ plContext),
+ PKIX_COULDNOTCREATESOCKETOBJECT);
+
+ socket->isServer = isServer;
+ socket->timeout = timeout;
+ socket->clientSock = NULL;
+ socket->serverSock = NULL;
+ socket->netAddr = netAddr;
+
+ socket->callbackList.listenCallback = pkix_pl_Socket_Listen;
+ socket->callbackList.acceptCallback = pkix_pl_Socket_Accept;
+ socket->callbackList.connectcontinueCallback =
+ pkix_pl_Socket_ConnectContinue;
+ socket->callbackList.sendCallback = pkix_pl_Socket_Send;
+ socket->callbackList.recvCallback = pkix_pl_Socket_Recv;
+ socket->callbackList.pollCallback = pkix_pl_Socket_Poll;
+ socket->callbackList.shutdownCallback = pkix_pl_Socket_Shutdown;
+
+ if (isServer) {
+ PKIX_CHECK(pkix_pl_Socket_CreateServer(socket, plContext),
+ PKIX_SOCKETCREATESERVERFAILED);
+ *status = 0;
+ } else {
+ socket->timeout = timeout;
+ PKIX_CHECK(pkix_pl_Socket_CreateClient(socket, plContext),
+ PKIX_SOCKETCREATECLIENTFAILED);
+ PKIX_CHECK(pkix_pl_Socket_Connect(socket, status, plContext),
+ PKIX_SOCKETCONNECTFAILED);
+ }
+
+ *pSocket = socket;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(socket);
+ }
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_CreateByName
+ * DESCRIPTION:
+ *
+ * This function creates a new Socket, setting it to be a server or a client
+ * according to the value of "isServer", setting its timeout value from
+ * "timeout" and server address and port number from "serverName", and stores
+ * the status at "pStatus" and the created Socket at "pSocket".
+ *
+ * If isServer is PKIX_TRUE, it is attempted to create the socket with an ip
+ * address of PR_INADDR_ANY.
+ *
+ * PARAMETERS:
+ * "isServer"
+ * The Boolean value indicating if PKIX_TRUE, that a server socket (using
+ * Bind, Listen, and Accept) is to be created, or if PKIX_FALSE, that a
+ * client socket (using Connect) is to be created.
+ * "timeout"
+ * A PRTimeInterval value to be used for I/O waits for this socket. If
+ * zero, non-blocking I/O is to be used.
+ * "serverName"
+ * Address of a character string consisting of the server's domain name
+ * followed by a colon and a port number for the desired socket.
+ * "pStatus"
+ * Address at which the PRErrorCode resulting from the create is
+ * stored. Must be non-NULL.
+ * "pSocket"
+ * The address at which the Socket is to be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Socket Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Socket_CreateByName(
+ PKIX_Boolean isServer,
+ PRIntervalTime timeout,
+ char *serverName,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+ void *plContext)
+{
+ PRNetAddr netAddr;
+ PKIX_PL_Socket *socket = NULL;
+ char *sepPtr = NULL;
+ PRHostEnt hostent;
+ PRIntn hostenum;
+ PRStatus prstatus = PR_FAILURE;
+ char buf[PR_NETDB_BUF_SIZE];
+ PRUint16 portNum = 0;
+ char *localCopyName = NULL;
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByName");
+ PKIX_NULLCHECK_TWO(serverName, pSocket);
+
+ localCopyName = PL_strdup(serverName);
+
+ sepPtr = strchr(localCopyName, ':');
+ /* First strip off the portnum, if present, from the end of the name */
+ if (sepPtr) {
+ *sepPtr++ = '\0';
+ portNum = (PRUint16)atoi(sepPtr);
+ } else {
+ portNum = (PRUint16)LDAP_PORT;
+ }
+
+ prstatus = PR_GetHostByName(localCopyName, buf, sizeof(buf), &hostent);
+
+ if ((prstatus != PR_SUCCESS) || (hostent.h_length != 4)) {
+ /*
+ * The hostname may be a fully-qualified name. Try using just
+ * the leftmost component in our lookup.
+ */
+ sepPtr = strchr(localCopyName, '.');
+ if (sepPtr) {
+ *sepPtr++ = '\0';
+ }
+ prstatus = PR_GetHostByName
+ (localCopyName, buf, sizeof(buf), &hostent);
+
+ if ((prstatus != PR_SUCCESS) || (hostent.h_length != 4)) {
+ PKIX_ERROR
+ (PKIX_PRGETHOSTBYNAMEREJECTSHOSTNAMEARGUMENT);
+ }
+ }
+
+ netAddr.inet.family = PR_AF_INET;
+ netAddr.inet.port = PR_htons(portNum);
+
+ if (isServer) {
+
+ netAddr.inet.ip = PR_INADDR_ANY;
+
+ } else {
+
+ hostenum = PR_EnumerateHostEnt(0, &hostent, portNum, &netAddr);
+ if (hostenum == -1) {
+ PKIX_ERROR(PKIX_PRENUMERATEHOSTENTFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_SOCKET_TYPE,
+ sizeof (PKIX_PL_Socket),
+ (PKIX_PL_Object **)&socket,
+ plContext),
+ PKIX_COULDNOTCREATESOCKETOBJECT);
+
+ socket->isServer = isServer;
+ socket->timeout = timeout;
+ socket->clientSock = NULL;
+ socket->serverSock = NULL;
+ socket->netAddr = &netAddr;
+
+ socket->callbackList.listenCallback = pkix_pl_Socket_Listen;
+ socket->callbackList.acceptCallback = pkix_pl_Socket_Accept;
+ socket->callbackList.connectcontinueCallback =
+ pkix_pl_Socket_ConnectContinue;
+ socket->callbackList.sendCallback = pkix_pl_Socket_Send;
+ socket->callbackList.recvCallback = pkix_pl_Socket_Recv;
+ socket->callbackList.pollCallback = pkix_pl_Socket_Poll;
+ socket->callbackList.shutdownCallback = pkix_pl_Socket_Shutdown;
+
+ if (isServer) {
+ PKIX_CHECK(pkix_pl_Socket_CreateServer(socket, plContext),
+ PKIX_SOCKETCREATESERVERFAILED);
+ *pStatus = 0;
+ } else {
+ PKIX_CHECK(pkix_pl_Socket_CreateClient(socket, plContext),
+ PKIX_SOCKETCREATECLIENTFAILED);
+ PKIX_CHECK(pkix_pl_Socket_Connect(socket, pStatus, plContext),
+ PKIX_SOCKETCONNECTFAILED);
+ }
+
+ *pSocket = socket;
+
+cleanup:
+ PL_strfree(localCopyName);
+
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(socket);
+ }
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_CreateByHostAndPort
+ * DESCRIPTION:
+ *
+ * This function creates a new Socket, setting it to be a server or a client
+ * according to the value of "isServer", setting its timeout value from
+ * "timeout", host from "hostname", and port number from "portNum", and stores
+ * the status at "pStatus" and the created Socket at "pSocket".
+ *
+ * If isServer is PKIX_TRUE, it is attempted to create the socket with an ip
+ * address of PR_INADDR_ANY.
+ *
+ * PARAMETERS:
+ * "isServer"
+ * The Boolean value indicating if PKIX_TRUE, that a server socket (using
+ * Bind, Listen, and Accept) is to be created, or if PKIX_FALSE, that a
+ * client socket (using Connect) is to be created.
+ * "timeout"
+ * A PRTimeInterval value to be used for I/O waits for this socket. If
+ * zero, non-blocking I/O is to be used.
+ * "hostname"
+ * Address of a character string consisting of the server's domain name.
+ * "portNum"
+ * UInt16 value of the port number for the desired socket.
+ * "pStatus"
+ * Address at which the PRErrorCode resulting from the create is
+ * stored. Must be non-NULL.
+ * "pSocket"
+ * The address at which the Socket is to be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Socket Error if the function fails in
+ * a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Socket_CreateByHostAndPort(
+ PKIX_Boolean isServer,
+ PRIntervalTime timeout,
+ char *hostname,
+ PRUint16 portnum,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+ void *plContext)
+{
+ PRNetAddr netAddr;
+ PKIX_PL_Socket *socket = NULL;
+ char *sepPtr = NULL;
+ PRHostEnt hostent;
+ PRIntn hostenum;
+ PRStatus prstatus = PR_FAILURE;
+ char buf[PR_NETDB_BUF_SIZE];
+
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort");
+ PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket);
+
+
+ prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);
+
+ if ((prstatus != PR_SUCCESS) || (hostent.h_length != 4)) {
+ /*
+ * The hostname may be a fully-qualified name. Try using just
+ * the leftmost component in our lookup.
+ */
+ sepPtr = strchr(hostname, '.');
+ if (sepPtr) {
+ *sepPtr++ = '\0';
+ }
+ prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);
+
+ if ((prstatus != PR_SUCCESS) || (hostent.h_length != 4)) {
+ PKIX_ERROR
+ (PKIX_PRGETHOSTBYNAMEREJECTSHOSTNAMEARGUMENT);
+ }
+ }
+
+ netAddr.inet.family = PR_AF_INET;
+ netAddr.inet.port = PR_htons(portnum);
+
+ if (isServer) {
+
+ netAddr.inet.ip = PR_INADDR_ANY;
+
+ } else {
+
+ hostenum = PR_EnumerateHostEnt(0, &hostent, portnum, &netAddr);
+ if (hostenum == -1) {
+ PKIX_ERROR(PKIX_PRENUMERATEHOSTENTFAILED);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_SOCKET_TYPE,
+ sizeof (PKIX_PL_Socket),
+ (PKIX_PL_Object **)&socket,
+ plContext),
+ PKIX_COULDNOTCREATESOCKETOBJECT);
+
+ socket->isServer = isServer;
+ socket->timeout = timeout;
+ socket->clientSock = NULL;
+ socket->serverSock = NULL;
+ socket->netAddr = &netAddr;
+
+ socket->callbackList.listenCallback = pkix_pl_Socket_Listen;
+ socket->callbackList.acceptCallback = pkix_pl_Socket_Accept;
+ socket->callbackList.connectcontinueCallback =
+ pkix_pl_Socket_ConnectContinue;
+ socket->callbackList.sendCallback = pkix_pl_Socket_Send;
+ socket->callbackList.recvCallback = pkix_pl_Socket_Recv;
+ socket->callbackList.pollCallback = pkix_pl_Socket_Poll;
+ socket->callbackList.shutdownCallback = pkix_pl_Socket_Shutdown;
+
+ if (isServer) {
+ PKIX_CHECK(pkix_pl_Socket_CreateServer(socket, plContext),
+ PKIX_SOCKETCREATESERVERFAILED);
+ *pStatus = 0;
+ } else {
+ PKIX_CHECK(pkix_pl_Socket_CreateClient(socket, plContext),
+ PKIX_SOCKETCREATECLIENTFAILED);
+ PKIX_CHECK(pkix_pl_Socket_Connect(socket, pStatus, plContext),
+ PKIX_SOCKETCONNECTFAILED);
+ }
+
+ *pSocket = socket;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ PKIX_DECREF(socket);
+ }
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_GetCallbackList
+ */
+PKIX_Error *
+pkix_pl_Socket_GetCallbackList(
+ PKIX_PL_Socket *socket,
+ PKIX_PL_Socket_Callback **pCallbackList,
+ void *plContext)
+{
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_GetCallbackList");
+ PKIX_NULLCHECK_TWO(socket, pCallbackList);
+
+ *pCallbackList = &(socket->callbackList);
+
+ PKIX_RETURN(SOCKET);
+}
+
+/*
+ * FUNCTION: pkix_pl_Socket_GetPRFileDesc
+ */
+PKIX_Error *
+pkix_pl_Socket_GetPRFileDesc(
+ PKIX_PL_Socket *socket,
+ PRFileDesc **pDesc,
+ void *plContext)
+{
+ PKIX_ENTER(SOCKET, "pkix_pl_Socket_GetPRFileDesc");
+ PKIX_NULLCHECK_TWO(socket, pDesc);
+
+ *pDesc = socket->clientSock;
+
+ PKIX_RETURN(SOCKET);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.h b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.h
new file mode 100644
index 000000000..abf6628b3
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.h
@@ -0,0 +1,209 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_socket.h
+ *
+ * Socket Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_SOCKET_H
+#define _PKIX_PL_SOCKET_H
+
+#include <errno.h>
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum {
+ SOCKET_BOUND,
+ SOCKET_LISTENING,
+ SOCKET_ACCEPTPENDING,
+ SOCKET_UNCONNECTED,
+ SOCKET_CONNECTPENDING,
+ SOCKET_CONNECTED,
+ SOCKET_SENDPENDING,
+ SOCKET_RCVPENDING,
+ SOCKET_SENDRCVPENDING,
+ SOCKET_SHUTDOWN
+} SockStatus;
+
+/* This is the default port number, if none is supplied to CreateByName. */
+#define LDAP_PORT 389
+
+/*
+ * These callbacks allow a user to substitute a counterfeit socket in places
+ * where a PKIX_PL_Socket is expected. A conforming usage will use the
+ * ListenCallback function instead of Listen, AcceptCallback instead of Accept,
+ * etc. The counterfeit socket may have special capabilites such as the
+ * ability to do proxy authentication, etc.
+ */
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_ListenCallback)(
+ PKIX_PL_Socket *socket,
+ PKIX_UInt32 backlog,
+ void *plContext);
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_AcceptCallback)(
+ PKIX_PL_Socket *socket,
+ PKIX_PL_Socket **pRendezvousSock,
+ void *plContext);
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_ConnectContinueCallback)(
+ PKIX_PL_Socket *socket,
+ PRErrorCode *pStatus,
+ void *plContext);
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_SendCallback)(
+ PKIX_PL_Socket *sendSock,
+ void *buf,
+ PKIX_UInt32 bytesToWrite,
+ PKIX_Int32 *pBytesWritten,
+ void *plContext);
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_RecvCallback)(
+ PKIX_PL_Socket *rcvSock,
+ void *buf,
+ PKIX_UInt32 capacity,
+ PKIX_Int32 *pBytesRead,
+ void *plContext);
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_PollCallback)(
+ PKIX_PL_Socket *sock,
+ PKIX_Int32 *pBytesWritten,
+ PKIX_Int32 *pBytesRead,
+ void *plContext);
+
+typedef PKIX_Error *
+(*pkix_pl_Socket_ShutdownCallback)(
+ PKIX_PL_Socket *socket, void *plContext);
+
+typedef struct PKIX_PL_Socket_CallbackStruct {
+ pkix_pl_Socket_ListenCallback listenCallback;
+ pkix_pl_Socket_AcceptCallback acceptCallback;
+ pkix_pl_Socket_ConnectContinueCallback connectcontinueCallback;
+ pkix_pl_Socket_SendCallback sendCallback;
+ pkix_pl_Socket_RecvCallback recvCallback;
+ pkix_pl_Socket_PollCallback pollCallback;
+ pkix_pl_Socket_ShutdownCallback shutdownCallback;
+} PKIX_PL_Socket_Callback;
+
+struct PKIX_PL_SocketStruct {
+ PKIX_Boolean isServer;
+ PRIntervalTime timeout; /* zero for non-blocking I/O */
+ SockStatus status;
+ PRFileDesc *clientSock;
+ PRFileDesc *serverSock;
+ void *readBuf;
+ void *writeBuf;
+ PKIX_UInt32 readBufSize;
+ PKIX_UInt32 writeBufSize;
+ PRNetAddr *netAddr;
+ PKIX_PL_Socket_Callback callbackList;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_Socket_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_Socket_Create(
+ PKIX_Boolean isServer,
+ PRIntervalTime timeout, /* zero for non-blocking I/O */
+ PRNetAddr *netAddr,
+ PRErrorCode *status,
+ PKIX_PL_Socket **pSocket,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Socket_CreateByName(
+ PKIX_Boolean isServer,
+ PRIntervalTime timeout,
+ char *serverName,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Socket_CreateByHostAndPort(
+ PKIX_Boolean isServer,
+ PRIntervalTime timeout,
+ char *hostname,
+ PRUint16 portnum,
+ PRErrorCode *pStatus,
+ PKIX_PL_Socket **pSocket,
+ void *plContext);
+
+/* Do not use these functions directly; use their callback variants instead
+ * static PKIX_Error *
+ * pkix_pl_Socket_Listen(
+ * PKIX_PL_Socket *socket,
+ * PKIX_UInt32 backlog,
+ * void *plContext);
+ *
+ * static PKIX_Error *
+ * pkix_pl_Socket_Accept(
+ * PKIX_PL_Socket *socket,
+ * PKIX_PL_Socket **pRendezvousSock,
+ * void *plContext);
+ *
+ * static PKIX_Error *
+ * pkix_pl_Socket_ConnectContinue(
+ * PKIX_PL_Socket *socket,
+ * PRErrorCode *pStatus,
+ * void *plContext);
+ *
+ * static PKIX_Error *
+ * pkix_pl_Socket_Send(
+ * PKIX_PL_Socket *sendSock,
+ * void *buf,
+ * PKIX_UInt32 bytesToWrite,
+ * PKIX_Int32 *pBytesWritten,
+ * void *plContext);
+ *
+ * static PKIX_Error *
+ * pkix_pl_Socket_Recv(
+ * PKIX_PL_Socket *rcvSock,
+ * void *buf,
+ * PKIX_UInt32 capacity,
+ * PKIX_Int32 *pBytesRead,
+ * void *plContext);
+ *
+ * static PKIX_Error *
+ * pkix_pl_Socket_Poll(
+ * PKIX_PL_Socket *sock,
+ * PKIX_Int32 *pBytesWritten,
+ * PKIX_Int32 *pBytesRead,
+ * void *plContext);
+ *
+ * static PKIX_Error *
+ * pkix_pl_Socket_Shutdown(
+ * PKIX_PL_Socket *socket, void *plContext);
+ */
+
+PKIX_Error *
+pkix_pl_Socket_GetCallbackList(
+ PKIX_PL_Socket *socket,
+ PKIX_PL_Socket_Callback **pCallbackList,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Socket_GetPRFileDesc(
+ PKIX_PL_Socket *socket,
+ PRFileDesc **pDesc,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_SOCKET_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/Makefile b/security/nss/lib/libpkix/pkix_pl_nss/pki/Makefile
new file mode 100755
index 000000000..0fb6c9058
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/Makefile
@@ -0,0 +1,49 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/config.mk b/security/nss/lib/libpkix/pkix_pl_nss/pki/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/exports.gyp b/security/nss/lib/libpkix/pkix_pl_nss/pki/exports.gyp
new file mode 100644
index 000000000..616f94fd4
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/exports.gyp
@@ -0,0 +1,41 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_pl_nss_pki_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_pl_basicconstraints.h',
+ 'pkix_pl_cert.h',
+ 'pkix_pl_certpolicyinfo.h',
+ 'pkix_pl_certpolicymap.h',
+ 'pkix_pl_certpolicyqualifier.h',
+ 'pkix_pl_crl.h',
+ 'pkix_pl_crldp.h',
+ 'pkix_pl_crlentry.h',
+ 'pkix_pl_date.h',
+ 'pkix_pl_generalname.h',
+ 'pkix_pl_infoaccess.h',
+ 'pkix_pl_nameconstraints.h',
+ 'pkix_pl_ocspcertid.h',
+ 'pkix_pl_ocsprequest.h',
+ 'pkix_pl_ocspresponse.h',
+ 'pkix_pl_publickey.h',
+ 'pkix_pl_x500name.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/manifest.mn b/security/nss/lib/libpkix/pkix_pl_nss/pki/manifest.mn
new file mode 100755
index 000000000..f8d4571e1
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/manifest.mn
@@ -0,0 +1,53 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_pl_basicconstraints.h \
+ pkix_pl_cert.h \
+ pkix_pl_certpolicyinfo.h \
+ pkix_pl_certpolicymap.h \
+ pkix_pl_certpolicyqualifier.h \
+ pkix_pl_crl.h \
+ pkix_pl_crldp.h \
+ pkix_pl_crlentry.h \
+ pkix_pl_date.h \
+ pkix_pl_generalname.h \
+ pkix_pl_infoaccess.h \
+ pkix_pl_nameconstraints.h \
+ pkix_pl_ocsprequest.h \
+ pkix_pl_ocspresponse.h \
+ pkix_pl_publickey.h \
+ pkix_pl_x500name.h \
+ pkix_pl_ocspcertid.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_pl_basicconstraints.c \
+ pkix_pl_cert.c \
+ pkix_pl_certpolicyinfo.c \
+ pkix_pl_certpolicymap.c \
+ pkix_pl_certpolicyqualifier.c \
+ pkix_pl_crl.c \
+ pkix_pl_crldp.c \
+ pkix_pl_crlentry.c \
+ pkix_pl_date.c \
+ pkix_pl_generalname.c \
+ pkix_pl_infoaccess.c \
+ pkix_pl_nameconstraints.c \
+ pkix_pl_ocsprequest.c \
+ pkix_pl_ocspresponse.c \
+ pkix_pl_publickey.c \
+ pkix_pl_x500name.c \
+ pkix_pl_ocspcertid.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixpki
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pki.gyp b/security/nss/lib/libpkix/pkix_pl_nss/pki/pki.gyp
new file mode 100644
index 000000000..af7730c0b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pki.gyp
@@ -0,0 +1,39 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixpki',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_pl_basicconstraints.c',
+ 'pkix_pl_cert.c',
+ 'pkix_pl_certpolicyinfo.c',
+ 'pkix_pl_certpolicymap.c',
+ 'pkix_pl_certpolicyqualifier.c',
+ 'pkix_pl_crl.c',
+ 'pkix_pl_crldp.c',
+ 'pkix_pl_crlentry.c',
+ 'pkix_pl_date.c',
+ 'pkix_pl_generalname.c',
+ 'pkix_pl_infoaccess.c',
+ 'pkix_pl_nameconstraints.c',
+ 'pkix_pl_ocspcertid.c',
+ 'pkix_pl_ocsprequest.c',
+ 'pkix_pl_ocspresponse.c',
+ 'pkix_pl_publickey.c',
+ 'pkix_pl_x500name.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.c
new file mode 100644
index 000000000..81615da37
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.c
@@ -0,0 +1,407 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_basicconstraints.c
+ *
+ * BasicConstraints Object Functions
+ *
+ */
+
+#include "pkix_pl_basicconstraints.h"
+
+/*
+ * FUNCTION: pkix_pl_CertBasicConstraints_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CertBasicConstraints object whose CA Flag has the value
+ * given by the Boolean value of "isCA" and whose path length field has the
+ * value given by the "pathLen" argument and stores it at "pObject".
+ *
+ * PARAMETERS
+ * "isCA"
+ * Boolean value with the desired value of CA Flag.
+ * "pathLen"
+ * a PKIX_Int32 with the desired value of path length
+ * "pObject"
+ * Address of object pointer's destination. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertBasicConstraints Error if the function fails
+ * in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertBasicConstraints_Create(
+ PKIX_Boolean isCA,
+ PKIX_Int32 pathLen,
+ PKIX_PL_CertBasicConstraints **pObject,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *basic = NULL;
+
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "pkix_pl_CertBasicConstraints_Create");
+ PKIX_NULLCHECK_ONE(pObject);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTBASICCONSTRAINTS_TYPE,
+ sizeof (PKIX_PL_CertBasicConstraints),
+ (PKIX_PL_Object **)&basic,
+ plContext),
+ PKIX_COULDNOTCREATECERTBASICCONSTRAINTSOBJECT);
+
+ basic->isCA = isCA;
+
+ /* pathLen has meaning only for CAs, but it's not worth checking */
+ basic->pathLen = pathLen;
+
+ *pObject = basic;
+
+cleanup:
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertBasicConstraints_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertBasicConstraints_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *certB = NULL;
+
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "pkix_pl_CertBasicConstraints_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTBASICCONSTRAINTS_TYPE, plContext),
+ PKIX_OBJECTNOTCERTBASICCONSTRAINTS);
+
+ certB = (PKIX_PL_CertBasicConstraints*)object;
+
+ certB->isCA = PKIX_FALSE;
+ certB->pathLen = 0;
+
+cleanup:
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertBasicConstraints_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertBasicConstraints_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *certBasicConstraintsString = NULL;
+ PKIX_PL_CertBasicConstraints *certB = NULL;
+ PKIX_Boolean isCA = PKIX_FALSE;
+ PKIX_Int32 pathLen = 0;
+ PKIX_PL_String *outString = NULL;
+ char *fmtString = NULL;
+ PKIX_Boolean pathlenArg = PKIX_FALSE;
+
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "pkix_pl_CertBasicConstraints_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTBASICCONSTRAINTS_TYPE, plContext),
+ PKIX_FIRSTARGUMENTNOTCERTBASICCONSTRAINTSOBJECT);
+
+ certB = (PKIX_PL_CertBasicConstraints *)object;
+
+ /*
+ * if CA == TRUE
+ * if pathLen == CERT_UNLIMITED_PATH_CONSTRAINT
+ * print "CA(-1)"
+ * else print "CA(nnn)"
+ * if CA == FALSE, print "~CA"
+ */
+
+ isCA = certB->isCA;
+
+ if (isCA) {
+ pathLen = certB->pathLen;
+
+ if (pathLen == CERT_UNLIMITED_PATH_CONSTRAINT) {
+ /* print "CA(-1)" */
+ fmtString = "CA(-1)";
+ pathlenArg = PKIX_FALSE;
+ } else {
+ /* print "CA(pathLen)" */
+ fmtString = "CA(%d)";
+ pathlenArg = PKIX_TRUE;
+ }
+ } else {
+ /* print "~CA" */
+ fmtString = "~CA";
+ pathlenArg = PKIX_FALSE;
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ fmtString,
+ 0,
+ &certBasicConstraintsString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ if (pathlenArg) {
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString,
+ plContext,
+ certBasicConstraintsString,
+ pathLen),
+ PKIX_SPRINTFFAILED);
+ } else {
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString,
+ plContext,
+ certBasicConstraintsString),
+ PKIX_SPRINTFFAILED);
+ }
+
+ *pString = outString;
+
+cleanup:
+
+ PKIX_DECREF(certBasicConstraintsString);
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertBasicConstraints_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertBasicConstraints_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *certB = NULL;
+ PKIX_Boolean isCA = PKIX_FALSE;
+ PKIX_Int32 pathLen = 0;
+ PKIX_Int32 hashInput = 0;
+ PKIX_UInt32 cbcHash = 0;
+
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "pkix_pl_CertBasicConstraints_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTBASICCONSTRAINTS_TYPE, plContext),
+ PKIX_OBJECTNOTCERTBASICCONSTRAINTS);
+
+ certB = (PKIX_PL_CertBasicConstraints *)object;
+
+ /*
+ * if CA == TRUE
+ * hash(pathLen + 1 - PKIX_UNLIMITED_PATH_CONSTRAINT)
+ * if CA == FALSE, hash(0)
+ */
+
+ isCA = certB->isCA;
+
+ if (isCA) {
+ pathLen = certB->pathLen;
+
+ hashInput = pathLen + 1 - PKIX_UNLIMITED_PATH_CONSTRAINT;
+ }
+
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)&hashInput,
+ sizeof (hashInput),
+ &cbcHash,
+ plContext),
+ PKIX_HASHFAILED);
+
+ *pHashcode = cbcHash;
+
+cleanup:
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_CertBasicConstraints_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertBasicConstraints_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *firstCBC = NULL;
+ PKIX_PL_CertBasicConstraints *secondCBC = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean firstIsCA = PKIX_FALSE;
+ PKIX_Boolean secondIsCA = PKIX_FALSE;
+ PKIX_Int32 firstPathLen = 0;
+ PKIX_Int32 secondPathLen = 0;
+
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "pkix_pl_CertBasicConstraints_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CertBasicConstraints */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CERTBASICCONSTRAINTS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCERTBASICCONSTRAINTS);
+
+ /*
+ * Since we know firstObject is a CertBasicConstraints,
+ * if both references are identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a CertBasicConstraints, we
+ * don't throw an error. We simply return FALSE.
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CERTBASICCONSTRAINTS_TYPE) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ firstCBC = (PKIX_PL_CertBasicConstraints *)firstObject;
+ secondCBC = (PKIX_PL_CertBasicConstraints *)secondObject;
+
+ /*
+ * Compare the value of the CAFlag components
+ */
+
+ firstIsCA = firstCBC->isCA;
+
+ /*
+ * Failure here would be an error, not merely a miscompare,
+ * since we know second is a CertBasicConstraints.
+ */
+ secondIsCA = secondCBC->isCA;
+
+ /*
+ * If isCA flags differ, the objects are not equal.
+ */
+ if (secondIsCA != firstIsCA) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ /*
+ * If isCA was FALSE, the objects are equal, because
+ * pathLen is meaningless in that case.
+ */
+ if (!firstIsCA) {
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ firstPathLen = firstCBC->pathLen;
+ secondPathLen = secondCBC->pathLen;
+
+ *pResult = (secondPathLen == firstPathLen);
+
+cleanup:
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertBasicConstraints_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTBASICCONSTRAINTS_TYPE and its related
+ * functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize,
+ * which should only be called once, it is acceptable that
+ * this function is not thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CertBasicConstraints_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "pkix_pl_CertBasicConstraints_RegisterSelf");
+
+ entry.description = "CertBasicConstraints";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CertBasicConstraints);
+ entry.destructor = pkix_pl_CertBasicConstraints_Destroy;
+ entry.equalsFunction = pkix_pl_CertBasicConstraints_Equals;
+ entry.hashcodeFunction = pkix_pl_CertBasicConstraints_Hashcode;
+ entry.toStringFunction = pkix_pl_CertBasicConstraints_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CERTBASICCONSTRAINTS_TYPE] = entry;
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_BasicConstraints_GetCAFlag
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_BasicConstraints_GetCAFlag(
+ PKIX_PL_CertBasicConstraints *basicConstraints,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "PKIX_PL_BasicConstraintsGetCAFlag");
+ PKIX_NULLCHECK_TWO(basicConstraints, pResult);
+
+ *pResult = basicConstraints->isCA;
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
+
+/*
+ * FUNCTION: PKIX_PL_BasicConstraints_GetPathLenConstraint
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_BasicConstraints_GetPathLenConstraint(
+ PKIX_PL_CertBasicConstraints *basicConstraints,
+ PKIX_Int32 *pPathLenConstraint,
+ void *plContext)
+{
+ PKIX_ENTER(CERTBASICCONSTRAINTS,
+ "PKIX_PL_BasicConstraintsGetPathLenConstraint");
+ PKIX_NULLCHECK_TWO(basicConstraints, pPathLenConstraint);
+
+ *pPathLenConstraint = basicConstraints->pathLen;
+
+ PKIX_RETURN(CERTBASICCONSTRAINTS);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.h
new file mode 100644
index 000000000..857529c95
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_basicconstraints.h
@@ -0,0 +1,47 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_basicconstraints.h
+ *
+ * BasicConstraints Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_BASICCONSTRAINTS_H
+#define _PKIX_PL_BASICCONSTRAINTS_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This structure reflects the contents of the basic constraints
+ * extension as described in Section 4.2.1.10 of RFC 3280.
+ * The cA flag indicates whether the public key in this certificate
+ * belongs to a certification authority. The pathLen constraint
+ * gives the maximum number of non-self-issued intermediate certificates
+ * that may follow this certificate in a valid certification path.
+ */
+struct PKIX_PL_CertBasicConstraintsStruct {
+ PKIX_Boolean isCA;
+ PKIX_Int32 pathLen;
+};
+
+PKIX_Error *
+pkix_pl_CertBasicConstraints_Create(
+ PKIX_Boolean isCA,
+ PKIX_Int32 pathLen,
+ PKIX_PL_CertBasicConstraints **object,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertBasicConstraints_RegisterSelf(
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_BASICCONSTRAINTS_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
new file mode 100644
index 000000000..fa8f1851e
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
@@ -0,0 +1,3714 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_cert.c
+ *
+ * Certificate Object Functions
+ *
+ */
+
+#include "pkix_pl_cert.h"
+
+extern PKIX_PL_HashTable *cachedCertSigTable;
+
+/* --Private-Cert-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_Cert_IsExtensionCritical
+ * DESCRIPTION:
+ *
+ * Checks the Cert specified by "cert" to determine whether the extension
+ * whose tag is the UInt32 value given by "tag" is marked as a critical
+ * extension, and stores the result in "pCritical".
+ *
+ * Tags are the index into the table "oids" of SECOidData defined in the
+ * file secoid.c. Constants, such as SEC_OID_X509_CERTIFICATE_POLICIES, are
+ * are defined in secoidt.h for most of the table entries.
+ *
+ * If the specified tag is invalid (not in the list of tags) or if the
+ * extension is not found in the certificate, PKIX_FALSE is stored.
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of Cert whose extensions are to be examined. Must be non-NULL.
+ * "tag"
+ * The UInt32 value of the tag for the extension whose criticality is
+ * to be determined
+ * "pCritical"
+ * Address where the Boolean value will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Cert_IsExtensionCritical(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 tag,
+ PKIX_Boolean *pCritical,
+ void *plContext)
+{
+ PKIX_Boolean criticality = PKIX_FALSE;
+ CERTCertExtension **extensions = NULL;
+ SECStatus rv;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_IsExtensionCritical");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pCritical);
+
+ extensions = cert->nssCert->extensions;
+ PKIX_NULLCHECK_ONE(extensions);
+
+ PKIX_CERT_DEBUG("\t\tCalling CERT_GetExtenCriticality).\n");
+ rv = CERT_GetExtenCriticality(extensions, tag, &criticality);
+ if (SECSuccess == rv) {
+ *pCritical = criticality;
+ } else {
+ *pCritical = PKIX_FALSE;
+ }
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_DecodePolicyInfo
+ * DESCRIPTION:
+ *
+ * Decodes the contents of the CertificatePolicy extension in the
+ * CERTCertificate pointed to by "nssCert", to create a List of
+ * CertPolicyInfos, which is stored at the address "pCertPolicyInfos".
+ * A CERTCertificate contains the DER representation of the Cert.
+ * If this certificate does not have a CertificatePolicy extension,
+ * NULL will be stored. If a List is returned, it will be immutable.
+ *
+ * PARAMETERS
+ * "nssCert"
+ * Address of the Cert data whose extension is to be examined. Must be
+ * non-NULL.
+ * "pCertPolicyInfos"
+ * Address where the List of CertPolicyInfos will be stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Cert_DecodePolicyInfo(
+ CERTCertificate *nssCert,
+ PKIX_List **pCertPolicyInfos,
+ void *plContext)
+{
+
+ SECStatus rv;
+ SECItem encodedCertPolicyInfo;
+
+ /* Allocated in the arena; freed in CERT_Destroy... */
+ CERTCertificatePolicies *certPol = NULL;
+ CERTPolicyInfo **policyInfos = NULL;
+
+ /* Holder for the return value */
+ PKIX_List *infos = NULL;
+
+ PKIX_PL_OID *pkixOID = NULL;
+ PKIX_List *qualifiers = NULL;
+ PKIX_PL_CertPolicyInfo *certPolicyInfo = NULL;
+ PKIX_PL_CertPolicyQualifier *certPolicyQualifier = NULL;
+ PKIX_PL_ByteArray *qualifierArray = NULL;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_DecodePolicyInfo");
+ PKIX_NULLCHECK_TWO(nssCert, pCertPolicyInfos);
+
+ /* get PolicyInfo as a SECItem */
+ PKIX_CERT_DEBUG("\t\tCERT_FindCertExtension).\n");
+ rv = CERT_FindCertExtension
+ (nssCert,
+ SEC_OID_X509_CERTIFICATE_POLICIES,
+ &encodedCertPolicyInfo);
+ if (SECSuccess != rv) {
+ *pCertPolicyInfos = NULL;
+ goto cleanup;
+ }
+
+ /* translate PolicyInfo to CERTCertificatePolicies */
+ PKIX_CERT_DEBUG("\t\tCERT_DecodeCertificatePoliciesExtension).\n");
+ certPol = CERT_DecodeCertificatePoliciesExtension
+ (&encodedCertPolicyInfo);
+
+ PORT_Free(encodedCertPolicyInfo.data);
+
+ if (NULL == certPol) {
+ PKIX_ERROR(PKIX_CERTDECODECERTIFICATEPOLICIESEXTENSIONFAILED);
+ }
+
+ /*
+ * Check whether there are any policyInfos, so we can
+ * avoid creating an unnecessary List
+ */
+ policyInfos = certPol->policyInfos;
+ if (!policyInfos) {
+ *pCertPolicyInfos = NULL;
+ goto cleanup;
+ }
+
+ /* create a List of CertPolicyInfo Objects */
+ PKIX_CHECK(PKIX_List_Create(&infos, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /*
+ * Traverse the CERTCertificatePolicies structure,
+ * building each PKIX_PL_CertPolicyInfo object in turn
+ */
+ while (*policyInfos != NULL) {
+ CERTPolicyInfo *policyInfo = *policyInfos;
+ CERTPolicyQualifier **policyQualifiers =
+ policyInfo->policyQualifiers;
+ if (policyQualifiers) {
+ /* create a PKIX_List of PKIX_PL_CertPolicyQualifiers */
+ PKIX_CHECK(PKIX_List_Create(&qualifiers, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ while (*policyQualifiers != NULL) {
+ CERTPolicyQualifier *policyQualifier =
+ *policyQualifiers;
+
+ /* create the qualifier's OID object */
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (&policyQualifier->qualifierID,
+ &pkixOID, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* create qualifier's ByteArray object */
+
+ PKIX_CHECK(PKIX_PL_ByteArray_Create
+ (policyQualifier->qualifierValue.data,
+ policyQualifier->qualifierValue.len,
+ &qualifierArray,
+ plContext),
+ PKIX_BYTEARRAYCREATEFAILED);
+
+ /* create a CertPolicyQualifier object */
+
+ PKIX_CHECK(pkix_pl_CertPolicyQualifier_Create
+ (pkixOID,
+ qualifierArray,
+ &certPolicyQualifier,
+ plContext),
+ PKIX_CERTPOLICYQUALIFIERCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (qualifiers,
+ (PKIX_PL_Object *)certPolicyQualifier,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(pkixOID);
+ PKIX_DECREF(qualifierArray);
+ PKIX_DECREF(certPolicyQualifier);
+
+ policyQualifiers++;
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (qualifiers, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+ }
+
+
+ /*
+ * Create an OID object pkixOID from policyInfo->policyID.
+ * (The CERTPolicyInfo structure has an oid field, but it
+ * is of type SECOidTag. This function wants a SECItem.)
+ */
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (&policyInfo->policyID, &pkixOID, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* Create a CertPolicyInfo object */
+ PKIX_CHECK(pkix_pl_CertPolicyInfo_Create
+ (pkixOID, qualifiers, &certPolicyInfo, plContext),
+ PKIX_CERTPOLICYINFOCREATEFAILED);
+
+ /* Append the new CertPolicyInfo object to the list */
+ PKIX_CHECK(PKIX_List_AppendItem
+ (infos, (PKIX_PL_Object *)certPolicyInfo, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(pkixOID);
+ PKIX_DECREF(qualifiers);
+ PKIX_DECREF(certPolicyInfo);
+
+ policyInfos++;
+ }
+
+ /*
+ * If there were no policies, we went straight to
+ * cleanup, so we don't have to NULLCHECK infos.
+ */
+ PKIX_CHECK(PKIX_List_SetImmutable(infos, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pCertPolicyInfos = infos;
+ infos = NULL;
+
+cleanup:
+ if (certPol) {
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_DestroyCertificatePoliciesExtension).\n");
+ CERT_DestroyCertificatePoliciesExtension(certPol);
+ }
+
+ PKIX_DECREF(infos);
+ PKIX_DECREF(pkixOID);
+ PKIX_DECREF(qualifiers);
+ PKIX_DECREF(certPolicyInfo);
+ PKIX_DECREF(certPolicyQualifier);
+ PKIX_DECREF(qualifierArray);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_DecodePolicyMapping
+ * DESCRIPTION:
+ *
+ * Decodes the contents of the PolicyMapping extension of the CERTCertificate
+ * pointed to by "nssCert", storing the resulting List of CertPolicyMaps at
+ * the address pointed to by "pCertPolicyMaps". If this certificate does not
+ * have a PolicyMapping extension, NULL will be stored. If a List is returned,
+ * it will be immutable.
+ *
+ * PARAMETERS
+ * "nssCert"
+ * Address of the Cert data whose extension is to be examined. Must be
+ * non-NULL.
+ * "pCertPolicyMaps"
+ * Address where the List of CertPolicyMaps will be stored. Must be
+ * non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Cert_DecodePolicyMapping(
+ CERTCertificate *nssCert,
+ PKIX_List **pCertPolicyMaps,
+ void *plContext)
+{
+ SECStatus rv;
+ SECItem encodedCertPolicyMaps;
+
+ /* Allocated in the arena; freed in CERT_Destroy... */
+ CERTCertificatePolicyMappings *certPolMaps = NULL;
+ CERTPolicyMap **policyMaps = NULL;
+
+ /* Holder for the return value */
+ PKIX_List *maps = NULL;
+
+ PKIX_PL_OID *issuerDomainOID = NULL;
+ PKIX_PL_OID *subjectDomainOID = NULL;
+ PKIX_PL_CertPolicyMap *certPolicyMap = NULL;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_DecodePolicyMapping");
+ PKIX_NULLCHECK_TWO(nssCert, pCertPolicyMaps);
+
+ /* get PolicyMappings as a SECItem */
+ PKIX_CERT_DEBUG("\t\tCERT_FindCertExtension).\n");
+ rv = CERT_FindCertExtension
+ (nssCert, SEC_OID_X509_POLICY_MAPPINGS, &encodedCertPolicyMaps);
+ if (SECSuccess != rv) {
+ *pCertPolicyMaps = NULL;
+ goto cleanup;
+ }
+
+ /* translate PolicyMaps to CERTCertificatePolicyMappings */
+ certPolMaps = CERT_DecodePolicyMappingsExtension
+ (&encodedCertPolicyMaps);
+
+ PORT_Free(encodedCertPolicyMaps.data);
+
+ if (!certPolMaps) {
+ PKIX_ERROR(PKIX_CERTDECODEPOLICYMAPPINGSEXTENSIONFAILED);
+ }
+
+ PKIX_NULLCHECK_ONE(certPolMaps->policyMaps);
+
+ policyMaps = certPolMaps->policyMaps;
+
+ /* create a List of CertPolicyMap Objects */
+ PKIX_CHECK(PKIX_List_Create(&maps, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ /*
+ * Traverse the CERTCertificatePolicyMappings structure,
+ * building each CertPolicyMap object in turn
+ */
+ do {
+ CERTPolicyMap *policyMap = *policyMaps;
+
+ /* create the OID for the issuer Domain Policy */
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (&policyMap->issuerDomainPolicy,
+ &issuerDomainOID, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* create the OID for the subject Domain Policy */
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (&policyMap->subjectDomainPolicy,
+ &subjectDomainOID, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* create the CertPolicyMap */
+
+ PKIX_CHECK(pkix_pl_CertPolicyMap_Create
+ (issuerDomainOID,
+ subjectDomainOID,
+ &certPolicyMap,
+ plContext),
+ PKIX_CERTPOLICYMAPCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (maps, (PKIX_PL_Object *)certPolicyMap, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(issuerDomainOID);
+ PKIX_DECREF(subjectDomainOID);
+ PKIX_DECREF(certPolicyMap);
+
+ policyMaps++;
+ } while (*policyMaps != NULL);
+
+ PKIX_CHECK(PKIX_List_SetImmutable(maps, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ *pCertPolicyMaps = maps;
+ maps = NULL;
+
+cleanup:
+ if (certPolMaps) {
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_DestroyPolicyMappingsExtension).\n");
+ CERT_DestroyPolicyMappingsExtension(certPolMaps);
+ }
+
+ PKIX_DECREF(maps);
+ PKIX_DECREF(issuerDomainOID);
+ PKIX_DECREF(subjectDomainOID);
+ PKIX_DECREF(certPolicyMap);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_DecodePolicyConstraints
+ * DESCRIPTION:
+ *
+ * Decodes the contents of the PolicyConstraints extension in the
+ * CERTCertificate pointed to by "nssCert", to obtain SkipCerts values
+ * which are stored at the addresses "pExplicitPolicySkipCerts" and
+ * "pInhibitMappingSkipCerts", respectively. If this certificate does
+ * not have an PolicyConstraints extension, or if either of the optional
+ * components is not supplied, this function stores a value of -1 for any
+ * missing component.
+ *
+ * PARAMETERS
+ * "nssCert"
+ * Address of the Cert data whose extension is to be examined. Must be
+ * non-NULL.
+ * "pExplicitPolicySkipCerts"
+ * Address where the SkipCert value for the requireExplicitPolicy
+ * component will be stored. Must be non-NULL.
+ * "pInhibitMappingSkipCerts"
+ * Address where the SkipCert value for the inhibitPolicyMapping
+ * component will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Cert_DecodePolicyConstraints(
+ CERTCertificate *nssCert,
+ PKIX_Int32 *pExplicitPolicySkipCerts,
+ PKIX_Int32 *pInhibitMappingSkipCerts,
+ void *plContext)
+{
+ CERTCertificatePolicyConstraints policyConstraints;
+ SECStatus rv;
+ SECItem encodedCertPolicyConstraints;
+ PKIX_Int32 explicitPolicySkipCerts = -1;
+ PKIX_Int32 inhibitMappingSkipCerts = -1;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_DecodePolicyConstraints");
+ PKIX_NULLCHECK_THREE
+ (nssCert, pExplicitPolicySkipCerts, pInhibitMappingSkipCerts);
+
+ /* get the two skipCert values as SECItems */
+ PKIX_CERT_DEBUG("\t\tCalling CERT_FindCertExtension).\n");
+ rv = CERT_FindCertExtension
+ (nssCert,
+ SEC_OID_X509_POLICY_CONSTRAINTS,
+ &encodedCertPolicyConstraints);
+
+ if (rv == SECSuccess) {
+
+ policyConstraints.explicitPolicySkipCerts.data =
+ (unsigned char *)&explicitPolicySkipCerts;
+ policyConstraints.inhibitMappingSkipCerts.data =
+ (unsigned char *)&inhibitMappingSkipCerts;
+
+ /* translate DER to CERTCertificatePolicyConstraints */
+ rv = CERT_DecodePolicyConstraintsExtension
+ (&policyConstraints, &encodedCertPolicyConstraints);
+
+ PORT_Free(encodedCertPolicyConstraints.data);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR
+ (PKIX_CERTDECODEPOLICYCONSTRAINTSEXTENSIONFAILED);
+ }
+ }
+
+ *pExplicitPolicySkipCerts = explicitPolicySkipCerts;
+ *pInhibitMappingSkipCerts = inhibitMappingSkipCerts;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_DecodeInhibitAnyPolicy
+ * DESCRIPTION:
+ *
+ * Decodes the contents of the InhibitAnyPolicy extension in the
+ * CERTCertificate pointed to by "nssCert", to obtain a SkipCerts value,
+ * which is stored at the address "pSkipCerts". If this certificate does
+ * not have an InhibitAnyPolicy extension, -1 will be stored.
+ *
+ * PARAMETERS
+ * "nssCert"
+ * Address of the Cert data whose InhibitAnyPolicy extension is to be
+ * processed. Must be non-NULL.
+ * "pSkipCerts"
+ * Address where the SkipCert value from the InhibitAnyPolicy extension
+ * will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Cert_DecodeInhibitAnyPolicy(
+ CERTCertificate *nssCert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext)
+{
+ CERTCertificateInhibitAny inhibitAny;
+ SECStatus rv;
+ SECItem encodedCertInhibitAny;
+ PKIX_Int32 skipCerts = -1;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_DecodeInhibitAnyPolicy");
+ PKIX_NULLCHECK_TWO(nssCert, pSkipCerts);
+
+ /* get InhibitAny as a SECItem */
+ PKIX_CERT_DEBUG("\t\tCalling CERT_FindCertExtension).\n");
+ rv = CERT_FindCertExtension
+ (nssCert, SEC_OID_X509_INHIBIT_ANY_POLICY, &encodedCertInhibitAny);
+
+ if (rv == SECSuccess) {
+ inhibitAny.inhibitAnySkipCerts.data =
+ (unsigned char *)&skipCerts;
+
+ /* translate DER to CERTCertificateInhibitAny */
+ rv = CERT_DecodeInhibitAnyExtension
+ (&inhibitAny, &encodedCertInhibitAny);
+
+ PORT_Free(encodedCertInhibitAny.data);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_CERTDECODEINHIBITANYEXTENSIONFAILED);
+ }
+ }
+
+ *pSkipCerts = skipCerts;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_GetNssSubjectAltNames
+ * DESCRIPTION:
+ *
+ * Retrieves the Subject Alternative Names of the certificate specified by
+ * "cert" and stores it at "pNssSubjAltNames". If the Subject Alternative
+ * Name extension is not present, NULL is returned at "pNssSubjAltNames".
+ * If the Subject Alternative Names has not been previously decoded, it is
+ * decoded here with lock on the "cert" unless the flag "hasLock" indicates
+ * the lock had been obtained at a higher call level.
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of the certificate whose Subject Alternative Names extensions
+ * is retrieved. Must be non-NULL.
+ * "hasLock"
+ * Boolean indicates caller has acquired a lock.
+ * Must be non-NULL.
+ * "pNssSubjAltNames"
+ * Address where the returned Subject Alternative Names will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Cert_GetNssSubjectAltNames(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean hasLock,
+ CERTGeneralName **pNssSubjAltNames,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ CERTGeneralName *nssOriginalAltName = NULL;
+ PLArenaPool *arena = NULL;
+ SECItem altNameExtension = {siBuffer, NULL, 0};
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_GetNssSubjectAltNames");
+ PKIX_NULLCHECK_THREE(cert, pNssSubjAltNames, cert->nssCert);
+
+ nssCert = cert->nssCert;
+
+ if ((cert->nssSubjAltNames == NULL) && (!cert->subjAltNamesAbsent)){
+
+ if (!hasLock) {
+ PKIX_OBJECT_LOCK(cert);
+ }
+
+ if ((cert->nssSubjAltNames == NULL) &&
+ (!cert->subjAltNamesAbsent)){
+
+ PKIX_PL_NSSCALLRV(CERT, rv, CERT_FindCertExtension,
+ (nssCert,
+ SEC_OID_X509_SUBJECT_ALT_NAME,
+ &altNameExtension));
+
+ if (rv != SECSuccess) {
+ *pNssSubjAltNames = NULL;
+ cert->subjAltNamesAbsent = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ if (cert->arenaNameConstraints == NULL) {
+ PKIX_PL_NSSCALLRV(CERT, arena, PORT_NewArena,
+ (DER_DEFAULT_CHUNKSIZE));
+
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ cert->arenaNameConstraints = arena;
+ }
+
+ PKIX_PL_NSSCALLRV
+ (CERT,
+ nssOriginalAltName,
+ (CERTGeneralName *) CERT_DecodeAltNameExtension,
+ (cert->arenaNameConstraints, &altNameExtension));
+
+ PKIX_PL_NSSCALL(CERT, PORT_Free, (altNameExtension.data));
+
+ if (nssOriginalAltName == NULL) {
+ PKIX_ERROR(PKIX_CERTDECODEALTNAMEEXTENSIONFAILED);
+ }
+ cert->nssSubjAltNames = nssOriginalAltName;
+
+ }
+
+ if (!hasLock) {
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+ }
+
+ *pNssSubjAltNames = cert->nssSubjAltNames;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_CheckExtendKeyUsage
+ * DESCRIPTION:
+ *
+ * For each of the ON bit in "requiredExtendedKeyUsages" that represents its
+ * SECCertUsageEnum type, this function checks "cert"'s certType (extended
+ * key usage) and key usage with what is required for SECCertUsageEnum type.
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of the certificate whose Extended Key Usage extensions
+ * is retrieved. Must be non-NULL.
+ * "requiredExtendedKeyUsages"
+ * An unsigned integer, its bit location is ON based on the required key
+ * usage value representing in SECCertUsageEnum.
+ * "pPass"
+ * Address where the return value, indicating key usage check passed, is
+ * stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Cert_CheckExtendedKeyUsage(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 requiredExtendedKeyUsages,
+ PKIX_Boolean *pPass,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
+ PKIX_UInt32 certType = 0;
+ PKIX_UInt32 requiredKeyUsage = 0;
+ PKIX_UInt32 requiredCertType = 0;
+ PKIX_UInt32 requiredExtendedKeyUsage = 0;
+ PKIX_UInt32 i;
+ PKIX_Boolean isCA = PKIX_FALSE;
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_CheckExtendKeyUsage");
+ PKIX_NULLCHECK_THREE(cert, pPass, cert->nssCert);
+
+ *pPass = PKIX_FALSE;
+
+ PKIX_CERT_DEBUG("\t\tCalling cert_GetCertType).\n");
+ cert_GetCertType(cert->nssCert);
+ certType = cert->nssCert->nsCertType;
+
+ PKIX_CHECK(PKIX_PL_Cert_GetBasicConstraints
+ (cert,
+ &basicConstraints,
+ plContext),
+ PKIX_CERTGETBASICCONSTRAINTFAILED);
+
+ if (basicConstraints != NULL) {
+ PKIX_CHECK(PKIX_PL_BasicConstraints_GetCAFlag
+ (basicConstraints, &isCA, plContext),
+ PKIX_BASICCONSTRAINTSGETCAFLAGFAILED);
+ }
+
+ i = 0;
+ while (requiredExtendedKeyUsages != 0) {
+
+ /* Find the bit location of the right-most non-zero bit */
+ while (requiredExtendedKeyUsages != 0) {
+ if (((1 << i) & requiredExtendedKeyUsages) != 0) {
+ requiredExtendedKeyUsage = 1 << i;
+ break;
+ }
+ i++;
+ }
+ requiredExtendedKeyUsages ^= requiredExtendedKeyUsage;
+
+ requiredExtendedKeyUsage = i;
+
+ PKIX_PL_NSSCALLRV(CERT, rv, CERT_KeyUsageAndTypeForCertUsage,
+ (requiredExtendedKeyUsage,
+ isCA,
+ &requiredKeyUsage,
+ &requiredCertType));
+
+ if (!(certType & requiredCertType)) {
+ goto cleanup;
+ }
+
+ PKIX_PL_NSSCALLRV(CERT, rv, CERT_CheckKeyUsage,
+ (cert->nssCert, requiredKeyUsage));
+ if (rv != SECSuccess) {
+ goto cleanup;
+ }
+ i++;
+
+ }
+
+ *pPass = PKIX_TRUE;
+
+cleanup:
+ PKIX_DECREF(basicConstraints);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the Cert pointed
+ * to by "cert" and stores it at "pString", where the value of
+ * "partialString" determines whether a full or partial representation of
+ * the Cert is stored.
+ *
+ * PARAMETERS
+ * "cert"
+ * Address of Cert whose string representation is desired.
+ * Must be non-NULL.
+ * "partialString"
+ * Boolean indicating whether a partial Cert representation is desired.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Cert_ToString_Helper(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean partialString,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *certString = NULL;
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_UInt32 certVersion;
+ PKIX_PL_BigInt *certSN = NULL;
+ PKIX_PL_String *certSNString = NULL;
+ PKIX_PL_X500Name *certIssuer = NULL;
+ PKIX_PL_String *certIssuerString = NULL;
+ PKIX_PL_X500Name *certSubject = NULL;
+ PKIX_PL_String *certSubjectString = NULL;
+ PKIX_PL_String *notBeforeString = NULL;
+ PKIX_PL_String *notAfterString = NULL;
+ PKIX_List *subjAltNames = NULL;
+ PKIX_PL_String *subjAltNamesString = NULL;
+ PKIX_PL_ByteArray *authKeyId = NULL;
+ PKIX_PL_String *authKeyIdString = NULL;
+ PKIX_PL_ByteArray *subjKeyId = NULL;
+ PKIX_PL_String *subjKeyIdString = NULL;
+ PKIX_PL_PublicKey *nssPubKey = NULL;
+ PKIX_PL_String *nssPubKeyString = NULL;
+ PKIX_List *critExtOIDs = NULL;
+ PKIX_PL_String *critExtOIDsString = NULL;
+ PKIX_List *extKeyUsages = NULL;
+ PKIX_PL_String *extKeyUsagesString = NULL;
+ PKIX_PL_CertBasicConstraints *basicConstraint = NULL;
+ PKIX_PL_String *certBasicConstraintsString = NULL;
+ PKIX_List *policyInfo = NULL;
+ PKIX_PL_String *certPolicyInfoString = NULL;
+ PKIX_List *certPolicyMappings = NULL;
+ PKIX_PL_String *certPolicyMappingsString = NULL;
+ PKIX_Int32 certExplicitPolicy = 0;
+ PKIX_Int32 certInhibitMapping = 0;
+ PKIX_Int32 certInhibitAnyPolicy = 0;
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ PKIX_PL_String *nameConstraintsString = NULL;
+ PKIX_List *authorityInfoAccess = NULL;
+ PKIX_PL_String *authorityInfoAccessString = NULL;
+ PKIX_List *subjectInfoAccess = NULL;
+ PKIX_PL_String *subjectInfoAccessString = NULL;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_ToString_Helper");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pString);
+
+ /*
+ * XXX Add to this format as certificate components are developed.
+ */
+
+ if (partialString){
+ asciiFormat =
+ "\t[Issuer: %s\n"
+ "\t Subject: %s]";
+ } else {
+ asciiFormat =
+ "[\n"
+ "\tVersion: v%d\n"
+ "\tSerialNumber: %s\n"
+ "\tIssuer: %s\n"
+ "\tSubject: %s\n"
+ "\tValidity: [From: %s\n"
+ "\t To: %s]\n"
+ "\tSubjectAltNames: %s\n"
+ "\tAuthorityKeyId: %s\n"
+ "\tSubjectKeyId: %s\n"
+ "\tSubjPubKeyAlgId: %s\n"
+ "\tCritExtOIDs: %s\n"
+ "\tExtKeyUsages: %s\n"
+ "\tBasicConstraint: %s\n"
+ "\tCertPolicyInfo: %s\n"
+ "\tPolicyMappings: %s\n"
+ "\tExplicitPolicy: %d\n"
+ "\tInhibitMapping: %d\n"
+ "\tInhibitAnyPolicy:%d\n"
+ "\tNameConstraints: %s\n"
+ "\tAuthorityInfoAccess: %s\n"
+ "\tSubjectInfoAccess: %s\n"
+ "\tCacheFlag: %d\n"
+ "]\n";
+ }
+
+
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* Issuer */
+ PKIX_CHECK(PKIX_PL_Cert_GetIssuer
+ (cert, &certIssuer, plContext),
+ PKIX_CERTGETISSUERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)certIssuer, &certIssuerString, plContext),
+ PKIX_X500NAMETOSTRINGFAILED);
+
+ /* Subject */
+ PKIX_CHECK(PKIX_PL_Cert_GetSubject(cert, &certSubject, plContext),
+ PKIX_CERTGETSUBJECTFAILED);
+
+ PKIX_TOSTRING(certSubject, &certSubjectString, plContext,
+ PKIX_X500NAMETOSTRINGFAILED);
+
+ if (partialString){
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&certString,
+ plContext,
+ formatString,
+ certIssuerString,
+ certSubjectString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = certString;
+ goto cleanup;
+ }
+
+ /* Version */
+ PKIX_CHECK(PKIX_PL_Cert_GetVersion(cert, &certVersion, plContext),
+ PKIX_CERTGETVERSIONFAILED);
+
+ /* SerialNumber */
+ PKIX_CHECK(PKIX_PL_Cert_GetSerialNumber(cert, &certSN, plContext),
+ PKIX_CERTGETSERIALNUMBERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)certSN, &certSNString, plContext),
+ PKIX_BIGINTTOSTRINGFAILED);
+
+ /* Validity: NotBefore */
+ PKIX_CHECK(pkix_pl_Date_ToString_Helper
+ (&(cert->nssCert->validity.notBefore),
+ &notBeforeString,
+ plContext),
+ PKIX_DATETOSTRINGHELPERFAILED);
+
+ /* Validity: NotAfter */
+ PKIX_CHECK(pkix_pl_Date_ToString_Helper
+ (&(cert->nssCert->validity.notAfter),
+ &notAfterString,
+ plContext),
+ PKIX_DATETOSTRINGHELPERFAILED);
+
+ /* SubjectAltNames */
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectAltNames
+ (cert, &subjAltNames, plContext),
+ PKIX_CERTGETSUBJECTALTNAMESFAILED);
+
+ PKIX_TOSTRING(subjAltNames, &subjAltNamesString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* AuthorityKeyIdentifier */
+ PKIX_CHECK(PKIX_PL_Cert_GetAuthorityKeyIdentifier
+ (cert, &authKeyId, plContext),
+ PKIX_CERTGETAUTHORITYKEYIDENTIFIERFAILED);
+
+ PKIX_TOSTRING(authKeyId, &authKeyIdString, plContext,
+ PKIX_BYTEARRAYTOSTRINGFAILED);
+
+ /* SubjectKeyIdentifier */
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectKeyIdentifier
+ (cert, &subjKeyId, plContext),
+ PKIX_CERTGETSUBJECTKEYIDENTIFIERFAILED);
+
+ PKIX_TOSTRING(subjKeyId, &subjKeyIdString, plContext,
+ PKIX_BYTEARRAYTOSTRINGFAILED);
+
+ /* SubjectPublicKey */
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectPublicKey
+ (cert, &nssPubKey, plContext),
+ PKIX_CERTGETSUBJECTPUBLICKEYFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)nssPubKey, &nssPubKeyString, plContext),
+ PKIX_PUBLICKEYTOSTRINGFAILED);
+
+ /* CriticalExtensionOIDs */
+ PKIX_CHECK(PKIX_PL_Cert_GetCriticalExtensionOIDs
+ (cert, &critExtOIDs, plContext),
+ PKIX_CERTGETCRITICALEXTENSIONOIDSFAILED);
+
+ PKIX_TOSTRING(critExtOIDs, &critExtOIDsString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* ExtendedKeyUsages */
+ PKIX_CHECK(PKIX_PL_Cert_GetExtendedKeyUsage
+ (cert, &extKeyUsages, plContext),
+ PKIX_CERTGETEXTENDEDKEYUSAGEFAILED);
+
+ PKIX_TOSTRING(extKeyUsages, &extKeyUsagesString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* CertBasicConstraints */
+ PKIX_CHECK(PKIX_PL_Cert_GetBasicConstraints
+ (cert, &basicConstraint, plContext),
+ PKIX_CERTGETBASICCONSTRAINTSFAILED);
+
+ PKIX_TOSTRING(basicConstraint, &certBasicConstraintsString, plContext,
+ PKIX_CERTBASICCONSTRAINTSTOSTRINGFAILED);
+
+ /* CertPolicyInfo */
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyInformation
+ (cert, &policyInfo, plContext),
+ PKIX_CERTGETPOLICYINFORMATIONFAILED);
+
+ PKIX_TOSTRING(policyInfo, &certPolicyInfoString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* Advanced Policies */
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyMappings
+ (cert, &certPolicyMappings, plContext),
+ PKIX_CERTGETPOLICYMAPPINGSFAILED);
+
+ PKIX_TOSTRING(certPolicyMappings, &certPolicyMappingsString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetRequireExplicitPolicy
+ (cert, &certExplicitPolicy, plContext),
+ PKIX_CERTGETREQUIREEXPLICITPOLICYFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetPolicyMappingInhibited
+ (cert, &certInhibitMapping, plContext),
+ PKIX_CERTGETPOLICYMAPPINGINHIBITEDFAILED);
+
+ PKIX_CHECK(PKIX_PL_Cert_GetInhibitAnyPolicy
+ (cert, &certInhibitAnyPolicy, plContext),
+ PKIX_CERTGETINHIBITANYPOLICYFAILED);
+
+ /* Name Constraints */
+ PKIX_CHECK(PKIX_PL_Cert_GetNameConstraints
+ (cert, &nameConstraints, plContext),
+ PKIX_CERTGETNAMECONSTRAINTSFAILED);
+
+ PKIX_TOSTRING(nameConstraints, &nameConstraintsString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* Authority Information Access */
+ PKIX_CHECK(PKIX_PL_Cert_GetAuthorityInfoAccess
+ (cert, &authorityInfoAccess, plContext),
+ PKIX_CERTGETAUTHORITYINFOACCESSFAILED);
+
+ PKIX_TOSTRING(authorityInfoAccess, &authorityInfoAccessString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* Subject Information Access */
+ PKIX_CHECK(PKIX_PL_Cert_GetSubjectInfoAccess
+ (cert, &subjectInfoAccess, plContext),
+ PKIX_CERTGETSUBJECTINFOACCESSFAILED);
+
+ PKIX_TOSTRING(subjectInfoAccess, &subjectInfoAccessString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&certString,
+ plContext,
+ formatString,
+ certVersion + 1,
+ certSNString,
+ certIssuerString,
+ certSubjectString,
+ notBeforeString,
+ notAfterString,
+ subjAltNamesString,
+ authKeyIdString,
+ subjKeyIdString,
+ nssPubKeyString,
+ critExtOIDsString,
+ extKeyUsagesString,
+ certBasicConstraintsString,
+ certPolicyInfoString,
+ certPolicyMappingsString,
+ certExplicitPolicy, /* an Int32, not a String */
+ certInhibitMapping, /* an Int32, not a String */
+ certInhibitAnyPolicy, /* an Int32, not a String */
+ nameConstraintsString,
+ authorityInfoAccessString,
+ subjectInfoAccessString,
+ cert->cacheFlag), /* a boolean */
+ PKIX_SPRINTFFAILED);
+
+ *pString = certString;
+
+cleanup:
+ PKIX_DECREF(certSN);
+ PKIX_DECREF(certSNString);
+ PKIX_DECREF(certIssuer);
+ PKIX_DECREF(certIssuerString);
+ PKIX_DECREF(certSubject);
+ PKIX_DECREF(certSubjectString);
+ PKIX_DECREF(notBeforeString);
+ PKIX_DECREF(notAfterString);
+ PKIX_DECREF(subjAltNames);
+ PKIX_DECREF(subjAltNamesString);
+ PKIX_DECREF(authKeyId);
+ PKIX_DECREF(authKeyIdString);
+ PKIX_DECREF(subjKeyId);
+ PKIX_DECREF(subjKeyIdString);
+ PKIX_DECREF(nssPubKey);
+ PKIX_DECREF(nssPubKeyString);
+ PKIX_DECREF(critExtOIDs);
+ PKIX_DECREF(critExtOIDsString);
+ PKIX_DECREF(extKeyUsages);
+ PKIX_DECREF(extKeyUsagesString);
+ PKIX_DECREF(basicConstraint);
+ PKIX_DECREF(certBasicConstraintsString);
+ PKIX_DECREF(policyInfo);
+ PKIX_DECREF(certPolicyInfoString);
+ PKIX_DECREF(certPolicyMappings);
+ PKIX_DECREF(certPolicyMappingsString);
+ PKIX_DECREF(nameConstraints);
+ PKIX_DECREF(nameConstraintsString);
+ PKIX_DECREF(authorityInfoAccess);
+ PKIX_DECREF(authorityInfoAccessString);
+ PKIX_DECREF(subjectInfoAccess);
+ PKIX_DECREF(subjectInfoAccessString);
+ PKIX_DECREF(formatString);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Cert_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Cert *cert = NULL;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERT_TYPE, plContext),
+ PKIX_OBJECTNOTCERT);
+
+ cert = (PKIX_PL_Cert*)object;
+
+ PKIX_DECREF(cert->subject);
+ PKIX_DECREF(cert->issuer);
+ PKIX_DECREF(cert->subjAltNames);
+ PKIX_DECREF(cert->publicKeyAlgId);
+ PKIX_DECREF(cert->publicKey);
+ PKIX_DECREF(cert->serialNumber);
+ PKIX_DECREF(cert->critExtOids);
+ PKIX_DECREF(cert->authKeyId);
+ PKIX_DECREF(cert->subjKeyId);
+ PKIX_DECREF(cert->extKeyUsages);
+ PKIX_DECREF(cert->certBasicConstraints);
+ PKIX_DECREF(cert->certPolicyInfos);
+ PKIX_DECREF(cert->certPolicyMappings);
+ PKIX_DECREF(cert->nameConstraints);
+ PKIX_DECREF(cert->store);
+ PKIX_DECREF(cert->authorityInfoAccess);
+ PKIX_DECREF(cert->subjectInfoAccess);
+ PKIX_DECREF(cert->crldpList);
+
+ if (cert->arenaNameConstraints){
+ /* This arena was allocated for SubjectAltNames */
+ PKIX_PL_NSSCALL(CERT, PORT_FreeArena,
+ (cert->arenaNameConstraints, PR_FALSE));
+
+ cert->arenaNameConstraints = NULL;
+ cert->nssSubjAltNames = NULL;
+ }
+
+ CERT_DestroyCertificate(cert->nssCert);
+ cert->nssCert = NULL;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Cert_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *certString = NULL;
+ PKIX_PL_Cert *pkixCert = NULL;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERT_TYPE, plContext),
+ PKIX_OBJECTNOTCERT);
+
+ pkixCert = (PKIX_PL_Cert *)object;
+
+ PKIX_CHECK(pkix_pl_Cert_ToString_Helper
+ (pkixCert, PKIX_FALSE, &certString, plContext),
+ PKIX_CERTTOSTRINGHELPERFAILED);
+
+ *pString = certString;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Cert_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_Cert *pkixCert = NULL;
+ CERTCertificate *nssCert = NULL;
+ unsigned char *derBytes = NULL;
+ PKIX_UInt32 derLength;
+ PKIX_UInt32 certHash;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERT_TYPE, plContext),
+ PKIX_OBJECTNOTCERT);
+
+ pkixCert = (PKIX_PL_Cert *)object;
+
+ nssCert = pkixCert->nssCert;
+ derBytes = (nssCert->derCert).data;
+ derLength = (nssCert->derCert).len;
+
+ PKIX_CHECK(pkix_hash(derBytes, derLength, &certHash, plContext),
+ PKIX_HASHFAILED);
+
+ *pHashcode = certHash;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_Cert_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Cert_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ CERTCertificate *firstCert = NULL;
+ CERTCertificate *secondCert = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a Cert */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_CERT_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCERT);
+
+ /*
+ * Since we know firstObject is a Cert, if both references are
+ * identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a Cert, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CERT_TYPE) goto cleanup;
+
+ firstCert = ((PKIX_PL_Cert *)firstObject)->nssCert;
+ secondCert = ((PKIX_PL_Cert *)secondObject)->nssCert;
+
+ PKIX_NULLCHECK_TWO(firstCert, secondCert);
+
+ /* CERT_CompareCerts does byte comparison on DER encodings of certs */
+ PKIX_CERT_DEBUG("\t\tCalling CERT_CompareCerts).\n");
+ cmpResult = CERT_CompareCerts(firstCert, secondCert);
+
+ *pResult = cmpResult;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERT_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_Cert_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_RegisterSelf");
+
+ entry.description = "Cert";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_Cert);
+ entry.destructor = pkix_pl_Cert_Destroy;
+ entry.equalsFunction = pkix_pl_Cert_Equals;
+ entry.hashcodeFunction = pkix_pl_Cert_Hashcode;
+ entry.toStringFunction = pkix_pl_Cert_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CERT_TYPE] = entry;
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_CreateWithNSSCert
+ * DESCRIPTION:
+ *
+ * Creates a new certificate using the CERTCertificate pointed to by "nssCert"
+ * and stores it at "pCert". Once created, a Cert is immutable.
+ *
+ * This function is primarily used as a convenience function for the
+ * performance tests that have easy access to a CERTCertificate.
+ *
+ * PARAMETERS:
+ * "nssCert"
+ * Address of CERTCertificate representing the NSS certificate.
+ * Must be non-NULL.
+ * "pCert"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Cert_CreateWithNSSCert(
+ CERTCertificate *nssCert,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ PKIX_PL_Cert *cert = NULL;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_CreateWithNSSCert");
+ PKIX_NULLCHECK_TWO(pCert, nssCert);
+
+ /* create a PKIX_PL_Cert object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERT_TYPE,
+ sizeof (PKIX_PL_Cert),
+ (PKIX_PL_Object **)&cert,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* populate the nssCert field */
+ cert->nssCert = nssCert;
+
+ /* initialize remaining fields */
+ /*
+ * Fields ending with Absent are initialized to PKIX_FALSE so that the
+ * first time we need the value we will look for it. If we find it is
+ * actually absent, the flag will at that time be set to PKIX_TRUE to
+ * prevent searching for it later.
+ * Fields ending with Processed are those where a value is defined
+ * for the Absent case, and a value of zero is possible. When the
+ * flag is still true we have to look for the field, set the default
+ * value if necessary, and set the Processed flag to PKIX_TRUE.
+ */
+ cert->subject = NULL;
+ cert->issuer = NULL;
+ cert->subjAltNames = NULL;
+ cert->subjAltNamesAbsent = PKIX_FALSE;
+ cert->publicKeyAlgId = NULL;
+ cert->publicKey = NULL;
+ cert->serialNumber = NULL;
+ cert->critExtOids = NULL;
+ cert->subjKeyId = NULL;
+ cert->subjKeyIdAbsent = PKIX_FALSE;
+ cert->authKeyId = NULL;
+ cert->authKeyIdAbsent = PKIX_FALSE;
+ cert->extKeyUsages = NULL;
+ cert->extKeyUsagesAbsent = PKIX_FALSE;
+ cert->certBasicConstraints = NULL;
+ cert->basicConstraintsAbsent = PKIX_FALSE;
+ cert->certPolicyInfos = NULL;
+ cert->policyInfoAbsent = PKIX_FALSE;
+ cert->policyMappingsAbsent = PKIX_FALSE;
+ cert->certPolicyMappings = NULL;
+ cert->policyConstraintsProcessed = PKIX_FALSE;
+ cert->policyConstraintsExplicitPolicySkipCerts = 0;
+ cert->policyConstraintsInhibitMappingSkipCerts = 0;
+ cert->inhibitAnyPolicyProcessed = PKIX_FALSE;
+ cert->inhibitAnySkipCerts = 0;
+ cert->nameConstraints = NULL;
+ cert->nameConstraintsAbsent = PKIX_FALSE;
+ cert->arenaNameConstraints = NULL;
+ cert->nssSubjAltNames = NULL;
+ cert->cacheFlag = PKIX_FALSE;
+ cert->store = NULL;
+ cert->authorityInfoAccess = NULL;
+ cert->subjectInfoAccess = NULL;
+ cert->isUserTrustAnchor = PKIX_FALSE;
+ cert->crldpList = NULL;
+
+ *pCert = cert;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Cert_CreateToList
+ * DESCRIPTION:
+ *
+ * Creates a new certificate using the DER-encoding pointed to by "derCertItem"
+ * and appends it to the list pointed to by "certList". If Cert creation fails,
+ * the function returns with certList unchanged, but any decoding Error is
+ * discarded.
+ *
+ * PARAMETERS:
+ * "derCertItem"
+ * Address of SECItem containing the DER representation of a certificate.
+ * Must be non-NULL.
+ * "certList"
+ * Address of List to which the Cert will be appended, if successfully
+ * created. May be empty, but must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Cert_CreateToList(
+ SECItem *derCertItem,
+ PKIX_List *certList,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ PKIX_PL_Cert *cert = NULL;
+ CERTCertDBHandle *handle;
+
+ PKIX_ENTER(CERT, "pkix_pl_Cert_CreateToList");
+ PKIX_NULLCHECK_TWO(derCertItem, certList);
+
+ handle = CERT_GetDefaultCertDB();
+ nssCert = CERT_NewTempCertificate(handle, derCertItem,
+ /* nickname */ NULL,
+ /* isPerm */ PR_FALSE,
+ /* copyDer */ PR_TRUE);
+ if (!nssCert) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_Cert_CreateWithNSSCert
+ (nssCert, &cert, plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+
+ nssCert = NULL;
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (certList, (PKIX_PL_Object *) cert, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+cleanup:
+ if (nssCert) {
+ CERT_DestroyCertificate(nssCert);
+ }
+
+ PKIX_DECREF(cert);
+ PKIX_RETURN(CERT);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_Cert_Create (see comments in pkix_pl_pki.h)
+ * XXX We may want to cache the cert after parsing it, so it can be reused
+ * XXX Are the NSS/NSPR functions thread safe
+ */
+PKIX_Error *
+PKIX_PL_Cert_Create(
+ PKIX_PL_ByteArray *byteArray,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ SECItem *derCertItem = NULL;
+ void *derBytes = NULL;
+ PKIX_UInt32 derLength;
+ PKIX_PL_Cert *cert = NULL;
+ CERTCertDBHandle *handle;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_Create");
+ PKIX_NULLCHECK_TWO(pCert, byteArray);
+
+ PKIX_CHECK(PKIX_PL_ByteArray_GetPointer
+ (byteArray, &derBytes, plContext),
+ PKIX_BYTEARRAYGETPOINTERFAILED);
+
+ PKIX_CHECK(PKIX_PL_ByteArray_GetLength
+ (byteArray, &derLength, plContext),
+ PKIX_BYTEARRAYGETLENGTHFAILED);
+
+ derCertItem = SECITEM_AllocItem(NULL, NULL, derLength);
+ if (derCertItem == NULL){
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ (void) PORT_Memcpy(derCertItem->data, derBytes, derLength);
+
+ /*
+ * setting copyDER to true forces NSS to make its own copy of the DER,
+ * allowing us to free our copy without worrying about whether NSS
+ * is still using it
+ */
+ handle = CERT_GetDefaultCertDB();
+ nssCert = CERT_NewTempCertificate(handle, derCertItem,
+ /* nickname */ NULL,
+ /* isPerm */ PR_FALSE,
+ /* copyDer */ PR_TRUE);
+ if (!nssCert){
+ PKIX_ERROR(PKIX_CERTDECODEDERCERTIFICATEFAILED);
+ }
+
+ PKIX_CHECK(pkix_pl_Cert_CreateWithNSSCert
+ (nssCert, &cert, plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+
+ *pCert = cert;
+
+cleanup:
+ if (derCertItem){
+ SECITEM_FreeItem(derCertItem, PKIX_TRUE);
+ }
+
+ if (nssCert && PKIX_ERROR_RECEIVED){
+ PKIX_CERT_DEBUG("\t\tCalling CERT_DestroyCertificate).\n");
+ CERT_DestroyCertificate(nssCert);
+ nssCert = NULL;
+ }
+
+ PKIX_FREE(derBytes);
+ PKIX_RETURN(CERT);
+}
+
+
+/*
+ * FUNCTION: PKIX_PL_Cert_CreateFromCERTCertificate
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_CreateFromCERTCertificate(
+ const CERTCertificate *nssCert,
+ PKIX_PL_Cert **pCert,
+ void *plContext)
+{
+ void *buf = NULL;
+ PKIX_UInt32 len;
+ PKIX_PL_ByteArray *byteArray = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_CreateWithNssCert");
+ PKIX_NULLCHECK_TWO(pCert, nssCert);
+
+ buf = (void*)nssCert->derCert.data;
+ len = nssCert->derCert.len;
+
+ PKIX_CHECK(
+ PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext),
+ PKIX_BYTEARRAYCREATEFAILED);
+
+ PKIX_CHECK(
+ PKIX_PL_Cert_Create(byteArray, pCert, plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+
+#ifdef PKIX_UNDEF
+ /* will be tested and used as a patch for bug 391612 */
+ nssCert = CERT_DupCertificate(nssInCert);
+
+ PKIX_CHECK(pkix_pl_Cert_CreateWithNSSCert
+ (nssCert, &cert, plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+#endif /* PKIX_UNDEF */
+
+cleanup:
+
+#ifdef PKIX_UNDEF
+ if (nssCert && PKIX_ERROR_RECEIVED){
+ PKIX_CERT_DEBUG("\t\tCalling CERT_DestroyCertificate).\n");
+ CERT_DestroyCertificate(nssCert);
+ nssCert = NULL;
+ }
+#endif /* PKIX_UNDEF */
+
+ PKIX_DECREF(byteArray);
+ PKIX_RETURN(CERT);
+}
+
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetVersion (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetVersion(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 *pVersion,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ PKIX_UInt32 myVersion = 0; /* v1 */
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetVersion");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pVersion);
+
+ nssCert = cert->nssCert;
+ if (nssCert->version.len != 0) {
+ myVersion = *(nssCert->version.data);
+ }
+
+ if (myVersion > 2){
+ PKIX_ERROR(PKIX_VERSIONVALUEMUSTBEV1V2ORV3);
+ }
+
+ *pVersion = myVersion;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSerialNumber (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSerialNumber(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_BigInt **pSerialNumber,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ SECItem serialNumItem;
+ PKIX_PL_BigInt *serialNumber = NULL;
+ char *bytes = NULL;
+ PKIX_UInt32 length;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSerialNumber");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSerialNumber);
+
+ if (cert->serialNumber == NULL){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->serialNumber == NULL){
+
+ nssCert = cert->nssCert;
+ serialNumItem = nssCert->serialNumber;
+
+ length = serialNumItem.len;
+ bytes = (char *)serialNumItem.data;
+
+ PKIX_CHECK(pkix_pl_BigInt_CreateWithBytes
+ (bytes, length, &serialNumber, plContext),
+ PKIX_BIGINTCREATEWITHBYTESFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->serialNumber = serialNumber;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->serialNumber);
+ *pSerialNumber = cert->serialNumber;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubject (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubject(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_X500Name **pCertSubject,
+ void *plContext)
+{
+ PKIX_PL_X500Name *pkixSubject = NULL;
+ CERTName *subjName = NULL;
+ SECItem *derSubjName = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSubject");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pCertSubject);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->subject == NULL){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->subject == NULL){
+
+ subjName = &cert->nssCert->subject;
+ derSubjName = &cert->nssCert->derSubject;
+
+ /* if there is no subject name */
+ if (derSubjName->data == NULL) {
+
+ pkixSubject = NULL;
+
+ } else {
+ PKIX_CHECK(PKIX_PL_X500Name_CreateFromCERTName
+ (derSubjName, subjName, &pkixSubject,
+ plContext),
+ PKIX_X500NAMECREATEFROMCERTNAMEFAILED);
+
+ }
+ /* save a cached copy in case it is asked for again */
+ cert->subject = pkixSubject;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->subject);
+ *pCertSubject = cert->subject;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetIssuer (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetIssuer(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_X500Name **pCertIssuer,
+ void *plContext)
+{
+ PKIX_PL_X500Name *pkixIssuer = NULL;
+ SECItem *derIssuerName = NULL;
+ CERTName *issuerName = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetIssuer");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pCertIssuer);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->issuer == NULL){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->issuer == NULL){
+
+ issuerName = &cert->nssCert->issuer;
+ derIssuerName = &cert->nssCert->derIssuer;
+
+ /* if there is no subject name */
+ PKIX_CHECK(PKIX_PL_X500Name_CreateFromCERTName
+ (derIssuerName, issuerName,
+ &pkixIssuer, plContext),
+ PKIX_X500NAMECREATEFROMCERTNAMEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->issuer = pkixIssuer;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->issuer);
+ *pCertIssuer = cert->issuer;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectAltNames (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectAltNames(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pSubjectAltNames, /* list of PKIX_PL_GeneralName */
+ void *plContext)
+{
+ PKIX_PL_GeneralName *pkixAltName = NULL;
+ PKIX_List *altNamesList = NULL;
+
+ CERTGeneralName *nssOriginalAltName = NULL;
+ CERTGeneralName *nssTempAltName = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSubjectAltNames");
+ PKIX_NULLCHECK_TWO(cert, pSubjectAltNames);
+
+ /* if we don't have a cached copy from before, we create one */
+ if ((cert->subjAltNames == NULL) && (!cert->subjAltNamesAbsent)){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if ((cert->subjAltNames == NULL) &&
+ (!cert->subjAltNamesAbsent)){
+
+ PKIX_CHECK(pkix_pl_Cert_GetNssSubjectAltNames
+ (cert,
+ PKIX_TRUE,
+ &nssOriginalAltName,
+ plContext),
+ PKIX_CERTGETNSSSUBJECTALTNAMESFAILED);
+
+ if (nssOriginalAltName == NULL) {
+ cert->subjAltNamesAbsent = PKIX_TRUE;
+ pSubjectAltNames = NULL;
+ goto cleanup;
+ }
+
+ nssTempAltName = nssOriginalAltName;
+
+ PKIX_CHECK(PKIX_List_Create(&altNamesList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ do {
+ PKIX_CHECK(pkix_pl_GeneralName_Create
+ (nssTempAltName, &pkixAltName, plContext),
+ PKIX_GENERALNAMECREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (altNamesList,
+ (PKIX_PL_Object *)pkixAltName,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(pkixAltName);
+
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_GetNextGeneralName).\n");
+ nssTempAltName = CERT_GetNextGeneralName
+ (nssTempAltName);
+
+ } while (nssTempAltName != nssOriginalAltName);
+
+ /* save a cached copy in case it is asked for again */
+ cert->subjAltNames = altNamesList;
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (cert->subjAltNames, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->subjAltNames);
+
+ *pSubjectAltNames = cert->subjAltNames;
+
+cleanup:
+ PKIX_DECREF(pkixAltName);
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(altNamesList);
+ }
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetAllSubjectNames (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetAllSubjectNames(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pAllSubjectNames, /* list of PKIX_PL_GeneralName */
+ void *plContext)
+{
+ CERTGeneralName *nssOriginalSubjectName = NULL;
+ CERTGeneralName *nssTempSubjectName = NULL;
+ PKIX_List *allSubjectNames = NULL;
+ PKIX_PL_GeneralName *pkixSubjectName = NULL;
+ PLArenaPool *arena = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetAllSubjectNames");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pAllSubjectNames);
+
+
+ if (cert->nssCert->subjectName == NULL){
+ /* if there is no subject DN, just get altnames */
+
+ PKIX_CHECK(pkix_pl_Cert_GetNssSubjectAltNames
+ (cert,
+ PKIX_FALSE, /* hasLock */
+ &nssOriginalSubjectName,
+ plContext),
+ PKIX_CERTGETNSSSUBJECTALTNAMESFAILED);
+
+ } else { /* get subject DN and altnames */
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ /* This NSS call returns both Subject and Subject Alt Names */
+ PKIX_CERT_DEBUG("\t\tCalling CERT_GetCertificateNames\n");
+ nssOriginalSubjectName =
+ CERT_GetCertificateNames(cert->nssCert, arena);
+ }
+
+ if (nssOriginalSubjectName == NULL) {
+ pAllSubjectNames = NULL;
+ goto cleanup;
+ }
+
+ nssTempSubjectName = nssOriginalSubjectName;
+
+ PKIX_CHECK(PKIX_List_Create(&allSubjectNames, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ do {
+ PKIX_CHECK(pkix_pl_GeneralName_Create
+ (nssTempSubjectName, &pkixSubjectName, plContext),
+ PKIX_GENERALNAMECREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (allSubjectNames,
+ (PKIX_PL_Object *)pkixSubjectName,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(pkixSubjectName);
+
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_GetNextGeneralName).\n");
+ nssTempSubjectName = CERT_GetNextGeneralName
+ (nssTempSubjectName);
+ } while (nssTempSubjectName != nssOriginalSubjectName);
+
+ *pAllSubjectNames = allSubjectNames;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(allSubjectNames);
+ }
+
+ if (arena){
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ PKIX_DECREF(pkixSubjectName);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectPublicKeyAlgId
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectPublicKeyAlgId(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_OID **pSubjKeyAlgId,
+ void *plContext)
+{
+ PKIX_PL_OID *pubKeyAlgId = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSubjectPublicKeyAlgId");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSubjKeyAlgId);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->publicKeyAlgId == NULL){
+ PKIX_OBJECT_LOCK(cert);
+ if (cert->publicKeyAlgId == NULL){
+ CERTCertificate *nssCert = cert->nssCert;
+ SECAlgorithmID *algorithm;
+ SECItem *algBytes;
+
+ algorithm = &nssCert->subjectPublicKeyInfo.algorithm;
+ algBytes = &algorithm->algorithm;
+ if (!algBytes->data || !algBytes->len) {
+ PKIX_ERROR_FATAL(PKIX_ALGORITHMBYTESLENGTH0);
+ }
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (algBytes, &pubKeyAlgId, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->publicKeyAlgId = pubKeyAlgId;
+ pubKeyAlgId = NULL;
+ }
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->publicKeyAlgId);
+ *pSubjKeyAlgId = cert->publicKeyAlgId;
+
+cleanup:
+ PKIX_DECREF(pubKeyAlgId);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectPublicKey (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectPublicKey(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_PublicKey **pPublicKey,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *pkixPubKey = NULL;
+ SECStatus rv;
+
+ CERTSubjectPublicKeyInfo *from = NULL;
+ CERTSubjectPublicKeyInfo *to = NULL;
+ SECItem *fromItem = NULL;
+ SECItem *toItem = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSubjectPublicKey");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pPublicKey);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->publicKey == NULL){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->publicKey == NULL){
+
+ /* create a PKIX_PL_PublicKey object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_PUBLICKEY_TYPE,
+ sizeof (PKIX_PL_PublicKey),
+ (PKIX_PL_Object **)&pkixPubKey,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* initialize fields */
+ pkixPubKey->nssSPKI = NULL;
+
+ /* populate the SPKI field */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (sizeof (CERTSubjectPublicKeyInfo),
+ (void **)&pkixPubKey->nssSPKI,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ to = pkixPubKey->nssSPKI;
+ from = &cert->nssCert->subjectPublicKeyInfo;
+
+ PKIX_NULLCHECK_TWO(to, from);
+
+ PKIX_CERT_DEBUG
+ ("\t\tCalling SECOID_CopyAlgorithmID).\n");
+ rv = SECOID_CopyAlgorithmID
+ (NULL, &to->algorithm, &from->algorithm);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_SECOIDCOPYALGORITHMIDFAILED);
+ }
+
+ /*
+ * NSS stores the length of subjectPublicKey in bits.
+ * Therefore, we use that length converted to bytes
+ * using ((length+7)>>3) before calling PORT_Memcpy
+ * in order to avoid "read from uninitialized memory"
+ * errors.
+ */
+
+ toItem = &to->subjectPublicKey;
+ fromItem = &from->subjectPublicKey;
+
+ PKIX_NULLCHECK_TWO(toItem, fromItem);
+
+ toItem->type = fromItem->type;
+
+ toItem->data =
+ (unsigned char*) PORT_ZAlloc(fromItem->len);
+ if (!toItem->data){
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ (void) PORT_Memcpy(toItem->data,
+ fromItem->data,
+ (fromItem->len + 7)>>3);
+ toItem->len = fromItem->len;
+
+ /* save a cached copy in case it is asked for again */
+ cert->publicKey = pkixPubKey;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->publicKey);
+ *pPublicKey = cert->publicKey;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED && pkixPubKey){
+ PKIX_DECREF(pkixPubKey);
+ cert->publicKey = NULL;
+ }
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCriticalExtensionOIDs
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCriticalExtensionOIDs(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pList, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_List *oidsList = NULL;
+ CERTCertExtension **extensions = NULL;
+ CERTCertificate *nssCert = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetCriticalExtensionOIDs");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pList);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->critExtOids == NULL) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->critExtOids == NULL) {
+
+ nssCert = cert->nssCert;
+
+ /*
+ * ASN.1 for Extension
+ *
+ * Extension ::= SEQUENCE {
+ * extnID OBJECT IDENTIFIER,
+ * critical BOOLEAN DEFAULT FALSE,
+ * extnValue OCTET STRING }
+ *
+ */
+
+ extensions = nssCert->extensions;
+
+ PKIX_CHECK(pkix_pl_OID_GetCriticalExtensionOIDs
+ (extensions, &oidsList, plContext),
+ PKIX_GETCRITICALEXTENSIONOIDSFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->critExtOids = oidsList;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ /* We should return a copy of the List since this list changes */
+ PKIX_DUPLICATE(cert->critExtOids, pList, plContext,
+ PKIX_OBJECTDUPLICATELISTFAILED);
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetAuthorityKeyIdentifier
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetAuthorityKeyIdentifier(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_ByteArray **pAuthKeyId,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *authKeyId = NULL;
+ CERTCertificate *nssCert = NULL;
+ CERTAuthKeyID *authKeyIdExtension = NULL;
+ PLArenaPool *arena = NULL;
+ SECItem retItem;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetAuthorityKeyIdentifier");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pAuthKeyId);
+
+ /* if we don't have a cached copy from before, we create one */
+ if ((cert->authKeyId == NULL) && (!cert->authKeyIdAbsent)){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if ((cert->authKeyId == NULL) && (!cert->authKeyIdAbsent)){
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ nssCert = cert->nssCert;
+
+ authKeyIdExtension =
+ CERT_FindAuthKeyIDExten(arena, nssCert);
+ if (authKeyIdExtension == NULL){
+ cert->authKeyIdAbsent = PKIX_TRUE;
+ *pAuthKeyId = NULL;
+ goto cleanup;
+ }
+
+ retItem = authKeyIdExtension->keyID;
+
+ if (retItem.len == 0){
+ cert->authKeyIdAbsent = PKIX_TRUE;
+ *pAuthKeyId = NULL;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_PL_ByteArray_Create
+ (retItem.data,
+ retItem.len,
+ &authKeyId,
+ plContext),
+ PKIX_BYTEARRAYCREATEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->authKeyId = authKeyId;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->authKeyId);
+ *pAuthKeyId = cert->authKeyId;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ if (arena){
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectKeyIdentifier
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectKeyIdentifier(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_ByteArray **pSubjKeyId,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *subjKeyId = NULL;
+ CERTCertificate *nssCert = NULL;
+ SECItem *retItem = NULL;
+ SECStatus status;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSubjectKeyIdentifier");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSubjKeyId);
+
+ /* if we don't have a cached copy from before, we create one */
+ if ((cert->subjKeyId == NULL) && (!cert->subjKeyIdAbsent)){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if ((cert->subjKeyId == NULL) && (!cert->subjKeyIdAbsent)){
+
+ retItem = SECITEM_AllocItem(NULL, NULL, 0);
+ if (retItem == NULL){
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ nssCert = cert->nssCert;
+
+ status = CERT_FindSubjectKeyIDExtension
+ (nssCert, retItem);
+ if (status != SECSuccess) {
+ cert->subjKeyIdAbsent = PKIX_TRUE;
+ *pSubjKeyId = NULL;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_PL_ByteArray_Create
+ (retItem->data,
+ retItem->len,
+ &subjKeyId,
+ plContext),
+ PKIX_BYTEARRAYCREATEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->subjKeyId = subjKeyId;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->subjKeyId);
+ *pSubjKeyId = cert->subjKeyId;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ if (retItem){
+ SECITEM_FreeItem(retItem, PKIX_TRUE);
+ }
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetExtendedKeyUsage (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetExtendedKeyUsage(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pKeyUsage, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ CERTOidSequence *extKeyUsage = NULL;
+ CERTCertificate *nssCert = NULL;
+ PKIX_PL_OID *pkixOID = NULL;
+ PKIX_List *oidsList = NULL;
+ SECItem **oids = NULL;
+ SECItem encodedExtKeyUsage;
+ SECStatus rv;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetExtendedKeyUsage");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pKeyUsage);
+
+ /* if we don't have a cached copy from before, we create one */
+ if ((cert->extKeyUsages == NULL) && (!cert->extKeyUsagesAbsent)){
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if ((cert->extKeyUsages == NULL) &&
+ (!cert->extKeyUsagesAbsent)){
+
+ nssCert = cert->nssCert;
+
+ rv = CERT_FindCertExtension
+ (nssCert, SEC_OID_X509_EXT_KEY_USAGE,
+ &encodedExtKeyUsage);
+ if (rv != SECSuccess){
+ cert->extKeyUsagesAbsent = PKIX_TRUE;
+ *pKeyUsage = NULL;
+ goto cleanup;
+ }
+
+ extKeyUsage =
+ CERT_DecodeOidSequence(&encodedExtKeyUsage);
+ if (extKeyUsage == NULL){
+ PKIX_ERROR(PKIX_CERTDECODEOIDSEQUENCEFAILED);
+ }
+
+ PORT_Free(encodedExtKeyUsage.data);
+
+ oids = extKeyUsage->oids;
+
+ if (!oids){
+ /* no extended key usage extensions found */
+ cert->extKeyUsagesAbsent = PKIX_TRUE;
+ *pKeyUsage = NULL;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_List_Create(&oidsList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ while (*oids){
+ SECItem *oid = *oids++;
+
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (oid, &pkixOID, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (oidsList,
+ (PKIX_PL_Object *)pkixOID,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(pkixOID);
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (oidsList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->extKeyUsages = oidsList;
+ oidsList = NULL;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->extKeyUsages);
+ *pKeyUsage = cert->extKeyUsages;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+
+ PKIX_DECREF(pkixOID);
+ PKIX_DECREF(oidsList);
+ CERT_DestroyOidSequence(extKeyUsage);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetBasicConstraints
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetBasicConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertBasicConstraints **pBasicConstraints,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ CERTBasicConstraints nssBasicConstraint;
+ SECStatus rv;
+ PKIX_PL_CertBasicConstraints *basic;
+ PKIX_Int32 pathLen = 0;
+ PKIX_Boolean isCA = PKIX_FALSE;
+ enum {
+ realBC, synthBC, absentBC
+ } constraintSource = absentBC;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetBasicConstraints");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pBasicConstraints);
+
+ /* if we don't have a cached copy from before, we create one */
+ if ((cert->certBasicConstraints == NULL) &&
+ (!cert->basicConstraintsAbsent)) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if ((cert->certBasicConstraints == NULL) &&
+ (!cert->basicConstraintsAbsent)) {
+
+ nssCert = cert->nssCert;
+
+ PKIX_CERT_DEBUG(
+ "\t\tCalling Cert_FindBasicConstraintExten\n");
+ rv = CERT_FindBasicConstraintExten
+ (nssCert, &nssBasicConstraint);
+ if (rv == SECSuccess) {
+ constraintSource = realBC;
+ }
+
+ if (constraintSource == absentBC) {
+ /* can we deduce it's a CA and create a
+ synthetic constraint?
+ */
+ CERTCertTrust trust;
+ rv = CERT_GetCertTrust(nssCert, &trust);
+ if (rv == SECSuccess) {
+ int anyWantedFlag = CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
+ if ((trust.sslFlags & anyWantedFlag)
+ || (trust.emailFlags & anyWantedFlag)
+ || (trust.objectSigningFlags & anyWantedFlag)) {
+
+ constraintSource = synthBC;
+ }
+ }
+ }
+
+ if (constraintSource == absentBC) {
+ cert->basicConstraintsAbsent = PKIX_TRUE;
+ *pBasicConstraints = NULL;
+ goto cleanup;
+ }
+ }
+
+ if (constraintSource == synthBC) {
+ isCA = PKIX_TRUE;
+ pathLen = PKIX_UNLIMITED_PATH_CONSTRAINT;
+ } else {
+ isCA = (nssBasicConstraint.isCA)?PKIX_TRUE:PKIX_FALSE;
+
+ /* The pathLen has meaning only for CAs */
+ if (isCA) {
+ if (CERT_UNLIMITED_PATH_CONSTRAINT ==
+ nssBasicConstraint.pathLenConstraint) {
+ pathLen = PKIX_UNLIMITED_PATH_CONSTRAINT;
+ } else {
+ pathLen = nssBasicConstraint.pathLenConstraint;
+ }
+ }
+ }
+
+ PKIX_CHECK(pkix_pl_CertBasicConstraints_Create
+ (isCA, pathLen, &basic, plContext),
+ PKIX_CERTBASICCONSTRAINTSCREATEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ cert->certBasicConstraints = basic;
+ }
+
+ PKIX_INCREF(cert->certBasicConstraints);
+ *pBasicConstraints = cert->certBasicConstraints;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetPolicyInformation
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetPolicyInformation(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pPolicyInfo,
+ void *plContext)
+{
+ PKIX_List *policyList = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetPolicyInformation");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pPolicyInfo);
+
+ /* if we don't have a cached copy from before, we create one */
+ if ((cert->certPolicyInfos == NULL) &&
+ (!cert->policyInfoAbsent)) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if ((cert->certPolicyInfos == NULL) &&
+ (!cert->policyInfoAbsent)) {
+
+ PKIX_CHECK(pkix_pl_Cert_DecodePolicyInfo
+ (cert->nssCert, &policyList, plContext),
+ PKIX_CERTDECODEPOLICYINFOFAILED);
+
+ if (!policyList) {
+ cert->policyInfoAbsent = PKIX_TRUE;
+ *pPolicyInfo = NULL;
+ goto cleanup;
+ }
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+
+ /* save a cached copy in case it is asked for again */
+ cert->certPolicyInfos = policyList;
+ policyList = NULL;
+ }
+
+ PKIX_INCREF(cert->certPolicyInfos);
+ *pPolicyInfo = cert->certPolicyInfos;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+
+ PKIX_DECREF(policyList);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetPolicyMappings (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetPolicyMappings(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pPolicyMappings, /* list of PKIX_PL_CertPolicyMap */
+ void *plContext)
+{
+ PKIX_List *policyMappings = NULL; /* list of PKIX_PL_CertPolicyMap */
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetPolicyMappings");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pPolicyMappings);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (!(cert->certPolicyMappings) && !(cert->policyMappingsAbsent)) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (!(cert->certPolicyMappings) &&
+ !(cert->policyMappingsAbsent)) {
+
+ PKIX_CHECK(pkix_pl_Cert_DecodePolicyMapping
+ (cert->nssCert, &policyMappings, plContext),
+ PKIX_CERTDECODEPOLICYMAPPINGFAILED);
+
+ if (!policyMappings) {
+ cert->policyMappingsAbsent = PKIX_TRUE;
+ *pPolicyMappings = NULL;
+ goto cleanup;
+ }
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+
+ /* save a cached copy in case it is asked for again */
+ cert->certPolicyMappings = policyMappings;
+ policyMappings = NULL;
+ }
+
+ PKIX_INCREF(cert->certPolicyMappings);
+ *pPolicyMappings = cert->certPolicyMappings;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+
+ PKIX_DECREF(policyMappings);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetRequireExplicitPolicy
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetRequireExplicitPolicy(
+ PKIX_PL_Cert *cert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext)
+{
+ PKIX_Int32 explicitPolicySkipCerts = 0;
+ PKIX_Int32 inhibitMappingSkipCerts = 0;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetRequireExplicitPolicy");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSkipCerts);
+
+ if (!(cert->policyConstraintsProcessed)) {
+ PKIX_OBJECT_LOCK(cert);
+
+ if (!(cert->policyConstraintsProcessed)) {
+
+ /*
+ * If we can't process it now, we probably will be
+ * unable to process it later. Set the default value.
+ */
+ cert->policyConstraintsProcessed = PKIX_TRUE;
+ cert->policyConstraintsExplicitPolicySkipCerts = -1;
+ cert->policyConstraintsInhibitMappingSkipCerts = -1;
+
+ PKIX_CHECK(pkix_pl_Cert_DecodePolicyConstraints
+ (cert->nssCert,
+ &explicitPolicySkipCerts,
+ &inhibitMappingSkipCerts,
+ plContext),
+ PKIX_CERTDECODEPOLICYCONSTRAINTSFAILED);
+
+ cert->policyConstraintsExplicitPolicySkipCerts =
+ explicitPolicySkipCerts;
+ cert->policyConstraintsInhibitMappingSkipCerts =
+ inhibitMappingSkipCerts;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ *pSkipCerts = cert->policyConstraintsExplicitPolicySkipCerts;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetPolicyMappingInhibited
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetPolicyMappingInhibited(
+ PKIX_PL_Cert *cert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext)
+{
+ PKIX_Int32 explicitPolicySkipCerts = 0;
+ PKIX_Int32 inhibitMappingSkipCerts = 0;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetPolicyMappingInhibited");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSkipCerts);
+
+ if (!(cert->policyConstraintsProcessed)) {
+ PKIX_OBJECT_LOCK(cert);
+
+ if (!(cert->policyConstraintsProcessed)) {
+
+ /*
+ * If we can't process it now, we probably will be
+ * unable to process it later. Set the default value.
+ */
+ cert->policyConstraintsProcessed = PKIX_TRUE;
+ cert->policyConstraintsExplicitPolicySkipCerts = -1;
+ cert->policyConstraintsInhibitMappingSkipCerts = -1;
+
+ PKIX_CHECK(pkix_pl_Cert_DecodePolicyConstraints
+ (cert->nssCert,
+ &explicitPolicySkipCerts,
+ &inhibitMappingSkipCerts,
+ plContext),
+ PKIX_CERTDECODEPOLICYCONSTRAINTSFAILED);
+
+ cert->policyConstraintsExplicitPolicySkipCerts =
+ explicitPolicySkipCerts;
+ cert->policyConstraintsInhibitMappingSkipCerts =
+ inhibitMappingSkipCerts;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ *pSkipCerts = cert->policyConstraintsInhibitMappingSkipCerts;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetInhibitAnyPolicy (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetInhibitAnyPolicy(
+ PKIX_PL_Cert *cert,
+ PKIX_Int32 *pSkipCerts,
+ void *plContext)
+{
+ PKIX_Int32 skipCerts = 0;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetInhibitAnyPolicy");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSkipCerts);
+
+ if (!(cert->inhibitAnyPolicyProcessed)) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (!(cert->inhibitAnyPolicyProcessed)) {
+
+ /*
+ * If we can't process it now, we probably will be
+ * unable to process it later. Set the default value.
+ */
+ cert->inhibitAnyPolicyProcessed = PKIX_TRUE;
+ cert->inhibitAnySkipCerts = -1;
+
+ PKIX_CHECK(pkix_pl_Cert_DecodeInhibitAnyPolicy
+ (cert->nssCert, &skipCerts, plContext),
+ PKIX_CERTDECODEINHIBITANYPOLICYFAILED);
+
+ cert->inhibitAnySkipCerts = skipCerts;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ *pSkipCerts = cert->inhibitAnySkipCerts;
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_AreCertPoliciesCritical
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_AreCertPoliciesCritical(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pCritical,
+ void *plContext)
+{
+ PKIX_Boolean criticality = PKIX_FALSE;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_AreCertPoliciesCritical");
+ PKIX_NULLCHECK_TWO(cert, pCritical);
+
+ PKIX_CHECK(pkix_pl_Cert_IsExtensionCritical(
+ cert,
+ SEC_OID_X509_CERTIFICATE_POLICIES,
+ &criticality,
+ plContext),
+ PKIX_CERTISEXTENSIONCRITICALFAILED);
+
+ *pCritical = criticality;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_VerifySignature (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_VerifySignature(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_PublicKey *pubKey,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ SECKEYPublicKey *nssPubKey = NULL;
+ CERTSignedData *tbsCert = NULL;
+ PKIX_PL_Cert *cachedCert = NULL;
+ PKIX_Error *verifySig = NULL;
+ PKIX_Error *cachedSig = NULL;
+ SECStatus status;
+ PKIX_Boolean certEqual = PKIX_FALSE;
+ PKIX_Boolean certInHash = PKIX_FALSE;
+ void* wincx = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_VerifySignature");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pubKey);
+
+ verifySig = PKIX_PL_HashTable_Lookup
+ (cachedCertSigTable,
+ (PKIX_PL_Object *) pubKey,
+ (PKIX_PL_Object **) &cachedCert,
+ plContext);
+
+ if (cachedCert != NULL && verifySig == NULL) {
+ /* Cached Signature Table lookup succeed */
+ PKIX_EQUALS(cert, cachedCert, &certEqual, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+ if (certEqual == PKIX_TRUE) {
+ goto cleanup;
+ }
+ /* Different PubKey may hash to same value, skip add */
+ certInHash = PKIX_TRUE;
+ }
+
+ nssCert = cert->nssCert;
+ tbsCert = &nssCert->signatureWrap;
+
+ PKIX_CERT_DEBUG("\t\tCalling SECKEY_ExtractPublicKey).\n");
+ nssPubKey = SECKEY_ExtractPublicKey(pubKey->nssSPKI);
+ if (!nssPubKey){
+ PKIX_ERROR(PKIX_SECKEYEXTRACTPUBLICKEYFAILED);
+ }
+
+ PKIX_CERT_DEBUG("\t\tCalling CERT_VerifySignedDataWithPublicKey).\n");
+
+ PKIX_CHECK(pkix_pl_NssContext_GetWincx
+ ((PKIX_PL_NssContext *)plContext, &wincx),
+ PKIX_NSSCONTEXTGETWINCXFAILED);
+
+ status = CERT_VerifySignedDataWithPublicKey(tbsCert, nssPubKey, wincx);
+
+ if (status != SECSuccess) {
+ if (PORT_GetError() != SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ }
+ PKIX_ERROR(PKIX_SIGNATUREDIDNOTVERIFYWITHTHEPUBLICKEY);
+ }
+
+ if (certInHash == PKIX_FALSE) {
+ cachedSig = PKIX_PL_HashTable_Add
+ (cachedCertSigTable,
+ (PKIX_PL_Object *) pubKey,
+ (PKIX_PL_Object *) cert,
+ plContext);
+
+ if (cachedSig != NULL) {
+ PKIX_DEBUG("PKIX_PL_HashTable_Add skipped: entry existed\n");
+ }
+ }
+
+cleanup:
+ if (nssPubKey){
+ PKIX_CERT_DEBUG("\t\tCalling SECKEY_DestroyPublicKey).\n");
+ SECKEY_DestroyPublicKey(nssPubKey);
+ }
+
+ PKIX_DECREF(cachedCert);
+ PKIX_DECREF(verifySig);
+ PKIX_DECREF(cachedSig);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_CheckValidity (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_CheckValidity(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Date *date,
+ void *plContext)
+{
+ SECCertTimeValidity val;
+ PRTime timeToCheck;
+ PKIX_Boolean allowOverride;
+ SECCertificateUsage requiredUsages;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_CheckValidity");
+ PKIX_NULLCHECK_ONE(cert);
+
+ /* if the caller supplies a date, we use it; else, use current time */
+ if (date != NULL){
+ PKIX_CHECK(pkix_pl_Date_GetPRTime
+ (date, &timeToCheck, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ } else {
+ timeToCheck = PR_Now();
+ }
+
+ requiredUsages = ((PKIX_PL_NssContext*)plContext)->certificateUsage;
+ allowOverride =
+ (PRBool)((requiredUsages & certificateUsageSSLServer) ||
+ (requiredUsages & certificateUsageSSLServerWithStepUp));
+ val = CERT_CheckCertValidTimes(cert->nssCert, timeToCheck, allowOverride);
+ if (val != secCertTimeValid){
+ PKIX_ERROR(PKIX_CERTCHECKCERTVALIDTIMESFAILED);
+ }
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetValidityNotAfter (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetValidityNotAfter(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PRTime prtime;
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetValidityNotAfter");
+ PKIX_NULLCHECK_TWO(cert, pDate);
+
+ PKIX_DATE_DEBUG("\t\tCalling DER_DecodeTimeChoice).\n");
+ rv = DER_DecodeTimeChoice(&prtime, &(cert->nssCert->validity.notAfter));
+ if (rv != SECSuccess){
+ PKIX_ERROR(PKIX_DERDECODETIMECHOICEFAILED);
+ }
+
+ PKIX_CHECK(pkix_pl_Date_CreateFromPRTime
+ (prtime, pDate, plContext),
+ PKIX_DATECREATEFROMPRTIMEFAILED);
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_VerifyCertAndKeyType (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_VerifyCertAndKeyType(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean isChainCert,
+ void *plContext)
+{
+ PKIX_PL_CertBasicConstraints *basicConstraints = NULL;
+ SECCertificateUsage certificateUsage;
+ SECCertUsage certUsage = 0;
+ unsigned int requiredKeyUsage;
+ unsigned int requiredCertType;
+ unsigned int certType;
+ SECStatus rv = SECSuccess;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_VerifyCertType");
+ PKIX_NULLCHECK_TWO(cert, plContext);
+
+ certificateUsage = ((PKIX_PL_NssContext*)plContext)->certificateUsage;
+
+ /* ensure we obtained a single usage bit only */
+ PORT_Assert(!(certificateUsage & (certificateUsage - 1)));
+
+ /* convert SECertificateUsage (bit mask) to SECCertUsage (enum) */
+ while (0 != (certificateUsage = certificateUsage >> 1)) { certUsage++; }
+
+ /* check key usage and netscape cert type */
+ cert_GetCertType(cert->nssCert);
+ certType = cert->nssCert->nsCertType;
+ if (isChainCert ||
+ (certUsage != certUsageVerifyCA && certUsage != certUsageAnyCA)) {
+ rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, isChainCert,
+ &requiredKeyUsage,
+ &requiredCertType);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_UNSUPPORTEDCERTUSAGE);
+ }
+ } else {
+ /* use this key usage and cert type for certUsageAnyCA and
+ * certUsageVerifyCA. */
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_CA;
+ }
+ if (CERT_CheckKeyUsage(cert->nssCert, requiredKeyUsage) != SECSuccess) {
+ PKIX_ERROR(PKIX_CERTCHECKKEYUSAGEFAILED);
+ }
+ if (!(certType & requiredCertType)) {
+ PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+ }
+cleanup:
+ PKIX_DECREF(basicConstraints);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_VerifyKeyUsage (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_VerifyKeyUsage(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 keyUsage,
+ void *plContext)
+{
+ CERTCertificate *nssCert = NULL;
+ PKIX_UInt32 nssKeyUsage = 0;
+ SECStatus status;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_VerifyKeyUsage");
+ PKIX_NULLCHECK_TWO(cert, cert->nssCert);
+
+ nssCert = cert->nssCert;
+
+ /* if cert doesn't have keyUsage extension, all keyUsages are valid */
+ if (!nssCert->keyUsagePresent){
+ goto cleanup;
+ }
+
+ if (keyUsage & PKIX_DIGITAL_SIGNATURE){
+ nssKeyUsage = nssKeyUsage | KU_DIGITAL_SIGNATURE;
+ }
+
+ if (keyUsage & PKIX_NON_REPUDIATION){
+ nssKeyUsage = nssKeyUsage | KU_NON_REPUDIATION;
+ }
+
+ if (keyUsage & PKIX_KEY_ENCIPHERMENT){
+ nssKeyUsage = nssKeyUsage | KU_KEY_ENCIPHERMENT;
+ }
+
+ if (keyUsage & PKIX_DATA_ENCIPHERMENT){
+ nssKeyUsage = nssKeyUsage | KU_DATA_ENCIPHERMENT;
+ }
+
+ if (keyUsage & PKIX_KEY_AGREEMENT){
+ nssKeyUsage = nssKeyUsage | KU_KEY_AGREEMENT;
+ }
+
+ if (keyUsage & PKIX_KEY_CERT_SIGN){
+ nssKeyUsage = nssKeyUsage | KU_KEY_CERT_SIGN;
+ }
+
+ if (keyUsage & PKIX_CRL_SIGN){
+ nssKeyUsage = nssKeyUsage | KU_CRL_SIGN;
+ }
+
+ if (keyUsage & PKIX_ENCIPHER_ONLY){
+ nssKeyUsage = nssKeyUsage | 0x01;
+ }
+
+ if (keyUsage & PKIX_DECIPHER_ONLY){
+ /* XXX we should support this once it is fixed in NSS */
+ PKIX_ERROR(PKIX_DECIPHERONLYKEYUSAGENOTSUPPORTED);
+ }
+
+ status = CERT_CheckKeyUsage(nssCert, nssKeyUsage);
+ if (status != SECSuccess) {
+ PKIX_ERROR(PKIX_CERTCHECKKEYUSAGEFAILED);
+ }
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetNameConstraints
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetNameConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetNameConstraints");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pNameConstraints);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->nameConstraints == NULL && !cert->nameConstraintsAbsent) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->nameConstraints == NULL &&
+ !cert->nameConstraintsAbsent) {
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_Create
+ (cert->nssCert, &nameConstraints, plContext),
+ PKIX_CERTNAMECONSTRAINTSCREATEFAILED);
+
+ if (nameConstraints == NULL) {
+ cert->nameConstraintsAbsent = PKIX_TRUE;
+ }
+
+ cert->nameConstraints = nameConstraints;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+
+ }
+
+ PKIX_INCREF(cert->nameConstraints);
+
+ *pNameConstraints = cert->nameConstraints;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_CheckNameConstraints
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_CheckNameConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean treatCommonNameAsDNSName,
+ void *plContext)
+{
+ PKIX_Boolean checkPass = PKIX_TRUE;
+ CERTGeneralName *nssSubjectNames = NULL;
+ PLArenaPool *arena = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_CheckNameConstraints");
+ PKIX_NULLCHECK_ONE(cert);
+
+ if (nameConstraints != NULL) {
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ /* This NSS call returns Subject Alt Names. If
+ * treatCommonNameAsDNSName is true, it also returns the
+ * Subject Common Name
+ */
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_GetConstrainedCertificateNames\n");
+ nssSubjectNames = CERT_GetConstrainedCertificateNames
+ (cert->nssCert, arena, treatCommonNameAsDNSName);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_CheckNameSpaceNssNames
+ (nssSubjectNames,
+ nameConstraints,
+ &checkPass,
+ plContext),
+ PKIX_CERTNAMECONSTRAINTSCHECKNAMESPACENSSNAMESFAILED);
+
+ if (checkPass != PKIX_TRUE) {
+ PKIX_ERROR(PKIX_CERTFAILEDNAMECONSTRAINTSCHECKING);
+ }
+ }
+
+cleanup:
+ if (arena){
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_MergeNameConstraints
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_MergeNameConstraints(
+ PKIX_PL_CertNameConstraints *firstNC,
+ PKIX_PL_CertNameConstraints *secondNC,
+ PKIX_PL_CertNameConstraints **pResultNC,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *mergedNC = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_MergeNameConstraints");
+ PKIX_NULLCHECK_TWO(firstNC, pResultNC);
+
+ if (secondNC == NULL) {
+
+ PKIX_INCREF(firstNC);
+ *pResultNC = firstNC;
+
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_Merge
+ (firstNC, secondNC, &mergedNC, plContext),
+ PKIX_CERTNAMECONSTRAINTSMERGEFAILED);
+
+ *pResultNC = mergedNC;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * Find out the state of the NSS trust bits for the requested usage.
+ * Returns SECFailure if the cert is explicitly distrusted.
+ * Returns SECSuccess if the cert can be used to form a chain (normal case),
+ * or it is explicitly trusted. The trusted bool is set to true if it is
+ * explicitly trusted.
+ */
+static SECStatus
+pkix_pl_Cert_GetTrusted(void *plContext,
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *trusted,
+ PKIX_Boolean isCA)
+{
+ SECStatus rv;
+ CERTCertificate *nssCert = NULL;
+ SECCertUsage certUsage = 0;
+ SECCertificateUsage certificateUsage;
+ SECTrustType trustType;
+ unsigned int trustFlags;
+ unsigned int requiredFlags;
+ CERTCertTrust trust;
+
+ *trusted = PKIX_FALSE;
+
+ /* no key usage information */
+ if (plContext == NULL) {
+ return SECSuccess;
+ }
+
+ certificateUsage = ((PKIX_PL_NssContext*)plContext)->certificateUsage;
+
+ /* ensure we obtained a single usage bit only */
+ PORT_Assert(!(certificateUsage & (certificateUsage - 1)));
+
+ /* convert SECertificateUsage (bit mask) to SECCertUsage (enum) */
+ while (0 != (certificateUsage = certificateUsage >> 1)) { certUsage++; }
+
+ nssCert = cert->nssCert;
+
+ if (!isCA) {
+ PRBool prTrusted;
+ unsigned int failedFlags;
+ rv = cert_CheckLeafTrust(nssCert, certUsage,
+ &failedFlags, &prTrusted);
+ *trusted = (PKIX_Boolean) prTrusted;
+ return rv;
+ }
+ rv = CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
+ &trustType);
+ if (rv != SECSuccess) {
+ return SECSuccess;
+ }
+
+ rv = CERT_GetCertTrust(nssCert, &trust);
+ if (rv != SECSuccess) {
+ return SECSuccess;
+ }
+ trustFlags = SEC_GET_TRUST_FLAGS(&trust, trustType);
+ /* normally trustTypeNone usages accept any of the given trust bits
+ * being on as acceptable. If any are distrusted (and none are trusted),
+ * then we will also distrust the cert */
+ if ((trustFlags == 0) && (trustType == trustTypeNone)) {
+ trustFlags = trust.sslFlags | trust.emailFlags |
+ trust.objectSigningFlags;
+ }
+ if ((trustFlags & requiredFlags) == requiredFlags) {
+ *trusted = PKIX_TRUE;
+ return SECSuccess;
+ }
+ if ((trustFlags & CERTDB_TERMINAL_RECORD) &&
+ ((trustFlags & (CERTDB_VALID_CA|CERTDB_TRUSTED)) == 0)) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_IsCertTrusted
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_IsCertTrusted(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_TrustAnchorMode trustAnchorMode,
+ PKIX_Boolean *pTrusted,
+ void *plContext)
+{
+ PKIX_CertStore_CheckTrustCallback trustCallback = NULL;
+ PKIX_Boolean trusted = PKIX_FALSE;
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_IsCertTrusted");
+ PKIX_NULLCHECK_TWO(cert, pTrusted);
+
+ /* Call GetTrusted first to see if we are going to distrust the
+ * certificate */
+ rv = pkix_pl_Cert_GetTrusted(plContext, cert, &trusted, PKIX_TRUE);
+ if (rv != SECSuccess) {
+ /* Failure means the cert is explicitly distrusted,
+ * let the next level know not to use it. */
+ *pTrusted = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTISCERTTRUSTEDFAILED);
+ }
+
+ if (trustAnchorMode == PKIX_PL_TrustAnchorMode_Exclusive ||
+ (trustAnchorMode == PKIX_PL_TrustAnchorMode_Additive &&
+ cert->isUserTrustAnchor)) {
+ /* Use the trust anchor's |trusted| value */
+ *pTrusted = cert->isUserTrustAnchor;
+ goto cleanup;
+ }
+
+ /* no key usage information or store is not trusted */
+ if (plContext == NULL || cert->store == NULL) {
+ *pTrusted = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ PKIX_CHECK(PKIX_CertStore_GetTrustCallback
+ (cert->store, &trustCallback, plContext),
+ PKIX_CERTSTOREGETTRUSTCALLBACKFAILED);
+
+ PKIX_CHECK_ONLY_FATAL(trustCallback
+ (cert->store, cert, &trusted, plContext),
+ PKIX_CHECKTRUSTCALLBACKFAILED);
+
+ /* allow trust store to override if we can trust the trust
+ * bits */
+ if (PKIX_ERROR_RECEIVED || (trusted == PKIX_FALSE)) {
+ *pTrusted = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ *pTrusted = trusted;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_IsLeafCertTrusted
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_IsLeafCertTrusted(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pTrusted,
+ void *plContext)
+{
+ SECStatus rv;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_IsLeafCertTrusted");
+ PKIX_NULLCHECK_TWO(cert, pTrusted);
+
+ *pTrusted = PKIX_FALSE;
+
+ rv = pkix_pl_Cert_GetTrusted(plContext, cert, pTrusted, PKIX_FALSE);
+ if (rv != SECSuccess) {
+ /* Failure means the cert is explicitly distrusted,
+ * let the next level know not to use it. */
+ *pTrusted = PKIX_FALSE;
+ PKIX_ERROR(PKIX_CERTISCERTTRUSTEDFAILED);
+ }
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/* FUNCTION: PKIX_PL_Cert_SetAsTrustAnchor */
+PKIX_Error*
+PKIX_PL_Cert_SetAsTrustAnchor(PKIX_PL_Cert *cert,
+ void *plContext)
+{
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_SetAsTrustAnchor");
+ PKIX_NULLCHECK_ONE(cert);
+
+ cert->isUserTrustAnchor = PKIX_TRUE;
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCacheFlag (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCacheFlag(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean *pCacheFlag,
+ void *plContext)
+{
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetCacheFlag");
+ PKIX_NULLCHECK_TWO(cert, pCacheFlag);
+
+ *pCacheFlag = cert->cacheFlag;
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_SetCacheFlag (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_SetCacheFlag(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean cacheFlag,
+ void *plContext)
+{
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_SetCacheFlag");
+ PKIX_NULLCHECK_ONE(cert);
+
+ cert->cacheFlag = cacheFlag;
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetTrustCertStore (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetTrustCertStore(
+ PKIX_PL_Cert *cert,
+ PKIX_CertStore **pTrustCertStore,
+ void *plContext)
+{
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetTrustCertStore");
+ PKIX_NULLCHECK_TWO(cert, pTrustCertStore);
+
+ PKIX_INCREF(cert->store);
+ *pTrustCertStore = cert->store;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_SetTrustCertStore (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_SetTrustCertStore(
+ PKIX_PL_Cert *cert,
+ PKIX_CertStore *trustCertStore,
+ void *plContext)
+{
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_SetTrustCertStore");
+ PKIX_NULLCHECK_TWO(cert, trustCertStore);
+
+ PKIX_INCREF(trustCertStore);
+ cert->store = trustCertStore;
+
+cleanup:
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetAuthorityInfoAccess
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetAuthorityInfoAccess(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pAiaList, /* of PKIX_PL_InfoAccess */
+ void *plContext)
+{
+ PKIX_List *aiaList = NULL; /* of PKIX_PL_InfoAccess */
+ SECItem *encodedAIA = NULL;
+ CERTAuthInfoAccess **aia = NULL;
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetAuthorityInfoAccess");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pAiaList);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->authorityInfoAccess == NULL) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->authorityInfoAccess == NULL) {
+
+ PKIX_PL_NSSCALLRV(CERT, encodedAIA, SECITEM_AllocItem,
+ (NULL, NULL, 0));
+
+ if (encodedAIA == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_PL_NSSCALLRV(CERT, rv, CERT_FindCertExtension,
+ (cert->nssCert,
+ SEC_OID_X509_AUTH_INFO_ACCESS,
+ encodedAIA));
+
+ if (rv == SECFailure) {
+ goto cleanup;
+ }
+
+ PKIX_PL_NSSCALLRV(CERT, arena, PORT_NewArena,
+ (DER_DEFAULT_CHUNKSIZE));
+
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_PL_NSSCALLRV
+ (CERT, aia, CERT_DecodeAuthInfoAccessExtension,
+ (arena, encodedAIA));
+
+ PKIX_CHECK(pkix_pl_InfoAccess_CreateList
+ (aia, &aiaList, plContext),
+ PKIX_INFOACCESSCREATELISTFAILED);
+
+ cert->authorityInfoAccess = aiaList;
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->authorityInfoAccess);
+
+ *pAiaList = cert->authorityInfoAccess;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (encodedAIA != NULL) {
+ SECITEM_FreeItem(encodedAIA, PR_TRUE);
+ }
+
+ PKIX_RETURN(CERT);
+}
+
+/* XXX Following defines belongs to NSS */
+static const unsigned char siaOIDString[] = {0x2b, 0x06, 0x01, 0x05, 0x05,
+ 0x07, 0x01, 0x0b};
+#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetSubjectInfoAccess
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetSubjectInfoAccess(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pSiaList, /* of PKIX_PL_InfoAccess */
+ void *plContext)
+{
+ PKIX_List *siaList; /* of PKIX_PL_InfoAccess */
+ SECItem siaOID = OI(siaOIDString);
+ SECItem *encodedSubjInfoAccess = NULL;
+ CERTAuthInfoAccess **subjInfoAccess = NULL;
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetSubjectInfoAccess");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pSiaList);
+
+ /* XXX
+ * Codes to deal with SubjectInfoAccess OID should be moved to
+ * NSS soon. I implemented them here so we don't touch NSS
+ * source tree, from JP's suggestion.
+ */
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->subjectInfoAccess == NULL) {
+
+ PKIX_OBJECT_LOCK(cert);
+
+ if (cert->subjectInfoAccess == NULL) {
+
+ encodedSubjInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
+ if (encodedSubjInfoAccess == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_FindCertExtensionByOID).\n");
+ rv = CERT_FindCertExtensionByOID
+ (cert->nssCert, &siaOID, encodedSubjInfoAccess);
+
+ if (rv == SECFailure) {
+ goto cleanup;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ /* XXX
+ * Decode Subject Information Access -
+ * since its type is the same as Authority Information
+ * Access, reuse the call. NSS- change name to avoid
+ * confusion.
+ */
+ PKIX_CERT_DEBUG
+ ("\t\tCalling CERT_DecodeAuthInfoAccessExtension).\n");
+ subjInfoAccess = CERT_DecodeAuthInfoAccessExtension
+ (arena, encodedSubjInfoAccess);
+
+ PKIX_CHECK(pkix_pl_InfoAccess_CreateList
+ (subjInfoAccess, &siaList, plContext),
+ PKIX_INFOACCESSCREATELISTFAILED);
+
+ cert->subjectInfoAccess = siaList;
+
+ }
+
+ PKIX_OBJECT_UNLOCK(cert);
+ }
+
+ PKIX_INCREF(cert->subjectInfoAccess);
+ *pSiaList = cert->subjectInfoAccess;
+
+cleanup:
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (encodedSubjInfoAccess != NULL) {
+ SECITEM_FreeItem(encodedSubjInfoAccess, PR_TRUE);
+ }
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCrlDp
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCrlDp(
+ PKIX_PL_Cert *cert,
+ PKIX_List **pDpList,
+ void *plContext)
+{
+ PKIX_UInt32 dpIndex = 0;
+ pkix_pl_CrlDp *dp = NULL;
+ CERTCrlDistributionPoints *dpoints = NULL;
+
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetCrlDp");
+ PKIX_NULLCHECK_THREE(cert, cert->nssCert, pDpList);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (cert->crldpList == NULL) {
+ PKIX_OBJECT_LOCK(cert);
+ if (cert->crldpList != NULL) {
+ goto cleanup;
+ }
+ PKIX_CHECK(PKIX_List_Create(&cert->crldpList, plContext),
+ PKIX_LISTCREATEFAILED);
+ dpoints = CERT_FindCRLDistributionPoints(cert->nssCert);
+ if (!dpoints || !dpoints->distPoints) {
+ goto cleanup;
+ }
+ for (;dpoints->distPoints[dpIndex];dpIndex++) {
+ PKIX_CHECK(
+ pkix_pl_CrlDp_Create(dpoints->distPoints[dpIndex],
+ &cert->nssCert->issuer,
+ &dp, plContext),
+ PKIX_CRLDPCREATEFAILED);
+ /* Create crldp list in reverse order in attempt to get
+ * to the whole crl first. */
+ PKIX_CHECK(
+ PKIX_List_InsertItem(cert->crldpList, 0,
+ (PKIX_PL_Object*)dp,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(dp);
+ }
+ }
+cleanup:
+ PKIX_INCREF(cert->crldpList);
+ *pDpList = cert->crldpList;
+
+ PKIX_OBJECT_UNLOCK(lockedObject);
+ PKIX_DECREF(dp);
+
+ PKIX_RETURN(CERT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Cert_GetCERTCertificate
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Cert_GetCERTCertificate(
+ PKIX_PL_Cert *cert,
+ CERTCertificate **pnssCert,
+ void *plContext)
+{
+ PKIX_ENTER(CERT, "PKIX_PL_Cert_GetNssCert");
+ PKIX_NULLCHECK_TWO(cert, pnssCert);
+
+ *pnssCert = CERT_DupCertificate(cert->nssCert);
+
+ PKIX_RETURN(CERT);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h
new file mode 100644
index 000000000..56fe64228
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h
@@ -0,0 +1,107 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_cert.h
+ *
+ * Certificate Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_CERT_H
+#define _PKIX_PL_CERT_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_CertStruct {
+ CERTCertificate *nssCert; /* Must be the first field. The
+ * cert_NSSCertFromPKIXCert function in
+ * lib/certhigh/certvfypkix.c depends on
+ * this. */
+ CERTGeneralName *nssSubjAltNames;
+ PLArenaPool *arenaNameConstraints;
+ PKIX_PL_X500Name *issuer;
+ PKIX_PL_X500Name *subject;
+ PKIX_List *subjAltNames;
+ PKIX_Boolean subjAltNamesAbsent;
+ PKIX_PL_OID *publicKeyAlgId;
+ PKIX_PL_PublicKey *publicKey;
+ PKIX_PL_BigInt *serialNumber;
+ PKIX_List *critExtOids;
+ PKIX_PL_ByteArray *subjKeyId;
+ PKIX_Boolean subjKeyIdAbsent;
+ PKIX_PL_ByteArray *authKeyId;
+ PKIX_Boolean authKeyIdAbsent;
+ PKIX_List *extKeyUsages;
+ PKIX_Boolean extKeyUsagesAbsent;
+ PKIX_PL_CertBasicConstraints *certBasicConstraints;
+ PKIX_Boolean basicConstraintsAbsent;
+ PKIX_List *certPolicyInfos;
+ PKIX_Boolean policyInfoAbsent;
+ PKIX_Boolean policyMappingsAbsent;
+ PKIX_List *certPolicyMappings; /* List of PKIX_PL_CertPolicyMap */
+ PKIX_Boolean policyConstraintsProcessed;
+ PKIX_Int32 policyConstraintsExplicitPolicySkipCerts;
+ PKIX_Int32 policyConstraintsInhibitMappingSkipCerts;
+ PKIX_Boolean inhibitAnyPolicyProcessed;
+ PKIX_Int32 inhibitAnySkipCerts;
+ PKIX_PL_CertNameConstraints *nameConstraints;
+ PKIX_Boolean nameConstraintsAbsent;
+ PKIX_Boolean cacheFlag;
+ PKIX_CertStore *store;
+ PKIX_List *authorityInfoAccess; /* list of PKIX_PL_InfoAccess */
+ PKIX_List *subjectInfoAccess; /* list of PKIX_PL_InfoAccess */
+ PKIX_Boolean isUserTrustAnchor;
+ PKIX_List *crldpList; /* list of CRL DPs based on der in nssCert arena.
+ * Destruction is needed for pkix object and
+ * not for undelying der as it is a part
+ * nssCert arena. */
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_Cert_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_Cert_CreateWithNSSCert(
+ CERTCertificate *nssCert,
+ PKIX_PL_Cert **pCert,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Cert_CreateToList(
+ SECItem *derCertItem,
+ PKIX_List *certList,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Cert_CheckSubjectAltNameConstraints(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean matchAll,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Cert_ToString_Helper(
+ PKIX_PL_Cert *cert,
+ PKIX_Boolean partialString,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Cert_CheckExtendedKeyUsage(
+ PKIX_PL_Cert *cert,
+ PKIX_UInt32 requiredExtendedKeyUsages,
+ PKIX_Boolean *pPass,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_CERT_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.c
new file mode 100644
index 000000000..a44ac6590
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.c
@@ -0,0 +1,371 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_certpolicyinfo.c
+ *
+ * CertPolicyInfo Type Functions
+ *
+ */
+
+#include "pkix_pl_certpolicyinfo.h"
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyInfo_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CertPolicyInfo Object using the OID pointed to by "oid" and
+ * the List of CertPolicyQualifiers pointed to by "qualifiers", and stores it
+ * at "pObject". If a non-NULL list is provided, the caller is expected to
+ * have already set it to be immutable. The caller may provide an empty List,
+ * but a NULL List is preferable so a user does not need to call
+ * List_GetLength to get the number of qualifiers.
+ *
+ * PARAMETERS
+ * "oid"
+ * OID of the desired PolicyInfo ID; must be non-NULL
+ * "qualifiers"
+ * List of CertPolicyQualifiers; may be NULL or empty
+ * "pObject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertPolicyInfo_Create(
+ PKIX_PL_OID *oid,
+ PKIX_List *qualifiers,
+ PKIX_PL_CertPolicyInfo **pObject,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyInfo *policyInfo = NULL;
+
+ PKIX_ENTER(CERTPOLICYINFO, "pkix_pl_CertPolicyInfo_Create");
+
+ PKIX_NULLCHECK_TWO(oid, pObject);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTPOLICYINFO_TYPE,
+ sizeof (PKIX_PL_CertPolicyInfo),
+ (PKIX_PL_Object **)&policyInfo,
+ plContext),
+ PKIX_COULDNOTCREATECERTPOLICYINFOOBJECT);
+
+ PKIX_INCREF(oid);
+ policyInfo->cpID = oid;
+
+ PKIX_INCREF(qualifiers);
+ policyInfo->policyQualifiers = qualifiers;
+
+ *pObject = policyInfo;
+ policyInfo = NULL;
+
+cleanup:
+ PKIX_DECREF(policyInfo);
+
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyInfo_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyInfo_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyInfo *certPI = NULL;
+
+ PKIX_ENTER(CERTPOLICYINFO, "pkix_pl_CertPolicyInfo_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYINFO_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYINFO);
+
+ certPI = (PKIX_PL_CertPolicyInfo*)object;
+
+ PKIX_DECREF(certPI->cpID);
+ PKIX_DECREF(certPI->policyQualifiers);
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyInfo_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyInfo_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyInfo *certPI = NULL;
+ PKIX_PL_String *oidString = NULL;
+ PKIX_PL_String *listString = NULL;
+ PKIX_PL_String *format = NULL;
+ PKIX_PL_String *outString = NULL;
+
+ PKIX_ENTER(CERTPOLICYINFO, "pkix_pl_CertPolicyInfo_ToString");
+
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYINFO_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYINFO);
+
+ certPI = (PKIX_PL_CertPolicyInfo *)object;
+
+ PKIX_NULLCHECK_ONE(certPI->cpID);
+
+ PKIX_TOSTRING
+ (certPI->cpID,
+ &oidString,
+ plContext,
+ PKIX_OIDTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (certPI->policyQualifiers,
+ &listString,
+ plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* Put them together in the form OID[Qualifiers] */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "%s[%s]", 0, &format, plContext),
+ PKIX_ERRORINSTRINGCREATE);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString, plContext, format, oidString, listString),
+ PKIX_ERRORINSPRINTF);
+
+ *pString = outString;
+
+cleanup:
+
+ PKIX_DECREF(oidString);
+ PKIX_DECREF(listString);
+ PKIX_DECREF(format);
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyInfo_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyInfo_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyInfo *certPI = NULL;
+ PKIX_UInt32 oidHash = 0;
+ PKIX_UInt32 listHash = 0;
+
+ PKIX_ENTER(CERTPOLICYINFO, "pkix_pl_CertPolicyInfo_Hashcode");
+
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYINFO_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYINFO);
+
+ certPI = (PKIX_PL_CertPolicyInfo *)object;
+
+ PKIX_NULLCHECK_ONE(certPI->cpID);
+
+ PKIX_HASHCODE
+ (certPI->cpID,
+ &oidHash,
+ plContext,
+ PKIX_ERRORINOIDHASHCODE);
+
+ PKIX_HASHCODE
+ (certPI->policyQualifiers,
+ &listHash,
+ plContext,
+ PKIX_ERRORINLISTHASHCODE);
+
+ *pHashcode = (31 * oidHash) + listHash;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyInfo_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyInfo_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyInfo *firstCPI = NULL;
+ PKIX_PL_CertPolicyInfo *secondCPI = NULL;
+ PKIX_UInt32 secondType = 0;
+ PKIX_Boolean compare = PKIX_FALSE;
+
+ PKIX_ENTER(CERTPOLICYINFO, "pkix_pl_CertPolicyInfo_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CertPolicyInfo */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CERTPOLICYINFO_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCERTPOLICYINFO);
+
+ /*
+ * Since we know firstObject is a CertPolicyInfo,
+ * if both references are identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a CertPolicyInfo, we
+ * don't throw an error. We simply return FALSE.
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CERTPOLICYINFO_TYPE) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ firstCPI = (PKIX_PL_CertPolicyInfo *)firstObject;
+ secondCPI = (PKIX_PL_CertPolicyInfo *)secondObject;
+
+ /*
+ * Compare the value of the OID components
+ */
+
+ PKIX_NULLCHECK_TWO(firstCPI->cpID, secondCPI->cpID);
+
+ PKIX_EQUALS
+ (firstCPI->cpID,
+ secondCPI->cpID,
+ &compare,
+ plContext,
+ PKIX_OIDEQUALSFAILED);
+
+ /*
+ * If the OIDs did not match, we don't need to
+ * compare the Lists. If the OIDs did match,
+ * the return value is the value of the
+ * List comparison.
+ */
+ if (compare) {
+ PKIX_EQUALS
+ (firstCPI->policyQualifiers,
+ secondCPI->policyQualifiers,
+ &compare,
+ plContext,
+ PKIX_LISTEQUALSFAILED);
+ }
+
+ *pResult = compare;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyInfo_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTPOLICYINFO_TYPE and its related
+ * functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize,
+ * which should only be called once, it is acceptable that
+ * this function is not thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CertPolicyInfo_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTPOLICYINFO, "pkix_pl_CertPolicyInfo_RegisterSelf");
+
+ entry.description = "CertPolicyInfo";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CertPolicyInfo);
+ entry.destructor = pkix_pl_CertPolicyInfo_Destroy;
+ entry.equalsFunction = pkix_pl_CertPolicyInfo_Equals;
+ entry.hashcodeFunction = pkix_pl_CertPolicyInfo_Hashcode;
+ entry.toStringFunction = pkix_pl_CertPolicyInfo_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CERTPOLICYINFO_TYPE] = entry;
+
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+/* --Public-CertPolicyInfo-Functions------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyInfo_GetPolicyId
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyInfo_GetPolicyId(
+ PKIX_PL_CertPolicyInfo *policyInfo,
+ PKIX_PL_OID **pPolicyId,
+ void *plContext)
+{
+ PKIX_ENTER(CERTPOLICYINFO, "PKIX_PL_CertPolicyInfo_GetPolicyId");
+
+ PKIX_NULLCHECK_TWO(policyInfo, pPolicyId);
+
+ PKIX_INCREF(policyInfo->cpID);
+
+ *pPolicyId = policyInfo->cpID;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYINFO);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyInfo_GetPolQualifiers
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyInfo_GetPolQualifiers(
+ PKIX_PL_CertPolicyInfo *policyInfo,
+ PKIX_List **pQuals,
+ void *plContext)
+{
+ PKIX_ENTER(CERTPOLICYINFO, "PKIX_PL_CertPolicyInfo_GetPolQualifiers");
+
+ PKIX_NULLCHECK_TWO(policyInfo, pQuals);
+
+ PKIX_INCREF(policyInfo->policyQualifiers);
+
+ /*
+ * This List is created in PKIX_PL_Cert_DecodePolicyInfo
+ * and is set immutable immediately after being created.
+ */
+ *pQuals = policyInfo->policyQualifiers;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYINFO);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.h
new file mode 100644
index 000000000..5c324e6cd
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyinfo.h
@@ -0,0 +1,50 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_certpolicyinfo.h
+ *
+ * PolicyInfo Type Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_POLICYINFO_H
+#define _PKIX_PL_POLICYINFO_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * This structure reflects the contents of the policy info extension as
+ * described in Section 4.2.1.5 of RFC3280.
+ *
+ * PolicyInformation ::= SEQUENCE {
+ * policyIdentifier CertPolicyId,
+ * PolicyQualifiers SEQUENCE SIZE (1..MAX) OF
+ * PolicyQualifierInfo OPTIONAL }
+ *
+ */
+struct PKIX_PL_CertPolicyInfoStruct {
+ PKIX_PL_OID *cpID;
+ PKIX_List *policyQualifiers; /* LIST of PKIX_PL_CertPolicyQualifier */
+};
+
+PKIX_Error *
+pkix_pl_CertPolicyInfo_Create(
+ PKIX_PL_OID *oid,
+ PKIX_List *qualifiers,
+ PKIX_PL_CertPolicyInfo **pObject,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertPolicyInfo_RegisterSelf(
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_POLICYINFO_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c
new file mode 100644
index 000000000..08b1ca9df
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c
@@ -0,0 +1,386 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_certpolicymap.c
+ *
+ * CertPolicyMap Type Functions
+ *
+ */
+
+#include "pkix_pl_certpolicymap.h"
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_Create
+ * DESCRIPTION:
+ *
+ * Creates a new CertPolicyMap Object pairing the OID given by
+ * "issuerDomainPolicy" with the OID given by "subjectDomainPolicy", and
+ * stores the result at "pCertPolicyMap".
+ *
+ * PARAMETERS
+ * "issuerDomainPolicy"
+ * Address of the OID of the IssuerDomainPolicy. Must be non-NULL.
+ * "subjectDomainPolicy"
+ * Address of the OID of the SubjectDomainPolicy. Must be non-NULL.
+ * "pCertPolicyMap"
+ * Address where CertPolicyMap pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CertPolicyMap Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertPolicyMap_Create(
+ PKIX_PL_OID *issuerDomainPolicy,
+ PKIX_PL_OID *subjectDomainPolicy,
+ PKIX_PL_CertPolicyMap **pCertPolicyMap,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *policyMap = NULL;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_Create");
+
+ PKIX_NULLCHECK_THREE
+ (issuerDomainPolicy, subjectDomainPolicy, pCertPolicyMap);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTPOLICYMAP_TYPE,
+ sizeof (PKIX_PL_CertPolicyMap),
+ (PKIX_PL_Object **)&policyMap,
+ plContext),
+ PKIX_COULDNOTCREATECERTPOLICYMAPOBJECT);
+
+ PKIX_INCREF(issuerDomainPolicy);
+ policyMap->issuerDomainPolicy = issuerDomainPolicy;
+
+ PKIX_INCREF(subjectDomainPolicy);
+ policyMap->subjectDomainPolicy = subjectDomainPolicy;
+
+ *pCertPolicyMap = policyMap;
+ policyMap = NULL;
+
+cleanup:
+ PKIX_DECREF(policyMap);
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyMap_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *certMap = NULL;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYMAP_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYMAP);
+
+ certMap = (PKIX_PL_CertPolicyMap*)object;
+
+ PKIX_DECREF(certMap->issuerDomainPolicy);
+ PKIX_DECREF(certMap->subjectDomainPolicy);
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyMap_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *certMap = NULL;
+ PKIX_PL_String *format = NULL;
+ PKIX_PL_String *outString = NULL;
+ PKIX_PL_String *issuerString = NULL;
+ PKIX_PL_String *subjectString = NULL;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_ToString");
+
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYMAP_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYMAP);
+
+ certMap = (PKIX_PL_CertPolicyMap *)object;
+
+ PKIX_TOSTRING
+ (certMap->issuerDomainPolicy,
+ &issuerString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ PKIX_TOSTRING
+ (certMap->subjectDomainPolicy,
+ &subjectString,
+ plContext,
+ PKIX_OBJECTTOSTRINGFAILED);
+
+ /* Put them together in the form issuerPolicy=>subjectPolicy */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "%s=>%s", 0, &format, plContext),
+ PKIX_ERRORINSTRINGCREATE);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString, plContext, format, issuerString, subjectString),
+ PKIX_ERRORINSPRINTF);
+
+ *pString = outString;
+
+cleanup:
+ PKIX_DECREF(format);
+ PKIX_DECREF(issuerString);
+ PKIX_DECREF(subjectString);
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyMap_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 issuerHash = 0;
+ PKIX_UInt32 subjectHash = 0;
+ PKIX_PL_CertPolicyMap *certMap = NULL;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_Hashcode");
+
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CERTPOLICYMAP_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYMAP);
+
+ certMap = (PKIX_PL_CertPolicyMap *)object;
+
+ PKIX_HASHCODE
+ (certMap->issuerDomainPolicy,
+ &issuerHash,
+ plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_HASHCODE
+ (certMap->subjectDomainPolicy,
+ &subjectHash,
+ plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ *pHashcode = issuerHash*31 + subjectHash;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyMap_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *firstCertMap = NULL;
+ PKIX_PL_CertPolicyMap *secondCertMap = NULL;
+ PKIX_UInt32 secondType = 0;
+ PKIX_Boolean compare = PKIX_FALSE;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CertPolicyMap */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CERTPOLICYMAP_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCERTPOLICYMAP);
+
+ /*
+ * Since we know firstObject is a CertPolicyMap,
+ * if both references are identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a CertPolicyMap, we
+ * don't throw an error. We simply return FALSE.
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CERTPOLICYMAP_TYPE) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ firstCertMap = (PKIX_PL_CertPolicyMap *)firstObject;
+ secondCertMap = (PKIX_PL_CertPolicyMap *)secondObject;
+
+ PKIX_EQUALS
+ (firstCertMap->issuerDomainPolicy,
+ secondCertMap->issuerDomainPolicy,
+ &compare,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (compare) {
+ PKIX_EQUALS
+ (firstCertMap->subjectDomainPolicy,
+ secondCertMap->subjectDomainPolicy,
+ &compare,
+ plContext,
+ PKIX_OBJECTEQUALSFAILED);
+ }
+
+ *pResult = compare;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_Duplicate
+ * (see comments for PKIX_PL_Duplicate_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyMap_Duplicate(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyMap *original = NULL;
+ PKIX_PL_CertPolicyMap *copy = NULL;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_Duplicate");
+
+ PKIX_NULLCHECK_TWO(object, pNewObject);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYMAP_TYPE, plContext),
+ PKIX_OBJECTARGUMENTNOTPOLICYMAP);
+
+ original = (PKIX_PL_CertPolicyMap *)object;
+
+ PKIX_CHECK(pkix_pl_CertPolicyMap_Create
+ (original->issuerDomainPolicy,
+ original->subjectDomainPolicy,
+ &copy,
+ plContext),
+ PKIX_CERTPOLICYMAPCREATEFAILED);
+
+ *pNewObject = (PKIX_PL_Object *)copy;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyMap_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTPOLICYMAP_TYPE and its related
+ * functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize,
+ * which should only be called once, it is acceptable that
+ * this function is not thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CertPolicyMap_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTPOLICYMAP, "pkix_pl_CertPolicyMap_RegisterSelf");
+
+ entry.description = "CertPolicyMap";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CertPolicyMap);
+ entry.destructor = pkix_pl_CertPolicyMap_Destroy;
+ entry.equalsFunction = pkix_pl_CertPolicyMap_Equals;
+ entry.hashcodeFunction = pkix_pl_CertPolicyMap_Hashcode;
+ entry.toStringFunction = pkix_pl_CertPolicyMap_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_pl_CertPolicyMap_Duplicate;
+
+ systemClasses[PKIX_CERTPOLICYMAP_TYPE] = entry;
+
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/* --Public-CertPolicyMap-Functions------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy(
+ PKIX_PL_CertPolicyMap *policyMapping,
+ PKIX_PL_OID **pIssuerDomainPolicy,
+ void *plContext)
+{
+ PKIX_ENTER
+ (CERTPOLICYMAP, "PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy");
+
+ PKIX_NULLCHECK_TWO(policyMapping, pIssuerDomainPolicy);
+
+ PKIX_INCREF(policyMapping->issuerDomainPolicy);
+ *pIssuerDomainPolicy = policyMapping->issuerDomainPolicy;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYMAP);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy(
+ PKIX_PL_CertPolicyMap *policyMapping,
+ PKIX_PL_OID **pSubjectDomainPolicy,
+ void *plContext)
+{
+ PKIX_ENTER
+ (CERTPOLICYMAP, "PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy");
+
+ PKIX_NULLCHECK_TWO(policyMapping, pSubjectDomainPolicy);
+
+ PKIX_INCREF(policyMapping->subjectDomainPolicy);
+ *pSubjectDomainPolicy = policyMapping->subjectDomainPolicy;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYMAP);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.h
new file mode 100644
index 000000000..a03bce2c8
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.h
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_certpolicymap.h
+ *
+ * CertPolicyMap Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_CERTPOLICYMAP_H
+#define _PKIX_PL_CERTPOLICYMAP_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * This structure reflects the contents of the policy mapping extension as
+ * described in Section 4.2.1.6 of RFC3280.
+ *
+ * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
+ * issuerDomainPolicy CertPolicyId,
+ * subjectDomainPolicy CertPolicyId }
+ *
+ */
+struct PKIX_PL_CertPolicyMapStruct {
+ PKIX_PL_OID *issuerDomainPolicy;
+ PKIX_PL_OID *subjectDomainPolicy;
+};
+
+PKIX_Error *
+pkix_pl_CertPolicyMap_Create(
+ PKIX_PL_OID *issuerDomainPolicy,
+ PKIX_PL_OID *subjectDomainPolicy,
+ PKIX_PL_CertPolicyMap **pObject,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertPolicyMap_RegisterSelf(
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_CERTPOLICYMAP_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.c
new file mode 100644
index 000000000..b57623d26
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.c
@@ -0,0 +1,365 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_certpolicyqualifier.c
+ *
+ * CertPolicyQualifier Type Functions
+ *
+ */
+
+#include "pkix_pl_certpolicyqualifier.h"
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyQualifier_Create
+ * DESCRIPTION:
+ *
+ * Creates a CertPolicyQualifier object with the OID given by "oid"
+ * and the ByteArray given by "qualifier", and stores it at "pObject".
+ *
+ * PARAMETERS
+ * "oid"
+ * Address of OID of the desired policyQualifierId; must be non-NULL
+ * "qualifier"
+ * Address of ByteArray with the desired value of the qualifier;
+ * must be non-NULL
+ * "pObject"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertPolicyQualifier_Create(
+ PKIX_PL_OID *oid,
+ PKIX_PL_ByteArray *qualifier,
+ PKIX_PL_CertPolicyQualifier **pObject,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyQualifier *qual = NULL;
+
+ PKIX_ENTER(CERTPOLICYQUALIFIER, "pkix_pl_CertPolicyQualifier_Create");
+
+ PKIX_NULLCHECK_THREE(oid, qualifier, pObject);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTPOLICYQUALIFIER_TYPE,
+ sizeof (PKIX_PL_CertPolicyQualifier),
+ (PKIX_PL_Object **)&qual,
+ plContext),
+ PKIX_COULDNOTCREATECERTPOLICYQUALIFIEROBJECT);
+
+ PKIX_INCREF(oid);
+ qual->policyQualifierId = oid;
+
+ PKIX_INCREF(qualifier);
+ qual->qualifier = qualifier;
+
+ *pObject = qual;
+ qual = NULL;
+
+cleanup:
+ PKIX_DECREF(qual);
+
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyQualifier_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyQualifier_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyQualifier *certPQ = NULL;
+
+ PKIX_ENTER(CERTPOLICYQUALIFIER, "pkix_pl_CertPolicyQualifier_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYQUALIFIER_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYQUALIFIER);
+
+ certPQ = (PKIX_PL_CertPolicyQualifier*)object;
+
+ PKIX_DECREF(certPQ->policyQualifierId);
+ PKIX_DECREF(certPQ->qualifier);
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyQualifier_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyQualifier_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyQualifier *certPQ = NULL;
+ char *asciiFormat = "%s:%s";
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *pqIDString = NULL;
+ PKIX_PL_String *pqValString = NULL;
+ PKIX_PL_String *outString = NULL;
+
+ PKIX_ENTER(CERTPOLICYQUALIFIER, "pkix_pl_CertPolicyQualifier_ToString");
+
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYQUALIFIER_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYQUALIFIER);
+
+ certPQ = (PKIX_PL_CertPolicyQualifier *)object;
+
+ /*
+ * The policyQualifierId is required. If there is no qualifier,
+ * we should have a ByteArray of zero length.
+ */
+ PKIX_NULLCHECK_TWO(certPQ->policyQualifierId, certPQ->qualifier);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiFormat, 0, &formatString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_TOSTRING(certPQ->policyQualifierId, &pqIDString, plContext,
+ PKIX_OIDTOSTRINGFAILED);
+
+ PKIX_CHECK(pkix_pl_ByteArray_ToHexString
+ (certPQ->qualifier, &pqValString, plContext),
+ PKIX_BYTEARRAYTOHEXSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&outString, plContext, formatString, pqIDString, pqValString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = outString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(pqIDString);
+ PKIX_DECREF(pqValString);
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyQualifier_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyQualifier_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyQualifier *certPQ = NULL;
+ PKIX_UInt32 cpidHash = 0;
+ PKIX_UInt32 cpqHash = 0;
+
+ PKIX_ENTER(CERTPOLICYQUALIFIER, "pkix_pl_CertPolicyQualifier_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTPOLICYQUALIFIER_TYPE, plContext),
+ PKIX_OBJECTNOTCERTPOLICYQUALIFIER);
+
+ certPQ = (PKIX_PL_CertPolicyQualifier *)object;
+
+ PKIX_NULLCHECK_TWO(certPQ->policyQualifierId, certPQ->qualifier);
+
+ PKIX_HASHCODE(certPQ->policyQualifierId, &cpidHash, plContext,
+ PKIX_ERRORINOIDHASHCODE);
+
+ PKIX_HASHCODE(certPQ->qualifier, &cpqHash, plContext,
+ PKIX_ERRORINBYTEARRAYHASHCODE);
+
+ *pHashcode = cpidHash*31 + cpqHash;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyQualifier_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertPolicyQualifier_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertPolicyQualifier *firstCPQ = NULL;
+ PKIX_PL_CertPolicyQualifier *secondCPQ = NULL;
+ PKIX_UInt32 secondType = 0;
+ PKIX_Boolean compare = PKIX_FALSE;
+
+ PKIX_ENTER(CERTPOLICYQUALIFIER, "pkix_pl_CertPolicyQualifier_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CertPolicyQualifier */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CERTPOLICYQUALIFIER_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCERTPOLICYQUALIFIER);
+
+ /*
+ * Since we know firstObject is a CertPolicyQualifier,
+ * if both references are identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a CertPolicyQualifier, we
+ * don't throw an error. We simply return FALSE.
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CERTPOLICYQUALIFIER_TYPE) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ firstCPQ = (PKIX_PL_CertPolicyQualifier *)firstObject;
+ secondCPQ = (PKIX_PL_CertPolicyQualifier *)secondObject;
+
+ /*
+ * Compare the value of the OID components
+ */
+
+ PKIX_NULLCHECK_TWO
+ (firstCPQ->policyQualifierId, secondCPQ->policyQualifierId);
+
+ PKIX_EQUALS
+ (firstCPQ->policyQualifierId,
+ secondCPQ->policyQualifierId,
+ &compare,
+ plContext,
+ PKIX_OIDEQUALSFAILED);
+
+ /*
+ * If the OIDs did not match, we don't need to
+ * compare the ByteArrays. If the OIDs did match,
+ * the return value is the value of the
+ * ByteArray comparison.
+ */
+ if (compare) {
+ PKIX_NULLCHECK_TWO(firstCPQ->qualifier, secondCPQ->qualifier);
+
+ PKIX_EQUALS
+ (firstCPQ->qualifier,
+ secondCPQ->qualifier,
+ &compare,
+ plContext,
+ PKIX_BYTEARRAYEQUALSFAILED);
+ }
+
+ *pResult = compare;
+
+cleanup:
+
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertPolicyQualifier_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTPOLICYQUALIFIER_TYPE and its related
+ * functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize,
+ * which should only be called once, it is acceptable that
+ * this function is not thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CertPolicyQualifier_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTPOLICYQUALIFIER,
+ "pkix_pl_CertPolicyQualifier_RegisterSelf");
+
+ entry.description = "CertPolicyQualifier";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CertPolicyQualifier);
+ entry.destructor = pkix_pl_CertPolicyQualifier_Destroy;
+ entry.equalsFunction = pkix_pl_CertPolicyQualifier_Equals;
+ entry.hashcodeFunction = pkix_pl_CertPolicyQualifier_Hashcode;
+ entry.toStringFunction = pkix_pl_CertPolicyQualifier_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CERTPOLICYQUALIFIER_TYPE] = entry;
+
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+/* --Public-CertPolicyQualifier-Functions------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_PolicyQualifier_GetPolicyQualifierId
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_PolicyQualifier_GetPolicyQualifierId(
+ PKIX_PL_CertPolicyQualifier *policyQualifierInfo,
+ PKIX_PL_OID **pPolicyQualifierId,
+ void *plContext)
+{
+ PKIX_ENTER(CERTPOLICYQUALIFIER,
+ "PKIX_PL_PolicyQualifier_GetPolicyQualifierId");
+
+ PKIX_NULLCHECK_TWO(policyQualifierInfo, pPolicyQualifierId);
+
+ PKIX_INCREF(policyQualifierInfo->policyQualifierId);
+
+ *pPolicyQualifierId = policyQualifierInfo->policyQualifierId;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
+
+/*
+ * FUNCTION: PKIX_PL_PolicyQualifier_GetQualifier
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_PolicyQualifier_GetQualifier(
+ PKIX_PL_CertPolicyQualifier *policyQualifierInfo,
+ PKIX_PL_ByteArray **pQualifier,
+ void *plContext)
+{
+ PKIX_ENTER(CERTPOLICYQUALIFIER, "PKIX_PL_PolicyQualifier_GetQualifier");
+
+ PKIX_NULLCHECK_TWO(policyQualifierInfo, pQualifier);
+
+ PKIX_INCREF(policyQualifierInfo->qualifier);
+
+ *pQualifier = policyQualifierInfo->qualifier;
+
+cleanup:
+ PKIX_RETURN(CERTPOLICYQUALIFIER);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.h
new file mode 100644
index 000000000..4c6c8a21b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicyqualifier.h
@@ -0,0 +1,52 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_certpolicyqualifier.h
+ *
+ * PolicyQualifier Type Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_POLICYQUALIFIER_H
+#define _PKIX_PL_POLICYQUALIFIER_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * This structure reflects the contents of the policy qualifier extension as
+ * described in Section 4.2.1.5 of RFC3280.
+ *
+ * PolicyQualifierInfo ::= SEQUENCE {
+ * policyQualifierId PolicyQualifierId,
+ * qualifier ANY DEFINED BY policyQualifierId }
+ *
+ * PolicyQualifierId ::=
+ * OBJECT IDENTIFIER (id-qt-cps | id-qt-unotice)
+ *
+ */
+struct PKIX_PL_CertPolicyQualifierStruct {
+ PKIX_PL_OID *policyQualifierId;
+ PKIX_PL_ByteArray *qualifier;
+};
+
+PKIX_Error *
+pkix_pl_CertPolicyQualifier_Create(
+ PKIX_PL_OID *oid,
+ PKIX_PL_ByteArray *qualifierArray,
+ PKIX_PL_CertPolicyQualifier **pObject,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertPolicyQualifier_RegisterSelf(
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_POLICYQUALIFIER_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c
new file mode 100644
index 000000000..b83db357a
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c
@@ -0,0 +1,1068 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_crl.c
+ *
+ * CRL Function Definitions
+ *
+ */
+
+#include "pkix_pl_crl.h"
+#include "certxutl.h"
+
+extern PKIX_PL_HashTable *cachedCrlSigTable;
+
+/* --Private-CRL-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_CRL_GetVersion
+ * DESCRIPTION:
+ *
+ * Retrieves the version of the CRL pointed to by "crl" and stores it at
+ * "pVersion". The version number will either be 0 or 1 (corresponding to
+ * v1 or v2, respectively).
+ *
+ * Version ::= INTEGER { v1(0), v2(1), v3(2) }
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose version is to be stored. Must be non-NULL.
+ * "pVersion"
+ * Address where a version will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRL_GetVersion(
+ PKIX_PL_CRL *crl,
+ PKIX_UInt32 *pVersion,
+ void *plContext)
+{
+ PKIX_UInt32 myVersion;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_GetVersion");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pVersion);
+
+ PKIX_NULLCHECK_ONE(crl->nssSignedCrl->crl.version.data);
+
+ myVersion = *(crl->nssSignedCrl->crl.version.data);
+
+ if (myVersion > 1) {
+ PKIX_ERROR(PKIX_VERSIONVALUEMUSTBEV1ORV2);
+ }
+
+ *pVersion = myVersion;
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetCRLNumber (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetCRLNumber(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_BigInt **pCrlNumber,
+ void *plContext)
+{
+ PKIX_PL_BigInt *crlNumber = NULL;
+ SECItem nssCrlNumber;
+ PLArenaPool *arena = NULL;
+ SECStatus status;
+ PKIX_UInt32 length = 0;
+ char *bytes = NULL;
+
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_GetCRLNumber");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pCrlNumber);
+
+ /* Can call this function only with der been adopted. */
+ PORT_Assert(crl->adoptedDerCrl);
+
+ if (!crl->crlNumberAbsent && crl->crlNumber == NULL) {
+
+ PKIX_OBJECT_LOCK(crl);
+
+ if (!crl->crlNumberAbsent && crl->crlNumber == NULL) {
+
+ nssCrlNumber.type = 0;
+ nssCrlNumber.len = 0;
+ nssCrlNumber.data = NULL;
+
+ PKIX_CRL_DEBUG("\t\tCalling PORT_NewArena).\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CRL_DEBUG("\t\tCalling CERT_FindCRLNumberExten\n");
+ status = CERT_FindCRLNumberExten
+ (arena, &crl->nssSignedCrl->crl, &nssCrlNumber);
+
+ if (status == SECSuccess) {
+ /* Get data in bytes then convert to bigint */
+ length = nssCrlNumber.len;
+ bytes = (char *)nssCrlNumber.data;
+
+ PKIX_CHECK(pkix_pl_BigInt_CreateWithBytes
+ (bytes, length, &crlNumber, plContext),
+ PKIX_BIGINTCREATEWITHBYTESFAILED);
+
+ /* arena release does the job
+ PKIX_CRL_DEBUG("\t\tCalling SECITEM_FreeItem\n");
+ SECITEM_FreeItem(&nssCrlNumber, PKIX_FALSE);
+ */
+ crl->crlNumber = crlNumber;
+
+ } else {
+
+ crl->crlNumberAbsent = PKIX_TRUE;
+ }
+ }
+
+ PKIX_OBJECT_UNLOCK(crl);
+
+ }
+
+ PKIX_INCREF(crl->crlNumber);
+
+ *pCrlNumber = crl->crlNumber;
+
+cleanup:
+
+ if (arena){
+ PKIX_CRL_DEBUG("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_GetSignatureAlgId
+ *
+ * DESCRIPTION:
+ * Retrieves a pointer to the OID that represents the signature algorithm of
+ * the CRL pointed to by "crl" and stores it at "pSignatureAlgId".
+ *
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL }
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose signature algorithm OID is to be stored.
+ * Must be non-NULL.
+ * "pSignatureAlgId"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRL_GetSignatureAlgId(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_OID **pSignatureAlgId,
+ void *plContext)
+{
+ PKIX_PL_OID *signatureAlgId = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_GetSignatureAlgId");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pSignatureAlgId);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (crl->signatureAlgId == NULL){
+ PKIX_OBJECT_LOCK(crl);
+ if (crl->signatureAlgId == NULL){
+ CERTCrl *nssCrl = &(crl->nssSignedCrl->crl);
+ SECAlgorithmID *algorithm = &nssCrl->signatureAlg;
+ SECItem *algBytes = &algorithm->algorithm;
+
+ if (!algBytes->data || !algBytes->len) {
+ PKIX_ERROR(PKIX_OIDBYTESLENGTH0);
+ }
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem
+ (algBytes, &signatureAlgId, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ crl->signatureAlgId = signatureAlgId;
+ signatureAlgId = NULL;
+ }
+ PKIX_OBJECT_UNLOCK(crl);
+ }
+ PKIX_INCREF(crl->signatureAlgId);
+ *pSignatureAlgId = crl->signatureAlgId;
+cleanup:
+ PKIX_DECREF(signatureAlgId);
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_GetCRLEntries
+ * DESCRIPTION:
+ *
+ * Retrieves a pointer to the List of CRLEntries found in the CRL pointed to
+ * by "crl" and stores it at "pCRLEntries". If there are no CRLEntries,
+ * this functions stores NULL at "pCRLEntries".
+ *
+ * PARAMETERS:
+ * "crl"
+ * Address of CRL whose CRL Entries are to be retrieved. Must be non-NULL.
+ * "pCRLEntries"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRL_GetCRLEntries(
+ PKIX_PL_CRL *crl,
+ PKIX_List **pCrlEntries,
+ void *plContext)
+{
+ PKIX_List *entryList = NULL;
+ CERTCrl *nssCrl = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_GetCRLEntries");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pCrlEntries);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (crl->crlEntryList == NULL) {
+
+ PKIX_OBJECT_LOCK(crl);
+
+ if (crl->crlEntryList == NULL){
+
+ nssCrl = &(crl->nssSignedCrl->crl);
+
+ PKIX_CHECK(pkix_pl_CRLEntry_Create
+ (nssCrl->entries, &entryList, plContext),
+ PKIX_CRLENTRYCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_SetImmutable
+ (entryList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ crl->crlEntryList = entryList;
+ }
+
+ PKIX_OBJECT_UNLOCK(crl);
+
+ }
+
+ PKIX_INCREF(crl->crlEntryList);
+
+ *pCrlEntries = crl->crlEntryList;
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRL_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CRL *crl = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRL_TYPE, plContext),
+ PKIX_OBJECTNOTCRL);
+
+ crl = (PKIX_PL_CRL*)object;
+
+ PKIX_CRL_DEBUG("\t\tCalling CERT_DestroyCrl\n");
+ if (crl->nssSignedCrl) {
+ CERT_DestroyCrl(crl->nssSignedCrl);
+ }
+ if (crl->adoptedDerCrl) {
+ SECITEM_FreeItem(crl->adoptedDerCrl, PR_TRUE);
+ }
+ crl->nssSignedCrl = NULL;
+ crl->adoptedDerCrl = NULL;
+ crl->crlNumberAbsent = PKIX_FALSE;
+
+ PKIX_DECREF(crl->issuer);
+ PKIX_DECREF(crl->signatureAlgId);
+ PKIX_DECREF(crl->crlNumber);
+ PKIX_DECREF(crl->crlEntryList);
+ PKIX_DECREF(crl->critExtOids);
+ if (crl->derGenName) {
+ SECITEM_FreeItem(crl->derGenName, PR_TRUE);
+ }
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the CRL pointed
+ * to by "crl" and stores it at "pString".
+ *
+ * PARAMETERS
+ * "crl"
+ * Address of CRL whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRL_ToString_Helper(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ char *asciiFormat = NULL;
+ PKIX_UInt32 crlVersion = 0;
+ PKIX_PL_X500Name *crlIssuer = NULL;
+ PKIX_PL_OID *nssSignatureAlgId = NULL;
+ PKIX_PL_BigInt *crlNumber = NULL;
+ PKIX_List *crlEntryList = NULL;
+ PKIX_List *critExtOIDs = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *crlIssuerString = NULL;
+ PKIX_PL_String *lastUpdateString = NULL;
+ PKIX_PL_String *nextUpdateString = NULL;
+ PKIX_PL_String *nssSignatureAlgIdString = NULL;
+ PKIX_PL_String *crlNumberString = NULL;
+ PKIX_PL_String *crlEntryListString = NULL;
+ PKIX_PL_String *critExtOIDsString = NULL;
+ PKIX_PL_String *crlString = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_ToString_Helper");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pString);
+
+ asciiFormat =
+ "[\n"
+ "\tVersion: v%d\n"
+ "\tIssuer: %s\n"
+ "\tUpdate: [Last: %s\n"
+ "\t Next: %s]\n"
+ "\tSignatureAlgId: %s\n"
+ "\tCRL Number : %s\n"
+ "\n"
+ "\tEntry List: %s\n"
+ "\n"
+ "\tCritExtOIDs: %s\n"
+ "]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* Version */
+ PKIX_CHECK(pkix_pl_CRL_GetVersion(crl, &crlVersion, plContext),
+ PKIX_CRLGETVERSIONFAILED);
+
+ /* Issuer */
+ PKIX_CHECK(PKIX_PL_CRL_GetIssuer(crl, &crlIssuer, plContext),
+ PKIX_CRLGETISSUERFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)crlIssuer, &crlIssuerString, plContext),
+ PKIX_X500NAMETOSTRINGFAILED);
+
+ /* This update - No Date object created, use nss data directly */
+ PKIX_CHECK(pkix_pl_Date_ToString_Helper
+ (&(crl->nssSignedCrl->crl.lastUpdate),
+ &lastUpdateString,
+ plContext),
+ PKIX_DATETOSTRINGHELPERFAILED);
+
+ /* Next update - No Date object created, use nss data directly */
+ PKIX_CHECK(pkix_pl_Date_ToString_Helper
+ (&(crl->nssSignedCrl->crl.nextUpdate),
+ &nextUpdateString,
+ plContext),
+ PKIX_DATETOSTRINGHELPERFAILED);
+
+ /* Signature Algorithm Id */
+ PKIX_CHECK(pkix_pl_CRL_GetSignatureAlgId
+ (crl, &nssSignatureAlgId, plContext),
+ PKIX_CRLGETSIGNATUREALGIDFAILED);
+
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)nssSignatureAlgId,
+ &nssSignatureAlgIdString,
+ plContext),
+ PKIX_OIDTOSTRINGFAILED);
+
+ /* CRL Number */
+ PKIX_CHECK(PKIX_PL_CRL_GetCRLNumber
+ (crl, &crlNumber, plContext),
+ PKIX_CRLGETCRLNUMBERFAILED);
+
+ PKIX_TOSTRING(crlNumber, &crlNumberString, plContext,
+ PKIX_BIGINTTOSTRINGFAILED);
+
+ /* CRL Entries */
+ PKIX_CHECK(pkix_pl_CRL_GetCRLEntries(crl, &crlEntryList, plContext),
+ PKIX_CRLGETCRLENTRIESFAILED);
+
+ PKIX_TOSTRING(crlEntryList, &crlEntryListString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* CriticalExtensionOIDs */
+ PKIX_CHECK(PKIX_PL_CRL_GetCriticalExtensionOIDs
+ (crl, &critExtOIDs, plContext),
+ PKIX_CRLGETCRITICALEXTENSIONOIDSFAILED);
+
+ PKIX_TOSTRING(critExtOIDs, &critExtOIDsString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&crlString,
+ plContext,
+ formatString,
+ crlVersion + 1,
+ crlIssuerString,
+ lastUpdateString,
+ nextUpdateString,
+ nssSignatureAlgIdString,
+ crlNumberString,
+ crlEntryListString,
+ critExtOIDsString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = crlString;
+
+cleanup:
+
+ PKIX_DECREF(crlIssuer);
+ PKIX_DECREF(nssSignatureAlgId);
+ PKIX_DECREF(crlNumber);
+ PKIX_DECREF(crlEntryList);
+ PKIX_DECREF(critExtOIDs);
+ PKIX_DECREF(crlIssuerString);
+ PKIX_DECREF(lastUpdateString);
+ PKIX_DECREF(nextUpdateString);
+ PKIX_DECREF(nssSignatureAlgIdString);
+ PKIX_DECREF(crlNumberString);
+ PKIX_DECREF(crlEntryListString);
+ PKIX_DECREF(critExtOIDsString);
+ PKIX_DECREF(formatString);
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRL_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *crlString = NULL;
+ PKIX_PL_CRL *crl = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRL_TYPE, plContext),
+ PKIX_OBJECTNOTCRL);
+
+ crl = (PKIX_PL_CRL *) object;
+
+ PKIX_CHECK(pkix_pl_CRL_ToString_Helper(crl, &crlString, plContext),
+ PKIX_CRLTOSTRINGHELPERFAILED);
+
+ *pString = crlString;
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRL_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_CRL *crl = NULL;
+ PKIX_UInt32 certHash;
+ SECItem *crlDer = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRL_TYPE, plContext),
+ PKIX_OBJECTNOTCRL);
+
+ crl = (PKIX_PL_CRL *)object;
+ if (crl->adoptedDerCrl) {
+ crlDer = crl->adoptedDerCrl;
+ } else if (crl->nssSignedCrl && crl->nssSignedCrl->derCrl) {
+ crlDer = crl->nssSignedCrl->derCrl;
+ }
+ if (!crlDer || !crlDer->data) {
+ PKIX_ERROR(PKIX_CANNOTAQUIRECRLDER);
+ }
+
+ PKIX_CHECK(pkix_hash(crlDer->data, crlDer->len,
+ &certHash, plContext),
+ PKIX_ERRORINHASH);
+
+ *pHashcode = certHash;
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRL_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CRL *firstCrl = NULL;
+ PKIX_PL_CRL *secondCrl = NULL;
+ SECItem *crlDerOne = NULL, *crlDerTwo = NULL;
+ PKIX_UInt32 secondType;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CRL */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_CRL_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCRL);
+
+ firstCrl = (PKIX_PL_CRL *)firstObject;
+ secondCrl = (PKIX_PL_CRL *)secondObject;
+
+ /*
+ * Since we know firstObject is a CRL, if both references are
+ * identical, they must be equal
+ */
+ if (firstCrl == secondCrl){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondCrl isn't a CRL, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ ((PKIX_PL_Object *)secondCrl, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CRL_TYPE) goto cleanup;
+
+ if (firstCrl->adoptedDerCrl) {
+ crlDerOne = firstCrl->adoptedDerCrl;
+ } else if (firstCrl->nssSignedCrl && firstCrl->nssSignedCrl->derCrl) {
+ crlDerOne = firstCrl->nssSignedCrl->derCrl;
+ }
+
+ if (secondCrl->adoptedDerCrl) {
+ crlDerTwo = secondCrl->adoptedDerCrl;
+ } else if (secondCrl->nssSignedCrl && secondCrl->nssSignedCrl->derCrl) {
+ crlDerTwo = secondCrl->nssSignedCrl->derCrl;
+ }
+
+ if (SECITEM_CompareItem(crlDerOne, crlDerTwo) == SECEqual) {
+ *pResult = PKIX_TRUE;
+ }
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_CRL_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ *
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CRL_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry = &systemClasses[PKIX_CRL_TYPE];
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_RegisterSelf");
+
+ entry->description = "CRL";
+ entry->typeObjectSize = sizeof(PKIX_PL_CRL);
+ entry->destructor = pkix_pl_CRL_Destroy;
+ entry->equalsFunction = pkix_pl_CRL_Equals;
+ entry->hashcodeFunction = pkix_pl_CRL_Hashcode;
+ entry->toStringFunction = pkix_pl_CRL_ToString;
+ entry->duplicateFunction = pkix_duplicateImmutable;
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CRL_VerifyUpdateTime (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRL_VerifyUpdateTime(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_Date *date,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PRTime timeToCheck;
+ PRTime nextUpdate;
+ PRTime lastUpdate;
+ SECStatus status;
+ CERTCrl *nssCrl = NULL;
+ SECItem *nextUpdateDer = NULL;
+ PKIX_Boolean haveNextUpdate = PR_FALSE;
+
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_VerifyUpdateTime");
+ PKIX_NULLCHECK_FOUR(crl, crl->nssSignedCrl, date, pResult);
+
+ /* Can call this function only with der been adopted. */
+ PORT_Assert(crl->adoptedDerCrl);
+
+ nssCrl = &(crl->nssSignedCrl->crl);
+ timeToCheck = date->nssTime;
+
+ /* nextUpdate can be NULL. Checking before using it */
+ nextUpdateDer = &nssCrl->nextUpdate;
+ if (nextUpdateDer->data && nextUpdateDer->len) {
+ haveNextUpdate = PR_TRUE;
+ status = DER_DecodeTimeChoice(&nextUpdate, nextUpdateDer);
+ if (status != SECSuccess) {
+ PKIX_ERROR(PKIX_DERDECODETIMECHOICEFORNEXTUPDATEFAILED);
+ }
+ }
+
+ status = DER_DecodeTimeChoice(&lastUpdate, &(nssCrl->lastUpdate));
+ if (status != SECSuccess) {
+ PKIX_ERROR(PKIX_DERDECODETIMECHOICEFORLASTUPDATEFAILED);
+ }
+
+ if (!haveNextUpdate || nextUpdate < timeToCheck) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ if (lastUpdate <= timeToCheck) {
+ *pResult = PKIX_TRUE;
+ } else {
+ *pResult = PKIX_FALSE;
+ }
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRL_CreateWithSignedCRL
+ * DESCRIPTION:
+ *
+ * Creates a new CRL using the CERTSignedCrl pointed to by "nssSignedCrl"
+ * and stores it at "pCRL". If the decoding of the CERTSignedCrl fails,
+ * a PKIX_Error is returned.
+ *
+ * PARAMETERS:
+ * "nssSignedCrl"
+ * Address of CERTSignedCrl. Must be non-NULL.
+ * "adoptedDerCrl"
+ * SECItem ponter that if not NULL is indicating that memory used
+ * for der should be adopted by crl that is about to be created.
+ * "pCRL"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CRL_CreateWithSignedCRL(
+ CERTSignedCrl *nssSignedCrl,
+ SECItem *adoptedDerCrl,
+ SECItem *derGenName,
+ PKIX_PL_CRL **pCrl,
+ void *plContext)
+{
+ PKIX_PL_CRL *crl = NULL;
+
+ PKIX_ENTER(CRL, "pkix_pl_CRL_CreateWithSignedCRL");
+ PKIX_NULLCHECK_ONE(pCrl);
+
+ /* create a PKIX_PL_CRL object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CRL_TYPE,
+ sizeof (PKIX_PL_CRL),
+ (PKIX_PL_Object **)&crl,
+ plContext),
+ PKIX_COULDNOTCREATECRLOBJECT);
+
+ /* populate the nssSignedCrl field */
+ crl->nssSignedCrl = nssSignedCrl;
+ crl->adoptedDerCrl = adoptedDerCrl;
+ crl->issuer = NULL;
+ crl->signatureAlgId = NULL;
+ crl->crlNumber = NULL;
+ crl->crlNumberAbsent = PKIX_FALSE;
+ crl->crlEntryList = NULL;
+ crl->critExtOids = NULL;
+ if (derGenName) {
+ crl->derGenName =
+ SECITEM_DupItem(derGenName);
+ if (!crl->derGenName) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ }
+
+ *pCrl = crl;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(crl);
+ }
+
+ PKIX_RETURN(CRL);
+}
+
+/* --Public-CRL-Functions------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_CRL_Create (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRL_Create(
+ PKIX_PL_ByteArray *byteArray,
+ PKIX_PL_CRL **pCrl,
+ void *plContext)
+{
+ CERTSignedCrl *nssSignedCrl = NULL;
+ SECItem derItem, *derCrl = NULL;
+ PKIX_PL_CRL *crl = NULL;
+
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_Create");
+ PKIX_NULLCHECK_TWO(byteArray, pCrl);
+
+ if (byteArray->length == 0){
+ PKIX_ERROR(PKIX_ZEROLENGTHBYTEARRAYFORCRLENCODING);
+ }
+ derItem.type = siBuffer;
+ derItem.data = byteArray->array;
+ derItem.len = byteArray->length;
+ derCrl = SECITEM_DupItem(&derItem);
+ if (!derCrl) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ nssSignedCrl =
+ CERT_DecodeDERCrlWithFlags(NULL, derCrl, SEC_CRL_TYPE,
+ CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_SKIP_ENTRIES);
+ if (!nssSignedCrl) {
+ PKIX_ERROR(PKIX_CERTDECODEDERCRLFAILED);
+ }
+ PKIX_CHECK(
+ pkix_pl_CRL_CreateWithSignedCRL(nssSignedCrl, derCrl, NULL,
+ &crl, plContext),
+ PKIX_CRLCREATEWITHSIGNEDCRLFAILED);
+ nssSignedCrl = NULL;
+ derCrl = NULL;
+ *pCrl = crl;
+
+cleanup:
+ if (derCrl) {
+ SECITEM_FreeItem(derCrl, PR_TRUE);
+ }
+ if (nssSignedCrl) {
+ SEC_DestroyCrl(nssSignedCrl);
+ }
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetIssuer (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetIssuer(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_X500Name **pCRLIssuer,
+ void *plContext)
+{
+ PKIX_PL_String *crlString = NULL;
+ PKIX_PL_X500Name *issuer = NULL;
+ SECItem *derIssuerName = NULL;
+ CERTName *issuerName = NULL;
+
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_GetIssuer");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pCRLIssuer);
+
+ /* Can call this function only with der been adopted. */
+ PORT_Assert(crl->adoptedDerCrl);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (crl->issuer == NULL){
+
+ PKIX_OBJECT_LOCK(crl);
+
+ if (crl->issuer == NULL) {
+
+ issuerName = &crl->nssSignedCrl->crl.name;
+ derIssuerName = &crl->nssSignedCrl->crl.derName;
+
+ PKIX_CHECK(
+ PKIX_PL_X500Name_CreateFromCERTName(derIssuerName,
+ issuerName,
+ &issuer,
+ plContext),
+ PKIX_X500NAMECREATEFROMCERTNAMEFAILED);
+
+ /* save a cached copy in case it is asked for again */
+ crl->issuer = issuer;
+ }
+
+ PKIX_OBJECT_UNLOCK(crl);
+
+ }
+
+ PKIX_INCREF(crl->issuer);
+
+ *pCRLIssuer = crl->issuer;
+
+cleanup:
+
+ PKIX_DECREF(crlString);
+
+ PKIX_RETURN(CRL);
+}
+
+
+/*
+ * FUNCTION: PKIX_PL_CRL_GetCriticalExtensionOIDs
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRL_GetCriticalExtensionOIDs(
+ PKIX_PL_CRL *crl,
+ PKIX_List **pExtensions, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_List *oidsList = NULL;
+ CERTCertExtension **extensions = NULL;
+ CERTCrl *nssSignedCrl = NULL;
+
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_GetCriticalExtensionOIDs");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pExtensions);
+
+ /* Can call this function only with der been adopted. */
+ PORT_Assert(crl->adoptedDerCrl);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (crl->critExtOids == NULL) {
+
+ PKIX_OBJECT_LOCK(crl);
+
+ nssSignedCrl = &(crl->nssSignedCrl->crl);
+ extensions = nssSignedCrl->extensions;
+
+ if (crl->critExtOids == NULL) {
+
+ PKIX_CHECK(pkix_pl_OID_GetCriticalExtensionOIDs
+ (extensions, &oidsList, plContext),
+ PKIX_GETCRITICALEXTENSIONOIDSFAILED);
+
+ crl->critExtOids = oidsList;
+ }
+
+ PKIX_OBJECT_UNLOCK(crl);
+
+ }
+
+ /* We should return a copy of the List since this list changes */
+ PKIX_DUPLICATE(crl->critExtOids, pExtensions, plContext,
+ PKIX_OBJECTDUPLICATELISTFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CRL);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CRL_VerifySignature (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRL_VerifySignature(
+ PKIX_PL_CRL *crl,
+ PKIX_PL_PublicKey *pubKey,
+ void *plContext)
+{
+ PKIX_PL_CRL *cachedCrl = NULL;
+ PKIX_Error *verifySig = NULL;
+ PKIX_Error *cachedSig = NULL;
+ PKIX_Boolean crlEqual = PKIX_FALSE;
+ PKIX_Boolean crlInHash= PKIX_FALSE;
+ CERTSignedCrl *nssSignedCrl = NULL;
+ SECKEYPublicKey *nssPubKey = NULL;
+ CERTSignedData *tbsCrl = NULL;
+ void* wincx = NULL;
+ SECStatus status;
+
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_VerifySignature");
+ PKIX_NULLCHECK_THREE(crl, crl->nssSignedCrl, pubKey);
+
+ /* Can call this function only with der been adopted. */
+ PORT_Assert(crl->adoptedDerCrl);
+
+ verifySig = PKIX_PL_HashTable_Lookup
+ (cachedCrlSigTable,
+ (PKIX_PL_Object *) pubKey,
+ (PKIX_PL_Object **) &cachedCrl,
+ plContext);
+
+ if (cachedCrl != NULL && verifySig == NULL) {
+ /* Cached Signature Table lookup succeed */
+ PKIX_EQUALS(crl, cachedCrl, &crlEqual, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+ if (crlEqual == PKIX_TRUE) {
+ goto cleanup;
+ }
+ /* Different PubKey may hash to same value, skip add */
+ crlInHash = PKIX_TRUE;
+ }
+
+ nssSignedCrl = crl->nssSignedCrl;
+ tbsCrl = &nssSignedCrl->signatureWrap;
+
+ PKIX_CRL_DEBUG("\t\tCalling SECKEY_ExtractPublicKey\n");
+ nssPubKey = SECKEY_ExtractPublicKey(pubKey->nssSPKI);
+ if (!nssPubKey){
+ PKIX_ERROR(PKIX_SECKEYEXTRACTPUBLICKEYFAILED);
+ }
+
+ PKIX_CHECK(pkix_pl_NssContext_GetWincx
+ ((PKIX_PL_NssContext *)plContext, &wincx),
+ PKIX_NSSCONTEXTGETWINCXFAILED);
+
+ PKIX_CRL_DEBUG("\t\tCalling CERT_VerifySignedDataWithPublicKey\n");
+ status = CERT_VerifySignedDataWithPublicKey(tbsCrl, nssPubKey, wincx);
+
+ if (status != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ PKIX_ERROR(PKIX_SIGNATUREDIDNOTVERIFYWITHTHEPUBLICKEY);
+ }
+
+ if (crlInHash == PKIX_FALSE) {
+ cachedSig = PKIX_PL_HashTable_Add
+ (cachedCrlSigTable,
+ (PKIX_PL_Object *) pubKey,
+ (PKIX_PL_Object *) crl,
+ plContext);
+
+ if (cachedSig != NULL) {
+ PKIX_DEBUG("PKIX_PL_HashTable_Add skipped: entry existed\n");
+ }
+ }
+
+cleanup:
+
+ if (nssPubKey){
+ PKIX_CRL_DEBUG("\t\tCalling SECKEY_DestroyPublicKey\n");
+ SECKEY_DestroyPublicKey(nssPubKey);
+ nssPubKey = NULL;
+ }
+
+ PKIX_DECREF(cachedCrl);
+ PKIX_DECREF(verifySig);
+ PKIX_DECREF(cachedSig);
+
+ PKIX_RETURN(CRL);
+}
+
+PKIX_Error*
+PKIX_PL_CRL_ReleaseDerCrl(PKIX_PL_CRL *crl,
+ SECItem **derCrl,
+ void *plContext)
+{
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_ReleaseDerCrl");
+ *derCrl = crl->adoptedDerCrl;
+ crl->adoptedDerCrl = NULL;
+
+ PKIX_RETURN(CRL);
+}
+
+PKIX_Error*
+PKIX_PL_CRL_AdoptDerCrl(PKIX_PL_CRL *crl,
+ SECItem *derCrl,
+ void *plContext)
+{
+ PKIX_ENTER(CRL, "PKIX_PL_CRL_AquireDerCrl");
+ if (crl->adoptedDerCrl) {
+ PKIX_ERROR(PKIX_CANNOTAQUIRECRLDER);
+ }
+ crl->adoptedDerCrl = derCrl;
+cleanup:
+ PKIX_RETURN(CRL);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.h
new file mode 100644
index 000000000..a45059ea0
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.h
@@ -0,0 +1,48 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_crl.h
+ *
+ * CRL Object Type Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_CRL_H
+#define _PKIX_PL_CRL_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_CRLStruct {
+ CERTSignedCrl *nssSignedCrl;
+ PKIX_PL_X500Name *issuer;
+ PKIX_PL_OID *signatureAlgId;
+ PKIX_PL_BigInt *crlNumber;
+ PKIX_Boolean crlNumberAbsent;
+ PKIX_List *crlEntryList; /* list of PKIX_PL_CRLEntry */
+ PKIX_List *critExtOids;
+ SECItem *adoptedDerCrl;
+ SECItem *derGenName; /* der of general name which was used
+ * to download the crl. */
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_CRL_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_CRL_CreateWithSignedCRL(CERTSignedCrl *nssSignedCrl,
+ SECItem *derCrl,
+ SECItem *derGenName,
+ PKIX_PL_CRL **pCrl,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_CRL_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.c
new file mode 100644
index 000000000..4f29de284
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.c
@@ -0,0 +1,151 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_crldp.c
+ *
+ * Crl DP Object Functions
+ *
+ */
+
+#include "pkix_pl_crldp.h"
+
+static PKIX_Error *
+pkix_pl_CrlDp_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ pkix_pl_CrlDp *crldp = NULL;
+
+ PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Check that this object is a default CRL checker state */
+ PKIX_CHECK(
+ pkix_CheckType(object, PKIX_CRLDP_TYPE, plContext),
+ PKIX_OBJECTNOTCRLCHECKER);
+
+ crldp = (pkix_pl_CrlDp *)object;
+ if (crldp->distPointType == relativeDistinguishedName) {
+ CERT_DestroyName(crldp->name.issuerName);
+ crldp->name.issuerName = NULL;
+ }
+ crldp->nssdp = NULL;
+cleanup:
+ PKIX_RETURN(CRLCHECKER);
+}
+
+/*
+ * FUNCTION: pkix_pl_CrlDp_RegisterSelf
+ *
+ * DESCRIPTION:
+ * Registers PKIX_CRLDP_TYPE and its related functions
+ * with systemClasses[]
+ *
+ * THREAD SAFETY:
+ * Not Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CrlDp_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry* entry = &systemClasses[PKIX_CRLDP_TYPE];
+
+ PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_RegisterSelf");
+
+ entry->description = "CrlDistPoint";
+ entry->typeObjectSize = sizeof(pkix_pl_CrlDp);
+ entry->destructor = pkix_pl_CrlDp_Destroy;
+ entry->duplicateFunction = pkix_duplicateImmutable;
+
+ PKIX_RETURN(CRLCHECKER);
+}
+
+
+
+PKIX_Error *
+pkix_pl_CrlDp_Create(
+ const CRLDistributionPoint *dp,
+ const CERTName *certIssuerName,
+ pkix_pl_CrlDp **pPkixDP,
+ void *plContext)
+{
+ PLArenaPool *rdnArena = NULL;
+ CERTName *issuerNameCopy = NULL;
+ pkix_pl_CrlDp *dpl = NULL;
+
+ /* Need to save the following info to update crl cache:
+ * - reasons if partitioned(but can not return revocation check
+ * success if not all crl are downloaded)
+ * - issuer name if different from issuer of the cert
+ * - url to upload a crl if needed.
+ * */
+ PKIX_ENTER(CRLDP, "pkix_pl_CrlDp_Create");
+ PKIX_NULLCHECK_ONE(dp);
+
+ PKIX_CHECK(
+ PKIX_PL_Object_Alloc(PKIX_CRLDP_TYPE,
+ sizeof (pkix_pl_CrlDp),
+ (PKIX_PL_Object **)&dpl,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ dpl->nssdp = dp;
+ dpl->isPartitionedByReasonCode = PKIX_FALSE;
+ if (dp->reasons.data) {
+ dpl->isPartitionedByReasonCode = PKIX_TRUE;
+ }
+ if (dp->distPointType == generalName) {
+ dpl->distPointType = generalName;
+ dpl->name.fullName = dp->distPoint.fullName;
+ } else {
+ SECStatus rv;
+ const CERTName *issuerName = NULL;
+ const CERTRDN *relName = &dp->distPoint.relativeName;
+
+ if (dp->crlIssuer) {
+ if (dp->crlIssuer->l.next) {
+ /* Violate RFC 5280: in this case crlIssuer
+ * should have only one name and should be
+ * a distinguish name. */
+ PKIX_ERROR(PKIX_NOTCONFORMINGCRLDP);
+ }
+ issuerName = &dp->crlIssuer->name.directoryName;
+ } else {
+ issuerName = certIssuerName;
+ }
+ rdnArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!rdnArena) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+ issuerNameCopy = (CERTName *)PORT_ArenaZNew(rdnArena, CERTName);
+ if (!issuerNameCopy) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ rv = CERT_CopyName(rdnArena, issuerNameCopy, (CERTName*)issuerName);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ rv = CERT_AddRDN(issuerNameCopy, (CERTRDN*)relName);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_ALLOCERROR);
+ }
+ dpl->distPointType = relativeDistinguishedName;
+ dpl->name.issuerName = issuerNameCopy;
+ rdnArena = NULL;
+ }
+ *pPkixDP = dpl;
+ dpl = NULL;
+
+cleanup:
+ if (rdnArena) {
+ PORT_FreeArena(rdnArena, PR_FALSE);
+ }
+ PKIX_DECREF(dpl);
+
+ PKIX_RETURN(CRLDP);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.h
new file mode 100644
index 000000000..49cd9d2cd
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crldp.h
@@ -0,0 +1,53 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_crldp.h
+ *
+ * Crp DP Object Definitions
+ *
+ */
+#include "pkix_pl_common.h"
+
+#ifndef _PKIX_PL_CRLDP_H
+#define _PKIX_PL_CRLDP_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* CRLDP object can not be used without holding a reference
+ * to the pkix certificate they belong to. The memory for dp der
+ * object is allocated on nssCert certificate - a member of
+ * PKIX_PL_Cert struct. */
+typedef struct pkix_pl_CrlDpStruct {
+ /* reference to decoded crldp that allocated on nssCert arena. */
+ const CRLDistributionPoint *nssdp;
+ DistributionPointTypes distPointType;
+ union {
+ CERTGeneralName *fullName;
+ /* if dp is a relative name, the issuerName is a merged value
+ * of crlIssuer and a relative name. Must be destroyed by CrlDp
+ * destructor. */
+ CERTName *issuerName;
+ } name;
+ PKIX_Boolean isPartitionedByReasonCode;
+} pkix_pl_CrlDp;
+
+
+PKIX_Error *
+pkix_pl_CrlDp_RegisterSelf(void *plContext);
+
+/* Parses CRLDistributionPoint structure and creaetes
+ * pkix_pl_CrlDp object. */
+PKIX_Error *
+pkix_pl_CrlDp_Create(const CRLDistributionPoint *dp,
+ const CERTName *certIssuerName,
+ pkix_pl_CrlDp **pPkixDP,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_CRLDP_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c
new file mode 100644
index 000000000..e2b3e0268
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.c
@@ -0,0 +1,880 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_crlentry.c
+ *
+ * CRLENTRY Function Definitions
+ *
+ */
+
+#include "pkix_pl_crlentry.h"
+
+/* --Private-CRLEntry-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CRLEntry *crlEntry = NULL;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLENTRY_TYPE, plContext),
+ PKIX_OBJECTNOTCRLENTRY);
+
+ crlEntry = (PKIX_PL_CRLEntry*)object;
+
+ /* crlEntry->nssCrlEntry is freed by NSS when freeing CRL */
+ crlEntry->userReasonCode = 0;
+ crlEntry->userReasonCodeAbsent = PKIX_FALSE;
+ crlEntry->nssCrlEntry = NULL;
+ PKIX_DECREF(crlEntry->serialNumber);
+ PKIX_DECREF(crlEntry->critExtOids);
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_ToString_Helper
+ *
+ * DESCRIPTION:
+ * Helper function that creates a string representation of the CRLEntry
+ * pointed to by "crlEntry" and stores it at "pString".
+ *
+ * PARAMETERS
+ * "crlEntry"
+ * Address of CRLEntry whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLEntry Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CRLEntry_ToString_Helper(
+ PKIX_PL_CRLEntry *crlEntry,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ char *asciiFormat = NULL;
+ PKIX_List *critExtOIDs = NULL;
+ PKIX_PL_String *crlEntryString = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *crlSerialNumberString = NULL;
+ PKIX_PL_String *crlRevocationDateString = NULL;
+ PKIX_PL_String *critExtOIDsString = NULL;
+ PKIX_Int32 reasonCode = 0;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_ToString_Helper");
+ PKIX_NULLCHECK_FOUR
+ (crlEntry,
+ crlEntry->serialNumber,
+ crlEntry->nssCrlEntry,
+ pString);
+
+ asciiFormat =
+ "\n\t[\n"
+ "\tSerialNumber: %s\n"
+ "\tReasonCode: %d\n"
+ "\tRevocationDate: %s\n"
+ "\tCritExtOIDs: %s\n"
+ "\t]\n\t";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ /* SerialNumber */
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)crlEntry->serialNumber,
+ &crlSerialNumberString,
+ plContext),
+ PKIX_BIGINTTOSTRINGHELPERFAILED);
+
+ /* RevocationDate - No Date object created, use nss data directly */
+ PKIX_CHECK(pkix_pl_Date_ToString_Helper
+ (&(crlEntry->nssCrlEntry->revocationDate),
+ &crlRevocationDateString,
+ plContext),
+ PKIX_DATETOSTRINGHELPERFAILED);
+
+ /* CriticalExtensionOIDs */
+ PKIX_CHECK(PKIX_PL_CRLEntry_GetCriticalExtensionOIDs
+ (crlEntry, &critExtOIDs, plContext),
+ PKIX_CRLENTRYGETCRITICALEXTENSIONOIDSFAILED);
+
+ PKIX_TOSTRING(critExtOIDs, &critExtOIDsString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ /* Revocation Reason Code */
+ PKIX_CHECK(PKIX_PL_CRLEntry_GetCRLEntryReasonCode
+ (crlEntry, &reasonCode, plContext),
+ PKIX_CRLENTRYGETCRLENTRYREASONCODEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&crlEntryString,
+ plContext,
+ formatString,
+ crlSerialNumberString,
+ reasonCode,
+ crlRevocationDateString,
+ critExtOIDsString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = crlEntryString;
+
+cleanup:
+
+ PKIX_DECREF(critExtOIDs);
+ PKIX_DECREF(crlSerialNumberString);
+ PKIX_DECREF(crlRevocationDateString);
+ PKIX_DECREF(critExtOIDsString);
+ PKIX_DECREF(formatString);
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *crlEntryString = NULL;
+ PKIX_PL_CRLEntry *crlEntry = NULL;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLENTRY_TYPE, plContext),
+ PKIX_OBJECTNOTCRLENTRY);
+
+ crlEntry = (PKIX_PL_CRLEntry *) object;
+
+ PKIX_CHECK(pkix_pl_CRLEntry_ToString_Helper
+ (crlEntry, &crlEntryString, plContext),
+ PKIX_CRLENTRYTOSTRINGHELPERFAILED);
+
+ *pString = crlEntryString;
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_Extensions_Hashcode
+ * DESCRIPTION:
+ *
+ * For each CRL Entry extension stored at NSS structure CERTCertExtension,
+ * get its derbyte data and do the hash.
+ *
+ * PARAMETERS
+ * "extensions"
+ * Address of arrray of CERTCertExtension whose hash value is desired.
+ * Must be non-NULL.
+ * "pHashValue"
+ * Address where the final hash value is returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditional Thread Safe
+ * Though the value of extensions once created is not supposed to change,
+ * it may be de-allocated while we are accessing it. But since we are
+ * validating the object, it is unlikely we or someone is de-allocating
+ * at the moment.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_Extensions_Hashcode(
+ CERTCertExtension **extensions,
+ PKIX_UInt32 *pHashValue,
+ void *plContext)
+{
+ CERTCertExtension *extension = NULL;
+ PLArenaPool *arena = NULL;
+ PKIX_UInt32 extHash = 0;
+ PKIX_UInt32 hashValue = 0;
+ SECItem *derBytes = NULL;
+ SECItem *resultSecItem = NULL;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Extensions_Hashcode");
+ PKIX_NULLCHECK_TWO(extensions, pHashValue);
+
+ if (extensions) {
+
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_NewArena\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ while (*extensions) {
+
+ extension = *extensions++;
+
+ PKIX_NULLCHECK_ONE(extension);
+
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_ArenaZNew\n");
+ derBytes = PORT_ArenaZNew(arena, SECItem);
+ if (derBytes == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ PKIX_CRLENTRY_DEBUG
+ ("\t\tCalling SEC_ASN1EncodeItem\n");
+ resultSecItem = SEC_ASN1EncodeItem
+ (arena,
+ derBytes,
+ extension,
+ CERT_CertExtensionTemplate);
+
+ if (resultSecItem == NULL){
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ PKIX_CHECK(pkix_hash
+ (derBytes->data,
+ derBytes->len,
+ &extHash,
+ plContext),
+ PKIX_HASHFAILED);
+
+ hashValue += (extHash << 7);
+
+ }
+ }
+
+ *pHashValue = hashValue;
+
+cleanup:
+
+ if (arena){
+ /* Note that freeing the arena also frees derBytes */
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_FreeArena\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ arena = NULL;
+ }
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ SECItem *nssDate = NULL;
+ PKIX_PL_CRLEntry *crlEntry = NULL;
+ PKIX_UInt32 crlEntryHash;
+ PKIX_UInt32 hashValue;
+ PKIX_Int32 reasonCode = 0;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_CRLENTRY_TYPE, plContext),
+ PKIX_OBJECTNOTCRLENTRY);
+
+ crlEntry = (PKIX_PL_CRLEntry *)object;
+
+ PKIX_NULLCHECK_ONE(crlEntry->nssCrlEntry);
+ nssDate = &(crlEntry->nssCrlEntry->revocationDate);
+
+ PKIX_NULLCHECK_ONE(nssDate->data);
+
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)nssDate->data,
+ nssDate->len,
+ &crlEntryHash,
+ plContext),
+ PKIX_ERRORGETTINGHASHCODE);
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)crlEntry->serialNumber,
+ &hashValue,
+ plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ crlEntryHash += (hashValue << 7);
+
+ hashValue = 0;
+
+ if (crlEntry->nssCrlEntry->extensions) {
+
+ PKIX_CHECK(pkix_pl_CRLEntry_Extensions_Hashcode
+ (crlEntry->nssCrlEntry->extensions, &hashValue, plContext),
+ PKIX_CRLENTRYEXTENSIONSHASHCODEFAILED);
+ }
+
+ crlEntryHash += (hashValue << 7);
+
+ PKIX_CHECK(PKIX_PL_CRLEntry_GetCRLEntryReasonCode
+ (crlEntry, &reasonCode, plContext),
+ PKIX_CRLENTRYGETCRLENTRYREASONCODEFAILED);
+
+ crlEntryHash += (reasonCode + 777) << 3;
+
+ *pHashcode = crlEntryHash;
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLENTRY_Extensions_Equals
+ * DESCRIPTION:
+ *
+ * Compare each extension's DERbyte data in "firstExtensions" with extension
+ * in "secondExtensions" in sequential order and store the result in
+ * "pResult".
+ *
+ * PARAMETERS
+ * "firstExtensions"
+ * Address of first NSS structure CERTCertExtension to be compared.
+ * Must be non-NULL.
+ * "secondExtensions"
+ * Address of second NSS structure CERTCertExtension to be compared.
+ * Must be non-NULL.
+ * "pResult"
+ * Address where the comparison result is returned. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * Though the value of extensions once created is not supposed to change,
+ * it may be de-allocated while we are accessing it. But since we are
+ * validating the object, it is unlikely we or someone is de-allocating
+ * at the moment.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_Extensions_Equals(
+ CERTCertExtension **extensions1,
+ CERTCertExtension **extensions2,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ CERTCertExtension **firstExtensions;
+ CERTCertExtension **secondExtensions;
+ CERTCertExtension *firstExtension = NULL;
+ CERTCertExtension *secondExtension = NULL;
+ PLArenaPool *arena = NULL;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
+ SECItem *firstDerBytes = NULL;
+ SECItem *secondDerBytes = NULL;
+ SECItem *firstResultSecItem = NULL;
+ SECItem *secondResultSecItem = NULL;
+ PKIX_UInt32 firstNumExt = 0;
+ PKIX_UInt32 secondNumExt = 0;
+ SECComparison secResult;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Extensions_Equals");
+ PKIX_NULLCHECK_THREE(extensions1, extensions2, pResult);
+
+ firstExtensions = extensions1;
+ secondExtensions = extensions2;
+
+ if (firstExtensions) {
+ while (*firstExtensions) {
+ firstExtension = *firstExtensions++;
+ firstNumExt++;
+ }
+ }
+
+ if (secondExtensions) {
+ while (*secondExtensions) {
+ secondExtension = *secondExtensions++;
+ secondNumExt++;
+ }
+ }
+
+ if (firstNumExt != secondNumExt) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ if (firstNumExt == 0 && secondNumExt == 0) {
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /* now have equal number, but non-zero extension items to compare */
+
+ firstExtensions = extensions1;
+ secondExtensions = extensions2;
+
+ cmpResult = PKIX_TRUE;
+
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_NewArena\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE*2);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ while (firstNumExt--) {
+
+ firstExtension = *firstExtensions++;
+ secondExtension = *secondExtensions++;
+
+ PKIX_NULLCHECK_TWO(firstExtension, secondExtension);
+
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_ArenaZNew\n");
+ firstDerBytes = PORT_ArenaZNew(arena, SECItem);
+ if (firstDerBytes == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_ArenaZNew\n");
+ secondDerBytes = PORT_ArenaZNew(arena, SECItem);
+ if (secondDerBytes == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ PKIX_CRLENTRY_DEBUG
+ ("\t\tCalling SEC_ASN1EncodeItem\n");
+ firstResultSecItem = SEC_ASN1EncodeItem
+ (arena,
+ firstDerBytes,
+ firstExtension,
+ CERT_CertExtensionTemplate);
+
+ if (firstResultSecItem == NULL){
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ PKIX_CRLENTRY_DEBUG
+ ("\t\tCalling SEC_ASN1EncodeItem\n");
+ secondResultSecItem = SEC_ASN1EncodeItem
+ (arena,
+ secondDerBytes,
+ secondExtension,
+ CERT_CertExtensionTemplate);
+
+ if (secondResultSecItem == NULL){
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ PKIX_CRLENTRY_DEBUG("\t\tCalling SECITEM_CompareItem\n");
+ secResult = SECITEM_CompareItem
+ (firstResultSecItem, secondResultSecItem);
+
+ if (secResult != SECEqual) {
+ cmpResult = PKIX_FALSE;
+ break;
+ }
+
+ }
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ if (arena){
+ /* Note that freeing the arena also frees derBytes */
+ PKIX_CRLENTRY_DEBUG("\t\tCalling PORT_FreeArena\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ arena = NULL;
+ }
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CRLEntry *firstCrlEntry = NULL;
+ PKIX_PL_CRLEntry *secondCrlEntry = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CRLEntry */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_CRLENTRY_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCRLENTRY);
+
+ firstCrlEntry = (PKIX_PL_CRLEntry *)firstObject;
+ secondCrlEntry = (PKIX_PL_CRLEntry *)secondObject;
+
+ PKIX_NULLCHECK_TWO
+ (firstCrlEntry->nssCrlEntry, secondCrlEntry->nssCrlEntry);
+
+ /*
+ * Since we know firstObject is a CRLEntry, if both references are
+ * identical, they must be equal
+ */
+ if (firstCrlEntry == secondCrlEntry){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondCrlEntry isn't a CRL Entry, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ ((PKIX_PL_Object *)secondCrlEntry, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_CRLENTRY_TYPE) goto cleanup;
+
+ /* Compare userSerialNumber */
+ PKIX_CRLENTRY_DEBUG("\t\tCalling SECITEM_CompareItem\n");
+ if (SECITEM_CompareItem(
+ &(((PKIX_PL_CRLEntry *)firstCrlEntry)->nssCrlEntry->serialNumber),
+ &(((PKIX_PL_CRLEntry *)secondCrlEntry)->nssCrlEntry->serialNumber))
+ != SECEqual) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ /* Compare revocationDate */
+ PKIX_CRLENTRY_DEBUG("\t\tCalling SECITEM_CompareItem\n");
+ if (SECITEM_CompareItem
+ (&(((PKIX_PL_CRLEntry *)firstCrlEntry)->nssCrlEntry->
+ revocationDate),
+ &(((PKIX_PL_CRLEntry *)secondCrlEntry)->nssCrlEntry->
+ revocationDate))
+ != SECEqual) {
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ /* Compare Critical Extension List */
+ PKIX_CHECK(pkix_pl_CRLEntry_Extensions_Equals
+ (firstCrlEntry->nssCrlEntry->extensions,
+ secondCrlEntry->nssCrlEntry->extensions,
+ &cmpResult,
+ plContext),
+ PKIX_CRLENTRYEXTENSIONSEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE){
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+
+ cmpResult = (firstCrlEntry->userReasonCode ==
+ secondCrlEntry->userReasonCode);
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CRLEntry_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CRLEntry_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_RegisterSelf");
+
+ entry.description = "CRLEntry";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CRLEntry);
+ entry.destructor = pkix_pl_CRLEntry_Destroy;
+ entry.equalsFunction = pkix_pl_CRLEntry_Equals;
+ entry.hashcodeFunction = pkix_pl_CRLEntry_Hashcode;
+ entry.toStringFunction = pkix_pl_CRLEntry_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CRLENTRY_TYPE] = entry;
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_CreateEntry
+ * DESCRIPTION:
+ *
+ * Creates a new CRLEntry using the CertCrlEntry pointed to by "nssCrlEntry"
+ * and stores it at "pCrlEntry". Once created, a CRLEntry is immutable.
+ *
+ * revokedCertificates SEQUENCE OF SEQUENCE {
+ * userCertificate CertificateSerialNumber,
+ * revocationDate Time,
+ * crlEntryExtensions Extensions OPTIONAL
+ * -- if present, MUST be v2
+ *
+ * PARAMETERS:
+ * "nssCrlEntry"
+ * Address of CERTCrlEntry representing an NSS CRL entry.
+ * Must be non-NULL.
+ * "pCrlEntry"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLEntry Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CRLEntry_CreateEntry(
+ CERTCrlEntry *nssCrlEntry, /* entry data to be created from */
+ PKIX_PL_CRLEntry **pCrlEntry,
+ void *plContext)
+{
+ PKIX_PL_CRLEntry *crlEntry = NULL;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_CreateEntry");
+ PKIX_NULLCHECK_TWO(nssCrlEntry, pCrlEntry);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CRLENTRY_TYPE,
+ sizeof (PKIX_PL_CRLEntry),
+ (PKIX_PL_Object **)&crlEntry,
+ plContext),
+ PKIX_COULDNOTCREATECRLENTRYOBJECT);
+
+ crlEntry->nssCrlEntry = nssCrlEntry;
+ crlEntry->serialNumber = NULL;
+ crlEntry->critExtOids = NULL;
+ crlEntry->userReasonCode = 0;
+ crlEntry->userReasonCodeAbsent = PKIX_FALSE;
+
+ *pCrlEntry = crlEntry;
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: pkix_pl_CRLEntry_Create
+ * DESCRIPTION:
+ *
+ * Creates a List of CRLEntries using the array of CERTCrlEntries pointed to
+ * by "nssCrlEntries" and stores it at "pCrlEntryList". If "nssCrlEntries" is
+ * NULL, this function stores an empty List at "pCrlEntryList".
+ * }
+ * PARAMETERS:
+ * "nssCrlEntries"
+ * Address of array of CERTCrlEntries representing NSS CRL entries.
+ * Can be NULL if CRL has no NSS CRL entries.
+ * "pCrlEntryList"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRLEntry Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CRLEntry_Create(
+ CERTCrlEntry **nssCrlEntries, /* head of entry list */
+ PKIX_List **pCrlEntryList,
+ void *plContext)
+{
+ PKIX_List *entryList = NULL;
+ PKIX_PL_CRLEntry *crlEntry = NULL;
+ CERTCrlEntry **entries = NULL;
+ SECItem serialNumberItem;
+ PKIX_PL_BigInt *serialNumber;
+ char *bytes = NULL;
+ PKIX_UInt32 length;
+
+ PKIX_ENTER(CRLENTRY, "pkix_pl_CRLEntry_Create");
+ PKIX_NULLCHECK_ONE(pCrlEntryList);
+
+ entries = nssCrlEntries;
+
+ PKIX_CHECK(PKIX_List_Create(&entryList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ if (entries) {
+ while (*entries){
+ PKIX_CHECK(pkix_pl_CRLEntry_CreateEntry
+ (*entries, &crlEntry, plContext),
+ PKIX_COULDNOTCREATECRLENTRYOBJECT);
+
+ /* Get Serial Number */
+ serialNumberItem = (*entries)->serialNumber;
+ length = serialNumberItem.len;
+ bytes = (char *)serialNumberItem.data;
+
+ PKIX_CHECK(pkix_pl_BigInt_CreateWithBytes
+ (bytes, length, &serialNumber, plContext),
+ PKIX_BIGINTCREATEWITHBYTESFAILED);
+
+ crlEntry->serialNumber = serialNumber;
+ crlEntry->nssCrlEntry = *entries;
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (entryList, (PKIX_PL_Object *)crlEntry, plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(crlEntry);
+
+ entries++;
+ }
+ }
+
+ *pCrlEntryList = entryList;
+
+cleanup:
+ PKIX_DECREF(crlEntry);
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(entryList);
+ }
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/* --Public-CRLENTRY-Functions------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_CRLEntry_GetCRLEntryReasonCode
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRLEntry_GetCRLEntryReasonCode (
+ PKIX_PL_CRLEntry *crlEntry,
+ PKIX_Int32 *pReason,
+ void *plContext)
+{
+ SECStatus status;
+ CERTCRLEntryReasonCode nssReasonCode;
+
+ PKIX_ENTER(CRLENTRY, "PKIX_PL_CRLEntry_GetCRLEntryReasonCode");
+ PKIX_NULLCHECK_TWO(crlEntry, pReason);
+
+ if (!crlEntry->userReasonCodeAbsent && crlEntry->userReasonCode == 0) {
+
+ PKIX_OBJECT_LOCK(crlEntry);
+
+ if (!crlEntry->userReasonCodeAbsent &&
+ crlEntry->userReasonCode == 0) {
+
+ /* reason code has not been cached in */
+ PKIX_CRLENTRY_DEBUG("\t\tCERT_FindCRLEntryReasonExten.\n");
+ status = CERT_FindCRLEntryReasonExten
+ (crlEntry->nssCrlEntry, &nssReasonCode);
+
+ if (status == SECSuccess) {
+ crlEntry->userReasonCode = (PKIX_Int32) nssReasonCode;
+ } else {
+ crlEntry->userReasonCodeAbsent = PKIX_TRUE;
+ }
+ }
+
+ PKIX_OBJECT_UNLOCK(crlEntry);
+
+ }
+
+ *pReason = crlEntry->userReasonCode;
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
+
+/*
+ * FUNCTION: PKIX_PL_CRLEntry_GetCriticalExtensionOIDs
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_CRLEntry_GetCriticalExtensionOIDs (
+ PKIX_PL_CRLEntry *crlEntry,
+ PKIX_List **pList, /* list of PKIX_PL_OID */
+ void *plContext)
+{
+ PKIX_List *oidsList = NULL;
+ CERTCertExtension **extensions;
+
+ PKIX_ENTER(CRLENTRY, "PKIX_PL_CRLEntry_GetCriticalExtensionOIDs");
+ PKIX_NULLCHECK_THREE(crlEntry, crlEntry->nssCrlEntry, pList);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (crlEntry->critExtOids == NULL) {
+
+ PKIX_OBJECT_LOCK(crlEntry);
+
+ if (crlEntry->critExtOids == NULL) {
+
+ extensions = crlEntry->nssCrlEntry->extensions;
+
+ PKIX_CHECK(pkix_pl_OID_GetCriticalExtensionOIDs
+ (extensions, &oidsList, plContext),
+ PKIX_GETCRITICALEXTENSIONOIDSFAILED);
+
+ crlEntry->critExtOids = oidsList;
+ }
+
+ PKIX_OBJECT_UNLOCK(crlEntry);
+
+ }
+
+ /* We should return a copy of the List since this list changes */
+ PKIX_DUPLICATE(crlEntry->critExtOids, pList, plContext,
+ PKIX_OBJECTDUPLICATELISTFAILED);
+
+cleanup:
+
+ PKIX_RETURN(CRLENTRY);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.h
new file mode 100644
index 000000000..9cdb6bc92
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crlentry.h
@@ -0,0 +1,46 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_crlentry.h
+ *
+ * CRL Entry Type Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_CRLENTRY_H
+#define _PKIX_PL_CRLENTRY_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define PKIX_PL_CRL_REASONCODE_NOTSET (-1)
+
+struct PKIX_PL_CRLEntryStruct {
+ CERTCrlEntry *nssCrlEntry;
+ PKIX_PL_BigInt *serialNumber;
+ PKIX_List *critExtOids;
+ PKIX_Int32 userReasonCode;
+ PKIX_Boolean userReasonCodeAbsent;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_CRLEntry_RegisterSelf(void *plContext);
+
+/* following functions are called by CRL only hence not public */
+
+PKIX_Error *
+pkix_pl_CRLEntry_Create(
+ CERTCrlEntry **nssCrlEntry, /* head of entry list */
+ PKIX_List **pCrlEntryList,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_CRLENTRY_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.c
new file mode 100644
index 000000000..4b5016bd0
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.c
@@ -0,0 +1,466 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_date.c
+ *
+ * Date Object Definitions
+ *
+ */
+
+#include "pkix_pl_date.h"
+
+/* --Private-Date-Functions------------------------------------- */
+/*
+ * FUNCTION: pkix_pl_Date_GetPRTime
+ * DESCRIPTION:
+ *
+ * Translates into a PRTime the Date embodied by the Date object pointed to
+ * by "date", and stores it at "pPRTime".
+ *
+ * PARAMETERS
+ * "date"
+ * Address of Date whose PRTime representation is desired. Must be
+ * non-NULL.
+ * "pPRTime"
+ * Address where PRTime value will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Date Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Date_GetPRTime(
+ PKIX_PL_Date *date,
+ PRTime *pPRTime,
+ void *plContext)
+{
+ PKIX_ENTER(DATE, "PKIX_PL_Date_GetPRTime");
+ PKIX_NULLCHECK_TWO(date, pPRTime);
+
+ *pPRTime = date->nssTime;
+
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_CreateFromPRTime
+ * DESCRIPTION:
+ *
+ * Creates a new Date from the PRTime whose value is "prtime", and stores the
+ * result at "pDate".
+ *
+ * PARAMETERS
+ * "prtime"
+ * The PRTime value to be embodied in the new Date object.
+ * "pDate"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Date Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Date_CreateFromPRTime(
+ PRTime prtime,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_PL_Date *date = NULL;
+
+ PKIX_ENTER(DATE, "PKIX_PL_Date_CreateFromPRTime");
+ PKIX_NULLCHECK_ONE(pDate);
+
+ /* create a PKIX_PL_Date object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_DATE_TYPE,
+ sizeof (PKIX_PL_Date),
+ (PKIX_PL_Object **)&date,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+ /* populate the nssTime field */
+ date->nssTime = prtime;
+ *pDate = date;
+cleanup:
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the SECItem pointed
+ * to by "nssTime" (which represents a date) and stores it at "pString".
+ *
+ * PARAMETERS
+ * "nssTime"
+ * Address of SECItem whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Date Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Date_ToString_Helper(
+ SECItem *nssTime,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ char *asciiDate = NULL;
+
+ PKIX_ENTER(DATE, "pkix_pl_Date_ToString_Helper");
+ PKIX_NULLCHECK_TWO(nssTime, pString);
+
+ switch (nssTime->type) {
+ case siUTCTime:
+ PKIX_PL_NSSCALLRV
+ (DATE, asciiDate, DER_UTCDayToAscii, (nssTime));
+ if (!asciiDate){
+ PKIX_ERROR(PKIX_DERUTCTIMETOASCIIFAILED);
+ }
+ break;
+ case siGeneralizedTime:
+ /*
+ * we don't currently have any way to create GeneralizedTime.
+ * this code is only here so that it will be in place when
+ * we do have the capability to create GeneralizedTime.
+ */
+ PKIX_PL_NSSCALLRV
+ (DATE, asciiDate, DER_GeneralizedDayToAscii, (nssTime));
+ if (!asciiDate){
+ PKIX_ERROR(PKIX_DERGENERALIZEDDAYTOASCIIFAILED);
+ }
+ break;
+ default:
+ PKIX_ERROR(PKIX_UNRECOGNIZEDTIMETYPE);
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, asciiDate, 0, pString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+cleanup:
+ PR_Free(asciiDate);
+
+ PKIX_RETURN(DATE);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_Date_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Date_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ENTER(DATE, "pkix_pl_Date_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_DATE_TYPE, plContext),
+ PKIX_OBJECTNOTDATE);
+cleanup:
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Date_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_Date *date = NULL;
+ SECItem nssTime = {siBuffer, NULL, 0};
+ SECStatus rv;
+
+ PKIX_ENTER(DATE, "pkix_pl_Date_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_DATE_TYPE, plContext),
+ PKIX_OBJECTNOTDATE);
+
+ date = (PKIX_PL_Date *)object;
+ rv = DER_EncodeTimeChoice(NULL, &nssTime, date->nssTime);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_DERENCODETIMECHOICEFAILED);
+ }
+ PKIX_CHECK(pkix_pl_Date_ToString_Helper
+ (&nssTime, pString, plContext),
+ PKIX_DATETOSTRINGHELPERFAILED);
+cleanup:
+ if (nssTime.data) {
+ SECITEM_FreeItem(&nssTime, PR_FALSE);
+ }
+
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Date_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_Date *date = NULL;
+ PKIX_UInt32 dateHash;
+
+ PKIX_ENTER(DATE, "pkix_pl_Date_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_DATE_TYPE, plContext),
+ PKIX_OBJECTNOTDATE);
+
+ date = (PKIX_PL_Date *)object;
+
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)&date->nssTime,
+ sizeof(date->nssTime),
+ &dateHash,
+ plContext),
+ PKIX_HASHFAILED);
+
+ *pHashcode = dateHash;
+
+cleanup:
+
+ PKIX_RETURN(DATE);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_Comparator
+ * (see comments for PKIX_PL_ComparatorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Date_Comparator(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PRTime firstTime;
+ PRTime secondTime;
+ SECComparison cmpResult;
+
+ PKIX_ENTER(DATE, "pkix_pl_Date_Comparator");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject, secondObject, PKIX_DATE_TYPE, plContext),
+ PKIX_ARGUMENTSNOTDATES);
+
+ firstTime = ((PKIX_PL_Date *)firstObject)->nssTime;
+ secondTime = ((PKIX_PL_Date *)secondObject)->nssTime;
+
+ if (firstTime == secondTime)
+ cmpResult = SECEqual;
+ else if (firstTime < secondTime)
+ cmpResult = SECLessThan;
+ else
+ cmpResult = SECGreaterThan;
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Date_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_ENTER(DATE, "pkix_pl_Date_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a Date */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_DATE_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTDATE);
+
+ /*
+ * Since we know firstObject is a Date, if both references are
+ * identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ *pResult = PKIX_FALSE;
+ pkixErrorResult =
+ pkix_pl_Date_Comparator(firstObject, secondObject,
+ pResult, plContext);
+ if (pkixErrorResult) {
+ PKIX_DECREF(pkixErrorResult);
+ }
+
+cleanup:
+
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: pkix_pl_Date_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_DATE_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_Date_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry* entry = &systemClasses[PKIX_DATE_TYPE];
+
+ PKIX_ENTER(CRLCHECKER, "pkix_CrlDp_RegisterSelf");
+
+ entry->description = "Date";
+ entry->typeObjectSize = sizeof(PKIX_PL_Date);
+ entry->destructor = pkix_pl_Date_Destroy;
+ entry->equalsFunction = pkix_pl_Date_Equals;
+ entry->hashcodeFunction = pkix_pl_Date_Hashcode;
+ entry->toStringFunction = pkix_pl_Date_ToString;
+ entry->comparator = pkix_pl_Date_Comparator;
+ entry->duplicateFunction = pkix_duplicateImmutable;
+
+ PKIX_RETURN(DATE);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_Date_Create_UTCTime (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Date_Create_UTCTime(
+ PKIX_PL_String *stringRep,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_PL_Date *date = NULL;
+ char *asciiString = NULL;
+ PKIX_UInt32 escAsciiLength;
+ SECStatus rv;
+ PRTime time;
+
+ PKIX_ENTER(DATE, "PKIX_PL_Date_Create_UTCTime");
+ PKIX_NULLCHECK_ONE(pDate);
+
+ if (stringRep == NULL){
+ PKIX_DATE_DEBUG("\t\tCalling PR_Now).\n");
+ time = PR_Now();
+ } else {
+ /* convert the input PKIX_PL_String to PKIX_ESCASCII */
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stringRep,
+ PKIX_ESCASCII,
+ (void **)&asciiString,
+ &escAsciiLength,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_DATE_DEBUG("\t\tCalling DER_AsciiToTime).\n");
+ /* DER_AsciiToTime only supports UTCTime (2-digit years) */
+ rv = DER_AsciiToTime(&time, asciiString);
+ if (rv != SECSuccess){
+ PKIX_ERROR(PKIX_DERASCIITOTIMEFAILED);
+ }
+ }
+
+ /* create a PKIX_PL_Date object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_DATE_TYPE,
+ sizeof (PKIX_PL_Date),
+ (PKIX_PL_Object **)&date,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* populate the nssTime field */
+ date->nssTime = time;
+ *pDate = date;
+
+cleanup:
+ PKIX_FREE(asciiString);
+
+ PKIX_RETURN(DATE);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Date_Create_CurrentOffBySeconds
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_Date_Create_CurrentOffBySeconds(
+ PKIX_Int32 secondsOffset,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_PL_Date *date = NULL;
+ PRTime time;
+
+ PKIX_ENTER(DATE, "PKIX_PL_Date_Create_CurrentOffBySeconds");
+ PKIX_NULLCHECK_ONE(pDate);
+
+ time = PR_Now() + PR_SecondsToInterval(secondsOffset);
+ /* create a PKIX_PL_Date object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_DATE_TYPE,
+ sizeof (PKIX_PL_Date),
+ (PKIX_PL_Object **)&date,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* populate the nssTime field */
+ date->nssTime = time;
+ *pDate = date;
+
+cleanup:
+ PKIX_RETURN(DATE);
+}
+
+PKIX_Error *
+PKIX_PL_Date_CreateFromPRTime(
+ PRTime prtime,
+ PKIX_PL_Date **pDate,
+ void *plContext)
+{
+ PKIX_ENTER(DATE, "PKIX_PL_Date_CreateFromPRTime");
+ PKIX_CHECK(
+ pkix_pl_Date_CreateFromPRTime(prtime, pDate, plContext),
+ PKIX_DATECREATEFROMPRTIMEFAILED);
+
+cleanup:
+ PKIX_RETURN(DATE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.h
new file mode 100644
index 000000000..415597580
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_date.h
@@ -0,0 +1,55 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_date.h
+ *
+ * Date Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_DATE_H
+#define _PKIX_PL_DATE_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_DateStruct{
+ PRTime nssTime;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_Date_ToString_Helper(
+ SECItem *nssTime,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+PKIX_Error *pkix_pl_Date_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_Date_GetPRTime(
+ PKIX_PL_Date *date,
+ PRTime *pPRTime,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_Date_CreateFromPRTime(
+ PRTime prtime,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+PKIX_Error *
+PKIX_PL_Date_CreateFromPRTime(
+ PRTime prtime,
+ PKIX_PL_Date **pDate,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_DATE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.c
new file mode 100644
index 000000000..9e9a74c78
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.c
@@ -0,0 +1,873 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_generalname.c
+ *
+ * GeneralName Object Definitions
+ *
+ */
+
+#include "pkix_pl_generalname.h"
+
+/* --Private-GeneralName-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_GetNssGeneralName
+ * DESCRIPTION:
+ *
+ * Retrieves the NSS representation of the PKIX_PL_GeneralName pointed by
+ * "genName" and stores it at "pNssGenName". The NSS data type CERTGeneralName
+ * is stored in this object when the object was created.
+ *
+ * PARAMETERS:
+ * "genName"
+ * Address of PKIX_PL_GeneralName. Must be non-NULL.
+ * "pNssGenName"
+ * Address where CERTGeneralName will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a GeneralName Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_GeneralName_GetNssGeneralName(
+ PKIX_PL_GeneralName *genName,
+ CERTGeneralName **pNssGenName,
+ void *plContext)
+{
+ CERTGeneralName *nssGenName = NULL;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_GetNssGeneralName");
+ PKIX_NULLCHECK_THREE(genName, pNssGenName, genName->nssGeneralNameList);
+
+ nssGenName = genName->nssGeneralNameList->name;
+
+ *pNssGenName = nssGenName;
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_OtherName_Create
+ * DESCRIPTION:
+ *
+ * Creates new OtherName which represents the CERTGeneralName pointed to by
+ * "nssAltName" and stores it at "pOtherName".
+ *
+ * PARAMETERS:
+ * "nssAltName"
+ * Address of CERTGeneralName. Must be non-NULL.
+ * "pOtherName"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a GeneralName Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_OtherName_Create(
+ CERTGeneralName *nssAltName,
+ OtherName **pOtherName,
+ void *plContext)
+{
+ OtherName *otherName = NULL;
+ SECItem secItemName;
+ SECItem secItemOID;
+ SECStatus rv;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_OtherName_Create");
+ PKIX_NULLCHECK_TWO(nssAltName, pOtherName);
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (sizeof (OtherName), (void **)&otherName, plContext),
+ PKIX_MALLOCFAILED);
+
+ /* make a copy of the name field */
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_CopyItem).\n");
+ rv = SECITEM_CopyItem
+ (NULL, &otherName->name, &nssAltName->name.OthName.name);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ /* make a copy of the oid field */
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_CopyItem).\n");
+ rv = SECITEM_CopyItem
+ (NULL, &otherName->oid, &nssAltName->name.OthName.oid);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ *pOtherName = otherName;
+
+cleanup:
+
+ if (otherName && PKIX_ERROR_RECEIVED){
+ secItemName = otherName->name;
+ secItemOID = otherName->oid;
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&secItemName, PR_FALSE);
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&secItemOID, PR_FALSE);
+
+ PKIX_FREE(otherName);
+ otherName = NULL;
+ }
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_DirectoryName_Create
+ * DESCRIPTION:
+ *
+ * Creates a new X500Name which represents the directoryName component of the
+ * CERTGeneralName pointed to by "nssAltName" and stores it at "pX500Name".
+ *
+ * PARAMETERS:
+ * "nssAltName"
+ * Address of CERTGeneralName. Must be non-NULL.
+ * "pX500Name"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a GeneralName Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_DirectoryName_Create(
+ CERTGeneralName *nssAltName,
+ PKIX_PL_X500Name **pX500Name,
+ void *plContext)
+{
+ PKIX_PL_X500Name *pkixDN = NULL;
+ CERTName *dirName = NULL;
+ PKIX_PL_String *pkixDNString = NULL;
+ char *utf8String = NULL;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_DirectoryName_Create");
+ PKIX_NULLCHECK_TWO(nssAltName, pX500Name);
+
+ dirName = &nssAltName->name.directoryName;
+
+ PKIX_CHECK(PKIX_PL_X500Name_CreateFromCERTName(NULL, dirName,
+ &pkixDN, plContext),
+ PKIX_X500NAMECREATEFROMCERTNAMEFAILED);
+
+ *pX500Name = pkixDN;
+
+cleanup:
+
+ PR_Free(utf8String);
+ PKIX_DECREF(pkixDNString);
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_Create
+ * DESCRIPTION:
+ *
+ * Creates new GeneralName which represents the CERTGeneralName pointed to by
+ * "nssAltName" and stores it at "pGenName".
+ *
+ * PARAMETERS:
+ * "nssAltName"
+ * Address of CERTGeneralName. Must be non-NULL.
+ * "pGenName"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a GeneralName Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_GeneralName_Create(
+ CERTGeneralName *nssAltName,
+ PKIX_PL_GeneralName **pGenName,
+ void *plContext)
+{
+ PKIX_PL_GeneralName *genName = NULL;
+ PKIX_PL_X500Name *pkixDN = NULL;
+ PKIX_PL_OID *pkixOID = NULL;
+ OtherName *otherName = NULL;
+ CERTGeneralNameList *nssGenNameList = NULL;
+ CERTGeneralNameType nameType;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_Create");
+ PKIX_NULLCHECK_TWO(nssAltName, pGenName);
+
+ /* create a PKIX_PL_GeneralName object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_GENERALNAME_TYPE,
+ sizeof (PKIX_PL_GeneralName),
+ (PKIX_PL_Object **)&genName,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ nameType = nssAltName->type;
+
+ /*
+ * We use CERT_CreateGeneralNameList to create just one CERTGeneralName
+ * item for memory allocation reason. If we want to just create one
+ * item, we have to use the calling path CERT_NewGeneralName, then
+ * CERT_CopyOneGeneralName. With this calling path, if we pass
+ * the arena argument as NULL, in CERT_CopyOneGeneralName's subsequent
+ * call to CERT_CopyName, it assumes arena should be valid, hence
+ * segmentation error (not sure this is a NSS bug, certainly it is
+ * not consistent). But on the other hand, we don't want to keep an
+ * arena record here explicitely for every PKIX_PL_GeneralName.
+ * So I concluded it is better to use CERT_CreateGeneralNameList,
+ * which keeps an arena pointer in its data structure and also masks
+ * out details calls from this libpkix level.
+ */
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling CERT_CreateGeneralNameList).\n");
+ nssGenNameList = CERT_CreateGeneralNameList(nssAltName);
+
+ if (nssGenNameList == NULL) {
+ PKIX_ERROR(PKIX_CERTCREATEGENERALNAMELISTFAILED);
+ }
+
+ genName->nssGeneralNameList = nssGenNameList;
+
+ /* initialize fields */
+ genName->type = nameType;
+ genName->directoryName = NULL;
+ genName->OthName = NULL;
+ genName->other = NULL;
+ genName->oid = NULL;
+
+ switch (nameType){
+ case certOtherName:
+
+ PKIX_CHECK(pkix_pl_OtherName_Create
+ (nssAltName, &otherName, plContext),
+ PKIX_OTHERNAMECREATEFAILED);
+
+ genName->OthName = otherName;
+ break;
+
+ case certDirectoryName:
+
+ PKIX_CHECK(pkix_pl_DirectoryName_Create
+ (nssAltName, &pkixDN, plContext),
+ PKIX_DIRECTORYNAMECREATEFAILED);
+
+ genName->directoryName = pkixDN;
+ break;
+ case certRegisterID:
+ PKIX_CHECK(PKIX_PL_OID_CreateBySECItem(&nssAltName->name.other,
+ &pkixOID, plContext),
+ PKIX_OIDCREATEFAILED);
+
+ genName->oid = pkixOID;
+ break;
+ case certDNSName:
+ case certEDIPartyName:
+ case certIPAddress:
+ case certRFC822Name:
+ case certX400Address:
+ case certURI:
+ genName->other = SECITEM_DupItem(&nssAltName->name.other);
+ if (!genName->other) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ break;
+ default:
+ PKIX_ERROR(PKIX_NAMETYPENOTSUPPORTED);
+ }
+
+ *pGenName = genName;
+ genName = NULL;
+
+cleanup:
+ PKIX_DECREF(genName);
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the GeneralName
+ * pointed to by "name" and stores it at "pString" Different mechanisms are
+ * used to create the string, depending on the type of the GeneralName.
+ *
+ * PARAMETERS
+ * "name"
+ * Address of GeneralName whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a GeneralName Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_GeneralName_ToString_Helper(
+ PKIX_PL_GeneralName *name,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_X500Name *pkixDN = NULL;
+ PKIX_PL_OID *pkixOID = NULL;
+ char *x400AsciiName = NULL;
+ char *ediPartyName = NULL;
+ char *asciiName = NULL;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_ToString_Helper");
+ PKIX_NULLCHECK_TWO(name, pString);
+
+ switch (name->type) {
+ case certRFC822Name:
+ case certDNSName:
+ case certURI:
+ /*
+ * Note that we can't use PKIX_ESCASCII here because
+ * name->other->data is not guaranteed to be null-terminated.
+ */
+
+ PKIX_NULLCHECK_ONE(name->other);
+
+ PKIX_CHECK(PKIX_PL_String_Create(PKIX_UTF8,
+ (name->other)->data,
+ (name->other)->len,
+ pString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ break;
+ case certEDIPartyName:
+ /* XXX print out the actual bytes */
+ ediPartyName = "EDIPartyName: <DER-encoded value>";
+ PKIX_CHECK(PKIX_PL_String_Create(PKIX_ESCASCII,
+ ediPartyName,
+ 0,
+ pString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ break;
+ case certX400Address:
+ /* XXX print out the actual bytes */
+ x400AsciiName = "X400Address: <DER-encoded value>";
+ PKIX_CHECK(PKIX_PL_String_Create(PKIX_ESCASCII,
+ x400AsciiName,
+ 0,
+ pString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ break;
+ case certIPAddress:
+ PKIX_CHECK(pkix_pl_ipAddrBytes2Ascii
+ (name->other, &asciiName, plContext),
+ PKIX_IPADDRBYTES2ASCIIFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create(PKIX_ESCASCII,
+ asciiName,
+ 0,
+ pString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ break;
+ case certOtherName:
+ PKIX_NULLCHECK_ONE(name->OthName);
+
+ /* we only print type-id - don't know how to print value */
+ /* XXX print out the bytes of the value */
+ PKIX_CHECK(pkix_pl_oidBytes2Ascii
+ (&name->OthName->oid, &asciiName, plContext),
+ PKIX_OIDBYTES2ASCIIFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiName,
+ 0,
+ pString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+ break;
+ case certRegisterID:
+ pkixOID = name->oid;
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)pkixOID, pString, plContext),
+ PKIX_OIDTOSTRINGFAILED);
+ break;
+ case certDirectoryName:
+ pkixDN = name->directoryName;
+ PKIX_CHECK(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object *)pkixDN, pString, plContext),
+ PKIX_X500NAMETOSTRINGFAILED);
+ break;
+ default:
+ PKIX_ERROR
+ (PKIX_TOSTRINGFORTHISGENERALNAMETYPENOTSUPPORTED);
+ }
+
+cleanup:
+
+ PKIX_FREE(asciiName);
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_GeneralName_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_GeneralName *name = NULL;
+ SECItem secItemName;
+ SECItem secItemOID;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_GENERALNAME_TYPE, plContext),
+ PKIX_OBJECTNOTGENERALNAME);
+
+ name = (PKIX_PL_GeneralName *)object;
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(name->other, PR_TRUE);
+ name->other = NULL;
+
+ if (name->OthName){
+ secItemName = name->OthName->name;
+ secItemOID = name->OthName->oid;
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&secItemName, PR_FALSE);
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&secItemOID, PR_FALSE);
+
+ PKIX_FREE(name->OthName);
+ name->OthName = NULL;
+ }
+
+ if (name->nssGeneralNameList != NULL) {
+ PKIX_GENERALNAME_DEBUG
+ ("\t\tCalling CERT_DestroyGeneralNameList).\n");
+ CERT_DestroyGeneralNameList(name->nssGeneralNameList);
+ }
+
+ PKIX_DECREF(name->directoryName);
+ PKIX_DECREF(name->oid);
+
+cleanup:
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_GeneralName_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *nameString = NULL;
+ PKIX_PL_GeneralName *name = NULL;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_GENERALNAME_TYPE, plContext),
+ PKIX_OBJECTNOTGENERALNAME);
+
+ name = (PKIX_PL_GeneralName *)object;
+
+ PKIX_CHECK(pkix_pl_GeneralName_ToString_Helper
+ (name, &nameString, plContext),
+ PKIX_GENERALNAMETOSTRINGHELPERFAILED);
+
+ *pString = nameString;
+
+cleanup:
+
+
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_GeneralName_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_GeneralName *name = NULL;
+ PKIX_UInt32 firstHash, secondHash, nameHash;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_GENERALNAME_TYPE, plContext),
+ PKIX_OBJECTNOTGENERALNAME);
+
+ name = (PKIX_PL_GeneralName *)object;
+
+ switch (name->type) {
+ case certRFC822Name:
+ case certDNSName:
+ case certX400Address:
+ case certEDIPartyName:
+ case certURI:
+ case certIPAddress:
+ PKIX_NULLCHECK_ONE(name->other);
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)
+ name->other->data,
+ name->other->len,
+ &nameHash,
+ plContext),
+ PKIX_HASHFAILED);
+ break;
+ case certRegisterID:
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)name->oid,
+ &nameHash,
+ plContext),
+ PKIX_OIDHASHCODEFAILED);
+ break;
+ case certOtherName:
+ PKIX_NULLCHECK_ONE(name->OthName);
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)
+ name->OthName->oid.data,
+ name->OthName->oid.len,
+ &firstHash,
+ plContext),
+ PKIX_HASHFAILED);
+
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)
+ name->OthName->name.data,
+ name->OthName->name.len,
+ &secondHash,
+ plContext),
+ PKIX_HASHFAILED);
+
+ nameHash = firstHash + secondHash;
+ break;
+ case certDirectoryName:
+ PKIX_CHECK(PKIX_PL_Object_Hashcode
+ ((PKIX_PL_Object *)
+ name->directoryName,
+ &nameHash,
+ plContext),
+ PKIX_X500NAMEHASHCODEFAILED);
+ break;
+ }
+
+ *pHashcode = nameHash;
+
+cleanup:
+
+ PKIX_RETURN(GENERALNAME);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_GeneralName_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_GeneralName *firstName = NULL;
+ PKIX_PL_GeneralName *secondName = NULL;
+ PKIX_UInt32 secondType;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a GeneralName */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_GENERALNAME_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTGENERALNAME);
+
+ /*
+ * Since we know firstObject is a GeneralName, if both references are
+ * identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a GeneralName, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_GENERALNAME_TYPE){
+ goto cleanup;
+ }
+
+ firstName = (PKIX_PL_GeneralName *)firstObject;
+ secondName = (PKIX_PL_GeneralName *)secondObject;
+
+ if (firstName->type != secondName->type){
+ goto cleanup;
+ }
+
+ switch (firstName->type) {
+ case certRFC822Name:
+ case certDNSName:
+ case certX400Address:
+ case certEDIPartyName:
+ case certURI:
+ case certIPAddress:
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_CompareItem).\n");
+ if (SECITEM_CompareItem(firstName->other,
+ secondName->other) != SECEqual) {
+ goto cleanup;
+ }
+ break;
+ case certRegisterID:
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstName->oid,
+ (PKIX_PL_Object *)secondName->oid,
+ pResult,
+ plContext),
+ PKIX_OIDEQUALSFAILED);
+ goto cleanup;
+ case certOtherName:
+ PKIX_NULLCHECK_TWO(firstName->OthName, secondName->OthName);
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_CompareItem).\n");
+ if (SECITEM_CompareItem(&firstName->OthName->oid,
+ &secondName->OthName->oid)
+ != SECEqual ||
+ SECITEM_CompareItem(&firstName->OthName->name,
+ &secondName->OthName->name)
+ != SECEqual) {
+ goto cleanup;
+ }
+ break;
+ case certDirectoryName:
+ PKIX_CHECK(PKIX_PL_Object_Equals
+ ((PKIX_PL_Object *)firstName->directoryName,
+ (PKIX_PL_Object *)secondName->directoryName,
+ pResult,
+ plContext),
+ PKIX_X500NAMEEQUALSFAILED);
+ goto cleanup;
+ }
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_GeneralName_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_GENERALNAME_TYPE and related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_GeneralName_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(GENERALNAME, "pkix_pl_GeneralName_RegisterSelf");
+
+ entry.description = "GeneralName";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_GeneralName);
+ entry.destructor = pkix_pl_GeneralName_Destroy;
+ entry.equalsFunction = pkix_pl_GeneralName_Equals;
+ entry.hashcodeFunction = pkix_pl_GeneralName_Hashcode;
+ entry.toStringFunction = pkix_pl_GeneralName_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_GENERALNAME_TYPE] = entry;
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+#ifdef BUILD_LIBPKIX_TESTS
+/*
+ * FUNCTION: PKIX_PL_GeneralName_Create (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_GeneralName_Create(
+ PKIX_UInt32 nameType,
+ PKIX_PL_String *stringRep,
+ PKIX_PL_GeneralName **pGName,
+ void *plContext)
+{
+ PKIX_PL_X500Name *pkixDN = NULL;
+ PKIX_PL_OID *pkixOID = NULL;
+ SECItem *secItem = NULL;
+ char *asciiString = NULL;
+ PKIX_UInt32 length = 0;
+ PKIX_PL_GeneralName *genName = NULL;
+ CERTGeneralName *nssGenName = NULL;
+ CERTGeneralNameList *nssGenNameList = NULL;
+ CERTName *nssCertName = NULL;
+ PLArenaPool *arena = NULL;
+
+ PKIX_ENTER(GENERALNAME, "PKIX_PL_GeneralName_Create");
+ PKIX_NULLCHECK_TWO(pGName, stringRep);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stringRep,
+ PKIX_ESCASCII,
+ (void **)&asciiString,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ /* Create a temporary CERTGeneralName */
+ PKIX_GENERALNAME_DEBUG("\t\tCalling PL_strlen).\n");
+ length = PL_strlen(asciiString);
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_AllocItem).\n");
+ secItem = SECITEM_AllocItem(NULL, NULL, length);
+ PKIX_GENERALNAME_DEBUG("\t\tCalling PORT_Memcpy).\n");
+ (void) PORT_Memcpy(secItem->data, asciiString, length);
+ PKIX_CERT_DEBUG("\t\tCalling PORT_NewArena).\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ PKIX_GENERALNAME_DEBUG("\t\tCalling CERT_NewGeneralName).\n");
+ nssGenName = CERT_NewGeneralName(arena, nameType);
+ if (nssGenName == NULL) {
+ PKIX_ERROR(PKIX_ALLOCATENEWCERTGENERALNAMEFAILED);
+ }
+
+ switch (nameType) {
+ case certRFC822Name:
+ case certDNSName:
+ case certURI:
+ nssGenName->name.other = *secItem;
+ break;
+
+ case certDirectoryName:
+
+ PKIX_CHECK(PKIX_PL_X500Name_Create
+ (stringRep, &pkixDN, plContext),
+ PKIX_X500NAMECREATEFAILED);
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling CERT_AsciiToName).\n");
+ nssCertName = CERT_AsciiToName(asciiString);
+ nssGenName->name.directoryName = *nssCertName;
+ break;
+
+ case certRegisterID:
+ PKIX_CHECK(PKIX_PL_OID_Create
+ (asciiString, &pkixOID, plContext),
+ PKIX_OIDCREATEFAILED);
+ nssGenName->name.other = *secItem;
+ break;
+ default:
+ /* including IPAddress, EDIPartyName, OtherName, X400Address */
+ PKIX_ERROR(PKIX_UNABLETOCREATEGENERALNAMEOFTHISTYPE);
+ }
+
+ /* create a PKIX_PL_GeneralName object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_GENERALNAME_TYPE,
+ sizeof (PKIX_PL_GeneralName),
+ (PKIX_PL_Object **)&genName,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* create a CERTGeneralNameList */
+ nssGenName->type = nameType;
+ PKIX_GENERALNAME_DEBUG("\t\tCalling CERT_CreateGeneralNameList).\n");
+ nssGenNameList = CERT_CreateGeneralNameList(nssGenName);
+ if (nssGenNameList == NULL) {
+ PKIX_ERROR(PKIX_CERTCREATEGENERALNAMELISTFAILED);
+ }
+ genName->nssGeneralNameList = nssGenNameList;
+
+ /* initialize fields */
+ genName->type = nameType;
+ genName->directoryName = pkixDN;
+ genName->OthName = NULL;
+ genName->other = secItem;
+ genName->oid = pkixOID;
+
+ *pGName = genName;
+cleanup:
+
+ PKIX_FREE(asciiString);
+
+ if (nssCertName != NULL) {
+ PKIX_CERT_DEBUG("\t\tCalling CERT_DestroyName).\n");
+ CERT_DestroyName(nssCertName);
+ }
+
+ if (arena){ /* will free nssGenName */
+ PKIX_CERT_DEBUG("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(pkixDN);
+ PKIX_DECREF(pkixOID);
+
+ PKIX_GENERALNAME_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ if (secItem){
+ SECITEM_FreeItem(secItem, PR_TRUE);
+ secItem = NULL;
+ }
+ }
+
+ PKIX_RETURN(GENERALNAME);
+}
+
+#endif /* BUILD_LIBPKIX_TESTS */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.h
new file mode 100644
index 000000000..3cb5264d5
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_generalname.h
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_generalname.h
+ *
+ * GeneralName Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_GENERALNAME_H
+#define _PKIX_PL_GENERALNAME_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_GeneralNameStruct{
+ CERTGeneralNameList *nssGeneralNameList;
+ CERTGeneralNameType type;
+ PKIX_PL_X500Name *directoryName;
+ PKIX_PL_OID *oid;
+ OtherName *OthName;
+ SECItem *other;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_GeneralName_Create(
+ CERTGeneralName *nssAltName,
+ PKIX_PL_GeneralName **pGenName,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_GeneralName_GetNssGeneralName(
+ PKIX_PL_GeneralName *genName,
+ CERTGeneralName **pNssGenName,
+ void *plContext);
+
+PKIX_Error *pkix_pl_GeneralName_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_GENERALNAME_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c
new file mode 100644
index 000000000..9fa8e9260
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c
@@ -0,0 +1,874 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_infoaccess.c
+ *
+ * InfoAccess Object Definitions
+ *
+ */
+
+#include "pkix_pl_infoaccess.h"
+
+/* --Private-InfoAccess-Functions----------------------------------*/
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_Create
+ * DESCRIPTION:
+ *
+ * This function creates an InfoAccess from the method provided in "method" and
+ * the GeneralName provided in "generalName" and stores the result at
+ * "pInfoAccess".
+ *
+ * PARAMETERS
+ * "method"
+ * The UInt32 value to be stored as the method field of the InfoAccess.
+ * "generalName"
+ * The GeneralName to be stored as the generalName field of the InfoAccess.
+ * Must be non-NULL.
+ * "pInfoAccess"
+ * Address where the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_InfoAccess_Create(
+ PKIX_UInt32 method,
+ PKIX_PL_GeneralName *generalName,
+ PKIX_PL_InfoAccess **pInfoAccess,
+ void *plContext)
+{
+
+ PKIX_PL_InfoAccess *infoAccess = NULL;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Create");
+ PKIX_NULLCHECK_TWO(generalName, pInfoAccess);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_INFOACCESS_TYPE,
+ sizeof (PKIX_PL_InfoAccess),
+ (PKIX_PL_Object **)&infoAccess,
+ plContext),
+ PKIX_COULDNOTCREATEINFOACCESSOBJECT);
+
+ infoAccess->method = method;
+
+ PKIX_INCREF(generalName);
+ infoAccess->location = generalName;
+
+ *pInfoAccess = infoAccess;
+ infoAccess = NULL;
+
+cleanup:
+ PKIX_DECREF(infoAccess);
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_pki.h)
+ */
+static PKIX_Error *
+pkix_pl_InfoAccess_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_InfoAccess *infoAccess = NULL;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_INFOACCESS_TYPE, plContext),
+ PKIX_OBJECTNOTANINFOACCESS);
+
+ infoAccess = (PKIX_PL_InfoAccess *)object;
+
+ PKIX_DECREF(infoAccess->location);
+
+cleanup:
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_pki.h)
+ */
+static PKIX_Error *
+pkix_pl_InfoAccess_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_InfoAccess *infoAccess;
+ PKIX_PL_String *infoAccessString = NULL;
+ char *asciiFormat = NULL;
+ char *asciiMethod = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *methodString = NULL;
+ PKIX_PL_String *locationString = NULL;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_INFOACCESS_TYPE, plContext),
+ PKIX_OBJECTNOTINFOACCESS);
+
+ infoAccess = (PKIX_PL_InfoAccess *)object;
+
+ asciiFormat =
+ "["
+ "method:%s, "
+ "location:%s"
+ "]";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ switch(infoAccess->method) {
+ case PKIX_INFOACCESS_CA_ISSUERS:
+ asciiMethod = "caIssuers";
+ break;
+ case PKIX_INFOACCESS_OCSP:
+ asciiMethod = "ocsp";
+ break;
+ case PKIX_INFOACCESS_TIMESTAMPING:
+ asciiMethod = "timestamping";
+ break;
+ case PKIX_INFOACCESS_CA_REPOSITORY:
+ asciiMethod = "caRepository";
+ break;
+ default:
+ asciiMethod = "unknown";
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiMethod,
+ 0,
+ &methodString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_TOSTRING(infoAccess->location, &locationString, plContext,
+ PKIX_GENERALNAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&infoAccessString,
+ plContext,
+ formatString,
+ methodString,
+ locationString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = infoAccessString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(methodString);
+ PKIX_DECREF(locationString);
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_pki.h)
+ */
+static PKIX_Error *
+pkix_pl_InfoAccess_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_InfoAccess *infoAccess = NULL;
+ PKIX_UInt32 infoAccessHash;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_INFOACCESS_TYPE, plContext),
+ PKIX_OBJECTNOTINFOACCESS);
+
+ infoAccess = (PKIX_PL_InfoAccess *)object;
+
+ PKIX_HASHCODE(infoAccess->location, &infoAccessHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ infoAccessHash += (infoAccess->method << 7);
+
+ *pHashcode = infoAccessHash;
+
+cleanup:
+
+ PKIX_RETURN(INFOACCESS);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_pki.h)
+ */
+static PKIX_Error *
+pkix_pl_InfoAccess_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_InfoAccess *firstInfoAccess = NULL;
+ PKIX_PL_InfoAccess *secondInfoAccess = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a InfoAccess */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_INFOACCESS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTINFOACCESS);
+
+ /*
+ * Since we know firstObject is a InfoAccess, if both references are
+ * identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a InfoAccess, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_INFOACCESS_TYPE) goto cleanup;
+
+ firstInfoAccess = (PKIX_PL_InfoAccess *)firstObject;
+ secondInfoAccess = (PKIX_PL_InfoAccess *)secondObject;
+
+ *pResult = PKIX_FALSE;
+
+ if (firstInfoAccess->method != secondInfoAccess->method) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS(firstInfoAccess, secondInfoAccess, &cmpResult, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ *pResult = cmpResult;
+
+cleanup:
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_INFOACCESS_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_InfoAccess_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(INFOACCESS,
+ "pkix_pl_InfoAccess_RegisterSelf");
+
+ entry.description = "InfoAccess";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_InfoAccess);
+ entry.destructor = pkix_pl_InfoAccess_Destroy;
+ entry.equalsFunction = pkix_pl_InfoAccess_Equals;
+ entry.hashcodeFunction = pkix_pl_InfoAccess_Hashcode;
+ entry.toStringFunction = pkix_pl_InfoAccess_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_INFOACCESS_TYPE] = entry;
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_CreateList
+ * DESCRIPTION:
+ *
+ * Based on data in CERTAuthInfoAccess array "nssInfoAccess", this function
+ * creates and returns a PKIX_List of PKIX_PL_InfoAccess at "pInfoAccessList".
+ *
+ * PARAMETERS
+ * "nssInfoAccess"
+ * The pointer array of CERTAuthInfoAccess that contains access data.
+ * May be NULL.
+ * "pInfoAccessList"
+ * Address where a list of PKIX_PL_InfoAccess is returned.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_InfoAccess_CreateList(
+ CERTAuthInfoAccess **nssInfoAccess,
+ PKIX_List **pInfoAccessList, /* of PKIX_PL_InfoAccess */
+ void *plContext)
+{
+ PKIX_List *infoAccessList = NULL;
+ PKIX_PL_InfoAccess *infoAccess = NULL;
+ PKIX_PL_GeneralName *location = NULL;
+ PKIX_UInt32 method;
+ int i;
+
+ PKIX_ENTER(INFOACCESS, "PKIX_PL_InfoAccess_CreateList");
+ PKIX_NULLCHECK_ONE(pInfoAccessList);
+
+ PKIX_CHECK(PKIX_List_Create(&infoAccessList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ if (nssInfoAccess == NULL) {
+ goto cleanup;
+ }
+
+ for (i = 0; nssInfoAccess[i] != NULL; i++) {
+
+ if (nssInfoAccess[i]->location == NULL) {
+ continue;
+ }
+
+ PKIX_CHECK(pkix_pl_GeneralName_Create
+ (nssInfoAccess[i]->location, &location, plContext),
+ PKIX_GENERALNAMECREATEFAILED);
+
+ PKIX_CERT_DEBUG("\t\tCalling SECOID_FindOIDTag).\n");
+ method = SECOID_FindOIDTag(&nssInfoAccess[i]->method);
+ /* Map NSS access method value into PKIX constant */
+ switch(method) {
+ case SEC_OID_PKIX_CA_ISSUERS:
+ method = PKIX_INFOACCESS_CA_ISSUERS;
+ break;
+ case SEC_OID_PKIX_OCSP:
+ method = PKIX_INFOACCESS_OCSP;
+ break;
+ case SEC_OID_PKIX_TIMESTAMPING:
+ method = PKIX_INFOACCESS_TIMESTAMPING;
+ break;
+ case SEC_OID_PKIX_CA_REPOSITORY:
+ method = PKIX_INFOACCESS_CA_REPOSITORY;
+ break;
+ default:
+ PKIX_ERROR(PKIX_UNKNOWNINFOACCESSMETHOD);
+ }
+
+ PKIX_CHECK(pkix_pl_InfoAccess_Create
+ (method, location, &infoAccess, plContext),
+ PKIX_INFOACCESSCREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (infoAccessList,
+ (PKIX_PL_Object *)infoAccess,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(infoAccess);
+ PKIX_DECREF(location);
+ }
+
+ *pInfoAccessList = infoAccessList;
+ infoAccessList = NULL;
+
+cleanup:
+
+ PKIX_DECREF(infoAccessList);
+ PKIX_DECREF(infoAccess);
+ PKIX_DECREF(location);
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_InfoAccess_GetMethod (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_InfoAccess_GetMethod(
+ PKIX_PL_InfoAccess *infoAccess,
+ PKIX_UInt32 *pMethod,
+ void *plContext)
+{
+ PKIX_ENTER(INFOACCESS, "PKIX_PL_InfoAccess_GetMethod");
+ PKIX_NULLCHECK_TWO(infoAccess, pMethod);
+
+ *pMethod = infoAccess->method;
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: PKIX_PL_InfoAccess_GetLocation (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_InfoAccess_GetLocation(
+ PKIX_PL_InfoAccess *infoAccess,
+ PKIX_PL_GeneralName **pLocation,
+ void *plContext)
+{
+ PKIX_ENTER(INFOACCESS, "PKIX_PL_InfoAccess_GetLocation");
+ PKIX_NULLCHECK_TWO(infoAccess, pLocation);
+
+ PKIX_INCREF(infoAccess->location);
+
+ *pLocation = infoAccess->location;
+
+cleanup:
+ PKIX_RETURN(INFOACCESS);
+}
+
+/*
+ * FUNCTION: PKIX_PL_InfoAccess_GetLocationType (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_InfoAccess_GetLocationType(
+ PKIX_PL_InfoAccess *infoAccess,
+ PKIX_UInt32 *pType,
+ void *plContext)
+{
+ PKIX_PL_String *locationString = NULL;
+ PKIX_UInt32 type = PKIX_INFOACCESS_LOCATION_UNKNOWN;
+ PKIX_UInt32 len = 0;
+ void *location = NULL;
+
+ PKIX_ENTER(INFOACCESS, "PKIX_PL_InfoAccess_GetLocationType");
+ PKIX_NULLCHECK_TWO(infoAccess, pType);
+
+ if (infoAccess->location != NULL) {
+
+ PKIX_TOSTRING(infoAccess->location, &locationString, plContext,
+ PKIX_GENERALNAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (locationString, PKIX_ESCASCII, &location, &len, plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_OID_DEBUG("\tCalling PORT_Strcmp).\n");
+#ifndef NSS_PKIX_NO_LDAP
+ if (PORT_Strncmp(location, "ldap:", 5) == 0){
+ type = PKIX_INFOACCESS_LOCATION_LDAP;
+ } else
+#endif
+ if (PORT_Strncmp(location, "http:", 5) == 0){
+ type = PKIX_INFOACCESS_LOCATION_HTTP;
+ }
+ }
+
+ *pType = type;
+
+cleanup:
+
+ PKIX_PL_Free(location, plContext);
+ PKIX_DECREF(locationString);
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+#ifndef NSS_PKIX_NO_LDAP
+/*
+ * FUNCTION: pkix_pl_InfoAccess_ParseTokens
+ * DESCRIPTION:
+ *
+ * This function parses the string beginning at "startPos" into tokens using
+ * the separator contained in "separator" and the terminator contained in
+ * "terminator", copying the tokens into space allocated from the arena
+ * pointed to by "arena". It stores in "tokens" a null-terminated array of
+ * pointers to those tokens.
+ *
+ * PARAMETERS
+ * "arena"
+ * Address of a PLArenaPool to be used in populating the LDAPLocation.
+ * Must be non-NULL.
+ * "startPos"
+ * The address of char string that contains a subset of ldap location.
+ * "tokens"
+ * The address of an array of char string for storing returned tokens.
+ * Must be non-NULL.
+ * "separator"
+ * The character that is taken as token separator. Must be non-NULL.
+ * "terminator"
+ * The character that is taken as parsing terminator. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an InfoAccess Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_InfoAccess_ParseTokens(
+ PLArenaPool *arena,
+ char **startPos, /* return update */
+ char ***tokens,
+ char separator,
+ char terminator,
+ void *plContext)
+{
+ PKIX_UInt32 numFilters = 0;
+ char *endPos = NULL;
+ char **filterP = NULL;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_ParseTokens");
+ PKIX_NULLCHECK_THREE(arena, startPos, tokens);
+
+ endPos = *startPos;
+
+ /* First pass: parse to <terminator> to count number of components */
+ numFilters = 0;
+ while (*endPos != terminator && *endPos != '\0') {
+ endPos++;
+ if (*endPos == separator) {
+ numFilters++;
+ }
+ }
+
+ if (*endPos != terminator) {
+ PKIX_ERROR(PKIX_LOCATIONSTRINGNOTPROPERLYTERMINATED);
+ }
+
+ /* Last component doesn't need a separator, although we allow it */
+ if (endPos > *startPos && *(endPos-1) != separator) {
+ numFilters++;
+ }
+
+ /*
+ * If string is a=xx, b=yy, c=zz, etc., use a=xx for filter,
+ * and everything else for the base
+ */
+ if (numFilters > 2) numFilters = 2;
+
+ filterP = PORT_ArenaZNewArray(arena, char*, numFilters+1);
+ if (filterP == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ /* Second pass: parse to fill in components in token array */
+ *tokens = filterP;
+ endPos = *startPos;
+
+ while (numFilters) {
+ if (*endPos == separator || *endPos == terminator) {
+ PKIX_UInt32 len = endPos - *startPos;
+ char *p = PORT_ArenaZAlloc(arena, len+1);
+ if (p == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ PORT_Memcpy(p, *startPos, len);
+ p[len] = '\0';
+
+ *filterP = p;
+ filterP++;
+ numFilters--;
+
+ separator = terminator;
+
+ if (*endPos == '\0') {
+ *startPos = endPos;
+ break;
+ } else {
+ endPos++;
+ *startPos = endPos;
+ continue;
+ }
+ }
+ endPos++;
+ }
+
+ *filterP = NULL;
+
+cleanup:
+
+ PKIX_RETURN(INFOACCESS);
+}
+
+static int
+pkix_pl_HexDigitToInt(
+ int ch)
+{
+ if (isdigit(ch)) {
+ ch = ch - '0';
+ } else if (isupper(ch)) {
+ ch = ch - 'A' + 10;
+ } else {
+ ch = ch - 'a' + 10;
+ }
+ return ch;
+}
+
+/*
+ * Convert the "%" hex hex escape sequences in the URL 'location' in place.
+ */
+static void
+pkix_pl_UnescapeURL(
+ char *location)
+{
+ const char *src;
+ char *dst;
+
+ for (src = dst = location; *src != '\0'; src++, dst++) {
+ if (*src == '%' && isxdigit((unsigned char)*(src+1)) &&
+ isxdigit((unsigned char)*(src+2))) {
+ *dst = pkix_pl_HexDigitToInt((unsigned char)*(src+1));
+ *dst *= 16;
+ *dst += pkix_pl_HexDigitToInt((unsigned char)*(src+2));
+ src += 2;
+ } else {
+ *dst = *src;
+ }
+ }
+ *dst = *src; /* the terminating null */
+}
+
+/*
+ * FUNCTION: pkix_pl_InfoAccess_ParseLocation
+ * DESCRIPTION:
+ *
+ * This function parses the GeneralName pointed to by "generalName" into the
+ * fields of the LDAPRequestParams pointed to by "request" and a domainName
+ * pointed to by "pDomainName", using the PLArenaPool pointed to by "arena" to
+ * allocate storage for the request components and for the domainName string.
+ *
+ * The expected GeneralName string should be in the format described by the
+ * following BNF:
+ *
+ * ldap://<ldap-server-site>/[cn=<cname>][,o=<org>][,c=<country>]?
+ * [caCertificate|crossCertificatPair|certificateRevocationList];
+ * [binary|<other-type>]
+ * [[,caCertificate|crossCertificatPair|certificateRevocationList]
+ * [binary|<other-type>]]*
+ *
+ * PARAMETERS
+ * "generalName"
+ * Address of the GeneralName whose LDAPLocation is to be parsed. Must be
+ * non-NULL.
+ * "arena"
+ * Address of PLArenaPool to be used for the domainName and for components
+ * of the LDAPRequest. Must be non-NULL.
+ * "request"
+ * Address of the LDAPRequestParams into which request components are
+ * stored. Must be non-NULL.
+ * *pDomainName"
+ * Address at which the domainName is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an InfoAccess Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_InfoAccess_ParseLocation(
+ PKIX_PL_GeneralName *generalName,
+ PLArenaPool *arena,
+ LDAPRequestParams *request,
+ char **pDomainName,
+ void *plContext)
+{
+ PKIX_PL_String *locationString = NULL;
+ PKIX_UInt32 len = 0;
+ PKIX_UInt32 ncIndex = 0;
+ char *domainName = NULL;
+ char **avaArray = NULL;
+ char **attrArray = NULL;
+ char *attr = NULL;
+ char *locationAscii = NULL;
+ char *startPos = NULL;
+ char *endPos = NULL;
+ char *avaPtr = NULL;
+ LdapAttrMask attrBit = 0;
+ LDAPNameComponent **setOfNameComponent = NULL;
+ LDAPNameComponent *nameComponent = NULL;
+
+ PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_ParseLocation");
+ PKIX_NULLCHECK_FOUR(generalName, arena, request, pDomainName);
+
+ PKIX_TOSTRING(generalName, &locationString, plContext,
+ PKIX_GENERALNAMETOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (locationString,
+ PKIX_ESCASCII,
+ (void **)&locationAscii,
+ &len,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ pkix_pl_UnescapeURL(locationAscii);
+
+ /* Skip "ldap:" */
+ endPos = locationAscii;
+ while (*endPos != ':' && *endPos != '\0') {
+ endPos++;
+ }
+ if (*endPos == '\0') {
+ PKIX_ERROR(PKIX_GENERALNAMESTRINGMISSINGLOCATIONTYPE);
+ }
+
+ /* Skip "//" */
+ endPos++;
+ if (*endPos != '\0' && *(endPos+1) != '0' &&
+ *endPos == '/' && *(endPos+1) == '/') {
+ endPos += 2;
+ } else {
+ PKIX_ERROR(PKIX_GENERALNAMESTRINGMISSINGDOUBLESLASH);
+ }
+
+ /* Get the server-site */
+ startPos = endPos;
+ while(*endPos != '/' && *(endPos) != '\0') {
+ endPos++;
+ }
+ if (*endPos == '\0') {
+ PKIX_ERROR(PKIX_GENERALNAMESTRINGMISSINGSERVERSITE);
+ }
+
+ len = endPos - startPos;
+ endPos++;
+
+ domainName = PORT_ArenaZAlloc(arena, len + 1);
+ if (!domainName) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ PORT_Memcpy(domainName, startPos, len);
+
+ domainName[len] = '\0';
+
+ *pDomainName = domainName;
+
+ /*
+ * Get a list of AttrValueAssertions (such as
+ * "cn=CommonName, o=Organization, c=US" into a null-terminated array
+ */
+ startPos = endPos;
+ PKIX_CHECK(pkix_pl_InfoAccess_ParseTokens
+ (arena,
+ &startPos,
+ (char ***) &avaArray,
+ ',',
+ '?',
+ plContext),
+ PKIX_INFOACCESSPARSETOKENSFAILED);
+
+ /* Count how many AVAs we have */
+ for (len = 0; avaArray[len] != NULL; len++) {}
+
+ if (len < 2) {
+ PKIX_ERROR(PKIX_NOTENOUGHNAMECOMPONENTSINGENERALNAME);
+ }
+
+ /* Use last name component for baseObject */
+ request->baseObject = avaArray[len - 1];
+
+ /* Use only one component for filter. LDAP servers aren't too smart. */
+ len = 2; /* Eliminate this when servers get smarter. */
+
+ avaArray[len - 1] = NULL;
+
+ /* Get room for null-terminated array of (LdapNameComponent *) */
+ setOfNameComponent = PORT_ArenaZNewArray(arena, LDAPNameComponent *, len);
+ if (setOfNameComponent == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ /* Get room for the remaining LdapNameComponents */
+ nameComponent = PORT_ArenaZNewArray(arena, LDAPNameComponent, --len);
+ if (nameComponent == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ /* Convert remaining AVAs to LDAPNameComponents */
+ for (ncIndex = 0; ncIndex < len; ncIndex ++) {
+ setOfNameComponent[ncIndex] = nameComponent;
+ avaPtr = avaArray[ncIndex];
+ nameComponent->attrType = (unsigned char *)avaPtr;
+ while ((*avaPtr != '=') && (*avaPtr != '\0')) {
+ avaPtr++;
+ if (*avaPtr == '\0') {
+ PKIX_ERROR(PKIX_NAMECOMPONENTWITHNOEQ);
+ }
+ }
+ *(avaPtr++) = '\0';
+ nameComponent->attrValue = (unsigned char *)avaPtr;
+ nameComponent++;
+ }
+
+ setOfNameComponent[len] = NULL;
+ request->nc = setOfNameComponent;
+
+ /*
+ * Get a list of AttrTypes (such as
+ * "caCertificate;binary, crossCertificatePair;binary") into
+ * a null-terminated array
+ */
+
+ PKIX_CHECK(pkix_pl_InfoAccess_ParseTokens
+ (arena,
+ (char **) &startPos,
+ (char ***) &attrArray,
+ ',',
+ '\0',
+ plContext),
+ PKIX_INFOACCESSPARSETOKENSFAILED);
+
+ /* Convert array of Attr Types into a bit mask */
+ request->attributes = 0;
+ attr = attrArray[0];
+ while (attr != NULL) {
+ PKIX_CHECK(pkix_pl_LdapRequest_AttrStringToBit
+ (attr, &attrBit, plContext),
+ PKIX_LDAPREQUESTATTRSTRINGTOBITFAILED);
+ request->attributes |= attrBit;
+ attr = *(++attrArray);
+ }
+
+cleanup:
+
+ PKIX_PL_Free(locationAscii, plContext);
+ PKIX_DECREF(locationString);
+
+ PKIX_RETURN(INFOACCESS);
+}
+#endif /* !NSS_PKIX_NO_LDAP */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h
new file mode 100644
index 000000000..e69d7b413
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_infoaccess.h
+ *
+ * InfoAccess Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_INFOACCESS_H
+#define _PKIX_PL_INFOACCESS_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_InfoAccessStruct{
+ PKIX_UInt32 method;
+ PKIX_PL_GeneralName *location;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_InfoAccess_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_InfoAccess_CreateList(
+ CERTAuthInfoAccess **authInfoAccess,
+ PKIX_List **pAiaList, /* of PKIX_PL_InfoAccess */
+ void *plContext);
+
+#ifndef NSS_PKIX_NO_LDAP
+PKIX_Error *
+pkix_pl_InfoAccess_ParseLocation(
+ PKIX_PL_GeneralName *generalName,
+ PLArenaPool *arena,
+ LDAPRequestParams *request,
+ char **pDomainName,
+ void *plContext);
+#endif /* !NSS_PKIX_NO_LDAP */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_INFOACCESS_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.c
new file mode 100644
index 000000000..affea8741
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.c
@@ -0,0 +1,1274 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_nameconstraints.c
+ *
+ * Name Constraints Object Functions Definitions
+ *
+ */
+
+#include "pkix_pl_nameconstraints.h"
+
+
+/* --Private-NameConstraints-Functions----------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_GetPermitted
+ * DESCRIPTION:
+ *
+ * This function retrieve name constraints permitted list from NSS
+ * data in "nameConstraints" and returns a PKIX_PL_GeneralName list
+ * in "pPermittedList".
+ *
+ * PARAMETERS
+ * "nameConstraints"
+ * Address of CertNameConstraints which has a pointer to
+ * CERTNameConstraints data. Must be non-NULL.
+ * "pPermittedList"
+ * Address where returned permitted name list is stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_GetPermitted(
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_List **pPermittedList,
+ void *plContext)
+{
+ CERTNameConstraints *nssNameConstraints = NULL;
+ CERTNameConstraints **nssNameConstraintsList = NULL;
+ CERTNameConstraint *nssPermitted = NULL;
+ CERTNameConstraint *firstPermitted = NULL;
+ PKIX_List *permittedList = NULL;
+ PKIX_PL_GeneralName *name = NULL;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_GetPermitted");
+ PKIX_NULLCHECK_TWO(nameConstraints, pPermittedList);
+
+ /*
+ * nssNameConstraints is an array of CERTNameConstraints
+ * pointers where CERTNameConstraints keep its permitted and excluded
+ * lists as pointer array of CERTNameConstraint.
+ */
+
+ if (nameConstraints->permittedList == NULL) {
+
+ PKIX_OBJECT_LOCK(nameConstraints);
+
+ if (nameConstraints->permittedList == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&permittedList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ numItems = nameConstraints->numNssNameConstraints;
+ nssNameConstraintsList =
+ nameConstraints->nssNameConstraintsList;
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_NULLCHECK_ONE(nssNameConstraintsList);
+ nssNameConstraints = *(nssNameConstraintsList + i);
+ PKIX_NULLCHECK_ONE(nssNameConstraints);
+
+ if (nssNameConstraints->permited != NULL) {
+
+ nssPermitted = nssNameConstraints->permited;
+ firstPermitted = nssPermitted;
+
+ do {
+
+ PKIX_CHECK(pkix_pl_GeneralName_Create
+ (&nssPermitted->name, &name, plContext),
+ PKIX_GENERALNAMECREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (permittedList,
+ (PKIX_PL_Object *)name,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(name);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_GetNextNameConstraint\n");
+ nssPermitted = CERT_GetNextNameConstraint
+ (nssPermitted);
+
+ } while (nssPermitted != firstPermitted);
+
+ }
+ }
+
+ PKIX_CHECK(PKIX_List_SetImmutable(permittedList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ nameConstraints->permittedList = permittedList;
+
+ }
+
+ PKIX_OBJECT_UNLOCK(nameConstraints);
+
+ }
+
+ PKIX_INCREF(nameConstraints->permittedList);
+
+ *pPermittedList = nameConstraints->permittedList;
+
+cleanup:
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_GetExcluded
+ * DESCRIPTION:
+ *
+ * This function retrieve name constraints excluded list from NSS
+ * data in "nameConstraints" and returns a PKIX_PL_GeneralName list
+ * in "pExcludedList".
+ *
+ * PARAMETERS
+ * "nameConstraints"
+ * Address of CertNameConstraints which has a pointer to NSS data.
+ * Must be non-NULL.
+ * "pPermittedList"
+ * Address where returned excluded name list is stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_GetExcluded(
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_List **pExcludedList,
+ void *plContext)
+{
+ CERTNameConstraints *nssNameConstraints = NULL;
+ CERTNameConstraints **nssNameConstraintsList = NULL;
+ CERTNameConstraint *nssExcluded = NULL;
+ CERTNameConstraint *firstExcluded = NULL;
+ PKIX_List *excludedList = NULL;
+ PKIX_PL_GeneralName *name = NULL;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_GetExcluded");
+ PKIX_NULLCHECK_TWO(nameConstraints, pExcludedList);
+
+ if (nameConstraints->excludedList == NULL) {
+
+ PKIX_OBJECT_LOCK(nameConstraints);
+
+ if (nameConstraints->excludedList == NULL) {
+
+ PKIX_CHECK(PKIX_List_Create(&excludedList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ numItems = nameConstraints->numNssNameConstraints;
+ nssNameConstraintsList =
+ nameConstraints->nssNameConstraintsList;
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_NULLCHECK_ONE(nssNameConstraintsList);
+ nssNameConstraints = *(nssNameConstraintsList + i);
+ PKIX_NULLCHECK_ONE(nssNameConstraints);
+
+ if (nssNameConstraints->excluded != NULL) {
+
+ nssExcluded = nssNameConstraints->excluded;
+ firstExcluded = nssExcluded;
+
+ do {
+
+ PKIX_CHECK(pkix_pl_GeneralName_Create
+ (&nssExcluded->name, &name, plContext),
+ PKIX_GENERALNAMECREATEFAILED);
+
+ PKIX_CHECK(PKIX_List_AppendItem
+ (excludedList,
+ (PKIX_PL_Object *)name,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+
+ PKIX_DECREF(name);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_GetNextNameConstraint\n");
+ nssExcluded = CERT_GetNextNameConstraint
+ (nssExcluded);
+
+ } while (nssExcluded != firstExcluded);
+
+ }
+
+ }
+ PKIX_CHECK(PKIX_List_SetImmutable(excludedList, plContext),
+ PKIX_LISTSETIMMUTABLEFAILED);
+
+ nameConstraints->excludedList = excludedList;
+
+ }
+
+ PKIX_OBJECT_UNLOCK(nameConstraints);
+ }
+
+ PKIX_INCREF(nameConstraints->excludedList);
+
+ *pExcludedList = nameConstraints->excludedList;
+
+cleanup:
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_CheckNameSpaceNssNames
+ * DESCRIPTION:
+ *
+ * This function checks if CERTGeneralNames in "nssSubjectNames" comply
+ * with the permitted and excluded names in "nameConstraints". It returns
+ * PKIX_TRUE in "pCheckPass", if the Names satify the name space of the
+ * permitted list and if the Names are not in the excluded list. Otherwise,
+ * it returns PKIX_FALSE.
+ *
+ * PARAMETERS
+ * "nssSubjectNames"
+ * List of CERTGeneralName that nameConstraints verification is based on.
+ * "nameConstraints"
+ * Address of CertNameConstraints that provides lists of permitted
+ * and excluded names. Must be non-NULL.
+ * "pCheckPass"
+ * Address where PKIX_TRUE is returned if the all names in "nameList" are
+ * valid.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertNameConstraints_CheckNameSpaceNssNames(
+ CERTGeneralName *nssSubjectNames,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean *pCheckPass,
+ void *plContext)
+{
+ CERTNameConstraints **nssNameConstraintsList = NULL;
+ CERTNameConstraints *nssNameConstraints = NULL;
+ CERTGeneralName *nssMatchName = NULL;
+ PLArenaPool *arena = NULL;
+ PKIX_UInt32 numItems = 0;
+ PKIX_UInt32 i;
+ SECStatus status = SECSuccess;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_CheckNameSpaceNssNames");
+ PKIX_NULLCHECK_THREE(nssSubjectNames, nameConstraints, pCheckPass);
+
+ *pCheckPass = PKIX_TRUE;
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ nssMatchName = nssSubjectNames;
+ nssNameConstraintsList = nameConstraints->nssNameConstraintsList;
+
+ /*
+ * CERTNameConstraint items in each permitted or excluded list
+ * is verified as OR condition. That means, if one item matched,
+ * then the checking on the remaining items on the list is skipped.
+ * (see NSS cert_CompareNameWithConstraints(...)).
+ * Items on PKIX_PL_NameConstraint's nssNameConstraints are verified
+ * as AND condition. PKIX_PL_NameConstraint keeps an array of pointers
+ * of CERTNameConstraints resulting from merging multiple
+ * PKIX_PL_NameConstraints. Since each CERTNameConstraint are created
+ * for different entity, a union condition of these entities then is
+ * performed.
+ */
+
+ do {
+
+ numItems = nameConstraints->numNssNameConstraints;
+
+ for (i = 0; i < numItems; i++) {
+
+ PKIX_NULLCHECK_ONE(nssNameConstraintsList);
+ nssNameConstraints = *(nssNameConstraintsList + i);
+ PKIX_NULLCHECK_ONE(nssNameConstraints);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_CheckNameSpace\n");
+ status = CERT_CheckNameSpace
+ (arena, nssNameConstraints, nssMatchName);
+ if (status != SECSuccess) {
+ break;
+ }
+
+ }
+
+ if (status != SECSuccess) {
+ break;
+ }
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_GetNextGeneralName\n");
+ nssMatchName = CERT_GetNextGeneralName(nssMatchName);
+
+ } while (nssMatchName != nssSubjectNames);
+
+ if (status == SECFailure) {
+
+ *pCheckPass = PKIX_FALSE;
+ }
+
+cleanup:
+
+ if (arena){
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_NameConstraints_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),
+ PKIX_OBJECTNOTCERTNAMECONSTRAINTS);
+
+ nameConstraints = (PKIX_PL_CertNameConstraints *)object;
+
+ PKIX_CHECK(PKIX_PL_Free
+ (nameConstraints->nssNameConstraintsList, plContext),
+ PKIX_FREEFAILED);
+
+ if (nameConstraints->arena){
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(nameConstraints->arena, PR_FALSE);
+ nameConstraints->arena = NULL;
+ }
+
+ PKIX_DECREF(nameConstraints->permittedList);
+ PKIX_DECREF(nameConstraints->excludedList);
+
+cleanup:
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the object
+ * NameConstraints and stores it at "pString".
+ *
+ * PARAMETERS
+ * "nameConstraints"
+ * Address of CertNameConstraints whose string representation is
+ * desired. Must be non-NULL.
+ * "pString"
+ * Address where string object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a
+ * non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_ToString_Helper(
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ char *asciiFormat = NULL;
+ PKIX_PL_String *formatString = NULL;
+ PKIX_List *permittedList = NULL;
+ PKIX_List *excludedList = NULL;
+ PKIX_PL_String *permittedListString = NULL;
+ PKIX_PL_String *excludedListString = NULL;
+ PKIX_PL_String *nameConstraintsString = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_ToString_Helper");
+ PKIX_NULLCHECK_TWO(nameConstraints, pString);
+
+ asciiFormat =
+ "[\n"
+ "\t\tPermitted Name: %s\n"
+ "\t\tExcluded Name: %s\n"
+ "\t]\n";
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ asciiFormat,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitted
+ (nameConstraints, &permittedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED);
+
+ PKIX_TOSTRING(permittedList, &permittedListString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcluded
+ (nameConstraints, &excludedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED);
+
+ PKIX_TOSTRING(excludedList, &excludedListString, plContext,
+ PKIX_LISTTOSTRINGFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (&nameConstraintsString,
+ plContext,
+ formatString,
+ permittedListString,
+ excludedListString),
+ PKIX_SPRINTFFAILED);
+
+ *pString = nameConstraintsString;
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(permittedList);
+ PKIX_DECREF(excludedList);
+ PKIX_DECREF(permittedListString);
+ PKIX_DECREF(excludedListString);
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *nameConstraintsString = NULL;
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(
+ object, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),
+ PKIX_OBJECTNOTCERTNAMECONSTRAINTS);
+
+ nameConstraints = (PKIX_PL_CertNameConstraints *)object;
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_ToString_Helper
+ (nameConstraints, &nameConstraintsString, plContext),
+ PKIX_CERTNAMECONSTRAINTSTOSTRINGHELPERFAILED);
+
+ *pString = nameConstraintsString;
+
+cleanup:
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ PKIX_List *permittedList = NULL;
+ PKIX_List *excludedList = NULL;
+ PKIX_UInt32 permitHash = 0;
+ PKIX_UInt32 excludeHash = 0;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType
+ (object, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),
+ PKIX_OBJECTNOTCERTNAMECONSTRAINTS);
+
+ nameConstraints = (PKIX_PL_CertNameConstraints *)object;
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitted
+ (nameConstraints, &permittedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED);
+
+ PKIX_HASHCODE(permittedList, &permitHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcluded
+ (nameConstraints, &excludedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED);
+
+ PKIX_HASHCODE(excludedList, &excludeHash, plContext,
+ PKIX_OBJECTHASHCODEFAILED);
+
+ *pHashcode = (((permitHash << 7) + excludeHash) << 7) +
+ nameConstraints->numNssNameConstraints;
+
+cleanup:
+
+ PKIX_DECREF(permittedList);
+ PKIX_DECREF(excludedList);
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *firstNC = NULL;
+ PKIX_PL_CertNameConstraints *secondNC = NULL;
+ PKIX_List *firstPermittedList = NULL;
+ PKIX_List *secondPermittedList = NULL;
+ PKIX_List *firstExcludedList = NULL;
+ PKIX_List *secondExcludedList = NULL;
+ PKIX_UInt32 secondType;
+ PKIX_Boolean cmpResult = PKIX_FALSE;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a CertNameConstraints */
+ PKIX_CHECK(pkix_CheckType
+ (firstObject, PKIX_CERTNAMECONSTRAINTS_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTCERTNAMECONSTRAINTS);
+
+ firstNC = (PKIX_PL_CertNameConstraints *)firstObject;
+ secondNC = (PKIX_PL_CertNameConstraints *)secondObject;
+
+ /*
+ * Since we know firstObject is a CertNameConstraints, if both
+ * references are identical, they must be equal
+ */
+ if (firstNC == secondNC){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondNC isn't a CertNameConstraints, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ ((PKIX_PL_Object *)secondNC, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ if (secondType != PKIX_CERTNAMECONSTRAINTS_TYPE) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitted
+ (firstNC, &firstPermittedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetPermitted
+ (secondNC, &secondPermittedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETPERMITTEDFAILED);
+
+ PKIX_EQUALS
+ (firstPermittedList, secondPermittedList, &cmpResult, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE) {
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcluded
+ (firstNC, &firstExcludedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_GetExcluded
+ (secondNC, &secondExcludedList, plContext),
+ PKIX_CERTNAMECONSTRAINTSGETEXCLUDEDFAILED);
+
+ PKIX_EQUALS
+ (firstExcludedList, secondExcludedList, &cmpResult, plContext,
+ PKIX_OBJECTEQUALSFAILED);
+
+ if (cmpResult != PKIX_TRUE) {
+ goto cleanup;
+ }
+
+ /*
+ * numNssNameConstraints is not checked because it is basically a
+ * merge count, it cannot determine the data equality.
+ */
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_DECREF(firstPermittedList);
+ PKIX_DECREF(secondPermittedList);
+ PKIX_DECREF(firstExcludedList);
+ PKIX_DECREF(secondExcludedList);
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_CERTNAMECONSTRAINTS_TYPE and its related functions with
+ * systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_CertNameConstraints_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_RegisterSelf");
+
+ entry.description = "CertNameConstraints";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_CertNameConstraints);
+ entry.destructor = pkix_pl_CertNameConstraints_Destroy;
+ entry.equalsFunction = pkix_pl_CertNameConstraints_Equals;
+ entry.hashcodeFunction = pkix_pl_CertNameConstraints_Hashcode;
+ entry.toStringFunction = pkix_pl_CertNameConstraints_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_CERTNAMECONSTRAINTS_TYPE] = entry;
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_Create_Helper
+ *
+ * DESCRIPTION:
+ * This function retrieves name constraints in "nssNameConstraints",
+ * converts and stores the result in a PKIX_PL_CertNameConstraints object.
+ *
+ * PARAMETERS
+ * "nssNameConstraints"
+ * Address of CERTNameConstraints that contains this object's data.
+ * Must be non-NULL.
+ * "pNameConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * A NULL value will be returned if there is no Name Constraints extension.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_Create_Helper(
+ CERTNameConstraints *nssNameConstraints,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ CERTNameConstraints **nssNameConstraintPtr = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_Create_Helper");
+ PKIX_NULLCHECK_TWO(nssNameConstraints, pNameConstraints);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_CERTNAMECONSTRAINTS_TYPE,
+ sizeof (PKIX_PL_CertNameConstraints),
+ (PKIX_PL_Object **)&nameConstraints,
+ plContext),
+ PKIX_COULDNOTCREATECERTNAMECONSTRAINTSOBJECT);
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (sizeof (CERTNameConstraint *),
+ (void *)&nssNameConstraintPtr,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ nameConstraints->numNssNameConstraints = 1;
+ nameConstraints->nssNameConstraintsList = nssNameConstraintPtr;
+ *nssNameConstraintPtr = nssNameConstraints;
+
+ nameConstraints->permittedList = NULL;
+ nameConstraints->excludedList = NULL;
+ nameConstraints->arena = NULL;
+
+ *pNameConstraints = nameConstraints;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(nameConstraints);
+ }
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_Create
+ *
+ * DESCRIPTION:
+ * function that allocates and initialize the object CertNameConstraints.
+ *
+ * PARAMETERS
+ * "nssCert"
+ * Address of CERT that contains this object's data.
+ * Must be non-NULL.
+ * "pNameConstraints"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * A NULL value will be returned if there is no Name Constraints extension.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertNameConstraints_Create(
+ CERTCertificate *nssCert,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ CERTNameConstraints *nssNameConstraints = NULL;
+ PLArenaPool *arena = NULL;
+ SECStatus status;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Create");
+ PKIX_NULLCHECK_THREE(nssCert, pNameConstraints, nssCert->arena);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena).\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_FindNameConstraintsExten\n");
+ status = CERT_FindNameConstraintsExten
+ (arena, nssCert, &nssNameConstraints);
+
+ if (status != SECSuccess) {
+ PKIX_ERROR(PKIX_DECODINGCERTNAMECONSTRAINTSFAILED);
+ }
+
+ if (nssNameConstraints == NULL) {
+ *pNameConstraints = NULL;
+ if (arena){
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ goto cleanup;
+ }
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_Create_Helper
+ (nssNameConstraints, &nameConstraints, plContext),
+ PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED);
+
+ nameConstraints->arena = arena;
+
+ *pNameConstraints = nameConstraints;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ if (arena){
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ }
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_CreateByMerge
+ *
+ * DESCRIPTION:
+ *
+ * This function allocates and creates a PKIX_PL_NameConstraint object
+ * for merging. It also allocates CERTNameConstraints data space for the
+ * merged NSS NameConstraints data.
+ *
+ * PARAMETERS
+ * "pNameConstraints"
+ * Address where object pointer will be stored and returned.
+ * Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_CreateByMerge(
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ CERTNameConstraints *nssNameConstraints = NULL;
+ PLArenaPool *arena = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_CreateByMerge");
+ PKIX_NULLCHECK_ONE(pNameConstraints);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena).\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_ArenaZNew).\n");
+ nssNameConstraints = PORT_ArenaZNew(arena, CERTNameConstraints);
+ if (nssNameConstraints == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ nssNameConstraints->permited = NULL;
+ nssNameConstraints->excluded = NULL;
+ nssNameConstraints->DERPermited = NULL;
+ nssNameConstraints->DERExcluded = NULL;
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_Create_Helper
+ (nssNameConstraints, &nameConstraints, plContext),
+ PKIX_CERTNAMECONSTRAINTSCREATEHELPERFAILED);
+
+ nameConstraints->arena = arena;
+
+ *pNameConstraints = nameConstraints;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ if (arena){
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ }
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_CopyNssNameConstraints
+ *
+ * DESCRIPTION:
+ *
+ * This function allocates and copies data to a NSS CERTNameConstraints from
+ * the NameConstraints given by "srcNC" and stores the result at "pDestNC". It
+ * copies items on both the permitted and excluded lists, but not the
+ * DERPermited and DERExcluded.
+ *
+ * PARAMETERS
+ * "arena"
+ * Memory pool where object data is allocated from. Must be non-NULL.
+ * "srcNC"
+ * Address of the NameConstraints to copy from. Must be non-NULL.
+ * "pDestNC"
+ * Address where new copied object is stored and returned.
+ * Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_CertNameConstraints_CopyNssNameConstraints(
+ PLArenaPool *arena,
+ CERTNameConstraints *srcNC,
+ CERTNameConstraints **pDestNC,
+ void *plContext)
+{
+ CERTNameConstraints *nssNameConstraints = NULL;
+ CERTNameConstraint *nssNameConstraintHead = NULL;
+ CERTNameConstraint *nssCurrent = NULL;
+ CERTNameConstraint *nssCopyTo = NULL;
+ CERTNameConstraint *nssCopyFrom = NULL;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "pkix_pl_CertNameConstraints_CopyNssNameConstraints");
+ PKIX_NULLCHECK_THREE(arena, srcNC, pDestNC);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_ArenaZNew).\n");
+ nssNameConstraints = PORT_ArenaZNew(arena, CERTNameConstraints);
+ if (nssNameConstraints == NULL) {
+ PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
+ }
+
+ if (srcNC->permited) {
+
+ nssCopyFrom = srcNC->permited;
+
+ do {
+
+ nssCopyTo = NULL;
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_CopyNameConstraint).\n");
+ nssCopyTo = CERT_CopyNameConstraint
+ (arena, nssCopyTo, nssCopyFrom);
+ if (nssCopyTo == NULL) {
+ PKIX_ERROR(PKIX_CERTCOPYNAMECONSTRAINTFAILED);
+ }
+ if (nssCurrent == NULL) {
+ nssCurrent = nssNameConstraintHead = nssCopyTo;
+ } else {
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_AddNameConstraint).\n");
+ nssCurrent = CERT_AddNameConstraint
+ (nssCurrent, nssCopyTo);
+ }
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_GetNextNameConstrain).\n");
+ nssCopyFrom = CERT_GetNextNameConstraint(nssCopyFrom);
+
+ } while (nssCopyFrom != srcNC->permited);
+
+ nssNameConstraints->permited = nssNameConstraintHead;
+ }
+
+ if (srcNC->excluded) {
+
+ nssCurrent = NULL;
+ nssCopyFrom = srcNC->excluded;
+
+ do {
+
+ /*
+ * Cannot use CERT_DupGeneralNameList, which just increments
+ * refcount. We need our own copy since arena is for each
+ * PKIX_PL_NameConstraints. Perhaps contribute this code
+ * as CERT_CopyGeneralNameList (in the future).
+ */
+ nssCopyTo = NULL;
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_CopyNameConstraint).\n");
+ nssCopyTo = CERT_CopyNameConstraint
+ (arena, nssCopyTo, nssCopyFrom);
+ if (nssCopyTo == NULL) {
+ PKIX_ERROR(PKIX_CERTCOPYNAMECONSTRAINTFAILED);
+ }
+ if (nssCurrent == NULL) {
+ nssCurrent = nssNameConstraintHead = nssCopyTo;
+ } else {
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_AddNameConstraint).\n");
+ nssCurrent = CERT_AddNameConstraint
+ (nssCurrent, nssCopyTo);
+ }
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_GetNextNameConstrain).\n");
+ nssCopyFrom = CERT_GetNextNameConstraint(nssCopyFrom);
+
+ } while (nssCopyFrom != srcNC->excluded);
+
+ nssNameConstraints->excluded = nssNameConstraintHead;
+ }
+
+ *pDestNC = nssNameConstraints;
+
+cleanup:
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/*
+ * FUNCTION: pkix_pl_CertNameConstraints_Merge
+ *
+ * DESCRIPTION:
+ *
+ * This function merges two NameConstraints pointed to by "firstNC" and
+ * "secondNC" and stores the result in "pMergedNC".
+ *
+ * PARAMETERS
+ * "firstNC"
+ * Address of the first NameConstraints to be merged. Must be non-NULL.
+ * "secondNC"
+ * Address of the second NameConstraints to be merged. Must be non-NULL.
+ * "pMergedNC"
+ * Address where the merge result is stored and returned. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a NameConstraints Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_CertNameConstraints_Merge(
+ PKIX_PL_CertNameConstraints *firstNC,
+ PKIX_PL_CertNameConstraints *secondNC,
+ PKIX_PL_CertNameConstraints **pMergedNC,
+ void *plContext)
+{
+ PKIX_PL_CertNameConstraints *nameConstraints = NULL;
+ CERTNameConstraints **nssNCto = NULL;
+ CERTNameConstraints **nssNCfrom = NULL;
+ CERTNameConstraints *nssNameConstraints = NULL;
+ PKIX_UInt32 numNssItems = 0;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS, "pkix_pl_CertNameConstraints_Merge");
+ PKIX_NULLCHECK_THREE(firstNC, secondNC, pMergedNC);
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_CreateByMerge
+ (&nameConstraints, plContext),
+ PKIX_CERTNAMECONSTRAINTSCREATEBYMERGEFAILED);
+
+ /* Merge NSSCertConstraint lists */
+
+ numNssItems = firstNC->numNssNameConstraints +
+ secondNC->numNssNameConstraints;
+
+ /* Free the default space (only one entry) allocated by create */
+ PKIX_CHECK(PKIX_PL_Free
+ (nameConstraints->nssNameConstraintsList, plContext),
+ PKIX_FREEFAILED);
+
+ /* Reallocate the size we need */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (numNssItems * sizeof (CERTNameConstraint *),
+ (void *)&nssNCto,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ nameConstraints->nssNameConstraintsList = nssNCto;
+
+ nssNCfrom = firstNC->nssNameConstraintsList;
+
+ for (i = 0; i < firstNC->numNssNameConstraints; i++) {
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_CopyNssNameConstraints
+ (nameConstraints->arena,
+ *nssNCfrom,
+ &nssNameConstraints,
+ plContext),
+ PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED);
+
+ *nssNCto = nssNameConstraints;
+
+ nssNCto++;
+ nssNCfrom++;
+ }
+
+ nssNCfrom = secondNC->nssNameConstraintsList;
+
+ for (i = 0; i < secondNC->numNssNameConstraints; i++) {
+
+ PKIX_CHECK(pkix_pl_CertNameConstraints_CopyNssNameConstraints
+ (nameConstraints->arena,
+ *nssNCfrom,
+ &nssNameConstraints,
+ plContext),
+ PKIX_CERTNAMECONSTRAINTSCOPYNSSNAMECONSTRAINTSFAILED);
+
+ *nssNCto = nssNameConstraints;
+
+ nssNCto++;
+ nssNCfrom++;
+ }
+
+ nameConstraints->numNssNameConstraints = numNssItems;
+ nameConstraints->permittedList = NULL;
+ nameConstraints->excludedList = NULL;
+
+ *pMergedNC = nameConstraints;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(nameConstraints);
+ }
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
+
+/* --Public-NameConstraints-Functions-------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_CertNameConstraints_CheckNamesInNameSpace
+ * (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_CertNameConstraints_CheckNamesInNameSpace(
+ PKIX_List *nameList, /* List of PKIX_PL_GeneralName */
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean *pCheckPass,
+ void *plContext)
+{
+ CERTNameConstraints **nssNameConstraintsList = NULL;
+ CERTNameConstraints *nssNameConstraints = NULL;
+ CERTGeneralName *nssMatchName = NULL;
+ PLArenaPool *arena = NULL;
+ PKIX_PL_GeneralName *name = NULL;
+ PKIX_UInt32 numNameItems = 0;
+ PKIX_UInt32 numNCItems = 0;
+ PKIX_UInt32 i, j;
+ SECStatus status = SECSuccess;
+
+ PKIX_ENTER(CERTNAMECONSTRAINTS,
+ "PKIX_PL_CertNameConstraints_CheckNamesInNameSpace");
+ PKIX_NULLCHECK_TWO(nameConstraints, pCheckPass);
+
+ *pCheckPass = PKIX_TRUE;
+
+ if (nameList != NULL) {
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG("\t\tCalling PORT_NewArena\n");
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ nssNameConstraintsList =
+ nameConstraints->nssNameConstraintsList;
+ PKIX_NULLCHECK_ONE(nssNameConstraintsList);
+ numNCItems = nameConstraints->numNssNameConstraints;
+
+ PKIX_CHECK(PKIX_List_GetLength
+ (nameList, &numNameItems, plContext),
+ PKIX_LISTGETLENGTHFAILED);
+
+ for (i = 0; i < numNameItems; i++) {
+
+ PKIX_CHECK(PKIX_List_GetItem
+ (nameList,
+ i,
+ (PKIX_PL_Object **) &name,
+ plContext),
+ PKIX_LISTGETITEMFAILED);
+
+ PKIX_CHECK(pkix_pl_GeneralName_GetNssGeneralName
+ (name, &nssMatchName, plContext),
+ PKIX_GENERALNAMEGETNSSGENERALNAMEFAILED);
+
+ PKIX_DECREF(name);
+
+ for (j = 0; j < numNCItems; j++) {
+
+ nssNameConstraints = *(nssNameConstraintsList + j);
+ PKIX_NULLCHECK_ONE(nssNameConstraints);
+
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling CERT_CheckNameSpace\n");
+ status = CERT_CheckNameSpace
+ (arena, nssNameConstraints, nssMatchName);
+ if (status != SECSuccess) {
+ break;
+ }
+
+ }
+
+ if (status != SECSuccess) {
+ break;
+ }
+
+ }
+ }
+
+ if (status == SECFailure) {
+ *pCheckPass = PKIX_FALSE;
+ }
+
+cleanup:
+
+ if (arena){
+ PKIX_CERTNAMECONSTRAINTS_DEBUG
+ ("\t\tCalling PORT_FreeArena).\n");
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PKIX_RETURN(CERTNAMECONSTRAINTS);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.h
new file mode 100644
index 000000000..2f305ac10
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_nameconstraints.h
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_nameconstraints.h
+ *
+ * Name Constraints Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_NAMECONSTRAINTS_H
+#define _PKIX_PL_NAMECONSTRAINTS_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_CertNameConstraintsStruct {
+ PLArenaPool *arena;
+ CERTNameConstraints **nssNameConstraintsList;
+ PKIX_UInt32 numNssNameConstraints;
+ PKIX_List *permittedList; /* list of PKIX_PL_GeneralName */
+ PKIX_List *excludedList; /* list of PKIX_PL_GeneralName */
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_CertNameConstraints_RegisterSelf(void *plContext);
+
+PKIX_Error *pkix_pl_CertNameConstraints_Create(
+ CERTCertificate *nssCert,
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertNameConstraints_CreateWithNames(
+ PKIX_List *names, /* List of PKIX_PL_GeneralName */
+ PKIX_PL_CertNameConstraints **pNameConstraints,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertNameConstraints_CheckNameSpaceNssNames(
+ CERTGeneralName *nssSubjectNames,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean *pCheckPass,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_CertNameConstraints_CheckNameSpacePkixNames(
+ PKIX_List *nameList,
+ PKIX_PL_CertNameConstraints *nameConstraints,
+ PKIX_Boolean *pCheckPass,
+ void *plContext);
+
+
+PKIX_Error *pkix_pl_CertNameConstraints_Merge(
+ PKIX_PL_CertNameConstraints *firstNC,
+ PKIX_PL_CertNameConstraints *secondNC,
+ PKIX_PL_CertNameConstraints **pMergedNC,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_NAMECONSTRAINTS_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.c
new file mode 100644
index 000000000..679811dec
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.c
@@ -0,0 +1,251 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ocspcertid.c
+ *
+ * Certificate ID Object for OCSP
+ *
+ */
+
+#include "pkix_pl_ocspcertid.h"
+
+/* --Private-Cert-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_OcspCertID_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspCertID_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_OcspCertID *certID = NULL;
+
+ PKIX_ENTER(OCSPCERTID, "pkix_pl_OcspCertID_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OCSPCERTID_TYPE, plContext),
+ PKIX_OBJECTNOTOCSPCERTID);
+
+ certID = (PKIX_PL_OcspCertID *)object;
+
+ if (certID->certID) {
+ CERT_DestroyOCSPCertID(certID->certID);
+ }
+
+cleanup:
+
+ PKIX_RETURN(OCSPCERTID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspCertID_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_PUBLICKEY_TYPE and its related functions
+ * with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_OcspCertID_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(OCSPCERTID, "pkix_pl_OcspCertID_RegisterSelf");
+
+ entry.description = "OcspCertID";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_OcspCertID);
+ entry.destructor = pkix_pl_OcspCertID_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+ systemClasses[PKIX_OCSPCERTID_TYPE] = entry;
+
+ PKIX_RETURN(OCSPCERTID);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_OcspCertID_Create
+ * DESCRIPTION:
+ *
+ * This function creates an OcspCertID for a given certificate,
+ * to be used with OCSP transactions.
+ *
+ * If a Date is provided in "validity" it may be used in the search for the
+ * issuer of "cert" but has no effect on the request itself.
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of the Cert for which an OcspCertID is to be created. Must be
+ * non-NULL.
+ * "validity"
+ * Address of the Date for which the Cert's validity is to be determined.
+ * May be NULL.
+ * "object"
+ * Address at which the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspCertID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_OcspCertID_Create(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Date *validity,
+ PKIX_PL_OcspCertID **object,
+ void *plContext)
+{
+ PKIX_PL_OcspCertID *cid = NULL;
+ PRTime time = 0;
+
+ PKIX_ENTER(DATE, "PKIX_PL_OcspCertID_Create");
+ PKIX_NULLCHECK_TWO(cert, object);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_OCSPCERTID_TYPE,
+ sizeof (PKIX_PL_OcspCertID),
+ (PKIX_PL_Object **)&cid,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ if (validity != NULL) {
+ PKIX_CHECK(pkix_pl_Date_GetPRTime(validity, &time, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ } else {
+ time = PR_Now();
+ }
+
+ cid->certID = CERT_CreateOCSPCertID(cert->nssCert, time);
+ if (!cid->certID) {
+ PKIX_ERROR(PKIX_COULDNOTCREATEOBJECT);
+ }
+
+ *object = cid;
+ cid = NULL;
+cleanup:
+ PKIX_DECREF(cid);
+ PKIX_RETURN(OCSPCERTID);
+}
+
+/*
+ * FUNCTION: PKIX_PL_OcspCertID_GetFreshCacheStatus
+ * DESCRIPTION:
+ *
+ * This function may return cached OCSP results for the provided
+ * certificate, but only if stored information is still considered to be
+ * fresh.
+ *
+ * PARAMETERS
+ * "cid"
+ * A certificate ID as used by OCSP
+ * "validity"
+ * Optional date parameter to request validity for a specifc time.
+ * "hasFreshStatus"
+ * Output parameter, if the function successed to find fresh cached
+ * information, this will be set to true. Must be non-NULL.
+ * "statusIsGood"
+ * The good/bad result stored in the cache. Must be non-NULL.
+ * "missingResponseError"
+ * If OCSP status is "bad", this variable may indicate the exact
+ * reason why the previous OCSP request had failed.
+ * "plContext"
+ * Platform-specific context pointer.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspCertID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_OcspCertID_GetFreshCacheStatus(
+ PKIX_PL_OcspCertID *cid,
+ PKIX_PL_Date *validity,
+ PKIX_Boolean *hasFreshStatus,
+ PKIX_Boolean *statusIsGood,
+ SECErrorCodes *missingResponseError,
+ void *plContext)
+{
+ PRTime time = 0;
+ SECStatus rv;
+ SECStatus rvOcsp;
+ OCSPFreshness freshness;
+
+ PKIX_ENTER(DATE, "PKIX_PL_OcspCertID_GetFreshCacheStatus");
+ PKIX_NULLCHECK_THREE(cid, hasFreshStatus, statusIsGood);
+
+ if (validity != NULL) {
+ PKIX_CHECK(pkix_pl_Date_GetPRTime(validity, &time, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ } else {
+ time = PR_Now();
+ }
+
+ rv = ocsp_GetCachedOCSPResponseStatus(
+ cid->certID, time, PR_TRUE, /*ignoreGlobalOcspFailureSetting*/
+ &rvOcsp, missingResponseError, &freshness);
+
+ *hasFreshStatus = (rv == SECSuccess && freshness == ocspFresh);
+ if (*hasFreshStatus) {
+ *statusIsGood = (rvOcsp == SECSuccess);
+ }
+cleanup:
+ PKIX_RETURN(OCSPCERTID);
+}
+
+/*
+ * FUNCTION: PKIX_PL_OcspCertID_RememberOCSPProcessingFailure
+ * DESCRIPTION:
+ *
+ * Information about the current failure associated to the given certID
+ * will be remembered in the cache, potentially allowing future calls
+ * to prevent repetitive OCSP requests.
+ * After this function got called, it may no longer be safe to
+ * use the provided cid parameter, because ownership might have been
+ * transfered to the cache. This status will be recorded inside the
+ * cid object.
+ *
+ * PARAMETERS
+ * "cid"
+ * The certificate ID associated to a failed OCSP processing.
+ * "plContext"
+ * Platform-specific context pointer.
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspCertID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+PKIX_PL_OcspCertID_RememberOCSPProcessingFailure(
+ PKIX_PL_OcspCertID *cid,
+ void *plContext)
+{
+ PRBool certIDWasConsumed = PR_FALSE;
+
+ PKIX_ENTER(DATE, "PKIX_PL_OcspCertID_RememberOCSPProcessingFailure");
+ PKIX_NULLCHECK_TWO(cid, cid->certID);
+
+ cert_RememberOCSPProcessingFailure(cid->certID, &certIDWasConsumed);
+
+ if (certIDWasConsumed) {
+ cid->certID = NULL;
+ }
+
+ PKIX_RETURN(OCSPCERTID);
+}
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.h
new file mode 100644
index 000000000..772a12b25
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspcertid.h
@@ -0,0 +1,53 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ocspcertid.h
+ *
+ * Public Key Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_OCSPCERTID_H
+#define _PKIX_PL_OCSPCERTID_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_OcspCertIDStruct {
+ CERTOCSPCertID *certID;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_OcspCertID_RegisterSelf(void *plContext);
+
+PKIX_Error *
+PKIX_PL_OcspCertID_Create(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_Date *validity,
+ PKIX_PL_OcspCertID **object,
+ void *plContext);
+
+PKIX_Error *
+PKIX_PL_OcspCertID_GetFreshCacheStatus(
+ PKIX_PL_OcspCertID *cid,
+ PKIX_PL_Date *validity,
+ PKIX_Boolean *hasFreshStatus,
+ PKIX_Boolean *statusIsGood,
+ SECErrorCodes *missingResponseError,
+ void *plContext);
+
+PKIX_Error *
+PKIX_PL_OcspCertID_RememberOCSPProcessingFailure(
+ PKIX_PL_OcspCertID *cid,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_OCSPCERTID_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.c
new file mode 100644
index 000000000..171a3d2d9
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.c
@@ -0,0 +1,441 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ocsprequest.c
+ *
+ */
+
+#include "pkix_pl_ocsprequest.h"
+
+/* --Private-OcspRequest-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspRequest_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_OcspRequest *ocspReq = NULL;
+
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OCSPREQUEST_TYPE, plContext),
+ PKIX_OBJECTNOTOCSPREQUEST);
+
+ ocspReq = (PKIX_PL_OcspRequest *)object;
+
+ if (ocspReq->decoded != NULL) {
+ CERT_DestroyOCSPRequest(ocspReq->decoded);
+ }
+
+ if (ocspReq->encoded != NULL) {
+ SECITEM_FreeItem(ocspReq->encoded, PR_TRUE);
+ }
+
+ if (ocspReq->location != NULL) {
+ PORT_Free(ocspReq->location);
+ }
+
+ PKIX_DECREF(ocspReq->cert);
+ PKIX_DECREF(ocspReq->validity);
+ PKIX_DECREF(ocspReq->signerCert);
+
+cleanup:
+
+ PKIX_RETURN(OCSPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspRequest_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_UInt32 certHash = 0;
+ PKIX_UInt32 dateHash = 0;
+ PKIX_UInt32 extensionHash = 0;
+ PKIX_UInt32 signerHash = 0;
+ PKIX_PL_OcspRequest *ocspRq = NULL;
+
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OCSPREQUEST_TYPE, plContext),
+ PKIX_OBJECTNOTOCSPREQUEST);
+
+ ocspRq = (PKIX_PL_OcspRequest *)object;
+
+ *pHashcode = 0;
+
+ PKIX_HASHCODE(ocspRq->cert, &certHash, plContext,
+ PKIX_CERTHASHCODEFAILED);
+
+ PKIX_HASHCODE(ocspRq->validity, &dateHash, plContext,
+ PKIX_DATEHASHCODEFAILED);
+
+ if (ocspRq->addServiceLocator == PKIX_TRUE) {
+ extensionHash = 0xff;
+ }
+
+ PKIX_HASHCODE(ocspRq->signerCert, &signerHash, plContext,
+ PKIX_CERTHASHCODEFAILED);
+
+ *pHashcode = (((((extensionHash << 8) || certHash) << 8) ||
+ dateHash) << 8) || signerHash;
+
+cleanup:
+
+ PKIX_RETURN(OCSPREQUEST);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspRequest_Equals(
+ PKIX_PL_Object *firstObj,
+ PKIX_PL_Object *secondObj,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_Boolean match = PKIX_FALSE;
+ PKIX_UInt32 secondType = 0;
+ PKIX_PL_OcspRequest *firstReq = NULL;
+ PKIX_PL_OcspRequest *secondReq = NULL;
+
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_Equals");
+ PKIX_NULLCHECK_THREE(firstObj, secondObj, pResult);
+
+ /* test that firstObj is a OcspRequest */
+ PKIX_CHECK(pkix_CheckType(firstObj, PKIX_OCSPREQUEST_TYPE, plContext),
+ PKIX_FIRSTOBJARGUMENTNOTOCSPREQUEST);
+
+ /*
+ * Since we know firstObj is a OcspRequest, if both references are
+ * identical, they must be equal
+ */
+ if (firstObj == secondObj){
+ match = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObj isn't a OcspRequest, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObj, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_OCSPREQUEST_TYPE) {
+ goto cleanup;
+ }
+
+ firstReq = (PKIX_PL_OcspRequest *)firstObj;
+ secondReq = (PKIX_PL_OcspRequest *)secondObj;
+
+ if (firstReq->addServiceLocator != secondReq->addServiceLocator) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS(firstReq->cert, secondReq->cert, &match, plContext,
+ PKIX_CERTEQUALSFAILED);
+
+ if (match == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS(firstReq->validity, secondReq->validity, &match, plContext,
+ PKIX_DATEEQUALSFAILED);
+
+ if (match == PKIX_FALSE) {
+ goto cleanup;
+ }
+
+ PKIX_EQUALS
+ (firstReq->signerCert, secondReq->signerCert, &match, plContext,
+ PKIX_CERTEQUALSFAILED);
+
+cleanup:
+
+ *pResult = match;
+
+ PKIX_RETURN(OCSPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_OCSPREQUEST_TYPE and its related functions with
+ * systemClasses[]
+ * PARAMETERS:
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_OcspRequest_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_RegisterSelf");
+
+ entry.description = "OcspRequest";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_OcspRequest);
+ entry.destructor = pkix_pl_OcspRequest_Destroy;
+ entry.equalsFunction = pkix_pl_OcspRequest_Equals;
+ entry.hashcodeFunction = pkix_pl_OcspRequest_Hashcode;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_OCSPREQUEST_TYPE] = entry;
+
+ PKIX_RETURN(OCSPREQUEST);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_Create
+ * DESCRIPTION:
+ *
+ * This function creates an OcspRequest to be used in validating the Cert
+ * pointed to by "cert" and storing the result at "pRequest". If a URI
+ * is found for an OCSP responder, PKIX_TRUE is stored at "pURIFound". If no
+ * URI is found, PKIX_FALSE is stored.
+ *
+ * If a Date is provided in "validity" it may be used in the search for the
+ * issuer of "cert" but has no effect on the request itself. If
+ * "addServiceLocator" is TRUE, the AddServiceLocator extension will be
+ * included in the Request. If "signerCert" is provided it will be used to sign
+ * the Request. (Note: this signed request feature is not currently supported.)
+ *
+ * PARAMETERS:
+ * "cert"
+ * Address of the Cert for which an OcspRequest is to be created. Must be
+ * non-NULL.
+ * "validity"
+ * Address of the Date for which the Cert's validity is to be determined.
+ * May be NULL.
+ * "signerCert"
+ * Address of the Cert to be used, if present, in signing the request.
+ * May be NULL.
+ * "pRequest"
+ * Address at which the result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspRequest Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OcspRequest_Create(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_OcspCertID *cid,
+ PKIX_PL_Date *validity,
+ PKIX_PL_Cert *signerCert,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean *pURIFound,
+ PKIX_PL_OcspRequest **pRequest,
+ void *plContext)
+{
+ PKIX_PL_OcspRequest *ocspRequest = NULL;
+
+ CERTCertDBHandle *handle = NULL;
+ SECStatus rv = SECFailure;
+ SECItem *encoding = NULL;
+ CERTOCSPRequest *certRequest = NULL;
+ PRTime time = 0;
+ PRBool addServiceLocatorExtension = PR_FALSE;
+ CERTCertificate *nssCert = NULL;
+ CERTCertificate *nssSignerCert = NULL;
+ char *location = NULL;
+ PRErrorCode locError = 0;
+ PKIX_Boolean canUseDefaultSource = PKIX_FALSE;
+
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_Create");
+ PKIX_NULLCHECK_TWO(cert, pRequest);
+
+ /* create a PKIX_PL_OcspRequest object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_OCSPREQUEST_TYPE,
+ sizeof (PKIX_PL_OcspRequest),
+ (PKIX_PL_Object **)&ocspRequest,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ PKIX_INCREF(cert);
+ ocspRequest->cert = cert;
+
+ PKIX_INCREF(validity);
+ ocspRequest->validity = validity;
+
+ PKIX_INCREF(signerCert);
+ ocspRequest->signerCert = signerCert;
+
+ ocspRequest->decoded = NULL;
+ ocspRequest->encoded = NULL;
+
+ ocspRequest->location = NULL;
+
+ nssCert = cert->nssCert;
+
+ /*
+ * Does this Cert have an Authority Information Access extension with
+ * the URI of an OCSP responder?
+ */
+ handle = CERT_GetDefaultCertDB();
+
+ if (!(methodFlags & PKIX_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE)) {
+ canUseDefaultSource = PKIX_TRUE;
+ }
+ location = ocsp_GetResponderLocation(handle, nssCert,
+ canUseDefaultSource,
+ &addServiceLocatorExtension);
+ if (location == NULL) {
+ locError = PORT_GetError();
+ if (locError == SEC_ERROR_EXTENSION_NOT_FOUND ||
+ locError == SEC_ERROR_CERT_BAD_ACCESS_LOCATION) {
+ PORT_SetError(0);
+ *pURIFound = PKIX_FALSE;
+ goto cleanup;
+ }
+ PKIX_ERROR(PKIX_ERRORFINDINGORPROCESSINGURI);
+ }
+
+ ocspRequest->location = location;
+ *pURIFound = PKIX_TRUE;
+
+ if (signerCert != NULL) {
+ nssSignerCert = signerCert->nssCert;
+ }
+
+ if (validity != NULL) {
+ PKIX_CHECK(pkix_pl_Date_GetPRTime(validity, &time, plContext),
+ PKIX_DATEGETPRTIMEFAILED);
+ } else {
+ time = PR_Now();
+ }
+
+ certRequest = cert_CreateSingleCertOCSPRequest(
+ cid->certID, cert->nssCert, time,
+ addServiceLocatorExtension, nssSignerCert);
+
+ ocspRequest->decoded = certRequest;
+
+ if (certRequest == NULL) {
+ PKIX_ERROR(PKIX_UNABLETOCREATECERTOCSPREQUEST);
+ }
+
+ rv = CERT_AddOCSPAcceptableResponses(
+ certRequest, SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_UNABLETOADDACCEPTABLERESPONSESTOREQUEST);
+ }
+
+ encoding = CERT_EncodeOCSPRequest(NULL, certRequest, NULL);
+
+ ocspRequest->encoded = encoding;
+
+ *pRequest = ocspRequest;
+ ocspRequest = NULL;
+
+cleanup:
+ PKIX_DECREF(ocspRequest);
+
+ PKIX_RETURN(OCSPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_GetEncoded
+ * DESCRIPTION:
+ *
+ * This function obtains the encoded message from the OcspRequest pointed to
+ * by "request", storing the result at "pRequest".
+ *
+ * PARAMETERS
+ * "request"
+ * The address of the OcspRequest whose encoded message is to be
+ * retrieved. Must be non-NULL.
+ * "pRequest"
+ * The address at which is stored the address of the encoded message. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OcspRequest_GetEncoded(
+ PKIX_PL_OcspRequest *request,
+ SECItem **pRequest,
+ void *plContext)
+{
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_GetEncoded");
+ PKIX_NULLCHECK_TWO(request, pRequest);
+
+ *pRequest = request->encoded;
+
+ PKIX_RETURN(OCSPREQUEST);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspRequest_GetLocation
+ * DESCRIPTION:
+ *
+ * This function obtains the location from the OcspRequest pointed to
+ * by "request", storing the result at "pLocation".
+ *
+ * PARAMETERS
+ * "request"
+ * The address of the OcspRequest whose encoded message is to be
+ * retrieved. Must be non-NULL.
+ * "pLocation"
+ * The address at which is stored the address of the location. Must
+ * be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OcspRequest_GetLocation(
+ PKIX_PL_OcspRequest *request,
+ char **pLocation,
+ void *plContext)
+{
+ PKIX_ENTER(OCSPREQUEST, "pkix_pl_OcspRequest_GetLocation");
+ PKIX_NULLCHECK_TWO(request, pLocation);
+
+ *pLocation = request->location;
+
+ PKIX_RETURN(OCSPREQUEST);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.h
new file mode 100644
index 000000000..fa79266ee
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.h
@@ -0,0 +1,61 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ocsprequest.h
+ *
+ * OcspRequest Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_OCSPREQUEST_H
+#define _PKIX_PL_OCSPREQUEST_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_OcspRequestStruct{
+ PKIX_PL_Cert *cert;
+ PKIX_PL_Date *validity;
+ PKIX_Boolean addServiceLocator;
+ PKIX_PL_Cert *signerCert;
+ CERTOCSPRequest *decoded;
+ SECItem *encoded;
+ char *location;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_OcspRequest_Create(
+ PKIX_PL_Cert *cert,
+ PKIX_PL_OcspCertID *cid,
+ PKIX_PL_Date *validity,
+ PKIX_PL_Cert *signerCert,
+ PKIX_UInt32 methodFlags,
+ PKIX_Boolean *pURIFound,
+ PKIX_PL_OcspRequest **pRequest,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspRequest_GetEncoded(
+ PKIX_PL_OcspRequest *request,
+ SECItem **pRequest,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspRequest_GetLocation(
+ PKIX_PL_OcspRequest *request,
+ char **pLocation,
+ void *plContext);
+
+PKIX_Error *pkix_pl_OcspRequest_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_OCSPREQUEST_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c
new file mode 100644
index 000000000..fa5d6e9d5
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c
@@ -0,0 +1,1067 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ocspresponse.c
+ *
+ */
+
+#include "pkix_pl_ocspresponse.h"
+
+/* ----Public functions------------------------------------- */
+/*
+ * This is the libpkix replacement for CERT_VerifyOCSPResponseSignature.
+ * It is used if it has been set as the verifyFcn member of ocspChecker.
+ */
+PKIX_Error *
+PKIX_PL_OcspResponse_UseBuildChain(
+ PKIX_PL_Cert *signerCert,
+ PKIX_PL_Date *producedAt,
+ PKIX_ProcessingParams *procParams,
+ void **pNBIOContext,
+ void **pState,
+ PKIX_BuildResult **pBuildResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext)
+{
+ PKIX_ProcessingParams *caProcParams = NULL;
+ PKIX_PL_Date *date = NULL;
+ PKIX_ComCertSelParams *certSelParams = NULL;
+ PKIX_CertSelector *certSelector = NULL;
+ void *nbioContext = NULL;
+ PKIX_Error *buildError = NULL;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_OcspResponse_UseBuildChain");
+ PKIX_NULLCHECK_THREE(signerCert, producedAt, procParams);
+ PKIX_NULLCHECK_THREE(pNBIOContext, pState, pBuildResult);
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ /* Are we resuming after a WOULDBLOCK return, or starting anew ? */
+ if (nbioContext == NULL) {
+ /* Starting anew */
+ PKIX_CHECK(PKIX_PL_Object_Duplicate
+ ((PKIX_PL_Object *)procParams,
+ (PKIX_PL_Object **)&caProcParams,
+ plContext),
+ PKIX_OBJECTDUPLICATEFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_SetDate(procParams, date, plContext),
+ PKIX_PROCESSINGPARAMSSETDATEFAILED);
+
+ /* create CertSelector with target certificate in params */
+
+ PKIX_CHECK(PKIX_CertSelector_Create
+ (NULL, NULL, &certSelector, plContext),
+ PKIX_CERTSELECTORCREATEFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_Create
+ (&certSelParams, plContext),
+ PKIX_COMCERTSELPARAMSCREATEFAILED);
+
+ PKIX_CHECK(PKIX_ComCertSelParams_SetCertificate
+ (certSelParams, signerCert, plContext),
+ PKIX_COMCERTSELPARAMSSETCERTIFICATEFAILED);
+
+ PKIX_CHECK(PKIX_CertSelector_SetCommonCertSelectorParams
+ (certSelector, certSelParams, plContext),
+ PKIX_CERTSELECTORSETCOMMONCERTSELECTORPARAMSFAILED);
+
+ PKIX_CHECK(PKIX_ProcessingParams_SetTargetCertConstraints
+ (caProcParams, certSelector, plContext),
+ PKIX_PROCESSINGPARAMSSETTARGETCERTCONSTRAINTSFAILED);
+ }
+
+ buildError = PKIX_BuildChain
+ (caProcParams,
+ &nbioContext,
+ pState,
+ pBuildResult,
+ pVerifyTree,
+ plContext);
+
+ /* non-null nbioContext means the build would block */
+ if (nbioContext != NULL) {
+
+ *pNBIOContext = nbioContext;
+
+ /* no buildResult means the build has failed */
+ } else if (buildError) {
+ pkixErrorResult = buildError;
+ buildError = NULL;
+ } else {
+ PKIX_DECREF(*pState);
+ }
+
+cleanup:
+
+ PKIX_DECREF(caProcParams);
+ PKIX_DECREF(date);
+ PKIX_DECREF(certSelParams);
+ PKIX_DECREF(certSelector);
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/* --Private-OcspResponse-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspResponse_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_OcspResponse *ocspRsp = NULL;
+ const SEC_HttpClientFcn *httpClient = NULL;
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OCSPRESPONSE_TYPE, plContext),
+ PKIX_OBJECTNOTANOCSPRESPONSE);
+
+ ocspRsp = (PKIX_PL_OcspResponse *)object;
+
+ if (ocspRsp->nssOCSPResponse != NULL) {
+ CERT_DestroyOCSPResponse(ocspRsp->nssOCSPResponse);
+ ocspRsp->nssOCSPResponse = NULL;
+ }
+
+ if (ocspRsp->signerCert != NULL) {
+ CERT_DestroyCertificate(ocspRsp->signerCert);
+ ocspRsp->signerCert = NULL;
+ }
+
+ httpClient = (const SEC_HttpClientFcn *)(ocspRsp->httpClient);
+
+ if (httpClient && (httpClient->version == 1)) {
+
+ hcv1 = &(httpClient->fcnTable.ftable1);
+
+ if (ocspRsp->sessionRequest != NULL) {
+ (*hcv1->freeFcn)(ocspRsp->sessionRequest);
+ ocspRsp->sessionRequest = NULL;
+ }
+
+ if (ocspRsp->serverSession != NULL) {
+ (*hcv1->freeSessionFcn)(ocspRsp->serverSession);
+ ocspRsp->serverSession = NULL;
+ }
+ }
+
+ if (ocspRsp->arena != NULL) {
+ PORT_FreeArena(ocspRsp->arena, PR_FALSE);
+ ocspRsp->arena = NULL;
+ }
+
+ PKIX_DECREF(ocspRsp->producedAtDate);
+ PKIX_DECREF(ocspRsp->pkixSignerCert);
+ PKIX_DECREF(ocspRsp->request);
+
+cleanup:
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspResponse_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_OcspResponse *ocspRsp = NULL;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OCSPRESPONSE_TYPE, plContext),
+ PKIX_OBJECTNOTANOCSPRESPONSE);
+
+ ocspRsp = (PKIX_PL_OcspResponse *)object;
+
+ if (ocspRsp->encodedResponse->data == NULL) {
+ *pHashcode = 0;
+ } else {
+ PKIX_CHECK(pkix_hash
+ (ocspRsp->encodedResponse->data,
+ ocspRsp->encodedResponse->len,
+ pHashcode,
+ plContext),
+ PKIX_HASHFAILED);
+ }
+
+cleanup:
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OcspResponse_Equals(
+ PKIX_PL_Object *firstObj,
+ PKIX_PL_Object *secondObj,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType = 0;
+ PKIX_UInt32 firstLen = 0;
+ PKIX_UInt32 i = 0;
+ PKIX_PL_OcspResponse *rsp1 = NULL;
+ PKIX_PL_OcspResponse *rsp2 = NULL;
+ const unsigned char *firstData = NULL;
+ const unsigned char *secondData = NULL;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_Equals");
+ PKIX_NULLCHECK_THREE(firstObj, secondObj, pResult);
+
+ /* test that firstObj is a OcspResponse */
+ PKIX_CHECK(pkix_CheckType(firstObj, PKIX_OCSPRESPONSE_TYPE, plContext),
+ PKIX_FIRSTOBJARGUMENTNOTANOCSPRESPONSE);
+
+ /*
+ * Since we know firstObj is a OcspResponse, if both references are
+ * identical, they must be equal
+ */
+ if (firstObj == secondObj){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObj isn't a OcspResponse, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType(secondObj, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_OCSPRESPONSE_TYPE) {
+ goto cleanup;
+ }
+
+ rsp1 = (PKIX_PL_OcspResponse *)firstObj;
+ rsp2 = (PKIX_PL_OcspResponse *)secondObj;
+
+ /* If either lacks an encoded string, they cannot be compared */
+ firstData = (const unsigned char *)rsp1->encodedResponse->data;
+ secondData = (const unsigned char *)rsp2->encodedResponse->data;
+ if ((firstData == NULL) || (secondData == NULL)) {
+ goto cleanup;
+ }
+
+ firstLen = rsp1->encodedResponse->len;
+
+ if (firstLen != rsp2->encodedResponse->len) {
+ goto cleanup;
+ }
+
+ for (i = 0; i < firstLen; i++) {
+ if (*firstData++ != *secondData++) {
+ goto cleanup;
+ }
+ }
+
+ *pResult = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_OCSPRESPONSE_TYPE and its related functions with
+ * systemClasses[]
+ * PARAMETERS:
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_OcspResponse_RegisterSelf(void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry = &systemClasses[PKIX_OCSPRESPONSE_TYPE];
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_RegisterSelf");
+
+ entry->description = "OcspResponse";
+ entry->typeObjectSize = sizeof(PKIX_PL_OcspResponse);
+ entry->destructor = pkix_pl_OcspResponse_Destroy;
+ entry->equalsFunction = pkix_pl_OcspResponse_Equals;
+ entry->hashcodeFunction = pkix_pl_OcspResponse_Hashcode;
+ entry->duplicateFunction = pkix_duplicateImmutable;
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_Create
+ * DESCRIPTION:
+ *
+ * This function transmits the OcspRequest pointed to by "request" and obtains
+ * an OcspResponse, which it stores at "pOcspResponse". If the HTTPClient
+ * supports non-blocking I/O this function may store a non-NULL value at
+ * "pNBIOContext" (the WOULDBLOCK condition). In that case the caller should
+ * make a subsequent call with the same value in "pNBIOContext" and
+ * "pOcspResponse" to resume the operation. Additional WOULDBLOCK returns may
+ * occur; the caller should persist until a return occurs with NULL stored at
+ * "pNBIOContext".
+ *
+ * If a SEC_HttpClientFcn "responder" is supplied, it is used as the client
+ * to which the OCSP query is sent. If none is supplied, the default responder
+ * is used.
+ *
+ * If an OcspResponse_VerifyCallback "verifyFcn" is supplied, it is used to
+ * verify the Cert received from the responder as the signer. If none is
+ * supplied, the default verification function is used.
+ *
+ * The contents of "request" are ignored on calls subsequent to a WOULDBLOCK
+ * return, and the caller is permitted to supply NULL.
+ *
+ * PARAMETERS
+ * "request"
+ * Address of the OcspRequest for which a response is desired.
+ * "httpMethod"
+ * GET or POST
+ * "responder"
+ * Address, if non-NULL, of the SEC_HttpClientFcn to be sent the OCSP
+ * query.
+ * "verifyFcn"
+ * Address, if non-NULL, of the OcspResponse_VerifyCallback function to be
+ * used to verify the Cert of the OCSP responder.
+ * "pNBIOContext"
+ * Address at which platform-dependent information is stored for handling
+ * of non-blocking I/O. Must be non-NULL.
+ * "pOcspResponse"
+ * The address where the created OcspResponse is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OcspResponse_Create(
+ PKIX_PL_OcspRequest *request,
+ const char *httpMethod,
+ void *responder,
+ PKIX_PL_VerifyCallback verifyFcn,
+ void **pNBIOContext,
+ PKIX_PL_OcspResponse **pResponse,
+ void *plContext)
+{
+ void *nbioContext = NULL;
+ PKIX_PL_OcspResponse *ocspResponse = NULL;
+ const SEC_HttpClientFcn *httpClient = NULL;
+ const SEC_HttpClientFcnV1 *hcv1 = NULL;
+ SECStatus rv = SECFailure;
+ char *location = NULL;
+ char *hostname = NULL;
+ char *path = NULL;
+ char *responseContentType = NULL;
+ PRUint16 port = 0;
+ SEC_HTTP_SERVER_SESSION serverSession = NULL;
+ SEC_HTTP_REQUEST_SESSION sessionRequest = NULL;
+ SECItem *encodedRequest = NULL;
+ PRUint16 responseCode = 0;
+ char *responseData = NULL;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_Create");
+ PKIX_NULLCHECK_TWO(pNBIOContext, pResponse);
+
+ if (!strcmp(httpMethod, "GET") && !strcmp(httpMethod, "POST")) {
+ PKIX_ERROR(PKIX_INVALIDOCSPHTTPMETHOD);
+ }
+
+ nbioContext = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ if (nbioContext != NULL) {
+
+ ocspResponse = *pResponse;
+ PKIX_NULLCHECK_ONE(ocspResponse);
+
+ httpClient = ocspResponse->httpClient;
+ serverSession = ocspResponse->serverSession;
+ sessionRequest = ocspResponse->sessionRequest;
+ PKIX_NULLCHECK_THREE(httpClient, serverSession, sessionRequest);
+
+ } else {
+ PKIX_UInt32 timeout =
+ ((PKIX_PL_NssContext*)plContext)->timeoutSeconds;
+
+ PKIX_NULLCHECK_ONE(request);
+
+ PKIX_CHECK(pkix_pl_OcspRequest_GetEncoded
+ (request, &encodedRequest, plContext),
+ PKIX_OCSPREQUESTGETENCODEDFAILED);
+
+ /* prepare initial message to HTTPClient */
+
+ /* Is there a default responder and is it enabled? */
+ if (responder) {
+ httpClient = (const SEC_HttpClientFcn *)responder;
+ } else {
+ httpClient = SEC_GetRegisteredHttpClient();
+ }
+
+ if (httpClient && (httpClient->version == 1)) {
+ char *fullGetPath = NULL;
+ const char *sessionPath = NULL;
+ PRBool usePOST = !strcmp(httpMethod, "POST");
+
+ hcv1 = &(httpClient->fcnTable.ftable1);
+
+ PKIX_CHECK(pkix_pl_OcspRequest_GetLocation
+ (request, &location, plContext),
+ PKIX_OCSPREQUESTGETLOCATIONFAILED);
+
+ /* parse location -> hostname, port, path */
+ rv = CERT_ParseURL(location, &hostname, &port, &path);
+ if (rv == SECFailure || hostname == NULL || path == NULL) {
+ PKIX_ERROR(PKIX_URLPARSINGFAILED);
+ }
+
+ rv = (*hcv1->createSessionFcn)(hostname, port,
+ &serverSession);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OCSPSERVERERROR);
+ }
+
+ if (usePOST) {
+ sessionPath = path;
+ } else {
+ /* calculate, are we allowed to use GET? */
+ enum { max_get_request_size = 255 }; /* defined by RFC2560 */
+ char b64ReqBuf[max_get_request_size+1];
+ size_t base64size;
+ size_t slashLengthIfNeeded = 0;
+ size_t pathLength;
+ PRInt32 urlEncodedBufLength;
+ size_t getURLLength;
+ char *walkOutput = NULL;
+
+ pathLength = strlen(path);
+ if (path[pathLength-1] != '/') {
+ slashLengthIfNeeded = 1;
+ }
+ base64size = (((encodedRequest->len +2)/3) * 4);
+ if (base64size > max_get_request_size) {
+ PKIX_ERROR(PKIX_OCSPGETREQUESTTOOBIG);
+ }
+ memset(b64ReqBuf, 0, sizeof(b64ReqBuf));
+ PL_Base64Encode((const char *)encodedRequest->data, encodedRequest->len, b64ReqBuf);
+ urlEncodedBufLength = ocsp_UrlEncodeBase64Buf(b64ReqBuf, NULL);
+ getURLLength = pathLength + urlEncodedBufLength + slashLengthIfNeeded;
+ fullGetPath = (char*)PORT_Alloc(getURLLength);
+ if (!fullGetPath) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ strcpy(fullGetPath, path);
+ walkOutput = fullGetPath + pathLength;
+ if (walkOutput > fullGetPath && slashLengthIfNeeded) {
+ strcpy(walkOutput, "/");
+ ++walkOutput;
+ }
+ ocsp_UrlEncodeBase64Buf(b64ReqBuf, walkOutput);
+ sessionPath = fullGetPath;
+ }
+
+ rv = (*hcv1->createFcn)(serverSession, "http",
+ sessionPath, httpMethod,
+ PR_SecondsToInterval(timeout),
+ &sessionRequest);
+ sessionPath = NULL;
+ if (fullGetPath) {
+ PORT_Free(fullGetPath);
+ fullGetPath = NULL;
+ }
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OCSPSERVERERROR);
+ }
+
+ if (usePOST) {
+ rv = (*hcv1->setPostDataFcn)(sessionRequest,
+ (char *)encodedRequest->data,
+ encodedRequest->len,
+ "application/ocsp-request");
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OCSPSERVERERROR);
+ }
+ }
+
+ /* create a PKIX_PL_OcspResponse object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_OCSPRESPONSE_TYPE,
+ sizeof (PKIX_PL_OcspResponse),
+ (PKIX_PL_Object **)&ocspResponse,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ PKIX_INCREF(request);
+ ocspResponse->request = request;
+ ocspResponse->httpClient = httpClient;
+ ocspResponse->serverSession = serverSession;
+ serverSession = NULL;
+ ocspResponse->sessionRequest = sessionRequest;
+ sessionRequest = NULL;
+ ocspResponse->verifyFcn = verifyFcn;
+ ocspResponse->handle = CERT_GetDefaultCertDB();
+ ocspResponse->encodedResponse = NULL;
+ ocspResponse->arena = NULL;
+ ocspResponse->producedAt = 0;
+ ocspResponse->producedAtDate = NULL;
+ ocspResponse->pkixSignerCert = NULL;
+ ocspResponse->nssOCSPResponse = NULL;
+ ocspResponse->signerCert = NULL;
+ }
+ }
+
+ /* begin or resume IO to HTTPClient */
+ if (httpClient && (httpClient->version == 1)) {
+ PRUint32 responseDataLen =
+ ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
+
+ hcv1 = &(httpClient->fcnTable.ftable1);
+
+ rv = (*hcv1->trySendAndReceiveFcn)(ocspResponse->sessionRequest,
+ (PRPollDesc **)&nbioContext,
+ &responseCode,
+ (const char **)&responseContentType,
+ NULL, /* responseHeaders */
+ (const char **)&responseData,
+ &responseDataLen);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OCSPSERVERERROR);
+ }
+ /* responseContentType is a pointer to the null-terminated
+ * string returned by httpclient. Memory allocated for context
+ * type will be freed with freeing of the HttpClient struct. */
+ if (PORT_Strcasecmp(responseContentType,
+ "application/ocsp-response")) {
+ PKIX_ERROR(PKIX_OCSPSERVERERROR);
+ }
+ if (nbioContext != NULL) {
+ *pNBIOContext = nbioContext;
+ goto cleanup;
+ }
+ if (responseCode != 200) {
+ PKIX_ERROR(PKIX_OCSPBADHTTPRESPONSE);
+ }
+ ocspResponse->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (ocspResponse->arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ ocspResponse->encodedResponse = SECITEM_AllocItem
+ (ocspResponse->arena, NULL, responseDataLen);
+ if (ocspResponse->encodedResponse == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ PORT_Memcpy(ocspResponse->encodedResponse->data,
+ responseData, responseDataLen);
+ }
+ *pResponse = ocspResponse;
+ ocspResponse = NULL;
+
+cleanup:
+
+ if (path != NULL) {
+ PORT_Free(path);
+ }
+ if (hostname != NULL) {
+ PORT_Free(hostname);
+ }
+ if (ocspResponse) {
+ PKIX_DECREF(ocspResponse);
+ }
+ if (serverSession) {
+ hcv1->freeSessionFcn(serverSession);
+ }
+ if (sessionRequest) {
+ hcv1->freeFcn(sessionRequest);
+ }
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_Decode
+ * DESCRIPTION:
+ *
+ * This function decodes the DER data contained in the OcspResponse pointed to
+ * by "response", storing PKIX_TRUE at "pPassed" if the decoding was
+ * successful, and PKIX_FALSE otherwise.
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the OcspResponse whose DER data is to be decoded. Must
+ * be non-NULL.
+ * "pPassed"
+ * Address at which the Boolean result is stored. Must be non-NULL.
+ * "pReturnCode"
+ * Address at which the SECErrorCodes result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+
+PKIX_Error *
+pkix_pl_OcspResponse_Decode(
+ PKIX_PL_OcspResponse *response,
+ PKIX_Boolean *pPassed,
+ SECErrorCodes *pReturnCode,
+ void *plContext)
+{
+
+ PKIX_ENTER(OCSPRESPONSE, "PKIX_PL_OcspResponse_Decode");
+ PKIX_NULLCHECK_TWO(response, response->encodedResponse);
+
+ response->nssOCSPResponse =
+ CERT_DecodeOCSPResponse(response->encodedResponse);
+
+ if (response->nssOCSPResponse != NULL) {
+ *pPassed = PKIX_TRUE;
+ *pReturnCode = 0;
+ } else {
+ *pPassed = PKIX_FALSE;
+ *pReturnCode = PORT_GetError();
+ }
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_GetStatus
+ * DESCRIPTION:
+ *
+ * This function checks the response status of the OcspResponse pointed to
+ * by "response", storing PKIX_TRUE at "pPassed" if the responder understood
+ * the request and considered it valid, and PKIX_FALSE otherwise.
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the OcspResponse whose status is to be retrieved. Must
+ * be non-NULL.
+ * "pPassed"
+ * Address at which the Boolean result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+
+PKIX_Error *
+pkix_pl_OcspResponse_GetStatus(
+ PKIX_PL_OcspResponse *response,
+ PKIX_Boolean *pPassed,
+ SECErrorCodes *pReturnCode,
+ void *plContext)
+{
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(OCSPRESPONSE, "PKIX_PL_OcspResponse_GetStatus");
+ PKIX_NULLCHECK_FOUR(response, response->nssOCSPResponse, pPassed, pReturnCode);
+
+ rv = CERT_GetOCSPResponseStatus(response->nssOCSPResponse);
+
+ if (rv == SECSuccess) {
+ *pPassed = PKIX_TRUE;
+ *pReturnCode = 0;
+ } else {
+ *pPassed = PKIX_FALSE;
+ *pReturnCode = PORT_GetError();
+ }
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+
+static PKIX_Error*
+pkix_pl_OcspResponse_VerifyResponse(
+ PKIX_PL_OcspResponse *response,
+ PKIX_ProcessingParams *procParams,
+ SECCertUsage certUsage,
+ void **state,
+ PKIX_BuildResult **buildResult,
+ void **pNBIOContext,
+ void *plContext)
+{
+ SECStatus rv = SECFailure;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_VerifyResponse");
+
+ if (response->verifyFcn != NULL) {
+ void *lplContext = NULL;
+
+ PKIX_CHECK(
+ PKIX_PL_NssContext_Create(((SECCertificateUsage)1) << certUsage,
+ PKIX_FALSE, NULL, &lplContext),
+ PKIX_NSSCONTEXTCREATEFAILED);
+
+ PKIX_CHECK(
+ (response->verifyFcn)((PKIX_PL_Object*)response->pkixSignerCert,
+ NULL, response->producedAtDate,
+ procParams, pNBIOContext,
+ state, buildResult,
+ NULL, lplContext),
+ PKIX_CERTVERIFYKEYUSAGEFAILED);
+ rv = SECSuccess;
+ } else {
+ rv = CERT_VerifyCert(response->handle, response->signerCert, PKIX_TRUE,
+ certUsage, response->producedAt, NULL, NULL);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_CERTVERIFYKEYUSAGEFAILED);
+ }
+ }
+
+cleanup:
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+ }
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_VerifySignature
+ * DESCRIPTION:
+ *
+ * This function verifies the ocspResponse signature field in the OcspResponse
+ * pointed to by "response", storing PKIX_TRUE at "pPassed" if verification
+ * is successful and PKIX_FALSE otherwise. If verification is unsuccessful an
+ * error code (an enumeration of type SECErrorCodes) is stored at *pReturnCode.
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the OcspResponse whose signature field is to be
+ * retrieved. Must be non-NULL.
+ * "cert"
+ * The address of the Cert for which the OCSP query was made. Must be
+ * non-NULL.
+ * "procParams"
+ * Address of ProcessingParams used to initialize the ExpirationChecker
+ * and TargetCertChecker. Must be non-NULL.
+ * "pPassed"
+ * Address at which the Boolean result is stored. Must be non-NULL.
+ * "pNBIOContext"
+ * Address at which the NBIOContext is stored indicating whether the
+ * checking is complete. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OcspResponse_VerifySignature(
+ PKIX_PL_OcspResponse *response,
+ PKIX_PL_Cert *cert,
+ PKIX_ProcessingParams *procParams,
+ PKIX_Boolean *pPassed,
+ void **pNBIOContext,
+ void *plContext)
+{
+ SECStatus rv = SECFailure;
+ CERTOCSPResponse *nssOCSPResponse = NULL;
+ CERTCertificate *issuerCert = NULL;
+ PKIX_BuildResult *buildResult = NULL;
+ void *nbio = NULL;
+ void *state = NULL;
+
+ ocspSignature *signature = NULL;
+ ocspResponseData *tbsData = NULL;
+ SECItem *tbsResponseDataDER = NULL;
+
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_VerifySignature");
+ PKIX_NULLCHECK_FOUR(response, cert, pPassed, pNBIOContext);
+
+ nbio = *pNBIOContext;
+ *pNBIOContext = NULL;
+
+ nssOCSPResponse = response->nssOCSPResponse;
+ if (nssOCSPResponse == NULL) {
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ goto cleanup;
+ }
+
+ tbsData =
+ ocsp_GetResponseData(nssOCSPResponse, &tbsResponseDataDER);
+
+ signature = ocsp_GetResponseSignature(nssOCSPResponse);
+
+
+ /* Are we resuming after a WOULDBLOCK response? */
+ if (nbio == NULL) {
+ /* No, this is a new query */
+
+ issuerCert = CERT_FindCertIssuer(cert->nssCert, PR_Now(),
+ certUsageAnyCA);
+
+ /*
+ * If this signature has already gone through verification,
+ * just return the cached result.
+ */
+ if (signature->wasChecked) {
+ if (signature->status == SECSuccess) {
+ response->signerCert =
+ CERT_DupCertificate(signature->cert);
+ } else {
+ PORT_SetError(signature->failureReason);
+ goto cleanup;
+ }
+ }
+
+ response->signerCert =
+ ocsp_GetSignerCertificate(response->handle, tbsData,
+ signature, issuerCert);
+
+ if (response->signerCert == NULL) {
+ if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
+ /* Make the error a little more specific. */
+ PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
+ }
+ goto cleanup;
+ }
+ PKIX_CHECK(
+ PKIX_PL_Cert_CreateFromCERTCertificate(response->signerCert,
+ &(response->pkixSignerCert),
+ plContext),
+ PKIX_CERTCREATEWITHNSSCERTFAILED);
+
+ /*
+ * We could mark this true at the top of this function, or
+ * always below at "finish", but if the problem was just that
+ * we could not find the signer's cert, leave that as if the
+ * signature hasn't been checked. Maybe a subsequent call will
+ * have better luck.
+ */
+ signature->wasChecked = PR_TRUE;
+
+ /*
+ * We are about to verify the signer certificate; we need to
+ * specify *when* that certificate must be valid -- for our
+ * purposes we expect it to be valid when the response was
+ * signed. The value of "producedAt" is the signing time.
+ */
+ rv = DER_GeneralizedTimeToTime(&response->producedAt,
+ &tbsData->producedAt);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
+ goto cleanup;
+ }
+
+ /*
+ * We need producedAtDate and pkixSignerCert if we are calling a
+ * user-supplied verification function. Let's put their
+ * creation before the code that gets repeated when
+ * non-blocking I/O is used.
+ */
+
+ PKIX_CHECK(
+ pkix_pl_Date_CreateFromPRTime((PRTime)response->producedAt,
+ &(response->producedAtDate),
+ plContext),
+ PKIX_DATECREATEFROMPRTIMEFAILED);
+
+ }
+
+ /*
+ * Just because we have a cert does not mean it is any good; check
+ * it for validity, trust and usage. Use the caller-supplied
+ * verification function, if one was supplied.
+ */
+ if (ocsp_CertIsOCSPDefaultResponder(response->handle,
+ response->signerCert)) {
+ rv = SECSuccess;
+ } else {
+ SECCertUsage certUsage;
+ if (CERT_IsCACert(response->signerCert, NULL)) {
+ certUsage = certUsageAnyCA;
+ } else {
+ certUsage = certUsageStatusResponder;
+ }
+ PKIX_CHECK_ONLY_FATAL(
+ pkix_pl_OcspResponse_VerifyResponse(response, procParams,
+ certUsage, &state,
+ &buildResult, &nbio,
+ plContext),
+ PKIX_CERTVERIFYKEYUSAGEFAILED);
+ if (pkixTempErrorReceived) {
+ rv = SECFailure;
+ goto cleanup;
+ }
+ if (nbio != NULL) {
+ *pNBIOContext = nbio;
+ goto cleanup;
+ }
+ }
+
+ rv = ocsp_VerifyResponseSignature(response->signerCert, signature,
+ tbsResponseDataDER, NULL);
+
+cleanup:
+ if (rv == SECSuccess) {
+ *pPassed = PKIX_TRUE;
+ } else {
+ *pPassed = PKIX_FALSE;
+ }
+
+ if (signature) {
+ if (signature->wasChecked) {
+ signature->status = rv;
+ }
+
+ if (rv != SECSuccess) {
+ signature->failureReason = PORT_GetError();
+ if (response->signerCert != NULL) {
+ CERT_DestroyCertificate(response->signerCert);
+ response->signerCert = NULL;
+ }
+ } else {
+ /* Save signer's certificate in signature. */
+ signature->cert = CERT_DupCertificate(response->signerCert);
+ }
+ }
+
+ if (issuerCert)
+ CERT_DestroyCertificate(issuerCert);
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_OcspResponse_GetStatusForCert
+ * DESCRIPTION:
+ *
+ * This function checks the revocation status of the Cert for which the
+ * OcspResponse was obtained, storing PKIX_TRUE at "pPassed" if the Cert has
+ * not been revoked and PKIX_FALSE otherwise.
+ *
+ * PARAMETERS
+ * "response"
+ * The address of the OcspResponse whose certificate status is to be
+ * retrieved. Must be non-NULL.
+ * "pPassed"
+ * Address at which the Boolean result is stored. Must be non-NULL.
+ * "pReturnCode"
+ * Address at which the SECErrorCodes result is stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OcspResponse Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OcspResponse_GetStatusForCert(
+ PKIX_PL_OcspCertID *cid,
+ PKIX_PL_OcspResponse *response,
+ PKIX_Boolean allowCachingOfFailures,
+ PKIX_PL_Date *validity,
+ PKIX_Boolean *pPassed,
+ SECErrorCodes *pReturnCode,
+ void *plContext)
+{
+ PRTime time = 0;
+ SECStatus rv = SECFailure;
+ CERTOCSPSingleResponse *single = NULL;
+
+ PKIX_ENTER(OCSPRESPONSE, "pkix_pl_OcspResponse_GetStatusForCert");
+ PKIX_NULLCHECK_THREE(response, pPassed, pReturnCode);
+
+ /*
+ * It is an error to call this function except following a successful
+ * return from pkix_pl_OcspResponse_VerifySignature, which would have
+ * set response->signerCert.
+ */
+ PKIX_NULLCHECK_TWO(response->signerCert, response->request);
+ PKIX_NULLCHECK_TWO(cid, cid->certID);
+
+ if (validity != NULL) {
+ PKIX_Error *er = pkix_pl_Date_GetPRTime(validity, &time, plContext);
+ PKIX_DECREF(er);
+ }
+ if (!time) {
+ time = PR_Now();
+ }
+
+ rv = ocsp_GetVerifiedSingleResponseForCertID(response->handle,
+ response->nssOCSPResponse,
+ cid->certID,
+ response->signerCert,
+ time, &single);
+ if (rv == SECSuccess) {
+ /*
+ * Check whether the status says revoked, and if so
+ * how that compares to the time value passed into this routine.
+ */
+ rv = ocsp_CertHasGoodStatus(single->certStatus, time);
+ }
+
+ if (rv == SECSuccess || allowCachingOfFailures) {
+ /* allowed to update the cache */
+ PRBool certIDWasConsumed = PR_FALSE;
+
+ if (single) {
+ ocsp_CacheSingleResponse(cid->certID,single,
+ &certIDWasConsumed);
+ } else {
+ cert_RememberOCSPProcessingFailure(cid->certID,
+ &certIDWasConsumed);
+ }
+
+ if (certIDWasConsumed) {
+ cid->certID = NULL;
+ }
+ }
+
+ if (rv == SECSuccess) {
+ *pPassed = PKIX_TRUE;
+ *pReturnCode = 0;
+ } else {
+ *pPassed = PKIX_FALSE;
+ *pReturnCode = PORT_GetError();
+ }
+
+ PKIX_RETURN(OCSPRESPONSE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.h
new file mode 100644
index 000000000..dcf88c960
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.h
@@ -0,0 +1,106 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_ocspresponse.h
+ *
+ * OcspResponse Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_OCSPRESPONSE_H
+#define _PKIX_PL_OCSPRESPONSE_H
+
+#include "pkix_pl_common.h"
+#include "pkix_pl_ocspcertid.h"
+#include "hasht.h"
+#include "cryptohi.h"
+#include "ocspti.h"
+#include "ocspi.h"
+#include "plbase64.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MAX_OCSP_RESPONSE_LEN (64*1024)
+
+struct PKIX_PL_OcspResponseStruct{
+ PLArenaPool *arena;
+ const PKIX_PL_OcspRequest *request;
+ const SEC_HttpClientFcn *httpClient;
+ SEC_HTTP_SERVER_SESSION serverSession;
+ SEC_HTTP_REQUEST_SESSION sessionRequest;
+ PKIX_PL_VerifyCallback verifyFcn;
+ SECItem *encodedResponse;
+ CERTCertDBHandle *handle;
+ PRTime producedAt;
+ PKIX_PL_Date *producedAtDate;
+ PKIX_PL_Cert *pkixSignerCert;
+ CERTOCSPResponse *nssOCSPResponse;
+ CERTCertificate *signerCert;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_OcspResponse_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspResponse_Create(
+ PKIX_PL_OcspRequest *request,
+ const char *httpMechanism,
+ void *responder,
+ PKIX_PL_VerifyCallback verifyFcn,
+ void **pNBIOContext,
+ PKIX_PL_OcspResponse **pResponse,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspResponse_Decode(
+ PKIX_PL_OcspResponse *response,
+ PKIX_Boolean *passed,
+ SECErrorCodes *pReturnCode,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspResponse_GetStatus(
+ PKIX_PL_OcspResponse *response,
+ PKIX_Boolean *passed,
+ SECErrorCodes *pReturnCode,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspResponse_VerifySignature(
+ PKIX_PL_OcspResponse *response,
+ PKIX_PL_Cert *cert,
+ PKIX_ProcessingParams *procParams,
+ PKIX_Boolean *pPassed,
+ void **pNBIOContext,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_OcspResponse_GetStatusForCert(
+ PKIX_PL_OcspCertID *cid,
+ PKIX_PL_OcspResponse *response,
+ PKIX_Boolean allowCachingOfFailures,
+ PKIX_PL_Date *validity,
+ PKIX_Boolean *pPassed,
+ SECErrorCodes *pReturnCode,
+ void *plContext);
+
+PKIX_Error *
+PKIX_PL_OcspResponse_UseBuildChain(
+ PKIX_PL_Cert *signerCert,
+ PKIX_PL_Date *producedAt,
+ PKIX_ProcessingParams *procParams,
+ void **pNBIOContext,
+ void **pState,
+ PKIX_BuildResult **pBuildResult,
+ PKIX_VerifyNode **pVerifyTree,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_OCSPRESPONSE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.c
new file mode 100644
index 000000000..2dfe9a9c2
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.c
@@ -0,0 +1,489 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_publickey.c
+ *
+ * Certificate Object Functions
+ *
+ */
+
+#include "pkix_pl_publickey.h"
+
+/* --Private-Cert-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_PublicKey_ToString_Helper
+ * DESCRIPTION:
+ *
+ * Helper function that creates a string representation of the PublicKey
+ * pointed to by "pkixPubKey" and stores it at "pString".
+ *
+ * PARAMETERS
+ * "pkixPubKey"
+ * Address of PublicKey whose string representation is desired.
+ * Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a PublicKey Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_PublicKey_ToString_Helper(
+ PKIX_PL_PublicKey *pkixPubKey,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ SECAlgorithmID algorithm;
+ SECOidTag pubKeyTag;
+ char *asciiOID = NULL;
+ PKIX_Boolean freeAsciiOID = PKIX_FALSE;
+ SECItem oidBytes;
+
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_ToString_Helper");
+ PKIX_NULLCHECK_THREE(pkixPubKey, pkixPubKey->nssSPKI, pString);
+
+ /*
+ * XXX for now, we print out public key algorithm's
+ * description - add params and bytes later
+ */
+
+ /*
+ * If the algorithm OID is known to NSS,
+ * we print out the ASCII description that is
+ * registered with NSS. Otherwise, if unknown,
+ * we print out the OID numbers (eg. "1.2.840.3")
+ */
+
+ algorithm = pkixPubKey->nssSPKI->algorithm;
+
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling SECOID_GetAlgorithmTag).\n");
+ pubKeyTag = SECOID_GetAlgorithmTag(&algorithm);
+ if (pubKeyTag != SEC_OID_UNKNOWN){
+ PKIX_PUBLICKEY_DEBUG
+ ("\t\tCalling SECOID_FindOIDTagDescription).\n");
+ asciiOID = (char *)SECOID_FindOIDTagDescription(pubKeyTag);
+ if (!asciiOID){
+ PKIX_ERROR(PKIX_SECOIDFINDOIDTAGDESCRIPTIONFAILED);
+ }
+ } else { /* pubKeyTag == SEC_OID_UNKNOWN */
+ oidBytes = algorithm.algorithm;
+ PKIX_CHECK(pkix_pl_oidBytes2Ascii
+ (&oidBytes, &asciiOID, plContext),
+ PKIX_OIDBYTES2ASCIIFAILED);
+ freeAsciiOID = PKIX_TRUE;
+ }
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, (void *)asciiOID, 0, pString, plContext),
+ PKIX_UNABLETOCREATEPSTRING);
+
+cleanup:
+
+ /*
+ * we only free asciiOID if it was malloc'ed by pkix_pl_oidBytes2Ascii
+ */
+ if (freeAsciiOID){
+ PKIX_FREE(asciiOID);
+ }
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/*
+ * FUNCTION: pkix_pl_DestroySPKI
+ * DESCRIPTION:
+ * Frees all memory associated with the CERTSubjectPublicKeyInfo pointed to
+ * by "nssSPKI".
+ * PARAMETERS
+ * "nssSPKI"
+ * Address of CERTSubjectPublicKeyInfo. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_DestroySPKI(
+ CERTSubjectPublicKeyInfo *nssSPKI,
+ void *plContext)
+{
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_DestroySPKI");
+
+ PKIX_NULLCHECK_ONE(nssSPKI);
+
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling SECOID_DestroyAlgorithmID).\n");
+ SECOID_DestroyAlgorithmID(&nssSPKI->algorithm, PKIX_FALSE);
+
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling SECITEM_FreeItem).\n");
+ SECITEM_FreeItem(&nssSPKI->subjectPublicKey, PKIX_FALSE);
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/*
+ * FUNCTION: pkix_pl_PublicKey_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_PublicKey_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *pubKey = NULL;
+
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_Destroy");
+
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_PUBLICKEY_TYPE, plContext),
+ PKIX_OBJECTNOTPUBLICKEY);
+
+ pubKey = (PKIX_PL_PublicKey *)object;
+
+ if (pubKey->nssSPKI) {
+
+ PKIX_CHECK(pkix_pl_DestroySPKI(pubKey->nssSPKI, plContext),
+ PKIX_DESTROYSPKIFAILED);
+
+ PKIX_FREE(pubKey->nssSPKI);
+ }
+
+cleanup:
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/*
+ * FUNCTION: pkix_pl_PublicKey_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_PublicKey_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *pkixPubKey = NULL;
+ PKIX_PL_String *pubKeyString = NULL;
+
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_PUBLICKEY_TYPE, plContext),
+ PKIX_OBJECTNOTPUBLICKEY);
+
+ pkixPubKey = (PKIX_PL_PublicKey *)object;
+
+ PKIX_CHECK(pkix_pl_PublicKey_ToString_Helper
+ (pkixPubKey, &pubKeyString, plContext),
+ PKIX_PUBLICKEYTOSTRINGHELPERFAILED);
+
+ *pString = pubKeyString;
+
+cleanup:
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/*
+ * FUNCTION: pkix_pl_PublicKey_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_PublicKey_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *pkixPubKey = NULL;
+ SECItem algOID;
+ SECItem algParams;
+ SECItem nssPubKey;
+ PKIX_UInt32 algOIDHash;
+ PKIX_UInt32 algParamsHash;
+ PKIX_UInt32 pubKeyHash;
+
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_PUBLICKEY_TYPE, plContext),
+ PKIX_OBJECTNOTPUBLICKEY);
+
+ pkixPubKey = (PKIX_PL_PublicKey *)object;
+
+ PKIX_NULLCHECK_ONE(pkixPubKey->nssSPKI);
+
+ algOID = pkixPubKey->nssSPKI->algorithm.algorithm;
+ algParams = pkixPubKey->nssSPKI->algorithm.parameters;
+ nssPubKey = pkixPubKey->nssSPKI->subjectPublicKey;
+
+ PKIX_CHECK(pkix_hash
+ (algOID.data, algOID.len, &algOIDHash, plContext),
+ PKIX_HASHFAILED);
+
+ PKIX_CHECK(pkix_hash
+ (algParams.data, algParams.len, &algParamsHash, plContext),
+ PKIX_HASHFAILED);
+
+ PKIX_CHECK(pkix_hash
+ (nssPubKey.data, nssPubKey.len, &pubKeyHash, plContext),
+ PKIX_HASHFAILED);
+
+ *pHashcode = pubKeyHash;
+
+cleanup:
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_PublicKey_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_PublicKey_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_PublicKey *firstPKIXPubKey = NULL;
+ PKIX_PL_PublicKey *secondPKIXPubKey = NULL;
+ CERTSubjectPublicKeyInfo *firstSPKI = NULL;
+ CERTSubjectPublicKeyInfo *secondSPKI = NULL;
+ SECComparison cmpResult;
+ PKIX_UInt32 secondType;
+
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is a PublicKey */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_PUBLICKEY_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTPUBLICKEY);
+
+ /*
+ * Since we know firstObject is a PublicKey, if both references are
+ * identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't a PublicKey, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_PUBLICKEY_TYPE) goto cleanup;
+
+ firstPKIXPubKey = ((PKIX_PL_PublicKey *)firstObject);
+ secondPKIXPubKey = (PKIX_PL_PublicKey *)secondObject;
+
+ firstSPKI = firstPKIXPubKey->nssSPKI;
+ secondSPKI = secondPKIXPubKey->nssSPKI;
+
+ PKIX_NULLCHECK_TWO(firstSPKI, secondSPKI);
+
+ PKIX_PL_NSSCALLRV(PUBLICKEY, cmpResult, SECOID_CompareAlgorithmID,
+ (&firstSPKI->algorithm, &secondSPKI->algorithm));
+
+ if (cmpResult == SECEqual){
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling SECITEM_CompareItem).\n");
+ cmpResult = SECITEM_CompareItem
+ (&firstSPKI->subjectPublicKey,
+ &secondSPKI->subjectPublicKey);
+ }
+
+ *pResult = (cmpResult == SECEqual)?PKIX_TRUE:PKIX_FALSE;
+
+cleanup:
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/*
+ * FUNCTION: pkix_pl_PublicKey_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_PUBLICKEY_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_PublicKey_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_RegisterSelf");
+
+ entry.description = "PublicKey";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_PublicKey);
+ entry.destructor = pkix_pl_PublicKey_Destroy;
+ entry.equalsFunction = pkix_pl_PublicKey_Equals;
+ entry.hashcodeFunction = pkix_pl_PublicKey_Hashcode;
+ entry.toStringFunction = pkix_pl_PublicKey_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+ systemClasses[PKIX_PUBLICKEY_TYPE] = entry;
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_PublicKey_NeedsDSAParameters
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_PublicKey_NeedsDSAParameters(
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_Boolean *pNeedsParams,
+ void *plContext)
+{
+ CERTSubjectPublicKeyInfo *nssSPKI = NULL;
+ KeyType pubKeyType;
+ PKIX_Boolean needsParams = PKIX_FALSE;
+
+ PKIX_ENTER(PUBLICKEY, "PKIX_PL_PublicKey_NeedsDSAParameters");
+ PKIX_NULLCHECK_TWO(pubKey, pNeedsParams);
+
+ nssSPKI = pubKey->nssSPKI;
+
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling CERT_GetCertKeyType).\n");
+ pubKeyType = CERT_GetCertKeyType(nssSPKI);
+ if (!pubKeyType){
+ PKIX_ERROR(PKIX_PUBKEYTYPENULLKEY);
+ }
+
+ if ((pubKeyType == dsaKey) &&
+ (nssSPKI->algorithm.parameters.len == 0)){
+ needsParams = PKIX_TRUE;
+ }
+
+ *pNeedsParams = needsParams;
+
+cleanup:
+
+ PKIX_RETURN(PUBLICKEY);
+}
+
+/*
+ * FUNCTION: PKIX_PL_PublicKey_MakeInheritedDSAPublicKey
+ * (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_PublicKey_MakeInheritedDSAPublicKey(
+ PKIX_PL_PublicKey *firstKey,
+ PKIX_PL_PublicKey *secondKey,
+ PKIX_PL_PublicKey **pResultKey,
+ void *plContext)
+{
+ CERTSubjectPublicKeyInfo *firstSPKI = NULL;
+ CERTSubjectPublicKeyInfo *secondSPKI = NULL;
+ CERTSubjectPublicKeyInfo *thirdSPKI = NULL;
+ PKIX_PL_PublicKey *resultKey = NULL;
+ KeyType firstPubKeyType;
+ KeyType secondPubKeyType;
+ SECStatus rv;
+
+ PKIX_ENTER(PUBLICKEY, "PKIX_PL_PublicKey_MakeInheritedDSAPublicKey");
+ PKIX_NULLCHECK_THREE(firstKey, secondKey, pResultKey);
+ PKIX_NULLCHECK_TWO(firstKey->nssSPKI, secondKey->nssSPKI);
+
+ firstSPKI = firstKey->nssSPKI;
+ secondSPKI = secondKey->nssSPKI;
+
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling CERT_GetCertKeyType).\n");
+ firstPubKeyType = CERT_GetCertKeyType(firstSPKI);
+ if (!firstPubKeyType){
+ PKIX_ERROR(PKIX_FIRSTPUBKEYTYPENULLKEY);
+ }
+
+ PKIX_PUBLICKEY_DEBUG("\t\tCalling CERT_GetCertKeyType).\n");
+ secondPubKeyType = CERT_GetCertKeyType(secondSPKI);
+ if (!secondPubKeyType){
+ PKIX_ERROR(PKIX_SECONDPUBKEYTYPENULLKEY);
+ }
+
+ if ((firstPubKeyType == dsaKey) &&
+ (firstSPKI->algorithm.parameters.len == 0)){
+ if (secondPubKeyType != dsaKey) {
+ PKIX_ERROR(PKIX_SECONDKEYNOTDSAPUBLICKEY);
+ } else if (secondSPKI->algorithm.parameters.len == 0) {
+ PKIX_ERROR
+ (PKIX_SECONDKEYDSAPUBLICKEY);
+ } else {
+ PKIX_CHECK(PKIX_PL_Calloc
+ (1,
+ sizeof (CERTSubjectPublicKeyInfo),
+ (void **)&thirdSPKI,
+ plContext),
+ PKIX_CALLOCFAILED);
+
+ PKIX_PUBLICKEY_DEBUG
+ ("\t\tCalling"
+ "SECKEY_CopySubjectPublicKeyInfo).\n");
+ rv = SECKEY_CopySubjectPublicKeyInfo
+ (NULL, thirdSPKI, firstSPKI);
+ if (rv != SECSuccess) {
+ PKIX_ERROR
+ (PKIX_SECKEYCOPYSUBJECTPUBLICKEYINFOFAILED);
+ }
+
+ PKIX_PUBLICKEY_DEBUG
+ ("\t\tCalling SECITEM_CopyItem).\n");
+ rv = SECITEM_CopyItem(NULL,
+ &thirdSPKI->algorithm.parameters,
+ &secondSPKI->algorithm.parameters);
+
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ /* create a PKIX_PL_PublicKey object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_PUBLICKEY_TYPE,
+ sizeof (PKIX_PL_PublicKey),
+ (PKIX_PL_Object **)&resultKey,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* populate the SPKI field */
+ resultKey->nssSPKI = thirdSPKI;
+ *pResultKey = resultKey;
+ }
+ } else {
+ *pResultKey = NULL;
+ }
+
+cleanup:
+
+ if (thirdSPKI && PKIX_ERROR_RECEIVED){
+ PKIX_CHECK(pkix_pl_DestroySPKI(thirdSPKI, plContext),
+ PKIX_DESTROYSPKIFAILED);
+ PKIX_FREE(thirdSPKI);
+ }
+
+ PKIX_RETURN(PUBLICKEY);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.h
new file mode 100644
index 000000000..8918859d2
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_publickey.h
@@ -0,0 +1,38 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_publickey.h
+ *
+ * Public Key Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_PUBLICKEY_H
+#define _PKIX_PL_PUBLICKEY_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_PublicKeyStruct {
+ CERTSubjectPublicKeyInfo *nssSPKI;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_PublicKey_RegisterSelf(void *plContext);
+
+PKIX_Error *
+PKIX_PL_PublicKey_NeedsDSAParameters(
+ PKIX_PL_PublicKey *pubKey,
+ PKIX_Boolean *pNeedsParams,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_PUBLICKEY_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.c
new file mode 100644
index 000000000..e37439cf0
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.c
@@ -0,0 +1,667 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_x500name.c
+ *
+ * X500Name Object Functions
+ *
+ */
+
+#include "pkix_pl_x500name.h"
+
+/* --Private-X500Name-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_X500Name_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_X500Name_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_X500Name *name = NULL;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_X500NAME_TYPE, plContext),
+ PKIX_OBJECTNOTANX500NAME);
+
+ name = (PKIX_PL_X500Name *)object;
+
+ /* PORT_FreeArena will destroy arena, and, allocated on it, CERTName
+ * and SECItem */
+ if (name->arena) {
+ PORT_FreeArena(name->arena, PR_FALSE);
+ name->arena = NULL;
+ }
+
+cleanup:
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_X500Name_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_X500Name *name = NULL;
+ char *string = NULL;
+ PKIX_UInt32 strLength = 0;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_X500NAME_TYPE, plContext),
+ PKIX_OBJECTNOTANX500NAME);
+
+ name = (PKIX_PL_X500Name *)object;
+ string = CERT_NameToAscii(&name->nssDN);
+ if (!string){
+ PKIX_ERROR(PKIX_CERTNAMETOASCIIFAILED);
+ }
+ strLength = PL_strlen(string);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, string, strLength, pString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_X500Name_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_X500Name *name = NULL;
+ SECItem *derBytes = NULL;
+ PKIX_UInt32 nameHash;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_X500NAME_TYPE, plContext),
+ PKIX_OBJECTNOTANX500NAME);
+
+ name = (PKIX_PL_X500Name *)object;
+
+ /* we hash over the bytes in the DER encoding */
+
+ derBytes = &name->derName;
+
+ PKIX_CHECK(pkix_hash
+ (derBytes->data, derBytes->len, &nameHash, plContext),
+ PKIX_HASHFAILED);
+
+ *pHashcode = nameHash;
+
+cleanup:
+
+ PKIX_RETURN(X500NAME);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_X500Name_Equals
+ * (see comments for PKIX_PL_Equals_Callback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_X500Name_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* test that firstObject is an X500Name */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_X500NAME_TYPE, plContext),
+ PKIX_FIRSTOBJECTARGUMENTNOTANX500NAME);
+
+ /*
+ * Since we know firstObject is an X500Name, if both references are
+ * identical, they must be equal
+ */
+ if (firstObject == secondObject){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ /*
+ * If secondObject isn't an X500Name, we don't throw an error.
+ * We simply return a Boolean result of FALSE
+ */
+ *pResult = PKIX_FALSE;
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+ if (secondType != PKIX_X500NAME_TYPE) goto cleanup;
+
+ PKIX_CHECK(
+ PKIX_PL_X500Name_Match((PKIX_PL_X500Name *)firstObject,
+ (PKIX_PL_X500Name *)secondObject,
+ pResult, plContext),
+ PKIX_X500NAMEMATCHFAILED);
+
+cleanup:
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_X500NAME_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_X500Name_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_RegisterSelf");
+
+ entry.description = "X500Name";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_X500Name);
+ entry.destructor = pkix_pl_X500Name_Destroy;
+ entry.equalsFunction = pkix_pl_X500Name_Equals;
+ entry.hashcodeFunction = pkix_pl_X500Name_Hashcode;
+ entry.toStringFunction = pkix_pl_X500Name_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_X500NAME_TYPE] = entry;
+
+ PKIX_RETURN(X500NAME);
+}
+
+#ifdef BUILD_LIBPKIX_TESTS
+/*
+ * FUNCTION: pkix_pl_X500Name_CreateFromUtf8
+ *
+ * DESCRIPTION:
+ * Creates an X500Name object from the RFC1485 string representation pointed
+ * to by "stringRep", and stores the result at "pName". If the string cannot
+ * be successfully converted, a non-fatal error is returned.
+ *
+ * NOTE: ifdefed BUILD_LIBPKIX_TESTS function: this function is allowed to be
+ * called only by pkix tests programs.
+ *
+ * PARAMETERS:
+ * "stringRep"
+ * Address of the RFC1485 string to be converted. Must be non-NULL.
+ * "pName"
+ * Address where the X500Name result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an X500NAME Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_X500Name_CreateFromUtf8(
+ char *stringRep,
+ PKIX_PL_X500Name **pName,
+ void *plContext)
+{
+ PKIX_PL_X500Name *x500Name = NULL;
+ PLArenaPool *arena = NULL;
+ CERTName *nssDN = NULL;
+ SECItem *resultSecItem = NULL;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_CreateFromUtf8");
+ PKIX_NULLCHECK_TWO(pName, stringRep);
+
+ nssDN = CERT_AsciiToName(stringRep);
+ if (nssDN == NULL) {
+ PKIX_ERROR(PKIX_COULDNOTCREATENSSDN);
+ }
+
+ arena = nssDN->arena;
+
+ /* create a PKIX_PL_X500Name object */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_X500NAME_TYPE,
+ sizeof (PKIX_PL_X500Name),
+ (PKIX_PL_Object **)&x500Name,
+ plContext),
+ PKIX_COULDNOTCREATEX500NAMEOBJECT);
+
+ /* populate the nssDN field */
+ x500Name->arena = arena;
+ x500Name->nssDN.arena = arena;
+ x500Name->nssDN.rdns = nssDN->rdns;
+
+ resultSecItem =
+ SEC_ASN1EncodeItem(arena, &x500Name->derName, nssDN,
+ CERT_NameTemplate);
+
+ if (resultSecItem == NULL){
+ PKIX_ERROR(PKIX_SECASN1ENCODEITEMFAILED);
+ }
+
+ *pName = x500Name;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ if (x500Name) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)x500Name,
+ plContext);
+ } else if (nssDN) {
+ CERT_DestroyName(nssDN);
+ }
+ }
+
+ PKIX_RETURN(X500NAME);
+}
+#endif /* BUILD_LIBPKIX_TESTS */
+
+/*
+ * FUNCTION: pkix_pl_X500Name_GetCERTName
+ *
+ * DESCRIPTION:
+ *
+ * Returns the pointer to CERTName member of X500Name structure.
+ *
+ * Returned pointed should not be freed.2
+ *
+ * PARAMETERS:
+ * "xname"
+ * Address of X500Name whose OrganizationName is to be extracted. Must be
+ * non-NULL.
+ * "pCERTName"
+ * Address where result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_X500Name_GetCERTName(
+ PKIX_PL_X500Name *xname,
+ CERTName **pCERTName,
+ void *plContext)
+{
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_GetCERTName");
+ PKIX_NULLCHECK_TWO(xname, pCERTName);
+
+ *pCERTName = &xname->nssDN;
+
+ PKIX_RETURN(X500NAME);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_X500Name_CreateFromCERTName (see comments in pkix_pl_pki.h)
+ */
+
+PKIX_Error *
+PKIX_PL_X500Name_CreateFromCERTName(
+ SECItem *derName,
+ CERTName *name,
+ PKIX_PL_X500Name **pName,
+ void *plContext)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECFailure;
+ PKIX_PL_X500Name *x500Name = NULL;
+
+ PKIX_ENTER(X500NAME, "PKIX_PL_X500Name_CreateFromCERTName");
+ PKIX_NULLCHECK_ONE(pName);
+ if (derName == NULL && name == NULL) {
+ PKIX_ERROR(PKIX_NULLARGUMENT);
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_X500NAME_TYPE,
+ sizeof (PKIX_PL_X500Name),
+ (PKIX_PL_Object **)&x500Name,
+ plContext),
+ PKIX_COULDNOTCREATEX500NAMEOBJECT);
+
+ x500Name->arena = arena;
+ x500Name->nssDN.arena = NULL;
+
+ if (derName != NULL) {
+ rv = SECITEM_CopyItem(arena, &x500Name->derName, derName);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ }
+
+ if (name != NULL) {
+ rv = CERT_CopyName(arena, &x500Name->nssDN, name);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_CERTCOPYNAMEFAILED);
+ }
+ } else {
+ rv = SEC_QuickDERDecodeItem(arena, &x500Name->nssDN,
+ CERT_NameTemplate,
+ &x500Name->derName);
+ if (rv == SECFailure) {
+ PKIX_ERROR(PKIX_SECQUICKDERDECODERFAILED);
+ }
+ }
+
+ *pName = x500Name;
+
+cleanup:
+ if (PKIX_ERROR_RECEIVED) {
+ if (x500Name) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)x500Name,
+ plContext);
+ } else if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ }
+
+ PKIX_RETURN(X500NAME);
+}
+
+#ifdef BUILD_LIBPKIX_TESTS
+/*
+ * FUNCTION: PKIX_PL_X500Name_Create (see comments in pkix_pl_pki.h)
+ *
+ * NOTE: ifdefed BUILD_LIBPKIX_TESTS function: this function is allowed
+ * to be called only by pkix tests programs.
+ */
+PKIX_Error *
+PKIX_PL_X500Name_Create(
+ PKIX_PL_String *stringRep,
+ PKIX_PL_X500Name **pName,
+ void *plContext)
+{
+ char *utf8String = NULL;
+ PKIX_UInt32 utf8Length = 0;
+
+ PKIX_ENTER(X500NAME, "PKIX_PL_X500Name_Create");
+ PKIX_NULLCHECK_TWO(pName, stringRep);
+
+ /*
+ * convert the input PKIX_PL_String to PKIX_UTF8_NULL_TERM.
+ * we need to use this format specifier because
+ * CERT_AsciiToName expects a NULL-terminated UTF8 string.
+ * Since UTF8 allow NUL characters in the middle of the
+ * string, this is buggy. However, as a workaround, using
+ * PKIX_UTF8_NULL_TERM gives us a NULL-terminated UTF8 string.
+ */
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stringRep,
+ PKIX_UTF8_NULL_TERM,
+ (void **)&utf8String,
+ &utf8Length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_CHECK(
+ pkix_pl_X500Name_CreateFromUtf8(utf8String,
+ pName, plContext),
+ PKIX_X500NAMECREATEFROMUTF8FAILED);
+
+cleanup:
+ PKIX_FREE(utf8String);
+
+ PKIX_RETURN(X500NAME);
+}
+#endif /* BUILD_LIBPKIX_TESTS */
+
+/*
+ * FUNCTION: PKIX_PL_X500Name_Match (see comments in pkix_pl_pki.h)
+ */
+PKIX_Error *
+PKIX_PL_X500Name_Match(
+ PKIX_PL_X500Name *firstX500Name,
+ PKIX_PL_X500Name *secondX500Name,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ SECItem *firstDerName = NULL;
+ SECItem *secondDerName = NULL;
+ SECComparison cmpResult;
+
+ PKIX_ENTER(X500NAME, "PKIX_PL_X500Name_Match");
+ PKIX_NULLCHECK_THREE(firstX500Name, secondX500Name, pResult);
+
+ if (firstX500Name == secondX500Name){
+ *pResult = PKIX_TRUE;
+ goto cleanup;
+ }
+
+ firstDerName = &firstX500Name->derName;
+ secondDerName = &secondX500Name->derName;
+
+ PKIX_NULLCHECK_TWO(firstDerName->data, secondDerName->data);
+
+ cmpResult = SECITEM_CompareItem(firstDerName, secondDerName);
+ if (cmpResult != SECEqual) {
+ cmpResult = CERT_CompareName(&firstX500Name->nssDN,
+ &secondX500Name->nssDN);
+ }
+
+ *pResult = (cmpResult == SECEqual);
+
+cleanup:
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_GetSECName
+ *
+ * DESCRIPTION:
+ * Returns a copy of CERTName DER representation allocated on passed in arena.
+ * If allocation on arena can not be done, NULL is stored at "pSECName".
+ *
+ * PARAMETERS:
+ * "xname"
+ * Address of X500Name whose CERTName flag is to be encoded. Must be
+ * non-NULL.
+ * "arena"
+ * Address of the PLArenaPool to be used in the encoding, and in which
+ * "pSECName" will be allocated. Must be non-NULL.
+ * "pSECName"
+ * Address where result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_X500Name_GetDERName(
+ PKIX_PL_X500Name *xname,
+ PLArenaPool *arena,
+ SECItem **pDERName,
+ void *plContext)
+{
+ SECItem *derName = NULL;
+
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_GetDERName");
+
+ PKIX_NULLCHECK_THREE(xname, arena, pDERName);
+
+ /* Return NULL is X500Name was not created from DER */
+ if (xname->derName.data == NULL) {
+ *pDERName = NULL;
+ goto cleanup;
+ }
+
+ derName = SECITEM_ArenaDupItem(arena, &xname->derName);
+ if (derName == NULL) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ *pDERName = derName;
+cleanup:
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_GetCommonName
+ *
+ * DESCRIPTION:
+ * Extracts the CommonName component of the X500Name object pointed to by
+ * "xname", and stores the result at "pCommonName". If the CommonName cannot
+ * be successfully extracted, NULL is stored at "pCommonName".
+ *
+ * The returned string must be freed with PORT_Free.
+ *
+ * PARAMETERS:
+ * "xname"
+ * Address of X500Name whose CommonName is to be extracted. Must be
+ * non-NULL.
+ * "pCommonName"
+ * Address where result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_X500Name_GetCommonName(
+ PKIX_PL_X500Name *xname,
+ unsigned char **pCommonName,
+ void *plContext)
+{
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_GetCommonName");
+ PKIX_NULLCHECK_TWO(xname, pCommonName);
+
+ *pCommonName = (unsigned char *)CERT_GetCommonName(&xname->nssDN);
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_GetCountryName
+ *
+ * DESCRIPTION:
+ * Extracts the CountryName component of the X500Name object pointed to by
+ * "xname", and stores the result at "pCountryName". If the CountryName cannot
+ * be successfully extracted, NULL is stored at "pCountryName".
+ *
+ * The returned string must be freed with PORT_Free.
+ *
+ * PARAMETERS:
+ * "xname"
+ * Address of X500Name whose CountryName is to be extracted. Must be
+ * non-NULL.
+ * "pCountryName"
+ * Address where result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_X500Name_GetCountryName(
+ PKIX_PL_X500Name *xname,
+ unsigned char **pCountryName,
+ void *plContext)
+{
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_GetCountryName");
+ PKIX_NULLCHECK_TWO(xname, pCountryName);
+
+ *pCountryName = (unsigned char*)CERT_GetCountryName(&xname->nssDN);
+
+ PKIX_RETURN(X500NAME);
+}
+
+/*
+ * FUNCTION: pkix_pl_X500Name_GetOrgName
+ *
+ * DESCRIPTION:
+ * Extracts the OrganizationName component of the X500Name object pointed to by
+ * "xname", and stores the result at "pOrgName". If the OrganizationName cannot
+ * be successfully extracted, NULL is stored at "pOrgName".
+ *
+ * The returned string must be freed with PORT_Free.
+ *
+ * PARAMETERS:
+ * "xname"
+ * Address of X500Name whose OrganizationName is to be extracted. Must be
+ * non-NULL.
+ * "pOrgName"
+ * Address where result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ *
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ *
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_X500Name_GetOrgName(
+ PKIX_PL_X500Name *xname,
+ unsigned char **pOrgName,
+ void *plContext)
+{
+ PKIX_ENTER(X500NAME, "pkix_pl_X500Name_GetOrgName");
+ PKIX_NULLCHECK_TWO(xname, pOrgName);
+
+ *pOrgName = (unsigned char*)CERT_GetOrgName(&xname->nssDN);
+
+ PKIX_RETURN(X500NAME);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.h
new file mode 100644
index 000000000..a62bdb82d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_x500name.h
@@ -0,0 +1,74 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_x500name.h
+ *
+ * X500Name Object Type Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_X500NAME_H
+#define _PKIX_PL_X500NAME_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+struct PKIX_PL_X500NameStruct{
+ PLArenaPool *arena; /* X500Name arena. Shared arena with nssDN
+ * and derName */
+ CERTName nssDN;
+ SECItem derName; /* adding DER encoded CERTName to the structure
+ * to avoid unnecessary name encoding when pass
+ * der name to cert finder */
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *pkix_pl_X500Name_RegisterSelf(void *plContext);
+
+PKIX_Error *pkix_pl_X500Name_GetDERName(
+ PKIX_PL_X500Name *xname,
+ PLArenaPool *arena,
+ SECItem **pSECName,
+ void *plContext);
+
+#ifdef BUILD_LIBPKIX_TESTS
+PKIX_Error * pkix_pl_X500Name_CreateFromUtf8(
+ char *stringRep,
+ PKIX_PL_X500Name **pName,
+ void *plContext);
+#endif /* BUILD_LIBPKIX_TESTS */
+
+PKIX_Error *pkix_pl_X500Name_GetCommonName(
+ PKIX_PL_X500Name *xname,
+ unsigned char **pCommonName,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_X500Name_GetCountryName(
+ PKIX_PL_X500Name *xname,
+ unsigned char **pCountryName,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_X500Name_GetOrgName(
+ PKIX_PL_X500Name *xname,
+ unsigned char **pOrgName,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_X500Name_GetCERTName(
+ PKIX_PL_X500Name *xname,
+ CERTName **pCERTName,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_X500NAME_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/Makefile b/security/nss/lib/libpkix/pkix_pl_nss/system/Makefile
new file mode 100755
index 000000000..0fb6c9058
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/Makefile
@@ -0,0 +1,49 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/config.mk b/security/nss/lib/libpkix/pkix_pl_nss/system/config.mk
new file mode 100755
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/exports.gyp b/security/nss/lib/libpkix/pkix_pl_nss/system/exports.gyp
new file mode 100644
index 000000000..a2f759441
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/exports.gyp
@@ -0,0 +1,37 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_libpkix_pkix_pl_nss_system_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkix_pl_bigint.h',
+ 'pkix_pl_bytearray.h',
+ 'pkix_pl_common.h',
+ 'pkix_pl_hashtable.h',
+ 'pkix_pl_lifecycle.h',
+ 'pkix_pl_mem.h',
+ 'pkix_pl_monitorlock.h',
+ 'pkix_pl_mutex.h',
+ 'pkix_pl_object.h',
+ 'pkix_pl_oid.h',
+ 'pkix_pl_primhash.h',
+ 'pkix_pl_rwlock.h',
+ 'pkix_pl_string.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/manifest.mn b/security/nss/lib/libpkix/pkix_pl_nss/system/manifest.mn
new file mode 100755
index 000000000..82d297992
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/manifest.mn
@@ -0,0 +1,46 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../../..
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ pkix_pl_common.h \
+ pkix_pl_mem.h \
+ pkix_pl_object.h \
+ pkix_pl_string.h \
+ pkix_pl_primhash.h \
+ pkix_pl_bigint.h \
+ pkix_pl_mutex.h \
+ pkix_pl_bytearray.h \
+ pkix_pl_lifecycle.h \
+ pkix_pl_oid.h \
+ pkix_pl_hashtable.h \
+ pkix_pl_rwlock.h \
+ pkix_pl_monitorlock.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ pkix_pl_bigint.c \
+ pkix_pl_bytearray.c \
+ pkix_pl_common.c \
+ pkix_pl_error.c \
+ pkix_pl_hashtable.c \
+ pkix_pl_lifecycle.c \
+ pkix_pl_mem.c \
+ pkix_pl_monitorlock.c \
+ pkix_pl_mutex.c \
+ pkix_pl_object.c \
+ pkix_pl_oid.c \
+ pkix_pl_primhash.c \
+ pkix_pl_rwlock.c \
+ pkix_pl_string.c \
+ $(NULL)
+
+LIBRARY_NAME = pkixsystem
+
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.c
new file mode 100755
index 000000000..cd8e15ee4
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.c
@@ -0,0 +1,398 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_bigint.c
+ *
+ * BigInt Object Functions
+ *
+ */
+
+#include "pkix_pl_bigint.h"
+
+/* --Private-Big-Int-Functions------------------------------------ */
+
+/*
+ * FUNCTION: pkix_pl_BigInt_Comparator
+ * (see comments for PKIX_PL_ComparatorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_BigInt_Comparator(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_BigInt *firstBigInt = NULL;
+ PKIX_PL_BigInt *secondBigInt = NULL;
+ char *firstPtr = NULL;
+ char *secondPtr = NULL;
+ PKIX_UInt32 firstLen, secondLen;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_Comparator");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject, secondObject, PKIX_BIGINT_TYPE, plContext),
+ PKIX_ARGUMENTSNOTBIGINTS);
+
+ /* It's safe to cast */
+ firstBigInt = (PKIX_PL_BigInt*)firstObject;
+ secondBigInt = (PKIX_PL_BigInt*)secondObject;
+
+ *pResult = 0;
+ firstPtr = firstBigInt->dataRep;
+ secondPtr = secondBigInt->dataRep;
+ firstLen = firstBigInt->length;
+ secondLen = secondBigInt->length;
+
+ if (firstLen < secondLen) {
+ *pResult = -1;
+ } else if (firstLen > secondLen) {
+ *pResult = 1;
+ } else if (firstLen == secondLen) {
+ PKIX_BIGINT_DEBUG("\t\tCalling PORT_Memcmp).\n");
+ *pResult = PORT_Memcmp(firstPtr, secondPtr, firstLen);
+ }
+
+cleanup:
+
+ PKIX_RETURN(BIGINT);
+}
+
+/*
+ * FUNCTION: pkix_pl_BigInt_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_BigInt_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_BigInt *bigInt = NULL;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BIGINT_TYPE, plContext),
+ PKIX_OBJECTNOTBIGINT);
+
+ bigInt = (PKIX_PL_BigInt*)object;
+
+ PKIX_FREE(bigInt->dataRep);
+ bigInt->dataRep = NULL;
+ bigInt->length = 0;
+
+cleanup:
+
+ PKIX_RETURN(BIGINT);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_BigInt_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_BigInt_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_BigInt *bigInt = NULL;
+ char *outputText = NULL;
+ PKIX_UInt32 i, j, lengthChars;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BIGINT_TYPE, plContext),
+ PKIX_OBJECTNOTBIGINT);
+
+ bigInt = (PKIX_PL_BigInt*)object;
+
+ /* number of chars = 2 * (number of bytes) + null terminator */
+ lengthChars = (bigInt->length * 2) + 1;
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (lengthChars, (void **)&outputText, plContext),
+ PKIX_MALLOCFAILED);
+
+ for (i = 0, j = 0; i < bigInt->length; i += 1, j += 2){
+ outputText[j] = pkix_i2hex
+ ((char) ((*(bigInt->dataRep+i) & 0xf0) >> 4));
+ outputText[j+1] = pkix_i2hex
+ ((char) (*(bigInt->dataRep+i) & 0x0f));
+ }
+
+ outputText[lengthChars-1] = '\0';
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ outputText,
+ 0,
+ pString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+cleanup:
+
+ PKIX_FREE(outputText);
+
+ PKIX_RETURN(BIGINT);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_BigInt_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_BigInt_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_BigInt *bigInt = NULL;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BIGINT_TYPE, plContext),
+ PKIX_OBJECTNOTBIGINT);
+
+ bigInt = (PKIX_PL_BigInt*)object;
+
+ PKIX_CHECK(pkix_hash
+ ((void *)bigInt->dataRep,
+ bigInt->length,
+ pHashcode,
+ plContext),
+ PKIX_HASHFAILED);
+
+cleanup:
+
+ PKIX_RETURN(BIGINT);
+}
+
+/*
+ * FUNCTION: pkix_pl_BigInt_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_BigInt_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Int32 cmpResult = 0;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_CheckType(first, PKIX_BIGINT_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTBIGINT);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_BIGINT_TYPE) goto cleanup;
+
+ PKIX_CHECK(pkix_pl_BigInt_Comparator
+ (first, second, &cmpResult, plContext),
+ PKIX_BIGINTCOMPARATORFAILED);
+
+ *pResult = (cmpResult == 0);
+
+cleanup:
+
+ PKIX_RETURN(BIGINT);
+}
+
+/*
+ * FUNCTION: pkix_pl_BigInt_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_BIGINT_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_BigInt_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_RegisterSelf");
+
+ entry.description = "BigInt";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_BigInt);
+ entry.destructor = pkix_pl_BigInt_Destroy;
+ entry.equalsFunction = pkix_pl_BigInt_Equals;
+ entry.hashcodeFunction = pkix_pl_BigInt_Hashcode;
+ entry.toStringFunction = pkix_pl_BigInt_ToString;
+ entry.comparator = pkix_pl_BigInt_Comparator;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_BIGINT_TYPE] = entry;
+
+ PKIX_RETURN(BIGINT);
+}
+
+/*
+ * FUNCTION: pkix_pl_BigInt_CreateWithBytes
+ * DESCRIPTION:
+ *
+ * Creates a new BigInt of size "length" representing the array of bytes
+ * pointed to by "bytes" and stores it at "pBigInt". The caller should make
+ * sure that the first byte is not 0x00 (unless it is the the only byte).
+ * This function does not do that checking.
+ *
+ * Once created, a PKIX_PL_BigInt object is immutable.
+ *
+ * PARAMETERS:
+ * "bytes"
+ * Address of array of bytes. Must be non-NULL.
+ * "length"
+ * Length of the array. Must be non-zero.
+ * "pBigInt"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext" - Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_BigInt_CreateWithBytes(
+ char *bytes,
+ PKIX_UInt32 length,
+ PKIX_PL_BigInt **pBigInt,
+ void *plContext)
+{
+ PKIX_PL_BigInt *bigInt = NULL;
+
+ PKIX_ENTER(BIGINT, "pkix_pl_BigInt_CreateWithBytes");
+ PKIX_NULLCHECK_TWO(pBigInt, bytes);
+
+ if (length == 0) {
+ PKIX_ERROR(PKIX_BIGINTLENGTH0INVALID)
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_BIGINT_TYPE,
+ sizeof (PKIX_PL_BigInt),
+ (PKIX_PL_Object **)&bigInt,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (length, (void **)&(bigInt->dataRep), plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_BIGINT_DEBUG("\t\tCalling PORT_Memcpy).\n");
+ (void) PORT_Memcpy(bigInt->dataRep, bytes, length);
+
+ bigInt->length = length;
+
+ *pBigInt = bigInt;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(bigInt);
+ }
+
+ PKIX_RETURN(BIGINT);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_BigInt_Create (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_BigInt_Create(
+ PKIX_PL_String *stringRep,
+ PKIX_PL_BigInt **pBigInt,
+ void *plContext)
+{
+ PKIX_PL_BigInt *bigInt = NULL;
+ char *asciiString = NULL;
+ PKIX_UInt32 lengthBytes;
+ PKIX_UInt32 lengthString;
+ PKIX_UInt32 i;
+ char currChar;
+
+ PKIX_ENTER(BIGINT, "PKIX_PL_BigInt_Create");
+ PKIX_NULLCHECK_TWO(pBigInt, stringRep);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (stringRep,
+ PKIX_ESCASCII,
+ (void **)&asciiString,
+ &lengthString,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ if ((lengthString == 0) || ((lengthString % 2) != 0)){
+ PKIX_ERROR(PKIX_SOURCESTRINGHASINVALIDLENGTH);
+ }
+
+ if (lengthString != 2){
+ if ((asciiString[0] == '0') && (asciiString[1] == '0')){
+ PKIX_ERROR(PKIX_FIRSTDOUBLEHEXMUSTNOTBE00);
+ }
+ }
+
+ for (i = 0; i < lengthString; i++) {
+ currChar = asciiString[i];
+ if (!PKIX_ISXDIGIT(currChar)){
+ PKIX_ERROR(PKIX_INVALIDCHARACTERINBIGINT);
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_BIGINT_TYPE,
+ sizeof (PKIX_PL_BigInt),
+ (PKIX_PL_Object **)&bigInt,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+
+ /* number of bytes = 0.5 * (number of chars) */
+ lengthBytes = lengthString/2;
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (lengthBytes, (void **)&(bigInt->dataRep), plContext),
+ PKIX_MALLOCFAILED);
+
+ for (i = 0; i < lengthString; i += 2){
+ (bigInt->dataRep)[i/2] =
+ (pkix_hex2i(asciiString[i])<<4) |
+ pkix_hex2i(asciiString[i+1]);
+ }
+
+ bigInt->length = lengthBytes;
+
+ *pBigInt = bigInt;
+
+cleanup:
+
+ PKIX_FREE(asciiString);
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(bigInt);
+ }
+
+ PKIX_RETURN(BIGINT);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.h
new file mode 100755
index 000000000..b3df808a8
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bigint.h
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_bigint.h
+ *
+ * Bigint Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_BIGINT_H
+#define _PKIX_PL_BIGINT_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_BigIntStruct {
+ char *dataRep;
+ PKIX_UInt32 length;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_BigInt_CreateWithBytes(
+ char *bytes,
+ PKIX_UInt32 length,
+ PKIX_PL_BigInt **pBigInt,
+ void *plContext);
+
+PKIX_Error *pkix_pl_BigInt_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_BIGINT_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.c
new file mode 100755
index 000000000..0a2e9c08f
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.c
@@ -0,0 +1,504 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_bytearray.c
+ *
+ * ByteArray Object Functions
+ *
+ */
+
+#include "pkix_pl_bytearray.h"
+
+/* --Private-ByteArray-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_ToHexString
+ * DESCRIPTION:
+ *
+ * Creates a hex-String representation of the ByteArray pointed to by "array"
+ * and stores the result at "pString". The hex-String consists of hex-digit
+ * pairs separated by spaces, and the entire string enclosed within square
+ * brackets, e.g. [43 61 6E 20 79 6F 75 20 72 65 61 64 20 74 68 69 73 3F].
+ * A zero-length ByteArray is represented as [].
+ * PARAMETERS
+ * "array"
+ * ByteArray to be represented by the hex-String; must be non-NULL
+ * "pString"
+ * Address where String will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Cert Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_ByteArray_ToHexString(
+ PKIX_PL_ByteArray *array,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ char *tempText = NULL;
+ char *stringText = NULL; /* "[XX XX XX ...]" */
+ PKIX_UInt32 i, outputLen, bufferSize;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_ToHexString");
+ PKIX_NULLCHECK_TWO(array, pString);
+
+ if ((array->length) == 0) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "[]", 0, pString, plContext),
+ PKIX_COULDNOTCREATESTRING);
+ } else {
+ /*
+ * Allocate space for format string
+ * '[' + "XX" + (n-1)*" XX" + ']' + '\0'
+ */
+ bufferSize = 2 + (3*(array->length));
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (bufferSize, (void **)&stringText, plContext),
+ PKIX_COULDNOTALLOCATEMEMORY);
+
+ stringText[0] = 0;
+ outputLen = 0;
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf).\n");
+ tempText = PR_smprintf
+ ("[%02X", (0x0FF&((char *)(array->array))[0]));
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strlen).\n");
+ outputLen += PL_strlen(tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strcat).\n");
+ stringText = PL_strcat(stringText, tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf_free).\n");
+ PR_smprintf_free(tempText);
+
+ for (i = 1; i < array->length; i++) {
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf).\n");
+ tempText = PR_smprintf
+ (" %02X", (0x0FF&((char *)(array->array))[i]));
+
+ if (tempText == NULL){
+ PKIX_ERROR(PKIX_PRSMPRINTFFAILED);
+ }
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strlen).\n");
+ outputLen += PL_strlen(tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strcat).\n");
+ stringText = PL_strcat(stringText, tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf_free).\n");
+ PR_smprintf_free(tempText);
+ tempText = NULL;
+ }
+
+ stringText[outputLen++] = ']';
+ stringText[outputLen] = 0;
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ stringText,
+ 0,
+ pString,
+ plContext),
+ PKIX_COULDNOTCREATESTRING);
+ }
+
+cleanup:
+
+ PKIX_FREE(stringText);
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_Comparator
+ * (see comments for PKIX_PL_ComparatorCallback in pkix_pl_system.h)
+ *
+ * NOTE:
+ * It is not clear that this definition of comparing byte arrays makes
+ * sense. It does allow you to tell whether two blocks of memory are
+ * identical, so we only use it for the Equals function (i.e. we don't
+ * register it as a Compare function for ByteArray).
+ */
+static PKIX_Error *
+pkix_pl_ByteArray_Comparator(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *firstByteArray = NULL;
+ PKIX_PL_ByteArray *secondByteArray = NULL;
+ unsigned char *firstData = NULL;
+ unsigned char *secondData = NULL;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_Comparator");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject, secondObject, PKIX_BYTEARRAY_TYPE, plContext),
+ PKIX_ARGUMENTSNOTBYTEARRAYS);
+
+ /* It's safe to cast */
+ firstByteArray = (PKIX_PL_ByteArray *)firstObject;
+ secondByteArray = (PKIX_PL_ByteArray *)secondObject;
+
+ *pResult = 0;
+ firstData = (unsigned char *)firstByteArray->array;
+ secondData = (unsigned char *)secondByteArray->array;
+
+ if (firstByteArray->length < secondByteArray->length) {
+ *pResult = -1;
+ } else if (firstByteArray->length > secondByteArray->length) {
+ *pResult = 1;
+ } else if (firstByteArray->length == secondByteArray->length) {
+ /* Check if both array contents are identical */
+ for (i = 0;
+ (i < firstByteArray->length) && (*pResult == 0);
+ i++) {
+ if (firstData[i] < secondData[i]) {
+ *pResult = -1;
+ } else if (firstData[i] > secondData[i]) {
+ *pResult = 1;
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_ByteArray_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *array = NULL;
+ char *tempText = NULL;
+ char *stringText = NULL; /* "[OOO, OOO, ... OOO]" */
+ PKIX_UInt32 i, outputLen, bufferSize;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BYTEARRAY_TYPE, plContext),
+ PKIX_OBJECTNOTBYTEARRAY);
+
+ array = (PKIX_PL_ByteArray *)object;
+
+ if ((array->length) == 0) {
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, "[]", 0, pString, plContext),
+ PKIX_COULDNOTCREATESTRING);
+ } else {
+ /* Allocate space for "XXX, ". */
+ bufferSize = 2+5*array->length;
+
+ /* Allocate space for format string */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (bufferSize, (void **)&stringText, plContext),
+ PKIX_MALLOCFAILED);
+
+ stringText[0] = 0;
+ outputLen = 0;
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf).\n");
+ tempText =
+ PR_smprintf
+ ("[%03u", (0x0FF&((char *)(array->array))[0]));
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strlen).\n");
+ outputLen += PL_strlen(tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strcat).\n");
+ stringText = PL_strcat(stringText, tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf_free).\n");
+ PR_smprintf_free(tempText);
+
+ for (i = 1; i < array->length; i++) {
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf).\n");
+ tempText = PR_smprintf
+ (", %03u",
+ (0x0FF&((char *)(array->array))[i]));
+
+ if (tempText == NULL){
+ PKIX_ERROR(PKIX_PRSMPRINTFFAILED);
+ }
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strlen).\n");
+ outputLen += PL_strlen(tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PL_strcat).\n");
+ stringText = PL_strcat(stringText, tempText);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PR_smprintf_free).\n");
+ PR_smprintf_free(tempText);
+ tempText = NULL;
+ }
+
+ stringText[outputLen++] = ']';
+ stringText[outputLen] = 0;
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, stringText, 0, pString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ }
+
+cleanup:
+
+ PKIX_FREE(stringText);
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_ByteArray_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Int32 cmpResult = 0;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ /* Sanity check: Test that "first" is a ByteArray */
+ PKIX_CHECK(pkix_CheckType(first, PKIX_BYTEARRAY_TYPE, plContext),
+ PKIX_FIRSTARGUMENTNOTBYTEARRAY);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(second, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ /* If types differ, then we will return false */
+ *pResult = PKIX_FALSE;
+
+ /* Second type may not be a BA */
+ if (secondType != PKIX_BYTEARRAY_TYPE) goto cleanup;
+
+ /* It's safe to cast here */
+ PKIX_CHECK(pkix_pl_ByteArray_Comparator
+ (first, second, &cmpResult, plContext),
+ PKIX_BYTEARRAYCOMPARATORFAILED);
+
+ /* ByteArrays are equal iff Comparator Result is 0 */
+ *pResult = (cmpResult == 0);
+
+cleanup:
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_ByteArray_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *array = NULL;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BYTEARRAY_TYPE, plContext),
+ PKIX_OBJECTNOTBYTEARRAY);
+
+ array = (PKIX_PL_ByteArray*)object;
+
+ PKIX_FREE(array->array);
+ array->array = NULL;
+ array->length = 0;
+
+cleanup:
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_ByteArray_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *array = NULL;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_BYTEARRAY_TYPE, plContext),
+ PKIX_OBJECTNOTBYTEARRAY);
+
+ array = (PKIX_PL_ByteArray*)object;
+
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)array->array,
+ array->length,
+ pHashcode,
+ plContext),
+ PKIX_HASHFAILED);
+
+cleanup:
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: pkix_pl_ByteArray_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_BYTEARRAY_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_ByteArray_RegisterSelf(void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(BYTEARRAY, "pkix_pl_ByteArray_RegisterSelf");
+
+ entry.description = "ByteArray";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_ByteArray);
+ entry.destructor = pkix_pl_ByteArray_Destroy;
+ entry.equalsFunction = pkix_pl_ByteArray_Equals;
+ entry.hashcodeFunction = pkix_pl_ByteArray_Hashcode;
+ entry.toStringFunction = pkix_pl_ByteArray_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_BYTEARRAY_TYPE] = entry;
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_ByteArray_Create (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_ByteArray_Create(
+ void *array,
+ PKIX_UInt32 length,
+ PKIX_PL_ByteArray **pByteArray,
+ void *plContext)
+{
+ PKIX_PL_ByteArray *byteArray = NULL;
+
+ PKIX_ENTER(BYTEARRAY, "PKIX_PL_ByteArray_Create");
+ PKIX_NULLCHECK_ONE(pByteArray);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_BYTEARRAY_TYPE,
+ sizeof (PKIX_PL_ByteArray),
+ (PKIX_PL_Object **)&byteArray,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECTSTORAGE);
+
+ byteArray->length = length;
+ byteArray->array = NULL;
+
+ if (length != 0){
+ /* Alloc space for array */
+ PKIX_NULLCHECK_ONE(array);
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (length, (void**)&(byteArray->array), plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PORT_Memcpy).\n");
+ (void) PORT_Memcpy(byteArray->array, array, length);
+ }
+
+ *pByteArray = byteArray;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(byteArray);
+ }
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: PKIX_PL_ByteArray_GetPointer (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_ByteArray_GetPointer(
+ PKIX_PL_ByteArray *byteArray,
+ void **pArray,
+ void *plContext)
+{
+ void *bytes = NULL;
+ PKIX_ENTER(BYTEARRAY, "PKIX_PL_ByteArray_GetPointer");
+ PKIX_NULLCHECK_TWO(byteArray, pArray);
+
+ if (byteArray->length != 0){
+ PKIX_CHECK(PKIX_PL_Malloc
+ (byteArray->length, &bytes, plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_BYTEARRAY_DEBUG("\tCalling PORT_Memcpy).\n");
+ (void) PORT_Memcpy
+ (bytes, byteArray->array, byteArray->length);
+ }
+
+ *pArray = bytes;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_FREE(bytes);
+ }
+
+ PKIX_RETURN(BYTEARRAY);
+}
+
+/*
+ * FUNCTION: PKIX_PL_ByteArray_GetLength (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_ByteArray_GetLength(
+ PKIX_PL_ByteArray *byteArray,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ PKIX_ENTER(BYTEARRAY, "PKIX_PL_ByteArray_GetLength");
+ PKIX_NULLCHECK_TWO(byteArray, pLength);
+
+ *pLength = byteArray->length;
+
+ PKIX_RETURN(BYTEARRAY);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.h
new file mode 100755
index 000000000..4ba18eed7
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_bytearray.h
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_bytearray.h
+ *
+ * ByteArray Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_BYTEARRAY_H
+#define _PKIX_PL_BYTEARRAY_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_ByteArrayStruct {
+ void *array;
+ PKIX_UInt32 length;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_ByteArray_ToHexString(
+ PKIX_PL_ByteArray *array,
+ PKIX_PL_String **pString,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_ByteArray_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_BYTEARRAY_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.c
new file mode 100755
index 000000000..831ce538d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.c
@@ -0,0 +1,1073 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_common.c
+ *
+ * Common utility functions used by various PKIX_PL functions
+ *
+ */
+
+#include "pkix_pl_common.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_LockObject
+ * DESCRIPTION:
+ *
+ * Locks the object pointed to by "object".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of object. Must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_LockObject(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader;
+
+ PKIX_ENTER(OBJECT, "pkix_LockObject");
+ PKIX_NULLCHECK_ONE(object);
+
+ if (object == (PKIX_PL_Object *)PKIX_ALLOC_ERROR()) {
+ goto cleanup;
+ }
+
+ PKIX_OBJECT_DEBUG("\tShifting object pointer).\n");
+ /* The header is sizeof(PKIX_PL_Object) before the object pointer */
+
+ objectHeader = object-1;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(objectHeader->lock);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_UnlockObject
+ * DESCRIPTION:
+ *
+ * Unlocks the object pointed to by "object".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object. Must be non-NULL
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_UnlockObject(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader;
+ PRStatus result;
+
+ PKIX_ENTER(OBJECT, "pkix_UnlockObject");
+ PKIX_NULLCHECK_ONE(object);
+
+ if (object == (PKIX_PL_Object *)PKIX_ALLOC_ERROR()) {
+ goto cleanup;
+ }
+
+ PKIX_OBJECT_DEBUG("\tShifting object pointer).\n");
+ /* The header is sizeof(PKIX_PL_Object) before the object pointer */
+
+ objectHeader = object-1;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ result = PR_Unlock(objectHeader->lock);
+
+ if (result == PR_FAILURE) {
+ PKIX_OBJECT_DEBUG("\tPR_Unlock failed.).\n");
+ PKIX_ERROR_FATAL(PKIX_ERRORUNLOCKINGOBJECT);
+ }
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_pl_UInt32_Overflows
+ * DESCRIPTION:
+ *
+ * Returns a PKIX_Boolean indicating whether the unsigned integer
+ * represented by "string" is too large to fit in 32-bits (i.e.
+ * whether it overflows). With the exception of the string "0",
+ * all other strings are stripped of any leading zeros. It is assumed
+ * that every character in "string" is from the set {'0' - '9'}.
+ *
+ * PARAMETERS
+ * "string"
+ * Address of array of bytes representing PKIX_UInt32 that's being tested
+ * for 32-bit overflow
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * PKIX_TRUE if PKIX_UInt32 represented by "string" overflows;
+ * PKIX_FALSE otherwise
+ */
+PKIX_Boolean
+pkix_pl_UInt32_Overflows(char *string){
+ char *firstNonZero = NULL;
+ PKIX_UInt32 length, i;
+ char *MAX_UINT32_STRING = "4294967295";
+
+ PKIX_DEBUG_ENTER(OID);
+
+ PKIX_OID_DEBUG("\tCalling PL_strlen).\n");
+ length = PL_strlen(string);
+
+ if (length < MAX_DIGITS_32){
+ return (PKIX_FALSE);
+ }
+
+ firstNonZero = string;
+ for (i = 0; i < length; i++){
+ if (*string == '0'){
+ firstNonZero++;
+ }
+ }
+
+ PKIX_OID_DEBUG("\tCalling PL_strlen).\n");
+ length = PL_strlen(firstNonZero);
+
+ if (length > MAX_DIGITS_32){
+ return (PKIX_TRUE);
+ }
+
+ PKIX_OID_DEBUG("\tCalling PL_strlen).\n");
+ if (length == MAX_DIGITS_32){
+ PKIX_OID_DEBUG("\tCalling PORT_Strcmp).\n");
+ if (PORT_Strcmp(firstNonZero, MAX_UINT32_STRING) > 0){
+ return (PKIX_TRUE);
+ }
+ }
+
+ return (PKIX_FALSE);
+}
+
+/*
+ * FUNCTION: pkix_pl_getOIDToken
+ * DESCRIPTION:
+ *
+ * Takes the array of DER-encoded bytes pointed to by "derBytes"
+ * (representing an OID) and the value of "index" representing the index into
+ * the array, and decodes the bytes until an integer token is retrieved. If
+ * successful, this function stores the integer component at "pToken" and
+ * stores the index representing the next byte in the array at "pIndex"
+ * (following the last byte that was used in the decoding). This new output
+ * index can be used in subsequent calls as an input index, allowing each
+ * token of the OID to be retrieved consecutively. Note that there is a
+ * special case for the first byte, in that it encodes two separate integer
+ * tokens. For example, the byte {2a} represents the integer tokens {1,2}.
+ * This special case is not handled here and must be handled by the caller.
+ *
+ * PARAMETERS
+ * "derBytes"
+ * Address of array of bytes representing a DER-encoded OID.
+ * Must be non-NULL.
+ * "index"
+ * Index into the array that this function will begin decoding at.
+ * "pToken"
+ * Destination for decoded OID token. Must be non-NULL.
+ * "pIndex"
+ * Destination for index of next byte following last byte used.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_getOIDToken(
+ char *derBytes,
+ PKIX_UInt32 index,
+ PKIX_UInt32 *pToken,
+ PKIX_UInt32 *pIndex,
+ void *plContext)
+{
+ PKIX_UInt32 retval, i, tmp;
+
+ PKIX_ENTER(OID, "pkix_pl_getOIDToken");
+ PKIX_NULLCHECK_THREE(derBytes, pToken, pIndex);
+
+ /*
+ * We should only need to parse a maximum of four bytes, because
+ * RFC 3280 "mandates support for OIDs which have arc elements
+ * with values that are less than 2^28, that is, they MUST be between
+ * 0 and 268,435,455, inclusive. This allows each arc element to be
+ * represented within a single 32 bit word."
+ */
+
+ for (i = 0, retval = 0; i < 4; i++) {
+ retval <<= 7;
+ tmp = derBytes[index];
+ index++;
+ retval |= (tmp & 0x07f);
+ if ((tmp & 0x080) == 0){
+ *pToken = retval;
+ *pIndex = index;
+ goto cleanup;
+ }
+ }
+
+ PKIX_ERROR(PKIX_INVALIDENCODINGOIDTOKENVALUETOOBIG);
+
+cleanup:
+
+ PKIX_RETURN(OID);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_helperBytes2Ascii
+ * DESCRIPTION:
+ *
+ * Converts an array of integers pointed to by "tokens" with a length of
+ * "numTokens", to an ASCII string consisting of those integers with dots in
+ * between them and stores the result at "pAscii". The ASCII representation is
+ * guaranteed to end with a NUL character. This is particularly useful for
+ * OID's and IP Addresses.
+ *
+ * The return value "pAscii" is not reference-counted and will need to
+ * be freed with PKIX_PL_Free.
+ *
+ * PARAMETERS
+ * "tokens"
+ * Address of array of integers. Must be non-NULL.
+ * "numTokens"
+ * Length of array of integers. Must be non-zero.
+ * "pAscii"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_helperBytes2Ascii(
+ PKIX_UInt32 *tokens,
+ PKIX_UInt32 numTokens,
+ char **pAscii,
+ void *plContext)
+{
+ char *tempString = NULL;
+ char *outputString = NULL;
+ char *format = "%d";
+ PKIX_UInt32 i = 0;
+ PKIX_UInt32 outputLen = 0;
+ PKIX_Int32 error;
+
+ PKIX_ENTER(OBJECT, "pkix_pl_helperBytes2Ascii");
+ PKIX_NULLCHECK_TWO(tokens, pAscii);
+
+ if (numTokens == 0) {
+ PKIX_ERROR_FATAL(PKIX_HELPERBYTES2ASCIINUMTOKENSZERO);
+ }
+
+ /*
+ * tempString will hold the string representation of a PKIX_UInt32 type
+ * The maximum value that can be held by an unsigned 32-bit integer
+ * is (2^32 - 1) = 4294967295 (which is ten digits long)
+ * Since tempString will hold the string representation of a
+ * PKIX_UInt32, we allocate 11 bytes for it (1 byte for '\0')
+ */
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (MAX_DIGITS_32 + 1, (void **)&tempString, plContext),
+ PKIX_MALLOCFAILED);
+
+ for (i = 0; i < numTokens; i++){
+ PKIX_OBJECT_DEBUG("\tCalling PR_snprintf).\n");
+ error = PR_snprintf(tempString,
+ MAX_DIGITS_32 + 1,
+ format,
+ tokens[i]);
+ if (error == -1){
+ PKIX_ERROR(PKIX_PRSNPRINTFFAILED);
+ }
+
+ PKIX_OBJECT_DEBUG("\tCalling PL_strlen).\n");
+ outputLen += PL_strlen(tempString);
+
+ /* Include a dot to separate each number */
+ outputLen++;
+ }
+
+ /* Allocate space for the destination string */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (outputLen, (void **)&outputString, plContext),
+ PKIX_MALLOCFAILED);
+
+ *outputString = '\0';
+
+ /* Concatenate all strings together */
+ for (i = 0; i < numTokens; i++){
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_snprintf).\n");
+ error = PR_snprintf(tempString,
+ MAX_DIGITS_32 + 1,
+ format,
+ tokens[i]);
+ if (error == -1){
+ PKIX_ERROR(PKIX_PRSNPRINTFFAILED);
+ }
+
+ PKIX_OBJECT_DEBUG("\tCalling PL_strcat).\n");
+ (void) PL_strcat(outputString, tempString);
+
+ /* we don't want to put a "." at the very end */
+ if (i < (numTokens - 1)){
+ PKIX_OBJECT_DEBUG("\tCalling PL_strcat).\n");
+ (void) PL_strcat(outputString, ".");
+ }
+ }
+
+ /* Ensure output string ends with terminating null */
+ outputString[outputLen-1] = '\0';
+
+ *pAscii = outputString;
+ outputString = NULL;
+
+cleanup:
+
+ PKIX_FREE(outputString);
+ PKIX_FREE(tempString);
+
+ PKIX_RETURN(OBJECT);
+
+}
+
+/*
+ * FUNCTION: pkix_pl_ipAddrBytes2Ascii
+ * DESCRIPTION:
+ *
+ * Converts the DER encoding of an IPAddress pointed to by "secItem" to an
+ * ASCII representation and stores the result at "pAscii". The ASCII
+ * representation is guaranteed to end with a NUL character. The input
+ * SECItem must contain non-NULL data and must have a positive length.
+ *
+ * The return value "pAscii" is not reference-counted and will need to
+ * be freed with PKIX_PL_Free.
+ * XXX this function assumes that IPv4 addresses are being used
+ * XXX what about IPv6? can NSS tell the difference
+ *
+ * PARAMETERS
+ * "secItem"
+ * Address of SECItem which contains bytes and length of DER encoding.
+ * Must be non-NULL.
+ * "pAscii"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_ipAddrBytes2Ascii(
+ SECItem *secItem,
+ char **pAscii,
+ void *plContext)
+{
+ char *data = NULL;
+ PKIX_UInt32 *tokens = NULL;
+ PKIX_UInt32 numTokens = 0;
+ PKIX_UInt32 i = 0;
+ char *asciiString = NULL;
+
+ PKIX_ENTER(OBJECT, "pkix_pl_ipAddrBytes2Ascii");
+ PKIX_NULLCHECK_THREE(secItem, pAscii, secItem->data);
+
+ if (secItem->len == 0) {
+ PKIX_ERROR_FATAL(PKIX_IPADDRBYTES2ASCIIDATALENGTHZERO);
+ }
+
+ data = (char *)(secItem->data);
+ numTokens = secItem->len;
+
+ /* allocate space for array of integers */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (numTokens * sizeof (PKIX_UInt32),
+ (void **)&tokens,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ /* populate array of integers */
+ for (i = 0; i < numTokens; i++){
+ tokens[i] = data[i];
+ }
+
+ /* convert array of integers to ASCII */
+ PKIX_CHECK(pkix_pl_helperBytes2Ascii
+ (tokens, numTokens, &asciiString, plContext),
+ PKIX_HELPERBYTES2ASCIIFAILED);
+
+ *pAscii = asciiString;
+
+cleanup:
+
+ PKIX_FREE(tokens);
+
+ PKIX_RETURN(OBJECT);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_oidBytes2Ascii
+ * DESCRIPTION:
+ *
+ * Converts the DER encoding of an OID pointed to by "secItem" to an ASCII
+ * representation and stores it at "pAscii". The ASCII representation is
+ * guaranteed to end with a NUL character. The input SECItem must contain
+ * non-NULL data and must have a positive length.
+ *
+ * Example: the six bytes {2a 86 48 86 f7 0d} represent the
+ * four integer tokens {1, 2, 840, 113549}, which we will convert
+ * into ASCII yielding "1.2.840.113549"
+ *
+ * The return value "pAscii" is not reference-counted and will need to
+ * be freed with PKIX_PL_Free.
+ *
+ * PARAMETERS
+ * "secItem"
+ * Address of SECItem which contains bytes and length of DER encoding.
+ * Must be non-NULL.
+ * "pAscii"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an OID Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_oidBytes2Ascii(
+ SECItem *secItem,
+ char **pAscii,
+ void *plContext)
+{
+ char *data = NULL;
+ PKIX_UInt32 *tokens = NULL;
+ PKIX_UInt32 token = 0;
+ PKIX_UInt32 numBytes = 0;
+ PKIX_UInt32 numTokens = 0;
+ PKIX_UInt32 i = 0, x = 0, y = 0;
+ PKIX_UInt32 index = 0;
+ char *asciiString = NULL;
+
+ PKIX_ENTER(OID, "pkix_pl_oidBytes2Ascii");
+ PKIX_NULLCHECK_THREE(secItem, pAscii, secItem->data);
+
+ if (secItem->len == 0) {
+ PKIX_ERROR_FATAL(PKIX_OIDBYTES2ASCIIDATALENGTHZERO);
+ }
+
+ data = (char *)(secItem->data);
+ numBytes = secItem->len;
+ numTokens = 0;
+
+ /* calculate how many integer tokens are represented by the bytes. */
+ for (i = 0; i < numBytes; i++){
+ if ((data[i] & 0x080) == 0){
+ numTokens++;
+ }
+ }
+
+ /* if we are unable to retrieve any tokens at all, we throw an error */
+ if (numTokens == 0){
+ PKIX_ERROR(PKIX_INVALIDDERENCODINGFOROID);
+ }
+
+ /* add one more token b/c the first byte always contains two tokens */
+ numTokens++;
+
+ /* allocate space for array of integers */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (numTokens * sizeof (PKIX_UInt32),
+ (void **)&tokens,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ /* populate array of integers */
+ for (i = 0; i < numTokens; i++){
+
+ /* retrieve integer token */
+ PKIX_CHECK(pkix_pl_getOIDToken
+ (data, index, &token, &index, plContext),
+ PKIX_GETOIDTOKENFAILED);
+
+ if (i == 0){
+
+ /*
+ * special case: the first DER-encoded byte represents
+ * two tokens. We take advantage of fact that first
+ * token must be 0, 1, or 2; and second token must be
+ * between {0, 39} inclusive if first token is 0 or 1.
+ */
+
+ if (token < 40)
+ x = 0;
+ else if (token < 80)
+ x = 1;
+ else
+ x = 2;
+ y = token - (x * 40);
+
+ tokens[0] = x;
+ tokens[1] = y;
+ i++;
+ } else {
+ tokens[i] = token;
+ }
+ }
+
+ /* convert array of integers to ASCII */
+ PKIX_CHECK(pkix_pl_helperBytes2Ascii
+ (tokens, numTokens, &asciiString, plContext),
+ PKIX_HELPERBYTES2ASCIIFAILED);
+
+ *pAscii = asciiString;
+
+cleanup:
+
+ PKIX_FREE(tokens);
+ PKIX_RETURN(OID);
+
+}
+
+/*
+ * FUNCTION: pkix_UTF16_to_EscASCII
+ * DESCRIPTION:
+ *
+ * Converts array of bytes pointed to by "utf16String" with length of
+ * "utf16Length" (which must be even) into a freshly allocated Escaped ASCII
+ * string and stores a pointer to that string at "pDest" and stores the
+ * string's length at "pLength". The Escaped ASCII string's length does not
+ * include the final NUL character. The caller is responsible for freeing
+ * "pDest" using PKIX_PL_Free. If "debug" is set, uses EscASCII_Debug
+ * encoding.
+ *
+ * PARAMETERS:
+ * "utf16String"
+ * Address of array of bytes representing data source. Must be non-NULL.
+ * "utf16Length"
+ * Length of data source. Must be even.
+ * "debug"
+ * Boolean value indicating whether debug mode is desired.
+ * "pDest"
+ * Address where data will be stored. Must be non-NULL.
+ * "pLength"
+ * Address where data length will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_UTF16_to_EscASCII(
+ const void *utf16String,
+ PKIX_UInt32 utf16Length,
+ PKIX_Boolean debug,
+ char **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ char *destPtr = NULL;
+ PKIX_UInt32 i, charLen;
+ PKIX_UInt32 x = 0, y = 0, z = 0;
+ unsigned char *utf16Char = (unsigned char *)utf16String;
+
+ PKIX_ENTER(STRING, "pkix_UTF16_to_EscASCII");
+ PKIX_NULLCHECK_THREE(utf16String, pDest, pLength);
+
+ /* Assume every pair of bytes becomes &#xNNNN; */
+ charLen = 4*utf16Length;
+
+ /* utf16Lenght must be even */
+ if ((utf16Length % 2) != 0){
+ PKIX_ERROR(PKIX_UTF16ALIGNMENTERROR);
+ }
+
+ /* Count how many bytes we need */
+ for (i = 0; i < utf16Length; i += 2) {
+ if ((utf16Char[i] == 0x00)&&
+ pkix_isPlaintext(utf16Char[i+1], debug)) {
+ if (utf16Char[i+1] == '&') {
+ /* Need to convert this to &amp; */
+ charLen -= 3;
+ } else {
+ /* We can fit this into one char */
+ charLen -= 7;
+ }
+ } else if ((utf16Char[i] >= 0xD8) && (utf16Char[i] <= 0xDB)) {
+ if ((i+3) >= utf16Length) {
+ PKIX_ERROR(PKIX_UTF16HIGHZONEALIGNMENTERROR);
+ } else if ((utf16Char[i+2] >= 0xDC)&&
+ (utf16Char[i+2] <= 0xDF)) {
+ /* Quartet of bytes will become &#xNNNNNNNN; */
+ charLen -= 4;
+ /* Quartet of bytes will produce 12 chars */
+ i += 2;
+ } else {
+ /* Second pair should be DC00-DFFF */
+ PKIX_ERROR(PKIX_UTF16LOWZONEERROR);
+ }
+ }
+ }
+
+ *pLength = charLen;
+
+ /* Ensure this string is null terminated */
+ charLen++;
+
+ /* Allocate space for character array */
+ PKIX_CHECK(PKIX_PL_Malloc(charLen, (void **)pDest, plContext),
+ PKIX_MALLOCFAILED);
+
+ destPtr = *pDest;
+ for (i = 0; i < utf16Length; i += 2) {
+ if ((utf16Char[i] == 0x00)&&
+ pkix_isPlaintext(utf16Char[i+1], debug)) {
+ /* Write a single character */
+ *destPtr++ = utf16Char[i+1];
+ } else if ((utf16Char[i+1] == '&') && (utf16Char[i] == 0x00)){
+ *destPtr++ = '&';
+ *destPtr++ = 'a';
+ *destPtr++ = 'm';
+ *destPtr++ = 'p';
+ *destPtr++ = ';';
+ } else if ((utf16Char[i] >= 0xD8)&&
+ (utf16Char[i] <= 0xDB)&&
+ (utf16Char[i+2] >= 0xDC)&&
+ (utf16Char[i+2] <= 0xDF)) {
+ /*
+ * Special UTF pairs are of the form:
+ * x = D800..DBFF; y = DC00..DFFF;
+ * The result is of the form:
+ * ((x - D800) * 400 + (y - DC00)) + 0001 0000
+ */
+ x = 0x0FFFF & ((utf16Char[i]<<8) | utf16Char[i+1]);
+ y = 0x0FFFF & ((utf16Char[i+2]<<8) | utf16Char[i+3]);
+ z = ((x - 0xD800) * 0x400 + (y - 0xDC00)) + 0x00010000;
+
+ /* Sprintf &#xNNNNNNNN; */
+ PKIX_STRING_DEBUG("\tCalling PR_snprintf).\n");
+ if (PR_snprintf(destPtr, 13, "&#x%08X;", z) ==
+ (PKIX_UInt32)(-1)) {
+ PKIX_ERROR(PKIX_PRSNPRINTFFAILED);
+ }
+ i += 2;
+ destPtr += 12;
+ } else {
+ /* Sprintf &#xNNNN; */
+ PKIX_STRING_DEBUG("\tCalling PR_snprintf).\n");
+ if (PR_snprintf
+ (destPtr,
+ 9,
+ "&#x%02X%02X;",
+ utf16Char[i],
+ utf16Char[i+1]) ==
+ (PKIX_UInt32)(-1)) {
+ PKIX_ERROR(PKIX_PRSNPRINTFFAILED);
+ }
+ destPtr += 8;
+ }
+ }
+ *destPtr = '\0';
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_FREE(*pDest);
+ }
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_EscASCII_to_UTF16
+ * DESCRIPTION:
+ *
+ * Converts array of bytes pointed to by "escAsciiString" with length of
+ * "escAsciiLength" into a freshly allocated UTF-16 string and stores a
+ * pointer to that string at "pDest" and stores the string's length at
+ * "pLength". The caller is responsible for freeing "pDest" using
+ * PKIX_PL_Free. If "debug" is set, uses EscASCII_Debug encoding.
+ *
+ * PARAMETERS:
+ * "escAsciiString"
+ * Address of array of bytes representing data source. Must be non-NULL.
+ * "escAsciiLength"
+ * Length of data source. Must be even.
+ * "debug"
+ * Boolean value indicating whether debug mode is desired.
+ * "pDest"
+ * Address where data will be stored. Must be non-NULL.
+ * "pLength"
+ * Address where data length will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_EscASCII_to_UTF16(
+ const char *escAsciiString,
+ PKIX_UInt32 escAsciiLen,
+ PKIX_Boolean debug,
+ void **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ PKIX_UInt32 newLen, i, j, charSize;
+ PKIX_UInt32 x = 0, y = 0, z = 0;
+ unsigned char *destPtr = NULL;
+ unsigned char testChar, testChar2;
+ unsigned char *stringData = (unsigned char *)escAsciiString;
+
+ PKIX_ENTER(STRING, "pkix_EscASCII_to_UTF16");
+ PKIX_NULLCHECK_THREE(escAsciiString, pDest, pLength);
+
+ if (escAsciiLen == 0) {
+ PKIX_CHECK(PKIX_PL_Malloc(escAsciiLen, pDest, plContext),
+ PKIX_MALLOCFAILED);
+ goto cleanup;
+ }
+
+ /* Assume each unicode character takes two bytes */
+ newLen = escAsciiLen*2;
+
+ /* Count up number of unicode encoded characters */
+ for (i = 0; i < escAsciiLen; i++) {
+ if (!pkix_isPlaintext(stringData[i], debug)&&
+ (stringData[i] != '&')) {
+ PKIX_ERROR(PKIX_ILLEGALCHARACTERINESCAPEDASCII);
+ } else if (PL_strstr(escAsciiString+i, "&amp;") ==
+ escAsciiString+i) {
+ /* Convert EscAscii "&amp;" to two bytes */
+ newLen -= 8;
+ i += 4;
+ } else if ((PL_strstr(escAsciiString+i, "&#x") ==
+ escAsciiString+i)||
+ (PL_strstr(escAsciiString+i, "&#X") ==
+ escAsciiString+i)) {
+ if (((i+7) <= escAsciiLen)&&
+ (escAsciiString[i+7] == ';')) {
+ /* Convert &#xNNNN; to two bytes */
+ newLen -= 14;
+ i += 7;
+ } else if (((i+11) <= escAsciiLen)&&
+ (escAsciiString[i+11] == ';')) {
+ /* Convert &#xNNNNNNNN; to four bytes */
+ newLen -= 20;
+ i += 11;
+ } else {
+ PKIX_ERROR(PKIX_ILLEGALUSEOFAMP);
+ }
+ }
+ }
+
+ PKIX_CHECK(PKIX_PL_Malloc(newLen, pDest, plContext),
+ PKIX_MALLOCFAILED);
+
+ /* Copy into newly allocated space */
+ destPtr = (unsigned char *)*pDest;
+
+ i = 0;
+ while (i < escAsciiLen) {
+ /* Copy each byte until you hit a &amp; */
+ if (pkix_isPlaintext(escAsciiString[i], debug)) {
+ *destPtr++ = 0x00;
+ *destPtr++ = escAsciiString[i++];
+ } else if (PL_strstr(escAsciiString+i, "&amp;") ==
+ escAsciiString+i) {
+ /* Convert EscAscii "&amp;" to two bytes */
+ *destPtr++ = 0x00;
+ *destPtr++ = '&';
+ i += 5;
+ } else if (((PL_strstr(escAsciiString+i, "&#x") ==
+ escAsciiString+i)||
+ (PL_strstr(escAsciiString+i, "&#X") ==
+ escAsciiString+i))&&
+ ((i+7) <= escAsciiLen)) {
+
+ /* We're either looking at &#xNNNN; or &#xNNNNNNNN; */
+ charSize = (escAsciiString[i+7] == ';')?4:8;
+
+ /* Skip past the &#x */
+ i += 3;
+
+ /* Make sure there is a terminating semi-colon */
+ if (((i+charSize) > escAsciiLen)||
+ (escAsciiString[i+charSize] != ';')) {
+ PKIX_ERROR(PKIX_TRUNCATEDUNICODEINESCAPEDASCII);
+ }
+
+ for (j = 0; j < charSize; j++) {
+ if (!PKIX_ISXDIGIT
+ (escAsciiString[i+j])) {
+ PKIX_ERROR(PKIX_ILLEGALUNICODECHARACTER);
+ } else if (charSize == 8) {
+ x |= (pkix_hex2i
+ (escAsciiString[i+j]))
+ <<(4*(7-j));
+ }
+ }
+
+ testChar =
+ (pkix_hex2i(escAsciiString[i])<<4)|
+ pkix_hex2i(escAsciiString[i+1]);
+ testChar2 =
+ (pkix_hex2i(escAsciiString[i+2])<<4)|
+ pkix_hex2i(escAsciiString[i+3]);
+
+ if (charSize == 4) {
+ if ((testChar >= 0xD8)&&
+ (testChar <= 0xDF)) {
+ PKIX_ERROR(PKIX_ILLEGALSURROGATEPAIR);
+ } else if ((testChar == 0x00)&&
+ pkix_isPlaintext(testChar2, debug)) {
+ PKIX_ERROR(
+ PKIX_ILLEGALCHARACTERINESCAPEDASCII);
+ }
+ *destPtr++ = testChar;
+ *destPtr++ = testChar2;
+ } else if (charSize == 8) {
+ /* First two chars must be 0001-0010 */
+ if (!((testChar == 0x00)&&
+ ((testChar2 >= 0x01)&&
+ (testChar2 <= 0x10)))) {
+ PKIX_ERROR(
+ PKIX_ILLEGALCHARACTERINESCAPEDASCII);
+ }
+ /*
+ * Unicode Strings of the form:
+ * x = 0001 0000..0010 FFFF
+ * Encoded as pairs of UTF-16 where
+ * y = ((x - 0001 0000) / 400) + D800
+ * z = ((x - 0001 0000) % 400) + DC00
+ */
+ x -= 0x00010000;
+ y = (x/0x400)+ 0xD800;
+ z = (x%0x400)+ 0xDC00;
+
+ /* Copy four bytes */
+ *destPtr++ = (y&0xFF00)>>8;
+ *destPtr++ = (y&0x00FF);
+ *destPtr++ = (z&0xFF00)>>8;
+ *destPtr++ = (z&0x00FF);
+ }
+ /* Move past the Hex digits and the semi-colon */
+ i += charSize+1;
+ } else {
+ /* Do not allow any other non-plaintext character */
+ PKIX_ERROR(PKIX_ILLEGALCHARACTERINESCAPEDASCII);
+ }
+ }
+
+ *pLength = newLen;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_FREE(*pDest);
+ }
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_UTF16_to_UTF8
+ * DESCRIPTION:
+ *
+ * Converts array of bytes pointed to by "utf16String" with length of
+ * "utf16Length" into a freshly allocated UTF-8 string and stores a pointer
+ * to that string at "pDest" and stores the string's length at "pLength" (not
+ * counting the null terminator, if requested. The caller is responsible for
+ * freeing "pDest" using PKIX_PL_Free.
+ *
+ * PARAMETERS:
+ * "utf16String"
+ * Address of array of bytes representing data source. Must be non-NULL.
+ * "utf16Length"
+ * Length of data source. Must be even.
+ * "null-term"
+ * Boolean value indicating whether output should be null-terminated.
+ * "pDest"
+ * Address where data will be stored. Must be non-NULL.
+ * "pLength"
+ * Address where data length will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_UTF16_to_UTF8(
+ const void *utf16String,
+ PKIX_UInt32 utf16Length,
+ PKIX_Boolean null_term,
+ void **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ PKIX_Boolean result;
+ PKIX_UInt32 reallocLen;
+ char *endPtr = NULL;
+
+ PKIX_ENTER(STRING, "pkix_UTF16_to_UTF8");
+ PKIX_NULLCHECK_THREE(utf16String, pDest, pLength);
+
+ /* XXX How big can a UTF8 string be compared to a UTF16? */
+ PKIX_CHECK(PKIX_PL_Calloc(1, utf16Length*2, pDest, plContext),
+ PKIX_CALLOCFAILED);
+
+ PKIX_STRING_DEBUG("\tCalling PORT_UCS2_UTF8Conversion).\n");
+ result = PORT_UCS2_UTF8Conversion
+ (PKIX_FALSE, /* False = From UCS2 */
+ (unsigned char *)utf16String,
+ utf16Length,
+ (unsigned char *)*pDest,
+ utf16Length*2, /* Max Size */
+ pLength);
+ if (result == PR_FALSE){
+ PKIX_ERROR(PKIX_PORTUCS2UTF8CONVERSIONFAILED);
+ }
+
+ reallocLen = *pLength;
+
+ if (null_term){
+ reallocLen++;
+ }
+
+ PKIX_CHECK(PKIX_PL_Realloc(*pDest, reallocLen, pDest, plContext),
+ PKIX_REALLOCFAILED);
+
+ if (null_term){
+ endPtr = (char*)*pDest + reallocLen - 1;
+ *endPtr = '\0';
+ }
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_FREE(*pDest);
+ }
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_UTF8_to_UTF16
+ * DESCRIPTION:
+ *
+ * Converts array of bytes pointed to by "utf8String" with length of
+ * "utf8Length" into a freshly allocated UTF-16 string and stores a pointer
+ * to that string at "pDest" and stores the string's length at "pLength". The
+ * caller is responsible for freeing "pDest" using PKIX_PL_Free.
+ *
+ * PARAMETERS:
+ * "utf8String"
+ * Address of array of bytes representing data source. Must be non-NULL.
+ * "utf8Length"
+ * Length of data source. Must be even.
+ * "pDest"
+ * Address where data will be stored. Must be non-NULL.
+ * "pLength"
+ * Address where data length will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a String Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_UTF8_to_UTF16(
+ const void *utf8String,
+ PKIX_UInt32 utf8Length,
+ void **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ PKIX_Boolean result;
+
+ PKIX_ENTER(STRING, "pkix_UTF8_to_UTF16");
+ PKIX_NULLCHECK_THREE(utf8String, pDest, pLength);
+
+ /* XXX How big can a UTF8 string be compared to a UTF16? */
+ PKIX_CHECK(PKIX_PL_Calloc(1, utf8Length*2, pDest, plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_STRING_DEBUG("\tCalling PORT_UCS2_UTF8Conversion).\n");
+ result = PORT_UCS2_UTF8Conversion
+ (PKIX_TRUE, /* True = From UTF8 */
+ (unsigned char *)utf8String,
+ utf8Length,
+ (unsigned char *)*pDest,
+ utf8Length*2, /* Max Size */
+ pLength);
+ if (result == PR_FALSE){
+ PKIX_ERROR(PKIX_PORTUCS2UTF8CONVERSIONFAILED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Realloc(*pDest, *pLength, pDest, plContext),
+ PKIX_REALLOCFAILED);
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_FREE(*pDest);
+ }
+
+ PKIX_RETURN(STRING);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h
new file mode 100755
index 000000000..2946e07a6
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h
@@ -0,0 +1,159 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_common.h
+ *
+ * Common central header file included by all PL source files
+ *
+ */
+
+#ifndef _PKIX_PL_COMMON_H
+#define _PKIX_PL_COMMON_H
+
+/* PKIX HEADERS */
+#include "pkix_tools.h"
+
+/* NSS headers */
+#include "nss.h"
+#include "secport.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "base64.h"
+#include "cert.h"
+#include "certdb.h"
+#include "genname.h"
+#include "xconst.h"
+#include "keyhi.h"
+#include "ocsp.h"
+#include "ocspt.h"
+#include "pk11pub.h"
+#include "pkcs11.h"
+#include "pkcs11t.h"
+#include "prio.h"
+
+/* NSPR headers */
+#include "nspr.h"
+
+/* private PKIX_PL_NSS system headers */
+#include "pkix_pl_object.h"
+#include "pkix_pl_string.h"
+#ifndef NSS_PKIX_NO_LDAP
+#include "pkix_pl_ldapt.h"
+#endif /* !NSS_PKIX_NO_LDAP */
+#include "pkix_pl_aiamgr.h"
+#include "pkix_pl_bigint.h"
+#include "pkix_pl_oid.h"
+#include "pkix_pl_x500name.h"
+#include "pkix_pl_generalname.h"
+#include "pkix_pl_publickey.h"
+#include "pkix_pl_bytearray.h"
+#include "pkix_pl_date.h"
+#include "pkix_pl_primhash.h"
+#include "pkix_pl_basicconstraints.h"
+#include "pkix_pl_bytearray.h"
+#include "pkix_pl_cert.h"
+#include "pkix_pl_certpolicyinfo.h"
+#include "pkix_pl_certpolicymap.h"
+#include "pkix_pl_certpolicyqualifier.h"
+#include "pkix_pl_crldp.h"
+#include "pkix_pl_crl.h"
+#include "pkix_pl_crlentry.h"
+#include "pkix_pl_nameconstraints.h"
+#include "pkix_pl_ocsprequest.h"
+#include "pkix_pl_ocspresponse.h"
+#include "pkix_pl_pk11certstore.h"
+#include "pkix_pl_socket.h"
+#ifndef NSS_PKIX_NO_LDAP
+#include "pkix_pl_ldapcertstore.h"
+#include "pkix_pl_ldaprequest.h"
+#include "pkix_pl_ldapresponse.h"
+#endif /* !NSS_PKIX_NO_LDAP */
+#include "pkix_pl_nsscontext.h"
+#include "pkix_pl_httpcertstore.h"
+#include "pkix_pl_httpdefaultclient.h"
+#include "pkix_pl_infoaccess.h"
+#include "pkix_sample_modules.h"
+
+#define MAX_DIGITS_32 (PKIX_UInt32) 10
+
+#define PKIX_PL_NSSCALL(type, func, args) \
+ PKIX_ ## type ## _DEBUG_ARG("( Calling %s).\n", #func); \
+ (func args)
+
+#define PKIX_PL_NSSCALLRV(type, lvalue, func, args) \
+ PKIX_ ## type ## _DEBUG_ARG("( Calling %s).\n", #func); \
+ lvalue = (func args)
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_LockObject(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+PKIX_Error *
+pkix_UnlockObject(
+ PKIX_PL_Object *object,
+ void *plContext);
+
+PKIX_Boolean
+pkix_pl_UInt32_Overflows(char *string);
+
+PKIX_Error *
+pkix_pl_helperBytes2Ascii(
+ PKIX_UInt32 *tokens,
+ PKIX_UInt32 numTokens,
+ char **pAscii,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_ipAddrBytes2Ascii(
+ SECItem *secItem,
+ char **pAscii,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_oidBytes2Ascii(
+ SECItem *secItem,
+ char **pAscii,
+ void *plContext);
+
+/* --String-Encoding-Conversion-Functions------------------------ */
+
+PKIX_Error *
+pkix_UTF16_to_EscASCII(
+ const void *utf16String,
+ PKIX_UInt32 utf16Length,
+ PKIX_Boolean debug,
+ char **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+PKIX_Error *
+pkix_EscASCII_to_UTF16(
+ const char *escAsciiString,
+ PKIX_UInt32 escAsciiLen,
+ PKIX_Boolean debug,
+ void **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+PKIX_Error *
+pkix_UTF16_to_UTF8(
+ const void *utf16String,
+ PKIX_UInt32 utf16Length,
+ PKIX_Boolean null_Term,
+ void **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+PKIX_Error *
+pkix_UTF8_to_UTF16(
+ const void *utf8Source,
+ PKIX_UInt32 utf8Length,
+ void **pDest,
+ PKIX_UInt32 *pLength,
+ void *plContext);
+
+#endif /* _PKIX_PL_COMMON_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_error.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_error.c
new file mode 100644
index 000000000..2631aed03
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_error.c
@@ -0,0 +1,26 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_error.c
+ *
+ * PL error functions
+ *
+ */
+
+#include "pkix_pl_common.h"
+
+#undef PKIX_ERRORENTRY
+
+#define PKIX_ERRORENTRY(name,desc,plerr) plerr
+
+const PKIX_Int32 PKIX_PLErrorIndex[] =
+{
+#include "pkix_errorstrings.h"
+};
+
+int
+PKIX_PL_GetPLErrorCode()
+{
+ return PORT_GetError();
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.c
new file mode 100755
index 000000000..260365375
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.c
@@ -0,0 +1,383 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_hashtable.c
+ *
+ * Hashtable Object Functions
+ *
+ */
+
+#include "pkix_pl_hashtable.h"
+
+/* --Private-Structure-------------------------------------------- */
+
+struct PKIX_PL_HashTableStruct {
+ pkix_pl_PrimHashTable *primHash;
+ PKIX_PL_Mutex *tableLock;
+ PKIX_UInt32 maxEntriesPerBucket;
+};
+
+/* --Private-Functions-------------------------------------------- */
+
+#define PKIX_MUTEX_UNLOCK(mutex) \
+ do { \
+ if (mutex && lockedMutex == (PKIX_PL_Mutex *)(mutex)) { \
+ pkixTempResult = \
+ PKIX_PL_Mutex_Unlock((mutex), plContext); \
+ PORT_Assert(pkixTempResult == NULL); \
+ if (pkixTempResult) { \
+ PKIX_DoAddError(&stdVars, pkixTempResult, plContext); \
+ pkixTempResult = NULL; \
+ } \
+ lockedMutex = NULL; \
+ } else { \
+ PORT_Assert(lockedMutex == NULL); \
+ }\
+ } while (0)
+
+
+#define PKIX_MUTEX_LOCK(mutex) \
+ do { \
+ if (mutex){ \
+ PORT_Assert(lockedMutex == NULL); \
+ PKIX_CHECK(PKIX_PL_Mutex_Lock((mutex), plContext), \
+ PKIX_MUTEXLOCKFAILED); \
+ lockedMutex = (mutex); \
+ } \
+ } while (0)
+
+/*
+ * FUNCTION: pkix_pl_HashTable_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_HashTable_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_HashTable *ht = NULL;
+ pkix_pl_HT_Elem *item = NULL;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_HashTable_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_HASHTABLE_TYPE, plContext),
+ PKIX_OBJECTNOTHASHTABLE);
+
+ ht = (PKIX_PL_HashTable*) object;
+
+ /* DecRef every object in the primitive hash table */
+ for (i = 0; i < ht->primHash->size; i++) {
+ for (item = ht->primHash->buckets[i];
+ item != NULL;
+ item = item->next) {
+ PKIX_DECREF(item->key);
+ PKIX_DECREF(item->value);
+ }
+ }
+
+ PKIX_CHECK(pkix_pl_PrimHashTable_Destroy(ht->primHash, plContext),
+ PKIX_PRIMHASHTABLEDESTROYFAILED);
+
+ PKIX_DECREF(ht->tableLock);
+
+cleanup:
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: pkix_pl_HashTable_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_HASHTABLE_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_HashTable_RegisterSelf(
+ void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_HashTable_RegisterSelf");
+
+ entry.description = "HashTable";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_HashTable);
+ entry.destructor = pkix_pl_HashTable_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_HASHTABLE_TYPE] = entry;
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Create (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Create(
+ PKIX_UInt32 numBuckets,
+ PKIX_UInt32 maxEntriesPerBucket,
+ PKIX_PL_HashTable **pResult,
+ void *plContext)
+{
+ PKIX_PL_HashTable *hashTable = NULL;
+
+ PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Create");
+ PKIX_NULLCHECK_ONE(pResult);
+
+ if (numBuckets == 0) {
+ PKIX_ERROR(PKIX_NUMBUCKETSEQUALSZERO);
+ }
+
+ /* Allocate a new hashtable */
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_HASHTABLE_TYPE,
+ sizeof (PKIX_PL_HashTable),
+ (PKIX_PL_Object **)&hashTable,
+ plContext),
+ PKIX_COULDNOTCREATEHASHTABLEOBJECT);
+
+ /* Create the underlying primitive hash table type */
+ PKIX_CHECK(pkix_pl_PrimHashTable_Create
+ (numBuckets, &hashTable->primHash, plContext),
+ PKIX_PRIMHASHTABLECREATEFAILED);
+
+ /* Create a lock for this table */
+ PKIX_CHECK(PKIX_PL_Mutex_Create(&hashTable->tableLock, plContext),
+ PKIX_ERRORCREATINGTABLELOCK);
+
+ hashTable->maxEntriesPerBucket = maxEntriesPerBucket;
+
+ *pResult = hashTable;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(hashTable);
+ }
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Add (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Add(
+ PKIX_PL_HashTable *ht,
+ PKIX_PL_Object *key,
+ PKIX_PL_Object *value,
+ void *plContext)
+{
+ PKIX_PL_Mutex *lockedMutex = NULL;
+ PKIX_PL_Object *deletedKey = NULL;
+ PKIX_PL_Object *deletedValue = NULL;
+ PKIX_UInt32 hashCode;
+ PKIX_PL_EqualsCallback keyComp;
+ PKIX_UInt32 bucketSize = 0;
+
+ PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Add");
+
+#if !defined(PKIX_OBJECT_LEAK_TEST)
+ PKIX_NULLCHECK_THREE(ht, key, value);
+#else
+ PKIX_NULLCHECK_TWO(key, value);
+
+ if (ht == NULL) {
+ PKIX_RETURN(HASHTABLE);
+ }
+#endif
+ /* Insert into primitive hashtable */
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode(key, &hashCode, plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(pkix_pl_Object_RetrieveEqualsCallback
+ (key, &keyComp, plContext),
+ PKIX_OBJECTRETRIEVEEQUALSCALLBACKFAILED);
+
+ PKIX_MUTEX_LOCK(ht->tableLock);
+
+ PKIX_CHECK(pkix_pl_PrimHashTable_GetBucketSize
+ (ht->primHash,
+ hashCode,
+ &bucketSize,
+ plContext),
+ PKIX_PRIMHASHTABLEGETBUCKETSIZEFAILED);
+
+ if (ht->maxEntriesPerBucket != 0 &&
+ bucketSize >= ht->maxEntriesPerBucket) {
+ /* drop the last one in the bucket */
+ PKIX_CHECK(pkix_pl_PrimHashTable_RemoveFIFO
+ (ht->primHash,
+ hashCode,
+ (void **) &deletedKey,
+ (void **) &deletedValue,
+ plContext),
+ PKIX_PRIMHASHTABLEGETBUCKETSIZEFAILED);
+ PKIX_DECREF(deletedKey);
+ PKIX_DECREF(deletedValue);
+ }
+
+ PKIX_CHECK(pkix_pl_PrimHashTable_Add
+ (ht->primHash,
+ (void *)key,
+ (void *)value,
+ hashCode,
+ keyComp,
+ plContext),
+ PKIX_PRIMHASHTABLEADDFAILED);
+
+ PKIX_INCREF(key);
+ PKIX_INCREF(value);
+ PKIX_MUTEX_UNLOCK(ht->tableLock);
+
+ /*
+ * we don't call PKIX_PL_InvalidateCache here b/c we have
+ * not implemented toString or hashcode for this Object
+ */
+
+cleanup:
+
+ PKIX_MUTEX_UNLOCK(ht->tableLock);
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Remove (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Remove(
+ PKIX_PL_HashTable *ht,
+ PKIX_PL_Object *key,
+ void *plContext)
+{
+ PKIX_PL_Mutex *lockedMutex = NULL;
+ PKIX_PL_Object *origKey = NULL;
+ PKIX_PL_Object *value = NULL;
+ PKIX_UInt32 hashCode;
+ PKIX_PL_EqualsCallback keyComp;
+
+ PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Remove");
+
+#if !defined(PKIX_OBJECT_LEAK_TEST)
+ PKIX_NULLCHECK_TWO(ht, key);
+#else
+ PKIX_NULLCHECK_ONE(key);
+
+ if (ht == NULL) {
+ PKIX_RETURN(HASHTABLE);
+ }
+#endif
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode(key, &hashCode, plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(pkix_pl_Object_RetrieveEqualsCallback
+ (key, &keyComp, plContext),
+ PKIX_OBJECTRETRIEVEEQUALSCALLBACKFAILED);
+
+ PKIX_MUTEX_LOCK(ht->tableLock);
+
+ /* Remove from primitive hashtable */
+ PKIX_CHECK(pkix_pl_PrimHashTable_Remove
+ (ht->primHash,
+ (void *)key,
+ hashCode,
+ keyComp,
+ (void **)&origKey,
+ (void **)&value,
+ plContext),
+ PKIX_PRIMHASHTABLEREMOVEFAILED);
+
+ PKIX_MUTEX_UNLOCK(ht->tableLock);
+
+ PKIX_DECREF(origKey);
+ PKIX_DECREF(value);
+
+ /*
+ * we don't call PKIX_PL_InvalidateCache here b/c we have
+ * not implemented toString or hashcode for this Object
+ */
+
+cleanup:
+
+ PKIX_MUTEX_UNLOCK(ht->tableLock);
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: PKIX_PL_HashTable_Lookup (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_HashTable_Lookup(
+ PKIX_PL_HashTable *ht,
+ PKIX_PL_Object *key,
+ PKIX_PL_Object **pResult,
+ void *plContext)
+{
+ PKIX_PL_Mutex *lockedMutex = NULL;
+ PKIX_UInt32 hashCode;
+ PKIX_PL_EqualsCallback keyComp;
+ PKIX_PL_Object *result = NULL;
+
+ PKIX_ENTER(HASHTABLE, "PKIX_PL_HashTable_Lookup");
+
+#if !defined(PKIX_OBJECT_LEAK_TEST)
+ PKIX_NULLCHECK_THREE(ht, key, pResult);
+#else
+ PKIX_NULLCHECK_TWO(key, pResult);
+
+ if (ht == NULL) {
+ PKIX_RETURN(HASHTABLE);
+ }
+#endif
+
+ PKIX_CHECK(PKIX_PL_Object_Hashcode(key, &hashCode, plContext),
+ PKIX_OBJECTHASHCODEFAILED);
+
+ PKIX_CHECK(pkix_pl_Object_RetrieveEqualsCallback
+ (key, &keyComp, plContext),
+ PKIX_OBJECTRETRIEVEEQUALSCALLBACKFAILED);
+
+ PKIX_MUTEX_LOCK(ht->tableLock);
+
+ /* Lookup in primitive hashtable */
+ PKIX_CHECK(pkix_pl_PrimHashTable_Lookup
+ (ht->primHash,
+ (void *)key,
+ hashCode,
+ keyComp,
+ (void **)&result,
+ plContext),
+ PKIX_PRIMHASHTABLELOOKUPFAILED);
+
+ PKIX_INCREF(result);
+ PKIX_MUTEX_UNLOCK(ht->tableLock);
+
+ *pResult = result;
+
+cleanup:
+
+ PKIX_MUTEX_UNLOCK(ht->tableLock);
+
+ PKIX_RETURN(HASHTABLE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.h
new file mode 100755
index 000000000..479c62373
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_hashtable.h
@@ -0,0 +1,29 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_hashtable.h
+ *
+ * Hashtable Object Definition
+ *
+ */
+
+#ifndef _PKIX_PL_HASHTABLE_H
+#define _PKIX_PL_HASHTABLE_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_HashTable_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_HASHTABLE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c
new file mode 100755
index 000000000..70ed25d72
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c
@@ -0,0 +1,279 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_lifecycle.c
+ *
+ * Lifecycle Functions for the PKIX PL library.
+ *
+ */
+
+#include "pkix_pl_lifecycle.h"
+
+PKIX_Boolean pkix_pl_initialized = PKIX_FALSE;
+pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+PRLock *classTableLock;
+PRLogModuleInfo *pkixLog = NULL;
+
+/*
+ * PKIX_ALLOC_ERROR is a special error object hard-coded into the
+ * pkix_error.o object file. It is thrown if system memory cannot be
+ * allocated. PKIX_ALLOC_ERROR is immutable.
+ * IncRef, DecRef, and Settor functions cannot be called.
+ */
+
+/* Keep this structure definition here for its is used only once here */
+struct PKIX_Alloc_Error_ObjectStruct {
+ PKIX_PL_Object header;
+ PKIX_Error error;
+};
+typedef struct PKIX_Alloc_Error_ObjectStruct PKIX_Alloc_Error_Object;
+
+static const PKIX_Alloc_Error_Object pkix_Alloc_Error_Data = {
+ {
+ PKIX_MAGIC_HEADER, /* PRUint64 magicHeader */
+ (PKIX_UInt32)PKIX_ERROR_TYPE, /* PKIX_UInt32 type */
+ (PKIX_UInt32)1, /* PKIX_UInt32 references */
+ /* Warning! Cannot Ref Count with NULL lock */
+ (void *)0, /* PRLock *lock */
+ (PKIX_PL_String *)0, /* PKIX_PL_String *stringRep */
+ (PKIX_UInt32)0, /* PKIX_UInt32 hashcode */
+ (PKIX_Boolean)PKIX_FALSE, /* PKIX_Boolean hashcodeCached */
+ }, {
+ (PKIX_ERRORCODE)0, /* PKIX_ERRORCODE errCode; */
+ (PKIX_ERRORCLASS)PKIX_FATAL_ERROR,/* PKIX_ERRORCLASS errClass */
+ (PKIX_UInt32)SEC_ERROR_LIBPKIX_INTERNAL, /* default PL Error Code */
+ (PKIX_Error *)0, /* PKIX_Error *cause */
+ (PKIX_PL_Object *)0, /* PKIX_PL_Object *info */
+ }
+};
+
+PKIX_Error* PKIX_ALLOC_ERROR(void)
+{
+ return (PKIX_Error *)&pkix_Alloc_Error_Data.error;
+}
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+SECStatus
+pkix_pl_lifecycle_ObjectTableUpdate(int *objCountTable)
+{
+ int typeCounter = 0;
+
+ for (; typeCounter < PKIX_NUMTYPES; typeCounter++) {
+ pkix_ClassTable_Entry *entry = &systemClasses[typeCounter];
+
+ objCountTable[typeCounter] = entry->objCounter;
+ }
+
+ return SECSuccess;
+}
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+
+PKIX_UInt32
+pkix_pl_lifecycle_ObjectLeakCheck(int *initObjCountTable)
+{
+ unsigned int typeCounter = 0;
+ PKIX_UInt32 numObjects = 0;
+ char classNameBuff[128];
+ char *className = NULL;
+
+ for (; typeCounter < PKIX_NUMTYPES; typeCounter++) {
+ pkix_ClassTable_Entry *entry = &systemClasses[typeCounter];
+ PKIX_UInt32 objCountDiff = entry->objCounter;
+
+ if (initObjCountTable) {
+ PKIX_UInt32 initialCount = initObjCountTable[typeCounter];
+ objCountDiff = (entry->objCounter > initialCount) ?
+ entry->objCounter - initialCount : 0;
+ }
+
+ numObjects += objCountDiff;
+
+ if (!pkixLog || !objCountDiff) {
+ continue;
+ }
+ className = entry->description;
+ if (!className) {
+ className = classNameBuff;
+ PR_snprintf(className, 128, "Unknown(ref %d)",
+ entry->objCounter);
+ }
+
+ PR_LOG(pkixLog, 1, ("Class %s leaked %d objects of "
+ "size %d bytes, total = %d bytes\n", className,
+ objCountDiff, entry->typeObjectSize,
+ objCountDiff * entry->typeObjectSize));
+ }
+
+ return numObjects;
+}
+
+/*
+ * PKIX_PL_Initialize (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Initialize(
+ PKIX_Boolean platformInitNeeded,
+ PKIX_Boolean useArenas,
+ void **pPlContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Initialize");
+
+ /*
+ * This function can only be called once. If it has already been
+ * called, we return a positive status.
+ */
+ if (pkix_pl_initialized) {
+ PKIX_RETURN(OBJECT);
+ }
+
+ classTableLock = PR_NewLock();
+ if (classTableLock == NULL) {
+ return PKIX_ALLOC_ERROR();
+ }
+
+ if (PR_GetEnvSecure("NSS_STRICT_SHUTDOWN")) {
+ pkixLog = PR_NewLogModule("pkix");
+ }
+ /*
+ * Register Object, it is the base object of all other objects.
+ */
+ pkix_pl_Object_RegisterSelf(plContext);
+
+ /*
+ * Register Error and String, since they will be needed if
+ * there is a problem in registering any other type.
+ */
+ pkix_Error_RegisterSelf(plContext);
+ pkix_pl_String_RegisterSelf(plContext);
+
+
+ /*
+ * We register all other system types
+ * (They don't need to be in order, but it's
+ * easier to keep track of what types are registered
+ * if we register them in the same order as their
+ * numbers, defined in pkixt.h.
+ */
+ pkix_pl_BigInt_RegisterSelf(plContext); /* 1-10 */
+ pkix_pl_ByteArray_RegisterSelf(plContext);
+ pkix_pl_HashTable_RegisterSelf(plContext);
+ pkix_List_RegisterSelf(plContext);
+ pkix_Logger_RegisterSelf(plContext);
+ pkix_pl_Mutex_RegisterSelf(plContext);
+ pkix_pl_OID_RegisterSelf(plContext);
+ pkix_pl_RWLock_RegisterSelf(plContext);
+
+ pkix_pl_CertBasicConstraints_RegisterSelf(plContext); /* 11-20 */
+ pkix_pl_Cert_RegisterSelf(plContext);
+ pkix_pl_CRL_RegisterSelf(plContext);
+ pkix_pl_CRLEntry_RegisterSelf(plContext);
+ pkix_pl_Date_RegisterSelf(plContext);
+ pkix_pl_GeneralName_RegisterSelf(plContext);
+ pkix_pl_CertNameConstraints_RegisterSelf(plContext);
+ pkix_pl_PublicKey_RegisterSelf(plContext);
+ pkix_TrustAnchor_RegisterSelf(plContext);
+
+ pkix_pl_X500Name_RegisterSelf(plContext); /* 21-30 */
+ pkix_pl_HttpCertStoreContext_RegisterSelf(plContext);
+ pkix_BuildResult_RegisterSelf(plContext);
+ pkix_ProcessingParams_RegisterSelf(plContext);
+ pkix_ValidateParams_RegisterSelf(plContext);
+ pkix_ValidateResult_RegisterSelf(plContext);
+ pkix_CertStore_RegisterSelf(plContext);
+ pkix_CertChainChecker_RegisterSelf(plContext);
+ pkix_RevocationChecker_RegisterSelf(plContext);
+ pkix_CertSelector_RegisterSelf(plContext);
+
+ pkix_ComCertSelParams_RegisterSelf(plContext); /* 31-40 */
+ pkix_CRLSelector_RegisterSelf(plContext);
+ pkix_ComCRLSelParams_RegisterSelf(plContext);
+ pkix_pl_CertPolicyInfo_RegisterSelf(plContext);
+ pkix_pl_CertPolicyQualifier_RegisterSelf(plContext);
+ pkix_pl_CertPolicyMap_RegisterSelf(plContext);
+ pkix_PolicyNode_RegisterSelf(plContext);
+ pkix_TargetCertCheckerState_RegisterSelf(plContext);
+ pkix_BasicConstraintsCheckerState_RegisterSelf(plContext);
+ pkix_PolicyCheckerState_RegisterSelf(plContext);
+
+ pkix_pl_CollectionCertStoreContext_RegisterSelf(plContext); /* 41-50 */
+ pkix_CrlChecker_RegisterSelf(plContext);
+ pkix_ForwardBuilderState_RegisterSelf(plContext);
+ pkix_SignatureCheckerState_RegisterSelf(plContext);
+ pkix_NameConstraintsCheckerState_RegisterSelf(plContext);
+#ifndef NSS_PKIX_NO_LDAP
+ pkix_pl_LdapRequest_RegisterSelf(plContext);
+ pkix_pl_LdapResponse_RegisterSelf(plContext);
+ pkix_pl_LdapDefaultClient_RegisterSelf(plContext);
+#endif
+ pkix_pl_Socket_RegisterSelf(plContext);
+
+ pkix_ResourceLimits_RegisterSelf(plContext); /* 51-59 */
+ pkix_pl_MonitorLock_RegisterSelf(plContext);
+ pkix_pl_InfoAccess_RegisterSelf(plContext);
+ pkix_pl_AIAMgr_RegisterSelf(plContext);
+ pkix_OcspChecker_RegisterSelf(plContext);
+ pkix_pl_OcspCertID_RegisterSelf(plContext);
+ pkix_pl_OcspRequest_RegisterSelf(plContext);
+ pkix_pl_OcspResponse_RegisterSelf(plContext);
+ pkix_pl_HttpDefaultClient_RegisterSelf(plContext);
+ pkix_VerifyNode_RegisterSelf(plContext);
+ pkix_EkuChecker_RegisterSelf(plContext);
+ pkix_pl_CrlDp_RegisterSelf(plContext);
+
+ if (pPlContext) {
+ PKIX_CHECK(PKIX_PL_NssContext_Create
+ (0, useArenas, NULL, &plContext),
+ PKIX_NSSCONTEXTCREATEFAILED);
+
+ *pPlContext = plContext;
+ }
+
+ pkix_pl_initialized = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * PKIX_PL_Shutdown (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Shutdown(void *plContext)
+{
+#ifdef DEBUG
+ PKIX_UInt32 numLeakedObjects = 0;
+#endif
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Shutdown");
+
+ if (!pkix_pl_initialized) {
+ /* The library was not initilized */
+ PKIX_RETURN(OBJECT);
+ }
+
+ PR_DestroyLock(classTableLock);
+
+ pkix_pl_HttpCertStore_Shutdown(plContext);
+
+#ifdef DEBUG
+ numLeakedObjects = pkix_pl_lifecycle_ObjectLeakCheck(NULL);
+ if (PR_GetEnvSecure("NSS_STRICT_SHUTDOWN")) {
+ PORT_Assert(numLeakedObjects == 0);
+ }
+#else
+ pkix_pl_lifecycle_ObjectLeakCheck(NULL);
+#endif
+
+ if (plContext != NULL) {
+ PKIX_PL_NssContext_Destroy(plContext);
+ }
+
+ pkix_pl_initialized = PKIX_FALSE;
+
+ PKIX_RETURN(OBJECT);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h
new file mode 100755
index 000000000..9660af123
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h
@@ -0,0 +1,91 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_lifecycle.h
+ *
+ * Lifecycle Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_LIFECYCLE_H
+#define _PKIX_PL_LIFECYCLE_H
+
+#include "pkix_pl_common.h"
+#include "pkix_pl_oid.h"
+#include "pkix_pl_aiamgr.h"
+#include "pkix_pl_bigint.h"
+#include "pkix_pl_bytearray.h"
+#include "pkix_pl_hashtable.h"
+#include "pkix_pl_mutex.h"
+#include "pkix_pl_rwlock.h"
+#include "pkix_pl_monitorlock.h"
+#include "pkix_pl_string.h"
+#include "pkix_pl_cert.h"
+#include "pkix_pl_x500name.h"
+#include "pkix_pl_generalname.h"
+#include "pkix_pl_publickey.h"
+#include "pkix_pl_date.h"
+#include "pkix_pl_basicconstraints.h"
+#include "pkix_pl_certpolicyinfo.h"
+#include "pkix_pl_certpolicymap.h"
+#include "pkix_pl_certpolicyqualifier.h"
+#include "pkix_pl_crlentry.h"
+#include "pkix_pl_crl.h"
+#include "pkix_pl_colcertstore.h"
+#ifndef NSS_PKIX_NO_LDAP
+#include "pkix_pl_ldapcertstore.h"
+#include "pkix_pl_ldapdefaultclient.h"
+#include "pkix_pl_ldaprequest.h"
+#include "pkix_pl_ldapresponse.h"
+#endif /* !NSS_PKIX_NO_LDAP */
+#include "pkix_pl_socket.h"
+#include "pkix_pl_infoaccess.h"
+#include "pkix_store.h"
+#include "pkix_error.h"
+#include "pkix_logger.h"
+#include "pkix_list.h"
+#include "pkix_trustanchor.h"
+#include "pkix_procparams.h"
+#include "pkix_valparams.h"
+#include "pkix_valresult.h"
+#include "pkix_verifynode.h"
+#include "pkix_resourcelimits.h"
+#include "pkix_certchainchecker.h"
+#include "pkix_revocationchecker.h"
+#include "pkix_certselector.h"
+#include "pkix_comcertselparams.h"
+#include "pkix_crlselector.h"
+#include "pkix_comcrlselparams.h"
+#include "pkix_targetcertchecker.h"
+#include "pkix_basicconstraintschecker.h"
+#include "pkix_policynode.h"
+#include "pkix_policychecker.h"
+#include "pkix_crlchecker.h"
+#include "pkix_signaturechecker.h"
+#include "pkix_buildresult.h"
+#include "pkix_build.h"
+#include "pkix_pl_nameconstraints.h"
+#include "pkix_nameconstraintschecker.h"
+#include "pkix_ocspchecker.h"
+#include "pkix_pl_ocspcertid.h"
+#include "pkix_pl_ocsprequest.h"
+#include "pkix_pl_ocspresponse.h"
+#include "pkix_pl_httpdefaultclient.h"
+#include "pkix_pl_httpcertstore.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_InitializeParamsStruct {
+ PKIX_List *loggers;
+ PKIX_UInt32 majorVersion;
+ PKIX_UInt32 minorVersion;
+};
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_LIFECYCLE_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.c
new file mode 100755
index 000000000..d75c0be26
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.c
@@ -0,0 +1,168 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_mem.c
+ *
+ * Memory Management Functions
+ *
+ */
+
+#include "pkix_pl_mem.h"
+
+/*
+ * FUNCTION: PKIX_PL_Malloc (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Malloc(
+ PKIX_UInt32 size,
+ void **pMemory,
+ void *plContext)
+{
+ PKIX_PL_NssContext *nssContext = NULL;
+ void *result = NULL;
+
+ PKIX_ENTER(MEM, "PKIX_PL_Malloc");
+ PKIX_NULLCHECK_ONE(pMemory);
+
+ if (size == 0){
+ *pMemory = NULL;
+ } else {
+
+ nssContext = (PKIX_PL_NssContext *)plContext;
+
+ if (nssContext != NULL && nssContext->arena != NULL) {
+ PKIX_MEM_DEBUG("\tCalling PORT_ArenaAlloc.\n");
+ *pMemory = PORT_ArenaAlloc(nssContext->arena, size);
+ } else {
+ PKIX_MEM_DEBUG("\tCalling PR_Malloc.\n");
+ result = (void *) PR_Malloc(size);
+
+ if (result == NULL) {
+ PKIX_MEM_DEBUG("Fatal Error Occurred: "
+ "PR_Malloc failed.\n");
+ PKIX_ERROR_ALLOC_ERROR();
+ } else {
+ *pMemory = result;
+ }
+ }
+ }
+
+cleanup:
+ PKIX_RETURN(MEM);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Calloc (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Calloc(
+ PKIX_UInt32 nElem,
+ PKIX_UInt32 elSize,
+ void **pMemory,
+ void *plContext)
+{
+ PKIX_PL_NssContext *nssContext = NULL;
+ void *result = NULL;
+
+ PKIX_ENTER(MEM, "PKIX_PL_Calloc");
+ PKIX_NULLCHECK_ONE(pMemory);
+
+ if ((nElem == 0) || (elSize == 0)){
+ *pMemory = NULL;
+ } else {
+
+ nssContext = (PKIX_PL_NssContext *)plContext;
+
+ if (nssContext != NULL && nssContext->arena != NULL) {
+ PKIX_MEM_DEBUG("\tCalling PORT_ArenaAlloc.\n");
+ *pMemory = PORT_ArenaAlloc(nssContext->arena, elSize);
+ } else {
+ PKIX_MEM_DEBUG("\tCalling PR_Calloc.\n");
+ result = (void *) PR_Calloc(nElem, elSize);
+
+ if (result == NULL) {
+ PKIX_MEM_DEBUG("Fatal Error Occurred: "
+ "PR_Calloc failed.\n");
+ PKIX_ERROR_ALLOC_ERROR();
+ } else {
+ *pMemory = result;
+ }
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(MEM);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Realloc (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Realloc(
+ void *ptr,
+ PKIX_UInt32 size,
+ void **pMemory,
+ void *plContext)
+{
+ PKIX_PL_NssContext *nssContext = NULL;
+ void *result = NULL;
+
+ PKIX_ENTER(MEM, "PKIX_PL_Realloc");
+ PKIX_NULLCHECK_ONE(pMemory);
+
+ nssContext = (PKIX_PL_NssContext *)plContext;
+
+ if (nssContext != NULL && nssContext->arena != NULL) {
+ PKIX_MEM_DEBUG("\tCalling PORT_ArenaAlloc.\n");
+ result = PORT_ArenaAlloc(nssContext->arena, size);
+
+ if (result){
+ PKIX_MEM_DEBUG("\tCalling PORT_Memcpy.\n");
+ PORT_Memcpy(result, ptr, size);
+ }
+ *pMemory = result;
+ } else {
+ PKIX_MEM_DEBUG("\tCalling PR_Realloc.\n");
+ result = (void *) PR_Realloc(ptr, size);
+
+ if (result == NULL) {
+ if (size == 0){
+ *pMemory = NULL;
+ } else {
+ PKIX_MEM_DEBUG
+ ("Fatal Error Occurred: "
+ "PR_Realloc failed.\n");
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+ } else {
+ *pMemory = result;
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(MEM);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Free (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Free(
+ void *ptr,
+ /* ARGSUSED */ void *plContext)
+{
+ PKIX_PL_NssContext *context = NULL;
+
+ PKIX_ENTER(MEM, "PKIX_PL_Free");
+
+ context = (PKIX_PL_NssContext *) plContext;
+ if (context == NULL || context->arena == NULL) {
+ PKIX_MEM_DEBUG("\tCalling PR_Free.\n");
+ (void) PR_Free(ptr);
+ }
+
+ PKIX_RETURN(MEM);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.h
new file mode 100755
index 000000000..eaec6246c
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mem.h
@@ -0,0 +1,24 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_mem.h
+ *
+ * Memory Management Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_MEM_H
+#define _PKIX_PL_MEM_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_MEM_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.c
new file mode 100755
index 000000000..a5d2fc962
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.c
@@ -0,0 +1,136 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_monitorlock.c
+ *
+ * Read/Write Lock Functions
+ *
+ */
+
+#include "pkix_pl_monitorlock.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+static PKIX_Error *
+pkix_pl_MonitorLock_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_MonitorLock* monitorLock = NULL;
+
+ PKIX_ENTER(MONITORLOCK, "pkix_pl_MonitorLock_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_MONITORLOCK_TYPE, plContext),
+ PKIX_OBJECTNOTMONITORLOCK);
+
+ monitorLock = (PKIX_PL_MonitorLock*) object;
+
+ PKIX_MONITORLOCK_DEBUG("Calling PR_DestroyMonitor)\n");
+ PR_DestroyMonitor(monitorLock->lock);
+ monitorLock->lock = NULL;
+
+cleanup:
+
+ PKIX_RETURN(MONITORLOCK);
+}
+
+/*
+ * FUNCTION: pkix_pl_MonitorLock_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_MONITORLOCK_TYPE and its related functions with
+ * systemClasses[].
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_MonitorLock_RegisterSelf(
+ void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(MONITORLOCK, "pkix_pl_MonitorLock_RegisterSelf");
+
+ entry.description = "MonitorLock";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_MonitorLock);
+ entry.destructor = pkix_pl_MonitorLock_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_MONITORLOCK_TYPE] = entry;
+
+ PKIX_RETURN(MONITORLOCK);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+PKIX_Error *
+PKIX_PL_MonitorLock_Create(
+ PKIX_PL_MonitorLock **pNewLock,
+ void *plContext)
+{
+ PKIX_PL_MonitorLock *monitorLock = NULL;
+
+ PKIX_ENTER(MONITORLOCK, "PKIX_PL_MonitorLock_Create");
+ PKIX_NULLCHECK_ONE(pNewLock);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_MONITORLOCK_TYPE,
+ sizeof (PKIX_PL_MonitorLock),
+ (PKIX_PL_Object **)&monitorLock,
+ plContext),
+ PKIX_ERRORALLOCATINGMONITORLOCK);
+
+ PKIX_MONITORLOCK_DEBUG("\tCalling PR_NewMonitor)\n");
+ monitorLock->lock = PR_NewMonitor();
+
+ if (monitorLock->lock == NULL) {
+ PKIX_DECREF(monitorLock);
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ *pNewLock = monitorLock;
+
+cleanup:
+
+ PKIX_RETURN(MONITORLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_MonitorLock_Enter(
+ PKIX_PL_MonitorLock *monitorLock,
+ void *plContext)
+{
+ PKIX_ENTER_NO_LOGGER(MONITORLOCK, "PKIX_PL_MonitorLock_Enter");
+ PKIX_NULLCHECK_ONE(monitorLock);
+
+ PKIX_MONITORLOCK_DEBUG("\tCalling PR_EnterMonitor)\n");
+ (void) PR_EnterMonitor(monitorLock->lock);
+
+ PKIX_RETURN_NO_LOGGER(MONITORLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_MonitorLock_Exit(
+ PKIX_PL_MonitorLock *monitorLock,
+ void *plContext)
+{
+ PKIX_ENTER_NO_LOGGER(MONITORLOCK, "PKIX_PL_MonitorLock_Exit");
+ PKIX_NULLCHECK_ONE(monitorLock);
+
+ PKIX_MONITORLOCK_DEBUG("\tCalling PR_ExitMonitor)\n");
+ PR_ExitMonitor(monitorLock->lock);
+
+ PKIX_RETURN_NO_LOGGER(MONITORLOCK);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.h
new file mode 100755
index 000000000..76ac539ad
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_monitorlock.h
@@ -0,0 +1,33 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_monitorlock.h
+ *
+ * Read/Write Lock Definition
+ *
+ */
+
+#ifndef _PKIX_PL_MONITORLOCK_H
+#define _PKIX_PL_MONITORLOCK_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_MonitorLockStruct {
+ PRMonitor* lock;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_MonitorLock_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_MONITORLOCK_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.c
new file mode 100755
index 000000000..07d13695b
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.c
@@ -0,0 +1,163 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_mutex.c
+ *
+ * Mutual Exclusion (Lock) Object Functions
+ *
+ */
+
+#include "pkix_pl_mutex.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_Mutex_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_Mutex_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Mutex *mutex = NULL;
+
+ PKIX_ENTER(MUTEX, "pkix_pl_Mutex_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Sanity check: Test that "object" is a mutex */
+ PKIX_CHECK(pkix_CheckType(object, PKIX_MUTEX_TYPE, plContext),
+ PKIX_OBJECTNOTMUTEX);
+
+ mutex = (PKIX_PL_Mutex*) object;
+
+ PKIX_MUTEX_DEBUG("\tCalling PR_DestroyLock).\n");
+ PR_DestroyLock(mutex->lock);
+ mutex->lock = NULL;
+
+cleanup:
+
+ PKIX_RETURN(MUTEX);
+}
+
+/*
+ * FUNCTION: pkix_pl_Mutex_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_MUTEX_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_Mutex_RegisterSelf(
+ /* ARGSUSED */ void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(MUTEX, "pkix_pl_Mutex_RegisterSelf");
+
+ entry.description = "Mutex";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_Mutex);
+ entry.destructor = pkix_pl_Mutex_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_MUTEX_TYPE] = entry;
+
+ PKIX_RETURN(MUTEX);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_Mutex_Create (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Mutex_Create(
+ PKIX_PL_Mutex **pNewLock,
+ void *plContext)
+{
+ PKIX_PL_Mutex *mutex = NULL;
+
+ PKIX_ENTER(MUTEX, "PKIX_PL_Mutex_Create");
+ PKIX_NULLCHECK_ONE(pNewLock);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_MUTEX_TYPE,
+ sizeof (PKIX_PL_Mutex),
+ (PKIX_PL_Object **)&mutex,
+ plContext),
+ PKIX_COULDNOTCREATELOCKOBJECT);
+
+ PKIX_MUTEX_DEBUG("\tCalling PR_NewLock).\n");
+ mutex->lock = PR_NewLock();
+
+ /* If an error occurred in NSPR, report it here */
+ if (mutex->lock == NULL) {
+ PKIX_DECREF(mutex);
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+
+ *pNewLock = mutex;
+
+cleanup:
+
+ PKIX_RETURN(MUTEX);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Mutex_Lock (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Mutex_Lock(
+ PKIX_PL_Mutex *mutex,
+ void *plContext)
+{
+ PKIX_ENTER(MUTEX, "PKIX_PL_Mutex_Lock");
+ PKIX_NULLCHECK_ONE(mutex);
+
+ PKIX_MUTEX_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(mutex->lock);
+
+ PKIX_MUTEX_DEBUG_ARG("(Thread %u just acquired the lock)\n",
+ (PKIX_UInt32)PR_GetCurrentThread());
+
+ PKIX_RETURN(MUTEX);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Mutex_Unlock (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Mutex_Unlock(
+ PKIX_PL_Mutex *mutex,
+ void *plContext)
+{
+ PRStatus result;
+
+ PKIX_ENTER(MUTEX, "PKIX_PL_Mutex_Unlock");
+ PKIX_NULLCHECK_ONE(mutex);
+
+ PKIX_MUTEX_DEBUG("\tCalling PR_Unlock).\n");
+ result = PR_Unlock(mutex->lock);
+
+ PKIX_MUTEX_DEBUG_ARG("(Thread %u just released the lock)\n",
+ (PKIX_UInt32)PR_GetCurrentThread());
+
+ if (result == PR_FAILURE) {
+ PKIX_ERROR_FATAL(PKIX_ERRORUNLOCKINGMUTEX);
+ }
+
+cleanup:
+ PKIX_RETURN(MUTEX);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.h
new file mode 100755
index 000000000..baf16fea9
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_mutex.h
@@ -0,0 +1,33 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_mutex.h
+ *
+ * Mutual Exclusion (Lock) Object Type Definition
+ *
+ */
+
+#ifndef _PKIX_PL_MUTEX_H
+#define _PKIX_PL_MUTEX_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_MutexStruct {
+ PRLock* lock;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_Mutex_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_MUTEX_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.c
new file mode 100755
index 000000000..7dafa0b20
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.c
@@ -0,0 +1,1440 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_object.c
+ *
+ * Object Construction, Destruction and Callback Functions
+ *
+ */
+
+#include "pkix_pl_object.h"
+
+#ifdef PKIX_USER_OBJECT_TYPE
+/* --Class-Table-Initializers------------------------------------ */
+
+/*
+ * Create storage space for 20 Class Table buckets.
+ * These are only for user-defined types. System types are registered
+ * separately by PKIX_PL_Initialize.
+ */
+
+static pkix_pl_HT_Elem*
+pkix_Raw_ClassTable_Buckets[] = {
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+/*
+ * Allocate static memory for a ClassTable.
+ * XXX This assumes the bucket pointer will fit into a PKIX_UInt32
+ */
+static pkix_pl_PrimHashTable pkix_Raw_ClassTable = {
+ (void *)pkix_Raw_ClassTable_Buckets, /* Buckets */
+ 20 /* Number of Buckets */
+};
+static pkix_pl_PrimHashTable * classTable = &pkix_Raw_ClassTable;
+#endif /* PKIX_USER_OBJECT_TYPE */
+
+/* --Private-Functions-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_Object_GetHeader
+ * DESCRIPTION:
+ *
+ * Shifts Object pointed to by "object" by the sizeof(PKIX_PL_Object) and
+ * stores the value at "pObjectHeader".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object to shift. Must be non-NULL.
+ * "pObjectHeader"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Object_GetHeader(
+ PKIX_PL_Object *object,
+ PKIX_PL_Object **pObjectHeader,
+ void *plContext)
+{
+ PKIX_PL_Object *header = NULL;
+ PKIX_UInt32 objType;
+
+ PKIX_ENTER(OBJECT, "pkix_pl_Object_GetHeader");
+ PKIX_NULLCHECK_TWO(object, pObjectHeader);
+
+ PKIX_OBJECT_DEBUG("\tShifting object pointer).\n");
+
+ /* The header is sizeof(PKIX_PL_Object) before the object pointer */
+ header = (PKIX_PL_Object *)((char *)object - sizeof(PKIX_PL_Object));
+
+ objType = header->type;
+
+ if (objType >= PKIX_NUMTYPES) { /* if this is a user-defined type */
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+
+ PKIX_CHECK(pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext),
+ PKIX_ERRORGETTINGCLASSTABLEENTRY);
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+
+ if (ctEntry == NULL) {
+ PKIX_ERROR_FATAL(PKIX_UNKNOWNOBJECTTYPE);
+ }
+#else
+ PORT_Assert(objType < PKIX_NUMTYPES);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ }
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ PORT_Assert(header && header->magicHeader == PKIX_MAGIC_HEADER);
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ if ((header == NULL)||
+ (header->magicHeader != PKIX_MAGIC_HEADER)) {
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+
+ *pObjectHeader = header;
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_Destroy_Object
+ * DESCRIPTION:
+ *
+ * Destroys and deallocates Object pointed to by "object". The caller is
+ * assumed to hold the Object's lock, which is acquired in
+ * PKIX_PL_Object_DecRef().
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object to destroy. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Object_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+
+ PKIX_ENTER(OBJECT, "pkix_pl_Object_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ PKIX_CHECK_FATAL(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+#else
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ /* Attempt to delete an object still being used */
+ if (objectHeader->references != 0) {
+ PKIX_ERROR_FATAL(PKIX_OBJECTSTILLREFERENCED);
+ }
+
+ PKIX_DECREF(objectHeader->stringRep);
+
+ /* Destroy this object's lock */
+ PKIX_OBJECT_DEBUG("\tCalling PR_DestroyLock).\n");
+ PR_DestroyLock(objectHeader->lock);
+ objectHeader->lock = NULL;
+ object = NULL;
+
+ objectHeader->magicHeader = PKIX_MAGIC_HEADER_DESTROYED;
+
+#ifdef PKIX_OBJECT_LEAK_TEST
+ memset(objectHeader, 0xbf, systemClasses[PKIX_OBJECT_TYPE].typeObjectSize);
+#endif
+
+ PKIX_FREE(objectHeader);
+
+cleanup:
+#ifdef PKIX_OBJECT_LEAK_TEST
+fatal:
+#endif
+
+ PKIX_RETURN(OBJECT);
+}
+
+/* --Default-Callbacks-------------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_Object_Equals_Default
+ * DESCRIPTION:
+ *
+ * Default Object_Equals callback: Compares the address of the Object pointed
+ * to by "firstObject" with the address of the Object pointed to by
+ * "secondObject" and stores the Boolean result at "pResult".
+ *
+ * PARAMETERS:
+ * "firstObject"
+ * Address of first Object to compare. Must be non-NULL.
+ * "secondObject"
+ * Address of second Object to compare. Must be non-NULL.
+ * "pResult"
+ * Address where Boolean result will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Object_Equals_Default(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_ENTER(OBJECT, "pkix_pl_Object_Equals_Default");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* Just compare pointer values */
+ *pResult = (firstObject == secondObject)?PKIX_TRUE:PKIX_FALSE;
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Object_ToString_Default
+ * DESCRIPTION:
+ *
+ * Default Object_ToString callback: Creates a string consisting of the
+ * typename and address of the Object pointed to by "object" and stores
+ * the result at "pString". The format for the string is
+ * "TypeName@Address: <address>", where the default typename is "Object".
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object to convert to a string. Must be non-NULL.
+ * "pString"
+ * Address where object pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Object_ToString_Default(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *formatString = NULL;
+ PKIX_PL_String *descString = NULL;
+ char *format = "%s@Address: %x";
+ char *description = NULL;
+ PKIX_UInt32 objType;
+
+ PKIX_ENTER(OBJECT, "pkix_pl_Object_ToString_Default");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(PKIX_PL_Object_GetType(object, &objType, plContext),
+ PKIX_OBJECTGETTYPEFAILED);
+
+ if (objType >= PKIX_NUMTYPES){
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL(PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if (ctEntry == NULL){
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDCLASSTABLEENTRY);
+ } else {
+ description = ctEntry->description;
+ if (description == NULL) {
+ description = "User Type Object";
+ }
+ }
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ description = systemClasses[objType].description;
+ }
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ (void *)format,
+ 0,
+ &formatString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII,
+ (void *)description,
+ 0,
+ &descString,
+ plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ PKIX_CHECK(PKIX_PL_Sprintf
+ (pString,
+ plContext,
+ formatString,
+ descString,
+ object),
+ PKIX_SPRINTFFAILED);
+
+cleanup:
+
+ PKIX_DECREF(formatString);
+ PKIX_DECREF(descString);
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Object_Hashcode_Default
+ * DESCRIPTION:
+ *
+ * Default Object_Hashcode callback. Creates the a hashcode value using the
+ * address of the Object pointed to by "object" and stores the result at
+ * "pValue".
+ *
+ * XXX This isn't great since addresses are not uniformly distributed.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object to compute hashcode for. Must be non-NULL.
+ * "pValue"
+ * Address where PKIX_UInt32 will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_Object_Hashcode_Default(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pValue,
+ void *plContext)
+{
+ PKIX_ENTER(OBJECT, "pkix_pl_Object_Hashcode_Default");
+ PKIX_NULLCHECK_TWO(object, pValue);
+
+ *pValue = (PKIX_UInt32)((char *)object - (char *)NULL);
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Object_RetrieveEqualsCallback
+ * DESCRIPTION:
+ *
+ * Retrieves Equals callback function of Object pointed to by "object and
+ * stores it at "pEqualsCallback". If the object's type is one of the system
+ * types, its callback function is retrieved from the systemClasses array;
+ * otherwise, its callback function is retrieve from the classTable hash
+ * table where user-defined types are stored.
+ *
+ * PARAMETERS:
+ * "object"
+ * Address of Object whose equals callback is desired. Must be non-NULL.
+ * "pEqualsCallback"
+ * Address where EqualsCallback function pointer will be stored.
+ * Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns an Object Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_Object_RetrieveEqualsCallback(
+ PKIX_PL_Object *object,
+ PKIX_PL_EqualsCallback *pEqualsCallback,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+ PKIX_PL_EqualsCallback func = NULL;
+ pkix_ClassTable_Entry entry;
+ PKIX_UInt32 objType;
+
+ PKIX_ENTER(OBJECT, "pkix_pl_Object_RetrieveEqualsCallback");
+ PKIX_NULLCHECK_TWO(object, pEqualsCallback);
+
+ PKIX_CHECK(pkix_pl_Object_GetHeader
+ (object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ objType = objectHeader->type;
+
+ if (objType >= PKIX_NUMTYPES){
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+ if (pkixErrorResult){
+ PKIX_ERROR(PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if ((ctEntry == NULL) || (ctEntry->equalsFunction == NULL)) {
+ PKIX_ERROR(PKIX_UNDEFINEDEQUALSCALLBACK);
+ } else {
+ *pEqualsCallback = ctEntry->equalsFunction;
+ }
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ entry = systemClasses[objType];
+ func = entry.equalsFunction;
+ if (func == NULL){
+ func = pkix_pl_Object_Equals_Default;
+ }
+ *pEqualsCallback = func;
+ }
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: pkix_pl_Object_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_OBJECT_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ *
+ * PKIX_PL_Object should have all function pointes to be to NULL: they
+ * work as proxy function to a real objects.
+ *
+ */
+PKIX_Error *
+pkix_pl_Object_RegisterSelf(void *plContext)
+{
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(ERROR, "pkix_pl_Object_RegisterSelf");
+
+ entry.description = "Object";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_Object);
+ entry.destructor = NULL;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_OBJECT_TYPE] = entry;
+
+ PKIX_RETURN(ERROR);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_Object_Alloc (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Alloc(
+ PKIX_TYPENUM objType,
+ PKIX_UInt32 size,
+ PKIX_PL_Object **pObject,
+ void *plContext)
+{
+ PKIX_PL_Object *object = NULL;
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Alloc");
+ PKIX_NULLCHECK_ONE(pObject);
+
+ /*
+ * We need to ensure that user-defined types have been registered.
+ * All system types have already been registered by PKIX_PL_Initialize.
+ */
+
+ if (objType >= PKIX_NUMTYPES) { /* i.e. if this is a user-defined type */
+#ifdef PKIX_USER_OBJECT_TYPE
+ PKIX_Boolean typeRegistered;
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL(PKIX_COULDNOTLOOKUPINHASHTABLE);
+ }
+
+ typeRegistered = (ctEntry != NULL);
+
+ if (!typeRegistered) {
+ PKIX_ERROR_FATAL(PKIX_UNKNOWNTYPEARGUMENT);
+ }
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ ctEntry = &systemClasses[objType];
+ }
+
+ PORT_Assert(size == ctEntry->typeObjectSize);
+
+ /* Allocate space for the object header and the requested size */
+#ifdef PKIX_OBJECT_LEAK_TEST
+ PKIX_CHECK(PKIX_PL_Calloc
+ (1,
+ ((PKIX_UInt32)sizeof (PKIX_PL_Object))+size,
+ (void **)&object,
+ plContext),
+ PKIX_MALLOCFAILED);
+#else
+ PKIX_CHECK(PKIX_PL_Malloc
+ (((PKIX_UInt32)sizeof (PKIX_PL_Object))+size,
+ (void **)&object,
+ plContext),
+ PKIX_MALLOCFAILED);
+#endif /* PKIX_OBJECT_LEAK_TEST */
+
+ /* Initialize all object fields */
+ object->magicHeader = PKIX_MAGIC_HEADER;
+ object->type = objType;
+ object->references = 1; /* Default to a single reference */
+ object->stringRep = NULL;
+ object->hashcode = 0;
+ object->hashcodeCached = 0;
+
+ /* Cannot use PKIX_PL_Mutex because it depends on Object */
+ /* Using NSPR Locks instead */
+ PKIX_OBJECT_DEBUG("\tCalling PR_NewLock).\n");
+ object->lock = PR_NewLock();
+ if (object->lock == NULL) {
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+
+ PKIX_OBJECT_DEBUG("\tShifting object pointer).\n");
+
+
+ /* Return a pointer to the user data. Need to offset by object size */
+ *pObject = object + 1;
+ object = NULL;
+
+ /* Atomically increment object counter */
+ PR_ATOMIC_INCREMENT((PRInt32*)&ctEntry->objCounter);
+
+cleanup:
+
+ PKIX_FREE(object);
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_IsTypeRegistered (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_IsTypeRegistered(
+ PKIX_UInt32 objType,
+ PKIX_Boolean *pBool,
+ void *plContext)
+{
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+#endif
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_IsTypeRegistered");
+ PKIX_NULLCHECK_ONE(pBool);
+
+ /* first, we handle the system types */
+ if (objType < PKIX_NUMTYPES) {
+ *pBool = PKIX_TRUE;
+ goto cleanup;
+ }
+
+#ifndef PKIX_USER_OBJECT_TYPE
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+#else
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL(PKIX_COULDNOTLOOKUPINHASHTABLE);
+ }
+
+ *pBool = (ctEntry != NULL);
+#endif /* PKIX_USER_OBJECT_TYPE */
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+#ifdef PKIX_USER_OBJECT_TYPE
+/*
+ * FUNCTION: PKIX_PL_Object_RegisterType (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_RegisterType(
+ PKIX_UInt32 objType,
+ char *description,
+ PKIX_PL_DestructorCallback destructor,
+ PKIX_PL_EqualsCallback equalsFunction,
+ PKIX_PL_HashcodeCallback hashcodeFunction,
+ PKIX_PL_ToStringCallback toStringFunction,
+ PKIX_PL_ComparatorCallback comparator,
+ PKIX_PL_DuplicateCallback duplicateFunction,
+ void *plContext)
+{
+ pkix_ClassTable_Entry *ctEntry = NULL;
+ pkix_pl_Integer *key = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_RegisterType");
+
+ /*
+ * System types are registered on startup by PKIX_PL_Initialize.
+ * These can not be overwritten.
+ */
+
+ if (objType < PKIX_NUMTYPES) { /* if this is a system type */
+ PKIX_ERROR(PKIX_CANTREREGISTERSYSTEMTYPE);
+ }
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ PKIX_CHECK(pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext),
+ PKIX_PRIMHASHTABLELOOKUPFAILED);
+
+ /* If the type is already registered, throw an error */
+ if (ctEntry) {
+ PKIX_ERROR(PKIX_TYPEALREADYREGISTERED);
+ }
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (((PKIX_UInt32)sizeof (pkix_ClassTable_Entry)),
+ (void **)&ctEntry,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ /* Set Default Values if none specified */
+
+ if (description == NULL){
+ description = "Object";
+ }
+
+ if (equalsFunction == NULL) {
+ equalsFunction = pkix_pl_Object_Equals_Default;
+ }
+
+ if (toStringFunction == NULL) {
+ toStringFunction = pkix_pl_Object_ToString_Default;
+ }
+
+ if (hashcodeFunction == NULL) {
+ hashcodeFunction = pkix_pl_Object_Hashcode_Default;
+ }
+
+ ctEntry->destructor = destructor;
+ ctEntry->equalsFunction = equalsFunction;
+ ctEntry->toStringFunction = toStringFunction;
+ ctEntry->hashcodeFunction = hashcodeFunction;
+ ctEntry->comparator = comparator;
+ ctEntry->duplicateFunction = duplicateFunction;
+ ctEntry->description = description;
+
+ PKIX_CHECK(PKIX_PL_Malloc
+ (((PKIX_UInt32)sizeof (pkix_pl_Integer)),
+ (void **)&key,
+ plContext),
+ PKIX_COULDNOTMALLOCNEWKEY);
+
+ key->ht_int = objType;
+
+ PKIX_CHECK(pkix_pl_PrimHashTable_Add
+ (classTable,
+ (void *)key,
+ (void *)ctEntry,
+ objType,
+ NULL,
+ plContext),
+ PKIX_PRIMHASHTABLEADDFAILED);
+
+cleanup:
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+
+ PKIX_RETURN(OBJECT);
+}
+#endif /* PKIX_USER_OBJECT_TYPE */
+
+/*
+ * FUNCTION: PKIX_PL_Object_IncRef (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_IncRef(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+ PKIX_PL_NssContext *context = NULL;
+ PKIX_Int32 refCount = 0;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_IncRef");
+ PKIX_NULLCHECK_ONE(object);
+
+ if (plContext){
+ /*
+ * PKIX_PL_NssContext is not a complete PKIX Type, it doesn't
+ * have a header therefore we cannot verify its type before
+ * casting.
+ */
+ context = (PKIX_PL_NssContext *) plContext;
+ if (context->arena != NULL) {
+ goto cleanup;
+ }
+ }
+
+ if (object == (PKIX_PL_Object*)PKIX_ALLOC_ERROR()) {
+ goto cleanup;
+ }
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ /* This object should never have zero references */
+ refCount = PR_ATOMIC_INCREMENT(&objectHeader->references);
+
+ if (refCount <= 1) {
+ PKIX_THROW(FATAL, PKIX_OBJECTWITHNONPOSITIVEREFERENCES);
+ }
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_DecRef (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_DecRef(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_Int32 refCount = 0;
+ PKIX_PL_Object *objectHeader = NULL;
+ PKIX_PL_NssContext *context = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_DecRef");
+ PKIX_NULLCHECK_ONE(object);
+
+ if (plContext){
+ /*
+ * PKIX_PL_NssContext is not a complete PKIX Type, it doesn't
+ * have a header therefore we cannot verify its type before
+ * casting.
+ */
+ context = (PKIX_PL_NssContext *) plContext;
+ if (context->arena != NULL) {
+ goto cleanup;
+ }
+ }
+
+ if (object == (PKIX_PL_Object*)PKIX_ALLOC_ERROR()) {
+ goto cleanup;
+ }
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ refCount = PR_ATOMIC_DECREMENT(&objectHeader->references);
+
+ if (refCount == 0) {
+ PKIX_PL_DestructorCallback destructor = NULL;
+ pkix_ClassTable_Entry *ctEntry = NULL;
+ PKIX_UInt32 objType = objectHeader->type;
+
+ /* first, special handling for system types */
+ if (objType >= PKIX_NUMTYPES){
+#ifdef PKIX_USER_OBJECT_TYPE
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG
+ ("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL
+ (PKIX_ERRORINGETTINGDESTRUCTOR);
+ }
+
+ if (ctEntry != NULL){
+ destructor = ctEntry->destructor;
+ }
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ ctEntry = &systemClasses[objType];
+ destructor = ctEntry->destructor;
+ }
+
+ if (destructor != NULL){
+ /* Call destructor on user data if necessary */
+ pkixErrorResult = destructor(object, plContext);
+ if (pkixErrorResult) {
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ PKIX_DoAddError(stdVarsPtr, pkixErrorResult, plContext);
+ pkixErrorResult = NULL;
+ }
+ }
+
+ /* Atomically decrement object counter */
+ PR_ATOMIC_DECREMENT((PRInt32*)&ctEntry->objCounter);
+
+ /* pkix_pl_Object_Destroy assumes the lock is held */
+ /* It will call unlock and destroy the object */
+ pkixErrorResult = pkix_pl_Object_Destroy(object, plContext);
+ goto cleanup;
+ }
+
+ if (refCount < 0) {
+ PKIX_ERROR_ALLOC_ERROR();
+ }
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+
+
+/*
+ * FUNCTION: PKIX_PL_Object_Equals (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_PL_Object *firstObjectHeader = NULL;
+ PKIX_PL_Object *secondObjectHeader = NULL;
+ PKIX_PL_EqualsCallback func = NULL;
+ pkix_ClassTable_Entry entry;
+ PKIX_UInt32 objType;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ PKIX_CHECK(pkix_pl_Object_GetHeader
+ (firstObject, &firstObjectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ PKIX_CHECK(pkix_pl_Object_GetHeader
+ (secondObject, &secondObjectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ /* if hashcodes are cached but not equal, objects can't be equal */
+ if (firstObjectHeader->hashcodeCached &&
+ secondObjectHeader->hashcodeCached){
+ if (firstObjectHeader->hashcode !=
+ secondObjectHeader->hashcode){
+ *pResult = PKIX_FALSE;
+ goto cleanup;
+ }
+ }
+
+ objType = firstObjectHeader->type;
+
+ if (objType >= PKIX_NUMTYPES) {
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&firstObjectHeader->type,
+ firstObjectHeader->type,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL(PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if ((ctEntry == NULL) || (ctEntry->equalsFunction == NULL)) {
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDCALLBACK);
+ } else {
+ func = ctEntry->equalsFunction;
+ }
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ entry = systemClasses[objType];
+ func = entry.equalsFunction;
+ if (func == NULL){
+ func = pkix_pl_Object_Equals_Default;
+ }
+ }
+
+ PKIX_CHECK(func(firstObject, secondObject, pResult, plContext),
+ PKIX_OBJECTSPECIFICFUNCTIONFAILED);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_Duplicate (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Duplicate(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object **pNewObject,
+ void *plContext)
+{
+ PKIX_PL_Object *firstObjectHeader = NULL;
+ PKIX_PL_DuplicateCallback func = NULL;
+ pkix_ClassTable_Entry entry;
+ PKIX_UInt32 objType;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Duplicate");
+ PKIX_NULLCHECK_TWO(firstObject, pNewObject);
+
+ PKIX_CHECK(pkix_pl_Object_GetHeader
+ (firstObject, &firstObjectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ objType = firstObjectHeader->type;
+
+ if (objType >= PKIX_NUMTYPES) {
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL(PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if ((ctEntry == NULL) || (ctEntry->duplicateFunction == NULL)) {
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDCALLBACK);
+ } else {
+ func = ctEntry->duplicateFunction;
+ }
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ entry = systemClasses[objType];
+ func = entry.duplicateFunction;
+ if (!func){
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDDUPLICATEFUNCTION);
+ }
+ }
+
+ PKIX_CHECK(func(firstObject, pNewObject, plContext),
+ PKIX_OBJECTSPECIFICFUNCTIONFAILED);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_Hashcode (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pValue,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+ PKIX_PL_HashcodeCallback func = NULL;
+ pkix_ClassTable_Entry entry;
+ PKIX_UInt32 objectHash;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pValue);
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (!objectHeader->hashcodeCached){
+
+ PKIX_UInt32 objType = objectHeader->type;
+
+ /* first, special handling for system types */
+ if (objType >= PKIX_NUMTYPES){
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL
+ (PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if ((ctEntry == NULL) ||
+ (ctEntry->hashcodeFunction == NULL)) {
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDCALLBACK);
+ }
+
+ func = ctEntry->hashcodeFunction;
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ entry = systemClasses[objType];
+ func = entry.hashcodeFunction;
+ if (func == NULL){
+ func = pkix_pl_Object_Hashcode_Default;
+ }
+ }
+
+ PKIX_CHECK(func(object, &objectHash, plContext),
+ PKIX_OBJECTSPECIFICFUNCTIONFAILED);
+
+ if (!objectHeader->hashcodeCached){
+
+ PKIX_CHECK(pkix_LockObject(object, plContext),
+ PKIX_ERRORLOCKINGOBJECT);
+
+ if (!objectHeader->hashcodeCached){
+ /* save cached copy in case we need it again */
+ objectHeader->hashcode = objectHash;
+ objectHeader->hashcodeCached = PKIX_TRUE;
+ }
+
+ PKIX_CHECK(pkix_UnlockObject(object, plContext),
+ PKIX_ERRORUNLOCKINGOBJECT);
+ }
+ }
+
+ *pValue = objectHeader->hashcode;
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_ToString (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+ PKIX_PL_ToStringCallback func = NULL;
+ pkix_ClassTable_Entry entry;
+ PKIX_PL_String *objectString = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ /* if we don't have a cached copy from before, we create one */
+ if (!objectHeader->stringRep){
+
+ PKIX_UInt32 objType = objectHeader->type;
+
+ if (objType >= PKIX_NUMTYPES){
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL
+ (PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if ((ctEntry == NULL) ||
+ (ctEntry->toStringFunction == NULL)) {
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDCALLBACK);
+ }
+
+ func = ctEntry->toStringFunction;
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ entry = systemClasses[objType];
+ func = entry.toStringFunction;
+ if (func == NULL){
+ func = pkix_pl_Object_ToString_Default;
+ }
+ }
+
+ PKIX_CHECK(func(object, &objectString, plContext),
+ PKIX_OBJECTSPECIFICFUNCTIONFAILED);
+
+ if (!objectHeader->stringRep){
+
+ PKIX_CHECK(pkix_LockObject(object, plContext),
+ PKIX_ERRORLOCKINGOBJECT);
+
+ if (!objectHeader->stringRep){
+ /* save a cached copy */
+ objectHeader->stringRep = objectString;
+ objectString = NULL;
+ }
+
+ PKIX_CHECK(pkix_UnlockObject(object, plContext),
+ PKIX_ERRORUNLOCKINGOBJECT);
+ }
+ }
+
+
+ *pString = objectHeader->stringRep;
+ objectHeader->stringRep = NULL;
+
+cleanup:
+ if (objectHeader) {
+ PKIX_DECREF(objectHeader->stringRep);
+ }
+ PKIX_DECREF(objectString);
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_InvalidateCache (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_InvalidateCache(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_InvalidateCache");
+ PKIX_NULLCHECK_ONE(object);
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ PKIX_CHECK(pkix_LockObject(object, plContext),
+ PKIX_ERRORLOCKINGOBJECT);
+
+ /* invalidate hashcode */
+ objectHeader->hashcode = 0;
+ objectHeader->hashcodeCached = PKIX_FALSE;
+
+ PKIX_DECREF(objectHeader->stringRep);
+
+ PKIX_CHECK(pkix_UnlockObject(object, plContext),
+ PKIX_ERRORUNLOCKINGOBJECT);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_Compare (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Compare(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_PL_Object *firstObjectHeader = NULL;
+ PKIX_PL_Object *secondObjectHeader = NULL;
+ PKIX_PL_ComparatorCallback func = NULL;
+ pkix_ClassTable_Entry entry;
+ PKIX_UInt32 objType;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Compare");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader
+ (firstObject, &firstObjectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader
+ (secondObject, &secondObjectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ objType = firstObjectHeader->type;
+
+ if (objType >= PKIX_NUMTYPES){
+#ifdef PKIX_USER_OBJECT_TYPE
+ pkix_ClassTable_Entry *ctEntry = NULL;
+
+ PKIX_OBJECT_DEBUG("\tCalling PR_Lock).\n");
+ PR_Lock(classTableLock);
+ pkixErrorResult = pkix_pl_PrimHashTable_Lookup
+ (classTable,
+ (void *)&objType,
+ objType,
+ NULL,
+ (void **)&ctEntry,
+ plContext);
+ PKIX_OBJECT_DEBUG("\tCalling PR_Unlock).\n");
+ PR_Unlock(classTableLock);
+ if (pkixErrorResult){
+ PKIX_ERROR_FATAL(PKIX_ERRORGETTINGCLASSTABLEENTRY);
+ }
+
+ if ((ctEntry == NULL) || (ctEntry->comparator == NULL)) {
+ PKIX_ERROR_FATAL(PKIX_UNDEFINEDCOMPARATOR);
+ }
+
+ func = ctEntry->comparator;
+#else
+ PORT_Assert (0);
+ pkixErrorCode = PKIX_UNKNOWNOBJECTTYPE;
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ goto cleanup;
+#endif /* PKIX_USER_OBJECT_TYPE */
+ } else {
+ /* special handling for system types */
+ entry = systemClasses[objType];
+ func = entry.comparator;
+ if (!func){
+ PKIX_ERROR(PKIX_UNDEFINEDCOMPARATOR);
+ }
+ }
+
+ PKIX_CHECK(func(firstObject, secondObject, pResult, plContext),
+ PKIX_OBJECTSPECIFICFUNCTIONFAILED);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_Lock (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Lock(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Lock");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_LockObject(object, plContext),
+ PKIX_LOCKOBJECTFAILED);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Object_Unlock (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_Unlock(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_Unlock");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_UnlockObject(object, plContext),
+ PKIX_UNLOCKOBJECTFAILED);
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
+
+
+/*
+ * FUNCTION: PKIX_PL_Object_GetType (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Object_GetType(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pType,
+ void *plContext)
+{
+ PKIX_PL_Object *objectHeader = NULL;
+
+ PKIX_ENTER(OBJECT, "PKIX_PL_Object_GetType");
+ PKIX_NULLCHECK_TWO(object, pType);
+
+ /* Shift pointer from user data to object header */
+ PKIX_CHECK(pkix_pl_Object_GetHeader(object, &objectHeader, plContext),
+ PKIX_RECEIVEDCORRUPTEDOBJECTARGUMENT);
+
+ *pType = objectHeader->type;
+
+cleanup:
+
+ PKIX_RETURN(OBJECT);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.h
new file mode 100755
index 000000000..0133c43ee
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_object.h
@@ -0,0 +1,76 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_object.h
+ *
+ * Object Construction, Destruction and Callback Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_OBJECT_H
+#define _PKIX_PL_OBJECT_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Object Implementation Notes:
+ *
+ * Allocating a new object creates an object header and a block of
+ * uninitialized user data. A pointer to this uninitialized data is
+ * returned to the user. The structure looks as follows:
+ *
+ * +--------------------+
+ * | MAGIC HEADER |
+ * | (object header) |
+ * +--------------------+
+ * | user data | -- pointer returned from PKIX_PL_Object_Alloc
+ * +--------------------+
+ *
+ * Object operations receive a pointer to raw user data as an argument.
+ * The macro HEADER(object) returns a pointer to the object header.
+ * An assertion then verifies that the first field is the MAGIC_HEADER.
+ */
+
+/* PKIX_PL_Object Structure Definition */
+struct PKIX_PL_ObjectStruct {
+ PRUint64 magicHeader;
+ PKIX_UInt32 type;
+ PKIX_Int32 references;
+ PRLock *lock;
+ PKIX_PL_String *stringRep;
+ PKIX_UInt32 hashcode;
+ PKIX_Boolean hashcodeCached;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_Object_RetrieveEqualsCallback(
+ PKIX_PL_Object *object,
+ PKIX_PL_EqualsCallback *equalsCallback,
+ void *plContext);
+
+extern PKIX_Boolean initializing;
+extern PKIX_Boolean initialized;
+
+#ifdef PKIX_USER_OBJECT_TYPE
+
+extern PRLock *classTableLock;
+
+#endif
+
+extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+
+PKIX_Error *
+pkix_pl_Object_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_OBJECT_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
new file mode 100755
index 000000000..a6e050385
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
@@ -0,0 +1,316 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_oid.c
+ *
+ * OID Object Functions
+ *
+ */
+
+#include "pkix_pl_oid.h"
+
+/* --Private-OID-Functions---------------------------------------- */
+
+ /*
+ * FUNCTION: pkix_pl_OID_Comparator
+ * (see comments for PKIX_PL_ComparatorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OID_Comparator(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Int32 *pRes,
+ void *plContext)
+{
+ PKIX_PL_OID *firstOID = NULL;
+ PKIX_PL_OID *secondOID = NULL;
+
+ PKIX_ENTER(OID, "pkix_pl_OID_Comparator");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pRes);
+
+ PKIX_CHECK(pkix_CheckTypes
+ (firstObject, secondObject, PKIX_OID_TYPE, plContext),
+ PKIX_ARGUMENTSNOTOIDS);
+
+ firstOID = (PKIX_PL_OID*)firstObject;
+ secondOID = (PKIX_PL_OID*)secondObject;
+
+ *pRes = (PKIX_Int32)SECITEM_CompareItem(&firstOID->derOid,
+ &secondOID->derOid);
+cleanup:
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OID_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OID_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_OID *oid = NULL;
+
+ PKIX_ENTER(OID, "pkix_pl_OID_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OID_TYPE, plContext),
+ PKIX_OBJECTNOTANOID);
+ oid = (PKIX_PL_OID*)object;
+ SECITEM_FreeItem(&oid->derOid, PR_FALSE);
+
+cleanup:
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OID_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OID_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_OID *oid = NULL;
+
+ PKIX_ENTER(OID, "pkix_pl_OID_HashCode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OID_TYPE, plContext),
+ PKIX_OBJECTNOTANOID);
+
+ oid = (PKIX_PL_OID *)object;
+
+ PKIX_CHECK(pkix_hash
+ ((unsigned char *)oid->derOid.data,
+ oid->derOid.len * sizeof (char),
+ pHashcode,
+ plContext),
+ PKIX_HASHFAILED);
+cleanup:
+
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OID_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_OID_Equals(
+ PKIX_PL_Object *first,
+ PKIX_PL_Object *second,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_Int32 cmpResult;
+
+ PKIX_ENTER(OID, "pkix_pl_OID_Equals");
+ PKIX_NULLCHECK_THREE(first, second, pResult);
+
+ PKIX_CHECK(pkix_pl_OID_Comparator
+ (first, second, &cmpResult, plContext),
+ PKIX_OIDCOMPARATORFAILED);
+
+ *pResult = (cmpResult == 0);
+cleanup:
+
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OID_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ * Use this function only for printing OIDs and not to make any
+ * critical security decision.
+ */
+static PKIX_Error *
+pkix_pl_OID_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_OID *oid = NULL;
+ char *oidString = NULL;
+
+ PKIX_ENTER(OID, "pkix_pl_OID_toString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_OID_TYPE, plContext),
+ PKIX_OBJECTNOTANOID);
+ oid = (PKIX_PL_OID*)object;
+ oidString = CERT_GetOidString(&oid->derOid);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, oidString , 0, pString, plContext),
+ PKIX_STRINGCREATEFAILED);
+cleanup:
+ PR_smprintf_free(oidString);
+
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OID_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_OID_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_OID_RegisterSelf(
+ void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry *entry = &systemClasses[PKIX_OID_TYPE];
+
+ PKIX_ENTER(OID, "pkix_pl_OID_RegisterSelf");
+
+ entry->description = "OID";
+ entry->typeObjectSize = sizeof(PKIX_PL_OID);
+ entry->destructor = pkix_pl_OID_Destroy;
+ entry->equalsFunction = pkix_pl_OID_Equals;
+ entry->hashcodeFunction = pkix_pl_OID_Hashcode;
+ entry->toStringFunction = pkix_pl_OID_ToString;
+ entry->comparator = pkix_pl_OID_Comparator;
+ entry->duplicateFunction = pkix_duplicateImmutable;
+
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: pkix_pl_OID_GetCriticalExtensionOIDs
+ * DESCRIPTION:
+ *
+ * Converts the extensions in "extensions" array that are critical to
+ * PKIX_PL_OID and returns the result as a PKIX_List in "pPidList".
+ * If there is no critical extension, an empty list is returned.
+ *
+ * PARAMETERS
+ * "extension"
+ * an array of extension pointers. May be NULL.
+ * "pOidsList"
+ * Address where the list of OIDs is returned. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a CRL Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_OID_GetCriticalExtensionOIDs(
+ CERTCertExtension **extensions,
+ PKIX_List **pOidsList,
+ void *plContext)
+{
+ PKIX_List *oidsList = NULL;
+ PKIX_PL_OID *pkixOID = NULL;
+
+ PKIX_ENTER(OID, "pkix_pl_OID_GetCriticalExtensionOIDs");
+ PKIX_NULLCHECK_ONE(pOidsList);
+
+ PKIX_CHECK(PKIX_List_Create(&oidsList, plContext),
+ PKIX_LISTCREATEFAILED);
+
+ if (extensions) {
+ while (*extensions) {
+ CERTCertExtension *extension = NULL;
+ SECItem *critical = NULL;
+ SECItem *oid = NULL;
+
+ extension = *extensions++;
+ /* extension is critical ? */
+ critical = &extension->critical;
+ if (critical->len == 0 || critical->data[0] == 0) {
+ continue;
+ }
+ oid = &extension->id;
+ PKIX_CHECK(
+ PKIX_PL_OID_CreateBySECItem(oid, &pkixOID, plContext),
+ PKIX_OIDCREATEFAILED);
+ PKIX_CHECK(
+ PKIX_List_AppendItem(oidsList, (PKIX_PL_Object *)pkixOID,
+ plContext),
+ PKIX_LISTAPPENDITEMFAILED);
+ PKIX_DECREF(pkixOID);
+ }
+ }
+
+ *pOidsList = oidsList;
+ oidsList = NULL;
+
+cleanup:
+ PKIX_DECREF(oidsList);
+ PKIX_DECREF(pkixOID);
+ PKIX_RETURN(OID);
+}
+
+/* --Public-Functions------------------------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_OID_CreateBySECItem (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_OID_CreateBySECItem(
+ SECItem *derOid,
+ PKIX_PL_OID **pOID,
+ void *plContext)
+{
+ PKIX_PL_OID *oid = NULL;
+ SECStatus rv;
+
+ PKIX_ENTER(OID, "PKIX_PL_OID_CreateBySECItem");
+ PKIX_NULLCHECK_TWO(pOID, derOid);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_OID_TYPE,
+ sizeof (PKIX_PL_OID),
+ (PKIX_PL_Object **)&oid,
+ plContext),
+ PKIX_COULDNOTCREATEOBJECT);
+ rv = SECITEM_CopyItem(NULL, &oid->derOid, derOid);
+ if (rv != SECSuccess) {
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+ *pOID = oid;
+ oid = NULL;
+
+cleanup:
+ PKIX_DECREF(oid);
+
+ PKIX_RETURN(OID);
+}
+
+/*
+ * FUNCTION: PKIX_PL_OID_Create (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_OID_Create(
+ SECOidTag idtag,
+ PKIX_PL_OID **pOID,
+ void *plContext)
+{
+ SECOidData *oidData = NULL;
+
+ PKIX_ENTER(OID, "PKIX_PL_OID_Create");
+ PKIX_NULLCHECK_ONE(pOID);
+
+ oidData = SECOID_FindOIDByTag((SECOidTag)idtag);
+ if (!oidData) {
+ PKIX_ERROR(PKIX_SECOIDFINDOIDTAGDESCRIPTIONFAILED);
+ }
+
+ pkixErrorResult =
+ PKIX_PL_OID_CreateBySECItem(&oidData->oid, pOID, plContext);
+cleanup:
+ PKIX_RETURN(OID);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.h
new file mode 100755
index 000000000..0229194d8
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.h
@@ -0,0 +1,39 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_oid.h
+ *
+ * OID Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_OID_H
+#define _PKIX_PL_OID_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_OIDStruct {
+ SECItem derOid;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_OID_RegisterSelf(void *plContext);
+
+PKIX_Error *
+pkix_pl_OID_GetCriticalExtensionOIDs(
+ CERTCertExtension **extensions,
+ PKIX_List **pOidsList,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_OID_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.c
new file mode 100755
index 000000000..c920533d3
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.c
@@ -0,0 +1,584 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_primhash.c
+ *
+ * Primitive (non-object) Hashtable Functions
+ *
+ */
+
+#include "pkix_pl_primhash.h"
+
+/* --Private-Functions---------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_KeyComparator_Default
+ * DESCRIPTION:
+ *
+ * Compares the integer pointed to by "firstKey" with the integer pointed to
+ * by "secondKey" for equality and stores the Boolean result at "pResult".
+ * This default key comparator assumes each key is a PKIX_UInt32, and it
+ * simply tests them for equality.
+ *
+ * PARAMETERS:
+ * "firstKey"
+ * Address of the first integer key to compare. Must be non-NULL.
+ * The EqualsCallback for this Object will be called.
+ * "secondKey"
+ * Address of the second integer key to compare. Must be non-NULL.
+ * "pResult"
+ * Address where Boolean will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+static PKIX_Error *
+pkix_pl_KeyComparator_Default(
+ PKIX_UInt32 *firstKey,
+ PKIX_UInt32 *secondKey,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ /* Assume both keys are pointers to PKIX_UInt32 */
+ PKIX_UInt32 firstInt, secondInt;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_KeyComparator_Default");
+ PKIX_NULLCHECK_THREE(firstKey, secondKey, pResult);
+
+ firstInt = *firstKey;
+ secondInt = *secondKey;
+
+ *pResult = (firstInt == secondInt)?PKIX_TRUE:PKIX_FALSE;
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_PrimHashTable_Create
+ * DESCRIPTION:
+ *
+ * Creates a new PrimHashtable object with a number of buckets equal to
+ * "numBuckets" and stores the result at "pResult".
+ *
+ * PARAMETERS:
+ * "numBuckets"
+ * The number of hash table buckets. Must be non-zero.
+ * "pResult"
+ * Address where PrimHashTable pointer will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_Create(
+ PKIX_UInt32 numBuckets,
+ pkix_pl_PrimHashTable **pResult,
+ void *plContext)
+{
+ pkix_pl_PrimHashTable *primHashTable = NULL;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_Create");
+ PKIX_NULLCHECK_ONE(pResult);
+
+ if (numBuckets == 0) {
+ PKIX_ERROR(PKIX_NUMBUCKETSEQUALSZERO);
+ }
+
+ /* Allocate a new hashtable */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (sizeof (pkix_pl_PrimHashTable),
+ (void **)&primHashTable,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ primHashTable->size = numBuckets;
+
+ /* Allocate space for the buckets */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (numBuckets * sizeof (pkix_pl_HT_Elem*),
+ (void **)&primHashTable->buckets,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ for (i = 0; i < numBuckets; i++) {
+ primHashTable->buckets[i] = NULL;
+ }
+
+ *pResult = primHashTable;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_FREE(primHashTable);
+ }
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: pkix_pl_PrimHashTable_Add
+ * DESCRIPTION:
+ *
+ * Adds the value pointed to by "value" to the PrimHashTable pointed to by
+ * "ht" using the key pointed to by "key" and the hashCode value equal to
+ * "hashCode", using the function pointed to by "keyComp" to compare keys.
+ * Assumes the key is either a PKIX_UInt32 or a PKIX_PL_Object. If the value
+ * already exists in the hashtable, this function returns a non-fatal error.
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of PrimHashtable to insert into. Must be non-NULL.
+ * "key"
+ * Address of key. Typically a PKIX_UInt32 or PKIX_PL_Object.
+ * Must be non-NULL.
+ * "value"
+ * Address of Object to be added to PrimHashtable. Must be non-NULL.
+ * "hashCode"
+ * Hashcode value of the key.
+ * "keyComp"
+ * Address of function used to determine if two keys are equal.
+ * If NULL, pkix_pl_KeyComparator_Default is used.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HashTable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_Add(
+ pkix_pl_PrimHashTable *ht,
+ void *key,
+ void *value,
+ PKIX_UInt32 hashCode,
+ PKIX_PL_EqualsCallback keyComp,
+ void *plContext)
+{
+ pkix_pl_HT_Elem **elemPtr = NULL;
+ pkix_pl_HT_Elem *element = NULL;
+ PKIX_Boolean compResult = PKIX_FALSE;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_Add");
+ PKIX_NULLCHECK_THREE(ht, key, value);
+
+ for (elemPtr = &((ht->buckets)[hashCode%ht->size]), element = *elemPtr;
+ element != NULL; elemPtr = &(element->next), element = *elemPtr) {
+
+ if (element->hashCode != hashCode){
+ /* no possibility of a match */
+ continue;
+ }
+
+ if (keyComp == NULL){
+ PKIX_CHECK(pkix_pl_KeyComparator_Default
+ ((PKIX_UInt32 *)key,
+ (PKIX_UInt32 *)(element->key),
+ &compResult,
+ plContext),
+ PKIX_COULDNOTTESTWHETHERKEYSEQUAL);
+ } else {
+ PKIX_CHECK(keyComp
+ ((PKIX_PL_Object *)key,
+ (PKIX_PL_Object *)(element->key),
+ &compResult,
+ plContext),
+ PKIX_COULDNOTTESTWHETHERKEYSEQUAL);
+ }
+
+ if ((element->hashCode == hashCode) &&
+ (compResult == PKIX_TRUE)){
+ /* Same key already exists in the table */
+ PKIX_ERROR(PKIX_ATTEMPTTOADDDUPLICATEKEY);
+ }
+ }
+
+ /* Next Element should be NULL at this point */
+ if (element != NULL) {
+ PKIX_ERROR(PKIX_ERRORTRAVERSINGBUCKET);
+ }
+
+ /* Create a new HT_Elem */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (sizeof (pkix_pl_HT_Elem), (void **)elemPtr, plContext),
+ PKIX_MALLOCFAILED);
+
+ element = *elemPtr;
+
+ element->key = key;
+ element->value = value;
+ element->hashCode = hashCode;
+ element->next = NULL;
+
+cleanup:
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: pkix_pl_PrimHashTable_Remove
+ * DESCRIPTION:
+ *
+ * Removes any objects with the key pointed to by "key" and hashCode value
+ * equal to "hashCode" from the PrimHashtable pointed to by "ht", using the
+ * function pointed to by "keyComp" to compare keys, and stores the object's
+ * value at "pResult". Assumes "key" is a PKIX_UInt32 or a PKIX_PL_Object.
+ * This function sets "pResult" to NULL if the key is not in the hashtable.
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of PrimHashtable to remove object. Must be non-NULL.
+ * "key"
+ * Address of key for lookup. Typically a PKIX_UInt32 or PKIX_PL_Object.
+ * Must be non-NULL.
+ * "value"
+ * Address of Object to be added to PrimHashtable. Must be non-NULL.
+ * "hashCode"
+ * Hashcode value of the key.
+ * "keyComp"
+ * Address of function used to determine if two keys are equal.
+ * If NULL, pkix_pl_KeyComparator_Default is used.
+ * "pResult"
+ * Address where value will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HashTable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_Remove(
+ pkix_pl_PrimHashTable *ht,
+ void *key,
+ PKIX_UInt32 hashCode,
+ PKIX_PL_EqualsCallback keyComp,
+ void **pKey,
+ void **pValue,
+ void *plContext)
+{
+ pkix_pl_HT_Elem *element = NULL;
+ pkix_pl_HT_Elem *prior = NULL;
+ PKIX_Boolean compResult;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_Remove");
+ PKIX_NULLCHECK_FOUR(ht, key, pKey, pValue);
+
+ *pKey = NULL;
+ *pValue = NULL;
+
+ for (element = ht->buckets[hashCode%ht->size], prior = element;
+ (element != NULL);
+ prior = element, element = element->next) {
+
+ if (element->hashCode != hashCode){
+ /* no possibility of a match */
+ continue;
+ }
+
+ if (keyComp == NULL){
+ PKIX_CHECK(pkix_pl_KeyComparator_Default
+ ((PKIX_UInt32 *)key,
+ (PKIX_UInt32 *)(element->key),
+ &compResult,
+ plContext),
+ PKIX_COULDNOTTESTWHETHERKEYSEQUAL);
+ } else {
+ PKIX_CHECK(keyComp
+ ((PKIX_PL_Object *)key,
+ (PKIX_PL_Object *)(element->key),
+ &compResult,
+ plContext),
+ PKIX_COULDNOTTESTWHETHERKEYSEQUAL);
+ }
+
+ if ((element->hashCode == hashCode) &&
+ (compResult == PKIX_TRUE)){
+ if (element != prior) {
+ prior->next = element->next;
+ } else {
+ ht->buckets[hashCode%ht->size] = element->next;
+ }
+ *pKey = element->key;
+ *pValue = element->value;
+ element->key = NULL;
+ element->value = NULL;
+ element->next = NULL;
+ PKIX_FREE(element);
+ goto cleanup;
+ }
+ }
+
+cleanup:
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+
+/*
+ * FUNCTION: pkix_pl_HashTableLookup
+ * DESCRIPTION:
+ *
+ * Looks up object using the key pointed to by "key" and hashCode value
+ * equal to "hashCode" from the PrimHashtable pointed to by "ht", using the
+ * function pointed to by "keyComp" to compare keys, and stores the object's
+ * value at "pResult". Assumes "key" is a PKIX_UInt32 or a PKIX_PL_Object.
+ * This function sets "pResult" to NULL if the key is not in the hashtable.
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of PrimHashtable to lookup object from. Must be non-NULL.
+ * "key"
+ * Address of key for lookup. Typically a PKIX_UInt32 or PKIX_PL_Object.
+ * Must be non-NULL.
+ * "keyComp"
+ * Address of function used to determine if two keys are equal.
+ * If NULL, pkix_pl_KeyComparator_Default is used.
+ * "hashCode"
+ * Hashcode value of the key.
+ * "pResult"
+ * Address where value will be stored. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Conditionally Thread Safe
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_Lookup(
+ pkix_pl_PrimHashTable *ht,
+ void *key,
+ PKIX_UInt32 hashCode,
+ PKIX_PL_EqualsCallback keyComp,
+ void **pResult,
+ void *plContext)
+{
+ pkix_pl_HT_Elem *element = NULL;
+ PKIX_Boolean compResult = PKIX_FALSE;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_Lookup");
+ PKIX_NULLCHECK_THREE(ht, key, pResult);
+
+ *pResult = NULL;
+
+ for (element = (ht->buckets)[hashCode%ht->size];
+ (element != NULL) && (*pResult == NULL);
+ element = element->next) {
+
+ if (element->hashCode != hashCode){
+ /* no possibility of a match */
+ continue;
+ }
+
+ if (keyComp == NULL){
+ PKIX_CHECK(pkix_pl_KeyComparator_Default
+ ((PKIX_UInt32 *)key,
+ (PKIX_UInt32 *)(element->key),
+ &compResult,
+ plContext),
+ PKIX_COULDNOTTESTWHETHERKEYSEQUAL);
+ } else {
+ pkixErrorResult =
+ keyComp((PKIX_PL_Object *)key,
+ (PKIX_PL_Object *)(element->key),
+ &compResult,
+ plContext);
+ if (pkixErrorResult) {
+ pkixErrorClass = PKIX_FATAL_ERROR;
+ pkixErrorCode = PKIX_COULDNOTTESTWHETHERKEYSEQUAL;
+ goto cleanup;
+ }
+ }
+
+ if ((element->hashCode == hashCode) &&
+ (compResult == PKIX_TRUE)){
+ *pResult = element->value;
+ goto cleanup;
+ }
+ }
+
+ /* if we've reached here, specified key doesn't exist in hashtable */
+ *pResult = NULL;
+
+cleanup:
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: pkix_pl_PrimHashTable_Destroy
+ *
+ * Destroys PrimHashTable pointed to by "ht".
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of PrimHashtable to free. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS
+ * Returns NULL if the function succeeds.
+ * Returns a HashTable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_Destroy(
+ pkix_pl_PrimHashTable *ht,
+ void *plContext)
+{
+ pkix_pl_HT_Elem *element = NULL;
+ pkix_pl_HT_Elem *temp = NULL;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_Destroy");
+ PKIX_NULLCHECK_ONE(ht);
+
+ /* Free each element (list) */
+ for (i = 0; i < ht->size; i++) {
+ for (element = ht->buckets[i];
+ element != NULL;
+ element = temp) {
+ temp = element->next;
+ element->value = NULL;
+ element->key = NULL;
+ element->hashCode = 0;
+ element->next = NULL;
+ PKIX_FREE(element);
+ }
+ }
+
+ /* Free the pointer to the list array */
+ PKIX_FREE(ht->buckets);
+ ht->size = 0;
+
+ /* Free the table itself */
+ PKIX_FREE(ht);
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: pkix_pl_PrimHashTable_GetBucketSize
+ * DESCRIPTION:
+ *
+ * Retruns number of entries in the bucket the "hashCode" is designated in
+ * the hashtable "ht" in the address "pBucketSize".
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of PrimHashtable to get entries count. Must be non-NULL.
+ * "hashCode"
+ * Hashcode value of the key.
+ * "pBucketSize"
+ * Address that an PKIX_UInt32 is returned for number of entries in the
+ * bucket associated with the hashCode. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HashTable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_GetBucketSize(
+ pkix_pl_PrimHashTable *ht,
+ PKIX_UInt32 hashCode,
+ PKIX_UInt32 *pBucketSize,
+ void *plContext)
+{
+ pkix_pl_HT_Elem **elemPtr = NULL;
+ pkix_pl_HT_Elem *element = NULL;
+ PKIX_UInt32 bucketSize = 0;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_GetBucketSize");
+ PKIX_NULLCHECK_TWO(ht, pBucketSize);
+
+ for (elemPtr = &((ht->buckets)[hashCode%ht->size]), element = *elemPtr;
+ element != NULL; elemPtr = &(element->next), element = *elemPtr) {
+ bucketSize++;
+ }
+
+ *pBucketSize = bucketSize;
+
+ PKIX_RETURN(HASHTABLE);
+}
+
+/*
+ * FUNCTION: pkix_pl_PrimHashTable_RemoveFIFO
+ * DESCRIPTION:
+ *
+ * Remove the first entry in the bucket the "hashCode" is designated in
+ * the hashtable "ht". Since new entry is added at end of the link list
+ * the first one is the oldest (FI) therefore removed first (FO).
+ *
+ * PARAMETERS:
+ * "ht"
+ * Address of PrimHashtable to get entries count. Must be non-NULL.
+ * "hashCode"
+ * Hashcode value of the key.
+ * "pKey"
+ * Address of key of the entry deleted. Must be non-NULL.
+ * "pValue"
+ * Address of Value of the entry deleted. Must be non-NULL.
+ * "plContext"
+ * Platform-specific context pointer.
+ * THREAD SAFETY:
+ * Not Thread Safe - assumes exclusive access to "ht"
+ * (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a HashTable Error if the function fails in a non-fatal way.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_PrimHashTable_RemoveFIFO(
+ pkix_pl_PrimHashTable *ht,
+ PKIX_UInt32 hashCode,
+ void **pKey,
+ void **pValue,
+ void *plContext)
+{
+ pkix_pl_HT_Elem *element = NULL;
+
+ PKIX_ENTER(HASHTABLE, "pkix_pl_PrimHashTable_Remove");
+ PKIX_NULLCHECK_THREE(ht, pKey, pValue);
+
+ element = (ht->buckets)[hashCode%ht->size];
+
+ if (element != NULL) {
+
+ *pKey = element->key;
+ *pValue = element->value;
+ ht->buckets[hashCode%ht->size] = element->next;
+ element->key = NULL;
+ element->value = NULL;
+ element->next = NULL;
+ PKIX_FREE(element);
+ }
+
+ PKIX_RETURN(HASHTABLE);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.h
new file mode 100755
index 000000000..b889e2e91
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_primhash.h
@@ -0,0 +1,102 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_primhash.h
+ *
+ * Primitive Hashtable Definition
+ *
+ */
+
+#ifndef _PKIX_PL_PRIMHASH_H
+#define _PKIX_PL_PRIMHASH_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct pkix_pl_HT_Elem pkix_pl_HT_Elem;
+
+typedef struct pkix_pl_PrimHashTable pkix_pl_PrimHashTable;
+
+typedef struct pkix_pl_Integer pkix_pl_Integer;
+
+struct pkix_pl_Integer{
+ PKIX_UInt32 ht_int;
+};
+
+struct pkix_pl_HT_Elem {
+ void *key;
+ void *value;
+ PKIX_UInt32 hashCode;
+ pkix_pl_HT_Elem *next;
+};
+
+struct pkix_pl_PrimHashTable {
+ pkix_pl_HT_Elem **buckets;
+ PKIX_UInt32 size;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_PrimHashTable_Create(
+ PKIX_UInt32 numBuckets,
+ pkix_pl_PrimHashTable **pResult,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_PrimHashTable_Add(
+ pkix_pl_PrimHashTable *ht,
+ void *key,
+ void *value,
+ PKIX_UInt32 hashCode,
+ PKIX_PL_EqualsCallback keyComp,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_PrimHashTable_Remove(
+ pkix_pl_PrimHashTable *ht,
+ void *key,
+ PKIX_UInt32 hashCode,
+ PKIX_PL_EqualsCallback keyComp,
+ void **pKey,
+ void **pValue,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_PrimHashTable_Lookup(
+ pkix_pl_PrimHashTable *ht,
+ void *key,
+ PKIX_UInt32 hashCode,
+ PKIX_PL_EqualsCallback keyComp,
+ void **pResult,
+ void *plContext);
+
+PKIX_Error*
+pkix_pl_PrimHashTable_Destroy(
+ pkix_pl_PrimHashTable *ht,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_PrimHashTable_GetBucketSize(
+ pkix_pl_PrimHashTable *ht,
+ PKIX_UInt32 hashCode,
+ PKIX_UInt32 *pBucketSize,
+ void *plContext);
+
+PKIX_Error *
+pkix_pl_PrimHashTable_RemoveFIFO(
+ pkix_pl_PrimHashTable *ht,
+ PKIX_UInt32 hashCode,
+ void **pKey,
+ void **pValue,
+ void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_PRIMHASH_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.c
new file mode 100755
index 000000000..662931e98
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.c
@@ -0,0 +1,217 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_rwlock.c
+ *
+ * Read/Write Lock Functions
+ *
+ */
+
+#include "pkix_pl_rwlock.h"
+
+/* --Private-Functions-------------------------------------------- */
+
+static PKIX_Error *
+pkix_pl_RWLock_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_RWLock* rwlock = NULL;
+
+ PKIX_ENTER(RWLOCK, "pkix_pl_RWLock_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_RWLOCK_TYPE, plContext),
+ PKIX_OBJECTNOTRWLOCK);
+
+ rwlock = (PKIX_PL_RWLock*) object;
+
+ PKIX_RWLOCK_DEBUG("Calling PR_DestroyRWLock)\n");
+ PR_DestroyRWLock(rwlock->lock);
+ rwlock->lock = NULL;
+
+cleanup:
+
+ PKIX_RETURN(RWLOCK);
+}
+
+/*
+ * FUNCTION: pkix_pl_RWLock_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_RWLOCK_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_RWLock_RegisterSelf(
+ void *plContext)
+{
+
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(RWLOCK, "pkix_pl_RWLock_RegisterSelf");
+
+ entry.description = "RWLock";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_RWLock);
+ entry.destructor = pkix_pl_RWLock_Destroy;
+ entry.equalsFunction = NULL;
+ entry.hashcodeFunction = NULL;
+ entry.toStringFunction = NULL;
+ entry.comparator = NULL;
+ entry.duplicateFunction = NULL;
+
+ systemClasses[PKIX_RWLOCK_TYPE] = entry;
+
+ PKIX_RETURN(RWLOCK);
+}
+
+/* --Public-Functions--------------------------------------------- */
+
+PKIX_Error *
+PKIX_PL_RWLock_Create(
+ PKIX_PL_RWLock **pNewLock,
+ void *plContext)
+{
+ PKIX_PL_RWLock *rwLock = NULL;
+
+ PKIX_ENTER(RWLOCK, "PKIX_PL_RWLock_Create");
+ PKIX_NULLCHECK_ONE(pNewLock);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_RWLOCK_TYPE,
+ sizeof (PKIX_PL_RWLock),
+ (PKIX_PL_Object **)&rwLock,
+ plContext),
+ PKIX_ERRORALLOCATINGRWLOCK);
+
+ PKIX_RWLOCK_DEBUG("\tCalling PR_NewRWLock)\n");
+ rwLock->lock = PR_NewRWLock(PR_RWLOCK_RANK_NONE, "PKIX RWLock");
+
+ if (rwLock->lock == NULL) {
+ PKIX_DECREF(rwLock);
+ PKIX_ERROR(PKIX_OUTOFMEMORY);
+ }
+
+ rwLock->readCount = 0;
+ rwLock->writeLocked = PKIX_FALSE;
+
+ *pNewLock = rwLock;
+
+cleanup:
+
+ PKIX_RETURN(RWLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_AcquireReaderLock(
+ PKIX_PL_RWLock *lock,
+ void *plContext)
+{
+ PKIX_ENTER(RWLOCK, "PKIX_PL_AcquireReaderLock");
+ PKIX_NULLCHECK_ONE(lock);
+
+ PKIX_RWLOCK_DEBUG("\tCalling PR_RWLock_Rlock)\n");
+ (void) PR_RWLock_Rlock(lock->lock);
+
+ lock->readCount++;
+
+ PKIX_RETURN(RWLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_ReleaseReaderLock(
+ PKIX_PL_RWLock *lock,
+ void *plContext)
+{
+ PKIX_ENTER(RWLOCK, "PKIX_PL_ReleaseReaderLock");
+ PKIX_NULLCHECK_ONE(lock);
+
+ PKIX_RWLOCK_DEBUG("\tCalling PR_RWLock_Unlock)\n");
+ (void) PR_RWLock_Unlock(lock->lock);
+
+ lock->readCount--;
+
+ PKIX_RETURN(RWLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_IsReaderLockHeld(
+ PKIX_PL_RWLock *lock,
+ PKIX_Boolean *pIsHeld,
+ void *plContext)
+{
+ PKIX_ENTER(RWLOCK, "PKIX_PL_IsReaderLockHeld");
+ PKIX_NULLCHECK_TWO(lock, pIsHeld);
+
+ *pIsHeld = (lock->readCount > 0)?PKIX_TRUE:PKIX_FALSE;
+
+ PKIX_RETURN(RWLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_AcquireWriterLock(
+ PKIX_PL_RWLock *lock,
+ void *plContext)
+{
+ PKIX_ENTER(RWLOCK, "PKIX_PL_AcquireWriterLock");
+ PKIX_NULLCHECK_ONE(lock);
+
+ PKIX_RWLOCK_DEBUG("\tCalling PR_RWLock_Wlock\n");
+ (void) PR_RWLock_Wlock(lock->lock);
+
+ if (lock->readCount > 0) {
+ PKIX_ERROR(PKIX_LOCKHASNONZEROREADCOUNT);
+ }
+
+ /* We should never acquire a write lock if the lock is held */
+ lock->writeLocked = PKIX_TRUE;
+
+cleanup:
+
+ PKIX_RETURN(RWLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_ReleaseWriterLock(
+ PKIX_PL_RWLock *lock,
+ void *plContext)
+{
+ PKIX_ENTER(RWLOCK, "PKIX_PL_ReleaseWriterLock");
+ PKIX_NULLCHECK_ONE(lock);
+
+ if (lock->readCount > 0) {
+ PKIX_ERROR(PKIX_LOCKHASNONZEROREADCOUNT);
+ }
+
+ PKIX_RWLOCK_DEBUG("\tCalling PR_RWLock_Unlock)\n");
+ (void) PR_RWLock_Unlock(lock->lock);
+
+ /* XXX Need to think about thread safety here */
+ /* There should be a single lock holder */
+ lock->writeLocked = PKIX_FALSE;
+
+cleanup:
+
+ PKIX_RETURN(RWLOCK);
+}
+
+PKIX_Error *
+PKIX_PL_IsWriterLockHeld(
+ PKIX_PL_RWLock *lock,
+ PKIX_Boolean *pIsHeld,
+ void *plContext)
+{
+ PKIX_ENTER(RWLOCK, "PKIX_PL_IsWriterLockHeld");
+ PKIX_NULLCHECK_TWO(lock, pIsHeld);
+
+ *pIsHeld = lock->writeLocked;
+
+ PKIX_RETURN(RWLOCK);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.h
new file mode 100755
index 000000000..fd6465950
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_rwlock.h
@@ -0,0 +1,35 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_rwlock.h
+ *
+ * Read/Write Lock Definition
+ *
+ */
+
+#ifndef _PKIX_PL_RWLOCK_H
+#define _PKIX_PL_RWLOCK_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_RWLockStruct {
+ PRRWLock* lock;
+ PKIX_UInt32 readCount;
+ PKIX_Boolean writeLocked;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_RWLock_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_RWLOCK_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.c b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.c
new file mode 100755
index 000000000..8bfa2c996
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.c
@@ -0,0 +1,621 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_string.c
+ *
+ * String Object Functions
+ *
+ */
+
+#include "pkix_pl_string.h"
+
+/* --Private-String-Functions------------------------------------- */
+
+/*
+ * FUNCTION: pkix_pl_String_Comparator
+ * (see comments for PKIX_PL_ComparatorCallback in pkix_pl_system.h)
+ *
+ * NOTE:
+ * This function is a utility function called by pkix_pl_String_Equals().
+ * It is not officially registered as a comparator.
+ */
+static PKIX_Error *
+pkix_pl_String_Comparator(
+ PKIX_PL_String *firstString,
+ PKIX_PL_String *secondString,
+ PKIX_Int32 *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 i;
+ PKIX_Int32 result;
+ unsigned char *p1 = NULL;
+ unsigned char *p2 = NULL;
+
+ PKIX_ENTER(STRING, "pkix_pl_String_Comparator");
+ PKIX_NULLCHECK_THREE(firstString, secondString, pResult);
+
+ result = 0;
+
+ p1 = (unsigned char*) firstString->utf16String;
+ p2 = (unsigned char*) secondString->utf16String;
+
+ /* Compare characters until you find a difference */
+ for (i = 0; ((i < firstString->utf16Length) &&
+ (i < secondString->utf16Length) &&
+ result == 0); i++, p1++, p2++) {
+ if (*p1 < *p2){
+ result = -1;
+ } else if (*p1 > *p2){
+ result = 1;
+ }
+ }
+
+ /* If two arrays are identical so far, the longer one is greater */
+ if (result == 0) {
+ if (firstString->utf16Length < secondString->utf16Length) {
+ result = -1;
+ } else if (firstString->utf16Length >
+ secondString->utf16Length) {
+ result = 1;
+ }
+ }
+
+ *pResult = result;
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_pl_String_Destroy
+ * (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_String_Destroy(
+ PKIX_PL_Object *object,
+ void *plContext)
+{
+ PKIX_PL_String *string = NULL;
+
+ PKIX_ENTER(STRING, "pkix_pl_String_Destroy");
+ PKIX_NULLCHECK_ONE(object);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_STRING_TYPE, plContext),
+ PKIX_ARGUMENTNOTSTRING);
+
+ string = (PKIX_PL_String*)object;
+
+ /* XXX For debugging Destroy EscASCII String */
+ if (string->escAsciiString != NULL) {
+ PKIX_FREE(string->escAsciiString);
+ string->escAsciiString = NULL;
+ string->escAsciiLength = 0;
+ }
+
+ /* Destroy UTF16 String */
+ if (string->utf16String != NULL) {
+ PKIX_FREE(string->utf16String);
+ string->utf16String = NULL;
+ string->utf16Length = 0;
+ }
+
+cleanup:
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_pl_String_ToString
+ * (see comments for PKIX_PL_ToStringCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_String_ToString(
+ PKIX_PL_Object *object,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *string = NULL;
+ char *ascii = NULL;
+ PKIX_UInt32 length;
+
+ PKIX_ENTER(STRING, "pkix_pl_String_ToString");
+ PKIX_NULLCHECK_TWO(object, pString);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_STRING_TYPE, plContext),
+ PKIX_ARGUMENTNOTSTRING);
+
+ string = (PKIX_PL_String*)object;
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ (string, PKIX_ESCASCII, (void **)&ascii, &length, plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, ascii, 0, pString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+ goto cleanup;
+
+cleanup:
+
+ PKIX_FREE(ascii);
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_pl_String_Equals
+ * (see comments for PKIX_PL_EqualsCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_String_Equals(
+ PKIX_PL_Object *firstObject,
+ PKIX_PL_Object *secondObject,
+ PKIX_Boolean *pResult,
+ void *plContext)
+{
+ PKIX_UInt32 secondType;
+ PKIX_Int32 cmpResult = 0;
+
+ PKIX_ENTER(STRING, "pkix_pl_String_Equals");
+ PKIX_NULLCHECK_THREE(firstObject, secondObject, pResult);
+
+ /* Sanity check: Test that "firstObject" is a Strings */
+ PKIX_CHECK(pkix_CheckType(firstObject, PKIX_STRING_TYPE, plContext),
+ PKIX_FIRSTOBJECTNOTSTRING);
+
+ /* "SecondObject" doesn't have to be a string */
+ PKIX_CHECK(PKIX_PL_Object_GetType
+ (secondObject, &secondType, plContext),
+ PKIX_COULDNOTGETTYPEOFSECONDARGUMENT);
+
+ /* If types differ, then we will return false */
+ *pResult = PKIX_FALSE;
+
+ if (secondType != PKIX_STRING_TYPE) goto cleanup;
+
+ /* It's safe to cast here */
+ PKIX_CHECK(pkix_pl_String_Comparator
+ ((PKIX_PL_String*)firstObject,
+ (PKIX_PL_String*)secondObject,
+ &cmpResult,
+ plContext),
+ PKIX_STRINGCOMPARATORFAILED);
+
+ /* Strings are equal iff Comparator Result is 0 */
+ *pResult = (cmpResult == 0);
+
+cleanup:
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_pl_String_Hashcode
+ * (see comments for PKIX_PL_HashcodeCallback in pkix_pl_system.h)
+ */
+static PKIX_Error *
+pkix_pl_String_Hashcode(
+ PKIX_PL_Object *object,
+ PKIX_UInt32 *pHashcode,
+ void *plContext)
+{
+ PKIX_PL_String *string = NULL;
+
+ PKIX_ENTER(STRING, "pkix_pl_String_Hashcode");
+ PKIX_NULLCHECK_TWO(object, pHashcode);
+
+ PKIX_CHECK(pkix_CheckType(object, PKIX_STRING_TYPE, plContext),
+ PKIX_OBJECTNOTSTRING);
+
+ string = (PKIX_PL_String*)object;
+
+ PKIX_CHECK(pkix_hash
+ ((const unsigned char *)string->utf16String,
+ string->utf16Length,
+ pHashcode,
+ plContext),
+ PKIX_HASHFAILED);
+
+cleanup:
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: pkix_pl_String_RegisterSelf
+ * DESCRIPTION:
+ * Registers PKIX_STRING_TYPE and its related functions with systemClasses[]
+ * THREAD SAFETY:
+ * Not Thread Safe - for performance and complexity reasons
+ *
+ * Since this function is only called by PKIX_PL_Initialize, which should
+ * only be called once, it is acceptable that this function is not
+ * thread-safe.
+ */
+PKIX_Error *
+pkix_pl_String_RegisterSelf(
+ void *plContext)
+{
+ extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
+ pkix_ClassTable_Entry entry;
+
+ PKIX_ENTER(STRING, "pkix_pl_String_RegisterSelf");
+
+ entry.description = "String";
+ entry.objCounter = 0;
+ entry.typeObjectSize = sizeof(PKIX_PL_String);
+ entry.destructor = pkix_pl_String_Destroy;
+ entry.equalsFunction = pkix_pl_String_Equals;
+ entry.hashcodeFunction = pkix_pl_String_Hashcode;
+ entry.toStringFunction = pkix_pl_String_ToString;
+ entry.comparator = NULL;
+ entry.duplicateFunction = pkix_duplicateImmutable;
+
+ systemClasses[PKIX_STRING_TYPE] = entry;
+
+ PKIX_RETURN(STRING);
+}
+
+
+/* --Public-String-Functions----------------------------------------- */
+
+/*
+ * FUNCTION: PKIX_PL_String_Create (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_String_Create(
+ PKIX_UInt32 fmtIndicator,
+ const void *stringRep,
+ PKIX_UInt32 stringLen,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_PL_String *string = NULL;
+ unsigned char *utf16Char = NULL;
+ PKIX_UInt32 i;
+
+ PKIX_ENTER(STRING, "PKIX_PL_String_Create");
+ PKIX_NULLCHECK_TWO(pString, stringRep);
+
+ PKIX_CHECK(PKIX_PL_Object_Alloc
+ (PKIX_STRING_TYPE,
+ sizeof (PKIX_PL_String),
+ (PKIX_PL_Object **)&string,
+ plContext),
+ PKIX_COULDNOTALLOCATENEWSTRINGOBJECT);
+
+ string->utf16String = NULL;
+ string->utf16Length = 0;
+
+ /* XXX For Debugging */
+ string->escAsciiString = NULL;
+ string->escAsciiLength = 0;
+
+ switch (fmtIndicator) {
+ case PKIX_ESCASCII: case PKIX_ESCASCII_DEBUG:
+ PKIX_STRING_DEBUG("\tCalling PL_strlen).\n");
+ string->escAsciiLength = PL_strlen(stringRep);
+
+ /* XXX Cache for Debugging */
+ PKIX_CHECK(PKIX_PL_Malloc
+ ((string->escAsciiLength)+1,
+ (void **)&string->escAsciiString,
+ plContext),
+ PKIX_MALLOCFAILED);
+
+ (void) PORT_Memcpy
+ (string->escAsciiString,
+ (void *)((char *)stringRep),
+ (string->escAsciiLength)+1);
+
+ /* Convert the EscASCII string to UTF16 */
+ PKIX_CHECK(pkix_EscASCII_to_UTF16
+ (string->escAsciiString,
+ string->escAsciiLength,
+ (fmtIndicator == PKIX_ESCASCII_DEBUG),
+ &string->utf16String,
+ &string->utf16Length,
+ plContext),
+ PKIX_ESCASCIITOUTF16FAILED);
+ break;
+ case PKIX_UTF8:
+ /* Convert the UTF8 string to UTF16 */
+ PKIX_CHECK(pkix_UTF8_to_UTF16
+ (stringRep,
+ stringLen,
+ &string->utf16String,
+ &string->utf16Length,
+ plContext),
+ PKIX_UTF8TOUTF16FAILED);
+ break;
+ case PKIX_UTF16:
+ /* UTF16 Strings must be even in length */
+ if (stringLen%2 == 1) {
+ PKIX_DECREF(string);
+ PKIX_ERROR(PKIX_UTF16ALIGNMENTERROR);
+ }
+
+ utf16Char = (unsigned char *)stringRep;
+
+ /* Make sure this is a valid UTF-16 String */
+ for (i = 0; \
+ (i < stringLen) && (pkixErrorResult == NULL); \
+ i += 2) {
+ /* Check that surrogate pairs are valid */
+ if ((utf16Char[i] >= 0xD8)&&
+ (utf16Char[i] <= 0xDB)) {
+ if ((i+2) >= stringLen) {
+ PKIX_ERROR(PKIX_UTF16HIGHZONEALIGNMENTERROR);
+ /* Second pair should be DC00-DFFF */
+ } else if (!((utf16Char[i+2] >= 0xDC)&&
+ (utf16Char[i+2] <= 0xDF))) {
+ PKIX_ERROR(PKIX_UTF16LOWZONEERROR);
+ } else {
+ /* Surrogate quartet is valid. */
+ i += 2;
+ }
+ }
+ }
+
+ /* Create UTF16 String */
+ string->utf16Length = stringLen;
+
+ /* Alloc space for string */
+ PKIX_CHECK(PKIX_PL_Malloc
+ (stringLen, &string->utf16String, plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_STRING_DEBUG("\tCalling PORT_Memcpy).\n");
+ (void) PORT_Memcpy
+ (string->utf16String, stringRep, stringLen);
+ break;
+
+ default:
+ PKIX_ERROR(PKIX_UNKNOWNFORMAT);
+ }
+
+ *pString = string;
+
+cleanup:
+
+ if (PKIX_ERROR_RECEIVED){
+ PKIX_DECREF(string);
+ }
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: PKIX_PL_Sprintf (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_Sprintf(
+ PKIX_PL_String **pOut,
+ void *plContext,
+ const PKIX_PL_String *fmt,
+ ...)
+{
+ PKIX_PL_String *tempString = NULL;
+ PKIX_UInt32 tempUInt = 0;
+ void *pArg = NULL;
+ char *asciiText = NULL;
+ char *asciiFormat = NULL;
+ char *convertedAsciiFormat = NULL;
+ char *convertedAsciiFormatBase = NULL;
+ va_list args;
+ PKIX_UInt32 length, i, j, dummyLen;
+
+ PKIX_ENTER(STRING, "PKIX_PL_Sprintf");
+ PKIX_NULLCHECK_TWO(pOut, fmt);
+
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ ((PKIX_PL_String *)fmt,
+ PKIX_ESCASCII,
+ (void **)&asciiFormat,
+ &length,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+
+ PKIX_STRING_DEBUG("\tCalling PR_Malloc).\n");
+ convertedAsciiFormat = PR_Malloc(length + 1);
+ if (convertedAsciiFormat == NULL)
+ PKIX_ERROR_ALLOC_ERROR();
+
+ convertedAsciiFormatBase = convertedAsciiFormat;
+
+ PKIX_STRING_DEBUG("\tCalling va_start).\n");
+ va_start(args, fmt);
+
+ i = 0;
+ j = 0;
+ while (i < length) {
+ if ((asciiFormat[i] == '%')&&((i+1) < length)) {
+ switch (asciiFormat[i+1]) {
+ case 's':
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ convertedAsciiFormat[j] = '\0';
+
+ tempString = va_arg(args, PKIX_PL_String *);
+ if (tempString != NULL) {
+ PKIX_CHECK(PKIX_PL_String_GetEncoded
+ ((PKIX_PL_String*)
+ tempString,
+ PKIX_ESCASCII,
+ &pArg,
+ &dummyLen,
+ plContext),
+ PKIX_STRINGGETENCODEDFAILED);
+ } else {
+ /* there may be a NULL in var_args */
+ pArg = NULL;
+ }
+ if (asciiText != NULL) {
+ asciiText = PR_sprintf_append(asciiText,
+ (const char *)convertedAsciiFormat,
+ pArg);
+ } else {
+ asciiText = PR_smprintf
+ ((const char *)convertedAsciiFormat,
+ pArg);
+ }
+ if (pArg != NULL) {
+ PKIX_PL_Free(pArg, plContext);
+ pArg = NULL;
+ }
+ convertedAsciiFormat += j;
+ j = 0;
+ break;
+ case 'd':
+ case 'i':
+ case 'o':
+ case 'u':
+ case 'x':
+ case 'X':
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ convertedAsciiFormat[j] = '\0';
+
+ tempUInt = va_arg(args, PKIX_UInt32);
+ if (asciiText != NULL) {
+ asciiText = PR_sprintf_append(asciiText,
+ (const char *)convertedAsciiFormat,
+ tempUInt);
+ } else {
+ asciiText = PR_smprintf
+ ((const char *)convertedAsciiFormat,
+ tempUInt);
+ }
+ convertedAsciiFormat += j;
+ j = 0;
+ break;
+ default:
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ break;
+ }
+ } else {
+ convertedAsciiFormat[j++] = asciiFormat[i++];
+ }
+ }
+
+ /* for constant string value at end of fmt */
+ if (j > 0) {
+ convertedAsciiFormat[j] = '\0';
+ if (asciiText != NULL) {
+ asciiText = PR_sprintf_append(asciiText,
+ (const char *)convertedAsciiFormat);
+ } else {
+ asciiText = PR_smprintf((const char *)convertedAsciiFormat);
+ }
+ }
+
+ va_end(args);
+
+ /* Copy temporary char * into a string object */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, (void *)asciiText, 0, pOut, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+cleanup:
+
+ PKIX_FREE(asciiFormat);
+
+ if (convertedAsciiFormatBase){
+ PR_Free(convertedAsciiFormatBase);
+ }
+
+ if (asciiText){
+ PKIX_STRING_DEBUG("\tCalling PR_smprintf_free).\n");
+ PR_smprintf_free(asciiText);
+ }
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: PKIX_PL_GetString (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_GetString(
+ /* ARGSUSED */ PKIX_UInt32 stringID,
+ char *defaultString,
+ PKIX_PL_String **pString,
+ void *plContext)
+{
+ PKIX_ENTER(STRING, "PKIX_PL_GetString");
+ PKIX_NULLCHECK_TWO(pString, defaultString);
+
+ /* XXX Optimization - use stringID for caching */
+ PKIX_CHECK(PKIX_PL_String_Create
+ (PKIX_ESCASCII, defaultString, 0, pString, plContext),
+ PKIX_STRINGCREATEFAILED);
+
+cleanup:
+
+ PKIX_RETURN(STRING);
+}
+
+/*
+ * FUNCTION: PKIX_PL_String_GetEncoded (see comments in pkix_pl_system.h)
+ */
+PKIX_Error *
+PKIX_PL_String_GetEncoded(
+ PKIX_PL_String *string,
+ PKIX_UInt32 fmtIndicator,
+ void **pStringRep,
+ PKIX_UInt32 *pLength,
+ void *plContext)
+{
+ PKIX_ENTER(STRING, "PKIX_PL_String_GetEncoded");
+ PKIX_NULLCHECK_THREE(string, pStringRep, pLength);
+
+ switch (fmtIndicator) {
+ case PKIX_ESCASCII: case PKIX_ESCASCII_DEBUG:
+ PKIX_CHECK(pkix_UTF16_to_EscASCII
+ (string->utf16String,
+ string->utf16Length,
+ (fmtIndicator == PKIX_ESCASCII_DEBUG),
+ (char **)pStringRep,
+ pLength,
+ plContext),
+ PKIX_UTF16TOESCASCIIFAILED);
+ break;
+ case PKIX_UTF8:
+ PKIX_CHECK(pkix_UTF16_to_UTF8
+ (string->utf16String,
+ string->utf16Length,
+ PKIX_FALSE,
+ pStringRep,
+ pLength,
+ plContext),
+ PKIX_UTF16TOUTF8FAILED);
+ break;
+ case PKIX_UTF8_NULL_TERM:
+ PKIX_CHECK(pkix_UTF16_to_UTF8
+ (string->utf16String,
+ string->utf16Length,
+ PKIX_TRUE,
+ pStringRep,
+ pLength,
+ plContext),
+ PKIX_UTF16TOUTF8FAILED);
+ break;
+ case PKIX_UTF16:
+ *pLength = string->utf16Length;
+
+ PKIX_CHECK(PKIX_PL_Malloc(*pLength, pStringRep, plContext),
+ PKIX_MALLOCFAILED);
+
+ PKIX_STRING_DEBUG("\tCalling PORT_Memcpy).\n");
+ (void) PORT_Memcpy(*pStringRep, string->utf16String, *pLength);
+ break;
+ default:
+ PKIX_ERROR(PKIX_UNKNOWNFORMAT);
+ }
+
+cleanup:
+
+ PKIX_RETURN(STRING);
+}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.h b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.h
new file mode 100755
index 000000000..9270e4c56
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/pkix_pl_string.h
@@ -0,0 +1,37 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * pkix_pl_string.h
+ *
+ * String Object Definitions
+ *
+ */
+
+#ifndef _PKIX_PL_STRING_H
+#define _PKIX_PL_STRING_H
+
+#include "pkix_pl_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct PKIX_PL_StringStruct {
+ void* utf16String;
+ PKIX_UInt32 utf16Length;
+ /* XXX For Debugging */
+ char* escAsciiString;
+ PKIX_UInt32 escAsciiLength;
+};
+
+/* see source file for function documentation */
+
+PKIX_Error *
+pkix_pl_String_RegisterSelf(void *plContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PKIX_PL_STRING_H */
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/system/system.gyp b/security/nss/lib/libpkix/pkix_pl_nss/system/system.gyp
new file mode 100644
index 000000000..32daec93d
--- /dev/null
+++ b/security/nss/lib/libpkix/pkix_pl_nss/system/system.gyp
@@ -0,0 +1,36 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkixsystem',
+ 'type': 'static_library',
+ 'sources': [
+ 'pkix_pl_bigint.c',
+ 'pkix_pl_bytearray.c',
+ 'pkix_pl_common.c',
+ 'pkix_pl_error.c',
+ 'pkix_pl_hashtable.c',
+ 'pkix_pl_lifecycle.c',
+ 'pkix_pl_mem.c',
+ 'pkix_pl_monitorlock.c',
+ 'pkix_pl_mutex.c',
+ 'pkix_pl_object.c',
+ 'pkix_pl_oid.c',
+ 'pkix_pl_primhash.c',
+ 'pkix_pl_rwlock.c',
+ 'pkix_pl_string.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/manifest.mn b/security/nss/lib/manifest.mn
new file mode 100644
index 000000000..80d7d9c44
--- /dev/null
+++ b/security/nss/lib/manifest.mn
@@ -0,0 +1,62 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ..
+DEPTH = ..
+
+# Building softoken (and freebl) only requires that the paths
+# to the locations where the util headers and libraries were
+# previously installed by a prior util-only build - likely in
+# in a system location that varies with the distribution. This
+# cannot be addressed here and requires that downstream package
+# mantainers add suitable modifications. Building full nss will
+# not have that problem as everything is available.
+
+SOFTOKEN_SRCDIRS=
+NSS_SRCDIRS=
+
+ifndef NSS_BUILD_UTIL_ONLY
+SOFTOKEN_SRCDIRS = \
+ $(FREEBL_SRCDIR) \
+ $(SQLITE_SRCDIR) \
+ $(DBM_SRCDIR) \
+ $(SOFTOKEN_SRCDIR) \
+ $(NULL)
+ifndef NSS_BUILD_SOFTOKEN_ONLY
+# the rest of nss
+NSS_SRCDIRS = \
+ base dev pki \
+ $(LIBPKIX_SRCDIR) \
+ certdb certhigh pk11wrap cryptohi nss \
+ $(ZLIB_SRCDIR) ssl \
+ pkcs7 pkcs12 smime \
+ crmf jar \
+ ckfw $(SYSINIT_SRCDIR) \
+ $(NULL)
+endif
+endif
+
+#
+# organized by DLL
+#
+# softoken and prereqs.
+# stan (not a separate dll yet)
+# libpkix (not a separate dll)
+# nss base (traditional)
+# ssl
+# smime
+# ckfw (builtins module)
+# crmf jar (not dll's)
+DIRS = \
+ $(UTIL_SRCDIR) \
+ $(SOFTOKEN_SRCDIRS) \
+ $(NSS_SRCDIRS) \
+ $(NULL)
+
+# fortcrypt is no longer built
+
+#
+# these dirs are not built at the moment
+#
+#NOBUILD_DIRS = jar
diff --git a/security/nss/lib/nss/Makefile b/security/nss/lib/nss/Makefile
new file mode 100644
index 000000000..3a8e22f0a
--- /dev/null
+++ b/security/nss/lib/nss/Makefile
@@ -0,0 +1,46 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
diff --git a/security/nss/lib/nss/config.mk b/security/nss/lib/nss/config.mk
new file mode 100644
index 000000000..a17f3ef5c
--- /dev/null
+++ b/security/nss/lib/nss/config.mk
@@ -0,0 +1,114 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/$(LIBRARY_NAME).res
+RESNAME = $(LIBRARY_NAME).rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4\
+ $(NULL)
+else # ! NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ $(DIST)/lib/nssutil3.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
+# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+
+endif
+
+
+# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
+SHARED_LIBRARY_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)certsel.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)checker.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)params.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)results.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)top.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)util.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)crlsel.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)store.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)pki.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)system.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)module.$(LIB_SUFFIX) \
+ $(NULL)
+
+SHARED_LIBRARY_DIRS = \
+ ../certhigh \
+ ../cryptohi \
+ ../pk11wrap \
+ ../certdb \
+ ../pki \
+ ../dev \
+ ../base \
+ $(NULL)
+
+ifndef NSS_DISABLE_LIBPKIX
+SHARED_LIBRARY_DIRS += \
+ ../libpkix/pkix/certsel \
+ ../libpkix/pkix/checker \
+ ../libpkix/pkix/params \
+ ../libpkix/pkix/results \
+ ../libpkix/pkix/top \
+ ../libpkix/pkix/util \
+ ../libpkix/pkix/crlsel \
+ ../libpkix/pkix/store \
+ ../libpkix/pkix_pl_nss/pki \
+ ../libpkix/pkix_pl_nss/system \
+ ../libpkix/pkix_pl_nss/module \
+ $(NULL)
+endif
+
+ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))
+ifndef NS_USE_GCC
+# Export 'mktemp' to be backward compatible with NSS 3.2.x and 3.3.x
+# but do not put it in the import library. See bug 142575.
+DEFINES += -DWIN32_NSS3_DLL_COMPAT
+DLLFLAGS += -EXPORT:mktemp=nss_mktemp,PRIVATE
+endif
+endif
+
+ifdef POLICY_FILE
+ifndef POLICY_PATH
+$(error You must define POLICY_PATH if you set POLICY_FILE)
+endif
+DEFINES += -DPOLICY_FILE=\"$(POLICY_FILE)\" -DPOLICY_PATH=\"$(POLICY_PATH)\"
+endif
diff --git a/security/nss/lib/nss/exports.gyp b/security/nss/lib/nss/exports.gyp
new file mode 100644
index 000000000..6f874f6b1
--- /dev/null
+++ b/security/nss/lib/nss/exports.gyp
@@ -0,0 +1,32 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_nss_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'nss.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'nssoptions.h',
+ 'nssrenam.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/nss/manifest.mn b/security/nss/lib/nss/manifest.mn
new file mode 100644
index 000000000..54bed49e6
--- /dev/null
+++ b/security/nss/lib/nss/manifest.mn
@@ -0,0 +1,31 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+PRIVATE_EXPORTS = \
+ nssrenam.h \
+ nssoptions.h \
+ $(NULL)
+
+EXPORTS = \
+ nss.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ nssinit.c \
+ nssoptions.c \
+ nssver.c \
+ utilwrap.c \
+ $(NULL)
+
+MAPFILE = $(OBJDIR)/nss.def
+
+LIBRARY_NAME = nss
+LIBRARY_VERSION = 3
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
new file mode 100644
index 000000000..1760b96e4
--- /dev/null
+++ b/security/nss/lib/nss/nss.def
@@ -0,0 +1,1099 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+NSS_3.2 { # NSS 3.2 release
+;+ global:
+LIBRARY nss3 ;-
+EXPORTS ;-
+ATOB_AsciiToData;
+BTOA_ConvertItemToAscii;
+BTOA_DataToAscii;
+CERT_AsciiToName;
+CERT_CertTimesValid;
+CERT_CheckCertValidTimes;
+CERT_CreateCertificateRequest;
+CERT_ChangeCertTrust;
+CERT_DecodeDERCrl;
+CERT_DestroyCertificateRequest;
+CERT_DestroyCertList;
+CERT_DestroyName;
+CERT_EnableOCSPChecking;
+CERT_FormatName;
+CERT_DestroyCertificate;
+CERT_DupCertificate;
+CERT_FreeDistNames;
+CERT_FreeNicknames;
+CERT_GetAVATag;
+CERT_GetCertEmailAddress;
+CERT_GetCertNicknames;
+CERT_GetCertIssuerAndSN;
+CERT_GetCertTrust;
+CERT_GetCertUid;
+CERT_GetCommonName;
+CERT_GetCountryName;
+CERT_GetDBContentVersion;
+CERT_GetDefaultCertDB;
+CERT_GetDomainComponentName;
+CERT_GetLocalityName;
+CERT_GetOrgName;
+CERT_GetOrgUnitName;
+CERT_GetSSLCACerts;
+CERT_GetSlopTime;
+CERT_GetStateName;
+CERT_ImportCAChain;
+CERT_NameToAscii;
+CERT_RFC1485_EscapeAndQuote;
+CERT_SetSlopTime;
+CERT_VerifyCertName;
+CERT_VerifyCertNow;
+DER_UTCDayToAscii;
+DER_UTCTimeToAscii;
+DER_GeneralizedTimeToTime;
+NSS_Init;
+NSS_Initialize;
+NSS_InitReadWrite;
+NSS_NoDB_Init;
+NSS_Shutdown;
+NSS_VersionCheck;
+PK11_Authenticate;
+PK11_ChangePW;
+PK11_CheckUserPassword;
+PK11_CipherOp;
+PK11_CloneContext;
+PK11_ConfigurePKCS11;
+PK11_CreateContextBySymKey;
+PK11_CreateDigestContext;
+PK11_DestroyContext;
+PK11_DestroyTokenObject;
+PK11_DigestBegin;
+PK11_DigestOp;
+PK11_DigestFinal;
+PK11_DoesMechanism;
+PK11_FindCertFromNickname;
+PK11_FindCertFromDERCert;
+PK11_FindCertByIssuerAndSN;
+PK11_FindKeyByAnyCert;
+PK11_FindKeyByDERCert;
+PK11_FindSlotByName;
+PK11_Finalize;
+PK11_FortezzaHasKEA;
+PK11_FreeSlot;
+PK11_FreeSlotList;
+PK11_FreeSymKey;
+PK11_GenerateKeyPair;
+PK11_GenerateRandom;
+PK11_GenerateNewParam;
+PK11_GetAllTokens;
+PK11_GetBlockSize;
+PK11_GetFirstSafe;
+PK11_GetInternalKeySlot;
+PK11_GetInternalSlot;
+PK11_GetSlotName;
+PK11_GetTokenName;
+PK11_HashBuf;
+PK11_IsFIPS;
+PK11_IsFriendly;
+PK11_IsInternal;
+PK11_IsHW;
+PK11_IsPresent;
+PK11_IsReadOnly;
+PK11_KeyGen;
+PK11_ListCerts;
+PK11_NeedLogin;
+PK11_RandomUpdate;
+PK11_SetPasswordFunc;
+PK11_SetSlotPWValues;
+PORT_Alloc;
+PORT_Free;
+PORT_GetError;
+PORT_SetError;
+PORT_SetUCS4_UTF8ConversionFunction;
+PORT_SetUCS2_UTF8ConversionFunction;
+PORT_SetUCS2_ASCIIConversionFunction;
+SECITEM_CopyItem;
+SECITEM_DupItem;
+SECITEM_FreeItem;
+SECITEM_ZfreeItem;
+SECKEY_ConvertToPublicKey;
+SECKEY_CopyPrivateKey;
+SECKEY_CreateSubjectPublicKeyInfo;
+SECKEY_DestroyPrivateKey;
+SECKEY_DestroySubjectPublicKeyInfo;
+SECMOD_IsModulePresent;
+SECOID_FindOIDTagDescription;
+SECOID_GetAlgorithmTag;
+SEC_DeletePermCertificate;
+SEC_DeletePermCRL;
+SEC_DerSignData;
+SEC_DestroyCrl;
+SEC_FindCrlByDERCert;
+SEC_FindCrlByName;
+SEC_LookupCrls;
+SEC_NewCrl;
+;+#
+;+# The following symbols are exported only to make libssl3.so work.
+;+# These are still private!!!
+;+#
+__CERT_NewTempCertificate;
+__PK11_CreateContextByRawKey;
+__PK11_GetKeyData;
+__nss_InitLock;
+CERT_CertChainFromCert;
+CERT_DestroyCertificateList;
+CERT_DupCertList;
+CERT_ExtractPublicKey;
+CERT_FindCertByName;
+DER_Lengths;
+DSAU_DecodeDerSig;
+DSAU_EncodeDerSig;
+HASH_GetHashObject;
+NSSRWLock_Destroy;
+NSSRWLock_HaveWriteLock;
+NSSRWLock_LockRead;
+NSSRWLock_LockWrite;
+NSSRWLock_New;
+NSSRWLock_UnlockRead;
+NSSRWLock_UnlockWrite;
+NSS_PutEnv;
+PK11_Derive;
+PK11_DeriveWithFlags;
+PK11_DigestKey;
+PK11_FindBestKEAMatch;
+PK11_FindFixedKey;
+PK11_GenerateFortezzaIV;
+PK11_GetBestKeyLength;
+PK11_GetBestSlot;
+PK11_GetBestSlotMultiple;
+PK11_GetBestWrapMechanism;
+PK11_GetCurrentWrapIndex;
+PK11_GetMechanism;
+PK11_GetModuleID;
+PK11_GetPrivateModulusLen;
+PK11_GetSlotFromKey;
+PK11_GetSlotFromPrivateKey;
+PK11_GetSlotID;
+PK11_GetSlotSeries;
+PK11_GetTokenInfo;
+PK11_GetWindow;
+PK11_GetWrapKey;
+PK11_IVFromParam;
+PK11_MakeKEAPubKey;
+PK11_ParamFromIV;
+PK11_PubDecryptRaw;
+PK11_PubDerive;
+PK11_PubEncryptRaw;
+PK11_PubUnwrapSymKey;
+PK11_PubWrapSymKey;
+PK11_ReferenceSymKey;
+PK11_RestoreContext;
+PK11_SaveContext;
+PK11_SetFortezzaHack;
+PK11_SetWrapKey;
+PK11_Sign;
+PK11_SignatureLen;
+PK11_SymKeyFromHandle;
+PK11_TokenExists;
+PK11_UnwrapSymKey;
+PK11_UnwrapSymKeyWithFlags;
+PK11_Verify;
+PK11_VerifyKeyOK;
+PK11_WrapSymKey;
+PORT_ArenaAlloc;
+PORT_ArenaZAlloc;
+PORT_FreeArena;
+PORT_NewArena;
+PORT_Realloc;
+PORT_ZAlloc;
+PORT_ZFree;
+RSA_FormatBlock;
+SECITEM_CompareItem;
+SECKEY_CreateRSAPrivateKey;
+SECKEY_DestroyPublicKey;
+SECKEY_PublicKeyStrength;
+SECKEY_UpdateCertPQG;
+SECMOD_LookupSlot;
+SGN_Begin;
+SGN_DestroyContext;
+SGN_End;
+SGN_NewContext;
+SGN_Update;
+VFY_Begin;
+VFY_CreateContext;
+VFY_DestroyContext;
+VFY_End;
+VFY_Update;
+;+#
+;+# The following symbols are exported only to make libsmime3.so work.
+;+# These are still private!!!
+;+#
+__CERT_ClosePermCertDB;
+__CERT_DecodeDERCertificate;
+__CERT_TraversePermCertsForNickname;
+__CERT_TraversePermCertsForSubject;
+__PBE_CreateContext;
+__PBE_DestroyContext;
+__PBE_GenerateBits;
+ATOB_ConvertAsciiToItem;
+CERT_AddCertToListTail;
+CERT_CertListFromCert;
+CERT_DestroyCertArray;
+CERT_FindCertByDERCert;
+CERT_FindCertByIssuerAndSN;
+CERT_FindSMimeProfile;
+CERT_ImportCerts;
+CERT_NewCertList;
+CERT_OpenCertDBFilename;
+CERT_SaveSMimeProfile;
+CERT_VerifyCert;
+DER_GetInteger;
+DER_TimeToUTCTime;
+DER_UTCTimeToTime;
+PK11_AlgtagToMechanism;
+PK11_BlockData;
+PK11_CreatePBEAlgorithmID;
+PK11_DestroyObject;
+PK11_ExportEncryptedPrivateKeyInfo;
+PK11_ExportPrivateKeyInfo;
+PK11_FindCertAndKeyByRecipientList;
+PK11_FindCertAndKeyByRecipientListNew;
+PK11_FindCertInSlot;
+PK11_FindPrivateKeyFromCert;
+PK11_FortezzaMapSig;
+PK11_GetKeyLength;
+PK11_GetKeyStrength;
+PK11_ImportCertForKeyToSlot;
+PK11_ImportEncryptedPrivateKeyInfo;
+PK11_ImportPrivateKeyInfo;
+PK11_MapPBEMechanismToCryptoMechanism;
+PK11_PBEKeyGen;
+PK11_ParamFromAlgid;
+PK11_ParamToAlgid;
+PK11_TraverseCertsForNicknameInSlot;
+PK11_TraverseCertsForSubjectInSlot;
+PORT_ArenaGrow;
+PORT_ArenaMark;
+PORT_ArenaRelease;
+PORT_ArenaStrdup;
+PORT_ArenaUnmark;
+PORT_UCS2_ASCIIConversion;
+PORT_UCS2_UTF8Conversion;
+SECITEM_AllocItem;
+SECKEY_CopyEncryptedPrivateKeyInfo;
+SECKEY_CopyPrivateKeyInfo;
+SECKEY_DestroyEncryptedPrivateKeyInfo;
+SECKEY_DestroyPrivateKeyInfo;
+SECOID_CompareAlgorithmID;
+SECOID_CopyAlgorithmID;
+SECOID_DestroyAlgorithmID;
+SECOID_FindOID;
+SECOID_FindOIDByTag;
+SECOID_FindOIDTag;
+SECOID_SetAlgorithmID;
+SEC_ASN1DecodeInteger;
+SEC_ASN1DecodeItem;
+SEC_ASN1DecoderClearFilterProc;
+SEC_ASN1DecoderClearNotifyProc;
+SEC_ASN1DecoderFinish;
+SEC_ASN1DecoderSetFilterProc;
+SEC_ASN1DecoderSetNotifyProc;
+SEC_ASN1DecoderStart;
+SEC_ASN1DecoderUpdate;
+SEC_ASN1Encode;
+SEC_ASN1EncodeInteger;
+SEC_ASN1EncodeItem;
+SEC_ASN1EncoderClearNotifyProc;
+SEC_ASN1EncoderClearStreaming;
+SEC_ASN1EncoderClearTakeFromBuf;
+SEC_ASN1EncoderFinish;
+SEC_ASN1EncoderSetNotifyProc;
+SEC_ASN1EncoderSetStreaming;
+SEC_ASN1EncoderSetTakeFromBuf;
+SEC_ASN1EncoderStart;
+SEC_ASN1EncoderUpdate;
+SEC_ASN1LengthLength;
+SEC_PKCS5GetCryptoAlgorithm;
+SEC_PKCS5GetKeyLength;
+SEC_PKCS5GetPBEAlgorithm;
+SEC_PKCS5IsAlgorithmPBEAlg;
+SEC_SignData;
+SGN_CompareDigestInfo;
+SGN_CopyDigestInfo;
+SGN_CreateDigestInfo;
+SGN_DestroyDigestInfo;
+SGN_Digest;
+VFY_VerifyData;
+VFY_VerifyDigest;
+;+#
+;+# Data objects
+;+#
+;+# Don't export these DATA symbols on Windows because they don't work right.
+;+# Use the SEC_ASN1_GET / SEC_ASN1_SUB / SEC_ASN1_XTRN macros to access them.
+;;CERT_CrlTemplate DATA ;
+;;CERT_SignedDataTemplate DATA ;
+;;CERT_CertificateTemplate DATA ;
+;;CERT_CertificateRequestTemplate DATA ;
+;;CERT_IssuerAndSNTemplate DATA ;
+;;CERT_SetOfSignedCrlTemplate DATA ;
+;;SECKEY_DSAPublicKeyTemplate DATA ;
+;;SECKEY_EncryptedPrivateKeyInfoTemplate DATA ;
+;;SECKEY_PointerToEncryptedPrivateKeyInfoTemplate DATA ;
+;;SECKEY_PointerToPrivateKeyInfoTemplate DATA ;
+;;SECKEY_PrivateKeyInfoTemplate DATA ;
+;;SECKEY_RSAPublicKeyTemplate DATA ;
+;;SECOID_AlgorithmIDTemplate DATA ;
+;;SEC_AnyTemplate DATA ;
+;;SEC_BMPStringTemplate DATA ;
+;;SEC_BitStringTemplate DATA ;
+;;SEC_GeneralizedTimeTemplate DATA ;
+;;SEC_IA5StringTemplate DATA ;
+;;SEC_IntegerTemplate DATA ;
+;;SEC_ObjectIDTemplate DATA ;
+;;SEC_OctetStringTemplate DATA ;
+;;SEC_PointerToAnyTemplate DATA ;
+;;SEC_PointerToOctetStringTemplate DATA ;
+;;SEC_SetOfAnyTemplate DATA ;
+;;SEC_UTCTimeTemplate DATA ;
+;;sgn_DigestInfoTemplate DATA ;
+NSS_Get_CERT_CrlTemplate;
+NSS_Get_CERT_SignedDataTemplate;
+NSS_Get_CERT_CertificateTemplate;
+NSS_Get_CERT_CertificateRequestTemplate;
+NSS_Get_CERT_IssuerAndSNTemplate;
+NSS_Get_CERT_SetOfSignedCrlTemplate;
+NSS_Get_SECKEY_DSAPublicKeyTemplate;
+NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate;
+NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
+NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
+NSS_Get_SECKEY_PrivateKeyInfoTemplate;
+NSS_Get_SECKEY_RSAPublicKeyTemplate;
+NSS_Get_SECOID_AlgorithmIDTemplate;
+NSS_Get_SEC_AnyTemplate;
+NSS_Get_SEC_BMPStringTemplate;
+NSS_Get_SEC_BitStringTemplate;
+NSS_Get_SEC_GeneralizedTimeTemplate;
+NSS_Get_SEC_IA5StringTemplate;
+NSS_Get_SEC_IntegerTemplate;
+NSS_Get_SEC_ObjectIDTemplate;
+NSS_Get_SEC_OctetStringTemplate;
+NSS_Get_SEC_PointerToAnyTemplate;
+NSS_Get_SEC_PointerToOctetStringTemplate;
+NSS_Get_SEC_SetOfAnyTemplate;
+NSS_Get_SEC_UTCTimeTemplate;
+NSS_Get_sgn_DigestInfoTemplate;
+;+# commands
+CERT_DecodeBasicConstraintValue;
+CERT_DecodeOidSequence;
+CERT_DecodeUserNotice;
+CERT_DecodeCertificatePoliciesExtension;
+CERT_DestroyCertificatePoliciesExtension;
+CERT_FindCertByNicknameOrEmailAddr;
+CERT_FindCertByNickname;
+CERT_GenTime2FormattedAscii;
+CERT_Hexify;
+CERT_CompareName;
+PK11SDR_Encrypt;
+PK11SDR_Decrypt;
+NSSBase64Decoder_Create;
+NSSBase64Decoder_Destroy;
+NSSBase64Decoder_Update;
+NSSBase64Encoder_Create;
+NSSBase64Encoder_Destroy;
+NSSBase64Encoder_Update;
+;+#PK11_DoPassword;
+;+#PK11_FindKeyByKeyID;
+PK11_InitPin;
+PK11_NeedUserInit;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.2.1 { # NSS 3.2.1 release
+;+ global:
+CERT_AddRDN;
+CERT_CreateRDN;
+CERT_CreateAVA;
+CERT_CreateName;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.3 { # NSS 3.3. release
+;+ global:
+CERT_CheckCertUsage;
+CERT_FindCertIssuer;
+PK11_GetModule;
+SECKEY_CreateDHPrivateKey;
+SECKEY_GetPublicKeyType;
+SECMOD_AddNewModule;
+;+#
+;+# The following symbols are exported only to make JSS work.
+;+# These are still private!!!
+;+#
+CERT_DisableOCSPChecking;
+CERT_DisableOCSPDefaultResponder;
+CERT_EnableOCSPDefaultResponder;
+CERT_GetCertTimes;
+CERT_ImportCAChainTrusted;
+CERT_ImportCRL;
+CERT_IsCACert;
+CERT_IsCADERCert;
+CERT_SetOCSPDefaultResponder;
+PBE_CreateContext;
+PBE_DestroyContext;
+PBE_GenerateBits;
+PK11_CheckSSOPassword;
+PK11_CopySymKeyForSigning;
+PK11_DeleteTokenCertAndKey;
+PK11_DEREncodePublicKey;
+PK11_ExtractKeyValue;
+PK11_FindCertsFromNickname;
+PK11_FindKeyByKeyID;
+PK11_GetIVLength;
+PK11_GetKeyData;
+PK11_GetKeyType;
+PK11_GetLowLevelKeyIDForCert;
+PK11_GetLowLevelKeyIDForPrivateKey;
+PK11_GetSlotPWValues;
+PK11_ImportCertForKey;
+PK11_ImportDERCertForKey;
+PK11_ImportDERPrivateKeyInfo;
+PK11_ImportSymKey;
+PK11_IsLoggedIn;
+PK11_KeyForDERCertExists;
+PK11_KeyForCertExists;
+PK11_ListPrivateKeysInSlot;
+PK11_ListCertsInSlot;
+PK11_Logout;
+PK11_NeedPWInit;
+PK11_MakeIDFromPubKey;
+PK11_PQG_DestroyParams;
+PK11_PQG_DestroyVerify;
+PK11_PQG_GetBaseFromParams;
+PK11_PQG_GetCounterFromVerify;
+PK11_PQG_GetHFromVerify;
+PK11_PQG_GetPrimeFromParams;
+PK11_PQG_GetSeedFromVerify;
+PK11_PQG_GetSubPrimeFromParams;
+PK11_PQG_NewParams;
+PK11_PQG_NewVerify;
+PK11_PQG_ParamGen;
+PK11_PQG_ParamGenSeedLen;
+PK11_PQG_VerifyParams;
+PK11_ReferenceSlot;
+PK11_SeedRandom;
+PK11_UnwrapPrivKey;
+PK11_VerifyRecover;
+PK11_WrapPrivKey;
+SEC_CertNicknameConflict;
+SEC_PKCS5GetIV;
+SECMOD_DeleteInternalModule;
+SECMOD_DestroyModule;
+SECMOD_GetDefaultModuleList;
+SECMOD_GetDefaultModuleListLock;
+SECMOD_GetInternalModule;
+SECMOD_GetReadLock;
+SECMOD_ReferenceModule;
+SECMOD_ReleaseReadLock;
+SECKEY_AddPrivateKeyToListTail;
+SECKEY_EncodeDERSubjectPublicKeyInfo;
+SECKEY_ExtractPublicKey;
+SECKEY_DestroyPrivateKeyList;
+SECKEY_GetPrivateKeyType;
+SECKEY_HashPassword;
+SECKEY_ImportDERPublicKey;
+SECKEY_NewPrivateKeyList;
+SECKEY_RemovePrivateKeyListNode;
+VFY_EndWithSignature;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.3.1 { # NSS 3.3.1 release
+;+ global:
+;+#
+;+# The following symbols are exported only to make libsmime3.so work.
+;+# These are still private!!!
+;+#
+PK11_CreatePBEParams;
+PK11_DestroyPBEParams;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.4 { # NSS 3.4 release
+;+ global:
+SECMOD_AddNewModuleEx;
+SECMOD_DeleteModule;
+SECMOD_FreeModuleSpecList;
+SECMOD_GetModuleSpecList;
+SECMOD_LoadModule;
+SECMOD_LoadUserModule;
+SECMOD_UnloadUserModule;
+SECMOD_UpdateModule;
+;+# for PKCS #12
+PK11_RawPBEKeyGen;
+;+# for PSM
+__CERT_AddTempCertToPerm;
+CERT_AddOKDomainName;
+CERT_CopyName;
+CERT_CreateSubjectCertList;
+CERT_DecodeAVAValue;
+;+#CERT_DecodeCertFromPackage;
+CERT_DecodeGeneralName;
+CERT_DecodeTrustString;
+CERT_DerNameToAscii;
+CERT_EncodeGeneralName;
+CERT_FilterCertListByCANames;
+CERT_FilterCertListByUsage;
+CERT_FindCertExtension;
+CERT_FindKeyUsageExtension;
+CERT_FindUserCertByUsage;
+CERT_FindUserCertsByUsage;
+CERT_GetCertChainFromCert;
+CERT_GetOCSPAuthorityInfoAccessLocation;
+CERT_KeyFromDERCrl;
+CERT_MakeCANickname;
+CERT_NicknameStringsFromCertList;
+CERT_VerifySignedData;
+DER_Encode;
+HASH_Begin;
+HASH_Create;
+HASH_Destroy;
+HASH_End;
+HASH_ResultLen;
+HASH_Update;
+NSSBase64_DecodeBuffer; # from Stan
+NSSBase64_EncodeItem; # from Stan
+PK11_GetKeyGen;
+PK11_GetMinimumPwdLength;
+PK11_GetNextSafe;
+PK11_GetPadMechanism;
+PK11_GetSlotInfo;
+PK11_HasRootCerts;
+PK11_IsDisabled;
+PK11_LoadPrivKey;
+PK11_LogoutAll;
+PK11_MechanismToAlgtag;
+PK11_ResetToken;
+PK11_TraverseSlotCerts;
+SEC_ASN1Decode;
+SECKEY_CopySubjectPublicKeyInfo;
+SECMOD_CreateModule;
+SECMOD_FindModule;
+SECMOD_FindSlot;
+SECMOD_PubCipherFlagstoInternal;
+SECMOD_PubMechFlagstoInternal;
+;;CERT_NameTemplate DATA ;
+;;CERT_SubjectPublicKeyInfoTemplate DATA ;
+;;SEC_BooleanTemplate DATA ;
+;;SEC_NullTemplate DATA ;
+;;SEC_SignedCertificateTemplate DATA ;
+;;SEC_UTF8StringTemplate DATA ;
+NSS_Get_CERT_NameTemplate;
+NSS_Get_CERT_SubjectPublicKeyInfoTemplate;
+NSS_Get_SEC_BooleanTemplate;
+NSS_Get_SEC_NullTemplate;
+NSS_Get_SEC_SignedCertificateTemplate;
+NSS_Get_SEC_UTF8StringTemplate;
+;+# for JSS
+PK11_DeleteTokenPrivateKey;
+PK11_DeleteTokenPublicKey;
+PK11_DeleteTokenSymKey;
+PK11_GetNextSymKey;
+PK11_GetPQGParamsFromPrivateKey;
+PK11_GetPrivateKeyNickname;
+PK11_GetPublicKeyNickname;
+PK11_GetSymKeyNickname;
+PK11_ImportDERPrivateKeyInfoAndReturnKey;
+PK11_ImportPrivateKeyInfoAndReturnKey;
+PK11_ImportPublicKey;
+PK11_ImportSymKeyWithFlags;
+PK11_ListFixedKeysInSlot;
+PK11_ListPrivKeysInSlot;
+PK11_ListPublicKeysInSlot;
+PK11_ProtectedAuthenticationPath;
+PK11_SetPrivateKeyNickname;
+PK11_SetPublicKeyNickname;
+PK11_SetSymKeyNickname;
+SECKEY_DecodeDERSubjectPublicKeyInfo;
+SECKEY_DestroyPublicKeyList;
+;+# for debugging
+nss_DumpCertificateCacheInfo;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.5 { # cert creation APIs used by certutil
+;+ global:
+CERT_AddExtension;
+CERT_CopyRDN;
+CERT_CreateCertificate;
+CERT_CreateValidity;
+CERT_DestroyValidity;
+CERT_EncodeAndAddBitStrExtension;
+CERT_EncodeAuthKeyID;
+CERT_EncodeBasicConstraintValue;
+CERT_EncodeCRLDistributionPoints;
+CERT_FinishExtensions;
+CERT_StartCertExtensions;
+DER_AsciiToTime;
+PK11_ImportCert;
+PORT_Strdup;
+SECMOD_CanDeleteInternalModule;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.6 { # NSS 3.6 release
+;+ global:
+CERT_AddOCSPAcceptableResponses;
+CERT_CompleteCRLDecodeEntries;
+CERT_CreateOCSPCertID;
+CERT_CreateOCSPRequest;
+CERT_DecodeDERCrlWithFlags;
+CERT_DecodeOCSPResponse;
+CERT_DestroyOCSPCertID;
+CERT_DestroyOCSPRequest;
+CERT_EncodeOCSPRequest;
+CERT_FilterCertListForUserCerts;
+CERT_GetOCSPResponseStatus;
+CERT_GetOCSPStatusForCertID;
+CERT_IsUserCert;
+CERT_RemoveCertListNode;
+CERT_VerifyCACertForUsage;
+CERT_VerifyCertificate;
+CERT_VerifyCertificateNow;
+CERT_VerifyOCSPResponseSignature;
+PK11_ConvertSessionPrivKeyToTokenPrivKey;
+PK11_ConvertSessionSymKeyToTokenSymKey;
+PK11_GetModInfo;
+PK11_GetPBEIV;
+PK11_ImportCRL;
+PK11_ImportDERCert;
+PK11_PubUnwrapSymKeyWithFlags;
+PK11_SaveContextAlloc;
+PK11_TokenKeyGen;
+SEC_QuickDERDecodeItem;
+SECKEY_CopyPublicKey;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.7 { # NSS 3.7 release
+;+ global:
+CERT_CRLCacheRefreshIssuer;
+CERT_DestroyOCSPResponse;
+CERT_EncodeAltNameExtension;
+CERT_FindCertBySubjectKeyID;
+CERT_FindSubjectKeyIDExtension;
+CERT_GetFirstEmailAddress;
+CERT_GetNextEmailAddress;
+CERT_VerifySignedDataWithPublicKey;
+CERT_VerifySignedDataWithPublicKeyInfo;
+PK11_WaitForTokenEvent;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.7.1 { # NSS 3.7.1 release
+;+ global:
+PK11_TokenRefresh;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.8 { # NSS 3.8 release
+;+ global:
+CERT_IsRootDERCert;
+HASH_GetHashObjectByOidTag;
+HASH_GetHashTypeByOidTag;
+PK11_GetDefaultArray;
+PK11_GetDefaultFlags;
+PK11_GetDisabledReason;
+PK11_UpdateSlotAttribute;
+PK11_UserEnableSlot;
+PK11_UserDisableSlot;
+SECITEM_ItemsAreEqual;
+SECKEY_CreateECPrivateKey;
+SECKEY_PublicKeyStrengthInBits;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.9 { # NSS 3.9 release
+;+ global:
+CERT_DestroyOidSequence;
+CERT_GetOidString;
+;;CERT_TimeChoiceTemplate DATA ;
+DER_DecodeTimeChoice;
+DER_EncodeTimeChoice;
+DSAU_DecodeDerSigToLen;
+DSAU_EncodeDerSigWithLen;
+NSS_Get_CERT_TimeChoiceTemplate;
+PK11_DeriveWithFlagsPerm;
+PK11_ExportEncryptedPrivKeyInfo;
+PK11_FindSlotsByNames;
+PK11_GetSymKeyType;
+PK11_MoveSymKey;
+PK11_PubDeriveWithKDF;
+PK11_PubUnwrapSymKeyWithFlagsPerm;
+PK11_UnwrapSymKeyWithFlagsPerm;
+SECITEM_ArenaDupItem;
+SECMOD_GetDBModuleList;
+SECMOD_GetDeadModuleList;
+SEC_ASN1DecoderAbort;
+SEC_ASN1EncoderAbort;
+SEC_DupCrl;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.9.2 { # NSS 3.9.2 release
+;+ global:
+NSS_IsInitialized;
+PK11_DestroyGenericObject;
+PK11_DestroyGenericObjects;
+PK11_FindGenericObjects;
+PK11_GetNextGenericObject;
+PK11_GetPrevGenericObject;
+PK11_LinkGenericObject;
+PK11_ReadRawAttribute;
+PK11_UnlinkGenericObject;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.9.3 { # NSS 3.9.3 release
+;+ global:
+PK11_GetCertFromPrivateKey;
+PK11_PrivDecryptPKCS1;
+PK11_PubEncryptPKCS1;
+SECMOD_CancelWait;
+SECMOD_HasRemovableSlots;
+SECMOD_UpdateSlotList;
+SECMOD_WaitForAnyTokenEvent;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.10 { # NSS 3.10 release
+;+ global:
+CERT_CacheCRL;
+CERT_DecodeAltNameExtension;
+CERT_DecodeAuthInfoAccessExtension;
+CERT_DecodeAuthKeyID;
+CERT_DecodeCRLDistributionPoints;
+CERT_DecodeNameConstraintsExtension;
+CERT_DecodePrivKeyUsagePeriodExtension;
+CERT_DestroyUserNotice;
+CERT_FinishCertificateRequestAttributes;
+CERT_GetCertificateNames;
+CERT_GetCertificateRequestExtensions;
+CERT_GetNextGeneralName;
+CERT_GetNextNameConstraint;
+CERT_GetPrevGeneralName;
+CERT_GetPrevNameConstraint;
+CERT_MergeExtensions;
+CERT_StartCertificateRequestAttributes;
+CERT_StartCRLEntryExtensions;
+CERT_StartCRLExtensions;
+CERT_UncacheCRL;
+HASH_Clone;
+HASH_HashBuf;
+HASH_ResultLenByOidTag;
+HASH_ResultLenContext;
+SEC_GetSignatureAlgorithmOidTag;
+SECKEY_CacheStaticFlags;
+SECOID_AddEntry;
+;+#
+;+# Data objects
+;+#
+;+# Don't export these DATA symbols on Windows because they don't work right.
+;+# Use the SEC_ASN1_GET / SEC_ASN1_SUB / SEC_ASN1_XTRN macros to access them.
+;;CERT_SequenceOfCertExtensionTemplate DATA ;
+;;CERT_SignedCrlTemplate DATA ;
+NSS_Get_CERT_SequenceOfCertExtensionTemplate;
+NSS_Get_CERT_SignedCrlTemplate;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.10.2 { # NSS 3.10.2 release
+;+ global:
+PK11_TokenKeyGenWithFlags;
+PK11_GenerateKeyPairWithFlags;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.11 { # NSS 3.11 release
+;+ global:
+CERT_CompareValidityTimes;
+PK11_CopyTokenPrivKeyToSessionPrivKey;
+PK11_FreeSlotListElement;
+PK11_GenerateRandomOnSlot;
+PK11_GetSymKeyUserData;
+PK11_MapSignKeyType;
+PK11_SetSymKeyUserData;
+SECMOD_CloseUserDB;
+SECMOD_HasRootCerts;
+SECMOD_OpenUserDB;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.11.1 {
+;+ global:
+NSS_RegisterShutdown;
+NSS_UnregisterShutdown;
+SEC_ASN1EncodeUnsignedInteger;
+SEC_RegisterDefaultHttpClient;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.11.2 {
+;+ global:
+SECKEY_SignatureLen;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.11.7 {
+;+ global:
+CERT_SetOCSPFailureMode;
+CERT_OCSPCacheSettings;
+CERT_ClearOCSPCache;
+DER_GeneralizedDayToAscii;
+DER_TimeChoiceDayToAscii;
+DER_TimeToGeneralizedTime;
+DER_TimeToGeneralizedTimeArena;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.11.9 {
+;+ global:
+PK11_UnconfigurePKCS11;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12 { # NSS 3.12 release
+;+ global:
+CERT_CheckNameSpace;
+CERT_EncodeCertPoliciesExtension;
+CERT_EncodeInfoAccessExtension;
+CERT_EncodeInhibitAnyExtension;
+CERT_EncodeNoticeReference;
+CERT_EncodePolicyConstraintsExtension;
+CERT_EncodePolicyMappingExtension;
+CERT_EncodeSubjectKeyID;
+CERT_EncodeUserNotice;
+CERT_FindCRLEntryReasonExten;
+CERT_FindCRLNumberExten;
+CERT_FindNameConstraintsExten;
+CERT_GetClassicOCSPDisabledPolicy;
+CERT_GetClassicOCSPEnabledHardFailurePolicy;
+CERT_GetClassicOCSPEnabledSoftFailurePolicy;
+CERT_GetPKIXVerifyNistRevocationPolicy;
+CERT_GetUsePKIXForValidation;
+CERT_GetValidDNSPatternsFromCert;
+CERT_NewTempCertificate;
+CERT_SetOCSPTimeout;
+CERT_SetUsePKIXForValidation;
+CERT_PKIXVerifyCert;
+HASH_GetType;
+NSS_InitWithMerge;
+PK11_CreateMergeLog;
+PK11_CreateGenericObject;
+PK11_CreatePBEV2AlgorithmID;
+PK11_DestroyMergeLog;
+PK11_GenerateKeyPairWithOpFlags;
+PK11_GetAllSlotsForCert;
+PK11_GetPBECryptoMechanism;
+PK11_IsRemovable;
+PK11_MergeTokens;
+PK11_WriteRawAttribute;
+SECKEY_ECParamsToBasePointOrderLen;
+SECKEY_ECParamsToKeySize;
+SECMOD_DeleteModuleEx;
+SEC_GetRegisteredHttpClient;
+SEC_PKCS5IsAlgorithmPBEAlgTag;
+VFY_CreateContextDirect;
+VFY_CreateContextWithAlgorithmID;
+VFY_VerifyDataDirect;
+VFY_VerifyDataWithAlgorithmID;
+VFY_VerifyDigestDirect;
+VFY_VerifyDigestWithAlgorithmID;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.1 { # NSS 3.12.1 release
+;+ global:
+CERT_NameToAsciiInvertible;
+PK11_FindCertFromDERCertItem;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.3 { # NSS 3.12.3 release
+;+ global:
+CERT_CompareCerts;
+CERT_RegisterAlternateOCSPAIAInfoCallBack;
+PK11_GetSymKeyHandle;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.4 { # NSS 3.12.4 release
+;+ global:
+PK11_IsInternalKeySlot;
+SECMOD_OpenNewSlot;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.5 { # NSS 3.12.5 release
+;+ global:
+CERT_AddCertToListSorted;
+NSS_InitContext;
+NSS_ShutdownContext;
+SECMOD_GetDefaultModDBFlag;
+SECMOD_GetSkipFirstFlag;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.6 { # NSS 3.12.6 release
+;+ global:
+CERT_CacheOCSPResponseFromSideChannel;
+CERT_DistNamesFromCertList;
+CERT_DupDistNames;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.7 { # NSS 3.12.7 release
+;+ global:
+CERT_GetConstrainedCertificateNames;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.9 { # NSS 3.12.9 release
+;+ global:
+CERT_FindCertByNicknameOrEmailAddrForUsage;
+PK11_DeriveWithTemplate;
+PK11_FindCertsFromEmailAddress;
+PK11_KeyGenWithTemplate;
+SECMOD_RestartModules;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.10 { # NSS 3.12.10 release
+;+ global:
+CERT_AllocCERTRevocationFlags;
+CERT_DestroyCERTRevocationFlags;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.13 { # NSS 3.13 release
+;+ global:
+;;SECKEY_RSAPSSParamsTemplate DATA ;
+NSS_Get_SECKEY_RSAPSSParamsTemplate;
+NSS_GetVersion;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.13.2 { # NSS 3.13.2 release
+;+ global:
+PK11_ImportEncryptedPrivateKeyInfoAndReturnKey;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.14 { # NSS 3.14 release
+;+ global:
+CERT_CheckOCSPStatus;
+CERT_DecodeOCSPRequest;
+CERT_GetEncodedOCSPResponse;
+PK11_GetBestSlotWithAttributes;
+PK11_GetBestSlotMultipleWithAttributes;
+PK11_PQG_ParamGenV2;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.14.1 { # NSS 3.14.1 release
+;+ global:
+CERT_CreateEncodedOCSPErrorResponse;
+CERT_CreateEncodedOCSPSuccessResponse;
+CERT_CreateOCSPSingleResponseGood;
+CERT_CreateOCSPSingleResponseUnknown;
+CERT_CreateOCSPSingleResponseRevoked;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.14.3 { # NSS 3.14.3 release
+;+ global:
+PK11_SignWithSymKey;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.15 { # NSS 3.15 release
+;+ global:
+CERT_EncodeNameConstraintsExtension;
+PK11_Decrypt;
+PK11_Encrypt;
+CERT_PostOCSPRequest;
+CERT_AddCertToListHead;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.15.4 { # NSS 3.15.4 release
+;+ global:
+CERT_ForcePostMethodForOCSP;
+CERT_GetSubjectNameDigest;
+CERT_GetSubjectPublicKeyDigest;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.16.1 { # NSS 3.16.1 release
+;+ global:
+PK11_ExportDERPrivateKeyInfo;
+PK11_ExportPrivKeyInfo;
+SECMOD_InternaltoPubMechFlags;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.16.2 { # NSS 3.16.2 release
+;+ global:
+CERT_AddExtensionByOID;
+CERT_GetGeneralNameTypeFromString;
+PK11_PubEncrypt;
+PK11_PrivDecrypt;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.18 { # NSS 3.18 release
+;+ global:
+__PK11_SetCertificateNickname;
+SEC_CheckCrlTimes;
+SEC_GetCrlTimes;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.19 { # NSS 3.19 release
+;+ global:
+CERT_GetImposedNameConstraints;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.19.1 { # NSS 3.19.1 release
+;+ global:
+SECKEY_BigIntegerBitLength;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.21 { # NSS 3.21 release
+;+ global:
+NSS_OptionGet;
+NSS_OptionSet;
+SECMOD_CreateModuleEx;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.22 { # NSS 3.22 release
+;+ global:
+PK11_SignWithMechanism;
+PK11_VerifyWithMechanism;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/nss/nss.gyp b/security/nss/lib/nss/nss.gyp
new file mode 100644
index 000000000..56984d9f1
--- /dev/null
+++ b/security/nss/lib/nss/nss.gyp
@@ -0,0 +1,83 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nss_static',
+ 'type': 'static_library',
+ 'sources': [
+ 'nssinit.c',
+ 'nssoptions.c',
+ 'nssver.c',
+ 'utilwrap.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ ]
+ },
+ {
+ # This is here so Firefox can link this without having to
+ # repeat the list of dependencies.
+ 'target_name': 'nss3_deps',
+ 'type': 'none',
+ 'dependencies': [
+ 'nss_static',
+ '<(DEPTH)/lib/certhigh/certhigh.gyp:certhi',
+ '<(DEPTH)/lib/cryptohi/cryptohi.gyp:cryptohi',
+ '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap',
+ '<(DEPTH)/lib/certdb/certdb.gyp:certdb',
+ '<(DEPTH)/lib/pki/pki.gyp:nsspki',
+ '<(DEPTH)/lib/dev/dev.gyp:nssdev',
+ '<(DEPTH)/lib/base/base.gyp:nssb',
+ ],
+ 'conditions': [
+ [ 'disable_libpkix==0', {
+ 'dependencies': [
+ '<(DEPTH)/lib/libpkix/pkix/certsel/certsel.gyp:pkixcertsel',
+ '<(DEPTH)/lib/libpkix/pkix/checker/checker.gyp:pkixchecker',
+ '<(DEPTH)/lib/libpkix/pkix/params/params.gyp:pkixparams',
+ '<(DEPTH)/lib/libpkix/pkix/results/results.gyp:pkixresults',
+ '<(DEPTH)/lib/libpkix/pkix/top/top.gyp:pkixtop',
+ '<(DEPTH)/lib/libpkix/pkix/util/util.gyp:pkixutil',
+ '<(DEPTH)/lib/libpkix/pkix/crlsel/crlsel.gyp:pkixcrlsel',
+ '<(DEPTH)/lib/libpkix/pkix/store/store.gyp:pkixstore',
+ '<(DEPTH)/lib/libpkix/pkix_pl_nss/pki/pki.gyp:pkixpki',
+ '<(DEPTH)/lib/libpkix/pkix_pl_nss/system/system.gyp:pkixsystem',
+ '<(DEPTH)/lib/libpkix/pkix_pl_nss/module/module.gyp:pkixmodule'
+ ],
+ }],
+ ],
+ },
+ {
+ 'target_name': 'nss3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'nss3_deps',
+ '<(DEPTH)/lib/util/util.gyp:nssutil3',
+ ],
+ 'variables': {
+ 'mapfile': 'nss.def'
+ }
+ }
+ ],
+ 'conditions': [
+ [ 'moz_fold_libs==1', {
+ 'targets': [
+ {
+ 'target_name': 'nss3_static',
+ 'type': 'static_library',
+ 'dependencies': [
+ 'nss3_deps',
+ ],
+ }
+ ],
+ }],
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
new file mode 100644
index 000000000..e4f9facde
--- /dev/null
+++ b/security/nss/lib/nss/nss.h
@@ -0,0 +1,322 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __nss_h_
+#define __nss_h_
+
+/* The private macro _NSS_CUSTOMIZED is for NSS internal use only. */
+#if defined(NSS_ALLOW_UNSUPPORTED_CRITICAL)
+#define _NSS_CUSTOMIZED " (Customized build)"
+#else
+#define _NSS_CUSTOMIZED
+#endif
+
+/*
+ * NSS's major version, minor version, patch level, build number, and whether
+ * this is a beta release.
+ *
+ * The format of the version string should be
+ * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
+ */
+#define NSS_VERSION "3.28.6" _NSS_CUSTOMIZED
+#define NSS_VMAJOR 3
+#define NSS_VMINOR 28
+#define NSS_VPATCH 6
+#define NSS_VBUILD 0
+#define NSS_BETA PR_FALSE
+
+#ifndef RC_INVOKED
+
+#include "seccomon.h"
+
+typedef struct NSSInitParametersStr NSSInitParameters;
+
+/*
+ * parameters used to initialize softoken. Mostly strings used to
+ * internationalize softoken. Memory for the strings are owned by the caller,
+ * who is free to free them once NSS_ContextInit returns. If the string
+ * parameter is NULL (as opposed to empty, zero length), then the softoken
+ * default is used. These are equivalent to the parameters for
+ * PK11_ConfigurePKCS11().
+ *
+ * field names match their equivalent parameter names for softoken strings
+ * documented at https://developer.mozilla.org/en/PKCS11_Module_Specs.
+ *
+ * minPWLen
+ * Minimum password length in bytes.
+ * manufacturerID
+ * Override the default manufactureID value for the module returned in
+ * the CK_INFO, CK_SLOT_INFO, and CK_TOKEN_INFO structures with an
+ * internationalize string (UTF8). This value will be truncated at 32
+ * bytes (not including the trailing NULL, partial UTF8 characters will be
+ * dropped).
+ * libraryDescription
+ * Override the default libraryDescription value for the module returned in
+ * the CK_INFO structure with an internationalize string (UTF8). This value
+ * will be truncated at 32 bytes(not including the trailing NULL, partial
+ * UTF8 characters will be dropped).
+ * cryptoTokenDescription
+ * Override the default label value for the internal crypto token returned
+ * in the CK_TOKEN_INFO structure with an internationalize string (UTF8).
+ * This value will be truncated at 32 bytes (not including the trailing
+ * NULL, partial UTF8 characters will be dropped).
+ * dbTokenDescription
+ * Override the default label value for the internal DB token returned in
+ * the CK_TOKEN_INFO structure with an internationalize string (UTF8). This
+ * value will be truncated at 32 bytes (not including the trailing NULL,
+ * partial UTF8 characters will be dropped).
+ * FIPSTokenDescription
+ * Override the default label value for the internal FIPS token returned in
+ * the CK_TOKEN_INFO structure with an internationalize string (UTF8). This
+ * value will be truncated at 32 bytes (not including the trailing NULL,
+ * partial UTF8 characters will be dropped).
+ * cryptoSlotDescription
+ * Override the default slotDescription value for the internal crypto token
+ * returned in the CK_SLOT_INFO structure with an internationalize string
+ * (UTF8). This value will be truncated at 64 bytes (not including the
+ * trailing NULL, partial UTF8 characters will be dropped).
+ * dbSlotDescription
+ * Override the default slotDescription value for the internal DB token
+ * returned in the CK_SLOT_INFO structure with an internationalize string
+ * (UTF8). This value will be truncated at 64 bytes (not including the
+ * trailing NULL, partial UTF8 characters will be dropped).
+ * FIPSSlotDescription
+ * Override the default slotDecription value for the internal FIPS token
+ * returned in the CK_SLOT_INFO structure with an internationalize string
+ * (UTF8). This value will be truncated at 64 bytes (not including the
+ * trailing NULL, partial UTF8 characters will be dropped).
+ *
+ */
+struct NSSInitParametersStr {
+ unsigned int length; /* allow this structure to grow in the future,
+ * must be set */
+ PRBool passwordRequired;
+ int minPWLen;
+ char *manufactureID; /* variable names for strings match the */
+ char *libraryDescription; /* parameter name in softoken */
+ char *cryptoTokenDescription;
+ char *dbTokenDescription;
+ char *FIPSTokenDescription;
+ char *cryptoSlotDescription;
+ char *dbSlotDescription;
+ char *FIPSSlotDescription;
+};
+
+SEC_BEGIN_PROTOS
+
+/*
+ * Return a boolean that indicates whether the underlying library
+ * will perform as the caller expects.
+ *
+ * The only argument is a string, which should be the version
+ * identifier of the NSS library. That string will be compared
+ * against a string that represents the actual build version of
+ * the NSS library.
+ */
+extern PRBool NSS_VersionCheck(const char *importedVersion);
+
+/*
+ * Returns a const string of the NSS library version.
+ */
+extern const char *NSS_GetVersion(void);
+
+/*
+ * Open the Cert, Key, and Security Module databases, read only.
+ * Initialize the Random Number Generator.
+ * Does not initialize the cipher policies or enables.
+ * Default policy settings disallow all ciphers.
+ */
+extern SECStatus NSS_Init(const char *configdir);
+
+/*
+ * Returns whether NSS has already been initialized or not.
+ */
+extern PRBool NSS_IsInitialized(void);
+
+/*
+ * Open the Cert, Key, and Security Module databases, read/write.
+ * Initialize the Random Number Generator.
+ * Does not initialize the cipher policies or enables.
+ * Default policy settings disallow all ciphers.
+ */
+extern SECStatus NSS_InitReadWrite(const char *configdir);
+
+/*
+ * Open the Cert, Key, and Security Module databases, read/write.
+ * Initialize the Random Number Generator.
+ * Does not initialize the cipher policies or enables.
+ * Default policy settings disallow all ciphers.
+ *
+ * This allows using application defined prefixes for the cert and key db's
+ * and an alternate name for the secmod database. NOTE: In future releases,
+ * the database prefixes my not necessarily map to database names.
+ *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * "https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * "https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * flags - change the open options of NSS_Initialize as follows:
+ * NSS_INIT_READONLY - Open the databases read only.
+ * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just
+ * initialize the volatile certdb.
+ * NSS_INIT_NOMODDB - Don't open the security module DB, just
+ * initialize the PKCS #11 module.
+ * NSS_INIT_FORCEOPEN - Continue to force initializations even if the
+ * databases cannot be opened.
+ * NSS_INIT_NOROOTINIT - Don't try to look for the root certs module
+ * automatically.
+ * NSS_INIT_OPTIMIZESPACE - Use smaller tables and caches.
+ * NSS_INIT_PK11THREADSAFE - only load PKCS#11 modules that are
+ * thread-safe, ie. that support locking - either OS
+ * locking or NSS-provided locks . If a PKCS#11
+ * module isn't thread-safe, don't serialize its
+ * calls; just don't load it instead. This is necessary
+ * if another piece of code is using the same PKCS#11
+ * modules that NSS is accessing without going through
+ * NSS, for example the Java SunPKCS11 provider.
+ * NSS_INIT_PK11RELOAD - ignore the CKR_CRYPTOKI_ALREADY_INITIALIZED
+ * error when loading PKCS#11 modules. This is necessary
+ * if another piece of code is using the same PKCS#11
+ * modules that NSS is accessing without going through
+ * NSS, for example Java SunPKCS11 provider.
+ * NSS_INIT_NOPK11FINALIZE - never call C_Finalize on any
+ * PKCS#11 module. This may be necessary in order to
+ * ensure continuous operation and proper shutdown
+ * sequence if another piece of code is using the same
+ * PKCS#11 modules that NSS is accessing without going
+ * through NSS, for example Java SunPKCS11 provider.
+ * The following limitation applies when this is set :
+ * SECMOD_WaitForAnyTokenEvent will not use
+ * C_WaitForSlotEvent, in order to prevent the need for
+ * C_Finalize. This call will be emulated instead.
+ * NSS_INIT_RESERVED - Currently has no effect, but may be used in the
+ * future to trigger better cooperation between PKCS#11
+ * modules used by both NSS and the Java SunPKCS11
+ * provider. This should occur after a new flag is defined
+ * for C_Initialize by the PKCS#11 working group.
+ * NSS_INIT_COOPERATE - Sets 4 recommended options for applications that
+ * use both NSS and the Java SunPKCS11 provider.
+ *
+ * Also NOTE: This is not the recommended method for initializing NSS.
+ * The preferred method is NSS_init().
+ */
+#define NSS_INIT_READONLY 0x1
+#define NSS_INIT_NOCERTDB 0x2
+#define NSS_INIT_NOMODDB 0x4
+#define NSS_INIT_FORCEOPEN 0x8
+#define NSS_INIT_NOROOTINIT 0x10
+#define NSS_INIT_OPTIMIZESPACE 0x20
+#define NSS_INIT_PK11THREADSAFE 0x40
+#define NSS_INIT_PK11RELOAD 0x80
+#define NSS_INIT_NOPK11FINALIZE 0x100
+#define NSS_INIT_RESERVED 0x200
+
+#define NSS_INIT_COOPERATE NSS_INIT_PK11THREADSAFE | \
+ NSS_INIT_PK11RELOAD | \
+ NSS_INIT_NOPK11FINALIZE | \
+ NSS_INIT_RESERVED
+
+#define SECMOD_DB "secmod.db"
+
+typedef struct NSSInitContextStr NSSInitContext;
+
+extern SECStatus NSS_Initialize(const char *configdir,
+ const char *certPrefix, const char *keyPrefix,
+ const char *secmodName, PRUint32 flags);
+
+extern NSSInitContext *NSS_InitContext(const char *configdir,
+ const char *certPrefix, const char *keyPrefix,
+ const char *secmodName, NSSInitParameters *initParams, PRUint32 flags);
+
+extern SECStatus NSS_ShutdownContext(NSSInitContext *);
+
+/*
+ * same as NSS_Init, but checks to see if we need to merge an
+ * old database in.
+ * updatedir is the directory where the old database lives.
+ * updCertPrefix is the certPrefix for the old database.
+ * updKeyPrefix is the keyPrefix for the old database.
+ * updateID is a unique identifier chosen by the application for
+ * the specific database.
+ * updatName is the name the user will be prompted for when
+ * asking to authenticate to the old database */
+extern SECStatus NSS_InitWithMerge(const char *configdir,
+ const char *certPrefix, const char *keyPrefix, const char *secmodName,
+ const char *updatedir, const char *updCertPrefix,
+ const char *updKeyPrefix, const char *updateID,
+ const char *updateName, PRUint32 flags);
+/*
+ * initialize NSS without a creating cert db's, key db's, or secmod db's.
+ */
+SECStatus NSS_NoDB_Init(const char *configdir);
+
+/*
+ * Allow applications and libraries to register with NSS so that they are called
+ * when NSS shuts down.
+ *
+ * void *appData application specific data passed in by the application at
+ * NSS_RegisterShutdown() time.
+ * void *nssData is NULL in this release, but is reserved for future versions of
+ * NSS to pass some future status information * back to the shutdown function.
+ *
+ * If the shutdown function returns SECFailure,
+ * Shutdown will still complete, but NSS_Shutdown() will return SECFailure.
+ */
+typedef SECStatus (*NSS_ShutdownFunc)(void *appData, void *nssData);
+
+/*
+ * Register a shutdown function.
+ */
+SECStatus NSS_RegisterShutdown(NSS_ShutdownFunc sFunc, void *appData);
+
+/*
+ * Remove an existing shutdown function (you may do this if your library is
+ * complete and going away, but NSS is still running).
+ */
+SECStatus NSS_UnregisterShutdown(NSS_ShutdownFunc sFunc, void *appData);
+
+/* Available options for NSS_OptionSet() and NSS_OptionGet().
+ */
+#define NSS_RSA_MIN_KEY_SIZE 0x001
+#define NSS_DH_MIN_KEY_SIZE 0x002
+#define NSS_DSA_MIN_KEY_SIZE 0x004
+#define NSS_TLS_VERSION_MIN_POLICY 0x008
+#define NSS_TLS_VERSION_MAX_POLICY 0x009
+#define NSS_DTLS_VERSION_MIN_POLICY 0x00a
+#define NSS_DTLS_VERSION_MAX_POLICY 0x00b
+
+/*
+ * Set and get global options for the NSS library.
+ */
+SECStatus NSS_OptionSet(PRInt32 which, PRInt32 value);
+SECStatus NSS_OptionGet(PRInt32 which, PRInt32 *value);
+
+/*
+ * Close the Cert, Key databases.
+ */
+extern SECStatus NSS_Shutdown(void);
+
+/*
+ * set the PKCS #11 strings for the internal token.
+ */
+void PK11_ConfigurePKCS11(const char *man, const char *libdesc,
+ const char *tokdesc, const char *ptokdesc, const char *slotdesc,
+ const char *pslotdesc, const char *fslotdesc, const char *fpslotdesc,
+ int minPwd, int pwRequired);
+
+/*
+ * Dump the contents of the certificate cache and the temporary cert store.
+ * Use to detect leaked references of certs at shutdown time.
+ */
+void nss_DumpCertificateCacheInfo(void);
+
+SEC_END_PROTOS
+
+#endif /* RC_INVOKED */
+#endif /* __nss_h_ */
diff --git a/security/nss/lib/nss/nss.rc b/security/nss/lib/nss/nss.rc
new file mode 100644
index 000000000..6b6fd5f46
--- /dev/null
+++ b/security/nss/lib/nss/nss.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nss.h"
+#include <winver.h>
+
+#define MY_LIBNAME "nss"
+#define MY_FILEDESCRIPTION "NSS Base Library"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if NSS_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,NSS_VBUILD
+ PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,NSS_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", NSS_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", NSS_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
new file mode 100644
index 000000000..5d62d479c
--- /dev/null
+++ b/security/nss/lib/nss/nssinit.c
@@ -0,0 +1,1372 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <ctype.h>
+#include <string.h>
+#include "seccomon.h"
+#include "prinit.h"
+#include "prprf.h"
+#include "prmem.h"
+#include "cert.h"
+#include "key.h"
+#include "secmod.h"
+#include "secoid.h"
+#include "nss.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "nssbase.h"
+#include "nssutil.h"
+
+#ifndef NSS_DISABLE_LIBPKIX
+#include "pkixt.h"
+#include "pkix.h"
+#include "pkix_tools.h"
+#endif /* NSS_DISABLE_LIBPKIX */
+
+#include "pki3hack.h"
+#include "certi.h"
+#include "secmodi.h"
+#include "ocspti.h"
+#include "ocspi.h"
+#include "utilpars.h"
+
+/*
+ * On Windows nss3.dll needs to export the symbol 'mktemp' to be
+ * fully backward compatible with the nss3.dll in NSS 3.2.x and
+ * 3.3.x. This symbol was unintentionally exported and its
+ * definition (in DBM) was moved from nss3.dll to softokn3.dll
+ * in NSS 3.4. See bug 142575.
+ */
+#ifdef WIN32_NSS3_DLL_COMPAT
+#include <io.h>
+
+/* exported as 'mktemp' */
+char *
+nss_mktemp(char *path)
+{
+ return _mktemp(path);
+}
+#endif
+
+#define NSS_MAX_FLAG_SIZE sizeof("readOnly") + sizeof("noCertDB") + \
+ sizeof("noModDB") + sizeof("forceOpen") + sizeof("passwordRequired") + \
+ sizeof("optimizeSpace")
+#define NSS_DEFAULT_MOD_NAME "NSS Internal Module"
+
+static char *
+nss_makeFlags(PRBool readOnly, PRBool noCertDB,
+ PRBool noModDB, PRBool forceOpen,
+ PRBool passwordRequired, PRBool optimizeSpace)
+{
+ char *flags = (char *)PORT_Alloc(NSS_MAX_FLAG_SIZE);
+ PRBool first = PR_TRUE;
+
+ PORT_Memset(flags, 0, NSS_MAX_FLAG_SIZE);
+ if (readOnly) {
+ PORT_Strcat(flags, "readOnly");
+ first = PR_FALSE;
+ }
+ if (noCertDB) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "noCertDB");
+ first = PR_FALSE;
+ }
+ if (noModDB) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "noModDB");
+ first = PR_FALSE;
+ }
+ if (forceOpen) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "forceOpen");
+ first = PR_FALSE;
+ }
+ if (passwordRequired) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "passwordRequired");
+ first = PR_FALSE;
+ }
+ if (optimizeSpace) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "optimizeSpace");
+ }
+ return flags;
+}
+
+/*
+ * build config string from individual internationalized strings
+ */
+char *
+nss_MkConfigString(const char *man, const char *libdesc, const char *tokdesc,
+ const char *ptokdesc, const char *slotdesc, const char *pslotdesc,
+ const char *fslotdesc, const char *fpslotdesc, int minPwd)
+{
+ char *strings = NULL;
+ char *newStrings;
+
+ /* make sure the internationalization was done correctly... */
+ strings = PR_smprintf("");
+ if (strings == NULL)
+ return NULL;
+
+ if (man) {
+ newStrings = PR_smprintf("%s manufacturerID='%s'", strings, man);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (libdesc) {
+ newStrings = PR_smprintf("%s libraryDescription='%s'", strings, libdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (tokdesc) {
+ newStrings = PR_smprintf("%s cryptoTokenDescription='%s'", strings,
+ tokdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (ptokdesc) {
+ newStrings = PR_smprintf("%s dbTokenDescription='%s'", strings, ptokdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (slotdesc) {
+ newStrings = PR_smprintf("%s cryptoSlotDescription='%s'", strings,
+ slotdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (pslotdesc) {
+ newStrings = PR_smprintf("%s dbSlotDescription='%s'", strings, pslotdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (fslotdesc) {
+ newStrings = PR_smprintf("%s FIPSSlotDescription='%s'",
+ strings, fslotdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ if (fpslotdesc) {
+ newStrings = PR_smprintf("%s FIPSTokenDescription='%s'",
+ strings, fpslotdesc);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+ }
+ if (strings == NULL)
+ return NULL;
+
+ newStrings = PR_smprintf("%s minPS=%d", strings, minPwd);
+ PR_smprintf_free(strings);
+ strings = newStrings;
+
+ return (strings);
+}
+
+/*
+ * statics to remember the PK11_ConfigurePKCS11()
+ * info.
+ */
+static char *pk11_config_strings = NULL;
+static char *pk11_config_name = NULL;
+static PRBool pk11_password_required = PR_FALSE;
+
+/*
+ * this is a legacy configuration function which used to be part of
+ * the PKCS #11 internal token.
+ */
+void
+PK11_ConfigurePKCS11(const char *man, const char *libdesc, const char *tokdesc,
+ const char *ptokdesc, const char *slotdesc, const char *pslotdesc,
+ const char *fslotdesc, const char *fpslotdesc, int minPwd,
+ int pwRequired)
+{
+ char *strings;
+
+ strings = nss_MkConfigString(man, libdesc, tokdesc, ptokdesc, slotdesc,
+ pslotdesc, fslotdesc, fpslotdesc, minPwd);
+ if (strings == NULL) {
+ return;
+ }
+
+ if (libdesc) {
+ if (pk11_config_name != NULL) {
+ PORT_Free(pk11_config_name);
+ }
+ pk11_config_name = PORT_Strdup(libdesc);
+ }
+
+ if (pk11_config_strings != NULL) {
+ PR_smprintf_free(pk11_config_strings);
+ }
+ pk11_config_strings = strings;
+ pk11_password_required = pwRequired;
+
+ return;
+}
+
+void
+PK11_UnconfigurePKCS11(void)
+{
+ if (pk11_config_strings != NULL) {
+ PR_smprintf_free(pk11_config_strings);
+ pk11_config_strings = NULL;
+ }
+ if (pk11_config_name) {
+ PORT_Free(pk11_config_name);
+ pk11_config_name = NULL;
+ }
+}
+
+/*
+ * The following code is an attempt to automagically find the external root
+ * module.
+ * Note: Keep the #if-defined chunks in order. HPUX must select before UNIX.
+ */
+
+static const char *dllname =
+#if defined(XP_WIN32) || defined(XP_OS2)
+ "nssckbi.dll";
+#elif defined(HPUX) && !defined(__ia64) /* HP-UX PA-RISC */
+ "libnssckbi.sl";
+#elif defined(DARWIN)
+ "libnssckbi.dylib";
+#elif defined(XP_UNIX) || defined(XP_BEOS)
+ "libnssckbi.so";
+#else
+#error "Uh! Oh! I don't know about this platform."
+#endif
+
+/* Should we have platform ifdefs here??? */
+#define FILE_SEP '/'
+
+static void
+nss_FindExternalRootPaths(const char *dbpath,
+ const char *secmodprefix,
+ char **retoldpath, char **retnewpath)
+{
+ char *path, *oldpath = NULL, *lastsep;
+ int len, path_len, secmod_len, dll_len;
+
+ path_len = PORT_Strlen(dbpath);
+ secmod_len = secmodprefix ? PORT_Strlen(secmodprefix) : 0;
+ dll_len = PORT_Strlen(dllname);
+ len = path_len + secmod_len + dll_len + 2; /* FILE_SEP + NULL */
+
+ path = PORT_Alloc(len);
+ if (path == NULL)
+ return;
+
+ /* back up to the top of the directory */
+ PORT_Memcpy(path, dbpath, path_len);
+ if (path[path_len - 1] != FILE_SEP) {
+ path[path_len++] = FILE_SEP;
+ }
+ PORT_Strcpy(&path[path_len], dllname);
+ if (secmod_len > 0) {
+ lastsep = PORT_Strrchr(secmodprefix, FILE_SEP);
+ if (lastsep) {
+ int secmoddir_len = lastsep - secmodprefix + 1; /* FILE_SEP */
+ oldpath = PORT_Alloc(len);
+ if (oldpath == NULL) {
+ PORT_Free(path);
+ return;
+ }
+ PORT_Memcpy(oldpath, path, path_len);
+ PORT_Memcpy(&oldpath[path_len], secmodprefix, secmoddir_len);
+ PORT_Strcpy(&oldpath[path_len + secmoddir_len], dllname);
+ }
+ }
+ *retoldpath = oldpath;
+ *retnewpath = path;
+ return;
+}
+
+static void
+nss_FreeExternalRootPaths(char *oldpath, char *path)
+{
+ if (path) {
+ PORT_Free(path);
+ }
+ if (oldpath) {
+ PORT_Free(oldpath);
+ }
+}
+
+static void
+nss_FindExternalRoot(const char *dbpath, const char *secmodprefix)
+{
+ char *path = NULL;
+ char *oldpath = NULL;
+ PRBool hasrootcerts = PR_FALSE;
+
+ /*
+ * 'oldpath' is the external root path in NSS 3.3.x or older.
+ * For backward compatibility we try to load the root certs
+ * module with the old path first.
+ */
+ nss_FindExternalRootPaths(dbpath, secmodprefix, &oldpath, &path);
+ if (oldpath) {
+ (void)SECMOD_AddNewModule("Root Certs", oldpath, 0, 0);
+ hasrootcerts = SECMOD_HasRootCerts();
+ }
+ if (path && !hasrootcerts) {
+ (void)SECMOD_AddNewModule("Root Certs", path, 0, 0);
+ }
+ nss_FreeExternalRootPaths(oldpath, path);
+ return;
+}
+
+/*
+ * see nss_Init for definitions of the various options.
+ *
+ * this function builds a moduleSpec string from the options and previously
+ * set statics (from PKCS11_Configure, for instance), and uses it to kick off
+ * the loading of the various PKCS #11 modules.
+ */
+static SECMODModule *
+nss_InitModules(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, const char *secmodName,
+ const char *updateDir, const char *updCertPrefix,
+ const char *updKeyPrefix, const char *updateID,
+ const char *updateName, char *configName, char *configStrings,
+ PRBool pwRequired, PRBool readOnly, PRBool noCertDB,
+ PRBool noModDB, PRBool forceOpen, PRBool optimizeSpace,
+ PRBool isContextInit)
+{
+ SECMODModule *module = NULL;
+ char *moduleSpec = NULL;
+ char *flags = NULL;
+ char *lconfigdir = NULL;
+ char *lcertPrefix = NULL;
+ char *lkeyPrefix = NULL;
+ char *lsecmodName = NULL;
+ char *lupdateDir = NULL;
+ char *lupdCertPrefix = NULL;
+ char *lupdKeyPrefix = NULL;
+ char *lupdateID = NULL;
+ char *lupdateName = NULL;
+
+ if (NSS_InitializePRErrorTable() != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ flags = nss_makeFlags(readOnly, noCertDB, noModDB, forceOpen,
+ pwRequired, optimizeSpace);
+ if (flags == NULL)
+ return NULL;
+
+ /*
+ * configdir is double nested, and Windows uses the same character
+ * for file seps as we use for escapes! (sigh).
+ */
+ lconfigdir = NSSUTIL_DoubleEscape(configdir, '\'', '\"');
+ if (lconfigdir == NULL) {
+ goto loser;
+ }
+ lcertPrefix = NSSUTIL_DoubleEscape(certPrefix, '\'', '\"');
+ if (lcertPrefix == NULL) {
+ goto loser;
+ }
+ lkeyPrefix = NSSUTIL_DoubleEscape(keyPrefix, '\'', '\"');
+ if (lkeyPrefix == NULL) {
+ goto loser;
+ }
+ lsecmodName = NSSUTIL_DoubleEscape(secmodName, '\'', '\"');
+ if (lsecmodName == NULL) {
+ goto loser;
+ }
+ lupdateDir = NSSUTIL_DoubleEscape(updateDir, '\'', '\"');
+ if (lupdateDir == NULL) {
+ goto loser;
+ }
+ lupdCertPrefix = NSSUTIL_DoubleEscape(updCertPrefix, '\'', '\"');
+ if (lupdCertPrefix == NULL) {
+ goto loser;
+ }
+ lupdKeyPrefix = NSSUTIL_DoubleEscape(updKeyPrefix, '\'', '\"');
+ if (lupdKeyPrefix == NULL) {
+ goto loser;
+ }
+ lupdateID = NSSUTIL_DoubleEscape(updateID, '\'', '\"');
+ if (lupdateID == NULL) {
+ goto loser;
+ }
+ lupdateName = NSSUTIL_DoubleEscape(updateName, '\'', '\"');
+ if (lupdateName == NULL) {
+ goto loser;
+ }
+
+ moduleSpec = PR_smprintf(
+ "name=\"%s\" parameters=\"configdir='%s' certPrefix='%s' keyPrefix='%s' "
+ "secmod='%s' flags=%s updatedir='%s' updateCertPrefix='%s' "
+ "updateKeyPrefix='%s' updateid='%s' updateTokenDescription='%s' %s\" "
+ "NSS=\"flags=internal,moduleDB,moduleDBOnly,critical%s\"",
+ configName ? configName : NSS_DEFAULT_MOD_NAME,
+ lconfigdir, lcertPrefix, lkeyPrefix, lsecmodName, flags,
+ lupdateDir, lupdCertPrefix, lupdKeyPrefix, lupdateID,
+ lupdateName, configStrings ? configStrings : "",
+ isContextInit ? "" : ",defaultModDB,internalKeySlot");
+
+loser:
+ PORT_Free(flags);
+ if (lconfigdir)
+ PORT_Free(lconfigdir);
+ if (lcertPrefix)
+ PORT_Free(lcertPrefix);
+ if (lkeyPrefix)
+ PORT_Free(lkeyPrefix);
+ if (lsecmodName)
+ PORT_Free(lsecmodName);
+ if (lupdateDir)
+ PORT_Free(lupdateDir);
+ if (lupdCertPrefix)
+ PORT_Free(lupdCertPrefix);
+ if (lupdKeyPrefix)
+ PORT_Free(lupdKeyPrefix);
+ if (lupdateID)
+ PORT_Free(lupdateID);
+ if (lupdateName)
+ PORT_Free(lupdateName);
+
+ if (moduleSpec) {
+ module = SECMOD_LoadModule(moduleSpec, NULL, PR_TRUE);
+ PR_smprintf_free(moduleSpec);
+ if (module && !module->loaded) {
+ SECMOD_DestroyModule(module);
+ return NULL;
+ }
+ }
+ return module;
+}
+
+/*
+ * OK there are now lots of options here, lets go through them all:
+ *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * "https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * "https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * updateDir - used in initMerge, old directory to update from.
+ * updateID - used in initMerge, unique ID to represent the updated directory.
+ * updateName - used in initMerge, token name when updating.
+ * initContextPtr - used in initContext, pointer to return a unique context
+ * value.
+ * readOnly - Boolean: true if the databases are to be opened read only.
+ * nocertdb - Don't open the cert DB and key DB's, just initialize the
+ * Volatile certdb.
+ * nomoddb - Don't open the security module DB, just initialize the
+ * PKCS #11 module.
+ * forceOpen - Continue to force initializations even if the databases cannot
+ * be opened.
+ * noRootInit - don't try to automatically load the root cert store if one is
+ * not found.
+ * optimizeSpace - tell NSS to use fewer hash table buckets.
+ *
+ * The next three options are used in an attempt to share PKCS #11 modules
+ * with other loaded, running libraries. PKCS #11 was not designed with this
+ * sort of sharing in mind, so use of these options may lead to questionable
+ * results. These options are may be incompatible with NSS_LoadContext() calls.
+ *
+ * noSingleThreadedModules - don't load modules that are not thread safe (many
+ * smart card tokens will not work).
+ * allowAlreadyInitializedModules - if a module has already been loaded and
+ * initialize try to use it.
+ * don'tFinalizeModules - dont shutdown modules we may have loaded.
+ */
+
+static PRBool nssIsInitted = PR_FALSE;
+static NSSInitContext *nssInitContextList = NULL;
+
+#ifndef NSS_DISABLE_LIBPKIX
+static void *plContext = NULL;
+#endif /* NSS_DISABLE_LIBPKIX */
+
+struct NSSInitContextStr {
+ NSSInitContext *next;
+ PRUint32 magic;
+};
+
+#define NSS_INIT_MAGIC 0x1413A91C
+static SECStatus nss_InitShutdownList(void);
+
+/* All initialized to zero in BSS */
+static PRCallOnceType nssInitOnce;
+static PZLock *nssInitLock;
+static PZCondVar *nssInitCondition;
+static int nssIsInInit;
+
+static PRStatus
+nss_doLockInit(void)
+{
+ nssInitLock = PZ_NewLock(nssILockOther);
+ if (nssInitLock == NULL) {
+ return PR_FAILURE;
+ }
+ nssInitCondition = PZ_NewCondVar(nssInitLock);
+ if (nssInitCondition == NULL) {
+ return PR_FAILURE;
+ }
+ return PR_SUCCESS;
+}
+
+static SECStatus
+nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
+ const char *secmodName, const char *updateDir,
+ const char *updCertPrefix, const char *updKeyPrefix,
+ const char *updateID, const char *updateName,
+ NSSInitContext **initContextPtr,
+ NSSInitParameters *initParams,
+ PRBool readOnly, PRBool noCertDB,
+ PRBool noModDB, PRBool forceOpen, PRBool noRootInit,
+ PRBool optimizeSpace, PRBool noSingleThreadedModules,
+ PRBool allowAlreadyInitializedModules,
+ PRBool dontFinalizeModules)
+{
+ SECMODModule *parent = NULL;
+#ifndef NSS_DISABLE_LIBPKIX
+ PKIX_UInt32 actualMinorVersion = 0;
+ PKIX_Error *pkixError = NULL;
+#endif /* NSS_DISABLE_LIBPKIX */
+ PRBool isReallyInitted;
+ char *configStrings = NULL;
+ char *configName = NULL;
+ PRBool passwordRequired = PR_FALSE;
+#ifdef POLICY_FILE
+ char *ignoreVar;
+#endif
+
+ /* if we are trying to init with a traditional NSS_Init call, maintain
+ * the traditional idempotent behavior. */
+ if (!initContextPtr && nssIsInitted) {
+ return SECSuccess;
+ }
+
+ /* make sure our lock and condition variable are initialized one and only
+ * one time */
+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) {
+ return SECFailure;
+ }
+
+ /*
+ * if we haven't done basic initialization, single thread the
+ * initializations.
+ */
+ PZ_Lock(nssInitLock);
+ isReallyInitted = NSS_IsInitialized();
+ if (!isReallyInitted) {
+ while (!isReallyInitted && nssIsInInit) {
+ PZ_WaitCondVar(nssInitCondition, PR_INTERVAL_NO_TIMEOUT);
+ isReallyInitted = NSS_IsInitialized();
+ }
+ /* once we've completed basic initialization, we can allow more than
+ * one process initialize NSS at a time. */
+ }
+ nssIsInInit++;
+ PZ_Unlock(nssInitLock);
+
+ /* this tells us whether or not some library has already initialized us.
+ * if so, we don't want to double call some of the basic initialization
+ * functions */
+
+ if (!isReallyInitted) {
+#ifdef DEBUG
+ CERTCertificate dummyCert;
+ /* New option bits must not change the size of CERTCertificate. */
+ PORT_Assert(sizeof(dummyCert.options) == sizeof(void *));
+#endif
+
+ if (SECSuccess != cert_InitLocks()) {
+ goto loser;
+ }
+
+ if (SECSuccess != InitCRLCache()) {
+ goto loser;
+ }
+
+ if (SECSuccess != OCSP_InitGlobal()) {
+ goto loser;
+ }
+ }
+
+ if (noSingleThreadedModules || allowAlreadyInitializedModules ||
+ dontFinalizeModules) {
+ pk11_setGlobalOptions(noSingleThreadedModules,
+ allowAlreadyInitializedModules,
+ dontFinalizeModules);
+ }
+
+ if (initContextPtr) {
+ *initContextPtr = PORT_ZNew(NSSInitContext);
+ if (*initContextPtr == NULL) {
+ goto loser;
+ }
+ /*
+ * For traditional NSS_Init, we used the PK11_Configure() call to set
+ * globals. with InitContext, we pass those strings in as parameters.
+ *
+ * This allows old NSS_Init calls to work as before, while at the same
+ * time new calls and old calls will not interfere with each other.
+ */
+ if (initParams) {
+ if (initParams->length < sizeof(NSSInitParameters)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ configStrings = nss_MkConfigString(initParams->manufactureID,
+ initParams->libraryDescription,
+ initParams->cryptoTokenDescription,
+ initParams->dbTokenDescription,
+ initParams->cryptoSlotDescription,
+ initParams->dbSlotDescription,
+ initParams->FIPSSlotDescription,
+ initParams->FIPSTokenDescription,
+ initParams->minPWLen);
+ if (configStrings == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ configName = initParams->libraryDescription;
+ passwordRequired = initParams->passwordRequired;
+ }
+
+ /* If we're NSS_ContextInit, we're probably a library. It could be
+ * possible that the application initialized NSS then forked(). The
+ * library would have no knowledge of that. If we call
+ * SECMOD_RestartModules() here, we will be able to continue on with
+ * NSS as normal. SECMOD_RestartModules() does have the side affect
+ * of losing all our PKCS #11 objects in the new process, but only if
+ * the module needs to be reinited. If it needs to be reinit those
+ * objects are inaccessible anyway, it's always save to call
+ * SECMOD_RestartModules(PR_FALSE).
+ */
+ /* NOTE: We could call SECMOD_Init() here, but if we aren't already
+ * inited, then there's no modules to restart, so SECMOD_RestartModules
+ * will return immediately */
+ SECMOD_RestartModules(PR_FALSE);
+ } else {
+ configStrings = pk11_config_strings;
+ configName = pk11_config_name;
+ passwordRequired = pk11_password_required;
+ }
+
+ /* Skip the module init if we are already initted and we are trying
+ * to init with noCertDB and noModDB */
+ if (!(isReallyInitted && noCertDB && noModDB)) {
+ parent = nss_InitModules(configdir, certPrefix, keyPrefix, secmodName,
+ updateDir, updCertPrefix, updKeyPrefix, updateID,
+ updateName, configName, configStrings, passwordRequired,
+ readOnly, noCertDB, noModDB, forceOpen, optimizeSpace,
+ (initContextPtr != NULL));
+
+ if (parent == NULL) {
+ goto loser;
+ }
+ }
+
+ /* finish up initialization */
+ if (!isReallyInitted) {
+ if (SECOID_Init() != SECSuccess) {
+ goto loser;
+ }
+ if (STAN_LoadDefaultNSS3TrustDomain() != PR_SUCCESS) {
+ goto loser;
+ }
+ if (nss_InitShutdownList() != SECSuccess) {
+ goto loser;
+ }
+ CERT_SetDefaultCertDB((CERTCertDBHandle *)
+ STAN_GetDefaultTrustDomain());
+ if ((!noModDB) && (!noCertDB) && (!noRootInit)) {
+ if (!SECMOD_HasRootCerts()) {
+ const char *dbpath = configdir;
+ /* handle supported database modifiers */
+ if (strncmp(dbpath, "sql:", 4) == 0) {
+ dbpath += 4;
+ } else if (strncmp(dbpath, "dbm:", 4) == 0) {
+ dbpath += 4;
+ } else if (strncmp(dbpath, "extern:", 7) == 0) {
+ dbpath += 7;
+ } else if (strncmp(dbpath, "rdb:", 4) == 0) {
+ /* if rdb: is specified, the configdir isn't really a
+ * path. Skip it */
+ dbpath = NULL;
+ }
+ if (dbpath) {
+ nss_FindExternalRoot(dbpath, secmodName);
+ }
+ }
+ }
+#ifdef POLICY_FILE
+ /* Load the system crypto policy file if it exists,
+ * unless the NSS_IGNORE_SYSTEM_POLICY environment
+ * variable has been set to 1. */
+ ignoreVar = PR_GetEnvSecure("NSS_IGNORE_SYSTEM_POLICY");
+ if (ignoreVar == NULL || strncmp(ignoreVar, "1", sizeof("1")) != 0) {
+ if (PR_Access(POLICY_PATH "/" POLICY_FILE, PR_ACCESS_READ_OK) == PR_SUCCESS) {
+ SECMODModule *module = SECMOD_LoadModule(
+ "name=\"Policy File\" "
+ "parameters=\"configdir='sql:" POLICY_PATH "' "
+ "secmod='" POLICY_FILE "' "
+ "flags=readOnly,noCertDB,forceSecmodChoice,forceOpen\" "
+ "NSS=\"flags=internal,moduleDB,skipFirst,moduleDBOnly,critical\"",
+ parent, PR_TRUE);
+ if (module) {
+ PRBool isLoaded = module->loaded;
+ SECMOD_DestroyModule(module);
+ if (!isLoaded) {
+ goto loser;
+ }
+ }
+ }
+ }
+#endif
+ pk11sdr_Init();
+ cert_CreateSubjectKeyIDHashTable();
+
+#ifndef NSS_DISABLE_LIBPKIX
+ pkixError = PKIX_Initialize(PKIX_FALSE, PKIX_MAJOR_VERSION, PKIX_MINOR_VERSION,
+ PKIX_MINOR_VERSION, &actualMinorVersion, &plContext);
+
+ if (pkixError != NULL) {
+ goto loser;
+ } else {
+ char *ev = PR_GetEnvSecure("NSS_ENABLE_PKIX_VERIFY");
+ if (ev && ev[0]) {
+ CERT_SetUsePKIXForValidation(PR_TRUE);
+ }
+ }
+#endif /* NSS_DISABLE_LIBPKIX */
+ }
+
+ /*
+ * Now mark the appropriate init state. If initContextPtr was passed
+ * in, then return the new context pointer and add it to the
+ * nssInitContextList. Otherwise set the global nss_isInitted flag
+ */
+ PZ_Lock(nssInitLock);
+ if (!initContextPtr) {
+ nssIsInitted = PR_TRUE;
+ } else {
+ (*initContextPtr)->magic = NSS_INIT_MAGIC;
+ (*initContextPtr)->next = nssInitContextList;
+ nssInitContextList = (*initContextPtr);
+ }
+ nssIsInInit--;
+ /* now that we are inited, all waiters can move forward */
+ PZ_NotifyAllCondVar(nssInitCondition);
+ PZ_Unlock(nssInitLock);
+
+ if (initContextPtr && configStrings) {
+ PR_smprintf_free(configStrings);
+ }
+ if (parent) {
+ SECMOD_DestroyModule(parent);
+ }
+
+ return SECSuccess;
+
+loser:
+ if (initContextPtr && *initContextPtr) {
+ PORT_Free(*initContextPtr);
+ *initContextPtr = NULL;
+ if (configStrings) {
+ PR_smprintf_free(configStrings);
+ }
+ }
+ PZ_Lock(nssInitLock);
+ nssIsInInit--;
+ /* We failed to init, allow one to move forward */
+ PZ_NotifyCondVar(nssInitCondition);
+ PZ_Unlock(nssInitLock);
+ if (parent) {
+ SECMOD_DestroyModule(parent);
+ }
+ return SECFailure;
+}
+
+SECStatus
+NSS_Init(const char *configdir)
+{
+ return nss_Init(configdir, "", "", SECMOD_DB, "", "", "", "", "", NULL,
+ NULL, PR_TRUE, PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE,
+ PR_TRUE, PR_FALSE, PR_FALSE, PR_FALSE);
+}
+
+SECStatus
+NSS_InitReadWrite(const char *configdir)
+{
+ return nss_Init(configdir, "", "", SECMOD_DB, "", "", "", "", "", NULL,
+ NULL, PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE,
+ PR_TRUE, PR_FALSE, PR_FALSE, PR_FALSE);
+}
+
+/*
+ * OK there are now lots of options here, lets go through them all:
+ *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * "https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * "https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * flags - change the open options of NSS_Initialize as follows:
+ * NSS_INIT_READONLY - Open the databases read only.
+ * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just
+ * initialize the volatile certdb.
+ * NSS_INIT_NOMODDB - Don't open the security module DB, just
+ * initialize the PKCS #11 module.
+ * NSS_INIT_FORCEOPEN - Continue to force initializations even if the
+ * databases cannot be opened.
+ * NSS_INIT_PK11THREADSAFE - only load PKCS#11 modules that are
+ * thread-safe, ie. that support locking - either OS
+ * locking or NSS-provided locks . If a PKCS#11
+ * module isn't thread-safe, don't serialize its
+ * calls; just don't load it instead. This is necessary
+ * if another piece of code is using the same PKCS#11
+ * modules that NSS is accessing without going through
+ * NSS, for example the Java SunPKCS11 provider.
+ * NSS_INIT_PK11RELOAD - ignore the CKR_CRYPTOKI_ALREADY_INITIALIZED
+ * error when loading PKCS#11 modules. This is necessary
+ * if another piece of code is using the same PKCS#11
+ * modules that NSS is accessing without going through
+ * NSS, for example Java SunPKCS11 provider.
+ * NSS_INIT_NOPK11FINALIZE - never call C_Finalize on any
+ * PKCS#11 module. This may be necessary in order to
+ * ensure continuous operation and proper shutdown
+ * sequence if another piece of code is using the same
+ * PKCS#11 modules that NSS is accessing without going
+ * through NSS, for example Java SunPKCS11 provider.
+ * The following limitation applies when this is set :
+ * SECMOD_WaitForAnyTokenEvent will not use
+ * C_WaitForSlotEvent, in order to prevent the need for
+ * C_Finalize. This call will be emulated instead.
+ * NSS_INIT_RESERVED - Currently has no effect, but may be used in the
+ * future to trigger better cooperation between PKCS#11
+ * modules used by both NSS and the Java SunPKCS11
+ * provider. This should occur after a new flag is defined
+ * for C_Initialize by the PKCS#11 working group.
+ * NSS_INIT_COOPERATE - Sets 4 recommended options for applications that
+ * use both NSS and the Java SunPKCS11 provider.
+ */
+SECStatus
+NSS_Initialize(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, const char *secmodName, PRUint32 flags)
+{
+ return nss_Init(configdir, certPrefix, keyPrefix, secmodName,
+ "", "", "", "", "", NULL, NULL,
+ ((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
+ ((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
+ ((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
+ ((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN),
+ ((flags & NSS_INIT_NOROOTINIT) == NSS_INIT_NOROOTINIT),
+ ((flags & NSS_INIT_OPTIMIZESPACE) == NSS_INIT_OPTIMIZESPACE),
+ ((flags & NSS_INIT_PK11THREADSAFE) == NSS_INIT_PK11THREADSAFE),
+ ((flags & NSS_INIT_PK11RELOAD) == NSS_INIT_PK11RELOAD),
+ ((flags & NSS_INIT_NOPK11FINALIZE) == NSS_INIT_NOPK11FINALIZE));
+}
+
+NSSInitContext *
+NSS_InitContext(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, const char *secmodName,
+ NSSInitParameters *initParams, PRUint32 flags)
+{
+ SECStatus rv;
+ NSSInitContext *context;
+
+ rv = nss_Init(configdir, certPrefix, keyPrefix, secmodName,
+ "", "", "", "", "", &context, initParams,
+ ((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
+ ((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
+ ((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
+ ((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN), PR_TRUE,
+ ((flags & NSS_INIT_OPTIMIZESPACE) == NSS_INIT_OPTIMIZESPACE),
+ ((flags & NSS_INIT_PK11THREADSAFE) == NSS_INIT_PK11THREADSAFE),
+ ((flags & NSS_INIT_PK11RELOAD) == NSS_INIT_PK11RELOAD),
+ ((flags & NSS_INIT_NOPK11FINALIZE) == NSS_INIT_NOPK11FINALIZE));
+ return (rv == SECSuccess) ? context : NULL;
+}
+
+SECStatus
+NSS_InitWithMerge(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, const char *secmodName,
+ const char *updateDir, const char *updCertPrefix,
+ const char *updKeyPrefix, const char *updateID,
+ const char *updateName, PRUint32 flags)
+{
+ return nss_Init(configdir, certPrefix, keyPrefix, secmodName,
+ updateDir, updCertPrefix, updKeyPrefix, updateID, updateName,
+ NULL, NULL,
+ ((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
+ ((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
+ ((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
+ ((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN),
+ ((flags & NSS_INIT_NOROOTINIT) == NSS_INIT_NOROOTINIT),
+ ((flags & NSS_INIT_OPTIMIZESPACE) == NSS_INIT_OPTIMIZESPACE),
+ ((flags & NSS_INIT_PK11THREADSAFE) == NSS_INIT_PK11THREADSAFE),
+ ((flags & NSS_INIT_PK11RELOAD) == NSS_INIT_PK11RELOAD),
+ ((flags & NSS_INIT_NOPK11FINALIZE) == NSS_INIT_NOPK11FINALIZE));
+}
+
+/*
+ * initialize NSS without a creating cert db's, key db's, or secmod db's.
+ */
+SECStatus
+NSS_NoDB_Init(const char *configdir)
+{
+ return nss_Init("", "", "", "", "", "", "", "", "", NULL, NULL,
+ PR_TRUE, PR_TRUE, PR_TRUE, PR_TRUE, PR_TRUE, PR_TRUE,
+ PR_FALSE, PR_FALSE, PR_FALSE);
+}
+
+#define NSS_SHUTDOWN_STEP 10
+
+struct NSSShutdownFuncPair {
+ NSS_ShutdownFunc func;
+ void *appData;
+};
+
+static struct NSSShutdownListStr {
+ PZLock *lock;
+ int allocatedFuncs;
+ int peakFuncs;
+ struct NSSShutdownFuncPair *funcs;
+} nssShutdownList = { 0 };
+
+/*
+ * find and existing shutdown function
+ */
+static int
+nss_GetShutdownEntry(NSS_ShutdownFunc sFunc, void *appData)
+{
+ int count, i;
+ count = nssShutdownList.peakFuncs;
+
+ for (i = 0; i < count; i++) {
+ if ((nssShutdownList.funcs[i].func == sFunc) &&
+ (nssShutdownList.funcs[i].appData == appData)) {
+ return i;
+ }
+ }
+ return -1;
+}
+
+/*
+ * register a callback to be called when NSS shuts down
+ */
+SECStatus
+NSS_RegisterShutdown(NSS_ShutdownFunc sFunc, void *appData)
+{
+ int i;
+
+ /* make sure our lock and condition variable are initialized one and only
+ * one time */
+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) {
+ return SECFailure;
+ }
+
+ PZ_Lock(nssInitLock);
+ if (!NSS_IsInitialized()) {
+ PZ_Unlock(nssInitLock);
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+ PZ_Unlock(nssInitLock);
+ if (sFunc == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ PORT_Assert(nssShutdownList.lock);
+ PZ_Lock(nssShutdownList.lock);
+
+ /* make sure we don't have a duplicate */
+ i = nss_GetShutdownEntry(sFunc, appData);
+ if (i >= 0) {
+ PZ_Unlock(nssShutdownList.lock);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ /* find an empty slot */
+ i = nss_GetShutdownEntry(NULL, NULL);
+ if (i >= 0) {
+ nssShutdownList.funcs[i].func = sFunc;
+ nssShutdownList.funcs[i].appData = appData;
+ PZ_Unlock(nssShutdownList.lock);
+ return SECSuccess;
+ }
+ if (nssShutdownList.allocatedFuncs == nssShutdownList.peakFuncs) {
+ struct NSSShutdownFuncPair *funcs =
+ (struct NSSShutdownFuncPair *)PORT_Realloc(nssShutdownList.funcs,
+ (nssShutdownList.allocatedFuncs + NSS_SHUTDOWN_STEP) * sizeof(struct NSSShutdownFuncPair));
+ if (!funcs) {
+ PZ_Unlock(nssShutdownList.lock);
+ return SECFailure;
+ }
+ nssShutdownList.funcs = funcs;
+ nssShutdownList.allocatedFuncs += NSS_SHUTDOWN_STEP;
+ }
+ nssShutdownList.funcs[nssShutdownList.peakFuncs].func = sFunc;
+ nssShutdownList.funcs[nssShutdownList.peakFuncs].appData = appData;
+ nssShutdownList.peakFuncs++;
+ PZ_Unlock(nssShutdownList.lock);
+ return SECSuccess;
+}
+
+/*
+ * unregister a callback so it won't get called on shutdown.
+ */
+SECStatus
+NSS_UnregisterShutdown(NSS_ShutdownFunc sFunc, void *appData)
+{
+ int i;
+
+ /* make sure our lock and condition variable are initialized one and only
+ * one time */
+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) {
+ return SECFailure;
+ }
+ PZ_Lock(nssInitLock);
+ if (!NSS_IsInitialized()) {
+ PZ_Unlock(nssInitLock);
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+ PZ_Unlock(nssInitLock);
+
+ PORT_Assert(nssShutdownList.lock);
+ PZ_Lock(nssShutdownList.lock);
+ i = nss_GetShutdownEntry(sFunc, appData);
+ if (i >= 0) {
+ nssShutdownList.funcs[i].func = NULL;
+ nssShutdownList.funcs[i].appData = NULL;
+ }
+ PZ_Unlock(nssShutdownList.lock);
+
+ if (i < 0) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * bring up and shutdown the shutdown list
+ */
+static SECStatus
+nss_InitShutdownList(void)
+{
+ if (nssShutdownList.lock != NULL) {
+ return SECSuccess;
+ }
+ nssShutdownList.lock = PZ_NewLock(nssILockOther);
+ if (nssShutdownList.lock == NULL) {
+ return SECFailure;
+ }
+ nssShutdownList.funcs = PORT_ZNewArray(struct NSSShutdownFuncPair,
+ NSS_SHUTDOWN_STEP);
+ if (nssShutdownList.funcs == NULL) {
+ PZ_DestroyLock(nssShutdownList.lock);
+ nssShutdownList.lock = NULL;
+ return SECFailure;
+ }
+ nssShutdownList.allocatedFuncs = NSS_SHUTDOWN_STEP;
+ nssShutdownList.peakFuncs = 0;
+
+ return SECSuccess;
+}
+
+static SECStatus
+nss_ShutdownShutdownList(void)
+{
+ SECStatus rv = SECSuccess;
+ int i;
+
+ /* call all the registerd functions first */
+ for (i = 0; i < nssShutdownList.peakFuncs; i++) {
+ struct NSSShutdownFuncPair *funcPair = &nssShutdownList.funcs[i];
+ if (funcPair->func) {
+ if ((*funcPair->func)(funcPair->appData, NULL) != SECSuccess) {
+ rv = SECFailure;
+ }
+ }
+ }
+
+ nssShutdownList.peakFuncs = 0;
+ nssShutdownList.allocatedFuncs = 0;
+ PORT_Free(nssShutdownList.funcs);
+ nssShutdownList.funcs = NULL;
+ if (nssShutdownList.lock) {
+ PZ_DestroyLock(nssShutdownList.lock);
+ }
+ nssShutdownList.lock = NULL;
+ return rv;
+}
+
+extern const NSSError NSS_ERROR_BUSY;
+
+SECStatus
+nss_Shutdown(void)
+{
+ SECStatus shutdownRV = SECSuccess;
+ SECStatus rv;
+ PRStatus status;
+ NSSInitContext *temp;
+
+ rv = nss_ShutdownShutdownList();
+ if (rv != SECSuccess) {
+ shutdownRV = SECFailure;
+ }
+ cert_DestroyLocks();
+ ShutdownCRLCache();
+ OCSP_ShutdownGlobal();
+#ifndef NSS_DISABLE_LIBPKIX
+ PKIX_Shutdown(plContext);
+#endif /* NSS_DISABLE_LIBPKIX */
+ SECOID_Shutdown();
+ status = STAN_Shutdown();
+ cert_DestroySubjectKeyIDHashTable();
+ pk11_SetInternalKeySlot(NULL);
+ rv = SECMOD_Shutdown();
+ if (rv != SECSuccess) {
+ shutdownRV = SECFailure;
+ }
+ pk11sdr_Shutdown();
+ nssArena_Shutdown();
+ if (status == PR_FAILURE) {
+ if (NSS_GetError() == NSS_ERROR_BUSY) {
+ PORT_SetError(SEC_ERROR_BUSY);
+ }
+ shutdownRV = SECFailure;
+ }
+ /*
+ * A thread's error stack is automatically destroyed when the thread
+ * terminates, except for the primordial thread, whose error stack is
+ * destroyed by PR_Cleanup. Since NSS is usually shut down by the
+ * primordial thread and many NSS-based apps don't call PR_Cleanup,
+ * we destroy the calling thread's error stack here. This must be
+ * done after any NSS_GetError call, otherwise NSS_GetError will
+ * create the error stack again.
+ */
+ nss_DestroyErrorStack();
+ nssIsInitted = PR_FALSE;
+ temp = nssInitContextList;
+ nssInitContextList = NULL;
+ /* free the old list. This is necessary when we are called from
+ * NSS_Shutdown(). */
+ while (temp) {
+ NSSInitContext *next = temp->next;
+ temp->magic = 0;
+ PORT_Free(temp);
+ temp = next;
+ }
+ return shutdownRV;
+}
+
+SECStatus
+NSS_Shutdown(void)
+{
+ SECStatus rv;
+ /* make sure our lock and condition variable are initialized one and only
+ * one time */
+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) {
+ return SECFailure;
+ }
+ PZ_Lock(nssInitLock);
+
+ if (!nssIsInitted) {
+ PZ_Unlock(nssInitLock);
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ /* If one or more threads are in the middle of init, wait for them
+ * to complete */
+ while (nssIsInInit) {
+ PZ_WaitCondVar(nssInitCondition, PR_INTERVAL_NO_TIMEOUT);
+ }
+ rv = nss_Shutdown();
+ PZ_Unlock(nssInitLock);
+ return rv;
+}
+
+/*
+ * remove the context from a list. return true if found, false if not
+ */
+PRBool
+nss_RemoveList(NSSInitContext *context)
+{
+ NSSInitContext *this = nssInitContextList;
+ NSSInitContext **last = &nssInitContextList;
+
+ while (this) {
+ if (this == context) {
+ *last = this->next;
+ this->magic = 0;
+ PORT_Free(this);
+ return PR_TRUE;
+ }
+ last = &this->next;
+ this = this->next;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * This form of shutdown is safe in the case where we may have multiple
+ * entities using NSS in a single process. Each entity calls shutdown with
+ * it's own context. The application (which doesn't get a context), calls
+ * shutdown with NULL. Once all users have 'checked in' NSS will shutdown.
+ * This is different than NSS_Shutdown, where calling it will shutdown NSS
+ * irreguardless of who else may have NSS open.
+ */
+SECStatus
+NSS_ShutdownContext(NSSInitContext *context)
+{
+ SECStatus rv = SECSuccess;
+
+ /* make sure our lock and condition variable are initialized one and only
+ * one time */
+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) {
+ return SECFailure;
+ }
+ PZ_Lock(nssInitLock);
+ /* If one or more threads are in the middle of init, wait for them
+ * to complete */
+ while (nssIsInInit) {
+ PZ_WaitCondVar(nssInitCondition, PR_INTERVAL_NO_TIMEOUT);
+ }
+
+ /* OK, we are the only thread now either initializing or shutting down */
+
+ if (!context) {
+ if (!nssIsInitted) {
+ PZ_Unlock(nssInitLock);
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+ nssIsInitted = 0;
+ } else if (!nss_RemoveList(context)) {
+ PZ_Unlock(nssInitLock);
+ /* context was already freed or wasn't valid */
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+ if ((nssIsInitted == 0) && (nssInitContextList == NULL)) {
+ rv = nss_Shutdown();
+ }
+
+ /* NOTE: we don't try to free the nssInitLocks to prevent races against
+ * the locks. There may be a thread, right now, waiting in NSS_Init for us
+ * to free the lock below. If we delete the locks, bad things would happen
+ * to that thread */
+ PZ_Unlock(nssInitLock);
+
+ return rv;
+}
+
+PRBool
+NSS_IsInitialized(void)
+{
+ return (nssIsInitted) || (nssInitContextList != NULL);
+}
+
+extern const char __nss_base_version[];
+
+PRBool
+NSS_VersionCheck(const char *importedVersion)
+{
+ /*
+ * This is the secret handshake algorithm.
+ *
+ * This release has a simple version compatibility
+ * check algorithm. This release is not backward
+ * compatible with previous major releases. It is
+ * not compatible with future major, minor, or
+ * patch releases or builds.
+ */
+ int vmajor = 0, vminor = 0, vpatch = 0, vbuild = 0;
+ const char *ptr = importedVersion;
+#define NSS_VERSION_VARIABLE __nss_base_version
+#include "verref.h"
+
+ while (isdigit(*ptr)) {
+ vmajor = 10 * vmajor + *ptr - '0';
+ ptr++;
+ }
+ if (*ptr == '.') {
+ ptr++;
+ while (isdigit(*ptr)) {
+ vminor = 10 * vminor + *ptr - '0';
+ ptr++;
+ }
+ if (*ptr == '.') {
+ ptr++;
+ while (isdigit(*ptr)) {
+ vpatch = 10 * vpatch + *ptr - '0';
+ ptr++;
+ }
+ if (*ptr == '.') {
+ ptr++;
+ while (isdigit(*ptr)) {
+ vbuild = 10 * vbuild + *ptr - '0';
+ ptr++;
+ }
+ }
+ }
+ }
+
+ if (vmajor != NSS_VMAJOR) {
+ return PR_FALSE;
+ }
+ if (vmajor == NSS_VMAJOR && vminor > NSS_VMINOR) {
+ return PR_FALSE;
+ }
+ if (vmajor == NSS_VMAJOR && vminor == NSS_VMINOR && vpatch > NSS_VPATCH) {
+ return PR_FALSE;
+ }
+ if (vmajor == NSS_VMAJOR && vminor == NSS_VMINOR &&
+ vpatch == NSS_VPATCH && vbuild > NSS_VBUILD) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+const char *
+NSS_GetVersion(void)
+{
+ return NSS_VERSION;
+}
diff --git a/security/nss/lib/nss/nssoptions.c b/security/nss/lib/nss/nssoptions.c
new file mode 100644
index 000000000..fc97d6278
--- /dev/null
+++ b/security/nss/lib/nss/nssoptions.c
@@ -0,0 +1,104 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <ctype.h>
+#include <string.h>
+#include <assert.h>
+
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secoid.h"
+#include "nss.h"
+#include "nssoptions.h"
+
+struct nssOps {
+ PRInt32 rsaMinKeySize;
+ PRInt32 dhMinKeySize;
+ PRInt32 dsaMinKeySize;
+ PRInt32 tlsVersionMinPolicy;
+ PRInt32 tlsVersionMaxPolicy;
+ PRInt32 dtlsVersionMinPolicy;
+ PRInt32 dtlsVersionMaxPolicy;
+};
+
+static struct nssOps nss_ops = {
+ SSL_RSA_MIN_MODULUS_BITS,
+ SSL_DH_MIN_P_BITS,
+ SSL_DSA_MIN_P_BITS,
+ 1, /* Set TLS min to less the the smallest legal SSL value */
+ 0xffff, /* set TLS max to more than the largest legal SSL value */
+ 1,
+ 0xffff,
+};
+
+SECStatus
+NSS_OptionSet(PRInt32 which, PRInt32 value)
+{
+ SECStatus rv = SECSuccess;
+
+ switch (which) {
+ case NSS_RSA_MIN_KEY_SIZE:
+ nss_ops.rsaMinKeySize = value;
+ break;
+ case NSS_DH_MIN_KEY_SIZE:
+ nss_ops.dhMinKeySize = value;
+ break;
+ case NSS_DSA_MIN_KEY_SIZE:
+ nss_ops.dsaMinKeySize = value;
+ break;
+ case NSS_TLS_VERSION_MIN_POLICY:
+ nss_ops.tlsVersionMinPolicy = value;
+ break;
+ case NSS_TLS_VERSION_MAX_POLICY:
+ nss_ops.tlsVersionMaxPolicy = value;
+ break;
+ case NSS_DTLS_VERSION_MIN_POLICY:
+ nss_ops.dtlsVersionMinPolicy = value;
+ break;
+ case NSS_DTLS_VERSION_MAX_POLICY:
+ nss_ops.dtlsVersionMaxPolicy = value;
+ break;
+ default:
+ rv = SECFailure;
+ }
+
+ return rv;
+}
+
+SECStatus
+NSS_OptionGet(PRInt32 which, PRInt32 *value)
+{
+ SECStatus rv = SECSuccess;
+
+ switch (which) {
+ case NSS_RSA_MIN_KEY_SIZE:
+ *value = nss_ops.rsaMinKeySize;
+ break;
+ case NSS_DH_MIN_KEY_SIZE:
+ *value = nss_ops.dhMinKeySize;
+ break;
+ case NSS_DSA_MIN_KEY_SIZE:
+ *value = nss_ops.dsaMinKeySize;
+ break;
+ case NSS_TLS_VERSION_MIN_POLICY:
+ *value = nss_ops.tlsVersionMinPolicy;
+ break;
+ case NSS_TLS_VERSION_MAX_POLICY:
+ *value = nss_ops.tlsVersionMaxPolicy;
+ break;
+ case NSS_DTLS_VERSION_MIN_POLICY:
+ *value = nss_ops.dtlsVersionMinPolicy;
+ break;
+ case NSS_DTLS_VERSION_MAX_POLICY:
+ *value = nss_ops.dtlsVersionMaxPolicy;
+ break;
+ default:
+ rv = SECFailure;
+ }
+
+ return rv;
+}
diff --git a/security/nss/lib/nss/nssoptions.h b/security/nss/lib/nss/nssoptions.h
new file mode 100644
index 000000000..024c1e92f
--- /dev/null
+++ b/security/nss/lib/nss/nssoptions.h
@@ -0,0 +1,20 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Include the default limits here
+ */
+/* SSL default limits are here so we don't have to import a private SSL header
+ * file into NSS proper */
+
+/* The minimum server key sizes accepted by the clients.
+ * Not 1024 to be conservative. */
+#define SSL_RSA_MIN_MODULUS_BITS 1023
+/* 1023 to avoid cases where p = 2q+1 for a 512-bit q turns out to be
+ * only 1023 bits and similar. We don't have good data on whether this
+ * happens because NSS used to count bit lengths incorrectly. */
+#define SSL_DH_MIN_P_BITS 1023
+#define SSL_DSA_MIN_P_BITS 1023
diff --git a/security/nss/lib/nss/nssrenam.h b/security/nss/lib/nss/nssrenam.h
new file mode 100644
index 000000000..17f072c89
--- /dev/null
+++ b/security/nss/lib/nss/nssrenam.h
@@ -0,0 +1,15 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __nssrenam_h_
+#define __nssrenam_h_
+
+#define CERT_AddTempCertToPerm __CERT_AddTempCertToPerm
+#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey
+#define CERT_ClosePermCertDB __CERT_ClosePermCertDB
+#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate
+#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname
+#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject
+
+#endif /* __nssrenam_h_ */
diff --git a/security/nss/lib/nss/nssver.c b/security/nss/lib/nss/nssver.c
new file mode 100644
index 000000000..653ebec68
--- /dev/null
+++ b/security/nss/lib/nss/nssver.c
@@ -0,0 +1,18 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Library identity and versioning */
+
+#include "nss.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_base_version[] = "Version: NSS " NSS_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/nss/pkixpriv.def b/security/nss/lib/nss/pkixpriv.def
new file mode 100644
index 000000000..440e6d95c
--- /dev/null
+++ b/security/nss/lib/nss/pkixpriv.def
@@ -0,0 +1,322 @@
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+;+LIBPKIXprivate {
+;+ global:
+;+# libpkix functions
+;+# May not become part of the NSS public API. Needed for unit testing for now.
+NSS_Get_PKIX_PL_LDAPMessageTemplate;
+PKIX_PL_LDAPMessageTemplate;
+PKIX_ALLOC_ERROR;
+PKIX_BuildChain;
+pkix_BuildResult_Create;
+PKIX_BuildResult_GetCertChain;
+PKIX_BuildResult_GetValidateResult;
+PKIX_CertChainChecker_Create;
+PKIX_CertChainChecker_GetCertChainCheckerState;
+PKIX_CertChainChecker_GetCheckCallback;
+PKIX_CertChainChecker_GetSupportedExtensions;
+PKIX_CertChainChecker_IsForwardCheckingSupported;
+PKIX_CertChainChecker_IsForwardDirectionExpected;
+PKIX_CertChainChecker_SetCertChainCheckerState;
+PKIX_CertSelector_Create;
+PKIX_CertSelector_GetCertSelectorContext;
+PKIX_CertSelector_GetCommonCertSelectorParams;
+PKIX_CertSelector_GetMatchCallback;
+PKIX_CertSelector_SetCommonCertSelectorParams;
+PKIX_CertStore_CertContinue;
+PKIX_CertStore_Create;
+PKIX_CertStore_CrlContinue;
+PKIX_CertStore_GetCertCallback;
+PKIX_CertStore_GetCertStoreContext;
+PKIX_CertStore_GetCRLCallback;
+PKIX_CertStore_GetTrustCallback;
+pkix_CheckType;
+PKIX_ComCertSelParams_AddPathToName;
+PKIX_ComCertSelParams_AddSubjAltName;
+PKIX_ComCertSelParams_Create;
+PKIX_ComCertSelParams_GetAuthorityKeyIdentifier;
+PKIX_ComCertSelParams_GetBasicConstraints;
+PKIX_ComCertSelParams_GetCertificate;
+PKIX_ComCertSelParams_GetCertificateValid;
+PKIX_ComCertSelParams_GetExtendedKeyUsage;
+PKIX_ComCertSelParams_GetIssuer;
+PKIX_ComCertSelParams_GetKeyUsage;
+PKIX_ComCertSelParams_GetMatchAllSubjAltNames;
+PKIX_ComCertSelParams_GetNameConstraints;
+PKIX_ComCertSelParams_GetPathToNames;
+PKIX_ComCertSelParams_GetPolicy;
+PKIX_ComCertSelParams_GetSerialNumber;
+PKIX_ComCertSelParams_GetSubjAltNames;
+PKIX_ComCertSelParams_GetSubject;
+PKIX_ComCertSelParams_GetSubjKeyIdentifier;
+PKIX_ComCertSelParams_GetSubjPKAlgId;
+PKIX_ComCertSelParams_GetSubjPubKey;
+PKIX_ComCertSelParams_GetVersion;
+PKIX_ComCertSelParams_SetAuthorityKeyIdentifier;
+PKIX_ComCertSelParams_SetBasicConstraints;
+PKIX_ComCertSelParams_SetCertificate;
+PKIX_ComCertSelParams_SetCertificateValid;
+PKIX_ComCertSelParams_SetExtendedKeyUsage;
+PKIX_ComCertSelParams_SetIssuer;
+PKIX_ComCertSelParams_SetKeyUsage;
+PKIX_ComCertSelParams_SetMatchAllSubjAltNames;
+PKIX_ComCertSelParams_SetNameConstraints;
+PKIX_ComCertSelParams_SetPathToNames;
+PKIX_ComCertSelParams_SetPolicy;
+PKIX_ComCertSelParams_SetSerialNumber;
+PKIX_ComCertSelParams_SetSubjAltNames;
+PKIX_ComCertSelParams_SetSubject;
+PKIX_ComCertSelParams_SetSubjKeyIdentifier;
+PKIX_ComCertSelParams_SetSubjPKAlgId;
+PKIX_ComCertSelParams_SetSubjPubKey;
+PKIX_ComCertSelParams_SetVersion;
+PKIX_ComCRLSelParams_AddIssuerName;
+PKIX_ComCRLSelParams_Create;
+PKIX_ComCRLSelParams_GetCertificateChecking;
+PKIX_ComCRLSelParams_GetDateAndTime;
+PKIX_ComCRLSelParams_GetIssuerNames;
+PKIX_ComCRLSelParams_GetMaxCRLNumber;
+PKIX_ComCRLSelParams_GetMinCRLNumber;
+PKIX_ComCRLSelParams_SetCertificateChecking;
+PKIX_ComCRLSelParams_SetDateAndTime;
+PKIX_ComCRLSelParams_SetIssuerNames;
+PKIX_ComCRLSelParams_SetMaxCRLNumber;
+PKIX_ComCRLSelParams_SetMinCRLNumber;
+PKIX_CRLSelector_Create;
+PKIX_CRLSelector_GetCommonCRLSelectorParams;
+PKIX_CRLSelector_GetCRLSelectorContext;
+PKIX_CRLSelector_GetMatchCallback;
+PKIX_CRLSelector_SetCommonCRLSelectorParams;
+pkix_DefaultRevChecker_Initialize;
+PKIX_Error_Create;
+PKIX_Error_GetCause;
+PKIX_Error_GetDescription;
+PKIX_Error_GetErrorClass;
+PKIX_Error_GetSupplementaryInfo;
+PKIX_ERRORCLASSNAMES DATA ;
+PKIX_Initialize;
+PKIX_Initialize_SetConfigDir;
+PKIX_List_AppendItem;
+PKIX_List_Create;
+PKIX_List_DeleteItem;
+PKIX_List_GetItem;
+PKIX_List_GetLength;
+PKIX_List_InsertItem;
+PKIX_List_IsEmpty;
+PKIX_List_IsImmutable;
+PKIX_List_ReverseList;
+PKIX_List_SetImmutable;
+PKIX_List_SetItem;
+PKIX_AddLogger;
+PKIX_GetLoggers;
+PKIX_SetLoggers;
+PKIX_Logger_Create;
+PKIX_Logger_GetLoggerContext;
+PKIX_Logger_GetLoggingComponent;
+PKIX_Logger_GetLogCallback;
+PKIX_Logger_GetMaxLoggingLevel;
+PKIX_Logger_SetLoggingComponent;
+PKIX_Logger_SetMaxLoggingLevel;
+PKIX_OcspChecker_Initialize;
+PKIX_OcspChecker_SetOCSPResponder;
+PKIX_OcspChecker_SetPasswordInfo;
+PKIX_OcspChecker_SetVerifyFcn;
+PKIX_PL_AcquireReaderLock;
+PKIX_PL_AcquireWriterLock;
+PKIX_PL_BasicConstraints_GetCAFlag;
+PKIX_PL_BasicConstraints_GetPathLenConstraint;
+PKIX_PL_BigInt_Create;
+PKIX_PL_ByteArray_Create;
+PKIX_PL_ByteArray_GetLength;
+PKIX_PL_ByteArray_GetPointer;
+PKIX_PL_Cert_AreCertPoliciesCritical;
+PKIX_PL_Cert_CheckNameConstraints;
+PKIX_PL_Cert_CheckValidity;
+PKIX_PL_Cert_Create;
+pkix_pl_Cert_CreateToList;
+pkix_pl_Cert_CreateWithNSSCert;
+PKIX_PL_Cert_GetAuthorityInfoAccess;
+PKIX_PL_Cert_GetAuthorityKeyIdentifier;
+PKIX_PL_Cert_GetBasicConstraints;
+PKIX_PL_Cert_GetCriticalExtensionOIDs;
+PKIX_PL_Cert_GetExtendedKeyUsage;
+PKIX_PL_Cert_GetInhibitAnyPolicy;
+PKIX_PL_Cert_GetIssuer;
+PKIX_PL_Cert_GetNameConstraints;
+PKIX_PL_Cert_GetPolicyInformation;
+PKIX_PL_Cert_GetPolicyMappingInhibited;
+PKIX_PL_Cert_GetPolicyMappings;
+PKIX_PL_Cert_GetRequireExplicitPolicy;
+PKIX_PL_Cert_GetSerialNumber;
+PKIX_PL_Cert_GetSubject;
+PKIX_PL_Cert_GetSubjectAltNames;
+PKIX_PL_Cert_GetSubjectInfoAccess;
+PKIX_PL_Cert_GetSubjectKeyIdentifier;
+PKIX_PL_Cert_GetSubjectPublicKey;
+PKIX_PL_Cert_GetSubjectPublicKeyAlgId;
+PKIX_PL_Cert_GetVersion;
+PKIX_PL_Cert_IsCertTrusted;
+PKIX_PL_Cert_MergeNameConstraints;
+PKIX_PL_Cert_VerifyKeyUsage;
+PKIX_PL_Cert_VerifySignature;
+PKIX_PL_CertPolicyInfo_GetPolicyId;
+PKIX_PL_CertPolicyInfo_GetPolQualifiers;
+PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy;
+PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy;
+PKIX_PL_CollectionCertStore_Create;
+PKIX_PL_CRL_Create;
+pkix_pl_CRL_CreateToList;
+PKIX_PL_CRL_GetCriticalExtensionOIDs;
+PKIX_PL_CRL_GetCRLEntryForSerialNumber;
+PKIX_PL_CRL_GetIssuer;
+PKIX_PL_CRL_VerifySignature;
+PKIX_PL_CRLEntry_GetCriticalExtensionOIDs;
+PKIX_PL_CRLEntry_GetCRLEntryReasonCode;
+PKIX_PL_Date_Create_UTCTime;
+pkix_pl_Date_CreateFromPRTime;
+pkix_pl_Date_GetPRTime;
+PKIX_PL_EkuChecker_Initialize;
+PKIX_PL_Free;
+PKIX_PL_GeneralName_Create;
+PKIX_PL_GetString;
+PKIX_PL_HashTable_Add;
+PKIX_PL_HashTable_Create;
+PKIX_PL_HashTable_Lookup;
+PKIX_PL_HashTable_Remove;
+PKIX_PL_HttpCertStore_Create;
+pkix_pl_HttpCertStore_CreateWithAsciiName;
+PKIX_PL_Initialize;
+PKIX_PL_InfoAccess_GetMethod;
+PKIX_PL_InfoAccess_GetLocation;
+PKIX_PL_InfoAccess_GetLocationType;
+PKIX_PL_LdapCertStore_Create;
+PKIX_PL_LdapClient_InitiateRequest;
+PKIX_PL_LdapClient_ResumeRequest;
+PKIX_PL_LdapDefaultClient_AbandonRequest;
+PKIX_PL_LdapDefaultClient_Create;
+PKIX_PL_LdapDefaultClient_CreateByName;
+pkix_pl_LdapResponse_Create;
+PKIX_PL_Malloc;
+PKIX_PL_Memcpy;
+PKIX_PL_MonitorLock_Create;
+PKIX_PL_MonitorLock_Enter;
+PKIX_PL_MonitorLock_Exit;
+PKIX_PL_Mutex_Create;
+PKIX_PL_Mutex_Lock;
+PKIX_PL_Mutex_Unlock;
+PKIX_PL_NssContext_Create;
+PKIX_PL_Object_Alloc;
+PKIX_PL_Object_Compare;
+PKIX_PL_Object_DecRef;
+PKIX_PL_Object_Duplicate;
+PKIX_PL_Object_Equals;
+PKIX_PL_Object_GetType;
+PKIX_PL_Object_Hashcode;
+PKIX_PL_Object_IncRef;
+PKIX_PL_Object_IsTypeRegistered;
+PKIX_PL_Object_Lock;
+PKIX_PL_Object_RegisterType;
+PKIX_PL_Object_ToString;
+PKIX_PL_Object_Unlock;
+PKIX_PL_OID_Create;
+pkix_pl_OcspRequest_Create;
+pkix_pl_OcspResponse_Create;
+pkix_pl_OcspResponse_Decode;
+pkix_pl_OcspResponse_GetStatus;
+pkix_pl_OcspResponse_GetStatusForCert;
+PKIX_PL_OcspResponse_UseBuildChain;
+pkix_pl_OcspResponse_VerifySignature;
+PKIX_PL_Pk11CertStore_Create;
+PKIX_PL_PolicyQualifier_GetPolicyQualifierId;
+PKIX_PL_PolicyQualifier_GetQualifier;
+PKIX_PL_PublicKey_MakeInheritedDSAPublicKey;
+PKIX_PL_PublicKey_NeedsDSAParameters;
+PKIX_PL_Realloc;
+PKIX_PL_ReleaseReaderLock;
+PKIX_PL_ReleaseWriterLock;
+PKIX_PL_RWLock_Create;
+PKIX_PL_Shutdown;
+pkix_pl_Socket_Create;
+pkix_pl_Socket_CreateByName;
+pkix_pl_Socket_GetCallbackList;
+PKIX_PL_Sprintf;
+PKIX_PL_String_Create;
+PKIX_PL_String_GetEncoded;
+PKIX_PL_X500Name_Create;
+pkix_pl_X500Name_GetCommonName;
+pkix_pl_X500Name_GetCountryName;
+pkix_pl_X500Name_GetOrgName;
+PKIX_PL_X500Name_Match;
+pkix_PolicyNode_AddToParent;
+pkix_PolicyNode_Create;
+PKIX_PolicyNode_GetChildren;
+PKIX_PolicyNode_GetDepth;
+PKIX_PolicyNode_GetExpectedPolicies;
+PKIX_PolicyNode_GetParent;
+PKIX_PolicyNode_GetPolicyQualifiers;
+PKIX_PolicyNode_GetValidPolicy;
+PKIX_PolicyNode_IsCritical;
+pkix_PolicyNode_Prune;
+PKIX_ProcessingParams_AddCertChainChecker;
+PKIX_ProcessingParams_AddCertStore;
+PKIX_ProcessingParams_AddRevocationChecker;
+PKIX_ProcessingParams_Create;
+PKIX_ProcessingParams_GetCertChainCheckers;
+PKIX_ProcessingParams_GetCertStores;
+PKIX_ProcessingParams_GetDate;
+PKIX_ProcessingParams_GetHintCerts;
+PKIX_ProcessingParams_GetInitialPolicies;
+PKIX_ProcessingParams_GetPolicyQualifiersRejected;
+PKIX_ProcessingParams_GetResourceLimits;
+PKIX_ProcessingParams_GetRevocationCheckers;
+PKIX_ProcessingParams_GetTargetCertConstraints;
+PKIX_ProcessingParams_GetTrustAnchors;
+PKIX_ProcessingParams_IsAnyPolicyInhibited;
+PKIX_ProcessingParams_IsCRLRevocationCheckingEnabled;
+PKIX_ProcessingParams_IsExplicitPolicyRequired;
+PKIX_ProcessingParams_IsPolicyMappingInhibited;
+PKIX_ProcessingParams_SetAnyPolicyInhibited;
+PKIX_ProcessingParams_SetCertChainCheckers;
+PKIX_ProcessingParams_SetCertStores;
+PKIX_ProcessingParams_SetDate;
+PKIX_ProcessingParams_SetExplicitPolicyRequired;
+PKIX_ProcessingParams_SetHintCerts;
+PKIX_ProcessingParams_SetInitialPolicies;
+PKIX_ProcessingParams_SetPolicyMappingInhibited;
+PKIX_ProcessingParams_SetPolicyQualifiersRejected;
+PKIX_ProcessingParams_SetResourceLimits;
+PKIX_ProcessingParams_SetRevocationCheckers;
+PKIX_ProcessingParams_SetRevocationEnabled;
+PKIX_ProcessingParams_SetTargetCertConstraints;
+PKIX_RevocationChecker_Create;
+PKIX_RevocationChecker_GetRevCallback;
+PKIX_RevocationChecker_GetRevCheckerContext;
+PKIX_Shutdown;
+pkix_Throw;
+PKIX_TrustAnchor_CreateWithCert;
+PKIX_TrustAnchor_CreateWithNameKeyPair;
+PKIX_TrustAnchor_GetCAName;
+PKIX_TrustAnchor_GetCAPublicKey;
+PKIX_TrustAnchor_GetNameConstraints;
+PKIX_TrustAnchor_GetTrustedCert;
+PKIX_ValidateChain;
+PKIX_ValidateChain_NB;
+PKIX_ValidateParams_Create;
+PKIX_ValidateParams_GetCertChain;
+PKIX_ValidateParams_GetProcessingParams;
+pkix_ValidateResult_Create;
+PKIX_ValidateResult_GetPolicyTree;
+PKIX_ValidateResult_GetPublicKey;
+PKIX_ValidateResult_GetTrustAnchor;
+pkix_VerifyNode_AddToChain;
+pkix_VerifyNode_Create;
+PKIX_ResourceLimits_Create;
+PKIX_ResourceLimits_GetMaxDepth;
+PKIX_ResourceLimits_GetMaxFanout;
+PKIX_ResourceLimits_GetMaxTime;
+PKIX_ResourceLimits_SetMaxDepth;
+PKIX_ResourceLimits_SetMaxFanout;
+PKIX_ResourceLimits_SetMaxTime;
+;+};
diff --git a/security/nss/lib/nss/utilwrap.c b/security/nss/lib/nss/utilwrap.c
new file mode 100644
index 000000000..938d95c0f
--- /dev/null
+++ b/security/nss/lib/nss/utilwrap.c
@@ -0,0 +1,870 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secport.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "secdig.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "base64.h"
+#include "nssb64.h"
+#include "nssrwlk.h"
+#include "cert.h"
+#include "prerror.h"
+
+/* wrappers for implementation in libnssutil3 */
+#undef ATOB_AsciiToData
+#undef ATOB_ConvertAsciiToItem
+#undef BTOA_ConvertItemToAscii
+#undef BTOA_DataToAscii
+#undef CERT_GenTime2FormattedAscii
+#undef DER_AsciiToTime
+#undef DER_DecodeTimeChoice
+#undef DER_Encode
+#undef DER_EncodeTimeChoice
+#undef DER_GeneralizedDayToAscii
+#undef DER_GeneralizedTimeToTime
+#undef DER_GetInteger
+#undef DER_Lengths
+#undef DER_TimeChoiceDayToAscii
+#undef DER_TimeToGeneralizedTime
+#undef DER_TimeToGeneralizedTimeArena
+#undef DER_TimeToUTCTime
+#undef DER_UTCDayToAscii
+#undef DER_UTCTimeToAscii
+#undef DER_UTCTimeToTime
+#undef NSS_PutEnv
+#undef NSSBase64_DecodeBuffer
+#undef NSSBase64_EncodeItem
+#undef NSSBase64Decoder_Create
+#undef NSSBase64Decoder_Destroy
+#undef NSSBase64Decoder_Update
+#undef NSSBase64Encoder_Create
+#undef NSSBase64Encoder_Destroy
+#undef NSSBase64Encoder_Update
+#undef NSSRWLock_Destroy
+#undef NSSRWLock_HaveWriteLock
+#undef NSSRWLock_LockRead
+#undef NSSRWLock_LockWrite
+#undef NSSRWLock_New
+#undef NSSRWLock_UnlockRead
+#undef NSSRWLock_UnlockWrite
+#undef PORT_Alloc
+#undef PORT_ArenaAlloc
+#undef PORT_ArenaGrow
+#undef PORT_ArenaMark
+#undef PORT_ArenaRelease
+#undef PORT_ArenaStrdup
+#undef PORT_ArenaUnmark
+#undef PORT_ArenaZAlloc
+#undef PORT_Free
+#undef PORT_FreeArena
+#undef PORT_GetError
+#undef PORT_NewArena
+#undef PORT_Realloc
+#undef PORT_SetError
+#undef PORT_SetUCS2_ASCIIConversionFunction
+#undef PORT_SetUCS2_UTF8ConversionFunction
+#undef PORT_SetUCS4_UTF8ConversionFunction
+#undef PORT_Strdup
+#undef PORT_UCS2_ASCIIConversion
+#undef PORT_UCS2_UTF8Conversion
+#undef PORT_ZAlloc
+#undef PORT_ZFree
+#undef SEC_ASN1Decode
+#undef SEC_ASN1DecodeInteger
+#undef SEC_ASN1DecodeItem
+#undef SEC_ASN1DecoderAbort
+#undef SEC_ASN1DecoderClearFilterProc
+#undef SEC_ASN1DecoderClearNotifyProc
+#undef SEC_ASN1DecoderFinish
+#undef SEC_ASN1DecoderSetFilterProc
+#undef SEC_ASN1DecoderSetNotifyProc
+#undef SEC_ASN1DecoderStart
+#undef SEC_ASN1DecoderUpdate
+#undef SEC_ASN1Encode
+#undef SEC_ASN1EncodeInteger
+#undef SEC_ASN1EncodeItem
+#undef SEC_ASN1EncoderAbort
+#undef SEC_ASN1EncoderClearNotifyProc
+#undef SEC_ASN1EncoderClearStreaming
+#undef SEC_ASN1EncoderClearTakeFromBuf
+#undef SEC_ASN1EncoderFinish
+#undef SEC_ASN1EncoderSetNotifyProc
+#undef SEC_ASN1EncoderSetStreaming
+#undef SEC_ASN1EncoderSetTakeFromBuf
+#undef SEC_ASN1EncoderStart
+#undef SEC_ASN1EncoderUpdate
+#undef SEC_ASN1EncodeUnsignedInteger
+#undef SEC_ASN1LengthLength
+#undef SEC_QuickDERDecodeItem
+#undef SECITEM_AllocItem
+#undef SECITEM_ArenaDupItem
+#undef SECITEM_CompareItem
+#undef SECITEM_CopyItem
+#undef SECITEM_DupItem
+#undef SECITEM_FreeItem
+#undef SECITEM_ItemsAreEqual
+#undef SECITEM_ZfreeItem
+#undef SECOID_AddEntry
+#undef SECOID_CompareAlgorithmID
+#undef SECOID_CopyAlgorithmID
+#undef SECOID_DestroyAlgorithmID
+#undef SECOID_FindOID
+#undef SECOID_FindOIDByTag
+#undef SECOID_FindOIDTag
+#undef SECOID_FindOIDTagDescription
+#undef SECOID_GetAlgorithmTag
+#undef SECOID_SetAlgorithmID
+#undef SGN_CompareDigestInfo
+#undef SGN_CopyDigestInfo
+#undef SGN_CreateDigestInfo
+#undef SGN_DestroyDigestInfo
+
+void *
+PORT_Alloc(size_t bytes)
+{
+ return PORT_Alloc_Util(bytes);
+}
+
+void *
+PORT_Realloc(void *oldptr, size_t bytes)
+{
+ return PORT_Realloc_Util(oldptr, bytes);
+}
+
+void *
+PORT_ZAlloc(size_t bytes)
+{
+ return PORT_ZAlloc_Util(bytes);
+}
+
+void
+PORT_Free(void *ptr)
+{
+ PORT_Free_Util(ptr);
+}
+
+void
+PORT_ZFree(void *ptr, size_t len)
+{
+ PORT_ZFree_Util(ptr, len);
+}
+
+char *
+PORT_Strdup(const char *str)
+{
+ return PORT_Strdup_Util(str);
+}
+
+void
+PORT_SetError(int value)
+{
+ PORT_SetError_Util(value);
+}
+
+int
+PORT_GetError(void)
+{
+ return PORT_GetError_Util();
+}
+
+PLArenaPool *
+PORT_NewArena(unsigned long chunksize)
+{
+ return PORT_NewArena_Util(chunksize);
+}
+
+void *
+PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
+{
+ return PORT_ArenaAlloc_Util(arena, size);
+}
+
+void *
+PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
+{
+ return PORT_ArenaZAlloc_Util(arena, size);
+}
+
+void
+PORT_FreeArena(PLArenaPool *arena, PRBool zero)
+{
+ PORT_FreeArena_Util(arena, zero);
+}
+
+void *
+PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
+{
+ return PORT_ArenaGrow_Util(arena, ptr, oldsize, newsize);
+}
+
+void *
+PORT_ArenaMark(PLArenaPool *arena)
+{
+ return PORT_ArenaMark_Util(arena);
+}
+
+void
+PORT_ArenaRelease(PLArenaPool *arena, void *mark)
+{
+ PORT_ArenaRelease_Util(arena, mark);
+}
+
+void
+PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
+{
+ PORT_ArenaUnmark_Util(arena, mark);
+}
+
+char *
+PORT_ArenaStrdup(PLArenaPool *arena, const char *str)
+{
+ return PORT_ArenaStrdup_Util(arena, str);
+}
+
+void
+PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
+{
+ PORT_SetUCS4_UTF8ConversionFunction_Util(convFunc);
+}
+
+void
+PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc)
+{
+ PORT_SetUCS2_ASCIIConversionFunction_Util(convFunc);
+}
+
+void
+PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
+{
+ PORT_SetUCS2_UTF8ConversionFunction_Util(convFunc);
+}
+
+PRBool
+PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen)
+{
+ return PORT_UCS2_UTF8Conversion_Util(toUnicode, inBuf, inBufLen, outBuf,
+ maxOutBufLen, outBufLen);
+}
+
+PRBool
+PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen,
+ PRBool swapBytes)
+{
+ return PORT_UCS2_ASCIIConversion_Util(toUnicode, inBuf, inBufLen, outBuf,
+ maxOutBufLen, outBufLen, swapBytes);
+}
+
+int
+NSS_PutEnv(const char *envVarName, const char *envValue)
+{
+ return NSS_PutEnv_Util(envVarName, envValue);
+}
+
+SECOidData *
+SECOID_FindOID(const SECItem *oid)
+{
+ return SECOID_FindOID_Util(oid);
+}
+
+SECOidTag
+SECOID_FindOIDTag(const SECItem *oid)
+{
+ return SECOID_FindOIDTag_Util(oid);
+}
+
+SECOidData *
+SECOID_FindOIDByTag(SECOidTag tagnum)
+{
+ return SECOID_FindOIDByTag_Util(tagnum);
+}
+
+SECStatus
+SECOID_SetAlgorithmID(PLArenaPool *arena, SECAlgorithmID *aid,
+ SECOidTag tag, SECItem *params)
+{
+ return SECOID_SetAlgorithmID_Util(arena, aid, tag, params);
+}
+
+SECStatus
+SECOID_CopyAlgorithmID(PLArenaPool *arena, SECAlgorithmID *dest,
+ const SECAlgorithmID *src)
+{
+ return SECOID_CopyAlgorithmID_Util(arena, dest, src);
+}
+
+SECOidTag
+SECOID_GetAlgorithmTag(const SECAlgorithmID *aid)
+{
+ return SECOID_GetAlgorithmTag_Util(aid);
+}
+
+void
+SECOID_DestroyAlgorithmID(SECAlgorithmID *aid, PRBool freeit)
+{
+ SECOID_DestroyAlgorithmID_Util(aid, freeit);
+}
+
+SECComparison
+SECOID_CompareAlgorithmID(SECAlgorithmID *a,
+ SECAlgorithmID *b)
+{
+ return SECOID_CompareAlgorithmID_Util(a, b);
+}
+
+const char *
+SECOID_FindOIDTagDescription(SECOidTag tagnum)
+{
+ return SECOID_FindOIDTagDescription_Util(tagnum);
+}
+
+SECOidTag
+SECOID_AddEntry(const SECOidData *src)
+{
+ return SECOID_AddEntry_Util(src);
+}
+
+SECItem *
+SECITEM_AllocItem(PLArenaPool *arena, SECItem *item,
+ unsigned int len)
+{
+ return SECITEM_AllocItem_Util(arena, item, len);
+}
+
+SECComparison
+SECITEM_CompareItem(const SECItem *a, const SECItem *b)
+{
+ return SECITEM_CompareItem_Util(a, b);
+}
+
+PRBool
+SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b)
+{
+ return SECITEM_ItemsAreEqual_Util(a, b);
+}
+
+SECStatus
+SECITEM_CopyItem(PLArenaPool *arena, SECItem *to,
+ const SECItem *from)
+{
+ return SECITEM_CopyItem_Util(arena, to, from);
+}
+
+SECItem *
+SECITEM_DupItem(const SECItem *from)
+{
+ return SECITEM_DupItem_Util(from);
+}
+
+SECItem *
+SECITEM_ArenaDupItem(PLArenaPool *arena, const SECItem *from)
+{
+ return SECITEM_ArenaDupItem_Util(arena, from);
+}
+
+void
+SECITEM_FreeItem(SECItem *zap, PRBool freeit)
+{
+ SECITEM_FreeItem_Util(zap, freeit);
+}
+
+void
+SECITEM_ZfreeItem(SECItem *zap, PRBool freeit)
+{
+ SECITEM_ZfreeItem_Util(zap, freeit);
+}
+
+SGNDigestInfo *
+SGN_CreateDigestInfo(SECOidTag algorithm,
+ unsigned char *sig,
+ unsigned int sigLen)
+{
+ return SGN_CreateDigestInfo_Util(algorithm, sig, sigLen);
+}
+
+void
+SGN_DestroyDigestInfo(SGNDigestInfo *info)
+{
+ SGN_DestroyDigestInfo_Util(info);
+}
+
+SECStatus
+SGN_CopyDigestInfo(PLArenaPool *poolp,
+ SGNDigestInfo *a,
+ SGNDigestInfo *b)
+{
+ return SGN_CopyDigestInfo_Util(poolp, a, b);
+}
+
+SECComparison
+SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b)
+{
+ return SGN_CompareDigestInfo_Util(a, b);
+}
+
+SECStatus
+DER_Encode(PLArenaPool *arena, SECItem *dest, DERTemplate *t,
+ void *src)
+{
+ return DER_Encode_Util(arena, dest, t, src);
+}
+
+SECStatus
+DER_Lengths(SECItem *item, int *header_len_p,
+ PRUint32 *contents_len_p)
+{
+ return DER_Lengths_Util(item, header_len_p, contents_len_p);
+}
+
+long
+DER_GetInteger(const SECItem *src)
+{
+ return DER_GetInteger_Util(src);
+}
+
+SECStatus
+DER_TimeToUTCTime(SECItem *result, PRTime time)
+{
+ return DER_TimeToUTCTime_Util(result, time);
+}
+
+SECStatus
+DER_AsciiToTime(PRTime *result, const char *string)
+{
+ return DER_AsciiToTime_Util(result, string);
+}
+
+SECStatus
+DER_UTCTimeToTime(PRTime *result, const SECItem *time)
+{
+ return DER_UTCTimeToTime_Util(result, time);
+}
+
+char *
+DER_UTCTimeToAscii(SECItem *utcTime)
+{
+ return DER_UTCTimeToAscii_Util(utcTime);
+}
+
+char *
+DER_UTCDayToAscii(SECItem *utctime)
+{
+ return DER_UTCDayToAscii_Util(utctime);
+}
+
+char *
+DER_GeneralizedDayToAscii(SECItem *gentime)
+{
+ return DER_GeneralizedDayToAscii_Util(gentime);
+}
+
+char *
+DER_TimeChoiceDayToAscii(SECItem *timechoice)
+{
+ return DER_TimeChoiceDayToAscii_Util(timechoice);
+}
+
+SECStatus
+DER_TimeToGeneralizedTime(SECItem *dst, PRTime gmttime)
+{
+ return DER_TimeToGeneralizedTime_Util(dst, gmttime);
+}
+
+SECStatus
+DER_TimeToGeneralizedTimeArena(PLArenaPool *arenaOpt,
+ SECItem *dst, PRTime gmttime)
+{
+ return DER_TimeToGeneralizedTimeArena_Util(arenaOpt, dst, gmttime);
+}
+
+SECStatus
+DER_GeneralizedTimeToTime(PRTime *dst, const SECItem *time)
+{
+ return DER_GeneralizedTimeToTime_Util(dst, time);
+}
+
+char *
+CERT_GenTime2FormattedAscii(PRTime genTime, char *format)
+{
+ return CERT_GenTime2FormattedAscii_Util(genTime, format);
+}
+
+SECStatus
+DER_DecodeTimeChoice(PRTime *output, const SECItem *input)
+{
+ return DER_DecodeTimeChoice_Util(output, input);
+}
+
+SECStatus
+DER_EncodeTimeChoice(PLArenaPool *arena, SECItem *output,
+ PRTime input)
+{
+ return DER_EncodeTimeChoice_Util(arena, output, input);
+}
+
+SEC_ASN1DecoderContext *
+SEC_ASN1DecoderStart(PLArenaPool *pool,
+ void *dest,
+ const SEC_ASN1Template *t)
+{
+ return SEC_ASN1DecoderStart_Util(pool, dest, t);
+}
+
+SECStatus
+SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
+ const char *buf,
+ unsigned long len)
+{
+ return SEC_ASN1DecoderUpdate_Util(cx, buf, len);
+}
+
+SECStatus
+SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx)
+{
+ return SEC_ASN1DecoderFinish_Util(cx);
+}
+
+void
+SEC_ASN1DecoderAbort(SEC_ASN1DecoderContext *cx, int error)
+{
+ SEC_ASN1DecoderAbort_Util(cx, error);
+}
+
+void
+SEC_ASN1DecoderSetFilterProc(SEC_ASN1DecoderContext *cx,
+ SEC_ASN1WriteProc fn,
+ void *arg, PRBool no_store)
+{
+ SEC_ASN1DecoderSetFilterProc_Util(cx, fn, arg, no_store);
+}
+
+void
+SEC_ASN1DecoderClearFilterProc(SEC_ASN1DecoderContext *cx)
+{
+ SEC_ASN1DecoderClearFilterProc_Util(cx);
+}
+
+void
+SEC_ASN1DecoderSetNotifyProc(SEC_ASN1DecoderContext *cx,
+ SEC_ASN1NotifyProc fn,
+ void *arg)
+{
+ SEC_ASN1DecoderSetNotifyProc_Util(cx, fn, arg);
+}
+
+void
+SEC_ASN1DecoderClearNotifyProc(SEC_ASN1DecoderContext *cx)
+{
+ SEC_ASN1DecoderClearNotifyProc_Util(cx);
+}
+
+SECStatus
+SEC_ASN1Decode(PLArenaPool *pool, void *dest,
+ const SEC_ASN1Template *t,
+ const char *buf, long len)
+{
+ return SEC_ASN1Decode_Util(pool, dest, t, buf, len);
+}
+
+SECStatus
+SEC_ASN1DecodeItem(PLArenaPool *pool, void *dest,
+ const SEC_ASN1Template *t,
+ const SECItem *src)
+{
+ return SEC_ASN1DecodeItem_Util(pool, dest, t, src);
+}
+
+SECStatus
+SEC_QuickDERDecodeItem(PLArenaPool *arena, void *dest,
+ const SEC_ASN1Template *templateEntry,
+ const SECItem *src)
+{
+ return SEC_QuickDERDecodeItem_Util(arena, dest, templateEntry, src);
+}
+
+SEC_ASN1EncoderContext *
+SEC_ASN1EncoderStart(const void *src,
+ const SEC_ASN1Template *t,
+ SEC_ASN1WriteProc fn,
+ void *output_arg)
+{
+ return SEC_ASN1EncoderStart_Util(src, t, fn, output_arg);
+}
+
+SECStatus
+SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
+ const char *buf,
+ unsigned long len)
+{
+ return SEC_ASN1EncoderUpdate_Util(cx, buf, len);
+}
+
+void
+SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx)
+{
+ SEC_ASN1EncoderFinish_Util(cx);
+}
+
+void
+SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error)
+{
+ SEC_ASN1EncoderAbort_Util(cx, error);
+}
+
+void
+SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
+ SEC_ASN1NotifyProc fn,
+ void *arg)
+{
+ SEC_ASN1EncoderSetNotifyProc_Util(cx, fn, arg);
+}
+
+void
+SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx)
+{
+ SEC_ASN1EncoderClearNotifyProc_Util(cx);
+}
+
+void
+SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx)
+{
+ SEC_ASN1EncoderSetStreaming_Util(cx);
+}
+
+void
+SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx)
+{
+ SEC_ASN1EncoderClearStreaming_Util(cx);
+}
+
+void
+SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx)
+{
+ SEC_ASN1EncoderSetTakeFromBuf_Util(cx);
+}
+
+void
+SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx)
+{
+ SEC_ASN1EncoderClearTakeFromBuf_Util(cx);
+}
+
+SECStatus
+SEC_ASN1Encode(const void *src, const SEC_ASN1Template *t,
+ SEC_ASN1WriteProc output_proc,
+ void *output_arg)
+{
+ return SEC_ASN1Encode_Util(src, t, output_proc, output_arg);
+}
+
+SECItem *
+SEC_ASN1EncodeItem(PLArenaPool *pool, SECItem *dest,
+ const void *src, const SEC_ASN1Template *t)
+{
+ return SEC_ASN1EncodeItem_Util(pool, dest, src, t);
+}
+
+SECItem *
+SEC_ASN1EncodeInteger(PLArenaPool *pool,
+ SECItem *dest, long value)
+{
+ return SEC_ASN1EncodeInteger_Util(pool, dest, value);
+}
+
+SECItem *
+SEC_ASN1EncodeUnsignedInteger(PLArenaPool *pool,
+ SECItem *dest,
+ unsigned long value)
+{
+ return SEC_ASN1EncodeUnsignedInteger_Util(pool, dest, value);
+}
+
+SECStatus
+SEC_ASN1DecodeInteger(SECItem *src,
+ unsigned long *value)
+{
+ return SEC_ASN1DecodeInteger_Util(src, value);
+}
+
+int
+SEC_ASN1LengthLength(unsigned long len)
+{
+ return SEC_ASN1LengthLength_Util(len);
+}
+
+char *
+BTOA_DataToAscii(const unsigned char *data, unsigned int len)
+{
+ return BTOA_DataToAscii_Util(data, len);
+}
+
+unsigned char *
+ATOB_AsciiToData(const char *string, unsigned int *lenp)
+{
+ return ATOB_AsciiToData_Util(string, lenp);
+}
+
+SECStatus
+ATOB_ConvertAsciiToItem(SECItem *binary_item, const char *ascii)
+{
+ return ATOB_ConvertAsciiToItem_Util(binary_item, ascii);
+}
+
+char *
+BTOA_ConvertItemToAscii(SECItem *binary_item)
+{
+ return BTOA_ConvertItemToAscii_Util(binary_item);
+}
+
+NSSBase64Decoder *
+NSSBase64Decoder_Create(PRInt32 (*output_fn)(void *, const unsigned char *,
+ PRInt32),
+ void *output_arg)
+{
+ return NSSBase64Decoder_Create_Util(output_fn, output_arg);
+}
+
+NSSBase64Encoder *
+NSSBase64Encoder_Create(PRInt32 (*output_fn)(void *, const char *, PRInt32),
+ void *output_arg)
+{
+ return NSSBase64Encoder_Create_Util(output_fn, output_arg);
+}
+
+SECStatus
+NSSBase64Decoder_Update(NSSBase64Decoder *data, const char *buffer,
+ PRUint32 size)
+{
+ return NSSBase64Decoder_Update_Util(data, buffer, size);
+}
+
+SECStatus
+NSSBase64Encoder_Update(NSSBase64Encoder *data, const unsigned char *buffer,
+ PRUint32 size)
+{
+ return NSSBase64Encoder_Update_Util(data, buffer, size);
+}
+
+SECStatus
+NSSBase64Decoder_Destroy(NSSBase64Decoder *data, PRBool abort_p)
+{
+ return NSSBase64Decoder_Destroy_Util(data, abort_p);
+}
+
+SECStatus
+NSSBase64Encoder_Destroy(NSSBase64Encoder *data, PRBool abort_p)
+{
+ return NSSBase64Encoder_Destroy_Util(data, abort_p);
+}
+
+SECItem *
+NSSBase64_DecodeBuffer(PLArenaPool *arenaOpt, SECItem *outItemOpt,
+ const char *inStr, unsigned int inLen)
+{
+ return NSSBase64_DecodeBuffer_Util(arenaOpt, outItemOpt, inStr, inLen);
+}
+
+char *
+NSSBase64_EncodeItem(PLArenaPool *arenaOpt, char *outStrOpt,
+ unsigned int maxOutLen, SECItem *inItem)
+{
+ return NSSBase64_EncodeItem_Util(arenaOpt, outStrOpt, maxOutLen, inItem);
+}
+
+NSSRWLock *
+NSSRWLock_New(PRUint32 lock_rank, const char *lock_name)
+{
+ return NSSRWLock_New_Util(lock_rank, lock_name);
+}
+
+void
+NSSRWLock_Destroy(NSSRWLock *lock)
+{
+ NSSRWLock_Destroy_Util(lock);
+}
+
+void
+NSSRWLock_LockRead(NSSRWLock *lock)
+{
+ NSSRWLock_LockRead_Util(lock);
+}
+
+void
+NSSRWLock_LockWrite(NSSRWLock *lock)
+{
+ NSSRWLock_LockWrite_Util(lock);
+}
+
+void
+NSSRWLock_UnlockRead(NSSRWLock *lock)
+{
+ NSSRWLock_UnlockRead_Util(lock);
+}
+
+void
+NSSRWLock_UnlockWrite(NSSRWLock *lock)
+{
+ NSSRWLock_UnlockWrite_Util(lock);
+}
+
+PRBool
+NSSRWLock_HaveWriteLock(NSSRWLock *rwlock)
+{
+ return NSSRWLock_HaveWriteLock_Util(rwlock);
+}
+
+SECStatus
+__nss_InitLock(PZLock **ppLock, nssILockType ltype)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+/* templates duplicated in libnss3 and libnssutil3 */
+
+#undef NSS_Get_SEC_AnyTemplate
+#undef NSS_Get_SEC_BitStringTemplate
+#undef NSS_Get_SEC_BMPStringTemplate
+#undef NSS_Get_SEC_BooleanTemplate
+#undef NSS_Get_SEC_GeneralizedTimeTemplate
+#undef NSS_Get_SEC_IA5StringTemplate
+#undef NSS_Get_SEC_IntegerTemplate
+#undef NSS_Get_SEC_NullTemplate
+#undef NSS_Get_SEC_ObjectIDTemplate
+#undef NSS_Get_SEC_OctetStringTemplate
+#undef NSS_Get_SEC_PointerToAnyTemplate
+#undef NSS_Get_SEC_PointerToOctetStringTemplate
+#undef NSS_Get_SEC_SetOfAnyTemplate
+#undef NSS_Get_SEC_UTCTimeTemplate
+#undef NSS_Get_SEC_UTF8StringTemplate
+#undef NSS_Get_SECOID_AlgorithmIDTemplate
+#undef NSS_Get_sgn_DigestInfoTemplate
+#undef SEC_AnyTemplate
+#undef SEC_BitStringTemplate
+#undef SEC_BMPStringTemplate
+#undef SEC_BooleanTemplate
+#undef SEC_GeneralizedTimeTemplate
+#undef SEC_IA5StringTemplate
+#undef SEC_IntegerTemplate
+#undef SEC_NullTemplate
+#undef SEC_ObjectIDTemplate
+#undef SEC_OctetStringTemplate
+#undef SEC_PointerToAnyTemplate
+#undef SEC_PointerToOctetStringTemplate
+#undef SEC_SetOfAnyTemplate
+#undef SEC_UTCTimeTemplate
+#undef SEC_UTF8StringTemplate
+#undef SECOID_AlgorithmIDTemplate
+#undef sgn_DigestInfoTemplate
+
+#include "templates.c"
diff --git a/security/nss/lib/pk11wrap/Makefile b/security/nss/lib/pk11wrap/Makefile
new file mode 100644
index 000000000..86ab29653
--- /dev/null
+++ b/security/nss/lib/pk11wrap/Makefile
@@ -0,0 +1,62 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+-include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+$(OBJDIR)/pk11load$(OBJ_SUFFIX): debug_module.c
+
+# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
+# pk11slot.c in 64-bit mode for unknown reasons. A workaround is
+# to compile it with optimizations turned on. (Bugzilla bug #63815)
+ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
+ifeq ($(USE_64),1)
+ifndef BUILD_OPT
+$(OBJDIR)/pk11slot.o: pk11slot.c
+ @$(MAKE_OBJDIR)
+ $(CC) -o $@ -c -O2 $(CFLAGS) $<
+endif
+endif
+endif
diff --git a/security/nss/lib/pk11wrap/config.mk b/security/nss/lib/pk11wrap/config.mk
new file mode 100644
index 000000000..b8c03de79
--- /dev/null
+++ b/security/nss/lib/pk11wrap/config.mk
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/pk11wrap/debug_module.c b/security/nss/lib/pk11wrap/debug_module.c
new file mode 100644
index 000000000..9230c0136
--- /dev/null
+++ b/security/nss/lib/pk11wrap/debug_module.c
@@ -0,0 +1,2760 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "prlog.h"
+#include <stdio.h>
+#include "cert.h" /* for CERT_DerNameToAscii & CERT_Hexify */
+
+static PRLogModuleInfo *modlog = NULL;
+
+static CK_FUNCTION_LIST_PTR module_functions;
+
+static CK_FUNCTION_LIST debug_functions;
+
+static void print_final_statistics(void);
+
+#define STRING static const char
+
+STRING fmt_flags[] = " flags = 0x%x";
+STRING fmt_hKey[] = " hKey = 0x%x";
+STRING fmt_hObject[] = " hObject = 0x%x";
+STRING fmt_hSession[] = " hSession = 0x%x";
+STRING fmt_manufacturerID[] = " manufacturerID = \"%.32s\"";
+STRING fmt_pData[] = " pData = 0x%p";
+STRING fmt_pDigest[] = " pDigest = 0x%p";
+STRING fmt_pEncryptedData[] = " pEncryptedData = 0x%p";
+STRING fmt_pEncryptedPart[] = " pEncryptedPart = 0x%p";
+STRING fmt_pInfo[] = " pInfo = 0x%p";
+STRING fmt_pMechanism[] = " pMechanism = 0x%p";
+STRING fmt_pOperationState[] = " pOperationState = 0x%p";
+STRING fmt_pPart[] = " pPart = 0x%p";
+STRING fmt_pPin[] = " pPin = 0x%p";
+STRING fmt_pSignature[] = " pSignature = 0x%p";
+STRING fmt_pTemplate[] = " pTemplate = 0x%p";
+STRING fmt_pWrappedKey[] = " pWrappedKey = 0x%p";
+STRING fmt_phKey[] = " phKey = 0x%p";
+STRING fmt_phObject[] = " phObject = 0x%p";
+STRING fmt_pulCount[] = " pulCount = 0x%p";
+STRING fmt_pulDataLen[] = " pulDataLen = 0x%p";
+STRING fmt_pulDigestLen[] = " pulDigestLen = 0x%p";
+STRING fmt_pulEncryptedPartLen[] = " pulEncryptedPartLen = 0x%p";
+STRING fmt_pulPartLen[] = " pulPartLen = 0x%p";
+STRING fmt_pulSignatureLen[] = " pulSignatureLen = 0x%p";
+STRING fmt_slotID[] = " slotID = 0x%x";
+STRING fmt_sphKey[] = " *phKey = 0x%x";
+STRING fmt_spulCount[] = " *pulCount = 0x%x";
+STRING fmt_spulDataLen[] = " *pulDataLen = 0x%x";
+STRING fmt_spulDigestLen[] = " *pulDigestLen = 0x%x";
+STRING fmt_spulEncryptedPartLen[] = " *pulEncryptedPartLen = 0x%x";
+STRING fmt_spulPartLen[] = " *pulPartLen = 0x%x";
+STRING fmt_spulSignatureLen[] = " *pulSignatureLen = 0x%x";
+STRING fmt_ulAttributeCount[] = " ulAttributeCount = %d";
+STRING fmt_ulCount[] = " ulCount = %d";
+STRING fmt_ulDataLen[] = " ulDataLen = %d";
+STRING fmt_ulEncryptedPartLen[] = " ulEncryptedPartLen = %d";
+STRING fmt_ulPartLen[] = " ulPartLen = %d";
+STRING fmt_ulPinLen[] = " ulPinLen = %d";
+STRING fmt_ulSignatureLen[] = " ulSignatureLen = %d";
+
+STRING fmt_fwVersion[] = " firmware version: %d.%d";
+STRING fmt_hwVersion[] = " hardware version: %d.%d";
+STRING fmt_s_qsq_d[] = " %s = \"%s\" [%d]";
+STRING fmt_s_s_d[] = " %s = %s [%d]";
+STRING fmt_s_lu[] = " %s = %lu";
+STRING fmt_invalid_handle[] = " (CK_INVALID_HANDLE)";
+
+static void
+get_attr_type_str(CK_ATTRIBUTE_TYPE atype, char *str, int len)
+{
+#define CASE(attr) \
+ case attr: \
+ a = #attr; \
+ break
+
+ const char *a = NULL;
+
+ switch (atype) {
+ CASE(CKA_CLASS);
+ CASE(CKA_TOKEN);
+ CASE(CKA_PRIVATE);
+ CASE(CKA_LABEL);
+ CASE(CKA_APPLICATION);
+ CASE(CKA_VALUE);
+ CASE(CKA_OBJECT_ID);
+ CASE(CKA_CERTIFICATE_TYPE);
+ CASE(CKA_CERTIFICATE_CATEGORY);
+ CASE(CKA_ISSUER);
+ CASE(CKA_SERIAL_NUMBER);
+ CASE(CKA_AC_ISSUER);
+ CASE(CKA_OWNER);
+ CASE(CKA_ATTR_TYPES);
+ CASE(CKA_TRUSTED);
+ CASE(CKA_KEY_TYPE);
+ CASE(CKA_SUBJECT);
+ CASE(CKA_ID);
+ CASE(CKA_SENSITIVE);
+ CASE(CKA_ENCRYPT);
+ CASE(CKA_DECRYPT);
+ CASE(CKA_WRAP);
+ CASE(CKA_UNWRAP);
+ CASE(CKA_SIGN);
+ CASE(CKA_SIGN_RECOVER);
+ CASE(CKA_VERIFY);
+ CASE(CKA_VERIFY_RECOVER);
+ CASE(CKA_DERIVE);
+ CASE(CKA_START_DATE);
+ CASE(CKA_END_DATE);
+ CASE(CKA_MODULUS);
+ CASE(CKA_MODULUS_BITS);
+ CASE(CKA_PUBLIC_EXPONENT);
+ CASE(CKA_PRIVATE_EXPONENT);
+ CASE(CKA_PRIME_1);
+ CASE(CKA_PRIME_2);
+ CASE(CKA_EXPONENT_1);
+ CASE(CKA_EXPONENT_2);
+ CASE(CKA_COEFFICIENT);
+ CASE(CKA_PRIME);
+ CASE(CKA_SUBPRIME);
+ CASE(CKA_BASE);
+ CASE(CKA_PRIME_BITS);
+ CASE(CKA_SUBPRIME_BITS);
+ CASE(CKA_VALUE_BITS);
+ CASE(CKA_VALUE_LEN);
+ CASE(CKA_EXTRACTABLE);
+ CASE(CKA_LOCAL);
+ CASE(CKA_NEVER_EXTRACTABLE);
+ CASE(CKA_ALWAYS_SENSITIVE);
+ CASE(CKA_KEY_GEN_MECHANISM);
+ CASE(CKA_MODIFIABLE);
+ CASE(CKA_ECDSA_PARAMS);
+ CASE(CKA_EC_POINT);
+ CASE(CKA_SECONDARY_AUTH);
+ CASE(CKA_AUTH_PIN_FLAGS);
+ CASE(CKA_HW_FEATURE_TYPE);
+ CASE(CKA_RESET_ON_INIT);
+ CASE(CKA_HAS_RESET);
+ CASE(CKA_VENDOR_DEFINED);
+ CASE(CKA_NSS_URL);
+ CASE(CKA_NSS_EMAIL);
+ CASE(CKA_NSS_SMIME_INFO);
+ CASE(CKA_NSS_SMIME_TIMESTAMP);
+ CASE(CKA_NSS_PKCS8_SALT);
+ CASE(CKA_NSS_PASSWORD_CHECK);
+ CASE(CKA_NSS_EXPIRES);
+ CASE(CKA_NSS_KRL);
+ CASE(CKA_NSS_PQG_COUNTER);
+ CASE(CKA_NSS_PQG_SEED);
+ CASE(CKA_NSS_PQG_H);
+ CASE(CKA_NSS_PQG_SEED_BITS);
+ CASE(CKA_TRUST);
+ CASE(CKA_TRUST_DIGITAL_SIGNATURE);
+ CASE(CKA_TRUST_NON_REPUDIATION);
+ CASE(CKA_TRUST_KEY_ENCIPHERMENT);
+ CASE(CKA_TRUST_DATA_ENCIPHERMENT);
+ CASE(CKA_TRUST_KEY_AGREEMENT);
+ CASE(CKA_TRUST_KEY_CERT_SIGN);
+ CASE(CKA_TRUST_CRL_SIGN);
+ CASE(CKA_TRUST_SERVER_AUTH);
+ CASE(CKA_TRUST_CLIENT_AUTH);
+ CASE(CKA_TRUST_CODE_SIGNING);
+ CASE(CKA_TRUST_EMAIL_PROTECTION);
+ CASE(CKA_TRUST_IPSEC_END_SYSTEM);
+ CASE(CKA_TRUST_IPSEC_TUNNEL);
+ CASE(CKA_TRUST_IPSEC_USER);
+ CASE(CKA_TRUST_TIME_STAMPING);
+ CASE(CKA_CERT_SHA1_HASH);
+ CASE(CKA_CERT_MD5_HASH);
+ CASE(CKA_NETSCAPE_DB);
+ CASE(CKA_NETSCAPE_TRUST);
+ default:
+ break;
+ }
+ if (a)
+ PR_snprintf(str, len, "%s", a);
+ else
+ PR_snprintf(str, len, "0x%p", atype);
+}
+
+static void
+get_obj_class(CK_OBJECT_CLASS objClass, char *str, int len)
+{
+
+ const char *a = NULL;
+
+ switch (objClass) {
+ CASE(CKO_DATA);
+ CASE(CKO_CERTIFICATE);
+ CASE(CKO_PUBLIC_KEY);
+ CASE(CKO_PRIVATE_KEY);
+ CASE(CKO_SECRET_KEY);
+ CASE(CKO_HW_FEATURE);
+ CASE(CKO_DOMAIN_PARAMETERS);
+ CASE(CKO_NSS_CRL);
+ CASE(CKO_NSS_SMIME);
+ CASE(CKO_NSS_TRUST);
+ CASE(CKO_NSS_BUILTIN_ROOT_LIST);
+ default:
+ break;
+ }
+ if (a)
+ PR_snprintf(str, len, "%s", a);
+ else
+ PR_snprintf(str, len, "0x%p", objClass);
+}
+
+static void
+get_trust_val(CK_TRUST trust, char *str, int len)
+{
+ const char *a = NULL;
+
+ switch (trust) {
+ CASE(CKT_NSS_TRUSTED);
+ CASE(CKT_NSS_TRUSTED_DELEGATOR);
+ CASE(CKT_NSS_NOT_TRUSTED);
+ CASE(CKT_NSS_MUST_VERIFY_TRUST);
+ CASE(CKT_NSS_TRUST_UNKNOWN);
+ CASE(CKT_NSS_VALID_DELEGATOR);
+ default:
+ break;
+ }
+ if (a)
+ PR_snprintf(str, len, "%s", a);
+ else
+ PR_snprintf(str, len, "0x%p", trust);
+}
+
+static void
+log_rv(CK_RV rv)
+{
+ const char *a = NULL;
+
+ switch (rv) {
+ CASE(CKR_OK);
+ CASE(CKR_CANCEL);
+ CASE(CKR_HOST_MEMORY);
+ CASE(CKR_SLOT_ID_INVALID);
+ CASE(CKR_GENERAL_ERROR);
+ CASE(CKR_FUNCTION_FAILED);
+ CASE(CKR_ARGUMENTS_BAD);
+ CASE(CKR_NO_EVENT);
+ CASE(CKR_NEED_TO_CREATE_THREADS);
+ CASE(CKR_CANT_LOCK);
+ CASE(CKR_ATTRIBUTE_READ_ONLY);
+ CASE(CKR_ATTRIBUTE_SENSITIVE);
+ CASE(CKR_ATTRIBUTE_TYPE_INVALID);
+ CASE(CKR_ATTRIBUTE_VALUE_INVALID);
+ CASE(CKR_DATA_INVALID);
+ CASE(CKR_DATA_LEN_RANGE);
+ CASE(CKR_DEVICE_ERROR);
+ CASE(CKR_DEVICE_MEMORY);
+ CASE(CKR_DEVICE_REMOVED);
+ CASE(CKR_ENCRYPTED_DATA_INVALID);
+ CASE(CKR_ENCRYPTED_DATA_LEN_RANGE);
+ CASE(CKR_FUNCTION_CANCELED);
+ CASE(CKR_FUNCTION_NOT_PARALLEL);
+ CASE(CKR_FUNCTION_NOT_SUPPORTED);
+ CASE(CKR_KEY_HANDLE_INVALID);
+ CASE(CKR_KEY_SIZE_RANGE);
+ CASE(CKR_KEY_TYPE_INCONSISTENT);
+ CASE(CKR_KEY_NOT_NEEDED);
+ CASE(CKR_KEY_CHANGED);
+ CASE(CKR_KEY_NEEDED);
+ CASE(CKR_KEY_INDIGESTIBLE);
+ CASE(CKR_KEY_FUNCTION_NOT_PERMITTED);
+ CASE(CKR_KEY_NOT_WRAPPABLE);
+ CASE(CKR_KEY_UNEXTRACTABLE);
+ CASE(CKR_MECHANISM_INVALID);
+ CASE(CKR_MECHANISM_PARAM_INVALID);
+ CASE(CKR_OBJECT_HANDLE_INVALID);
+ CASE(CKR_OPERATION_ACTIVE);
+ CASE(CKR_OPERATION_NOT_INITIALIZED);
+ CASE(CKR_PIN_INCORRECT);
+ CASE(CKR_PIN_INVALID);
+ CASE(CKR_PIN_LEN_RANGE);
+ CASE(CKR_PIN_EXPIRED);
+ CASE(CKR_PIN_LOCKED);
+ CASE(CKR_SESSION_CLOSED);
+ CASE(CKR_SESSION_COUNT);
+ CASE(CKR_SESSION_HANDLE_INVALID);
+ CASE(CKR_SESSION_PARALLEL_NOT_SUPPORTED);
+ CASE(CKR_SESSION_READ_ONLY);
+ CASE(CKR_SESSION_EXISTS);
+ CASE(CKR_SESSION_READ_ONLY_EXISTS);
+ CASE(CKR_SESSION_READ_WRITE_SO_EXISTS);
+ CASE(CKR_SIGNATURE_INVALID);
+ CASE(CKR_SIGNATURE_LEN_RANGE);
+ CASE(CKR_TEMPLATE_INCOMPLETE);
+ CASE(CKR_TEMPLATE_INCONSISTENT);
+ CASE(CKR_TOKEN_NOT_PRESENT);
+ CASE(CKR_TOKEN_NOT_RECOGNIZED);
+ CASE(CKR_TOKEN_WRITE_PROTECTED);
+ CASE(CKR_UNWRAPPING_KEY_HANDLE_INVALID);
+ CASE(CKR_UNWRAPPING_KEY_SIZE_RANGE);
+ CASE(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT);
+ CASE(CKR_USER_ALREADY_LOGGED_IN);
+ CASE(CKR_USER_NOT_LOGGED_IN);
+ CASE(CKR_USER_PIN_NOT_INITIALIZED);
+ CASE(CKR_USER_TYPE_INVALID);
+ CASE(CKR_USER_ANOTHER_ALREADY_LOGGED_IN);
+ CASE(CKR_USER_TOO_MANY_TYPES);
+ CASE(CKR_WRAPPED_KEY_INVALID);
+ CASE(CKR_WRAPPED_KEY_LEN_RANGE);
+ CASE(CKR_WRAPPING_KEY_HANDLE_INVALID);
+ CASE(CKR_WRAPPING_KEY_SIZE_RANGE);
+ CASE(CKR_WRAPPING_KEY_TYPE_INCONSISTENT);
+ CASE(CKR_RANDOM_SEED_NOT_SUPPORTED);
+ CASE(CKR_RANDOM_NO_RNG);
+ CASE(CKR_DOMAIN_PARAMS_INVALID);
+ CASE(CKR_BUFFER_TOO_SMALL);
+ CASE(CKR_SAVED_STATE_INVALID);
+ CASE(CKR_INFORMATION_SENSITIVE);
+ CASE(CKR_STATE_UNSAVEABLE);
+ CASE(CKR_CRYPTOKI_NOT_INITIALIZED);
+ CASE(CKR_CRYPTOKI_ALREADY_INITIALIZED);
+ CASE(CKR_MUTEX_BAD);
+ CASE(CKR_MUTEX_NOT_LOCKED);
+ CASE(CKR_FUNCTION_REJECTED);
+ CASE(CKR_KEY_PARAMS_INVALID);
+ default:
+ break;
+ }
+ if (a)
+ PR_LOG(modlog, 1, (" rv = %s\n", a));
+ else
+ PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
+}
+
+static void
+log_state(CK_STATE state)
+{
+ const char *a = NULL;
+
+ switch (state) {
+ CASE(CKS_RO_PUBLIC_SESSION);
+ CASE(CKS_RO_USER_FUNCTIONS);
+ CASE(CKS_RW_PUBLIC_SESSION);
+ CASE(CKS_RW_USER_FUNCTIONS);
+ CASE(CKS_RW_SO_FUNCTIONS);
+ default:
+ break;
+ }
+ if (a)
+ PR_LOG(modlog, 1, (" state = %s\n", a));
+ else
+ PR_LOG(modlog, 1, (" state = 0x%x\n", state));
+}
+
+static void
+log_handle(int level, const char *format, CK_ULONG handle)
+{
+ char fmtBuf[80];
+ if (handle)
+ PR_LOG(modlog, level, (format, handle));
+ else {
+ PL_strncpyz(fmtBuf, format, sizeof fmtBuf);
+ PL_strcatn(fmtBuf, sizeof fmtBuf, fmt_invalid_handle);
+ PR_LOG(modlog, level, (fmtBuf, handle));
+ }
+}
+
+static void
+print_mechanism(CK_MECHANISM_PTR m)
+{
+
+ const char *a = NULL;
+
+ switch (m->mechanism) {
+ CASE(CKM_AES_CBC);
+ CASE(CKM_AES_CBC_ENCRYPT_DATA);
+ CASE(CKM_AES_CBC_PAD);
+ CASE(CKM_AES_CCM);
+ CASE(CKM_AES_CTR);
+ CASE(CKM_AES_CTS);
+ CASE(CKM_AES_GCM);
+ CASE(CKM_AES_ECB);
+ CASE(CKM_AES_ECB_ENCRYPT_DATA);
+ CASE(CKM_AES_KEY_GEN);
+ CASE(CKM_AES_MAC);
+ CASE(CKM_AES_MAC_GENERAL);
+ CASE(CKM_CAMELLIA_CBC);
+ CASE(CKM_CAMELLIA_CBC_ENCRYPT_DATA);
+ CASE(CKM_CAMELLIA_CBC_PAD);
+ CASE(CKM_CAMELLIA_ECB);
+ CASE(CKM_CAMELLIA_ECB_ENCRYPT_DATA);
+ CASE(CKM_CAMELLIA_KEY_GEN);
+ CASE(CKM_CAMELLIA_MAC);
+ CASE(CKM_CAMELLIA_MAC_GENERAL);
+ CASE(CKM_CDMF_CBC);
+ CASE(CKM_CDMF_CBC_PAD);
+ CASE(CKM_CDMF_ECB);
+ CASE(CKM_CDMF_KEY_GEN);
+ CASE(CKM_CDMF_MAC);
+ CASE(CKM_CDMF_MAC_GENERAL);
+ CASE(CKM_CMS_SIG);
+ CASE(CKM_CONCATENATE_BASE_AND_DATA);
+ CASE(CKM_CONCATENATE_BASE_AND_KEY);
+ CASE(CKM_CONCATENATE_DATA_AND_BASE);
+ CASE(CKM_DES2_KEY_GEN);
+ CASE(CKM_DES3_CBC);
+ CASE(CKM_DES3_CBC_ENCRYPT_DATA);
+ CASE(CKM_DES3_CBC_PAD);
+ CASE(CKM_DES3_ECB);
+ CASE(CKM_DES3_ECB_ENCRYPT_DATA);
+ CASE(CKM_DES3_KEY_GEN);
+ CASE(CKM_DES3_MAC);
+ CASE(CKM_DES3_MAC_GENERAL);
+ CASE(CKM_DES_CBC);
+ CASE(CKM_DES_CBC_ENCRYPT_DATA);
+ CASE(CKM_DES_CBC_PAD);
+ CASE(CKM_DES_CFB64);
+ CASE(CKM_DES_CFB8);
+ CASE(CKM_DES_ECB);
+ CASE(CKM_DES_ECB_ENCRYPT_DATA);
+ CASE(CKM_DES_KEY_GEN);
+ CASE(CKM_DES_MAC);
+ CASE(CKM_DES_MAC_GENERAL);
+ CASE(CKM_DES_OFB64);
+ CASE(CKM_DES_OFB8);
+ CASE(CKM_DH_PKCS_DERIVE);
+ CASE(CKM_DH_PKCS_KEY_PAIR_GEN);
+ CASE(CKM_DH_PKCS_PARAMETER_GEN);
+ CASE(CKM_DSA);
+ CASE(CKM_DSA_KEY_PAIR_GEN);
+ CASE(CKM_DSA_PARAMETER_GEN);
+ CASE(CKM_DSA_SHA1);
+ CASE(CKM_ECDH1_COFACTOR_DERIVE);
+ CASE(CKM_ECDH1_DERIVE);
+ CASE(CKM_ECDSA);
+ CASE(CKM_ECDSA_SHA1);
+ CASE(CKM_ECMQV_DERIVE);
+ CASE(CKM_EC_KEY_PAIR_GEN); /* also CASE(CKM_ECDSA_KEY_PAIR_GEN); */
+ CASE(CKM_EXTRACT_KEY_FROM_KEY);
+ CASE(CKM_FASTHASH);
+ CASE(CKM_FORTEZZA_TIMESTAMP);
+ CASE(CKM_GENERIC_SECRET_KEY_GEN);
+ CASE(CKM_IDEA_CBC);
+ CASE(CKM_IDEA_CBC_PAD);
+ CASE(CKM_IDEA_ECB);
+ CASE(CKM_IDEA_KEY_GEN);
+ CASE(CKM_IDEA_MAC);
+ CASE(CKM_IDEA_MAC_GENERAL);
+ CASE(CKM_KEA_KEY_DERIVE);
+ CASE(CKM_KEA_KEY_PAIR_GEN);
+ CASE(CKM_KEY_WRAP_LYNKS);
+ CASE(CKM_KEY_WRAP_SET_OAEP);
+ CASE(CKM_MD2);
+ CASE(CKM_MD2_HMAC);
+ CASE(CKM_MD2_HMAC_GENERAL);
+ CASE(CKM_MD2_KEY_DERIVATION);
+ CASE(CKM_MD2_RSA_PKCS);
+ CASE(CKM_MD5);
+ CASE(CKM_MD5_HMAC);
+ CASE(CKM_MD5_HMAC_GENERAL);
+ CASE(CKM_MD5_KEY_DERIVATION);
+ CASE(CKM_MD5_RSA_PKCS);
+ CASE(CKM_PBA_SHA1_WITH_SHA1_HMAC);
+ CASE(CKM_PBE_MD2_DES_CBC);
+ CASE(CKM_PBE_MD5_DES_CBC);
+ CASE(CKM_PBE_SHA1_DES2_EDE_CBC);
+ CASE(CKM_PBE_SHA1_DES3_EDE_CBC);
+ CASE(CKM_PBE_SHA1_RC2_128_CBC);
+ CASE(CKM_PBE_SHA1_RC2_40_CBC);
+ CASE(CKM_PBE_SHA1_RC4_128);
+ CASE(CKM_PBE_SHA1_RC4_40);
+ CASE(CKM_PKCS5_PBKD2);
+ CASE(CKM_RC2_CBC);
+ CASE(CKM_RC2_CBC_PAD);
+ CASE(CKM_RC2_ECB);
+ CASE(CKM_RC2_KEY_GEN);
+ CASE(CKM_RC2_MAC);
+ CASE(CKM_RC2_MAC_GENERAL);
+ CASE(CKM_RC4);
+ CASE(CKM_RC4_KEY_GEN);
+ CASE(CKM_RC5_CBC);
+ CASE(CKM_RC5_CBC_PAD);
+ CASE(CKM_RC5_ECB);
+ CASE(CKM_RC5_KEY_GEN);
+ CASE(CKM_RC5_MAC);
+ CASE(CKM_RC5_MAC_GENERAL);
+ CASE(CKM_RIPEMD128);
+ CASE(CKM_RIPEMD128_HMAC);
+ CASE(CKM_RIPEMD128_HMAC_GENERAL);
+ CASE(CKM_RIPEMD128_RSA_PKCS);
+ CASE(CKM_RIPEMD160);
+ CASE(CKM_RIPEMD160_HMAC);
+ CASE(CKM_RIPEMD160_HMAC_GENERAL);
+ CASE(CKM_RIPEMD160_RSA_PKCS);
+ CASE(CKM_RSA_9796);
+ CASE(CKM_RSA_PKCS);
+ CASE(CKM_RSA_PKCS_KEY_PAIR_GEN);
+ CASE(CKM_RSA_PKCS_OAEP);
+ CASE(CKM_RSA_PKCS_PSS);
+ CASE(CKM_RSA_X9_31);
+ CASE(CKM_RSA_X9_31_KEY_PAIR_GEN);
+ CASE(CKM_RSA_X_509);
+ CASE(CKM_SHA1_KEY_DERIVATION);
+ CASE(CKM_SHA1_RSA_PKCS);
+ CASE(CKM_SHA1_RSA_PKCS_PSS);
+ CASE(CKM_SHA1_RSA_X9_31);
+ CASE(CKM_SHA224);
+ CASE(CKM_SHA224_HMAC);
+ CASE(CKM_SHA224_HMAC_GENERAL);
+ CASE(CKM_SHA224_KEY_DERIVATION);
+ CASE(CKM_SHA224_RSA_PKCS);
+ CASE(CKM_SHA224_RSA_PKCS_PSS);
+ CASE(CKM_SHA256);
+ CASE(CKM_SHA256_HMAC);
+ CASE(CKM_SHA256_HMAC_GENERAL);
+ CASE(CKM_SHA256_KEY_DERIVATION);
+ CASE(CKM_SHA256_RSA_PKCS);
+ CASE(CKM_SHA256_RSA_PKCS_PSS);
+ CASE(CKM_SHA384);
+ CASE(CKM_SHA384_HMAC);
+ CASE(CKM_SHA384_HMAC_GENERAL);
+ CASE(CKM_SHA384_KEY_DERIVATION);
+ CASE(CKM_SHA384_RSA_PKCS);
+ CASE(CKM_SHA384_RSA_PKCS_PSS);
+ CASE(CKM_SHA512);
+ CASE(CKM_SHA512_HMAC);
+ CASE(CKM_SHA512_HMAC_GENERAL);
+ CASE(CKM_SHA512_KEY_DERIVATION);
+ CASE(CKM_SHA512_RSA_PKCS);
+ CASE(CKM_SHA512_RSA_PKCS_PSS);
+ CASE(CKM_SHA_1);
+ CASE(CKM_SHA_1_HMAC);
+ CASE(CKM_SHA_1_HMAC_GENERAL);
+ CASE(CKM_SKIPJACK_CBC64);
+ CASE(CKM_SKIPJACK_CFB16);
+ CASE(CKM_SKIPJACK_CFB32);
+ CASE(CKM_SKIPJACK_CFB64);
+ CASE(CKM_SKIPJACK_CFB8);
+ CASE(CKM_SKIPJACK_ECB64);
+ CASE(CKM_SKIPJACK_KEY_GEN);
+ CASE(CKM_SKIPJACK_OFB64);
+ CASE(CKM_SKIPJACK_PRIVATE_WRAP);
+ CASE(CKM_SKIPJACK_RELAYX);
+ CASE(CKM_SKIPJACK_WRAP);
+ CASE(CKM_SSL3_KEY_AND_MAC_DERIVE);
+ CASE(CKM_SSL3_MASTER_KEY_DERIVE);
+ CASE(CKM_SSL3_MASTER_KEY_DERIVE_DH);
+ CASE(CKM_SSL3_MD5_MAC);
+ CASE(CKM_SSL3_PRE_MASTER_KEY_GEN);
+ CASE(CKM_SSL3_SHA1_MAC);
+ CASE(CKM_TLS_KEY_AND_MAC_DERIVE);
+ CASE(CKM_TLS_MASTER_KEY_DERIVE);
+ CASE(CKM_TLS_MASTER_KEY_DERIVE_DH);
+ CASE(CKM_TLS_PRE_MASTER_KEY_GEN);
+ CASE(CKM_TLS_PRF);
+ CASE(CKM_TWOFISH_CBC);
+ CASE(CKM_TWOFISH_KEY_GEN);
+ CASE(CKM_X9_42_DH_DERIVE);
+ CASE(CKM_X9_42_DH_HYBRID_DERIVE);
+ CASE(CKM_X9_42_DH_KEY_PAIR_GEN);
+ CASE(CKM_X9_42_DH_PARAMETER_GEN);
+ CASE(CKM_X9_42_MQV_DERIVE);
+ CASE(CKM_XOR_BASE_AND_DATA);
+ default:
+ break;
+ }
+ if (a)
+ PR_LOG(modlog, 4, (" mechanism = %s", a));
+ else
+ PR_LOG(modlog, 4, (" mechanism = 0x%p", m->mechanism));
+}
+
+static void
+get_key_type(CK_KEY_TYPE keyType, char *str, int len)
+{
+
+ const char *a = NULL;
+
+ switch (keyType) {
+ CASE(CKK_AES);
+ CASE(CKK_CAMELLIA);
+ CASE(CKK_CDMF);
+ CASE(CKK_DES);
+ CASE(CKK_DES2);
+ CASE(CKK_DES3);
+ CASE(CKK_DH);
+ CASE(CKK_DSA);
+ CASE(CKK_EC); /* also CASE(CKK_ECDSA); */
+ CASE(CKK_GENERIC_SECRET);
+ CASE(CKK_IDEA);
+ CASE(CKK_INVALID_KEY_TYPE);
+ CASE(CKK_KEA);
+ CASE(CKK_RC2);
+ CASE(CKK_RC4);
+ CASE(CKK_RC5);
+ CASE(CKK_RSA);
+ CASE(CKK_SKIPJACK);
+ CASE(CKK_TWOFISH);
+ CASE(CKK_X9_42_DH);
+ default:
+ break;
+ }
+ if (a)
+ PR_snprintf(str, len, "%s", a);
+ else
+ PR_snprintf(str, len, "0x%p", keyType);
+}
+
+static void
+print_attr_value(CK_ATTRIBUTE_PTR attr)
+{
+ char atype[48];
+ char valstr[49];
+ int len;
+
+ get_attr_type_str(attr->type, atype, sizeof atype);
+ switch (attr->type) {
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_DECRYPT:
+ case CKA_DERIVE:
+ case CKA_ENCRYPT:
+ case CKA_EXTRACTABLE:
+ case CKA_LOCAL:
+ case CKA_MODIFIABLE:
+ case CKA_NEVER_EXTRACTABLE:
+ case CKA_PRIVATE:
+ case CKA_SENSITIVE:
+ case CKA_SIGN:
+ case CKA_SIGN_RECOVER:
+ case CKA_TOKEN:
+ case CKA_UNWRAP:
+ case CKA_VERIFY:
+ case CKA_VERIFY_RECOVER:
+ case CKA_WRAP:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ CK_BBOOL tf = *((CK_BBOOL *)attr->pValue);
+ PR_LOG(modlog, 4, (fmt_s_s_d,
+ atype, tf ? "CK_TRUE" : "CK_FALSE", attr->ulValueLen));
+ break;
+ }
+ case CKA_CLASS:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ CK_OBJECT_CLASS objClass = *((CK_OBJECT_CLASS *)attr->pValue);
+ get_obj_class(objClass, valstr, sizeof valstr);
+ PR_LOG(modlog, 4, (fmt_s_s_d,
+ atype, valstr, attr->ulValueLen));
+ break;
+ }
+ case CKA_TRUST_CLIENT_AUTH:
+ case CKA_TRUST_CODE_SIGNING:
+ case CKA_TRUST_EMAIL_PROTECTION:
+ case CKA_TRUST_SERVER_AUTH:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ CK_TRUST trust = *((CK_TRUST *)attr->pValue);
+ get_trust_val(trust, valstr, sizeof valstr);
+ PR_LOG(modlog, 4, (fmt_s_s_d,
+ atype, valstr, attr->ulValueLen));
+ break;
+ }
+ case CKA_KEY_TYPE:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ CK_KEY_TYPE keyType = *((CK_KEY_TYPE *)attr->pValue);
+ get_key_type(keyType, valstr, sizeof valstr);
+ PR_LOG(modlog, 4, (fmt_s_s_d,
+ atype, valstr, attr->ulValueLen));
+ break;
+ }
+ case CKA_PIXEL_X:
+ case CKA_PIXEL_Y:
+ case CKA_RESOLUTION:
+ case CKA_CHAR_ROWS:
+ case CKA_CHAR_COLUMNS:
+ case CKA_BITS_PER_PIXEL:
+ case CKA_CERTIFICATE_CATEGORY: /* should print as enum/string */
+ case CKA_JAVA_MIDP_SECURITY_DOMAIN: /* should print as enum/string */
+ case CKA_MODULUS_BITS:
+ case CKA_PRIME_BITS:
+ case CKA_SUBPRIME_BITS:
+ case CKA_VALUE_BITS:
+ case CKA_VALUE_LEN:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ CK_ULONG valueLen = *((CK_ULONG *)attr->pValue);
+ /* XXX check for the special value CK_UNAVAILABLE_INFORMATION */
+ PR_LOG(modlog, 4, (fmt_s_lu, atype, (PRUint32)valueLen));
+ break;
+ }
+ case CKA_LABEL:
+ case CKA_NSS_EMAIL:
+ case CKA_NSS_URL:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ len = PR_MIN(attr->ulValueLen + 1, sizeof valstr);
+ PR_snprintf(valstr, len, "%s", attr->pValue);
+ PR_LOG(modlog, 4, (fmt_s_qsq_d,
+ atype, valstr, attr->ulValueLen));
+ break;
+ }
+ case CKA_ISSUER:
+ case CKA_SUBJECT:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ char *asciiName;
+ SECItem derName;
+ derName.type = siDERNameBuffer;
+ derName.data = attr->pValue;
+ derName.len = attr->ulValueLen;
+ asciiName = CERT_DerNameToAscii(&derName);
+ if (asciiName) {
+ PR_LOG(modlog, 4, (fmt_s_s_d,
+ atype, asciiName, attr->ulValueLen));
+ PORT_Free(asciiName);
+ break;
+ }
+ /* else treat like a binary buffer */
+ goto binary_buffer;
+ }
+ case CKA_ID:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ unsigned char *pV = attr->pValue;
+ for (len = (int)attr->ulValueLen; len > 0; --len) {
+ unsigned int ch = *pV++;
+ if (ch >= 0x20 && ch < 0x7f)
+ continue;
+ if (!ch && len == 1) /* will ignore NUL if last character */
+ continue;
+ break;
+ }
+ if (!len) { /* entire string is printable */
+ len = PR_MIN(attr->ulValueLen + 1, sizeof valstr);
+ PR_snprintf(valstr, len, "%s", attr->pValue);
+ PR_LOG(modlog, 4, (fmt_s_qsq_d,
+ atype, valstr, attr->ulValueLen));
+ break;
+ }
+ /* else fall through and treat like a binary buffer */
+ }
+ binary_buffer:
+ case CKA_SERIAL_NUMBER:
+ default:
+ if (attr->ulValueLen > 0 && attr->pValue) {
+ char *hexBuf;
+ SECItem attrBuf;
+ attrBuf.type = siDERNameBuffer;
+ attrBuf.data = attr->pValue;
+ attrBuf.len = PR_MIN(attr->ulValueLen, (sizeof valstr) / 2);
+
+ hexBuf = CERT_Hexify(&attrBuf, PR_FALSE);
+ if (hexBuf) {
+ PR_LOG(modlog, 4, (fmt_s_s_d,
+ atype, hexBuf, attr->ulValueLen));
+ PORT_Free(hexBuf);
+ break;
+ }
+ /* else fall through and show only the address. :( */
+ }
+ PR_LOG(modlog, 4, (" %s = [0x%p] [%d]",
+ atype, attr->pValue, attr->ulValueLen));
+ break;
+ }
+}
+
+static void
+print_template(CK_ATTRIBUTE_PTR templ, CK_ULONG tlen)
+{
+ CK_ULONG i;
+ for (i = 0; i < tlen; i++) {
+ print_attr_value(&templ[i]);
+ }
+}
+
+struct nssdbg_prof_str {
+ PRUint32 time;
+ PRUint32 calls;
+ char *function;
+};
+
+#define NSSDBG_DEFINE(func) \
+ { \
+ 0, 0, #func \
+ }
+
+struct nssdbg_prof_str nssdbg_prof_data[] = {
+#define FUNC_C_INITIALIZE 0
+ NSSDBG_DEFINE(C_Initialize),
+#define FUNC_C_FINALIZE 1
+ NSSDBG_DEFINE(C_Finalize),
+#define FUNC_C_GETINFO 2
+ NSSDBG_DEFINE(C_GetInfo),
+#define FUNC_C_GETFUNCITONLIST 3
+ NSSDBG_DEFINE(C_GetFunctionList),
+#define FUNC_C_GETSLOTLIST 4
+ NSSDBG_DEFINE(C_GetSlotList),
+#define FUNC_C_GETSLOTINFO 5
+ NSSDBG_DEFINE(C_GetSlotInfo),
+#define FUNC_C_GETTOKENINFO 6
+ NSSDBG_DEFINE(C_GetTokenInfo),
+#define FUNC_C_GETMECHANISMLIST 7
+ NSSDBG_DEFINE(C_GetMechanismList),
+#define FUNC_C_GETMECHANISMINFO 8
+ NSSDBG_DEFINE(C_GetMechanismInfo),
+#define FUNC_C_INITTOKEN 9
+ NSSDBG_DEFINE(C_InitToken),
+#define FUNC_C_INITPIN 10
+ NSSDBG_DEFINE(C_InitPIN),
+#define FUNC_C_SETPIN 11
+ NSSDBG_DEFINE(C_SetPIN),
+#define FUNC_C_OPENSESSION 12
+ NSSDBG_DEFINE(C_OpenSession),
+#define FUNC_C_CLOSESESSION 13
+ NSSDBG_DEFINE(C_CloseSession),
+#define FUNC_C_CLOSEALLSESSIONS 14
+ NSSDBG_DEFINE(C_CloseAllSessions),
+#define FUNC_C_GETSESSIONINFO 15
+ NSSDBG_DEFINE(C_GetSessionInfo),
+#define FUNC_C_GETOPERATIONSTATE 16
+ NSSDBG_DEFINE(C_GetOperationState),
+#define FUNC_C_SETOPERATIONSTATE 17
+ NSSDBG_DEFINE(C_SetOperationState),
+#define FUNC_C_LOGIN 18
+ NSSDBG_DEFINE(C_Login),
+#define FUNC_C_LOGOUT 19
+ NSSDBG_DEFINE(C_Logout),
+#define FUNC_C_CREATEOBJECT 20
+ NSSDBG_DEFINE(C_CreateObject),
+#define FUNC_C_COPYOBJECT 21
+ NSSDBG_DEFINE(C_CopyObject),
+#define FUNC_C_DESTROYOBJECT 22
+ NSSDBG_DEFINE(C_DestroyObject),
+#define FUNC_C_GETOBJECTSIZE 23
+ NSSDBG_DEFINE(C_GetObjectSize),
+#define FUNC_C_GETATTRIBUTEVALUE 24
+ NSSDBG_DEFINE(C_GetAttributeValue),
+#define FUNC_C_SETATTRIBUTEVALUE 25
+ NSSDBG_DEFINE(C_SetAttributeValue),
+#define FUNC_C_FINDOBJECTSINIT 26
+ NSSDBG_DEFINE(C_FindObjectsInit),
+#define FUNC_C_FINDOBJECTS 27
+ NSSDBG_DEFINE(C_FindObjects),
+#define FUNC_C_FINDOBJECTSFINAL 28
+ NSSDBG_DEFINE(C_FindObjectsFinal),
+#define FUNC_C_ENCRYPTINIT 29
+ NSSDBG_DEFINE(C_EncryptInit),
+#define FUNC_C_ENCRYPT 30
+ NSSDBG_DEFINE(C_Encrypt),
+#define FUNC_C_ENCRYPTUPDATE 31
+ NSSDBG_DEFINE(C_EncryptUpdate),
+#define FUNC_C_ENCRYPTFINAL 32
+ NSSDBG_DEFINE(C_EncryptFinal),
+#define FUNC_C_DECRYPTINIT 33
+ NSSDBG_DEFINE(C_DecryptInit),
+#define FUNC_C_DECRYPT 34
+ NSSDBG_DEFINE(C_Decrypt),
+#define FUNC_C_DECRYPTUPDATE 35
+ NSSDBG_DEFINE(C_DecryptUpdate),
+#define FUNC_C_DECRYPTFINAL 36
+ NSSDBG_DEFINE(C_DecryptFinal),
+#define FUNC_C_DIGESTINIT 37
+ NSSDBG_DEFINE(C_DigestInit),
+#define FUNC_C_DIGEST 38
+ NSSDBG_DEFINE(C_Digest),
+#define FUNC_C_DIGESTUPDATE 39
+ NSSDBG_DEFINE(C_DigestUpdate),
+#define FUNC_C_DIGESTKEY 40
+ NSSDBG_DEFINE(C_DigestKey),
+#define FUNC_C_DIGESTFINAL 41
+ NSSDBG_DEFINE(C_DigestFinal),
+#define FUNC_C_SIGNINIT 42
+ NSSDBG_DEFINE(C_SignInit),
+#define FUNC_C_SIGN 43
+ NSSDBG_DEFINE(C_Sign),
+#define FUNC_C_SIGNUPDATE 44
+ NSSDBG_DEFINE(C_SignUpdate),
+#define FUNC_C_SIGNFINAL 45
+ NSSDBG_DEFINE(C_SignFinal),
+#define FUNC_C_SIGNRECOVERINIT 46
+ NSSDBG_DEFINE(C_SignRecoverInit),
+#define FUNC_C_SIGNRECOVER 47
+ NSSDBG_DEFINE(C_SignRecover),
+#define FUNC_C_VERIFYINIT 48
+ NSSDBG_DEFINE(C_VerifyInit),
+#define FUNC_C_VERIFY 49
+ NSSDBG_DEFINE(C_Verify),
+#define FUNC_C_VERIFYUPDATE 50
+ NSSDBG_DEFINE(C_VerifyUpdate),
+#define FUNC_C_VERIFYFINAL 51
+ NSSDBG_DEFINE(C_VerifyFinal),
+#define FUNC_C_VERIFYRECOVERINIT 52
+ NSSDBG_DEFINE(C_VerifyRecoverInit),
+#define FUNC_C_VERIFYRECOVER 53
+ NSSDBG_DEFINE(C_VerifyRecover),
+#define FUNC_C_DIGESTENCRYPTUPDATE 54
+ NSSDBG_DEFINE(C_DigestEncryptUpdate),
+#define FUNC_C_DECRYPTDIGESTUPDATE 55
+ NSSDBG_DEFINE(C_DecryptDigestUpdate),
+#define FUNC_C_SIGNENCRYPTUPDATE 56
+ NSSDBG_DEFINE(C_SignEncryptUpdate),
+#define FUNC_C_DECRYPTVERIFYUPDATE 57
+ NSSDBG_DEFINE(C_DecryptVerifyUpdate),
+#define FUNC_C_GENERATEKEY 58
+ NSSDBG_DEFINE(C_GenerateKey),
+#define FUNC_C_GENERATEKEYPAIR 59
+ NSSDBG_DEFINE(C_GenerateKeyPair),
+#define FUNC_C_WRAPKEY 60
+ NSSDBG_DEFINE(C_WrapKey),
+#define FUNC_C_UNWRAPKEY 61
+ NSSDBG_DEFINE(C_UnWrapKey),
+#define FUNC_C_DERIVEKEY 62
+ NSSDBG_DEFINE(C_DeriveKey),
+#define FUNC_C_SEEDRANDOM 63
+ NSSDBG_DEFINE(C_SeedRandom),
+#define FUNC_C_GENERATERANDOM 64
+ NSSDBG_DEFINE(C_GenerateRandom),
+#define FUNC_C_GETFUNCTIONSTATUS 65
+ NSSDBG_DEFINE(C_GetFunctionStatus),
+#define FUNC_C_CANCELFUNCTION 66
+ NSSDBG_DEFINE(C_CancelFunction),
+#define FUNC_C_WAITFORSLOTEVENT 67
+ NSSDBG_DEFINE(C_WaitForSlotEvent)
+};
+
+int nssdbg_prof_size = sizeof(nssdbg_prof_data) / sizeof(nssdbg_prof_data[0]);
+
+static void
+nssdbg_finish_time(PRInt32 fun_number, PRIntervalTime start)
+{
+ PRIntervalTime ival;
+ PRIntervalTime end = PR_IntervalNow();
+
+ ival = end - start;
+ /* sigh, lie to PRAtomic add and say we are using signed values */
+ PR_ATOMIC_ADD((PRInt32 *)&nssdbg_prof_data[fun_number].time, (PRInt32)ival);
+}
+
+static void
+nssdbg_start_time(PRInt32 fun_number, PRIntervalTime *start)
+{
+ PR_ATOMIC_INCREMENT((PRInt32 *)&nssdbg_prof_data[fun_number].calls);
+ *start = PR_IntervalNow();
+}
+
+#define COMMON_DEFINITIONS \
+ CK_RV rv; \
+ PRIntervalTime start
+
+CK_RV
+NSSDBGC_Initialize(
+ CK_VOID_PTR pInitArgs)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Initialize"));
+ PR_LOG(modlog, 3, (" pInitArgs = 0x%p", pInitArgs));
+ nssdbg_start_time(FUNC_C_INITIALIZE, &start);
+ rv = module_functions->C_Initialize(pInitArgs);
+ nssdbg_finish_time(FUNC_C_INITIALIZE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Finalize(
+ CK_VOID_PTR pReserved)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Finalize"));
+ PR_LOG(modlog, 3, (" pReserved = 0x%p", pReserved));
+ nssdbg_start_time(FUNC_C_FINALIZE, &start);
+ rv = module_functions->C_Finalize(pReserved);
+ nssdbg_finish_time(FUNC_C_FINALIZE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetInfo(
+ CK_INFO_PTR pInfo)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetInfo"));
+ PR_LOG(modlog, 3, (fmt_pInfo, pInfo));
+ nssdbg_start_time(FUNC_C_GETINFO, &start);
+ rv = module_functions->C_GetInfo(pInfo);
+ nssdbg_finish_time(FUNC_C_GETINFO, start);
+ if (rv == CKR_OK) {
+ PR_LOG(modlog, 4, (" cryptoki version: %d.%d",
+ pInfo->cryptokiVersion.major,
+ pInfo->cryptokiVersion.minor));
+ PR_LOG(modlog, 4, (fmt_manufacturerID, pInfo->manufacturerID));
+ PR_LOG(modlog, 4, (" library description = \"%.32s\"",
+ pInfo->libraryDescription));
+ PR_LOG(modlog, 4, (" library version: %d.%d",
+ pInfo->libraryVersion.major,
+ pInfo->libraryVersion.minor));
+ }
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetFunctionList(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetFunctionList"));
+ PR_LOG(modlog, 3, (" ppFunctionList = 0x%p", ppFunctionList));
+ nssdbg_start_time(FUNC_C_GETFUNCITONLIST, &start);
+ rv = module_functions->C_GetFunctionList(ppFunctionList);
+ nssdbg_finish_time(FUNC_C_GETFUNCITONLIST, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetSlotList(
+ CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList,
+ CK_ULONG_PTR pulCount)
+{
+ COMMON_DEFINITIONS;
+
+ CK_ULONG i;
+ PR_LOG(modlog, 1, ("C_GetSlotList"));
+ PR_LOG(modlog, 3, (" tokenPresent = 0x%x", tokenPresent));
+ PR_LOG(modlog, 3, (" pSlotList = 0x%p", pSlotList));
+ PR_LOG(modlog, 3, (fmt_pulCount, pulCount));
+ nssdbg_start_time(FUNC_C_GETSLOTLIST, &start);
+ rv = module_functions->C_GetSlotList(tokenPresent, pSlotList, pulCount);
+ nssdbg_finish_time(FUNC_C_GETSLOTLIST, start);
+ PR_LOG(modlog, 4, (fmt_spulCount, *pulCount));
+ if (pSlotList) {
+ for (i = 0; i < *pulCount; i++) {
+ PR_LOG(modlog, 4, (" slotID[%d] = %x", i, pSlotList[i]));
+ }
+ }
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetSlotInfo(
+ CK_SLOT_ID slotID,
+ CK_SLOT_INFO_PTR pInfo)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetSlotInfo"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ PR_LOG(modlog, 3, (fmt_pInfo, pInfo));
+ nssdbg_start_time(FUNC_C_GETSLOTINFO, &start);
+ rv = module_functions->C_GetSlotInfo(slotID, pInfo);
+ nssdbg_finish_time(FUNC_C_GETSLOTINFO, start);
+ if (rv == CKR_OK) {
+ PR_LOG(modlog, 4, (" slotDescription = \"%.64s\"",
+ pInfo->slotDescription));
+ PR_LOG(modlog, 4, (fmt_manufacturerID, pInfo->manufacturerID));
+ PR_LOG(modlog, 4, (" flags = %s %s %s",
+ pInfo->flags & CKF_HW_SLOT ? "CKF_HW_SLOT" : "",
+ pInfo->flags & CKF_REMOVABLE_DEVICE ? "CKF_REMOVABLE_DEVICE" : "",
+ pInfo->flags & CKF_TOKEN_PRESENT ? "CKF_TOKEN_PRESENT" : ""));
+ PR_LOG(modlog, 4, (fmt_hwVersion,
+ pInfo->hardwareVersion.major,
+ pInfo->hardwareVersion.minor));
+ PR_LOG(modlog, 4, (fmt_fwVersion,
+ pInfo->firmwareVersion.major,
+ pInfo->firmwareVersion.minor));
+ }
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetTokenInfo(
+ CK_SLOT_ID slotID,
+ CK_TOKEN_INFO_PTR pInfo)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetTokenInfo"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ PR_LOG(modlog, 3, (fmt_pInfo, pInfo));
+ nssdbg_start_time(FUNC_C_GETTOKENINFO, &start);
+ rv = module_functions->C_GetTokenInfo(slotID, pInfo);
+ nssdbg_finish_time(FUNC_C_GETTOKENINFO, start);
+ if (rv == CKR_OK) {
+ PR_LOG(modlog, 4, (" label = \"%.32s\"", pInfo->label));
+ PR_LOG(modlog, 4, (fmt_manufacturerID, pInfo->manufacturerID));
+ PR_LOG(modlog, 4, (" model = \"%.16s\"", pInfo->model));
+ PR_LOG(modlog, 4, (" serial = \"%.16s\"", pInfo->serialNumber));
+ PR_LOG(modlog, 4, (" flags = %s %s %s %s",
+ pInfo->flags & CKF_RNG ? "CKF_RNG" : "",
+ pInfo->flags & CKF_WRITE_PROTECTED ? "CKF_WRITE_PROTECTED" : "",
+ pInfo->flags & CKF_LOGIN_REQUIRED ? "CKF_LOGIN_REQUIRED" : "",
+ pInfo->flags & CKF_USER_PIN_INITIALIZED ? "CKF_USER_PIN_INIT" : ""));
+ PR_LOG(modlog, 4, (" maxSessions = %u, Sessions = %u",
+ pInfo->ulMaxSessionCount, pInfo->ulSessionCount));
+ PR_LOG(modlog, 4, (" maxRwSessions = %u, RwSessions = %u",
+ pInfo->ulMaxRwSessionCount,
+ pInfo->ulRwSessionCount));
+ /* ignore Max & Min Pin Len, Public and Private Memory */
+ PR_LOG(modlog, 4, (fmt_hwVersion,
+ pInfo->hardwareVersion.major,
+ pInfo->hardwareVersion.minor));
+ PR_LOG(modlog, 4, (fmt_fwVersion,
+ pInfo->firmwareVersion.major,
+ pInfo->firmwareVersion.minor));
+ }
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetMechanismList(
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetMechanismList"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ PR_LOG(modlog, 3, (" pMechanismList = 0x%p", pMechanismList));
+ PR_LOG(modlog, 3, (fmt_pulCount, pulCount));
+ nssdbg_start_time(FUNC_C_GETMECHANISMLIST, &start);
+ rv = module_functions->C_GetMechanismList(slotID,
+ pMechanismList,
+ pulCount);
+ nssdbg_finish_time(FUNC_C_GETMECHANISMLIST, start);
+ PR_LOG(modlog, 4, (fmt_spulCount, *pulCount));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetMechanismInfo(
+ CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetMechanismInfo"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ PR_LOG(modlog, 3, (" type = 0x%x", type));
+ PR_LOG(modlog, 3, (fmt_pInfo, pInfo));
+ nssdbg_start_time(FUNC_C_GETMECHANISMINFO, &start);
+ rv = module_functions->C_GetMechanismInfo(slotID,
+ type,
+ pInfo);
+ nssdbg_finish_time(FUNC_C_GETMECHANISMINFO, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_InitToken(
+ CK_SLOT_ID slotID,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen,
+ CK_CHAR_PTR pLabel)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_InitToken"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ PR_LOG(modlog, 3, (fmt_pPin, pPin));
+ PR_LOG(modlog, 3, (fmt_ulPinLen, ulPinLen));
+ PR_LOG(modlog, 3, (" pLabel = 0x%p", pLabel));
+ nssdbg_start_time(FUNC_C_INITTOKEN, &start);
+ rv = module_functions->C_InitToken(slotID,
+ pPin,
+ ulPinLen,
+ pLabel);
+ nssdbg_finish_time(FUNC_C_INITTOKEN, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_InitPIN(
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_InitPIN"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPin, pPin));
+ PR_LOG(modlog, 3, (fmt_ulPinLen, ulPinLen));
+ nssdbg_start_time(FUNC_C_INITPIN, &start);
+ rv = module_functions->C_InitPIN(hSession,
+ pPin,
+ ulPinLen);
+ nssdbg_finish_time(FUNC_C_INITPIN, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SetPIN(
+ CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen,
+ CK_CHAR_PTR pNewPin,
+ CK_ULONG ulNewLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SetPIN"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (" pOldPin = 0x%p", pOldPin));
+ PR_LOG(modlog, 3, (" ulOldLen = %d", ulOldLen));
+ PR_LOG(modlog, 3, (" pNewPin = 0x%p", pNewPin));
+ PR_LOG(modlog, 3, (" ulNewLen = %d", ulNewLen));
+ nssdbg_start_time(FUNC_C_SETPIN, &start);
+ rv = module_functions->C_SetPIN(hSession,
+ pOldPin,
+ ulOldLen,
+ pNewPin,
+ ulNewLen);
+ nssdbg_finish_time(FUNC_C_SETPIN, start);
+ log_rv(rv);
+ return rv;
+}
+
+static PRUint32 numOpenSessions = 0;
+static PRUint32 maxOpenSessions = 0;
+
+CK_RV
+NSSDBGC_OpenSession(
+ CK_SLOT_ID slotID,
+ CK_FLAGS flags,
+ CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify,
+ CK_SESSION_HANDLE_PTR phSession)
+{
+ COMMON_DEFINITIONS;
+
+ PR_ATOMIC_INCREMENT((PRInt32 *)&numOpenSessions);
+ maxOpenSessions = PR_MAX(numOpenSessions, maxOpenSessions);
+ PR_LOG(modlog, 1, ("C_OpenSession"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ PR_LOG(modlog, 3, (fmt_flags, flags));
+ PR_LOG(modlog, 3, (" pApplication = 0x%p", pApplication));
+ PR_LOG(modlog, 3, (" Notify = 0x%x", Notify));
+ PR_LOG(modlog, 3, (" phSession = 0x%p", phSession));
+ nssdbg_start_time(FUNC_C_OPENSESSION, &start);
+ rv = module_functions->C_OpenSession(slotID,
+ flags,
+ pApplication,
+ Notify,
+ phSession);
+ nssdbg_finish_time(FUNC_C_OPENSESSION, start);
+ log_handle(4, " *phSession = 0x%x", *phSession);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_CloseSession(
+ CK_SESSION_HANDLE hSession)
+{
+ COMMON_DEFINITIONS;
+
+ PR_ATOMIC_DECREMENT((PRInt32 *)&numOpenSessions);
+ PR_LOG(modlog, 1, ("C_CloseSession"));
+ log_handle(3, fmt_hSession, hSession);
+ nssdbg_start_time(FUNC_C_CLOSESESSION, &start);
+ rv = module_functions->C_CloseSession(hSession);
+ nssdbg_finish_time(FUNC_C_CLOSESESSION, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_CloseAllSessions(
+ CK_SLOT_ID slotID)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_CloseAllSessions"));
+ PR_LOG(modlog, 3, (fmt_slotID, slotID));
+ nssdbg_start_time(FUNC_C_CLOSEALLSESSIONS, &start);
+ rv = module_functions->C_CloseAllSessions(slotID);
+ nssdbg_finish_time(FUNC_C_CLOSEALLSESSIONS, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetSessionInfo(
+ CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetSessionInfo"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pInfo, pInfo));
+ nssdbg_start_time(FUNC_C_GETSESSIONINFO, &start);
+ rv = module_functions->C_GetSessionInfo(hSession,
+ pInfo);
+ nssdbg_finish_time(FUNC_C_GETSESSIONINFO, start);
+ if (rv == CKR_OK) {
+ PR_LOG(modlog, 4, (fmt_slotID, pInfo->slotID));
+ log_state(pInfo->state);
+ PR_LOG(modlog, 4, (" flags = %s %s",
+ pInfo->flags & CKF_RW_SESSION ? "CKF_RW_SESSION" : "",
+ pInfo->flags & CKF_SERIAL_SESSION ? "CKF_SERIAL_SESSION" : ""));
+ PR_LOG(modlog, 4, (" deviceError = 0x%x", pInfo->ulDeviceError));
+ }
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetOperationState(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetOperationState"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pOperationState, pOperationState));
+ PR_LOG(modlog, 3, (" pulOperationStateLen = 0x%p", pulOperationStateLen));
+ nssdbg_start_time(FUNC_C_GETOPERATIONSTATE, &start);
+ rv = module_functions->C_GetOperationState(hSession,
+ pOperationState,
+ pulOperationStateLen);
+ nssdbg_finish_time(FUNC_C_GETOPERATIONSTATE, start);
+ PR_LOG(modlog, 4, (" *pulOperationStateLen = 0x%x", *pulOperationStateLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SetOperationState(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SetOperationState"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pOperationState, pOperationState));
+ PR_LOG(modlog, 3, (" ulOperationStateLen = %d", ulOperationStateLen));
+ log_handle(3, " hEncryptionKey = 0x%x", hEncryptionKey);
+ log_handle(3, " hAuthenticationKey = 0x%x", hAuthenticationKey);
+ nssdbg_start_time(FUNC_C_SETOPERATIONSTATE, &start);
+ rv = module_functions->C_SetOperationState(hSession,
+ pOperationState,
+ ulOperationStateLen,
+ hEncryptionKey,
+ hAuthenticationKey);
+ nssdbg_finish_time(FUNC_C_SETOPERATIONSTATE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Login(
+ CK_SESSION_HANDLE hSession,
+ CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Login"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (" userType = 0x%x", userType));
+ PR_LOG(modlog, 3, (fmt_pPin, pPin));
+ PR_LOG(modlog, 3, (fmt_ulPinLen, ulPinLen));
+ nssdbg_start_time(FUNC_C_LOGIN, &start);
+ rv = module_functions->C_Login(hSession,
+ userType,
+ pPin,
+ ulPinLen);
+ nssdbg_finish_time(FUNC_C_LOGIN, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Logout(
+ CK_SESSION_HANDLE hSession)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Logout"));
+ log_handle(3, fmt_hSession, hSession);
+ nssdbg_start_time(FUNC_C_LOGOUT, &start);
+ rv = module_functions->C_Logout(hSession);
+ nssdbg_finish_time(FUNC_C_LOGOUT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_CreateObject(
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_CreateObject"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulCount, ulCount));
+ PR_LOG(modlog, 3, (fmt_phObject, phObject));
+ print_template(pTemplate, ulCount);
+ nssdbg_start_time(FUNC_C_CREATEOBJECT, &start);
+ rv = module_functions->C_CreateObject(hSession,
+ pTemplate,
+ ulCount,
+ phObject);
+ nssdbg_finish_time(FUNC_C_CREATEOBJECT, start);
+ log_handle(4, " *phObject = 0x%x", *phObject);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_CopyObject(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_CopyObject"));
+ log_handle(3, fmt_hSession, hSession);
+ log_handle(3, fmt_hObject, hObject);
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulCount, ulCount));
+ PR_LOG(modlog, 3, (" phNewObject = 0x%p", phNewObject));
+ print_template(pTemplate, ulCount);
+ nssdbg_start_time(FUNC_C_COPYOBJECT, &start);
+ rv = module_functions->C_CopyObject(hSession,
+ hObject,
+ pTemplate,
+ ulCount,
+ phNewObject);
+ nssdbg_finish_time(FUNC_C_COPYOBJECT, start);
+ log_handle(4, " *phNewObject = 0x%x", *phNewObject);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DestroyObject(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DestroyObject"));
+ log_handle(3, fmt_hSession, hSession);
+ log_handle(3, fmt_hObject, hObject);
+ nssdbg_start_time(FUNC_C_DESTROYOBJECT, &start);
+ rv = module_functions->C_DestroyObject(hSession,
+ hObject);
+ nssdbg_finish_time(FUNC_C_DESTROYOBJECT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetObjectSize(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetObjectSize"));
+ log_handle(3, fmt_hSession, hSession);
+ log_handle(3, fmt_hObject, hObject);
+ PR_LOG(modlog, 3, (" pulSize = 0x%p", pulSize));
+ nssdbg_start_time(FUNC_C_GETOBJECTSIZE, &start);
+ rv = module_functions->C_GetObjectSize(hSession,
+ hObject,
+ pulSize);
+ nssdbg_finish_time(FUNC_C_GETOBJECTSIZE, start);
+ PR_LOG(modlog, 4, (" *pulSize = 0x%x", *pulSize));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetAttributeValue(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetAttributeValue"));
+ log_handle(3, fmt_hSession, hSession);
+ log_handle(3, fmt_hObject, hObject);
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulCount, ulCount));
+ nssdbg_start_time(FUNC_C_GETATTRIBUTEVALUE, &start);
+ rv = module_functions->C_GetAttributeValue(hSession,
+ hObject,
+ pTemplate,
+ ulCount);
+ nssdbg_finish_time(FUNC_C_GETATTRIBUTEVALUE, start);
+ print_template(pTemplate, ulCount);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SetAttributeValue(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SetAttributeValue"));
+ log_handle(3, fmt_hSession, hSession);
+ log_handle(3, fmt_hObject, hObject);
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulCount, ulCount));
+ print_template(pTemplate, ulCount);
+ nssdbg_start_time(FUNC_C_SETATTRIBUTEVALUE, &start);
+ rv = module_functions->C_SetAttributeValue(hSession,
+ hObject,
+ pTemplate,
+ ulCount);
+ nssdbg_finish_time(FUNC_C_SETATTRIBUTEVALUE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_FindObjectsInit(
+ CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_FindObjectsInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulCount, ulCount));
+ print_template(pTemplate, ulCount);
+ nssdbg_start_time(FUNC_C_FINDOBJECTSINIT, &start);
+ rv = module_functions->C_FindObjectsInit(hSession,
+ pTemplate,
+ ulCount);
+ nssdbg_finish_time(FUNC_C_FINDOBJECTSINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_FindObjects(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount)
+{
+ COMMON_DEFINITIONS;
+ CK_ULONG i;
+
+ PR_LOG(modlog, 1, ("C_FindObjects"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_phObject, phObject));
+ PR_LOG(modlog, 3, (" ulMaxObjectCount = %d", ulMaxObjectCount));
+ PR_LOG(modlog, 3, (" pulObjectCount = 0x%p", pulObjectCount));
+ nssdbg_start_time(FUNC_C_FINDOBJECTS, &start);
+ rv = module_functions->C_FindObjects(hSession,
+ phObject,
+ ulMaxObjectCount,
+ pulObjectCount);
+ nssdbg_finish_time(FUNC_C_FINDOBJECTS, start);
+ PR_LOG(modlog, 4, (" *pulObjectCount = 0x%x", *pulObjectCount));
+ for (i = 0; i < *pulObjectCount; i++) {
+ PR_LOG(modlog, 4, (" phObject[%d] = 0x%x%s", i, phObject[i],
+ phObject[i] ? "" : fmt_invalid_handle));
+ }
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_FindObjectsFinal(
+ CK_SESSION_HANDLE hSession)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_FindObjectsFinal"));
+ log_handle(3, fmt_hSession, hSession);
+ nssdbg_start_time(FUNC_C_FINDOBJECTSFINAL, &start);
+ rv = module_functions->C_FindObjectsFinal(hSession);
+ nssdbg_finish_time(FUNC_C_FINDOBJECTSFINAL, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_EncryptInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_EncryptInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, fmt_hKey, hKey);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_ENCRYPTINIT, &start);
+ rv = module_functions->C_EncryptInit(hSession,
+ pMechanism,
+ hKey);
+ nssdbg_finish_time(FUNC_C_ENCRYPTINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Encrypt(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Encrypt"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_ulDataLen, ulDataLen));
+ PR_LOG(modlog, 3, (fmt_pEncryptedData, pEncryptedData));
+ PR_LOG(modlog, 3, (" pulEncryptedDataLen = 0x%p", pulEncryptedDataLen));
+ nssdbg_start_time(FUNC_C_ENCRYPT, &start);
+ rv = module_functions->C_Encrypt(hSession,
+ pData,
+ ulDataLen,
+ pEncryptedData,
+ pulEncryptedDataLen);
+ nssdbg_finish_time(FUNC_C_ENCRYPT, start);
+ PR_LOG(modlog, 4, (" *pulEncryptedDataLen = 0x%x", *pulEncryptedDataLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_EncryptUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_EncryptUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_ulPartLen, ulPartLen));
+ PR_LOG(modlog, 3, (fmt_pEncryptedPart, pEncryptedPart));
+ PR_LOG(modlog, 3, (fmt_pulEncryptedPartLen, pulEncryptedPartLen));
+ nssdbg_start_time(FUNC_C_ENCRYPTUPDATE, &start);
+ rv = module_functions->C_EncryptUpdate(hSession,
+ pPart,
+ ulPartLen,
+ pEncryptedPart,
+ pulEncryptedPartLen);
+ nssdbg_finish_time(FUNC_C_ENCRYPTUPDATE, start);
+ PR_LOG(modlog, 4, (fmt_spulEncryptedPartLen, *pulEncryptedPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_EncryptFinal(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_EncryptFinal"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (" pLastEncryptedPart = 0x%p", pLastEncryptedPart));
+ PR_LOG(modlog, 3, (" pulLastEncryptedPartLen = 0x%p", pulLastEncryptedPartLen));
+ nssdbg_start_time(FUNC_C_ENCRYPTFINAL, &start);
+ rv = module_functions->C_EncryptFinal(hSession,
+ pLastEncryptedPart,
+ pulLastEncryptedPartLen);
+ nssdbg_finish_time(FUNC_C_ENCRYPTFINAL, start);
+ PR_LOG(modlog, 4, (" *pulLastEncryptedPartLen = 0x%x", *pulLastEncryptedPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DecryptInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DecryptInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, fmt_hKey, hKey);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_DECRYPTINIT, &start);
+ rv = module_functions->C_DecryptInit(hSession,
+ pMechanism,
+ hKey);
+ nssdbg_finish_time(FUNC_C_DECRYPTINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Decrypt(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData,
+ CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Decrypt"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pEncryptedData, pEncryptedData));
+ PR_LOG(modlog, 3, (" ulEncryptedDataLen = %d", ulEncryptedDataLen));
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_pulDataLen, pulDataLen));
+ nssdbg_start_time(FUNC_C_DECRYPT, &start);
+ rv = module_functions->C_Decrypt(hSession,
+ pEncryptedData,
+ ulEncryptedDataLen,
+ pData,
+ pulDataLen);
+ nssdbg_finish_time(FUNC_C_DECRYPT, start);
+ PR_LOG(modlog, 4, (fmt_spulDataLen, *pulDataLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DecryptUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DecryptUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pEncryptedPart, pEncryptedPart));
+ PR_LOG(modlog, 3, (fmt_ulEncryptedPartLen, ulEncryptedPartLen));
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_pulPartLen, pulPartLen));
+ nssdbg_start_time(FUNC_C_DECRYPTUPDATE, &start);
+ rv = module_functions->C_DecryptUpdate(hSession,
+ pEncryptedPart,
+ ulEncryptedPartLen,
+ pPart,
+ pulPartLen);
+ nssdbg_finish_time(FUNC_C_DECRYPTUPDATE, start);
+ PR_LOG(modlog, 4, (fmt_spulPartLen, *pulPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DecryptFinal(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DecryptFinal"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (" pLastPart = 0x%p", pLastPart));
+ PR_LOG(modlog, 3, (" pulLastPartLen = 0x%p", pulLastPartLen));
+ nssdbg_start_time(FUNC_C_DECRYPTFINAL, &start);
+ rv = module_functions->C_DecryptFinal(hSession,
+ pLastPart,
+ pulLastPartLen);
+ nssdbg_finish_time(FUNC_C_DECRYPTFINAL, start);
+ PR_LOG(modlog, 4, (" *pulLastPartLen = 0x%x", *pulLastPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DigestInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DigestInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_DIGESTINIT, &start);
+ rv = module_functions->C_DigestInit(hSession,
+ pMechanism);
+ nssdbg_finish_time(FUNC_C_DIGESTINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Digest(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Digest"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_ulDataLen, ulDataLen));
+ PR_LOG(modlog, 3, (fmt_pDigest, pDigest));
+ PR_LOG(modlog, 3, (fmt_pulDigestLen, pulDigestLen));
+ nssdbg_start_time(FUNC_C_DIGEST, &start);
+ rv = module_functions->C_Digest(hSession,
+ pData,
+ ulDataLen,
+ pDigest,
+ pulDigestLen);
+ nssdbg_finish_time(FUNC_C_DIGEST, start);
+ PR_LOG(modlog, 4, (fmt_spulDigestLen, *pulDigestLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DigestUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DigestUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_ulPartLen, ulPartLen));
+ nssdbg_start_time(FUNC_C_DIGESTUPDATE, &start);
+ rv = module_functions->C_DigestUpdate(hSession,
+ pPart,
+ ulPartLen);
+ nssdbg_finish_time(FUNC_C_DIGESTUPDATE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DigestKey(
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DigestKey"));
+ log_handle(3, fmt_hSession, hSession);
+ nssdbg_start_time(FUNC_C_DIGESTKEY, &start);
+ rv = module_functions->C_DigestKey(hSession,
+ hKey);
+ nssdbg_finish_time(FUNC_C_DIGESTKEY, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DigestFinal(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DigestFinal"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pDigest, pDigest));
+ PR_LOG(modlog, 3, (fmt_pulDigestLen, pulDigestLen));
+ nssdbg_start_time(FUNC_C_DIGESTFINAL, &start);
+ rv = module_functions->C_DigestFinal(hSession,
+ pDigest,
+ pulDigestLen);
+ nssdbg_finish_time(FUNC_C_DIGESTFINAL, start);
+ PR_LOG(modlog, 4, (fmt_spulDigestLen, *pulDigestLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SignInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SignInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, fmt_hKey, hKey);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_SIGNINIT, &start);
+ rv = module_functions->C_SignInit(hSession,
+ pMechanism,
+ hKey);
+ nssdbg_finish_time(FUNC_C_SIGNINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Sign(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Sign"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_ulDataLen, ulDataLen));
+ PR_LOG(modlog, 3, (fmt_pSignature, pSignature));
+ PR_LOG(modlog, 3, (fmt_pulSignatureLen, pulSignatureLen));
+ nssdbg_start_time(FUNC_C_SIGN, &start);
+ rv = module_functions->C_Sign(hSession,
+ pData,
+ ulDataLen,
+ pSignature,
+ pulSignatureLen);
+ nssdbg_finish_time(FUNC_C_SIGN, start);
+ PR_LOG(modlog, 4, (fmt_spulSignatureLen, *pulSignatureLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SignUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SignUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_ulPartLen, ulPartLen));
+ nssdbg_start_time(FUNC_C_SIGNUPDATE, &start);
+ rv = module_functions->C_SignUpdate(hSession,
+ pPart,
+ ulPartLen);
+ nssdbg_finish_time(FUNC_C_SIGNUPDATE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SignFinal(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SignFinal"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pSignature, pSignature));
+ PR_LOG(modlog, 3, (fmt_pulSignatureLen, pulSignatureLen));
+ nssdbg_start_time(FUNC_C_SIGNFINAL, &start);
+ rv = module_functions->C_SignFinal(hSession,
+ pSignature,
+ pulSignatureLen);
+ nssdbg_finish_time(FUNC_C_SIGNFINAL, start);
+ PR_LOG(modlog, 4, (fmt_spulSignatureLen, *pulSignatureLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SignRecoverInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SignRecoverInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, fmt_hKey, hKey);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_SIGNRECOVERINIT, &start);
+ rv = module_functions->C_SignRecoverInit(hSession,
+ pMechanism,
+ hKey);
+ nssdbg_finish_time(FUNC_C_SIGNRECOVERINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SignRecover(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SignRecover"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_ulDataLen, ulDataLen));
+ PR_LOG(modlog, 3, (fmt_pSignature, pSignature));
+ PR_LOG(modlog, 3, (fmt_pulSignatureLen, pulSignatureLen));
+ nssdbg_start_time(FUNC_C_SIGNRECOVER, &start);
+ rv = module_functions->C_SignRecover(hSession,
+ pData,
+ ulDataLen,
+ pSignature,
+ pulSignatureLen);
+ nssdbg_finish_time(FUNC_C_SIGNRECOVER, start);
+ PR_LOG(modlog, 4, (fmt_spulSignatureLen, *pulSignatureLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_VerifyInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_VerifyInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, fmt_hKey, hKey);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_VERIFYINIT, &start);
+ rv = module_functions->C_VerifyInit(hSession,
+ pMechanism,
+ hKey);
+ nssdbg_finish_time(FUNC_C_VERIFYINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_Verify(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_Verify"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_ulDataLen, ulDataLen));
+ PR_LOG(modlog, 3, (fmt_pSignature, pSignature));
+ PR_LOG(modlog, 3, (fmt_ulSignatureLen, ulSignatureLen));
+ nssdbg_start_time(FUNC_C_VERIFY, &start);
+ rv = module_functions->C_Verify(hSession,
+ pData,
+ ulDataLen,
+ pSignature,
+ ulSignatureLen);
+ nssdbg_finish_time(FUNC_C_VERIFY, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_VerifyUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_VerifyUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_ulPartLen, ulPartLen));
+ nssdbg_start_time(FUNC_C_VERIFYUPDATE, &start);
+ rv = module_functions->C_VerifyUpdate(hSession,
+ pPart,
+ ulPartLen);
+ nssdbg_finish_time(FUNC_C_VERIFYUPDATE, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_VerifyFinal(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_VerifyFinal"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pSignature, pSignature));
+ PR_LOG(modlog, 3, (fmt_ulSignatureLen, ulSignatureLen));
+ nssdbg_start_time(FUNC_C_VERIFYFINAL, &start);
+ rv = module_functions->C_VerifyFinal(hSession,
+ pSignature,
+ ulSignatureLen);
+ nssdbg_finish_time(FUNC_C_VERIFYFINAL, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_VerifyRecoverInit(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_VerifyRecoverInit"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, fmt_hKey, hKey);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_VERIFYRECOVERINIT, &start);
+ rv = module_functions->C_VerifyRecoverInit(hSession,
+ pMechanism,
+ hKey);
+ nssdbg_finish_time(FUNC_C_VERIFYRECOVERINIT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_VerifyRecover(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature,
+ CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_VerifyRecover"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pSignature, pSignature));
+ PR_LOG(modlog, 3, (fmt_ulSignatureLen, ulSignatureLen));
+ PR_LOG(modlog, 3, (fmt_pData, pData));
+ PR_LOG(modlog, 3, (fmt_pulDataLen, pulDataLen));
+ nssdbg_start_time(FUNC_C_VERIFYRECOVER, &start);
+ rv = module_functions->C_VerifyRecover(hSession,
+ pSignature,
+ ulSignatureLen,
+ pData,
+ pulDataLen);
+ nssdbg_finish_time(FUNC_C_VERIFYRECOVER, start);
+ PR_LOG(modlog, 4, (fmt_spulDataLen, *pulDataLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DigestEncryptUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DigestEncryptUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_ulPartLen, ulPartLen));
+ PR_LOG(modlog, 3, (fmt_pEncryptedPart, pEncryptedPart));
+ PR_LOG(modlog, 3, (fmt_pulEncryptedPartLen, pulEncryptedPartLen));
+ nssdbg_start_time(FUNC_C_DIGESTENCRYPTUPDATE, &start);
+ rv = module_functions->C_DigestEncryptUpdate(hSession,
+ pPart,
+ ulPartLen,
+ pEncryptedPart,
+ pulEncryptedPartLen);
+ nssdbg_finish_time(FUNC_C_DIGESTENCRYPTUPDATE, start);
+ PR_LOG(modlog, 4, (fmt_spulEncryptedPartLen, *pulEncryptedPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DecryptDigestUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DecryptDigestUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pEncryptedPart, pEncryptedPart));
+ PR_LOG(modlog, 3, (fmt_ulEncryptedPartLen, ulEncryptedPartLen));
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_pulPartLen, pulPartLen));
+ nssdbg_start_time(FUNC_C_DECRYPTDIGESTUPDATE, &start);
+ rv = module_functions->C_DecryptDigestUpdate(hSession,
+ pEncryptedPart,
+ ulEncryptedPartLen,
+ pPart,
+ pulPartLen);
+ nssdbg_finish_time(FUNC_C_DECRYPTDIGESTUPDATE, start);
+ PR_LOG(modlog, 4, (fmt_spulPartLen, *pulPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SignEncryptUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SignEncryptUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_ulPartLen, ulPartLen));
+ PR_LOG(modlog, 3, (fmt_pEncryptedPart, pEncryptedPart));
+ PR_LOG(modlog, 3, (fmt_pulEncryptedPartLen, pulEncryptedPartLen));
+ nssdbg_start_time(FUNC_C_SIGNENCRYPTUPDATE, &start);
+ rv = module_functions->C_SignEncryptUpdate(hSession,
+ pPart,
+ ulPartLen,
+ pEncryptedPart,
+ pulEncryptedPartLen);
+ nssdbg_finish_time(FUNC_C_SIGNENCRYPTUPDATE, start);
+ PR_LOG(modlog, 4, (fmt_spulEncryptedPartLen, *pulEncryptedPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DecryptVerifyUpdate(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DecryptVerifyUpdate"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pEncryptedPart, pEncryptedPart));
+ PR_LOG(modlog, 3, (fmt_ulEncryptedPartLen, ulEncryptedPartLen));
+ PR_LOG(modlog, 3, (fmt_pPart, pPart));
+ PR_LOG(modlog, 3, (fmt_pulPartLen, pulPartLen));
+ nssdbg_start_time(FUNC_C_DECRYPTVERIFYUPDATE, &start);
+ rv = module_functions->C_DecryptVerifyUpdate(hSession,
+ pEncryptedPart,
+ ulEncryptedPartLen,
+ pPart,
+ pulPartLen);
+ nssdbg_finish_time(FUNC_C_DECRYPTVERIFYUPDATE, start);
+ PR_LOG(modlog, 4, (fmt_spulPartLen, *pulPartLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GenerateKey(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GenerateKey"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulCount, ulCount));
+ PR_LOG(modlog, 3, (fmt_phKey, phKey));
+ print_template(pTemplate, ulCount);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_GENERATEKEY, &start);
+ rv = module_functions->C_GenerateKey(hSession,
+ pMechanism,
+ pTemplate,
+ ulCount,
+ phKey);
+ nssdbg_finish_time(FUNC_C_GENERATEKEY, start);
+ log_handle(4, fmt_sphKey, *phKey);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GenerateKeyPair(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GenerateKeyPair"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ PR_LOG(modlog, 3, (" pPublicKeyTemplate = 0x%p", pPublicKeyTemplate));
+ PR_LOG(modlog, 3, (" ulPublicKeyAttributeCount = %d", ulPublicKeyAttributeCount));
+ PR_LOG(modlog, 3, (" pPrivateKeyTemplate = 0x%p", pPrivateKeyTemplate));
+ PR_LOG(modlog, 3, (" ulPrivateKeyAttributeCount = %d", ulPrivateKeyAttributeCount));
+ PR_LOG(modlog, 3, (" phPublicKey = 0x%p", phPublicKey));
+ print_template(pPublicKeyTemplate, ulPublicKeyAttributeCount);
+ PR_LOG(modlog, 3, (" phPrivateKey = 0x%p", phPrivateKey));
+ print_template(pPrivateKeyTemplate, ulPrivateKeyAttributeCount);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_GENERATEKEYPAIR, &start);
+ rv = module_functions->C_GenerateKeyPair(hSession,
+ pMechanism,
+ pPublicKeyTemplate,
+ ulPublicKeyAttributeCount,
+ pPrivateKeyTemplate,
+ ulPrivateKeyAttributeCount,
+ phPublicKey,
+ phPrivateKey);
+ nssdbg_finish_time(FUNC_C_GENERATEKEYPAIR, start);
+ log_handle(4, " *phPublicKey = 0x%x", *phPublicKey);
+ log_handle(4, " *phPrivateKey = 0x%x", *phPrivateKey);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_WrapKey(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_WrapKey"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, " hWrappingKey = 0x%x", hWrappingKey);
+ log_handle(3, fmt_hKey, hKey);
+ PR_LOG(modlog, 3, (fmt_pWrappedKey, pWrappedKey));
+ PR_LOG(modlog, 3, (" pulWrappedKeyLen = 0x%p", pulWrappedKeyLen));
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_WRAPKEY, &start);
+ rv = module_functions->C_WrapKey(hSession,
+ pMechanism,
+ hWrappingKey,
+ hKey,
+ pWrappedKey,
+ pulWrappedKeyLen);
+ nssdbg_finish_time(FUNC_C_WRAPKEY, start);
+ PR_LOG(modlog, 4, (" *pulWrappedKeyLen = 0x%x", *pulWrappedKeyLen));
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_UnwrapKey(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_UnwrapKey"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, " hUnwrappingKey = 0x%x", hUnwrappingKey);
+ PR_LOG(modlog, 3, (fmt_pWrappedKey, pWrappedKey));
+ PR_LOG(modlog, 3, (" ulWrappedKeyLen = %d", ulWrappedKeyLen));
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulAttributeCount, ulAttributeCount));
+ PR_LOG(modlog, 3, (fmt_phKey, phKey));
+ print_template(pTemplate, ulAttributeCount);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_UNWRAPKEY, &start);
+ rv = module_functions->C_UnwrapKey(hSession,
+ pMechanism,
+ hUnwrappingKey,
+ pWrappedKey,
+ ulWrappedKeyLen,
+ pTemplate,
+ ulAttributeCount,
+ phKey);
+ nssdbg_finish_time(FUNC_C_UNWRAPKEY, start);
+ log_handle(4, fmt_sphKey, *phKey);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_DeriveKey(
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_DeriveKey"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (fmt_pMechanism, pMechanism));
+ log_handle(3, " hBaseKey = 0x%x", hBaseKey);
+ PR_LOG(modlog, 3, (fmt_pTemplate, pTemplate));
+ PR_LOG(modlog, 3, (fmt_ulAttributeCount, ulAttributeCount));
+ PR_LOG(modlog, 3, (fmt_phKey, phKey));
+ print_template(pTemplate, ulAttributeCount);
+ print_mechanism(pMechanism);
+ nssdbg_start_time(FUNC_C_DERIVEKEY, &start);
+ rv = module_functions->C_DeriveKey(hSession,
+ pMechanism,
+ hBaseKey,
+ pTemplate,
+ ulAttributeCount,
+ phKey);
+ nssdbg_finish_time(FUNC_C_DERIVEKEY, start);
+ log_handle(4, fmt_sphKey, *phKey);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_SeedRandom(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_SeedRandom"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (" pSeed = 0x%p", pSeed));
+ PR_LOG(modlog, 3, (" ulSeedLen = %d", ulSeedLen));
+ nssdbg_start_time(FUNC_C_SEEDRANDOM, &start);
+ rv = module_functions->C_SeedRandom(hSession,
+ pSeed,
+ ulSeedLen);
+ nssdbg_finish_time(FUNC_C_SEEDRANDOM, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GenerateRandom(
+ CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR RandomData,
+ CK_ULONG ulRandomLen)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GenerateRandom"));
+ log_handle(3, fmt_hSession, hSession);
+ PR_LOG(modlog, 3, (" RandomData = 0x%p", RandomData));
+ PR_LOG(modlog, 3, (" ulRandomLen = %d", ulRandomLen));
+ nssdbg_start_time(FUNC_C_GENERATERANDOM, &start);
+ rv = module_functions->C_GenerateRandom(hSession,
+ RandomData,
+ ulRandomLen);
+ nssdbg_finish_time(FUNC_C_GENERATERANDOM, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_GetFunctionStatus(
+ CK_SESSION_HANDLE hSession)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_GetFunctionStatus"));
+ log_handle(3, fmt_hSession, hSession);
+ nssdbg_start_time(FUNC_C_GETFUNCTIONSTATUS, &start);
+ rv = module_functions->C_GetFunctionStatus(hSession);
+ nssdbg_finish_time(FUNC_C_GETFUNCTIONSTATUS, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_CancelFunction(
+ CK_SESSION_HANDLE hSession)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_CancelFunction"));
+ log_handle(3, fmt_hSession, hSession);
+ nssdbg_start_time(FUNC_C_CANCELFUNCTION, &start);
+ rv = module_functions->C_CancelFunction(hSession);
+ nssdbg_finish_time(FUNC_C_CANCELFUNCTION, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_RV
+NSSDBGC_WaitForSlotEvent(
+ CK_FLAGS flags,
+ CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pRserved)
+{
+ COMMON_DEFINITIONS;
+
+ PR_LOG(modlog, 1, ("C_WaitForSlotEvent"));
+ PR_LOG(modlog, 3, (fmt_flags, flags));
+ PR_LOG(modlog, 3, (" pSlot = 0x%p", pSlot));
+ PR_LOG(modlog, 3, (" pRserved = 0x%p", pRserved));
+ nssdbg_start_time(FUNC_C_WAITFORSLOTEVENT, &start);
+ rv = module_functions->C_WaitForSlotEvent(flags,
+ pSlot,
+ pRserved);
+ nssdbg_finish_time(FUNC_C_WAITFORSLOTEVENT, start);
+ log_rv(rv);
+ return rv;
+}
+
+CK_FUNCTION_LIST_PTR
+nss_InsertDeviceLog(
+ CK_FUNCTION_LIST_PTR devEPV)
+{
+ module_functions = devEPV;
+ modlog = PR_NewLogModule("nss_mod_log");
+ debug_functions.C_Initialize = NSSDBGC_Initialize;
+ debug_functions.C_Finalize = NSSDBGC_Finalize;
+ debug_functions.C_GetInfo = NSSDBGC_GetInfo;
+ debug_functions.C_GetFunctionList = NSSDBGC_GetFunctionList;
+ debug_functions.C_GetSlotList = NSSDBGC_GetSlotList;
+ debug_functions.C_GetSlotInfo = NSSDBGC_GetSlotInfo;
+ debug_functions.C_GetTokenInfo = NSSDBGC_GetTokenInfo;
+ debug_functions.C_GetMechanismList = NSSDBGC_GetMechanismList;
+ debug_functions.C_GetMechanismInfo = NSSDBGC_GetMechanismInfo;
+ debug_functions.C_InitToken = NSSDBGC_InitToken;
+ debug_functions.C_InitPIN = NSSDBGC_InitPIN;
+ debug_functions.C_SetPIN = NSSDBGC_SetPIN;
+ debug_functions.C_OpenSession = NSSDBGC_OpenSession;
+ debug_functions.C_CloseSession = NSSDBGC_CloseSession;
+ debug_functions.C_CloseAllSessions = NSSDBGC_CloseAllSessions;
+ debug_functions.C_GetSessionInfo = NSSDBGC_GetSessionInfo;
+ debug_functions.C_GetOperationState = NSSDBGC_GetOperationState;
+ debug_functions.C_SetOperationState = NSSDBGC_SetOperationState;
+ debug_functions.C_Login = NSSDBGC_Login;
+ debug_functions.C_Logout = NSSDBGC_Logout;
+ debug_functions.C_CreateObject = NSSDBGC_CreateObject;
+ debug_functions.C_CopyObject = NSSDBGC_CopyObject;
+ debug_functions.C_DestroyObject = NSSDBGC_DestroyObject;
+ debug_functions.C_GetObjectSize = NSSDBGC_GetObjectSize;
+ debug_functions.C_GetAttributeValue = NSSDBGC_GetAttributeValue;
+ debug_functions.C_SetAttributeValue = NSSDBGC_SetAttributeValue;
+ debug_functions.C_FindObjectsInit = NSSDBGC_FindObjectsInit;
+ debug_functions.C_FindObjects = NSSDBGC_FindObjects;
+ debug_functions.C_FindObjectsFinal = NSSDBGC_FindObjectsFinal;
+ debug_functions.C_EncryptInit = NSSDBGC_EncryptInit;
+ debug_functions.C_Encrypt = NSSDBGC_Encrypt;
+ debug_functions.C_EncryptUpdate = NSSDBGC_EncryptUpdate;
+ debug_functions.C_EncryptFinal = NSSDBGC_EncryptFinal;
+ debug_functions.C_DecryptInit = NSSDBGC_DecryptInit;
+ debug_functions.C_Decrypt = NSSDBGC_Decrypt;
+ debug_functions.C_DecryptUpdate = NSSDBGC_DecryptUpdate;
+ debug_functions.C_DecryptFinal = NSSDBGC_DecryptFinal;
+ debug_functions.C_DigestInit = NSSDBGC_DigestInit;
+ debug_functions.C_Digest = NSSDBGC_Digest;
+ debug_functions.C_DigestUpdate = NSSDBGC_DigestUpdate;
+ debug_functions.C_DigestKey = NSSDBGC_DigestKey;
+ debug_functions.C_DigestFinal = NSSDBGC_DigestFinal;
+ debug_functions.C_SignInit = NSSDBGC_SignInit;
+ debug_functions.C_Sign = NSSDBGC_Sign;
+ debug_functions.C_SignUpdate = NSSDBGC_SignUpdate;
+ debug_functions.C_SignFinal = NSSDBGC_SignFinal;
+ debug_functions.C_SignRecoverInit = NSSDBGC_SignRecoverInit;
+ debug_functions.C_SignRecover = NSSDBGC_SignRecover;
+ debug_functions.C_VerifyInit = NSSDBGC_VerifyInit;
+ debug_functions.C_Verify = NSSDBGC_Verify;
+ debug_functions.C_VerifyUpdate = NSSDBGC_VerifyUpdate;
+ debug_functions.C_VerifyFinal = NSSDBGC_VerifyFinal;
+ debug_functions.C_VerifyRecoverInit = NSSDBGC_VerifyRecoverInit;
+ debug_functions.C_VerifyRecover = NSSDBGC_VerifyRecover;
+ debug_functions.C_DigestEncryptUpdate = NSSDBGC_DigestEncryptUpdate;
+ debug_functions.C_DecryptDigestUpdate = NSSDBGC_DecryptDigestUpdate;
+ debug_functions.C_SignEncryptUpdate = NSSDBGC_SignEncryptUpdate;
+ debug_functions.C_DecryptVerifyUpdate = NSSDBGC_DecryptVerifyUpdate;
+ debug_functions.C_GenerateKey = NSSDBGC_GenerateKey;
+ debug_functions.C_GenerateKeyPair = NSSDBGC_GenerateKeyPair;
+ debug_functions.C_WrapKey = NSSDBGC_WrapKey;
+ debug_functions.C_UnwrapKey = NSSDBGC_UnwrapKey;
+ debug_functions.C_DeriveKey = NSSDBGC_DeriveKey;
+ debug_functions.C_SeedRandom = NSSDBGC_SeedRandom;
+ debug_functions.C_GenerateRandom = NSSDBGC_GenerateRandom;
+ debug_functions.C_GetFunctionStatus = NSSDBGC_GetFunctionStatus;
+ debug_functions.C_CancelFunction = NSSDBGC_CancelFunction;
+ debug_functions.C_WaitForSlotEvent = NSSDBGC_WaitForSlotEvent;
+ return &debug_functions;
+}
+
+/*
+ * scale the time factor up accordingly.
+ * This routine tries to keep at least 2 significant figures on output.
+ * If the time is 0, then indicate that with a 'z' for units.
+ * If the time is greater than 10 minutes, output the time in minutes.
+ * If the time is less than 10 minutes but greater than 10 seconds output
+ * the time in second.
+ * If the time is less than 10 seconds but greater than 10 milliseconds
+ * output * the time in millisecond.
+ * If the time is less than 10 milliseconds but greater than 0 ticks output
+ * the time in microsecond.
+ *
+ */
+static PRUint32
+getPrintTime(PRIntervalTime time, char **type)
+{
+ PRUint32 prTime;
+
+ /* detect a programming error by outputting 'bu' to the output stream
+ * rather than crashing */
+ *type = "bug";
+ if (time == 0) {
+ *type = "z";
+ return 0;
+ }
+
+ prTime = PR_IntervalToSeconds(time);
+
+ if (prTime >= 600) {
+ *type = "m";
+ return prTime / 60;
+ }
+ if (prTime >= 10) {
+ *type = "s";
+ return prTime;
+ }
+ prTime = PR_IntervalToMilliseconds(time);
+ if (prTime >= 10) {
+ *type = "ms";
+ return prTime;
+ }
+ *type = "us";
+ return PR_IntervalToMicroseconds(time);
+}
+
+static void
+print_final_statistics(void)
+{
+ int total_calls = 0;
+ PRIntervalTime total_time = 0;
+ PRUint32 pr_total_time;
+ char *type;
+ char *fname;
+ FILE *outfile = NULL;
+ int i;
+
+ fname = PR_GetEnvSecure("NSS_OUTPUT_FILE");
+ if (fname) {
+ /* need to add an optional process id to the filename */
+ outfile = fopen(fname, "w+");
+ }
+ if (!outfile) {
+ outfile = stdout;
+ }
+
+ fprintf(outfile, "%-25s %10s %12s %12s %10s\n", "Function", "# Calls",
+ "Time", "Avg.", "% Time");
+ fprintf(outfile, "\n");
+ for (i = 0; i < nssdbg_prof_size; i++) {
+ total_calls += nssdbg_prof_data[i].calls;
+ total_time += nssdbg_prof_data[i].time;
+ }
+ for (i = 0; i < nssdbg_prof_size; i++) {
+ PRIntervalTime time = nssdbg_prof_data[i].time;
+ PRUint32 usTime = PR_IntervalToMicroseconds(time);
+ PRUint32 prTime = 0;
+ PRUint32 calls = nssdbg_prof_data[i].calls;
+ /* don't print out functions that weren't even called */
+ if (calls == 0) {
+ continue;
+ }
+
+ prTime = getPrintTime(time, &type);
+
+ fprintf(outfile, "%-25s %10d %10d%2s ", nssdbg_prof_data[i].function,
+ calls, prTime, type);
+ /* for now always output the average in microseconds */
+ fprintf(outfile, "%10.2f%2s", (float)usTime / (float)calls, "us");
+ fprintf(outfile, "%10.2f%%", ((float)time / (float)total_time) * 100);
+ fprintf(outfile, "\n");
+ }
+ fprintf(outfile, "\n");
+
+ pr_total_time = getPrintTime(total_time, &type);
+
+ fprintf(outfile, "%25s %10d %10d%2s\n", "Totals", total_calls,
+ pr_total_time, type);
+ fprintf(outfile, "\n\nMaximum number of concurrent open sessions: %d\n\n",
+ maxOpenSessions);
+ fflush(outfile);
+ if (outfile != stdout) {
+ fclose(outfile);
+ }
+}
diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c
new file mode 100644
index 000000000..27325a55a
--- /dev/null
+++ b/security/nss/lib/pk11wrap/dev3hack.c
@@ -0,0 +1,279 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKIT_H
+#include "pkit.h"
+#endif /* PKIT_H */
+
+#ifndef DEVM_H
+#include "devm.h"
+#endif /* DEVM_H */
+
+#include "pki3hack.h"
+#include "dev3hack.h"
+#include "pkim.h"
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#include "pk11func.h"
+#include "secmodti.h"
+#include "secerr.h"
+
+NSS_IMPLEMENT nssSession *
+nssSession_ImportNSS3Session(NSSArena *arenaOpt,
+ CK_SESSION_HANDLE session,
+ PZLock *lock, PRBool rw)
+{
+ nssSession *rvSession = NULL;
+ if (session != CK_INVALID_SESSION) {
+ rvSession = nss_ZNEW(arenaOpt, nssSession);
+ if (rvSession) {
+ rvSession->handle = session;
+ rvSession->lock = lock;
+ rvSession->ownLock = PR_FALSE;
+ rvSession->isRW = rw;
+ }
+ }
+ return rvSession;
+}
+
+NSS_IMPLEMENT nssSession *
+nssSlot_CreateSession(
+ NSSSlot *slot,
+ NSSArena *arenaOpt,
+ PRBool readWrite)
+{
+ nssSession *rvSession;
+
+ if (!readWrite) {
+ /* nss3hack version only returns rw swssions */
+ return NULL;
+ }
+ rvSession = nss_ZNEW(arenaOpt, nssSession);
+ if (!rvSession) {
+ return (nssSession *)NULL;
+ }
+
+ rvSession->handle = PK11_GetRWSession(slot->pk11slot);
+ if (rvSession->handle == CK_INVALID_HANDLE) {
+ nss_ZFreeIf(rvSession);
+ return NULL;
+ }
+ rvSession->isRW = PR_TRUE;
+ rvSession->slot = slot;
+ /*
+ * The session doesn't need its own lock. Here's why.
+ * 1. If we are reusing the default RW session of the slot,
+ * the slot lock is already locked to protect the session.
+ * 2. If the module is not thread safe, the slot (or rather
+ * module) lock is already locked.
+ * 3. If the module is thread safe and we are using a new
+ * session, no higher-level lock has been locked and we
+ * would need a lock for the new session. However, the
+ * current usage of the session is that it is always
+ * used and destroyed within the same function and never
+ * shared with another thread.
+ * So the session is either already protected by another
+ * lock or only used by one thread.
+ */
+ rvSession->lock = NULL;
+ rvSession->ownLock = PR_FALSE;
+ return rvSession;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSession_Destroy(nssSession *s)
+{
+ PRStatus rv = PR_SUCCESS;
+ if (s) {
+ if (s->isRW) {
+ PK11_RestoreROSession(s->slot->pk11slot, s->handle);
+ }
+ rv = nss_ZFreeIf(s);
+ }
+ return rv;
+}
+
+static NSSSlot *
+nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
+{
+ NSSSlot *rvSlot;
+ NSSArena *arena;
+ arena = nssArena_Create();
+ if (!arena) {
+ return NULL;
+ }
+ rvSlot = nss_ZNEW(arena, NSSSlot);
+ if (!rvSlot) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ rvSlot->base.refCount = 1;
+ rvSlot->base.lock = PZ_NewLock(nssILockOther);
+ rvSlot->base.arena = arena;
+ rvSlot->pk11slot = nss3slot;
+ rvSlot->epv = nss3slot->functionList;
+ rvSlot->slotID = nss3slot->slotID;
+ /* Grab the slot name from the PKCS#11 fixed-length buffer */
+ rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name, td->arena);
+ rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
+ return rvSlot;
+}
+
+NSSToken *
+nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
+{
+ NSSToken *rvToken;
+ NSSArena *arena;
+
+ /* Don't create a token object for a disabled slot */
+ if (nss3slot->disabled) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return NULL;
+ }
+ arena = nssArena_Create();
+ if (!arena) {
+ return NULL;
+ }
+ rvToken = nss_ZNEW(arena, NSSToken);
+ if (!rvToken) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ rvToken->base.refCount = 1;
+ rvToken->base.lock = PZ_NewLock(nssILockOther);
+ if (!rvToken->base.lock) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ rvToken->base.arena = arena;
+ rvToken->pk11slot = nss3slot;
+ rvToken->epv = nss3slot->functionList;
+ rvToken->defaultSession = nssSession_ImportNSS3Session(td->arena,
+ nss3slot->session,
+ nss3slot->sessionLock,
+ nss3slot->defRWSession);
+#if 0 /* we should do this instead of blindly continuing. */
+ if (!rvToken->defaultSession) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ goto loser;
+ }
+#endif
+ if (!PK11_IsInternal(nss3slot) && PK11_IsHW(nss3slot)) {
+ rvToken->cache = nssTokenObjectCache_Create(rvToken,
+ PR_TRUE, PR_TRUE, PR_TRUE);
+ if (!rvToken->cache)
+ goto loser;
+ }
+ rvToken->trustDomain = td;
+ /* Grab the token name from the PKCS#11 fixed-length buffer */
+ rvToken->base.name = nssUTF8_Duplicate(nss3slot->token_name, td->arena);
+ rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot);
+ if (!rvToken->slot) {
+ goto loser;
+ }
+ rvToken->slot->token = rvToken;
+ if (rvToken->defaultSession)
+ rvToken->defaultSession->slot = rvToken->slot;
+ return rvToken;
+loser:
+ PZ_DestroyLock(rvToken->base.lock);
+ nssArena_Destroy(arena);
+ return NULL;
+}
+
+NSS_IMPLEMENT void
+nssToken_UpdateName(NSSToken *token)
+{
+ if (!token) {
+ return;
+ }
+ token->base.name = nssUTF8_Duplicate(token->pk11slot->token_name, token->base.arena);
+}
+
+NSS_IMPLEMENT PRBool
+nssSlot_IsPermanent(NSSSlot *slot)
+{
+ return slot->pk11slot->isPerm;
+}
+
+NSS_IMPLEMENT PRBool
+nssSlot_IsFriendly(NSSSlot *slot)
+{
+ return PK11_IsFriendly(slot->pk11slot);
+}
+
+NSS_IMPLEMENT PRStatus
+nssToken_Refresh(NSSToken *token)
+{
+ PK11SlotInfo *nss3slot;
+
+ if (!token) {
+ return PR_SUCCESS;
+ }
+ nss3slot = token->pk11slot;
+ token->defaultSession =
+ nssSession_ImportNSS3Session(token->slot->base.arena,
+ nss3slot->session,
+ nss3slot->sessionLock,
+ nss3slot->defRWSession);
+ return token->defaultSession ? PR_SUCCESS : PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSlot_Refresh(NSSSlot *slot)
+{
+ PK11SlotInfo *nss3slot = slot->pk11slot;
+ PRBool doit = PR_FALSE;
+ if (slot->token && slot->token->base.name[0] == 0) {
+ doit = PR_TRUE;
+ }
+ if (PK11_InitToken(nss3slot, PR_FALSE) != SECSuccess) {
+ return PR_FAILURE;
+ }
+ if (doit) {
+ nssTrustDomain_UpdateCachedTokenCerts(slot->token->trustDomain,
+ slot->token);
+ }
+ return nssToken_Refresh(slot->token);
+}
+
+NSS_IMPLEMENT PRStatus
+nssToken_GetTrustOrder(NSSToken *tok)
+{
+ PK11SlotInfo *slot;
+ SECMODModule *module;
+ slot = tok->pk11slot;
+ module = PK11_GetModule(slot);
+ return module->trustOrder;
+}
+
+NSS_IMPLEMENT PRBool
+nssSlot_IsLoggedIn(NSSSlot *slot)
+{
+ if (!slot->pk11slot->needLogin) {
+ return PR_TRUE;
+ }
+ return PK11_IsLoggedIn(slot->pk11slot, NULL);
+}
+
+NSSTrustDomain *
+nssToken_GetTrustDomain(NSSToken *token)
+{
+ return token->trustDomain;
+}
+
+NSS_EXTERN PRStatus
+nssTrustDomain_RemoveTokenCertsFromCache(
+ NSSTrustDomain *td,
+ NSSToken *token);
+
+NSS_IMPLEMENT PRStatus
+nssToken_NotifyCertsNotVisible(
+ NSSToken *tok)
+{
+ return nssTrustDomain_RemoveTokenCertsFromCache(tok->trustDomain, tok);
+}
diff --git a/security/nss/lib/pk11wrap/dev3hack.h b/security/nss/lib/pk11wrap/dev3hack.h
new file mode 100644
index 000000000..610525910
--- /dev/null
+++ b/security/nss/lib/pk11wrap/dev3hack.h
@@ -0,0 +1,30 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEVNSS3HACK_H
+#define DEVNSS3HACK_H
+
+#include "cert.h"
+
+PR_BEGIN_EXTERN_C
+
+NSS_EXTERN NSSToken *
+nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot);
+
+NSS_EXTERN void
+nssToken_UpdateName(NSSToken *);
+
+NSS_EXTERN PRStatus
+nssToken_Refresh(NSSToken *);
+
+NSSTrustDomain *
+nssToken_GetTrustDomain(NSSToken *token);
+
+void PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst);
+
+NSSToken *PK11Slot_GetNSSToken(PK11SlotInfo *sl);
+
+PR_END_EXTERN_C
+
+#endif /* DEVNSS3HACK_H */
diff --git a/security/nss/lib/pk11wrap/exports.gyp b/security/nss/lib/pk11wrap/exports.gyp
new file mode 100644
index 000000000..b3d4bf468
--- /dev/null
+++ b/security/nss/lib/pk11wrap/exports.gyp
@@ -0,0 +1,39 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_pk11wrap_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pk11func.h',
+ 'pk11pqg.h',
+ 'pk11priv.h',
+ 'pk11pub.h',
+ 'pk11sdr.h',
+ 'secmod.h',
+ 'secmodt.h',
+ 'secpkcs5.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'dev3hack.h',
+ 'secmodi.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/pk11wrap/manifest.mn b/security/nss/lib/pk11wrap/manifest.mn
new file mode 100644
index 000000000..1a2d2446d
--- /dev/null
+++ b/security/nss/lib/pk11wrap/manifest.mn
@@ -0,0 +1,63 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ secmod.h \
+ secmodt.h \
+ secpkcs5.h \
+ pk11func.h \
+ pk11pub.h \
+ pk11priv.h \
+ pk11sdr.h \
+ pk11pqg.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ secmodi.h \
+ dev3hack.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ dev3hack.c \
+ pk11akey.c \
+ pk11auth.c \
+ pk11cert.c \
+ pk11cxt.c \
+ pk11err.c \
+ pk11kea.c \
+ pk11list.c \
+ pk11load.c \
+ pk11mech.c \
+ pk11merge.c \
+ pk11nobj.c \
+ pk11obj.c \
+ pk11pars.c \
+ pk11pbe.c \
+ pk11pk12.c \
+ pk11pqg.c \
+ pk11sdr.c \
+ pk11skey.c \
+ pk11slot.c \
+ pk11util.c \
+ $(NULL)
+
+LIBRARY_NAME = pk11wrap
+
+LIBRARY_VERSION = 3
+SOFTOKEN_LIBRARY_VERSION = 3
+DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" \
+ -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\" \
+ -DSOFTOKEN_SHLIB_VERSION=\"$(SOFTOKEN_LIBRARY_VERSION)\"
+
+# only add module debugging in opt builds if DEBUG_PKCS11 is set
+ifdef DEBUG_PKCS11
+ DEFINES += -DDEBUG_MODULE -DFORCE_PR_LOG
+endif
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/pk11wrap/pk11akey.c b/security/nss/lib/pk11wrap/pk11akey.c
new file mode 100644
index 000000000..01d1d7fd9
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11akey.c
@@ -0,0 +1,2525 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file contains functions to manage asymetric keys, (public and
+ * private keys).
+ */
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pkcs11t.h"
+#include "pk11func.h"
+#include "cert.h"
+#include "key.h"
+#include "keyi.h"
+#include "secitem.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secerr.h"
+#include "sechash.h"
+
+#include "secpkcs5.h"
+#include "blapit.h"
+
+static SECItem *
+pk11_MakeIDFromPublicKey(SECKEYPublicKey *pubKey)
+{
+ /* set the ID to the public key so we can find it again */
+ SECItem *pubKeyIndex = NULL;
+ switch (pubKey->keyType) {
+ case rsaKey:
+ pubKeyIndex = &pubKey->u.rsa.modulus;
+ break;
+ case dsaKey:
+ pubKeyIndex = &pubKey->u.dsa.publicValue;
+ break;
+ case dhKey:
+ pubKeyIndex = &pubKey->u.dh.publicValue;
+ break;
+ case ecKey:
+ pubKeyIndex = &pubKey->u.ec.publicValue;
+ break;
+ default:
+ return NULL;
+ }
+ PORT_Assert(pubKeyIndex != NULL);
+
+ return PK11_MakeIDFromPubKey(pubKeyIndex);
+}
+
+/*
+ * import a public key into the desired slot
+ *
+ * This function takes a public key structure and creates a public key in a
+ * given slot. If isToken is set, then a persistant public key is created.
+ *
+ * Note: it is possible for this function to return a handle for a key which
+ * is persistant, even if isToken is not set.
+ */
+CK_OBJECT_HANDLE
+PK11_ImportPublicKey(PK11SlotInfo *slot, SECKEYPublicKey *pubKey,
+ PRBool isToken)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_OBJECT_HANDLE objectID;
+ CK_ATTRIBUTE theTemplate[11];
+ CK_ATTRIBUTE *signedattr = NULL;
+ CK_ATTRIBUTE *attrs = theTemplate;
+ SECItem *ckaId = NULL;
+ SECItem *pubValue = NULL;
+ int signedcount = 0;
+ unsigned int templateCount = 0;
+ SECStatus rv;
+
+ /* if we already have an object in the desired slot, use it */
+ if (!isToken && pubKey->pkcs11Slot == slot) {
+ return pubKey->pkcs11ID;
+ }
+
+ /* free the existing key */
+ if (pubKey->pkcs11Slot != NULL) {
+ PK11SlotInfo *oSlot = pubKey->pkcs11Slot;
+ if (!PK11_IsPermObject(pubKey->pkcs11Slot, pubKey->pkcs11ID)) {
+ PK11_EnterSlotMonitor(oSlot);
+ (void)PK11_GETTAB(oSlot)->C_DestroyObject(oSlot->session,
+ pubKey->pkcs11ID);
+ PK11_ExitSlotMonitor(oSlot);
+ }
+ PK11_FreeSlot(oSlot);
+ pubKey->pkcs11Slot = NULL;
+ }
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, isToken ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ if (isToken) {
+ ckaId = pk11_MakeIDFromPublicKey(pubKey);
+ if (ckaId == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return CK_INVALID_HANDLE;
+ }
+ PK11_SETATTRS(attrs, CKA_ID, ckaId->data, ckaId->len);
+ attrs++;
+ }
+
+ /* now import the key */
+ {
+ switch (pubKey->keyType) {
+ case rsaKey:
+ keyType = CKK_RSA;
+ PK11_SETATTRS(attrs, CKA_WRAP, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_ENCRYPT, &cktrue,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_MODULUS, pubKey->u.rsa.modulus.data,
+ pubKey->u.rsa.modulus.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
+ pubKey->u.rsa.publicExponent.data,
+ pubKey->u.rsa.publicExponent.len);
+ attrs++;
+ break;
+ case dsaKey:
+ keyType = CKK_DSA;
+ PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.dsa.params.prime.data,
+ pubKey->u.dsa.params.prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SUBPRIME, pubKey->u.dsa.params.subPrime.data,
+ pubKey->u.dsa.params.subPrime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.dsa.params.base.data,
+ pubKey->u.dsa.params.base.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dsa.publicValue.data,
+ pubKey->u.dsa.publicValue.len);
+ attrs++;
+ break;
+ case fortezzaKey:
+ keyType = CKK_DSA;
+ PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.fortezza.params.prime.data,
+ pubKey->u.fortezza.params.prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SUBPRIME,
+ pubKey->u.fortezza.params.subPrime.data,
+ pubKey->u.fortezza.params.subPrime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.fortezza.params.base.data,
+ pubKey->u.fortezza.params.base.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.fortezza.DSSKey.data,
+ pubKey->u.fortezza.DSSKey.len);
+ attrs++;
+ break;
+ case dhKey:
+ keyType = CKK_DH;
+ PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.dh.prime.data,
+ pubKey->u.dh.prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.dh.base.data,
+ pubKey->u.dh.base.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dh.publicValue.data,
+ pubKey->u.dh.publicValue.len);
+ attrs++;
+ break;
+ case ecKey:
+ keyType = CKK_EC;
+ PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_EC_PARAMS,
+ pubKey->u.ec.DEREncodedParams.data,
+ pubKey->u.ec.DEREncodedParams.len);
+ attrs++;
+ if (PR_GetEnvSecure("NSS_USE_DECODED_CKA_EC_POINT")) {
+ PK11_SETATTRS(attrs, CKA_EC_POINT,
+ pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len);
+ attrs++;
+ } else {
+ pubValue = SEC_ASN1EncodeItem(NULL, NULL,
+ &pubKey->u.ec.publicValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (pubValue == NULL) {
+ if (ckaId) {
+ SECITEM_FreeItem(ckaId, PR_TRUE);
+ }
+ return CK_INVALID_HANDLE;
+ }
+ PK11_SETATTRS(attrs, CKA_EC_POINT,
+ pubValue->data, pubValue->len);
+ attrs++;
+ }
+ break;
+ default:
+ if (ckaId) {
+ SECITEM_FreeItem(ckaId, PR_TRUE);
+ }
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return CK_INVALID_HANDLE;
+ }
+
+ templateCount = attrs - theTemplate;
+ signedcount = attrs - signedattr;
+ PORT_Assert(templateCount <= (sizeof(theTemplate) / sizeof(CK_ATTRIBUTE)));
+ for (attrs = signedattr; signedcount; attrs++, signedcount--) {
+ pk11_SignedToUnsigned(attrs);
+ }
+ rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, theTemplate,
+ templateCount, isToken, &objectID);
+ if (ckaId) {
+ SECITEM_FreeItem(ckaId, PR_TRUE);
+ }
+ if (pubValue) {
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ return CK_INVALID_HANDLE;
+ }
+ }
+
+ pubKey->pkcs11ID = objectID;
+ pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
+
+ return objectID;
+}
+
+/*
+ * take an attribute and copy it into a secitem
+ */
+static CK_RV
+pk11_Attr2SecItem(PLArenaPool *arena, const CK_ATTRIBUTE *attr, SECItem *item)
+{
+ item->data = NULL;
+
+ (void)SECITEM_AllocItem(arena, item, attr->ulValueLen);
+ if (item->data == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ PORT_Memcpy(item->data, attr->pValue, item->len);
+ return CKR_OK;
+}
+
+/*
+ * get a curve length from a set of ecParams.
+ *
+ * We need this so we can reliably determine if the ecPoint passed to us
+ * was encoded or not. With out this, for many curves, we would incorrectly
+ * identify an unencoded curve as an encoded curve 1 in 65536 times, and for
+ * a few we would make that same mistake 1 in 32768 times. These are bad
+ * numbers since they are rare enough to pass tests, but common enough to
+ * be tripped over in the field.
+ *
+ * This function will only work for curves we recognized as of March 2009.
+ * The assumption is curves in use after March of 2009 would be supplied by
+ * PKCS #11 modules that already pass the correct encoding to us.
+ *
+ * Point length = (Roundup(curveLenInBits/8)*2+1)
+ */
+static int
+pk11_get_EC_PointLenInBytes(PLArenaPool *arena, const SECItem *ecParams,
+ PRBool *plain)
+{
+ SECItem oid;
+ SECOidTag tag;
+ SECStatus rv;
+
+ /* decode the OID tag */
+ rv = SEC_QuickDERDecodeItem(arena, &oid,
+ SEC_ASN1_GET(SEC_ObjectIDTemplate), ecParams);
+ if (rv != SECSuccess) {
+ /* could be explict curves, allow them to work if the
+ * PKCS #11 module support them. If we try to parse the
+ * explicit curve value in the future, we may return -1 here
+ * to indicate an invalid parameter if the explicit curve
+ * decode fails. */
+ return 0;
+ }
+
+ *plain = PR_FALSE;
+ tag = SECOID_FindOIDTag(&oid);
+ switch (tag) {
+ case SEC_OID_SECG_EC_SECP112R1:
+ case SEC_OID_SECG_EC_SECP112R2:
+ return 29; /* curve len in bytes = 14 bytes */
+ case SEC_OID_SECG_EC_SECT113R1:
+ case SEC_OID_SECG_EC_SECT113R2:
+ return 31; /* curve len in bytes = 15 bytes */
+ case SEC_OID_SECG_EC_SECP128R1:
+ case SEC_OID_SECG_EC_SECP128R2:
+ return 33; /* curve len in bytes = 16 bytes */
+ case SEC_OID_SECG_EC_SECT131R1:
+ case SEC_OID_SECG_EC_SECT131R2:
+ return 35; /* curve len in bytes = 17 bytes */
+ case SEC_OID_SECG_EC_SECP160K1:
+ case SEC_OID_SECG_EC_SECP160R1:
+ case SEC_OID_SECG_EC_SECP160R2:
+ return 41; /* curve len in bytes = 20 bytes */
+ case SEC_OID_SECG_EC_SECT163K1:
+ case SEC_OID_SECG_EC_SECT163R1:
+ case SEC_OID_SECG_EC_SECT163R2:
+ case SEC_OID_ANSIX962_EC_C2PNB163V1:
+ case SEC_OID_ANSIX962_EC_C2PNB163V2:
+ case SEC_OID_ANSIX962_EC_C2PNB163V3:
+ return 43; /* curve len in bytes = 21 bytes */
+ case SEC_OID_ANSIX962_EC_C2PNB176V1:
+ return 45; /* curve len in bytes = 22 bytes */
+ case SEC_OID_ANSIX962_EC_C2TNB191V1:
+ case SEC_OID_ANSIX962_EC_C2TNB191V2:
+ case SEC_OID_ANSIX962_EC_C2TNB191V3:
+ case SEC_OID_SECG_EC_SECP192K1:
+ case SEC_OID_ANSIX962_EC_PRIME192V1:
+ case SEC_OID_ANSIX962_EC_PRIME192V2:
+ case SEC_OID_ANSIX962_EC_PRIME192V3:
+ return 49; /*curve len in bytes = 24 bytes */
+ case SEC_OID_SECG_EC_SECT193R1:
+ case SEC_OID_SECG_EC_SECT193R2:
+ return 51; /*curve len in bytes = 25 bytes */
+ case SEC_OID_ANSIX962_EC_C2PNB208W1:
+ return 53; /*curve len in bytes = 26 bytes */
+ case SEC_OID_SECG_EC_SECP224K1:
+ case SEC_OID_SECG_EC_SECP224R1:
+ return 57; /*curve len in bytes = 28 bytes */
+ case SEC_OID_SECG_EC_SECT233K1:
+ case SEC_OID_SECG_EC_SECT233R1:
+ case SEC_OID_SECG_EC_SECT239K1:
+ case SEC_OID_ANSIX962_EC_PRIME239V1:
+ case SEC_OID_ANSIX962_EC_PRIME239V2:
+ case SEC_OID_ANSIX962_EC_PRIME239V3:
+ case SEC_OID_ANSIX962_EC_C2TNB239V1:
+ case SEC_OID_ANSIX962_EC_C2TNB239V2:
+ case SEC_OID_ANSIX962_EC_C2TNB239V3:
+ return 61; /*curve len in bytes = 30 bytes */
+ case SEC_OID_ANSIX962_EC_PRIME256V1:
+ case SEC_OID_SECG_EC_SECP256K1:
+ return 65; /*curve len in bytes = 32 bytes */
+ case SEC_OID_ANSIX962_EC_C2PNB272W1:
+ return 69; /*curve len in bytes = 34 bytes */
+ case SEC_OID_SECG_EC_SECT283K1:
+ case SEC_OID_SECG_EC_SECT283R1:
+ return 73; /*curve len in bytes = 36 bytes */
+ case SEC_OID_ANSIX962_EC_C2PNB304W1:
+ return 77; /*curve len in bytes = 38 bytes */
+ case SEC_OID_ANSIX962_EC_C2TNB359V1:
+ return 91; /*curve len in bytes = 45 bytes */
+ case SEC_OID_ANSIX962_EC_C2PNB368W1:
+ return 93; /*curve len in bytes = 46 bytes */
+ case SEC_OID_SECG_EC_SECP384R1:
+ return 97; /*curve len in bytes = 48 bytes */
+ case SEC_OID_SECG_EC_SECT409K1:
+ case SEC_OID_SECG_EC_SECT409R1:
+ return 105; /*curve len in bytes = 52 bytes */
+ case SEC_OID_ANSIX962_EC_C2TNB431R1:
+ return 109; /*curve len in bytes = 54 bytes */
+ case SEC_OID_SECG_EC_SECP521R1:
+ return 133; /*curve len in bytes = 66 bytes */
+ case SEC_OID_SECG_EC_SECT571K1:
+ case SEC_OID_SECG_EC_SECT571R1:
+ return 145; /*curve len in bytes = 72 bytes */
+ case SEC_OID_CURVE25519:
+ *plain = PR_TRUE;
+ return 32; /* curve len in bytes = 32 bytes (only X) */
+ /* unknown or unrecognized OIDs. return unknown length */
+ default:
+ break;
+ }
+ return 0;
+}
+
+/*
+ * returns the decoded point. In some cases the point may already be decoded.
+ * this function tries to detect those cases and return the point in
+ * publicKeyValue. In other cases it's DER encoded. In those cases the point
+ * is first decoded and returned. Space for the point is allocated out of
+ * the passed in arena.
+ */
+static CK_RV
+pk11_get_Decoded_ECPoint(PLArenaPool *arena, const SECItem *ecParams,
+ const CK_ATTRIBUTE *ecPoint, SECItem *publicKeyValue)
+{
+ SECItem encodedPublicValue;
+ SECStatus rv;
+ int keyLen;
+ PRBool plain = PR_FALSE;
+
+ if (ecPoint->ulValueLen == 0) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /*
+ * The PKCS #11 spec requires ecPoints to be encoded as a DER OCTET String.
+ * NSS has mistakenly passed unencoded values, and some PKCS #11 vendors
+ * followed that mistake. Now we need to detect which encoding we were
+ * passed in. The task is made more complicated by the fact the the
+ * DER encoding byte (SEC_ASN_OCTET_STRING) is the same as the
+ * EC_POINT_FORM_UNCOMPRESSED byte (0x04), so we can't use that to
+ * determine which curve we are using.
+ */
+
+ /* get the expected key length for the passed in curve.
+ * pk11_get_EC_PointLenInBytes only returns valid values for curves
+ * NSS has traditionally recognized. If the curve is not recognized,
+ * it will return '0', and we have to figure out if the key was
+ * encoded or not heuristically. If the ecParams are invalid, it
+ * will return -1 for the keyLen.
+ */
+ keyLen = pk11_get_EC_PointLenInBytes(arena, ecParams, &plain);
+ if (keyLen < 0) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /*
+ * Some curves are not encoded but we don't have the name here.
+ * Instead, pk11_get_EC_PointLenInBytes returns true plain if this is the
+ * case.
+ */
+ if (plain && ecPoint->ulValueLen == (unsigned int)keyLen) {
+ return pk11_Attr2SecItem(arena, ecPoint, publicKeyValue);
+ }
+
+ /* If the point is uncompressed and the lengths match, it
+ * must be an unencoded point */
+ if ((*((char *)ecPoint->pValue) == EC_POINT_FORM_UNCOMPRESSED) &&
+ (ecPoint->ulValueLen == (unsigned int)keyLen)) {
+ return pk11_Attr2SecItem(arena, ecPoint, publicKeyValue);
+ }
+
+ /* now assume the key passed to us was encoded and decode it */
+ if (*((char *)ecPoint->pValue) == SEC_ASN1_OCTET_STRING) {
+ /* OK, now let's try to decode it and see if it's valid */
+ encodedPublicValue.data = ecPoint->pValue;
+ encodedPublicValue.len = ecPoint->ulValueLen;
+ rv = SEC_QuickDERDecodeItem(arena, publicKeyValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate), &encodedPublicValue);
+
+ /* it coded correctly & we know the key length (and they match)
+ * then we are done, return the results. */
+ if (keyLen && rv == SECSuccess && publicKeyValue->len == (unsigned int)keyLen) {
+ return CKR_OK;
+ }
+
+ /* if we know the key length, one of the above tests should have
+ * succeded. If it doesn't the module gave us bad data */
+ if (keyLen) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* We don't know the key length, so we don't know deterministically
+ * which encoding was used. We now will try to pick the most likely
+ * form that's correct, with a preference for the encoded form if we
+ * can't determine for sure. We do this by checking the key we got
+ * back from SEC_QuickDERDecodeItem for defects. If no defects are
+ * found, we assume the encoded parameter was was passed to us.
+ * our defect tests include:
+ * 1) it didn't decode.
+ * 2) The decode key had an invalid length (must be odd).
+ * 3) The decoded key wasn't an UNCOMPRESSED key.
+ * 4) The decoded key didn't include the entire encoded block
+ * except the DER encoding values. (fixing DER length to one
+ * particular value).
+ */
+ if ((rv != SECSuccess) || ((publicKeyValue->len & 1) != 1) ||
+ (publicKeyValue->data[0] != EC_POINT_FORM_UNCOMPRESSED) ||
+ (PORT_Memcmp(&encodedPublicValue.data[encodedPublicValue.len - publicKeyValue->len],
+ publicKeyValue->data,
+ publicKeyValue->len) != 0)) {
+ /* The decoded public key was flawed, the original key must have
+ * already been in decoded form. Do a quick sanity check then
+ * return the original key value.
+ */
+ if ((encodedPublicValue.len & 1) == 0) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ return pk11_Attr2SecItem(arena, ecPoint, publicKeyValue);
+ }
+
+ /* as best we can figure, the passed in key was encoded, and we've
+ * now decoded it. Note: there is a chance this could be wrong if the
+ * following conditions hold:
+ * 1) The first byte or bytes of the X point looks like a valid length
+ * of precisely the right size (2*curveSize -1). this means for curves
+ * less than 512 bits (64 bytes), this will happen 1 in 256 times*.
+ * for curves between 512 and 1024, this will happen 1 in 65,536 times*
+ * for curves between 1024 and 256K this will happen 1 in 16 million*
+ * 2) The length of the 'DER length field' is odd
+ * (making both the encoded and decode
+ * values an odd length. this is true of all curves less than 512,
+ * as well as curves between 1024 and 256K).
+ * 3) The X[length of the 'DER length field'] == 0x04, 1 in 256.
+ *
+ * (* assuming all values are equally likely in the first byte,
+ * This isn't true if the curve length is not a multiple of 8. In these
+ * cases, if the DER length is possible, it's more likely,
+ * if it's not possible, then we have no false decodes).
+ *
+ * For reference here are the odds for the various curves we currently
+ * have support for (and the only curves SSL will negotiate at this
+ * time). NOTE: None of the supported curves will show up here
+ * because we return a valid length for all of these curves.
+ * The only way to get here is to have some application (not SSL)
+ * which supports some unknown curve and have some vendor supplied
+ * PKCS #11 module support that curve. NOTE: in this case, one
+ * presumes that that pkcs #11 module is likely to be using the
+ * correct encodings.
+ *
+ * Prime Curves (GFp):
+ * Bit False Odds of
+ * Size DER Len False Decode Positive
+ * 112 27 1 in 65536
+ * 128 31 1 in 65536
+ * 160 39 1 in 65536
+ * 192 47 1 in 65536
+ * 224 55 1 in 65536
+ * 239 59 1 in 32768 (top byte can only be 0-127)
+ * 256 63 1 in 65536
+ * 521 129,131 0 (decoded value would be even)
+ *
+ * Binary curves (GF2m).
+ * Bit False Odds of
+ * Size DER Len False Decode Positive
+ * 131 33 0 (top byte can only be 0-7)
+ * 163 41 0 (top byte can only be 0-7)
+ * 176 43 1 in 65536
+ * 191 47 1 in 32768 (top byte can only be 0-127)
+ * 193 49 0 (top byte can only be 0-1)
+ * 208 51 1 in 65536
+ * 233 59 0 (top byte can only be 0-1)
+ * 239 59 1 in 32768 (top byte can only be 0-127)
+ * 272 67 1 in 65536
+ * 283 71 0 (top byte can only be 0-7)
+ * 304 75 1 in 65536
+ * 359 89 1 in 32768 (top byte can only be 0-127)
+ * 368 91 1 in 65536
+ * 409 103 0 (top byte can only be 0-1)
+ * 431 107 1 in 32768 (top byte can only be 0-127)
+ * 571 129,143 0 (decoded value would be even)
+ *
+ */
+
+ return CKR_OK;
+ }
+
+ /* In theory, we should handle the case where the curve == 0 and
+ * the first byte is EC_POINT_FORM_UNCOMPRESSED, (which would be
+ * handled by doing a santity check on the key length and returning
+ * pk11_Attr2SecItem() to copy the ecPoint to the publicKeyValue).
+ *
+ * This test is unnecessary, however, due to the fact that
+ * EC_POINT_FORM_UNCOMPRESSED == SEC_ASIN1_OCTET_STRING, that case is
+ * handled in the above if. That means if we get here, the initial
+ * byte of our ecPoint value was invalid, so we can safely return.
+ * invalid attribute.
+ */
+
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+}
+
+/*
+ * extract a public key from a slot and id
+ */
+SECKEYPublicKey *
+PK11_ExtractPublicKey(PK11SlotInfo *slot, KeyType keyType, CK_OBJECT_HANDLE id)
+{
+ CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
+ PLArenaPool *arena;
+ PLArenaPool *tmp_arena;
+ SECKEYPublicKey *pubKey;
+ unsigned int templateCount = 0;
+ CK_KEY_TYPE pk11KeyType;
+ CK_RV crv;
+ CK_ATTRIBUTE template[8];
+ CK_ATTRIBUTE *attrs = template;
+ CK_ATTRIBUTE *modulus, *exponent, *base, *prime, *subprime, *value;
+ CK_ATTRIBUTE *ecparams;
+
+ /* if we didn't know the key type, get it */
+ if (keyType == nullKey) {
+
+ pk11KeyType = PK11_ReadULongAttribute(slot, id, CKA_KEY_TYPE);
+ if (pk11KeyType == CK_UNAVAILABLE_INFORMATION) {
+ return NULL;
+ }
+ switch (pk11KeyType) {
+ case CKK_RSA:
+ keyType = rsaKey;
+ break;
+ case CKK_DSA:
+ keyType = dsaKey;
+ break;
+ case CKK_DH:
+ keyType = dhKey;
+ break;
+ case CKK_EC:
+ keyType = ecKey;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return NULL;
+ }
+ }
+
+ /* now we need to create space for the public key */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ return NULL;
+ tmp_arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmp_arena == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ pubKey = (SECKEYPublicKey *)
+ PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
+ if (pubKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ PORT_FreeArena(tmp_arena, PR_FALSE);
+ return NULL;
+ }
+
+ pubKey->arena = arena;
+ pubKey->keyType = keyType;
+ pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
+ pubKey->pkcs11ID = id;
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass,
+ sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &pk11KeyType,
+ sizeof(pk11KeyType));
+ attrs++;
+ switch (pubKey->keyType) {
+ case rsaKey:
+ modulus = attrs;
+ PK11_SETATTRS(attrs, CKA_MODULUS, NULL, 0);
+ attrs++;
+ exponent = attrs;
+ PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, NULL, 0);
+ attrs++;
+
+ templateCount = attrs - template;
+ PR_ASSERT(templateCount <= sizeof(template) / sizeof(CK_ATTRIBUTE));
+ crv = PK11_GetAttributes(tmp_arena, slot, id, template, templateCount);
+ if (crv != CKR_OK)
+ break;
+
+ if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_RSA)) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ break;
+ }
+ crv = pk11_Attr2SecItem(arena, modulus, &pubKey->u.rsa.modulus);
+ if (crv != CKR_OK)
+ break;
+ crv = pk11_Attr2SecItem(arena, exponent, &pubKey->u.rsa.publicExponent);
+ if (crv != CKR_OK)
+ break;
+ break;
+ case dsaKey:
+ prime = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0);
+ attrs++;
+ subprime = attrs;
+ PK11_SETATTRS(attrs, CKA_SUBPRIME, NULL, 0);
+ attrs++;
+ base = attrs;
+ PK11_SETATTRS(attrs, CKA_BASE, NULL, 0);
+ attrs++;
+ value = attrs;
+ PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0);
+ attrs++;
+ templateCount = attrs - template;
+ PR_ASSERT(templateCount <= sizeof(template) / sizeof(CK_ATTRIBUTE));
+ crv = PK11_GetAttributes(tmp_arena, slot, id, template, templateCount);
+ if (crv != CKR_OK)
+ break;
+
+ if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DSA)) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ break;
+ }
+ crv = pk11_Attr2SecItem(arena, prime, &pubKey->u.dsa.params.prime);
+ if (crv != CKR_OK)
+ break;
+ crv = pk11_Attr2SecItem(arena, subprime, &pubKey->u.dsa.params.subPrime);
+ if (crv != CKR_OK)
+ break;
+ crv = pk11_Attr2SecItem(arena, base, &pubKey->u.dsa.params.base);
+ if (crv != CKR_OK)
+ break;
+ crv = pk11_Attr2SecItem(arena, value, &pubKey->u.dsa.publicValue);
+ if (crv != CKR_OK)
+ break;
+ break;
+ case dhKey:
+ prime = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0);
+ attrs++;
+ base = attrs;
+ PK11_SETATTRS(attrs, CKA_BASE, NULL, 0);
+ attrs++;
+ value = attrs;
+ PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0);
+ attrs++;
+ templateCount = attrs - template;
+ PR_ASSERT(templateCount <= sizeof(template) / sizeof(CK_ATTRIBUTE));
+ crv = PK11_GetAttributes(tmp_arena, slot, id, template, templateCount);
+ if (crv != CKR_OK)
+ break;
+
+ if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DH)) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ break;
+ }
+ crv = pk11_Attr2SecItem(arena, prime, &pubKey->u.dh.prime);
+ if (crv != CKR_OK)
+ break;
+ crv = pk11_Attr2SecItem(arena, base, &pubKey->u.dh.base);
+ if (crv != CKR_OK)
+ break;
+ crv = pk11_Attr2SecItem(arena, value, &pubKey->u.dh.publicValue);
+ if (crv != CKR_OK)
+ break;
+ break;
+ case ecKey:
+ pubKey->u.ec.size = 0;
+ ecparams = attrs;
+ PK11_SETATTRS(attrs, CKA_EC_PARAMS, NULL, 0);
+ attrs++;
+ value = attrs;
+ PK11_SETATTRS(attrs, CKA_EC_POINT, NULL, 0);
+ attrs++;
+ templateCount = attrs - template;
+ PR_ASSERT(templateCount <= sizeof(template) / sizeof(CK_ATTRIBUTE));
+ crv = PK11_GetAttributes(arena, slot, id, template, templateCount);
+ if (crv != CKR_OK)
+ break;
+
+ if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_EC)) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ break;
+ }
+
+ crv = pk11_Attr2SecItem(arena, ecparams,
+ &pubKey->u.ec.DEREncodedParams);
+ if (crv != CKR_OK)
+ break;
+ pubKey->u.ec.encoding = ECPoint_Undefined;
+ crv = pk11_get_Decoded_ECPoint(arena,
+ &pubKey->u.ec.DEREncodedParams, value,
+ &pubKey->u.ec.publicValue);
+ break;
+ case fortezzaKey:
+ case nullKey:
+ default:
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ break;
+ }
+
+ PORT_FreeArena(tmp_arena, PR_FALSE);
+
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_FALSE);
+ PK11_FreeSlot(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ return pubKey;
+}
+
+/*
+ * Build a Private Key structure from raw PKCS #11 information.
+ */
+SECKEYPrivateKey *
+PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
+ PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx)
+{
+ PLArenaPool *arena;
+ SECKEYPrivateKey *privKey;
+ PRBool isPrivate;
+ SECStatus rv;
+
+ /* don't know? look it up */
+ if (keyType == nullKey) {
+ CK_KEY_TYPE pk11Type = CKK_RSA;
+
+ pk11Type = PK11_ReadULongAttribute(slot, privID, CKA_KEY_TYPE);
+ isTemp = (PRBool)!PK11_HasAttributeSet(slot, privID, CKA_TOKEN, PR_FALSE);
+ switch (pk11Type) {
+ case CKK_RSA:
+ keyType = rsaKey;
+ break;
+ case CKK_DSA:
+ keyType = dsaKey;
+ break;
+ case CKK_DH:
+ keyType = dhKey;
+ break;
+ case CKK_KEA:
+ keyType = fortezzaKey;
+ break;
+ case CKK_EC:
+ keyType = ecKey;
+ break;
+ default:
+ break;
+ }
+ }
+
+ /* if the key is private, make sure we are authenticated to the
+ * token before we try to use it */
+ isPrivate = (PRBool)PK11_HasAttributeSet(slot, privID, CKA_PRIVATE, PR_FALSE);
+ if (isPrivate) {
+ rv = PK11_Authenticate(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ }
+
+ /* now we need to create space for the private key */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ return NULL;
+
+ privKey = (SECKEYPrivateKey *)
+ PORT_ArenaZAlloc(arena, sizeof(SECKEYPrivateKey));
+ if (privKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ privKey->arena = arena;
+ privKey->keyType = keyType;
+ privKey->pkcs11Slot = PK11_ReferenceSlot(slot);
+ privKey->pkcs11ID = privID;
+ privKey->pkcs11IsTemp = isTemp;
+ privKey->wincx = wincx;
+
+ return privKey;
+}
+
+PK11SlotInfo *
+PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key)
+{
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ slot = PK11_ReferenceSlot(slot);
+ return slot;
+}
+
+/*
+ * Get the modulus length for raw parsing
+ */
+int
+PK11_GetPrivateModulusLen(SECKEYPrivateKey *key)
+{
+ CK_ATTRIBUTE theTemplate = { CKA_MODULUS, NULL, 0 };
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ CK_RV crv;
+ int length;
+
+ switch (key->keyType) {
+ case rsaKey:
+ crv = PK11_GetAttributes(NULL, slot, key->pkcs11ID, &theTemplate, 1);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return -1;
+ }
+ length = theTemplate.ulValueLen;
+ if (*(unsigned char *)theTemplate.pValue == 0) {
+ length--;
+ }
+ PORT_Free(theTemplate.pValue);
+ return (int)length;
+
+ case fortezzaKey:
+ case dsaKey:
+ case dhKey:
+ default:
+ break;
+ }
+ if (theTemplate.pValue != NULL)
+ PORT_Free(theTemplate.pValue);
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return -1;
+}
+
+/*
+ * take a private key in one pkcs11 module and load it into another:
+ * NOTE: the source private key is a rare animal... it can't be sensitive.
+ * This is used to do a key gen using one pkcs11 module and storing the
+ * result into another.
+ */
+static SECKEYPrivateKey *
+pk11_loadPrivKeyWithFlags(PK11SlotInfo *slot, SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *pubKey, PK11AttrFlags attrFlags)
+{
+ CK_ATTRIBUTE privTemplate[] = {
+ /* class must be first */
+ { CKA_CLASS, NULL, 0 },
+ { CKA_KEY_TYPE, NULL, 0 },
+ { CKA_ID, NULL, 0 },
+ /* RSA - the attributes below will be replaced for other
+ * key types.
+ */
+ { CKA_MODULUS, NULL, 0 },
+ { CKA_PRIVATE_EXPONENT, NULL, 0 },
+ { CKA_PUBLIC_EXPONENT, NULL, 0 },
+ { CKA_PRIME_1, NULL, 0 },
+ { CKA_PRIME_2, NULL, 0 },
+ { CKA_EXPONENT_1, NULL, 0 },
+ { CKA_EXPONENT_2, NULL, 0 },
+ { CKA_COEFFICIENT, NULL, 0 },
+ { CKA_DECRYPT, NULL, 0 },
+ { CKA_DERIVE, NULL, 0 },
+ { CKA_SIGN, NULL, 0 },
+ { CKA_SIGN_RECOVER, NULL, 0 },
+ { CKA_UNWRAP, NULL, 0 },
+ /* reserve space for the attributes that may be
+ * specified in attrFlags */
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_PRIVATE, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ { CKA_SENSITIVE, NULL, 0 },
+ { CKA_EXTRACTABLE, NULL, 0 },
+#define NUM_RESERVED_ATTRS 5 /* number of reserved attributes above */
+ };
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_ATTRIBUTE *attrs = NULL, *ap;
+ const int templateSize = sizeof(privTemplate) / sizeof(privTemplate[0]);
+ PLArenaPool *arena;
+ CK_OBJECT_HANDLE objectID;
+ int i, count = 0;
+ int extra_count = 0;
+ CK_RV crv;
+ SECStatus rv;
+ PRBool token = ((attrFlags & PK11_ATTR_TOKEN) != 0);
+
+ if (pk11_BadAttrFlags(attrFlags)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ for (i = 0; i < templateSize; i++) {
+ if (privTemplate[i].type == CKA_MODULUS) {
+ attrs = &privTemplate[i];
+ count = i;
+ break;
+ }
+ }
+ PORT_Assert(attrs != NULL);
+ if (attrs == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ ap = attrs;
+
+ switch (privKey->keyType) {
+ case rsaKey:
+ count = templateSize - NUM_RESERVED_ATTRS;
+ extra_count = count - (attrs - privTemplate);
+ break;
+ case dsaKey:
+ ap->type = CKA_PRIME;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_SUBPRIME;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_BASE;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_VALUE;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_SIGN;
+ ap++;
+ count++;
+ extra_count++;
+ break;
+ case dhKey:
+ ap->type = CKA_PRIME;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_BASE;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_VALUE;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_DERIVE;
+ ap++;
+ count++;
+ extra_count++;
+ break;
+ case ecKey:
+ ap->type = CKA_EC_PARAMS;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_VALUE;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_DERIVE;
+ ap++;
+ count++;
+ extra_count++;
+ ap->type = CKA_SIGN;
+ ap++;
+ count++;
+ extra_count++;
+ break;
+ default:
+ count = 0;
+ extra_count = 0;
+ break;
+ }
+
+ if (count == 0) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ return NULL;
+ /*
+ * read out the old attributes.
+ */
+ crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID,
+ privTemplate, count);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+ }
+
+ /* Set token, private, modifiable, sensitive, and extractable */
+ count += pk11_AttrFlagsToAttributes(attrFlags, &privTemplate[count],
+ &cktrue, &ckfalse);
+
+ /* Not everyone can handle zero padded key values, give
+ * them the raw data as unsigned */
+ for (ap = attrs; extra_count; ap++, extra_count--) {
+ pk11_SignedToUnsigned(ap);
+ }
+
+ /* now Store the puppies */
+ rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, privTemplate,
+ count, token, &objectID);
+ PORT_FreeArena(arena, PR_TRUE);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ /* try loading the public key */
+ if (pubKey) {
+ PK11_ImportPublicKey(slot, pubKey, token);
+ if (pubKey->pkcs11Slot) {
+ PK11_FreeSlot(pubKey->pkcs11Slot);
+ pubKey->pkcs11Slot = NULL;
+ pubKey->pkcs11ID = CK_INVALID_HANDLE;
+ }
+ }
+
+ /* build new key structure */
+ return PK11_MakePrivKey(slot, privKey->keyType, !token,
+ objectID, privKey->wincx);
+}
+
+static SECKEYPrivateKey *
+pk11_loadPrivKey(PK11SlotInfo *slot, SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive)
+{
+ PK11AttrFlags attrFlags = 0;
+ if (token) {
+ attrFlags |= (PK11_ATTR_TOKEN | PK11_ATTR_PRIVATE);
+ } else {
+ attrFlags |= (PK11_ATTR_SESSION | PK11_ATTR_PUBLIC);
+ }
+ if (sensitive) {
+ attrFlags |= PK11_ATTR_SENSITIVE;
+ } else {
+ attrFlags |= PK11_ATTR_INSENSITIVE;
+ }
+ return pk11_loadPrivKeyWithFlags(slot, privKey, pubKey, attrFlags);
+}
+
+/*
+ * export this for PSM
+ */
+SECKEYPrivateKey *
+PK11_LoadPrivKey(PK11SlotInfo *slot, SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive)
+{
+ return pk11_loadPrivKey(slot, privKey, pubKey, token, sensitive);
+}
+
+/*
+ * Use the token to generate a key pair.
+ */
+SECKEYPrivateKey *
+PK11_GenerateKeyPairWithOpFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ void *param, SECKEYPublicKey **pubKey, PK11AttrFlags attrFlags,
+ CK_FLAGS opFlags, CK_FLAGS opFlagsMask, void *wincx)
+{
+ /* we have to use these native types because when we call PKCS 11 modules
+ * we have to make sure that we are using the correct sizes for all the
+ * parameters. */
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_ULONG modulusBits;
+ CK_BYTE publicExponent[4];
+ CK_ATTRIBUTE privTemplate[] = {
+ { CKA_SENSITIVE, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_PRIVATE, NULL, 0 },
+ { CKA_DERIVE, NULL, 0 },
+ { CKA_UNWRAP, NULL, 0 },
+ { CKA_SIGN, NULL, 0 },
+ { CKA_DECRYPT, NULL, 0 },
+ { CKA_EXTRACTABLE, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ };
+ CK_ATTRIBUTE rsaPubTemplate[] = {
+ { CKA_MODULUS_BITS, NULL, 0 },
+ { CKA_PUBLIC_EXPONENT, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_DERIVE, NULL, 0 },
+ { CKA_WRAP, NULL, 0 },
+ { CKA_VERIFY, NULL, 0 },
+ { CKA_VERIFY_RECOVER, NULL, 0 },
+ { CKA_ENCRYPT, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ };
+ CK_ATTRIBUTE dsaPubTemplate[] = {
+ { CKA_PRIME, NULL, 0 },
+ { CKA_SUBPRIME, NULL, 0 },
+ { CKA_BASE, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_DERIVE, NULL, 0 },
+ { CKA_WRAP, NULL, 0 },
+ { CKA_VERIFY, NULL, 0 },
+ { CKA_VERIFY_RECOVER, NULL, 0 },
+ { CKA_ENCRYPT, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ };
+ CK_ATTRIBUTE dhPubTemplate[] = {
+ { CKA_PRIME, NULL, 0 },
+ { CKA_BASE, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_DERIVE, NULL, 0 },
+ { CKA_WRAP, NULL, 0 },
+ { CKA_VERIFY, NULL, 0 },
+ { CKA_VERIFY_RECOVER, NULL, 0 },
+ { CKA_ENCRYPT, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ };
+ CK_ATTRIBUTE ecPubTemplate[] = {
+ { CKA_EC_PARAMS, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_DERIVE, NULL, 0 },
+ { CKA_WRAP, NULL, 0 },
+ { CKA_VERIFY, NULL, 0 },
+ { CKA_VERIFY_RECOVER, NULL, 0 },
+ { CKA_ENCRYPT, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ };
+ SECKEYECParams *ecParams;
+
+ /*CK_ULONG key_size = 0;*/
+ CK_ATTRIBUTE *pubTemplate;
+ int privCount = 0;
+ int pubCount = 0;
+ PK11RSAGenParams *rsaParams;
+ SECKEYPQGParams *dsaParams;
+ SECKEYDHParams *dhParams;
+ CK_MECHANISM mechanism;
+ CK_MECHANISM test_mech;
+ CK_MECHANISM test_mech2;
+ CK_SESSION_HANDLE session_handle;
+ CK_RV crv;
+ CK_OBJECT_HANDLE privID, pubID;
+ SECKEYPrivateKey *privKey;
+ KeyType keyType;
+ PRBool restore;
+ int peCount, i;
+ CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *privattrs;
+ CK_ATTRIBUTE setTemplate;
+ CK_MECHANISM_INFO mechanism_info;
+ CK_OBJECT_CLASS keyClass;
+ SECItem *cka_id;
+ PRBool haslock = PR_FALSE;
+ PRBool pubIsToken = PR_FALSE;
+ PRBool token = ((attrFlags & PK11_ATTR_TOKEN) != 0);
+ /* subset of attrFlags applicable to the public key */
+ PK11AttrFlags pubKeyAttrFlags = attrFlags &
+ (PK11_ATTR_TOKEN | PK11_ATTR_SESSION | PK11_ATTR_MODIFIABLE | PK11_ATTR_UNMODIFIABLE);
+
+ if (pk11_BadAttrFlags(attrFlags)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (!param) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /*
+ * The opFlags and opFlagMask parameters allow us to control the
+ * settings of the key usage attributes (CKA_ENCRYPT and friends).
+ * opFlagMask is set to one if the flag is specified in opFlags and
+ * zero if it is to take on a default value calculated by
+ * PK11_GenerateKeyPairWithOpFlags.
+ * opFlags specifies the actual value of the flag 1 or 0.
+ * Bits not corresponding to one bits in opFlagMask should be zero.
+ */
+
+ /* if we are trying to turn on a flag, it better be in the mask */
+ PORT_Assert((opFlags & ~opFlagsMask) == 0);
+ opFlags &= opFlagsMask;
+
+ PORT_Assert(slot != NULL);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+
+ /* if our slot really doesn't do this mechanism, Generate the key
+ * in our internal token and write it out */
+ if (!PK11_DoesMechanism(slot, type)) {
+ PK11SlotInfo *int_slot = PK11_GetInternalSlot();
+
+ /* don't loop forever looking for a slot */
+ if (slot == int_slot) {
+ PK11_FreeSlot(int_slot);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ /* if there isn't a suitable slot, then we can't do the keygen */
+ if (int_slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+
+ /* generate the temporary key to load */
+ privKey = PK11_GenerateKeyPair(int_slot, type, param, pubKey, PR_FALSE,
+ PR_FALSE, wincx);
+ PK11_FreeSlot(int_slot);
+
+ /* if successful, load the temp key into the new token */
+ if (privKey != NULL) {
+ SECKEYPrivateKey *newPrivKey = pk11_loadPrivKeyWithFlags(slot,
+ privKey, *pubKey, attrFlags);
+ SECKEY_DestroyPrivateKey(privKey);
+ if (newPrivKey == NULL) {
+ SECKEY_DestroyPublicKey(*pubKey);
+ *pubKey = NULL;
+ }
+ return newPrivKey;
+ }
+ return NULL;
+ }
+
+ mechanism.mechanism = type;
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+ test_mech.pParameter = NULL;
+ test_mech.ulParameterLen = 0;
+ test_mech2.mechanism = CKM_INVALID_MECHANISM;
+ test_mech2.pParameter = NULL;
+ test_mech2.ulParameterLen = 0;
+
+ /* set up the private key template */
+ privattrs = privTemplate;
+ privattrs += pk11_AttrFlagsToAttributes(attrFlags, privattrs,
+ &cktrue, &ckfalse);
+
+ /* set up the mechanism specific info */
+ switch (type) {
+ case CKM_RSA_PKCS_KEY_PAIR_GEN:
+ case CKM_RSA_X9_31_KEY_PAIR_GEN:
+ rsaParams = (PK11RSAGenParams *)param;
+ if (rsaParams->pe == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ modulusBits = rsaParams->keySizeInBits;
+ peCount = 0;
+
+ /* convert pe to a PKCS #11 string */
+ for (i = 0; i < 4; i++) {
+ if (peCount || (rsaParams->pe &
+ ((unsigned long)0xff000000L >> (i * 8)))) {
+ publicExponent[peCount] =
+ (CK_BYTE)((rsaParams->pe >> (3 - i) * 8) & 0xff);
+ peCount++;
+ }
+ }
+ PORT_Assert(peCount != 0);
+ attrs = rsaPubTemplate;
+ PK11_SETATTRS(attrs, CKA_MODULUS_BITS,
+ &modulusBits, sizeof(modulusBits));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
+ publicExponent, peCount);
+ attrs++;
+ pubTemplate = rsaPubTemplate;
+ keyType = rsaKey;
+ test_mech.mechanism = CKM_RSA_PKCS;
+ break;
+ case CKM_DSA_KEY_PAIR_GEN:
+ dsaParams = (SECKEYPQGParams *)param;
+ attrs = dsaPubTemplate;
+ PK11_SETATTRS(attrs, CKA_PRIME, dsaParams->prime.data,
+ dsaParams->prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SUBPRIME, dsaParams->subPrime.data,
+ dsaParams->subPrime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, dsaParams->base.data,
+ dsaParams->base.len);
+ attrs++;
+ pubTemplate = dsaPubTemplate;
+ keyType = dsaKey;
+ test_mech.mechanism = CKM_DSA;
+ break;
+ case CKM_DH_PKCS_KEY_PAIR_GEN:
+ dhParams = (SECKEYDHParams *)param;
+ attrs = dhPubTemplate;
+ PK11_SETATTRS(attrs, CKA_PRIME, dhParams->prime.data,
+ dhParams->prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, dhParams->base.data,
+ dhParams->base.len);
+ attrs++;
+ pubTemplate = dhPubTemplate;
+ keyType = dhKey;
+ test_mech.mechanism = CKM_DH_PKCS_DERIVE;
+ break;
+ case CKM_EC_KEY_PAIR_GEN:
+ ecParams = (SECKEYECParams *)param;
+ attrs = ecPubTemplate;
+ PK11_SETATTRS(attrs, CKA_EC_PARAMS, ecParams->data,
+ ecParams->len);
+ attrs++;
+ pubTemplate = ecPubTemplate;
+ keyType = ecKey;
+ /*
+ * ECC supports 2 different mechanism types (unlike RSA, which
+ * supports different usages with the same mechanism).
+ * We may need to query both mechanism types and or the results
+ * together -- but we only do that if either the user has
+ * requested both usages, or not specified any usages.
+ */
+ if ((opFlags & (CKF_SIGN | CKF_DERIVE)) == (CKF_SIGN | CKF_DERIVE)) {
+ /* We've explicitly turned on both flags, use both mechanism */
+ test_mech.mechanism = CKM_ECDH1_DERIVE;
+ test_mech2.mechanism = CKM_ECDSA;
+ } else if (opFlags & CKF_SIGN) {
+ /* just do signing */
+ test_mech.mechanism = CKM_ECDSA;
+ } else if (opFlags & CKF_DERIVE) {
+ /* just do ECDH */
+ test_mech.mechanism = CKM_ECDH1_DERIVE;
+ } else {
+ /* neither was specified default to both */
+ test_mech.mechanism = CKM_ECDH1_DERIVE;
+ test_mech2.mechanism = CKM_ECDSA;
+ }
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return NULL;
+ }
+
+ /* now query the slot to find out how "good" a key we can generate */
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
+ test_mech.mechanism, &mechanism_info);
+ /*
+ * EC keys are used in multiple different types of mechanism, if we
+ * are using dual use keys, we need to query the second mechanism
+ * as well.
+ */
+ if (test_mech2.mechanism != CKM_INVALID_MECHANISM) {
+ CK_MECHANISM_INFO mechanism_info2;
+ CK_RV crv2;
+
+ if (crv != CKR_OK) {
+ /* the first failed, make sure there is no trash in the
+ * mechanism flags when we or it below */
+ mechanism_info.flags = 0;
+ }
+ crv2 = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
+ test_mech2.mechanism, &mechanism_info2);
+ if (crv2 == CKR_OK) {
+ crv = CKR_OK; /* succeed if either mechnaism info succeeds */
+ /* combine the 2 sets of mechnanism flags */
+ mechanism_info.flags |= mechanism_info2.flags;
+ }
+ }
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if ((crv != CKR_OK) || (mechanism_info.flags == 0)) {
+ /* must be old module... guess what it should be... */
+ switch (test_mech.mechanism) {
+ case CKM_RSA_PKCS:
+ mechanism_info.flags = (CKF_SIGN | CKF_DECRYPT |
+ CKF_WRAP | CKF_VERIFY_RECOVER | CKF_ENCRYPT | CKF_WRAP);
+ break;
+ case CKM_DSA:
+ mechanism_info.flags = CKF_SIGN | CKF_VERIFY;
+ break;
+ case CKM_DH_PKCS_DERIVE:
+ mechanism_info.flags = CKF_DERIVE;
+ break;
+ case CKM_ECDH1_DERIVE:
+ mechanism_info.flags = CKF_DERIVE;
+ if (test_mech2.mechanism == CKM_ECDSA) {
+ mechanism_info.flags |= CKF_SIGN | CKF_VERIFY;
+ }
+ break;
+ case CKM_ECDSA:
+ mechanism_info.flags = CKF_SIGN | CKF_VERIFY;
+ break;
+ default:
+ break;
+ }
+ }
+ /* now adjust our flags according to the user's key usage passed to us */
+ mechanism_info.flags = (mechanism_info.flags & (~opFlagsMask)) | opFlags;
+ /* set the public key attributes */
+ attrs += pk11_AttrFlagsToAttributes(pubKeyAttrFlags, attrs,
+ &cktrue, &ckfalse);
+ PK11_SETATTRS(attrs, CKA_DERIVE,
+ mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_WRAP,
+ mechanism_info.flags & CKF_WRAP ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VERIFY,
+ mechanism_info.flags & CKF_VERIFY ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VERIFY_RECOVER,
+ mechanism_info.flags & CKF_VERIFY_RECOVER ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_ENCRYPT,
+ mechanism_info.flags & CKF_ENCRYPT ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ /* set the private key attributes */
+ PK11_SETATTRS(privattrs, CKA_DERIVE,
+ mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ privattrs++;
+ PK11_SETATTRS(privattrs, CKA_UNWRAP,
+ mechanism_info.flags & CKF_UNWRAP ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ privattrs++;
+ PK11_SETATTRS(privattrs, CKA_SIGN,
+ mechanism_info.flags & CKF_SIGN ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ privattrs++;
+ PK11_SETATTRS(privattrs, CKA_DECRYPT,
+ mechanism_info.flags & CKF_DECRYPT ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ privattrs++;
+
+ if (token) {
+ session_handle = PK11_GetRWSession(slot);
+ haslock = PK11_RWSessionHasLock(slot, session_handle);
+ restore = PR_TRUE;
+ } else {
+ session_handle = slot->session;
+ if (session_handle != CK_INVALID_SESSION)
+ PK11_EnterSlotMonitor(slot);
+ restore = PR_FALSE;
+ haslock = PR_TRUE;
+ }
+
+ if (session_handle == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return NULL;
+ }
+ privCount = privattrs - privTemplate;
+ pubCount = attrs - pubTemplate;
+ crv = PK11_GETTAB(slot)->C_GenerateKeyPair(session_handle, &mechanism,
+ pubTemplate, pubCount, privTemplate, privCount, &pubID, &privID);
+
+ if (crv != CKR_OK) {
+ if (restore) {
+ PK11_RestoreROSession(slot, session_handle);
+ } else
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+ /* This locking code is dangerous and needs to be more thought
+ * out... the real problem is that we're holding the mutex open this long
+ */
+ if (haslock) {
+ PK11_ExitSlotMonitor(slot);
+ }
+
+ /* swap around the ID's for older PKCS #11 modules */
+ keyClass = PK11_ReadULongAttribute(slot, pubID, CKA_CLASS);
+ if (keyClass != CKO_PUBLIC_KEY) {
+ CK_OBJECT_HANDLE tmp = pubID;
+ pubID = privID;
+ privID = tmp;
+ }
+
+ *pubKey = PK11_ExtractPublicKey(slot, keyType, pubID);
+ if (*pubKey == NULL) {
+ if (restore) {
+ /* we may have to restore the mutex so it get's exited properly
+ * in RestoreROSession */
+ if (haslock)
+ PK11_EnterSlotMonitor(slot);
+ PK11_RestoreROSession(slot, session_handle);
+ }
+ PK11_DestroyObject(slot, pubID);
+ PK11_DestroyObject(slot, privID);
+ return NULL;
+ }
+
+ /* set the ID to the public key so we can find it again */
+ cka_id = pk11_MakeIDFromPublicKey(*pubKey);
+ pubIsToken = (PRBool)PK11_HasAttributeSet(slot, pubID, CKA_TOKEN, PR_FALSE);
+
+ PK11_SETATTRS(&setTemplate, CKA_ID, cka_id->data, cka_id->len);
+
+ if (haslock) {
+ PK11_EnterSlotMonitor(slot);
+ }
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, privID,
+ &setTemplate, 1);
+
+ if (crv == CKR_OK && pubIsToken) {
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, pubID,
+ &setTemplate, 1);
+ }
+
+ if (restore) {
+ PK11_RestoreROSession(slot, session_handle);
+ } else {
+ PK11_ExitSlotMonitor(slot);
+ }
+ SECITEM_FreeItem(cka_id, PR_TRUE);
+
+ if (crv != CKR_OK) {
+ PK11_DestroyObject(slot, pubID);
+ PK11_DestroyObject(slot, privID);
+ PORT_SetError(PK11_MapError(crv));
+ *pubKey = NULL;
+ return NULL;
+ }
+
+ privKey = PK11_MakePrivKey(slot, keyType, !token, privID, wincx);
+ if (privKey == NULL) {
+ SECKEY_DestroyPublicKey(*pubKey);
+ PK11_DestroyObject(slot, privID);
+ *pubKey = NULL;
+ return NULL;
+ }
+
+ return privKey;
+}
+
+SECKEYPrivateKey *
+PK11_GenerateKeyPairWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ void *param, SECKEYPublicKey **pubKey, PK11AttrFlags attrFlags, void *wincx)
+{
+ return PK11_GenerateKeyPairWithOpFlags(slot, type, param, pubKey, attrFlags,
+ 0, 0, wincx);
+}
+
+/*
+ * Use the token to generate a key pair.
+ */
+SECKEYPrivateKey *
+PK11_GenerateKeyPair(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ void *param, SECKEYPublicKey **pubKey, PRBool token,
+ PRBool sensitive, void *wincx)
+{
+ PK11AttrFlags attrFlags = 0;
+
+ if (token) {
+ attrFlags |= PK11_ATTR_TOKEN;
+ } else {
+ attrFlags |= PK11_ATTR_SESSION;
+ }
+ if (sensitive) {
+ attrFlags |= (PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE);
+ } else {
+ attrFlags |= (PK11_ATTR_INSENSITIVE | PK11_ATTR_PUBLIC);
+ }
+ return PK11_GenerateKeyPairWithFlags(slot, type, param, pubKey,
+ attrFlags, wincx);
+}
+
+/* build a public KEA key from the public value */
+SECKEYPublicKey *
+PK11_MakeKEAPubKey(unsigned char *keyData, int length)
+{
+ SECKEYPublicKey *pubk;
+ SECItem pkData;
+ SECStatus rv;
+ PLArenaPool *arena;
+
+ pkData.data = keyData;
+ pkData.len = length;
+ pkData.type = siBuffer;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ return NULL;
+
+ pubk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
+ if (pubk == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ pubk->arena = arena;
+ pubk->pkcs11Slot = 0;
+ pubk->pkcs11ID = CK_INVALID_HANDLE;
+ pubk->keyType = fortezzaKey;
+ rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.KEAKey, &pkData);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ return pubk;
+}
+
+/*
+ * NOTE: This function doesn't return a SECKEYPrivateKey struct to represent
+ * the new private key object. If it were to create a session object that
+ * could later be looked up by its nickname, it would leak a SECKEYPrivateKey.
+ * So isPerm must be true.
+ */
+SECStatus
+PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
+ SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, KeyType keyType,
+ unsigned int keyUsage, void *wincx)
+{
+ if (!isPerm) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return PK11_ImportEncryptedPrivateKeyInfoAndReturnKey(slot, epki,
+ pwitem, nickname, publicValue, isPerm, isPrivate, keyType,
+ keyUsage, NULL, wincx);
+}
+
+SECStatus
+PK11_ImportEncryptedPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
+ SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, KeyType keyType,
+ unsigned int keyUsage, SECKEYPrivateKey **privk,
+ void *wincx)
+{
+ CK_MECHANISM_TYPE pbeMechType;
+ SECItem *crypto_param = NULL;
+ PK11SymKey *key = NULL;
+ SECStatus rv = SECSuccess;
+ CK_MECHANISM_TYPE cryptoMechType;
+ SECKEYPrivateKey *privKey = NULL;
+ PRBool faulty3DES = PR_FALSE;
+ int usageCount = 0;
+ CK_KEY_TYPE key_type;
+ CK_ATTRIBUTE_TYPE *usage = NULL;
+ CK_ATTRIBUTE_TYPE rsaUsage[] = {
+ CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER
+ };
+ CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
+ CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
+ CK_ATTRIBUTE_TYPE ecUsage[] = { CKA_SIGN, CKA_DERIVE };
+ if ((epki == NULL) || (pwitem == NULL))
+ return SECFailure;
+
+ pbeMechType = PK11_AlgtagToMechanism(SECOID_FindOIDTag(
+ &epki->algorithm.algorithm));
+
+ switch (keyType) {
+ default:
+ case rsaKey:
+ key_type = CKK_RSA;
+ switch (keyUsage & (KU_KEY_ENCIPHERMENT | KU_DIGITAL_SIGNATURE)) {
+ case KU_KEY_ENCIPHERMENT:
+ usage = rsaUsage;
+ usageCount = 2;
+ break;
+ case KU_DIGITAL_SIGNATURE:
+ usage = &rsaUsage[2];
+ usageCount = 2;
+ break;
+ case KU_KEY_ENCIPHERMENT | KU_DIGITAL_SIGNATURE:
+ case 0: /* default to everything */
+ usage = rsaUsage;
+ usageCount = 4;
+ break;
+ }
+ break;
+ case dhKey:
+ key_type = CKK_DH;
+ usage = dhUsage;
+ usageCount = sizeof(dhUsage) / sizeof(dhUsage[0]);
+ break;
+ case dsaKey:
+ key_type = CKK_DSA;
+ usage = dsaUsage;
+ usageCount = sizeof(dsaUsage) / sizeof(dsaUsage[0]);
+ break;
+ case ecKey:
+ key_type = CKK_EC;
+ switch (keyUsage & (KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT)) {
+ case KU_DIGITAL_SIGNATURE:
+ usage = ecUsage;
+ usageCount = 1;
+ break;
+ case KU_KEY_AGREEMENT:
+ usage = &ecUsage[1];
+ usageCount = 1;
+ break;
+ case KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT:
+ default: /* default to everything */
+ usage = ecUsage;
+ usageCount = 2;
+ break;
+ }
+ break;
+ }
+
+try_faulty_3des:
+
+ key = PK11_PBEKeyGen(slot, &epki->algorithm, pwitem, faulty3DES, wincx);
+ if (key == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ cryptoMechType = pk11_GetPBECryptoMechanism(&epki->algorithm,
+ &crypto_param, pwitem, faulty3DES);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ cryptoMechType = PK11_GetPadMechanism(cryptoMechType);
+
+ PORT_Assert(usage != NULL);
+ PORT_Assert(usageCount != 0);
+ privKey = PK11_UnwrapPrivKey(slot, key, cryptoMechType,
+ crypto_param, &epki->encryptedData,
+ nickname, publicValue, isPerm, isPrivate,
+ key_type, usage, usageCount, wincx);
+ if (privKey) {
+ if (privk) {
+ *privk = privKey;
+ } else {
+ SECKEY_DestroyPrivateKey(privKey);
+ }
+ privKey = NULL;
+ rv = SECSuccess;
+ goto done;
+ }
+
+ /* if we are unable to import the key and the pbeMechType is
+ * CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, then it is possible that
+ * the encrypted blob was created with a buggy key generation method
+ * which is described in the PKCS 12 implementation notes. So we
+ * need to try importing via that method.
+ */
+ if ((pbeMechType == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC) && (!faulty3DES)) {
+ /* clean up after ourselves before redoing the key generation. */
+
+ PK11_FreeSymKey(key);
+ key = NULL;
+
+ if (crypto_param) {
+ SECITEM_ZfreeItem(crypto_param, PR_TRUE);
+ crypto_param = NULL;
+ }
+
+ faulty3DES = PR_TRUE;
+ goto try_faulty_3des;
+ }
+
+ /* key import really did fail */
+ rv = SECFailure;
+
+done:
+ if (crypto_param != NULL) {
+ SECITEM_ZfreeItem(crypto_param, PR_TRUE);
+ }
+
+ if (key != NULL) {
+ PK11_FreeSymKey(key);
+ }
+
+ return rv;
+}
+
+SECKEYPrivateKeyInfo *
+PK11_ExportPrivateKeyInfo(CERTCertificate *cert, void *wincx)
+{
+ SECKEYPrivateKeyInfo *pki = NULL;
+ SECKEYPrivateKey *pk = PK11_FindKeyByAnyCert(cert, wincx);
+ if (pk != NULL) {
+ pki = PK11_ExportPrivKeyInfo(pk, wincx);
+ SECKEY_DestroyPrivateKey(pk);
+ }
+ return pki;
+}
+
+SECKEYEncryptedPrivateKeyInfo *
+PK11_ExportEncryptedPrivKeyInfo(
+ PK11SlotInfo *slot, /* optional, encrypt key in this slot */
+ SECOidTag algTag, /* encrypt key with this algorithm */
+ SECItem *pwitem, /* password for PBE encryption */
+ SECKEYPrivateKey *pk, /* encrypt this private key */
+ int iteration, /* interations for PBE alg */
+ void *wincx) /* context for password callback ? */
+{
+ SECKEYEncryptedPrivateKeyInfo *epki = NULL;
+ PLArenaPool *arena = NULL;
+ SECAlgorithmID *algid;
+ SECOidTag pbeAlgTag = SEC_OID_UNKNOWN;
+ SECItem *crypto_param = NULL;
+ PK11SymKey *key = NULL;
+ SECKEYPrivateKey *tmpPK = NULL;
+ SECStatus rv = SECSuccess;
+ CK_RV crv;
+ CK_ULONG encBufLen;
+ CK_MECHANISM_TYPE pbeMechType;
+ CK_MECHANISM_TYPE cryptoMechType;
+ CK_MECHANISM cryptoMech;
+
+ if (!pwitem || !pk) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ algid = sec_pkcs5CreateAlgorithmID(algTag, SEC_OID_UNKNOWN, SEC_OID_UNKNOWN,
+ &pbeAlgTag, 0, NULL, iteration);
+ if (algid == NULL) {
+ return NULL;
+ }
+
+ arena = PORT_NewArena(2048);
+ if (arena)
+ epki = PORT_ArenaZNew(arena, SECKEYEncryptedPrivateKeyInfo);
+ if (epki == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ epki->arena = arena;
+
+ /* if we didn't specify a slot, use the slot the private key was in */
+ if (!slot) {
+ slot = pk->pkcs11Slot;
+ }
+
+ /* if we specified a different slot, and the private key slot can do the
+ * pbe key gen, generate the key in the private key slot so we don't have
+ * to move it later */
+ pbeMechType = PK11_AlgtagToMechanism(pbeAlgTag);
+ if (slot != pk->pkcs11Slot) {
+ if (PK11_DoesMechanism(pk->pkcs11Slot, pbeMechType)) {
+ slot = pk->pkcs11Slot;
+ }
+ }
+ key = PK11_PBEKeyGen(slot, algid, pwitem, PR_FALSE, wincx);
+ if (key == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &crypto_param, pwitem);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMechType);
+ cryptoMech.pParameter = crypto_param ? crypto_param->data : NULL;
+ cryptoMech.ulParameterLen = crypto_param ? crypto_param->len : 0;
+
+ /* If the key isn't in the private key slot, move it */
+ if (key->slot != pk->pkcs11Slot) {
+ PK11SymKey *newkey = pk11_CopyToSlot(pk->pkcs11Slot,
+ key->type, CKA_WRAP, key);
+ if (newkey == NULL) {
+ /* couldn't import the wrapping key, try exporting the
+ * private key */
+ tmpPK = pk11_loadPrivKey(key->slot, pk, NULL, PR_FALSE, PR_TRUE);
+ if (tmpPK == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ pk = tmpPK;
+ } else {
+ /* free the old key and use the new key */
+ PK11_FreeSymKey(key);
+ key = newkey;
+ }
+ }
+
+ /* we are extracting an encrypted privateKey structure.
+ * which needs to be freed along with the buffer into which it is
+ * returned. eventually, we should retrieve an encrypted key using
+ * pkcs8/pkcs5.
+ */
+ encBufLen = 0;
+ PK11_EnterSlotMonitor(pk->pkcs11Slot);
+ crv = PK11_GETTAB(pk->pkcs11Slot)->C_WrapKey(pk->pkcs11Slot->session, &cryptoMech, key->objectID, pk->pkcs11ID, NULL, &encBufLen);
+ PK11_ExitSlotMonitor(pk->pkcs11Slot);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+ epki->encryptedData.data = PORT_ArenaAlloc(arena, encBufLen);
+ if (!epki->encryptedData.data) {
+ rv = SECFailure;
+ goto loser;
+ }
+ PK11_EnterSlotMonitor(pk->pkcs11Slot);
+ crv = PK11_GETTAB(pk->pkcs11Slot)->C_WrapKey(pk->pkcs11Slot->session, &cryptoMech, key->objectID, pk->pkcs11ID, epki->encryptedData.data, &encBufLen);
+ PK11_ExitSlotMonitor(pk->pkcs11Slot);
+ epki->encryptedData.len = (unsigned int)encBufLen;
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ if (!epki->encryptedData.len) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SECOID_CopyAlgorithmID(arena, &epki->algorithm, algid);
+
+loser:
+ if (crypto_param != NULL) {
+ SECITEM_ZfreeItem(crypto_param, PR_TRUE);
+ crypto_param = NULL;
+ }
+
+ if (key != NULL) {
+ PK11_FreeSymKey(key);
+ }
+ if (tmpPK != NULL) {
+ SECKEY_DestroyPrivateKey(tmpPK);
+ }
+ SECOID_DestroyAlgorithmID(algid, PR_TRUE);
+
+ if (rv == SECFailure) {
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ epki = NULL;
+ }
+
+ return epki;
+}
+
+SECKEYEncryptedPrivateKeyInfo *
+PK11_ExportEncryptedPrivateKeyInfo(
+ PK11SlotInfo *slot, /* optional, encrypt key in this slot */
+ SECOidTag algTag, /* encrypt key with this algorithm */
+ SECItem *pwitem, /* password for PBE encryption */
+ CERTCertificate *cert, /* wrap priv key for this user cert */
+ int iteration, /* interations for PBE alg */
+ void *wincx) /* context for password callback ? */
+{
+ SECKEYEncryptedPrivateKeyInfo *epki = NULL;
+ SECKEYPrivateKey *pk = PK11_FindKeyByAnyCert(cert, wincx);
+ if (pk != NULL) {
+ epki = PK11_ExportEncryptedPrivKeyInfo(slot, algTag, pwitem, pk,
+ iteration, wincx);
+ SECKEY_DestroyPrivateKey(pk);
+ }
+ return epki;
+}
+
+SECItem *
+PK11_DEREncodePublicKey(const SECKEYPublicKey *pubk)
+{
+ return SECKEY_EncodeDERSubjectPublicKeyInfo(pubk);
+}
+
+char *
+PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey)
+{
+ return PK11_GetObjectNickname(privKey->pkcs11Slot, privKey->pkcs11ID);
+}
+
+char *
+PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey)
+{
+ return PK11_GetObjectNickname(pubKey->pkcs11Slot, pubKey->pkcs11ID);
+}
+
+SECStatus
+PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, const char *nickname)
+{
+ return PK11_SetObjectNickname(privKey->pkcs11Slot,
+ privKey->pkcs11ID, nickname);
+}
+
+SECStatus
+PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey, const char *nickname)
+{
+ return PK11_SetObjectNickname(pubKey->pkcs11Slot,
+ pubKey->pkcs11ID, nickname);
+}
+
+SECKEYPQGParams *
+PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey)
+{
+ CK_ATTRIBUTE pTemplate[] = {
+ { CKA_PRIME, NULL, 0 },
+ { CKA_SUBPRIME, NULL, 0 },
+ { CKA_BASE, NULL, 0 },
+ };
+ int pTemplateLen = sizeof(pTemplate) / sizeof(pTemplate[0]);
+ PLArenaPool *arena = NULL;
+ SECKEYPQGParams *params;
+ CK_RV crv;
+
+ arena = PORT_NewArena(2048);
+ if (arena == NULL) {
+ goto loser;
+ }
+ params = (SECKEYPQGParams *)PORT_ArenaZAlloc(arena, sizeof(SECKEYPQGParams));
+ if (params == NULL) {
+ goto loser;
+ }
+
+ crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID,
+ pTemplate, pTemplateLen);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ params->arena = arena;
+ params->prime.data = pTemplate[0].pValue;
+ params->prime.len = pTemplate[0].ulValueLen;
+ params->subPrime.data = pTemplate[1].pValue;
+ params->subPrime.len = pTemplate[1].ulValueLen;
+ params->base.data = pTemplate[2].pValue;
+ params->base.len = pTemplate[2].ulValueLen;
+
+ return params;
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+SECKEYPrivateKey *
+PK11_CopyTokenPrivKeyToSessionPrivKey(PK11SlotInfo *destSlot,
+ SECKEYPrivateKey *privKey)
+{
+ CK_RV crv;
+ CK_OBJECT_HANDLE newKeyID;
+
+ static const CK_BBOOL ckfalse = CK_FALSE;
+ static const CK_ATTRIBUTE template[1] = {
+ { CKA_TOKEN, (CK_BBOOL *)&ckfalse, sizeof ckfalse }
+ };
+
+ if (destSlot && destSlot != privKey->pkcs11Slot) {
+ SECKEYPrivateKey *newKey =
+ pk11_loadPrivKey(destSlot,
+ privKey,
+ NULL, /* pubKey */
+ PR_FALSE, /* token */
+ PR_FALSE); /* sensitive */
+ if (newKey)
+ return newKey;
+ }
+ destSlot = privKey->pkcs11Slot;
+ PK11_Authenticate(destSlot, PR_TRUE, privKey->wincx);
+ PK11_EnterSlotMonitor(destSlot);
+ crv = PK11_GETTAB(destSlot)->C_CopyObject(destSlot->session,
+ privKey->pkcs11ID,
+ (CK_ATTRIBUTE *)template,
+ 1, &newKeyID);
+ PK11_ExitSlotMonitor(destSlot);
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ return PK11_MakePrivKey(destSlot, privKey->keyType, PR_TRUE /*isTemp*/,
+ newKeyID, privKey->wincx);
+}
+
+SECKEYPrivateKey *
+PK11_ConvertSessionPrivKeyToTokenPrivKey(SECKEYPrivateKey *privk, void *wincx)
+{
+ PK11SlotInfo *slot = privk->pkcs11Slot;
+ CK_ATTRIBUTE template[1];
+ CK_ATTRIBUTE *attrs = template;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_RV crv;
+ CK_OBJECT_HANDLE newKeyID;
+ CK_SESSION_HANDLE rwsession;
+
+ PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue));
+ attrs++;
+
+ PK11_Authenticate(slot, PR_TRUE, wincx);
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return NULL;
+ }
+ crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, privk->pkcs11ID,
+ template, 1, &newKeyID);
+ PK11_RestoreROSession(slot, rwsession);
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ return PK11_MakePrivKey(slot, nullKey /*KeyType*/, PR_FALSE /*isTemp*/,
+ newKeyID, NULL /*wincx*/);
+}
+
+/*
+ * destroy a private key if there are no matching certs.
+ * this function also frees the privKey structure.
+ */
+SECStatus
+PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey, PRBool force)
+{
+ CERTCertificate *cert = PK11_GetCertFromPrivateKey(privKey);
+ SECStatus rv = SECWouldBlock;
+
+ if (!cert || force) {
+ /* now, then it's safe for the key to go away */
+ rv = PK11_DestroyTokenObject(privKey->pkcs11Slot, privKey->pkcs11ID);
+ }
+ if (cert) {
+ CERT_DestroyCertificate(cert);
+ }
+ SECKEY_DestroyPrivateKey(privKey);
+ return rv;
+}
+
+/*
+ * destroy a private key if there are no matching certs.
+ * this function also frees the privKey structure.
+ */
+SECStatus
+PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey)
+{
+ /* now, then it's safe for the key to go away */
+ if (pubKey->pkcs11Slot == NULL) {
+ return SECFailure;
+ }
+ PK11_DestroyTokenObject(pubKey->pkcs11Slot, pubKey->pkcs11ID);
+ SECKEY_DestroyPublicKey(pubKey);
+ return SECSuccess;
+}
+
+/*
+ * key call back structure.
+ */
+typedef struct pk11KeyCallbackStr {
+ SECStatus (*callback)(SECKEYPrivateKey *, void *);
+ void *callbackArg;
+ void *wincx;
+} pk11KeyCallback;
+
+/*
+ * callback to map Object Handles to Private Keys;
+ */
+SECStatus
+pk11_DoKeys(PK11SlotInfo *slot, CK_OBJECT_HANDLE keyHandle, void *arg)
+{
+ SECStatus rv = SECSuccess;
+ SECKEYPrivateKey *privKey;
+ pk11KeyCallback *keycb = (pk11KeyCallback *)arg;
+ if (!arg) {
+ return SECFailure;
+ }
+
+ privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, keycb->wincx);
+
+ if (privKey == NULL) {
+ return SECFailure;
+ }
+
+ if (keycb->callback) {
+ rv = (*keycb->callback)(privKey, keycb->callbackArg);
+ }
+
+ SECKEY_DestroyPrivateKey(privKey);
+ return rv;
+}
+
+/***********************************************************************
+ * PK11_TraversePrivateKeysInSlot
+ *
+ * Traverses all the private keys on a slot.
+ *
+ * INPUTS
+ * slot
+ * The PKCS #11 slot whose private keys you want to traverse.
+ * callback
+ * A callback function that will be called for each key.
+ * arg
+ * An argument that will be passed to the callback function.
+ */
+SECStatus
+PK11_TraversePrivateKeysInSlot(PK11SlotInfo *slot,
+ SECStatus (*callback)(SECKEYPrivateKey *, void *), void *arg)
+{
+ pk11KeyCallback perKeyCB;
+ pk11TraverseSlot perObjectCB;
+ CK_OBJECT_CLASS privkClass = CKO_PRIVATE_KEY;
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_ATTRIBUTE theTemplate[2];
+ int templateSize = 2;
+
+ theTemplate[0].type = CKA_CLASS;
+ theTemplate[0].pValue = &privkClass;
+ theTemplate[0].ulValueLen = sizeof(privkClass);
+ theTemplate[1].type = CKA_TOKEN;
+ theTemplate[1].pValue = &ckTrue;
+ theTemplate[1].ulValueLen = sizeof(ckTrue);
+
+ if (slot == NULL) {
+ return SECSuccess;
+ }
+
+ perObjectCB.callback = pk11_DoKeys;
+ perObjectCB.callbackArg = &perKeyCB;
+ perObjectCB.findTemplate = theTemplate;
+ perObjectCB.templateCount = templateSize;
+ perKeyCB.callback = callback;
+ perKeyCB.callbackArg = arg;
+ perKeyCB.wincx = NULL;
+
+ return PK11_TraverseSlot(slot, &perObjectCB);
+}
+
+/*
+ * return the private key with the given ID
+ */
+CK_OBJECT_HANDLE
+pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot, SECItem *keyID)
+{
+ CK_OBJECT_CLASS privKey = CKO_PRIVATE_KEY;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_CLASS, NULL, 0 },
+ };
+ /* if you change the array, change the variable below as well */
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_ATTRIBUTE *attrs = theTemplate;
+
+ PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_CLASS, &privKey, sizeof(privKey));
+
+ return pk11_FindObjectByTemplate(slot, theTemplate, tsize);
+}
+
+SECKEYPrivateKey *
+PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID, void *wincx)
+{
+ CK_OBJECT_HANDLE keyHandle;
+ SECKEYPrivateKey *privKey;
+
+ keyHandle = pk11_FindPrivateKeyFromCertID(slot, keyID);
+ if (keyHandle == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+ privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
+ return privKey;
+}
+
+/*
+ * Generate a CKA_ID from the relevant public key data. The CKA_ID is generated
+ * from the pubKeyData by SHA1_Hashing it to produce a smaller CKA_ID (to make
+ * smart cards happy.
+ */
+SECItem *
+PK11_MakeIDFromPubKey(SECItem *pubKeyData)
+{
+ PK11Context *context;
+ SECItem *certCKA_ID;
+ SECStatus rv;
+
+ if (pubKeyData->len <= SHA1_LENGTH) {
+ /* probably an already hashed value. The strongest known public
+ * key values <= 160 bits would be less than 40 bit symetric in
+ * strength. Don't hash them, just return the value. There are
+ * none at the time of this writing supported by previous versions
+ * of NSS, so change is binary compatible safe */
+ return SECITEM_DupItem(pubKeyData);
+ }
+
+ context = PK11_CreateDigestContext(SEC_OID_SHA1);
+ if (context == NULL) {
+ return NULL;
+ }
+
+ rv = PK11_DigestBegin(context);
+ if (rv == SECSuccess) {
+ rv = PK11_DigestOp(context, pubKeyData->data, pubKeyData->len);
+ }
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(context, PR_TRUE);
+ return NULL;
+ }
+
+ certCKA_ID = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (certCKA_ID == NULL) {
+ PK11_DestroyContext(context, PR_TRUE);
+ return NULL;
+ }
+
+ certCKA_ID->len = SHA1_LENGTH;
+ certCKA_ID->data = (unsigned char *)PORT_Alloc(certCKA_ID->len);
+ if (certCKA_ID->data == NULL) {
+ PORT_Free(certCKA_ID);
+ PK11_DestroyContext(context, PR_TRUE);
+ return NULL;
+ }
+
+ rv = PK11_DigestFinal(context, certCKA_ID->data, &certCKA_ID->len,
+ SHA1_LENGTH);
+ PK11_DestroyContext(context, PR_TRUE);
+ if (rv != SECSuccess) {
+ SECITEM_FreeItem(certCKA_ID, PR_TRUE);
+ return NULL;
+ }
+
+ return certCKA_ID;
+}
+
+/* Looking for PK11_GetKeyIDFromPrivateKey?
+ * Call PK11_GetLowLevelKeyIDForPrivateKey instead.
+ */
+
+SECItem *
+PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *privKey)
+{
+ return pk11_GetLowLevelKeyFromHandle(privKey->pkcs11Slot, privKey->pkcs11ID);
+}
+
+static SECStatus
+privateKeyListCallback(SECKEYPrivateKey *key, void *arg)
+{
+ SECKEYPrivateKeyList *list = (SECKEYPrivateKeyList *)arg;
+ return SECKEY_AddPrivateKeyToListTail(list, SECKEY_CopyPrivateKey(key));
+}
+
+SECKEYPrivateKeyList *
+PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot)
+{
+ SECStatus status;
+ SECKEYPrivateKeyList *keys;
+
+ keys = SECKEY_NewPrivateKeyList();
+ if (keys == NULL)
+ return NULL;
+
+ status = PK11_TraversePrivateKeysInSlot(slot, privateKeyListCallback,
+ (void *)keys);
+
+ if (status != SECSuccess) {
+ SECKEY_DestroyPrivateKeyList(keys);
+ keys = NULL;
+ }
+
+ return keys;
+}
+
+SECKEYPublicKeyList *
+PK11_ListPublicKeysInSlot(PK11SlotInfo *slot, char *nickname)
+{
+ CK_ATTRIBUTE findTemp[4];
+ CK_ATTRIBUTE *attrs;
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_OBJECT_CLASS keyclass = CKO_PUBLIC_KEY;
+ unsigned int tsize = 0;
+ int objCount = 0;
+ CK_OBJECT_HANDLE *key_ids;
+ SECKEYPublicKeyList *keys;
+ int i, len;
+
+ attrs = findTemp;
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue));
+ attrs++;
+ if (nickname) {
+ len = PORT_Strlen(nickname);
+ PK11_SETATTRS(attrs, CKA_LABEL, nickname, len);
+ attrs++;
+ }
+ tsize = attrs - findTemp;
+ PORT_Assert(tsize <= sizeof(findTemp) / sizeof(CK_ATTRIBUTE));
+
+ key_ids = pk11_FindObjectsByTemplate(slot, findTemp, tsize, &objCount);
+ if (key_ids == NULL) {
+ return NULL;
+ }
+ keys = SECKEY_NewPublicKeyList();
+ if (keys == NULL) {
+ PORT_Free(key_ids);
+ return NULL;
+ }
+
+ for (i = 0; i < objCount; i++) {
+ SECKEYPublicKey *pubKey =
+ PK11_ExtractPublicKey(slot, nullKey, key_ids[i]);
+ if (pubKey) {
+ SECKEY_AddPublicKeyToListTail(keys, pubKey);
+ }
+ }
+
+ PORT_Free(key_ids);
+ return keys;
+}
+
+SECKEYPrivateKeyList *
+PK11_ListPrivKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
+{
+ CK_ATTRIBUTE findTemp[4];
+ CK_ATTRIBUTE *attrs;
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_OBJECT_CLASS keyclass = CKO_PRIVATE_KEY;
+ unsigned int tsize = 0;
+ int objCount = 0;
+ CK_OBJECT_HANDLE *key_ids;
+ SECKEYPrivateKeyList *keys;
+ int i, len;
+
+ attrs = findTemp;
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue));
+ attrs++;
+ if (nickname) {
+ len = PORT_Strlen(nickname);
+ PK11_SETATTRS(attrs, CKA_LABEL, nickname, len);
+ attrs++;
+ }
+ tsize = attrs - findTemp;
+ PORT_Assert(tsize <= sizeof(findTemp) / sizeof(CK_ATTRIBUTE));
+
+ key_ids = pk11_FindObjectsByTemplate(slot, findTemp, tsize, &objCount);
+ if (key_ids == NULL) {
+ return NULL;
+ }
+ keys = SECKEY_NewPrivateKeyList();
+ if (keys == NULL) {
+ PORT_Free(key_ids);
+ return NULL;
+ }
+
+ for (i = 0; i < objCount; i++) {
+ SECKEYPrivateKey *privKey =
+ PK11_MakePrivKey(slot, nullKey, PR_TRUE, key_ids[i], wincx);
+ SECKEY_AddPrivateKeyToListTail(keys, privKey);
+ }
+
+ PORT_Free(key_ids);
+ return keys;
+}
diff --git a/security/nss/lib/pk11wrap/pk11auth.c b/security/nss/lib/pk11wrap/pk11auth.c
new file mode 100644
index 000000000..4ccfad6f1
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11auth.c
@@ -0,0 +1,807 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file deals with PKCS #11 passwords and authentication.
+ */
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11t.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "secerr.h"
+
+#include "pkim.h"
+
+/*************************************************************
+ * local static and global data
+ *************************************************************/
+/*
+ * This structure keeps track of status that spans all the Slots.
+ * NOTE: This is a global data structure. It semantics expect thread crosstalk
+ * be very careful when you see it used.
+ * It's major purpose in life is to allow the user to log in one PER
+ * Tranaction, even if a transaction spans threads. The problem is the user
+ * may have to enter a password one just to be able to look at the
+ * personalities/certificates (s)he can use. Then if Auth every is one, they
+ * may have to enter the password again to use the card. See PK11_StartTransac
+ * and PK11_EndTransaction.
+ */
+static struct PK11GlobalStruct {
+ int transaction;
+ PRBool inTransaction;
+ char *(PR_CALLBACK *getPass)(PK11SlotInfo *, PRBool, void *);
+ PRBool(PR_CALLBACK *verifyPass)(PK11SlotInfo *, void *);
+ PRBool(PR_CALLBACK *isLoggedIn)(PK11SlotInfo *, void *);
+} PK11_Global = { 1, PR_FALSE, NULL, NULL, NULL };
+
+/***********************************************************
+ * Password Utilities
+ ***********************************************************/
+/*
+ * Check the user's password. Log into the card if it's correct.
+ * succeed if the user is already logged in.
+ */
+static SECStatus
+pk11_CheckPassword(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
+ char *pw, PRBool alreadyLocked, PRBool contextSpecific)
+{
+ int len = 0;
+ CK_RV crv;
+ SECStatus rv;
+ PRTime currtime = PR_Now();
+ PRBool mustRetry;
+ int retry = 0;
+
+ if (slot->protectedAuthPath) {
+ len = 0;
+ pw = NULL;
+ } else if (pw == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ } else {
+ len = PORT_Strlen(pw);
+ }
+
+ do {
+ if (!alreadyLocked)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_Login(session,
+ contextSpecific ? CKU_CONTEXT_SPECIFIC : CKU_USER,
+ (unsigned char *)pw, len);
+ slot->lastLoginCheck = 0;
+ mustRetry = PR_FALSE;
+ if (!alreadyLocked)
+ PK11_ExitSlotMonitor(slot);
+ switch (crv) {
+ /* if we're already logged in, we're good to go */
+ case CKR_OK:
+ /* TODO If it was for CKU_CONTEXT_SPECIFIC should we do this */
+ slot->authTransact = PK11_Global.transaction;
+ /* Fall through */
+ case CKR_USER_ALREADY_LOGGED_IN:
+ slot->authTime = currtime;
+ rv = SECSuccess;
+ break;
+ case CKR_PIN_INCORRECT:
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
+ break;
+ /* someone called reset while we fetched the password, try again once
+ * if the token is still there. */
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_CLOSED:
+ if (session != slot->session) {
+ /* don't bother retrying, we were in a middle of an operation,
+ * which is now lost. Just fail. */
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ break;
+ }
+ if (retry++ == 0) {
+ rv = PK11_InitToken(slot, PR_FALSE);
+ if (rv == SECSuccess) {
+ if (slot->session != CK_INVALID_SESSION) {
+ session = slot->session; /* we should have
+ * a new session now */
+ mustRetry = PR_TRUE;
+ } else {
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ }
+ }
+ break;
+ }
+ /* Fall through */
+ default:
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure; /* some failure we can't fix by retrying */
+ }
+ } while (mustRetry);
+ return rv;
+}
+
+/*
+ * Check the user's password. Logout before hand to make sure that
+ * we are really checking the password.
+ */
+SECStatus
+PK11_CheckUserPassword(PK11SlotInfo *slot, const char *pw)
+{
+ int len = 0;
+ CK_RV crv;
+ SECStatus rv;
+ PRTime currtime = PR_Now();
+
+ if (slot->protectedAuthPath) {
+ len = 0;
+ pw = NULL;
+ } else if (pw == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ } else {
+ len = PORT_Strlen(pw);
+ }
+
+ /*
+ * If the token doesn't need a login, don't try to relogin because the
+ * effect is undefined. It's not clear what it means to check a non-empty
+ * password with such a token, so treat that as an error.
+ */
+ if (!slot->needLogin) {
+ if (len == 0) {
+ rv = SECSuccess;
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ rv = SECFailure;
+ }
+ return rv;
+ }
+
+ /* force a logout */
+ PK11_EnterSlotMonitor(slot);
+ PK11_GETTAB(slot)->C_Logout(slot->session);
+
+ crv = PK11_GETTAB(slot)->C_Login(slot->session, CKU_USER,
+ (unsigned char *)pw, len);
+ slot->lastLoginCheck = 0;
+ PK11_ExitSlotMonitor(slot);
+ switch (crv) {
+ /* if we're already logged in, we're good to go */
+ case CKR_OK:
+ slot->authTransact = PK11_Global.transaction;
+ slot->authTime = currtime;
+ rv = SECSuccess;
+ break;
+ case CKR_PIN_INCORRECT:
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
+ break;
+ default:
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure; /* some failure we can't fix by retrying */
+ }
+ return rv;
+}
+
+SECStatus
+PK11_Logout(PK11SlotInfo *slot)
+{
+ CK_RV crv;
+
+ /* force a logout */
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_Logout(slot->session);
+ slot->lastLoginCheck = 0;
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * transaction stuff is for when we test for the need to do every
+ * time auth to see if we already did it for this slot/transaction
+ */
+void
+PK11_StartAuthTransaction(void)
+{
+ PK11_Global.transaction++;
+ PK11_Global.inTransaction = PR_TRUE;
+}
+
+void
+PK11_EndAuthTransaction(void)
+{
+ PK11_Global.transaction++;
+ PK11_Global.inTransaction = PR_FALSE;
+}
+
+/*
+ * before we do a private key op, we check to see if we
+ * need to reauthenticate.
+ */
+void
+PK11_HandlePasswordCheck(PK11SlotInfo *slot, void *wincx)
+{
+ int askpw = slot->askpw;
+ PRBool NeedAuth = PR_FALSE;
+
+ if (!slot->needLogin)
+ return;
+
+ if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
+ PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
+
+ if (def_slot) {
+ askpw = def_slot->askpw;
+ PK11_FreeSlot(def_slot);
+ }
+ }
+
+ /* timeouts are handled by isLoggedIn */
+ if (!PK11_IsLoggedIn(slot, wincx)) {
+ NeedAuth = PR_TRUE;
+ } else if (askpw == -1) {
+ if (!PK11_Global.inTransaction ||
+ (PK11_Global.transaction != slot->authTransact)) {
+ PK11_EnterSlotMonitor(slot);
+ PK11_GETTAB(slot)->C_Logout(slot->session);
+ slot->lastLoginCheck = 0;
+ PK11_ExitSlotMonitor(slot);
+ NeedAuth = PR_TRUE;
+ }
+ }
+ if (NeedAuth)
+ PK11_DoPassword(slot, slot->session, PR_TRUE,
+ wincx, PR_FALSE, PR_FALSE);
+}
+
+void
+PK11_SlotDBUpdate(PK11SlotInfo *slot)
+{
+ SECMOD_UpdateModule(slot->module);
+}
+
+/*
+ * set new askpw and timeout values
+ */
+void
+PK11_SetSlotPWValues(PK11SlotInfo *slot, int askpw, int timeout)
+{
+ slot->askpw = askpw;
+ slot->timeout = timeout;
+ slot->defaultFlags |= PK11_OWN_PW_DEFAULTS;
+ PK11_SlotDBUpdate(slot);
+}
+
+/*
+ * Get the askpw and timeout values for this slot
+ */
+void
+PK11_GetSlotPWValues(PK11SlotInfo *slot, int *askpw, int *timeout)
+{
+ *askpw = slot->askpw;
+ *timeout = slot->timeout;
+
+ if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
+ PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
+
+ if (def_slot) {
+ *askpw = def_slot->askpw;
+ *timeout = def_slot->timeout;
+ PK11_FreeSlot(def_slot);
+ }
+ }
+}
+
+/*
+ * Returns true if the token is needLogin and isn't logged in.
+ * This function is used to determine if authentication is needed
+ * before attempting a potentially privelleged operation.
+ */
+PRBool
+pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx)
+{
+ return slot->needLogin && !PK11_IsLoggedIn(slot, wincx);
+}
+
+/*
+ * make sure a slot is authenticated...
+ * This function only does the authentication if it is needed.
+ */
+SECStatus
+PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
+{
+ if (!slot) {
+ return SECFailure;
+ }
+ if (pk11_LoginStillRequired(slot, wincx)) {
+ return PK11_DoPassword(slot, slot->session, loadCerts, wincx,
+ PR_FALSE, PR_FALSE);
+ }
+ return SECSuccess;
+}
+
+/*
+ * Authenticate to "unfriendly" tokens (tokens which need to be logged
+ * in to find the certs.
+ */
+SECStatus
+pk11_AuthenticateUnfriendly(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
+{
+ SECStatus rv = SECSuccess;
+ if (!PK11_IsFriendly(slot)) {
+ rv = PK11_Authenticate(slot, loadCerts, wincx);
+ }
+ return rv;
+}
+
+/*
+ * NOTE: this assumes that we are logged out of the card before hand
+ */
+SECStatus
+PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw)
+{
+ CK_SESSION_HANDLE rwsession;
+ CK_RV crv;
+ SECStatus rv = SECFailure;
+ int len = 0;
+
+ /* get a rwsession */
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return rv;
+ }
+
+ if (slot->protectedAuthPath) {
+ len = 0;
+ ssopw = NULL;
+ } else if (ssopw == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ } else {
+ len = PORT_Strlen(ssopw);
+ }
+
+ /* check the password */
+ crv = PK11_GETTAB(slot)->C_Login(rwsession, CKU_SO,
+ (unsigned char *)ssopw, len);
+ slot->lastLoginCheck = 0;
+ switch (crv) {
+ /* if we're already logged in, we're good to go */
+ case CKR_OK:
+ rv = SECSuccess;
+ break;
+ case CKR_PIN_INCORRECT:
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
+ break;
+ default:
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure; /* some failure we can't fix by retrying */
+ }
+ PK11_GETTAB(slot)->C_Logout(rwsession);
+ slot->lastLoginCheck = 0;
+
+ /* release rwsession */
+ PK11_RestoreROSession(slot, rwsession);
+ return rv;
+}
+
+/*
+ * make sure the password conforms to your token's requirements.
+ */
+SECStatus
+PK11_VerifyPW(PK11SlotInfo *slot, char *pw)
+{
+ int len = PORT_Strlen(pw);
+
+ if ((slot->minPassword > len) || (slot->maxPassword < len)) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * initialize a user PIN Value
+ */
+SECStatus
+PK11_InitPin(PK11SlotInfo *slot, const char *ssopw, const char *userpw)
+{
+ CK_SESSION_HANDLE rwsession = CK_INVALID_SESSION;
+ CK_RV crv;
+ SECStatus rv = SECFailure;
+ int len;
+ int ssolen;
+
+ if (userpw == NULL)
+ userpw = "";
+ if (ssopw == NULL)
+ ssopw = "";
+
+ len = PORT_Strlen(userpw);
+ ssolen = PORT_Strlen(ssopw);
+
+ /* get a rwsession */
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ slot->lastLoginCheck = 0;
+ return rv;
+ }
+
+ if (slot->protectedAuthPath) {
+ len = 0;
+ ssolen = 0;
+ ssopw = NULL;
+ userpw = NULL;
+ }
+
+ /* check the password */
+ crv = PK11_GETTAB(slot)->C_Login(rwsession, CKU_SO,
+ (unsigned char *)ssopw, ssolen);
+ slot->lastLoginCheck = 0;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto done;
+ }
+
+ crv = PK11_GETTAB(slot)->C_InitPIN(rwsession, (unsigned char *)userpw, len);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ } else {
+ rv = SECSuccess;
+ }
+
+done:
+ PK11_GETTAB(slot)->C_Logout(rwsession);
+ slot->lastLoginCheck = 0;
+ PK11_RestoreROSession(slot, rwsession);
+ if (rv == SECSuccess) {
+ /* update our view of the world */
+ PK11_InitToken(slot, PR_TRUE);
+ if (slot->needLogin) {
+ PK11_EnterSlotMonitor(slot);
+ PK11_GETTAB(slot)->C_Login(slot->session, CKU_USER,
+ (unsigned char *)userpw, len);
+ slot->lastLoginCheck = 0;
+ PK11_ExitSlotMonitor(slot);
+ }
+ }
+ return rv;
+}
+
+/*
+ * Change an existing user password
+ */
+SECStatus
+PK11_ChangePW(PK11SlotInfo *slot, const char *oldpw, const char *newpw)
+{
+ CK_RV crv;
+ SECStatus rv = SECFailure;
+ int newLen = 0;
+ int oldLen = 0;
+ CK_SESSION_HANDLE rwsession;
+
+ /* use NULL values to trigger the protected authentication path */
+ if (!slot->protectedAuthPath) {
+ if (newpw == NULL)
+ newpw = "";
+ if (oldpw == NULL)
+ oldpw = "";
+ }
+ if (newpw)
+ newLen = PORT_Strlen(newpw);
+ if (oldpw)
+ oldLen = PORT_Strlen(oldpw);
+
+ /* get a rwsession */
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return rv;
+ }
+
+ crv = PK11_GETTAB(slot)->C_SetPIN(rwsession,
+ (unsigned char *)oldpw, oldLen, (unsigned char *)newpw, newLen);
+ if (crv == CKR_OK) {
+ rv = SECSuccess;
+ } else {
+ PORT_SetError(PK11_MapError(crv));
+ }
+
+ PK11_RestoreROSession(slot, rwsession);
+
+ /* update our view of the world */
+ PK11_InitToken(slot, PR_TRUE);
+ return rv;
+}
+
+static char *
+pk11_GetPassword(PK11SlotInfo *slot, PRBool retry, void *wincx)
+{
+ if (PK11_Global.getPass == NULL)
+ return NULL;
+ return (*PK11_Global.getPass)(slot, retry, wincx);
+}
+
+void
+PK11_SetPasswordFunc(PK11PasswordFunc func)
+{
+ PK11_Global.getPass = func;
+}
+
+void
+PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func)
+{
+ PK11_Global.verifyPass = func;
+}
+
+void
+PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func)
+{
+ PK11_Global.isLoggedIn = func;
+}
+
+/*
+ * authenticate to a slot. This loops until we can't recover, the user
+ * gives up, or we succeed. If we're already logged in and this function
+ * is called we will still prompt for a password, but we will probably
+ * succeed no matter what the password was (depending on the implementation
+ * of the PKCS 11 module.
+ */
+SECStatus
+PK11_DoPassword(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
+ PRBool loadCerts, void *wincx, PRBool alreadyLocked,
+ PRBool contextSpecific)
+{
+ SECStatus rv = SECFailure;
+ char *password;
+ PRBool attempt = PR_FALSE;
+
+ if (PK11_NeedUserInit(slot)) {
+ PORT_SetError(SEC_ERROR_IO);
+ return SECFailure;
+ }
+
+ /*
+ * Central server type applications which control access to multiple
+ * slave applications to single crypto devices need to virtuallize the
+ * login state. This is done by a callback out of PK11_IsLoggedIn and
+ * here. If we are actually logged in, then we got here because the
+ * higher level code told us that the particular client application may
+ * still need to be logged in. If that is the case, we simply tell the
+ * server code that it should now verify the clients password and tell us
+ * the results.
+ */
+ if (PK11_IsLoggedIn(slot, NULL) &&
+ (PK11_Global.verifyPass != NULL)) {
+ if (!PK11_Global.verifyPass(slot, wincx)) {
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ return SECFailure;
+ }
+ return SECSuccess;
+ }
+
+ /* get the password. This can drop out of the while loop
+ * for the following reasons:
+ * (1) the user refused to enter a password.
+ * (return error to caller)
+ * (2) the token user password is disabled [usually due to
+ * too many failed authentication attempts].
+ * (return error to caller)
+ * (3) the password was successful.
+ */
+ while ((password = pk11_GetPassword(slot, attempt, wincx)) != NULL) {
+ /* if the token has a protectedAuthPath, the application may have
+ * already issued the C_Login as part of it's pk11_GetPassword call.
+ * In this case the application will tell us what the results were in
+ * the password value (retry or the authentication was successful) so
+ * we can skip our own C_Login call (which would force the token to
+ * try to login again).
+ *
+ * Applications that don't know about protectedAuthPath will return a
+ * password, which we will ignore and trigger the token to
+ * 'authenticate' itself anyway. Hopefully the blinking display on
+ * the reader, or the flashing light under the thumbprint reader will
+ * attract the user's attention */
+ attempt = PR_TRUE;
+ if (slot->protectedAuthPath) {
+ /* application tried to authenticate and failed. it wants to try
+ * again, continue looping */
+ if (strcmp(password, PK11_PW_RETRY) == 0) {
+ rv = SECWouldBlock;
+ PORT_Free(password);
+ continue;
+ }
+ /* applicaton tried to authenticate and succeeded we're done */
+ if (strcmp(password, PK11_PW_AUTHENTICATED) == 0) {
+ rv = SECSuccess;
+ PORT_Free(password);
+ break;
+ }
+ }
+ rv = pk11_CheckPassword(slot, session, password,
+ alreadyLocked, contextSpecific);
+ PORT_Memset(password, 0, PORT_Strlen(password));
+ PORT_Free(password);
+ if (rv != SECWouldBlock)
+ break;
+ }
+ if (rv == SECSuccess) {
+ if (!PK11_IsFriendly(slot)) {
+ nssTrustDomain_UpdateCachedTokenCerts(slot->nssToken->trustDomain,
+ slot->nssToken);
+ }
+ } else if (!attempt)
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ return rv;
+}
+
+void
+PK11_LogoutAll(void)
+{
+ SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
+ SECMODModuleList *modList;
+ SECMODModuleList *mlp = NULL;
+ int i;
+
+ /* NSS is not initialized, there are not tokens to log out */
+ if (lock == NULL) {
+ return;
+ }
+
+ SECMOD_GetReadLock(lock);
+ modList = SECMOD_GetDefaultModuleList();
+ /* find the number of entries */
+ for (mlp = modList; mlp != NULL; mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ PK11_Logout(mlp->module->slots[i]);
+ }
+ }
+
+ SECMOD_ReleaseReadLock(lock);
+}
+
+int
+PK11_GetMinimumPwdLength(PK11SlotInfo *slot)
+{
+ return ((int)slot->minPassword);
+}
+
+/* Does this slot have a protected pin path? */
+PRBool
+PK11_ProtectedAuthenticationPath(PK11SlotInfo *slot)
+{
+ return slot->protectedAuthPath;
+}
+
+/*
+ * we can initialize the password if 1) The toke is not inited
+ * (need login == true and see need UserInit) or 2) the token has
+ * a NULL password. (slot->needLogin = false & need user Init = false).
+ */
+PRBool
+PK11_NeedPWInitForSlot(PK11SlotInfo *slot)
+{
+ if (slot->needLogin && PK11_NeedUserInit(slot)) {
+ return PR_TRUE;
+ }
+ if (!slot->needLogin && !PK11_NeedUserInit(slot)) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+PRBool
+PK11_NeedPWInit()
+{
+ PK11SlotInfo *slot = PK11_GetInternalKeySlot();
+ PRBool ret = PK11_NeedPWInitForSlot(slot);
+
+ PK11_FreeSlot(slot);
+ return ret;
+}
+
+PRBool
+pk11_InDelayPeriod(PRIntervalTime lastTime, PRIntervalTime delayTime,
+ PRIntervalTime *retTime)
+{
+ PRIntervalTime time;
+
+ *retTime = time = PR_IntervalNow();
+ return (PRBool)(lastTime) && ((time - lastTime) < delayTime);
+}
+
+/*
+ * Determine if the token is logged in. We have to actually query the token,
+ * because it's state can change without intervention from us.
+ */
+PRBool
+PK11_IsLoggedIn(PK11SlotInfo *slot, void *wincx)
+{
+ CK_SESSION_INFO sessionInfo;
+ int askpw = slot->askpw;
+ int timeout = slot->timeout;
+ CK_RV crv;
+ PRIntervalTime curTime;
+ static PRIntervalTime login_delay_time = 0;
+
+ if (login_delay_time == 0) {
+ login_delay_time = PR_SecondsToInterval(1);
+ }
+
+ /* If we don't have our own password default values, use the system
+ * ones */
+ if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
+ PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
+
+ if (def_slot) {
+ askpw = def_slot->askpw;
+ timeout = def_slot->timeout;
+ PK11_FreeSlot(def_slot);
+ }
+ }
+
+ if ((wincx != NULL) && (PK11_Global.isLoggedIn != NULL) &&
+ (*PK11_Global.isLoggedIn)(slot, wincx) == PR_FALSE) {
+ return PR_FALSE;
+ }
+
+ /* forget the password if we've been inactive too long */
+ if (askpw == 1) {
+ PRTime currtime = PR_Now();
+ PRTime result;
+ PRTime mult;
+
+ LL_I2L(result, timeout);
+ LL_I2L(mult, 60 * 1000 * 1000);
+ LL_MUL(result, result, mult);
+ LL_ADD(result, result, slot->authTime);
+ if (LL_CMP(result, <, currtime)) {
+ PK11_EnterSlotMonitor(slot);
+ PK11_GETTAB(slot)->C_Logout(slot->session);
+ slot->lastLoginCheck = 0;
+ PK11_ExitSlotMonitor(slot);
+ } else {
+ slot->authTime = currtime;
+ }
+ }
+
+ PK11_EnterSlotMonitor(slot);
+ if (pk11_InDelayPeriod(slot->lastLoginCheck, login_delay_time, &curTime)) {
+ sessionInfo.state = slot->lastState;
+ crv = CKR_OK;
+ } else {
+ crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session, &sessionInfo);
+ if (crv == CKR_OK) {
+ slot->lastState = sessionInfo.state;
+ slot->lastLoginCheck = curTime;
+ }
+ }
+ PK11_ExitSlotMonitor(slot);
+ /* if we can't get session info, something is really wrong */
+ if (crv != CKR_OK) {
+ slot->session = CK_INVALID_SESSION;
+ return PR_FALSE;
+ }
+
+ switch (sessionInfo.state) {
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RO_PUBLIC_SESSION:
+ default:
+ break; /* fail */
+ case CKS_RW_USER_FUNCTIONS:
+ case CKS_RW_SO_FUNCTIONS:
+ case CKS_RO_USER_FUNCTIONS:
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
new file mode 100644
index 000000000..6968ae70a
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11cert.c
@@ -0,0 +1,2744 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file manages PKCS #11 instances of certificates.
+ */
+
+#include "secport.h"
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "cert.h"
+#include "certi.h"
+#include "secitem.h"
+#include "key.h"
+#include "secoid.h"
+#include "pkcs7t.h"
+#include "cmsreclist.h"
+
+#include "certdb.h"
+#include "secerr.h"
+#include "sslerr.h"
+
+#include "pki3hack.h"
+#include "dev3hack.h"
+
+#include "devm.h"
+#include "nsspki.h"
+#include "pki.h"
+#include "pkim.h"
+#include "pkitm.h"
+#include "pkistore.h" /* to remove temp cert */
+#include "devt.h"
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
+
+struct nss3_cert_cbstr {
+ SECStatus (*callback)(CERTCertificate *, void *);
+ nssList *cached;
+ void *arg;
+};
+
+/* Translate from NSSCertificate to CERTCertificate, then pass the latter
+ * to a callback.
+ */
+static PRStatus
+convert_cert(NSSCertificate *c, void *arg)
+{
+ CERTCertificate *nss3cert;
+ SECStatus secrv;
+ struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
+ /* 'c' is not adopted. caller will free it */
+ nss3cert = STAN_GetCERTCertificate(c);
+ if (!nss3cert)
+ return PR_FAILURE;
+ secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
+ return (secrv) ? PR_FAILURE : PR_SUCCESS;
+}
+
+/*
+ * build a cert nickname based on the token name and the label of the
+ * certificate If the label in NULL, build a label based on the ID.
+ */
+static int
+toHex(int x)
+{
+ return (x < 10) ? (x + '0') : (x + 'a' - 10);
+}
+#define MAX_CERT_ID 4
+#define DEFAULT_STRING "Cert ID "
+static char *
+pk11_buildNickname(PK11SlotInfo *slot, CK_ATTRIBUTE *cert_label,
+ CK_ATTRIBUTE *key_label, CK_ATTRIBUTE *cert_id)
+{
+ int prefixLen = PORT_Strlen(slot->token_name);
+ int suffixLen = 0;
+ char *suffix = NULL;
+ char buildNew[sizeof(DEFAULT_STRING) + MAX_CERT_ID * 2];
+ char *next, *nickname;
+
+ if (cert_label && (cert_label->ulValueLen)) {
+ suffixLen = cert_label->ulValueLen;
+ suffix = (char *)cert_label->pValue;
+ } else if (key_label && (key_label->ulValueLen)) {
+ suffixLen = key_label->ulValueLen;
+ suffix = (char *)key_label->pValue;
+ } else if (cert_id && cert_id->ulValueLen > 0) {
+ int i, first = cert_id->ulValueLen - MAX_CERT_ID;
+ int offset = sizeof(DEFAULT_STRING);
+ char *idValue = (char *)cert_id->pValue;
+
+ PORT_Memcpy(buildNew, DEFAULT_STRING, sizeof(DEFAULT_STRING) - 1);
+ next = buildNew + offset;
+ if (first < 0)
+ first = 0;
+ for (i = first; i < (int)cert_id->ulValueLen; i++) {
+ *next++ = toHex((idValue[i] >> 4) & 0xf);
+ *next++ = toHex(idValue[i] & 0xf);
+ }
+ *next++ = 0;
+ suffix = buildNew;
+ suffixLen = PORT_Strlen(buildNew);
+ } else {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ /* if is internal key slot, add code to skip the prefix!! */
+ next = nickname = (char *)PORT_Alloc(prefixLen + 1 + suffixLen + 1);
+ if (nickname == NULL)
+ return NULL;
+
+ PORT_Memcpy(next, slot->token_name, prefixLen);
+ next += prefixLen;
+ *next++ = ':';
+ PORT_Memcpy(next, suffix, suffixLen);
+ next += suffixLen;
+ *next++ = 0;
+ return nickname;
+}
+
+PRBool
+PK11_IsUserCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ CK_OBJECT_HANDLE certID)
+{
+ CK_OBJECT_CLASS theClass;
+
+ if (slot == NULL)
+ return PR_FALSE;
+ if (cert == NULL)
+ return PR_FALSE;
+
+ theClass = CKO_PRIVATE_KEY;
+ if (pk11_LoginStillRequired(slot, NULL)) {
+ theClass = CKO_PUBLIC_KEY;
+ }
+ if (PK11_MatchItem(slot, certID, theClass) != CK_INVALID_HANDLE) {
+ return PR_TRUE;
+ }
+
+ if (theClass == CKO_PUBLIC_KEY) {
+ SECKEYPublicKey *pubKey = CERT_ExtractPublicKey(cert);
+ CK_ATTRIBUTE theTemplate;
+
+ if (pubKey == NULL) {
+ return PR_FALSE;
+ }
+
+ PK11_SETATTRS(&theTemplate, 0, NULL, 0);
+ switch (pubKey->keyType) {
+ case rsaKey:
+ case rsaPssKey:
+ case rsaOaepKey:
+ PK11_SETATTRS(&theTemplate, CKA_MODULUS, pubKey->u.rsa.modulus.data,
+ pubKey->u.rsa.modulus.len);
+ break;
+ case dsaKey:
+ PK11_SETATTRS(&theTemplate, CKA_VALUE, pubKey->u.dsa.publicValue.data,
+ pubKey->u.dsa.publicValue.len);
+ break;
+ case dhKey:
+ PK11_SETATTRS(&theTemplate, CKA_VALUE, pubKey->u.dh.publicValue.data,
+ pubKey->u.dh.publicValue.len);
+ break;
+ case ecKey:
+ PK11_SETATTRS(&theTemplate, CKA_EC_POINT,
+ pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len);
+ break;
+ case keaKey:
+ case fortezzaKey:
+ case nullKey:
+ /* fall through and return false */
+ break;
+ }
+
+ if (theTemplate.ulValueLen == 0) {
+ SECKEY_DestroyPublicKey(pubKey);
+ return PR_FALSE;
+ }
+ pk11_SignedToUnsigned(&theTemplate);
+ if (pk11_FindObjectByTemplate(slot, &theTemplate, 1) != CK_INVALID_HANDLE) {
+ SECKEY_DestroyPublicKey(pubKey);
+ return PR_TRUE;
+ }
+ SECKEY_DestroyPublicKey(pubKey);
+ }
+ return PR_FALSE;
+}
+
+/*
+ * Check out if a cert has ID of zero. This is a magic ID that tells
+ * NSS that this cert may be an automagically trusted cert.
+ * The Cert has to be self signed as well. That check is done elsewhere.
+ *
+ */
+PRBool
+pk11_isID0(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID)
+{
+ CK_ATTRIBUTE keyID = { CKA_ID, NULL, 0 };
+ PRBool isZero = PR_FALSE;
+ int i;
+ CK_RV crv;
+
+ crv = PK11_GetAttributes(NULL, slot, certID, &keyID, 1);
+ if (crv != CKR_OK) {
+ return isZero;
+ }
+
+ if (keyID.ulValueLen != 0) {
+ char *value = (char *)keyID.pValue;
+ isZero = PR_TRUE; /* ID exists, may be zero */
+ for (i = 0; i < (int)keyID.ulValueLen; i++) {
+ if (value[i] != 0) {
+ isZero = PR_FALSE; /* nope */
+ break;
+ }
+ }
+ }
+ PORT_Free(keyID.pValue);
+ return isZero;
+}
+
+/*
+ * Create an NSSCertificate from a slot/certID pair, return it as a
+ * CERTCertificate. Optionally, output the nickname string.
+ */
+static CERTCertificate *
+pk11_fastCert(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID,
+ CK_ATTRIBUTE *privateLabel, char **nickptr)
+{
+ NSSCertificate *c;
+ nssCryptokiObject *co = NULL;
+ nssPKIObject *pkio;
+ NSSToken *token;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+
+ /* Get the cryptoki object from the handle */
+ token = PK11Slot_GetNSSToken(slot);
+ if (token->defaultSession) {
+ co = nssCryptokiObject_Create(token, token->defaultSession, certID);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ }
+ if (!co) {
+ return NULL;
+ }
+
+ /* Create a PKI object from the cryptoki instance */
+ pkio = nssPKIObject_Create(NULL, co, td, NULL, nssPKIMonitor);
+ if (!pkio) {
+ nssCryptokiObject_Destroy(co);
+ return NULL;
+ }
+
+ /* Create a certificate */
+ c = nssCertificate_Create(pkio);
+ if (!c) {
+ nssPKIObject_Destroy(pkio);
+ return NULL;
+ }
+
+ /* Build and output a nickname, if desired.
+ * This must be done before calling nssTrustDomain_AddCertsToCache
+ * because that function may destroy c, pkio and co!
+ */
+ if ((nickptr) && (co->label)) {
+ CK_ATTRIBUTE label, id;
+
+ label.type = CKA_LABEL;
+ label.pValue = co->label;
+ label.ulValueLen = PORT_Strlen(co->label);
+
+ id.type = CKA_ID;
+ id.pValue = c->id.data;
+ id.ulValueLen = c->id.size;
+
+ *nickptr = pk11_buildNickname(slot, &label, privateLabel, &id);
+ }
+
+ /* This function may destroy the cert in "c" and all its subordinate
+ * structures, and replace the value in "c" with the address of a
+ * different NSSCertificate that it found in the cache.
+ * Presumably, the nickname which we just output above remains valid. :)
+ */
+ (void)nssTrustDomain_AddCertsToCache(td, &c, 1);
+ return STAN_GetCERTCertificateOrRelease(c);
+}
+
+/*
+ * Build an CERTCertificate structure from a PKCS#11 object ID.... certID
+ * Must be a CertObject. This code does not explicitly checks that.
+ */
+CERTCertificate *
+PK11_MakeCertFromHandle(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID,
+ CK_ATTRIBUTE *privateLabel)
+{
+ char *nickname = NULL;
+ CERTCertificate *cert = NULL;
+ CERTCertTrust *trust;
+
+ cert = pk11_fastCert(slot, certID, privateLabel, &nickname);
+ if (cert == NULL)
+ goto loser;
+
+ if (nickname) {
+ if (cert->nickname != NULL) {
+ cert->dbnickname = cert->nickname;
+ }
+ cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
+ PORT_Free(nickname);
+ nickname = NULL;
+ }
+
+ /* remember where this cert came from.... If we have just looked
+ * it up from the database and it already has a slot, don't add a new
+ * one. */
+ if (cert->slot == NULL) {
+ cert->slot = PK11_ReferenceSlot(slot);
+ cert->pkcs11ID = certID;
+ cert->ownSlot = PR_TRUE;
+ cert->series = slot->series;
+ }
+
+ trust = (CERTCertTrust *)PORT_ArenaAlloc(cert->arena, sizeof(CERTCertTrust));
+ if (trust == NULL)
+ goto loser;
+ PORT_Memset(trust, 0, sizeof(CERTCertTrust));
+
+ if (!pk11_HandleTrustObject(slot, cert, trust)) {
+ unsigned int type;
+
+ /* build some cert trust flags */
+ if (CERT_IsCACert(cert, &type)) {
+ unsigned int trustflags = CERTDB_VALID_CA;
+
+ /* Allow PKCS #11 modules to give us trusted CA's. We only accept
+ * valid CA's which are self-signed here. They must have an object
+ * ID of '0'. */
+ if (pk11_isID0(slot, certID) &&
+ cert->isRoot) {
+ trustflags |= CERTDB_TRUSTED_CA;
+ /* is the slot a fortezza card? allow the user or
+ * admin to turn on objectSigning, but don't turn
+ * full trust on explicitly */
+ if (PK11_DoesMechanism(slot, CKM_KEA_KEY_DERIVE)) {
+ trust->objectSigningFlags |= CERTDB_VALID_CA;
+ }
+ }
+ if ((type & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
+ trust->sslFlags |= trustflags;
+ }
+ if ((type & NS_CERT_TYPE_EMAIL_CA) == NS_CERT_TYPE_EMAIL_CA) {
+ trust->emailFlags |= trustflags;
+ }
+ if ((type & NS_CERT_TYPE_OBJECT_SIGNING_CA) == NS_CERT_TYPE_OBJECT_SIGNING_CA) {
+ trust->objectSigningFlags |= trustflags;
+ }
+ }
+ }
+
+ if (PK11_IsUserCert(slot, cert, certID)) {
+ trust->sslFlags |= CERTDB_USER;
+ trust->emailFlags |= CERTDB_USER;
+ /* trust->objectSigningFlags |= CERTDB_USER; */
+ }
+ CERT_LockCertTrust(cert);
+ cert->trust = trust;
+ CERT_UnlockCertTrust(cert);
+
+ return cert;
+
+loser:
+ if (nickname)
+ PORT_Free(nickname);
+ if (cert)
+ CERT_DestroyCertificate(cert);
+ return NULL;
+}
+
+/*
+ * Build get a certificate from a private key
+ */
+CERTCertificate *
+PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey)
+{
+ PK11SlotInfo *slot = privKey->pkcs11Slot;
+ CK_OBJECT_HANDLE handle = privKey->pkcs11ID;
+ CK_OBJECT_HANDLE certID =
+ PK11_MatchItem(slot, handle, CKO_CERTIFICATE);
+ CERTCertificate *cert;
+
+ if (certID == CK_INVALID_HANDLE) {
+ PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
+ return NULL;
+ }
+ cert = PK11_MakeCertFromHandle(slot, certID, NULL);
+ return (cert);
+}
+
+/*
+ * delete a cert and it's private key (if no other certs are pointing to the
+ * private key.
+ */
+SECStatus
+PK11_DeleteTokenCertAndKey(CERTCertificate *cert, void *wincx)
+{
+ SECKEYPrivateKey *privKey = PK11_FindKeyByAnyCert(cert, wincx);
+ CK_OBJECT_HANDLE pubKey;
+ PK11SlotInfo *slot = NULL;
+
+ pubKey = pk11_FindPubKeyByAnyCert(cert, &slot, wincx);
+ if (privKey) {
+ /* For 3.4, utilize the generic cert delete function */
+ SEC_DeletePermCertificate(cert);
+ PK11_DeleteTokenPrivateKey(privKey, PR_FALSE);
+ }
+ if ((pubKey != CK_INVALID_HANDLE) && (slot != NULL)) {
+ PK11_DestroyTokenObject(slot, pubKey);
+ PK11_FreeSlot(slot);
+ }
+ return SECSuccess;
+}
+
+/*
+ * cert callback structure
+ */
+typedef struct pk11DoCertCallbackStr {
+ SECStatus (*callback)(PK11SlotInfo *slot, CERTCertificate *, void *);
+ SECStatus (*noslotcallback)(CERTCertificate *, void *);
+ SECStatus (*itemcallback)(CERTCertificate *, SECItem *, void *);
+ void *callbackArg;
+} pk11DoCertCallback;
+
+typedef struct pk11CertCallbackStr {
+ SECStatus (*callback)(CERTCertificate *, SECItem *, void *);
+ void *callbackArg;
+} pk11CertCallback;
+
+struct fake_der_cb_argstr {
+ SECStatus (*callback)(CERTCertificate *, SECItem *, void *);
+ void *arg;
+};
+
+static SECStatus
+fake_der_cb(CERTCertificate *c, void *a)
+{
+ struct fake_der_cb_argstr *fda = (struct fake_der_cb_argstr *)a;
+ return (*fda->callback)(c, &c->derCert, fda->arg);
+}
+
+/*
+ * Extract all the certs on a card from a slot.
+ */
+SECStatus
+PK11_TraverseSlotCerts(SECStatus (*callback)(CERTCertificate *, SECItem *, void *),
+ void *arg, void *wincx)
+{
+ NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
+ struct fake_der_cb_argstr fda;
+ struct nss3_cert_cbstr pk11cb;
+
+ /* authenticate to the tokens first */
+ (void)pk11_TraverseAllSlots(NULL, NULL, PR_TRUE, wincx);
+
+ fda.callback = callback;
+ fda.arg = arg;
+ pk11cb.callback = fake_der_cb;
+ pk11cb.arg = &fda;
+ NSSTrustDomain_TraverseCertificates(defaultTD, convert_cert, &pk11cb);
+ return SECSuccess;
+}
+
+static void
+transfer_token_certs_to_collection(nssList *certList, NSSToken *token,
+ nssPKIObjectCollection *collection)
+{
+ NSSCertificate **certs;
+ PRUint32 i, count;
+ NSSToken **tokens, **tp;
+ count = nssList_Count(certList);
+ if (count == 0) {
+ return;
+ }
+ certs = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
+ if (!certs) {
+ return;
+ }
+ nssList_GetArray(certList, (void **)certs, count);
+ for (i = 0; i < count; i++) {
+ tokens = nssPKIObject_GetTokens(&certs[i]->object, NULL);
+ if (tokens) {
+ for (tp = tokens; *tp; tp++) {
+ if (*tp == token) {
+ nssPKIObjectCollection_AddObject(collection,
+ (nssPKIObject *)certs[i]);
+ }
+ }
+ nssTokenArray_Destroy(tokens);
+ }
+ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(certs[i]));
+ }
+ nss_ZFreeIf(certs);
+}
+
+CERTCertificate *
+PK11_FindCertFromNickname(const char *nickname, void *wincx)
+{
+ PRStatus status;
+ CERTCertificate *rvCert = NULL;
+ NSSCertificate *cert = NULL;
+ NSSCertificate **certs = NULL;
+ static const NSSUsage usage = { PR_TRUE /* ... */ };
+ NSSToken *token;
+ NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
+ PK11SlotInfo *slot = NULL;
+ SECStatus rv;
+ char *nickCopy;
+ char *delimit = NULL;
+ char *tokenName;
+
+ nickCopy = PORT_Strdup(nickname);
+ if (!nickCopy) {
+ /* error code is set */
+ return NULL;
+ }
+ if ((delimit = PORT_Strchr(nickCopy, ':')) != NULL) {
+ tokenName = nickCopy;
+ nickname = delimit + 1;
+ *delimit = '\0';
+ /* find token by name */
+ token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
+ if (token) {
+ slot = PK11_ReferenceSlot(token->pk11slot);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ }
+ *delimit = ':';
+ } else {
+ slot = PK11_GetInternalKeySlot();
+ token = PK11Slot_GetNSSToken(slot);
+ }
+ if (token) {
+ nssList *certList;
+ nssCryptokiObject **instances;
+ nssPKIObjectCollection *collection;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ if (!PK11_IsPresent(slot)) {
+ goto loser;
+ }
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ collection = nssCertificateCollection_Create(defaultTD, NULL);
+ if (!collection) {
+ goto loser;
+ }
+ certList = nssList_Create(NULL, PR_FALSE);
+ if (!certList) {
+ nssPKIObjectCollection_Destroy(collection);
+ goto loser;
+ }
+ (void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
+ nickname,
+ certList);
+ transfer_token_certs_to_collection(certList, token, collection);
+ instances = nssToken_FindCertificatesByNickname(token,
+ NULL,
+ nickname,
+ tokenOnly,
+ 0,
+ &status);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ /* if it wasn't found, repeat the process for email address */
+ if (nssPKIObjectCollection_Count(collection) == 0 &&
+ PORT_Strchr(nickname, '@') != NULL) {
+ char *lowercaseName = CERT_FixupEmailAddr(nickname);
+ if (lowercaseName) {
+ (void)nssTrustDomain_GetCertsForEmailAddressFromCache(defaultTD,
+ lowercaseName,
+ certList);
+ transfer_token_certs_to_collection(certList, token, collection);
+ instances = nssToken_FindCertificatesByEmail(token,
+ NULL,
+ lowercaseName,
+ tokenOnly,
+ 0,
+ &status);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ PORT_Free(lowercaseName);
+ }
+ }
+ certs = nssPKIObjectCollection_GetCertificates(collection,
+ NULL, 0, NULL);
+ nssPKIObjectCollection_Destroy(collection);
+ if (certs) {
+ cert = nssCertificateArray_FindBestCertificate(certs, NULL,
+ &usage, NULL);
+ if (cert) {
+ rvCert = STAN_GetCERTCertificateOrRelease(cert);
+ }
+ nssCertificateArray_Destroy(certs);
+ }
+ nssList_Destroy(certList);
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ if (nickCopy)
+ PORT_Free(nickCopy);
+ return rvCert;
+loser:
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ if (nickCopy)
+ PORT_Free(nickCopy);
+ return NULL;
+}
+
+/* Traverse slots callback */
+typedef struct FindCertsEmailArgStr {
+ char *email;
+ CERTCertList *certList;
+} FindCertsEmailArg;
+
+SECStatus
+FindCertsEmailCallback(CERTCertificate *cert, SECItem *item, void *arg)
+{
+ FindCertsEmailArg *cbparam = (FindCertsEmailArg *)arg;
+ const char *cert_email = CERT_GetFirstEmailAddress(cert);
+ PRBool found = PR_FALSE;
+
+ /* Email address present in certificate? */
+ if (cert_email == NULL) {
+ return SECSuccess;
+ }
+
+ /* Parameter correctly set? */
+ if (cbparam->email == NULL) {
+ return SECFailure;
+ }
+
+ /* Loop over all email addresses */
+ do {
+ if (!strcmp(cert_email, cbparam->email)) {
+ /* found one matching email address */
+ PRTime now = PR_Now();
+ found = PR_TRUE;
+ CERT_AddCertToListSorted(cbparam->certList,
+ CERT_DupCertificate(cert),
+ CERT_SortCBValidity, &now);
+ }
+ cert_email = CERT_GetNextEmailAddress(cert, cert_email);
+ } while (cert_email && !found);
+
+ return SECSuccess;
+}
+
+/* Find all certificates with matching email address */
+CERTCertList *
+PK11_FindCertsFromEmailAddress(const char *email, void *wincx)
+{
+ FindCertsEmailArg cbparam;
+ SECStatus rv;
+
+ cbparam.certList = CERT_NewCertList();
+ if (cbparam.certList == NULL) {
+ return NULL;
+ }
+
+ cbparam.email = CERT_FixupEmailAddr(email);
+ if (cbparam.email == NULL) {
+ CERT_DestroyCertList(cbparam.certList);
+ return NULL;
+ }
+
+ rv = PK11_TraverseSlotCerts(FindCertsEmailCallback, &cbparam, NULL);
+ if (rv != SECSuccess) {
+ CERT_DestroyCertList(cbparam.certList);
+ PORT_Free(cbparam.email);
+ return NULL;
+ }
+
+ /* empty list? */
+ if (CERT_LIST_HEAD(cbparam.certList) == NULL ||
+ CERT_LIST_END(CERT_LIST_HEAD(cbparam.certList), cbparam.certList)) {
+ CERT_DestroyCertList(cbparam.certList);
+ cbparam.certList = NULL;
+ }
+
+ PORT_Free(cbparam.email);
+ return cbparam.certList;
+}
+
+CERTCertList *
+PK11_FindCertsFromNickname(const char *nickname, void *wincx)
+{
+ char *nickCopy;
+ char *delimit = NULL;
+ char *tokenName;
+ int i;
+ CERTCertList *certList = NULL;
+ nssPKIObjectCollection *collection = NULL;
+ NSSCertificate **foundCerts = NULL;
+ NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
+ NSSCertificate *c;
+ NSSToken *token;
+ PK11SlotInfo *slot;
+ SECStatus rv;
+
+ nickCopy = PORT_Strdup(nickname);
+ if (!nickCopy) {
+ /* error code is set */
+ return NULL;
+ }
+ if ((delimit = PORT_Strchr(nickCopy, ':')) != NULL) {
+ tokenName = nickCopy;
+ nickname = delimit + 1;
+ *delimit = '\0';
+ /* find token by name */
+ token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
+ if (token) {
+ slot = PK11_ReferenceSlot(token->pk11slot);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ slot = NULL;
+ }
+ *delimit = ':';
+ } else {
+ slot = PK11_GetInternalKeySlot();
+ token = PK11Slot_GetNSSToken(slot);
+ }
+ if (token) {
+ PRStatus status;
+ nssList *nameList;
+ nssCryptokiObject **instances;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ PK11_FreeSlot(slot);
+ if (nickCopy)
+ PORT_Free(nickCopy);
+ return NULL;
+ }
+ collection = nssCertificateCollection_Create(defaultTD, NULL);
+ if (!collection) {
+ PK11_FreeSlot(slot);
+ if (nickCopy)
+ PORT_Free(nickCopy);
+ return NULL;
+ }
+ nameList = nssList_Create(NULL, PR_FALSE);
+ if (!nameList) {
+ PK11_FreeSlot(slot);
+ if (nickCopy)
+ PORT_Free(nickCopy);
+ return NULL;
+ }
+ (void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
+ nickname,
+ nameList);
+ transfer_token_certs_to_collection(nameList, token, collection);
+ instances = nssToken_FindCertificatesByNickname(token,
+ NULL,
+ nickname,
+ tokenOnly,
+ 0,
+ &status);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+
+ /* if it wasn't found, repeat the process for email address */
+ if (nssPKIObjectCollection_Count(collection) == 0 &&
+ PORT_Strchr(nickname, '@') != NULL) {
+ char *lowercaseName = CERT_FixupEmailAddr(nickname);
+ if (lowercaseName) {
+ (void)nssTrustDomain_GetCertsForEmailAddressFromCache(defaultTD,
+ lowercaseName,
+ nameList);
+ transfer_token_certs_to_collection(nameList, token, collection);
+ instances = nssToken_FindCertificatesByEmail(token,
+ NULL,
+ lowercaseName,
+ tokenOnly,
+ 0,
+ &status);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ PORT_Free(lowercaseName);
+ }
+ }
+
+ nssList_Destroy(nameList);
+ foundCerts = nssPKIObjectCollection_GetCertificates(collection,
+ NULL, 0, NULL);
+ nssPKIObjectCollection_Destroy(collection);
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ if (nickCopy)
+ PORT_Free(nickCopy);
+ if (foundCerts) {
+ PRTime now = PR_Now();
+ certList = CERT_NewCertList();
+ for (i = 0, c = *foundCerts; c; c = foundCerts[++i]) {
+ if (certList) {
+ CERTCertificate *certCert = STAN_GetCERTCertificateOrRelease(c);
+ /* c may be invalid after this, don't reference it */
+ if (certCert) {
+ /* CERT_AddCertToListSorted adopts certCert */
+ CERT_AddCertToListSorted(certList, certCert,
+ CERT_SortCBValidity, &now);
+ }
+ } else {
+ nssCertificate_Destroy(c);
+ }
+ }
+ if (certList && CERT_LIST_HEAD(certList) == NULL) {
+ CERT_DestroyCertList(certList);
+ certList = NULL;
+ }
+ /* all the certs have been adopted or freed, free the raw array */
+ nss_ZFreeIf(foundCerts);
+ }
+ return certList;
+}
+
+/*
+ * extract a key ID for a certificate...
+ * NOTE: We call this function from PKCS11.c If we ever use
+ * pkcs11 to extract the public key (we currently do not), this will break.
+ */
+SECItem *
+PK11_GetPubIndexKeyID(CERTCertificate *cert)
+{
+ SECKEYPublicKey *pubk;
+ SECItem *newItem = NULL;
+
+ pubk = CERT_ExtractPublicKey(cert);
+ if (pubk == NULL)
+ return NULL;
+
+ switch (pubk->keyType) {
+ case rsaKey:
+ newItem = SECITEM_DupItem(&pubk->u.rsa.modulus);
+ break;
+ case dsaKey:
+ newItem = SECITEM_DupItem(&pubk->u.dsa.publicValue);
+ break;
+ case dhKey:
+ newItem = SECITEM_DupItem(&pubk->u.dh.publicValue);
+ break;
+ case ecKey:
+ newItem = SECITEM_DupItem(&pubk->u.ec.publicValue);
+ break;
+ case fortezzaKey:
+ default:
+ newItem = NULL; /* Fortezza Fix later... */
+ }
+ SECKEY_DestroyPublicKey(pubk);
+ /* make hash of it */
+ return newItem;
+}
+
+/*
+ * generate a CKA_ID from a certificate.
+ */
+SECItem *
+pk11_mkcertKeyID(CERTCertificate *cert)
+{
+ SECItem *pubKeyData = PK11_GetPubIndexKeyID(cert);
+ SECItem *certCKA_ID;
+
+ if (pubKeyData == NULL)
+ return NULL;
+
+ certCKA_ID = PK11_MakeIDFromPubKey(pubKeyData);
+ SECITEM_FreeItem(pubKeyData, PR_TRUE);
+ return certCKA_ID;
+}
+
+/*
+ * Write the cert into the token.
+ */
+SECStatus
+PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ CK_OBJECT_HANDLE key, const char *nickname,
+ PRBool includeTrust)
+{
+ PRStatus status;
+ NSSCertificate *c;
+ nssCryptokiObject *keyobj, *certobj;
+ NSSToken *token = PK11Slot_GetNSSToken(slot);
+ SECItem *keyID = pk11_mkcertKeyID(cert);
+ char *emailAddr = NULL;
+ nssCertificateStoreTrace lockTrace = { NULL, NULL, PR_FALSE, PR_FALSE };
+ nssCertificateStoreTrace unlockTrace = { NULL, NULL, PR_FALSE, PR_FALSE };
+
+ if (keyID == NULL) {
+ goto loser; /* error code should be set already */
+ }
+ if (!token) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ goto loser;
+ }
+
+ if (PK11_IsInternal(slot) && cert->emailAddr && cert->emailAddr[0]) {
+ emailAddr = cert->emailAddr;
+ }
+
+ /* need to get the cert as a stan cert */
+ if (cert->nssCertificate) {
+ c = cert->nssCertificate;
+ } else {
+ c = STAN_GetNSSCertificate(cert);
+ if (c == NULL) {
+ goto loser;
+ }
+ }
+
+ /* set the id for the cert */
+ nssItem_Create(c->object.arena, &c->id, keyID->len, keyID->data);
+ if (!c->id.data) {
+ goto loser;
+ }
+
+ if (key != CK_INVALID_HANDLE) {
+ /* create an object for the key, ... */
+ keyobj = nss_ZNEW(NULL, nssCryptokiObject);
+ if (!keyobj) {
+ goto loser;
+ }
+ keyobj->token = nssToken_AddRef(token);
+ keyobj->handle = key;
+ keyobj->isTokenObject = PR_TRUE;
+
+ /* ... in order to set matching attributes for the key */
+ status = nssCryptokiPrivateKey_SetCertificate(keyobj, NULL, nickname,
+ &c->id, &c->subject);
+ nssCryptokiObject_Destroy(keyobj);
+ if (status != PR_SUCCESS) {
+ goto loser;
+ }
+ }
+
+ /* do the token import */
+ certobj = nssToken_ImportCertificate(token, NULL,
+ NSSCertificateType_PKIX,
+ &c->id,
+ nickname,
+ &c->encoding,
+ &c->issuer,
+ &c->subject,
+ &c->serial,
+ emailAddr,
+ PR_TRUE);
+ if (!certobj) {
+ if (NSS_GetError() == NSS_ERROR_INVALID_CERTIFICATE) {
+ PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
+ SECITEM_FreeItem(keyID, PR_TRUE);
+ return SECFailure;
+ }
+ goto loser;
+ }
+
+ if (c->object.cryptoContext) {
+ /* Delete the temp instance */
+ NSSCryptoContext *cc = c->object.cryptoContext;
+ nssCertificateStore_Lock(cc->certStore, &lockTrace);
+ nssCertificateStore_RemoveCertLOCKED(cc->certStore, c);
+ nssCertificateStore_Unlock(cc->certStore, &lockTrace, &unlockTrace);
+ c->object.cryptoContext = NULL;
+ cert->istemp = PR_FALSE;
+ cert->isperm = PR_TRUE;
+ }
+
+ /* add the new instance to the cert, force an update of the
+ * CERTCertificate, and finish
+ */
+ nssPKIObject_AddInstance(&c->object, certobj);
+ /* nssTrustDomain_AddCertsToCache may release a reference to 'c' and
+ * replace 'c' with a different value. So we add a reference to 'c' to
+ * prevent 'c' from being destroyed. */
+ nssCertificate_AddRef(c);
+ nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
+ (void)STAN_ForceCERTCertificateUpdate(c);
+ nssCertificate_Destroy(c);
+ SECITEM_FreeItem(keyID, PR_TRUE);
+ return SECSuccess;
+loser:
+ CERT_MapStanError();
+ SECITEM_FreeItem(keyID, PR_TRUE);
+ if (PORT_GetError() != SEC_ERROR_TOKEN_NOT_LOGGED_IN) {
+ PORT_SetError(SEC_ERROR_ADDING_CERT);
+ }
+ return SECFailure;
+}
+
+SECStatus
+PK11_ImportDERCert(PK11SlotInfo *slot, SECItem *derCert,
+ CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust)
+{
+ CERTCertificate *cert;
+ SECStatus rv;
+
+ cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ derCert, NULL, PR_FALSE, PR_TRUE);
+ if (cert == NULL)
+ return SECFailure;
+
+ rv = PK11_ImportCert(slot, cert, key, nickname, includeTrust);
+ CERT_DestroyCertificate(cert);
+ return rv;
+}
+
+/*
+ * get a certificate handle, look at the cached handle first..
+ */
+CK_OBJECT_HANDLE
+pk11_getcerthandle(PK11SlotInfo *slot, CERTCertificate *cert,
+ CK_ATTRIBUTE *theTemplate, int tsize)
+{
+ CK_OBJECT_HANDLE certh;
+
+ if (cert->slot == slot) {
+ certh = cert->pkcs11ID;
+ if ((certh == CK_INVALID_HANDLE) ||
+ (cert->series != slot->series)) {
+ certh = pk11_FindObjectByTemplate(slot, theTemplate, tsize);
+ cert->pkcs11ID = certh;
+ cert->series = slot->series;
+ }
+ } else {
+ certh = pk11_FindObjectByTemplate(slot, theTemplate, tsize);
+ }
+ return certh;
+}
+
+/*
+ * return the private key From a given Cert
+ */
+SECKEYPrivateKey *
+PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ void *wincx)
+{
+ int err;
+ CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_VALUE, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ /* if you change the array, change the variable below as well */
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_OBJECT_HANDLE certh;
+ CK_OBJECT_HANDLE keyh;
+ CK_ATTRIBUTE *attrs = theTemplate;
+ PRBool needLogin;
+ SECStatus rv;
+
+ PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
+ cert->derCert.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
+
+ /*
+ * issue the find
+ */
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ certh = pk11_getcerthandle(slot, cert, theTemplate, tsize);
+ if (certh == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+ /*
+ * prevent a login race condition. If slot is logged in between
+ * our call to pk11_LoginStillRequired and the
+ * PK11_MatchItem. The matchItem call will either succeed, or
+ * we will call it one more time after calling PK11_Authenticate
+ * (which is a noop on an authenticated token).
+ */
+ needLogin = pk11_LoginStillRequired(slot, wincx);
+ keyh = PK11_MatchItem(slot, certh, CKO_PRIVATE_KEY);
+ if ((keyh == CK_INVALID_HANDLE) && needLogin &&
+ (SSL_ERROR_NO_CERTIFICATE == (err = PORT_GetError()) ||
+ SEC_ERROR_TOKEN_NOT_LOGGED_IN == err)) {
+ /* try it again authenticated */
+ rv = PK11_Authenticate(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ keyh = PK11_MatchItem(slot, certh, CKO_PRIVATE_KEY);
+ }
+ if (keyh == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+ return PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyh, wincx);
+}
+
+/*
+ * import a cert for a private key we have already generated. Set the label
+ * on both to be the nickname. This is for the Key Gen, orphaned key case.
+ */
+PK11SlotInfo *
+PK11_KeyForCertExists(CERTCertificate *cert, CK_OBJECT_HANDLE *keyPtr,
+ void *wincx)
+{
+ PK11SlotList *list;
+ PK11SlotListElement *le;
+ SECItem *keyID;
+ CK_OBJECT_HANDLE key;
+ PK11SlotInfo *slot = NULL;
+ SECStatus rv;
+ int err;
+
+ keyID = pk11_mkcertKeyID(cert);
+ /* get them all! */
+ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_TRUE, wincx);
+ if ((keyID == NULL) || (list == NULL)) {
+ if (keyID)
+ SECITEM_FreeItem(keyID, PR_TRUE);
+ if (list)
+ PK11_FreeSlotList(list);
+ return NULL;
+ }
+
+ /* Look for the slot that holds the Key */
+ for (le = list->head; le; le = le->next) {
+ /*
+ * prevent a login race condition. If le->slot is logged in between
+ * our call to pk11_LoginStillRequired and the
+ * pk11_FindPrivateKeyFromCertID, the find will either succeed, or
+ * we will call it one more time after calling PK11_Authenticate
+ * (which is a noop on an authenticated token).
+ */
+ PRBool needLogin = pk11_LoginStillRequired(le->slot, wincx);
+ key = pk11_FindPrivateKeyFromCertID(le->slot, keyID);
+ if ((key == CK_INVALID_HANDLE) && needLogin &&
+ (SSL_ERROR_NO_CERTIFICATE == (err = PORT_GetError()) ||
+ SEC_ERROR_TOKEN_NOT_LOGGED_IN == err)) {
+ /* authenticate and try again */
+ rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ continue;
+ key = pk11_FindPrivateKeyFromCertID(le->slot, keyID);
+ }
+ if (key != CK_INVALID_HANDLE) {
+ slot = PK11_ReferenceSlot(le->slot);
+ if (keyPtr)
+ *keyPtr = key;
+ break;
+ }
+ }
+
+ SECITEM_FreeItem(keyID, PR_TRUE);
+ PK11_FreeSlotList(list);
+ return slot;
+}
+/*
+ * import a cert for a private key we have already generated. Set the label
+ * on both to be the nickname. This is for the Key Gen, orphaned key case.
+ */
+PK11SlotInfo *
+PK11_KeyForDERCertExists(SECItem *derCert, CK_OBJECT_HANDLE *keyPtr,
+ void *wincx)
+{
+ CERTCertificate *cert;
+ PK11SlotInfo *slot = NULL;
+
+ /* letting this use go -- the only thing that the cert is used for is
+ * to get the ID attribute.
+ */
+ cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
+ if (cert == NULL)
+ return NULL;
+
+ slot = PK11_KeyForCertExists(cert, keyPtr, wincx);
+ CERT_DestroyCertificate(cert);
+ return slot;
+}
+
+PK11SlotInfo *
+PK11_ImportCertForKey(CERTCertificate *cert, const char *nickname,
+ void *wincx)
+{
+ PK11SlotInfo *slot = NULL;
+ CK_OBJECT_HANDLE key;
+
+ slot = PK11_KeyForCertExists(cert, &key, wincx);
+
+ if (slot) {
+ if (PK11_ImportCert(slot, cert, key, nickname, PR_FALSE) != SECSuccess) {
+ PK11_FreeSlot(slot);
+ slot = NULL;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_ADDING_CERT);
+ }
+
+ return slot;
+}
+
+PK11SlotInfo *
+PK11_ImportDERCertForKey(SECItem *derCert, char *nickname, void *wincx)
+{
+ CERTCertificate *cert;
+ PK11SlotInfo *slot = NULL;
+
+ cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ derCert, NULL, PR_FALSE, PR_TRUE);
+ if (cert == NULL)
+ return NULL;
+
+ slot = PK11_ImportCertForKey(cert, nickname, wincx);
+ CERT_DestroyCertificate(cert);
+ return slot;
+}
+
+static CK_OBJECT_HANDLE
+pk11_FindCertObjectByTemplate(PK11SlotInfo **slotPtr,
+ CK_ATTRIBUTE *searchTemplate, int count, void *wincx)
+{
+ PK11SlotList *list;
+ PK11SlotListElement *le;
+ CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
+ PK11SlotInfo *slot = NULL;
+ SECStatus rv;
+
+ *slotPtr = NULL;
+
+ /* get them all! */
+ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_TRUE, wincx);
+ if (list == NULL) {
+ return CK_INVALID_HANDLE;
+ }
+
+ /* Look for the slot that holds the Key */
+ for (le = list->head; le; le = le->next) {
+ rv = pk11_AuthenticateUnfriendly(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ continue;
+
+ certHandle = pk11_FindObjectByTemplate(le->slot, searchTemplate, count);
+ if (certHandle != CK_INVALID_HANDLE) {
+ slot = PK11_ReferenceSlot(le->slot);
+ break;
+ }
+ }
+
+ PK11_FreeSlotList(list);
+
+ if (slot == NULL) {
+ return CK_INVALID_HANDLE;
+ }
+ *slotPtr = slot;
+ return certHandle;
+}
+
+CERTCertificate *
+PK11_FindCertByIssuerAndSNOnToken(PK11SlotInfo *slot,
+ CERTIssuerAndSN *issuerSN, void *wincx)
+{
+ CERTCertificate *rvCert = NULL;
+ NSSCertificate *cert = NULL;
+ NSSDER issuer, serial;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSToken *token = slot->nssToken;
+ nssSession *session;
+ nssCryptokiObject *instance = NULL;
+ nssPKIObject *object = NULL;
+ SECItem *derSerial;
+ PRStatus status;
+
+ if (!issuerSN || !issuerSN->derIssuer.data || !issuerSN->derIssuer.len ||
+ !issuerSN->serialNumber.data || !issuerSN->serialNumber.len ||
+ issuerSN->derIssuer.len > CERT_MAX_DN_BYTES ||
+ issuerSN->serialNumber.len > CERT_MAX_SERIAL_NUMBER_BYTES) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /* Paranoia */
+ if (token == NULL) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return NULL;
+ }
+
+ /* PKCS#11 needs to use DER-encoded serial numbers. Create a
+ * CERTIssuerAndSN that actually has the encoded value and pass that
+ * to PKCS#11 (and the crypto context).
+ */
+ derSerial = SEC_ASN1EncodeItem(NULL, NULL,
+ &issuerSN->serialNumber,
+ SEC_ASN1_GET(SEC_IntegerTemplate));
+ if (!derSerial) {
+ return NULL;
+ }
+
+ NSSITEM_FROM_SECITEM(&issuer, &issuerSN->derIssuer);
+ NSSITEM_FROM_SECITEM(&serial, derSerial);
+
+ session = nssToken_GetDefaultSession(token);
+ if (!session) {
+ goto loser;
+ }
+
+ instance = nssToken_FindCertificateByIssuerAndSerialNumber(token, session,
+ &issuer, &serial, nssTokenSearchType_TokenForced, &status);
+
+ SECITEM_FreeItem(derSerial, PR_TRUE);
+
+ if (!instance) {
+ goto loser;
+ }
+ object = nssPKIObject_Create(NULL, instance, td, NULL, nssPKIMonitor);
+ if (!object) {
+ goto loser;
+ }
+ instance = NULL; /* adopted by the previous call */
+ cert = nssCertificate_Create(object);
+ if (!cert) {
+ goto loser;
+ }
+ object = NULL; /* adopted by the previous call */
+ nssTrustDomain_AddCertsToCache(td, &cert, 1);
+ /* on failure, cert is freed below */
+ rvCert = STAN_GetCERTCertificate(cert);
+ if (!rvCert) {
+ goto loser;
+ }
+ return rvCert;
+
+loser:
+ if (instance) {
+ nssCryptokiObject_Destroy(instance);
+ }
+ if (object) {
+ nssPKIObject_Destroy(object);
+ }
+ if (cert) {
+ nssCertificate_Destroy(cert);
+ }
+ return NULL;
+}
+
+static PRCallOnceType keyIDHashCallOnce;
+
+static PRStatus PR_CALLBACK
+pk11_keyIDHash_populate(void *wincx)
+{
+ CERTCertList *certList;
+ CERTCertListNode *node = NULL;
+ SECItem subjKeyID = { siBuffer, NULL, 0 };
+ SECItem *slotid = NULL;
+ SECMODModuleList *modules, *mlp;
+ SECMODListLock *moduleLock;
+ int i;
+
+ certList = PK11_ListCerts(PK11CertListUser, wincx);
+ if (!certList) {
+ return PR_FAILURE;
+ }
+
+ for (node = CERT_LIST_HEAD(certList);
+ !CERT_LIST_END(node, certList);
+ node = CERT_LIST_NEXT(node)) {
+ if (CERT_FindSubjectKeyIDExtension(node->cert,
+ &subjKeyID) == SECSuccess &&
+ subjKeyID.data != NULL) {
+ cert_AddSubjectKeyIDMapping(&subjKeyID, node->cert);
+ SECITEM_FreeItem(&subjKeyID, PR_FALSE);
+ }
+ }
+ CERT_DestroyCertList(certList);
+
+ /*
+ * Record the state of each slot in a hash. The concatenation of slotID
+ * and moduleID is used as its key, with the slot series as its value.
+ */
+ slotid = SECITEM_AllocItem(NULL, NULL,
+ sizeof(CK_SLOT_ID) + sizeof(SECMODModuleID));
+ if (!slotid) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return PR_FAILURE;
+ }
+ moduleLock = SECMOD_GetDefaultModuleListLock();
+ if (!moduleLock) {
+ SECITEM_FreeItem(slotid, PR_TRUE);
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return PR_FAILURE;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp; mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ memcpy(slotid->data, &mlp->module->slots[i]->slotID,
+ sizeof(CK_SLOT_ID));
+ memcpy(&slotid->data[sizeof(CK_SLOT_ID)], &mlp->module->moduleID,
+ sizeof(SECMODModuleID));
+ cert_UpdateSubjectKeyIDSlotCheck(slotid,
+ mlp->module->slots[i]->series);
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+ SECITEM_FreeItem(slotid, PR_TRUE);
+
+ return PR_SUCCESS;
+}
+
+/*
+ * We're looking for a cert which we have the private key for that's on the
+ * list of recipients. This searches one slot.
+ * this is the new version for NSS SMIME code
+ * this stuff should REALLY be in the SMIME code, but some things in here are not public
+ * (they should be!)
+ */
+static CERTCertificate *
+pk11_FindCertObjectByRecipientNew(PK11SlotInfo *slot, NSSCMSRecipient **recipientlist,
+ int *rlIndex, void *pwarg)
+{
+ NSSCMSRecipient *ri = NULL;
+ int i;
+ PRBool tokenRescanDone = PR_FALSE;
+ CERTCertTrust trust;
+
+ for (i = 0; (ri = recipientlist[i]) != NULL; i++) {
+ CERTCertificate *cert = NULL;
+ if (ri->kind == RLSubjKeyID) {
+ SECItem *derCert = cert_FindDERCertBySubjectKeyID(ri->id.subjectKeyID);
+ if (!derCert && !tokenRescanDone) {
+ /*
+ * We didn't find the cert by its key ID. If we have slots
+ * with removable tokens, a failure from
+ * cert_FindDERCertBySubjectKeyID doesn't necessarily imply
+ * that the cert is unavailable - the token might simply
+ * have been inserted after the initial run of
+ * pk11_keyIDHash_populate (wrapped by PR_CallOnceWithArg),
+ * or a different token might have been present in that
+ * slot, initially. Let's check for new tokens...
+ */
+ PK11SlotList *sl = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
+ PR_FALSE, PR_FALSE, pwarg);
+ if (sl) {
+ PK11SlotListElement *le;
+ SECItem *slotid = SECITEM_AllocItem(NULL, NULL,
+ sizeof(CK_SLOT_ID) + sizeof(SECMODModuleID));
+ if (!slotid) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PK11_FreeSlotList(sl);
+ return NULL;
+ }
+ for (le = sl->head; le; le = le->next) {
+ memcpy(slotid->data, &le->slot->slotID,
+ sizeof(CK_SLOT_ID));
+ memcpy(&slotid->data[sizeof(CK_SLOT_ID)],
+ &le->slot->module->moduleID,
+ sizeof(SECMODModuleID));
+ /*
+ * Any changes with the slot since our last check?
+ * If so, re-read the certs in that specific slot.
+ */
+ if (cert_SubjectKeyIDSlotCheckSeries(slotid) != PK11_GetSlotSeries(le->slot)) {
+ CERTCertListNode *node = NULL;
+ SECItem subjKeyID = { siBuffer, NULL, 0 };
+ CERTCertList *cl = PK11_ListCertsInSlot(le->slot);
+ if (!cl) {
+ continue;
+ }
+ for (node = CERT_LIST_HEAD(cl);
+ !CERT_LIST_END(node, cl);
+ node = CERT_LIST_NEXT(node)) {
+ if (CERT_IsUserCert(node->cert) &&
+ CERT_FindSubjectKeyIDExtension(node->cert,
+ &subjKeyID) == SECSuccess) {
+ if (subjKeyID.data) {
+ cert_AddSubjectKeyIDMapping(&subjKeyID,
+ node->cert);
+ cert_UpdateSubjectKeyIDSlotCheck(slotid,
+ PK11_GetSlotSeries(le->slot));
+ }
+ SECITEM_FreeItem(&subjKeyID, PR_FALSE);
+ }
+ }
+ CERT_DestroyCertList(cl);
+ }
+ }
+ PK11_FreeSlotList(sl);
+ SECITEM_FreeItem(slotid, PR_TRUE);
+ }
+ /* only check once per message/recipientlist */
+ tokenRescanDone = PR_TRUE;
+ /* do another lookup (hopefully we found that cert...) */
+ derCert = cert_FindDERCertBySubjectKeyID(ri->id.subjectKeyID);
+ }
+ if (derCert) {
+ cert = PK11_FindCertFromDERCertItem(slot, derCert, pwarg);
+ SECITEM_FreeItem(derCert, PR_TRUE);
+ }
+ } else {
+ cert = PK11_FindCertByIssuerAndSNOnToken(slot, ri->id.issuerAndSN,
+ pwarg);
+ }
+ if (cert) {
+ /* this isn't our cert */
+ if (CERT_GetCertTrust(cert, &trust) != SECSuccess ||
+ ((trust.emailFlags & CERTDB_USER) != CERTDB_USER)) {
+ CERT_DestroyCertificate(cert);
+ continue;
+ }
+ ri->slot = PK11_ReferenceSlot(slot);
+ *rlIndex = i;
+ return cert;
+ }
+ }
+ *rlIndex = -1;
+ return NULL;
+}
+
+/*
+ * This function is the same as above, but it searches all the slots.
+ * this is the new version for NSS SMIME code
+ * this stuff should REALLY be in the SMIME code, but some things in here are not public
+ * (they should be!)
+ */
+static CERTCertificate *
+pk11_AllFindCertObjectByRecipientNew(NSSCMSRecipient **recipientlist, void *wincx, int *rlIndex)
+{
+ PK11SlotList *list;
+ PK11SlotListElement *le;
+ CERTCertificate *cert = NULL;
+ SECStatus rv;
+
+ /* get them all! */
+ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_TRUE, wincx);
+ if (list == NULL) {
+ return CK_INVALID_HANDLE;
+ }
+
+ /* Look for the slot that holds the Key */
+ for (le = list->head; le; le = le->next) {
+ rv = pk11_AuthenticateUnfriendly(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ continue;
+
+ cert = pk11_FindCertObjectByRecipientNew(le->slot,
+ recipientlist, rlIndex, wincx);
+ if (cert)
+ break;
+ }
+
+ PK11_FreeSlotList(list);
+
+ return cert;
+}
+
+/*
+ * We're looking for a cert which we have the private key for that's on the
+ * list of recipients. This searches one slot.
+ */
+static CERTCertificate *
+pk11_FindCertObjectByRecipient(PK11SlotInfo *slot,
+ SEC_PKCS7RecipientInfo **recipientArray,
+ SEC_PKCS7RecipientInfo **rip, void *pwarg)
+{
+ SEC_PKCS7RecipientInfo *ri = NULL;
+ CERTCertTrust trust;
+ int i;
+
+ for (i = 0; (ri = recipientArray[i]) != NULL; i++) {
+ CERTCertificate *cert;
+
+ cert = PK11_FindCertByIssuerAndSNOnToken(slot, ri->issuerAndSN,
+ pwarg);
+ if (cert) {
+ /* this isn't our cert */
+ if (CERT_GetCertTrust(cert, &trust) != SECSuccess ||
+ ((trust.emailFlags & CERTDB_USER) != CERTDB_USER)) {
+ CERT_DestroyCertificate(cert);
+ continue;
+ }
+ *rip = ri;
+ return cert;
+ }
+ }
+ *rip = NULL;
+ return NULL;
+}
+
+/*
+ * This function is the same as above, but it searches all the slots.
+ */
+static CERTCertificate *
+pk11_AllFindCertObjectByRecipient(PK11SlotInfo **slotPtr,
+ SEC_PKCS7RecipientInfo **recipientArray,
+ SEC_PKCS7RecipientInfo **rip,
+ void *wincx)
+{
+ PK11SlotList *list;
+ PK11SlotListElement *le;
+ CERTCertificate *cert = NULL;
+ PK11SlotInfo *slot = NULL;
+ SECStatus rv;
+
+ *slotPtr = NULL;
+
+ /* get them all! */
+ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_TRUE, wincx);
+ if (list == NULL) {
+ return CK_INVALID_HANDLE;
+ }
+
+ *rip = NULL;
+
+ /* Look for the slot that holds the Key */
+ for (le = list->head; le; le = le->next) {
+ rv = pk11_AuthenticateUnfriendly(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ continue;
+
+ cert = pk11_FindCertObjectByRecipient(le->slot, recipientArray,
+ rip, wincx);
+ if (cert) {
+ slot = PK11_ReferenceSlot(le->slot);
+ break;
+ }
+ }
+
+ PK11_FreeSlotList(list);
+
+ if (slot == NULL) {
+ return NULL;
+ }
+ *slotPtr = slot;
+ PORT_Assert(cert != NULL);
+ return cert;
+}
+
+/*
+ * We need to invert the search logic for PKCS 7 because if we search for
+ * each cert on the list over all the slots, we wind up with lots of spurious
+ * password prompts. This way we get only one password prompt per slot, at
+ * the max, and most of the time we can find the cert, and only prompt for
+ * the key...
+ */
+CERTCertificate *
+PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slotPtr,
+ SEC_PKCS7RecipientInfo **array,
+ SEC_PKCS7RecipientInfo **rip,
+ SECKEYPrivateKey **privKey, void *wincx)
+{
+ CERTCertificate *cert = NULL;
+
+ *privKey = NULL;
+ *slotPtr = NULL;
+ cert = pk11_AllFindCertObjectByRecipient(slotPtr, array, rip, wincx);
+ if (!cert) {
+ return NULL;
+ }
+
+ *privKey = PK11_FindKeyByAnyCert(cert, wincx);
+ if (*privKey == NULL) {
+ goto loser;
+ }
+
+ return cert;
+loser:
+ if (cert)
+ CERT_DestroyCertificate(cert);
+ if (*slotPtr)
+ PK11_FreeSlot(*slotPtr);
+ *slotPtr = NULL;
+ return NULL;
+}
+
+/*
+ * This is the new version of the above function for NSS SMIME code
+ * this stuff should REALLY be in the SMIME code, but some things in here are not public
+ * (they should be!)
+ */
+int
+PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist, void *wincx)
+{
+ CERTCertificate *cert;
+ NSSCMSRecipient *rl;
+ PRStatus rv;
+ int rlIndex;
+
+ rv = PR_CallOnceWithArg(&keyIDHashCallOnce, pk11_keyIDHash_populate, wincx);
+ if (rv != PR_SUCCESS)
+ return -1;
+
+ cert = pk11_AllFindCertObjectByRecipientNew(recipientlist, wincx, &rlIndex);
+ if (!cert) {
+ return -1;
+ }
+
+ rl = recipientlist[rlIndex];
+
+ /* at this point, rl->slot is set */
+
+ rl->privkey = PK11_FindKeyByAnyCert(cert, wincx);
+ if (rl->privkey == NULL) {
+ goto loser;
+ }
+
+ /* make a cert from the cert handle */
+ rl->cert = cert;
+ return rlIndex;
+
+loser:
+ if (cert)
+ CERT_DestroyCertificate(cert);
+ if (rl->slot)
+ PK11_FreeSlot(rl->slot);
+ rl->slot = NULL;
+ return -1;
+}
+
+CERTCertificate *
+PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN,
+ void *wincx)
+{
+ CERTCertificate *rvCert = NULL;
+ NSSCertificate *cert;
+ NSSDER issuer, serial;
+ NSSCryptoContext *cc;
+ SECItem *derSerial;
+
+ if (!issuerSN || !issuerSN->derIssuer.data || !issuerSN->derIssuer.len ||
+ !issuerSN->serialNumber.data || !issuerSN->serialNumber.len ||
+ issuerSN->derIssuer.len > CERT_MAX_DN_BYTES ||
+ issuerSN->serialNumber.len > CERT_MAX_SERIAL_NUMBER_BYTES) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (slotPtr)
+ *slotPtr = NULL;
+
+ /* PKCS#11 needs to use DER-encoded serial numbers. Create a
+ * CERTIssuerAndSN that actually has the encoded value and pass that
+ * to PKCS#11 (and the crypto context).
+ */
+ derSerial = SEC_ASN1EncodeItem(NULL, NULL,
+ &issuerSN->serialNumber,
+ SEC_ASN1_GET(SEC_IntegerTemplate));
+ if (!derSerial) {
+ return NULL;
+ }
+
+ NSSITEM_FROM_SECITEM(&issuer, &issuerSN->derIssuer);
+ NSSITEM_FROM_SECITEM(&serial, derSerial);
+
+ cc = STAN_GetDefaultCryptoContext();
+ cert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(cc,
+ &issuer,
+ &serial);
+ if (cert) {
+ SECITEM_FreeItem(derSerial, PR_TRUE);
+ return STAN_GetCERTCertificateOrRelease(cert);
+ }
+
+ do {
+ /* free the old cert on retry. Associated slot was not present */
+ if (rvCert) {
+ CERT_DestroyCertificate(rvCert);
+ rvCert = NULL;
+ }
+
+ cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
+ STAN_GetDefaultTrustDomain(),
+ &issuer,
+ &serial);
+ if (!cert) {
+ break;
+ }
+
+ rvCert = STAN_GetCERTCertificateOrRelease(cert);
+ if (rvCert == NULL) {
+ break;
+ }
+
+ /* Check to see if the cert's token is still there */
+ } while (!PK11_IsPresent(rvCert->slot));
+
+ if (rvCert && slotPtr)
+ *slotPtr = PK11_ReferenceSlot(rvCert->slot);
+
+ SECITEM_FreeItem(derSerial, PR_TRUE);
+ return rvCert;
+}
+
+CK_OBJECT_HANDLE
+PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
+{
+ CK_OBJECT_HANDLE certHandle;
+ CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
+ CK_ATTRIBUTE *attr;
+ CK_ATTRIBUTE searchTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_VALUE, NULL, 0 },
+ };
+ int templateSize = sizeof(searchTemplate) / sizeof(searchTemplate[0]);
+
+ attr = searchTemplate;
+ PK11_SETATTRS(attr, CKA_CLASS, &certClass, sizeof(certClass));
+ attr++;
+ PK11_SETATTRS(attr, CKA_VALUE, cert->derCert.data, cert->derCert.len);
+
+ if (cert->slot) {
+ certHandle = pk11_getcerthandle(cert->slot, cert, searchTemplate,
+ templateSize);
+ if (certHandle != CK_INVALID_HANDLE) {
+ *pSlot = PK11_ReferenceSlot(cert->slot);
+ return certHandle;
+ }
+ }
+
+ certHandle = pk11_FindCertObjectByTemplate(pSlot, searchTemplate,
+ templateSize, wincx);
+ if (certHandle != CK_INVALID_HANDLE) {
+ if (cert->slot == NULL) {
+ cert->slot = PK11_ReferenceSlot(*pSlot);
+ cert->pkcs11ID = certHandle;
+ cert->ownSlot = PR_TRUE;
+ cert->series = cert->slot->series;
+ }
+ }
+
+ return (certHandle);
+}
+
+SECKEYPrivateKey *
+PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx)
+{
+ CK_OBJECT_HANDLE certHandle;
+ CK_OBJECT_HANDLE keyHandle;
+ PK11SlotInfo *slot = NULL;
+ SECKEYPrivateKey *privKey = NULL;
+ PRBool needLogin;
+ SECStatus rv;
+ int err;
+
+ certHandle = PK11_FindObjectForCert(cert, wincx, &slot);
+ if (certHandle == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+ /*
+ * prevent a login race condition. If slot is logged in between
+ * our call to pk11_LoginStillRequired and the
+ * PK11_MatchItem. The matchItem call will either succeed, or
+ * we will call it one more time after calling PK11_Authenticate
+ * (which is a noop on an authenticated token).
+ */
+ needLogin = pk11_LoginStillRequired(slot, wincx);
+ keyHandle = PK11_MatchItem(slot, certHandle, CKO_PRIVATE_KEY);
+ if ((keyHandle == CK_INVALID_HANDLE) && needLogin &&
+ (SSL_ERROR_NO_CERTIFICATE == (err = PORT_GetError()) ||
+ SEC_ERROR_TOKEN_NOT_LOGGED_IN == err)) {
+ /* authenticate and try again */
+ rv = PK11_Authenticate(slot, PR_TRUE, wincx);
+ if (rv == SECSuccess) {
+ keyHandle = PK11_MatchItem(slot, certHandle, CKO_PRIVATE_KEY);
+ }
+ }
+ if (keyHandle != CK_INVALID_HANDLE) {
+ privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ return privKey;
+}
+
+CK_OBJECT_HANDLE
+pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx)
+{
+ CK_OBJECT_HANDLE certHandle;
+ CK_OBJECT_HANDLE keyHandle;
+
+ certHandle = PK11_FindObjectForCert(cert, wincx, slot);
+ if (certHandle == CK_INVALID_HANDLE) {
+ return CK_INVALID_HANDLE;
+ }
+ keyHandle = PK11_MatchItem(*slot, certHandle, CKO_PUBLIC_KEY);
+ if (keyHandle == CK_INVALID_HANDLE) {
+ PK11_FreeSlot(*slot);
+ return CK_INVALID_HANDLE;
+ }
+ return keyHandle;
+}
+
+/*
+ * find the number of certs in the slot with the same subject name
+ */
+int
+PK11_NumberCertsForCertSubject(CERTCertificate *cert)
+{
+ CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_SUBJECT, NULL, 0 },
+ };
+ CK_ATTRIBUTE *attr = theTemplate;
+ int templateSize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+
+ PK11_SETATTRS(attr, CKA_CLASS, &certClass, sizeof(certClass));
+ attr++;
+ PK11_SETATTRS(attr, CKA_SUBJECT, cert->derSubject.data, cert->derSubject.len);
+
+ if (cert->slot == NULL) {
+ PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
+ PR_FALSE, PR_TRUE, NULL);
+ PK11SlotListElement *le;
+ int count = 0;
+
+ if (!list) {
+ /* error code is set */
+ return 0;
+ }
+
+ /* loop through all the fortezza tokens */
+ for (le = list->head; le; le = le->next) {
+ count += PK11_NumberObjectsFor(le->slot, theTemplate, templateSize);
+ }
+ PK11_FreeSlotList(list);
+ return count;
+ }
+
+ return PK11_NumberObjectsFor(cert->slot, theTemplate, templateSize);
+}
+
+/*
+ * Walk all the certs with the same subject
+ */
+SECStatus
+PK11_TraverseCertsForSubject(CERTCertificate *cert,
+ SECStatus (*callback)(CERTCertificate *, void *), void *arg)
+{
+ if (!cert) {
+ return SECFailure;
+ }
+ if (cert->slot == NULL) {
+ PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
+ PR_FALSE, PR_TRUE, NULL);
+ PK11SlotListElement *le;
+
+ if (!list) {
+ /* error code is set */
+ return SECFailure;
+ }
+ /* loop through all the tokens */
+ for (le = list->head; le; le = le->next) {
+ PK11_TraverseCertsForSubjectInSlot(cert, le->slot, callback, arg);
+ }
+ PK11_FreeSlotList(list);
+ return SECSuccess;
+ }
+
+ return PK11_TraverseCertsForSubjectInSlot(cert, cert->slot, callback, arg);
+}
+
+SECStatus
+PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot,
+ SECStatus (*callback)(CERTCertificate *, void *), void *arg)
+{
+ PRStatus nssrv = PR_SUCCESS;
+ NSSToken *token;
+ NSSDER subject;
+ NSSTrustDomain *td;
+ nssList *subjectList;
+ nssPKIObjectCollection *collection;
+ nssCryptokiObject **instances;
+ NSSCertificate **certs;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ td = STAN_GetDefaultTrustDomain();
+ NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
+ token = PK11Slot_GetNSSToken(slot);
+ if (!nssToken_IsPresent(token)) {
+ return SECSuccess;
+ }
+ collection = nssCertificateCollection_Create(td, NULL);
+ if (!collection) {
+ return SECFailure;
+ }
+ subjectList = nssList_Create(NULL, PR_FALSE);
+ if (!subjectList) {
+ nssPKIObjectCollection_Destroy(collection);
+ return SECFailure;
+ }
+ (void)nssTrustDomain_GetCertsForSubjectFromCache(td, &subject,
+ subjectList);
+ transfer_token_certs_to_collection(subjectList, token, collection);
+ instances = nssToken_FindCertificatesBySubject(token, NULL,
+ &subject,
+ tokenOnly, 0, &nssrv);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ nssList_Destroy(subjectList);
+ certs = nssPKIObjectCollection_GetCertificates(collection,
+ NULL, 0, NULL);
+ nssPKIObjectCollection_Destroy(collection);
+ if (certs) {
+ CERTCertificate *oldie;
+ NSSCertificate **cp;
+ for (cp = certs; *cp; cp++) {
+ oldie = STAN_GetCERTCertificate(*cp);
+ if (!oldie) {
+ continue;
+ }
+ if ((*callback)(oldie, arg) != SECSuccess) {
+ nssrv = PR_FAILURE;
+ break;
+ }
+ }
+ nssCertificateArray_Destroy(certs);
+ }
+ return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
+}
+
+SECStatus
+PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot,
+ SECStatus (*callback)(CERTCertificate *, void *), void *arg)
+{
+ PRStatus nssrv = PR_SUCCESS;
+ NSSToken *token;
+ NSSTrustDomain *td;
+ NSSUTF8 *nick;
+ PRBool created = PR_FALSE;
+ nssCryptokiObject **instances;
+ nssPKIObjectCollection *collection = NULL;
+ NSSCertificate **certs;
+ nssList *nameList = NULL;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ token = PK11Slot_GetNSSToken(slot);
+ if (!nssToken_IsPresent(token)) {
+ return SECSuccess;
+ }
+ if (nickname->data[nickname->len - 1] != '\0') {
+ nick = nssUTF8_Create(NULL, nssStringType_UTF8String,
+ nickname->data, nickname->len);
+ created = PR_TRUE;
+ } else {
+ nick = (NSSUTF8 *)nickname->data;
+ }
+ td = STAN_GetDefaultTrustDomain();
+ collection = nssCertificateCollection_Create(td, NULL);
+ if (!collection) {
+ goto loser;
+ }
+ nameList = nssList_Create(NULL, PR_FALSE);
+ if (!nameList) {
+ goto loser;
+ }
+ (void)nssTrustDomain_GetCertsForNicknameFromCache(td, nick, nameList);
+ transfer_token_certs_to_collection(nameList, token, collection);
+ instances = nssToken_FindCertificatesByNickname(token, NULL,
+ nick,
+ tokenOnly, 0, &nssrv);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ nssList_Destroy(nameList);
+ certs = nssPKIObjectCollection_GetCertificates(collection,
+ NULL, 0, NULL);
+ nssPKIObjectCollection_Destroy(collection);
+ if (certs) {
+ CERTCertificate *oldie;
+ NSSCertificate **cp;
+ for (cp = certs; *cp; cp++) {
+ oldie = STAN_GetCERTCertificate(*cp);
+ if (!oldie) {
+ continue;
+ }
+ if ((*callback)(oldie, arg) != SECSuccess) {
+ nssrv = PR_FAILURE;
+ break;
+ }
+ }
+ nssCertificateArray_Destroy(certs);
+ }
+ if (created)
+ nss_ZFreeIf(nick);
+ return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
+loser:
+ if (created) {
+ nss_ZFreeIf(nick);
+ }
+ if (collection) {
+ nssPKIObjectCollection_Destroy(collection);
+ }
+ if (nameList) {
+ nssList_Destroy(nameList);
+ }
+ return SECFailure;
+}
+
+SECStatus
+PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
+ SECStatus (*callback)(CERTCertificate *, void *), void *arg)
+{
+ PRStatus nssrv;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSToken *tok;
+ nssList *certList = NULL;
+ nssCryptokiObject **instances;
+ nssPKIObjectCollection *collection;
+ NSSCertificate **certs;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ tok = PK11Slot_GetNSSToken(slot);
+ if (!nssToken_IsPresent(tok)) {
+ return SECSuccess;
+ }
+ collection = nssCertificateCollection_Create(td, NULL);
+ if (!collection) {
+ return SECFailure;
+ }
+ certList = nssList_Create(NULL, PR_FALSE);
+ if (!certList) {
+ nssPKIObjectCollection_Destroy(collection);
+ return SECFailure;
+ }
+ (void)nssTrustDomain_GetCertsFromCache(td, certList);
+ transfer_token_certs_to_collection(certList, tok, collection);
+ instances = nssToken_FindObjects(tok, NULL, CKO_CERTIFICATE,
+ tokenOnly, 0, &nssrv);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ nssList_Destroy(certList);
+ certs = nssPKIObjectCollection_GetCertificates(collection,
+ NULL, 0, NULL);
+ nssPKIObjectCollection_Destroy(collection);
+ if (certs) {
+ CERTCertificate *oldie;
+ NSSCertificate **cp;
+ for (cp = certs; *cp; cp++) {
+ oldie = STAN_GetCERTCertificate(*cp);
+ if (!oldie) {
+ continue;
+ }
+ if ((*callback)(oldie, arg) != SECSuccess) {
+ nssrv = PR_FAILURE;
+ break;
+ }
+ }
+ nssCertificateArray_Destroy(certs);
+ }
+ return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
+}
+
+/*
+ * return the certificate associated with a derCert
+ */
+CERTCertificate *
+PK11_FindCertFromDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ void *wincx)
+{
+ return PK11_FindCertFromDERCertItem(slot, &cert->derCert, wincx);
+}
+
+CERTCertificate *
+PK11_FindCertFromDERCertItem(PK11SlotInfo *slot, const SECItem *inDerCert,
+ void *wincx)
+
+{
+ NSSDER derCert;
+ NSSToken *tok;
+ nssCryptokiObject *co = NULL;
+ SECStatus rv;
+ CERTCertificate *cert = NULL;
+
+ tok = PK11Slot_GetNSSToken(slot);
+ NSSITEM_FROM_SECITEM(&derCert, inDerCert);
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ PK11_FreeSlot(slot);
+ return NULL;
+ }
+
+ co = nssToken_FindCertificateByEncodedCertificate(tok, NULL, &derCert,
+ nssTokenSearchType_TokenOnly, NULL);
+
+ if (co) {
+ cert = PK11_MakeCertFromHandle(slot, co->handle, NULL);
+ nssCryptokiObject_Destroy(co);
+ }
+
+ return cert;
+}
+
+/*
+ * import a cert for a private key we have already generated. Set the label
+ * on both to be the nickname.
+ */
+static CK_OBJECT_HANDLE
+pk11_findKeyObjectByDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ void *wincx)
+{
+ SECItem *keyID;
+ CK_OBJECT_HANDLE key;
+ SECStatus rv;
+ PRBool needLogin;
+ int err;
+
+ if ((slot == NULL) || (cert == NULL)) {
+ return CK_INVALID_HANDLE;
+ }
+
+ keyID = pk11_mkcertKeyID(cert);
+ if (keyID == NULL) {
+ return CK_INVALID_HANDLE;
+ }
+
+ /*
+ * prevent a login race condition. If slot is logged in between
+ * our call to pk11_LoginStillRequired and the
+ * pk11_FindPrivateKeyFromCerID. The matchItem call will either succeed, or
+ * we will call it one more time after calling PK11_Authenticate
+ * (which is a noop on an authenticated token).
+ */
+ needLogin = pk11_LoginStillRequired(slot, wincx);
+ key = pk11_FindPrivateKeyFromCertID(slot, keyID);
+ if ((key == CK_INVALID_HANDLE) && needLogin &&
+ (SSL_ERROR_NO_CERTIFICATE == (err = PORT_GetError()) ||
+ SEC_ERROR_TOKEN_NOT_LOGGED_IN == err)) {
+ /* authenticate and try again */
+ rv = PK11_Authenticate(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ goto loser;
+ key = pk11_FindPrivateKeyFromCertID(slot, keyID);
+ }
+
+loser:
+ SECITEM_ZfreeItem(keyID, PR_TRUE);
+ return key;
+}
+
+SECKEYPrivateKey *
+PK11_FindKeyByDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ void *wincx)
+{
+ CK_OBJECT_HANDLE keyHandle;
+
+ if ((slot == NULL) || (cert == NULL)) {
+ return NULL;
+ }
+
+ keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
+ if (keyHandle == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+
+ return PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
+}
+
+SECStatus
+PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
+ char *nickname,
+ PRBool addCertUsage, void *wincx)
+{
+ CK_OBJECT_HANDLE keyHandle;
+
+ if ((slot == NULL) || (cert == NULL) || (nickname == NULL)) {
+ return SECFailure;
+ }
+
+ keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
+ if (keyHandle == CK_INVALID_HANDLE) {
+ return SECFailure;
+ }
+
+ return PK11_ImportCert(slot, cert, keyHandle, nickname, addCertUsage);
+}
+
+/* remove when the real version comes out */
+#define SEC_OID_MISSI_KEA 300 /* until we have v3 stuff merged */
+PRBool
+KEAPQGCompare(CERTCertificate *server, CERTCertificate *cert)
+{
+
+ /* not implemented */
+ return PR_FALSE;
+}
+
+PRBool
+PK11_FortezzaHasKEA(CERTCertificate *cert)
+{
+ /* look at the subject and see if it is a KEA for MISSI key */
+ SECOidData *oid;
+ CERTCertTrust trust;
+
+ if (CERT_GetCertTrust(cert, &trust) != SECSuccess ||
+ ((trust.sslFlags & CERTDB_USER) != CERTDB_USER)) {
+ return PR_FALSE;
+ }
+
+ oid = SECOID_FindOID(&cert->subjectPublicKeyInfo.algorithm.algorithm);
+ if (!oid) {
+ return PR_FALSE;
+ }
+
+ return (PRBool)((oid->offset == SEC_OID_MISSI_KEA_DSS_OLD) ||
+ (oid->offset == SEC_OID_MISSI_KEA_DSS) ||
+ (oid->offset == SEC_OID_MISSI_KEA));
+}
+
+/*
+ * Find a kea cert on this slot that matches the domain of it's peer
+ */
+static CERTCertificate
+ *
+ pk11_GetKEAMate(PK11SlotInfo *slot, CERTCertificate *peer)
+{
+ int i;
+ CERTCertificate *returnedCert = NULL;
+
+ for (i = 0; i < slot->cert_count; i++) {
+ CERTCertificate *cert = slot->cert_array[i];
+
+ if (PK11_FortezzaHasKEA(cert) && KEAPQGCompare(peer, cert)) {
+ returnedCert = CERT_DupCertificate(cert);
+ break;
+ }
+ }
+ return returnedCert;
+}
+
+/*
+ * The following is a FORTEZZA only Certificate request. We call this when we
+ * are doing a non-client auth SSL connection. We are only interested in the
+ * fortezza slots, and we are only interested in certs that share the same root
+ * key as the server.
+ */
+CERTCertificate *
+PK11_FindBestKEAMatch(CERTCertificate *server, void *wincx)
+{
+ PK11SlotList *keaList = PK11_GetAllTokens(CKM_KEA_KEY_DERIVE,
+ PR_FALSE, PR_TRUE, wincx);
+ PK11SlotListElement *le;
+ CERTCertificate *returnedCert = NULL;
+ SECStatus rv;
+
+ if (!keaList) {
+ /* error code is set */
+ return NULL;
+ }
+
+ /* loop through all the fortezza tokens */
+ for (le = keaList->head; le; le = le->next) {
+ rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ continue;
+ if (le->slot->session == CK_INVALID_SESSION) {
+ continue;
+ }
+ returnedCert = pk11_GetKEAMate(le->slot, server);
+ if (returnedCert)
+ break;
+ }
+ PK11_FreeSlotList(keaList);
+
+ return returnedCert;
+}
+
+/*
+ * find a matched pair of kea certs to key exchange parameters from one
+ * fortezza card to another as necessary.
+ */
+SECStatus
+PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1, PK11SlotInfo *slot2,
+ CERTCertificate **cert1, CERTCertificate **cert2)
+{
+ CERTCertificate *returnedCert = NULL;
+ int i;
+
+ for (i = 0; i < slot1->cert_count; i++) {
+ CERTCertificate *cert = slot1->cert_array[i];
+
+ if (PK11_FortezzaHasKEA(cert)) {
+ returnedCert = pk11_GetKEAMate(slot2, cert);
+ if (returnedCert != NULL) {
+ *cert2 = returnedCert;
+ *cert1 = CERT_DupCertificate(cert);
+ return SECSuccess;
+ }
+ }
+ }
+ return SECFailure;
+}
+
+/*
+ * return the private key From a given Cert
+ */
+CK_OBJECT_HANDLE
+PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert, void *wincx)
+{
+ CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_VALUE, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ /* if you change the array, change the variable below as well */
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_ATTRIBUTE *attrs = theTemplate;
+ SECStatus rv;
+
+ PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
+ cert->derCert.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
+
+ /*
+ * issue the find
+ */
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ return CK_INVALID_HANDLE;
+ }
+
+ return pk11_getcerthandle(slot, cert, theTemplate, tsize);
+}
+
+/* Looking for PK11_GetKeyIDFromCert?
+ * Use PK11_GetLowLevelKeyIDForCert instead.
+ */
+
+struct listCertsStr {
+ PK11CertListType type;
+ CERTCertList *certList;
+};
+
+static PRStatus
+pk11ListCertCallback(NSSCertificate *c, void *arg)
+{
+ struct listCertsStr *listCertP = (struct listCertsStr *)arg;
+ CERTCertificate *newCert = NULL;
+ PK11CertListType type = listCertP->type;
+ CERTCertList *certList = listCertP->certList;
+ PRBool isUnique = PR_FALSE;
+ PRBool isCA = PR_FALSE;
+ char *nickname = NULL;
+ unsigned int certType;
+ SECStatus rv;
+
+ if ((type == PK11CertListUnique) || (type == PK11CertListRootUnique) ||
+ (type == PK11CertListCAUnique) || (type == PK11CertListUserUnique)) {
+ /* only list one instance of each certificate, even if several exist */
+ isUnique = PR_TRUE;
+ }
+ if ((type == PK11CertListCA) || (type == PK11CertListRootUnique) ||
+ (type == PK11CertListCAUnique)) {
+ isCA = PR_TRUE;
+ }
+
+ /* if we want user certs and we don't have one skip this cert */
+ if (((type == PK11CertListUser) || (type == PK11CertListUserUnique)) &&
+ !NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL)) {
+ return PR_SUCCESS;
+ }
+
+ /* PK11CertListRootUnique means we want CA certs without a private key.
+ * This is for legacy app support . PK11CertListCAUnique should be used
+ * instead to get all CA certs, regardless of private key
+ */
+ if ((type == PK11CertListRootUnique) &&
+ NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL)) {
+ return PR_SUCCESS;
+ }
+
+ /* caller still owns the reference to 'c' */
+ newCert = STAN_GetCERTCertificate(c);
+ if (!newCert) {
+ return PR_SUCCESS;
+ }
+ /* if we want CA certs and it ain't one, skip it */
+ if (isCA && (!CERT_IsCACert(newCert, &certType))) {
+ return PR_SUCCESS;
+ }
+ if (isUnique) {
+ CERT_DupCertificate(newCert);
+
+ nickname = STAN_GetCERTCertificateName(certList->arena, c);
+
+ /* put slot certs at the end */
+ if (newCert->slot && !PK11_IsInternal(newCert->slot)) {
+ rv = CERT_AddCertToListTailWithData(certList, newCert, nickname);
+ } else {
+ rv = CERT_AddCertToListHeadWithData(certList, newCert, nickname);
+ }
+ /* if we didn't add the cert to the list, don't leak it */
+ if (rv != SECSuccess) {
+ CERT_DestroyCertificate(newCert);
+ }
+ } else {
+ /* add multiple instances to the cert list */
+ nssCryptokiObject **ip;
+ nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
+ if (!instances) {
+ return PR_SUCCESS;
+ }
+ for (ip = instances; *ip; ip++) {
+ nssCryptokiObject *instance = *ip;
+ PK11SlotInfo *slot = instance->token->pk11slot;
+
+ /* put the same CERTCertificate in the list for all instances */
+ CERT_DupCertificate(newCert);
+
+ nickname = STAN_GetCERTCertificateNameForInstance(
+ certList->arena, c, instance);
+
+ /* put slot certs at the end */
+ if (slot && !PK11_IsInternal(slot)) {
+ rv = CERT_AddCertToListTailWithData(certList, newCert, nickname);
+ } else {
+ rv = CERT_AddCertToListHeadWithData(certList, newCert, nickname);
+ }
+ /* if we didn't add the cert to the list, don't leak it */
+ if (rv != SECSuccess) {
+ CERT_DestroyCertificate(newCert);
+ }
+ }
+ nssCryptokiObjectArray_Destroy(instances);
+ }
+ return PR_SUCCESS;
+}
+
+CERTCertList *
+PK11_ListCerts(PK11CertListType type, void *pwarg)
+{
+ NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
+ CERTCertList *certList = NULL;
+ struct listCertsStr listCerts;
+ certList = CERT_NewCertList();
+ listCerts.type = type;
+ listCerts.certList = certList;
+
+ /* authenticate to the slots */
+ (void)pk11_TraverseAllSlots(NULL, NULL, PR_TRUE, pwarg);
+ NSSTrustDomain_TraverseCertificates(defaultTD, pk11ListCertCallback,
+ &listCerts);
+ return certList;
+}
+
+SECItem *
+PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
+ CERTCertificate *cert, void *wincx)
+{
+ CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_VALUE, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ /* if you change the array, change the variable below as well */
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_OBJECT_HANDLE certHandle;
+ CK_ATTRIBUTE *attrs = theTemplate;
+ PK11SlotInfo *slotRef = NULL;
+ SECItem *item;
+ SECStatus rv;
+
+ if (slot) {
+ PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
+ cert->derCert.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
+
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ certHandle = pk11_getcerthandle(slot, cert, theTemplate, tsize);
+ } else {
+ certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef);
+ if (certHandle == CK_INVALID_HANDLE) {
+ return pk11_mkcertKeyID(cert);
+ }
+ slot = slotRef;
+ }
+
+ if (certHandle == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+
+ item = pk11_GetLowLevelKeyFromHandle(slot, certHandle);
+ if (slotRef)
+ PK11_FreeSlot(slotRef);
+ return item;
+}
+
+/* argument type for listCertsCallback */
+typedef struct {
+ CERTCertList *list;
+ PK11SlotInfo *slot;
+} ListCertsArg;
+
+static SECStatus
+listCertsCallback(CERTCertificate *cert, void *arg)
+{
+ ListCertsArg *cdata = (ListCertsArg *)arg;
+ char *nickname = NULL;
+ nssCryptokiObject *instance, **ci;
+ nssCryptokiObject **instances;
+ NSSCertificate *c = STAN_GetNSSCertificate(cert);
+ SECStatus rv;
+
+ if (c == NULL) {
+ return SECFailure;
+ }
+ instances = nssPKIObject_GetInstances(&c->object);
+ if (!instances) {
+ return SECFailure;
+ }
+ instance = NULL;
+ for (ci = instances; *ci; ci++) {
+ if ((*ci)->token->pk11slot == cdata->slot) {
+ instance = *ci;
+ break;
+ }
+ }
+ PORT_Assert(instance != NULL);
+ if (!instance) {
+ nssCryptokiObjectArray_Destroy(instances);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ nickname = STAN_GetCERTCertificateNameForInstance(cdata->list->arena,
+ c, instance);
+ nssCryptokiObjectArray_Destroy(instances);
+
+ CERT_DupCertificate(cert);
+ rv = CERT_AddCertToListTailWithData(cdata->list, cert, nickname);
+ if (rv != SECSuccess) {
+ CERT_DestroyCertificate(cert);
+ }
+ return rv;
+}
+
+CERTCertList *
+PK11_ListCertsInSlot(PK11SlotInfo *slot)
+{
+ SECStatus status;
+ CERTCertList *certs;
+ ListCertsArg cdata;
+
+ certs = CERT_NewCertList();
+ if (certs == NULL)
+ return NULL;
+ cdata.list = certs;
+ cdata.slot = slot;
+
+ status = PK11_TraverseCertsInSlot(slot, listCertsCallback,
+ &cdata);
+
+ if (status != SECSuccess) {
+ CERT_DestroyCertList(certs);
+ certs = NULL;
+ }
+
+ return certs;
+}
+
+PK11SlotList *
+PK11_GetAllSlotsForCert(CERTCertificate *cert, void *arg)
+{
+ nssCryptokiObject **ip;
+ PK11SlotList *slotList;
+ NSSCertificate *c;
+ nssCryptokiObject **instances;
+ PRBool found = PR_FALSE;
+
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ c = STAN_GetNSSCertificate(cert);
+ if (!c) {
+ CERT_MapStanError();
+ return NULL;
+ }
+
+ /* add multiple instances to the cert list */
+ instances = nssPKIObject_GetInstances(&c->object);
+ if (!instances) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return NULL;
+ }
+
+ slotList = PK11_NewSlotList();
+ if (!slotList) {
+ nssCryptokiObjectArray_Destroy(instances);
+ return NULL;
+ }
+
+ for (ip = instances; *ip; ip++) {
+ nssCryptokiObject *instance = *ip;
+ PK11SlotInfo *slot = instance->token->pk11slot;
+ if (slot) {
+ PK11_AddSlotToList(slotList, slot, PR_TRUE);
+ found = PR_TRUE;
+ }
+ }
+ if (!found) {
+ PK11_FreeSlotList(slotList);
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ slotList = NULL;
+ }
+
+ nssCryptokiObjectArray_Destroy(instances);
+ return slotList;
+}
+
+/*
+ * Using __PK11_SetCertificateNickname is *DANGEROUS*.
+ *
+ * The API will update the NSS database, but it *will NOT* update the in-memory data.
+ * As a result, after calling this API, there will be INCONSISTENCY between
+ * in-memory data and the database.
+ *
+ * Use of the API should be limited to short-lived tools, which will exit immediately
+ * after using this API.
+ *
+ * If you ignore this warning, your process is TAINTED and will most likely misbehave.
+ */
+SECStatus
+__PK11_SetCertificateNickname(CERTCertificate *cert, const char *nickname)
+{
+ /* Can't set nickname of temp cert. */
+ if (!cert->slot || cert->pkcs11ID == CK_INVALID_HANDLE) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return PK11_SetObjectNickname(cert->slot, cert->pkcs11ID, nickname);
+}
diff --git a/security/nss/lib/pk11wrap/pk11cxt.c b/security/nss/lib/pk11wrap/pk11cxt.c
new file mode 100644
index 000000000..e9726d03c
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11cxt.c
@@ -0,0 +1,1019 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file PK11Contexts which are used in multipart hashing,
+ * encryption/decryption, and signing/verication operations.
+ */
+
+#include "seccomon.h"
+#include "secmod.h"
+#include "nssilock.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "sechash.h"
+#include "secerr.h"
+
+static const SECItem pk11_null_params = { 0 };
+
+/**********************************************************************
+ *
+ * Now Deal with Crypto Contexts
+ *
+ **********************************************************************/
+
+/*
+ * the monitors...
+ */
+void
+PK11_EnterContextMonitor(PK11Context *cx)
+{
+ /* if we own the session and our slot is ThreadSafe, only monitor
+ * the Context */
+ if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
+ /* Should this use monitors instead? */
+ PZ_Lock(cx->sessionLock);
+ } else {
+ PK11_EnterSlotMonitor(cx->slot);
+ }
+}
+
+void
+PK11_ExitContextMonitor(PK11Context *cx)
+{
+ /* if we own the session and our slot is ThreadSafe, only monitor
+ * the Context */
+ if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
+ /* Should this use monitors instead? */
+ PZ_Unlock(cx->sessionLock);
+ } else {
+ PK11_ExitSlotMonitor(cx->slot);
+ }
+}
+
+/*
+ * Free up a Cipher Context
+ */
+void
+PK11_DestroyContext(PK11Context *context, PRBool freeit)
+{
+ pk11_CloseSession(context->slot, context->session, context->ownSession);
+ /* initialize the critical fields of the context */
+ if (context->savedData != NULL)
+ PORT_Free(context->savedData);
+ if (context->key)
+ PK11_FreeSymKey(context->key);
+ if (context->param && context->param != &pk11_null_params)
+ SECITEM_FreeItem(context->param, PR_TRUE);
+ if (context->sessionLock)
+ PZ_DestroyLock(context->sessionLock);
+ PK11_FreeSlot(context->slot);
+ if (freeit)
+ PORT_Free(context);
+}
+
+/*
+ * save the current context. Allocate Space if necessary.
+ */
+static unsigned char *
+pk11_saveContextHelper(PK11Context *context, unsigned char *buffer,
+ unsigned long *savedLength)
+{
+ CK_RV crv;
+
+ /* If buffer is NULL, this will get the length */
+ crv = PK11_GETTAB(context->slot)->C_GetOperationState(context->session, (CK_BYTE_PTR)buffer, savedLength);
+ if (!buffer || (crv == CKR_BUFFER_TOO_SMALL)) {
+ /* the given buffer wasn't big enough (or was NULL), but we
+ * have the length, so try again with a new buffer and the
+ * correct length
+ */
+ unsigned long bufLen = *savedLength;
+ buffer = PORT_Alloc(bufLen);
+ if (buffer == NULL) {
+ return (unsigned char *)NULL;
+ }
+ crv = PK11_GETTAB(context->slot)->C_GetOperationState(context->session, (CK_BYTE_PTR)buffer, savedLength);
+ if (crv != CKR_OK) {
+ PORT_ZFree(buffer, bufLen);
+ }
+ }
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return (unsigned char *)NULL;
+ }
+ return buffer;
+}
+
+void *
+pk11_saveContext(PK11Context *context, void *space, unsigned long *savedLength)
+{
+ return pk11_saveContextHelper(context,
+ (unsigned char *)space, savedLength);
+}
+
+/*
+ * restore the current context
+ */
+SECStatus
+pk11_restoreContext(PK11Context *context, void *space, unsigned long savedLength)
+{
+ CK_RV crv;
+ CK_OBJECT_HANDLE objectID = (context->key) ? context->key->objectID : CK_INVALID_HANDLE;
+
+ PORT_Assert(space != NULL);
+ if (space == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(context->slot)->C_SetOperationState(context->session, (CK_BYTE_PTR)space, savedLength, objectID, 0);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus pk11_Finalize(PK11Context *context);
+
+/*
+ * Context initialization. Used by all flavors of CreateContext
+ */
+static SECStatus
+pk11_context_init(PK11Context *context, CK_MECHANISM *mech_info)
+{
+ CK_RV crv;
+ PK11SymKey *symKey = context->key;
+ SECStatus rv = SECSuccess;
+
+ switch (context->operation) {
+ case CKA_ENCRYPT:
+ crv = PK11_GETTAB(context->slot)->C_EncryptInit(context->session, mech_info, symKey->objectID);
+ break;
+ case CKA_DECRYPT:
+ if (context->fortezzaHack) {
+ CK_ULONG count = 0;
+ /* generate the IV for fortezza */
+ crv = PK11_GETTAB(context->slot)->C_EncryptInit(context->session, mech_info, symKey->objectID);
+ if (crv != CKR_OK)
+ break;
+ PK11_GETTAB(context->slot)
+ ->C_EncryptFinal(context->session,
+ NULL, &count);
+ }
+ crv = PK11_GETTAB(context->slot)->C_DecryptInit(context->session, mech_info, symKey->objectID);
+ break;
+ case CKA_SIGN:
+ crv = PK11_GETTAB(context->slot)->C_SignInit(context->session, mech_info, symKey->objectID);
+ break;
+ case CKA_VERIFY:
+ crv = PK11_GETTAB(context->slot)->C_SignInit(context->session, mech_info, symKey->objectID);
+ break;
+ case CKA_DIGEST:
+ crv = PK11_GETTAB(context->slot)->C_DigestInit(context->session, mech_info);
+ break;
+ default:
+ crv = CKR_OPERATION_NOT_INITIALIZED;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ /*
+ * handle session starvation case.. use our last session to multiplex
+ */
+ if (!context->ownSession) {
+ context->savedData = pk11_saveContext(context, context->savedData,
+ &context->savedLength);
+ if (context->savedData == NULL)
+ rv = SECFailure;
+ /* clear out out session for others to use */
+ pk11_Finalize(context);
+ }
+ return rv;
+}
+
+/*
+ * Common Helper Function do come up with a new context.
+ */
+static PK11Context *
+pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type,
+ PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey,
+ SECItem *param)
+{
+ CK_MECHANISM mech_info;
+ PK11Context *context;
+ SECStatus rv;
+
+ PORT_Assert(slot != NULL);
+ if (!slot || (!symKey && ((operation != CKA_DIGEST) ||
+ (type == CKM_SKIPJACK_CBC64)))) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ context = (PK11Context *)PORT_Alloc(sizeof(PK11Context));
+ if (context == NULL) {
+ return NULL;
+ }
+
+ /* now deal with the fortezza hack... the fortezza hack is an attempt
+ * to get around the issue of the card not allowing you to do a FORTEZZA
+ * LoadIV/Encrypt, which was added because such a combination could be
+ * use to circumvent the key escrow system. Unfortunately SSL needs to
+ * do this kind of operation, so in SSL we do a loadIV (to verify it),
+ * Then GenerateIV, and through away the first 8 bytes on either side
+ * of the connection.*/
+ context->fortezzaHack = PR_FALSE;
+ if (type == CKM_SKIPJACK_CBC64) {
+ if (symKey->origin == PK11_OriginFortezzaHack) {
+ context->fortezzaHack = PR_TRUE;
+ }
+ }
+
+ /* initialize the critical fields of the context */
+ context->operation = operation;
+ context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL;
+ context->slot = PK11_ReferenceSlot(slot);
+ context->session = pk11_GetNewSession(slot, &context->ownSession);
+ context->cx = symKey ? symKey->cx : NULL;
+ /* get our session */
+ context->savedData = NULL;
+
+ /* save the parameters so that some digesting stuff can do multiple
+ * begins on a single context */
+ context->type = type;
+ if (param) {
+ if (param->len > 0) {
+ context->param = SECITEM_DupItem(param);
+ } else {
+ context->param = (SECItem *)&pk11_null_params;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ context->param = NULL;
+ }
+ context->init = PR_FALSE;
+ context->sessionLock = PZ_NewLock(nssILockPK11cxt);
+ if ((context->param == NULL) || (context->sessionLock == NULL)) {
+ PK11_DestroyContext(context, PR_TRUE);
+ return NULL;
+ }
+
+ mech_info.mechanism = type;
+ mech_info.pParameter = param->data;
+ mech_info.ulParameterLen = param->len;
+ PK11_EnterContextMonitor(context);
+ rv = pk11_context_init(context, &mech_info);
+ PK11_ExitContextMonitor(context);
+
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(context, PR_TRUE);
+ return NULL;
+ }
+ context->init = PR_TRUE;
+ return context;
+}
+
+/*
+ * put together the various PK11_Create_Context calls used by different
+ * parts of libsec.
+ */
+PK11Context *
+__PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
+ SECItem *param, void *wincx)
+{
+ PK11SymKey *symKey = NULL;
+ PK11Context *context = NULL;
+
+ /* first get a slot */
+ if (slot == NULL) {
+ slot = PK11_GetBestSlot(type, wincx);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ goto loser;
+ }
+ } else {
+ PK11_ReferenceSlot(slot);
+ }
+
+ /* now import the key */
+ symKey = PK11_ImportSymKey(slot, type, origin, operation, key, wincx);
+ if (symKey == NULL)
+ goto loser;
+
+ context = PK11_CreateContextBySymKey(type, operation, symKey, param);
+
+loser:
+ if (symKey) {
+ PK11_FreeSymKey(symKey);
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+
+ return context;
+}
+
+PK11Context *
+PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
+ SECItem *param, void *wincx)
+{
+ return __PK11_CreateContextByRawKey(slot, type, origin, operation,
+ key, param, wincx);
+}
+
+/*
+ * Create a context from a key. We really should make sure we aren't using
+ * the same key in multiple session!
+ */
+PK11Context *
+PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE operation,
+ PK11SymKey *symKey, SECItem *param)
+{
+ PK11SymKey *newKey;
+ PK11Context *context;
+
+ /* if this slot doesn't support the mechanism, go to a slot that does */
+ newKey = pk11_ForceSlot(symKey, type, operation);
+ if (newKey == NULL) {
+ PK11_ReferenceSymKey(symKey);
+ } else {
+ symKey = newKey;
+ }
+
+ /* Context Adopts the symKey.... */
+ context = pk11_CreateNewContextInSlot(type, symKey->slot, operation, symKey,
+ param);
+ PK11_FreeSymKey(symKey);
+ return context;
+}
+
+/*
+ * Digest contexts don't need keys, but the do need to find a slot.
+ * Macing should use PK11_CreateContextBySymKey.
+ */
+PK11Context *
+PK11_CreateDigestContext(SECOidTag hashAlg)
+{
+ /* digesting has to work without authentication to the slot */
+ CK_MECHANISM_TYPE type;
+ PK11SlotInfo *slot;
+ PK11Context *context;
+ SECItem param;
+
+ type = PK11_AlgtagToMechanism(hashAlg);
+ slot = PK11_GetBestSlot(type, NULL);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+
+ /* maybe should really be PK11_GenerateNewParam?? */
+ param.data = NULL;
+ param.len = 0;
+ param.type = 0;
+
+ context = pk11_CreateNewContextInSlot(type, slot, CKA_DIGEST, NULL, &param);
+ PK11_FreeSlot(slot);
+ return context;
+}
+
+/*
+ * create a new context which is the clone of the state of old context.
+ */
+PK11Context *
+PK11_CloneContext(PK11Context *old)
+{
+ PK11Context *newcx;
+ PRBool needFree = PR_FALSE;
+ SECStatus rv = SECSuccess;
+ void *data;
+ unsigned long len;
+
+ newcx = pk11_CreateNewContextInSlot(old->type, old->slot, old->operation,
+ old->key, old->param);
+ if (newcx == NULL)
+ return NULL;
+
+ /* now clone the save state. First we need to find the save state
+ * of the old session. If the old context owns it's session,
+ * the state needs to be saved, otherwise the state is in saveData. */
+ if (old->ownSession) {
+ PK11_EnterContextMonitor(old);
+ data = pk11_saveContext(old, NULL, &len);
+ PK11_ExitContextMonitor(old);
+ needFree = PR_TRUE;
+ } else {
+ data = old->savedData;
+ len = old->savedLength;
+ }
+
+ if (data == NULL) {
+ PK11_DestroyContext(newcx, PR_TRUE);
+ return NULL;
+ }
+
+ /* now copy that state into our new context. Again we have different
+ * work if the new context owns it's own session. If it does, we
+ * restore the state gathered above. If it doesn't, we copy the
+ * saveData pointer... */
+ if (newcx->ownSession) {
+ PK11_EnterContextMonitor(newcx);
+ rv = pk11_restoreContext(newcx, data, len);
+ PK11_ExitContextMonitor(newcx);
+ } else {
+ PORT_Assert(newcx->savedData != NULL);
+ if ((newcx->savedData == NULL) || (newcx->savedLength < len)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ } else {
+ PORT_Memcpy(newcx->savedData, data, len);
+ newcx->savedLength = len;
+ }
+ }
+
+ if (needFree)
+ PORT_Free(data);
+
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(newcx, PR_TRUE);
+ return NULL;
+ }
+ return newcx;
+}
+
+/*
+ * save the current context state into a variable. Required to make FORTEZZA
+ * work.
+ */
+SECStatus
+PK11_SaveContext(PK11Context *cx, unsigned char *save, int *len, int saveLength)
+{
+ unsigned char *data = NULL;
+ CK_ULONG length = saveLength;
+
+ if (cx->ownSession) {
+ PK11_EnterContextMonitor(cx);
+ data = pk11_saveContextHelper(cx, save, &length);
+ PK11_ExitContextMonitor(cx);
+ if (data)
+ *len = length;
+ } else if ((unsigned)saveLength >= cx->savedLength) {
+ data = (unsigned char *)cx->savedData;
+ if (cx->savedData) {
+ PORT_Memcpy(save, cx->savedData, cx->savedLength);
+ }
+ *len = cx->savedLength;
+ }
+ if (data != NULL) {
+ if (cx->ownSession) {
+ PORT_ZFree(data, length);
+ }
+ return SECSuccess;
+ } else {
+ return SECFailure;
+ }
+}
+
+/* same as above, but may allocate the return buffer. */
+unsigned char *
+PK11_SaveContextAlloc(PK11Context *cx,
+ unsigned char *preAllocBuf, unsigned int pabLen,
+ unsigned int *stateLen)
+{
+ unsigned char *stateBuf = NULL;
+ unsigned long length = (unsigned long)pabLen;
+
+ if (cx->ownSession) {
+ PK11_EnterContextMonitor(cx);
+ stateBuf = pk11_saveContextHelper(cx, preAllocBuf, &length);
+ PK11_ExitContextMonitor(cx);
+ *stateLen = (stateBuf != NULL) ? length : 0;
+ } else {
+ if (pabLen < cx->savedLength) {
+ stateBuf = (unsigned char *)PORT_Alloc(cx->savedLength);
+ if (!stateBuf) {
+ return (unsigned char *)NULL;
+ }
+ } else {
+ stateBuf = preAllocBuf;
+ }
+ if (cx->savedData) {
+ PORT_Memcpy(stateBuf, cx->savedData, cx->savedLength);
+ }
+ *stateLen = cx->savedLength;
+ }
+ return stateBuf;
+}
+
+/*
+ * restore the context state into a new running context. Also required for
+ * FORTEZZA .
+ */
+SECStatus
+PK11_RestoreContext(PK11Context *cx, unsigned char *save, int len)
+{
+ SECStatus rv = SECSuccess;
+ if (cx->ownSession) {
+ PK11_EnterContextMonitor(cx);
+ pk11_Finalize(cx);
+ rv = pk11_restoreContext(cx, save, len);
+ PK11_ExitContextMonitor(cx);
+ } else {
+ PORT_Assert(cx->savedData != NULL);
+ if ((cx->savedData == NULL) || (cx->savedLength < (unsigned)len)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ } else {
+ PORT_Memcpy(cx->savedData, save, len);
+ cx->savedLength = len;
+ }
+ }
+ return rv;
+}
+
+/*
+ * This is to get FIPS compliance until we can convert
+ * libjar to use PK11_ hashing functions. It returns PR_FALSE
+ * if we can't get a PK11 Context.
+ */
+PRBool
+PK11_HashOK(SECOidTag algID)
+{
+ PK11Context *cx;
+
+ cx = PK11_CreateDigestContext(algID);
+ if (cx == NULL)
+ return PR_FALSE;
+ PK11_DestroyContext(cx, PR_TRUE);
+ return PR_TRUE;
+}
+
+/*
+ * start a new digesting or Mac'ing operation on this context
+ */
+SECStatus
+PK11_DigestBegin(PK11Context *cx)
+{
+ CK_MECHANISM mech_info;
+ SECStatus rv;
+
+ if (cx->init == PR_TRUE) {
+ return SECSuccess;
+ }
+
+ /*
+ * make sure the old context is clear first
+ */
+ PK11_EnterContextMonitor(cx);
+ pk11_Finalize(cx);
+
+ mech_info.mechanism = cx->type;
+ mech_info.pParameter = cx->param->data;
+ mech_info.ulParameterLen = cx->param->len;
+ rv = pk11_context_init(cx, &mech_info);
+ PK11_ExitContextMonitor(cx);
+
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ cx->init = PR_TRUE;
+ return SECSuccess;
+}
+
+SECStatus
+PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, const unsigned char *in,
+ PRInt32 len)
+{
+ PK11Context *context;
+ unsigned int max_length;
+ unsigned int out_length;
+ SECStatus rv;
+
+ /* len will be passed to PK11_DigestOp as unsigned. */
+ if (len < 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ context = PK11_CreateDigestContext(hashAlg);
+ if (context == NULL)
+ return SECFailure;
+
+ rv = PK11_DigestBegin(context);
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(context, PR_TRUE);
+ return rv;
+ }
+
+ rv = PK11_DigestOp(context, in, len);
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(context, PR_TRUE);
+ return rv;
+ }
+
+ /* XXX This really should have been an argument to this function! */
+ max_length = HASH_ResultLenByOidTag(hashAlg);
+ PORT_Assert(max_length);
+ if (!max_length)
+ max_length = HASH_LENGTH_MAX;
+
+ rv = PK11_DigestFinal(context, out, &out_length, max_length);
+ PK11_DestroyContext(context, PR_TRUE);
+ return rv;
+}
+
+/*
+ * execute a bulk encryption operation
+ */
+SECStatus
+PK11_CipherOp(PK11Context *context, unsigned char *out, int *outlen,
+ int maxout, const unsigned char *in, int inlen)
+{
+ CK_RV crv = CKR_OK;
+ CK_ULONG length = maxout;
+ CK_ULONG offset = 0;
+ SECStatus rv = SECSuccess;
+ unsigned char *saveOut = out;
+ unsigned char *allocOut = NULL;
+
+ /* if we ran out of session, we need to restore our previously stored
+ * state.
+ */
+ PK11_EnterContextMonitor(context);
+ if (!context->ownSession) {
+ rv = pk11_restoreContext(context, context->savedData,
+ context->savedLength);
+ if (rv != SECSuccess) {
+ PK11_ExitContextMonitor(context);
+ return rv;
+ }
+ }
+
+ /*
+ * The fortezza hack is to send 8 extra bytes on the first encrypted and
+ * lose them on the first decrypt.
+ */
+ if (context->fortezzaHack) {
+ unsigned char random[8];
+ if (context->operation == CKA_ENCRYPT) {
+ PK11_ExitContextMonitor(context);
+ rv = PK11_GenerateRandom(random, sizeof(random));
+ PK11_EnterContextMonitor(context);
+
+ /* since we are offseting the output, we can't encrypt back into
+ * the same buffer... allocate a temporary buffer just for this
+ * call. */
+ allocOut = out = (unsigned char *)PORT_Alloc(maxout);
+ if (out == NULL) {
+ PK11_ExitContextMonitor(context);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session, random, sizeof(random), out, &length);
+
+ out += length;
+ maxout -= length;
+ offset = length;
+ } else if (context->operation == CKA_DECRYPT) {
+ length = sizeof(random);
+ crv = PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session, (CK_BYTE_PTR)in, sizeof(random), random, &length);
+ inlen -= length;
+ in += length;
+ context->fortezzaHack = PR_FALSE;
+ }
+ }
+
+ switch (context->operation) {
+ case CKA_ENCRYPT:
+ length = maxout;
+ crv = PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session, (CK_BYTE_PTR)in, inlen, out, &length);
+ length += offset;
+ break;
+ case CKA_DECRYPT:
+ length = maxout;
+ crv = PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session, (CK_BYTE_PTR)in, inlen, out, &length);
+ break;
+ default:
+ crv = CKR_OPERATION_NOT_INITIALIZED;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ *outlen = 0;
+ rv = SECFailure;
+ } else {
+ *outlen = length;
+ }
+
+ if (context->fortezzaHack) {
+ if (context->operation == CKA_ENCRYPT) {
+ PORT_Assert(allocOut);
+ PORT_Memcpy(saveOut, allocOut, length);
+ PORT_Free(allocOut);
+ }
+ context->fortezzaHack = PR_FALSE;
+ }
+
+ /*
+ * handle session starvation case.. use our last session to multiplex
+ */
+ if (!context->ownSession) {
+ context->savedData = pk11_saveContext(context, context->savedData,
+ &context->savedLength);
+ if (context->savedData == NULL)
+ rv = SECFailure;
+
+ /* clear out out session for others to use */
+ pk11_Finalize(context);
+ }
+ PK11_ExitContextMonitor(context);
+ return rv;
+}
+
+/*
+ * execute a digest/signature operation
+ */
+SECStatus
+PK11_DigestOp(PK11Context *context, const unsigned char *in, unsigned inLen)
+{
+ CK_RV crv = CKR_OK;
+ SECStatus rv = SECSuccess;
+
+ if (inLen == 0) {
+ return SECSuccess;
+ }
+ if (!in) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* if we ran out of session, we need to restore our previously stored
+ * state.
+ */
+ context->init = PR_FALSE;
+ PK11_EnterContextMonitor(context);
+ if (!context->ownSession) {
+ rv = pk11_restoreContext(context, context->savedData,
+ context->savedLength);
+ if (rv != SECSuccess) {
+ PK11_ExitContextMonitor(context);
+ return rv;
+ }
+ }
+
+ switch (context->operation) {
+ /* also for MAC'ing */
+ case CKA_SIGN:
+ crv = PK11_GETTAB(context->slot)->C_SignUpdate(context->session, (unsigned char *)in, inLen);
+ break;
+ case CKA_VERIFY:
+ crv = PK11_GETTAB(context->slot)->C_VerifyUpdate(context->session, (unsigned char *)in, inLen);
+ break;
+ case CKA_DIGEST:
+ crv = PK11_GETTAB(context->slot)->C_DigestUpdate(context->session, (unsigned char *)in, inLen);
+ break;
+ default:
+ crv = CKR_OPERATION_NOT_INITIALIZED;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ }
+
+ /*
+ * handle session starvation case.. use our last session to multiplex
+ */
+ if (!context->ownSession) {
+ context->savedData = pk11_saveContext(context, context->savedData,
+ &context->savedLength);
+ if (context->savedData == NULL)
+ rv = SECFailure;
+
+ /* clear out out session for others to use */
+ pk11_Finalize(context);
+ }
+ PK11_ExitContextMonitor(context);
+ return rv;
+}
+
+/*
+ * Digest a key if possible./
+ */
+SECStatus
+PK11_DigestKey(PK11Context *context, PK11SymKey *key)
+{
+ CK_RV crv = CKR_OK;
+ SECStatus rv = SECSuccess;
+ PK11SymKey *newKey = NULL;
+
+ if (!context || !key) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* if we ran out of session, we need to restore our previously stored
+ * state.
+ */
+ if (context->slot != key->slot) {
+ newKey = pk11_CopyToSlot(context->slot, CKM_SSL3_SHA1_MAC, CKA_SIGN, key);
+ } else {
+ newKey = PK11_ReferenceSymKey(key);
+ }
+
+ context->init = PR_FALSE;
+ PK11_EnterContextMonitor(context);
+ if (!context->ownSession) {
+ rv = pk11_restoreContext(context, context->savedData,
+ context->savedLength);
+ if (rv != SECSuccess) {
+ PK11_ExitContextMonitor(context);
+ PK11_FreeSymKey(newKey);
+ return rv;
+ }
+ }
+
+ if (newKey == NULL) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ if (key->data.data) {
+ crv = PK11_GETTAB(context->slot)->C_DigestUpdate(context->session, key->data.data, key->data.len);
+ }
+ } else {
+ crv = PK11_GETTAB(context->slot)->C_DigestKey(context->session, newKey->objectID);
+ }
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ }
+
+ /*
+ * handle session starvation case.. use our last session to multiplex
+ */
+ if (!context->ownSession) {
+ context->savedData = pk11_saveContext(context, context->savedData,
+ &context->savedLength);
+ if (context->savedData == NULL)
+ rv = SECFailure;
+
+ /* clear out out session for others to use */
+ pk11_Finalize(context);
+ }
+ PK11_ExitContextMonitor(context);
+ if (newKey)
+ PK11_FreeSymKey(newKey);
+ return rv;
+}
+
+/*
+ * externally callable version of the lowercase pk11_finalize().
+ */
+SECStatus
+PK11_Finalize(PK11Context *context)
+{
+ SECStatus rv;
+
+ PK11_EnterContextMonitor(context);
+ rv = pk11_Finalize(context);
+ PK11_ExitContextMonitor(context);
+ return rv;
+}
+
+/*
+ * clean up a cipher operation, so the session can be used by
+ * someone new.
+ */
+SECStatus
+pk11_Finalize(PK11Context *context)
+{
+ CK_ULONG count = 0;
+ CK_RV crv;
+ unsigned char stackBuf[256];
+ unsigned char *buffer = NULL;
+
+ if (!context->ownSession) {
+ return SECSuccess;
+ }
+
+finalize:
+ switch (context->operation) {
+ case CKA_ENCRYPT:
+ crv = PK11_GETTAB(context->slot)->C_EncryptFinal(context->session, buffer, &count);
+ break;
+ case CKA_DECRYPT:
+ crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session, buffer, &count);
+ break;
+ case CKA_SIGN:
+ crv = PK11_GETTAB(context->slot)->C_SignFinal(context->session, buffer, &count);
+ break;
+ case CKA_VERIFY:
+ crv = PK11_GETTAB(context->slot)->C_VerifyFinal(context->session, buffer, count);
+ break;
+ case CKA_DIGEST:
+ crv = PK11_GETTAB(context->slot)->C_DigestFinal(context->session, buffer, &count);
+ break;
+ default:
+ crv = CKR_OPERATION_NOT_INITIALIZED;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ if (buffer != stackBuf) {
+ PORT_Free(buffer);
+ }
+ if (crv == CKR_OPERATION_NOT_INITIALIZED) {
+ /* if there's no operation, it is finalized */
+ return SECSuccess;
+ }
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ /* try to finalize the session with a buffer */
+ if (buffer == NULL) {
+ if (count <= sizeof stackBuf) {
+ buffer = stackBuf;
+ } else {
+ buffer = PORT_Alloc(count);
+ if (buffer == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ }
+ goto finalize;
+ }
+ if (buffer != stackBuf) {
+ PORT_Free(buffer);
+ }
+ return SECSuccess;
+}
+
+/*
+ * Return the final digested or signed data...
+ * this routine can either take pre initialized data, or allocate data
+ * either out of an arena or out of the standard heap.
+ */
+SECStatus
+PK11_DigestFinal(PK11Context *context, unsigned char *data,
+ unsigned int *outLen, unsigned int length)
+{
+ CK_ULONG len;
+ CK_RV crv;
+ SECStatus rv;
+
+ /* if we ran out of session, we need to restore our previously stored
+ * state.
+ */
+ PK11_EnterContextMonitor(context);
+ if (!context->ownSession) {
+ rv = pk11_restoreContext(context, context->savedData,
+ context->savedLength);
+ if (rv != SECSuccess) {
+ PK11_ExitContextMonitor(context);
+ return rv;
+ }
+ }
+
+ len = length;
+ switch (context->operation) {
+ case CKA_SIGN:
+ crv = PK11_GETTAB(context->slot)->C_SignFinal(context->session, data, &len);
+ break;
+ case CKA_VERIFY:
+ crv = PK11_GETTAB(context->slot)->C_VerifyFinal(context->session, data, len);
+ break;
+ case CKA_DIGEST:
+ crv = PK11_GETTAB(context->slot)->C_DigestFinal(context->session, data, &len);
+ break;
+ case CKA_ENCRYPT:
+ crv = PK11_GETTAB(context->slot)->C_EncryptFinal(context->session, data, &len);
+ break;
+ case CKA_DECRYPT:
+ crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session, data, &len);
+ break;
+ default:
+ crv = CKR_OPERATION_NOT_INITIALIZED;
+ break;
+ }
+ PK11_ExitContextMonitor(context);
+
+ *outLen = (unsigned int)len;
+ context->init = PR_FALSE; /* allow Begin to start up again */
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/pk11wrap/pk11err.c b/security/nss/lib/pk11wrap/pk11err.c
new file mode 100644
index 000000000..db6d2440d
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11err.c
@@ -0,0 +1,141 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * this file maps PKCS11 Errors into SECErrors
+ * This is an information reducing process, since most errors are reflected
+ * back to the user (the user doesn't care about invalid flags, or active
+ * operations). If any of these errors need more detail in the upper layers
+ * which call PK11 library functions, we can add more SEC_ERROR_XXX functions
+ * and change there mappings here.
+ *
+ * Some PKCS11 errors are mapped to SEC_ERROR_LIBRARY_FAILURE intentionally
+ * because they indicate that there is a bug in the library (either NSS or
+ * the token).
+ */
+#include "pkcs11t.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "prerror.h"
+
+#ifdef PK11_ERROR_USE_ARRAY
+
+/*
+ * build a static array of entries...
+ */
+static struct {
+ CK_RV pk11_error;
+ int sec_error;
+} pk11_error_map = {
+#define MAPERROR(x, y) { x, y },
+
+#else
+
+/* the default is to use a big switch statement */
+int
+PK11_MapError(CK_RV rv)
+{
+
+ switch (rv) {
+#define MAPERROR(x, y) \
+ case x: \
+ return y;
+
+#endif
+
+ /* the guts mapping */
+ /* clang-format off */
+ MAPERROR(CKR_OK, 0)
+ MAPERROR(CKR_CANCEL, SEC_ERROR_IO)
+ MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY)
+ MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_ARGUMENTS_BAD, SEC_ERROR_INVALID_ARGS)
+ MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY)
+ MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */
+ MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_BUFFER_TOO_SMALL, SEC_ERROR_OUTPUT_LEN)
+ MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_INPUT_LEN)
+ MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_PKCS11_DEVICE_ERROR)
+ MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY)
+ MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN)
+ MAPERROR(CKR_DOMAIN_PARAMS_INVALID, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_FUNCTION_FAILED, SEC_ERROR_PKCS11_FUNCTION_FAILED)
+ MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_FUNCTION_NOT_SUPPORTED, PR_NOT_IMPLEMENTED_ERROR)
+ MAPERROR(CKR_GENERAL_ERROR, SEC_ERROR_PKCS11_GENERAL_ERROR)
+ MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_INVALID_ALGORITHM)
+ MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_NO_EVENT, SEC_ERROR_NO_EVENT)
+ MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_OPERATION_NOT_INITIALIZED, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD)
+ MAPERROR(CKR_PIN_INVALID, SEC_ERROR_INVALID_PASSWORD)
+ MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_INVALID_PASSWORD)
+ MAPERROR(CKR_PIN_EXPIRED, SEC_ERROR_EXPIRED_PASSWORD)
+ MAPERROR(CKR_PIN_LOCKED, SEC_ERROR_LOCKED_PASSWORD)
+ MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */
+ MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_READ_ONLY)
+ MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE)
+ MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE)
+ MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA)
+ MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN)
+ MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO)
+ MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY)
+ MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0)
+ MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_TOKEN_NOT_LOGGED_IN)
+ MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN)
+ MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
+ MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE)
+ MAPERROR(CKR_NETSCAPE_CERTDB_FAILED, SEC_ERROR_BAD_DATABASE)
+ MAPERROR(CKR_NETSCAPE_KEYDB_FAILED, SEC_ERROR_BAD_DATABASE)
+ MAPERROR(CKR_CANT_LOCK, SEC_ERROR_INCOMPATIBLE_PKCS11)
+/* clang-format on */
+
+#ifdef PK11_ERROR_USE_ARRAY
+};
+
+int
+PK11_MapError(CK_RV rv)
+{
+ int size = sizeof(pk11_error_map) / sizeof(pk11_error_map[0]);
+
+ for (i = 0; i < size; i++) {
+ if (pk11_error_map[i].pk11_error == rv) {
+ return pk11_error_map[i].sec_error;
+ }
+ }
+ return SEC_ERROR_UNKNOWN_PKCS11_ERROR;
+}
+
+#else
+
+ /* clang-format off */
+ default :
+ break;
+/* clang-format on */
+}
+return SEC_ERROR_UNKNOWN_PKCS11_ERROR;
+}
+
+#endif
diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
new file mode 100644
index 000000000..331c0eb80
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11func.h
@@ -0,0 +1,15 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _PK11FUNC_H_
+#define _PK11FUNC_H_
+
+/*
+ * The original pk11func.h had a mix of public and private functions.
+ * Continue to provide those for backward compatibility. New code should
+ * include pk11pub.h instead of pk11func.h.
+ */
+#include "pk11pub.h"
+#include "pk11priv.h"
+
+#endif
diff --git a/security/nss/lib/pk11wrap/pk11kea.c b/security/nss/lib/pk11wrap/pk11kea.c
new file mode 100644
index 000000000..331a19c16
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11kea.c
@@ -0,0 +1,140 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements the Symkey wrapper and the PKCS context
+ * Interfaces.
+ */
+
+#include "seccomon.h"
+#include "secmod.h"
+#include "nssilock.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "key.h"
+#include "secasn1.h"
+#include "sechash.h"
+#include "cert.h"
+#include "secerr.h"
+
+/*
+ * find an RSA public key on a card
+ */
+static CK_OBJECT_HANDLE
+pk11_FindRSAPubKey(PK11SlotInfo *slot)
+{
+ CK_KEY_TYPE key_type = CKK_RSA;
+ CK_OBJECT_CLASS class_type = CKO_PUBLIC_KEY;
+ CK_ATTRIBUTE theTemplate[2];
+ int template_count = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_ATTRIBUTE *attrs = theTemplate;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &class_type, sizeof(class_type));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &key_type, sizeof(key_type));
+ attrs++;
+ template_count = attrs - theTemplate;
+ PR_ASSERT(template_count <= sizeof(theTemplate) / sizeof(CK_ATTRIBUTE));
+
+ return pk11_FindObjectByTemplate(slot, theTemplate, template_count);
+}
+
+PK11SymKey *
+pk11_KeyExchange(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags,
+ PRBool isPerm, PK11SymKey *symKey)
+{
+ PK11SymKey *newSymKey = NULL;
+ SECStatus rv;
+ /* performance improvement can go here --- use a generated key at startup
+ * to generate a per token wrapping key. If it exists, use it, otherwise
+ * do a full key exchange. */
+
+ /* find a common Key Exchange algorithm */
+ /* RSA */
+ if (PK11_DoesMechanism(symKey->slot, CKM_RSA_PKCS) &&
+ PK11_DoesMechanism(slot, CKM_RSA_PKCS)) {
+ CK_OBJECT_HANDLE pubKeyHandle = CK_INVALID_HANDLE;
+ CK_OBJECT_HANDLE privKeyHandle = CK_INVALID_HANDLE;
+ SECKEYPublicKey *pubKey = NULL;
+ SECKEYPrivateKey *privKey = NULL;
+ SECItem wrapData;
+ unsigned int symKeyLength = PK11_GetKeyLength(symKey);
+
+ wrapData.data = NULL;
+
+ /* find RSA Public Key on target */
+ pubKeyHandle = pk11_FindRSAPubKey(slot);
+ if (pubKeyHandle != CK_INVALID_HANDLE) {
+ privKeyHandle = PK11_MatchItem(slot, pubKeyHandle, CKO_PRIVATE_KEY);
+ }
+
+ /* if no key exists, generate a key pair */
+ if (privKeyHandle == CK_INVALID_HANDLE) {
+ PK11RSAGenParams rsaParams;
+
+ if (symKeyLength > 53) /* bytes */ {
+ /* we'd have to generate an RSA key pair > 512 bits long,
+ ** and that's too costly. Don't even try.
+ */
+ PORT_SetError(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY);
+ goto rsa_failed;
+ }
+ rsaParams.keySizeInBits =
+ (symKeyLength > 21 || symKeyLength == 0) ? 512 : 256;
+ rsaParams.pe = 0x10001;
+ privKey = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN,
+ &rsaParams, &pubKey, PR_FALSE, PR_TRUE, symKey->cx);
+ } else {
+ /* if keys exist, build SECKEY data structures for them */
+ privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, privKeyHandle,
+ symKey->cx);
+ if (privKey != NULL) {
+ pubKey = PK11_ExtractPublicKey(slot, rsaKey, pubKeyHandle);
+ if (pubKey && pubKey->pkcs11Slot) {
+ PK11_FreeSlot(pubKey->pkcs11Slot);
+ pubKey->pkcs11Slot = NULL;
+ pubKey->pkcs11ID = CK_INVALID_HANDLE;
+ }
+ }
+ }
+ if (privKey == NULL)
+ goto rsa_failed;
+ if (pubKey == NULL)
+ goto rsa_failed;
+
+ wrapData.len = SECKEY_PublicKeyStrength(pubKey);
+ if (!wrapData.len)
+ goto rsa_failed;
+ wrapData.data = PORT_Alloc(wrapData.len);
+ if (wrapData.data == NULL)
+ goto rsa_failed;
+
+ /* now wrap the keys in and out */
+ rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, pubKey, symKey, &wrapData);
+ if (rv == SECSuccess) {
+ newSymKey = PK11_PubUnwrapSymKeyWithFlagsPerm(privKey,
+ &wrapData, type, operation,
+ symKeyLength, flags, isPerm);
+ /* make sure we wound up where we wanted to be! */
+ if (newSymKey && newSymKey->slot != slot) {
+ PK11_FreeSymKey(newSymKey);
+ newSymKey = NULL;
+ }
+ }
+ rsa_failed:
+ if (wrapData.data != NULL)
+ PORT_Free(wrapData.data);
+ if (privKey != NULL)
+ SECKEY_DestroyPrivateKey(privKey);
+ if (pubKey != NULL)
+ SECKEY_DestroyPublicKey(pubKey);
+
+ return newSymKey;
+ }
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+}
diff --git a/security/nss/lib/pk11wrap/pk11list.c b/security/nss/lib/pk11wrap/pk11list.c
new file mode 100644
index 000000000..aaf29f69d
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11list.c
@@ -0,0 +1,99 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Locking and queue management primatives
+ *
+ */
+
+#include "seccomon.h"
+#include "nssilock.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "nssrwlk.h"
+
+/*
+ * create a new lock for a Module List
+ */
+SECMODListLock *
+SECMOD_NewListLock()
+{
+ return NSSRWLock_New(10, "moduleListLock");
+}
+
+/*
+ * destroy the lock
+ */
+void
+SECMOD_DestroyListLock(SECMODListLock *lock)
+{
+ NSSRWLock_Destroy(lock);
+}
+
+/*
+ * Lock the List for Read: NOTE: this assumes the reading isn't so common
+ * the writing will be starved.
+ */
+void
+SECMOD_GetReadLock(SECMODListLock *modLock)
+{
+ NSSRWLock_LockRead(modLock);
+}
+
+/*
+ * Release the Read lock
+ */
+void
+SECMOD_ReleaseReadLock(SECMODListLock *modLock)
+{
+ NSSRWLock_UnlockRead(modLock);
+}
+
+/*
+ * lock the list for Write
+ */
+void
+SECMOD_GetWriteLock(SECMODListLock *modLock)
+{
+ NSSRWLock_LockWrite(modLock);
+}
+
+/*
+ * Release the Write Lock: NOTE, this code is pretty inefficient if you have
+ * lots of write collisions.
+ */
+void
+SECMOD_ReleaseWriteLock(SECMODListLock *modLock)
+{
+ NSSRWLock_UnlockWrite(modLock);
+}
+
+/*
+ * must Hold the Write lock
+ */
+void
+SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child)
+{
+ *parent = child->next;
+ child->next = NULL;
+}
+
+/*
+ * if lock is not specified, it must already be held
+ */
+void
+SECMOD_AddList(SECMODModuleList *parent, SECMODModuleList *child,
+ SECMODListLock *lock)
+{
+ if (lock) {
+ SECMOD_GetWriteLock(lock);
+ }
+
+ child->next = parent->next;
+ parent->next = child;
+
+ if (lock) {
+ SECMOD_ReleaseWriteLock(lock);
+ }
+}
diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c
new file mode 100644
index 000000000..f12d0fd4f
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11load.c
@@ -0,0 +1,643 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following handles the loading, unloading and management of
+ * various PCKS #11 modules
+ */
+#define FORCE_PR_LOG 1
+#include "seccomon.h"
+#include "pkcs11.h"
+#include "secmod.h"
+#include "prlink.h"
+#include "pk11func.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "nssilock.h"
+#include "secerr.h"
+#include "prenv.h"
+#include "utilparst.h"
+
+#define DEBUG_MODULE 1
+
+#ifdef DEBUG_MODULE
+static char *modToDBG = NULL;
+
+#include "debug_module.c"
+#endif
+
+/* build the PKCS #11 2.01 lock files */
+CK_RV PR_CALLBACK
+secmodCreateMutext(CK_VOID_PTR_PTR pmutex)
+{
+ *pmutex = (CK_VOID_PTR)PZ_NewLock(nssILockOther);
+ if (*pmutex)
+ return CKR_OK;
+ return CKR_HOST_MEMORY;
+}
+
+CK_RV PR_CALLBACK
+secmodDestroyMutext(CK_VOID_PTR mutext)
+{
+ PZ_DestroyLock((PZLock *)mutext);
+ return CKR_OK;
+}
+
+CK_RV PR_CALLBACK
+secmodLockMutext(CK_VOID_PTR mutext)
+{
+ PZ_Lock((PZLock *)mutext);
+ return CKR_OK;
+}
+
+CK_RV PR_CALLBACK
+secmodUnlockMutext(CK_VOID_PTR mutext)
+{
+ PZ_Unlock((PZLock *)mutext);
+ return CKR_OK;
+}
+
+static SECMODModuleID nextModuleID = 1;
+static const CK_C_INITIALIZE_ARGS secmodLockFunctions = {
+ secmodCreateMutext, secmodDestroyMutext, secmodLockMutext,
+ secmodUnlockMutext, CKF_LIBRARY_CANT_CREATE_OS_THREADS |
+ CKF_OS_LOCKING_OK,
+ NULL
+};
+static const CK_C_INITIALIZE_ARGS secmodNoLockArgs = {
+ NULL, NULL, NULL, NULL,
+ CKF_LIBRARY_CANT_CREATE_OS_THREADS, NULL
+};
+
+static PRBool loadSingleThreadedModules = PR_TRUE;
+static PRBool enforceAlreadyInitializedError = PR_TRUE;
+static PRBool finalizeModules = PR_TRUE;
+
+/* set global options for NSS PKCS#11 module loader */
+SECStatus
+pk11_setGlobalOptions(PRBool noSingleThreadedModules,
+ PRBool allowAlreadyInitializedModules,
+ PRBool dontFinalizeModules)
+{
+ if (noSingleThreadedModules) {
+ loadSingleThreadedModules = PR_FALSE;
+ } else {
+ loadSingleThreadedModules = PR_TRUE;
+ }
+ if (allowAlreadyInitializedModules) {
+ enforceAlreadyInitializedError = PR_FALSE;
+ } else {
+ enforceAlreadyInitializedError = PR_TRUE;
+ }
+ if (dontFinalizeModules) {
+ finalizeModules = PR_FALSE;
+ } else {
+ finalizeModules = PR_TRUE;
+ }
+ return SECSuccess;
+}
+
+PRBool
+pk11_getFinalizeModulesOption(void)
+{
+ return finalizeModules;
+}
+
+/*
+ * Allow specification loading the same module more than once at init time.
+ * This enables 2 things.
+ *
+ * 1) we can load additional databases by manipulating secmod.db/pkcs11.txt.
+ * 2) we can handle the case where some library has already initialized NSS
+ * before the main application.
+ *
+ * oldModule is the module we have already initialized.
+ * char *modulespec is the full module spec for the library we want to
+ * initialize.
+ */
+static SECStatus
+secmod_handleReload(SECMODModule *oldModule, SECMODModule *newModule)
+{
+ PK11SlotInfo *slot;
+ char *modulespec;
+ char *newModuleSpec;
+ char **children;
+ CK_SLOT_ID *ids;
+ SECMODConfigList *conflist = NULL;
+ SECStatus rv = SECFailure;
+ int count = 0;
+
+ /* first look for tokens= key words from the module spec */
+ modulespec = newModule->libraryParams;
+ newModuleSpec = secmod_ParseModuleSpecForTokens(PR_TRUE,
+ newModule->isFIPS, modulespec, &children, &ids);
+ if (!newModuleSpec) {
+ return SECFailure;
+ }
+
+ /*
+ * We are now trying to open a new slot on an already loaded module.
+ * If that slot represents a cert/key database, we don't want to open
+ * multiple copies of that same database. Unfortunately we understand
+ * the softoken flags well enough to be able to do this, so we can only get
+ * the list of already loaded databases if we are trying to open another
+ * internal module.
+ */
+ if (oldModule->internal) {
+ conflist = secmod_GetConfigList(oldModule->isFIPS,
+ oldModule->libraryParams, &count);
+ }
+
+ /* don't open multiple of the same db */
+ if (conflist && secmod_MatchConfigList(newModuleSpec, conflist, count)) {
+ rv = SECSuccess;
+ goto loser;
+ }
+ slot = SECMOD_OpenNewSlot(oldModule, newModuleSpec);
+ if (slot) {
+ int newID;
+ char **thisChild;
+ CK_SLOT_ID *thisID;
+ char *oldModuleSpec;
+
+ if (secmod_IsInternalKeySlot(newModule)) {
+ pk11_SetInternalKeySlotIfFirst(slot);
+ }
+ newID = slot->slotID;
+ PK11_FreeSlot(slot);
+ for (thisChild = children, thisID = ids; thisChild && *thisChild;
+ thisChild++, thisID++) {
+ if (conflist &&
+ secmod_MatchConfigList(*thisChild, conflist, count)) {
+ *thisID = (CK_SLOT_ID)-1;
+ continue;
+ }
+ slot = SECMOD_OpenNewSlot(oldModule, *thisChild);
+ if (slot) {
+ *thisID = slot->slotID;
+ PK11_FreeSlot(slot);
+ } else {
+ *thisID = (CK_SLOT_ID)-1;
+ }
+ }
+
+ /* update the old module initialization string in case we need to
+ * shutdown and reinit the whole mess (this is rare, but can happen
+ * when trying to stop smart card insertion/removal threads)... */
+ oldModuleSpec = secmod_MkAppendTokensList(oldModule->arena,
+ oldModule->libraryParams, newModuleSpec, newID,
+ children, ids);
+ if (oldModuleSpec) {
+ oldModule->libraryParams = oldModuleSpec;
+ }
+
+ rv = SECSuccess;
+ }
+
+loser:
+ secmod_FreeChildren(children, ids);
+ PORT_Free(newModuleSpec);
+ if (conflist) {
+ secmod_FreeConfigList(conflist, count);
+ }
+ return rv;
+}
+
+/*
+ * collect the steps we need to initialize a module in a single function
+ */
+SECStatus
+secmod_ModuleInit(SECMODModule *mod, SECMODModule **reload,
+ PRBool *alreadyLoaded)
+{
+ CK_C_INITIALIZE_ARGS moduleArgs;
+ CK_VOID_PTR pInitArgs;
+ CK_RV crv;
+
+ if (reload) {
+ *reload = NULL;
+ }
+
+ if (!mod || !alreadyLoaded) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (mod->libraryParams == NULL) {
+ if (mod->isThreadSafe) {
+ pInitArgs = (void *)&secmodLockFunctions;
+ } else {
+ pInitArgs = NULL;
+ }
+ } else {
+ if (mod->isThreadSafe) {
+ moduleArgs = secmodLockFunctions;
+ } else {
+ moduleArgs = secmodNoLockArgs;
+ }
+ moduleArgs.LibraryParameters = (void *)mod->libraryParams;
+ pInitArgs = &moduleArgs;
+ }
+ crv = PK11_GETTAB(mod)->C_Initialize(pInitArgs);
+ if (CKR_CRYPTOKI_ALREADY_INITIALIZED == crv) {
+ SECMODModule *oldModule = NULL;
+
+ /* Library has already been loaded once, if caller expects it, and it
+ * has additional configuration, try reloading it as well. */
+ if (reload != NULL && mod->libraryParams) {
+ oldModule = secmod_FindModuleByFuncPtr(mod->functionList);
+ }
+ /* Library has been loaded by NSS. It means it may be capable of
+ * reloading */
+ if (oldModule) {
+ SECStatus rv;
+ rv = secmod_handleReload(oldModule, mod);
+ if (rv == SECSuccess) {
+ /* This module should go away soon, since we've
+ * simply expanded the slots on the old module.
+ * When it goes away, it should not Finalize since
+ * that will close our old module as well. Setting
+ * the function list to NULL will prevent that close */
+ mod->functionList = NULL;
+ *reload = oldModule;
+ return SECSuccess;
+ }
+ SECMOD_DestroyModule(oldModule);
+ }
+ /* reload not possible, fall back to old semantics */
+ if (!enforceAlreadyInitializedError) {
+ *alreadyLoaded = PR_TRUE;
+ return SECSuccess;
+ }
+ }
+ if (crv != CKR_OK) {
+ if (!mod->isThreadSafe ||
+ crv == CKR_NETSCAPE_CERTDB_FAILED ||
+ crv == CKR_NETSCAPE_KEYDB_FAILED) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ /* If we had attempted to init a single threaded module "with"
+ * parameters and it failed, should we retry "without" parameters?
+ * (currently we don't retry in this scenario) */
+
+ if (!loadSingleThreadedModules) {
+ PORT_SetError(SEC_ERROR_INCOMPATIBLE_PKCS11);
+ return SECFailure;
+ }
+ /* If we arrive here, the module failed a ThreadSafe init. */
+ mod->isThreadSafe = PR_FALSE;
+ if (!mod->libraryParams) {
+ pInitArgs = NULL;
+ } else {
+ moduleArgs = secmodNoLockArgs;
+ moduleArgs.LibraryParameters = (void *)mod->libraryParams;
+ pInitArgs = &moduleArgs;
+ }
+ crv = PK11_GETTAB(mod)->C_Initialize(pInitArgs);
+ if ((CKR_CRYPTOKI_ALREADY_INITIALIZED == crv) &&
+ (!enforceAlreadyInitializedError)) {
+ *alreadyLoaded = PR_TRUE;
+ return SECSuccess;
+ }
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+/*
+ * set the hasRootCerts flags in the module so it can be stored back
+ * into the database.
+ */
+void
+SECMOD_SetRootCerts(PK11SlotInfo *slot, SECMODModule *mod)
+{
+ PK11PreSlotInfo *psi = NULL;
+ int i;
+
+ if (slot->hasRootCerts) {
+ for (i = 0; i < mod->slotInfoCount; i++) {
+ if (slot->slotID == mod->slotInfo[i].slotID) {
+ psi = &mod->slotInfo[i];
+ break;
+ }
+ }
+ if (psi == NULL) {
+ /* allocate more slots */
+ PK11PreSlotInfo *psi_list = (PK11PreSlotInfo *)
+ PORT_ArenaAlloc(mod->arena,
+ (mod->slotInfoCount + 1) * sizeof(PK11PreSlotInfo));
+ /* copy the old ones */
+ if (mod->slotInfoCount > 0) {
+ PORT_Memcpy(psi_list, mod->slotInfo,
+ (mod->slotInfoCount) * sizeof(PK11PreSlotInfo));
+ }
+ /* assign psi to the last new slot */
+ psi = &psi_list[mod->slotInfoCount];
+ psi->slotID = slot->slotID;
+ psi->askpw = 0;
+ psi->timeout = 0;
+ psi->defaultFlags = 0;
+
+ /* increment module count & store new list */
+ mod->slotInfo = psi_list;
+ mod->slotInfoCount++;
+ }
+ psi->hasRootCerts = 1;
+ }
+}
+
+static const char *my_shlib_name =
+ SHLIB_PREFIX "nss" SHLIB_VERSION "." SHLIB_SUFFIX;
+static const char *softoken_shlib_name =
+ SHLIB_PREFIX "softokn" SOFTOKEN_SHLIB_VERSION "." SHLIB_SUFFIX;
+static const PRCallOnceType pristineCallOnce;
+static PRCallOnceType loadSoftokenOnce;
+static PRLibrary *softokenLib;
+static PRInt32 softokenLoadCount;
+
+#include "prio.h"
+#include "prprf.h"
+#include <stdio.h>
+#include "prsystem.h"
+
+/* This function must be run only once. */
+/* determine if hybrid platform, then actually load the DSO. */
+static PRStatus
+softoken_LoadDSO(void)
+{
+ PRLibrary *handle;
+
+ handle = PORT_LoadLibraryFromOrigin(my_shlib_name,
+ (PRFuncPtr)&softoken_LoadDSO,
+ softoken_shlib_name);
+ if (handle) {
+ softokenLib = handle;
+ return PR_SUCCESS;
+ }
+ return PR_FAILURE;
+}
+
+/*
+ * load a new module into our address space and initialize it.
+ */
+SECStatus
+secmod_LoadPKCS11Module(SECMODModule *mod, SECMODModule **oldModule)
+{
+ PRLibrary *library = NULL;
+ CK_C_GetFunctionList entry = NULL;
+ CK_INFO info;
+ CK_ULONG slotCount = 0;
+ SECStatus rv;
+ PRBool alreadyLoaded = PR_FALSE;
+ char *disableUnload = NULL;
+
+ if (mod->loaded)
+ return SECSuccess;
+
+ /* intenal modules get loaded from their internal list */
+ if (mod->internal && (mod->dllName == NULL)) {
+ /*
+ * Loads softoken as a dynamic library,
+ * even though the rest of NSS assumes this as the "internal" module.
+ */
+ if (!softokenLib &&
+ PR_SUCCESS != PR_CallOnce(&loadSoftokenOnce, &softoken_LoadDSO))
+ return SECFailure;
+
+ PR_ATOMIC_INCREMENT(&softokenLoadCount);
+
+ if (mod->isFIPS) {
+ entry = (CK_C_GetFunctionList)
+ PR_FindSymbol(softokenLib, "FC_GetFunctionList");
+ } else {
+ entry = (CK_C_GetFunctionList)
+ PR_FindSymbol(softokenLib, "NSC_GetFunctionList");
+ }
+
+ if (!entry)
+ return SECFailure;
+
+ if (mod->isModuleDB) {
+ mod->moduleDBFunc = (CK_C_GetFunctionList)
+ PR_FindSymbol(softokenLib, "NSC_ModuleDBFunc");
+ }
+
+ if (mod->moduleDBOnly) {
+ mod->loaded = PR_TRUE;
+ return SECSuccess;
+ }
+ } else {
+ /* Not internal, load the DLL and look up C_GetFunctionList */
+ if (mod->dllName == NULL) {
+ return SECFailure;
+ }
+
+ /* load the library. If this succeeds, then we have to remember to
+ * unload the library if anything goes wrong from here on out...
+ */
+ library = PR_LoadLibrary(mod->dllName);
+ mod->library = (void *)library;
+
+ if (library == NULL) {
+ return SECFailure;
+ }
+
+ /*
+ * now we need to get the entry point to find the function pointers
+ */
+ if (!mod->moduleDBOnly) {
+ entry = (CK_C_GetFunctionList)
+ PR_FindSymbol(library, "C_GetFunctionList");
+ }
+ if (mod->isModuleDB) {
+ mod->moduleDBFunc = (void *)
+ PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
+ }
+ if (mod->moduleDBFunc == NULL)
+ mod->isModuleDB = PR_FALSE;
+ if (entry == NULL) {
+ if (mod->isModuleDB) {
+ mod->loaded = PR_TRUE;
+ mod->moduleDBOnly = PR_TRUE;
+ return SECSuccess;
+ }
+ PR_UnloadLibrary(library);
+ return SECFailure;
+ }
+ }
+
+ /*
+ * We need to get the function list
+ */
+ if ((*entry)((CK_FUNCTION_LIST_PTR *)&mod->functionList) != CKR_OK)
+ goto fail;
+
+#ifdef DEBUG_MODULE
+ if (PR_TRUE) {
+ modToDBG = PR_GetEnvSecure("NSS_DEBUG_PKCS11_MODULE");
+ if (modToDBG && strcmp(mod->commonName, modToDBG) == 0) {
+ mod->functionList = (void *)nss_InsertDeviceLog(
+ (CK_FUNCTION_LIST_PTR)mod->functionList);
+ }
+ }
+#endif
+
+ mod->isThreadSafe = PR_TRUE;
+
+ /* Now we initialize the module */
+ rv = secmod_ModuleInit(mod, oldModule, &alreadyLoaded);
+ if (rv != SECSuccess) {
+ goto fail;
+ }
+
+ /* module has been reloaded, this module itself is done,
+ * return to the caller */
+ if (mod->functionList == NULL) {
+ mod->loaded = PR_TRUE; /* technically the module is loaded.. */
+ return SECSuccess;
+ }
+
+ /* check the version number */
+ if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK)
+ goto fail2;
+ if (info.cryptokiVersion.major != 2)
+ goto fail2;
+ /* all 2.0 are a priori *not* thread safe */
+ if (info.cryptokiVersion.minor < 1) {
+ if (!loadSingleThreadedModules) {
+ PORT_SetError(SEC_ERROR_INCOMPATIBLE_PKCS11);
+ goto fail2;
+ } else {
+ mod->isThreadSafe = PR_FALSE;
+ }
+ }
+ mod->cryptokiVersion = info.cryptokiVersion;
+
+ /* If we don't have a common name, get it from the PKCS 11 module */
+ if ((mod->commonName == NULL) || (mod->commonName[0] == 0)) {
+ mod->commonName = PK11_MakeString(mod->arena, NULL,
+ (char *)info.libraryDescription, sizeof(info.libraryDescription));
+ if (mod->commonName == NULL)
+ goto fail2;
+ }
+
+ /* initialize the Slots */
+ if (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &slotCount) == CKR_OK) {
+ CK_SLOT_ID *slotIDs;
+ int i;
+ CK_RV crv;
+
+ mod->slots = (PK11SlotInfo **)PORT_ArenaAlloc(mod->arena,
+ sizeof(PK11SlotInfo *) * slotCount);
+ if (mod->slots == NULL)
+ goto fail2;
+
+ slotIDs = (CK_SLOT_ID *)PORT_Alloc(sizeof(CK_SLOT_ID) * slotCount);
+ if (slotIDs == NULL) {
+ goto fail2;
+ }
+ crv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount);
+ if (crv != CKR_OK) {
+ PORT_Free(slotIDs);
+ goto fail2;
+ }
+
+ /* Initialize each slot */
+ for (i = 0; i < (int)slotCount; i++) {
+ mod->slots[i] = PK11_NewSlotInfo(mod);
+ PK11_InitSlot(mod, slotIDs[i], mod->slots[i]);
+ /* look down the slot info table */
+ PK11_LoadSlotList(mod->slots[i], mod->slotInfo, mod->slotInfoCount);
+ SECMOD_SetRootCerts(mod->slots[i], mod);
+ /* explicitly mark the internal slot as such if IsInternalKeySlot()
+ * is set */
+ if (secmod_IsInternalKeySlot(mod) && (i == (mod->isFIPS ? 0 : 1))) {
+ pk11_SetInternalKeySlotIfFirst(mod->slots[i]);
+ }
+ }
+ mod->slotCount = slotCount;
+ mod->slotInfoCount = 0;
+ PORT_Free(slotIDs);
+ }
+
+ mod->loaded = PR_TRUE;
+ mod->moduleID = nextModuleID++;
+ return SECSuccess;
+fail2:
+ if (enforceAlreadyInitializedError || (!alreadyLoaded)) {
+ PK11_GETTAB(mod)->C_Finalize(NULL);
+ }
+fail:
+ mod->functionList = NULL;
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+ if (library && !disableUnload) {
+ PR_UnloadLibrary(library);
+ }
+ return SECFailure;
+}
+
+SECStatus
+SECMOD_UnloadModule(SECMODModule *mod)
+{
+ PRLibrary *library;
+ char *disableUnload = NULL;
+
+ if (!mod->loaded) {
+ return SECFailure;
+ }
+ if (finalizeModules) {
+ if (mod->functionList && !mod->moduleDBOnly) {
+ PK11_GETTAB(mod)->C_Finalize(NULL);
+ }
+ }
+ mod->moduleID = 0;
+ mod->loaded = PR_FALSE;
+
+ /* do we want the semantics to allow unloading the internal library?
+ * if not, we should change this to SECFailure and move it above the
+ * mod->loaded = PR_FALSE; */
+ if (mod->internal && (mod->dllName == NULL)) {
+ if (0 == PR_ATOMIC_DECREMENT(&softokenLoadCount)) {
+ if (softokenLib) {
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+ if (!disableUnload) {
+#ifdef DEBUG
+ PRStatus status = PR_UnloadLibrary(softokenLib);
+ PORT_Assert(PR_SUCCESS == status);
+#else
+ PR_UnloadLibrary(softokenLib);
+#endif
+ }
+ softokenLib = NULL;
+ }
+ loadSoftokenOnce = pristineCallOnce;
+ }
+ return SECSuccess;
+ }
+
+ library = (PRLibrary *)mod->library;
+ /* paranoia */
+ if (library == NULL) {
+ return SECFailure;
+ }
+
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+ if (!disableUnload) {
+ PR_UnloadLibrary(library);
+ }
+ return SECSuccess;
+}
+
+void
+nss_DumpModuleLog(void)
+{
+#ifdef DEBUG_MODULE
+ if (modToDBG) {
+ print_final_statistics();
+ }
+#endif
+}
diff --git a/security/nss/lib/pk11wrap/pk11mech.c b/security/nss/lib/pk11wrap/pk11mech.c
new file mode 100644
index 000000000..4db05ff39
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11mech.c
@@ -0,0 +1,1913 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file maps various PKCS #11 Mechanisms to related mechanisms, key
+ * types, and ASN.1 encodings.
+ */
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "pkcs11t.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secerr.h"
+
+/*************************************************************
+ * local static and global data
+ *************************************************************/
+
+/*
+ * Tables used for Extended mechanism mapping (currently not used)
+ */
+typedef struct {
+ CK_MECHANISM_TYPE keyGen;
+ CK_KEY_TYPE keyType;
+ CK_MECHANISM_TYPE type;
+ CK_MECHANISM_TYPE padType;
+ int blockSize;
+ int iv;
+} pk11MechanismData;
+
+static pk11MechanismData pk11_default =
+ { CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET,
+ CKM_FAKE_RANDOM, CKM_FAKE_RANDOM, 8, 8 };
+static pk11MechanismData *pk11_MechanismTable = NULL;
+static int pk11_MechTableSize = 0;
+static int pk11_MechEntrySize = 0;
+
+/*
+ * list of mechanisms we're willing to wrap secret keys with.
+ * This list is ordered by preference.
+ */
+CK_MECHANISM_TYPE wrapMechanismList[] = {
+ CKM_DES3_ECB,
+ CKM_CAST5_ECB,
+ CKM_AES_ECB,
+ CKM_CAMELLIA_ECB,
+ CKM_SEED_ECB,
+ CKM_CAST5_ECB,
+ CKM_DES_ECB,
+ CKM_KEY_WRAP_LYNKS,
+ CKM_IDEA_ECB,
+ CKM_CAST3_ECB,
+ CKM_CAST_ECB,
+ CKM_RC5_ECB,
+ CKM_RC2_ECB,
+ CKM_CDMF_ECB,
+ CKM_SKIPJACK_WRAP,
+};
+
+int wrapMechanismCount = sizeof(wrapMechanismList) / sizeof(wrapMechanismList[0]);
+
+/*********************************************************************
+ * Mechanism Mapping functions
+ *********************************************************************/
+
+/*
+ * lookup an entry in the mechanism table. If none found, return the
+ * default structure.
+ */
+static pk11MechanismData *
+pk11_lookup(CK_MECHANISM_TYPE type)
+{
+ int i;
+ for (i = 0; i < pk11_MechEntrySize; i++) {
+ if (pk11_MechanismTable[i].type == type) {
+ return (&pk11_MechanismTable[i]);
+ }
+ }
+ return &pk11_default;
+}
+
+/*
+ * find the best key wrap mechanism for this slot.
+ */
+CK_MECHANISM_TYPE
+PK11_GetBestWrapMechanism(PK11SlotInfo *slot)
+{
+ int i;
+ for (i = 0; i < wrapMechanismCount; i++) {
+ if (PK11_DoesMechanism(slot, wrapMechanismList[i])) {
+ return wrapMechanismList[i];
+ }
+ }
+ return CKM_INVALID_MECHANISM;
+}
+
+/*
+ * NOTE: This is not thread safe. Called at init time, and when loading
+ * a new Entry. It is reasonably safe as long as it is not re-entered
+ * (readers will always see a consistant table)
+ *
+ * This routine is called to add entries to the mechanism table, once there,
+ * they can not be removed.
+ */
+void
+PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
+ CK_MECHANISM_TYPE keyGen,
+ CK_MECHANISM_TYPE padType,
+ int ivLen, int blockSize)
+{
+ int tableSize = pk11_MechTableSize;
+ int size = pk11_MechEntrySize;
+ int entry = size++;
+ pk11MechanismData *old = pk11_MechanismTable;
+ pk11MechanismData *newt = pk11_MechanismTable;
+
+ if (size > tableSize) {
+ int oldTableSize = tableSize;
+ tableSize += 10;
+ newt = PORT_NewArray(pk11MechanismData, tableSize);
+ if (newt == NULL)
+ return;
+
+ if (old)
+ PORT_Memcpy(newt, old, oldTableSize * sizeof(*newt));
+ } else
+ old = NULL;
+
+ newt[entry].type = type;
+ newt[entry].keyType = key;
+ newt[entry].keyGen = keyGen;
+ newt[entry].padType = padType;
+ newt[entry].iv = ivLen;
+ newt[entry].blockSize = blockSize;
+
+ pk11_MechanismTable = newt;
+ pk11_MechTableSize = tableSize;
+ pk11_MechEntrySize = size;
+ if (old)
+ PORT_Free(old);
+}
+
+/*
+ * Get the mechanism needed for the given key type
+ */
+CK_MECHANISM_TYPE
+PK11_GetKeyMechanism(CK_KEY_TYPE type)
+{
+ switch (type) {
+ case CKK_SEED:
+ return CKM_SEED_CBC;
+ case CKK_CAMELLIA:
+ return CKM_CAMELLIA_CBC;
+ case CKK_NSS_CHACHA20:
+ return CKM_NSS_CHACHA20_POLY1305;
+ case CKK_AES:
+ return CKM_AES_CBC;
+ case CKK_DES:
+ return CKM_DES_CBC;
+ case CKK_DES3:
+ return CKM_DES3_KEY_GEN;
+ case CKK_DES2:
+ return CKM_DES2_KEY_GEN;
+ case CKK_CDMF:
+ return CKM_CDMF_CBC;
+ case CKK_RC2:
+ return CKM_RC2_CBC;
+ case CKK_RC4:
+ return CKM_RC4;
+ case CKK_RC5:
+ return CKM_RC5_CBC;
+ case CKK_SKIPJACK:
+ return CKM_SKIPJACK_CBC64;
+ case CKK_BATON:
+ return CKM_BATON_CBC128;
+ case CKK_JUNIPER:
+ return CKM_JUNIPER_CBC128;
+ case CKK_IDEA:
+ return CKM_IDEA_CBC;
+ case CKK_CAST:
+ return CKM_CAST_CBC;
+ case CKK_CAST3:
+ return CKM_CAST3_CBC;
+ case CKK_CAST5:
+ return CKM_CAST5_CBC;
+ case CKK_RSA:
+ return CKM_RSA_PKCS;
+ case CKK_DSA:
+ return CKM_DSA;
+ case CKK_DH:
+ return CKM_DH_PKCS_DERIVE;
+ case CKK_KEA:
+ return CKM_KEA_KEY_DERIVE;
+ case CKK_EC: /* CKK_ECDSA is deprecated */
+ return CKM_ECDSA;
+ case CKK_GENERIC_SECRET:
+ default:
+ return CKM_SHA_1_HMAC;
+ }
+}
+
+/*
+ * Get the key type needed for the given mechanism
+ */
+CK_KEY_TYPE
+PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len)
+{
+ switch (type) {
+ case CKM_SEED_ECB:
+ case CKM_SEED_CBC:
+ case CKM_SEED_MAC:
+ case CKM_SEED_MAC_GENERAL:
+ case CKM_SEED_CBC_PAD:
+ case CKM_SEED_KEY_GEN:
+ return CKK_SEED;
+ case CKM_CAMELLIA_ECB:
+ case CKM_CAMELLIA_CBC:
+ case CKM_CAMELLIA_MAC:
+ case CKM_CAMELLIA_MAC_GENERAL:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_CAMELLIA_KEY_GEN:
+ return CKK_CAMELLIA;
+ case CKM_NSS_CHACHA20_POLY1305:
+ case CKM_NSS_CHACHA20_KEY_GEN:
+ return CKK_NSS_CHACHA20;
+ case CKM_AES_ECB:
+ case CKM_AES_CBC:
+ case CKM_AES_CCM:
+ case CKM_AES_CTR:
+ case CKM_AES_CTS:
+ case CKM_AES_GCM:
+ case CKM_AES_MAC:
+ case CKM_AES_MAC_GENERAL:
+ case CKM_AES_CBC_PAD:
+ case CKM_AES_KEY_GEN:
+ case CKM_NETSCAPE_AES_KEY_WRAP:
+ case CKM_NETSCAPE_AES_KEY_WRAP_PAD:
+ return CKK_AES;
+ case CKM_DES_ECB:
+ case CKM_DES_CBC:
+ case CKM_DES_MAC:
+ case CKM_DES_MAC_GENERAL:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES_KEY_GEN:
+ case CKM_KEY_WRAP_LYNKS:
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ return CKK_DES;
+ case CKM_DES3_ECB:
+ case CKM_DES3_CBC:
+ case CKM_DES3_MAC:
+ case CKM_DES3_MAC_GENERAL:
+ case CKM_DES3_CBC_PAD:
+ return (len == 16) ? CKK_DES2 : CKK_DES3;
+ case CKM_DES2_KEY_GEN:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ return CKK_DES2;
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_DES3_KEY_GEN:
+ return CKK_DES3;
+ case CKM_CDMF_ECB:
+ case CKM_CDMF_CBC:
+ case CKM_CDMF_MAC:
+ case CKM_CDMF_MAC_GENERAL:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CDMF_KEY_GEN:
+ return CKK_CDMF;
+ case CKM_RC2_ECB:
+ case CKM_RC2_CBC:
+ case CKM_RC2_MAC:
+ case CKM_RC2_MAC_GENERAL:
+ case CKM_RC2_CBC_PAD:
+ case CKM_RC2_KEY_GEN:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ return CKK_RC2;
+ case CKM_RC4:
+ case CKM_RC4_KEY_GEN:
+ return CKK_RC4;
+ case CKM_RC5_ECB:
+ case CKM_RC5_CBC:
+ case CKM_RC5_MAC:
+ case CKM_RC5_MAC_GENERAL:
+ case CKM_RC5_CBC_PAD:
+ case CKM_RC5_KEY_GEN:
+ return CKK_RC5;
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_SKIPJACK_KEY_GEN:
+ case CKM_SKIPJACK_WRAP:
+ case CKM_SKIPJACK_PRIVATE_WRAP:
+ return CKK_SKIPJACK;
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_BATON_WRAP:
+ case CKM_BATON_KEY_GEN:
+ return CKK_BATON;
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ case CKM_JUNIPER_WRAP:
+ case CKM_JUNIPER_KEY_GEN:
+ return CKK_JUNIPER;
+ case CKM_IDEA_CBC:
+ case CKM_IDEA_ECB:
+ case CKM_IDEA_MAC:
+ case CKM_IDEA_MAC_GENERAL:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_IDEA_KEY_GEN:
+ return CKK_IDEA;
+ case CKM_CAST_ECB:
+ case CKM_CAST_CBC:
+ case CKM_CAST_MAC:
+ case CKM_CAST_MAC_GENERAL:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST_KEY_GEN:
+ case CKM_PBE_MD5_CAST_CBC:
+ return CKK_CAST;
+ case CKM_CAST3_ECB:
+ case CKM_CAST3_CBC:
+ case CKM_CAST3_MAC:
+ case CKM_CAST3_MAC_GENERAL:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST3_KEY_GEN:
+ case CKM_PBE_MD5_CAST3_CBC:
+ return CKK_CAST3;
+ case CKM_CAST5_ECB:
+ case CKM_CAST5_CBC:
+ case CKM_CAST5_MAC:
+ case CKM_CAST5_MAC_GENERAL:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_CAST5_KEY_GEN:
+ case CKM_PBE_MD5_CAST5_CBC:
+ return CKK_CAST5;
+ case CKM_RSA_PKCS:
+ case CKM_RSA_9796:
+ case CKM_RSA_X_509:
+ case CKM_MD2_RSA_PKCS:
+ case CKM_MD5_RSA_PKCS:
+ case CKM_SHA1_RSA_PKCS:
+ case CKM_SHA224_RSA_PKCS:
+ case CKM_SHA256_RSA_PKCS:
+ case CKM_SHA384_RSA_PKCS:
+ case CKM_SHA512_RSA_PKCS:
+ case CKM_KEY_WRAP_SET_OAEP:
+ case CKM_RSA_PKCS_KEY_PAIR_GEN:
+ case CKM_RSA_X9_31_KEY_PAIR_GEN:
+ return CKK_RSA;
+ case CKM_DSA:
+ case CKM_DSA_SHA1:
+ case CKM_DSA_KEY_PAIR_GEN:
+ return CKK_DSA;
+ case CKM_DH_PKCS_DERIVE:
+ case CKM_DH_PKCS_KEY_PAIR_GEN:
+ return CKK_DH;
+ case CKM_KEA_KEY_DERIVE:
+ case CKM_KEA_KEY_PAIR_GEN:
+ return CKK_KEA;
+ case CKM_ECDSA:
+ case CKM_ECDSA_SHA1:
+ case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
+ case CKM_ECDH1_DERIVE:
+ return CKK_EC; /* CKK_ECDSA is deprecated */
+ case CKM_SSL3_PRE_MASTER_KEY_GEN:
+ case CKM_GENERIC_SECRET_KEY_GEN:
+ case CKM_SSL3_MASTER_KEY_DERIVE:
+ case CKM_SSL3_MASTER_KEY_DERIVE_DH:
+ case CKM_SSL3_KEY_AND_MAC_DERIVE:
+ case CKM_SSL3_SHA1_MAC:
+ case CKM_SSL3_MD5_MAC:
+ case CKM_TLS_MASTER_KEY_DERIVE:
+ case CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256:
+ case CKM_TLS_MASTER_KEY_DERIVE_DH:
+ case CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256:
+ case CKM_TLS_KEY_AND_MAC_DERIVE:
+ case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256:
+ case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE:
+ case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH:
+ case CKM_SHA_1_HMAC:
+ case CKM_SHA_1_HMAC_GENERAL:
+ case CKM_SHA224_HMAC:
+ case CKM_SHA224_HMAC_GENERAL:
+ case CKM_SHA256_HMAC:
+ case CKM_SHA256_HMAC_GENERAL:
+ case CKM_SHA384_HMAC:
+ case CKM_SHA384_HMAC_GENERAL:
+ case CKM_SHA512_HMAC:
+ case CKM_SHA512_HMAC_GENERAL:
+ case CKM_MD2_HMAC:
+ case CKM_MD2_HMAC_GENERAL:
+ case CKM_MD5_HMAC:
+ case CKM_MD5_HMAC_GENERAL:
+ case CKM_TLS_PRF_GENERAL:
+ case CKM_NSS_TLS_PRF_GENERAL_SHA256:
+ return CKK_GENERIC_SECRET;
+ default:
+ return pk11_lookup(type)->keyType;
+ }
+}
+
+/*
+ * Get the Key Gen Mechanism needed for the given
+ * crypto mechanism
+ */
+CK_MECHANISM_TYPE
+PK11_GetKeyGen(CK_MECHANISM_TYPE type)
+{
+ return PK11_GetKeyGenWithSize(type, 0);
+}
+
+CK_MECHANISM_TYPE
+PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size)
+{
+ switch (type) {
+ case CKM_SEED_ECB:
+ case CKM_SEED_CBC:
+ case CKM_SEED_MAC:
+ case CKM_SEED_MAC_GENERAL:
+ case CKM_SEED_CBC_PAD:
+ case CKM_SEED_KEY_GEN:
+ return CKM_SEED_KEY_GEN;
+ case CKM_CAMELLIA_ECB:
+ case CKM_CAMELLIA_CBC:
+ case CKM_CAMELLIA_MAC:
+ case CKM_CAMELLIA_MAC_GENERAL:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_CAMELLIA_KEY_GEN:
+ return CKM_CAMELLIA_KEY_GEN;
+ case CKM_NSS_CHACHA20_POLY1305:
+ return CKM_NSS_CHACHA20_KEY_GEN;
+ case CKM_AES_ECB:
+ case CKM_AES_CBC:
+ case CKM_AES_CCM:
+ case CKM_AES_CTR:
+ case CKM_AES_CTS:
+ case CKM_AES_GCM:
+ case CKM_AES_MAC:
+ case CKM_AES_MAC_GENERAL:
+ case CKM_AES_CBC_PAD:
+ case CKM_AES_KEY_GEN:
+ return CKM_AES_KEY_GEN;
+ case CKM_DES_ECB:
+ case CKM_DES_CBC:
+ case CKM_DES_MAC:
+ case CKM_DES_MAC_GENERAL:
+ case CKM_KEY_WRAP_LYNKS:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES_KEY_GEN:
+ return CKM_DES_KEY_GEN;
+ case CKM_DES3_ECB:
+ case CKM_DES3_CBC:
+ case CKM_DES3_MAC:
+ case CKM_DES3_MAC_GENERAL:
+ case CKM_DES3_CBC_PAD:
+ return (size == 16) ? CKM_DES2_KEY_GEN : CKM_DES3_KEY_GEN;
+ case CKM_DES3_KEY_GEN:
+ return CKM_DES3_KEY_GEN;
+ case CKM_DES2_KEY_GEN:
+ return CKM_DES2_KEY_GEN;
+ case CKM_CDMF_ECB:
+ case CKM_CDMF_CBC:
+ case CKM_CDMF_MAC:
+ case CKM_CDMF_MAC_GENERAL:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CDMF_KEY_GEN:
+ return CKM_CDMF_KEY_GEN;
+ case CKM_RC2_ECB:
+ case CKM_RC2_CBC:
+ case CKM_RC2_MAC:
+ case CKM_RC2_MAC_GENERAL:
+ case CKM_RC2_CBC_PAD:
+ case CKM_RC2_KEY_GEN:
+ return CKM_RC2_KEY_GEN;
+ case CKM_RC4:
+ case CKM_RC4_KEY_GEN:
+ return CKM_RC4_KEY_GEN;
+ case CKM_RC5_ECB:
+ case CKM_RC5_CBC:
+ case CKM_RC5_MAC:
+ case CKM_RC5_MAC_GENERAL:
+ case CKM_RC5_CBC_PAD:
+ case CKM_RC5_KEY_GEN:
+ return CKM_RC5_KEY_GEN;
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_SKIPJACK_WRAP:
+ case CKM_SKIPJACK_KEY_GEN:
+ return CKM_SKIPJACK_KEY_GEN;
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_BATON_WRAP:
+ case CKM_BATON_KEY_GEN:
+ return CKM_BATON_KEY_GEN;
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ case CKM_JUNIPER_WRAP:
+ case CKM_JUNIPER_KEY_GEN:
+ return CKM_JUNIPER_KEY_GEN;
+ case CKM_IDEA_CBC:
+ case CKM_IDEA_ECB:
+ case CKM_IDEA_MAC:
+ case CKM_IDEA_MAC_GENERAL:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_IDEA_KEY_GEN:
+ return CKM_IDEA_KEY_GEN;
+ case CKM_CAST_ECB:
+ case CKM_CAST_CBC:
+ case CKM_CAST_MAC:
+ case CKM_CAST_MAC_GENERAL:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST_KEY_GEN:
+ return CKM_CAST_KEY_GEN;
+ case CKM_CAST3_ECB:
+ case CKM_CAST3_CBC:
+ case CKM_CAST3_MAC:
+ case CKM_CAST3_MAC_GENERAL:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST3_KEY_GEN:
+ return CKM_CAST3_KEY_GEN;
+ case CKM_CAST5_ECB:
+ case CKM_CAST5_CBC:
+ case CKM_CAST5_MAC:
+ case CKM_CAST5_MAC_GENERAL:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_CAST5_KEY_GEN:
+ return CKM_CAST5_KEY_GEN;
+ case CKM_RSA_PKCS:
+ case CKM_RSA_9796:
+ case CKM_RSA_X_509:
+ case CKM_MD2_RSA_PKCS:
+ case CKM_MD5_RSA_PKCS:
+ case CKM_SHA1_RSA_PKCS:
+ case CKM_SHA224_RSA_PKCS:
+ case CKM_SHA256_RSA_PKCS:
+ case CKM_SHA384_RSA_PKCS:
+ case CKM_SHA512_RSA_PKCS:
+ case CKM_KEY_WRAP_SET_OAEP:
+ case CKM_RSA_PKCS_KEY_PAIR_GEN:
+ return CKM_RSA_PKCS_KEY_PAIR_GEN;
+ case CKM_RSA_X9_31_KEY_PAIR_GEN:
+ return CKM_RSA_X9_31_KEY_PAIR_GEN;
+ case CKM_DSA:
+ case CKM_DSA_SHA1:
+ case CKM_DSA_KEY_PAIR_GEN:
+ return CKM_DSA_KEY_PAIR_GEN;
+ case CKM_DH_PKCS_DERIVE:
+ case CKM_DH_PKCS_KEY_PAIR_GEN:
+ return CKM_DH_PKCS_KEY_PAIR_GEN;
+ case CKM_KEA_KEY_DERIVE:
+ case CKM_KEA_KEY_PAIR_GEN:
+ return CKM_KEA_KEY_PAIR_GEN;
+ case CKM_ECDSA:
+ case CKM_ECDSA_SHA1:
+ case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
+ case CKM_ECDH1_DERIVE:
+ return CKM_EC_KEY_PAIR_GEN;
+ case CKM_SSL3_PRE_MASTER_KEY_GEN:
+ case CKM_SSL3_MASTER_KEY_DERIVE:
+ case CKM_SSL3_KEY_AND_MAC_DERIVE:
+ case CKM_SSL3_SHA1_MAC:
+ case CKM_SSL3_MD5_MAC:
+ case CKM_TLS_MASTER_KEY_DERIVE:
+ case CKM_TLS_KEY_AND_MAC_DERIVE:
+ case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256:
+ case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE:
+ case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH:
+ return CKM_SSL3_PRE_MASTER_KEY_GEN;
+ case CKM_SHA_1_HMAC:
+ case CKM_SHA_1_HMAC_GENERAL:
+ case CKM_SHA224_HMAC:
+ case CKM_SHA224_HMAC_GENERAL:
+ case CKM_SHA256_HMAC:
+ case CKM_SHA256_HMAC_GENERAL:
+ case CKM_SHA384_HMAC:
+ case CKM_SHA384_HMAC_GENERAL:
+ case CKM_SHA512_HMAC:
+ case CKM_SHA512_HMAC_GENERAL:
+ case CKM_MD2_HMAC:
+ case CKM_MD2_HMAC_GENERAL:
+ case CKM_MD5_HMAC:
+ case CKM_MD5_HMAC_GENERAL:
+ case CKM_TLS_PRF_GENERAL:
+ case CKM_NSS_TLS_PRF_GENERAL_SHA256:
+ case CKM_GENERIC_SECRET_KEY_GEN:
+ return CKM_GENERIC_SECRET_KEY_GEN;
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_PBA_SHA1_WITH_SHA1_HMAC:
+ case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
+ case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
+ case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ case CKM_PKCS5_PBKD2:
+ return type;
+ default:
+ return pk11_lookup(type)->keyGen;
+ }
+}
+
+/*
+ * get the mechanism block size
+ */
+int
+PK11_GetBlockSize(CK_MECHANISM_TYPE type, SECItem *params)
+{
+ CK_RC5_PARAMS *rc5_params;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params;
+ switch (type) {
+ case CKM_RC5_ECB:
+ if ((params) && (params->data)) {
+ rc5_params = (CK_RC5_PARAMS *)params->data;
+ return (rc5_params->ulWordsize) * 2;
+ }
+ return 8;
+ case CKM_RC5_CBC:
+ case CKM_RC5_CBC_PAD:
+ if ((params) && (params->data)) {
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)params->data;
+ return (rc5_cbc_params->ulWordsize) * 2;
+ }
+ return 8;
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_RC2_ECB:
+ case CKM_IDEA_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ case CKM_RC2_CBC:
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_RC2_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ return 8;
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ return 4;
+ case CKM_SEED_ECB:
+ case CKM_SEED_CBC:
+ case CKM_SEED_CBC_PAD:
+ case CKM_CAMELLIA_ECB:
+ case CKM_CAMELLIA_CBC:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_AES_ECB:
+ case CKM_AES_CBC:
+ case CKM_AES_CBC_PAD:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ return 16;
+ case CKM_BATON_ECB96:
+ return 12;
+ case CKM_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ return 0;
+ case CKM_RSA_PKCS:
+ case CKM_RSA_9796:
+ case CKM_RSA_X_509:
+ /*actually it's the modulus length of the key!*/
+ return -1; /* failure */
+ default:
+ return pk11_lookup(type)->blockSize;
+ }
+}
+
+/*
+ * get the iv length
+ */
+int
+PK11_GetIVLength(CK_MECHANISM_TYPE type)
+{
+ switch (type) {
+ case CKM_SEED_ECB:
+ case CKM_CAMELLIA_ECB:
+ case CKM_AES_ECB:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_RC2_ECB:
+ case CKM_IDEA_ECB:
+ case CKM_SKIPJACK_WRAP:
+ case CKM_BATON_WRAP:
+ case CKM_RC5_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ return 0;
+ case CKM_RC2_CBC:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ case CKM_RC5_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_RC2_CBC_PAD:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_RC5_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ return 8;
+ case CKM_SEED_CBC:
+ case CKM_SEED_CBC_PAD:
+ case CKM_CAMELLIA_CBC:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_AES_CBC:
+ case CKM_AES_CBC_PAD:
+ return 16;
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ return 24;
+ case CKM_RC4:
+ case CKM_RSA_PKCS:
+ case CKM_RSA_9796:
+ case CKM_RSA_X_509:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ return 0;
+ default:
+ return pk11_lookup(type)->iv;
+ }
+}
+
+/* These next two utilities are here to help facilitate future
+ * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
+ * like SSL and S-MIME to automatically add them.
+ */
+SECItem *
+pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, SECItem *iv, int keyLen)
+{
+ CK_RC2_CBC_PARAMS *rc2_params = NULL;
+ CK_RC2_PARAMS *rc2_ecb_params = NULL;
+ CK_RC5_PARAMS *rc5_params = NULL;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
+ SECItem *param;
+
+ param = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (param == NULL)
+ return NULL;
+ param->data = NULL;
+ param->len = 0;
+ param->type = 0;
+ switch (type) {
+ case CKM_SEED_ECB:
+ case CKM_CAMELLIA_ECB:
+ case CKM_AES_ECB:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_RSA_PKCS:
+ case CKM_RSA_X_509:
+ case CKM_RSA_9796:
+ case CKM_IDEA_ECB:
+ case CKM_CDMF_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ case CKM_RC4:
+ break;
+ case CKM_RC2_ECB:
+ rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
+ if (rc2_ecb_params == NULL)
+ break;
+ /* Maybe we should pass the key size in too to get this value? */
+ *rc2_ecb_params = keyLen ? keyLen * 8 : 128;
+ param->data = (unsigned char *)rc2_ecb_params;
+ param->len = sizeof(CK_RC2_PARAMS);
+ break;
+ case CKM_RC2_CBC:
+ case CKM_RC2_CBC_PAD:
+ rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
+ if (rc2_params == NULL)
+ break;
+ /* Maybe we should pass the key size in too to get this value? */
+ rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128;
+ if (iv && iv->data)
+ PORT_Memcpy(rc2_params->iv, iv->data, sizeof(rc2_params->iv));
+ param->data = (unsigned char *)rc2_params;
+ param->len = sizeof(CK_RC2_CBC_PARAMS);
+ break;
+ case CKM_RC5_CBC:
+ case CKM_RC5_CBC_PAD:
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
+ PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0));
+ if (rc5_cbc_params == NULL)
+ break;
+ if (iv && iv->data && iv->len) {
+ rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS);
+ PORT_Memcpy(rc5_cbc_params->pIv, iv->data, iv->len);
+ rc5_cbc_params->ulIvLen = iv->len;
+ rc5_cbc_params->ulWordsize = iv->len / 2;
+ } else {
+ rc5_cbc_params->ulWordsize = 4;
+ rc5_cbc_params->pIv = NULL;
+ rc5_cbc_params->ulIvLen = 0;
+ }
+ rc5_cbc_params->ulRounds = 16;
+ param->data = (unsigned char *)rc5_cbc_params;
+ param->len = sizeof(CK_RC5_CBC_PARAMS);
+ break;
+ case CKM_RC5_ECB:
+ rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
+ if (rc5_params == NULL)
+ break;
+ if (iv && iv->data && iv->len) {
+ rc5_params->ulWordsize = iv->len / 2;
+ } else {
+ rc5_params->ulWordsize = 4;
+ }
+ rc5_params->ulRounds = 16;
+ param->data = (unsigned char *)rc5_params;
+ param->len = sizeof(CK_RC5_PARAMS);
+ break;
+
+ case CKM_SEED_CBC:
+ case CKM_CAMELLIA_CBC:
+ case CKM_AES_CBC:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_CDMF_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_AES_CBC_PAD:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ if ((iv == NULL) || (iv->data == NULL))
+ break;
+ param->data = (unsigned char *)PORT_Alloc(iv->len);
+ if (param->data != NULL) {
+ PORT_Memcpy(param->data, iv->data, iv->len);
+ param->len = iv->len;
+ }
+ break;
+ /* unknown mechanism, pass IV in if it's there */
+ default:
+ if (pk11_lookup(type)->iv == 0) {
+ break;
+ }
+ if ((iv == NULL) || (iv->data == NULL)) {
+ break;
+ }
+ param->data = (unsigned char *)PORT_Alloc(iv->len);
+ if (param->data != NULL) {
+ PORT_Memcpy(param->data, iv->data, iv->len);
+ param->len = iv->len;
+ }
+ break;
+ }
+ return param;
+}
+
+/* These next two utilities are here to help facilitate future
+ * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
+ * like SSL and S-MIME to automatically add them.
+ */
+SECItem *
+PK11_ParamFromIV(CK_MECHANISM_TYPE type, SECItem *iv)
+{
+ return pk11_ParamFromIVWithLen(type, iv, 0);
+}
+
+unsigned char *
+PK11_IVFromParam(CK_MECHANISM_TYPE type, SECItem *param, int *len)
+{
+ CK_RC2_CBC_PARAMS *rc2_params;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params;
+
+ *len = 0;
+ switch (type) {
+ case CKM_SEED_ECB:
+ case CKM_CAMELLIA_ECB:
+ case CKM_AES_ECB:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_RSA_PKCS:
+ case CKM_RSA_X_509:
+ case CKM_RSA_9796:
+ case CKM_IDEA_ECB:
+ case CKM_CDMF_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ case CKM_RC4:
+ return NULL;
+ case CKM_RC2_ECB:
+ return NULL;
+ case CKM_RC2_CBC:
+ case CKM_RC2_CBC_PAD:
+ rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
+ *len = sizeof(rc2_params->iv);
+ return &rc2_params->iv[0];
+ case CKM_RC5_CBC:
+ case CKM_RC5_CBC_PAD:
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)param->data;
+ *len = rc5_cbc_params->ulIvLen;
+ return rc5_cbc_params->pIv;
+ case CKM_SEED_CBC:
+ case CKM_CAMELLIA_CBC:
+ case CKM_AES_CBC:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_CDMF_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_AES_CBC_PAD:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ break;
+ /* unknown mechanism, pass IV in if it's there */
+ default:
+ break;
+ }
+ if (param->data) {
+ *len = param->len;
+ }
+ return param->data;
+}
+
+typedef struct sec_rc5cbcParameterStr {
+ SECItem version;
+ SECItem rounds;
+ SECItem blockSizeInBits;
+ SECItem iv;
+} sec_rc5cbcParameter;
+
+static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(sec_rc5cbcParameter) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc5cbcParameter, version) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc5cbcParameter, rounds) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc5cbcParameter, blockSizeInBits) },
+ { 0 }
+};
+
+static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(sec_rc5cbcParameter) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc5cbcParameter, version) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc5cbcParameter, rounds) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc5cbcParameter, blockSizeInBits) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(sec_rc5cbcParameter, iv) },
+ { 0 }
+};
+
+typedef struct sec_rc2cbcParameterStr {
+ SECItem rc2ParameterVersion;
+ SECItem iv;
+} sec_rc2cbcParameter;
+
+static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(sec_rc2cbcParameter) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc2cbcParameter, rc2ParameterVersion) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(sec_rc2cbcParameter, iv) },
+ { 0 }
+};
+
+static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(sec_rc2cbcParameter) },
+ { SEC_ASN1_INTEGER,
+ offsetof(sec_rc2cbcParameter, rc2ParameterVersion) },
+ { 0 }
+};
+
+/* S/MIME picked id values to represent differnt keysizes */
+/* I do have a formula, but it ain't pretty, and it only works because you
+ * can always match three points to a parabola:) */
+static unsigned char
+rc2_map(SECItem *version)
+{
+ long x;
+
+ x = DER_GetInteger(version);
+
+ switch (x) {
+ case 58:
+ return 128;
+ case 120:
+ return 64;
+ case 160:
+ return 40;
+ }
+ return 128;
+}
+
+static unsigned long
+rc2_unmap(unsigned long x)
+{
+ switch (x) {
+ case 128:
+ return 58;
+ case 64:
+ return 120;
+ case 40:
+ return 160;
+ }
+ return 58;
+}
+
+/* Generate a mechaism param from a type, and iv. */
+SECItem *
+PK11_ParamFromAlgid(SECAlgorithmID *algid)
+{
+ CK_RC2_CBC_PARAMS *rc2_cbc_params = NULL;
+ CK_RC2_PARAMS *rc2_ecb_params = NULL;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
+ CK_RC5_PARAMS *rc5_ecb_params = NULL;
+ PLArenaPool *arena = NULL;
+ SECItem *mech = NULL;
+ SECOidTag algtag;
+ SECStatus rv;
+ CK_MECHANISM_TYPE type;
+ /* initialize these to prevent UMRs in the ASN1 decoder. */
+ SECItem iv = { siBuffer, NULL, 0 };
+ sec_rc2cbcParameter rc2 = { { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 } };
+ sec_rc5cbcParameter rc5 = { { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 } };
+
+ algtag = SECOID_GetAlgorithmTag(algid);
+ type = PK11_AlgtagToMechanism(algtag);
+
+ mech = PORT_New(SECItem);
+ if (mech == NULL) {
+ return NULL;
+ }
+ mech->type = siBuffer;
+ mech->data = NULL;
+ mech->len = 0;
+
+ arena = PORT_NewArena(1024);
+ if (!arena) {
+ goto loser;
+ }
+
+ /* handle the complicated cases */
+ switch (type) {
+ case CKM_RC2_ECB:
+ rv = SEC_ASN1DecodeItem(arena, &rc2, sec_rc2ecb_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc2_ecb_params = PORT_New(CK_RC2_PARAMS);
+ if (rc2_ecb_params == NULL) {
+ goto loser;
+ }
+ *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
+ mech->data = (unsigned char *)rc2_ecb_params;
+ mech->len = sizeof *rc2_ecb_params;
+ break;
+ case CKM_RC2_CBC:
+ case CKM_RC2_CBC_PAD:
+ rv = SEC_ASN1DecodeItem(arena, &rc2, sec_rc2cbc_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc2_cbc_params = PORT_New(CK_RC2_CBC_PARAMS);
+ if (rc2_cbc_params == NULL) {
+ goto loser;
+ }
+ mech->data = (unsigned char *)rc2_cbc_params;
+ mech->len = sizeof *rc2_cbc_params;
+ rc2_cbc_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
+ if (rc2.iv.len != sizeof rc2_cbc_params->iv) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto loser;
+ }
+ PORT_Memcpy(rc2_cbc_params->iv, rc2.iv.data, rc2.iv.len);
+ break;
+ case CKM_RC5_ECB:
+ rv = SEC_ASN1DecodeItem(arena, &rc5, sec_rc5ecb_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc5_ecb_params = PORT_New(CK_RC5_PARAMS);
+ if (rc5_ecb_params == NULL) {
+ goto loser;
+ }
+ rc5_ecb_params->ulRounds = DER_GetInteger(&rc5.rounds);
+ rc5_ecb_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits) / 8;
+ mech->data = (unsigned char *)rc5_ecb_params;
+ mech->len = sizeof *rc5_ecb_params;
+ break;
+ case CKM_RC5_CBC:
+ case CKM_RC5_CBC_PAD:
+ rv = SEC_ASN1DecodeItem(arena, &rc5, sec_rc5cbc_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
+ PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
+ if (rc5_cbc_params == NULL) {
+ goto loser;
+ }
+ mech->data = (unsigned char *)rc5_cbc_params;
+ mech->len = sizeof *rc5_cbc_params;
+ rc5_cbc_params->ulRounds = DER_GetInteger(&rc5.rounds);
+ rc5_cbc_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits) / 8;
+ rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS);
+ rc5_cbc_params->ulIvLen = rc5.iv.len;
+ PORT_Memcpy(rc5_cbc_params->pIv, rc5.iv.data, rc5.iv.len);
+ break;
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ case CKM_PKCS5_PBKD2:
+ rv = pbe_PK11AlgidToParam(algid, mech);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ break;
+ case CKM_RC4:
+ case CKM_SEED_ECB:
+ case CKM_CAMELLIA_ECB:
+ case CKM_AES_ECB:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_IDEA_ECB:
+ case CKM_CDMF_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ break;
+
+ default:
+ if (pk11_lookup(type)->iv == 0) {
+ break;
+ }
+ /* FALL THROUGH */
+ case CKM_SEED_CBC:
+ case CKM_CAMELLIA_CBC:
+ case CKM_AES_CBC:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_CDMF_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_SEED_CBC_PAD:
+ case CKM_CAMELLIA_CBC_PAD:
+ case CKM_AES_CBC_PAD:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ /* simple cases are simply octet string encoded IVs */
+ rv = SEC_ASN1DecodeItem(arena, &iv,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ &(algid->parameters));
+ if (rv != SECSuccess || iv.data == NULL) {
+ goto loser;
+ }
+ /* XXX Should be some IV length sanity check here. */
+ mech->data = (unsigned char *)PORT_Alloc(iv.len);
+ if (mech->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(mech->data, iv.data, iv.len);
+ mech->len = iv.len;
+ break;
+ }
+ PORT_FreeArena(arena, PR_FALSE);
+ return mech;
+
+loser:
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+ SECITEM_FreeItem(mech, PR_TRUE);
+ return NULL;
+}
+
+/*
+ * Generate an IV for the given mechanism
+ */
+static SECStatus
+pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv)
+{
+ int iv_size = PK11_GetIVLength(type);
+ SECStatus rv;
+
+ iv->len = iv_size;
+ if (iv_size == 0) {
+ iv->data = NULL;
+ return SECSuccess;
+ }
+
+ iv->data = (unsigned char *)PORT_Alloc(iv_size);
+ if (iv->data == NULL) {
+ iv->len = 0;
+ return SECFailure;
+ }
+
+ rv = PK11_GenerateRandom(iv->data, iv->len);
+ if (rv != SECSuccess) {
+ PORT_Free(iv->data);
+ iv->data = NULL;
+ iv->len = 0;
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * create a new parameter block from the passed in MECHANISM and the
+ * key. Use Netscape's S/MIME Rules for the New param block.
+ */
+SECItem *
+pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen)
+{
+ CK_RC2_CBC_PARAMS *rc2_params;
+ CK_RC2_PARAMS *rc2_ecb_params;
+ SECItem *mech;
+ SECItem iv;
+ SECStatus rv;
+
+ mech = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (mech == NULL)
+ return NULL;
+
+ rv = SECSuccess;
+ mech->type = siBuffer;
+ mech->data = NULL;
+ mech->len = 0;
+ switch (type) {
+ case CKM_RC4:
+ case CKM_SEED_ECB:
+ case CKM_CAMELLIA_ECB:
+ case CKM_AES_ECB:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_IDEA_ECB:
+ case CKM_CDMF_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ break;
+ case CKM_RC2_ECB:
+ rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
+ if (rc2_ecb_params == NULL) {
+ rv = SECFailure;
+ break;
+ }
+ /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
+ * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
+ *rc2_ecb_params = keyLen ? keyLen * 8 : 128;
+ mech->data = (unsigned char *)rc2_ecb_params;
+ mech->len = sizeof(CK_RC2_PARAMS);
+ break;
+ case CKM_RC2_CBC:
+ case CKM_RC2_CBC_PAD:
+ rv = pk11_GenIV(type, &iv);
+ if (rv != SECSuccess) {
+ break;
+ }
+ rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
+ if (rc2_params == NULL) {
+ PORT_Free(iv.data);
+ rv = SECFailure;
+ break;
+ }
+ /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
+ * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
+ rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128;
+ if (iv.data)
+ PORT_Memcpy(rc2_params->iv, iv.data, sizeof(rc2_params->iv));
+ mech->data = (unsigned char *)rc2_params;
+ mech->len = sizeof(CK_RC2_CBC_PARAMS);
+ PORT_Free(iv.data);
+ break;
+ case CKM_RC5_ECB:
+ PORT_Free(mech);
+ return PK11_ParamFromIV(type, NULL);
+ case CKM_RC5_CBC:
+ case CKM_RC5_CBC_PAD:
+ rv = pk11_GenIV(type, &iv);
+ if (rv != SECSuccess) {
+ break;
+ }
+ PORT_Free(mech);
+ return PK11_ParamFromIV(type, &iv);
+ default:
+ if (pk11_lookup(type)->iv == 0) {
+ break;
+ }
+ case CKM_SEED_CBC:
+ case CKM_CAMELLIA_CBC:
+ case CKM_AES_CBC:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_CDMF_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ rv = pk11_GenIV(type, &iv);
+ if (rv != SECSuccess) {
+ break;
+ }
+ mech->data = (unsigned char *)PORT_Alloc(iv.len);
+ if (mech->data == NULL) {
+ PORT_Free(iv.data);
+ rv = SECFailure;
+ break;
+ }
+ PORT_Memcpy(mech->data, iv.data, iv.len);
+ mech->len = iv.len;
+ PORT_Free(iv.data);
+ break;
+ }
+ if (rv != SECSuccess) {
+ SECITEM_FreeItem(mech, PR_TRUE);
+ return NULL;
+ }
+ return mech;
+}
+
+SECItem *
+PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key)
+{
+ int keyLen = key ? PK11_GetKeyLength(key) : 0;
+
+ return pk11_GenerateNewParamWithKeyLen(type, keyLen);
+}
+
+#define RC5_V10 0x10
+
+/* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */
+SECStatus
+PK11_ParamToAlgid(SECOidTag algTag, SECItem *param,
+ PLArenaPool *arena, SECAlgorithmID *algid)
+{
+ CK_RC2_CBC_PARAMS *rc2_params;
+ sec_rc2cbcParameter rc2;
+ CK_RC5_CBC_PARAMS *rc5_params;
+ sec_rc5cbcParameter rc5;
+ CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag);
+ SECItem *newParams = NULL;
+ SECStatus rv = SECFailure;
+ unsigned long rc2version;
+
+ switch (type) {
+ case CKM_RC4:
+ case CKM_SEED_ECB:
+ case CKM_CAMELLIA_ECB:
+ case CKM_AES_ECB:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_IDEA_ECB:
+ case CKM_CDMF_ECB:
+ case CKM_CAST_ECB:
+ case CKM_CAST3_ECB:
+ case CKM_CAST5_ECB:
+ newParams = NULL;
+ rv = SECSuccess;
+ break;
+ case CKM_RC2_ECB:
+ break;
+ case CKM_RC2_CBC:
+ case CKM_RC2_CBC_PAD:
+ rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
+ rc2version = rc2_unmap(rc2_params->ulEffectiveBits);
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &(rc2.rc2ParameterVersion),
+ rc2version) == NULL)
+ break;
+ rc2.iv.data = rc2_params->iv;
+ rc2.iv.len = sizeof(rc2_params->iv);
+ newParams = SEC_ASN1EncodeItem(NULL, NULL, &rc2,
+ sec_rc2cbc_parameter_template);
+ PORT_Free(rc2.rc2ParameterVersion.data);
+ if (newParams == NULL)
+ break;
+ rv = SECSuccess;
+ break;
+
+ case CKM_RC5_ECB: /* well not really... */
+ break;
+ case CKM_RC5_CBC:
+ case CKM_RC5_CBC_PAD:
+ rc5_params = (CK_RC5_CBC_PARAMS *)param->data;
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.version, RC5_V10) == NULL)
+ break;
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.blockSizeInBits,
+ rc5_params->ulWordsize * 8) == NULL) {
+ PORT_Free(rc5.version.data);
+ break;
+ }
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.rounds,
+ rc5_params->ulWordsize * 8) == NULL) {
+ PORT_Free(rc5.blockSizeInBits.data);
+ PORT_Free(rc5.version.data);
+ break;
+ }
+ rc5.iv.data = rc5_params->pIv;
+ rc5.iv.len = rc5_params->ulIvLen;
+ newParams = SEC_ASN1EncodeItem(NULL, NULL, &rc5,
+ sec_rc5cbc_parameter_template);
+ PORT_Free(rc5.version.data);
+ PORT_Free(rc5.blockSizeInBits.data);
+ PORT_Free(rc5.rounds.data);
+ if (newParams == NULL)
+ break;
+ rv = SECSuccess;
+ break;
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ return PBE_PK11ParamToAlgid(algTag, param, arena, algid);
+ default:
+ if (pk11_lookup(type)->iv == 0) {
+ rv = SECSuccess;
+ newParams = NULL;
+ break;
+ }
+ case CKM_SEED_CBC:
+ case CKM_CAMELLIA_CBC:
+ case CKM_AES_CBC:
+ case CKM_DES_CBC:
+ case CKM_DES3_CBC:
+ case CKM_IDEA_CBC:
+ case CKM_CDMF_CBC:
+ case CKM_CAST_CBC:
+ case CKM_CAST3_CBC:
+ case CKM_CAST5_CBC:
+ case CKM_DES_CBC_PAD:
+ case CKM_DES3_CBC_PAD:
+ case CKM_IDEA_CBC_PAD:
+ case CKM_CDMF_CBC_PAD:
+ case CKM_CAST_CBC_PAD:
+ case CKM_CAST3_CBC_PAD:
+ case CKM_CAST5_CBC_PAD:
+ case CKM_SKIPJACK_CBC64:
+ case CKM_SKIPJACK_ECB64:
+ case CKM_SKIPJACK_OFB64:
+ case CKM_SKIPJACK_CFB64:
+ case CKM_SKIPJACK_CFB32:
+ case CKM_SKIPJACK_CFB16:
+ case CKM_SKIPJACK_CFB8:
+ case CKM_BATON_ECB128:
+ case CKM_BATON_ECB96:
+ case CKM_BATON_CBC128:
+ case CKM_BATON_COUNTER:
+ case CKM_BATON_SHUFFLE:
+ case CKM_JUNIPER_ECB128:
+ case CKM_JUNIPER_CBC128:
+ case CKM_JUNIPER_COUNTER:
+ case CKM_JUNIPER_SHUFFLE:
+ newParams = SEC_ASN1EncodeItem(NULL, NULL, param,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (newParams == NULL)
+ break;
+ rv = SECSuccess;
+ break;
+ }
+
+ if (rv != SECSuccess) {
+ if (newParams)
+ SECITEM_FreeItem(newParams, PR_TRUE);
+ return rv;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams);
+ SECITEM_FreeItem(newParams, PR_TRUE);
+ return rv;
+}
+
+/* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to
+ * map OID's directly into the PKCS #11 mechanism we want to call. We find
+ * this mapping in our standard OID table */
+CK_MECHANISM_TYPE
+PK11_AlgtagToMechanism(SECOidTag algTag)
+{
+ SECOidData *oid = SECOID_FindOIDByTag(algTag);
+
+ if (oid)
+ return (CK_MECHANISM_TYPE)oid->mechanism;
+ return CKM_INVALID_MECHANISM;
+}
+
+/* turn a mechanism into an oid. */
+SECOidTag
+PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type)
+{
+ SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type);
+
+ if (oid)
+ return oid->offset;
+ return SEC_OID_UNKNOWN;
+}
+
+/* Determine appropriate blocking mechanism, used when wrapping private keys
+ * which require PKCS padding. If the mechanism does not map to a padding
+ * mechanism, we simply return the mechanism.
+ */
+CK_MECHANISM_TYPE
+PK11_GetPadMechanism(CK_MECHANISM_TYPE type)
+{
+ switch (type) {
+ case CKM_SEED_CBC:
+ return CKM_SEED_CBC_PAD;
+ case CKM_CAMELLIA_CBC:
+ return CKM_CAMELLIA_CBC_PAD;
+ case CKM_AES_CBC:
+ return CKM_AES_CBC_PAD;
+ case CKM_DES_CBC:
+ return CKM_DES_CBC_PAD;
+ case CKM_DES3_CBC:
+ return CKM_DES3_CBC_PAD;
+ case CKM_RC2_CBC:
+ return CKM_RC2_CBC_PAD;
+ case CKM_CDMF_CBC:
+ return CKM_CDMF_CBC_PAD;
+ case CKM_CAST_CBC:
+ return CKM_CAST_CBC_PAD;
+ case CKM_CAST3_CBC:
+ return CKM_CAST3_CBC_PAD;
+ case CKM_CAST5_CBC:
+ return CKM_CAST5_CBC_PAD;
+ case CKM_RC5_CBC:
+ return CKM_RC5_CBC_PAD;
+ case CKM_IDEA_CBC:
+ return CKM_IDEA_CBC_PAD;
+ default:
+ break;
+ }
+
+ return type;
+}
+
+static PRBool
+pk11_isAllZero(unsigned char *data, int len)
+{
+ while (len--) {
+ if (*data++) {
+ return PR_FALSE;
+ }
+ }
+ return PR_TRUE;
+}
+
+CK_RV
+PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
+ CK_MECHANISM_PTR pCryptoMechanism,
+ SECItem *pbe_pwd, PRBool faulty3DES)
+{
+ int iv_len = 0;
+ CK_PBE_PARAMS_PTR pPBEparams;
+ CK_RC2_CBC_PARAMS_PTR rc2_params;
+ CK_ULONG rc2_key_len;
+
+ if ((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* pkcs5 v2 cannot be supported by this interface.
+ * use PK11_GetPBECryptoMechanism instead.
+ */
+ if ((pPBEMechanism->mechanism == CKM_INVALID_MECHANISM) ||
+ (pPBEMechanism->mechanism == CKM_PKCS5_PBKD2)) {
+ return CKR_MECHANISM_INVALID;
+ }
+
+ pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter;
+ iv_len = PK11_GetIVLength(pPBEMechanism->mechanism);
+
+ if (iv_len) {
+ if (pk11_isAllZero(pPBEparams->pInitVector, iv_len)) {
+ SECItem param;
+ PK11SymKey *symKey;
+ PK11SlotInfo *intSlot = PK11_GetInternalSlot();
+
+ if (intSlot == NULL) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ param.data = pPBEMechanism->pParameter;
+ param.len = pPBEMechanism->ulParameterLen;
+
+ symKey = PK11_RawPBEKeyGen(intSlot,
+ pPBEMechanism->mechanism, &param, pbe_pwd, faulty3DES, NULL);
+ PK11_FreeSlot(intSlot);
+ if (symKey == NULL) {
+ return CKR_DEVICE_ERROR; /* sigh */
+ }
+ PK11_FreeSymKey(symKey);
+ }
+ }
+
+ switch (pPBEMechanism->mechanism) {
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ pCryptoMechanism->mechanism = CKM_DES_CBC;
+ goto have_crypto_mechanism;
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ pCryptoMechanism->mechanism = CKM_DES3_CBC;
+ have_crypto_mechanism:
+ pCryptoMechanism->pParameter = PORT_Alloc(iv_len);
+ pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len;
+ if (pCryptoMechanism->pParameter == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter),
+ (unsigned char *)(pPBEparams->pInitVector),
+ iv_len);
+ break;
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ pCryptoMechanism->mechanism = CKM_RC4;
+ pCryptoMechanism->ulParameterLen = 0;
+ pCryptoMechanism->pParameter = CK_NULL_PTR;
+ break;
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ rc2_key_len = 40;
+ goto have_key_len;
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ rc2_key_len = 128;
+ have_key_len:
+ pCryptoMechanism->mechanism = CKM_RC2_CBC;
+ pCryptoMechanism->ulParameterLen = (CK_ULONG)sizeof(CK_RC2_CBC_PARAMS);
+ pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR)
+ PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS));
+ if (pCryptoMechanism->pParameter == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter;
+ PORT_Memcpy((unsigned char *)rc2_params->iv,
+ (unsigned char *)pPBEparams->pInitVector,
+ iv_len);
+ rc2_params->ulEffectiveBits = rc2_key_len;
+ break;
+ default:
+ return CKR_MECHANISM_INVALID;
+ }
+
+ return CKR_OK;
+}
+
+/* Make a Key type to an appropriate signing/verification mechanism */
+CK_MECHANISM_TYPE
+PK11_MapSignKeyType(KeyType keyType)
+{
+ switch (keyType) {
+ case rsaKey:
+ return CKM_RSA_PKCS;
+ case fortezzaKey:
+ case dsaKey:
+ return CKM_DSA;
+ case ecKey:
+ return CKM_ECDSA;
+ case dhKey:
+ default:
+ break;
+ }
+ return CKM_INVALID_MECHANISM;
+}
+
+CK_MECHANISM_TYPE
+pk11_mapWrapKeyType(KeyType keyType)
+{
+ switch (keyType) {
+ case rsaKey:
+ return CKM_RSA_PKCS;
+ /* Add fortezza?? */
+ default:
+ break;
+ }
+ return CKM_INVALID_MECHANISM;
+}
+
+SECOidTag
+PK11_FortezzaMapSig(SECOidTag algTag)
+{
+ switch (algTag) {
+ case SEC_OID_MISSI_KEA_DSS:
+ case SEC_OID_MISSI_DSS:
+ case SEC_OID_MISSI_DSS_OLD:
+ case SEC_OID_MISSI_KEA_DSS_OLD:
+ case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ return SEC_OID_ANSIX9_DSA_SIGNATURE;
+ default:
+ break;
+ }
+ return algTag;
+}
diff --git a/security/nss/lib/pk11wrap/pk11merge.c b/security/nss/lib/pk11wrap/pk11merge.c
new file mode 100644
index 000000000..8c4c5129a
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11merge.c
@@ -0,0 +1,1432 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Merge the source token into the target token.
+ */
+
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pk11pub.h"
+#include "pk11priv.h"
+#include "pkcs11.h"
+#include "seccomon.h"
+#include "secerr.h"
+#include "keyhi.h"
+#include "hasht.h"
+#include "cert.h"
+#include "certdb.h"
+
+/*************************************************************************
+ *
+ * short utilities to aid in the merge
+ *
+ *************************************************************************/
+
+/*
+ * write a bunch of attributes out to an existing object.
+ */
+static SECStatus
+pk11_setAttributes(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE *setTemplate, CK_ULONG setTemplCount)
+{
+ CK_RV crv;
+ CK_SESSION_HANDLE rwsession;
+
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, id,
+ setTemplate, setTemplCount);
+ PK11_RestoreROSession(slot, rwsession);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * copy a template of attributes from a source object to a target object.
+ * if target object is not given, create it.
+ */
+static SECStatus
+pk11_copyAttributes(PLArenaPool *arena,
+ PK11SlotInfo *targetSlot, CK_OBJECT_HANDLE targetID,
+ PK11SlotInfo *sourceSlot, CK_OBJECT_HANDLE sourceID,
+ CK_ATTRIBUTE *copyTemplate, CK_ULONG copyTemplateCount)
+{
+ SECStatus rv;
+ CK_ATTRIBUTE *newTemplate = NULL;
+ CK_RV crv;
+
+ crv = PK11_GetAttributes(arena, sourceSlot, sourceID,
+ copyTemplate, copyTemplateCount);
+ /* if we have missing attributes, just skip them and create the object */
+ if (crv == CKR_ATTRIBUTE_TYPE_INVALID) {
+ int i, j;
+ newTemplate = PORT_NewArray(CK_ATTRIBUTE, copyTemplateCount);
+ /* remove the unknown attributes. If we don't have enough attributes
+ * PK11_CreateNewObject() will fail */
+ for (i = 0, j = 0; i < copyTemplateCount; i++) {
+ if (copyTemplate[i].ulValueLen != -1) {
+ newTemplate[j] = copyTemplate[i];
+ j++;
+ }
+ }
+ copyTemplate = newTemplate;
+ copyTemplateCount = j;
+ crv = PK11_GetAttributes(arena, sourceSlot, sourceID,
+ copyTemplate, copyTemplateCount);
+ }
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ if (targetID == CK_INVALID_HANDLE) {
+ /* we need to create the object */
+ rv = PK11_CreateNewObject(targetSlot, CK_INVALID_SESSION,
+ copyTemplate, copyTemplateCount, PR_TRUE, &targetID);
+ } else {
+ /* update the existing object with the new attributes */
+ rv = pk11_setAttributes(targetSlot, targetID,
+ copyTemplate, copyTemplateCount);
+ }
+ if (newTemplate) {
+ free(newTemplate);
+ }
+ return rv;
+}
+
+/*
+ * look for a matching object across tokens.
+ */
+static SECStatus
+pk11_matchAcrossTokens(PLArenaPool *arena, PK11SlotInfo *targetSlot,
+ PK11SlotInfo *sourceSlot,
+ CK_ATTRIBUTE *template, CK_ULONG tsize,
+ CK_OBJECT_HANDLE id, CK_OBJECT_HANDLE *peer)
+{
+
+ CK_RV crv;
+ *peer = CK_INVALID_HANDLE;
+
+ crv = PK11_GetAttributes(arena, sourceSlot, id, template, tsize);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ if (template[0].ulValueLen == -1) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ *peer = pk11_FindObjectByTemplate(targetSlot, template, tsize);
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+/*
+ * Encrypt using key and parameters
+ */
+SECStatus
+pk11_encrypt(PK11SymKey *symKey, CK_MECHANISM_TYPE mechType, SECItem *param,
+ SECItem *input, SECItem **output)
+{
+ PK11Context *ctxt = NULL;
+ SECStatus rv = SECSuccess;
+
+ if (*output) {
+ SECITEM_FreeItem(*output, PR_TRUE);
+ }
+ *output = SECITEM_AllocItem(NULL, NULL, input->len + 20 /*slop*/);
+ if (!*output) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ ctxt = PK11_CreateContextBySymKey(mechType, CKA_ENCRYPT, symKey, param);
+ if (ctxt == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ rv = PK11_CipherOp(ctxt, (*output)->data,
+ (int *)&((*output)->len),
+ (*output)->len, input->data, input->len);
+
+done:
+ if (ctxt) {
+ PK11_Finalize(ctxt);
+ PK11_DestroyContext(ctxt, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ if (*output) {
+ SECITEM_FreeItem(*output, PR_TRUE);
+ *output = NULL;
+ }
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Private Keys
+ *
+ *************************************************************************/
+
+/*
+ * Fetch the key usage based on the pkcs #11 flags
+ */
+unsigned int
+pk11_getPrivateKeyUsage(PK11SlotInfo *slot, CK_OBJECT_HANDLE id)
+{
+ unsigned int usage = 0;
+
+ if ((PK11_HasAttributeSet(slot, id, CKA_UNWRAP, PR_FALSE) ||
+ PK11_HasAttributeSet(slot, id, CKA_DECRYPT, PR_FALSE))) {
+ usage |= KU_KEY_ENCIPHERMENT;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_DERIVE, PR_FALSE)) {
+ usage |= KU_KEY_AGREEMENT;
+ }
+ if ((PK11_HasAttributeSet(slot, id, CKA_SIGN_RECOVER, PR_FALSE) ||
+ PK11_HasAttributeSet(slot, id, CKA_SIGN, PR_FALSE))) {
+ usage |= KU_DIGITAL_SIGNATURE;
+ }
+ return usage;
+}
+
+/*
+ * merge a private key,
+ *
+ * Private keys are merged using PBE wrapped keys with a random
+ * value as the 'password'. Once the base key is moved, The remaining
+ * attributes (SUBJECT) is copied.
+ */
+static SECStatus
+pk11_mergePrivateKey(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ SECKEYPrivateKey *sourceKey = NULL;
+ CK_OBJECT_HANDLE targetKeyID;
+ SECKEYEncryptedPrivateKeyInfo *epki = NULL;
+ char *nickname = NULL;
+ SECItem nickItem;
+ SECItem pwitem;
+ SECItem publicValue;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+ unsigned int keyUsage;
+ unsigned char randomData[SHA1_LENGTH];
+ SECOidTag algTag = SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
+ CK_ATTRIBUTE privTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ CK_ULONG privTemplateCount = sizeof(privTemplate) / sizeof(privTemplate[0]);
+ CK_ATTRIBUTE privCopyTemplate[] = {
+ { CKA_SUBJECT, NULL, 0 }
+ };
+ CK_ULONG privCopyTemplateCount =
+ sizeof(privCopyTemplate) / sizeof(privCopyTemplate[0]);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* check to see if the key is already in the target slot */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot, privTemplate,
+ privTemplateCount, id, &targetKeyID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ if (targetKeyID != CK_INVALID_HANDLE) {
+ /* match found, not an error ... */
+ goto done;
+ }
+
+ /* get an NSS representation of our source key */
+ sourceKey = PK11_MakePrivKey(sourceSlot, nullKey, PR_FALSE,
+ id, sourcePwArg);
+ if (sourceKey == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* Load the private key */
+ /* generate a random pwitem */
+ rv = PK11_GenerateRandom(randomData, sizeof(randomData));
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ pwitem.data = randomData;
+ pwitem.len = sizeof(randomData);
+ /* fetch the private key encrypted */
+ epki = PK11_ExportEncryptedPrivKeyInfo(sourceSlot, algTag, &pwitem,
+ sourceKey, 1, sourcePwArg);
+ if (epki == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ nickname = PK11_GetObjectNickname(sourceSlot, id);
+ /* NULL nickanme is fine (in fact is often normal) */
+ if (nickname) {
+ nickItem.data = (unsigned char *)nickname;
+ nickItem.len = PORT_Strlen(nickname);
+ }
+ keyUsage = pk11_getPrivateKeyUsage(sourceSlot, id);
+ /* pass in the CKA_ID */
+ publicValue.data = privTemplate[0].pValue;
+ publicValue.len = privTemplate[0].ulValueLen;
+ rv = PK11_ImportEncryptedPrivateKeyInfo(targetSlot, epki, &pwitem,
+ nickname ? &nickItem : NULL, &publicValue,
+ PR_TRUE, PR_TRUE, sourceKey->keyType, keyUsage,
+ targetPwArg);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* make sure it made it */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot, privTemplate,
+ privTemplateCount, id, &targetKeyID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ if (targetKeyID == CK_INVALID_HANDLE) {
+ /* this time the key should exist */
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* fill in remaining attributes */
+ rv = pk11_copyAttributes(arena, targetSlot, targetKeyID, sourceSlot, id,
+ privCopyTemplate, privCopyTemplateCount);
+done:
+ /* make sure the 'key' is cleared */
+ PORT_Memset(randomData, 0, sizeof(randomData));
+ if (nickname) {
+ PORT_Free(nickname);
+ }
+ if (sourceKey) {
+ SECKEY_DestroyPrivateKey(sourceKey);
+ }
+ if (epki) {
+ SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Secret Keys
+ *
+ *************************************************************************/
+
+/*
+ * we need to find a unique CKA_ID.
+ * The basic idea is to just increment the lowest byte.
+ * This code also handles the following corner cases:
+ * 1) the single byte overflows. On overflow we increment the next byte up
+ * and so forth until we have overflowed the entire CKA_ID.
+ * 2) If we overflow the entire CKA_ID we expand it by one byte.
+ * 3) the CKA_ID is non-existent, we create a new one with one byte.
+ * This means no matter what CKA_ID is passed, the result of this function
+ * is always a new CKA_ID, and this function will never return the same
+ * CKA_ID the it has returned in the passed.
+ */
+static SECStatus
+pk11_incrementID(PLArenaPool *arena, CK_ATTRIBUTE *ptemplate)
+{
+ unsigned char *buf = ptemplate->pValue;
+ CK_ULONG len = ptemplate->ulValueLen;
+
+ if (buf == NULL || len == (CK_ULONG)-1) {
+ /* we have no valid CKAID, we'll create a basic one byte CKA_ID below */
+ len = 0;
+ } else {
+ CK_ULONG i;
+
+ /* walk from the back to front, incrementing
+ * the CKA_ID until we no longer have a carry,
+ * or have hit the front of the id. */
+ for (i = len; i != 0; i--) {
+ buf[i - 1]++;
+ if (buf[i - 1] != 0) {
+ /* no more carries, the increment is complete */
+ return SECSuccess;
+ }
+ }
+ /* we've now overflowed, fall through and expand the CKA_ID by
+ * one byte */
+ }
+ /* if we are here we've run the counter to zero (indicating an overflow).
+ * create an CKA_ID that is all zeros, but has one more zero than
+ * the previous CKA_ID */
+ buf = PORT_ArenaZAlloc(arena, len + 1);
+ if (buf == NULL) {
+ return SECFailure;
+ }
+ ptemplate->pValue = buf;
+ ptemplate->ulValueLen = len + 1;
+ return SECSuccess;
+}
+
+static CK_FLAGS
+pk11_getSecretKeyFlags(PK11SlotInfo *slot, CK_OBJECT_HANDLE id)
+{
+ CK_FLAGS flags = 0;
+
+ if (PK11_HasAttributeSet(slot, id, CKA_UNWRAP, PR_FALSE)) {
+ flags |= CKF_UNWRAP;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_WRAP, PR_FALSE)) {
+ flags |= CKF_WRAP;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_ENCRYPT, PR_FALSE)) {
+ flags |= CKF_ENCRYPT;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_DECRYPT, PR_FALSE)) {
+ flags |= CKF_DECRYPT;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_DERIVE, PR_FALSE)) {
+ flags |= CKF_DERIVE;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_SIGN, PR_FALSE)) {
+ flags |= CKF_SIGN;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_SIGN_RECOVER, PR_FALSE)) {
+ flags |= CKF_SIGN_RECOVER;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_VERIFY, PR_FALSE)) {
+ flags |= CKF_VERIFY;
+ }
+ if (PK11_HasAttributeSet(slot, id, CKA_VERIFY_RECOVER, PR_FALSE)) {
+ flags |= CKF_VERIFY_RECOVER;
+ }
+ return flags;
+}
+
+static const char testString[] =
+ "My Encrytion Test Data (should be at least 32 bytes long)";
+/*
+ * merge a secret key,
+ *
+ * Secret keys may collide by CKA_ID as we merge 2 token. If we collide
+ * on the CKA_ID, we need to make sure we are dealing with different keys.
+ * The reason for this is it is possible that we've merged this database
+ * before, and this key could have been merged already. If the keys are
+ * the same, we are done. If they are not, we need to update the CKA_ID of
+ * the source key and try again.
+ *
+ * Once we know we have a unique key to merge in, we use NSS's underlying
+ * key Move function which will do a key exchange if necessary to move
+ * the key from one token to another. Then we set the CKA_ID and additional
+ * pkcs #11 attributes.
+ */
+static SECStatus
+pk11_mergeSecretKey(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ PK11SymKey *sourceKey = NULL;
+ PK11SymKey *targetKey = NULL;
+ SECItem *sourceOutput = NULL;
+ SECItem *targetOutput = NULL;
+ SECItem *param = NULL;
+ int blockSize;
+ SECItem input;
+ CK_OBJECT_HANDLE targetKeyID;
+ CK_FLAGS flags;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+ CK_MECHANISM_TYPE keyMechType, cryptoMechType;
+ CK_KEY_TYPE sourceKeyType, targetKeyType;
+ CK_ATTRIBUTE symTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ CK_ULONG symTemplateCount = sizeof(symTemplate) / sizeof(symTemplate[0]);
+ CK_ATTRIBUTE symCopyTemplate[] = {
+ { CKA_LABEL, NULL, 0 }
+ };
+ CK_ULONG symCopyTemplateCount =
+ sizeof(symCopyTemplate) / sizeof(symCopyTemplate[0]);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ sourceKeyType = PK11_ReadULongAttribute(sourceSlot, id, CKA_KEY_TYPE);
+ if (sourceKeyType == (CK_ULONG)-1) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* get the key mechanism */
+ keyMechType = PK11_GetKeyMechanism(sourceKeyType);
+ /* get a mechanism suitable to encryption.
+ * PK11_GetKeyMechanism returns a mechanism that is unique to the key
+ * type. It tries to return encryption/decryption mechanisms, however
+ * CKM_DES3_CBC uses and abmiguous keyType, so keyMechType is returned as
+ * 'keygen' mechanism. Detect that case here */
+ cryptoMechType = keyMechType;
+ if ((keyMechType == CKM_DES3_KEY_GEN) ||
+ (keyMechType == CKM_DES2_KEY_GEN)) {
+ cryptoMechType = CKM_DES3_CBC;
+ }
+
+ sourceKey = PK11_SymKeyFromHandle(sourceSlot, NULL, PK11_OriginDerive,
+ keyMechType, id, PR_FALSE, sourcePwArg);
+ if (sourceKey == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* check to see a key with the same CKA_ID already exists in
+ * the target slot. If it does, then we need to verify if the keys
+ * really matches. If they don't import the key with a new CKA_ID
+ * value. */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot,
+ symTemplate, symTemplateCount, id, &targetKeyID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* set up the input test */
+ input.data = (unsigned char *)testString;
+ blockSize = PK11_GetBlockSize(cryptoMechType, NULL);
+ if (blockSize < 0) {
+ rv = SECFailure;
+ goto done;
+ }
+ input.len = blockSize;
+ if (input.len == 0) {
+ input.len = sizeof(testString);
+ }
+ while (targetKeyID != CK_INVALID_HANDLE) {
+ /* test to see if the keys are identical */
+ targetKeyType = PK11_ReadULongAttribute(sourceSlot, id, CKA_KEY_TYPE);
+ if (targetKeyType == sourceKeyType) {
+ /* same keyType - see if it's the same key */
+ targetKey = PK11_SymKeyFromHandle(targetSlot, NULL,
+ PK11_OriginDerive, keyMechType, targetKeyID, PR_FALSE,
+ targetPwArg);
+ /* get a parameter if we don't already have one */
+ if (!param) {
+ param = PK11_GenerateNewParam(cryptoMechType, sourceKey);
+ if (param == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ }
+ /* use the source key to encrypt a reference */
+ if (!sourceOutput) {
+ rv = pk11_encrypt(sourceKey, cryptoMechType, param, &input,
+ &sourceOutput);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ }
+ /* encrypt the reference with the target key */
+ rv = pk11_encrypt(targetKey, cryptoMechType, param, &input,
+ &targetOutput);
+ if (rv == SECSuccess) {
+ if (SECITEM_ItemsAreEqual(sourceOutput, targetOutput)) {
+ /* they produce the same output, they must be the
+ * same key */
+ goto done;
+ }
+ SECITEM_FreeItem(targetOutput, PR_TRUE);
+ targetOutput = NULL;
+ }
+ PK11_FreeSymKey(targetKey);
+ targetKey = NULL;
+ }
+ /* keys aren't equal, update the KEY_ID and look again */
+ rv = pk11_incrementID(arena, &symTemplate[0]);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ targetKeyID = pk11_FindObjectByTemplate(targetSlot,
+ symTemplate, symTemplateCount);
+ }
+
+ /* we didn't find a matching key, import this one with the new
+ * CKAID */
+ flags = pk11_getSecretKeyFlags(sourceSlot, id);
+ targetKey = PK11_MoveSymKey(targetSlot, PK11_OriginDerive, flags, PR_TRUE,
+ sourceKey);
+ if (targetKey == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ /* set the key new CKAID */
+ rv = pk11_setAttributes(targetSlot, targetKey->objectID, symTemplate, 1);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* fill in remaining attributes */
+ rv = pk11_copyAttributes(arena, targetSlot, targetKey->objectID,
+ sourceSlot, id, symCopyTemplate, symCopyTemplateCount);
+done:
+ if (sourceKey) {
+ PK11_FreeSymKey(sourceKey);
+ }
+ if (targetKey) {
+ PK11_FreeSymKey(targetKey);
+ }
+ if (sourceOutput) {
+ SECITEM_FreeItem(sourceOutput, PR_TRUE);
+ }
+ if (targetOutput) {
+ SECITEM_FreeItem(targetOutput, PR_TRUE);
+ }
+ if (param) {
+ SECITEM_FreeItem(param, PR_TRUE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Public Keys
+ *
+ *************************************************************************/
+
+/*
+ * Merge public key
+ *
+ * Use the high level NSS calls to extract the public key and import it
+ * into the token. Extra attributes are then copied to the new token.
+ */
+static SECStatus
+pk11_mergePublicKey(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ SECKEYPublicKey *sourceKey = NULL;
+ CK_OBJECT_HANDLE targetKeyID;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+ CK_ATTRIBUTE pubTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ CK_ULONG pubTemplateCount = sizeof(pubTemplate) / sizeof(pubTemplate[0]);
+ CK_ATTRIBUTE pubCopyTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_LABEL, NULL, 0 },
+ { CKA_SUBJECT, NULL, 0 }
+ };
+ CK_ULONG pubCopyTemplateCount =
+ sizeof(pubCopyTemplate) / sizeof(pubCopyTemplate[0]);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* check to see if the key is already in the target slot */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot, pubTemplate,
+ pubTemplateCount, id, &targetKeyID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* Key is already in the target slot */
+ if (targetKeyID != CK_INVALID_HANDLE) {
+ /* not an error ... */
+ goto done;
+ }
+
+ /* fetch an NSS representation of the public key */
+ sourceKey = PK11_ExtractPublicKey(sourceSlot, nullKey, id);
+ if (sourceKey == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* load the public key into the target token. */
+ targetKeyID = PK11_ImportPublicKey(targetSlot, sourceKey, PR_TRUE);
+ if (targetKeyID == CK_INVALID_HANDLE) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* fill in remaining attributes */
+ rv = pk11_copyAttributes(arena, targetSlot, targetKeyID, sourceSlot, id,
+ pubCopyTemplate, pubCopyTemplateCount);
+
+done:
+ if (sourceKey) {
+ SECKEY_DestroyPublicKey(sourceKey);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Certificates
+ *
+ *************************************************************************/
+
+/*
+ * Two copies of the source code for this algorithm exist in NSS.
+ * Changes must be made in both copies.
+ * The other copy is in sftkdb_resolveConflicts() in softoken/sftkdb.c.
+ */
+static char *
+pk11_IncrementNickname(char *nickname)
+{
+ char *newNickname = NULL;
+ int end;
+ int digit;
+ int len = strlen(nickname);
+
+ /* does nickname end with " #n*" ? */
+ for (end = len - 1;
+ end >= 2 && (digit = nickname[end]) <= '9' && digit >= '0';
+ end--) /* just scan */
+ ;
+ if (len >= 3 &&
+ end < (len - 1) /* at least one digit */ &&
+ nickname[end] == '#' &&
+ nickname[end - 1] == ' ') {
+ /* Already has a suitable suffix string */
+ } else {
+ /* ... append " #2" to the name */
+ static const char num2[] = " #2";
+ newNickname = PORT_Realloc(nickname, len + sizeof(num2));
+ if (newNickname) {
+ PORT_Strcat(newNickname, num2);
+ } else {
+ PORT_Free(nickname);
+ }
+ return newNickname;
+ }
+
+ for (end = len - 1;
+ end >= 0 && (digit = nickname[end]) <= '9' && digit >= '0';
+ end--) {
+ if (digit < '9') {
+ nickname[end]++;
+ return nickname;
+ }
+ nickname[end] = '0';
+ }
+
+ /* we overflowed, insert a new '1' for a carry in front of the number */
+ newNickname = PORT_Realloc(nickname, len + 2);
+ if (newNickname) {
+ newNickname[++end] = '1';
+ PORT_Memset(&newNickname[end + 1], '0', len - end);
+ newNickname[len + 1] = 0;
+ } else {
+ PORT_Free(nickname);
+ }
+ return newNickname;
+}
+
+/*
+ * merge a certificate object
+ *
+ * Use the high level NSS calls to extract and import the certificate.
+ */
+static SECStatus
+pk11_mergeCert(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ CERTCertificate *sourceCert = NULL;
+ CK_OBJECT_HANDLE targetCertID = CK_INVALID_HANDLE;
+ char *nickname = NULL;
+ SECStatus rv = SECSuccess;
+ PLArenaPool *arena = NULL;
+ CK_ATTRIBUTE sourceCKAID = { CKA_ID, NULL, 0 };
+ CK_ATTRIBUTE targetCKAID = { CKA_ID, NULL, 0 };
+ SECStatus lrv = SECSuccess;
+ int error = SEC_ERROR_LIBRARY_FAILURE;
+
+ sourceCert = PK11_MakeCertFromHandle(sourceSlot, id, NULL);
+ if (sourceCert == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ nickname = PK11_GetObjectNickname(sourceSlot, id);
+
+ /* The database code will prevent nickname collisions for certs with
+ * different subjects. This code will prevent us from getting
+ * actual import errors */
+ if (nickname) {
+ const char *tokenName = PK11_GetTokenName(targetSlot);
+ char *tokenNickname = NULL;
+
+ do {
+ tokenNickname = PR_smprintf("%s:%s", tokenName, nickname);
+ if (!tokenNickname) {
+ break;
+ }
+ if (!SEC_CertNicknameConflict(tokenNickname,
+ &sourceCert->derSubject, CERT_GetDefaultCertDB())) {
+ break;
+ }
+ nickname = pk11_IncrementNickname(nickname);
+ if (!nickname) {
+ break;
+ }
+ PR_smprintf_free(tokenNickname);
+ } while (1);
+ if (tokenNickname) {
+ PR_smprintf_free(tokenNickname);
+ }
+ }
+
+ /* see if the cert is already there */
+ targetCertID = PK11_FindCertInSlot(targetSlot, sourceCert, targetPwArg);
+ if (targetCertID == CK_INVALID_HANDLE) {
+ /* cert doesn't exist load the cert in. */
+ /* OK for the nickname to be NULL, not all certs have nicknames */
+ rv = PK11_ImportCert(targetSlot, sourceCert, CK_INVALID_HANDLE,
+ nickname, PR_FALSE);
+ goto done;
+ }
+
+ /* the cert already exists, see if the nickname and/or CKA_ID need
+ * to be updated */
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* does our source have a CKA_ID ? */
+ rv = PK11_GetAttributes(arena, sourceSlot, id, &sourceCKAID, 1);
+ if (rv != SECSuccess) {
+ sourceCKAID.ulValueLen = 0;
+ }
+
+ /* if we have a source CKA_ID, see of we need to update the
+ * target's CKA_ID */
+ if (sourceCKAID.ulValueLen != 0) {
+ rv = PK11_GetAttributes(arena, targetSlot, targetCertID,
+ &targetCKAID, 1);
+ if (rv != SECSuccess) {
+ targetCKAID.ulValueLen = 0;
+ }
+ /* if the target has no CKA_ID, update it from the source */
+ if (targetCKAID.ulValueLen == 0) {
+ lrv = pk11_setAttributes(targetSlot, targetCertID, &sourceCKAID, 1);
+ if (lrv != SECSuccess) {
+ error = PORT_GetError();
+ }
+ }
+ }
+ rv = SECSuccess;
+
+ /* now check if we need to update the nickname */
+ if (nickname && *nickname) {
+ char *targetname;
+ targetname = PK11_GetObjectNickname(targetSlot, targetCertID);
+ if (!targetname || !*targetname) {
+ /* target has no nickname, or it's empty, update it */
+ rv = PK11_SetObjectNickname(targetSlot, targetCertID, nickname);
+ }
+ if (targetname) {
+ PORT_Free(targetname);
+ }
+ }
+
+ /* restore the error code if CKA_ID failed, but nickname didn't */
+ if ((rv == SECSuccess) && (lrv != SECSuccess)) {
+ rv = lrv;
+ PORT_SetError(error);
+ }
+
+done:
+ if (nickname) {
+ PORT_Free(nickname);
+ }
+ if (sourceCert) {
+ CERT_DestroyCertificate(sourceCert);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Crls
+ *
+ *************************************************************************/
+
+/*
+ * Use the raw PKCS #11 interface to merge the CRLs.
+ *
+ * In the case where of collision, choose the newest CRL that is valid.
+ */
+static SECStatus
+pk11_mergeCrl(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ CK_OBJECT_HANDLE targetCrlID;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+ CK_ATTRIBUTE crlTemplate[] = {
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_CLASS, NULL, 0 },
+ { CKA_NSS_KRL, NULL, 0 }
+ };
+ CK_ULONG crlTemplateCount = sizeof(crlTemplate) / sizeof(crlTemplate[0]);
+ CK_ATTRIBUTE crlCopyTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_LABEL, NULL, 0 },
+ { CKA_PRIVATE, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_NSS_KRL, NULL, 0 },
+ { CKA_NSS_URL, NULL, 0 },
+ { CKA_VALUE, NULL, 0 }
+ };
+ CK_ULONG crlCopyTemplateCount =
+ sizeof(crlCopyTemplate) / sizeof(crlCopyTemplate[0]);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ /* check to see if the crl is already in the target slot */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot, crlTemplate,
+ crlTemplateCount, id, &targetCrlID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ if (targetCrlID != CK_INVALID_HANDLE) {
+ /* we already have a CRL, check to see which is more up-to-date. */
+ goto done;
+ }
+
+ /* load the CRL into the target token. */
+ rv = pk11_copyAttributes(arena, targetSlot, targetCrlID, sourceSlot, id,
+ crlCopyTemplate, crlCopyTemplateCount);
+done:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * SMIME objects
+ *
+ *************************************************************************/
+
+/*
+ * use the raw PKCS #11 interface to merge the S/MIME records
+ */
+static SECStatus
+pk11_mergeSmime(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ CK_OBJECT_HANDLE targetSmimeID;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+ CK_ATTRIBUTE smimeTemplate[] = {
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_NSS_EMAIL, NULL, 0 },
+ { CKA_CLASS, NULL, 0 },
+ };
+ CK_ULONG smimeTemplateCount =
+ sizeof(smimeTemplate) / sizeof(smimeTemplate[0]);
+ CK_ATTRIBUTE smimeCopyTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_LABEL, NULL, 0 },
+ { CKA_PRIVATE, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_NSS_EMAIL, NULL, 0 },
+ { CKA_NSS_SMIME_TIMESTAMP, NULL, 0 },
+ { CKA_VALUE, NULL, 0 }
+ };
+ CK_ULONG smimeCopyTemplateCount =
+ sizeof(smimeCopyTemplate) / sizeof(smimeCopyTemplate[0]);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ /* check to see if the crl is already in the target slot */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot, smimeTemplate,
+ smimeTemplateCount, id, &targetSmimeID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ if (targetSmimeID != CK_INVALID_HANDLE) {
+ /* we already have a SMIME record */
+ goto done;
+ }
+
+ /* load the SMime Record into the target token. */
+ rv = pk11_copyAttributes(arena, targetSlot, targetSmimeID, sourceSlot, id,
+ smimeCopyTemplate, smimeCopyTemplateCount);
+done:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Trust Objects
+ *
+ *************************************************************************/
+
+/*
+ * decide which trust record entry wins. PR_TRUE (source) or PR_FALSE (target)
+ */
+#define USE_TARGET PR_FALSE
+#define USE_SOURCE PR_TRUE
+PRBool
+pk11_mergeTrustEntry(CK_ATTRIBUTE *target, CK_ATTRIBUTE *source)
+{
+ CK_ULONG targetTrust = (target->ulValueLen == sizeof(CK_LONG)) ? *(CK_ULONG *)target->pValue
+ : CKT_NSS_TRUST_UNKNOWN;
+ CK_ULONG sourceTrust = (source->ulValueLen == sizeof(CK_LONG)) ? *(CK_ULONG *)source->pValue
+ : CKT_NSS_TRUST_UNKNOWN;
+
+ /*
+ * Examine a single entry and deside if the source or target version
+ * should win out. When all the entries have been checked, if there is
+ * any case we need to update, we will write the whole source record
+ * to the target database. That means for each individual record, if the
+ * target wins, we need to update the source (in case later we have a
+ * case where the source wins). If the source wins, it already
+ */
+ if (sourceTrust == targetTrust) {
+ return USE_TARGET; /* which equates to 'do nothing' */
+ }
+
+ if (sourceTrust == CKT_NSS_TRUST_UNKNOWN) {
+ return USE_TARGET;
+ }
+
+ /* target has no idea, use the source's idea of the trust value */
+ if (targetTrust == CKT_NSS_TRUST_UNKNOWN) {
+ /* source overwrites the target */
+ return USE_SOURCE;
+ }
+
+ /* so both the target and the source have some idea of what this
+ * trust attribute should be, and neither agree exactly.
+ * At this point, we prefer 'hard' attributes over 'soft' ones.
+ * 'hard' ones are CKT_NSS_TRUSTED, CKT_NSS_TRUSTED_DELEGATOR, and
+ * CKT_NSS_UNTRUTED. Soft ones are ones which don't change the
+ * actual trust of the cert (CKT_MUST_VERIFY, CKT_NSS_VALID,
+ * CKT_NSS_VALID_DELEGATOR).
+ */
+ if ((sourceTrust == CKT_NSS_MUST_VERIFY_TRUST) ||
+ (sourceTrust == CKT_NSS_VALID_DELEGATOR)) {
+ return USE_TARGET;
+ }
+ if ((targetTrust == CKT_NSS_MUST_VERIFY_TRUST) ||
+ (targetTrust == CKT_NSS_VALID_DELEGATOR)) {
+ /* source overrites the target */
+ return USE_SOURCE;
+ }
+
+ /* both have hard attributes, we have a conflict, let the target win. */
+ return USE_TARGET;
+}
+/*
+ * use the raw PKCS #11 interface to merge the S/MIME records
+ */
+static SECStatus
+pk11_mergeTrust(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+ CK_OBJECT_HANDLE targetTrustID;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECSuccess;
+ int error = 0;
+ CK_ATTRIBUTE trustTemplate[] = {
+ { CKA_ISSUER, NULL, 0 },
+ { CKA_SERIAL_NUMBER, NULL, 0 },
+ { CKA_CLASS, NULL, 0 },
+ };
+ CK_ULONG trustTemplateCount =
+ sizeof(trustTemplate) / sizeof(trustTemplate[0]);
+ CK_ATTRIBUTE trustCopyTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_LABEL, NULL, 0 },
+ { CKA_PRIVATE, NULL, 0 },
+ { CKA_MODIFIABLE, NULL, 0 },
+ { CKA_ISSUER, NULL, 0 },
+ { CKA_SERIAL_NUMBER, NULL, 0 },
+ { CKA_CERT_SHA1_HASH, NULL, 0 },
+ { CKA_CERT_MD5_HASH, NULL, 0 },
+ { CKA_TRUST_SERVER_AUTH, NULL, 0 },
+ { CKA_TRUST_CLIENT_AUTH, NULL, 0 },
+ { CKA_TRUST_CODE_SIGNING, NULL, 0 },
+ { CKA_TRUST_EMAIL_PROTECTION, NULL, 0 },
+ { CKA_TRUST_STEP_UP_APPROVED, NULL, 0 }
+ };
+ CK_ULONG trustCopyTemplateCount =
+ sizeof(trustCopyTemplate) / sizeof(trustCopyTemplate[0]);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+ /* check to see if the crl is already in the target slot */
+ rv = pk11_matchAcrossTokens(arena, targetSlot, sourceSlot, trustTemplate,
+ trustTemplateCount, id, &targetTrustID);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ if (targetTrustID != CK_INVALID_HANDLE) {
+ /* a matching trust record already exists, merge it in */
+ CK_ATTRIBUTE_TYPE trustAttrs[] = {
+ CKA_TRUST_SERVER_AUTH, CKA_TRUST_CLIENT_AUTH,
+ CKA_TRUST_CODE_SIGNING, CKA_TRUST_EMAIL_PROTECTION,
+ CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER,
+ CKA_TRUST_TIME_STAMPING
+ };
+ CK_ULONG trustAttrsCount =
+ sizeof(trustAttrs) / sizeof(trustAttrs[0]);
+
+ CK_ULONG i;
+ CK_ATTRIBUTE targetTemplate, sourceTemplate;
+
+ /* existing trust record, merge the two together */
+ for (i = 0; i < trustAttrsCount; i++) {
+ targetTemplate.type = sourceTemplate.type = trustAttrs[i];
+ targetTemplate.pValue = sourceTemplate.pValue = NULL;
+ targetTemplate.ulValueLen = sourceTemplate.ulValueLen = 0;
+ PK11_GetAttributes(arena, sourceSlot, id, &sourceTemplate, 1);
+ PK11_GetAttributes(arena, targetSlot, targetTrustID,
+ &targetTemplate, 1);
+ if (pk11_mergeTrustEntry(&targetTemplate, &sourceTemplate)) {
+ /* source wins, write out the source attribute to the target */
+ SECStatus lrv = pk11_setAttributes(targetSlot, targetTrustID,
+ &sourceTemplate, 1);
+ if (lrv != SECSuccess) {
+ rv = SECFailure;
+ error = PORT_GetError();
+ }
+ }
+ }
+
+ /* handle step */
+ sourceTemplate.type = CKA_TRUST_STEP_UP_APPROVED;
+ sourceTemplate.pValue = NULL;
+ sourceTemplate.ulValueLen = 0;
+
+ /* if the source has steup set, then set it in the target */
+ PK11_GetAttributes(arena, sourceSlot, id, &sourceTemplate, 1);
+ if ((sourceTemplate.ulValueLen == sizeof(CK_BBOOL)) &&
+ (sourceTemplate.pValue) &&
+ (*(CK_BBOOL *)sourceTemplate.pValue == CK_TRUE)) {
+ SECStatus lrv = pk11_setAttributes(targetSlot, targetTrustID,
+ &sourceTemplate, 1);
+ if (lrv != SECSuccess) {
+ rv = SECFailure;
+ error = PORT_GetError();
+ }
+ }
+
+ goto done;
+ }
+
+ /* load the new trust Record into the target token. */
+ rv = pk11_copyAttributes(arena, targetSlot, targetTrustID, sourceSlot, id,
+ trustCopyTemplate, trustCopyTemplateCount);
+done:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ /* restore the error code */
+ if (rv == SECFailure && error) {
+ PORT_SetError(error);
+ }
+
+ return rv;
+}
+
+/*************************************************************************
+ *
+ * Central merge code
+ *
+ *************************************************************************/
+/*
+ * merge a single object from sourceToken to targetToken
+ */
+static SECStatus
+pk11_mergeObject(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE id, void *targetPwArg, void *sourcePwArg)
+{
+
+ CK_OBJECT_CLASS objClass;
+
+ objClass = PK11_ReadULongAttribute(sourceSlot, id, CKA_CLASS);
+ if (objClass == (CK_ULONG)-1) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE);
+ return SECFailure;
+ }
+
+ switch (objClass) {
+ case CKO_CERTIFICATE:
+ return pk11_mergeCert(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ case CKO_NSS_TRUST:
+ return pk11_mergeTrust(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ case CKO_PUBLIC_KEY:
+ return pk11_mergePublicKey(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ case CKO_PRIVATE_KEY:
+ return pk11_mergePrivateKey(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ case CKO_SECRET_KEY:
+ return pk11_mergeSecretKey(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ case CKO_NSS_CRL:
+ return pk11_mergeCrl(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ case CKO_NSS_SMIME:
+ return pk11_mergeSmime(targetSlot, sourceSlot, id,
+ targetPwArg, sourcePwArg);
+ default:
+ break;
+ }
+
+ PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE);
+ return SECFailure;
+}
+
+PK11MergeLogNode *
+pk11_newMergeLogNode(PLArenaPool *arena,
+ PK11SlotInfo *slot, CK_OBJECT_HANDLE id, int error)
+{
+ PK11MergeLogNode *newLog;
+ PK11GenericObject *obj;
+
+ newLog = PORT_ArenaZNew(arena, PK11MergeLogNode);
+ if (newLog == NULL) {
+ return NULL;
+ }
+
+ obj = PORT_ArenaZNew(arena, PK11GenericObject);
+ if (!obj) {
+ return NULL;
+ }
+
+ /* initialize it */
+ obj->slot = slot;
+ obj->objectID = id;
+
+ newLog->object = obj;
+ newLog->error = error;
+ return newLog;
+}
+
+/*
+ * walk down each entry and merge it. keep track of the errors in the log
+ */
+static SECStatus
+pk11_mergeByObjectIDs(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ CK_OBJECT_HANDLE *objectIDs, int count,
+ PK11MergeLog *log, void *targetPwArg, void *sourcePwArg)
+{
+ SECStatus rv = SECSuccess;
+ int error = SEC_ERROR_LIBRARY_FAILURE;
+ int i;
+
+ for (i = 0; i < count; i++) {
+ /* try to update the entire database. On failure, keep going,
+ * but remember the error to report back to the caller */
+ SECStatus lrv;
+ PK11MergeLogNode *newLog;
+
+ lrv = pk11_mergeObject(targetSlot, sourceSlot, objectIDs[i],
+ targetPwArg, sourcePwArg);
+ if (lrv == SECSuccess) {
+ /* merged with no problem, go to next object */
+ continue;
+ }
+
+ /* remember that we failed and why */
+ rv = SECFailure;
+ error = PORT_GetError();
+
+ /* log the errors */
+ if (!log) {
+ /* not logging, go to next entry */
+ continue;
+ }
+ newLog = pk11_newMergeLogNode(log->arena, sourceSlot,
+ objectIDs[i], error);
+ if (!newLog) {
+ /* failed to allocate entry, just keep going */
+ continue;
+ }
+
+ /* link in the errorlog entry */
+ newLog->next = NULL;
+ if (log->tail) {
+ log->tail->next = newLog;
+ } else {
+ log->head = newLog;
+ }
+ newLog->prev = log->tail;
+ log->tail = newLog;
+ }
+
+ /* restore the last error code */
+ if (rv != SECSuccess) {
+ PORT_SetError(error);
+ }
+ return rv;
+}
+
+/*
+ * Merge all the records in sourceSlot that aren't in targetSlot
+ *
+ * This function will return failure if not all the objects
+ * successfully merged.
+ *
+ * Applications can pass in an optional error log which will record
+ * each failing object and why it failed to import. PK11MergeLog
+ * is modelled after the CERTVerifyLog.
+ */
+SECStatus
+PK11_MergeTokens(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ PK11MergeLog *log, void *targetPwArg, void *sourcePwArg)
+{
+ SECStatus rv = SECSuccess, lrv = SECSuccess;
+ int error = SEC_ERROR_LIBRARY_FAILURE;
+ int count = 0;
+ CK_ATTRIBUTE search[2];
+ CK_OBJECT_HANDLE *objectIDs = NULL;
+ CK_BBOOL ck_true = CK_TRUE;
+ CK_OBJECT_CLASS privKey = CKO_PRIVATE_KEY;
+
+ PK11_SETATTRS(&search[0], CKA_TOKEN, &ck_true, sizeof(ck_true));
+ PK11_SETATTRS(&search[1], CKA_CLASS, &privKey, sizeof(privKey));
+ /*
+ * make sure both tokens are already authenticated if need be.
+ */
+ rv = PK11_Authenticate(targetSlot, PR_TRUE, targetPwArg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = PK11_Authenticate(sourceSlot, PR_TRUE, sourcePwArg);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* turns out the old DB's are rather fragile if the private keys aren't
+ * merged in first, so do the private keys explicity. */
+ objectIDs = pk11_FindObjectsByTemplate(sourceSlot, search, 2, &count);
+ if (objectIDs) {
+ lrv = pk11_mergeByObjectIDs(targetSlot, sourceSlot,
+ objectIDs, count, log,
+ targetPwArg, sourcePwArg);
+ if (lrv != SECSuccess) {
+ error = PORT_GetError();
+ }
+ PORT_Free(objectIDs);
+ count = 0;
+ }
+
+ /* now do the rest (NOTE: this will repeat the private keys, but
+ * that shouldnt' be an issue as we will notice they are already
+ * merged in */
+ objectIDs = pk11_FindObjectsByTemplate(sourceSlot, search, 1, &count);
+ if (!objectIDs) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = pk11_mergeByObjectIDs(targetSlot, sourceSlot, objectIDs, count, log,
+ targetPwArg, sourcePwArg);
+ if (rv == SECSuccess) {
+ /* if private keys failed, but the rest succeeded, be sure to let
+ * the caller know that private keys failed and why.
+ * NOTE: this is highly unlikely since the same keys that failed
+ * in the previous merge call will most likely fail in this one */
+ if (lrv != SECSuccess) {
+ rv = lrv;
+ PORT_SetError(error);
+ }
+ }
+
+loser:
+ if (objectIDs) {
+ PORT_Free(objectIDs);
+ }
+ return rv;
+}
+
+PK11MergeLog *
+PK11_CreateMergeLog(void)
+{
+ PLArenaPool *arena;
+ PK11MergeLog *log;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ log = PORT_ArenaZNew(arena, PK11MergeLog);
+ if (log == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ log->arena = arena;
+ log->version = 1;
+ return log;
+}
+
+void
+PK11_DestroyMergeLog(PK11MergeLog *log)
+{
+ if (log && log->arena) {
+ PORT_FreeArena(log->arena, PR_FALSE);
+ }
+}
diff --git a/security/nss/lib/pk11wrap/pk11nobj.c b/security/nss/lib/pk11wrap/pk11nobj.c
new file mode 100644
index 000000000..41d1d9688
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11nobj.c
@@ -0,0 +1,791 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file manages Netscape specific PKCS #11 objects (CRLs, Trust objects,
+ * etc).
+ */
+
+#include "secport.h"
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "cert.h"
+#include "certi.h"
+#include "secitem.h"
+#include "sechash.h"
+#include "secoid.h"
+
+#include "certdb.h"
+#include "secerr.h"
+
+#include "pki3hack.h"
+#include "dev3hack.h"
+
+#include "devm.h"
+#include "pki.h"
+#include "pkim.h"
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+CK_TRUST
+pk11_GetTrustField(PK11SlotInfo *slot, PLArenaPool *arena,
+ CK_OBJECT_HANDLE id, CK_ATTRIBUTE_TYPE type)
+{
+ CK_TRUST rv = 0;
+ SECItem item;
+
+ item.data = NULL;
+ item.len = 0;
+
+ if (SECSuccess == PK11_ReadAttribute(slot, id, type, arena, &item)) {
+ PORT_Assert(item.len == sizeof(CK_TRUST));
+ PORT_Memcpy(&rv, item.data, sizeof(CK_TRUST));
+ /* Damn, is there an endian problem here? */
+ return rv;
+ }
+
+ return 0;
+}
+
+PRBool
+pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert, CERTCertTrust *trust)
+{
+ PLArenaPool *arena;
+
+ CK_ATTRIBUTE tobjTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_CERT_SHA1_HASH, NULL, 0 },
+ };
+
+ CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
+ CK_OBJECT_HANDLE tobjID;
+ unsigned char sha1_hash[SHA1_LENGTH];
+
+ CK_TRUST serverAuth, codeSigning, emailProtection, clientAuth;
+
+ PK11_HashBuf(SEC_OID_SHA1, sha1_hash, cert->derCert.data, cert->derCert.len);
+
+ PK11_SETATTRS(&tobjTemplate[0], CKA_CLASS, &tobjc, sizeof(tobjc));
+ PK11_SETATTRS(&tobjTemplate[1], CKA_CERT_SHA1_HASH, sha1_hash,
+ SHA1_LENGTH);
+
+ tobjID = pk11_FindObjectByTemplate(slot, tobjTemplate,
+ sizeof(tobjTemplate) / sizeof(tobjTemplate[0]));
+ if (CK_INVALID_HANDLE == tobjID) {
+ return PR_FALSE;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (NULL == arena)
+ return PR_FALSE;
+
+ /* Unfortunately, it seems that PK11_GetAttributes doesn't deal
+ * well with nonexistent attributes. I guess we have to check
+ * the trust info fields one at a time.
+ */
+
+ /* We could verify CKA_CERT_HASH here */
+
+ /* We could verify CKA_EXPIRES here */
+
+ /* "Purpose" trust information */
+ serverAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_SERVER_AUTH);
+ clientAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CLIENT_AUTH);
+ codeSigning = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CODE_SIGNING);
+ emailProtection = pk11_GetTrustField(slot, arena, tobjID,
+ CKA_TRUST_EMAIL_PROTECTION);
+ /* Here's where the fun logic happens. We have to map back from the
+ * key usage, extended key usage, purpose, and possibly other trust values
+ * into the old trust-flags bits. */
+
+ /* First implementation: keep it simple for testing. We can study what other
+ * mappings would be appropriate and add them later.. fgmr 20000724 */
+
+ if (serverAuth == CKT_NSS_TRUSTED) {
+ trust->sslFlags |= CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED;
+ }
+
+ if (serverAuth == CKT_NSS_TRUSTED_DELEGATOR) {
+ trust->sslFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA |
+ CERTDB_NS_TRUSTED_CA;
+ }
+ if (clientAuth == CKT_NSS_TRUSTED_DELEGATOR) {
+ trust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
+ }
+
+ if (emailProtection == CKT_NSS_TRUSTED) {
+ trust->emailFlags |= CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED;
+ }
+
+ if (emailProtection == CKT_NSS_TRUSTED_DELEGATOR) {
+ trust->emailFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
+ }
+
+ if (codeSigning == CKT_NSS_TRUSTED) {
+ trust->objectSigningFlags |= CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED;
+ }
+
+ if (codeSigning == CKT_NSS_TRUSTED_DELEGATOR) {
+ trust->objectSigningFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
+ }
+
+ /* There's certainly a lot more logic that can go here.. */
+
+ PORT_FreeArena(arena, PR_FALSE);
+
+ return PR_TRUE;
+}
+
+static SECStatus
+pk11_CollectCrls(PK11SlotInfo *slot, CK_OBJECT_HANDLE crlID, void *arg)
+{
+ SECItem derCrl;
+ CERTCrlHeadNode *head = (CERTCrlHeadNode *)arg;
+ CERTCrlNode *new_node = NULL;
+ CK_ATTRIBUTE fetchCrl[3] = {
+ { CKA_VALUE, NULL, 0 },
+ { CKA_NETSCAPE_KRL, NULL, 0 },
+ { CKA_NETSCAPE_URL, NULL, 0 },
+ };
+ const int fetchCrlSize = sizeof(fetchCrl) / sizeof(fetchCrl[2]);
+ CK_RV crv;
+ SECStatus rv = SECFailure;
+
+ crv = PK11_GetAttributes(head->arena, slot, crlID, fetchCrl, fetchCrlSize);
+ if (CKR_OK != crv) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ if (!fetchCrl[1].pValue) {
+ PORT_SetError(SEC_ERROR_CRL_INVALID);
+ goto loser;
+ }
+
+ new_node = (CERTCrlNode *)PORT_ArenaAlloc(head->arena, sizeof(CERTCrlNode));
+ if (new_node == NULL) {
+ goto loser;
+ }
+
+ if (*((CK_BBOOL *)fetchCrl[1].pValue))
+ new_node->type = SEC_KRL_TYPE;
+ else
+ new_node->type = SEC_CRL_TYPE;
+
+ derCrl.type = siBuffer;
+ derCrl.data = (unsigned char *)fetchCrl[0].pValue;
+ derCrl.len = fetchCrl[0].ulValueLen;
+ new_node->crl = CERT_DecodeDERCrl(head->arena, &derCrl, new_node->type);
+ if (new_node->crl == NULL) {
+ goto loser;
+ }
+
+ if (fetchCrl[2].pValue) {
+ int nnlen = fetchCrl[2].ulValueLen;
+ new_node->crl->url = (char *)PORT_ArenaAlloc(head->arena, nnlen + 1);
+ if (!new_node->crl->url) {
+ goto loser;
+ }
+ PORT_Memcpy(new_node->crl->url, fetchCrl[2].pValue, nnlen);
+ new_node->crl->url[nnlen] = 0;
+ } else {
+ new_node->crl->url = NULL;
+ }
+
+ new_node->next = NULL;
+ if (head->last) {
+ head->last->next = new_node;
+ head->last = new_node;
+ } else {
+ head->first = head->last = new_node;
+ }
+ rv = SECSuccess;
+
+loser:
+ return (rv);
+}
+
+/*
+ * Return a list of all the CRLs .
+ * CRLs are allocated in the list's arena.
+ */
+SECStatus
+PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx)
+{
+ pk11TraverseSlot creater;
+ CK_ATTRIBUTE theTemplate[2];
+ CK_ATTRIBUTE *attrs;
+ CK_OBJECT_CLASS certClass = CKO_NETSCAPE_CRL;
+ CK_BBOOL isKrl = CK_FALSE;
+
+ attrs = theTemplate;
+ PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
+ attrs++;
+ if (type != -1) {
+ isKrl = (CK_BBOOL)(type == SEC_KRL_TYPE);
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, &isKrl, sizeof(isKrl));
+ attrs++;
+ }
+
+ creater.callback = pk11_CollectCrls;
+ creater.callbackArg = (void *)nodes;
+ creater.findTemplate = theTemplate;
+ creater.templateCount = (attrs - theTemplate);
+
+ return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, PR_FALSE, wincx);
+}
+
+struct crlOptionsStr {
+ CERTCrlHeadNode *head;
+ PRInt32 decodeOptions;
+};
+
+typedef struct crlOptionsStr crlOptions;
+
+static SECStatus
+pk11_RetrieveCrlsCallback(PK11SlotInfo *slot, CK_OBJECT_HANDLE crlID,
+ void *arg)
+{
+ SECItem *derCrl = NULL;
+ crlOptions *options = (crlOptions *)arg;
+ CERTCrlHeadNode *head = options->head;
+ CERTCrlNode *new_node = NULL;
+ CK_ATTRIBUTE fetchCrl[3] = {
+ { CKA_VALUE, NULL, 0 },
+ { CKA_NETSCAPE_KRL, NULL, 0 },
+ { CKA_NETSCAPE_URL, NULL, 0 },
+ };
+ const int fetchCrlSize = sizeof(fetchCrl) / sizeof(fetchCrl[2]);
+ CK_RV crv;
+ SECStatus rv = SECFailure;
+ PRBool adopted = PR_FALSE; /* whether the CRL adopted the DER memory
+ successfully */
+ int i;
+
+ crv = PK11_GetAttributes(NULL, slot, crlID, fetchCrl, fetchCrlSize);
+ if (CKR_OK != crv) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ if (!fetchCrl[1].pValue) {
+ /* reject KRLs */
+ PORT_SetError(SEC_ERROR_CRL_INVALID);
+ goto loser;
+ }
+
+ new_node = (CERTCrlNode *)PORT_ArenaAlloc(head->arena,
+ sizeof(CERTCrlNode));
+ if (new_node == NULL) {
+ goto loser;
+ }
+
+ new_node->type = SEC_CRL_TYPE;
+
+ derCrl = SECITEM_AllocItem(NULL, NULL, 0);
+ if (!derCrl) {
+ goto loser;
+ }
+ derCrl->type = siBuffer;
+ derCrl->data = (unsigned char *)fetchCrl[0].pValue;
+ derCrl->len = fetchCrl[0].ulValueLen;
+ new_node->crl = CERT_DecodeDERCrlWithFlags(NULL, derCrl, new_node->type,
+ options->decodeOptions);
+ if (new_node->crl == NULL) {
+ goto loser;
+ }
+ adopted = PR_TRUE; /* now that the CRL has adopted the DER memory,
+ we won't need to free it upon exit */
+
+ if (fetchCrl[2].pValue && fetchCrl[2].ulValueLen) {
+ /* copy the URL if there is one */
+ int nnlen = fetchCrl[2].ulValueLen;
+ new_node->crl->url = (char *)PORT_ArenaAlloc(new_node->crl->arena,
+ nnlen + 1);
+ if (!new_node->crl->url) {
+ goto loser;
+ }
+ PORT_Memcpy(new_node->crl->url, fetchCrl[2].pValue, nnlen);
+ new_node->crl->url[nnlen] = 0;
+ } else {
+ new_node->crl->url = NULL;
+ }
+
+ new_node->next = NULL;
+ if (head->last) {
+ head->last->next = new_node;
+ head->last = new_node;
+ } else {
+ head->first = head->last = new_node;
+ }
+ rv = SECSuccess;
+ new_node->crl->slot = PK11_ReferenceSlot(slot);
+ new_node->crl->pkcs11ID = crlID;
+
+loser:
+ /* free attributes that weren't adopted by the CRL */
+ for (i = 1; i < fetchCrlSize; i++) {
+ if (fetchCrl[i].pValue) {
+ PORT_Free(fetchCrl[i].pValue);
+ }
+ }
+ /* free the DER if the CRL object didn't adopt it */
+ if (fetchCrl[0].pValue && PR_FALSE == adopted) {
+ PORT_Free(fetchCrl[0].pValue);
+ }
+ if (derCrl && !adopted) {
+ /* clear the data fields, which we already took care of above */
+ derCrl->data = NULL;
+ derCrl->len = 0;
+ /* free the memory for the SECItem structure itself */
+ SECITEM_FreeItem(derCrl, PR_TRUE);
+ }
+ return (rv);
+}
+
+/*
+ * Return a list of CRLs matching specified issuer and type
+ * CRLs are not allocated in the list's arena, but rather in their own,
+ * arena, so that they can be used individually in the CRL cache .
+ * CRLs are always partially decoded for efficiency.
+ */
+SECStatus
+pk11_RetrieveCrls(CERTCrlHeadNode *nodes, SECItem *issuer,
+ void *wincx)
+{
+ pk11TraverseSlot creater;
+ CK_ATTRIBUTE theTemplate[2];
+ CK_ATTRIBUTE *attrs;
+ CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
+ crlOptions options;
+
+ attrs = theTemplate;
+ PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass));
+ attrs++;
+
+ options.head = nodes;
+
+ /* - do a partial decoding - we don't need to decode the entries while fetching
+ - don't copy the DER for optimal performance - CRL can be very large
+ - have the CRL objects adopt the DER, so SEC_DestroyCrl will free it
+ - keep bad CRL objects. The CRL cache is interested in them, for
+ security purposes. Bad CRL objects are a sign of something amiss.
+ */
+
+ options.decodeOptions = CRL_DECODE_SKIP_ENTRIES | CRL_DECODE_DONT_COPY_DER |
+ CRL_DECODE_ADOPT_HEAP_DER | CRL_DECODE_KEEP_BAD_CRL;
+ if (issuer) {
+ PK11_SETATTRS(attrs, CKA_SUBJECT, issuer->data, issuer->len);
+ attrs++;
+ }
+
+ creater.callback = pk11_RetrieveCrlsCallback;
+ creater.callbackArg = (void *)&options;
+ creater.findTemplate = theTemplate;
+ creater.templateCount = (attrs - theTemplate);
+
+ return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, PR_FALSE, wincx);
+}
+
+/*
+ * return the crl associated with a derSubjectName
+ */
+SECItem *
+PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *crlHandle,
+ SECItem *name, int type, char **pUrl)
+{
+ NSSCRL **crls, **crlp, *crl = NULL;
+ NSSDER subject;
+ SECItem *rvItem;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ char *url = NULL;
+
+ PORT_SetError(0);
+ NSSITEM_FROM_SECITEM(&subject, name);
+ if (*slot) {
+ nssCryptokiObject **instances;
+ nssPKIObjectCollection *collection;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ NSSToken *token = PK11Slot_GetNSSToken(*slot);
+ collection = nssCRLCollection_Create(td, NULL);
+ if (!collection) {
+ goto loser;
+ }
+ instances = nssToken_FindCRLsBySubject(token, NULL, &subject,
+ tokenOnly, 0, NULL);
+ nssPKIObjectCollection_AddInstances(collection, instances, 0);
+ nss_ZFreeIf(instances);
+ crls = nssPKIObjectCollection_GetCRLs(collection, NULL, 0, NULL);
+ nssPKIObjectCollection_Destroy(collection);
+ } else {
+ crls = nssTrustDomain_FindCRLsBySubject(td, &subject);
+ }
+ if ((!crls) || (*crls == NULL)) {
+ if (crls) {
+ nssCRLArray_Destroy(crls);
+ }
+ if (NSS_GetError() == NSS_ERROR_NOT_FOUND) {
+ PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
+ }
+ goto loser;
+ }
+ for (crlp = crls; *crlp; crlp++) {
+ if ((!(*crlp)->isKRL && type == SEC_CRL_TYPE) ||
+ ((*crlp)->isKRL && type != SEC_CRL_TYPE)) {
+ crl = nssCRL_AddRef(*crlp);
+ break;
+ }
+ }
+ nssCRLArray_Destroy(crls);
+ if (!crl) {
+ /* CRL collection was found, but no interesting CRL's were on it.
+ * Not an error */
+ PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
+ goto loser;
+ }
+ if (crl->url) {
+ url = PORT_Strdup(crl->url);
+ if (!url) {
+ goto loser;
+ }
+ }
+ rvItem = SECITEM_AllocItem(NULL, NULL, crl->encoding.size);
+ if (!rvItem) {
+ goto loser;
+ }
+ memcpy(rvItem->data, crl->encoding.data, crl->encoding.size);
+ *slot = PK11_ReferenceSlot(crl->object.instances[0]->token->pk11slot);
+ *crlHandle = crl->object.instances[0]->handle;
+ *pUrl = url;
+ nssCRL_Destroy(crl);
+ return rvItem;
+
+loser:
+ if (url)
+ PORT_Free(url);
+ if (crl)
+ nssCRL_Destroy(crl);
+ if (PORT_GetError() == 0) {
+ PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
+ }
+ return NULL;
+}
+
+CK_OBJECT_HANDLE
+PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl, SECItem *name,
+ char *url, int type)
+{
+ NSSItem derCRL, derSubject;
+ NSSToken *token = PK11Slot_GetNSSToken(slot);
+ nssCryptokiObject *object;
+ PRBool isKRL = (type == SEC_CRL_TYPE) ? PR_FALSE : PR_TRUE;
+ CK_OBJECT_HANDLE rvH;
+
+ NSSITEM_FROM_SECITEM(&derSubject, name);
+ NSSITEM_FROM_SECITEM(&derCRL, crl);
+
+ object = nssToken_ImportCRL(token, NULL,
+ &derSubject, &derCRL, isKRL, url, PR_TRUE);
+
+ if (object) {
+ rvH = object->handle;
+ nssCryptokiObject_Destroy(object);
+ } else {
+ rvH = CK_INVALID_HANDLE;
+ PORT_SetError(SEC_ERROR_CRL_IMPORT_FAILED);
+ }
+ return rvH;
+}
+
+/*
+ * delete a crl.
+ */
+SECStatus
+SEC_DeletePermCRL(CERTSignedCrl *crl)
+{
+ PRStatus status;
+ NSSToken *token;
+ nssCryptokiObject *object;
+ PK11SlotInfo *slot = crl->slot;
+
+ if (slot == NULL) {
+ PORT_Assert(slot);
+ /* shouldn't happen */
+ PORT_SetError(SEC_ERROR_CRL_INVALID);
+ return SECFailure;
+ }
+ token = PK11Slot_GetNSSToken(slot);
+
+ object = nss_ZNEW(NULL, nssCryptokiObject);
+ if (!object) {
+ return SECFailure;
+ }
+ object->token = nssToken_AddRef(token);
+ object->handle = crl->pkcs11ID;
+ object->isTokenObject = PR_TRUE;
+
+ status = nssToken_DeleteStoredObject(object);
+
+ nssCryptokiObject_Destroy(object);
+ return (status == PR_SUCCESS) ? SECSuccess : SECFailure;
+}
+
+/*
+ * return the certificate associated with a derCert
+ */
+SECItem *
+PK11_FindSMimeProfile(PK11SlotInfo **slot, char *emailAddr,
+ SECItem *name, SECItem **profileTime)
+{
+ CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_CLASS, NULL, 0 },
+ { CKA_NETSCAPE_EMAIL, NULL, 0 },
+ };
+ CK_ATTRIBUTE smimeData[] = {
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_VALUE, NULL, 0 },
+ };
+ /* if you change the array, change the variable below as well */
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
+ CK_ATTRIBUTE *attrs = theTemplate;
+ CK_RV crv;
+ SECItem *emailProfile = NULL;
+
+ if (!emailAddr || !emailAddr[0]) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL, emailAddr, strlen(emailAddr));
+ attrs++;
+
+ if (*slot) {
+ smimeh = pk11_FindObjectByTemplate(*slot, theTemplate, tsize);
+ } else {
+ PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
+ PR_FALSE, PR_TRUE, NULL);
+ PK11SlotListElement *le;
+
+ if (!list) {
+ return NULL;
+ }
+ /* loop through all the slots */
+ for (le = list->head; le; le = le->next) {
+ smimeh = pk11_FindObjectByTemplate(le->slot, theTemplate, tsize);
+ if (smimeh != CK_INVALID_HANDLE) {
+ *slot = PK11_ReferenceSlot(le->slot);
+ break;
+ }
+ }
+ PK11_FreeSlotList(list);
+ }
+
+ if (smimeh == CK_INVALID_HANDLE) {
+ PORT_SetError(SEC_ERROR_NO_KRL);
+ return NULL;
+ }
+
+ if (profileTime) {
+ PK11_SETATTRS(smimeData, CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0);
+ }
+
+ crv = PK11_GetAttributes(NULL, *slot, smimeh, smimeData, 2);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ if (!profileTime) {
+ SECItem profileSubject;
+
+ profileSubject.data = (unsigned char *)smimeData[0].pValue;
+ profileSubject.len = smimeData[0].ulValueLen;
+ if (!SECITEM_ItemsAreEqual(&profileSubject, name)) {
+ goto loser;
+ }
+ }
+
+ emailProfile = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (emailProfile == NULL) {
+ goto loser;
+ }
+
+ emailProfile->data = (unsigned char *)smimeData[1].pValue;
+ emailProfile->len = smimeData[1].ulValueLen;
+
+ if (profileTime) {
+ *profileTime = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (*profileTime) {
+ (*profileTime)->data = (unsigned char *)smimeData[0].pValue;
+ (*profileTime)->len = smimeData[0].ulValueLen;
+ }
+ }
+
+loser:
+ if (emailProfile == NULL) {
+ if (smimeData[1].pValue) {
+ PORT_Free(smimeData[1].pValue);
+ }
+ }
+ if (profileTime == NULL || *profileTime == NULL) {
+ if (smimeData[0].pValue) {
+ PORT_Free(smimeData[0].pValue);
+ }
+ }
+ return emailProfile;
+}
+
+SECStatus
+PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
+ SECItem *emailProfile, SECItem *profileTime)
+{
+ CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
+ CK_BBOOL ck_true = CK_TRUE;
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_SUBJECT, NULL, 0 },
+ { CKA_NETSCAPE_EMAIL, NULL, 0 },
+ { CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0 },
+ { CKA_VALUE, NULL, 0 }
+ };
+ /* if you change the array, change the variable below as well */
+ int realSize = 0;
+ CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
+ CK_ATTRIBUTE *attrs = theTemplate;
+ CK_SESSION_HANDLE rwsession;
+ PK11SlotInfo *free_slot = NULL;
+ CK_RV crv;
+#ifdef DEBUG
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+#endif
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, &ck_true, sizeof(ck_true));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SUBJECT, derSubj->data, derSubj->len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL,
+ emailAddr, PORT_Strlen(emailAddr) + 1);
+ attrs++;
+ if (profileTime) {
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_SMIME_TIMESTAMP, profileTime->data,
+ profileTime->len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE, emailProfile->data,
+ emailProfile->len);
+ attrs++;
+ }
+ realSize = attrs - theTemplate;
+ PORT_Assert(realSize <= tsize);
+
+ if (slot == NULL) {
+ free_slot = slot = PK11_GetInternalKeySlot();
+ /* we need to free the key slot in the end!!! */
+ }
+
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_READ_ONLY);
+ if (free_slot) {
+ PK11_FreeSlot(free_slot);
+ }
+ return SECFailure;
+ }
+
+ crv = PK11_GETTAB(slot)->C_CreateObject(rwsession, theTemplate, realSize, &smimeh);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ }
+
+ PK11_RestoreROSession(slot, rwsession);
+
+ if (free_slot) {
+ PK11_FreeSlot(free_slot);
+ }
+ return SECSuccess;
+}
+
+CERTSignedCrl *crl_storeCRL(PK11SlotInfo *slot, char *url,
+ CERTSignedCrl *newCrl, SECItem *derCrl, int type);
+
+/* import the CRL into the token */
+
+CERTSignedCrl *
+PK11_ImportCRL(PK11SlotInfo *slot, SECItem *derCRL, char *url,
+ int type, void *wincx, PRInt32 importOptions, PLArenaPool *arena,
+ PRInt32 decodeoptions)
+{
+ CERTSignedCrl *newCrl, *crl;
+ SECStatus rv;
+ CERTCertificate *caCert = NULL;
+
+ newCrl = crl = NULL;
+
+ do {
+ newCrl = CERT_DecodeDERCrlWithFlags(arena, derCRL, type,
+ decodeoptions);
+ if (newCrl == NULL) {
+ if (type == SEC_CRL_TYPE) {
+ /* only promote error when the error code is too generic */
+ if (PORT_GetError() == SEC_ERROR_BAD_DER)
+ PORT_SetError(SEC_ERROR_CRL_INVALID);
+ } else {
+ PORT_SetError(SEC_ERROR_KRL_INVALID);
+ }
+ break;
+ }
+
+ if (0 == (importOptions & CRL_IMPORT_BYPASS_CHECKS)) {
+ CERTCertDBHandle *handle = CERT_GetDefaultCertDB();
+ PR_ASSERT(handle != NULL);
+ caCert = CERT_FindCertByName(handle,
+ &newCrl->crl.derName);
+ if (caCert == NULL) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
+ break;
+ }
+
+ /* If caCert is a v3 certificate, make sure that it can be used for
+ crl signing purpose */
+ rv = CERT_CheckCertUsage(caCert, KU_CRL_SIGN);
+ if (rv != SECSuccess) {
+ break;
+ }
+
+ rv = CERT_VerifySignedData(&newCrl->signatureWrap, caCert,
+ PR_Now(), wincx);
+ if (rv != SECSuccess) {
+ if (type == SEC_CRL_TYPE) {
+ PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
+ } else {
+ PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
+ }
+ break;
+ }
+ }
+
+ crl = crl_storeCRL(slot, url, newCrl, derCRL, type);
+
+ } while (0);
+
+ if (crl == NULL) {
+ SEC_DestroyCrl(newCrl);
+ }
+ if (caCert) {
+ CERT_DestroyCertificate(caCert);
+ }
+ return (crl);
+}
diff --git a/security/nss/lib/pk11wrap/pk11obj.c b/security/nss/lib/pk11wrap/pk11obj.c
new file mode 100644
index 000000000..18850b29d
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11obj.c
@@ -0,0 +1,2098 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file manages object type indepentent functions.
+ */
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pkcs11t.h"
+#include "pk11func.h"
+#include "key.h"
+#include "secitem.h"
+#include "secerr.h"
+#include "sslerr.h"
+
+#define PK11_SEARCH_CHUNKSIZE 10
+
+/*
+ * Build a block big enough to hold the data
+ */
+SECItem *
+PK11_BlockData(SECItem *data, unsigned long size)
+{
+ SECItem *newData;
+
+ if (size == 0u)
+ return NULL;
+
+ newData = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (newData == NULL)
+ return NULL;
+
+ newData->len = (data->len + (size - 1)) / size;
+ newData->len *= size;
+
+ newData->data = (unsigned char *)PORT_ZAlloc(newData->len);
+ if (newData->data == NULL) {
+ PORT_Free(newData);
+ return NULL;
+ }
+ PORT_Memset(newData->data, newData->len - data->len, newData->len);
+ PORT_Memcpy(newData->data, data->data, data->len);
+ return newData;
+}
+
+SECStatus
+PK11_DestroyObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE object)
+{
+ CK_RV crv;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_DestroyObject(slot->session, object);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_DestroyTokenObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE object)
+{
+ CK_RV crv;
+ SECStatus rv = SECSuccess;
+ CK_SESSION_HANDLE rwsession;
+
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+
+ crv = PK11_GETTAB(slot)->C_DestroyObject(rwsession, object);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ PORT_SetError(PK11_MapError(crv));
+ }
+ PK11_RestoreROSession(slot, rwsession);
+ return rv;
+}
+
+/*
+ * Read in a single attribute into a SECItem. Allocate space for it with
+ * PORT_Alloc unless an arena is supplied. In the latter case use the arena
+ * to allocate the space.
+ *
+ * PK11_ReadAttribute sets the 'data' and 'len' fields of the SECItem but
+ * does not modify its 'type' field.
+ */
+SECStatus
+PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type, PLArenaPool *arena, SECItem *result)
+{
+ CK_ATTRIBUTE attr = { 0, NULL, 0 };
+ CK_RV crv;
+
+ attr.type = type;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session, id, &attr, 1);
+ if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ if (arena) {
+ attr.pValue = PORT_ArenaAlloc(arena, attr.ulValueLen);
+ } else {
+ attr.pValue = PORT_Alloc(attr.ulValueLen);
+ }
+ if (attr.pValue == NULL) {
+ PK11_ExitSlotMonitor(slot);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session, id, &attr, 1);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ if (!arena)
+ PORT_Free(attr.pValue);
+ return SECFailure;
+ }
+
+ result->data = (unsigned char *)attr.pValue;
+ result->len = attr.ulValueLen;
+
+ return SECSuccess;
+}
+
+/*
+ * Read in a single attribute into As a Ulong.
+ */
+CK_ULONG
+PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type)
+{
+ CK_ATTRIBUTE attr;
+ CK_ULONG value = CK_UNAVAILABLE_INFORMATION;
+ CK_RV crv;
+
+ PK11_SETATTRS(&attr, type, &value, sizeof(value));
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session, id, &attr, 1);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ }
+ return value;
+}
+
+/*
+ * check to see if a bool has been set.
+ */
+CK_BBOOL
+PK11_HasAttributeSet(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type, PRBool haslock)
+{
+ CK_BBOOL ckvalue = CK_FALSE;
+ CK_ATTRIBUTE theTemplate;
+ CK_RV crv;
+
+ /* Prepare to retrieve the attribute. */
+ PK11_SETATTRS(&theTemplate, type, &ckvalue, sizeof(CK_BBOOL));
+
+ /* Retrieve attribute value. */
+ if (!haslock)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session, id,
+ &theTemplate, 1);
+ if (!haslock)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return CK_FALSE;
+ }
+
+ return ckvalue;
+}
+
+/*
+ * returns a full list of attributes. Allocate space for them. If an arena is
+ * provided, allocate space out of the arena.
+ */
+CK_RV
+PK11_GetAttributes(PLArenaPool *arena, PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE obj, CK_ATTRIBUTE *attr, int count)
+{
+ int i;
+ /* make pedantic happy... note that it's only used arena != NULL */
+ void *mark = NULL;
+ CK_RV crv;
+ PORT_Assert(slot->session != CK_INVALID_SESSION);
+ if (slot->session == CK_INVALID_SESSION)
+ return CKR_SESSION_HANDLE_INVALID;
+
+ /*
+ * first get all the lengths of the parameters.
+ */
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session, obj, attr, count);
+ if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
+ return crv;
+ }
+
+ if (arena) {
+ mark = PORT_ArenaMark(arena);
+ if (mark == NULL)
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * now allocate space to store the results.
+ */
+ for (i = 0; i < count; i++) {
+ if (attr[i].ulValueLen == 0)
+ continue;
+ if (arena) {
+ attr[i].pValue = PORT_ArenaAlloc(arena, attr[i].ulValueLen);
+ if (attr[i].pValue == NULL) {
+ /* arena failures, just release the mark */
+ PORT_ArenaRelease(arena, mark);
+ PK11_ExitSlotMonitor(slot);
+ return CKR_HOST_MEMORY;
+ }
+ } else {
+ attr[i].pValue = PORT_Alloc(attr[i].ulValueLen);
+ if (attr[i].pValue == NULL) {
+ /* Separate malloc failures, loop to release what we have
+ * so far */
+ int j;
+ for (j = 0; j < i; j++) {
+ PORT_Free(attr[j].pValue);
+ /* don't give the caller pointers to freed memory */
+ attr[j].pValue = NULL;
+ }
+ PK11_ExitSlotMonitor(slot);
+ return CKR_HOST_MEMORY;
+ }
+ }
+ }
+
+ /*
+ * finally get the results.
+ */
+ crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session, obj, attr, count);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ if (arena) {
+ PORT_ArenaRelease(arena, mark);
+ } else {
+ for (i = 0; i < count; i++) {
+ PORT_Free(attr[i].pValue);
+ /* don't give the caller pointers to freed memory */
+ attr[i].pValue = NULL;
+ }
+ }
+ } else if (arena && mark) {
+ PORT_ArenaUnmark(arena, mark);
+ }
+ return crv;
+}
+
+PRBool
+PK11_IsPermObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle)
+{
+ return (PRBool)PK11_HasAttributeSet(slot, handle, CKA_TOKEN, PR_FALSE);
+}
+
+char *
+PK11_GetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id)
+{
+ char *nickname = NULL;
+ SECItem result;
+ SECStatus rv;
+
+ rv = PK11_ReadAttribute(slot, id, CKA_LABEL, NULL, &result);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ nickname = PORT_ZAlloc(result.len + 1);
+ if (nickname == NULL) {
+ PORT_Free(result.data);
+ return NULL;
+ }
+ PORT_Memcpy(nickname, result.data, result.len);
+ PORT_Free(result.data);
+ return nickname;
+}
+
+SECStatus
+PK11_SetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ const char *nickname)
+{
+ int len = PORT_Strlen(nickname);
+ CK_ATTRIBUTE setTemplate;
+ CK_RV crv;
+ CK_SESSION_HANDLE rwsession;
+
+ if (len < 0) {
+ return SECFailure;
+ }
+
+ PK11_SETATTRS(&setTemplate, CKA_LABEL, (CK_CHAR *)nickname, len);
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, id,
+ &setTemplate, 1);
+ PK11_RestoreROSession(slot, rwsession);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * strip leading zero's from key material
+ */
+void
+pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib)
+{
+ char *ptr = (char *)attrib->pValue;
+ unsigned long len = attrib->ulValueLen;
+
+ while ((len > 1) && (*ptr == 0)) {
+ len--;
+ ptr++;
+ }
+ attrib->pValue = ptr;
+ attrib->ulValueLen = len;
+}
+
+/*
+ * get a new session on a slot. If we run out of session, use the slot's
+ * 'exclusive' session. In this case owner becomes false.
+ */
+CK_SESSION_HANDLE
+pk11_GetNewSession(PK11SlotInfo *slot, PRBool *owner)
+{
+ CK_SESSION_HANDLE session;
+ *owner = PR_TRUE;
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ if (PK11_GETTAB(slot)->C_OpenSession(slot->slotID, CKF_SERIAL_SESSION,
+ slot, pk11_notify, &session) != CKR_OK) {
+ *owner = PR_FALSE;
+ session = slot->session;
+ }
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+
+ return session;
+}
+
+void
+pk11_CloseSession(PK11SlotInfo *slot, CK_SESSION_HANDLE session, PRBool owner)
+{
+ if (!owner)
+ return;
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ (void)PK11_GETTAB(slot)->C_CloseSession(session);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+}
+
+SECStatus
+PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
+ const CK_ATTRIBUTE *theTemplate, int count,
+ PRBool token, CK_OBJECT_HANDLE *objectID)
+{
+ CK_SESSION_HANDLE rwsession;
+ CK_RV crv;
+ SECStatus rv = SECSuccess;
+
+ rwsession = session;
+ if (token) {
+ rwsession = PK11_GetRWSession(slot);
+ } else if (rwsession == CK_INVALID_SESSION) {
+ rwsession = slot->session;
+ if (rwsession != CK_INVALID_SESSION)
+ PK11_EnterSlotMonitor(slot);
+ }
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_CreateObject(rwsession,
+ /* cast away const :-( */ (CK_ATTRIBUTE_PTR)theTemplate,
+ count, objectID);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ }
+ if (token) {
+ PK11_RestoreROSession(slot, rwsession);
+ } else if (session == CK_INVALID_SESSION) {
+ PK11_ExitSlotMonitor(slot);
+ }
+
+ return rv;
+}
+
+/* This function may add a maximum of 9 attributes. */
+unsigned int
+pk11_OpFlagsToAttributes(CK_FLAGS flags, CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue)
+{
+
+ const static CK_ATTRIBUTE_TYPE attrTypes[12] = {
+ CKA_ENCRYPT, CKA_DECRYPT, 0 /* DIGEST */, CKA_SIGN,
+ CKA_SIGN_RECOVER, CKA_VERIFY, CKA_VERIFY_RECOVER, 0 /* GEN */,
+ 0 /* GEN PAIR */, CKA_WRAP, CKA_UNWRAP, CKA_DERIVE
+ };
+
+ const CK_ATTRIBUTE_TYPE *pType = attrTypes;
+ CK_ATTRIBUTE *attr = attrs;
+ CK_FLAGS test = CKF_ENCRYPT;
+
+ PR_ASSERT(!(flags & ~CKF_KEY_OPERATION_FLAGS));
+ flags &= CKF_KEY_OPERATION_FLAGS;
+
+ for (; flags && test <= CKF_DERIVE; test <<= 1, ++pType) {
+ if (test & flags) {
+ flags ^= test;
+ PR_ASSERT(*pType);
+ PK11_SETATTRS(attr, *pType, ckTrue, sizeof *ckTrue);
+ ++attr;
+ }
+ }
+ return (attr - attrs);
+}
+
+/*
+ * Check for conflicting flags, for example, if both PK11_ATTR_PRIVATE
+ * and PK11_ATTR_PUBLIC are set.
+ */
+PRBool
+pk11_BadAttrFlags(PK11AttrFlags attrFlags)
+{
+ PK11AttrFlags trueFlags = attrFlags & 0x55555555;
+ PK11AttrFlags falseFlags = (attrFlags >> 1) & 0x55555555;
+ return ((trueFlags & falseFlags) != 0);
+}
+
+/*
+ * This function may add a maximum of 5 attributes.
+ * The caller must make sure the attribute flags don't have conflicts.
+ */
+unsigned int
+pk11_AttrFlagsToAttributes(PK11AttrFlags attrFlags, CK_ATTRIBUTE *attrs,
+ CK_BBOOL *ckTrue, CK_BBOOL *ckFalse)
+{
+ const static CK_ATTRIBUTE_TYPE attrTypes[5] = {
+ CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_SENSITIVE,
+ CKA_EXTRACTABLE
+ };
+
+ const CK_ATTRIBUTE_TYPE *pType = attrTypes;
+ CK_ATTRIBUTE *attr = attrs;
+ PK11AttrFlags test = PK11_ATTR_TOKEN;
+
+ PR_ASSERT(!pk11_BadAttrFlags(attrFlags));
+
+ /* we test two related bitflags in each iteration */
+ for (; attrFlags && test <= PK11_ATTR_EXTRACTABLE; test <<= 2, ++pType) {
+ if (test & attrFlags) {
+ attrFlags ^= test;
+ PK11_SETATTRS(attr, *pType, ckTrue, sizeof *ckTrue);
+ ++attr;
+ } else if ((test << 1) & attrFlags) {
+ attrFlags ^= (test << 1);
+ PK11_SETATTRS(attr, *pType, ckFalse, sizeof *ckFalse);
+ ++attr;
+ }
+ }
+ return (attr - attrs);
+}
+
+/*
+ * Some non-compliant PKCS #11 vendors do not give us the modulus, so actually
+ * set up a signature to get the signaure length.
+ */
+static int
+pk11_backupGetSignLength(SECKEYPrivateKey *key)
+{
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_ULONG len;
+ CK_RV crv;
+ unsigned char h_data[20] = { 0 };
+ unsigned char buf[20]; /* obviously to small */
+ CK_ULONG smallLen = sizeof(buf);
+
+ mech.mechanism = PK11_MapSignKeyType(key->keyType);
+
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_SignInit(session, &mech, key->pkcs11ID);
+ if (crv != CKR_OK) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return -1;
+ }
+ len = 0;
+ crv = PK11_GETTAB(slot)->C_Sign(session, h_data, sizeof(h_data),
+ NULL, &len);
+ /* now call C_Sign with too small a buffer to clear the session state */
+ (void)PK11_GETTAB(slot)->C_Sign(session, h_data, sizeof(h_data), buf, &smallLen);
+
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return -1;
+ }
+ return len;
+}
+
+/*
+ * get the length of a signature object based on the key
+ */
+int
+PK11_SignatureLen(SECKEYPrivateKey *key)
+{
+ int val;
+ SECItem attributeItem = { siBuffer, NULL, 0 };
+ SECStatus rv;
+ int length;
+
+ switch (key->keyType) {
+ case rsaKey:
+ val = PK11_GetPrivateModulusLen(key);
+ if (val == -1) {
+ return pk11_backupGetSignLength(key);
+ }
+ return (unsigned long)val;
+
+ case fortezzaKey:
+ return 40;
+
+ case dsaKey:
+ rv = PK11_ReadAttribute(key->pkcs11Slot, key->pkcs11ID, CKA_SUBPRIME,
+ NULL, &attributeItem);
+ if (rv == SECSuccess) {
+ length = attributeItem.len;
+ if ((length > 0) && attributeItem.data[0] == 0) {
+ length--;
+ }
+ PORT_Free(attributeItem.data);
+ return length * 2;
+ }
+ return pk11_backupGetSignLength(key);
+
+ case ecKey:
+ rv = PK11_ReadAttribute(key->pkcs11Slot, key->pkcs11ID, CKA_EC_PARAMS,
+ NULL, &attributeItem);
+ if (rv == SECSuccess) {
+ length = SECKEY_ECParamsToBasePointOrderLen(&attributeItem);
+ PORT_Free(attributeItem.data);
+ if (length != 0) {
+ length = ((length + 7) / 8) * 2;
+ return length;
+ }
+ }
+ return pk11_backupGetSignLength(key);
+ default:
+ break;
+ }
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return 0;
+}
+
+/*
+ * copy a key (or any other object) on a token
+ */
+CK_OBJECT_HANDLE
+PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject)
+{
+ CK_OBJECT_HANDLE destObject;
+ CK_RV crv;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_CopyObject(slot->session, srcObject, NULL, 0,
+ &destObject);
+ PK11_ExitSlotMonitor(slot);
+ if (crv == CKR_OK)
+ return destObject;
+ PORT_SetError(PK11_MapError(crv));
+ return CK_INVALID_HANDLE;
+}
+
+PRBool
+pk11_FindAttrInTemplate(CK_ATTRIBUTE *attr, unsigned int numAttrs,
+ CK_ATTRIBUTE_TYPE target)
+{
+ for (; numAttrs > 0; ++attr, --numAttrs) {
+ if (attr->type == target)
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * Recover the Signed data. We need this because our old verify can't
+ * figure out which hash algorithm to use until we decryptted this.
+ */
+SECStatus
+PK11_VerifyRecover(SECKEYPublicKey *key, const SECItem *sig,
+ SECItem *dsig, void *wincx)
+{
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ CK_OBJECT_HANDLE id = key->pkcs11ID;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_ULONG len;
+ CK_RV crv;
+
+ mech.mechanism = PK11_MapSignKeyType(key->keyType);
+
+ if (slot == NULL) {
+ slot = PK11_GetBestSlotWithAttributes(mech.mechanism,
+ CKF_VERIFY_RECOVER, 0, wincx);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return SECFailure;
+ }
+ id = PK11_ImportPublicKey(slot, key, PR_FALSE);
+ } else {
+ PK11_ReferenceSlot(slot);
+ }
+
+ if (id == CK_INVALID_HANDLE) {
+ PK11_FreeSlot(slot);
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_VerifyRecoverInit(session, &mech, id);
+ if (crv != CKR_OK) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ PK11_FreeSlot(slot);
+ return SECFailure;
+ }
+ len = dsig->len;
+ crv = PK11_GETTAB(slot)->C_VerifyRecover(session, sig->data,
+ sig->len, dsig->data, &len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ dsig->len = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ PK11_FreeSlot(slot);
+ return SECFailure;
+ }
+ PK11_FreeSlot(slot);
+ return SECSuccess;
+}
+
+/*
+ * verify a signature from its hash.
+ */
+SECStatus
+PK11_Verify(SECKEYPublicKey *key, const SECItem *sig, const SECItem *hash,
+ void *wincx)
+{
+ CK_MECHANISM_TYPE mech = PK11_MapSignKeyType(key->keyType);
+ return PK11_VerifyWithMechanism(key, mech, NULL, sig, hash, wincx);
+}
+
+/*
+ * Verify a signature from its hash using the given algorithm.
+ */
+SECStatus
+PK11_VerifyWithMechanism(SECKEYPublicKey *key, CK_MECHANISM_TYPE mechanism,
+ const SECItem *param, const SECItem *sig,
+ const SECItem *hash, void *wincx)
+{
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ CK_OBJECT_HANDLE id = key->pkcs11ID;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_RV crv;
+
+ mech.mechanism = mechanism;
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+
+ if (slot == NULL) {
+ unsigned int length = 0;
+ if ((mech.mechanism == CKM_DSA) &&
+ /* 129 is 1024 bits translated to bytes and
+ * padded with an optional '0' to maintain a
+ * positive sign */
+ (key->u.dsa.params.prime.len > 129)) {
+ /* we need to get a slot that not only can do DSA, but can do DSA2
+ * key lengths */
+ length = key->u.dsa.params.prime.len;
+ if (key->u.dsa.params.prime.data[0] == 0) {
+ length--;
+ }
+ /* convert keysize to bits for slot lookup */
+ length *= 8;
+ }
+ slot = PK11_GetBestSlotWithAttributes(mech.mechanism,
+ CKF_VERIFY, length, wincx);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return SECFailure;
+ }
+ id = PK11_ImportPublicKey(slot, key, PR_FALSE);
+
+ } else {
+ PK11_ReferenceSlot(slot);
+ }
+
+ if (id == CK_INVALID_HANDLE) {
+ PK11_FreeSlot(slot);
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_VerifyInit(session, &mech, id);
+ if (crv != CKR_OK) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PK11_FreeSlot(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_Verify(session, hash->data,
+ hash->len, sig->data, sig->len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PK11_FreeSlot(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * sign a hash. The algorithm is determined by the key.
+ */
+SECStatus
+PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, const SECItem *hash)
+{
+ CK_MECHANISM_TYPE mech = PK11_MapSignKeyType(key->keyType);
+ return PK11_SignWithMechanism(key, mech, NULL, sig, hash);
+}
+
+/*
+ * Sign a hash using the given algorithm.
+ */
+SECStatus
+PK11_SignWithMechanism(SECKEYPrivateKey *key, CK_MECHANISM_TYPE mechanism,
+ const SECItem *param, SECItem *sig, const SECItem *hash)
+{
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ PRBool haslock = PR_FALSE;
+ CK_ULONG len;
+ CK_RV crv;
+
+ mech.mechanism = mechanism;
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+
+ if (SECKEY_HAS_ATTRIBUTE_SET(key, CKA_PRIVATE)) {
+ PK11_HandlePasswordCheck(slot, key->wincx);
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ haslock = (!owner || !(slot->isThreadSafe));
+ if (haslock)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_SignInit(session, &mech, key->pkcs11ID);
+ if (crv != CKR_OK) {
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ /* PKCS11 2.20 says if CKA_ALWAYS_AUTHENTICATE then
+ * do C_Login with CKU_CONTEXT_SPECIFIC
+ * between C_SignInit and C_Sign */
+ if (SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, CKA_ALWAYS_AUTHENTICATE, haslock)) {
+ PK11_DoPassword(slot, session, PR_FALSE, key->wincx, haslock, PR_TRUE);
+ }
+
+ len = sig->len;
+ crv = PK11_GETTAB(slot)->C_Sign(session, hash->data,
+ hash->len, sig->data, &len);
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ sig->len = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * sign data with a MAC key.
+ */
+SECStatus
+PK11_SignWithSymKey(PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism,
+ SECItem *param, SECItem *sig, const SECItem *data)
+{
+ PK11SlotInfo *slot = symKey->slot;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ PRBool haslock = PR_FALSE;
+ CK_ULONG len;
+ CK_RV crv;
+
+ mech.mechanism = mechanism;
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ haslock = (!owner || !(slot->isThreadSafe));
+ if (haslock)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_SignInit(session, &mech, symKey->objectID);
+ if (crv != CKR_OK) {
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ len = sig->len;
+ crv = PK11_GETTAB(slot)->C_Sign(session, data->data,
+ data->len, sig->data, &len);
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ sig->len = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_Decrypt(PK11SymKey *symKey,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen)
+{
+ PK11SlotInfo *slot = symKey->slot;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ CK_ULONG len = maxLen;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ PRBool haslock = PR_FALSE;
+ CK_RV crv;
+
+ mech.mechanism = mechanism;
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ haslock = (!owner || !slot->isThreadSafe);
+ if (haslock)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_DecryptInit(session, &mech, symKey->objectID);
+ if (crv != CKR_OK) {
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ crv = PK11_GETTAB(slot)->C_Decrypt(session, (unsigned char *)enc, encLen,
+ out, &len);
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ *outLen = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_Encrypt(PK11SymKey *symKey,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *data, unsigned int dataLen)
+{
+ PK11SlotInfo *slot = symKey->slot;
+ CK_MECHANISM mech = { 0, NULL, 0 };
+ CK_ULONG len = maxLen;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ PRBool haslock = PR_FALSE;
+ CK_RV crv;
+
+ mech.mechanism = mechanism;
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ haslock = (!owner || !slot->isThreadSafe);
+ if (haslock)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_EncryptInit(session, &mech, symKey->objectID);
+ if (crv != CKR_OK) {
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_Encrypt(session, (unsigned char *)data,
+ dataLen, out, &len);
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ *outLen = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+pk11_PrivDecryptRaw(SECKEYPrivateKey *key,
+ unsigned char *data, unsigned *outLen, unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen,
+ CK_MECHANISM_PTR mech)
+{
+ PK11SlotInfo *slot = key->pkcs11Slot;
+ CK_ULONG out = maxLen;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ PRBool haslock = PR_FALSE;
+ CK_RV crv;
+
+ if (key->keyType != rsaKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ /* Why do we do a PK11_handle check here? for simple
+ * decryption? .. because the user may have asked for 'ask always'
+ * and this is a private key operation. In practice, thought, it's mute
+ * since only servers wind up using this function */
+ if (SECKEY_HAS_ATTRIBUTE_SET(key, CKA_PRIVATE)) {
+ PK11_HandlePasswordCheck(slot, key->wincx);
+ }
+ session = pk11_GetNewSession(slot, &owner);
+ haslock = (!owner || !(slot->isThreadSafe));
+ if (haslock)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_DecryptInit(session, mech, key->pkcs11ID);
+ if (crv != CKR_OK) {
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ /* PKCS11 2.20 says if CKA_ALWAYS_AUTHENTICATE then
+ * do C_Login with CKU_CONTEXT_SPECIFIC
+ * between C_DecryptInit and C_Decrypt
+ * ... But see note above about servers */
+ if (SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, CKA_ALWAYS_AUTHENTICATE, haslock)) {
+ PK11_DoPassword(slot, session, PR_FALSE, key->wincx, haslock, PR_TRUE);
+ }
+
+ crv = PK11_GETTAB(slot)->C_Decrypt(session, (unsigned char *)enc, encLen,
+ data, &out);
+ if (haslock)
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ *outLen = out;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_PubDecryptRaw(SECKEYPrivateKey *key,
+ unsigned char *data, unsigned *outLen, unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen)
+{
+ CK_MECHANISM mech = { CKM_RSA_X_509, NULL, 0 };
+ return pk11_PrivDecryptRaw(key, data, outLen, maxLen, enc, encLen, &mech);
+}
+
+SECStatus
+PK11_PrivDecryptPKCS1(SECKEYPrivateKey *key,
+ unsigned char *data, unsigned *outLen, unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen)
+{
+ CK_MECHANISM mech = { CKM_RSA_PKCS, NULL, 0 };
+ return pk11_PrivDecryptRaw(key, data, outLen, maxLen, enc, encLen, &mech);
+}
+
+static SECStatus
+pk11_PubEncryptRaw(SECKEYPublicKey *key,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *data, unsigned dataLen,
+ CK_MECHANISM_PTR mech, void *wincx)
+{
+ PK11SlotInfo *slot;
+ CK_OBJECT_HANDLE id;
+ CK_ULONG len = maxLen;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_RV crv;
+
+ slot = PK11_GetBestSlotWithAttributes(mech->mechanism, CKF_ENCRYPT, 0, wincx);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return SECFailure;
+ }
+
+ id = PK11_ImportPublicKey(slot, key, PR_FALSE);
+
+ if (id == CK_INVALID_HANDLE) {
+ PK11_FreeSlot(slot);
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_EncryptInit(session, mech, id);
+ if (crv != CKR_OK) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PK11_FreeSlot(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_Encrypt(session, (unsigned char *)data, dataLen,
+ out, &len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PK11_FreeSlot(slot);
+ *outLen = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_PubEncryptRaw(SECKEYPublicKey *key,
+ unsigned char *enc,
+ const unsigned char *data, unsigned dataLen,
+ void *wincx)
+{
+ CK_MECHANISM mech = { CKM_RSA_X_509, NULL, 0 };
+ unsigned int outLen;
+ if (!key || key->keyType != rsaKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+ outLen = SECKEY_PublicKeyStrength(key);
+ return pk11_PubEncryptRaw(key, enc, &outLen, outLen, data, dataLen, &mech,
+ wincx);
+}
+
+SECStatus
+PK11_PubEncryptPKCS1(SECKEYPublicKey *key,
+ unsigned char *enc,
+ const unsigned char *data, unsigned dataLen,
+ void *wincx)
+{
+ CK_MECHANISM mech = { CKM_RSA_PKCS, NULL, 0 };
+ unsigned int outLen;
+ if (!key || key->keyType != rsaKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+ outLen = SECKEY_PublicKeyStrength(key);
+ return pk11_PubEncryptRaw(key, enc, &outLen, outLen, data, dataLen, &mech,
+ wincx);
+}
+
+SECStatus
+PK11_PrivDecrypt(SECKEYPrivateKey *key,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen)
+{
+ CK_MECHANISM mech = { mechanism, NULL, 0 };
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+ return pk11_PrivDecryptRaw(key, out, outLen, maxLen, enc, encLen, &mech);
+}
+
+SECStatus
+PK11_PubEncrypt(SECKEYPublicKey *key,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *data, unsigned dataLen,
+ void *wincx)
+{
+ CK_MECHANISM mech = { mechanism, NULL, 0 };
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ }
+ return pk11_PubEncryptRaw(key, out, outLen, maxLen, data, dataLen, &mech,
+ wincx);
+}
+
+SECKEYPrivateKey *
+PK11_UnwrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
+ CK_MECHANISM_TYPE wrapType, SECItem *param,
+ SECItem *wrappedKey, SECItem *label,
+ SECItem *idValue, PRBool perm, PRBool sensitive,
+ CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage,
+ int usageCount, void *wincx)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
+ CK_ATTRIBUTE keyTemplate[15];
+ int templateCount = 0;
+ CK_OBJECT_HANDLE privKeyID;
+ CK_MECHANISM mechanism;
+ CK_ATTRIBUTE *attrs = keyTemplate;
+ SECItem *param_free = NULL, *ck_id = NULL;
+ CK_RV crv;
+ CK_SESSION_HANDLE rwsession;
+ PK11SymKey *newKey = NULL;
+ int i;
+
+ if (!slot || !wrappedKey || !idValue) {
+ /* SET AN ERROR!!! */
+ return NULL;
+ }
+
+ ck_id = PK11_MakeIDFromPubKey(idValue);
+ if (!ck_id) {
+ return NULL;
+ }
+
+ PK11_SETATTRS(attrs, CKA_TOKEN, perm ? &cktrue : &ckfalse,
+ sizeof(cktrue));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
+ sizeof(cktrue));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse,
+ sizeof(cktrue));
+ attrs++;
+ if (label && label->data) {
+ PK11_SETATTRS(attrs, CKA_LABEL, label->data, label->len);
+ attrs++;
+ }
+ PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len);
+ attrs++;
+ for (i = 0; i < usageCount; i++) {
+ PK11_SETATTRS(attrs, usage[i], &cktrue, sizeof(cktrue));
+ attrs++;
+ }
+
+ if (PK11_IsInternal(slot)) {
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_DB, idValue->data,
+ idValue->len);
+ attrs++;
+ }
+
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount <= (sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE)));
+
+ mechanism.mechanism = wrapType;
+ if (!param)
+ param = param_free = PK11_ParamFromIV(wrapType, NULL);
+ if (param) {
+ mechanism.pParameter = param->data;
+ mechanism.ulParameterLen = param->len;
+ } else {
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+ }
+
+ if (wrappingKey->slot != slot) {
+ newKey = pk11_CopyToSlot(slot, wrapType, CKA_UNWRAP, wrappingKey);
+ } else {
+ newKey = PK11_ReferenceSymKey(wrappingKey);
+ }
+
+ if (newKey) {
+ if (perm) {
+ /* Get RW Session will either lock the monitor if necessary,
+ * or return a thread safe session handle, or fail. */
+ rwsession = PK11_GetRWSession(slot);
+ } else {
+ rwsession = slot->session;
+ if (rwsession != CK_INVALID_SESSION)
+ PK11_EnterSlotMonitor(slot);
+ }
+ /* This is a lot a work to deal with fussy PKCS #11 modules
+ * that can't bother to return BAD_DATA when presented with an
+ * invalid session! */
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ goto loser;
+ }
+ crv = PK11_GETTAB(slot)->C_UnwrapKey(rwsession, &mechanism,
+ newKey->objectID,
+ wrappedKey->data,
+ wrappedKey->len, keyTemplate,
+ templateCount, &privKeyID);
+
+ if (perm) {
+ PK11_RestoreROSession(slot, rwsession);
+ } else {
+ PK11_ExitSlotMonitor(slot);
+ }
+ PK11_FreeSymKey(newKey);
+ newKey = NULL;
+ } else {
+ crv = CKR_FUNCTION_NOT_SUPPORTED;
+ }
+
+ SECITEM_FreeItem(ck_id, PR_TRUE);
+ ck_id = NULL;
+
+ if (crv != CKR_OK) {
+ /* we couldn't unwrap the key, use the internal module to do the
+ * unwrap, then load the new key into the token */
+ PK11SlotInfo *int_slot = PK11_GetInternalSlot();
+
+ if (int_slot && (slot != int_slot)) {
+ SECKEYPrivateKey *privKey = PK11_UnwrapPrivKey(int_slot,
+ wrappingKey, wrapType, param, wrappedKey, label,
+ idValue, PR_FALSE, PR_FALSE,
+ keyType, usage, usageCount, wincx);
+ if (privKey) {
+ SECKEYPrivateKey *newPrivKey = PK11_LoadPrivKey(slot, privKey,
+ NULL, perm, sensitive);
+ SECKEY_DestroyPrivateKey(privKey);
+ PK11_FreeSlot(int_slot);
+ return newPrivKey;
+ }
+ }
+ if (int_slot)
+ PK11_FreeSlot(int_slot);
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+ return PK11_MakePrivKey(slot, nullKey, PR_FALSE, privKeyID, wincx);
+
+loser:
+ if (newKey) {
+ PK11_FreeSymKey(newKey);
+ }
+ if (ck_id) {
+ SECITEM_FreeItem(ck_id, PR_TRUE);
+ }
+ return NULL;
+}
+
+/*
+ * Now we're going to wrap a SECKEYPrivateKey with a PK11SymKey
+ * The strategy is to get both keys to reside in the same slot,
+ * one that can perform the desired crypto mechanism and then
+ * call C_WrapKey after all the setup has taken place.
+ */
+SECStatus
+PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
+ SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey, void *wincx)
+{
+ PK11SlotInfo *privSlot = privKey->pkcs11Slot; /* The slot where
+ * the private key
+ * we are going to
+ * wrap lives.
+ */
+ PK11SymKey *newSymKey = NULL;
+ SECKEYPrivateKey *newPrivKey = NULL;
+ SECItem *param_free = NULL;
+ CK_ULONG len = wrappedKey->len;
+ CK_MECHANISM mech;
+ CK_RV crv;
+
+ if (!privSlot || !PK11_DoesMechanism(privSlot, wrapType)) {
+ /* Figure out a slot that does the mechanism and try to import
+ * the private key onto that slot.
+ */
+ PK11SlotInfo *int_slot = PK11_GetInternalSlot();
+
+ privSlot = int_slot; /* The private key has a new home */
+ newPrivKey = PK11_LoadPrivKey(privSlot, privKey, NULL, PR_FALSE, PR_FALSE);
+ /* newPrivKey has allocated its own reference to the slot, so it's
+ * safe until we destroy newPrivkey.
+ */
+ PK11_FreeSlot(int_slot);
+ if (newPrivKey == NULL) {
+ return SECFailure;
+ }
+ privKey = newPrivKey;
+ }
+
+ if (privSlot != wrappingKey->slot) {
+ newSymKey = pk11_CopyToSlot(privSlot, wrapType, CKA_WRAP,
+ wrappingKey);
+ wrappingKey = newSymKey;
+ }
+
+ if (wrappingKey == NULL) {
+ if (newPrivKey) {
+ SECKEY_DestroyPrivateKey(newPrivKey);
+ }
+ return SECFailure;
+ }
+ mech.mechanism = wrapType;
+ if (!param) {
+ param = param_free = PK11_ParamFromIV(wrapType, NULL);
+ }
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ } else {
+ mech.pParameter = NULL;
+ mech.ulParameterLen = 0;
+ }
+
+ PK11_EnterSlotMonitor(privSlot);
+ crv = PK11_GETTAB(privSlot)->C_WrapKey(privSlot->session, &mech,
+ wrappingKey->objectID,
+ privKey->pkcs11ID,
+ wrappedKey->data, &len);
+ PK11_ExitSlotMonitor(privSlot);
+
+ if (newSymKey) {
+ PK11_FreeSymKey(newSymKey);
+ }
+ if (newPrivKey) {
+ SECKEY_DestroyPrivateKey(newPrivKey);
+ }
+ if (param_free) {
+ SECITEM_FreeItem(param_free, PR_TRUE);
+ }
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ wrappedKey->len = len;
+ return SECSuccess;
+}
+
+#if 0
+/*
+ * Sample code relating to linked list returned by PK11_FindGenericObjects
+ */
+
+/*
+ * You can walk the list with the following code:
+ */
+ firstObj = PK11_FindGenericObjects(slot, objClass);
+ for (thisObj=firstObj;
+ thisObj;
+ thisObj=PK11_GetNextGenericObject(thisObj)) {
+ /* operate on thisObj */
+ }
+/*
+ * If you want a particular object from the list...
+ */
+ firstObj = PK11_FindGenericObjects(slot, objClass);
+ for (thisObj=firstObj;
+ thisObj;
+ thisObj=PK11_GetNextGenericObject(thisObj)) {
+ if (isMyObj(thisObj)) {
+ if ( thisObj == firstObj) {
+ /* NOTE: firstObj could be NULL at this point */
+ firstObj = PK11_GetNextGenericObject(thsObj);
+ }
+ PK11_UnlinkGenericObject(thisObj);
+ myObj = thisObj;
+ break;
+ }
+ }
+
+ PK11_DestroyGenericObjects(firstObj);
+
+ /* use myObj */
+
+ PK11_DestroyGenericObject(myObj);
+#endif /* sample code */
+
+/*
+ * return a linked, non-circular list of generic objects.
+ * If you are only interested
+ * in one object, just use the first object in the list. To find the
+ * rest of the list use PK11_GetNextGenericObject() to return the next object.
+ */
+PK11GenericObject *
+PK11_FindGenericObjects(PK11SlotInfo *slot, CK_OBJECT_CLASS objClass)
+{
+ CK_ATTRIBUTE template[1];
+ CK_ATTRIBUTE *attrs = template;
+ CK_OBJECT_HANDLE *objectIDs = NULL;
+ PK11GenericObject *lastObj = NULL, *obj;
+ PK11GenericObject *firstObj = NULL;
+ int i, count = 0;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &objClass, sizeof(objClass));
+ attrs++;
+
+ objectIDs = pk11_FindObjectsByTemplate(slot, template, 1, &count);
+ if (objectIDs == NULL) {
+ return NULL;
+ }
+
+ /* where we connect our object once we've created it.. */
+ for (i = 0; i < count; i++) {
+ obj = PORT_New(PK11GenericObject);
+ if (!obj) {
+ if (firstObj) {
+ PK11_DestroyGenericObjects(firstObj);
+ }
+ PORT_Free(objectIDs);
+ return NULL;
+ }
+ /* initialize it */
+ obj->slot = PK11_ReferenceSlot(slot);
+ obj->objectID = objectIDs[i];
+ obj->next = NULL;
+ obj->prev = NULL;
+
+ /* link it in */
+ if (firstObj == NULL) {
+ firstObj = obj;
+ } else {
+ PK11_LinkGenericObject(lastObj, obj);
+ }
+ lastObj = obj;
+ }
+ PORT_Free(objectIDs);
+ return firstObj;
+}
+
+/*
+ * get the Next Object in the list.
+ */
+PK11GenericObject *
+PK11_GetNextGenericObject(PK11GenericObject *object)
+{
+ return object->next;
+}
+
+PK11GenericObject *
+PK11_GetPrevGenericObject(PK11GenericObject *object)
+{
+ return object->prev;
+}
+
+/*
+ * Link a single object into a new list.
+ * if the object is already in another list, remove it first.
+ */
+SECStatus
+PK11_LinkGenericObject(PK11GenericObject *list, PK11GenericObject *object)
+{
+ PK11_UnlinkGenericObject(object);
+ object->prev = list;
+ object->next = list->next;
+ list->next = object;
+ if (object->next != NULL) {
+ object->next->prev = object;
+ }
+ return SECSuccess;
+}
+
+/*
+ * remove an object from the list. If the object isn't already in
+ * a list unlink becomes a noop.
+ */
+SECStatus
+PK11_UnlinkGenericObject(PK11GenericObject *object)
+{
+ if (object->prev != NULL) {
+ object->prev->next = object->next;
+ }
+ if (object->next != NULL) {
+ object->next->prev = object->prev;
+ }
+
+ object->next = NULL;
+ object->prev = NULL;
+ return SECSuccess;
+}
+
+/*
+ * This function removes a single object from the list and destroys it.
+ * For an already unlinked object there is no difference between
+ * PK11_DestroyGenericObject and PK11_DestroyGenericObjects
+ */
+SECStatus
+PK11_DestroyGenericObject(PK11GenericObject *object)
+{
+ if (object == NULL) {
+ return SECSuccess;
+ }
+
+ PK11_UnlinkGenericObject(object);
+ if (object->slot) {
+ PK11_FreeSlot(object->slot);
+ }
+ PORT_Free(object);
+ return SECSuccess;
+}
+
+/*
+ * walk down a link list of generic objects destroying them.
+ * This will destroy all objects in a list that the object is linked into.
+ * (the list is traversed in both directions).
+ */
+SECStatus
+PK11_DestroyGenericObjects(PK11GenericObject *objects)
+{
+ PK11GenericObject *nextObject;
+ PK11GenericObject *prevObject;
+
+ if (objects == NULL) {
+ return SECSuccess;
+ }
+
+ nextObject = objects->next;
+ prevObject = objects->prev;
+
+ /* delete all the objects after it in the list */
+ for (; objects; objects = nextObject) {
+ nextObject = objects->next;
+ PK11_DestroyGenericObject(objects);
+ }
+ /* delete all the objects before it in the list */
+ for (objects = prevObject; objects; objects = prevObject) {
+ prevObject = objects->prev;
+ PK11_DestroyGenericObject(objects);
+ }
+ return SECSuccess;
+}
+
+/*
+ * Hand Create a new object and return the Generic object for our new object.
+ */
+PK11GenericObject *
+PK11_CreateGenericObject(PK11SlotInfo *slot, const CK_ATTRIBUTE *pTemplate,
+ int count, PRBool token)
+{
+ CK_OBJECT_HANDLE objectID;
+ PK11GenericObject *obj;
+ CK_RV crv;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_CreateNewObject(slot, slot->session, pTemplate, count,
+ token, &objectID);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ obj = PORT_New(PK11GenericObject);
+ if (!obj) {
+ /* error set by PORT_New */
+ return NULL;
+ }
+
+ /* initialize it */
+ obj->slot = PK11_ReferenceSlot(slot);
+ obj->objectID = objectID;
+ obj->next = NULL;
+ obj->prev = NULL;
+ return obj;
+}
+
+/*
+ * Change an attribute on a raw object
+ */
+SECStatus
+PK11_WriteRawAttribute(PK11ObjectType objType, void *objSpec,
+ CK_ATTRIBUTE_TYPE attrType, SECItem *item)
+{
+ PK11SlotInfo *slot = NULL;
+ CK_OBJECT_HANDLE handle = 0;
+ CK_ATTRIBUTE setTemplate;
+ CK_RV crv;
+ CK_SESSION_HANDLE rwsession;
+
+ switch (objType) {
+ case PK11_TypeGeneric:
+ slot = ((PK11GenericObject *)objSpec)->slot;
+ handle = ((PK11GenericObject *)objSpec)->objectID;
+ break;
+ case PK11_TypePrivKey:
+ slot = ((SECKEYPrivateKey *)objSpec)->pkcs11Slot;
+ handle = ((SECKEYPrivateKey *)objSpec)->pkcs11ID;
+ break;
+ case PK11_TypePubKey:
+ slot = ((SECKEYPublicKey *)objSpec)->pkcs11Slot;
+ handle = ((SECKEYPublicKey *)objSpec)->pkcs11ID;
+ break;
+ case PK11_TypeSymKey:
+ slot = ((PK11SymKey *)objSpec)->slot;
+ handle = ((PK11SymKey *)objSpec)->objectID;
+ break;
+ case PK11_TypeCert: /* don't handle cert case for now */
+ default:
+ break;
+ }
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE);
+ return SECFailure;
+ }
+
+ PK11_SETATTRS(&setTemplate, attrType, (CK_CHAR *)item->data, item->len);
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, handle,
+ &setTemplate, 1);
+ PK11_RestoreROSession(slot, rwsession);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_ReadRawAttribute(PK11ObjectType objType, void *objSpec,
+ CK_ATTRIBUTE_TYPE attrType, SECItem *item)
+{
+ PK11SlotInfo *slot = NULL;
+ CK_OBJECT_HANDLE handle = 0;
+
+ switch (objType) {
+ case PK11_TypeGeneric:
+ slot = ((PK11GenericObject *)objSpec)->slot;
+ handle = ((PK11GenericObject *)objSpec)->objectID;
+ break;
+ case PK11_TypePrivKey:
+ slot = ((SECKEYPrivateKey *)objSpec)->pkcs11Slot;
+ handle = ((SECKEYPrivateKey *)objSpec)->pkcs11ID;
+ break;
+ case PK11_TypePubKey:
+ slot = ((SECKEYPublicKey *)objSpec)->pkcs11Slot;
+ handle = ((SECKEYPublicKey *)objSpec)->pkcs11ID;
+ break;
+ case PK11_TypeSymKey:
+ slot = ((PK11SymKey *)objSpec)->slot;
+ handle = ((PK11SymKey *)objSpec)->objectID;
+ break;
+ case PK11_TypeCert: /* don't handle cert case for now */
+ default:
+ break;
+ }
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE);
+ return SECFailure;
+ }
+
+ return PK11_ReadAttribute(slot, handle, attrType, NULL, item);
+}
+
+/*
+ * return the object handle that matches the template
+ */
+CK_OBJECT_HANDLE
+pk11_FindObjectByTemplate(PK11SlotInfo *slot, CK_ATTRIBUTE *theTemplate, int tsize)
+{
+ CK_OBJECT_HANDLE object;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+ CK_ULONG objectCount;
+
+ /*
+ * issue the find
+ */
+ PK11_EnterSlotMonitor(slot);
+ if (slot->session != CK_INVALID_SESSION) {
+ crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session,
+ theTemplate, tsize);
+ }
+ if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return CK_INVALID_HANDLE;
+ }
+
+ crv = PK11_GETTAB(slot)->C_FindObjects(slot->session, &object, 1, &objectCount);
+ PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
+ PK11_ExitSlotMonitor(slot);
+ if ((crv != CKR_OK) || (objectCount < 1)) {
+ /* shouldn't use SSL_ERROR... here */
+ PORT_SetError(crv != CKR_OK ? PK11_MapError(crv) : SSL_ERROR_NO_CERTIFICATE);
+ return CK_INVALID_HANDLE;
+ }
+
+ /* blow up if the PKCS #11 module returns us and invalid object handle */
+ PORT_Assert(object != CK_INVALID_HANDLE);
+ return object;
+}
+
+/*
+ * return all the object handles that matches the template
+ */
+CK_OBJECT_HANDLE *
+pk11_FindObjectsByTemplate(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate,
+ int templCount, int *object_count)
+{
+ CK_OBJECT_HANDLE *objID = NULL;
+ CK_ULONG returned_count = 0;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+
+ PK11_EnterSlotMonitor(slot);
+ if (slot->session != CK_INVALID_SESSION) {
+ crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session,
+ findTemplate, templCount);
+ }
+ if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ *object_count = -1;
+ return NULL;
+ }
+
+ /*
+ * collect all the Matching Objects
+ */
+ do {
+ CK_OBJECT_HANDLE *oldObjID = objID;
+
+ if (objID == NULL) {
+ objID = (CK_OBJECT_HANDLE *)PORT_Alloc(sizeof(CK_OBJECT_HANDLE) *
+ (*object_count + PK11_SEARCH_CHUNKSIZE));
+ } else {
+ objID = (CK_OBJECT_HANDLE *)PORT_Realloc(objID,
+ sizeof(CK_OBJECT_HANDLE) * (*object_count + PK11_SEARCH_CHUNKSIZE));
+ }
+
+ if (objID == NULL) {
+ if (oldObjID)
+ PORT_Free(oldObjID);
+ break;
+ }
+ crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
+ &objID[*object_count], PK11_SEARCH_CHUNKSIZE, &returned_count);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ PORT_Free(objID);
+ objID = NULL;
+ break;
+ }
+ *object_count += returned_count;
+ } while (returned_count == PK11_SEARCH_CHUNKSIZE);
+
+ PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
+ PK11_ExitSlotMonitor(slot);
+
+ if (objID && (*object_count == 0)) {
+ PORT_Free(objID);
+ return NULL;
+ }
+ if (objID == NULL)
+ *object_count = -1;
+ return objID;
+}
+/*
+ * given a PKCS #11 object, match it's peer based on the KeyID. searchID
+ * is typically a privateKey or a certificate while the peer is the opposite
+ */
+CK_OBJECT_HANDLE
+PK11_MatchItem(PK11SlotInfo *slot, CK_OBJECT_HANDLE searchID,
+ CK_OBJECT_CLASS matchclass)
+{
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_CLASS, NULL, 0 }
+ };
+ /* if you change the array, change the variable below as well */
+ CK_ATTRIBUTE *keyclass = &theTemplate[1];
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ /* if you change the array, change the variable below as well */
+ CK_OBJECT_HANDLE peerID;
+ PORTCheapArenaPool tmpArena;
+ CK_RV crv;
+
+ /* now we need to create space for the public key */
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ crv = PK11_GetAttributes(&tmpArena.arena, slot, searchID, theTemplate, tsize);
+ if (crv != CKR_OK) {
+ PORT_DestroyCheapArena(&tmpArena);
+ PORT_SetError(PK11_MapError(crv));
+ return CK_INVALID_HANDLE;
+ }
+
+ if ((theTemplate[0].ulValueLen == 0) || (theTemplate[0].ulValueLen == -1)) {
+ PORT_DestroyCheapArena(&tmpArena);
+ if (matchclass == CKO_CERTIFICATE)
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ else
+ PORT_SetError(SEC_ERROR_NO_KEY);
+ return CK_INVALID_HANDLE;
+ }
+
+ /*
+ * issue the find
+ */
+ *(CK_OBJECT_CLASS *)(keyclass->pValue) = matchclass;
+
+ peerID = pk11_FindObjectByTemplate(slot, theTemplate, tsize);
+ PORT_DestroyCheapArena(&tmpArena);
+
+ return peerID;
+}
+
+/*
+ * count the number of objects that match the template.
+ */
+int
+PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate,
+ int templCount)
+{
+ CK_OBJECT_HANDLE objID[PK11_SEARCH_CHUNKSIZE];
+ int object_count = 0;
+ CK_ULONG returned_count = 0;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+
+ PK11_EnterSlotMonitor(slot);
+ if (slot->session != CK_INVALID_SESSION) {
+ crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session,
+ findTemplate, templCount);
+ }
+ if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return object_count;
+ }
+
+ /*
+ * collect all the Matching Objects
+ */
+ do {
+ crv = PK11_GETTAB(slot)->C_FindObjects(slot->session, objID,
+ PK11_SEARCH_CHUNKSIZE,
+ &returned_count);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ break;
+ }
+ object_count += returned_count;
+ } while (returned_count == PK11_SEARCH_CHUNKSIZE);
+
+ PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
+ PK11_ExitSlotMonitor(slot);
+ return object_count;
+}
+
+/*
+ * Traverse all the objects in a given slot.
+ */
+SECStatus
+PK11_TraverseSlot(PK11SlotInfo *slot, void *arg)
+{
+ int i;
+ CK_OBJECT_HANDLE *objID = NULL;
+ int object_count = 0;
+ pk11TraverseSlot *slotcb = (pk11TraverseSlot *)arg;
+
+ objID = pk11_FindObjectsByTemplate(slot, slotcb->findTemplate,
+ slotcb->templateCount, &object_count);
+
+ /*Actually this isn't a failure... there just were no objs to be found*/
+ if (object_count == 0) {
+ return SECSuccess;
+ }
+
+ if (objID == NULL) {
+ return SECFailure;
+ }
+
+ for (i = 0; i < object_count; i++) {
+ (*slotcb->callback)(slot, objID[i], slotcb->callbackArg);
+ }
+ PORT_Free(objID);
+ return SECSuccess;
+}
+
+/*
+ * Traverse all the objects in all slots.
+ */
+SECStatus
+pk11_TraverseAllSlots(SECStatus (*callback)(PK11SlotInfo *, void *),
+ void *arg, PRBool forceLogin, void *wincx)
+{
+ PK11SlotList *list;
+ PK11SlotListElement *le;
+ SECStatus rv;
+
+ /* get them all! */
+ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, wincx);
+ if (list == NULL)
+ return SECFailure;
+
+ /* look at each slot and authenticate as necessary */
+ for (le = list->head; le; le = le->next) {
+ if (forceLogin) {
+ rv = pk11_AuthenticateUnfriendly(le->slot, PR_FALSE, wincx);
+ if (rv != SECSuccess) {
+ continue;
+ }
+ }
+ if (callback) {
+ (*callback)(le->slot, arg);
+ }
+ }
+
+ PK11_FreeSlotList(list);
+
+ return SECSuccess;
+}
+
+CK_OBJECT_HANDLE *
+PK11_FindObjectsFromNickname(char *nickname, PK11SlotInfo **slotptr,
+ CK_OBJECT_CLASS objclass, int *returnCount, void *wincx)
+{
+ char *tokenName;
+ char *delimit;
+ PK11SlotInfo *slot;
+ CK_OBJECT_HANDLE *objID;
+ CK_ATTRIBUTE findTemplate[] = {
+ { CKA_LABEL, NULL, 0 },
+ { CKA_CLASS, NULL, 0 },
+ };
+ int findCount = sizeof(findTemplate) / sizeof(findTemplate[0]);
+ SECStatus rv;
+ PK11_SETATTRS(&findTemplate[1], CKA_CLASS, &objclass, sizeof(objclass));
+
+ *slotptr = slot = NULL;
+ *returnCount = 0;
+ /* first find the slot associated with this nickname */
+ if ((delimit = PORT_Strchr(nickname, ':')) != NULL) {
+ int len = delimit - nickname;
+ tokenName = (char *)PORT_Alloc(len + 1);
+ PORT_Memcpy(tokenName, nickname, len);
+ tokenName[len] = 0;
+
+ slot = *slotptr = PK11_FindSlotByName(tokenName);
+ PORT_Free(tokenName);
+ /* if we couldn't find a slot, assume the nickname is an internal cert
+ * with no proceding slot name */
+ if (slot == NULL) {
+ slot = *slotptr = PK11_GetInternalKeySlot();
+ } else {
+ nickname = delimit + 1;
+ }
+ } else {
+ *slotptr = slot = PK11_GetInternalKeySlot();
+ }
+ if (slot == NULL) {
+ return CK_INVALID_HANDLE;
+ }
+
+ rv = pk11_AuthenticateUnfriendly(slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ PK11_FreeSlot(slot);
+ *slotptr = NULL;
+ return CK_INVALID_HANDLE;
+ }
+
+ findTemplate[0].pValue = nickname;
+ findTemplate[0].ulValueLen = PORT_Strlen(nickname);
+ objID = pk11_FindObjectsByTemplate(slot, findTemplate, findCount, returnCount);
+ if (objID == NULL) {
+ /* PKCS #11 isn't clear on whether or not the NULL is
+ * stored in the template.... try the find again with the
+ * full null terminated string. */
+ findTemplate[0].ulValueLen += 1;
+ objID = pk11_FindObjectsByTemplate(slot, findTemplate, findCount,
+ returnCount);
+ if (objID == NULL) {
+ /* Well that's the best we can do. It's just not here */
+ /* what about faked nicknames? */
+ PK11_FreeSlot(slot);
+ *slotptr = NULL;
+ *returnCount = 0;
+ }
+ }
+
+ return objID;
+}
+
+SECItem *
+pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle)
+{
+ CK_ATTRIBUTE theTemplate[] = {
+ { CKA_ID, NULL, 0 },
+ };
+ int tsize = sizeof(theTemplate) / sizeof(theTemplate[0]);
+ CK_RV crv;
+ SECItem *item;
+
+ item = SECITEM_AllocItem(NULL, NULL, 0);
+
+ if (item == NULL) {
+ return NULL;
+ }
+
+ crv = PK11_GetAttributes(NULL, slot, handle, theTemplate, tsize);
+ if (crv != CKR_OK) {
+ SECITEM_FreeItem(item, PR_TRUE);
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ item->data = (unsigned char *)theTemplate[0].pValue;
+ item->len = theTemplate[0].ulValueLen;
+
+ return item;
+}
diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c
new file mode 100644
index 000000000..ee20789cc
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11pars.c
@@ -0,0 +1,1796 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following handles the loading, unloading and management of
+ * various PCKS #11 modules
+ */
+
+#include <ctype.h>
+#include <assert.h>
+#include "pkcs11.h"
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pki3hack.h"
+#include "secerr.h"
+#include "nss.h"
+#include "utilpars.h"
+#include "pk11pub.h"
+
+/* create a new module */
+static SECMODModule *
+secmod_NewModule(void)
+{
+ SECMODModule *newMod;
+ PLArenaPool *arena;
+
+ /* create an arena in which dllName and commonName can be
+ * allocated.
+ */
+ arena = PORT_NewArena(512);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ newMod = (SECMODModule *)PORT_ArenaAlloc(arena, sizeof(SECMODModule));
+ if (newMod == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ /*
+ * initialize of the fields of the module
+ */
+ newMod->arena = arena;
+ newMod->internal = PR_FALSE;
+ newMod->loaded = PR_FALSE;
+ newMod->isFIPS = PR_FALSE;
+ newMod->dllName = NULL;
+ newMod->commonName = NULL;
+ newMod->library = NULL;
+ newMod->functionList = NULL;
+ newMod->slotCount = 0;
+ newMod->slots = NULL;
+ newMod->slotInfo = NULL;
+ newMod->slotInfoCount = 0;
+ newMod->refCount = 1;
+ newMod->ssl[0] = 0;
+ newMod->ssl[1] = 0;
+ newMod->libraryParams = NULL;
+ newMod->moduleDBFunc = NULL;
+ newMod->parent = NULL;
+ newMod->isCritical = PR_FALSE;
+ newMod->isModuleDB = PR_FALSE;
+ newMod->moduleDBOnly = PR_FALSE;
+ newMod->trustOrder = 0;
+ newMod->cipherOrder = 0;
+ newMod->evControlMask = 0;
+ newMod->refLock = PZ_NewLock(nssILockRefLock);
+ if (newMod->refLock == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ return newMod;
+}
+
+/* private flags for isModuleDB (field in SECMODModule). */
+/* The meaing of these flags is as follows:
+ *
+ * SECMOD_FLAG_MODULE_DB_IS_MODULE_DB - This is a module that accesses the
+ * database of other modules to load. Module DBs are loadable modules that
+ * tells NSS which PKCS #11 modules to load and when. These module DBs are
+ * chainable. That is, one module DB can load another one. NSS system init
+ * design takes advantage of this feature. In system NSS, a fixed system
+ * module DB loads the system defined libraries, then chains out to the
+ * traditional module DBs to load any system or user configured modules
+ * (like smart cards). This bit is the same as the already existing meaning
+ * of isModuleDB = PR_TRUE. None of the other module db flags should be set
+ * if this flag isn't on.
+ *
+ * SECMOD_FLAG_MODULE_DB_SKIP_FIRST - This flag tells NSS to skip the first
+ * PKCS #11 module presented by a module DB. This allows the OS to load a
+ * softoken from the system module, then ask the existing module DB code to
+ * load the other PKCS #11 modules in that module DB (skipping it's request
+ * to load softoken). This gives the system init finer control over the
+ * configuration of that softoken module.
+ *
+ * SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB - This flag allows system init to mark a
+ * different module DB as the 'default' module DB (the one in which
+ * 'Add module' changes will go). Without this flag NSS takes the first
+ * module as the default Module DB, but in system NSS, that first module
+ * is the system module, which is likely read only (at least to the user).
+ * This allows system NSS to delegate those changes to the user's module DB,
+ * preserving the user's ability to load new PKCS #11 modules (which only
+ * affect him), from existing applications like Firefox.
+ */
+#define SECMOD_FLAG_MODULE_DB_IS_MODULE_DB 0x01 /* must be set if any of the \
+ *other flags are set */
+#define SECMOD_FLAG_MODULE_DB_SKIP_FIRST 0x02
+#define SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB 0x04
+
+/* private flags for internal (field in SECMODModule). */
+/* The meaing of these flags is as follows:
+ *
+ * SECMOD_FLAG_INTERNAL_IS_INTERNAL - This is a marks the the module is
+ * the internal module (that is, softoken). This bit is the same as the
+ * already existing meaning of internal = PR_TRUE. None of the other
+ * internal flags should be set if this flag isn't on.
+ *
+ * SECMOD_FLAG_MODULE_INTERNAL_KEY_SLOT - This flag allows system init to mark
+ * a different slot returned byt PK11_GetInternalKeySlot(). The 'primary'
+ * slot defined by this module will be the new internal key slot.
+ */
+#define SECMOD_FLAG_INTERNAL_IS_INTERNAL 0x01 /* must be set if any of \
+ *the other flags are set */
+#define SECMOD_FLAG_INTERNAL_KEY_SLOT 0x02
+
+/*
+ * for 3.4 we continue to use the old SECMODModule structure
+ */
+SECMODModule *
+SECMOD_CreateModule(const char *library, const char *moduleName,
+ const char *parameters, const char *nss)
+{
+ return SECMOD_CreateModuleEx(library, moduleName, parameters, nss, NULL);
+}
+
+/*
+ * NSS config options format:
+ *
+ * The specified ciphers will be allowed by policy, but an application
+ * may allow more by policy explicitly:
+ * config="allow=curve1:curve2:hash1:hash2:rsa-1024..."
+ *
+ * Only the specified hashes and curves will be allowed:
+ * config="disallow=all allow=sha1:sha256:secp256r1:secp384r1"
+ *
+ * Only the specified hashes and curves will be allowed, and
+ * RSA keys of 2048 or more will be accepted, and DH key exchange
+ * with 1024-bit primes or more:
+ * config="disallow=all allow=sha1:sha256:secp256r1:secp384r1:min-rsa=2048:min-dh=1024"
+ *
+ * A policy that enables the AES ciphersuites and the SECP256/384 curves:
+ * config="allow=aes128-cbc:aes128-gcm:TLS1.0:TLS1.2:TLS1.1:HMAC-SHA1:SHA1:SHA256:SHA384:RSA:ECDHE-RSA:SECP256R1:SECP384R1"
+ *
+ * Disallow values are parsed first, then allow values, independent of the
+ * order they appear.
+ *
+ * Future key words (not yet implemented):
+ * enable: turn on ciphersuites by default.
+ * disable: turn off ciphersuites by default without disallowing them by policy.
+ * flags: turn on the following flags:
+ * ssl-lock: turn off the ability for applications to change policy with
+ * the SSL_SetCipherPolicy (or SSL_SetPolicy).
+ * policy-lock: turn off the ability for applications to change policy with
+ * the call NSS_SetAlgorithmPolicy.
+ * ssl-default-lock: turn off the ability for applications to change cipher
+ * suite states with SSL_EnableCipher, SSL_DisableCipher.
+ *
+ */
+
+typedef struct {
+ const char *name;
+ unsigned name_size;
+ SECOidTag oid;
+ PRUint32 val;
+} oidValDef;
+
+typedef struct {
+ const char *name;
+ unsigned name_size;
+ PRInt32 option;
+} optionFreeDef;
+
+typedef struct {
+ const char *name;
+ unsigned name_size;
+ PRUint32 flag;
+} policyFlagDef;
+
+/*
+ * This table should be merged with the SECOID table.
+ */
+#define CIPHER_NAME(x) x, (sizeof(x) - 1)
+static const oidValDef algOptList[] = {
+ /* Curves */
+ { CIPHER_NAME("PRIME192V1"), SEC_OID_ANSIX962_EC_PRIME192V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("PRIME192V2"), SEC_OID_ANSIX962_EC_PRIME192V2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("PRIME192V3"), SEC_OID_ANSIX962_EC_PRIME192V3,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("PRIME239V1"), SEC_OID_ANSIX962_EC_PRIME239V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("PRIME239V2"), SEC_OID_ANSIX962_EC_PRIME239V2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("PRIME239V3"), SEC_OID_ANSIX962_EC_PRIME239V3,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("PRIME256V1"), SEC_OID_ANSIX962_EC_PRIME256V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP112R1"), SEC_OID_SECG_EC_SECP112R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP112R2"), SEC_OID_SECG_EC_SECP112R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP128R1"), SEC_OID_SECG_EC_SECP128R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP128R2"), SEC_OID_SECG_EC_SECP128R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP160K1"), SEC_OID_SECG_EC_SECP160K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP160R1"), SEC_OID_SECG_EC_SECP160R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP160R2"), SEC_OID_SECG_EC_SECP160R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP192K1"), SEC_OID_SECG_EC_SECP192K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP192R1"), SEC_OID_ANSIX962_EC_PRIME192V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP224K1"), SEC_OID_SECG_EC_SECP224K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP256K1"), SEC_OID_SECG_EC_SECP256K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP256R1"), SEC_OID_ANSIX962_EC_PRIME256V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP384R1"), SEC_OID_SECG_EC_SECP384R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECP521R1"), SEC_OID_SECG_EC_SECP521R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ /* ANSI X9.62 named elliptic curves (characteristic two field) */
+ { CIPHER_NAME("C2PNB163V1"), SEC_OID_ANSIX962_EC_C2PNB163V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB163V2"), SEC_OID_ANSIX962_EC_C2PNB163V2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB163V3"), SEC_OID_ANSIX962_EC_C2PNB163V3,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB176V1"), SEC_OID_ANSIX962_EC_C2PNB176V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB191V1"), SEC_OID_ANSIX962_EC_C2TNB191V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB191V2"), SEC_OID_ANSIX962_EC_C2TNB191V2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB191V3"), SEC_OID_ANSIX962_EC_C2TNB191V3,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2ONB191V4"), SEC_OID_ANSIX962_EC_C2ONB191V4,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2ONB191V5"), SEC_OID_ANSIX962_EC_C2ONB191V5,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB208W1"), SEC_OID_ANSIX962_EC_C2PNB208W1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB239V1"), SEC_OID_ANSIX962_EC_C2TNB239V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB239V2"), SEC_OID_ANSIX962_EC_C2TNB239V2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB239V3"), SEC_OID_ANSIX962_EC_C2TNB239V3,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2ONB239V4"), SEC_OID_ANSIX962_EC_C2ONB239V4,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2ONB239V5"), SEC_OID_ANSIX962_EC_C2ONB239V5,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB272W1"), SEC_OID_ANSIX962_EC_C2PNB272W1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB304W1"), SEC_OID_ANSIX962_EC_C2PNB304W1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB359V1"), SEC_OID_ANSIX962_EC_C2TNB359V1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2PNB368W1"), SEC_OID_ANSIX962_EC_C2PNB368W1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("C2TNB431R1"), SEC_OID_ANSIX962_EC_C2TNB431R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ /* SECG named elliptic curves (characteristic two field) */
+ { CIPHER_NAME("SECT113R1"), SEC_OID_SECG_EC_SECT113R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT131R1"), SEC_OID_SECG_EC_SECT113R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT131R1"), SEC_OID_SECG_EC_SECT131R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT131R2"), SEC_OID_SECG_EC_SECT131R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT163K1"), SEC_OID_SECG_EC_SECT163K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT163R1"), SEC_OID_SECG_EC_SECT163R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT163R2"), SEC_OID_SECG_EC_SECT163R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT193R1"), SEC_OID_SECG_EC_SECT193R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT193R2"), SEC_OID_SECG_EC_SECT193R2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT233K1"), SEC_OID_SECG_EC_SECT233K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT233R1"), SEC_OID_SECG_EC_SECT233R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT239K1"), SEC_OID_SECG_EC_SECT239K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT283K1"), SEC_OID_SECG_EC_SECT283K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT283R1"), SEC_OID_SECG_EC_SECT283R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT409K1"), SEC_OID_SECG_EC_SECT409K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT409R1"), SEC_OID_SECG_EC_SECT409R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT571K1"), SEC_OID_SECG_EC_SECT571K1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SECT571R1"), SEC_OID_SECG_EC_SECT571R1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+
+ /* Hashes */
+ { CIPHER_NAME("MD2"), SEC_OID_MD2,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("MD4"), SEC_OID_MD4,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("MD5"), SEC_OID_MD5,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SHA1"), SEC_OID_SHA1,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SHA224"), SEC_OID_SHA224,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SHA256"), SEC_OID_SHA256,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SHA384"), SEC_OID_SHA384,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("SHA512"), SEC_OID_SHA512,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+
+ /* MACs */
+ { CIPHER_NAME("HMAC-SHA1"), SEC_OID_HMAC_SHA1, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("HMAC-SHA224"), SEC_OID_HMAC_SHA224, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("HMAC-SHA256"), SEC_OID_HMAC_SHA256, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("HMAC-SHA384"), SEC_OID_HMAC_SHA384, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("HMAC-SHA512"), SEC_OID_HMAC_SHA512, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("HMAC-MD5"), SEC_OID_HMAC_MD5, NSS_USE_ALG_IN_SSL },
+
+ /* Ciphers */
+ { CIPHER_NAME("AES128-CBC"), SEC_OID_AES_128_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("AES192-CBC"), SEC_OID_AES_192_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("AES256-CBC"), SEC_OID_AES_256_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("AES128-GCM"), SEC_OID_AES_128_GCM, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("AES192-GCM"), SEC_OID_AES_192_GCM, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("AES256-GCM"), SEC_OID_AES_256_GCM, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("CAMELLIA128-CBC"), SEC_OID_CAMELLIA_128_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("CAMELLIA192-CBC"), SEC_OID_CAMELLIA_192_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("CAMELLIA256-CBC"), SEC_OID_CAMELLIA_256_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("CHACHA20-POLY1305"), SEC_OID_CHACHA20_POLY1305, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("SEED-CBC"), SEC_OID_SEED_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("DES-EDE3-CBC"), SEC_OID_DES_EDE3_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("DES-40-CBC"), SEC_OID_DES_40_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("DES-CBC"), SEC_OID_DES_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("NULL-CIPHER"), SEC_OID_NULL_CIPHER, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("RC2"), SEC_OID_RC2_CBC, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("RC4"), SEC_OID_RC4, NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("IDEA"), SEC_OID_IDEA_CBC, NSS_USE_ALG_IN_SSL },
+
+ /* Key exchange */
+ { CIPHER_NAME("RSA"), SEC_OID_TLS_RSA, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("RSA-EXPORT"), SEC_OID_TLS_RSA_EXPORT, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("DHE-RSA"), SEC_OID_TLS_DHE_RSA, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("DHE-DSS"), SEC_OID_TLS_DHE_DSS, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("DH-RSA"), SEC_OID_TLS_DH_RSA, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("DH-DSS"), SEC_OID_TLS_DH_DSS, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("ECDHE-ECDSA"), SEC_OID_TLS_ECDHE_ECDSA, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("ECDHE-RSA"), SEC_OID_TLS_ECDHE_RSA, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("ECDH-ECDSA"), SEC_OID_TLS_ECDH_ECDSA, NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("ECDH-RSA"), SEC_OID_TLS_ECDH_RSA, NSS_USE_ALG_IN_SSL_KX },
+};
+
+static const optionFreeDef sslOptList[] = {
+ /* Versions */
+ { CIPHER_NAME("SSL2.0"), 0x002 },
+ { CIPHER_NAME("SSL3.0"), 0x300 },
+ { CIPHER_NAME("SSL3.1"), 0x301 },
+ { CIPHER_NAME("TLS1.0"), 0x301 },
+ { CIPHER_NAME("TLS1.1"), 0x302 },
+ { CIPHER_NAME("TLS1.2"), 0x303 },
+ { CIPHER_NAME("TLS1.3"), 0x304 },
+ { CIPHER_NAME("DTLS1.0"), 0x302 },
+ { CIPHER_NAME("DTLS1.1"), 0x302 },
+ { CIPHER_NAME("DTLS1.2"), 0x303 },
+ { CIPHER_NAME("DTLS1.3"), 0x304 },
+};
+
+static const optionFreeDef freeOptList[] = {
+
+ /* Restrictions for asymetric keys */
+ { CIPHER_NAME("RSA-MIN"), NSS_RSA_MIN_KEY_SIZE },
+ { CIPHER_NAME("DH-MIN"), NSS_DH_MIN_KEY_SIZE },
+ { CIPHER_NAME("DSA-MIN"), NSS_DSA_MIN_KEY_SIZE },
+ /* constraints on SSL Protocols */
+ { CIPHER_NAME("TLS-VERSION-MIN"), NSS_TLS_VERSION_MIN_POLICY },
+ { CIPHER_NAME("TLS-VERSION-MAX"), NSS_TLS_VERSION_MAX_POLICY },
+ /* constraints on DTLS Protocols */
+ { CIPHER_NAME("DTLS-VERSION-MIN"), NSS_DTLS_VERSION_MIN_POLICY },
+ { CIPHER_NAME("DTLS-VERSION-MAX"), NSS_DTLS_VERSION_MIN_POLICY }
+};
+
+static const policyFlagDef policyFlagList[] = {
+ { CIPHER_NAME("SSL"), NSS_USE_ALG_IN_SSL },
+ { CIPHER_NAME("SSL-KEY-EXCHANGE"), NSS_USE_ALG_IN_SSL_KX },
+ /* add other key exhanges in the future */
+ { CIPHER_NAME("KEY-EXCHANGE"), NSS_USE_ALG_IN_SSL_KX },
+ { CIPHER_NAME("CERT-SIGNATURE"), NSS_USE_ALG_IN_CERT_SIGNATURE },
+ /* add other signatures in the future */
+ { CIPHER_NAME("SIGNATURE"), NSS_USE_ALG_IN_CERT_SIGNATURE },
+ /* enable everything */
+ { CIPHER_NAME("ALL"), NSS_USE_ALG_IN_SSL | NSS_USE_ALG_IN_SSL_KX |
+ NSS_USE_ALG_IN_CERT_SIGNATURE },
+ { CIPHER_NAME("NONE"), 0 }
+};
+
+/*
+ * Get the next cipher on the list. point to the next one in 'next'.
+ * return the length;
+ */
+static const char *
+secmod_ArgGetSubValue(const char *cipher, char sep1, char sep2,
+ int *len, const char **next)
+{
+ const char *start = cipher;
+
+ if (start == NULL) {
+ *len = 0;
+ *next = NULL;
+ return start;
+ }
+
+ for (; *cipher && *cipher != sep2; cipher++) {
+ if (*cipher == sep1) {
+ *next = cipher + 1;
+ *len = cipher - start;
+ return start;
+ }
+ }
+ *next = NULL;
+ *len = cipher - start;
+ return start;
+}
+
+static PRUint32
+secmod_parsePolicyValue(const char *policyFlags, int policyLength)
+{
+ const char *flag, *currentString;
+ PRUint32 flags = 0;
+ int i;
+
+ for (currentString = policyFlags; currentString &&
+ currentString < policyFlags + policyLength;) {
+ int length;
+ flag = secmod_ArgGetSubValue(currentString, ',', ':', &length,
+ &currentString);
+ if (length == 0) {
+ continue;
+ }
+ for (i = 0; i < PR_ARRAY_SIZE(policyFlagList); i++) {
+ const policyFlagDef *policy = &policyFlagList[i];
+ unsigned name_size = policy->name_size;
+ if ((policy->name_size == length) &&
+ PORT_Strncasecmp(policy->name, flag, name_size) == 0) {
+ flags |= policy->flag;
+ break;
+ }
+ }
+ }
+ return flags;
+}
+
+/* allow symbolic names for values. The only ones currently defines or
+ * SSL protocol versions. */
+static PRInt32
+secmod_getPolicyOptValue(const char *policyValue, int policyValueLength)
+{
+ PRInt32 val = atoi(policyValue);
+ int i;
+
+ if ((val != 0) || (*policyValue == '0')) {
+ return val;
+ }
+ for (i = 0; i < PR_ARRAY_SIZE(sslOptList); i++) {
+ if (policyValueLength == sslOptList[i].name_size &&
+ PORT_Strncasecmp(sslOptList[i].name, policyValue,
+ sslOptList[i].name_size) == 0) {
+ val = sslOptList[i].option;
+ break;
+ }
+ }
+ return val;
+}
+
+static SECStatus
+secmod_applyCryptoPolicy(const char *policyString,
+ PRBool allow)
+{
+ const char *cipher, *currentString;
+ unsigned i;
+ SECStatus rv = SECSuccess;
+ PRBool unknown;
+
+ if (policyString == NULL || policyString[0] == 0) {
+ return SECSuccess; /* do nothing */
+ }
+
+ /* if we change any of these, make sure it gets applied in ssl as well */
+ NSS_SetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, NSS_USE_POLICY_IN_SSL, 0);
+
+ for (currentString = policyString; currentString;) {
+ int length;
+ PRBool newValue = PR_FALSE;
+
+ cipher = secmod_ArgGetSubValue(currentString, ':', 0, &length,
+ &currentString);
+ unknown = PR_TRUE;
+ if (length >= 3 && cipher[3] == '/') {
+ newValue = PR_TRUE;
+ }
+ if ((newValue || (length == 3)) && PORT_Strncasecmp(cipher, "all", 3) == 0) {
+ /* disable or enable all options by default */
+ PRUint32 value = 0;
+ if (newValue) {
+ value = secmod_parsePolicyValue(&cipher[3] + 1, length - 3 - 1);
+ }
+ for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) {
+ PRUint32 enable, disable;
+ if (!newValue) {
+ value = algOptList[i].val;
+ }
+ if (allow) {
+ enable = value;
+ disable = 0;
+ } else {
+ enable = 0;
+ disable = value;
+ }
+ NSS_SetAlgorithmPolicy(algOptList[i].oid, enable, disable);
+ }
+ continue;
+ }
+
+ for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) {
+ const oidValDef *algOpt = &algOptList[i];
+ unsigned name_size = algOpt->name_size;
+ PRBool newValue = PR_FALSE;
+
+ if ((length >= name_size) && (cipher[name_size] == '/')) {
+ newValue = PR_TRUE;
+ }
+ if ((newValue || algOpt->name_size == length) &&
+ PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) {
+ PRUint32 value = algOpt->val;
+ PRUint32 enable, disable;
+ if (newValue) {
+ value = secmod_parsePolicyValue(&cipher[name_size] + 1,
+ length - name_size - 1);
+ }
+ if (allow) {
+ enable = value;
+ disable = 0;
+ } else {
+ enable = 0;
+ disable = value;
+ }
+ rv = NSS_SetAlgorithmPolicy(algOpt->oid, enable, disable);
+ if (rv != SECSuccess) {
+ /* could not enable option */
+ /* NSS_SetAlgorithPolicy should have set the error code */
+ return SECFailure;
+ }
+ unknown = PR_FALSE;
+ break;
+ }
+ }
+ if (!unknown) {
+ continue;
+ }
+
+ for (i = 0; i < PR_ARRAY_SIZE(freeOptList); i++) {
+ const optionFreeDef *freeOpt = &freeOptList[i];
+ unsigned name_size = freeOpt->name_size;
+
+ if ((length > name_size) && cipher[name_size] == '=' &&
+ PORT_Strncasecmp(freeOpt->name, cipher, name_size) == 0) {
+ PRInt32 val = secmod_getPolicyOptValue(&cipher[name_size + 1],
+ length - name_size - 1);
+
+ rv = NSS_OptionSet(freeOpt->option, val);
+ if (rv != SECSuccess) {
+ /* could not enable option */
+ /* NSS_OptionSet should have set the error code */
+ return SECFailure;
+ }
+ /* to allow the policy to expand in the future. ignore ciphers
+ * we don't understand */
+ unknown = PR_FALSE;
+ break;
+ }
+ }
+ }
+ return rv;
+}
+
+static SECStatus
+secmod_parseCryptoPolicy(const char *policyConfig)
+{
+ char *disallow, *allow;
+ SECStatus rv;
+
+ if (policyConfig == NULL) {
+ return SECSuccess; /* no policy given */
+ }
+ /* make sure we initialize the oid table and set all the default policy
+ * values first so we can override them here */
+ rv = SECOID_Init();
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ disallow = NSSUTIL_ArgGetParamValue("disallow", policyConfig);
+ rv = secmod_applyCryptoPolicy(disallow, PR_FALSE);
+ if (disallow)
+ PORT_Free(disallow);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ allow = NSSUTIL_ArgGetParamValue("allow", policyConfig);
+ rv = secmod_applyCryptoPolicy(allow, PR_TRUE);
+ if (allow)
+ PORT_Free(allow);
+ return rv;
+}
+
+/*
+ * for 3.4 we continue to use the old SECMODModule structure
+ */
+SECMODModule *
+SECMOD_CreateModuleEx(const char *library, const char *moduleName,
+ const char *parameters, const char *nss,
+ const char *config)
+{
+ SECMODModule *mod;
+ SECStatus rv;
+ char *slotParams, *ciphers;
+ /* pk11pars.h still does not have const char * interfaces */
+ char *nssc = (char *)nss;
+
+ rv = secmod_parseCryptoPolicy(config);
+
+ /* do not load the module if policy parsing fails */
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ mod = secmod_NewModule();
+ if (mod == NULL)
+ return NULL;
+
+ mod->commonName = PORT_ArenaStrdup(mod->arena, moduleName ? moduleName : "");
+ if (library) {
+ mod->dllName = PORT_ArenaStrdup(mod->arena, library);
+ }
+ /* new field */
+ if (parameters) {
+ mod->libraryParams = PORT_ArenaStrdup(mod->arena, parameters);
+ }
+
+ mod->internal = NSSUTIL_ArgHasFlag("flags", "internal", nssc);
+ mod->isFIPS = NSSUTIL_ArgHasFlag("flags", "FIPS", nssc);
+ mod->isCritical = NSSUTIL_ArgHasFlag("flags", "critical", nssc);
+ slotParams = NSSUTIL_ArgGetParamValue("slotParams", nssc);
+ mod->slotInfo = NSSUTIL_ArgParseSlotInfo(mod->arena, slotParams,
+ &mod->slotInfoCount);
+ if (slotParams)
+ PORT_Free(slotParams);
+ /* new field */
+ mod->trustOrder = NSSUTIL_ArgReadLong("trustOrder", nssc,
+ NSSUTIL_DEFAULT_TRUST_ORDER, NULL);
+ /* new field */
+ mod->cipherOrder = NSSUTIL_ArgReadLong("cipherOrder", nssc,
+ NSSUTIL_DEFAULT_CIPHER_ORDER, NULL);
+ /* new field */
+ mod->isModuleDB = NSSUTIL_ArgHasFlag("flags", "moduleDB", nssc);
+ mod->moduleDBOnly = NSSUTIL_ArgHasFlag("flags", "moduleDBOnly", nssc);
+ if (mod->moduleDBOnly)
+ mod->isModuleDB = PR_TRUE;
+
+ /* we need more bits, but we also want to preserve binary compatibility
+ * so we overload the isModuleDB PRBool with additional flags.
+ * These flags are only valid if mod->isModuleDB is already set.
+ * NOTE: this depends on the fact that PRBool is at least a char on
+ * all platforms. These flags are only valid if moduleDB is set, so
+ * code checking if (mod->isModuleDB) will continue to work correctly. */
+ if (mod->isModuleDB) {
+ char flags = SECMOD_FLAG_MODULE_DB_IS_MODULE_DB;
+ if (NSSUTIL_ArgHasFlag("flags", "skipFirst", nssc)) {
+ flags |= SECMOD_FLAG_MODULE_DB_SKIP_FIRST;
+ }
+ if (NSSUTIL_ArgHasFlag("flags", "defaultModDB", nssc)) {
+ flags |= SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB;
+ }
+ /* additional moduleDB flags could be added here in the future */
+ mod->isModuleDB = (PRBool)flags;
+ }
+
+ if (mod->internal) {
+ char flags = SECMOD_FLAG_INTERNAL_IS_INTERNAL;
+
+ if (NSSUTIL_ArgHasFlag("flags", "internalKeySlot", nssc)) {
+ flags |= SECMOD_FLAG_INTERNAL_KEY_SLOT;
+ }
+ mod->internal = (PRBool)flags;
+ }
+
+ ciphers = NSSUTIL_ArgGetParamValue("ciphers", nssc);
+ NSSUTIL_ArgParseCipherFlags(&mod->ssl[0], ciphers);
+ if (ciphers)
+ PORT_Free(ciphers);
+
+ secmod_PrivateModuleCount++;
+
+ return mod;
+}
+
+PRBool
+SECMOD_GetSkipFirstFlag(SECMODModule *mod)
+{
+ char flags = (char)mod->isModuleDB;
+
+ return (flags & SECMOD_FLAG_MODULE_DB_SKIP_FIRST) ? PR_TRUE : PR_FALSE;
+}
+
+PRBool
+SECMOD_GetDefaultModDBFlag(SECMODModule *mod)
+{
+ char flags = (char)mod->isModuleDB;
+
+ return (flags & SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB) ? PR_TRUE : PR_FALSE;
+}
+
+PRBool
+secmod_IsInternalKeySlot(SECMODModule *mod)
+{
+ char flags = (char)mod->internal;
+
+ return (flags & SECMOD_FLAG_INTERNAL_KEY_SLOT) ? PR_TRUE : PR_FALSE;
+}
+
+void
+secmod_SetInternalKeySlotFlag(SECMODModule *mod, PRBool val)
+{
+ char flags = (char)mod->internal;
+
+ if (val) {
+ flags |= SECMOD_FLAG_INTERNAL_KEY_SLOT;
+ } else {
+ flags &= ~SECMOD_FLAG_INTERNAL_KEY_SLOT;
+ }
+ mod->internal = flags;
+}
+
+/*
+ * copy desc and value into target. Target is known to be big enough to
+ * hold desc +2 +value, which is good because the result of this will be
+ * *desc"*value". We may, however, have to add some escapes for special
+ * characters imbedded into value (rare). This string potentially comes from
+ * a user, so we don't want the user overflowing the target buffer by using
+ * excessive escapes. To prevent this we count the escapes we need to add and
+ * try to expand the buffer with Realloc.
+ */
+static char *
+secmod_doDescCopy(char *target, int *targetLen, const char *desc,
+ int descLen, char *value)
+{
+ int diff, esc_len;
+
+ esc_len = NSSUTIL_EscapeSize(value, '\"') - 1;
+ diff = esc_len - strlen(value);
+ if (diff > 0) {
+ /* we need to escape... expand newSpecPtr as well to make sure
+ * we don't overflow it */
+ char *newPtr = PORT_Realloc(target, *targetLen * diff);
+ if (!newPtr) {
+ return target; /* not enough space, just drop the whole copy */
+ }
+ *targetLen += diff;
+ target = newPtr;
+ value = NSSUTIL_Escape(value, '\"');
+ if (value == NULL) {
+ return target; /* couldn't escape value, just drop the copy */
+ }
+ }
+ PORT_Memcpy(target, desc, descLen);
+ target += descLen;
+ *target++ = '\"';
+ PORT_Memcpy(target, value, esc_len);
+ target += esc_len;
+ *target++ = '\"';
+ if (diff > 0) {
+ PORT_Free(value);
+ }
+ return target;
+}
+
+#define SECMOD_SPEC_COPY(new, start, end) \
+ if (end > start) { \
+ int _cnt = end - start; \
+ PORT_Memcpy(new, start, _cnt); \
+ new += _cnt; \
+ }
+#define SECMOD_TOKEN_DESCRIPTION "tokenDescription="
+#define SECMOD_SLOT_DESCRIPTION "slotDescription="
+
+/*
+ * Find any tokens= values in the module spec.
+ * Always return a new spec which does not have any tokens= arguments.
+ * If tokens= arguments are found, Split the the various tokens defined into
+ * an array of child specs to return.
+ *
+ * Caller is responsible for freeing the child spec and the new token
+ * spec.
+ */
+char *
+secmod_ParseModuleSpecForTokens(PRBool convert, PRBool isFIPS,
+ const char *moduleSpec, char ***children,
+ CK_SLOT_ID **ids)
+{
+ int newSpecLen = PORT_Strlen(moduleSpec) + 2;
+ char *newSpec = PORT_Alloc(newSpecLen);
+ char *newSpecPtr = newSpec;
+ const char *modulePrev = moduleSpec;
+ char *target = NULL;
+ char *tmp = NULL;
+ char **childArray = NULL;
+ const char *tokenIndex;
+ CK_SLOT_ID *idArray = NULL;
+ int tokenCount = 0;
+ int i;
+
+ if (newSpec == NULL) {
+ return NULL;
+ }
+
+ *children = NULL;
+ if (ids) {
+ *ids = NULL;
+ }
+ moduleSpec = NSSUTIL_ArgStrip(moduleSpec);
+ SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec);
+
+ /* Notes on 'convert' and 'isFIPS' flags: The base parameters for opening
+ * a new softoken module takes the following parameters to name the
+ * various tokens:
+ *
+ * cryptoTokenDescription: name of the non-fips crypto token.
+ * cryptoSlotDescription: name of the non-fips crypto slot.
+ * dbTokenDescription: name of the non-fips db token.
+ * dbSlotDescription: name of the non-fips db slot.
+ * FIPSTokenDescription: name of the fips db/crypto token.
+ * FIPSSlotDescription: name of the fips db/crypto slot.
+ *
+ * if we are opening a new slot, we need to have the following
+ * parameters:
+ * tokenDescription: name of the token.
+ * slotDescription: name of the slot.
+ *
+ *
+ * The convert flag tells us to drop the unnecessary *TokenDescription
+ * and *SlotDescription arguments and convert the appropriate pair
+ * (either db or FIPS based on the isFIPS flag) to tokenDescription and
+ * slotDescription).
+ */
+ /*
+ * walk down the list. if we find a tokens= argument, save it,
+ * otherise copy the argument.
+ */
+ while (*moduleSpec) {
+ int next;
+ modulePrev = moduleSpec;
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, target, "tokens=",
+ modulePrev = moduleSpec;
+ /* skip copying */)
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoTokenDescription=",
+ if (convert) { modulePrev = moduleSpec; });
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoSlotDescription=",
+ if (convert) { modulePrev = moduleSpec; });
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "dbTokenDescription=",
+ if (convert) {
+ modulePrev = moduleSpec;
+ if (!isFIPS) {
+ newSpecPtr = secmod_doDescCopy(newSpecPtr,
+ &newSpecLen,
+ SECMOD_TOKEN_DESCRIPTION,
+ sizeof(SECMOD_TOKEN_DESCRIPTION) - 1,
+ tmp);
+ }
+ });
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "dbSlotDescription=",
+ if (convert) {
+ modulePrev = moduleSpec; /* skip copying */
+ if (!isFIPS) {
+ newSpecPtr = secmod_doDescCopy(newSpecPtr,
+ &newSpecLen,
+ SECMOD_SLOT_DESCRIPTION,
+ sizeof(SECMOD_SLOT_DESCRIPTION) - 1,
+ tmp);
+ }
+ });
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "FIPSTokenDescription=",
+ if (convert) {
+ modulePrev = moduleSpec; /* skip copying */
+ if (isFIPS) {
+ newSpecPtr = secmod_doDescCopy(newSpecPtr,
+ &newSpecLen,
+ SECMOD_TOKEN_DESCRIPTION,
+ sizeof(SECMOD_TOKEN_DESCRIPTION) - 1,
+ tmp);
+ }
+ });
+ NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "FIPSSlotDescription=",
+ if (convert) {
+ modulePrev = moduleSpec; /* skip copying */
+ if (isFIPS) {
+ newSpecPtr = secmod_doDescCopy(newSpecPtr,
+ &newSpecLen,
+ SECMOD_SLOT_DESCRIPTION,
+ sizeof(SECMOD_SLOT_DESCRIPTION) - 1,
+ tmp);
+ }
+ });
+ NSSUTIL_HANDLE_FINAL_ARG(moduleSpec)
+ SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec);
+ }
+ if (tmp) {
+ PORT_Free(tmp);
+ tmp = NULL;
+ }
+ *newSpecPtr = 0;
+
+ /* no target found, return the newSpec */
+ if (target == NULL) {
+ return newSpec;
+ }
+
+ /* now build the child array from target */
+ /*first count them */
+ for (tokenIndex = NSSUTIL_ArgStrip(target); *tokenIndex;
+ tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) {
+ tokenCount++;
+ }
+
+ childArray = PORT_NewArray(char *, tokenCount + 1);
+ if (childArray == NULL) {
+ /* just return the spec as is then */
+ PORT_Free(target);
+ return newSpec;
+ }
+ if (ids) {
+ idArray = PORT_NewArray(CK_SLOT_ID, tokenCount + 1);
+ if (idArray == NULL) {
+ PORT_Free(childArray);
+ PORT_Free(target);
+ return newSpec;
+ }
+ }
+
+ /* now fill them in */
+ for (tokenIndex = NSSUTIL_ArgStrip(target), i = 0;
+ *tokenIndex && (i < tokenCount);
+ tokenIndex = NSSUTIL_ArgStrip(tokenIndex)) {
+ int next;
+ char *name = NSSUTIL_ArgGetLabel(tokenIndex, &next);
+ tokenIndex += next;
+
+ if (idArray) {
+ idArray[i] = NSSUTIL_ArgDecodeNumber(name);
+ }
+
+ PORT_Free(name); /* drop the explicit number */
+
+ /* if anything is left, copy the args to the child array */
+ if (!NSSUTIL_ArgIsBlank(*tokenIndex)) {
+ childArray[i++] = NSSUTIL_ArgFetchValue(tokenIndex, &next);
+ tokenIndex += next;
+ }
+ }
+
+ PORT_Free(target);
+ childArray[i] = 0;
+ if (idArray) {
+ idArray[i] = 0;
+ }
+
+ /* return it */
+ *children = childArray;
+ if (ids) {
+ *ids = idArray;
+ }
+ return newSpec;
+}
+
+/* get the database and flags from the spec */
+static char *
+secmod_getConfigDir(const char *spec, char **certPrefix, char **keyPrefix,
+ PRBool *readOnly)
+{
+ char *config = NULL;
+
+ *certPrefix = NULL;
+ *keyPrefix = NULL;
+ *readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", spec);
+ if (NSSUTIL_ArgHasFlag("flags", "nocertdb", spec) ||
+ NSSUTIL_ArgHasFlag("flags", "nokeydb", spec)) {
+ return NULL;
+ }
+
+ spec = NSSUTIL_ArgStrip(spec);
+ while (*spec) {
+ int next;
+ NSSUTIL_HANDLE_STRING_ARG(spec, config, "configdir=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(spec, *certPrefix, "certPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(spec, *keyPrefix, "keyPrefix=", ;)
+ NSSUTIL_HANDLE_FINAL_ARG(spec)
+ }
+ return config;
+}
+
+struct SECMODConfigListStr {
+ char *config;
+ char *certPrefix;
+ char *keyPrefix;
+ PRBool isReadOnly;
+};
+
+/*
+ * return an array of already openned databases from a spec list.
+ */
+SECMODConfigList *
+secmod_GetConfigList(PRBool isFIPS, char *spec, int *count)
+{
+ char **children;
+ CK_SLOT_ID *ids;
+ char *strippedSpec;
+ int childCount;
+ SECMODConfigList *conflist = NULL;
+ int i;
+
+ strippedSpec = secmod_ParseModuleSpecForTokens(PR_TRUE, isFIPS,
+ spec, &children, &ids);
+ if (strippedSpec == NULL) {
+ return NULL;
+ }
+
+ for (childCount = 0; children && children[childCount]; childCount++)
+ ;
+ *count = childCount + 1; /* include strippedSpec */
+ conflist = PORT_NewArray(SECMODConfigList, *count);
+ if (conflist == NULL) {
+ *count = 0;
+ goto loser;
+ }
+
+ conflist[0].config = secmod_getConfigDir(strippedSpec,
+ &conflist[0].certPrefix,
+ &conflist[0].keyPrefix,
+ &conflist[0].isReadOnly);
+ for (i = 0; i < childCount; i++) {
+ conflist[i + 1].config = secmod_getConfigDir(children[i],
+ &conflist[i + 1].certPrefix,
+ &conflist[i + 1].keyPrefix,
+ &conflist[i + 1].isReadOnly);
+ }
+
+loser:
+ secmod_FreeChildren(children, ids);
+ PORT_Free(strippedSpec);
+ return conflist;
+}
+
+/*
+ * determine if we are trying to open an old dbm database. For this test
+ * RDB databases should return PR_FALSE.
+ */
+static PRBool
+secmod_configIsDBM(char *configDir)
+{
+ char *env;
+
+ /* explicit dbm open */
+ if (strncmp(configDir, "dbm:", 4) == 0) {
+ return PR_TRUE;
+ }
+ /* explicit open of a non-dbm database */
+ if ((strncmp(configDir, "sql:", 4) == 0) ||
+ (strncmp(configDir, "rdb:", 4) == 0) ||
+ (strncmp(configDir, "extern:", 7) == 0)) {
+ return PR_FALSE;
+ }
+ env = PR_GetEnvSecure("NSS_DEFAULT_DB_TYPE");
+ /* implicit dbm open */
+ if ((env == NULL) || (strcmp(env, "dbm") == 0)) {
+ return PR_TRUE;
+ }
+ /* implicit non-dbm open */
+ return PR_FALSE;
+}
+
+/*
+ * match two prefixes. prefix may be NULL. NULL patches '\0'
+ */
+static PRBool
+secmod_matchPrefix(char *prefix1, char *prefix2)
+{
+ if ((prefix1 == NULL) || (*prefix1 == 0)) {
+ if ((prefix2 == NULL) || (*prefix2 == 0)) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+ }
+ if (strcmp(prefix1, prefix2) == 0) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+/* do two config paramters match? Not all callers are compariing
+ * SECMODConfigLists directly, so this function breaks them out to their
+ * components. */
+static PRBool
+secmod_matchConfig(char *configDir1, char *configDir2,
+ char *certPrefix1, char *certPrefix2,
+ char *keyPrefix1, char *keyPrefix2,
+ PRBool isReadOnly1, PRBool isReadOnly2)
+{
+ /* TODO: Document the answer to the question:
+ * "Why not allow them to match if they are both NULL?"
+ * See: https://bugzilla.mozilla.org/show_bug.cgi?id=1318633#c1
+ */
+ if ((configDir1 == NULL) || (configDir2 == NULL)) {
+ return PR_FALSE;
+ }
+ if (strcmp(configDir1, configDir2) != 0) {
+ return PR_FALSE;
+ }
+ if (!secmod_matchPrefix(certPrefix1, certPrefix2)) {
+ return PR_FALSE;
+ }
+ if (!secmod_matchPrefix(keyPrefix1, keyPrefix2)) {
+ return PR_FALSE;
+ }
+ /* these last test -- if we just need the DB open read only,
+ * than any open will suffice, but if we requested it read/write
+ * and it's only open read only, we need to open it again */
+ if (isReadOnly1) {
+ return PR_TRUE;
+ }
+ if (isReadOnly2) { /* isReadonly1 == PR_FALSE */
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/*
+ * return true if we are requesting a database that is already openned.
+ */
+PRBool
+secmod_MatchConfigList(const char *spec, SECMODConfigList *conflist, int count)
+{
+ char *config;
+ char *certPrefix;
+ char *keyPrefix;
+ PRBool isReadOnly;
+ PRBool ret = PR_FALSE;
+ int i;
+
+ config = secmod_getConfigDir(spec, &certPrefix, &keyPrefix, &isReadOnly);
+ if (!config) {
+ goto done;
+ }
+
+ /* NOTE: we dbm isn't multiple open safe. If we open the same database
+ * twice from two different locations, then we can corrupt our database
+ * (the cache will be inconsistent). Protect against this by claiming
+ * for comparison only that we are always openning dbm databases read only.
+ */
+ if (secmod_configIsDBM(config)) {
+ isReadOnly = 1;
+ }
+ for (i = 0; i < count; i++) {
+ if (secmod_matchConfig(config, conflist[i].config, certPrefix,
+ conflist[i].certPrefix, keyPrefix,
+ conflist[i].keyPrefix, isReadOnly,
+ conflist[i].isReadOnly)) {
+ ret = PR_TRUE;
+ goto done;
+ }
+ }
+
+ ret = PR_FALSE;
+done:
+ PORT_Free(config);
+ PORT_Free(certPrefix);
+ PORT_Free(keyPrefix);
+ return ret;
+}
+
+/*
+ * Find the slot id from the module spec. If the slot is the database slot, we
+ * can get the slot id from the default database slot.
+ */
+CK_SLOT_ID
+secmod_GetSlotIDFromModuleSpec(const char *moduleSpec, SECMODModule *module)
+{
+ char *tmp_spec = NULL;
+ char **children, **thisChild;
+ CK_SLOT_ID *ids, *thisID, slotID = -1;
+ char *inConfig = NULL, *thisConfig = NULL;
+ char *inCertPrefix = NULL, *thisCertPrefix = NULL;
+ char *inKeyPrefix = NULL, *thisKeyPrefix = NULL;
+ PRBool inReadOnly, thisReadOnly;
+
+ inConfig = secmod_getConfigDir(moduleSpec, &inCertPrefix, &inKeyPrefix,
+ &inReadOnly);
+ if (!inConfig) {
+ goto done;
+ }
+
+ if (secmod_configIsDBM(inConfig)) {
+ inReadOnly = 1;
+ }
+
+ tmp_spec = secmod_ParseModuleSpecForTokens(PR_TRUE, module->isFIPS,
+ module->libraryParams, &children, &ids);
+ if (tmp_spec == NULL) {
+ goto done;
+ }
+
+ /* first check to see if the parent is the database */
+ thisConfig = secmod_getConfigDir(tmp_spec, &thisCertPrefix, &thisKeyPrefix,
+ &thisReadOnly);
+ if (!thisConfig) {
+ goto done;
+ }
+ if (secmod_matchConfig(inConfig, thisConfig, inCertPrefix, thisCertPrefix,
+ inKeyPrefix, thisKeyPrefix, inReadOnly, thisReadOnly)) {
+ /* yup it's the default key slot, get the id for it */
+ PK11SlotInfo *slot = PK11_GetInternalKeySlot();
+ if (slot) {
+ slotID = slot->slotID;
+ PK11_FreeSlot(slot);
+ }
+ goto done;
+ }
+
+ /* find id of the token */
+ for (thisChild = children, thisID = ids; thisChild && *thisChild; thisChild++, thisID++) {
+ PORT_Free(thisConfig);
+ PORT_Free(thisCertPrefix);
+ PORT_Free(thisKeyPrefix);
+ thisConfig = secmod_getConfigDir(*thisChild, &thisCertPrefix,
+ &thisKeyPrefix, &thisReadOnly);
+ if (thisConfig == NULL) {
+ continue;
+ }
+ if (secmod_matchConfig(inConfig, thisConfig, inCertPrefix, thisCertPrefix,
+ inKeyPrefix, thisKeyPrefix, inReadOnly, thisReadOnly)) {
+ slotID = *thisID;
+ break;
+ }
+ }
+
+done:
+ PORT_Free(inConfig);
+ PORT_Free(inCertPrefix);
+ PORT_Free(inKeyPrefix);
+ PORT_Free(thisConfig);
+ PORT_Free(thisCertPrefix);
+ PORT_Free(thisKeyPrefix);
+ if (tmp_spec) {
+ secmod_FreeChildren(children, ids);
+ PORT_Free(tmp_spec);
+ }
+ return slotID;
+}
+
+void
+secmod_FreeConfigList(SECMODConfigList *conflist, int count)
+{
+ int i;
+ for (i = 0; i < count; i++) {
+ PORT_Free(conflist[i].config);
+ PORT_Free(conflist[i].certPrefix);
+ PORT_Free(conflist[i].keyPrefix);
+ }
+ PORT_Free(conflist);
+}
+
+void
+secmod_FreeChildren(char **children, CK_SLOT_ID *ids)
+{
+ char **thisChild;
+
+ if (!children) {
+ return;
+ }
+
+ for (thisChild = children; thisChild && *thisChild; thisChild++) {
+ PORT_Free(*thisChild);
+ }
+ PORT_Free(children);
+ if (ids) {
+ PORT_Free(ids);
+ }
+ return;
+}
+
+/*
+ * caclulate the length of each child record:
+ * " 0x{id}=<{escaped_child}>"
+ */
+static int
+secmod_getChildLength(char *child, CK_SLOT_ID id)
+{
+ int length = NSSUTIL_DoubleEscapeSize(child, '>', ']');
+ if (id == 0) {
+ length++;
+ }
+ while (id) {
+ length++;
+ id = id >> 4;
+ }
+ length += 6; /* {sp}0x[id]=<{child}> */
+ return length;
+}
+
+/*
+ * Build a child record:
+ * " 0x{id}=<{escaped_child}>"
+ */
+static SECStatus
+secmod_mkTokenChild(char **next, int *length, char *child, CK_SLOT_ID id)
+{
+ int len;
+ char *escSpec;
+
+ len = PR_snprintf(*next, *length, " 0x%x=<", id);
+ if (len < 0) {
+ return SECFailure;
+ }
+ *next += len;
+ *length -= len;
+ escSpec = NSSUTIL_DoubleEscape(child, '>', ']');
+ if (escSpec == NULL) {
+ return SECFailure;
+ }
+ if (*child && (*escSpec == 0)) {
+ PORT_Free(escSpec);
+ return SECFailure;
+ }
+ len = strlen(escSpec);
+ if (len + 1 > *length) {
+ PORT_Free(escSpec);
+ return SECFailure;
+ }
+ PORT_Memcpy(*next, escSpec, len);
+ *next += len;
+ *length -= len;
+ PORT_Free(escSpec);
+ **next = '>';
+ (*next)++;
+ (*length)--;
+ return SECSuccess;
+}
+
+#define TOKEN_STRING " tokens=["
+
+char *
+secmod_MkAppendTokensList(PLArenaPool *arena, char *oldParam, char *newToken,
+ CK_SLOT_ID newID, char **children, CK_SLOT_ID *ids)
+{
+ char *rawParam = NULL; /* oldParam with tokens stripped off */
+ char *newParam = NULL; /* space for the return parameter */
+ char *nextParam = NULL; /* current end of the new parameter */
+ char **oldChildren = NULL;
+ CK_SLOT_ID *oldIds = NULL;
+ void *mark = NULL; /* mark the arena pool in case we need
+ * to release it */
+ int length, i, tmpLen;
+ SECStatus rv;
+
+ /* first strip out and save the old tokenlist */
+ rawParam = secmod_ParseModuleSpecForTokens(PR_FALSE, PR_FALSE,
+ oldParam, &oldChildren, &oldIds);
+ if (!rawParam) {
+ goto loser;
+ }
+
+ /* now calculate the total length of the new buffer */
+ /* First the 'fixed stuff', length of rawparam (does not include a NULL),
+ * length of the token string (does include the NULL), closing bracket */
+ length = strlen(rawParam) + sizeof(TOKEN_STRING) + 1;
+ /* now add then length of all the old children */
+ for (i = 0; oldChildren && oldChildren[i]; i++) {
+ length += secmod_getChildLength(oldChildren[i], oldIds[i]);
+ }
+
+ /* add the new token */
+ length += secmod_getChildLength(newToken, newID);
+
+ /* and it's new children */
+ for (i = 0; children && children[i]; i++) {
+ if (ids[i] == -1) {
+ continue;
+ }
+ length += secmod_getChildLength(children[i], ids[i]);
+ }
+
+ /* now allocate and build the string */
+ mark = PORT_ArenaMark(arena);
+ if (!mark) {
+ goto loser;
+ }
+ newParam = PORT_ArenaAlloc(arena, length);
+ if (!newParam) {
+ goto loser;
+ }
+
+ PORT_Strcpy(newParam, oldParam);
+ tmpLen = strlen(oldParam);
+ nextParam = newParam + tmpLen;
+ length -= tmpLen;
+ PORT_Memcpy(nextParam, TOKEN_STRING, sizeof(TOKEN_STRING) - 1);
+ nextParam += sizeof(TOKEN_STRING) - 1;
+ length -= sizeof(TOKEN_STRING) - 1;
+
+ for (i = 0; oldChildren && oldChildren[i]; i++) {
+ rv = secmod_mkTokenChild(&nextParam, &length, oldChildren[i], oldIds[i]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ rv = secmod_mkTokenChild(&nextParam, &length, newToken, newID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ for (i = 0; children && children[i]; i++) {
+ if (ids[i] == -1) {
+ continue;
+ }
+ rv = secmod_mkTokenChild(&nextParam, &length, children[i], ids[i]);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ if (length < 2) {
+ goto loser;
+ }
+
+ *nextParam++ = ']';
+ *nextParam++ = 0;
+
+ /* we are going to return newParam now, don't release the mark */
+ PORT_ArenaUnmark(arena, mark);
+ mark = NULL;
+
+loser:
+ if (mark) {
+ PORT_ArenaRelease(arena, mark);
+ newParam = NULL; /* if the mark is still active,
+ * don't return the param */
+ }
+ if (rawParam) {
+ PORT_Free(rawParam);
+ }
+ if (oldChildren) {
+ secmod_FreeChildren(oldChildren, oldIds);
+ }
+ return newParam;
+}
+
+static char *
+secmod_mkModuleSpec(SECMODModule *module)
+{
+ char *nss = NULL, *modSpec = NULL, **slotStrings = NULL;
+ int slotCount, i, si;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+
+ /* allocate target slot info strings */
+ slotCount = 0;
+
+ SECMOD_GetReadLock(moduleLock);
+ if (module->slotCount) {
+ for (i = 0; i < module->slotCount; i++) {
+ if (module->slots[i]->defaultFlags != 0) {
+ slotCount++;
+ }
+ }
+ } else {
+ slotCount = module->slotInfoCount;
+ }
+
+ slotStrings = (char **)PORT_ZAlloc(slotCount * sizeof(char *));
+ if (slotStrings == NULL) {
+ SECMOD_ReleaseReadLock(moduleLock);
+ goto loser;
+ }
+
+ /* build the slot info strings */
+ if (module->slotCount) {
+ for (i = 0, si = 0; i < module->slotCount; i++) {
+ if (module->slots[i]->defaultFlags) {
+ PORT_Assert(si < slotCount);
+ if (si >= slotCount)
+ break;
+ slotStrings[si] = NSSUTIL_MkSlotString(module->slots[i]->slotID,
+ module->slots[i]->defaultFlags,
+ module->slots[i]->timeout,
+ module->slots[i]->askpw,
+ module->slots[i]->hasRootCerts,
+ module->slots[i]->hasRootTrust);
+ si++;
+ }
+ }
+ } else {
+ for (i = 0; i < slotCount; i++) {
+ slotStrings[i] = NSSUTIL_MkSlotString(
+ module->slotInfo[i].slotID,
+ module->slotInfo[i].defaultFlags,
+ module->slotInfo[i].timeout,
+ module->slotInfo[i].askpw,
+ module->slotInfo[i].hasRootCerts,
+ module->slotInfo[i].hasRootTrust);
+ }
+ }
+
+ SECMOD_ReleaseReadLock(moduleLock);
+ nss = NSSUTIL_MkNSSString(slotStrings, slotCount, module->internal,
+ module->isFIPS, module->isModuleDB,
+ module->moduleDBOnly, module->isCritical,
+ module->trustOrder, module->cipherOrder,
+ module->ssl[0], module->ssl[1]);
+ modSpec = NSSUTIL_MkModuleSpec(module->dllName, module->commonName,
+ module->libraryParams, nss);
+ PORT_Free(slotStrings);
+ PR_smprintf_free(nss);
+loser:
+ return (modSpec);
+}
+
+char **
+SECMOD_GetModuleSpecList(SECMODModule *module)
+{
+ SECMODModuleDBFunc func = (SECMODModuleDBFunc)module->moduleDBFunc;
+ if (func) {
+ return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
+ module->libraryParams, NULL);
+ }
+ return NULL;
+}
+
+SECStatus
+SECMOD_AddPermDB(SECMODModule *module)
+{
+ SECMODModuleDBFunc func;
+ char *moduleSpec;
+ char **retString;
+
+ if (module->parent == NULL)
+ return SECFailure;
+
+ func = (SECMODModuleDBFunc)module->parent->moduleDBFunc;
+ if (func) {
+ moduleSpec = secmod_mkModuleSpec(module);
+ retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD,
+ module->parent->libraryParams, moduleSpec);
+ PORT_Free(moduleSpec);
+ if (retString != NULL)
+ return SECSuccess;
+ }
+ return SECFailure;
+}
+
+SECStatus
+SECMOD_DeletePermDB(SECMODModule *module)
+{
+ SECMODModuleDBFunc func;
+ char *moduleSpec;
+ char **retString;
+
+ if (module->parent == NULL)
+ return SECFailure;
+
+ func = (SECMODModuleDBFunc)module->parent->moduleDBFunc;
+ if (func) {
+ moduleSpec = secmod_mkModuleSpec(module);
+ retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL,
+ module->parent->libraryParams, moduleSpec);
+ PORT_Free(moduleSpec);
+ if (retString != NULL)
+ return SECSuccess;
+ }
+ return SECFailure;
+}
+
+SECStatus
+SECMOD_FreeModuleSpecList(SECMODModule *module, char **moduleSpecList)
+{
+ SECMODModuleDBFunc func = (SECMODModuleDBFunc)module->moduleDBFunc;
+ char **retString;
+ if (func) {
+ retString = (*func)(SECMOD_MODULE_DB_FUNCTION_RELEASE,
+ module->libraryParams, moduleSpecList);
+ if (retString != NULL)
+ return SECSuccess;
+ }
+ return SECFailure;
+}
+
+/*
+ * load a PKCS#11 module but do not add it to the default NSS trust domain
+ */
+SECMODModule *
+SECMOD_LoadModule(char *modulespec, SECMODModule *parent, PRBool recurse)
+{
+ char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss = NULL;
+ char *config = NULL;
+ SECStatus status;
+ SECMODModule *module = NULL;
+ SECMODModule *oldModule = NULL;
+ SECStatus rv;
+
+ /* initialize the underlying module structures */
+ SECMOD_Init();
+
+ status = NSSUTIL_ArgParseModuleSpecEx(modulespec, &library, &moduleName,
+ &parameters, &nss,
+ &config);
+ if (status != SECSuccess) {
+ goto loser;
+ }
+
+ module = SECMOD_CreateModuleEx(library, moduleName, parameters, nss, config);
+ if (library)
+ PORT_Free(library);
+ if (moduleName)
+ PORT_Free(moduleName);
+ if (parameters)
+ PORT_Free(parameters);
+ if (nss)
+ PORT_Free(nss);
+ if (config)
+ PORT_Free(config);
+ if (!module) {
+ goto loser;
+ }
+ if (parent) {
+ module->parent = SECMOD_ReferenceModule(parent);
+ if (module->internal && secmod_IsInternalKeySlot(parent)) {
+ module->internal = parent->internal;
+ }
+ }
+
+ /* load it */
+ rv = secmod_LoadPKCS11Module(module, &oldModule);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* if we just reload an old module, no need to add it to any lists.
+ * we simple release all our references */
+ if (oldModule) {
+ /* This module already exists, don't link it anywhere. This
+ * will probably destroy this module */
+ SECMOD_DestroyModule(module);
+ return oldModule;
+ }
+
+ if (recurse && module->isModuleDB) {
+ char **moduleSpecList;
+ PORT_SetError(0);
+
+ moduleSpecList = SECMOD_GetModuleSpecList(module);
+ if (moduleSpecList) {
+ char **index;
+
+ index = moduleSpecList;
+ if (*index && SECMOD_GetSkipFirstFlag(module)) {
+ index++;
+ }
+
+ for (; *index; index++) {
+ SECMODModule *child;
+ if (0 == PORT_Strcmp(*index, modulespec)) {
+ /* avoid trivial infinite recursion */
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ rv = SECFailure;
+ break;
+ }
+ child = SECMOD_LoadModule(*index, module, PR_TRUE);
+ if (!child)
+ break;
+ if (child->isCritical && !child->loaded) {
+ int err = PORT_GetError();
+ if (!err)
+ err = SEC_ERROR_NO_MODULE;
+ SECMOD_DestroyModule(child);
+ PORT_SetError(err);
+ rv = SECFailure;
+ break;
+ }
+ SECMOD_DestroyModule(child);
+ }
+ SECMOD_FreeModuleSpecList(module, moduleSpecList);
+ } else {
+ if (!PORT_GetError())
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ rv = SECFailure;
+ }
+ }
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* inherit the reference */
+ if (!module->moduleDBOnly) {
+ SECMOD_AddModuleToList(module);
+ } else {
+ SECMOD_AddModuleToDBOnlyList(module);
+ }
+
+ /* handle any additional work here */
+ return module;
+
+loser:
+ if (module) {
+ if (module->loaded) {
+ SECMOD_UnloadModule(module);
+ }
+ SECMOD_AddModuleToUnloadList(module);
+ }
+ return module;
+}
+
+/*
+ * load a PKCS#11 module and add it to the default NSS trust domain
+ */
+SECMODModule *
+SECMOD_LoadUserModule(char *modulespec, SECMODModule *parent, PRBool recurse)
+{
+ SECStatus rv = SECSuccess;
+ SECMODModule *newmod = SECMOD_LoadModule(modulespec, parent, recurse);
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+
+ if (newmod) {
+ SECMOD_GetReadLock(moduleLock);
+ rv = STAN_AddModuleToDefaultTrustDomain(newmod);
+ SECMOD_ReleaseReadLock(moduleLock);
+ if (SECSuccess != rv) {
+ SECMOD_DestroyModule(newmod);
+ return NULL;
+ }
+ }
+ return newmod;
+}
+
+/*
+ * remove the PKCS#11 module from the default NSS trust domain, call
+ * C_Finalize, and destroy the module structure
+ */
+SECStatus
+SECMOD_UnloadUserModule(SECMODModule *mod)
+{
+ SECStatus rv = SECSuccess;
+ int atype = 0;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ if (!mod) {
+ return SECFailure;
+ }
+
+ SECMOD_GetReadLock(moduleLock);
+ rv = STAN_RemoveModuleFromDefaultTrustDomain(mod);
+ SECMOD_ReleaseReadLock(moduleLock);
+ if (SECSuccess != rv) {
+ return SECFailure;
+ }
+ return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE);
+}
diff --git a/security/nss/lib/pk11wrap/pk11pbe.c b/security/nss/lib/pk11wrap/pk11pbe.c
new file mode 100644
index 000000000..7837bfe9c
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11pbe.c
@@ -0,0 +1,1433 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secitem.h"
+#include "secport.h"
+#include "hasht.h"
+#include "pkcs11t.h"
+#include "sechash.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "secoid.h"
+#include "secerr.h"
+#include "secmod.h"
+#include "pk11func.h"
+#include "secpkcs5.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "key.h"
+
+typedef struct SEC_PKCS5PBEParameterStr SEC_PKCS5PBEParameter;
+struct SEC_PKCS5PBEParameterStr {
+ PLArenaPool *poolp;
+ SECItem salt; /* octet string */
+ SECItem iteration; /* integer */
+ SECItem keyLength; /* PKCS5v2 only */
+ SECAlgorithmID *pPrfAlgId; /* PKCS5v2 only */
+ SECAlgorithmID prfAlgId; /* PKCS5v2 only */
+};
+
+/* PKCS5 V2 has an algorithm ID for the encryption and for
+ * the key generation. This is valid for SEC_OID_PKCS5_PBES2
+ * and SEC_OID_PKCS5_PBMAC1
+ */
+struct sec_pkcs5V2ParameterStr {
+ PLArenaPool *poolp;
+ SECAlgorithmID pbeAlgId; /* real pbe algorithms */
+ SECAlgorithmID cipherAlgId; /* encryption/mac */
+};
+
+typedef struct sec_pkcs5V2ParameterStr sec_pkcs5V2Parameter;
+
+/* template for PKCS 5 PBE Parameter. This template has been expanded
+ * based upon the additions in PKCS 12. This should eventually be moved
+ * if RSA updates PKCS 5.
+ */
+const SEC_ASN1Template SEC_PKCS5PBEParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SEC_PKCS5PBEParameter, salt) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS5PBEParameter, iteration) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_V2PKCS12PBEParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
+ { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS5PBEParameter, salt) },
+ { SEC_ASN1_INTEGER, offsetof(SEC_PKCS5PBEParameter, iteration) },
+ { 0 }
+ };
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+/* SECOID_PKCS5_PBKDF2 */
+const SEC_ASN1Template SEC_PKCS5V2PBEParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
+ /* This is really a choice, but since we only understand this
+ * choice, just inline it */
+ { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS5PBEParameter, salt) },
+ { SEC_ASN1_INTEGER, offsetof(SEC_PKCS5PBEParameter, iteration) },
+ { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL,
+ offsetof(SEC_PKCS5PBEParameter, keyLength) },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN | SEC_ASN1_OPTIONAL,
+ offsetof(SEC_PKCS5PBEParameter, pPrfAlgId),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { 0 }
+ };
+
+/* SEC_OID_PKCS5_PBES2, SEC_OID_PKCS5_PBMAC1 */
+const SEC_ASN1Template SEC_PKCS5V2ParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(sec_pkcs5V2Parameter, pbeAlgId),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(sec_pkcs5V2Parameter, cipherAlgId),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { 0 }
+ };
+
+/*
+ * maps a PBE algorithm to a crypto algorithm. for PKCS12 and PKCS5v1
+ * for PKCS5v2 it returns SEC_OID_PKCS5_PBKDF2.
+ */
+SECOidTag
+sec_pkcs5GetCryptoFromAlgTag(SECOidTag algorithm)
+{
+ switch (algorithm) {
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
+ return SEC_OID_DES_EDE3_CBC;
+ case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
+ case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
+ case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
+ return SEC_OID_DES_CBC;
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ return SEC_OID_RC2_CBC;
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ return SEC_OID_RC4;
+ case SEC_OID_PKCS5_PBKDF2:
+ case SEC_OID_PKCS5_PBES2:
+ case SEC_OID_PKCS5_PBMAC1:
+ return SEC_OID_PKCS5_PBKDF2;
+ default:
+ break;
+ }
+
+ return SEC_OID_UNKNOWN;
+}
+
+/*
+ * get a new PKCS5 V2 Parameter from the algorithm id.
+ * if arena is passed in, use it, otherwise create a new arena.
+ */
+sec_pkcs5V2Parameter *
+sec_pkcs5_v2_get_v2_param(PLArenaPool *arena, SECAlgorithmID *algid)
+{
+ PLArenaPool *localArena = NULL;
+ sec_pkcs5V2Parameter *pbeV2_param;
+ SECStatus rv;
+
+ if (arena == NULL) {
+ localArena = arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+ }
+ pbeV2_param = PORT_ArenaZNew(arena, sec_pkcs5V2Parameter);
+ if (pbeV2_param == NULL) {
+ goto loser;
+ }
+
+ rv = SEC_ASN1DecodeItem(arena, pbeV2_param,
+ SEC_PKCS5V2ParameterTemplate, &algid->parameters);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ pbeV2_param->poolp = arena;
+ return pbeV2_param;
+loser:
+ if (localArena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return NULL;
+}
+
+void
+sec_pkcs5_v2_destroy_v2_param(sec_pkcs5V2Parameter *param)
+{
+ if (param && param->poolp) {
+ PORT_FreeArena(param->poolp, PR_TRUE);
+ }
+}
+
+/* maps crypto algorithm from PBE algorithm.
+ */
+SECOidTag
+SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid)
+{
+
+ SECOidTag pbeAlg;
+ SECOidTag cipherAlg;
+
+ if (algid == NULL)
+ return SEC_OID_UNKNOWN;
+
+ pbeAlg = SECOID_GetAlgorithmTag(algid);
+ cipherAlg = sec_pkcs5GetCryptoFromAlgTag(pbeAlg);
+ if ((cipherAlg == SEC_OID_PKCS5_PBKDF2) &&
+ (pbeAlg != SEC_OID_PKCS5_PBKDF2)) {
+ sec_pkcs5V2Parameter *pbeV2_param;
+ cipherAlg = SEC_OID_UNKNOWN;
+
+ pbeV2_param = sec_pkcs5_v2_get_v2_param(NULL, algid);
+ if (pbeV2_param != NULL) {
+ cipherAlg = SECOID_GetAlgorithmTag(&pbeV2_param->cipherAlgId);
+ sec_pkcs5_v2_destroy_v2_param(pbeV2_param);
+ }
+ }
+
+ return cipherAlg;
+}
+
+/* check to see if an oid is a pbe algorithm
+ */
+PRBool
+SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid)
+{
+ return (PRBool)(SEC_PKCS5GetCryptoAlgorithm(algid) != SEC_OID_UNKNOWN);
+}
+
+PRBool
+SEC_PKCS5IsAlgorithmPBEAlgTag(SECOidTag algtag)
+{
+ return (PRBool)(sec_pkcs5GetCryptoFromAlgTag(algtag) != SEC_OID_UNKNOWN);
+}
+
+/*
+ * find the most appropriate PKCS5v2 overall oid tag from a regular
+ * cipher/hash algorithm tag.
+ */
+static SECOidTag
+sec_pkcs5v2_get_pbe(SECOidTag algTag)
+{
+ /* if it's a valid hash oid... */
+ if (HASH_GetHashOidTagByHMACOidTag(algTag) != SEC_OID_UNKNOWN) {
+ /* use the MAC tag */
+ return SEC_OID_PKCS5_PBMAC1;
+ }
+ if (HASH_GetHashTypeByOidTag(algTag) != HASH_AlgNULL) {
+ /* eliminate Hash algorithms */
+ return SEC_OID_UNKNOWN;
+ }
+ if (PK11_AlgtagToMechanism(algTag) != CKM_INVALID_MECHANISM) {
+ /* it's not a hash, if it has a PKCS #11 mechanism associated
+ * with it, assume it's a cipher. (NOTE this will generate
+ * some false positives). */
+ return SEC_OID_PKCS5_PBES2;
+ }
+ return SEC_OID_UNKNOWN;
+}
+
+/*
+ * maps PBE algorithm from crypto algorithm, assumes SHA1 hashing.
+ * input keyLen in bits.
+ */
+SECOidTag
+SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen)
+{
+ switch (algTag) {
+ case SEC_OID_DES_EDE3_CBC:
+ switch (keyLen) {
+ case 168:
+ case 192:
+ case 0:
+ return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
+ case 128:
+ case 92:
+ return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC;
+ default:
+ break;
+ }
+ break;
+ case SEC_OID_DES_CBC:
+ return SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
+ case SEC_OID_RC2_CBC:
+ switch (keyLen) {
+ case 40:
+ return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
+ case 128:
+ case 0:
+ return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
+ default:
+ break;
+ }
+ break;
+ case SEC_OID_RC4:
+ switch (keyLen) {
+ case 40:
+ return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4;
+ case 128:
+ case 0:
+ return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4;
+ default:
+ break;
+ }
+ break;
+ default:
+ return sec_pkcs5v2_get_pbe(algTag);
+ }
+
+ return SEC_OID_UNKNOWN;
+}
+
+/*
+ * get the key length in bytes from a PKCS5 PBE
+ */
+int
+sec_pkcs5v2_key_length(SECAlgorithmID *algid)
+{
+ SECOidTag algorithm;
+ PLArenaPool *arena = NULL;
+ SEC_PKCS5PBEParameter p5_param;
+ SECStatus rv;
+ int length = -1;
+
+ algorithm = SECOID_GetAlgorithmTag(algid);
+ /* sanity check, they should all be PBKDF2 here */
+ if (algorithm != SEC_OID_PKCS5_PBKDF2) {
+ return -1;
+ }
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+ PORT_Memset(&p5_param, 0, sizeof(p5_param));
+ rv = SEC_ASN1DecodeItem(arena, &p5_param,
+ SEC_PKCS5V2PBEParameterTemplate, &algid->parameters);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (p5_param.keyLength.data != NULL) {
+ length = DER_GetInteger(&p5_param.keyLength);
+ }
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return length;
+}
+
+/*
+ * get the key length in bytes needed for the PBE algorithm
+ */
+int
+SEC_PKCS5GetKeyLength(SECAlgorithmID *algid)
+{
+
+ SECOidTag algorithm;
+
+ if (algid == NULL)
+ return SEC_OID_UNKNOWN;
+
+ algorithm = SECOID_GetAlgorithmTag(algid);
+
+ switch (algorithm) {
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
+ return 24;
+ case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
+ case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
+ case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
+ return 8;
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ return 5;
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ return 16;
+ case SEC_OID_PKCS5_PBKDF2:
+ return sec_pkcs5v2_key_length(algid);
+ case SEC_OID_PKCS5_PBES2:
+ case SEC_OID_PKCS5_PBMAC1: {
+ sec_pkcs5V2Parameter *pbeV2_param;
+ int length = -1;
+ pbeV2_param = sec_pkcs5_v2_get_v2_param(NULL, algid);
+ if (pbeV2_param != NULL) {
+ length = sec_pkcs5v2_key_length(&pbeV2_param->pbeAlgId);
+ sec_pkcs5_v2_destroy_v2_param(pbeV2_param);
+ }
+ return length;
+ }
+
+ default:
+ break;
+ }
+ return -1;
+}
+
+/* the PKCS12 V2 algorithms only encode the salt, there is no iteration
+ * count so we need a check for V2 algorithm parameters.
+ */
+static PRBool
+sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(SECOidTag algorithm)
+{
+ switch (algorithm) {
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ return PR_TRUE;
+ default:
+ break;
+ }
+
+ return PR_FALSE;
+}
+
+static PRBool
+sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(SECOidTag algorithm)
+{
+ switch (algorithm) {
+ case SEC_OID_PKCS5_PBES2:
+ case SEC_OID_PKCS5_PBMAC1:
+ case SEC_OID_PKCS5_PBKDF2:
+ return PR_TRUE;
+ default:
+ break;
+ }
+
+ return PR_FALSE;
+}
+
+/* destroy a pbe parameter. it assumes that the parameter was
+ * generated using the appropriate create function and therefor
+ * contains an arena pool.
+ */
+static void
+sec_pkcs5_destroy_pbe_param(SEC_PKCS5PBEParameter *pbe_param)
+{
+ if (pbe_param != NULL)
+ PORT_FreeArena(pbe_param->poolp, PR_TRUE);
+}
+
+/* creates a PBE parameter based on the PBE algorithm. the only required
+ * parameters are algorithm and interation. the return is a PBE parameter
+ * which conforms to PKCS 5 parameter unless an extended parameter is needed.
+ * this is primarily if keyLength and a variable key length algorithm are
+ * specified.
+ * salt - if null, a salt will be generated from random bytes.
+ * iteration - number of iterations to perform hashing.
+ * keyLength - only used in variable key length algorithms. if specified,
+ * should be in bytes.
+ * once a parameter is allocated, it should be destroyed calling
+ * sec_pkcs5_destroy_pbe_parameter or SEC_PKCS5DestroyPBEParameter.
+ */
+#define DEFAULT_SALT_LENGTH 16
+static SEC_PKCS5PBEParameter *
+sec_pkcs5_create_pbe_parameter(SECOidTag algorithm,
+ SECItem *salt,
+ int iteration,
+ int keyLength,
+ SECOidTag prfAlg)
+{
+ PLArenaPool *poolp = NULL;
+ SEC_PKCS5PBEParameter *pbe_param = NULL;
+ SECStatus rv = SECSuccess;
+ void *dummy = NULL;
+
+ if (iteration < 0) {
+ return NULL;
+ }
+
+ poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL)
+ return NULL;
+
+ pbe_param = (SEC_PKCS5PBEParameter *)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS5PBEParameter));
+ if (!pbe_param) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ return NULL;
+ }
+
+ pbe_param->poolp = poolp;
+
+ rv = SECFailure;
+ if (salt && salt->data) {
+ rv = SECITEM_CopyItem(poolp, &pbe_param->salt, salt);
+ } else {
+ /* sigh, the old interface generated salt on the fly, so we have to
+ * preserve the semantics */
+ pbe_param->salt.len = DEFAULT_SALT_LENGTH;
+ pbe_param->salt.data = PORT_ArenaZAlloc(poolp, DEFAULT_SALT_LENGTH);
+ if (pbe_param->salt.data) {
+ rv = PK11_GenerateRandom(pbe_param->salt.data, DEFAULT_SALT_LENGTH);
+ }
+ }
+
+ if (rv != SECSuccess) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ return NULL;
+ }
+
+ /* encode the integer */
+ dummy = SEC_ASN1EncodeInteger(poolp, &pbe_param->iteration,
+ iteration);
+ rv = (dummy) ? SECSuccess : SECFailure;
+
+ if (rv != SECSuccess) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ /*
+ * for PKCS5 v2 Add the keylength and the prf
+ */
+ if (algorithm == SEC_OID_PKCS5_PBKDF2) {
+ dummy = SEC_ASN1EncodeInteger(poolp, &pbe_param->keyLength,
+ keyLength);
+ rv = (dummy) ? SECSuccess : SECFailure;
+ if (rv != SECSuccess) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+ rv = SECOID_SetAlgorithmID(poolp, &pbe_param->prfAlgId, prfAlg, NULL);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+ pbe_param->pPrfAlgId = &pbe_param->prfAlgId;
+ }
+
+ return pbe_param;
+}
+
+/* creates a algorithm ID containing the PBE algorithm and appropriate
+ * parameters. the required parameter is the algorithm. if salt is
+ * not specified, it is generated randomly.
+ *
+ * the returned SECAlgorithmID should be destroyed using
+ * SECOID_DestroyAlgorithmID
+ */
+SECAlgorithmID *
+sec_pkcs5CreateAlgorithmID(SECOidTag algorithm,
+ SECOidTag cipherAlgorithm,
+ SECOidTag prfAlg,
+ SECOidTag *pPbeAlgorithm,
+ int keyLength,
+ SECItem *salt,
+ int iteration)
+{
+ PLArenaPool *poolp = NULL;
+ SECAlgorithmID *algid, *ret_algid = NULL;
+ SECOidTag pbeAlgorithm = algorithm;
+ SECItem der_param;
+ void *dummy;
+ SECStatus rv = SECFailure;
+ SEC_PKCS5PBEParameter *pbe_param = NULL;
+ sec_pkcs5V2Parameter pbeV2_param;
+
+ if (iteration <= 0) {
+ return NULL;
+ }
+
+ poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (!poolp) {
+ goto loser;
+ }
+
+ if (!SEC_PKCS5IsAlgorithmPBEAlgTag(algorithm) ||
+ sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) {
+ /* use PKCS 5 v2 */
+ SECItem *cipherParams;
+
+ /*
+ * if we ask for pkcs5 Algorithms directly, then the
+ * application needs to supply the cipher algorithm,
+ * otherwise we are implicitly using pkcs5 v2 and the
+ * passed in algorithm is the encryption algorithm.
+ */
+ if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) {
+ if (cipherAlgorithm == SEC_OID_UNKNOWN) {
+ goto loser;
+ }
+ } else {
+ cipherAlgorithm = algorithm;
+ /* force algorithm to be chosen below */
+ algorithm = SEC_OID_PKCS5_PBKDF2;
+ }
+
+ pbeAlgorithm = SEC_OID_PKCS5_PBKDF2;
+ /*
+ * 'algorithm' is the overall algorithm oid tag used to wrap the
+ * entire algoithm ID block. For PKCS5v1 and PKCS12, this
+ * algorithm OID has encoded in it both the PBE KDF function
+ * and the encryption algorithm. For PKCS 5v2, PBE KDF and
+ * encryption/macing oids are encoded as parameters in
+ * the algorithm ID block.
+ *
+ * Thus in PKCS5 v1 and PKCS12, this algorithm maps to a pkcs #11
+ * mechanism, where as in PKCS 5v2, this alogithm tag does not map
+ * directly to a PKCS #11 mechanim, instead the 2 oids in the
+ * algorithm ID block map the the actual PKCS #11 mechanism.
+ * gorithm is). We use choose this algorithm oid based on the
+ * cipherAlgorithm to determine what this should be (MAC1 or PBES2).
+ */
+ if (algorithm == SEC_OID_PKCS5_PBKDF2) {
+ /* choose mac or pbes */
+ algorithm = sec_pkcs5v2_get_pbe(cipherAlgorithm);
+ }
+
+ /* set the PKCS5v2 specific parameters */
+ if (keyLength == 0) {
+ SECOidTag hashAlg = HASH_GetHashOidTagByHMACOidTag(cipherAlgorithm);
+ if (hashAlg != SEC_OID_UNKNOWN) {
+ keyLength = HASH_ResultLenByOidTag(hashAlg);
+ } else {
+ CK_MECHANISM_TYPE cryptoMech;
+ cryptoMech = PK11_AlgtagToMechanism(cipherAlgorithm);
+ if (cryptoMech == CKM_INVALID_MECHANISM) {
+ goto loser;
+ }
+ keyLength = PK11_GetMaxKeyLength(cryptoMech);
+ }
+ if (keyLength == 0) {
+ goto loser;
+ }
+ }
+ /* currently SEC_OID_HMAC_SHA1 is the default */
+ if (prfAlg == SEC_OID_UNKNOWN) {
+ prfAlg = SEC_OID_HMAC_SHA1;
+ }
+
+ /* build the PKCS5v2 cipher algorithm id */
+ cipherParams = pk11_GenerateNewParamWithKeyLen(
+ PK11_AlgtagToMechanism(cipherAlgorithm), keyLength);
+ if (!cipherParams) {
+ goto loser;
+ }
+
+ PORT_Memset(&pbeV2_param, 0, sizeof(pbeV2_param));
+
+ rv = PK11_ParamToAlgid(cipherAlgorithm, cipherParams,
+ poolp, &pbeV2_param.cipherAlgId);
+ SECITEM_FreeItem(cipherParams, PR_TRUE);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* generate the parameter */
+ pbe_param = sec_pkcs5_create_pbe_parameter(pbeAlgorithm, salt, iteration,
+ keyLength, prfAlg);
+ if (!pbe_param) {
+ goto loser;
+ }
+
+ /* generate the algorithm id */
+ algid = (SECAlgorithmID *)PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
+ if (algid == NULL) {
+ goto loser;
+ }
+
+ der_param.data = NULL;
+ der_param.len = 0;
+ if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) {
+ /* first encode the PBE algorithm ID */
+ dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
+ SEC_PKCS5V2PBEParameterTemplate);
+ if (dummy == NULL) {
+ goto loser;
+ }
+ rv = SECOID_SetAlgorithmID(poolp, &pbeV2_param.pbeAlgId,
+ pbeAlgorithm, &der_param);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* now encode the Full PKCS 5 parameter */
+ der_param.data = NULL;
+ der_param.len = 0;
+ dummy = SEC_ASN1EncodeItem(poolp, &der_param, &pbeV2_param,
+ SEC_PKCS5V2ParameterTemplate);
+ } else if (!sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
+ dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
+ SEC_PKCS5PBEParameterTemplate);
+ } else {
+ dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
+ SEC_V2PKCS12PBEParameterTemplate);
+ }
+ if (dummy == NULL) {
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(poolp, algid, algorithm, &der_param);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
+ if (ret_algid == NULL) {
+ goto loser;
+ }
+
+ rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
+ if (rv != SECSuccess) {
+ SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
+ ret_algid = NULL;
+ } else if (pPbeAlgorithm) {
+ *pPbeAlgorithm = pbeAlgorithm;
+ }
+
+loser:
+ if (poolp != NULL) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ algid = NULL;
+ }
+
+ if (pbe_param) {
+ sec_pkcs5_destroy_pbe_param(pbe_param);
+ }
+
+ return ret_algid;
+}
+
+SECStatus
+pbe_PK11AlgidToParam(SECAlgorithmID *algid, SECItem *mech)
+{
+ SEC_PKCS5PBEParameter p5_param;
+ SECItem *salt = NULL;
+ SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECFailure;
+ unsigned char *paramData = NULL;
+ unsigned char *pSalt = NULL;
+ CK_ULONG iterations;
+ int paramLen = 0;
+ int iv_len;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ /*
+ * decode the algid based on the pbe type
+ */
+ PORT_Memset(&p5_param, 0, sizeof(p5_param));
+ if (sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
+ iv_len = PK11_GetIVLength(PK11_AlgtagToMechanism(algorithm));
+ rv = SEC_ASN1DecodeItem(arena, &p5_param,
+ SEC_V2PKCS12PBEParameterTemplate, &algid->parameters);
+ } else if (algorithm == SEC_OID_PKCS5_PBKDF2) {
+ iv_len = 0;
+ rv = SEC_ASN1DecodeItem(arena, &p5_param,
+ SEC_PKCS5V2PBEParameterTemplate, &algid->parameters);
+ } else {
+ iv_len = PK11_GetIVLength(PK11_AlgtagToMechanism(algorithm));
+ rv = SEC_ASN1DecodeItem(arena, &p5_param, SEC_PKCS5PBEParameterTemplate,
+ &algid->parameters);
+ }
+
+ if (iv_len < 0) {
+ goto loser;
+ }
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* get salt */
+ salt = &p5_param.salt;
+ iterations = (CK_ULONG)DER_GetInteger(&p5_param.iteration);
+
+ /* allocate and fill in the PKCS #11 parameters
+ * based on the algorithm. */
+ if (algorithm == SEC_OID_PKCS5_PBKDF2) {
+ SECOidTag prfAlgTag;
+ CK_PKCS5_PBKD2_PARAMS *pbeV2_params =
+ (CK_PKCS5_PBKD2_PARAMS *)PORT_ZAlloc(
+ sizeof(CK_PKCS5_PBKD2_PARAMS) + salt->len);
+
+ if (pbeV2_params == NULL) {
+ goto loser;
+ }
+ paramData = (unsigned char *)pbeV2_params;
+ paramLen = sizeof(CK_PKCS5_PBKD2_PARAMS);
+
+ /* set the prf */
+ prfAlgTag = SEC_OID_HMAC_SHA1;
+ if (p5_param.pPrfAlgId &&
+ p5_param.pPrfAlgId->algorithm.data != 0) {
+ prfAlgTag = SECOID_GetAlgorithmTag(p5_param.pPrfAlgId);
+ }
+ switch (prfAlgTag) {
+ case SEC_OID_HMAC_SHA1:
+ pbeV2_params->prf = CKP_PKCS5_PBKD2_HMAC_SHA1;
+ break;
+ case SEC_OID_HMAC_SHA224:
+ pbeV2_params->prf = CKP_PKCS5_PBKD2_HMAC_SHA224;
+ break;
+ case SEC_OID_HMAC_SHA256:
+ pbeV2_params->prf = CKP_PKCS5_PBKD2_HMAC_SHA256;
+ break;
+ case SEC_OID_HMAC_SHA384:
+ pbeV2_params->prf = CKP_PKCS5_PBKD2_HMAC_SHA384;
+ break;
+ case SEC_OID_HMAC_SHA512:
+ pbeV2_params->prf = CKP_PKCS5_PBKD2_HMAC_SHA512;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ goto loser;
+ }
+
+ /* probably should fetch these from the prfAlgid */
+ pbeV2_params->pPrfData = NULL;
+ pbeV2_params->ulPrfDataLen = 0;
+ pbeV2_params->saltSource = CKZ_SALT_SPECIFIED;
+ pSalt = ((CK_CHAR_PTR)pbeV2_params) + sizeof(CK_PKCS5_PBKD2_PARAMS);
+ PORT_Memcpy(pSalt, salt->data, salt->len);
+ pbeV2_params->pSaltSourceData = pSalt;
+ pbeV2_params->ulSaltSourceDataLen = salt->len;
+ pbeV2_params->iterations = iterations;
+ } else {
+ CK_PBE_PARAMS *pbe_params = NULL;
+ pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS) +
+ salt->len + iv_len);
+ if (pbe_params == NULL) {
+ goto loser;
+ }
+ paramData = (unsigned char *)pbe_params;
+ paramLen = sizeof(CK_PBE_PARAMS);
+
+ pSalt = ((CK_CHAR_PTR)pbe_params) + sizeof(CK_PBE_PARAMS);
+ pbe_params->pSalt = pSalt;
+ PORT_Memcpy(pSalt, salt->data, salt->len);
+ pbe_params->ulSaltLen = salt->len;
+ if (iv_len) {
+ pbe_params->pInitVector =
+ ((CK_CHAR_PTR)pbe_params) + sizeof(CK_PBE_PARAMS) + salt->len;
+ }
+ pbe_params->ulIteration = iterations;
+ }
+
+ /* copy into the mechanism sec item */
+ mech->data = paramData;
+ mech->len = paramLen;
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ return SECSuccess;
+
+loser:
+ if (paramData) {
+ PORT_Free(paramData);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ return SECFailure;
+}
+
+/*
+ * public, deprecated, not valid for pkcs5 v2
+ *
+ * use PK11_CreatePBEV2AlgorithmID or PK11_CreatePBEAlgorithmID to create
+ * PBE algorithmID's directly.
+ */
+SECStatus
+PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, PLArenaPool *arena,
+ SECAlgorithmID *algId)
+{
+ CK_PBE_PARAMS *pbe_param;
+ SECItem pbeSalt;
+ SECAlgorithmID *pbeAlgID = NULL;
+ SECStatus rv;
+
+ if (!param || !algId) {
+ return SECFailure;
+ }
+
+ pbe_param = (CK_PBE_PARAMS *)param->data;
+ pbeSalt.data = (unsigned char *)pbe_param->pSalt;
+ pbeSalt.len = pbe_param->ulSaltLen;
+ pbeAlgID = sec_pkcs5CreateAlgorithmID(algTag, SEC_OID_UNKNOWN,
+ SEC_OID_UNKNOWN, NULL, 0,
+ &pbeSalt, (int)pbe_param->ulIteration);
+ if (!pbeAlgID) {
+ return SECFailure;
+ }
+
+ rv = SECOID_CopyAlgorithmID(arena, algId, pbeAlgID);
+ SECOID_DestroyAlgorithmID(pbeAlgID, PR_TRUE);
+ return rv;
+}
+
+/*
+ * public, Deprecated, This function is only for binary compatibility with
+ * older applications. Does not support PKCS5v2.
+ *
+ * Applications should use PK11_PBEKeyGen() for keys and PK11_GetPBEIV() for
+ * iv values rather than generating PBE bits directly.
+ */
+PBEBitGenContext *
+PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
+ SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
+ unsigned int iterations)
+{
+ SECItem *context = NULL;
+ SECItem mechItem;
+ CK_PBE_PARAMS pbe_params;
+ CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;
+ PK11SlotInfo *slot;
+ PK11SymKey *symKey = NULL;
+ unsigned char ivData[8];
+
+ /* use the purpose to select the low level keygen algorithm */
+ switch (bitGenPurpose) {
+ case pbeBitGenIntegrityKey:
+ switch (hashAlgorithm) {
+ case SEC_OID_SHA1:
+ mechanism = CKM_PBA_SHA1_WITH_SHA1_HMAC;
+ break;
+ case SEC_OID_MD2:
+ mechanism = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
+ break;
+ case SEC_OID_MD5:
+ mechanism = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
+ break;
+ default:
+ break;
+ }
+ break;
+ case pbeBitGenCipherIV:
+ if (bitsNeeded > 64) {
+ break;
+ }
+ if (hashAlgorithm != SEC_OID_SHA1) {
+ break;
+ }
+ mechanism = CKM_PBE_SHA1_DES3_EDE_CBC;
+ break;
+ case pbeBitGenCipherKey:
+ if (hashAlgorithm != SEC_OID_SHA1) {
+ break;
+ }
+ switch (bitsNeeded) {
+ case 40:
+ mechanism = CKM_PBE_SHA1_RC4_40;
+ break;
+ case 128:
+ mechanism = CKM_PBE_SHA1_RC4_128;
+ break;
+ default:
+ break;
+ }
+ case pbeBitGenIDNull:
+ break;
+ }
+
+ if (mechanism == CKM_INVALID_MECHANISM) {
+ /* we should set an error, but this is a deprecated function, and
+ * we are keeping bug for bug compatibility;)... */
+ return NULL;
+ }
+
+ pbe_params.pInitVector = ivData;
+ pbe_params.pPassword = pwitem->data;
+ pbe_params.ulPasswordLen = pwitem->len;
+ pbe_params.pSalt = salt->data;
+ pbe_params.ulSaltLen = salt->len;
+ pbe_params.ulIteration = iterations;
+ mechItem.data = (unsigned char *)&pbe_params;
+ mechItem.len = sizeof(pbe_params);
+
+ slot = PK11_GetInternalSlot();
+ symKey = PK11_RawPBEKeyGen(slot, mechanism,
+ &mechItem, pwitem, PR_FALSE, NULL);
+ PK11_FreeSlot(slot);
+ if (symKey != NULL) {
+ if (bitGenPurpose == pbeBitGenCipherIV) {
+ /* NOTE: this assumes that bitsNeeded is a multiple of 8! */
+ SECItem ivItem;
+
+ ivItem.data = ivData;
+ ivItem.len = bitsNeeded / 8;
+ context = SECITEM_DupItem(&ivItem);
+ } else {
+ SECItem *keyData;
+ PK11_ExtractKeyValue(symKey);
+ keyData = PK11_GetKeyData(symKey);
+
+ /* assert bitsNeeded with length? */
+ if (keyData) {
+ context = SECITEM_DupItem(keyData);
+ }
+ }
+ PK11_FreeSymKey(symKey);
+ }
+
+ return (PBEBitGenContext *)context;
+}
+
+/*
+ * public, Deprecated, This function is only for binary compatibility with
+ * older applications. Does not support PKCS5v2.
+ *
+ * Applications should use PK11_PBEKeyGen() for keys and PK11_GetIV() for
+ * iv values rather than generating PBE bits directly.
+ */
+SECItem *
+PBE_GenerateBits(PBEBitGenContext *context)
+{
+ return (SECItem *)context;
+}
+
+/*
+ * public, Deprecated, This function is only for binary compatibility with
+ * older applications. Does not support PKCS5v2.
+ *
+ * Applications should use PK11_PBEKeyGen() for keys and PK11_GetPBEIV() for
+ * iv values rather than generating PBE bits directly.
+ */
+void
+PBE_DestroyContext(PBEBitGenContext *context)
+{
+ SECITEM_FreeItem((SECItem *)context, PR_TRUE);
+}
+
+/*
+ * public, deprecated. Replaced with PK11_GetPBEIV().
+ */
+SECItem *
+SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES)
+{
+ /* pbe stuff */
+ CK_MECHANISM_TYPE type;
+ SECItem *param = NULL;
+ SECItem *iv = NULL;
+ SECItem src;
+ int iv_len = 0;
+ PK11SymKey *symKey;
+ PK11SlotInfo *slot;
+ CK_PBE_PARAMS_PTR pPBEparams;
+ SECOidTag pbeAlg;
+
+ pbeAlg = SECOID_GetAlgorithmTag(algid);
+ if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(pbeAlg)) {
+ unsigned char *ivData;
+ sec_pkcs5V2Parameter *pbeV2_param = NULL;
+
+ /* can only return the IV if the crypto Algorithm exists */
+ if (pbeAlg == SEC_OID_PKCS5_PBKDF2) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ goto loser;
+ }
+ pbeV2_param = sec_pkcs5_v2_get_v2_param(NULL, algid);
+ if (pbeV2_param == NULL) {
+ goto loser;
+ }
+ /* extract the IV from the cipher algid portion of our pkcs 5 v2
+ * algorithm id */
+ type = PK11_AlgtagToMechanism(
+ SECOID_GetAlgorithmTag(&pbeV2_param->cipherAlgId));
+ param = PK11_ParamFromAlgid(&pbeV2_param->cipherAlgId);
+ sec_pkcs5_v2_destroy_v2_param(pbeV2_param);
+ if (!param) {
+ goto loser;
+ }
+ /* NOTE: NULL is a permissible return here */
+ ivData = PK11_IVFromParam(type, param, &iv_len);
+ src.data = ivData;
+ src.len = iv_len;
+ goto done;
+ }
+
+ type = PK11_AlgtagToMechanism(pbeAlg);
+ param = PK11_ParamFromAlgid(algid);
+ if (param == NULL) {
+ goto done;
+ }
+ slot = PK11_GetInternalSlot();
+ symKey = PK11_RawPBEKeyGen(slot, type, param, pwitem, faulty3DES, NULL);
+ PK11_FreeSlot(slot);
+ if (symKey == NULL) {
+ goto loser;
+ }
+ PK11_FreeSymKey(symKey);
+ pPBEparams = (CK_PBE_PARAMS_PTR)param->data;
+ iv_len = PK11_GetIVLength(type);
+
+ src.data = (unsigned char *)pPBEparams->pInitVector;
+ src.len = iv_len;
+
+done:
+ iv = SECITEM_DupItem(&src);
+
+loser:
+ if (param) {
+ SECITEM_ZfreeItem(param, PR_TRUE);
+ }
+ return iv;
+}
+
+/*
+ * Subs from nss 3.x that are deprecated
+ */
+PBEBitGenContext *
+__PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
+ SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
+ unsigned int iterations)
+{
+ PORT_Assert("__PBE_CreateContext is Deprecated" == NULL);
+ return NULL;
+}
+
+SECItem *
+__PBE_GenerateBits(PBEBitGenContext *context)
+{
+ PORT_Assert("__PBE_GenerateBits is Deprecated" == NULL);
+ return NULL;
+}
+
+void
+__PBE_DestroyContext(PBEBitGenContext *context)
+{
+ PORT_Assert("__PBE_DestroyContext is Deprecated" == NULL);
+}
+
+SECStatus
+RSA_FormatBlock(SECItem *result, unsigned modulusLen,
+ int blockType, SECItem *data)
+{
+ PORT_Assert("RSA_FormatBlock is Deprecated" == NULL);
+ return SECFailure;
+}
+
+/****************************************************************************
+ *
+ * Now Do The PBE Functions Here...
+ *
+ ****************************************************************************/
+
+static void
+pk11_destroy_ck_pbe_params(CK_PBE_PARAMS *pbe_params)
+{
+ if (pbe_params) {
+ if (pbe_params->pPassword)
+ PORT_ZFree(pbe_params->pPassword, pbe_params->ulPasswordLen);
+ if (pbe_params->pSalt)
+ PORT_ZFree(pbe_params->pSalt, pbe_params->ulSaltLen);
+ PORT_ZFree(pbe_params, sizeof(CK_PBE_PARAMS));
+ }
+}
+
+/*
+ * public, deprecated. use PK11_CreatePBEAlgorithmID or
+ * PK11_CreatePBEV2AlgorithmID instead. If you needthe pkcs #11 parameters,
+ * use PK11_ParamFromAlgid from the algorithm id you created using
+ * PK11_CreatePBEAlgorithmID or PK11_CreatePBEV2AlgorithmID.
+ */
+SECItem *
+PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations)
+{
+ CK_PBE_PARAMS *pbe_params = NULL;
+ SECItem *paramRV = NULL;
+
+ paramRV = SECITEM_AllocItem(NULL, NULL, sizeof(CK_PBE_PARAMS));
+ if (!paramRV) {
+ goto loser;
+ }
+ /* init paramRV->data with zeros. SECITEM_AllocItem does not do it */
+ PORT_Memset(paramRV->data, 0, sizeof(CK_PBE_PARAMS));
+
+ pbe_params = (CK_PBE_PARAMS *)paramRV->data;
+ pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwd->len);
+ if (!pbe_params->pPassword) {
+ goto loser;
+ }
+ PORT_Memcpy(pbe_params->pPassword, pwd->data, pwd->len);
+ pbe_params->ulPasswordLen = pwd->len;
+
+ pbe_params->pSalt = (CK_CHAR_PTR)PORT_ZAlloc(salt->len);
+ if (!pbe_params->pSalt) {
+ goto loser;
+ }
+ PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
+ pbe_params->ulSaltLen = salt->len;
+
+ pbe_params->ulIteration = (CK_ULONG)iterations;
+ return paramRV;
+
+loser:
+ if (pbe_params)
+ pk11_destroy_ck_pbe_params(pbe_params);
+ if (paramRV)
+ PORT_ZFree(paramRV, sizeof(SECItem));
+ return NULL;
+}
+
+/*
+ * public, deprecated.
+ */
+void
+PK11_DestroyPBEParams(SECItem *pItem)
+{
+ if (pItem) {
+ CK_PBE_PARAMS *params = (CK_PBE_PARAMS *)(pItem->data);
+ if (params)
+ pk11_destroy_ck_pbe_params(params);
+ PORT_ZFree(pItem, sizeof(SECItem));
+ }
+}
+
+/*
+ * public, Partially supports PKCS5 V2 (some parameters are not controllable
+ * through this interface). Use PK11_CreatePBEV2AlgorithmID() if you need
+ * finer control these.
+ */
+SECAlgorithmID *
+PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt)
+{
+ SECAlgorithmID *algid = NULL;
+ algid = sec_pkcs5CreateAlgorithmID(algorithm,
+ SEC_OID_UNKNOWN, SEC_OID_UNKNOWN, NULL,
+ 0, salt, iteration);
+ return algid;
+}
+
+/*
+ * public, fully support pkcs5v2.
+ */
+SECAlgorithmID *
+PK11_CreatePBEV2AlgorithmID(SECOidTag pbeAlgTag, SECOidTag cipherAlgTag,
+ SECOidTag prfAlgTag, int keyLength, int iteration,
+ SECItem *salt)
+{
+ SECAlgorithmID *algid = NULL;
+ algid = sec_pkcs5CreateAlgorithmID(pbeAlgTag, cipherAlgTag, prfAlgTag,
+ NULL, keyLength, salt, iteration);
+ return algid;
+}
+
+/*
+ * private.
+ */
+PK11SymKey *
+pk11_RawPBEKeyGenWithKeyType(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ SECItem *params, CK_KEY_TYPE keyType, int keyLen,
+ SECItem *pwitem, void *wincx)
+{
+ CK_ULONG pwLen;
+ /* do some sanity checks */
+ if ((params == NULL) || (params->data == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (type == CKM_INVALID_MECHANISM) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return NULL;
+ }
+
+ /* set the password pointer in the parameters... */
+ if (type == CKM_PKCS5_PBKD2) {
+ CK_PKCS5_PBKD2_PARAMS *pbev2_params;
+ if (params->len < sizeof(CK_PKCS5_PBKD2_PARAMS)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ pbev2_params = (CK_PKCS5_PBKD2_PARAMS *)params->data;
+ pbev2_params->pPassword = pwitem->data;
+ pwLen = pwitem->len;
+ pbev2_params->ulPasswordLen = &pwLen;
+ } else {
+ CK_PBE_PARAMS *pbe_params;
+ if (params->len < sizeof(CK_PBE_PARAMS)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ pbe_params = (CK_PBE_PARAMS *)params->data;
+ pbe_params->pPassword = pwitem->data;
+ pbe_params->ulPasswordLen = pwitem->len;
+ }
+
+ /* generate the key (and sometimes the IV as a side effect...) */
+ return pk11_TokenKeyGenWithFlagsAndKeyType(slot, type, params, keyType,
+ keyLen, NULL,
+ CKF_SIGN | CKF_ENCRYPT | CKF_DECRYPT | CKF_UNWRAP | CKF_WRAP,
+ 0, wincx);
+}
+
+/*
+ * public, deprecated. use PK11_PBEKeyGen instead.
+ */
+PK11SymKey *
+PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *mech,
+ SECItem *pwitem, PRBool faulty3DES, void *wincx)
+{
+ if (faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
+ type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
+ }
+ return pk11_RawPBEKeyGenWithKeyType(slot, type, mech, -1, 0, pwitem, wincx);
+}
+
+/*
+ * pubic, supports pkcs5 v2.
+ *
+ * Create symkey from a PBE key. The algid can be created with
+ * PK11_CreatePBEV2AlgorithmID and PK11_CreatePBEAlgorithmID, or by
+ * extraction of der data.
+ */
+PK11SymKey *
+PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
+ PRBool faulty3DES, void *wincx)
+{
+ CK_MECHANISM_TYPE type;
+ SECItem *param = NULL;
+ PK11SymKey *symKey = NULL;
+ SECOidTag pbeAlg;
+ CK_KEY_TYPE keyType = -1;
+ int keyLen = 0;
+
+ pbeAlg = SECOID_GetAlgorithmTag(algid);
+ /* if we're using PKCS5v2, extract the additional information we need
+ * (key length, key type, and pbeAlg). */
+ if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(pbeAlg)) {
+ CK_MECHANISM_TYPE cipherMech;
+ sec_pkcs5V2Parameter *pbeV2_param;
+
+ pbeV2_param = sec_pkcs5_v2_get_v2_param(NULL, algid);
+ if (pbeV2_param == NULL) {
+ return NULL;
+ }
+ cipherMech = PK11_AlgtagToMechanism(
+ SECOID_GetAlgorithmTag(&pbeV2_param->cipherAlgId));
+ pbeAlg = SECOID_GetAlgorithmTag(&pbeV2_param->pbeAlgId);
+ param = PK11_ParamFromAlgid(&pbeV2_param->pbeAlgId);
+ sec_pkcs5_v2_destroy_v2_param(pbeV2_param);
+ keyLen = SEC_PKCS5GetKeyLength(algid);
+ if (keyLen == -1) {
+ keyLen = 0;
+ }
+ keyType = PK11_GetKeyType(cipherMech, keyLen);
+ } else {
+ param = PK11_ParamFromAlgid(algid);
+ }
+
+ if (param == NULL) {
+ goto loser;
+ }
+
+ type = PK11_AlgtagToMechanism(pbeAlg);
+ if (type == CKM_INVALID_MECHANISM) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ goto loser;
+ }
+ if (faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
+ type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
+ }
+ symKey = pk11_RawPBEKeyGenWithKeyType(slot, type, param, keyType, keyLen,
+ pwitem, wincx);
+
+loser:
+ if (param) {
+ SECITEM_ZfreeItem(param, PR_TRUE);
+ }
+ return symKey;
+}
+
+/*
+ * public, supports pkcs5v2
+ */
+SECItem *
+PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem)
+{
+ return SEC_PKCS5GetIV(algid, pwitem, PR_FALSE);
+}
+
+CK_MECHANISM_TYPE
+pk11_GetPBECryptoMechanism(SECAlgorithmID *algid, SECItem **param,
+ SECItem *pbe_pwd, PRBool faulty3DES)
+{
+ int keyLen = 0;
+ SECOidTag algTag = SEC_PKCS5GetCryptoAlgorithm(algid);
+ CK_MECHANISM_TYPE mech = PK11_AlgtagToMechanism(algTag);
+ CK_MECHANISM_TYPE returnedMechanism = CKM_INVALID_MECHANISM;
+ SECItem *iv = NULL;
+
+ if (mech == CKM_INVALID_MECHANISM) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ goto loser;
+ }
+ if (PK11_GetIVLength(mech)) {
+ iv = SEC_PKCS5GetIV(algid, pbe_pwd, faulty3DES);
+ if (iv == NULL) {
+ goto loser;
+ }
+ }
+
+ keyLen = SEC_PKCS5GetKeyLength(algid);
+
+ *param = pk11_ParamFromIVWithLen(mech, iv, keyLen);
+ if (*param == NULL) {
+ goto loser;
+ }
+ returnedMechanism = mech;
+
+loser:
+ if (iv) {
+ SECITEM_FreeItem(iv, PR_TRUE);
+ }
+ return returnedMechanism;
+}
+
+/*
+ * Public, supports pkcs5 v2
+ *
+ * Get the crypto mechanism directly from the pbe algorithmid.
+ *
+ * It's important to go directly from the algorithm id so that we can
+ * handle both the PKCS #5 v1, PKCS #12, and PKCS #5 v2 cases.
+ *
+ * This function returns both the mechanism and the parameter for the mechanism.
+ * The caller is responsible for freeing the parameter.
+ */
+CK_MECHANISM_TYPE
+PK11_GetPBECryptoMechanism(SECAlgorithmID *algid, SECItem **param,
+ SECItem *pbe_pwd)
+{
+ return pk11_GetPBECryptoMechanism(algid, param, pbe_pwd, PR_FALSE);
+}
diff --git a/security/nss/lib/pk11wrap/pk11pk12.c b/security/nss/lib/pk11wrap/pk11pk12.c
new file mode 100644
index 000000000..1683cc564
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11pk12.c
@@ -0,0 +1,669 @@
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file PKCS #12 fuctions that should really be moved to the
+ * PKCS #12 directory, however we can't do that in a point release
+ * because that will break binary compatibility, so we keep them here for now.
+ */
+
+#include "seccomon.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "key.h"
+#include "secoid.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "prerror.h"
+
+/* These data structures should move to a common .h file shared between the
+ * wrappers and the pkcs 12 code. */
+
+/*
+** RSA Raw Private Key structures
+*/
+
+/* member names from PKCS#1, section 7.2 */
+struct SECKEYRSAPrivateKeyStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECItem modulus;
+ SECItem publicExponent;
+ SECItem privateExponent;
+ SECItem prime1;
+ SECItem prime2;
+ SECItem exponent1;
+ SECItem exponent2;
+ SECItem coefficient;
+};
+typedef struct SECKEYRSAPrivateKeyStr SECKEYRSAPrivateKey;
+
+/*
+** DSA Raw Private Key structures
+*/
+
+struct SECKEYDSAPrivateKeyStr {
+ SECKEYPQGParams params;
+ SECItem privateValue;
+};
+typedef struct SECKEYDSAPrivateKeyStr SECKEYDSAPrivateKey;
+
+/*
+** Diffie-Hellman Raw Private Key structures
+** Structure member names suggested by PKCS#3.
+*/
+struct SECKEYDHPrivateKeyStr {
+ PLArenaPool *arena;
+ SECItem prime;
+ SECItem base;
+ SECItem privateValue;
+};
+typedef struct SECKEYDHPrivateKeyStr SECKEYDHPrivateKey;
+
+/*
+** raw private key object
+*/
+struct SECKEYRawPrivateKeyStr {
+ PLArenaPool *arena;
+ KeyType keyType;
+ union {
+ SECKEYRSAPrivateKey rsa;
+ SECKEYDSAPrivateKey dsa;
+ SECKEYDHPrivateKey dh;
+ } u;
+};
+typedef struct SECKEYRawPrivateKeyStr SECKEYRawPrivateKey;
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+/* ASN1 Templates for new decoder/encoder */
+/*
+ * Attribute value for PKCS8 entries (static?)
+ */
+const SEC_ASN1Template SECKEY_AttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SECKEYAttribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SECKEYAttribute, attrType) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(SECKEYAttribute, attrValue),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_SetOfAttributeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SECKEY_AttributeTemplate },
+};
+
+const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPrivateKeyInfo) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYPrivateKeyInfo, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SECKEYPrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPrivateKeyInfo, privateKey) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SECKEYPrivateKeyInfo, attributes),
+ SECKEY_SetOfAttributeTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SECKEY_PrivateKeyInfoTemplate }
+};
+
+const SEC_ASN1Template SECKEY_RSAPrivateKeyExportTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRawPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.version) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.modulus) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.publicExponent) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.privateExponent) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.prime1) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.prime2) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.exponent1) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.exponent2) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.rsa.coefficient) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.dsa.privateValue) },
+};
+
+const SEC_ASN1Template SECKEY_DHPrivateKeyExportTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.dh.privateValue) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.dh.base) },
+ { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey, u.dh.prime) },
+};
+
+const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SECKEYEncryptedPrivateKeyInfo) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SECKEYEncryptedPrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SECKEYEncryptedPrivateKeyInfo, encryptedData) },
+ { 0 }
+};
+
+const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SECKEY_EncryptedPrivateKeyInfoTemplate }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_EncryptedPrivateKeyInfoTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PrivateKeyInfoTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToPrivateKeyInfoTemplate)
+
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+
+static void
+prepare_rsa_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
+{
+ key->u.rsa.modulus.type = siUnsignedInteger;
+ key->u.rsa.publicExponent.type = siUnsignedInteger;
+ key->u.rsa.privateExponent.type = siUnsignedInteger;
+ key->u.rsa.prime1.type = siUnsignedInteger;
+ key->u.rsa.prime2.type = siUnsignedInteger;
+ key->u.rsa.exponent1.type = siUnsignedInteger;
+ key->u.rsa.exponent2.type = siUnsignedInteger;
+ key->u.rsa.coefficient.type = siUnsignedInteger;
+}
+
+static void
+prepare_dsa_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
+{
+ key->u.dsa.privateValue.type = siUnsignedInteger;
+ key->u.dsa.params.prime.type = siUnsignedInteger;
+ key->u.dsa.params.subPrime.type = siUnsignedInteger;
+ key->u.dsa.params.base.type = siUnsignedInteger;
+}
+
+static void
+prepare_dh_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
+{
+ key->u.dh.privateValue.type = siUnsignedInteger;
+ key->u.dh.prime.type = siUnsignedInteger;
+ key->u.dh.base.type = siUnsignedInteger;
+}
+
+SECStatus
+PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot, SECItem *derPKI,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, unsigned int keyUsage, void *wincx)
+{
+ return PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, derPKI,
+ nickname, publicValue,
+ isPerm, isPrivate, keyUsage,
+ NULL, wincx);
+}
+
+SECStatus
+PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI,
+ SECItem *nickname, SECItem *publicValue,
+ PRBool isPerm, PRBool isPrivate, unsigned int keyUsage,
+ SECKEYPrivateKey **privk, void *wincx)
+{
+ SECKEYPrivateKeyInfo *pki = NULL;
+ PLArenaPool *temparena = NULL;
+ SECStatus rv = SECFailure;
+
+ temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!temparena)
+ return rv;
+ pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo);
+ if (!pki) {
+ PORT_FreeArena(temparena, PR_FALSE);
+ return rv;
+ }
+ pki->arena = temparena;
+
+ rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
+ derPKI);
+ if (rv != SECSuccess) {
+ /* If SEC_ASN1DecodeItem fails, we cannot assume anything about the
+ * validity of the data in pki. The best we can do is free the arena
+ * and return. */
+ PORT_FreeArena(temparena, PR_TRUE);
+ return rv;
+ }
+ if (pki->privateKey.data == NULL) {
+ /* If SEC_ASN1DecodeItems succeeds but SECKEYPrivateKeyInfo.privateKey
+ * is a zero-length octet string, free the arena and return a failure
+ * to avoid trying to zero the corresponding SECItem in
+ * SECKEY_DestroyPrivateKeyInfo(). */
+ PORT_FreeArena(temparena, PR_TRUE);
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ rv = PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
+ publicValue, isPerm, isPrivate,
+ keyUsage, privk, wincx);
+
+ /* this zeroes the key and frees the arena */
+ SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
+ return rv;
+}
+
+SECStatus
+PK11_ImportAndReturnPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey **privk,
+ void *wincx)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
+ CK_KEY_TYPE keyType = CKK_RSA;
+ CK_OBJECT_HANDLE objectID;
+ CK_ATTRIBUTE theTemplate[20];
+ int templateCount = 0;
+ SECStatus rv = SECFailure;
+ CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *signedattr = NULL;
+ int signedcount = 0;
+ CK_ATTRIBUTE *ap;
+ SECItem *ck_id = NULL;
+
+ attrs = theTemplate;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, isPerm ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SENSITIVE, isPrivate ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PRIVATE, isPrivate ? &cktrue : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+
+ switch (lpk->keyType) {
+ case rsaKey:
+ keyType = CKK_RSA;
+ PK11_SETATTRS(attrs, CKA_UNWRAP, (keyUsage & KU_KEY_ENCIPHERMENT) ? &cktrue
+ : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_DECRYPT, (keyUsage & KU_DATA_ENCIPHERMENT) ? &cktrue
+ : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SIGN, (keyUsage & KU_DIGITAL_SIGNATURE) ? &cktrue
+ : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SIGN_RECOVER,
+ (keyUsage & KU_DIGITAL_SIGNATURE) ? &cktrue
+ : &ckfalse,
+ sizeof(CK_BBOOL));
+ attrs++;
+ ck_id = PK11_MakeIDFromPubKey(&lpk->u.rsa.modulus);
+ if (ck_id == NULL) {
+ goto loser;
+ }
+ PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len);
+ attrs++;
+ if (nickname) {
+ PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
+ attrs++;
+ }
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_MODULUS, lpk->u.rsa.modulus.data,
+ lpk->u.rsa.modulus.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
+ lpk->u.rsa.publicExponent.data,
+ lpk->u.rsa.publicExponent.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PRIVATE_EXPONENT,
+ lpk->u.rsa.privateExponent.data,
+ lpk->u.rsa.privateExponent.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PRIME_1,
+ lpk->u.rsa.prime1.data,
+ lpk->u.rsa.prime1.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PRIME_2,
+ lpk->u.rsa.prime2.data,
+ lpk->u.rsa.prime2.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_EXPONENT_1,
+ lpk->u.rsa.exponent1.data,
+ lpk->u.rsa.exponent1.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_EXPONENT_2,
+ lpk->u.rsa.exponent2.data,
+ lpk->u.rsa.exponent2.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_COEFFICIENT,
+ lpk->u.rsa.coefficient.data,
+ lpk->u.rsa.coefficient.len);
+ attrs++;
+ break;
+ case dsaKey:
+ keyType = CKK_DSA;
+ /* To make our intenal PKCS #11 module work correctly with
+ * our database, we need to pass in the public key value for
+ * this dsa key. We have a netscape only CKA_ value to do this.
+ * Only send it to internal slots */
+ if (publicValue == NULL) {
+ goto loser;
+ }
+ if (PK11_IsInternal(slot)) {
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
+ publicValue->data, publicValue->len);
+ attrs++;
+ }
+ PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SIGN_RECOVER, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ if (nickname) {
+ PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
+ attrs++;
+ }
+ ck_id = PK11_MakeIDFromPubKey(publicValue);
+ if (ck_id == NULL) {
+ goto loser;
+ }
+ PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len);
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, lpk->u.dsa.params.prime.data,
+ lpk->u.dsa.params.prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SUBPRIME, lpk->u.dsa.params.subPrime.data,
+ lpk->u.dsa.params.subPrime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, lpk->u.dsa.params.base.data,
+ lpk->u.dsa.params.base.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE, lpk->u.dsa.privateValue.data,
+ lpk->u.dsa.privateValue.len);
+ attrs++;
+ break;
+ case dhKey:
+ keyType = CKK_DH;
+ /* To make our intenal PKCS #11 module work correctly with
+ * our database, we need to pass in the public key value for
+ * this dh key. We have a netscape only CKA_ value to do this.
+ * Only send it to internal slots */
+ if (PK11_IsInternal(slot)) {
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
+ publicValue->data, publicValue->len);
+ attrs++;
+ }
+ PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ if (nickname) {
+ PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
+ attrs++;
+ }
+ ck_id = PK11_MakeIDFromPubKey(publicValue);
+ if (ck_id == NULL) {
+ goto loser;
+ }
+ PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len);
+ attrs++;
+ signedattr = attrs;
+ PK11_SETATTRS(attrs, CKA_PRIME, lpk->u.dh.prime.data,
+ lpk->u.dh.prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_BASE, lpk->u.dh.base.data,
+ lpk->u.dh.base.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE, lpk->u.dh.privateValue.data,
+ lpk->u.dh.privateValue.len);
+ attrs++;
+ break;
+ /* what about fortezza??? */
+ default:
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ goto loser;
+ }
+ templateCount = attrs - theTemplate;
+ PORT_Assert(templateCount <= sizeof(theTemplate) / sizeof(CK_ATTRIBUTE));
+ PORT_Assert(signedattr != NULL);
+ signedcount = attrs - signedattr;
+
+ for (ap = signedattr; signedcount; ap++, signedcount--) {
+ pk11_SignedToUnsigned(ap);
+ }
+
+ rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION,
+ theTemplate, templateCount, isPerm, &objectID);
+
+ /* create and return a SECKEYPrivateKey */
+ if (rv == SECSuccess && privk != NULL) {
+ *privk = PK11_MakePrivKey(slot, lpk->keyType, !isPerm, objectID, wincx);
+ if (*privk == NULL) {
+ rv = SECFailure;
+ }
+ }
+loser:
+ if (ck_id) {
+ SECITEM_ZfreeItem(ck_id, PR_TRUE);
+ }
+ return rv;
+}
+
+SECStatus
+PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
+ SECKEYPrivateKeyInfo *pki, SECItem *nickname, SECItem *publicValue,
+ PRBool isPerm, PRBool isPrivate, unsigned int keyUsage,
+ SECKEYPrivateKey **privk, void *wincx)
+{
+ SECStatus rv = SECFailure;
+ SECKEYRawPrivateKey *lpk = NULL;
+ const SEC_ASN1Template *keyTemplate, *paramTemplate;
+ void *paramDest = NULL;
+ PLArenaPool *arena = NULL;
+
+ arena = PORT_NewArena(2048);
+ if (!arena) {
+ return SECFailure;
+ }
+
+ /* need to change this to use RSA/DSA keys */
+ lpk = (SECKEYRawPrivateKey *)PORT_ArenaZAlloc(arena,
+ sizeof(SECKEYRawPrivateKey));
+ if (lpk == NULL) {
+ goto loser;
+ }
+ lpk->arena = arena;
+
+ switch (SECOID_GetAlgorithmTag(&pki->algorithm)) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ prepare_rsa_priv_key_export_for_asn1(lpk);
+ keyTemplate = SECKEY_RSAPrivateKeyExportTemplate;
+ paramTemplate = NULL;
+ paramDest = NULL;
+ lpk->keyType = rsaKey;
+ break;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ prepare_dsa_priv_key_export_for_asn1(lpk);
+ keyTemplate = SECKEY_DSAPrivateKeyExportTemplate;
+ paramTemplate = SECKEY_PQGParamsTemplate;
+ paramDest = &(lpk->u.dsa.params);
+ lpk->keyType = dsaKey;
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ if (!publicValue) {
+ goto loser;
+ }
+ prepare_dh_priv_key_export_for_asn1(lpk);
+ keyTemplate = SECKEY_DHPrivateKeyExportTemplate;
+ paramTemplate = NULL;
+ paramDest = NULL;
+ lpk->keyType = dhKey;
+ break;
+
+ default:
+ keyTemplate = NULL;
+ paramTemplate = NULL;
+ paramDest = NULL;
+ break;
+ }
+
+ if (!keyTemplate) {
+ goto loser;
+ }
+
+ /* decode the private key and any algorithm parameters */
+ rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (paramDest && paramTemplate) {
+ rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate,
+ &(pki->algorithm.parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ rv = PK11_ImportAndReturnPrivateKey(slot, lpk, nickname, publicValue, isPerm,
+ isPrivate, keyUsage, privk, wincx);
+
+loser:
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+
+ return rv;
+}
+
+SECStatus
+PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot, SECKEYPrivateKeyInfo *pki,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, unsigned int keyUsage, void *wincx)
+{
+ return PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
+ publicValue, isPerm, isPrivate, keyUsage, NULL, wincx);
+}
+
+SECItem *
+PK11_ExportDERPrivateKeyInfo(SECKEYPrivateKey *pk, void *wincx)
+{
+ SECKEYPrivateKeyInfo *pki = PK11_ExportPrivKeyInfo(pk, wincx);
+ SECItem *derPKI;
+
+ if (!pki) {
+ return NULL;
+ }
+ derPKI = SEC_ASN1EncodeItem(NULL, NULL, pki,
+ SECKEY_PrivateKeyInfoTemplate);
+ SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
+ return derPKI;
+}
+
+static PRBool
+ReadAttribute(SECKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type,
+ PLArenaPool *arena, SECItem *output)
+{
+ SECStatus rv = PK11_ReadAttribute(key->pkcs11Slot, key->pkcs11ID, type,
+ arena, output);
+ return rv == SECSuccess;
+}
+
+/*
+ * The caller is responsible for freeing the return value by passing it to
+ * SECKEY_DestroyPrivateKeyInfo(..., PR_TRUE).
+ */
+SECKEYPrivateKeyInfo *
+PK11_ExportPrivKeyInfo(SECKEYPrivateKey *pk, void *wincx)
+{
+ /* PrivateKeyInfo version (always zero) */
+ const unsigned char pkiVersion = 0;
+ /* RSAPrivateKey version (always zero) */
+ const unsigned char rsaVersion = 0;
+ PLArenaPool *arena = NULL;
+ SECKEYRawPrivateKey rawKey;
+ SECKEYPrivateKeyInfo *pki;
+ SECItem *encoded;
+ SECStatus rv;
+
+ if (pk->keyType != rsaKey) {
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ goto loser;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ goto loser;
+ }
+ memset(&rawKey, 0, sizeof(rawKey));
+ rawKey.keyType = pk->keyType;
+ rawKey.u.rsa.version.type = siUnsignedInteger;
+ rawKey.u.rsa.version.data = (unsigned char *)PORT_ArenaAlloc(arena, 1);
+ if (!rawKey.u.rsa.version.data) {
+ goto loser;
+ }
+ rawKey.u.rsa.version.data[0] = rsaVersion;
+ rawKey.u.rsa.version.len = 1;
+
+ /* Read the component attributes of the private key */
+ prepare_rsa_priv_key_export_for_asn1(&rawKey);
+ if (!ReadAttribute(pk, CKA_MODULUS, arena, &rawKey.u.rsa.modulus) ||
+ !ReadAttribute(pk, CKA_PUBLIC_EXPONENT, arena,
+ &rawKey.u.rsa.publicExponent) ||
+ !ReadAttribute(pk, CKA_PRIVATE_EXPONENT, arena,
+ &rawKey.u.rsa.privateExponent) ||
+ !ReadAttribute(pk, CKA_PRIME_1, arena, &rawKey.u.rsa.prime1) ||
+ !ReadAttribute(pk, CKA_PRIME_2, arena, &rawKey.u.rsa.prime2) ||
+ !ReadAttribute(pk, CKA_EXPONENT_1, arena,
+ &rawKey.u.rsa.exponent1) ||
+ !ReadAttribute(pk, CKA_EXPONENT_2, arena,
+ &rawKey.u.rsa.exponent2) ||
+ !ReadAttribute(pk, CKA_COEFFICIENT, arena,
+ &rawKey.u.rsa.coefficient)) {
+ goto loser;
+ }
+
+ pki = PORT_ArenaZNew(arena, SECKEYPrivateKeyInfo);
+ if (!pki) {
+ goto loser;
+ }
+ encoded = SEC_ASN1EncodeItem(arena, &pki->privateKey, &rawKey,
+ SECKEY_RSAPrivateKeyExportTemplate);
+ if (!encoded) {
+ goto loser;
+ }
+ rv = SECOID_SetAlgorithmID(arena, &pki->algorithm,
+ SEC_OID_PKCS1_RSA_ENCRYPTION, NULL);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ pki->version.type = siUnsignedInteger;
+ pki->version.data = (unsigned char *)PORT_ArenaAlloc(arena, 1);
+ if (!pki->version.data) {
+ goto loser;
+ }
+ pki->version.data[0] = pkiVersion;
+ pki->version.len = 1;
+ pki->arena = arena;
+
+ return pki;
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ return NULL;
+}
diff --git a/security/nss/lib/pk11wrap/pk11pqg.c b/security/nss/lib/pk11wrap/pk11pqg.c
new file mode 100644
index 000000000..d7c5f3613
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11pqg.c
@@ -0,0 +1,522 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* Thse functions are stub functions which will get replaced with calls through
+ * PKCS #11.
+ */
+
+#include "pk11func.h"
+#include "secmod.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11t.h"
+#include "pk11pqg.h"
+#include "secerr.h"
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of P specified by L.
+ * if L is greater than 1024 then the resulting verify parameters will be
+ * DSA2.
+ * Length of Q specified by N. If zero, The PKCS #11 module will
+ * pick an appropriately sized Q for P. If N is specified and L = 1024, then
+ * the resulting verify parameters will be DSA2, Otherwise DSA1 parameters
+ * will be returned.
+ * Length of SEED in bytes specified in seedBytes.
+ *
+ * The underlying PKCS #11 module will check the values for L, N,
+ * and seedBytes. The rules for softoken are:
+ *
+ * If L <= 1024, then L must be between 512 and 1024 in increments of 64 bits.
+ * If L <= 1024, then N must be 0 or 160.
+ * If L >= 1024, then L and N must match the following table:
+ * L=1024 N=0 or 160
+ * L=2048 N=0 or 224
+ * L=2048 N=256
+ * L=3072 N=0 or 256
+ * if L <= 1024
+ * seedBbytes must be in the range [20..256].
+ * if L >= 1024
+ * seedBbytes must be in the range [20..L/16].
+ */
+extern SECStatus
+PK11_PQG_ParamGenV2(unsigned int L, unsigned int N,
+ unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy)
+{
+ PK11SlotInfo *slot = NULL;
+ CK_ATTRIBUTE genTemplate[5];
+ CK_ATTRIBUTE *attrs = genTemplate;
+ int count = sizeof(genTemplate) / sizeof(genTemplate[0]);
+ CK_MECHANISM mechanism;
+ CK_OBJECT_HANDLE objectID = CK_INVALID_HANDLE;
+ CK_RV crv;
+ CK_ATTRIBUTE pTemplate[] = {
+ { CKA_PRIME, NULL, 0 },
+ { CKA_SUBPRIME, NULL, 0 },
+ { CKA_BASE, NULL, 0 },
+ };
+ CK_ATTRIBUTE vTemplate[] = {
+ { CKA_NETSCAPE_PQG_COUNTER, NULL, 0 },
+ { CKA_NETSCAPE_PQG_SEED, NULL, 0 },
+ { CKA_NETSCAPE_PQG_H, NULL, 0 },
+ };
+ CK_ULONG primeBits = L;
+ CK_ULONG subPrimeBits = N;
+ int pTemplateCount = sizeof(pTemplate) / sizeof(pTemplate[0]);
+ int vTemplateCount = sizeof(vTemplate) / sizeof(vTemplate[0]);
+ PLArenaPool *parena = NULL;
+ PLArenaPool *varena = NULL;
+ PQGParams *params = NULL;
+ PQGVerify *verify = NULL;
+ CK_ULONG seedBits = seedBytes * 8;
+
+ *pParams = NULL;
+ *pVfy = NULL;
+
+ if (primeBits == (CK_ULONG)-1) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ PK11_SETATTRS(attrs, CKA_PRIME_BITS, &primeBits, sizeof(primeBits));
+ attrs++;
+ if (subPrimeBits != 0) {
+ PK11_SETATTRS(attrs, CKA_SUB_PRIME_BITS,
+ &subPrimeBits, sizeof(subPrimeBits));
+ attrs++;
+ }
+ if (seedBits != 0) {
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_SEED_BITS,
+ &seedBits, sizeof(seedBits));
+ attrs++;
+ }
+ count = attrs - genTemplate;
+ PR_ASSERT(count <= sizeof(genTemplate) / sizeof(CK_ATTRIBUTE));
+
+ slot = PK11_GetInternalSlot();
+ if (slot == NULL) {
+ /* set error */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); /* shouldn't happen */
+ goto loser;
+ }
+
+ /* make sure the internal slot can handle DSA2 type parameters. */
+ if (primeBits > 1024) {
+ CK_MECHANISM_INFO mechanism_info;
+
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
+ CKM_DSA_PARAMETER_GEN,
+ &mechanism_info);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ /* a bug in the old softoken left CKM_DSA_PARAMETER_GEN off of the
+ * mechanism List. If we get a failure asking for this value, we know
+ * it can't handle DSA2 */
+ if ((crv != CKR_OK) || (mechanism_info.ulMaxKeySize < primeBits)) {
+ PK11_FreeSlot(slot);
+ slot = PK11_GetBestSlotWithAttributes(CKM_DSA_PARAMETER_GEN, 0,
+ primeBits, NULL);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN); /* can happen */
+ goto loser;
+ }
+ /* ditch seedBits in this case, they are NSS specific and at
+ * this point we have a token that claims to handle DSA2 */
+ if (seedBits) {
+ attrs--;
+ }
+ }
+ }
+
+ /* Initialize the Key Gen Mechanism */
+ mechanism.mechanism = CKM_DSA_PARAMETER_GEN;
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GenerateKey(slot->session,
+ &mechanism, genTemplate, count, &objectID);
+ PK11_ExitSlotMonitor(slot);
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ parena = PORT_NewArena(60);
+ if (!parena) {
+ goto loser;
+ }
+
+ crv = PK11_GetAttributes(parena, slot, objectID, pTemplate, pTemplateCount);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ params = (PQGParams *)PORT_ArenaAlloc(parena, sizeof(PQGParams));
+ if (params == NULL) {
+ goto loser;
+ }
+
+ /* fill in Params */
+ params->arena = parena;
+ params->prime.type = siUnsignedInteger;
+ params->prime.data = pTemplate[0].pValue;
+ params->prime.len = pTemplate[0].ulValueLen;
+ params->subPrime.type = siUnsignedInteger;
+ params->subPrime.data = pTemplate[1].pValue;
+ params->subPrime.len = pTemplate[1].ulValueLen;
+ params->base.type = siUnsignedInteger;
+ params->base.data = pTemplate[2].pValue;
+ params->base.len = pTemplate[2].ulValueLen;
+
+ varena = PORT_NewArena(60);
+ if (!varena) {
+ goto loser;
+ }
+
+ crv = PK11_GetAttributes(varena, slot, objectID, vTemplate, vTemplateCount);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+
+ verify = (PQGVerify *)PORT_ArenaAlloc(varena, sizeof(PQGVerify));
+ if (verify == NULL) {
+ goto loser;
+ }
+ /* fill in Params */
+ verify->arena = varena;
+ verify->counter = (unsigned int)(*(CK_ULONG *)vTemplate[0].pValue);
+ verify->seed.type = siUnsignedInteger;
+ verify->seed.data = vTemplate[1].pValue;
+ verify->seed.len = vTemplate[1].ulValueLen;
+ verify->h.type = siUnsignedInteger;
+ verify->h.data = vTemplate[2].pValue;
+ verify->h.len = vTemplate[2].ulValueLen;
+
+ PK11_DestroyObject(slot, objectID);
+ PK11_FreeSlot(slot);
+
+ *pParams = params;
+ *pVfy = verify;
+
+ return SECSuccess;
+
+loser:
+ if (objectID != CK_INVALID_HANDLE) {
+ PK11_DestroyObject(slot, objectID);
+ }
+ if (parena != NULL) {
+ PORT_FreeArena(parena, PR_FALSE);
+ }
+ if (varena != NULL) {
+ PORT_FreeArena(varena, PR_FALSE);
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ return SECFailure;
+}
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of P specified by j. Length of h will match length of P.
+ * Length of SEED in bytes specified in seedBytes.
+ * seedBbytes must be in the range [20..255] or an error will result.
+ */
+extern SECStatus
+PK11_PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy)
+{
+ unsigned int primeBits = PQG_INDEX_TO_PBITS(j);
+ return PK11_PQG_ParamGenV2(primeBits, 0, seedBytes, pParams, pVfy);
+}
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of seed and length of h both equal length of P.
+ * All lengths are specified by "j", according to the table above.
+ */
+extern SECStatus
+PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
+{
+ unsigned int primeBits = PQG_INDEX_TO_PBITS(j);
+ return PK11_PQG_ParamGenV2(primeBits, 0, 0, pParams, pVfy);
+}
+
+/* Test PQGParams for validity as DSS PQG values.
+ * If vfy is non-NULL, test PQGParams to make sure they were generated
+ * using the specified seed, counter, and h values.
+ *
+ * Return value indicates whether Verification operation ran successfully
+ * to completion, but does not indicate if PQGParams are valid or not.
+ * If return value is SECSuccess, then *pResult has these meanings:
+ * SECSuccess: PQGParams are valid.
+ * SECFailure: PQGParams are invalid.
+ */
+
+extern SECStatus
+PK11_PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy,
+ SECStatus *result)
+{
+ CK_ATTRIBUTE keyTempl[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_KEY_TYPE, NULL, 0 },
+ { CKA_PRIME, NULL, 0 },
+ { CKA_SUBPRIME, NULL, 0 },
+ { CKA_BASE, NULL, 0 },
+ { CKA_TOKEN, NULL, 0 },
+ { CKA_NETSCAPE_PQG_COUNTER, NULL, 0 },
+ { CKA_NETSCAPE_PQG_SEED, NULL, 0 },
+ { CKA_NETSCAPE_PQG_H, NULL, 0 },
+ };
+ CK_ATTRIBUTE *attrs;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_OBJECT_CLASS class = CKO_KG_PARAMETERS;
+ CK_KEY_TYPE keyType = CKK_DSA;
+ SECStatus rv = SECSuccess;
+ PK11SlotInfo *slot;
+ int keyCount;
+ CK_OBJECT_HANDLE objectID;
+ CK_ULONG counter;
+ CK_RV crv;
+
+ attrs = keyTempl;
+ PK11_SETATTRS(attrs, CKA_CLASS, &class, sizeof(class));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_PRIME, params->prime.data,
+ params->prime.len);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_SUBPRIME, params->subPrime.data,
+ params->subPrime.len);
+ attrs++;
+ if (params->base.len) {
+ PK11_SETATTRS(attrs, CKA_BASE, params->base.data, params->base.len);
+ attrs++;
+ }
+ PK11_SETATTRS(attrs, CKA_TOKEN, &ckfalse, sizeof(ckfalse));
+ attrs++;
+ if (vfy) {
+ if (vfy->counter != -1) {
+ counter = vfy->counter;
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_COUNTER,
+ &counter, sizeof(counter));
+ attrs++;
+ }
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_SEED,
+ vfy->seed.data, vfy->seed.len);
+ attrs++;
+ if (vfy->h.len) {
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_H,
+ vfy->h.data, vfy->h.len);
+ attrs++;
+ }
+ }
+
+ keyCount = attrs - keyTempl;
+ PORT_Assert(keyCount <= sizeof(keyTempl) / sizeof(keyTempl[0]));
+
+ slot = PK11_GetInternalSlot();
+ if (slot == NULL) {
+ return SECFailure;
+ }
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_CreateObject(slot->session, keyTempl, keyCount,
+ &objectID);
+ PK11_ExitSlotMonitor(slot);
+
+ /* throw away the keys, we only wanted the return code */
+ PK11_DestroyObject(slot, objectID);
+ PK11_FreeSlot(slot);
+
+ *result = SECSuccess;
+ if (crv == CKR_ATTRIBUTE_VALUE_INVALID) {
+ *result = SECFailure;
+ } else if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/**************************************************************************
+ * Free the PQGParams struct and the things it points to. *
+ **************************************************************************/
+extern void
+PK11_PQG_DestroyParams(PQGParams *params)
+{
+ if (params == NULL)
+ return;
+ if (params->arena != NULL) {
+ PORT_FreeArena(params->arena, PR_FALSE); /* don't zero it */
+ } else {
+ SECITEM_FreeItem(&params->prime, PR_FALSE); /* don't free prime */
+ SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
+ SECITEM_FreeItem(&params->base, PR_FALSE); /* don't free base */
+ PORT_Free(params);
+ }
+}
+
+/**************************************************************************
+ * Free the PQGVerify struct and the things it points to. *
+ **************************************************************************/
+extern void
+PK11_PQG_DestroyVerify(PQGVerify *vfy)
+{
+ if (vfy == NULL)
+ return;
+ if (vfy->arena != NULL) {
+ PORT_FreeArena(vfy->arena, PR_FALSE); /* don't zero it */
+ } else {
+ SECITEM_FreeItem(&vfy->seed, PR_FALSE); /* don't free seed */
+ SECITEM_FreeItem(&vfy->h, PR_FALSE); /* don't free h */
+ PORT_Free(vfy);
+ }
+}
+
+#define PQG_DEFAULT_CHUNKSIZE 2048 /* bytes */
+
+/**************************************************************************
+ * Return a pointer to a new PQGParams struct that is constructed from *
+ * copies of the arguments passed in. *
+ * Return NULL on failure. *
+ **************************************************************************/
+extern PQGParams *
+PK11_PQG_NewParams(const SECItem *prime, const SECItem *subPrime,
+ const SECItem *base)
+{
+ PLArenaPool *arena;
+ PQGParams *dest;
+ SECStatus status;
+
+ arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto loser;
+
+ dest = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
+ if (dest == NULL)
+ goto loser;
+
+ dest->arena = arena;
+
+ status = SECITEM_CopyItem(arena, &dest->prime, prime);
+ if (status != SECSuccess)
+ goto loser;
+
+ status = SECITEM_CopyItem(arena, &dest->subPrime, subPrime);
+ if (status != SECSuccess)
+ goto loser;
+
+ status = SECITEM_CopyItem(arena, &dest->base, base);
+ if (status != SECSuccess)
+ goto loser;
+
+ return dest;
+
+loser:
+ if (arena != NULL)
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+/**************************************************************************
+ * Fills in caller's "prime" SECItem with the prime value in params.
+ * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
+ **************************************************************************/
+extern SECStatus
+PK11_PQG_GetPrimeFromParams(const PQGParams *params, SECItem *prime)
+{
+ return SECITEM_CopyItem(NULL, prime, &params->prime);
+}
+
+/**************************************************************************
+ * Fills in caller's "subPrime" SECItem with the prime value in params.
+ * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
+ **************************************************************************/
+extern SECStatus
+PK11_PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem *subPrime)
+{
+ return SECITEM_CopyItem(NULL, subPrime, &params->subPrime);
+}
+
+/**************************************************************************
+ * Fills in caller's "base" SECItem with the base value in params.
+ * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
+ **************************************************************************/
+extern SECStatus
+PK11_PQG_GetBaseFromParams(const PQGParams *params, SECItem *base)
+{
+ return SECITEM_CopyItem(NULL, base, &params->base);
+}
+
+/**************************************************************************
+ * Return a pointer to a new PQGVerify struct that is constructed from *
+ * copies of the arguments passed in. *
+ * Return NULL on failure. *
+ **************************************************************************/
+extern PQGVerify *
+PK11_PQG_NewVerify(unsigned int counter, const SECItem *seed,
+ const SECItem *h)
+{
+ PLArenaPool *arena;
+ PQGVerify *dest;
+ SECStatus status;
+
+ arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto loser;
+
+ dest = (PQGVerify *)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
+ if (dest == NULL)
+ goto loser;
+
+ dest->arena = arena;
+ dest->counter = counter;
+
+ status = SECITEM_CopyItem(arena, &dest->seed, seed);
+ if (status != SECSuccess)
+ goto loser;
+
+ status = SECITEM_CopyItem(arena, &dest->h, h);
+ if (status != SECSuccess)
+ goto loser;
+
+ return dest;
+
+loser:
+ if (arena != NULL)
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+/**************************************************************************
+ * Returns "counter" value from the PQGVerify.
+ **************************************************************************/
+extern unsigned int
+PK11_PQG_GetCounterFromVerify(const PQGVerify *verify)
+{
+ return verify->counter;
+}
+
+/**************************************************************************
+ * Fills in caller's "seed" SECItem with the seed value in verify.
+ * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
+ **************************************************************************/
+extern SECStatus
+PK11_PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed)
+{
+ return SECITEM_CopyItem(NULL, seed, &verify->seed);
+}
+
+/**************************************************************************
+ * Fills in caller's "h" SECItem with the h value in verify.
+ * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
+ **************************************************************************/
+extern SECStatus
+PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem *h)
+{
+ return SECITEM_CopyItem(NULL, h, &verify->h);
+}
diff --git a/security/nss/lib/pk11wrap/pk11pqg.h b/security/nss/lib/pk11wrap/pk11pqg.h
new file mode 100644
index 000000000..36596dd47
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11pqg.h
@@ -0,0 +1,135 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* Thse functions are stub functions which will get replaced with calls through
+ * PKCS #11.
+ */
+
+#ifndef _PK11PQG_H_
+#define _PK11PQG_H_ 1
+
+#include "blapit.h"
+
+SEC_BEGIN_PROTOS
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of seed and length of h both equal length of P.
+ * All lengths are specified by "j", according to the table above.
+ */
+extern SECStatus PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams,
+ PQGVerify **pVfy);
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of P specified by j. Length of h will match length of P.
+ * Length of SEED in bytes specified in seedBytes.
+ * seedBbytes must be in the range [20..255] or an error will result.
+ */
+extern SECStatus PK11_PQG_ParamGenSeedLen(unsigned int j,
+ unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy);
+
+/* Generate PQGParams and PQGVerify structs.
+ * Length of P specified by L.
+ * if L is greater than 1024 then the resulting verify parameters will be
+ * DSA2.
+ * Length of Q specified by N. If zero, The PKCS #11 module will
+ * pick an appropriately sized Q for L. If N is specified and L = 1024, then
+ * the resulting verify parameters will be DSA2, Otherwise DSA1 parameters
+ * will be returned.
+ * Length of SEED in bytes specified in seedBytes.
+ *
+ * The underlying PKCS #11 module will check the values for L, N,
+ * and seedBytes. The rules for softoken are:
+ *
+ * If L <= 1024, then L must be between 512 and 1024 in increments of 64 bits.
+ * If L <= 1024, then N must be 0 or 160.
+ * If L >= 1024, then L and N must match the following table:
+ * L=1024 N=0 or 160
+ * L=2048 N=0 or 224
+ * L=2048 N=256
+ * L=3072 N=0 or 256
+ * if L <= 1024
+ * seedBbytes must be in the range [20..256].
+ * if L >= 1024
+ * seedBbytes must be in the range [20..L/16].
+ */
+extern SECStatus
+PK11_PQG_ParamGenV2(unsigned int L, unsigned int N, unsigned int seedBytes,
+ PQGParams **pParams, PQGVerify **pVfy);
+
+/* Test PQGParams for validity as DSS PQG values.
+ * If vfy is non-NULL, test PQGParams to make sure they were generated
+ * using the specified seed, counter, and h values.
+ *
+ * Return value indicates whether Verification operation ran successfully
+ * to completion, but does not indicate if PQGParams are valid or not.
+ * If return value is SECSuccess, then *pResult has these meanings:
+ * SECSuccess: PQGParams are valid.
+ * SECFailure: PQGParams are invalid.
+ *
+ * Verify the following 12 facts about PQG counter SEED g and h
+ * These tests are specified in FIPS 186-3 Appendix A.1.1.1, A.1.1.3, and A.2.2
+ * PQG_VerifyParams in softoken/freebl will automatically choose the
+ * appropriate test.
+ */
+extern SECStatus PK11_PQG_VerifyParams(const PQGParams *params,
+ const PQGVerify *vfy, SECStatus *result);
+extern void PK11_PQG_DestroyParams(PQGParams *params);
+extern void PK11_PQG_DestroyVerify(PQGVerify *vfy);
+
+/**************************************************************************
+ * Return a pointer to a new PQGParams struct that is constructed from *
+ * copies of the arguments passed in. *
+ * Return NULL on failure. *
+ **************************************************************************/
+extern PQGParams *PK11_PQG_NewParams(const SECItem *prime, const SECItem *subPrime, const SECItem *base);
+
+/**************************************************************************
+ * Fills in caller's "prime" SECItem with the prime value in params.
+ * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
+ **************************************************************************/
+extern SECStatus PK11_PQG_GetPrimeFromParams(const PQGParams *params,
+ SECItem *prime);
+
+/**************************************************************************
+ * Fills in caller's "subPrime" SECItem with the prime value in params.
+ * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
+ **************************************************************************/
+extern SECStatus PK11_PQG_GetSubPrimeFromParams(const PQGParams *params,
+ SECItem *subPrime);
+
+/**************************************************************************
+ * Fills in caller's "base" SECItem with the base value in params.
+ * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
+ **************************************************************************/
+extern SECStatus PK11_PQG_GetBaseFromParams(const PQGParams *params,
+ SECItem *base);
+
+/**************************************************************************
+ * Return a pointer to a new PQGVerify struct that is constructed from *
+ * copies of the arguments passed in. *
+ * Return NULL on failure. *
+ **************************************************************************/
+extern PQGVerify *PK11_PQG_NewVerify(unsigned int counter,
+ const SECItem *seed, const SECItem *h);
+
+/**************************************************************************
+ * Returns "counter" value from the PQGVerify.
+ **************************************************************************/
+extern unsigned int PK11_PQG_GetCounterFromVerify(const PQGVerify *verify);
+
+/**************************************************************************
+ * Fills in caller's "seed" SECItem with the seed value in verify.
+ * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
+ **************************************************************************/
+extern SECStatus PK11_PQG_GetSeedFromVerify(const PQGVerify *verify,
+ SECItem *seed);
+
+/**************************************************************************
+ * Fills in caller's "h" SECItem with the h value in verify.
+ * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
+ **************************************************************************/
+extern SECStatus PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem *h);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pk11wrap/pk11priv.h b/security/nss/lib/pk11wrap/pk11priv.h
new file mode 100644
index 000000000..45a60b42a
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11priv.h
@@ -0,0 +1,187 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _PK11PRIV_H_
+#define _PK11PRIV_H_
+#include "plarena.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secdert.h"
+#include "keyt.h"
+#include "certt.h"
+#include "pkcs11t.h"
+#include "secmodt.h"
+#include "seccomon.h"
+#include "pkcs7t.h"
+#include "cmsreclist.h"
+
+/*
+ * These are the private NSS functions. They are not exported by nss.def, and
+ * are not callable outside nss3.dll.
+ */
+
+SEC_BEGIN_PROTOS
+
+/************************************************************
+ * Generic Slot Lists Management
+ ************************************************************/
+PK11SlotList *PK11_NewSlotList(void);
+PK11SlotList *PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
+ PRBool needRW, void *wincx);
+SECStatus PK11_AddSlotToList(PK11SlotList *list, PK11SlotInfo *slot, PRBool sorted);
+SECStatus PK11_DeleteSlotFromList(PK11SlotList *list, PK11SlotListElement *le);
+PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
+ PK11SlotInfo *slot);
+PK11SlotInfo *PK11_FindSlotBySerial(char *serial);
+int PK11_GetMaxKeyLength(CK_MECHANISM_TYPE type);
+
+/************************************************************
+ * Generic Slot Management
+ ************************************************************/
+CK_OBJECT_HANDLE PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject);
+SECStatus PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type, PLArenaPool *arena, SECItem *result);
+CK_ULONG PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type);
+char *PK11_MakeString(PLArenaPool *arena, char *space, char *staticSring,
+ int stringLen);
+int PK11_MapError(CK_RV error);
+CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot);
+void PK11_RestoreROSession(PK11SlotInfo *slot, CK_SESSION_HANDLE rwsession);
+PRBool PK11_RWSessionHasLock(PK11SlotInfo *slot,
+ CK_SESSION_HANDLE session_handle);
+PK11SlotInfo *PK11_NewSlotInfo(SECMODModule *mod);
+void PK11_EnterSlotMonitor(PK11SlotInfo *);
+void PK11_ExitSlotMonitor(PK11SlotInfo *);
+void PK11_CleanKeyList(PK11SlotInfo *slot);
+
+/************************************************************
+ * Slot Password Management
+ ************************************************************/
+SECStatus PK11_DoPassword(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
+ PRBool loadCerts, void *wincx, PRBool alreadyLocked,
+ PRBool contextSpecific);
+SECStatus PK11_VerifyPW(PK11SlotInfo *slot, char *pw);
+void PK11_HandlePasswordCheck(PK11SlotInfo *slot, void *wincx);
+void PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func);
+void PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func);
+
+/************************************************************
+ * Manage the built-In Slot Lists
+ ************************************************************/
+SECStatus PK11_InitSlotLists(void);
+void PK11_DestroySlotLists(void);
+PK11SlotList *PK11_GetSlotList(CK_MECHANISM_TYPE type);
+void PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count);
+void PK11_ClearSlotList(PK11SlotInfo *slot);
+
+/******************************************************************
+ * Slot initialization
+ ******************************************************************/
+SECStatus PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts);
+void PK11_InitSlot(SECMODModule *mod, CK_SLOT_ID slotID, PK11SlotInfo *slot);
+PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot);
+SECStatus PK11_ReadSlotCerts(PK11SlotInfo *slot);
+void pk11_SetInternalKeySlot(PK11SlotInfo *slot);
+PK11SlotInfo *pk11_SwapInternalKeySlot(PK11SlotInfo *slot);
+void pk11_SetInternalKeySlotIfFirst(PK11SlotInfo *slot);
+
+/*********************************************************************
+ * Mechanism Mapping functions
+ *********************************************************************/
+void PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
+ CK_MECHANISM_TYPE keygen, CK_MECHANISM_TYPE pad,
+ int ivLen, int blocksize);
+CK_MECHANISM_TYPE PK11_GetKeyMechanism(CK_KEY_TYPE type);
+CK_MECHANISM_TYPE PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size);
+
+/**********************************************************************
+ * Symetric, Public, and Private Keys
+ **********************************************************************/
+/* Key Generation specialized for SDR (fixed DES3 key) */
+PK11SymKey *PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx);
+SECKEYPublicKey *PK11_ExtractPublicKey(PK11SlotInfo *slot, KeyType keyType,
+ CK_OBJECT_HANDLE id);
+CK_OBJECT_HANDLE PK11_FindObjectForCert(CERTCertificate *cert,
+ void *wincx, PK11SlotInfo **pSlot);
+PK11SymKey *pk11_CopyToSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
+
+/**********************************************************************
+ * Certs
+ **********************************************************************/
+SECStatus PK11_TraversePrivateKeysInSlot(PK11SlotInfo *slot,
+ SECStatus (*callback)(SECKEYPrivateKey *, void *), void *arg);
+SECKEYPrivateKey *PK11_FindPrivateKeyFromNickname(char *nickname, void *wincx);
+CK_OBJECT_HANDLE *PK11_FindObjectsFromNickname(char *nickname,
+ PK11SlotInfo **slotptr, CK_OBJECT_CLASS objclass, int *returnCount,
+ void *wincx);
+CK_OBJECT_HANDLE PK11_MatchItem(PK11SlotInfo *slot, CK_OBJECT_HANDLE peer,
+ CK_OBJECT_CLASS o_class);
+CK_BBOOL PK11_HasAttributeSet(PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type,
+ PRBool haslock);
+CK_RV PK11_GetAttributes(PLArenaPool *arena, PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE obj, CK_ATTRIBUTE *attr, int count);
+int PK11_NumberCertsForCertSubject(CERTCertificate *cert);
+SECStatus PK11_TraverseCertsForSubject(CERTCertificate *cert,
+ SECStatus (*callback)(CERTCertificate *, void *), void *arg);
+SECStatus PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1,
+ PK11SlotInfo *slot2, CERTCertificate **cert1, CERTCertificate **cert2);
+SECStatus PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
+ SECStatus (*callback)(CERTCertificate *, void *), void *arg);
+SECStatus PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx);
+
+/**********************************************************************
+ * Crypto Contexts
+ **********************************************************************/
+PK11Context *PK11_CreateContextByRawKey(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation,
+ SECItem *key, SECItem *param, void *wincx);
+PRBool PK11_HashOK(SECOidTag hashAlg);
+
+/**********************************************************************
+ * Functions which are deprecated....
+ **********************************************************************/
+
+SECItem *
+PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *handle,
+ SECItem *derName, int type, char **url);
+
+CK_OBJECT_HANDLE
+PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl,
+ SECItem *name, char *url, int type);
+
+SECItem *
+PK11_FindSMimeProfile(PK11SlotInfo **slotp, char *emailAddr, SECItem *derSubj,
+ SECItem **profileTime);
+SECStatus
+PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
+ SECItem *emailProfile, SECItem *profileTime);
+
+PRBool PK11_IsPermObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle);
+
+char *PK11_GetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id);
+SECStatus PK11_SetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ const char *nickname);
+
+/* private */
+SECStatus pk11_TraverseAllSlots(SECStatus (*callback)(PK11SlotInfo *, void *),
+ void *cbArg, PRBool forceLogin, void *pwArg);
+
+/* fetch multiple CRLs for a specific issuer */
+SECStatus pk11_RetrieveCrls(CERTCrlHeadNode *nodes, SECItem *issuer,
+ void *wincx);
+
+/* set global options for NSS PKCS#11 module loader */
+SECStatus pk11_setGlobalOptions(PRBool noSingleThreadedModules,
+ PRBool allowAlreadyInitializedModules,
+ PRBool dontFinalizeModules);
+
+/* return whether NSS is allowed to call C_Finalize */
+PRBool pk11_getFinalizeModulesOption(void);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pk11wrap/pk11pub.h b/security/nss/lib/pk11wrap/pk11pub.h
new file mode 100644
index 000000000..e11af86ad
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11pub.h
@@ -0,0 +1,879 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _PK11PUB_H_
+#define _PK11PUB_H_
+#include "plarena.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secdert.h"
+#include "keyt.h"
+#include "certt.h"
+#include "pkcs11t.h"
+#include "secmodt.h"
+#include "seccomon.h"
+#include "pkcs7t.h"
+#include "cmsreclist.h"
+
+/*
+ * Exported PK11 wrap functions.
+ */
+
+SEC_BEGIN_PROTOS
+
+/************************************************************
+ * Generic Slot Lists Management
+ ************************************************************/
+void PK11_FreeSlotList(PK11SlotList *list);
+SECStatus PK11_FreeSlotListElement(PK11SlotList *list, PK11SlotListElement *le);
+PK11SlotListElement *PK11_GetFirstSafe(PK11SlotList *list);
+PK11SlotListElement *PK11_GetNextSafe(PK11SlotList *list,
+ PK11SlotListElement *le, PRBool restart);
+
+/************************************************************
+ * Generic Slot Management
+ ************************************************************/
+PK11SlotInfo *PK11_ReferenceSlot(PK11SlotInfo *slot);
+void PK11_FreeSlot(PK11SlotInfo *slot);
+SECStatus PK11_DestroyObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE object);
+SECStatus PK11_DestroyTokenObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE object);
+PK11SlotInfo *PK11_GetInternalKeySlot(void);
+PK11SlotInfo *PK11_GetInternalSlot(void);
+SECStatus PK11_Logout(PK11SlotInfo *slot);
+void PK11_LogoutAll(void);
+
+/************************************************************
+ * Slot Password Management
+ ************************************************************/
+void PK11_SetSlotPWValues(PK11SlotInfo *slot, int askpw, int timeout);
+void PK11_GetSlotPWValues(PK11SlotInfo *slot, int *askpw, int *timeout);
+SECStatus PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw);
+SECStatus PK11_CheckUserPassword(PK11SlotInfo *slot, const char *pw);
+PRBool PK11_IsLoggedIn(PK11SlotInfo *slot, void *wincx);
+SECStatus PK11_InitPin(PK11SlotInfo *slot, const char *ssopw,
+ const char *pk11_userpwd);
+SECStatus PK11_ChangePW(PK11SlotInfo *slot, const char *oldpw,
+ const char *newpw);
+void PK11_SetPasswordFunc(PK11PasswordFunc func);
+int PK11_GetMinimumPwdLength(PK11SlotInfo *slot);
+SECStatus PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd);
+SECStatus PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
+SECStatus PK11_TokenRefresh(PK11SlotInfo *slot);
+
+/******************************************************************
+ * Slot info functions
+ ******************************************************************/
+PK11SlotInfo *PK11_FindSlotByName(const char *name);
+/******************************************************************
+ * PK11_FindSlotsByNames searches for a PK11SlotInfo using one or
+ * more criteria : dllName, slotName and tokenName . In addition, if
+ * presentOnly is set , only slots with a token inserted will be
+ * returned.
+ ******************************************************************/
+PK11SlotList *PK11_FindSlotsByNames(const char *dllName,
+ const char *slotName, const char *tokenName, PRBool presentOnly);
+PRBool PK11_IsReadOnly(PK11SlotInfo *slot);
+PRBool PK11_IsInternal(PK11SlotInfo *slot);
+PRBool PK11_IsInternalKeySlot(PK11SlotInfo *slot);
+char *PK11_GetTokenName(PK11SlotInfo *slot);
+char *PK11_GetSlotName(PK11SlotInfo *slot);
+PRBool PK11_NeedLogin(PK11SlotInfo *slot);
+PRBool PK11_IsFriendly(PK11SlotInfo *slot);
+PRBool PK11_IsHW(PK11SlotInfo *slot);
+PRBool PK11_IsRemovable(PK11SlotInfo *slot);
+PRBool PK11_NeedUserInit(PK11SlotInfo *slot);
+PRBool PK11_ProtectedAuthenticationPath(PK11SlotInfo *slot);
+int PK11_GetSlotSeries(PK11SlotInfo *slot);
+int PK11_GetCurrentWrapIndex(PK11SlotInfo *slot);
+unsigned long PK11_GetDefaultFlags(PK11SlotInfo *slot);
+CK_SLOT_ID PK11_GetSlotID(PK11SlotInfo *slot);
+SECMODModuleID PK11_GetModuleID(PK11SlotInfo *slot);
+SECStatus PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info);
+SECStatus PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info);
+PRBool PK11_IsDisabled(PK11SlotInfo *slot);
+PRBool PK11_HasRootCerts(PK11SlotInfo *slot);
+PK11DisableReasons PK11_GetDisabledReason(PK11SlotInfo *slot);
+/* Prevents the slot from being used, and set disable reason to user-disable */
+/* NOTE: Mechanisms that were ON continue to stay ON */
+/* Therefore, when the slot is enabled, it will remember */
+/* what mechanisms needs to be turned on */
+PRBool PK11_UserDisableSlot(PK11SlotInfo *slot);
+/* Allow all mechanisms that are ON before UserDisableSlot() */
+/* was called to be available again */
+PRBool PK11_UserEnableSlot(PK11SlotInfo *slot);
+/*
+ * wait for a specific slot event.
+ * event is a specific event to wait for. Currently only
+ * PK11TokenChangeOrRemovalEvent and PK11TokenPresentEvents are defined.
+ * timeout can be an interval time to wait, PR_INTERVAL_NO_WAIT (meaning only
+ * poll once), or PR_INTERVAL_NO_TIMEOUT (meaning block until a change).
+ * pollInterval is a suggested pulling interval value. '0' means use the
+ * default. Future implementations that don't poll may ignore this value.
+ * series is the current series for the last slot. This should be the series
+ * value for the slot the last time you read persistant information from the
+ * slot. For instance, if you publish a cert from the slot, you should obtain
+ * the slot series at that time. Then PK11_WaitForTokenEvent can detect a
+ * a change in the slot between the time you publish and the time
+ * PK11_WaitForTokenEvent is called, elliminating potential race conditions.
+ *
+ * The current status that is returned is:
+ * PK11TokenNotRemovable - always returned for any non-removable token.
+ * PK11TokenPresent - returned when the token is present and we are waiting
+ * on a PK11TokenPresentEvent. Then next event to look for is a
+ * PK11TokenChangeOrRemovalEvent.
+ * PK11TokenChanged - returned when the old token has been removed and a new
+ * token ad been inserted, and we are waiting for a
+ * PK11TokenChangeOrRemovalEvent. The next event to look for is another
+ * PK11TokenChangeOrRemovalEvent.
+ * PK11TokenRemoved - returned when the token is not present and we are
+ * waiting for a PK11TokenChangeOrRemovalEvent. The next event to look for
+ * is a PK11TokenPresentEvent.
+ */
+PK11TokenStatus PK11_WaitForTokenEvent(PK11SlotInfo *slot, PK11TokenEvent event,
+ PRIntervalTime timeout, PRIntervalTime pollInterval, int series);
+
+PRBool PK11_NeedPWInit(void);
+PRBool PK11_TokenExists(CK_MECHANISM_TYPE);
+SECStatus PK11_GetModInfo(SECMODModule *mod, CK_INFO *info);
+PRBool PK11_IsFIPS(void);
+SECMODModule *PK11_GetModule(PK11SlotInfo *slot);
+
+/*********************************************************************
+ * Slot mapping utility functions.
+ *********************************************************************/
+PRBool PK11_IsPresent(PK11SlotInfo *slot);
+PRBool PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
+PK11SlotList *PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW,
+ PRBool loadCerts, void *wincx);
+PK11SlotInfo *PK11_GetBestSlotMultipleWithAttributes(CK_MECHANISM_TYPE *type,
+ CK_FLAGS *mechFlag, unsigned int *keySize,
+ unsigned int count, void *wincx);
+PK11SlotInfo *PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type,
+ unsigned int count, void *wincx);
+PK11SlotInfo *PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx);
+PK11SlotInfo *PK11_GetBestSlotWithAttributes(CK_MECHANISM_TYPE type,
+ CK_FLAGS mechFlag, unsigned int keySize, void *wincx);
+CK_MECHANISM_TYPE PK11_GetBestWrapMechanism(PK11SlotInfo *slot);
+int PK11_GetBestKeyLength(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
+
+/*
+ * Open a new database using the softoken. The caller is responsible for making
+ * sure the module spec is correct and usable. The caller should ask for one
+ * new database per call if the caller wants to get meaningful information
+ * about the new database.
+ *
+ * moduleSpec is the same data that you would pass to softoken at
+ * initialization time under the 'tokens' options. For example, if you were
+ * to specify tokens=<0x4=[configdir='./mybackup' tokenDescription='Backup']>
+ * You would specify "configdir='./mybackup' tokenDescription='Backup'" as your
+ * module spec here. The slot ID will be calculated for you by
+ * SECMOD_OpenUserDB().
+ *
+ * Typical parameters here are configdir, tokenDescription and flags.
+ *
+ * a Full list is below:
+ *
+ *
+ * configDir - The location of the databases for this token. If configDir is
+ * not specified, and noCertDB and noKeyDB is not specified, the load
+ * will fail.
+ * certPrefix - Cert prefix for this token.
+ * keyPrefix - Prefix for the key database for this token. (if not specified,
+ * certPrefix will be used).
+ * tokenDescription - The label value for this token returned in the
+ * CK_TOKEN_INFO structure with an internationalize string (UTF8).
+ * This value will be truncated at 32 bytes (no NULL, partial UTF8
+ * characters dropped). You should specify a user friendly name here
+ * as this is the value the token will be referred to in most
+ * application UI's. You should make sure tokenDescription is unique.
+ * slotDescription - The slotDescription value for this token returned
+ * in the CK_SLOT_INFO structure with an internationalize string
+ * (UTF8). This value will be truncated at 64 bytes (no NULL, partial
+ * UTF8 characters dropped). This name will not change after the
+ * database is closed. It should have some number to make this unique.
+ * minPWLen - minimum password length for this token.
+ * flags - comma separated list of flag values, parsed case-insensitive.
+ * Valid flags are:
+ * readOnly - Databases should be opened read only.
+ * noCertDB - Don't try to open a certificate database.
+ * noKeyDB - Don't try to open a key database.
+ * forceOpen - Don't fail to initialize the token if the
+ * databases could not be opened.
+ * passwordRequired - zero length passwords are not acceptable
+ * (valid only if there is a keyDB).
+ * optimizeSpace - allocate smaller hash tables and lock tables.
+ * When this flag is not specified, Softoken will allocate
+ * large tables to prevent lock contention.
+ */
+PK11SlotInfo *SECMOD_OpenUserDB(const char *moduleSpec);
+SECStatus SECMOD_CloseUserDB(PK11SlotInfo *slot);
+
+/*
+ * This is exactly the same as OpenUserDB except it can be called on any
+ * module that understands softoken style new slot entries. The resulting
+ * slot can be closed using SECMOD_CloseUserDB above. Value of moduleSpec
+ * is token specific.
+ */
+PK11SlotInfo *SECMOD_OpenNewSlot(SECMODModule *mod, const char *moduleSpec);
+
+/*
+ * merge the permanent objects from on token to another
+ */
+SECStatus PK11_MergeTokens(PK11SlotInfo *targetSlot, PK11SlotInfo *sourceSlot,
+ PK11MergeLog *log, void *targetPwArg, void *sourcePwArg);
+
+/*
+ * create and destroy merge logs needed by PK11_MergeTokens
+ */
+PK11MergeLog *PK11_CreateMergeLog(void);
+void PK11_DestroyMergeLog(PK11MergeLog *log);
+
+/*********************************************************************
+ * Mechanism Mapping functions
+ *********************************************************************/
+CK_KEY_TYPE PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len);
+CK_MECHANISM_TYPE PK11_GetKeyGen(CK_MECHANISM_TYPE type);
+int PK11_GetBlockSize(CK_MECHANISM_TYPE type, SECItem *params);
+int PK11_GetIVLength(CK_MECHANISM_TYPE type);
+SECItem *PK11_ParamFromIV(CK_MECHANISM_TYPE type, SECItem *iv);
+unsigned char *PK11_IVFromParam(CK_MECHANISM_TYPE type, SECItem *param, int *len);
+SECItem *PK11_BlockData(SECItem *data, unsigned long size);
+
+/* PKCS #11 to DER mapping functions */
+SECItem *PK11_ParamFromAlgid(SECAlgorithmID *algid);
+SECItem *PK11_GenerateNewParam(CK_MECHANISM_TYPE, PK11SymKey *);
+CK_MECHANISM_TYPE PK11_AlgtagToMechanism(SECOidTag algTag);
+SECOidTag PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type);
+SECOidTag PK11_FortezzaMapSig(SECOidTag algTag);
+SECStatus PK11_ParamToAlgid(SECOidTag algtag, SECItem *param,
+ PLArenaPool *arena, SECAlgorithmID *algid);
+SECStatus PK11_SeedRandom(PK11SlotInfo *, unsigned char *data, int len);
+SECStatus PK11_GenerateRandomOnSlot(PK11SlotInfo *, unsigned char *data, int len);
+SECStatus PK11_RandomUpdate(void *data, size_t bytes);
+SECStatus PK11_GenerateRandom(unsigned char *data, int len);
+
+/* warning: cannot work with pkcs 5 v2
+ * use algorithm ID s instead of pkcs #11 mechanism pointers */
+CK_RV PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
+ CK_MECHANISM_PTR pCryptoMechanism,
+ SECItem *pbe_pwd, PRBool bad3DES);
+CK_MECHANISM_TYPE PK11_GetPadMechanism(CK_MECHANISM_TYPE);
+CK_MECHANISM_TYPE PK11_MapSignKeyType(KeyType keyType);
+
+/**********************************************************************
+ * Symmetric, Public, and Private Keys
+ **********************************************************************/
+void PK11_FreeSymKey(PK11SymKey *key);
+PK11SymKey *PK11_ReferenceSymKey(PK11SymKey *symKey);
+PK11SymKey *PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, void *wincx);
+PK11SymKey *PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation,
+ SECItem *key, CK_FLAGS flags, PRBool isPerm, void *wincx);
+PK11SymKey *PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent,
+ PK11Origin origin, CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID,
+ PRBool owner, void *wincx);
+PK11SymKey *PK11_GetWrapKey(PK11SlotInfo *slot, int wrap,
+ CK_MECHANISM_TYPE type, int series, void *wincx);
+/*
+ * This function is not thread-safe. It can only be called when only
+ * one thread has a reference to wrapKey.
+ */
+void PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey);
+CK_MECHANISM_TYPE PK11_GetMechanism(PK11SymKey *symKey);
+/*
+ * import a public key into the desired slot
+ *
+ * This function takes a public key structure and creates a public key in a
+ * given slot. If isToken is set, then a persistant public key is created.
+ *
+ * Note: it is possible for this function to return a handle for a key which
+ * is persistant, even if isToken is not set.
+ */
+CK_OBJECT_HANDLE PK11_ImportPublicKey(PK11SlotInfo *slot,
+ SECKEYPublicKey *pubKey, PRBool isToken);
+PK11SymKey *PK11_KeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ SECItem *param, int keySize, void *wincx);
+PK11SymKey *PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ SECItem *param, int keySize, SECItem *keyid,
+ PRBool isToken, void *wincx);
+PK11SymKey *PK11_TokenKeyGenWithFlags(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, SECItem *param,
+ int keySize, SECItem *keyid, CK_FLAGS opFlags,
+ PK11AttrFlags attrFlags, void *wincx);
+/* Generates a key using the exact template supplied by the caller. The other
+ * PK11_[Token]KeyGen mechanisms should be used instead of this one whenever
+ * they work because they include/exclude the CKA_VALUE_LEN template value
+ * based on the mechanism type as required by many tokens.
+ *
+ * keyGenType should be PK11_GetKeyGenWithSize(type, <key size>) or it should
+ * be equal to type if PK11_GetKeyGenWithSize cannot be used (e.g. because
+ * pk11wrap does not know about the mechanisms).
+ */
+PK11SymKey *PK11_KeyGenWithTemplate(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_TYPE keyGenType,
+ SECItem *param, CK_ATTRIBUTE *attrs,
+ unsigned int attrsCount, void *wincx);
+PK11SymKey *PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname,
+ void *wincx);
+PK11SymKey *PK11_GetNextSymKey(PK11SymKey *symKey);
+CK_KEY_TYPE PK11_GetSymKeyType(PK11SymKey *key);
+CK_OBJECT_HANDLE PK11_GetSymKeyHandle(PK11SymKey *symKey);
+
+/*
+ * PK11_SetSymKeyUserData
+ * sets generic user data on keys (usually a pointer to a data structure)
+ * that can later be retrieved by PK11_GetSymKeyUserData().
+ * symKey - key where data will be set.
+ * data - data to be set.
+ * freefunc - function used to free the data.
+ * Setting user data on symKeys with existing user data already set will cause
+ * the existing user data to be freed before the new user data is set.
+ * Freeing user data is done by calling the user specified freefunc.
+ * If freefunc is NULL, the user data is assumed to be global or static an
+ * not freed. Passing NULL for user data to PK11_SetSymKeyUserData has the
+ * effect of freeing any existing user data, and clearing the user data
+ * pointer. If user data exists when the symKey is finally freed, that
+ * data will be freed with freefunc.
+ *
+ * Applications should only use this function on keys which the application
+ * has created directly, as there is only one user data value per key.
+ */
+void PK11_SetSymKeyUserData(PK11SymKey *symKey, void *data,
+ PK11FreeDataFunc freefunc);
+/* PK11_GetSymKeyUserData
+ * retrieves generic user data which was set on a key by
+ * PK11_SetSymKeyUserData.
+ * symKey - key with data to be fetched
+ *
+ * If no data exists, or the data has been cleared, PK11_GetSymKeyUserData
+ * will return NULL. Returned data is still owned and managed by the SymKey,
+ * the caller should not free the data.
+ *
+ */
+void *PK11_GetSymKeyUserData(PK11SymKey *symKey);
+
+SECStatus PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
+ PK11SymKey *symKey, SECItem *wrappedKey);
+SECStatus PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *params,
+ PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey);
+/* move a key to 'slot' optionally set the key attributes according to either
+ * operation or the flags and making the key permanent at the same time.
+ * If the key is moved to the same slot, operation and flags values are
+ * currently ignored */
+PK11SymKey *PK11_MoveSymKey(PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation,
+ CK_FLAGS flags, PRBool perm, PK11SymKey *symKey);
+/*
+ * derive a new key from the base key.
+ * PK11_Derive returns a key which can do exactly one operation, and is
+ * ephemeral (session key).
+ * PK11_DeriveWithFlags is the same as PK11_Derive, except you can use
+ * CKF_ flags to enable more than one operation.
+ * PK11_DeriveWithFlagsPerm is the same as PK11_DeriveWithFlags except you can
+ * (optionally) make the key permanent (token key).
+ */
+PK11SymKey *PK11_Derive(PK11SymKey *baseKey, CK_MECHANISM_TYPE mechanism,
+ SECItem *param, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize);
+PK11SymKey *PK11_DeriveWithFlags(PK11SymKey *baseKey,
+ CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags);
+PK11SymKey *PK11_DeriveWithFlagsPerm(PK11SymKey *baseKey,
+ CK_MECHANISM_TYPE derive,
+ SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_FLAGS flags, PRBool isPerm);
+PK11SymKey *
+PK11_DeriveWithTemplate(PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
+ SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_ATTRIBUTE *userAttr, unsigned int numAttrs,
+ PRBool isPerm);
+
+PK11SymKey *PK11_PubDerive(SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *pubKey, PRBool isSender, SECItem *randomA, SECItem *randomB,
+ CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize, void *wincx);
+PK11SymKey *PK11_PubDeriveWithKDF(SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *pubKey, PRBool isSender, SECItem *randomA, SECItem *randomB,
+ CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize,
+ CK_ULONG kdf, SECItem *sharedData, void *wincx);
+
+/*
+ * unwrap a new key with a symetric key.
+ * PK11_Unwrap returns a key which can do exactly one operation, and is
+ * ephemeral (session key).
+ * PK11_UnwrapWithFlags is the same as PK11_Unwrap, except you can use
+ * CKF_ flags to enable more than one operation.
+ * PK11_UnwrapWithFlagsPerm is the same as PK11_UnwrapWithFlags except you can
+ * (optionally) make the key permanent (token key).
+ */
+PK11SymKey *PK11_UnwrapSymKey(PK11SymKey *key,
+ CK_MECHANISM_TYPE wraptype, SECItem *param, SECItem *wrapppedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
+PK11SymKey *PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey,
+ CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
+ CK_FLAGS flags);
+PK11SymKey *PK11_UnwrapSymKeyWithFlagsPerm(PK11SymKey *wrappingKey,
+ CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_FLAGS flags, PRBool isPerm);
+
+/*
+ * unwrap a new key with a private key.
+ * PK11_PubUnwrap returns a key which can do exactly one operation, and is
+ * ephemeral (session key).
+ * PK11_PubUnwrapWithFlagsPerm is the same as PK11_PubUnwrap except you can
+ * use * CKF_ flags to enable more than one operation, and optionally make
+ * the key permanent (token key).
+ */
+PK11SymKey *PK11_PubUnwrapSymKey(SECKEYPrivateKey *key, SECItem *wrapppedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
+PK11SymKey *PK11_PubUnwrapSymKeyWithFlagsPerm(SECKEYPrivateKey *wrappingKey,
+ SECItem *wrappedKey, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize,
+ CK_FLAGS flags, PRBool isPerm);
+PK11SymKey *PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ SECItem *keyID, void *wincx);
+SECStatus PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey, PRBool force);
+SECStatus PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey);
+SECStatus PK11_DeleteTokenSymKey(PK11SymKey *symKey);
+SECStatus PK11_DeleteTokenCertAndKey(CERTCertificate *cert, void *wincx);
+SECKEYPrivateKey *PK11_LoadPrivKey(PK11SlotInfo *slot,
+ SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
+ PRBool token, PRBool sensitive);
+char *PK11_GetSymKeyNickname(PK11SymKey *symKey);
+char *PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey);
+char *PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey);
+SECStatus PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname);
+SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey,
+ const char *nickname);
+SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey,
+ const char *nickname);
+
+/*
+ * Using __PK11_SetCertificateNickname is *DANGEROUS*.
+ *
+ * The API will update the NSS database, but it *will NOT* update the in-memory data.
+ * As a result, after calling this API, there will be INCONSISTENCY between
+ * in-memory data and the database.
+ *
+ * Use of the API should be limited to short-lived tools, which will exit immediately
+ * after using this API.
+ *
+ * If you ignore this warning, your process is TAINTED and will most likely misbehave.
+ */
+SECStatus __PK11_SetCertificateNickname(CERTCertificate *cert,
+ const char *nickname);
+
+/* size to hold key in bytes */
+unsigned int PK11_GetKeyLength(PK11SymKey *key);
+/* size of actual secret parts of key in bits */
+/* algid is because RC4 strength is determined by the effective bits as well
+ * as the key bits */
+unsigned int PK11_GetKeyStrength(PK11SymKey *key, SECAlgorithmID *algid);
+SECStatus PK11_ExtractKeyValue(PK11SymKey *symKey);
+SECItem *PK11_GetKeyData(PK11SymKey *symKey);
+PK11SlotInfo *PK11_GetSlotFromKey(PK11SymKey *symKey);
+void *PK11_GetWindow(PK11SymKey *symKey);
+
+/*
+ * Explicitly set the key usage for the generated private key.
+ *
+ * This allows us to specify single use EC and RSA keys whose usage
+ * can be regulated by the underlying token.
+ *
+ * The underlying key usage is set using opFlags. opFlagsMask specifies
+ * which operations are specified by opFlags. For instance to turn encrypt
+ * on and signing off, opFlags would be CKF_ENCRYPT|CKF_DECRYPT and
+ * opFlagsMask would be CKF_ENCRYPT|CKF_DECRYPT|CKF_SIGN|CKF_VERIFY. You
+ * need to specify both the public and private key flags,
+ * PK11_GenerateKeyPairWithOpFlags will sort out the correct flag to the
+ * correct key type. Flags not specified in opFlagMask will be defaulted
+ * according to mechanism type and token capabilities.
+ */
+SECKEYPrivateKey *PK11_GenerateKeyPairWithOpFlags(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, void *param, SECKEYPublicKey **pubk,
+ PK11AttrFlags attrFlags, CK_FLAGS opFlags, CK_FLAGS opFlagsMask,
+ void *wincx);
+/*
+ * The attrFlags is the logical OR of the PK11_ATTR_XXX bitflags.
+ * These flags apply to the private key. The PK11_ATTR_TOKEN,
+ * PK11_ATTR_SESSION, PK11_ATTR_MODIFIABLE, and PK11_ATTR_UNMODIFIABLE
+ * flags also apply to the public key.
+ */
+SECKEYPrivateKey *PK11_GenerateKeyPairWithFlags(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, void *param, SECKEYPublicKey **pubk,
+ PK11AttrFlags attrFlags, void *wincx);
+SECKEYPrivateKey *PK11_GenerateKeyPair(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, void *param, SECKEYPublicKey **pubk,
+ PRBool isPerm, PRBool isSensitive, void *wincx);
+SECKEYPrivateKey *PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot,
+ CERTCertificate *cert, void *wincx);
+SECKEYPrivateKey *PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx);
+SECKEYPrivateKey *PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID,
+ void *wincx);
+int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key);
+
+SECStatus PK11_Decrypt(PK11SymKey *symkey,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *enc, unsigned int encLen);
+SECStatus PK11_Encrypt(PK11SymKey *symKey,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *data, unsigned int dataLen);
+
+/* note: despite the name, this function takes a private key. */
+SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key,
+ unsigned char *data, unsigned *outLen,
+ unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen);
+#define PK11_PrivDecryptRaw PK11_PubDecryptRaw
+/* The encrypt function that complements the above decrypt function. */
+SECStatus PK11_PubEncryptRaw(SECKEYPublicKey *key,
+ unsigned char *enc,
+ const unsigned char *data, unsigned dataLen,
+ void *wincx);
+
+SECStatus PK11_PrivDecryptPKCS1(SECKEYPrivateKey *key,
+ unsigned char *data, unsigned *outLen,
+ unsigned int maxLen,
+ const unsigned char *enc, unsigned encLen);
+/* The encrypt function that complements the above decrypt function. */
+SECStatus PK11_PubEncryptPKCS1(SECKEYPublicKey *key,
+ unsigned char *enc,
+ const unsigned char *data, unsigned dataLen,
+ void *wincx);
+
+SECStatus PK11_PrivDecrypt(SECKEYPrivateKey *key,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *enc, unsigned int encLen);
+SECStatus PK11_PubEncrypt(SECKEYPublicKey *key,
+ CK_MECHANISM_TYPE mechanism, SECItem *param,
+ unsigned char *out, unsigned int *outLen,
+ unsigned int maxLen,
+ const unsigned char *data, unsigned int dataLen,
+ void *wincx);
+
+SECStatus PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot,
+ SECKEYPrivateKeyInfo *pki, SECItem *nickname,
+ SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
+ unsigned int usage, void *wincx);
+SECStatus PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
+ SECKEYPrivateKeyInfo *pki, SECItem *nickname,
+ SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
+ unsigned int usage, SECKEYPrivateKey **privk, void *wincx);
+SECStatus PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot,
+ SECItem *derPKI, SECItem *nickname,
+ SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
+ unsigned int usage, void *wincx);
+SECStatus PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
+ SECItem *derPKI, SECItem *nickname,
+ SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
+ unsigned int usage, SECKEYPrivateKey **privk, void *wincx);
+SECStatus PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
+ SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, KeyType type,
+ unsigned int usage, void *wincx);
+SECStatus PK11_ImportEncryptedPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
+ SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
+ SECItem *nickname, SECItem *publicValue, PRBool isPerm,
+ PRBool isPrivate, KeyType type,
+ unsigned int usage, SECKEYPrivateKey **privk, void *wincx);
+SECItem *PK11_ExportDERPrivateKeyInfo(SECKEYPrivateKey *pk, void *wincx);
+SECKEYPrivateKeyInfo *PK11_ExportPrivKeyInfo(
+ SECKEYPrivateKey *pk, void *wincx);
+SECKEYPrivateKeyInfo *PK11_ExportPrivateKeyInfo(
+ CERTCertificate *cert, void *wincx);
+SECKEYEncryptedPrivateKeyInfo *PK11_ExportEncryptedPrivKeyInfo(
+ PK11SlotInfo *slot, SECOidTag algTag, SECItem *pwitem,
+ SECKEYPrivateKey *pk, int iteration, void *wincx);
+SECKEYEncryptedPrivateKeyInfo *PK11_ExportEncryptedPrivateKeyInfo(
+ PK11SlotInfo *slot, SECOidTag algTag, SECItem *pwitem,
+ CERTCertificate *cert, int iteration, void *wincx);
+SECKEYPrivateKey *PK11_FindKeyByDERCert(PK11SlotInfo *slot,
+ CERTCertificate *cert, void *wincx);
+SECKEYPublicKey *PK11_MakeKEAPubKey(unsigned char *data, int length);
+SECStatus PK11_DigestKey(PK11Context *context, PK11SymKey *key);
+PRBool PK11_VerifyKeyOK(PK11SymKey *key);
+SECKEYPrivateKey *PK11_UnwrapPrivKey(PK11SlotInfo *slot,
+ PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey, SECItem *label,
+ SECItem *publicValue, PRBool token, PRBool sensitive,
+ CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
+ void *wincx);
+SECStatus PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
+ SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey, void *wincx);
+/*
+ * The caller of PK11_DEREncodePublicKey should free the returned SECItem with
+ * a SECITEM_FreeItem(..., PR_TRUE) call.
+ */
+SECItem *PK11_DEREncodePublicKey(const SECKEYPublicKey *pubk);
+PK11SymKey *PK11_CopySymKeyForSigning(PK11SymKey *originalKey,
+ CK_MECHANISM_TYPE mech);
+SECKEYPrivateKeyList *PK11_ListPrivKeysInSlot(PK11SlotInfo *slot,
+ char *nickname, void *wincx);
+SECKEYPublicKeyList *PK11_ListPublicKeysInSlot(PK11SlotInfo *slot,
+ char *nickname);
+SECKEYPQGParams *PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey);
+/* deprecated */
+SECKEYPrivateKeyList *PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot);
+
+PK11SymKey *PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk,
+ void *wincx);
+SECKEYPrivateKey *PK11_ConvertSessionPrivKeyToTokenPrivKey(
+ SECKEYPrivateKey *privk, void *wincx);
+SECKEYPrivateKey *PK11_CopyTokenPrivKeyToSessionPrivKey(PK11SlotInfo *destSlot,
+ SECKEYPrivateKey *privKey);
+
+/**********************************************************************
+ * Certs
+ **********************************************************************/
+SECItem *PK11_MakeIDFromPubKey(SECItem *pubKeyData);
+SECStatus PK11_TraverseSlotCerts(
+ SECStatus (*callback)(CERTCertificate *, SECItem *, void *),
+ void *arg, void *wincx);
+CERTCertificate *PK11_FindCertFromNickname(const char *nickname, void *wincx);
+CERTCertList *PK11_FindCertsFromEmailAddress(const char *email, void *wincx);
+CERTCertList *PK11_FindCertsFromNickname(const char *nickname, void *wincx);
+CERTCertificate *PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey);
+SECStatus PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
+ CK_OBJECT_HANDLE key, const char *nickname,
+ PRBool includeTrust);
+SECStatus PK11_ImportDERCert(PK11SlotInfo *slot, SECItem *derCert,
+ CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust);
+PK11SlotInfo *PK11_ImportCertForKey(CERTCertificate *cert,
+ const char *nickname, void *wincx);
+PK11SlotInfo *PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,
+ void *wincx);
+PK11SlotInfo *PK11_KeyForCertExists(CERTCertificate *cert,
+ CK_OBJECT_HANDLE *keyPtr, void *wincx);
+PK11SlotInfo *PK11_KeyForDERCertExists(SECItem *derCert,
+ CK_OBJECT_HANDLE *keyPtr, void *wincx);
+CERTCertificate *PK11_FindCertByIssuerAndSN(PK11SlotInfo **slot,
+ CERTIssuerAndSN *sn, void *wincx);
+CERTCertificate *PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slot,
+ SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
+ SECKEYPrivateKey **privKey, void *wincx);
+int PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist,
+ void *wincx);
+SECStatus PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert,
+ PK11SlotInfo *slot, SECStatus (*callback)(CERTCertificate *, void *),
+ void *arg);
+CERTCertificate *PK11_FindCertFromDERCert(PK11SlotInfo *slot,
+ CERTCertificate *cert, void *wincx);
+CERTCertificate *PK11_FindCertFromDERCertItem(PK11SlotInfo *slot,
+ const SECItem *derCert, void *wincx);
+SECStatus PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
+ char *nickname, PRBool addUsage,
+ void *wincx);
+CERTCertificate *PK11_FindBestKEAMatch(CERTCertificate *serverCert, void *wincx);
+PRBool PK11_FortezzaHasKEA(CERTCertificate *cert);
+CK_OBJECT_HANDLE PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert,
+ void *wincx);
+SECStatus PK11_TraverseCertsForNicknameInSlot(SECItem *nickname,
+ PK11SlotInfo *slot, SECStatus (*callback)(CERTCertificate *, void *),
+ void *arg);
+CERTCertList *PK11_ListCerts(PK11CertListType type, void *pwarg);
+CERTCertList *PK11_ListCertsInSlot(PK11SlotInfo *slot);
+CERTSignedCrl *PK11_ImportCRL(PK11SlotInfo *slot, SECItem *derCRL, char *url,
+ int type, void *wincx, PRInt32 importOptions, PLArenaPool *arena, PRInt32 decodeOptions);
+
+/**********************************************************************
+ * Sign/Verify
+ **********************************************************************/
+
+/*
+ * Return the length in bytes of a signature generated with the
+ * private key.
+ *
+ * Return 0 or -1 on failure. (XXX Should we fix it to always return
+ * -1 on failure?)
+ */
+int PK11_SignatureLen(SECKEYPrivateKey *key);
+PK11SlotInfo *PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key);
+SECStatus PK11_Sign(SECKEYPrivateKey *key, SECItem *sig,
+ const SECItem *hash);
+SECStatus PK11_SignWithMechanism(SECKEYPrivateKey *key,
+ CK_MECHANISM_TYPE mechanism,
+ const SECItem *param, SECItem *sig,
+ const SECItem *hash);
+SECStatus PK11_SignWithSymKey(PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism,
+ SECItem *param, SECItem *sig, const SECItem *data);
+SECStatus PK11_VerifyRecover(SECKEYPublicKey *key, const SECItem *sig,
+ SECItem *dsig, void *wincx);
+SECStatus PK11_Verify(SECKEYPublicKey *key, const SECItem *sig,
+ const SECItem *hash, void *wincx);
+SECStatus PK11_VerifyWithMechanism(SECKEYPublicKey *key,
+ CK_MECHANISM_TYPE mechanism,
+ const SECItem *param, const SECItem *sig,
+ const SECItem *hash, void *wincx);
+
+/**********************************************************************
+ * Crypto Contexts
+ **********************************************************************/
+void PK11_DestroyContext(PK11Context *context, PRBool freeit);
+PK11Context *PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey, SECItem *param);
+PK11Context *PK11_CreateDigestContext(SECOidTag hashAlg);
+PK11Context *PK11_CloneContext(PK11Context *old);
+SECStatus PK11_DigestBegin(PK11Context *cx);
+/*
+ * The output buffer 'out' must be big enough to hold the output of
+ * the hash algorithm 'hashAlg'.
+ */
+SECStatus PK11_HashBuf(SECOidTag hashAlg, unsigned char *out,
+ const unsigned char *in, PRInt32 len);
+SECStatus PK11_DigestOp(PK11Context *context, const unsigned char *in,
+ unsigned len);
+SECStatus PK11_CipherOp(PK11Context *context, unsigned char *out, int *outlen,
+ int maxout, const unsigned char *in, int inlen);
+SECStatus PK11_Finalize(PK11Context *context);
+SECStatus PK11_DigestFinal(PK11Context *context, unsigned char *data,
+ unsigned int *outLen, unsigned int length);
+#define PK11_CipherFinal PK11_DigestFinal
+SECStatus PK11_SaveContext(PK11Context *cx, unsigned char *save,
+ int *len, int saveLength);
+
+/* Save the context's state, with possible allocation.
+ * The caller may supply an already allocated buffer in preAllocBuf,
+ * with length pabLen. If the buffer is large enough for the context's
+ * state, it will receive the state.
+ * If the buffer is not large enough (or NULL), then a new buffer will
+ * be allocated with PORT_Alloc.
+ * In either case, the state will be returned as a buffer, and the length
+ * of the state will be given in *stateLen.
+ */
+unsigned char *
+PK11_SaveContextAlloc(PK11Context *cx,
+ unsigned char *preAllocBuf, unsigned int pabLen,
+ unsigned int *stateLen);
+
+SECStatus PK11_RestoreContext(PK11Context *cx, unsigned char *save, int len);
+SECStatus PK11_GenerateFortezzaIV(PK11SymKey *symKey, unsigned char *iv, int len);
+void PK11_SetFortezzaHack(PK11SymKey *symKey);
+
+/**********************************************************************
+ * PBE functions
+ **********************************************************************/
+
+/* This function creates PBE parameters from the given inputs. The result
+ * can be used to create a password integrity key for PKCS#12, by sending
+ * the return value to PK11_KeyGen along with the appropriate mechanism.
+ */
+SECItem *
+PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations);
+
+/* free params created above (can be called after keygen is done */
+void PK11_DestroyPBEParams(SECItem *params);
+
+SECAlgorithmID *
+PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt);
+
+/* use to create PKCS5 V2 algorithms with finder control than that provided
+ * by PK11_CreatePBEAlgorithmID. */
+SECAlgorithmID *
+PK11_CreatePBEV2AlgorithmID(SECOidTag pbeAlgTag, SECOidTag cipherAlgTag,
+ SECOidTag prfAlgTag, int keyLength, int iteration,
+ SECItem *salt);
+PK11SymKey *
+PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
+ PRBool faulty3DES, void *wincx);
+
+/* warning: cannot work with PKCS 5 v2 use PK11_PBEKeyGen instead */
+PK11SymKey *
+PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *params,
+ SECItem *pwitem, PRBool faulty3DES, void *wincx);
+SECItem *
+PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem);
+/*
+ * Get the Mechanism and parameter of the base encryption or mac scheme from
+ * a PBE algorithm ID.
+ * Caller is responsible for freeing the return parameter (param).
+ */
+CK_MECHANISM_TYPE
+PK11_GetPBECryptoMechanism(SECAlgorithmID *algid,
+ SECItem **param, SECItem *pwd);
+
+/**********************************************************************
+ * Functions to manage secmod flags
+ **********************************************************************/
+const PK11DefaultArrayEntry *PK11_GetDefaultArray(int *size);
+SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo *slot,
+ const PK11DefaultArrayEntry *entry,
+ PRBool add);
+
+/**********************************************************************
+ * Functions to look at PKCS #11 dependent data
+ **********************************************************************/
+PK11GenericObject *PK11_FindGenericObjects(PK11SlotInfo *slot,
+ CK_OBJECT_CLASS objClass);
+PK11GenericObject *PK11_GetNextGenericObject(PK11GenericObject *object);
+PK11GenericObject *PK11_GetPrevGenericObject(PK11GenericObject *object);
+SECStatus PK11_UnlinkGenericObject(PK11GenericObject *object);
+SECStatus PK11_LinkGenericObject(PK11GenericObject *list,
+ PK11GenericObject *object);
+SECStatus PK11_DestroyGenericObjects(PK11GenericObject *object);
+SECStatus PK11_DestroyGenericObject(PK11GenericObject *object);
+PK11GenericObject *PK11_CreateGenericObject(PK11SlotInfo *slot,
+ const CK_ATTRIBUTE *pTemplate,
+ int count, PRBool token);
+
+/*
+ * PK11_ReadRawAttribute and PK11_WriteRawAttribute are generic
+ * functions to read and modify the actual PKCS #11 attributes of
+ * the underlying pkcs #11 object.
+ *
+ * object is a pointer to an NSS object that represents the underlying
+ * PKCS #11 object. It's type must match the type of PK11ObjectType
+ * as follows:
+ *
+ * type object
+ * PK11_TypeGeneric PK11GenericObject *
+ * PK11_TypePrivKey SECKEYPrivateKey *
+ * PK11_TypePubKey SECKEYPublicKey *
+ * PK11_TypeSymKey PK11SymKey *
+ *
+ * All other types are considered invalid. If type does not match the object
+ * passed, unpredictable results will occur.
+ *
+ * PK11_ReadRawAttribute allocates the buffer for returning the attribute
+ * value. The caller of PK11_ReadRawAttribute should free the data buffer
+ * pointed to by item using a SECITEM_FreeItem(item, PR_FALSE) or
+ * PORT_Free(item->data) call.
+ */
+SECStatus PK11_ReadRawAttribute(PK11ObjectType type, void *object,
+ CK_ATTRIBUTE_TYPE attr, SECItem *item);
+SECStatus PK11_WriteRawAttribute(PK11ObjectType type, void *object,
+ CK_ATTRIBUTE_TYPE attr, SECItem *item);
+
+/*
+ * PK11_GetAllSlotsForCert returns all the slots that a given certificate
+ * exists on, since it's possible for a cert to exist on more than one
+ * PKCS#11 token.
+ */
+PK11SlotList *
+PK11_GetAllSlotsForCert(CERTCertificate *cert, void *arg);
+
+/**********************************************************************
+ * New functions which are already deprecated....
+ **********************************************************************/
+SECItem *
+PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
+ CERTCertificate *cert, void *pwarg);
+SECItem *
+PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);
+
+PRBool SECMOD_HasRootCerts(void);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pk11wrap/pk11sdr.c b/security/nss/lib/pk11wrap/pk11sdr.c
new file mode 100644
index 000000000..eb67bfba8
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11sdr.c
@@ -0,0 +1,437 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "seccomon.h"
+#include "secoid.h"
+#include "secasn1.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "pk11sdr.h"
+
+/*
+ * Data structure and template for encoding the result of an SDR operation
+ * This is temporary. It should include the algorithm ID of the encryption mechanism
+ */
+struct SDRResult {
+ SECItem keyid;
+ SECAlgorithmID alg;
+ SECItem data;
+};
+typedef struct SDRResult SDRResult;
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+static SEC_ASN1Template template[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SDRResult) },
+ { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, keyid) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SDRResult, alg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, data) },
+ { 0 }
+};
+
+static unsigned char keyID[] = {
+ 0xF8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+};
+
+static SECItem keyIDItem = {
+ 0,
+ keyID,
+ sizeof keyID
+};
+
+/* local utility function for padding an incoming data block
+ * to the mechanism block size.
+ */
+static SECStatus
+padBlock(SECItem *data, int blockSize, SECItem *result)
+{
+ SECStatus rv = SECSuccess;
+ int padLength;
+ unsigned int i;
+
+ result->data = 0;
+ result->len = 0;
+
+ /* This algorithm always adds to the block (to indicate the number
+ * of pad bytes). So allocate a block large enough.
+ */
+ padLength = blockSize - (data->len % blockSize);
+ result->len = data->len + padLength;
+ result->data = (unsigned char *)PORT_Alloc(result->len);
+
+ /* Copy the data */
+ PORT_Memcpy(result->data, data->data, data->len);
+
+ /* Add the pad values */
+ for (i = data->len; i < result->len; i++)
+ result->data[i] = (unsigned char)padLength;
+
+ return rv;
+}
+
+static SECStatus
+unpadBlock(SECItem *data, int blockSize, SECItem *result)
+{
+ SECStatus rv = SECSuccess;
+ int padLength;
+ unsigned int i;
+
+ result->data = 0;
+ result->len = 0;
+
+ /* Remove the padding from the end if the input data */
+ if (data->len == 0 || data->len % blockSize != 0) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ padLength = data->data[data->len - 1];
+ if (padLength > blockSize) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* verify padding */
+ for (i = data->len - padLength; i < data->len; i++) {
+ if (data->data[i] != padLength) {
+ rv = SECFailure;
+ goto loser;
+ }
+ }
+
+ result->len = data->len - padLength;
+ result->data = (unsigned char *)PORT_Alloc(result->len);
+ if (!result->data) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ PORT_Memcpy(result->data, data->data, result->len);
+
+ if (padLength < 2) {
+ return SECWouldBlock;
+ }
+
+loser:
+ return rv;
+}
+
+static PRLock *pk11sdrLock = NULL;
+
+void
+pk11sdr_Init(void)
+{
+ pk11sdrLock = PR_NewLock();
+}
+
+void
+pk11sdr_Shutdown(void)
+{
+ if (pk11sdrLock) {
+ PR_DestroyLock(pk11sdrLock);
+ pk11sdrLock = NULL;
+ }
+}
+
+/*
+ * PK11SDR_Encrypt
+ * Encrypt a block of data using the symmetric key identified. The result
+ * is an ASN.1 (DER) encoded block of keyid, params and data.
+ */
+SECStatus
+PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx)
+{
+ SECStatus rv = SECSuccess;
+ PK11SlotInfo *slot = 0;
+ PK11SymKey *key = 0;
+ SECItem *params = 0;
+ PK11Context *ctx = 0;
+ CK_MECHANISM_TYPE type;
+ SDRResult sdrResult;
+ SECItem paddedData;
+ SECItem *pKeyID;
+ PLArenaPool *arena = 0;
+
+ /* Initialize */
+ paddedData.len = 0;
+ paddedData.data = 0;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (!arena) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* 1. Locate the requested keyid, or the default key (which has a keyid)
+ * 2. Create an encryption context
+ * 3. Encrypt
+ * 4. Encode the results (using ASN.1)
+ */
+
+ slot = PK11_GetInternalKeySlot();
+ if (!slot) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Use triple-DES */
+ type = CKM_DES3_CBC;
+
+ /*
+ * Login to the internal token before we look for the key, otherwise we
+ * won't find it.
+ */
+ rv = PK11_Authenticate(slot, PR_TRUE, cx);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Find the key to use */
+ pKeyID = keyid;
+ if (pKeyID->len == 0) {
+ pKeyID = &keyIDItem; /* Use default value */
+
+ /* put in a course lock to prevent a race between not finding the
+ * key and creating one.
+ */
+
+ if (pk11sdrLock)
+ PR_Lock(pk11sdrLock);
+
+ /* Try to find the key */
+ key = PK11_FindFixedKey(slot, type, pKeyID, cx);
+
+ /* If the default key doesn't exist yet, try to create it */
+ if (!key)
+ key = PK11_GenDES3TokenKey(slot, pKeyID, cx);
+ if (pk11sdrLock)
+ PR_Unlock(pk11sdrLock);
+ } else {
+ key = PK11_FindFixedKey(slot, type, pKeyID, cx);
+ }
+
+ if (!key) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ params = PK11_GenerateNewParam(type, key);
+ if (!params) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ ctx = PK11_CreateContextBySymKey(type, CKA_ENCRYPT, key, params);
+ if (!ctx) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = padBlock(data, PK11_GetBlockSize(type, 0), &paddedData);
+ if (rv != SECSuccess)
+ goto loser;
+
+ sdrResult.data.len = paddedData.len;
+ sdrResult.data.data = (unsigned char *)PORT_ArenaAlloc(arena, sdrResult.data.len);
+
+ rv = PK11_CipherOp(ctx, sdrResult.data.data, (int *)&sdrResult.data.len, sdrResult.data.len,
+ paddedData.data, paddedData.len);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PK11_Finalize(ctx);
+
+ sdrResult.keyid = *pKeyID;
+
+ rv = PK11_ParamToAlgid(SEC_OID_DES_EDE3_CBC, params, arena, &sdrResult.alg);
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (!SEC_ASN1EncodeItem(0, result, &sdrResult, template)) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+loser:
+ SECITEM_ZfreeItem(&paddedData, PR_FALSE);
+ if (arena)
+ PORT_FreeArena(arena, PR_TRUE);
+ if (ctx)
+ PK11_DestroyContext(ctx, PR_TRUE);
+ if (params)
+ SECITEM_ZfreeItem(params, PR_TRUE);
+ if (key)
+ PK11_FreeSymKey(key);
+ if (slot)
+ PK11_FreeSlot(slot);
+
+ return rv;
+}
+
+/* decrypt a block */
+static SECStatus
+pk11Decrypt(PK11SlotInfo *slot, PLArenaPool *arena,
+ CK_MECHANISM_TYPE type, PK11SymKey *key,
+ SECItem *params, SECItem *in, SECItem *result)
+{
+ PK11Context *ctx = 0;
+ SECItem paddedResult;
+ SECStatus rv;
+
+ paddedResult.len = 0;
+ paddedResult.data = 0;
+
+ ctx = PK11_CreateContextBySymKey(type, CKA_DECRYPT, key, params);
+ if (!ctx) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ paddedResult.len = in->len;
+ paddedResult.data = PORT_ArenaAlloc(arena, paddedResult.len);
+
+ rv = PK11_CipherOp(ctx, paddedResult.data,
+ (int *)&paddedResult.len, paddedResult.len,
+ in->data, in->len);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PK11_Finalize(ctx);
+
+ /* Remove the padding */
+ rv = unpadBlock(&paddedResult, PK11_GetBlockSize(type, 0), result);
+ if (rv)
+ goto loser;
+
+loser:
+ if (ctx)
+ PK11_DestroyContext(ctx, PR_TRUE);
+ return rv;
+}
+
+/*
+ * PK11SDR_Decrypt
+ * Decrypt a block of data produced by PK11SDR_Encrypt. The key used is identified
+ * by the keyid field within the input.
+ */
+SECStatus
+PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx)
+{
+ SECStatus rv = SECSuccess;
+ PK11SlotInfo *slot = 0;
+ PK11SymKey *key = 0;
+ CK_MECHANISM_TYPE type;
+ SDRResult sdrResult;
+ SECItem *params = 0;
+ SECItem possibleResult = { 0, NULL, 0 };
+ PLArenaPool *arena = 0;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (!arena) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Decode the incoming data */
+ memset(&sdrResult, 0, sizeof sdrResult);
+ rv = SEC_QuickDERDecodeItem(arena, &sdrResult, template, data);
+ if (rv != SECSuccess)
+ goto loser; /* Invalid format */
+
+ /* Find the slot and key for the given keyid */
+ slot = PK11_GetInternalKeySlot();
+ if (!slot) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = PK11_Authenticate(slot, PR_TRUE, cx);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Get the parameter values from the data */
+ params = PK11_ParamFromAlgid(&sdrResult.alg);
+ if (!params) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Use triple-DES (Should look up the algorithm) */
+ type = CKM_DES3_CBC;
+ key = PK11_FindFixedKey(slot, type, &sdrResult.keyid, cx);
+ if (!key) {
+ rv = SECFailure;
+ } else {
+ rv = pk11Decrypt(slot, arena, type, key, params,
+ &sdrResult.data, result);
+ }
+
+ /*
+ * if the pad value was too small (1 or 2), then it's statistically
+ * 'likely' that (1 in 256) that we may not have the correct key.
+ * Check the other keys for a better match. If we find none, use
+ * this result.
+ */
+ if (rv == SECWouldBlock) {
+ possibleResult = *result;
+ }
+
+ /*
+ * handle the case where your key indicies may have been broken
+ */
+ if (rv != SECSuccess) {
+ PK11SymKey *keyList = PK11_ListFixedKeysInSlot(slot, NULL, cx);
+ PK11SymKey *testKey = NULL;
+ PK11SymKey *nextKey = NULL;
+
+ for (testKey = keyList; testKey;
+ testKey = PK11_GetNextSymKey(testKey)) {
+ rv = pk11Decrypt(slot, arena, type, testKey, params,
+ &sdrResult.data, result);
+ if (rv == SECSuccess) {
+ break;
+ }
+ /* found a close match. If it's our first remember it */
+ if (rv == SECWouldBlock) {
+ if (possibleResult.data) {
+ /* this is unlikely but possible. If we hit this condition,
+ * we have no way of knowing which possibility to prefer.
+ * in this case we just match the key the application
+ * thought was the right one */
+ SECITEM_ZfreeItem(result, PR_FALSE);
+ } else {
+ possibleResult = *result;
+ }
+ }
+ }
+
+ /* free the list */
+ for (testKey = keyList; testKey; testKey = nextKey) {
+ nextKey = PK11_GetNextSymKey(testKey);
+ PK11_FreeSymKey(testKey);
+ }
+ }
+
+ /* we didn't find a better key, use the one with a small pad value */
+ if ((rv != SECSuccess) && (possibleResult.data)) {
+ *result = possibleResult;
+ possibleResult.data = NULL;
+ rv = SECSuccess;
+ }
+
+loser:
+ if (arena)
+ PORT_FreeArena(arena, PR_TRUE);
+ if (key)
+ PK11_FreeSymKey(key);
+ if (params)
+ SECITEM_ZfreeItem(params, PR_TRUE);
+ if (slot)
+ PK11_FreeSlot(slot);
+ if (possibleResult.data)
+ SECITEM_ZfreeItem(&possibleResult, PR_FALSE);
+
+ return rv;
+}
diff --git a/security/nss/lib/pk11wrap/pk11sdr.h b/security/nss/lib/pk11wrap/pk11sdr.h
new file mode 100644
index 000000000..0ffa42534
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11sdr.h
@@ -0,0 +1,28 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _PK11SDR_H_
+#define _PK11SDR_H_
+
+#include "seccomon.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+ * PK11SDR_Encrypt - encrypt data using the specified key id or SDR default
+ * result should be freed with SECItem_ZfreeItem
+ */
+SECStatus
+PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx);
+
+/*
+ * PK11SDR_Decrypt - decrypt data previously encrypted with PK11SDR_Encrypt
+ * result should be freed with SECItem_ZfreeItem
+ */
+SECStatus
+PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c
new file mode 100644
index 000000000..e6301388e
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11skey.c
@@ -0,0 +1,2770 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements the Symkey wrapper and the PKCS context
+ * Interfaces.
+ */
+
+#include "seccomon.h"
+#include "secmod.h"
+#include "nssilock.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secerr.h"
+#include "hasht.h"
+
+static void
+pk11_EnterKeyMonitor(PK11SymKey *symKey)
+{
+ if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
+ PK11_EnterSlotMonitor(symKey->slot);
+}
+
+static void
+pk11_ExitKeyMonitor(PK11SymKey *symKey)
+{
+ if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
+ PK11_ExitSlotMonitor(symKey->slot);
+}
+
+/*
+ * pk11_getKeyFromList returns a symKey that has a session (if needSession
+ * was specified), or explicitly does not have a session (if needSession
+ * was not specified).
+ */
+static PK11SymKey *
+pk11_getKeyFromList(PK11SlotInfo *slot, PRBool needSession)
+{
+ PK11SymKey *symKey = NULL;
+
+ PZ_Lock(slot->freeListLock);
+ /* own session list are symkeys with sessions that the symkey owns.
+ * 'most' symkeys will own their own session. */
+ if (needSession) {
+ if (slot->freeSymKeysWithSessionHead) {
+ symKey = slot->freeSymKeysWithSessionHead;
+ slot->freeSymKeysWithSessionHead = symKey->next;
+ slot->keyCount--;
+ }
+ }
+ /* if we don't need a symkey with its own session, or we couldn't find
+ * one on the owner list, get one from the non-owner free list. */
+ if (!symKey) {
+ if (slot->freeSymKeysHead) {
+ symKey = slot->freeSymKeysHead;
+ slot->freeSymKeysHead = symKey->next;
+ slot->keyCount--;
+ }
+ }
+ PZ_Unlock(slot->freeListLock);
+ if (symKey) {
+ symKey->next = NULL;
+ if (!needSession) {
+ return symKey;
+ }
+ /* if we are getting an owner key, make sure we have a valid session.
+ * session could be invalid if the token has been removed or because
+ * we got it from the non-owner free list */
+ if ((symKey->series != slot->series) ||
+ (symKey->session == CK_INVALID_SESSION)) {
+ symKey->session = pk11_GetNewSession(slot, &symKey->sessionOwner);
+ }
+ PORT_Assert(symKey->session != CK_INVALID_SESSION);
+ if (symKey->session != CK_INVALID_SESSION)
+ return symKey;
+ PK11_FreeSymKey(symKey);
+ /* if we are here, we need a session, but couldn't get one, it's
+ * unlikely we pk11_GetNewSession will succeed if we call it a second
+ * time. */
+ return NULL;
+ }
+
+ symKey = PORT_New(PK11SymKey);
+ if (symKey == NULL) {
+ return NULL;
+ }
+
+ symKey->next = NULL;
+ if (needSession) {
+ symKey->session = pk11_GetNewSession(slot, &symKey->sessionOwner);
+ PORT_Assert(symKey->session != CK_INVALID_SESSION);
+ if (symKey->session == CK_INVALID_SESSION) {
+ PK11_FreeSymKey(symKey);
+ symKey = NULL;
+ }
+ } else {
+ symKey->session = CK_INVALID_SESSION;
+ }
+ return symKey;
+}
+
+/* Caller MUST hold slot->freeListLock (or ref count == 0?) !! */
+void
+PK11_CleanKeyList(PK11SlotInfo *slot)
+{
+ PK11SymKey *symKey = NULL;
+
+ while (slot->freeSymKeysWithSessionHead) {
+ symKey = slot->freeSymKeysWithSessionHead;
+ slot->freeSymKeysWithSessionHead = symKey->next;
+ pk11_CloseSession(slot, symKey->session, symKey->sessionOwner);
+ PORT_Free(symKey);
+ }
+ while (slot->freeSymKeysHead) {
+ symKey = slot->freeSymKeysHead;
+ slot->freeSymKeysHead = symKey->next;
+ pk11_CloseSession(slot, symKey->session, symKey->sessionOwner);
+ PORT_Free(symKey);
+ }
+ return;
+}
+
+/*
+ * create a symetric key:
+ * Slot is the slot to create the key in.
+ * type is the mechanism type
+ * owner is does this symKey structure own it's object handle (rare
+ * that this is false).
+ * needSession means the returned symKey will return with a valid session
+ * allocated already.
+ */
+static PK11SymKey *
+pk11_CreateSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PRBool owner, PRBool needSession, void *wincx)
+{
+
+ PK11SymKey *symKey = pk11_getKeyFromList(slot, needSession);
+
+ if (symKey == NULL) {
+ return NULL;
+ }
+ /* if needSession was specified, make sure we have a valid session.
+ * callers which specify needSession as false should do their own
+ * check of the session before returning the symKey */
+ if (needSession && symKey->session == CK_INVALID_SESSION) {
+ PK11_FreeSymKey(symKey);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ symKey->type = type;
+ symKey->data.type = siBuffer;
+ symKey->data.data = NULL;
+ symKey->data.len = 0;
+ symKey->owner = owner;
+ symKey->objectID = CK_INVALID_HANDLE;
+ symKey->slot = slot;
+ symKey->series = slot->series;
+ symKey->cx = wincx;
+ symKey->size = 0;
+ symKey->refCount = 1;
+ symKey->origin = PK11_OriginNULL;
+ symKey->parent = NULL;
+ symKey->freeFunc = NULL;
+ symKey->userData = NULL;
+ PK11_ReferenceSlot(slot);
+ return symKey;
+}
+
+/*
+ * destroy a symetric key
+ */
+void
+PK11_FreeSymKey(PK11SymKey *symKey)
+{
+ PK11SlotInfo *slot;
+ PRBool freeit = PR_TRUE;
+
+ if (PR_ATOMIC_DECREMENT(&symKey->refCount) == 0) {
+ PK11SymKey *parent = symKey->parent;
+
+ symKey->parent = NULL;
+ if ((symKey->owner) && symKey->objectID != CK_INVALID_HANDLE) {
+ pk11_EnterKeyMonitor(symKey);
+ (void)PK11_GETTAB(symKey->slot)->C_DestroyObject(symKey->session, symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+ }
+ if (symKey->data.data) {
+ PORT_Memset(symKey->data.data, 0, symKey->data.len);
+ PORT_Free(symKey->data.data);
+ }
+ /* free any existing data */
+ if (symKey->userData && symKey->freeFunc) {
+ (*symKey->freeFunc)(symKey->userData);
+ }
+ slot = symKey->slot;
+ PZ_Lock(slot->freeListLock);
+ if (slot->keyCount < slot->maxKeyCount) {
+ /*
+ * freeSymkeysWithSessionHead contain a list of reusable
+ * SymKey structures with valid sessions.
+ * sessionOwner must be true.
+ * session must be valid.
+ * freeSymKeysHead contain a list of SymKey structures without
+ * valid session.
+ * session must be CK_INVALID_SESSION.
+ * though sessionOwner is false, callers should not depend on
+ * this fact.
+ */
+ if (symKey->sessionOwner) {
+ PORT_Assert(symKey->session != CK_INVALID_SESSION);
+ symKey->next = slot->freeSymKeysWithSessionHead;
+ slot->freeSymKeysWithSessionHead = symKey;
+ } else {
+ symKey->session = CK_INVALID_SESSION;
+ symKey->next = slot->freeSymKeysHead;
+ slot->freeSymKeysHead = symKey;
+ }
+ slot->keyCount++;
+ symKey->slot = NULL;
+ freeit = PR_FALSE;
+ }
+ PZ_Unlock(slot->freeListLock);
+ if (freeit) {
+ pk11_CloseSession(symKey->slot, symKey->session,
+ symKey->sessionOwner);
+ PORT_Free(symKey);
+ }
+ PK11_FreeSlot(slot);
+
+ if (parent) {
+ PK11_FreeSymKey(parent);
+ }
+ }
+}
+
+PK11SymKey *
+PK11_ReferenceSymKey(PK11SymKey *symKey)
+{
+ PR_ATOMIC_INCREMENT(&symKey->refCount);
+ return symKey;
+}
+
+/*
+ * Accessors
+ */
+CK_MECHANISM_TYPE
+PK11_GetMechanism(PK11SymKey *symKey)
+{
+ return symKey->type;
+}
+
+/*
+ * return the slot associated with a symetric key
+ */
+PK11SlotInfo *
+PK11_GetSlotFromKey(PK11SymKey *symKey)
+{
+ return PK11_ReferenceSlot(symKey->slot);
+}
+
+CK_KEY_TYPE
+PK11_GetSymKeyType(PK11SymKey *symKey)
+{
+ return PK11_GetKeyType(symKey->type, symKey->size);
+}
+
+PK11SymKey *
+PK11_GetNextSymKey(PK11SymKey *symKey)
+{
+ return symKey ? symKey->next : NULL;
+}
+
+char *
+PK11_GetSymKeyNickname(PK11SymKey *symKey)
+{
+ return PK11_GetObjectNickname(symKey->slot, symKey->objectID);
+}
+
+SECStatus
+PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname)
+{
+ return PK11_SetObjectNickname(symKey->slot, symKey->objectID, nickname);
+}
+
+void *
+PK11_GetSymKeyUserData(PK11SymKey *symKey)
+{
+ return symKey->userData;
+}
+
+void
+PK11_SetSymKeyUserData(PK11SymKey *symKey, void *userData,
+ PK11FreeDataFunc freeFunc)
+{
+ /* free any existing data */
+ if (symKey->userData && symKey->freeFunc) {
+ (*symKey->freeFunc)(symKey->userData);
+ }
+ symKey->userData = userData;
+ symKey->freeFunc = freeFunc;
+ return;
+}
+
+/*
+ * turn key handle into an appropriate key object
+ */
+PK11SymKey *
+PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent, PK11Origin origin,
+ CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID, PRBool owner, void *wincx)
+{
+ PK11SymKey *symKey;
+ PRBool needSession = !(owner && parent);
+
+ if (keyID == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+
+ symKey = pk11_CreateSymKey(slot, type, owner, needSession, wincx);
+ if (symKey == NULL) {
+ return NULL;
+ }
+
+ symKey->objectID = keyID;
+ symKey->origin = origin;
+
+ /* adopt the parent's session */
+ /* This is only used by SSL. What we really want here is a session
+ * structure with a ref count so the session goes away only after all the
+ * keys do. */
+ if (!needSession) {
+ symKey->sessionOwner = PR_FALSE;
+ symKey->session = parent->session;
+ symKey->parent = PK11_ReferenceSymKey(parent);
+ /* This is the only case where pk11_CreateSymKey does not explicitly
+ * check symKey->session. We need to assert here to make sure.
+ * the session isn't invalid. */
+ PORT_Assert(parent->session != CK_INVALID_SESSION);
+ if (parent->session == CK_INVALID_SESSION) {
+ PK11_FreeSymKey(symKey);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ }
+
+ return symKey;
+}
+
+/*
+ * turn key handle into an appropriate key object
+ */
+PK11SymKey *
+PK11_GetWrapKey(PK11SlotInfo *slot, int wrap, CK_MECHANISM_TYPE type,
+ int series, void *wincx)
+{
+ PK11SymKey *symKey = NULL;
+
+ if (slot->series != series)
+ return NULL;
+ if (slot->refKeys[wrap] == CK_INVALID_HANDLE)
+ return NULL;
+ if (type == CKM_INVALID_MECHANISM)
+ type = slot->wrapMechanism;
+
+ symKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
+ slot->wrapMechanism, slot->refKeys[wrap], PR_FALSE, wincx);
+ return symKey;
+}
+
+/*
+ * This function is not thread-safe because it sets wrapKey->sessionOwner
+ * without using a lock or atomic routine. It can only be called when
+ * only one thread has a reference to wrapKey.
+ */
+void
+PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey)
+{
+ /* save the handle and mechanism for the wrapping key */
+ /* mark the key and session as not owned by us to they don't get freed
+ * when the key goes way... that lets us reuse the key later */
+ slot->refKeys[wrap] = wrapKey->objectID;
+ wrapKey->owner = PR_FALSE;
+ wrapKey->sessionOwner = PR_FALSE;
+ slot->wrapMechanism = wrapKey->type;
+}
+
+/*
+ * figure out if a key is still valid or if it is stale.
+ */
+PRBool
+PK11_VerifyKeyOK(PK11SymKey *key)
+{
+ if (!PK11_IsPresent(key->slot)) {
+ return PR_FALSE;
+ }
+ return (PRBool)(key->series == key->slot->series);
+}
+
+static PK11SymKey *
+pk11_ImportSymKeyWithTempl(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PK11Origin origin, PRBool isToken, CK_ATTRIBUTE *keyTemplate,
+ unsigned int templateCount, SECItem *key, void *wincx)
+{
+ PK11SymKey *symKey;
+ SECStatus rv;
+
+ symKey = pk11_CreateSymKey(slot, type, !isToken, PR_TRUE, wincx);
+ if (symKey == NULL) {
+ return NULL;
+ }
+
+ symKey->size = key->len;
+
+ PK11_SETATTRS(&keyTemplate[templateCount], CKA_VALUE, key->data, key->len);
+ templateCount++;
+
+ if (SECITEM_CopyItem(NULL, &symKey->data, key) != SECSuccess) {
+ PK11_FreeSymKey(symKey);
+ return NULL;
+ }
+
+ symKey->origin = origin;
+
+ /* import the keys */
+ rv = PK11_CreateNewObject(slot, symKey->session, keyTemplate,
+ templateCount, isToken, &symKey->objectID);
+ if (rv != SECSuccess) {
+ PK11_FreeSymKey(symKey);
+ return NULL;
+ }
+
+ return symKey;
+}
+
+/*
+ * turn key bits into an appropriate key object
+ */
+PK11SymKey *
+PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, void *wincx)
+{
+ PK11SymKey *symKey;
+ unsigned int templateCount = 0;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_BBOOL cktrue = CK_TRUE; /* sigh */
+ CK_ATTRIBUTE keyTemplate[5];
+ CK_ATTRIBUTE *attrs = keyTemplate;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, operation, &cktrue, 1);
+ attrs++;
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount + 1 <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ keyType = PK11_GetKeyType(type, key->len);
+ symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, PR_FALSE,
+ keyTemplate, templateCount, key, wincx);
+ return symKey;
+}
+
+/*
+ * turn key bits into an appropriate key object
+ */
+PK11SymKey *
+PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
+ CK_FLAGS flags, PRBool isPerm, void *wincx)
+{
+ PK11SymKey *symKey;
+ unsigned int templateCount = 0;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_BBOOL cktrue = CK_TRUE; /* sigh */
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ CK_ATTRIBUTE *attrs = keyTemplate;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ if (isPerm) {
+ PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue));
+ attrs++;
+ /* sigh some tokens think CKA_PRIVATE = false is a reasonable
+ * default for secret keys */
+ PK11_SETATTRS(attrs, CKA_PRIVATE, &cktrue, sizeof(cktrue));
+ attrs++;
+ }
+ attrs += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
+ if ((operation != CKA_FLAGS_ONLY) &&
+ !pk11_FindAttrInTemplate(keyTemplate, attrs - keyTemplate, operation)) {
+ PK11_SETATTRS(attrs, operation, &cktrue, sizeof(cktrue));
+ attrs++;
+ }
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount + 1 <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ keyType = PK11_GetKeyType(type, key->len);
+ symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, isPerm,
+ keyTemplate, templateCount, key, wincx);
+ if (symKey && isPerm) {
+ symKey->owner = PR_FALSE;
+ }
+ return symKey;
+}
+
+PK11SymKey *
+PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *keyID,
+ void *wincx)
+{
+ CK_ATTRIBUTE findTemp[4];
+ CK_ATTRIBUTE *attrs;
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
+ int tsize = 0;
+ CK_OBJECT_HANDLE key_id;
+
+ attrs = findTemp;
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue));
+ attrs++;
+ if (keyID) {
+ PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len);
+ attrs++;
+ }
+ tsize = attrs - findTemp;
+ PORT_Assert(tsize <= sizeof(findTemp) / sizeof(CK_ATTRIBUTE));
+
+ key_id = pk11_FindObjectByTemplate(slot, findTemp, tsize);
+ if (key_id == CK_INVALID_HANDLE) {
+ return NULL;
+ }
+ return PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive, type, key_id,
+ PR_FALSE, wincx);
+}
+
+PK11SymKey *
+PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
+{
+ CK_ATTRIBUTE findTemp[4];
+ CK_ATTRIBUTE *attrs;
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
+ int tsize = 0;
+ int objCount = 0;
+ CK_OBJECT_HANDLE *key_ids;
+ PK11SymKey *nextKey = NULL;
+ PK11SymKey *topKey = NULL;
+ int i, len;
+
+ attrs = findTemp;
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue));
+ attrs++;
+ if (nickname) {
+ len = PORT_Strlen(nickname);
+ PK11_SETATTRS(attrs, CKA_LABEL, nickname, len);
+ attrs++;
+ }
+ tsize = attrs - findTemp;
+ PORT_Assert(tsize <= sizeof(findTemp) / sizeof(CK_ATTRIBUTE));
+
+ key_ids = pk11_FindObjectsByTemplate(slot, findTemp, tsize, &objCount);
+ if (key_ids == NULL) {
+ return NULL;
+ }
+
+ for (i = 0; i < objCount; i++) {
+ SECItem typeData;
+ CK_KEY_TYPE type = CKK_GENERIC_SECRET;
+ SECStatus rv = PK11_ReadAttribute(slot, key_ids[i],
+ CKA_KEY_TYPE, NULL, &typeData);
+ if (rv == SECSuccess) {
+ if (typeData.len == sizeof(CK_KEY_TYPE)) {
+ type = *(CK_KEY_TYPE *)typeData.data;
+ }
+ PORT_Free(typeData.data);
+ }
+ nextKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
+ PK11_GetKeyMechanism(type), key_ids[i], PR_FALSE, wincx);
+ if (nextKey) {
+ nextKey->next = topKey;
+ topKey = nextKey;
+ }
+ }
+ PORT_Free(key_ids);
+ return topKey;
+}
+
+void *
+PK11_GetWindow(PK11SymKey *key)
+{
+ return key->cx;
+}
+
+/*
+ * extract a symetric key value. NOTE: if the key is sensitive, we will
+ * not be able to do this operation. This function is used to move
+ * keys from one token to another */
+SECStatus
+PK11_ExtractKeyValue(PK11SymKey *symKey)
+{
+ SECStatus rv;
+
+ if (symKey->data.data != NULL) {
+ if (symKey->size == 0) {
+ symKey->size = symKey->data.len;
+ }
+ return SECSuccess;
+ }
+
+ if (symKey->slot == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = PK11_ReadAttribute(symKey->slot, symKey->objectID, CKA_VALUE, NULL,
+ &symKey->data);
+ if (rv == SECSuccess) {
+ symKey->size = symKey->data.len;
+ }
+ return rv;
+}
+
+SECStatus
+PK11_DeleteTokenSymKey(PK11SymKey *symKey)
+{
+ if (!PK11_IsPermObject(symKey->slot, symKey->objectID)) {
+ return SECFailure;
+ }
+ PK11_DestroyTokenObject(symKey->slot, symKey->objectID);
+ symKey->objectID = CK_INVALID_HANDLE;
+ return SECSuccess;
+}
+
+SECItem *
+PK11_GetKeyData(PK11SymKey *symKey)
+{
+ return &symKey->data;
+}
+
+/* This symbol is exported for backward compatibility. */
+SECItem *
+__PK11_GetKeyData(PK11SymKey *symKey)
+{
+ return PK11_GetKeyData(symKey);
+}
+
+/*
+ * PKCS #11 key Types with predefined length
+ */
+unsigned int
+pk11_GetPredefinedKeyLength(CK_KEY_TYPE keyType)
+{
+ int length = 0;
+ switch (keyType) {
+ case CKK_DES:
+ length = 8;
+ break;
+ case CKK_DES2:
+ length = 16;
+ break;
+ case CKK_DES3:
+ length = 24;
+ break;
+ case CKK_SKIPJACK:
+ length = 10;
+ break;
+ case CKK_BATON:
+ length = 20;
+ break;
+ case CKK_JUNIPER:
+ length = 20;
+ break;
+ default:
+ break;
+ }
+ return length;
+}
+
+/* return the keylength if possible. '0' if not */
+unsigned int
+PK11_GetKeyLength(PK11SymKey *key)
+{
+ CK_KEY_TYPE keyType;
+
+ if (key->size != 0)
+ return key->size;
+
+ /* First try to figure out the key length from its type */
+ keyType = PK11_ReadULongAttribute(key->slot, key->objectID, CKA_KEY_TYPE);
+ key->size = pk11_GetPredefinedKeyLength(keyType);
+ if ((keyType == CKK_GENERIC_SECRET) &&
+ (key->type == CKM_SSL3_PRE_MASTER_KEY_GEN)) {
+ key->size = 48;
+ }
+
+ if (key->size != 0)
+ return key->size;
+
+ if (key->data.data == NULL) {
+ PK11_ExtractKeyValue(key);
+ }
+ /* key is probably secret. Look up its length */
+ /* this is new PKCS #11 version 2.0 functionality. */
+ if (key->size == 0) {
+ CK_ULONG keyLength;
+
+ keyLength = PK11_ReadULongAttribute(key->slot, key->objectID, CKA_VALUE_LEN);
+ if (keyLength != CK_UNAVAILABLE_INFORMATION) {
+ key->size = (unsigned int)keyLength;
+ }
+ }
+
+ return key->size;
+}
+
+/* return the strength of a key. This is different from length in that
+ * 1) it returns the size in bits, and 2) it returns only the secret portions
+ * of the key minus any checksums or parity.
+ */
+unsigned int
+PK11_GetKeyStrength(PK11SymKey *key, SECAlgorithmID *algid)
+{
+ int size = 0;
+ CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM; /* RC2 only */
+ SECItem *param = NULL; /* RC2 only */
+ CK_RC2_CBC_PARAMS *rc2_params = NULL; /* RC2 ONLY */
+ unsigned int effectiveBits = 0; /* RC2 ONLY */
+
+ switch (PK11_GetKeyType(key->type, 0)) {
+ case CKK_CDMF:
+ return 40;
+ case CKK_DES:
+ return 56;
+ case CKK_DES3:
+ case CKK_DES2:
+ size = PK11_GetKeyLength(key);
+ if (size == 16) {
+ /* double des */
+ return 112; /* 16*7 */
+ }
+ return 168;
+ /*
+ * RC2 has is different than other ciphers in that it allows the user
+ * to deprecating keysize while still requiring all the bits for the
+ * original key. The info
+ * on what the effective key strength is in the parameter for the key.
+ * In S/MIME this parameter is stored in the DER encoded algid. In Our
+ * other uses of RC2, effectiveBits == keyBits, so this code functions
+ * correctly without an algid.
+ */
+ case CKK_RC2:
+ /* if no algid was provided, fall through to default */
+ if (!algid) {
+ break;
+ }
+ /* verify that the algid is for RC2 */
+ mechanism = PK11_AlgtagToMechanism(SECOID_GetAlgorithmTag(algid));
+ if ((mechanism != CKM_RC2_CBC) && (mechanism != CKM_RC2_ECB)) {
+ break;
+ }
+
+ /* now get effective bits from the algorithm ID. */
+ param = PK11_ParamFromAlgid(algid);
+ /* if we couldn't get memory just use key length */
+ if (param == NULL) {
+ break;
+ }
+
+ rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
+ /* paranoia... shouldn't happen */
+ PORT_Assert(param->data != NULL);
+ if (param->data == NULL) {
+ SECITEM_FreeItem(param, PR_TRUE);
+ break;
+ }
+ effectiveBits = (unsigned int)rc2_params->ulEffectiveBits;
+ SECITEM_FreeItem(param, PR_TRUE);
+ param = NULL;
+ rc2_params = NULL; /* paranoia */
+
+ /* we have effective bits, is and allocated memory is free, now
+ * we need to return the smaller of effective bits and keysize */
+ size = PK11_GetKeyLength(key);
+ if ((unsigned int)size * 8 > effectiveBits) {
+ return effectiveBits;
+ }
+
+ return size * 8; /* the actual key is smaller, the strength can't be
+ * greater than the actual key size */
+
+ default:
+ break;
+ }
+ return PK11_GetKeyLength(key) * 8;
+}
+
+/*
+ * The next three utilities are to deal with the fact that a given operation
+ * may be a multi-slot affair. This creates a new key object that is copied
+ * into the new slot.
+ */
+PK11SymKey *
+pk11_CopyToSlotPerm(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags,
+ PRBool isPerm, PK11SymKey *symKey)
+{
+ SECStatus rv;
+ PK11SymKey *newKey = NULL;
+
+ /* Extract the raw key data if possible */
+ if (symKey->data.data == NULL) {
+ rv = PK11_ExtractKeyValue(symKey);
+ /* KEY is sensitive, we're try key exchanging it. */
+ if (rv != SECSuccess) {
+ return pk11_KeyExchange(slot, type, operation,
+ flags, isPerm, symKey);
+ }
+ }
+
+ newKey = PK11_ImportSymKeyWithFlags(slot, type, symKey->origin,
+ operation, &symKey->data, flags, isPerm, symKey->cx);
+ if (newKey == NULL) {
+ newKey = pk11_KeyExchange(slot, type, operation, flags, isPerm, symKey);
+ }
+ return newKey;
+}
+
+PK11SymKey *
+pk11_CopyToSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
+{
+ return pk11_CopyToSlotPerm(slot, type, operation, 0, PR_FALSE, symKey);
+}
+
+/*
+ * Make sure the slot we are in is the correct slot for the operation
+ * by verifying that it supports all of the specified mechanism types.
+ */
+PK11SymKey *
+pk11_ForceSlotMultiple(PK11SymKey *symKey, CK_MECHANISM_TYPE *type,
+ int mechCount, CK_ATTRIBUTE_TYPE operation)
+{
+ PK11SlotInfo *slot = symKey->slot;
+ PK11SymKey *newKey = NULL;
+ PRBool needToCopy = PR_FALSE;
+ int i;
+
+ if (slot == NULL) {
+ needToCopy = PR_TRUE;
+ } else {
+ i = 0;
+ while ((i < mechCount) && (needToCopy == PR_FALSE)) {
+ if (!PK11_DoesMechanism(slot, type[i])) {
+ needToCopy = PR_TRUE;
+ }
+ i++;
+ }
+ }
+
+ if (needToCopy == PR_TRUE) {
+ slot = PK11_GetBestSlotMultiple(type, mechCount, symKey->cx);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+ newKey = pk11_CopyToSlot(slot, type[0], operation, symKey);
+ PK11_FreeSlot(slot);
+ }
+ return newKey;
+}
+
+/*
+ * Make sure the slot we are in is the correct slot for the operation
+ */
+PK11SymKey *
+pk11_ForceSlot(PK11SymKey *symKey, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation)
+{
+ return pk11_ForceSlotMultiple(symKey, &type, 1, operation);
+}
+
+PK11SymKey *
+PK11_MoveSymKey(PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation,
+ CK_FLAGS flags, PRBool perm, PK11SymKey *symKey)
+{
+ if (symKey->slot == slot) {
+ if (perm) {
+ return PK11_ConvertSessionSymKeyToTokenSymKey(symKey, symKey->cx);
+ } else {
+ return PK11_ReferenceSymKey(symKey);
+ }
+ }
+
+ return pk11_CopyToSlotPerm(slot, symKey->type,
+ operation, flags, perm, symKey);
+}
+
+/*
+ * Use the token to generate a key.
+ *
+ * keySize must be 'zero' for fixed key length algorithms. A nonzero
+ * keySize causes the CKA_VALUE_LEN attribute to be added to the template
+ * for the key. Most PKCS #11 modules fail if you specify the CKA_VALUE_LEN
+ * attribute for keys with fixed length. The exception is DES2. If you
+ * select a CKM_DES3_CBC mechanism, this code will not add the CKA_VALUE_LEN
+ * parameter and use the key size to determine which underlying DES keygen
+ * function to use (CKM_DES2_KEY_GEN or CKM_DES3_KEY_GEN).
+ *
+ * keyType must be -1 for most algorithms. Some PBE algorthims cannot
+ * determine the correct key type from the mechanism or the parameters,
+ * so key type must be specified. Other PKCS #11 mechanisms may do so in
+ * the future. Currently there is no need to export this publically.
+ * Keep it private until there is a need in case we need to expand the
+ * keygen parameters again...
+ *
+ * CK_FLAGS flags: key operation flags
+ * PK11AttrFlags attrFlags: PK11_ATTR_XXX key attribute flags
+ */
+PK11SymKey *
+pk11_TokenKeyGenWithFlagsAndKeyType(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ SECItem *param, CK_KEY_TYPE keyType, int keySize, SECItem *keyid,
+ CK_FLAGS opFlags, PK11AttrFlags attrFlags, void *wincx)
+{
+ PK11SymKey *symKey;
+ CK_ATTRIBUTE genTemplate[MAX_TEMPL_ATTRS];
+ CK_ATTRIBUTE *attrs = genTemplate;
+ int count = sizeof(genTemplate) / sizeof(genTemplate[0]);
+ CK_MECHANISM_TYPE keyGenType;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_ULONG ck_key_size; /* only used for variable-length keys */
+
+ if (pk11_BadAttrFlags(attrFlags)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if ((keySize != 0) && (type != CKM_DES3_CBC) &&
+ (type != CKM_DES3_CBC_PAD) && (type != CKM_DES3_ECB)) {
+ ck_key_size = keySize; /* Convert to PK11 type */
+
+ PK11_SETATTRS(attrs, CKA_VALUE_LEN, &ck_key_size, sizeof(ck_key_size));
+ attrs++;
+ }
+
+ if (keyType != -1) {
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(CK_KEY_TYPE));
+ attrs++;
+ }
+
+ /* Include key id value if provided */
+ if (keyid) {
+ PK11_SETATTRS(attrs, CKA_ID, keyid->data, keyid->len);
+ attrs++;
+ }
+
+ attrs += pk11_AttrFlagsToAttributes(attrFlags, attrs, &cktrue, &ckfalse);
+ attrs += pk11_OpFlagsToAttributes(opFlags, attrs, &cktrue);
+
+ count = attrs - genTemplate;
+ PR_ASSERT(count <= sizeof(genTemplate) / sizeof(CK_ATTRIBUTE));
+
+ keyGenType = PK11_GetKeyGenWithSize(type, keySize);
+ if (keyGenType == CKM_FAKE_RANDOM) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+ symKey = PK11_KeyGenWithTemplate(slot, type, keyGenType,
+ param, genTemplate, count, wincx);
+ if (symKey != NULL) {
+ symKey->size = keySize;
+ }
+ return symKey;
+}
+
+/*
+ * Use the token to generate a key. - Public
+ *
+ * keySize must be 'zero' for fixed key length algorithms. A nonzero
+ * keySize causes the CKA_VALUE_LEN attribute to be added to the template
+ * for the key. Most PKCS #11 modules fail if you specify the CKA_VALUE_LEN
+ * attribute for keys with fixed length. The exception is DES2. If you
+ * select a CKM_DES3_CBC mechanism, this code will not add the CKA_VALUE_LEN
+ * parameter and use the key size to determine which underlying DES keygen
+ * function to use (CKM_DES2_KEY_GEN or CKM_DES3_KEY_GEN).
+ *
+ * CK_FLAGS flags: key operation flags
+ * PK11AttrFlags attrFlags: PK11_ATTR_XXX key attribute flags
+ */
+PK11SymKey *
+PK11_TokenKeyGenWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ SECItem *param, int keySize, SECItem *keyid, CK_FLAGS opFlags,
+ PK11AttrFlags attrFlags, void *wincx)
+{
+ return pk11_TokenKeyGenWithFlagsAndKeyType(slot, type, param, -1, keySize,
+ keyid, opFlags, attrFlags, wincx);
+}
+
+/*
+ * Use the token to generate a key. keySize must be 'zero' for fixed key
+ * length algorithms. A nonzero keySize causes the CKA_VALUE_LEN attribute
+ * to be added to the template for the key. PKCS #11 modules fail if you
+ * specify the CKA_VALUE_LEN attribute for keys with fixed length.
+ * NOTE: this means to generate a DES2 key from this interface you must
+ * specify CKM_DES2_KEY_GEN as the mechanism directly; specifying
+ * CKM_DES3_CBC as the mechanism and 16 as keySize currently doesn't work.
+ */
+PK11SymKey *
+PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
+ int keySize, SECItem *keyid, PRBool isToken, void *wincx)
+{
+ PK11SymKey *symKey;
+ PRBool weird = PR_FALSE; /* hack for fortezza */
+ CK_FLAGS opFlags = CKF_SIGN;
+ PK11AttrFlags attrFlags = 0;
+
+ if ((keySize == -1) && (type == CKM_SKIPJACK_CBC64)) {
+ weird = PR_TRUE;
+ keySize = 0;
+ }
+
+ opFlags |= weird ? CKF_DECRYPT : CKF_ENCRYPT;
+
+ if (isToken) {
+ attrFlags |= (PK11_ATTR_TOKEN | PK11_ATTR_PRIVATE);
+ }
+
+ symKey = pk11_TokenKeyGenWithFlagsAndKeyType(slot, type, param,
+ -1, keySize, keyid, opFlags, attrFlags, wincx);
+ if (symKey && weird) {
+ PK11_SetFortezzaHack(symKey);
+ }
+
+ return symKey;
+}
+
+PK11SymKey *
+PK11_KeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
+ int keySize, void *wincx)
+{
+ return PK11_TokenKeyGen(slot, type, param, keySize, 0, PR_FALSE, wincx);
+}
+
+PK11SymKey *
+PK11_KeyGenWithTemplate(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_TYPE keyGenType,
+ SECItem *param, CK_ATTRIBUTE *attrs,
+ unsigned int attrsCount, void *wincx)
+{
+ PK11SymKey *symKey;
+ CK_SESSION_HANDLE session;
+ CK_MECHANISM mechanism;
+ CK_RV crv;
+ PRBool isToken = CK_FALSE;
+ CK_ULONG keySize = 0;
+ unsigned i;
+
+ /* Extract the template's CKA_VALUE_LEN into keySize and CKA_TOKEN into
+ isToken. */
+ for (i = 0; i < attrsCount; ++i) {
+ switch (attrs[i].type) {
+ case CKA_VALUE_LEN:
+ if (attrs[i].pValue == NULL ||
+ attrs[i].ulValueLen != sizeof(CK_ULONG)) {
+ PORT_SetError(PK11_MapError(CKR_TEMPLATE_INCONSISTENT));
+ return NULL;
+ }
+ keySize = *(CK_ULONG *)attrs[i].pValue;
+ break;
+ case CKA_TOKEN:
+ if (attrs[i].pValue == NULL ||
+ attrs[i].ulValueLen != sizeof(CK_BBOOL)) {
+ PORT_SetError(PK11_MapError(CKR_TEMPLATE_INCONSISTENT));
+ return NULL;
+ }
+ isToken = (*(CK_BBOOL *)attrs[i].pValue) ? PR_TRUE : PR_FALSE;
+ break;
+ }
+ }
+
+ /* find a slot to generate the key into */
+ /* Only do slot management if this is not a token key */
+ if (!isToken && (slot == NULL || !PK11_DoesMechanism(slot, type))) {
+ PK11SlotInfo *bestSlot = PK11_GetBestSlot(type, wincx);
+ if (bestSlot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+ symKey = pk11_CreateSymKey(bestSlot, type, !isToken, PR_TRUE, wincx);
+ PK11_FreeSlot(bestSlot);
+ } else {
+ symKey = pk11_CreateSymKey(slot, type, !isToken, PR_TRUE, wincx);
+ }
+ if (symKey == NULL)
+ return NULL;
+
+ symKey->size = keySize;
+ symKey->origin = PK11_OriginGenerated;
+
+ /* Set the parameters for the key gen if provided */
+ mechanism.mechanism = keyGenType;
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+ if (param) {
+ mechanism.pParameter = param->data;
+ mechanism.ulParameterLen = param->len;
+ }
+
+ /* Get session and perform locking */
+ if (isToken) {
+ PK11_Authenticate(symKey->slot, PR_TRUE, wincx);
+ /* Should always be original slot */
+ session = PK11_GetRWSession(symKey->slot);
+ symKey->owner = PR_FALSE;
+ } else {
+ session = symKey->session;
+ if (session != CK_INVALID_SESSION)
+ pk11_EnterKeyMonitor(symKey);
+ }
+ if (session == CK_INVALID_SESSION) {
+ PK11_FreeSymKey(symKey);
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return NULL;
+ }
+
+ crv = PK11_GETTAB(symKey->slot)->C_GenerateKey(session, &mechanism, attrs, attrsCount, &symKey->objectID);
+
+ /* Release lock and session */
+ if (isToken) {
+ PK11_RestoreROSession(symKey->slot, session);
+ } else {
+ pk11_ExitKeyMonitor(symKey);
+ }
+
+ if (crv != CKR_OK) {
+ PK11_FreeSymKey(symKey);
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ return symKey;
+}
+
+/* --- */
+PK11SymKey *
+PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx)
+{
+ return PK11_TokenKeyGen(slot, CKM_DES3_CBC, 0, 0, keyid, PR_TRUE, cx);
+}
+
+PK11SymKey *
+PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk, void *wincx)
+{
+ PK11SlotInfo *slot = symk->slot;
+ CK_ATTRIBUTE template[1];
+ CK_ATTRIBUTE *attrs = template;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_RV crv;
+ CK_OBJECT_HANDLE newKeyID;
+ CK_SESSION_HANDLE rwsession;
+
+ PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue));
+ attrs++;
+
+ PK11_Authenticate(slot, PR_TRUE, wincx);
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return NULL;
+ }
+ crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, symk->objectID,
+ template, 1, &newKeyID);
+ PK11_RestoreROSession(slot, rwsession);
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ return PK11_SymKeyFromHandle(slot, NULL /*parent*/, symk->origin,
+ symk->type, newKeyID, PR_FALSE /*owner*/, NULL /*wincx*/);
+}
+
+/*
+ * This function does a straight public key wrap (which only RSA can do).
+ * Use PK11_PubGenKey and PK11_WrapSymKey to implement the FORTEZZA and
+ * Diffie-Hellman Ciphers. */
+SECStatus
+PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
+ PK11SymKey *symKey, SECItem *wrappedKey)
+{
+ PK11SlotInfo *slot;
+ CK_ULONG len = wrappedKey->len;
+ PK11SymKey *newKey = NULL;
+ CK_OBJECT_HANDLE id;
+ CK_MECHANISM mechanism;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_RV crv;
+
+ if (symKey == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* if this slot doesn't support the mechanism, go to a slot that does */
+ newKey = pk11_ForceSlot(symKey, type, CKA_ENCRYPT);
+ if (newKey != NULL) {
+ symKey = newKey;
+ }
+
+ if (symKey->slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return SECFailure;
+ }
+
+ slot = symKey->slot;
+ mechanism.mechanism = pk11_mapWrapKeyType(pubKey->keyType);
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+
+ id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE);
+ if (id == CK_INVALID_HANDLE) {
+ if (newKey) {
+ PK11_FreeSymKey(newKey);
+ }
+ return SECFailure; /* Error code has been set. */
+ }
+
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_WrapKey(session, &mechanism,
+ id, symKey->objectID, wrappedKey->data, &len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ if (newKey) {
+ PK11_FreeSymKey(newKey);
+ }
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ wrappedKey->len = len;
+ return SECSuccess;
+}
+
+/*
+ * this little function uses the Encrypt function to wrap a key, just in
+ * case we have problems with the wrap implementation for a token.
+ */
+static SECStatus
+pk11_HandWrap(PK11SymKey *wrappingKey, SECItem *param, CK_MECHANISM_TYPE type,
+ SECItem *inKey, SECItem *outKey)
+{
+ PK11SlotInfo *slot;
+ CK_ULONG len;
+ SECItem *data;
+ CK_MECHANISM mech;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_RV crv;
+
+ slot = wrappingKey->slot;
+ /* use NULL IV's for wrapping */
+ mech.mechanism = type;
+ if (param) {
+ mech.pParameter = param->data;
+ mech.ulParameterLen = param->len;
+ } else {
+ mech.pParameter = NULL;
+ mech.ulParameterLen = 0;
+ }
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_EncryptInit(session, &mech,
+ wrappingKey->objectID);
+ if (crv != CKR_OK) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ /* keys are almost always aligned, but if we get this far,
+ * we've gone above and beyond anyway... */
+ data = PK11_BlockData(inKey, PK11_GetBlockSize(type, param));
+ if (data == NULL) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ len = outKey->len;
+ crv = PK11_GETTAB(slot)->C_Encrypt(session, data->data, data->len,
+ outKey->data, &len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ SECITEM_FreeItem(data, PR_TRUE);
+ outKey->len = len;
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * This function does a symetric based wrap.
+ */
+SECStatus
+PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *param,
+ PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey)
+{
+ PK11SlotInfo *slot;
+ CK_ULONG len = wrappedKey->len;
+ PK11SymKey *newKey = NULL;
+ SECItem *param_save = NULL;
+ CK_MECHANISM mechanism;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+ CK_RV crv;
+ SECStatus rv;
+
+ /* if this slot doesn't support the mechanism, go to a slot that does */
+ /* Force symKey and wrappingKey into the same slot */
+ if ((wrappingKey->slot == NULL) || (symKey->slot != wrappingKey->slot)) {
+ /* first try copying the wrapping Key to the symKey slot */
+ if (symKey->slot && PK11_DoesMechanism(symKey->slot, type)) {
+ newKey = pk11_CopyToSlot(symKey->slot, type, CKA_WRAP, wrappingKey);
+ }
+ /* Nope, try it the other way */
+ if (newKey == NULL) {
+ if (wrappingKey->slot) {
+ newKey = pk11_CopyToSlot(wrappingKey->slot,
+ symKey->type, CKA_ENCRYPT, symKey);
+ }
+ /* just not playing... one last thing, can we get symKey's data?
+ * If it's possible, we it should already be in the
+ * symKey->data.data pointer because pk11_CopyToSlot would have
+ * tried to put it there. */
+ if (newKey == NULL) {
+ /* Can't get symKey's data: Game Over */
+ if (symKey->data.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return SECFailure;
+ }
+ if (param == NULL) {
+ param_save = param = PK11_ParamFromIV(type, NULL);
+ }
+ rv = pk11_HandWrap(wrappingKey, param, type,
+ &symKey->data, wrappedKey);
+ if (param_save)
+ SECITEM_FreeItem(param_save, PR_TRUE);
+ return rv;
+ }
+ /* we successfully moved the sym Key */
+ symKey = newKey;
+ } else {
+ /* we successfully moved the wrapping Key */
+ wrappingKey = newKey;
+ }
+ }
+
+ /* at this point both keys are in the same token */
+ slot = wrappingKey->slot;
+ mechanism.mechanism = type;
+ /* use NULL IV's for wrapping */
+ if (param == NULL) {
+ param_save = param = PK11_ParamFromIV(type, NULL);
+ }
+ if (param) {
+ mechanism.pParameter = param->data;
+ mechanism.ulParameterLen = param->len;
+ } else {
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+ }
+
+ len = wrappedKey->len;
+
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_WrapKey(session, &mechanism,
+ wrappingKey->objectID, symKey->objectID,
+ wrappedKey->data, &len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ rv = SECSuccess;
+ if (crv != CKR_OK) {
+ /* can't wrap it? try hand wrapping it... */
+ do {
+ if (symKey->data.data == NULL) {
+ rv = PK11_ExtractKeyValue(symKey);
+ if (rv != SECSuccess)
+ break;
+ }
+ rv = pk11_HandWrap(wrappingKey, param, type, &symKey->data,
+ wrappedKey);
+ } while (PR_FALSE);
+ } else {
+ wrappedKey->len = len;
+ }
+ if (newKey)
+ PK11_FreeSymKey(newKey);
+ if (param_save)
+ SECITEM_FreeItem(param_save, PR_TRUE);
+ return rv;
+}
+
+/*
+ * This Generates a new key based on a symetricKey
+ */
+PK11SymKey *
+PK11_Derive(PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, SECItem *param,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize)
+{
+ return PK11_DeriveWithTemplate(baseKey, derive, param, target, operation,
+ keySize, NULL, 0, PR_FALSE);
+}
+
+PK11SymKey *
+PK11_DeriveWithFlags(PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
+ SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_FLAGS flags)
+{
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ unsigned int templateCount;
+
+ templateCount = pk11_OpFlagsToAttributes(flags, keyTemplate, &ckTrue);
+ return PK11_DeriveWithTemplate(baseKey, derive, param, target, operation,
+ keySize, keyTemplate, templateCount, PR_FALSE);
+}
+
+PK11SymKey *
+PK11_DeriveWithFlagsPerm(PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
+ SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_FLAGS flags, PRBool isPerm)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ CK_ATTRIBUTE *attrs;
+ unsigned int templateCount = 0;
+
+ attrs = keyTemplate;
+ if (isPerm) {
+ PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ }
+ templateCount = attrs - keyTemplate;
+ templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
+ return PK11_DeriveWithTemplate(baseKey, derive, param, target, operation,
+ keySize, keyTemplate, templateCount, isPerm);
+}
+
+PK11SymKey *
+PK11_DeriveWithTemplate(PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
+ SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_ATTRIBUTE *userAttr, unsigned int numAttrs,
+ PRBool isPerm)
+{
+ PK11SlotInfo *slot = baseKey->slot;
+ PK11SymKey *symKey;
+ PK11SymKey *newBaseKey = NULL;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_ULONG valueLen = 0;
+ CK_MECHANISM mechanism;
+ CK_RV crv;
+#define MAX_ADD_ATTRS 4
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS + MAX_ADD_ATTRS];
+#undef MAX_ADD_ATTRS
+ CK_ATTRIBUTE *attrs = keyTemplate;
+ CK_SESSION_HANDLE session;
+ unsigned int templateCount;
+
+ if (numAttrs > MAX_TEMPL_ATTRS) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /* first copy caller attributes in. */
+ for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
+ *attrs++ = *userAttr++;
+ }
+
+ /* We only add the following attributes to the template if the caller
+ ** didn't already supply them.
+ */
+ if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
+ attrs++;
+ }
+ if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
+ keyType = PK11_GetKeyType(target, keySize);
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType);
+ attrs++;
+ }
+ if (keySize > 0 &&
+ !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
+ valueLen = (CK_ULONG)keySize;
+ PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
+ attrs++;
+ }
+ if ((operation != CKA_FLAGS_ONLY) &&
+ !pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
+ PK11_SETATTRS(attrs, operation, &cktrue, sizeof cktrue);
+ attrs++;
+ }
+
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ /* move the key to a slot that can do the function */
+ if (!PK11_DoesMechanism(slot, derive)) {
+ /* get a new base key & slot */
+ PK11SlotInfo *newSlot = PK11_GetBestSlot(derive, baseKey->cx);
+
+ if (newSlot == NULL)
+ return NULL;
+
+ newBaseKey = pk11_CopyToSlot(newSlot, derive, CKA_DERIVE,
+ baseKey);
+ PK11_FreeSlot(newSlot);
+ if (newBaseKey == NULL)
+ return NULL;
+ baseKey = newBaseKey;
+ slot = baseKey->slot;
+ }
+
+ /* get our key Structure */
+ symKey = pk11_CreateSymKey(slot, target, !isPerm, PR_TRUE, baseKey->cx);
+ if (symKey == NULL) {
+ return NULL;
+ }
+
+ symKey->size = keySize;
+
+ mechanism.mechanism = derive;
+ if (param) {
+ mechanism.pParameter = param->data;
+ mechanism.ulParameterLen = param->len;
+ } else {
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+ }
+ symKey->origin = PK11_OriginDerive;
+
+ if (isPerm) {
+ session = PK11_GetRWSession(slot);
+ } else {
+ pk11_EnterKeyMonitor(symKey);
+ session = symKey->session;
+ }
+ if (session == CK_INVALID_SESSION) {
+ if (!isPerm)
+ pk11_ExitKeyMonitor(symKey);
+ crv = CKR_SESSION_HANDLE_INVALID;
+ } else {
+ crv = PK11_GETTAB(slot)->C_DeriveKey(session, &mechanism,
+ baseKey->objectID, keyTemplate, templateCount, &symKey->objectID);
+ if (isPerm) {
+ PK11_RestoreROSession(slot, session);
+ } else {
+ pk11_ExitKeyMonitor(symKey);
+ }
+ }
+ if (newBaseKey)
+ PK11_FreeSymKey(newBaseKey);
+ if (crv != CKR_OK) {
+ PK11_FreeSymKey(symKey);
+ return NULL;
+ }
+ return symKey;
+}
+
+/* Create a new key by concatenating base and data
+ */
+static PK11SymKey *
+pk11_ConcatenateBaseAndData(PK11SymKey *base,
+ CK_BYTE *data, CK_ULONG dataLen, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation)
+{
+ CK_KEY_DERIVATION_STRING_DATA mechParams;
+ SECItem param;
+
+ if (base == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ mechParams.pData = data;
+ mechParams.ulLen = dataLen;
+ param.data = (unsigned char *)&mechParams;
+ param.len = sizeof(CK_KEY_DERIVATION_STRING_DATA);
+
+ return PK11_Derive(base, CKM_CONCATENATE_BASE_AND_DATA,
+ &param, target, operation, 0);
+}
+
+/* Create a new key by concatenating base and key
+ */
+static PK11SymKey *
+pk11_ConcatenateBaseAndKey(PK11SymKey *base,
+ PK11SymKey *key, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, CK_ULONG keySize)
+{
+ SECItem param;
+
+ if ((base == NULL) || (key == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ param.data = (unsigned char *)&(key->objectID);
+ param.len = sizeof(CK_OBJECT_HANDLE);
+
+ return PK11_Derive(base, CKM_CONCATENATE_BASE_AND_KEY,
+ &param, target, operation, keySize);
+}
+
+/* Create a new key whose value is the hash of tobehashed.
+ * type is the mechanism for the derived key.
+ */
+static PK11SymKey *
+pk11_HashKeyDerivation(PK11SymKey *toBeHashed,
+ CK_MECHANISM_TYPE hashMechanism, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, CK_ULONG keySize)
+{
+ return PK11_Derive(toBeHashed, hashMechanism, NULL, target, operation, keySize);
+}
+
+/* This function implements the ANSI X9.63 key derivation function
+ */
+static PK11SymKey *
+pk11_ANSIX963Derive(PK11SymKey *sharedSecret,
+ CK_EC_KDF_TYPE kdf, SECItem *sharedData,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ CK_ULONG keySize)
+{
+ CK_KEY_TYPE keyType;
+ CK_MECHANISM_TYPE hashMechanism, mechanismArray[4];
+ CK_ULONG derivedKeySize, HashLen, counter, maxCounter, bufferLen;
+ CK_ULONG SharedInfoLen;
+ CK_BYTE *buffer = NULL;
+ PK11SymKey *toBeHashed, *hashOutput;
+ PK11SymKey *newSharedSecret = NULL;
+ PK11SymKey *oldIntermediateResult, *intermediateResult = NULL;
+
+ if (sharedSecret == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ switch (kdf) {
+ case CKD_SHA1_KDF:
+ HashLen = SHA1_LENGTH;
+ hashMechanism = CKM_SHA1_KEY_DERIVATION;
+ break;
+ case CKD_SHA224_KDF:
+ HashLen = SHA224_LENGTH;
+ hashMechanism = CKM_SHA224_KEY_DERIVATION;
+ break;
+ case CKD_SHA256_KDF:
+ HashLen = SHA256_LENGTH;
+ hashMechanism = CKM_SHA256_KEY_DERIVATION;
+ break;
+ case CKD_SHA384_KDF:
+ HashLen = SHA384_LENGTH;
+ hashMechanism = CKM_SHA384_KEY_DERIVATION;
+ break;
+ case CKD_SHA512_KDF:
+ HashLen = SHA512_LENGTH;
+ hashMechanism = CKM_SHA512_KEY_DERIVATION;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ derivedKeySize = keySize;
+ if (derivedKeySize == 0) {
+ keyType = PK11_GetKeyType(target, keySize);
+ derivedKeySize = pk11_GetPredefinedKeyLength(keyType);
+ if (derivedKeySize == 0) {
+ derivedKeySize = HashLen;
+ }
+ }
+
+ /* Check that key_len isn't too long. The maximum key length could be
+ * greatly increased if the code below did not limit the 4-byte counter
+ * to a maximum value of 255. */
+ if (derivedKeySize > 254 * HashLen) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ maxCounter = derivedKeySize / HashLen;
+ if (derivedKeySize > maxCounter * HashLen)
+ maxCounter++;
+
+ if ((sharedData == NULL) || (sharedData->data == NULL))
+ SharedInfoLen = 0;
+ else
+ SharedInfoLen = sharedData->len;
+
+ bufferLen = SharedInfoLen + 4;
+
+ /* Populate buffer with Counter || sharedData
+ * where Counter is 0x00000001. */
+ buffer = (unsigned char *)PORT_Alloc(bufferLen);
+ if (buffer == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ buffer[0] = 0;
+ buffer[1] = 0;
+ buffer[2] = 0;
+ buffer[3] = 1;
+ if (SharedInfoLen > 0) {
+ PORT_Memcpy(&buffer[4], sharedData->data, SharedInfoLen);
+ }
+
+ /* Look for a slot that supports the mechanisms needed
+ * to implement the ANSI X9.63 KDF as well as the
+ * target mechanism.
+ */
+ mechanismArray[0] = CKM_CONCATENATE_BASE_AND_DATA;
+ mechanismArray[1] = hashMechanism;
+ mechanismArray[2] = CKM_CONCATENATE_BASE_AND_KEY;
+ mechanismArray[3] = target;
+
+ newSharedSecret = pk11_ForceSlotMultiple(sharedSecret,
+ mechanismArray, 4, operation);
+ if (newSharedSecret != NULL) {
+ sharedSecret = newSharedSecret;
+ }
+
+ for (counter = 1; counter <= maxCounter; counter++) {
+ /* Concatenate shared_secret and buffer */
+ toBeHashed = pk11_ConcatenateBaseAndData(sharedSecret, buffer,
+ bufferLen, hashMechanism, operation);
+ if (toBeHashed == NULL) {
+ goto loser;
+ }
+
+ /* Hash value */
+ if (maxCounter == 1) {
+ /* In this case the length of the key to be derived is
+ * less than or equal to the length of the hash output.
+ * So, the output of the hash operation will be the
+ * dervied key. */
+ hashOutput = pk11_HashKeyDerivation(toBeHashed, hashMechanism,
+ target, operation, keySize);
+ } else {
+ /* In this case, the output of the hash operation will be
+ * concatenated with other data to create the derived key. */
+ hashOutput = pk11_HashKeyDerivation(toBeHashed, hashMechanism,
+ CKM_CONCATENATE_BASE_AND_KEY, operation, 0);
+ }
+ PK11_FreeSymKey(toBeHashed);
+ if (hashOutput == NULL) {
+ goto loser;
+ }
+
+ /* Append result to intermediate result, if necessary */
+ oldIntermediateResult = intermediateResult;
+
+ if (oldIntermediateResult == NULL) {
+ intermediateResult = hashOutput;
+ } else {
+ if (counter == maxCounter) {
+ /* This is the final concatenation, and so the output
+ * will be the derived key. */
+ intermediateResult =
+ pk11_ConcatenateBaseAndKey(oldIntermediateResult,
+ hashOutput, target, operation, keySize);
+ } else {
+ /* The output of this concatenation will be concatenated
+ * with other data to create the derived key. */
+ intermediateResult =
+ pk11_ConcatenateBaseAndKey(oldIntermediateResult,
+ hashOutput, CKM_CONCATENATE_BASE_AND_KEY,
+ operation, 0);
+ }
+
+ PK11_FreeSymKey(hashOutput);
+ PK11_FreeSymKey(oldIntermediateResult);
+ if (intermediateResult == NULL) {
+ goto loser;
+ }
+ }
+
+ /* Increment counter (assumes maxCounter < 255) */
+ buffer[3]++;
+ }
+
+ PORT_ZFree(buffer, bufferLen);
+ if (newSharedSecret != NULL)
+ PK11_FreeSymKey(newSharedSecret);
+ return intermediateResult;
+
+loser:
+ PORT_ZFree(buffer, bufferLen);
+ if (newSharedSecret != NULL)
+ PK11_FreeSymKey(newSharedSecret);
+ if (intermediateResult != NULL)
+ PK11_FreeSymKey(intermediateResult);
+ return NULL;
+}
+
+/*
+ * This Generates a wrapping key based on a privateKey, publicKey, and two
+ * random numbers. For Mail usage RandomB should be NULL. In the Sender's
+ * case RandomA is generate, outherwize it is passed.
+ */
+PK11SymKey *
+PK11_PubDerive(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
+ PRBool isSender, SECItem *randomA, SECItem *randomB,
+ CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize, void *wincx)
+{
+ PK11SlotInfo *slot = privKey->pkcs11Slot;
+ CK_MECHANISM mechanism;
+ PK11SymKey *symKey;
+ CK_RV crv;
+
+ /* get our key Structure */
+ symKey = pk11_CreateSymKey(slot, target, PR_TRUE, PR_TRUE, wincx);
+ if (symKey == NULL) {
+ return NULL;
+ }
+
+ symKey->origin = PK11_OriginDerive;
+
+ switch (privKey->keyType) {
+ case rsaKey:
+ case rsaPssKey:
+ case rsaOaepKey:
+ case nullKey:
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ break;
+ case dsaKey:
+ case keaKey:
+ case fortezzaKey: {
+ static unsigned char rb_email[128] = { 0 };
+ CK_KEA_DERIVE_PARAMS param;
+ param.isSender = (CK_BBOOL)isSender;
+ param.ulRandomLen = randomA->len;
+ param.pRandomA = randomA->data;
+ param.pRandomB = rb_email;
+ param.pRandomB[127] = 1;
+ if (randomB)
+ param.pRandomB = randomB->data;
+ if (pubKey->keyType == fortezzaKey) {
+ param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
+ param.pPublicData = pubKey->u.fortezza.KEAKey.data;
+ } else {
+ /* assert type == keaKey */
+ /* XXX change to match key key types */
+ param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
+ param.pPublicData = pubKey->u.fortezza.KEAKey.data;
+ }
+
+ mechanism.mechanism = derive;
+ mechanism.pParameter = &param;
+ mechanism.ulParameterLen = sizeof(param);
+
+ /* get a new symKey structure */
+ pk11_EnterKeyMonitor(symKey);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
+ privKey->pkcs11ID, NULL, 0,
+ &symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+ if (crv == CKR_OK)
+ return symKey;
+ PORT_SetError(PK11_MapError(crv));
+ } break;
+ case dhKey: {
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_ULONG key_size = 0;
+ CK_ATTRIBUTE keyTemplate[4];
+ int templateCount;
+ CK_ATTRIBUTE *attrs = keyTemplate;
+
+ if (pubKey->keyType != dhKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ break;
+ }
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, operation, &cktrue, 1);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
+ attrs++;
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ keyType = PK11_GetKeyType(target, keySize);
+ key_size = keySize;
+ symKey->size = keySize;
+ if (key_size == 0)
+ templateCount--;
+
+ mechanism.mechanism = derive;
+
+ /* we can undefine these when we define diffie-helman keys */
+
+ mechanism.pParameter = pubKey->u.dh.publicValue.data;
+ mechanism.ulParameterLen = pubKey->u.dh.publicValue.len;
+
+ pk11_EnterKeyMonitor(symKey);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
+ privKey->pkcs11ID, keyTemplate,
+ templateCount, &symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+ if (crv == CKR_OK)
+ return symKey;
+ PORT_SetError(PK11_MapError(crv));
+ } break;
+ case ecKey: {
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_ULONG key_size = 0;
+ CK_ATTRIBUTE keyTemplate[4];
+ int templateCount;
+ CK_ATTRIBUTE *attrs = keyTemplate;
+ CK_ECDH1_DERIVE_PARAMS *mechParams = NULL;
+
+ if (pubKey->keyType != ecKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ break;
+ }
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, operation, &cktrue, 1);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
+ attrs++;
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ keyType = PK11_GetKeyType(target, keySize);
+ key_size = keySize;
+ if (key_size == 0) {
+ if ((key_size = pk11_GetPredefinedKeyLength(keyType))) {
+ templateCount--;
+ } else {
+ /* sigh, some tokens can't figure this out and require
+ * CKA_VALUE_LEN to be set */
+ key_size = SHA1_LENGTH;
+ }
+ }
+ symKey->size = key_size;
+
+ mechParams = PORT_ZNew(CK_ECDH1_DERIVE_PARAMS);
+ mechParams->kdf = CKD_SHA1_KDF;
+ mechParams->ulSharedDataLen = 0;
+ mechParams->pSharedData = NULL;
+ mechParams->ulPublicDataLen = pubKey->u.ec.publicValue.len;
+ mechParams->pPublicData = pubKey->u.ec.publicValue.data;
+
+ mechanism.mechanism = derive;
+ mechanism.pParameter = mechParams;
+ mechanism.ulParameterLen = sizeof(CK_ECDH1_DERIVE_PARAMS);
+
+ pk11_EnterKeyMonitor(symKey);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session,
+ &mechanism, privKey->pkcs11ID, keyTemplate,
+ templateCount, &symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+
+ /* old PKCS #11 spec was ambiguous on what needed to be passed,
+ * try this again with and encoded public key */
+ if (crv != CKR_OK) {
+ SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL,
+ &pubKey->u.ec.publicValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (pubValue == NULL) {
+ PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
+ break;
+ }
+ mechParams->ulPublicDataLen = pubValue->len;
+ mechParams->pPublicData = pubValue->data;
+
+ pk11_EnterKeyMonitor(symKey);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session,
+ &mechanism, privKey->pkcs11ID, keyTemplate,
+ templateCount, &symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ }
+
+ PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
+
+ if (crv == CKR_OK)
+ return symKey;
+ PORT_SetError(PK11_MapError(crv));
+ }
+ }
+
+ PK11_FreeSymKey(symKey);
+ return NULL;
+}
+
+/* Test for curves that are known to use a special encoding.
+ * Extend this function when additional curves are added. */
+static ECPointEncoding
+pk11_ECGetPubkeyEncoding(const SECKEYPublicKey *pubKey)
+{
+ SECItem oid;
+ SECStatus rv;
+ PORTCheapArenaPool tmpArena;
+ ECPointEncoding encoding = ECPoint_Undefined;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ /* decode the OID tag */
+ rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &oid,
+ SEC_ASN1_GET(SEC_ObjectIDTemplate),
+ &pubKey->u.ec.DEREncodedParams);
+ if (rv == SECSuccess) {
+ SECOidTag tag = SECOID_FindOIDTag(&oid);
+ switch (tag) {
+ case SEC_OID_CURVE25519:
+ encoding = ECPoint_XOnly;
+ break;
+ case SEC_OID_SECG_EC_SECP256R1:
+ case SEC_OID_SECG_EC_SECP384R1:
+ case SEC_OID_SECG_EC_SECP521R1:
+ default:
+ /* unknown curve, default to uncompressed */
+ encoding = ECPoint_Uncompressed;
+ }
+ }
+ PORT_DestroyCheapArena(&tmpArena);
+ return encoding;
+}
+
+/* Returns the size of the public key, or 0 if there
+ * is an error. */
+static CK_ULONG
+pk11_ECPubKeySize(SECKEYPublicKey *pubKey)
+{
+ SECItem *publicValue = &pubKey->u.ec.publicValue;
+
+ ECPointEncoding encoding = pk11_ECGetPubkeyEncoding(pubKey);
+ if (encoding == ECPoint_XOnly) {
+ return publicValue->len;
+ }
+ if (encoding == ECPoint_Uncompressed) {
+ /* key encoded in uncompressed form */
+ return ((publicValue->len - 1) / 2);
+ }
+ /* key encoding not recognized */
+ return 0;
+}
+
+static PK11SymKey *
+pk11_PubDeriveECKeyWithKDF(
+ SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
+ PRBool isSender, SECItem *randomA, SECItem *randomB,
+ CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize,
+ CK_ULONG kdf, SECItem *sharedData, void *wincx)
+{
+ PK11SlotInfo *slot = privKey->pkcs11Slot;
+ PK11SymKey *symKey;
+ PK11SymKey *SharedSecret;
+ CK_MECHANISM mechanism;
+ CK_RV crv;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_ULONG key_size = 0;
+ CK_ATTRIBUTE keyTemplate[4];
+ int templateCount;
+ CK_ATTRIBUTE *attrs = keyTemplate;
+ CK_ECDH1_DERIVE_PARAMS *mechParams = NULL;
+
+ if (pubKey->keyType != ecKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return NULL;
+ }
+ if ((kdf != CKD_NULL) && (kdf != CKD_SHA1_KDF) &&
+ (kdf != CKD_SHA224_KDF) && (kdf != CKD_SHA256_KDF) &&
+ (kdf != CKD_SHA384_KDF) && (kdf != CKD_SHA512_KDF)) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return NULL;
+ }
+
+ /* get our key Structure */
+ symKey = pk11_CreateSymKey(slot, target, PR_TRUE, PR_TRUE, wincx);
+ if (symKey == NULL) {
+ return NULL;
+ }
+
+ symKey->origin = PK11_OriginDerive;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ attrs++;
+ PK11_SETATTRS(attrs, operation, &cktrue, 1);
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
+ attrs++;
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ keyType = PK11_GetKeyType(target, keySize);
+ key_size = keySize;
+ if (key_size == 0) {
+ if ((key_size = pk11_GetPredefinedKeyLength(keyType))) {
+ templateCount--;
+ } else {
+ /* sigh, some tokens can't figure this out and require
+ * CKA_VALUE_LEN to be set */
+ switch (kdf) {
+ case CKD_NULL:
+ key_size = pk11_ECPubKeySize(pubKey);
+ if (key_size == 0) {
+ PK11_FreeSymKey(symKey);
+ return NULL;
+ }
+ break;
+ case CKD_SHA1_KDF:
+ key_size = SHA1_LENGTH;
+ break;
+ case CKD_SHA224_KDF:
+ key_size = SHA224_LENGTH;
+ break;
+ case CKD_SHA256_KDF:
+ key_size = SHA256_LENGTH;
+ break;
+ case CKD_SHA384_KDF:
+ key_size = SHA384_LENGTH;
+ break;
+ case CKD_SHA512_KDF:
+ key_size = SHA512_LENGTH;
+ break;
+ default:
+ PORT_Assert(!"Invalid CKD");
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return NULL;
+ }
+ }
+ }
+ symKey->size = key_size;
+
+ mechParams = PORT_ZNew(CK_ECDH1_DERIVE_PARAMS);
+ if (!mechParams) {
+ PK11_FreeSymKey(symKey);
+ return NULL;
+ }
+ mechParams->kdf = kdf;
+ if (sharedData == NULL) {
+ mechParams->ulSharedDataLen = 0;
+ mechParams->pSharedData = NULL;
+ } else {
+ mechParams->ulSharedDataLen = sharedData->len;
+ mechParams->pSharedData = sharedData->data;
+ }
+ mechParams->ulPublicDataLen = pubKey->u.ec.publicValue.len;
+ mechParams->pPublicData = pubKey->u.ec.publicValue.data;
+
+ mechanism.mechanism = derive;
+ mechanism.pParameter = mechParams;
+ mechanism.ulParameterLen = sizeof(CK_ECDH1_DERIVE_PARAMS);
+
+ pk11_EnterKeyMonitor(symKey);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
+ privKey->pkcs11ID, keyTemplate,
+ templateCount, &symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+
+ /* old PKCS #11 spec was ambiguous on what needed to be passed,
+ * try this again with an encoded public key */
+ if (crv != CKR_OK) {
+ SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL,
+ &pubKey->u.ec.publicValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (pubValue == NULL) {
+ goto loser;
+ }
+ mechParams->ulPublicDataLen = pubValue->len;
+ mechParams->pPublicData = pubValue->data;
+
+ pk11_EnterKeyMonitor(symKey);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session,
+ &mechanism, privKey->pkcs11ID, keyTemplate,
+ templateCount, &symKey->objectID);
+ pk11_ExitKeyMonitor(symKey);
+
+ if ((crv != CKR_OK) && (kdf != CKD_NULL)) {
+ /* Some PKCS #11 libraries cannot perform the key derivation
+ * function. So, try calling C_DeriveKey with CKD_NULL and then
+ * performing the KDF separately.
+ */
+ CK_ULONG derivedKeySize = key_size;
+
+ keyType = CKK_GENERIC_SECRET;
+ key_size = pk11_ECPubKeySize(pubKey);
+ if (key_size == 0) {
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ goto loser;
+ }
+ SharedSecret = symKey;
+ SharedSecret->size = key_size;
+
+ mechParams->kdf = CKD_NULL;
+ mechParams->ulSharedDataLen = 0;
+ mechParams->pSharedData = NULL;
+ mechParams->ulPublicDataLen = pubKey->u.ec.publicValue.len;
+ mechParams->pPublicData = pubKey->u.ec.publicValue.data;
+
+ pk11_EnterKeyMonitor(SharedSecret);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(SharedSecret->session,
+ &mechanism, privKey->pkcs11ID, keyTemplate,
+ templateCount, &SharedSecret->objectID);
+ pk11_ExitKeyMonitor(SharedSecret);
+
+ if (crv != CKR_OK) {
+ /* old PKCS #11 spec was ambiguous on what needed to be passed,
+ * try this one final time with an encoded public key */
+ mechParams->ulPublicDataLen = pubValue->len;
+ mechParams->pPublicData = pubValue->data;
+
+ pk11_EnterKeyMonitor(SharedSecret);
+ crv = PK11_GETTAB(slot)->C_DeriveKey(SharedSecret->session,
+ &mechanism, privKey->pkcs11ID, keyTemplate,
+ templateCount, &SharedSecret->objectID);
+ pk11_ExitKeyMonitor(SharedSecret);
+ }
+
+ /* Perform KDF. */
+ if (crv == CKR_OK) {
+ symKey = pk11_ANSIX963Derive(SharedSecret, kdf,
+ sharedData, target, operation,
+ derivedKeySize);
+ PK11_FreeSymKey(SharedSecret);
+ if (symKey == NULL) {
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
+ return NULL;
+ }
+ }
+ }
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ }
+
+loser:
+ PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
+
+ if (crv != CKR_OK) {
+ PK11_FreeSymKey(symKey);
+ symKey = NULL;
+ PORT_SetError(PK11_MapError(crv));
+ }
+ return symKey;
+}
+
+PK11SymKey *
+PK11_PubDeriveWithKDF(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
+ PRBool isSender, SECItem *randomA, SECItem *randomB,
+ CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize,
+ CK_ULONG kdf, SECItem *sharedData, void *wincx)
+{
+
+ switch (privKey->keyType) {
+ case rsaKey:
+ case nullKey:
+ case dsaKey:
+ case keaKey:
+ case fortezzaKey:
+ case dhKey:
+ return PK11_PubDerive(privKey, pubKey, isSender, randomA, randomB,
+ derive, target, operation, keySize, wincx);
+ case ecKey:
+ return pk11_PubDeriveECKeyWithKDF(privKey, pubKey, isSender,
+ randomA, randomB, derive, target,
+ operation, keySize,
+ kdf, sharedData, wincx);
+ default:
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ break;
+ }
+
+ return NULL;
+}
+
+/*
+ * this little function uses the Decrypt function to unwrap a key, just in
+ * case we are having problem with unwrap. NOTE: The key size may
+ * not be preserved properly for some algorithms!
+ */
+static PK11SymKey *
+pk11_HandUnwrap(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
+ CK_MECHANISM *mech, SECItem *inKey, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE *keyTemplate, unsigned int templateCount,
+ int key_size, void *wincx, CK_RV *crvp, PRBool isPerm)
+{
+ CK_ULONG len;
+ SECItem outKey;
+ PK11SymKey *symKey;
+ CK_RV crv;
+ PRBool owner = PR_TRUE;
+ CK_SESSION_HANDLE session;
+
+ /* remove any VALUE_LEN parameters */
+ if (keyTemplate[templateCount - 1].type == CKA_VALUE_LEN) {
+ templateCount--;
+ }
+
+ /* keys are almost always aligned, but if we get this far,
+ * we've gone above and beyond anyway... */
+ outKey.data = (unsigned char *)PORT_Alloc(inKey->len);
+ if (outKey.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ if (crvp)
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+ len = inKey->len;
+
+ /* use NULL IV's for wrapping */
+ session = pk11_GetNewSession(slot, &owner);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_DecryptInit(session, mech, wrappingKey);
+ if (crv != CKR_OK) {
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ PORT_Free(outKey.data);
+ PORT_SetError(PK11_MapError(crv));
+ if (crvp)
+ *crvp = crv;
+ return NULL;
+ }
+ crv = PK11_GETTAB(slot)->C_Decrypt(session, inKey->data, inKey->len,
+ outKey.data, &len);
+ if (!owner || !(slot->isThreadSafe))
+ PK11_ExitSlotMonitor(slot);
+ pk11_CloseSession(slot, session, owner);
+ if (crv != CKR_OK) {
+ PORT_Free(outKey.data);
+ PORT_SetError(PK11_MapError(crv));
+ if (crvp)
+ *crvp = crv;
+ return NULL;
+ }
+
+ outKey.len = (key_size == 0) ? len : key_size;
+ outKey.type = siBuffer;
+
+ if (PK11_DoesMechanism(slot, target)) {
+ symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
+ isPerm, keyTemplate,
+ templateCount, &outKey, wincx);
+ } else {
+ slot = PK11_GetBestSlot(target, wincx);
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ PORT_Free(outKey.data);
+ if (crvp)
+ *crvp = CKR_DEVICE_ERROR;
+ return NULL;
+ }
+ symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
+ isPerm, keyTemplate,
+ templateCount, &outKey, wincx);
+ PK11_FreeSlot(slot);
+ }
+ PORT_Free(outKey.data);
+
+ if (crvp)
+ *crvp = symKey ? CKR_OK : CKR_DEVICE_ERROR;
+ return symKey;
+}
+
+/*
+ * The wrap/unwrap function is pretty much the same for private and
+ * public keys. It's just getting the Object ID and slot right. This is
+ * the combined unwrap function.
+ */
+static PK11SymKey *
+pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
+ CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
+ void *wincx, CK_ATTRIBUTE *userAttr, unsigned int numAttrs, PRBool isPerm)
+{
+ PK11SymKey *symKey;
+ SECItem *param_free = NULL;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_ULONG valueLen = 0;
+ CK_MECHANISM mechanism;
+ CK_SESSION_HANDLE rwsession;
+ CK_RV crv;
+ CK_MECHANISM_INFO mechanism_info;
+#define MAX_ADD_ATTRS 4
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS + MAX_ADD_ATTRS];
+#undef MAX_ADD_ATTRS
+ CK_ATTRIBUTE *attrs = keyTemplate;
+ unsigned int templateCount;
+
+ if (numAttrs > MAX_TEMPL_ATTRS) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /* first copy caller attributes in. */
+ for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
+ *attrs++ = *userAttr++;
+ }
+
+ /* We only add the following attributes to the template if the caller
+ ** didn't already supply them.
+ */
+ if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
+ PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
+ attrs++;
+ }
+ if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
+ keyType = PK11_GetKeyType(target, keySize);
+ PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType);
+ attrs++;
+ }
+ if ((operation != CKA_FLAGS_ONLY) &&
+ !pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
+ PK11_SETATTRS(attrs, operation, &cktrue, 1);
+ attrs++;
+ }
+
+ /*
+ * must be last in case we need to use this template to import the key
+ */
+ if (keySize > 0 &&
+ !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
+ valueLen = (CK_ULONG)keySize;
+ PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
+ attrs++;
+ }
+
+ templateCount = attrs - keyTemplate;
+ PR_ASSERT(templateCount <= sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE));
+
+ /* find out if we can do wrap directly. Because the RSA case if *very*
+ * common, cache the results for it. */
+ if ((wrapType == CKM_RSA_PKCS) && (slot->hasRSAInfo)) {
+ mechanism_info.flags = slot->RSAInfoFlags;
+ } else {
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID, wrapType,
+ &mechanism_info);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ mechanism_info.flags = 0;
+ }
+ if (wrapType == CKM_RSA_PKCS) {
+ slot->RSAInfoFlags = mechanism_info.flags;
+ slot->hasRSAInfo = PR_TRUE;
+ }
+ }
+
+ /* initialize the mechanism structure */
+ mechanism.mechanism = wrapType;
+ /* use NULL IV's for wrapping */
+ if (param == NULL)
+ param = param_free = PK11_ParamFromIV(wrapType, NULL);
+ if (param) {
+ mechanism.pParameter = param->data;
+ mechanism.ulParameterLen = param->len;
+ } else {
+ mechanism.pParameter = NULL;
+ mechanism.ulParameterLen = 0;
+ }
+
+ if ((mechanism_info.flags & CKF_DECRYPT) && !PK11_DoesMechanism(slot, target)) {
+ symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
+ target, keyTemplate, templateCount, keySize,
+ wincx, &crv, isPerm);
+ if (symKey) {
+ if (param_free)
+ SECITEM_FreeItem(param_free, PR_TRUE);
+ return symKey;
+ }
+ /*
+ * if the RSA OP simply failed, don't try to unwrap again
+ * with this module.
+ */
+ if (crv == CKR_DEVICE_ERROR) {
+ if (param_free)
+ SECITEM_FreeItem(param_free, PR_TRUE);
+ return NULL;
+ }
+ /* fall through, maybe they incorrectly set CKF_DECRYPT */
+ }
+
+ /* get our key Structure */
+ symKey = pk11_CreateSymKey(slot, target, !isPerm, PR_TRUE, wincx);
+ if (symKey == NULL) {
+ if (param_free)
+ SECITEM_FreeItem(param_free, PR_TRUE);
+ return NULL;
+ }
+
+ symKey->size = keySize;
+ symKey->origin = PK11_OriginUnwrap;
+
+ if (isPerm) {
+ rwsession = PK11_GetRWSession(slot);
+ } else {
+ pk11_EnterKeyMonitor(symKey);
+ rwsession = symKey->session;
+ }
+ PORT_Assert(rwsession != CK_INVALID_SESSION);
+ if (rwsession == CK_INVALID_SESSION)
+ crv = CKR_SESSION_HANDLE_INVALID;
+ else
+ crv = PK11_GETTAB(slot)->C_UnwrapKey(rwsession, &mechanism, wrappingKey,
+ wrappedKey->data, wrappedKey->len,
+ keyTemplate, templateCount,
+ &symKey->objectID);
+ if (isPerm) {
+ if (rwsession != CK_INVALID_SESSION)
+ PK11_RestoreROSession(slot, rwsession);
+ } else {
+ pk11_ExitKeyMonitor(symKey);
+ }
+ if (param_free)
+ SECITEM_FreeItem(param_free, PR_TRUE);
+ if (crv != CKR_OK) {
+ PK11_FreeSymKey(symKey);
+ symKey = NULL;
+ if (crv != CKR_DEVICE_ERROR) {
+ /* try hand Unwrapping */
+ symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
+ target, keyTemplate, templateCount,
+ keySize, wincx, NULL, isPerm);
+ }
+ }
+
+ return symKey;
+}
+
+/* use a symetric key to unwrap another symetric key */
+PK11SymKey *
+PK11_UnwrapSymKey(PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize)
+{
+ return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
+ wrapType, param, wrappedKey, target, operation, keySize,
+ wrappingKey->cx, NULL, 0, PR_FALSE);
+}
+
+/* use a symetric key to unwrap another symetric key */
+PK11SymKey *
+PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_FLAGS flags)
+{
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ unsigned int templateCount;
+
+ templateCount = pk11_OpFlagsToAttributes(flags, keyTemplate, &ckTrue);
+ return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
+ wrapType, param, wrappedKey, target, operation, keySize,
+ wrappingKey->cx, keyTemplate, templateCount, PR_FALSE);
+}
+
+PK11SymKey *
+PK11_UnwrapSymKeyWithFlagsPerm(PK11SymKey *wrappingKey,
+ CK_MECHANISM_TYPE wrapType,
+ SECItem *param, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
+ int keySize, CK_FLAGS flags, PRBool isPerm)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ CK_ATTRIBUTE *attrs;
+ unsigned int templateCount;
+
+ attrs = keyTemplate;
+ if (isPerm) {
+ PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ }
+ templateCount = attrs - keyTemplate;
+ templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
+
+ return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
+ wrapType, param, wrappedKey, target, operation, keySize,
+ wrappingKey->cx, keyTemplate, templateCount, isPerm);
+}
+
+/* unwrap a symetric key with a private key. */
+PK11SymKey *
+PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey,
+ CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize)
+{
+ CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
+ PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
+
+ if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey, CKA_PRIVATE)) {
+ PK11_HandlePasswordCheck(slot, wrappingKey->wincx);
+ }
+
+ return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
+ wrapType, NULL, wrappedKey, target, operation, keySize,
+ wrappingKey->wincx, NULL, 0, PR_FALSE);
+}
+
+/* unwrap a symetric key with a private key. */
+PK11SymKey *
+PK11_PubUnwrapSymKeyWithFlags(SECKEYPrivateKey *wrappingKey,
+ SECItem *wrappedKey, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags)
+{
+ CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
+ CK_BBOOL ckTrue = CK_TRUE;
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ unsigned int templateCount;
+ PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
+
+ templateCount = pk11_OpFlagsToAttributes(flags, keyTemplate, &ckTrue);
+
+ if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey, CKA_PRIVATE)) {
+ PK11_HandlePasswordCheck(slot, wrappingKey->wincx);
+ }
+
+ return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
+ wrapType, NULL, wrappedKey, target, operation, keySize,
+ wrappingKey->wincx, keyTemplate, templateCount, PR_FALSE);
+}
+
+PK11SymKey *
+PK11_PubUnwrapSymKeyWithFlagsPerm(SECKEYPrivateKey *wrappingKey,
+ SECItem *wrappedKey, CK_MECHANISM_TYPE target,
+ CK_ATTRIBUTE_TYPE operation, int keySize,
+ CK_FLAGS flags, PRBool isPerm)
+{
+ CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
+ CK_ATTRIBUTE *attrs;
+ unsigned int templateCount;
+ PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
+
+ attrs = keyTemplate;
+ if (isPerm) {
+ PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL));
+ attrs++;
+ }
+ templateCount = attrs - keyTemplate;
+
+ templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
+
+ if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey, CKA_PRIVATE)) {
+ PK11_HandlePasswordCheck(slot, wrappingKey->wincx);
+ }
+
+ return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
+ wrapType, NULL, wrappedKey, target, operation, keySize,
+ wrappingKey->wincx, keyTemplate, templateCount, isPerm);
+}
+
+PK11SymKey *
+PK11_CopySymKeyForSigning(PK11SymKey *originalKey, CK_MECHANISM_TYPE mech)
+{
+ CK_RV crv;
+ CK_ATTRIBUTE setTemplate;
+ CK_BBOOL ckTrue = CK_TRUE;
+ PK11SlotInfo *slot = originalKey->slot;
+
+ /* first just try to set this key up for signing */
+ PK11_SETATTRS(&setTemplate, CKA_SIGN, &ckTrue, sizeof(ckTrue));
+ pk11_EnterKeyMonitor(originalKey);
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(originalKey->session,
+ originalKey->objectID, &setTemplate, 1);
+ pk11_ExitKeyMonitor(originalKey);
+ if (crv == CKR_OK) {
+ return PK11_ReferenceSymKey(originalKey);
+ }
+
+ /* nope, doesn't like it, use the pk11 copy object command */
+ return pk11_CopyToSlot(slot, mech, CKA_SIGN, originalKey);
+}
+
+void
+PK11_SetFortezzaHack(PK11SymKey *symKey)
+{
+ symKey->origin = PK11_OriginFortezzaHack;
+}
+
+/*
+ * This is required to allow FORTEZZA_NULL and FORTEZZA_RC4
+ * working. This function simply gets a valid IV for the keys.
+ */
+SECStatus
+PK11_GenerateFortezzaIV(PK11SymKey *symKey, unsigned char *iv, int len)
+{
+ CK_MECHANISM mech_info;
+ CK_ULONG count = 0;
+ CK_RV crv;
+ SECStatus rv = SECFailure;
+
+ mech_info.mechanism = CKM_SKIPJACK_CBC64;
+ mech_info.pParameter = iv;
+ mech_info.ulParameterLen = len;
+
+ /* generate the IV for fortezza */
+ PK11_EnterSlotMonitor(symKey->slot);
+ crv = PK11_GETTAB(symKey->slot)->C_EncryptInit(symKey->slot->session, &mech_info, symKey->objectID);
+ if (crv == CKR_OK) {
+ PK11_GETTAB(symKey->slot)->C_EncryptFinal(symKey->slot->session, NULL, &count);
+ rv = SECSuccess;
+ }
+ PK11_ExitSlotMonitor(symKey->slot);
+ return rv;
+}
+
+CK_OBJECT_HANDLE
+PK11_GetSymKeyHandle(PK11SymKey *symKey)
+{
+ return symKey->objectID;
+}
diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
new file mode 100644
index 000000000..c66ae275c
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11slot.c
@@ -0,0 +1,2484 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Deal with PKCS #11 Slots.
+ */
+#include "seccomon.h"
+#include "secmod.h"
+#include "nssilock.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pkcs11t.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "secerr.h"
+
+#include "dev.h"
+#include "dev3hack.h"
+#include "pkim.h"
+#include "utilpars.h"
+
+/*************************************************************
+ * local static and global data
+ *************************************************************/
+
+/*
+ * This array helps parsing between names, mechanisms, and flags.
+ * to make the config files understand more entries, add them
+ * to this table.
+ */
+const PK11DefaultArrayEntry PK11_DefaultArray[] = {
+ { "RSA", SECMOD_RSA_FLAG, CKM_RSA_PKCS },
+ { "DSA", SECMOD_DSA_FLAG, CKM_DSA },
+ { "ECC", SECMOD_ECC_FLAG, CKM_ECDSA },
+ { "DH", SECMOD_DH_FLAG, CKM_DH_PKCS_DERIVE },
+ { "RC2", SECMOD_RC2_FLAG, CKM_RC2_CBC },
+ { "RC4", SECMOD_RC4_FLAG, CKM_RC4 },
+ { "DES", SECMOD_DES_FLAG, CKM_DES_CBC },
+ { "AES", SECMOD_AES_FLAG, CKM_AES_CBC },
+ { "Camellia", SECMOD_CAMELLIA_FLAG, CKM_CAMELLIA_CBC },
+ { "SEED", SECMOD_SEED_FLAG, CKM_SEED_CBC },
+ { "RC5", SECMOD_RC5_FLAG, CKM_RC5_CBC },
+ { "SHA-1", SECMOD_SHA1_FLAG, CKM_SHA_1 },
+ /* { "SHA224", SECMOD_SHA256_FLAG, CKM_SHA224 }, */
+ { "SHA256", SECMOD_SHA256_FLAG, CKM_SHA256 },
+ /* { "SHA384", SECMOD_SHA512_FLAG, CKM_SHA384 }, */
+ { "SHA512", SECMOD_SHA512_FLAG, CKM_SHA512 },
+ { "MD5", SECMOD_MD5_FLAG, CKM_MD5 },
+ { "MD2", SECMOD_MD2_FLAG, CKM_MD2 },
+ { "SSL", SECMOD_SSL_FLAG, CKM_SSL3_PRE_MASTER_KEY_GEN },
+ { "TLS", SECMOD_TLS_FLAG, CKM_TLS_MASTER_KEY_DERIVE },
+ { "SKIPJACK", SECMOD_FORTEZZA_FLAG, CKM_SKIPJACK_CBC64 },
+ { "Publicly-readable certs", SECMOD_FRIENDLY_FLAG, CKM_INVALID_MECHANISM },
+ { "Random Num Generator", SECMOD_RANDOM_FLAG, CKM_FAKE_RANDOM },
+};
+const int num_pk11_default_mechanisms =
+ sizeof(PK11_DefaultArray) / sizeof(PK11_DefaultArray[0]);
+
+const PK11DefaultArrayEntry *
+PK11_GetDefaultArray(int *size)
+{
+ if (size) {
+ *size = num_pk11_default_mechanisms;
+ }
+ return PK11_DefaultArray;
+}
+
+/*
+ * These slotlists are lists of modules which provide default support for
+ * a given algorithm or mechanism.
+ */
+static PK11SlotList
+ pk11_seedSlotList,
+ pk11_camelliaSlotList,
+ pk11_aesSlotList,
+ pk11_desSlotList,
+ pk11_rc4SlotList,
+ pk11_rc2SlotList,
+ pk11_rc5SlotList,
+ pk11_sha1SlotList,
+ pk11_md5SlotList,
+ pk11_md2SlotList,
+ pk11_rsaSlotList,
+ pk11_dsaSlotList,
+ pk11_dhSlotList,
+ pk11_ecSlotList,
+ pk11_ideaSlotList,
+ pk11_sslSlotList,
+ pk11_tlsSlotList,
+ pk11_randomSlotList,
+ pk11_sha256SlotList,
+ pk11_sha512SlotList; /* slots do SHA512 and SHA384 */
+
+/************************************************************
+ * Generic Slot List and Slot List element manipulations
+ ************************************************************/
+
+/*
+ * allocate a new list
+ */
+PK11SlotList *
+PK11_NewSlotList(void)
+{
+ PK11SlotList *list;
+
+ list = (PK11SlotList *)PORT_Alloc(sizeof(PK11SlotList));
+ if (list == NULL)
+ return NULL;
+ list->head = NULL;
+ list->tail = NULL;
+ list->lock = PZ_NewLock(nssILockList);
+ if (list->lock == NULL) {
+ PORT_Free(list);
+ return NULL;
+ }
+
+ return list;
+}
+
+/*
+ * free a list element when all the references go away.
+ */
+SECStatus
+PK11_FreeSlotListElement(PK11SlotList *list, PK11SlotListElement *le)
+{
+ PRBool freeit = PR_FALSE;
+
+ if (list == NULL || le == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ PZ_Lock(list->lock);
+ if (le->refCount-- == 1) {
+ freeit = PR_TRUE;
+ }
+ PZ_Unlock(list->lock);
+ if (freeit) {
+ PK11_FreeSlot(le->slot);
+ PORT_Free(le);
+ }
+ return SECSuccess;
+}
+
+static void
+pk11_FreeSlotListStatic(PK11SlotList *list)
+{
+ PK11SlotListElement *le, *next;
+ if (list == NULL)
+ return;
+
+ for (le = list->head; le; le = next) {
+ next = le->next;
+ PK11_FreeSlotListElement(list, le);
+ }
+ if (list->lock) {
+ PZ_DestroyLock(list->lock);
+ }
+ list->lock = NULL;
+ list->head = NULL;
+}
+
+/*
+ * if we are freeing the list, we must be the only ones with a pointer
+ * to the list.
+ */
+void
+PK11_FreeSlotList(PK11SlotList *list)
+{
+ pk11_FreeSlotListStatic(list);
+ PORT_Free(list);
+}
+
+/*
+ * add a slot to a list
+ * "slot" is the slot to be added. Ownership is not transferred.
+ * "sorted" indicates whether or not the slot should be inserted according to
+ * cipherOrder of the associated module. PR_FALSE indicates that the slot
+ * should be inserted to the head of the list.
+ */
+SECStatus
+PK11_AddSlotToList(PK11SlotList *list, PK11SlotInfo *slot, PRBool sorted)
+{
+ PK11SlotListElement *le;
+ PK11SlotListElement *element;
+
+ le = (PK11SlotListElement *)PORT_Alloc(sizeof(PK11SlotListElement));
+ if (le == NULL)
+ return SECFailure;
+
+ le->slot = PK11_ReferenceSlot(slot);
+ le->prev = NULL;
+ le->refCount = 1;
+ PZ_Lock(list->lock);
+ element = list->head;
+ /* Insertion sort, with higher cipherOrders are sorted first in the list */
+ while (element && sorted && (element->slot->module->cipherOrder >
+ le->slot->module->cipherOrder)) {
+ element = element->next;
+ }
+ if (element) {
+ le->prev = element->prev;
+ element->prev = le;
+ le->next = element;
+ } else {
+ le->prev = list->tail;
+ le->next = NULL;
+ list->tail = le;
+ }
+ if (le->prev)
+ le->prev->next = le;
+ if (list->head == element)
+ list->head = le;
+ PZ_Unlock(list->lock);
+
+ return SECSuccess;
+}
+
+/*
+ * remove a slot entry from the list
+ */
+SECStatus
+PK11_DeleteSlotFromList(PK11SlotList *list, PK11SlotListElement *le)
+{
+ PZ_Lock(list->lock);
+ if (le->prev)
+ le->prev->next = le->next;
+ else
+ list->head = le->next;
+ if (le->next)
+ le->next->prev = le->prev;
+ else
+ list->tail = le->prev;
+ le->next = le->prev = NULL;
+ PZ_Unlock(list->lock);
+ PK11_FreeSlotListElement(list, le);
+ return SECSuccess;
+}
+
+/*
+ * Move a list to the end of the target list.
+ * NOTE: There is no locking here... This assumes BOTH lists are private copy
+ * lists. It also does not re-sort the target list.
+ */
+SECStatus
+pk11_MoveListToList(PK11SlotList *target, PK11SlotList *src)
+{
+ if (src->head == NULL)
+ return SECSuccess;
+
+ if (target->tail == NULL) {
+ target->head = src->head;
+ } else {
+ target->tail->next = src->head;
+ }
+ src->head->prev = target->tail;
+ target->tail = src->tail;
+ src->head = src->tail = NULL;
+ return SECSuccess;
+}
+
+/*
+ * get an element from the list with a reference. You must own the list.
+ */
+PK11SlotListElement *
+PK11_GetFirstRef(PK11SlotList *list)
+{
+ PK11SlotListElement *le;
+
+ le = list->head;
+ if (le != NULL)
+ (le)->refCount++;
+ return le;
+}
+
+/*
+ * get the next element from the list with a reference. You must own the list.
+ */
+PK11SlotListElement *
+PK11_GetNextRef(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
+{
+ PK11SlotListElement *new_le;
+ new_le = le->next;
+ if (new_le)
+ new_le->refCount++;
+ PK11_FreeSlotListElement(list, le);
+ return new_le;
+}
+
+/*
+ * get an element safely from the list. This just makes sure that if
+ * this element is not deleted while we deal with it.
+ */
+PK11SlotListElement *
+PK11_GetFirstSafe(PK11SlotList *list)
+{
+ PK11SlotListElement *le;
+
+ PZ_Lock(list->lock);
+ le = list->head;
+ if (le != NULL)
+ (le)->refCount++;
+ PZ_Unlock(list->lock);
+ return le;
+}
+
+/*
+ * NOTE: if this element gets deleted, we can no longer safely traverse using
+ * it's pointers. We can either terminate the loop, or restart from the
+ * beginning. This is controlled by the restart option.
+ */
+PK11SlotListElement *
+PK11_GetNextSafe(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
+{
+ PK11SlotListElement *new_le;
+ PZ_Lock(list->lock);
+ new_le = le->next;
+ if (le->next == NULL) {
+ /* if the prev and next fields are NULL then either this element
+ * has been removed and we need to walk the list again (if restart
+ * is true) or this was the only element on the list */
+ if ((le->prev == NULL) && restart && (list->head != le)) {
+ new_le = list->head;
+ }
+ }
+ if (new_le)
+ new_le->refCount++;
+ PZ_Unlock(list->lock);
+ PK11_FreeSlotListElement(list, le);
+ return new_le;
+}
+
+/*
+ * Find the element that holds this slot
+ */
+PK11SlotListElement *
+PK11_FindSlotElement(PK11SlotList *list, PK11SlotInfo *slot)
+{
+ PK11SlotListElement *le;
+
+ for (le = PK11_GetFirstSafe(list); le;
+ le = PK11_GetNextSafe(list, le, PR_TRUE)) {
+ if (le->slot == slot)
+ return le;
+ }
+ return NULL;
+}
+
+/************************************************************
+ * Generic Slot Utilities
+ ************************************************************/
+/*
+ * Create a new slot structure
+ */
+PK11SlotInfo *
+PK11_NewSlotInfo(SECMODModule *mod)
+{
+ PK11SlotInfo *slot;
+
+ slot = (PK11SlotInfo *)PORT_Alloc(sizeof(PK11SlotInfo));
+ if (slot == NULL)
+ return slot;
+
+ slot->sessionLock = mod->isThreadSafe ? PZ_NewLock(nssILockSession) : mod->refLock;
+ if (slot->sessionLock == NULL) {
+ PORT_Free(slot);
+ return NULL;
+ }
+ slot->freeListLock = PZ_NewLock(nssILockFreelist);
+ if (slot->freeListLock == NULL) {
+ if (mod->isThreadSafe) {
+ PZ_DestroyLock(slot->sessionLock);
+ }
+ PORT_Free(slot);
+ return NULL;
+ }
+ slot->freeSymKeysWithSessionHead = NULL;
+ slot->freeSymKeysHead = NULL;
+ slot->keyCount = 0;
+ slot->maxKeyCount = 0;
+ slot->functionList = NULL;
+ slot->needTest = PR_TRUE;
+ slot->isPerm = PR_FALSE;
+ slot->isHW = PR_FALSE;
+ slot->isInternal = PR_FALSE;
+ slot->isThreadSafe = PR_FALSE;
+ slot->disabled = PR_FALSE;
+ slot->series = 1;
+ slot->wrapKey = 0;
+ slot->wrapMechanism = CKM_INVALID_MECHANISM;
+ slot->refKeys[0] = CK_INVALID_HANDLE;
+ slot->reason = PK11_DIS_NONE;
+ slot->readOnly = PR_TRUE;
+ slot->needLogin = PR_FALSE;
+ slot->hasRandom = PR_FALSE;
+ slot->defRWSession = PR_FALSE;
+ slot->protectedAuthPath = PR_FALSE;
+ slot->flags = 0;
+ slot->session = CK_INVALID_SESSION;
+ slot->slotID = 0;
+ slot->defaultFlags = 0;
+ slot->refCount = 1;
+ slot->askpw = 0;
+ slot->timeout = 0;
+ slot->mechanismList = NULL;
+ slot->mechanismCount = 0;
+ slot->cert_array = NULL;
+ slot->cert_count = 0;
+ slot->slot_name[0] = 0;
+ slot->token_name[0] = 0;
+ PORT_Memset(slot->serial, ' ', sizeof(slot->serial));
+ slot->module = NULL;
+ slot->authTransact = 0;
+ slot->authTime = LL_ZERO;
+ slot->minPassword = 0;
+ slot->maxPassword = 0;
+ slot->hasRootCerts = PR_FALSE;
+ slot->hasRootTrust = PR_FALSE;
+ slot->nssToken = NULL;
+ return slot;
+}
+
+/* create a new reference to a slot so it doesn't go away */
+PK11SlotInfo *
+PK11_ReferenceSlot(PK11SlotInfo *slot)
+{
+ PR_ATOMIC_INCREMENT(&slot->refCount);
+ return slot;
+}
+
+/* Destroy all info on a slot we have built up */
+void
+PK11_DestroySlot(PK11SlotInfo *slot)
+{
+ /* free up the cached keys and sessions */
+ PK11_CleanKeyList(slot);
+
+ /* free up all the sessions on this slot */
+ if (slot->functionList) {
+ PK11_GETTAB(slot)
+ ->C_CloseAllSessions(slot->slotID);
+ }
+
+ if (slot->mechanismList) {
+ PORT_Free(slot->mechanismList);
+ }
+ if (slot->isThreadSafe && slot->sessionLock) {
+ PZ_DestroyLock(slot->sessionLock);
+ }
+ slot->sessionLock = NULL;
+ if (slot->freeListLock) {
+ PZ_DestroyLock(slot->freeListLock);
+ slot->freeListLock = NULL;
+ }
+
+ /* finally Tell our parent module that we've gone away so it can unload */
+ if (slot->module) {
+ SECMOD_SlotDestroyModule(slot->module, PR_TRUE);
+ }
+
+ /* ok, well not quit finally... now we free the memory */
+ PORT_Free(slot);
+}
+
+/* We're all done with the slot, free it */
+void
+PK11_FreeSlot(PK11SlotInfo *slot)
+{
+ if (PR_ATOMIC_DECREMENT(&slot->refCount) == 0) {
+ PK11_DestroySlot(slot);
+ }
+}
+
+void
+PK11_EnterSlotMonitor(PK11SlotInfo *slot)
+{
+ PZ_Lock(slot->sessionLock);
+}
+
+void
+PK11_ExitSlotMonitor(PK11SlotInfo *slot)
+{
+ PZ_Unlock(slot->sessionLock);
+}
+
+/***********************************************************
+ * Functions to find specific slots.
+ ***********************************************************/
+PRBool
+SECMOD_HasRootCerts(void)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList *modules;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ int i;
+ PRBool found = PR_FALSE;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return found;
+ }
+
+ /* work through all the slots */
+ SECMOD_GetReadLock(moduleLock);
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ PK11SlotInfo *tmpSlot = mlp->module->slots[i];
+ if (PK11_IsPresent(tmpSlot)) {
+ if (tmpSlot->hasRootCerts) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+ }
+ if (found)
+ break;
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ return found;
+}
+
+/***********************************************************
+ * Functions to find specific slots.
+ ***********************************************************/
+PK11SlotList *
+PK11_FindSlotsByNames(const char *dllName, const char *slotName,
+ const char *tokenName, PRBool presentOnly)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList *modules;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ int i;
+ PK11SlotList *slotList = NULL;
+ PRUint32 slotcount = 0;
+ SECStatus rv = SECSuccess;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return slotList;
+ }
+
+ slotList = PK11_NewSlotList();
+ if (!slotList) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return slotList;
+ }
+
+ if (((NULL == dllName) || (0 == *dllName)) &&
+ ((NULL == slotName) || (0 == *slotName)) &&
+ ((NULL == tokenName) || (0 == *tokenName))) {
+ /* default to softoken */
+ /* PK11_GetInternalKeySlot increments the refcount on the internal slot,
+ * but so does PK11_AddSlotToList. To avoid erroneously increasing the
+ * refcount twice, we get our own reference to the internal slot and
+ * decrement its refcount when we're done with it. */
+ PK11SlotInfo *internalKeySlot = PK11_GetInternalKeySlot();
+ PK11_AddSlotToList(slotList, internalKeySlot, PR_TRUE);
+ PK11_FreeSlot(internalKeySlot);
+ return slotList;
+ }
+
+ /* work through all the slots */
+ SECMOD_GetReadLock(moduleLock);
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ PORT_Assert(mlp->module);
+ if (!mlp->module) {
+ rv = SECFailure;
+ break;
+ }
+ if ((!dllName) || (mlp->module->dllName &&
+ (0 == PORT_Strcmp(mlp->module->dllName, dllName)))) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ PK11SlotInfo *tmpSlot = (mlp->module->slots ? mlp->module->slots[i] : NULL);
+ PORT_Assert(tmpSlot);
+ if (!tmpSlot) {
+ rv = SECFailure;
+ break;
+ }
+ if ((PR_FALSE == presentOnly || PK11_IsPresent(tmpSlot)) &&
+ ((!tokenName) ||
+ (0 == PORT_Strcmp(tmpSlot->token_name, tokenName))) &&
+ ((!slotName) ||
+ (0 == PORT_Strcmp(tmpSlot->slot_name, slotName)))) {
+ PK11_AddSlotToList(slotList, tmpSlot, PR_TRUE);
+ slotcount++;
+ }
+ }
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ if ((0 == slotcount) || (SECFailure == rv)) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ PK11_FreeSlotList(slotList);
+ slotList = NULL;
+ }
+
+ if (SECFailure == rv) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+
+ return slotList;
+}
+
+PK11SlotInfo *
+PK11_FindSlotByName(const char *name)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList *modules;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ int i;
+ PK11SlotInfo *slot = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return slot;
+ }
+ if ((name == NULL) || (*name == 0)) {
+ return PK11_GetInternalKeySlot();
+ }
+
+ /* work through all the slots */
+ SECMOD_GetReadLock(moduleLock);
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ PK11SlotInfo *tmpSlot = mlp->module->slots[i];
+ if (PK11_IsPresent(tmpSlot)) {
+ if (PORT_Strcmp(tmpSlot->token_name, name) == 0) {
+ slot = PK11_ReferenceSlot(tmpSlot);
+ break;
+ }
+ }
+ }
+ if (slot != NULL)
+ break;
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ }
+
+ return slot;
+}
+
+PK11SlotInfo *
+PK11_FindSlotBySerial(char *serial)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList *modules;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ int i;
+ PK11SlotInfo *slot = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return slot;
+ }
+ /* work through all the slots */
+ SECMOD_GetReadLock(moduleLock);
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ PK11SlotInfo *tmpSlot = mlp->module->slots[i];
+ if (PK11_IsPresent(tmpSlot)) {
+ if (PORT_Memcmp(tmpSlot->serial, serial,
+ sizeof(tmpSlot->serial)) == 0) {
+ slot = PK11_ReferenceSlot(tmpSlot);
+ break;
+ }
+ }
+ }
+ if (slot != NULL)
+ break;
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ }
+
+ return slot;
+}
+
+/*
+ * notification stub. If we ever get interested in any events that
+ * the pkcs11 functions may pass back to use, we can catch them here...
+ * currently pdata is a slotinfo structure.
+ */
+CK_RV
+pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
+ CK_VOID_PTR pdata)
+{
+ return CKR_OK;
+}
+
+/*
+ * grab a new RW session
+ * !!! has a side effect of grabbing the Monitor if either the slot's default
+ * session is RW or the slot is not thread safe. Monitor is release in function
+ * below
+ */
+CK_SESSION_HANDLE
+PK11_GetRWSession(PK11SlotInfo *slot)
+{
+ CK_SESSION_HANDLE rwsession;
+ CK_RV crv;
+ PRBool haveMonitor = PR_FALSE;
+
+ if (!slot->isThreadSafe || slot->defRWSession) {
+ PK11_EnterSlotMonitor(slot);
+ haveMonitor = PR_TRUE;
+ }
+ if (slot->defRWSession) {
+ PORT_Assert(slot->session != CK_INVALID_SESSION);
+ if (slot->session != CK_INVALID_SESSION)
+ return slot->session;
+ }
+
+ crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
+ CKF_RW_SESSION | CKF_SERIAL_SESSION,
+ slot, pk11_notify, &rwsession);
+ PORT_Assert(rwsession != CK_INVALID_SESSION || crv != CKR_OK);
+ if (crv != CKR_OK || rwsession == CK_INVALID_SESSION) {
+ if (crv == CKR_OK)
+ crv = CKR_DEVICE_ERROR;
+ if (haveMonitor)
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return CK_INVALID_SESSION;
+ }
+ if (slot->defRWSession) { /* we have the monitor */
+ slot->session = rwsession;
+ }
+ return rwsession;
+}
+
+PRBool
+PK11_RWSessionHasLock(PK11SlotInfo *slot, CK_SESSION_HANDLE session_handle)
+{
+ PRBool hasLock;
+ hasLock = (PRBool)(!slot->isThreadSafe ||
+ (slot->defRWSession && slot->session != CK_INVALID_SESSION));
+ return hasLock;
+}
+
+static PRBool
+pk11_RWSessionIsDefault(PK11SlotInfo *slot, CK_SESSION_HANDLE rwsession)
+{
+ PRBool isDefault;
+ isDefault = (PRBool)(slot->session == rwsession &&
+ slot->defRWSession &&
+ slot->session != CK_INVALID_SESSION);
+ return isDefault;
+}
+
+/*
+ * close the rwsession and restore our readonly session
+ * !!! has a side effect of releasing the Monitor if either the slot's default
+ * session is RW or the slot is not thread safe.
+ */
+void
+PK11_RestoreROSession(PK11SlotInfo *slot, CK_SESSION_HANDLE rwsession)
+{
+ PORT_Assert(rwsession != CK_INVALID_SESSION);
+ if (rwsession != CK_INVALID_SESSION) {
+ PRBool doExit = PK11_RWSessionHasLock(slot, rwsession);
+ if (!pk11_RWSessionIsDefault(slot, rwsession))
+ PK11_GETTAB(slot)
+ ->C_CloseSession(rwsession);
+ if (doExit)
+ PK11_ExitSlotMonitor(slot);
+ }
+}
+
+/************************************************************
+ * Manage the built-In Slot Lists
+ ************************************************************/
+
+/* Init the static built int slot list (should actually integrate
+ * with PK11_NewSlotList */
+static void
+pk11_InitSlotListStatic(PK11SlotList *list)
+{
+ list->lock = PZ_NewLock(nssILockList);
+ list->head = NULL;
+}
+
+/* initialize the system slotlists */
+SECStatus
+PK11_InitSlotLists(void)
+{
+ pk11_InitSlotListStatic(&pk11_seedSlotList);
+ pk11_InitSlotListStatic(&pk11_camelliaSlotList);
+ pk11_InitSlotListStatic(&pk11_aesSlotList);
+ pk11_InitSlotListStatic(&pk11_desSlotList);
+ pk11_InitSlotListStatic(&pk11_rc4SlotList);
+ pk11_InitSlotListStatic(&pk11_rc2SlotList);
+ pk11_InitSlotListStatic(&pk11_rc5SlotList);
+ pk11_InitSlotListStatic(&pk11_md5SlotList);
+ pk11_InitSlotListStatic(&pk11_md2SlotList);
+ pk11_InitSlotListStatic(&pk11_sha1SlotList);
+ pk11_InitSlotListStatic(&pk11_rsaSlotList);
+ pk11_InitSlotListStatic(&pk11_dsaSlotList);
+ pk11_InitSlotListStatic(&pk11_dhSlotList);
+ pk11_InitSlotListStatic(&pk11_ecSlotList);
+ pk11_InitSlotListStatic(&pk11_ideaSlotList);
+ pk11_InitSlotListStatic(&pk11_sslSlotList);
+ pk11_InitSlotListStatic(&pk11_tlsSlotList);
+ pk11_InitSlotListStatic(&pk11_randomSlotList);
+ pk11_InitSlotListStatic(&pk11_sha256SlotList);
+ pk11_InitSlotListStatic(&pk11_sha512SlotList);
+ return SECSuccess;
+}
+
+void
+PK11_DestroySlotLists(void)
+{
+ pk11_FreeSlotListStatic(&pk11_seedSlotList);
+ pk11_FreeSlotListStatic(&pk11_camelliaSlotList);
+ pk11_FreeSlotListStatic(&pk11_aesSlotList);
+ pk11_FreeSlotListStatic(&pk11_desSlotList);
+ pk11_FreeSlotListStatic(&pk11_rc4SlotList);
+ pk11_FreeSlotListStatic(&pk11_rc2SlotList);
+ pk11_FreeSlotListStatic(&pk11_rc5SlotList);
+ pk11_FreeSlotListStatic(&pk11_md5SlotList);
+ pk11_FreeSlotListStatic(&pk11_md2SlotList);
+ pk11_FreeSlotListStatic(&pk11_sha1SlotList);
+ pk11_FreeSlotListStatic(&pk11_rsaSlotList);
+ pk11_FreeSlotListStatic(&pk11_dsaSlotList);
+ pk11_FreeSlotListStatic(&pk11_dhSlotList);
+ pk11_FreeSlotListStatic(&pk11_ecSlotList);
+ pk11_FreeSlotListStatic(&pk11_ideaSlotList);
+ pk11_FreeSlotListStatic(&pk11_sslSlotList);
+ pk11_FreeSlotListStatic(&pk11_tlsSlotList);
+ pk11_FreeSlotListStatic(&pk11_randomSlotList);
+ pk11_FreeSlotListStatic(&pk11_sha256SlotList);
+ pk11_FreeSlotListStatic(&pk11_sha512SlotList);
+ return;
+}
+
+/* return a system slot list based on mechanism */
+PK11SlotList *
+PK11_GetSlotList(CK_MECHANISM_TYPE type)
+{
+/* XXX a workaround for Bugzilla bug #55267 */
+#if defined(HPUX) && defined(__LP64__)
+ if (CKM_INVALID_MECHANISM == type)
+ return NULL;
+#endif
+ switch (type) {
+ case CKM_SEED_CBC:
+ case CKM_SEED_ECB:
+ return &pk11_seedSlotList;
+ case CKM_CAMELLIA_CBC:
+ case CKM_CAMELLIA_ECB:
+ return &pk11_camelliaSlotList;
+ case CKM_AES_CBC:
+ case CKM_AES_CCM:
+ case CKM_AES_CTR:
+ case CKM_AES_CTS:
+ case CKM_AES_GCM:
+ case CKM_AES_ECB:
+ return &pk11_aesSlotList;
+ case CKM_DES_CBC:
+ case CKM_DES_ECB:
+ case CKM_DES3_ECB:
+ case CKM_DES3_CBC:
+ return &pk11_desSlotList;
+ case CKM_RC4:
+ return &pk11_rc4SlotList;
+ case CKM_RC5_CBC:
+ return &pk11_rc5SlotList;
+ case CKM_SHA_1:
+ return &pk11_sha1SlotList;
+ case CKM_SHA224:
+ case CKM_SHA256:
+ return &pk11_sha256SlotList;
+ case CKM_SHA384:
+ case CKM_SHA512:
+ return &pk11_sha512SlotList;
+ case CKM_MD5:
+ return &pk11_md5SlotList;
+ case CKM_MD2:
+ return &pk11_md2SlotList;
+ case CKM_RC2_ECB:
+ case CKM_RC2_CBC:
+ return &pk11_rc2SlotList;
+ case CKM_RSA_PKCS:
+ case CKM_RSA_PKCS_KEY_PAIR_GEN:
+ case CKM_RSA_X_509:
+ return &pk11_rsaSlotList;
+ case CKM_DSA:
+ return &pk11_dsaSlotList;
+ case CKM_DH_PKCS_KEY_PAIR_GEN:
+ case CKM_DH_PKCS_DERIVE:
+ return &pk11_dhSlotList;
+ case CKM_ECDSA:
+ case CKM_ECDSA_SHA1:
+ case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
+ case CKM_ECDH1_DERIVE:
+ return &pk11_ecSlotList;
+ case CKM_SSL3_PRE_MASTER_KEY_GEN:
+ case CKM_SSL3_MASTER_KEY_DERIVE:
+ case CKM_SSL3_SHA1_MAC:
+ case CKM_SSL3_MD5_MAC:
+ return &pk11_sslSlotList;
+ case CKM_TLS_MASTER_KEY_DERIVE:
+ case CKM_TLS_KEY_AND_MAC_DERIVE:
+ case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256:
+ return &pk11_tlsSlotList;
+ case CKM_IDEA_CBC:
+ case CKM_IDEA_ECB:
+ return &pk11_ideaSlotList;
+ case CKM_FAKE_RANDOM:
+ return &pk11_randomSlotList;
+ }
+ return NULL;
+}
+
+/*
+ * load the static SlotInfo structures used to select a PKCS11 slot.
+ * preSlotInfo has a list of all the default flags for the slots on this
+ * module.
+ */
+void
+PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count)
+{
+ int i;
+
+ for (i = 0; i < count; i++) {
+ if (psi[i].slotID == slot->slotID)
+ break;
+ }
+
+ if (i == count)
+ return;
+
+ slot->defaultFlags = psi[i].defaultFlags;
+ slot->askpw = psi[i].askpw;
+ slot->timeout = psi[i].timeout;
+ slot->hasRootCerts = psi[i].hasRootCerts;
+
+ /* if the slot is already disabled, don't load them into the
+ * default slot lists. We get here so we can save the default
+ * list value. */
+ if (slot->disabled)
+ return;
+
+ /* if the user has disabled us, don't load us in */
+ if (slot->defaultFlags & PK11_DISABLE_FLAG) {
+ slot->disabled = PR_TRUE;
+ slot->reason = PK11_DIS_USER_SELECTED;
+ /* free up sessions and things?? */
+ return;
+ }
+
+ for (i = 0; i < num_pk11_default_mechanisms; i++) {
+ if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
+ CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
+ PK11SlotList *slotList = PK11_GetSlotList(mechanism);
+
+ if (slotList)
+ PK11_AddSlotToList(slotList, slot, PR_FALSE);
+ }
+ }
+
+ return;
+}
+
+/*
+ * update a slot to its new attribute according to the slot list
+ * returns: SECSuccess if nothing to do or add/delete is successful
+ */
+SECStatus
+PK11_UpdateSlotAttribute(PK11SlotInfo *slot,
+ const PK11DefaultArrayEntry *entry,
+ PRBool add)
+/* add: PR_TRUE if want to turn on */
+{
+ SECStatus result = SECSuccess;
+ PK11SlotList *slotList = PK11_GetSlotList(entry->mechanism);
+
+ if (add) { /* trying to turn on a mechanism */
+
+ /* turn on the default flag in the slot */
+ slot->defaultFlags |= entry->flag;
+
+ /* add this slot to the list */
+ if (slotList != NULL)
+ result = PK11_AddSlotToList(slotList, slot, PR_FALSE);
+
+ } else { /* trying to turn off */
+
+ /* turn OFF the flag in the slot */
+ slot->defaultFlags &= ~entry->flag;
+
+ if (slotList) {
+ /* find the element in the list & delete it */
+ PK11SlotListElement *le = PK11_FindSlotElement(slotList, slot);
+
+ /* remove the slot from the list */
+ if (le)
+ result = PK11_DeleteSlotFromList(slotList, le);
+ }
+ }
+ return result;
+}
+
+/*
+ * clear a slot off of all of it's default list
+ */
+void
+PK11_ClearSlotList(PK11SlotInfo *slot)
+{
+ int i;
+
+ if (slot->disabled)
+ return;
+ if (slot->defaultFlags == 0)
+ return;
+
+ for (i = 0; i < num_pk11_default_mechanisms; i++) {
+ if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
+ CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
+ PK11SlotList *slotList = PK11_GetSlotList(mechanism);
+ PK11SlotListElement *le = NULL;
+
+ if (slotList)
+ le = PK11_FindSlotElement(slotList, slot);
+
+ if (le) {
+ PK11_DeleteSlotFromList(slotList, le);
+ PK11_FreeSlotListElement(slotList, le);
+ }
+ }
+ }
+}
+
+/******************************************************************
+ * Slot initialization
+ ******************************************************************/
+/*
+ * turn a PKCS11 Static Label into a string
+ */
+char *
+PK11_MakeString(PLArenaPool *arena, char *space,
+ char *staticString, int stringLen)
+{
+ int i;
+ char *newString;
+ for (i = (stringLen - 1); i >= 0; i--) {
+ if (staticString[i] != ' ')
+ break;
+ }
+ /* move i to point to the last space */
+ i++;
+ if (arena) {
+ newString = (char *)PORT_ArenaAlloc(arena, i + 1 /* space for NULL */);
+ } else if (space) {
+ newString = space;
+ } else {
+ newString = (char *)PORT_Alloc(i + 1 /* space for NULL */);
+ }
+ if (newString == NULL)
+ return NULL;
+
+ if (i)
+ PORT_Memcpy(newString, staticString, i);
+ newString[i] = 0;
+
+ return newString;
+}
+
+/*
+ * Reads in the slots mechanism list for later use
+ */
+SECStatus
+PK11_ReadMechanismList(PK11SlotInfo *slot)
+{
+ CK_ULONG count;
+ CK_RV crv;
+ PRUint32 i;
+
+ if (slot->mechanismList) {
+ PORT_Free(slot->mechanismList);
+ slot->mechanismList = NULL;
+ }
+ slot->mechanismCount = 0;
+
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID, NULL, &count);
+ if (crv != CKR_OK) {
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ slot->mechanismList = (CK_MECHANISM_TYPE *)
+ PORT_Alloc(count * sizeof(CK_MECHANISM_TYPE));
+ if (slot->mechanismList == NULL) {
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,
+ slot->mechanismList, &count);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_Free(slot->mechanismList);
+ slot->mechanismList = NULL;
+ PORT_SetError(PK11_MapError(crv));
+ return SECSuccess;
+ }
+ slot->mechanismCount = count;
+ PORT_Memset(slot->mechanismBits, 0, sizeof(slot->mechanismBits));
+
+ for (i = 0; i < count; i++) {
+ CK_MECHANISM_TYPE mech = slot->mechanismList[i];
+ if (mech < 0x7ff) {
+ slot->mechanismBits[mech & 0xff] |= 1 << (mech >> 8);
+ }
+ }
+ return SECSuccess;
+}
+
+/*
+ * initialize a new token
+ * unlike initialize slot, this can be called multiple times in the lifetime
+ * of NSS. It reads the information associated with a card or token,
+ * that is not going to change unless the card or token changes.
+ */
+SECStatus
+PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
+{
+ CK_TOKEN_INFO tokenInfo;
+ CK_RV crv;
+ SECStatus rv;
+ PRStatus status;
+
+ /* set the slot flags to the current token values */
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &tokenInfo);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ /* set the slot flags to the current token values */
+ slot->series++; /* allow other objects to detect that the
+ * slot is different */
+ slot->flags = tokenInfo.flags;
+ slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE);
+ slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE);
+
+ slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
+ slot->protectedAuthPath =
+ ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
+ ? PR_TRUE
+ : PR_FALSE);
+ slot->lastLoginCheck = 0;
+ slot->lastState = 0;
+ /* on some platforms Active Card incorrectly sets the
+ * CKF_PROTECTED_AUTHENTICATION_PATH bit when it doesn't mean to. */
+ if (slot->isActiveCard) {
+ slot->protectedAuthPath = PR_FALSE;
+ }
+ (void)PK11_MakeString(NULL, slot->token_name,
+ (char *)tokenInfo.label, sizeof(tokenInfo.label));
+ slot->minPassword = tokenInfo.ulMinPinLen;
+ slot->maxPassword = tokenInfo.ulMaxPinLen;
+ PORT_Memcpy(slot->serial, tokenInfo.serialNumber, sizeof(slot->serial));
+
+ nssToken_UpdateName(slot->nssToken);
+
+ slot->defRWSession = (PRBool)((!slot->readOnly) &&
+ (tokenInfo.ulMaxSessionCount == 1));
+ rv = PK11_ReadMechanismList(slot);
+ if (rv != SECSuccess)
+ return rv;
+
+ slot->hasRSAInfo = PR_FALSE;
+ slot->RSAInfoFlags = 0;
+
+ /* initialize the maxKeyCount value */
+ if (tokenInfo.ulMaxSessionCount == 0) {
+ slot->maxKeyCount = 800; /* should be #define or a config param */
+ } else if (tokenInfo.ulMaxSessionCount < 20) {
+ /* don't have enough sessions to keep that many keys around */
+ slot->maxKeyCount = 0;
+ } else {
+ slot->maxKeyCount = tokenInfo.ulMaxSessionCount / 2;
+ }
+
+ /* Make sure our session handle is valid */
+ if (slot->session == CK_INVALID_SESSION) {
+ /* we know we don't have a valid session, go get one */
+ CK_SESSION_HANDLE session;
+
+ /* session should be Readonly, serial */
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
+ (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
+ slot, pk11_notify, &session);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ slot->session = session;
+ } else {
+ /* The session we have may be defunct (the token associated with it)
+ * has been removed */
+ CK_SESSION_INFO sessionInfo;
+
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session, &sessionInfo);
+ if (crv == CKR_DEVICE_ERROR) {
+ PK11_GETTAB(slot)
+ ->C_CloseSession(slot->session);
+ crv = CKR_SESSION_CLOSED;
+ }
+ if ((crv == CKR_SESSION_CLOSED) || (crv == CKR_SESSION_HANDLE_INVALID)) {
+ crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
+ (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
+ slot, pk11_notify, &slot->session);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ slot->session = CK_INVALID_SESSION;
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ return SECFailure;
+ }
+ }
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ }
+
+ status = nssToken_Refresh(slot->nssToken);
+ if (status != PR_SUCCESS)
+ return SECFailure;
+
+ if (!(slot->isInternal) && (slot->hasRandom)) {
+ /* if this slot has a random number generater, use it to add entropy
+ * to the internal slot. */
+ PK11SlotInfo *int_slot = PK11_GetInternalSlot();
+
+ if (int_slot) {
+ unsigned char random_bytes[32];
+
+ /* if this slot can issue random numbers, get some entropy from
+ * that random number generater and give it to our internal token.
+ */
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GenerateRandom(slot->session, random_bytes, sizeof(random_bytes));
+ PK11_ExitSlotMonitor(slot);
+ if (crv == CKR_OK) {
+ PK11_EnterSlotMonitor(int_slot);
+ PK11_GETTAB(int_slot)
+ ->C_SeedRandom(int_slot->session,
+ random_bytes, sizeof(random_bytes));
+ PK11_ExitSlotMonitor(int_slot);
+ }
+
+ /* Now return the favor and send entropy to the token's random
+ * number generater */
+ PK11_EnterSlotMonitor(int_slot);
+ crv = PK11_GETTAB(int_slot)->C_GenerateRandom(int_slot->session,
+ random_bytes, sizeof(random_bytes));
+ PK11_ExitSlotMonitor(int_slot);
+ if (crv == CKR_OK) {
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_SeedRandom(slot->session,
+ random_bytes, sizeof(random_bytes));
+ PK11_ExitSlotMonitor(slot);
+ }
+ PK11_FreeSlot(int_slot);
+ }
+ }
+ /* work around a problem in softoken where it incorrectly
+ * reports databases opened read only as read/write. */
+ if (slot->isInternal && !slot->readOnly) {
+ CK_SESSION_HANDLE session = CK_INVALID_SESSION;
+
+ /* try to open a R/W session */
+ crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
+ CKF_RW_SESSION | CKF_SERIAL_SESSION, slot, pk11_notify, &session);
+ /* what a well behaved token should return if you open
+ * a RW session on a read only token */
+ if (crv == CKR_TOKEN_WRITE_PROTECTED) {
+ slot->readOnly = PR_TRUE;
+ } else if (crv == CKR_OK) {
+ CK_SESSION_INFO sessionInfo;
+
+ /* Because of a second bug in softoken, which silently returns
+ * a RO session, we need to check what type of session we got. */
+ crv = PK11_GETTAB(slot)->C_GetSessionInfo(session, &sessionInfo);
+ if (crv == CKR_OK) {
+ if ((sessionInfo.flags & CKF_RW_SESSION) == 0) {
+ /* session was readonly, so this softoken slot must be readonly */
+ slot->readOnly = PR_TRUE;
+ }
+ }
+ PK11_GETTAB(slot)
+ ->C_CloseSession(session);
+ }
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * initialize a new token
+ * unlike initialize slot, this can be called multiple times in the lifetime
+ * of NSS. It reads the information associated with a card or token,
+ * that is not going to change unless the card or token changes.
+ */
+SECStatus
+PK11_TokenRefresh(PK11SlotInfo *slot)
+{
+ CK_TOKEN_INFO tokenInfo;
+ CK_RV crv;
+
+ /* set the slot flags to the current token values */
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, &tokenInfo);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+
+ slot->flags = tokenInfo.flags;
+ slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? PR_TRUE : PR_FALSE);
+ slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? PR_TRUE : PR_FALSE);
+ slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
+ slot->protectedAuthPath =
+ ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
+ ? PR_TRUE
+ : PR_FALSE);
+ /* on some platforms Active Card incorrectly sets the
+ * CKF_PROTECTED_AUTHENTICATION_PATH bit when it doesn't mean to. */
+ if (slot->isActiveCard) {
+ slot->protectedAuthPath = PR_FALSE;
+ }
+ return SECSuccess;
+}
+
+static PRBool
+pk11_isRootSlot(PK11SlotInfo *slot)
+{
+ CK_ATTRIBUTE findTemp[1];
+ CK_ATTRIBUTE *attrs;
+ CK_OBJECT_CLASS oclass = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
+ int tsize;
+ CK_OBJECT_HANDLE handle;
+
+ attrs = findTemp;
+ PK11_SETATTRS(attrs, CKA_CLASS, &oclass, sizeof(oclass));
+ attrs++;
+ tsize = attrs - findTemp;
+ PORT_Assert(tsize <= sizeof(findTemp) / sizeof(CK_ATTRIBUTE));
+
+ handle = pk11_FindObjectByTemplate(slot, findTemp, tsize);
+ if (handle == CK_INVALID_HANDLE) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/*
+ * Initialize the slot :
+ * This initialization code is called on each slot a module supports when
+ * it is loaded. It does the bringup initialization. The difference between
+ * this and InitToken is Init slot does those one time initialization stuff,
+ * usually associated with the reader, while InitToken may get called multiple
+ * times as tokens are removed and re-inserted.
+ */
+void
+PK11_InitSlot(SECMODModule *mod, CK_SLOT_ID slotID, PK11SlotInfo *slot)
+{
+ SECStatus rv;
+ CK_SLOT_INFO slotInfo;
+
+ slot->functionList = mod->functionList;
+ slot->isInternal = mod->internal;
+ slot->slotID = slotID;
+ slot->isThreadSafe = mod->isThreadSafe;
+ slot->hasRSAInfo = PR_FALSE;
+
+ if (PK11_GETTAB(slot)->C_GetSlotInfo(slotID, &slotInfo) != CKR_OK) {
+ slot->disabled = PR_TRUE;
+ slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
+ return;
+ }
+
+ /* test to make sure claimed mechanism work */
+ slot->needTest = mod->internal ? PR_FALSE : PR_TRUE;
+ slot->module = mod; /* NOTE: we don't make a reference here because
+ * modules have references to their slots. This
+ * works because modules keep implicit references
+ * from their slots, and won't unload and disappear
+ * until all their slots have been freed */
+ (void)PK11_MakeString(NULL, slot->slot_name,
+ (char *)slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
+ slot->isHW = (PRBool)((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT);
+#define ACTIVE_CARD "ActivCard SA"
+ slot->isActiveCard = (PRBool)(PORT_Strncmp((char *)slotInfo.manufacturerID,
+ ACTIVE_CARD, sizeof(ACTIVE_CARD) - 1) == 0);
+ if ((slotInfo.flags & CKF_REMOVABLE_DEVICE) == 0) {
+ slot->isPerm = PR_TRUE;
+ /* permanment slots must have the token present always */
+ if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
+ slot->disabled = PR_TRUE;
+ slot->reason = PK11_DIS_TOKEN_NOT_PRESENT;
+ return; /* nothing else to do */
+ }
+ }
+ /* if the token is present, initialize it */
+ if ((slotInfo.flags & CKF_TOKEN_PRESENT) != 0) {
+ rv = PK11_InitToken(slot, PR_TRUE);
+ /* the only hard failures are on permanent devices, or function
+ * verify failures... function verify failures are already handled
+ * by tokenInit */
+ if ((rv != SECSuccess) && (slot->isPerm) && (!slot->disabled)) {
+ slot->disabled = PR_TRUE;
+ slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
+ }
+ if (rv == SECSuccess && pk11_isRootSlot(slot)) {
+ if (!slot->hasRootCerts) {
+ slot->module->trustOrder = 100;
+ }
+ slot->hasRootCerts = PR_TRUE;
+ }
+ }
+}
+
+/*********************************************************************
+ * Slot mapping utility functions.
+ *********************************************************************/
+
+/*
+ * determine if the token is present. If the token is present, make sure
+ * we have a valid session handle. Also set the value of needLogin
+ * appropriately.
+ */
+static PRBool
+pk11_IsPresentCertLoad(PK11SlotInfo *slot, PRBool loadCerts)
+{
+ CK_SLOT_INFO slotInfo;
+ CK_SESSION_INFO sessionInfo;
+ CK_RV crv;
+
+ /* disabled slots are never present */
+ if (slot->disabled) {
+ return PR_FALSE;
+ }
+
+ /* permanent slots are always present */
+ if (slot->isPerm && (slot->session != CK_INVALID_SESSION)) {
+ return PR_TRUE;
+ }
+
+ if (slot->nssToken) {
+ return nssToken_IsPresent(slot->nssToken);
+ }
+
+ /* removable slots have a flag that says they are present */
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ if (PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID, &slotInfo) != CKR_OK) {
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ return PR_FALSE;
+ }
+ if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
+ /* if the slot is no longer present, close the session */
+ if (slot->session != CK_INVALID_SESSION) {
+ PK11_GETTAB(slot)
+ ->C_CloseSession(slot->session);
+ slot->session = CK_INVALID_SESSION;
+ }
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ return PR_FALSE;
+ }
+
+ /* use the session Info to determine if the card has been removed and then
+ * re-inserted */
+ if (slot->session != CK_INVALID_SESSION) {
+ if (slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session, &sessionInfo);
+ if (crv != CKR_OK) {
+ PK11_GETTAB(slot)
+ ->C_CloseSession(slot->session);
+ slot->session = CK_INVALID_SESSION;
+ }
+ if (slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ }
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+
+ /* card has not been removed, current token info is correct */
+ if (slot->session != CK_INVALID_SESSION)
+ return PR_TRUE;
+
+ /* initialize the token info state */
+ if (PK11_InitToken(slot, loadCerts) != SECSuccess) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+/*
+ * old version of the routine
+ */
+PRBool
+PK11_IsPresent(PK11SlotInfo *slot)
+{
+ return pk11_IsPresentCertLoad(slot, PR_TRUE);
+}
+
+/* is the slot disabled? */
+PRBool
+PK11_IsDisabled(PK11SlotInfo *slot)
+{
+ return slot->disabled;
+}
+
+/* and why? */
+PK11DisableReasons
+PK11_GetDisabledReason(PK11SlotInfo *slot)
+{
+ return slot->reason;
+}
+
+/* returns PR_TRUE if successfully disable the slot */
+/* returns PR_FALSE otherwise */
+PRBool
+PK11_UserDisableSlot(PK11SlotInfo *slot)
+{
+
+ /* Prevent users from disabling the internal module. */
+ if (slot->isInternal) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return PR_FALSE;
+ }
+
+ slot->defaultFlags |= PK11_DISABLE_FLAG;
+ slot->disabled = PR_TRUE;
+ slot->reason = PK11_DIS_USER_SELECTED;
+
+ return PR_TRUE;
+}
+
+PRBool
+PK11_UserEnableSlot(PK11SlotInfo *slot)
+{
+
+ slot->defaultFlags &= ~PK11_DISABLE_FLAG;
+ slot->disabled = PR_FALSE;
+ slot->reason = PK11_DIS_NONE;
+ return PR_TRUE;
+}
+
+PRBool
+PK11_HasRootCerts(PK11SlotInfo *slot)
+{
+ return slot->hasRootCerts;
+}
+
+/* Get the module this slot is attached to */
+SECMODModule *
+PK11_GetModule(PK11SlotInfo *slot)
+{
+ return slot->module;
+}
+
+/* return the default flags of a slot */
+unsigned long
+PK11_GetDefaultFlags(PK11SlotInfo *slot)
+{
+ return slot->defaultFlags;
+}
+
+/*
+ * The following wrapper functions allow us to export an opaque slot
+ * function to the rest of libsec and the world... */
+PRBool
+PK11_IsReadOnly(PK11SlotInfo *slot)
+{
+ return slot->readOnly;
+}
+
+PRBool
+PK11_IsHW(PK11SlotInfo *slot)
+{
+ return slot->isHW;
+}
+
+PRBool
+PK11_IsRemovable(PK11SlotInfo *slot)
+{
+ return !slot->isPerm;
+}
+
+PRBool
+PK11_IsInternal(PK11SlotInfo *slot)
+{
+ return slot->isInternal;
+}
+
+PRBool
+PK11_IsInternalKeySlot(PK11SlotInfo *slot)
+{
+ PK11SlotInfo *int_slot;
+ PRBool result;
+
+ if (!slot->isInternal) {
+ return PR_FALSE;
+ }
+
+ int_slot = PK11_GetInternalKeySlot();
+ result = (int_slot == slot) ? PR_TRUE : PR_FALSE;
+ PK11_FreeSlot(int_slot);
+ return result;
+}
+
+PRBool
+PK11_NeedLogin(PK11SlotInfo *slot)
+{
+ return slot->needLogin;
+}
+
+PRBool
+PK11_IsFriendly(PK11SlotInfo *slot)
+{
+ /* internal slot always has public readable certs */
+ return (PRBool)(slot->isInternal ||
+ ((slot->defaultFlags & SECMOD_FRIENDLY_FLAG) ==
+ SECMOD_FRIENDLY_FLAG));
+}
+
+char *
+PK11_GetTokenName(PK11SlotInfo *slot)
+{
+ return slot->token_name;
+}
+
+char *
+PK11_GetSlotName(PK11SlotInfo *slot)
+{
+ return slot->slot_name;
+}
+
+int
+PK11_GetSlotSeries(PK11SlotInfo *slot)
+{
+ return slot->series;
+}
+
+int
+PK11_GetCurrentWrapIndex(PK11SlotInfo *slot)
+{
+ return slot->wrapKey;
+}
+
+CK_SLOT_ID
+PK11_GetSlotID(PK11SlotInfo *slot)
+{
+ return slot->slotID;
+}
+
+SECMODModuleID
+PK11_GetModuleID(PK11SlotInfo *slot)
+{
+ return slot->module->moduleID;
+}
+
+static void
+pk11_zeroTerminatedToBlankPadded(CK_CHAR *buffer, size_t buffer_size)
+{
+ CK_CHAR *walk = buffer;
+ CK_CHAR *end = buffer + buffer_size;
+
+ /* find the NULL */
+ while (walk < end && *walk != '\0') {
+ walk++;
+ }
+
+ /* clear out the buffer */
+ while (walk < end) {
+ *walk++ = ' ';
+ }
+}
+
+/* return the slot info structure */
+SECStatus
+PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info)
+{
+ CK_RV crv;
+
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ /*
+ * some buggy drivers do not fill the buffer completely,
+ * erase the buffer first
+ */
+ PORT_Memset(info->slotDescription, ' ', sizeof(info->slotDescription));
+ PORT_Memset(info->manufacturerID, ' ', sizeof(info->manufacturerID));
+ crv = PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID, info);
+ pk11_zeroTerminatedToBlankPadded(info->slotDescription,
+ sizeof(info->slotDescription));
+ pk11_zeroTerminatedToBlankPadded(info->manufacturerID,
+ sizeof(info->manufacturerID));
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* return the token info structure */
+SECStatus
+PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info)
+{
+ CK_RV crv;
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ /*
+ * some buggy drivers do not fill the buffer completely,
+ * erase the buffer first
+ */
+ PORT_Memset(info->label, ' ', sizeof(info->label));
+ PORT_Memset(info->manufacturerID, ' ', sizeof(info->manufacturerID));
+ PORT_Memset(info->model, ' ', sizeof(info->model));
+ PORT_Memset(info->serialNumber, ' ', sizeof(info->serialNumber));
+ crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID, info);
+ pk11_zeroTerminatedToBlankPadded(info->label, sizeof(info->label));
+ pk11_zeroTerminatedToBlankPadded(info->manufacturerID,
+ sizeof(info->manufacturerID));
+ pk11_zeroTerminatedToBlankPadded(info->model, sizeof(info->model));
+ pk11_zeroTerminatedToBlankPadded(info->serialNumber,
+ sizeof(info->serialNumber));
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* Find out if we need to initialize the user's pin */
+PRBool
+PK11_NeedUserInit(PK11SlotInfo *slot)
+{
+ PRBool needUserInit = (PRBool)((slot->flags & CKF_USER_PIN_INITIALIZED) == 0);
+
+ if (needUserInit) {
+ CK_TOKEN_INFO info;
+ SECStatus rv;
+
+ /* see if token has been initialized off line */
+ rv = PK11_GetTokenInfo(slot, &info);
+ if (rv == SECSuccess) {
+ slot->flags = info.flags;
+ }
+ }
+ return (PRBool)((slot->flags & CKF_USER_PIN_INITIALIZED) == 0);
+}
+
+static PK11SlotInfo *pk11InternalKeySlot = NULL;
+
+/*
+ * Set a new default internal keyslot. If one has already been set, clear it.
+ * Passing NULL falls back to the NSS normally selected default internal key
+ * slot.
+ */
+void
+pk11_SetInternalKeySlot(PK11SlotInfo *slot)
+{
+ if (pk11InternalKeySlot) {
+ PK11_FreeSlot(pk11InternalKeySlot);
+ }
+ pk11InternalKeySlot = slot ? PK11_ReferenceSlot(slot) : NULL;
+}
+
+/*
+ * Set a new default internal keyslot if the normal key slot has not already
+ * been overridden. Subsequent calls to this function will be ignored unless
+ * pk11_SetInternalKeySlot is used to clear the current default.
+ */
+void
+pk11_SetInternalKeySlotIfFirst(PK11SlotInfo *slot)
+{
+ if (pk11InternalKeySlot) {
+ return;
+ }
+ pk11InternalKeySlot = slot ? PK11_ReferenceSlot(slot) : NULL;
+}
+
+/*
+ * Swap out a default internal keyslot. Caller owns the Slot Reference
+ */
+PK11SlotInfo *
+pk11_SwapInternalKeySlot(PK11SlotInfo *slot)
+{
+ PK11SlotInfo *swap = pk11InternalKeySlot;
+
+ pk11InternalKeySlot = slot ? PK11_ReferenceSlot(slot) : NULL;
+ return swap;
+}
+
+/* get the internal key slot. FIPS has only one slot for both key slots and
+ * default slots */
+PK11SlotInfo *
+PK11_GetInternalKeySlot(void)
+{
+ SECMODModule *mod;
+
+ if (pk11InternalKeySlot) {
+ return PK11_ReferenceSlot(pk11InternalKeySlot);
+ }
+
+ mod = SECMOD_GetInternalModule();
+ PORT_Assert(mod != NULL);
+ if (!mod) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+ return PK11_ReferenceSlot(mod->isFIPS ? mod->slots[0] : mod->slots[1]);
+}
+
+/* get the internal default slot */
+PK11SlotInfo *
+PK11_GetInternalSlot(void)
+{
+ SECMODModule *mod = SECMOD_GetInternalModule();
+ PORT_Assert(mod != NULL);
+ if (!mod) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ return NULL;
+ }
+ if (mod->isFIPS) {
+ return PK11_GetInternalKeySlot();
+ }
+ return PK11_ReferenceSlot(mod->slots[0]);
+}
+
+/*
+ * check if a given slot supports the requested mechanism
+ */
+PRBool
+PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type)
+{
+ int i;
+
+ /* CKM_FAKE_RANDOM is not a real PKCS mechanism. It's a marker to
+ * tell us we're looking form someone that has implemented get
+ * random bits */
+ if (type == CKM_FAKE_RANDOM) {
+ return slot->hasRandom;
+ }
+
+ /* for most mechanism, bypass the linear lookup */
+ if (type < 0x7ff) {
+ return (slot->mechanismBits[type & 0xff] & (1 << (type >> 8))) ? PR_TRUE : PR_FALSE;
+ }
+
+ for (i = 0; i < (int)slot->mechanismCount; i++) {
+ if (slot->mechanismList[i] == type)
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * Return true if a token that can do the desired mechanism exists.
+ * This allows us to have hardware tokens that can do function XYZ magically
+ * allow SSL Ciphers to appear if they are plugged in.
+ */
+PRBool
+PK11_TokenExists(CK_MECHANISM_TYPE type)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList *modules;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ PK11SlotInfo *slot;
+ PRBool found = PR_FALSE;
+ int i;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return found;
+ }
+ /* we only need to know if there is a token that does this mechanism.
+ * check the internal module first because it's fast, and supports
+ * almost everything. */
+ slot = PK11_GetInternalSlot();
+ if (slot) {
+ found = PK11_DoesMechanism(slot, type);
+ PK11_FreeSlot(slot);
+ }
+ if (found)
+ return PR_TRUE; /* bypass getting module locks */
+
+ SECMOD_GetReadLock(moduleLock);
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp != NULL && (!found); mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ slot = mlp->module->slots[i];
+ if (PK11_IsPresent(slot)) {
+ if (PK11_DoesMechanism(slot, type)) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+ return found;
+}
+
+/*
+ * get all the currently available tokens in a list.
+ * that can perform the given mechanism. If mechanism is CKM_INVALID_MECHANISM,
+ * get all the tokens. Make sure tokens that need authentication are put at
+ * the end of this list.
+ */
+PK11SlotList *
+PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
+ void *wincx)
+{
+ PK11SlotList *list;
+ PK11SlotList *loginList;
+ PK11SlotList *friendlyList;
+ SECMODModuleList *mlp;
+ SECMODModuleList *modules;
+ SECMODListLock *moduleLock;
+ int i;
+#if defined(XP_WIN32)
+ int j = 0;
+ PRInt32 waste[16];
+#endif
+
+ moduleLock = SECMOD_GetDefaultModuleListLock();
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return NULL;
+ }
+
+ list = PK11_NewSlotList();
+ loginList = PK11_NewSlotList();
+ friendlyList = PK11_NewSlotList();
+ if ((list == NULL) || (loginList == NULL) || (friendlyList == NULL)) {
+ if (list)
+ PK11_FreeSlotList(list);
+ if (loginList)
+ PK11_FreeSlotList(loginList);
+ if (friendlyList)
+ PK11_FreeSlotList(friendlyList);
+ return NULL;
+ }
+
+ SECMOD_GetReadLock(moduleLock);
+
+ modules = SECMOD_GetDefaultModuleList();
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+
+#if defined(XP_WIN32)
+ /* This is works around some horrible cache/page thrashing problems
+ ** on Win32. Without this, this loop can take up to 6 seconds at
+ ** 100% CPU on a Pentium-Pro 200. The thing this changes is to
+ ** increase the size of the stack frame and modify it.
+ ** Moving the loop code itself seems to have no effect.
+ ** Dunno why this combination makes a difference, but it does.
+ */
+ waste[j & 0xf] = j++;
+#endif
+
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ PK11SlotInfo *slot = mlp->module->slots[i];
+
+ if (pk11_IsPresentCertLoad(slot, loadCerts)) {
+ if (needRW && slot->readOnly)
+ continue;
+ if ((type == CKM_INVALID_MECHANISM) || PK11_DoesMechanism(slot, type)) {
+ if (pk11_LoginStillRequired(slot, wincx)) {
+ if (PK11_IsFriendly(slot)) {
+ PK11_AddSlotToList(friendlyList, slot, PR_TRUE);
+ } else {
+ PK11_AddSlotToList(loginList, slot, PR_TRUE);
+ }
+ } else {
+ PK11_AddSlotToList(list, slot, PR_TRUE);
+ }
+ }
+ }
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ pk11_MoveListToList(list, friendlyList);
+ PK11_FreeSlotList(friendlyList);
+ pk11_MoveListToList(list, loginList);
+ PK11_FreeSlotList(loginList);
+
+ return list;
+}
+
+/*
+ * NOTE: This routine is working from a private List generated by
+ * PK11_GetAllTokens. That is why it does not need to lock.
+ */
+PK11SlotList *
+PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type, PRBool needRW, void *wincx)
+{
+ PK11SlotList *list = PK11_GetAllTokens(type, needRW, PR_TRUE, wincx);
+ PK11SlotListElement *le, *next;
+ SECStatus rv;
+
+ if (list == NULL)
+ return list;
+
+ for (le = list->head; le; le = next) {
+ next = le->next; /* save the pointer here in case we have to
+ * free the element later */
+ rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess) {
+ PK11_DeleteSlotFromList(list, le);
+ continue;
+ }
+ }
+ return list;
+}
+
+/*
+ * returns true if the slot doesn't conform to the requested attributes
+ */
+PRBool
+pk11_filterSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE mechanism,
+ CK_FLAGS mechanismInfoFlags, unsigned int keySize)
+{
+ CK_MECHANISM_INFO mechanism_info;
+ CK_RV crv = CKR_OK;
+
+ /* handle the only case where we don't actually fetch the mechanisms
+ * on the fly */
+ if ((keySize == 0) && (mechanism == CKM_RSA_PKCS) && (slot->hasRSAInfo)) {
+ mechanism_info.flags = slot->RSAInfoFlags;
+ } else {
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID, mechanism,
+ &mechanism_info);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ /* if we were getting the RSA flags, save them */
+ if ((crv == CKR_OK) && (mechanism == CKM_RSA_PKCS) && (!slot->hasRSAInfo)) {
+ slot->RSAInfoFlags = mechanism_info.flags;
+ slot->hasRSAInfo = PR_TRUE;
+ }
+ }
+ /* couldn't get the mechanism info */
+ if (crv != CKR_OK) {
+ return PR_TRUE;
+ }
+ if (keySize && ((mechanism_info.ulMinKeySize > keySize) || (mechanism_info.ulMaxKeySize < keySize))) {
+ /* Token can do mechanism, but not at the key size we
+ * want */
+ return PR_TRUE;
+ }
+ if (mechanismInfoFlags && ((mechanism_info.flags & mechanismInfoFlags) !=
+ mechanismInfoFlags)) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * Find the best slot which supports the given set of mechanisms and key sizes.
+ * In normal cases this should grab the first slot on the list with no fuss.
+ * The size array is presumed to match one for one with the mechanism type
+ * array, which allows you to specify the required key size for each
+ * mechanism in the list. Whether key size is in bits or bytes is mechanism
+ * dependent. Typically asymetric keys are in bits and symetric keys are in
+ * bytes.
+ */
+PK11SlotInfo *
+PK11_GetBestSlotMultipleWithAttributes(CK_MECHANISM_TYPE *type,
+ CK_FLAGS *mechanismInfoFlags, unsigned int *keySize,
+ unsigned int mech_count, void *wincx)
+{
+ PK11SlotList *list = NULL;
+ PK11SlotListElement *le;
+ PK11SlotInfo *slot = NULL;
+ PRBool freeit = PR_FALSE;
+ PRBool listNeedLogin = PR_FALSE;
+ unsigned int i;
+ SECStatus rv;
+
+ list = PK11_GetSlotList(type[0]);
+
+ if ((list == NULL) || (list->head == NULL)) {
+ /* We need to look up all the tokens for the mechanism */
+ list = PK11_GetAllTokens(type[0], PR_FALSE, PR_TRUE, wincx);
+ freeit = PR_TRUE;
+ }
+
+ /* no one can do it! */
+ if (list == NULL) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ return NULL;
+ }
+
+ PORT_SetError(0);
+
+ listNeedLogin = PR_FALSE;
+ for (i = 0; i < mech_count; i++) {
+ if ((type[i] != CKM_FAKE_RANDOM) &&
+ (type[i] != CKM_SHA_1) &&
+ (type[i] != CKM_SHA224) &&
+ (type[i] != CKM_SHA256) &&
+ (type[i] != CKM_SHA384) &&
+ (type[i] != CKM_SHA512) &&
+ (type[i] != CKM_MD5) &&
+ (type[i] != CKM_MD2)) {
+ listNeedLogin = PR_TRUE;
+ break;
+ }
+ }
+
+ for (le = PK11_GetFirstSafe(list); le;
+ le = PK11_GetNextSafe(list, le, PR_TRUE)) {
+ if (PK11_IsPresent(le->slot)) {
+ PRBool doExit = PR_FALSE;
+ for (i = 0; i < mech_count; i++) {
+ if (!PK11_DoesMechanism(le->slot, type[i])) {
+ doExit = PR_TRUE;
+ break;
+ }
+ if ((mechanismInfoFlags && mechanismInfoFlags[i]) ||
+ (keySize && keySize[i])) {
+ if (pk11_filterSlot(le->slot, type[i],
+ mechanismInfoFlags ? mechanismInfoFlags[i] : 0,
+ keySize ? keySize[i] : 0)) {
+ doExit = PR_TRUE;
+ break;
+ }
+ }
+ }
+
+ if (doExit)
+ continue;
+
+ if (listNeedLogin && le->slot->needLogin) {
+ rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
+ if (rv != SECSuccess)
+ continue;
+ }
+ slot = le->slot;
+ PK11_ReferenceSlot(slot);
+ PK11_FreeSlotListElement(list, le);
+ if (freeit) {
+ PK11_FreeSlotList(list);
+ }
+ return slot;
+ }
+ }
+ if (freeit) {
+ PK11_FreeSlotList(list);
+ }
+ if (PORT_GetError() == 0) {
+ PORT_SetError(SEC_ERROR_NO_TOKEN);
+ }
+ return NULL;
+}
+
+PK11SlotInfo *
+PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type,
+ unsigned int mech_count, void *wincx)
+{
+ return PK11_GetBestSlotMultipleWithAttributes(type, NULL, NULL,
+ mech_count, wincx);
+}
+
+/* original get best slot now calls the multiple version with only one type */
+PK11SlotInfo *
+PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx)
+{
+ return PK11_GetBestSlotMultipleWithAttributes(&type, NULL, NULL, 1, wincx);
+}
+
+PK11SlotInfo *
+PK11_GetBestSlotWithAttributes(CK_MECHANISM_TYPE type, CK_FLAGS mechanismFlags,
+ unsigned int keySize, void *wincx)
+{
+ return PK11_GetBestSlotMultipleWithAttributes(&type, &mechanismFlags,
+ &keySize, 1, wincx);
+}
+
+int
+PK11_GetBestKeyLength(PK11SlotInfo *slot, CK_MECHANISM_TYPE mechanism)
+{
+ CK_MECHANISM_INFO mechanism_info;
+ CK_RV crv;
+
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
+ mechanism, &mechanism_info);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK)
+ return 0;
+
+ if (mechanism_info.ulMinKeySize == mechanism_info.ulMaxKeySize)
+ return 0;
+ return mechanism_info.ulMaxKeySize;
+}
+
+/*
+ * This function uses the existing PKCS #11 module to find the
+ * longest supported key length in the preferred token for a mechanism.
+ * This varies from the above function in that 1) it returns the key length
+ * even for fixed key algorithms, and 2) it looks through the tokens
+ * generally rather than for a specific token. This is used in liu of
+ * a PK11_GetKeyLength function in pk11mech.c since we can actually read
+ * supported key lengths from PKCS #11.
+ *
+ * For symmetric key operations the length is returned in bytes.
+ */
+int
+PK11_GetMaxKeyLength(CK_MECHANISM_TYPE mechanism)
+{
+ CK_MECHANISM_INFO mechanism_info;
+ PK11SlotList *list = NULL;
+ PK11SlotListElement *le;
+ PRBool freeit = PR_FALSE;
+ int keyLength = 0;
+
+ list = PK11_GetSlotList(mechanism);
+
+ if ((list == NULL) || (list->head == NULL)) {
+ /* We need to look up all the tokens for the mechanism */
+ list = PK11_GetAllTokens(mechanism, PR_FALSE, PR_FALSE, NULL);
+ freeit = PR_TRUE;
+ }
+
+ /* no tokens recognize this mechanism */
+ if (list == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return 0;
+ }
+
+ for (le = PK11_GetFirstSafe(list); le;
+ le = PK11_GetNextSafe(list, le, PR_TRUE)) {
+ PK11SlotInfo *slot = le->slot;
+ CK_RV crv;
+ if (PK11_IsPresent(slot)) {
+ if (!slot->isThreadSafe)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
+ mechanism, &mechanism_info);
+ if (!slot->isThreadSafe)
+ PK11_ExitSlotMonitor(slot);
+ if ((crv == CKR_OK) && (mechanism_info.ulMaxKeySize != 0) && (mechanism_info.ulMaxKeySize != 0xffffffff)) {
+ keyLength = mechanism_info.ulMaxKeySize;
+ break;
+ }
+ }
+ }
+ if (le)
+ PK11_FreeSlotListElement(list, le);
+ if (freeit)
+ PK11_FreeSlotList(list);
+ return keyLength;
+}
+
+SECStatus
+PK11_SeedRandom(PK11SlotInfo *slot, unsigned char *data, int len)
+{
+ CK_RV crv;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_SeedRandom(slot->session, data, (CK_ULONG)len);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+PK11_GenerateRandomOnSlot(PK11SlotInfo *slot, unsigned char *data, int len)
+{
+ CK_RV crv;
+
+ if (!slot->isInternal)
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_GETTAB(slot)->C_GenerateRandom(slot->session, data,
+ (CK_ULONG)len);
+ if (!slot->isInternal)
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* Attempts to update the Best Slot for "FAKE RANDOM" generation.
+** If that's not the internal slot, then it also attempts to update the
+** internal slot.
+** The return value indicates if the INTERNAL slot was updated OK.
+*/
+SECStatus
+PK11_RandomUpdate(void *data, size_t bytes)
+{
+ PK11SlotInfo *slot;
+ PRBool bestIsInternal;
+ SECStatus status;
+
+ slot = PK11_GetBestSlot(CKM_FAKE_RANDOM, NULL);
+ if (slot == NULL) {
+ slot = PK11_GetInternalSlot();
+ if (!slot)
+ return SECFailure;
+ }
+
+ bestIsInternal = PK11_IsInternal(slot);
+ status = PK11_SeedRandom(slot, data, bytes);
+ PK11_FreeSlot(slot);
+
+ if (!bestIsInternal) {
+ /* do internal slot, too. */
+ slot = PK11_GetInternalSlot(); /* can't fail */
+ status = PK11_SeedRandom(slot, data, bytes);
+ PK11_FreeSlot(slot);
+ }
+ return status;
+}
+
+SECStatus
+PK11_GenerateRandom(unsigned char *data, int len)
+{
+ PK11SlotInfo *slot;
+ SECStatus rv;
+
+ slot = PK11_GetBestSlot(CKM_FAKE_RANDOM, NULL);
+ if (slot == NULL)
+ return SECFailure;
+
+ rv = PK11_GenerateRandomOnSlot(slot, data, len);
+ PK11_FreeSlot(slot);
+ return rv;
+}
+
+/*
+ * Reset the token to it's initial state. For the internal module, this will
+ * Purge your keydb, and reset your cert db certs to USER_INIT.
+ */
+SECStatus
+PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd)
+{
+ unsigned char tokenName[32];
+ int tokenNameLen;
+ CK_RV crv;
+
+ /* reconstruct the token name */
+ tokenNameLen = PORT_Strlen(slot->token_name);
+ if (tokenNameLen > sizeof(tokenName)) {
+ tokenNameLen = sizeof(tokenName);
+ }
+
+ PORT_Memcpy(tokenName, slot->token_name, tokenNameLen);
+ if (tokenNameLen < sizeof(tokenName)) {
+ PORT_Memset(&tokenName[tokenNameLen], ' ',
+ sizeof(tokenName) - tokenNameLen);
+ }
+
+ /* initialize the token */
+ PK11_EnterSlotMonitor(slot);
+
+ /* first shutdown the token. Existing sessions will get closed here */
+ PK11_GETTAB(slot)
+ ->C_CloseAllSessions(slot->slotID);
+ slot->session = CK_INVALID_SESSION;
+
+ /* now re-init the token */
+ crv = PK11_GETTAB(slot)->C_InitToken(slot->slotID,
+ (unsigned char *)sso_pwd, sso_pwd ? PORT_Strlen(sso_pwd) : 0, tokenName);
+
+ /* finally bring the token back up */
+ PK11_InitToken(slot, PR_TRUE);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ nssTrustDomain_UpdateCachedTokenCerts(slot->nssToken->trustDomain,
+ slot->nssToken);
+ return SECSuccess;
+}
+void
+PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst)
+{
+ sl->nssToken = nsst;
+}
+
+NSSToken *
+PK11Slot_GetNSSToken(PK11SlotInfo *sl)
+{
+ return sl->nssToken;
+}
+
+/*
+ * wait for a token to change it's state. The application passes in the expected
+ * new state in event.
+ */
+PK11TokenStatus
+PK11_WaitForTokenEvent(PK11SlotInfo *slot, PK11TokenEvent event,
+ PRIntervalTime timeout, PRIntervalTime latency, int series)
+{
+ PRIntervalTime first_time = 0;
+ PRBool first_time_set = PR_FALSE;
+ PRBool waitForRemoval;
+
+ if (slot->isPerm) {
+ return PK11TokenNotRemovable;
+ }
+ if (latency == 0) {
+ latency = PR_SecondsToInterval(5);
+ }
+ waitForRemoval = (PRBool)(event == PK11TokenRemovedOrChangedEvent);
+
+ if (series == 0) {
+ series = PK11_GetSlotSeries(slot);
+ }
+ while (PK11_IsPresent(slot) == waitForRemoval) {
+ PRIntervalTime interval;
+
+ if (waitForRemoval && series != PK11_GetSlotSeries(slot)) {
+ return PK11TokenChanged;
+ }
+ if (timeout == PR_INTERVAL_NO_WAIT) {
+ return waitForRemoval ? PK11TokenPresent : PK11TokenRemoved;
+ }
+ if (timeout != PR_INTERVAL_NO_TIMEOUT) {
+ interval = PR_IntervalNow();
+ if (!first_time_set) {
+ first_time = interval;
+ first_time_set = PR_TRUE;
+ }
+ if ((interval - first_time) > timeout) {
+ return waitForRemoval ? PK11TokenPresent : PK11TokenRemoved;
+ }
+ }
+ PR_Sleep(latency);
+ }
+ return waitForRemoval ? PK11TokenRemoved : PK11TokenPresent;
+}
diff --git a/security/nss/lib/pk11wrap/pk11util.c b/security/nss/lib/pk11wrap/pk11util.c
new file mode 100644
index 000000000..9636b073c
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11util.c
@@ -0,0 +1,1629 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Initialize the PCKS 11 subsystem
+ */
+#include "seccomon.h"
+#include "secmod.h"
+#include "nssilock.h"
+#include "secmodi.h"
+#include "secmodti.h"
+#include "pk11func.h"
+#include "pki3hack.h"
+#include "secerr.h"
+#include "dev.h"
+#include "utilpars.h"
+
+/* these are for displaying error messages */
+
+static SECMODModuleList *modules = NULL;
+static SECMODModuleList *modulesDB = NULL;
+static SECMODModuleList *modulesUnload = NULL;
+static SECMODModule *internalModule = NULL;
+static SECMODModule *defaultDBModule = NULL;
+static SECMODModule *pendingModule = NULL;
+static SECMODListLock *moduleLock = NULL;
+
+int secmod_PrivateModuleCount = 0;
+
+extern const PK11DefaultArrayEntry PK11_DefaultArray[];
+extern const int num_pk11_default_mechanisms;
+
+void
+SECMOD_Init()
+{
+ /* don't initialize twice */
+ if (moduleLock)
+ return;
+
+ moduleLock = SECMOD_NewListLock();
+ PK11_InitSlotLists();
+}
+
+SECStatus
+SECMOD_Shutdown()
+{
+ /* destroy the lock */
+ if (moduleLock) {
+ SECMOD_DestroyListLock(moduleLock);
+ moduleLock = NULL;
+ }
+ /* free the internal module */
+ if (internalModule) {
+ SECMOD_DestroyModule(internalModule);
+ internalModule = NULL;
+ }
+
+ /* free the default database module */
+ if (defaultDBModule) {
+ SECMOD_DestroyModule(defaultDBModule);
+ defaultDBModule = NULL;
+ }
+
+ /* destroy the list */
+ if (modules) {
+ SECMOD_DestroyModuleList(modules);
+ modules = NULL;
+ }
+
+ if (modulesDB) {
+ SECMOD_DestroyModuleList(modulesDB);
+ modulesDB = NULL;
+ }
+
+ if (modulesUnload) {
+ SECMOD_DestroyModuleList(modulesUnload);
+ modulesUnload = NULL;
+ }
+
+ /* make all the slots and the lists go away */
+ PK11_DestroySlotLists();
+
+ nss_DumpModuleLog();
+
+#ifdef DEBUG
+ if (PR_GetEnvSecure("NSS_STRICT_SHUTDOWN")) {
+ PORT_Assert(secmod_PrivateModuleCount == 0);
+ }
+#endif
+ if (secmod_PrivateModuleCount) {
+ PORT_SetError(SEC_ERROR_BUSY);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * retrieve the internal module
+ */
+SECMODModule *
+SECMOD_GetInternalModule(void)
+{
+ return internalModule;
+}
+
+SECStatus
+secmod_AddModuleToList(SECMODModuleList **moduleList, SECMODModule *newModule)
+{
+ SECMODModuleList *mlp, *newListElement, *last = NULL;
+
+ newListElement = SECMOD_NewModuleListElement();
+ if (newListElement == NULL) {
+ return SECFailure;
+ }
+
+ newListElement->module = SECMOD_ReferenceModule(newModule);
+
+ SECMOD_GetWriteLock(moduleLock);
+ /* Added it to the end (This is very inefficient, but Adding a module
+ * on the fly should happen maybe 2-3 times through the life this program
+ * on a given computer, and this list should be *SHORT*. */
+ for (mlp = *moduleList; mlp != NULL; mlp = mlp->next) {
+ last = mlp;
+ }
+
+ if (last == NULL) {
+ *moduleList = newListElement;
+ } else {
+ SECMOD_AddList(last, newListElement, NULL);
+ }
+ SECMOD_ReleaseWriteLock(moduleLock);
+ return SECSuccess;
+}
+
+SECStatus
+SECMOD_AddModuleToList(SECMODModule *newModule)
+{
+ if (newModule->internal && !internalModule) {
+ internalModule = SECMOD_ReferenceModule(newModule);
+ }
+ return secmod_AddModuleToList(&modules, newModule);
+}
+
+SECStatus
+SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule)
+{
+ if (defaultDBModule && SECMOD_GetDefaultModDBFlag(newModule)) {
+ SECMOD_DestroyModule(defaultDBModule);
+ defaultDBModule = SECMOD_ReferenceModule(newModule);
+ } else if (defaultDBModule == NULL) {
+ defaultDBModule = SECMOD_ReferenceModule(newModule);
+ }
+ return secmod_AddModuleToList(&modulesDB, newModule);
+}
+
+SECStatus
+SECMOD_AddModuleToUnloadList(SECMODModule *newModule)
+{
+ return secmod_AddModuleToList(&modulesUnload, newModule);
+}
+
+/*
+ * get the list of PKCS11 modules that are available.
+ */
+SECMODModuleList *
+SECMOD_GetDefaultModuleList()
+{
+ return modules;
+}
+SECMODModuleList *
+SECMOD_GetDeadModuleList()
+{
+ return modulesUnload;
+}
+SECMODModuleList *
+SECMOD_GetDBModuleList()
+{
+ return modulesDB;
+}
+
+/*
+ * This lock protects the global module lists.
+ * it also protects changes to the slot array (module->slots[]) and slot count
+ * (module->slotCount) in each module. It is a read/write lock with multiple
+ * readers or one writer. Writes are uncommon.
+ * Because of legacy considerations protection of the slot array and count is
+ * only necessary in applications if the application calls
+ * SECMOD_UpdateSlotList() or SECMOD_WaitForAnyTokenEvent(), though all new
+ * applications are encouraged to acquire this lock when reading the
+ * slot array information directly.
+ */
+SECMODListLock *
+SECMOD_GetDefaultModuleListLock()
+{
+ return moduleLock;
+}
+
+/*
+ * find a module by name, and add a reference to it.
+ * return that module.
+ */
+SECMODModule *
+SECMOD_FindModule(const char *name)
+{
+ SECMODModuleList *mlp;
+ SECMODModule *module = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return module;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ if (PORT_Strcmp(name, mlp->module->commonName) == 0) {
+ module = mlp->module;
+ SECMOD_ReferenceModule(module);
+ break;
+ }
+ }
+ if (module) {
+ goto found;
+ }
+ for (mlp = modulesUnload; mlp != NULL; mlp = mlp->next) {
+ if (PORT_Strcmp(name, mlp->module->commonName) == 0) {
+ module = mlp->module;
+ SECMOD_ReferenceModule(module);
+ break;
+ }
+ }
+
+found:
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ return module;
+}
+
+/*
+ * find a module by ID, and add a reference to it.
+ * return that module.
+ */
+SECMODModule *
+SECMOD_FindModuleByID(SECMODModuleID id)
+{
+ SECMODModuleList *mlp;
+ SECMODModule *module = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return module;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ if (id == mlp->module->moduleID) {
+ module = mlp->module;
+ SECMOD_ReferenceModule(module);
+ break;
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+ if (module == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ }
+ return module;
+}
+
+/*
+ * find the function pointer.
+ */
+SECMODModule *
+secmod_FindModuleByFuncPtr(void *funcPtr)
+{
+ SECMODModuleList *mlp;
+ SECMODModule *module = NULL;
+
+ SECMOD_GetReadLock(moduleLock);
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ /* paranoia, shouldn't ever happen */
+ if (!mlp->module) {
+ continue;
+ }
+ if (funcPtr == mlp->module->functionList) {
+ module = mlp->module;
+ SECMOD_ReferenceModule(module);
+ break;
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+ if (module == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MODULE);
+ }
+ return module;
+}
+
+/*
+ * Find the Slot based on ID and the module.
+ */
+PK11SlotInfo *
+SECMOD_FindSlotByID(SECMODModule *module, CK_SLOT_ID slotID)
+{
+ int i;
+ PK11SlotInfo *slot = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return slot;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ for (i = 0; i < module->slotCount; i++) {
+ PK11SlotInfo *cSlot = module->slots[i];
+
+ if (cSlot->slotID == slotID) {
+ slot = PK11_ReferenceSlot(cSlot);
+ break;
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_SLOT_SELECTED);
+ }
+ return slot;
+}
+
+/*
+ * lookup the Slot module based on it's module ID and slot ID.
+ */
+PK11SlotInfo *
+SECMOD_LookupSlot(SECMODModuleID moduleID, CK_SLOT_ID slotID)
+{
+ SECMODModule *module;
+ PK11SlotInfo *slot;
+
+ module = SECMOD_FindModuleByID(moduleID);
+ if (module == NULL)
+ return NULL;
+
+ slot = SECMOD_FindSlotByID(module, slotID);
+ SECMOD_DestroyModule(module);
+ return slot;
+}
+
+/*
+ * find a module by name or module pointer and delete it off the module list.
+ * optionally remove it from secmod.db.
+ */
+SECStatus
+SECMOD_DeleteModuleEx(const char *name, SECMODModule *mod,
+ int *type, PRBool permdb)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList **mlpp;
+ SECStatus rv = SECFailure;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return rv;
+ }
+
+ *type = SECMOD_EXTERNAL;
+
+ SECMOD_GetWriteLock(moduleLock);
+ for (mlpp = &modules, mlp = modules;
+ mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
+ if ((name && (PORT_Strcmp(name, mlp->module->commonName) == 0)) ||
+ mod == mlp->module) {
+ /* don't delete the internal module */
+ if (!mlp->module->internal) {
+ SECMOD_RemoveList(mlpp, mlp);
+ /* delete it after we release the lock */
+ rv = STAN_RemoveModuleFromDefaultTrustDomain(mlp->module);
+ } else if (mlp->module->isFIPS) {
+ *type = SECMOD_FIPS;
+ } else {
+ *type = SECMOD_INTERNAL;
+ }
+ break;
+ }
+ }
+ if (mlp) {
+ goto found;
+ }
+ /* not on the internal list, check the unload list */
+ for (mlpp = &modulesUnload, mlp = modulesUnload;
+ mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
+ if ((name && (PORT_Strcmp(name, mlp->module->commonName) == 0)) ||
+ mod == mlp->module) {
+ /* don't delete the internal module */
+ if (!mlp->module->internal) {
+ SECMOD_RemoveList(mlpp, mlp);
+ rv = SECSuccess;
+ } else if (mlp->module->isFIPS) {
+ *type = SECMOD_FIPS;
+ } else {
+ *type = SECMOD_INTERNAL;
+ }
+ break;
+ }
+ }
+found:
+ SECMOD_ReleaseWriteLock(moduleLock);
+
+ if (rv == SECSuccess) {
+ if (permdb) {
+ SECMOD_DeletePermDB(mlp->module);
+ }
+ SECMOD_DestroyModuleListElement(mlp);
+ }
+ return rv;
+}
+
+/*
+ * find a module by name and delete it off the module list
+ */
+SECStatus
+SECMOD_DeleteModule(const char *name, int *type)
+{
+ return SECMOD_DeleteModuleEx(name, NULL, type, PR_TRUE);
+}
+
+/*
+ * find a module by name and delete it off the module list
+ */
+SECStatus
+SECMOD_DeleteInternalModule(const char *name)
+{
+ SECMODModuleList *mlp;
+ SECMODModuleList **mlpp;
+ SECStatus rv = SECFailure;
+
+ if (pendingModule) {
+ PORT_SetError(SEC_ERROR_MODULE_STUCK);
+ return rv;
+ }
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return rv;
+ }
+
+ SECMOD_GetWriteLock(moduleLock);
+ for (mlpp = &modules, mlp = modules;
+ mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
+ if (PORT_Strcmp(name, mlp->module->commonName) == 0) {
+ /* don't delete the internal module */
+ if (mlp->module->internal) {
+ SECMOD_RemoveList(mlpp, mlp);
+ rv = STAN_RemoveModuleFromDefaultTrustDomain(mlp->module);
+ }
+ break;
+ }
+ }
+ SECMOD_ReleaseWriteLock(moduleLock);
+
+ if (rv == SECSuccess) {
+ SECMODModule *newModule, *oldModule;
+
+ if (mlp->module->isFIPS) {
+ newModule = SECMOD_CreateModule(NULL, SECMOD_INT_NAME,
+ NULL, SECMOD_INT_FLAGS);
+ } else {
+ newModule = SECMOD_CreateModule(NULL, SECMOD_FIPS_NAME,
+ NULL, SECMOD_FIPS_FLAGS);
+ }
+ if (newModule) {
+ PK11SlotInfo *slot;
+ newModule->libraryParams =
+ PORT_ArenaStrdup(newModule->arena, mlp->module->libraryParams);
+ /* if an explicit internal key slot has been set, reset it */
+ slot = pk11_SwapInternalKeySlot(NULL);
+ if (slot) {
+ secmod_SetInternalKeySlotFlag(newModule, PR_TRUE);
+ }
+ rv = SECMOD_AddModule(newModule);
+ if (rv != SECSuccess) {
+ /* load failed, restore the internal key slot */
+ pk11_SetInternalKeySlot(slot);
+ SECMOD_DestroyModule(newModule);
+ newModule = NULL;
+ }
+ /* free the old explicit internal key slot, we now have a new one */
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ }
+ if (newModule == NULL) {
+ SECMODModuleList *last = NULL, *mlp2;
+ /* we're in pretty deep trouble if this happens...Security
+ * not going to work well... try to put the old module back on
+ * the list */
+ SECMOD_GetWriteLock(moduleLock);
+ for (mlp2 = modules; mlp2 != NULL; mlp2 = mlp->next) {
+ last = mlp2;
+ }
+
+ if (last == NULL) {
+ modules = mlp;
+ } else {
+ SECMOD_AddList(last, mlp, NULL);
+ }
+ SECMOD_ReleaseWriteLock(moduleLock);
+ return SECFailure;
+ }
+ pendingModule = oldModule = internalModule;
+ internalModule = NULL;
+ SECMOD_DestroyModule(oldModule);
+ SECMOD_DeletePermDB(mlp->module);
+ SECMOD_DestroyModuleListElement(mlp);
+ internalModule = newModule; /* adopt the module */
+ }
+ return rv;
+}
+
+SECStatus
+SECMOD_AddModule(SECMODModule *newModule)
+{
+ SECStatus rv;
+ SECMODModule *oldModule;
+
+ /* Test if a module w/ the same name already exists */
+ /* and return SECWouldBlock if so. */
+ /* We should probably add a new return value such as */
+ /* SECDublicateModule, but to minimize ripples, I'll */
+ /* give SECWouldBlock a new meaning */
+ if ((oldModule = SECMOD_FindModule(newModule->commonName)) != NULL) {
+ SECMOD_DestroyModule(oldModule);
+ return SECWouldBlock;
+ /* module already exists. */
+ }
+
+ rv = secmod_LoadPKCS11Module(newModule, NULL);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ if (newModule->parent == NULL) {
+ newModule->parent = SECMOD_ReferenceModule(defaultDBModule);
+ }
+
+ SECMOD_AddPermDB(newModule);
+ SECMOD_AddModuleToList(newModule);
+
+ rv = STAN_AddModuleToDefaultTrustDomain(newModule);
+
+ return rv;
+}
+
+PK11SlotInfo *
+SECMOD_FindSlot(SECMODModule *module, const char *name)
+{
+ int i;
+ char *string;
+ PK11SlotInfo *retSlot = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return retSlot;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ for (i = 0; i < module->slotCount; i++) {
+ PK11SlotInfo *slot = module->slots[i];
+
+ if (PK11_IsPresent(slot)) {
+ string = PK11_GetTokenName(slot);
+ } else {
+ string = PK11_GetSlotName(slot);
+ }
+ if (PORT_Strcmp(name, string) == 0) {
+ retSlot = PK11_ReferenceSlot(slot);
+ break;
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ if (retSlot == NULL) {
+ PORT_SetError(SEC_ERROR_NO_SLOT_SELECTED);
+ }
+ return retSlot;
+}
+
+SECStatus
+PK11_GetModInfo(SECMODModule *mod, CK_INFO *info)
+{
+ CK_RV crv;
+
+ if (mod->functionList == NULL)
+ return SECFailure;
+ crv = PK11_GETTAB(mod)->C_GetInfo(info);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ }
+ return (crv == CKR_OK) ? SECSuccess : SECFailure;
+}
+
+/* Determine if we have the FIP's module loaded as the default
+ * module to trigger other bogus FIPS requirements in PKCS #12 and
+ * SSL
+ */
+PRBool
+PK11_IsFIPS(void)
+{
+ SECMODModule *mod = SECMOD_GetInternalModule();
+
+ if (mod && mod->internal) {
+ return mod->isFIPS;
+ }
+
+ return PR_FALSE;
+}
+
+/* combines NewModule() & AddModule */
+/* give a string for the module name & the full-path for the dll, */
+/* installs the PKCS11 module & update registry */
+SECStatus
+SECMOD_AddNewModuleEx(const char *moduleName, const char *dllPath,
+ unsigned long defaultMechanismFlags,
+ unsigned long cipherEnableFlags,
+ char *modparms, char *nssparms)
+{
+ SECMODModule *module;
+ SECStatus result = SECFailure;
+ int s, i;
+ PK11SlotInfo *slot;
+
+ PR_SetErrorText(0, NULL);
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return result;
+ }
+
+ module = SECMOD_CreateModule(dllPath, moduleName, modparms, nssparms);
+
+ if (module == NULL) {
+ return result;
+ }
+
+ if (module->dllName != NULL) {
+ if (module->dllName[0] != 0) {
+ result = SECMOD_AddModule(module);
+ if (result == SECSuccess) {
+ /* turn on SSL cipher enable flags */
+ module->ssl[0] = cipherEnableFlags;
+
+ SECMOD_GetReadLock(moduleLock);
+ /* check each slot to turn on appropriate mechanisms */
+ for (s = 0; s < module->slotCount; s++) {
+ slot = (module->slots)[s];
+ /* for each possible mechanism */
+ for (i = 0; i < num_pk11_default_mechanisms; i++) {
+ /* we are told to turn it on by default ? */
+ PRBool add =
+ (PK11_DefaultArray[i].flag & defaultMechanismFlags) ? PR_TRUE : PR_FALSE;
+ result = PK11_UpdateSlotAttribute(slot,
+ &(PK11_DefaultArray[i]), add);
+ if (result != SECSuccess) {
+ SECMOD_ReleaseReadLock(moduleLock);
+ SECMOD_DestroyModule(module);
+ return result;
+ }
+ } /* for each mechanism */
+ /* disable each slot if the defaultFlags say so */
+ if (defaultMechanismFlags & PK11_DISABLE_FLAG) {
+ PK11_UserDisableSlot(slot);
+ }
+ } /* for each slot of this module */
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ /* delete and re-add module in order to save changes
+ * to the module */
+ result = SECMOD_UpdateModule(module);
+ }
+ }
+ }
+ SECMOD_DestroyModule(module);
+ return result;
+}
+
+SECStatus
+SECMOD_AddNewModule(const char *moduleName, const char *dllPath,
+ unsigned long defaultMechanismFlags,
+ unsigned long cipherEnableFlags)
+{
+ return SECMOD_AddNewModuleEx(moduleName, dllPath, defaultMechanismFlags,
+ cipherEnableFlags,
+ NULL, NULL); /* don't pass module or nss params */
+}
+
+SECStatus
+SECMOD_UpdateModule(SECMODModule *module)
+{
+ SECStatus result;
+
+ result = SECMOD_DeletePermDB(module);
+
+ if (result == SECSuccess) {
+ result = SECMOD_AddPermDB(module);
+ }
+ return result;
+}
+
+/* Public & Internal(Security Library) representation of
+ * encryption mechanism flags conversion */
+
+/* Currently, the only difference is that internal representation
+ * puts RANDOM_FLAG at bit 31 (Most-significant bit), but
+ * public representation puts this bit at bit 28
+ */
+unsigned long
+SECMOD_PubMechFlagstoInternal(unsigned long publicFlags)
+{
+ unsigned long internalFlags = publicFlags;
+
+ if (publicFlags & PUBLIC_MECH_RANDOM_FLAG) {
+ internalFlags &= ~PUBLIC_MECH_RANDOM_FLAG;
+ internalFlags |= SECMOD_RANDOM_FLAG;
+ }
+ return internalFlags;
+}
+
+unsigned long
+SECMOD_InternaltoPubMechFlags(unsigned long internalFlags)
+{
+ unsigned long publicFlags = internalFlags;
+
+ if (internalFlags & SECMOD_RANDOM_FLAG) {
+ publicFlags &= ~SECMOD_RANDOM_FLAG;
+ publicFlags |= PUBLIC_MECH_RANDOM_FLAG;
+ }
+ return publicFlags;
+}
+
+/* Public & Internal(Security Library) representation of */
+/* cipher flags conversion */
+/* Note: currently they are just stubs */
+unsigned long
+SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags)
+{
+ return publicFlags;
+}
+
+unsigned long
+SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags)
+{
+ return internalFlags;
+}
+
+/* Funtion reports true if module of modType is installed/configured */
+PRBool
+SECMOD_IsModulePresent(unsigned long int pubCipherEnableFlags)
+{
+ PRBool result = PR_FALSE;
+ SECMODModuleList *mods;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return result;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ mods = SECMOD_GetDefaultModuleList();
+ for (; mods != NULL; mods = mods->next) {
+ if (mods->module->ssl[0] &
+ SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) {
+ result = PR_TRUE;
+ }
+ }
+
+ SECMOD_ReleaseReadLock(moduleLock);
+ return result;
+}
+
+/* create a new ModuleListElement */
+SECMODModuleList *
+SECMOD_NewModuleListElement(void)
+{
+ SECMODModuleList *newModList;
+
+ newModList = (SECMODModuleList *)PORT_Alloc(sizeof(SECMODModuleList));
+ if (newModList) {
+ newModList->next = NULL;
+ newModList->module = NULL;
+ }
+ return newModList;
+}
+
+/*
+ * make a new reference to a module so It doesn't go away on us
+ */
+SECMODModule *
+SECMOD_ReferenceModule(SECMODModule *module)
+{
+ PZ_Lock(module->refLock);
+ PORT_Assert(module->refCount > 0);
+
+ module->refCount++;
+ PZ_Unlock(module->refLock);
+ return module;
+}
+
+/* destroy an existing module */
+void
+SECMOD_DestroyModule(SECMODModule *module)
+{
+ PRBool willfree = PR_FALSE;
+ int slotCount;
+ int i;
+
+ PZ_Lock(module->refLock);
+ if (module->refCount-- == 1) {
+ willfree = PR_TRUE;
+ }
+ PORT_Assert(willfree || (module->refCount > 0));
+ PZ_Unlock(module->refLock);
+
+ if (!willfree) {
+ return;
+ }
+
+ if (module->parent != NULL) {
+ SECMODModule *parent = module->parent;
+ /* paranoia, don't loop forever if the modules are looped */
+ module->parent = NULL;
+ SECMOD_DestroyModule(parent);
+ }
+
+ /* slots can't really disappear until our module starts freeing them,
+ * so this check is safe */
+ slotCount = module->slotCount;
+ if (slotCount == 0) {
+ SECMOD_SlotDestroyModule(module, PR_FALSE);
+ return;
+ }
+
+ /* now free all out slots, when they are done, they will cause the
+ * module to disappear altogether */
+ for (i = 0; i < slotCount; i++) {
+ if (!module->slots[i]->disabled) {
+ PK11_ClearSlotList(module->slots[i]);
+ }
+ PK11_FreeSlot(module->slots[i]);
+ }
+ /* WARNING: once the last slot has been freed is it possible (even likely)
+ * that module is no more... touching it now is a good way to go south */
+}
+
+/* we can only get here if we've destroyed the module, or some one has
+ * erroneously freed a slot that wasn't referenced. */
+void
+SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot)
+{
+ PRBool willfree = PR_FALSE;
+ if (fromSlot) {
+ PORT_Assert(module->refCount == 0);
+ PZ_Lock(module->refLock);
+ if (module->slotCount-- == 1) {
+ willfree = PR_TRUE;
+ }
+ PORT_Assert(willfree || (module->slotCount > 0));
+ PZ_Unlock(module->refLock);
+ if (!willfree)
+ return;
+ }
+
+ if (module == pendingModule) {
+ pendingModule = NULL;
+ }
+
+ if (module->loaded) {
+ SECMOD_UnloadModule(module);
+ }
+ PZ_DestroyLock(module->refLock);
+ PORT_FreeArena(module->arena, PR_FALSE);
+ secmod_PrivateModuleCount--;
+}
+
+/* destroy a list element
+ * this destroys a single element, and returns the next element
+ * on the chain. It makes it easy to implement for loops to delete
+ * the chain. It also make deleting a single element easy */
+SECMODModuleList *
+SECMOD_DestroyModuleListElement(SECMODModuleList *element)
+{
+ SECMODModuleList *next = element->next;
+
+ if (element->module) {
+ SECMOD_DestroyModule(element->module);
+ element->module = NULL;
+ }
+ PORT_Free(element);
+ return next;
+}
+
+/*
+ * Destroy an entire module list
+ */
+void
+SECMOD_DestroyModuleList(SECMODModuleList *list)
+{
+ SECMODModuleList *lp;
+
+ for (lp = list; lp != NULL; lp = SECMOD_DestroyModuleListElement(lp))
+ ;
+}
+
+PRBool
+SECMOD_CanDeleteInternalModule(void)
+{
+ return (PRBool)(pendingModule == NULL);
+}
+
+/*
+ * check to see if the module has added new slots. PKCS 11 v2.20 allows for
+ * modules to add new slots, but never remove them. Slots cannot be added
+ * between a call to C_GetSlotLlist(Flag, NULL, &count) and the subsequent
+ * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently
+ * grow on the caller. It is permissible for the slots to increase between
+ * successive calls with NULL to get the size.
+ */
+SECStatus
+SECMOD_UpdateSlotList(SECMODModule *mod)
+{
+ CK_RV crv;
+ CK_ULONG count;
+ CK_ULONG i, oldCount;
+ PRBool freeRef = PR_FALSE;
+ void *mark = NULL;
+ CK_ULONG *slotIDs = NULL;
+ PK11SlotInfo **newSlots = NULL;
+ PK11SlotInfo **oldSlots = NULL;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ /* C_GetSlotList is not a session function, make sure
+ * calls are serialized */
+ PZ_Lock(mod->refLock);
+ freeRef = PR_TRUE;
+ /* see if the number of slots have changed */
+ crv = PK11_GETTAB(mod)->C_GetSlotList(PR_FALSE, NULL, &count);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+ /* nothing new, blow out early, we want this function to be quick
+ * and cheap in the normal case */
+ if (count == mod->slotCount) {
+ PZ_Unlock(mod->refLock);
+ return SECSuccess;
+ }
+ if (count < (CK_ULONG)mod->slotCount) {
+ /* shouldn't happen with a properly functioning PKCS #11 module */
+ PORT_SetError(SEC_ERROR_INCOMPATIBLE_PKCS11);
+ goto loser;
+ }
+
+ /* get the new slot list */
+ slotIDs = PORT_NewArray(CK_SLOT_ID, count);
+ if (slotIDs == NULL) {
+ goto loser;
+ }
+
+ crv = PK11_GETTAB(mod)->C_GetSlotList(PR_FALSE, slotIDs, &count);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ goto loser;
+ }
+ freeRef = PR_FALSE;
+ PZ_Unlock(mod->refLock);
+ mark = PORT_ArenaMark(mod->arena);
+ if (mark == NULL) {
+ goto loser;
+ }
+ newSlots = PORT_ArenaZNewArray(mod->arena, PK11SlotInfo *, count);
+
+ /* walk down the new slot ID list returned from the module. We keep
+ * the old slots which match a returned ID, and we initialize the new
+ * slots. */
+ for (i = 0; i < count; i++) {
+ PK11SlotInfo *slot = SECMOD_FindSlotByID(mod, slotIDs[i]);
+
+ if (!slot) {
+ /* we have a new slot create a new slot data structure */
+ slot = PK11_NewSlotInfo(mod);
+ if (!slot) {
+ goto loser;
+ }
+ PK11_InitSlot(mod, slotIDs[i], slot);
+ STAN_InitTokenForSlotInfo(NULL, slot);
+ }
+ newSlots[i] = slot;
+ }
+ STAN_ResetTokenInterator(NULL);
+ PORT_Free(slotIDs);
+ slotIDs = NULL;
+ PORT_ArenaUnmark(mod->arena, mark);
+
+ /* until this point we're still using the old slot list. Now we update
+ * module slot list. We update the slots (array) first then the count,
+ * since we've already guarrenteed that count has increased (just in case
+ * someone is looking at the slots field of module without holding the
+ * moduleLock */
+ SECMOD_GetWriteLock(moduleLock);
+ oldCount = mod->slotCount;
+ oldSlots = mod->slots;
+ mod->slots = newSlots; /* typical arena 'leak'... old mod->slots is
+ * allocated out of the module arena and won't
+ * be freed until the module is freed */
+ mod->slotCount = count;
+ SECMOD_ReleaseWriteLock(moduleLock);
+ /* free our old references before forgetting about oldSlot*/
+ for (i = 0; i < oldCount; i++) {
+ PK11_FreeSlot(oldSlots[i]);
+ }
+ return SECSuccess;
+
+loser:
+ if (freeRef) {
+ PZ_Unlock(mod->refLock);
+ }
+ if (slotIDs) {
+ PORT_Free(slotIDs);
+ }
+ /* free all the slots we allocated. newSlots are part of the
+ * mod arena. NOTE: the newSlots array contain both new and old
+ * slots, but we kept a reference to the old slots when we built the new
+ * array, so we need to free all the slots in newSlots array. */
+ if (newSlots) {
+ for (i = 0; i < count; i++) {
+ if (newSlots[i] == NULL) {
+ break; /* hit the last one */
+ }
+ PK11_FreeSlot(newSlots[i]);
+ }
+ }
+ /* must come after freeing newSlots */
+ if (mark) {
+ PORT_ArenaRelease(mod->arena, mark);
+ }
+ return SECFailure;
+}
+
+/*
+ * this handles modules that do not support C_WaitForSlotEvent().
+ * The internal flags are stored. Note that C_WaitForSlotEvent() does not
+ * have a timeout, so we don't have one for handleWaitForSlotEvent() either.
+ */
+PK11SlotInfo *
+secmod_HandleWaitForSlotEvent(SECMODModule *mod, unsigned long flags,
+ PRIntervalTime latency)
+{
+ PRBool removableSlotsFound = PR_FALSE;
+ int i;
+ int error = SEC_ERROR_NO_EVENT;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return NULL;
+ }
+ PZ_Lock(mod->refLock);
+ if (mod->evControlMask & SECMOD_END_WAIT) {
+ mod->evControlMask &= ~SECMOD_END_WAIT;
+ PZ_Unlock(mod->refLock);
+ PORT_SetError(SEC_ERROR_NO_EVENT);
+ return NULL;
+ }
+ mod->evControlMask |= SECMOD_WAIT_SIMULATED_EVENT;
+ while (mod->evControlMask & SECMOD_WAIT_SIMULATED_EVENT) {
+ PZ_Unlock(mod->refLock);
+ /* now is a good time to see if new slots have been added */
+ SECMOD_UpdateSlotList(mod);
+
+ /* loop through all the slots on a module */
+ SECMOD_GetReadLock(moduleLock);
+ for (i = 0; i < mod->slotCount; i++) {
+ PK11SlotInfo *slot = mod->slots[i];
+ PRUint16 series;
+ PRBool present;
+
+ /* perm modules do not change */
+ if (slot->isPerm) {
+ continue;
+ }
+ removableSlotsFound = PR_TRUE;
+ /* simulate the PKCS #11 module flags. are the flags different
+ * from the last time we called? */
+ series = slot->series;
+ present = PK11_IsPresent(slot);
+ if ((slot->flagSeries != series) || (slot->flagState != present)) {
+ slot->flagState = present;
+ slot->flagSeries = series;
+ SECMOD_ReleaseReadLock(moduleLock);
+ PZ_Lock(mod->refLock);
+ mod->evControlMask &= ~SECMOD_END_WAIT;
+ PZ_Unlock(mod->refLock);
+ return PK11_ReferenceSlot(slot);
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+ /* if everything was perm modules, don't lock up forever */
+ if ((mod->slotCount != 0) && !removableSlotsFound) {
+ error = SEC_ERROR_NO_SLOT_SELECTED;
+ PZ_Lock(mod->refLock);
+ break;
+ }
+ if (flags & CKF_DONT_BLOCK) {
+ PZ_Lock(mod->refLock);
+ break;
+ }
+ PR_Sleep(latency);
+ PZ_Lock(mod->refLock);
+ }
+ mod->evControlMask &= ~SECMOD_END_WAIT;
+ PZ_Unlock(mod->refLock);
+ PORT_SetError(error);
+ return NULL;
+}
+
+/*
+ * this function waits for a token event on any slot of a given module
+ * This function should not be called from more than one thread of the
+ * same process (though other threads can make other library calls
+ * on this module while this call is blocked).
+ */
+PK11SlotInfo *
+SECMOD_WaitForAnyTokenEvent(SECMODModule *mod, unsigned long flags,
+ PRIntervalTime latency)
+{
+ CK_SLOT_ID id;
+ CK_RV crv;
+ PK11SlotInfo *slot;
+
+ if (!pk11_getFinalizeModulesOption() ||
+ ((mod->cryptokiVersion.major == 2) &&
+ (mod->cryptokiVersion.minor < 1))) {
+ /* if we are sharing the module with other software in our
+ * address space, we can't reliably use C_WaitForSlotEvent(),
+ * and if the module is version 2.0, C_WaitForSlotEvent() doesn't
+ * exist */
+ return secmod_HandleWaitForSlotEvent(mod, flags, latency);
+ }
+ /* first the the PKCS #11 call */
+ PZ_Lock(mod->refLock);
+ if (mod->evControlMask & SECMOD_END_WAIT) {
+ goto end_wait;
+ }
+ mod->evControlMask |= SECMOD_WAIT_PKCS11_EVENT;
+ PZ_Unlock(mod->refLock);
+ crv = PK11_GETTAB(mod)->C_WaitForSlotEvent(flags, &id, NULL);
+ PZ_Lock(mod->refLock);
+ mod->evControlMask &= ~SECMOD_WAIT_PKCS11_EVENT;
+ /* if we are in end wait, short circuit now, don't even risk
+ * going into secmod_HandleWaitForSlotEvent */
+ if (mod->evControlMask & SECMOD_END_WAIT) {
+ goto end_wait;
+ }
+ PZ_Unlock(mod->refLock);
+ if (crv == CKR_FUNCTION_NOT_SUPPORTED) {
+ /* module doesn't support that call, simulate it */
+ return secmod_HandleWaitForSlotEvent(mod, flags, latency);
+ }
+ if (crv != CKR_OK) {
+ /* we can get this error if finalize was called while we were
+ * still running. This is the only way to force a C_WaitForSlotEvent()
+ * to return in PKCS #11. In this case, just return that there
+ * was no event. */
+ if (crv == CKR_CRYPTOKI_NOT_INITIALIZED) {
+ PORT_SetError(SEC_ERROR_NO_EVENT);
+ } else {
+ PORT_SetError(PK11_MapError(crv));
+ }
+ return NULL;
+ }
+ slot = SECMOD_FindSlotByID(mod, id);
+ if (slot == NULL) {
+ /* possibly a new slot that was added? */
+ SECMOD_UpdateSlotList(mod);
+ slot = SECMOD_FindSlotByID(mod, id);
+ }
+ /* if we are in the delay period for the "isPresent" call, reset
+ * the delay since we know things have probably changed... */
+ if (slot && slot->nssToken && slot->nssToken->slot) {
+ nssSlot_ResetDelay(slot->nssToken->slot);
+ }
+ return slot;
+
+/* must be called with the lock on. */
+end_wait:
+ mod->evControlMask &= ~SECMOD_END_WAIT;
+ PZ_Unlock(mod->refLock);
+ PORT_SetError(SEC_ERROR_NO_EVENT);
+ return NULL;
+}
+
+/*
+ * This function "wakes up" WaitForAnyTokenEvent. It's a pretty drastic
+ * function, possibly bringing down the pkcs #11 module in question. This
+ * should be OK because 1) it does reinitialize, and 2) it should only be
+ * called when we are on our way to tear the whole system down anyway.
+ */
+SECStatus
+SECMOD_CancelWait(SECMODModule *mod)
+{
+ unsigned long controlMask;
+ SECStatus rv = SECSuccess;
+ CK_RV crv;
+
+ PZ_Lock(mod->refLock);
+ mod->evControlMask |= SECMOD_END_WAIT;
+ controlMask = mod->evControlMask;
+ if (controlMask & SECMOD_WAIT_PKCS11_EVENT) {
+ if (!pk11_getFinalizeModulesOption()) {
+ /* can't get here unless pk11_getFinalizeModulesOption is set */
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ goto loser;
+ }
+ /* NOTE: this call will drop all transient keys, in progress
+ * operations, and any authentication. This is the only documented
+ * way to get WaitForSlotEvent to return. Also note: for non-thread
+ * safe tokens, we need to hold the module lock, this is not yet at
+ * system shutdown/startup time, so we need to protect these calls */
+ crv = PK11_GETTAB(mod)->C_Finalize(NULL);
+ /* ok, we slammed the module down, now we need to reinit it in case
+ * we intend to use it again */
+ if (CKR_OK == crv) {
+ PRBool alreadyLoaded;
+ secmod_ModuleInit(mod, NULL, &alreadyLoaded);
+ } else {
+ /* Finalized failed for some reason, notify the application
+ * so maybe it has a prayer of recovering... */
+ PORT_SetError(PK11_MapError(crv));
+ rv = SECFailure;
+ }
+ } else if (controlMask & SECMOD_WAIT_SIMULATED_EVENT) {
+ mod->evControlMask &= ~SECMOD_WAIT_SIMULATED_EVENT;
+ /* Simulated events will eventually timeout
+ * and wake up in the loop */
+ }
+loser:
+ PZ_Unlock(mod->refLock);
+ return rv;
+}
+
+/*
+ * check to see if the module has removable slots that we may need to
+ * watch for.
+ */
+PRBool
+SECMOD_HasRemovableSlots(SECMODModule *mod)
+{
+ int i;
+ PRBool ret = PR_FALSE;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return ret;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ for (i = 0; i < mod->slotCount; i++) {
+ PK11SlotInfo *slot = mod->slots[i];
+ /* perm modules are not inserted or removed */
+ if (slot->isPerm) {
+ continue;
+ }
+ ret = PR_TRUE;
+ break;
+ }
+ if (mod->slotCount == 0) {
+ ret = PR_TRUE;
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+ return ret;
+}
+
+/*
+ * helper function to actually create and destroy user defined slots
+ */
+static SECStatus
+secmod_UserDBOp(PK11SlotInfo *slot, CK_OBJECT_CLASS objClass,
+ const char *sendSpec)
+{
+ CK_OBJECT_HANDLE dummy;
+ CK_ATTRIBUTE template[2];
+ CK_ATTRIBUTE *attrs = template;
+ CK_RV crv;
+
+ PK11_SETATTRS(attrs, CKA_CLASS, &objClass, sizeof(objClass));
+ attrs++;
+ PK11_SETATTRS(attrs, CKA_NETSCAPE_MODULE_SPEC, (unsigned char *)sendSpec,
+ strlen(sendSpec) + 1);
+ attrs++;
+
+ PORT_Assert(attrs - template <= 2);
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_CreateNewObject(slot, slot->session,
+ template, attrs - template, PR_FALSE, &dummy);
+ PK11_ExitSlotMonitor(slot);
+
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECMOD_UpdateSlotList(slot->module);
+}
+
+/*
+ * return true if the selected slot ID is not present or doesn't exist
+ */
+static PRBool
+secmod_SlotIsEmpty(SECMODModule *mod, CK_SLOT_ID slotID)
+{
+ PK11SlotInfo *slot = SECMOD_LookupSlot(mod->moduleID, slotID);
+ if (slot) {
+ PRBool present = PK11_IsPresent(slot);
+ PK11_FreeSlot(slot);
+ if (present) {
+ return PR_FALSE;
+ }
+ }
+ /* it doesn't exist or isn't present, it's available */
+ return PR_TRUE;
+}
+
+/*
+ * Find an unused slot id in module.
+ */
+static CK_SLOT_ID
+secmod_FindFreeSlot(SECMODModule *mod)
+{
+ CK_SLOT_ID i, minSlotID, maxSlotID;
+
+ /* look for a free slot id on the internal module */
+ if (mod->internal && mod->isFIPS) {
+ minSlotID = SFTK_MIN_FIPS_USER_SLOT_ID;
+ maxSlotID = SFTK_MAX_FIPS_USER_SLOT_ID;
+ } else {
+ minSlotID = SFTK_MIN_USER_SLOT_ID;
+ maxSlotID = SFTK_MAX_USER_SLOT_ID;
+ }
+ for (i = minSlotID; i < maxSlotID; i++) {
+ if (secmod_SlotIsEmpty(mod, i)) {
+ return i;
+ }
+ }
+ PORT_SetError(SEC_ERROR_NO_SLOT_SELECTED);
+ return (CK_SLOT_ID)-1;
+}
+
+/*
+ * Attempt to open a new slot.
+ *
+ * This works the same os OpenUserDB except it can be called against
+ * any module that understands the softoken protocol for opening new
+ * slots, not just the softoken itself. If the selected module does not
+ * understand the protocol, C_CreateObject will fail with
+ * CKR_INVALID_ATTRIBUTE, and SECMOD_OpenNewSlot will return NULL and set
+ * SEC_ERROR_BAD_DATA.
+ *
+ * NewSlots can be closed with SECMOD_CloseUserDB();
+ *
+ * Modulespec is module dependent.
+ */
+PK11SlotInfo *
+SECMOD_OpenNewSlot(SECMODModule *mod, const char *moduleSpec)
+{
+ CK_SLOT_ID slotID = 0;
+ PK11SlotInfo *slot;
+ char *escSpec;
+ char *sendSpec;
+ SECStatus rv;
+
+ slotID = secmod_FindFreeSlot(mod);
+ if (slotID == (CK_SLOT_ID)-1) {
+ return NULL;
+ }
+
+ if (mod->slotCount == 0) {
+ return NULL;
+ }
+
+ /* just grab the first slot in the module, any present slot should work */
+ slot = PK11_ReferenceSlot(mod->slots[0]);
+ if (slot == NULL) {
+ return NULL;
+ }
+
+ /* we've found the slot, now build the moduleSpec */
+ escSpec = NSSUTIL_DoubleEscape(moduleSpec, '>', ']');
+ if (escSpec == NULL) {
+ PK11_FreeSlot(slot);
+ return NULL;
+ }
+ sendSpec = PR_smprintf("tokens=[0x%x=<%s>]", slotID, escSpec);
+ PORT_Free(escSpec);
+
+ if (sendSpec == NULL) {
+ /* PR_smprintf does not set SEC_ERROR_NO_MEMORY on failure. */
+ PK11_FreeSlot(slot);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ rv = secmod_UserDBOp(slot, CKO_NETSCAPE_NEWSLOT, sendSpec);
+ PR_smprintf_free(sendSpec);
+ PK11_FreeSlot(slot);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ slot = SECMOD_FindSlotByID(mod, slotID);
+ if (slot) {
+ /* if we are in the delay period for the "isPresent" call, reset
+ * the delay since we know things have probably changed... */
+ if (slot->nssToken && slot->nssToken->slot) {
+ nssSlot_ResetDelay(slot->nssToken->slot);
+ }
+ /* force the slot info structures to properly reset */
+ (void)PK11_IsPresent(slot);
+ }
+ return slot;
+}
+
+/*
+ * given a module spec, find the slot in the module for it.
+ */
+PK11SlotInfo *
+secmod_FindSlotFromModuleSpec(const char *moduleSpec, SECMODModule *module)
+{
+ CK_SLOT_ID slot_id = secmod_GetSlotIDFromModuleSpec(moduleSpec, module);
+ if (slot_id == -1) {
+ return NULL;
+ }
+
+ return SECMOD_FindSlotByID(module, slot_id);
+}
+
+/*
+ * Open a new database using the softoken. The caller is responsible for making
+ * sure the module spec is correct and usable. The caller should ask for one
+ * new database per call if the caller wants to get meaningful information
+ * about the new database.
+ *
+ * moduleSpec is the same data that you would pass to softoken at
+ * initialization time under the 'tokens' options. For example, if you were
+ * to specify tokens=<0x4=[configdir='./mybackup' tokenDescription='Backup']>
+ * You would specify "configdir='./mybackup' tokenDescription='Backup'" as your
+ * module spec here. The slot ID will be calculated for you by
+ * SECMOD_OpenUserDB().
+ *
+ * Typical parameters here are configdir, tokenDescription and flags.
+ *
+ * a Full list is below:
+ *
+ *
+ * configDir - The location of the databases for this token. If configDir is
+ * not specified, and noCertDB and noKeyDB is not specified, the load
+ * will fail.
+ * certPrefix - Cert prefix for this token.
+ * keyPrefix - Prefix for the key database for this token. (if not specified,
+ * certPrefix will be used).
+ * tokenDescription - The label value for this token returned in the
+ * CK_TOKEN_INFO structure with an internationalize string (UTF8).
+ * This value will be truncated at 32 bytes (no NULL, partial UTF8
+ * characters dropped). You should specify a user friendly name here
+ * as this is the value the token will be referred to in most
+ * application UI's. You should make sure tokenDescription is unique.
+ * slotDescription - The slotDescription value for this token returned
+ * in the CK_SLOT_INFO structure with an internationalize string
+ * (UTF8). This value will be truncated at 64 bytes (no NULL, partial
+ * UTF8 characters dropped). This name will not change after the
+ * database is closed. It should have some number to make this unique.
+ * minPWLen - minimum password length for this token.
+ * flags - comma separated list of flag values, parsed case-insensitive.
+ * Valid flags are:
+ * readOnly - Databases should be opened read only.
+ * noCertDB - Don't try to open a certificate database.
+ * noKeyDB - Don't try to open a key database.
+ * forceOpen - Don't fail to initialize the token if the
+ * databases could not be opened.
+ * passwordRequired - zero length passwords are not acceptable
+ * (valid only if there is a keyDB).
+ * optimizeSpace - allocate smaller hash tables and lock tables.
+ * When this flag is not specified, Softoken will allocate
+ * large tables to prevent lock contention.
+ */
+PK11SlotInfo *
+SECMOD_OpenUserDB(const char *moduleSpec)
+{
+ SECMODModule *mod;
+ SECMODConfigList *conflist = NULL;
+ int count = 0;
+
+ if (moduleSpec == NULL) {
+ return NULL;
+ }
+
+ /* NOTE: unlike most PK11 function, this does not return a reference
+ * to the module */
+ mod = SECMOD_GetInternalModule();
+ if (!mod) {
+ /* shouldn't happen */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+
+ /* make sure we don't open the same database twice. We only understand
+ * the moduleSpec for internal databases well enough to do this, so only
+ * do this in OpenUserDB */
+ conflist = secmod_GetConfigList(mod->isFIPS, mod->libraryParams, &count);
+ if (conflist) {
+ PK11SlotInfo *slot = NULL;
+ if (secmod_MatchConfigList(moduleSpec, conflist, count)) {
+ slot = secmod_FindSlotFromModuleSpec(moduleSpec, mod);
+ }
+ secmod_FreeConfigList(conflist, count);
+ if (slot) {
+ return slot;
+ }
+ }
+ return SECMOD_OpenNewSlot(mod, moduleSpec);
+}
+
+/*
+ * close an already opened user database. NOTE: the database must be
+ * in the internal token, and must be one created with SECMOD_OpenUserDB().
+ * Once the database is closed, the slot will remain as an empty slot
+ * until it's used again with SECMOD_OpenUserDB() or SECMOD_OpenNewSlot().
+ */
+SECStatus
+SECMOD_CloseUserDB(PK11SlotInfo *slot)
+{
+ SECStatus rv;
+ char *sendSpec;
+
+ sendSpec = PR_smprintf("tokens=[0x%x=<>]", slot->slotID);
+ if (sendSpec == NULL) {
+ /* PR_smprintf does not set no memory error */
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = secmod_UserDBOp(slot, CKO_NETSCAPE_DELSLOT, sendSpec);
+ PR_smprintf_free(sendSpec);
+ /* if we are in the delay period for the "isPresent" call, reset
+ * the delay since we know things have probably changed... */
+ if (slot->nssToken && slot->nssToken->slot) {
+ nssSlot_ResetDelay(slot->nssToken->slot);
+ /* force the slot info structures to properly reset */
+ (void)PK11_IsPresent(slot);
+ }
+ return rv;
+}
+
+/*
+ * Restart PKCS #11 modules after a fork(). See secmod.h for more information.
+ */
+SECStatus
+SECMOD_RestartModules(PRBool force)
+{
+ SECMODModuleList *mlp;
+ SECStatus rrv = SECSuccess;
+ int lastError = 0;
+
+ if (!moduleLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ /* Only need to restart the PKCS #11 modules that were initialized */
+ SECMOD_GetReadLock(moduleLock);
+ for (mlp = modules; mlp != NULL; mlp = mlp->next) {
+ SECMODModule *mod = mlp->module;
+ CK_ULONG count;
+ SECStatus rv;
+ int i;
+
+ /* If the module needs to be reset, do so */
+ if (force || (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &count) != CKR_OK)) {
+ PRBool alreadyLoaded;
+ /* first call Finalize. This is not required by PKCS #11, but some
+ * older modules require it, and it doesn't hurt (compliant modules
+ * will return CKR_NOT_INITIALIZED */
+ (void)PK11_GETTAB(mod)->C_Finalize(NULL);
+ /* now initialize the module, this function reinitializes
+ * a module in place, preserving existing slots (even if they
+ * no longer exist) */
+ rv = secmod_ModuleInit(mod, NULL, &alreadyLoaded);
+ if (rv != SECSuccess) {
+ /* save the last error code */
+ lastError = PORT_GetError();
+ rrv = rv;
+ /* couldn't reinit the module, disable all its slots */
+ for (i = 0; i < mod->slotCount; i++) {
+ mod->slots[i]->disabled = PR_TRUE;
+ mod->slots[i]->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
+ }
+ continue;
+ }
+ for (i = 0; i < mod->slotCount; i++) {
+ /* get new token sessions, bump the series up so that
+ * we refresh other old sessions. This will tell much of
+ * NSS to flush cached handles it may hold as well */
+ rv = PK11_InitToken(mod->slots[i], PR_TRUE);
+ /* PK11_InitToken could fail if the slot isn't present.
+ * If it is present, though, something is wrong and we should
+ * disable the slot and let the caller know. */
+ if (rv != SECSuccess && PK11_IsPresent(mod->slots[i])) {
+ /* save the last error code */
+ lastError = PORT_GetError();
+ rrv = rv;
+ /* disable the token */
+ mod->slots[i]->disabled = PR_TRUE;
+ mod->slots[i]->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
+ }
+ }
+ }
+ }
+ SECMOD_ReleaseReadLock(moduleLock);
+
+ /*
+ * on multiple failures, we are only returning the lastError. The caller
+ * can determine which slots are bad by calling PK11_IsDisabled().
+ */
+ if (rrv != SECSuccess) {
+ /* restore the last error code */
+ PORT_SetError(lastError);
+ }
+
+ return rrv;
+}
diff --git a/security/nss/lib/pk11wrap/pk11wrap.gyp b/security/nss/lib/pk11wrap/pk11wrap.gyp
new file mode 100644
index 000000000..2af27a052
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11wrap.gyp
@@ -0,0 +1,51 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pk11wrap',
+ 'type': 'static_library',
+ 'sources': [
+ 'dev3hack.c',
+ 'pk11akey.c',
+ 'pk11auth.c',
+ 'pk11cert.c',
+ 'pk11cxt.c',
+ 'pk11err.c',
+ 'pk11kea.c',
+ 'pk11list.c',
+ 'pk11load.c',
+ 'pk11mech.c',
+ 'pk11merge.c',
+ 'pk11nobj.c',
+ 'pk11obj.c',
+ 'pk11pars.c',
+ 'pk11pbe.c',
+ 'pk11pk12.c',
+ 'pk11pqg.c',
+ 'pk11sdr.c',
+ 'pk11skey.c',
+ 'pk11slot.c',
+ 'pk11util.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'SHLIB_SUFFIX=\"<(dll_suffix)\"',
+ 'SHLIB_PREFIX=\"<(dll_prefix)\"',
+ 'SHLIB_VERSION=\"3\"',
+ 'SOFTOKEN_SHLIB_VERSION=\"3\"'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/pk11wrap/secmod.h b/security/nss/lib/pk11wrap/secmod.h
new file mode 100644
index 000000000..fcc770780
--- /dev/null
+++ b/security/nss/lib/pk11wrap/secmod.h
@@ -0,0 +1,167 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _SECMOD_H_
+#define _SECMOD_H_
+#include "seccomon.h"
+#include "secmodt.h"
+#include "prinrval.h"
+
+/* These mechanisms flags are visible to all other libraries. */
+/* They must be converted to internal SECMOD_*_FLAG */
+/* if used inside the functions of the security library */
+#define PUBLIC_MECH_RSA_FLAG 0x00000001ul
+#define PUBLIC_MECH_DSA_FLAG 0x00000002ul
+#define PUBLIC_MECH_RC2_FLAG 0x00000004ul
+#define PUBLIC_MECH_RC4_FLAG 0x00000008ul
+#define PUBLIC_MECH_DES_FLAG 0x00000010ul
+#define PUBLIC_MECH_DH_FLAG 0x00000020ul
+#define PUBLIC_MECH_FORTEZZA_FLAG 0x00000040ul
+#define PUBLIC_MECH_RC5_FLAG 0x00000080ul
+#define PUBLIC_MECH_SHA1_FLAG 0x00000100ul
+#define PUBLIC_MECH_MD5_FLAG 0x00000200ul
+#define PUBLIC_MECH_MD2_FLAG 0x00000400ul
+#define PUBLIC_MECH_SSL_FLAG 0x00000800ul
+#define PUBLIC_MECH_TLS_FLAG 0x00001000ul
+#define PUBLIC_MECH_AES_FLAG 0x00002000ul
+#define PUBLIC_MECH_SHA256_FLAG 0x00004000ul
+#define PUBLIC_MECH_SHA512_FLAG 0x00008000ul
+#define PUBLIC_MECH_CAMELLIA_FLAG 0x00010000ul
+#define PUBLIC_MECH_SEED_FLAG 0x00020000ul
+#define PUBLIC_MECH_ECC_FLAG 0x00040000ul
+
+#define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul
+#define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul
+#define PUBLIC_OWN_PW_DEFAULTS 0X20000000ul
+#define PUBLIC_DISABLE_FLAG 0x40000000ul
+
+/* warning: reserved means reserved */
+#define PUBLIC_MECH_RESERVED_FLAGS 0x87FF0000ul
+
+/* These cipher flags are visible to all other libraries, */
+/* But they must be converted before used in functions */
+/* withing the security module */
+#define PUBLIC_CIPHER_FORTEZZA_FLAG 0x00000001ul
+
+/* warning: reserved means reserved */
+#define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul
+
+SEC_BEGIN_PROTOS
+
+/*
+ * the following functions are going to be deprecated in NSS 4.0 in
+ * favor of the new stan functions.
+ */
+
+/* Initialization */
+extern SECMODModule *SECMOD_LoadModule(char *moduleSpec, SECMODModule *parent,
+ PRBool recurse);
+
+extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec, SECMODModule *parent,
+ PRBool recurse);
+
+SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
+
+SECMODModule *SECMOD_CreateModule(const char *lib, const char *name,
+ const char *param, const char *nss);
+SECMODModule *SECMOD_CreateModuleEx(const char *lib, const char *name,
+ const char *param, const char *nss,
+ const char *config);
+/*
+ * After a fork(), PKCS #11 says we need to call C_Initialize again in
+ * the child before we can use the module. This function causes this
+ * reinitialization.
+ * NOTE: Any outstanding handles will become invalid, which means your
+ * keys and contexts will fail, but new ones can be created.
+ *
+ * Setting 'force' to true means to do the reinitialization even if the
+ * PKCS #11 module does not seem to need it. This allows software modules
+ * which ignore fork to preserve their keys across the fork().
+ */
+SECStatus SECMOD_RestartModules(PRBool force);
+
+/* Module Management */
+char **SECMOD_GetModuleSpecList(SECMODModule *module);
+SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module, char **moduleSpecList);
+
+/* protoypes */
+/* Get a list of active PKCS #11 modules */
+extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
+/* Get a list of defined but not loaded PKCS #11 modules */
+extern SECMODModuleList *SECMOD_GetDeadModuleList(void);
+/* Get a list of Modules which define PKCS #11 modules to load */
+extern SECMODModuleList *SECMOD_GetDBModuleList(void);
+
+/* lock to protect all three module lists above */
+extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
+
+extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
+
+/* lock management */
+extern void SECMOD_GetReadLock(SECMODListLock *);
+extern void SECMOD_ReleaseReadLock(SECMODListLock *);
+
+/* Operate on modules by name */
+extern SECMODModule *SECMOD_FindModule(const char *name);
+extern SECStatus SECMOD_DeleteModule(const char *name, int *type);
+extern SECStatus SECMOD_DeleteModuleEx(const char *name,
+ SECMODModule *mod,
+ int *type,
+ PRBool permdb);
+extern SECStatus SECMOD_DeleteInternalModule(const char *name);
+extern PRBool SECMOD_CanDeleteInternalModule(void);
+extern SECStatus SECMOD_AddNewModule(const char *moduleName,
+ const char *dllPath,
+ unsigned long defaultMechanismFlags,
+ unsigned long cipherEnableFlags);
+extern SECStatus SECMOD_AddNewModuleEx(const char *moduleName,
+ const char *dllPath,
+ unsigned long defaultMechanismFlags,
+ unsigned long cipherEnableFlags,
+ char *modparms,
+ char *nssparms);
+
+/* database/memory management */
+extern SECMODModule *SECMOD_GetInternalModule(void);
+extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
+extern void SECMOD_DestroyModule(SECMODModule *module);
+extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
+ unsigned long slotID);
+extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module, const char *name);
+
+/* Funtion reports true if at least one of the modules */
+/* of modType has been installed */
+PRBool SECMOD_IsModulePresent(unsigned long int pubCipherEnableFlags);
+
+/* accessors */
+PRBool SECMOD_GetSkipFirstFlag(SECMODModule *mod);
+PRBool SECMOD_GetDefaultModDBFlag(SECMODModule *mod);
+
+/* Functions used to convert between internal & public representation
+ * of Mechanism Flags and Cipher Enable Flags */
+extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags);
+extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags);
+extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
+
+PRBool SECMOD_HasRemovableSlots(SECMODModule *mod);
+PK11SlotInfo *SECMOD_WaitForAnyTokenEvent(SECMODModule *mod,
+ unsigned long flags, PRIntervalTime latency);
+/*
+ * Warning: the SECMOD_CancelWait function is highly destructive, potentially
+ * finalizing the module 'mod' (causing inprogress operations to fail,
+ * and session key material to disappear). It should only be called when
+ * shutting down the module.
+ */
+SECStatus SECMOD_CancelWait(SECMODModule *mod);
+/*
+ * check to see if the module has added new slots. PKCS 11 v2.20 allows for
+ * modules to add new slots, but never remove them. Slots not be added between
+ * a call to C_GetSlotLlist(Flag, NULL, &count) and the corresponding
+ * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently
+ * grow on the caller. It is permissible for the slots to increase between
+ * corresponding calls with NULL to get the size.
+ */
+SECStatus SECMOD_UpdateSlotList(SECMODModule *mod);
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h
new file mode 100644
index 000000000..1225661ad
--- /dev/null
+++ b/security/nss/lib/pk11wrap/secmodi.h
@@ -0,0 +1,170 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal header file included only by files in pkcs11 dir, or in
+ * pkcs11 specific client and server files.
+ */
+#ifndef _SECMODI_H_
+#define _SECMODI_H_ 1
+#include "pkcs11.h"
+#include "nssilock.h"
+#include "secoidt.h"
+#include "secdert.h"
+#include "certt.h"
+#include "secmodt.h"
+#include "keyt.h"
+
+SEC_BEGIN_PROTOS
+
+/* proto-types */
+extern SECStatus SECMOD_DeletePermDB(SECMODModule *module);
+extern SECStatus SECMOD_AddPermDB(SECMODModule *module);
+extern SECStatus SECMOD_Shutdown(void);
+void nss_DumpModuleLog(void);
+
+extern int secmod_PrivateModuleCount;
+
+extern void SECMOD_Init(void);
+SECStatus secmod_ModuleInit(SECMODModule *mod, SECMODModule **oldModule,
+ PRBool *alreadyLoaded);
+
+/* list managment */
+extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule);
+extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule);
+extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule);
+extern void SECMOD_RemoveList(SECMODModuleList **, SECMODModuleList *);
+extern void SECMOD_AddList(SECMODModuleList *, SECMODModuleList *, SECMODListLock *);
+extern SECMODListLock *SECMOD_NewListLock(void);
+extern void SECMOD_DestroyListLock(SECMODListLock *);
+extern void SECMOD_GetWriteLock(SECMODListLock *);
+extern void SECMOD_ReleaseWriteLock(SECMODListLock *);
+
+/* Operate on modules by name */
+extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID);
+extern SECMODModule *secmod_FindModuleByFuncPtr(void *funcPtr);
+
+/* database/memory management */
+extern SECMODModuleList *SECMOD_NewModuleListElement(void);
+extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
+extern void SECMOD_DestroyModuleList(SECMODModuleList *);
+extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
+
+extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
+
+/* Library functions */
+SECStatus secmod_LoadPKCS11Module(SECMODModule *, SECMODModule **oldModule);
+SECStatus SECMOD_UnloadModule(SECMODModule *);
+void SECMOD_SetInternalModule(SECMODModule *);
+PRBool secmod_IsInternalKeySlot(SECMODModule *);
+void secmod_SetInternalKeySlotFlag(SECMODModule *mod, PRBool val);
+
+/* tools for checking if we are loading the same database twice */
+typedef struct SECMODConfigListStr SECMODConfigList;
+/* collect all the databases in a given spec */
+SECMODConfigList *secmod_GetConfigList(PRBool isFIPS, char *spec, int *count);
+/* see is a spec matches a database on the list */
+PRBool secmod_MatchConfigList(const char *spec,
+ SECMODConfigList *conflist, int count);
+/* returns the slot id from a module and modulespec */
+CK_SLOT_ID secmod_GetSlotIDFromModuleSpec(const char *moduleSpec, SECMODModule *module);
+/* free our list of databases */
+void secmod_FreeConfigList(SECMODConfigList *conflist, int count);
+
+/* parsing parameters */
+/* returned char * must be freed by caller with PORT_Free */
+/* children and ids are null terminated arrays which must be freed with
+ * secmod_FreeChildren */
+char *secmod_ParseModuleSpecForTokens(PRBool convert,
+ PRBool isFIPS,
+ const char *moduleSpec,
+ char ***children,
+ CK_SLOT_ID **ids);
+void secmod_FreeChildren(char **children, CK_SLOT_ID *ids);
+char *secmod_MkAppendTokensList(PLArenaPool *arena, char *origModuleSpec,
+ char *newModuleSpec, CK_SLOT_ID newID,
+ char **children, CK_SLOT_ID *ids);
+
+void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot);
+CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
+ CK_VOID_PTR pdata);
+void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib);
+CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot,
+ CK_ATTRIBUTE *inTemplate, int tsize);
+CK_OBJECT_HANDLE *pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
+ CK_ATTRIBUTE *inTemplate, int tsize, int *objCount);
+
+#define PK11_GETTAB(x) ((CK_FUNCTION_LIST_PTR)((x)->functionList))
+#define PK11_SETATTRS(x, id, v, l) \
+ (x)->type = (id); \
+ (x)->pValue = (v); \
+ (x)->ulValueLen = (l);
+SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
+ const CK_ATTRIBUTE *theTemplate, int count,
+ PRBool token, CK_OBJECT_HANDLE *objectID);
+
+SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid, SECItem *mech);
+SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param,
+ PLArenaPool *arena, SECAlgorithmID *algId);
+
+PK11SymKey *pk11_TokenKeyGenWithFlagsAndKeyType(PK11SlotInfo *slot,
+ CK_MECHANISM_TYPE type, SECItem *param, CK_KEY_TYPE keyType,
+ int keySize, SECItem *keyId, CK_FLAGS opFlags,
+ PK11AttrFlags attrFlags, void *wincx);
+
+CK_MECHANISM_TYPE pk11_GetPBECryptoMechanism(SECAlgorithmID *algid,
+ SECItem **param, SECItem *pwd, PRBool faulty3DES);
+
+extern void pk11sdr_Init(void);
+extern void pk11sdr_Shutdown(void);
+
+/*
+ * Private to pk11wrap.
+ */
+
+PRBool pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx);
+CK_SESSION_HANDLE pk11_GetNewSession(PK11SlotInfo *slot, PRBool *owner);
+void pk11_CloseSession(PK11SlotInfo *slot, CK_SESSION_HANDLE sess, PRBool own);
+PK11SymKey *pk11_ForceSlot(PK11SymKey *symKey, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation);
+/* Convert key operation flags to PKCS #11 attributes. */
+unsigned int pk11_OpFlagsToAttributes(CK_FLAGS flags,
+ CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue);
+/* Check for bad (conflicting) attribute flags */
+PRBool pk11_BadAttrFlags(PK11AttrFlags attrFlags);
+/* Convert key attribute flags to PKCS #11 attributes. */
+unsigned int pk11_AttrFlagsToAttributes(PK11AttrFlags attrFlags,
+ CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue, CK_BBOOL *ckFalse);
+PRBool pk11_FindAttrInTemplate(CK_ATTRIBUTE *attr, unsigned int numAttrs,
+ CK_ATTRIBUTE_TYPE target);
+
+CK_MECHANISM_TYPE pk11_mapWrapKeyType(KeyType keyType);
+PK11SymKey *pk11_KeyExchange(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
+ CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags, PRBool isPerm,
+ PK11SymKey *symKey);
+
+PRBool pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert,
+ CERTCertTrust *trust);
+CK_OBJECT_HANDLE pk11_FindPubKeyByAnyCert(CERTCertificate *cert,
+ PK11SlotInfo **slot, void *wincx);
+SECStatus pk11_AuthenticateUnfriendly(PK11SlotInfo *slot, PRBool loadCerts,
+ void *wincx);
+int PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate,
+ int templateCount);
+SECItem *pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE handle);
+SECStatus PK11_TraverseSlot(PK11SlotInfo *slot, void *arg);
+CK_OBJECT_HANDLE pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot,
+ SECItem *keyID);
+SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
+ PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx);
+CERTCertificate *PK11_MakeCertFromHandle(PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE certID, CK_ATTRIBUTE *privateLabel);
+
+SECItem *pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen);
+SECItem *pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type,
+ SECItem *iv, int keyLen);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pk11wrap/secmodt.h b/security/nss/lib/pk11wrap/secmodt.h
new file mode 100644
index 000000000..23abe307f
--- /dev/null
+++ b/security/nss/lib/pk11wrap/secmodt.h
@@ -0,0 +1,444 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _SECMODT_H_
+#define _SECMODT_H_ 1
+
+#include "nssrwlkt.h"
+#include "nssilckt.h"
+#include "secoid.h"
+#include "secasn1.h"
+#include "pkcs11t.h"
+#include "utilmodt.h"
+
+SEC_BEGIN_PROTOS
+
+/* find a better home for these... */
+extern const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate)
+extern const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_EncryptedPrivateKeyInfoTemplate)
+extern const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_PrivateKeyInfoTemplate)
+extern const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[];
+SEC_ASN1_CHOOSER_DECLARE(SECKEY_PointerToPrivateKeyInfoTemplate)
+
+SEC_END_PROTOS
+
+/* PKCS11 needs to be included */
+typedef struct SECMODModuleStr SECMODModule;
+typedef struct SECMODModuleListStr SECMODModuleList;
+typedef NSSRWLock SECMODListLock;
+typedef struct PK11SlotInfoStr PK11SlotInfo; /* defined in secmodti.h */
+typedef struct NSSUTILPreSlotInfoStr PK11PreSlotInfo; /* defined in secmodti.h */
+typedef struct PK11SymKeyStr PK11SymKey; /* defined in secmodti.h */
+typedef struct PK11ContextStr PK11Context; /* defined in secmodti.h */
+typedef struct PK11SlotListStr PK11SlotList;
+typedef struct PK11SlotListElementStr PK11SlotListElement;
+typedef struct PK11RSAGenParamsStr PK11RSAGenParams;
+typedef unsigned long SECMODModuleID;
+typedef struct PK11DefaultArrayEntryStr PK11DefaultArrayEntry;
+typedef struct PK11GenericObjectStr PK11GenericObject;
+typedef void (*PK11FreeDataFunc)(void *);
+
+struct SECMODModuleStr {
+ PLArenaPool *arena;
+ PRBool internal; /* true of internally linked modules, false
+ * for the loaded modules */
+ PRBool loaded; /* Set to true if module has been loaded */
+ PRBool isFIPS; /* Set to true if module is finst internal */
+ char *dllName; /* name of the shared library which implements
+ * this module */
+ char *commonName; /* name of the module to display to the user */
+ void *library; /* pointer to the library. opaque. used only by
+ * pk11load.c */
+ void *functionList; /* The PKCS #11 function table */
+ PZLock *refLock; /* only used pk11db.c */
+ int refCount; /* Module reference count */
+ PK11SlotInfo **slots; /* array of slot points attached to this mod*/
+ int slotCount; /* count of slot in above array */
+ PK11PreSlotInfo *slotInfo; /* special info about slots default settings */
+ int slotInfoCount; /* count */
+ SECMODModuleID moduleID; /* ID so we can find this module again */
+ PRBool isThreadSafe;
+ unsigned long ssl[2]; /* SSL cipher enable flags */
+ char *libraryParams; /* Module specific parameters */
+ void *moduleDBFunc; /* function to return module configuration data*/
+ SECMODModule *parent; /* module that loaded us */
+ PRBool isCritical; /* This module must load successfully */
+ PRBool isModuleDB; /* this module has lists of PKCS #11 modules */
+ PRBool moduleDBOnly; /* this module only has lists of PKCS #11 modules */
+ int trustOrder; /* order for this module's certificate trust rollup */
+ int cipherOrder; /* order for cipher operations */
+ unsigned long evControlMask; /* control the running and shutdown of slot
+ * events (SECMOD_WaitForAnyTokenEvent) */
+ CK_VERSION cryptokiVersion; /* version of this library */
+};
+
+/* evControlMask flags */
+/*
+ * These bits tell the current state of a SECMOD_WaitForAnyTokenEvent.
+ *
+ * SECMOD_WAIT_PKCS11_EVENT - we're waiting in the PKCS #11 module in
+ * C_WaitForSlotEvent().
+ * SECMOD_WAIT_SIMULATED_EVENT - we're waiting in the NSS simulation code
+ * which polls for token insertion and removal events.
+ * SECMOD_END_WAIT - SECMOD_CancelWait has been called while the module is
+ * waiting in SECMOD_WaitForAnyTokenEvent. SECMOD_WaitForAnyTokenEvent
+ * should return immediately to it's caller.
+ */
+#define SECMOD_END_WAIT 0x01
+#define SECMOD_WAIT_SIMULATED_EVENT 0x02
+#define SECMOD_WAIT_PKCS11_EVENT 0x04
+
+struct SECMODModuleListStr {
+ SECMODModuleList *next;
+ SECMODModule *module;
+};
+
+struct PK11SlotListStr {
+ PK11SlotListElement *head;
+ PK11SlotListElement *tail;
+ PZLock *lock;
+};
+
+struct PK11SlotListElementStr {
+ PK11SlotListElement *next;
+ PK11SlotListElement *prev;
+ PK11SlotInfo *slot;
+ int refCount;
+};
+
+struct PK11RSAGenParamsStr {
+ int keySizeInBits;
+ unsigned long pe;
+};
+
+typedef enum {
+ PK11CertListUnique = 0, /* get one instance of all certs */
+ PK11CertListUser = 1, /* get all instances of user certs */
+ PK11CertListRootUnique = 2, /* get one instance of CA certs without a private key.
+ * deprecated. Use PK11CertListCAUnique
+ */
+ PK11CertListCA = 3, /* get all instances of CA certs */
+ PK11CertListCAUnique = 4, /* get one instance of CA certs */
+ PK11CertListUserUnique = 5, /* get one instance of user certs */
+ PK11CertListAll = 6 /* get all instances of all certs */
+} PK11CertListType;
+
+/*
+ * Entry into the array which lists all the legal bits for the default flags
+ * in the slot, their definition, and the PKCS #11 mechanism they represent.
+ * Always statically allocated.
+ */
+struct PK11DefaultArrayEntryStr {
+ const char *name;
+ unsigned long flag;
+ unsigned long mechanism; /* this is a long so we don't include the
+ * whole pkcs 11 world to use this header */
+};
+
+/*
+ * PK11AttrFlags
+ *
+ * A 32-bit bitmask of PK11_ATTR_XXX flags
+ */
+typedef PRUint32 PK11AttrFlags;
+
+/*
+ * PK11_ATTR_XXX
+ *
+ * The following PK11_ATTR_XXX bitflags are used to specify
+ * PKCS #11 object attributes that have Boolean values. Some NSS
+ * functions have a "PK11AttrFlags attrFlags" parameter whose value
+ * is the logical OR of these bitflags. NSS use these bitflags on
+ * private keys or secret keys. Some of these bitflags also apply
+ * to the public keys associated with the private keys.
+ *
+ * For each PKCS #11 object attribute, we need two bitflags to
+ * specify not only "true" and "false" but also "default". For
+ * example, PK11_ATTR_PRIVATE and PK11_ATTR_PUBLIC control the
+ * CKA_PRIVATE attribute. If PK11_ATTR_PRIVATE is set, we add
+ * { CKA_PRIVATE, &cktrue, sizeof(CK_BBOOL) }
+ * to the template. If PK11_ATTR_PUBLIC is set, we add
+ * { CKA_PRIVATE, &ckfalse, sizeof(CK_BBOOL) }
+ * to the template. If neither flag is set, we don't add any
+ * CKA_PRIVATE entry to the template.
+ */
+
+/*
+ * Attributes for PKCS #11 storage objects, which include not only
+ * keys but also certificates and domain parameters.
+ */
+
+/*
+ * PK11_ATTR_TOKEN
+ * PK11_ATTR_SESSION
+ *
+ * These two flags determine whether the object is a token or
+ * session object.
+ *
+ * These two flags are related and cannot both be set.
+ * If the PK11_ATTR_TOKEN flag is set, the object is a token
+ * object. If the PK11_ATTR_SESSION flag is set, the object is
+ * a session object. If neither flag is set, the object is *by
+ * default* a session object.
+ *
+ * These two flags specify the value of the PKCS #11 CKA_TOKEN
+ * attribute.
+ */
+#define PK11_ATTR_TOKEN 0x00000001L
+#define PK11_ATTR_SESSION 0x00000002L
+
+/*
+ * PK11_ATTR_PRIVATE
+ * PK11_ATTR_PUBLIC
+ *
+ * These two flags determine whether the object is a private or
+ * public object. A user may not access a private object until the
+ * user has authenticated to the token.
+ *
+ * These two flags are related and cannot both be set.
+ * If the PK11_ATTR_PRIVATE flag is set, the object is a private
+ * object. If the PK11_ATTR_PUBLIC flag is set, the object is a
+ * public object. If neither flag is set, it is token-specific
+ * whether the object is private or public.
+ *
+ * These two flags specify the value of the PKCS #11 CKA_PRIVATE
+ * attribute. NSS only uses this attribute on private and secret
+ * keys, so public keys created by NSS get the token-specific
+ * default value of the CKA_PRIVATE attribute.
+ */
+#define PK11_ATTR_PRIVATE 0x00000004L
+#define PK11_ATTR_PUBLIC 0x00000008L
+
+/*
+ * PK11_ATTR_MODIFIABLE
+ * PK11_ATTR_UNMODIFIABLE
+ *
+ * These two flags determine whether the object is modifiable or
+ * read-only.
+ *
+ * These two flags are related and cannot both be set.
+ * If the PK11_ATTR_MODIFIABLE flag is set, the object can be
+ * modified. If the PK11_ATTR_UNMODIFIABLE flag is set, the object
+ * is read-only. If neither flag is set, the object is *by default*
+ * modifiable.
+ *
+ * These two flags specify the value of the PKCS #11 CKA_MODIFIABLE
+ * attribute.
+ */
+#define PK11_ATTR_MODIFIABLE 0x00000010L
+#define PK11_ATTR_UNMODIFIABLE 0x00000020L
+
+/* Attributes for PKCS #11 key objects. */
+
+/*
+ * PK11_ATTR_SENSITIVE
+ * PK11_ATTR_INSENSITIVE
+ *
+ * These two flags are related and cannot both be set.
+ * If the PK11_ATTR_SENSITIVE flag is set, the key is sensitive.
+ * If the PK11_ATTR_INSENSITIVE flag is set, the key is not
+ * sensitive. If neither flag is set, it is token-specific whether
+ * the key is sensitive or not.
+ *
+ * If a key is sensitive, certain attributes of the key cannot be
+ * revealed in plaintext outside the token.
+ *
+ * This flag specifies the value of the PKCS #11 CKA_SENSITIVE
+ * attribute. Although the default value of the CKA_SENSITIVE
+ * attribute for secret keys is CK_FALSE per PKCS #11, some FIPS
+ * tokens set the default value to CK_TRUE because only CK_TRUE
+ * is allowed. So in practice the default value of this attribute
+ * is token-specific, hence the need for two bitflags.
+ */
+#define PK11_ATTR_SENSITIVE 0x00000040L
+#define PK11_ATTR_INSENSITIVE 0x00000080L
+
+/*
+ * PK11_ATTR_EXTRACTABLE
+ * PK11_ATTR_UNEXTRACTABLE
+ *
+ * These two flags are related and cannot both be set.
+ * If the PK11_ATTR_EXTRACTABLE flag is set, the key is extractable
+ * and can be wrapped. If the PK11_ATTR_UNEXTRACTABLE flag is set,
+ * the key is not extractable, and certain attributes of the key
+ * cannot be revealed in plaintext outside the token (just like a
+ * sensitive key). If neither flag is set, it is token-specific
+ * whether the key is extractable or not.
+ *
+ * These two flags specify the value of the PKCS #11 CKA_EXTRACTABLE
+ * attribute.
+ */
+#define PK11_ATTR_EXTRACTABLE 0x00000100L
+#define PK11_ATTR_UNEXTRACTABLE 0x00000200L
+
+/* Cryptographic module types */
+#define SECMOD_EXTERNAL 0 /* external module */
+#define SECMOD_INTERNAL 1 /* internal default module */
+#define SECMOD_FIPS 2 /* internal fips module */
+
+/* default module configuration strings */
+#define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]"
+
+#define SECMOD_MAKE_NSS_FLAGS(fips, slot) \
+ "Flags=internal,critical" fips " slotparams=(" #slot "={" SECMOD_SLOT_FLAGS "})"
+
+#define SECMOD_INT_NAME "NSS Internal PKCS #11 Module"
+#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("", 1)
+#define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module"
+#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips", 3)
+
+/*
+ * What is the origin of a given Key. Normally this doesn't matter, but
+ * the fortezza code needs to know if it needs to invoke the SSL3 fortezza
+ * hack.
+ */
+typedef enum {
+ PK11_OriginNULL = 0, /* There is not key, it's a null SymKey */
+ PK11_OriginDerive = 1, /* Key was derived from some other key */
+ PK11_OriginGenerated = 2, /* Key was generated (also PBE keys) */
+ PK11_OriginFortezzaHack = 3, /* Key was marked for fortezza hack */
+ PK11_OriginUnwrap = 4 /* Key was unwrapped or decrypted */
+} PK11Origin;
+
+/* PKCS #11 disable reasons */
+typedef enum {
+ PK11_DIS_NONE = 0,
+ PK11_DIS_USER_SELECTED = 1,
+ PK11_DIS_COULD_NOT_INIT_TOKEN = 2,
+ PK11_DIS_TOKEN_VERIFY_FAILED = 3,
+ PK11_DIS_TOKEN_NOT_PRESENT = 4
+} PK11DisableReasons;
+
+/* types of PKCS #11 objects
+ * used to identify which NSS data structure is
+ * passed to the PK11_Raw* functions. Types map as follows:
+ * PK11_TypeGeneric PK11GenericObject *
+ * PK11_TypePrivKey SECKEYPrivateKey *
+ * PK11_TypePubKey SECKEYPublicKey *
+ * PK11_TypeSymKey PK11SymKey *
+ * PK11_TypeCert CERTCertificate * (currently not used).
+ */
+typedef enum {
+ PK11_TypeGeneric = 0,
+ PK11_TypePrivKey = 1,
+ PK11_TypePubKey = 2,
+ PK11_TypeCert = 3,
+ PK11_TypeSymKey = 4
+} PK11ObjectType;
+
+/* function pointer type for password callback function.
+ * This type is passed in to PK11_SetPasswordFunc()
+ */
+typedef char *(PR_CALLBACK *PK11PasswordFunc)(PK11SlotInfo *slot, PRBool retry, void *arg);
+typedef PRBool(PR_CALLBACK *PK11VerifyPasswordFunc)(PK11SlotInfo *slot, void *arg);
+typedef PRBool(PR_CALLBACK *PK11IsLoggedInFunc)(PK11SlotInfo *slot, void *arg);
+
+/*
+ * Special strings the password callback function can return only if
+ * the slot is an protected auth path slot.
+ */
+#define PK11_PW_RETRY "RETRY" /* an failed attempt to authenticate \
+ * has already been made, just retry \
+ * the operation */
+#define PK11_PW_AUTHENTICATED "AUTH" /* a successful attempt to authenticate \
+ * has completed. Continue without \
+ * another call to C_Login */
+/* All other non-null values mean that that NSS could call C_Login to force
+ * the authentication. The following define is to aid applications in
+ * documenting that is what it's trying to do */
+#define PK11_PW_TRY "TRY" /* Default: a prompt has been presented \
+ * to the user, initiate a C_Login \
+ * to authenticate the token */
+
+/*
+ * PKCS #11 key structures
+ */
+
+/*
+** Attributes
+*/
+struct SECKEYAttributeStr {
+ SECItem attrType;
+ SECItem **attrValue;
+};
+typedef struct SECKEYAttributeStr SECKEYAttribute;
+
+/*
+** A PKCS#8 private key info object
+*/
+struct SECKEYPrivateKeyInfoStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECAlgorithmID algorithm;
+ SECItem privateKey;
+ SECKEYAttribute **attributes;
+};
+typedef struct SECKEYPrivateKeyInfoStr SECKEYPrivateKeyInfo;
+
+/*
+** A PKCS#8 private key info object
+*/
+struct SECKEYEncryptedPrivateKeyInfoStr {
+ PLArenaPool *arena;
+ SECAlgorithmID algorithm;
+ SECItem encryptedData;
+};
+typedef struct SECKEYEncryptedPrivateKeyInfoStr SECKEYEncryptedPrivateKeyInfo;
+
+/*
+ * token removal detection
+ */
+typedef enum {
+ PK11TokenNotRemovable = 0,
+ PK11TokenPresent = 1,
+ PK11TokenChanged = 2,
+ PK11TokenRemoved = 3
+} PK11TokenStatus;
+
+typedef enum {
+ PK11TokenRemovedOrChangedEvent = 0,
+ PK11TokenPresentEvent = 1
+} PK11TokenEvent;
+
+/*
+ * CRL Import Flags
+ */
+#define CRL_IMPORT_DEFAULT_OPTIONS 0x00000000
+#define CRL_IMPORT_BYPASS_CHECKS 0x00000001
+
+/*
+ * Merge Error Log
+ */
+typedef struct PK11MergeLogStr PK11MergeLog;
+typedef struct PK11MergeLogNodeStr PK11MergeLogNode;
+
+/* These need to be global, leave some open fields so we can 'expand'
+ * these without breaking binary compatibility */
+struct PK11MergeLogNodeStr {
+ PK11MergeLogNode *next; /* next entry in the list */
+ PK11MergeLogNode *prev; /* last entry in the list */
+ PK11GenericObject *object; /* object that failed */
+ int error; /* what the error was */
+ CK_RV reserved1;
+ unsigned long reserved2; /* future flags */
+ unsigned long reserved3; /* future scalar */
+ void *reserved4; /* future pointer */
+ void *reserved5; /* future expansion pointer */
+};
+
+struct PK11MergeLogStr {
+ PK11MergeLogNode *head;
+ PK11MergeLogNode *tail;
+ PLArenaPool *arena;
+ int version;
+ unsigned long reserved1;
+ unsigned long reserved2;
+ unsigned long reserved3;
+ void *reserverd4;
+ void *reserverd5;
+};
+
+#endif /*_SECMODT_H_ */
diff --git a/security/nss/lib/pk11wrap/secmodti.h b/security/nss/lib/pk11wrap/secmodti.h
new file mode 100644
index 000000000..520165573
--- /dev/null
+++ b/security/nss/lib/pk11wrap/secmodti.h
@@ -0,0 +1,183 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal header file included only by files in pkcs11 dir, or in
+ * pkcs11 specific client and server files.
+ */
+
+#ifndef _SECMODTI_H_
+#define _SECMODTI_H_ 1
+#include "prmon.h"
+#include "prtypes.h"
+#include "nssilckt.h"
+#include "secmodt.h"
+#include "pkcs11t.h"
+
+#include "nssdevt.h"
+
+/* internal data structures */
+
+/* Traverse slots callback */
+typedef struct pk11TraverseSlotStr {
+ SECStatus (*callback)(PK11SlotInfo *, CK_OBJECT_HANDLE, void *);
+ void *callbackArg;
+ CK_ATTRIBUTE *findTemplate;
+ int templateCount;
+} pk11TraverseSlot;
+
+/* represent a pkcs#11 slot reference counted. */
+struct PK11SlotInfoStr {
+ /* the PKCS11 function list for this slot */
+ void *functionList;
+ SECMODModule *module; /* our parent module */
+ /* Boolean to indicate the current state of this slot */
+ PRBool needTest; /* Has this slot been tested for Export complience */
+ PRBool isPerm; /* is this slot a permanment device */
+ PRBool isHW; /* is this slot a hardware device */
+ PRBool isInternal; /* is this slot one of our internal PKCS #11 devices */
+ PRBool disabled; /* is this slot disabled... */
+ PK11DisableReasons reason; /* Why this slot is disabled */
+ PRBool readOnly; /* is the token in this slot read-only */
+ PRBool needLogin; /* does the token of the type that needs
+ * authentication (still true even if token is logged
+ * in) */
+ PRBool hasRandom; /* can this token generated random numbers */
+ PRBool defRWSession; /* is the default session RW (we open our default
+ * session rw if the token can only handle one session
+ * at a time. */
+ PRBool isThreadSafe; /* copied from the module */
+ /* The actual flags (many of which are distilled into the above PRBools) */
+ CK_FLAGS flags; /* flags from PKCS #11 token Info */
+ /* a default session handle to do quick and dirty functions */
+ CK_SESSION_HANDLE session;
+ PZLock *sessionLock; /* lock for this session */
+ /* our ID */
+ CK_SLOT_ID slotID;
+ /* persistant flags saved from startup to startup */
+ unsigned long defaultFlags;
+ /* keep track of who is using us so we don't accidently get freed while
+ * still in use */
+ PRInt32 refCount; /* to be in/decremented by atomic calls ONLY! */
+ PZLock *freeListLock;
+ PK11SymKey *freeSymKeysWithSessionHead;
+ PK11SymKey *freeSymKeysHead;
+ int keyCount;
+ int maxKeyCount;
+ /* Password control functions for this slot. many of these are only
+ * active if the appropriate flag is on in defaultFlags */
+ int askpw; /* what our password options are */
+ int timeout; /* If we're ask_timeout, what is our timeout time is
+ * seconds */
+ int authTransact; /* allow multiple authentications off one password if
+ * they are all part of the same transaction */
+ PRTime authTime; /* when were we last authenticated */
+ int minPassword; /* smallest legal password */
+ int maxPassword; /* largest legal password */
+ PRUint16 series; /* break up the slot info into various groups of
+ * inserted tokens so that keys and certs can be
+ * invalidated */
+ PRUint16 flagSeries; /* record the last series for the last event
+ * returned for this slot */
+ PRBool flagState; /* record the state of the last event returned for this
+ * slot. */
+ PRUint16 wrapKey; /* current wrapping key for SSL master secrets */
+ CK_MECHANISM_TYPE wrapMechanism;
+ /* current wrapping mechanism for current wrapKey */
+ CK_OBJECT_HANDLE refKeys[1]; /* array of existing wrapping keys for */
+ CK_MECHANISM_TYPE *mechanismList; /* list of mechanism supported by this
+ * token */
+ int mechanismCount;
+ /* cache the certificates stored on the token of this slot */
+ CERTCertificate **cert_array;
+ int array_size;
+ int cert_count;
+ char serial[16];
+ /* since these are odd sizes, keep them last. They are odd sizes to
+ * allow them to become null terminated strings */
+ char slot_name[65];
+ char token_name[33];
+ PRBool hasRootCerts;
+ PRBool hasRootTrust;
+ PRBool hasRSAInfo;
+ CK_FLAGS RSAInfoFlags;
+ PRBool protectedAuthPath;
+ PRBool isActiveCard;
+ PRIntervalTime lastLoginCheck;
+ unsigned int lastState;
+ /* for Stan */
+ NSSToken *nssToken;
+ /* fast mechanism lookup */
+ char mechanismBits[256];
+};
+
+/* Symetric Key structure. Reference Counted */
+struct PK11SymKeyStr {
+ CK_MECHANISM_TYPE type; /* type of operation this key was created for*/
+ CK_OBJECT_HANDLE objectID; /* object id of this key in the slot */
+ PK11SlotInfo *slot; /* Slot this key is loaded into */
+ void *cx; /* window context in case we need to loggin */
+ PK11SymKey *next;
+ PRBool owner;
+ SECItem data; /* raw key data if available */
+ CK_SESSION_HANDLE session;
+ PRBool sessionOwner;
+ PRInt32 refCount; /* number of references to this key */
+ int size; /* key size in bytes */
+ PK11Origin origin; /* where this key came from
+ * (see def in secmodt.h) */
+ PK11SymKey *parent; /* potential owner key of the session */
+ PRUint16 series; /* break up the slot info into various groups
+ * of inserted tokens so that keys and certs
+ * can be invalidated */
+ void *userData; /* random data the application can attach to
+ * this key */
+ PK11FreeDataFunc freeFunc; /* function to free the user data */
+};
+
+/*
+ * hold a hash, encryption or signing context for multi-part operations.
+ * hold enough information so that multiple contexts can be interleaved
+ * if necessary. ... Not RefCounted.
+ */
+struct PK11ContextStr {
+ CK_ATTRIBUTE_TYPE operation; /* type of operation this context is doing
+ * (CKA_ENCRYPT, CKA_SIGN, CKA_HASH, etc. */
+ PK11SymKey *key; /* symetric key used in this context */
+ PK11SlotInfo *slot; /* slot this context is operationing on */
+ CK_SESSION_HANDLE session; /* session this context is using */
+ PZLock *sessionLock; /* lock before accessing a PKCS #11
+ * session */
+ PRBool ownSession; /* do we own the session? */
+ void *cx; /* window context in case we need to loggin*/
+ void *savedData; /* save data when we are multiplexing on a
+ * single context */
+ unsigned long savedLength; /* length of the saved context */
+ SECItem *param; /* mechanism parameters used to build this
+ context */
+ PRBool init; /* has this contexted been initialized */
+ CK_MECHANISM_TYPE type; /* what is the PKCS #11 this context is
+ * representing (usually what algorithm is
+ * being used (CKM_RSA_PKCS, CKM_DES,
+ * CKM_SHA, etc.*/
+ PRBool fortezzaHack; /* Fortezza SSL has some special
+ * non-standard semantics*/
+};
+
+/*
+ * structure to hold a pointer to a unique PKCS #11 object
+ * (pointer to the slot and the object id).
+ */
+struct PK11GenericObjectStr {
+ PK11GenericObject *prev;
+ PK11GenericObject *next;
+ PK11SlotInfo *slot;
+ CK_OBJECT_HANDLE objectID;
+};
+
+#define MAX_TEMPL_ATTRS 16 /* maximum attributes in template */
+
+/* This mask includes all CK_FLAGs with an equivalent CKA_ attribute. */
+#define CKF_KEY_OPERATION_FLAGS 0x000e7b00UL
+
+#endif /* _SECMODTI_H_ */
diff --git a/security/nss/lib/pk11wrap/secpkcs5.h b/security/nss/lib/pk11wrap/secpkcs5.h
new file mode 100644
index 000000000..57856767b
--- /dev/null
+++ b/security/nss/lib/pk11wrap/secpkcs5.h
@@ -0,0 +1,61 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _SECPKCS5_H_
+#define _SECPKCS5_H_
+#include "seccomon.h"
+#include "secmodt.h"
+
+/* used for V2 PKCS 12 Draft Spec */
+typedef enum {
+ pbeBitGenIDNull = 0,
+ pbeBitGenCipherKey = 0x01,
+ pbeBitGenCipherIV = 0x02,
+ pbeBitGenIntegrityKey = 0x03
+} PBEBitGenID;
+
+typedef struct PBEBitGenContextStr PBEBitGenContext;
+
+SEC_BEGIN_PROTOS
+
+/* private */
+SECAlgorithmID *
+sec_pkcs5CreateAlgorithmID(SECOidTag algorithm, SECOidTag cipherAlgorithm,
+ SECOidTag prfAlg, SECOidTag *pPbeAlgorithm,
+ int keyLengh, SECItem *salt, int iteration);
+
+/* Get the initialization vector. The password is passed in, hashing
+ * is performed, and the initialization vector is returned.
+ * algid is a pointer to a PBE algorithm ID
+ * pwitem is the password
+ * If an error occurs or the algorithm id is not a PBE algrithm,
+ * NULL is returned. Otherwise, the iv is returned in a secitem.
+ */
+SECItem *
+SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES);
+
+SECOidTag SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid);
+PRBool SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid);
+PRBool SEC_PKCS5IsAlgorithmPBEAlgTag(SECOidTag algTag);
+SECOidTag SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen);
+int SEC_PKCS5GetKeyLength(SECAlgorithmID *algid);
+
+/**********************************************************************
+ * Deprecated PBE functions. Use the PBE functions in pk11func.h
+ * instead.
+ **********************************************************************/
+
+PBEBitGenContext *
+PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
+ SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
+ unsigned int iterations);
+
+void
+PBE_DestroyContext(PBEBitGenContext *context);
+
+SECItem *
+PBE_GenerateBits(PBEBitGenContext *context);
+
+SEC_END_PROTOS
+
+#endif /* _SECPKS5_H_ */
diff --git a/security/nss/lib/pkcs12/Makefile b/security/nss/lib/pkcs12/Makefile
new file mode 100644
index 000000000..8149184b4
--- /dev/null
+++ b/security/nss/lib/pkcs12/Makefile
@@ -0,0 +1,49 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+
diff --git a/security/nss/lib/pkcs12/config.mk b/security/nss/lib/pkcs12/config.mk
new file mode 100644
index 000000000..dc39ee4d6
--- /dev/null
+++ b/security/nss/lib/pkcs12/config.mk
@@ -0,0 +1,16 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/pkcs12/exports.gyp b/security/nss/lib/pkcs12/exports.gyp
new file mode 100644
index 000000000..274ef68d6
--- /dev/null
+++ b/security/nss/lib/pkcs12/exports.gyp
@@ -0,0 +1,29 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_pkcs12_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'p12.h',
+ 'p12plcy.h',
+ 'p12t.h',
+ 'pkcs12.h',
+ 'pkcs12t.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/pkcs12/manifest.mn b/security/nss/lib/pkcs12/manifest.mn
new file mode 100644
index 000000000..26166ec32
--- /dev/null
+++ b/security/nss/lib/pkcs12/manifest.mn
@@ -0,0 +1,31 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ pkcs12t.h \
+ pkcs12.h \
+ p12plcy.h \
+ p12.h \
+ p12t.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ p12local.c \
+ p12creat.c \
+ p12dec.c \
+ p12plcy.c \
+ p12tmpl.c \
+ p12e.c \
+ p12d.c \
+ $(NULL)
+
+LIBRARY_NAME = pkcs12
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/pkcs12/p12.h b/security/nss/lib/pkcs12/p12.h
new file mode 100644
index 000000000..118db6efa
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12.h
@@ -0,0 +1,236 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _P12_H_
+#define _P12_H_
+
+#include "secoid.h"
+#include "key.h"
+#include "secpkcs7.h"
+#include "p12t.h"
+
+typedef int(PR_CALLBACK *PKCS12OpenFunction)(void *arg);
+typedef int(PR_CALLBACK *PKCS12ReadFunction)(void *arg,
+ unsigned char *buffer,
+ unsigned int *lenRead,
+ unsigned int maxLen);
+typedef int(PR_CALLBACK *PKCS12WriteFunction)(void *arg,
+ unsigned char *buffer,
+ unsigned int *bufLen,
+ unsigned int *lenWritten);
+typedef int(PR_CALLBACK *PKCS12CloseFunction)(void *arg);
+typedef SECStatus(PR_CALLBACK *PKCS12UnicodeConvertFunction)(
+ PLArenaPool *arena,
+ SECItem *dest, SECItem *src,
+ PRBool toUnicode,
+ PRBool swapBytes);
+typedef void(PR_CALLBACK *SEC_PKCS12EncoderOutputCallback)(
+ void *arg, const char *buf,
+ unsigned long len);
+typedef void(PR_CALLBACK *SEC_PKCS12DecoderOutputCallback)(
+ void *arg, const char *buf,
+ unsigned long len);
+/*
+ * In NSS 3.12 or later, 'arg' actually points to a CERTCertificate,
+ * the 'leafCert' variable in sec_pkcs12_validate_cert in p12d.c.
+ * See r1.35 of p12d.c ("Patch 2" in bug 321584).
+ *
+ * This callback might be called by SEC_PKCS12DecoderValidateBags each time
+ * a nickname collission is detected. The callback must return a new
+ * nickname. The returned SECItem should be of type siAsciiString,
+ * it should be allocated using:
+ * SECITEM_AllocItem(NULL, NULL, LENGTH_OF_NEW_NICKNAME + 1)
+ * and data must contain the new nickname as a zero terminated string.
+ */
+typedef SECItem *(PR_CALLBACK *SEC_PKCS12NicknameCollisionCallback)(
+ SECItem *old_nickname,
+ PRBool *cancel,
+ void *arg);
+/*
+ * This callback is called by SEC_PKCS12DecoderRenameCertNicknames for each
+ * certificate found in the p12 source data.
+ *
+ * cert: A decoded certificate.
+ * default_nickname: The nickname as found in the source data.
+ * Will be NULL if source data doesn't have nickname.
+ * new_nickname: Output parameter that may contain the renamed nickname.
+ * arg: The user data that was passed to SEC_PKCS12DecoderRenameCertNicknames.
+ *
+ * If the callback accept that NSS will use a nickname based on the
+ * default_nickname (potentially resolving conflicts), then the callback
+ * must set *new_nickname to NULL.
+ *
+ * If the callback wishes to override the nickname, it must set *new_nickname
+ * to a new SECItem which should be allocated using
+ * SECITEM_AllocItem(NULL, NULL, LENGTH_OF_NEW_NICKNAME + 1)
+ * new_nickname->type should be set to siAsciiString, and new_nickname->data
+ * must contain the new nickname as a zero terminated string.
+ *
+ * A return value of SECFailure indicates that the renaming operation failed,
+ * and callback should release new_nickname before returning if it's already
+ * being allocated.
+ * Otherwise, the callback function must return SECSuccess, including use
+ * default nickname as mentioned above.
+ */
+typedef SECStatus(PR_CALLBACK *SEC_PKCS12NicknameRenameCallback)(
+ const CERTCertificate *cert,
+ const SECItem *default_nickname,
+ SECItem **new_nickname,
+ void *arg);
+
+typedef SECStatus(PR_CALLBACK *digestOpenFn)(void *arg, PRBool readData);
+typedef SECStatus(PR_CALLBACK *digestCloseFn)(void *arg, PRBool removeFile);
+typedef int(PR_CALLBACK *digestIOFn)(void *arg, unsigned char *buf,
+ unsigned long len);
+
+typedef struct SEC_PKCS12ExportContextStr SEC_PKCS12ExportContext;
+typedef struct SEC_PKCS12SafeInfoStr SEC_PKCS12SafeInfo;
+typedef struct SEC_PKCS12DecoderContextStr SEC_PKCS12DecoderContext;
+typedef struct SEC_PKCS12DecoderItemStr SEC_PKCS12DecoderItem;
+
+struct sec_PKCS12PasswordModeInfo {
+ SECItem *password;
+ SECOidTag algorithm;
+};
+
+struct sec_PKCS12PublicKeyModeInfo {
+ CERTCertificate *cert;
+ CERTCertDBHandle *certDb;
+ SECOidTag algorithm;
+ int keySize;
+};
+
+struct SEC_PKCS12DecoderItemStr {
+ SECItem *der;
+ SECOidTag type;
+ PRBool hasKey;
+ SECItem *friendlyName; /* UTF-8 string */
+ SECAlgorithmID *shroudAlg;
+};
+
+SEC_BEGIN_PROTOS
+
+SEC_PKCS12SafeInfo *
+SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
+ CERTCertDBHandle *certDb,
+ CERTCertificate *signer,
+ CERTCertificate **recipients,
+ SECOidTag algorithm, int keysize);
+
+extern SEC_PKCS12SafeInfo *
+SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
+ SECItem *pwitem, SECOidTag privAlg);
+
+extern SEC_PKCS12SafeInfo *
+SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt);
+
+extern SECStatus
+SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
+ SECItem *pwitem, SECOidTag integAlg);
+extern SECStatus
+SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ SECOidTag algorithm, int keySize);
+
+extern SEC_PKCS12ExportContext *
+SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
+ PK11SlotInfo *slot, void *wincx);
+
+extern SECStatus
+SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt,
+ SEC_PKCS12SafeInfo *safe, void *nestedDest,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ SECItem *keyId, PRBool includeCertChain);
+
+extern SECStatus
+SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt,
+ SEC_PKCS12SafeInfo *safe,
+ void *nestedDest, CERTCertificate *cert,
+ PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
+ SECItem *keyId, SECItem *nickName);
+
+extern SECStatus
+SEC_PKCS12AddCertOrChainAndKey(SEC_PKCS12ExportContext *p12ctxt,
+ void *certSafe, void *certNestedDest,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ void *keySafe, void *keyNestedDest, PRBool shroudKey,
+ SECItem *pwitem, SECOidTag algorithm,
+ PRBool includeCertChain);
+
+extern SECStatus
+SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
+ void *certSafe, void *certNestedDest,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ void *keySafe, void *keyNestedDest,
+ PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm);
+
+extern void *
+SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
+ void *baseSafe, void *nestedDest);
+
+extern SECStatus
+SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
+ SEC_PKCS12EncoderOutputCallback output, void *outputarg);
+
+extern void
+SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12exp);
+
+extern SEC_PKCS12DecoderContext *
+SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
+ digestOpenFn dOpen, digestCloseFn dClose,
+ digestIOFn dRead, digestIOFn dWrite, void *dArg);
+
+extern SECStatus
+SEC_PKCS12DecoderSetTargetTokenCAs(SEC_PKCS12DecoderContext *p12dcx,
+ SECPKCS12TargetTokenCAs tokenCAs);
+
+extern SECStatus
+SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx, unsigned char *data,
+ unsigned long len);
+
+extern void
+SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx);
+
+extern SECStatus
+SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx);
+
+extern SECStatus
+SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
+ SEC_PKCS12NicknameCollisionCallback nicknameCb);
+
+/*
+ * SEC_PKCS12DecoderRenameCertNicknames() can be used to change
+ * certificate nicknames in SEC_PKCS12DecoderContext, prior to calling
+ * SEC_PKCS12DecoderImportBags.
+ *
+ * arg: User-defined data that will be passed to nicknameCb.
+ *
+ * If SEC_PKCS12DecoderRenameCertNicknames() is called after calling
+ * SEC_PKCS12DecoderValidateBags(), then only the certificate nickname
+ * will be changed.
+ * If SEC_PKCS12DecoderRenameCertNicknames() is called prior to calling
+ * SEC_PKCS12DecoderValidateBags(), then SEC_PKCS12DecoderValidateBags()
+ * will change the nickname of the corresponding private key, too.
+ */
+extern SECStatus
+SEC_PKCS12DecoderRenameCertNicknames(SEC_PKCS12DecoderContext *p12dcx,
+ SEC_PKCS12NicknameRenameCallback nicknameCb,
+ void *arg);
+
+extern SECStatus
+SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx);
+
+CERTCertList *
+SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx);
+
+SECStatus
+SEC_PKCS12DecoderIterateInit(SEC_PKCS12DecoderContext *p12dcx);
+
+SECStatus
+SEC_PKCS12DecoderIterateNext(SEC_PKCS12DecoderContext *p12dcx,
+ const SEC_PKCS12DecoderItem **ipp);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pkcs12/p12creat.c b/security/nss/lib/pkcs12/p12creat.c
new file mode 100644
index 000000000..7cc72cf15
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12creat.c
@@ -0,0 +1,218 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkcs12.h"
+#include "secitem.h"
+#include "secport.h"
+#include "secder.h"
+#include "secoid.h"
+#include "p12local.h"
+#include "secerr.h"
+
+/* allocate space for a PFX structure and set up initial
+ * arena pool. pfx structure is cleared and a pointer to
+ * the new structure is returned.
+ */
+SEC_PKCS12PFXItem *
+sec_pkcs12_new_pfx(void)
+{
+ SEC_PKCS12PFXItem *pfx = NULL;
+ PLArenaPool *poolp = NULL;
+
+ poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); /* XXX Different size? */
+ if (poolp == NULL)
+ goto loser;
+
+ pfx = (SEC_PKCS12PFXItem *)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12PFXItem));
+ if (pfx == NULL)
+ goto loser;
+ pfx->poolp = poolp;
+
+ return pfx;
+
+loser:
+ PORT_FreeArena(poolp, PR_TRUE);
+ return NULL;
+}
+
+/* allocate space for a PFX structure and set up initial
+ * arena pool. pfx structure is cleared and a pointer to
+ * the new structure is returned.
+ */
+SEC_PKCS12AuthenticatedSafe *
+sec_pkcs12_new_asafe(PLArenaPool *poolp)
+{
+ SEC_PKCS12AuthenticatedSafe *asafe = NULL;
+ void *mark;
+
+ mark = PORT_ArenaMark(poolp);
+ asafe = (SEC_PKCS12AuthenticatedSafe *)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12AuthenticatedSafe));
+ if (asafe == NULL)
+ goto loser;
+ asafe->poolp = poolp;
+ PORT_Memset(&asafe->old_baggage, 0, sizeof(SEC_PKCS12Baggage_OLD));
+
+ PORT_ArenaUnmark(poolp, mark);
+ return asafe;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/* create a safe contents structure with a list of
+ * length 0 with the first element being NULL
+ */
+SEC_PKCS12SafeContents *
+sec_pkcs12_create_safe_contents(PLArenaPool *poolp)
+{
+ SEC_PKCS12SafeContents *safe;
+ void *mark;
+
+ if (poolp == NULL)
+ return NULL;
+
+ /* allocate structure */
+ mark = PORT_ArenaMark(poolp);
+ safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12SafeContents));
+ if (safe == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+ }
+
+ /* init list */
+ safe->contents = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12SafeBag *));
+ if (safe->contents == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+ }
+ safe->contents[0] = NULL;
+ safe->poolp = poolp;
+ safe->safe_size = 0;
+ PORT_ArenaUnmark(poolp, mark);
+ return safe;
+}
+
+/* create a new external bag which is appended onto the list
+ * of bags in baggage. the bag is created in the same arena
+ * as baggage
+ */
+SEC_PKCS12BaggageItem *
+sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage)
+{
+ void *dummy, *mark;
+ SEC_PKCS12BaggageItem *bag;
+
+ if (luggage == NULL) {
+ return NULL;
+ }
+
+ mark = PORT_ArenaMark(luggage->poolp);
+
+ /* allocate space for null terminated bag list */
+ if (luggage->bags == NULL) {
+ luggage->bags = (SEC_PKCS12BaggageItem **)PORT_ArenaZAlloc(luggage->poolp,
+ sizeof(SEC_PKCS12BaggageItem *));
+ if (luggage->bags == NULL) {
+ goto loser;
+ }
+ luggage->luggage_size = 0;
+ }
+
+ /* grow the list */
+ dummy = PORT_ArenaGrow(luggage->poolp, luggage->bags,
+ sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 1),
+ sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 2));
+ if (dummy == NULL) {
+ goto loser;
+ }
+ luggage->bags = (SEC_PKCS12BaggageItem **)dummy;
+
+ luggage->bags[luggage->luggage_size] =
+ (SEC_PKCS12BaggageItem *)PORT_ArenaZAlloc(luggage->poolp,
+ sizeof(SEC_PKCS12BaggageItem));
+ if (luggage->bags[luggage->luggage_size] == NULL) {
+ goto loser;
+ }
+
+ /* create new bag and append it to the end */
+ bag = luggage->bags[luggage->luggage_size];
+ bag->espvks = (SEC_PKCS12ESPVKItem **)PORT_ArenaZAlloc(
+ luggage->poolp,
+ sizeof(SEC_PKCS12ESPVKItem *));
+ bag->unencSecrets = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(
+ luggage->poolp,
+ sizeof(SEC_PKCS12SafeBag *));
+ if ((bag->espvks == NULL) || (bag->unencSecrets == NULL)) {
+ goto loser;
+ }
+
+ bag->poolp = luggage->poolp;
+ luggage->luggage_size++;
+ luggage->bags[luggage->luggage_size] = NULL;
+ bag->espvks[0] = NULL;
+ bag->unencSecrets[0] = NULL;
+ bag->nEspvks = bag->nSecrets = 0;
+
+ PORT_ArenaUnmark(luggage->poolp, mark);
+ return bag;
+
+loser:
+ PORT_ArenaRelease(luggage->poolp, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+}
+
+/* creates a baggage witha NULL terminated 0 length list */
+SEC_PKCS12Baggage *
+sec_pkcs12_create_baggage(PLArenaPool *poolp)
+{
+ SEC_PKCS12Baggage *luggage;
+ void *mark;
+
+ if (poolp == NULL)
+ return NULL;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* allocate bag */
+ luggage = (SEC_PKCS12Baggage *)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12Baggage));
+ if (luggage == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+ }
+
+ /* init list */
+ luggage->bags = (SEC_PKCS12BaggageItem **)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12BaggageItem *));
+ if (luggage->bags == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+ }
+
+ luggage->bags[0] = NULL;
+ luggage->luggage_size = 0;
+ luggage->poolp = poolp;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return luggage;
+}
+
+/* free pfx structure and associated items in the arena */
+void
+SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx)
+{
+ if (pfx != NULL && pfx->poolp != NULL) {
+ PORT_FreeArena(pfx->poolp, PR_TRUE);
+ }
+}
diff --git a/security/nss/lib/pkcs12/p12d.c b/security/nss/lib/pkcs12/p12d.c
new file mode 100644
index 000000000..d0b647615
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12d.c
@@ -0,0 +1,3576 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssrenam.h"
+#include "p12t.h"
+#include "p12.h"
+#include "plarena.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "seccomon.h"
+#include "secport.h"
+#include "cert.h"
+#include "secpkcs7.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "pk11func.h"
+#include "p12plcy.h"
+#include "p12local.h"
+#include "secder.h"
+#include "secport.h"
+
+#include "certdb.h"
+
+#include "prcpucfg.h"
+
+/* This belongs in secport.h */
+#define PORT_ArenaGrowArray(poolp, oldptr, type, oldnum, newnum) \
+ (type *)PORT_ArenaGrow((poolp), (oldptr), \
+ (oldnum) * sizeof(type), (newnum) * sizeof(type))
+
+typedef struct sec_PKCS12SafeContentsContextStr sec_PKCS12SafeContentsContext;
+
+/* Opaque structure for decoding SafeContents. These are used
+ * for each authenticated safe as well as any nested safe contents.
+ */
+struct sec_PKCS12SafeContentsContextStr {
+ /* the parent decoder context */
+ SEC_PKCS12DecoderContext *p12dcx;
+
+ /* memory arena to allocate space from */
+ PLArenaPool *arena;
+
+ /* decoder context and destination for decoding safe contents */
+ SEC_ASN1DecoderContext *safeContentsA1Dcx;
+ sec_PKCS12SafeContents safeContents;
+
+ /* information for decoding safe bags within the safe contents.
+ * these variables are updated for each safe bag decoded.
+ */
+ SEC_ASN1DecoderContext *currentSafeBagA1Dcx;
+ sec_PKCS12SafeBag *currentSafeBag;
+ PRBool skipCurrentSafeBag;
+
+ /* if the safe contents is nested, the parent is pointed to here. */
+ sec_PKCS12SafeContentsContext *nestedSafeContentsCtx;
+};
+
+/* opaque decoder context structure. information for decoding a pkcs 12
+ * PDU are stored here as well as decoding pointers for intermediary
+ * structures which are part of the PKCS 12 PDU. Upon a successful
+ * decode, the safe bags containing certificates and keys encountered.
+ */
+struct SEC_PKCS12DecoderContextStr {
+ PLArenaPool *arena;
+ PK11SlotInfo *slot;
+ void *wincx;
+ PRBool error;
+ int errorValue;
+
+ /* password */
+ SECItem *pwitem;
+
+ /* used for decoding the PFX structure */
+ SEC_ASN1DecoderContext *pfxA1Dcx;
+ sec_PKCS12PFXItem pfx;
+
+ /* safe bags found during decoding */
+ sec_PKCS12SafeBag **safeBags;
+ unsigned int safeBagCount;
+
+ /* state variables for decoding authenticated safes. */
+ SEC_PKCS7DecoderContext *currentASafeP7Dcx;
+ SEC_ASN1DecoderContext *aSafeA1Dcx;
+ SEC_PKCS7DecoderContext *aSafeP7Dcx;
+ SEC_PKCS7ContentInfo *aSafeCinfo;
+ sec_PKCS12AuthenticatedSafe authSafe;
+ sec_PKCS12SafeContents safeContents;
+
+ /* safe contents info */
+ unsigned int safeContentsCnt;
+ sec_PKCS12SafeContentsContext **safeContentsList;
+
+ /* HMAC info */
+ sec_PKCS12MacData macData;
+
+ /* routines for reading back the data to be hmac'd */
+ /* They are called as follows.
+ *
+ * Stage 1: decode the aSafes cinfo into a buffer in dArg,
+ * which p12d.c sometimes refers to as the "temp file".
+ * This occurs during SEC_PKCS12DecoderUpdate calls.
+ *
+ * dOpen(dArg, PR_FALSE)
+ * dWrite(dArg, buf, len)
+ * ...
+ * dWrite(dArg, buf, len)
+ * dClose(dArg, PR_FALSE)
+ *
+ * Stage 2: verify MAC
+ * This occurs SEC_PKCS12DecoderVerify.
+ *
+ * dOpen(dArg, PR_TRUE)
+ * dRead(dArg, buf, IN_BUF_LEN)
+ * ...
+ * dRead(dArg, buf, IN_BUF_LEN)
+ * dClose(dArg, PR_TRUE)
+ */
+ digestOpenFn dOpen;
+ digestCloseFn dClose;
+ digestIOFn dRead, dWrite;
+ void *dArg;
+ PRBool dIsOpen; /* is the temp file created? */
+
+ /* helper functions */
+ SECKEYGetPasswordKey pwfn;
+ void *pwfnarg;
+ PRBool swapUnicodeBytes;
+
+ /* import information */
+ PRBool bagsVerified;
+
+ /* buffer management for the default callbacks implementation */
+ void *buffer; /* storage area */
+ PRInt32 filesize; /* actual data size */
+ PRInt32 allocated; /* total buffer size allocated */
+ PRInt32 currentpos; /* position counter */
+ SECPKCS12TargetTokenCAs tokenCAs;
+ sec_PKCS12SafeBag **keyList; /* used by ...IterateNext() */
+ unsigned int iteration;
+ SEC_PKCS12DecoderItem decitem;
+};
+
+/* forward declarations of functions that are used when decoding
+ * safeContents bags which are nested and when decoding the
+ * authenticatedSafes.
+ */
+static SECStatus
+sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext
+ *safeContentsCtx);
+static SECStatus
+sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
+ *safeContentsCtx);
+
+/* make sure that the PFX version being decoded is a version
+ * which we support.
+ */
+static PRBool
+sec_pkcs12_proper_version(sec_PKCS12PFXItem *pfx)
+{
+ /* if no version, assume it is not supported */
+ if (pfx->version.len == 0) {
+ return PR_FALSE;
+ }
+
+ if (DER_GetInteger(&pfx->version) > SEC_PKCS12_VERSION) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+/* retrieve the key for decrypting the safe contents */
+static PK11SymKey *
+sec_pkcs12_decoder_get_decrypt_key(void *arg, SECAlgorithmID *algid)
+{
+ SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext *)arg;
+ PK11SlotInfo *slot;
+ PK11SymKey *bulkKey;
+
+ if (!p12dcx) {
+ return NULL;
+ }
+
+ /* if no slot specified, use the internal key slot */
+ if (p12dcx->slot) {
+ slot = PK11_ReferenceSlot(p12dcx->slot);
+ } else {
+ slot = PK11_GetInternalKeySlot();
+ }
+
+ bulkKey = PK11_PBEKeyGen(slot, algid, p12dcx->pwitem,
+ PR_FALSE, p12dcx->wincx);
+ /* some tokens can't generate PBE keys on their own, generate the
+ * key in the internal slot, and let the Import code deal with it,
+ * (if the slot can't generate PBEs, then we need to use the internal
+ * slot anyway to unwrap). */
+ if (!bulkKey && !PK11_IsInternal(slot)) {
+ PK11_FreeSlot(slot);
+ slot = PK11_GetInternalKeySlot();
+ bulkKey = PK11_PBEKeyGen(slot, algid, p12dcx->pwitem,
+ PR_FALSE, p12dcx->wincx);
+ }
+ PK11_FreeSlot(slot);
+
+ /* set the password data on the key */
+ if (bulkKey) {
+ PK11_SetSymKeyUserData(bulkKey, p12dcx->pwitem, NULL);
+ }
+
+ return bulkKey;
+}
+
+/* XXX this needs to be modified to handle enveloped data. most
+ * likely, it should mirror the routines for SMIME in that regard.
+ */
+static PRBool
+sec_pkcs12_decoder_decryption_allowed(SECAlgorithmID *algid,
+ PK11SymKey *bulkkey)
+{
+ PRBool decryptionAllowed = SEC_PKCS12DecryptionAllowed(algid);
+
+ if (!decryptionAllowed) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+/* when we encounter a new safe bag during the decoding, we need
+ * to allocate space for the bag to be decoded to and set the
+ * state variables appropriately. all of the safe bags are allocated
+ * in a buffer in the outer SEC_PKCS12DecoderContext, however,
+ * a pointer to the safeBag is also used in the sec_PKCS12SafeContentsContext
+ * for the current bag.
+ */
+static SECStatus
+sec_pkcs12_decoder_init_new_safe_bag(sec_PKCS12SafeContentsContext
+ *safeContentsCtx)
+{
+ void *mark = NULL;
+ SEC_PKCS12DecoderContext *p12dcx;
+
+ /* make sure that the structures are defined, and there has
+ * not been an error in the decoding
+ */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx || safeContentsCtx->p12dcx->error) {
+ return SECFailure;
+ }
+
+ p12dcx = safeContentsCtx->p12dcx;
+ mark = PORT_ArenaMark(p12dcx->arena);
+
+ /* allocate a new safe bag, if bags already exist, grow the
+ * list of bags, otherwise allocate a new list. the list is
+ * NULL terminated.
+ */
+ p12dcx->safeBags = (!p12dcx->safeBagCount)
+ ? PORT_ArenaZNewArray(p12dcx->arena, sec_PKCS12SafeBag *, 2)
+ : PORT_ArenaGrowArray(p12dcx->arena, p12dcx->safeBags,
+ sec_PKCS12SafeBag *, p12dcx->safeBagCount + 1,
+ p12dcx->safeBagCount + 2);
+
+ if (!p12dcx->safeBags) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ /* append the bag to the end of the list and update the reference
+ * in the safeContentsCtx.
+ */
+ p12dcx->safeBags[p12dcx->safeBagCount] =
+ safeContentsCtx->currentSafeBag =
+ PORT_ArenaZNew(p12dcx->arena, sec_PKCS12SafeBag);
+ if (!safeContentsCtx->currentSafeBag) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ p12dcx->safeBags[++p12dcx->safeBagCount] = NULL;
+
+ safeContentsCtx->currentSafeBag->slot = safeContentsCtx->p12dcx->slot;
+ safeContentsCtx->currentSafeBag->pwitem = safeContentsCtx->p12dcx->pwitem;
+ safeContentsCtx->currentSafeBag->swapUnicodeBytes =
+ safeContentsCtx->p12dcx->swapUnicodeBytes;
+ safeContentsCtx->currentSafeBag->arena = safeContentsCtx->p12dcx->arena;
+ safeContentsCtx->currentSafeBag->tokenCAs =
+ safeContentsCtx->p12dcx->tokenCAs;
+
+ PORT_ArenaUnmark(p12dcx->arena, mark);
+ return SECSuccess;
+
+loser:
+
+ /* if an error occurred, release the memory and set the error flag
+ * the only possible errors triggered by this function are memory
+ * related.
+ */
+ if (mark) {
+ PORT_ArenaRelease(p12dcx->arena, mark);
+ }
+
+ p12dcx->error = PR_TRUE;
+ return SECFailure;
+}
+
+/* A wrapper for updating the ASN1 context in which a safeBag is
+ * being decoded. This function is called as a callback from
+ * secasn1d when decoding SafeContents structures.
+ */
+static void
+sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data,
+ unsigned long len, int depth,
+ SEC_ASN1EncodingPart data_kind)
+{
+ sec_PKCS12SafeContentsContext *safeContentsCtx =
+ (sec_PKCS12SafeContentsContext *)arg;
+ SEC_PKCS12DecoderContext *p12dcx;
+ SECStatus rv;
+
+ /* make sure that we are not skipping the current safeBag,
+ * and that there are no errors. If so, just return rather
+ * than continuing to process.
+ */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error || safeContentsCtx->skipCurrentSafeBag) {
+ return;
+ }
+ p12dcx = safeContentsCtx->p12dcx;
+
+ rv = SEC_ASN1DecoderUpdate(safeContentsCtx->currentSafeBagA1Dcx, data, len);
+ if (rv != SECSuccess) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ return;
+
+loser:
+ /* set the error, and finish the decoder context. because there
+ * is not a way of returning an error message, it may be worth
+ * while to do a check higher up and finish any decoding contexts
+ * that are still open.
+ */
+ p12dcx->error = PR_TRUE;
+ SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagA1Dcx);
+ safeContentsCtx->currentSafeBagA1Dcx = NULL;
+ return;
+}
+
+/* notify function for decoding safeBags. This function is
+ * used to filter safeBag types which are not supported,
+ * initiate the decoding of nested safe contents, and decode
+ * safeBags in general. this function is set when the decoder
+ * context for the safeBag is first created.
+ */
+static void
+sec_pkcs12_decoder_safe_bag_notify(void *arg, PRBool before,
+ void *dest, int real_depth)
+{
+ sec_PKCS12SafeContentsContext *safeContentsCtx =
+ (sec_PKCS12SafeContentsContext *)arg;
+ SEC_PKCS12DecoderContext *p12dcx;
+ sec_PKCS12SafeBag *bag;
+ PRBool after;
+
+ /* if an error is encountered, return */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error) {
+ return;
+ }
+ p12dcx = safeContentsCtx->p12dcx;
+
+ /* to make things more readable */
+ if (before)
+ after = PR_FALSE;
+ else
+ after = PR_TRUE;
+
+ /* have we determined the safeBagType yet? */
+ bag = safeContentsCtx->currentSafeBag;
+ if (bag->bagTypeTag == NULL) {
+ if (after && (dest == &(bag->safeBagType))) {
+ bag->bagTypeTag = SECOID_FindOID(&(bag->safeBagType));
+ if (bag->bagTypeTag == NULL) {
+ p12dcx->error = PR_TRUE;
+ p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
+ }
+ }
+ return;
+ }
+
+ /* process the safeBag depending on it's type. those
+ * which we do not support, are ignored. we start a decoding
+ * context for a nested safeContents.
+ */
+ switch (bag->bagTypeTag->offset) {
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ case SEC_OID_PKCS12_V1_CERT_BAG_ID:
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ break;
+ case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
+ /* if we are just starting to decode the safeContents, initialize
+ * a new safeContentsCtx to process it.
+ */
+ if (before && (dest == &(bag->safeBagContent))) {
+ sec_pkcs12_decoder_begin_nested_safe_contents(safeContentsCtx);
+ } else if (after && (dest == &(bag->safeBagContent))) {
+ /* clean up the nested decoding */
+ sec_pkcs12_decoder_finish_nested_safe_contents(safeContentsCtx);
+ }
+ break;
+ case SEC_OID_PKCS12_V1_CRL_BAG_ID:
+ case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
+ default:
+ /* skip any safe bag types we don't understand or handle */
+ safeContentsCtx->skipCurrentSafeBag = PR_TRUE;
+ break;
+ }
+
+ return;
+}
+
+/* notify function for decoding safe contents. each entry in the
+ * safe contents is a safeBag which needs to be allocated and
+ * the decoding context initialized at the beginning and then
+ * the context needs to be closed and finished at the end.
+ *
+ * this function is set when the safeContents decode context is
+ * initialized.
+ */
+static void
+sec_pkcs12_decoder_safe_contents_notify(void *arg, PRBool before,
+ void *dest, int real_depth)
+{
+ sec_PKCS12SafeContentsContext *safeContentsCtx =
+ (sec_PKCS12SafeContentsContext *)arg;
+ SEC_PKCS12DecoderContext *p12dcx;
+ SECStatus rv;
+
+ /* if there is an error we don't want to continue processing,
+ * just return and keep going.
+ */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error) {
+ return;
+ }
+ p12dcx = safeContentsCtx->p12dcx;
+
+ /* if we are done with the current safeBag, then we need to
+ * finish the context and set the state variables appropriately.
+ */
+ if (!before) {
+ SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsA1Dcx);
+ SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagA1Dcx);
+ safeContentsCtx->currentSafeBagA1Dcx = NULL;
+ safeContentsCtx->skipCurrentSafeBag = PR_FALSE;
+ } else {
+ /* we are starting a new safe bag. we need to allocate space
+ * for the bag and initialize the decoding context.
+ */
+ rv = sec_pkcs12_decoder_init_new_safe_bag(safeContentsCtx);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* set up the decoder context */
+ safeContentsCtx->currentSafeBagA1Dcx =
+ SEC_ASN1DecoderStart(p12dcx->arena,
+ safeContentsCtx->currentSafeBag,
+ sec_PKCS12SafeBagTemplate);
+ if (!safeContentsCtx->currentSafeBagA1Dcx) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ /* set the notify and filter procs so that the safe bag
+ * data gets sent to the proper location when decoding.
+ */
+ SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->currentSafeBagA1Dcx,
+ sec_pkcs12_decoder_safe_bag_notify,
+ safeContentsCtx);
+ SEC_ASN1DecoderSetFilterProc(safeContentsCtx->safeContentsA1Dcx,
+ sec_pkcs12_decoder_safe_bag_update,
+ safeContentsCtx, PR_TRUE);
+ }
+
+ return;
+
+loser:
+ /* in the event of an error, we want to close the decoding
+ * context and clear the filter and notify procedures.
+ */
+ p12dcx->error = PR_TRUE;
+
+ if (safeContentsCtx->currentSafeBagA1Dcx) {
+ SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagA1Dcx);
+ safeContentsCtx->currentSafeBagA1Dcx = NULL;
+ }
+
+ SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->safeContentsA1Dcx);
+ SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsA1Dcx);
+
+ return;
+}
+
+/* initialize the safeContents for decoding. this routine
+ * is used for authenticatedSafes as well as nested safeContents.
+ */
+static sec_PKCS12SafeContentsContext *
+sec_pkcs12_decoder_safe_contents_init_decode(SEC_PKCS12DecoderContext *p12dcx,
+ PRBool nestedSafe)
+{
+ sec_PKCS12SafeContentsContext *safeContentsCtx = NULL;
+ const SEC_ASN1Template *theTemplate;
+
+ if (!p12dcx || p12dcx->error) {
+ return NULL;
+ }
+
+ /* allocate a new safeContents list or grow the existing list and
+ * append the new safeContents onto the end.
+ */
+ p12dcx->safeContentsList = (!p12dcx->safeContentsCnt)
+ ? PORT_ArenaZNewArray(p12dcx->arena, sec_PKCS12SafeContentsContext *, 2)
+ : PORT_ArenaGrowArray(p12dcx->arena, p12dcx->safeContentsList,
+ sec_PKCS12SafeContentsContext *,
+ 1 + p12dcx->safeContentsCnt,
+ 2 + p12dcx->safeContentsCnt);
+
+ if (!p12dcx->safeContentsList) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ p12dcx->safeContentsList[p12dcx->safeContentsCnt] = safeContentsCtx =
+ PORT_ArenaZNew(p12dcx->arena, sec_PKCS12SafeContentsContext);
+ if (!p12dcx->safeContentsList[p12dcx->safeContentsCnt]) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ p12dcx->safeContentsList[++p12dcx->safeContentsCnt] = NULL;
+
+ /* set up the state variables */
+ safeContentsCtx->p12dcx = p12dcx;
+ safeContentsCtx->arena = p12dcx->arena;
+
+ /* begin the decoding -- the template is based on whether we are
+ * decoding a nested safeContents or not.
+ */
+ if (nestedSafe == PR_TRUE) {
+ theTemplate = sec_PKCS12NestedSafeContentsDecodeTemplate;
+ } else {
+ theTemplate = sec_PKCS12SafeContentsDecodeTemplate;
+ }
+
+ /* start the decoder context */
+ safeContentsCtx->safeContentsA1Dcx = SEC_ASN1DecoderStart(p12dcx->arena,
+ &safeContentsCtx->safeContents,
+ theTemplate);
+
+ if (!safeContentsCtx->safeContentsA1Dcx) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ /* set the safeContents notify procedure to look for
+ * and start the decode of safeBags.
+ */
+ SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->safeContentsA1Dcx,
+ sec_pkcs12_decoder_safe_contents_notify,
+ safeContentsCtx);
+
+ return safeContentsCtx;
+
+loser:
+ /* in the case of an error, we want to finish the decoder
+ * context and set the error flag.
+ */
+ if (safeContentsCtx && safeContentsCtx->safeContentsA1Dcx) {
+ SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsA1Dcx);
+ safeContentsCtx->safeContentsA1Dcx = NULL;
+ }
+
+ p12dcx->error = PR_TRUE;
+
+ return NULL;
+}
+
+/* wrapper for updating safeContents. this is set as the filter of
+ * safeBag when there is a nested safeContents.
+ */
+static void
+sec_pkcs12_decoder_nested_safe_contents_update(void *arg, const char *buf,
+ unsigned long len, int depth,
+ SEC_ASN1EncodingPart data_kind)
+{
+ sec_PKCS12SafeContentsContext *safeContentsCtx =
+ (sec_PKCS12SafeContentsContext *)arg;
+ SEC_PKCS12DecoderContext *p12dcx;
+ SECStatus rv;
+
+ /* check for an error */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error || !safeContentsCtx->safeContentsA1Dcx) {
+ return;
+ }
+
+ /* no need to update if no data sent in */
+ if (!len || !buf) {
+ return;
+ }
+
+ /* update the decoding context */
+ p12dcx = safeContentsCtx->p12dcx;
+ rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsA1Dcx, buf, len);
+ if (rv != SECSuccess) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ return;
+
+loser:
+ /* handle any errors. If a decoding context is open, close it. */
+ p12dcx->error = PR_TRUE;
+ if (safeContentsCtx->safeContentsA1Dcx) {
+ SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsA1Dcx);
+ safeContentsCtx->safeContentsA1Dcx = NULL;
+ }
+}
+
+/* whenever a new safeContentsSafeBag is encountered, we need
+ * to init a safeContentsContext.
+ */
+static SECStatus
+sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext
+ *safeContentsCtx)
+{
+ /* check for an error */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error) {
+ return SECFailure;
+ }
+
+ safeContentsCtx->nestedSafeContentsCtx =
+ sec_pkcs12_decoder_safe_contents_init_decode(safeContentsCtx->p12dcx,
+ PR_TRUE);
+ if (!safeContentsCtx->nestedSafeContentsCtx) {
+ return SECFailure;
+ }
+
+ /* set up new filter proc */
+ SEC_ASN1DecoderSetNotifyProc(
+ safeContentsCtx->nestedSafeContentsCtx->safeContentsA1Dcx,
+ sec_pkcs12_decoder_safe_contents_notify,
+ safeContentsCtx->nestedSafeContentsCtx);
+
+ SEC_ASN1DecoderSetFilterProc(safeContentsCtx->currentSafeBagA1Dcx,
+ sec_pkcs12_decoder_nested_safe_contents_update,
+ safeContentsCtx->nestedSafeContentsCtx,
+ PR_TRUE);
+
+ return SECSuccess;
+}
+
+/* when the safeContents is done decoding, we need to reset the
+ * proper filter and notify procs and close the decoding context
+ */
+static SECStatus
+sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
+ *safeContentsCtx)
+{
+ /* check for error */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error) {
+ return SECFailure;
+ }
+
+ /* clean up */
+ SEC_ASN1DecoderClearFilterProc(safeContentsCtx->currentSafeBagA1Dcx);
+ SEC_ASN1DecoderClearNotifyProc(
+ safeContentsCtx->nestedSafeContentsCtx->safeContentsA1Dcx);
+ SEC_ASN1DecoderFinish(
+ safeContentsCtx->nestedSafeContentsCtx->safeContentsA1Dcx);
+ safeContentsCtx->nestedSafeContentsCtx->safeContentsA1Dcx = NULL;
+ safeContentsCtx->nestedSafeContentsCtx = NULL;
+
+ return SECSuccess;
+}
+
+/* wrapper for updating safeContents. This is used when decoding
+ * the nested safeContents and any authenticatedSafes.
+ */
+static void
+sec_pkcs12_decoder_safe_contents_callback(void *arg, const char *buf,
+ unsigned long len)
+{
+ SECStatus rv;
+ sec_PKCS12SafeContentsContext *safeContentsCtx =
+ (sec_PKCS12SafeContentsContext *)arg;
+ SEC_PKCS12DecoderContext *p12dcx;
+
+ /* check for error */
+ if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
+ safeContentsCtx->p12dcx->error || !safeContentsCtx->safeContentsA1Dcx) {
+ return;
+ }
+ p12dcx = safeContentsCtx->p12dcx;
+
+ /* update the decoder */
+ rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsA1Dcx, buf, len);
+ if (rv != SECSuccess) {
+ /* if we fail while trying to decode a 'safe', it's probably because
+ * we didn't have the correct password. */
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
+ SEC_PKCS7DecoderAbort(p12dcx->currentASafeP7Dcx, SEC_ERROR_BAD_PASSWORD);
+ goto loser;
+ }
+
+ return;
+
+loser:
+ /* set the error and finish the context */
+ p12dcx->error = PR_TRUE;
+ if (safeContentsCtx->safeContentsA1Dcx) {
+ SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsA1Dcx);
+ safeContentsCtx->safeContentsA1Dcx = NULL;
+ }
+
+ return;
+}
+
+/* this is a wrapper for the ASN1 decoder to call SEC_PKCS7DecoderUpdate
+ */
+static void
+sec_pkcs12_decoder_wrap_p7_update(void *arg, const char *data,
+ unsigned long len, int depth,
+ SEC_ASN1EncodingPart data_kind)
+{
+ SEC_PKCS7DecoderContext *p7dcx = (SEC_PKCS7DecoderContext *)arg;
+
+ SEC_PKCS7DecoderUpdate(p7dcx, data, len);
+}
+
+/* notify function for decoding aSafes. at the beginning,
+ * of an authenticatedSafe, we start a decode of a safeContents.
+ * at the end, we clean up the safeContents decoder context and
+ * reset state variables
+ */
+static void
+sec_pkcs12_decoder_asafes_notify(void *arg, PRBool before, void *dest,
+ int real_depth)
+{
+ SEC_PKCS12DecoderContext *p12dcx;
+ sec_PKCS12SafeContentsContext *safeContentsCtx;
+
+ /* make sure no error occurred. */
+ p12dcx = (SEC_PKCS12DecoderContext *)arg;
+ if (!p12dcx || p12dcx->error) {
+ return;
+ }
+
+ if (before) {
+
+ /* init a new safeContentsContext */
+ safeContentsCtx = sec_pkcs12_decoder_safe_contents_init_decode(p12dcx,
+ PR_FALSE);
+ if (!safeContentsCtx) {
+ goto loser;
+ }
+
+ /* initiate the PKCS7ContentInfo decode */
+ p12dcx->currentASafeP7Dcx = SEC_PKCS7DecoderStart(
+ sec_pkcs12_decoder_safe_contents_callback,
+ safeContentsCtx,
+ p12dcx->pwfn, p12dcx->pwfnarg,
+ sec_pkcs12_decoder_get_decrypt_key, p12dcx,
+ sec_pkcs12_decoder_decryption_allowed);
+ if (!p12dcx->currentASafeP7Dcx) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ SEC_ASN1DecoderSetFilterProc(p12dcx->aSafeA1Dcx,
+ sec_pkcs12_decoder_wrap_p7_update,
+ p12dcx->currentASafeP7Dcx, PR_TRUE);
+ }
+
+ if (!before) {
+ /* if one is being decoded, finish the decode */
+ if (p12dcx->currentASafeP7Dcx != NULL) {
+ SEC_PKCS7ContentInfo *cinfo;
+ unsigned int cnt = p12dcx->safeContentsCnt - 1;
+ safeContentsCtx = p12dcx->safeContentsList[cnt];
+ if (safeContentsCtx->safeContentsA1Dcx) {
+ SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsA1Dcx);
+ safeContentsCtx->safeContentsA1Dcx = NULL;
+ }
+ cinfo = SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx);
+ p12dcx->currentASafeP7Dcx = NULL;
+ if (!cinfo) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ SEC_PKCS7DestroyContentInfo(cinfo); /* don't leak it */
+ }
+ }
+
+ return;
+
+loser:
+ /* set the error flag */
+ p12dcx->error = PR_TRUE;
+ return;
+}
+
+/* wrapper for updating asafes decoding context. this function
+ * writes data being decoded to disk, so that a mac can be computed
+ * later.
+ */
+static void
+sec_pkcs12_decoder_asafes_callback(void *arg, const char *buf,
+ unsigned long len)
+{
+ SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext *)arg;
+ SECStatus rv;
+
+ if (!p12dcx || p12dcx->error) {
+ return;
+ }
+
+ /* update the context */
+ rv = SEC_ASN1DecoderUpdate(p12dcx->aSafeA1Dcx, buf, len);
+ if (rv != SECSuccess) {
+ p12dcx->errorValue = PORT_GetError();
+ p12dcx->error = PR_TRUE;
+ goto loser;
+ }
+
+ /* if we are writing to a file, write out the new information */
+ if (p12dcx->dWrite) {
+ unsigned long writeLen = (*p12dcx->dWrite)(p12dcx->dArg,
+ (unsigned char *)buf, len);
+ if (writeLen != len) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ }
+
+ return;
+
+loser:
+ /* set the error flag */
+ p12dcx->error = PR_TRUE;
+ SEC_ASN1DecoderFinish(p12dcx->aSafeA1Dcx);
+ p12dcx->aSafeA1Dcx = NULL;
+
+ return;
+}
+
+/* start the decode of an authenticatedSafe contentInfo.
+ */
+static SECStatus
+sec_pkcs12_decode_start_asafes_cinfo(SEC_PKCS12DecoderContext *p12dcx)
+{
+ if (!p12dcx || p12dcx->error) {
+ return SECFailure;
+ }
+
+ /* start the decode context */
+ p12dcx->aSafeA1Dcx = SEC_ASN1DecoderStart(p12dcx->arena,
+ &p12dcx->authSafe,
+ sec_PKCS12AuthenticatedSafeTemplate);
+ if (!p12dcx->aSafeA1Dcx) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ /* set the notify function */
+ SEC_ASN1DecoderSetNotifyProc(p12dcx->aSafeA1Dcx,
+ sec_pkcs12_decoder_asafes_notify, p12dcx);
+
+ /* begin the authSafe decoder context */
+ p12dcx->aSafeP7Dcx = SEC_PKCS7DecoderStart(
+ sec_pkcs12_decoder_asafes_callback, p12dcx,
+ p12dcx->pwfn, p12dcx->pwfnarg, NULL, NULL, NULL);
+ if (!p12dcx->aSafeP7Dcx) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+
+ /* open the temp file for writing, if the digest functions were set */
+ if (p12dcx->dOpen && (*p12dcx->dOpen)(p12dcx->dArg, PR_FALSE) != SECSuccess) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ /* dOpen(dArg, PR_FALSE) creates the temp file */
+ p12dcx->dIsOpen = PR_TRUE;
+
+ return SECSuccess;
+
+loser:
+ p12dcx->error = PR_TRUE;
+
+ if (p12dcx->aSafeA1Dcx) {
+ SEC_ASN1DecoderFinish(p12dcx->aSafeA1Dcx);
+ p12dcx->aSafeA1Dcx = NULL;
+ }
+
+ if (p12dcx->aSafeP7Dcx) {
+ SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
+ p12dcx->aSafeP7Dcx = NULL;
+ }
+
+ return SECFailure;
+}
+
+/* wrapper for updating the safeContents. this function is used as
+ * a filter for the pfx when decoding the authenticated safes
+ */
+static void
+sec_pkcs12_decode_asafes_cinfo_update(void *arg, const char *buf,
+ unsigned long len, int depth,
+ SEC_ASN1EncodingPart data_kind)
+{
+ SEC_PKCS12DecoderContext *p12dcx;
+ SECStatus rv;
+
+ p12dcx = (SEC_PKCS12DecoderContext *)arg;
+ if (!p12dcx || p12dcx->error) {
+ return;
+ }
+
+ /* update the safeContents decoder */
+ rv = SEC_PKCS7DecoderUpdate(p12dcx->aSafeP7Dcx, buf, len);
+ if (rv != SECSuccess) {
+ p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
+ goto loser;
+ }
+
+ return;
+
+loser:
+
+ /* did we find an error? if so, close the context and set the
+ * error flag.
+ */
+ SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
+ p12dcx->aSafeP7Dcx = NULL;
+ p12dcx->error = PR_TRUE;
+}
+
+/* notify procedure used while decoding the pfx. When we encounter
+ * the authSafes, we want to trigger the decoding of authSafes as well
+ * as when we encounter the macData, trigger the decoding of it. we do
+ * this because we we are streaming the decoder and not decoding in place.
+ * the pfx which is the destination, only has the version decoded into it.
+ */
+static void
+sec_pkcs12_decoder_pfx_notify_proc(void *arg, PRBool before, void *dest,
+ int real_depth)
+{
+ SECStatus rv;
+ SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext *)arg;
+
+ /* if an error occurs, clear the notifyProc and the filterProc
+ * and continue.
+ */
+ if (p12dcx->error) {
+ SEC_ASN1DecoderClearNotifyProc(p12dcx->pfxA1Dcx);
+ SEC_ASN1DecoderClearFilterProc(p12dcx->pfxA1Dcx);
+ return;
+ }
+
+ if (before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
+
+ /* we want to make sure this is a version we support */
+ if (!sec_pkcs12_proper_version(&p12dcx->pfx)) {
+ p12dcx->errorValue = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
+ goto loser;
+ }
+
+ /* start the decode of the aSafes cinfo... */
+ rv = sec_pkcs12_decode_start_asafes_cinfo(p12dcx);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* set the filter proc to update the authenticated safes. */
+ SEC_ASN1DecoderSetFilterProc(p12dcx->pfxA1Dcx,
+ sec_pkcs12_decode_asafes_cinfo_update,
+ p12dcx, PR_TRUE);
+ }
+
+ if (!before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
+
+ /* we are done decoding the authenticatedSafes, so we need to
+ * finish the decoderContext and clear the filter proc
+ * and close the hmac callback, if present
+ */
+ p12dcx->aSafeCinfo = SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
+ p12dcx->aSafeP7Dcx = NULL;
+ if (!p12dcx->aSafeCinfo) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ SEC_ASN1DecoderClearFilterProc(p12dcx->pfxA1Dcx);
+ if (p12dcx->dClose && ((*p12dcx->dClose)(p12dcx->dArg, PR_FALSE) != SECSuccess)) {
+ p12dcx->errorValue = PORT_GetError();
+ goto loser;
+ }
+ }
+
+ return;
+
+loser:
+ p12dcx->error = PR_TRUE;
+}
+
+/* default implementations of the open/close/read/write functions for
+ SEC_PKCS12DecoderStart
+*/
+
+#define DEFAULT_TEMP_SIZE 4096
+
+static SECStatus
+p12u_DigestOpen(void *arg, PRBool readData)
+{
+ SEC_PKCS12DecoderContext *p12cxt = arg;
+
+ p12cxt->currentpos = 0;
+
+ if (PR_FALSE == readData) {
+ /* allocate an initial buffer */
+ p12cxt->filesize = 0;
+ p12cxt->allocated = DEFAULT_TEMP_SIZE;
+ p12cxt->buffer = PORT_Alloc(DEFAULT_TEMP_SIZE);
+ PR_ASSERT(p12cxt->buffer);
+ } else {
+ PR_ASSERT(p12cxt->buffer);
+ if (!p12cxt->buffer) {
+ return SECFailure; /* no data to read */
+ }
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+p12u_DigestClose(void *arg, PRBool removeFile)
+{
+ SEC_PKCS12DecoderContext *p12cxt = arg;
+
+ PR_ASSERT(p12cxt);
+ if (!p12cxt) {
+ return SECFailure;
+ }
+ p12cxt->currentpos = 0;
+
+ if (PR_TRUE == removeFile) {
+ PR_ASSERT(p12cxt->buffer);
+ if (!p12cxt->buffer) {
+ return SECFailure;
+ }
+ if (p12cxt->buffer) {
+ PORT_Free(p12cxt->buffer);
+ p12cxt->buffer = NULL;
+ p12cxt->allocated = 0;
+ p12cxt->filesize = 0;
+ }
+ }
+
+ return SECSuccess;
+}
+
+static int
+p12u_DigestRead(void *arg, unsigned char *buf, unsigned long len)
+{
+ int toread = len;
+ SEC_PKCS12DecoderContext *p12cxt = arg;
+
+ if (!buf || len == 0 || !p12cxt->buffer) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return -1;
+ }
+
+ if ((p12cxt->filesize - p12cxt->currentpos) < (long)len) {
+ /* trying to read past the end of the buffer */
+ toread = p12cxt->filesize - p12cxt->currentpos;
+ }
+ memcpy(buf, (char *)p12cxt->buffer + p12cxt->currentpos, toread);
+ p12cxt->currentpos += toread;
+ return toread;
+}
+
+static int
+p12u_DigestWrite(void *arg, unsigned char *buf, unsigned long len)
+{
+ SEC_PKCS12DecoderContext *p12cxt = arg;
+
+ if (!buf || len == 0) {
+ return -1;
+ }
+
+ if (p12cxt->currentpos + (long)len > p12cxt->filesize) {
+ p12cxt->filesize = p12cxt->currentpos + len;
+ } else {
+ p12cxt->filesize += len;
+ }
+ if (p12cxt->filesize > p12cxt->allocated) {
+ void *newbuffer;
+ size_t newsize = p12cxt->filesize + DEFAULT_TEMP_SIZE;
+ newbuffer = PORT_Realloc(p12cxt->buffer, newsize);
+ if (NULL == newbuffer) {
+ return -1; /* can't extend the buffer */
+ }
+ p12cxt->buffer = newbuffer;
+ p12cxt->allocated = newsize;
+ }
+ PR_ASSERT(p12cxt->buffer);
+ memcpy((char *)p12cxt->buffer + p12cxt->currentpos, buf, len);
+ p12cxt->currentpos += len;
+ return len;
+}
+
+/* SEC_PKCS12DecoderStart
+ * Creates a decoder context for decoding a PKCS 12 PDU objct.
+ * This function sets up the initial decoding context for the
+ * PFX and sets the needed state variables.
+ *
+ * pwitem - the password for the hMac and any encoded safes.
+ * this should be changed to take a callback which retrieves
+ * the password. it may be possible for different safes to
+ * have different passwords. also, the password is already
+ * in unicode. it should probably be converted down below via
+ * a unicode conversion callback.
+ * slot - the slot to import the dataa into should multiple slots
+ * be supported based on key type and cert type?
+ * dOpen, dClose, dRead, dWrite - digest routines for writing data
+ * to a file so it could be read back and the hmac recomputed
+ * and verified. doesn't seem to be a way for both encoding
+ * and decoding to be single pass, thus the need for these
+ * routines.
+ * dArg - the argument for dOpen, etc.
+ *
+ * if NULL == dOpen == dClose == dRead == dWrite == dArg, then default
+ * implementations using a memory buffer are used
+ *
+ * This function returns the decoder context, if it was successful.
+ * Otherwise, null is returned.
+ */
+SEC_PKCS12DecoderContext *
+SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
+ digestOpenFn dOpen, digestCloseFn dClose,
+ digestIOFn dRead, digestIOFn dWrite, void *dArg)
+{
+ SEC_PKCS12DecoderContext *p12dcx;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(2048); /* different size? */
+ if (!arena) {
+ return NULL; /* error is already set */
+ }
+
+ /* allocate the decoder context and set the state variables */
+ p12dcx = PORT_ArenaZNew(arena, SEC_PKCS12DecoderContext);
+ if (!p12dcx) {
+ goto loser; /* error is already set */
+ }
+
+ if (!dOpen && !dClose && !dRead && !dWrite && !dArg) {
+ /* use default implementations */
+ dOpen = p12u_DigestOpen;
+ dClose = p12u_DigestClose;
+ dRead = p12u_DigestRead;
+ dWrite = p12u_DigestWrite;
+ dArg = (void *)p12dcx;
+ }
+
+ p12dcx->arena = arena;
+ p12dcx->pwitem = pwitem;
+ p12dcx->slot = (slot ? PK11_ReferenceSlot(slot)
+ : PK11_GetInternalKeySlot());
+ p12dcx->wincx = wincx;
+ p12dcx->tokenCAs = SECPKCS12TargetTokenNoCAs;
+#ifdef IS_LITTLE_ENDIAN
+ p12dcx->swapUnicodeBytes = PR_TRUE;
+#else
+ p12dcx->swapUnicodeBytes = PR_FALSE;
+#endif
+ p12dcx->errorValue = 0;
+ p12dcx->error = PR_FALSE;
+
+ /* start the decoding of the PFX and set the notify proc
+ * for the PFX item.
+ */
+ p12dcx->pfxA1Dcx = SEC_ASN1DecoderStart(p12dcx->arena, &p12dcx->pfx,
+ sec_PKCS12PFXItemTemplate);
+ if (!p12dcx->pfxA1Dcx) {
+ PK11_FreeSlot(p12dcx->slot);
+ goto loser;
+ }
+
+ SEC_ASN1DecoderSetNotifyProc(p12dcx->pfxA1Dcx,
+ sec_pkcs12_decoder_pfx_notify_proc,
+ p12dcx);
+
+ /* set up digest functions */
+ p12dcx->dOpen = dOpen;
+ p12dcx->dWrite = dWrite;
+ p12dcx->dClose = dClose;
+ p12dcx->dRead = dRead;
+ p12dcx->dArg = dArg;
+ p12dcx->dIsOpen = PR_FALSE;
+
+ p12dcx->keyList = NULL;
+ p12dcx->decitem.type = 0;
+ p12dcx->decitem.der = NULL;
+ p12dcx->decitem.hasKey = PR_FALSE;
+ p12dcx->decitem.friendlyName = NULL;
+ p12dcx->iteration = 0;
+
+ return p12dcx;
+
+loser:
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+}
+
+SECStatus
+SEC_PKCS12DecoderSetTargetTokenCAs(SEC_PKCS12DecoderContext *p12dcx,
+ SECPKCS12TargetTokenCAs tokenCAs)
+{
+ if (!p12dcx || p12dcx->error) {
+ return SECFailure;
+ }
+ p12dcx->tokenCAs = tokenCAs;
+ return SECSuccess;
+}
+
+/* SEC_PKCS12DecoderUpdate
+ * Streaming update sending more data to the decoder. If
+ * an error occurs, SECFailure is returned.
+ *
+ * p12dcx - the decoder context
+ * data, len - the data buffer and length of data to send to
+ * the update functions.
+ */
+SECStatus
+SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx,
+ unsigned char *data, unsigned long len)
+{
+ SECStatus rv;
+
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* update the PFX decoder context */
+ rv = SEC_ASN1DecoderUpdate(p12dcx->pfxA1Dcx, (const char *)data, len);
+ if (rv != SECSuccess) {
+ p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
+ goto loser;
+ }
+
+ return SECSuccess;
+
+loser:
+
+ p12dcx->error = PR_TRUE;
+ return SECFailure;
+}
+
+/* This should be a nice sized buffer for reading in data (potentially large
+** amounts) to be MACed. It should be MUCH larger than HASH_LENGTH_MAX.
+*/
+#define IN_BUF_LEN 1024
+#ifdef DEBUG
+static const char bufferEnd[] = { "BufferEnd" };
+#endif
+#define FUDGE 128 /* must be as large as bufferEnd or more. */
+
+/* verify the hmac by reading the data from the temporary file
+ * using the routines specified when the decodingContext was
+ * created and return SECSuccess if the hmac matches.
+ */
+static SECStatus
+sec_pkcs12_decoder_verify_mac(SEC_PKCS12DecoderContext *p12dcx)
+{
+ PK11Context *pk11cx = NULL;
+ PK11SymKey *symKey = NULL;
+ SECItem *params = NULL;
+ unsigned char *buf;
+ SECStatus rv = SECFailure;
+ SECStatus lrv;
+ unsigned int bufLen;
+ int iteration;
+ int bytesRead;
+ SECOidTag algtag;
+ SECItem hmacRes;
+ SECItem ignore = { 0 };
+ CK_MECHANISM_TYPE integrityMech;
+
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ buf = (unsigned char *)PORT_Alloc(IN_BUF_LEN + FUDGE);
+ if (!buf)
+ return SECFailure; /* error code has been set. */
+
+#ifdef DEBUG
+ memcpy(buf + IN_BUF_LEN, bufferEnd, sizeof bufferEnd);
+#endif
+
+ /* generate hmac key */
+ if (p12dcx->macData.iter.data) {
+ iteration = (int)DER_GetInteger(&p12dcx->macData.iter);
+ } else {
+ iteration = 1;
+ }
+
+ params = PK11_CreatePBEParams(&p12dcx->macData.macSalt, p12dcx->pwitem,
+ iteration);
+
+ algtag = SECOID_GetAlgorithmTag(&p12dcx->macData.safeMac.digestAlgorithm);
+ switch (algtag) {
+ case SEC_OID_SHA1:
+ integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN;
+ break;
+ case SEC_OID_MD5:
+ integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
+ break;
+ case SEC_OID_MD2:
+ integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
+ break;
+ default:
+ goto loser;
+ }
+
+ symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
+ PK11_DestroyPBEParams(params);
+ params = NULL;
+ if (!symKey)
+ goto loser;
+ /* init hmac */
+ pk11cx = PK11_CreateContextBySymKey(sec_pkcs12_algtag_to_mech(algtag),
+ CKA_SIGN, symKey, &ignore);
+ if (!pk11cx) {
+ goto loser;
+ }
+ lrv = PK11_DigestBegin(pk11cx);
+ if (lrv == SECFailure) {
+ goto loser;
+ }
+
+ /* try to open the data for readback */
+ if (p12dcx->dOpen && ((*p12dcx->dOpen)(p12dcx->dArg, PR_TRUE) != SECSuccess)) {
+ goto loser;
+ }
+
+ /* read the data back IN_BUF_LEN bytes at a time and recompute
+ * the hmac. if fewer bytes are read than are requested, it is
+ * assumed that the end of file has been reached. if bytesRead
+ * is returned as -1, then an error occurred reading from the
+ * file.
+ */
+ do {
+ bytesRead = (*p12dcx->dRead)(p12dcx->dArg, buf, IN_BUF_LEN);
+ if (bytesRead < 0) {
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_READ);
+ goto loser;
+ }
+ PORT_Assert(bytesRead <= IN_BUF_LEN);
+ PORT_Assert(!memcmp(buf + IN_BUF_LEN, bufferEnd, sizeof bufferEnd));
+
+ if (bytesRead > IN_BUF_LEN) {
+ /* dRead callback overflowed buffer. */
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto loser;
+ }
+
+ if (bytesRead) {
+ lrv = PK11_DigestOp(pk11cx, buf, bytesRead);
+ if (lrv == SECFailure) {
+ goto loser;
+ }
+ }
+ } while (bytesRead == IN_BUF_LEN);
+
+ /* finish the hmac context */
+ lrv = PK11_DigestFinal(pk11cx, buf, &bufLen, IN_BUF_LEN);
+ if (lrv == SECFailure) {
+ goto loser;
+ }
+
+ hmacRes.data = buf;
+ hmacRes.len = bufLen;
+
+ /* is the hmac computed the same as the hmac which was decoded? */
+ rv = SECSuccess;
+ if (SECITEM_CompareItem(&hmacRes, &p12dcx->macData.safeMac.digest) != SECEqual) {
+ PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
+ rv = SECFailure;
+ }
+
+loser:
+ /* close the file and remove it */
+ if (p12dcx->dClose) {
+ (*p12dcx->dClose)(p12dcx->dArg, PR_TRUE);
+ p12dcx->dIsOpen = PR_FALSE;
+ }
+
+ if (pk11cx) {
+ PK11_DestroyContext(pk11cx, PR_TRUE);
+ }
+ if (params) {
+ PK11_DestroyPBEParams(params);
+ }
+ if (symKey) {
+ PK11_FreeSymKey(symKey);
+ }
+ PORT_ZFree(buf, IN_BUF_LEN + FUDGE);
+
+ return rv;
+}
+
+/* SEC_PKCS12DecoderVerify
+ * Verify the macData or the signature of the decoded PKCS 12 PDU.
+ * If the signature or the macData do not match, SECFailure is
+ * returned.
+ *
+ * p12dcx - the decoder context
+ */
+SECStatus
+SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx)
+{
+ SECStatus rv = SECSuccess;
+
+ /* make sure that no errors have occurred... */
+ if (!p12dcx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (p12dcx->error) {
+ /* error code is already set! PORT_SetError(p12dcx->errorValue); */
+ return SECFailure;
+ }
+
+ rv = SEC_ASN1DecoderFinish(p12dcx->pfxA1Dcx);
+ p12dcx->pfxA1Dcx = NULL;
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ /* check the signature or the mac depending on the type of
+ * integrity used.
+ */
+ if (p12dcx->pfx.encodedMacData.len) {
+ rv = SEC_ASN1DecodeItem(p12dcx->arena, &p12dcx->macData,
+ sec_PKCS12MacDataTemplate,
+ &p12dcx->pfx.encodedMacData);
+ if (rv == SECSuccess) {
+ return sec_pkcs12_decoder_verify_mac(p12dcx);
+ }
+ return rv;
+ }
+ if (SEC_PKCS7VerifySignature(p12dcx->aSafeCinfo, certUsageEmailSigner,
+ PR_FALSE)) {
+ return SECSuccess;
+ }
+ PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
+ return SECFailure;
+}
+
+/* SEC_PKCS12DecoderFinish
+ * Free any open ASN1 or PKCS7 decoder contexts and then
+ * free the arena pool which everything should be allocated
+ * from. This function should be called upon completion of
+ * decoding and installing of a pfx pdu. This should be
+ * called even if an error occurs.
+ *
+ * p12dcx - the decoder context
+ */
+void
+SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx)
+{
+ unsigned int i;
+
+ if (!p12dcx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ if (p12dcx->pfxA1Dcx) {
+ SEC_ASN1DecoderFinish(p12dcx->pfxA1Dcx);
+ p12dcx->pfxA1Dcx = NULL;
+ }
+
+ if (p12dcx->aSafeA1Dcx) {
+ SEC_ASN1DecoderFinish(p12dcx->aSafeA1Dcx);
+ p12dcx->aSafeA1Dcx = NULL;
+ }
+
+ /* cleanup any old ASN1 decoder contexts */
+ for (i = 0; i < p12dcx->safeContentsCnt; ++i) {
+ sec_PKCS12SafeContentsContext *safeContentsCtx, *nested;
+ safeContentsCtx = p12dcx->safeContentsList[i];
+ if (safeContentsCtx) {
+ nested = safeContentsCtx->nestedSafeContentsCtx;
+ while (nested) {
+ if (nested->safeContentsA1Dcx) {
+ SEC_ASN1DecoderFinish(nested->safeContentsA1Dcx);
+ nested->safeContentsA1Dcx = NULL;
+ }
+ nested = nested->nestedSafeContentsCtx;
+ }
+ if (safeContentsCtx->safeContentsA1Dcx) {
+ SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsA1Dcx);
+ safeContentsCtx->safeContentsA1Dcx = NULL;
+ }
+ }
+ }
+
+ if (p12dcx->currentASafeP7Dcx &&
+ p12dcx->currentASafeP7Dcx != p12dcx->aSafeP7Dcx) {
+ SEC_PKCS7ContentInfo *cinfo;
+ cinfo = SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx);
+ if (cinfo) {
+ SEC_PKCS7DestroyContentInfo(cinfo); /* don't leak it */
+ }
+ }
+ p12dcx->currentASafeP7Dcx = NULL;
+
+ if (p12dcx->aSafeP7Dcx) {
+ SEC_PKCS7ContentInfo *cinfo;
+ cinfo = SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
+ if (cinfo) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ }
+ p12dcx->aSafeP7Dcx = NULL;
+ }
+
+ if (p12dcx->aSafeCinfo) {
+ SEC_PKCS7DestroyContentInfo(p12dcx->aSafeCinfo);
+ p12dcx->aSafeCinfo = NULL;
+ }
+
+ if (p12dcx->decitem.type != 0 && p12dcx->decitem.der != NULL) {
+ SECITEM_FreeItem(p12dcx->decitem.der, PR_TRUE);
+ }
+ if (p12dcx->decitem.friendlyName != NULL) {
+ SECITEM_FreeItem(p12dcx->decitem.friendlyName, PR_TRUE);
+ }
+
+ if (p12dcx->slot) {
+ PK11_FreeSlot(p12dcx->slot);
+ p12dcx->slot = NULL;
+ }
+
+ if (p12dcx->dIsOpen && p12dcx->dClose) {
+ (*p12dcx->dClose)(p12dcx->dArg, PR_TRUE);
+ p12dcx->dIsOpen = PR_FALSE;
+ }
+
+ if (p12dcx->arena) {
+ PORT_FreeArena(p12dcx->arena, PR_TRUE);
+ }
+}
+
+static SECStatus
+sec_pkcs12_decoder_set_attribute_value(sec_PKCS12SafeBag *bag,
+ SECOidTag attributeType,
+ SECItem *attrValue)
+{
+ int i = 0;
+ SECOidData *oid;
+
+ if (!bag || !attrValue) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ oid = SECOID_FindOIDByTag(attributeType);
+ if (!oid) {
+ return SECFailure;
+ }
+
+ if (!bag->attribs) {
+ bag->attribs =
+ PORT_ArenaZNewArray(bag->arena, sec_PKCS12Attribute *, 2);
+ } else {
+ while (bag->attribs[i])
+ i++;
+ bag->attribs = PORT_ArenaGrowArray(bag->arena, bag->attribs,
+ sec_PKCS12Attribute *, i + 1, i + 2);
+ }
+
+ if (!bag->attribs) {
+ return SECFailure;
+ }
+
+ bag->attribs[i] = PORT_ArenaZNew(bag->arena, sec_PKCS12Attribute);
+ if (!bag->attribs[i]) {
+ return SECFailure;
+ }
+
+ bag->attribs[i]->attrValue = PORT_ArenaZNewArray(bag->arena, SECItem *, 2);
+ if (!bag->attribs[i]->attrValue) {
+ return SECFailure;
+ }
+
+ bag->attribs[i + 1] = NULL;
+ bag->attribs[i]->attrValue[0] = attrValue;
+ bag->attribs[i]->attrValue[1] = NULL;
+
+ return SECITEM_CopyItem(bag->arena, &bag->attribs[i]->attrType, &oid->oid);
+}
+
+static SECItem *
+sec_pkcs12_get_attribute_value(sec_PKCS12SafeBag *bag,
+ SECOidTag attributeType)
+{
+ int i;
+
+ if (!bag->attribs) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ for (i = 0; bag->attribs[i] != NULL; i++) {
+ if (SECOID_FindOIDTag(&bag->attribs[i]->attrType) == attributeType) {
+ return bag->attribs[i]->attrValue[0];
+ }
+ }
+ return NULL;
+}
+
+/* For now, this function will merely remove any ":"
+ * in the nickname which the PK11 functions may have
+ * placed there. This will keep dual certs from appearing
+ * twice under "Your" certificates when imported onto smart
+ * cards. Once with the name "Slot:Cert" and another with
+ * the nickname "Slot:Slot:Cert"
+ */
+static void
+sec_pkcs12_sanitize_nickname(PK11SlotInfo *slot, SECItem *nick)
+{
+ char *nickname;
+ char *delimit;
+ int delimitlen;
+
+ nickname = (char *)nick->data;
+ if ((delimit = PORT_Strchr(nickname, ':')) != NULL) {
+ char *slotName;
+ int slotNameLen;
+
+ slotNameLen = delimit - nickname;
+ slotName = PORT_NewArray(char, (slotNameLen + 1));
+ PORT_Assert(slotName);
+ if (slotName == NULL) {
+ /* What else can we do?*/
+ return;
+ }
+ PORT_Memcpy(slotName, nickname, slotNameLen);
+ slotName[slotNameLen] = '\0';
+ if (PORT_Strcmp(PK11_GetTokenName(slot), slotName) == 0) {
+ delimitlen = PORT_Strlen(delimit + 1);
+ PORT_Memmove(nickname, delimit + 1, delimitlen + 1);
+ nick->len = delimitlen;
+ }
+ PORT_Free(slotName);
+ }
+}
+
+static SECItem *
+sec_pkcs12_get_nickname(sec_PKCS12SafeBag *bag)
+{
+ SECItem *src, *dest;
+
+ if (!bag) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ src = sec_pkcs12_get_attribute_value(bag, SEC_OID_PKCS9_FRIENDLY_NAME);
+
+ /* The return value src is 16-bit Unicode characters, in big-endian format.
+ * Check if it is NULL or empty name.
+ */
+ if (!src || !src->data || src->len < 2 || (!src->data[0] && !src->data[1])) {
+ return NULL;
+ }
+
+ dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (!dest) {
+ goto loser;
+ }
+ if (!sec_pkcs12_convert_item_to_unicode(NULL, dest, src, PR_FALSE,
+ PR_FALSE, PR_FALSE)) {
+ goto loser;
+ }
+
+ sec_pkcs12_sanitize_nickname(bag->slot, dest);
+
+ return dest;
+
+loser:
+ if (dest) {
+ SECITEM_ZfreeItem(dest, PR_TRUE);
+ }
+
+ bag->problem = PR_TRUE;
+ bag->error = PORT_GetError();
+ return NULL;
+}
+
+static SECStatus
+sec_pkcs12_set_nickname(sec_PKCS12SafeBag *bag, SECItem *name)
+{
+ sec_PKCS12Attribute *attr = NULL;
+ SECOidData *oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_FRIENDLY_NAME);
+
+ if (!bag || !bag->arena || !name) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!bag->attribs) {
+ if (!oid) {
+ goto loser;
+ }
+
+ bag->attribs =
+ PORT_ArenaZNewArray(bag->arena, sec_PKCS12Attribute *, 2);
+ if (!bag->attribs) {
+ goto loser;
+ }
+ bag->attribs[0] = PORT_ArenaZNew(bag->arena, sec_PKCS12Attribute);
+ if (!bag->attribs[0]) {
+ goto loser;
+ }
+ bag->attribs[1] = NULL;
+
+ attr = bag->attribs[0];
+ if (SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid) != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ int i;
+ for (i = 0; bag->attribs[i]; i++) {
+ if (SECOID_FindOIDTag(&bag->attribs[i]->attrType) == SEC_OID_PKCS9_FRIENDLY_NAME) {
+ attr = bag->attribs[i];
+ break;
+ }
+ }
+ if (!attr) {
+ if (!oid) {
+ goto loser;
+ }
+ bag->attribs = PORT_ArenaGrowArray(bag->arena, bag->attribs,
+ sec_PKCS12Attribute *, i + 1, i + 2);
+ if (!bag->attribs) {
+ goto loser;
+ }
+ bag->attribs[i] = PORT_ArenaZNew(bag->arena, sec_PKCS12Attribute);
+ if (!bag->attribs[i]) {
+ goto loser;
+ }
+ bag->attribs[i + 1] = NULL;
+ attr = bag->attribs[i];
+ if (SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid) != SECSuccess) {
+ goto loser;
+ }
+ }
+ }
+
+ PORT_Assert(attr);
+ if (!attr->attrValue) {
+ attr->attrValue = PORT_ArenaZNewArray(bag->arena, SECItem *, 2);
+ if (!attr->attrValue) {
+ goto loser;
+ }
+ attr->attrValue[0] = PORT_ArenaZNew(bag->arena, SECItem);
+ if (!attr->attrValue[0]) {
+ goto loser;
+ }
+ attr->attrValue[1] = NULL;
+ }
+
+ name->len = PORT_Strlen((char *)name->data);
+ if (!sec_pkcs12_convert_item_to_unicode(bag->arena, attr->attrValue[0],
+ name, PR_FALSE, PR_FALSE, PR_TRUE)) {
+ goto loser;
+ }
+
+ return SECSuccess;
+
+loser:
+ bag->problem = PR_TRUE;
+ bag->error = PORT_GetError();
+ return SECFailure;
+}
+
+static SECStatus
+sec_pkcs12_get_key_info(sec_PKCS12SafeBag *key)
+{
+ int i = 0;
+ SECKEYPrivateKeyInfo *pki = NULL;
+
+ if (!key) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* if the bag does *not* contain an unencrypted PrivateKeyInfo
+ * then we cannot convert the attributes. We are propagating
+ * attributes within the PrivateKeyInfo to the SafeBag level.
+ */
+ if (SECOID_FindOIDTag(&(key->safeBagType)) !=
+ SEC_OID_PKCS12_V1_KEY_BAG_ID) {
+ return SECSuccess;
+ }
+
+ pki = key->safeBagContent.pkcs8KeyBag;
+
+ if (!pki || !pki->attributes) {
+ return SECSuccess;
+ }
+
+ while (pki->attributes[i]) {
+ SECOidTag tag = SECOID_FindOIDTag(&pki->attributes[i]->attrType);
+
+ if (tag == SEC_OID_PKCS9_LOCAL_KEY_ID ||
+ tag == SEC_OID_PKCS9_FRIENDLY_NAME) {
+ SECItem *attrValue = sec_pkcs12_get_attribute_value(key, tag);
+ if (!attrValue) {
+ if (sec_pkcs12_decoder_set_attribute_value(key, tag,
+ pki->attributes[i]->attrValue[0]) != SECSuccess) {
+ key->problem = PR_TRUE;
+ key->error = PORT_GetError();
+ return SECFailure;
+ }
+ }
+ }
+ i++;
+ }
+
+ return SECSuccess;
+}
+
+/* retrieve the nickname for the certificate bag. first look
+ * in the cert bag, otherwise get it from the key.
+ */
+static SECItem *
+sec_pkcs12_get_nickname_for_cert(sec_PKCS12SafeBag *cert,
+ sec_PKCS12SafeBag *key)
+{
+ SECItem *nickname;
+
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ nickname = sec_pkcs12_get_nickname(cert);
+ if (nickname) {
+ return nickname;
+ }
+
+ if (key) {
+ nickname = sec_pkcs12_get_nickname(key);
+
+ if (nickname && sec_pkcs12_set_nickname(cert, nickname) != SECSuccess) {
+ SECITEM_ZfreeItem(nickname, PR_TRUE);
+ return NULL;
+ }
+ }
+
+ return nickname;
+}
+
+/* set the nickname for the certificate */
+static SECStatus
+sec_pkcs12_set_nickname_for_cert(sec_PKCS12SafeBag *cert,
+ sec_PKCS12SafeBag *key,
+ SECItem *nickname)
+{
+ if (!nickname || !cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (sec_pkcs12_set_nickname(cert, nickname) != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (key) {
+ if (sec_pkcs12_set_nickname(key, nickname) != SECSuccess) {
+ cert->problem = PR_TRUE;
+ cert->error = key->error;
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/* retrieve the DER cert from the cert bag */
+static SECItem *
+sec_pkcs12_get_der_cert(sec_PKCS12SafeBag *cert)
+{
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (SECOID_FindOIDTag(&cert->safeBagType) != SEC_OID_PKCS12_V1_CERT_BAG_ID) {
+ return NULL;
+ }
+
+ /* only support X509 certs not SDSI */
+ if (SECOID_FindOIDTag(&cert->safeBagContent.certBag->bagID) != SEC_OID_PKCS9_X509_CERT) {
+ return NULL;
+ }
+
+ return SECITEM_DupItem(&(cert->safeBagContent.certBag->value.x509Cert));
+}
+
+struct certNickInfo {
+ PLArenaPool *arena;
+ unsigned int nNicks;
+ SECItem **nickList;
+ unsigned int error;
+};
+
+/* callback for traversing certificates to gather the nicknames
+ * used in a particular traversal. for instance, when using
+ * CERT_TraversePermCertsForSubject, gather the nicknames and
+ * store them in the certNickInfo for a particular DN.
+ *
+ * this handles the case where multiple nicknames are allowed
+ * for the same dn, which is not currently allowed, but may be
+ * in the future.
+ */
+static SECStatus
+gatherNicknames(CERTCertificate *cert, void *arg)
+{
+ struct certNickInfo *nickArg = (struct certNickInfo *)arg;
+ SECItem tempNick;
+ unsigned int i;
+
+ if (!cert || !nickArg || nickArg->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!cert->nickname) {
+ return SECSuccess;
+ }
+
+ tempNick.data = (unsigned char *)cert->nickname;
+ tempNick.len = PORT_Strlen(cert->nickname) + 1;
+ tempNick.type = siAsciiString;
+
+ /* do we already have the nickname in the list? */
+ if (nickArg->nNicks > 0) {
+
+ /* nicknames have been encountered, but there is no list -- bad */
+ if (!nickArg->nickList) {
+ nickArg->error = SEC_ERROR_INVALID_ARGS;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ for (i = 0; i < nickArg->nNicks; i++) {
+ if (SECITEM_CompareItem(nickArg->nickList[i], &tempNick) == SECEqual) {
+ return SECSuccess;
+ }
+ }
+ }
+
+ /* add the nickname to the list */
+ nickArg->nickList = (nickArg->nNicks == 0)
+ ? PORT_ArenaZNewArray(nickArg->arena, SECItem *, 2)
+ : PORT_ArenaGrowArray(nickArg->arena, nickArg->nickList, SECItem *,
+ nickArg->nNicks + 1, nickArg->nNicks + 2);
+
+ if (!nickArg->nickList) {
+ nickArg->error = SEC_ERROR_NO_MEMORY;
+ return SECFailure;
+ }
+
+ nickArg->nickList[nickArg->nNicks] =
+ PORT_ArenaZNew(nickArg->arena, SECItem);
+ if (!nickArg->nickList[nickArg->nNicks]) {
+ nickArg->error = PORT_GetError();
+ return SECFailure;
+ }
+
+ if (SECITEM_CopyItem(nickArg->arena, nickArg->nickList[nickArg->nNicks],
+ &tempNick) != SECSuccess) {
+ nickArg->error = PORT_GetError();
+ return SECFailure;
+ }
+
+ nickArg->nNicks++;
+
+ return SECSuccess;
+}
+
+/* traverses the certs in the data base or in the token for the
+ * DN to see if any certs currently have a nickname set.
+ * If so, return it.
+ */
+static SECItem *
+sec_pkcs12_get_existing_nick_for_dn(sec_PKCS12SafeBag *cert)
+{
+ struct certNickInfo *nickArg = NULL;
+ SECItem *derCert, *returnDn = NULL;
+ PLArenaPool *arena = NULL;
+ CERTCertificate *tempCert;
+
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ derCert = sec_pkcs12_get_der_cert(cert);
+ if (!derCert) {
+ return NULL;
+ }
+
+ tempCert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
+ if (!tempCert) {
+ returnDn = NULL;
+ goto loser;
+ }
+
+ arena = PORT_NewArena(1024);
+ if (!arena) {
+ returnDn = NULL;
+ goto loser;
+ }
+ nickArg = PORT_ArenaZNew(arena, struct certNickInfo);
+ if (!nickArg) {
+ returnDn = NULL;
+ goto loser;
+ }
+ nickArg->error = 0;
+ nickArg->nNicks = 0;
+ nickArg->nickList = NULL;
+ nickArg->arena = arena;
+
+ /* if the token is local, first traverse the cert database
+ * then traverse the token.
+ */
+ if (PK11_TraverseCertsForSubjectInSlot(tempCert, cert->slot, gatherNicknames,
+ (void *)nickArg) != SECSuccess) {
+ returnDn = NULL;
+ goto loser;
+ }
+
+ if (nickArg->error) {
+ /* XXX do we want to set the error? */
+ returnDn = NULL;
+ goto loser;
+ }
+
+ if (nickArg->nNicks == 0) {
+ returnDn = NULL;
+ goto loser;
+ }
+
+ /* set it to the first name, for now. handle multiple names? */
+ returnDn = SECITEM_DupItem(nickArg->nickList[0]);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+
+ if (tempCert) {
+ CERT_DestroyCertificate(tempCert);
+ }
+
+ if (derCert) {
+ SECITEM_FreeItem(derCert, PR_TRUE);
+ }
+
+ return (returnDn);
+}
+
+/* counts certificates found for a given traversal function */
+static SECStatus
+countCertificate(CERTCertificate *cert, void *arg)
+{
+ unsigned int *nCerts = (unsigned int *)arg;
+
+ if (!cert || !arg) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ (*nCerts)++;
+ return SECSuccess;
+}
+
+static PRBool
+sec_pkcs12_certs_for_nickname_exist(SECItem *nickname, PK11SlotInfo *slot)
+{
+ unsigned int nCerts = 0;
+
+ if (!nickname || !slot) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return PR_TRUE;
+ }
+
+ /* we want to check the local database first if we are importing to it */
+ PK11_TraverseCertsForNicknameInSlot(nickname, slot, countCertificate,
+ (void *)&nCerts);
+ return (PRBool)(nCerts != 0);
+}
+
+/* validate cert nickname such that there is a one-to-one relation
+ * between nicknames and dn's. we want to enforce the case that the
+ * nickname is non-NULL and that there is only one nickname per DN.
+ *
+ * if there is a problem with a nickname or the nickname is not present,
+ * the user will be prompted for it.
+ */
+static void
+sec_pkcs12_validate_cert_nickname(sec_PKCS12SafeBag *cert,
+ sec_PKCS12SafeBag *key,
+ SEC_PKCS12NicknameCollisionCallback nicknameCb,
+ CERTCertificate *leafCert)
+{
+ SECItem *certNickname, *existingDNNick;
+ PRBool setNickname = PR_FALSE, cancel = PR_FALSE;
+ SECItem *newNickname = NULL;
+
+ if (!cert || !cert->hasKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ if (!nicknameCb) {
+ cert->problem = PR_TRUE;
+ cert->error = SEC_ERROR_INVALID_ARGS;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ if (cert->hasKey && !key) {
+ cert->problem = PR_TRUE;
+ cert->error = SEC_ERROR_INVALID_ARGS;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ certNickname = sec_pkcs12_get_nickname_for_cert(cert, key);
+ existingDNNick = sec_pkcs12_get_existing_nick_for_dn(cert);
+
+ /* nickname is already used w/ this dn, so it is safe to return */
+ if (certNickname && existingDNNick &&
+ SECITEM_CompareItem(certNickname, existingDNNick) == SECEqual) {
+ goto loser;
+ }
+
+ /* nickname not set in pkcs 12 bags, but a nick is already used for
+ * this dn. set the nicks in the p12 bags and finish.
+ */
+ if (existingDNNick) {
+ sec_pkcs12_set_nickname_for_cert(cert, key, existingDNNick);
+ goto loser;
+ }
+
+ /* at this point, we have a certificate for which the DN is not located
+ * on the token. the nickname specified may or may not be NULL. if it
+ * is not null, we need to make sure that there are no other certificates
+ * with this nickname in the token for it to be valid. this imposes a
+ * one to one relationship between DN and nickname.
+ *
+ * if the nickname is null, we need the user to enter a nickname for
+ * the certificate.
+ *
+ * once we have a nickname, we make sure that the nickname is unique
+ * for the DN. if it is not, the user is reprompted to enter a new
+ * nickname.
+ *
+ * in order to exit this loop, the nickname entered is either unique
+ * or the user hits cancel and the certificate is not imported.
+ */
+ setNickname = PR_FALSE;
+ while (1) {
+ /* we will use the nickname so long as no other certs have the
+ * same nickname. and the nickname is not NULL.
+ */
+ if (certNickname && certNickname->data &&
+ !sec_pkcs12_certs_for_nickname_exist(certNickname, cert->slot)) {
+ if (setNickname) {
+ sec_pkcs12_set_nickname_for_cert(cert, key, certNickname);
+ }
+ break;
+ }
+
+ setNickname = PR_FALSE;
+ newNickname = (*nicknameCb)(certNickname, &cancel, leafCert);
+ if (cancel) {
+ cert->problem = PR_TRUE;
+ cert->error = SEC_ERROR_USER_CANCELLED;
+ break;
+ }
+
+ if (!newNickname) {
+ cert->problem = PR_TRUE;
+ cert->error = PORT_GetError();
+ break;
+ }
+
+ /* at this point we have a new nickname, if we have an existing
+ * certNickname, we need to free it and assign the new nickname
+ * to it to avoid a memory leak. happy?
+ */
+ if (certNickname) {
+ SECITEM_ZfreeItem(certNickname, PR_TRUE);
+ certNickname = NULL;
+ }
+
+ certNickname = newNickname;
+ setNickname = PR_TRUE;
+ /* go back and recheck the new nickname */
+ }
+
+loser:
+ if (certNickname) {
+ SECITEM_ZfreeItem(certNickname, PR_TRUE);
+ }
+
+ if (existingDNNick) {
+ SECITEM_ZfreeItem(existingDNNick, PR_TRUE);
+ }
+}
+
+static void
+sec_pkcs12_validate_cert(sec_PKCS12SafeBag *cert,
+ sec_PKCS12SafeBag *key,
+ SEC_PKCS12NicknameCollisionCallback nicknameCb)
+{
+ CERTCertificate *leafCert;
+
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ cert->validated = PR_TRUE;
+
+ if (!nicknameCb) {
+ cert->noInstall = PR_TRUE;
+ cert->problem = PR_TRUE;
+ cert->error = SEC_ERROR_INVALID_ARGS;
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ if (!cert->safeBagContent.certBag) {
+ cert->noInstall = PR_TRUE;
+ cert->problem = PR_TRUE;
+ cert->error = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
+ return;
+ }
+
+ cert->noInstall = PR_FALSE;
+ cert->unused = PR_FALSE;
+ cert->problem = PR_FALSE;
+ cert->error = 0;
+
+ leafCert = CERT_DecodeDERCertificate(
+ &cert->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
+ if (!leafCert) {
+ cert->noInstall = PR_TRUE;
+ cert->problem = PR_TRUE;
+ cert->error = PORT_GetError();
+ return;
+ }
+
+ sec_pkcs12_validate_cert_nickname(cert, key, nicknameCb, leafCert);
+
+ CERT_DestroyCertificate(leafCert);
+}
+
+static void
+sec_pkcs12_validate_key_by_cert(sec_PKCS12SafeBag *cert, sec_PKCS12SafeBag *key,
+ void *wincx)
+{
+ CERTCertificate *leafCert;
+ SECKEYPrivateKey *privk;
+
+ if (!key) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ key->validated = PR_TRUE;
+
+ if (!cert) {
+ key->problem = PR_TRUE;
+ key->noInstall = PR_TRUE;
+ key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
+ return;
+ }
+
+ leafCert = CERT_DecodeDERCertificate(
+ &(cert->safeBagContent.certBag->value.x509Cert), PR_FALSE, NULL);
+ if (!leafCert) {
+ key->problem = PR_TRUE;
+ key->noInstall = PR_TRUE;
+ key->error = PORT_GetError();
+ return;
+ }
+
+ privk = PK11_FindPrivateKeyFromCert(key->slot, leafCert, wincx);
+ if (!privk) {
+ privk = PK11_FindKeyByDERCert(key->slot, leafCert, wincx);
+ }
+
+ if (privk) {
+ SECKEY_DestroyPrivateKey(privk);
+ key->noInstall = PR_TRUE;
+ }
+
+ CERT_DestroyCertificate(leafCert);
+}
+
+static SECStatus
+sec_pkcs12_add_cert(sec_PKCS12SafeBag *cert, PRBool keyExists, void *wincx)
+{
+ SECItem *derCert, *nickName;
+ char *nickData = NULL;
+ PRBool isIntermediateCA;
+ SECStatus rv;
+
+ if (!cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (cert->problem || cert->noInstall || cert->installed) {
+ return SECSuccess;
+ }
+
+ derCert = &cert->safeBagContent.certBag->value.x509Cert;
+
+ PORT_Assert(!cert->problem && !cert->noInstall);
+
+ nickName = sec_pkcs12_get_nickname(cert);
+ if (nickName) {
+ nickData = (char *)nickName->data;
+ }
+
+ isIntermediateCA = CERT_IsCADERCert(derCert, NULL) &&
+ !CERT_IsRootDERCert(derCert);
+
+ if (keyExists) {
+ CERTCertificate *newCert;
+
+ newCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ derCert, NULL, PR_FALSE, PR_FALSE);
+ if (!newCert) {
+ if (nickName)
+ SECITEM_ZfreeItem(nickName, PR_TRUE);
+ cert->error = PORT_GetError();
+ cert->problem = PR_TRUE;
+ return SECFailure;
+ }
+
+ rv = PK11_ImportCertForKeyToSlot(cert->slot, newCert, nickData,
+ PR_TRUE, wincx);
+ CERT_DestroyCertificate(newCert);
+ } else if ((cert->tokenCAs == SECPKCS12TargetTokenNoCAs) ||
+ ((cert->tokenCAs == SECPKCS12TargetTokenIntermediateCAs) &&
+ !isIntermediateCA)) {
+ SECItem *certList[2];
+ certList[0] = derCert;
+ certList[1] = NULL;
+
+ rv = CERT_ImportCerts(CERT_GetDefaultCertDB(), certUsageUserCertImport,
+ 1, certList, NULL, PR_TRUE, PR_FALSE, nickData);
+ } else {
+ rv = PK11_ImportDERCert(cert->slot, derCert, CK_INVALID_HANDLE,
+ nickData, PR_FALSE);
+ }
+ if (rv) {
+ cert->problem = 1;
+ cert->error = PORT_GetError();
+ }
+ cert->installed = PR_TRUE;
+ if (nickName)
+ SECITEM_ZfreeItem(nickName, PR_TRUE);
+ return rv;
+}
+
+static SECItem *
+sec_pkcs12_get_public_value_and_type(SECKEYPublicKey *pubKey, KeyType *type);
+
+static SECStatus
+sec_pkcs12_add_key(sec_PKCS12SafeBag *key, SECKEYPublicKey *pubKey,
+ unsigned int keyUsage,
+ SECItem *nickName, void *wincx)
+{
+ SECStatus rv;
+ SECItem *publicValue = NULL;
+ KeyType keyType;
+
+ /* We should always have values for "key" and "pubKey"
+ so they can be dereferenced later. */
+ if (!key || !pubKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (key->problem || key->noInstall) {
+ return SECSuccess;
+ }
+
+ /* get the value and type from the public key */
+ publicValue = sec_pkcs12_get_public_value_and_type(pubKey, &keyType);
+ if (!publicValue) {
+ key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
+ key->problem = PR_TRUE;
+ return SECFailure;
+ }
+
+ switch (SECOID_FindOIDTag(&key->safeBagType)) {
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ rv = PK11_ImportPrivateKeyInfo(key->slot,
+ key->safeBagContent.pkcs8KeyBag,
+ nickName, publicValue, PR_TRUE, PR_TRUE,
+ keyUsage, wincx);
+ break;
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ rv = PK11_ImportEncryptedPrivateKeyInfo(key->slot,
+ key->safeBagContent.pkcs8ShroudedKeyBag,
+ key->pwitem, nickName, publicValue,
+ PR_TRUE, PR_TRUE, keyType, keyUsage,
+ wincx);
+ break;
+ default:
+ key->error = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
+ key->problem = PR_TRUE;
+ if (nickName) {
+ SECITEM_ZfreeItem(nickName, PR_TRUE);
+ }
+ return SECFailure;
+ }
+
+ if (rv != SECSuccess) {
+ key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
+ key->problem = PR_TRUE;
+ } else {
+ /* try to import the public key. Failure to do so is not fatal,
+ * not all tokens can store the public key */
+ if (pubKey) {
+ PK11_ImportPublicKey(key->slot, pubKey, PR_TRUE);
+ }
+ key->installed = PR_TRUE;
+ }
+
+ return rv;
+}
+
+/*
+ * The correctness of the code in this file ABSOLUTELY REQUIRES
+ * that ALL BAGs share a single common arena.
+ *
+ * This function allocates the bag list from the arena of whatever bag
+ * happens to be passed to it. Each time a new bag is handed to it,
+ * it grows (resizes) the arena of the bag that was handed to it.
+ * If the bags have different arenas, it will grow the wrong arena.
+ *
+ * Worse, if the bags had separate arenas, then while destroying the bags
+ * in a bag list, when the bag whose arena contained the bag list was
+ * destroyed, the baglist itself would be destroyed, making it difficult
+ * or impossible to continue to destroy the bags in the destroyed list.
+ */
+static SECStatus
+sec_pkcs12_add_item_to_bag_list(sec_PKCS12SafeBag ***bagList,
+ sec_PKCS12SafeBag *bag)
+{
+ sec_PKCS12SafeBag **newBagList = NULL;
+ int i = 0;
+
+ if (!bagList || !bag) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!(*bagList)) {
+ newBagList = PORT_ArenaZNewArray(bag->arena, sec_PKCS12SafeBag *, 2);
+ } else {
+ while ((*bagList)[i])
+ i++;
+ newBagList = PORT_ArenaGrowArray(bag->arena, *bagList,
+ sec_PKCS12SafeBag *, i + 1, i + 2);
+ }
+
+ if (!newBagList) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ newBagList[i] = bag;
+ newBagList[i + 1] = NULL;
+ *bagList = newBagList;
+
+ return SECSuccess;
+}
+
+static sec_PKCS12SafeBag **
+sec_pkcs12_find_certs_for_key(sec_PKCS12SafeBag **safeBags,
+ sec_PKCS12SafeBag *key)
+{
+ sec_PKCS12SafeBag **certList = NULL;
+ SECItem *keyId;
+ int i;
+
+ if (!safeBags || !safeBags[0]) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ keyId = sec_pkcs12_get_attribute_value(key, SEC_OID_PKCS9_LOCAL_KEY_ID);
+ if (!keyId) {
+ return NULL;
+ }
+
+ for (i = 0; safeBags[i]; i++) {
+ if (SECOID_FindOIDTag(&(safeBags[i]->safeBagType)) == SEC_OID_PKCS12_V1_CERT_BAG_ID) {
+ SECItem *certKeyId = sec_pkcs12_get_attribute_value(safeBags[i],
+ SEC_OID_PKCS9_LOCAL_KEY_ID);
+
+ if (certKeyId && (SECITEM_CompareItem(certKeyId, keyId) == SECEqual)) {
+ if (sec_pkcs12_add_item_to_bag_list(&certList, safeBags[i]) != SECSuccess) {
+ /* This would leak the partial list of safeBags,
+ * but that list is allocated from the arena of
+ * one of the safebags, and will be destroyed when
+ * that arena is destroyed. So this is not a real leak.
+ */
+ return NULL;
+ }
+ }
+ }
+ }
+
+ return certList;
+}
+
+CERTCertList *
+SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx)
+{
+ CERTCertList *certList = NULL;
+ sec_PKCS12SafeBag **safeBags;
+ int i;
+
+ if (!p12dcx || !p12dcx->safeBags || !p12dcx->safeBags[0]) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ safeBags = p12dcx->safeBags;
+ certList = CERT_NewCertList();
+
+ if (certList == NULL) {
+ return NULL;
+ }
+
+ for (i = 0; safeBags[i]; i++) {
+ if (SECOID_FindOIDTag(&(safeBags[i]->safeBagType)) == SEC_OID_PKCS12_V1_CERT_BAG_ID) {
+ SECItem *derCert = sec_pkcs12_get_der_cert(safeBags[i]);
+ CERTCertificate *tempCert = NULL;
+
+ if (derCert == NULL)
+ continue;
+ tempCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ derCert, NULL,
+ PR_FALSE, PR_TRUE);
+
+ if (tempCert) {
+ CERT_AddCertToListTail(certList, tempCert);
+ }
+ SECITEM_FreeItem(derCert, PR_TRUE);
+ }
+ /* fixed an infinite loop here, by ensuring that i gets incremented
+ * if derCert is NULL above.
+ */
+ }
+
+ return certList;
+}
+static sec_PKCS12SafeBag **
+sec_pkcs12_get_key_bags(sec_PKCS12SafeBag **safeBags)
+{
+ int i;
+ sec_PKCS12SafeBag **keyList = NULL;
+ SECOidTag bagType;
+
+ if (!safeBags || !safeBags[0]) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ for (i = 0; safeBags[i]; i++) {
+ bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
+ switch (bagType) {
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ if (sec_pkcs12_add_item_to_bag_list(&keyList, safeBags[i]) != SECSuccess) {
+ /* This would leak, except that keyList is allocated
+ * from the arena shared by all the safeBags.
+ */
+ return NULL;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+
+ return keyList;
+}
+
+/* This function takes two passes over the bags, validating them
+ * The two passes are intended to mirror exactly the two passes in
+ * sec_pkcs12_install_bags. But they don't. :(
+ */
+static SECStatus
+sec_pkcs12_validate_bags(sec_PKCS12SafeBag **safeBags,
+ SEC_PKCS12NicknameCollisionCallback nicknameCb,
+ void *wincx)
+{
+ sec_PKCS12SafeBag **keyList;
+ int i;
+
+ if (!safeBags || !nicknameCb) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!safeBags[0]) {
+ return SECSuccess;
+ }
+
+ /* First pass. Find all the key bags.
+ * Find the matching cert(s) for each key.
+ */
+ keyList = sec_pkcs12_get_key_bags(safeBags);
+ if (keyList) {
+ for (i = 0; keyList[i]; ++i) {
+ sec_PKCS12SafeBag *key = keyList[i];
+ sec_PKCS12SafeBag **certList =
+ sec_pkcs12_find_certs_for_key(safeBags, key);
+
+ if (certList) {
+ int j;
+
+ if (SECOID_FindOIDTag(&(key->safeBagType)) ==
+ SEC_OID_PKCS12_V1_KEY_BAG_ID) {
+ /* if it is an unencrypted private key then make sure
+ * the attributes are propageted to the appropriate
+ * level
+ */
+ if (sec_pkcs12_get_key_info(key) != SECSuccess) {
+ return SECFailure;
+ }
+ }
+
+ sec_pkcs12_validate_key_by_cert(certList[0], key, wincx);
+ for (j = 0; certList[j]; ++j) {
+ sec_PKCS12SafeBag *cert = certList[j];
+ cert->hasKey = PR_TRUE;
+ if (key->problem) {
+ cert->problem = PR_TRUE;
+ cert->error = key->error;
+ continue;
+ }
+ sec_pkcs12_validate_cert(cert, key, nicknameCb);
+ if (cert->problem) {
+ key->problem = cert->problem;
+ key->error = cert->error;
+ }
+ }
+ }
+ }
+ }
+
+ /* Now take a second pass over the safebags and mark for installation any
+ * certs that were neither installed nor disqualified by the first pass.
+ */
+ for (i = 0; safeBags[i]; ++i) {
+ sec_PKCS12SafeBag *bag = safeBags[i];
+
+ if (!bag->validated) {
+ SECOidTag bagType = SECOID_FindOIDTag(&bag->safeBagType);
+
+ switch (bagType) {
+ case SEC_OID_PKCS12_V1_CERT_BAG_ID:
+ sec_pkcs12_validate_cert(bag, NULL, nicknameCb);
+ break;
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ bag->noInstall = PR_TRUE;
+ bag->problem = PR_TRUE;
+ bag->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
+ break;
+ default:
+ bag->noInstall = PR_TRUE;
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
+ SEC_PKCS12NicknameCollisionCallback nicknameCb)
+{
+ SECStatus rv;
+ int i, noInstallCnt, probCnt, bagCnt, errorVal = 0;
+ if (!p12dcx || p12dcx->error || !p12dcx->safeBags) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ rv = sec_pkcs12_validate_bags(p12dcx->safeBags, nicknameCb, p12dcx->wincx);
+ if (rv == SECSuccess) {
+ p12dcx->bagsVerified = PR_TRUE;
+ }
+
+ noInstallCnt = probCnt = bagCnt = 0;
+ i = 0;
+ while (p12dcx->safeBags[i]) {
+ bagCnt++;
+ if (p12dcx->safeBags[i]->noInstall)
+ noInstallCnt++;
+ if (p12dcx->safeBags[i]->problem) {
+ probCnt++;
+ errorVal = p12dcx->safeBags[i]->error;
+ }
+ i++;
+ }
+
+ /* formerly was erroneous code here that assumed that if all bags
+ * failed to import, then the problem was duplicated data;
+ * that is, it assume that the problem must be that the file had
+ * previously been successfully imported. But importing a
+ * previously imported file causes NO ERRORS at all, and this
+ * false assumption caused real errors to be hidden behind false
+ * errors about duplicated data.
+ */
+
+ if (probCnt) {
+ PORT_SetError(errorVal);
+ return SECFailure;
+ }
+
+ return rv;
+}
+
+SECStatus
+SEC_PKCS12DecoderRenameCertNicknames(SEC_PKCS12DecoderContext *p12dcx,
+ SEC_PKCS12NicknameRenameCallback nicknameCb,
+ void *arg)
+{
+ int i;
+ sec_PKCS12SafeBag *safeBag;
+ CERTCertificate *cert;
+ SECStatus srv;
+
+ if (!p12dcx || p12dcx->error || !p12dcx->safeBags || !nicknameCb) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ for (i = 0; (safeBag = p12dcx->safeBags[i]); i++) {
+ SECItem *newNickname = NULL;
+ SECItem *defaultNickname = NULL;
+ SECStatus rename_rv;
+
+ if (SECOID_FindOIDTag(&(safeBag->safeBagType)) !=
+ SEC_OID_PKCS12_V1_CERT_BAG_ID) {
+ continue;
+ }
+
+ cert = CERT_DecodeDERCertificate(
+ &safeBag->safeBagContent.certBag->value.x509Cert,
+ PR_FALSE, NULL);
+ if (!cert) {
+ return SECFailure;
+ }
+
+ defaultNickname = sec_pkcs12_get_nickname(safeBag);
+ rename_rv = (*nicknameCb)(cert, defaultNickname, &newNickname, arg);
+
+ CERT_DestroyCertificate(cert);
+
+ if (defaultNickname) {
+ SECITEM_ZfreeItem(defaultNickname, PR_TRUE);
+ defaultNickname = NULL;
+ }
+
+ if (rename_rv != SECSuccess) {
+ return rename_rv;
+ }
+
+ if (newNickname) {
+ srv = sec_pkcs12_set_nickname(safeBag, newNickname);
+ SECITEM_ZfreeItem(newNickname, PR_TRUE);
+ newNickname = NULL;
+ if (srv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+static SECKEYPublicKey *
+sec_pkcs12_get_public_key_and_usage(sec_PKCS12SafeBag *certBag,
+ unsigned int *usage)
+{
+ SECKEYPublicKey *pubKey = NULL;
+ CERTCertificate *cert = NULL;
+
+ if (!certBag || !usage) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ *usage = 0;
+
+ cert = CERT_DecodeDERCertificate(
+ &certBag->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
+ if (!cert) {
+ return NULL;
+ }
+
+ *usage = cert->keyUsage;
+ pubKey = CERT_ExtractPublicKey(cert);
+ CERT_DestroyCertificate(cert);
+ return pubKey;
+}
+
+static SECItem *
+sec_pkcs12_get_public_value_and_type(SECKEYPublicKey *pubKey,
+ KeyType *type)
+{
+ SECItem *pubValue = NULL;
+
+ if (!type || !pubKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ *type = pubKey->keyType;
+ switch (pubKey->keyType) {
+ case dsaKey:
+ pubValue = &pubKey->u.dsa.publicValue;
+ break;
+ case dhKey:
+ pubValue = &pubKey->u.dh.publicValue;
+ break;
+ case rsaKey:
+ pubValue = &pubKey->u.rsa.modulus;
+ break;
+ case ecKey:
+ pubValue = &pubKey->u.ec.publicValue;
+ break;
+ default:
+ pubValue = NULL;
+ }
+
+ return pubValue;
+}
+
+/* This function takes two passes over the bags, installing them in the
+ * desired slot. The two passes are intended to mirror exactly the
+ * two passes in sec_pkcs12_validate_bags.
+ */
+static SECStatus
+sec_pkcs12_install_bags(sec_PKCS12SafeBag **safeBags, void *wincx)
+{
+ sec_PKCS12SafeBag **keyList;
+ int i;
+ int failedKeys = 0;
+
+ if (!safeBags) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!safeBags[0]) {
+ return SECSuccess;
+ }
+
+ /* First pass. Find all the key bags.
+ * Try to install them, and any certs associated with them.
+ */
+ keyList = sec_pkcs12_get_key_bags(safeBags);
+ if (keyList) {
+ for (i = 0; keyList[i]; i++) {
+ SECStatus rv;
+ SECKEYPublicKey *pubKey = NULL;
+ SECItem *nickName = NULL;
+ sec_PKCS12SafeBag *key = keyList[i];
+ sec_PKCS12SafeBag **certList;
+ unsigned int keyUsage;
+
+ if (key->problem) {
+ ++failedKeys;
+ continue;
+ }
+
+ certList = sec_pkcs12_find_certs_for_key(safeBags, key);
+ if (certList && certList[0]) {
+ pubKey = sec_pkcs12_get_public_key_and_usage(certList[0],
+ &keyUsage);
+ /* use the cert's nickname, if it has one, else use the
+ * key's nickname, else fail.
+ */
+ nickName = sec_pkcs12_get_nickname_for_cert(certList[0], key);
+ } else {
+ nickName = sec_pkcs12_get_nickname(key);
+ }
+ if (!nickName) {
+ key->error = SEC_ERROR_BAD_NICKNAME;
+ key->problem = PR_TRUE;
+ rv = SECFailure;
+ } else if (!pubKey) {
+ key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
+ key->problem = PR_TRUE;
+ rv = SECFailure;
+ } else {
+ rv = sec_pkcs12_add_key(key, pubKey, keyUsage, nickName, wincx);
+ }
+ if (pubKey) {
+ SECKEY_DestroyPublicKey(pubKey);
+ pubKey = NULL;
+ }
+ if (nickName) {
+ SECITEM_FreeItem(nickName, PR_TRUE);
+ nickName = NULL;
+ }
+ if (rv != SECSuccess) {
+ PORT_SetError(key->error);
+ ++failedKeys;
+ }
+
+ if (certList) {
+ int j;
+
+ for (j = 0; certList[j]; j++) {
+ sec_PKCS12SafeBag *cert = certList[j];
+ SECStatus certRv;
+
+ if (!cert)
+ continue;
+ if (rv != SECSuccess) {
+ cert->problem = key->problem;
+ cert->error = key->error;
+ cert->noInstall = PR_TRUE;
+ continue;
+ }
+
+ certRv = sec_pkcs12_add_cert(cert, cert->hasKey, wincx);
+ if (certRv != SECSuccess) {
+ key->problem = cert->problem;
+ key->error = cert->error;
+ PORT_SetError(cert->error);
+ return SECFailure;
+ }
+ }
+ }
+ }
+ }
+ if (failedKeys)
+ return SECFailure;
+
+ /* Now take a second pass over the safebags and install any certs
+ * that were neither installed nor disqualified by the first pass.
+ */
+ for (i = 0; safeBags[i]; i++) {
+ sec_PKCS12SafeBag *bag = safeBags[i];
+
+ if (!bag->installed && !bag->problem && !bag->noInstall) {
+ SECStatus rv;
+ SECOidTag bagType = SECOID_FindOIDTag(&(bag->safeBagType));
+
+ switch (bagType) {
+ case SEC_OID_PKCS12_V1_CERT_BAG_ID:
+ rv = sec_pkcs12_add_cert(bag, bag->hasKey, wincx);
+ if (rv != SECSuccess) {
+ PORT_SetError(bag->error);
+ return SECFailure;
+ }
+ break;
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ default:
+ break;
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx)
+{
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!p12dcx->bagsVerified) {
+ return SECFailure;
+ }
+
+ return sec_pkcs12_install_bags(p12dcx->safeBags, p12dcx->wincx);
+}
+
+PRBool
+sec_pkcs12_bagHasKey(SEC_PKCS12DecoderContext *p12dcx, sec_PKCS12SafeBag *bag)
+{
+ int i;
+ SECItem *keyId;
+ SECItem *certKeyId;
+
+ certKeyId = sec_pkcs12_get_attribute_value(bag, SEC_OID_PKCS9_LOCAL_KEY_ID);
+ if (certKeyId == NULL) {
+ return PR_FALSE;
+ }
+
+ for (i = 0; p12dcx->keyList && p12dcx->keyList[i]; i++) {
+ keyId = sec_pkcs12_get_attribute_value(p12dcx->keyList[i],
+ SEC_OID_PKCS9_LOCAL_KEY_ID);
+ if (!keyId) {
+ continue;
+ }
+ if (SECITEM_CompareItem(certKeyId, keyId) == SECEqual) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+SECItem *
+sec_pkcs12_get_friendlyName(sec_PKCS12SafeBag *bag)
+{
+ SECItem *friendlyName;
+ SECItem *tempnm;
+
+ tempnm = sec_pkcs12_get_attribute_value(bag, SEC_OID_PKCS9_FRIENDLY_NAME);
+ friendlyName = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (friendlyName) {
+ if (!sec_pkcs12_convert_item_to_unicode(NULL, friendlyName,
+ tempnm, PR_TRUE, PR_FALSE, PR_FALSE)) {
+ SECITEM_FreeItem(friendlyName, PR_TRUE);
+ friendlyName = NULL;
+ }
+ }
+ return friendlyName;
+}
+
+/* Following two functions provide access to selected portions of the safe bags.
+ * Iteration is implemented per decoder context and may be accessed after
+ * SEC_PKCS12DecoderVerify() returns success.
+ * When ...DecoderIterateNext() returns SUCCESS a decoder item has been returned
+ * where item.type is always set; item.friendlyName is set if it is non-null;
+ * item.der, item.hasKey are set only for SEC_OID_PKCS12_V1_CERT_BAG_ID items.
+ * ...DecoderIterateNext() returns FAILURE when the list is exhausted or when
+ * arguments are invalid; PORT_GetError() is 0 at end-of-list.
+ * Caller has read-only access to decoder items. Any SECItems generated are
+ * owned by the decoder context and are freed by ...DecoderFinish().
+ */
+SECStatus
+SEC_PKCS12DecoderIterateInit(SEC_PKCS12DecoderContext *p12dcx)
+{
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ p12dcx->iteration = 0;
+ return SECSuccess;
+}
+
+SECStatus
+SEC_PKCS12DecoderIterateNext(SEC_PKCS12DecoderContext *p12dcx,
+ const SEC_PKCS12DecoderItem **ipp)
+{
+ sec_PKCS12SafeBag *bag;
+
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (p12dcx->decitem.type != 0 && p12dcx->decitem.der != NULL) {
+ SECITEM_FreeItem(p12dcx->decitem.der, PR_TRUE);
+ }
+ if (p12dcx->decitem.shroudAlg != NULL) {
+ SECOID_DestroyAlgorithmID(p12dcx->decitem.shroudAlg, PR_TRUE);
+ }
+ if (p12dcx->decitem.friendlyName != NULL) {
+ SECITEM_FreeItem(p12dcx->decitem.friendlyName, PR_TRUE);
+ }
+ p12dcx->decitem.type = 0;
+ p12dcx->decitem.der = NULL;
+ p12dcx->decitem.shroudAlg = NULL;
+ p12dcx->decitem.friendlyName = NULL;
+ p12dcx->decitem.hasKey = PR_FALSE;
+ *ipp = NULL;
+ if (p12dcx->keyList == NULL) {
+ p12dcx->keyList = sec_pkcs12_get_key_bags(p12dcx->safeBags);
+ }
+
+ for (; p12dcx->iteration < p12dcx->safeBagCount; p12dcx->iteration++) {
+ bag = p12dcx->safeBags[p12dcx->iteration];
+ if (bag == NULL || bag->problem) {
+ continue;
+ }
+ p12dcx->decitem.type = SECOID_FindOIDTag(&(bag->safeBagType));
+ switch (p12dcx->decitem.type) {
+ case SEC_OID_PKCS12_V1_CERT_BAG_ID:
+ p12dcx->decitem.der = sec_pkcs12_get_der_cert(bag);
+ p12dcx->decitem.friendlyName = sec_pkcs12_get_friendlyName(bag);
+ p12dcx->decitem.hasKey = sec_pkcs12_bagHasKey(p12dcx, bag);
+ break;
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ p12dcx->decitem.shroudAlg = PORT_ZNew(SECAlgorithmID);
+ if (p12dcx->decitem.shroudAlg) {
+ SECOID_CopyAlgorithmID(NULL, p12dcx->decitem.shroudAlg,
+ &bag->safeBagContent.pkcs8ShroudedKeyBag->algorithm);
+ }
+ /* fall through */
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ p12dcx->decitem.friendlyName = sec_pkcs12_get_friendlyName(bag);
+ break;
+ default:
+ /* return these even though we don't expect them */
+ break;
+ case SEC_OID_UNKNOWN:
+ /* ignore these */
+ continue;
+ }
+ *ipp = &p12dcx->decitem;
+ p12dcx->iteration++;
+ break; /* end for() */
+ }
+
+ PORT_SetError(0); /* end-of-list is SECFailure with no PORT error */
+ return ((p12dcx->decitem.type == 0) ? SECFailure : SECSuccess);
+}
+
+static SECStatus
+sec_pkcs12_decoder_append_bag_to_context(SEC_PKCS12DecoderContext *p12dcx,
+ sec_PKCS12SafeBag *bag)
+{
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ p12dcx->safeBags = !p12dcx->safeBagCount
+ ? PORT_ArenaZNewArray(p12dcx->arena, sec_PKCS12SafeBag *, 2)
+ : PORT_ArenaGrowArray(p12dcx->arena, p12dcx->safeBags,
+ sec_PKCS12SafeBag *, p12dcx->safeBagCount + 1,
+ p12dcx->safeBagCount + 2);
+
+ if (!p12dcx->safeBags) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ p12dcx->safeBags[p12dcx->safeBagCount] = bag;
+ p12dcx->safeBags[p12dcx->safeBagCount + 1] = NULL;
+ p12dcx->safeBagCount++;
+
+ return SECSuccess;
+}
+
+static sec_PKCS12SafeBag *
+sec_pkcs12_decoder_convert_old_key(SEC_PKCS12DecoderContext *p12dcx,
+ void *key, PRBool isEspvk)
+{
+ sec_PKCS12SafeBag *keyBag;
+ SECOidData *oid;
+ SECOidTag keyTag;
+ SECItem *keyID, *nickName, *newNickName;
+
+ if (!p12dcx || p12dcx->error || !key) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ newNickName = PORT_ArenaZNew(p12dcx->arena, SECItem);
+ keyBag = PORT_ArenaZNew(p12dcx->arena, sec_PKCS12SafeBag);
+ if (!keyBag || !newNickName) {
+ return NULL;
+ }
+
+ keyBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
+ keyBag->slot = p12dcx->slot;
+ keyBag->arena = p12dcx->arena;
+ keyBag->pwitem = p12dcx->pwitem;
+ keyBag->tokenCAs = p12dcx->tokenCAs;
+ keyBag->oldBagType = PR_TRUE;
+
+ keyTag = (isEspvk) ? SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID : SEC_OID_PKCS12_V1_KEY_BAG_ID;
+ oid = SECOID_FindOIDByTag(keyTag);
+ if (!oid) {
+ return NULL;
+ }
+
+ if (SECITEM_CopyItem(p12dcx->arena, &keyBag->safeBagType, &oid->oid) != SECSuccess) {
+ return NULL;
+ }
+
+ if (isEspvk) {
+ SEC_PKCS12ESPVKItem *espvk = (SEC_PKCS12ESPVKItem *)key;
+ keyBag->safeBagContent.pkcs8ShroudedKeyBag =
+ espvk->espvkCipherText.pkcs8KeyShroud;
+ nickName = &(espvk->espvkData.uniNickName);
+ if (!espvk->espvkData.assocCerts || !espvk->espvkData.assocCerts[0]) {
+ PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
+ return NULL;
+ }
+ keyID = &espvk->espvkData.assocCerts[0]->digest;
+ } else {
+ SEC_PKCS12PrivateKey *pk = (SEC_PKCS12PrivateKey *)key;
+ keyBag->safeBagContent.pkcs8KeyBag = &pk->pkcs8data;
+ nickName = &(pk->pvkData.uniNickName);
+ if (!pk->pvkData.assocCerts || !pk->pvkData.assocCerts[0]) {
+ PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
+ return NULL;
+ }
+ keyID = &pk->pvkData.assocCerts[0]->digest;
+ }
+
+ if (nickName->len) {
+ if (nickName->len >= 2) {
+ if (nickName->data[0] && nickName->data[1]) {
+ if (!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName,
+ nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
+ return NULL;
+ }
+ nickName = newNickName;
+ } else if (nickName->data[0] && !nickName->data[1]) {
+ unsigned int j = 0;
+ unsigned char t;
+ for (j = 0; j < nickName->len; j += 2) {
+ t = nickName->data[j + 1];
+ nickName->data[j + 1] = nickName->data[j];
+ nickName->data[j] = t;
+ }
+ }
+ } else {
+ if (!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName,
+ nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
+ return NULL;
+ }
+ nickName = newNickName;
+ }
+ }
+
+ if (sec_pkcs12_decoder_set_attribute_value(keyBag,
+ SEC_OID_PKCS9_FRIENDLY_NAME,
+ nickName) != SECSuccess) {
+ return NULL;
+ }
+
+ if (sec_pkcs12_decoder_set_attribute_value(keyBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
+ keyID) != SECSuccess) {
+ return NULL;
+ }
+
+ return keyBag;
+}
+
+static sec_PKCS12SafeBag *
+sec_pkcs12_decoder_create_cert(SEC_PKCS12DecoderContext *p12dcx,
+ SECItem *derCert)
+{
+ sec_PKCS12SafeBag *certBag;
+ SECOidData *oid;
+ SGNDigestInfo *digest;
+ SECItem *keyId;
+ SECStatus rv;
+
+ if (!p12dcx || p12dcx->error || !derCert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ keyId = PORT_ArenaZNew(p12dcx->arena, SECItem);
+ if (!keyId) {
+ return NULL;
+ }
+
+ digest = sec_pkcs12_compute_thumbprint(derCert);
+ if (!digest) {
+ return NULL;
+ }
+
+ rv = SECITEM_CopyItem(p12dcx->arena, keyId, &digest->digest);
+ SGN_DestroyDigestInfo(digest);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ oid = SECOID_FindOIDByTag(SEC_OID_PKCS12_V1_CERT_BAG_ID);
+ certBag = PORT_ArenaZNew(p12dcx->arena, sec_PKCS12SafeBag);
+ if (!certBag || !oid || (SECITEM_CopyItem(p12dcx->arena,
+ &certBag->safeBagType, &oid->oid) != SECSuccess)) {
+ return NULL;
+ }
+
+ certBag->slot = p12dcx->slot;
+ certBag->pwitem = p12dcx->pwitem;
+ certBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
+ certBag->arena = p12dcx->arena;
+ certBag->tokenCAs = p12dcx->tokenCAs;
+
+ oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_X509_CERT);
+ certBag->safeBagContent.certBag =
+ PORT_ArenaZNew(p12dcx->arena, sec_PKCS12CertBag);
+ if (!certBag->safeBagContent.certBag || !oid ||
+ (SECITEM_CopyItem(p12dcx->arena,
+ &certBag->safeBagContent.certBag->bagID,
+ &oid->oid) != SECSuccess)) {
+ return NULL;
+ }
+
+ if (SECITEM_CopyItem(p12dcx->arena,
+ &(certBag->safeBagContent.certBag->value.x509Cert),
+ derCert) != SECSuccess) {
+ return NULL;
+ }
+
+ if (sec_pkcs12_decoder_set_attribute_value(certBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
+ keyId) != SECSuccess) {
+ return NULL;
+ }
+
+ return certBag;
+}
+
+static sec_PKCS12SafeBag **
+sec_pkcs12_decoder_convert_old_cert(SEC_PKCS12DecoderContext *p12dcx,
+ SEC_PKCS12CertAndCRL *oldCert)
+{
+ sec_PKCS12SafeBag **certList;
+ SECItem **derCertList;
+ int i, j;
+
+ if (!p12dcx || p12dcx->error || !oldCert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ derCertList = SEC_PKCS7GetCertificateList(&oldCert->value.x509->certOrCRL);
+ if (!derCertList) {
+ return NULL;
+ }
+
+ i = 0;
+ while (derCertList[i])
+ i++;
+
+ certList = PORT_ArenaZNewArray(p12dcx->arena, sec_PKCS12SafeBag *, (i + 1));
+ if (!certList) {
+ return NULL;
+ }
+
+ for (j = 0; j < i; j++) {
+ certList[j] = sec_pkcs12_decoder_create_cert(p12dcx, derCertList[j]);
+ if (!certList[j]) {
+ return NULL;
+ }
+ }
+
+ return certList;
+}
+
+static SECStatus
+sec_pkcs12_decoder_convert_old_key_and_certs(SEC_PKCS12DecoderContext *p12dcx,
+ void *oldKey, PRBool isEspvk,
+ SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage)
+{
+ sec_PKCS12SafeBag *key, **certList;
+ SEC_PKCS12CertAndCRL *oldCert;
+ SEC_PKCS12PVKSupportingData *pvkData;
+ int i;
+ SECItem *keyName;
+
+ if (!p12dcx || !oldKey) {
+ return SECFailure;
+ }
+
+ if (isEspvk) {
+ pvkData = &((SEC_PKCS12ESPVKItem *)(oldKey))->espvkData;
+ } else {
+ pvkData = &((SEC_PKCS12PrivateKey *)(oldKey))->pvkData;
+ }
+
+ if (!pvkData->assocCerts || !pvkData->assocCerts[0]) {
+ PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
+ return SECFailure;
+ }
+
+ oldCert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
+ SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID, NULL,
+ pvkData->assocCerts[0]);
+ if (!oldCert) {
+ PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
+ return SECFailure;
+ }
+
+ key = sec_pkcs12_decoder_convert_old_key(p12dcx, oldKey, isEspvk);
+ certList = sec_pkcs12_decoder_convert_old_cert(p12dcx, oldCert);
+ if (!key || !certList) {
+ return SECFailure;
+ }
+
+ if (sec_pkcs12_decoder_append_bag_to_context(p12dcx, key) != SECSuccess) {
+ return SECFailure;
+ }
+
+ keyName = sec_pkcs12_get_nickname(key);
+ if (!keyName) {
+ return SECFailure;
+ }
+
+ i = 0;
+ while (certList[i]) {
+ if (sec_pkcs12_decoder_append_bag_to_context(p12dcx, certList[i]) != SECSuccess) {
+ return SECFailure;
+ }
+ i++;
+ }
+
+ certList = sec_pkcs12_find_certs_for_key(p12dcx->safeBags, key);
+ if (!certList) {
+ return SECFailure;
+ }
+
+ i = 0;
+ while (certList[i] != 0) {
+ if (sec_pkcs12_set_nickname(certList[i], keyName) != SECSuccess) {
+ return SECFailure;
+ }
+ i++;
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+sec_pkcs12_decoder_convert_old_safe_to_bags(SEC_PKCS12DecoderContext *p12dcx,
+ SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage)
+{
+ SECStatus rv;
+
+ if (!p12dcx || p12dcx->error) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (safe && safe->contents) {
+ int i = 0;
+ while (safe->contents[i] != NULL) {
+ if (SECOID_FindOIDTag(&safe->contents[i]->safeBagType) == SEC_OID_PKCS12_KEY_BAG_ID) {
+ int j = 0;
+ SEC_PKCS12PrivateKeyBag *privBag =
+ safe->contents[i]->safeContent.keyBag;
+
+ while (privBag->privateKeys[j] != NULL) {
+ SEC_PKCS12PrivateKey *pk = privBag->privateKeys[j];
+ rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx, pk,
+ PR_FALSE, safe, baggage);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ j++;
+ }
+ }
+ i++;
+ }
+ }
+
+ if (baggage && baggage->bags) {
+ int i = 0;
+ while (baggage->bags[i] != NULL) {
+ SEC_PKCS12BaggageItem *bag = baggage->bags[i];
+ int j = 0;
+
+ if (!bag->espvks) {
+ i++;
+ continue;
+ }
+
+ while (bag->espvks[j] != NULL) {
+ SEC_PKCS12ESPVKItem *espvk = bag->espvks[j];
+ rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx, espvk,
+ PR_TRUE, safe, baggage);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ j++;
+ }
+ i++;
+ }
+ }
+
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+SEC_PKCS12DecoderContext *
+sec_PKCS12ConvertOldSafeToNew(PLArenaPool *arena, PK11SlotInfo *slot,
+ PRBool swapUnicode, SECItem *pwitem,
+ void *wincx, SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage)
+{
+ SEC_PKCS12DecoderContext *p12dcx;
+
+ if (!arena || !slot || !pwitem) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (!safe && !baggage) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ p12dcx = PORT_ArenaZNew(arena, SEC_PKCS12DecoderContext);
+ if (!p12dcx) {
+ return NULL;
+ }
+
+ p12dcx->arena = arena;
+ p12dcx->slot = PK11_ReferenceSlot(slot);
+ p12dcx->wincx = wincx;
+ p12dcx->error = PR_FALSE;
+ p12dcx->swapUnicodeBytes = swapUnicode;
+ p12dcx->pwitem = pwitem;
+ p12dcx->tokenCAs = SECPKCS12TargetTokenNoCAs;
+
+ if (sec_pkcs12_decoder_convert_old_safe_to_bags(p12dcx, safe, baggage) != SECSuccess) {
+ p12dcx->error = PR_TRUE;
+ return NULL;
+ }
+
+ return p12dcx;
+}
diff --git a/security/nss/lib/pkcs12/p12dec.c b/security/nss/lib/pkcs12/p12dec.c
new file mode 100644
index 000000000..5a9439263
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12dec.c
@@ -0,0 +1,670 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkcs12.h"
+#include "plarena.h"
+#include "secpkcs7.h"
+#include "p12local.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "secport.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "secerr.h"
+#include "cert.h"
+#include "certdb.h"
+#include "p12plcy.h"
+#include "p12.h"
+#include "secpkcs5.h"
+
+/* PFX extraction and validation routines */
+
+/* decode the DER encoded PFX item. if unable to decode, check to see if it
+ * is an older PFX item. If that fails, assume the file was not a valid
+ * pfx file.
+ * the returned pfx structure should be destroyed using SEC_PKCS12DestroyPFX
+ */
+static SEC_PKCS12PFXItem *
+sec_pkcs12_decode_pfx(SECItem *der_pfx)
+{
+ SEC_PKCS12PFXItem *pfx;
+ SECStatus rv;
+
+ if (der_pfx == NULL) {
+ return NULL;
+ }
+
+ /* allocate the space for a new PFX item */
+ pfx = sec_pkcs12_new_pfx();
+ if (pfx == NULL) {
+ return NULL;
+ }
+
+ rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate,
+ der_pfx);
+
+ /* if a failure occurred, check for older version...
+ * we also get rid of the old pfx structure, because we don't
+ * know where it failed and what data in may contain
+ */
+ if (rv != SECSuccess) {
+ SEC_PKCS12DestroyPFX(pfx);
+ pfx = sec_pkcs12_new_pfx();
+ if (pfx == NULL) {
+ return NULL;
+ }
+ rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate_OLD,
+ der_pfx);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_PKCS12_DECODING_PFX);
+ PORT_FreeArena(pfx->poolp, PR_TRUE);
+ return NULL;
+ }
+ pfx->old = PR_TRUE;
+ rv = SGN_CopyDigestInfo(pfx->poolp, &pfx->macData.safeMac, &pfx->old_safeMac);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(pfx->poolp, PR_TRUE);
+ return NULL;
+ }
+ rv = SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, &pfx->old_macSalt);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_FreeArena(pfx->poolp, PR_TRUE);
+ return NULL;
+ }
+ } else {
+ pfx->old = PR_FALSE;
+ }
+
+ /* convert bit string from bits to bytes */
+ pfx->macData.macSalt.len /= 8;
+
+ return pfx;
+}
+
+/* validate the integrity MAC used in the PFX. The MAC is generated
+ * per the PKCS 12 document. If the MAC is incorrect, it is most likely
+ * due to an invalid password.
+ * pwitem is the integrity password
+ * pfx is the decoded pfx item
+ */
+static PRBool
+sec_pkcs12_check_pfx_mac(SEC_PKCS12PFXItem *pfx,
+ SECItem *pwitem)
+{
+ SECItem *key = NULL, *mac = NULL, *data = NULL;
+ SECItem *vpwd = NULL;
+ SECOidTag algorithm;
+ PRBool ret = PR_FALSE;
+
+ if (pfx == NULL) {
+ return PR_FALSE;
+ }
+
+ algorithm = SECOID_GetAlgorithmTag(&pfx->macData.safeMac.digestAlgorithm);
+ switch (algorithm) {
+ /* only SHA1 hashing supported as a MACing algorithm */
+ case SEC_OID_SHA1:
+ if (pfx->old == PR_FALSE) {
+ pfx->swapUnicode = PR_FALSE;
+ }
+
+ recheckUnicodePassword:
+ vpwd = sec_pkcs12_create_virtual_password(pwitem,
+ &pfx->macData.macSalt,
+ pfx->swapUnicode);
+ if (vpwd == NULL) {
+ return PR_FALSE;
+ }
+
+ key = sec_pkcs12_generate_key_from_password(algorithm,
+ &pfx->macData.macSalt,
+ (pfx->old ? pwitem : vpwd));
+ /* free vpwd only for newer PFX */
+ if (vpwd) {
+ SECITEM_ZfreeItem(vpwd, PR_TRUE);
+ }
+ if (key == NULL) {
+ return PR_FALSE;
+ }
+
+ data = SEC_PKCS7GetContent(&pfx->authSafe);
+ if (data == NULL) {
+ break;
+ }
+
+ /* check MAC */
+ mac = sec_pkcs12_generate_mac(key, data, pfx->old);
+ ret = PR_TRUE;
+ if (mac) {
+ SECItem *safeMac = &pfx->macData.safeMac.digest;
+ if (SECITEM_CompareItem(mac, safeMac) != SECEqual) {
+
+ /* if we encounter an invalid mac, lets invert the
+ * password in case of unicode changes
+ */
+ if (((!pfx->old) && pfx->swapUnicode) || (pfx->old)) {
+ PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
+ ret = PR_FALSE;
+ } else {
+ SECITEM_ZfreeItem(mac, PR_TRUE);
+ pfx->swapUnicode = PR_TRUE;
+ goto recheckUnicodePassword;
+ }
+ }
+ SECITEM_ZfreeItem(mac, PR_TRUE);
+ } else {
+ ret = PR_FALSE;
+ }
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM);
+ ret = PR_FALSE;
+ break;
+ }
+
+ /* let success fall through */
+ if (key != NULL)
+ SECITEM_ZfreeItem(key, PR_TRUE);
+
+ return ret;
+}
+
+/* check the validity of the pfx structure. we currently only support
+ * password integrity mode, so we check the MAC.
+ */
+static PRBool
+sec_pkcs12_validate_pfx(SEC_PKCS12PFXItem *pfx,
+ SECItem *pwitem)
+{
+ SECOidTag contentType;
+
+ contentType = SEC_PKCS7ContentType(&pfx->authSafe);
+ switch (contentType) {
+ case SEC_OID_PKCS7_DATA:
+ return sec_pkcs12_check_pfx_mac(pfx, pwitem);
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ default:
+ PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
+ break;
+ }
+
+ return PR_FALSE;
+}
+
+/* decode and return the valid PFX. if the PFX item is not valid,
+ * NULL is returned.
+ */
+static SEC_PKCS12PFXItem *
+sec_pkcs12_get_pfx(SECItem *pfx_data,
+ SECItem *pwitem)
+{
+ SEC_PKCS12PFXItem *pfx;
+ PRBool valid_pfx;
+
+ if ((pfx_data == NULL) || (pwitem == NULL)) {
+ return NULL;
+ }
+
+ pfx = sec_pkcs12_decode_pfx(pfx_data);
+ if (pfx == NULL) {
+ return NULL;
+ }
+
+ valid_pfx = sec_pkcs12_validate_pfx(pfx, pwitem);
+ if (valid_pfx != PR_TRUE) {
+ SEC_PKCS12DestroyPFX(pfx);
+ pfx = NULL;
+ }
+
+ return pfx;
+}
+
+/* authenticated safe decoding, validation, and access routines
+ */
+
+/* convert dogbert beta 3 authenticated safe structure to a post
+ * beta three structure, so that we don't have to change more routines.
+ */
+static SECStatus
+sec_pkcs12_convert_old_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
+{
+ SEC_PKCS12Baggage *baggage;
+ SEC_PKCS12BaggageItem *bag;
+ SECStatus rv = SECSuccess;
+
+ if (asafe->old_baggage.espvks == NULL) {
+ /* XXX should the ASN1 engine produce a single NULL element list
+ * rather than setting the pointer to NULL?
+ * There is no need to return an error -- assume that the list
+ * was empty.
+ */
+ return SECSuccess;
+ }
+
+ baggage = sec_pkcs12_create_baggage(asafe->poolp);
+ if (!baggage) {
+ return SECFailure;
+ }
+ bag = sec_pkcs12_create_external_bag(baggage);
+ if (!bag) {
+ return SECFailure;
+ }
+
+ PORT_Memcpy(&asafe->baggage, baggage, sizeof(SEC_PKCS12Baggage));
+
+ /* if there are shrouded keys, append them to the bag */
+ rv = SECSuccess;
+ if (asafe->old_baggage.espvks[0] != NULL) {
+ int nEspvk = 0;
+ rv = SECSuccess;
+ while ((asafe->old_baggage.espvks[nEspvk] != NULL) &&
+ (rv == SECSuccess)) {
+ rv = sec_pkcs12_append_shrouded_key(bag,
+ asafe->old_baggage.espvks[nEspvk]);
+ nEspvk++;
+ }
+ }
+
+ return rv;
+}
+
+/* decodes the authenticated safe item. a return of NULL indicates
+ * an error. however, the error will have occurred either in memory
+ * allocation or in decoding the authenticated safe.
+ *
+ * if an old PFX item has been found, we want to convert the
+ * old authenticated safe to the new one.
+ */
+static SEC_PKCS12AuthenticatedSafe *
+sec_pkcs12_decode_authenticated_safe(SEC_PKCS12PFXItem *pfx)
+{
+ SECItem *der_asafe = NULL;
+ SEC_PKCS12AuthenticatedSafe *asafe = NULL;
+ SECStatus rv;
+
+ if (pfx == NULL) {
+ return NULL;
+ }
+
+ der_asafe = SEC_PKCS7GetContent(&pfx->authSafe);
+ if (der_asafe == NULL) {
+ /* XXX set error ? */
+ goto loser;
+ }
+
+ asafe = sec_pkcs12_new_asafe(pfx->poolp);
+ if (asafe == NULL) {
+ goto loser;
+ }
+
+ if (pfx->old == PR_FALSE) {
+ rv = SEC_ASN1DecodeItem(pfx->poolp, asafe,
+ SEC_PKCS12AuthenticatedSafeTemplate,
+ der_asafe);
+ asafe->old = PR_FALSE;
+ asafe->swapUnicode = pfx->swapUnicode;
+ } else {
+ /* handle beta exported files */
+ rv = SEC_ASN1DecodeItem(pfx->poolp, asafe,
+ SEC_PKCS12AuthenticatedSafeTemplate_OLD,
+ der_asafe);
+ asafe->safe = &(asafe->old_safe);
+ rv = sec_pkcs12_convert_old_auth_safe(asafe);
+ asafe->old = PR_TRUE;
+ }
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ asafe->poolp = pfx->poolp;
+
+ return asafe;
+
+loser:
+ return NULL;
+}
+
+/* validates the safe within the authenticated safe item.
+ * in order to be valid:
+ * 1. the privacy salt must be present
+ * 2. the encryption algorithm must be supported (including
+ * export policy)
+ * PR_FALSE indicates an error, PR_TRUE indicates a valid safe
+ */
+static PRBool
+sec_pkcs12_validate_encrypted_safe(SEC_PKCS12AuthenticatedSafe *asafe)
+{
+ PRBool valid = PR_FALSE;
+ SECAlgorithmID *algid;
+
+ if (asafe == NULL) {
+ return PR_FALSE;
+ }
+
+ /* if mode is password privacy, then privacySalt is assumed
+ * to be non-zero.
+ */
+ if (asafe->privacySalt.len != 0) {
+ valid = PR_TRUE;
+ asafe->privacySalt.len /= 8;
+ } else {
+ PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
+ return PR_FALSE;
+ }
+
+ /* until spec changes, content will have between 2 and 8 bytes depending
+ * upon the algorithm used if certs are unencrypted...
+ * also want to support case where content is empty -- which we produce
+ */
+ if (SEC_PKCS7IsContentEmpty(asafe->safe, 8) == PR_TRUE) {
+ asafe->emptySafe = PR_TRUE;
+ return PR_TRUE;
+ }
+
+ asafe->emptySafe = PR_FALSE;
+
+ /* make sure that a pbe algorithm is being used */
+ algid = SEC_PKCS7GetEncryptionAlgorithm(asafe->safe);
+ if (algid != NULL) {
+ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
+ valid = SEC_PKCS12DecryptionAllowed(algid);
+
+ if (valid == PR_FALSE) {
+ PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
+ valid = PR_FALSE;
+ }
+ } else {
+ valid = PR_FALSE;
+ PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
+ }
+
+ return valid;
+}
+
+/* validates authenticates safe:
+ * 1. checks that the version is supported
+ * 2. checks that only password privacy mode is used (currently)
+ * 3. further, makes sure safe has appropriate policies per above function
+ * PR_FALSE indicates failure.
+ */
+static PRBool
+sec_pkcs12_validate_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
+{
+ PRBool valid = PR_TRUE;
+ SECOidTag safe_type;
+ int version;
+
+ if (asafe == NULL) {
+ return PR_FALSE;
+ }
+
+ /* check version, since it is default it may not be present.
+ * therefore, assume ok
+ */
+ if ((asafe->version.len > 0) && (asafe->old == PR_FALSE)) {
+ version = DER_GetInteger(&asafe->version);
+ if (version > SEC_PKCS12_PFX_VERSION) {
+ PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION);
+ return PR_FALSE;
+ }
+ }
+
+ /* validate password mode is being used */
+ safe_type = SEC_PKCS7ContentType(asafe->safe);
+ switch (safe_type) {
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ valid = sec_pkcs12_validate_encrypted_safe(asafe);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ default:
+ PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
+ valid = PR_FALSE;
+ break;
+ }
+
+ return valid;
+}
+
+/* retrieves the authenticated safe item from the PFX item
+ * before returning the authenticated safe, the validity of the
+ * authenticated safe is checked and if valid, returned.
+ * a return of NULL indicates that an error occurred.
+ */
+static SEC_PKCS12AuthenticatedSafe *
+sec_pkcs12_get_auth_safe(SEC_PKCS12PFXItem *pfx)
+{
+ SEC_PKCS12AuthenticatedSafe *asafe;
+ PRBool valid_safe;
+
+ if (pfx == NULL) {
+ return NULL;
+ }
+
+ asafe = sec_pkcs12_decode_authenticated_safe(pfx);
+ if (asafe == NULL) {
+ return NULL;
+ }
+
+ valid_safe = sec_pkcs12_validate_auth_safe(asafe);
+ if (valid_safe != PR_TRUE) {
+ asafe = NULL;
+ } else if (asafe) {
+ asafe->baggage.poolp = asafe->poolp;
+ }
+
+ return asafe;
+}
+
+/* decrypts the authenticated safe.
+ * a return of anything but SECSuccess indicates an error. the
+ * password is not known to be valid until the call to the
+ * function sec_pkcs12_get_safe_contents. If decoding the safe
+ * fails, it is assumed the password was incorrect and the error
+ * is set then. any failure here is assumed to be due to
+ * internal problems in SEC_PKCS7DecryptContents or below.
+ */
+static SECStatus
+sec_pkcs12_decrypt_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe,
+ SECItem *pwitem,
+ void *wincx)
+{
+ SECStatus rv = SECFailure;
+ SECItem *vpwd = NULL;
+
+ if ((asafe == NULL) || (pwitem == NULL)) {
+ return SECFailure;
+ }
+
+ if (asafe->old == PR_FALSE) {
+ vpwd = sec_pkcs12_create_virtual_password(pwitem, &asafe->privacySalt,
+ asafe->swapUnicode);
+ if (vpwd == NULL) {
+ return SECFailure;
+ }
+ }
+
+ rv = SEC_PKCS7DecryptContents(asafe->poolp, asafe->safe,
+ (asafe->old ? pwitem : vpwd), wincx);
+
+ if (asafe->old == PR_FALSE) {
+ SECITEM_ZfreeItem(vpwd, PR_TRUE);
+ }
+
+ return rv;
+}
+
+/* extract the safe from the authenticated safe.
+ * if we are unable to decode the safe, then it is likely that the
+ * safe has not been decrypted or the password used to decrypt
+ * the safe was invalid. we assume that the password was invalid and
+ * set an error accordingly.
+ * a return of NULL indicates that an error occurred.
+ */
+static SEC_PKCS12SafeContents *
+sec_pkcs12_get_safe_contents(SEC_PKCS12AuthenticatedSafe *asafe)
+{
+ SECItem *src = NULL;
+ SEC_PKCS12SafeContents *safe = NULL;
+ SECStatus rv = SECFailure;
+
+ if (asafe == NULL) {
+ return NULL;
+ }
+
+ safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(asafe->poolp,
+ sizeof(SEC_PKCS12SafeContents));
+ if (safe == NULL) {
+ return NULL;
+ }
+ safe->poolp = asafe->poolp;
+ safe->old = asafe->old;
+ safe->swapUnicode = asafe->swapUnicode;
+
+ src = SEC_PKCS7GetContent(asafe->safe);
+ if (src != NULL) {
+ const SEC_ASN1Template *theTemplate;
+ if (asafe->old != PR_TRUE) {
+ theTemplate = SEC_PKCS12SafeContentsTemplate;
+ } else {
+ theTemplate = SEC_PKCS12SafeContentsTemplate_OLD;
+ }
+
+ rv = SEC_ASN1DecodeItem(asafe->poolp, safe, theTemplate, src);
+
+ /* if we could not decode the item, password was probably invalid */
+ if (rv != SECSuccess) {
+ safe = NULL;
+ PORT_SetError(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
+ rv = SECFailure;
+ }
+
+ return safe;
+}
+
+/* import PFX item
+ * der_pfx is the der encoded pfx structure
+ * pbef and pbearg are the integrity/encryption password call back
+ * ncCall is the nickname collision calllback
+ * slot is the destination token
+ * wincx window handler
+ *
+ * on error, error code set and SECFailure returned
+ */
+SECStatus
+SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
+ SEC_PKCS12NicknameCollisionCallback ncCall,
+ PK11SlotInfo *slot,
+ void *wincx)
+{
+ SEC_PKCS12PFXItem *pfx;
+ SEC_PKCS12AuthenticatedSafe *asafe;
+ SEC_PKCS12SafeContents *safe_contents = NULL;
+ SECStatus rv;
+
+ if (!der_pfx || !pwitem || !slot) {
+ return SECFailure;
+ }
+
+ /* decode and validate each section */
+ rv = SECFailure;
+
+ pfx = sec_pkcs12_get_pfx(der_pfx, pwitem);
+ if (pfx != NULL) {
+ asafe = sec_pkcs12_get_auth_safe(pfx);
+ if (asafe != NULL) {
+
+ /* decrypt safe -- only if not empty */
+ if (asafe->emptySafe != PR_TRUE) {
+ rv = sec_pkcs12_decrypt_auth_safe(asafe, pwitem, wincx);
+ if (rv == SECSuccess) {
+ safe_contents = sec_pkcs12_get_safe_contents(asafe);
+ if (safe_contents == NULL) {
+ rv = SECFailure;
+ }
+ }
+ } else {
+ safe_contents = sec_pkcs12_create_safe_contents(asafe->poolp);
+ if (safe_contents == NULL) {
+ rv = SECFailure;
+ } else {
+ safe_contents->swapUnicode = pfx->swapUnicode;
+ rv = SECSuccess;
+ }
+ }
+
+ /* get safe contents and begin import */
+ if (rv == SECSuccess) {
+ SEC_PKCS12DecoderContext *p12dcx;
+
+ p12dcx = sec_PKCS12ConvertOldSafeToNew(pfx->poolp, slot,
+ pfx->swapUnicode,
+ pwitem, wincx, safe_contents,
+ &asafe->baggage);
+ if (!p12dcx) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ if (SEC_PKCS12DecoderValidateBags(p12dcx, ncCall) != SECSuccess) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SEC_PKCS12DecoderImportBags(p12dcx);
+ }
+ }
+ }
+
+loser:
+
+ if (pfx) {
+ SEC_PKCS12DestroyPFX(pfx);
+ }
+
+ return rv;
+}
+
+PRBool
+SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength)
+{
+ int lengthLength;
+
+ PRBool valid = PR_FALSE;
+
+ if (buf == NULL) {
+ return PR_FALSE;
+ }
+
+ /* check for constructed sequence identifier tag */
+ if (*buf == (SEC_ASN1_CONSTRUCTED | SEC_ASN1_SEQUENCE)) {
+ totalLength--; /* header byte taken care of */
+ buf++;
+
+ lengthLength = (long int)SEC_ASN1LengthLength(totalLength - 1);
+ if (totalLength > 0x7f) {
+ lengthLength--;
+ *buf &= 0x7f; /* remove bit 8 indicator */
+ if ((*buf - (char)lengthLength) == 0) {
+ valid = PR_TRUE;
+ }
+ } else {
+ lengthLength--;
+ if ((*buf - (char)lengthLength) == 0) {
+ valid = PR_TRUE;
+ }
+ }
+ }
+
+ return valid;
+}
diff --git a/security/nss/lib/pkcs12/p12e.c b/security/nss/lib/pkcs12/p12e.c
new file mode 100644
index 000000000..cce1ff7c0
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12e.c
@@ -0,0 +1,2067 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "p12t.h"
+#include "p12.h"
+#include "plarena.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "seccomon.h"
+#include "secport.h"
+#include "cert.h"
+#include "secpkcs7.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "pk11func.h"
+#include "p12plcy.h"
+#include "p12local.h"
+#include "prcpucfg.h"
+
+extern const int NSS_PBE_DEFAULT_ITERATION_COUNT; /* defined in p7create.c */
+
+/*
+** This PKCS12 file encoder uses numerous nested ASN.1 and PKCS7 encoder
+** contexts. It can be difficult to keep straight. Here's a picture:
+**
+** "outer" ASN.1 encoder. The output goes to the library caller's CB.
+** "middle" PKCS7 encoder. Feeds the "outer" ASN.1 encoder.
+** "middle" ASN1 encoder. Encodes the encrypted aSafes.
+** Feeds the "middle" P7 encoder above.
+** "inner" PKCS7 encoder. Encrypts the "authenticated Safes" (aSafes)
+** Feeds the "middle" ASN.1 encoder above.
+** "inner" ASN.1 encoder. Encodes the unencrypted aSafes.
+** Feeds the "inner" P7 enocder above.
+**
+** Buffering has been added at each point where the output of an ASN.1
+** encoder feeds the input of a PKCS7 encoder.
+*/
+
+/*********************************
+ * Output buffer object, used to buffer output from ASN.1 encoder
+ * before passing data on down to the next PKCS7 encoder.
+ *********************************/
+
+#define PK12_OUTPUT_BUFFER_SIZE 8192
+
+struct sec_pkcs12OutputBufferStr {
+ SEC_PKCS7EncoderContext *p7eCx;
+ PK11Context *hmacCx;
+ unsigned int numBytes;
+ unsigned int bufBytes;
+ char buf[PK12_OUTPUT_BUFFER_SIZE];
+};
+typedef struct sec_pkcs12OutputBufferStr sec_pkcs12OutputBuffer;
+
+/*********************************
+ * Structures used in exporting the PKCS 12 blob
+ *********************************/
+
+/* A SafeInfo is used for each ContentInfo which makes up the
+ * sequence of safes in the AuthenticatedSafe portion of the
+ * PFX structure.
+ */
+struct SEC_PKCS12SafeInfoStr {
+ PLArenaPool *arena;
+
+ /* information for setting up password encryption */
+ SECItem pwitem;
+ SECOidTag algorithm;
+ PK11SymKey *encryptionKey;
+
+ /* how many items have been stored in this safe,
+ * we will skip any safe which does not contain any
+ * items
+ */
+ unsigned int itemCount;
+
+ /* the content info for the safe */
+ SEC_PKCS7ContentInfo *cinfo;
+
+ sec_PKCS12SafeContents *safe;
+};
+
+/* An opaque structure which contains information needed for exporting
+ * certificates and keys through PKCS 12.
+ */
+struct SEC_PKCS12ExportContextStr {
+ PLArenaPool *arena;
+ PK11SlotInfo *slot;
+ void *wincx;
+
+ /* integrity information */
+ PRBool integrityEnabled;
+ PRBool pwdIntegrity;
+ union {
+ struct sec_PKCS12PasswordModeInfo pwdInfo;
+ struct sec_PKCS12PublicKeyModeInfo pubkeyInfo;
+ } integrityInfo;
+
+ /* helper functions */
+ /* retrieve the password call back */
+ SECKEYGetPasswordKey pwfn;
+ void *pwfnarg;
+
+ /* safe contents bags */
+ SEC_PKCS12SafeInfo **safeInfos;
+ unsigned int safeInfoCount;
+
+ /* the sequence of safes */
+ sec_PKCS12AuthenticatedSafe authSafe;
+
+ /* information needing deletion */
+ CERTCertificate **certList;
+};
+
+/* structures for passing information to encoder callbacks when processing
+ * data through the ASN1 engine.
+ */
+struct sec_pkcs12_encoder_output {
+ SEC_PKCS12EncoderOutputCallback outputfn;
+ void *outputarg;
+};
+
+struct sec_pkcs12_hmac_and_output_info {
+ void *arg;
+ struct sec_pkcs12_encoder_output output;
+};
+
+/* An encoder context which is used for the actual encoding
+ * portion of PKCS 12.
+ */
+typedef struct sec_PKCS12EncoderContextStr {
+ PLArenaPool *arena;
+ SEC_PKCS12ExportContext *p12exp;
+
+ /* encoder information - this is set up based on whether
+ * password based or public key pased privacy is being used
+ */
+ SEC_ASN1EncoderContext *outerA1ecx;
+ union {
+ struct sec_pkcs12_hmac_and_output_info hmacAndOutputInfo;
+ struct sec_pkcs12_encoder_output encOutput;
+ } output;
+
+ /* structures for encoding of PFX and MAC */
+ sec_PKCS12PFXItem pfx;
+ sec_PKCS12MacData mac;
+
+ /* authenticated safe encoding tracking information */
+ SEC_PKCS7ContentInfo *aSafeCinfo;
+ SEC_PKCS7EncoderContext *middleP7ecx;
+ SEC_ASN1EncoderContext *middleA1ecx;
+ unsigned int currentSafe;
+
+ /* hmac context */
+ PK11Context *hmacCx;
+
+ /* output buffers */
+ sec_pkcs12OutputBuffer middleBuf;
+ sec_pkcs12OutputBuffer innerBuf;
+
+} sec_PKCS12EncoderContext;
+
+/*********************************
+ * Export setup routines
+ *********************************/
+
+/* SEC_PKCS12CreateExportContext
+ * Creates an export context and sets the unicode and password retrieval
+ * callbacks. This is the first call which must be made when exporting
+ * a PKCS 12 blob.
+ *
+ * pwfn, pwfnarg - password retrieval callback and argument. these are
+ * required for password-authentication mode.
+ */
+SEC_PKCS12ExportContext *
+SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
+ PK11SlotInfo *slot, void *wincx)
+{
+ PLArenaPool *arena = NULL;
+ SEC_PKCS12ExportContext *p12ctxt = NULL;
+
+ /* allocate the arena and create the context */
+ arena = PORT_NewArena(4096);
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ p12ctxt = (SEC_PKCS12ExportContext *)PORT_ArenaZAlloc(arena,
+ sizeof(SEC_PKCS12ExportContext));
+ if (!p12ctxt) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* password callback for key retrieval */
+ p12ctxt->pwfn = pwfn;
+ p12ctxt->pwfnarg = pwfnarg;
+
+ p12ctxt->integrityEnabled = PR_FALSE;
+ p12ctxt->arena = arena;
+ p12ctxt->wincx = wincx;
+ p12ctxt->slot = (slot) ? PK11_ReferenceSlot(slot) : PK11_GetInternalSlot();
+
+ return p12ctxt;
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+
+ return NULL;
+}
+
+/*
+ * Adding integrity mode
+ */
+
+/* SEC_PKCS12AddPasswordIntegrity
+ * Add password integrity to the exported data. If an integrity method
+ * has already been set, then return an error.
+ *
+ * p12ctxt - the export context
+ * pwitem - the password for integrity mode
+ * integAlg - the integrity algorithm to use for authentication.
+ */
+SECStatus
+SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
+ SECItem *pwitem, SECOidTag integAlg)
+{
+ if (!p12ctxt || p12ctxt->integrityEnabled) {
+ return SECFailure;
+ }
+
+ /* set up integrity information */
+ p12ctxt->pwdIntegrity = PR_TRUE;
+ p12ctxt->integrityInfo.pwdInfo.password =
+ (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
+ if (!p12ctxt->integrityInfo.pwdInfo.password) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ if (SECITEM_CopyItem(p12ctxt->arena,
+ p12ctxt->integrityInfo.pwdInfo.password, pwitem) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ p12ctxt->integrityInfo.pwdInfo.algorithm = integAlg;
+ p12ctxt->integrityEnabled = PR_TRUE;
+
+ return SECSuccess;
+}
+
+/* SEC_PKCS12AddPublicKeyIntegrity
+ * Add public key integrity to the exported data. If an integrity method
+ * has already been set, then return an error. The certificate must be
+ * allowed to be used as a signing cert.
+ *
+ * p12ctxt - the export context
+ * cert - signer certificate
+ * certDb - the certificate database
+ * algorithm - signing algorithm
+ * keySize - size of the signing key (?)
+ */
+SECStatus
+SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ SECOidTag algorithm, int keySize)
+{
+ if (!p12ctxt) {
+ return SECFailure;
+ }
+
+ p12ctxt->integrityInfo.pubkeyInfo.cert = cert;
+ p12ctxt->integrityInfo.pubkeyInfo.certDb = certDb;
+ p12ctxt->integrityInfo.pubkeyInfo.algorithm = algorithm;
+ p12ctxt->integrityInfo.pubkeyInfo.keySize = keySize;
+ p12ctxt->integrityEnabled = PR_TRUE;
+
+ return SECSuccess;
+}
+
+/*
+ * Adding safes - encrypted (password/public key) or unencrypted
+ * Each of the safe creation routines return an opaque pointer which
+ * are later passed into the routines for exporting certificates and
+ * keys.
+ */
+
+/* append the newly created safeInfo to list of safeInfos in the export
+ * context.
+ */
+static SECStatus
+sec_pkcs12_append_safe_info(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *info)
+{
+ void *mark = NULL, *dummy1 = NULL, *dummy2 = NULL;
+
+ if (!p12ctxt || !info) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(p12ctxt->arena);
+
+ /* if no safeInfos have been set, create the list, otherwise expand it. */
+ if (!p12ctxt->safeInfoCount) {
+ p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)PORT_ArenaZAlloc(p12ctxt->arena,
+ 2 * sizeof(SEC_PKCS12SafeInfo *));
+ dummy1 = p12ctxt->safeInfos;
+ p12ctxt->authSafe.encodedSafes = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
+ 2 * sizeof(SECItem *));
+ dummy2 = p12ctxt->authSafe.encodedSafes;
+ } else {
+ dummy1 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->safeInfos,
+ (p12ctxt->safeInfoCount + 1) * sizeof(SEC_PKCS12SafeInfo *),
+ (p12ctxt->safeInfoCount + 2) * sizeof(SEC_PKCS12SafeInfo *));
+ p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)dummy1;
+ dummy2 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->authSafe.encodedSafes,
+ (p12ctxt->authSafe.safeCount + 1) * sizeof(SECItem *),
+ (p12ctxt->authSafe.safeCount + 2) * sizeof(SECItem *));
+ p12ctxt->authSafe.encodedSafes = (SECItem **)dummy2;
+ }
+ if (!dummy1 || !dummy2) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* append the new safeInfo and null terminate the list */
+ p12ctxt->safeInfos[p12ctxt->safeInfoCount] = info;
+ p12ctxt->safeInfos[++p12ctxt->safeInfoCount] = NULL;
+ p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount] =
+ (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
+ if (!p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount]) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ p12ctxt->authSafe.encodedSafes[++p12ctxt->authSafe.safeCount] = NULL;
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return SECFailure;
+}
+
+/* SEC_PKCS12CreatePasswordPrivSafe
+ * Create a password privacy safe to store exported information in.
+ *
+ * p12ctxt - export context
+ * pwitem - password for encryption
+ * privAlg - pbe algorithm through which encryption is done.
+ */
+SEC_PKCS12SafeInfo *
+SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
+ SECItem *pwitem, SECOidTag privAlg)
+{
+ SEC_PKCS12SafeInfo *safeInfo = NULL;
+ void *mark = NULL;
+ PK11SlotInfo *slot = NULL;
+ SECAlgorithmID *algId;
+ SECItem uniPwitem = { siBuffer, NULL, 0 };
+
+ if (!p12ctxt) {
+ return NULL;
+ }
+
+ /* allocate the safe info */
+ mark = PORT_ArenaMark(p12ctxt->arena);
+ safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
+ sizeof(SEC_PKCS12SafeInfo));
+ if (!safeInfo) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return NULL;
+ }
+
+ safeInfo->itemCount = 0;
+
+ /* create the encrypted safe */
+ safeInfo->cinfo = SEC_PKCS7CreateEncryptedData(privAlg, 0, p12ctxt->pwfn,
+ p12ctxt->pwfnarg);
+ if (!safeInfo->cinfo) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ safeInfo->arena = p12ctxt->arena;
+
+ /* convert the password to unicode */
+ if (!sec_pkcs12_convert_item_to_unicode(NULL, &uniPwitem, pwitem,
+ PR_TRUE, PR_TRUE, PR_TRUE)) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ if (SECITEM_CopyItem(p12ctxt->arena, &safeInfo->pwitem, &uniPwitem) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* generate the encryption key */
+ slot = PK11_ReferenceSlot(p12ctxt->slot);
+ if (!slot) {
+ slot = PK11_GetInternalKeySlot();
+ if (!slot) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ }
+
+ algId = SEC_PKCS7GetEncryptionAlgorithm(safeInfo->cinfo);
+ safeInfo->encryptionKey = PK11_PBEKeyGen(slot, algId, &uniPwitem,
+ PR_FALSE, p12ctxt->wincx);
+ if (!safeInfo->encryptionKey) {
+ goto loser;
+ }
+
+ safeInfo->arena = p12ctxt->arena;
+ safeInfo->safe = NULL;
+ if (sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
+ goto loser;
+ }
+
+ if (uniPwitem.data) {
+ SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
+ }
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ return safeInfo;
+
+loser:
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ if (safeInfo->cinfo) {
+ SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
+ }
+
+ if (uniPwitem.data) {
+ SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
+ }
+
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return NULL;
+}
+
+/* SEC_PKCS12CreateUnencryptedSafe
+ * Creates an unencrypted safe within the export context.
+ *
+ * p12ctxt - the export context
+ */
+SEC_PKCS12SafeInfo *
+SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt)
+{
+ SEC_PKCS12SafeInfo *safeInfo = NULL;
+ void *mark = NULL;
+
+ if (!p12ctxt) {
+ return NULL;
+ }
+
+ /* create the safe info */
+ mark = PORT_ArenaMark(p12ctxt->arena);
+ safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
+ sizeof(SEC_PKCS12SafeInfo));
+ if (!safeInfo) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ safeInfo->itemCount = 0;
+
+ /* create the safe content */
+ safeInfo->cinfo = SEC_PKCS7CreateData();
+ if (!safeInfo->cinfo) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ if (sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return safeInfo;
+
+loser:
+ if (safeInfo->cinfo) {
+ SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
+ }
+
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return NULL;
+}
+
+/* SEC_PKCS12CreatePubKeyEncryptedSafe
+ * Creates a safe which is protected by public key encryption.
+ *
+ * p12ctxt - the export context
+ * certDb - the certificate database
+ * signer - the signer's certificate
+ * recipients - the list of recipient certificates.
+ * algorithm - the encryption algorithm to use
+ * keysize - the algorithms key size (?)
+ */
+SEC_PKCS12SafeInfo *
+SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
+ CERTCertDBHandle *certDb,
+ CERTCertificate *signer,
+ CERTCertificate **recipients,
+ SECOidTag algorithm, int keysize)
+{
+ SEC_PKCS12SafeInfo *safeInfo = NULL;
+ void *mark = NULL;
+
+ if (!p12ctxt || !signer || !recipients || !(*recipients)) {
+ return NULL;
+ }
+
+ /* allocate the safeInfo */
+ mark = PORT_ArenaMark(p12ctxt->arena);
+ safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
+ sizeof(SEC_PKCS12SafeInfo));
+ if (!safeInfo) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ safeInfo->itemCount = 0;
+ safeInfo->arena = p12ctxt->arena;
+
+ /* create the enveloped content info using certUsageEmailSigner currently.
+ * XXX We need to eventually use something other than certUsageEmailSigner
+ */
+ safeInfo->cinfo = SEC_PKCS7CreateEnvelopedData(signer, certUsageEmailSigner,
+ certDb, algorithm, keysize,
+ p12ctxt->pwfn, p12ctxt->pwfnarg);
+ if (!safeInfo->cinfo) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* add recipients */
+ if (recipients) {
+ unsigned int i = 0;
+ while (recipients[i] != NULL) {
+ SECStatus rv = SEC_PKCS7AddRecipient(safeInfo->cinfo, recipients[i],
+ certUsageEmailRecipient, certDb);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ i++;
+ }
+ }
+
+ if (sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return safeInfo;
+
+loser:
+ if (safeInfo->cinfo) {
+ SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
+ safeInfo->cinfo = NULL;
+ }
+
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return NULL;
+}
+
+/*********************************
+ * Routines to handle the exporting of the keys and certificates
+ *********************************/
+
+/* creates a safe contents which safeBags will be appended to */
+sec_PKCS12SafeContents *
+sec_PKCS12CreateSafeContents(PLArenaPool *arena)
+{
+ sec_PKCS12SafeContents *safeContents;
+
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ /* create the safe contents */
+ safeContents = (sec_PKCS12SafeContents *)PORT_ArenaZAlloc(arena,
+ sizeof(sec_PKCS12SafeContents));
+ if (!safeContents) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* set up the internal contents info */
+ safeContents->safeBags = NULL;
+ safeContents->arena = arena;
+ safeContents->bagCount = 0;
+
+ return safeContents;
+
+loser:
+ return NULL;
+}
+
+/* appends a safe bag to a safeContents using the specified arena.
+ */
+SECStatus
+sec_pkcs12_append_bag_to_safe_contents(PLArenaPool *arena,
+ sec_PKCS12SafeContents *safeContents,
+ sec_PKCS12SafeBag *safeBag)
+{
+ void *mark = NULL, *dummy = NULL;
+
+ if (!arena || !safeBag || !safeContents) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(arena);
+ if (!mark) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ /* allocate space for the list, or reallocate to increase space */
+ if (!safeContents->safeBags) {
+ safeContents->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(arena,
+ (2 * sizeof(sec_PKCS12SafeBag *)));
+ dummy = safeContents->safeBags;
+ safeContents->bagCount = 0;
+ } else {
+ dummy = PORT_ArenaGrow(arena, safeContents->safeBags,
+ (safeContents->bagCount + 1) * sizeof(sec_PKCS12SafeBag *),
+ (safeContents->bagCount + 2) * sizeof(sec_PKCS12SafeBag *));
+ safeContents->safeBags = (sec_PKCS12SafeBag **)dummy;
+ }
+
+ if (!dummy) {
+ PORT_ArenaRelease(arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ /* append the bag at the end and null terminate the list */
+ safeContents->safeBags[safeContents->bagCount++] = safeBag;
+ safeContents->safeBags[safeContents->bagCount] = NULL;
+
+ PORT_ArenaUnmark(arena, mark);
+
+ return SECSuccess;
+}
+
+/* appends a safeBag to a specific safeInfo.
+ */
+SECStatus
+sec_pkcs12_append_bag(SEC_PKCS12ExportContext *p12ctxt,
+ SEC_PKCS12SafeInfo *safeInfo, sec_PKCS12SafeBag *safeBag)
+{
+ sec_PKCS12SafeContents *dest;
+ SECStatus rv = SECFailure;
+
+ if (!p12ctxt || !safeBag || !safeInfo) {
+ return SECFailure;
+ }
+
+ if (!safeInfo->safe) {
+ safeInfo->safe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
+ if (!safeInfo->safe) {
+ return SECFailure;
+ }
+ }
+
+ dest = safeInfo->safe;
+ rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, dest, safeBag);
+ if (rv == SECSuccess) {
+ safeInfo->itemCount++;
+ }
+
+ return rv;
+}
+
+/* Creates a safeBag of the specified type, and if bagData is specified,
+ * the contents are set. The contents could be set later by the calling
+ * routine.
+ */
+sec_PKCS12SafeBag *
+sec_PKCS12CreateSafeBag(SEC_PKCS12ExportContext *p12ctxt, SECOidTag bagType,
+ void *bagData)
+{
+ sec_PKCS12SafeBag *safeBag;
+ void *mark = NULL;
+ SECStatus rv = SECSuccess;
+ SECOidData *oidData = NULL;
+
+ if (!p12ctxt) {
+ return NULL;
+ }
+
+ mark = PORT_ArenaMark(p12ctxt->arena);
+ if (!mark) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ safeBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12ctxt->arena,
+ sizeof(sec_PKCS12SafeBag));
+ if (!safeBag) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ /* set the bags content based upon bag type */
+ switch (bagType) {
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ safeBag->safeBagContent.pkcs8KeyBag =
+ (SECKEYPrivateKeyInfo *)bagData;
+ break;
+ case SEC_OID_PKCS12_V1_CERT_BAG_ID:
+ safeBag->safeBagContent.certBag = (sec_PKCS12CertBag *)bagData;
+ break;
+ case SEC_OID_PKCS12_V1_CRL_BAG_ID:
+ safeBag->safeBagContent.crlBag = (sec_PKCS12CRLBag *)bagData;
+ break;
+ case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
+ safeBag->safeBagContent.secretBag = (sec_PKCS12SecretBag *)bagData;
+ break;
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ safeBag->safeBagContent.pkcs8ShroudedKeyBag =
+ (SECKEYEncryptedPrivateKeyInfo *)bagData;
+ break;
+ case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
+ safeBag->safeBagContent.safeContents =
+ (sec_PKCS12SafeContents *)bagData;
+ break;
+ default:
+ goto loser;
+ }
+
+ oidData = SECOID_FindOIDByTag(bagType);
+ if (oidData) {
+ rv = SECITEM_CopyItem(p12ctxt->arena, &safeBag->safeBagType, &oidData->oid);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ } else {
+ goto loser;
+ }
+
+ safeBag->arena = p12ctxt->arena;
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+
+ return safeBag;
+
+loser:
+ if (mark) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ }
+
+ return NULL;
+}
+
+/* Creates a new certificate bag and returns a pointer to it. If an error
+ * occurs NULL is returned.
+ */
+sec_PKCS12CertBag *
+sec_PKCS12NewCertBag(PLArenaPool *arena, SECOidTag certType)
+{
+ sec_PKCS12CertBag *certBag = NULL;
+ SECOidData *bagType = NULL;
+ SECStatus rv;
+ void *mark = NULL;
+
+ if (!arena) {
+ return NULL;
+ }
+
+ mark = PORT_ArenaMark(arena);
+ certBag = (sec_PKCS12CertBag *)PORT_ArenaZAlloc(arena,
+ sizeof(sec_PKCS12CertBag));
+ if (!certBag) {
+ PORT_ArenaRelease(arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ bagType = SECOID_FindOIDByTag(certType);
+ if (!bagType) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(arena, &certBag->bagID, &bagType->oid);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(arena, mark);
+ return certBag;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return NULL;
+}
+
+/* Creates a new CRL bag and returns a pointer to it. If an error
+ * occurs NULL is returned.
+ */
+sec_PKCS12CRLBag *
+sec_PKCS12NewCRLBag(PLArenaPool *arena, SECOidTag crlType)
+{
+ sec_PKCS12CRLBag *crlBag = NULL;
+ SECOidData *bagType = NULL;
+ SECStatus rv;
+ void *mark = NULL;
+
+ if (!arena) {
+ return NULL;
+ }
+
+ mark = PORT_ArenaMark(arena);
+ crlBag = (sec_PKCS12CRLBag *)PORT_ArenaZAlloc(arena,
+ sizeof(sec_PKCS12CRLBag));
+ if (!crlBag) {
+ PORT_ArenaRelease(arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ bagType = SECOID_FindOIDByTag(crlType);
+ if (!bagType) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(arena, &crlBag->bagID, &bagType->oid);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(arena, mark);
+ return crlBag;
+
+loser:
+ PORT_ArenaRelease(arena, mark);
+ return NULL;
+}
+
+/* sec_PKCS12AddAttributeToBag
+ * adds an attribute to a safeBag. currently, the only attributes supported
+ * are those which are specified within PKCS 12.
+ *
+ * p12ctxt - the export context
+ * safeBag - the safeBag to which attributes are appended
+ * attrType - the attribute type
+ * attrData - the attribute data
+ */
+SECStatus
+sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt,
+ sec_PKCS12SafeBag *safeBag, SECOidTag attrType,
+ SECItem *attrData)
+{
+ sec_PKCS12Attribute *attribute;
+ void *mark = NULL, *dummy = NULL;
+ SECOidData *oiddata = NULL;
+ SECItem unicodeName = { siBuffer, NULL, 0 };
+ void *src = NULL;
+ unsigned int nItems = 0;
+ SECStatus rv;
+
+ if (!safeBag || !p12ctxt) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(safeBag->arena);
+
+ /* allocate the attribute */
+ attribute = (sec_PKCS12Attribute *)PORT_ArenaZAlloc(safeBag->arena,
+ sizeof(sec_PKCS12Attribute));
+ if (!attribute) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* set up the attribute */
+ oiddata = SECOID_FindOIDByTag(attrType);
+ if (!oiddata) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ if (SECITEM_CopyItem(p12ctxt->arena, &attribute->attrType, &oiddata->oid) !=
+ SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ nItems = 1;
+ switch (attrType) {
+ case SEC_OID_PKCS9_LOCAL_KEY_ID: {
+ src = attrData;
+ break;
+ }
+ case SEC_OID_PKCS9_FRIENDLY_NAME: {
+ if (!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena,
+ &unicodeName, attrData, PR_FALSE,
+ PR_FALSE, PR_TRUE)) {
+ goto loser;
+ }
+ src = &unicodeName;
+ break;
+ }
+ default:
+ goto loser;
+ }
+
+ /* append the attribute to the attribute value list */
+ attribute->attrValue = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
+ ((nItems + 1) * sizeof(SECItem *)));
+ if (!attribute->attrValue) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* XXX this will need to be changed if attributes requiring more than
+ * one element are ever used.
+ */
+ attribute->attrValue[0] = (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena,
+ sizeof(SECItem));
+ if (!attribute->attrValue[0]) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ attribute->attrValue[1] = NULL;
+
+ rv = SECITEM_CopyItem(p12ctxt->arena, attribute->attrValue[0],
+ (SECItem *)src);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* append the attribute to the safeBag attributes */
+ if (safeBag->nAttribs) {
+ dummy = PORT_ArenaGrow(p12ctxt->arena, safeBag->attribs,
+ ((safeBag->nAttribs + 1) * sizeof(sec_PKCS12Attribute *)),
+ ((safeBag->nAttribs + 2) * sizeof(sec_PKCS12Attribute *)));
+ safeBag->attribs = (sec_PKCS12Attribute **)dummy;
+ } else {
+ safeBag->attribs = (sec_PKCS12Attribute **)PORT_ArenaZAlloc(p12ctxt->arena,
+ 2 * sizeof(sec_PKCS12Attribute *));
+ dummy = safeBag->attribs;
+ }
+ if (!dummy) {
+ goto loser;
+ }
+
+ safeBag->attribs[safeBag->nAttribs] = attribute;
+ safeBag->attribs[++safeBag->nAttribs] = NULL;
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return SECSuccess;
+
+loser:
+ if (mark) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ }
+
+ return SECFailure;
+}
+
+/* SEC_PKCS12AddCert
+ * Adds a certificate to the data being exported.
+ *
+ * p12ctxt - the export context
+ * safe - the safeInfo to which the certificate is placed
+ * nestedDest - if the cert is to be placed within a nested safeContents then,
+ * this value is to be specified with the destination
+ * cert - the cert to export
+ * certDb - the certificate database handle
+ * keyId - a unique identifier to associate a certificate/key pair
+ * includeCertChain - PR_TRUE if the certificate chain is to be included.
+ */
+SECStatus
+SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
+ void *nestedDest, CERTCertificate *cert,
+ CERTCertDBHandle *certDb, SECItem *keyId,
+ PRBool includeCertChain)
+{
+ sec_PKCS12CertBag *certBag;
+ sec_PKCS12SafeBag *safeBag;
+ void *mark;
+ SECStatus rv;
+ SECItem nick = { siBuffer, NULL, 0 };
+
+ if (!p12ctxt || !cert) {
+ return SECFailure;
+ }
+ mark = PORT_ArenaMark(p12ctxt->arena);
+
+ /* allocate the cert bag */
+ certBag = sec_PKCS12NewCertBag(p12ctxt->arena,
+ SEC_OID_PKCS9_X509_CERT);
+ if (!certBag) {
+ goto loser;
+ }
+
+ if (SECITEM_CopyItem(p12ctxt->arena, &certBag->value.x509Cert,
+ &cert->derCert) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* if the cert chain is to be included, we should only be exporting
+ * the cert from our internal database.
+ */
+ if (includeCertChain) {
+ CERTCertificateList *certList = CERT_CertChainFromCert(cert,
+ certUsageSSLClient,
+ PR_TRUE);
+ unsigned int count = 0;
+ if (!certList) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* add cert chain */
+ for (count = 0; count < (unsigned int)certList->len; count++) {
+ if (SECITEM_CompareItem(&certList->certs[count], &cert->derCert) != SECEqual) {
+ CERTCertificate *tempCert;
+
+ /* decode the certificate */
+ /* XXX
+ * This was rather silly. The chain is constructed above
+ * by finding all of the CERTCertificate's in the database.
+ * Then the chain is put into a CERTCertificateList, which only
+ * contains the DER. Finally, the DER was decoded, and the
+ * decoded cert was sent recursively back to this function.
+ * Beyond being inefficent, this causes data loss (specifically,
+ * the nickname). Instead, for 3.4, we'll do a lookup by the
+ * DER, which should return the cached entry.
+ */
+ tempCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),
+ &certList->certs[count]);
+ if (!tempCert) {
+ CERT_DestroyCertificateList(certList);
+ goto loser;
+ }
+
+ /* add the certificate */
+ if (SEC_PKCS12AddCert(p12ctxt, safe, nestedDest, tempCert,
+ certDb, NULL, PR_FALSE) != SECSuccess) {
+ CERT_DestroyCertificate(tempCert);
+ CERT_DestroyCertificateList(certList);
+ goto loser;
+ }
+ CERT_DestroyCertificate(tempCert);
+ }
+ }
+ CERT_DestroyCertificateList(certList);
+ }
+
+ /* if the certificate has a nickname, we will set the friendly name
+ * to that.
+ */
+ if (cert->nickname) {
+ if (cert->slot && !PK11_IsInternal(cert->slot)) {
+ /*
+ * The cert is coming off of an external token,
+ * let's strip the token name from the nickname
+ * and only add what comes after the colon as the
+ * nickname. -javi
+ */
+ char *delimit;
+
+ delimit = PORT_Strchr(cert->nickname, ':');
+ if (delimit == NULL) {
+ nick.data = (unsigned char *)cert->nickname;
+ nick.len = PORT_Strlen(cert->nickname);
+ } else {
+ delimit++;
+ nick.data = (unsigned char *)PORT_ArenaStrdup(p12ctxt->arena,
+ delimit);
+ nick.len = PORT_Strlen(delimit);
+ }
+ } else {
+ nick.data = (unsigned char *)cert->nickname;
+ nick.len = PORT_Strlen(cert->nickname);
+ }
+ }
+
+ safeBag = sec_PKCS12CreateSafeBag(p12ctxt, SEC_OID_PKCS12_V1_CERT_BAG_ID,
+ certBag);
+ if (!safeBag) {
+ goto loser;
+ }
+
+ /* add the friendly name and keyId attributes, if necessary */
+ if (nick.data) {
+ if (sec_PKCS12AddAttributeToBag(p12ctxt, safeBag,
+ SEC_OID_PKCS9_FRIENDLY_NAME, &nick) != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ if (keyId) {
+ if (sec_PKCS12AddAttributeToBag(p12ctxt, safeBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
+ keyId) != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* append the cert safeBag */
+ if (nestedDest) {
+ rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
+ (sec_PKCS12SafeContents *)nestedDest,
+ safeBag);
+ } else {
+ rv = sec_pkcs12_append_bag(p12ctxt, safe, safeBag);
+ }
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return SECSuccess;
+
+loser:
+ if (mark) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ }
+
+ return SECFailure;
+}
+
+/* SEC_PKCS12AddKeyForCert
+ * Extracts the key associated with a particular certificate and exports
+ * it.
+ *
+ * p12ctxt - the export context
+ * safe - the safeInfo to place the key in
+ * nestedDest - the nested safeContents to place a key
+ * cert - the certificate which the key belongs to
+ * shroudKey - encrypt the private key for export. This value should
+ * always be true. lower level code will not allow the export
+ * of unencrypted private keys.
+ * algorithm - the algorithm with which to encrypt the private key
+ * pwitem - the password to encrypt the private key with
+ * keyId - the keyID attribute
+ * nickName - the nickname attribute
+ */
+SECStatus
+SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
+ void *nestedDest, CERTCertificate *cert,
+ PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
+ SECItem *keyId, SECItem *nickName)
+{
+ void *mark;
+ void *keyItem;
+ SECOidTag keyType;
+ SECStatus rv = SECFailure;
+ SECItem nickname = { siBuffer, NULL, 0 }, uniPwitem = { siBuffer, NULL, 0 };
+ sec_PKCS12SafeBag *returnBag;
+
+ if (!p12ctxt || !cert || !safe) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(p12ctxt->arena);
+
+ /* retrieve the key based upon the type that it is and
+ * specify the type of safeBag to store the key in
+ */
+ if (!shroudKey) {
+
+ /* extract the key unencrypted. this will most likely go away */
+ SECKEYPrivateKeyInfo *pki = PK11_ExportPrivateKeyInfo(cert,
+ p12ctxt->wincx);
+ if (!pki) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
+ return SECFailure;
+ }
+ keyItem = PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECKEYPrivateKeyInfo));
+ if (!keyItem) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ rv = SECKEY_CopyPrivateKeyInfo(p12ctxt->arena,
+ (SECKEYPrivateKeyInfo *)keyItem, pki);
+ keyType = SEC_OID_PKCS12_V1_KEY_BAG_ID;
+ SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
+ } else {
+
+ /* extract the key encrypted */
+ SECKEYEncryptedPrivateKeyInfo *epki = NULL;
+ PK11SlotInfo *slot = NULL;
+
+ if (!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena, &uniPwitem,
+ pwitem, PR_TRUE, PR_TRUE, PR_TRUE)) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* we want to make sure to take the key out of the key slot */
+ if (PK11_IsInternal(p12ctxt->slot)) {
+ slot = PK11_GetInternalKeySlot();
+ } else {
+ slot = PK11_ReferenceSlot(p12ctxt->slot);
+ }
+
+ epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm,
+ &uniPwitem, cert,
+ NSS_PBE_DEFAULT_ITERATION_COUNT,
+ p12ctxt->wincx);
+ PK11_FreeSlot(slot);
+ if (!epki) {
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
+ goto loser;
+ }
+
+ keyItem = PORT_ArenaZAlloc(p12ctxt->arena,
+ sizeof(SECKEYEncryptedPrivateKeyInfo));
+ if (!keyItem) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena,
+ (SECKEYEncryptedPrivateKeyInfo *)keyItem,
+ epki);
+ keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
+ SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
+ }
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* if no nickname specified, let's see if the certificate has a
+ * nickname.
+ */
+ if (!nickName) {
+ if (cert->nickname) {
+ nickname.data = (unsigned char *)cert->nickname;
+ nickname.len = PORT_Strlen(cert->nickname);
+ nickName = &nickname;
+ }
+ }
+
+ /* create the safe bag and set any attributes */
+ returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
+ if (!returnBag) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ if (nickName) {
+ if (sec_PKCS12AddAttributeToBag(p12ctxt, returnBag,
+ SEC_OID_PKCS9_FRIENDLY_NAME, nickName) != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ if (keyId) {
+ if (sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
+ keyId) != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ if (nestedDest) {
+ rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
+ (sec_PKCS12SafeContents *)nestedDest,
+ returnBag);
+ } else {
+ rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
+ }
+
+loser:
+
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ } else {
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ }
+
+ return rv;
+}
+
+/* SEC_PKCS12AddCertOrChainAndKey
+ * Add a certificate and key pair to be exported.
+ *
+ * p12ctxt - the export context
+ * certSafe - the safeInfo where the cert is stored
+ * certNestedDest - the nested safeContents to store the cert
+ * keySafe - the safeInfo where the key is stored
+ * keyNestedDest - the nested safeContents to store the key
+ * shroudKey - extract the private key encrypted?
+ * pwitem - the password with which the key is encrypted
+ * algorithm - the algorithm with which the key is encrypted
+ * includeCertChain - also add certs from chain to bag.
+ */
+SECStatus
+SEC_PKCS12AddCertOrChainAndKey(SEC_PKCS12ExportContext *p12ctxt,
+ void *certSafe, void *certNestedDest,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ void *keySafe, void *keyNestedDest,
+ PRBool shroudKey, SECItem *pwitem,
+ SECOidTag algorithm, PRBool includeCertChain)
+{
+ SECStatus rv = SECFailure;
+ SGNDigestInfo *digest = NULL;
+ void *mark = NULL;
+
+ if (!p12ctxt || !certSafe || !keySafe || !cert) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(p12ctxt->arena);
+
+ /* generate the thumbprint of the cert to use as a keyId */
+ digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
+ if (!digest) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return SECFailure;
+ }
+
+ /* add the certificate */
+ rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo *)certSafe,
+ (SEC_PKCS12SafeInfo *)certNestedDest, cert, certDb,
+ &digest->digest, includeCertChain);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* add the key */
+ rv = SEC_PKCS12AddKeyForCert(p12ctxt, (SEC_PKCS12SafeInfo *)keySafe,
+ keyNestedDest, cert,
+ shroudKey, algorithm, pwitem,
+ &digest->digest, NULL);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ SGN_DestroyDigestInfo(digest);
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return SECSuccess;
+
+loser:
+ SGN_DestroyDigestInfo(digest);
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+
+ return SECFailure;
+}
+
+/* like SEC_PKCS12AddCertOrChainAndKey, but always adds cert chain */
+SECStatus
+SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
+ void *certSafe, void *certNestedDest,
+ CERTCertificate *cert, CERTCertDBHandle *certDb,
+ void *keySafe, void *keyNestedDest,
+ PRBool shroudKey, SECItem *pwItem, SECOidTag algorithm)
+{
+ return SEC_PKCS12AddCertOrChainAndKey(p12ctxt, certSafe, certNestedDest,
+ cert, certDb, keySafe, keyNestedDest, shroudKey, pwItem,
+ algorithm, PR_TRUE);
+}
+
+/* SEC_PKCS12CreateNestedSafeContents
+ * Allows nesting of safe contents to be implemented. No limit imposed on
+ * depth.
+ *
+ * p12ctxt - the export context
+ * baseSafe - the base safeInfo
+ * nestedDest - a parent safeContents (?)
+ */
+void *
+SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
+ void *baseSafe, void *nestedDest)
+{
+ sec_PKCS12SafeContents *newSafe;
+ sec_PKCS12SafeBag *safeContentsBag;
+ void *mark;
+ SECStatus rv;
+
+ if (!p12ctxt || !baseSafe) {
+ return NULL;
+ }
+
+ mark = PORT_ArenaMark(p12ctxt->arena);
+
+ newSafe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
+ if (!newSafe) {
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ /* create the safeContents safeBag */
+ safeContentsBag = sec_PKCS12CreateSafeBag(p12ctxt,
+ SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
+ newSafe);
+ if (!safeContentsBag) {
+ goto loser;
+ }
+
+ /* append the safeContents to the appropriate area */
+ if (nestedDest) {
+ rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
+ (sec_PKCS12SafeContents *)nestedDest,
+ safeContentsBag);
+ } else {
+ rv = sec_pkcs12_append_bag(p12ctxt, (SEC_PKCS12SafeInfo *)baseSafe,
+ safeContentsBag);
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(p12ctxt->arena, mark);
+ return newSafe;
+
+loser:
+ PORT_ArenaRelease(p12ctxt->arena, mark);
+ return NULL;
+}
+
+/*********************************
+ * Encoding routines
+ *********************************/
+
+/* Clean up the resources allocated by a sec_PKCS12EncoderContext. */
+static void
+sec_pkcs12_encoder_destroy_context(sec_PKCS12EncoderContext *p12enc)
+{
+ if (p12enc) {
+ if (p12enc->outerA1ecx) {
+ SEC_ASN1EncoderFinish(p12enc->outerA1ecx);
+ p12enc->outerA1ecx = NULL;
+ }
+ if (p12enc->aSafeCinfo) {
+ SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);
+ p12enc->aSafeCinfo = NULL;
+ }
+ if (p12enc->middleP7ecx) {
+ SEC_PKCS7EncoderFinish(p12enc->middleP7ecx, p12enc->p12exp->pwfn,
+ p12enc->p12exp->pwfnarg);
+ p12enc->middleP7ecx = NULL;
+ }
+ if (p12enc->middleA1ecx) {
+ SEC_ASN1EncoderFinish(p12enc->middleA1ecx);
+ p12enc->middleA1ecx = NULL;
+ }
+ if (p12enc->hmacCx) {
+ PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);
+ p12enc->hmacCx = NULL;
+ }
+ }
+}
+
+/* set up the encoder context based on information in the export context
+ * and return the newly allocated enocoder context. A return of NULL
+ * indicates an error occurred.
+ */
+static sec_PKCS12EncoderContext *
+sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp)
+{
+ sec_PKCS12EncoderContext *p12enc = NULL;
+ unsigned int i, nonEmptyCnt;
+ SECStatus rv;
+ SECItem ignore = { 0 };
+ void *mark;
+ SECItem *salt = NULL;
+ SECItem *params = NULL;
+
+ if (!p12exp || !p12exp->safeInfos) {
+ return NULL;
+ }
+
+ /* check for any empty safes and skip them */
+ i = nonEmptyCnt = 0;
+ while (p12exp->safeInfos[i]) {
+ if (p12exp->safeInfos[i]->itemCount) {
+ nonEmptyCnt++;
+ }
+ i++;
+ }
+ if (nonEmptyCnt == 0) {
+ return NULL;
+ }
+ p12exp->authSafe.encodedSafes[nonEmptyCnt] = NULL;
+
+ /* allocate the encoder context */
+ mark = PORT_ArenaMark(p12exp->arena);
+ p12enc = PORT_ArenaZNew(p12exp->arena, sec_PKCS12EncoderContext);
+ if (!p12enc) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ p12enc->arena = p12exp->arena;
+ p12enc->p12exp = p12exp;
+
+ /* set up the PFX version and information */
+ PORT_Memset(&p12enc->pfx, 0, sizeof(sec_PKCS12PFXItem));
+ if (!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->pfx.version),
+ SEC_PKCS12_VERSION)) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* set up the authenticated safe content info based on the
+ * type of integrity being used. this should be changed to
+ * enforce integrity mode, but will not be implemented until
+ * it is confirmed that integrity must be in place
+ */
+ if (p12exp->integrityEnabled && !p12exp->pwdIntegrity) {
+ /* create public key integrity mode */
+ p12enc->aSafeCinfo = SEC_PKCS7CreateSignedData(
+ p12exp->integrityInfo.pubkeyInfo.cert,
+ certUsageEmailSigner,
+ p12exp->integrityInfo.pubkeyInfo.certDb,
+ p12exp->integrityInfo.pubkeyInfo.algorithm,
+ NULL,
+ p12exp->pwfn,
+ p12exp->pwfnarg);
+ if (!p12enc->aSafeCinfo) {
+ goto loser;
+ }
+ if (SEC_PKCS7IncludeCertChain(p12enc->aSafeCinfo, NULL) != SECSuccess) {
+ goto loser;
+ }
+ PORT_CheckSuccess(SEC_PKCS7AddSigningTime(p12enc->aSafeCinfo));
+ } else {
+ p12enc->aSafeCinfo = SEC_PKCS7CreateData();
+
+ /* init password pased integrity mode */
+ if (p12exp->integrityEnabled) {
+ SECItem pwd = { siBuffer, NULL, 0 };
+ PK11SymKey *symKey;
+ CK_MECHANISM_TYPE integrityMechType;
+ CK_MECHANISM_TYPE hmacMechType;
+ salt = sec_pkcs12_generate_salt();
+
+ /* zero out macData and set values */
+ PORT_Memset(&p12enc->mac, 0, sizeof(sec_PKCS12MacData));
+
+ if (!salt) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ if (SECITEM_CopyItem(p12exp->arena, &(p12enc->mac.macSalt), salt) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ if (!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->mac.iter),
+ NSS_PBE_DEFAULT_ITERATION_COUNT)) {
+ goto loser;
+ }
+
+ /* generate HMAC key */
+ if (!sec_pkcs12_convert_item_to_unicode(NULL, &pwd,
+ p12exp->integrityInfo.pwdInfo.password, PR_TRUE,
+ PR_TRUE, PR_TRUE)) {
+ goto loser;
+ }
+ /*
+ * This code only works with PKCS #12 Mac using PKCS #5 v1
+ * PBA keygens. PKCS #5 v2 support will require a change to
+ * the PKCS #12 spec.
+ */
+ params = PK11_CreatePBEParams(salt, &pwd,
+ NSS_PBE_DEFAULT_ITERATION_COUNT);
+ SECITEM_ZfreeItem(salt, PR_TRUE);
+ SECITEM_ZfreeItem(&pwd, PR_FALSE);
+
+ /* get the PBA Mechanism to generate the key */
+ switch (p12exp->integrityInfo.pwdInfo.algorithm) {
+ case SEC_OID_SHA1:
+ integrityMechType = CKM_PBA_SHA1_WITH_SHA1_HMAC;
+ break;
+ case SEC_OID_MD5:
+ integrityMechType = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
+ break;
+ case SEC_OID_MD2:
+ integrityMechType = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
+ break;
+ default:
+ goto loser;
+ }
+
+ /* generate the key */
+ symKey = PK11_KeyGen(NULL, integrityMechType, params, 20, NULL);
+ PK11_DestroyPBEParams(params);
+ if (!symKey) {
+ goto loser;
+ }
+
+ /* initialize HMAC */
+ /* Get the HMAC mechanism from the hash OID */
+ hmacMechType = sec_pkcs12_algtag_to_mech(
+ p12exp->integrityInfo.pwdInfo.algorithm);
+
+ p12enc->hmacCx = PK11_CreateContextBySymKey(hmacMechType,
+ CKA_SIGN, symKey, &ignore);
+
+ PK11_FreeSymKey(symKey);
+ if (!p12enc->hmacCx) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ rv = PK11_DigestBegin(p12enc->hmacCx);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+ }
+
+ if (!p12enc->aSafeCinfo) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(p12exp->arena, mark);
+
+ return p12enc;
+
+loser:
+ sec_pkcs12_encoder_destroy_context(p12enc);
+ if (p12exp->arena != NULL)
+ PORT_ArenaRelease(p12exp->arena, mark);
+ if (salt) {
+ SECITEM_ZfreeItem(salt, PR_TRUE);
+ }
+ if (params) {
+ PK11_DestroyPBEParams(params);
+ }
+
+ return NULL;
+}
+
+/* The outermost ASN.1 encoder calls this function for output.
+** This function calls back to the library caller's output routine,
+** which typically writes to a PKCS12 file.
+ */
+static void
+sec_P12A1OutputCB_Outer(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ struct sec_pkcs12_encoder_output *output;
+
+ output = (struct sec_pkcs12_encoder_output *)arg;
+ (*output->outputfn)(output->outputarg, buf, len);
+}
+
+/* The "middle" and "inner" ASN.1 encoders call this function to output.
+** This function does HMACing, if appropriate, and then buffers the data.
+** The buffered data is eventually passed down to the underlying PKCS7 encoder.
+ */
+static void
+sec_P12A1OutputCB_HmacP7Update(void *arg, const char *buf,
+ unsigned long len,
+ int depth,
+ SEC_ASN1EncodingPart data_kind)
+{
+ sec_pkcs12OutputBuffer *bufcx = (sec_pkcs12OutputBuffer *)arg;
+
+ if (!buf || !len)
+ return;
+
+ if (bufcx->hmacCx) {
+ PK11_DigestOp(bufcx->hmacCx, (unsigned char *)buf, len);
+ }
+
+ /* buffer */
+ if (bufcx->numBytes > 0) {
+ int toCopy;
+ if (len + bufcx->numBytes <= bufcx->bufBytes) {
+ memcpy(bufcx->buf + bufcx->numBytes, buf, len);
+ bufcx->numBytes += len;
+ if (bufcx->numBytes < bufcx->bufBytes)
+ return;
+ SEC_PKCS7EncoderUpdate(bufcx->p7eCx, bufcx->buf, bufcx->bufBytes);
+ bufcx->numBytes = 0;
+ return;
+ }
+ toCopy = bufcx->bufBytes - bufcx->numBytes;
+ memcpy(bufcx->buf + bufcx->numBytes, buf, toCopy);
+ SEC_PKCS7EncoderUpdate(bufcx->p7eCx, bufcx->buf, bufcx->bufBytes);
+ bufcx->numBytes = 0;
+ len -= toCopy;
+ buf += toCopy;
+ }
+ /* buffer is presently empty */
+ if (len >= bufcx->bufBytes) {
+ /* Just pass it through */
+ SEC_PKCS7EncoderUpdate(bufcx->p7eCx, buf, len);
+ } else {
+ /* copy it all into the buffer, and return */
+ memcpy(bufcx->buf, buf, len);
+ bufcx->numBytes = len;
+ }
+}
+
+void
+sec_FlushPkcs12OutputBuffer(sec_pkcs12OutputBuffer *bufcx)
+{
+ if (bufcx->numBytes > 0) {
+ SEC_PKCS7EncoderUpdate(bufcx->p7eCx, bufcx->buf, bufcx->numBytes);
+ bufcx->numBytes = 0;
+ }
+}
+
+/* Feeds the output of a PKCS7 encoder into the next outward ASN.1 encoder.
+** This function is used by both the inner and middle PCS7 encoders.
+*/
+static void
+sec_P12P7OutputCB_CallA1Update(void *arg, const char *buf, unsigned long len)
+{
+ SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)arg;
+
+ if (!buf || !len)
+ return;
+
+ SEC_ASN1EncoderUpdate(cx, buf, len);
+}
+
+/* this function encodes content infos which are part of the
+ * sequence of content infos labeled AuthenticatedSafes
+ */
+static SECStatus
+sec_pkcs12_encoder_asafe_process(sec_PKCS12EncoderContext *p12ecx)
+{
+ SEC_PKCS7EncoderContext *innerP7ecx;
+ SEC_PKCS7ContentInfo *cinfo;
+ PK11SymKey *bulkKey = NULL;
+ SEC_ASN1EncoderContext *innerA1ecx = NULL;
+ SECStatus rv = SECSuccess;
+
+ if (p12ecx->currentSafe < p12ecx->p12exp->authSafe.safeCount) {
+ SEC_PKCS12SafeInfo *safeInfo;
+ SECOidTag cinfoType;
+
+ safeInfo = p12ecx->p12exp->safeInfos[p12ecx->currentSafe];
+
+ /* skip empty safes */
+ if (safeInfo->itemCount == 0) {
+ return SECSuccess;
+ }
+
+ cinfo = safeInfo->cinfo;
+ cinfoType = SEC_PKCS7ContentType(cinfo);
+
+ /* determine the safe type and set the appropriate argument */
+ switch (cinfoType) {
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ bulkKey = safeInfo->encryptionKey;
+ PK11_SetSymKeyUserData(bulkKey, &safeInfo->pwitem, NULL);
+ break;
+ default:
+ return SECFailure;
+ }
+
+ /* start the PKCS7 encoder */
+ innerP7ecx = SEC_PKCS7EncoderStart(cinfo,
+ sec_P12P7OutputCB_CallA1Update,
+ p12ecx->middleA1ecx, bulkKey);
+ if (!innerP7ecx) {
+ goto loser;
+ }
+
+ /* encode safe contents */
+ p12ecx->innerBuf.p7eCx = innerP7ecx;
+ p12ecx->innerBuf.hmacCx = NULL;
+ p12ecx->innerBuf.numBytes = 0;
+ p12ecx->innerBuf.bufBytes = sizeof p12ecx->innerBuf.buf;
+
+ innerA1ecx = SEC_ASN1EncoderStart(safeInfo->safe,
+ sec_PKCS12SafeContentsTemplate,
+ sec_P12A1OutputCB_HmacP7Update,
+ &p12ecx->innerBuf);
+ if (!innerA1ecx) {
+ goto loser;
+ }
+ rv = SEC_ASN1EncoderUpdate(innerA1ecx, NULL, 0);
+ SEC_ASN1EncoderFinish(innerA1ecx);
+ sec_FlushPkcs12OutputBuffer(&p12ecx->innerBuf);
+ innerA1ecx = NULL;
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* finish up safe content info */
+ rv = SEC_PKCS7EncoderFinish(innerP7ecx, p12ecx->p12exp->pwfn,
+ p12ecx->p12exp->pwfnarg);
+ }
+ memset(&p12ecx->innerBuf, 0, sizeof p12ecx->innerBuf);
+ return SECSuccess;
+
+loser:
+ if (innerP7ecx) {
+ SEC_PKCS7EncoderFinish(innerP7ecx, p12ecx->p12exp->pwfn,
+ p12ecx->p12exp->pwfnarg);
+ }
+
+ if (innerA1ecx) {
+ SEC_ASN1EncoderFinish(innerA1ecx);
+ }
+ memset(&p12ecx->innerBuf, 0, sizeof p12ecx->innerBuf);
+ return SECFailure;
+}
+
+/* finish the HMAC and encode the macData so that it can be
+ * encoded.
+ */
+static SECStatus
+sec_Pkcs12FinishMac(sec_PKCS12EncoderContext *p12ecx)
+{
+ SECItem hmac = { siBuffer, NULL, 0 };
+ SECStatus rv;
+ SGNDigestInfo *di = NULL;
+ void *dummy;
+
+ if (!p12ecx) {
+ return SECFailure;
+ }
+
+ /* make sure we are using password integrity mode */
+ if (!p12ecx->p12exp->integrityEnabled) {
+ return SECSuccess;
+ }
+
+ if (!p12ecx->p12exp->pwdIntegrity) {
+ return SECSuccess;
+ }
+
+ /* finish the hmac */
+ hmac.data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
+ if (!hmac.data) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ rv = PK11_DigestFinal(p12ecx->hmacCx, hmac.data, &hmac.len, SHA1_LENGTH);
+
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* create the digest info */
+ di = SGN_CreateDigestInfo(p12ecx->p12exp->integrityInfo.pwdInfo.algorithm,
+ hmac.data, hmac.len);
+ if (!di) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SGN_CopyDigestInfo(p12ecx->arena, &p12ecx->mac.safeMac, di);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* encode the mac data */
+ dummy = SEC_ASN1EncodeItem(p12ecx->arena, &p12ecx->pfx.encodedMacData,
+ &p12ecx->mac, sec_PKCS12MacDataTemplate);
+ if (!dummy) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ }
+
+loser:
+ if (di) {
+ SGN_DestroyDigestInfo(di);
+ }
+ if (hmac.data) {
+ SECITEM_ZfreeItem(&hmac, PR_FALSE);
+ }
+ PK11_DestroyContext(p12ecx->hmacCx, PR_TRUE);
+ p12ecx->hmacCx = NULL;
+
+ return rv;
+}
+
+/* pfx notify function for ASN1 encoder.
+ * We want to stop encoding once we reach the authenticated safe.
+ * At that point, the encoder will be updated via streaming
+ * as the authenticated safe is encoded.
+ */
+static void
+sec_pkcs12_encoder_pfx_notify(void *arg, PRBool before, void *dest, int real_depth)
+{
+ sec_PKCS12EncoderContext *p12ecx;
+
+ if (!before) {
+ return;
+ }
+
+ /* look for authenticated safe */
+ p12ecx = (sec_PKCS12EncoderContext *)arg;
+ if (dest != &p12ecx->pfx.encodedAuthSafe) {
+ return;
+ }
+
+ SEC_ASN1EncoderSetTakeFromBuf(p12ecx->outerA1ecx);
+ SEC_ASN1EncoderSetStreaming(p12ecx->outerA1ecx);
+ SEC_ASN1EncoderClearNotifyProc(p12ecx->outerA1ecx);
+}
+
+/* SEC_PKCS12Encode
+ * Encodes the PFX item and returns it to the output function, via
+ * callback. the output function must be capable of multiple updates.
+ *
+ * p12exp - the export context
+ * output - the output function callback, will be called more than once,
+ * must be able to accept streaming data.
+ * outputarg - argument for the output callback.
+ */
+SECStatus
+SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
+ SEC_PKCS12EncoderOutputCallback output, void *outputarg)
+{
+ sec_PKCS12EncoderContext *p12enc;
+ struct sec_pkcs12_encoder_output outInfo;
+ SECStatus rv;
+
+ if (!p12exp || !output) {
+ return SECFailure;
+ }
+
+ /* get the encoder context */
+ p12enc = sec_pkcs12_encoder_start_context(p12exp);
+ if (!p12enc) {
+ return SECFailure;
+ }
+
+ outInfo.outputfn = output;
+ outInfo.outputarg = outputarg;
+
+ /* set up PFX encoder, the "outer" encoder. Set it for streaming */
+ p12enc->outerA1ecx = SEC_ASN1EncoderStart(&p12enc->pfx,
+ sec_PKCS12PFXItemTemplate,
+ sec_P12A1OutputCB_Outer,
+ &outInfo);
+ if (!p12enc->outerA1ecx) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ goto loser;
+ }
+ SEC_ASN1EncoderSetStreaming(p12enc->outerA1ecx);
+ SEC_ASN1EncoderSetNotifyProc(p12enc->outerA1ecx,
+ sec_pkcs12_encoder_pfx_notify, p12enc);
+ rv = SEC_ASN1EncoderUpdate(p12enc->outerA1ecx, NULL, 0);
+ if (rv != SECSuccess) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* set up asafe cinfo - the output of the encoder feeds the PFX encoder */
+ p12enc->middleP7ecx = SEC_PKCS7EncoderStart(p12enc->aSafeCinfo,
+ sec_P12P7OutputCB_CallA1Update,
+ p12enc->outerA1ecx, NULL);
+ if (!p12enc->middleP7ecx) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* encode asafe */
+ p12enc->middleBuf.p7eCx = p12enc->middleP7ecx;
+ p12enc->middleBuf.hmacCx = NULL;
+ p12enc->middleBuf.numBytes = 0;
+ p12enc->middleBuf.bufBytes = sizeof p12enc->middleBuf.buf;
+
+ /* Setup the "inner ASN.1 encoder for Authenticated Safes. */
+ if (p12enc->p12exp->integrityEnabled &&
+ p12enc->p12exp->pwdIntegrity) {
+ p12enc->middleBuf.hmacCx = p12enc->hmacCx;
+ }
+ p12enc->middleA1ecx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
+ sec_PKCS12AuthenticatedSafeTemplate,
+ sec_P12A1OutputCB_HmacP7Update,
+ &p12enc->middleBuf);
+ if (!p12enc->middleA1ecx) {
+ rv = SECFailure;
+ goto loser;
+ }
+ SEC_ASN1EncoderSetStreaming(p12enc->middleA1ecx);
+ SEC_ASN1EncoderSetTakeFromBuf(p12enc->middleA1ecx);
+
+ /* encode each of the safes */
+ while (p12enc->currentSafe != p12enc->p12exp->safeInfoCount) {
+ sec_pkcs12_encoder_asafe_process(p12enc);
+ p12enc->currentSafe++;
+ }
+ SEC_ASN1EncoderClearTakeFromBuf(p12enc->middleA1ecx);
+ SEC_ASN1EncoderClearStreaming(p12enc->middleA1ecx);
+ SEC_ASN1EncoderUpdate(p12enc->middleA1ecx, NULL, 0);
+ SEC_ASN1EncoderFinish(p12enc->middleA1ecx);
+ p12enc->middleA1ecx = NULL;
+
+ sec_FlushPkcs12OutputBuffer(&p12enc->middleBuf);
+
+ /* finish the encoding of the authenticated safes */
+ rv = SEC_PKCS7EncoderFinish(p12enc->middleP7ecx, p12exp->pwfn,
+ p12exp->pwfnarg);
+ p12enc->middleP7ecx = NULL;
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ SEC_ASN1EncoderClearTakeFromBuf(p12enc->outerA1ecx);
+ SEC_ASN1EncoderClearStreaming(p12enc->outerA1ecx);
+
+ /* update the mac, if necessary */
+ rv = sec_Pkcs12FinishMac(p12enc);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* finish encoding the pfx */
+ rv = SEC_ASN1EncoderUpdate(p12enc->outerA1ecx, NULL, 0);
+
+ SEC_ASN1EncoderFinish(p12enc->outerA1ecx);
+ p12enc->outerA1ecx = NULL;
+
+loser:
+ sec_pkcs12_encoder_destroy_context(p12enc);
+ return rv;
+}
+
+void
+SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12ecx)
+{
+ int i = 0;
+
+ if (!p12ecx) {
+ return;
+ }
+
+ if (p12ecx->safeInfos) {
+ i = 0;
+ while (p12ecx->safeInfos[i] != NULL) {
+ if (p12ecx->safeInfos[i]->encryptionKey) {
+ PK11_FreeSymKey(p12ecx->safeInfos[i]->encryptionKey);
+ }
+ if (p12ecx->safeInfos[i]->cinfo) {
+ SEC_PKCS7DestroyContentInfo(p12ecx->safeInfos[i]->cinfo);
+ }
+ i++;
+ }
+ }
+
+ PK11_FreeSlot(p12ecx->slot);
+
+ PORT_FreeArena(p12ecx->arena, PR_TRUE);
+}
diff --git a/security/nss/lib/pkcs12/p12exp.c b/security/nss/lib/pkcs12/p12exp.c
new file mode 100644
index 000000000..b9cb07656
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12exp.c
@@ -0,0 +1,1374 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "plarena.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "seccomon.h"
+#include "secport.h"
+#include "cert.h"
+#include "pkcs12.h"
+#include "p12local.h"
+#include "secpkcs7.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "p12plcy.h"
+
+/* release the memory taken up by the list of nicknames */
+static void
+sec_pkcs12_destroy_nickname_list(SECItem **nicknames)
+{
+ int i = 0;
+
+ if (nicknames == NULL) {
+ return;
+ }
+
+ while (nicknames[i] != NULL) {
+ SECITEM_FreeItem(nicknames[i], PR_FALSE);
+ i++;
+ }
+
+ PORT_Free(nicknames);
+}
+
+/* release the memory taken up by the list of certificates */
+static void
+sec_pkcs12_destroy_certificate_list(CERTCertificate **ref_certs)
+{
+ int i = 0;
+
+ if (ref_certs == NULL) {
+ return;
+ }
+
+ while (ref_certs[i] != NULL) {
+ CERT_DestroyCertificate(ref_certs[i]);
+ i++;
+ }
+}
+
+static void
+sec_pkcs12_destroy_cinfos_for_cert_bags(SEC_PKCS12CertAndCRLBag *certBag)
+{
+ int j = 0;
+ j = 0;
+ while (certBag->certAndCRLs[j] != NULL) {
+ SECOidTag certType = SECOID_FindOIDTag(&certBag->certAndCRLs[j]->BagID);
+ if (certType == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
+ SEC_PKCS12X509CertCRL *x509;
+ x509 = certBag->certAndCRLs[j]->value.x509;
+ SEC_PKCS7DestroyContentInfo(&x509->certOrCRL);
+ }
+ j++;
+ }
+}
+
+/* destroy all content infos since they were not allocated in common
+ * pool
+ */
+static void
+sec_pkcs12_destroy_cert_content_infos(SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage)
+{
+ int i, j;
+
+ if ((safe != NULL) && (safe->contents != NULL)) {
+ i = 0;
+ while (safe->contents[i] != NULL) {
+ SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
+ if (bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
+ SEC_PKCS12CertAndCRLBag *certBag;
+ certBag = safe->contents[i]->safeContent.certAndCRLBag;
+ sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
+ }
+ i++;
+ }
+ }
+
+ if ((baggage != NULL) && (baggage->bags != NULL)) {
+ i = 0;
+ while (baggage->bags[i] != NULL) {
+ if (baggage->bags[i]->unencSecrets != NULL) {
+ j = 0;
+ while (baggage->bags[i]->unencSecrets[j] != NULL) {
+ SECOidTag bagType;
+ bagType = SECOID_FindOIDTag(&baggage->bags[i]->unencSecrets[j]->safeBagType);
+ if (bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
+ SEC_PKCS12CertAndCRLBag *certBag;
+ certBag = baggage->bags[i]->unencSecrets[j]->safeContent.certAndCRLBag;
+ sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
+ }
+ j++;
+ }
+ }
+ i++;
+ }
+ }
+}
+
+/* convert the nickname list from a NULL termincated Char list
+ * to a NULL terminated SECItem list
+ */
+static SECItem **
+sec_pkcs12_convert_nickname_list(char **nicknames)
+{
+ SECItem **nicks;
+ int i, j;
+ PRBool error = PR_FALSE;
+
+ if (nicknames == NULL) {
+ return NULL;
+ }
+
+ i = j = 0;
+ while (nicknames[i] != NULL) {
+ i++;
+ }
+
+ /* allocate the space and copy the data */
+ nicks = (SECItem **)PORT_ZAlloc(sizeof(SECItem *) * (i + 1));
+ if (nicks != NULL) {
+ for (j = 0; ((j < i) && (error == PR_FALSE)); j++) {
+ nicks[j] = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (nicks[j] != NULL) {
+ nicks[j]->data =
+ (unsigned char *)PORT_ZAlloc(PORT_Strlen(nicknames[j]) + 1);
+ if (nicks[j]->data != NULL) {
+ nicks[j]->len = PORT_Strlen(nicknames[j]);
+ PORT_Memcpy(nicks[j]->data, nicknames[j], nicks[j]->len);
+ nicks[j]->data[nicks[j]->len] = 0;
+ } else {
+ error = PR_TRUE;
+ }
+ } else {
+ error = PR_TRUE;
+ }
+ }
+ }
+
+ if (error == PR_TRUE) {
+ for (i = 0; i < j; i++) {
+ SECITEM_FreeItem(nicks[i], PR_TRUE);
+ }
+ PORT_Free(nicks);
+ nicks = NULL;
+ }
+
+ return nicks;
+}
+
+/* package the certificate add_cert into PKCS12 structures,
+ * retrieve the certificate chain for the cert and return
+ * the packaged contents.
+ * poolp -- common memory pool;
+ * add_cert -- certificate to package up
+ * nickname for the certificate
+ * a return of NULL indicates an error
+ */
+static SEC_PKCS12CertAndCRL *
+sec_pkcs12_get_cert(PLArenaPool *poolp,
+ CERTCertificate *add_cert,
+ SECItem *nickname)
+{
+ SEC_PKCS12CertAndCRL *cert;
+ SEC_PKCS7ContentInfo *cinfo;
+ SGNDigestInfo *t_di;
+ void *mark;
+ SECStatus rv;
+
+ if ((poolp == NULL) || (add_cert == NULL) || (nickname == NULL)) {
+ return NULL;
+ }
+ mark = PORT_ArenaMark(poolp);
+
+ cert = sec_pkcs12_new_cert_crl(poolp, SEC_OID_PKCS12_X509_CERT_CRL_BAG);
+ if (cert != NULL) {
+
+ /* copy the nickname */
+ rv = SECITEM_CopyItem(poolp, &cert->nickname, nickname);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ cert = NULL;
+ } else {
+
+ /* package the certificate and cert chain into a NULL signer
+ * PKCS 7 SignedData content Info and prepare it for encoding
+ * since we cannot use DER_ANY_TEMPLATE
+ */
+ cinfo = SEC_PKCS7CreateCertsOnly(add_cert, PR_TRUE, NULL);
+ rv = SEC_PKCS7PrepareForEncode(cinfo, NULL, NULL, NULL);
+
+ /* thumbprint the certificate */
+ if ((cinfo != NULL) && (rv == SECSuccess)) {
+ PORT_Memcpy(&cert->value.x509->certOrCRL, cinfo, sizeof(*cinfo));
+ t_di = sec_pkcs12_compute_thumbprint(&add_cert->derCert);
+ if (t_di != NULL) {
+ /* test */
+ rv = SGN_CopyDigestInfo(poolp, &cert->value.x509->thumbprint,
+ t_di);
+ if (rv != SECSuccess) {
+ cert = NULL;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ SGN_DestroyDigestInfo(t_di);
+ } else
+ cert = NULL;
+ }
+ }
+ }
+
+ if (cert == NULL) {
+ PORT_ArenaRelease(poolp, mark);
+ } else {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+
+ return cert;
+}
+
+/* package the private key associated with the certificate and
+ * return the appropriate PKCS 12 structure
+ * poolp common memory pool
+ * nickname key nickname
+ * cert -- cert to look up
+ * wincx -- window handle
+ * an error is indicated by a return of NULL
+ */
+static SEC_PKCS12PrivateKey *
+sec_pkcs12_get_private_key(PLArenaPool *poolp,
+ SECItem *nickname,
+ CERTCertificate *cert,
+ void *wincx)
+{
+ SECKEYPrivateKeyInfo *pki;
+ SEC_PKCS12PrivateKey *pk;
+ SECStatus rv;
+ void *mark;
+
+ if ((poolp == NULL) || (nickname == NULL)) {
+ return NULL;
+ }
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* retrieve key from the data base */
+ pki = PK11_ExportPrivateKeyInfo(nickname, cert, wincx);
+ if (pki == NULL) {
+ PORT_ArenaRelease(poolp, mark);
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
+ return NULL;
+ }
+
+ pk = (SEC_PKCS12PrivateKey *)PORT_ArenaZAlloc(poolp,
+ sizeof(SEC_PKCS12PrivateKey));
+ if (pk != NULL) {
+ rv = sec_pkcs12_init_pvk_data(poolp, &pk->pvkData);
+
+ if (rv == SECSuccess) {
+ /* copy the key into poolp memory space */
+ rv = SECKEY_CopyPrivateKeyInfo(poolp, &pk->pkcs8data, pki);
+ if (rv == SECSuccess) {
+ rv = SECITEM_CopyItem(poolp, &pk->pvkData.nickname, nickname);
+ }
+ }
+
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ pk = NULL;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ /* destroy private key, zeroing out data */
+ SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
+ if (pk == NULL) {
+ PORT_ArenaRelease(poolp, mark);
+ } else {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+
+ return pk;
+}
+
+/* get a shrouded key item associated with a certificate
+ * return the appropriate PKCS 12 structure
+ * poolp common memory pool
+ * nickname key nickname
+ * cert -- cert to look up
+ * wincx -- window handle
+ * an error is indicated by a return of NULL
+ */
+static SEC_PKCS12ESPVKItem *
+sec_pkcs12_get_shrouded_key(PLArenaPool *poolp,
+ SECItem *nickname,
+ CERTCertificate *cert,
+ SECOidTag algorithm,
+ SECItem *pwitem,
+ PKCS12UnicodeConvertFunction unicodeFn,
+ void *wincx)
+{
+ SECKEYEncryptedPrivateKeyInfo *epki;
+ SEC_PKCS12ESPVKItem *pk;
+ void *mark;
+ SECStatus rv;
+ PK11SlotInfo *slot = NULL;
+ PRBool swapUnicodeBytes = PR_FALSE;
+
+#ifdef IS_LITTLE_ENDIAN
+ swapUnicodeBytes = PR_TRUE;
+#endif
+
+ if ((poolp == NULL) || (nickname == NULL))
+ return NULL;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* use internal key slot */
+ slot = PK11_GetInternalKeySlot();
+
+ /* retrieve encrypted prviate key */
+ epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm, pwitem,
+ nickname, cert, 1, 0, NULL);
+ PK11_FreeSlot(slot);
+ if (epki == NULL) {
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+ }
+
+ /* create a private key and store the data into the poolp memory space */
+ pk = sec_pkcs12_create_espvk(poolp, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING);
+ if (pk != NULL) {
+ rv = sec_pkcs12_init_pvk_data(poolp, &pk->espvkData);
+ rv = SECITEM_CopyItem(poolp, &pk->espvkData.nickname, nickname);
+ pk->espvkCipherText.pkcs8KeyShroud =
+ (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp,
+ sizeof(SECKEYEncryptedPrivateKeyInfo));
+ if ((pk->espvkCipherText.pkcs8KeyShroud != NULL) && (rv == SECSuccess)) {
+ rv = SECKEY_CopyEncryptedPrivateKeyInfo(poolp,
+ pk->espvkCipherText.pkcs8KeyShroud, epki);
+ if (rv == SECSuccess) {
+ rv = (*unicodeFn)(poolp, &pk->espvkData.uniNickName, nickname,
+ PR_TRUE, swapUnicodeBytes);
+ }
+ }
+
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ pk = NULL;
+ }
+ }
+
+ SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
+ if (pk == NULL) {
+ PORT_ArenaRelease(poolp, mark);
+ } else {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+
+ return pk;
+}
+
+/* add a thumbprint to a private key associated certs list
+ * pvk is the area where the list is stored
+ * thumb is the thumbprint to copy
+ * a return of SECFailure indicates an error
+ */
+static SECStatus
+sec_pkcs12_add_thumbprint(SEC_PKCS12PVKSupportingData *pvk,
+ SGNDigestInfo *thumb)
+{
+ SGNDigestInfo **thumb_list = NULL;
+ int nthumbs, size;
+ void *mark, *dummy;
+ SECStatus rv = SECFailure;
+
+ if ((pvk == NULL) || (thumb == NULL)) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(pvk->poolp);
+
+ thumb_list = pvk->assocCerts;
+ nthumbs = pvk->nThumbs;
+
+ /* allocate list space needed -- either growing or allocating
+ * list must be NULL terminated
+ */
+ size = sizeof(SGNDigestInfo *);
+ dummy = PORT_ArenaGrow(pvk->poolp, thumb_list, (size * (nthumbs + 1)),
+ (size * (nthumbs + 2)));
+ thumb_list = dummy;
+ if (dummy != NULL) {
+ thumb_list[nthumbs] = (SGNDigestInfo *)PORT_ArenaZAlloc(pvk->poolp,
+ sizeof(SGNDigestInfo));
+ if (thumb_list[nthumbs] != NULL) {
+ SGN_CopyDigestInfo(pvk->poolp, thumb_list[nthumbs], thumb);
+ nthumbs += 1;
+ thumb_list[nthumbs] = 0;
+ } else {
+ dummy = NULL;
+ }
+ }
+
+ if (dummy == NULL) {
+ PORT_ArenaRelease(pvk->poolp, mark);
+ return SECFailure;
+ }
+
+ pvk->assocCerts = thumb_list;
+ pvk->nThumbs = nthumbs;
+
+ PORT_ArenaUnmark(pvk->poolp, mark);
+ return SECSuccess;
+}
+
+/* search the list of shrouded keys in the baggage for the desired
+ * name. return a pointer to the item. a return of NULL indicates
+ * that no match was present or that an error occurred.
+ */
+static SEC_PKCS12ESPVKItem *
+sec_pkcs12_get_espvk_by_name(SEC_PKCS12Baggage *luggage,
+ SECItem *name)
+{
+ PRBool found = PR_FALSE;
+ SEC_PKCS12ESPVKItem *espvk = NULL;
+ int i, j;
+ SECComparison rv = SECEqual;
+ SECItem *t_name;
+ SEC_PKCS12BaggageItem *bag;
+
+ if ((luggage == NULL) || (name == NULL)) {
+ return NULL;
+ }
+
+ i = 0;
+ while ((found == PR_FALSE) && (i < luggage->luggage_size)) {
+ j = 0;
+ bag = luggage->bags[i];
+ while ((found == PR_FALSE) && (j < bag->nEspvks)) {
+ espvk = bag->espvks[j];
+ if (espvk->poolp == NULL) {
+ espvk->poolp = luggage->poolp;
+ }
+ t_name = SECITEM_DupItem(&espvk->espvkData.nickname);
+ if (t_name != NULL) {
+ rv = SECITEM_CompareItem(name, t_name);
+ if (rv == SECEqual) {
+ found = PR_TRUE;
+ }
+ SECITEM_FreeItem(t_name, PR_TRUE);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ j++;
+ }
+ i++;
+ }
+
+ if (found != PR_TRUE) {
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
+ return NULL;
+ }
+
+ return espvk;
+}
+
+/* locates a certificate and copies the thumbprint to the
+ * appropriate private key
+ */
+static SECStatus
+sec_pkcs12_propagate_thumbprints(SECItem **nicknames,
+ CERTCertificate **ref_certs,
+ SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage)
+{
+ SEC_PKCS12CertAndCRL *cert;
+ SEC_PKCS12PrivateKey *key;
+ SEC_PKCS12ESPVKItem *espvk;
+ int i;
+ PRBool error = PR_FALSE;
+ SECStatus rv = SECFailure;
+
+ if ((nicknames == NULL) || (safe == NULL)) {
+ return SECFailure;
+ }
+
+ i = 0;
+ while ((nicknames[i] != NULL) && (error == PR_FALSE)) {
+ /* process all certs */
+ cert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
+ SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
+ nicknames[i], NULL);
+ if (cert != NULL) {
+ /* locate key and copy thumbprint */
+ key = (SEC_PKCS12PrivateKey *)sec_pkcs12_find_object(safe, baggage,
+ SEC_OID_PKCS12_KEY_BAG_ID,
+ nicknames[i], NULL);
+ if (key != NULL) {
+ key->pvkData.poolp = key->poolp;
+ rv = sec_pkcs12_add_thumbprint(&key->pvkData,
+ &cert->value.x509->thumbprint);
+ if (rv == SECFailure)
+ error = PR_TRUE; /* XXX Set error? */
+ }
+
+ /* look in the baggage as well...*/
+ if ((baggage != NULL) && (error == PR_FALSE)) {
+ espvk = sec_pkcs12_get_espvk_by_name(baggage, nicknames[i]);
+ if (espvk != NULL) {
+ espvk->espvkData.poolp = espvk->poolp;
+ rv = sec_pkcs12_add_thumbprint(&espvk->espvkData,
+ &cert->value.x509->thumbprint);
+ if (rv == SECFailure)
+ error = PR_TRUE; /* XXX Set error? */
+ }
+ }
+ }
+ i++;
+ }
+
+ if (error == PR_TRUE) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/* append a safe bag to the end of the safe contents list */
+SECStatus
+sec_pkcs12_append_safe_bag(SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12SafeBag *bag)
+{
+ int size;
+ void *mark = NULL, *dummy = NULL;
+
+ if ((bag == NULL) || (safe == NULL))
+ return SECFailure;
+
+ mark = PORT_ArenaMark(safe->poolp);
+
+ size = (safe->safe_size * sizeof(SEC_PKCS12SafeBag *));
+
+ if (safe->safe_size > 0) {
+ dummy = (SEC_PKCS12SafeBag **)PORT_ArenaGrow(safe->poolp,
+ safe->contents,
+ size,
+ (size + sizeof(SEC_PKCS12SafeBag *)));
+ safe->contents = dummy;
+ } else {
+ safe->contents = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(safe->poolp,
+ (2 * sizeof(SEC_PKCS12SafeBag *)));
+ dummy = safe->contents;
+ }
+
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ safe->contents[safe->safe_size] = bag;
+ safe->safe_size++;
+ safe->contents[safe->safe_size] = NULL;
+
+ PORT_ArenaUnmark(safe->poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(safe->poolp, mark);
+ return SECFailure;
+}
+
+/* append a certificate onto the end of a cert bag */
+static SECStatus
+sec_pkcs12_append_cert_to_bag(PLArenaPool *arena,
+ SEC_PKCS12SafeBag *safebag,
+ CERTCertificate *cert,
+ SECItem *nickname)
+{
+ int size;
+ void *dummy = NULL, *mark = NULL;
+ SEC_PKCS12CertAndCRL *p12cert;
+ SEC_PKCS12CertAndCRLBag *bag;
+
+ if ((arena == NULL) || (safebag == NULL) ||
+ (cert == NULL) || (nickname == NULL)) {
+ return SECFailure;
+ }
+
+ bag = safebag->safeContent.certAndCRLBag;
+ if (bag == NULL) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(arena);
+
+ p12cert = sec_pkcs12_get_cert(arena, cert, nickname);
+ if (p12cert == NULL) {
+ PORT_ArenaRelease(bag->poolp, mark);
+ return SECFailure;
+ }
+
+ size = bag->bag_size * sizeof(SEC_PKCS12CertAndCRL *);
+ if (bag->bag_size > 0) {
+ dummy = (SEC_PKCS12CertAndCRL **)PORT_ArenaGrow(bag->poolp,
+ bag->certAndCRLs,
+ size,
+ size + sizeof(SEC_PKCS12CertAndCRL *));
+ bag->certAndCRLs = dummy;
+ } else {
+ bag->certAndCRLs = (SEC_PKCS12CertAndCRL **)PORT_ArenaZAlloc(bag->poolp,
+ (2 * sizeof(SEC_PKCS12CertAndCRL *)));
+ dummy = bag->certAndCRLs;
+ }
+
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ bag->certAndCRLs[bag->bag_size] = p12cert;
+ bag->bag_size++;
+ bag->certAndCRLs[bag->bag_size] = NULL;
+
+ PORT_ArenaUnmark(bag->poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(bag->poolp, mark);
+ return SECFailure;
+}
+
+/* append a key onto the end of a list of keys in a key bag */
+SECStatus
+sec_pkcs12_append_key_to_bag(SEC_PKCS12SafeBag *safebag,
+ SEC_PKCS12PrivateKey *pk)
+{
+ void *mark, *dummy;
+ SEC_PKCS12PrivateKeyBag *bag;
+ int size;
+
+ if ((safebag == NULL) || (pk == NULL))
+ return SECFailure;
+
+ bag = safebag->safeContent.keyBag;
+ if (bag == NULL) {
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(bag->poolp);
+
+ size = (bag->bag_size * sizeof(SEC_PKCS12PrivateKey *));
+
+ if (bag->bag_size > 0) {
+ dummy = (SEC_PKCS12PrivateKey **)PORT_ArenaGrow(bag->poolp,
+ bag->privateKeys,
+ size,
+ size + sizeof(SEC_PKCS12PrivateKey *));
+ bag->privateKeys = dummy;
+ } else {
+ bag->privateKeys = (SEC_PKCS12PrivateKey **)PORT_ArenaZAlloc(bag->poolp,
+ (2 * sizeof(SEC_PKCS12PrivateKey *)));
+ dummy = bag->privateKeys;
+ }
+
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ bag->privateKeys[bag->bag_size] = pk;
+ bag->bag_size++;
+ bag->privateKeys[bag->bag_size] = NULL;
+
+ PORT_ArenaUnmark(bag->poolp, mark);
+ return SECSuccess;
+
+loser:
+ /* XXX Free memory? */
+ PORT_ArenaRelease(bag->poolp, mark);
+ return SECFailure;
+}
+
+/* append a safe bag to the baggage area */
+static SECStatus
+sec_pkcs12_append_unshrouded_bag(SEC_PKCS12BaggageItem *bag,
+ SEC_PKCS12SafeBag *u_bag)
+{
+ int size;
+ void *mark = NULL, *dummy = NULL;
+
+ if ((bag == NULL) || (u_bag == NULL))
+ return SECFailure;
+
+ mark = PORT_ArenaMark(bag->poolp);
+
+ /* dump things into the first bag */
+ size = (bag->nSecrets + 1) * sizeof(SEC_PKCS12SafeBag *);
+ dummy = PORT_ArenaGrow(bag->poolp,
+ bag->unencSecrets, size,
+ size + sizeof(SEC_PKCS12SafeBag *));
+ bag->unencSecrets = dummy;
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ bag->unencSecrets[bag->nSecrets] = u_bag;
+ bag->nSecrets++;
+ bag->unencSecrets[bag->nSecrets] = NULL;
+
+ PORT_ArenaUnmark(bag->poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(bag->poolp, mark);
+ return SECFailure;
+}
+
+/* gather up all certificates and keys and package them up
+ * in the safe, baggage, or both.
+ * nicknames is the list of nicknames and corresponding certs in ref_certs
+ * ref_certs a null terminated list of certificates
+ * rSafe, rBaggage -- return areas for safe and baggage
+ * shroud_keys -- store keys externally
+ * pwitem -- password for computing integrity mac and encrypting contents
+ * wincx -- window handle
+ *
+ * if a failure occurs, an error is set and SECFailure returned.
+ */
+static SECStatus
+sec_pkcs12_package_certs_and_keys(SECItem **nicknames,
+ CERTCertificate **ref_certs,
+ PRBool unencryptedCerts,
+ SEC_PKCS12SafeContents **rSafe,
+ SEC_PKCS12Baggage **rBaggage,
+ PRBool shroud_keys,
+ SECOidTag shroud_alg,
+ SECItem *pwitem,
+ PKCS12UnicodeConvertFunction unicodeFn,
+ void *wincx)
+{
+ PLArenaPool *permArena;
+ SEC_PKCS12SafeContents *safe = NULL;
+ SEC_PKCS12Baggage *baggage = NULL;
+
+ SECStatus rv = SECFailure;
+ PRBool problem = PR_FALSE;
+
+ SEC_PKCS12ESPVKItem *espvk = NULL;
+ SEC_PKCS12PrivateKey *pk = NULL;
+ CERTCertificate *add_cert = NULL;
+ SEC_PKCS12SafeBag *certbag = NULL, *keybag = NULL;
+ SEC_PKCS12BaggageItem *external_bag = NULL;
+ int ncerts = 0, nkeys = 0;
+ int i;
+
+ if ((nicknames == NULL) || (rSafe == NULL) || (rBaggage == NULL)) {
+ return SECFailure;
+ }
+
+ *rBaggage = baggage;
+ *rSafe = safe;
+
+ permArena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (permArena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ /* allocate structures */
+ safe = sec_pkcs12_create_safe_contents(permArena);
+ if (safe == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ certbag = sec_pkcs12_create_safe_bag(permArena,
+ SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID);
+ if (certbag == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ if (shroud_keys != PR_TRUE) {
+ keybag = sec_pkcs12_create_safe_bag(permArena,
+ SEC_OID_PKCS12_KEY_BAG_ID);
+ if (keybag == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ }
+
+ if ((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
+ baggage = sec_pkcs12_create_baggage(permArena);
+ if (baggage == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ external_bag = sec_pkcs12_create_external_bag(baggage);
+ }
+
+ /* package keys and certs */
+ i = 0;
+ while ((nicknames[i] != NULL) && (problem == PR_FALSE)) {
+ if (ref_certs[i] != NULL) {
+ /* append cert to bag o certs */
+ rv = sec_pkcs12_append_cert_to_bag(permArena, certbag,
+ ref_certs[i],
+ nicknames[i]);
+ if (rv == SECFailure) {
+ problem = PR_FALSE;
+ } else {
+ ncerts++;
+ }
+
+ if (rv == SECSuccess) {
+ /* package up them keys */
+ if (shroud_keys == PR_TRUE) {
+ espvk = sec_pkcs12_get_shrouded_key(permArena,
+ nicknames[i],
+ ref_certs[i],
+ shroud_alg,
+ pwitem, unicodeFn,
+ wincx);
+ if (espvk != NULL) {
+ rv = sec_pkcs12_append_shrouded_key(external_bag, espvk);
+ SECITEM_CopyItem(permArena, &espvk->derCert,
+ &ref_certs[i]->derCert);
+ } else {
+ rv = SECFailure;
+ }
+ } else {
+ pk = sec_pkcs12_get_private_key(permArena, nicknames[i],
+ ref_certs[i], wincx);
+ if (pk != NULL) {
+ rv = sec_pkcs12_append_key_to_bag(keybag, pk);
+ SECITEM_CopyItem(permArena, &espvk->derCert,
+ &ref_certs[i]->derCert);
+ } else {
+ rv = SECFailure;
+ }
+ }
+
+ if (rv == SECFailure) {
+ problem = PR_TRUE;
+ } else {
+ nkeys++;
+ }
+ }
+ } else {
+ /* handle only keys here ? */
+ problem = PR_TRUE;
+ }
+ i++;
+ }
+
+/* let success fall through */
+loser:
+ if (problem == PR_FALSE) {
+ /* if we have certs, we want to append the cert bag to the
+ * appropriate area
+ */
+ if (ncerts > 0) {
+ if (unencryptedCerts != PR_TRUE) {
+ rv = sec_pkcs12_append_safe_bag(safe, certbag);
+ } else {
+ rv = sec_pkcs12_append_unshrouded_bag(external_bag, certbag);
+ }
+ } else {
+ rv = SECSuccess;
+ }
+
+ /* append key bag, if they are stored in safe contents */
+ if ((rv == SECSuccess) && (shroud_keys == PR_FALSE) && (nkeys > 0)) {
+ rv = sec_pkcs12_append_safe_bag(safe, keybag);
+ }
+ } else {
+ rv = SECFailure;
+ }
+
+ /* if baggage not used, NULLify it */
+ if ((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
+ if (((unencryptedCerts == PR_TRUE) && (ncerts == 0)) &&
+ ((shroud_keys == PR_TRUE) && (nkeys == 0)))
+ baggage = NULL;
+ } else {
+ baggage = NULL;
+ }
+
+ if ((problem == PR_TRUE) || (rv == SECFailure)) {
+ PORT_FreeArena(permArena, PR_TRUE);
+ rv = SECFailure;
+ baggage = NULL;
+ safe = NULL;
+ }
+
+ *rBaggage = baggage;
+ *rSafe = safe;
+
+ return rv;
+}
+
+/* DER encode the safe contents and return a SECItem. if an error
+ * occurs, NULL is returned.
+ */
+static SECItem *
+sec_pkcs12_encode_safe_contents(SEC_PKCS12SafeContents *safe)
+{
+ SECItem *dsafe = NULL, *tsafe;
+ void *dummy = NULL;
+ PLArenaPool *arena;
+
+ if (safe == NULL) {
+ return NULL;
+ }
+
+ /* rv = sec_pkcs12_prepare_for_der_code_safe(safe, PR_TRUE);
+ if(rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }*/
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ tsafe = (SECItem *)PORT_ArenaZAlloc(arena, sizeof(SECItem));
+ if (tsafe != NULL) {
+ dummy = SEC_ASN1EncodeItem(arena, tsafe, safe,
+ SEC_PKCS12SafeContentsTemplate);
+ if (dummy != NULL) {
+ dsafe = SECITEM_DupItem(tsafe);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ PORT_FreeArena(arena, PR_TRUE);
+
+ return dsafe;
+}
+
+/* prepare the authenicated safe for encoding and encode it.
+ * baggage is copied to the appropriate area, safe is encoded and
+ * encrypted. the version and transport mode are set on the asafe.
+ * the whole ball of wax is then der encoded and packaged up into
+ * data content info
+ * safe -- container of certs and keys, is encrypted.
+ * baggage -- container of certs and keys, keys assumed to be encrypted by
+ * another method, certs are in the clear
+ * algorithm -- algorithm by which to encrypt safe
+ * pwitem -- password for encryption
+ * wincx - window handle
+ *
+ * return of NULL is an error condition.
+ */
+static SEC_PKCS7ContentInfo *
+sec_pkcs12_get_auth_safe(SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage,
+ SECOidTag algorithm,
+ SECItem *pwitem,
+ PKCS12UnicodeConvertFunction unicodeFn,
+ void *wincx)
+{
+ SECItem *src = NULL, *dest = NULL, *psalt = NULL;
+ PLArenaPool *poolp;
+ SEC_PKCS12AuthenticatedSafe *asafe;
+ SEC_PKCS7ContentInfo *safe_cinfo = NULL;
+ SEC_PKCS7ContentInfo *asafe_cinfo = NULL;
+ void *dummy;
+ SECStatus rv = SECSuccess;
+ PRBool swapUnicodeBytes = PR_FALSE;
+
+#ifdef IS_LITTLE_ENDIAN
+ swapUnicodeBytes = PR_TRUE;
+#endif
+
+ if (((safe != NULL) && (pwitem == NULL)) && (baggage == NULL))
+ return NULL;
+
+ poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (poolp == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ /* prepare authenticated safe for encode */
+ asafe = sec_pkcs12_new_asafe(poolp);
+ if (asafe != NULL) {
+
+ /* set version */
+ dummy = SEC_ASN1EncodeInteger(asafe->poolp, &asafe->version,
+ SEC_PKCS12_PFX_VERSION);
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* generate the privacy salt used to create virtual pwd */
+ psalt = sec_pkcs12_generate_salt();
+ if (psalt != NULL) {
+ rv = SECITEM_CopyItem(asafe->poolp, &asafe->privacySalt,
+ psalt);
+ if (rv == SECSuccess) {
+ asafe->privacySalt.len *= 8;
+ } else {
+ SECITEM_ZfreeItem(psalt, PR_TRUE);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ }
+
+ if ((psalt == NULL) || (rv == SECFailure)) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* package up safe contents */
+ if (safe != NULL) {
+ safe_cinfo = SEC_PKCS7CreateEncryptedData(algorithm, NULL, wincx);
+ if ((safe_cinfo != NULL) && (safe->safe_size > 0)) {
+ /* encode the safe and encrypt the contents of the
+ * content info
+ */
+ src = sec_pkcs12_encode_safe_contents(safe);
+
+ if (src != NULL) {
+ rv = SEC_PKCS7SetContent(safe_cinfo, (char *)src->data, src->len);
+ SECITEM_ZfreeItem(src, PR_TRUE);
+ if (rv == SECSuccess) {
+ SECItem *vpwd;
+ vpwd = sec_pkcs12_create_virtual_password(pwitem, psalt,
+ unicodeFn, swapUnicodeBytes);
+ if (vpwd != NULL) {
+ rv = SEC_PKCS7EncryptContents(NULL, safe_cinfo,
+ vpwd, wincx);
+ SECITEM_ZfreeItem(vpwd, PR_TRUE);
+ } else {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ } else {
+ rv = SECFailure;
+ }
+ } else if (safe->safe_size > 0) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ } else {
+ /* case where there is NULL content in the safe contents */
+ rv = SEC_PKCS7SetContent(safe_cinfo, NULL, 0);
+ if (rv != SECFailure) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ }
+
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(safe_cinfo);
+ safe_cinfo = NULL;
+ goto loser;
+ }
+
+ asafe->safe = safe_cinfo;
+ /*
+ PORT_Memcpy(&asafe->safe, safe_cinfo, sizeof(*safe_cinfo));
+ */
+ }
+
+ /* copy the baggage to the authenticated safe baggage if present */
+ if (baggage != NULL) {
+ PORT_Memcpy(&asafe->baggage, baggage, sizeof(*baggage));
+ }
+
+ /* encode authenticated safe and store it in a Data content info */
+ dest = (SECItem *)PORT_ArenaZAlloc(poolp, sizeof(SECItem));
+ if (dest != NULL) {
+ dummy = SEC_ASN1EncodeItem(poolp, dest, asafe,
+ SEC_PKCS12AuthenticatedSafeTemplate);
+ if (dummy != NULL) {
+ asafe_cinfo = SEC_PKCS7CreateData();
+ if (asafe_cinfo != NULL) {
+ rv = SEC_PKCS7SetContent(asafe_cinfo,
+ (char *)dest->data,
+ dest->len);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ SEC_PKCS7DestroyContentInfo(asafe_cinfo);
+ asafe_cinfo = NULL;
+ }
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ }
+ }
+ }
+
+loser:
+ PORT_FreeArena(poolp, PR_TRUE);
+ if (safe_cinfo != NULL) {
+ SEC_PKCS7DestroyContentInfo(safe_cinfo);
+ }
+ if (psalt != NULL) {
+ SECITEM_ZfreeItem(psalt, PR_TRUE);
+ }
+
+ if (rv == SECFailure) {
+ return NULL;
+ }
+
+ return asafe_cinfo;
+}
+
+/* generates the PFX and computes the mac on the authenticated safe
+ * NULL implies an error
+ */
+static SEC_PKCS12PFXItem *
+sec_pkcs12_get_pfx(SEC_PKCS7ContentInfo *cinfo,
+ PRBool do_mac,
+ SECItem *pwitem, PKCS12UnicodeConvertFunction unicodeFn)
+{
+ SECItem *dest = NULL, *mac = NULL, *salt = NULL, *key = NULL;
+ SEC_PKCS12PFXItem *pfx;
+ SECStatus rv = SECFailure;
+ SGNDigestInfo *di;
+ SECItem *vpwd;
+ PRBool swapUnicodeBytes = PR_FALSE;
+
+#ifdef IS_LITTLE_ENDIAN
+ swapUnicodeBytes = PR_TRUE;
+#endif
+
+ if ((cinfo == NULL) || ((do_mac == PR_TRUE) && (pwitem == NULL))) {
+ return NULL;
+ }
+
+ /* allocate new pfx structure */
+ pfx = sec_pkcs12_new_pfx();
+ if (pfx == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ PORT_Memcpy(&pfx->authSafe, cinfo, sizeof(*cinfo));
+ if (do_mac == PR_TRUE) {
+
+ /* salt for computing mac */
+ salt = sec_pkcs12_generate_salt();
+ if (salt != NULL) {
+ rv = SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, salt);
+ pfx->macData.macSalt.len *= 8;
+
+ vpwd = sec_pkcs12_create_virtual_password(pwitem, salt,
+ unicodeFn, swapUnicodeBytes);
+ if (vpwd == NULL) {
+ rv = SECFailure;
+ key = NULL;
+ } else {
+ key = sec_pkcs12_generate_key_from_password(SEC_OID_SHA1,
+ salt, vpwd);
+ SECITEM_ZfreeItem(vpwd, PR_TRUE);
+ }
+
+ if ((key != NULL) && (rv == SECSuccess)) {
+ dest = SEC_PKCS7GetContent(cinfo);
+ if (dest != NULL) {
+
+ /* compute mac on data -- for password integrity mode */
+ mac = sec_pkcs12_generate_mac(key, dest, PR_FALSE);
+ if (mac != NULL) {
+ di = SGN_CreateDigestInfo(SEC_OID_SHA1,
+ mac->data, mac->len);
+ if (di != NULL) {
+ rv = SGN_CopyDigestInfo(pfx->poolp,
+ &pfx->macData.safeMac, di);
+ SGN_DestroyDigestInfo(di);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ SECITEM_ZfreeItem(mac, PR_TRUE);
+ }
+ } else {
+ rv = SECFailure;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ }
+
+ if (key != NULL) {
+ SECITEM_ZfreeItem(key, PR_TRUE);
+ }
+ SECITEM_ZfreeItem(salt, PR_TRUE);
+ }
+ }
+
+ if (rv == SECFailure) {
+ SEC_PKCS12DestroyPFX(pfx);
+ pfx = NULL;
+ }
+
+ return pfx;
+}
+
+/* der encode the pfx */
+static SECItem *
+sec_pkcs12_encode_pfx(SEC_PKCS12PFXItem *pfx)
+{
+ SECItem *dest;
+ void *dummy;
+
+ if (pfx == NULL) {
+ return NULL;
+ }
+
+ dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (dest == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ dummy = SEC_ASN1EncodeItem(NULL, dest, pfx, SEC_PKCS12PFXItemTemplate);
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ SECITEM_ZfreeItem(dest, PR_TRUE);
+ dest = NULL;
+ }
+
+ return dest;
+}
+
+SECItem *
+SEC_PKCS12GetPFX(char **nicknames,
+ CERTCertificate **ref_certs,
+ PRBool shroud_keys,
+ SEC_PKCS5GetPBEPassword pbef,
+ void *pbearg,
+ PKCS12UnicodeConvertFunction unicodeFn,
+ void *wincx)
+{
+ SECItem **nicks = NULL;
+ SEC_PKCS12PFXItem *pfx = NULL;
+ SEC_PKCS12Baggage *baggage = NULL;
+ SEC_PKCS12SafeContents *safe = NULL;
+ SEC_PKCS7ContentInfo *cinfo = NULL;
+ SECStatus rv = SECFailure;
+ SECItem *dest = NULL, *pwitem = NULL;
+ PRBool problem = PR_FALSE;
+ PRBool unencryptedCerts;
+ SECOidTag shroud_alg, safe_alg;
+
+ /* how should we encrypt certs ? */
+ unencryptedCerts = !SEC_PKCS12IsEncryptionAllowed();
+ if (!unencryptedCerts) {
+ safe_alg = SEC_PKCS12GetPreferredEncryptionAlgorithm();
+ if (safe_alg == SEC_OID_UNKNOWN) {
+ safe_alg = SEC_PKCS12GetStrongestAllowedAlgorithm();
+ }
+ if (safe_alg == SEC_OID_UNKNOWN) {
+ unencryptedCerts = PR_TRUE;
+ /* for export where no encryption is allowed, we still need
+ * to encrypt the NULL contents per the spec. encrypted info
+ * is known plaintext, so it shouldn't be a problem.
+ */
+ safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
+ }
+ } else {
+ /* for export where no encryption is allowed, we still need
+ * to encrypt the NULL contents per the spec. encrypted info
+ * is known plaintext, so it shouldn't be a problem.
+ */
+ safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
+ }
+
+ /* keys are always stored with triple DES */
+ shroud_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
+
+ /* check for FIPS, if so, do not encrypt certs */
+ if (PK11_IsFIPS() && !unencryptedCerts) {
+ unencryptedCerts = PR_TRUE;
+ }
+
+ if ((nicknames == NULL) || (pbef == NULL) || (ref_certs == NULL)) {
+ problem = PR_TRUE;
+ goto loser;
+ }
+
+ /* get password */
+ pwitem = (*pbef)(pbearg);
+ if (pwitem == NULL) {
+ problem = PR_TRUE;
+ goto loser;
+ }
+ nicks = sec_pkcs12_convert_nickname_list(nicknames);
+
+ /* get safe and baggage */
+ rv = sec_pkcs12_package_certs_and_keys(nicks, ref_certs, unencryptedCerts,
+ &safe, &baggage, shroud_keys,
+ shroud_alg, pwitem, unicodeFn, wincx);
+ if (rv == SECFailure) {
+ problem = PR_TRUE;
+ }
+
+ if ((safe != NULL) && (problem == PR_FALSE)) {
+ /* copy thumbprints */
+ rv = sec_pkcs12_propagate_thumbprints(nicks, ref_certs, safe, baggage);
+
+ /* package everything up into AuthenticatedSafe */
+ cinfo = sec_pkcs12_get_auth_safe(safe, baggage,
+ safe_alg, pwitem, unicodeFn, wincx);
+
+ sec_pkcs12_destroy_cert_content_infos(safe, baggage);
+
+ /* get the pfx and mac it */
+ if (cinfo != NULL) {
+ pfx = sec_pkcs12_get_pfx(cinfo, PR_TRUE, pwitem, unicodeFn);
+ if (pfx != NULL) {
+ dest = sec_pkcs12_encode_pfx(pfx);
+ SEC_PKCS12DestroyPFX(pfx);
+ }
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ }
+
+ if (safe != NULL) {
+ PORT_FreeArena(safe->poolp, PR_TRUE);
+ }
+ } else {
+ if (safe != NULL) {
+ PORT_FreeArena(safe->poolp, PR_TRUE);
+ }
+ }
+
+loser:
+ if (nicks != NULL) {
+ sec_pkcs12_destroy_nickname_list(nicks);
+ }
+
+ if (ref_certs != NULL) {
+ sec_pkcs12_destroy_certificate_list(ref_certs);
+ }
+
+ if (pwitem != NULL) {
+ SECITEM_ZfreeItem(pwitem, PR_TRUE);
+ }
+
+ if (problem == PR_TRUE) {
+ dest = NULL;
+ }
+
+ return dest;
+}
diff --git a/security/nss/lib/pkcs12/p12local.c b/security/nss/lib/pkcs12/p12local.c
new file mode 100644
index 000000000..d7f0d9e9a
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12local.c
@@ -0,0 +1,1341 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssrenam.h"
+#include "pkcs12.h"
+#include "secpkcs7.h"
+#include "secasn1.h"
+#include "seccomon.h"
+#include "secoid.h"
+#include "sechash.h"
+#include "secitem.h"
+#include "secerr.h"
+#include "pk11func.h"
+#include "p12local.h"
+#include "p12.h"
+
+#define SALT_LENGTH 16
+
+SEC_ASN1_MKSUB(SECKEY_PrivateKeyInfoTemplate)
+SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
+
+CK_MECHANISM_TYPE
+sec_pkcs12_algtag_to_mech(SECOidTag algtag)
+{
+ switch (algtag) {
+ case SEC_OID_MD2:
+ return CKM_MD2_HMAC;
+ case SEC_OID_MD5:
+ return CKM_MD5_HMAC;
+ case SEC_OID_SHA1:
+ return CKM_SHA_1_HMAC;
+ case SEC_OID_SHA224:
+ return CKM_SHA224_HMAC;
+ case SEC_OID_SHA256:
+ return CKM_SHA256_HMAC;
+ case SEC_OID_SHA384:
+ return CKM_SHA384_HMAC;
+ case SEC_OID_SHA512:
+ return CKM_SHA512_HMAC;
+ default:
+ break;
+ }
+ return CKM_INVALID_MECHANISM;
+}
+
+/* helper functions */
+/* returns proper bag type template based upon object type tag */
+const SEC_ASN1Template *
+sec_pkcs12_choose_bag_type_old(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ SEC_PKCS12SafeBag *safebag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ safebag = (SEC_PKCS12SafeBag *)src_or_dest;
+
+ oiddata = safebag->safeBagTypeTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&safebag->safeBagType);
+ safebag->safeBagTypeTag = oiddata;
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ break;
+ case SEC_OID_PKCS12_KEY_BAG_ID:
+ theTemplate = SEC_PointerToPKCS12KeyBagTemplate;
+ break;
+ case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
+ theTemplate = SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD;
+ break;
+ case SEC_OID_PKCS12_SECRET_BAG_ID:
+ theTemplate = SEC_PointerToPKCS12SecretBagTemplate;
+ break;
+ }
+ return theTemplate;
+}
+
+const SEC_ASN1Template *
+sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ SEC_PKCS12SafeBag *safebag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ safebag = (SEC_PKCS12SafeBag *)src_or_dest;
+
+ oiddata = safebag->safeBagTypeTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&safebag->safeBagType);
+ safebag->safeBagTypeTag = oiddata;
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ case SEC_OID_PKCS12_KEY_BAG_ID:
+ theTemplate = SEC_PKCS12PrivateKeyBagTemplate;
+ break;
+ case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
+ theTemplate = SEC_PKCS12CertAndCRLBagTemplate;
+ break;
+ case SEC_OID_PKCS12_SECRET_BAG_ID:
+ theTemplate = SEC_PKCS12SecretBagTemplate;
+ break;
+ }
+ return theTemplate;
+}
+
+/* returns proper cert crl template based upon type tag */
+const SEC_ASN1Template *
+sec_pkcs12_choose_cert_crl_type_old(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ SEC_PKCS12CertAndCRL *certbag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ certbag = (SEC_PKCS12CertAndCRL *)src_or_dest;
+ oiddata = certbag->BagTypeTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&certbag->BagID);
+ certbag->BagTypeTag = oiddata;
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ break;
+ case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
+ theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate_OLD;
+ break;
+ case SEC_OID_PKCS12_SDSI_CERT_BAG:
+ theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
+ break;
+ }
+ return theTemplate;
+}
+
+const SEC_ASN1Template *
+sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ SEC_PKCS12CertAndCRL *certbag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ certbag = (SEC_PKCS12CertAndCRL *)src_or_dest;
+ oiddata = certbag->BagTypeTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&certbag->BagID);
+ certbag->BagTypeTag = oiddata;
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ break;
+ case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
+ theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate;
+ break;
+ case SEC_OID_PKCS12_SDSI_CERT_BAG:
+ theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
+ break;
+ }
+ return theTemplate;
+}
+
+/* returns appropriate shroud template based on object type tag */
+const SEC_ASN1Template *
+sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ SEC_PKCS12ESPVKItem *espvk;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ espvk = (SEC_PKCS12ESPVKItem *)src_or_dest;
+ oiddata = espvk->espvkTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&espvk->espvkOID);
+ espvk->espvkTag = oiddata;
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ break;
+ case SEC_OID_PKCS12_PKCS8_KEY_SHROUDING:
+ theTemplate =
+ SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
+ break;
+ }
+ return theTemplate;
+}
+
+/* generate SALT placing it into the character array passed in.
+ * it is assumed that salt_dest is an array of appropriate size
+ * XXX We might want to generate our own random context
+ */
+SECItem *
+sec_pkcs12_generate_salt(void)
+{
+ SECItem *salt;
+
+ salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (salt == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
+ SALT_LENGTH);
+ salt->len = SALT_LENGTH;
+ if (salt->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ SECITEM_ZfreeItem(salt, PR_TRUE);
+ return NULL;
+ }
+
+ PK11_GenerateRandom(salt->data, salt->len);
+
+ return salt;
+}
+
+/* generate KEYS -- as per PKCS12 section 7.
+ * only used for MAC
+ */
+SECItem *
+sec_pkcs12_generate_key_from_password(SECOidTag algorithm,
+ SECItem *salt,
+ SECItem *password)
+{
+ unsigned char *pre_hash = NULL;
+ unsigned char *hash_dest = NULL;
+ SECStatus res;
+ PLArenaPool *poolp;
+ SECItem *key = NULL;
+ int key_len = 0;
+
+ if ((salt == NULL) || (password == NULL)) {
+ return NULL;
+ }
+
+ poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (poolp == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ pre_hash = (unsigned char *)PORT_ArenaZAlloc(poolp, sizeof(char) *
+ (salt->len + password->len));
+ if (pre_hash == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ hash_dest = (unsigned char *)PORT_ArenaZAlloc(poolp,
+ sizeof(unsigned char) * SHA1_LENGTH);
+ if (hash_dest == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_Memcpy(pre_hash, salt->data, salt->len);
+ /* handle password of 0 length case */
+ if (password->len > 0) {
+ PORT_Memcpy(&(pre_hash[salt->len]), password->data, password->len);
+ }
+
+ res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, pre_hash,
+ (salt->len + password->len));
+ if (res == SECFailure) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ switch (algorithm) {
+ case SEC_OID_SHA1:
+ if (key_len == 0)
+ key_len = 16;
+ key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (key == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) * key_len);
+ if (key->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ key->len = key_len;
+ PORT_Memcpy(key->data, &hash_dest[SHA1_LENGTH - key->len], key->len);
+ break;
+ default:
+ goto loser;
+ break;
+ }
+
+ PORT_FreeArena(poolp, PR_TRUE);
+ return key;
+
+loser:
+ PORT_FreeArena(poolp, PR_TRUE);
+ if (key != NULL) {
+ SECITEM_ZfreeItem(key, PR_TRUE);
+ }
+ return NULL;
+}
+
+/* MAC is generated per PKCS 12 section 6. It is expected that key, msg
+ * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in
+ * because it is not known how long the message actually is. String
+ * manipulation routines will not necessarily work because msg may have
+ * imbedded NULLs
+ */
+static SECItem *
+sec_pkcs12_generate_old_mac(SECItem *key,
+ SECItem *msg)
+{
+ SECStatus res;
+ PLArenaPool *temparena = NULL;
+ unsigned char *hash_dest = NULL, *hash_src1 = NULL, *hash_src2 = NULL;
+ int i;
+ SECItem *mac = NULL;
+
+ if ((key == NULL) || (msg == NULL))
+ goto loser;
+
+ /* allocate return item */
+ mac = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (mac == NULL)
+ return NULL;
+ mac->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) * SHA1_LENGTH);
+ mac->len = SHA1_LENGTH;
+ if (mac->data == NULL)
+ goto loser;
+
+ /* allocate temporary items */
+ temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (temparena == NULL)
+ goto loser;
+
+ hash_src1 = (unsigned char *)PORT_ArenaZAlloc(temparena,
+ sizeof(unsigned char) * (16 + msg->len));
+ if (hash_src1 == NULL)
+ goto loser;
+
+ hash_src2 = (unsigned char *)PORT_ArenaZAlloc(temparena,
+ sizeof(unsigned char) * (SHA1_LENGTH + 16));
+ if (hash_src2 == NULL)
+ goto loser;
+
+ hash_dest = (unsigned char *)PORT_ArenaZAlloc(temparena,
+ sizeof(unsigned char) * SHA1_LENGTH);
+ if (hash_dest == NULL)
+ goto loser;
+
+ /* perform mac'ing as per PKCS 12 */
+
+ /* first round of hashing */
+ for (i = 0; i < 16; i++)
+ hash_src1[i] = key->data[i] ^ 0x36;
+ PORT_Memcpy(&(hash_src1[16]), msg->data, msg->len);
+ res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, hash_src1, (16 + msg->len));
+ if (res == SECFailure)
+ goto loser;
+
+ /* second round of hashing */
+ for (i = 0; i < 16; i++)
+ hash_src2[i] = key->data[i] ^ 0x5c;
+ PORT_Memcpy(&(hash_src2[16]), hash_dest, SHA1_LENGTH);
+ res = PK11_HashBuf(SEC_OID_SHA1, mac->data, hash_src2, SHA1_LENGTH + 16);
+ if (res == SECFailure)
+ goto loser;
+
+ PORT_FreeArena(temparena, PR_TRUE);
+ return mac;
+
+loser:
+ if (temparena != NULL)
+ PORT_FreeArena(temparena, PR_TRUE);
+ if (mac != NULL)
+ SECITEM_ZfreeItem(mac, PR_TRUE);
+ return NULL;
+}
+
+/* MAC is generated per PKCS 12 section 6. It is expected that key, msg
+ * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in
+ * because it is not known how long the message actually is. String
+ * manipulation routines will not necessarily work because msg may have
+ * imbedded NULLs
+ */
+SECItem *
+sec_pkcs12_generate_mac(SECItem *key,
+ SECItem *msg,
+ PRBool old_method)
+{
+ SECStatus res = SECFailure;
+ SECItem *mac = NULL;
+ PK11Context *pk11cx = NULL;
+ SECItem ignore = { 0 };
+
+ if ((key == NULL) || (msg == NULL)) {
+ return NULL;
+ }
+
+ if (old_method == PR_TRUE) {
+ return sec_pkcs12_generate_old_mac(key, msg);
+ }
+
+ /* allocate return item */
+ mac = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
+ if (mac == NULL) {
+ return NULL;
+ }
+
+ pk11cx = PK11_CreateContextByRawKey(NULL, CKM_SHA_1_HMAC, PK11_OriginDerive,
+ CKA_SIGN, key, &ignore, NULL);
+ if (pk11cx == NULL) {
+ goto loser;
+ }
+
+ res = PK11_DigestBegin(pk11cx);
+ if (res == SECFailure) {
+ goto loser;
+ }
+
+ res = PK11_DigestOp(pk11cx, msg->data, msg->len);
+ if (res == SECFailure) {
+ goto loser;
+ }
+
+ res = PK11_DigestFinal(pk11cx, mac->data, &mac->len, SHA1_LENGTH);
+ if (res == SECFailure) {
+ goto loser;
+ }
+
+ PK11_DestroyContext(pk11cx, PR_TRUE);
+ pk11cx = NULL;
+
+loser:
+
+ if (res != SECSuccess) {
+ SECITEM_ZfreeItem(mac, PR_TRUE);
+ mac = NULL;
+ if (pk11cx) {
+ PK11_DestroyContext(pk11cx, PR_TRUE);
+ }
+ }
+
+ return mac;
+}
+
+/* compute the thumbprint of the DER cert and create a digest info
+ * to store it in and return the digest info.
+ * a return of NULL indicates an error.
+ */
+SGNDigestInfo *
+sec_pkcs12_compute_thumbprint(SECItem *der_cert)
+{
+ SGNDigestInfo *thumb = NULL;
+ SECItem digest;
+ PLArenaPool *temparena = NULL;
+ SECStatus rv = SECFailure;
+
+ if (der_cert == NULL)
+ return NULL;
+
+ temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (temparena == NULL) {
+ return NULL;
+ }
+
+ digest.data = (unsigned char *)PORT_ArenaZAlloc(temparena,
+ sizeof(unsigned char) *
+ SHA1_LENGTH);
+ /* digest data and create digest info */
+ if (digest.data != NULL) {
+ digest.len = SHA1_LENGTH;
+ rv = PK11_HashBuf(SEC_OID_SHA1, digest.data, der_cert->data,
+ der_cert->len);
+ if (rv == SECSuccess) {
+ thumb = SGN_CreateDigestInfo(SEC_OID_SHA1,
+ digest.data,
+ digest.len);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ PORT_FreeArena(temparena, PR_TRUE);
+
+ return thumb;
+}
+
+/* create a virtual password per PKCS 12, the password is converted
+ * to unicode, the salt is prepended to it, and then the whole thing
+ * is returned */
+SECItem *
+sec_pkcs12_create_virtual_password(SECItem *password, SECItem *salt,
+ PRBool swap)
+{
+ SECItem uniPwd = { siBuffer, NULL, 0 }, *retPwd = NULL;
+
+ if ((password == NULL) || (salt == NULL)) {
+ return NULL;
+ }
+
+ if (password->len == 0) {
+ uniPwd.data = (unsigned char *)PORT_ZAlloc(2);
+ uniPwd.len = 2;
+ if (!uniPwd.data) {
+ return NULL;
+ }
+ } else {
+ uniPwd.data = (unsigned char *)PORT_ZAlloc(password->len * 3);
+ uniPwd.len = password->len * 3;
+ if (!PORT_UCS2_ASCIIConversion(PR_TRUE, password->data, password->len,
+ uniPwd.data, uniPwd.len, &uniPwd.len, swap)) {
+ SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
+ return NULL;
+ }
+ }
+
+ retPwd = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (retPwd == NULL) {
+ goto loser;
+ }
+
+ /* allocate space and copy proper data */
+ retPwd->len = uniPwd.len + salt->len;
+ retPwd->data = (unsigned char *)PORT_Alloc(retPwd->len);
+ if (retPwd->data == NULL) {
+ PORT_Free(retPwd);
+ goto loser;
+ }
+
+ PORT_Memcpy(retPwd->data, salt->data, salt->len);
+ PORT_Memcpy((retPwd->data + salt->len), uniPwd.data, uniPwd.len);
+
+ SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
+
+ return retPwd;
+
+loser:
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
+ return NULL;
+}
+
+/* appends a shrouded key to a key bag. this is used for exporting
+ * to store externally wrapped keys. it is used when importing to convert
+ * old items to new
+ */
+SECStatus
+sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
+ SEC_PKCS12ESPVKItem *espvk)
+{
+ int size;
+ void *mark = NULL, *dummy = NULL;
+
+ if ((bag == NULL) || (espvk == NULL))
+ return SECFailure;
+
+ mark = PORT_ArenaMark(bag->poolp);
+
+ /* grow the list */
+ size = (bag->nEspvks + 1) * sizeof(SEC_PKCS12ESPVKItem *);
+ dummy = (SEC_PKCS12ESPVKItem **)PORT_ArenaGrow(bag->poolp,
+ bag->espvks, size,
+ size + sizeof(SEC_PKCS12ESPVKItem *));
+ bag->espvks = (SEC_PKCS12ESPVKItem **)dummy;
+ if (dummy == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ bag->espvks[bag->nEspvks] = espvk;
+ bag->nEspvks++;
+ bag->espvks[bag->nEspvks] = NULL;
+
+ PORT_ArenaUnmark(bag->poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(bag->poolp, mark);
+ return SECFailure;
+}
+
+/* search a certificate list for a nickname, a thumbprint, or both
+ * within a certificate bag. if the certificate could not be
+ * found or an error occurs, NULL is returned;
+ */
+static SEC_PKCS12CertAndCRL *
+sec_pkcs12_find_cert_in_certbag(SEC_PKCS12CertAndCRLBag *certbag,
+ SECItem *nickname, SGNDigestInfo *thumbprint)
+{
+ PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
+ int i, j;
+
+ if ((certbag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
+ return NULL;
+ }
+
+ if (thumbprint && nickname) {
+ search_both = PR_TRUE;
+ }
+
+ if (nickname) {
+ search_nickname = PR_TRUE;
+ }
+
+search_again:
+ i = 0;
+ while (certbag->certAndCRLs[i] != NULL) {
+ SEC_PKCS12CertAndCRL *cert = certbag->certAndCRLs[i];
+
+ if (SECOID_FindOIDTag(&cert->BagID) == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
+
+ /* check nicknames */
+ if (search_nickname) {
+ if (SECITEM_CompareItem(nickname, &cert->nickname) == SECEqual) {
+ return cert;
+ }
+ } else {
+ /* check thumbprints */
+ SECItem **derCertList;
+
+ /* get pointer to certificate list, does not need to
+ * be freed since it is within the arena which will
+ * be freed later.
+ */
+ derCertList = SEC_PKCS7GetCertificateList(&cert->value.x509->certOrCRL);
+ j = 0;
+ if (derCertList != NULL) {
+ while (derCertList[j] != NULL) {
+ SECComparison eq;
+ SGNDigestInfo *di;
+ di = sec_pkcs12_compute_thumbprint(derCertList[j]);
+ if (di) {
+ eq = SGN_CompareDigestInfo(thumbprint, di);
+ SGN_DestroyDigestInfo(di);
+ if (eq == SECEqual) {
+ /* copy the derCert for later reference */
+ cert->value.x509->derLeafCert = derCertList[j];
+ return cert;
+ }
+ } else {
+ /* an error occurred */
+ return NULL;
+ }
+ j++;
+ }
+ }
+ }
+ }
+
+ i++;
+ }
+
+ if (search_both) {
+ search_both = PR_FALSE;
+ search_nickname = PR_FALSE;
+ goto search_again;
+ }
+
+ return NULL;
+}
+
+/* search a key list for a nickname, a thumbprint, or both
+ * within a key bag. if the key could not be
+ * found or an error occurs, NULL is returned;
+ */
+static SEC_PKCS12PrivateKey *
+sec_pkcs12_find_key_in_keybag(SEC_PKCS12PrivateKeyBag *keybag,
+ SECItem *nickname, SGNDigestInfo *thumbprint)
+{
+ PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
+ int i, j;
+
+ if ((keybag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
+ return NULL;
+ }
+
+ if (keybag->privateKeys == NULL) {
+ return NULL;
+ }
+
+ if (thumbprint && nickname) {
+ search_both = PR_TRUE;
+ }
+
+ if (nickname) {
+ search_nickname = PR_TRUE;
+ }
+
+search_again:
+ i = 0;
+ while (keybag->privateKeys[i] != NULL) {
+ SEC_PKCS12PrivateKey *key = keybag->privateKeys[i];
+
+ /* check nicknames */
+ if (search_nickname) {
+ if (SECITEM_CompareItem(nickname, &key->pvkData.nickname) == SECEqual) {
+ return key;
+ }
+ } else {
+ /* check digests */
+ SGNDigestInfo **assocCerts = key->pvkData.assocCerts;
+ if ((assocCerts == NULL) || (assocCerts[0] == NULL)) {
+ return NULL;
+ }
+
+ j = 0;
+ while (assocCerts[j] != NULL) {
+ SECComparison eq;
+ eq = SGN_CompareDigestInfo(thumbprint, assocCerts[j]);
+ if (eq == SECEqual) {
+ return key;
+ }
+ j++;
+ }
+ }
+ i++;
+ }
+
+ if (search_both) {
+ search_both = PR_FALSE;
+ search_nickname = PR_FALSE;
+ goto search_again;
+ }
+
+ return NULL;
+}
+
+/* seach the safe first then try the baggage bag
+ * safe and bag contain certs and keys to search
+ * objType is the object type to look for
+ * bagType is the type of bag that was found by sec_pkcs12_find_object
+ * index is the entity in safe->safeContents or bag->unencSecrets which
+ * is being searched
+ * nickname and thumbprint are the search criteria
+ *
+ * a return of null indicates no match
+ */
+static void *
+sec_pkcs12_try_find(SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12BaggageItem *bag,
+ SECOidTag objType, SECOidTag bagType, int index,
+ SECItem *nickname, SGNDigestInfo *thumbprint)
+{
+ PRBool searchSafe;
+ int i = index;
+
+ if ((safe == NULL) && (bag == NULL)) {
+ return NULL;
+ }
+
+ searchSafe = (safe == NULL ? PR_FALSE : PR_TRUE);
+ switch (objType) {
+ case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
+ if (objType == bagType) {
+ SEC_PKCS12CertAndCRLBag *certBag;
+
+ if (searchSafe) {
+ certBag = safe->contents[i]->safeContent.certAndCRLBag;
+ } else {
+ certBag = bag->unencSecrets[i]->safeContent.certAndCRLBag;
+ }
+ return sec_pkcs12_find_cert_in_certbag(certBag, nickname,
+ thumbprint);
+ }
+ break;
+ case SEC_OID_PKCS12_KEY_BAG_ID:
+ if (objType == bagType) {
+ SEC_PKCS12PrivateKeyBag *keyBag;
+
+ if (searchSafe) {
+ keyBag = safe->contents[i]->safeContent.keyBag;
+ } else {
+ keyBag = bag->unencSecrets[i]->safeContent.keyBag;
+ }
+ return sec_pkcs12_find_key_in_keybag(keyBag, nickname,
+ thumbprint);
+ }
+ break;
+ default:
+ break;
+ }
+
+ return NULL;
+}
+
+/* searches both the baggage and the safe areas looking for
+ * object of specified type matching either the nickname or the
+ * thumbprint specified.
+ *
+ * safe and baggage store certs and keys
+ * objType is the OID for the bag type to be searched:
+ * SEC_OID_PKCS12_KEY_BAG_ID, or
+ * SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
+ * nickname and thumbprint are the search criteria
+ *
+ * if no match found, NULL returned and error set
+ */
+void *
+sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage,
+ SECOidTag objType,
+ SECItem *nickname,
+ SGNDigestInfo *thumbprint)
+{
+ int i, j;
+ void *retItem;
+
+ if (((safe == NULL) && (thumbprint == NULL)) ||
+ ((nickname == NULL) && (thumbprint == NULL))) {
+ return NULL;
+ }
+
+ i = 0;
+ if ((safe != NULL) && (safe->contents != NULL)) {
+ while (safe->contents[i] != NULL) {
+ SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
+ retItem = sec_pkcs12_try_find(safe, NULL, objType, bagType, i,
+ nickname, thumbprint);
+ if (retItem != NULL) {
+ return retItem;
+ }
+ i++;
+ }
+ }
+
+ if ((baggage != NULL) && (baggage->bags != NULL)) {
+ i = 0;
+ while (baggage->bags[i] != NULL) {
+ SEC_PKCS12BaggageItem *xbag = baggage->bags[i];
+ j = 0;
+ if (xbag->unencSecrets != NULL) {
+ while (xbag->unencSecrets[j] != NULL) {
+ SECOidTag bagType;
+ bagType = SECOID_FindOIDTag(&xbag->unencSecrets[j]->safeBagType);
+ retItem = sec_pkcs12_try_find(NULL, xbag, objType, bagType,
+ j, nickname, thumbprint);
+ if (retItem != NULL) {
+ return retItem;
+ }
+ j++;
+ }
+ }
+ i++;
+ }
+ }
+
+ PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
+ return NULL;
+}
+
+/* this function converts a password to unicode and encures that the
+ * required double 0 byte be placed at the end of the string
+ */
+PRBool
+sec_pkcs12_convert_item_to_unicode(PLArenaPool *arena, SECItem *dest,
+ SECItem *src, PRBool zeroTerm,
+ PRBool asciiConvert, PRBool toUnicode)
+{
+ PRBool success = PR_FALSE;
+ if (!src || !dest) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return PR_FALSE;
+ }
+
+ dest->len = src->len * 3 + 2;
+ if (arena) {
+ dest->data = (unsigned char *)PORT_ArenaZAlloc(arena, dest->len);
+ } else {
+ dest->data = (unsigned char *)PORT_ZAlloc(dest->len);
+ }
+
+ if (!dest->data) {
+ dest->len = 0;
+ return PR_FALSE;
+ }
+
+ if (!asciiConvert) {
+ success = PORT_UCS2_UTF8Conversion(toUnicode, src->data, src->len, dest->data,
+ dest->len, &dest->len);
+ } else {
+#ifndef IS_LITTLE_ENDIAN
+ PRBool swapUnicode = PR_FALSE;
+#else
+ PRBool swapUnicode = PR_TRUE;
+#endif
+ success = PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len, dest->data,
+ dest->len, &dest->len, swapUnicode);
+ }
+
+ if (!success) {
+ if (!arena) {
+ PORT_Free(dest->data);
+ dest->data = NULL;
+ dest->len = 0;
+ }
+ return PR_FALSE;
+ }
+
+ if ((dest->len >= 2) &&
+ (dest->data[dest->len - 1] || dest->data[dest->len - 2]) && zeroTerm) {
+ if (dest->len + 2 > 3 * src->len) {
+ if (arena) {
+ dest->data = (unsigned char *)PORT_ArenaGrow(arena,
+ dest->data, dest->len,
+ dest->len + 2);
+ } else {
+ dest->data = (unsigned char *)PORT_Realloc(dest->data,
+ dest->len + 2);
+ }
+
+ if (!dest->data) {
+ return PR_FALSE;
+ }
+ }
+ dest->len += 2;
+ dest->data[dest->len - 1] = dest->data[dest->len - 2] = 0;
+ }
+
+ return PR_TRUE;
+}
+
+/* pkcs 12 templates */
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_shroud_chooser =
+ sec_pkcs12_choose_shroud_type;
+
+const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
+ { SEC_ASN1_ANY, offsetof(SEC_PKCS12SafeBag, derSafeContent) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
+ { SEC_ASN1_ANY, offsetof(SEC_PKCS12CertAndCRL, derValue) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[] =
+ {
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
+ SEC_PKCS12CodedCertBagTemplate },
+ };
+
+const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
+ { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
+ SEC_PKCS12PVKSupportingDataTemplate_OLD },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_DYNAMIC | 0,
+ offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
+ &sec_pkcs12_shroud_chooser },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
+ { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
+ SEC_PKCS12PVKSupportingDataTemplate },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_DYNAMIC | 0,
+ offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
+ &sec_pkcs12_shroud_chooser },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12PVKAdditionalDataTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKAdditionalData) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalType) },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalContent) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
+ SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
+ offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
+ { SEC_ASN1_PRINTABLE_STRING,
+ offsetof(SEC_PKCS12PVKSupportingData, nickname) },
+ { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
+ offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
+ SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
+ offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
+ { SEC_ASN1_BMP_STRING,
+ offsetof(SEC_PKCS12PVKSupportingData, uniNickName) },
+ { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
+ offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12BaggageItemTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12BaggageItem) },
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, espvks),
+ SEC_PKCS12ESPVKItemTemplate },
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
+ SEC_PKCS12SafeBagTemplate },
+ /*{ SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
+ SEC_PKCS12CodedSafeBagTemplate }, */
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12BaggageTemplate[] =
+ {
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage, bags),
+ SEC_PKCS12BaggageItemTemplate },
+ };
+
+const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[] =
+ {
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage_OLD, espvks),
+ SEC_PKCS12ESPVKItemTemplate_OLD },
+ };
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser =
+ sec_pkcs12_choose_bag_type;
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser_old =
+ sec_pkcs12_choose_bag_type_old;
+
+const SEC_ASN1Template SEC_PKCS12SafeBagTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS12SafeBag, safeContent),
+ &sec_pkcs12_bag_chooser_old },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
+ offsetof(SEC_PKCS12SafeBag, safeContent),
+ &sec_pkcs12_bag_chooser },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BMP_STRING,
+ offsetof(SEC_PKCS12SafeBag, uniSafeBagName) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[] =
+ {
+ { SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS12SafeContents, contents),
+ SEC_PKCS12SafeBagTemplate_OLD }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[] =
+ {
+ { SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS12SafeContents, contents),
+ SEC_PKCS12SafeBagTemplate } /* here */
+ };
+
+const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKey) },
+ { SEC_ASN1_INLINE, offsetof(SEC_PKCS12PrivateKey, pvkData),
+ SEC_PKCS12PVKSupportingDataTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS12PrivateKey, pkcs8data),
+ SEC_ASN1_SUB(SECKEY_PrivateKeyInfoTemplate) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKeyBag) },
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12PrivateKeyBag, privateKeys),
+ SEC_PKCS12PrivateKeyTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
+ { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
+ sec_PKCS7ContentInfoTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS12X509CertCRL, thumbprint),
+ SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
+ { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
+ sec_PKCS7ContentInfoTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
+ { SEC_ASN1_IA5_STRING, offsetof(SEC_PKCS12SDSICert, value) },
+ { 0 }
+ };
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser_old =
+ sec_pkcs12_choose_cert_crl_type_old;
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser =
+ sec_pkcs12_choose_cert_crl_type;
+
+const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | 0,
+ offsetof(SEC_PKCS12CertAndCRL, value),
+ &sec_pkcs12_cert_crl_chooser_old },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
+ { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS12CertAndCRL, value),
+ &sec_pkcs12_cert_crl_chooser },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[] =
+ {
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
+ SEC_PKCS12CertAndCRLTemplate },
+ };
+
+const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRLBag) },
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
+ SEC_PKCS12CertAndCRLTemplate_OLD },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SecretAdditional) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SEC_PKCS12SecretAdditional, secretAdditionalType) },
+ { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT,
+ offsetof(SEC_PKCS12SecretAdditional, secretAdditionalContent) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SecretTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
+ { SEC_ASN1_BMP_STRING, offsetof(SEC_PKCS12Secret, uniSecretName) },
+ { SEC_ASN1_ANY, offsetof(SEC_PKCS12Secret, value) },
+ { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL,
+ offsetof(SEC_PKCS12Secret, secretAdditional),
+ SEC_PKCS12SecretAdditionalTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
+ { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS12SecretItem, secret), SEC_PKCS12SecretTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(SEC_PKCS12SecretItem, subFolder), SEC_PKCS12SafeBagTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[] =
+ {
+ { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12SecretBag, secrets),
+ SEC_PKCS12SecretItemTemplate },
+ };
+
+const SEC_ASN1Template SEC_PKCS12MacDataTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SEC_PKCS12MacData, safeMac),
+ SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
+ { SEC_ASN1_BIT_STRING, offsetof(SEC_PKCS12MacData, macSalt) },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
+ { SEC_ASN1_OPTIONAL |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS12PFXItem, macData), SEC_PKCS12MacDataTemplate },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(SEC_PKCS12PFXItem, authSafe),
+ sec_PKCS7ContentInfoTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
+ { SEC_ASN1_OPTIONAL |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(SEC_PKCS12PFXItem, old_safeMac),
+ SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
+ offsetof(SEC_PKCS12PFXItem, old_macSalt) },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(SEC_PKCS12PFXItem, authSafe),
+ sec_PKCS7ContentInfoTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS12AuthenticatedSafe, version) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_OBJECT_ID,
+ offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
+ { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL,
+ offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS12AuthenticatedSafe, baggage.bags),
+ SEC_PKCS12BaggageItemTemplate },
+ { SEC_ASN1_POINTER,
+ offsetof(SEC_PKCS12AuthenticatedSafe, safe),
+ sec_PKCS7ContentInfoTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS12AuthenticatedSafe, version) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS12AuthenticatedSafe, old_baggage),
+ SEC_PKCS12BaggageTemplate_OLD },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(SEC_PKCS12AuthenticatedSafe, old_safe),
+ sec_PKCS7ContentInfoTemplate },
+ { 0 }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12PrivateKeyBagTemplate }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate_OLD }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12SecretBagTemplate }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate_OLD }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate }
+ };
+
+const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[] =
+ {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS12SDSICertTemplate }
+ };
diff --git a/security/nss/lib/pkcs12/p12local.h b/security/nss/lib/pkcs12/p12local.h
new file mode 100644
index 000000000..f07122a28
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12local.h
@@ -0,0 +1,58 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _P12LOCAL_H_
+#define _P12LOCAL_H_
+
+#include "plarena.h"
+#include "secoidt.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "certt.h"
+#include "secpkcs7.h"
+#include "pkcs12.h"
+#include "p12.h"
+
+/* helper functions */
+extern const SEC_ASN1Template *
+sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding);
+extern const SEC_ASN1Template *
+sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding);
+extern const SEC_ASN1Template *
+sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding);
+extern SECItem *sec_pkcs12_generate_salt(void);
+extern SECItem *sec_pkcs12_generate_key_from_password(SECOidTag algorithm,
+ SECItem *salt, SECItem *password);
+extern SECItem *sec_pkcs12_generate_mac(SECItem *key, SECItem *msg,
+ PRBool old_method);
+extern SGNDigestInfo *sec_pkcs12_compute_thumbprint(SECItem *der_cert);
+extern SECItem *sec_pkcs12_create_virtual_password(SECItem *password,
+ SECItem *salt, PRBool swapUnicodeBytes);
+extern SECStatus sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
+ SEC_PKCS12ESPVKItem *espvk);
+extern void *sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage, SECOidTag objType,
+ SECItem *nickname, SGNDigestInfo *thumbprint);
+extern PRBool sec_pkcs12_convert_item_to_unicode(PLArenaPool *arena, SECItem *dest,
+ SECItem *src, PRBool zeroTerm,
+ PRBool asciiConvert, PRBool toUnicode);
+extern CK_MECHANISM_TYPE sec_pkcs12_algtag_to_mech(SECOidTag algtag);
+
+/* create functions */
+extern SEC_PKCS12PFXItem *sec_pkcs12_new_pfx(void);
+extern SEC_PKCS12SafeContents *sec_pkcs12_create_safe_contents(
+ PLArenaPool *poolp);
+extern SEC_PKCS12Baggage *sec_pkcs12_create_baggage(PLArenaPool *poolp);
+extern SEC_PKCS12BaggageItem *sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage);
+extern void SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx);
+extern SEC_PKCS12AuthenticatedSafe *sec_pkcs12_new_asafe(PLArenaPool *poolp);
+
+/* conversion from old to new */
+extern SEC_PKCS12DecoderContext *
+sec_PKCS12ConvertOldSafeToNew(PLArenaPool *arena, PK11SlotInfo *slot,
+ PRBool swapUnicode, SECItem *pwitem,
+ void *wincx, SEC_PKCS12SafeContents *safe,
+ SEC_PKCS12Baggage *baggage);
+
+#endif
diff --git a/security/nss/lib/pkcs12/p12plcy.c b/security/nss/lib/pkcs12/p12plcy.c
new file mode 100644
index 000000000..fef288c3e
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12plcy.c
@@ -0,0 +1,122 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "p12plcy.h"
+#include "secoid.h"
+#include "secport.h"
+#include "secpkcs5.h"
+
+#define PKCS12_NULL 0x0000
+
+typedef struct pkcs12SuiteMapStr {
+ SECOidTag algTag;
+ unsigned int keyLengthBits; /* in bits */
+ unsigned long suite;
+ PRBool allowed;
+ PRBool preferred;
+} pkcs12SuiteMap;
+
+static pkcs12SuiteMap pkcs12SuiteMaps[] = {
+ { SEC_OID_RC4, 40, PKCS12_RC4_40, PR_FALSE, PR_FALSE },
+ { SEC_OID_RC4, 128, PKCS12_RC4_128, PR_FALSE, PR_FALSE },
+ { SEC_OID_RC2_CBC, 40, PKCS12_RC2_CBC_40, PR_FALSE, PR_TRUE },
+ { SEC_OID_RC2_CBC, 128, PKCS12_RC2_CBC_128, PR_FALSE, PR_FALSE },
+ { SEC_OID_DES_CBC, 64, PKCS12_DES_56, PR_FALSE, PR_FALSE },
+ { SEC_OID_DES_EDE3_CBC, 192, PKCS12_DES_EDE3_168, PR_FALSE, PR_FALSE },
+ { SEC_OID_UNKNOWN, 0, PKCS12_NULL, PR_FALSE, PR_FALSE },
+ { SEC_OID_UNKNOWN, 0, 0L, PR_FALSE, PR_FALSE }
+};
+
+/* determine if algid is an algorithm which is allowed */
+PRBool
+SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid)
+{
+ unsigned int keyLengthBits;
+ SECOidTag algId;
+ int i;
+
+ algId = SEC_PKCS5GetCryptoAlgorithm(algid);
+ if (algId == SEC_OID_UNKNOWN) {
+ return PR_FALSE;
+ }
+
+ keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8);
+
+ i = 0;
+ while (pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
+ if ((pkcs12SuiteMaps[i].algTag == algId) &&
+ (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) {
+
+ return pkcs12SuiteMaps[i].allowed;
+ }
+ i++;
+ }
+
+ return PR_FALSE;
+}
+
+/* is any encryption allowed? */
+PRBool
+SEC_PKCS12IsEncryptionAllowed(void)
+{
+ int i;
+
+ i = 0;
+ while (pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
+ if (pkcs12SuiteMaps[i].allowed == PR_TRUE) {
+ return PR_TRUE;
+ }
+ i++;
+ }
+
+ return PR_FALSE;
+}
+
+SECStatus
+SEC_PKCS12EnableCipher(long which, int on)
+{
+ int i;
+
+ i = 0;
+ while (pkcs12SuiteMaps[i].suite != 0L) {
+ if (pkcs12SuiteMaps[i].suite == (unsigned long)which) {
+ if (on) {
+ pkcs12SuiteMaps[i].allowed = PR_TRUE;
+ } else {
+ pkcs12SuiteMaps[i].allowed = PR_FALSE;
+ }
+ return SECSuccess;
+ }
+ i++;
+ }
+
+ return SECFailure;
+}
+
+SECStatus
+SEC_PKCS12SetPreferredCipher(long which, int on)
+{
+ int i;
+ PRBool turnedOff = PR_FALSE;
+ PRBool turnedOn = PR_FALSE;
+
+ i = 0;
+ while (pkcs12SuiteMaps[i].suite != 0L) {
+ if (pkcs12SuiteMaps[i].preferred == PR_TRUE) {
+ pkcs12SuiteMaps[i].preferred = PR_FALSE;
+ turnedOff = PR_TRUE;
+ }
+ if (pkcs12SuiteMaps[i].suite == (unsigned long)which) {
+ pkcs12SuiteMaps[i].preferred = PR_TRUE;
+ turnedOn = PR_TRUE;
+ }
+ i++;
+ }
+
+ if ((turnedOn) && (turnedOff)) {
+ return SECSuccess;
+ }
+
+ return SECFailure;
+}
diff --git a/security/nss/lib/pkcs12/p12plcy.h b/security/nss/lib/pkcs12/p12plcy.h
new file mode 100644
index 000000000..d3f818d49
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12plcy.h
@@ -0,0 +1,25 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _P12PLCY_H_
+#define _P12PLCY_H_
+
+#include "secoid.h"
+#include "ciferfam.h"
+
+SEC_BEGIN_PROTOS
+
+/* for the algid specified, can we decrypt it ? */
+extern PRBool SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid);
+
+/* is encryption allowed? */
+extern PRBool SEC_PKCS12IsEncryptionAllowed(void);
+
+/* enable a cipher for encryption/decryption */
+extern SECStatus SEC_PKCS12EnableCipher(long which, int on);
+
+/* return the preferred cipher for encryption */
+extern SECStatus SEC_PKCS12SetPreferredCipher(long which, int on);
+
+SEC_END_PROTOS
+#endif
diff --git a/security/nss/lib/pkcs12/p12t.h b/security/nss/lib/pkcs12/p12t.h
new file mode 100644
index 000000000..62c2b502e
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12t.h
@@ -0,0 +1,155 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _P12T_H_
+#define _P12T_H_
+
+#include "secoid.h"
+#include "key.h"
+#include "pkcs11.h"
+#include "secpkcs7.h"
+#include "secdig.h" /* for SGNDigestInfo */
+#include "pkcs12t.h"
+
+#define SEC_PKCS12_VERSION 3
+
+/* structure declarations */
+typedef struct sec_PKCS12PFXItemStr sec_PKCS12PFXItem;
+typedef struct sec_PKCS12MacDataStr sec_PKCS12MacData;
+typedef struct sec_PKCS12AuthenticatedSafeStr sec_PKCS12AuthenticatedSafe;
+typedef struct sec_PKCS12SafeContentsStr sec_PKCS12SafeContents;
+typedef struct sec_PKCS12SafeBagStr sec_PKCS12SafeBag;
+typedef struct sec_PKCS12PKCS8ShroudedKeyBagStr sec_PKCS12PKCS8ShroudedKeyBag;
+typedef struct sec_PKCS12CertBagStr sec_PKCS12CertBag;
+typedef struct sec_PKCS12CRLBagStr sec_PKCS12CRLBag;
+typedef struct sec_PKCS12SecretBag sec_PKCS12SecretBag;
+typedef struct sec_PKCS12AttributeStr sec_PKCS12Attribute;
+
+struct sec_PKCS12CertBagStr {
+ /* what type of cert is stored? */
+ SECItem bagID;
+
+ /* certificate information */
+ union {
+ SECItem x509Cert;
+ SECItem SDSICert;
+ } value;
+};
+
+struct sec_PKCS12CRLBagStr {
+ /* what type of cert is stored? */
+ SECItem bagID;
+
+ /* certificate information */
+ union {
+ SECItem x509CRL;
+ } value;
+};
+
+struct sec_PKCS12SecretBag {
+ /* what type of secret? */
+ SECItem secretType;
+
+ /* secret information. ssshhhh be vewy vewy quiet. */
+ SECItem secretContent;
+};
+
+struct sec_PKCS12AttributeStr {
+ SECItem attrType;
+ SECItem **attrValue;
+};
+
+struct sec_PKCS12SafeBagStr {
+
+ /* What type of bag are we using? */
+ SECItem safeBagType;
+
+ /* Dependent upon the type of bag being used. */
+ union {
+ SECKEYPrivateKeyInfo *pkcs8KeyBag;
+ SECKEYEncryptedPrivateKeyInfo *pkcs8ShroudedKeyBag;
+ sec_PKCS12CertBag *certBag;
+ sec_PKCS12CRLBag *crlBag;
+ sec_PKCS12SecretBag *secretBag;
+ sec_PKCS12SafeContents *safeContents;
+ } safeBagContent;
+
+ sec_PKCS12Attribute **attribs;
+
+ /* used locally */
+ SECOidData *bagTypeTag;
+ PLArenaPool *arena;
+ unsigned int nAttribs;
+
+ /* used for validation/importing */
+ PRBool problem, noInstall, validated, hasKey, unused, installed;
+ int error;
+
+ PRBool swapUnicodeBytes;
+ PK11SlotInfo *slot;
+ SECItem *pwitem;
+ PRBool oldBagType;
+ SECPKCS12TargetTokenCAs tokenCAs;
+};
+
+struct sec_PKCS12SafeContentsStr {
+ sec_PKCS12SafeBag **safeBags;
+ SECItem **encodedSafeBags;
+
+ /* used locally */
+ PLArenaPool *arena;
+ unsigned int bagCount;
+};
+
+struct sec_PKCS12MacDataStr {
+ SGNDigestInfo safeMac;
+ SECItem macSalt;
+ SECItem iter;
+};
+
+struct sec_PKCS12PFXItemStr {
+
+ SECItem version;
+
+ /* Content type will either be Data (password integrity mode)
+ * or signedData (public-key integrity mode)
+ */
+ SEC_PKCS7ContentInfo *authSafe;
+ SECItem encodedAuthSafe;
+
+ /* Only present in password integrity mode */
+ sec_PKCS12MacData macData;
+ SECItem encodedMacData;
+};
+
+struct sec_PKCS12AuthenticatedSafeStr {
+ /* Content type will either be encryptedData (password privacy mode)
+ * or envelopedData (public-key privacy mode)
+ */
+ SEC_PKCS7ContentInfo **safes;
+ SECItem **encodedSafes;
+
+ /* used locally */
+ unsigned int safeCount;
+ SECItem dummySafe;
+};
+
+extern const SEC_ASN1Template sec_PKCS12PFXItemTemplate[];
+extern const SEC_ASN1Template sec_PKCS12MacDataTemplate[];
+extern const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[];
+extern const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[];
+extern const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[];
+extern const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[];
+extern const SEC_ASN1Template sec_PKCS12CertBagTemplate[];
+extern const SEC_ASN1Template sec_PKCS12CRLBagTemplate[];
+extern const SEC_ASN1Template sec_PKCS12SecretBagTemplate[];
+extern const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[];
+extern const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[];
+extern const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[];
+extern const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[];
+extern const SEC_ASN1Template sec_PKCS12AttributeTemplate[];
+extern const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[];
+extern const SEC_ASN1Template sec_PKCS12SafeBagTemplate[];
+
+#endif
diff --git a/security/nss/lib/pkcs12/p12tmpl.c b/security/nss/lib/pkcs12/p12tmpl.c
new file mode 100644
index 000000000..7437cbcc6
--- /dev/null
+++ b/security/nss/lib/pkcs12/p12tmpl.c
@@ -0,0 +1,290 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "plarena.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "seccomon.h"
+#include "secport.h"
+#include "cert.h"
+#include "secpkcs7.h"
+#include "secasn1.h"
+#include "p12t.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
+
+static const SEC_ASN1Template *
+sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ sec_PKCS12SafeBag *safeBag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ safeBag = (sec_PKCS12SafeBag *)src_or_dest;
+
+ oiddata = SECOID_FindOID(&safeBag->safeBagType);
+ if (oiddata == NULL) {
+ return SEC_ASN1_GET(SEC_AnyTemplate);
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ case SEC_OID_PKCS12_V1_KEY_BAG_ID:
+ theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate);
+ break;
+ case SEC_OID_PKCS12_V1_CERT_BAG_ID:
+ theTemplate = sec_PKCS12PointerToCertBagTemplate;
+ break;
+ case SEC_OID_PKCS12_V1_CRL_BAG_ID:
+ theTemplate = sec_PKCS12PointerToCRLBagTemplate;
+ break;
+ case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
+ theTemplate = sec_PKCS12PointerToSecretBagTemplate;
+ break;
+ case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
+ theTemplate =
+ SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
+ break;
+ case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
+ if (encoding) {
+ theTemplate = sec_PKCS12PointerToSafeContentsTemplate;
+ } else {
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ }
+ break;
+ }
+ return theTemplate;
+}
+
+static const SEC_ASN1Template *
+sec_pkcs12_choose_crl_bag_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ sec_PKCS12CRLBag *crlbag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ crlbag = (sec_PKCS12CRLBag *)src_or_dest;
+
+ oiddata = SECOID_FindOID(&crlbag->bagID);
+ if (oiddata == NULL) {
+ return SEC_ASN1_GET(SEC_AnyTemplate);
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ case SEC_OID_PKCS9_X509_CRL:
+ theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
+ break;
+ }
+ return theTemplate;
+}
+
+static const SEC_ASN1Template *
+sec_pkcs12_choose_cert_bag_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ sec_PKCS12CertBag *certbag;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ certbag = (sec_PKCS12CertBag *)src_or_dest;
+
+ oiddata = SECOID_FindOID(&certbag->bagID);
+ if (oiddata == NULL) {
+ return SEC_ASN1_GET(SEC_AnyTemplate);
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ case SEC_OID_PKCS9_X509_CERT:
+ theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
+ break;
+ case SEC_OID_PKCS9_SDSI_CERT:
+ theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
+ break;
+ }
+ return theTemplate;
+}
+
+static const SEC_ASN1Template *
+sec_pkcs12_choose_attr_type(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ sec_PKCS12Attribute *attr;
+ SECOidData *oiddata;
+
+ if (src_or_dest == NULL) {
+ return NULL;
+ }
+
+ attr = (sec_PKCS12Attribute *)src_or_dest;
+
+ oiddata = SECOID_FindOID(&attr->attrType);
+ if (oiddata == NULL) {
+ return SEC_ASN1_GET(SEC_AnyTemplate);
+ }
+
+ switch (oiddata->offset) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ case SEC_OID_PKCS9_FRIENDLY_NAME:
+ theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
+ break;
+ case SEC_OID_PKCS9_LOCAL_KEY_ID:
+ theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
+ break;
+ case SEC_OID_PKCS12_KEY_USAGE:
+ theTemplate = SEC_ASN1_GET(SEC_BitStringTemplate);
+ break;
+ }
+
+ return theTemplate;
+}
+
+const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, sec_PKCS7ContentInfoTemplate }
+};
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_crl_bag_chooser =
+ sec_pkcs12_choose_crl_bag_type;
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_bag_chooser =
+ sec_pkcs12_choose_cert_bag_type;
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_safe_bag_chooser =
+ sec_pkcs12_choose_safe_bag_type;
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs12_attr_chooser =
+ sec_pkcs12_choose_attr_type;
+
+const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[] = {
+ { SEC_ASN1_POINTER, 0, sec_PKCS12CertBagTemplate }
+};
+
+const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[] = {
+ { SEC_ASN1_POINTER, 0, sec_PKCS12CRLBagTemplate }
+};
+
+const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[] = {
+ { SEC_ASN1_POINTER, 0, sec_PKCS12SecretBagTemplate }
+};
+
+const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[] = {
+ { SEC_ASN1_POINTER, 0, sec_PKCS12SafeContentsTemplate }
+};
+
+const SEC_ASN1Template sec_PKCS12PFXItemTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
+ sizeof(sec_PKCS12PFXItem) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
+ offsetof(sec_PKCS12PFXItem, version) },
+ { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
+ offsetof(sec_PKCS12PFXItem, encodedAuthSafe) },
+ { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
+ offsetof(sec_PKCS12PFXItem, encodedMacData) },
+ { 0 }
+};
+
+const SEC_ASN1Template sec_PKCS12MacDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12MacData) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(sec_PKCS12MacData, safeMac),
+ SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
+ { SEC_ASN1_OCTET_STRING, offsetof(sec_PKCS12MacData, macSalt) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, offsetof(sec_PKCS12MacData, iter) },
+ { 0 }
+};
+
+const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN,
+ offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes),
+ SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+const SEC_ASN1Template sec_PKCS12SafeBagTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
+ sizeof(sec_PKCS12SafeBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SafeBag, safeBagType) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(sec_PKCS12SafeBag, safeBagContent),
+ &sec_pkcs12_safe_bag_chooser },
+ { SEC_ASN1_SET_OF | SEC_ASN1_OPTIONAL, offsetof(sec_PKCS12SafeBag, attribs),
+ sec_PKCS12AttributeTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM,
+ offsetof(sec_PKCS12SafeContents, safeBags),
+ sec_PKCS12SafeBagTemplate }
+};
+
+const SEC_ASN1Template sec_PKCS12SequenceOfAnyTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN, 0,
+ SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = {
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
+ offsetof(sec_PKCS12SafeContents, encodedSafeBags),
+ sec_PKCS12SequenceOfAnyTemplate }
+};
+
+const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN,
+ offsetof(sec_PKCS12SafeContents, encodedSafeBags),
+ SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+const SEC_ASN1Template sec_PKCS12CRLBagTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CRLBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CRLBag, bagID) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
+ offsetof(sec_PKCS12CRLBag, value), &sec_pkcs12_crl_bag_chooser },
+ { 0 }
+};
+
+const SEC_ASN1Template sec_PKCS12CertBagTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CertBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CertBag, bagID) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(sec_PKCS12CertBag, value), &sec_pkcs12_cert_bag_chooser },
+ { 0 }
+};
+
+const SEC_ASN1Template sec_PKCS12SecretBagTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12SecretBag) },
+ { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SecretBag, secretType) },
+ { SEC_ASN1_ANY, offsetof(sec_PKCS12SecretBag, secretContent) },
+ { 0 }
+};
+
+const SEC_ASN1Template sec_PKCS12AttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12Attribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12Attribute, attrType) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_DYNAMIC,
+ offsetof(sec_PKCS12Attribute, attrValue),
+ &sec_pkcs12_attr_chooser },
+ { 0 }
+};
diff --git a/security/nss/lib/pkcs12/pkcs12.gyp b/security/nss/lib/pkcs12/pkcs12.gyp
new file mode 100644
index 000000000..5b296cc56
--- /dev/null
+++ b/security/nss/lib/pkcs12/pkcs12.gyp
@@ -0,0 +1,29 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkcs12',
+ 'type': 'static_library',
+ 'sources': [
+ 'p12creat.c',
+ 'p12d.c',
+ 'p12dec.c',
+ 'p12e.c',
+ 'p12local.c',
+ 'p12plcy.c',
+ 'p12tmpl.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/pkcs12/pkcs12.h b/security/nss/lib/pkcs12/pkcs12.h
new file mode 100644
index 000000000..57b3263fb
--- /dev/null
+++ b/security/nss/lib/pkcs12/pkcs12.h
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _PKCS12_H_
+#define _PKCS12_H_
+
+#include "pkcs12t.h"
+#include "p12.h"
+
+SEC_BEGIN_PROTOS
+
+typedef SECItem *(*SEC_PKCS12GetPassword)(void *arg);
+
+/* Decode functions */
+/* Import a PFX item.
+ * der_pfx is the der-encoded pfx item to import.
+ * pbef, and pbefarg are used to retrieve passwords for the HMAC,
+ * and any passwords needed for passing to PKCS5 encryption
+ * routines.
+ * algorithm is the algorithm by which private keys are stored in
+ * the key database. this could be a specific algorithm or could
+ * be based on a global setting.
+ * slot is the slot to where the certificates will be placed. if NULL,
+ * the internal key slot is used.
+ * If the process is successful, a SECSuccess is returned, otherwise
+ * a failure occurred.
+ */
+SECStatus
+SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
+ SEC_PKCS12NicknameCollisionCallback ncCall,
+ PK11SlotInfo *slot, void *wincx);
+
+/* check the first two bytes of a file to make sure that it matches
+ * the desired header for a PKCS 12 file
+ */
+PRBool SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/pkcs12/pkcs12t.h b/security/nss/lib/pkcs12/pkcs12t.h
new file mode 100644
index 000000000..ad00d7b5b
--- /dev/null
+++ b/security/nss/lib/pkcs12/pkcs12t.h
@@ -0,0 +1,341 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _PKCS12T_H_
+#define _PKCS12T_H_
+
+#include "seccomon.h"
+#include "secoid.h"
+#include "cert.h"
+#include "key.h"
+#include "plarena.h"
+#include "secpkcs7.h"
+#include "secdig.h" /* for SGNDigestInfo */
+
+typedef enum {
+ SECPKCS12TargetTokenNoCAs, /* CA get loaded intothe fixed token,
+ * User certs go to target token */
+ SECPKCS12TargetTokenIntermediateCAs, /* User certs and intermediates go to
+ * target token, root certs got to
+ * fixed token */
+ SECPKCS12TargetTokenAllCAs /* All certs go to target token */
+} SECPKCS12TargetTokenCAs;
+
+/* PKCS12 Structures */
+typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;
+typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;
+typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;
+typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;
+typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;
+typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;
+typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;
+typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;
+typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;
+typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;
+typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;
+typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;
+typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;
+typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;
+typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;
+typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;
+typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;
+typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;
+typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;
+typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;
+typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;
+
+typedef SECItem *(*SEC_PKCS12PasswordFunc)(SECItem *args);
+
+/* PKCS12 types */
+
+/* stores shrouded keys */
+struct SEC_PKCS12BaggageStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12BaggageItem **bags;
+
+ int luggage_size; /* used locally */
+};
+
+/* additional data to be associated with keys. currently there
+ * is nothing defined to be stored here. allows future expansion.
+ */
+struct SEC_PKCS12PVKAdditionalDataStr {
+ PLArenaPool *poolp;
+ SECOidData *pvkAdditionalTypeTag; /* used locally */
+ SECItem pvkAdditionalType;
+ SECItem pvkAdditionalContent;
+};
+
+/* cert and other supporting data for private keys. used
+ * for both shrouded and non-shrouded keys.
+ */
+struct SEC_PKCS12PVKSupportingDataStr {
+ PLArenaPool *poolp;
+ SGNDigestInfo **assocCerts;
+ SECItem regenerable;
+ SECItem nickname;
+ SEC_PKCS12PVKAdditionalData pvkAdditional;
+ SECItem pvkAdditionalDER;
+
+ SECItem uniNickName;
+ /* used locally */
+ int nThumbs;
+};
+
+/* shrouded key structure. supports only pkcs8 shrouding
+ * currently.
+ */
+struct SEC_PKCS12ESPVKItemStr {
+ PLArenaPool *poolp; /* used locally */
+ SECOidData *espvkTag; /* used locally */
+ SECItem espvkOID;
+ SEC_PKCS12PVKSupportingData espvkData;
+ union {
+ SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;
+ } espvkCipherText;
+
+ PRBool duplicate; /* used locally */
+ PRBool problem_cert; /* used locally */
+ PRBool single_cert; /* used locally */
+ int nCerts; /* used locally */
+ SECItem derCert; /* used locally */
+};
+
+/* generic bag store for the safe. safeBagType identifies
+ * the type of bag stored.
+ */
+struct SEC_PKCS12SafeBagStr {
+ PLArenaPool *poolp;
+ SECOidData *safeBagTypeTag; /* used locally */
+ SECItem safeBagType;
+ union {
+ SEC_PKCS12PrivateKeyBag *keyBag;
+ SEC_PKCS12CertAndCRLBag *certAndCRLBag;
+ SEC_PKCS12SecretBag *secretBag;
+ } safeContent;
+
+ SECItem derSafeContent;
+ SECItem safeBagName;
+
+ SECItem uniSafeBagName;
+};
+
+/* stores private keys and certificates in a list. each safebag
+ * has an ID identifying the type of content stored.
+ */
+struct SEC_PKCS12SafeContentsStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12SafeBag **contents;
+
+ /* used for tracking purposes */
+ int safe_size;
+ PRBool old;
+ PRBool swapUnicode;
+ PRBool possibleSwapUnicode;
+};
+
+/* private key structure which holds encrypted private key and
+ * supporting data including nickname and certificate thumbprint.
+ */
+struct SEC_PKCS12PrivateKeyStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12PVKSupportingData pvkData;
+ SECKEYPrivateKeyInfo pkcs8data; /* borrowed from PKCS 8 */
+
+ PRBool duplicate; /* used locally */
+ PRBool problem_cert; /* used locally */
+ PRBool single_cert; /* used locally */
+ int nCerts; /* used locally */
+ SECItem derCert; /* used locally */
+};
+
+/* private key bag, holds a (null terminated) list of private key
+ * structures.
+ */
+struct SEC_PKCS12PrivateKeyBagStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12PrivateKey **privateKeys;
+
+ int bag_size; /* used locally */
+};
+
+/* container to hold certificates. currently supports x509
+ * and sdsi certificates
+ */
+struct SEC_PKCS12CertAndCRLStr {
+ PLArenaPool *poolp;
+ SECOidData *BagTypeTag; /* used locally */
+ SECItem BagID;
+ union {
+ SEC_PKCS12X509CertCRL *x509;
+ SEC_PKCS12SDSICert *sdsi;
+ } value;
+
+ SECItem derValue;
+ SECItem nickname; /* used locally */
+ PRBool duplicate; /* used locally */
+};
+
+/* x509 certificate structure. typically holds the der encoding
+ * of the x509 certificate. thumbprint contains a digest of the
+ * certificate
+ */
+struct SEC_PKCS12X509CertCRLStr {
+ PLArenaPool *poolp;
+ SEC_PKCS7ContentInfo certOrCRL;
+ SGNDigestInfo thumbprint;
+
+ SECItem *derLeafCert; /* used locally */
+};
+
+/* sdsi certificate structure. typically holds the der encoding
+ * of the sdsi certificate. thumbprint contains a digest of the
+ * certificate
+ */
+struct SEC_PKCS12SDSICertStr {
+ PLArenaPool *poolp;
+ SECItem value;
+ SGNDigestInfo thumbprint;
+};
+
+/* contains a null terminated list of certs and crls */
+struct SEC_PKCS12CertAndCRLBagStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12CertAndCRL **certAndCRLs;
+
+ int bag_size; /* used locally */
+};
+
+/* additional secret information. currently no information
+ * stored in this structure.
+ */
+struct SEC_PKCS12SecretAdditionalStr {
+ PLArenaPool *poolp;
+ SECOidData *secretTypeTag; /* used locally */
+ SECItem secretAdditionalType;
+ SECItem secretAdditionalContent;
+};
+
+/* secrets container. this will be used to contain currently
+ * unspecified secrets. (it's a secret)
+ */
+struct SEC_PKCS12SecretStr {
+ PLArenaPool *poolp;
+ SECItem secretName;
+ SECItem value;
+ SEC_PKCS12SecretAdditional secretAdditional;
+
+ SECItem uniSecretName;
+};
+
+struct SEC_PKCS12SecretItemStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12Secret secret;
+ SEC_PKCS12SafeBag subFolder;
+};
+
+/* a bag of secrets. holds a null terminated list of secrets.
+ */
+struct SEC_PKCS12SecretBagStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12SecretItem **secrets;
+
+ int bag_size; /* used locally */
+};
+
+struct SEC_PKCS12MacDataStr {
+ SGNDigestInfo safeMac;
+ SECItem macSalt;
+};
+
+/* outer transfer unit */
+struct SEC_PKCS12PFXItemStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12MacData macData;
+ SEC_PKCS7ContentInfo authSafe;
+
+ /* for compatibility with beta */
+ PRBool old;
+ SGNDigestInfo old_safeMac;
+ SECItem old_macSalt;
+
+ /* compatibility between platforms for unicode swapping */
+ PRBool swapUnicode;
+};
+
+struct SEC_PKCS12BaggageItemStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12ESPVKItem **espvks;
+ SEC_PKCS12SafeBag **unencSecrets;
+
+ int nEspvks;
+ int nSecrets;
+};
+
+/* stores shrouded keys */
+struct SEC_PKCS12Baggage_OLDStr {
+ PLArenaPool *poolp;
+ SEC_PKCS12ESPVKItem **espvks;
+
+ int luggage_size; /* used locally */
+};
+
+/* authenticated safe, stores certs, keys, and shrouded keys */
+struct SEC_PKCS12AuthenticatedSafeStr {
+ PLArenaPool *poolp;
+ SECItem version;
+ SECOidData *transportTypeTag; /* local not part of encoding*/
+ SECItem transportMode;
+ SECItem privacySalt;
+ SEC_PKCS12Baggage baggage;
+ SEC_PKCS7ContentInfo *safe;
+
+ /* used for beta compatibility */
+ PRBool old;
+ PRBool emptySafe;
+ SEC_PKCS12Baggage_OLD old_baggage;
+ SEC_PKCS7ContentInfo old_safe;
+ PRBool swapUnicode;
+};
+#define SEC_PKCS12_PFX_VERSION 1 /* what we create */
+
+/* PKCS 12 Templates */
+extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];
+extern const SEC_ASN1Template SGN_DigestInfoTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];
+#endif
diff --git a/security/nss/lib/pkcs7/Makefile b/security/nss/lib/pkcs7/Makefile
new file mode 100644
index 000000000..a9cebcfec
--- /dev/null
+++ b/security/nss/lib/pkcs7/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+
diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c
new file mode 100644
index 000000000..2d692f1a2
--- /dev/null
+++ b/security/nss/lib/pkcs7/certread.c
@@ -0,0 +1,528 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "base64.h"
+#include "secitem.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secerr.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
+
+typedef struct ContentInfoStr ContentInfo;
+typedef struct DegenerateSignedDataStr DegenerateSignedData;
+
+struct ContentInfoStr {
+ SECOidTag contentTypeTag; /* local; not part of encoding */
+ SECItem contentType;
+ union {
+ SECItem *data;
+ DegenerateSignedData *signedData;
+ } content;
+};
+
+struct DegenerateSignedDataStr {
+ SECItem version;
+ SECItem **digestAlgorithms;
+ ContentInfo contentInfo;
+ SECItem **certificates;
+ SECItem **crls;
+ SECItem **signerInfos;
+};
+
+static const SEC_ASN1Template *
+choose_content_template(void *src_or_dest, PRBool encoding);
+
+static const SEC_ASN1TemplateChooserPtr template_chooser = choose_content_template;
+
+static const SEC_ASN1Template ContentInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(ContentInfo) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(ContentInfo, contentType) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(ContentInfo, content),
+ &template_chooser },
+ { 0 }
+};
+
+static const SEC_ASN1Template DegenerateSignedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(DegenerateSignedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(DegenerateSignedData, version) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(DegenerateSignedData, digestAlgorithms),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { SEC_ASN1_INLINE,
+ offsetof(DegenerateSignedData, contentInfo),
+ ContentInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(DegenerateSignedData, certificates),
+ SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(DegenerateSignedData, crls),
+ SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(DegenerateSignedData, signerInfos),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template PointerToDegenerateSignedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, DegenerateSignedDataTemplate }
+};
+
+static SECOidTag
+GetContentTypeTag(ContentInfo *cinfo)
+{
+ if (cinfo->contentTypeTag == SEC_OID_UNKNOWN)
+ cinfo->contentTypeTag = SECOID_FindOIDTag(&cinfo->contentType);
+ return cinfo->contentTypeTag;
+}
+
+static const SEC_ASN1Template *
+choose_content_template(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ ContentInfo *cinfo;
+ SECOidTag kind;
+
+ PORT_Assert(src_or_dest != NULL);
+ if (src_or_dest == NULL)
+ return NULL;
+
+ cinfo = (ContentInfo *)src_or_dest;
+ kind = GetContentTypeTag(cinfo);
+ switch (kind) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ break;
+ case SEC_OID_PKCS7_DATA:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ theTemplate = PointerToDegenerateSignedDataTemplate;
+ break;
+ }
+ return theTemplate;
+}
+
+static SECStatus
+SEC_ReadPKCS7Certs(SECItem *pkcs7Item, CERTImportCertificateFunc f, void *arg)
+{
+ ContentInfo contentInfo;
+ SECStatus rv = SECFailure;
+ SECItem **certs;
+ int count;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return rv;
+ }
+
+ PORT_Memset(&contentInfo, 0, sizeof(contentInfo));
+ if (SEC_ASN1DecodeItem(arena, &contentInfo, ContentInfoTemplate,
+ pkcs7Item) != SECSuccess) {
+ goto done;
+ }
+
+ if (GetContentTypeTag(&contentInfo) != SEC_OID_PKCS7_SIGNED_DATA) {
+ goto done;
+ }
+
+ rv = SECSuccess;
+
+ certs = contentInfo.content.signedData->certificates;
+ if (certs) {
+ count = 0;
+
+ while (*certs) {
+ count++;
+ certs++;
+ }
+ rv = (*f)(arg, contentInfo.content.signedData->certificates, count);
+ }
+
+done:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return rv;
+}
+
+const SEC_ASN1Template SEC_CertSequenceTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
+};
+
+static SECStatus
+SEC_ReadCertSequence(SECItem *certsItem, CERTImportCertificateFunc f, void *arg)
+{
+ SECStatus rv = SECFailure;
+ SECItem **certs;
+ int count;
+ SECItem **rawCerts = NULL;
+ PLArenaPool *arena;
+ ContentInfo contentInfo;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return rv;
+ }
+
+ PORT_Memset(&contentInfo, 0, sizeof(contentInfo));
+ if (SEC_ASN1DecodeItem(arena, &contentInfo, ContentInfoTemplate,
+ certsItem) != SECSuccess) {
+ goto done;
+ }
+
+ if (GetContentTypeTag(&contentInfo) != SEC_OID_NS_TYPE_CERT_SEQUENCE) {
+ goto done;
+ }
+
+ if (SEC_QuickDERDecodeItem(arena, &rawCerts, SEC_CertSequenceTemplate,
+ contentInfo.content.data) != SECSuccess) {
+ goto done;
+ }
+
+ rv = SECSuccess;
+
+ certs = rawCerts;
+ if (certs) {
+ count = 0;
+
+ while (*certs) {
+ count++;
+ certs++;
+ }
+ rv = (*f)(arg, rawCerts, count);
+ }
+
+done:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return rv;
+}
+
+CERTCertificate *
+CERT_ConvertAndDecodeCertificate(char *certstr)
+{
+ CERTCertificate *cert;
+ SECStatus rv;
+ SECItem der;
+
+ rv = ATOB_ConvertAsciiToItem(&der, certstr);
+ if (rv != SECSuccess)
+ return NULL;
+
+ cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ &der, NULL, PR_FALSE, PR_TRUE);
+
+ PORT_Free(der.data);
+ return cert;
+}
+
+static const char NS_CERT_HEADER[] = "-----BEGIN CERTIFICATE-----";
+static const char NS_CERT_TRAILER[] = "-----END CERTIFICATE-----";
+#define NS_CERT_HEADER_LEN ((sizeof NS_CERT_HEADER) - 1)
+#define NS_CERT_TRAILER_LEN ((sizeof NS_CERT_TRAILER) - 1)
+
+/*
+ * read an old style ascii or binary certificate chain
+ */
+SECStatus
+CERT_DecodeCertPackage(char *certbuf,
+ int certlen,
+ CERTImportCertificateFunc f,
+ void *arg)
+{
+ unsigned char *cp;
+ unsigned char *bincert = NULL;
+ char *ascCert = NULL;
+ SECStatus rv;
+
+ if (certbuf == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return (SECFailure);
+ }
+ /*
+ * Make sure certlen is long enough to handle the longest possible
+ * reference in the code below:
+ * 0x30 0x84 l1 l2 l3 l4 +
+ * tag 9 o1 o2 o3 o4 o5 o6 o7 o8 o9
+ * where 9 is the longest length of the expected oids we are testing.
+ * 6 + 11 = 17. 17 bytes is clearly too small to code any kind of
+ * certificate (a 128 bit ECC certificate contains at least an 8 byte
+ * key and a 16 byte signature, plus coding overhead). Typically a cert
+ * is much larger. So it's safe to require certlen to be at least 17
+ * bytes.
+ */
+ if (certlen < 17) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return (SECFailure);
+ }
+
+ cp = (unsigned char *)certbuf;
+
+ /* is a DER encoded certificate of some type? */
+ if ((*cp & 0x1f) == SEC_ASN1_SEQUENCE) {
+ SECItem certitem;
+ SECItem *pcertitem = &certitem;
+ PRUint64 seqLen, seqLenLen;
+
+ cp++;
+
+ if (*cp & 0x80) {
+ /* Multibyte length */
+ seqLenLen = cp[0] & 0x7f;
+
+ switch (seqLenLen) {
+ case 4:
+ seqLen = ((unsigned long)cp[1] << 24) |
+ ((unsigned long)cp[2] << 16) | (cp[3] << 8) | cp[4];
+ break;
+ case 3:
+ seqLen = ((unsigned long)cp[1] << 16) | (cp[2] << 8) | cp[3];
+ break;
+ case 2:
+ seqLen = (cp[1] << 8) | cp[2];
+ break;
+ case 1:
+ seqLen = cp[1];
+ break;
+ case 0:
+ /* indefinite length */
+ seqLen = 0;
+ break;
+ default:
+ goto notder;
+ }
+ cp += (seqLenLen + 1);
+
+ } else {
+ seqLenLen = 0;
+ seqLen = *cp;
+ cp++;
+ }
+
+ /* check entire length if definite length */
+ if (seqLen || seqLenLen) {
+ if (certlen != (seqLen + seqLenLen + 2L)) {
+ if (certlen > (seqLen + seqLenLen + 2L))
+ PORT_SetError(SEC_ERROR_EXTRA_INPUT);
+ else
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto notder;
+ }
+ }
+
+ /* check the type oid */
+ if (cp[0] == SEC_ASN1_OBJECT_ID) {
+ SECOidData *oiddata;
+ SECItem oiditem;
+ /* XXX - assume DER encoding of OID len!! */
+ oiditem.len = cp[1];
+ /* if we add an oid below that is longer than 9 bytes, then we
+ * need to change the certlen check at the top of the function
+ * to prevent a buffer overflow
+ */
+ if (oiditem.len > 9) {
+ PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID);
+ return (SECFailure);
+ }
+ oiditem.data = (unsigned char *)&cp[2];
+ oiddata = SECOID_FindOID(&oiditem);
+ if (oiddata == NULL) {
+ return (SECFailure);
+ }
+
+ certitem.data = (unsigned char *)certbuf;
+ certitem.len = certlen;
+
+ switch (oiddata->offset) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ /* oid: 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02 */
+ return (SEC_ReadPKCS7Certs(&certitem, f, arg));
+ break;
+ case SEC_OID_NS_TYPE_CERT_SEQUENCE:
+ /* oid: 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x02, 0x05 */
+ return (SEC_ReadCertSequence(&certitem, f, arg));
+ break;
+ default:
+ break;
+ }
+
+ } else {
+ /* it had better be a certificate by now!! */
+ certitem.data = (unsigned char *)certbuf;
+ certitem.len = certlen;
+
+ rv = (*f)(arg, &pcertitem, 1);
+ return (rv);
+ }
+ }
+
+/* now look for a netscape base64 ascii encoded cert */
+notder : {
+ unsigned char *certbegin = NULL;
+ unsigned char *certend = NULL;
+ char *pc;
+ int cl;
+
+ /* Convert the ASCII data into a nul-terminated string */
+ ascCert = (char *)PORT_Alloc(certlen + 1);
+ if (!ascCert) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ PORT_Memcpy(ascCert, certbuf, certlen);
+ ascCert[certlen] = '\0';
+
+ pc = PORT_Strchr(ascCert, '\n'); /* find an EOL */
+ if (!pc) { /* maybe this is a MAC file */
+ pc = ascCert;
+ while (*pc && NULL != (pc = PORT_Strchr(pc, '\r'))) {
+ *pc++ = '\n';
+ }
+ }
+
+ cp = (unsigned char *)ascCert;
+ cl = certlen;
+
+ /* find the beginning marker */
+ while (cl > NS_CERT_HEADER_LEN) {
+ int found = 0;
+ if (!PORT_Strncasecmp((char *)cp, NS_CERT_HEADER,
+ NS_CERT_HEADER_LEN)) {
+ cl -= NS_CERT_HEADER_LEN;
+ cp += NS_CERT_HEADER_LEN;
+ found = 1;
+ }
+
+ /* skip to next eol */
+ while (cl && (*cp != '\n')) {
+ cp++;
+ cl--;
+ }
+
+ /* skip all blank lines */
+ while (cl && (*cp == '\n' || *cp == '\r')) {
+ cp++;
+ cl--;
+ }
+ if (cl && found) {
+ certbegin = cp;
+ break;
+ }
+ }
+
+ if (certbegin) {
+ /* find the ending marker */
+ while (cl >= NS_CERT_TRAILER_LEN) {
+ if (!PORT_Strncasecmp((char *)cp, NS_CERT_TRAILER,
+ NS_CERT_TRAILER_LEN)) {
+ certend = cp;
+ break;
+ }
+
+ /* skip to next eol */
+ while (cl && (*cp != '\n')) {
+ cp++;
+ cl--;
+ }
+
+ /* skip all blank lines */
+ while (cl && (*cp == '\n' || *cp == '\r')) {
+ cp++;
+ cl--;
+ }
+ }
+ }
+
+ if (certbegin && certend) {
+ unsigned int binLen;
+
+ *certend = 0;
+ /* convert to binary */
+ bincert = ATOB_AsciiToData((char *)certbegin, &binLen);
+ if (!bincert) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* now recurse to decode the binary */
+ rv = CERT_DecodeCertPackage((char *)bincert, binLen, f, arg);
+
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ }
+}
+
+loser:
+
+ if (bincert) {
+ PORT_Free(bincert);
+ }
+
+ if (ascCert) {
+ PORT_Free(ascCert);
+ }
+
+ return (rv);
+}
+
+typedef struct {
+ PLArenaPool *arena;
+ SECItem cert;
+} collect_args;
+
+static SECStatus
+collect_certs(void *arg, SECItem **certs, int numcerts)
+{
+ SECStatus rv;
+ collect_args *collectArgs;
+
+ collectArgs = (collect_args *)arg;
+
+ rv = SECITEM_CopyItem(collectArgs->arena, &collectArgs->cert, *certs);
+
+ return (rv);
+}
+
+/*
+ * read an old style ascii or binary certificate
+ */
+CERTCertificate *
+CERT_DecodeCertFromPackage(char *certbuf, int certlen)
+{
+ collect_args collectArgs;
+ SECStatus rv;
+ CERTCertificate *cert = NULL;
+
+ collectArgs.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ rv = CERT_DecodeCertPackage(certbuf, certlen, collect_certs,
+ (void *)&collectArgs);
+ if (rv == SECSuccess) {
+ cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ &collectArgs.cert, NULL,
+ PR_FALSE, PR_TRUE);
+ }
+
+ PORT_FreeArena(collectArgs.arena, PR_FALSE);
+
+ return (cert);
+}
diff --git a/security/nss/lib/pkcs7/config.mk b/security/nss/lib/pkcs7/config.mk
new file mode 100644
index 000000000..36f063f1d
--- /dev/null
+++ b/security/nss/lib/pkcs7/config.mk
@@ -0,0 +1,14 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
diff --git a/security/nss/lib/pkcs7/exports.gyp b/security/nss/lib/pkcs7/exports.gyp
new file mode 100644
index 000000000..e5c9f0927
--- /dev/null
+++ b/security/nss/lib/pkcs7/exports.gyp
@@ -0,0 +1,33 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_pkcs7_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'pkcs7t.h',
+ 'secmime.h',
+ 'secpkcs7.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'p7local.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/pkcs7/manifest.mn b/security/nss/lib/pkcs7/manifest.mn
new file mode 100644
index 000000000..1a6cad0f7
--- /dev/null
+++ b/security/nss/lib/pkcs7/manifest.mn
@@ -0,0 +1,33 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ secmime.h \
+ secpkcs7.h \
+ pkcs7t.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ p7local.h \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ certread.c \
+ p7common.c \
+ p7create.c \
+ p7decode.c \
+ p7encode.c \
+ p7local.c \
+ secmime.c \
+ $(NULL)
+
+LIBRARY_NAME = pkcs7
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/pkcs7/p7common.c b/security/nss/lib/pkcs7/p7common.c
new file mode 100644
index 000000000..8a6ac033e
--- /dev/null
+++ b/security/nss/lib/pkcs7/p7common.c
@@ -0,0 +1,663 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * PKCS7 implementation -- the exported parts that are used whether
+ * creating or decoding.
+ */
+
+#include "p7local.h"
+
+#include "cert.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+
+/*
+ * Find out (saving pointer to lookup result for future reference)
+ * and return the inner content type.
+ */
+SECOidTag
+SEC_PKCS7ContentType(SEC_PKCS7ContentInfo *cinfo)
+{
+ if (cinfo->contentTypeTag == NULL)
+ cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
+
+ if (cinfo->contentTypeTag == NULL)
+ return SEC_OID_UNKNOWN;
+
+ return cinfo->contentTypeTag->offset;
+}
+
+/*
+ * Destroy a PKCS7 contentInfo and all of its sub-pieces.
+ */
+void
+SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *cinfo)
+{
+ SECOidTag kind;
+ CERTCertificate **certs;
+ CERTCertificateList **certlists;
+ SEC_PKCS7SignerInfo **signerinfos;
+ SEC_PKCS7RecipientInfo **recipientinfos;
+
+ PORT_Assert(cinfo->refCount > 0);
+ if (cinfo->refCount <= 0)
+ return;
+
+ cinfo->refCount--;
+ if (cinfo->refCount > 0)
+ return;
+
+ certs = NULL;
+ certlists = NULL;
+ recipientinfos = NULL;
+ signerinfos = NULL;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_ENVELOPED_DATA: {
+ SEC_PKCS7EnvelopedData *edp;
+
+ edp = cinfo->content.envelopedData;
+ if (edp != NULL) {
+ recipientinfos = edp->recipientInfos;
+ }
+ } break;
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ if (sdp != NULL) {
+ certs = sdp->certs;
+ certlists = sdp->certLists;
+ signerinfos = sdp->signerInfos;
+ }
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ if (saedp != NULL) {
+ certs = saedp->certs;
+ certlists = saedp->certLists;
+ recipientinfos = saedp->recipientInfos;
+ signerinfos = saedp->signerInfos;
+ if (saedp->sigKey != NULL)
+ PK11_FreeSymKey(saedp->sigKey);
+ }
+ } break;
+ default:
+ /* XXX Anything else that needs to be "manually" freed/destroyed? */
+ break;
+ }
+
+ if (certs != NULL) {
+ CERTCertificate *cert;
+
+ while ((cert = *certs++) != NULL) {
+ CERT_DestroyCertificate(cert);
+ }
+ }
+
+ if (certlists != NULL) {
+ CERTCertificateList *certlist;
+
+ while ((certlist = *certlists++) != NULL) {
+ CERT_DestroyCertificateList(certlist);
+ }
+ }
+
+ if (recipientinfos != NULL) {
+ SEC_PKCS7RecipientInfo *ri;
+
+ while ((ri = *recipientinfos++) != NULL) {
+ if (ri->cert != NULL)
+ CERT_DestroyCertificate(ri->cert);
+ }
+ }
+
+ if (signerinfos != NULL) {
+ SEC_PKCS7SignerInfo *si;
+
+ while ((si = *signerinfos++) != NULL) {
+ if (si->cert != NULL)
+ CERT_DestroyCertificate(si->cert);
+ if (si->certList != NULL)
+ CERT_DestroyCertificateList(si->certList);
+ }
+ }
+
+ if (cinfo->poolp != NULL) {
+ PORT_FreeArena(cinfo->poolp, PR_FALSE); /* XXX clear it? */
+ }
+}
+
+/*
+ * Return a copy of the given contentInfo. The copy may be virtual
+ * or may be real -- either way, the result needs to be passed to
+ * SEC_PKCS7DestroyContentInfo later (as does the original).
+ */
+SEC_PKCS7ContentInfo *
+SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *cinfo)
+{
+ if (cinfo == NULL)
+ return NULL;
+
+ PORT_Assert(cinfo->refCount > 0);
+
+ if (cinfo->created) {
+ /*
+ * Want to do a real copy of these; otherwise subsequent
+ * changes made to either copy are likely to be a surprise.
+ * XXX I suspect that this will not actually be called for yet,
+ * which is why the assert, so to notice if it is...
+ */
+ PORT_Assert(0);
+ /*
+ * XXX Create a new pool here, and copy everything from
+ * within. For cert stuff, need to call the appropriate
+ * copy functions, etc.
+ */
+ }
+
+ cinfo->refCount++;
+ return cinfo;
+}
+
+/*
+ * Return a pointer to the actual content. In the case of those types
+ * which are encrypted, this returns the *plain* content.
+ * XXX Needs revisiting if/when we handle nested encrypted types.
+ */
+SECItem *
+SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo)
+{
+ SECOidTag kind;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_DATA:
+ return cinfo->content.data;
+ case SEC_OID_PKCS7_DIGESTED_DATA: {
+ SEC_PKCS7DigestedData *digd;
+
+ digd = cinfo->content.digestedData;
+ if (digd == NULL)
+ break;
+ return SEC_PKCS7GetContent(&(digd->contentInfo));
+ }
+ case SEC_OID_PKCS7_ENCRYPTED_DATA: {
+ SEC_PKCS7EncryptedData *encd;
+
+ encd = cinfo->content.encryptedData;
+ if (encd == NULL)
+ break;
+ return &(encd->encContentInfo.plainContent);
+ }
+ case SEC_OID_PKCS7_ENVELOPED_DATA: {
+ SEC_PKCS7EnvelopedData *envd;
+
+ envd = cinfo->content.envelopedData;
+ if (envd == NULL)
+ break;
+ return &(envd->encContentInfo.plainContent);
+ }
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sigd;
+
+ sigd = cinfo->content.signedData;
+ if (sigd == NULL)
+ break;
+ return SEC_PKCS7GetContent(&(sigd->contentInfo));
+ }
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saed;
+
+ saed = cinfo->content.signedAndEnvelopedData;
+ if (saed == NULL)
+ break;
+ return &(saed->encContentInfo.plainContent);
+ }
+ default:
+ PORT_Assert(0);
+ break;
+ }
+
+ return NULL;
+}
+
+/*
+ * XXX Fix the placement and formatting of the
+ * following routines (i.e. make them consistent with the rest of
+ * the pkcs7 code -- I think some/many belong in other files and
+ * they all need a formatting/style rehaul)
+ */
+
+/* retrieve the algorithm identifier for encrypted data.
+ * the identifier returned is a copy of the algorithm identifier
+ * in the content info and needs to be freed after being used.
+ *
+ * cinfo is the content info for which to retrieve the
+ * encryption algorithm.
+ *
+ * if the content info is not encrypted data or an error
+ * occurs NULL is returned.
+ */
+SECAlgorithmID *
+SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo)
+{
+ SECAlgorithmID *alg = 0;
+ switch (SEC_PKCS7ContentType(cinfo)) {
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ alg = &cinfo->content.encryptedData->encContentInfo.contentEncAlg;
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ alg = &cinfo->content.envelopedData->encContentInfo.contentEncAlg;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ alg = &cinfo->content.signedAndEnvelopedData
+ ->encContentInfo.contentEncAlg;
+ break;
+ default:
+ alg = 0;
+ break;
+ }
+
+ return alg;
+}
+
+/* set the content of the content info. For data content infos,
+ * the data is set. For encrytped content infos, the plainContent
+ * is set, and is expected to be encrypted later.
+ *
+ * cinfo is the content info where the data will be set
+ *
+ * buf is a buffer of the data to set
+ *
+ * len is the length of the data being set.
+ *
+ * in the event of an error, SECFailure is returned. SECSuccess
+ * indicates the content was successfully set.
+ */
+SECStatus
+SEC_PKCS7SetContent(SEC_PKCS7ContentInfo *cinfo,
+ const char *buf,
+ unsigned long len)
+{
+ SECOidTag cinfo_type;
+ SECStatus rv;
+ SECItem content;
+ SECOidData *contentTypeTag = NULL;
+
+ content.type = siBuffer;
+ content.data = (unsigned char *)buf;
+ content.len = len;
+
+ cinfo_type = SEC_PKCS7ContentType(cinfo);
+
+ /* set inner content */
+ switch (cinfo_type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ if (content.len > 0) {
+ /* we "leak" the old content here, but as it's all in the pool */
+ /* it does not really matter */
+
+ /* create content item if necessary */
+ if (cinfo->content.signedData->contentInfo.content.data == NULL)
+ cinfo->content.signedData->contentInfo.content.data = SECITEM_AllocItem(cinfo->poolp, NULL, 0);
+ rv = SECITEM_CopyItem(cinfo->poolp,
+ cinfo->content.signedData->contentInfo.content.data,
+ &content);
+ } else {
+ cinfo->content.signedData->contentInfo.content.data->data = NULL;
+ cinfo->content.signedData->contentInfo.content.data->len = 0;
+ rv = SECSuccess;
+ }
+ if (rv == SECFailure)
+ goto loser;
+
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ /* XXX this forces the inner content type to be "data" */
+ /* do we really want to override without asking or reason? */
+ contentTypeTag = SECOID_FindOIDByTag(SEC_OID_PKCS7_DATA);
+ if (contentTypeTag == NULL)
+ goto loser;
+ rv = SECITEM_CopyItem(cinfo->poolp,
+ &(cinfo->content.encryptedData->encContentInfo.contentType),
+ &(contentTypeTag->oid));
+ if (rv == SECFailure)
+ goto loser;
+ if (content.len > 0) {
+ rv = SECITEM_CopyItem(cinfo->poolp,
+ &(cinfo->content.encryptedData->encContentInfo.plainContent),
+ &content);
+ } else {
+ cinfo->content.encryptedData->encContentInfo.plainContent.data = NULL;
+ cinfo->content.encryptedData->encContentInfo.encContent.data = NULL;
+ cinfo->content.encryptedData->encContentInfo.plainContent.len = 0;
+ cinfo->content.encryptedData->encContentInfo.encContent.len = 0;
+ rv = SECSuccess;
+ }
+ if (rv == SECFailure)
+ goto loser;
+ break;
+ case SEC_OID_PKCS7_DATA:
+ cinfo->content.data = (SECItem *)PORT_ArenaZAlloc(cinfo->poolp,
+ sizeof(SECItem));
+ if (cinfo->content.data == NULL)
+ goto loser;
+ if (content.len > 0) {
+ rv = SECITEM_CopyItem(cinfo->poolp,
+ cinfo->content.data, &content);
+ } else {
+ /* handle case with NULL content */
+ rv = SECSuccess;
+ }
+ if (rv == SECFailure)
+ goto loser;
+ break;
+ default:
+ goto loser;
+ }
+
+ return SECSuccess;
+
+loser:
+
+ return SECFailure;
+}
+
+/* the content of an encrypted data content info is encrypted.
+ * it is assumed that for encrypted data, that the data has already
+ * been set and is in the "plainContent" field of the content info.
+ *
+ * cinfo is the content info to encrypt
+ *
+ * key is the key with which to perform the encryption. if the
+ * algorithm is a password based encryption algorithm, the
+ * key is actually a password which will be processed per
+ * PKCS #5.
+ *
+ * in the event of an error, SECFailure is returned. SECSuccess
+ * indicates a success.
+ */
+SECStatus
+SEC_PKCS7EncryptContents(PLArenaPool *poolp,
+ SEC_PKCS7ContentInfo *cinfo,
+ SECItem *key,
+ void *wincx)
+{
+ SECAlgorithmID *algid = NULL;
+ SECItem *src;
+ SECItem *dest;
+ SECItem *blocked_data = NULL;
+ void *mark;
+ void *cx;
+ PK11SymKey *eKey = NULL;
+ PK11SlotInfo *slot = NULL;
+
+ CK_MECHANISM_TYPE cryptoMechType;
+ int bs;
+ SECStatus rv = SECFailure;
+ SECItem *c_param = NULL;
+
+ if ((cinfo == NULL) || (key == NULL))
+ return SECFailure;
+
+ if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
+ return SECFailure;
+
+ algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
+ if (algid == NULL)
+ return SECFailure;
+
+ if (poolp == NULL)
+ poolp = cinfo->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ src = &cinfo->content.encryptedData->encContentInfo.plainContent;
+ dest = &cinfo->content.encryptedData->encContentInfo.encContent;
+ dest->data = (unsigned char *)PORT_ArenaZAlloc(poolp, (src->len + 64));
+ dest->len = (src->len + 64);
+ if (dest->data == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ slot = PK11_GetInternalKeySlot();
+ if (slot == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ eKey = PK11_PBEKeyGen(slot, algid, key, PR_FALSE, wincx);
+ if (eKey == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &c_param, key);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* block according to PKCS 8 */
+ bs = PK11_GetBlockSize(cryptoMechType, c_param);
+ rv = SECSuccess;
+ if (bs) {
+ char pad_char;
+ pad_char = (char)(bs - (src->len % bs));
+ if (src->len % bs) {
+ rv = SECSuccess;
+ blocked_data = PK11_BlockData(src, bs);
+ if (blocked_data) {
+ PORT_Memset((blocked_data->data + blocked_data->len - (int)pad_char),
+ pad_char, (int)pad_char);
+ } else {
+ rv = SECFailure;
+ goto loser;
+ }
+ } else {
+ blocked_data = SECITEM_DupItem(src);
+ if (blocked_data) {
+ blocked_data->data = (unsigned char *)PORT_Realloc(
+ blocked_data->data,
+ blocked_data->len + bs);
+ if (blocked_data->data) {
+ blocked_data->len += bs;
+ PORT_Memset((blocked_data->data + src->len), (char)bs, bs);
+ } else {
+ rv = SECFailure;
+ goto loser;
+ }
+ } else {
+ rv = SECFailure;
+ goto loser;
+ }
+ }
+ } else {
+ blocked_data = SECITEM_DupItem(src);
+ if (!blocked_data) {
+ rv = SECFailure;
+ goto loser;
+ }
+ }
+
+ cx = PK11_CreateContextBySymKey(cryptoMechType, CKA_ENCRYPT,
+ eKey, c_param);
+ if (cx == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = PK11_CipherOp((PK11Context *)cx, dest->data, (int *)(&dest->len),
+ (int)(src->len + 64), blocked_data->data,
+ (int)blocked_data->len);
+ PK11_DestroyContext((PK11Context *)cx, PR_TRUE);
+
+loser:
+ /* let success fall through */
+ if (blocked_data != NULL)
+ SECITEM_ZfreeItem(blocked_data, PR_TRUE);
+
+ if (rv == SECFailure)
+ PORT_ArenaRelease(poolp, mark);
+ else
+ PORT_ArenaUnmark(poolp, mark);
+
+ if (eKey != NULL)
+ PK11_FreeSymKey(eKey);
+
+ if (slot != NULL)
+ PK11_FreeSlot(slot);
+
+ if (c_param != NULL)
+ SECITEM_ZfreeItem(c_param, PR_TRUE);
+
+ return rv;
+}
+
+/* the content of an encrypted data content info is decrypted.
+ * it is assumed that for encrypted data, that the data has already
+ * been set and is in the "encContent" field of the content info.
+ *
+ * cinfo is the content info to decrypt
+ *
+ * key is the key with which to perform the decryption. if the
+ * algorithm is a password based encryption algorithm, the
+ * key is actually a password which will be processed per
+ * PKCS #5.
+ *
+ * in the event of an error, SECFailure is returned. SECSuccess
+ * indicates a success.
+ */
+SECStatus
+SEC_PKCS7DecryptContents(PLArenaPool *poolp,
+ SEC_PKCS7ContentInfo *cinfo,
+ SECItem *key,
+ void *wincx)
+{
+ SECAlgorithmID *algid = NULL;
+ SECStatus rv = SECFailure;
+ SECItem *dest, *src;
+ void *mark;
+
+ PK11SymKey *eKey = NULL;
+ PK11SlotInfo *slot = NULL;
+ CK_MECHANISM_TYPE cryptoMechType;
+ void *cx;
+ SECItem *c_param = NULL;
+ int bs;
+
+ if ((cinfo == NULL) || (key == NULL))
+ return SECFailure;
+
+ if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
+ return SECFailure;
+
+ algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
+ if (algid == NULL)
+ return SECFailure;
+
+ if (poolp == NULL)
+ poolp = cinfo->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ src = &cinfo->content.encryptedData->encContentInfo.encContent;
+ dest = &cinfo->content.encryptedData->encContentInfo.plainContent;
+ dest->data = (unsigned char *)PORT_ArenaZAlloc(poolp, (src->len + 64));
+ dest->len = (src->len + 64);
+ if (dest->data == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ slot = PK11_GetInternalKeySlot();
+ if (slot == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ eKey = PK11_PBEKeyGen(slot, algid, key, PR_FALSE, wincx);
+ if (eKey == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &c_param, key);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ cx = PK11_CreateContextBySymKey(cryptoMechType, CKA_DECRYPT,
+ eKey, c_param);
+ if (cx == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = PK11_CipherOp((PK11Context *)cx, dest->data, (int *)(&dest->len),
+ (int)(src->len + 64), src->data, (int)src->len);
+ PK11_DestroyContext((PK11Context *)cx, PR_TRUE);
+
+ bs = PK11_GetBlockSize(cryptoMechType, c_param);
+ if (bs) {
+ /* check for proper badding in block algorithms. this assumes
+ * RC2 cbc or a DES cbc variant. and the padding is thus defined
+ */
+ if (((int)dest->data[dest->len - 1] <= bs) &&
+ ((int)dest->data[dest->len - 1] > 0)) {
+ dest->len -= (int)dest->data[dest->len - 1];
+ } else {
+ rv = SECFailure;
+ /* set an error ? */
+ }
+ }
+
+loser:
+ /* let success fall through */
+ if (rv == SECFailure)
+ PORT_ArenaRelease(poolp, mark);
+ else
+ PORT_ArenaUnmark(poolp, mark);
+
+ if (eKey != NULL)
+ PK11_FreeSymKey(eKey);
+
+ if (slot != NULL)
+ PK11_FreeSlot(slot);
+
+ if (c_param != NULL)
+ SECITEM_ZfreeItem(c_param, PR_TRUE);
+
+ return rv;
+}
+
+SECItem **
+SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo)
+{
+ switch (SEC_PKCS7ContentType(cinfo)) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ return cinfo->content.signedData->rawCerts;
+ break;
+ default:
+ return NULL;
+ break;
+ }
+}
+
+int
+SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo)
+{
+ if (cinfo->contentTypeTag->offset == SEC_OID_PKCS7_ENVELOPED_DATA)
+ return cinfo->content.envelopedData->encContentInfo.keysize;
+ else
+ return 0;
+}
diff --git a/security/nss/lib/pkcs7/p7create.c b/security/nss/lib/pkcs7/p7create.c
new file mode 100644
index 000000000..fcf0cad5b
--- /dev/null
+++ b/security/nss/lib/pkcs7/p7create.c
@@ -0,0 +1,1247 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * PKCS7 creation.
+ */
+
+#include "p7local.h"
+
+#include "cert.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+#include "secder.h"
+#include "secpkcs5.h"
+
+const int NSS_PBE_DEFAULT_ITERATION_COUNT = 2000; /* used in p12e.c too */
+
+static SECStatus
+sec_pkcs7_init_content_info(SEC_PKCS7ContentInfo *cinfo, PLArenaPool *poolp,
+ SECOidTag kind, PRBool detached)
+{
+ void *thing;
+ int version;
+ SECItem *versionp;
+ SECStatus rv;
+
+ PORT_Assert(cinfo != NULL && poolp != NULL);
+ if (cinfo == NULL || poolp == NULL)
+ return SECFailure;
+
+ cinfo->contentTypeTag = SECOID_FindOIDByTag(kind);
+ PORT_Assert(cinfo->contentTypeTag && cinfo->contentTypeTag->offset == kind);
+
+ rv = SECITEM_CopyItem(poolp, &(cinfo->contentType),
+ &(cinfo->contentTypeTag->oid));
+ if (rv != SECSuccess)
+ return rv;
+
+ if (detached)
+ return SECSuccess;
+
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ thing = PORT_ArenaZAlloc(poolp, sizeof(SECItem));
+ cinfo->content.data = (SECItem *)thing;
+ versionp = NULL;
+ version = -1;
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ thing = PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS7DigestedData));
+ cinfo->content.digestedData = (SEC_PKCS7DigestedData *)thing;
+ versionp = &(cinfo->content.digestedData->version);
+ version = SEC_PKCS7_DIGESTED_DATA_VERSION;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ thing = PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS7EncryptedData));
+ cinfo->content.encryptedData = (SEC_PKCS7EncryptedData *)thing;
+ versionp = &(cinfo->content.encryptedData->version);
+ version = SEC_PKCS7_ENCRYPTED_DATA_VERSION;
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ thing = PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS7EnvelopedData));
+ cinfo->content.envelopedData =
+ (SEC_PKCS7EnvelopedData *)thing;
+ versionp = &(cinfo->content.envelopedData->version);
+ version = SEC_PKCS7_ENVELOPED_DATA_VERSION;
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ thing = PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS7SignedData));
+ cinfo->content.signedData =
+ (SEC_PKCS7SignedData *)thing;
+ versionp = &(cinfo->content.signedData->version);
+ version = SEC_PKCS7_SIGNED_DATA_VERSION;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ thing = PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS7SignedAndEnvelopedData));
+ cinfo->content.signedAndEnvelopedData =
+ (SEC_PKCS7SignedAndEnvelopedData *)thing;
+ versionp = &(cinfo->content.signedAndEnvelopedData->version);
+ version = SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION;
+ break;
+ }
+
+ if (thing == NULL)
+ return SECFailure;
+
+ if (versionp != NULL) {
+ SECItem *dummy;
+
+ PORT_Assert(version >= 0);
+ dummy = SEC_ASN1EncodeInteger(poolp, versionp, version);
+ if (dummy == NULL)
+ return SECFailure;
+ PORT_Assert(dummy == versionp);
+ }
+
+ return SECSuccess;
+}
+
+static SEC_PKCS7ContentInfo *
+sec_pkcs7_create_content_info(SECOidTag kind, PRBool detached,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ PLArenaPool *poolp;
+ SECStatus rv;
+
+ poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (poolp == NULL)
+ return NULL;
+
+ cinfo = (SEC_PKCS7ContentInfo *)PORT_ArenaZAlloc(poolp, sizeof(*cinfo));
+ if (cinfo == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ cinfo->poolp = poolp;
+ cinfo->pwfn = pwfn;
+ cinfo->pwfn_arg = pwfn_arg;
+ cinfo->created = PR_TRUE;
+ cinfo->refCount = 1;
+
+ rv = sec_pkcs7_init_content_info(cinfo, poolp, kind, detached);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ return cinfo;
+}
+
+/*
+ * Add a signer to a PKCS7 thing, verifying the signature cert first.
+ * Any error returns SECFailure.
+ *
+ * XXX Right now this only adds the *first* signer. It fails if you try
+ * to add a second one -- this needs to be fixed.
+ */
+static SECStatus
+sec_pkcs7_add_signer(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb,
+ SECOidTag digestalgtag,
+ SECItem *digestdata)
+{
+ SEC_PKCS7SignerInfo *signerinfo, **signerinfos, ***signerinfosp;
+ SECAlgorithmID *digestalg, **digestalgs, ***digestalgsp;
+ SECItem *digest, **digests, ***digestsp;
+ SECItem *dummy;
+ void *mark;
+ SECStatus rv;
+ SECOidTag kind;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ digestalgsp = &(sdp->digestAlgorithms);
+ digestsp = &(sdp->digests);
+ signerinfosp = &(sdp->signerInfos);
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ digestalgsp = &(saedp->digestAlgorithms);
+ digestsp = &(saedp->digests);
+ signerinfosp = &(saedp->signerInfos);
+ } break;
+ default:
+ return SECFailure; /* XXX set an error? */
+ }
+
+ /*
+ * XXX I think that CERT_VerifyCert should do this if *it* is passed
+ * a NULL database.
+ */
+ if (certdb == NULL) {
+ certdb = CERT_GetDefaultCertDB();
+ if (certdb == NULL)
+ return SECFailure; /* XXX set an error? */
+ }
+
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, PR_Now(),
+ cinfo->pwfn_arg, NULL) != SECSuccess) {
+ /* XXX Did CERT_VerifyCert set an error? */
+ return SECFailure;
+ }
+
+ /*
+ * XXX This is the check that we do not already have a signer.
+ * This is not what we really want -- we want to allow this
+ * and *add* the new signer.
+ */
+ PORT_Assert(*signerinfosp == NULL && *digestalgsp == NULL && *digestsp == NULL);
+ if (*signerinfosp != NULL || *digestalgsp != NULL || *digestsp != NULL)
+ return SECFailure;
+
+ mark = PORT_ArenaMark(cinfo->poolp);
+
+ signerinfo = (SEC_PKCS7SignerInfo *)PORT_ArenaZAlloc(cinfo->poolp,
+ sizeof(SEC_PKCS7SignerInfo));
+ if (signerinfo == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ dummy = SEC_ASN1EncodeInteger(cinfo->poolp, &signerinfo->version,
+ SEC_PKCS7_SIGNER_INFO_VERSION);
+ if (dummy == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ PORT_Assert(dummy == &signerinfo->version);
+
+ signerinfo->cert = CERT_DupCertificate(cert);
+ if (signerinfo->cert == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ signerinfo->issuerAndSN = CERT_GetCertIssuerAndSN(cinfo->poolp, cert);
+ if (signerinfo->issuerAndSN == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ rv = SECOID_SetAlgorithmID(cinfo->poolp, &signerinfo->digestAlg,
+ digestalgtag, NULL);
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ /*
+ * Okay, now signerinfo is all set. We just need to put it and its
+ * companions (another copy of the digest algorithm, and the digest
+ * itself if given) into the main structure.
+ *
+ * XXX If we are handling more than one signer, the following code
+ * needs to look through the digest algorithms already specified
+ * and see if the same one is there already. If it is, it does not
+ * need to be added again. Also, if it is there *and* the digest
+ * is not null, then the digest given should match the digest already
+ * specified -- if not, that is an error. Finally, the new signerinfo
+ * should be *added* to the set already found.
+ */
+
+ signerinfos = (SEC_PKCS7SignerInfo **)PORT_ArenaAlloc(cinfo->poolp,
+ 2 * sizeof(SEC_PKCS7SignerInfo *));
+ if (signerinfos == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ signerinfos[0] = signerinfo;
+ signerinfos[1] = NULL;
+
+ digestalg = PORT_ArenaZAlloc(cinfo->poolp, sizeof(SECAlgorithmID));
+ digestalgs = PORT_ArenaAlloc(cinfo->poolp, 2 * sizeof(SECAlgorithmID *));
+ if (digestalg == NULL || digestalgs == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ rv = SECOID_SetAlgorithmID(cinfo->poolp, digestalg, digestalgtag, NULL);
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ digestalgs[0] = digestalg;
+ digestalgs[1] = NULL;
+
+ if (digestdata != NULL) {
+ digest = (SECItem *)PORT_ArenaAlloc(cinfo->poolp, sizeof(SECItem));
+ digests = (SECItem **)PORT_ArenaAlloc(cinfo->poolp,
+ 2 * sizeof(SECItem *));
+ if (digest == NULL || digests == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ rv = SECITEM_CopyItem(cinfo->poolp, digest, digestdata);
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ digests[0] = digest;
+ digests[1] = NULL;
+ } else {
+ digests = NULL;
+ }
+
+ *signerinfosp = signerinfos;
+ *digestalgsp = digestalgs;
+ *digestsp = digests;
+
+ PORT_ArenaUnmark(cinfo->poolp, mark);
+ return SECSuccess;
+}
+
+/*
+ * Helper function for creating an empty signedData.
+ */
+static SEC_PKCS7ContentInfo *
+sec_pkcs7_create_signed_data(SECKEYGetPasswordKey pwfn, void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ SEC_PKCS7SignedData *sigd;
+ SECStatus rv;
+
+ cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_SIGNED_DATA, PR_FALSE,
+ pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ sigd = cinfo->content.signedData;
+ PORT_Assert(sigd != NULL);
+
+ /*
+ * XXX Might we want to allow content types other than data?
+ * If so, via what interface?
+ */
+ rv = sec_pkcs7_init_content_info(&(sigd->contentInfo), cinfo->poolp,
+ SEC_OID_PKCS7_DATA, PR_TRUE);
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ return cinfo;
+}
+
+/*
+ * Start a PKCS7 signing context.
+ *
+ * "cert" is the cert that will be used to sign the data. It will be
+ * checked for validity.
+ *
+ * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
+ * XXX Maybe SECCertUsage should be split so that our caller just says
+ * "email" and *we* add the "signing" part -- otherwise our caller
+ * could be lying about the usage; we do not want to allow encryption
+ * certs for signing or vice versa.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
+ *
+ * "digest" is the actual digest of the data. It must be provided in
+ * the case of detached data or NULL if the content will be included.
+ *
+ * The return value can be passed to functions which add things to
+ * it like attributes, then eventually to SEC_PKCS7Encode() or to
+ * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
+ * SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateSignedData(CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb,
+ SECOidTag digestalg,
+ SECItem *digest,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ SECStatus rv;
+
+ cinfo = sec_pkcs7_create_signed_data(pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ rv = sec_pkcs7_add_signer(cinfo, cert, certusage, certdb,
+ digestalg, digest);
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ return cinfo;
+}
+
+static SEC_PKCS7Attribute *
+sec_pkcs7_create_attribute(PLArenaPool *poolp, SECOidTag oidtag,
+ SECItem *value, PRBool encoded)
+{
+ SEC_PKCS7Attribute *attr;
+ SECItem **values;
+ void *mark;
+
+ PORT_Assert(poolp != NULL);
+ mark = PORT_ArenaMark(poolp);
+
+ attr = (SEC_PKCS7Attribute *)PORT_ArenaAlloc(poolp,
+ sizeof(SEC_PKCS7Attribute));
+ if (attr == NULL)
+ goto loser;
+
+ attr->typeTag = SECOID_FindOIDByTag(oidtag);
+ if (attr->typeTag == NULL)
+ goto loser;
+
+ if (SECITEM_CopyItem(poolp, &(attr->type),
+ &(attr->typeTag->oid)) != SECSuccess)
+ goto loser;
+
+ values = (SECItem **)PORT_ArenaAlloc(poolp, 2 * sizeof(SECItem *));
+ if (values == NULL)
+ goto loser;
+
+ if (value != NULL) {
+ SECItem *copy;
+
+ copy = (SECItem *)PORT_ArenaAlloc(poolp, sizeof(SECItem));
+ if (copy == NULL)
+ goto loser;
+
+ if (SECITEM_CopyItem(poolp, copy, value) != SECSuccess)
+ goto loser;
+
+ value = copy;
+ }
+
+ values[0] = value;
+ values[1] = NULL;
+ attr->values = values;
+ attr->encoded = encoded;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return attr;
+
+loser:
+ PORT_Assert(mark != NULL);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+static SECStatus
+sec_pkcs7_add_attribute(SEC_PKCS7ContentInfo *cinfo,
+ SEC_PKCS7Attribute ***attrsp,
+ SEC_PKCS7Attribute *attr)
+{
+ SEC_PKCS7Attribute **attrs;
+ SECItem *ct_value;
+ void *mark;
+
+ PORT_Assert(SEC_PKCS7ContentType(cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
+ if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
+ return SECFailure;
+
+ attrs = *attrsp;
+ if (attrs != NULL) {
+ int count;
+
+ /*
+ * We already have some attributes, and just need to add this
+ * new one.
+ */
+
+ /*
+ * We should already have the *required* attributes, which were
+ * created/added at the same time the first attribute was added.
+ */
+ PORT_Assert(sec_PKCS7FindAttribute(attrs,
+ SEC_OID_PKCS9_CONTENT_TYPE,
+ PR_FALSE) != NULL);
+ PORT_Assert(sec_PKCS7FindAttribute(attrs,
+ SEC_OID_PKCS9_MESSAGE_DIGEST,
+ PR_FALSE) != NULL);
+
+ for (count = 0; attrs[count] != NULL; count++)
+ ;
+ attrs = (SEC_PKCS7Attribute **)PORT_ArenaGrow(cinfo->poolp, attrs,
+ (count + 1) * sizeof(SEC_PKCS7Attribute *),
+ (count + 2) * sizeof(SEC_PKCS7Attribute *));
+ if (attrs == NULL)
+ return SECFailure;
+
+ attrs[count] = attr;
+ attrs[count + 1] = NULL;
+ *attrsp = attrs;
+
+ return SECSuccess;
+ }
+
+ /*
+ * This is the first time an attribute is going in.
+ * We need to create and add the required attributes, and then
+ * we will also add in the one our caller gave us.
+ */
+
+ /*
+ * There are 2 required attributes, plus the one our caller wants
+ * to add, plus we always end with a NULL one. Thus, four slots.
+ */
+ attrs = (SEC_PKCS7Attribute **)PORT_ArenaAlloc(cinfo->poolp,
+ 4 * sizeof(SEC_PKCS7Attribute *));
+ if (attrs == NULL)
+ return SECFailure;
+
+ mark = PORT_ArenaMark(cinfo->poolp);
+
+ /*
+ * First required attribute is the content type of the data
+ * being signed.
+ */
+ ct_value = &(cinfo->content.signedData->contentInfo.contentType);
+ attrs[0] = sec_pkcs7_create_attribute(cinfo->poolp,
+ SEC_OID_PKCS9_CONTENT_TYPE,
+ ct_value, PR_FALSE);
+ /*
+ * Second required attribute is the message digest of the data
+ * being signed; we leave the value NULL for now (just create
+ * the place for it to go), and the encoder will fill it in later.
+ */
+ attrs[1] = sec_pkcs7_create_attribute(cinfo->poolp,
+ SEC_OID_PKCS9_MESSAGE_DIGEST,
+ NULL, PR_FALSE);
+ if (attrs[0] == NULL || attrs[1] == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ attrs[2] = attr;
+ attrs[3] = NULL;
+ *attrsp = attrs;
+
+ PORT_ArenaUnmark(cinfo->poolp, mark);
+ return SECSuccess;
+}
+
+/*
+ * Add the signing time to the authenticated (i.e. signed) attributes
+ * of "cinfo". This is expected to be included in outgoing signed
+ * messages for email (S/MIME) but is likely useful in other situations.
+ *
+ * This should only be added once; a second call will either do
+ * nothing or replace an old signing time with a newer one.
+ *
+ * XXX This will probably just shove the current time into "cinfo"
+ * but it will not actually get signed until the entire item is
+ * processed for encoding. Is this (expected to be small) delay okay?
+ *
+ * "cinfo" should be of type signedData (the only kind of pkcs7 data
+ * that is allowed authenticated attributes); SECFailure will be returned
+ * if it is not.
+ */
+SECStatus
+SEC_PKCS7AddSigningTime(SEC_PKCS7ContentInfo *cinfo)
+{
+ SEC_PKCS7SignerInfo **signerinfos;
+ SEC_PKCS7Attribute *attr;
+ SECItem stime;
+ SECStatus rv;
+ int si;
+
+ PORT_Assert(SEC_PKCS7ContentType(cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
+ if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
+ return SECFailure;
+
+ signerinfos = cinfo->content.signedData->signerInfos;
+
+ /* There has to be a signer, or it makes no sense. */
+ if (signerinfos == NULL || signerinfos[0] == NULL)
+ return SECFailure;
+
+ rv = DER_EncodeTimeChoice(NULL, &stime, PR_Now());
+ if (rv != SECSuccess)
+ return rv;
+
+ attr = sec_pkcs7_create_attribute(cinfo->poolp,
+ SEC_OID_PKCS9_SIGNING_TIME,
+ &stime, PR_FALSE);
+ SECITEM_FreeItem(&stime, PR_FALSE);
+
+ if (attr == NULL)
+ return SECFailure;
+
+ rv = SECSuccess;
+ for (si = 0; signerinfos[si] != NULL; si++) {
+ SEC_PKCS7Attribute *oattr;
+
+ oattr = sec_PKCS7FindAttribute(signerinfos[si]->authAttr,
+ SEC_OID_PKCS9_SIGNING_TIME, PR_FALSE);
+ PORT_Assert(oattr == NULL);
+ if (oattr != NULL)
+ continue; /* XXX or would it be better to replace it? */
+
+ rv = sec_pkcs7_add_attribute(cinfo, &(signerinfos[si]->authAttr),
+ attr);
+ if (rv != SECSuccess)
+ break; /* could try to continue, but may as well give up now */
+ }
+
+ return rv;
+}
+
+/*
+ * Add the specified attribute to the authenticated (i.e. signed) attributes
+ * of "cinfo" -- "oidtag" describes the attribute and "value" is the
+ * value to be associated with it. NOTE! "value" must already be encoded;
+ * no interpretation of "oidtag" is done. Also, it is assumed that this
+ * signedData has only one signer -- if we ever need to add attributes
+ * when there is more than one signature, we need a way to specify *which*
+ * signature should get the attribute.
+ *
+ * XXX Technically, a signed attribute can have multiple values; if/when
+ * we ever need to support an attribute which takes multiple values, we
+ * either need to change this interface or create an AddSignedAttributeValue
+ * which can be called subsequently, and would then append a value.
+ *
+ * "cinfo" should be of type signedData (the only kind of pkcs7 data
+ * that is allowed authenticated attributes); SECFailure will be returned
+ * if it is not.
+ */
+SECStatus
+SEC_PKCS7AddSignedAttribute(SEC_PKCS7ContentInfo *cinfo,
+ SECOidTag oidtag,
+ SECItem *value)
+{
+ SEC_PKCS7SignerInfo **signerinfos;
+ SEC_PKCS7Attribute *attr;
+
+ PORT_Assert(SEC_PKCS7ContentType(cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
+ if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
+ return SECFailure;
+
+ signerinfos = cinfo->content.signedData->signerInfos;
+
+ /*
+ * No signature or more than one means no deal.
+ */
+ if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
+ return SECFailure;
+
+ attr = sec_pkcs7_create_attribute(cinfo->poolp, oidtag, value, PR_TRUE);
+ if (attr == NULL)
+ return SECFailure;
+
+ return sec_pkcs7_add_attribute(cinfo, &(signerinfos[0]->authAttr), attr);
+}
+
+/*
+ * Mark that the signer certificates and their issuing chain should
+ * be included in the encoded data. This is expected to be used
+ * in outgoing signed messages for email (S/MIME).
+ *
+ * "certdb" is the cert database to use for finding the chain.
+ * It can be NULL, meaning use the default database.
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+SECStatus
+SEC_PKCS7IncludeCertChain(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertDBHandle *certdb)
+{
+ SECOidTag kind;
+ SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ signerinfos = cinfo->content.signedData->signerInfos;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
+ break;
+ default:
+ return SECFailure; /* XXX set an error? */
+ }
+
+ if (signerinfos == NULL) /* no signer, no certs? */
+ return SECFailure; /* XXX set an error? */
+
+ if (certdb == NULL) {
+ certdb = CERT_GetDefaultCertDB();
+ if (certdb == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return SECFailure;
+ }
+ }
+
+ /* XXX Should it be an error if we find no signerinfo or no certs? */
+ while ((signerinfo = *signerinfos++) != NULL) {
+ if (signerinfo->cert != NULL)
+ /* get the cert chain. don't send the root to avoid contamination
+ * of old clients with a new root that they don't trust
+ */
+ signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert,
+ certUsageEmailSigner,
+ PR_FALSE);
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Helper function to add a certificate chain for inclusion in the
+ * bag of certificates in a signedData.
+ */
+static SECStatus
+sec_pkcs7_add_cert_chain(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ CERTCertDBHandle *certdb)
+{
+ SECOidTag kind;
+ CERTCertificateList *certlist, **certlists, ***certlistsp;
+ int count;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ certlistsp = &(sdp->certLists);
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ certlistsp = &(saedp->certLists);
+ } break;
+ default:
+ return SECFailure; /* XXX set an error? */
+ }
+
+ if (certdb == NULL) {
+ certdb = CERT_GetDefaultCertDB();
+ if (certdb == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return SECFailure;
+ }
+ }
+
+ certlist = CERT_CertChainFromCert(cert, certUsageEmailSigner, PR_FALSE);
+ if (certlist == NULL)
+ return SECFailure;
+
+ certlists = *certlistsp;
+ if (certlists == NULL) {
+ count = 0;
+ certlists = (CERTCertificateList **)PORT_ArenaAlloc(cinfo->poolp,
+ 2 * sizeof(CERTCertificateList *));
+ } else {
+ for (count = 0; certlists[count] != NULL; count++)
+ ;
+ PORT_Assert(count); /* should be at least one already */
+ certlists = (CERTCertificateList **)PORT_ArenaGrow(cinfo->poolp,
+ certlists,
+ (count + 1) * sizeof(CERTCertificateList *),
+ (count + 2) * sizeof(CERTCertificateList *));
+ }
+
+ if (certlists == NULL) {
+ CERT_DestroyCertificateList(certlist);
+ return SECFailure;
+ }
+
+ certlists[count] = certlist;
+ certlists[count + 1] = NULL;
+
+ *certlistsp = certlists;
+
+ return SECSuccess;
+}
+
+/*
+ * Helper function to add a certificate for inclusion in the bag of
+ * certificates in a signedData.
+ */
+static SECStatus
+sec_pkcs7_add_certificate(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert)
+{
+ SECOidTag kind;
+ CERTCertificate **certs, ***certsp;
+ int count;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ certsp = &(sdp->certs);
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ certsp = &(saedp->certs);
+ } break;
+ default:
+ return SECFailure; /* XXX set an error? */
+ }
+
+ cert = CERT_DupCertificate(cert);
+ if (cert == NULL)
+ return SECFailure;
+
+ certs = *certsp;
+ if (certs == NULL) {
+ count = 0;
+ certs = (CERTCertificate **)PORT_ArenaAlloc(cinfo->poolp,
+ 2 * sizeof(CERTCertificate *));
+ } else {
+ for (count = 0; certs[count] != NULL; count++)
+ ;
+ PORT_Assert(count); /* should be at least one already */
+ certs = (CERTCertificate **)PORT_ArenaGrow(cinfo->poolp, certs,
+ (count + 1) * sizeof(CERTCertificate *),
+ (count + 2) * sizeof(CERTCertificate *));
+ }
+
+ if (certs == NULL) {
+ CERT_DestroyCertificate(cert);
+ return SECFailure;
+ }
+
+ certs[count] = cert;
+ certs[count + 1] = NULL;
+
+ *certsp = certs;
+
+ return SECSuccess;
+}
+
+/*
+ * Create a PKCS7 certs-only container.
+ *
+ * "cert" is the (first) cert that will be included.
+ *
+ * "include_chain" specifies whether the entire chain for "cert" should
+ * be included.
+ *
+ * "certdb" is the cert database to use for finding the chain.
+ * It can be NULL in when "include_chain" is false, or when meaning
+ * use the default database.
+ *
+ * More certs and chains can be added via AddCertificate and AddCertChain.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateCertsOnly(CERTCertificate *cert,
+ PRBool include_chain,
+ CERTCertDBHandle *certdb)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ SECStatus rv;
+
+ cinfo = sec_pkcs7_create_signed_data(NULL, NULL);
+ if (cinfo == NULL)
+ return NULL;
+
+ if (include_chain)
+ rv = sec_pkcs7_add_cert_chain(cinfo, cert, certdb);
+ else
+ rv = sec_pkcs7_add_certificate(cinfo, cert);
+
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ return cinfo;
+}
+
+/*
+ * Add "cert" and its entire chain to the set of certs included in "cinfo".
+ *
+ * "certdb" is the cert database to use for finding the chain.
+ * It can be NULL, meaning use the default database.
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+SECStatus
+SEC_PKCS7AddCertChain(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ CERTCertDBHandle *certdb)
+{
+ SECOidTag kind;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ if (kind != SEC_OID_PKCS7_SIGNED_DATA && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
+ return SECFailure; /* XXX set an error? */
+
+ return sec_pkcs7_add_cert_chain(cinfo, cert, certdb);
+}
+
+/*
+ * Add "cert" to the set of certs included in "cinfo".
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+SECStatus
+SEC_PKCS7AddCertificate(SEC_PKCS7ContentInfo *cinfo, CERTCertificate *cert)
+{
+ SECOidTag kind;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ if (kind != SEC_OID_PKCS7_SIGNED_DATA && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
+ return SECFailure; /* XXX set an error? */
+
+ return sec_pkcs7_add_certificate(cinfo, cert);
+}
+
+static SECStatus
+sec_pkcs7_init_encrypted_content_info(SEC_PKCS7EncryptedContentInfo *enccinfo,
+ PLArenaPool *poolp,
+ SECOidTag kind, PRBool detached,
+ SECOidTag encalg, int keysize)
+{
+ SECStatus rv;
+
+ PORT_Assert(enccinfo != NULL && poolp != NULL);
+ if (enccinfo == NULL || poolp == NULL)
+ return SECFailure;
+
+ /*
+ * XXX Some day we may want to allow for other kinds. That needs
+ * more work and modifications to the creation interface, etc.
+ * For now, allow but notice callers who pass in other kinds.
+ * They are responsible for creating the inner type and encoding,
+ * if it is other than DATA.
+ */
+ PORT_Assert(kind == SEC_OID_PKCS7_DATA);
+
+ enccinfo->contentTypeTag = SECOID_FindOIDByTag(kind);
+ PORT_Assert(enccinfo->contentTypeTag && enccinfo->contentTypeTag->offset == kind);
+
+ rv = SECITEM_CopyItem(poolp, &(enccinfo->contentType),
+ &(enccinfo->contentTypeTag->oid));
+ if (rv != SECSuccess)
+ return rv;
+
+ /* Save keysize and algorithm for later. */
+ enccinfo->keysize = keysize;
+ enccinfo->encalg = encalg;
+
+ return SECSuccess;
+}
+
+/*
+ * Add a recipient to a PKCS7 thing, verifying their cert first.
+ * Any error returns SECFailure.
+ */
+static SECStatus
+sec_pkcs7_add_recipient(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb)
+{
+ SECOidTag kind;
+ SEC_PKCS7RecipientInfo *recipientinfo, **recipientinfos, ***recipientinfosp;
+ SECItem *dummy;
+ void *mark;
+ int count;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_ENVELOPED_DATA: {
+ SEC_PKCS7EnvelopedData *edp;
+
+ edp = cinfo->content.envelopedData;
+ recipientinfosp = &(edp->recipientInfos);
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ recipientinfosp = &(saedp->recipientInfos);
+ } break;
+ default:
+ return SECFailure; /* XXX set an error? */
+ }
+
+ /*
+ * XXX I think that CERT_VerifyCert should do this if *it* is passed
+ * a NULL database.
+ */
+ if (certdb == NULL) {
+ certdb = CERT_GetDefaultCertDB();
+ if (certdb == NULL)
+ return SECFailure; /* XXX set an error? */
+ }
+
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, PR_Now(),
+ cinfo->pwfn_arg, NULL) != SECSuccess) {
+ /* XXX Did CERT_VerifyCert set an error? */
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(cinfo->poolp);
+
+ recipientinfo = (SEC_PKCS7RecipientInfo *)PORT_ArenaZAlloc(cinfo->poolp,
+ sizeof(SEC_PKCS7RecipientInfo));
+ if (recipientinfo == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ dummy = SEC_ASN1EncodeInteger(cinfo->poolp, &recipientinfo->version,
+ SEC_PKCS7_RECIPIENT_INFO_VERSION);
+ if (dummy == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+ PORT_Assert(dummy == &recipientinfo->version);
+
+ recipientinfo->cert = CERT_DupCertificate(cert);
+ if (recipientinfo->cert == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ recipientinfo->issuerAndSN = CERT_GetCertIssuerAndSN(cinfo->poolp, cert);
+ if (recipientinfo->issuerAndSN == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ /*
+ * Okay, now recipientinfo is all set. We just need to put it into
+ * the main structure.
+ *
+ * If this is the first recipient, allocate a new recipientinfos array;
+ * otherwise, reallocate the array, making room for the new entry.
+ */
+ recipientinfos = *recipientinfosp;
+ if (recipientinfos == NULL) {
+ count = 0;
+ recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaAlloc(
+ cinfo->poolp,
+ 2 * sizeof(SEC_PKCS7RecipientInfo *));
+ } else {
+ for (count = 0; recipientinfos[count] != NULL; count++)
+ ;
+ PORT_Assert(count); /* should be at least one already */
+ recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaGrow(
+ cinfo->poolp, recipientinfos,
+ (count + 1) * sizeof(SEC_PKCS7RecipientInfo *),
+ (count + 2) * sizeof(SEC_PKCS7RecipientInfo *));
+ }
+
+ if (recipientinfos == NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ return SECFailure;
+ }
+
+ recipientinfos[count] = recipientinfo;
+ recipientinfos[count + 1] = NULL;
+
+ *recipientinfosp = recipientinfos;
+
+ PORT_ArenaUnmark(cinfo->poolp, mark);
+ return SECSuccess;
+}
+
+/*
+ * Start a PKCS7 enveloping context.
+ *
+ * "cert" is the cert for the recipient. It will be checked for validity.
+ *
+ * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
+ * XXX Maybe SECCertUsage should be split so that our caller just says
+ * "email" and *we* add the "recipient" part -- otherwise our caller
+ * could be lying about the usage; we do not want to allow encryption
+ * certs for signing or vice versa.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
+ *
+ * "keysize" specifies the bulk encryption key size, in bits.
+ *
+ * The return value can be passed to functions which add things to
+ * it like more recipients, then eventually to SEC_PKCS7Encode() or to
+ * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
+ * SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateEnvelopedData(CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb,
+ SECOidTag encalg,
+ int keysize,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ SEC_PKCS7EnvelopedData *envd;
+ SECStatus rv;
+
+ cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_ENVELOPED_DATA,
+ PR_FALSE, pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ rv = sec_pkcs7_add_recipient(cinfo, cert, certusage, certdb);
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ envd = cinfo->content.envelopedData;
+ PORT_Assert(envd != NULL);
+
+ /*
+ * XXX Might we want to allow content types other than data?
+ * If so, via what interface?
+ */
+ rv = sec_pkcs7_init_encrypted_content_info(&(envd->encContentInfo),
+ cinfo->poolp,
+ SEC_OID_PKCS7_DATA, PR_FALSE,
+ encalg, keysize);
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ /* XXX Anything more to do here? */
+
+ return cinfo;
+}
+
+/*
+ * Add another recipient to an encrypted message.
+ *
+ * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ *
+ * "cert" is the cert for the recipient. It will be checked for validity.
+ *
+ * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
+ * XXX Maybe SECCertUsage should be split so that our caller just says
+ * "email" and *we* add the "recipient" part -- otherwise our caller
+ * could be lying about the usage; we do not want to allow encryption
+ * certs for signing or vice versa.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ */
+SECStatus
+SEC_PKCS7AddRecipient(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb)
+{
+ return sec_pkcs7_add_recipient(cinfo, cert, certusage, certdb);
+}
+
+/*
+ * Create an empty PKCS7 data content info.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateData(void)
+{
+ return sec_pkcs7_create_content_info(SEC_OID_PKCS7_DATA, PR_FALSE,
+ NULL, NULL);
+}
+
+/*
+ * Create an empty PKCS7 encrypted content info.
+ *
+ * "algorithm" specifies the bulk encryption algorithm to use.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateEncryptedData(SECOidTag algorithm, int keysize,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ SECAlgorithmID *algid;
+ SEC_PKCS7EncryptedData *enc_data;
+ SECStatus rv;
+
+ cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_ENCRYPTED_DATA,
+ PR_FALSE, pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ enc_data = cinfo->content.encryptedData;
+ algid = &(enc_data->encContentInfo.contentEncAlg);
+
+ if (!SEC_PKCS5IsAlgorithmPBEAlgTag(algorithm)) {
+ rv = SECOID_SetAlgorithmID(cinfo->poolp, algid, algorithm, NULL);
+ } else {
+ /* Assume password-based-encryption.
+ * Note: we can't generate pkcs5v2 from this interface.
+ * PK11_CreateBPEAlgorithmID generates pkcs5v2 by accepting
+ * non-PBE oids and assuming that they are pkcs5v2 oids, but
+ * NSS_CMSEncryptedData_Create accepts non-PBE oids as regular
+ * CMS encrypted data, so we can't tell SEC_PKCS7CreateEncryptedtedData
+ * to create pkcs5v2 PBEs */
+ SECAlgorithmID *pbe_algid;
+ pbe_algid = PK11_CreatePBEAlgorithmID(algorithm,
+ NSS_PBE_DEFAULT_ITERATION_COUNT,
+ NULL);
+ if (pbe_algid == NULL) {
+ rv = SECFailure;
+ } else {
+ rv = SECOID_CopyAlgorithmID(cinfo->poolp, algid, pbe_algid);
+ SECOID_DestroyAlgorithmID(pbe_algid, PR_TRUE);
+ }
+ }
+
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ rv = sec_pkcs7_init_encrypted_content_info(&(enc_data->encContentInfo),
+ cinfo->poolp,
+ SEC_OID_PKCS7_DATA, PR_FALSE,
+ algorithm, keysize);
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ return cinfo;
+}
diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c
new file mode 100644
index 000000000..658c61e44
--- /dev/null
+++ b/security/nss/lib/pkcs7/p7decode.c
@@ -0,0 +1,1914 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * PKCS7 decoding, verification.
+ */
+
+#include "p7local.h"
+
+#include "cert.h"
+/* XXX do not want to have to include */
+#include "certdb.h" /* certdb.h -- the trust stuff needed by */
+ /* the add certificate code needs to get */
+ /* rewritten/abstracted and then this */
+ /* include should be removed! */
+/*#include "cdbhdl.h" */
+#include "cryptohi.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+#include "sechash.h" /* for HASH_GetHashObject() */
+#include "secder.h"
+#include "secpkcs5.h"
+
+struct sec_pkcs7_decoder_worker {
+ int depth;
+ int digcnt;
+ void **digcxs;
+ const SECHashObject **digobjs;
+ sec_PKCS7CipherObject *decryptobj;
+ PRBool saw_contents;
+};
+
+struct SEC_PKCS7DecoderContextStr {
+ SEC_ASN1DecoderContext *dcx;
+ SEC_PKCS7ContentInfo *cinfo;
+ SEC_PKCS7DecoderContentCallback cb;
+ void *cb_arg;
+ SECKEYGetPasswordKey pwfn;
+ void *pwfn_arg;
+ struct sec_pkcs7_decoder_worker worker;
+ PLArenaPool *tmp_poolp;
+ int error;
+ SEC_PKCS7GetDecryptKeyCallback dkcb;
+ void *dkcb_arg;
+ SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb;
+};
+
+/*
+ * Handle one worker, decrypting and digesting the data as necessary.
+ *
+ * XXX If/when we support nested contents, this probably needs to be
+ * revised somewhat to get passed the content-info (which unfortunately
+ * can be two different types depending on whether it is encrypted or not)
+ * corresponding to the given worker.
+ */
+static void
+sec_pkcs7_decoder_work_data(SEC_PKCS7DecoderContext *p7dcx,
+ struct sec_pkcs7_decoder_worker *worker,
+ const unsigned char *data, unsigned long len,
+ PRBool final)
+{
+ unsigned char *buf = NULL;
+ SECStatus rv;
+ int i;
+
+ /*
+ * We should really have data to process, or we should be trying
+ * to finish/flush the last block. (This is an overly paranoid
+ * check since all callers are in this file and simple inspection
+ * proves they do it right. But it could find a bug in future
+ * modifications/development, that is why it is here.)
+ */
+ PORT_Assert((data != NULL && len) || final);
+
+ /*
+ * Decrypt this chunk.
+ *
+ * XXX If we get an error, we do not want to do the digest or callback,
+ * but we want to keep decoding. Or maybe we want to stop decoding
+ * altogether if there is a callback, because obviously we are not
+ * sending the data back and they want to know that.
+ */
+ if (worker->decryptobj != NULL) {
+ /* XXX the following lengths should all be longs? */
+ unsigned int inlen; /* length of data being decrypted */
+ unsigned int outlen; /* length of decrypted data */
+ unsigned int buflen; /* length available for decrypted data */
+ SECItem *plain;
+
+ inlen = len;
+ buflen = sec_PKCS7DecryptLength(worker->decryptobj, inlen, final);
+ if (buflen == 0) {
+ if (inlen == 0) /* no input and no output */
+ return;
+ /*
+ * No output is expected, but the input data may be buffered
+ * so we still have to call Decrypt.
+ */
+ rv = sec_PKCS7Decrypt(worker->decryptobj, NULL, NULL, 0,
+ data, inlen, final);
+ if (rv != SECSuccess) {
+ p7dcx->error = PORT_GetError();
+ return; /* XXX indicate error? */
+ }
+ return;
+ }
+
+ if (p7dcx->cb != NULL) {
+ buf = (unsigned char *)PORT_Alloc(buflen);
+ plain = NULL;
+ } else {
+ unsigned long oldlen;
+
+ /*
+ * XXX This assumes one level of content only.
+ * See comment above about nested content types.
+ * XXX Also, it should work for signedAndEnvelopedData, too!
+ */
+ plain = &(p7dcx->cinfo->content.envelopedData->encContentInfo.plainContent);
+
+ oldlen = plain->len;
+ if (oldlen == 0) {
+ buf = (unsigned char *)PORT_ArenaAlloc(p7dcx->cinfo->poolp,
+ buflen);
+ } else {
+ buf = (unsigned char *)PORT_ArenaGrow(p7dcx->cinfo->poolp,
+ plain->data,
+ oldlen, oldlen + buflen);
+ if (buf != NULL)
+ buf += oldlen;
+ }
+ plain->data = buf;
+ }
+ if (buf == NULL) {
+ p7dcx->error = SEC_ERROR_NO_MEMORY;
+ return; /* XXX indicate error? */
+ }
+ rv = sec_PKCS7Decrypt(worker->decryptobj, buf, &outlen, buflen,
+ data, inlen, final);
+ if (rv != SECSuccess) {
+ p7dcx->error = PORT_GetError();
+ return; /* XXX indicate error? */
+ }
+ if (plain != NULL) {
+ PORT_Assert(final || outlen == buflen);
+ plain->len += outlen;
+ }
+ data = buf;
+ len = outlen;
+ }
+
+ /*
+ * Update the running digests.
+ */
+ if (len) {
+ for (i = 0; i < worker->digcnt; i++) {
+ (*worker->digobjs[i]->update)(worker->digcxs[i], data, len);
+ }
+ }
+
+ /*
+ * Pass back the contents bytes, and free the temporary buffer.
+ */
+ if (p7dcx->cb != NULL) {
+ if (len)
+ (*p7dcx->cb)(p7dcx->cb_arg, (const char *)data, len);
+ if (worker->decryptobj != NULL) {
+ PORT_Assert(buf != NULL);
+ PORT_Free(buf);
+ }
+ }
+}
+
+static void
+sec_pkcs7_decoder_filter(void *arg, const char *data, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ SEC_PKCS7DecoderContext *p7dcx;
+ struct sec_pkcs7_decoder_worker *worker;
+
+ /*
+ * Since we do not handle any nested contents, the only bytes we
+ * are really interested in are the actual contents bytes (not
+ * the identifier, length, or end-of-contents bytes). If we were
+ * handling nested types we would probably need to do something
+ * smarter based on depth and data_kind.
+ */
+ if (data_kind != SEC_ASN1_Contents)
+ return;
+
+ /*
+ * The ASN.1 decoder should not even call us with a length of 0.
+ * Just being paranoid.
+ */
+ PORT_Assert(len);
+ if (len == 0)
+ return;
+
+ p7dcx = (SEC_PKCS7DecoderContext *)arg;
+
+ /*
+ * Handling nested contents would mean that there is a chain
+ * of workers -- one per each level of content. The following
+ * would start with the first worker and loop over them.
+ */
+ worker = &(p7dcx->worker);
+
+ worker->saw_contents = PR_TRUE;
+
+ sec_pkcs7_decoder_work_data(p7dcx, worker,
+ (const unsigned char *)data, len, PR_FALSE);
+}
+
+/*
+ * Create digest contexts for each algorithm in "digestalgs".
+ * No algorithms is not an error, we just do not do anything.
+ * An error (like trouble allocating memory), marks the error
+ * in "p7dcx" and returns SECFailure, which means that our caller
+ * should just give up altogether.
+ */
+static SECStatus
+sec_pkcs7_decoder_start_digests(SEC_PKCS7DecoderContext *p7dcx, int depth,
+ SECAlgorithmID **digestalgs)
+{
+ int i, digcnt;
+
+ if (digestalgs == NULL)
+ return SECSuccess;
+
+ /*
+ * Count the algorithms.
+ */
+ digcnt = 0;
+ while (digestalgs[digcnt] != NULL)
+ digcnt++;
+
+ /*
+ * No algorithms means no work to do.
+ * Just act as if there were no algorithms specified.
+ */
+ if (digcnt == 0)
+ return SECSuccess;
+
+ p7dcx->worker.digcxs = (void **)PORT_ArenaAlloc(p7dcx->tmp_poolp,
+ digcnt * sizeof(void *));
+ p7dcx->worker.digobjs = (const SECHashObject **)PORT_ArenaAlloc(p7dcx->tmp_poolp,
+ digcnt * sizeof(SECHashObject *));
+ if (p7dcx->worker.digcxs == NULL || p7dcx->worker.digobjs == NULL) {
+ p7dcx->error = SEC_ERROR_NO_MEMORY;
+ return SECFailure;
+ }
+
+ p7dcx->worker.depth = depth;
+ p7dcx->worker.digcnt = 0;
+
+ /*
+ * Create a digest context for each algorithm.
+ */
+ for (i = 0; i < digcnt; i++) {
+ SECAlgorithmID *algid = digestalgs[i];
+ SECOidTag oidTag = SECOID_FindOIDTag(&(algid->algorithm));
+ const SECHashObject *digobj = HASH_GetHashObjectByOidTag(oidTag);
+ void *digcx;
+
+ /*
+ * Skip any algorithm we do not even recognize; obviously,
+ * this could be a problem, but if it is critical then the
+ * result will just be that the signature does not verify.
+ * We do not necessarily want to error out here, because
+ * the particular algorithm may not actually be important,
+ * but we cannot know that until later.
+ */
+ if (digobj == NULL) {
+ p7dcx->worker.digcnt--;
+ continue;
+ }
+
+ digcx = (*digobj->create)();
+ if (digcx != NULL) {
+ (*digobj->begin)(digcx);
+ p7dcx->worker.digobjs[p7dcx->worker.digcnt] = digobj;
+ p7dcx->worker.digcxs[p7dcx->worker.digcnt] = digcx;
+ p7dcx->worker.digcnt++;
+ }
+ }
+
+ if (p7dcx->worker.digcnt != 0)
+ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
+ sec_pkcs7_decoder_filter,
+ p7dcx,
+ (PRBool)(p7dcx->cb != NULL));
+ return SECSuccess;
+}
+
+/*
+ * Close out all of the digest contexts, storing the results in "digestsp".
+ */
+static SECStatus
+sec_pkcs7_decoder_finish_digests(SEC_PKCS7DecoderContext *p7dcx,
+ PLArenaPool *poolp,
+ SECItem ***digestsp)
+{
+ struct sec_pkcs7_decoder_worker *worker;
+ const SECHashObject *digobj;
+ void *digcx;
+ SECItem **digests, *digest;
+ int i;
+ void *mark;
+
+ /*
+ * XXX Handling nested contents would mean that there is a chain
+ * of workers -- one per each level of content. The following
+ * would want to find the last worker in the chain.
+ */
+ worker = &(p7dcx->worker);
+
+ /*
+ * If no digests, then we have nothing to do.
+ */
+ if (worker->digcnt == 0)
+ return SECSuccess;
+
+ /*
+ * No matter what happens after this, we want to stop filtering.
+ * XXX If we handle nested contents, we only want to stop filtering
+ * if we are finishing off the *last* worker.
+ */
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+
+ /*
+ * If we ended up with no contents, just destroy each
+ * digest context -- they are meaningless and potentially
+ * confusing, because their presence would imply some content
+ * was digested.
+ */
+ if (!worker->saw_contents) {
+ for (i = 0; i < worker->digcnt; i++) {
+ digcx = worker->digcxs[i];
+ digobj = worker->digobjs[i];
+ (*digobj->destroy)(digcx, PR_TRUE);
+ }
+ return SECSuccess;
+ }
+
+ mark = PORT_ArenaMark(poolp);
+
+ /*
+ * Close out each digest context, saving digest away.
+ */
+ digests =
+ (SECItem **)PORT_ArenaAlloc(poolp, (worker->digcnt + 1) * sizeof(SECItem *));
+ digest = (SECItem *)PORT_ArenaAlloc(poolp, worker->digcnt * sizeof(SECItem));
+ if (digests == NULL || digest == NULL) {
+ p7dcx->error = PORT_GetError();
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+ }
+
+ for (i = 0; i < worker->digcnt; i++, digest++) {
+ digcx = worker->digcxs[i];
+ digobj = worker->digobjs[i];
+
+ digest->data = (unsigned char *)PORT_ArenaAlloc(poolp, digobj->length);
+ if (digest->data == NULL) {
+ p7dcx->error = PORT_GetError();
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+ }
+
+ digest->len = digobj->length;
+ (*digobj->end)(digcx, digest->data, &(digest->len), digest->len);
+ (*digobj->destroy)(digcx, PR_TRUE);
+
+ digests[i] = digest;
+ }
+ digests[i] = NULL;
+ *digestsp = digests;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+}
+
+/*
+ * XXX Need comment explaining following helper function (which is used
+ * by sec_pkcs7_decoder_start_decrypt).
+ */
+
+static PK11SymKey *
+sec_pkcs7_decoder_get_recipient_key(SEC_PKCS7DecoderContext *p7dcx,
+ SEC_PKCS7RecipientInfo **recipientinfos,
+ SEC_PKCS7EncryptedContentInfo *enccinfo)
+{
+ SEC_PKCS7RecipientInfo *ri;
+ CERTCertificate *cert = NULL;
+ SECKEYPrivateKey *privkey = NULL;
+ PK11SymKey *bulkkey = NULL;
+ SECOidTag keyalgtag, bulkalgtag, encalgtag;
+ PK11SlotInfo *slot = NULL;
+
+ if (recipientinfos == NULL || recipientinfos[0] == NULL) {
+ p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
+ goto no_key_found;
+ }
+
+ cert = PK11_FindCertAndKeyByRecipientList(&slot, recipientinfos, &ri,
+ &privkey, p7dcx->pwfn_arg);
+ if (cert == NULL) {
+ p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
+ goto no_key_found;
+ }
+
+ ri->cert = cert; /* so we can find it later */
+ PORT_Assert(privkey != NULL);
+
+ keyalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->keyEncAlg));
+ if (keyalgtag != encalgtag) {
+ p7dcx->error = SEC_ERROR_PKCS7_KEYALG_MISMATCH;
+ goto no_key_found;
+ }
+ bulkalgtag = SECOID_GetAlgorithmTag(&(enccinfo->contentEncAlg));
+
+ switch (encalgtag) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ bulkkey = PK11_PubUnwrapSymKey(privkey, &ri->encKey,
+ PK11_AlgtagToMechanism(bulkalgtag),
+ CKA_DECRYPT, 0);
+ if (bulkkey == NULL) {
+ p7dcx->error = PORT_GetError();
+ PORT_SetError(0);
+ goto no_key_found;
+ }
+ break;
+ default:
+ p7dcx->error = SEC_ERROR_UNSUPPORTED_KEYALG;
+ break;
+ }
+
+no_key_found:
+ if (privkey != NULL)
+ SECKEY_DestroyPrivateKey(privkey);
+ if (slot != NULL)
+ PK11_FreeSlot(slot);
+
+ return bulkkey;
+}
+
+/*
+ * XXX The following comment is old -- the function used to only handle
+ * EnvelopedData or SignedAndEnvelopedData but now handles EncryptedData
+ * as well (and it had all of the code of the helper function above
+ * built into it), though the comment was left as is. Fix it...
+ *
+ * We are just about to decode the content of an EnvelopedData.
+ * Set up a decryption context so we can decrypt as we go.
+ * Presumably we are one of the recipients listed in "recipientinfos".
+ * (XXX And if we are not, or if we have trouble, what should we do?
+ * It would be nice to let the decoding still work. Maybe it should
+ * be an error if there is a content callback, but not an error otherwise?)
+ * The encryption key and related information can be found in "enccinfo".
+ */
+static SECStatus
+sec_pkcs7_decoder_start_decrypt(SEC_PKCS7DecoderContext *p7dcx, int depth,
+ SEC_PKCS7RecipientInfo **recipientinfos,
+ SEC_PKCS7EncryptedContentInfo *enccinfo,
+ PK11SymKey **copy_key_for_signature)
+{
+ PK11SymKey *bulkkey = NULL;
+ sec_PKCS7CipherObject *decryptobj;
+
+ /*
+ * If a callback is supplied to retrieve the encryption key,
+ * for instance, for Encrypted Content infos, then retrieve
+ * the bulkkey from the callback. Otherwise, assume that
+ * we are processing Enveloped or SignedAndEnveloped data
+ * content infos.
+ *
+ * XXX Put an assert here?
+ */
+ if (SEC_PKCS7ContentType(p7dcx->cinfo) == SEC_OID_PKCS7_ENCRYPTED_DATA) {
+ if (p7dcx->dkcb != NULL) {
+ bulkkey = (*p7dcx->dkcb)(p7dcx->dkcb_arg,
+ &(enccinfo->contentEncAlg));
+ }
+ enccinfo->keysize = 0;
+ } else {
+ bulkkey = sec_pkcs7_decoder_get_recipient_key(p7dcx, recipientinfos,
+ enccinfo);
+ if (bulkkey == NULL)
+ goto no_decryption;
+ enccinfo->keysize = PK11_GetKeyStrength(bulkkey,
+ &(enccinfo->contentEncAlg));
+ }
+
+ /*
+ * XXX I think following should set error in p7dcx and clear set error
+ * (as used to be done here, or as is done in get_receipient_key above.
+ */
+ if (bulkkey == NULL) {
+ goto no_decryption;
+ }
+
+ /*
+ * We want to make sure decryption is allowed. This is done via
+ * a callback specified in SEC_PKCS7DecoderStart().
+ */
+ if (p7dcx->decrypt_allowed_cb) {
+ if ((*p7dcx->decrypt_allowed_cb)(&(enccinfo->contentEncAlg),
+ bulkkey) == PR_FALSE) {
+ p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
+ goto no_decryption;
+ }
+ } else {
+ p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
+ goto no_decryption;
+ }
+
+ /*
+ * When decrypting a signedAndEnvelopedData, the signature also has
+ * to be decrypted with the bulk encryption key; to avoid having to
+ * get it all over again later (and do another potentially expensive
+ * RSA operation), copy it for later signature verification to use.
+ */
+ if (copy_key_for_signature != NULL)
+ *copy_key_for_signature = PK11_ReferenceSymKey(bulkkey);
+
+ /*
+ * Now we have the bulk encryption key (in bulkkey) and the
+ * the algorithm (in enccinfo->contentEncAlg). Using those,
+ * create a decryption context.
+ */
+ decryptobj = sec_PKCS7CreateDecryptObject(bulkkey,
+ &(enccinfo->contentEncAlg));
+
+ /*
+ * We are done with (this) bulkkey now.
+ */
+ PK11_FreeSymKey(bulkkey);
+
+ if (decryptobj == NULL) {
+ p7dcx->error = PORT_GetError();
+ PORT_SetError(0);
+ goto no_decryption;
+ }
+
+ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
+ sec_pkcs7_decoder_filter,
+ p7dcx,
+ (PRBool)(p7dcx->cb != NULL));
+
+ p7dcx->worker.depth = depth;
+ p7dcx->worker.decryptobj = decryptobj;
+
+ return SECSuccess;
+
+no_decryption:
+ /*
+ * For some reason (error set already, if appropriate), we cannot
+ * decrypt the content. I am not sure what exactly is the right
+ * thing to do here; in some cases we want to just stop, and in
+ * others we want to let the decoding finish even though we cannot
+ * decrypt the content. My current thinking is that if the caller
+ * set up a content callback, then they are really interested in
+ * getting (decrypted) content, and if they cannot they will want
+ * to know about it. However, if no callback was specified, then
+ * maybe it is not important that the decryption failed.
+ */
+ if (p7dcx->cb != NULL)
+ return SECFailure;
+ else
+ return SECSuccess; /* Let the decoding continue. */
+}
+
+static SECStatus
+sec_pkcs7_decoder_finish_decrypt(SEC_PKCS7DecoderContext *p7dcx,
+ PLArenaPool *poolp,
+ SEC_PKCS7EncryptedContentInfo *enccinfo)
+{
+ struct sec_pkcs7_decoder_worker *worker;
+
+ /*
+ * XXX Handling nested contents would mean that there is a chain
+ * of workers -- one per each level of content. The following
+ * would want to find the last worker in the chain.
+ */
+ worker = &(p7dcx->worker);
+
+ /*
+ * If no decryption context, then we have nothing to do.
+ */
+ if (worker->decryptobj == NULL)
+ return SECSuccess;
+
+ /*
+ * No matter what happens after this, we want to stop filtering.
+ * XXX If we handle nested contents, we only want to stop filtering
+ * if we are finishing off the *last* worker.
+ */
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+
+ /*
+ * Handle the last block.
+ */
+ sec_pkcs7_decoder_work_data(p7dcx, worker, NULL, 0, PR_TRUE);
+
+ /*
+ * All done, destroy it.
+ */
+ sec_PKCS7DestroyDecryptObject(worker->decryptobj);
+ worker->decryptobj = NULL;
+
+ return SECSuccess;
+}
+
+static void
+sec_pkcs7_decoder_notify(void *arg, PRBool before, void *dest, int depth)
+{
+ SEC_PKCS7DecoderContext *p7dcx;
+ SEC_PKCS7ContentInfo *cinfo;
+ SEC_PKCS7SignedData *sigd;
+ SEC_PKCS7EnvelopedData *envd;
+ SEC_PKCS7SignedAndEnvelopedData *saed;
+ SEC_PKCS7EncryptedData *encd;
+ SEC_PKCS7DigestedData *digd;
+ PRBool after;
+ SECStatus rv;
+
+ /*
+ * Just to make the code easier to read, create an "after" variable
+ * that is equivalent to "not before".
+ * (This used to be just the statement "after = !before", but that
+ * causes a warning on the mac; to avoid that, we do it the long way.)
+ */
+ if (before)
+ after = PR_FALSE;
+ else
+ after = PR_TRUE;
+
+ p7dcx = (SEC_PKCS7DecoderContext *)arg;
+ if (!p7dcx) {
+ return;
+ }
+
+ cinfo = p7dcx->cinfo;
+
+ if (!cinfo) {
+ return;
+ }
+
+ if (cinfo->contentTypeTag == NULL) {
+ if (after && dest == &(cinfo->contentType))
+ cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
+ return;
+ }
+
+ switch (cinfo->contentTypeTag->offset) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ sigd = cinfo->content.signedData;
+ if (sigd == NULL)
+ break;
+
+ if (sigd->contentInfo.contentTypeTag == NULL) {
+ if (after && dest == &(sigd->contentInfo.contentType))
+ sigd->contentInfo.contentTypeTag =
+ SECOID_FindOID(&(sigd->contentInfo.contentType));
+ break;
+ }
+
+ /*
+ * We only set up a filtering digest if the content is
+ * plain DATA; anything else needs more work because a
+ * second pass is required to produce a DER encoding from
+ * an input that can be BER encoded. (This is a requirement
+ * of PKCS7 that is unfortunate, but there you have it.)
+ *
+ * XXX Also, since we stop here if this is not DATA, the
+ * inner content is not getting processed at all. Someday
+ * we may want to fix that.
+ */
+ if (sigd->contentInfo.contentTypeTag->offset != SEC_OID_PKCS7_DATA) {
+ /* XXX Set an error in p7dcx->error */
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ break;
+ }
+
+ /*
+ * Just before the content, we want to set up a digest context
+ * for each digest algorithm listed, and start a filter which
+ * will run all of the contents bytes through that digest.
+ */
+ if (before && dest == &(sigd->contentInfo.content)) {
+ rv = sec_pkcs7_decoder_start_digests(p7dcx, depth,
+ sigd->digestAlgorithms);
+ if (rv != SECSuccess)
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+
+ break;
+ }
+
+ /*
+ * XXX To handle nested types, here is where we would want
+ * to check for inner boundaries that need handling.
+ */
+
+ /*
+ * Are we done?
+ */
+ if (after && dest == &(sigd->contentInfo.content)) {
+ /*
+ * Close out the digest contexts. We ignore any error
+ * because we are stopping anyway; the error status left
+ * behind in p7dcx will be seen by outer functions.
+ */
+ (void)sec_pkcs7_decoder_finish_digests(p7dcx, cinfo->poolp,
+ &(sigd->digests));
+
+ /*
+ * XXX To handle nested contents, we would need to remove
+ * the worker from the chain (and free it).
+ */
+
+ /*
+ * Stop notify.
+ */
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ }
+ break;
+
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ envd = cinfo->content.envelopedData;
+ if (envd == NULL)
+ break;
+
+ if (envd->encContentInfo.contentTypeTag == NULL) {
+ if (after && dest == &(envd->encContentInfo.contentType))
+ envd->encContentInfo.contentTypeTag =
+ SECOID_FindOID(&(envd->encContentInfo.contentType));
+ break;
+ }
+
+ /*
+ * Just before the content, we want to set up a decryption
+ * context, and start a filter which will run all of the
+ * contents bytes through it to determine the plain content.
+ */
+ if (before && dest == &(envd->encContentInfo.encContent)) {
+ rv = sec_pkcs7_decoder_start_decrypt(p7dcx, depth,
+ envd->recipientInfos,
+ &(envd->encContentInfo),
+ NULL);
+ if (rv != SECSuccess)
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+
+ break;
+ }
+
+ /*
+ * Are we done?
+ */
+ if (after && dest == &(envd->encContentInfo.encContent)) {
+ /*
+ * Close out the decryption context. We ignore any error
+ * because we are stopping anyway; the error status left
+ * behind in p7dcx will be seen by outer functions.
+ */
+ (void)sec_pkcs7_decoder_finish_decrypt(p7dcx, cinfo->poolp,
+ &(envd->encContentInfo));
+
+ /*
+ * XXX To handle nested contents, we would need to remove
+ * the worker from the chain (and free it).
+ */
+
+ /*
+ * Stop notify.
+ */
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ }
+ break;
+
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ saed = cinfo->content.signedAndEnvelopedData;
+ if (saed == NULL)
+ break;
+
+ if (saed->encContentInfo.contentTypeTag == NULL) {
+ if (after && dest == &(saed->encContentInfo.contentType))
+ saed->encContentInfo.contentTypeTag =
+ SECOID_FindOID(&(saed->encContentInfo.contentType));
+ break;
+ }
+
+ /*
+ * Just before the content, we want to set up a decryption
+ * context *and* digest contexts, and start a filter which
+ * will run all of the contents bytes through both.
+ */
+ if (before && dest == &(saed->encContentInfo.encContent)) {
+ rv = sec_pkcs7_decoder_start_decrypt(p7dcx, depth,
+ saed->recipientInfos,
+ &(saed->encContentInfo),
+ &(saed->sigKey));
+ if (rv == SECSuccess)
+ rv = sec_pkcs7_decoder_start_digests(p7dcx, depth,
+ saed->digestAlgorithms);
+ if (rv != SECSuccess)
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+
+ break;
+ }
+
+ /*
+ * Are we done?
+ */
+ if (after && dest == &(saed->encContentInfo.encContent)) {
+ /*
+ * Close out the decryption and digests contexts.
+ * We ignore any errors because we are stopping anyway;
+ * the error status left behind in p7dcx will be seen by
+ * outer functions.
+ *
+ * Note that the decrypt stuff must be called first;
+ * it may have a last buffer to do which in turn has
+ * to be added to the digest.
+ */
+ (void)sec_pkcs7_decoder_finish_decrypt(p7dcx, cinfo->poolp,
+ &(saed->encContentInfo));
+ (void)sec_pkcs7_decoder_finish_digests(p7dcx, cinfo->poolp,
+ &(saed->digests));
+
+ /*
+ * XXX To handle nested contents, we would need to remove
+ * the worker from the chain (and free it).
+ */
+
+ /*
+ * Stop notify.
+ */
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ }
+ break;
+
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ digd = cinfo->content.digestedData;
+
+ /*
+ * XXX Want to do the digest or not? Maybe future enhancement...
+ */
+ if (before && dest == &(digd->contentInfo.content.data)) {
+ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx, sec_pkcs7_decoder_filter,
+ p7dcx,
+ (PRBool)(p7dcx->cb != NULL));
+ break;
+ }
+
+ /*
+ * Are we done?
+ */
+ if (after && dest == &(digd->contentInfo.content.data)) {
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+ }
+ break;
+
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ encd = cinfo->content.encryptedData;
+
+ if (!encd) {
+ break;
+ }
+
+ /*
+ * XXX If the decryption key callback is set, we want to start
+ * the decryption. If the callback is not set, we will treat the
+ * content as plain data, since we do not have the key.
+ *
+ * Is this the proper thing to do?
+ */
+ if (before && dest == &(encd->encContentInfo.encContent)) {
+ /*
+ * Start the encryption process if the decryption key callback
+ * is present. Otherwise, treat the content like plain data.
+ */
+ rv = SECSuccess;
+ if (p7dcx->dkcb != NULL) {
+ rv = sec_pkcs7_decoder_start_decrypt(p7dcx, depth, NULL,
+ &(encd->encContentInfo),
+ NULL);
+ }
+
+ if (rv != SECSuccess)
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+
+ break;
+ }
+
+ /*
+ * Are we done?
+ */
+ if (after && dest == &(encd->encContentInfo.encContent)) {
+ /*
+ * Close out the decryption context. We ignore any error
+ * because we are stopping anyway; the error status left
+ * behind in p7dcx will be seen by outer functions.
+ */
+ (void)sec_pkcs7_decoder_finish_decrypt(p7dcx, cinfo->poolp,
+ &(encd->encContentInfo));
+
+ /*
+ * Stop notify.
+ */
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ }
+ break;
+
+ case SEC_OID_PKCS7_DATA:
+ /*
+ * If a output callback has been specified, we want to set the filter
+ * to call the callback. This is taken care of in
+ * sec_pkcs7_decoder_start_decrypt() or
+ * sec_pkcs7_decoder_start_digests() for the other content types.
+ */
+
+ if (before && dest == &(cinfo->content.data)) {
+
+ /*
+ * Set the filter proc up.
+ */
+ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
+ sec_pkcs7_decoder_filter,
+ p7dcx,
+ (PRBool)(p7dcx->cb != NULL));
+ break;
+ }
+
+ if (after && dest == &(cinfo->content.data)) {
+ /*
+ * Time to clean up after ourself, stop the Notify and Filter
+ * procedures.
+ */
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+ }
+ break;
+
+ default:
+ SEC_ASN1DecoderClearNotifyProc(p7dcx->dcx);
+ break;
+ }
+}
+
+SEC_PKCS7DecoderContext *
+SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg,
+ SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
+ void *decrypt_key_cb_arg,
+ SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
+{
+ SEC_PKCS7DecoderContext *p7dcx;
+ SEC_ASN1DecoderContext *dcx;
+ SEC_PKCS7ContentInfo *cinfo;
+ PLArenaPool *poolp;
+
+ poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (poolp == NULL)
+ return NULL;
+
+ cinfo = (SEC_PKCS7ContentInfo *)PORT_ArenaZAlloc(poolp, sizeof(*cinfo));
+ if (cinfo == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ cinfo->poolp = poolp;
+ cinfo->pwfn = pwfn;
+ cinfo->pwfn_arg = pwfn_arg;
+ cinfo->created = PR_FALSE;
+ cinfo->refCount = 1;
+
+ p7dcx =
+ (SEC_PKCS7DecoderContext *)PORT_ZAlloc(sizeof(SEC_PKCS7DecoderContext));
+ if (p7dcx == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ p7dcx->tmp_poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (p7dcx->tmp_poolp == NULL) {
+ PORT_Free(p7dcx);
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ dcx = SEC_ASN1DecoderStart(poolp, cinfo, sec_PKCS7ContentInfoTemplate);
+ if (dcx == NULL) {
+ PORT_FreeArena(p7dcx->tmp_poolp, PR_FALSE);
+ PORT_Free(p7dcx);
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ SEC_ASN1DecoderSetNotifyProc(dcx, sec_pkcs7_decoder_notify, p7dcx);
+
+ p7dcx->dcx = dcx;
+ p7dcx->cinfo = cinfo;
+ p7dcx->cb = cb;
+ p7dcx->cb_arg = cb_arg;
+ p7dcx->pwfn = pwfn;
+ p7dcx->pwfn_arg = pwfn_arg;
+ p7dcx->dkcb = decrypt_key_cb;
+ p7dcx->dkcb_arg = decrypt_key_cb_arg;
+ p7dcx->decrypt_allowed_cb = decrypt_allowed_cb;
+
+ return p7dcx;
+}
+
+/*
+ * Do the next chunk of PKCS7 decoding. If there is a problem, set
+ * an error and return a failure status. Note that in the case of
+ * an error, this routine is still prepared to be called again and
+ * again in case that is the easiest route for our caller to take.
+ * We simply detect it and do not do anything except keep setting
+ * that error in case our caller has not noticed it yet...
+ */
+SECStatus
+SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
+ const char *buf, unsigned long len)
+{
+ if (p7dcx->cinfo != NULL && p7dcx->dcx != NULL) {
+ PORT_Assert(p7dcx->error == 0);
+ if (p7dcx->error == 0) {
+ if (SEC_ASN1DecoderUpdate(p7dcx->dcx, buf, len) != SECSuccess) {
+ p7dcx->error = PORT_GetError();
+ PORT_Assert(p7dcx->error);
+ if (p7dcx->error == 0)
+ p7dcx->error = -1;
+ }
+ }
+ }
+
+ if (p7dcx->error) {
+ if (p7dcx->dcx != NULL) {
+ (void)SEC_ASN1DecoderFinish(p7dcx->dcx);
+ p7dcx->dcx = NULL;
+ }
+ if (p7dcx->cinfo != NULL) {
+ SEC_PKCS7DestroyContentInfo(p7dcx->cinfo);
+ p7dcx->cinfo = NULL;
+ }
+ PORT_SetError(p7dcx->error);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SEC_PKCS7ContentInfo *
+SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+
+ cinfo = p7dcx->cinfo;
+ if (p7dcx->dcx != NULL) {
+ if (SEC_ASN1DecoderFinish(p7dcx->dcx) != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ cinfo = NULL;
+ }
+ }
+ /* free any NSS data structures */
+ if (p7dcx->worker.decryptobj) {
+ sec_PKCS7DestroyDecryptObject(p7dcx->worker.decryptobj);
+ }
+ PORT_FreeArena(p7dcx->tmp_poolp, PR_FALSE);
+ PORT_Free(p7dcx);
+ return cinfo;
+}
+
+SEC_PKCS7ContentInfo *
+SEC_PKCS7DecodeItem(SECItem *p7item,
+ SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg,
+ SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
+ void *decrypt_key_cb_arg,
+ SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
+{
+ SEC_PKCS7DecoderContext *p7dcx;
+
+ p7dcx = SEC_PKCS7DecoderStart(cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb,
+ decrypt_key_cb_arg, decrypt_allowed_cb);
+ if (!p7dcx) {
+ /* error code is set */
+ return NULL;
+ }
+ (void)SEC_PKCS7DecoderUpdate(p7dcx, (char *)p7item->data, p7item->len);
+ return SEC_PKCS7DecoderFinish(p7dcx);
+}
+
+/*
+ * Abort the ASN.1 stream. Used by pkcs 12
+ */
+void
+SEC_PKCS7DecoderAbort(SEC_PKCS7DecoderContext *p7dcx, int error)
+{
+ PORT_Assert(p7dcx);
+ SEC_ASN1DecoderAbort(p7dcx->dcx, error);
+}
+
+/*
+ * If the thing contains any certs or crls return true; false otherwise.
+ */
+PRBool
+SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo)
+{
+ SECOidTag kind;
+ SECItem **certs;
+ CERTSignedCrl **crls;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ return PR_FALSE;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ certs = cinfo->content.signedData->rawCerts;
+ crls = cinfo->content.signedData->crls;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ certs = cinfo->content.signedAndEnvelopedData->rawCerts;
+ crls = cinfo->content.signedAndEnvelopedData->crls;
+ break;
+ }
+
+ /*
+ * I know this could be collapsed, but I was in a mood to be explicit.
+ */
+ if (certs != NULL && certs[0] != NULL)
+ return PR_TRUE;
+ else if (crls != NULL && crls[0] != NULL)
+ return PR_TRUE;
+ else
+ return PR_FALSE;
+}
+
+/* return the content length...could use GetContent, however we
+ * need the encrypted content length
+ */
+PRBool
+SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen)
+{
+ SECItem *item = NULL;
+
+ if (cinfo == NULL) {
+ return PR_TRUE;
+ }
+
+ switch (SEC_PKCS7ContentType(cinfo)) {
+ case SEC_OID_PKCS7_DATA:
+ item = cinfo->content.data;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ item = &cinfo->content.encryptedData->encContentInfo.encContent;
+ break;
+ default:
+ /* add other types */
+ return PR_FALSE;
+ }
+
+ if (!item) {
+ return PR_TRUE;
+ } else if (item->len <= minLen) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
+
+PRBool
+SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo)
+{
+ SECOidTag kind;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ return PR_FALSE;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ return PR_TRUE;
+ }
+}
+
+/*
+ * If the PKCS7 content has a signature (not just *could* have a signature)
+ * return true; false otherwise. This can/should be called before calling
+ * VerifySignature, which will always indicate failure if no signature is
+ * present, but that does not mean there even was a signature!
+ * Note that the content itself can be empty (detached content was sent
+ * another way); it is the presence of the signature that matters.
+ */
+PRBool
+SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo)
+{
+ SECOidTag kind;
+ SEC_PKCS7SignerInfo **signerinfos;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ return PR_FALSE;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ signerinfos = cinfo->content.signedData->signerInfos;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
+ break;
+ }
+
+ /*
+ * I know this could be collapsed; but I kind of think it will get
+ * more complicated before I am finished, so...
+ */
+ if (signerinfos != NULL && signerinfos[0] != NULL)
+ return PR_TRUE;
+ else
+ return PR_FALSE;
+}
+
+/*
+ * sec_pkcs7_verify_signature
+ *
+ * Look at a PKCS7 contentInfo and check if the signature is good.
+ * The digest was either calculated earlier (and is stored in the
+ * contentInfo itself) or is passed in via "detached_digest".
+ *
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at
+ * - "*atTime" if "atTime" is not null, or
+ * - the signing time if the signing time is available in "cinfo", or
+ * - the current time (as returned by PR_Now).
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ *
+ * XXX Each place which returns PR_FALSE should be sure to have a good
+ * error set for inspection by the caller. Alternatively, we could create
+ * an enumeration of success and each type of failure and return that
+ * instead of a boolean. For now, the default in a bad situation is to
+ * set the error to SEC_ERROR_PKCS7_BAD_SIGNATURE. But this should be
+ * reviewed; better (more specific) errors should be possible (to distinguish
+ * a signature failure from a badly-formed pkcs7 signedData, for example).
+ * Some of the errors should probably just be SEC_ERROR_BAD_SIGNATURE,
+ * but that has a less helpful error string associated with it right now;
+ * if/when that changes, review and change these as needed.
+ *
+ * XXX This is broken wrt signedAndEnvelopedData. In that case, the
+ * message digest is doubly encrypted -- first encrypted with the signer
+ * private key but then again encrypted with the bulk encryption key used
+ * to encrypt the content. So before we can pass the digest to VerifyDigest,
+ * we need to decrypt it with the bulk encryption key. Also, in this case,
+ * there should be NO authenticatedAttributes (signerinfo->authAttr should
+ * be NULL).
+ */
+static PRBool
+sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ const PRTime *atTime)
+{
+ SECAlgorithmID **digestalgs, *bulkid;
+ const SECItem *digest;
+ SECItem **digests;
+ SECItem **rawcerts;
+ SEC_PKCS7SignerInfo **signerinfos, *signerinfo;
+ CERTCertificate *cert, **certs;
+ PRBool goodsig;
+ CERTCertDBHandle *certdb, *defaultdb;
+ SECOidTag encTag, digestTag;
+ HASH_HashType found_type;
+ int i, certcount;
+ SECKEYPublicKey *publickey;
+ SECItem *content_type;
+ PK11SymKey *sigkey;
+ SECItem *encoded_stime;
+ PRTime stime;
+ PRTime verificationTime;
+ SECStatus rv;
+
+ /*
+ * Everything needed in order to "goto done" safely.
+ */
+ goodsig = PR_FALSE;
+ certcount = 0;
+ cert = NULL;
+ certs = NULL;
+ certdb = NULL;
+ defaultdb = CERT_GetDefaultCertDB();
+ publickey = NULL;
+
+ if (!SEC_PKCS7ContentIsSigned(cinfo)) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ PORT_Assert(cinfo->contentTypeTag != NULL);
+
+ switch (cinfo->contentTypeTag->offset) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ /* Could only get here if SEC_PKCS7ContentIsSigned is broken. */
+ PORT_Assert(0);
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ digestalgs = sdp->digestAlgorithms;
+ digests = sdp->digests;
+ rawcerts = sdp->rawCerts;
+ signerinfos = sdp->signerInfos;
+ content_type = &(sdp->contentInfo.contentType);
+ sigkey = NULL;
+ bulkid = NULL;
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ digestalgs = saedp->digestAlgorithms;
+ digests = saedp->digests;
+ rawcerts = saedp->rawCerts;
+ signerinfos = saedp->signerInfos;
+ content_type = &(saedp->encContentInfo.contentType);
+ sigkey = saedp->sigKey;
+ bulkid = &(saedp->encContentInfo.contentEncAlg);
+ } break;
+ }
+
+ if ((signerinfos == NULL) || (signerinfos[0] == NULL)) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ /*
+ * XXX Need to handle multiple signatures; checking them is easy,
+ * but what should be the semantics here (like, return value)?
+ */
+ if (signerinfos[1] != NULL) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ signerinfo = signerinfos[0];
+
+ /*
+ * XXX I would like to just pass the issuerAndSN, along with the rawcerts
+ * and crls, to some function that did all of this certificate stuff
+ * (open/close the database if necessary, verifying the certs, etc.)
+ * and gave me back a cert pointer if all was good.
+ */
+ certdb = defaultdb;
+ if (certdb == NULL) {
+ goto done;
+ }
+
+ certcount = 0;
+ if (rawcerts != NULL) {
+ for (; rawcerts[certcount] != NULL; certcount++) {
+ /* just counting */
+ }
+ }
+
+ /*
+ * Note that the result of this is that each cert in "certs"
+ * needs to be destroyed.
+ */
+ rv = CERT_ImportCerts(certdb, certusage, certcount, rawcerts, &certs,
+ keepcerts, PR_FALSE, NULL);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /*
+ * This cert will also need to be freed, but since we save it
+ * in signerinfo for later, we do not want to destroy it when
+ * we leave this function -- we let the clean-up of the entire
+ * cinfo structure later do the destroy of this cert.
+ */
+ cert = CERT_FindCertByIssuerAndSN(certdb, signerinfo->issuerAndSN);
+ if (cert == NULL) {
+ goto done;
+ }
+
+ signerinfo->cert = cert;
+
+ /*
+ * Get and convert the signing time; if available, it will be used
+ * both on the cert verification and for importing the sender
+ * email profile.
+ */
+ encoded_stime = SEC_PKCS7GetSigningTime(cinfo);
+ if (encoded_stime != NULL) {
+ if (DER_DecodeTimeChoice(&stime, encoded_stime) != SECSuccess)
+ encoded_stime = NULL; /* conversion failed, so pretend none */
+ }
+
+ /*
+ * XXX This uses the signing time, if available. Additionally, we
+ * might want to, if there is no signing time, get the message time
+ * from the mail header itself, and use that. That would require
+ * a change to our interface though, and for S/MIME callers to pass
+ * in a time (and for non-S/MIME callers to pass in nothing, or
+ * maybe make them pass in the current time, always?).
+ */
+ if (atTime) {
+ verificationTime = *atTime;
+ } else if (encoded_stime != NULL) {
+ verificationTime = stime;
+ } else {
+ verificationTime = PR_Now();
+ }
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, verificationTime,
+ cinfo->pwfn_arg, NULL) != SECSuccess) {
+ /*
+ * XXX Give the user an option to check the signature anyway?
+ * If we want to do this, need to give a way to leave and display
+ * some dialog and get the answer and come back through (or do
+ * the rest of what we do below elsewhere, maybe by putting it
+ * in a function that we call below and could call from a dialog
+ * finish handler).
+ */
+ goto savecert;
+ }
+
+ publickey = CERT_ExtractPublicKey(cert);
+ if (publickey == NULL)
+ goto done;
+
+ /*
+ * XXX No! If digests is empty, see if we can create it now by
+ * digesting the contents. This is necessary if we want to allow
+ * somebody to do a simple decode (without filtering, etc.) and
+ * then later call us here to do the verification.
+ * OR, we can just specify that the interface to this routine
+ * *requires* that the digest(s) be done before calling and either
+ * stashed in the struct itself or passed in explicitly (as would
+ * be done for detached contents).
+ */
+ if ((digests == NULL || digests[0] == NULL) && (detached_digest == NULL || detached_digest->data == NULL))
+ goto done;
+
+ /*
+ * Find and confirm digest algorithm.
+ */
+ digestTag = SECOID_FindOIDTag(&(signerinfo->digestAlg.algorithm));
+
+ /* make sure we understand the digest type first */
+ found_type = HASH_GetHashTypeByOidTag(digestTag);
+ if ((digestTag == SEC_OID_UNKNOWN) || (found_type == HASH_AlgNULL)) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ if (detached_digest != NULL) {
+ unsigned int hashLen = HASH_ResultLen(found_type);
+
+ if (digest_type != found_type ||
+ detached_digest->len != hashLen) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+ digest = detached_digest;
+ } else {
+ PORT_Assert(digestalgs != NULL && digestalgs[0] != NULL);
+ if (digestalgs == NULL || digestalgs[0] == NULL) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ /*
+ * pick digest matching signerinfo->digestAlg from digests
+ */
+ for (i = 0; digestalgs[i] != NULL; i++) {
+ if (SECOID_FindOIDTag(&(digestalgs[i]->algorithm)) == digestTag)
+ break;
+ }
+ if (digestalgs[i] == NULL) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ digest = digests[i];
+ }
+
+ encTag = SECOID_FindOIDTag(&(signerinfo->digestEncAlg.algorithm));
+ if (encTag == SEC_OID_UNKNOWN) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ if (signerinfo->authAttr != NULL) {
+ SEC_PKCS7Attribute *attr;
+ SECItem *value;
+ SECItem encoded_attrs;
+
+ /*
+ * We have a sigkey only for signedAndEnvelopedData, which is
+ * not supposed to have any authenticated attributes.
+ */
+ if (sigkey != NULL) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ /*
+ * PKCS #7 says that if there are any authenticated attributes,
+ * then there must be one for content type which matches the
+ * content type of the content being signed, and there must
+ * be one for message digest which matches our message digest.
+ * So check these things first.
+ * XXX Might be nice to have a compare-attribute-value function
+ * which could collapse the following nicely.
+ */
+ attr = sec_PKCS7FindAttribute(signerinfo->authAttr,
+ SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE);
+ value = sec_PKCS7AttributeValue(attr);
+ if (value == NULL || value->len != content_type->len) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+ if (PORT_Memcmp(value->data, content_type->data, value->len) != 0) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ attr = sec_PKCS7FindAttribute(signerinfo->authAttr,
+ SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE);
+ value = sec_PKCS7AttributeValue(attr);
+ if (value == NULL || value->len != digest->len) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+ if (PORT_Memcmp(value->data, digest->data, value->len) != 0) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ /*
+ * Okay, we met the constraints of the basic attributes.
+ * Now check the signature, which is based on a digest of
+ * the DER-encoded authenticated attributes. So, first we
+ * encode and then we digest/verify.
+ */
+ encoded_attrs.data = NULL;
+ encoded_attrs.len = 0;
+ if (sec_PKCS7EncodeAttributes(NULL, &encoded_attrs,
+ &(signerinfo->authAttr)) == NULL)
+ goto done;
+
+ if (encoded_attrs.data == NULL || encoded_attrs.len == 0) {
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ goodsig = (PRBool)(VFY_VerifyDataDirect(encoded_attrs.data,
+ encoded_attrs.len,
+ publickey, &(signerinfo->encDigest),
+ encTag, digestTag, NULL,
+ cinfo->pwfn_arg) == SECSuccess);
+ PORT_Free(encoded_attrs.data);
+ } else {
+ SECItem *sig;
+ SECItem holder;
+ SECStatus rv;
+
+ /*
+ * No authenticated attributes.
+ * The signature is based on the plain message digest.
+ */
+
+ sig = &(signerinfo->encDigest);
+ if (sig->len == 0) { /* bad signature */
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ goto done;
+ }
+
+ if (sigkey != NULL) {
+ sec_PKCS7CipherObject *decryptobj;
+ unsigned int buflen;
+
+ /*
+ * For signedAndEnvelopedData, we first must decrypt the encrypted
+ * digest with the bulk encryption key. The result is the normal
+ * encrypted digest (aka the signature).
+ */
+ decryptobj = sec_PKCS7CreateDecryptObject(sigkey, bulkid);
+ if (decryptobj == NULL)
+ goto done;
+
+ buflen = sec_PKCS7DecryptLength(decryptobj, sig->len, PR_TRUE);
+ PORT_Assert(buflen);
+ if (buflen == 0) { /* something is wrong */
+ sec_PKCS7DestroyDecryptObject(decryptobj);
+ goto done;
+ }
+
+ holder.data = (unsigned char *)PORT_Alloc(buflen);
+ if (holder.data == NULL) {
+ sec_PKCS7DestroyDecryptObject(decryptobj);
+ goto done;
+ }
+
+ rv = sec_PKCS7Decrypt(decryptobj, holder.data, &holder.len, buflen,
+ sig->data, sig->len, PR_TRUE);
+ sec_PKCS7DestroyDecryptObject(decryptobj);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ sig = &holder;
+ }
+
+ goodsig = (PRBool)(VFY_VerifyDigestDirect(digest, publickey, sig,
+ encTag, digestTag, cinfo->pwfn_arg) == SECSuccess);
+
+ if (sigkey != NULL) {
+ PORT_Assert(sig == &holder);
+ PORT_ZFree(holder.data, holder.len);
+ }
+ }
+
+ if (!goodsig) {
+ /*
+ * XXX Change the generic error into our specific one, because
+ * in that case we get a better explanation out of the Security
+ * Advisor. This is really a bug in our error strings (the
+ * "generic" error has a lousy/wrong message associated with it
+ * which assumes the signature verification was done for the
+ * purposes of checking the issuer signature on a certificate)
+ * but this is at least an easy workaround and/or in the
+ * Security Advisor, which specifically checks for the error
+ * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
+ * in that case but does not similarly check for
+ * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
+ * probably say the wrong thing in the case that it *was* the
+ * certificate signature check that failed during the cert
+ * verification done above. Our error handling is really a mess.
+ */
+ if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ }
+
+savecert:
+ /*
+ * Only save the smime profile if we are checking an email message and
+ * the cert has an email address in it.
+ */
+ if (cert->emailAddr && cert->emailAddr[0] &&
+ ((certusage == certUsageEmailSigner) ||
+ (certusage == certUsageEmailRecipient))) {
+ SECItem *profile = NULL;
+ int save_error;
+
+ /*
+ * Remember the current error set because we do not care about
+ * anything set by the functions we are about to call.
+ */
+ save_error = PORT_GetError();
+
+ if (goodsig && (signerinfo->authAttr != NULL)) {
+ /*
+ * If the signature is good, then we can save the S/MIME profile,
+ * if we have one.
+ */
+ SEC_PKCS7Attribute *attr;
+
+ attr = sec_PKCS7FindAttribute(signerinfo->authAttr,
+ SEC_OID_PKCS9_SMIME_CAPABILITIES,
+ PR_TRUE);
+ profile = sec_PKCS7AttributeValue(attr);
+ }
+
+ rv = CERT_SaveSMimeProfile(cert, profile, encoded_stime);
+
+ /*
+ * Restore the saved error in case the calls above set a new
+ * one that we do not actually care about.
+ */
+ PORT_SetError(save_error);
+
+ /*
+ * XXX Failure is not indicated anywhere -- the signature
+ * verification itself is unaffected by whether or not the
+ * profile was successfully saved.
+ */
+ }
+
+done:
+
+ /*
+ * See comment above about why we do not want to destroy cert
+ * itself here.
+ */
+
+ if (certs != NULL)
+ CERT_DestroyCertArray(certs, certcount);
+
+ if (publickey != NULL)
+ SECKEY_DestroyPublicKey(publickey);
+
+ return goodsig;
+}
+
+/*
+ * SEC_PKCS7VerifySignature
+ * Look at a PKCS7 contentInfo and check if the signature is good.
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage".
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ */
+PRBool
+SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ PRBool keepcerts)
+{
+ return sec_pkcs7_verify_signature(cinfo, certusage,
+ NULL, HASH_AlgNULL, keepcerts, NULL);
+}
+
+/*
+ * SEC_PKCS7VerifyDetachedSignature
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage".
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ */
+PRBool
+SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts)
+{
+ return sec_pkcs7_verify_signature(cinfo, certusage,
+ detached_digest, digest_type,
+ keepcerts, NULL);
+}
+
+/*
+ * SEC_PKCS7VerifyDetachedSignatureAtTime
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at time "atTime".
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ */
+PRBool
+SEC_PKCS7VerifyDetachedSignatureAtTime(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ PRTime atTime)
+{
+ return sec_pkcs7_verify_signature(cinfo, certusage,
+ detached_digest, digest_type,
+ keepcerts, &atTime);
+}
+
+/*
+ * Return the asked-for portion of the name of the signer of a PKCS7
+ * signed object.
+ *
+ * Returns a pointer to allocated memory, which must be freed.
+ * A NULL return value is an error.
+ */
+
+#define sec_common_name 1
+#define sec_email_address 2
+
+static char *
+sec_pkcs7_get_signer_cert_info(SEC_PKCS7ContentInfo *cinfo, int selector)
+{
+ SECOidTag kind;
+ SEC_PKCS7SignerInfo **signerinfos;
+ CERTCertificate *signercert;
+ char *container;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ PORT_Assert(0);
+ return NULL;
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ signerinfos = sdp->signerInfos;
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ signerinfos = saedp->signerInfos;
+ } break;
+ }
+
+ if (signerinfos == NULL || signerinfos[0] == NULL)
+ return NULL;
+
+ signercert = signerinfos[0]->cert;
+
+ /*
+ * No cert there; see if we can find one by calling verify ourselves.
+ */
+ if (signercert == NULL) {
+ /*
+ * The cert usage does not matter in this case, because we do not
+ * actually care about the verification itself, but we have to pick
+ * some valid usage to pass in.
+ */
+ (void)sec_pkcs7_verify_signature(cinfo, certUsageEmailSigner,
+ NULL, HASH_AlgNULL, PR_FALSE, NULL);
+ signercert = signerinfos[0]->cert;
+ if (signercert == NULL)
+ return NULL;
+ }
+
+ switch (selector) {
+ case sec_common_name:
+ container = CERT_GetCommonName(&signercert->subject);
+ break;
+ case sec_email_address:
+ if (signercert->emailAddr && signercert->emailAddr[0]) {
+ container = PORT_Strdup(signercert->emailAddr);
+ } else {
+ container = NULL;
+ }
+ break;
+ default:
+ PORT_Assert(0);
+ container = NULL;
+ break;
+ }
+
+ return container;
+}
+
+char *
+SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo)
+{
+ return sec_pkcs7_get_signer_cert_info(cinfo, sec_common_name);
+}
+
+char *
+SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo)
+{
+ return sec_pkcs7_get_signer_cert_info(cinfo, sec_email_address);
+}
+
+/*
+ * Return the signing time, in UTCTime format, of a PKCS7 contentInfo.
+ */
+SECItem *
+SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo)
+{
+ SEC_PKCS7SignerInfo **signerinfos;
+ SEC_PKCS7Attribute *attr;
+
+ if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
+ return NULL;
+
+ signerinfos = cinfo->content.signedData->signerInfos;
+
+ /*
+ * No signature, or more than one, means no deal.
+ */
+ if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
+ return NULL;
+
+ attr = sec_PKCS7FindAttribute(signerinfos[0]->authAttr,
+ SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
+ return sec_PKCS7AttributeValue(attr);
+}
diff --git a/security/nss/lib/pkcs7/p7encode.c b/security/nss/lib/pkcs7/p7encode.c
new file mode 100644
index 000000000..bdbc343d3
--- /dev/null
+++ b/security/nss/lib/pkcs7/p7encode.c
@@ -0,0 +1,1079 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * PKCS7 encoding.
+ */
+
+#include "p7local.h"
+
+#include "cert.h"
+#include "cryptohi.h"
+#include "keyhi.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "sechash.h" /* for HASH_GetHashObject() */
+
+struct sec_pkcs7_encoder_output {
+ SEC_PKCS7EncoderOutputCallback outputfn;
+ void *outputarg;
+};
+
+struct SEC_PKCS7EncoderContextStr {
+ SEC_ASN1EncoderContext *ecx;
+ SEC_PKCS7ContentInfo *cinfo;
+ struct sec_pkcs7_encoder_output output;
+ sec_PKCS7CipherObject *encryptobj;
+ const SECHashObject *digestobj;
+ void *digestcx;
+};
+
+/*
+ * The little output function that the ASN.1 encoder calls to hand
+ * us bytes which we in turn hand back to our caller (via the callback
+ * they gave us).
+ */
+static void
+sec_pkcs7_encoder_out(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ struct sec_pkcs7_encoder_output *output;
+
+ output = (struct sec_pkcs7_encoder_output *)arg;
+ output->outputfn(output->outputarg, buf, len);
+}
+
+static sec_PKCS7CipherObject *
+sec_pkcs7_encoder_start_encrypt(SEC_PKCS7ContentInfo *cinfo,
+ PK11SymKey *orig_bulkkey)
+{
+ SECOidTag kind;
+ sec_PKCS7CipherObject *encryptobj;
+ SEC_PKCS7RecipientInfo **recipientinfos, *ri;
+ SEC_PKCS7EncryptedContentInfo *enccinfo;
+ SECKEYPublicKey *publickey = NULL;
+ SECKEYPrivateKey *ourPrivKey = NULL;
+ PK11SymKey *bulkkey;
+ void *mark;
+ int i;
+ PLArenaPool *arena = NULL;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ recipientinfos = NULL;
+ enccinfo = NULL;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA: {
+ SEC_PKCS7EncryptedData *encdp;
+
+ /* To do EncryptedData we *must* be given a bulk key. */
+ PORT_Assert(orig_bulkkey != NULL);
+ if (orig_bulkkey == NULL) {
+ /* XXX error? */
+ return NULL;
+ }
+
+ encdp = cinfo->content.encryptedData;
+ recipientinfos = NULL;
+ enccinfo = &(encdp->encContentInfo);
+ } break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA: {
+ SEC_PKCS7EnvelopedData *envdp;
+
+ envdp = cinfo->content.envelopedData;
+ recipientinfos = envdp->recipientInfos;
+ enccinfo = &(envdp->encContentInfo);
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ recipientinfos = saedp->recipientInfos;
+ enccinfo = &(saedp->encContentInfo);
+ } break;
+ }
+
+ if (enccinfo == NULL)
+ return NULL;
+
+ bulkkey = orig_bulkkey;
+ if (bulkkey == NULL) {
+ CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(enccinfo->encalg);
+ PK11SlotInfo *slot;
+
+ slot = PK11_GetBestSlot(type, cinfo->pwfn_arg);
+ if (slot == NULL) {
+ return NULL;
+ }
+ bulkkey = PK11_KeyGen(slot, type, NULL, enccinfo->keysize / 8,
+ cinfo->pwfn_arg);
+ PK11_FreeSlot(slot);
+ if (bulkkey == NULL) {
+ return NULL;
+ }
+ }
+
+ encryptobj = NULL;
+ mark = PORT_ArenaMark(cinfo->poolp);
+
+ /*
+ * Encrypt the bulk key with the public key of each recipient.
+ */
+ for (i = 0; recipientinfos && (ri = recipientinfos[i]) != NULL; i++) {
+ CERTCertificate *cert;
+ SECOidTag certalgtag, encalgtag;
+ SECStatus rv;
+ int data_len;
+ SECItem *params = NULL;
+
+ cert = ri->cert;
+ PORT_Assert(cert != NULL);
+ if (cert == NULL)
+ continue;
+
+ /*
+ * XXX Want an interface that takes a cert and some data and
+ * fills in an algorithmID and encrypts the data with the public
+ * key from the cert. Or, give me two interfaces -- one which
+ * gets the algorithm tag from a cert (I should not have to go
+ * down into the subjectPublicKeyInfo myself) and another which
+ * takes a public key and algorithm tag and data and encrypts
+ * the data. Or something like that. The point is that all
+ * of the following hardwired RSA stuff should be done elsewhere.
+ */
+
+ certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
+
+ switch (certalgtag) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ encalgtag = certalgtag;
+ publickey = CERT_ExtractPublicKey(cert);
+ if (publickey == NULL)
+ goto loser;
+
+ data_len = SECKEY_PublicKeyStrength(publickey);
+ ri->encKey.data =
+ (unsigned char *)PORT_ArenaAlloc(cinfo->poolp, data_len);
+ ri->encKey.len = data_len;
+ if (ri->encKey.data == NULL)
+ goto loser;
+
+ rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(certalgtag), publickey,
+ bulkkey, &ri->encKey);
+
+ SECKEY_DestroyPublicKey(publickey);
+ publickey = NULL;
+ if (rv != SECSuccess)
+ goto loser;
+ params = NULL; /* paranoia */
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(cinfo->poolp, &ri->keyEncAlg, encalgtag,
+ params);
+ if (rv != SECSuccess)
+ goto loser;
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+ arena = NULL;
+ }
+
+ encryptobj = sec_PKCS7CreateEncryptObject(cinfo->poolp, bulkkey,
+ enccinfo->encalg,
+ &(enccinfo->contentEncAlg));
+ if (encryptobj != NULL) {
+ PORT_ArenaUnmark(cinfo->poolp, mark);
+ mark = NULL; /* good one; do not want to release */
+ }
+/* fallthru */
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ if (publickey) {
+ SECKEY_DestroyPublicKey(publickey);
+ }
+ if (ourPrivKey) {
+ SECKEY_DestroyPrivateKey(ourPrivKey);
+ }
+ if (mark != NULL) {
+ PORT_ArenaRelease(cinfo->poolp, mark);
+ }
+ if (orig_bulkkey == NULL) {
+ if (bulkkey)
+ PK11_FreeSymKey(bulkkey);
+ }
+
+ return encryptobj;
+}
+
+static void
+sec_pkcs7_encoder_notify(void *arg, PRBool before, void *dest, int depth)
+{
+ SEC_PKCS7EncoderContext *p7ecx;
+ SEC_PKCS7ContentInfo *cinfo;
+ SECOidTag kind;
+ PRBool before_content;
+
+ /*
+ * We want to notice just before the content field. After fields are
+ * not interesting to us.
+ */
+ if (!before)
+ return;
+
+ p7ecx = (SEC_PKCS7EncoderContext *)arg;
+ cinfo = p7ecx->cinfo;
+
+ before_content = PR_FALSE;
+
+ /*
+ * Watch for the content field, at which point we want to instruct
+ * the ASN.1 encoder to start taking bytes from the buffer.
+ *
+ * XXX The following assumes the inner content type is data;
+ * if/when we want to handle fully nested types, this will have
+ * to recurse until reaching the innermost data content.
+ */
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ if (dest == &(cinfo->content.data))
+ before_content = PR_TRUE;
+ break;
+
+ case SEC_OID_PKCS7_DIGESTED_DATA: {
+ SEC_PKCS7DigestedData *digd;
+
+ digd = cinfo->content.digestedData;
+ if (digd == NULL)
+ break;
+
+ if (dest == &(digd->contentInfo.content))
+ before_content = PR_TRUE;
+ } break;
+
+ case SEC_OID_PKCS7_ENCRYPTED_DATA: {
+ SEC_PKCS7EncryptedData *encd;
+
+ encd = cinfo->content.encryptedData;
+ if (encd == NULL)
+ break;
+
+ if (dest == &(encd->encContentInfo.encContent))
+ before_content = PR_TRUE;
+ } break;
+
+ case SEC_OID_PKCS7_ENVELOPED_DATA: {
+ SEC_PKCS7EnvelopedData *envd;
+
+ envd = cinfo->content.envelopedData;
+ if (envd == NULL)
+ break;
+
+ if (dest == &(envd->encContentInfo.encContent))
+ before_content = PR_TRUE;
+ } break;
+
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sigd;
+
+ sigd = cinfo->content.signedData;
+ if (sigd == NULL)
+ break;
+
+ if (dest == &(sigd->contentInfo.content))
+ before_content = PR_TRUE;
+ } break;
+
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saed;
+
+ saed = cinfo->content.signedAndEnvelopedData;
+ if (saed == NULL)
+ break;
+
+ if (dest == &(saed->encContentInfo.encContent))
+ before_content = PR_TRUE;
+ } break;
+ }
+
+ if (before_content) {
+ /*
+ * This will cause the next SEC_ASN1EncoderUpdate to take the
+ * contents bytes from the passed-in buffer.
+ */
+ SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
+ /*
+ * And that is all we needed this notify function for.
+ */
+ SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx);
+ }
+}
+
+static SEC_PKCS7EncoderContext *
+sec_pkcs7_encoder_start_contexts(SEC_PKCS7ContentInfo *cinfo,
+ PK11SymKey *bulkkey)
+{
+ SEC_PKCS7EncoderContext *p7ecx;
+ SECOidTag kind;
+ PRBool encrypt;
+ SECItem **digests;
+ SECAlgorithmID *digestalg, **digestalgs;
+
+ p7ecx =
+ (SEC_PKCS7EncoderContext *)PORT_ZAlloc(sizeof(SEC_PKCS7EncoderContext));
+ if (p7ecx == NULL)
+ return NULL;
+
+ digests = NULL;
+ digestalg = NULL;
+ digestalgs = NULL;
+ encrypt = PR_FALSE;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ digestalg = &(cinfo->content.digestedData->digestAlg);
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ digests = cinfo->content.signedData->digests;
+ digestalgs = cinfo->content.signedData->digestAlgorithms;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ encrypt = PR_TRUE;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ digests = cinfo->content.signedAndEnvelopedData->digests;
+ digestalgs = cinfo->content.signedAndEnvelopedData->digestAlgorithms;
+ encrypt = PR_TRUE;
+ break;
+ }
+
+ if (encrypt) {
+ p7ecx->encryptobj = sec_pkcs7_encoder_start_encrypt(cinfo, bulkkey);
+ if (p7ecx->encryptobj == NULL) {
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+ }
+
+ if (digestalgs != NULL) {
+ if (digests != NULL) {
+ /* digests already created (probably for detached data) */
+ digestalg = NULL;
+ } else {
+ /*
+ * XXX Some day we should handle multiple digests; for now,
+ * assume only one will be done.
+ */
+ PORT_Assert(digestalgs[0] != NULL && digestalgs[1] == NULL);
+ digestalg = digestalgs[0];
+ }
+ }
+
+ if (digestalg != NULL) {
+ SECOidTag oidTag = SECOID_FindOIDTag(&(digestalg->algorithm));
+
+ p7ecx->digestobj = HASH_GetHashObjectByOidTag(oidTag);
+ if (p7ecx->digestobj != NULL) {
+ p7ecx->digestcx = (*p7ecx->digestobj->create)();
+ if (p7ecx->digestcx == NULL)
+ p7ecx->digestobj = NULL;
+ else
+ (*p7ecx->digestobj->begin)(p7ecx->digestcx);
+ }
+ if (p7ecx->digestobj == NULL) {
+ if (p7ecx->encryptobj != NULL)
+ sec_PKCS7DestroyEncryptObject(p7ecx->encryptobj);
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+ }
+
+ p7ecx->cinfo = cinfo;
+ return p7ecx;
+}
+
+SEC_PKCS7EncoderContext *
+SEC_PKCS7EncoderStart(SEC_PKCS7ContentInfo *cinfo,
+ SEC_PKCS7EncoderOutputCallback outputfn,
+ void *outputarg,
+ PK11SymKey *bulkkey)
+{
+ SEC_PKCS7EncoderContext *p7ecx;
+ SECStatus rv;
+
+ p7ecx = sec_pkcs7_encoder_start_contexts(cinfo, bulkkey);
+ if (p7ecx == NULL)
+ return NULL;
+
+ p7ecx->output.outputfn = outputfn;
+ p7ecx->output.outputarg = outputarg;
+
+ /*
+ * Initialize the BER encoder.
+ */
+ p7ecx->ecx = SEC_ASN1EncoderStart(cinfo, sec_PKCS7ContentInfoTemplate,
+ sec_pkcs7_encoder_out, &(p7ecx->output));
+ if (p7ecx->ecx == NULL) {
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+
+ /*
+ * Indicate that we are streaming. We will be streaming until we
+ * get past the contents bytes.
+ */
+ SEC_ASN1EncoderSetStreaming(p7ecx->ecx);
+
+ /*
+ * The notify function will watch for the contents field.
+ */
+ SEC_ASN1EncoderSetNotifyProc(p7ecx->ecx, sec_pkcs7_encoder_notify, p7ecx);
+
+ /*
+ * This will encode everything up to the content bytes. (The notify
+ * function will then cause the encoding to stop there.) Then our
+ * caller can start passing contents bytes to our Update, which we
+ * will pass along.
+ */
+ rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
+ if (rv != SECSuccess) {
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+
+ return p7ecx;
+}
+
+/*
+ * XXX If/when we support nested contents, this needs to be revised.
+ */
+static SECStatus
+sec_pkcs7_encoder_work_data(SEC_PKCS7EncoderContext *p7ecx, SECItem *dest,
+ const unsigned char *data, unsigned long len,
+ PRBool final)
+{
+ unsigned char *buf = NULL;
+ SECStatus rv;
+
+ rv = SECSuccess; /* may as well be optimistic */
+
+ /*
+ * We should really have data to process, or we should be trying
+ * to finish/flush the last block. (This is an overly paranoid
+ * check since all callers are in this file and simple inspection
+ * proves they do it right. But it could find a bug in future
+ * modifications/development, that is why it is here.)
+ */
+ PORT_Assert((data != NULL && len) || final);
+
+ /*
+ * Update the running digest.
+ * XXX This needs modification if/when we handle multiple digests.
+ */
+ if (len && p7ecx->digestobj != NULL) {
+ (*p7ecx->digestobj->update)(p7ecx->digestcx, data, len);
+ }
+
+ /*
+ * Encrypt this chunk.
+ */
+ if (p7ecx->encryptobj != NULL) {
+ /* XXX the following lengths should all be longs? */
+ unsigned int inlen; /* length of data being encrypted */
+ unsigned int outlen; /* length of encrypted data */
+ unsigned int buflen; /* length available for encrypted data */
+
+ inlen = len;
+ buflen = sec_PKCS7EncryptLength(p7ecx->encryptobj, inlen, final);
+ if (buflen == 0) {
+ /*
+ * No output is expected, but the input data may be buffered
+ * so we still have to call Encrypt.
+ */
+ rv = sec_PKCS7Encrypt(p7ecx->encryptobj, NULL, NULL, 0,
+ data, inlen, final);
+ if (final) {
+ len = 0;
+ goto done;
+ }
+ return rv;
+ }
+
+ if (dest != NULL)
+ buf = (unsigned char *)PORT_ArenaAlloc(p7ecx->cinfo->poolp, buflen);
+ else
+ buf = (unsigned char *)PORT_Alloc(buflen);
+
+ if (buf == NULL) {
+ rv = SECFailure;
+ } else {
+ rv = sec_PKCS7Encrypt(p7ecx->encryptobj, buf, &outlen, buflen,
+ data, inlen, final);
+ data = buf;
+ len = outlen;
+ }
+ if (rv != SECSuccess) {
+ if (final)
+ goto done;
+ return rv;
+ }
+ }
+
+ if (p7ecx->ecx != NULL) {
+ /*
+ * Encode the contents bytes.
+ */
+ if (len) {
+ rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, (const char *)data, len);
+ }
+ }
+
+done:
+ if (p7ecx->encryptobj != NULL) {
+ if (final)
+ sec_PKCS7DestroyEncryptObject(p7ecx->encryptobj);
+ if (dest != NULL) {
+ dest->data = buf;
+ dest->len = len;
+ } else if (buf != NULL) {
+ PORT_Free(buf);
+ }
+ }
+
+ if (final && p7ecx->digestobj != NULL) {
+ SECItem *digest, **digests, ***digestsp;
+ unsigned char *digdata;
+ SECOidTag kind;
+
+ kind = SEC_PKCS7ContentType(p7ecx->cinfo);
+ switch (kind) {
+ default:
+ PORT_Assert(0);
+ return SECFailure;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ digest = &(p7ecx->cinfo->content.digestedData->digest);
+ digestsp = NULL;
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ digest = NULL;
+ digestsp = &(p7ecx->cinfo->content.signedData->digests);
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ digest = NULL;
+ digestsp = &(p7ecx->cinfo->content.signedAndEnvelopedData->digests);
+ break;
+ }
+
+ digdata = (unsigned char *)PORT_ArenaAlloc(p7ecx->cinfo->poolp,
+ p7ecx->digestobj->length);
+ if (digdata == NULL)
+ return SECFailure;
+
+ if (digestsp != NULL) {
+ PORT_Assert(digest == NULL);
+
+ digest = (SECItem *)PORT_ArenaAlloc(p7ecx->cinfo->poolp,
+ sizeof(SECItem));
+ digests = (SECItem **)PORT_ArenaAlloc(p7ecx->cinfo->poolp,
+ 2 * sizeof(SECItem *));
+ if (digests == NULL || digest == NULL)
+ return SECFailure;
+
+ digests[0] = digest;
+ digests[1] = NULL;
+
+ *digestsp = digests;
+ }
+
+ PORT_Assert(digest != NULL);
+
+ digest->data = digdata;
+ digest->len = p7ecx->digestobj->length;
+
+ (*p7ecx->digestobj->end)(p7ecx->digestcx, digest->data,
+ &(digest->len), digest->len);
+ (*p7ecx->digestobj->destroy)(p7ecx->digestcx, PR_TRUE);
+ }
+
+ return rv;
+}
+
+SECStatus
+SEC_PKCS7EncoderUpdate(SEC_PKCS7EncoderContext *p7ecx,
+ const char *data, unsigned long len)
+{
+ /* XXX Error handling needs help. Return what? Do "Finish" on failure? */
+ return sec_pkcs7_encoder_work_data(p7ecx, NULL,
+ (const unsigned char *)data, len,
+ PR_FALSE);
+}
+
+static SECStatus
+sec_pkcs7_encoder_sig_and_certs(SEC_PKCS7ContentInfo *cinfo,
+ SECKEYGetPasswordKey pwfn, void *pwfnarg)
+{
+ SECOidTag kind;
+ CERTCertificate **certs;
+ CERTCertificateList **certlists;
+ SECAlgorithmID **digestalgs;
+ SECItem **digests;
+ SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
+ SECItem **rawcerts, ***rawcertsp;
+ PLArenaPool *poolp;
+ int certcount;
+ int ci, cli, rci, si;
+
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ certs = NULL;
+ certlists = NULL;
+ digestalgs = NULL;
+ digests = NULL;
+ signerinfos = NULL;
+ rawcertsp = NULL;
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA: {
+ SEC_PKCS7SignedData *sdp;
+
+ sdp = cinfo->content.signedData;
+ certs = sdp->certs;
+ certlists = sdp->certLists;
+ digestalgs = sdp->digestAlgorithms;
+ digests = sdp->digests;
+ signerinfos = sdp->signerInfos;
+ rawcertsp = &(sdp->rawCerts);
+ } break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
+ SEC_PKCS7SignedAndEnvelopedData *saedp;
+
+ saedp = cinfo->content.signedAndEnvelopedData;
+ certs = saedp->certs;
+ certlists = saedp->certLists;
+ digestalgs = saedp->digestAlgorithms;
+ digests = saedp->digests;
+ signerinfos = saedp->signerInfos;
+ rawcertsp = &(saedp->rawCerts);
+ } break;
+ }
+
+ if (certs == NULL && certlists == NULL && signerinfos == NULL)
+ return SECSuccess; /* nothing for us to do! */
+
+ poolp = cinfo->poolp;
+ certcount = 0;
+
+ if (signerinfos != NULL) {
+ SECOidTag digestalgtag;
+ int di;
+ SECStatus rv;
+ CERTCertificate *cert;
+ SECKEYPrivateKey *privkey;
+ SECItem signature;
+ SECOidTag signalgtag;
+
+ PORT_Assert(digestalgs != NULL && digests != NULL);
+
+ /*
+ * If one fails, we bail right then. If we want to continue and
+ * try to do subsequent signatures, this loop, and the departures
+ * from it, will need to be reworked.
+ */
+ for (si = 0; signerinfos[si] != NULL; si++) {
+
+ signerinfo = signerinfos[si];
+
+ /* find right digest */
+ digestalgtag = SECOID_GetAlgorithmTag(&(signerinfo->digestAlg));
+ for (di = 0; digestalgs[di] != NULL; di++) {
+ /* XXX Should I be comparing more than the tag? */
+ if (digestalgtag == SECOID_GetAlgorithmTag(digestalgs[di]))
+ break;
+ }
+ if (digestalgs[di] == NULL) {
+ /* XXX oops; do what? set an error? */
+ return SECFailure;
+ }
+ PORT_Assert(digests[di] != NULL);
+
+ cert = signerinfo->cert;
+ privkey = PK11_FindKeyByAnyCert(cert, pwfnarg);
+ if (privkey == NULL)
+ return SECFailure;
+
+ /*
+ * XXX I think there should be a cert-level interface for this,
+ * so that I do not have to know about subjectPublicKeyInfo...
+ */
+ signalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
+
+ if (signerinfo->authAttr != NULL) {
+ SEC_PKCS7Attribute *attr;
+ SECItem encoded_attrs;
+ SECItem *dummy;
+ SECOidTag algid;
+
+ /*
+ * First, find and fill in the message digest attribute.
+ */
+ attr = sec_PKCS7FindAttribute(signerinfo->authAttr,
+ SEC_OID_PKCS9_MESSAGE_DIGEST,
+ PR_TRUE);
+ PORT_Assert(attr != NULL);
+ if (attr == NULL) {
+ SECKEY_DestroyPrivateKey(privkey);
+ return SECFailure;
+ }
+
+ /*
+ * XXX The second half of the following assertion prevents
+ * the encoder from being called twice on the same content.
+ * Either just remove the second half the assertion, or
+ * change the code to check if the value already there is
+ * the same as digests[di], whichever seems more right.
+ */
+ PORT_Assert(attr->values != NULL && attr->values[0] == NULL);
+ attr->values[0] = digests[di];
+
+ /*
+ * Before encoding, reorder the attributes so that when they
+ * are encoded, they will be conforming DER, which is required
+ * to have a specific order and that is what must be used for
+ * the hash/signature. We do this here, rather than building
+ * it into EncodeAttributes, because we do not want to do
+ * such reordering on incoming messages (which also uses
+ * EncodeAttributes) or our old signatures (and other "broken"
+ * implementations) will not verify. So, we want to guarantee
+ * that we send out good DER encodings of attributes, but not
+ * to expect to receive them.
+ */
+ rv = sec_PKCS7ReorderAttributes(signerinfo->authAttr);
+ if (rv != SECSuccess) {
+ SECKEY_DestroyPrivateKey(privkey);
+ return SECFailure;
+ }
+
+ encoded_attrs.data = NULL;
+ encoded_attrs.len = 0;
+ dummy = sec_PKCS7EncodeAttributes(NULL, &encoded_attrs,
+ &(signerinfo->authAttr));
+ if (dummy == NULL) {
+ SECKEY_DestroyPrivateKey(privkey);
+ return SECFailure;
+ }
+
+ algid = SEC_GetSignatureAlgorithmOidTag(privkey->keyType,
+ digestalgtag);
+ if (algid == SEC_OID_UNKNOWN) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ SECKEY_DestroyPrivateKey(privkey);
+ return SECFailure;
+ }
+ rv = SEC_SignData(&signature,
+ encoded_attrs.data, encoded_attrs.len,
+ privkey,
+ algid);
+ SECITEM_FreeItem(&encoded_attrs, PR_FALSE);
+ } else {
+ rv = SGN_Digest(privkey, digestalgtag, &signature,
+ digests[di]);
+ }
+
+ SECKEY_DestroyPrivateKey(privkey);
+
+ if (rv != SECSuccess)
+ return rv;
+
+ rv = SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature);
+ if (rv != SECSuccess)
+ return rv;
+
+ SECITEM_FreeItem(&signature, PR_FALSE);
+
+ rv = SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg),
+ signalgtag, NULL);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /*
+ * Count the cert chain for this signer.
+ */
+ if (signerinfo->certList != NULL)
+ certcount += signerinfo->certList->len;
+ }
+ }
+
+ if (certs != NULL) {
+ for (ci = 0; certs[ci] != NULL; ci++)
+ certcount++;
+ }
+
+ if (certlists != NULL) {
+ for (cli = 0; certlists[cli] != NULL; cli++)
+ certcount += certlists[cli]->len;
+ }
+
+ if (certcount == 0)
+ return SECSuccess; /* signing done; no certs */
+
+ /*
+ * Combine all of the certs and cert chains into rawcerts.
+ * Note: certcount is an upper bound; we may not need that many slots
+ * but we will allocate anyway to avoid having to do another pass.
+ * (The temporary space saving is not worth it.)
+ */
+ rawcerts = (SECItem **)PORT_ArenaAlloc(poolp,
+ (certcount + 1) * sizeof(SECItem *));
+ if (rawcerts == NULL)
+ return SECFailure;
+
+ /*
+ * XXX Want to check for duplicates and not add *any* cert that is
+ * already in the set. This will be more important when we start
+ * dealing with larger sets of certs, dual-key certs (signing and
+ * encryption), etc. For the time being we can slide by...
+ */
+ rci = 0;
+ if (signerinfos != NULL) {
+ for (si = 0; signerinfos[si] != NULL; si++) {
+ signerinfo = signerinfos[si];
+ for (ci = 0; ci < signerinfo->certList->len; ci++)
+ rawcerts[rci++] = &(signerinfo->certList->certs[ci]);
+ }
+ }
+
+ if (certs != NULL) {
+ for (ci = 0; certs[ci] != NULL; ci++)
+ rawcerts[rci++] = &(certs[ci]->derCert);
+ }
+
+ if (certlists != NULL) {
+ for (cli = 0; certlists[cli] != NULL; cli++) {
+ for (ci = 0; ci < certlists[cli]->len; ci++)
+ rawcerts[rci++] = &(certlists[cli]->certs[ci]);
+ }
+ }
+
+ rawcerts[rci] = NULL;
+ *rawcertsp = rawcerts;
+
+ return SECSuccess;
+}
+
+SECStatus
+SEC_PKCS7EncoderFinish(SEC_PKCS7EncoderContext *p7ecx,
+ SECKEYGetPasswordKey pwfn, void *pwfnarg)
+{
+ SECStatus rv;
+
+ /*
+ * Flush out any remaining data.
+ */
+ rv = sec_pkcs7_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE);
+
+ /*
+ * Turn off streaming stuff.
+ */
+ SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
+ SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
+
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = sec_pkcs7_encoder_sig_and_certs(p7ecx->cinfo, pwfn, pwfnarg);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
+
+loser:
+ SEC_ASN1EncoderFinish(p7ecx->ecx);
+ PORT_Free(p7ecx);
+ return rv;
+}
+
+/*
+ * Abort the ASN.1 stream. Used by pkcs 12
+ */
+void
+SEC_PKCS7EncoderAbort(SEC_PKCS7EncoderContext *p7ecx, int error)
+{
+ PORT_Assert(p7ecx);
+ SEC_ASN1EncoderAbort(p7ecx->ecx, error);
+}
+
+/*
+ * After this routine is called, the entire PKCS7 contentInfo is ready
+ * to be encoded. This is used internally, but can also be called from
+ * elsewhere for those who want to be able to just have pointers to
+ * the ASN1 template for pkcs7 contentInfo built into their own encodings.
+ */
+SECStatus
+SEC_PKCS7PrepareForEncode(SEC_PKCS7ContentInfo *cinfo,
+ PK11SymKey *bulkkey,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg)
+{
+ SEC_PKCS7EncoderContext *p7ecx;
+ SECItem *content, *enc_content;
+ SECStatus rv;
+
+ p7ecx = sec_pkcs7_encoder_start_contexts(cinfo, bulkkey);
+ if (p7ecx == NULL)
+ return SECFailure;
+
+ content = SEC_PKCS7GetContent(cinfo);
+
+ if (p7ecx->encryptobj != NULL) {
+ SECOidTag kind;
+ SEC_PKCS7EncryptedContentInfo *enccinfo;
+
+ kind = SEC_PKCS7ContentType(p7ecx->cinfo);
+ switch (kind) {
+ default:
+ PORT_Assert(0);
+ rv = SECFailure;
+ goto loser;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ enccinfo = &(p7ecx->cinfo->content.encryptedData->encContentInfo);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ enccinfo = &(p7ecx->cinfo->content.envelopedData->encContentInfo);
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ enccinfo = &(p7ecx->cinfo->content.signedAndEnvelopedData->encContentInfo);
+ break;
+ }
+ enc_content = &(enccinfo->encContent);
+ } else {
+ enc_content = NULL;
+ }
+
+ if (content != NULL && content->data != NULL && content->len) {
+ rv = sec_pkcs7_encoder_work_data(p7ecx, enc_content,
+ content->data, content->len, PR_TRUE);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ rv = sec_pkcs7_encoder_sig_and_certs(cinfo, pwfn, pwfnarg);
+
+loser:
+ PORT_Free(p7ecx);
+ return rv;
+}
+
+/*
+ * Encode a PKCS7 object, in one shot. All necessary components
+ * of the object must already be specified. Either the data has
+ * already been included (via SetContent), or the data is detached,
+ * or there is no data at all (certs-only).
+ *
+ * "cinfo" specifies the object to be encoded.
+ *
+ * "outputfn" is where the encoded bytes will be passed.
+ *
+ * "outputarg" is an opaque argument to the above callback.
+ *
+ * "bulkkey" specifies the bulk encryption key to use. This argument
+ * can be NULL if no encryption is being done, or if the bulk key should
+ * be generated internally (usually the case for EnvelopedData but never
+ * for EncryptedData, which *must* provide a bulk encryption key).
+ *
+ * "pwfn" is a callback for getting the password which protects the
+ * private key of the signer. This argument can be NULL if it is known
+ * that no signing is going to be done.
+ *
+ * "pwfnarg" is an opaque argument to the above callback.
+ */
+SECStatus
+SEC_PKCS7Encode(SEC_PKCS7ContentInfo *cinfo,
+ SEC_PKCS7EncoderOutputCallback outputfn,
+ void *outputarg,
+ PK11SymKey *bulkkey,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg)
+{
+ SECStatus rv;
+
+ rv = SEC_PKCS7PrepareForEncode(cinfo, bulkkey, pwfn, pwfnarg);
+ if (rv == SECSuccess) {
+ struct sec_pkcs7_encoder_output outputcx;
+
+ outputcx.outputfn = outputfn;
+ outputcx.outputarg = outputarg;
+
+ rv = SEC_ASN1Encode(cinfo, sec_PKCS7ContentInfoTemplate,
+ sec_pkcs7_encoder_out, &outputcx);
+ }
+
+ return rv;
+}
+
+/*
+ * Encode a PKCS7 object, in one shot. All necessary components
+ * of the object must already be specified. Either the data has
+ * already been included (via SetContent), or the data is detached,
+ * or there is no data at all (certs-only). The output, rather than
+ * being passed to an output function as is done above, is all put
+ * into a SECItem.
+ *
+ * "pool" specifies a pool from which to allocate the result.
+ * It can be NULL, in which case memory is allocated generically.
+ *
+ * "dest" specifies a SECItem in which to put the result data.
+ * It can be NULL, in which case the entire item is allocated, too.
+ *
+ * "cinfo" specifies the object to be encoded.
+ *
+ * "bulkkey" specifies the bulk encryption key to use. This argument
+ * can be NULL if no encryption is being done, or if the bulk key should
+ * be generated internally (usually the case for EnvelopedData but never
+ * for EncryptedData, which *must* provide a bulk encryption key).
+ *
+ * "pwfn" is a callback for getting the password which protects the
+ * private key of the signer. This argument can be NULL if it is known
+ * that no signing is going to be done.
+ *
+ * "pwfnarg" is an opaque argument to the above callback.
+ */
+SECItem *
+SEC_PKCS7EncodeItem(PLArenaPool *pool,
+ SECItem *dest,
+ SEC_PKCS7ContentInfo *cinfo,
+ PK11SymKey *bulkkey,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg)
+{
+ SECStatus rv;
+
+ rv = SEC_PKCS7PrepareForEncode(cinfo, bulkkey, pwfn, pwfnarg);
+ if (rv != SECSuccess)
+ return NULL;
+
+ return SEC_ASN1EncodeItem(pool, dest, cinfo, sec_PKCS7ContentInfoTemplate);
+}
diff --git a/security/nss/lib/pkcs7/p7local.c b/security/nss/lib/pkcs7/p7local.c
new file mode 100644
index 000000000..182e385b6
--- /dev/null
+++ b/security/nss/lib/pkcs7/p7local.c
@@ -0,0 +1,1310 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support routines for PKCS7 implementation, none of which are exported.
+ * This file should only contain things that are needed by both the
+ * encoding/creation side *and* the decoding/decryption side. Anything
+ * else should be static routines in the appropriate file.
+ */
+
+#include "p7local.h"
+
+#include "cryptohi.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "pk11func.h"
+#include "secpkcs5.h"
+#include "secerr.h"
+
+/*
+ * -------------------------------------------------------------------
+ * Cipher stuff.
+ */
+
+typedef SECStatus (*sec_pkcs7_cipher_function)(void *,
+ unsigned char *,
+ unsigned *,
+ unsigned int,
+ const unsigned char *,
+ unsigned int);
+typedef SECStatus (*sec_pkcs7_cipher_destroy)(void *, PRBool);
+
+#define BLOCK_SIZE 4096
+
+struct sec_pkcs7_cipher_object {
+ void *cx;
+ sec_pkcs7_cipher_function doit;
+ sec_pkcs7_cipher_destroy destroy;
+ PRBool encrypt;
+ int block_size;
+ int pad_size;
+ int pending_count;
+ unsigned char pending_buf[BLOCK_SIZE];
+};
+
+SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
+SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
+
+/*
+ * Create a cipher object to do decryption, based on the given bulk
+ * encryption key and algorithm identifier (which may include an iv).
+ *
+ * XXX This interface, or one similar, would be really nice available
+ * in general... I tried to keep the pkcs7-specific stuff (mostly
+ * having to do with padding) out of here.
+ *
+ * XXX Once both are working, it might be nice to combine this and the
+ * function below (for starting up encryption) into one routine, and just
+ * have two simple cover functions which call it.
+ */
+sec_PKCS7CipherObject *
+sec_PKCS7CreateDecryptObject(PK11SymKey *key, SECAlgorithmID *algid)
+{
+ sec_PKCS7CipherObject *result;
+ SECOidTag algtag;
+ void *ciphercx;
+ CK_MECHANISM_TYPE cryptoMechType;
+ PK11SlotInfo *slot;
+ SECItem *param = NULL;
+
+ result = (struct sec_pkcs7_cipher_object *)
+ PORT_ZAlloc(sizeof(struct sec_pkcs7_cipher_object));
+ if (result == NULL)
+ return NULL;
+
+ ciphercx = NULL;
+ algtag = SECOID_GetAlgorithmTag(algid);
+
+ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
+ SECItem *pwitem;
+
+ pwitem = (SECItem *)PK11_GetSymKeyUserData(key);
+ if (!pwitem) {
+ PORT_Free(result);
+ return NULL;
+ }
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &param, pwitem);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ PORT_Free(result);
+ SECITEM_FreeItem(param, PR_TRUE);
+ return NULL;
+ }
+ } else {
+ cryptoMechType = PK11_AlgtagToMechanism(algtag);
+ param = PK11_ParamFromAlgid(algid);
+ if (param == NULL) {
+ PORT_Free(result);
+ return NULL;
+ }
+ }
+
+ result->pad_size = PK11_GetBlockSize(cryptoMechType, param);
+ slot = PK11_GetSlotFromKey(key);
+ result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
+ PK11_FreeSlot(slot);
+ ciphercx = PK11_CreateContextBySymKey(cryptoMechType, CKA_DECRYPT,
+ key, param);
+ SECITEM_FreeItem(param, PR_TRUE);
+ if (ciphercx == NULL) {
+ PORT_Free(result);
+ return NULL;
+ }
+
+ result->cx = ciphercx;
+ result->doit = (sec_pkcs7_cipher_function)PK11_CipherOp;
+ result->destroy = (sec_pkcs7_cipher_destroy)PK11_DestroyContext;
+ result->encrypt = PR_FALSE;
+ result->pending_count = 0;
+
+ return result;
+}
+
+/*
+ * Create a cipher object to do encryption, based on the given bulk
+ * encryption key and algorithm tag. Fill in the algorithm identifier
+ * (which may include an iv) appropriately.
+ *
+ * XXX This interface, or one similar, would be really nice available
+ * in general... I tried to keep the pkcs7-specific stuff (mostly
+ * having to do with padding) out of here.
+ *
+ * XXX Once both are working, it might be nice to combine this and the
+ * function above (for starting up decryption) into one routine, and just
+ * have two simple cover functions which call it.
+ */
+sec_PKCS7CipherObject *
+sec_PKCS7CreateEncryptObject(PLArenaPool *poolp, PK11SymKey *key,
+ SECOidTag algtag, SECAlgorithmID *algid)
+{
+ sec_PKCS7CipherObject *result;
+ void *ciphercx;
+ SECStatus rv;
+ CK_MECHANISM_TYPE cryptoMechType;
+ PK11SlotInfo *slot;
+ SECItem *param = NULL;
+ PRBool needToEncodeAlgid = PR_FALSE;
+
+ result = (struct sec_pkcs7_cipher_object *)
+ PORT_ZAlloc(sizeof(struct sec_pkcs7_cipher_object));
+ if (result == NULL)
+ return NULL;
+
+ ciphercx = NULL;
+ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
+ SECItem *pwitem;
+
+ pwitem = (SECItem *)PK11_GetSymKeyUserData(key);
+ if (!pwitem) {
+ PORT_Free(result);
+ return NULL;
+ }
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &param, pwitem);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ PORT_Free(result);
+ SECITEM_FreeItem(param, PR_TRUE);
+ return NULL;
+ }
+ } else {
+ cryptoMechType = PK11_AlgtagToMechanism(algtag);
+ param = PK11_GenerateNewParam(cryptoMechType, key);
+ if (param == NULL) {
+ PORT_Free(result);
+ return NULL;
+ }
+ needToEncodeAlgid = PR_TRUE;
+ }
+
+ result->pad_size = PK11_GetBlockSize(cryptoMechType, param);
+ slot = PK11_GetSlotFromKey(key);
+ result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
+ PK11_FreeSlot(slot);
+ ciphercx = PK11_CreateContextBySymKey(cryptoMechType, CKA_ENCRYPT,
+ key, param);
+ if (ciphercx == NULL) {
+ PORT_Free(result);
+ SECITEM_FreeItem(param, PR_TRUE);
+ return NULL;
+ }
+
+ /*
+ * These are placed after the CreateContextBySymKey() because some
+ * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
+ * Don't move it from here.
+ */
+ if (needToEncodeAlgid) {
+ rv = PK11_ParamToAlgid(algtag, param, poolp, algid);
+ if (rv != SECSuccess) {
+ PORT_Free(result);
+ SECITEM_FreeItem(param, PR_TRUE);
+ PK11_DestroyContext(ciphercx, PR_TRUE);
+ return NULL;
+ }
+ }
+ SECITEM_FreeItem(param, PR_TRUE);
+
+ result->cx = ciphercx;
+ result->doit = (sec_pkcs7_cipher_function)PK11_CipherOp;
+ result->destroy = (sec_pkcs7_cipher_destroy)PK11_DestroyContext;
+ result->encrypt = PR_TRUE;
+ result->pending_count = 0;
+
+ return result;
+}
+
+/*
+ * Destroy the cipher object.
+ */
+static void
+sec_pkcs7_destroy_cipher(sec_PKCS7CipherObject *obj)
+{
+ (*obj->destroy)(obj->cx, PR_TRUE);
+ PORT_Free(obj);
+}
+
+void
+sec_PKCS7DestroyDecryptObject(sec_PKCS7CipherObject *obj)
+{
+ PORT_Assert(obj != NULL);
+ if (obj == NULL)
+ return;
+ PORT_Assert(!obj->encrypt);
+ sec_pkcs7_destroy_cipher(obj);
+}
+
+void
+sec_PKCS7DestroyEncryptObject(sec_PKCS7CipherObject *obj)
+{
+ PORT_Assert(obj != NULL);
+ if (obj == NULL)
+ return;
+ PORT_Assert(obj->encrypt);
+ sec_pkcs7_destroy_cipher(obj);
+}
+
+/*
+ * XXX I think all of the following lengths should be longs instead
+ * of ints, but our current crypto interface uses ints, so I did too.
+ */
+
+/*
+ * What will be the output length of the next call to decrypt?
+ * Result can be used to perform memory allocations. Note that the amount
+ * is exactly accurate only when not doing a block cipher or when final
+ * is false, otherwise it is an upper bound on the amount because until
+ * we see the data we do not know how many padding bytes there are
+ * (always between 1 and bsize).
+ *
+ * Note that this can return zero, which does not mean that the decrypt
+ * operation can be skipped! (It simply means that there are not enough
+ * bytes to make up an entire block; the bytes will be reserved until
+ * there are enough to encrypt/decrypt at least one block.) However,
+ * if zero is returned it *does* mean that no output buffer need be
+ * passed in to the subsequent decrypt operation, as no output bytes
+ * will be stored.
+ */
+unsigned int
+sec_PKCS7DecryptLength(sec_PKCS7CipherObject *obj, unsigned int input_len,
+ PRBool final)
+{
+ int blocks, block_size;
+
+ PORT_Assert(!obj->encrypt);
+
+ block_size = obj->block_size;
+
+ /*
+ * If this is not a block cipher, then we always have the same
+ * number of output bytes as we had input bytes.
+ */
+ if (block_size == 0)
+ return input_len;
+
+ /*
+ * On the final call, we will always use up all of the pending
+ * bytes plus all of the input bytes, *but*, there will be padding
+ * at the end and we cannot predict how many bytes of padding we
+ * will end up removing. The amount given here is actually known
+ * to be at least 1 byte too long (because we know we will have
+ * at least 1 byte of padding), but seemed clearer/better to me.
+ */
+ if (final)
+ return obj->pending_count + input_len;
+
+ /*
+ * Okay, this amount is exactly what we will output on the
+ * next cipher operation. We will always hang onto the last
+ * 1 - block_size bytes for non-final operations. That is,
+ * we will do as many complete blocks as we can *except* the
+ * last block (complete or partial). (This is because until
+ * we know we are at the end, we cannot know when to interpret
+ * and removing the padding byte(s), which are guaranteed to
+ * be there.)
+ */
+ blocks = (obj->pending_count + input_len - 1) / block_size;
+ return blocks * block_size;
+}
+
+/*
+ * What will be the output length of the next call to encrypt?
+ * Result can be used to perform memory allocations.
+ *
+ * Note that this can return zero, which does not mean that the encrypt
+ * operation can be skipped! (It simply means that there are not enough
+ * bytes to make up an entire block; the bytes will be reserved until
+ * there are enough to encrypt/decrypt at least one block.) However,
+ * if zero is returned it *does* mean that no output buffer need be
+ * passed in to the subsequent encrypt operation, as no output bytes
+ * will be stored.
+ */
+unsigned int
+sec_PKCS7EncryptLength(sec_PKCS7CipherObject *obj, unsigned int input_len,
+ PRBool final)
+{
+ int blocks, block_size;
+ int pad_size;
+
+ PORT_Assert(obj->encrypt);
+
+ block_size = obj->block_size;
+ pad_size = obj->pad_size;
+
+ /*
+ * If this is not a block cipher, then we always have the same
+ * number of output bytes as we had input bytes.
+ */
+ if (block_size == 0)
+ return input_len;
+
+ /*
+ * On the final call, we only send out what we need for
+ * remaining bytes plus the padding. (There is always padding,
+ * so even if we have an exact number of blocks as input, we
+ * will add another full block that is just padding.)
+ */
+ if (final) {
+ if (pad_size == 0) {
+ return obj->pending_count + input_len;
+ } else {
+ blocks = (obj->pending_count + input_len) / pad_size;
+ blocks++;
+ return blocks * pad_size;
+ }
+ }
+
+ /*
+ * Now, count the number of complete blocks of data we have.
+ */
+ blocks = (obj->pending_count + input_len) / block_size;
+
+ return blocks * block_size;
+}
+
+/*
+ * Decrypt a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the decrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "obj" is the return value from sec_PKCS7CreateDecryptObject.
+ * When "final" is true, this is the last of the data to be decrypted.
+ *
+ * This is much more complicated than it sounds when the cipher is
+ * a block-type, meaning that the decryption function will only
+ * operate on whole blocks. But our caller is operating stream-wise,
+ * and can pass in any number of bytes. So we need to keep track
+ * of block boundaries. We save excess bytes between calls in "obj".
+ * We also need to determine which bytes are padding, and remove
+ * them from the output. We can only do this step when we know we
+ * have the final block of data. PKCS #7 specifies that the padding
+ * used for a block cipher is a string of bytes, each of whose value is
+ * the same as the length of the padding, and that all data is padded.
+ * (Even data that starts out with an exact multiple of blocks gets
+ * added to it another block, all of which is padding.)
+ */
+SECStatus
+sec_PKCS7Decrypt(sec_PKCS7CipherObject *obj, unsigned char *output,
+ unsigned int *output_len_p, unsigned int max_output_len,
+ const unsigned char *input, unsigned int input_len,
+ PRBool final)
+{
+ unsigned int blocks, bsize, pcount, padsize;
+ unsigned int max_needed, ifraglen, ofraglen, output_len;
+ unsigned char *pbuf;
+ SECStatus rv;
+
+ PORT_Assert(!obj->encrypt);
+
+ /*
+ * Check that we have enough room for the output. Our caller should
+ * already handle this; failure is really an internal error (i.e. bug).
+ */
+ max_needed = sec_PKCS7DecryptLength(obj, input_len, final);
+ PORT_Assert(max_output_len >= max_needed);
+ if (max_output_len < max_needed) {
+ /* PORT_SetError (XXX); */
+ return SECFailure;
+ }
+
+ /*
+ * hardware encryption does not like small decryption sizes here, so we
+ * allow both blocking and padding.
+ */
+ bsize = obj->block_size;
+ padsize = obj->pad_size;
+
+ /*
+ * When no blocking or padding work to do, we can simply call the
+ * cipher function and we are done.
+ */
+ if (bsize == 0) {
+ return (*obj->doit)(obj->cx, output, output_len_p, max_output_len,
+ input, input_len);
+ }
+
+ pcount = obj->pending_count;
+ pbuf = obj->pending_buf;
+
+ output_len = 0;
+
+ if (pcount) {
+ /*
+ * Try to fill in an entire block, starting with the bytes
+ * we already have saved away.
+ */
+ while (input_len && pcount < bsize) {
+ pbuf[pcount++] = *input++;
+ input_len--;
+ }
+ /*
+ * If we have at most a whole block and this is not our last call,
+ * then we are done for now. (We do not try to decrypt a lone
+ * single block because we cannot interpret the padding bytes
+ * until we know we are handling the very last block of all input.)
+ */
+ if (input_len == 0 && !final) {
+ obj->pending_count = pcount;
+ if (output_len_p)
+ *output_len_p = 0;
+ return SECSuccess;
+ }
+ /*
+ * Given the logic above, we expect to have a full block by now.
+ * If we do not, there is something wrong, either with our own
+ * logic or with (length of) the data given to us.
+ */
+ PORT_Assert((padsize == 0) || (pcount % padsize) == 0);
+ if ((padsize != 0) && (pcount % padsize) != 0) {
+ PORT_Assert(final);
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ /*
+ * Decrypt the block.
+ */
+ rv = (*obj->doit)(obj->cx, output, &ofraglen, max_output_len,
+ pbuf, pcount);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7DecryptLength needs to be made smarter!
+ */
+ PORT_Assert(ofraglen == pcount);
+
+ /*
+ * Account for the bytes now in output.
+ */
+ max_output_len -= ofraglen;
+ output_len += ofraglen;
+ output += ofraglen;
+ }
+
+ /*
+ * If this is our last call, we expect to have an exact number of
+ * blocks left to be decrypted; we will decrypt them all.
+ *
+ * If not our last call, we always save between 1 and bsize bytes
+ * until next time. (We must do this because we cannot be sure
+ * that none of the decrypted bytes are padding bytes until we
+ * have at least another whole block of data. You cannot tell by
+ * looking -- the data could be anything -- you can only tell by
+ * context, knowing you are looking at the last block.) We could
+ * decrypt a whole block now but it is easier if we just treat it
+ * the same way we treat partial block bytes.
+ */
+ if (final) {
+ if (padsize) {
+ blocks = input_len / padsize;
+ ifraglen = blocks * padsize;
+ } else
+ ifraglen = input_len;
+ PORT_Assert(ifraglen == input_len);
+
+ if (ifraglen != input_len) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ } else {
+ blocks = (input_len - 1) / bsize;
+ ifraglen = blocks * bsize;
+ PORT_Assert(ifraglen < input_len);
+
+ pcount = input_len - ifraglen;
+ PORT_Memcpy(pbuf, input + ifraglen, pcount);
+ obj->pending_count = pcount;
+ }
+
+ if (ifraglen) {
+ rv = (*obj->doit)(obj->cx, output, &ofraglen, max_output_len,
+ input, ifraglen);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7DecryptLength needs to be made smarter!
+ */
+ PORT_Assert(ifraglen == ofraglen);
+ if (ifraglen != ofraglen) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+
+ output_len += ofraglen;
+ } else {
+ ofraglen = 0;
+ }
+
+ /*
+ * If we just did our very last block, "remove" the padding by
+ * adjusting the output length.
+ */
+ if (final && (padsize != 0)) {
+ unsigned int padlen = *(output + ofraglen - 1);
+ if (padlen == 0 || padlen > padsize) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ output_len -= padlen;
+ }
+
+ PORT_Assert(output_len_p != NULL || output_len == 0);
+ if (output_len_p != NULL)
+ *output_len_p = output_len;
+
+ return SECSuccess;
+}
+
+/*
+ * Encrypt a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the encrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "obj" is the return value from sec_PKCS7CreateEncryptObject.
+ * When "final" is true, this is the last of the data to be encrypted.
+ *
+ * This is much more complicated than it sounds when the cipher is
+ * a block-type, meaning that the encryption function will only
+ * operate on whole blocks. But our caller is operating stream-wise,
+ * and can pass in any number of bytes. So we need to keep track
+ * of block boundaries. We save excess bytes between calls in "obj".
+ * We also need to add padding bytes at the end. PKCS #7 specifies
+ * that the padding used for a block cipher is a string of bytes,
+ * each of whose value is the same as the length of the padding,
+ * and that all data is padded. (Even data that starts out with
+ * an exact multiple of blocks gets added to it another block,
+ * all of which is padding.)
+ *
+ * XXX I would kind of like to combine this with the function above
+ * which does decryption, since they have a lot in common. But the
+ * tricky parts about padding and filling blocks would be much
+ * harder to read that way, so I left them separate. At least for
+ * now until it is clear that they are right.
+ */
+SECStatus
+sec_PKCS7Encrypt(sec_PKCS7CipherObject *obj, unsigned char *output,
+ unsigned int *output_len_p, unsigned int max_output_len,
+ const unsigned char *input, unsigned int input_len,
+ PRBool final)
+{
+ int blocks, bsize, padlen, pcount, padsize;
+ unsigned int max_needed, ifraglen, ofraglen, output_len;
+ unsigned char *pbuf;
+ SECStatus rv;
+
+ PORT_Assert(obj->encrypt);
+
+ /*
+ * Check that we have enough room for the output. Our caller should
+ * already handle this; failure is really an internal error (i.e. bug).
+ */
+ max_needed = sec_PKCS7EncryptLength(obj, input_len, final);
+ PORT_Assert(max_output_len >= max_needed);
+ if (max_output_len < max_needed) {
+ /* PORT_SetError (XXX); */
+ return SECFailure;
+ }
+
+ bsize = obj->block_size;
+ padsize = obj->pad_size;
+
+ /*
+ * When no blocking and padding work to do, we can simply call the
+ * cipher function and we are done.
+ */
+ if (bsize == 0) {
+ return (*obj->doit)(obj->cx, output, output_len_p, max_output_len,
+ input, input_len);
+ }
+
+ pcount = obj->pending_count;
+ pbuf = obj->pending_buf;
+
+ output_len = 0;
+
+ if (pcount) {
+ /*
+ * Try to fill in an entire block, starting with the bytes
+ * we already have saved away.
+ */
+ while (input_len && pcount < bsize) {
+ pbuf[pcount++] = *input++;
+ input_len--;
+ }
+ /*
+ * If we do not have a full block and we know we will be
+ * called again, then we are done for now.
+ */
+ if (pcount < bsize && !final) {
+ obj->pending_count = pcount;
+ if (output_len_p != NULL)
+ *output_len_p = 0;
+ return SECSuccess;
+ }
+ /*
+ * If we have a whole block available, encrypt it.
+ */
+ if ((padsize == 0) || (pcount % padsize) == 0) {
+ rv = (*obj->doit)(obj->cx, output, &ofraglen, max_output_len,
+ pbuf, pcount);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7EncryptLength needs to be made smarter!
+ */
+ PORT_Assert(ofraglen == pcount);
+
+ /*
+ * Account for the bytes now in output.
+ */
+ max_output_len -= ofraglen;
+ output_len += ofraglen;
+ output += ofraglen;
+
+ pcount = 0;
+ }
+ }
+
+ if (input_len) {
+ PORT_Assert(pcount == 0);
+
+ blocks = input_len / bsize;
+ ifraglen = blocks * bsize;
+
+ if (ifraglen) {
+ rv = (*obj->doit)(obj->cx, output, &ofraglen, max_output_len,
+ input, ifraglen);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7EncryptLength needs to be made smarter!
+ */
+ PORT_Assert(ifraglen == ofraglen);
+
+ max_output_len -= ofraglen;
+ output_len += ofraglen;
+ output += ofraglen;
+ }
+
+ pcount = input_len - ifraglen;
+ PORT_Assert(pcount < bsize);
+ if (pcount)
+ PORT_Memcpy(pbuf, input + ifraglen, pcount);
+ }
+
+ if (final) {
+ if (padsize) {
+ padlen = padsize - (pcount % padsize);
+ PORT_Memset(pbuf + pcount, padlen, padlen);
+ } else {
+ padlen = 0;
+ }
+ rv = (*obj->doit)(obj->cx, output, &ofraglen, max_output_len,
+ pbuf, pcount + padlen);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7EncryptLength needs to be made smarter!
+ */
+ PORT_Assert(ofraglen == (pcount + padlen));
+ output_len += ofraglen;
+ } else {
+ obj->pending_count = pcount;
+ }
+
+ PORT_Assert(output_len_p != NULL || output_len == 0);
+ if (output_len_p != NULL)
+ *output_len_p = output_len;
+
+ return SECSuccess;
+}
+
+/*
+ * End of cipher stuff.
+ * -------------------------------------------------------------------
+ */
+
+/*
+ * -------------------------------------------------------------------
+ * XXX The following Attribute stuff really belongs elsewhere.
+ * The Attribute type is *not* part of pkcs7 but rather X.501.
+ * But for now, since PKCS7 is the only customer of attributes,
+ * we define them here. Once there is a use outside of PKCS7,
+ * then change the attribute types and functions from internal
+ * to external naming convention, and move them elsewhere!
+ */
+
+/*
+ * Look through a set of attributes and find one that matches the
+ * specified object ID. If "only" is true, then make sure that
+ * there is not more than one attribute of the same type. Otherwise,
+ * just return the first one found. (XXX Does anybody really want
+ * that first-found behavior? It was like that when I found it...)
+ */
+SEC_PKCS7Attribute *
+sec_PKCS7FindAttribute(SEC_PKCS7Attribute **attrs, SECOidTag oidtag,
+ PRBool only)
+{
+ SECOidData *oid;
+ SEC_PKCS7Attribute *attr1, *attr2;
+
+ if (attrs == NULL)
+ return NULL;
+
+ oid = SECOID_FindOIDByTag(oidtag);
+ if (oid == NULL)
+ return NULL;
+
+ while ((attr1 = *attrs++) != NULL) {
+ if (attr1->type.len == oid->oid.len && PORT_Memcmp(attr1->type.data, oid->oid.data, oid->oid.len) == 0)
+ break;
+ }
+
+ if (attr1 == NULL)
+ return NULL;
+
+ if (!only)
+ return attr1;
+
+ while ((attr2 = *attrs++) != NULL) {
+ if (attr2->type.len == oid->oid.len && PORT_Memcmp(attr2->type.data, oid->oid.data, oid->oid.len) == 0)
+ break;
+ }
+
+ if (attr2 != NULL)
+ return NULL;
+
+ return attr1;
+}
+
+/*
+ * Return the single attribute value, doing some sanity checking first:
+ * - Multiple values are *not* expected.
+ * - Empty values are *not* expected.
+ */
+SECItem *
+sec_PKCS7AttributeValue(SEC_PKCS7Attribute *attr)
+{
+ SECItem *value;
+
+ if (attr == NULL)
+ return NULL;
+
+ value = attr->values[0];
+
+ if (value == NULL || value->data == NULL || value->len == 0)
+ return NULL;
+
+ if (attr->values[1] != NULL)
+ return NULL;
+
+ return value;
+}
+
+static const SEC_ASN1Template *
+sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+
+ SEC_PKCS7Attribute *attribute;
+ SECOidData *oiddata;
+ PRBool encoded;
+
+ PORT_Assert(src_or_dest != NULL);
+ if (src_or_dest == NULL)
+ return NULL;
+
+ attribute = (SEC_PKCS7Attribute *)src_or_dest;
+
+ if (encoding && attribute->encoded)
+ return SEC_ASN1_GET(SEC_AnyTemplate);
+
+ oiddata = attribute->typeTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&attribute->type);
+ attribute->typeTag = oiddata;
+ }
+
+ if (oiddata == NULL) {
+ encoded = PR_TRUE;
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ } else {
+ switch (oiddata->offset) {
+ default:
+ encoded = PR_TRUE;
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ case SEC_OID_PKCS9_EMAIL_ADDRESS:
+ case SEC_OID_RFC1274_MAIL:
+ case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
+ break;
+ case SEC_OID_PKCS9_CONTENT_TYPE:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
+ break;
+ case SEC_OID_PKCS9_MESSAGE_DIGEST:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
+ break;
+ case SEC_OID_PKCS9_SIGNING_TIME:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(CERT_TimeChoiceTemplate);
+ break;
+ /* XXX Want other types here, too */
+ }
+ }
+
+ if (encoding) {
+ /*
+ * If we are encoding and we think we have an already-encoded value,
+ * then the code which initialized this attribute should have set
+ * the "encoded" property to true (and we would have returned early,
+ * up above). No devastating error, but that code should be fixed.
+ * (It could indicate that the resulting encoded bytes are wrong.)
+ */
+ PORT_Assert(!encoded);
+ } else {
+ /*
+ * We are decoding; record whether the resulting value is
+ * still encoded or not.
+ */
+ attribute->encoded = encoded;
+ }
+ return theTemplate;
+}
+
+static const SEC_ASN1TemplateChooserPtr sec_attr_chooser = sec_attr_choose_attr_value_template;
+
+static const SEC_ASN1Template sec_pkcs7_attribute_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SEC_PKCS7Attribute) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SEC_PKCS7Attribute, type) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS7Attribute, values),
+ &sec_attr_chooser },
+ { 0 }
+};
+
+static const SEC_ASN1Template sec_pkcs7_set_of_attribute_template[] = {
+ { SEC_ASN1_SET_OF, 0, sec_pkcs7_attribute_template },
+};
+
+/*
+ * If you are wondering why this routine does not reorder the attributes
+ * first, and might be tempted to make it do so, see the comment by the
+ * call to ReorderAttributes in p7encode.c. (Or, see who else calls this
+ * and think long and hard about the implications of making it always
+ * do the reordering.)
+ */
+SECItem *
+sec_PKCS7EncodeAttributes(PLArenaPool *poolp, SECItem *dest, void *src)
+{
+ return SEC_ASN1EncodeItem(poolp, dest, src,
+ sec_pkcs7_set_of_attribute_template);
+}
+
+/*
+ * Make sure that the order of the attributes guarantees valid DER
+ * (which must be in lexigraphically ascending order for a SET OF);
+ * if reordering is necessary it will be done in place (in attrs).
+ */
+SECStatus
+sec_PKCS7ReorderAttributes(SEC_PKCS7Attribute **attrs)
+{
+ PLArenaPool *poolp;
+ int num_attrs, i, pass, besti;
+ unsigned int j;
+ SECItem **enc_attrs;
+ SEC_PKCS7Attribute **new_attrs;
+
+ /*
+ * I think we should not be called with NULL. But if we are,
+ * call it a success anyway, because the order *is* okay.
+ */
+ PORT_Assert(attrs != NULL);
+ if (attrs == NULL)
+ return SECSuccess;
+
+ /*
+ * Count how many attributes we are dealing with here.
+ */
+ num_attrs = 0;
+ while (attrs[num_attrs] != NULL)
+ num_attrs++;
+
+ /*
+ * Again, I think we should have some attributes here.
+ * But if we do not, or if there is only one, then call it
+ * a success because it also already has a fine order.
+ */
+ PORT_Assert(num_attrs);
+ if (num_attrs == 0 || num_attrs == 1)
+ return SECSuccess;
+
+ /*
+ * Allocate an arena for us to work with, so it is easy to
+ * clean up all of the memory (fairly small pieces, really).
+ */
+ poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (poolp == NULL)
+ return SECFailure; /* no memory; nothing we can do... */
+
+ /*
+ * Allocate arrays to hold the individual encodings which we will use
+ * for comparisons and the reordered attributes as they are sorted.
+ */
+ enc_attrs = (SECItem **)PORT_ArenaZAlloc(poolp, num_attrs * sizeof(SECItem *));
+ new_attrs = (SEC_PKCS7Attribute **)PORT_ArenaZAlloc(poolp,
+ num_attrs * sizeof(SEC_PKCS7Attribute *));
+ if (enc_attrs == NULL || new_attrs == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return SECFailure;
+ }
+
+ /*
+ * DER encode each individual attribute.
+ */
+ for (i = 0; i < num_attrs; i++) {
+ enc_attrs[i] = SEC_ASN1EncodeItem(poolp, NULL, attrs[i],
+ sec_pkcs7_attribute_template);
+ if (enc_attrs[i] == NULL) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ return SECFailure;
+ }
+ }
+
+ /*
+ * Now compare and sort them; this is not the most efficient sorting
+ * method, but it is just fine for the problem at hand, because the
+ * number of attributes is (always) going to be small.
+ */
+ for (pass = 0; pass < num_attrs; pass++) {
+ /*
+ * Find the first not-yet-accepted attribute. (Once one is
+ * sorted into the other array, it is cleared from enc_attrs.)
+ */
+ for (i = 0; i < num_attrs; i++) {
+ if (enc_attrs[i] != NULL)
+ break;
+ }
+ PORT_Assert(i < num_attrs);
+ besti = i;
+
+ /*
+ * Find the lowest (lexigraphically) encoding. One that is
+ * shorter than all the rest is known to be "less" because each
+ * attribute is of the same type (a SEQUENCE) and so thus the
+ * first octet of each is the same, and the second octet is
+ * the length (or the length of the length with the high bit
+ * set, followed by the length, which also works out to always
+ * order the shorter first). Two (or more) that have the
+ * same length need to be compared byte by byte until a mismatch
+ * is found.
+ */
+ for (i = besti + 1; i < num_attrs; i++) {
+ if (enc_attrs[i] == NULL) /* slot already handled */
+ continue;
+
+ if (enc_attrs[i]->len != enc_attrs[besti]->len) {
+ if (enc_attrs[i]->len < enc_attrs[besti]->len)
+ besti = i;
+ continue;
+ }
+
+ for (j = 0; j < enc_attrs[i]->len; j++) {
+ if (enc_attrs[i]->data[j] < enc_attrs[besti]->data[j]) {
+ besti = i;
+ break;
+ }
+ }
+
+ /*
+ * For this not to be true, we would have to have encountered
+ * two *identical* attributes, which I think we should not see.
+ * So assert if it happens, but even if it does, let it go
+ * through; the ordering of the two does not matter.
+ */
+ PORT_Assert(j < enc_attrs[i]->len);
+ }
+
+ /*
+ * Now we have found the next-lowest one; copy it over and
+ * remove it from enc_attrs.
+ */
+ new_attrs[pass] = attrs[besti];
+ enc_attrs[besti] = NULL;
+ }
+
+ /*
+ * Now new_attrs has the attributes in the order we want;
+ * copy them back into the attrs array we started with.
+ */
+ for (i = 0; i < num_attrs; i++)
+ attrs[i] = new_attrs[i];
+
+ PORT_FreeArena(poolp, PR_FALSE);
+ return SECSuccess;
+}
+
+/*
+ * End of attribute stuff.
+ * -------------------------------------------------------------------
+ */
+
+/*
+ * Templates and stuff. Keep these at the end of the file.
+ */
+
+/* forward declaration */
+static const SEC_ASN1Template *
+sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding);
+
+static const SEC_ASN1TemplateChooserPtr sec_pkcs7_chooser = sec_pkcs7_choose_content_template;
+
+const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7ContentInfo) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SEC_PKCS7ContentInfo, contentType) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS7ContentInfo, content),
+ &sec_pkcs7_chooser },
+ { 0 }
+};
+
+/* XXX These names should change from external to internal convention. */
+
+static const SEC_ASN1Template SEC_PKCS7SignerInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SEC_PKCS7SignerInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7SignerInfo, version) },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7SignerInfo, issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7SignerInfo, digestAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(SEC_PKCS7SignerInfo, authAttr),
+ sec_pkcs7_set_of_attribute_template },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7SignerInfo, digestEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SEC_PKCS7SignerInfo, encDigest) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(SEC_PKCS7SignerInfo, unAuthAttr),
+ sec_pkcs7_set_of_attribute_template },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PKCS7SignedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7SignedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7SignedData, version) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7SignedData, digestAlgorithms),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE,
+ offsetof(SEC_PKCS7SignedData, contentInfo),
+ sec_PKCS7ContentInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(SEC_PKCS7SignedData, rawCerts),
+ SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(SEC_PKCS7SignedData, crls),
+ SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
+ { SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS7SignedData, signerInfos),
+ SEC_PKCS7SignerInfoTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PointerToPKCS7SignedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedDataTemplate }
+};
+
+static const SEC_ASN1Template SEC_PKCS7RecipientInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SEC_PKCS7RecipientInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7RecipientInfo, version) },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7RecipientInfo, issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7RecipientInfo, keyEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SEC_PKCS7RecipientInfo, encKey) },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PKCS7EncryptedContentInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7EncryptedContentInfo) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SEC_PKCS7EncryptedContentInfo, contentType) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7EncryptedContentInfo, contentEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(SEC_PKCS7EncryptedContentInfo, encContent),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PKCS7EnvelopedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7EnvelopedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7EnvelopedData, version) },
+ { SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS7EnvelopedData, recipientInfos),
+ SEC_PKCS7RecipientInfoTemplate },
+ { SEC_ASN1_INLINE,
+ offsetof(SEC_PKCS7EnvelopedData, encContentInfo),
+ SEC_PKCS7EncryptedContentInfoTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PointerToPKCS7EnvelopedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS7EnvelopedDataTemplate }
+};
+
+static const SEC_ASN1Template SEC_PKCS7SignedAndEnvelopedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7SignedAndEnvelopedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, version) },
+ { SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, recipientInfos),
+ SEC_PKCS7RecipientInfoTemplate },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, digestAlgorithms),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, encContentInfo),
+ SEC_PKCS7EncryptedContentInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, rawCerts),
+ SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, crls),
+ SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
+ { SEC_ASN1_SET_OF,
+ offsetof(SEC_PKCS7SignedAndEnvelopedData, signerInfos),
+ SEC_PKCS7SignerInfoTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template
+ SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedAndEnvelopedDataTemplate }
+ };
+
+static const SEC_ASN1Template SEC_PKCS7DigestedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7DigestedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7DigestedData, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SEC_PKCS7DigestedData, digestAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE,
+ offsetof(SEC_PKCS7DigestedData, contentInfo),
+ sec_PKCS7ContentInfoTemplate },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SEC_PKCS7DigestedData, digest) },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PointerToPKCS7DigestedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS7DigestedDataTemplate }
+};
+
+static const SEC_ASN1Template SEC_PKCS7EncryptedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(SEC_PKCS7EncryptedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(SEC_PKCS7EncryptedData, version) },
+ { SEC_ASN1_INLINE,
+ offsetof(SEC_PKCS7EncryptedData, encContentInfo),
+ SEC_PKCS7EncryptedContentInfoTemplate },
+ { 0 }
+};
+
+static const SEC_ASN1Template SEC_PointerToPKCS7EncryptedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_PKCS7EncryptedDataTemplate }
+};
+
+static const SEC_ASN1Template *
+sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ SEC_PKCS7ContentInfo *cinfo;
+ SECOidTag kind;
+
+ PORT_Assert(src_or_dest != NULL);
+ if (src_or_dest == NULL)
+ return NULL;
+
+ cinfo = (SEC_PKCS7ContentInfo *)src_or_dest;
+ kind = SEC_PKCS7ContentType(cinfo);
+ switch (kind) {
+ default:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
+ break;
+ case SEC_OID_PKCS7_DATA:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ theTemplate = SEC_PointerToPKCS7SignedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ theTemplate = SEC_PointerToPKCS7EnvelopedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
+ theTemplate = SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ theTemplate = SEC_PointerToPKCS7DigestedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ theTemplate = SEC_PointerToPKCS7EncryptedDataTemplate;
+ break;
+ }
+ return theTemplate;
+}
+
+/*
+ * End of templates. Do not add stuff after this; put new code
+ * up above the start of the template definitions.
+ */
diff --git a/security/nss/lib/pkcs7/p7local.h b/security/nss/lib/pkcs7/p7local.h
new file mode 100644
index 000000000..ad37c3aad
--- /dev/null
+++ b/security/nss/lib/pkcs7/p7local.h
@@ -0,0 +1,137 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support routines for PKCS7 implementation, none of which are exported.
+ * This file should only contain things that are needed by both the
+ * encoding/creation side *and* the decoding/decryption side. Anything
+ * else should just be static routines in the appropriate file.
+ *
+ * Do not export this file! If something in here is really needed outside
+ * of pkcs7 code, first try to add a PKCS7 interface which will do it for
+ * you. If that has a problem, then just move out what you need, changing
+ * its name as appropriate!
+ */
+
+#ifndef _P7LOCAL_H_
+#define _P7LOCAL_H_
+
+#include "secpkcs7.h"
+#include "secasn1t.h"
+
+extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
+
+/* opaque objects */
+typedef struct sec_pkcs7_cipher_object sec_PKCS7CipherObject;
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/*
+ * Look through a set of attributes and find one that matches the
+ * specified object ID. If "only" is true, then make sure that
+ * there is not more than one attribute of the same type. Otherwise,
+ * just return the first one found. (XXX Does anybody really want
+ * that first-found behavior? It was like that when I found it...)
+ */
+extern SEC_PKCS7Attribute *sec_PKCS7FindAttribute(SEC_PKCS7Attribute **attrs,
+ SECOidTag oidtag,
+ PRBool only);
+/*
+ * Return the single attribute value, doing some sanity checking first:
+ * - Multiple values are *not* expected.
+ * - Empty values are *not* expected.
+ */
+extern SECItem *sec_PKCS7AttributeValue(SEC_PKCS7Attribute *attr);
+
+/*
+ * Encode a set of attributes (found in "src").
+ */
+extern SECItem *sec_PKCS7EncodeAttributes(PLArenaPool *poolp,
+ SECItem *dest, void *src);
+
+/*
+ * Make sure that the order of the attributes guarantees valid DER
+ * (which must be in lexigraphically ascending order for a SET OF);
+ * if reordering is necessary it will be done in place (in attrs).
+ */
+extern SECStatus sec_PKCS7ReorderAttributes(SEC_PKCS7Attribute **attrs);
+
+/*
+ * Create a context for decrypting, based on the given key and algorithm.
+ */
+extern sec_PKCS7CipherObject *
+sec_PKCS7CreateDecryptObject(PK11SymKey *key, SECAlgorithmID *algid);
+
+/*
+ * Create a context for encrypting, based on the given key and algorithm,
+ * and fill in the algorithm id.
+ */
+extern sec_PKCS7CipherObject *
+sec_PKCS7CreateEncryptObject(PLArenaPool *poolp, PK11SymKey *key,
+ SECOidTag algtag, SECAlgorithmID *algid);
+
+/*
+ * Destroy the given decryption or encryption object.
+ */
+extern void sec_PKCS7DestroyDecryptObject(sec_PKCS7CipherObject *obj);
+extern void sec_PKCS7DestroyEncryptObject(sec_PKCS7CipherObject *obj);
+
+/*
+ * What will be the output length of the next call to encrypt/decrypt?
+ * Result can be used to perform memory allocations. Note that the amount
+ * is exactly accurate only when not doing a block cipher or when final
+ * is false, otherwise it is an upper bound on the amount because until
+ * we see the data we do not know how many padding bytes there are
+ * (always between 1 and the cipher block size).
+ *
+ * Note that this can return zero, which does not mean that the cipher
+ * operation can be skipped! (It simply means that there are not enough
+ * bytes to make up an entire block; the bytes will be reserved until
+ * there are enough to encrypt/decrypt at least one block.) However,
+ * if zero is returned it *does* mean that no output buffer need be
+ * passed in to the subsequent cipher operation, as no output bytes
+ * will be stored.
+ */
+extern unsigned int sec_PKCS7DecryptLength(sec_PKCS7CipherObject *obj,
+ unsigned int input_len,
+ PRBool final);
+extern unsigned int sec_PKCS7EncryptLength(sec_PKCS7CipherObject *obj,
+ unsigned int input_len,
+ PRBool final);
+
+/*
+ * Decrypt a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the decrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "obj" is the return value from sec_PKCS7CreateDecryptObject.
+ * When "final" is true, this is the last of the data to be decrypted.
+ */
+extern SECStatus sec_PKCS7Decrypt(sec_PKCS7CipherObject *obj,
+ unsigned char *output,
+ unsigned int *output_len_p,
+ unsigned int max_output_len,
+ const unsigned char *input,
+ unsigned int input_len,
+ PRBool final);
+
+/*
+ * Encrypt a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the encrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "obj" is the return value from sec_PKCS7CreateEncryptObject.
+ * When "final" is true, this is the last of the data to be encrypted.
+ */
+extern SECStatus sec_PKCS7Encrypt(sec_PKCS7CipherObject *obj,
+ unsigned char *output,
+ unsigned int *output_len_p,
+ unsigned int max_output_len,
+ const unsigned char *input,
+ unsigned int input_len,
+ PRBool final);
+
+/************************************************************************/
+SEC_END_PROTOS
+
+#endif /* _P7LOCAL_H_ */
diff --git a/security/nss/lib/pkcs7/pkcs7.gyp b/security/nss/lib/pkcs7/pkcs7.gyp
new file mode 100644
index 000000000..8a73a2934
--- /dev/null
+++ b/security/nss/lib/pkcs7/pkcs7.gyp
@@ -0,0 +1,29 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pkcs7',
+ 'type': 'static_library',
+ 'sources': [
+ 'certread.c',
+ 'p7common.c',
+ 'p7create.c',
+ 'p7decode.c',
+ 'p7encode.c',
+ 'p7local.c',
+ 'secmime.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/pkcs7/pkcs7t.h b/security/nss/lib/pkcs7/pkcs7t.h
new file mode 100644
index 000000000..4ef89027b
--- /dev/null
+++ b/security/nss/lib/pkcs7/pkcs7t.h
@@ -0,0 +1,233 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Header for pkcs7 types.
+ */
+
+#ifndef _PKCS7T_H_
+#define _PKCS7T_H_
+
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secoidt.h"
+#include "certt.h"
+#include "secmodt.h"
+
+/* Opaque objects */
+typedef struct SEC_PKCS7DecoderContextStr SEC_PKCS7DecoderContext;
+typedef struct SEC_PKCS7EncoderContextStr SEC_PKCS7EncoderContext;
+
+/* legacy defines that haven't been active for years */
+typedef void *(*SECKEYGetPasswordKey)(void *arg, void *handle);
+
+/* Non-opaque objects. NOTE, though: I want them to be treated as
+ * opaque as much as possible. If I could hide them completely,
+ * I would. (I tried, but ran into trouble that was taking me too
+ * much time to get out of.) I still intend to try to do so.
+ * In fact, the only type that "outsiders" should even *name* is
+ * SEC_PKCS7ContentInfo, and they should not reference its fields.
+ */
+/* rjr: PKCS #11 cert handling (pk11cert.c) does use SEC_PKCS7RecipientInfo's.
+ * This is because when we search the recipient list for the cert and key we
+ * want, we need to invert the order of the loops we used to have. The old
+ * loops were:
+ *
+ * For each recipient {
+ * find_cert = PK11_Find_AllCert(recipient->issuerSN);
+ * [which unrolls to... ]
+ * For each slot {
+ * Log into slot;
+ * search slot for cert;
+ * }
+ * }
+ *
+ * the new loop searchs all the recipients at once on a slot. this allows
+ * PKCS #11 to order slots in such a way that logout slots don't get checked
+ * if we can find the cert on a logged in slot. This eliminates lots of
+ * spurious password prompts when smart cards are installed... so why this
+ * comment? If you make SEC_PKCS7RecipientInfo completely opaque, you need
+ * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
+ * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
+ * function.
+ */
+typedef struct SEC_PKCS7ContentInfoStr SEC_PKCS7ContentInfo;
+typedef struct SEC_PKCS7SignedDataStr SEC_PKCS7SignedData;
+typedef struct SEC_PKCS7EncryptedContentInfoStr SEC_PKCS7EncryptedContentInfo;
+typedef struct SEC_PKCS7EnvelopedDataStr SEC_PKCS7EnvelopedData;
+typedef struct SEC_PKCS7SignedAndEnvelopedDataStr
+ SEC_PKCS7SignedAndEnvelopedData;
+typedef struct SEC_PKCS7SignerInfoStr SEC_PKCS7SignerInfo;
+typedef struct SEC_PKCS7RecipientInfoStr SEC_PKCS7RecipientInfo;
+typedef struct SEC_PKCS7DigestedDataStr SEC_PKCS7DigestedData;
+typedef struct SEC_PKCS7EncryptedDataStr SEC_PKCS7EncryptedData;
+/*
+ * The following is not actually a PKCS7 type, but for now it is only
+ * used by PKCS7, so we have adopted it. If someone else *ever* needs
+ * it, its name should be changed and it should be moved out of here.
+ * Do not dare to use it without doing so!
+ */
+typedef struct SEC_PKCS7AttributeStr SEC_PKCS7Attribute;
+
+struct SEC_PKCS7ContentInfoStr {
+ PLArenaPool *poolp; /* local; not part of encoding */
+ PRBool created; /* local; not part of encoding */
+ int refCount; /* local; not part of encoding */
+ SECOidData *contentTypeTag; /* local; not part of encoding */
+ SECKEYGetPasswordKey pwfn; /* local; not part of encoding */
+ void *pwfn_arg; /* local; not part of encoding */
+ SECItem contentType;
+ union {
+ SECItem *data;
+ SEC_PKCS7DigestedData *digestedData;
+ SEC_PKCS7EncryptedData *encryptedData;
+ SEC_PKCS7EnvelopedData *envelopedData;
+ SEC_PKCS7SignedData *signedData;
+ SEC_PKCS7SignedAndEnvelopedData *signedAndEnvelopedData;
+ } content;
+};
+
+struct SEC_PKCS7SignedDataStr {
+ SECItem version;
+ SECAlgorithmID **digestAlgorithms;
+ SEC_PKCS7ContentInfo contentInfo;
+ SECItem **rawCerts;
+ CERTSignedCrl **crls;
+ SEC_PKCS7SignerInfo **signerInfos;
+ SECItem **digests; /* local; not part of encoding */
+ CERTCertificate **certs; /* local; not part of encoding */
+ CERTCertificateList **certLists; /* local; not part of encoding */
+};
+#define SEC_PKCS7_SIGNED_DATA_VERSION 1 /* what we *create* */
+
+struct SEC_PKCS7EncryptedContentInfoStr {
+ SECOidData *contentTypeTag; /* local; not part of encoding */
+ SECItem contentType;
+ SECAlgorithmID contentEncAlg;
+ SECItem encContent;
+ SECItem plainContent; /* local; not part of encoding */
+ /* bytes not encrypted, but encoded */
+ int keysize; /* local; not part of encoding */
+ /* size of bulk encryption key
+ * (only used by creation code) */
+ SECOidTag encalg; /* local; not part of encoding */
+ /* oid tag of encryption algorithm
+ * (only used by creation code) */
+};
+
+struct SEC_PKCS7EnvelopedDataStr {
+ SECItem version;
+ SEC_PKCS7RecipientInfo **recipientInfos;
+ SEC_PKCS7EncryptedContentInfo encContentInfo;
+};
+#define SEC_PKCS7_ENVELOPED_DATA_VERSION 0 /* what we *create* */
+
+struct SEC_PKCS7SignedAndEnvelopedDataStr {
+ SECItem version;
+ SEC_PKCS7RecipientInfo **recipientInfos;
+ SECAlgorithmID **digestAlgorithms;
+ SEC_PKCS7EncryptedContentInfo encContentInfo;
+ SECItem **rawCerts;
+ CERTSignedCrl **crls;
+ SEC_PKCS7SignerInfo **signerInfos;
+ SECItem **digests; /* local; not part of encoding */
+ CERTCertificate **certs; /* local; not part of encoding */
+ CERTCertificateList **certLists; /* local; not part of encoding */
+ PK11SymKey *sigKey; /* local; not part of encoding */
+};
+#define SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION 1 /* what we *create* */
+
+struct SEC_PKCS7SignerInfoStr {
+ SECItem version;
+ CERTIssuerAndSN *issuerAndSN;
+ SECAlgorithmID digestAlg;
+ SEC_PKCS7Attribute **authAttr;
+ SECAlgorithmID digestEncAlg;
+ SECItem encDigest;
+ SEC_PKCS7Attribute **unAuthAttr;
+ CERTCertificate *cert; /* local; not part of encoding */
+ CERTCertificateList *certList; /* local; not part of encoding */
+};
+#define SEC_PKCS7_SIGNER_INFO_VERSION 1 /* what we *create* */
+
+struct SEC_PKCS7RecipientInfoStr {
+ SECItem version;
+ CERTIssuerAndSN *issuerAndSN;
+ SECAlgorithmID keyEncAlg;
+ SECItem encKey;
+ CERTCertificate *cert; /* local; not part of encoding */
+};
+#define SEC_PKCS7_RECIPIENT_INFO_VERSION 0 /* what we *create* */
+
+struct SEC_PKCS7DigestedDataStr {
+ SECItem version;
+ SECAlgorithmID digestAlg;
+ SEC_PKCS7ContentInfo contentInfo;
+ SECItem digest;
+};
+#define SEC_PKCS7_DIGESTED_DATA_VERSION 0 /* what we *create* */
+
+struct SEC_PKCS7EncryptedDataStr {
+ SECItem version;
+ SEC_PKCS7EncryptedContentInfo encContentInfo;
+};
+#define SEC_PKCS7_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
+
+/*
+ * See comment above about this type not really belonging to PKCS7.
+ */
+struct SEC_PKCS7AttributeStr {
+ /* The following fields make up an encoded Attribute: */
+ SECItem type;
+ SECItem **values; /* data may or may not be encoded */
+ /* The following fields are not part of an encoded Attribute: */
+ SECOidData *typeTag;
+ PRBool encoded; /* when true, values are encoded */
+};
+
+/*
+ * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
+ * If specified, this is where the content bytes (only) will be "sent"
+ * as they are recovered during the decoding.
+ *
+ * XXX Should just combine this with SEC_PKCS7EncoderContentCallback type
+ * and use a simpler, common name.
+ */
+typedef void (*SEC_PKCS7DecoderContentCallback)(void *arg,
+ const char *buf,
+ unsigned long len);
+
+/*
+ * Type of function passed to SEC_PKCS7Encode or SEC_PKCS7EncoderStart.
+ * This is where the encoded bytes will be "sent".
+ *
+ * XXX Should just combine this with SEC_PKCS7DecoderContentCallback type
+ * and use a simpler, common name.
+ */
+typedef void (*SEC_PKCS7EncoderOutputCallback)(void *arg,
+ const char *buf,
+ unsigned long len);
+
+/*
+ * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart
+ * to retrieve the decryption key. This function is inteded to be
+ * used for EncryptedData content info's which do not have a key available
+ * in a certificate, etc.
+ */
+typedef PK11SymKey *(*SEC_PKCS7GetDecryptKeyCallback)(void *arg,
+ SECAlgorithmID *algid);
+
+/*
+ * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
+ * This function in intended to be used to verify that decrypting a
+ * particular crypto algorithm is allowed. Content types which do not
+ * require decryption will not need the callback. If the callback
+ * is not specified for content types which require decryption, the
+ * decryption will be disallowed.
+ */
+typedef PRBool (*SEC_PKCS7DecryptionAllowedCallback)(SECAlgorithmID *algid,
+ PK11SymKey *bulkkey);
+
+#endif /* _PKCS7T_H_ */
diff --git a/security/nss/lib/pkcs7/secmime.c b/security/nss/lib/pkcs7/secmime.c
new file mode 100644
index 000000000..ca1046aa5
--- /dev/null
+++ b/security/nss/lib/pkcs7/secmime.c
@@ -0,0 +1,800 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Stuff specific to S/MIME policy and interoperability.
+ * Depends on PKCS7, but there should be no dependency the other way around.
+ */
+
+#include "secmime.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "ciferfam.h" /* for CIPHER_FAMILY symbols */
+#include "secasn1.h"
+#include "secitem.h"
+#include "cert.h"
+#include "key.h"
+#include "secerr.h"
+
+typedef struct smime_cipher_map_struct {
+ unsigned long cipher;
+ SECOidTag algtag;
+ SECItem *parms;
+} smime_cipher_map;
+
+/*
+ * These are macros because I think some subsequent parameters,
+ * like those for RC5, will want to use them, too, separately.
+ */
+#define SMIME_DER_INTVAL_16 SEC_ASN1_INTEGER, 0x01, 0x10
+#define SMIME_DER_INTVAL_40 SEC_ASN1_INTEGER, 0x01, 0x28
+#define SMIME_DER_INTVAL_64 SEC_ASN1_INTEGER, 0x01, 0x40
+#define SMIME_DER_INTVAL_128 SEC_ASN1_INTEGER, 0x02, 0x00, 0x80
+
+#ifdef SMIME_DOES_RC5 /* will be needed; quiet unused warning for now */
+static unsigned char smime_int16[] = { SMIME_DER_INTVAL_16 };
+#endif
+static unsigned char smime_int40[] = { SMIME_DER_INTVAL_40 };
+static unsigned char smime_int64[] = { SMIME_DER_INTVAL_64 };
+static unsigned char smime_int128[] = { SMIME_DER_INTVAL_128 };
+
+static SECItem smime_rc2p40 = { siBuffer, smime_int40, sizeof(smime_int40) };
+static SECItem smime_rc2p64 = { siBuffer, smime_int64, sizeof(smime_int64) };
+static SECItem smime_rc2p128 = { siBuffer, smime_int128, sizeof(smime_int128) };
+
+static smime_cipher_map smime_cipher_maps[] = {
+ { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &smime_rc2p40 },
+ { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &smime_rc2p64 },
+ { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &smime_rc2p128 },
+#ifdef SMIME_DOES_RC5
+ { SMIME_RC5PAD_64_16_40, SEC_OID_RC5_CBC_PAD, &smime_rc5p40 },
+ { SMIME_RC5PAD_64_16_64, SEC_OID_RC5_CBC_PAD, &smime_rc5p64 },
+ { SMIME_RC5PAD_64_16_128, SEC_OID_RC5_CBC_PAD, &smime_rc5p128 },
+#endif
+ { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL },
+ { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL }
+};
+
+/*
+ * Note, the following value really just needs to be an upper bound
+ * on the ciphers.
+ */
+static const int smime_symmetric_count = sizeof(smime_cipher_maps) / sizeof(smime_cipher_map);
+
+static unsigned long *smime_prefs, *smime_newprefs;
+static int smime_current_pref_index = 0;
+static PRBool smime_prefs_complete = PR_FALSE;
+static PRBool smime_prefs_changed = PR_TRUE;
+
+static unsigned long smime_policy_bits = 0;
+
+static int
+smime_mapi_by_cipher(unsigned long cipher)
+{
+ int i;
+
+ for (i = 0; i < smime_symmetric_count; i++) {
+ if (smime_cipher_maps[i].cipher == cipher)
+ break;
+ }
+
+ if (i == smime_symmetric_count)
+ return -1;
+
+ return i;
+}
+
+/*
+ * this function locally records the user's preference
+ */
+SECStatus
+SECMIME_EnableCipher(long which, int on)
+{
+ unsigned long mask;
+
+ if (smime_newprefs == NULL || smime_prefs_complete) {
+ /*
+ * This is either the very first time, or we are starting over.
+ */
+ smime_newprefs = (unsigned long *)PORT_ZAlloc(smime_symmetric_count * sizeof(*smime_newprefs));
+ if (smime_newprefs == NULL)
+ return SECFailure;
+ smime_current_pref_index = 0;
+ smime_prefs_complete = PR_FALSE;
+ }
+
+ mask = which & CIPHER_FAMILYID_MASK;
+ if (mask == CIPHER_FAMILYID_MASK) {
+ /*
+ * This call signifies that all preferences have been set.
+ * Move "newprefs" over, after checking first whether or
+ * not the new ones are different from the old ones.
+ */
+ if (smime_prefs != NULL) {
+ if (PORT_Memcmp(smime_prefs, smime_newprefs,
+ smime_symmetric_count * sizeof(*smime_prefs)) == 0)
+ smime_prefs_changed = PR_FALSE;
+ else
+ smime_prefs_changed = PR_TRUE;
+ PORT_Free(smime_prefs);
+ }
+
+ smime_prefs = smime_newprefs;
+ smime_prefs_complete = PR_TRUE;
+ return SECSuccess;
+ }
+
+ PORT_Assert(mask == CIPHER_FAMILYID_SMIME);
+ if (mask != CIPHER_FAMILYID_SMIME) {
+ /* XXX set an error! */
+ return SECFailure;
+ }
+
+ if (on) {
+ PORT_Assert(smime_current_pref_index < smime_symmetric_count);
+ if (smime_current_pref_index >= smime_symmetric_count) {
+ /* XXX set an error! */
+ return SECFailure;
+ }
+
+ smime_newprefs[smime_current_pref_index++] = which;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * this function locally records the export policy
+ */
+SECStatus
+SECMIME_SetPolicy(long which, int on)
+{
+ unsigned long mask;
+
+ PORT_Assert((which & CIPHER_FAMILYID_MASK) == CIPHER_FAMILYID_SMIME);
+ if ((which & CIPHER_FAMILYID_MASK) != CIPHER_FAMILYID_SMIME) {
+ /* XXX set an error! */
+ return SECFailure;
+ }
+
+ which &= ~CIPHER_FAMILYID_MASK;
+
+ PORT_Assert(which < 32); /* bits in the long */
+ if (which >= 32) {
+ /* XXX set an error! */
+ return SECFailure;
+ }
+
+ mask = 1UL << which;
+
+ if (on) {
+ smime_policy_bits |= mask;
+ } else {
+ smime_policy_bits &= ~mask;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Based on the given algorithm (including its parameters, in some cases!)
+ * and the given key (may or may not be inspected, depending on the
+ * algorithm), find the appropriate policy algorithm specification
+ * and return it. If no match can be made, -1 is returned.
+ */
+static long
+smime_policy_algorithm(SECAlgorithmID *algid, PK11SymKey *key)
+{
+ SECOidTag algtag;
+
+ algtag = SECOID_GetAlgorithmTag(algid);
+ switch (algtag) {
+ case SEC_OID_RC2_CBC: {
+ unsigned int keylen_bits;
+
+ keylen_bits = PK11_GetKeyStrength(key, algid);
+ switch (keylen_bits) {
+ case 40:
+ return SMIME_RC2_CBC_40;
+ case 64:
+ return SMIME_RC2_CBC_64;
+ case 128:
+ return SMIME_RC2_CBC_128;
+ default:
+ break;
+ }
+ } break;
+ case SEC_OID_DES_CBC:
+ return SMIME_DES_CBC_56;
+ case SEC_OID_DES_EDE3_CBC:
+ return SMIME_DES_EDE3_168;
+#ifdef SMIME_DOES_RC5
+ case SEC_OID_RC5_CBC_PAD:
+ PORT_Assert(0); /* XXX need to pull out parameters and match */
+ break;
+#endif
+ default:
+ break;
+ }
+
+ return -1;
+}
+
+static PRBool
+smime_cipher_allowed(unsigned long which)
+{
+ unsigned long mask;
+
+ which &= ~CIPHER_FAMILYID_MASK;
+ PORT_Assert(which < 32); /* bits per long (min) */
+ if (which >= 32)
+ return PR_FALSE;
+
+ mask = 1UL << which;
+ if ((mask & smime_policy_bits) == 0)
+ return PR_FALSE;
+
+ return PR_TRUE;
+}
+
+PRBool
+SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
+{
+ long which;
+
+ which = smime_policy_algorithm(algid, key);
+ if (which < 0)
+ return PR_FALSE;
+
+ return smime_cipher_allowed((unsigned long)which);
+}
+
+/*
+ * Does the current policy allow *any* S/MIME encryption (or decryption)?
+ *
+ * This tells whether or not *any* S/MIME encryption can be done,
+ * according to policy. Callers may use this to do nicer user interface
+ * (say, greying out a checkbox so a user does not even try to encrypt
+ * a message when they are not allowed to) or for any reason they want
+ * to check whether S/MIME encryption (or decryption, for that matter)
+ * may be done.
+ *
+ * It takes no arguments. The return value is a simple boolean:
+ * PR_TRUE means encryption (or decryption) is *possible*
+ * (but may still fail due to other reasons, like because we cannot
+ * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
+ * PR_FALSE means encryption (or decryption) is not permitted
+ *
+ * There are no errors from this routine.
+ */
+PRBool
+SECMIME_EncryptionPossible(void)
+{
+ if (smime_policy_bits != 0)
+ return PR_TRUE;
+
+ return PR_FALSE;
+}
+
+/*
+ * XXX Would like the "parameters" field to be a SECItem *, but the
+ * encoder is having trouble with optional pointers to an ANY. Maybe
+ * once that is fixed, can change this back...
+ */
+typedef struct smime_capability_struct {
+ unsigned long cipher; /* local; not part of encoding */
+ SECOidTag capIDTag; /* local; not part of encoding */
+ SECItem capabilityID;
+ SECItem parameters;
+} smime_capability;
+
+static const SEC_ASN1Template smime_capability_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(smime_capability) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(smime_capability, capabilityID) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+ offsetof(smime_capability, parameters) },
+ { 0 }
+};
+
+static const SEC_ASN1Template smime_capabilities_template[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, smime_capability_template }
+};
+
+static void
+smime_fill_capability(smime_capability *cap)
+{
+ unsigned long cipher;
+ SECOidTag algtag;
+ int i;
+
+ algtag = SECOID_FindOIDTag(&(cap->capabilityID));
+
+ for (i = 0; i < smime_symmetric_count; i++) {
+ if (smime_cipher_maps[i].algtag != algtag)
+ continue;
+ /*
+ * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
+ * 2 NULLs as equal and NULL and non-NULL as not equal), we could
+ * use that here instead of all of the following comparison code.
+ */
+ if (cap->parameters.data != NULL) {
+ if (smime_cipher_maps[i].parms == NULL)
+ continue;
+ if (cap->parameters.len != smime_cipher_maps[i].parms->len)
+ continue;
+ if (PORT_Memcmp(cap->parameters.data,
+ smime_cipher_maps[i].parms->data,
+ cap->parameters.len) == 0)
+ break;
+ } else if (smime_cipher_maps[i].parms == NULL) {
+ break;
+ }
+ }
+
+ if (i == smime_symmetric_count)
+ cipher = 0;
+ else
+ cipher = smime_cipher_maps[i].cipher;
+
+ cap->cipher = cipher;
+ cap->capIDTag = algtag;
+}
+
+static long
+smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
+{
+ PLArenaPool *poolp;
+ long chosen_cipher;
+ int *cipher_abilities;
+ int *cipher_votes;
+ int strong_mapi;
+ int rcount, mapi, max;
+
+ if (smime_policy_bits == 0) {
+ PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
+ return -1;
+ }
+
+ chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
+
+ poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (poolp == NULL)
+ goto done;
+
+ cipher_abilities = (int *)PORT_ArenaZAlloc(poolp,
+ smime_symmetric_count * sizeof(int));
+ if (cipher_abilities == NULL)
+ goto done;
+
+ cipher_votes = (int *)PORT_ArenaZAlloc(poolp,
+ smime_symmetric_count * sizeof(int));
+ if (cipher_votes == NULL)
+ goto done;
+
+ /*
+ * XXX Should have a #define somewhere which specifies default
+ * strong cipher. (Or better, a way to configure.)
+ */
+
+ /* Make triple-DES the strong cipher. */
+ strong_mapi = smime_mapi_by_cipher(SMIME_DES_EDE3_168);
+
+ PORT_Assert(strong_mapi >= 0);
+
+ for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
+ SECItem *profile;
+ smime_capability **caps;
+ int capi, pref;
+ SECStatus dstat;
+
+ pref = smime_symmetric_count;
+ profile = CERT_FindSMimeProfile(rcerts[rcount]);
+ if (profile != NULL && profile->data != NULL && profile->len > 0) {
+ caps = NULL;
+ dstat = SEC_QuickDERDecodeItem(poolp, &caps,
+ smime_capabilities_template,
+ profile);
+ if (dstat == SECSuccess && caps != NULL) {
+ for (capi = 0; caps[capi] != NULL; capi++) {
+ smime_fill_capability(caps[capi]);
+ mapi = smime_mapi_by_cipher(caps[capi]->cipher);
+ if (mapi >= 0) {
+ cipher_abilities[mapi]++;
+ cipher_votes[mapi] += pref;
+ --pref;
+ }
+ }
+ }
+ } else {
+ SECKEYPublicKey *key;
+ unsigned int pklen_bits;
+
+ /*
+ * XXX This is probably only good for RSA keys. What I would
+ * really like is a function to just say; Is the public key in
+ * this cert an export-length key? Then I would not have to
+ * know things like the value 512, or the kind of key, or what
+ * a subjectPublicKeyInfo is, etc.
+ */
+ key = CERT_ExtractPublicKey(rcerts[rcount]);
+ if (key != NULL) {
+ pklen_bits = SECKEY_PublicKeyStrength(key) * 8;
+ SECKEY_DestroyPublicKey(key);
+
+ if (pklen_bits > 512) {
+ cipher_abilities[strong_mapi]++;
+ cipher_votes[strong_mapi] += pref;
+ }
+ }
+ }
+ if (profile != NULL)
+ SECITEM_FreeItem(profile, PR_TRUE);
+ }
+
+ max = 0;
+ for (mapi = 0; mapi < smime_symmetric_count; mapi++) {
+ if (cipher_abilities[mapi] != rcount)
+ continue;
+ if (!smime_cipher_allowed(smime_cipher_maps[mapi].cipher))
+ continue;
+ if (cipher_votes[mapi] > max) {
+ chosen_cipher = smime_cipher_maps[mapi].cipher;
+ max = cipher_votes[mapi];
+ } /* XXX else if a tie, let scert break it? */
+ }
+
+done:
+ if (poolp != NULL)
+ PORT_FreeArena(poolp, PR_FALSE);
+
+ return chosen_cipher;
+}
+
+/*
+ * XXX This is a hack for now to satisfy our current interface.
+ * Eventually, with more parameters needing to be specified, just
+ * looking up the keysize is not going to be sufficient.
+ */
+static int
+smime_keysize_by_cipher(unsigned long which)
+{
+ int keysize;
+
+ switch (which) {
+ case SMIME_RC2_CBC_40:
+ keysize = 40;
+ break;
+ case SMIME_RC2_CBC_64:
+ keysize = 64;
+ break;
+ case SMIME_RC2_CBC_128:
+ keysize = 128;
+ break;
+#ifdef SMIME_DOES_RC5
+ case SMIME_RC5PAD_64_16_40:
+ case SMIME_RC5PAD_64_16_64:
+ case SMIME_RC5PAD_64_16_128:
+ /* XXX See comment above; keysize is not enough... */
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ keysize = -1;
+ break;
+#endif
+ case SMIME_DES_CBC_56:
+ case SMIME_DES_EDE3_168:
+ /*
+ * These are special; since the key size is fixed, we actually
+ * want to *avoid* specifying a key size.
+ */
+ keysize = 0;
+ break;
+ default:
+ keysize = -1;
+ break;
+ }
+
+ return keysize;
+}
+
+/*
+ * Start an S/MIME encrypting context.
+ *
+ * "scert" is the cert for the sender. It will be checked for validity.
+ * "rcerts" are the certs for the recipients. They will also be checked.
+ *
+ * "certdb" is the cert database to use for verifying the certs.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * This function already does all of the stuff specific to S/MIME protocol
+ * and local policy; the return value just needs to be passed to
+ * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
+ * and finally to SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+SEC_PKCS7ContentInfo *
+SECMIME_CreateEncrypted(CERTCertificate *scert,
+ CERTCertificate **rcerts,
+ CERTCertDBHandle *certdb,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ long cipher;
+ SECOidTag encalg;
+ int keysize;
+ int mapi, rci;
+
+ cipher = smime_choose_cipher(scert, rcerts);
+ if (cipher < 0)
+ return NULL;
+
+ mapi = smime_mapi_by_cipher(cipher);
+ if (mapi < 0)
+ return NULL;
+
+ /*
+ * XXX This is stretching it -- CreateEnvelopedData should probably
+ * take a cipher itself of some sort, because we cannot know what the
+ * future will bring in terms of parameters for each type of algorithm.
+ * For example, just an algorithm and keysize is *not* sufficient to
+ * fully specify the usage of RC5 (which also needs to know rounds and
+ * block size). Work this out into a better API!
+ */
+ encalg = smime_cipher_maps[mapi].algtag;
+ keysize = smime_keysize_by_cipher(cipher);
+ if (keysize < 0)
+ return NULL;
+
+ cinfo = SEC_PKCS7CreateEnvelopedData(scert, certUsageEmailRecipient,
+ certdb, encalg, keysize,
+ pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ for (rci = 0; rcerts[rci] != NULL; rci++) {
+ if (rcerts[rci] == scert)
+ continue;
+ if (SEC_PKCS7AddRecipient(cinfo, rcerts[rci], certUsageEmailRecipient,
+ NULL) != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+ }
+
+ return cinfo;
+}
+
+static smime_capability **smime_capabilities;
+static SECItem *smime_encoded_caps;
+
+static SECStatus
+smime_init_caps(void)
+{
+ smime_capability *cap;
+ smime_cipher_map *map;
+ SECOidData *oiddata;
+ SECStatus rv;
+ int i;
+
+ if (smime_encoded_caps != NULL && (!smime_prefs_changed))
+ return SECSuccess;
+
+ if (smime_encoded_caps != NULL) {
+ SECITEM_FreeItem(smime_encoded_caps, PR_TRUE);
+ smime_encoded_caps = NULL;
+ }
+
+ if (smime_capabilities == NULL) {
+ smime_capabilities = (smime_capability **)PORT_ZAlloc(
+ (smime_symmetric_count + 1) * sizeof(smime_capability *));
+ if (smime_capabilities == NULL)
+ return SECFailure;
+ }
+
+ rv = SECFailure;
+
+ /*
+ The process of creating the encoded PKCS7 cipher capability list
+ involves two basic steps:
+
+ (a) Convert our internal representation of cipher preferences
+ (smime_prefs) into an array containing cipher OIDs and
+ parameter data (smime_capabilities). This step is
+ performed here.
+
+ (b) Encode, using ASN.1, the cipher information in
+ smime_capabilities, leaving the encoded result in
+ smime_encoded_caps.
+
+ (In the process of performing (a), Lisa put in some optimizations
+ which allow us to avoid needlessly re-populating elements in
+ smime_capabilities as we walk through smime_prefs.)
+ */
+ for (i = 0; i < smime_current_pref_index; i++) {
+ int mapi;
+
+ /* Get the next cipher preference in smime_prefs. */
+ mapi = smime_mapi_by_cipher(smime_prefs[i]);
+ if (mapi < 0)
+ break;
+
+ /* Find the corresponding entry in the cipher map. */
+ PORT_Assert(mapi < smime_symmetric_count);
+ map = &(smime_cipher_maps[mapi]);
+
+ /*
+ * Convert the next preference found in smime_prefs into an
+ * smime_capability.
+ */
+
+ cap = smime_capabilities[i];
+ if (cap == NULL) {
+ cap = (smime_capability *)PORT_ZAlloc(sizeof(smime_capability));
+ if (cap == NULL)
+ break;
+ smime_capabilities[i] = cap;
+ } else if (cap->cipher == smime_prefs[i]) {
+ continue; /* no change to this one */
+ }
+
+ cap->capIDTag = map->algtag;
+ oiddata = SECOID_FindOIDByTag(map->algtag);
+ if (oiddata == NULL)
+ break;
+
+ if (cap->capabilityID.data != NULL) {
+ SECITEM_FreeItem(&(cap->capabilityID), PR_FALSE);
+ cap->capabilityID.data = NULL;
+ cap->capabilityID.len = 0;
+ }
+
+ rv = SECITEM_CopyItem(NULL, &(cap->capabilityID), &(oiddata->oid));
+ if (rv != SECSuccess)
+ break;
+
+ if (map->parms == NULL) {
+ cap->parameters.data = NULL;
+ cap->parameters.len = 0;
+ } else {
+ cap->parameters.data = map->parms->data;
+ cap->parameters.len = map->parms->len;
+ }
+
+ cap->cipher = smime_prefs[i];
+ }
+
+ if (i != smime_current_pref_index)
+ return rv;
+
+ while (i < smime_symmetric_count) {
+ cap = smime_capabilities[i];
+ if (cap != NULL) {
+ SECITEM_FreeItem(&(cap->capabilityID), PR_FALSE);
+ PORT_Free(cap);
+ }
+ smime_capabilities[i] = NULL;
+ i++;
+ }
+ smime_capabilities[i] = NULL;
+
+ smime_encoded_caps = SEC_ASN1EncodeItem(NULL, NULL, &smime_capabilities,
+ smime_capabilities_template);
+ if (smime_encoded_caps == NULL)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+static SECStatus
+smime_add_profile(CERTCertificate *cert, SEC_PKCS7ContentInfo *cinfo)
+{
+ PORT_Assert(smime_prefs_complete);
+ if (!smime_prefs_complete)
+ return SECFailure;
+
+ /* For that matter, if capabilities haven't been initialized yet,
+ do so now. */
+ if (smime_encoded_caps == NULL || smime_prefs_changed) {
+ SECStatus rv;
+
+ rv = smime_init_caps();
+ if (rv != SECSuccess)
+ return rv;
+
+ PORT_Assert(smime_encoded_caps != NULL);
+ }
+
+ return SEC_PKCS7AddSignedAttribute(cinfo, SEC_OID_PKCS9_SMIME_CAPABILITIES,
+ smime_encoded_caps);
+}
+
+/*
+ * Start an S/MIME signing context.
+ *
+ * "scert" is the cert that will be used to sign the data. It will be
+ * checked for validity.
+ *
+ * "ecert" is the signer's encryption cert. If it is different from
+ * scert, then it will be included in the signed message so that the
+ * recipient can save it for future encryptions.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
+ * XXX There should be SECMIME functions for hashing, or the hashing should
+ * be built into this interface, which we would like because we would
+ * support more smartcards that way, and then this argument should go away.)
+ *
+ * "digest" is the actual digest of the data. It must be provided in
+ * the case of detached data or NULL if the content will be included.
+ *
+ * This function already does all of the stuff specific to S/MIME protocol
+ * and local policy; the return value just needs to be passed to
+ * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
+ * and finally to SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+
+SEC_PKCS7ContentInfo *
+SECMIME_CreateSigned(CERTCertificate *scert,
+ CERTCertificate *ecert,
+ CERTCertDBHandle *certdb,
+ SECOidTag digestalg,
+ SECItem *digest,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfn_arg)
+{
+ SEC_PKCS7ContentInfo *cinfo;
+ SECStatus rv;
+
+ /* See note in header comment above about digestalg. */
+ /* Doesn't explain this. PORT_Assert (digestalg == SEC_OID_SHA1); */
+
+ cinfo = SEC_PKCS7CreateSignedData(scert, certUsageEmailSigner,
+ certdb, digestalg, digest,
+ pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ if (SEC_PKCS7IncludeCertChain(cinfo, NULL) != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+
+ /* if the encryption cert and the signing cert differ, then include
+ * the encryption cert too.
+ */
+ /* it is ok to compare the pointers since we ref count, and the same
+ * cert will always have the same pointer
+ */
+ if ((ecert != NULL) && (ecert != scert)) {
+ rv = SEC_PKCS7AddCertificate(cinfo, ecert);
+ if (rv != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo(cinfo);
+ return NULL;
+ }
+ }
+ /*
+ * Add the signing time. But if it fails for some reason,
+ * may as well not give up altogether -- just assert.
+ */
+ rv = SEC_PKCS7AddSigningTime(cinfo);
+ PORT_Assert(rv == SECSuccess);
+
+ /*
+ * Add the email profile. Again, if it fails for some reason,
+ * may as well not give up altogether -- just assert.
+ */
+ rv = smime_add_profile(ecert, cinfo);
+ PORT_Assert(rv == SECSuccess);
+
+ return cinfo;
+}
diff --git a/security/nss/lib/pkcs7/secmime.h b/security/nss/lib/pkcs7/secmime.h
new file mode 100644
index 000000000..683cd8db4
--- /dev/null
+++ b/security/nss/lib/pkcs7/secmime.h
@@ -0,0 +1,160 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Header file for routines specific to S/MIME. Keep things that are pure
+ * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
+ */
+
+#ifndef _SECMIME_H_
+#define _SECMIME_H_ 1
+
+#include "secpkcs7.h"
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/*
+ * Initialize the local recording of the user S/MIME cipher preferences.
+ * This function is called once for each cipher, the order being
+ * important (first call records greatest preference, and so on).
+ * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
+ * If the function is called again after that, it is assumed that
+ * the preferences are being reset, and the old preferences are
+ * discarded.
+ *
+ * XXX This is for a particular user, and right now the storage is
+ * XXX local, static. The preference should be stored elsewhere to allow
+ * XXX for multiple uses of one library? How does SSL handle this;
+ * XXX it has something similar?
+ *
+ * - The "which" values are defined in ciferfam.h (the SMIME_* values,
+ * for example SMIME_DES_CBC_56).
+ * - If "on" is non-zero then the named cipher is enabled, otherwise
+ * it is disabled. (It is not necessary to call the function for
+ * ciphers that are disabled, however, as that is the default.)
+ *
+ * If the cipher preference is successfully recorded, SECSuccess
+ * is returned. Otherwise SECFailure is returned. The only errors
+ * are due to failure allocating memory or bad parameters/calls:
+ * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
+ * SEC_ERROR_XXX (function is being called more times than there
+ * are known/expected ciphers)
+ */
+extern SECStatus SECMIME_EnableCipher(long which, int on);
+
+/*
+ * Initialize the local recording of the S/MIME policy.
+ * This function is called to enable/disable a particular cipher.
+ * (S/MIME encryption or decryption using a particular cipher is only
+ * allowed if that cipher is currently enabled.) At startup, all S/MIME
+ * ciphers are disabled. From that point, this function can be called
+ * to enable a cipher -- it is not necessary to call this to disable
+ * a cipher unless that cipher was previously, explicitly enabled via
+ * this function.
+ *
+ * XXX This is for a the current module, I think, so local, static storage
+ * XXX is okay. Is that correct, or could multiple uses of the same
+ * XXX library expect to operate under different policies?
+ *
+ * - The "which" values are defined in ciferfam.h (the SMIME_* values,
+ * for example SMIME_DES_CBC_56).
+ * - If "on" is non-zero then the named cipher is enabled, otherwise
+ * it is disabled.
+ *
+ * If the cipher is successfully enabled/disabled, SECSuccess is
+ * returned. Otherwise SECFailure is returned. The only errors
+ * are due to bad parameters:
+ * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
+ * SEC_ERROR_XXX ("which" exceeds expected maximum cipher; this is
+ * really an internal error)
+ */
+extern SECStatus SECMIME_SetPolicy(long which, int on);
+
+/*
+ * Does the current policy allow S/MIME decryption of this particular
+ * algorithm and keysize?
+ */
+extern PRBool SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
+
+/*
+ * Does the current policy allow *any* S/MIME encryption (or decryption)?
+ *
+ * This tells whether or not *any* S/MIME encryption can be done,
+ * according to policy. Callers may use this to do nicer user interface
+ * (say, greying out a checkbox so a user does not even try to encrypt
+ * a message when they are not allowed to) or for any reason they want
+ * to check whether S/MIME encryption (or decryption, for that matter)
+ * may be done.
+ *
+ * It takes no arguments. The return value is a simple boolean:
+ * PR_TRUE means encryption (or decryption) is *possible*
+ * (but may still fail due to other reasons, like because we cannot
+ * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
+ * PR_FALSE means encryption (or decryption) is not permitted
+ *
+ * There are no errors from this routine.
+ */
+extern PRBool SECMIME_EncryptionPossible(void);
+
+/*
+ * Start an S/MIME encrypting context.
+ *
+ * "scert" is the cert for the sender. It will be checked for validity.
+ * "rcerts" are the certs for the recipients. They will also be checked.
+ *
+ * "certdb" is the cert database to use for verifying the certs.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * This function already does all of the stuff specific to S/MIME protocol
+ * and local policy; the return value just needs to be passed to
+ * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
+ * and finally to SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *SECMIME_CreateEncrypted(CERTCertificate *scert,
+ CERTCertificate **rcerts,
+ CERTCertDBHandle *certdb,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfn_arg);
+
+/*
+ * Start an S/MIME signing context.
+ *
+ * "scert" is the cert that will be used to sign the data. It will be
+ * checked for validity.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "digestalg" names the digest algorithm. (It should be SEC_OID_SHA1;
+ * XXX There should be SECMIME functions for hashing, or the hashing should
+ * be built into this interface, which we would like because we would
+ * support more smartcards that way, and then this argument should go away.)
+ *
+ * "digest" is the actual digest of the data. It must be provided in
+ * the case of detached data or NULL if the content will be included.
+ *
+ * This function already does all of the stuff specific to S/MIME protocol
+ * and local policy; the return value just needs to be passed to
+ * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
+ * and finally to SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *SECMIME_CreateSigned(CERTCertificate *scert,
+ CERTCertificate *ecert,
+ CERTCertDBHandle *certdb,
+ SECOidTag digestalg,
+ SECItem *digest,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfn_arg);
+
+/************************************************************************/
+SEC_END_PROTOS
+
+#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/pkcs7/secpkcs7.h b/security/nss/lib/pkcs7/secpkcs7.h
new file mode 100644
index 000000000..d95c7d891
--- /dev/null
+++ b/security/nss/lib/pkcs7/secpkcs7.h
@@ -0,0 +1,606 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Interface to the PKCS7 implementation.
+ */
+
+#ifndef _SECPKCS7_H_
+#define _SECPKCS7_H_
+
+#include "seccomon.h"
+
+#include "secoidt.h"
+#include "certt.h"
+#include "keyt.h"
+#include "hasht.h"
+#include "pkcs7t.h"
+
+extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/************************************************************************
+ * Miscellaneous
+ ************************************************************************/
+
+/*
+ * Returns the content type of the given contentInfo.
+ */
+extern SECOidTag SEC_PKCS7ContentType(SEC_PKCS7ContentInfo *cinfo);
+
+/*
+ * Destroy a PKCS7 contentInfo and all of its sub-pieces.
+ */
+extern void SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
+
+/*
+ * Copy a PKCS7 contentInfo. A Destroy is needed on *each* copy.
+ */
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
+
+/*
+ * Return a pointer to the actual content. In the case of those types
+ * which are encrypted, this returns the *plain* content.
+ */
+extern SECItem *SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo);
+
+/************************************************************************
+ * PKCS7 Decoding, Verification, etc..
+ ************************************************************************/
+
+extern SEC_PKCS7DecoderContext *
+SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback callback,
+ void *callback_arg,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg,
+ SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
+ void *decrypt_key_cb_arg,
+ SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
+
+extern SECStatus
+SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
+ const char *buf, unsigned long len);
+
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx);
+
+/* Abort the underlying ASN.1 stream & set an error */
+void SEC_PKCS7DecoderAbort(SEC_PKCS7DecoderContext *p7dcx, int error);
+
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7DecodeItem(SECItem *p7item,
+ SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg,
+ SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
+ void *decrypt_key_cb_arg,
+ SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
+
+extern PRBool SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo);
+
+/* checks to see if the contents of the content info is
+ * empty. it so, PR_TRUE is returned. PR_FALSE, otherwise.
+ *
+ * minLen is used to specify a minimum size. if content size <= minLen,
+ * content is assumed empty.
+ */
+extern PRBool
+SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen);
+
+extern PRBool SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo);
+
+/*
+ * If the PKCS7 content has a signature (not just *could* have a signature)
+ * return true; false otherwise. This can/should be called before calling
+ * VerifySignature, which will always indicate failure if no signature is
+ * present, but that does not mean there even was a signature!
+ * Note that the content itself can be empty (detached content was sent
+ * another way); it is the presence of the signature that matters.
+ */
+extern PRBool SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo);
+
+/*
+ * SEC_PKCS7VerifySignature
+ * Look at a PKCS7 contentInfo and check if the signature is good.
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage".
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ */
+extern PRBool SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ PRBool keepcerts);
+
+/*
+ * SEC_PKCS7VerifyDetachedSignature
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage".
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ */
+extern PRBool SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts);
+
+/*
+ * SEC_PKCS7VerifyDetachedSignatureAtTime
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at time "atTime".
+ *
+ * In addition, if "keepcerts" is true, add any new certificates found
+ * into our local database.
+ */
+extern PRBool
+SEC_PKCS7VerifyDetachedSignatureAtTime(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ PRTime atTime);
+
+/*
+ * SEC_PKCS7GetSignerCommonName, SEC_PKCS7GetSignerEmailAddress
+ * The passed-in contentInfo is espected to be Signed, and these
+ * functions return the specified portion of the full signer name.
+ *
+ * Returns a pointer to allocated memory, which must be freed.
+ * A NULL return value is an error.
+ */
+extern char *SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo);
+extern char *SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo);
+
+/*
+ * Return the the signing time, in UTCTime format, of a PKCS7 contentInfo.
+ */
+extern SECItem *SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo);
+
+/************************************************************************
+ * PKCS7 Creation and Encoding.
+ ************************************************************************/
+
+/*
+ * Start a PKCS7 signing context.
+ *
+ * "cert" is the cert that will be used to sign the data. It will be
+ * checked for validity.
+ *
+ * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
+ * XXX Maybe SECCertUsage should be split so that our caller just says
+ * "email" and *we* add the "signing" part -- otherwise our caller
+ * could be lying about the usage; we do not want to allow encryption
+ * certs for signing or vice versa.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
+ *
+ * "digest" is the actual digest of the data. It must be provided in
+ * the case of detached data or NULL if the content will be included.
+ *
+ * The return value can be passed to functions which add things to
+ * it like attributes, then eventually to SEC_PKCS7Encode() or to
+ * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
+ * SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateSignedData(CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb,
+ SECOidTag digestalg,
+ SECItem *digest,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg);
+
+/*
+ * Create a PKCS7 certs-only container.
+ *
+ * "cert" is the (first) cert that will be included.
+ *
+ * "include_chain" specifies whether the entire chain for "cert" should
+ * be included.
+ *
+ * "certdb" is the cert database to use for finding the chain.
+ * It can be NULL in when "include_chain" is false, or when meaning
+ * use the default database.
+ *
+ * More certs and chains can be added via AddCertficate and AddCertChain.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateCertsOnly(CERTCertificate *cert,
+ PRBool include_chain,
+ CERTCertDBHandle *certdb);
+
+/*
+ * Start a PKCS7 enveloping context.
+ *
+ * "cert" is the cert for the recipient. It will be checked for validity.
+ *
+ * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
+ * XXX Maybe SECCertUsage should be split so that our caller just says
+ * "email" and *we* add the "recipient" part -- otherwise our caller
+ * could be lying about the usage; we do not want to allow encryption
+ * certs for signing or vice versa.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
+ *
+ * "keysize" specifies the bulk encryption key size, in bits.
+ *
+ * The return value can be passed to functions which add things to
+ * it like more recipients, then eventually to SEC_PKCS7Encode() or to
+ * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
+ * SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateEnvelopedData(CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb,
+ SECOidTag encalg,
+ int keysize,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg);
+
+/*
+ * XXX There will be a similar routine for creating signedAndEnvelopedData.
+ * But its parameters will be different and I have no plans to implement
+ * it any time soon because we have no current need for it.
+ */
+
+/*
+ * Create an empty PKCS7 data content info.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *SEC_PKCS7CreateData(void);
+
+/*
+ * Create an empty PKCS7 encrypted content info.
+ *
+ * "algorithm" specifies the bulk encryption algorithm to use.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern SEC_PKCS7ContentInfo *
+SEC_PKCS7CreateEncryptedData(SECOidTag algorithm, int keysize,
+ SECKEYGetPasswordKey pwfn, void *pwfn_arg);
+
+/*
+ * All of the following things return SECStatus to signal success or failure.
+ * Failure should have a more specific error status available via
+ * PORT_GetError()/XP_GetError().
+ */
+
+/*
+ * Add the specified attribute to the authenticated (i.e. signed) attributes
+ * of "cinfo" -- "oidtag" describes the attribute and "value" is the
+ * value to be associated with it. NOTE! "value" must already be encoded;
+ * no interpretation of "oidtag" is done. Also, it is assumed that this
+ * signedData has only one signer -- if we ever need to add attributes
+ * when there is more than one signature, we need a way to specify *which*
+ * signature should get the attribute.
+ *
+ * XXX Technically, a signed attribute can have multiple values; if/when
+ * we ever need to support an attribute which takes multiple values, we
+ * either need to change this interface or create an AddSignedAttributeValue
+ * which can be called subsequently, and would then append a value.
+ *
+ * "cinfo" should be of type signedData (the only kind of pkcs7 data
+ * that is allowed authenticated attributes); SECFailure will be returned
+ * if it is not.
+ */
+extern SECStatus SEC_PKCS7AddSignedAttribute(SEC_PKCS7ContentInfo *cinfo,
+ SECOidTag oidtag,
+ SECItem *value);
+
+/*
+ * Add "cert" and its entire chain to the set of certs included in "cinfo".
+ *
+ * "certdb" is the cert database to use for finding the chain.
+ * It can be NULL, meaning use the default database.
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+extern SECStatus SEC_PKCS7AddCertChain(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ CERTCertDBHandle *certdb);
+
+/*
+ * Add "cert" to the set of certs included in "cinfo".
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+extern SECStatus SEC_PKCS7AddCertificate(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert);
+
+/*
+ * Add another recipient to an encrypted message.
+ *
+ * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ *
+ * "cert" is the cert for the recipient. It will be checked for validity.
+ *
+ * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
+ * XXX Maybe SECCertUsage should be split so that our caller just says
+ * "email" and *we* add the "recipient" part -- otherwise our caller
+ * could be lying about the usage; we do not want to allow encryption
+ * certs for signing or vice versa.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ */
+extern SECStatus SEC_PKCS7AddRecipient(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertificate *cert,
+ SECCertUsage certusage,
+ CERTCertDBHandle *certdb);
+
+/*
+ * Add the signing time to the authenticated (i.e. signed) attributes
+ * of "cinfo". This is expected to be included in outgoing signed
+ * messages for email (S/MIME) but is likely useful in other situations.
+ *
+ * This should only be added once; a second call will either do
+ * nothing or replace an old signing time with a newer one.
+ *
+ * XXX This will probably just shove the current time into "cinfo"
+ * but it will not actually get signed until the entire item is
+ * processed for encoding. Is this (expected to be small) delay okay?
+ *
+ * "cinfo" should be of type signedData (the only kind of pkcs7 data
+ * that is allowed authenticated attributes); SECFailure will be returned
+ * if it is not.
+ */
+extern SECStatus SEC_PKCS7AddSigningTime(SEC_PKCS7ContentInfo *cinfo);
+
+/*
+ * Add the signer's symmetric capabilities to the authenticated
+ * (i.e. signed) attributes of "cinfo". This is expected to be
+ * included in outgoing signed messages for email (S/MIME).
+ *
+ * This can only be added once; a second call will return SECFailure.
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+extern SECStatus SEC_PKCS7AddSymmetricCapabilities(SEC_PKCS7ContentInfo *cinfo);
+
+/*
+ * Mark that the signer's certificate and its issuing chain should
+ * be included in the encoded data. This is expected to be used
+ * in outgoing signed messages for email (S/MIME).
+ *
+ * "certdb" is the cert database to use for finding the chain.
+ * It can be NULL, meaning use the default database.
+ *
+ * "cinfo" should be of type signedData or signedAndEnvelopedData;
+ * SECFailure will be returned if it is not.
+ */
+extern SECStatus SEC_PKCS7IncludeCertChain(SEC_PKCS7ContentInfo *cinfo,
+ CERTCertDBHandle *certdb);
+
+/*
+ * Set the content; it will be included and also hashed and/or encrypted
+ * as appropriate. This is for in-memory content (expected to be "small")
+ * that will be included in the PKCS7 object. All others should stream the
+ * content through when encoding (see SEC_PKCS7Encoder{Start,Update,Finish}).
+ *
+ * "buf" points to data of length "len"; it will be copied.
+ */
+extern SECStatus SEC_PKCS7SetContent(SEC_PKCS7ContentInfo *cinfo,
+ const char *buf, unsigned long len);
+
+/*
+ * Encode a PKCS7 object, in one shot. All necessary components
+ * of the object must already be specified. Either the data has
+ * already been included (via SetContent), or the data is detached,
+ * or there is no data at all (certs-only).
+ *
+ * "cinfo" specifies the object to be encoded.
+ *
+ * "outputfn" is where the encoded bytes will be passed.
+ *
+ * "outputarg" is an opaque argument to the above callback.
+ *
+ * "bulkkey" specifies the bulk encryption key to use. This argument
+ * can be NULL if no encryption is being done, or if the bulk key should
+ * be generated internally (usually the case for EnvelopedData but never
+ * for EncryptedData, which *must* provide a bulk encryption key).
+ *
+ * "pwfn" is a callback for getting the password which protects the
+ * private key of the signer. This argument can be NULL if it is known
+ * that no signing is going to be done.
+ *
+ * "pwfnarg" is an opaque argument to the above callback.
+ */
+extern SECStatus SEC_PKCS7Encode(SEC_PKCS7ContentInfo *cinfo,
+ SEC_PKCS7EncoderOutputCallback outputfn,
+ void *outputarg,
+ PK11SymKey *bulkkey,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg);
+
+/*
+ * Encode a PKCS7 object, in one shot. All necessary components
+ * of the object must already be specified. Either the data has
+ * already been included (via SetContent), or the data is detached,
+ * or there is no data at all (certs-only). The output, rather than
+ * being passed to an output function as is done above, is all put
+ * into a SECItem.
+ *
+ * "pool" specifies a pool from which to allocate the result.
+ * It can be NULL, in which case memory is allocated generically.
+ *
+ * "dest" specifies a SECItem in which to put the result data.
+ * It can be NULL, in which case the entire item is allocated, too.
+ *
+ * "cinfo" specifies the object to be encoded.
+ *
+ * "bulkkey" specifies the bulk encryption key to use. This argument
+ * can be NULL if no encryption is being done, or if the bulk key should
+ * be generated internally (usually the case for EnvelopedData but never
+ * for EncryptedData, which *must* provide a bulk encryption key).
+ *
+ * "pwfn" is a callback for getting the password which protects the
+ * private key of the signer. This argument can be NULL if it is known
+ * that no signing is going to be done.
+ *
+ * "pwfnarg" is an opaque argument to the above callback.
+ */
+extern SECItem *SEC_PKCS7EncodeItem(PLArenaPool *pool,
+ SECItem *dest,
+ SEC_PKCS7ContentInfo *cinfo,
+ PK11SymKey *bulkkey,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg);
+
+/*
+ * For those who want to simply point to the pkcs7 contentInfo ASN.1
+ * template, and *not* call the encoding functions directly, the
+ * following function can be used -- after it is called, the entire
+ * PKCS7 contentInfo is ready to be encoded.
+ */
+extern SECStatus SEC_PKCS7PrepareForEncode(SEC_PKCS7ContentInfo *cinfo,
+ PK11SymKey *bulkkey,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg);
+
+/*
+ * Start the process of encoding a PKCS7 object. The first part of
+ * the encoded object will be passed to the output function right away;
+ * after that it is expected that SEC_PKCS7EncoderUpdate will be called,
+ * streaming in the actual content that is getting included as well as
+ * signed or encrypted (or both).
+ *
+ * "cinfo" specifies the object to be encoded.
+ *
+ * "outputfn" is where the encoded bytes will be passed.
+ *
+ * "outputarg" is an opaque argument to the above callback.
+ *
+ * "bulkkey" specifies the bulk encryption key to use. This argument
+ * can be NULL if no encryption is being done, or if the bulk key should
+ * be generated internally (usually the case for EnvelopedData but never
+ * for EncryptedData, which *must* provide a bulk encryption key).
+ *
+ * Returns an object to be passed to EncoderUpdate and EncoderFinish.
+ */
+extern SEC_PKCS7EncoderContext *
+SEC_PKCS7EncoderStart(SEC_PKCS7ContentInfo *cinfo,
+ SEC_PKCS7EncoderOutputCallback outputfn,
+ void *outputarg,
+ PK11SymKey *bulkkey);
+
+/*
+ * Encode more contents, hashing and/or encrypting along the way.
+ */
+extern SECStatus SEC_PKCS7EncoderUpdate(SEC_PKCS7EncoderContext *p7ecx,
+ const char *buf,
+ unsigned long len);
+
+/*
+ * No more contents; finish the signature creation, if appropriate,
+ * and then the encoding.
+ *
+ * "pwfn" is a callback for getting the password which protects the
+ * signer's private key. This argument can be NULL if it is known
+ * that no signing is going to be done.
+ *
+ * "pwfnarg" is an opaque argument to the above callback.
+ */
+extern SECStatus SEC_PKCS7EncoderFinish(SEC_PKCS7EncoderContext *p7ecx,
+ SECKEYGetPasswordKey pwfn,
+ void *pwfnarg);
+
+/* Abort the underlying ASN.1 stream & set an error */
+void SEC_PKCS7EncoderAbort(SEC_PKCS7EncoderContext *p7dcx, int error);
+
+/* retrieve the algorithm ID used to encrypt the content info
+ * for encrypted and enveloped data. The SECAlgorithmID pointer
+ * returned needs to be freed as it is a copy of the algorithm
+ * id in the content info.
+ */
+extern SECAlgorithmID *
+SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo);
+
+/* the content of an encrypted data content info is encrypted.
+ * it is assumed that for encrypted data, that the data has already
+ * been set and is in the "plainContent" field of the content info.
+ *
+ * cinfo is the content info to encrypt
+ *
+ * key is the key with which to perform the encryption. if the
+ * algorithm is a password based encryption algorithm, the
+ * key is actually a password which will be processed per
+ * PKCS #5.
+ *
+ * in the event of an error, SECFailure is returned. SECSuccess
+ * indicates a success.
+ */
+extern SECStatus
+SEC_PKCS7EncryptContents(PLArenaPool *poolp,
+ SEC_PKCS7ContentInfo *cinfo,
+ SECItem *key,
+ void *wincx);
+
+/* the content of an encrypted data content info is decrypted.
+ * it is assumed that for encrypted data, that the data has already
+ * been set and is in the "encContent" field of the content info.
+ *
+ * cinfo is the content info to decrypt
+ *
+ * key is the key with which to perform the decryption. if the
+ * algorithm is a password based encryption algorithm, the
+ * key is actually a password which will be processed per
+ * PKCS #5.
+ *
+ * in the event of an error, SECFailure is returned. SECSuccess
+ * indicates a success.
+ */
+extern SECStatus
+SEC_PKCS7DecryptContents(PLArenaPool *poolp,
+ SEC_PKCS7ContentInfo *cinfo,
+ SECItem *key,
+ void *wincx);
+
+/* retrieve the certificate list from the content info. the list
+ * is a pointer to the list in the content info. this should not
+ * be deleted or freed in any way short of calling
+ * SEC_PKCS7DestroyContentInfo
+ */
+extern SECItem **
+SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo);
+
+/* Returns the key length (in bits) of the algorithm used to encrypt
+ this object. Returns 0 if it's not encrypted, or the key length is
+ irrelevant. */
+extern int
+SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo);
+
+/************************************************************************/
+SEC_END_PROTOS
+
+#endif /* _SECPKCS7_H_ */
diff --git a/security/nss/lib/pki/Makefile b/security/nss/lib/pki/Makefile
new file mode 100644
index 000000000..fc78ae92c
--- /dev/null
+++ b/security/nss/lib/pki/Makefile
@@ -0,0 +1,11 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+include manifest.mn
+include $(CORE_DEPTH)/coreconf/config.mk
+include config.mk
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+export:: private_export
diff --git a/security/nss/lib/pki/asymmkey.c b/security/nss/lib/pki/asymmkey.c
new file mode 100644
index 000000000..ce1f5032d
--- /dev/null
+++ b/security/nss/lib/pki/asymmkey.c
@@ -0,0 +1,361 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+NSS_IMPLEMENT PRStatus
+NSSPrivateKey_Destroy(
+ NSSPrivateKey *vk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSPrivateKey_DeleteStoredObject(
+ NSSPrivateKey *vk,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRUint32
+NSSPrivateKey_GetSignatureLength(
+ NSSPrivateKey *vk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return -1;
+}
+
+NSS_IMPLEMENT PRUint32
+NSSPrivateKey_GetPrivateModulusLength(
+ NSSPrivateKey *vk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return -1;
+}
+
+NSS_IMPLEMENT PRBool
+NSSPrivateKey_IsStillPresent(
+ NSSPrivateKey *vk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FALSE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPrivateKey_Encode(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *ap,
+ NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSTrustDomain *
+NSSPrivateKey_GetTrustDomain(
+ NSSPrivateKey *vk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSPrivateKey_GetToken(NSSPrivateKey *vk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSlot *
+NSSPrivateKey_GetSlot(NSSPrivateKey *vk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSModule *
+NSSPrivateKey_GetModule(
+ NSSPrivateKey *vk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPrivateKey_Decrypt(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *encryptedData,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPrivateKey_Sign(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPrivateKey_SignRecover(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSPrivateKey_UnwrapSymmetricKey(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSPrivateKey_DeriveSymmetricKey(
+ NSSPrivateKey *vk,
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt, /* zero for best allowed */
+ NSSOperations operations,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSPublicKey *
+NSSPrivateKey_FindPublicKey(
+ NSSPrivateKey *vk
+ /* { don't need the callback here, right? } */
+ )
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSPrivateKey_CreateCryptoContext(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSPrivateKey_FindCertificates(
+ NSSPrivateKey *vk,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSPrivateKey_FindBestCertificate(
+ NSSPrivateKey *vk,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSPublicKey_Destroy(NSSPublicKey *bk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSPublicKey_DeleteStoredObject(
+ NSSPublicKey *bk,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPublicKey_Encode(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *ap,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSTrustDomain *
+NSSPublicKey_GetTrustDomain(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSPublicKey_GetToken(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSlot *
+NSSPublicKey_GetSlot(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSModule *
+NSSPublicKey_GetModule(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPublicKey_Encrypt(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSPublicKey_Verify(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPublicKey_VerifyRecover(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSPublicKey_WrapSymmetricKey(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSPublicKey_CreateCryptoContext(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSPublicKey_FindCertificates(
+ NSSPublicKey *bk,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSPublicKey_FindBestCertificate(
+ NSSPublicKey *bk,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSPrivateKey *
+NSSPublicKey_FindPrivateKey(
+ NSSPublicKey *bk,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
diff --git a/security/nss/lib/pki/certdecode.c b/security/nss/lib/pki/certdecode.c
new file mode 100644
index 000000000..61c803320
--- /dev/null
+++ b/security/nss/lib/pki/certdecode.c
@@ -0,0 +1,60 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKIT_H
+#include "pkit.h"
+#endif /* PKIT_H */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+/* This is defined in pki3hack.c */
+NSS_EXTERN nssDecodedCert *
+nssDecodedPKIXCertificate_Create(
+ NSSArena *arenaOpt,
+ NSSDER *encoding);
+
+NSS_IMPLEMENT PRStatus
+nssDecodedPKIXCertificate_Destroy(
+ nssDecodedCert *dc);
+
+NSS_IMPLEMENT nssDecodedCert *
+nssDecodedCert_Create(
+ NSSArena *arenaOpt,
+ NSSDER *encoding,
+ NSSCertificateType type)
+{
+ nssDecodedCert *rvDC = NULL;
+ switch (type) {
+ case NSSCertificateType_PKIX:
+ rvDC = nssDecodedPKIXCertificate_Create(arenaOpt, encoding);
+ break;
+ default:
+#if 0
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+#endif
+ return (nssDecodedCert *)NULL;
+ }
+ return rvDC;
+}
+
+NSS_IMPLEMENT PRStatus
+nssDecodedCert_Destroy(
+ nssDecodedCert *dc)
+{
+ if (!dc) {
+ return PR_FAILURE;
+ }
+ switch (dc->type) {
+ case NSSCertificateType_PKIX:
+ return nssDecodedPKIXCertificate_Destroy(dc);
+ default:
+#if 0
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+#endif
+ break;
+ }
+ return PR_FAILURE;
+}
diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c
new file mode 100644
index 000000000..4d94bc843
--- /dev/null
+++ b/security/nss/lib/pki/certificate.c
@@ -0,0 +1,1101 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+#ifndef PKIT_H
+#include "pkit.h"
+#endif /* PKIT_H */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#ifndef DEV_H
+#include "dev.h"
+#endif /* DEV_H */
+
+#include "pkistore.h"
+
+#include "pki3hack.h"
+#include "pk11func.h"
+#include "hasht.h"
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+/* Creates a certificate from a base object */
+NSS_IMPLEMENT NSSCertificate *
+nssCertificate_Create(
+ nssPKIObject *object)
+{
+ PRStatus status;
+ NSSCertificate *rvCert;
+ nssArenaMark *mark;
+ NSSArena *arena = object->arena;
+ PR_ASSERT(object->instances != NULL && object->numInstances > 0);
+ PR_ASSERT(object->lockType == nssPKIMonitor);
+ mark = nssArena_Mark(arena);
+ rvCert = nss_ZNEW(arena, NSSCertificate);
+ if (!rvCert) {
+ return (NSSCertificate *)NULL;
+ }
+ rvCert->object = *object;
+ /* XXX should choose instance based on some criteria */
+ status = nssCryptokiCertificate_GetAttributes(object->instances[0],
+ NULL, /* XXX sessionOpt */
+ arena,
+ &rvCert->type,
+ &rvCert->id,
+ &rvCert->encoding,
+ &rvCert->issuer,
+ &rvCert->serial,
+ &rvCert->subject);
+ if (status != PR_SUCCESS ||
+ !rvCert->encoding.data ||
+ !rvCert->encoding.size ||
+ !rvCert->issuer.data ||
+ !rvCert->issuer.size ||
+ !rvCert->serial.data ||
+ !rvCert->serial.size) {
+ if (mark)
+ nssArena_Release(arena, mark);
+ return (NSSCertificate *)NULL;
+ }
+ if (mark)
+ nssArena_Unmark(arena, mark);
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssCertificate_AddRef(
+ NSSCertificate *c)
+{
+ if (c) {
+ nssPKIObject_AddRef(&c->object);
+ }
+ return c;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCertificate_Destroy(
+ NSSCertificate *c)
+{
+ nssCertificateStoreTrace lockTrace = { NULL, NULL, PR_FALSE, PR_FALSE };
+ nssCertificateStoreTrace unlockTrace = { NULL, NULL, PR_FALSE, PR_FALSE };
+
+ if (c) {
+ PRUint32 i;
+ nssDecodedCert *dc = c->decoding;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSCryptoContext *cc = c->object.cryptoContext;
+
+ PR_ASSERT(c->object.refCount > 0);
+
+ /* --- LOCK storage --- */
+ if (cc) {
+ nssCertificateStore_Lock(cc->certStore, &lockTrace);
+ } else {
+ nssTrustDomain_LockCertCache(td);
+ }
+ if (PR_ATOMIC_DECREMENT(&c->object.refCount) == 0) {
+ /* --- remove cert and UNLOCK storage --- */
+ if (cc) {
+ nssCertificateStore_RemoveCertLOCKED(cc->certStore, c);
+ nssCertificateStore_Unlock(cc->certStore, &lockTrace,
+ &unlockTrace);
+ } else {
+ nssTrustDomain_RemoveCertFromCacheLOCKED(td, c);
+ nssTrustDomain_UnlockCertCache(td);
+ }
+ /* free cert data */
+ for (i = 0; i < c->object.numInstances; i++) {
+ nssCryptokiObject_Destroy(c->object.instances[i]);
+ }
+ nssPKIObject_DestroyLock(&c->object);
+ nssArena_Destroy(c->object.arena);
+ nssDecodedCert_Destroy(dc);
+ } else {
+ /* --- UNLOCK storage --- */
+ if (cc) {
+ nssCertificateStore_Unlock(cc->certStore,
+ &lockTrace,
+ &unlockTrace);
+ } else {
+ nssTrustDomain_UnlockCertCache(td);
+ }
+ }
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCertificate_Destroy(NSSCertificate *c)
+{
+ return nssCertificate_Destroy(c);
+}
+
+NSS_IMPLEMENT NSSDER *
+nssCertificate_GetEncoding(NSSCertificate *c)
+{
+ if (c->encoding.size > 0 && c->encoding.data) {
+ return &c->encoding;
+ } else {
+ return (NSSDER *)NULL;
+ }
+}
+
+NSS_IMPLEMENT NSSDER *
+nssCertificate_GetIssuer(NSSCertificate *c)
+{
+ if (c->issuer.size > 0 && c->issuer.data) {
+ return &c->issuer;
+ } else {
+ return (NSSDER *)NULL;
+ }
+}
+
+NSS_IMPLEMENT NSSDER *
+nssCertificate_GetSerialNumber(NSSCertificate *c)
+{
+ if (c->serial.size > 0 && c->serial.data) {
+ return &c->serial;
+ } else {
+ return (NSSDER *)NULL;
+ }
+}
+
+NSS_IMPLEMENT NSSDER *
+nssCertificate_GetSubject(NSSCertificate *c)
+{
+ if (c->subject.size > 0 && c->subject.data) {
+ return &c->subject;
+ } else {
+ return (NSSDER *)NULL;
+ }
+}
+
+/* Returns a copy, Caller must free using nss_ZFreeIf */
+NSS_IMPLEMENT NSSUTF8 *
+nssCertificate_GetNickname(
+ NSSCertificate *c,
+ NSSToken *tokenOpt)
+{
+ return nssPKIObject_GetNicknameForToken(&c->object, tokenOpt);
+}
+
+NSS_IMPLEMENT NSSASCII7 *
+nssCertificate_GetEmailAddress(NSSCertificate *c)
+{
+ return c->email;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCertificate_DeleteStoredObject(
+ NSSCertificate *c,
+ NSSCallback *uhh)
+{
+ return nssPKIObject_DeleteStoredObject(&c->object, uhh, PR_TRUE);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCertificate_Validate(
+ NSSCertificate *c,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt /* NULL for none */
+ )
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT void ** /* void *[] */
+ NSSCertificate_ValidateCompletely(
+ NSSCertificate *c,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt, /* NULL for none */
+ void **rvOpt, /* NULL for allocate */
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt /* NULL for heap */
+ )
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCertificate_ValidateAndDiscoverUsagesAndPolicies(
+ NSSCertificate *c,
+ NSSTime **notBeforeOutOpt,
+ NSSTime **notAfterOutOpt,
+ void *allowedUsages,
+ void *disallowedUsages,
+ void *allowedPolicies,
+ void *disallowedPolicies,
+ /* more args.. work on this fgmr */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSDER *
+NSSCertificate_Encode(
+ NSSCertificate *c,
+ NSSDER *rvOpt,
+ NSSArena *arenaOpt)
+{
+ /* Item, DER, BER are all typedefs now... */
+ return nssItem_Duplicate((NSSItem *)&c->encoding, arenaOpt, rvOpt);
+}
+
+NSS_IMPLEMENT nssDecodedCert *
+nssCertificate_GetDecoding(
+ NSSCertificate *c)
+{
+ nssDecodedCert *deco = NULL;
+ if (c->type == NSSCertificateType_PKIX) {
+ (void)STAN_GetCERTCertificate(c);
+ }
+ nssPKIObject_Lock(&c->object);
+ if (!c->decoding) {
+ deco = nssDecodedCert_Create(NULL, &c->encoding, c->type);
+ PORT_Assert(!c->decoding);
+ c->decoding = deco;
+ } else {
+ deco = c->decoding;
+ }
+ nssPKIObject_Unlock(&c->object);
+ return deco;
+}
+
+static NSSCertificate **
+filter_subject_certs_for_id(
+ NSSCertificate **subjectCerts,
+ void *id)
+{
+ NSSCertificate **si;
+ nssDecodedCert *dcp;
+ int nextOpenSlot = 0;
+ int i;
+ nssCertIDMatch matchLevel = nssCertIDMatch_Unknown;
+ nssCertIDMatch match;
+
+ /* walk the subject certs */
+ for (si = subjectCerts; *si; si++) {
+ dcp = nssCertificate_GetDecoding(*si);
+ if (!dcp) {
+ NSSCertificate_Destroy(*si);
+ continue;
+ }
+ match = dcp->matchIdentifier(dcp, id);
+ switch (match) {
+ case nssCertIDMatch_Yes:
+ if (matchLevel == nssCertIDMatch_Unknown) {
+ /* we have non-definitive matches, forget them */
+ for (i = 0; i < nextOpenSlot; i++) {
+ NSSCertificate_Destroy(subjectCerts[i]);
+ subjectCerts[i] = NULL;
+ }
+ nextOpenSlot = 0;
+ /* only keep definitive matches from now on */
+ matchLevel = nssCertIDMatch_Yes;
+ }
+ /* keep the cert */
+ subjectCerts[nextOpenSlot++] = *si;
+ break;
+ case nssCertIDMatch_Unknown:
+ if (matchLevel == nssCertIDMatch_Unknown) {
+ /* only have non-definitive matches so far, keep it */
+ subjectCerts[nextOpenSlot++] = *si;
+ break;
+ }
+ /* else fall through, we have a definitive match already */
+ case nssCertIDMatch_No:
+ default:
+ NSSCertificate_Destroy(*si);
+ *si = NULL;
+ }
+ }
+ subjectCerts[nextOpenSlot] = NULL;
+ return subjectCerts;
+}
+
+static NSSCertificate **
+filter_certs_for_valid_issuers(NSSCertificate **certs)
+{
+ NSSCertificate **cp;
+ nssDecodedCert *dcp;
+ int nextOpenSlot = 0;
+
+ for (cp = certs; *cp; cp++) {
+ dcp = nssCertificate_GetDecoding(*cp);
+ if (dcp && dcp->isValidIssuer(dcp)) {
+ certs[nextOpenSlot++] = *cp;
+ } else {
+ NSSCertificate_Destroy(*cp);
+ }
+ }
+ certs[nextOpenSlot] = NULL;
+ return certs;
+}
+
+static NSSCertificate *
+find_cert_issuer(
+ NSSCertificate *c,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSTrustDomain *td,
+ NSSCryptoContext *cc)
+{
+ NSSArena *arena;
+ NSSCertificate **certs = NULL;
+ NSSCertificate **ccIssuers = NULL;
+ NSSCertificate **tdIssuers = NULL;
+ NSSCertificate *issuer = NULL;
+
+ if (!cc)
+ cc = c->object.cryptoContext;
+ if (!td)
+ td = NSSCertificate_GetTrustDomain(c);
+ arena = nssArena_Create();
+ if (!arena) {
+ return (NSSCertificate *)NULL;
+ }
+ if (cc) {
+ ccIssuers = nssCryptoContext_FindCertificatesBySubject(cc,
+ &c->issuer,
+ NULL,
+ 0,
+ arena);
+ }
+ if (td)
+ tdIssuers = nssTrustDomain_FindCertificatesBySubject(td,
+ &c->issuer,
+ NULL,
+ 0,
+ arena);
+ certs = nssCertificateArray_Join(ccIssuers, tdIssuers);
+ if (certs) {
+ nssDecodedCert *dc = NULL;
+ void *issuerID = NULL;
+ dc = nssCertificate_GetDecoding(c);
+ if (dc) {
+ issuerID = dc->getIssuerIdentifier(dc);
+ }
+ /* XXX review based on CERT_FindCertIssuer
+ * this function is not using the authCertIssuer field as a fallback
+ * if authority key id does not exist
+ */
+ if (issuerID) {
+ certs = filter_subject_certs_for_id(certs, issuerID);
+ }
+ certs = filter_certs_for_valid_issuers(certs);
+ issuer = nssCertificateArray_FindBestCertificate(certs,
+ timeOpt,
+ usage,
+ policiesOpt);
+ nssCertificateArray_Destroy(certs);
+ }
+ nssArena_Destroy(arena);
+ return issuer;
+}
+
+/* This function returns the built chain, as far as it gets,
+** even if/when it fails to find an issuer, and returns PR_FAILURE
+*/
+NSS_IMPLEMENT NSSCertificate **
+nssCertificate_BuildChain(
+ NSSCertificate *c,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit,
+ NSSArena *arenaOpt,
+ PRStatus *statusOpt,
+ NSSTrustDomain *td,
+ NSSCryptoContext *cc)
+{
+ NSSCertificate **rvChain = NULL;
+ NSSUsage issuerUsage = *usage;
+ nssPKIObjectCollection *collection = NULL;
+ PRUint32 rvCount = 0;
+ PRStatus st;
+ PRStatus ret = PR_SUCCESS;
+
+ if (!c || !cc ||
+ (!td && (td = NSSCertificate_GetTrustDomain(c)) == NULL)) {
+ goto loser;
+ }
+ /* bump the usage up to CA level */
+ issuerUsage.nss3lookingForCA = PR_TRUE;
+ collection = nssCertificateCollection_Create(td, NULL);
+ if (!collection)
+ goto loser;
+ st = nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
+ if (st != PR_SUCCESS)
+ goto loser;
+ for (rvCount = 1; (!rvLimit || rvCount < rvLimit); ++rvCount) {
+ CERTCertificate *cCert = STAN_GetCERTCertificate(c);
+ if (cCert->isRoot) {
+ /* not including the issuer of the self-signed cert, which is,
+ * of course, itself
+ */
+ break;
+ }
+ c = find_cert_issuer(c, timeOpt, &issuerUsage, policiesOpt, td, cc);
+ if (!c) {
+ ret = PR_FAILURE;
+ break;
+ }
+ st = nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
+ nssCertificate_Destroy(c); /* collection has it */
+ if (st != PR_SUCCESS)
+ goto loser;
+ }
+ rvChain = nssPKIObjectCollection_GetCertificates(collection,
+ rvOpt,
+ rvLimit,
+ arenaOpt);
+ if (rvChain) {
+ nssPKIObjectCollection_Destroy(collection);
+ if (statusOpt)
+ *statusOpt = ret;
+ if (ret != PR_SUCCESS)
+ nss_SetError(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND);
+ return rvChain;
+ }
+
+loser:
+ if (collection)
+ nssPKIObjectCollection_Destroy(collection);
+ if (statusOpt)
+ *statusOpt = PR_FAILURE;
+ nss_SetError(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND);
+ return rvChain;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCertificate_BuildChain(
+ NSSCertificate *c,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt,
+ PRStatus *statusOpt,
+ NSSTrustDomain *td,
+ NSSCryptoContext *cc)
+{
+ return nssCertificate_BuildChain(c, timeOpt, usage, policiesOpt,
+ rvOpt, rvLimit, arenaOpt, statusOpt,
+ td, cc);
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+nssCertificate_GetCryptoContext(NSSCertificate *c)
+{
+ return c->object.cryptoContext;
+}
+
+NSS_IMPLEMENT NSSTrustDomain *
+nssCertificate_GetTrustDomain(NSSCertificate *c)
+{
+ return c->object.trustDomain;
+}
+
+NSS_IMPLEMENT NSSTrustDomain *
+NSSCertificate_GetTrustDomain(NSSCertificate *c)
+{
+ return nssCertificate_GetTrustDomain(c);
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSCertificate_GetToken(
+ NSSCertificate *c,
+ PRStatus *statusOpt)
+{
+ return (NSSToken *)NULL;
+}
+
+NSS_IMPLEMENT NSSSlot *
+NSSCertificate_GetSlot(
+ NSSCertificate *c,
+ PRStatus *statusOpt)
+{
+ return (NSSSlot *)NULL;
+}
+
+NSS_IMPLEMENT NSSModule *
+NSSCertificate_GetModule(
+ NSSCertificate *c,
+ PRStatus *statusOpt)
+{
+ return (NSSModule *)NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCertificate_Encrypt(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCertificate_Verify(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCertificate_VerifyRecover(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCertificate_WrapSymmetricKey(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSCertificate_CreateCryptoContext(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSPublicKey *
+NSSCertificate_GetPublicKey(
+ NSSCertificate *c)
+{
+#if 0
+ CK_ATTRIBUTE pubktemplate[] = {
+ { CKA_CLASS, NULL, 0 },
+ { CKA_ID, NULL, 0 },
+ { CKA_SUBJECT, NULL, 0 }
+ };
+ PRStatus nssrv;
+ CK_ULONG count = sizeof(pubktemplate) / sizeof(pubktemplate[0]);
+ NSS_CK_SET_ATTRIBUTE_ITEM(pubktemplate, 0, &g_ck_class_pubkey);
+ if (c->id.size > 0) {
+ /* CKA_ID */
+ NSS_CK_ITEM_TO_ATTRIBUTE(&c->id, &pubktemplate[1]);
+ } else {
+ /* failure, yes? */
+ return (NSSPublicKey *)NULL;
+ }
+ if (c->subject.size > 0) {
+ /* CKA_SUBJECT */
+ NSS_CK_ITEM_TO_ATTRIBUTE(&c->subject, &pubktemplate[2]);
+ } else {
+ /* failure, yes? */
+ return (NSSPublicKey *)NULL;
+ }
+ /* Try the cert's token first */
+ if (c->token) {
+ nssrv = nssToken_FindObjectByTemplate(c->token, pubktemplate, count);
+ }
+#endif
+ /* Try all other key tokens */
+ return (NSSPublicKey *)NULL;
+}
+
+NSS_IMPLEMENT NSSPrivateKey *
+NSSCertificate_FindPrivateKey(
+ NSSCertificate *c,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRBool
+NSSCertificate_IsPrivateKeyAvailable(
+ NSSCertificate *c,
+ NSSCallback *uhh,
+ PRStatus *statusOpt)
+{
+ PRBool isUser = PR_FALSE;
+ nssCryptokiObject **ip;
+ nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
+ if (!instances) {
+ return PR_FALSE;
+ }
+ for (ip = instances; *ip; ip++) {
+ nssCryptokiObject *instance = *ip;
+ if (nssToken_IsPrivateKeyAvailable(instance->token, c, instance)) {
+ isUser = PR_TRUE;
+ }
+ }
+ nssCryptokiObjectArray_Destroy(instances);
+ return isUser;
+}
+
+/* sort the subject cert list from newest to oldest */
+PRIntn
+nssCertificate_SubjectListSort(
+ void *v1,
+ void *v2)
+{
+ NSSCertificate *c1 = (NSSCertificate *)v1;
+ NSSCertificate *c2 = (NSSCertificate *)v2;
+ nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
+ nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
+ if (!dc1) {
+ return dc2 ? 1 : 0;
+ } else if (!dc2) {
+ return -1;
+ } else {
+ return dc1->isNewerThan(dc1, dc2) ? -1 : 1;
+ }
+}
+
+NSS_IMPLEMENT PRBool
+NSSUserCertificate_IsStillPresent(
+ NSSUserCertificate *uc,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FALSE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSUserCertificate_Decrypt(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSUserCertificate_Sign(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSUserCertificate_SignRecover(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSUserCertificate_UnwrapSymmetricKey(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSUserCertificate_DeriveSymmetricKey(
+ NSSUserCertificate *uc, /* provides private key */
+ NSSCertificate *c, /* provides public key */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt, /* zero for best allowed */
+ NSSOperations operations,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT nssSMIMEProfile *
+nssSMIMEProfile_Create(
+ NSSCertificate *cert,
+ NSSItem *profileTime,
+ NSSItem *profileData)
+{
+ NSSArena *arena;
+ nssSMIMEProfile *rvProfile;
+ nssPKIObject *object;
+ NSSTrustDomain *td = nssCertificate_GetTrustDomain(cert);
+ NSSCryptoContext *cc = nssCertificate_GetCryptoContext(cert);
+ arena = nssArena_Create();
+ if (!arena) {
+ return NULL;
+ }
+ object = nssPKIObject_Create(arena, NULL, td, cc, nssPKILock);
+ if (!object) {
+ goto loser;
+ }
+ rvProfile = nss_ZNEW(arena, nssSMIMEProfile);
+ if (!rvProfile) {
+ goto loser;
+ }
+ rvProfile->object = *object;
+ rvProfile->certificate = cert;
+ rvProfile->email = nssUTF8_Duplicate(cert->email, arena);
+ rvProfile->subject = nssItem_Duplicate(&cert->subject, arena, NULL);
+ if (profileTime) {
+ rvProfile->profileTime = nssItem_Duplicate(profileTime, arena, NULL);
+ }
+ if (profileData) {
+ rvProfile->profileData = nssItem_Duplicate(profileData, arena, NULL);
+ }
+ return rvProfile;
+loser:
+ if (object)
+ nssPKIObject_Destroy(object);
+ else if (arena)
+ nssArena_Destroy(arena);
+ return (nssSMIMEProfile *)NULL;
+}
+
+/* execute a callback function on all members of a cert list */
+NSS_EXTERN PRStatus
+nssCertificateList_DoCallback(
+ nssList *certList,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg)
+{
+ nssListIterator *certs;
+ NSSCertificate *cert;
+ certs = nssList_CreateIterator(certList);
+ if (!certs) {
+ return PR_FAILURE;
+ }
+ for (cert = (NSSCertificate *)nssListIterator_Start(certs);
+ cert != (NSSCertificate *)NULL;
+ cert = (NSSCertificate *)nssListIterator_Next(certs)) {
+ (void)(*callback)(cert, arg);
+ }
+ nssListIterator_Finish(certs);
+ nssListIterator_Destroy(certs);
+ return PR_SUCCESS;
+}
+
+static PRStatus
+add_ref_callback(NSSCertificate *c, void *a)
+{
+ nssCertificate_AddRef(c);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT void
+nssCertificateList_AddReferences(
+ nssList *certList)
+{
+ (void)nssCertificateList_DoCallback(certList, add_ref_callback, NULL);
+}
+
+/*
+ * Is this trust record safe to apply to all certs of the same issuer/SN
+ * independent of the cert matching the hash. This is only true is the trust
+ * is unknown or distrusted. In general this feature is only useful to
+ * explicitly distrusting certs. It is not safe to use to trust certs, so
+ * only allow unknown and untrusted trust types.
+ */
+PRBool
+nssTrust_IsSafeToIgnoreCertHash(nssTrustLevel serverAuth,
+ nssTrustLevel clientAuth, nssTrustLevel codeSigning,
+ nssTrustLevel email, PRBool stepup)
+{
+ /* step up is a trust type, if it's on, we must have a hash for the cert */
+ if (stepup) {
+ return PR_FALSE;
+ }
+ if ((serverAuth != nssTrustLevel_Unknown) &&
+ (serverAuth != nssTrustLevel_NotTrusted)) {
+ return PR_FALSE;
+ }
+ if ((clientAuth != nssTrustLevel_Unknown) &&
+ (clientAuth != nssTrustLevel_NotTrusted)) {
+ return PR_FALSE;
+ }
+ if ((codeSigning != nssTrustLevel_Unknown) &&
+ (codeSigning != nssTrustLevel_NotTrusted)) {
+ return PR_FALSE;
+ }
+ if ((email != nssTrustLevel_Unknown) &&
+ (email != nssTrustLevel_NotTrusted)) {
+ return PR_FALSE;
+ }
+ /* record only has Unknown and Untrusted entries, ok to accept without a
+ * hash */
+ return PR_TRUE;
+}
+
+NSS_IMPLEMENT NSSTrust *
+nssTrust_Create(
+ nssPKIObject *object,
+ NSSItem *certData)
+{
+ PRStatus status;
+ PRUint32 i;
+ PRUint32 lastTrustOrder, myTrustOrder;
+ unsigned char sha1_hashcmp[SHA1_LENGTH];
+ unsigned char sha1_hashin[SHA1_LENGTH];
+ NSSItem sha1_hash;
+ NSSTrust *rvt;
+ nssCryptokiObject *instance;
+ nssTrustLevel serverAuth, clientAuth, codeSigning, emailProtection;
+ SECStatus rv; /* Should be stan flavor */
+ PRBool stepUp;
+
+ lastTrustOrder = 1 << 16; /* just make it big */
+ PR_ASSERT(object->instances != NULL && object->numInstances > 0);
+ rvt = nss_ZNEW(object->arena, NSSTrust);
+ if (!rvt) {
+ return (NSSTrust *)NULL;
+ }
+ rvt->object = *object;
+
+ /* should be stan flavor of Hashbuf */
+ rv = PK11_HashBuf(SEC_OID_SHA1, sha1_hashcmp, certData->data, certData->size);
+ if (rv != SECSuccess) {
+ return (NSSTrust *)NULL;
+ }
+ sha1_hash.data = sha1_hashin;
+ sha1_hash.size = sizeof(sha1_hashin);
+ /* trust has to peek into the base object members */
+ nssPKIObject_Lock(object);
+ for (i = 0; i < object->numInstances; i++) {
+ instance = object->instances[i];
+ myTrustOrder = nssToken_GetTrustOrder(instance->token);
+ status = nssCryptokiTrust_GetAttributes(instance, NULL,
+ &sha1_hash,
+ &serverAuth,
+ &clientAuth,
+ &codeSigning,
+ &emailProtection,
+ &stepUp);
+ if (status != PR_SUCCESS) {
+ nssPKIObject_Unlock(object);
+ return (NSSTrust *)NULL;
+ }
+ /* if no hash is specified, then trust applies to all certs with
+ * this issuer/SN. NOTE: This is only true for entries that
+ * have distrust and unknown record */
+ if (!(
+ /* we continue if there is no hash, and the trust type is
+ * safe to accept without a hash ... or ... */
+ ((sha1_hash.size == 0) &&
+ nssTrust_IsSafeToIgnoreCertHash(serverAuth, clientAuth,
+ codeSigning, emailProtection,
+ stepUp)) ||
+ /* we have a hash of the correct size, and it matches */
+ ((sha1_hash.size == SHA1_LENGTH) && (PORT_Memcmp(sha1_hashin,
+ sha1_hashcmp,
+ SHA1_LENGTH) == 0)))) {
+ nssPKIObject_Unlock(object);
+ return (NSSTrust *)NULL;
+ }
+ if (rvt->serverAuth == nssTrustLevel_Unknown ||
+ myTrustOrder < lastTrustOrder) {
+ rvt->serverAuth = serverAuth;
+ }
+ if (rvt->clientAuth == nssTrustLevel_Unknown ||
+ myTrustOrder < lastTrustOrder) {
+ rvt->clientAuth = clientAuth;
+ }
+ if (rvt->emailProtection == nssTrustLevel_Unknown ||
+ myTrustOrder < lastTrustOrder) {
+ rvt->emailProtection = emailProtection;
+ }
+ if (rvt->codeSigning == nssTrustLevel_Unknown ||
+ myTrustOrder < lastTrustOrder) {
+ rvt->codeSigning = codeSigning;
+ }
+ rvt->stepUpApproved = stepUp;
+ lastTrustOrder = myTrustOrder;
+ }
+ nssPKIObject_Unlock(object);
+ return rvt;
+}
+
+NSS_IMPLEMENT NSSTrust *
+nssTrust_AddRef(NSSTrust *trust)
+{
+ if (trust) {
+ nssPKIObject_AddRef(&trust->object);
+ }
+ return trust;
+}
+
+NSS_IMPLEMENT PRStatus
+nssTrust_Destroy(NSSTrust *trust)
+{
+ if (trust) {
+ (void)nssPKIObject_Destroy(&trust->object);
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT nssSMIMEProfile *
+nssSMIMEProfile_AddRef(nssSMIMEProfile *profile)
+{
+ if (profile) {
+ nssPKIObject_AddRef(&profile->object);
+ }
+ return profile;
+}
+
+NSS_IMPLEMENT PRStatus
+nssSMIMEProfile_Destroy(nssSMIMEProfile *profile)
+{
+ if (profile) {
+ (void)nssPKIObject_Destroy(&profile->object);
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT NSSCRL *
+nssCRL_Create(nssPKIObject *object)
+{
+ PRStatus status;
+ NSSCRL *rvCRL;
+ NSSArena *arena = object->arena;
+ PR_ASSERT(object->instances != NULL && object->numInstances > 0);
+ rvCRL = nss_ZNEW(arena, NSSCRL);
+ if (!rvCRL) {
+ return (NSSCRL *)NULL;
+ }
+ rvCRL->object = *object;
+ /* XXX should choose instance based on some criteria */
+ status = nssCryptokiCRL_GetAttributes(object->instances[0],
+ NULL, /* XXX sessionOpt */
+ arena,
+ &rvCRL->encoding,
+ NULL, /* subject */
+ NULL, /* class */
+ &rvCRL->url,
+ &rvCRL->isKRL);
+ if (status != PR_SUCCESS) {
+ if (!arena) {
+ nssPKIObject_Destroy((nssPKIObject *)rvCRL);
+ }
+ return (NSSCRL *)NULL;
+ }
+ return rvCRL;
+}
+
+NSS_IMPLEMENT NSSCRL *
+nssCRL_AddRef(NSSCRL *crl)
+{
+ if (crl) {
+ nssPKIObject_AddRef(&crl->object);
+ }
+ return crl;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCRL_Destroy(NSSCRL *crl)
+{
+ if (crl) {
+ (void)nssPKIObject_Destroy(&crl->object);
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCRL_DeleteStoredObject(
+ NSSCRL *crl,
+ NSSCallback *uhh)
+{
+ return nssPKIObject_DeleteStoredObject(&crl->object, uhh, PR_TRUE);
+}
+
+NSS_IMPLEMENT NSSDER *
+nssCRL_GetEncoding(NSSCRL *crl)
+{
+ if (crl && crl->encoding.data != NULL && crl->encoding.size > 0) {
+ return &crl->encoding;
+ } else {
+ return (NSSDER *)NULL;
+ }
+}
diff --git a/security/nss/lib/pki/config.mk b/security/nss/lib/pki/config.mk
new file mode 100644
index 000000000..2676cd537
--- /dev/null
+++ b/security/nss/lib/pki/config.mk
@@ -0,0 +1,19 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef BUILD_IDG
+DEFINES += -DNSSDEBUG
+endif
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
diff --git a/security/nss/lib/pki/cryptocontext.c b/security/nss/lib/pki/cryptocontext.c
new file mode 100644
index 000000000..074eb7435
--- /dev/null
+++ b/security/nss/lib/pki/cryptocontext.c
@@ -0,0 +1,911 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEV_H
+#include "dev.h"
+#endif /* DEV_H */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#ifndef PKISTORE_H
+#include "pkistore.h"
+#endif /* PKISTORE_H */
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
+
+NSS_IMPLEMENT NSSCryptoContext *
+nssCryptoContext_Create(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt)
+{
+ NSSArena *arena;
+ NSSCryptoContext *rvCC;
+ arena = NSSArena_Create();
+ if (!arena) {
+ return NULL;
+ }
+ rvCC = nss_ZNEW(arena, NSSCryptoContext);
+ if (!rvCC) {
+ return NULL;
+ }
+ rvCC->td = td;
+ rvCC->arena = arena;
+ rvCC->certStore = nssCertificateStore_Create(rvCC->arena);
+ if (!rvCC->certStore) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+
+ return rvCC;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_Destroy(NSSCryptoContext *cc)
+{
+ PRStatus status = PR_SUCCESS;
+ PORT_Assert(cc->certStore);
+ if (cc->certStore) {
+ status = nssCertificateStore_Destroy(cc->certStore);
+ if (status == PR_FAILURE) {
+ return status;
+ }
+ } else {
+ status = PR_FAILURE;
+ }
+ nssArena_Destroy(cc->arena);
+ return status;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_SetDefaultCallback(
+ NSSCryptoContext *td,
+ NSSCallback *newCallback,
+ NSSCallback **oldCallbackOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSCallback *
+NSSCryptoContext_GetDefaultCallback(
+ NSSCryptoContext *td,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSTrustDomain *
+NSSCryptoContext_GetTrustDomain(NSSCryptoContext *td)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindOrImportCertificate(
+ NSSCryptoContext *cc,
+ NSSCertificate *c)
+{
+ NSSCertificate *rvCert = NULL;
+
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return rvCert;
+ }
+ rvCert = nssCertificateStore_FindOrAdd(cc->certStore, c);
+ if (rvCert == c && c->object.cryptoContext != cc) {
+ PORT_Assert(!c->object.cryptoContext);
+ c->object.cryptoContext = cc;
+ }
+ if (rvCert) {
+ /* an NSSCertificate cannot be part of two crypto contexts
+ ** simultaneously. If this assertion fails, then there is
+ ** a serious Stan design flaw.
+ */
+ PORT_Assert(cc == c->object.cryptoContext);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_ImportPKIXCertificate(
+ NSSCryptoContext *cc,
+ struct NSSPKIXCertificateStr *pc)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_ImportEncodedCertificate(
+ NSSCryptoContext *cc,
+ NSSBER *ber)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_ImportEncodedPKIXCertificateChain(
+ NSSCryptoContext *cc,
+ NSSBER *ber)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCryptoContext_ImportTrust(
+ NSSCryptoContext *cc,
+ NSSTrust *trust)
+{
+ PRStatus nssrv;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return PR_FAILURE;
+ }
+ nssrv = nssCertificateStore_AddTrust(cc->certStore, trust);
+#if 0
+ if (nssrv == PR_SUCCESS) {
+ trust->object.cryptoContext = cc;
+ }
+#endif
+ return nssrv;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCryptoContext_ImportSMIMEProfile(
+ NSSCryptoContext *cc,
+ nssSMIMEProfile *profile)
+{
+ PRStatus nssrv;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return PR_FAILURE;
+ }
+ nssrv = nssCertificateStore_AddSMIMEProfile(cc->certStore, profile);
+#if 0
+ if (nssrv == PR_SUCCESS) {
+ profile->object.cryptoContext = cc;
+ }
+#endif
+ return nssrv;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestCertificateByNickname(
+ NSSCryptoContext *cc,
+ const NSSUTF8 *name,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt /* NULL for none */
+ )
+{
+ NSSCertificate **certs;
+ NSSCertificate *rvCert = NULL;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ certs = nssCertificateStore_FindCertificatesByNickname(cc->certStore,
+ name,
+ NULL, 0, NULL);
+ if (certs) {
+ rvCert = nssCertificateArray_FindBestCertificate(certs,
+ timeOpt,
+ usage,
+ policiesOpt);
+ nssCertificateArray_Destroy(certs);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCryptoContext_FindCertificatesByNickname(
+ NSSCryptoContext *cc,
+ NSSUTF8 *name,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ NSSCertificate **rvCerts;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ rvCerts = nssCertificateStore_FindCertificatesByNickname(cc->certStore,
+ name,
+ rvOpt,
+ maximumOpt,
+ arenaOpt);
+ return rvCerts;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(
+ NSSCryptoContext *cc,
+ NSSDER *issuer,
+ NSSDER *serialNumber)
+{
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ return nssCertificateStore_FindCertificateByIssuerAndSerialNumber(
+ cc->certStore,
+ issuer,
+ serialNumber);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestCertificateBySubject(
+ NSSCryptoContext *cc,
+ NSSDER *subject,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ NSSCertificate **certs;
+ NSSCertificate *rvCert = NULL;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ certs = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
+ subject,
+ NULL, 0, NULL);
+ if (certs) {
+ rvCert = nssCertificateArray_FindBestCertificate(certs,
+ timeOpt,
+ usage,
+ policiesOpt);
+ nssCertificateArray_Destroy(certs);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+nssCryptoContext_FindCertificatesBySubject(
+ NSSCryptoContext *cc,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ NSSCertificate **rvCerts;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ rvCerts = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
+ subject,
+ rvOpt,
+ maximumOpt,
+ arenaOpt);
+ return rvCerts;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCryptoContext_FindCertificatesBySubject(
+ NSSCryptoContext *cc,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ return nssCryptoContext_FindCertificatesBySubject(cc, subject,
+ rvOpt, maximumOpt,
+ arenaOpt);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestCertificateByNameComponents(
+ NSSCryptoContext *cc,
+ NSSUTF8 *nameComponents,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCryptoContext_FindCertificatesByNameComponents(
+ NSSCryptoContext *cc,
+ NSSUTF8 *nameComponents,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindCertificateByEncodedCertificate(
+ NSSCryptoContext *cc,
+ NSSBER *encodedCertificate)
+{
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ return nssCertificateStore_FindCertificateByEncodedCertificate(
+ cc->certStore,
+ encodedCertificate);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestCertificateByEmail(
+ NSSCryptoContext *cc,
+ NSSASCII7 *email,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ NSSCertificate **certs;
+ NSSCertificate *rvCert = NULL;
+
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ certs = nssCertificateStore_FindCertificatesByEmail(cc->certStore,
+ email,
+ NULL, 0, NULL);
+ if (certs) {
+ rvCert = nssCertificateArray_FindBestCertificate(certs,
+ timeOpt,
+ usage,
+ policiesOpt);
+ nssCertificateArray_Destroy(certs);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCryptoContext_FindCertificatesByEmail(
+ NSSCryptoContext *cc,
+ NSSASCII7 *email,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ NSSCertificate **rvCerts;
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ rvCerts = nssCertificateStore_FindCertificatesByEmail(cc->certStore,
+ email,
+ rvOpt,
+ maximumOpt,
+ arenaOpt);
+ return rvCerts;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindCertificateByOCSPHash(
+ NSSCryptoContext *cc,
+ NSSItem *hash)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestUserCertificate(
+ NSSCryptoContext *cc,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCryptoContext_FindUserCertificates(
+ NSSCryptoContext *cc,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestUserCertificateForSSLClientAuth(
+ NSSCryptoContext *cc,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSCryptoContext_FindUserCertificatesForSSLClientAuth(
+ NSSCryptoContext *cc,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindBestUserCertificateForEmailSigning(
+ NSSCryptoContext *cc,
+ NSSASCII7 *signerOpt,
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSCryptoContext_FindUserCertificatesForEmailSigning(
+ NSSCryptoContext *cc,
+ NSSASCII7 *signerOpt, /* fgmr or a more general name? */
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSTrust *
+nssCryptoContext_FindTrustForCertificate(
+ NSSCryptoContext *cc,
+ NSSCertificate *cert)
+{
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ return nssCertificateStore_FindTrustForCertificate(cc->certStore, cert);
+}
+
+NSS_IMPLEMENT nssSMIMEProfile *
+nssCryptoContext_FindSMIMEProfileForCertificate(
+ NSSCryptoContext *cc,
+ NSSCertificate *cert)
+{
+ PORT_Assert(cc->certStore);
+ if (!cc->certStore) {
+ return NULL;
+ }
+ return nssCertificateStore_FindSMIMEProfileForCertificate(cc->certStore,
+ cert);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_GenerateKeyPair(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *ap,
+ NSSPrivateKey **pvkOpt,
+ NSSPublicKey **pbkOpt,
+ PRBool privateKeyIsSensitive,
+ NSSToken *destination,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSCryptoContext_GenerateSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *ap,
+ PRUint32 keysize,
+ NSSToken *destination,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSCryptoContext_GenerateSymmetricKeyFromPassword(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *ap,
+ NSSUTF8 *passwordOpt, /* if null, prompt */
+ NSSToken *destinationOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID(
+ NSSCryptoContext *cc,
+ NSSOID *algorithm,
+ NSSItem *keyID,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+struct token_session_str {
+ NSSToken *token;
+ nssSession *session;
+};
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_Decrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *encryptedData,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginDecrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_ContinueDecrypt(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_FinishDecrypt(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_Sign(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginSign(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_ContinueSign(
+ NSSCryptoContext *cc,
+ NSSItem *data)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_FinishSign(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_SignRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginSignRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_ContinueSignRecover(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_FinishSignRecover(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSCryptoContext_UnwrapSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSCryptoContext_DeriveSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt, /* zero for best allowed */
+ NSSOperations operations,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_Encrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginEncrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_ContinueEncrypt(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_FinishEncrypt(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_Verify(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginVerify(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_ContinueVerify(
+ NSSCryptoContext *cc,
+ NSSItem *data)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_FinishVerify(
+ NSSCryptoContext *cc)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_VerifyRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginVerifyRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_ContinueVerifyRecover(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_FinishVerifyRecover(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_WrapSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_Digest(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ return nssToken_Digest(cc->token, cc->session, apOpt,
+ data, rvOpt, arenaOpt);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_BeginDigest(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt)
+{
+ return nssToken_BeginDigest(cc->token, cc->session, apOpt);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSCryptoContext_ContinueDigest(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *item)
+{
+ /*
+ NSSAlgorithmAndParameters *ap;
+ ap = (apOpt) ? apOpt : cc->ap;
+ */
+ /* why apOpt? can't change it at this point... */
+ return nssToken_ContinueDigest(cc->token, cc->session, item);
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSCryptoContext_FinishDigest(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ return nssToken_FinishDigest(cc->token, cc->session, rvOpt, arenaOpt);
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSCryptoContext_Clone(NSSCryptoContext *cc)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
diff --git a/security/nss/lib/pki/doc/standiag.png b/security/nss/lib/pki/doc/standiag.png
new file mode 100644
index 000000000..fe1aca389
--- /dev/null
+++ b/security/nss/lib/pki/doc/standiag.png
Binary files differ
diff --git a/security/nss/lib/pki/doc/standoc.html b/security/nss/lib/pki/doc/standoc.html
new file mode 100644
index 000000000..2e110fcbe
--- /dev/null
+++ b/security/nss/lib/pki/doc/standoc.html
@@ -0,0 +1,442 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+
+ <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
+ <title>Stan Design - Work In Progress</title>
+</head>
+ <body>
+ <br>
+ This is a working document for progress on Stan design/development.<br>
+ <br>
+ Current <a href="#build">build</a>
+ and <a href="#test">test</a>
+ instructions.<br>
+ <br>
+ The current set of Stan libraries.<br>
+ <a href="#asn1">asn1</a>
+ <br>
+ <a href="#base">base</a>
+ <br>
+ <a href="#ckfw">ckfw</a>
+ <br>
+ <a href="#dev">dev</a>
+ <br>
+ <a href="#pki">pki</a>
+ <br>
+ <a href="#pki1">pki1</a>
+ <br>
+ <a href="#pkix">pkix</a>
+ <br>
+ <br>
+ "Public" types below (those available to consumers of
+ NSS) begin with "NSS". &nbsp;"Protected" types (those only available
+ within NSS) begin with "nss".<br>
+ <br>
+ Open issues appears as numbered indents.<br>
+ <br>
+ <br>
+
+<hr width="100%" size="2" align="Left"><br>
+
+<h3><a name="asn1"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/asn1/">
+ ASN.1</a>
+ </h3>
+ ASN.1 encoder/decoder wrapping around the current
+ ASN.1 implementation.<br>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASN1EncodingType"> NSSASN1EncodingType</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Item">nssASN1Item</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Template">nssASN1Template</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1ChooseTemplateFunction">
+ nssASN1ChooseTemplateFunction</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Encoder">nssASN1Encoder</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Decoder">nssASN1Decoder</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncodingPart"> nssASN1EncodingPart</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1NotifyFunction">
+ nssASN1NotifyFunction</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncoderWriteFunction">
+ nssASN1EncoderWriteFunction</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1DecoderFilterFunction">
+ nssASN1DecoderFilterFunction</a>
+ <br>
+ <br>
+
+<hr width="100%" size="2" align="Left">
+<h3><a name="base"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/base/">
+ Base</a>
+ </h3>
+ Set of base utilities for Stan implementation.
+&nbsp;These are all fairly straightforward, except for nssPointerTracker.<br>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSError">NSSError</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSArena">NSSArena</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSItem">NSSItem</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBER">NSSBER</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSDER">NSSDER</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBitString">NSSBitString</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUTF8">NSSUTF8</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASCII7">NSSASCII7</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssArenaMark">nssArenaMark</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssPointerTracker">nssPointerTracker</a>
+ <br>
+ This is intended for debug builds only.<br>
+
+<ol>
+ <li>Ignored for now.<br>
+ </li>
+
+</ol>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssStringType">nssStringType</a>
+ <br>
+ <br>
+ Suggested additions:<br>
+
+<ol>
+ <li>nssList - A list that optionally uses a lock. &nbsp;This list would
+ manage the currently loaded modules in a trust domain, etc.</li>
+
+ <ul>
+ <li>SECMODListLock kept track of the number of waiting threads. &nbsp;Will
+ this be needed in the trust domain?</li>
+
+ </ul>
+
+</ol>
+ <br>
+
+<hr width="100%" size="2" align="Left">
+<h3><a name="ckfw"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/">
+ CKFW</a>
+ </h3>
+ The cryptoki framework, used for building cryptoki tokens.
+ &nbsp;This needs to be described in a separate document showing how
+ to set up a token using CKFW. &nbsp;This code only relates to tokens,
+ so it is not relevant here.<br>
+ <br>
+ <br>
+
+<hr width="100%" size="2" align="Left">
+<h3><a name="dev"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/dev/">
+ Device</a>
+ </h3>
+ Defines cryptoki devices used in NSS. &nbsp;This
+ is not part of the exposed API. &nbsp;It is a low-level API allowing
+NSS to manage cryptoki devices.<br>
+ <br>
+ The relationship is like this:<br>
+ <br>
+ libpki --&gt; libdev --&gt; cryptoki<br>
+ <br>
+ As an example,<br>
+ <br>
+ NSSTrustDomain_FindCertificate --&gt; NSSToken_FindCertificate --&gt;
+ C_FindObjects<br>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSModule">NSSModule</a>
+ <br>
+ Replaces the SECMOD API. &nbsp;The module manages a
+PRLibrary that holds a cryptoki implementation via a number of slots.
+&nbsp;The API should provide the ability to Load and Unload a module,
+Login and Logout to the module (through its slots), and to locate a
+particular slot/token.<br>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSlot">NSSSlot</a>
+ <br>
+ This and NSSToken combine to replace the PK11 API parts
+ that relate to slot and token management. &nbsp;The slot API should
+ provide the ability to Login/Logout to a slot, check the login status,
+ determine basic configuration information about the slot, and modify
+ the password settings.<br>
+
+<ol>
+ <li>Should slots also maintain a default session? &nbsp;This session would
+ be used for slot management calls (sections 9.5 and9.6 of PKCS#11). &nbsp;Or
+ is the token session sufficient (this would not work if C_GetTokenInfo and
+ C_InitToken need to be wrapped in a threadsafe session).<br>
+ </li>
+
+</ol>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSToken">NSSToken</a>
+ <br>
+ Fills in the gaps left by NSSSlot. &nbsp;Much of the
+cryptoki API is directed towards slots. &nbsp;However, some functionality
+ clearly belongs with a token type. &nbsp;For example, a certificate
+ lives on a token, not a slot, so one would expect a function NSSToken_FindCertificate.
+ &nbsp;Thus functions that deal with importing/exporting an object
+and performing actual cryptographic operations belong here.<br>
+
+<ol>
+ <li>The distinction between a slot and a token is not clear. &nbsp;Most
+ functions take a slotID as an argument, even though it is obvious that
+ the event is intended to occur on a token. &nbsp;That leaves various
+ possibilities:</li>
+
+ <ol>
+ <li>Implement the API entirely as NSSToken. &nbsp;If the token is not
+ present, some calls will simply fail.</li>
+ <li>Divide the API between NSSToken and NSSSlot, as described above.
+&nbsp;NSSSlot would handle cryptoki calls specified as "slot management",
+ while NSSToken handles actual token operations.</li>
+ <li>Others?</li>
+
+ </ol>
+ <li>Session management. &nbsp;Tokens needs a threadsafe session handle
+ to perform operations. &nbsp;CryptoContexts are meant to provide such sessions,
+ but other objects will need access to token functions as well (examples:
+the TrustDomain_Find functions, _Login, _Logout, and others that do not exist
+ such as NSSToken_ChangePassword). &nbsp;For those functions, the token could
+ maintain a default session. &nbsp;Thus all NSSToken API functions would take
+ sessionOpt as an argument. &nbsp;If the caller is going to provide a session,
+ it sends an NSSSession there, otherwise it sends NULL and the default session
+ is utilized.<br>
+ </li>
+
+</ol>
+ Proposed:<br>
+ NSSSession<br>
+ Wraps a Cryptoki session. &nbsp;Created from a slot. &nbsp;Used to manage
+ sessions for crypto contexts. &nbsp;Has a lock field, which locks the session
+ if the slot is not threadsafe.<br>
+ <br>
+
+<hr width="100%" size="2" align="Left"><br>
+
+<h3><a name="pki"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/">
+ PKI</a>
+ </h3>
+ The NSS PKI library.<br>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">NSS</a>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">Certificate</a>
+ <br>
+
+<ol>
+ <li>The API leaves open the possibility of NSSCertificate meaning various
+ certificate types, not just X.509. &nbsp;The way to keep open this possibility
+ is to keep only generally useful information in the NSSCertificate type.
+&nbsp;Examples would be the certificate encoding, label, trust (obtained
+ from cryptoki calls), an email address, etc. &nbsp;Some type of generic
+reference should be kept to the decoded certificate, which would then be
+accessed by a type-specific API (e.g., NSSX509_GetSubjectName).</li>
+
+</ol>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUserCertificate">NSSUserCertificate</a>
+ <br>
+
+<ol>
+ <li>Should this be a typedef of NSSCertificate?&nbsp; This implies that
+ any function that requires an NSSUserCertificate would fail when called
+ with a certificate lacking a private key. </li>
+
+</ol>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPrivateKey">NSSPrivateKey</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPublicKey">NSSPublicKey</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSymmetricKey">NSSSymmetricKey</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTrustDomain">NSSTrustDomain</a>
+ <br>
+ A trust domain is "the field in which certificates may
+ be validated." &nbsp;It is a collection of modules capable of performing
+ cryptographic operations and storing certs and keys. &nbsp;This collection
+ is managed by NSS in a manner opaque to the consumer. &nbsp;The slots
+ will have various orderings determining which has preference for a
+given operation. &nbsp;For example, the trust domain may order the storage
+ of user certificates one way, and the storage of email certificates in
+ another way [is that a good example?].<br>
+ <br>
+
+<ol>
+ <li> How will ordering work? &nbsp;We already have the suggestion
+ that there be two kinds of ordering: storage and search. &nbsp;How
+will they be constructed/managed? &nbsp;Do we want to expose access
+to a token that overrides this ordering (i.e., the download of updated
+root certs may need to override storage order)</li>
+ <li>How are certs cached? &nbsp;Nelson wonders what it means to Stan
+ when a cert does not live on a token yet. &nbsp;Bob, Terry, and I discussed
+ this. &nbsp;My conclusion is that there should be a type, separate
+from NSSCertificate, that holds the decoded cert parts (e.g., NSSX509Certificate,
+ or to avoid confusion, NSSX509DecodedParts). &nbsp;NSSCertificate would
+ keep a handle to this type, so that it only needs to decode the cert
+once. &nbsp;The NSSTrustDomain would keep a hash table of cached certs,
+some of which may not live on a token yet (i.e., they are only NSSX509DecodedParts).
+ &nbsp;This cache could be accessed in the same way the temp db was,
+and when the cert is ready to be moved onto a token a call to NSSTrustDomain_ImportCertificate
+ is made. &nbsp;Note that this is essentially the same as CERT_TempCertToPerm.</li>
+
+ <ul>
+ <li>The hashtable in lib/base (copied from ckfw/hash.c) uses the identity
+hash. &nbsp;Therefore, in a hash of certificates, the key is the certificate
+pointer itself. &nbsp;One possibility is to store the decoded cert (NSSX509DecodedParts
+above) as the value in the {key, value} pair. &nbsp;When a cert is decoded,
+the cert pointer and decoding pointer are added to the hash. &nbsp;Subsequent
+lookups have access to one or both of these pointers. &nbsp;This keeps NSSCertificate
+separate from its decoding, while providing a way to locate it.</li>
+
+ </ul>
+ <li>The API is designed to keep token details hidden from the user. &nbsp;However,
+ it has already been realized that PSM and CMS may need special access to
+tokens. &nbsp;Is this part of the TrustDomain API, or should PSM and CMS
+be allowed to use "friend" headers from the Token API?</li>
+ <li>Do we want to allow traversal via NSSTrustDomain_TraverseXXXX?<br>
+ </li>
+
+</ol>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCryptoContext"><br>
+ NSSCryptoContext</a>
+ <br>
+ Analgous to a Cryptoki session. &nbsp;Manages session objects only.<br>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTime">NSSTime</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUsage">NSSUsage</a>
+ <br>
+
+<ol>
+ <li> See Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#187">
+ comments</a>
+ .</li>
+
+</ol>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPolicies">NSSPolicies</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSAlgorithmAndParameters">
+ NSSAlgorithmAndParameters</a>
+ <br>
+
+<ol>
+ <li> Again, Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#215">
+ comments</a>
+ . &nbsp;The old NSS code had various types related to algorithms
+ running around in it. &nbsp;We had SECOidTag, SECAlgorithmID, SECItem's
+ for parameters, CK_MECHANISM for cryptoki, etc. &nbsp;This type should
+ be able to encapsulate all of those.</li>
+
+</ol>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCallback">NSSCallback</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOperations">NSSOperations</a>
+ <br>
+ <br>
+ <br>
+
+<hr width="100%" size="2"><br>
+ <br>
+ A diagram to suggest a possible TrustDomain architecture.<br>
+ <br>
+ <img src="./standiag.png" alt="Trust Domain Diagram" width="748" height="367">
+ <br>
+
+<hr width="100%" size="2" align="Left"><br>
+
+<h3><a name="pki1"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki1/">
+ PKI1</a>
+ </h3>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOID">NSSOID</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSATAV">NSSATAV</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDN">NSSRDN</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDNSeq">NSSRDNSeq</a>
+ <br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSName">NSSName</a>
+ <br>
+ NSSNameChoice<br>
+ NSSGeneralName<br>
+ NSSGeneralNameChoice<br>
+ NSSOtherName<br>
+ NSSRFC822Name<br>
+ NSSDNSName<br>
+ NSSX400Address<br>
+ NSSEdiParityAddress<br>
+ NSSURI<br>
+ NSSIPAddress<br>
+ NSSRegisteredID<br>
+ NSSGeneralNameSeq<br>
+ <a href="http://lxr.mozilla.org/mozilla/ident?i=nssAttributeTypeAliasTable">
+ nssAttributeTypeAliasTable</a>
+ <br>
+ <br>
+ <br>
+
+<hr width="100%" size="2" align="Left"><br>
+
+<h3><a name="pkix"></a>
+ <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pkix/">
+ PKIX&nbsp;</a>
+ </h3>
+ There is a plethora of PKIX related types here.<br>
+ <br>
+
+<hr width="100%" size="2" align="Left"><br>
+
+<h3><a name="build"></a>
+ Building Stan</h3>
+ <br>
+ From nss/lib, run "make BUILD_STAN=1"<br>
+ <br>
+
+<hr width="100%" size="2" align="Left"><br>
+
+<h3><a name="test"></a>
+ Testing Stan</h3>
+ A&nbsp;new command line tool, pkiutil, has been created to use only
+ the Stan API. &nbsp;It depends on a new library, cmdlib, meant to replace
+ the old secutil library. &nbsp;The old library had code used by products
+ that needed to be integrated into the main library codebase somehow. &nbsp;The
+ goal of the new cmdlib is to have functionality needed strictly for NSS
+ tools.<br>
+ <br>
+ How to build:<br>
+
+<ol>
+ <li>cd nss/cmd/cmdlib; make</li>
+ <li>cd ../pkiutil; make</li>
+
+</ol>
+ pkiutil will give detailed help with either "pkiutil -?" or "pkiutil
+ --help".<br>
+ <br>
+ So far, the only available test is to list certs on the builtins token.
+ &nbsp;Copy "libnssckbi.so" (or whatever it is) to cmd/pkiutil. &nbsp;Then
+ run "pkiutil -L" or "pkiutil --list". &nbsp;The list of certificate nicknames
+ should be displayed.<br>
+ <br>
+ <br>
+
+</body>
+</html>
diff --git a/security/nss/lib/pki/exports.gyp b/security/nss/lib/pki/exports.gyp
new file mode 100644
index 000000000..a9707ae16
--- /dev/null
+++ b/security/nss/lib/pki/exports.gyp
@@ -0,0 +1,32 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_pki_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'nsspki.h',
+ 'nsspkit.h',
+ 'pki.h',
+ 'pki3hack.h',
+ 'pkim.h',
+ 'pkistore.h',
+ 'pkit.h',
+ 'pkitm.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/pki/manifest.mn b/security/nss/lib/pki/manifest.mn
new file mode 100644
index 000000000..a7efb8938
--- /dev/null
+++ b/security/nss/lib/pki/manifest.mn
@@ -0,0 +1,45 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+PRIVATE_EXPORTS = \
+ pki.h \
+ pkit.h \
+ nsspkit.h \
+ nsspki.h \
+ pkistore.h \
+ pki3hack.h \
+ pkitm.h \
+ pkim.h \
+ $(NULL)
+
+EXPORTS = \
+ $(NULL)
+
+MODULE = nss
+
+CSRCS = \
+ asymmkey.c \
+ certificate.c \
+ cryptocontext.c \
+ symmkey.c \
+ trustdomain.c \
+ tdcache.c \
+ certdecode.c \
+ pkistore.c \
+ pkibase.c \
+ pki3hack.c \
+ $(NULL)
+
+#DEFINES = -DDEBUG_CACHE
+
+REQUIRES = nspr
+
+LIBRARY_NAME = nsspki
+LIBRARY_VERSION = 3
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/pki/nsspki.h b/security/nss/lib/pki/nsspki.h
new file mode 100644
index 000000000..28780c375
--- /dev/null
+++ b/security/nss/lib/pki/nsspki.h
@@ -0,0 +1,2779 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSPKI_H
+#define NSSPKI_H
+
+/*
+ * nsspki.h
+ *
+ * This file prototypes the methods of the top-level PKI objects.
+ */
+
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
+#ifndef NSSPKIT_H
+#include "nsspkit.h"
+#endif /* NSSPKIT_H */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * A note about interfaces
+ *
+ * Although these APIs are specified in C, a language which does
+ * not have fancy support for abstract interfaces, this library
+ * was designed from an object-oriented perspective. It may be
+ * useful to consider the standard interfaces which went into
+ * the writing of these APIs.
+ *
+ * Basic operations on all objects:
+ * Destroy -- free a pointer to an object
+ * DeleteStoredObject -- delete an object permanently
+ *
+ * Public Key cryptographic operations:
+ * Encrypt
+ * Verify
+ * VerifyRecover
+ * Wrap
+ * Derive
+ *
+ * Private Key cryptographic operations:
+ * IsStillPresent
+ * Decrypt
+ * Sign
+ * SignRecover
+ * Unwrap
+ * Derive
+ *
+ * Symmetric Key cryptographic operations:
+ * IsStillPresent
+ * Encrypt
+ * Decrypt
+ * Sign
+ * SignRecover
+ * Verify
+ * VerifyRecover
+ * Wrap
+ * Unwrap
+ * Derive
+ *
+ */
+
+/*
+ * NSSCertificate
+ *
+ * These things can do crypto ops like public keys, except that the trust,
+ * usage, and other constraints are checked. These objects are "high-level,"
+ * so trust, usages, etc. are in the form we throw around (client auth,
+ * email signing, etc.). Remember that theoretically another implementation
+ * (think PGP) could be beneath this object.
+ */
+
+/*
+ * NSSCertificate_Destroy
+ *
+ * Free a pointer to a certificate object.
+ */
+
+NSS_EXTERN PRStatus
+NSSCertificate_Destroy(NSSCertificate *c);
+
+/*
+ * NSSCertificate_DeleteStoredObject
+ *
+ * Permanently remove this certificate from storage. If this is the
+ * only (remaining) certificate corresponding to a private key,
+ * public key, and/or other object; then that object (those objects)
+ * are deleted too.
+ */
+
+NSS_EXTERN PRStatus
+NSSCertificate_DeleteStoredObject(
+ NSSCertificate *c,
+ NSSCallback *uhh);
+
+/*
+ * NSSCertificate_Validate
+ *
+ * Verify that this certificate is trusted, for the specified usage(s),
+ * at the specified time, {word word} the specified policies.
+ */
+
+NSS_EXTERN PRStatus
+NSSCertificate_Validate(
+ NSSCertificate *c,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt /* NULL for none */
+ );
+
+/*
+ * NSSCertificate_ValidateCompletely
+ *
+ * Verify that this certificate is trusted. The difference between
+ * this and the previous call is that NSSCertificate_Validate merely
+ * returns success or failure with an appropriate error stack.
+ * However, there may be (and often are) multiple problems with a
+ * certificate. This routine returns an array of errors, specifying
+ * every problem.
+ */
+
+/*
+ * Return value must be an array of objects, each of which has
+ * an NSSError, and any corresponding certificate (in the chain)
+ * and/or policy.
+ */
+
+NSS_EXTERN void ** /* void *[] */
+ NSSCertificate_ValidateCompletely(
+ NSSCertificate *c,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt, /* NULL for none */
+ void **rvOpt, /* NULL for allocate */
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt /* NULL for heap */
+ );
+
+/*
+ * NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
+ *
+ * Returns PR_SUCCESS if the certificate is valid for at least something.
+ */
+
+NSS_EXTERN PRStatus
+NSSCertificate_ValidateAndDiscoverUsagesAndPolicies(
+ NSSCertificate *c,
+ NSSTime **notBeforeOutOpt,
+ NSSTime **notAfterOutOpt,
+ void *allowedUsages,
+ void *disallowedUsages,
+ void *allowedPolicies,
+ void *disallowedPolicies,
+ /* more args.. work on this fgmr */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCertificate_Encode
+ *
+ */
+
+NSS_EXTERN NSSDER *
+NSSCertificate_Encode(
+ NSSCertificate *c,
+ NSSDER *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCertificate_BuildChain
+ *
+ * This routine returns NSSCertificate *'s for each certificate
+ * in the "chain" starting from the specified one up to and
+ * including the root. The zeroth element in the array is the
+ * specified ("leaf") certificate.
+ *
+ * If statusOpt is supplied, and is returned as PR_FAILURE, possible
+ * error values are:
+ *
+ * NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND - the chain is incomplete
+ *
+ */
+
+extern const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND;
+
+NSS_EXTERN NSSCertificate **
+NSSCertificate_BuildChain(
+ NSSCertificate *c,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt,
+ PRStatus *statusOpt,
+ NSSTrustDomain *td,
+ NSSCryptoContext *cc);
+
+/*
+ * NSSCertificate_GetTrustDomain
+ *
+ */
+
+NSS_EXTERN NSSTrustDomain *
+NSSCertificate_GetTrustDomain(NSSCertificate *c);
+
+/*
+ * NSSCertificate_GetToken
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSToken *
+NSSCertificate_GetToken(
+ NSSCertificate *c,
+ PRStatus *statusOpt);
+
+/*
+ * NSSCertificate_GetSlot
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSSlot *
+NSSCertificate_GetSlot(
+ NSSCertificate *c,
+ PRStatus *statusOpt);
+
+/*
+ * NSSCertificate_GetModule
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSModule *
+NSSCertificate_GetModule(
+ NSSCertificate *c,
+ PRStatus *statusOpt);
+
+/*
+ * NSSCertificate_Encrypt
+ *
+ * Encrypt a single chunk of data with the public key corresponding to
+ * this certificate.
+ */
+
+NSS_EXTERN NSSItem *
+NSSCertificate_Encrypt(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCertificate_Verify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCertificate_Verify(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh);
+
+/*
+ * NSSCertificate_VerifyRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCertificate_VerifyRecover(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCertificate_WrapSymmetricKey
+ *
+ * This method tries very hard to to succeed, even in situations
+ * involving sensitive keys and multiple modules.
+ * { relyea: want to add verbiage? }
+ */
+
+NSS_EXTERN NSSItem *
+NSSCertificate_WrapSymmetricKey(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCertificate_CreateCryptoContext
+ *
+ * Create a crypto context, in this certificate's trust domain, with this
+ * as the distinguished certificate.
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSCertificate_CreateCryptoContext(
+ NSSCertificate *c,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh);
+
+/*
+ * NSSCertificate_GetPublicKey
+ *
+ * Returns the public key corresponding to this certificate.
+ */
+
+NSS_EXTERN NSSPublicKey *
+NSSCertificate_GetPublicKey(NSSCertificate *c);
+
+/*
+ * NSSCertificate_FindPrivateKey
+ *
+ * Finds and returns the private key corresponding to this certificate,
+ * if it is available.
+ *
+ * { Should this hang off of NSSUserCertificate? }
+ */
+
+NSS_EXTERN NSSPrivateKey *
+NSSCertificate_FindPrivateKey(
+ NSSCertificate *c,
+ NSSCallback *uhh);
+
+/*
+ * NSSCertificate_IsPrivateKeyAvailable
+ *
+ * Returns success if the private key corresponding to this certificate
+ * is available to be used.
+ *
+ * { Should *this* hang off of NSSUserCertificate?? }
+ */
+
+NSS_EXTERN PRBool
+NSSCertificate_IsPrivateKeyAvailable(
+ NSSCertificate *c,
+ NSSCallback *uhh,
+ PRStatus *statusOpt);
+
+/*
+ * If we make NSSUserCertificate not a typedef of NSSCertificate,
+ * then we'll need implementations of the following:
+ *
+ * NSSUserCertificate_Destroy
+ * NSSUserCertificate_DeleteStoredObject
+ * NSSUserCertificate_Validate
+ * NSSUserCertificate_ValidateCompletely
+ * NSSUserCertificate_ValidateAndDiscoverUsagesAndPolicies
+ * NSSUserCertificate_Encode
+ * NSSUserCertificate_BuildChain
+ * NSSUserCertificate_GetTrustDomain
+ * NSSUserCertificate_GetToken
+ * NSSUserCertificate_GetSlot
+ * NSSUserCertificate_GetModule
+ * NSSUserCertificate_GetCryptoContext
+ * NSSUserCertificate_GetPublicKey
+ */
+
+/*
+ * NSSUserCertificate_IsStillPresent
+ *
+ * Verify that if this certificate lives on a token, that the token
+ * is still present and the certificate still exists. This is a
+ * lightweight call which should be used whenever it should be
+ * verified that the user hasn't perhaps popped out his or her
+ * token and strolled away.
+ */
+
+NSS_EXTERN PRBool
+NSSUserCertificate_IsStillPresent(
+ NSSUserCertificate *uc,
+ PRStatus *statusOpt);
+
+/*
+ * NSSUserCertificate_Decrypt
+ *
+ * Decrypt a single chunk of data with the private key corresponding
+ * to this certificate.
+ */
+
+NSS_EXTERN NSSItem *
+NSSUserCertificate_Decrypt(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSUserCertificate_Sign
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSUserCertificate_Sign(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSUserCertificate_SignRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSUserCertificate_SignRecover(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSUserCertificate_UnwrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSUserCertificate_UnwrapSymmetricKey(
+ NSSUserCertificate *uc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSUserCertificate_DeriveSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSUserCertificate_DeriveSymmetricKey(
+ NSSUserCertificate *uc, /* provides private key */
+ NSSCertificate *c, /* provides public key */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt, /* zero for best allowed */
+ NSSOperations operations,
+ NSSCallback *uhh);
+
+/* filter-certs function(s) */
+
+/**
+ ** fgmr -- trust objects
+ **/
+
+/*
+ * NSSPrivateKey
+ *
+ */
+
+/*
+ * NSSPrivateKey_Destroy
+ *
+ * Free a pointer to a private key object.
+ */
+
+NSS_EXTERN PRStatus
+NSSPrivateKey_Destroy(NSSPrivateKey *vk);
+
+/*
+ * NSSPrivateKey_DeleteStoredObject
+ *
+ * Permanently remove this object, and any related objects (such as the
+ * certificates corresponding to this key).
+ */
+
+NSS_EXTERN PRStatus
+NSSPrivateKey_DeleteStoredObject(
+ NSSPrivateKey *vk,
+ NSSCallback *uhh);
+
+/*
+ * NSSPrivateKey_GetSignatureLength
+ *
+ */
+
+NSS_EXTERN PRUint32
+NSSPrivateKey_GetSignatureLength(NSSPrivateKey *vk);
+
+/*
+ * NSSPrivateKey_GetPrivateModulusLength
+ *
+ */
+
+NSS_EXTERN PRUint32
+NSSPrivateKey_GetPrivateModulusLength(NSSPrivateKey *vk);
+
+/*
+ * NSSPrivateKey_IsStillPresent
+ *
+ */
+
+NSS_EXTERN PRBool
+NSSPrivateKey_IsStillPresent(
+ NSSPrivateKey *vk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSPrivateKey_Encode
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPrivateKey_Encode(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *ap,
+ NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPrivateKey_GetTrustDomain
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSTrustDomain *
+NSSPrivateKey_GetTrustDomain(
+ NSSPrivateKey *vk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSPrivateKey_GetToken
+ *
+ */
+
+NSS_EXTERN NSSToken *
+NSSPrivateKey_GetToken(NSSPrivateKey *vk);
+
+/*
+ * NSSPrivateKey_GetSlot
+ *
+ */
+
+NSS_EXTERN NSSSlot *
+NSSPrivateKey_GetSlot(NSSPrivateKey *vk);
+
+/*
+ * NSSPrivateKey_GetModule
+ *
+ */
+
+NSS_EXTERN NSSModule *
+NSSPrivateKey_GetModule(NSSPrivateKey *vk);
+
+/*
+ * NSSPrivateKey_Decrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPrivateKey_Decrypt(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *encryptedData,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPrivateKey_Sign
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPrivateKey_Sign(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPrivateKey_SignRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPrivateKey_SignRecover(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPrivateKey_UnwrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSPrivateKey_UnwrapSymmetricKey(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSCallback *uhh);
+
+/*
+ * NSSPrivateKey_DeriveSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSPrivateKey_DeriveSymmetricKey(
+ NSSPrivateKey *vk,
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt, /* zero for best allowed */
+ NSSOperations operations,
+ NSSCallback *uhh);
+
+/*
+ * NSSPrivateKey_FindPublicKey
+ *
+ */
+
+NSS_EXTERN NSSPublicKey *
+NSSPrivateKey_FindPublicKey(
+ NSSPrivateKey *vk
+ /* { don't need the callback here, right? } */
+ );
+
+/*
+ * NSSPrivateKey_CreateCryptoContext
+ *
+ * Create a crypto context, in this key's trust domain,
+ * with this as the distinguished private key.
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSPrivateKey_CreateCryptoContext(
+ NSSPrivateKey *vk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhh);
+
+/*
+ * NSSPrivateKey_FindCertificates
+ *
+ * Note that there may be more than one certificate for this
+ * private key. { FilterCertificates function to further
+ * reduce the list. }
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSPrivateKey_FindCertificates(
+ NSSPrivateKey *vk,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPrivateKey_FindBestCertificate
+ *
+ * The parameters for this function will depend on what the users
+ * need. This is just a starting point.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSPrivateKey_FindBestCertificate(
+ NSSPrivateKey *vk,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSPublicKey
+ *
+ * Once you generate, find, or derive one of these, you can use it
+ * to perform (simple) cryptographic operations. Though there may
+ * be certificates associated with these public keys, they are not
+ * verified.
+ */
+
+/*
+ * NSSPublicKey_Destroy
+ *
+ * Free a pointer to a public key object.
+ */
+
+NSS_EXTERN PRStatus
+NSSPublicKey_Destroy(NSSPublicKey *bk);
+
+/*
+ * NSSPublicKey_DeleteStoredObject
+ *
+ * Permanently remove this object, and any related objects (such as the
+ * corresponding private keys and certificates).
+ */
+
+NSS_EXTERN PRStatus
+NSSPublicKey_DeleteStoredObject(
+ NSSPublicKey *bk,
+ NSSCallback *uhh);
+
+/*
+ * NSSPublicKey_Encode
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPublicKey_Encode(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *ap,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPublicKey_GetTrustDomain
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSTrustDomain *
+NSSPublicKey_GetTrustDomain(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSPublicKey_GetToken
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSToken *
+NSSPublicKey_GetToken(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSPublicKey_GetSlot
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSSlot *
+NSSPublicKey_GetSlot(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSPublicKey_GetModule
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSModule *
+NSSPublicKey_GetModule(
+ NSSPublicKey *bk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSPublicKey_Encrypt
+ *
+ * Encrypt a single chunk of data with the public key corresponding to
+ * this certificate.
+ */
+
+NSS_EXTERN NSSItem *
+NSSPublicKey_Encrypt(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPublicKey_Verify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSPublicKey_Verify(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSCallback *uhh);
+
+/*
+ * NSSPublicKey_VerifyRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPublicKey_VerifyRecover(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPublicKey_WrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSPublicKey_WrapSymmetricKey(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPublicKey_CreateCryptoContext
+ *
+ * Create a crypto context, in this key's trust domain, with this
+ * as the distinguished public key.
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSPublicKey_CreateCryptoContext(
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhh);
+
+/*
+ * NSSPublicKey_FindCertificates
+ *
+ * Note that there may be more than one certificate for this
+ * public key. The current implementation may not find every
+ * last certificate available for this public key: that would
+ * involve trolling e.g. huge ldap databases, which will be
+ * grossly inefficient and not generally useful.
+ * { FilterCertificates function to further reduce the list }
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSPublicKey_FindCertificates(
+ NSSPublicKey *bk,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSPrivateKey_FindBestCertificate
+ *
+ * The parameters for this function will depend on what the users
+ * need. This is just a starting point.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSPublicKey_FindBestCertificate(
+ NSSPublicKey *bk,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSPublicKey_FindPrivateKey
+ *
+ */
+
+NSS_EXTERN NSSPrivateKey *
+NSSPublicKey_FindPrivateKey(
+ NSSPublicKey *bk,
+ NSSCallback *uhh);
+
+/*
+ * NSSSymmetricKey
+ *
+ */
+
+/*
+ * NSSSymmetricKey_Destroy
+ *
+ * Free a pointer to a symmetric key object.
+ */
+
+NSS_EXTERN PRStatus
+NSSSymmetricKey_Destroy(NSSSymmetricKey *mk);
+
+/*
+ * NSSSymmetricKey_DeleteStoredObject
+ *
+ * Permanently remove this object.
+ */
+
+NSS_EXTERN PRStatus
+NSSSymmetricKey_DeleteStoredObject(
+ NSSSymmetricKey *mk,
+ NSSCallback *uhh);
+
+/*
+ * NSSSymmetricKey_GetKeyLength
+ *
+ */
+
+NSS_EXTERN PRUint32
+NSSSymmetricKey_GetKeyLength(NSSSymmetricKey *mk);
+
+/*
+ * NSSSymmetricKey_GetKeyStrength
+ *
+ */
+
+NSS_EXTERN PRUint32
+NSSSymmetricKey_GetKeyStrength(NSSSymmetricKey *mk);
+
+/*
+ * NSSSymmetricKey_IsStillPresent
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSSymmetricKey_IsStillPresent(NSSSymmetricKey *mk);
+
+/*
+ * NSSSymmetricKey_GetTrustDomain
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSTrustDomain *
+NSSSymmetricKey_GetTrustDomain(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSSymmetricKey_GetToken
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSToken *
+NSSSymmetricKey_GetToken(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSSymmetricKey_GetSlot
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSSlot *
+NSSSymmetricKey_GetSlot(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSSymmetricKey_GetModule
+ *
+ * There doesn't have to be one.
+ */
+
+NSS_EXTERN NSSModule *
+NSSSymmetricKey_GetModule(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt);
+
+/*
+ * NSSSymmetricKey_Encrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_Encrypt(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_Decrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_Decrypt(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *encryptedData,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_Sign
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_Sign(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_SignRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_SignRecover(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_Verify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSSymmetricKey_Verify(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSCallback *uhh);
+
+/*
+ * NSSSymmetricKey_VerifyRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_VerifyRecover(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_WrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_WrapSymmetricKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_WrapPrivateKey
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSSymmetricKey_WrapPrivateKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPrivateKey *keyToWrap,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSSymmetricKey_UnwrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSSymmetricKey_UnwrapSymmetricKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSOID *target,
+ PRUint32 keySizeOpt,
+ NSSOperations operations,
+ NSSCallback *uhh);
+
+/*
+ * NSSSymmetricKey_UnwrapPrivateKey
+ *
+ */
+
+NSS_EXTERN NSSPrivateKey *
+NSSSymmetricKey_UnwrapPrivateKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSUTF8 *labelOpt,
+ NSSItem *keyIDOpt,
+ PRBool persistant,
+ PRBool sensitive,
+ NSSToken *destinationOpt,
+ NSSCallback *uhh);
+
+/*
+ * NSSSymmetricKey_DeriveSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSSymmetricKey_DeriveSymmetricKey(
+ NSSSymmetricKey *originalKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt,
+ NSSOperations operations,
+ NSSCallback *uhh);
+
+/*
+ * NSSSymmetricKey_CreateCryptoContext
+ *
+ * Create a crypto context, in this key's trust domain,
+ * with this as the distinguished symmetric key.
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSSymmetricKey_CreateCryptoContext(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhh);
+
+/*
+ * NSSTrustDomain
+ *
+ */
+
+/*
+ * NSSTrustDomain_Create
+ *
+ * This creates a trust domain, optionally with an initial cryptoki
+ * module. If the module name is not null, the module is loaded if
+ * needed (using the uriOpt argument), and initialized with the
+ * opaqueOpt argument. If mumble mumble priority settings, then
+ * module-specification objects in the module can cause the loading
+ * and initialization of further modules.
+ *
+ * The uriOpt is defined to take a URI. At present, we only
+ * support file: URLs pointing to platform-native shared libraries.
+ * However, by specifying this as a URI, this keeps open the
+ * possibility of supporting other, possibly remote, resources.
+ *
+ * The "reserved" arguments is held for when we figure out the
+ * module priority stuff.
+ */
+
+NSS_EXTERN NSSTrustDomain *
+NSSTrustDomain_Create(
+ NSSUTF8 *moduleOpt,
+ NSSUTF8 *uriOpt,
+ NSSUTF8 *opaqueOpt,
+ void *reserved);
+
+/*
+ * NSSTrustDomain_Destroy
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_Destroy(NSSTrustDomain *td);
+
+/*
+ * NSSTrustDomain_SetDefaultCallback
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_SetDefaultCallback(
+ NSSTrustDomain *td,
+ NSSCallback *newCallback,
+ NSSCallback **oldCallbackOpt);
+
+/*
+ * NSSTrustDomain_GetDefaultCallback
+ *
+ */
+
+NSS_EXTERN NSSCallback *
+NSSTrustDomain_GetDefaultCallback(
+ NSSTrustDomain *td,
+ PRStatus *statusOpt);
+
+/*
+ * Default policies?
+ * Default usage?
+ * Default time, for completeness?
+ */
+
+/*
+ * NSSTrustDomain_LoadModule
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_LoadModule(
+ NSSTrustDomain *td,
+ NSSUTF8 *moduleOpt,
+ NSSUTF8 *uriOpt,
+ NSSUTF8 *opaqueOpt,
+ void *reserved);
+
+/*
+ * NSSTrustDomain_AddModule
+ * NSSTrustDomain_AddSlot
+ * NSSTrustDomain_UnloadModule
+ * Managing modules, slots, tokens; priorities;
+ * Traversing all of the above
+ * this needs more work
+ */
+
+/*
+ * NSSTrustDomain_DisableToken
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_DisableToken(
+ NSSTrustDomain *td,
+ NSSToken *token,
+ NSSError why);
+
+/*
+ * NSSTrustDomain_EnableToken
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_EnableToken(
+ NSSTrustDomain *td,
+ NSSToken *token);
+
+/*
+ * NSSTrustDomain_IsTokenEnabled
+ *
+ * If disabled, "why" is always on the error stack.
+ * The optional argument is just for convenience.
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_IsTokenEnabled(
+ NSSTrustDomain *td,
+ NSSToken *token,
+ NSSError *whyOpt);
+
+/*
+ * NSSTrustDomain_FindSlotByName
+ *
+ */
+
+NSS_EXTERN NSSSlot *
+NSSTrustDomain_FindSlotByName(
+ NSSTrustDomain *td,
+ NSSUTF8 *slotName);
+
+/*
+ * NSSTrustDomain_FindTokenByName
+ *
+ */
+
+NSS_EXTERN NSSToken *
+NSSTrustDomain_FindTokenByName(
+ NSSTrustDomain *td,
+ NSSUTF8 *tokenName);
+
+/*
+ * NSSTrustDomain_FindTokenBySlotName
+ *
+ */
+
+NSS_EXTERN NSSToken *
+NSSTrustDomain_FindTokenBySlotName(
+ NSSTrustDomain *td,
+ NSSUTF8 *slotName);
+
+/*
+ * NSSTrustDomain_FindBestTokenForAlgorithm
+ *
+ */
+
+NSS_EXTERN NSSToken *
+NSSTrustDomain_FindTokenForAlgorithm(
+ NSSTrustDomain *td,
+ NSSOID *algorithm);
+
+/*
+ * NSSTrustDomain_FindBestTokenForAlgorithms
+ *
+ */
+
+NSS_EXTERN NSSToken *
+NSSTrustDomain_FindBestTokenForAlgorithms(
+ NSSTrustDomain *td,
+ NSSOID *algorithms[], /* may be null-terminated */
+ PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
+ );
+
+/*
+ * NSSTrustDomain_Login
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_Login(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSTrustDomain_Logout
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_Logout(NSSTrustDomain *td);
+
+/* Importing things */
+
+/*
+ * NSSTrustDomain_ImportCertificate
+ *
+ * The implementation will pull some data out of the certificate
+ * (e.g. e-mail address) for use in pkcs#11 object attributes.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_ImportCertificate(
+ NSSTrustDomain *td,
+ NSSCertificate *c);
+
+/*
+ * NSSTrustDomain_ImportPKIXCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_ImportPKIXCertificate(
+ NSSTrustDomain *td,
+ /* declared as a struct until these "data types" are defined */
+ struct NSSPKIXCertificateStr *pc);
+
+/*
+ * NSSTrustDomain_ImportEncodedCertificate
+ *
+ * Imports any type of certificate we support.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_ImportEncodedCertificate(
+ NSSTrustDomain *td,
+ NSSBER *ber);
+
+/*
+ * NSSTrustDomain_ImportEncodedCertificateChain
+ *
+ * If you just want the leaf, pass in a maximum of one.
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_ImportEncodedCertificateChain(
+ NSSTrustDomain *td,
+ NSSBER *ber,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_ImportEncodedPrivateKey
+ *
+ */
+
+NSS_EXTERN NSSPrivateKey *
+NSSTrustDomain_ImportEncodedPrivateKey(
+ NSSTrustDomain *td,
+ NSSBER *ber,
+ NSSItem *passwordOpt, /* NULL will cause a callback */
+ NSSCallback *uhhOpt,
+ NSSToken *destination);
+
+/*
+ * NSSTrustDomain_ImportEncodedPublicKey
+ *
+ */
+
+NSS_EXTERN NSSPublicKey *
+NSSTrustDomain_ImportEncodedPublicKey(
+ NSSTrustDomain *td,
+ NSSBER *ber);
+
+/* Other importations: S/MIME capabilities */
+
+/*
+ * NSSTrustDomain_FindBestCertificateByNickname
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindBestCertificateByNickname(
+ NSSTrustDomain *td,
+ const NSSUTF8 *name,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt /* NULL for none */
+ );
+
+/*
+ * NSSTrustDomain_FindCertificatesByNickname
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindCertificatesByNickname(
+ NSSTrustDomain *td,
+ NSSUTF8 *name,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
+ NSSTrustDomain *td,
+ NSSDER *issuer,
+ NSSDER *serialNumber);
+
+/*
+ * NSSTrustDomain_FindCertificatesByIssuerAndSerialNumber
+ *
+ * Theoretically, this should never happen. However, some companies
+ * we know have issued duplicate certificates with the same issuer
+ * and serial number. Do we just ignore them? I'm thinking yes.
+ */
+
+/*
+ * NSSTrustDomain_FindBestCertificateBySubject
+ *
+ * This does not search through alternate names hidden in extensions.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindBestCertificateBySubject(
+ NSSTrustDomain *td,
+ NSSDER /*NSSUTF8*/ *subject,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSTrustDomain_FindCertificatesBySubject
+ *
+ * This does not search through alternate names hidden in extensions.
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindCertificatesBySubject(
+ NSSTrustDomain *td,
+ NSSDER /*NSSUTF8*/ *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_FindBestCertificateByNameComponents
+ *
+ * This call does try several tricks, including a pseudo pkcs#11
+ * attribute for the ldap module to try as a query. Eventually
+ * this call falls back to a traversal if that's what's required.
+ * It will search through alternate names hidden in extensions.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindBestCertificateByNameComponents(
+ NSSTrustDomain *td,
+ NSSUTF8 *nameComponents,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSTrustDomain_FindCertificatesByNameComponents
+ *
+ * This call, too, tries several tricks. It will stop on the first
+ * attempt that generates results, so it won't e.g. traverse the
+ * entire ldap database.
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindCertificatesByNameComponents(
+ NSSTrustDomain *td,
+ NSSUTF8 *nameComponents,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_FindCertificateByEncodedCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindCertificateByEncodedCertificate(
+ NSSTrustDomain *td,
+ NSSBER *encodedCertificate);
+
+/*
+ * NSSTrustDomain_FindBestCertificateByEmail
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindCertificateByEmail(
+ NSSTrustDomain *td,
+ NSSASCII7 *email,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSTrustDomain_FindCertificatesByEmail
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindCertificatesByEmail(
+ NSSTrustDomain *td,
+ NSSASCII7 *email,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_FindCertificateByOCSPHash
+ *
+ * There can be only one.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindCertificateByOCSPHash(
+ NSSTrustDomain *td,
+ NSSItem *hash);
+
+/*
+ * NSSTrustDomain_TraverseCertificates
+ *
+ * This function descends from one in older versions of NSS which
+ * traverses the certs in the permanent database. That function
+ * was used to implement selection routines, but was directly
+ * available too. Trust domains are going to contain a lot more
+ * certs now (e.g., an ldap server), so we'd really like to
+ * discourage traversal. Thus for now, this is commented out.
+ * If it's needed, let's look at the situation more closely to
+ * find out what the actual requirements are.
+ */
+
+/* For now, adding this function. This may only be for debugging
+ * purposes.
+ * Perhaps some equivalent function, on a specified token, will be
+ * needed in a "friend" header file?
+ */
+NSS_EXTERN PRStatus *
+NSSTrustDomain_TraverseCertificates(
+ NSSTrustDomain *td,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg);
+
+/*
+ * NSSTrustDomain_FindBestUserCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindBestUserCertificate(
+ NSSTrustDomain *td,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSTrustDomain_FindUserCertificates
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindUserCertificates(
+ NSSTrustDomain *td,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindBestUserCertificateForSSLClientAuth(
+ NSSTrustDomain *td,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSTrustDomain_FindUserCertificatesForSSLClientAuth
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindUserCertificatesForSSLClientAuth(
+ NSSTrustDomain *td,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSTrustDomain_FindBestUserCertificateForEmailSigning
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSTrustDomain_FindBestUserCertificateForEmailSigning(
+ NSSTrustDomain *td,
+ NSSASCII7 *signerOpt,
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSTrustDomain_FindUserCertificatesForEmailSigning
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSTrustDomain_FindUserCertificatesForEmailSigning(
+ NSSTrustDomain *td,
+ NSSASCII7 *signerOpt,
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt);
+
+/*
+ * Here is where we'd add more Find[Best]UserCertificate[s]For<usage>
+ * routines.
+ */
+
+/* Private Keys */
+
+/*
+ * NSSTrustDomain_GenerateKeyPair
+ *
+ * Creates persistant objects. If you want session objects, use
+ * NSSCryptoContext_GenerateKeyPair. The destination token is where
+ * the keys are stored. If that token can do the required math, then
+ * that's where the keys are generated too. Otherwise, the keys are
+ * generated elsewhere and moved to that token.
+ */
+
+NSS_EXTERN PRStatus
+NSSTrustDomain_GenerateKeyPair(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap,
+ NSSPrivateKey **pvkOpt,
+ NSSPublicKey **pbkOpt,
+ PRBool privateKeyIsSensitive,
+ NSSToken *destination,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSTrustDomain_TraversePrivateKeys
+ *
+ *
+ * NSS_EXTERN PRStatus *
+ * NSSTrustDomain_TraversePrivateKeys
+ * (
+ * NSSTrustDomain *td,
+ * PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
+ * void *arg
+ * );
+ */
+
+/* Symmetric Keys */
+
+/*
+ * NSSTrustDomain_GenerateSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSTrustDomain_GenerateSymmetricKey(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap,
+ PRUint32 keysize,
+ NSSToken *destination,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSTrustDomain_GenerateSymmetricKeyFromPassword
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSTrustDomain_GenerateSymmetricKeyFromPassword(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap,
+ NSSUTF8 *passwordOpt, /* if null, prompt */
+ NSSToken *destinationOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSTrustDomain_FindSymmetricKeyByAlgorithm
+ *
+ * Is this still needed?
+ *
+ * NSS_EXTERN NSSSymmetricKey *
+ * NSSTrustDomain_FindSymmetricKeyByAlgorithm
+ * (
+ * NSSTrustDomain *td,
+ * NSSOID *algorithm,
+ * NSSCallback *uhhOpt
+ * );
+ */
+
+/*
+ * NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID(
+ NSSTrustDomain *td,
+ NSSOID *algorithm,
+ NSSItem *keyID,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSTrustDomain_TraverseSymmetricKeys
+ *
+ *
+ * NSS_EXTERN PRStatus *
+ * NSSTrustDomain_TraverseSymmetricKeys
+ * (
+ * NSSTrustDomain *td,
+ * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
+ * void *arg
+ * );
+ */
+
+/*
+ * NSSTrustDomain_CreateCryptoContext
+ *
+ * If a callback object is specified, it becomes the for the crypto
+ * context; otherwise, this trust domain's default (if any) is
+ * inherited.
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSTrustDomain_CreateCryptoContext(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSTrustDomain_CreateCryptoContextForAlgorithm
+ *
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSTrustDomain_CreateCryptoContextForAlgorithm(
+ NSSTrustDomain *td,
+ NSSOID *algorithm);
+
+/*
+ * NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
+ *
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap);
+
+/* find/traverse other objects, e.g. s/mime profiles */
+
+/*
+ * NSSCryptoContext
+ *
+ * A crypto context is sort of a short-term snapshot of a trust domain,
+ * used for the life of "one crypto operation." You can also think of
+ * it as a "temporary database."
+ *
+ * Just about all of the things you can do with a trust domain -- importing
+ * or creating certs, keys, etc. -- can be done with a crypto context.
+ * The difference is that the objects will be temporary ("session") objects.
+ *
+ * Also, if the context was created for a key, cert, and/or algorithm; or
+ * if such objects have been "associated" with the context, then the context
+ * can do everything the keys can, like crypto operations.
+ *
+ * And finally, because it keeps the state of the crypto operations, it
+ * can do streaming crypto ops.
+ */
+
+/*
+ * NSSTrustDomain_Destroy
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_Destroy(NSSCryptoContext *cc);
+
+/* establishing a default callback */
+
+/*
+ * NSSCryptoContext_SetDefaultCallback
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_SetDefaultCallback(
+ NSSCryptoContext *cc,
+ NSSCallback *newCallback,
+ NSSCallback **oldCallbackOpt);
+
+/*
+ * NSSCryptoContext_GetDefaultCallback
+ *
+ */
+
+NSS_EXTERN NSSCallback *
+NSSCryptoContext_GetDefaultCallback(
+ NSSCryptoContext *cc,
+ PRStatus *statusOpt);
+
+/*
+ * NSSCryptoContext_GetTrustDomain
+ *
+ */
+
+NSS_EXTERN NSSTrustDomain *
+NSSCryptoContext_GetTrustDomain(
+ NSSCryptoContext *cc);
+
+/* AddModule, etc: should we allow "temporary" changes here? */
+/* DisableToken, etc: ditto */
+/* Ordering of tokens? */
+/* Finding slots+token etc. */
+/* login+logout */
+
+/* Importing things */
+
+/*
+ * NSSCryptoContext_FindOrImportCertificate
+ *
+ * If the certificate store already contains this DER cert, return the
+ * address of the matching NSSCertificate that is already in the store,
+ * and bump its reference count.
+ *
+ * If this DER cert is NOT already in the store, then add the new
+ * NSSCertificate to the store and bump its reference count,
+ * then return its address.
+ *
+ * if this DER cert is not in the store and cannot be added to it,
+ * return NULL;
+ *
+ * Record the associated crypto context in the certificate.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindOrImportCertificate(
+ NSSCryptoContext *cc,
+ NSSCertificate *c);
+
+/*
+ * NSSCryptoContext_ImportPKIXCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_ImportPKIXCertificate(
+ NSSCryptoContext *cc,
+ struct NSSPKIXCertificateStr *pc);
+
+/*
+ * NSSCryptoContext_ImportEncodedCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_ImportEncodedCertificate(
+ NSSCryptoContext *cc,
+ NSSBER *ber);
+
+/*
+ * NSSCryptoContext_ImportEncodedPKIXCertificateChain
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_ImportEncodedPKIXCertificateChain(
+ NSSCryptoContext *cc,
+ NSSBER *ber);
+
+/* Other importations: S/MIME capabilities
+ */
+
+/*
+ * NSSCryptoContext_FindBestCertificateByNickname
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestCertificateByNickname(
+ NSSCryptoContext *cc,
+ const NSSUTF8 *name,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt /* NULL for none */
+ );
+
+/*
+ * NSSCryptoContext_FindCertificatesByNickname
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSCryptoContext_FindCertificatesByNickname(
+ NSSCryptoContext *cc,
+ NSSUTF8 *name,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(
+ NSSCryptoContext *cc,
+ NSSDER *issuer,
+ NSSDER *serialNumber);
+
+/*
+ * NSSCryptoContext_FindBestCertificateBySubject
+ *
+ * This does not search through alternate names hidden in extensions.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestCertificateBySubject(
+ NSSCryptoContext *cc,
+ NSSDER /*NSSUTF8*/ *subject,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSCryptoContext_FindCertificatesBySubject
+ *
+ * This does not search through alternate names hidden in extensions.
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSCryptoContext_FindCertificatesBySubject(
+ NSSCryptoContext *cc,
+ NSSDER /*NSSUTF8*/ *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FindBestCertificateByNameComponents
+ *
+ * This call does try several tricks, including a pseudo pkcs#11
+ * attribute for the ldap module to try as a query. Eventually
+ * this call falls back to a traversal if that's what's required.
+ * It will search through alternate names hidden in extensions.
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestCertificateByNameComponents(
+ NSSCryptoContext *cc,
+ NSSUTF8 *nameComponents,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSCryptoContext_FindCertificatesByNameComponents
+ *
+ * This call, too, tries several tricks. It will stop on the first
+ * attempt that generates results, so it won't e.g. traverse the
+ * entire ldap database.
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSCryptoContext_FindCertificatesByNameComponents(
+ NSSCryptoContext *cc,
+ NSSUTF8 *nameComponents,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FindCertificateByEncodedCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindCertificateByEncodedCertificate(
+ NSSCryptoContext *cc,
+ NSSBER *encodedCertificate);
+
+/*
+ * NSSCryptoContext_FindBestCertificateByEmail
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestCertificateByEmail(
+ NSSCryptoContext *cc,
+ NSSASCII7 *email,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSCryptoContext_FindCertificatesByEmail
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSCryptoContext_FindCertificatesByEmail(
+ NSSCryptoContext *cc,
+ NSSASCII7 *email,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FindCertificateByOCSPHash
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindCertificateByOCSPHash(
+ NSSCryptoContext *cc,
+ NSSItem *hash);
+
+/*
+ * NSSCryptoContext_TraverseCertificates
+ *
+ *
+ * NSS_EXTERN PRStatus *
+ * NSSCryptoContext_TraverseCertificates
+ * (
+ * NSSCryptoContext *cc,
+ * PRStatus (*callback)(NSSCertificate *c, void *arg),
+ * void *arg
+ * );
+ */
+
+/*
+ * NSSCryptoContext_FindBestUserCertificate
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestUserCertificate(
+ NSSCryptoContext *cc,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSCryptoContext_FindUserCertificates
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSCryptoContext_FindUserCertificates(
+ NSSCryptoContext *cc,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestUserCertificateForSSLClientAuth(
+ NSSCryptoContext *cc,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSCryptoContext_FindUserCertificatesForSSLClientAuth
+ *
+ */
+
+NSS_EXTERN NSSCertificate **
+NSSCryptoContext_FindUserCertificatesForSSLClientAuth(
+ NSSCryptoContext *cc,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FindBestUserCertificateForEmailSigning
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindBestUserCertificateForEmailSigning(
+ NSSCryptoContext *cc,
+ NSSASCII7 *signerOpt,
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt);
+
+/*
+ * NSSCryptoContext_FindUserCertificatesForEmailSigning
+ *
+ */
+
+NSS_EXTERN NSSCertificate *
+NSSCryptoContext_FindUserCertificatesForEmailSigning(
+ NSSCryptoContext *cc,
+ NSSASCII7 *signerOpt, /* fgmr or a more general name? */
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt);
+
+/* Private Keys */
+
+/*
+ * NSSCryptoContext_GenerateKeyPair
+ *
+ * Creates session objects. If you want persistant objects, use
+ * NSSTrustDomain_GenerateKeyPair. The destination token is where
+ * the keys are stored. If that token can do the required math, then
+ * that's where the keys are generated too. Otherwise, the keys are
+ * generated elsewhere and moved to that token.
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_GenerateKeyPair(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *ap,
+ NSSPrivateKey **pvkOpt,
+ NSSPublicKey **pbkOpt,
+ PRBool privateKeyIsSensitive,
+ NSSToken *destination,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_TraversePrivateKeys
+ *
+ *
+ * NSS_EXTERN PRStatus *
+ * NSSCryptoContext_TraversePrivateKeys
+ * (
+ * NSSCryptoContext *cc,
+ * PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
+ * void *arg
+ * );
+ */
+
+/* Symmetric Keys */
+
+/*
+ * NSSCryptoContext_GenerateSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSCryptoContext_GenerateSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *ap,
+ PRUint32 keysize,
+ NSSToken *destination,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_GenerateSymmetricKeyFromPassword
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSCryptoContext_GenerateSymmetricKeyFromPassword(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *ap,
+ NSSUTF8 *passwordOpt, /* if null, prompt */
+ NSSToken *destinationOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_FindSymmetricKeyByAlgorithm
+ *
+ *
+ * NSS_EXTERN NSSSymmetricKey *
+ * NSSCryptoContext_FindSymmetricKeyByType
+ * (
+ * NSSCryptoContext *cc,
+ * NSSOID *type,
+ * NSSCallback *uhhOpt
+ * );
+ */
+
+/*
+ * NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID(
+ NSSCryptoContext *cc,
+ NSSOID *algorithm,
+ NSSItem *keyID,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_TraverseSymmetricKeys
+ *
+ *
+ * NSS_EXTERN PRStatus *
+ * NSSCryptoContext_TraverseSymmetricKeys
+ * (
+ * NSSCryptoContext *cc,
+ * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
+ * void *arg
+ * );
+ */
+
+/* Crypto ops on distinguished keys */
+
+/*
+ * NSSCryptoContext_Decrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_Decrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *encryptedData,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_BeginDecrypt
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginDecrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueDecrypt
+ *
+ */
+
+/*
+ * NSSItem semantics:
+ *
+ * If rvOpt is NULL, a new NSSItem and buffer are allocated.
+ * If rvOpt is not null, but the buffer pointer is null,
+ * then rvOpt is returned but a new buffer is allocated.
+ * In this case, if the length value is not zero, then
+ * no more than that much space will be allocated.
+ * If rvOpt is not null and the buffer pointer is not null,
+ * then that buffer is re-used. No more than the buffer
+ * length value will be used; if it's not enough, an
+ * error is returned. If less is used, the number is
+ * adjusted downwards.
+ *
+ * Note that although this is short of some ideal "Item"
+ * definition, we can usually tell how big these buffers
+ * have to be.
+ *
+ * Feedback is requested; and earlier is better than later.
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_ContinueDecrypt(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FinishDecrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_FinishDecrypt(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_Sign
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_Sign(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_BeginSign
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginSign(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueSign
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_ContinueSign(
+ NSSCryptoContext *cc,
+ NSSItem *data);
+
+/*
+ * NSSCryptoContext_FinishSign
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_FinishSign(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_SignRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_SignRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_BeginSignRecover
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginSignRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueSignRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_ContinueSignRecover(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FinishSignRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_FinishSignRecover(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_UnwrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSCryptoContext_UnwrapSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_DeriveSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSSymmetricKey *
+NSSCryptoContext_DeriveSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSPublicKey *bk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt, /* zero for best allowed */
+ NSSOperations operations,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_Encrypt
+ *
+ * Encrypt a single chunk of data with the distinguished public key
+ * of this crypto context.
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_Encrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_BeginEncrypt
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginEncrypt(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueEncrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_ContinueEncrypt(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FinishEncrypt
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_FinishEncrypt(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_Verify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_Verify(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_BeginVerify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginVerify(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueVerify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_ContinueVerify(
+ NSSCryptoContext *cc,
+ NSSItem *data);
+
+/*
+ * NSSCryptoContext_FinishVerify
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_FinishVerify(
+ NSSCryptoContext *cc);
+
+/*
+ * NSSCryptoContext_VerifyRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_VerifyRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_BeginVerifyRecover
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginVerifyRecover(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueVerifyRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_ContinueVerifyRecover(
+ NSSCryptoContext *cc,
+ NSSItem *data,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_FinishVerifyRecover
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_FinishVerifyRecover(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_WrapSymmetricKey
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_WrapSymmetricKey(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_Digest
+ *
+ * Digest a single chunk of data with the distinguished digest key
+ * of this crypto context.
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_Digest(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhhOpt,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * NSSCryptoContext_BeginDigest
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_BeginDigest(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhhOpt);
+
+/*
+ * NSSCryptoContext_ContinueDigest
+ *
+ */
+
+NSS_EXTERN PRStatus
+NSSCryptoContext_ContinueDigest(
+ NSSCryptoContext *cc,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *item);
+
+/*
+ * NSSCryptoContext_FinishDigest
+ *
+ */
+
+NSS_EXTERN NSSItem *
+NSSCryptoContext_FinishDigest(
+ NSSCryptoContext *cc,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt);
+
+/*
+ * tbd: Combination ops
+ */
+
+/*
+ * NSSCryptoContext_Clone
+ *
+ */
+
+NSS_EXTERN NSSCryptoContext *
+NSSCryptoContext_Clone(NSSCryptoContext *cc);
+
+/*
+ * NSSCryptoContext_Save
+ * NSSCryptoContext_Restore
+ *
+ * We need to be able to save and restore the state of contexts.
+ * Perhaps a mark-and-release mechanism would be better?
+ */
+
+/*
+ * ..._SignTBSCertificate
+ *
+ * This requires feedback from the cert server team.
+ */
+
+/*
+ * PRBool NSSCertificate_GetIsTrustedFor{xxx}(NSSCertificate *c);
+ * PRStatus NSSCertificate_SetIsTrustedFor{xxx}(NSSCertificate *c, PRBool trusted);
+ *
+ * These will be helper functions which get the trust object for a cert,
+ * and then call the corresponding function(s) on it.
+ *
+ * PKIX trust objects will have methods to manipulate the low-level trust
+ * bits (which are based on key usage and extended key usage), and also the
+ * conceptual high-level usages (e.g. ssl client auth, email encryption, etc.)
+ *
+ * Other types of trust objects (if any) might have different low-level
+ * representations, but hopefully high-level concepts would map.
+ *
+ * Only these high-level general routines would be promoted to the
+ * general certificate level here. Hence the {xxx} above would be things
+ * like "EmailSigning."
+ *
+ *
+ * NSSPKIXTrust *NSSCertificate_GetPKIXTrustObject(NSSCertificate *c);
+ * PRStatus NSSCertificate_SetPKIXTrustObject(NSSCertificate *c, NSPKIXTrust *t);
+ *
+ * I want to hold off on any general trust object until we've investigated
+ * other models more thoroughly.
+ */
+
+PR_END_EXTERN_C
+
+#endif /* NSSPKI_H */
diff --git a/security/nss/lib/pki/nsspkit.h b/security/nss/lib/pki/nsspkit.h
new file mode 100644
index 000000000..1d6bc7180
--- /dev/null
+++ b/security/nss/lib/pki/nsspkit.h
@@ -0,0 +1,247 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSPKIT_H
+#define NSSPKIT_H
+
+/*
+ * nsspkit.h
+ *
+ * This file defines the types of the top-level PKI objects.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * NSSCertificate
+ *
+ * This is the public representation of a Certificate. The certificate
+ * may be one found on a smartcard or other token, one decoded from data
+ * received as part of a protocol, one constructed from constituent
+ * parts, etc. Usually it is associated with ("in") a trust domain; as
+ * it can be verified only within a trust domain. The underlying type
+ * of certificate may be of any supported standard, e.g. PKIX, PGP, etc.
+ *
+ * People speak of "verifying (with) the server's, or correspondant's,
+ * certificate"; for simple operations we support that simplification
+ * by implementing public-key crypto operations as methods on this type.
+ */
+
+struct NSSCertificateStr;
+typedef struct NSSCertificateStr NSSCertificate;
+
+/*
+ * NSSUserCertificate
+ *
+ * A ``User'' certificate is one for which the private key is available.
+ * People speak of "using my certificate to sign my email" and "using
+ * my certificate to authenticate to (or login to) the server"; for
+ * simple operations, we support that simplification by implementing
+ * private-key crypto operations as methods on this type.
+ *
+ * The current design only weakly distinguishes between certificates
+ * and user certificates: as far as the compiler goes they're
+ * interchangeable; debug libraries only have one common pointer-tracker;
+ * etc. However, attempts to do private-key operations on a certificate
+ * for which the private key is not available will fail.
+ *
+ * Open design question: should these types be more firmly separated?
+ */
+
+typedef NSSCertificate NSSUserCertificate;
+
+/*
+ * NSSPrivateKey
+ *
+ * This is the public representation of a Private Key. In general,
+ * the actual value of the key is not available, but operations may
+ * be performed with it.
+ */
+
+struct NSSPrivateKeyStr;
+typedef struct NSSPrivateKeyStr NSSPrivateKey;
+
+/*
+ * NSSPublicKey
+ *
+ */
+
+struct NSSPublicKeyStr;
+typedef struct NSSPublicKeyStr NSSPublicKey;
+
+/*
+ * NSSSymmetricKey
+ *
+ */
+
+struct NSSSymmetricKeyStr;
+typedef struct NSSSymmetricKeyStr NSSSymmetricKey;
+
+/*
+ * NSSTrustDomain
+ *
+ * A Trust Domain is the field in which certificates may be validated.
+ * A trust domain will generally have one or more cryptographic modules
+ * open; these modules perform the cryptographic operations, and
+ * provide the basic "root" trust information from which the trust in
+ * a specific certificate or key depends.
+ *
+ * A client program, or a simple server, would typically have one
+ * trust domain. A server supporting multiple "virtual servers" might
+ * have a separate trust domain for each virtual server. The separate
+ * trust domains might share some modules (e.g., a hardware crypto
+ * accelerator) but not others (e.g., the tokens storing the different
+ * servers' private keys, or the databases with each server's trusted
+ * root certificates).
+ *
+ * This object descends from the "permananet database" in the old code.
+ */
+
+struct NSSTrustDomainStr;
+typedef struct NSSTrustDomainStr NSSTrustDomain;
+
+/*
+ * NSSCryptoContext
+ *
+ * A Crypto Context is a short-term, "helper" object which is used
+ * for the lifetime of one ongoing "crypto operation." Such an
+ * operation may be the creation of a signed message, the use of an
+ * TLS socket connection, etc. Each crypto context is "in" a
+ * specific trust domain, and it may have associated with it a
+ * distinguished certificate, public key, private key, and/or
+ * symmetric key. It can also temporarily hold and use temporary
+ * data (e.g. intermediate certificates) which is not stored
+ * permanently in the trust domain.
+ *
+ * In OO terms, this interface inherits interfaces from the trust
+ * domain, the certificates, and the keys. It also provides
+ * streaming crypto operations.
+ *
+ * This object descends from the "temporary database" concept in the
+ * old code, but it has changed a lot as a result of what we've
+ * learned.
+ */
+
+typedef struct NSSCryptoContextStr NSSCryptoContext;
+
+/*
+ * fgmr others
+ */
+
+/*
+ * OBJECT IDENTIFIER
+ *
+ * This is the basic OID that crops up everywhere.
+ */
+
+struct NSSOIDStr; /* unused opaque structure */
+typedef struct NSSOIDStr NSSOID;
+
+/*
+ * NSSTime
+ *
+ * Unfortunately, we need an "exceptional" value to indicate
+ * an error upon return, or "no value" on input. Note that zero
+ * is a perfectly valid value for both time_t and PRTime.
+ *
+ * If we were to create a "range" object, with two times for
+ * Not Before and Not After, we would have an obvious place for
+ * the somewhat arbitrary logic involved in comparing them.
+ *
+ * Failing that, let's have an NSSTime_CompareRanges function.
+ */
+
+struct NSSTimeStr;
+typedef struct NSSTimeStr NSSTime;
+
+struct NSSTrustStr;
+typedef struct NSSTrustStr NSSTrust;
+
+/*
+ * NSSUsage
+ *
+ * This is trickier than originally planned; I'll write up a
+ * doc on it.
+ *
+ * We'd still like nsspki.h to have a list of common usages,
+ * e.g.:
+ *
+ * extern const NSSUsage *NSSUsage_ClientAuth;
+ * extern const NSSUsage *NSSUsage_ServerAuth;
+ * extern const NSSUsage *NSSUsage_SignEmail;
+ * extern const NSSUsage *NSSUsage_EncryptEmail;
+ * etc.
+ */
+
+struct NSSUsageStr;
+typedef struct NSSUsageStr NSSUsage;
+
+/*
+ * NSSPolicies
+ *
+ * Placeholder, for now.
+ */
+
+struct NSSPoliciesStr;
+typedef struct NSSPoliciesStr NSSPolicies;
+
+/*
+ * NSSAlgorithmAndParameters
+ *
+ * Algorithm is an OID
+ * Parameters depend on the algorithm
+ */
+
+struct NSSAlgorithmAndParametersStr;
+typedef struct NSSAlgorithmAndParametersStr NSSAlgorithmAndParameters;
+
+/*
+ * NSSCallback
+ *
+ * At minimum, a "challenge" method and a closure argument.
+ * Usually the challenge will just be prompting for a password.
+ * How OO do we want to make it?
+ */
+
+typedef struct NSSCallbackStr NSSCallback;
+
+struct NSSCallbackStr {
+ /* Prompt for a password to initialize a slot. */
+ PRStatus (*getInitPW)(NSSUTF8 *slotName, void *arg,
+ NSSUTF8 **ssoPW, NSSUTF8 **userPW);
+ /* Prompt for oldPW and newPW in order to change the
+ * password on a slot.
+ */
+ PRStatus (*getNewPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
+ NSSUTF8 **oldPW, NSSUTF8 **newPW);
+ /* Prompt for slot password. */
+ PRStatus (*getPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
+ NSSUTF8 **password);
+ void *arg;
+};
+
+/* set errors - user cancelled, ... */
+
+typedef PRUint32 NSSOperations;
+/* 1) Do we want these to be preprocessor definitions or constants? */
+/* 2) What is the correct and complete list? */
+
+#define NSSOperations_ENCRYPT 0x0001
+#define NSSOperations_DECRYPT 0x0002
+#define NSSOperations_WRAP 0x0004
+#define NSSOperations_UNWRAP 0x0008
+#define NSSOperations_SIGN 0x0010
+#define NSSOperations_SIGN_RECOVER 0x0020
+#define NSSOperations_VERIFY 0x0040
+#define NSSOperations_VERIFY_RECOVER 0x0080
+
+struct NSSPKIXCertificateStr;
+
+PR_END_EXTERN_C
+
+#endif /* NSSPKIT_H */
diff --git a/security/nss/lib/pki/pki.gyp b/security/nss/lib/pki/pki.gyp
new file mode 100644
index 000000000..c3475dfb1
--- /dev/null
+++ b/security/nss/lib/pki/pki.gyp
@@ -0,0 +1,32 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nsspki',
+ 'type': 'static_library',
+ 'sources': [
+ 'asymmkey.c',
+ 'certdecode.c',
+ 'certificate.c',
+ 'cryptocontext.c',
+ 'pki3hack.c',
+ 'pkibase.c',
+ 'pkistore.c',
+ 'symmkey.c',
+ 'tdcache.c',
+ 'trustdomain.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/pki/pki.h b/security/nss/lib/pki/pki.h
new file mode 100644
index 000000000..00cebe7d4
--- /dev/null
+++ b/security/nss/lib/pki/pki.h
@@ -0,0 +1,141 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKI_H
+#define PKI_H
+
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+#ifndef PKIT_H
+#include "pkit.h"
+#endif /* PKIT_H */
+
+PR_BEGIN_EXTERN_C
+
+NSS_EXTERN NSSCallback *
+nssTrustDomain_GetDefaultCallback(
+ NSSTrustDomain *td,
+ PRStatus *statusOpt);
+
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_FindCertificatesBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSTrust *
+nssTrustDomain_FindTrustForCertificate(
+ NSSTrustDomain *td,
+ NSSCertificate *c);
+
+NSS_EXTERN NSSCertificate *
+nssCertificate_AddRef(NSSCertificate *c);
+
+NSS_EXTERN PRStatus
+nssCertificate_Destroy(NSSCertificate *c);
+
+NSS_EXTERN NSSDER *
+nssCertificate_GetEncoding(NSSCertificate *c);
+
+NSS_EXTERN NSSDER *
+nssCertificate_GetIssuer(NSSCertificate *c);
+
+NSS_EXTERN NSSDER *
+nssCertificate_GetSerialNumber(NSSCertificate *c);
+
+NSS_EXTERN NSSDER *
+nssCertificate_GetSubject(NSSCertificate *c);
+
+/* Returns a copy, Caller must free using nss_ZFreeIf */
+NSS_EXTERN NSSUTF8 *
+nssCertificate_GetNickname(
+ NSSCertificate *c,
+ NSSToken *tokenOpt);
+
+NSS_EXTERN NSSASCII7 *
+nssCertificate_GetEmailAddress(NSSCertificate *c);
+
+NSS_EXTERN PRBool
+nssCertificate_IssuerAndSerialEqual(
+ NSSCertificate *c1,
+ NSSCertificate *c2);
+
+NSS_EXTERN NSSPrivateKey *
+nssPrivateKey_AddRef(NSSPrivateKey *vk);
+
+NSS_EXTERN PRStatus
+nssPrivateKey_Destroy(NSSPrivateKey *vk);
+
+NSS_EXTERN NSSItem *
+nssPrivateKey_GetID(NSSPrivateKey *vk);
+
+NSS_EXTERN NSSUTF8 *
+nssPrivateKey_GetNickname(
+ NSSPrivateKey *vk,
+ NSSToken *tokenOpt);
+
+NSS_EXTERN PRStatus
+nssPublicKey_Destroy(NSSPublicKey *bk);
+
+NSS_EXTERN NSSItem *
+nssPublicKey_GetID(NSSPublicKey *vk);
+
+NSS_EXTERN NSSCertificate **
+nssCryptoContext_FindCertificatesBySubject(
+ NSSCryptoContext *cc,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/* putting here for now, needs more thought */
+NSS_EXTERN PRStatus
+nssCryptoContext_ImportTrust(
+ NSSCryptoContext *cc,
+ NSSTrust *trust);
+
+NSS_EXTERN NSSTrust *
+nssCryptoContext_FindTrustForCertificate(
+ NSSCryptoContext *cc,
+ NSSCertificate *cert);
+
+NSS_EXTERN PRStatus
+nssCryptoContext_ImportSMIMEProfile(
+ NSSCryptoContext *cc,
+ nssSMIMEProfile *profile);
+
+NSS_EXTERN nssSMIMEProfile *
+nssCryptoContext_FindSMIMEProfileForCertificate(
+ NSSCryptoContext *cc,
+ NSSCertificate *cert);
+
+NSS_EXTERN NSSTrust *
+nssTrust_AddRef(NSSTrust *trust);
+
+NSS_EXTERN PRStatus
+nssTrust_Destroy(NSSTrust *trust);
+
+NSS_EXTERN nssSMIMEProfile *
+nssSMIMEProfile_AddRef(nssSMIMEProfile *profile);
+
+NSS_EXTERN PRStatus
+nssSMIMEProfile_Destroy(nssSMIMEProfile *profile);
+
+NSS_EXTERN nssSMIMEProfile *
+nssSMIMEProfile_Create(
+ NSSCertificate *cert,
+ NSSItem *profileTime,
+ NSSItem *profileData);
+
+PR_END_EXTERN_C
+
+#endif /* PKI_H */
diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c
new file mode 100644
index 000000000..0826b7f5e
--- /dev/null
+++ b/security/nss/lib/pki/pki3hack.c
@@ -0,0 +1,1441 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Hacks to integrate NSS 3.4 and NSS 4.0 certificates.
+ */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+#ifndef PKI_H
+#include "pki.h"
+#endif /* PKI_H */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#ifndef DEV_H
+#include "dev.h"
+#endif /* DEV_H */
+
+#ifndef DEVNSS3HACK_H
+#include "dev3hack.h"
+#endif /* DEVNSS3HACK_H */
+
+#ifndef PKINSS3HACK_H
+#include "pki3hack.h"
+#endif /* PKINSS3HACK_H */
+
+#include "secitem.h"
+#include "certdb.h"
+#include "certt.h"
+#include "cert.h"
+#include "certi.h"
+#include "pk11func.h"
+#include "pkistore.h"
+#include "secmod.h"
+#include "nssrwlk.h"
+
+NSSTrustDomain *g_default_trust_domain = NULL;
+
+NSSCryptoContext *g_default_crypto_context = NULL;
+
+NSSTrustDomain *
+STAN_GetDefaultTrustDomain()
+{
+ return g_default_trust_domain;
+}
+
+NSSCryptoContext *
+STAN_GetDefaultCryptoContext()
+{
+ return g_default_crypto_context;
+}
+
+extern const NSSError NSS_ERROR_ALREADY_INITIALIZED;
+extern const NSSError NSS_ERROR_INTERNAL_ERROR;
+
+NSS_IMPLEMENT PRStatus
+STAN_InitTokenForSlotInfo(NSSTrustDomain *td, PK11SlotInfo *slot)
+{
+ NSSToken *token;
+ if (!td) {
+ td = g_default_trust_domain;
+ if (!td) {
+ /* we're called while still initting. slot will get added
+ * appropriately through normal init processes */
+ return PR_SUCCESS;
+ }
+ }
+ token = nssToken_CreateFromPK11SlotInfo(td, slot);
+ PK11Slot_SetNSSToken(slot, token);
+ /* Don't add nonexistent token to TD's token list */
+ if (token) {
+ NSSRWLock_LockWrite(td->tokensLock);
+ nssList_Add(td->tokenList, token);
+ NSSRWLock_UnlockWrite(td->tokensLock);
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+STAN_ResetTokenInterator(NSSTrustDomain *td)
+{
+ if (!td) {
+ td = g_default_trust_domain;
+ if (!td) {
+ /* we're called while still initting. slot will get added
+ * appropriately through normal init processes */
+ return PR_SUCCESS;
+ }
+ }
+ NSSRWLock_LockWrite(td->tokensLock);
+ nssListIterator_Destroy(td->tokens);
+ td->tokens = nssList_CreateIterator(td->tokenList);
+ NSSRWLock_UnlockWrite(td->tokensLock);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+STAN_LoadDefaultNSS3TrustDomain(
+ void)
+{
+ NSSTrustDomain *td;
+ SECMODModuleList *mlp;
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
+ int i;
+
+ if (g_default_trust_domain || g_default_crypto_context) {
+ /* Stan is already initialized or a previous shutdown failed. */
+ nss_SetError(NSS_ERROR_ALREADY_INITIALIZED);
+ return PR_FAILURE;
+ }
+ td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
+ if (!td) {
+ return PR_FAILURE;
+ }
+ /*
+ * Deadlock warning: we should never acquire the moduleLock while
+ * we hold the tokensLock. We can use the NSSRWLock Rank feature to
+ * guarrentee this. tokensLock have a higher rank than module lock.
+ */
+ td->tokenList = nssList_Create(td->arena, PR_TRUE);
+ if (!td->tokenList) {
+ goto loser;
+ }
+ SECMOD_GetReadLock(moduleLock);
+ NSSRWLock_LockWrite(td->tokensLock);
+ for (mlp = SECMOD_GetDefaultModuleList(); mlp != NULL; mlp = mlp->next) {
+ for (i = 0; i < mlp->module->slotCount; i++) {
+ STAN_InitTokenForSlotInfo(td, mlp->module->slots[i]);
+ }
+ }
+ td->tokens = nssList_CreateIterator(td->tokenList);
+ NSSRWLock_UnlockWrite(td->tokensLock);
+ SECMOD_ReleaseReadLock(moduleLock);
+ if (!td->tokens) {
+ goto loser;
+ }
+ g_default_crypto_context = NSSTrustDomain_CreateCryptoContext(td, NULL);
+ if (!g_default_crypto_context) {
+ goto loser;
+ }
+ g_default_trust_domain = td;
+ return PR_SUCCESS;
+
+loser:
+ NSSTrustDomain_Destroy(td);
+ return PR_FAILURE;
+}
+
+/*
+ * must be called holding the ModuleListLock (either read or write).
+ */
+NSS_IMPLEMENT SECStatus
+STAN_AddModuleToDefaultTrustDomain(
+ SECMODModule *module)
+{
+ NSSTrustDomain *td;
+ int i;
+ td = STAN_GetDefaultTrustDomain();
+ for (i = 0; i < module->slotCount; i++) {
+ STAN_InitTokenForSlotInfo(td, module->slots[i]);
+ }
+ STAN_ResetTokenInterator(td);
+ return SECSuccess;
+}
+
+/*
+ * must be called holding the ModuleListLock (either read or write).
+ */
+NSS_IMPLEMENT SECStatus
+STAN_RemoveModuleFromDefaultTrustDomain(
+ SECMODModule *module)
+{
+ NSSToken *token;
+ NSSTrustDomain *td;
+ int i;
+ td = STAN_GetDefaultTrustDomain();
+ NSSRWLock_LockWrite(td->tokensLock);
+ for (i = 0; i < module->slotCount; i++) {
+ token = PK11Slot_GetNSSToken(module->slots[i]);
+ if (token) {
+ nssToken_NotifyCertsNotVisible(token);
+ nssList_Remove(td->tokenList, token);
+ PK11Slot_SetNSSToken(module->slots[i], NULL);
+ nssToken_Destroy(token);
+ }
+ }
+ nssListIterator_Destroy(td->tokens);
+ td->tokens = nssList_CreateIterator(td->tokenList);
+ NSSRWLock_UnlockWrite(td->tokensLock);
+ return SECSuccess;
+}
+
+NSS_IMPLEMENT PRStatus
+STAN_Shutdown()
+{
+ PRStatus status = PR_SUCCESS;
+ if (g_default_trust_domain) {
+ if (NSSTrustDomain_Destroy(g_default_trust_domain) == PR_SUCCESS) {
+ g_default_trust_domain = NULL;
+ } else {
+ status = PR_FAILURE;
+ }
+ }
+ if (g_default_crypto_context) {
+ if (NSSCryptoContext_Destroy(g_default_crypto_context) == PR_SUCCESS) {
+ g_default_crypto_context = NULL;
+ } else {
+ status = PR_FAILURE;
+ }
+ }
+ return status;
+}
+
+/* this function should not be a hack; it will be needed in 4.0 (rename) */
+NSS_IMPLEMENT NSSItem *
+STAN_GetCertIdentifierFromDER(NSSArena *arenaOpt, NSSDER *der)
+{
+ NSSItem *rvKey;
+ SECItem secDER;
+ SECItem secKey = { 0 };
+ SECStatus secrv;
+ PLArenaPool *arena;
+
+ SECITEM_FROM_NSSITEM(&secDER, der);
+
+ /* nss3 call uses nss3 arena's */
+ arena = PORT_NewArena(256);
+ if (!arena) {
+ return NULL;
+ }
+ secrv = CERT_KeyFromDERCert(arena, &secDER, &secKey);
+ if (secrv != SECSuccess) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ rvKey = nssItem_Create(arenaOpt, NULL, secKey.len, (void *)secKey.data);
+ PORT_FreeArena(arena, PR_FALSE);
+ return rvKey;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der,
+ NSSDER *issuer, NSSDER *serial)
+{
+ SECItem derCert = { 0 };
+ SECItem derIssuer = { 0 };
+ SECItem derSerial = { 0 };
+ SECStatus secrv;
+ derCert.data = (unsigned char *)der->data;
+ derCert.len = der->size;
+ secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
+ if (secrv != SECSuccess) {
+ return PR_FAILURE;
+ }
+ secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
+ if (secrv != SECSuccess) {
+ PORT_Free(derSerial.data);
+ return PR_FAILURE;
+ }
+ issuer->data = derIssuer.data;
+ issuer->size = derIssuer.len;
+ serial->data = derSerial.data;
+ serial->size = derSerial.len;
+ return PR_SUCCESS;
+}
+
+static NSSItem *
+nss3certificate_getIdentifier(nssDecodedCert *dc)
+{
+ NSSItem *rvID;
+ CERTCertificate *c = (CERTCertificate *)dc->data;
+ rvID = nssItem_Create(NULL, NULL, c->certKey.len, c->certKey.data);
+ return rvID;
+}
+
+static void *
+nss3certificate_getIssuerIdentifier(nssDecodedCert *dc)
+{
+ CERTCertificate *c = (CERTCertificate *)dc->data;
+ return (void *)c->authKeyID;
+}
+
+static nssCertIDMatch
+nss3certificate_matchIdentifier(nssDecodedCert *dc, void *id)
+{
+ CERTCertificate *c = (CERTCertificate *)dc->data;
+ CERTAuthKeyID *authKeyID = (CERTAuthKeyID *)id;
+ SECItem skid;
+ nssCertIDMatch match = nssCertIDMatch_Unknown;
+
+ /* keyIdentifier */
+ if (authKeyID->keyID.len > 0 &&
+ CERT_FindSubjectKeyIDExtension(c, &skid) == SECSuccess) {
+ PRBool skiEqual;
+ skiEqual = SECITEM_ItemsAreEqual(&authKeyID->keyID, &skid);
+ PORT_Free(skid.data);
+ if (skiEqual) {
+ /* change the state to positive match, but keep going */
+ match = nssCertIDMatch_Yes;
+ } else {
+ /* exit immediately on failure */
+ return nssCertIDMatch_No;
+ }
+ }
+
+ /* issuer/serial (treated as pair) */
+ if (authKeyID->authCertIssuer) {
+ SECItem *caName = NULL;
+ SECItem *caSN = &authKeyID->authCertSerialNumber;
+
+ caName = (SECItem *)CERT_GetGeneralNameByType(
+ authKeyID->authCertIssuer,
+ certDirectoryName, PR_TRUE);
+ if (caName != NULL &&
+ SECITEM_ItemsAreEqual(&c->derIssuer, caName) &&
+ SECITEM_ItemsAreEqual(&c->serialNumber, caSN)) {
+ match = nssCertIDMatch_Yes;
+ } else {
+ match = nssCertIDMatch_Unknown;
+ }
+ }
+ return match;
+}
+
+static PRBool
+nss3certificate_isValidIssuer(nssDecodedCert *dc)
+{
+ CERTCertificate *c = (CERTCertificate *)dc->data;
+ unsigned int ignore;
+ return CERT_IsCACert(c, &ignore);
+}
+
+static NSSUsage *
+nss3certificate_getUsage(nssDecodedCert *dc)
+{
+ /* CERTCertificate *c = (CERTCertificate *)dc->data; */
+ return NULL;
+}
+
+static PRBool
+nss3certificate_isValidAtTime(nssDecodedCert *dc, NSSTime *time)
+{
+ SECCertTimeValidity validity;
+ CERTCertificate *c = (CERTCertificate *)dc->data;
+ validity = CERT_CheckCertValidTimes(c, NSSTime_GetPRTime(time), PR_TRUE);
+ if (validity == secCertTimeValid) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+static PRBool
+nss3certificate_isNewerThan(nssDecodedCert *dc, nssDecodedCert *cmpdc)
+{
+ /* I know this isn't right, but this is glue code anyway */
+ if (cmpdc->type == dc->type) {
+ CERTCertificate *certa = (CERTCertificate *)dc->data;
+ CERTCertificate *certb = (CERTCertificate *)cmpdc->data;
+ return CERT_IsNewer(certa, certb);
+ }
+ return PR_FALSE;
+}
+
+/* CERT_FilterCertListByUsage */
+static PRBool
+nss3certificate_matchUsage(nssDecodedCert *dc, const NSSUsage *usage)
+{
+ CERTCertificate *cc;
+ unsigned int requiredKeyUsage = 0;
+ unsigned int requiredCertType = 0;
+ SECStatus secrv;
+ PRBool match;
+ PRBool ca;
+
+ /* This is for NSS 3.3 functions that do not specify a usage */
+ if (usage->anyUsage) {
+ return PR_TRUE;
+ }
+ ca = usage->nss3lookingForCA;
+ secrv = CERT_KeyUsageAndTypeForCertUsage(usage->nss3usage, ca,
+ &requiredKeyUsage,
+ &requiredCertType);
+ if (secrv != SECSuccess) {
+ return PR_FALSE;
+ }
+ cc = (CERTCertificate *)dc->data;
+ secrv = CERT_CheckKeyUsage(cc, requiredKeyUsage);
+ match = (PRBool)(secrv == SECSuccess);
+ if (match) {
+ unsigned int certType = 0;
+ if (ca) {
+ (void)CERT_IsCACert(cc, &certType);
+ } else {
+ certType = cc->nsCertType;
+ }
+ if (!(certType & requiredCertType)) {
+ match = PR_FALSE;
+ }
+ }
+ return match;
+}
+
+static PRBool
+nss3certificate_isTrustedForUsage(nssDecodedCert *dc, const NSSUsage *usage)
+{
+ CERTCertificate *cc;
+ PRBool ca;
+ SECStatus secrv;
+ unsigned int requiredFlags;
+ unsigned int trustFlags;
+ SECTrustType trustType;
+ CERTCertTrust trust;
+
+ /* This is for NSS 3.3 functions that do not specify a usage */
+ if (usage->anyUsage) {
+ return PR_FALSE; /* XXX is this right? */
+ }
+ cc = (CERTCertificate *)dc->data;
+ ca = usage->nss3lookingForCA;
+ if (!ca) {
+ PRBool trusted;
+ unsigned int failedFlags;
+ secrv = cert_CheckLeafTrust(cc, usage->nss3usage,
+ &failedFlags, &trusted);
+ return secrv == SECSuccess && trusted;
+ }
+ secrv = CERT_TrustFlagsForCACertUsage(usage->nss3usage, &requiredFlags,
+ &trustType);
+ if (secrv != SECSuccess) {
+ return PR_FALSE;
+ }
+ secrv = CERT_GetCertTrust(cc, &trust);
+ if (secrv != SECSuccess) {
+ return PR_FALSE;
+ }
+ if (trustType == trustTypeNone) {
+ /* normally trustTypeNone usages accept any of the given trust bits
+ * being on as acceptable. */
+ trustFlags = trust.sslFlags | trust.emailFlags |
+ trust.objectSigningFlags;
+ } else {
+ trustFlags = SEC_GET_TRUST_FLAGS(&trust, trustType);
+ }
+ return (trustFlags & requiredFlags) == requiredFlags;
+}
+
+static NSSASCII7 *
+nss3certificate_getEmailAddress(nssDecodedCert *dc)
+{
+ CERTCertificate *cc = (CERTCertificate *)dc->data;
+ return (cc && cc->emailAddr && cc->emailAddr[0])
+ ? (NSSASCII7 *)cc->emailAddr
+ : NULL;
+}
+
+static PRStatus
+nss3certificate_getDERSerialNumber(nssDecodedCert *dc,
+ NSSDER *serial, NSSArena *arena)
+{
+ CERTCertificate *cc = (CERTCertificate *)dc->data;
+ SECItem derSerial = { 0 };
+ SECStatus secrv;
+ secrv = CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
+ if (secrv == SECSuccess) {
+ (void)nssItem_Create(arena, serial, derSerial.len, derSerial.data);
+ PORT_Free(derSerial.data);
+ return PR_SUCCESS;
+ }
+ return PR_FAILURE;
+}
+
+/* Returns NULL if "encoding" cannot be decoded. */
+NSS_IMPLEMENT nssDecodedCert *
+nssDecodedPKIXCertificate_Create(
+ NSSArena *arenaOpt,
+ NSSDER *encoding)
+{
+ nssDecodedCert *rvDC = NULL;
+ CERTCertificate *cert;
+ SECItem secDER;
+
+ SECITEM_FROM_NSSITEM(&secDER, encoding);
+ cert = CERT_DecodeDERCertificate(&secDER, PR_TRUE, NULL);
+ if (cert) {
+ rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
+ if (rvDC) {
+ rvDC->type = NSSCertificateType_PKIX;
+ rvDC->data = (void *)cert;
+ rvDC->getIdentifier = nss3certificate_getIdentifier;
+ rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
+ rvDC->matchIdentifier = nss3certificate_matchIdentifier;
+ rvDC->isValidIssuer = nss3certificate_isValidIssuer;
+ rvDC->getUsage = nss3certificate_getUsage;
+ rvDC->isValidAtTime = nss3certificate_isValidAtTime;
+ rvDC->isNewerThan = nss3certificate_isNewerThan;
+ rvDC->matchUsage = nss3certificate_matchUsage;
+ rvDC->isTrustedForUsage = nss3certificate_isTrustedForUsage;
+ rvDC->getEmailAddress = nss3certificate_getEmailAddress;
+ rvDC->getDERSerialNumber = nss3certificate_getDERSerialNumber;
+ } else {
+ CERT_DestroyCertificate(cert);
+ }
+ }
+ return rvDC;
+}
+
+static nssDecodedCert *
+create_decoded_pkix_cert_from_nss3cert(
+ NSSArena *arenaOpt,
+ CERTCertificate *cc)
+{
+ nssDecodedCert *rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
+ if (rvDC) {
+ rvDC->type = NSSCertificateType_PKIX;
+ rvDC->data = (void *)cc;
+ rvDC->getIdentifier = nss3certificate_getIdentifier;
+ rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
+ rvDC->matchIdentifier = nss3certificate_matchIdentifier;
+ rvDC->isValidIssuer = nss3certificate_isValidIssuer;
+ rvDC->getUsage = nss3certificate_getUsage;
+ rvDC->isValidAtTime = nss3certificate_isValidAtTime;
+ rvDC->isNewerThan = nss3certificate_isNewerThan;
+ rvDC->matchUsage = nss3certificate_matchUsage;
+ rvDC->isTrustedForUsage = nss3certificate_isTrustedForUsage;
+ rvDC->getEmailAddress = nss3certificate_getEmailAddress;
+ rvDC->getDERSerialNumber = nss3certificate_getDERSerialNumber;
+ }
+ return rvDC;
+}
+
+NSS_IMPLEMENT PRStatus
+nssDecodedPKIXCertificate_Destroy(nssDecodedCert *dc)
+{
+ CERTCertificate *cert = (CERTCertificate *)dc->data;
+
+ /* The decoder may only be half initialized (the case where we find we
+ * could not decode the certificate). In this case, there is not cert to
+ * free, just free the dc structure. */
+ if (cert) {
+ PRBool freeSlot = cert->ownSlot;
+ PK11SlotInfo *slot = cert->slot;
+ PLArenaPool *arena = cert->arena;
+ /* zero cert before freeing. Any stale references to this cert
+ * after this point will probably cause an exception. */
+ PORT_Memset(cert, 0, sizeof *cert);
+ /* free the arena that contains the cert. */
+ PORT_FreeArena(arena, PR_FALSE);
+ if (slot && freeSlot) {
+ PK11_FreeSlot(slot);
+ }
+ }
+ nss_ZFreeIf(dc);
+ return PR_SUCCESS;
+}
+
+/* see pk11cert.c:pk11_HandleTrustObject */
+static unsigned int
+get_nss3trust_from_nss4trust(nssTrustLevel t)
+{
+ unsigned int rt = 0;
+ if (t == nssTrustLevel_Trusted) {
+ rt |= CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED;
+ }
+ if (t == nssTrustLevel_TrustedDelegator) {
+ rt |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA;
+ }
+ if (t == nssTrustLevel_NotTrusted) {
+ rt |= CERTDB_TERMINAL_RECORD;
+ }
+ if (t == nssTrustLevel_ValidDelegator) {
+ rt |= CERTDB_VALID_CA;
+ }
+ return rt;
+}
+
+static CERTCertTrust *
+cert_trust_from_stan_trust(NSSTrust *t, PLArenaPool *arena)
+{
+ CERTCertTrust *rvTrust;
+ unsigned int client;
+ if (!t) {
+ return NULL;
+ }
+ rvTrust = PORT_ArenaAlloc(arena, sizeof(CERTCertTrust));
+ if (!rvTrust)
+ return NULL;
+ rvTrust->sslFlags = get_nss3trust_from_nss4trust(t->serverAuth);
+ client = get_nss3trust_from_nss4trust(t->clientAuth);
+ if (client & (CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA)) {
+ client &= ~(CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA);
+ rvTrust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
+ }
+ rvTrust->sslFlags |= client;
+ rvTrust->emailFlags = get_nss3trust_from_nss4trust(t->emailProtection);
+ rvTrust->objectSigningFlags = get_nss3trust_from_nss4trust(t->codeSigning);
+ return rvTrust;
+}
+
+CERTCertTrust *
+nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, CERTCertificate *cc)
+{
+ CERTCertTrust *rvTrust = NULL;
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSTrust *t;
+ t = nssTrustDomain_FindTrustForCertificate(td, c);
+ if (t) {
+ rvTrust = cert_trust_from_stan_trust(t, cc->arena);
+ if (!rvTrust) {
+ nssTrust_Destroy(t);
+ return NULL;
+ }
+ nssTrust_Destroy(t);
+ } else {
+ rvTrust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
+ if (!rvTrust) {
+ return NULL;
+ }
+ memset(rvTrust, 0, sizeof(*rvTrust));
+ }
+ if (NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL)) {
+ rvTrust->sslFlags |= CERTDB_USER;
+ rvTrust->emailFlags |= CERTDB_USER;
+ rvTrust->objectSigningFlags |= CERTDB_USER;
+ }
+ return rvTrust;
+}
+
+static nssCryptokiInstance *
+get_cert_instance(NSSCertificate *c)
+{
+ nssCryptokiObject *instance, **ci;
+ nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
+ if (!instances) {
+ return NULL;
+ }
+ instance = NULL;
+ for (ci = instances; *ci; ci++) {
+ if (!instance) {
+ instance = nssCryptokiObject_Clone(*ci);
+ } else {
+ /* This only really works for two instances... But 3.4 can't
+ * handle more anyway. The logic is, if there are multiple
+ * instances, prefer the one that is not internal (e.g., on
+ * a hardware device.
+ */
+ if (PK11_IsInternal(instance->token->pk11slot)) {
+ nssCryptokiObject_Destroy(instance);
+ instance = nssCryptokiObject_Clone(*ci);
+ }
+ }
+ }
+ nssCryptokiObjectArray_Destroy(instances);
+ return instance;
+}
+
+char *
+STAN_GetCERTCertificateNameForInstance(
+ PLArenaPool *arenaOpt,
+ NSSCertificate *c,
+ nssCryptokiInstance *instance)
+{
+ NSSCryptoContext *context = c->object.cryptoContext;
+ PRStatus nssrv;
+ int nicklen, tokenlen, len;
+ NSSUTF8 *tokenName = NULL;
+ NSSUTF8 *stanNick = NULL;
+ char *nickname = NULL;
+ char *nick;
+
+ if (instance) {
+ stanNick = instance->label;
+ } else if (context) {
+ stanNick = c->object.tempName;
+ }
+ if (stanNick) {
+ /* fill other fields needed by NSS3 functions using CERTCertificate */
+ if (instance && (!PK11_IsInternalKeySlot(instance->token->pk11slot) ||
+ PORT_Strchr(stanNick, ':') != NULL)) {
+ tokenName = nssToken_GetName(instance->token);
+ tokenlen = nssUTF8_Size(tokenName, &nssrv);
+ } else {
+ /* don't use token name for internal slot; 3.3 didn't */
+ tokenlen = 0;
+ }
+ nicklen = nssUTF8_Size(stanNick, &nssrv);
+ len = tokenlen + nicklen;
+ if (arenaOpt) {
+ nickname = PORT_ArenaAlloc(arenaOpt, len);
+ } else {
+ nickname = PORT_Alloc(len);
+ }
+ nick = nickname;
+ if (tokenName) {
+ memcpy(nick, tokenName, tokenlen - 1);
+ nick += tokenlen - 1;
+ *nick++ = ':';
+ }
+ memcpy(nick, stanNick, nicklen - 1);
+ nickname[len - 1] = '\0';
+ }
+ return nickname;
+}
+
+char *
+STAN_GetCERTCertificateName(PLArenaPool *arenaOpt, NSSCertificate *c)
+{
+ char *result;
+ nssCryptokiInstance *instance = get_cert_instance(c);
+ /* It's OK to call this function, even if instance is NULL */
+ result = STAN_GetCERTCertificateNameForInstance(arenaOpt, c, instance);
+ if (instance)
+ nssCryptokiObject_Destroy(instance);
+ return result;
+}
+
+static void
+fill_CERTCertificateFields(NSSCertificate *c, CERTCertificate *cc, PRBool forced)
+{
+ CERTCertTrust *trust = NULL;
+ NSSTrust *nssTrust;
+ NSSCryptoContext *context = c->object.cryptoContext;
+ nssCryptokiInstance *instance;
+ NSSUTF8 *stanNick = NULL;
+
+ /* We are holding the base class object's lock on entry of this function
+ * This lock protects writes to fields of the CERTCertificate .
+ * It is also needed by some functions to compute values such as trust.
+ */
+ instance = get_cert_instance(c);
+
+ if (instance) {
+ stanNick = instance->label;
+ } else if (context) {
+ stanNick = c->object.tempName;
+ }
+ /* fill other fields needed by NSS3 functions using CERTCertificate */
+ if ((!cc->nickname && stanNick) || forced) {
+ PRStatus nssrv;
+ int nicklen, tokenlen, len;
+ NSSUTF8 *tokenName = NULL;
+ char *nick;
+ if (instance &&
+ (!PK11_IsInternalKeySlot(instance->token->pk11slot) ||
+ (stanNick && PORT_Strchr(stanNick, ':') != NULL))) {
+ tokenName = nssToken_GetName(instance->token);
+ tokenlen = nssUTF8_Size(tokenName, &nssrv);
+ } else {
+ /* don't use token name for internal slot; 3.3 didn't */
+ tokenlen = 0;
+ }
+ if (stanNick) {
+ nicklen = nssUTF8_Size(stanNick, &nssrv);
+ len = tokenlen + nicklen;
+ nick = PORT_ArenaAlloc(cc->arena, len);
+ if (tokenName) {
+ memcpy(nick, tokenName, tokenlen - 1);
+ nick[tokenlen - 1] = ':';
+ memcpy(nick + tokenlen, stanNick, nicklen - 1);
+ } else {
+ memcpy(nick, stanNick, nicklen - 1);
+ }
+ nick[len - 1] = '\0';
+ cc->nickname = nick;
+ } else {
+ cc->nickname = NULL;
+ }
+ }
+ if (context) {
+ /* trust */
+ nssTrust = nssCryptoContext_FindTrustForCertificate(context, c);
+ if (!nssTrust) {
+ /* chicken and egg issue:
+ *
+ * c->issuer and c->serial are empty at this point, but
+ * nssTrustDomain_FindTrustForCertificate use them to look up
+ * up the trust object, so we point them to cc->derIssuer and
+ * cc->serialNumber.
+ *
+ * Our caller will fill these in with proper arena copies when we
+ * return. */
+ c->issuer.data = cc->derIssuer.data;
+ c->issuer.size = cc->derIssuer.len;
+ c->serial.data = cc->serialNumber.data;
+ c->serial.size = cc->serialNumber.len;
+ nssTrust = nssTrustDomain_FindTrustForCertificate(context->td, c);
+ }
+ if (nssTrust) {
+ trust = cert_trust_from_stan_trust(nssTrust, cc->arena);
+ if (trust) {
+ /* we should destroy cc->trust before replacing it, but it's
+ allocated in cc->arena, so memory growth will occur on each
+ refresh */
+ CERT_LockCertTrust(cc);
+ cc->trust = trust;
+ CERT_UnlockCertTrust(cc);
+ }
+ nssTrust_Destroy(nssTrust);
+ }
+ } else if (instance) {
+ /* slot */
+ if (cc->slot != instance->token->pk11slot) {
+ if (cc->slot) {
+ PK11_FreeSlot(cc->slot);
+ }
+ cc->slot = PK11_ReferenceSlot(instance->token->pk11slot);
+ }
+ cc->ownSlot = PR_TRUE;
+ /* pkcs11ID */
+ cc->pkcs11ID = instance->handle;
+ /* trust */
+ trust = nssTrust_GetCERTCertTrustForCert(c, cc);
+ if (trust) {
+ /* we should destroy cc->trust before replacing it, but it's
+ allocated in cc->arena, so memory growth will occur on each
+ refresh */
+ CERT_LockCertTrust(cc);
+ cc->trust = trust;
+ CERT_UnlockCertTrust(cc);
+ }
+ }
+ if (instance) {
+ nssCryptokiObject_Destroy(instance);
+ }
+ /* database handle is now the trust domain */
+ cc->dbhandle = c->object.trustDomain;
+ /* subjectList ? */
+ /* istemp and isperm are supported in NSS 3.4 */
+ cc->istemp = PR_FALSE; /* CERT_NewTemp will override this */
+ cc->isperm = PR_TRUE; /* by default */
+ /* pointer back */
+ cc->nssCertificate = c;
+ if (trust) {
+ /* force the cert type to be recomputed to include trust info */
+ PRUint32 nsCertType = cert_ComputeCertType(cc);
+
+ /* Assert that it is safe to cast &cc->nsCertType to "PRInt32 *" */
+ PORT_Assert(sizeof(cc->nsCertType) == sizeof(PRInt32));
+ PR_ATOMIC_SET((PRInt32 *)&cc->nsCertType, nsCertType);
+ }
+}
+
+static CERTCertificate *
+stan_GetCERTCertificate(NSSCertificate *c, PRBool forceUpdate)
+{
+ nssDecodedCert *dc = NULL;
+ CERTCertificate *cc = NULL;
+ CERTCertTrust certTrust;
+
+ /* make sure object does not go away until we finish */
+ nssPKIObject_AddRef(&c->object);
+ nssPKIObject_Lock(&c->object);
+
+ dc = c->decoding;
+ if (!dc) {
+ dc = nssDecodedPKIXCertificate_Create(NULL, &c->encoding);
+ if (!dc) {
+ goto loser;
+ }
+ cc = (CERTCertificate *)dc->data;
+ PORT_Assert(cc); /* software error */
+ if (!cc) {
+ nssDecodedPKIXCertificate_Destroy(dc);
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR);
+ goto loser;
+ }
+ PORT_Assert(!c->decoding);
+ if (!c->decoding) {
+ c->decoding = dc;
+ } else {
+ /* this should never happen. Fail. */
+ nssDecodedPKIXCertificate_Destroy(dc);
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR);
+ goto loser;
+ }
+ }
+ cc = (CERTCertificate *)dc->data;
+ PORT_Assert(cc);
+ if (!cc) {
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR);
+ goto loser;
+ }
+ if (!cc->nssCertificate || forceUpdate) {
+ fill_CERTCertificateFields(c, cc, forceUpdate);
+ } else if (CERT_GetCertTrust(cc, &certTrust) != SECSuccess &&
+ !c->object.cryptoContext) {
+ /* if it's a perm cert, it might have been stored before the
+ * trust, so look for the trust again. But a temp cert can be
+ * ignored.
+ */
+ CERTCertTrust *trust = NULL;
+ trust = nssTrust_GetCERTCertTrustForCert(c, cc);
+
+ CERT_LockCertTrust(cc);
+ cc->trust = trust;
+ CERT_UnlockCertTrust(cc);
+ }
+
+loser:
+ nssPKIObject_Unlock(&c->object);
+ nssPKIObject_Destroy(&c->object);
+ return cc;
+}
+
+NSS_IMPLEMENT CERTCertificate *
+STAN_ForceCERTCertificateUpdate(NSSCertificate *c)
+{
+ if (c->decoding) {
+ return stan_GetCERTCertificate(c, PR_TRUE);
+ }
+ return NULL;
+}
+
+NSS_IMPLEMENT CERTCertificate *
+STAN_GetCERTCertificate(NSSCertificate *c)
+{
+ return stan_GetCERTCertificate(c, PR_FALSE);
+}
+/*
+ * many callers of STAN_GetCERTCertificate() intend that
+ * the CERTCertificate returned inherits the reference to the
+ * NSSCertificate. For these callers it's convenient to have
+ * this function 'own' the reference and either return a valid
+ * CERTCertificate structure which inherits the reference or
+ * destroy the reference to NSSCertificate and returns NULL.
+ */
+NSS_IMPLEMENT CERTCertificate *
+STAN_GetCERTCertificateOrRelease(NSSCertificate *c)
+{
+ CERTCertificate *nss3cert = stan_GetCERTCertificate(c, PR_FALSE);
+ if (!nss3cert) {
+ nssCertificate_Destroy(c);
+ }
+ return nss3cert;
+}
+
+static nssTrustLevel
+get_stan_trust(unsigned int t, PRBool isClientAuth)
+{
+ if (isClientAuth) {
+ if (t & CERTDB_TRUSTED_CLIENT_CA) {
+ return nssTrustLevel_TrustedDelegator;
+ }
+ } else {
+ if (t & CERTDB_TRUSTED_CA || t & CERTDB_NS_TRUSTED_CA) {
+ return nssTrustLevel_TrustedDelegator;
+ }
+ }
+ if (t & CERTDB_TRUSTED) {
+ return nssTrustLevel_Trusted;
+ }
+ if (t & CERTDB_TERMINAL_RECORD) {
+ return nssTrustLevel_NotTrusted;
+ }
+ if (t & CERTDB_VALID_CA) {
+ return nssTrustLevel_ValidDelegator;
+ }
+ return nssTrustLevel_MustVerify;
+}
+
+NSS_EXTERN NSSCertificate *
+STAN_GetNSSCertificate(CERTCertificate *cc)
+{
+ NSSCertificate *c;
+ nssCryptokiInstance *instance;
+ nssPKIObject *pkiob;
+ NSSArena *arena;
+ c = cc->nssCertificate;
+ if (c) {
+ return c;
+ }
+ /* i don't think this should happen. but if it can, need to create
+ * NSSCertificate from CERTCertificate values here. */
+ /* Yup, it can happen. */
+ arena = NSSArena_Create();
+ if (!arena) {
+ return NULL;
+ }
+ c = nss_ZNEW(arena, NSSCertificate);
+ if (!c) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ NSSITEM_FROM_SECITEM(&c->encoding, &cc->derCert);
+ c->type = NSSCertificateType_PKIX;
+ pkiob = nssPKIObject_Create(arena, NULL, cc->dbhandle, NULL, nssPKIMonitor);
+ if (!pkiob) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ c->object = *pkiob;
+ nssItem_Create(arena,
+ &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
+ nssItem_Create(arena,
+ &c->subject, cc->derSubject.len, cc->derSubject.data);
+ if (PR_TRUE) {
+ /* CERTCertificate stores serial numbers decoded. I need the DER
+ * here. sigh.
+ */
+ SECItem derSerial;
+ SECStatus secrv;
+ secrv = CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
+ if (secrv == SECFailure) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ nssItem_Create(arena, &c->serial, derSerial.len, derSerial.data);
+ PORT_Free(derSerial.data);
+ }
+ if (cc->emailAddr && cc->emailAddr[0]) {
+ c->email = nssUTF8_Create(arena,
+ nssStringType_PrintableString,
+ (NSSUTF8 *)cc->emailAddr,
+ PORT_Strlen(cc->emailAddr));
+ }
+ if (cc->slot) {
+ instance = nss_ZNEW(arena, nssCryptokiInstance);
+ if (!instance) {
+ nssArena_Destroy(arena);
+ return NULL;
+ }
+ instance->token = nssToken_AddRef(PK11Slot_GetNSSToken(cc->slot));
+ instance->handle = cc->pkcs11ID;
+ instance->isTokenObject = PR_TRUE;
+ if (cc->nickname) {
+ instance->label = nssUTF8_Create(arena,
+ nssStringType_UTF8String,
+ (NSSUTF8 *)cc->nickname,
+ PORT_Strlen(cc->nickname));
+ }
+ nssPKIObject_AddInstance(&c->object, instance);
+ }
+ c->decoding = create_decoded_pkix_cert_from_nss3cert(NULL, cc);
+ cc->nssCertificate = c;
+ return c;
+}
+
+static NSSToken *
+stan_GetTrustToken(
+ NSSCertificate *c)
+{
+ NSSToken *ttok = NULL;
+ NSSToken *rtok = NULL;
+ NSSToken *tok = NULL;
+ nssCryptokiObject **ip;
+ nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
+ if (!instances) {
+ return PR_FALSE;
+ }
+ for (ip = instances; *ip; ip++) {
+ nssCryptokiObject *instance = *ip;
+ nssCryptokiObject *to =
+ nssToken_FindTrustForCertificate(instance->token, NULL,
+ &c->encoding, &c->issuer, &c->serial,
+ nssTokenSearchType_TokenOnly);
+ NSSToken *ctok = instance->token;
+ PRBool ro = PK11_IsReadOnly(ctok->pk11slot);
+
+ if (to) {
+ nssCryptokiObject_Destroy(to);
+ ttok = ctok;
+ if (!ro) {
+ break;
+ }
+ } else {
+ if (!rtok && ro) {
+ rtok = ctok;
+ }
+ if (!tok && !ro) {
+ tok = ctok;
+ }
+ }
+ }
+ nssCryptokiObjectArray_Destroy(instances);
+ return ttok ? ttok : (tok ? tok : rtok);
+}
+
+NSS_EXTERN PRStatus
+STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust)
+{
+ PRStatus nssrv;
+ NSSCertificate *c = STAN_GetNSSCertificate(cc);
+ NSSToken *tok;
+ NSSTrustDomain *td;
+ NSSTrust *nssTrust;
+ NSSArena *arena;
+ CERTCertTrust *oldTrust;
+ CERTCertTrust *newTrust;
+ nssListIterator *tokens;
+ PRBool moving_object;
+ nssCryptokiObject *newInstance;
+ nssPKIObject *pkiob;
+
+ if (c == NULL) {
+ return PR_FAILURE;
+ }
+ oldTrust = nssTrust_GetCERTCertTrustForCert(c, cc);
+ if (oldTrust) {
+ if (memcmp(oldTrust, trust, sizeof(CERTCertTrust)) == 0) {
+ /* ... and the new trust is no different, done) */
+ return PR_SUCCESS;
+ } else {
+ /* take over memory already allocated in cc's arena */
+ newTrust = oldTrust;
+ }
+ } else {
+ newTrust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
+ }
+ memcpy(newTrust, trust, sizeof(CERTCertTrust));
+ CERT_LockCertTrust(cc);
+ cc->trust = newTrust;
+ CERT_UnlockCertTrust(cc);
+ /* Set the NSSCerticate's trust */
+ arena = nssArena_Create();
+ if (!arena)
+ return PR_FAILURE;
+ nssTrust = nss_ZNEW(arena, NSSTrust);
+ if (!nssTrust) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ pkiob = nssPKIObject_Create(arena, NULL, cc->dbhandle, NULL, nssPKILock);
+ if (!pkiob) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ nssTrust->object = *pkiob;
+ nssTrust->certificate = c;
+ nssTrust->serverAuth = get_stan_trust(trust->sslFlags, PR_FALSE);
+ nssTrust->clientAuth = get_stan_trust(trust->sslFlags, PR_TRUE);
+ nssTrust->emailProtection = get_stan_trust(trust->emailFlags, PR_FALSE);
+ nssTrust->codeSigning = get_stan_trust(trust->objectSigningFlags, PR_FALSE);
+ nssTrust->stepUpApproved =
+ (PRBool)(trust->sslFlags & CERTDB_GOVT_APPROVED_CA);
+ if (c->object.cryptoContext != NULL) {
+ /* The cert is in a context, set the trust there */
+ NSSCryptoContext *cc = c->object.cryptoContext;
+ nssrv = nssCryptoContext_ImportTrust(cc, nssTrust);
+ if (nssrv != PR_SUCCESS) {
+ goto done;
+ }
+ if (c->object.numInstances == 0) {
+ /* The context is the only instance, finished */
+ goto done;
+ }
+ }
+ td = STAN_GetDefaultTrustDomain();
+ tok = stan_GetTrustToken(c);
+ moving_object = PR_FALSE;
+ if (tok && PK11_IsReadOnly(tok->pk11slot)) {
+ NSSRWLock_LockRead(td->tokensLock);
+ tokens = nssList_CreateIterator(td->tokenList);
+ if (!tokens) {
+ nssrv = PR_FAILURE;
+ NSSRWLock_UnlockRead(td->tokensLock);
+ goto done;
+ }
+ for (tok = (NSSToken *)nssListIterator_Start(tokens);
+ tok != (NSSToken *)NULL;
+ tok = (NSSToken *)nssListIterator_Next(tokens)) {
+ if (!PK11_IsReadOnly(tok->pk11slot))
+ break;
+ }
+ nssListIterator_Finish(tokens);
+ nssListIterator_Destroy(tokens);
+ NSSRWLock_UnlockRead(td->tokensLock);
+ moving_object = PR_TRUE;
+ }
+ if (tok) {
+ if (moving_object) {
+ /* this is kind of hacky. the softoken needs the cert
+ * object in order to store trust. forcing it to be perm
+ */
+ NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
+ NSSASCII7 *email = NULL;
+
+ if (PK11_IsInternal(tok->pk11slot)) {
+ email = c->email;
+ }
+ newInstance = nssToken_ImportCertificate(tok, NULL,
+ NSSCertificateType_PKIX,
+ &c->id,
+ nickname,
+ &c->encoding,
+ &c->issuer,
+ &c->subject,
+ &c->serial,
+ email,
+ PR_TRUE);
+ nss_ZFreeIf(nickname);
+ nickname = NULL;
+ if (!newInstance) {
+ nssrv = PR_FAILURE;
+ goto done;
+ }
+ nssPKIObject_AddInstance(&c->object, newInstance);
+ }
+ newInstance = nssToken_ImportTrust(tok, NULL, &c->encoding,
+ &c->issuer, &c->serial,
+ nssTrust->serverAuth,
+ nssTrust->clientAuth,
+ nssTrust->codeSigning,
+ nssTrust->emailProtection,
+ nssTrust->stepUpApproved, PR_TRUE);
+ /* If the selected token can't handle trust, dump the trust on
+ * the internal token */
+ if (!newInstance && !PK11_IsInternalKeySlot(tok->pk11slot)) {
+ PK11SlotInfo *slot = PK11_GetInternalKeySlot();
+ NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
+ NSSASCII7 *email = c->email;
+ tok = PK11Slot_GetNSSToken(slot);
+ PK11_FreeSlot(slot);
+
+ newInstance = nssToken_ImportCertificate(tok, NULL,
+ NSSCertificateType_PKIX,
+ &c->id,
+ nickname,
+ &c->encoding,
+ &c->issuer,
+ &c->subject,
+ &c->serial,
+ email,
+ PR_TRUE);
+ nss_ZFreeIf(nickname);
+ nickname = NULL;
+ if (!newInstance) {
+ nssrv = PR_FAILURE;
+ goto done;
+ }
+ nssPKIObject_AddInstance(&c->object, newInstance);
+ newInstance = nssToken_ImportTrust(tok, NULL, &c->encoding,
+ &c->issuer, &c->serial,
+ nssTrust->serverAuth,
+ nssTrust->clientAuth,
+ nssTrust->codeSigning,
+ nssTrust->emailProtection,
+ nssTrust->stepUpApproved, PR_TRUE);
+ }
+ if (newInstance) {
+ nssCryptokiObject_Destroy(newInstance);
+ nssrv = PR_SUCCESS;
+ } else {
+ nssrv = PR_FAILURE;
+ }
+ } else {
+ nssrv = PR_FAILURE;
+ }
+done:
+ (void)nssTrust_Destroy(nssTrust);
+ return nssrv;
+}
+
+/*
+** Delete trust objects matching the given slot.
+** Returns error if a device fails to delete.
+**
+** This function has the side effect of moving the
+** surviving entries to the front of the object list
+** and nullifying the rest.
+*/
+static PRStatus
+DeleteCertTrustMatchingSlot(PK11SlotInfo *pk11slot, nssPKIObject *tObject)
+{
+ int numNotDestroyed = 0; /* the ones skipped plus the failures */
+ int failureCount = 0; /* actual deletion failures by devices */
+ unsigned int index;
+
+ nssPKIObject_AddRef(tObject);
+ nssPKIObject_Lock(tObject);
+ /* Keep going even if a module fails to delete. */
+ for (index = 0; index < tObject->numInstances; index++) {
+ nssCryptokiObject *instance = tObject->instances[index];
+ if (!instance) {
+ continue;
+ }
+
+ /* ReadOnly and not matched treated the same */
+ if (PK11_IsReadOnly(instance->token->pk11slot) ||
+ pk11slot != instance->token->pk11slot) {
+ tObject->instances[numNotDestroyed++] = instance;
+ continue;
+ }
+
+ /* Here we have found a matching one */
+ tObject->instances[index] = NULL;
+ if (nssToken_DeleteStoredObject(instance) == PR_SUCCESS) {
+ nssCryptokiObject_Destroy(instance);
+ } else {
+ tObject->instances[numNotDestroyed++] = instance;
+ failureCount++;
+ }
+ }
+ if (numNotDestroyed == 0) {
+ nss_ZFreeIf(tObject->instances);
+ tObject->numInstances = 0;
+ } else {
+ tObject->numInstances = numNotDestroyed;
+ }
+
+ nssPKIObject_Unlock(tObject);
+ nssPKIObject_Destroy(tObject);
+
+ return failureCount == 0 ? PR_SUCCESS : PR_FAILURE;
+}
+
+/*
+** Delete trust objects matching the slot of the given certificate.
+** Returns an error if any device fails to delete.
+*/
+NSS_EXTERN PRStatus
+STAN_DeleteCertTrustMatchingSlot(NSSCertificate *c)
+{
+ PRStatus nssrv = PR_SUCCESS;
+
+ unsigned int i;
+ nssPKIObject *tobject = NULL;
+ nssPKIObject *cobject = &c->object;
+
+ NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
+ NSSTrust *nssTrust = nssTrustDomain_FindTrustForCertificate(td, c);
+ if (!nssTrust) {
+ return PR_FAILURE;
+ }
+
+ tobject = &nssTrust->object;
+
+ /* Iterate through the cert and trust object instances looking for
+ * those with matching pk11 slots to delete. Even if some device
+ * can't delete we keep going. Keeping a status variable for the
+ * loop so that once it's failed the other gets set.
+ */
+ NSSRWLock_LockRead(td->tokensLock);
+ nssPKIObject_AddRef(cobject);
+ nssPKIObject_Lock(cobject);
+ for (i = 0; i < cobject->numInstances; i++) {
+ nssCryptokiObject *cInstance = cobject->instances[i];
+ if (cInstance && !PK11_IsReadOnly(cInstance->token->pk11slot)) {
+ PRStatus status;
+ if (!tobject->numInstances || !tobject->instances)
+ continue;
+ status = DeleteCertTrustMatchingSlot(cInstance->token->pk11slot, tobject);
+ if (status == PR_FAILURE) {
+ /* set the outer one but keep going */
+ nssrv = PR_FAILURE;
+ }
+ }
+ }
+ nssTrust_Destroy(nssTrust);
+ nssPKIObject_Unlock(cobject);
+ nssPKIObject_Destroy(cobject);
+ NSSRWLock_UnlockRead(td->tokensLock);
+ return nssrv;
+}
+
+/* CERT_TraversePermCertsForSubject */
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_TraverseCertificatesBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg)
+{
+ PRStatus nssrv = PR_SUCCESS;
+ NSSArena *tmpArena;
+ NSSCertificate **subjectCerts;
+ NSSCertificate *c;
+ PRIntn i;
+ tmpArena = NSSArena_Create();
+ if (!tmpArena) {
+ return PR_FAILURE;
+ }
+ subjectCerts = NSSTrustDomain_FindCertificatesBySubject(td, subject, NULL,
+ 0, tmpArena);
+ if (subjectCerts) {
+ for (i = 0, c = subjectCerts[i]; c; i++) {
+ nssrv = callback(c, arg);
+ if (nssrv != PR_SUCCESS)
+ break;
+ }
+ }
+ nssArena_Destroy(tmpArena);
+ return nssrv;
+}
+
+/* CERT_TraversePermCertsForNickname */
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_TraverseCertificatesByNickname(
+ NSSTrustDomain *td,
+ NSSUTF8 *nickname,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg)
+{
+ PRStatus nssrv = PR_SUCCESS;
+ NSSArena *tmpArena;
+ NSSCertificate **nickCerts;
+ NSSCertificate *c;
+ PRIntn i;
+ tmpArena = NSSArena_Create();
+ if (!tmpArena) {
+ return PR_FAILURE;
+ }
+ nickCerts = NSSTrustDomain_FindCertificatesByNickname(td, nickname, NULL,
+ 0, tmpArena);
+ if (nickCerts) {
+ for (i = 0, c = nickCerts[i]; c; i++) {
+ nssrv = callback(c, arg);
+ if (nssrv != PR_SUCCESS)
+ break;
+ }
+ }
+ nssArena_Destroy(tmpArena);
+ return nssrv;
+}
+
+static void
+cert_dump_iter(const void *k, void *v, void *a)
+{
+ NSSCertificate *c = (NSSCertificate *)k;
+ CERTCertificate *cert = STAN_GetCERTCertificate(c);
+ printf("[%2d] \"%s\"\n", c->object.refCount, cert->subjectName);
+}
+
+void
+nss_DumpCertificateCacheInfo()
+{
+ NSSTrustDomain *td;
+ NSSCryptoContext *cc;
+ td = STAN_GetDefaultTrustDomain();
+ cc = STAN_GetDefaultCryptoContext();
+ printf("\n\nCertificates in the cache:\n");
+ nssTrustDomain_DumpCacheInfo(td, cert_dump_iter, NULL);
+ printf("\n\nCertificates in the temporary store:\n");
+ if (cc->certStore) {
+ nssCertificateStore_DumpStoreInfo(cc->certStore, cert_dump_iter, NULL);
+ }
+}
diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h
new file mode 100644
index 000000000..818872a8b
--- /dev/null
+++ b/security/nss/lib/pki/pki3hack.h
@@ -0,0 +1,149 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKINSS3HACK_H
+#define PKINSS3HACK_H
+
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
+#ifndef DEVT_H
+#include "devt.h"
+#endif /* DEVT_H */
+
+#ifndef NSSPKIT_H
+#include "nsspkit.h"
+#endif /* NSSPKIT_H */
+
+#include "base.h"
+
+#include "cert.h"
+
+PR_BEGIN_EXTERN_C
+
+#define NSSITEM_FROM_SECITEM(nssit, secit) \
+ (nssit)->data = (void *)(secit)->data; \
+ (nssit)->size = (PRUint32)(secit)->len;
+
+#define SECITEM_FROM_NSSITEM(secit, nssit) \
+ (secit)->data = (unsigned char *)(nssit)->data; \
+ (secit)->len = (unsigned int)(nssit)->size;
+
+NSS_EXTERN NSSTrustDomain *
+STAN_GetDefaultTrustDomain();
+
+NSS_EXTERN NSSCryptoContext *
+STAN_GetDefaultCryptoContext();
+
+NSS_EXTERN PRStatus
+STAN_InitTokenForSlotInfo(NSSTrustDomain *td, PK11SlotInfo *slot);
+
+NSS_EXTERN PRStatus
+STAN_ResetTokenInterator(NSSTrustDomain *td);
+
+NSS_EXTERN PRStatus
+STAN_LoadDefaultNSS3TrustDomain(void);
+
+NSS_EXTERN PRStatus
+STAN_Shutdown();
+
+NSS_EXTERN SECStatus
+STAN_AddModuleToDefaultTrustDomain(SECMODModule *module);
+
+NSS_EXTERN SECStatus
+STAN_RemoveModuleFromDefaultTrustDomain(SECMODModule *module);
+
+NSS_EXTERN CERTCertificate *
+STAN_ForceCERTCertificateUpdate(NSSCertificate *c);
+
+NSS_EXTERN CERTCertificate *
+STAN_GetCERTCertificate(NSSCertificate *c);
+
+NSS_EXTERN CERTCertificate *
+STAN_GetCERTCertificateOrRelease(NSSCertificate *c);
+
+NSS_EXTERN NSSCertificate *
+STAN_GetNSSCertificate(CERTCertificate *c);
+
+NSS_EXTERN CERTCertTrust *
+nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, CERTCertificate *cc);
+
+NSS_EXTERN PRStatus
+STAN_DeleteCertTrustMatchingSlot(NSSCertificate *c);
+
+NSS_EXTERN PRStatus
+STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust);
+
+NSS_EXTERN PRStatus
+nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der,
+ NSSDER *issuer, NSSDER *serial);
+
+NSS_EXTERN char *
+STAN_GetCERTCertificateName(PLArenaPool *arenaOpt, NSSCertificate *c);
+
+NSS_EXTERN char *
+STAN_GetCERTCertificateNameForInstance(PLArenaPool *arenaOpt,
+ NSSCertificate *c,
+ nssCryptokiInstance *instance);
+
+/* exposing this */
+NSS_EXTERN NSSCertificate *
+NSSCertificate_Create(NSSArena *arenaOpt);
+
+/* This function is being put here because it is a hack for
+ * PK11_FindCertFromNickname.
+ */
+NSS_EXTERN NSSCertificate *
+nssTrustDomain_FindBestCertificateByNicknameForToken(
+ NSSTrustDomain *td,
+ NSSToken *token,
+ NSSUTF8 *name,
+ NSSTime *timeOpt, /* NULL for "now" */
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt /* NULL for none */
+ );
+
+/* This function is being put here because it is a hack for
+ * PK11_FindCertsFromNickname.
+ */
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_FindCertificatesByNicknameForToken(
+ NSSTrustDomain *td,
+ NSSToken *token,
+ NSSUTF8 *name,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt);
+
+/* CERT_TraversePermCertsForSubject */
+NSS_EXTERN PRStatus
+nssTrustDomain_TraverseCertificatesBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg);
+
+/* CERT_TraversePermCertsForNickname */
+NSS_EXTERN PRStatus
+nssTrustDomain_TraverseCertificatesByNickname(
+ NSSTrustDomain *td,
+ NSSUTF8 *nickname,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg);
+
+/* SEC_TraversePermCerts */
+NSS_EXTERN PRStatus
+nssTrustDomain_TraverseCertificates(
+ NSSTrustDomain *td,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg);
+
+/* CERT_AddTempCertToPerm */
+NSS_EXTERN PRStatus
+nssTrustDomain_AddTempCertToPerm(NSSCertificate *c);
+
+PR_END_EXTERN_C
+
+#endif /* PKINSS3HACK_H */
diff --git a/security/nss/lib/pki/pkibase.c b/security/nss/lib/pki/pkibase.c
new file mode 100644
index 000000000..4082a37bd
--- /dev/null
+++ b/security/nss/lib/pki/pkibase.c
@@ -0,0 +1,1222 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEV_H
+#include "dev.h"
+#endif /* DEV_H */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#include "pki3hack.h"
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+NSS_IMPLEMENT void
+nssPKIObject_Lock(nssPKIObject *object)
+{
+ switch (object->lockType) {
+ case nssPKIMonitor:
+ PZ_EnterMonitor(object->sync.mlock);
+ break;
+ case nssPKILock:
+ PZ_Lock(object->sync.lock);
+ break;
+ default:
+ PORT_Assert(0);
+ }
+}
+
+NSS_IMPLEMENT void
+nssPKIObject_Unlock(nssPKIObject *object)
+{
+ switch (object->lockType) {
+ case nssPKIMonitor:
+ PZ_ExitMonitor(object->sync.mlock);
+ break;
+ case nssPKILock:
+ PZ_Unlock(object->sync.lock);
+ break;
+ default:
+ PORT_Assert(0);
+ }
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObject_NewLock(nssPKIObject *object, nssPKILockType lockType)
+{
+ object->lockType = lockType;
+ switch (lockType) {
+ case nssPKIMonitor:
+ object->sync.mlock = PZ_NewMonitor(nssILockSSL);
+ return (object->sync.mlock ? PR_SUCCESS : PR_FAILURE);
+ case nssPKILock:
+ object->sync.lock = PZ_NewLock(nssILockSSL);
+ return (object->sync.lock ? PR_SUCCESS : PR_FAILURE);
+ default:
+ PORT_Assert(0);
+ return PR_FAILURE;
+ }
+}
+
+NSS_IMPLEMENT void
+nssPKIObject_DestroyLock(nssPKIObject *object)
+{
+ switch (object->lockType) {
+ case nssPKIMonitor:
+ PZ_DestroyMonitor(object->sync.mlock);
+ object->sync.mlock = NULL;
+ break;
+ case nssPKILock:
+ PZ_DestroyLock(object->sync.lock);
+ object->sync.lock = NULL;
+ break;
+ default:
+ PORT_Assert(0);
+ }
+}
+
+NSS_IMPLEMENT nssPKIObject *
+nssPKIObject_Create(
+ NSSArena *arenaOpt,
+ nssCryptokiObject *instanceOpt,
+ NSSTrustDomain *td,
+ NSSCryptoContext *cc,
+ nssPKILockType lockType)
+{
+ NSSArena *arena;
+ nssArenaMark *mark = NULL;
+ nssPKIObject *object;
+ if (arenaOpt) {
+ arena = arenaOpt;
+ mark = nssArena_Mark(arena);
+ } else {
+ arena = nssArena_Create();
+ if (!arena) {
+ return (nssPKIObject *)NULL;
+ }
+ }
+ object = nss_ZNEW(arena, nssPKIObject);
+ if (!object) {
+ goto loser;
+ }
+ object->arena = arena;
+ object->trustDomain = td; /* XXX */
+ object->cryptoContext = cc;
+ if (PR_SUCCESS != nssPKIObject_NewLock(object, lockType)) {
+ goto loser;
+ }
+ if (instanceOpt) {
+ if (nssPKIObject_AddInstance(object, instanceOpt) != PR_SUCCESS) {
+ goto loser;
+ }
+ }
+ PR_ATOMIC_INCREMENT(&object->refCount);
+ if (mark) {
+ nssArena_Unmark(arena, mark);
+ }
+ return object;
+loser:
+ if (mark) {
+ nssArena_Release(arena, mark);
+ } else {
+ nssArena_Destroy(arena);
+ }
+ return (nssPKIObject *)NULL;
+}
+
+NSS_IMPLEMENT PRBool
+nssPKIObject_Destroy(
+ nssPKIObject *object)
+{
+ PRUint32 i;
+ PR_ASSERT(object->refCount > 0);
+ if (PR_ATOMIC_DECREMENT(&object->refCount) == 0) {
+ for (i = 0; i < object->numInstances; i++) {
+ nssCryptokiObject_Destroy(object->instances[i]);
+ }
+ nssPKIObject_DestroyLock(object);
+ nssArena_Destroy(object->arena);
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+NSS_IMPLEMENT nssPKIObject *
+nssPKIObject_AddRef(
+ nssPKIObject *object)
+{
+ PR_ATOMIC_INCREMENT(&object->refCount);
+ return object;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObject_AddInstance(
+ nssPKIObject *object,
+ nssCryptokiObject *instance)
+{
+ nssCryptokiObject **newInstances = NULL;
+
+ nssPKIObject_Lock(object);
+ if (object->numInstances == 0) {
+ newInstances = nss_ZNEWARRAY(object->arena,
+ nssCryptokiObject *,
+ object->numInstances + 1);
+ } else {
+ PRBool found = PR_FALSE;
+ PRUint32 i;
+ for (i = 0; i < object->numInstances; i++) {
+ if (nssCryptokiObject_Equal(object->instances[i], instance)) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+ if (found) {
+ /* The new instance is identical to one in the array, except
+ * perhaps that the label may be different. So replace
+ * the label in the array instance with the label from the
+ * new instance, and discard the new instance.
+ */
+ nss_ZFreeIf(object->instances[i]->label);
+ object->instances[i]->label = instance->label;
+ nssPKIObject_Unlock(object);
+ instance->label = NULL;
+ nssCryptokiObject_Destroy(instance);
+ return PR_SUCCESS;
+ }
+ newInstances = nss_ZREALLOCARRAY(object->instances,
+ nssCryptokiObject *,
+ object->numInstances + 1);
+ }
+ if (newInstances) {
+ object->instances = newInstances;
+ newInstances[object->numInstances++] = instance;
+ }
+ nssPKIObject_Unlock(object);
+ return (newInstances ? PR_SUCCESS : PR_FAILURE);
+}
+
+NSS_IMPLEMENT PRBool
+nssPKIObject_HasInstance(
+ nssPKIObject *object,
+ nssCryptokiObject *instance)
+{
+ PRUint32 i;
+ PRBool hasIt = PR_FALSE;
+ ;
+ nssPKIObject_Lock(object);
+ for (i = 0; i < object->numInstances; i++) {
+ if (nssCryptokiObject_Equal(object->instances[i], instance)) {
+ hasIt = PR_TRUE;
+ break;
+ }
+ }
+ nssPKIObject_Unlock(object);
+ return hasIt;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObject_RemoveInstanceForToken(
+ nssPKIObject *object,
+ NSSToken *token)
+{
+ PRUint32 i;
+ nssCryptokiObject *instanceToRemove = NULL;
+ nssPKIObject_Lock(object);
+ if (object->numInstances == 0) {
+ nssPKIObject_Unlock(object);
+ return PR_SUCCESS;
+ }
+ for (i = 0; i < object->numInstances; i++) {
+ if (object->instances[i]->token == token) {
+ instanceToRemove = object->instances[i];
+ object->instances[i] = object->instances[object->numInstances - 1];
+ object->instances[object->numInstances - 1] = NULL;
+ break;
+ }
+ }
+ if (--object->numInstances > 0) {
+ nssCryptokiObject **instances = nss_ZREALLOCARRAY(object->instances,
+ nssCryptokiObject *,
+ object->numInstances);
+ if (instances) {
+ object->instances = instances;
+ }
+ } else {
+ nss_ZFreeIf(object->instances);
+ }
+ nssCryptokiObject_Destroy(instanceToRemove);
+ nssPKIObject_Unlock(object);
+ return PR_SUCCESS;
+}
+
+/* this needs more thought on what will happen when there are multiple
+ * instances
+ */
+NSS_IMPLEMENT PRStatus
+nssPKIObject_DeleteStoredObject(
+ nssPKIObject *object,
+ NSSCallback *uhh,
+ PRBool isFriendly)
+{
+ PRUint32 i, numNotDestroyed;
+ PRStatus status = PR_SUCCESS;
+ numNotDestroyed = 0;
+ nssPKIObject_Lock(object);
+ for (i = 0; i < object->numInstances; i++) {
+ nssCryptokiObject *instance = object->instances[i];
+ status = nssToken_DeleteStoredObject(instance);
+ object->instances[i] = NULL;
+ if (status == PR_SUCCESS) {
+ nssCryptokiObject_Destroy(instance);
+ } else {
+ object->instances[numNotDestroyed++] = instance;
+ }
+ }
+ if (numNotDestroyed == 0) {
+ nss_ZFreeIf(object->instances);
+ object->numInstances = 0;
+ } else {
+ object->numInstances = numNotDestroyed;
+ }
+ nssPKIObject_Unlock(object);
+ return status;
+}
+
+NSS_IMPLEMENT NSSToken **
+nssPKIObject_GetTokens(
+ nssPKIObject *object,
+ PRStatus *statusOpt)
+{
+ NSSToken **tokens = NULL;
+ nssPKIObject_Lock(object);
+ if (object->numInstances > 0) {
+ tokens = nss_ZNEWARRAY(NULL, NSSToken *, object->numInstances + 1);
+ if (tokens) {
+ PRUint32 i;
+ for (i = 0; i < object->numInstances; i++) {
+ tokens[i] = nssToken_AddRef(object->instances[i]->token);
+ }
+ }
+ }
+ nssPKIObject_Unlock(object);
+ if (statusOpt)
+ *statusOpt = PR_SUCCESS; /* until more logic here */
+ return tokens;
+}
+
+NSS_IMPLEMENT NSSUTF8 *
+nssPKIObject_GetNicknameForToken(
+ nssPKIObject *object,
+ NSSToken *tokenOpt)
+{
+ PRUint32 i;
+ NSSUTF8 *nickname = NULL;
+ nssPKIObject_Lock(object);
+ for (i = 0; i < object->numInstances; i++) {
+ if ((!tokenOpt && object->instances[i]->label) ||
+ (object->instances[i]->token == tokenOpt)) {
+ /* Must copy, see bug 745548 */
+ nickname = nssUTF8_Duplicate(object->instances[i]->label, NULL);
+ break;
+ }
+ }
+ nssPKIObject_Unlock(object);
+ return nickname;
+}
+
+NSS_IMPLEMENT nssCryptokiObject **
+nssPKIObject_GetInstances(
+ nssPKIObject *object)
+{
+ nssCryptokiObject **instances = NULL;
+ PRUint32 i;
+ if (object->numInstances == 0) {
+ return (nssCryptokiObject **)NULL;
+ }
+ nssPKIObject_Lock(object);
+ instances = nss_ZNEWARRAY(NULL, nssCryptokiObject *,
+ object->numInstances + 1);
+ if (instances) {
+ for (i = 0; i < object->numInstances; i++) {
+ instances[i] = nssCryptokiObject_Clone(object->instances[i]);
+ }
+ }
+ nssPKIObject_Unlock(object);
+ return instances;
+}
+
+NSS_IMPLEMENT void
+nssCertificateArray_Destroy(
+ NSSCertificate **certs)
+{
+ if (certs) {
+ NSSCertificate **certp;
+ for (certp = certs; *certp; certp++) {
+ if ((*certp)->decoding) {
+ CERTCertificate *cc = STAN_GetCERTCertificate(*certp);
+ if (cc) {
+ CERT_DestroyCertificate(cc);
+ }
+ continue;
+ }
+ nssCertificate_Destroy(*certp);
+ }
+ nss_ZFreeIf(certs);
+ }
+}
+
+NSS_IMPLEMENT void
+NSSCertificateArray_Destroy(
+ NSSCertificate **certs)
+{
+ nssCertificateArray_Destroy(certs);
+}
+
+NSS_IMPLEMENT NSSCertificate **
+nssCertificateArray_Join(
+ NSSCertificate **certs1,
+ NSSCertificate **certs2)
+{
+ if (certs1 && certs2) {
+ NSSCertificate **certs, **cp;
+ PRUint32 count = 0;
+ PRUint32 count1 = 0;
+ cp = certs1;
+ while (*cp++)
+ count1++;
+ count = count1;
+ cp = certs2;
+ while (*cp++)
+ count++;
+ certs = nss_ZREALLOCARRAY(certs1, NSSCertificate *, count + 1);
+ if (!certs) {
+ nss_ZFreeIf(certs1);
+ nss_ZFreeIf(certs2);
+ return (NSSCertificate **)NULL;
+ }
+ for (cp = certs2; *cp; cp++, count1++) {
+ certs[count1] = *cp;
+ }
+ nss_ZFreeIf(certs2);
+ return certs;
+ } else if (certs1) {
+ return certs1;
+ } else {
+ return certs2;
+ }
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssCertificateArray_FindBestCertificate(
+ NSSCertificate **certs,
+ NSSTime *timeOpt,
+ const NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ NSSCertificate *bestCert = NULL;
+ nssDecodedCert *bestdc = NULL;
+ NSSTime *time, sTime;
+ PRBool bestCertMatches = PR_FALSE;
+ PRBool thisCertMatches;
+ PRBool bestCertIsValidAtTime = PR_FALSE;
+ PRBool bestCertIsTrusted = PR_FALSE;
+
+ if (timeOpt) {
+ time = timeOpt;
+ } else {
+ NSSTime_Now(&sTime);
+ time = &sTime;
+ }
+ if (!certs) {
+ return (NSSCertificate *)NULL;
+ }
+ for (; *certs; certs++) {
+ nssDecodedCert *dc;
+ NSSCertificate *c = *certs;
+ dc = nssCertificate_GetDecoding(c);
+ if (!dc)
+ continue;
+ thisCertMatches = dc->matchUsage(dc, usage);
+ if (!bestCert) {
+ /* always take the first cert, but remember whether or not
+ * the usage matched
+ */
+ bestCert = nssCertificate_AddRef(c);
+ bestCertMatches = thisCertMatches;
+ bestdc = dc;
+ continue;
+ } else {
+ if (bestCertMatches && !thisCertMatches) {
+ /* if already have a cert for this usage, and if this cert
+ * doesn't have the correct usage, continue
+ */
+ continue;
+ } else if (!bestCertMatches && thisCertMatches) {
+ /* this one does match usage, replace the other */
+ nssCertificate_Destroy(bestCert);
+ bestCert = nssCertificate_AddRef(c);
+ bestCertMatches = thisCertMatches;
+ bestdc = dc;
+ continue;
+ }
+ /* this cert match as well as any cert we've found so far,
+ * defer to time/policies
+ * */
+ }
+ /* time */
+ if (bestCertIsValidAtTime || bestdc->isValidAtTime(bestdc, time)) {
+ /* The current best cert is valid at time */
+ bestCertIsValidAtTime = PR_TRUE;
+ if (!dc->isValidAtTime(dc, time)) {
+ /* If the new cert isn't valid at time, it's not better */
+ continue;
+ }
+ } else {
+ /* The current best cert is not valid at time */
+ if (dc->isValidAtTime(dc, time)) {
+ /* If the new cert is valid at time, it's better */
+ nssCertificate_Destroy(bestCert);
+ bestCert = nssCertificate_AddRef(c);
+ bestdc = dc;
+ bestCertIsValidAtTime = PR_TRUE;
+ continue;
+ }
+ }
+ /* Either they are both valid at time, or neither valid.
+ * If only one is trusted for this usage, take it.
+ */
+ if (bestCertIsTrusted || bestdc->isTrustedForUsage(bestdc, usage)) {
+ bestCertIsTrusted = PR_TRUE;
+ if (!dc->isTrustedForUsage(dc, usage)) {
+ continue;
+ }
+ } else {
+ /* The current best cert is not trusted */
+ if (dc->isTrustedForUsage(dc, usage)) {
+ /* If the new cert is trusted, it's better */
+ nssCertificate_Destroy(bestCert);
+ bestCert = nssCertificate_AddRef(c);
+ bestdc = dc;
+ bestCertIsTrusted = PR_TRUE;
+ continue;
+ }
+ }
+ /* Otherwise, take the newer one. */
+ if (!bestdc->isNewerThan(bestdc, dc)) {
+ nssCertificate_Destroy(bestCert);
+ bestCert = nssCertificate_AddRef(c);
+ bestdc = dc;
+ continue;
+ }
+ /* policies */
+ /* XXX later -- defer to policies */
+ }
+ return bestCert;
+}
+
+NSS_IMPLEMENT PRStatus
+nssCertificateArray_Traverse(
+ NSSCertificate **certs,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg)
+{
+ PRStatus status = PR_SUCCESS;
+ if (certs) {
+ NSSCertificate **certp;
+ for (certp = certs; *certp; certp++) {
+ status = (*callback)(*certp, arg);
+ if (status != PR_SUCCESS) {
+ break;
+ }
+ }
+ }
+ return status;
+}
+
+NSS_IMPLEMENT void
+nssCRLArray_Destroy(
+ NSSCRL **crls)
+{
+ if (crls) {
+ NSSCRL **crlp;
+ for (crlp = crls; *crlp; crlp++) {
+ nssCRL_Destroy(*crlp);
+ }
+ nss_ZFreeIf(crls);
+ }
+}
+
+/*
+ * Object collections
+ */
+
+typedef enum {
+ pkiObjectType_Certificate = 0,
+ pkiObjectType_CRL = 1,
+ pkiObjectType_PrivateKey = 2,
+ pkiObjectType_PublicKey = 3
+} pkiObjectType;
+
+/* Each object is defined by a set of items that uniquely identify it.
+ * Here are the uid sets:
+ *
+ * NSSCertificate ==> { issuer, serial }
+ * NSSPrivateKey
+ * (RSA) ==> { modulus, public exponent }
+ *
+ */
+#define MAX_ITEMS_FOR_UID 2
+
+/* pkiObjectCollectionNode
+ *
+ * A node in the collection is the set of unique identifiers for a single
+ * object, along with either the actual object or a proto-object.
+ */
+typedef struct
+{
+ PRCList link;
+ PRBool haveObject;
+ nssPKIObject *object;
+ NSSItem uid[MAX_ITEMS_FOR_UID];
+} pkiObjectCollectionNode;
+
+/* nssPKIObjectCollection
+ *
+ * The collection is the set of all objects, plus the interfaces needed
+ * to manage the objects.
+ *
+ */
+struct nssPKIObjectCollectionStr {
+ NSSArena *arena;
+ NSSTrustDomain *td;
+ NSSCryptoContext *cc;
+ PRCList head; /* list of pkiObjectCollectionNode's */
+ PRUint32 size;
+ pkiObjectType objectType;
+ void (*destroyObject)(nssPKIObject *o);
+ PRStatus (*getUIDFromObject)(nssPKIObject *o, NSSItem *uid);
+ PRStatus (*getUIDFromInstance)(nssCryptokiObject *co, NSSItem *uid,
+ NSSArena *arena);
+ nssPKIObject *(*createObject)(nssPKIObject *o);
+ nssPKILockType lockType; /* type of lock to use for new proto-objects */
+};
+
+static nssPKIObjectCollection *
+nssPKIObjectCollection_Create(
+ NSSTrustDomain *td,
+ NSSCryptoContext *ccOpt,
+ nssPKILockType lockType)
+{
+ NSSArena *arena;
+ nssPKIObjectCollection *rvCollection = NULL;
+ arena = nssArena_Create();
+ if (!arena) {
+ return (nssPKIObjectCollection *)NULL;
+ }
+ rvCollection = nss_ZNEW(arena, nssPKIObjectCollection);
+ if (!rvCollection) {
+ goto loser;
+ }
+ PR_INIT_CLIST(&rvCollection->head);
+ rvCollection->arena = arena;
+ rvCollection->td = td; /* XXX */
+ rvCollection->cc = ccOpt;
+ rvCollection->lockType = lockType;
+ return rvCollection;
+loser:
+ nssArena_Destroy(arena);
+ return (nssPKIObjectCollection *)NULL;
+}
+
+NSS_IMPLEMENT void
+nssPKIObjectCollection_Destroy(
+ nssPKIObjectCollection *collection)
+{
+ if (collection) {
+ PRCList *link;
+ pkiObjectCollectionNode *node;
+ /* first destroy any objects in the collection */
+ link = PR_NEXT_LINK(&collection->head);
+ while (link != &collection->head) {
+ node = (pkiObjectCollectionNode *)link;
+ if (node->haveObject) {
+ (*collection->destroyObject)(node->object);
+ } else {
+ nssPKIObject_Destroy(node->object);
+ }
+ link = PR_NEXT_LINK(link);
+ }
+ /* then destroy it */
+ nssArena_Destroy(collection->arena);
+ }
+}
+
+NSS_IMPLEMENT PRUint32
+nssPKIObjectCollection_Count(
+ nssPKIObjectCollection *collection)
+{
+ return collection->size;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObjectCollection_AddObject(
+ nssPKIObjectCollection *collection,
+ nssPKIObject *object)
+{
+ pkiObjectCollectionNode *node;
+ node = nss_ZNEW(collection->arena, pkiObjectCollectionNode);
+ if (!node) {
+ return PR_FAILURE;
+ }
+ node->haveObject = PR_TRUE;
+ node->object = nssPKIObject_AddRef(object);
+ (*collection->getUIDFromObject)(object, node->uid);
+ PR_INIT_CLIST(&node->link);
+ PR_INSERT_BEFORE(&node->link, &collection->head);
+ collection->size++;
+ return PR_SUCCESS;
+}
+
+static pkiObjectCollectionNode *
+find_instance_in_collection(
+ nssPKIObjectCollection *collection,
+ nssCryptokiObject *instance)
+{
+ PRCList *link;
+ pkiObjectCollectionNode *node;
+ link = PR_NEXT_LINK(&collection->head);
+ while (link != &collection->head) {
+ node = (pkiObjectCollectionNode *)link;
+ if (nssPKIObject_HasInstance(node->object, instance)) {
+ return node;
+ }
+ link = PR_NEXT_LINK(link);
+ }
+ return (pkiObjectCollectionNode *)NULL;
+}
+
+static pkiObjectCollectionNode *
+find_object_in_collection(
+ nssPKIObjectCollection *collection,
+ NSSItem *uid)
+{
+ PRUint32 i;
+ PRStatus status;
+ PRCList *link;
+ pkiObjectCollectionNode *node;
+ link = PR_NEXT_LINK(&collection->head);
+ while (link != &collection->head) {
+ node = (pkiObjectCollectionNode *)link;
+ for (i = 0; i < MAX_ITEMS_FOR_UID; i++) {
+ if (!nssItem_Equal(&node->uid[i], &uid[i], &status)) {
+ break;
+ }
+ }
+ if (i == MAX_ITEMS_FOR_UID) {
+ return node;
+ }
+ link = PR_NEXT_LINK(link);
+ }
+ return (pkiObjectCollectionNode *)NULL;
+}
+
+static pkiObjectCollectionNode *
+add_object_instance(
+ nssPKIObjectCollection *collection,
+ nssCryptokiObject *instance,
+ PRBool *foundIt)
+{
+ PRUint32 i;
+ PRStatus status;
+ pkiObjectCollectionNode *node;
+ nssArenaMark *mark = NULL;
+ NSSItem uid[MAX_ITEMS_FOR_UID];
+ nsslibc_memset(uid, 0, sizeof uid);
+ /* The list is traversed twice, first (here) looking to match the
+ * { token, handle } tuple, and if that is not found, below a search
+ * for unique identifier is done. Here, a match means this exact object
+ * instance is already in the collection, and we have nothing to do.
+ */
+ *foundIt = PR_FALSE;
+ node = find_instance_in_collection(collection, instance);
+ if (node) {
+ /* The collection is assumed to take over the instance. Since we
+ * are not using it, it must be destroyed.
+ */
+ nssCryptokiObject_Destroy(instance);
+ *foundIt = PR_TRUE;
+ return node;
+ }
+ mark = nssArena_Mark(collection->arena);
+ if (!mark) {
+ goto loser;
+ }
+ status = (*collection->getUIDFromInstance)(instance, uid,
+ collection->arena);
+ if (status != PR_SUCCESS) {
+ goto loser;
+ }
+ /* Search for unique identifier. A match here means the object exists
+ * in the collection, but does not have this instance, so the instance
+ * needs to be added.
+ */
+ node = find_object_in_collection(collection, uid);
+ if (node) {
+ /* This is an object with multiple instances */
+ status = nssPKIObject_AddInstance(node->object, instance);
+ } else {
+ /* This is a completely new object. Create a node for it. */
+ node = nss_ZNEW(collection->arena, pkiObjectCollectionNode);
+ if (!node) {
+ goto loser;
+ }
+ node->object = nssPKIObject_Create(NULL, instance,
+ collection->td, collection->cc,
+ collection->lockType);
+ if (!node->object) {
+ goto loser;
+ }
+ for (i = 0; i < MAX_ITEMS_FOR_UID; i++) {
+ node->uid[i] = uid[i];
+ }
+ node->haveObject = PR_FALSE;
+ PR_INIT_CLIST(&node->link);
+ PR_INSERT_BEFORE(&node->link, &collection->head);
+ collection->size++;
+ status = PR_SUCCESS;
+ }
+ nssArena_Unmark(collection->arena, mark);
+ return node;
+loser:
+ if (mark) {
+ nssArena_Release(collection->arena, mark);
+ }
+ nssCryptokiObject_Destroy(instance);
+ return (pkiObjectCollectionNode *)NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObjectCollection_AddInstances(
+ nssPKIObjectCollection *collection,
+ nssCryptokiObject **instances,
+ PRUint32 numInstances)
+{
+ PRStatus status = PR_SUCCESS;
+ PRUint32 i = 0;
+ PRBool foundIt;
+ pkiObjectCollectionNode *node;
+ if (instances) {
+ while ((!numInstances || i < numInstances) && *instances) {
+ if (status == PR_SUCCESS) {
+ node = add_object_instance(collection, *instances, &foundIt);
+ if (node == NULL) {
+ /* add_object_instance freed the current instance */
+ /* free the remaining instances */
+ status = PR_FAILURE;
+ }
+ } else {
+ nssCryptokiObject_Destroy(*instances);
+ }
+ instances++;
+ i++;
+ }
+ }
+ return status;
+}
+
+static void
+nssPKIObjectCollection_RemoveNode(
+ nssPKIObjectCollection *collection,
+ pkiObjectCollectionNode *node)
+{
+ PR_REMOVE_LINK(&node->link);
+ collection->size--;
+}
+
+static PRStatus
+nssPKIObjectCollection_GetObjects(
+ nssPKIObjectCollection *collection,
+ nssPKIObject **rvObjects,
+ PRUint32 rvSize)
+{
+ PRUint32 i = 0;
+ PRCList *link = PR_NEXT_LINK(&collection->head);
+ pkiObjectCollectionNode *node;
+ int error = 0;
+ while ((i < rvSize) && (link != &collection->head)) {
+ node = (pkiObjectCollectionNode *)link;
+ if (!node->haveObject) {
+ /* Convert the proto-object to an object */
+ node->object = (*collection->createObject)(node->object);
+ if (!node->object) {
+ link = PR_NEXT_LINK(link);
+ /*remove bogus object from list*/
+ nssPKIObjectCollection_RemoveNode(collection, node);
+ error++;
+ continue;
+ }
+ node->haveObject = PR_TRUE;
+ }
+ rvObjects[i++] = nssPKIObject_AddRef(node->object);
+ link = PR_NEXT_LINK(link);
+ }
+ if (!error && *rvObjects == NULL) {
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObjectCollection_Traverse(
+ nssPKIObjectCollection *collection,
+ nssPKIObjectCallback *callback)
+{
+ PRCList *link = PR_NEXT_LINK(&collection->head);
+ pkiObjectCollectionNode *node;
+ while (link != &collection->head) {
+ node = (pkiObjectCollectionNode *)link;
+ if (!node->haveObject) {
+ node->object = (*collection->createObject)(node->object);
+ if (!node->object) {
+ link = PR_NEXT_LINK(link);
+ /*remove bogus object from list*/
+ nssPKIObjectCollection_RemoveNode(collection, node);
+ continue;
+ }
+ node->haveObject = PR_TRUE;
+ }
+ switch (collection->objectType) {
+ case pkiObjectType_Certificate:
+ (void)(*callback->func.cert)((NSSCertificate *)node->object,
+ callback->arg);
+ break;
+ case pkiObjectType_CRL:
+ (void)(*callback->func.crl)((NSSCRL *)node->object,
+ callback->arg);
+ break;
+ case pkiObjectType_PrivateKey:
+ (void)(*callback->func.pvkey)((NSSPrivateKey *)node->object,
+ callback->arg);
+ break;
+ case pkiObjectType_PublicKey:
+ (void)(*callback->func.pbkey)((NSSPublicKey *)node->object,
+ callback->arg);
+ break;
+ }
+ link = PR_NEXT_LINK(link);
+ }
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssPKIObjectCollection_AddInstanceAsObject(
+ nssPKIObjectCollection *collection,
+ nssCryptokiObject *instance)
+{
+ pkiObjectCollectionNode *node;
+ PRBool foundIt;
+ node = add_object_instance(collection, instance, &foundIt);
+ if (node == NULL) {
+ return PR_FAILURE;
+ }
+ if (!node->haveObject) {
+ node->object = (*collection->createObject)(node->object);
+ if (!node->object) {
+ /*remove bogus object from list*/
+ nssPKIObjectCollection_RemoveNode(collection, node);
+ return PR_FAILURE;
+ }
+ node->haveObject = PR_TRUE;
+ } else if (!foundIt) {
+ /* The instance was added to a pre-existing node. This
+ * function is *only* being used for certificates, and having
+ * multiple instances of certs in 3.X requires updating the
+ * CERTCertificate.
+ * But only do it if it was a new instance!!! If the same instance
+ * is encountered, we set *foundIt to true. Detect that here and
+ * ignore it.
+ */
+ STAN_ForceCERTCertificateUpdate((NSSCertificate *)node->object);
+ }
+ return PR_SUCCESS;
+}
+
+/*
+ * Certificate collections
+ */
+
+static void
+cert_destroyObject(nssPKIObject *o)
+{
+ NSSCertificate *c = (NSSCertificate *)o;
+ if (c->decoding) {
+ CERTCertificate *cc = STAN_GetCERTCertificate(c);
+ if (cc) {
+ CERT_DestroyCertificate(cc);
+ return;
+ } /* else destroy it as NSSCertificate below */
+ }
+ nssCertificate_Destroy(c);
+}
+
+static PRStatus
+cert_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
+{
+ NSSCertificate *c = (NSSCertificate *)o;
+ /* The builtins are still returning decoded serial numbers. Until
+ * this compatibility issue is resolved, use the full DER of the
+ * cert to uniquely identify it.
+ */
+ NSSDER *derCert;
+ derCert = nssCertificate_GetEncoding(c);
+ uid[0].data = NULL;
+ uid[0].size = 0;
+ uid[1].data = NULL;
+ uid[1].size = 0;
+ if (derCert != NULL) {
+ uid[0] = *derCert;
+ }
+ return PR_SUCCESS;
+}
+
+static PRStatus
+cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
+ NSSArena *arena)
+{
+ /* The builtins are still returning decoded serial numbers. Until
+ * this compatibility issue is resolved, use the full DER of the
+ * cert to uniquely identify it.
+ */
+ uid[1].data = NULL;
+ uid[1].size = 0;
+ return nssCryptokiCertificate_GetAttributes(instance,
+ NULL, /* XXX sessionOpt */
+ arena, /* arena */
+ NULL, /* type */
+ NULL, /* id */
+ &uid[0], /* encoding */
+ NULL, /* issuer */
+ NULL, /* serial */
+ NULL); /* subject */
+}
+
+static nssPKIObject *
+cert_createObject(nssPKIObject *o)
+{
+ NSSCertificate *cert;
+ cert = nssCertificate_Create(o);
+ /* if (STAN_GetCERTCertificate(cert) == NULL) {
+ nssCertificate_Destroy(cert);
+ return (nssPKIObject *)NULL;
+ } */
+ /* In 3.4, have to maintain uniqueness of cert pointers by caching all
+ * certs. Cache the cert here, before returning. If it is already
+ * cached, take the cached entry.
+ */
+ {
+ NSSTrustDomain *td = o->trustDomain;
+ nssTrustDomain_AddCertsToCache(td, &cert, 1);
+ }
+ return (nssPKIObject *)cert;
+}
+
+NSS_IMPLEMENT nssPKIObjectCollection *
+nssCertificateCollection_Create(
+ NSSTrustDomain *td,
+ NSSCertificate **certsOpt)
+{
+ nssPKIObjectCollection *collection;
+ collection = nssPKIObjectCollection_Create(td, NULL, nssPKIMonitor);
+ if (!collection) {
+ return NULL;
+ }
+ collection->objectType = pkiObjectType_Certificate;
+ collection->destroyObject = cert_destroyObject;
+ collection->getUIDFromObject = cert_getUIDFromObject;
+ collection->getUIDFromInstance = cert_getUIDFromInstance;
+ collection->createObject = cert_createObject;
+ if (certsOpt) {
+ for (; *certsOpt; certsOpt++) {
+ nssPKIObject *object = (nssPKIObject *)(*certsOpt);
+ (void)nssPKIObjectCollection_AddObject(collection, object);
+ }
+ }
+ return collection;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+nssPKIObjectCollection_GetCertificates(
+ nssPKIObjectCollection *collection,
+ NSSCertificate **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ PRStatus status;
+ PRUint32 rvSize;
+ PRBool allocated = PR_FALSE;
+ if (collection->size == 0) {
+ return (NSSCertificate **)NULL;
+ }
+ if (maximumOpt == 0) {
+ rvSize = collection->size;
+ } else {
+ rvSize = PR_MIN(collection->size, maximumOpt);
+ }
+ if (!rvOpt) {
+ rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, rvSize + 1);
+ if (!rvOpt) {
+ return (NSSCertificate **)NULL;
+ }
+ allocated = PR_TRUE;
+ }
+ status = nssPKIObjectCollection_GetObjects(collection,
+ (nssPKIObject **)rvOpt,
+ rvSize);
+ if (status != PR_SUCCESS) {
+ if (allocated) {
+ nss_ZFreeIf(rvOpt);
+ }
+ return (NSSCertificate **)NULL;
+ }
+ return rvOpt;
+}
+
+/*
+ * CRL/KRL collections
+ */
+
+static void
+crl_destroyObject(nssPKIObject *o)
+{
+ NSSCRL *crl = (NSSCRL *)o;
+ nssCRL_Destroy(crl);
+}
+
+static PRStatus
+crl_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
+{
+ NSSCRL *crl = (NSSCRL *)o;
+ NSSDER *encoding;
+ encoding = nssCRL_GetEncoding(crl);
+ if (!encoding) {
+ nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
+ return PR_FALSE;
+ }
+ uid[0] = *encoding;
+ uid[1].data = NULL;
+ uid[1].size = 0;
+ return PR_SUCCESS;
+}
+
+static PRStatus
+crl_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
+ NSSArena *arena)
+{
+ return nssCryptokiCRL_GetAttributes(instance,
+ NULL, /* XXX sessionOpt */
+ arena, /* arena */
+ &uid[0], /* encoding */
+ NULL, /* subject */
+ NULL, /* class */
+ NULL, /* url */
+ NULL); /* isKRL */
+}
+
+static nssPKIObject *
+crl_createObject(nssPKIObject *o)
+{
+ return (nssPKIObject *)nssCRL_Create(o);
+}
+
+NSS_IMPLEMENT nssPKIObjectCollection *
+nssCRLCollection_Create(
+ NSSTrustDomain *td,
+ NSSCRL **crlsOpt)
+{
+ nssPKIObjectCollection *collection;
+ collection = nssPKIObjectCollection_Create(td, NULL, nssPKILock);
+ if (!collection) {
+ return NULL;
+ }
+ collection->objectType = pkiObjectType_CRL;
+ collection->destroyObject = crl_destroyObject;
+ collection->getUIDFromObject = crl_getUIDFromObject;
+ collection->getUIDFromInstance = crl_getUIDFromInstance;
+ collection->createObject = crl_createObject;
+ if (crlsOpt) {
+ for (; *crlsOpt; crlsOpt++) {
+ nssPKIObject *object = (nssPKIObject *)(*crlsOpt);
+ (void)nssPKIObjectCollection_AddObject(collection, object);
+ }
+ }
+ return collection;
+}
+
+NSS_IMPLEMENT NSSCRL **
+nssPKIObjectCollection_GetCRLs(
+ nssPKIObjectCollection *collection,
+ NSSCRL **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ PRStatus status;
+ PRUint32 rvSize;
+ PRBool allocated = PR_FALSE;
+ if (collection->size == 0) {
+ return (NSSCRL **)NULL;
+ }
+ if (maximumOpt == 0) {
+ rvSize = collection->size;
+ } else {
+ rvSize = PR_MIN(collection->size, maximumOpt);
+ }
+ if (!rvOpt) {
+ rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCRL *, rvSize + 1);
+ if (!rvOpt) {
+ return (NSSCRL **)NULL;
+ }
+ allocated = PR_TRUE;
+ }
+ status = nssPKIObjectCollection_GetObjects(collection,
+ (nssPKIObject **)rvOpt,
+ rvSize);
+ if (status != PR_SUCCESS) {
+ if (allocated) {
+ nss_ZFreeIf(rvOpt);
+ }
+ return (NSSCRL **)NULL;
+ }
+ return rvOpt;
+}
+
+/* how bad would it be to have a static now sitting around, updated whenever
+ * this was called? would avoid repeated allocs...
+ */
+NSS_IMPLEMENT NSSTime *
+NSSTime_Now(NSSTime *timeOpt)
+{
+ return NSSTime_SetPRTime(timeOpt, PR_Now());
+}
+
+NSS_IMPLEMENT NSSTime *
+NSSTime_SetPRTime(
+ NSSTime *timeOpt,
+ PRTime prTime)
+{
+ NSSTime *rvTime;
+ rvTime = (timeOpt) ? timeOpt : nss_ZNEW(NULL, NSSTime);
+ if (rvTime) {
+ rvTime->prTime = prTime;
+ }
+ return rvTime;
+}
+
+NSS_IMPLEMENT PRTime
+NSSTime_GetPRTime(
+ NSSTime *time)
+{
+ return time->prTime;
+}
diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h
new file mode 100644
index 000000000..3be3337cc
--- /dev/null
+++ b/security/nss/lib/pki/pkim.h
@@ -0,0 +1,547 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKIM_H
+#define PKIM_H
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#ifndef PKI_H
+#include "pki.h"
+#endif /* PKI_H */
+
+#ifndef PKITM_H
+#include "pkitm.h"
+#endif /* PKITM_H */
+
+PR_BEGIN_EXTERN_C
+
+/* nssPKIObject
+ *
+ * This is the base object class, common to all PKI objects defined in
+ * in this module. Each object can be safely 'casted' to an nssPKIObject,
+ * then passed to these methods.
+ *
+ * nssPKIObject_Create
+ * nssPKIObject_Destroy
+ * nssPKIObject_AddRef
+ * nssPKIObject_AddInstance
+ * nssPKIObject_HasInstance
+ * nssPKIObject_GetTokens
+ * nssPKIObject_GetNicknameForToken
+ * nssPKIObject_RemoveInstanceForToken
+ * nssPKIObject_DeleteStoredObject
+ */
+
+NSS_EXTERN void nssPKIObject_Lock(nssPKIObject *object);
+NSS_EXTERN void nssPKIObject_Unlock(nssPKIObject *object);
+NSS_EXTERN PRStatus nssPKIObject_NewLock(nssPKIObject *object,
+ nssPKILockType lockType);
+NSS_EXTERN void nssPKIObject_DestroyLock(nssPKIObject *object);
+
+/* nssPKIObject_Create
+ *
+ * A generic PKI object. It must live in a trust domain. It may be
+ * initialized with a token instance, or alternatively in a crypto context.
+ */
+NSS_EXTERN nssPKIObject *
+nssPKIObject_Create(
+ NSSArena *arenaOpt,
+ nssCryptokiObject *instanceOpt,
+ NSSTrustDomain *td,
+ NSSCryptoContext *ccOpt,
+ nssPKILockType lockType);
+
+/* nssPKIObject_AddRef
+ */
+NSS_EXTERN nssPKIObject *
+nssPKIObject_AddRef(nssPKIObject *object);
+
+/* nssPKIObject_Destroy
+ *
+ * Returns true if object was destroyed. This notifies the subclass that
+ * all references are gone and it should delete any members it owns.
+ */
+NSS_EXTERN PRBool
+nssPKIObject_Destroy(nssPKIObject *object);
+
+/* nssPKIObject_AddInstance
+ *
+ * Add a token instance to the object, if it does not have it already.
+ */
+NSS_EXTERN PRStatus
+nssPKIObject_AddInstance(
+ nssPKIObject *object,
+ nssCryptokiObject *instance);
+
+/* nssPKIObject_HasInstance
+ *
+ * Query the object for a token instance.
+ */
+NSS_EXTERN PRBool
+nssPKIObject_HasInstance(
+ nssPKIObject *object,
+ nssCryptokiObject *instance);
+
+/* nssPKIObject_GetTokens
+ *
+ * Get all tokens which have an instance of the object.
+ */
+NSS_EXTERN NSSToken **
+nssPKIObject_GetTokens(
+ nssPKIObject *object,
+ PRStatus *statusOpt);
+
+/* nssPKIObject_GetNicknameForToken
+ *
+ * tokenOpt == NULL means take the first available, otherwise return the
+ * nickname for the specified token.
+ */
+NSS_EXTERN NSSUTF8 *
+nssPKIObject_GetNicknameForToken(
+ nssPKIObject *object,
+ NSSToken *tokenOpt);
+
+/* nssPKIObject_RemoveInstanceForToken
+ *
+ * Remove the instance of the object on the specified token.
+ */
+NSS_EXTERN PRStatus
+nssPKIObject_RemoveInstanceForToken(
+ nssPKIObject *object,
+ NSSToken *token);
+
+/* nssPKIObject_DeleteStoredObject
+ *
+ * Delete all token instances of the object, as well as any crypto context
+ * instances (TODO). If any of the instances are read-only, or if the
+ * removal fails, the object will keep those instances. 'isFriendly' refers
+ * to the object -- can this object be removed from a friendly token without
+ * login? For example, certificates are friendly, private keys are not.
+ * Note that if the token is not friendly, authentication will be required
+ * regardless of the value of 'isFriendly'.
+ */
+NSS_EXTERN PRStatus
+nssPKIObject_DeleteStoredObject(
+ nssPKIObject *object,
+ NSSCallback *uhh,
+ PRBool isFriendly);
+
+NSS_EXTERN nssCryptokiObject **
+nssPKIObject_GetInstances(
+ nssPKIObject *object);
+
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_FindCertificatesByID(
+ NSSTrustDomain *td,
+ NSSItem *id,
+ NSSCertificate **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSCRL **
+nssTrustDomain_FindCRLsBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject);
+
+/* module-private nsspki methods */
+
+NSS_EXTERN NSSCryptoContext *
+nssCryptoContext_Create(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt);
+
+/* XXX for the collection */
+NSS_EXTERN NSSCertificate *
+nssCertificate_Create(nssPKIObject *object);
+
+NSS_EXTERN PRStatus
+nssCertificate_SetCertTrust(
+ NSSCertificate *c,
+ NSSTrust *trust);
+
+NSS_EXTERN nssDecodedCert *
+nssCertificate_GetDecoding(NSSCertificate *c);
+
+extern PRIntn
+nssCertificate_SubjectListSort(
+ void *v1,
+ void *v2);
+
+NSS_EXTERN nssDecodedCert *
+nssDecodedCert_Create(
+ NSSArena *arenaOpt,
+ NSSDER *encoding,
+ NSSCertificateType type);
+
+NSS_EXTERN PRStatus
+nssDecodedCert_Destroy(nssDecodedCert *dc);
+
+NSS_EXTERN NSSTrust *
+nssTrust_Create(
+ nssPKIObject *object,
+ NSSItem *certData);
+
+NSS_EXTERN NSSCRL *
+nssCRL_Create(nssPKIObject *object);
+
+NSS_EXTERN NSSCRL *
+nssCRL_AddRef(NSSCRL *crl);
+
+NSS_EXTERN PRStatus
+nssCRL_Destroy(NSSCRL *crl);
+
+NSS_EXTERN PRStatus
+nssCRL_DeleteStoredObject(
+ NSSCRL *crl,
+ NSSCallback *uhh);
+
+NSS_EXTERN NSSPrivateKey *
+nssPrivateKey_Create(nssPKIObject *o);
+
+NSS_EXTERN NSSDER *
+nssCRL_GetEncoding(NSSCRL *crl);
+
+NSS_EXTERN NSSPublicKey *
+nssPublicKey_Create(nssPKIObject *object);
+
+/* nssCertificateArray
+ *
+ * These are being thrown around a lot, might as well group together some
+ * functionality.
+ *
+ * nssCertificateArray_Destroy
+ * nssCertificateArray_Join
+ * nssCertificateArray_FindBestCertificate
+ * nssCertificateArray_Traverse
+ */
+
+/* nssCertificateArray_Destroy
+ *
+ * Will destroy the array and the certs within it. If the array was created
+ * in an arena, will *not* (of course) destroy the arena. However, is safe
+ * to call this method on an arena-allocated array.
+ */
+NSS_EXTERN void
+nssCertificateArray_Destroy(NSSCertificate **certs);
+
+/* nssCertificateArray_Join
+ *
+ * Join two arrays into one. The two arrays, certs1 and certs2, should
+ * be considered invalid after a call to this function (they may be destroyed
+ * as part of the join). certs1 and/or certs2 may be NULL. Safe to
+ * call with arrays allocated in an arena, the result will also be in the
+ * arena.
+ */
+NSS_EXTERN NSSCertificate **
+nssCertificateArray_Join(
+ NSSCertificate **certs1,
+ NSSCertificate **certs2);
+
+/* nssCertificateArray_FindBestCertificate
+ *
+ * Use the usual { time, usage, policies } to find the best cert in the
+ * array.
+ */
+NSS_EXTERN NSSCertificate *
+nssCertificateArray_FindBestCertificate(
+ NSSCertificate **certs,
+ NSSTime *timeOpt,
+ const NSSUsage *usage,
+ NSSPolicies *policiesOpt);
+
+/* nssCertificateArray_Traverse
+ *
+ * Do the callback for each cert, terminate the traversal if the callback
+ * fails.
+ */
+NSS_EXTERN PRStatus
+nssCertificateArray_Traverse(
+ NSSCertificate **certs,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg);
+
+NSS_EXTERN void
+nssCRLArray_Destroy(NSSCRL **crls);
+
+/* nssPKIObjectCollection
+ *
+ * This is a handy way to group objects together and perform operations
+ * on them. It can also handle "proto-objects"-- references to
+ * objects instances on tokens, where the actual object hasn't
+ * been formed yet.
+ *
+ * nssCertificateCollection_Create
+ * nssPrivateKeyCollection_Create
+ * nssPublicKeyCollection_Create
+ *
+ * If this was a language that provided for inheritance, each type would
+ * inherit all of the following methods. Instead, there is only one
+ * type (nssPKIObjectCollection), shared among all. This may cause
+ * confusion; an alternative would be to define all of the methods
+ * for each subtype (nssCertificateCollection_Destroy, ...), but that doesn't
+ * seem worth the code bloat.. It is left up to the caller to remember
+ * what type of collection he/she is dealing with.
+ *
+ * nssPKIObjectCollection_Destroy
+ * nssPKIObjectCollection_Count
+ * nssPKIObjectCollection_AddObject
+ * nssPKIObjectCollection_AddInstances
+ * nssPKIObjectCollection_Traverse
+ *
+ * Back to type-specific methods.
+ *
+ * nssPKIObjectCollection_GetCertificates
+ * nssPKIObjectCollection_GetCRLs
+ * nssPKIObjectCollection_GetPrivateKeys
+ * nssPKIObjectCollection_GetPublicKeys
+ */
+
+/* nssCertificateCollection_Create
+ *
+ * Create a collection of certificates in the specified trust domain.
+ * Optionally provide a starting set of certs.
+ */
+NSS_EXTERN nssPKIObjectCollection *
+nssCertificateCollection_Create(
+ NSSTrustDomain *td,
+ NSSCertificate **certsOpt);
+
+/* nssCRLCollection_Create
+ *
+ * Create a collection of CRLs/KRLs in the specified trust domain.
+ * Optionally provide a starting set of CRLs.
+ */
+NSS_EXTERN nssPKIObjectCollection *
+nssCRLCollection_Create(
+ NSSTrustDomain *td,
+ NSSCRL **crlsOpt);
+
+/* nssPrivateKeyCollection_Create
+ *
+ * Create a collection of private keys in the specified trust domain.
+ * Optionally provide a starting set of keys.
+ */
+NSS_EXTERN nssPKIObjectCollection *
+nssPrivateKeyCollection_Create(
+ NSSTrustDomain *td,
+ NSSPrivateKey **pvkOpt);
+
+/* nssPublicKeyCollection_Create
+ *
+ * Create a collection of public keys in the specified trust domain.
+ * Optionally provide a starting set of keys.
+ */
+NSS_EXTERN nssPKIObjectCollection *
+nssPublicKeyCollection_Create(
+ NSSTrustDomain *td,
+ NSSPublicKey **pvkOpt);
+
+/* nssPKIObjectCollection_Destroy
+ */
+NSS_EXTERN void
+nssPKIObjectCollection_Destroy(nssPKIObjectCollection *collection);
+
+/* nssPKIObjectCollection_Count
+ */
+NSS_EXTERN PRUint32
+nssPKIObjectCollection_Count(nssPKIObjectCollection *collection);
+
+NSS_EXTERN PRStatus
+nssPKIObjectCollection_AddObject(
+ nssPKIObjectCollection *collection,
+ nssPKIObject *object);
+
+/* nssPKIObjectCollection_AddInstances
+ *
+ * Add a set of object instances to the collection. The instances
+ * will be sorted into any existing certs/proto-certs that may be in
+ * the collection. The instances will be absorbed by the collection,
+ * the array should not be used after this call (except to free it).
+ *
+ * Failure means the collection is in an invalid state.
+ *
+ * numInstances = 0 means the array is NULL-terminated
+ */
+NSS_EXTERN PRStatus
+nssPKIObjectCollection_AddInstances(
+ nssPKIObjectCollection *collection,
+ nssCryptokiObject **instances,
+ PRUint32 numInstances);
+
+/* nssPKIObjectCollection_Traverse
+ */
+NSS_EXTERN PRStatus
+nssPKIObjectCollection_Traverse(
+ nssPKIObjectCollection *collection,
+ nssPKIObjectCallback *callback);
+
+/* This function is being added for NSS 3.5. It corresponds to the function
+ * nssToken_TraverseCertificates. The idea is to use the collection during
+ * a traversal, creating certs each time a new instance is added for which
+ * a cert does not already exist.
+ */
+NSS_EXTERN PRStatus
+nssPKIObjectCollection_AddInstanceAsObject(
+ nssPKIObjectCollection *collection,
+ nssCryptokiObject *instance);
+
+/* nssPKIObjectCollection_GetCertificates
+ *
+ * Get all of the certificates in the collection.
+ */
+NSS_EXTERN NSSCertificate **
+nssPKIObjectCollection_GetCertificates(
+ nssPKIObjectCollection *collection,
+ NSSCertificate **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSCRL **
+nssPKIObjectCollection_GetCRLs(
+ nssPKIObjectCollection *collection,
+ NSSCRL **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSPrivateKey **
+nssPKIObjectCollection_GetPrivateKeys(
+ nssPKIObjectCollection *collection,
+ NSSPrivateKey **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSPublicKey **
+nssPKIObjectCollection_GetPublicKeys(
+ nssPKIObjectCollection *collection,
+ NSSPublicKey **rvOpt,
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSTime *
+NSSTime_Now(NSSTime *timeOpt);
+
+NSS_EXTERN NSSTime *
+NSSTime_SetPRTime(
+ NSSTime *timeOpt,
+ PRTime prTime);
+
+NSS_EXTERN PRTime
+NSSTime_GetPRTime(
+ NSSTime *time);
+
+NSS_EXTERN nssHash *
+nssHash_CreateCertificate(
+ NSSArena *arenaOpt,
+ PRUint32 numBuckets);
+
+/* 3.4 Certificate cache routines */
+
+NSS_EXTERN PRStatus
+nssTrustDomain_InitializeCache(
+ NSSTrustDomain *td,
+ PRUint32 cacheSize);
+
+NSS_EXTERN PRStatus
+nssTrustDomain_AddCertsToCache(
+ NSSTrustDomain *td,
+ NSSCertificate **certs,
+ PRUint32 numCerts);
+
+NSS_EXTERN void
+nssTrustDomain_RemoveCertFromCacheLOCKED(
+ NSSTrustDomain *td,
+ NSSCertificate *cert);
+
+NSS_EXTERN void
+nssTrustDomain_LockCertCache(NSSTrustDomain *td);
+
+NSS_EXTERN void
+nssTrustDomain_UnlockCertCache(NSSTrustDomain *td);
+
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_DestroyCache(NSSTrustDomain *td);
+
+/*
+ * Remove all certs for the given token from the cache. This is
+ * needed if the token is removed.
+ */
+NSS_EXTERN PRStatus
+nssTrustDomain_RemoveTokenCertsFromCache(
+ NSSTrustDomain *td,
+ NSSToken *token);
+
+NSS_EXTERN PRStatus
+nssTrustDomain_UpdateCachedTokenCerts(
+ NSSTrustDomain *td,
+ NSSToken *token);
+
+/*
+ * Find all cached certs with this nickname (label).
+ */
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_GetCertsForNicknameFromCache(
+ NSSTrustDomain *td,
+ const NSSUTF8 *nickname,
+ nssList *certListOpt);
+
+/*
+ * Find all cached certs with this email address.
+ */
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_GetCertsForEmailAddressFromCache(
+ NSSTrustDomain *td,
+ NSSASCII7 *email,
+ nssList *certListOpt);
+
+/*
+ * Find all cached certs with this subject.
+ */
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_GetCertsForSubjectFromCache(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ nssList *certListOpt);
+
+/*
+ * Look for a specific cert in the cache.
+ */
+NSS_EXTERN NSSCertificate *
+nssTrustDomain_GetCertForIssuerAndSNFromCache(
+ NSSTrustDomain *td,
+ NSSDER *issuer,
+ NSSDER *serialNum);
+
+/*
+ * Look for a specific cert in the cache.
+ */
+NSS_EXTERN NSSCertificate *
+nssTrustDomain_GetCertByDERFromCache(
+ NSSTrustDomain *td,
+ NSSDER *der);
+
+/* Get all certs from the cache */
+/* XXX this is being included to make some old-style calls word, not to
+ * say we should keep it
+ */
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_GetCertsFromCache(
+ NSSTrustDomain *td,
+ nssList *certListOpt);
+
+NSS_EXTERN void
+nssTrustDomain_DumpCacheInfo(
+ NSSTrustDomain *td,
+ void (*cert_dump_iter)(const void *, void *, void *),
+ void *arg);
+
+NSS_EXTERN void
+nssCertificateList_AddReferences(
+ nssList *certList);
+
+PR_END_EXTERN_C
+
+#endif /* PKIM_H */
diff --git a/security/nss/lib/pki/pkistore.c b/security/nss/lib/pki/pkistore.c
new file mode 100644
index 000000000..6113442a1
--- /dev/null
+++ b/security/nss/lib/pki/pkistore.c
@@ -0,0 +1,675 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#ifndef PKI_H
+#include "pki.h"
+#endif /* PKI_H */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#ifndef PKISTORE_H
+#include "pkistore.h"
+#endif /* PKISTORE_H */
+
+#include "cert.h"
+#include "pki3hack.h"
+
+#include "prbit.h"
+
+/*
+ * Certificate Store
+ *
+ * This differs from the cache in that it is a true storage facility. Items
+ * stay in until they are explicitly removed. It is only used by crypto
+ * contexts at this time, but may be more generally useful...
+ *
+ */
+
+struct nssCertificateStoreStr {
+ PRBool i_alloced_arena;
+ NSSArena *arena;
+ PZLock *lock;
+ nssHash *subject;
+ nssHash *issuer_and_serial;
+};
+
+typedef struct certificate_hash_entry_str certificate_hash_entry;
+
+struct certificate_hash_entry_str {
+ NSSCertificate *cert;
+ NSSTrust *trust;
+ nssSMIMEProfile *profile;
+};
+
+/* forward static declarations */
+static NSSCertificate *
+nssCertStore_FindCertByIssuerAndSerialNumberLocked(
+ nssCertificateStore *store,
+ NSSDER *issuer,
+ NSSDER *serial);
+
+NSS_IMPLEMENT nssCertificateStore *
+nssCertificateStore_Create(NSSArena *arenaOpt)
+{
+ NSSArena *arena;
+ nssCertificateStore *store;
+ PRBool i_alloced_arena;
+ if (arenaOpt) {
+ arena = arenaOpt;
+ i_alloced_arena = PR_FALSE;
+ } else {
+ arena = nssArena_Create();
+ if (!arena) {
+ return NULL;
+ }
+ i_alloced_arena = PR_TRUE;
+ }
+ store = nss_ZNEW(arena, nssCertificateStore);
+ if (!store) {
+ goto loser;
+ }
+ store->lock = PZ_NewLock(nssILockOther);
+ if (!store->lock) {
+ goto loser;
+ }
+ /* Create the issuer/serial --> {cert, trust, S/MIME profile } hash */
+ store->issuer_and_serial = nssHash_CreateCertificate(arena, 0);
+ if (!store->issuer_and_serial) {
+ goto loser;
+ }
+ /* Create the subject DER --> subject list hash */
+ store->subject = nssHash_CreateItem(arena, 0);
+ if (!store->subject) {
+ goto loser;
+ }
+ store->arena = arena;
+ store->i_alloced_arena = i_alloced_arena;
+ return store;
+loser:
+ if (store) {
+ if (store->lock) {
+ PZ_DestroyLock(store->lock);
+ }
+ if (store->issuer_and_serial) {
+ nssHash_Destroy(store->issuer_and_serial);
+ }
+ if (store->subject) {
+ nssHash_Destroy(store->subject);
+ }
+ }
+ if (i_alloced_arena) {
+ nssArena_Destroy(arena);
+ }
+ return NULL;
+}
+
+extern const NSSError NSS_ERROR_BUSY;
+
+NSS_IMPLEMENT PRStatus
+nssCertificateStore_Destroy(nssCertificateStore *store)
+{
+ if (nssHash_Count(store->issuer_and_serial) > 0) {
+ nss_SetError(NSS_ERROR_BUSY);
+ return PR_FAILURE;
+ }
+ PZ_DestroyLock(store->lock);
+ nssHash_Destroy(store->issuer_and_serial);
+ nssHash_Destroy(store->subject);
+ if (store->i_alloced_arena) {
+ nssArena_Destroy(store->arena);
+ } else {
+ nss_ZFreeIf(store);
+ }
+ return PR_SUCCESS;
+}
+
+static PRStatus
+add_certificate_entry(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ PRStatus nssrv;
+ certificate_hash_entry *entry;
+ entry = nss_ZNEW(cert->object.arena, certificate_hash_entry);
+ if (!entry) {
+ return PR_FAILURE;
+ }
+ entry->cert = cert;
+ nssrv = nssHash_Add(store->issuer_and_serial, cert, entry);
+ if (nssrv != PR_SUCCESS) {
+ nss_ZFreeIf(entry);
+ }
+ return nssrv;
+}
+
+static PRStatus
+add_subject_entry(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ PRStatus nssrv;
+ nssList *subjectList;
+ subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
+ if (subjectList) {
+ /* The subject is already in, add this cert to the list */
+ nssrv = nssList_AddUnique(subjectList, cert);
+ } else {
+ /* Create a new subject list for the subject */
+ subjectList = nssList_Create(NULL, PR_FALSE);
+ if (!subjectList) {
+ return PR_FAILURE;
+ }
+ nssList_SetSortFunction(subjectList, nssCertificate_SubjectListSort);
+ /* Add the cert entry to this list of subjects */
+ nssrv = nssList_Add(subjectList, cert);
+ if (nssrv != PR_SUCCESS) {
+ return nssrv;
+ }
+ /* Add the subject list to the cache */
+ nssrv = nssHash_Add(store->subject, &cert->subject, subjectList);
+ }
+ return nssrv;
+}
+
+/* declared below */
+static void
+remove_certificate_entry(
+ nssCertificateStore *store,
+ NSSCertificate *cert);
+
+/* Caller must hold store->lock */
+static PRStatus
+nssCertificateStore_AddLocked(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ PRStatus nssrv = add_certificate_entry(store, cert);
+ if (nssrv == PR_SUCCESS) {
+ nssrv = add_subject_entry(store, cert);
+ if (nssrv == PR_FAILURE) {
+ remove_certificate_entry(store, cert);
+ }
+ }
+ return nssrv;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssCertificateStore_FindOrAdd(
+ nssCertificateStore *store,
+ NSSCertificate *c)
+{
+ PRStatus nssrv;
+ NSSCertificate *rvCert = NULL;
+
+ PZ_Lock(store->lock);
+ rvCert = nssCertStore_FindCertByIssuerAndSerialNumberLocked(
+ store, &c->issuer, &c->serial);
+ if (!rvCert) {
+ nssrv = nssCertificateStore_AddLocked(store, c);
+ if (PR_SUCCESS == nssrv) {
+ rvCert = nssCertificate_AddRef(c);
+ }
+ }
+ PZ_Unlock(store->lock);
+ return rvCert;
+}
+
+static void
+remove_certificate_entry(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ certificate_hash_entry *entry;
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, cert);
+ if (entry) {
+ nssHash_Remove(store->issuer_and_serial, cert);
+ if (entry->trust) {
+ nssTrust_Destroy(entry->trust);
+ }
+ if (entry->profile) {
+ nssSMIMEProfile_Destroy(entry->profile);
+ }
+ nss_ZFreeIf(entry);
+ }
+}
+
+static void
+remove_subject_entry(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ nssList *subjectList;
+ /* Get the subject list for the cert's subject */
+ subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
+ if (subjectList) {
+ /* Remove the cert from the subject hash */
+ nssList_Remove(subjectList, cert);
+ nssHash_Remove(store->subject, &cert->subject);
+ if (nssList_Count(subjectList) == 0) {
+ nssList_Destroy(subjectList);
+ } else {
+ /* The cert being released may have keyed the subject entry.
+ * Since there are still subject certs around, get another and
+ * rekey the entry just in case.
+ */
+ NSSCertificate *subjectCert;
+ (void)nssList_GetArray(subjectList, (void **)&subjectCert, 1);
+ nssHash_Add(store->subject, &subjectCert->subject, subjectList);
+ }
+ }
+}
+
+NSS_IMPLEMENT void
+nssCertificateStore_RemoveCertLOCKED(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ certificate_hash_entry *entry;
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, cert);
+ if (entry && entry->cert == cert) {
+ remove_certificate_entry(store, cert);
+ remove_subject_entry(store, cert);
+ }
+}
+
+NSS_IMPLEMENT void
+nssCertificateStore_Lock(nssCertificateStore *store, nssCertificateStoreTrace *out)
+{
+#ifdef DEBUG
+ PORT_Assert(out);
+ out->store = store;
+ out->lock = store->lock;
+ out->locked = PR_TRUE;
+ PZ_Lock(out->lock);
+#else
+ PZ_Lock(store->lock);
+#endif
+}
+
+NSS_IMPLEMENT void
+nssCertificateStore_Unlock(
+ nssCertificateStore *store, const nssCertificateStoreTrace *in,
+ nssCertificateStoreTrace *out)
+{
+#ifdef DEBUG
+ PORT_Assert(in);
+ PORT_Assert(out);
+ out->store = store;
+ out->lock = store->lock;
+ PORT_Assert(!out->locked);
+ out->unlocked = PR_TRUE;
+
+ PORT_Assert(in->store == out->store);
+ PORT_Assert(in->lock == out->lock);
+ PORT_Assert(in->locked);
+ PORT_Assert(!in->unlocked);
+
+ PZ_Unlock(out->lock);
+#else
+ PZ_Unlock(store->lock);
+#endif
+}
+
+static NSSCertificate **
+get_array_from_list(
+ nssList *certList,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ PRUint32 count;
+ NSSCertificate **rvArray = NULL;
+ count = nssList_Count(certList);
+ if (count == 0) {
+ return NULL;
+ }
+ if (maximumOpt > 0) {
+ count = PR_MIN(maximumOpt, count);
+ }
+ if (rvOpt) {
+ nssList_GetArray(certList, (void **)rvOpt, count);
+ } else {
+ rvArray = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1);
+ if (rvArray) {
+ nssList_GetArray(certList, (void **)rvArray, count);
+ }
+ }
+ return rvArray;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+nssCertificateStore_FindCertificatesBySubject(
+ nssCertificateStore *store,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ nssList *subjectList;
+ PZ_Lock(store->lock);
+ subjectList = (nssList *)nssHash_Lookup(store->subject, subject);
+ if (subjectList) {
+ nssCertificateList_AddReferences(subjectList);
+ rvArray = get_array_from_list(subjectList,
+ rvOpt, maximumOpt, arenaOpt);
+ }
+ PZ_Unlock(store->lock);
+ return rvArray;
+}
+
+/* Because only subject indexing is implemented, all other lookups require
+ * full traversal (unfortunately, PLHashTable doesn't allow you to exit
+ * early from the enumeration). The assumptions are that 1) lookups by
+ * fields other than subject will be rare, and 2) the hash will not have
+ * a large number of entries. These assumptions will be tested.
+ *
+ * XXX
+ * For NSS 3.4, it is worth consideration to do all forms of indexing,
+ * because the only crypto context is global and persistent.
+ */
+
+struct nickname_template_str {
+ NSSUTF8 *nickname;
+ nssList *subjectList;
+};
+
+static void
+match_nickname(const void *k, void *v, void *a)
+{
+ PRStatus nssrv;
+ NSSCertificate *c;
+ NSSUTF8 *nickname;
+ nssList *subjectList = (nssList *)v;
+ struct nickname_template_str *nt = (struct nickname_template_str *)a;
+ nssrv = nssList_GetArray(subjectList, (void **)&c, 1);
+ nickname = nssCertificate_GetNickname(c, NULL);
+ if (nssrv == PR_SUCCESS && nickname &&
+ nssUTF8_Equal(nickname, nt->nickname, &nssrv)) {
+ nt->subjectList = subjectList;
+ }
+ nss_ZFreeIf(nickname);
+}
+
+/*
+ * Find all cached certs with this label.
+ */
+NSS_IMPLEMENT NSSCertificate **
+nssCertificateStore_FindCertificatesByNickname(
+ nssCertificateStore *store,
+ const NSSUTF8 *nickname,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ struct nickname_template_str nt;
+ nt.nickname = (char *)nickname;
+ nt.subjectList = NULL;
+ PZ_Lock(store->lock);
+ nssHash_Iterate(store->subject, match_nickname, &nt);
+ if (nt.subjectList) {
+ nssCertificateList_AddReferences(nt.subjectList);
+ rvArray = get_array_from_list(nt.subjectList,
+ rvOpt, maximumOpt, arenaOpt);
+ }
+ PZ_Unlock(store->lock);
+ return rvArray;
+}
+
+struct email_template_str {
+ NSSASCII7 *email;
+ nssList *emailList;
+};
+
+static void
+match_email(const void *k, void *v, void *a)
+{
+ PRStatus nssrv;
+ NSSCertificate *c;
+ nssList *subjectList = (nssList *)v;
+ struct email_template_str *et = (struct email_template_str *)a;
+ nssrv = nssList_GetArray(subjectList, (void **)&c, 1);
+ if (nssrv == PR_SUCCESS &&
+ nssUTF8_Equal(c->email, et->email, &nssrv)) {
+ nssListIterator *iter = nssList_CreateIterator(subjectList);
+ if (iter) {
+ for (c = (NSSCertificate *)nssListIterator_Start(iter);
+ c != (NSSCertificate *)NULL;
+ c = (NSSCertificate *)nssListIterator_Next(iter)) {
+ nssList_Add(et->emailList, c);
+ }
+ nssListIterator_Finish(iter);
+ nssListIterator_Destroy(iter);
+ }
+ }
+}
+
+/*
+ * Find all cached certs with this email address.
+ */
+NSS_IMPLEMENT NSSCertificate **
+nssCertificateStore_FindCertificatesByEmail(
+ nssCertificateStore *store,
+ NSSASCII7 *email,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ struct email_template_str et;
+ et.email = email;
+ et.emailList = nssList_Create(NULL, PR_FALSE);
+ if (!et.emailList) {
+ return NULL;
+ }
+ PZ_Lock(store->lock);
+ nssHash_Iterate(store->subject, match_email, &et);
+ if (et.emailList) {
+ /* get references before leaving the store's lock protection */
+ nssCertificateList_AddReferences(et.emailList);
+ }
+ PZ_Unlock(store->lock);
+ if (et.emailList) {
+ rvArray = get_array_from_list(et.emailList,
+ rvOpt, maximumOpt, arenaOpt);
+ nssList_Destroy(et.emailList);
+ }
+ return rvArray;
+}
+
+/* Caller holds store->lock */
+static NSSCertificate *
+nssCertStore_FindCertByIssuerAndSerialNumberLocked(
+ nssCertificateStore *store,
+ NSSDER *issuer,
+ NSSDER *serial)
+{
+ certificate_hash_entry *entry;
+ NSSCertificate *rvCert = NULL;
+ NSSCertificate index;
+
+ index.issuer = *issuer;
+ index.serial = *serial;
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, &index);
+ if (entry) {
+ rvCert = nssCertificate_AddRef(entry->cert);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssCertificateStore_FindCertificateByIssuerAndSerialNumber(
+ nssCertificateStore *store,
+ NSSDER *issuer,
+ NSSDER *serial)
+{
+ NSSCertificate *rvCert = NULL;
+
+ PZ_Lock(store->lock);
+ rvCert = nssCertStore_FindCertByIssuerAndSerialNumberLocked(
+ store, issuer, serial);
+ PZ_Unlock(store->lock);
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssCertificateStore_FindCertificateByEncodedCertificate(
+ nssCertificateStore *store,
+ NSSDER *encoding)
+{
+ PRStatus nssrv = PR_FAILURE;
+ NSSDER issuer, serial;
+ NSSCertificate *rvCert = NULL;
+ nssrv = nssPKIX509_GetIssuerAndSerialFromDER(encoding, &issuer, &serial);
+ if (nssrv != PR_SUCCESS) {
+ return NULL;
+ }
+ rvCert = nssCertificateStore_FindCertificateByIssuerAndSerialNumber(store,
+ &issuer,
+ &serial);
+ PORT_Free(issuer.data);
+ PORT_Free(serial.data);
+ return rvCert;
+}
+
+NSS_EXTERN PRStatus
+nssCertificateStore_AddTrust(
+ nssCertificateStore *store,
+ NSSTrust *trust)
+{
+ NSSCertificate *cert;
+ certificate_hash_entry *entry;
+ cert = trust->certificate;
+ PZ_Lock(store->lock);
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, cert);
+ if (entry) {
+ NSSTrust *newTrust = nssTrust_AddRef(trust);
+ if (entry->trust) {
+ nssTrust_Destroy(entry->trust);
+ }
+ entry->trust = newTrust;
+ }
+ PZ_Unlock(store->lock);
+ return (entry) ? PR_SUCCESS : PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSTrust *
+nssCertificateStore_FindTrustForCertificate(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ certificate_hash_entry *entry;
+ NSSTrust *rvTrust = NULL;
+ PZ_Lock(store->lock);
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, cert);
+ if (entry && entry->trust) {
+ rvTrust = nssTrust_AddRef(entry->trust);
+ }
+ PZ_Unlock(store->lock);
+ return rvTrust;
+}
+
+NSS_EXTERN PRStatus
+nssCertificateStore_AddSMIMEProfile(
+ nssCertificateStore *store,
+ nssSMIMEProfile *profile)
+{
+ NSSCertificate *cert;
+ certificate_hash_entry *entry;
+ cert = profile->certificate;
+ PZ_Lock(store->lock);
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, cert);
+ if (entry) {
+ nssSMIMEProfile *newProfile = nssSMIMEProfile_AddRef(profile);
+ if (entry->profile) {
+ nssSMIMEProfile_Destroy(entry->profile);
+ }
+ entry->profile = newProfile;
+ }
+ PZ_Unlock(store->lock);
+ return (entry) ? PR_SUCCESS : PR_FAILURE;
+}
+
+NSS_IMPLEMENT nssSMIMEProfile *
+nssCertificateStore_FindSMIMEProfileForCertificate(
+ nssCertificateStore *store,
+ NSSCertificate *cert)
+{
+ certificate_hash_entry *entry;
+ nssSMIMEProfile *rvProfile = NULL;
+ PZ_Lock(store->lock);
+ entry = (certificate_hash_entry *)
+ nssHash_Lookup(store->issuer_and_serial, cert);
+ if (entry && entry->profile) {
+ rvProfile = nssSMIMEProfile_AddRef(entry->profile);
+ }
+ PZ_Unlock(store->lock);
+ return rvProfile;
+}
+
+/* XXX this is also used by cache and should be somewhere else */
+
+static PLHashNumber
+nss_certificate_hash(const void *key)
+{
+ unsigned int i;
+ PLHashNumber h;
+ NSSCertificate *c = (NSSCertificate *)key;
+ h = 0;
+ for (i = 0; i < c->issuer.size; i++)
+ h = PR_ROTATE_LEFT32(h, 4) ^ ((unsigned char *)c->issuer.data)[i];
+ for (i = 0; i < c->serial.size; i++)
+ h = PR_ROTATE_LEFT32(h, 4) ^ ((unsigned char *)c->serial.data)[i];
+ return h;
+}
+
+static int
+nss_compare_certs(const void *v1, const void *v2)
+{
+ PRStatus ignore;
+ NSSCertificate *c1 = (NSSCertificate *)v1;
+ NSSCertificate *c2 = (NSSCertificate *)v2;
+ return (int)(nssItem_Equal(&c1->issuer, &c2->issuer, &ignore) &&
+ nssItem_Equal(&c1->serial, &c2->serial, &ignore));
+}
+
+NSS_IMPLEMENT nssHash *
+nssHash_CreateCertificate(
+ NSSArena *arenaOpt,
+ PRUint32 numBuckets)
+{
+ return nssHash_Create(arenaOpt,
+ numBuckets,
+ nss_certificate_hash,
+ nss_compare_certs,
+ PL_CompareValues);
+}
+
+NSS_IMPLEMENT void
+nssCertificateStore_DumpStoreInfo(
+ nssCertificateStore *store,
+ void (*cert_dump_iter)(const void *, void *, void *),
+ void *arg)
+{
+ PZ_Lock(store->lock);
+ nssHash_Iterate(store->issuer_and_serial, cert_dump_iter, arg);
+ PZ_Unlock(store->lock);
+}
diff --git a/security/nss/lib/pki/pkistore.h b/security/nss/lib/pki/pkistore.h
new file mode 100644
index 000000000..729f209ce
--- /dev/null
+++ b/security/nss/lib/pki/pkistore.h
@@ -0,0 +1,138 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKISTORE_H
+#define PKISTORE_H
+
+#ifndef NSSPKIT_H
+#include "nsspkit.h"
+#endif /* NSSPKIT_H */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * PKI Stores
+ *
+ * This is a set of routines for managing local stores of PKI objects.
+ * Currently, the only application is in crypto contexts, where the
+ * certificate store is used. In the future, methods should be added
+ * here for storing local references to keys.
+ */
+
+/*
+ * nssCertificateStore
+ *
+ * Manages local store of certificate, trust, and S/MIME profile objects.
+ * Within a crypto context, mappings of cert to trust and cert to S/MIME
+ * profile are always 1-1. Therefore, it is reasonable to store all objects
+ * in a single collection, indexed by the certificate.
+ */
+
+NSS_EXTERN nssCertificateStore *
+nssCertificateStore_Create(
+ NSSArena *arenaOpt);
+
+NSS_EXTERN PRStatus
+nssCertificateStore_Destroy(
+ nssCertificateStore *store);
+
+/* Atomic Find cert in store, or add this cert to the store.
+** Ref counts properly maintained.
+*/
+NSS_EXTERN NSSCertificate *
+nssCertificateStore_FindOrAdd(
+ nssCertificateStore *store,
+ NSSCertificate *c);
+
+NSS_EXTERN void
+nssCertificateStore_RemoveCertLOCKED(
+ nssCertificateStore *store,
+ NSSCertificate *cert);
+
+struct nssCertificateStoreTraceStr {
+ nssCertificateStore *store;
+ PZLock *lock;
+ PRBool locked;
+ PRBool unlocked;
+};
+
+typedef struct nssCertificateStoreTraceStr nssCertificateStoreTrace;
+
+NSS_EXTERN void
+nssCertificateStore_Lock(
+ nssCertificateStore *store, nssCertificateStoreTrace *out);
+
+NSS_EXTERN void
+nssCertificateStore_Unlock(
+ nssCertificateStore *store, const nssCertificateStoreTrace *in,
+ nssCertificateStoreTrace *out);
+
+NSS_EXTERN NSSCertificate **
+nssCertificateStore_FindCertificatesBySubject(
+ nssCertificateStore *store,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSCertificate **
+nssCertificateStore_FindCertificatesByNickname(
+ nssCertificateStore *store,
+ const NSSUTF8 *nickname,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSCertificate **
+nssCertificateStore_FindCertificatesByEmail(
+ nssCertificateStore *store,
+ NSSASCII7 *email,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt);
+
+NSS_EXTERN NSSCertificate *
+nssCertificateStore_FindCertificateByIssuerAndSerialNumber(
+ nssCertificateStore *store,
+ NSSDER *issuer,
+ NSSDER *serial);
+
+NSS_EXTERN NSSCertificate *
+nssCertificateStore_FindCertificateByEncodedCertificate(
+ nssCertificateStore *store,
+ NSSDER *encoding);
+
+NSS_EXTERN PRStatus
+nssCertificateStore_AddTrust(
+ nssCertificateStore *store,
+ NSSTrust *trust);
+
+NSS_EXTERN NSSTrust *
+nssCertificateStore_FindTrustForCertificate(
+ nssCertificateStore *store,
+ NSSCertificate *cert);
+
+NSS_EXTERN PRStatus
+nssCertificateStore_AddSMIMEProfile(
+ nssCertificateStore *store,
+ nssSMIMEProfile *profile);
+
+NSS_EXTERN nssSMIMEProfile *
+nssCertificateStore_FindSMIMEProfileForCertificate(
+ nssCertificateStore *store,
+ NSSCertificate *cert);
+
+NSS_EXTERN void
+nssCertificateStore_DumpStoreInfo(
+ nssCertificateStore *store,
+ void (*cert_dump_iter)(const void *, void *, void *),
+ void *arg);
+
+PR_END_EXTERN_C
+
+#endif /* PKISTORE_H */
diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h
new file mode 100644
index 000000000..5d17a4531
--- /dev/null
+++ b/security/nss/lib/pki/pkit.h
@@ -0,0 +1,183 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKIT_H
+#define PKIT_H
+
+/*
+ * pkit.h
+ *
+ * This file contains definitions for the types of the top-level PKI objects.
+ */
+
+#ifndef NSSBASET_H
+#include "nssbaset.h"
+#endif /* NSSBASET_H */
+
+#ifndef BASET_H
+#include "baset.h"
+#endif /* BASET_H */
+
+#include "certt.h"
+#include "pkcs11t.h"
+
+#ifndef NSSPKIT_H
+#include "nsspkit.h"
+#endif /* NSSPKIT_H */
+
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
+#ifndef DEVT_H
+#include "devt.h"
+#endif /* DEVT_H */
+
+#ifndef nssrwlkt_h__
+#include "nssrwlkt.h"
+#endif /* nssrwlkt_h__ */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * A note on ephemeral certs
+ *
+ * The key objects defined here can only be created on tokens, and can only
+ * exist on tokens. Therefore, any instance of a key object must have
+ * a corresponding cryptoki instance. OTOH, certificates created in
+ * crypto contexts need not be stored as session objects on the token.
+ * There are good performance reasons for not doing so. The certificate
+ * and trust objects have been defined with a cryptoContext field to
+ * allow for ephemeral certs, which may have a single instance in a crypto
+ * context along with any number (including zero) of cryptoki instances.
+ * Since contexts may not share objects, there can be only one context
+ * for each object.
+ */
+
+typedef enum {
+ nssPKILock = 1,
+ nssPKIMonitor = 2
+} nssPKILockType;
+
+/* nssPKIObject
+ *
+ * This is the base object class, common to all PKI objects defined in
+ * nsspkit.h
+ */
+struct nssPKIObjectStr {
+ /* The arena for all object memory */
+ NSSArena *arena;
+ /* Atomically incremented/decremented reference counting */
+ PRInt32 refCount;
+ /* lock protects the array of nssCryptokiInstance's of the object */
+ union {
+ PZLock *lock;
+ PZMonitor *mlock;
+ } sync;
+ nssPKILockType lockType;
+ /* XXX with LRU cache, this cannot be guaranteed up-to-date. It cannot
+ * be compared against the update level of the trust domain, since it is
+ * also affected by import/export. Where is this array needed?
+ */
+ nssCryptokiObject **instances;
+ PRUint32 numInstances;
+ /* The object must live in a trust domain */
+ NSSTrustDomain *trustDomain;
+ /* The object may live in a crypto context */
+ NSSCryptoContext *cryptoContext;
+ /* XXX added so temp certs can have nickname, think more ... */
+ NSSUTF8 *tempName;
+};
+
+typedef struct nssDecodedCertStr nssDecodedCert;
+
+typedef struct nssCertificateStoreStr nssCertificateStore;
+
+/* How wide is the scope of this? */
+typedef struct nssSMIMEProfileStr nssSMIMEProfile;
+
+typedef struct nssPKIObjectStr nssPKIObject;
+
+struct NSSTrustStr {
+ nssPKIObject object;
+ NSSCertificate *certificate;
+ nssTrustLevel serverAuth;
+ nssTrustLevel clientAuth;
+ nssTrustLevel emailProtection;
+ nssTrustLevel codeSigning;
+ PRBool stepUpApproved;
+};
+
+struct nssSMIMEProfileStr {
+ nssPKIObject object;
+ NSSCertificate *certificate;
+ NSSASCII7 *email;
+ NSSDER *subject;
+ NSSItem *profileTime;
+ NSSItem *profileData;
+};
+
+struct NSSCertificateStr {
+ nssPKIObject object;
+ NSSCertificateType type;
+ NSSItem id;
+ NSSBER encoding;
+ NSSDER issuer;
+ NSSDER subject;
+ NSSDER serial;
+ NSSASCII7 *email;
+ nssDecodedCert *decoding;
+};
+
+struct NSSPrivateKeyStr;
+
+struct NSSPublicKeyStr;
+
+struct NSSSymmetricKeyStr;
+
+typedef struct nssTDCertificateCacheStr nssTDCertificateCache;
+
+struct NSSTrustDomainStr {
+ PRInt32 refCount;
+ NSSArena *arena;
+ NSSCallback *defaultCallback;
+ nssList *tokenList;
+ nssListIterator *tokens;
+ nssTDCertificateCache *cache;
+ NSSRWLock *tokensLock;
+ void *spkDigestInfo;
+ CERTStatusConfig *statusConfig;
+};
+
+struct NSSCryptoContextStr {
+ PRInt32 refCount;
+ NSSArena *arena;
+ NSSTrustDomain *td;
+ NSSToken *token;
+ nssSession *session;
+ nssCertificateStore *certStore;
+};
+
+struct NSSTimeStr {
+ PRTime prTime;
+};
+
+struct NSSCRLStr {
+ nssPKIObject object;
+ NSSDER encoding;
+ NSSUTF8 *url;
+ PRBool isKRL;
+};
+
+typedef struct NSSCRLStr NSSCRL;
+
+struct NSSPoliciesStr;
+
+struct NSSAlgorithmAndParametersStr;
+
+struct NSSPKIXCertificateStr;
+
+PR_END_EXTERN_C
+
+#endif /* PKIT_H */
diff --git a/security/nss/lib/pki/pkitm.h b/security/nss/lib/pki/pkitm.h
new file mode 100644
index 000000000..38a5fac35
--- /dev/null
+++ b/security/nss/lib/pki/pkitm.h
@@ -0,0 +1,88 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKITM_H
+#define PKITM_H
+
+/*
+ * pkitm.h
+ *
+ * This file contains PKI-module specific types.
+ */
+
+#ifndef BASET_H
+#include "baset.h"
+#endif /* BASET_H */
+
+#ifndef PKIT_H
+#include "pkit.h"
+#endif /* PKIT_H */
+
+PR_BEGIN_EXTERN_C
+
+typedef enum nssCertIDMatchEnum {
+ nssCertIDMatch_Yes = 0,
+ nssCertIDMatch_No = 1,
+ nssCertIDMatch_Unknown = 2
+} nssCertIDMatch;
+
+/*
+ * nssDecodedCert
+ *
+ * This is an interface to allow the PKI module access to certificate
+ * information that can only be found by decoding. The interface is
+ * generic, allowing each certificate type its own way of providing
+ * the information
+ */
+struct nssDecodedCertStr {
+ NSSCertificateType type;
+ void *data;
+ /* returns the unique identifier for the cert */
+ NSSItem *(*getIdentifier)(nssDecodedCert *dc);
+ /* returns the unique identifier for this cert's issuer */
+ void *(*getIssuerIdentifier)(nssDecodedCert *dc);
+ /* is id the identifier for this cert? */
+ nssCertIDMatch (*matchIdentifier)(nssDecodedCert *dc, void *id);
+ /* is this cert a valid CA cert? */
+ PRBool (*isValidIssuer)(nssDecodedCert *dc);
+ /* returns the cert usage */
+ NSSUsage *(*getUsage)(nssDecodedCert *dc);
+ /* is time within the validity period of the cert? */
+ PRBool (*isValidAtTime)(nssDecodedCert *dc, NSSTime *time);
+ /* is the validity period of this cert newer than cmpdc? */
+ PRBool (*isNewerThan)(nssDecodedCert *dc, nssDecodedCert *cmpdc);
+ /* does the usage for this cert match the requested usage? */
+ PRBool (*matchUsage)(nssDecodedCert *dc, const NSSUsage *usage);
+ /* is this cert trusted for the requested usage? */
+ PRBool (*isTrustedForUsage)(nssDecodedCert *dc,
+ const NSSUsage *usage);
+ /* extract the email address */
+ NSSASCII7 *(*getEmailAddress)(nssDecodedCert *dc);
+ /* extract the DER-encoded serial number */
+ PRStatus (*getDERSerialNumber)(nssDecodedCert *dc,
+ NSSDER *derSerial, NSSArena *arena);
+};
+
+struct NSSUsageStr {
+ PRBool anyUsage;
+ SECCertUsage nss3usage;
+ PRBool nss3lookingForCA;
+};
+
+typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection;
+
+typedef struct
+{
+ union {
+ PRStatus (*cert)(NSSCertificate *c, void *arg);
+ PRStatus (*crl)(NSSCRL *crl, void *arg);
+ PRStatus (*pvkey)(NSSPrivateKey *vk, void *arg);
+ PRStatus (*pbkey)(NSSPublicKey *bk, void *arg);
+ } func;
+ void *arg;
+} nssPKIObjectCallback;
+
+PR_END_EXTERN_C
+
+#endif /* PKITM_H */
diff --git a/security/nss/lib/pki/symmkey.c b/security/nss/lib/pki/symmkey.c
new file mode 100644
index 000000000..3103f20c8
--- /dev/null
+++ b/security/nss/lib/pki/symmkey.c
@@ -0,0 +1,238 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+NSS_IMPLEMENT PRStatus
+NSSSymmetricKey_Destroy(NSSSymmetricKey *mk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSSymmetricKey_DeleteStoredObject(
+ NSSSymmetricKey *mk,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRUint32
+NSSSymmetricKey_GetKeyLength(NSSSymmetricKey *mk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return -1;
+}
+
+NSS_IMPLEMENT PRUint32
+NSSSymmetricKey_GetKeyStrength(NSSSymmetricKey *mk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return -1;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSSymmetricKey_IsStillPresent(NSSSymmetricKey *mk)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSTrustDomain *
+NSSSymmetricKey_GetTrustDomain(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSSymmetricKey_GetToken(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSlot *
+NSSSymmetricKey_GetSlot(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSModule *
+NSSSymmetricKey_GetModule(
+ NSSSymmetricKey *mk,
+ PRStatus *statusOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_Encrypt(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_Decrypt(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *encryptedData,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_Sign(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_SignRecover(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSSymmetricKey_Verify(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *data,
+ NSSItem *signature,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_VerifyRecover(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *signature,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_WrapSymmetricKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSSymmetricKey *keyToWrap,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSItem *
+NSSSymmetricKey_WrapPrivateKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPrivateKey *keyToWrap,
+ NSSCallback *uhh,
+ NSSItem *rvOpt,
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSSymmetricKey_UnwrapSymmetricKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSOID *target,
+ PRUint32 keySizeOpt,
+ NSSOperations operations,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSPrivateKey *
+NSSSymmetricKey_UnwrapPrivateKey(
+ NSSSymmetricKey *wrappingKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSItem *wrappedKey,
+ NSSUTF8 *labelOpt,
+ NSSItem *keyIDOpt,
+ PRBool persistant,
+ PRBool sensitive,
+ NSSToken *destinationOpt,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSSymmetricKey_DeriveSymmetricKey(
+ NSSSymmetricKey *originalKey,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSOID *target,
+ PRUint32 keySizeOpt,
+ NSSOperations operations,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSSymmetricKey_CreateCryptoContext(
+ NSSSymmetricKey *mk,
+ NSSAlgorithmAndParameters *apOpt,
+ NSSCallback *uhh)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
diff --git a/security/nss/lib/pki/tdcache.c b/security/nss/lib/pki/tdcache.c
new file mode 100644
index 000000000..385b8e4bc
--- /dev/null
+++ b/security/nss/lib/pki/tdcache.c
@@ -0,0 +1,1106 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#ifndef PKIT_H
+#include "pkit.h"
+#endif /* PKIT_H */
+
+#ifndef NSSPKI_H
+#include "nsspki.h"
+#endif /* NSSPKI_H */
+
+#ifndef PKI_H
+#include "pki.h"
+#endif /* PKI_H */
+
+#ifndef NSSBASE_H
+#include "nssbase.h"
+#endif /* NSSBASE_H */
+
+#ifndef BASE_H
+#include "base.h"
+#endif /* BASE_H */
+
+#include "cert.h"
+#include "dev.h"
+#include "pki3hack.h"
+
+#ifdef DEBUG_CACHE
+static PRLogModuleInfo *s_log = NULL;
+#endif
+
+#ifdef DEBUG_CACHE
+static void
+log_item_dump(const char *msg, NSSItem *it)
+{
+ char buf[33];
+ int i, j;
+ for (i = 0; i < 10 && i < it->size; i++) {
+ sprintf(&buf[2 * i], "%02X", ((PRUint8 *)it->data)[i]);
+ }
+ if (it->size > 10) {
+ sprintf(&buf[2 * i], "..");
+ i += 1;
+ for (j = it->size - 1; i <= 16 && j > 10; i++, j--) {
+ sprintf(&buf[2 * i], "%02X", ((PRUint8 *)it->data)[j]);
+ }
+ }
+ PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg, buf));
+}
+#endif
+
+#ifdef DEBUG_CACHE
+static void
+log_cert_ref(const char *msg, NSSCertificate *c)
+{
+ PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg,
+ (c->nickname) ? c->nickname : c->email));
+ log_item_dump("\tserial", &c->serial);
+ log_item_dump("\tsubject", &c->subject);
+}
+#endif
+
+/* Certificate cache routines */
+
+/* XXX
+ * Locking is not handled well at all. A single, global lock with sub-locks
+ * in the collection types. Cleanup needed.
+ */
+
+/* should it live in its own arena? */
+struct nssTDCertificateCacheStr {
+ PZLock *lock;
+ NSSArena *arena;
+ nssHash *issuerAndSN;
+ nssHash *subject;
+ nssHash *nickname;
+ nssHash *email;
+};
+
+struct cache_entry_str {
+ union {
+ NSSCertificate *cert;
+ nssList *list;
+ void *value;
+ } entry;
+ PRUint32 hits;
+ PRTime lastHit;
+ NSSArena *arena;
+ NSSUTF8 *nickname;
+};
+
+typedef struct cache_entry_str cache_entry;
+
+static cache_entry *
+new_cache_entry(NSSArena *arena, void *value, PRBool ownArena)
+{
+ cache_entry *ce = nss_ZNEW(arena, cache_entry);
+ if (ce) {
+ ce->entry.value = value;
+ ce->hits = 1;
+ ce->lastHit = PR_Now();
+ if (ownArena) {
+ ce->arena = arena;
+ }
+ ce->nickname = NULL;
+ }
+ return ce;
+}
+
+/* this should not be exposed in a header, but is here to keep the above
+ * types/functions static
+ */
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_InitializeCache(
+ NSSTrustDomain *td,
+ PRUint32 cacheSize)
+{
+ NSSArena *arena;
+ nssTDCertificateCache *cache = td->cache;
+#ifdef DEBUG_CACHE
+ s_log = PR_NewLogModule("nss_cache");
+ PR_ASSERT(s_log);
+#endif
+ PR_ASSERT(!cache);
+ arena = nssArena_Create();
+ if (!arena) {
+ return PR_FAILURE;
+ }
+ cache = nss_ZNEW(arena, nssTDCertificateCache);
+ if (!cache) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ cache->lock = PZ_NewLock(nssILockCache);
+ if (!cache->lock) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ /* Create the issuer and serial DER --> certificate hash */
+ cache->issuerAndSN = nssHash_CreateCertificate(arena, cacheSize);
+ if (!cache->issuerAndSN) {
+ goto loser;
+ }
+ /* Create the subject DER --> subject list hash */
+ cache->subject = nssHash_CreateItem(arena, cacheSize);
+ if (!cache->subject) {
+ goto loser;
+ }
+ /* Create the nickname --> subject list hash */
+ cache->nickname = nssHash_CreateString(arena, cacheSize);
+ if (!cache->nickname) {
+ goto loser;
+ }
+ /* Create the email --> list of subject lists hash */
+ cache->email = nssHash_CreateString(arena, cacheSize);
+ if (!cache->email) {
+ goto loser;
+ }
+ cache->arena = arena;
+ td->cache = cache;
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialized."));
+#endif
+ return PR_SUCCESS;
+loser:
+ PZ_DestroyLock(cache->lock);
+ nssArena_Destroy(arena);
+ td->cache = NULL;
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialization failed."));
+#endif
+ return PR_FAILURE;
+}
+
+/* The entries of the hashtable are currently dependent on the certificate(s)
+ * that produced them. That is, the entries will be freed when the cert is
+ * released from the cache. If there are certs in the cache at any time,
+ * including shutdown, the hash table entries will hold memory. In order for
+ * clean shutdown, it is necessary for there to be no certs in the cache.
+ */
+
+extern const NSSError NSS_ERROR_INTERNAL_ERROR;
+extern const NSSError NSS_ERROR_BUSY;
+
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_DestroyCache(NSSTrustDomain *td)
+{
+ if (!td->cache) {
+ nss_SetError(NSS_ERROR_INTERNAL_ERROR);
+ return PR_FAILURE;
+ }
+ if (nssHash_Count(td->cache->issuerAndSN) > 0) {
+ nss_SetError(NSS_ERROR_BUSY);
+ return PR_FAILURE;
+ }
+ PZ_DestroyLock(td->cache->lock);
+ nssHash_Destroy(td->cache->issuerAndSN);
+ nssHash_Destroy(td->cache->subject);
+ nssHash_Destroy(td->cache->nickname);
+ nssHash_Destroy(td->cache->email);
+ nssArena_Destroy(td->cache->arena);
+ td->cache = NULL;
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("Cache destroyed."));
+#endif
+ return PR_SUCCESS;
+}
+
+static PRStatus
+remove_issuer_and_serial_entry(
+ nssTDCertificateCache *cache,
+ NSSCertificate *cert)
+{
+ /* Remove the cert from the issuer/serial hash */
+ nssHash_Remove(cache->issuerAndSN, cert);
+#ifdef DEBUG_CACHE
+ log_cert_ref("removed issuer/sn", cert);
+#endif
+ return PR_SUCCESS;
+}
+
+static PRStatus
+remove_subject_entry(
+ nssTDCertificateCache *cache,
+ NSSCertificate *cert,
+ nssList **subjectList,
+ NSSUTF8 **nickname,
+ NSSArena **arena)
+{
+ PRStatus nssrv;
+ cache_entry *ce;
+ *subjectList = NULL;
+ *arena = NULL;
+ /* Get the subject list for the cert's subject */
+ ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
+ if (ce) {
+ /* Remove the cert from the subject hash */
+ nssList_Remove(ce->entry.list, cert);
+ *subjectList = ce->entry.list;
+ *nickname = ce->nickname;
+ *arena = ce->arena;
+ nssrv = PR_SUCCESS;
+#ifdef DEBUG_CACHE
+ log_cert_ref("removed cert", cert);
+ log_item_dump("from subject list", &cert->subject);
+#endif
+ } else {
+ nssrv = PR_FAILURE;
+ }
+ return nssrv;
+}
+
+static PRStatus
+remove_nickname_entry(
+ nssTDCertificateCache *cache,
+ NSSUTF8 *nickname,
+ nssList *subjectList)
+{
+ PRStatus nssrv;
+ if (nickname) {
+ nssHash_Remove(cache->nickname, nickname);
+ nssrv = PR_SUCCESS;
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("removed nickname %s", nickname));
+#endif
+ } else {
+ nssrv = PR_FAILURE;
+ }
+ return nssrv;
+}
+
+static PRStatus
+remove_email_entry(
+ nssTDCertificateCache *cache,
+ NSSCertificate *cert,
+ nssList *subjectList)
+{
+ PRStatus nssrv = PR_FAILURE;
+ cache_entry *ce;
+ /* Find the subject list in the email hash */
+ if (cert->email) {
+ ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
+ if (ce) {
+ nssList *subjects = ce->entry.list;
+ /* Remove the subject list from the email hash */
+ if (subjects) {
+ nssList_Remove(subjects, subjectList);
+#ifdef DEBUG_CACHE
+ log_item_dump("removed subject list", &cert->subject);
+ PR_LOG(s_log, PR_LOG_DEBUG, ("for email %s", cert->email));
+#endif
+ if (nssList_Count(subjects) == 0) {
+ /* No more subject lists for email, delete list and
+ * remove hash entry
+ */
+ (void)nssList_Destroy(subjects);
+ nssHash_Remove(cache->email, cert->email);
+ /* there are no entries left for this address, free space
+ * used for email entries
+ */
+ nssArena_Destroy(ce->arena);
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("removed email %s", cert->email));
+#endif
+ }
+ }
+ nssrv = PR_SUCCESS;
+ }
+ }
+ return nssrv;
+}
+
+NSS_IMPLEMENT void
+nssTrustDomain_RemoveCertFromCacheLOCKED(
+ NSSTrustDomain *td,
+ NSSCertificate *cert)
+{
+ nssList *subjectList;
+ cache_entry *ce;
+ NSSArena *arena;
+ NSSUTF8 *nickname = NULL;
+
+#ifdef DEBUG_CACHE
+ log_cert_ref("attempt to remove cert", cert);
+#endif
+ ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert);
+ if (!ce || ce->entry.cert != cert) {
+/* If it's not in the cache, or a different cert is (this is really
+ * for safety reasons, though it shouldn't happen), do nothing
+ */
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("but it wasn't in the cache"));
+#endif
+ return;
+ }
+ (void)remove_issuer_and_serial_entry(td->cache, cert);
+ (void)remove_subject_entry(td->cache, cert, &subjectList,
+ &nickname, &arena);
+ if (nssList_Count(subjectList) == 0) {
+ (void)remove_nickname_entry(td->cache, nickname, subjectList);
+ (void)remove_email_entry(td->cache, cert, subjectList);
+ (void)nssList_Destroy(subjectList);
+ nssHash_Remove(td->cache->subject, &cert->subject);
+ /* there are no entries left for this subject, free the space used
+ * for both the nickname and subject entries
+ */
+ if (arena) {
+ nssArena_Destroy(arena);
+ }
+ }
+}
+
+NSS_IMPLEMENT void
+nssTrustDomain_LockCertCache(NSSTrustDomain *td)
+{
+ PZ_Lock(td->cache->lock);
+}
+
+NSS_IMPLEMENT void
+nssTrustDomain_UnlockCertCache(NSSTrustDomain *td)
+{
+ PZ_Unlock(td->cache->lock);
+}
+
+struct token_cert_dtor {
+ NSSToken *token;
+ nssTDCertificateCache *cache;
+ NSSCertificate **certs;
+ PRUint32 numCerts, arrSize;
+};
+
+static void
+remove_token_certs(const void *k, void *v, void *a)
+{
+ NSSCertificate *c = (NSSCertificate *)k;
+ nssPKIObject *object = &c->object;
+ struct token_cert_dtor *dtor = a;
+ PRUint32 i;
+ nssPKIObject_AddRef(object);
+ nssPKIObject_Lock(object);
+ for (i = 0; i < object->numInstances; i++) {
+ if (object->instances[i]->token == dtor->token) {
+ nssCryptokiObject_Destroy(object->instances[i]);
+ object->instances[i] = object->instances[object->numInstances - 1];
+ object->instances[object->numInstances - 1] = NULL;
+ object->numInstances--;
+ dtor->certs[dtor->numCerts++] = c;
+ if (dtor->numCerts == dtor->arrSize) {
+ dtor->arrSize *= 2;
+ dtor->certs = nss_ZREALLOCARRAY(dtor->certs,
+ NSSCertificate *,
+ dtor->arrSize);
+ }
+ break;
+ }
+ }
+ nssPKIObject_Unlock(object);
+ nssPKIObject_Destroy(object);
+ return;
+}
+
+/*
+ * Remove all certs for the given token from the cache. This is
+ * needed if the token is removed.
+ */
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_RemoveTokenCertsFromCache(
+ NSSTrustDomain *td,
+ NSSToken *token)
+{
+ NSSCertificate **certs;
+ PRUint32 i, arrSize = 10;
+ struct token_cert_dtor dtor;
+ certs = nss_ZNEWARRAY(NULL, NSSCertificate *, arrSize);
+ if (!certs) {
+ return PR_FAILURE;
+ }
+ dtor.cache = td->cache;
+ dtor.token = token;
+ dtor.certs = certs;
+ dtor.numCerts = 0;
+ dtor.arrSize = arrSize;
+ PZ_Lock(td->cache->lock);
+ nssHash_Iterate(td->cache->issuerAndSN, remove_token_certs, &dtor);
+ for (i = 0; i < dtor.numCerts; i++) {
+ if (dtor.certs[i]->object.numInstances == 0) {
+ nssTrustDomain_RemoveCertFromCacheLOCKED(td, dtor.certs[i]);
+ dtor.certs[i] = NULL; /* skip this cert in the second for loop */
+ } else {
+ /* make sure it doesn't disappear on us before we finish */
+ nssCertificate_AddRef(dtor.certs[i]);
+ }
+ }
+ PZ_Unlock(td->cache->lock);
+ for (i = 0; i < dtor.numCerts; i++) {
+ if (dtor.certs[i]) {
+ STAN_ForceCERTCertificateUpdate(dtor.certs[i]);
+ nssCertificate_Destroy(dtor.certs[i]);
+ }
+ }
+ nss_ZFreeIf(dtor.certs);
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_UpdateCachedTokenCerts(
+ NSSTrustDomain *td,
+ NSSToken *token)
+{
+ NSSCertificate **cp, **cached = NULL;
+ nssList *certList;
+ PRUint32 count;
+ certList = nssList_Create(NULL, PR_FALSE);
+ if (!certList)
+ return PR_FAILURE;
+ (void)nssTrustDomain_GetCertsFromCache(td, certList);
+ count = nssList_Count(certList);
+ if (count > 0) {
+ cached = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
+ if (!cached) {
+ nssList_Destroy(certList);
+ return PR_FAILURE;
+ }
+ nssList_GetArray(certList, (void **)cached, count);
+ for (cp = cached; *cp; cp++) {
+ nssCryptokiObject *instance;
+ NSSCertificate *c = *cp;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ instance = nssToken_FindCertificateByIssuerAndSerialNumber(
+ token,
+ NULL,
+ &c->issuer,
+ &c->serial,
+ tokenOnly,
+ NULL);
+ if (instance) {
+ nssPKIObject_AddInstance(&c->object, instance);
+ STAN_ForceCERTCertificateUpdate(c);
+ }
+ }
+ nssCertificateArray_Destroy(cached);
+ }
+ nssList_Destroy(certList);
+ return PR_SUCCESS;
+}
+
+static PRStatus
+add_issuer_and_serial_entry(
+ NSSArena *arena,
+ nssTDCertificateCache *cache,
+ NSSCertificate *cert)
+{
+ cache_entry *ce;
+ ce = new_cache_entry(arena, (void *)cert, PR_FALSE);
+#ifdef DEBUG_CACHE
+ log_cert_ref("added to issuer/sn", cert);
+#endif
+ return nssHash_Add(cache->issuerAndSN, cert, (void *)ce);
+}
+
+static PRStatus
+add_subject_entry(
+ NSSArena *arena,
+ nssTDCertificateCache *cache,
+ NSSCertificate *cert,
+ NSSUTF8 *nickname,
+ nssList **subjectList)
+{
+ PRStatus nssrv;
+ nssList *list;
+ cache_entry *ce;
+ *subjectList = NULL; /* this is only set if a new one is created */
+ ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
+ if (ce) {
+ ce->hits++;
+ ce->lastHit = PR_Now();
+ /* The subject is already in, add this cert to the list */
+ nssrv = nssList_AddUnique(ce->entry.list, cert);
+#ifdef DEBUG_CACHE
+ log_cert_ref("added to existing subject list", cert);
+#endif
+ } else {
+ NSSDER *subject;
+ /* Create a new subject list for the subject */
+ list = nssList_Create(arena, PR_FALSE);
+ if (!list) {
+ return PR_FAILURE;
+ }
+ ce = new_cache_entry(arena, (void *)list, PR_TRUE);
+ if (!ce) {
+ return PR_FAILURE;
+ }
+ if (nickname) {
+ ce->nickname = nssUTF8_Duplicate(nickname, arena);
+ }
+ nssList_SetSortFunction(list, nssCertificate_SubjectListSort);
+ /* Add the cert entry to this list of subjects */
+ nssrv = nssList_AddUnique(list, cert);
+ if (nssrv != PR_SUCCESS) {
+ return nssrv;
+ }
+ /* Add the subject list to the cache */
+ subject = nssItem_Duplicate(&cert->subject, arena, NULL);
+ if (!subject) {
+ return PR_FAILURE;
+ }
+ nssrv = nssHash_Add(cache->subject, subject, ce);
+ if (nssrv != PR_SUCCESS) {
+ return nssrv;
+ }
+ *subjectList = list;
+#ifdef DEBUG_CACHE
+ log_cert_ref("created subject list", cert);
+#endif
+ }
+ return nssrv;
+}
+
+static PRStatus
+add_nickname_entry(
+ NSSArena *arena,
+ nssTDCertificateCache *cache,
+ NSSUTF8 *certNickname,
+ nssList *subjectList)
+{
+ PRStatus nssrv = PR_SUCCESS;
+ cache_entry *ce;
+ ce = (cache_entry *)nssHash_Lookup(cache->nickname, certNickname);
+ if (ce) {
+ /* This is a collision. A nickname entry already exists for this
+ * subject, but a subject entry didn't. This would imply there are
+ * two subjects using the same nickname, which is not allowed.
+ */
+ return PR_FAILURE;
+ } else {
+ NSSUTF8 *nickname;
+ ce = new_cache_entry(arena, subjectList, PR_FALSE);
+ if (!ce) {
+ return PR_FAILURE;
+ }
+ nickname = nssUTF8_Duplicate(certNickname, arena);
+ if (!nickname) {
+ return PR_FAILURE;
+ }
+ nssrv = nssHash_Add(cache->nickname, nickname, ce);
+#ifdef DEBUG_CACHE
+ log_cert_ref("created nickname for", cert);
+#endif
+ }
+ return nssrv;
+}
+
+static PRStatus
+add_email_entry(
+ nssTDCertificateCache *cache,
+ NSSCertificate *cert,
+ nssList *subjectList)
+{
+ PRStatus nssrv = PR_SUCCESS;
+ nssList *subjects;
+ cache_entry *ce;
+ ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
+ if (ce) {
+ /* Already have an entry for this email address, but not subject */
+ subjects = ce->entry.list;
+ nssrv = nssList_AddUnique(subjects, subjectList);
+ ce->hits++;
+ ce->lastHit = PR_Now();
+#ifdef DEBUG_CACHE
+ log_cert_ref("added subject to email for", cert);
+#endif
+ } else {
+ NSSASCII7 *email;
+ NSSArena *arena;
+ arena = nssArena_Create();
+ if (!arena) {
+ return PR_FAILURE;
+ }
+ /* Create a new list of subject lists, add this subject */
+ subjects = nssList_Create(arena, PR_TRUE);
+ if (!subjects) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ /* Add the new subject to the list */
+ nssrv = nssList_AddUnique(subjects, subjectList);
+ if (nssrv != PR_SUCCESS) {
+ nssArena_Destroy(arena);
+ return nssrv;
+ }
+ /* Add the new entry to the cache */
+ ce = new_cache_entry(arena, (void *)subjects, PR_TRUE);
+ if (!ce) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ email = nssUTF8_Duplicate(cert->email, arena);
+ if (!email) {
+ nssArena_Destroy(arena);
+ return PR_FAILURE;
+ }
+ nssrv = nssHash_Add(cache->email, email, ce);
+ if (nssrv != PR_SUCCESS) {
+ nssArena_Destroy(arena);
+ return nssrv;
+ }
+#ifdef DEBUG_CACHE
+ log_cert_ref("created email for", cert);
+#endif
+ }
+ return nssrv;
+}
+
+extern const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE;
+
+static void
+remove_object_instances(
+ nssPKIObject *object,
+ nssCryptokiObject **instances,
+ int numInstances)
+{
+ int i;
+
+ for (i = 0; i < numInstances; i++) {
+ nssPKIObject_RemoveInstanceForToken(object, instances[i]->token);
+ }
+}
+
+static SECStatus
+merge_object_instances(
+ nssPKIObject *to,
+ nssPKIObject *from)
+{
+ nssCryptokiObject **instances, **ci;
+ int i;
+ SECStatus rv = SECSuccess;
+
+ instances = nssPKIObject_GetInstances(from);
+ if (instances == NULL) {
+ return SECFailure;
+ }
+ for (ci = instances, i = 0; *ci; ci++, i++) {
+ nssCryptokiObject *instance = nssCryptokiObject_Clone(*ci);
+ if (instance) {
+ if (nssPKIObject_AddInstance(to, instance) == PR_SUCCESS) {
+ continue;
+ }
+ nssCryptokiObject_Destroy(instance);
+ }
+ remove_object_instances(to, instances, i);
+ rv = SECFailure;
+ break;
+ }
+ nssCryptokiObjectArray_Destroy(instances);
+ return rv;
+}
+
+static NSSCertificate *
+add_cert_to_cache(
+ NSSTrustDomain *td,
+ NSSCertificate *cert)
+{
+ NSSArena *arena = NULL;
+ nssList *subjectList = NULL;
+ PRStatus nssrv;
+ PRUint32 added = 0;
+ cache_entry *ce;
+ NSSCertificate *rvCert = NULL;
+ NSSUTF8 *certNickname = nssCertificate_GetNickname(cert, NULL);
+
+ PZ_Lock(td->cache->lock);
+ /* If it exists in the issuer/serial hash, it's already in all */
+ ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert);
+ if (ce) {
+ ce->hits++;
+ ce->lastHit = PR_Now();
+ rvCert = nssCertificate_AddRef(ce->entry.cert);
+#ifdef DEBUG_CACHE
+ log_cert_ref("attempted to add cert already in cache", cert);
+#endif
+ PZ_Unlock(td->cache->lock);
+ nss_ZFreeIf(certNickname);
+ /* collision - somebody else already added the cert
+ * to the cache before this thread got around to it.
+ */
+ /* merge the instances of the cert */
+ if (merge_object_instances(&rvCert->object, &cert->object) != SECSuccess) {
+ nssCertificate_Destroy(rvCert);
+ return NULL;
+ }
+ STAN_ForceCERTCertificateUpdate(rvCert);
+ nssCertificate_Destroy(cert);
+ return rvCert;
+ }
+ /* create a new cache entry for this cert within the cert's arena*/
+ nssrv = add_issuer_and_serial_entry(cert->object.arena, td->cache, cert);
+ if (nssrv != PR_SUCCESS) {
+ goto loser;
+ }
+ added++;
+ /* create an arena for the nickname and subject entries */
+ arena = nssArena_Create();
+ if (!arena) {
+ goto loser;
+ }
+ /* create a new subject list for this cert, or add to existing */
+ nssrv = add_subject_entry(arena, td->cache, cert,
+ certNickname, &subjectList);
+ if (nssrv != PR_SUCCESS) {
+ goto loser;
+ }
+ added++;
+ /* If a new subject entry was created, also need nickname and/or email */
+ if (subjectList != NULL) {
+#ifdef nodef
+ PRBool handle = PR_FALSE;
+#endif
+ if (certNickname) {
+ nssrv = add_nickname_entry(arena, td->cache,
+ certNickname, subjectList);
+ if (nssrv != PR_SUCCESS) {
+ goto loser;
+ }
+#ifdef nodef
+ handle = PR_TRUE;
+#endif
+ added++;
+ }
+ if (cert->email) {
+ nssrv = add_email_entry(td->cache, cert, subjectList);
+ if (nssrv != PR_SUCCESS) {
+ goto loser;
+ }
+#ifdef nodef
+ handle = PR_TRUE;
+#endif
+ added += 2;
+ }
+#ifdef nodef
+ /* I think either a nickname or email address must be associated
+ * with the cert. However, certs are passed to NewTemp without
+ * either. This worked in the old code, so it must work now.
+ */
+ if (!handle) {
+ /* Require either nickname or email handle */
+ nssrv = PR_FAILURE;
+ goto loser;
+ }
+#endif
+ } else {
+ /* A new subject entry was not created. arena is unused. */
+ nssArena_Destroy(arena);
+ }
+ rvCert = cert;
+ PZ_Unlock(td->cache->lock);
+ nss_ZFreeIf(certNickname);
+ return rvCert;
+loser:
+ nss_ZFreeIf(certNickname);
+ certNickname = NULL;
+ /* Remove any handles that have been created */
+ subjectList = NULL;
+ if (added >= 1) {
+ (void)remove_issuer_and_serial_entry(td->cache, cert);
+ }
+ if (added >= 2) {
+ (void)remove_subject_entry(td->cache, cert, &subjectList,
+ &certNickname, &arena);
+ }
+ if (added == 3 || added == 5) {
+ (void)remove_nickname_entry(td->cache, certNickname, subjectList);
+ }
+ if (added >= 4) {
+ (void)remove_email_entry(td->cache, cert, subjectList);
+ }
+ if (subjectList) {
+ nssHash_Remove(td->cache->subject, &cert->subject);
+ nssList_Destroy(subjectList);
+ }
+ if (arena) {
+ nssArena_Destroy(arena);
+ }
+ PZ_Unlock(td->cache->lock);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+nssTrustDomain_AddCertsToCache(
+ NSSTrustDomain *td,
+ NSSCertificate **certs,
+ PRUint32 numCerts)
+{
+ PRUint32 i;
+ NSSCertificate *c;
+ for (i = 0; i < numCerts && certs[i]; i++) {
+ c = add_cert_to_cache(td, certs[i]);
+ if (c == NULL) {
+ return PR_FAILURE;
+ } else {
+ certs[i] = c;
+ }
+ }
+ return PR_SUCCESS;
+}
+
+static NSSCertificate **
+collect_subject_certs(
+ nssList *subjectList,
+ nssList *rvCertListOpt)
+{
+ NSSCertificate *c;
+ NSSCertificate **rvArray = NULL;
+ PRUint32 count;
+ nssCertificateList_AddReferences(subjectList);
+ if (rvCertListOpt) {
+ nssListIterator *iter = nssList_CreateIterator(subjectList);
+ if (!iter) {
+ return (NSSCertificate **)NULL;
+ }
+ for (c = (NSSCertificate *)nssListIterator_Start(iter);
+ c != (NSSCertificate *)NULL;
+ c = (NSSCertificate *)nssListIterator_Next(iter)) {
+ nssList_Add(rvCertListOpt, c);
+ }
+ nssListIterator_Finish(iter);
+ nssListIterator_Destroy(iter);
+ } else {
+ count = nssList_Count(subjectList);
+ rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
+ if (!rvArray) {
+ return (NSSCertificate **)NULL;
+ }
+ nssList_GetArray(subjectList, (void **)rvArray, count);
+ }
+ return rvArray;
+}
+
+/*
+ * Find all cached certs with this subject.
+ */
+NSS_IMPLEMENT NSSCertificate **
+nssTrustDomain_GetCertsForSubjectFromCache(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ nssList *certListOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ cache_entry *ce;
+#ifdef DEBUG_CACHE
+ log_item_dump("looking for cert by subject", subject);
+#endif
+ PZ_Lock(td->cache->lock);
+ ce = (cache_entry *)nssHash_Lookup(td->cache->subject, subject);
+ if (ce) {
+ ce->hits++;
+ ce->lastHit = PR_Now();
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
+#endif
+ rvArray = collect_subject_certs(ce->entry.list, certListOpt);
+ }
+ PZ_Unlock(td->cache->lock);
+ return rvArray;
+}
+
+/*
+ * Find all cached certs with this label.
+ */
+NSS_IMPLEMENT NSSCertificate **
+nssTrustDomain_GetCertsForNicknameFromCache(
+ NSSTrustDomain *td,
+ const NSSUTF8 *nickname,
+ nssList *certListOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ cache_entry *ce;
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by nick %s", nickname));
+#endif
+ PZ_Lock(td->cache->lock);
+ ce = (cache_entry *)nssHash_Lookup(td->cache->nickname, nickname);
+ if (ce) {
+ ce->hits++;
+ ce->lastHit = PR_Now();
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
+#endif
+ rvArray = collect_subject_certs(ce->entry.list, certListOpt);
+ }
+ PZ_Unlock(td->cache->lock);
+ return rvArray;
+}
+
+/*
+ * Find all cached certs with this email address.
+ */
+NSS_IMPLEMENT NSSCertificate **
+nssTrustDomain_GetCertsForEmailAddressFromCache(
+ NSSTrustDomain *td,
+ NSSASCII7 *email,
+ nssList *certListOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ cache_entry *ce;
+ nssList *collectList = NULL;
+ nssListIterator *iter = NULL;
+ nssList *subjectList;
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by email %s", email));
+#endif
+ PZ_Lock(td->cache->lock);
+ ce = (cache_entry *)nssHash_Lookup(td->cache->email, email);
+ if (ce) {
+ ce->hits++;
+ ce->lastHit = PR_Now();
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
+#endif
+ /* loop over subject lists and get refs for certs */
+ if (certListOpt) {
+ collectList = certListOpt;
+ } else {
+ collectList = nssList_Create(NULL, PR_FALSE);
+ if (!collectList) {
+ PZ_Unlock(td->cache->lock);
+ return NULL;
+ }
+ }
+ iter = nssList_CreateIterator(ce->entry.list);
+ if (!iter) {
+ PZ_Unlock(td->cache->lock);
+ if (!certListOpt) {
+ nssList_Destroy(collectList);
+ }
+ return NULL;
+ }
+ for (subjectList = (nssList *)nssListIterator_Start(iter);
+ subjectList != (nssList *)NULL;
+ subjectList = (nssList *)nssListIterator_Next(iter)) {
+ (void)collect_subject_certs(subjectList, collectList);
+ }
+ nssListIterator_Finish(iter);
+ nssListIterator_Destroy(iter);
+ }
+ PZ_Unlock(td->cache->lock);
+ if (!certListOpt && collectList) {
+ PRUint32 count = nssList_Count(collectList);
+ rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
+ if (rvArray) {
+ nssList_GetArray(collectList, (void **)rvArray, count);
+ }
+ nssList_Destroy(collectList);
+ }
+ return rvArray;
+}
+
+/*
+ * Look for a specific cert in the cache
+ */
+NSS_IMPLEMENT NSSCertificate *
+nssTrustDomain_GetCertForIssuerAndSNFromCache(
+ NSSTrustDomain *td,
+ NSSDER *issuer,
+ NSSDER *serial)
+{
+ NSSCertificate certkey;
+ NSSCertificate *rvCert = NULL;
+ cache_entry *ce;
+ certkey.issuer.data = issuer->data;
+ certkey.issuer.size = issuer->size;
+ certkey.serial.data = serial->data;
+ certkey.serial.size = serial->size;
+#ifdef DEBUG_CACHE
+ log_item_dump("looking for cert by issuer/sn, issuer", issuer);
+ log_item_dump(" serial", serial);
+#endif
+ PZ_Lock(td->cache->lock);
+ ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, &certkey);
+ if (ce) {
+ ce->hits++;
+ ce->lastHit = PR_Now();
+ rvCert = nssCertificate_AddRef(ce->entry.cert);
+#ifdef DEBUG_CACHE
+ PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
+#endif
+ }
+ PZ_Unlock(td->cache->lock);
+ return rvCert;
+}
+
+/*
+ * Look for a specific cert in the cache
+ */
+NSS_IMPLEMENT NSSCertificate *
+nssTrustDomain_GetCertByDERFromCache(
+ NSSTrustDomain *td,
+ NSSDER *der)
+{
+ PRStatus nssrv = PR_FAILURE;
+ NSSDER issuer, serial;
+ NSSCertificate *rvCert;
+ nssrv = nssPKIX509_GetIssuerAndSerialFromDER(der, &issuer, &serial);
+ if (nssrv != PR_SUCCESS) {
+ return NULL;
+ }
+#ifdef DEBUG_CACHE
+ log_item_dump("looking for cert by DER", der);
+#endif
+ rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
+ &issuer, &serial);
+ PORT_Free(issuer.data);
+ PORT_Free(serial.data);
+ return rvCert;
+}
+
+static void
+cert_iter(const void *k, void *v, void *a)
+{
+ nssList *certList = (nssList *)a;
+ NSSCertificate *c = (NSSCertificate *)k;
+ nssList_Add(certList, nssCertificate_AddRef(c));
+}
+
+NSS_EXTERN NSSCertificate **
+nssTrustDomain_GetCertsFromCache(
+ NSSTrustDomain *td,
+ nssList *certListOpt)
+{
+ NSSCertificate **rvArray = NULL;
+ nssList *certList;
+ if (certListOpt) {
+ certList = certListOpt;
+ } else {
+ certList = nssList_Create(NULL, PR_FALSE);
+ if (!certList) {
+ return NULL;
+ }
+ }
+ PZ_Lock(td->cache->lock);
+ nssHash_Iterate(td->cache->issuerAndSN, cert_iter, (void *)certList);
+ PZ_Unlock(td->cache->lock);
+ if (!certListOpt) {
+ PRUint32 count = nssList_Count(certList);
+ rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
+ nssList_GetArray(certList, (void **)rvArray, count);
+ /* array takes the references */
+ nssList_Destroy(certList);
+ }
+ return rvArray;
+}
+
+NSS_IMPLEMENT void
+nssTrustDomain_DumpCacheInfo(
+ NSSTrustDomain *td,
+ void (*cert_dump_iter)(const void *, void *, void *),
+ void *arg)
+{
+ PZ_Lock(td->cache->lock);
+ nssHash_Iterate(td->cache->issuerAndSN, cert_dump_iter, arg);
+ PZ_Unlock(td->cache->lock);
+}
diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c
new file mode 100644
index 000000000..49f7dc5ba
--- /dev/null
+++ b/security/nss/lib/pki/trustdomain.c
@@ -0,0 +1,1192 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef DEV_H
+#include "dev.h"
+#endif /* DEV_H */
+
+#ifndef PKIM_H
+#include "pkim.h"
+#endif /* PKIM_H */
+
+#include "cert.h"
+#include "pki3hack.h"
+#include "pk11pub.h"
+#include "nssrwlk.h"
+
+#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
+
+extern const NSSError NSS_ERROR_NOT_FOUND;
+
+typedef PRUint32 nssUpdateLevel;
+
+NSS_IMPLEMENT NSSTrustDomain *
+NSSTrustDomain_Create(
+ NSSUTF8 *moduleOpt,
+ NSSUTF8 *uriOpt,
+ NSSUTF8 *opaqueOpt,
+ void *reserved)
+{
+ NSSArena *arena;
+ NSSTrustDomain *rvTD;
+ arena = NSSArena_Create();
+ if (!arena) {
+ return (NSSTrustDomain *)NULL;
+ }
+ rvTD = nss_ZNEW(arena, NSSTrustDomain);
+ if (!rvTD) {
+ goto loser;
+ }
+ /* protect the token list and the token iterator */
+ rvTD->tokensLock = NSSRWLock_New(100, "tokens");
+ if (!rvTD->tokensLock) {
+ goto loser;
+ }
+ nssTrustDomain_InitializeCache(rvTD, NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE);
+ rvTD->arena = arena;
+ rvTD->refCount = 1;
+ rvTD->statusConfig = NULL;
+ return rvTD;
+loser:
+ if (rvTD && rvTD->tokensLock) {
+ NSSRWLock_Destroy(rvTD->tokensLock);
+ }
+ nssArena_Destroy(arena);
+ return (NSSTrustDomain *)NULL;
+}
+
+static void
+token_destructor(void *t)
+{
+ NSSToken *tok = (NSSToken *)t;
+ /* The token holds the first/last reference to the slot.
+ * When the token is actually destroyed (ref count == 0),
+ * the slot will also be destroyed.
+ */
+ nssToken_Destroy(tok);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_Destroy(
+ NSSTrustDomain *td)
+{
+ PRStatus status = PR_SUCCESS;
+ if (--td->refCount == 0) {
+ /* Destroy each token in the list of tokens */
+ if (td->tokens) {
+ nssListIterator_Destroy(td->tokens);
+ td->tokens = NULL;
+ }
+ if (td->tokenList) {
+ nssList_Clear(td->tokenList, token_destructor);
+ nssList_Destroy(td->tokenList);
+ td->tokenList = NULL;
+ }
+ NSSRWLock_Destroy(td->tokensLock);
+ td->tokensLock = NULL;
+ status = nssTrustDomain_DestroyCache(td);
+ if (status == PR_FAILURE) {
+ return status;
+ }
+ if (td->statusConfig) {
+ td->statusConfig->statusDestroy(td->statusConfig);
+ td->statusConfig = NULL;
+ }
+ /* Destroy the trust domain */
+ nssArena_Destroy(td->arena);
+ }
+ return status;
+}
+
+/* XXX uses tokens until slot list is in place */
+static NSSSlot **
+nssTrustDomain_GetActiveSlots(
+ NSSTrustDomain *td,
+ nssUpdateLevel *updateLevel)
+{
+ PRUint32 count;
+ NSSSlot **slots = NULL;
+ NSSToken **tp, **tokens;
+ *updateLevel = 1;
+ if (!td->tokenList) {
+ return NULL;
+ }
+ NSSRWLock_LockRead(td->tokensLock);
+ count = nssList_Count(td->tokenList);
+ tokens = nss_ZNEWARRAY(NULL, NSSToken *, count + 1);
+ if (!tokens) {
+ NSSRWLock_UnlockRead(td->tokensLock);
+ return NULL;
+ }
+ slots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1);
+ if (!slots) {
+ NSSRWLock_UnlockRead(td->tokensLock);
+ nss_ZFreeIf(tokens);
+ return NULL;
+ }
+ nssList_GetArray(td->tokenList, (void **)tokens, count);
+ NSSRWLock_UnlockRead(td->tokensLock);
+ count = 0;
+ for (tp = tokens; *tp; tp++) {
+ NSSSlot *slot = nssToken_GetSlot(*tp);
+ if (!PK11_IsDisabled(slot->pk11slot)) {
+ slots[count++] = slot;
+ } else {
+ nssSlot_Destroy(slot);
+ }
+ }
+ nss_ZFreeIf(tokens);
+ if (!count) {
+ nss_ZFreeIf(slots);
+ slots = NULL;
+ }
+ return slots;
+}
+
+/* XXX */
+static nssSession *
+nssTrustDomain_GetSessionForToken(
+ NSSTrustDomain *td,
+ NSSToken *token)
+{
+ return nssToken_GetDefaultSession(token);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_SetDefaultCallback(
+ NSSTrustDomain *td,
+ NSSCallback *newCallback,
+ NSSCallback **oldCallbackOpt)
+{
+ if (oldCallbackOpt) {
+ *oldCallbackOpt = td->defaultCallback;
+ }
+ td->defaultCallback = newCallback;
+ return PR_SUCCESS;
+}
+
+NSS_IMPLEMENT NSSCallback *
+nssTrustDomain_GetDefaultCallback(
+ NSSTrustDomain *td,
+ PRStatus *statusOpt)
+{
+ if (statusOpt) {
+ *statusOpt = PR_SUCCESS;
+ }
+ return td->defaultCallback;
+}
+
+NSS_IMPLEMENT NSSCallback *
+NSSTrustDomain_GetDefaultCallback(
+ NSSTrustDomain *td,
+ PRStatus *statusOpt)
+{
+ return nssTrustDomain_GetDefaultCallback(td, statusOpt);
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_LoadModule(
+ NSSTrustDomain *td,
+ NSSUTF8 *moduleOpt,
+ NSSUTF8 *uriOpt,
+ NSSUTF8 *opaqueOpt,
+ void *reserved)
+{
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_DisableToken(
+ NSSTrustDomain *td,
+ NSSToken *token,
+ NSSError why)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_EnableToken(
+ NSSTrustDomain *td,
+ NSSToken *token)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_IsTokenEnabled(
+ NSSTrustDomain *td,
+ NSSToken *token,
+ NSSError *whyOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSSlot *
+NSSTrustDomain_FindSlotByName(
+ NSSTrustDomain *td,
+ NSSUTF8 *slotName)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSTrustDomain_FindTokenByName(
+ NSSTrustDomain *td,
+ NSSUTF8 *tokenName)
+{
+ PRStatus nssrv;
+ NSSUTF8 *myName;
+ NSSToken *tok = NULL;
+ NSSRWLock_LockRead(td->tokensLock);
+ for (tok = (NSSToken *)nssListIterator_Start(td->tokens);
+ tok != (NSSToken *)NULL;
+ tok = (NSSToken *)nssListIterator_Next(td->tokens)) {
+ if (nssToken_IsPresent(tok)) {
+ myName = nssToken_GetName(tok);
+ if (nssUTF8_Equal(tokenName, myName, &nssrv))
+ break;
+ }
+ }
+ nssListIterator_Finish(td->tokens);
+ NSSRWLock_UnlockRead(td->tokensLock);
+ return tok;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSTrustDomain_FindTokenBySlotName(
+ NSSTrustDomain *td,
+ NSSUTF8 *slotName)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSTrustDomain_FindTokenForAlgorithm(
+ NSSTrustDomain *td,
+ NSSOID *algorithm)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSToken *
+NSSTrustDomain_FindBestTokenForAlgorithms(
+ NSSTrustDomain *td,
+ NSSOID *algorithms[], /* may be null-terminated */
+ PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
+ )
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_Login(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_Logout(NSSTrustDomain *td)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_ImportCertificate(
+ NSSTrustDomain *td,
+ NSSCertificate *c)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_ImportPKIXCertificate(
+ NSSTrustDomain *td,
+ /* declared as a struct until these "data types" are defined */
+ struct NSSPKIXCertificateStr *pc)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_ImportEncodedCertificate(
+ NSSTrustDomain *td,
+ NSSBER *ber)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_ImportEncodedCertificateChain(
+ NSSTrustDomain *td,
+ NSSBER *ber,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSPrivateKey *
+NSSTrustDomain_ImportEncodedPrivateKey(
+ NSSTrustDomain *td,
+ NSSBER *ber,
+ NSSItem *passwordOpt, /* NULL will cause a callback */
+ NSSCallback *uhhOpt,
+ NSSToken *destination)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSPublicKey *
+NSSTrustDomain_ImportEncodedPublicKey(
+ NSSTrustDomain *td,
+ NSSBER *ber)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+static NSSCertificate **
+get_certs_from_list(nssList *list)
+{
+ PRUint32 count = nssList_Count(list);
+ NSSCertificate **certs = NULL;
+ if (count > 0) {
+ certs = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
+ if (certs) {
+ nssList_GetArray(list, (void **)certs, count);
+ }
+ }
+ return certs;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+nssTrustDomain_FindCertificatesByNickname(
+ NSSTrustDomain *td,
+ const NSSUTF8 *name,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ NSSToken *token = NULL;
+ NSSSlot **slots = NULL;
+ NSSSlot **slotp;
+ NSSCertificate **rvCerts = NULL;
+ nssPKIObjectCollection *collection = NULL;
+ nssUpdateLevel updateLevel;
+ nssList *nameList;
+ PRUint32 numRemaining = maximumOpt;
+ PRUint32 collectionCount = 0;
+ PRUint32 errors = 0;
+
+ /* First, grab from the cache */
+ nameList = nssList_Create(NULL, PR_FALSE);
+ if (!nameList) {
+ return NULL;
+ }
+ (void)nssTrustDomain_GetCertsForNicknameFromCache(td, name, nameList);
+ rvCerts = get_certs_from_list(nameList);
+ /* initialize the collection of token certificates with the set of
+ * cached certs (if any).
+ */
+ collection = nssCertificateCollection_Create(td, rvCerts);
+ nssCertificateArray_Destroy(rvCerts);
+ nssList_Destroy(nameList);
+ if (!collection) {
+ return (NSSCertificate **)NULL;
+ }
+ /* obtain the current set of active slots in the trust domain */
+ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
+ if (!slots) {
+ goto loser;
+ }
+ /* iterate over the slots */
+ for (slotp = slots; *slotp; slotp++) {
+ token = nssSlot_GetToken(*slotp);
+ if (token) {
+ nssSession *session;
+ nssCryptokiObject **instances = NULL;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ PRStatus status = PR_FAILURE;
+
+ session = nssTrustDomain_GetSessionForToken(td, token);
+ if (session) {
+ instances = nssToken_FindCertificatesByNickname(token,
+ session,
+ name,
+ tokenOnly,
+ numRemaining,
+ &status);
+ }
+ nssToken_Destroy(token);
+ if (status != PR_SUCCESS) {
+ errors++;
+ continue;
+ }
+ if (instances) {
+ status = nssPKIObjectCollection_AddInstances(collection,
+ instances, 0);
+ nss_ZFreeIf(instances);
+ if (status != PR_SUCCESS) {
+ errors++;
+ continue;
+ }
+ collectionCount = nssPKIObjectCollection_Count(collection);
+ if (maximumOpt > 0) {
+ if (collectionCount >= maximumOpt)
+ break;
+ numRemaining = maximumOpt - collectionCount;
+ }
+ }
+ }
+ }
+ if (!collectionCount && errors)
+ goto loser;
+ /* Grab the certs collected in the search. */
+ rvCerts = nssPKIObjectCollection_GetCertificates(collection,
+ rvOpt, maximumOpt,
+ arenaOpt);
+ /* clean up */
+ nssPKIObjectCollection_Destroy(collection);
+ nssSlotArray_Destroy(slots);
+ return rvCerts;
+loser:
+ if (slots) {
+ nssSlotArray_Destroy(slots);
+ }
+ if (collection) {
+ nssPKIObjectCollection_Destroy(collection);
+ }
+ return (NSSCertificate **)NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindCertificatesByNickname(
+ NSSTrustDomain *td,
+ NSSUTF8 *name,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ return nssTrustDomain_FindCertificatesByNickname(td,
+ name,
+ rvOpt,
+ maximumOpt,
+ arenaOpt);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssTrustDomain_FindBestCertificateByNickname(
+ NSSTrustDomain *td,
+ const NSSUTF8 *name,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ NSSCertificate **nicknameCerts;
+ NSSCertificate *rvCert = NULL;
+ nicknameCerts = nssTrustDomain_FindCertificatesByNickname(td, name,
+ NULL,
+ 0,
+ NULL);
+ if (nicknameCerts) {
+ rvCert = nssCertificateArray_FindBestCertificate(nicknameCerts,
+ timeOpt,
+ usage,
+ policiesOpt);
+ nssCertificateArray_Destroy(nicknameCerts);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestCertificateByNickname(
+ NSSTrustDomain *td,
+ const NSSUTF8 *name,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ return nssTrustDomain_FindBestCertificateByNickname(td,
+ name,
+ timeOpt,
+ usage,
+ policiesOpt);
+}
+
+NSS_IMPLEMENT NSSCertificate **
+nssTrustDomain_FindCertificatesBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ NSSToken *token = NULL;
+ NSSSlot **slots = NULL;
+ NSSSlot **slotp;
+ NSSCertificate **rvCerts = NULL;
+ nssPKIObjectCollection *collection = NULL;
+ nssUpdateLevel updateLevel;
+ nssList *subjectList;
+ PRUint32 numRemaining = maximumOpt;
+ PRUint32 collectionCount = 0;
+ PRUint32 errors = 0;
+
+ /* look in cache */
+ subjectList = nssList_Create(NULL, PR_FALSE);
+ if (!subjectList) {
+ return NULL;
+ }
+ (void)nssTrustDomain_GetCertsForSubjectFromCache(td, subject, subjectList);
+ rvCerts = get_certs_from_list(subjectList);
+ collection = nssCertificateCollection_Create(td, rvCerts);
+ nssCertificateArray_Destroy(rvCerts);
+ nssList_Destroy(subjectList);
+ if (!collection) {
+ return (NSSCertificate **)NULL;
+ }
+ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
+ if (!slots) {
+ goto loser;
+ }
+ for (slotp = slots; *slotp; slotp++) {
+ token = nssSlot_GetToken(*slotp);
+ if (token) {
+ nssSession *session;
+ nssCryptokiObject **instances = NULL;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ PRStatus status = PR_FAILURE;
+
+ session = nssTrustDomain_GetSessionForToken(td, token);
+ if (session) {
+ instances = nssToken_FindCertificatesBySubject(token,
+ session,
+ subject,
+ tokenOnly,
+ numRemaining,
+ &status);
+ }
+ nssToken_Destroy(token);
+ if (status != PR_SUCCESS) {
+ errors++;
+ continue;
+ }
+ if (instances) {
+ status = nssPKIObjectCollection_AddInstances(collection,
+ instances, 0);
+ nss_ZFreeIf(instances);
+ if (status != PR_SUCCESS) {
+ errors++;
+ continue;
+ }
+ collectionCount = nssPKIObjectCollection_Count(collection);
+ if (maximumOpt > 0) {
+ if (collectionCount >= maximumOpt)
+ break;
+ numRemaining = maximumOpt - collectionCount;
+ }
+ }
+ }
+ }
+ if (!collectionCount && errors)
+ goto loser;
+ rvCerts = nssPKIObjectCollection_GetCertificates(collection,
+ rvOpt, maximumOpt,
+ arenaOpt);
+ nssPKIObjectCollection_Destroy(collection);
+ nssSlotArray_Destroy(slots);
+ return rvCerts;
+loser:
+ if (slots) {
+ nssSlotArray_Destroy(slots);
+ }
+ if (collection) {
+ nssPKIObjectCollection_Destroy(collection);
+ }
+ return (NSSCertificate **)NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindCertificatesBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt,
+ NSSArena *arenaOpt)
+{
+ return nssTrustDomain_FindCertificatesBySubject(td,
+ subject,
+ rvOpt,
+ maximumOpt,
+ arenaOpt);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssTrustDomain_FindBestCertificateBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ NSSCertificate **subjectCerts;
+ NSSCertificate *rvCert = NULL;
+ subjectCerts = nssTrustDomain_FindCertificatesBySubject(td, subject,
+ NULL,
+ 0,
+ NULL);
+ if (subjectCerts) {
+ rvCert = nssCertificateArray_FindBestCertificate(subjectCerts,
+ timeOpt,
+ usage,
+ policiesOpt);
+ nssCertificateArray_Destroy(subjectCerts);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestCertificateBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ return nssTrustDomain_FindBestCertificateBySubject(td,
+ subject,
+ timeOpt,
+ usage,
+ policiesOpt);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestCertificateByNameComponents(
+ NSSTrustDomain *td,
+ NSSUTF8 *nameComponents,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindCertificatesByNameComponents(
+ NSSTrustDomain *td,
+ NSSUTF8 *nameComponents,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+/* This returns at most a single certificate, so it can stop the loop
+ * when one is found.
+ */
+NSS_IMPLEMENT NSSCertificate *
+nssTrustDomain_FindCertificateByIssuerAndSerialNumber(
+ NSSTrustDomain *td,
+ NSSDER *issuer,
+ NSSDER *serial)
+{
+ NSSSlot **slots = NULL;
+ NSSSlot **slotp;
+ NSSCertificate *rvCert = NULL;
+ nssPKIObjectCollection *collection = NULL;
+ nssUpdateLevel updateLevel;
+
+ /* see if this search is already cached */
+ rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
+ issuer,
+ serial);
+ if (rvCert) {
+ return rvCert;
+ }
+ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
+ if (slots) {
+ for (slotp = slots; *slotp; slotp++) {
+ NSSToken *token = nssSlot_GetToken(*slotp);
+ nssSession *session;
+ nssCryptokiObject *instance;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ PRStatus status = PR_FAILURE;
+
+ if (!token)
+ continue;
+ session = nssTrustDomain_GetSessionForToken(td, token);
+ if (session) {
+ instance = nssToken_FindCertificateByIssuerAndSerialNumber(
+ token,
+ session,
+ issuer,
+ serial,
+ tokenOnly,
+ &status);
+ }
+ nssToken_Destroy(token);
+ if (status != PR_SUCCESS) {
+ continue;
+ }
+ if (instance) {
+ if (!collection) {
+ collection = nssCertificateCollection_Create(td, NULL);
+ if (!collection) {
+ break; /* don't keep looping if out if memory */
+ }
+ }
+ status = nssPKIObjectCollection_AddInstances(collection,
+ &instance, 1);
+ if (status == PR_SUCCESS) {
+ (void)nssPKIObjectCollection_GetCertificates(
+ collection, &rvCert, 1, NULL);
+ }
+ if (rvCert) {
+ break; /* found one cert, all done */
+ }
+ }
+ }
+ }
+ if (collection) {
+ nssPKIObjectCollection_Destroy(collection);
+ }
+ if (slots) {
+ nssSlotArray_Destroy(slots);
+ }
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
+ NSSTrustDomain *td,
+ NSSDER *issuer,
+ NSSDER *serial)
+{
+ return nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
+ issuer,
+ serial);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+nssTrustDomain_FindCertificateByEncodedCertificate(
+ NSSTrustDomain *td,
+ NSSBER *ber)
+{
+ PRStatus status;
+ NSSCertificate *rvCert = NULL;
+ NSSDER issuer = { 0 };
+ NSSDER serial = { 0 };
+ /* XXX this is not generic... will any cert crack into issuer/serial? */
+ status = nssPKIX509_GetIssuerAndSerialFromDER(ber, &issuer, &serial);
+ if (status != PR_SUCCESS) {
+ return NULL;
+ }
+ rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
+ &issuer,
+ &serial);
+ PORT_Free(issuer.data);
+ PORT_Free(serial.data);
+ return rvCert;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindCertificateByEncodedCertificate(
+ NSSTrustDomain *td,
+ NSSBER *ber)
+{
+ return nssTrustDomain_FindCertificateByEncodedCertificate(td, ber);
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestCertificateByEmail(
+ NSSTrustDomain *td,
+ NSSASCII7 *email,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ return 0;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindCertificatesByEmail(
+ NSSTrustDomain *td,
+ NSSASCII7 *email,
+ NSSCertificate *rvOpt[],
+ PRUint32 maximumOpt, /* 0 for no max */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindCertificateByOCSPHash(
+ NSSTrustDomain *td,
+ NSSItem *hash)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestUserCertificate(
+ NSSTrustDomain *td,
+ NSSTime *timeOpt,
+ NSSUsage *usage,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindUserCertificates(
+ NSSTrustDomain *td,
+ NSSTime *timeOpt,
+ NSSUsage *usageOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestUserCertificateForSSLClientAuth(
+ NSSTrustDomain *td,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindUserCertificatesForSSLClientAuth(
+ NSSTrustDomain *td,
+ NSSUTF8 *sslHostOpt,
+ NSSDER *rootCAsOpt[], /* null pointer for none */
+ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate *
+NSSTrustDomain_FindBestUserCertificateForEmailSigning(
+ NSSTrustDomain *td,
+ NSSASCII7 *signerOpt,
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCertificate **
+NSSTrustDomain_FindUserCertificatesForEmailSigning(
+ NSSTrustDomain *td,
+ NSSASCII7 *signerOpt,
+ NSSASCII7 *recipientOpt,
+ /* anything more here? */
+ NSSAlgorithmAndParameters *apOpt,
+ NSSPolicies *policiesOpt,
+ NSSCertificate **rvOpt,
+ PRUint32 rvLimit, /* zero for no limit */
+ NSSArena *arenaOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+static PRStatus
+collector(nssCryptokiObject *instance, void *arg)
+{
+ nssPKIObjectCollection *collection = (nssPKIObjectCollection *)arg;
+ return nssPKIObjectCollection_AddInstanceAsObject(collection, instance);
+}
+
+NSS_IMPLEMENT PRStatus *
+NSSTrustDomain_TraverseCertificates(
+ NSSTrustDomain *td,
+ PRStatus (*callback)(NSSCertificate *c, void *arg),
+ void *arg)
+{
+ NSSToken *token = NULL;
+ NSSSlot **slots = NULL;
+ NSSSlot **slotp;
+ nssPKIObjectCollection *collection = NULL;
+ nssPKIObjectCallback pkiCallback;
+ nssUpdateLevel updateLevel;
+ NSSCertificate **cached = NULL;
+ nssList *certList;
+
+ certList = nssList_Create(NULL, PR_FALSE);
+ if (!certList)
+ return NULL;
+ (void)nssTrustDomain_GetCertsFromCache(td, certList);
+ cached = get_certs_from_list(certList);
+ collection = nssCertificateCollection_Create(td, cached);
+ nssCertificateArray_Destroy(cached);
+ nssList_Destroy(certList);
+ if (!collection) {
+ return (PRStatus *)NULL;
+ }
+ /* obtain the current set of active slots in the trust domain */
+ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
+ if (!slots) {
+ goto loser;
+ }
+ /* iterate over the slots */
+ for (slotp = slots; *slotp; slotp++) {
+ /* get the token for the slot, if present */
+ token = nssSlot_GetToken(*slotp);
+ if (token) {
+ nssSession *session;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+ /* get a session for the token */
+ session = nssTrustDomain_GetSessionForToken(td, token);
+ if (session) {
+ /* perform the traversal */
+ (void)nssToken_TraverseCertificates(token,
+ session,
+ tokenOnly,
+ collector,
+ collection);
+ }
+ nssToken_Destroy(token);
+ }
+ }
+
+ /* Traverse the collection */
+ pkiCallback.func.cert = callback;
+ pkiCallback.arg = arg;
+ (void)nssPKIObjectCollection_Traverse(collection, &pkiCallback);
+loser:
+ if (slots) {
+ nssSlotArray_Destroy(slots);
+ }
+ if (collection) {
+ nssPKIObjectCollection_Destroy(collection);
+ }
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSTrust *
+nssTrustDomain_FindTrustForCertificate(
+ NSSTrustDomain *td,
+ NSSCertificate *c)
+{
+ NSSSlot **slots;
+ NSSSlot **slotp;
+ nssCryptokiObject *to = NULL;
+ nssPKIObject *pkio = NULL;
+ NSSTrust *rvt = NULL;
+ nssUpdateLevel updateLevel;
+ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
+ if (!slots) {
+ return (NSSTrust *)NULL;
+ }
+ for (slotp = slots; *slotp; slotp++) {
+ NSSToken *token = nssSlot_GetToken(*slotp);
+
+ if (token) {
+ to = nssToken_FindTrustForCertificate(token, NULL,
+ &c->encoding,
+ &c->issuer,
+ &c->serial,
+ nssTokenSearchType_TokenOnly);
+ if (to) {
+ PRStatus status;
+ if (!pkio) {
+ pkio = nssPKIObject_Create(NULL, to, td, NULL, nssPKILock);
+ status = pkio ? PR_SUCCESS : PR_FAILURE;
+ } else {
+ status = nssPKIObject_AddInstance(pkio, to);
+ }
+ if (status != PR_SUCCESS) {
+ nssCryptokiObject_Destroy(to);
+ }
+ }
+ nssToken_Destroy(token);
+ }
+ }
+ if (pkio) {
+ rvt = nssTrust_Create(pkio, &c->encoding);
+ if (rvt) {
+ pkio = NULL; /* rvt object now owns the pkio reference */
+ }
+ }
+ nssSlotArray_Destroy(slots);
+ if (pkio) {
+ nssPKIObject_Destroy(pkio);
+ }
+ return rvt;
+}
+
+NSS_IMPLEMENT NSSCRL **
+nssTrustDomain_FindCRLsBySubject(
+ NSSTrustDomain *td,
+ NSSDER *subject)
+{
+ NSSSlot **slots;
+ NSSSlot **slotp;
+ NSSToken *token;
+ nssUpdateLevel updateLevel;
+ nssPKIObjectCollection *collection;
+ NSSCRL **rvCRLs = NULL;
+ collection = nssCRLCollection_Create(td, NULL);
+ if (!collection) {
+ return (NSSCRL **)NULL;
+ }
+ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
+ if (!slots) {
+ goto loser;
+ }
+ for (slotp = slots; *slotp; slotp++) {
+ token = nssSlot_GetToken(*slotp);
+ if (token) {
+ PRStatus status = PR_FAILURE;
+ nssSession *session;
+ nssCryptokiObject **instances = NULL;
+ nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
+
+ /* get a session for the token */
+ session = nssTrustDomain_GetSessionForToken(td, token);
+ if (session) {
+ /* perform the traversal */
+ instances = nssToken_FindCRLsBySubject(token, session, subject,
+ tokenOnly, 0, &status);
+ }
+ nssToken_Destroy(token);
+ if (status == PR_SUCCESS) {
+ /* add the found CRL's to the collection */
+ status = nssPKIObjectCollection_AddInstances(collection,
+ instances, 0);
+ }
+ nss_ZFreeIf(instances);
+ }
+ }
+ rvCRLs = nssPKIObjectCollection_GetCRLs(collection, NULL, 0, NULL);
+loser:
+ nssPKIObjectCollection_Destroy(collection);
+ nssSlotArray_Destroy(slots);
+ return rvCRLs;
+}
+
+NSS_IMPLEMENT PRStatus
+NSSTrustDomain_GenerateKeyPair(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap,
+ NSSPrivateKey **pvkOpt,
+ NSSPublicKey **pbkOpt,
+ PRBool privateKeyIsSensitive,
+ NSSToken *destination,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return PR_FAILURE;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSTrustDomain_GenerateSymmetricKey(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap,
+ PRUint32 keysize,
+ NSSToken *destination,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSTrustDomain_GenerateSymmetricKeyFromPassword(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap,
+ NSSUTF8 *passwordOpt, /* if null, prompt */
+ NSSToken *destinationOpt,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSSymmetricKey *
+NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID(
+ NSSTrustDomain *td,
+ NSSOID *algorithm,
+ NSSItem *keyID,
+ NSSCallback *uhhOpt)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+nssTrustDomain_CreateCryptoContext(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt)
+{
+ return nssCryptoContext_Create(td, uhhOpt);
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSTrustDomain_CreateCryptoContext(
+ NSSTrustDomain *td,
+ NSSCallback *uhhOpt)
+{
+ return nssTrustDomain_CreateCryptoContext(td, uhhOpt);
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSTrustDomain_CreateCryptoContextForAlgorithm(
+ NSSTrustDomain *td,
+ NSSOID *algorithm)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
+
+NSS_IMPLEMENT NSSCryptoContext *
+NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters(
+ NSSTrustDomain *td,
+ NSSAlgorithmAndParameters *ap)
+{
+ nss_SetError(NSS_ERROR_NOT_FOUND);
+ return NULL;
+}
diff --git a/security/nss/lib/smime/Makefile b/security/nss/lib/smime/Makefile
new file mode 100644
index 000000000..a9cebcfec
--- /dev/null
+++ b/security/nss/lib/smime/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+
diff --git a/security/nss/lib/smime/cms.h b/security/nss/lib/smime/cms.h
new file mode 100644
index 000000000..244df4879
--- /dev/null
+++ b/security/nss/lib/smime/cms.h
@@ -0,0 +1,1153 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Interfaces of the CMS implementation.
+ */
+
+#ifndef _CMS_H_
+#define _CMS_H_
+
+#include "seccomon.h"
+
+#include "secoidt.h"
+#include "certt.h"
+#include "keyt.h"
+#include "hasht.h"
+#include "cmst.h"
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/************************************************************************
+ * cmsdecode.c - CMS decoding
+ ************************************************************************/
+
+/*
+ * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
+ *
+ * "poolp" - pointer to arena for message, or NULL if new pool should be created
+ * "cb", "cb_arg" - callback function and argument for delivery of inner content
+ * inner content will be stored in the message if cb is NULL.
+ * "pwfn", pwfn_arg" - callback function for getting token password
+ * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
+ */
+extern NSSCMSDecoderContext *
+NSS_CMSDecoder_Start(PLArenaPool *poolp,
+ NSSCMSContentCallback cb, void *cb_arg,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
+
+/*
+ * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
+ */
+extern SECStatus
+NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len);
+
+/*
+ * NSS_CMSDecoder_Cancel - cancel a decoding process
+ */
+extern void
+NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx);
+
+/*
+ * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
+ */
+extern NSSCMSMessage *
+NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx);
+
+/*
+ * NSS_CMSMessage_CreateFromDER - decode a CMS message from DER encoded data
+ */
+extern NSSCMSMessage *
+NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
+ NSSCMSContentCallback cb, void *cb_arg,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
+
+/************************************************************************
+ * cmsencode.c - CMS encoding
+ ************************************************************************/
+
+/*
+ * NSS_CMSEncoder_Start - set up encoding of a CMS message
+ *
+ * "cmsg" - message to encode
+ * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
+ * will not be called if NULL.
+ * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
+ * "destpoolp" - pool to allocate DER-encoded output in
+ * "pwfn", pwfn_arg" - callback function for getting token password
+ * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
+ * "detached_digestalgs", "detached_digests" - digests from detached content
+ */
+extern NSSCMSEncoderContext *
+NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
+ NSSCMSContentCallback outputfn, void *outputarg,
+ SECItem *dest, PLArenaPool *destpoolp,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
+ SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
+
+/*
+ * NSS_CMSEncoder_Update - take content data delivery from the user
+ *
+ * "p7ecx" - encoder context
+ * "data" - content data
+ * "len" - length of content data
+ */
+extern SECStatus
+NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
+
+/*
+ * NSS_CMSEncoder_Cancel - stop all encoding
+ */
+extern SECStatus
+NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx);
+
+/*
+ * NSS_CMSEncoder_Finish - signal the end of data
+ *
+ * we need to walk down the chain of encoders and the finish them from the innermost out
+ */
+extern SECStatus
+NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx);
+
+/************************************************************************
+ * cmsmessage.c - CMS message object
+ ************************************************************************/
+
+/*
+ * NSS_CMSMessage_Create - create a CMS message object
+ *
+ * "poolp" - arena to allocate memory from, or NULL if new arena should be created
+ */
+extern NSSCMSMessage *
+NSS_CMSMessage_Create(PLArenaPool *poolp);
+
+/*
+ * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
+ *
+ * "cmsg" - message object
+ * "pwfn", pwfn_arg" - callback function for getting token password
+ * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
+ * "detached_digestalgs", "detached_digests" - digests from detached content
+ *
+ * used internally.
+ */
+extern void
+NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
+ SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
+
+/*
+ * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
+ */
+extern void
+NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_Copy - return a copy of the given message.
+ *
+ * The copy may be virtual or may be real -- either way, the result needs
+ * to be passed to NSS_CMSMessage_Destroy later (as does the original).
+ */
+extern NSSCMSMessage *
+NSS_CMSMessage_Copy(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
+ */
+extern PLArenaPool *
+NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
+ */
+extern NSSCMSContentInfo *
+NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg);
+
+/*
+ * Return a pointer to the actual content.
+ * In the case of those types which are encrypted, this returns the *plain* content.
+ * In case of nested contentInfos, this descends and retrieves the innermost content.
+ */
+extern SECItem *
+NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
+ *
+ * CMS data content objects do not count.
+ */
+extern int
+NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_ContentLevel - find content level #n
+ *
+ * CMS data content objects do not count.
+ */
+extern NSSCMSContentInfo *
+NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n);
+
+/*
+ * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
+ */
+extern PRBool
+NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
+ */
+extern PRBool
+NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
+ *
+ * If the CMS message has a SignedData with a signature (not just a SignedData)
+ * return true; false otherwise. This can/should be called before calling
+ * VerifySignature, which will always indicate failure if no signature is
+ * present, but that does not mean there even was a signature!
+ * Note that the content itself can be empty (detached content was sent
+ * another way); it is the presence of the signature that matters.
+ */
+extern PRBool
+NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg);
+
+/*
+ * NSS_CMSMessage_IsContentEmpty - see if content is empty
+ *
+ * returns PR_TRUE is innermost content length is < minLen
+ * XXX need the encrypted content length (why?)
+ */
+extern PRBool
+NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen);
+
+/************************************************************************
+ * cmscinfo.c - CMS contentInfo methods
+ ************************************************************************/
+
+/*
+ * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
+ */
+extern void
+NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo);
+
+/*
+ * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
+ */
+extern NSSCMSContentInfo *
+NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo);
+
+/*
+ * NSS_CMSContentInfo_SetContent - set cinfo's content type & content to CMS object
+ */
+extern SECStatus
+NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr);
+
+/*
+ * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetType
+ * set cinfo's content type & content to CMS object
+ */
+extern SECStatus
+NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached);
+
+extern SECStatus
+NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd);
+
+extern SECStatus
+NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd);
+
+extern SECStatus
+NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd);
+
+extern SECStatus
+NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd);
+
+/*
+ * turn off streaming for this content type.
+ * This could fail with SEC_ERROR_NO_MEMORY in memory constrained conditions.
+ */
+extern SECStatus
+NSS_CMSContentInfo_SetDontStream(NSSCMSContentInfo *cinfo, PRBool dontStream);
+
+/*
+ * NSS_CMSContentInfo_GetContent - get pointer to inner content
+ *
+ * needs to be casted...
+ */
+extern void *
+NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo);
+
+/*
+ * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
+ *
+ * this is typically only called by NSS_CMSMessage_GetContent()
+ */
+extern SECItem *
+NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo);
+
+/*
+ * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
+ * for future reference) and return the inner content type.
+ */
+extern SECOidTag
+NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo);
+
+extern SECItem *
+NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo);
+
+/*
+ * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
+ * for future reference) and return the content encryption algorithm tag.
+ */
+extern SECOidTag
+NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo);
+
+/*
+ * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
+ */
+extern SECAlgorithmID *
+NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo);
+
+extern SECStatus
+NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
+ SECOidTag bulkalgtag, SECItem *parameters, int keysize);
+
+extern SECStatus
+NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
+ SECAlgorithmID *algid, int keysize);
+
+extern void
+NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey);
+
+extern PK11SymKey *
+NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo);
+
+extern int
+NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo);
+
+/************************************************************************
+ * cmsutil.c - CMS misc utility functions
+ ************************************************************************/
+
+/*
+ * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
+ *
+ * make sure that the order of the objects guarantees valid DER (which must be
+ * in lexigraphically ascending order for a SET OF); if reordering is necessary it
+ * will be done in place (in objs).
+ */
+extern SECStatus
+NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2);
+
+/*
+ * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
+ * sort arrays of SECItems containing DER
+ */
+extern int
+NSS_CMSUtil_DERCompare(void *a, void *b);
+
+/*
+ * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
+ * algorithms.
+ *
+ * algorithmArray - array of algorithm IDs
+ * algid - algorithmid of algorithm to pick
+ *
+ * Returns:
+ * An integer containing the index of the algorithm in the array or -1 if
+ * algorithm was not found.
+ */
+extern int
+NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid);
+
+/*
+ * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
+ * algorithms.
+ *
+ * algorithmArray - array of algorithm IDs
+ * algiddata - id of algorithm to pick
+ *
+ * Returns:
+ * An integer containing the index of the algorithm in the array or -1 if
+ * algorithm was not found.
+ */
+extern int
+NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray, SECOidTag algtag);
+
+extern const SECHashObject *
+NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid);
+
+extern const SEC_ASN1Template *
+NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type);
+
+extern size_t
+NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type);
+
+extern NSSCMSContentInfo *
+NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type);
+
+extern const char *
+NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs);
+
+/************************************************************************
+ * cmssigdata.c - CMS signedData methods
+ ************************************************************************/
+
+extern NSSCMSSignedData *
+NSS_CMSSignedData_Create(NSSCMSMessage *cmsg);
+
+extern void
+NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
+ * before start of encoding.
+ *
+ * In detail:
+ * - find out about the right value to put into sigd->version
+ * - come up with a list of digestAlgorithms (which should be the union of the algorithms
+ * in the signerinfos).
+ * If we happen to have a pre-set list of algorithms (and digest values!), we
+ * check if we have all the signerinfos' algorithms. If not, this is an error.
+ */
+extern SECStatus
+NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd);
+
+extern SECStatus
+NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - create the signatures in all the SignerInfos
+ *
+ * Please note that nothing is done to the Certificates and CRLs in the message - this
+ * is entirely the responsibility of our callers.
+ */
+extern SECStatus
+NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd);
+
+extern SECStatus
+NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
+ * after all the encapsulated data was passed through the decoder.
+ */
+extern SECStatus
+NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
+ * after all decoding is finished.
+ */
+extern SECStatus
+NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
+ */
+extern NSSCMSSignerInfo **
+NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd);
+
+extern int
+NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd);
+
+extern NSSCMSSignerInfo *
+NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i);
+
+/*
+ * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
+ */
+extern SECAlgorithmID **
+NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
+ */
+extern NSSCMSContentInfo *
+NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
+ */
+extern SECItem **
+NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd);
+
+extern SECStatus
+NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
+ SECCertUsage certusage, PRBool keepcerts);
+
+/*
+ * NSS_CMSSignedData_HasDigests - see if we have digests in place
+ */
+extern PRBool
+NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd);
+
+/*
+ * NSS_CMSSignedData_VerifySignerInfo - check a signature.
+ *
+ * The digests were either calculated during decoding (and are stored in the
+ * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
+ *
+ * The verification checks if the signing cert is valid and has a trusted chain
+ * for the purpose specified by "certusage".
+ */
+extern SECStatus
+NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i, CERTCertDBHandle *certdb,
+ SECCertUsage certusage);
+
+/*
+ * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
+*/
+extern SECStatus
+NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
+ CERTCertDBHandle *certdb,
+ SECCertUsage usage);
+
+extern SECStatus
+NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist);
+
+/*
+ * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs
+ */
+extern SECStatus
+NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert);
+
+extern SECStatus
+NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert);
+
+extern PRBool
+NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd);
+
+extern SECStatus
+NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
+ NSSCMSSignerInfo *signerinfo);
+
+extern SECStatus
+NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
+ SECAlgorithmID **digestalgs,
+ SECItem **digests);
+
+extern SECStatus
+NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
+ SECOidTag digestalgtag,
+ SECItem *digestdata);
+
+extern SECStatus
+NSS_CMSSignedData_AddDigest(PLArenaPool *poolp,
+ NSSCMSSignedData *sigd,
+ SECOidTag digestalgtag,
+ SECItem *digest);
+
+extern SECItem *
+NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag);
+
+/*
+ * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
+ *
+ * cert - base certificates that will be included
+ * include_chain - if true, include the complete cert chain for cert
+ *
+ * More certs and chains can be added via AddCertificate and AddCertChain.
+ *
+ * An error results in a return value of NULL and an error set.
+ */
+extern NSSCMSSignedData *
+NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain);
+
+/************************************************************************
+ * cmssiginfo.c - signerinfo methods
+ ************************************************************************/
+
+extern NSSCMSSignerInfo *
+NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag);
+extern NSSCMSSignerInfo *
+NSS_CMSSignerInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg, SECItem *subjKeyID, SECKEYPublicKey *pubKey, SECKEYPrivateKey *signingKey, SECOidTag digestalgtag);
+
+/*
+ * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
+ */
+extern void
+NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si);
+
+/*
+ * NSS_CMSSignerInfo_Sign - sign something
+ *
+ */
+extern SECStatus
+NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
+
+extern SECStatus
+NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
+ SECCertUsage certusage);
+
+/*
+ * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
+ *
+ * Just verifies the signature. The assumption is that verification of the certificate
+ * is done already.
+ */
+extern SECStatus
+NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
+
+extern NSSCMSVerificationStatus
+NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo);
+
+extern SECOidData *
+NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo);
+
+extern SECOidTag
+NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo);
+
+extern int
+NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo);
+
+extern CERTCertificateList *
+NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo);
+
+/*
+ * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
+ * in UTCTime format, of a CMS signerInfo.
+ *
+ * sinfo - signerInfo data for this signer
+ *
+ * Returns a pointer to XXXX (what?)
+ * A return value of NULL is an error.
+ */
+extern SECStatus
+NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime);
+
+/*
+ * Return the signing cert of a CMS signerInfo.
+ *
+ * the certs in the enclosing SignedData must have been imported already
+ */
+extern CERTCertificate *
+NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb);
+
+/*
+ * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
+ *
+ * sinfo - signerInfo data for this signer
+ *
+ * Returns a pointer to allocated memory, which must be freed with PORT_Free.
+ * A return value of NULL is an error.
+ */
+extern char *
+NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo);
+
+/*
+ * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
+ *
+ * sinfo - signerInfo data for this signer
+ *
+ * Returns a pointer to allocated memory, which must be freed.
+ * A return value of NULL is an error.
+ */
+extern char *
+NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo);
+
+/*
+ * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ */
+extern SECStatus
+NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
+
+/*
+ * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
+ * unauthenticated attributes of "signerinfo".
+ */
+extern SECStatus
+NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
+
+/*
+ * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ *
+ * This is expected to be included in outgoing signed
+ * messages for email (S/MIME) but is likely useful in other situations.
+ *
+ * This should only be added once; a second call will do nothing.
+ *
+ * XXX This will probably just shove the current time into "signerinfo"
+ * but it will not actually get signed until the entire item is
+ * processed for encoding. Is this (expected to be small) delay okay?
+ */
+extern SECStatus
+NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t);
+
+/*
+ * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ *
+ * This is expected to be included in outgoing signed
+ * messages for email (S/MIME).
+ */
+extern SECStatus
+NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo);
+
+/*
+ * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ *
+ * This is expected to be included in outgoing signed messages for email (S/MIME).
+ */
+SECStatus
+NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb);
+
+/*
+ * NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo", using the OID preferred by Microsoft.
+ *
+ * This is expected to be included in outgoing signed messages for email (S/MIME),
+ * if compatibility with Microsoft mail clients is wanted.
+ */
+SECStatus
+NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb);
+
+/*
+ * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
+ */
+extern SECStatus
+NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
+ SECOidTag digestalg, CERTCertificate signingcert);
+
+/*
+ * XXXX the following needs to be done in the S/MIME layer code
+ * after signature of a signerinfo is verified
+ */
+extern SECStatus
+NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo);
+
+/*
+ * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
+ */
+extern SECStatus
+NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage);
+
+/************************************************************************
+ * cmsenvdata.c - CMS envelopedData methods
+ ************************************************************************/
+
+/*
+ * NSS_CMSEnvelopedData_Create - create an enveloped data message
+ */
+extern NSSCMSEnvelopedData *
+NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
+
+/*
+ * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
+ */
+extern void
+NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp);
+
+/*
+ * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
+ */
+extern NSSCMSContentInfo *
+NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd);
+
+/*
+ * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
+ *
+ * rip must be created on the same pool as edp - this is not enforced, though.
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip);
+
+/*
+ * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
+ *
+ * at this point, we need
+ * - recipientinfos set up with recipient's certificates
+ * - a content encryption algorithm (if none, 3DES will be used)
+ *
+ * this function will generate a random content encryption key (aka bulk key),
+ * initialize the recipientinfos with certificate identification and wrap the bulk key
+ * using the proper algorithm for every certificiate.
+ * it will finally set the bulk algorithm and key so that the encode step can find it.
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd);
+
+/*
+ * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd);
+
+/*
+ * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd);
+
+/*
+ * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
+ * derive bulk key & set up our contentinfo
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd);
+
+/*
+ * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd);
+
+/*
+ * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
+ */
+extern SECStatus
+NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd);
+
+/************************************************************************
+ * cmsrecinfo.c - CMS recipientInfo methods
+ ************************************************************************/
+
+/*
+ * NSS_CMSRecipientInfo_Create - create a recipientinfo
+ *
+ * we currently do not create KeyAgreement recipientinfos with multiple recipientEncryptedKeys
+ * the certificate is supposed to have been verified by the caller
+ */
+extern NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert);
+
+extern NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg,
+ SECItem *subjKeyID,
+ SECKEYPublicKey *pubKey);
+
+extern NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert(NSSCMSMessage *cmsg,
+ CERTCertificate *cert);
+
+/*
+ * NSS_CMSRecipientInfo_CreateNew - create a blank recipientinfo for
+ * applications which want to encode their own CMS structures and
+ * key exchange types.
+ */
+extern NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateNew(void *pwfn_arg);
+
+/*
+ * NSS_CMSRecipientInfo_CreateFromDER - create a recipientinfo from partially
+ * decoded DER data for applications which want to encode their own CMS
+ * structures and key exchange types.
+ */
+extern NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateFromDER(SECItem *input, void *pwfn_arg);
+
+extern void
+NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri);
+
+/*
+ * NSS_CMSRecipientInfo_GetCertAndKey - retrieve the cert and key from the
+ * recipientInfo struct. If retcert or retkey are NULL, the cert or
+ * key (respectively) would not be returned). This function is a no-op if both
+ * retcert and retkey are NULL. Caller inherits ownership of the cert and key
+ * he requested (and is responsible to free them).
+ */
+SECStatus NSS_CMSRecipientInfo_GetCertAndKey(NSSCMSRecipientInfo *ri,
+ CERTCertificate **retcert,
+ SECKEYPrivateKey **retkey);
+
+extern int
+NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri);
+
+extern SECItem *
+NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex);
+
+/*
+ * NSS_CMSRecipientInfo_Encode - encode an NSS_CMSRecipientInfo as ASN.1
+ */
+SECStatus NSS_CMSRecipientInfo_Encode(PLArenaPool *poolp,
+ const NSSCMSRecipientInfo *src,
+ SECItem *returned);
+
+extern SECOidTag
+NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri);
+
+extern SECStatus
+NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey,
+ SECOidTag bulkalgtag);
+
+extern PK11SymKey *
+NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
+ CERTCertificate *cert, SECKEYPrivateKey *privkey,
+ SECOidTag bulkalgtag);
+
+/************************************************************************
+ * cmsencdata.c - CMS encryptedData methods
+ ************************************************************************/
+/*
+ * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
+ *
+ * "algorithm" specifies the bulk encryption algorithm to use.
+ * "keysize" is the key size.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+extern NSSCMSEncryptedData *
+NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
+
+/*
+ * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
+ */
+extern void
+NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
+ */
+extern NSSCMSContentInfo *
+NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
+ * before encoding begins.
+ *
+ * In particular:
+ * - set the correct version value.
+ * - get the encryption key
+ */
+extern SECStatus
+NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
+ */
+extern SECStatus
+NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
+ */
+extern SECStatus
+NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
+ */
+extern SECStatus
+NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
+ */
+extern SECStatus
+NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd);
+
+/*
+ * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
+ */
+extern SECStatus
+NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd);
+
+/************************************************************************
+ * cmsdigdata.c - CMS encryptedData methods
+ ************************************************************************/
+/*
+ * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
+ *
+ * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
+ * digestAlg is passed as parameter
+ * contentInfo must be filled by the user
+ * digest will be calculated while encoding
+ */
+extern NSSCMSDigestedData *
+NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg);
+
+/*
+ * NSS_CMSDigestedData_Destroy - destroy a digestedData object
+ */
+extern void
+NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
+ */
+extern NSSCMSContentInfo *
+NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
+ * before encoding begins.
+ *
+ * In particular:
+ * - set the right version number. The contentInfo's content type must be set up already.
+ */
+extern SECStatus
+NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
+ * before the encapsulated data is passed through the encoder.
+ *
+ * In detail:
+ * - set up the digests if necessary
+ */
+extern SECStatus
+NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - finish the digests
+ */
+extern SECStatus
+NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
+ * before the encapsulated data is passed through the encoder.
+ *
+ * In detail:
+ * - set up the digests if necessary
+ */
+extern SECStatus
+NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - finish the digests
+ */
+extern SECStatus
+NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd);
+
+/*
+ * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
+ *
+ * In detail:
+ * - check the digests for equality
+ */
+extern SECStatus
+NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd);
+
+/************************************************************************
+ * cmsdigest.c - digestion routines
+ ************************************************************************/
+
+/*
+ * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
+ * digest algorithms in "digestalgs" in parallel.
+ */
+extern NSSCMSDigestContext *
+NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs);
+
+/*
+ * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
+ * only one algorithm.
+ */
+extern NSSCMSDigestContext *
+NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg);
+
+/*
+ * NSS_CMSDigestContext_Update - feed more data into the digest machine
+ */
+extern void
+NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len);
+
+/*
+ * NSS_CMSDigestContext_Cancel - cancel digesting operation
+ */
+extern void
+NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx);
+
+/*
+ * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
+ * into an array of SECItems (allocated on poolp)
+ */
+extern SECStatus
+NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
+ SECItem ***digestsp);
+
+/*
+ * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
+ * but for one digest.
+ */
+extern SECStatus
+NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
+ SECItem *digest);
+
+/************************************************************************
+ *
+ ************************************************************************/
+
+/* shortcuts for basic use */
+
+/*
+ * NSS_CMSDEREncode - DER Encode a CMS message, with input being
+ * the plaintext message and derOut being the output,
+ * stored in arena's pool.
+ */
+extern SECStatus
+NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut,
+ PLArenaPool *arena);
+
+/************************************************************************
+ *
+ ************************************************************************/
+
+/*
+ * define new S/MIME content type entries
+ *
+ * S/MIME uses the builtin PKCS7 oid types for encoding and decoding the
+ * various S/MIME content. Some applications have their own content type
+ * which is different from the standard content type defined by S/MIME.
+ *
+ * This function allows you to register new content types. There are basically
+ * Two different types of content, Wrappping content, and Data.
+ *
+ * For data types, All the functions below can be zero or NULL excext
+ * type and is isData, which should be your oid tag and PR_FALSE respectively
+ *
+ * For wrapping types, everything must be provided, or you will get encoder
+ * failures.
+ *
+ * If NSS doesn't already define the OID that you need, you can register
+ * your own with SECOID_AddEntry.
+ *
+ * Once you have defined your new content type, you can pass your new content
+ * type to NSS_CMSContentInfo_SetContent().
+ *
+ * If you are using a wrapping type you can pass your own data structure in
+ * the ptr field, but it must contain and embedded NSSCMSGenericWrappingData
+ * structure as the first element. The size you pass to
+ * NSS_CMSType_RegisterContentType is the total size of your self defined
+ * data structure. NSS_CMSContentInfo_GetContent will return that data
+ * structure from the content info. Your ASN1Template will be evaluated
+ * against that data structure.
+ */
+SECStatus NSS_CMSType_RegisterContentType(SECOidTag type,
+ SEC_ASN1Template *asn1Template, size_t size,
+ NSSCMSGenericWrapperDataDestroy destroy,
+ NSSCMSGenericWrapperDataCallback decode_before,
+ NSSCMSGenericWrapperDataCallback decode_after,
+ NSSCMSGenericWrapperDataCallback decode_end,
+ NSSCMSGenericWrapperDataCallback encode_start,
+ NSSCMSGenericWrapperDataCallback encode_before,
+ NSSCMSGenericWrapperDataCallback encode_after,
+ PRBool isData);
+
+/************************************************************************/
+SEC_END_PROTOS
+
+#endif /* _CMS_H_ */
diff --git a/security/nss/lib/smime/cmsarray.c b/security/nss/lib/smime/cmsarray.c
new file mode 100644
index 000000000..6665d12be
--- /dev/null
+++ b/security/nss/lib/smime/cmsarray.c
@@ -0,0 +1,186 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS array functions.
+ */
+
+#include "cmslocal.h"
+
+#include "secerr.h"
+
+/*
+ * ARRAY FUNCTIONS
+ *
+ * In NSS, arrays are rather primitive arrays of pointers.
+ * Makes it easy to walk the array, but hard to count elements
+ * and manage the storage.
+ *
+ * This is a feeble attempt to encapsulate the functionality
+ * and get rid of hundreds of lines of similar code
+ */
+
+/*
+ * NSS_CMSArray_Alloc - allocate an array in an arena
+ *
+ * This allocates space for the array of pointers
+ */
+void **
+NSS_CMSArray_Alloc(PLArenaPool *poolp, int n)
+{
+ return (void **)PORT_ArenaZAlloc(poolp, n * sizeof(void *));
+}
+
+/*
+ * NSS_CMSArray_Add - add an element to the end of an array
+ *
+ * The array of pointers is either created (if array was empty before) or grown.
+ */
+SECStatus
+NSS_CMSArray_Add(PLArenaPool *poolp, void ***array, void *obj)
+{
+ void **p;
+ int n;
+ void **dest;
+
+ PORT_Assert(array != NULL);
+ if (array == NULL)
+ return SECFailure;
+
+ if (*array == NULL) {
+ dest = (void **)PORT_ArenaAlloc(poolp, 2 * sizeof(void *));
+ n = 0;
+ } else {
+ n = 0;
+ p = *array;
+ while (*p++)
+ n++;
+ dest = (void **)PORT_ArenaGrow(poolp,
+ *array,
+ (n + 1) * sizeof(void *),
+ (n + 2) * sizeof(void *));
+ }
+
+ if (dest == NULL)
+ return SECFailure;
+
+ dest[n] = obj;
+ dest[n + 1] = NULL;
+ *array = dest;
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSArray_IsEmpty - check if array is empty
+ */
+PRBool
+NSS_CMSArray_IsEmpty(void **array)
+{
+ return (array == NULL || array[0] == NULL);
+}
+
+/*
+ * NSS_CMSArray_Count - count number of elements in array
+ */
+int
+NSS_CMSArray_Count(void **array)
+{
+ int n = 0;
+
+ if (array == NULL)
+ return 0;
+
+ while (*array++ != NULL)
+ n++;
+
+ return n;
+}
+
+/*
+ * NSS_CMSArray_Sort - sort an array in place
+ *
+ * If "secondary" or "tertiary are not NULL, it must be arrays with the same
+ * number of elements as "primary". The same reordering will get applied to it.
+ *
+ * "compare" is a function that returns
+ * < 0 when the first element is less than the second
+ * = 0 when the first element is equal to the second
+ * > 0 when the first element is greater than the second
+ * to acheive ascending ordering.
+ */
+void
+NSS_CMSArray_Sort(void **primary, int (*compare)(void *, void *), void **secondary, void **tertiary)
+{
+ int n, i, limit, lastxchg;
+ void *tmp;
+
+ n = NSS_CMSArray_Count(primary);
+
+ PORT_Assert(secondary == NULL || NSS_CMSArray_Count(secondary) == n);
+ PORT_Assert(tertiary == NULL || NSS_CMSArray_Count(tertiary) == n);
+
+ if (n <= 1) /* ordering is fine */
+ return;
+
+ /* yes, ladies and gentlemen, it's BUBBLE SORT TIME! */
+ limit = n - 1;
+ while (1) {
+ lastxchg = 0;
+ for (i = 0; i < limit; i++) {
+ if ((*compare)(primary[i], primary[i + 1]) > 0) {
+ /* exchange the neighbours */
+ tmp = primary[i + 1];
+ primary[i + 1] = primary[i];
+ primary[i] = tmp;
+ if (secondary) { /* secondary array? */
+ tmp = secondary[i + 1]; /* exchange there as well */
+ secondary[i + 1] = secondary[i];
+ secondary[i] = tmp;
+ }
+ if (tertiary) { /* tertiary array? */
+ tmp = tertiary[i + 1]; /* exchange there as well */
+ tertiary[i + 1] = tertiary[i];
+ tertiary[i] = tmp;
+ }
+ lastxchg = i + 1; /* index of the last element bubbled up */
+ }
+ }
+ if (lastxchg == 0) /* no exchanges, so array is sorted */
+ break; /* we're done */
+ limit = lastxchg; /* array is sorted up to [limit] */
+ }
+}
+
+#if 0
+
+/* array iterator stuff... not used */
+
+typedef void **NSSCMSArrayIterator;
+
+/* iterator */
+NSSCMSArrayIterator
+NSS_CMSArray_First(void **array)
+{
+ if (array == NULL || array[0] == NULL)
+ return NULL;
+ return (NSSCMSArrayIterator)&(array[0]);
+}
+
+void *
+NSS_CMSArray_Obj(NSSCMSArrayIterator iter)
+{
+ void **p = (void **)iter;
+
+ return *iter; /* which is NULL if we are at the end of the array */
+}
+
+NSSCMSArrayIterator
+NSS_CMSArray_Next(NSSCMSArrayIterator iter)
+{
+ void **p = (void **)iter;
+
+ return (NSSCMSArrayIterator)(p + 1);
+}
+
+#endif
diff --git a/security/nss/lib/smime/cmsasn1.c b/security/nss/lib/smime/cmsasn1.c
new file mode 100644
index 000000000..15cf08fcc
--- /dev/null
+++ b/security/nss/lib/smime/cmsasn1.c
@@ -0,0 +1,491 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS ASN.1 templates
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "prtime.h"
+#include "secerr.h"
+
+extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
+
+SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
+SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+SEC_ASN1_MKSUB(SEC_BitStringTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
+SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
+
+/* -----------------------------------------------------------------------------
+ * MESSAGE
+ * (uses NSSCMSContentInfo)
+ */
+
+/* forward declaration */
+static const SEC_ASN1Template *
+nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
+
+static const SEC_ASN1TemplateChooserPtr nss_cms_chooser = nss_cms_choose_content_template;
+
+const SEC_ASN1Template NSSCMSMessageTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSMessage) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(NSSCMSMessage, contentInfo.contentType) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSCMSMessage, contentInfo.content),
+ &nss_cms_chooser },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * ENCAPSULATED & ENCRYPTED CONTENTINFO
+ * (both use a NSSCMSContentInfo)
+ */
+static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSContentInfo) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(NSSCMSContentInfo, contentType) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
+ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(NSSCMSContentInfo, rawContent),
+ SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSContentInfo) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(NSSCMSContentInfo, contentType) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSContentInfo, contentEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(NSSCMSContentInfo, rawContent),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate) },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * SIGNED DATA
+ */
+
+const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
+
+const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSSignedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSSignedData, version) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(NSSCMSSignedData, digestAlgorithms),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSSignedData, contentInfo),
+ NSSCMSEncapsulatedContentInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(NSSCMSSignedData, rawCerts),
+ SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(NSSCMSSignedData, crls),
+ SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
+ { SEC_ASN1_SET_OF,
+ offsetof(NSSCMSSignedData, signerInfos),
+ NSSCMSSignerInfoTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
+};
+
+/* -----------------------------------------------------------------------------
+ * signeridentifier
+ */
+
+static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(NSSCMSSignerIdentifier, identifierType), NULL,
+ sizeof(NSSCMSSignerIdentifier) },
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(NSSCMSSignerIdentifier, id.subjectKeyID),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate),
+ NSSCMSRecipientID_SubjectKeyID },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(NSSCMSSignerIdentifier, id.issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
+ NSSCMSRecipientID_IssuerSN },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * signerinfo
+ */
+
+const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSSignerInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSSignerInfo, version) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSSignerInfo, signerIdentifier),
+ NSSCMSSignerIdentifierTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSSignerInfo, digestAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSCMSSignerInfo, authAttr),
+ nss_cms_set_of_attribute_template },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSSignerInfo, digestEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSSignerInfo, encDigest) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(NSSCMSSignerInfo, unAuthAttr),
+ nss_cms_set_of_attribute_template },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * ENVELOPED DATA
+ */
+
+static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSOriginatorInfo) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(NSSCMSOriginatorInfo, rawCerts),
+ SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(NSSCMSOriginatorInfo, crls),
+ SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
+
+const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSEnvelopedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSEnvelopedData, version) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSCMSEnvelopedData, originatorInfo),
+ NSSCMSOriginatorInfoTemplate },
+ { SEC_ASN1_SET_OF,
+ offsetof(NSSCMSEnvelopedData, recipientInfos),
+ NSSCMSRecipientInfoTemplate },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSEnvelopedData, contentInfo),
+ NSSCMSEncryptedContentInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(NSSCMSEnvelopedData, unprotectedAttr),
+ nss_cms_set_of_attribute_template },
+ { 0 }
+};
+
+const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
+};
+
+/* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
+
+/* -----------------------------------------------------------------------------
+ * key transport recipient info
+ */
+
+static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(NSSCMSRecipientIdentifier, identifierType), NULL,
+ sizeof(NSSCMSRecipientIdentifier) },
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(NSSCMSRecipientIdentifier, id.subjectKeyID),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate),
+ NSSCMSRecipientID_SubjectKeyID },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(NSSCMSRecipientIdentifier, id.issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
+ NSSCMSRecipientID_IssuerSN },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSKeyTransRecipientInfo, version) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSKeyTransRecipientInfo, recipientIdentifier),
+ NSSCMSRecipientIdentifierTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSKeyTransRecipientInfo, keyEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSKeyTransRecipientInfo, encKey) },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * key agreement recipient info
+ */
+
+static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSOriginatorPublicKey, algorithmIdentifier),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSOriginatorPublicKey, publicKey),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(NSSCMSOriginatorIdentifierOrKey, identifierType), NULL,
+ sizeof(NSSCMSOriginatorIdentifierOrKey) },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(NSSCMSOriginatorIdentifierOrKey, id.issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
+ NSSCMSOriginatorIDOrKey_IssuerSN },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(NSSCMSOriginatorIdentifierOrKey, id.subjectKeyID),
+ SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate),
+ NSSCMSOriginatorIDOrKey_SubjectKeyID },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
+ offsetof(NSSCMSOriginatorIdentifierOrKey, id.originatorPublicKey),
+ NSSCMSOriginatorPublicKeyTemplate,
+ NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
+ { 0 }
+};
+
+const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSRecipientKeyIdentifier, subjectKeyIdentifier) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSRecipientKeyIdentifier, date) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSRecipientKeyIdentifier, other) },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(NSSCMSKeyAgreeRecipientIdentifier, identifierType), NULL,
+ sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
+ { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
+ offsetof(NSSCMSKeyAgreeRecipientIdentifier, id.issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
+ NSSCMSKeyAgreeRecipientID_IssuerSN },
+ { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSCMSKeyAgreeRecipientIdentifier, id.recipientKeyIdentifier),
+ NSSCMSRecipientKeyIdentifierTemplate,
+ NSSCMSKeyAgreeRecipientID_RKeyID },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSRecipientEncryptedKey, recipientIdentifier),
+ NSSCMSKeyAgreeRecipientIdentifierTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSRecipientEncryptedKey, encKey),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSKeyAgreeRecipientInfo, version) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSCMSKeyAgreeRecipientInfo, originatorIdentifierOrKey),
+ NSSCMSOriginatorIdentifierOrKeyTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(NSSCMSKeyAgreeRecipientInfo, ukm),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSKeyAgreeRecipientInfo, keyEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_SEQUENCE_OF,
+ offsetof(NSSCMSKeyAgreeRecipientInfo, recipientEncryptedKeys),
+ NSSCMSRecipientEncryptedKeyTemplate },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * KEK recipient info
+ */
+
+static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSKEKIdentifier) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSKEKIdentifier, keyIdentifier) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSKEKIdentifier, date) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSKEKIdentifier, other) },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSKEKRecipientInfo, version) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSKEKRecipientInfo, kekIdentifier),
+ NSSCMSKEKIdentifierTemplate },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSKEKRecipientInfo, keyEncAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSKEKRecipientInfo, encKey) },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ * recipient info
+ */
+const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(NSSCMSRecipientInfo, recipientInfoType), NULL,
+ sizeof(NSSCMSRecipientInfo) },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(NSSCMSRecipientInfo, ri.keyAgreeRecipientInfo),
+ NSSCMSKeyAgreeRecipientInfoTemplate,
+ NSSCMSRecipientInfoID_KeyAgree },
+ { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
+ offsetof(NSSCMSRecipientInfo, ri.kekRecipientInfo),
+ NSSCMSKEKRecipientInfoTemplate,
+ NSSCMSRecipientInfoID_KEK },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSRecipientInfo, ri.keyTransRecipientInfo),
+ NSSCMSKeyTransRecipientInfoTemplate,
+ NSSCMSRecipientInfoID_KeyTrans },
+ { 0 }
+};
+
+/* -----------------------------------------------------------------------------
+ *
+ */
+
+const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSDigestedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSDigestedData, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSCMSDigestedData, digestAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSDigestedData, contentInfo),
+ NSSCMSEncapsulatedContentInfoTemplate },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSCMSDigestedData, digest) },
+ { 0 }
+};
+
+const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
+};
+
+const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
+ 0, NULL, sizeof(NSSCMSEncryptedData) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSCMSEncryptedData, version) },
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSEncryptedData, contentInfo),
+ NSSCMSEncryptedContentInfoTemplate },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
+ offsetof(NSSCMSEncryptedData, unprotectedAttr),
+ nss_cms_set_of_attribute_template },
+ { 0 }
+};
+
+const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
+};
+
+const SEC_ASN1Template NSSCMSGenericWrapperDataTemplate[] = {
+ { SEC_ASN1_INLINE,
+ offsetof(NSSCMSGenericWrapperData, contentInfo),
+ NSSCMSEncapsulatedContentInfoTemplate },
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(NSSCMSGenericWrapperDataTemplate)
+
+const SEC_ASN1Template NSS_PointerToCMSGenericWrapperDataTemplate[] = {
+ { SEC_ASN1_POINTER, 0, NSSCMSGenericWrapperDataTemplate }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(NSS_PointerToCMSGenericWrapperDataTemplate)
+
+/* -----------------------------------------------------------------------------
+ *
+ */
+static const SEC_ASN1Template *
+nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ NSSCMSContentInfo *cinfo;
+ SECOidTag type;
+
+ PORT_Assert(src_or_dest != NULL);
+ if (src_or_dest == NULL)
+ return NULL;
+
+ cinfo = (NSSCMSContentInfo *)src_or_dest;
+ type = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ switch (type) {
+ default:
+ theTemplate = NSS_CMSType_GetTemplate(type);
+ break;
+ case SEC_OID_PKCS7_DATA:
+ theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ theTemplate = NSS_PointerToCMSSignedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ theTemplate = NSS_PointerToCMSDigestedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
+ break;
+ }
+ return theTemplate;
+}
diff --git a/security/nss/lib/smime/cmsattr.c b/security/nss/lib/smime/cmsattr.c
new file mode 100644
index 000000000..c1ec760d2
--- /dev/null
+++ b/security/nss/lib/smime/cmsattr.c
@@ -0,0 +1,425 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS attributes.
+ */
+
+#include "cmslocal.h"
+
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+
+/*
+ * -------------------------------------------------------------------
+ * XXX The following Attribute stuff really belongs elsewhere.
+ * The Attribute type is *not* part of CMS but rather X.501.
+ * But for now, since CMS is the only customer of attributes,
+ * we define them here. Once there is a use outside of CMS,
+ * then change the attribute types and functions from internal
+ * to external naming convention, and move them elsewhere!
+ */
+
+/*
+ * NSS_CMSAttribute_Create - create an attribute
+ *
+ * if value is NULL, the attribute won't have a value. It can be added later
+ * with NSS_CMSAttribute_AddValue.
+ */
+NSSCMSAttribute *
+NSS_CMSAttribute_Create(PLArenaPool *poolp, SECOidTag oidtag, SECItem *value,
+ PRBool encoded)
+{
+ NSSCMSAttribute *attr;
+ SECItem *copiedvalue;
+ void *mark;
+
+ PORT_Assert(poolp != NULL);
+
+ mark = PORT_ArenaMark(poolp);
+
+ attr = (NSSCMSAttribute *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSAttribute));
+ if (attr == NULL)
+ goto loser;
+
+ attr->typeTag = SECOID_FindOIDByTag(oidtag);
+ if (attr->typeTag == NULL)
+ goto loser;
+
+ if (SECITEM_CopyItem(poolp, &(attr->type), &(attr->typeTag->oid)) != SECSuccess)
+ goto loser;
+
+ if (value != NULL) {
+ if ((copiedvalue = SECITEM_ArenaDupItem(poolp, value)) == NULL)
+ goto loser;
+
+ if (NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)copiedvalue) != SECSuccess)
+ goto loser;
+ }
+
+ attr->encoded = encoded;
+
+ PORT_ArenaUnmark(poolp, mark);
+
+ return attr;
+
+loser:
+ PORT_Assert(mark != NULL);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/*
+ * NSS_CMSAttribute_AddValue - add another value to an attribute
+ */
+SECStatus
+NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value)
+{
+ SECItem *copiedvalue;
+ void *mark;
+
+ PORT_Assert(poolp != NULL);
+
+ mark = PORT_ArenaMark(poolp);
+
+ if (value == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+
+ if ((copiedvalue = SECITEM_ArenaDupItem(poolp, value)) == NULL)
+ goto loser;
+
+ if (NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)copiedvalue) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_Assert(mark != NULL);
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSAttribute_GetType - return the OID tag
+ */
+SECOidTag
+NSS_CMSAttribute_GetType(NSSCMSAttribute *attr)
+{
+ SECOidData *typetag;
+
+ typetag = SECOID_FindOID(&(attr->type));
+ if (typetag == NULL)
+ return SEC_OID_UNKNOWN;
+
+ return typetag->offset;
+}
+
+/*
+ * NSS_CMSAttribute_GetValue - return the first attribute value
+ *
+ * We do some sanity checking first:
+ * - Multiple values are *not* expected.
+ * - Empty values are *not* expected.
+ */
+SECItem *
+NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr)
+{
+ SECItem *value;
+
+ if (attr == NULL)
+ return NULL;
+
+ value = attr->values[0];
+
+ if (value == NULL || value->data == NULL || value->len == 0)
+ return NULL;
+
+ if (attr->values[1] != NULL)
+ return NULL;
+
+ return value;
+}
+
+/*
+ * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
+ */
+PRBool
+NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av)
+{
+ SECItem *value;
+
+ if (attr == NULL)
+ return PR_FALSE;
+
+ value = NSS_CMSAttribute_GetValue(attr);
+
+ return (value != NULL && value->len == av->len &&
+ PORT_Memcmp(value->data, av->data, value->len) == 0);
+}
+
+/*
+ * templates and functions for separate ASN.1 encoding of attributes
+ *
+ * used in NSS_CMSAttributeArray_Reorder
+ */
+
+/*
+ * helper function for dynamic template determination of the attribute value
+ */
+static const SEC_ASN1Template *
+cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
+{
+ const SEC_ASN1Template *theTemplate;
+ NSSCMSAttribute *attribute;
+ SECOidData *oiddata;
+ PRBool encoded;
+
+ PORT_Assert(src_or_dest != NULL);
+ if (src_or_dest == NULL)
+ return NULL;
+
+ attribute = (NSSCMSAttribute *)src_or_dest;
+
+ if (encoding && (!attribute->values || !attribute->values[0] ||
+ attribute->encoded)) {
+ /* we're encoding, and the attribute has no value or the attribute
+ * value is already encoded. */
+ return SEC_ASN1_GET(SEC_AnyTemplate);
+ }
+
+ /* get attribute's typeTag */
+ oiddata = attribute->typeTag;
+ if (oiddata == NULL) {
+ oiddata = SECOID_FindOID(&attribute->type);
+ attribute->typeTag = oiddata;
+ }
+
+ if (oiddata == NULL) {
+ /* still no OID tag? OID is unknown then. en/decode value as ANY. */
+ encoded = PR_TRUE;
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ } else {
+ switch (oiddata->offset) {
+ case SEC_OID_PKCS9_SMIME_CAPABILITIES:
+ case SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE:
+ /* these guys need to stay DER-encoded */
+ default:
+ /* same goes for OIDs that are not handled here */
+ encoded = PR_TRUE;
+ theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
+ break;
+ /* otherwise choose proper template */
+ case SEC_OID_PKCS9_EMAIL_ADDRESS:
+ case SEC_OID_RFC1274_MAIL:
+ case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
+ break;
+ case SEC_OID_PKCS9_CONTENT_TYPE:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
+ break;
+ case SEC_OID_PKCS9_MESSAGE_DIGEST:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
+ break;
+ case SEC_OID_PKCS9_SIGNING_TIME:
+ encoded = PR_FALSE;
+ theTemplate = SEC_ASN1_GET(CERT_TimeChoiceTemplate);
+ break;
+ /* XXX Want other types here, too */
+ }
+ }
+
+ if (encoding) {
+ /*
+ * If we are encoding and we think we have an already-encoded value,
+ * then the code which initialized this attribute should have set
+ * the "encoded" property to true (and we would have returned early,
+ * up above). No devastating error, but that code should be fixed.
+ * (It could indicate that the resulting encoded bytes are wrong.)
+ */
+ PORT_Assert(!encoded);
+ } else {
+ /*
+ * We are decoding; record whether the resulting value is
+ * still encoded or not.
+ */
+ attribute->encoded = encoded;
+ }
+ return theTemplate;
+}
+
+static const SEC_ASN1TemplateChooserPtr cms_attr_chooser = cms_attr_choose_attr_value_template;
+
+const SEC_ASN1Template nss_cms_attribute_template[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSCMSAttribute) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(NSSCMSAttribute, type) },
+ { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
+ offsetof(NSSCMSAttribute, values),
+ &cms_attr_chooser },
+ { 0 }
+};
+
+const SEC_ASN1Template nss_cms_set_of_attribute_template[] = {
+ { SEC_ASN1_SET_OF, 0, nss_cms_attribute_template },
+};
+
+/* =============================================================================
+ * Attribute Array methods
+ */
+
+/*
+ * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
+ *
+ * If you are wondering why this routine does not reorder the attributes
+ * first, and might be tempted to make it do so, see the comment by the
+ * call to ReorderAttributes in cmsencode.c. (Or, see who else calls this
+ * and think long and hard about the implications of making it always
+ * do the reordering.)
+ */
+SECItem *
+NSS_CMSAttributeArray_Encode(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest)
+{
+ return SEC_ASN1EncodeItem(poolp, dest, (void *)attrs, nss_cms_set_of_attribute_template);
+}
+
+/*
+ * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
+ *
+ * make sure that the order of the attributes guarantees valid DER (which must be
+ * in lexigraphically ascending order for a SET OF); if reordering is necessary it
+ * will be done in place (in attrs).
+ */
+SECStatus
+NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs)
+{
+ return NSS_CMSArray_SortByDER((void **)attrs, nss_cms_attribute_template, NULL);
+}
+
+/*
+ * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
+ * find one that matches the specified object ID.
+ *
+ * If "only" is true, then make sure that there is not more than one attribute
+ * of the same type. Otherwise, just return the first one found. (XXX Does
+ * anybody really want that first-found behavior? It was like that when I found it...)
+ */
+NSSCMSAttribute *
+NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only)
+{
+ SECOidData *oid;
+ NSSCMSAttribute *attr1, *attr2;
+
+ if (attrs == NULL)
+ return NULL;
+
+ oid = SECOID_FindOIDByTag(oidtag);
+ if (oid == NULL)
+ return NULL;
+
+ while ((attr1 = *attrs++) != NULL) {
+ if (attr1->type.len == oid->oid.len &&
+ PORT_Memcmp(attr1->type.data, oid->oid.data, oid->oid.len) == 0)
+ break;
+ }
+
+ if (attr1 == NULL)
+ return NULL;
+
+ if (!only)
+ return attr1;
+
+ while ((attr2 = *attrs++) != NULL) {
+ if (attr2->type.len == oid->oid.len &&
+ PORT_Memcmp(attr2->type.data, oid->oid.data, oid->oid.len) == 0)
+ break;
+ }
+
+ if (attr2 != NULL)
+ return NULL;
+
+ return attr1;
+}
+
+/*
+ * NSS_CMSAttributeArray_AddAttr - add an attribute to an
+ * array of attributes.
+ */
+SECStatus
+NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs,
+ NSSCMSAttribute *attr)
+{
+ NSSCMSAttribute *oattr;
+ void *mark;
+ SECOidTag type;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* find oidtag of attr */
+ type = NSS_CMSAttribute_GetType(attr);
+
+ /* see if we have one already */
+ oattr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
+ PORT_Assert(oattr == NULL);
+ if (oattr != NULL)
+ goto loser; /* XXX or would it be better to replace it? */
+
+ /* no, shove it in */
+ if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
+ */
+SECStatus
+NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs,
+ SECOidTag type, SECItem *value, PRBool encoded)
+{
+ NSSCMSAttribute *attr;
+ void *mark;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* see if we have one already */
+ attr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
+ if (attr == NULL) {
+ /* not found? create one! */
+ attr = NSS_CMSAttribute_Create(poolp, type, value, encoded);
+ if (attr == NULL)
+ goto loser;
+ /* and add it to the list */
+ if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
+ goto loser;
+ } else {
+ /* found, shove it in */
+ /* XXX we need a decent memory model @#$#$!#!!! */
+ attr->values[0] = value;
+ attr->encoded = encoded;
+ }
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c
new file mode 100644
index 000000000..08db662f8
--- /dev/null
+++ b/security/nss/lib/smime/cmscinfo.c
@@ -0,0 +1,375 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS contentInfo methods.
+ */
+
+#include "cmslocal.h"
+
+#include "pk11func.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secerr.h"
+
+/*
+ * NSS_CMSContentInfo_Create - create a content info
+ *
+ * version is set in the _Finalize procedures for each content type
+ */
+SECStatus
+NSS_CMSContentInfo_Private_Init(NSSCMSContentInfo *cinfo)
+{
+ if (cinfo->privateInfo) {
+ return SECSuccess;
+ }
+ cinfo->privateInfo = PORT_ZNew(NSSCMSContentInfoPrivate);
+ return (cinfo->privateInfo) ? SECSuccess : SECFailure;
+}
+
+static void
+nss_cmsContentInfo_private_destroy(NSSCMSContentInfoPrivate *privateInfo)
+{
+ if (privateInfo->digcx) {
+ /* must destroy digest objects */
+ NSS_CMSDigestContext_Cancel(privateInfo->digcx);
+ privateInfo->digcx = NULL;
+ }
+ if (privateInfo->ciphcx) {
+ NSS_CMSCipherContext_Destroy(privateInfo->ciphcx);
+ privateInfo->ciphcx = NULL;
+ }
+ PORT_Free(privateInfo);
+}
+
+/*
+ * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
+ */
+void
+NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo)
+{
+ SECOidTag kind;
+
+ kind = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ switch (kind) {
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ NSS_CMSEnvelopedData_Destroy(cinfo->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ NSS_CMSSignedData_Destroy(cinfo->content.signedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ NSS_CMSEncryptedData_Destroy(cinfo->content.encryptedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ NSS_CMSDigestedData_Destroy(cinfo->content.digestedData);
+ break;
+ default:
+ NSS_CMSGenericWrapperData_Destroy(kind, cinfo->content.genericData);
+ /* XXX Anything else that needs to be "manually" freed/destroyed? */
+ break;
+ }
+ if (cinfo->privateInfo) {
+ nss_cmsContentInfo_private_destroy(cinfo->privateInfo);
+ cinfo->privateInfo = NULL;
+ }
+ if (cinfo->bulkkey) {
+ PK11_FreeSymKey(cinfo->bulkkey);
+ }
+}
+
+/*
+ * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
+ */
+NSSCMSContentInfo *
+NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo)
+{
+ NSSCMSContentInfo *ccinfo = NULL;
+ SECOidTag tag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ switch (tag) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ if (cinfo->content.signedData != NULL) {
+ ccinfo = &(cinfo->content.signedData->contentInfo);
+ }
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ if (cinfo->content.envelopedData != NULL) {
+ ccinfo = &(cinfo->content.envelopedData->contentInfo);
+ }
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ if (cinfo->content.digestedData != NULL) {
+ ccinfo = &(cinfo->content.digestedData->contentInfo);
+ }
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ if (cinfo->content.encryptedData != NULL) {
+ ccinfo = &(cinfo->content.encryptedData->contentInfo);
+ }
+ break;
+ case SEC_OID_PKCS7_DATA:
+ default:
+ if (NSS_CMSType_IsWrapper(tag)) {
+ if (cinfo->content.genericData != NULL) {
+ ccinfo = &(cinfo->content.genericData->contentInfo);
+ }
+ }
+ break;
+ }
+ if (ccinfo && !ccinfo->privateInfo) {
+ NSS_CMSContentInfo_Private_Init(ccinfo);
+ }
+ return ccinfo;
+}
+
+SECStatus
+NSS_CMSContentInfo_SetDontStream(NSSCMSContentInfo *cinfo, PRBool dontStream)
+{
+ SECStatus rv;
+
+ rv = NSS_CMSContentInfo_Private_Init(cinfo);
+ if (rv != SECSuccess) {
+ /* default is streaming, failure to get ccinfo will not effect this */
+ return dontStream ? SECFailure : SECSuccess;
+ }
+ cinfo->privateInfo->dontStream = dontStream;
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSContentInfo_SetContent - set content type & content
+ */
+SECStatus
+NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo,
+ SECOidTag type, void *ptr)
+{
+ SECStatus rv;
+
+ cinfo->contentTypeTag = SECOID_FindOIDByTag(type);
+ if (cinfo->contentTypeTag == NULL)
+ return SECFailure;
+
+ /* do not copy the oid, just create a reference */
+ rv = SECITEM_CopyItem(cmsg->poolp, &(cinfo->contentType), &(cinfo->contentTypeTag->oid));
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ cinfo->content.pointer = ptr;
+
+ if (NSS_CMSType_IsData(type) && ptr) {
+ cinfo->rawContent = ptr;
+ } else {
+ /* as we always have some inner data,
+ * we need to set it to something, just to fool the encoder enough to work on it
+ * and get us into nss_cms_encoder_notify at that point */
+ cinfo->rawContent = SECITEM_AllocItem(cmsg->poolp, NULL, 1);
+ if (cinfo->rawContent == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetContent
+ */
+
+/*
+ * data == NULL -> pass in data via NSS_CMSEncoder_Update
+ * data != NULL -> take this data
+ */
+SECStatus
+NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo,
+ SECItem *data, PRBool detached)
+{
+ if (NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DATA, (void *)data) != SECSuccess)
+ return SECFailure;
+ if (detached) {
+ cinfo->rawContent = NULL;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo,
+ NSSCMSSignedData *sigd)
+{
+ return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_SIGNED_DATA, (void *)sigd);
+}
+
+SECStatus
+NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo,
+ NSSCMSEnvelopedData *envd)
+{
+ return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENVELOPED_DATA, (void *)envd);
+}
+
+SECStatus
+NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo,
+ NSSCMSDigestedData *digd)
+{
+ return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DIGESTED_DATA, (void *)digd);
+}
+
+SECStatus
+NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo,
+ NSSCMSEncryptedData *encd)
+{
+ return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENCRYPTED_DATA, (void *)encd);
+}
+
+/*
+ * NSS_CMSContentInfo_GetContent - get pointer to inner content
+ *
+ * needs to be casted...
+ */
+void *
+NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo)
+{
+ SECOidTag tag = cinfo->contentTypeTag
+ ? cinfo->contentTypeTag->offset
+ : SEC_OID_UNKNOWN;
+ switch (tag) {
+ case SEC_OID_PKCS7_DATA:
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ return cinfo->content.pointer;
+ default:
+ return NSS_CMSType_IsWrapper(tag) ? cinfo->content.pointer
+ : (NSS_CMSType_IsData(tag) ? cinfo->rawContent
+ : NULL);
+ }
+}
+
+/*
+ * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
+ *
+ * this is typically only called by NSS_CMSMessage_GetContent()
+ */
+
+SECItem *
+NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo)
+{
+ NSSCMSContentInfo *ccinfo;
+ SECOidTag tag;
+ SECItem *pItem = NULL;
+
+ tag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ if (NSS_CMSType_IsData(tag)) {
+ pItem = cinfo->content.data;
+ } else if (NSS_CMSType_IsWrapper(tag)) {
+ ccinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo);
+ if (ccinfo != NULL) {
+ pItem = NSS_CMSContentInfo_GetContent(ccinfo);
+ }
+ } else {
+ PORT_Assert(0);
+ }
+
+ return pItem;
+}
+
+/*
+ * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
+ * for future reference) and return the inner content type.
+ */
+SECOidTag
+NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo)
+{
+ if (cinfo->contentTypeTag == NULL)
+ cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
+
+ if (cinfo->contentTypeTag == NULL)
+ return SEC_OID_UNKNOWN;
+
+ return cinfo->contentTypeTag->offset;
+}
+
+SECItem *
+NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo)
+{
+ if (cinfo->contentTypeTag == NULL)
+ cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
+
+ if (cinfo->contentTypeTag == NULL)
+ return NULL;
+
+ return &(cinfo->contentTypeTag->oid);
+}
+
+/*
+ * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
+ * for future reference) and return the content encryption algorithm tag.
+ */
+SECOidTag
+NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo)
+{
+ if (cinfo->contentEncAlgTag == SEC_OID_UNKNOWN)
+ cinfo->contentEncAlgTag = SECOID_GetAlgorithmTag(&(cinfo->contentEncAlg));
+
+ return cinfo->contentEncAlgTag;
+}
+
+/*
+ * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
+ */
+SECAlgorithmID *
+NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo)
+{
+ return &(cinfo->contentEncAlg);
+}
+
+SECStatus
+NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
+ SECOidTag bulkalgtag, SECItem *parameters, int keysize)
+{
+ SECStatus rv;
+
+ rv = SECOID_SetAlgorithmID(poolp, &(cinfo->contentEncAlg), bulkalgtag, parameters);
+ if (rv != SECSuccess)
+ return SECFailure;
+ cinfo->keysize = keysize;
+ return SECSuccess;
+}
+
+SECStatus
+NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
+ SECAlgorithmID *algid, int keysize)
+{
+ SECStatus rv;
+
+ rv = SECOID_CopyAlgorithmID(poolp, &(cinfo->contentEncAlg), algid);
+ if (rv != SECSuccess)
+ return SECFailure;
+ if (keysize >= 0)
+ cinfo->keysize = keysize;
+ return SECSuccess;
+}
+
+void
+NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey)
+{
+ cinfo->bulkkey = PK11_ReferenceSymKey(bulkkey);
+ cinfo->keysize = PK11_GetKeyStrength(cinfo->bulkkey, &(cinfo->contentEncAlg));
+}
+
+PK11SymKey *
+NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo)
+{
+ if (cinfo->bulkkey == NULL)
+ return NULL;
+
+ return PK11_ReferenceSymKey(cinfo->bulkkey);
+}
+
+int
+NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo)
+{
+ return cinfo->keysize;
+}
diff --git a/security/nss/lib/smime/cmscipher.c b/security/nss/lib/smime/cmscipher.c
new file mode 100644
index 000000000..9c8330b23
--- /dev/null
+++ b/security/nss/lib/smime/cmscipher.c
@@ -0,0 +1,722 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Encryption/decryption routines for CMS implementation, none of which are exported.
+ */
+
+#include "cmslocal.h"
+
+#include "secoid.h"
+#include "secitem.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "secpkcs5.h"
+
+/*
+ * -------------------------------------------------------------------
+ * Cipher stuff.
+ */
+
+typedef SECStatus (*nss_cms_cipher_function)(void *, unsigned char *, unsigned int *,
+ unsigned int, const unsigned char *, unsigned int);
+typedef SECStatus (*nss_cms_cipher_destroy)(void *, PRBool);
+
+#define BLOCK_SIZE 4096
+
+struct NSSCMSCipherContextStr {
+ void *cx; /* PK11 cipher context */
+ nss_cms_cipher_function doit;
+ nss_cms_cipher_destroy destroy;
+ PRBool encrypt; /* encrypt / decrypt switch */
+ int block_size; /* block & pad sizes for cipher */
+ int pad_size;
+ int pending_count; /* pending data (not yet en/decrypted */
+ unsigned char pending_buf[BLOCK_SIZE]; /* because of blocking */
+};
+
+/*
+ * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
+ * based on the given bulk encryption key and algorithm identifier (which
+ * may include an iv).
+ *
+ * XXX Once both are working, it might be nice to combine this and the
+ * function below (for starting up encryption) into one routine, and just
+ * have two simple cover functions which call it.
+ */
+NSSCMSCipherContext *
+NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid)
+{
+ NSSCMSCipherContext *cc;
+ void *ciphercx;
+ CK_MECHANISM_TYPE cryptoMechType;
+ PK11SlotInfo *slot;
+ SECOidTag algtag;
+ SECItem *param = NULL;
+
+ algtag = SECOID_GetAlgorithmTag(algid);
+
+ /* set param and mechanism */
+ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
+ SECItem *pwitem;
+
+ pwitem = PK11_GetSymKeyUserData(key);
+ if (!pwitem)
+ return NULL;
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &param, pwitem);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ SECITEM_FreeItem(param, PR_TRUE);
+ return NULL;
+ }
+
+ } else {
+ cryptoMechType = PK11_AlgtagToMechanism(algtag);
+ if ((param = PK11_ParamFromAlgid(algid)) == NULL)
+ return NULL;
+ }
+
+ cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
+ if (cc == NULL) {
+ SECITEM_FreeItem(param, PR_TRUE);
+ return NULL;
+ }
+
+ /* figure out pad and block sizes */
+ cc->pad_size = PK11_GetBlockSize(cryptoMechType, param);
+ slot = PK11_GetSlotFromKey(key);
+ cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
+ PK11_FreeSlot(slot);
+
+ /* create PK11 cipher context */
+ ciphercx = PK11_CreateContextBySymKey(cryptoMechType, CKA_DECRYPT,
+ key, param);
+ SECITEM_FreeItem(param, PR_TRUE);
+ if (ciphercx == NULL) {
+ PORT_Free(cc);
+ return NULL;
+ }
+
+ cc->cx = ciphercx;
+ cc->doit = (nss_cms_cipher_function)PK11_CipherOp;
+ cc->destroy = (nss_cms_cipher_destroy)PK11_DestroyContext;
+ cc->encrypt = PR_FALSE;
+ cc->pending_count = 0;
+
+ return cc;
+}
+
+/*
+ * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
+ * based on the given bulk encryption key and algorithm tag. Fill in the
+ * algorithm identifier (which may include an iv) appropriately.
+ *
+ * XXX Once both are working, it might be nice to combine this and the
+ * function above (for starting up decryption) into one routine, and just
+ * have two simple cover functions which call it.
+ */
+NSSCMSCipherContext *
+NSS_CMSCipherContext_StartEncrypt(PLArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid)
+{
+ NSSCMSCipherContext *cc;
+ void *ciphercx = NULL;
+ SECStatus rv;
+ CK_MECHANISM_TYPE cryptoMechType;
+ PK11SlotInfo *slot;
+ SECItem *param = NULL;
+ PRBool needToEncodeAlgid = PR_FALSE;
+ SECOidTag algtag = SECOID_GetAlgorithmTag(algid);
+
+ /* set param and mechanism */
+ if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
+ SECItem *pwitem;
+
+ pwitem = PK11_GetSymKeyUserData(key);
+ if (!pwitem)
+ return NULL;
+
+ cryptoMechType = PK11_GetPBECryptoMechanism(algid, &param, pwitem);
+ if (cryptoMechType == CKM_INVALID_MECHANISM) {
+ SECITEM_FreeItem(param, PR_TRUE);
+ return NULL;
+ }
+ } else {
+ cryptoMechType = PK11_AlgtagToMechanism(algtag);
+ if ((param = PK11_GenerateNewParam(cryptoMechType, key)) == NULL)
+ return NULL;
+ needToEncodeAlgid = PR_TRUE;
+ }
+
+ cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
+ if (cc == NULL) {
+ goto loser;
+ }
+
+ /* now find pad and block sizes for our mechanism */
+ cc->pad_size = PK11_GetBlockSize(cryptoMechType, param);
+ slot = PK11_GetSlotFromKey(key);
+ cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
+ PK11_FreeSlot(slot);
+
+ /* and here we go, creating a PK11 cipher context */
+ ciphercx = PK11_CreateContextBySymKey(cryptoMechType, CKA_ENCRYPT,
+ key, param);
+ if (ciphercx == NULL) {
+ PORT_Free(cc);
+ cc = NULL;
+ goto loser;
+ }
+
+ /*
+ * These are placed after the CreateContextBySymKey() because some
+ * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
+ * Don't move it from here.
+ * XXX is that right? the purpose of this is to get the correct algid
+ * containing the IVs etc. for encoding. this means we need to set this up
+ * BEFORE encoding the algid in the contentInfo, right?
+ */
+ if (needToEncodeAlgid) {
+ rv = PK11_ParamToAlgid(algtag, param, poolp, algid);
+ if (rv != SECSuccess) {
+ PORT_Free(cc);
+ cc = NULL;
+ goto loser;
+ }
+ }
+
+ cc->cx = ciphercx;
+ ciphercx = NULL;
+ cc->doit = (nss_cms_cipher_function)PK11_CipherOp;
+ cc->destroy = (nss_cms_cipher_destroy)PK11_DestroyContext;
+ cc->encrypt = PR_TRUE;
+ cc->pending_count = 0;
+
+loser:
+ SECITEM_FreeItem(param, PR_TRUE);
+ if (ciphercx) {
+ PK11_DestroyContext(ciphercx, PR_TRUE);
+ }
+
+ return cc;
+}
+
+void
+NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc)
+{
+ PORT_Assert(cc != NULL);
+ if (cc == NULL)
+ return;
+ (*cc->destroy)(cc->cx, PR_TRUE);
+ PORT_Free(cc);
+}
+
+/*
+ * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
+ *
+ * cc - the cipher context
+ * input_len - number of bytes used as input
+ * final - true if this is the final chunk of data
+ *
+ * Result can be used to perform memory allocations. Note that the amount
+ * is exactly accurate only when not doing a block cipher or when final
+ * is false, otherwise it is an upper bound on the amount because until
+ * we see the data we do not know how many padding bytes there are
+ * (always between 1 and bsize).
+ *
+ * Note that this can return zero, which does not mean that the decrypt
+ * operation can be skipped! (It simply means that there are not enough
+ * bytes to make up an entire block; the bytes will be reserved until
+ * there are enough to encrypt/decrypt at least one block.) However,
+ * if zero is returned it *does* mean that no output buffer need be
+ * passed in to the subsequent decrypt operation, as no output bytes
+ * will be stored.
+ */
+unsigned int
+NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
+{
+ int blocks, block_size;
+
+ PORT_Assert(!cc->encrypt);
+
+ block_size = cc->block_size;
+
+ /*
+ * If this is not a block cipher, then we always have the same
+ * number of output bytes as we had input bytes.
+ */
+ if (block_size == 0)
+ return input_len;
+
+ /*
+ * On the final call, we will always use up all of the pending
+ * bytes plus all of the input bytes, *but*, there will be padding
+ * at the end and we cannot predict how many bytes of padding we
+ * will end up removing. The amount given here is actually known
+ * to be at least 1 byte too long (because we know we will have
+ * at least 1 byte of padding), but seemed clearer/better to me.
+ */
+ if (final)
+ return cc->pending_count + input_len;
+
+ /*
+ * Okay, this amount is exactly what we will output on the
+ * next cipher operation. We will always hang onto the last
+ * 1 - block_size bytes for non-final operations. That is,
+ * we will do as many complete blocks as we can *except* the
+ * last block (complete or partial). (This is because until
+ * we know we are at the end, we cannot know when to interpret
+ * and removing the padding byte(s), which are guaranteed to
+ * be there.)
+ */
+ blocks = (cc->pending_count + input_len - 1) / block_size;
+ return blocks * block_size;
+}
+
+/*
+ * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
+ *
+ * cc - the cipher context
+ * input_len - number of bytes used as input
+ * final - true if this is the final chunk of data
+ *
+ * Result can be used to perform memory allocations.
+ *
+ * Note that this can return zero, which does not mean that the encrypt
+ * operation can be skipped! (It simply means that there are not enough
+ * bytes to make up an entire block; the bytes will be reserved until
+ * there are enough to encrypt/decrypt at least one block.) However,
+ * if zero is returned it *does* mean that no output buffer need be
+ * passed in to the subsequent encrypt operation, as no output bytes
+ * will be stored.
+ */
+unsigned int
+NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
+{
+ int blocks, block_size;
+ int pad_size;
+
+ PORT_Assert(cc->encrypt);
+
+ block_size = cc->block_size;
+ pad_size = cc->pad_size;
+
+ /*
+ * If this is not a block cipher, then we always have the same
+ * number of output bytes as we had input bytes.
+ */
+ if (block_size == 0)
+ return input_len;
+
+ /*
+ * On the final call, we only send out what we need for
+ * remaining bytes plus the padding. (There is always padding,
+ * so even if we have an exact number of blocks as input, we
+ * will add another full block that is just padding.)
+ */
+ if (final) {
+ if (pad_size == 0) {
+ return cc->pending_count + input_len;
+ } else {
+ blocks = (cc->pending_count + input_len) / pad_size;
+ blocks++;
+ return blocks * pad_size;
+ }
+ }
+
+ /*
+ * Now, count the number of complete blocks of data we have.
+ */
+ blocks = (cc->pending_count + input_len) / block_size;
+
+ return blocks * block_size;
+}
+
+/*
+ * NSS_CMSCipherContext_Decrypt - do the decryption
+ *
+ * cc - the cipher context
+ * output - buffer for decrypted result bytes
+ * output_len_p - number of bytes in output
+ * max_output_len - upper bound on bytes to put into output
+ * input - pointer to input bytes
+ * input_len - number of input bytes
+ * final - true if this is the final chunk of data
+ *
+ * Decrypts a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the decrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
+ * When "final" is true, this is the last of the data to be decrypted.
+ *
+ * This is much more complicated than it sounds when the cipher is
+ * a block-type, meaning that the decryption function will only
+ * operate on whole blocks. But our caller is operating stream-wise,
+ * and can pass in any number of bytes. So we need to keep track
+ * of block boundaries. We save excess bytes between calls in "cc".
+ * We also need to determine which bytes are padding, and remove
+ * them from the output. We can only do this step when we know we
+ * have the final block of data. PKCS #7 specifies that the padding
+ * used for a block cipher is a string of bytes, each of whose value is
+ * the same as the length of the padding, and that all data is padded.
+ * (Even data that starts out with an exact multiple of blocks gets
+ * added to it another block, all of which is padding.)
+ */
+SECStatus
+NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
+ unsigned int *output_len_p, unsigned int max_output_len,
+ const unsigned char *input, unsigned int input_len,
+ PRBool final)
+{
+ unsigned int blocks, bsize, pcount, padsize;
+ unsigned int max_needed, ifraglen, ofraglen, output_len;
+ unsigned char *pbuf;
+ SECStatus rv;
+
+ PORT_Assert(!cc->encrypt);
+
+ /*
+ * Check that we have enough room for the output. Our caller should
+ * already handle this; failure is really an internal error (i.e. bug).
+ */
+ max_needed = NSS_CMSCipherContext_DecryptLength(cc, input_len, final);
+ PORT_Assert(max_output_len >= max_needed);
+ if (max_output_len < max_needed) {
+ /* PORT_SetError (XXX); */
+ return SECFailure;
+ }
+
+ /*
+ * hardware encryption does not like small decryption sizes here, so we
+ * allow both blocking and padding.
+ */
+ bsize = cc->block_size;
+ padsize = cc->pad_size;
+
+ /*
+ * When no blocking or padding work to do, we can simply call the
+ * cipher function and we are done.
+ */
+ if (bsize == 0) {
+ return (*cc->doit)(cc->cx, output, output_len_p, max_output_len,
+ input, input_len);
+ }
+
+ pcount = cc->pending_count;
+ pbuf = cc->pending_buf;
+
+ output_len = 0;
+
+ if (pcount) {
+ /*
+ * Try to fill in an entire block, starting with the bytes
+ * we already have saved away.
+ */
+ while (input_len && pcount < bsize) {
+ pbuf[pcount++] = *input++;
+ input_len--;
+ }
+ /*
+ * If we have at most a whole block and this is not our last call,
+ * then we are done for now. (We do not try to decrypt a lone
+ * single block because we cannot interpret the padding bytes
+ * until we know we are handling the very last block of all input.)
+ */
+ if (input_len == 0 && !final) {
+ cc->pending_count = pcount;
+ if (output_len_p)
+ *output_len_p = 0;
+ return SECSuccess;
+ }
+ /*
+ * Given the logic above, we expect to have a full block by now.
+ * If we do not, there is something wrong, either with our own
+ * logic or with (length of) the data given to us.
+ */
+ if ((padsize != 0) && (pcount % padsize) != 0) {
+ PORT_Assert(final);
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ /*
+ * Decrypt the block.
+ */
+ rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
+ pbuf, pcount);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then NSS_CMSCipherContext_DecryptLength needs to be made smarter!
+ */
+ PORT_Assert(ofraglen == pcount);
+
+ /*
+ * Account for the bytes now in output.
+ */
+ max_output_len -= ofraglen;
+ output_len += ofraglen;
+ output += ofraglen;
+ }
+
+ /*
+ * If this is our last call, we expect to have an exact number of
+ * blocks left to be decrypted; we will decrypt them all.
+ *
+ * If not our last call, we always save between 1 and bsize bytes
+ * until next time. (We must do this because we cannot be sure
+ * that none of the decrypted bytes are padding bytes until we
+ * have at least another whole block of data. You cannot tell by
+ * looking -- the data could be anything -- you can only tell by
+ * context, knowing you are looking at the last block.) We could
+ * decrypt a whole block now but it is easier if we just treat it
+ * the same way we treat partial block bytes.
+ */
+ if (final) {
+ if (padsize) {
+ blocks = input_len / padsize;
+ ifraglen = blocks * padsize;
+ } else
+ ifraglen = input_len;
+ PORT_Assert(ifraglen == input_len);
+
+ if (ifraglen != input_len) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ } else {
+ blocks = (input_len - 1) / bsize;
+ ifraglen = blocks * bsize;
+ PORT_Assert(ifraglen < input_len);
+
+ pcount = input_len - ifraglen;
+ PORT_Memcpy(pbuf, input + ifraglen, pcount);
+ cc->pending_count = pcount;
+ }
+
+ if (ifraglen) {
+ rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
+ input, ifraglen);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7DecryptLength needs to be made smarter!
+ */
+ PORT_Assert(ifraglen == ofraglen);
+ if (ifraglen != ofraglen) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+
+ output_len += ofraglen;
+ } else {
+ ofraglen = 0;
+ }
+
+ /*
+ * If we just did our very last block, "remove" the padding by
+ * adjusting the output length.
+ */
+ if (final && (padsize != 0)) {
+ unsigned int padlen = *(output + ofraglen - 1);
+
+ if (padlen == 0 || padlen > padsize) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ output_len -= padlen;
+ }
+
+ PORT_Assert(output_len_p != NULL || output_len == 0);
+ if (output_len_p != NULL)
+ *output_len_p = output_len;
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSCipherContext_Encrypt - do the encryption
+ *
+ * cc - the cipher context
+ * output - buffer for decrypted result bytes
+ * output_len_p - number of bytes in output
+ * max_output_len - upper bound on bytes to put into output
+ * input - pointer to input bytes
+ * input_len - number of input bytes
+ * final - true if this is the final chunk of data
+ *
+ * Encrypts a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the encrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
+ * When "final" is true, this is the last of the data to be encrypted.
+ *
+ * This is much more complicated than it sounds when the cipher is
+ * a block-type, meaning that the encryption function will only
+ * operate on whole blocks. But our caller is operating stream-wise,
+ * and can pass in any number of bytes. So we need to keep track
+ * of block boundaries. We save excess bytes between calls in "cc".
+ * We also need to add padding bytes at the end. PKCS #7 specifies
+ * that the padding used for a block cipher is a string of bytes,
+ * each of whose value is the same as the length of the padding,
+ * and that all data is padded. (Even data that starts out with
+ * an exact multiple of blocks gets added to it another block,
+ * all of which is padding.)
+ *
+ * XXX I would kind of like to combine this with the function above
+ * which does decryption, since they have a lot in common. But the
+ * tricky parts about padding and filling blocks would be much
+ * harder to read that way, so I left them separate. At least for
+ * now until it is clear that they are right.
+ */
+SECStatus
+NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
+ unsigned int *output_len_p, unsigned int max_output_len,
+ const unsigned char *input, unsigned int input_len,
+ PRBool final)
+{
+ int blocks, bsize, padlen, pcount, padsize;
+ unsigned int max_needed, ifraglen, ofraglen, output_len;
+ unsigned char *pbuf;
+ SECStatus rv;
+
+ PORT_Assert(cc->encrypt);
+
+ /*
+ * Check that we have enough room for the output. Our caller should
+ * already handle this; failure is really an internal error (i.e. bug).
+ */
+ max_needed = NSS_CMSCipherContext_EncryptLength(cc, input_len, final);
+ PORT_Assert(max_output_len >= max_needed);
+ if (max_output_len < max_needed) {
+ /* PORT_SetError (XXX); */
+ return SECFailure;
+ }
+
+ bsize = cc->block_size;
+ padsize = cc->pad_size;
+
+ /*
+ * When no blocking and padding work to do, we can simply call the
+ * cipher function and we are done.
+ */
+ if (bsize == 0) {
+ return (*cc->doit)(cc->cx, output, output_len_p, max_output_len,
+ input, input_len);
+ }
+
+ pcount = cc->pending_count;
+ pbuf = cc->pending_buf;
+
+ output_len = 0;
+
+ if (pcount) {
+ /*
+ * Try to fill in an entire block, starting with the bytes
+ * we already have saved away.
+ */
+ while (input_len && pcount < bsize) {
+ pbuf[pcount++] = *input++;
+ input_len--;
+ }
+ /*
+ * If we do not have a full block and we know we will be
+ * called again, then we are done for now.
+ */
+ if (pcount < bsize && !final) {
+ cc->pending_count = pcount;
+ if (output_len_p != NULL)
+ *output_len_p = 0;
+ return SECSuccess;
+ }
+ /*
+ * If we have a whole block available, encrypt it.
+ */
+ if ((padsize == 0) || (pcount % padsize) == 0) {
+ rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
+ pbuf, pcount);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7EncryptLength needs to be made smarter!
+ */
+ PORT_Assert(ofraglen == pcount);
+
+ /*
+ * Account for the bytes now in output.
+ */
+ max_output_len -= ofraglen;
+ output_len += ofraglen;
+ output += ofraglen;
+
+ pcount = 0;
+ }
+ }
+
+ if (input_len) {
+ PORT_Assert(pcount == 0);
+
+ blocks = input_len / bsize;
+ ifraglen = blocks * bsize;
+
+ if (ifraglen) {
+ rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
+ input, ifraglen);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7EncryptLength needs to be made smarter!
+ */
+ PORT_Assert(ifraglen == ofraglen);
+
+ max_output_len -= ofraglen;
+ output_len += ofraglen;
+ output += ofraglen;
+ }
+
+ pcount = input_len - ifraglen;
+ PORT_Assert(pcount < bsize);
+ if (pcount)
+ PORT_Memcpy(pbuf, input + ifraglen, pcount);
+ }
+
+ if (final) {
+ if (padsize <= 0) {
+ padlen = 0;
+ } else {
+ padlen = padsize - (pcount % padsize);
+ PORT_Memset(pbuf + pcount, padlen, padlen);
+ }
+ rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
+ pbuf, pcount + padlen);
+ if (rv != SECSuccess)
+ return rv;
+
+ /*
+ * For now anyway, all of our ciphers have the same number of
+ * bytes of output as they do input. If this ever becomes untrue,
+ * then sec_PKCS7EncryptLength needs to be made smarter!
+ */
+ PORT_Assert(ofraglen == (pcount + padlen));
+ output_len += ofraglen;
+ } else {
+ cc->pending_count = pcount;
+ }
+
+ PORT_Assert(output_len_p != NULL || output_len == 0);
+ if (output_len_p != NULL)
+ *output_len_p = output_len;
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c
new file mode 100644
index 000000000..d96511171
--- /dev/null
+++ b/security/nss/lib/smime/cmsdecode.c
@@ -0,0 +1,738 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS decoding.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "prtime.h"
+#include "secerr.h"
+
+struct NSSCMSDecoderContextStr {
+ SEC_ASN1DecoderContext *dcx; /* ASN.1 decoder context */
+ NSSCMSMessage *cmsg; /* backpointer to the root message */
+ SECOidTag type; /* type of message */
+ NSSCMSContent content; /* pointer to message */
+ NSSCMSDecoderContext *childp7dcx; /* inner CMS decoder context */
+ PRBool saw_contents;
+ int error;
+ NSSCMSContentCallback cb;
+ void *cb_arg;
+ PRBool first_decoded;
+ PRBool need_indefinite_finish;
+};
+
+struct NSSCMSDecoderDataStr {
+ SECItem data; /* must be first */
+ unsigned int totalBufferSize;
+};
+
+typedef struct NSSCMSDecoderDataStr NSSCMSDecoderData;
+
+static void nss_cms_decoder_update_filter(void *arg, const char *data,
+ unsigned long len, int depth,
+ SEC_ASN1EncodingPart data_kind);
+static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx);
+static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx);
+static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx);
+static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx,
+ const unsigned char *data,
+ unsigned long len,
+ PRBool final);
+static NSSCMSDecoderData *nss_cms_create_decoder_data(PLArenaPool *poolp);
+
+extern const SEC_ASN1Template NSSCMSMessageTemplate[];
+
+static NSSCMSDecoderData *
+nss_cms_create_decoder_data(PLArenaPool *poolp)
+{
+ NSSCMSDecoderData *decoderData = NULL;
+
+ decoderData = (NSSCMSDecoderData *)
+ PORT_ArenaAlloc(poolp, sizeof(NSSCMSDecoderData));
+ if (!decoderData) {
+ return NULL;
+ }
+ decoderData->data.data = NULL;
+ decoderData->data.len = 0;
+ decoderData->totalBufferSize = 0;
+ return decoderData;
+}
+
+/*
+ * nss_cms_decoder_notify -
+ * this is the driver of the decoding process. It gets called by the ASN.1
+ * decoder before and after an object is decoded.
+ * at various points in the decoding process, we intercept to set up and do
+ * further processing.
+ */
+static void
+nss_cms_decoder_notify(void *arg, PRBool before, void *dest, int depth)
+{
+ NSSCMSDecoderContext *p7dcx;
+ NSSCMSContentInfo *rootcinfo, *cinfo;
+ PRBool after = !before;
+
+ p7dcx = (NSSCMSDecoderContext *)arg;
+ rootcinfo = &(p7dcx->cmsg->contentInfo);
+
+/* XXX error handling: need to set p7dcx->error */
+
+#ifdef CMSDEBUG
+ fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before"
+ : "after",
+ dest, depth);
+#endif
+
+ /* so what are we working on right now? */
+ if (p7dcx->type == SEC_OID_UNKNOWN) {
+ /*
+ * right now, we are still decoding the OUTER (root) cinfo
+ * As soon as we know the inner content type, set up the info,
+ * but NO inner decoder or filter. The root decoder handles the first
+ * level children by itself - only for encapsulated contents (which
+ * are encoded as DER inside of an OCTET STRING) we need to set up a
+ * child decoder...
+ */
+ if (after && dest == &(rootcinfo->contentType)) {
+ p7dcx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
+ p7dcx->content = rootcinfo->content;
+ /* is this ready already ? need to alloc? */
+ /* XXX yes we need to alloc -- continue here */
+ }
+ } else if (NSS_CMSType_IsData(p7dcx->type)) {
+ /* this can only happen if the outermost cinfo has DATA in it */
+ /* otherwise, we handle this type implicitely in the inner decoders */
+
+ if (before && dest == &(rootcinfo->content)) {
+ /* cause the filter to put the data in the right place...
+ ** We want the ASN.1 decoder to deliver the decoded bytes to us
+ ** from now on
+ */
+ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
+ nss_cms_decoder_update_filter,
+ p7dcx,
+ (PRBool)(p7dcx->cb != NULL));
+ } else if (after && dest == &(rootcinfo->content.data)) {
+ /* remove the filter */
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+ }
+ } else if (NSS_CMSType_IsWrapper(p7dcx->type)) {
+ if (!before || dest != &(rootcinfo->content)) {
+
+ if (p7dcx->content.pointer == NULL)
+ p7dcx->content = rootcinfo->content;
+
+ /* get this data type's inner contentInfo */
+ cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer,
+ p7dcx->type);
+
+ if (before && dest == &(cinfo->contentType)) {
+ /* at this point, set up the &%$&$ back pointer */
+ /* we cannot do it later, because the content itself
+ * is optional! */
+ switch (p7dcx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ p7dcx->content.signedData->cmsg = p7dcx->cmsg;
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ p7dcx->content.digestedData->cmsg = p7dcx->cmsg;
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ p7dcx->content.envelopedData->cmsg = p7dcx->cmsg;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ p7dcx->content.encryptedData->cmsg = p7dcx->cmsg;
+ break;
+ default:
+ p7dcx->content.genericData->cmsg = p7dcx->cmsg;
+ break;
+ }
+ }
+
+ if (before && dest == &(cinfo->rawContent)) {
+ /* we want the ASN.1 decoder to deliver the decoded bytes to us
+ ** from now on
+ */
+ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
+ nss_cms_decoder_update_filter,
+ p7dcx, (PRBool)(p7dcx->cb != NULL));
+
+ /* we're right in front of the data */
+ if (nss_cms_before_data(p7dcx) != SECSuccess) {
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+ /* stop all processing */
+ p7dcx->error = PORT_GetError();
+ }
+ }
+ if (after && dest == &(cinfo->rawContent)) {
+ /* we're right after of the data */
+ if (nss_cms_after_data(p7dcx) != SECSuccess)
+ p7dcx->error = PORT_GetError();
+
+ /* we don't need to see the contents anymore */
+ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
+ }
+ }
+ } else {
+ /* unsupported or unknown message type - fail gracefully */
+ p7dcx->error = SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE;
+ }
+}
+
+/*
+ * nss_cms_before_data - set up the current encoder to receive data
+ */
+static SECStatus
+nss_cms_before_data(NSSCMSDecoderContext *p7dcx)
+{
+ SECStatus rv;
+ SECOidTag childtype;
+ PLArenaPool *poolp;
+ NSSCMSDecoderContext *childp7dcx;
+ NSSCMSContentInfo *cinfo;
+ const SEC_ASN1Template *template;
+ void *mark = NULL;
+ size_t size;
+
+ poolp = p7dcx->cmsg->poolp;
+
+ /* call _Decode_BeforeData handlers */
+ switch (p7dcx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ /* we're decoding a signedData, so set up the digests */
+ rv = NSS_CMSSignedData_Decode_BeforeData(p7dcx->content.signedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ /* we're encoding a digestedData, so set up the digest */
+ rv = NSS_CMSDigestedData_Decode_BeforeData(p7dcx->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ rv = NSS_CMSEnvelopedData_Decode_BeforeData(
+ p7dcx->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ rv = NSS_CMSEncryptedData_Decode_BeforeData(
+ p7dcx->content.encryptedData);
+ break;
+ default:
+ rv = NSS_CMSGenericWrapperData_Decode_BeforeData(p7dcx->type,
+ p7dcx->content.genericData);
+ }
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /* ok, now we have a pointer to cinfo */
+ /* find out what kind of data is encapsulated */
+
+ cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
+ childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+
+ if (NSS_CMSType_IsData(childtype)) {
+ cinfo->content.pointer = (void *)nss_cms_create_decoder_data(poolp);
+ if (cinfo->content.pointer == NULL)
+ /* set memory error */
+ return SECFailure;
+
+ p7dcx->childp7dcx = NULL;
+ return SECSuccess;
+ }
+
+ /* set up inner decoder */
+
+ if ((template = NSS_CMSUtil_GetTemplateByTypeTag(childtype)) == NULL)
+ return SECFailure;
+
+ childp7dcx = PORT_ZNew(NSSCMSDecoderContext);
+ if (childp7dcx == NULL)
+ return SECFailure;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* allocate space for the stuff we're creating */
+ size = NSS_CMSUtil_GetSizeByTypeTag(childtype);
+ childp7dcx->content.pointer = (void *)PORT_ArenaZAlloc(poolp, size);
+ if (childp7dcx->content.pointer == NULL)
+ goto loser;
+
+ /* give the parent a copy of the pointer so that it doesn't get lost */
+ cinfo->content.pointer = childp7dcx->content.pointer;
+
+ /* start the child decoder */
+ childp7dcx->dcx = SEC_ASN1DecoderStart(poolp, childp7dcx->content.pointer,
+ template);
+ if (childp7dcx->dcx == NULL)
+ goto loser;
+
+ /* the new decoder needs to notify, too */
+ SEC_ASN1DecoderSetNotifyProc(childp7dcx->dcx, nss_cms_decoder_notify,
+ childp7dcx);
+
+ /* tell the parent decoder that it needs to feed us the content data */
+ p7dcx->childp7dcx = childp7dcx;
+
+ childp7dcx->type = childtype; /* our type */
+
+ childp7dcx->cmsg = p7dcx->cmsg; /* backpointer to root message */
+
+ /* should the child decoder encounter real data,
+ ** it must give it to the caller
+ */
+ childp7dcx->cb = p7dcx->cb;
+ childp7dcx->cb_arg = p7dcx->cb_arg;
+ childp7dcx->first_decoded = PR_FALSE;
+ childp7dcx->need_indefinite_finish = PR_FALSE;
+ if (childtype == SEC_OID_PKCS7_SIGNED_DATA) {
+ childp7dcx->first_decoded = PR_TRUE;
+ }
+
+ /* now set up the parent to hand decoded data to the next level decoder */
+ p7dcx->cb = (NSSCMSContentCallback)NSS_CMSDecoder_Update;
+ p7dcx->cb_arg = childp7dcx;
+
+ PORT_ArenaUnmark(poolp, mark);
+
+ return SECSuccess;
+
+loser:
+ if (mark)
+ PORT_ArenaRelease(poolp, mark);
+ PORT_Free(childp7dcx);
+ p7dcx->childp7dcx = NULL;
+ return SECFailure;
+}
+
+static SECStatus
+nss_cms_after_data(NSSCMSDecoderContext *p7dcx)
+{
+ NSSCMSDecoderContext *childp7dcx;
+ SECStatus rv = SECFailure;
+
+ /* Handle last block. This is necessary to flush out the last bytes
+ * of a possibly incomplete block */
+ nss_cms_decoder_work_data(p7dcx, NULL, 0, PR_TRUE);
+
+ /* finish any "inner" decoders - there's no more data coming... */
+ if (p7dcx->childp7dcx != NULL) {
+ childp7dcx = p7dcx->childp7dcx;
+ if (childp7dcx->dcx != NULL) {
+ /* we started and indefinite sequence somewhere, not complete it */
+ if (childp7dcx->need_indefinite_finish) {
+ static const char lbuf[2] = { 0, 0 };
+ NSS_CMSDecoder_Update(childp7dcx, lbuf, sizeof(lbuf));
+ childp7dcx->need_indefinite_finish = PR_FALSE;
+ }
+
+ if (SEC_ASN1DecoderFinish(childp7dcx->dcx) != SECSuccess) {
+ /* do what? free content? */
+ rv = SECFailure;
+ } else {
+ rv = nss_cms_after_end(childp7dcx);
+ }
+ if (rv != SECSuccess)
+ goto done;
+ }
+ PORT_Free(p7dcx->childp7dcx);
+ p7dcx->childp7dcx = NULL;
+ }
+
+ switch (p7dcx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ /* this will finish the digests and verify */
+ rv = NSS_CMSSignedData_Decode_AfterData(p7dcx->content.signedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ rv = NSS_CMSEnvelopedData_Decode_AfterData(
+ p7dcx->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ rv = NSS_CMSDigestedData_Decode_AfterData(
+ p7dcx->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ rv = NSS_CMSEncryptedData_Decode_AfterData(
+ p7dcx->content.encryptedData);
+ break;
+ case SEC_OID_PKCS7_DATA:
+ /* do nothing */
+ break;
+ default:
+ rv = NSS_CMSGenericWrapperData_Decode_AfterData(p7dcx->type,
+ p7dcx->content.genericData);
+ break;
+ }
+done:
+ return rv;
+}
+
+static SECStatus
+nss_cms_after_end(NSSCMSDecoderContext *p7dcx)
+{
+ SECStatus rv = SECSuccess;
+
+ switch (p7dcx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ if (p7dcx->content.signedData)
+ rv = NSS_CMSSignedData_Decode_AfterEnd(p7dcx->content.signedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ if (p7dcx->content.envelopedData)
+ rv = NSS_CMSEnvelopedData_Decode_AfterEnd(
+ p7dcx->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ if (p7dcx->content.digestedData)
+ rv = NSS_CMSDigestedData_Decode_AfterEnd(
+ p7dcx->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ if (p7dcx->content.encryptedData)
+ rv = NSS_CMSEncryptedData_Decode_AfterEnd(
+ p7dcx->content.encryptedData);
+ break;
+ case SEC_OID_PKCS7_DATA:
+ break;
+ default:
+ rv = NSS_CMSGenericWrapperData_Decode_AfterEnd(p7dcx->type,
+ p7dcx->content.genericData);
+ break;
+ }
+ return rv;
+}
+
+/*
+ * nss_cms_decoder_work_data - handle decoded data bytes.
+ *
+ * This function either decrypts the data if needed, and/or calculates digests
+ * on it, then either stores it or passes it on to the next level decoder.
+ */
+static void
+nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx,
+ const unsigned char *data, unsigned long len,
+ PRBool final)
+{
+ NSSCMSContentInfo *cinfo;
+ unsigned char *buf = NULL;
+ unsigned char *dest;
+ unsigned int offset;
+ SECStatus rv;
+
+ /*
+ * We should really have data to process, or we should be trying
+ * to finish/flush the last block. (This is an overly paranoid
+ * check since all callers are in this file and simple inspection
+ * proves they do it right. But it could find a bug in future
+ * modifications/development, that is why it is here.)
+ */
+ PORT_Assert((data != NULL && len) || final);
+
+ cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
+ if (!cinfo) {
+ /* The original programmer didn't expect this to happen */
+ p7dcx->error = SEC_ERROR_LIBRARY_FAILURE;
+ goto loser;
+ }
+
+ if (cinfo->privateInfo && cinfo->privateInfo->ciphcx != NULL) {
+ /*
+ * we are decrypting.
+ *
+ * XXX If we get an error, we do not want to do the digest or callback,
+ * but we want to keep decoding. Or maybe we want to stop decoding
+ * altogether if there is a callback, because obviously we are not
+ * sending the data back and they want to know that.
+ */
+
+ unsigned int outlen = 0; /* length of decrypted data */
+ unsigned int buflen; /* length available for decrypted data */
+
+ /* find out about the length of decrypted data */
+ buflen = NSS_CMSCipherContext_DecryptLength(cinfo->privateInfo->ciphcx, len, final);
+
+ /*
+ * it might happen that we did not provide enough data for a full
+ * block (decryption unit), and that there is no output available
+ */
+
+ /* no output available, AND no input? */
+ if (buflen == 0 && len == 0)
+ goto loser; /* bail out */
+
+ /*
+ * have inner decoder: pass the data on (means inner content type is NOT data)
+ * no inner decoder: we have DATA in here: either call callback or store
+ */
+ if (buflen != 0) {
+ /* there will be some output - need to make room for it */
+ /* allocate buffer from the heap */
+ buf = (unsigned char *)PORT_Alloc(buflen);
+ if (buf == NULL) {
+ p7dcx->error = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+ }
+
+ /*
+ * decrypt incoming data
+ * buf can still be NULL here (and buflen == 0) here if we don't expect
+ * any output (see above), but we still need to call NSS_CMSCipherContext_Decrypt to
+ * keep track of incoming data
+ */
+ rv = NSS_CMSCipherContext_Decrypt(cinfo->privateInfo->ciphcx, buf, &outlen, buflen,
+ data, len, final);
+ if (rv != SECSuccess) {
+ p7dcx->error = PORT_GetError();
+ goto loser;
+ }
+
+ PORT_Assert(final || outlen == buflen);
+
+ /* swap decrypted data in */
+ data = buf;
+ len = outlen;
+ }
+
+ if (len == 0)
+ goto done; /* nothing more to do */
+
+ /*
+ * Update the running digests with plaintext bytes (if we need to).
+ */
+ if (cinfo->privateInfo && cinfo->privateInfo->digcx)
+ NSS_CMSDigestContext_Update(cinfo->privateInfo->digcx, data, len);
+
+ /* at this point, we have the plain decoded & decrypted data
+ ** which is either more encoded DER (which we need to hand to the child
+ ** decoder) or data we need to hand back to our caller
+ */
+
+ /* pass the content back to our caller or */
+ /* feed our freshly decrypted and decoded data into child decoder */
+ if (p7dcx->cb != NULL) {
+ (*p7dcx->cb)(p7dcx->cb_arg, (const char *)data, len);
+ }
+#if 1
+ else
+#endif
+ if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) == SEC_OID_PKCS7_DATA) {
+ /* store it in "inner" data item as well */
+ /* find the DATA item in the encapsulated cinfo and store it there */
+ NSSCMSDecoderData *decoderData =
+ (NSSCMSDecoderData *)cinfo->content.pointer;
+ SECItem *dataItem = &decoderData->data;
+
+ offset = dataItem->len;
+ if (dataItem->len + len > decoderData->totalBufferSize) {
+ int needLen = (dataItem->len + len) * 2;
+ dest = (unsigned char *)
+ PORT_ArenaAlloc(p7dcx->cmsg->poolp, needLen);
+ if (dest == NULL) {
+ p7dcx->error = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+
+ if (dataItem->len) {
+ PORT_Memcpy(dest, dataItem->data, dataItem->len);
+ }
+ decoderData->totalBufferSize = needLen;
+ dataItem->data = dest;
+ }
+
+ /* copy it in */
+ PORT_Memcpy(dataItem->data + offset, data, len);
+ dataItem->len += len;
+ }
+
+done:
+loser:
+ if (buf)
+ PORT_Free(buf);
+}
+
+/*
+ * nss_cms_decoder_update_filter - process ASN.1 data
+ *
+ * once we have set up a filter in nss_cms_decoder_notify(),
+ * all data processed by the ASN.1 decoder is also passed through here.
+ * we pass the content bytes (as opposed to length and tag bytes) on to
+ * nss_cms_decoder_work_data().
+ */
+static void
+nss_cms_decoder_update_filter(void *arg, const char *data, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ NSSCMSDecoderContext *p7dcx;
+
+ PORT_Assert(len); /* paranoia */
+ if (len == 0)
+ return;
+
+ p7dcx = (NSSCMSDecoderContext *)arg;
+
+ p7dcx->saw_contents = PR_TRUE;
+
+ /* pass on the content bytes only */
+ if (data_kind == SEC_ASN1_Contents)
+ nss_cms_decoder_work_data(p7dcx, (const unsigned char *)data, len,
+ PR_FALSE);
+}
+
+/*
+ * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
+ *
+ * "poolp" - pointer to arena for message, or NULL if new pool should be created
+ * "cb", "cb_arg" - callback function and argument for delivery of inner content
+ * "pwfn", pwfn_arg" - callback function for getting token password
+ * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
+ */
+NSSCMSDecoderContext *
+NSS_CMSDecoder_Start(PLArenaPool *poolp,
+ NSSCMSContentCallback cb, void *cb_arg,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb,
+ void *decrypt_key_cb_arg)
+{
+ NSSCMSDecoderContext *p7dcx;
+ NSSCMSMessage *cmsg;
+
+ cmsg = NSS_CMSMessage_Create(poolp);
+ if (cmsg == NULL)
+ return NULL;
+
+ NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb,
+ decrypt_key_cb_arg, NULL, NULL);
+
+ p7dcx = PORT_ZNew(NSSCMSDecoderContext);
+ if (p7dcx == NULL) {
+ NSS_CMSMessage_Destroy(cmsg);
+ return NULL;
+ }
+
+ p7dcx->dcx = SEC_ASN1DecoderStart(cmsg->poolp, cmsg, NSSCMSMessageTemplate);
+ if (p7dcx->dcx == NULL) {
+ PORT_Free(p7dcx);
+ NSS_CMSMessage_Destroy(cmsg);
+ return NULL;
+ }
+
+ SEC_ASN1DecoderSetNotifyProc(p7dcx->dcx, nss_cms_decoder_notify, p7dcx);
+
+ p7dcx->cmsg = cmsg;
+ p7dcx->type = SEC_OID_UNKNOWN;
+
+ p7dcx->cb = cb;
+ p7dcx->cb_arg = cb_arg;
+ p7dcx->first_decoded = PR_FALSE;
+ p7dcx->need_indefinite_finish = PR_FALSE;
+ return p7dcx;
+}
+
+/*
+ * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
+ */
+SECStatus
+NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf,
+ unsigned long len)
+{
+ SECStatus rv = SECSuccess;
+ if (p7dcx->dcx != NULL && p7dcx->error == 0) {
+ /* if error is set already, don't bother */
+ if ((p7dcx->type == SEC_OID_PKCS7_SIGNED_DATA) && (p7dcx->first_decoded == PR_TRUE) && (buf[0] == SEC_ASN1_INTEGER)) {
+ /* Microsoft Windows 2008 left out the Sequence wrapping in some
+ * of their kerberos replies. If we are here, we most likely are
+ * dealing with one of those replies. Supply the Sequence wrap
+ * as indefinite encoding (since we don't know the total length
+ * yet) */
+ static const char lbuf[2] =
+ { SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED, 0x80 };
+ rv = SEC_ASN1DecoderUpdate(p7dcx->dcx, lbuf, sizeof(lbuf));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* ok, we're going to need the indefinite finish when we are done */
+ p7dcx->need_indefinite_finish = PR_TRUE;
+ }
+
+ rv = SEC_ASN1DecoderUpdate(p7dcx->dcx, buf, len);
+ }
+
+loser:
+ p7dcx->first_decoded = PR_FALSE;
+ if (rv != SECSuccess) {
+ p7dcx->error = PORT_GetError();
+ PORT_Assert(p7dcx->error);
+ if (p7dcx->error == 0)
+ p7dcx->error = -1;
+ }
+
+ if (p7dcx->error == 0)
+ return SECSuccess;
+
+ /* there has been a problem, let's finish the decoder */
+ if (p7dcx->dcx != NULL) {
+ (void)SEC_ASN1DecoderFinish(p7dcx->dcx);
+ p7dcx->dcx = NULL;
+ }
+ PORT_SetError(p7dcx->error);
+
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSDecoder_Cancel - stop decoding in case of error
+ */
+void
+NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx)
+{
+ if (p7dcx->dcx != NULL)
+ (void)SEC_ASN1DecoderFinish(p7dcx->dcx);
+ NSS_CMSMessage_Destroy(p7dcx->cmsg);
+ PORT_Free(p7dcx);
+}
+
+/*
+ * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
+ */
+NSSCMSMessage *
+NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx)
+{
+ NSSCMSMessage *cmsg;
+
+ cmsg = p7dcx->cmsg;
+
+ if (p7dcx->dcx == NULL ||
+ SEC_ASN1DecoderFinish(p7dcx->dcx) != SECSuccess ||
+ nss_cms_after_end(p7dcx) != SECSuccess) {
+ NSS_CMSMessage_Destroy(cmsg); /* get rid of pool if it's ours */
+ cmsg = NULL;
+ }
+
+ PORT_Free(p7dcx);
+ return cmsg;
+}
+
+NSSCMSMessage *
+NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
+ NSSCMSContentCallback cb, void *cb_arg,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb,
+ void *decrypt_key_cb_arg)
+{
+ NSSCMSDecoderContext *p7dcx;
+
+ /* first arg(poolp) == NULL => create our own pool */
+ p7dcx = NSS_CMSDecoder_Start(NULL, cb, cb_arg, pwfn, pwfn_arg,
+ decrypt_key_cb, decrypt_key_cb_arg);
+ if (p7dcx == NULL)
+ return NULL;
+ NSS_CMSDecoder_Update(p7dcx, (char *)DERmessage->data, DERmessage->len);
+ return NSS_CMSDecoder_Finish(p7dcx);
+}
diff --git a/security/nss/lib/smime/cmsdigdata.c b/security/nss/lib/smime/cmsdigdata.c
new file mode 100644
index 000000000..9ea22702e
--- /dev/null
+++ b/security/nss/lib/smime/cmsdigdata.c
@@ -0,0 +1,210 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS digestedData methods.
+ */
+
+#include "cmslocal.h"
+
+#include "secitem.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secerr.h"
+
+/*
+ * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
+ *
+ * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
+ * digestAlg is passed as parameter
+ * contentInfo must be filled by the user
+ * digest will be calculated while encoding
+ */
+NSSCMSDigestedData *
+NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg)
+{
+ void *mark;
+ NSSCMSDigestedData *digd;
+ PLArenaPool *poolp;
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ digd = (NSSCMSDigestedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSDigestedData));
+ if (digd == NULL)
+ goto loser;
+
+ digd->cmsg = cmsg;
+
+ if (SECOID_CopyAlgorithmID(poolp, &(digd->digestAlg), digestalg) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return digd;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/*
+ * NSS_CMSDigestedData_Destroy - destroy a digestedData object
+ */
+void
+NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd)
+{
+ /* everything's in a pool, so don't worry about the storage */
+ NSS_CMSContentInfo_Destroy(&(digd->contentInfo));
+ return;
+}
+
+/*
+ * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
+ */
+NSSCMSContentInfo *
+NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd)
+{
+ return &(digd->contentInfo);
+}
+
+/*
+ * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
+ * before encoding begins.
+ *
+ * In particular:
+ * - set the right version number. The contentInfo's content type must be set up already.
+ */
+SECStatus
+NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd)
+{
+ unsigned long version;
+ SECItem *dummy;
+
+ version = NSS_CMS_DIGESTED_DATA_VERSION_DATA;
+ if (!NSS_CMSType_IsData(NSS_CMSContentInfo_GetContentTypeTag(
+ &(digd->contentInfo))))
+ version = NSS_CMS_DIGESTED_DATA_VERSION_ENCAP;
+
+ dummy = SEC_ASN1EncodeInteger(digd->cmsg->poolp, &(digd->version), version);
+ return (dummy == NULL) ? SECFailure : SECSuccess;
+}
+
+/*
+ * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
+ * before the encapsulated data is passed through the encoder.
+ *
+ * In detail:
+ * - set up the digests if necessary
+ */
+SECStatus
+NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd)
+{
+ SECStatus rv = NSS_CMSContentInfo_Private_Init(&digd->contentInfo);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* set up the digests */
+ if (digd->digestAlg.algorithm.len != 0 && digd->digest.len == 0) {
+ /* if digest is already there, do nothing */
+ digd->contentInfo.privateInfo->digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
+ if (digd->contentInfo.privateInfo->digcx == NULL)
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - finish the digests
+ */
+SECStatus
+NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd)
+{
+ SECStatus rv = SECSuccess;
+ /* did we have digest calculation going on? */
+ if (digd->contentInfo.privateInfo && digd->contentInfo.privateInfo->digcx) {
+ rv = NSS_CMSDigestContext_FinishSingle(digd->contentInfo.privateInfo->digcx,
+ digd->cmsg->poolp,
+ &(digd->digest));
+ /* error has been set by NSS_CMSDigestContext_FinishSingle */
+ digd->contentInfo.privateInfo->digcx = NULL;
+ }
+
+ return rv;
+}
+
+/*
+ * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
+ * before the encapsulated data is passed through the encoder.
+ *
+ * In detail:
+ * - set up the digests if necessary
+ */
+SECStatus
+NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd)
+{
+ SECStatus rv;
+
+ /* is there a digest algorithm yet? */
+ if (digd->digestAlg.algorithm.len == 0)
+ return SECFailure;
+
+ rv = NSS_CMSContentInfo_Private_Init(&digd->contentInfo);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ digd->contentInfo.privateInfo->digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
+ if (digd->contentInfo.privateInfo->digcx == NULL)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - finish the digests
+ */
+SECStatus
+NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd)
+{
+ SECStatus rv = SECSuccess;
+ /* did we have digest calculation going on? */
+ if (digd->contentInfo.privateInfo && digd->contentInfo.privateInfo->digcx) {
+ rv = NSS_CMSDigestContext_FinishSingle(digd->contentInfo.privateInfo->digcx,
+ digd->cmsg->poolp,
+ &(digd->cdigest));
+ /* error has been set by NSS_CMSDigestContext_FinishSingle */
+ digd->contentInfo.privateInfo->digcx = NULL;
+ }
+
+ return rv;
+}
+
+/*
+ * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
+ *
+ * In detail:
+ * - check the digests for equality
+ */
+SECStatus
+NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd)
+{
+ /* did we have digest calculation going on? */
+ if (digd->cdigest.len != 0) {
+ /* XXX comparision btw digest & cdigest */
+ /* XXX set status */
+ /* TODO!!!! */
+ }
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/smime/cmsdigest.c b/security/nss/lib/smime/cmsdigest.c
new file mode 100644
index 000000000..64b64a0f8
--- /dev/null
+++ b/security/nss/lib/smime/cmsdigest.c
@@ -0,0 +1,259 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS digesting.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+
+/* #define CMS_FIND_LEAK_MULTIPLE 1 */
+#ifdef CMS_FIND_LEAK_MULTIPLE
+static int stop_on_err = 1;
+static int global_num_digests = 0;
+#endif
+
+struct digestPairStr {
+ const SECHashObject *digobj;
+ void *digcx;
+};
+typedef struct digestPairStr digestPair;
+
+struct NSSCMSDigestContextStr {
+ PRBool saw_contents;
+ PLArenaPool *pool;
+ int digcnt;
+ digestPair *digPairs;
+};
+
+/*
+ * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
+ * digest algorithms in "digestalgs" in parallel.
+ */
+NSSCMSDigestContext *
+NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs)
+{
+ PLArenaPool *pool;
+ NSSCMSDigestContext *cmsdigcx;
+ int digcnt;
+ int i;
+
+#ifdef CMS_FIND_LEAK_MULTIPLE
+ PORT_Assert(global_num_digests == 0 || !stop_on_err);
+#endif
+
+ digcnt = (digestalgs == NULL) ? 0 : NSS_CMSArray_Count((void **)digestalgs);
+ /* It's OK if digcnt is zero. We have to allow this for "certs only"
+ ** messages.
+ */
+ pool = PORT_NewArena(2048);
+ if (!pool)
+ return NULL;
+
+ cmsdigcx = PORT_ArenaNew(pool, NSSCMSDigestContext);
+ if (cmsdigcx == NULL)
+ goto loser;
+
+ cmsdigcx->saw_contents = PR_FALSE;
+ cmsdigcx->pool = pool;
+ cmsdigcx->digcnt = digcnt;
+
+ cmsdigcx->digPairs = PORT_ArenaZNewArray(pool, digestPair, digcnt);
+ if (cmsdigcx->digPairs == NULL) {
+ goto loser;
+ }
+
+ /*
+ * Create a digest object context for each algorithm.
+ */
+ for (i = 0; i < digcnt; i++) {
+ const SECHashObject *digobj;
+ void *digcx;
+
+ digobj = NSS_CMSUtil_GetHashObjByAlgID(digestalgs[i]);
+ /*
+ * Skip any algorithm we do not even recognize; obviously,
+ * this could be a problem, but if it is critical then the
+ * result will just be that the signature does not verify.
+ * We do not necessarily want to error out here, because
+ * the particular algorithm may not actually be important,
+ * but we cannot know that until later.
+ */
+ if (digobj == NULL)
+ continue;
+
+ digcx = (*digobj->create)();
+ if (digcx != NULL) {
+ (*digobj->begin)(digcx);
+ cmsdigcx->digPairs[i].digobj = digobj;
+ cmsdigcx->digPairs[i].digcx = digcx;
+#ifdef CMS_FIND_LEAK_MULTIPLE
+ global_num_digests++;
+#endif
+ }
+ }
+ return cmsdigcx;
+
+loser:
+ /* no digest objects have been created, or need to be destroyed. */
+ if (pool) {
+ PORT_FreeArena(pool, PR_FALSE);
+ }
+ return NULL;
+}
+
+/*
+ * NSS_CMSDigestContext_StartSingle - same as
+ * NSS_CMSDigestContext_StartMultiple, but only one algorithm.
+ */
+NSSCMSDigestContext *
+NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg)
+{
+ SECAlgorithmID *digestalgs[] = { NULL, NULL }; /* fake array */
+
+ digestalgs[0] = digestalg;
+ return NSS_CMSDigestContext_StartMultiple(digestalgs);
+}
+
+/*
+ * NSS_CMSDigestContext_Update - feed more data into the digest machine
+ */
+void
+NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx,
+ const unsigned char *data, int len)
+{
+ int i;
+ digestPair *pair = cmsdigcx->digPairs;
+
+ cmsdigcx->saw_contents = PR_TRUE;
+
+ for (i = 0; i < cmsdigcx->digcnt; i++, pair++) {
+ if (pair->digcx) {
+ (*pair->digobj->update)(pair->digcx, data, len);
+ }
+ }
+}
+
+/*
+ * NSS_CMSDigestContext_Cancel - cancel digesting operation
+ */
+void
+NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx)
+{
+ int i;
+ digestPair *pair = cmsdigcx->digPairs;
+
+ for (i = 0; i < cmsdigcx->digcnt; i++, pair++) {
+ if (pair->digcx) {
+ (*pair->digobj->destroy)(pair->digcx, PR_TRUE);
+#ifdef CMS_FIND_LEAK_MULTIPLE
+ --global_num_digests;
+#endif
+ }
+ }
+#ifdef CMS_FIND_LEAK_MULTIPLE
+ PORT_Assert(global_num_digests == 0 || !stop_on_err);
+#endif
+ PORT_FreeArena(cmsdigcx->pool, PR_FALSE);
+}
+
+/*
+ * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
+ * into an array of SECItems (allocated on poolp)
+ */
+SECStatus
+NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx,
+ PLArenaPool *poolp,
+ SECItem ***digestsp)
+{
+ SECItem **digests = NULL;
+ digestPair *pair;
+ void *mark;
+ int i;
+ SECStatus rv;
+
+ /* no contents? do not finish digests */
+ if (digestsp == NULL || !cmsdigcx->saw_contents) {
+ rv = SECSuccess;
+ goto cleanup;
+ }
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* allocate digest array & SECItems on arena */
+ digests = PORT_ArenaNewArray(poolp, SECItem *, cmsdigcx->digcnt + 1);
+
+ rv = ((digests == NULL) ? SECFailure : SECSuccess);
+ pair = cmsdigcx->digPairs;
+ for (i = 0; rv == SECSuccess && i < cmsdigcx->digcnt; i++, pair++) {
+ SECItem digest;
+ unsigned char hash[HASH_LENGTH_MAX];
+
+ if (!pair->digcx) {
+ digests[i] = NULL;
+ continue;
+ }
+
+ digest.type = siBuffer;
+ digest.data = hash;
+ digest.len = pair->digobj->length;
+ (*pair->digobj->end)(pair->digcx, hash, &digest.len, digest.len);
+ digests[i] = SECITEM_ArenaDupItem(poolp, &digest);
+ if (!digests[i]) {
+ rv = SECFailure;
+ }
+ }
+ digests[i] = NULL;
+ if (rv == SECSuccess) {
+ PORT_ArenaUnmark(poolp, mark);
+ } else
+ PORT_ArenaRelease(poolp, mark);
+
+cleanup:
+ NSS_CMSDigestContext_Cancel(cmsdigcx);
+ /* Don't change the caller's digests pointer if we have no digests.
+ ** NSS_CMSSignedData_Encode_AfterData depends on this behavior.
+ */
+ if (rv == SECSuccess && digestsp && digests) {
+ *digestsp = digests;
+ }
+ return rv;
+}
+
+/*
+ * NSS_CMSDigestContext_FinishSingle - same as
+ * NSS_CMSDigestContext_FinishMultiple, but for one digest.
+ */
+SECStatus
+NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx,
+ PLArenaPool *poolp,
+ SECItem *digest)
+{
+ SECStatus rv = SECFailure;
+ SECItem **dp;
+ PLArenaPool *arena = NULL;
+
+ if ((arena = PORT_NewArena(1024)) == NULL)
+ goto loser;
+
+ /* get the digests into arena, then copy the first digest into poolp */
+ rv = NSS_CMSDigestContext_FinishMultiple(cmsdigcx, arena, &dp);
+ if (rv == SECSuccess) {
+ /* now copy it into poolp */
+ rv = SECITEM_CopyItem(poolp, digest, dp[0]);
+ }
+loser:
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+
+ return rv;
+}
diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c
new file mode 100644
index 000000000..c3a4549ad
--- /dev/null
+++ b/security/nss/lib/smime/cmsencdata.c
@@ -0,0 +1,260 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS encryptedData methods.
+ */
+
+#include "cmslocal.h"
+
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+#include "secpkcs5.h"
+
+/*
+ * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
+ *
+ * "algorithm" specifies the bulk encryption algorithm to use.
+ * "keysize" is the key size.
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+NSSCMSEncryptedData *
+NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm,
+ int keysize)
+{
+ void *mark;
+ NSSCMSEncryptedData *encd;
+ PLArenaPool *poolp;
+ SECAlgorithmID *pbe_algid;
+ SECStatus rv;
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ encd = PORT_ArenaZNew(poolp, NSSCMSEncryptedData);
+ if (encd == NULL)
+ goto loser;
+
+ encd->cmsg = cmsg;
+
+ /* version is set in NSS_CMSEncryptedData_Encode_BeforeStart() */
+
+ if (!SEC_PKCS5IsAlgorithmPBEAlgTag(algorithm)) {
+ rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(encd->contentInfo),
+ algorithm, NULL, keysize);
+ } else {
+ /* Assume password-based-encryption.
+ * Note: we can't generate pkcs5v2 from this interface.
+ * PK11_CreateBPEAlgorithmID generates pkcs5v2 by accepting
+ * non-PBE oids and assuming that they are pkcs5v2 oids, but
+ * NSS_CMSEncryptedData_Create accepts non-PBE oids as regular
+ * CMS encrypted data, so we can't tell NSS_CMS_EncryptedData_Create
+ * to create pkcs5v2 PBEs */
+ pbe_algid = PK11_CreatePBEAlgorithmID(algorithm, 1, NULL);
+ if (pbe_algid == NULL) {
+ rv = SECFailure;
+ } else {
+ rv = NSS_CMSContentInfo_SetContentEncAlgID(poolp,
+ &(encd->contentInfo),
+ pbe_algid, keysize);
+ SECOID_DestroyAlgorithmID(pbe_algid, PR_TRUE);
+ }
+ }
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return encd;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/*
+ * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
+ */
+void
+NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd)
+{
+ /* everything's in a pool, so don't worry about the storage */
+ NSS_CMSContentInfo_Destroy(&(encd->contentInfo));
+ return;
+}
+
+/*
+ * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
+ */
+NSSCMSContentInfo *
+NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd)
+{
+ return &(encd->contentInfo);
+}
+
+/*
+ * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
+ * before encoding begins.
+ *
+ * In particular:
+ * - set the correct version value.
+ * - get the encryption key
+ */
+SECStatus
+NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd)
+{
+ int version;
+ PK11SymKey *bulkkey = NULL;
+ SECItem *dummy;
+ NSSCMSContentInfo *cinfo = &(encd->contentInfo);
+
+ if (NSS_CMSArray_IsEmpty((void **)encd->unprotectedAttr))
+ version = NSS_CMS_ENCRYPTED_DATA_VERSION;
+ else
+ version = NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR;
+
+ dummy = SEC_ASN1EncodeInteger(encd->cmsg->poolp, &(encd->version), version);
+ if (dummy == NULL)
+ return SECFailure;
+
+ /* now get content encryption key (bulk key) by using our cmsg callback */
+ if (encd->cmsg->decrypt_key_cb)
+ bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg,
+ NSS_CMSContentInfo_GetContentEncAlg(cinfo));
+ if (bulkkey == NULL)
+ return SECFailure;
+
+ /* store the bulk key in the contentInfo so that the encoder can find it */
+ NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
+ PK11_FreeSymKey(bulkkey);
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
+ */
+SECStatus
+NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd)
+{
+ NSSCMSContentInfo *cinfo;
+ PK11SymKey *bulkkey;
+ SECAlgorithmID *algid;
+ SECStatus rv;
+
+ cinfo = &(encd->contentInfo);
+
+ /* find bulkkey and algorithm - must have been set by NSS_CMSEncryptedData_Encode_BeforeStart */
+ bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
+ if (bulkkey == NULL)
+ return SECFailure;
+ algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
+ if (algid == NULL)
+ return SECFailure;
+
+ rv = NSS_CMSContentInfo_Private_Init(cinfo);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ /* this may modify algid (with IVs generated in a token).
+ * it is therefore essential that algid is a pointer to the "real" contentEncAlg,
+ * not just to a copy */
+ cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(encd->cmsg->poolp,
+ bulkkey, algid);
+ PK11_FreeSymKey(bulkkey);
+ if (cinfo->privateInfo->ciphcx == NULL)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
+ */
+SECStatus
+NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd)
+{
+ if (encd->contentInfo.privateInfo && encd->contentInfo.privateInfo->ciphcx) {
+ NSS_CMSCipherContext_Destroy(encd->contentInfo.privateInfo->ciphcx);
+ encd->contentInfo.privateInfo->ciphcx = NULL;
+ }
+
+ /* nothing to do after data */
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
+ */
+SECStatus
+NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd)
+{
+ PK11SymKey *bulkkey = NULL;
+ NSSCMSContentInfo *cinfo;
+ SECAlgorithmID *bulkalg;
+ SECStatus rv = SECFailure;
+
+ cinfo = &(encd->contentInfo);
+
+ bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
+
+ if (encd->cmsg->decrypt_key_cb == NULL) /* no callback? no key../ */
+ goto loser;
+
+ bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg, bulkalg);
+ if (bulkkey == NULL)
+ /* no success finding a bulk key */
+ goto loser;
+
+ NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
+
+ rv = NSS_CMSContentInfo_Private_Init(cinfo);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECFailure;
+
+ cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
+ if (cinfo->privateInfo->ciphcx == NULL)
+ goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
+
+ /* we are done with (this) bulkkey now. */
+ PK11_FreeSymKey(bulkkey);
+
+ rv = SECSuccess;
+
+loser:
+ return rv;
+}
+
+/*
+ * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
+ */
+SECStatus
+NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd)
+{
+ if (encd->contentInfo.privateInfo && encd->contentInfo.privateInfo->ciphcx) {
+ NSS_CMSCipherContext_Destroy(encd->contentInfo.privateInfo->ciphcx);
+ encd->contentInfo.privateInfo->ciphcx = NULL;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
+ */
+SECStatus
+NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd)
+{
+ /* apply final touches */
+ return SECSuccess;
+}
diff --git a/security/nss/lib/smime/cmsencode.c b/security/nss/lib/smime/cmsencode.c
new file mode 100644
index 000000000..a4414e008
--- /dev/null
+++ b/security/nss/lib/smime/cmsencode.c
@@ -0,0 +1,763 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS encoding.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "pk11func.h"
+#include "secerr.h"
+
+struct nss_cms_encoder_output {
+ NSSCMSContentCallback outputfn;
+ void *outputarg;
+ PLArenaPool *destpoolp;
+ SECItem *dest;
+};
+
+struct NSSCMSEncoderContextStr {
+ SEC_ASN1EncoderContext *ecx; /* ASN.1 encoder context */
+ PRBool ecxupdated; /* true if data was handed in */
+ NSSCMSMessage *cmsg; /* pointer to the root message */
+ SECOidTag type; /* type tag of the current content */
+ NSSCMSContent content; /* pointer to current content */
+ struct nss_cms_encoder_output output; /* output function */
+ int error; /* error code */
+ NSSCMSEncoderContext *childp7ecx; /* link to child encoder context */
+};
+
+static SECStatus nss_cms_before_data(NSSCMSEncoderContext *p7ecx);
+static SECStatus nss_cms_after_data(NSSCMSEncoderContext *p7ecx);
+static SECStatus nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx,
+ const char *data, unsigned long len);
+static SECStatus nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
+ const unsigned char *data, unsigned long len,
+ PRBool final, PRBool innermost);
+
+extern const SEC_ASN1Template NSSCMSMessageTemplate[];
+
+/*
+ * The little output function that the ASN.1 encoder calls to hand
+ * us bytes which we in turn hand back to our caller (via the callback
+ * they gave us).
+ */
+static void
+nss_cms_encoder_out(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ struct nss_cms_encoder_output *output = (struct nss_cms_encoder_output *)arg;
+ unsigned char *dest;
+ unsigned long offset;
+
+#ifdef CMSDEBUG
+ int i;
+ const char *data_name = "unknown";
+
+ switch (data_kind) {
+ case SEC_ASN1_Identifier:
+ data_name = "identifier";
+ break;
+ case SEC_ASN1_Length:
+ data_name = "length";
+ break;
+ case SEC_ASN1_Contents:
+ data_name = "contents";
+ break;
+ case SEC_ASN1_EndOfContents:
+ data_name = "end-of-contents";
+ break;
+ }
+ fprintf(stderr, "kind = %s, depth = %d, len = %d\n", data_name, depth, len);
+ for (i = 0; i < len; i++) {
+ fprintf(stderr, " %02x%s", (unsigned int)buf[i] & 0xff, ((i % 16) == 15) ? "\n" : "");
+ }
+ if ((i % 16) != 0)
+ fprintf(stderr, "\n");
+#endif
+
+ if (output->outputfn != NULL)
+ /* call output callback with DER data */
+ output->outputfn(output->outputarg, buf, len);
+
+ if (output->dest != NULL) {
+ /* store DER data in SECItem */
+ offset = output->dest->len;
+ if (offset == 0) {
+ dest = (unsigned char *)PORT_ArenaAlloc(output->destpoolp, len);
+ } else {
+ dest = (unsigned char *)PORT_ArenaGrow(output->destpoolp,
+ output->dest->data,
+ output->dest->len,
+ output->dest->len + len);
+ }
+ if (dest == NULL)
+ /* oops */
+ return;
+
+ output->dest->data = dest;
+ output->dest->len += len;
+
+ /* copy it in */
+ if (len) {
+ PORT_Memcpy(output->dest->data + offset, buf, len);
+ }
+ }
+}
+
+/*
+ * nss_cms_encoder_notify - ASN.1 encoder callback
+ *
+ * this function is called by the ASN.1 encoder before and after the encoding of
+ * every object. here, it is used to keep track of data structures, set up
+ * encryption and/or digesting and possibly set up child encoders.
+ */
+static void
+nss_cms_encoder_notify(void *arg, PRBool before, void *dest, int depth)
+{
+ NSSCMSEncoderContext *p7ecx;
+ NSSCMSContentInfo *rootcinfo, *cinfo;
+ PRBool after = !before;
+ SECOidTag childtype;
+ SECItem *item;
+
+ p7ecx = (NSSCMSEncoderContext *)arg;
+ PORT_Assert(p7ecx != NULL);
+
+ rootcinfo = &(p7ecx->cmsg->contentInfo);
+
+#ifdef CMSDEBUG
+ fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before"
+ : "after",
+ dest, depth);
+#endif
+
+ /*
+ * Watch for the content field, at which point we want to instruct
+ * the ASN.1 encoder to start taking bytes from the buffer.
+ */
+ if (NSS_CMSType_IsData(p7ecx->type)) {
+ cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+ if (before && dest == &(cinfo->rawContent)) {
+ /* just set up encoder to grab from user - no encryption or digesting */
+ if ((item = cinfo->content.data) != NULL)
+ (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data,
+ item->len, PR_TRUE, PR_TRUE);
+ else
+ SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
+ SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
+ }
+ } else if (NSS_CMSType_IsWrapper(p7ecx->type)) {
+ /* when we know what the content is, we encode happily until we reach the inner content */
+ cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+ childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+
+ if (after && dest == &(cinfo->contentType)) {
+ /* we're right before encoding the data (if we have some or not) */
+ /* (for encrypted data, we're right before the contentEncAlg which may change */
+ /* in nss_cms_before_data because of IV calculation when setting up encryption) */
+ if (nss_cms_before_data(p7ecx) != SECSuccess)
+ p7ecx->error = PORT_GetError();
+ }
+ if (before && dest == &(cinfo->rawContent)) {
+ if (p7ecx->childp7ecx == NULL) {
+ if ((NSS_CMSType_IsData(childtype) && (item = cinfo->content.data) != NULL)) {
+ /* we are the innermost non-data and we have data - feed it in */
+ (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data,
+ item->len, PR_TRUE, PR_TRUE);
+ } else {
+ /* else we'll have to get data from user */
+ SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
+ }
+ } else {
+ /* if we have a nested encoder, wait for its data */
+ SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
+ }
+ }
+ if (after && dest == &(cinfo->rawContent)) {
+ if (nss_cms_after_data(p7ecx) != SECSuccess)
+ p7ecx->error = PORT_GetError();
+ SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
+ }
+ } else {
+ /* we're still in the root message */
+ if (after && dest == &(rootcinfo->contentType)) {
+ /* got the content type OID now - so find out the type tag */
+ p7ecx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
+ /* set up a pointer to our current content */
+ p7ecx->content = rootcinfo->content;
+ }
+ }
+}
+
+/*
+ * nss_cms_before_data - setup the current encoder to receive data
+ */
+static SECStatus
+nss_cms_before_data(NSSCMSEncoderContext *p7ecx)
+{
+ SECStatus rv;
+ SECOidTag childtype;
+ NSSCMSContentInfo *cinfo;
+ NSSCMSEncoderContext *childp7ecx;
+ const SEC_ASN1Template *template;
+
+ /* call _Encode_BeforeData handlers */
+ switch (p7ecx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ /* we're encoding a signedData, so set up the digests */
+ rv = NSS_CMSSignedData_Encode_BeforeData(p7ecx->content.signedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ /* we're encoding a digestedData, so set up the digest */
+ rv = NSS_CMSDigestedData_Encode_BeforeData(p7ecx->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ rv = NSS_CMSEnvelopedData_Encode_BeforeData(p7ecx->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ rv = NSS_CMSEncryptedData_Encode_BeforeData(p7ecx->content.encryptedData);
+ break;
+ default:
+ if (NSS_CMSType_IsWrapper(p7ecx->type)) {
+ rv = NSS_CMSGenericWrapperData_Encode_BeforeData(p7ecx->type,
+ p7ecx->content.genericData);
+ } else {
+ rv = SECFailure;
+ }
+ }
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /* ok, now we have a pointer to cinfo */
+ /* find out what kind of data is encapsulated */
+
+ cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+ childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+
+ if (NSS_CMSType_IsWrapper(childtype)) {
+ /* in these cases, we need to set up a child encoder! */
+ /* create new encoder context */
+ childp7ecx = PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
+ if (childp7ecx == NULL)
+ return SECFailure;
+
+ /* the CHILD encoder needs to hand its encoded data to the CURRENT encoder
+ * (which will encrypt and/or digest it)
+ * this needs to route back into our update function
+ * which finds the lowest encoding context & encrypts and computes digests */
+ childp7ecx->type = childtype;
+ childp7ecx->content = cinfo->content;
+ /* use the non-recursive update function here, of course */
+ childp7ecx->output.outputfn = (NSSCMSContentCallback)nss_cms_encoder_update;
+ childp7ecx->output.outputarg = p7ecx;
+ childp7ecx->output.destpoolp = NULL;
+ childp7ecx->output.dest = NULL;
+ childp7ecx->cmsg = p7ecx->cmsg;
+ childp7ecx->ecxupdated = PR_FALSE;
+ childp7ecx->childp7ecx = NULL;
+
+ template = NSS_CMSUtil_GetTemplateByTypeTag(childtype);
+ if (template == NULL)
+ goto loser; /* cannot happen */
+
+ /* now initialize the data for encoding the first third */
+ switch (childp7ecx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
+ break;
+ default:
+ rv = NSS_CMSGenericWrapperData_Encode_BeforeStart(childp7ecx->type,
+ cinfo->content.genericData);
+ break;
+ }
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * Initialize the BER encoder.
+ */
+ childp7ecx->ecx = SEC_ASN1EncoderStart(cinfo->content.pointer, template,
+ nss_cms_encoder_out, &(childp7ecx->output));
+ if (childp7ecx->ecx == NULL)
+ goto loser;
+
+ /*
+ * Indicate that we are streaming. We will be streaming until we
+ * get past the contents bytes.
+ */
+ if (!cinfo->privateInfo || !cinfo->privateInfo->dontStream)
+ SEC_ASN1EncoderSetStreaming(childp7ecx->ecx);
+
+ /*
+ * The notify function will watch for the contents field.
+ */
+ p7ecx->childp7ecx = childp7ecx;
+ SEC_ASN1EncoderSetNotifyProc(childp7ecx->ecx, nss_cms_encoder_notify,
+ childp7ecx);
+
+ /* please note that we are NOT calling SEC_ASN1EncoderUpdate here to kick off the */
+ /* encoding process - we'll do that from the update function instead */
+ /* otherwise we'd be encoding data from a call of the notify function of the */
+ /* parent encoder (which would not work) */
+
+ } else if (NSS_CMSType_IsData(childtype)) {
+ p7ecx->childp7ecx = NULL;
+ } else {
+ /* we do not know this type */
+ p7ecx->error = SEC_ERROR_BAD_DER;
+ }
+
+ return SECSuccess;
+
+loser:
+ if (childp7ecx) {
+ if (childp7ecx->ecx)
+ SEC_ASN1EncoderFinish(childp7ecx->ecx);
+ PORT_Free(childp7ecx);
+ p7ecx->childp7ecx = NULL;
+ }
+ return SECFailure;
+}
+
+static SECStatus
+nss_cms_after_data(NSSCMSEncoderContext *p7ecx)
+{
+ SECStatus rv = SECFailure;
+
+ switch (p7ecx->type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ /* this will finish the digests and sign */
+ rv = NSS_CMSSignedData_Encode_AfterData(p7ecx->content.signedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ rv = NSS_CMSEnvelopedData_Encode_AfterData(p7ecx->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ rv = NSS_CMSDigestedData_Encode_AfterData(p7ecx->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ rv = NSS_CMSEncryptedData_Encode_AfterData(p7ecx->content.encryptedData);
+ break;
+ default:
+ if (NSS_CMSType_IsWrapper(p7ecx->type)) {
+ rv = NSS_CMSGenericWrapperData_Encode_AfterData(p7ecx->type,
+ p7ecx->content.genericData);
+ } else {
+ rv = SECFailure;
+ }
+ break;
+ }
+ return rv;
+}
+
+/*
+ * nss_cms_encoder_work_data - process incoming data
+ *
+ * (from the user or the next encoding layer)
+ * Here, we need to digest and/or encrypt, then pass it on
+ */
+static SECStatus
+nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
+ const unsigned char *data, unsigned long len,
+ PRBool final, PRBool innermost)
+{
+ unsigned char *buf = NULL;
+ SECStatus rv;
+ NSSCMSContentInfo *cinfo;
+
+ rv = SECSuccess; /* may as well be optimistic */
+
+ /*
+ * We should really have data to process, or we should be trying
+ * to finish/flush the last block. (This is an overly paranoid
+ * check since all callers are in this file and simple inspection
+ * proves they do it right. But it could find a bug in future
+ * modifications/development, that is why it is here.)
+ */
+ PORT_Assert((data != NULL && len) || final);
+
+ /* we got data (either from the caller, or from a lower level encoder) */
+ cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+ if (!cinfo) {
+ /* The original programmer didn't expect this to happen */
+ p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
+ return SECFailure;
+ }
+
+ /* Update the running digest. */
+ if (len && cinfo->privateInfo && cinfo->privateInfo->digcx != NULL)
+ NSS_CMSDigestContext_Update(cinfo->privateInfo->digcx, data, len);
+
+ /* Encrypt this chunk. */
+ if (cinfo->privateInfo && cinfo->privateInfo->ciphcx != NULL) {
+ unsigned int inlen; /* length of data being encrypted */
+ unsigned int outlen; /* length of encrypted data */
+ unsigned int buflen; /* length available for encrypted data */
+
+ inlen = len;
+ buflen = NSS_CMSCipherContext_EncryptLength(cinfo->privateInfo->ciphcx,
+ inlen, final);
+ if (buflen == 0) {
+ /*
+ * No output is expected, but the input data may be buffered
+ * so we still have to call Encrypt.
+ */
+ rv = NSS_CMSCipherContext_Encrypt(cinfo->privateInfo->ciphcx, NULL, NULL, 0,
+ data, inlen, final);
+ if (final) {
+ len = 0;
+ goto done;
+ }
+ return rv;
+ }
+
+ if (dest != NULL)
+ buf = (unsigned char *)PORT_ArenaAlloc(p7ecx->cmsg->poolp, buflen);
+ else
+ buf = (unsigned char *)PORT_Alloc(buflen);
+
+ if (buf == NULL) {
+ rv = SECFailure;
+ } else {
+ rv = NSS_CMSCipherContext_Encrypt(cinfo->privateInfo->ciphcx, buf,
+ &outlen, buflen,
+ data, inlen, final);
+ data = buf;
+ len = outlen;
+ }
+ if (rv != SECSuccess)
+ /* encryption or malloc failed? */
+ return rv;
+ }
+
+ /*
+ * at this point (data,len) has everything we'd like to give to the CURRENT encoder
+ * (which will encode it, then hand it back to the user or the parent encoder)
+ * We don't encode the data if we're innermost and we're told not to include the data
+ */
+ if (p7ecx->ecx != NULL && len &&
+ (!innermost || cinfo->rawContent != cinfo->content.pointer))
+ rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, (const char *)data, len);
+
+done:
+
+ if (cinfo->privateInfo && cinfo->privateInfo->ciphcx != NULL) {
+ if (dest != NULL) {
+ dest->data = buf;
+ dest->len = len;
+ } else if (buf != NULL) {
+ PORT_Free(buf);
+ }
+ }
+ return rv;
+}
+
+/*
+ * nss_cms_encoder_update - deliver encoded data to the next higher level
+ *
+ * no recursion here because we REALLY want to end up at the next higher encoder!
+ */
+static SECStatus
+nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
+{
+ /* XXX Error handling needs help. Return what? Do "Finish" on failure? */
+ return nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data,
+ len, PR_FALSE, PR_FALSE);
+}
+
+/*
+ * NSS_CMSEncoder_Start - set up encoding of a CMS message
+ *
+ * "cmsg" - message to encode
+ * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
+ * will not be called if NULL.
+ * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
+ * "destpoolp" - pool to allocate DER-encoded output in
+ * "pwfn", pwfn_arg" - callback function for getting token password
+ * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
+ * "detached_digestalgs", "detached_digests" - digests from detached content
+ */
+NSSCMSEncoderContext *
+NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
+ NSSCMSContentCallback outputfn, void *outputarg,
+ SECItem *dest, PLArenaPool *destpoolp,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
+ SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
+{
+ NSSCMSEncoderContext *p7ecx;
+ SECStatus rv;
+ NSSCMSContentInfo *cinfo;
+ SECOidTag tag;
+
+ NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
+ detached_digestalgs, detached_digests);
+
+ p7ecx = (NSSCMSEncoderContext *)PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
+ if (p7ecx == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ p7ecx->cmsg = cmsg;
+ p7ecx->output.outputfn = outputfn;
+ p7ecx->output.outputarg = outputarg;
+ p7ecx->output.dest = dest;
+ p7ecx->output.destpoolp = destpoolp;
+ p7ecx->type = SEC_OID_UNKNOWN;
+
+ cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
+
+ tag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ switch (tag) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
+ break;
+ default:
+ if (NSS_CMSType_IsWrapper(tag)) {
+ rv = NSS_CMSGenericWrapperData_Encode_BeforeStart(tag,
+ p7ecx->content.genericData);
+ } else {
+ rv = SECFailure;
+ }
+ break;
+ }
+ if (rv != SECSuccess) {
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+
+ /* Initialize the BER encoder.
+ * Note that this will not encode anything until the first call to SEC_ASN1EncoderUpdate */
+ p7ecx->ecx = SEC_ASN1EncoderStart(cmsg, NSSCMSMessageTemplate,
+ nss_cms_encoder_out, &(p7ecx->output));
+ if (p7ecx->ecx == NULL) {
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+ p7ecx->ecxupdated = PR_FALSE;
+
+ /*
+ * Indicate that we are streaming. We will be streaming until we
+ * get past the contents bytes.
+ */
+ if (!cinfo->privateInfo || !cinfo->privateInfo->dontStream)
+ SEC_ASN1EncoderSetStreaming(p7ecx->ecx);
+
+ /*
+ * The notify function will watch for the contents field.
+ */
+ SEC_ASN1EncoderSetNotifyProc(p7ecx->ecx, nss_cms_encoder_notify, p7ecx);
+
+ /* this will kick off the encoding process & encode everything up to the content bytes,
+ * at which point the notify function sets streaming mode (and possibly creates
+ * a child encoder). */
+ p7ecx->ecxupdated = PR_TRUE;
+ if (SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0) != SECSuccess) {
+ PORT_Free(p7ecx);
+ return NULL;
+ }
+
+ return p7ecx;
+}
+
+/*
+ * NSS_CMSEncoder_Update - take content data delivery from the user
+ *
+ * "p7ecx" - encoder context
+ * "data" - content data
+ * "len" - length of content data
+ *
+ * need to find the lowest level (and call SEC_ASN1EncoderUpdate on the way down),
+ * then hand the data to the work_data fn
+ */
+SECStatus
+NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
+{
+ SECStatus rv;
+ NSSCMSContentInfo *cinfo;
+ SECOidTag childtype;
+
+ if (p7ecx->error)
+ return SECFailure;
+
+ /* hand data to the innermost decoder */
+ if (p7ecx->childp7ecx) {
+ /* tell the child to start encoding, up to its first data byte, if it
+ * hasn't started yet */
+ if (!p7ecx->childp7ecx->ecxupdated) {
+ p7ecx->childp7ecx->ecxupdated = PR_TRUE;
+ if (SEC_ASN1EncoderUpdate(p7ecx->childp7ecx->ecx, NULL, 0) != SECSuccess)
+ return SECFailure;
+ }
+ /* recursion here */
+ rv = NSS_CMSEncoder_Update(p7ecx->childp7ecx, data, len);
+ } else {
+ /* we are at innermost decoder */
+ /* find out about our inner content type - must be data */
+ cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+ if (!cinfo) {
+ /* The original programmer didn't expect this to happen */
+ p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
+ return SECFailure;
+ }
+
+ childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ if (!NSS_CMSType_IsData(childtype))
+ return SECFailure;
+ /* and we must not have preset data */
+ if (cinfo->content.data != NULL)
+ return SECFailure;
+
+ /* hand it the data so it can encode it (let DER trickle up the chain) */
+ rv = nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data,
+ len, PR_FALSE, PR_TRUE);
+ }
+ return rv;
+}
+
+/*
+ * NSS_CMSEncoder_Cancel - stop all encoding
+ *
+ * we need to walk down the chain of encoders and the finish them from the innermost out
+ */
+SECStatus
+NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx)
+{
+ SECStatus rv = SECFailure;
+
+ /* XXX do this right! */
+
+ /*
+ * Finish any inner decoders before us so that all the encoded data is flushed
+ * This basically finishes all the decoders from the innermost to the outermost.
+ * Finishing an inner decoder may result in data being updated to the outer decoder
+ * while we are already in NSS_CMSEncoder_Finish, but that's allright.
+ */
+ if (p7ecx->childp7ecx) {
+ rv = NSS_CMSEncoder_Cancel(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
+ /* remember rv for now */
+#ifdef CMSDEBUG
+ if (rv != SECSuccess) {
+ fprintf(stderr, "Fail to cancel inner encoder\n");
+ }
+#endif
+ }
+
+ /*
+ * On the way back up, there will be no more data (if we had an
+ * inner encoder, it is done now!)
+ * Flush out any remaining data and/or finish digests.
+ */
+ rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
+ if (rv != SECSuccess)
+ goto loser;
+
+ p7ecx->childp7ecx = NULL;
+
+ /* kick the encoder back into working mode again.
+ * We turn off streaming stuff (which will cause the encoder to continue
+ * encoding happily, now that we have all the data (like digests) ready for it).
+ */
+ SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
+ SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
+
+ /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
+ rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
+
+loser:
+ SEC_ASN1EncoderFinish(p7ecx->ecx);
+ PORT_Free(p7ecx);
+ return rv;
+}
+
+/*
+ * NSS_CMSEncoder_Finish - signal the end of data
+ *
+ * we need to walk down the chain of encoders and the finish them from the innermost out
+ */
+SECStatus
+NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx)
+{
+ SECStatus rv = SECFailure;
+ NSSCMSContentInfo *cinfo;
+
+ /*
+ * Finish any inner decoders before us so that all the encoded data is flushed
+ * This basically finishes all the decoders from the innermost to the outermost.
+ * Finishing an inner decoder may result in data being updated to the outer decoder
+ * while we are already in NSS_CMSEncoder_Finish, but that's allright.
+ */
+ if (p7ecx->childp7ecx) {
+ /* tell the child to start encoding, up to its first data byte, if it
+ * hasn't yet */
+ if (!p7ecx->childp7ecx->ecxupdated) {
+ p7ecx->childp7ecx->ecxupdated = PR_TRUE;
+ rv = SEC_ASN1EncoderUpdate(p7ecx->childp7ecx->ecx, NULL, 0);
+ if (rv != SECSuccess) {
+ NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
+ goto loser;
+ }
+ }
+ rv = NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ /*
+ * On the way back up, there will be no more data (if we had an
+ * inner encoder, it is done now!)
+ * Flush out any remaining data and/or finish digests.
+ */
+ rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
+ if (rv != SECSuccess)
+ goto loser;
+
+ p7ecx->childp7ecx = NULL;
+
+ cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+ if (!cinfo) {
+ /* The original programmer didn't expect this to happen */
+ p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
+ rv = SECFailure;
+ goto loser;
+ }
+ SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
+ SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
+ /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
+ rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
+
+ if (p7ecx->error)
+ rv = SECFailure;
+
+loser:
+ SEC_ASN1EncoderFinish(p7ecx->ecx);
+ PORT_Free(p7ecx);
+ return rv;
+}
diff --git a/security/nss/lib/smime/cmsenvdata.c b/security/nss/lib/smime/cmsenvdata.c
new file mode 100644
index 000000000..f2c8e171d
--- /dev/null
+++ b/security/nss/lib/smime/cmsenvdata.c
@@ -0,0 +1,398 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS envelopedData methods.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "secpkcs5.h"
+
+/*
+ * NSS_CMSEnvelopedData_Create - create an enveloped data message
+ */
+NSSCMSEnvelopedData *
+NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
+{
+ void *mark;
+ NSSCMSEnvelopedData *envd;
+ PLArenaPool *poolp;
+ SECStatus rv;
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ envd = (NSSCMSEnvelopedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEnvelopedData));
+ if (envd == NULL)
+ goto loser;
+
+ envd->cmsg = cmsg;
+
+ /* version is set in NSS_CMSEnvelopedData_Encode_BeforeStart() */
+
+ rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(envd->contentInfo),
+ algorithm, NULL, keysize);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return envd;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
+ */
+void
+NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp)
+{
+ NSSCMSRecipientInfo **recipientinfos;
+ NSSCMSRecipientInfo *ri;
+
+ if (edp == NULL)
+ return;
+
+ recipientinfos = edp->recipientInfos;
+ if (recipientinfos == NULL)
+ return;
+
+ while ((ri = *recipientinfos++) != NULL)
+ NSS_CMSRecipientInfo_Destroy(ri);
+
+ NSS_CMSContentInfo_Destroy(&(edp->contentInfo));
+}
+
+/*
+ * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
+ */
+NSSCMSContentInfo *
+NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd)
+{
+ return &(envd->contentInfo);
+}
+
+/*
+ * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
+ *
+ * rip must be created on the same pool as edp - this is not enforced, though.
+ */
+SECStatus
+NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip)
+{
+ void *mark;
+ SECStatus rv;
+
+ /* XXX compare pools, if not same, copy rip into edp's pool */
+
+ PR_ASSERT(edp != NULL);
+ PR_ASSERT(rip != NULL);
+
+ mark = PORT_ArenaMark(edp->cmsg->poolp);
+
+ rv = NSS_CMSArray_Add(edp->cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(edp->cmsg->poolp, mark);
+ return SECFailure;
+ }
+
+ PORT_ArenaUnmark(edp->cmsg->poolp, mark);
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
+ *
+ * at this point, we need
+ * - recipientinfos set up with recipient's certificates
+ * - a content encryption algorithm (if none, 3DES will be used)
+ *
+ * this function will generate a random content encryption key (aka bulk key),
+ * initialize the recipientinfos with certificate identification and wrap the bulk key
+ * using the proper algorithm for every certificiate.
+ * it will finally set the bulk algorithm and key so that the encode step can find it.
+ */
+SECStatus
+NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd)
+{
+ int version;
+ NSSCMSRecipientInfo **recipientinfos;
+ NSSCMSContentInfo *cinfo;
+ PK11SymKey *bulkkey = NULL;
+ SECOidTag bulkalgtag;
+ CK_MECHANISM_TYPE type;
+ PK11SlotInfo *slot;
+ SECStatus rv;
+ SECItem *dummy;
+ PLArenaPool *poolp;
+ extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
+ void *mark = NULL;
+ int i;
+
+ poolp = envd->cmsg->poolp;
+ cinfo = &(envd->contentInfo);
+
+ recipientinfos = envd->recipientInfos;
+ if (recipientinfos == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+#if 0
+ PORT_SetErrorString("Cannot find recipientinfos to encode.");
+#endif
+ goto loser;
+ }
+
+ version = NSS_CMS_ENVELOPED_DATA_VERSION_REG;
+ if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
+ version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
+ } else {
+ for (i = 0; recipientinfos[i] != NULL; i++) {
+ if (NSS_CMSRecipientInfo_GetVersion(recipientinfos[i]) != 0) {
+ version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
+ break;
+ }
+ }
+ }
+ dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
+ if (dummy == NULL)
+ goto loser;
+
+ /* now we need to have a proper content encryption algorithm
+ * on the SMIME level, we would figure one out by looking at SMIME capabilities
+ * we cannot do that on our level, so if none is set already, we'll just go
+ * with one of the mandatory algorithms (3DES) */
+ if ((bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
+ rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, cinfo, SEC_OID_DES_EDE3_CBC, NULL, 168);
+ if (rv != SECSuccess)
+ goto loser;
+ bulkalgtag = SEC_OID_DES_EDE3_CBC;
+ }
+
+ /* generate a random bulk key suitable for content encryption alg */
+ type = PK11_AlgtagToMechanism(bulkalgtag);
+ slot = PK11_GetBestSlot(type, envd->cmsg->pwfn_arg);
+ if (slot == NULL)
+ goto loser; /* error has been set by PK11_GetBestSlot */
+
+ /* this is expensive... */
+ bulkkey = PK11_KeyGen(slot, type, NULL,
+ NSS_CMSContentInfo_GetBulkKeySize(cinfo) / 8,
+ envd->cmsg->pwfn_arg);
+ PK11_FreeSlot(slot);
+ if (bulkkey == NULL)
+ goto loser; /* error has been set by PK11_KeyGen */
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* Encrypt the bulk key with the public key of each recipient. */
+ for (i = 0; recipientinfos[i] != NULL; i++) {
+ rv = NSS_CMSRecipientInfo_WrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
+ if (rv != SECSuccess)
+ goto loser; /* error has been set by NSS_CMSRecipientInfo_EncryptBulkKey */
+ /* could be: alg not supported etc. */
+ }
+
+ /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
+ rv = NSS_CMSArray_SortByDER((void **)envd->recipientInfos,
+ NSSCMSRecipientInfoTemplate, NULL);
+ if (rv != SECSuccess)
+ goto loser; /* error has been set by NSS_CMSArray_SortByDER */
+
+ /* store the bulk key in the contentInfo so that the encoder can find it */
+ NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
+
+ PORT_ArenaUnmark(poolp, mark);
+
+ PK11_FreeSymKey(bulkkey);
+
+ return SECSuccess;
+
+loser:
+ if (mark != NULL)
+ PORT_ArenaRelease(poolp, mark);
+ if (bulkkey)
+ PK11_FreeSymKey(bulkkey);
+
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
+ *
+ * it is essential that this is called before the contentEncAlg is encoded, because
+ * setting up the encryption may generate IVs and thus change it!
+ */
+SECStatus
+NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd)
+{
+ NSSCMSContentInfo *cinfo;
+ PK11SymKey *bulkkey;
+ SECAlgorithmID *algid;
+ SECStatus rv;
+
+ cinfo = &(envd->contentInfo);
+
+ /* find bulkkey and algorithm - must have been set by NSS_CMSEnvelopedData_Encode_BeforeStart */
+ bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
+ if (bulkkey == NULL)
+ return SECFailure;
+ algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
+ if (algid == NULL)
+ return SECFailure;
+
+ rv = NSS_CMSContentInfo_Private_Init(cinfo);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ /* this may modify algid (with IVs generated in a token).
+ * it is essential that algid is a pointer to the contentEncAlg data, not a
+ * pointer to a copy! */
+ cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(envd->cmsg->poolp, bulkkey, algid);
+ PK11_FreeSymKey(bulkkey);
+ if (cinfo->privateInfo->ciphcx == NULL)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
+ */
+SECStatus
+NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd)
+{
+ if (envd->contentInfo.privateInfo && envd->contentInfo.privateInfo->ciphcx) {
+ NSS_CMSCipherContext_Destroy(envd->contentInfo.privateInfo->ciphcx);
+ envd->contentInfo.privateInfo->ciphcx = NULL;
+ }
+
+ /* nothing else to do after data */
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
+ * derive bulk key & set up our contentinfo
+ */
+SECStatus
+NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd)
+{
+ NSSCMSRecipientInfo *ri;
+ PK11SymKey *bulkkey = NULL;
+ SECOidTag bulkalgtag;
+ SECAlgorithmID *bulkalg;
+ SECStatus rv = SECFailure;
+ NSSCMSContentInfo *cinfo;
+ NSSCMSRecipient **recipient_list = NULL;
+ NSSCMSRecipient *recipient;
+ int rlIndex;
+
+ if (NSS_CMSArray_Count((void **)envd->recipientInfos) == 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+#if 0
+ PORT_SetErrorString("No recipient data in envelope.");
+#endif
+ goto loser;
+ }
+
+ /* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
+ /* get the cert and private key for it right away */
+ recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
+ if (recipient_list == NULL)
+ goto loser;
+
+ /* what about multiple recipientInfos that match?
+ * especially if, for some reason, we could not produce a bulk key with the first match?!
+ * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
+ * maybe later... */
+ rlIndex = PK11_FindCertAndKeyByRecipientListNew(recipient_list, envd->cmsg->pwfn_arg);
+
+ /* if that fails, then we're not an intended recipient and cannot decrypt */
+ if (rlIndex < 0) {
+ PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
+#if 0
+ PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
+#endif
+ goto loser;
+ }
+
+ recipient = recipient_list[rlIndex];
+ if (!recipient->cert || !recipient->privkey) {
+ /* XXX should set an error code ?!? */
+ goto loser;
+ }
+ /* get a pointer to "our" recipientinfo */
+ ri = envd->recipientInfos[recipient->riIndex];
+
+ cinfo = &(envd->contentInfo);
+ bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
+ if (bulkalgtag == SEC_OID_UNKNOWN) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ } else
+ bulkkey =
+ NSS_CMSRecipientInfo_UnwrapBulkKey(ri, recipient->subIndex,
+ recipient->cert,
+ recipient->privkey,
+ bulkalgtag);
+ if (bulkkey == NULL) {
+ /* no success finding a bulk key */
+ goto loser;
+ }
+
+ NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
+
+ bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
+
+ rv = NSS_CMSContentInfo_Private_Init(cinfo);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECFailure;
+ cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
+ if (cinfo->privateInfo->ciphcx == NULL)
+ goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
+
+ rv = SECSuccess;
+
+loser:
+ if (bulkkey)
+ PK11_FreeSymKey(bulkkey);
+ if (recipient_list != NULL)
+ nss_cms_recipient_list_destroy(recipient_list);
+ return rv;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
+ */
+SECStatus
+NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd)
+{
+ if (envd && envd->contentInfo.privateInfo && envd->contentInfo.privateInfo->ciphcx) {
+ NSS_CMSCipherContext_Destroy(envd->contentInfo.privateInfo->ciphcx);
+ envd->contentInfo.privateInfo->ciphcx = NULL;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
+ */
+SECStatus
+NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd)
+{
+ /* apply final touches */
+ return SECSuccess;
+}
diff --git a/security/nss/lib/smime/cmslocal.h b/security/nss/lib/smime/cmslocal.h
new file mode 100644
index 000000000..ef7d50028
--- /dev/null
+++ b/security/nss/lib/smime/cmslocal.h
@@ -0,0 +1,351 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support routines for CMS implementation, none of which are exported.
+ *
+ * Do not export this file! If something in here is really needed outside
+ * of smime code, first try to add a CMS interface which will do it for
+ * you. If that has a problem, then just move out what you need, changing
+ * its name as appropriate!
+ */
+
+#ifndef _CMSLOCAL_H_
+#define _CMSLOCAL_H_
+
+#include "cms.h"
+#include "cmsreclist.h"
+#include "secasn1t.h"
+
+extern const SEC_ASN1Template NSSCMSContentInfoTemplate[];
+
+struct NSSCMSContentInfoPrivateStr {
+ NSSCMSCipherContext *ciphcx;
+ NSSCMSDigestContext *digcx;
+ PRBool dontStream;
+};
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/*
+ * private content Info stuff
+ */
+
+/* initialize the private content info field. If this returns
+ * SECSuccess, the cinfo->private field is safe to dereference.
+ */
+SECStatus NSS_CMSContentInfo_Private_Init(NSSCMSContentInfo *cinfo);
+
+/***********************************************************************
+ * cmscipher.c - en/decryption routines
+ ***********************************************************************/
+
+/*
+ * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
+ * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
+ */
+extern NSSCMSCipherContext *
+NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid);
+
+/*
+ * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
+ * based on the given bulk encryption key and algorithm tag. Fill in the algorithm
+ * identifier (which may include an iv) appropriately.
+ */
+extern NSSCMSCipherContext *
+NSS_CMSCipherContext_StartEncrypt(PLArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid);
+
+extern void
+NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc);
+
+/*
+ * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
+ *
+ * cc - the cipher context
+ * input_len - number of bytes used as input
+ * final - true if this is the final chunk of data
+ *
+ * Result can be used to perform memory allocations. Note that the amount
+ * is exactly accurate only when not doing a block cipher or when final
+ * is false, otherwise it is an upper bound on the amount because until
+ * we see the data we do not know how many padding bytes there are
+ * (always between 1 and bsize).
+ */
+extern unsigned int
+NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
+
+/*
+ * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
+ *
+ * cc - the cipher context
+ * input_len - number of bytes used as input
+ * final - true if this is the final chunk of data
+ *
+ * Result can be used to perform memory allocations.
+ */
+extern unsigned int
+NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
+
+/*
+ * NSS_CMSCipherContext_Decrypt - do the decryption
+ *
+ * cc - the cipher context
+ * output - buffer for decrypted result bytes
+ * output_len_p - number of bytes in output
+ * max_output_len - upper bound on bytes to put into output
+ * input - pointer to input bytes
+ * input_len - number of input bytes
+ * final - true if this is the final chunk of data
+ *
+ * Decrypts a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the decrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
+ * When "final" is true, this is the last of the data to be decrypted.
+ */
+extern SECStatus
+NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
+ unsigned int *output_len_p, unsigned int max_output_len,
+ const unsigned char *input, unsigned int input_len,
+ PRBool final);
+
+/*
+ * NSS_CMSCipherContext_Encrypt - do the encryption
+ *
+ * cc - the cipher context
+ * output - buffer for decrypted result bytes
+ * output_len_p - number of bytes in output
+ * max_output_len - upper bound on bytes to put into output
+ * input - pointer to input bytes
+ * input_len - number of input bytes
+ * final - true if this is the final chunk of data
+ *
+ * Encrypts a given length of input buffer (starting at "input" and
+ * containing "input_len" bytes), placing the encrypted bytes in
+ * "output" and storing the output length in "*output_len_p".
+ * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
+ * When "final" is true, this is the last of the data to be encrypted.
+ */
+extern SECStatus
+NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
+ unsigned int *output_len_p, unsigned int max_output_len,
+ const unsigned char *input, unsigned int input_len,
+ PRBool final);
+
+/************************************************************************
+ * cmspubkey.c - public key operations
+ ************************************************************************/
+
+/*
+ * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
+ *
+ * this function takes a symmetric key and encrypts it using an RSA public key
+ * according to PKCS#1 and RFC2633 (S/MIME)
+ */
+extern SECStatus
+NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert,
+ PK11SymKey *key,
+ SECItem *encKey);
+
+extern SECStatus
+NSS_CMSUtil_EncryptSymKey_RSAPubKey(PLArenaPool *poolp,
+ SECKEYPublicKey *publickey,
+ PK11SymKey *bulkkey, SECItem *encKey);
+
+/*
+ * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
+ *
+ * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
+ * key handle. Please note that the actual unwrapped key data may not be allowed to leave
+ * a hardware token...
+ */
+extern PK11SymKey *
+NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag);
+
+extern SECStatus
+NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
+ SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
+ SECItem *originatorPubKey);
+
+extern PK11SymKey *
+NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey,
+ SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
+
+/************************************************************************
+ * cmsreclist.c - recipient list stuff
+ ************************************************************************/
+extern NSSCMSRecipient **nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos);
+extern void nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list);
+extern NSSCMSRecipientEncryptedKey *NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp);
+
+/************************************************************************
+ * cmsarray.c - misc array functions
+ ************************************************************************/
+/*
+ * NSS_CMSArray_Alloc - allocate an array in an arena
+ */
+extern void **
+NSS_CMSArray_Alloc(PLArenaPool *poolp, int n);
+
+/*
+ * NSS_CMSArray_Add - add an element to the end of an array
+ */
+extern SECStatus
+NSS_CMSArray_Add(PLArenaPool *poolp, void ***array, void *obj);
+
+/*
+ * NSS_CMSArray_IsEmpty - check if array is empty
+ */
+extern PRBool
+NSS_CMSArray_IsEmpty(void **array);
+
+/*
+ * NSS_CMSArray_Count - count number of elements in array
+ */
+extern int
+NSS_CMSArray_Count(void **array);
+
+/*
+ * NSS_CMSArray_Sort - sort an array ascending, in place
+ *
+ * If "secondary" is not NULL, the same reordering gets applied to it.
+ * If "tertiary" is not NULL, the same reordering gets applied to it.
+ * "compare" is a function that returns
+ * < 0 when the first element is less than the second
+ * = 0 when the first element is equal to the second
+ * > 0 when the first element is greater than the second
+ */
+extern void
+NSS_CMSArray_Sort(void **primary, int (*compare)(void *, void *), void **secondary, void **tertiary);
+
+/************************************************************************
+ * cmsattr.c - misc attribute functions
+ ************************************************************************/
+/*
+ * NSS_CMSAttribute_Create - create an attribute
+ *
+ * if value is NULL, the attribute won't have a value. It can be added later
+ * with NSS_CMSAttribute_AddValue.
+ */
+extern NSSCMSAttribute *
+NSS_CMSAttribute_Create(PLArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded);
+
+/*
+ * NSS_CMSAttribute_AddValue - add another value to an attribute
+ */
+extern SECStatus
+NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value);
+
+/*
+ * NSS_CMSAttribute_GetType - return the OID tag
+ */
+extern SECOidTag
+NSS_CMSAttribute_GetType(NSSCMSAttribute *attr);
+
+/*
+ * NSS_CMSAttribute_GetValue - return the first attribute value
+ *
+ * We do some sanity checking first:
+ * - Multiple values are *not* expected.
+ * - Empty values are *not* expected.
+ */
+extern SECItem *
+NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr);
+
+/*
+ * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
+ */
+extern PRBool
+NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av);
+
+/*
+ * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
+ *
+ * If you are wondering why this routine does not reorder the attributes
+ * first, and might be tempted to make it do so, see the comment by the
+ * call to ReorderAttributes in cmsencode.c. (Or, see who else calls this
+ * and think long and hard about the implications of making it always
+ * do the reordering.)
+ */
+extern SECItem *
+NSS_CMSAttributeArray_Encode(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest);
+
+/*
+ * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
+ *
+ * make sure that the order of the attributes guarantees valid DER (which must be
+ * in lexigraphically ascending order for a SET OF); if reordering is necessary it
+ * will be done in place (in attrs).
+ */
+extern SECStatus
+NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs);
+
+/*
+ * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
+ * find one that matches the specified object ID.
+ *
+ * If "only" is true, then make sure that there is not more than one attribute
+ * of the same type. Otherwise, just return the first one found. (XXX Does
+ * anybody really want that first-found behavior? It was like that when I found it...)
+ */
+extern NSSCMSAttribute *
+NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only);
+
+/*
+ * NSS_CMSAttributeArray_AddAttr - add an attribute to an
+ * array of attributes.
+ */
+extern SECStatus
+NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr);
+
+/*
+ * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
+ */
+extern SECStatus
+NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs,
+ SECOidTag type, SECItem *value, PRBool encoded);
+
+/*
+ * NSS_CMSSignedData_AddTempCertificate - add temporary certificate references.
+ * They may be needed for signature verification on the data, for example.
+ */
+extern SECStatus
+NSS_CMSSignedData_AddTempCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert);
+
+/*
+ * local function to handle compatibility issues
+ * by mapping a signature algorithm back to a digest.
+ */
+SECOidTag NSS_CMSUtil_MapSignAlgs(SECOidTag signAlg);
+
+/************************************************************************/
+
+/*
+ * local functions to handle user defined S/MIME content types
+ */
+
+PRBool NSS_CMSType_IsWrapper(SECOidTag type);
+PRBool NSS_CMSType_IsData(SECOidTag type);
+size_t NSS_CMSType_GetContentSize(SECOidTag type);
+const SEC_ASN1Template *NSS_CMSType_GetTemplate(SECOidTag type);
+
+void NSS_CMSGenericWrapperData_Destroy(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+SECStatus NSS_CMSGenericWrapperData_Decode_BeforeData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+SECStatus NSS_CMSGenericWrapperData_Decode_AfterData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+SECStatus NSS_CMSGenericWrapperData_Decode_AfterEnd(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+SECStatus NSS_CMSGenericWrapperData_Encode_BeforeStart(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+SECStatus NSS_CMSGenericWrapperData_Encode_BeforeData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+SECStatus NSS_CMSGenericWrapperData_Encode_AfterData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd);
+
+SEC_END_PROTOS
+
+#endif /* _CMSLOCAL_H_ */
diff --git a/security/nss/lib/smime/cmsmessage.c b/security/nss/lib/smime/cmsmessage.c
new file mode 100644
index 000000000..27d1256ec
--- /dev/null
+++ b/security/nss/lib/smime/cmsmessage.c
@@ -0,0 +1,293 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS message methods.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "secerr.h"
+
+/*
+ * NSS_CMSMessage_Create - create a CMS message object
+ *
+ * "poolp" - arena to allocate memory from, or NULL if new arena should be created
+ */
+NSSCMSMessage *
+NSS_CMSMessage_Create(PLArenaPool *poolp)
+{
+ void *mark = NULL;
+ NSSCMSMessage *cmsg;
+ PRBool poolp_is_ours = PR_FALSE;
+
+ if (poolp == NULL) {
+ poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (poolp == NULL)
+ return NULL;
+ poolp_is_ours = PR_TRUE;
+ }
+
+ if (!poolp_is_ours)
+ mark = PORT_ArenaMark(poolp);
+
+ cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSMessage));
+ if (cmsg == NULL ||
+ NSS_CMSContentInfo_Private_Init(&(cmsg->contentInfo)) != SECSuccess) {
+ if (!poolp_is_ours) {
+ if (mark) {
+ PORT_ArenaRelease(poolp, mark);
+ }
+ } else
+ PORT_FreeArena(poolp, PR_FALSE);
+ return NULL;
+ }
+
+ cmsg->poolp = poolp;
+ cmsg->poolp_is_ours = poolp_is_ours;
+ cmsg->refCount = 1;
+
+ if (mark)
+ PORT_ArenaUnmark(poolp, mark);
+
+ return cmsg;
+}
+
+/*
+ * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
+ *
+ * "cmsg" - message object
+ * "pwfn", pwfn_arg" - callback function for getting token password
+ * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
+ * "detached_digestalgs", "detached_digests" - digests from detached content
+ */
+void
+NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
+ PK11PasswordFunc pwfn, void *pwfn_arg,
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
+ SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
+{
+ if (pwfn)
+ PK11_SetPasswordFunc(pwfn);
+ cmsg->pwfn_arg = pwfn_arg;
+ cmsg->decrypt_key_cb = decrypt_key_cb;
+ cmsg->decrypt_key_cb_arg = decrypt_key_cb_arg;
+ cmsg->detached_digestalgs = detached_digestalgs;
+ cmsg->detached_digests = detached_digests;
+}
+
+/*
+ * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
+ */
+void
+NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg)
+{
+ PORT_Assert(cmsg->refCount > 0);
+ if (cmsg->refCount <= 0) /* oops */
+ return;
+
+ cmsg->refCount--; /* thread safety? */
+ if (cmsg->refCount > 0)
+ return;
+
+ NSS_CMSContentInfo_Destroy(&(cmsg->contentInfo));
+
+ /* if poolp is not NULL, cmsg is the owner of its arena */
+ if (cmsg->poolp_is_ours)
+ PORT_FreeArena(cmsg->poolp, PR_FALSE); /* XXX clear it? */
+}
+
+/*
+ * NSS_CMSMessage_Copy - return a copy of the given message.
+ *
+ * The copy may be virtual or may be real -- either way, the result needs
+ * to be passed to NSS_CMSMessage_Destroy later (as does the original).
+ */
+NSSCMSMessage *
+NSS_CMSMessage_Copy(NSSCMSMessage *cmsg)
+{
+ if (cmsg == NULL)
+ return NULL;
+
+ PORT_Assert(cmsg->refCount > 0);
+
+ cmsg->refCount++; /* XXX chrisk thread safety? */
+ return cmsg;
+}
+
+/*
+ * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
+ */
+PLArenaPool *
+NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg)
+{
+ return cmsg->poolp;
+}
+
+/*
+ * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
+ */
+NSSCMSContentInfo *
+NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg)
+{
+ return &(cmsg->contentInfo);
+}
+
+/*
+ * Return a pointer to the actual content.
+ * In the case of those types which are encrypted, this returns the *plain* content.
+ * In case of nested contentInfos, this descends and retrieves the innermost content.
+ */
+SECItem *
+NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg)
+{
+ /* this is a shortcut */
+ NSSCMSContentInfo *cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
+ SECItem *pItem = NSS_CMSContentInfo_GetInnerContent(cinfo);
+ return pItem;
+}
+
+/*
+ * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
+ *
+ * CMS data content objects do not count.
+ */
+int
+NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg)
+{
+ int count = 0;
+ NSSCMSContentInfo *cinfo;
+
+ /* walk down the chain of contentinfos */
+ for (cinfo = &(cmsg->contentInfo); cinfo != NULL;) {
+ count++;
+ cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo);
+ }
+ return count;
+}
+
+/*
+ * NSS_CMSMessage_ContentLevel - find content level #n
+ *
+ * CMS data content objects do not count.
+ */
+NSSCMSContentInfo *
+NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n)
+{
+ int count = 0;
+ NSSCMSContentInfo *cinfo;
+
+ /* walk down the chain of contentinfos */
+ for (cinfo = &(cmsg->contentInfo); cinfo != NULL && count < n;
+ cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
+ count++;
+ }
+
+ return cinfo;
+}
+
+/*
+ * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
+ */
+PRBool
+NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg)
+{
+ NSSCMSContentInfo *cinfo;
+
+ /* descend into CMS message */
+ for (cinfo = &(cmsg->contentInfo); cinfo != NULL;
+ cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
+ if (!NSS_CMSType_IsData(NSS_CMSContentInfo_GetContentTypeTag(cinfo)))
+ continue; /* next level */
+
+ if (NSS_CMSSignedData_ContainsCertsOrCrls(cinfo->content.signedData))
+ return PR_TRUE;
+ /* callback here for generic wrappers? */
+ }
+ return PR_FALSE;
+}
+
+/*
+ * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
+ */
+PRBool
+NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg)
+{
+ NSSCMSContentInfo *cinfo;
+
+ /* walk down the chain of contentinfos */
+ for (cinfo = &(cmsg->contentInfo); cinfo != NULL;
+ cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
+ switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ return PR_TRUE;
+ default:
+ /* callback here for generic wrappers? */
+ break;
+ }
+ }
+ return PR_FALSE;
+}
+
+/*
+ * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
+ *
+ * If the CMS message has a SignedData with a signature (not just a SignedData)
+ * return true; false otherwise. This can/should be called before calling
+ * VerifySignature, which will always indicate failure if no signature is
+ * present, but that does not mean there even was a signature!
+ * Note that the content itself can be empty (detached content was sent
+ * another way); it is the presence of the signature that matters.
+ */
+PRBool
+NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg)
+{
+ NSSCMSContentInfo *cinfo;
+
+ /* walk down the chain of contentinfos */
+ for (cinfo = &(cmsg->contentInfo); cinfo != NULL;
+ cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
+ switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ if (!NSS_CMSArray_IsEmpty((void **)cinfo->content.signedData->signerInfos))
+ return PR_TRUE;
+ break;
+ default:
+ /* callback here for generic wrappers? */
+ break;
+ }
+ }
+ return PR_FALSE;
+}
+
+/*
+ * NSS_CMSMessage_IsContentEmpty - see if content is empty
+ *
+ * returns PR_TRUE is innermost content length is < minLen
+ * XXX need the encrypted content length (why?)
+ */
+PRBool
+NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen)
+{
+ SECItem *item = NULL;
+
+ if (cmsg == NULL)
+ return PR_TRUE;
+
+ item = NSS_CMSContentInfo_GetContent(NSS_CMSMessage_GetContentInfo(cmsg));
+
+ if (!item) {
+ return PR_TRUE;
+ } else if (item->len <= minLen) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c
new file mode 100644
index 000000000..bc3cd993e
--- /dev/null
+++ b/security/nss/lib/smime/cmspubkey.c
@@ -0,0 +1,285 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS public key crypto
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "secerr.h"
+
+/* ====== RSA ======================================================================= */
+
+/*
+ * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
+ *
+ * this function takes a symmetric key and encrypts it using an RSA public key
+ * according to PKCS#1 and RFC2633 (S/MIME)
+ */
+SECStatus
+NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert,
+ PK11SymKey *bulkkey,
+ SECItem *encKey)
+{
+ SECStatus rv;
+ SECKEYPublicKey *publickey;
+
+ publickey = CERT_ExtractPublicKey(cert);
+ if (publickey == NULL)
+ return SECFailure;
+
+ rv = NSS_CMSUtil_EncryptSymKey_RSAPubKey(poolp, publickey, bulkkey, encKey);
+ SECKEY_DestroyPublicKey(publickey);
+ return rv;
+}
+
+SECStatus
+NSS_CMSUtil_EncryptSymKey_RSAPubKey(PLArenaPool *poolp,
+ SECKEYPublicKey *publickey,
+ PK11SymKey *bulkkey, SECItem *encKey)
+{
+ SECStatus rv;
+ int data_len;
+ KeyType keyType;
+ void *mark = NULL;
+
+ mark = PORT_ArenaMark(poolp);
+ if (!mark)
+ goto loser;
+
+ /* sanity check */
+ keyType = SECKEY_GetPublicKeyType(publickey);
+ PORT_Assert(keyType == rsaKey);
+ if (keyType != rsaKey) {
+ goto loser;
+ }
+ /* allocate memory for the encrypted key */
+ data_len = SECKEY_PublicKeyStrength(publickey); /* block size (assumed to be > keylen) */
+ encKey->data = (unsigned char *)PORT_ArenaAlloc(poolp, data_len);
+ encKey->len = data_len;
+ if (encKey->data == NULL)
+ goto loser;
+
+ /* encrypt the key now */
+ rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(SEC_OID_PKCS1_RSA_ENCRYPTION),
+ publickey, bulkkey, encKey);
+
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ if (mark) {
+ PORT_ArenaRelease(poolp, mark);
+ }
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
+ *
+ * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
+ * key handle. Please note that the actual unwrapped key data may not be allowed to leave
+ * a hardware token...
+ */
+PK11SymKey *
+NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag)
+{
+ /* that's easy */
+ CK_MECHANISM_TYPE target;
+ PORT_Assert(bulkalgtag != SEC_OID_UNKNOWN);
+ target = PK11_AlgtagToMechanism(bulkalgtag);
+ if (bulkalgtag == SEC_OID_UNKNOWN || target == CKM_INVALID_MECHANISM) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return NULL;
+ }
+ return PK11_PubUnwrapSymKey(privkey, encKey, target, CKA_DECRYPT, 0);
+}
+
+/* ====== ESDH (Ephemeral-Static Diffie-Hellman) ==================================== */
+
+SECStatus
+NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
+ SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
+ SECItem *pubKey)
+{
+#if 0 /* not yet done */
+ SECOidTag certalgtag; /* the certificate's encryption algorithm */
+ SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
+ SECStatus rv;
+ SECItem *params = NULL;
+ int data_len;
+ SECStatus err;
+ PK11SymKey *tek;
+ CERTCertificate *ourCert;
+ SECKEYPublicKey *ourPubKey;
+ NSSCMSKEATemplateSelector whichKEA = NSSCMSKEAInvalid;
+
+ certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
+ PORT_Assert(certalgtag == SEC_OID_X942_DIFFIE_HELMAN_KEY);
+
+ /* We really want to show our KEA tag as the key exchange algorithm tag. */
+ encalgtag = SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN;
+
+ /* Get the public key of the recipient. */
+ publickey = CERT_ExtractPublicKey(cert);
+ if (publickey == NULL) goto loser;
+
+ /* XXXX generate a DH key pair on a PKCS11 module (XXX which parameters?) */
+ /* XXXX */ourCert = PK11_FindBestKEAMatch(cert, wincx);
+ if (ourCert == NULL) goto loser;
+
+ arena = PORT_NewArena(1024);
+ if (arena == NULL) goto loser;
+
+ /* While we're here, extract the key pair's public key data and copy it into */
+ /* the outgoing parameters. */
+ /* XXXX */ourPubKey = CERT_ExtractPublicKey(ourCert);
+ if (ourPubKey == NULL)
+ {
+ goto loser;
+ }
+ SECITEM_CopyItem(arena, pubKey, /* XXX */&(ourPubKey->u.fortezza.KEAKey));
+ SECKEY_DestroyPublicKey(ourPubKey); /* we only need the private key from now on */
+ ourPubKey = NULL;
+
+ /* Extract our private key in order to derive the KEA key. */
+ ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
+ CERT_DestroyCertificate(ourCert); /* we're done with this */
+ if (!ourPrivKey) goto loser;
+
+ /* If ukm desired, prepare it - allocate enough space (filled with zeros). */
+ if (ukm) {
+ ukm->data = (unsigned char*)PORT_ArenaZAlloc(arena,/* XXXX */);
+ ukm->len = /* XXXX */;
+ }
+
+ /* Generate the KEK (key exchange key) according to RFC2631 which we use
+ * to wrap the bulk encryption key. */
+ kek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
+ ukm, NULL,
+ /* XXXX */CKM_KEA_KEY_DERIVE, /* XXXX */CKM_SKIPJACK_WRAP,
+ CKA_WRAP, 0, wincx);
+
+ SECKEY_DestroyPublicKey(publickey);
+ SECKEY_DestroyPrivateKey(ourPrivKey);
+ publickey = NULL;
+ ourPrivKey = NULL;
+
+ if (!kek)
+ goto loser;
+
+ /* allocate space for the encrypted CEK (bulk key) */
+ encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
+ encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
+
+ if (encKey->data == NULL)
+ {
+ PK11_FreeSymKey(kek);
+ goto loser;
+ }
+
+
+ /* Wrap the bulk key using CMSRC2WRAP or CMS3DESWRAP, depending on the */
+ /* bulk encryption algorithm */
+ switch (/* XXXX */PK11_AlgtagToMechanism(enccinfo->encalg))
+ {
+ case /* XXXX */CKM_SKIPJACK_CFB8:
+ err = PK11_WrapSymKey(/* XXXX */CKM_CMS3DES_WRAP, NULL, kek, bulkkey, encKey);
+ whichKEA = NSSCMSKEAUsesSkipjack;
+ break;
+ case /* XXXX */CKM_SKIPJACK_CFB8:
+ err = PK11_WrapSymKey(/* XXXX */CKM_CMSRC2_WRAP, NULL, kek, bulkkey, encKey);
+ whichKEA = NSSCMSKEAUsesSkipjack;
+ break;
+ default:
+ /* XXXX what do we do here? Neither RC2 nor 3DES... */
+ err = SECFailure;
+ /* set error */
+ break;
+ }
+
+ PK11_FreeSymKey(kek); /* we do not need the KEK anymore */
+ if (err != SECSuccess)
+ goto loser;
+
+ PORT_Assert(whichKEA != NSSCMSKEAInvalid);
+
+ /* see RFC2630 12.3.1.1 "keyEncryptionAlgorithm must be ..." */
+ /* params is the DER encoded key wrap algorithm (with parameters!) (XXX) */
+ params = SEC_ASN1EncodeItem(arena, NULL, &keaParams, sec_pkcs7_get_kea_template(whichKEA));
+ if (params == NULL)
+ goto loser;
+
+ /* now set keyEncAlg */
+ rv = SECOID_SetAlgorithmID(poolp, keyEncAlg, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN, params);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* XXXXXXX this is not right yet */
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ if (publickey) {
+ SECKEY_DestroyPublicKey(publickey);
+ }
+ if (ourPrivKey) {
+ SECKEY_DestroyPrivateKey(ourPrivKey);
+ }
+#endif
+ return SECFailure;
+}
+
+PK11SymKey *
+NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey,
+ SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag,
+ void *pwfn_arg)
+{
+#if 0 /* not yet done */
+ SECStatus err;
+ CK_MECHANISM_TYPE bulkType;
+ PK11SymKey *tek;
+ SECKEYPublicKey *originatorPubKey;
+ NSSCMSSMIMEKEAParameters keaParams;
+
+ /* XXXX get originator's public key */
+ originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
+ keaParams.originatorKEAKey.len);
+ if (originatorPubKey == NULL)
+ goto loser;
+
+ /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
+ The Derive function generates a shared secret and combines it with the originatorRA
+ data to come up with an unique session key */
+ tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
+ &keaParams.originatorRA, NULL,
+ CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
+ CKA_WRAP, 0, pwfn_arg);
+ SECKEY_DestroyPublicKey(originatorPubKey); /* not needed anymore */
+ if (tek == NULL)
+ goto loser;
+
+ /* Now that we have the TEK, unwrap the bulk key
+ with which to decrypt the message. */
+ /* Skipjack is being used as the bulk encryption algorithm.*/
+ /* Unwrap the bulk key. */
+ bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
+ encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
+
+ return bulkkey;
+
+loser:
+#endif
+ return NULL;
+}
diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c
new file mode 100644
index 000000000..2efb6b1f2
--- /dev/null
+++ b/security/nss/lib/smime/cmsrecinfo.c
@@ -0,0 +1,669 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS recipientInfo methods.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "secerr.h"
+
+PRBool
+nss_cmsrecipientinfo_usessubjectkeyid(NSSCMSRecipientInfo *ri)
+{
+ if (ri->recipientInfoType == NSSCMSRecipientInfoID_KeyTrans) {
+ NSSCMSRecipientIdentifier *rid;
+ rid = &ri->ri.keyTransRecipientInfo.recipientIdentifier;
+ if (rid->identifierType == NSSCMSRecipientID_SubjectKeyID) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+/*
+ * NOTE: fakeContent marks CMSMessage structure which is only used as a carrier
+ * of pwfn_arg and arena pools. In an ideal world, NSSCMSMessage would not have
+ * been exported, and we would have added an ordinary enum to handle this
+ * check. Unfortunatly wo don't have that luxury so we are overloading the
+ * contentTypeTag field. NO code should every try to interpret this content tag
+ * as a real OID tag, or use any fields other than pwfn_arg or poolp of this
+ * CMSMessage for that matter */
+static const SECOidData fakeContent;
+NSSCMSRecipientInfo *
+nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg,
+ NSSCMSRecipientIDSelector type,
+ CERTCertificate *cert,
+ SECKEYPublicKey *pubKey,
+ SECItem *subjKeyID,
+ void *pwfn_arg,
+ SECItem *DERinput)
+{
+ NSSCMSRecipientInfo *ri;
+ void *mark;
+ SECOidTag certalgtag;
+ SECStatus rv = SECSuccess;
+ NSSCMSRecipientEncryptedKey *rek;
+ NSSCMSOriginatorIdentifierOrKey *oiok;
+ unsigned long version;
+ SECItem *dummy;
+ PLArenaPool *poolp;
+ CERTSubjectPublicKeyInfo *spki, *freeSpki = NULL;
+ NSSCMSRecipientIdentifier *rid;
+ extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
+
+ if (!cmsg) {
+ /* a CMSMessage wasn't supplied, create a fake one to hold the pwfunc
+ * and a private arena pool */
+ cmsg = NSS_CMSMessage_Create(NULL);
+ cmsg->pwfn_arg = pwfn_arg;
+ /* mark it as a special cms message */
+ cmsg->contentInfo.contentTypeTag = (SECOidData *)&fakeContent;
+ }
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ ri = (NSSCMSRecipientInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientInfo));
+ if (ri == NULL)
+ goto loser;
+
+ ri->cmsg = cmsg;
+
+ if (DERinput) {
+ /* decode everything from DER */
+ SECItem newinput;
+ SECStatus rv = SECITEM_CopyItem(poolp, &newinput, DERinput);
+ if (SECSuccess != rv)
+ goto loser;
+ rv = SEC_QuickDERDecodeItem(poolp, ri, NSSCMSRecipientInfoTemplate, &newinput);
+ if (SECSuccess != rv)
+ goto loser;
+ }
+
+ switch (type) {
+ case NSSCMSRecipientID_IssuerSN: {
+ ri->cert = CERT_DupCertificate(cert);
+ if (NULL == ri->cert)
+ goto loser;
+ spki = &(cert->subjectPublicKeyInfo);
+ break;
+ }
+
+ case NSSCMSRecipientID_SubjectKeyID: {
+ PORT_Assert(pubKey);
+ spki = freeSpki = SECKEY_CreateSubjectPublicKeyInfo(pubKey);
+ break;
+ }
+
+ case NSSCMSRecipientID_BrandNew:
+ goto done;
+ break;
+
+ default:
+ /* unkown type */
+ goto loser;
+ break;
+ }
+
+ certalgtag = SECOID_GetAlgorithmTag(&(spki->algorithm));
+
+ rid = &ri->ri.keyTransRecipientInfo.recipientIdentifier;
+ switch (certalgtag) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
+ rid->identifierType = type;
+ if (type == NSSCMSRecipientID_IssuerSN) {
+ rid->id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
+ if (rid->id.issuerAndSN == NULL) {
+ break;
+ }
+ } else if (type == NSSCMSRecipientID_SubjectKeyID) {
+ NSSCMSKeyTransRecipientInfoEx *riExtra;
+
+ rid->id.subjectKeyID = PORT_ArenaNew(poolp, SECItem);
+ if (rid->id.subjectKeyID == NULL) {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ break;
+ }
+ rv = SECITEM_CopyItem(poolp, rid->id.subjectKeyID, subjKeyID);
+ if (rv != SECSuccess || rid->id.subjectKeyID->data == NULL) {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ break;
+ }
+ riExtra = &ri->ri.keyTransRecipientInfoEx;
+ riExtra->version = 0;
+ riExtra->pubKey = SECKEY_CopyPublicKey(pubKey);
+ if (riExtra->pubKey == NULL) {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ break;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
+ PORT_Assert(type == NSSCMSRecipientID_IssuerSN);
+ if (type != NSSCMSRecipientID_IssuerSN) {
+ rv = SECFailure;
+ break;
+ }
+ /* a key agreement op */
+ ri->recipientInfoType = NSSCMSRecipientInfoID_KeyAgree;
+
+ if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
+ rv = SECFailure;
+ break;
+ }
+ /* we do not support the case where multiple recipients
+ * share the same KeyAgreeRecipientInfo and have multiple RecipientEncryptedKeys
+ * in this case, we would need to walk all the recipientInfos, take the
+ * ones that do KeyAgreement algorithms and join them, algorithm by algorithm
+ * Then, we'd generate ONE ukm and OriginatorIdentifierOrKey */
+
+ /* only epheremal-static Diffie-Hellman is supported for now
+ * this is the only form of key agreement that provides potential anonymity
+ * of the sender, plus we do not have to include certs in the message */
+
+ /* force single recipientEncryptedKey for now */
+ if ((rek = NSS_CMSRecipientEncryptedKey_Create(poolp)) == NULL) {
+ rv = SECFailure;
+ break;
+ }
+
+ /* hardcoded IssuerSN choice for now */
+ rek->recipientIdentifier.identifierType = NSSCMSKeyAgreeRecipientID_IssuerSN;
+ if ((rek->recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) {
+ rv = SECFailure;
+ break;
+ }
+
+ oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
+
+ /* see RFC2630 12.3.1.1 */
+ oiok->identifierType = NSSCMSOriginatorIDOrKey_OriginatorPublicKey;
+
+ rv = NSS_CMSArray_Add(poolp, (void ***)&ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys,
+ (void *)rek);
+
+ break;
+ default:
+ /* other algorithms not supported yet */
+ /* NOTE that we do not support any KEK algorithm */
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ rv = SECFailure;
+ break;
+ }
+
+ if (rv == SECFailure)
+ goto loser;
+
+ /* set version */
+ switch (ri->recipientInfoType) {
+ case NSSCMSRecipientInfoID_KeyTrans:
+ if (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType == NSSCMSRecipientID_IssuerSN)
+ version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN;
+ else
+ version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY;
+ dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyTransRecipientInfo.version), version);
+ if (dummy == NULL)
+ goto loser;
+ break;
+ case NSSCMSRecipientInfoID_KeyAgree:
+ dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyAgreeRecipientInfo.version),
+ NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION);
+ if (dummy == NULL)
+ goto loser;
+ break;
+ case NSSCMSRecipientInfoID_KEK:
+ /* NOTE: this cannot happen as long as we do not support any KEK algorithm */
+ dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.kekRecipientInfo.version),
+ NSS_CMS_KEK_RECIPIENT_INFO_VERSION);
+ if (dummy == NULL)
+ goto loser;
+ break;
+ }
+
+done:
+ PORT_ArenaUnmark(poolp, mark);
+ if (freeSpki)
+ SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
+ return ri;
+
+loser:
+ if (ri && ri->cert) {
+ CERT_DestroyCertificate(ri->cert);
+ }
+ if (freeSpki) {
+ SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
+ }
+ PORT_ArenaRelease(poolp, mark);
+ if (cmsg->contentInfo.contentTypeTag == &fakeContent) {
+ NSS_CMSMessage_Destroy(cmsg);
+ }
+ return NULL;
+}
+
+/*
+ * NSS_CMSRecipientInfo_Create - create a recipientinfo
+ *
+ * we currently do not create KeyAgreement recipientinfos with multiple
+ * recipientEncryptedKeys the certificate is supposed to have been
+ * verified by the caller
+ */
+NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert)
+{
+ return nss_cmsrecipientinfo_create(cmsg, NSSCMSRecipientID_IssuerSN, cert,
+ NULL, NULL, NULL, NULL);
+}
+
+NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateNew(void *pwfn_arg)
+{
+ return nss_cmsrecipientinfo_create(NULL, NSSCMSRecipientID_BrandNew, NULL,
+ NULL, NULL, pwfn_arg, NULL);
+}
+
+NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateFromDER(SECItem *input, void *pwfn_arg)
+{
+ return nss_cmsrecipientinfo_create(NULL, NSSCMSRecipientID_BrandNew, NULL,
+ NULL, NULL, pwfn_arg, input);
+}
+
+NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg,
+ SECItem *subjKeyID,
+ SECKEYPublicKey *pubKey)
+{
+ return nss_cmsrecipientinfo_create(cmsg, NSSCMSRecipientID_SubjectKeyID,
+ NULL, pubKey, subjKeyID, NULL, NULL);
+}
+
+NSSCMSRecipientInfo *
+NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert(NSSCMSMessage *cmsg,
+ CERTCertificate *cert)
+{
+ SECKEYPublicKey *pubKey = NULL;
+ SECItem subjKeyID = { siBuffer, NULL, 0 };
+ NSSCMSRecipientInfo *retVal = NULL;
+
+ if (!cmsg || !cert) {
+ return NULL;
+ }
+ pubKey = CERT_ExtractPublicKey(cert);
+ if (!pubKey) {
+ goto done;
+ }
+ if (CERT_FindSubjectKeyIDExtension(cert, &subjKeyID) != SECSuccess ||
+ subjKeyID.data == NULL) {
+ goto done;
+ }
+ retVal = NSS_CMSRecipientInfo_CreateWithSubjKeyID(cmsg, &subjKeyID, pubKey);
+done:
+ if (pubKey)
+ SECKEY_DestroyPublicKey(pubKey);
+
+ if (subjKeyID.data)
+ SECITEM_FreeItem(&subjKeyID, PR_FALSE);
+
+ return retVal;
+}
+
+void
+NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri)
+{
+ if (!ri) {
+ return;
+ }
+ /* version was allocated on the pool, so no need to destroy it */
+ /* issuerAndSN was allocated on the pool, so no need to destroy it */
+ if (ri->cert != NULL)
+ CERT_DestroyCertificate(ri->cert);
+
+ if (nss_cmsrecipientinfo_usessubjectkeyid(ri)) {
+ NSSCMSKeyTransRecipientInfoEx *extra;
+ extra = &ri->ri.keyTransRecipientInfoEx;
+ if (extra->pubKey)
+ SECKEY_DestroyPublicKey(extra->pubKey);
+ }
+ if (ri->cmsg && ri->cmsg->contentInfo.contentTypeTag == &fakeContent) {
+ NSS_CMSMessage_Destroy(ri->cmsg);
+ }
+
+ /* we're done. */
+}
+
+int
+NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri)
+{
+ unsigned long version;
+ SECItem *versionitem = NULL;
+
+ switch (ri->recipientInfoType) {
+ case NSSCMSRecipientInfoID_KeyTrans:
+ /* ignore subIndex */
+ versionitem = &(ri->ri.keyTransRecipientInfo.version);
+ break;
+ case NSSCMSRecipientInfoID_KEK:
+ /* ignore subIndex */
+ versionitem = &(ri->ri.kekRecipientInfo.version);
+ break;
+ case NSSCMSRecipientInfoID_KeyAgree:
+ versionitem = &(ri->ri.keyAgreeRecipientInfo.version);
+ break;
+ }
+
+ PORT_Assert(versionitem);
+ if (versionitem == NULL)
+ return 0;
+
+ /* always take apart the SECItem */
+ if (SEC_ASN1DecodeInteger(versionitem, &version) != SECSuccess)
+ return 0;
+ else
+ return (int)version;
+}
+
+SECItem *
+NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex)
+{
+ SECItem *enckey = NULL;
+
+ switch (ri->recipientInfoType) {
+ case NSSCMSRecipientInfoID_KeyTrans:
+ /* ignore subIndex */
+ enckey = &(ri->ri.keyTransRecipientInfo.encKey);
+ break;
+ case NSSCMSRecipientInfoID_KEK:
+ /* ignore subIndex */
+ enckey = &(ri->ri.kekRecipientInfo.encKey);
+ break;
+ case NSSCMSRecipientInfoID_KeyAgree:
+ enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
+ break;
+ }
+ return enckey;
+}
+
+SECOidTag
+NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri)
+{
+ SECOidTag encalgtag = SEC_OID_UNKNOWN; /* an invalid encryption alg */
+
+ switch (ri->recipientInfoType) {
+ case NSSCMSRecipientInfoID_KeyTrans:
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
+ break;
+ case NSSCMSRecipientInfoID_KeyAgree:
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
+ break;
+ case NSSCMSRecipientInfoID_KEK:
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
+ break;
+ }
+ return encalgtag;
+}
+
+SECStatus
+NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey,
+ SECOidTag bulkalgtag)
+{
+ CERTCertificate *cert;
+ SECOidTag certalgtag;
+ SECStatus rv = SECSuccess;
+ NSSCMSRecipientEncryptedKey *rek;
+ NSSCMSOriginatorIdentifierOrKey *oiok;
+ CERTSubjectPublicKeyInfo *spki, *freeSpki = NULL;
+ PLArenaPool *poolp;
+ NSSCMSKeyTransRecipientInfoEx *extra = NULL;
+ PRBool usesSubjKeyID;
+
+ poolp = ri->cmsg->poolp;
+ cert = ri->cert;
+ usesSubjKeyID = nss_cmsrecipientinfo_usessubjectkeyid(ri);
+ if (cert) {
+ spki = &cert->subjectPublicKeyInfo;
+ } else if (usesSubjKeyID) {
+ extra = &ri->ri.keyTransRecipientInfoEx;
+ /* sanity check */
+ PORT_Assert(extra->pubKey);
+ if (!extra->pubKey) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ spki = freeSpki = SECKEY_CreateSubjectPublicKeyInfo(extra->pubKey);
+ } else {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* XXX set ri->recipientInfoType to the proper value here */
+ /* or should we look if it's been set already ? */
+
+ certalgtag = SECOID_GetAlgorithmTag(&spki->algorithm);
+ switch (certalgtag) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ /* wrap the symkey */
+ if (cert) {
+ rv = NSS_CMSUtil_EncryptSymKey_RSA(poolp, cert, bulkkey,
+ &ri->ri.keyTransRecipientInfo.encKey);
+ if (rv != SECSuccess)
+ break;
+ } else if (usesSubjKeyID) {
+ PORT_Assert(extra != NULL);
+ rv = NSS_CMSUtil_EncryptSymKey_RSAPubKey(poolp, extra->pubKey,
+ bulkkey, &ri->ri.keyTransRecipientInfo.encKey);
+ if (rv != SECSuccess)
+ break;
+ }
+
+ rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, NULL);
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
+ rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[0];
+ if (rek == NULL) {
+ rv = SECFailure;
+ break;
+ }
+
+ oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
+ PORT_Assert(oiok->identifierType == NSSCMSOriginatorIDOrKey_OriginatorPublicKey);
+
+ /* see RFC2630 12.3.1.1 */
+ if (SECOID_SetAlgorithmID(poolp, &oiok->id.originatorPublicKey.algorithmIdentifier,
+ SEC_OID_X942_DIFFIE_HELMAN_KEY, NULL) != SECSuccess) {
+ rv = SECFailure;
+ break;
+ }
+
+ /* this will generate a key pair, compute the shared secret, */
+ /* derive a key and ukm for the keyEncAlg out of it, encrypt the bulk key with */
+ /* the keyEncAlg, set encKey, keyEncAlg, publicKey etc. */
+ rv = NSS_CMSUtil_EncryptSymKey_ESDH(poolp, cert, bulkkey,
+ &rek->encKey,
+ &ri->ri.keyAgreeRecipientInfo.ukm,
+ &ri->ri.keyAgreeRecipientInfo.keyEncAlg,
+ &oiok->id.originatorPublicKey.publicKey);
+
+ break;
+ default:
+ /* other algorithms not supported yet */
+ /* NOTE that we do not support any KEK algorithm */
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ rv = SECFailure;
+ }
+ if (freeSpki)
+ SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
+
+ return rv;
+}
+
+PK11SymKey *
+NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
+ CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag)
+{
+ PK11SymKey *bulkkey = NULL;
+ SECOidTag encalgtag;
+ SECItem *enckey;
+ int error;
+
+ ri->cert = CERT_DupCertificate(cert);
+ /* mark the recipientInfo so we can find it later */
+
+ switch (ri->recipientInfoType) {
+ case NSSCMSRecipientInfoID_KeyTrans:
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
+ enckey = &(ri->ri.keyTransRecipientInfo.encKey); /* ignore subIndex */
+ switch (encalgtag) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ /* RSA encryption algorithm: */
+ /* get the symmetric (bulk) key by unwrapping it using our private key */
+ bulkkey = NSS_CMSUtil_DecryptSymKey_RSA(privkey, enckey, bulkalgtag);
+ break;
+ default:
+ error = SEC_ERROR_UNSUPPORTED_KEYALG;
+ goto loser;
+ }
+ break;
+ case NSSCMSRecipientInfoID_KeyAgree:
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
+ enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
+ switch (encalgtag) {
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ /* Diffie-Helman key exchange */
+ /* XXX not yet implemented */
+ /* XXX problem: SEC_OID_X942_DIFFIE_HELMAN_KEY points to a PKCS3 mechanism! */
+ /* we support ephemeral-static DH only, so if the recipientinfo */
+ /* has originator stuff in it, we punt (or do we? shouldn't be that hard...) */
+ /* first, we derive the KEK (a symkey!) using a Derive operation, then we get the */
+ /* content encryption key using a Unwrap op */
+ /* the derive operation has to generate the key using the algorithm in RFC2631 */
+ error = SEC_ERROR_UNSUPPORTED_KEYALG;
+ goto loser;
+ break;
+ default:
+ error = SEC_ERROR_UNSUPPORTED_KEYALG;
+ goto loser;
+ }
+ break;
+ case NSSCMSRecipientInfoID_KEK:
+ encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
+ enckey = &(ri->ri.kekRecipientInfo.encKey);
+ /* not supported yet */
+ error = SEC_ERROR_UNSUPPORTED_KEYALG;
+ goto loser;
+ break;
+ }
+ /* XXXX continue here */
+ return bulkkey;
+
+loser:
+ PORT_SetError(error);
+ return NULL;
+}
+
+SECStatus
+NSS_CMSRecipientInfo_GetCertAndKey(NSSCMSRecipientInfo *ri,
+ CERTCertificate **retcert,
+ SECKEYPrivateKey **retkey)
+{
+ CERTCertificate *cert = NULL;
+ NSSCMSRecipient **recipients = NULL;
+ NSSCMSRecipientInfo *recipientInfos[2];
+ SECStatus rv = SECSuccess;
+ SECKEYPrivateKey *key = NULL;
+
+ if (!ri)
+ return SECFailure;
+
+ if (!retcert && !retkey) {
+ /* nothing requested, nothing found, success */
+ return SECSuccess;
+ }
+
+ if (retcert) {
+ *retcert = NULL;
+ }
+ if (retkey) {
+ *retkey = NULL;
+ }
+
+ if (ri->cert) {
+ cert = CERT_DupCertificate(ri->cert);
+ if (!cert) {
+ rv = SECFailure;
+ }
+ }
+ if (SECSuccess == rv && !cert) {
+ /* we don't have the cert, we have to look for it */
+ /* first build an NSS_CMSRecipient */
+ recipientInfos[0] = ri;
+ recipientInfos[1] = NULL;
+
+ recipients = nss_cms_recipient_list_create(recipientInfos);
+ if (recipients) {
+ /* now look for the cert and key */
+ if (0 == PK11_FindCertAndKeyByRecipientListNew(recipients,
+ ri->cmsg->pwfn_arg)) {
+ cert = CERT_DupCertificate(recipients[0]->cert);
+ key = SECKEY_CopyPrivateKey(recipients[0]->privkey);
+ } else {
+ rv = SECFailure;
+ }
+
+ nss_cms_recipient_list_destroy(recipients);
+ } else {
+ rv = SECFailure;
+ }
+ } else if (SECSuccess == rv && cert && retkey) {
+ /* we have the cert, we just need the key now */
+ key = PK11_FindPrivateKeyFromCert(cert->slot, cert, ri->cmsg->pwfn_arg);
+ }
+ if (retcert) {
+ *retcert = cert;
+ } else {
+ if (cert) {
+ CERT_DestroyCertificate(cert);
+ }
+ }
+ if (retkey) {
+ *retkey = key;
+ } else {
+ if (key) {
+ SECKEY_DestroyPrivateKey(key);
+ }
+ }
+
+ return rv;
+}
+
+SECStatus
+NSS_CMSRecipientInfo_Encode(PLArenaPool *poolp,
+ const NSSCMSRecipientInfo *src,
+ SECItem *returned)
+{
+ extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
+ SECStatus rv = SECFailure;
+ if (!src || !returned) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ } else if (SEC_ASN1EncodeItem(poolp, returned, src,
+ NSSCMSRecipientInfoTemplate)) {
+ rv = SECSuccess;
+ }
+ return rv;
+}
diff --git a/security/nss/lib/smime/cmsreclist.c b/security/nss/lib/smime/cmsreclist.c
new file mode 100644
index 000000000..99d7e9087
--- /dev/null
+++ b/security/nss/lib/smime/cmsreclist.c
@@ -0,0 +1,170 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS recipient list functions
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+
+static int
+nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos,
+ NSSCMSRecipient **recipient_list)
+{
+ int count = 0;
+ int rlindex = 0;
+ int i, j;
+ NSSCMSRecipient *rle;
+ NSSCMSRecipientInfo *ri;
+ NSSCMSRecipientEncryptedKey *rek;
+
+ for (i = 0; recipientinfos[i] != NULL; i++) {
+ ri = recipientinfos[i];
+ switch (ri->recipientInfoType) {
+ case NSSCMSRecipientInfoID_KeyTrans:
+ if (recipient_list) {
+ NSSCMSRecipientIdentifier *recipId =
+ &ri->ri.keyTransRecipientInfo.recipientIdentifier;
+
+ if (recipId->identifierType != NSSCMSRecipientID_IssuerSN &&
+ recipId->identifierType != NSSCMSRecipientID_SubjectKeyID) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return -1;
+ }
+ /* alloc one & fill it out */
+ rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
+ if (!rle)
+ return -1;
+
+ rle->riIndex = i;
+ rle->subIndex = -1;
+ switch (recipId->identifierType) {
+ case NSSCMSRecipientID_IssuerSN:
+ rle->kind = RLIssuerSN;
+ rle->id.issuerAndSN = recipId->id.issuerAndSN;
+ break;
+ case NSSCMSRecipientID_SubjectKeyID:
+ rle->kind = RLSubjKeyID;
+ rle->id.subjectKeyID = recipId->id.subjectKeyID;
+ break;
+ default: /* we never get here because of identifierType check
+ we done before. Leaving it to kill compiler warning */
+ break;
+ }
+ recipient_list[rlindex++] = rle;
+ } else {
+ count++;
+ }
+ break;
+ case NSSCMSRecipientInfoID_KeyAgree:
+ if (ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys == NULL)
+ break;
+ for (j = 0; ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j] != NULL; j++) {
+ if (recipient_list) {
+ rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j];
+ /* alloc one & fill it out */
+ rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
+ if (!rle)
+ return -1;
+
+ rle->riIndex = i;
+ rle->subIndex = j;
+ switch (rek->recipientIdentifier.identifierType) {
+ case NSSCMSKeyAgreeRecipientID_IssuerSN:
+ rle->kind = RLIssuerSN;
+ rle->id.issuerAndSN = rek->recipientIdentifier.id.issuerAndSN;
+ break;
+ case NSSCMSKeyAgreeRecipientID_RKeyID:
+ rle->kind = RLSubjKeyID;
+ rle->id.subjectKeyID =
+ rek->recipientIdentifier.id.recipientKeyIdentifier.subjectKeyIdentifier;
+ break;
+ }
+ recipient_list[rlindex++] = rle;
+ } else {
+ count++;
+ }
+ }
+ break;
+ case NSSCMSRecipientInfoID_KEK:
+ /* KEK is not implemented */
+ break;
+ }
+ }
+ /* if we have a recipient list, we return on success (-1, above, on failure) */
+ /* otherwise, we return the count. */
+ if (recipient_list) {
+ recipient_list[rlindex] = NULL;
+ return 0;
+ } else {
+ return count;
+ }
+}
+
+NSSCMSRecipient **
+nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos)
+{
+ int count, rv;
+ NSSCMSRecipient **recipient_list;
+
+ /* count the number of recipient identifiers */
+ count = nss_cms_recipients_traverse(recipientinfos, NULL);
+ if (count <= 0) {
+ /* no recipients? */
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+#if 0
+ PORT_SetErrorString("Cannot find recipient data in envelope.");
+#endif
+ return NULL;
+ }
+
+ /* allocate an array of pointers */
+ recipient_list = (NSSCMSRecipient **)
+ PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *));
+ if (recipient_list == NULL)
+ return NULL;
+
+ /* now fill in the recipient_list */
+ rv = nss_cms_recipients_traverse(recipientinfos, recipient_list);
+ if (rv < 0) {
+ nss_cms_recipient_list_destroy(recipient_list);
+ return NULL;
+ }
+ return recipient_list;
+}
+
+void
+nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list)
+{
+ int i;
+ NSSCMSRecipient *recipient;
+
+ for (i = 0; recipient_list[i] != NULL; i++) {
+ recipient = recipient_list[i];
+ if (recipient->cert)
+ CERT_DestroyCertificate(recipient->cert);
+ if (recipient->privkey)
+ SECKEY_DestroyPrivateKey(recipient->privkey);
+ if (recipient->slot)
+ PK11_FreeSlot(recipient->slot);
+ PORT_Free(recipient);
+ }
+ PORT_Free(recipient_list);
+}
+
+NSSCMSRecipientEncryptedKey *
+NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp)
+{
+ return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp,
+ sizeof(NSSCMSRecipientEncryptedKey));
+}
diff --git a/security/nss/lib/smime/cmsreclist.h b/security/nss/lib/smime/cmsreclist.h
new file mode 100644
index 000000000..f424aca6e
--- /dev/null
+++ b/security/nss/lib/smime/cmsreclist.h
@@ -0,0 +1,27 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _CMSRECLIST_H
+#define _CMSRECLIST_H
+
+struct NSSCMSRecipientStr {
+ int riIndex; /* this recipient's index in recipientInfo array */
+ int subIndex; /* index into recipientEncryptedKeys */
+ /* (only in NSSCMSKeyAgreeRecipientInfoStr) */
+ enum { RLIssuerSN = 0,
+ RLSubjKeyID = 1 } kind; /* for conversion recipientinfos -> recipientlist */
+ union {
+ CERTIssuerAndSN* issuerAndSN;
+ SECItem* subjectKeyID;
+ } id;
+
+ /* result data (filled out for each recipient that's us) */
+ CERTCertificate* cert;
+ SECKEYPrivateKey* privkey;
+ PK11SlotInfo* slot;
+};
+
+typedef struct NSSCMSRecipientStr NSSCMSRecipient;
+
+#endif /* _CMSRECLIST_H */
diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c
new file mode 100644
index 000000000..7dd6ea4e5
--- /dev/null
+++ b/security/nss/lib/smime/cmssigdata.c
@@ -0,0 +1,1141 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS signedData methods.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+/*#include "cdbhdl.h"*/
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "secerr.h"
+
+NSSCMSSignedData *
+NSS_CMSSignedData_Create(NSSCMSMessage *cmsg)
+{
+ void *mark;
+ NSSCMSSignedData *sigd;
+ PLArenaPool *poolp;
+
+ if (!cmsg) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ sigd = (NSSCMSSignedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSSignedData));
+ if (sigd == NULL)
+ goto loser;
+
+ sigd->cmsg = cmsg;
+
+ /* signerInfos, certs, certlists, crls are all empty */
+ /* version is set in NSS_CMSSignedData_Finalize() */
+
+ PORT_ArenaUnmark(poolp, mark);
+ return sigd;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+void
+NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd)
+{
+ CERTCertificate **certs, **tempCerts, *cert;
+ CERTCertificateList **certlists, *certlist;
+ NSSCMSSignerInfo **signerinfos, *si;
+
+ if (sigd == NULL)
+ return;
+
+ certs = sigd->certs;
+ tempCerts = sigd->tempCerts;
+ certlists = sigd->certLists;
+ signerinfos = sigd->signerInfos;
+
+ if (certs != NULL) {
+ while ((cert = *certs++) != NULL)
+ CERT_DestroyCertificate(cert);
+ }
+
+ if (tempCerts != NULL) {
+ while ((cert = *tempCerts++) != NULL)
+ CERT_DestroyCertificate(cert);
+ }
+
+ if (certlists != NULL) {
+ while ((certlist = *certlists++) != NULL)
+ CERT_DestroyCertificateList(certlist);
+ }
+
+ if (signerinfos != NULL) {
+ while ((si = *signerinfos++) != NULL)
+ NSS_CMSSignerInfo_Destroy(si);
+ }
+
+ /* everything's in a pool, so don't worry about the storage */
+ NSS_CMSContentInfo_Destroy(&(sigd->contentInfo));
+}
+
+/*
+ * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
+ * before start of encoding.
+ *
+ * In detail:
+ * - find out about the right value to put into sigd->version
+ * - come up with a list of digestAlgorithms (which should be the union of the algorithms
+ * in the signerinfos).
+ * If we happen to have a pre-set list of algorithms (and digest values!), we
+ * check if we have all the signerinfos' algorithms. If not, this is an error.
+ */
+SECStatus
+NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd)
+{
+ NSSCMSSignerInfo *signerinfo;
+ SECOidTag digestalgtag;
+ SECItem *dummy;
+ int version;
+ SECStatus rv;
+ PRBool haveDigests = PR_FALSE;
+ int n, i;
+ PLArenaPool *poolp;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ poolp = sigd->cmsg->poolp;
+
+ /* we assume that we have precomputed digests if there is a list of algorithms, and */
+ /* a chunk of data for each of those algorithms */
+ if (sigd->digestAlgorithms != NULL && sigd->digests != NULL) {
+ for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
+ if (sigd->digests[i] == NULL)
+ break;
+ }
+ if (sigd->digestAlgorithms[i] == NULL) /* reached the end of the array? */
+ haveDigests = PR_TRUE; /* yes: we must have all the digests */
+ }
+
+ version = NSS_CMS_SIGNED_DATA_VERSION_BASIC;
+
+ /* RFC2630 5.1 "version is the syntax version number..." */
+ if (NSS_CMSContentInfo_GetContentTypeTag(&(sigd->contentInfo)) != SEC_OID_PKCS7_DATA)
+ version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
+
+ /* prepare all the SignerInfos (there may be none) */
+ for (i = 0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
+ signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
+
+ /* RFC2630 5.1 "version is the syntax version number..." */
+ if (NSS_CMSSignerInfo_GetVersion(signerinfo) != NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN)
+ version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
+
+ /* collect digestAlgorithms from SignerInfos */
+ /* (we need to know which algorithms we have when the content comes in) */
+ /* do not overwrite any existing digestAlgorithms (and digest) */
+ digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
+ n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+ if (n < 0 && haveDigests) {
+ /* oops, there is a digestalg we do not have a digest for */
+ /* but we were supposed to have all the digests already... */
+ goto loser;
+ } else if (n < 0) {
+ /* add the digestAlgorithm & a NULL digest */
+ rv = NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+ } else {
+ /* found it, nothing to do */
+ }
+ }
+
+ dummy = SEC_ASN1EncodeInteger(poolp, &(sigd->version), (long)version);
+ if (dummy == NULL)
+ return SECFailure;
+
+ /* this is a SET OF, so we need to sort them guys */
+ rv = NSS_CMSArray_SortByDER((void **)sigd->digestAlgorithms,
+ SEC_ASN1_GET(SECOID_AlgorithmIDTemplate),
+ (void **)sigd->digests);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd)
+{
+ SECStatus rv;
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ rv = NSS_CMSContentInfo_Private_Init(&sigd->contentInfo);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ /* set up the digests */
+ if (sigd->digests && sigd->digests[0]) {
+ sigd->contentInfo.privateInfo->digcx = NULL; /* don't attempt to make new ones. */
+ } else if (sigd->digestAlgorithms != NULL) {
+ sigd->contentInfo.privateInfo->digcx =
+ NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
+ if (sigd->contentInfo.privateInfo->digcx == NULL)
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - create the signatures in all the SignerInfos
+ *
+ * Please note that nothing is done to the Certificates and CRLs in the message - this
+ * is entirely the responsibility of our callers.
+ */
+SECStatus
+NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd)
+{
+ NSSCMSSignerInfo **signerinfos, *signerinfo;
+ NSSCMSContentInfo *cinfo;
+ SECOidTag digestalgtag;
+ SECStatus ret = SECFailure;
+ SECStatus rv;
+ SECItem *contentType;
+ int certcount;
+ int i, ci, cli, n, rci, si;
+ PLArenaPool *poolp;
+ CERTCertificateList *certlist;
+ extern const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ poolp = sigd->cmsg->poolp;
+ cinfo = &(sigd->contentInfo);
+
+ /* did we have digest calculation going on? */
+ if (cinfo->privateInfo && cinfo->privateInfo->digcx) {
+ rv = NSS_CMSDigestContext_FinishMultiple(cinfo->privateInfo->digcx, poolp,
+ &(sigd->digests));
+ /* error has been set by NSS_CMSDigestContext_FinishMultiple */
+ cinfo->privateInfo->digcx = NULL;
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ signerinfos = sigd->signerInfos;
+ certcount = 0;
+
+ /* prepare all the SignerInfos (there may be none) */
+ for (i = 0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
+ signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
+
+ /* find correct digest for this signerinfo */
+ digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
+ n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+ if (n < 0 || sigd->digests == NULL || sigd->digests[n] == NULL) {
+ /* oops - digest not found */
+ PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
+ goto loser;
+ }
+
+ /* XXX if our content is anything else but data, we need to force the
+ * presence of signed attributes (RFC2630 5.3 "signedAttributes is a
+ * collection...") */
+
+ /* pass contentType here as we want a contentType attribute */
+ if ((contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo)) == NULL)
+ goto loser;
+
+ /* sign the thing */
+ rv = NSS_CMSSignerInfo_Sign(signerinfo, sigd->digests[n], contentType);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* while we're at it, count number of certs in certLists */
+ certlist = NSS_CMSSignerInfo_GetCertList(signerinfo);
+ if (certlist)
+ certcount += certlist->len;
+ }
+
+ /* this is a SET OF, so we need to sort them guys */
+ rv = NSS_CMSArray_SortByDER((void **)signerinfos, NSSCMSSignerInfoTemplate, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * now prepare certs & crls
+ */
+
+ /* count the rest of the certs */
+ if (sigd->certs != NULL) {
+ for (ci = 0; sigd->certs[ci] != NULL; ci++)
+ certcount++;
+ }
+
+ if (sigd->certLists != NULL) {
+ for (cli = 0; sigd->certLists[cli] != NULL; cli++)
+ certcount += sigd->certLists[cli]->len;
+ }
+
+ if (certcount == 0) {
+ sigd->rawCerts = NULL;
+ } else {
+ /*
+ * Combine all of the certs and cert chains into rawcerts.
+ * Note: certcount is an upper bound; we may not need that many slots
+ * but we will allocate anyway to avoid having to do another pass.
+ * (The temporary space saving is not worth it.)
+ *
+ * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
+ * SetOfDERcertficates implementation
+ */
+ sigd->rawCerts = (SECItem **)PORT_ArenaAlloc(poolp, (certcount + 1) * sizeof(SECItem *));
+ if (sigd->rawCerts == NULL)
+ return SECFailure;
+
+ /*
+ * XXX Want to check for duplicates and not add *any* cert that is
+ * already in the set. This will be more important when we start
+ * dealing with larger sets of certs, dual-key certs (signing and
+ * encryption), etc. For the time being we can slide by...
+ *
+ * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
+ * SetOfDERcertficates implementation
+ */
+ rci = 0;
+ if (signerinfos != NULL) {
+ for (si = 0; signerinfos[si] != NULL; si++) {
+ signerinfo = signerinfos[si];
+ for (ci = 0; ci < signerinfo->certList->len; ci++)
+ sigd->rawCerts[rci++] = &(signerinfo->certList->certs[ci]);
+ }
+ }
+
+ if (sigd->certs != NULL) {
+ for (ci = 0; sigd->certs[ci] != NULL; ci++)
+ sigd->rawCerts[rci++] = &(sigd->certs[ci]->derCert);
+ }
+
+ if (sigd->certLists != NULL) {
+ for (cli = 0; sigd->certLists[cli] != NULL; cli++) {
+ for (ci = 0; ci < sigd->certLists[cli]->len; ci++)
+ sigd->rawCerts[rci++] = &(sigd->certLists[cli]->certs[ci]);
+ }
+ }
+
+ sigd->rawCerts[rci] = NULL;
+
+ /* this is a SET OF, so we need to sort them guys - we have the DER already, though */
+ NSS_CMSArray_Sort((void **)sigd->rawCerts, NSS_CMSUtil_DERCompare, NULL, NULL);
+ }
+
+ ret = SECSuccess;
+
+loser:
+ return ret;
+}
+
+SECStatus
+NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
+{
+ SECStatus rv;
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ rv = NSS_CMSContentInfo_Private_Init(&sigd->contentInfo);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ /* handle issue with Windows 2003 servers and kerberos */
+ if (sigd->digestAlgorithms != NULL) {
+ int i;
+ for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
+ SECAlgorithmID *algid = sigd->digestAlgorithms[i];
+ SECOidTag senttag = SECOID_FindOIDTag(&algid->algorithm);
+ SECOidTag maptag = NSS_CMSUtil_MapSignAlgs(senttag);
+
+ if (maptag != senttag) {
+ SECOidData *hashoid = SECOID_FindOIDByTag(maptag);
+ rv = SECITEM_CopyItem(sigd->cmsg->poolp, &algid->algorithm, &hashoid->oid);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ }
+ }
+
+ /* set up the digests */
+ if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
+ /* if digests are already there, do nothing */
+ sigd->contentInfo.privateInfo->digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
+ if (sigd->contentInfo.privateInfo->digcx == NULL)
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a
+ * SignedData after all the encapsulated data was passed through the decoder.
+ */
+SECStatus
+NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd)
+{
+ SECStatus rv = SECSuccess;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* did we have digest calculation going on? */
+ if (sigd->contentInfo.privateInfo && sigd->contentInfo.privateInfo->digcx) {
+ rv = NSS_CMSDigestContext_FinishMultiple(sigd->contentInfo.privateInfo->digcx,
+ sigd->cmsg->poolp, &(sigd->digests));
+ /* error set by NSS_CMSDigestContext_FinishMultiple */
+ sigd->contentInfo.privateInfo->digcx = NULL;
+ }
+ return rv;
+}
+
+/*
+ * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
+ * after all decoding is finished.
+ */
+SECStatus
+NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd)
+{
+ NSSCMSSignerInfo **signerinfos = NULL;
+ int i;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* set cmsg for all the signerinfos */
+ signerinfos = sigd->signerInfos;
+
+ /* set cmsg for all the signerinfos */
+ if (signerinfos) {
+ for (i = 0; signerinfos[i] != NULL; i++)
+ signerinfos[i]->cmsg = sigd->cmsg;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
+ */
+NSSCMSSignerInfo **
+NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ return sigd->signerInfos;
+}
+
+int
+NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return 0;
+ }
+ return NSS_CMSArray_Count((void **)sigd->signerInfos);
+}
+
+NSSCMSSignerInfo *
+NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ return sigd->signerInfos[i];
+}
+
+/*
+ * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
+ */
+SECAlgorithmID **
+NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ return sigd->digestAlgorithms;
+}
+
+/*
+ * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
+ */
+NSSCMSContentInfo *
+NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ return &(sigd->contentInfo);
+}
+
+/*
+ * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
+ */
+SECItem **
+NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ return sigd->rawCerts;
+}
+
+SECStatus
+NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
+ SECCertUsage certusage, PRBool keepcerts)
+{
+ int certcount;
+ CERTCertificate **certArray = NULL;
+ CERTCertList *certList = NULL;
+ CERTCertListNode *node;
+ SECStatus rv;
+ SECItem **rawArray;
+ int i;
+ PRTime now;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
+
+ /* get the certs in the temp DB */
+ rv = CERT_ImportCerts(certdb, certusage, certcount, sigd->rawCerts,
+ &certArray, PR_FALSE, PR_FALSE, NULL);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* save the certs so they don't get destroyed */
+ for (i = 0; i < certcount; i++) {
+ CERTCertificate *cert = certArray[i];
+ if (cert)
+ NSS_CMSSignedData_AddTempCertificate(sigd, cert);
+ }
+
+ if (!keepcerts) {
+ goto done;
+ }
+
+ /* build a CertList for filtering */
+ certList = CERT_NewCertList();
+ if (certList == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ for (i = 0; i < certcount; i++) {
+ CERTCertificate *cert = certArray[i];
+ if (cert)
+ cert = CERT_DupCertificate(cert);
+ if (cert)
+ CERT_AddCertToListTail(certList, cert);
+ }
+
+ /* filter out the certs we don't want */
+ rv = CERT_FilterCertListByUsage(certList, certusage, PR_FALSE);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* go down the remaining list of certs and verify that they have
+ * valid chains, then import them.
+ */
+ now = PR_Now();
+ for (node = CERT_LIST_HEAD(certList); !CERT_LIST_END(node, certList);
+ node = CERT_LIST_NEXT(node)) {
+ CERTCertificateList *certChain;
+
+ if (CERT_VerifyCert(certdb, node->cert,
+ PR_TRUE, certusage, now, NULL, NULL) != SECSuccess) {
+ continue;
+ }
+
+ certChain = CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
+ if (!certChain) {
+ continue;
+ }
+
+ /*
+ * CertChain returns an array of SECItems, import expects an array of
+ * SECItem pointers. Create the SECItem Pointers from the array of
+ * SECItems.
+ */
+ rawArray = (SECItem **)PORT_Alloc(certChain->len * sizeof(SECItem *));
+ if (!rawArray) {
+ CERT_DestroyCertificateList(certChain);
+ continue;
+ }
+ for (i = 0; i < certChain->len; i++) {
+ rawArray[i] = &certChain->certs[i];
+ }
+ (void)CERT_ImportCerts(certdb, certusage, certChain->len,
+ rawArray, NULL, keepcerts, PR_FALSE, NULL);
+ PORT_Free(rawArray);
+ CERT_DestroyCertificateList(certChain);
+ }
+
+ rv = SECSuccess;
+
+/* XXX CRL handling */
+
+done:
+ if (sigd->signerInfos != NULL) {
+ /* fill in all signerinfo's certs */
+ for (i = 0; sigd->signerInfos[i] != NULL; i++)
+ (void)NSS_CMSSignerInfo_GetSigningCertificate(
+ sigd->signerInfos[i], certdb);
+ }
+
+loser:
+ /* now free everything */
+ if (certArray) {
+ CERT_DestroyCertArray(certArray, certcount);
+ }
+ if (certList) {
+ CERT_DestroyCertList(certList);
+ }
+
+ return rv;
+}
+
+/*
+ * XXX the digests need to be passed in BETWEEN the decoding and the verification in case
+ * of external signatures!
+ */
+
+/*
+ * NSS_CMSSignedData_VerifySignerInfo - check the signatures.
+ *
+ * The digests were either calculated during decoding (and are stored in the
+ * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
+ *
+ * The verification checks if the signing cert is valid and has a trusted chain
+ * for the purpose specified by "certusage".
+ */
+SECStatus
+NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i,
+ CERTCertDBHandle *certdb, SECCertUsage certusage)
+{
+ NSSCMSSignerInfo *signerinfo;
+ NSSCMSContentInfo *cinfo;
+ SECOidData *algiddata;
+ SECItem *contentType, *digest;
+ SECOidTag oidTag;
+ SECStatus rv;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ cinfo = &(sigd->contentInfo);
+
+ signerinfo = sigd->signerInfos[i];
+
+ /* verify certificate */
+ rv = NSS_CMSSignerInfo_VerifyCertificate(signerinfo, certdb, certusage);
+ if (rv != SECSuccess)
+ return rv; /* error is set */
+
+ /* find digest and contentType for signerinfo */
+ algiddata = NSS_CMSSignerInfo_GetDigestAlg(signerinfo);
+ oidTag = algiddata ? algiddata->offset : SEC_OID_UNKNOWN;
+ digest = NSS_CMSSignedData_GetDigestValue(sigd, oidTag);
+ /* NULL digest is acceptable. */
+ contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo);
+ /* NULL contentType is acceptable. */
+
+ /* now verify signature */
+ rv = NSS_CMSSignerInfo_Verify(signerinfo, digest, contentType);
+ return rv;
+}
+
+/*
+ * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
+ */
+SECStatus
+NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
+ CERTCertDBHandle *certdb,
+ SECCertUsage usage)
+{
+ CERTCertificate *cert;
+ SECStatus rv = SECSuccess;
+ int i;
+ int count;
+ PRTime now;
+ void *pwarg = NULL;
+
+ if (!sigd || !certdb || !sigd->rawCerts) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ count = NSS_CMSArray_Count((void **)sigd->rawCerts);
+ now = PR_Now();
+ for (i = 0; i < count; i++) {
+ if (sigd->certs && sigd->certs[i]) {
+ cert = CERT_DupCertificate(sigd->certs[i]);
+ } else {
+ cert = CERT_FindCertByDERCert(certdb, sigd->rawCerts[i]);
+ if (!cert) {
+ rv = SECFailure;
+ break;
+ }
+ }
+ if (sigd->cmsg) {
+ pwarg = sigd->cmsg->pwfn_arg;
+ }
+ rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, now,
+ pwarg, NULL);
+ CERT_DestroyCertificate(cert);
+ }
+
+ return rv;
+}
+
+/*
+ * NSS_CMSSignedData_HasDigests - see if we have digests in place
+ */
+PRBool
+NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return PR_FALSE;
+ }
+ return (sigd->digests != NULL);
+}
+
+SECStatus
+NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist)
+{
+ SECStatus rv;
+
+ if (!sigd || !certlist) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* XXX memory?? a certlist has an arena of its own and is not refcounted!?!? */
+ rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certLists), (void *)certlist);
+
+ return rv;
+}
+
+/*
+ * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs
+ */
+SECStatus
+NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert)
+{
+ CERTCertificateList *certlist;
+ SECCertUsage usage;
+ SECStatus rv;
+
+ usage = certUsageEmailSigner;
+
+ if (!sigd || !cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* do not include root */
+ certlist = CERT_CertChainFromCert(cert, usage, PR_FALSE);
+ if (certlist == NULL)
+ return SECFailure;
+
+ rv = NSS_CMSSignedData_AddCertList(sigd, certlist);
+
+ return rv;
+}
+
+extern SECStatus
+NSS_CMSSignedData_AddTempCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
+{
+ CERTCertificate *c;
+ SECStatus rv;
+
+ if (!sigd || !cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ c = CERT_DupCertificate(cert);
+ rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->tempCerts), (void *)c);
+ return rv;
+}
+
+SECStatus
+NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
+{
+ CERTCertificate *c;
+ SECStatus rv;
+
+ if (!sigd || !cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ c = CERT_DupCertificate(cert);
+ rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certs), (void *)c);
+ return rv;
+}
+
+PRBool
+NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd)
+{
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return PR_FALSE;
+ }
+ if (sigd->rawCerts != NULL && sigd->rawCerts[0] != NULL)
+ return PR_TRUE;
+ else if (sigd->crls != NULL && sigd->crls[0] != NULL)
+ return PR_TRUE;
+ else
+ return PR_FALSE;
+}
+
+SECStatus
+NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
+ NSSCMSSignerInfo *signerinfo)
+{
+ void *mark;
+ SECStatus rv;
+ SECOidTag digestalgtag;
+ PLArenaPool *poolp;
+
+ if (!sigd || !signerinfo) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ poolp = sigd->cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* add signerinfo */
+ rv = NSS_CMSArray_Add(poolp, (void ***)&(sigd->signerInfos), (void *)signerinfo);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * add empty digest
+ * Empty because we don't have it yet. Either it gets created during encoding
+ * (if the data is present) or has to be set externally.
+ * XXX maybe pass it in optionally?
+ */
+ digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
+ rv = NSS_CMSSignedData_SetDigestValue(sigd, digestalgtag, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * The last thing to get consistency would be adding the digest.
+ */
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSSignedData_SetDigests - set a signedData's digests member
+ *
+ * "digestalgs" - array of digest algorithm IDs
+ * "digests" - array of digests corresponding to the digest algorithms
+ */
+SECStatus
+NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
+ SECAlgorithmID **digestalgs,
+ SECItem **digests)
+{
+ int cnt, i, idx;
+
+ if (!sigd || !digestalgs || !digests) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (sigd->digestAlgorithms == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* we assume that the digests array is just not there yet */
+ PORT_Assert(sigd->digests == NULL);
+ if (sigd->digests != NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /* now allocate one (same size as digestAlgorithms) */
+ cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
+ sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
+ if (sigd->digests == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
+ /* try to find the sigd's i'th digest algorithm in the array we passed in */
+ idx = NSS_CMSAlgArray_GetIndexByAlgID(digestalgs, sigd->digestAlgorithms[i]);
+ if (idx < 0) {
+ PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
+ return SECFailure;
+ }
+ if (!digests[idx]) {
+ /* We have no digest for this algorithm, probably because it is
+ ** unrecognized or unsupported. We'll ignore this here. If this
+ ** digest is needed later, an error will be be generated then.
+ */
+ continue;
+ }
+
+ /* found it - now set it */
+ if ((sigd->digests[i] = SECITEM_AllocItem(sigd->cmsg->poolp, NULL, 0)) == NULL ||
+ SECITEM_CopyItem(sigd->cmsg->poolp, sigd->digests[i], digests[idx]) != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
+ SECOidTag digestalgtag,
+ SECItem *digestdata)
+{
+ SECItem *digest = NULL;
+ PLArenaPool *poolp;
+ void *mark;
+ int n, cnt;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ poolp = sigd->cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ if (digestdata) {
+ digest = (SECItem *)PORT_ArenaZAlloc(poolp, sizeof(SECItem));
+
+ /* copy digestdata item to arena (in case we have it and are not only making room) */
+ if (SECITEM_CopyItem(poolp, digest, digestdata) != SECSuccess)
+ goto loser;
+ }
+
+ /* now allocate one (same size as digestAlgorithms) */
+ if (sigd->digests == NULL) {
+ cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
+ sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
+ if (sigd->digests == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ }
+
+ n = -1;
+ if (sigd->digestAlgorithms != NULL)
+ n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+
+ /* if not found, add a digest */
+ if (n < 0) {
+ if (NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, digest) != SECSuccess)
+ goto loser;
+ } else {
+ /* replace NULL pointer with digest item (and leak previous value) */
+ sigd->digests[n] = digest;
+ }
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSSignedData_AddDigest(PLArenaPool *poolp,
+ NSSCMSSignedData *sigd,
+ SECOidTag digestalgtag,
+ SECItem *digest)
+{
+ SECAlgorithmID *digestalg;
+ void *mark;
+
+ if (!sigd || !poolp) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ mark = PORT_ArenaMark(poolp);
+
+ digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
+ if (digestalg == NULL)
+ goto loser;
+
+ if (SECOID_SetAlgorithmID(poolp, digestalg, digestalgtag, NULL) != SECSuccess) /* no params */
+ goto loser;
+
+ if (NSS_CMSArray_Add(poolp, (void ***)&(sigd->digestAlgorithms),
+ (void *)digestalg) != SECSuccess ||
+ /* even if digest is NULL, add dummy to have same-size array */
+ NSS_CMSArray_Add(poolp, (void ***)&(sigd->digests),
+ (void *)digest) != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/* XXX This function doesn't set the error code on failure. */
+SECItem *
+NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag)
+{
+ int n;
+
+ if (!sigd) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (sigd->digestAlgorithms == NULL || sigd->digests == NULL) {
+ PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
+ return NULL;
+ }
+
+ n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+
+ return (n < 0) ? NULL : sigd->digests[n];
+}
+
+/* =============================================================================
+ * Misc. utility functions
+ */
+
+/*
+ * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
+ *
+ * cert - base certificates that will be included
+ * include_chain - if true, include the complete cert chain for cert
+ *
+ * More certs and chains can be added via AddCertificate and AddCertChain.
+ *
+ * An error results in a return value of NULL and an error set.
+ *
+ * XXXX CRLs
+ */
+NSSCMSSignedData *
+NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain)
+{
+ NSSCMSSignedData *sigd;
+ void *mark;
+ PLArenaPool *poolp;
+ SECStatus rv;
+
+ if (!cmsg || !cert) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ poolp = cmsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+
+ sigd = NSS_CMSSignedData_Create(cmsg);
+ if (sigd == NULL)
+ goto loser;
+
+ /* no signerinfos, thus no digestAlgorithms */
+
+ /* but certs */
+ if (include_chain) {
+ rv = NSS_CMSSignedData_AddCertChain(sigd, cert);
+ } else {
+ rv = NSS_CMSSignedData_AddCertificate(sigd, cert);
+ }
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* RFC2630 5.2 sez:
+ * In the degenerate case where there are no signers, the
+ * EncapsulatedContentInfo value being "signed" is irrelevant. In this
+ * case, the content type within the EncapsulatedContentInfo value being
+ * "signed" should be id-data (as defined in section 4), and the content
+ * field of the EncapsulatedContentInfo value should be omitted.
+ */
+ rv = NSS_CMSContentInfo_SetContent_Data(cmsg, &(sigd->contentInfo), NULL, PR_TRUE);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return sigd;
+
+loser:
+ if (sigd)
+ NSS_CMSSignedData_Destroy(sigd);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/* TODO:
+ * NSS_CMSSignerInfo_GetReceiptRequest()
+ * NSS_CMSSignedData_HasReceiptRequest()
+ * easy way to iterate over signers
+ */
diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c
new file mode 100644
index 000000000..ce4f87c0a
--- /dev/null
+++ b/security/nss/lib/smime/cmssiginfo.c
@@ -0,0 +1,1024 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS signerInfo methods.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+#include "secder.h"
+#include "cryptohi.h"
+
+#include "smime.h"
+
+/* =============================================================================
+ * SIGNERINFO
+ */
+NSSCMSSignerInfo *
+nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type,
+ CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey,
+ SECKEYPrivateKey *signingKey, SECOidTag digestalgtag);
+
+NSSCMSSignerInfo *
+NSS_CMSSignerInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg, SECItem *subjKeyID,
+ SECKEYPublicKey *pubKey,
+ SECKEYPrivateKey *signingKey, SECOidTag digestalgtag)
+{
+ return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_SubjectKeyID, NULL,
+ subjKeyID, pubKey, signingKey, digestalgtag);
+}
+
+NSSCMSSignerInfo *
+NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag)
+{
+ return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_IssuerSN, cert, NULL,
+ NULL, NULL, digestalgtag);
+}
+
+NSSCMSSignerInfo *
+nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type,
+ CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey,
+ SECKEYPrivateKey *signingKey, SECOidTag digestalgtag)
+{
+ void *mark;
+ NSSCMSSignerInfo *signerinfo;
+ int version;
+ PLArenaPool *poolp;
+ SECStatus rv;
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ signerinfo = (NSSCMSSignerInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSSignerInfo));
+ if (signerinfo == NULL) {
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+ }
+
+ signerinfo->cmsg = cmsg;
+
+ switch (type) {
+ case NSSCMSSignerID_IssuerSN:
+ signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_IssuerSN;
+ if ((signerinfo->cert = CERT_DupCertificate(cert)) == NULL)
+ goto loser;
+ if ((signerinfo->signerIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL)
+ goto loser;
+ break;
+ case NSSCMSSignerID_SubjectKeyID:
+ signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_SubjectKeyID;
+ PORT_Assert(subjKeyID);
+ if (!subjKeyID)
+ goto loser;
+
+ signerinfo->signerIdentifier.id.subjectKeyID = PORT_ArenaNew(poolp, SECItem);
+ rv = SECITEM_CopyItem(poolp, signerinfo->signerIdentifier.id.subjectKeyID,
+ subjKeyID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ signerinfo->signingKey = SECKEY_CopyPrivateKey(signingKey);
+ if (!signerinfo->signingKey)
+ goto loser;
+ signerinfo->pubKey = SECKEY_CopyPublicKey(pubKey);
+ if (!signerinfo->pubKey)
+ goto loser;
+ break;
+ default:
+ goto loser;
+ }
+
+ /* set version right now */
+ version = NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN;
+ /* RFC2630 5.3 "version is the syntax version number. If the .... " */
+ if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID)
+ version = NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY;
+ (void)SEC_ASN1EncodeInteger(poolp, &(signerinfo->version), (long)version);
+
+ if (SECOID_SetAlgorithmID(poolp, &signerinfo->digestAlg, digestalgtag, NULL) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return signerinfo;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/*
+ * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
+ */
+void
+NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si)
+{
+ if (si->cert != NULL)
+ CERT_DestroyCertificate(si->cert);
+
+ if (si->certList != NULL)
+ CERT_DestroyCertificateList(si->certList);
+
+ /* XXX storage ??? */
+}
+
+/*
+ * NSS_CMSSignerInfo_Sign - sign something
+ *
+ */
+SECStatus
+NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest,
+ SECItem *contentType)
+{
+ CERTCertificate *cert;
+ SECKEYPrivateKey *privkey = NULL;
+ SECOidTag digestalgtag;
+ SECOidTag pubkAlgTag;
+ SECItem signature = { 0 };
+ SECStatus rv;
+ PLArenaPool *poolp, *tmppoolp = NULL;
+ SECAlgorithmID *algID, freeAlgID;
+ CERTSubjectPublicKeyInfo *spki;
+
+ PORT_Assert(digest != NULL);
+
+ poolp = signerinfo->cmsg->poolp;
+
+ switch (signerinfo->signerIdentifier.identifierType) {
+ case NSSCMSSignerID_IssuerSN:
+ cert = signerinfo->cert;
+
+ privkey = PK11_FindKeyByAnyCert(cert, signerinfo->cmsg->pwfn_arg);
+ if (privkey == NULL)
+ goto loser;
+ algID = &cert->subjectPublicKeyInfo.algorithm;
+ break;
+ case NSSCMSSignerID_SubjectKeyID:
+ privkey = signerinfo->signingKey;
+ signerinfo->signingKey = NULL;
+ spki = SECKEY_CreateSubjectPublicKeyInfo(signerinfo->pubKey);
+ SECKEY_DestroyPublicKey(signerinfo->pubKey);
+ signerinfo->pubKey = NULL;
+ SECOID_CopyAlgorithmID(NULL, &freeAlgID, &spki->algorithm);
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ algID = &freeAlgID;
+ break;
+ default:
+ goto loser;
+ }
+ digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
+ /*
+ * XXX I think there should be a cert-level interface for this,
+ * so that I do not have to know about subjectPublicKeyInfo...
+ */
+ pubkAlgTag = SECOID_GetAlgorithmTag(algID);
+ if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID) {
+ SECOID_DestroyAlgorithmID(&freeAlgID, PR_FALSE);
+ }
+
+ if (signerinfo->authAttr != NULL) {
+ SECOidTag signAlgTag;
+ SECItem encoded_attrs;
+
+ /* find and fill in the message digest attribute. */
+ rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr),
+ SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE);
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (contentType != NULL) {
+ /* if the caller wants us to, find and fill in the content type attribute. */
+ rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr),
+ SEC_OID_PKCS9_CONTENT_TYPE, contentType, PR_FALSE);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ if ((tmppoolp = PORT_NewArena(1024)) == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /*
+ * Before encoding, reorder the attributes so that when they
+ * are encoded, they will be conforming DER, which is required
+ * to have a specific order and that is what must be used for
+ * the hash/signature. We do this here, rather than building
+ * it into EncodeAttributes, because we do not want to do
+ * such reordering on incoming messages (which also uses
+ * EncodeAttributes) or our old signatures (and other "broken"
+ * implementations) will not verify. So, we want to guarantee
+ * that we send out good DER encodings of attributes, but not
+ * to expect to receive them.
+ */
+ if (NSS_CMSAttributeArray_Reorder(signerinfo->authAttr) != SECSuccess)
+ goto loser;
+
+ encoded_attrs.data = NULL;
+ encoded_attrs.len = 0;
+ if (NSS_CMSAttributeArray_Encode(tmppoolp, &(signerinfo->authAttr),
+ &encoded_attrs) == NULL)
+ goto loser;
+
+ signAlgTag = SEC_GetSignatureAlgorithmOidTag(privkey->keyType,
+ digestalgtag);
+ if (signAlgTag == SEC_OID_UNKNOWN) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ goto loser;
+ }
+
+ rv = SEC_SignData(&signature, encoded_attrs.data, encoded_attrs.len,
+ privkey, signAlgTag);
+ PORT_FreeArena(tmppoolp, PR_FALSE); /* awkward memory management :-( */
+ tmppoolp = 0;
+ } else {
+ rv = SGN_Digest(privkey, digestalgtag, &signature, digest);
+ }
+ SECKEY_DestroyPrivateKey(privkey);
+ privkey = NULL;
+
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature) != SECSuccess)
+ goto loser;
+
+ SECITEM_FreeItem(&signature, PR_FALSE);
+
+ if (SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg), pubkAlgTag,
+ NULL) != SECSuccess)
+ goto loser;
+
+ return SECSuccess;
+
+loser:
+ if (signature.len != 0)
+ SECITEM_FreeItem(&signature, PR_FALSE);
+ if (privkey)
+ SECKEY_DestroyPrivateKey(privkey);
+ if (tmppoolp)
+ PORT_FreeArena(tmppoolp, PR_FALSE);
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
+ SECCertUsage certusage)
+{
+ CERTCertificate *cert;
+ PRTime stime;
+
+ if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb)) == NULL) {
+ signerinfo->verificationStatus = NSSCMSVS_SigningCertNotFound;
+ return SECFailure;
+ }
+
+ /*
+ * Get and convert the signing time; if available, it will be used
+ * both on the cert verification and for importing the sender
+ * email profile.
+ */
+ if (NSS_CMSSignerInfo_GetSigningTime(signerinfo, &stime) != SECSuccess)
+ stime = PR_Now(); /* not found or conversion failed, so check against now */
+
+ /*
+ * XXX This uses the signing time, if available. Additionally, we
+ * might want to, if there is no signing time, get the message time
+ * from the mail header itself, and use that. That would require
+ * a change to our interface though, and for S/MIME callers to pass
+ * in a time (and for non-S/MIME callers to pass in nothing, or
+ * maybe make them pass in the current time, always?).
+ */
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime,
+ signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
+ signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted;
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
+ *
+ * Just verifies the signature. The assumption is that verification of
+ * the certificate is done already.
+ */
+SECStatus
+NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo,
+ SECItem *digest, /* may be NULL */
+ SECItem *contentType) /* may be NULL */
+{
+ SECKEYPublicKey *publickey = NULL;
+ NSSCMSAttribute *attr;
+ SECItem encoded_attrs;
+ CERTCertificate *cert;
+ NSSCMSVerificationStatus vs = NSSCMSVS_Unverified;
+ PLArenaPool *poolp;
+ SECOidTag digestalgtag;
+ SECOidTag pubkAlgTag;
+
+ if (signerinfo == NULL)
+ return SECFailure;
+
+ /* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL
+ ** and cert has not been verified
+ */
+ cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL);
+ if (cert == NULL) {
+ vs = NSSCMSVS_SigningCertNotFound;
+ goto loser;
+ }
+
+ if ((publickey = CERT_ExtractPublicKey(cert)) == NULL) {
+ vs = NSSCMSVS_ProcessingError;
+ goto loser;
+ }
+
+ digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
+ pubkAlgTag = SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg));
+ if ((pubkAlgTag == SEC_OID_UNKNOWN) || (digestalgtag == SEC_OID_UNKNOWN)) {
+ vs = NSSCMSVS_SignatureAlgorithmUnknown;
+ goto loser;
+ }
+
+ if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
+ if (contentType) {
+ /*
+ * Check content type
+ *
+ * RFC2630 sez that if there are any authenticated attributes,
+ * then there must be one for content type which matches the
+ * content type of the content being signed, and there must
+ * be one for message digest which matches our message digest.
+ * So check these things first.
+ */
+ attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
+ SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE);
+ if (attr == NULL) {
+ vs = NSSCMSVS_MalformedSignature;
+ goto loser;
+ }
+
+ if (NSS_CMSAttribute_CompareValue(attr, contentType) == PR_FALSE) {
+ vs = NSSCMSVS_MalformedSignature;
+ goto loser;
+ }
+ }
+
+ /*
+ * Check digest
+ */
+ attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
+ SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE);
+ if (attr == NULL) {
+ vs = NSSCMSVS_MalformedSignature;
+ goto loser;
+ }
+ if (!digest ||
+ NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) {
+ vs = NSSCMSVS_DigestMismatch;
+ goto loser;
+ }
+
+ if ((poolp = PORT_NewArena(1024)) == NULL) {
+ vs = NSSCMSVS_ProcessingError;
+ goto loser;
+ }
+
+ /*
+ * Check signature
+ *
+ * The signature is based on a digest of the DER-encoded authenticated
+ * attributes. So, first we encode and then we digest/verify.
+ * we trust the decoder to have the attributes in the right (sorted)
+ * order
+ */
+ encoded_attrs.data = NULL;
+ encoded_attrs.len = 0;
+
+ if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr),
+ &encoded_attrs) == NULL ||
+ encoded_attrs.data == NULL || encoded_attrs.len == 0) {
+ PORT_FreeArena(poolp, PR_FALSE);
+ vs = NSSCMSVS_ProcessingError;
+ goto loser;
+ }
+
+ vs = (VFY_VerifyDataDirect(encoded_attrs.data, encoded_attrs.len,
+ publickey, &(signerinfo->encDigest), pubkAlgTag,
+ digestalgtag, NULL, signerinfo->cmsg->pwfn_arg) != SECSuccess)
+ ? NSSCMSVS_BadSignature
+ : NSSCMSVS_GoodSignature;
+
+ PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */
+
+ } else {
+ SECItem *sig;
+
+ /* No authenticated attributes.
+ ** The signature is based on the plain message digest.
+ */
+ sig = &(signerinfo->encDigest);
+ if (sig->len == 0)
+ goto loser;
+
+ vs = (!digest ||
+ VFY_VerifyDigestDirect(digest, publickey, sig, pubkAlgTag,
+ digestalgtag, signerinfo->cmsg->pwfn_arg) != SECSuccess)
+ ? NSSCMSVS_BadSignature
+ : NSSCMSVS_GoodSignature;
+ }
+
+ if (vs == NSSCMSVS_BadSignature) {
+ int error = PORT_GetError();
+ /*
+ * XXX Change the generic error into our specific one, because
+ * in that case we get a better explanation out of the Security
+ * Advisor. This is really a bug in the PSM error strings (the
+ * "generic" error has a lousy/wrong message associated with it
+ * which assumes the signature verification was done for the
+ * purposes of checking the issuer signature on a certificate)
+ * but this is at least an easy workaround and/or in the
+ * Security Advisor, which specifically checks for the error
+ * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
+ * in that case but does not similarly check for
+ * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
+ * probably say the wrong thing in the case that it *was* the
+ * certificate signature check that failed during the cert
+ * verification done above. Our error handling is really a mess.
+ */
+ if (error == SEC_ERROR_BAD_SIGNATURE)
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ /*
+ * map algorithm failures to NSSCMSVS values
+ */
+ if ((error == SEC_ERROR_PKCS7_KEYALG_MISMATCH) ||
+ (error == SEC_ERROR_INVALID_ALGORITHM)) {
+ /* keep the same error code as 3.11 and before */
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ vs = NSSCMSVS_SignatureAlgorithmUnsupported;
+ }
+ }
+
+ if (publickey != NULL)
+ SECKEY_DestroyPublicKey(publickey);
+
+ signerinfo->verificationStatus = vs;
+
+ return (vs == NSSCMSVS_GoodSignature) ? SECSuccess : SECFailure;
+
+loser:
+ if (publickey != NULL)
+ SECKEY_DestroyPublicKey(publickey);
+
+ signerinfo->verificationStatus = vs;
+
+ PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
+ return SECFailure;
+}
+
+NSSCMSVerificationStatus
+NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo)
+{
+ return signerinfo->verificationStatus;
+}
+
+SECOidData *
+NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo)
+{
+ SECOidData *algdata;
+ SECOidTag algtag;
+
+ algdata = SECOID_FindOID(&(signerinfo->digestAlg.algorithm));
+ if (algdata == NULL) {
+ return algdata;
+ }
+ /* Windows may have given us a signer algorithm oid instead of a digest
+ * algorithm oid. This call will map to a signer oid to a digest one,
+ * otherwise it leaves the oid alone and let the chips fall as they may
+ * if it's not a digest oid.
+ */
+ algtag = NSS_CMSUtil_MapSignAlgs(algdata->offset);
+ if (algtag != algdata->offset) {
+ /* if the tags don't match, then we must have received a signer
+ * algorithID. Now we need to get the oid data for the digest
+ * oid, which the rest of the code is expecting */
+ algdata = SECOID_FindOIDByTag(algtag);
+ }
+
+ return algdata;
+}
+
+SECOidTag
+NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo)
+{
+ SECOidData *algdata;
+
+ if (!signerinfo) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SEC_OID_UNKNOWN;
+ }
+
+ algdata = NSS_CMSSignerInfo_GetDigestAlg(signerinfo);
+ if (algdata != NULL)
+ return algdata->offset;
+ else
+ return SEC_OID_UNKNOWN;
+}
+
+CERTCertificateList *
+NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo)
+{
+ return signerinfo->certList;
+}
+
+int
+NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo)
+{
+ unsigned long version;
+
+ /* always take apart the SECItem */
+ if (SEC_ASN1DecodeInteger(&(signerinfo->version), &version) != SECSuccess)
+ return 0;
+ else
+ return (int)version;
+}
+
+/*
+ * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
+ * in UTCTime or GeneralizedTime format,
+ * of a CMS signerInfo.
+ *
+ * sinfo - signerInfo data for this signer
+ *
+ * Returns a pointer to XXXX (what?)
+ * A return value of NULL is an error.
+ */
+SECStatus
+NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime)
+{
+ NSSCMSAttribute *attr;
+ SECItem *value;
+
+ if (sinfo == NULL)
+ return SECFailure;
+
+ if (sinfo->signingTime != 0) {
+ *stime = sinfo->signingTime; /* cached copy */
+ return SECSuccess;
+ }
+
+ attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr,
+ SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
+ /* XXXX multi-valued attributes NIH */
+ if (attr == NULL || (value = NSS_CMSAttribute_GetValue(attr)) == NULL)
+ return SECFailure;
+ if (DER_DecodeTimeChoice(stime, value) != SECSuccess)
+ return SECFailure;
+ sinfo->signingTime = *stime; /* make cached copy */
+ return SECSuccess;
+}
+
+/*
+ * Return the signing cert of a CMS signerInfo.
+ *
+ * the certs in the enclosing SignedData must have been imported already
+ */
+CERTCertificate *
+NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb)
+{
+ CERTCertificate *cert;
+ NSSCMSSignerIdentifier *sid;
+
+ if (signerinfo->cert != NULL)
+ return signerinfo->cert;
+
+ /* no certdb, and cert hasn't been set yet? */
+ if (certdb == NULL)
+ return NULL;
+
+ /*
+ * This cert will also need to be freed, but since we save it
+ * in signerinfo for later, we do not want to destroy it when
+ * we leave this function -- we let the clean-up of the entire
+ * cinfo structure later do the destroy of this cert.
+ */
+ sid = &signerinfo->signerIdentifier;
+ switch (sid->identifierType) {
+ case NSSCMSSignerID_IssuerSN:
+ cert = CERT_FindCertByIssuerAndSN(certdb, sid->id.issuerAndSN);
+ break;
+ case NSSCMSSignerID_SubjectKeyID:
+ cert = CERT_FindCertBySubjectKeyID(certdb, sid->id.subjectKeyID);
+ break;
+ default:
+ cert = NULL;
+ break;
+ }
+
+ /* cert can be NULL at that point */
+ signerinfo->cert = cert; /* earmark it */
+
+ return cert;
+}
+
+/*
+ * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
+ *
+ * sinfo - signerInfo data for this signer
+ *
+ * Returns a pointer to allocated memory, which must be freed with PORT_Free.
+ * A return value of NULL is an error.
+ */
+char *
+NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo)
+{
+ CERTCertificate *signercert;
+
+ /* will fail if cert is not verified */
+ if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
+ return NULL;
+
+ return (CERT_GetCommonName(&signercert->subject));
+}
+
+/*
+ * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
+ *
+ * sinfo - signerInfo data for this signer
+ *
+ * Returns a pointer to allocated memory, which must be freed.
+ * A return value of NULL is an error.
+ */
+char *
+NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo)
+{
+ CERTCertificate *signercert;
+
+ if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
+ return NULL;
+
+ if (!signercert->emailAddr || !signercert->emailAddr[0])
+ return NULL;
+
+ return (PORT_Strdup(signercert->emailAddr));
+}
+
+/*
+ * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ */
+SECStatus
+NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
+{
+ return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->authAttr), attr);
+}
+
+/*
+ * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
+ * unauthenticated attributes of "signerinfo".
+ */
+SECStatus
+NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
+{
+ return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->unAuthAttr), attr);
+}
+
+/*
+ * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ *
+ * This is expected to be included in outgoing signed
+ * messages for email (S/MIME) but is likely useful in other situations.
+ *
+ * This should only be added once; a second call will do nothing.
+ *
+ * XXX This will probably just shove the current time into "signerinfo"
+ * but it will not actually get signed until the entire item is
+ * processed for encoding. Is this (expected to be small) delay okay?
+ */
+SECStatus
+NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t)
+{
+ NSSCMSAttribute *attr;
+ SECItem stime;
+ void *mark;
+ PLArenaPool *poolp;
+
+ poolp = signerinfo->cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* create new signing time attribute */
+ if (DER_EncodeTimeChoice(NULL, &stime, t) != SECSuccess)
+ goto loser;
+
+ if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SIGNING_TIME, &stime, PR_FALSE)) == NULL) {
+ SECITEM_FreeItem(&stime, PR_FALSE);
+ goto loser;
+ }
+
+ SECITEM_FreeItem(&stime, PR_FALSE);
+
+ if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ *
+ * This is expected to be included in outgoing signed
+ * messages for email (S/MIME).
+ */
+SECStatus
+NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo)
+{
+ NSSCMSAttribute *attr;
+ SECItem *smimecaps = NULL;
+ void *mark;
+ PLArenaPool *poolp;
+
+ poolp = signerinfo->cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ smimecaps = SECITEM_AllocItem(poolp, NULL, 0);
+ if (smimecaps == NULL)
+ goto loser;
+
+ /* create new signing time attribute */
+ if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps) != SECSuccess)
+ goto loser;
+
+ if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SMIME_CAPABILITIES, smimecaps, PR_TRUE)) == NULL)
+ goto loser;
+
+ if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo".
+ *
+ * This is expected to be included in outgoing signed messages for email (S/MIME).
+ */
+SECStatus
+NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb)
+{
+ NSSCMSAttribute *attr;
+ SECItem *smimeekp = NULL;
+ void *mark;
+ PLArenaPool *poolp;
+
+ /* verify this cert for encryption */
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
+ return SECFailure;
+ }
+
+ poolp = signerinfo->cmsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+
+ smimeekp = SECITEM_AllocItem(poolp, NULL, 0);
+ if (smimeekp == NULL)
+ goto loser;
+
+ /* create new signing time attribute */
+ if (NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess)
+ goto loser;
+
+ if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL)
+ goto loser;
+
+ if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
+ * authenticated (i.e. signed) attributes of "signerinfo", using the OID preferred by Microsoft.
+ *
+ * This is expected to be included in outgoing signed messages for email (S/MIME),
+ * if compatibility with Microsoft mail clients is wanted.
+ */
+SECStatus
+NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb)
+{
+ NSSCMSAttribute *attr;
+ SECItem *smimeekp = NULL;
+ void *mark;
+ PLArenaPool *poolp;
+
+ /* verify this cert for encryption */
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
+ return SECFailure;
+ }
+
+ poolp = signerinfo->cmsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+
+ smimeekp = SECITEM_AllocItem(poolp, NULL, 0);
+ if (smimeekp == NULL)
+ goto loser;
+
+ /* create new signing time attribute */
+ if (NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess)
+ goto loser;
+
+ if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL)
+ goto loser;
+
+ if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+/*
+ * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
+ *
+ * 1. digest the DER-encoded signature value of the original signerinfo
+ * 2. create new signerinfo with correct version, sid, digestAlg
+ * 3. add message-digest authAttr, but NO content-type
+ * 4. sign the authAttrs
+ * 5. DER-encode the new signerInfo
+ * 6. add the whole thing to original signerInfo's unAuthAttrs
+ * as a SEC_OID_PKCS9_COUNTER_SIGNATURE attribute
+ *
+ * XXXX give back the new signerinfo?
+ */
+SECStatus
+NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
+ SECOidTag digestalg, CERTCertificate signingcert)
+{
+ /* XXXX TBD XXXX */
+ return SECFailure;
+}
+
+/*
+ * XXXX the following needs to be done in the S/MIME layer code
+ * after signature of a signerinfo is verified
+ */
+SECStatus
+NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo)
+{
+ CERTCertificate *cert = NULL;
+ SECItem *profile = NULL;
+ NSSCMSAttribute *attr;
+ SECItem *stime = NULL;
+ SECItem *ekp;
+ CERTCertDBHandle *certdb;
+ int save_error;
+ SECStatus rv;
+ PRBool must_free_cert = PR_FALSE;
+
+ certdb = CERT_GetDefaultCertDB();
+
+ /* sanity check - see if verification status is ok (unverified does not count...) */
+ if (signerinfo->verificationStatus != NSSCMSVS_GoodSignature)
+ return SECFailure;
+
+ /* find preferred encryption cert */
+ if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr) &&
+ (attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
+ SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, PR_TRUE)) != NULL) { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */
+ ekp = NSS_CMSAttribute_GetValue(attr);
+ if (ekp == NULL)
+ return SECFailure;
+
+ /* we assume that all certs coming with the message have been imported to the */
+ /* temporary database */
+ cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp);
+ if (cert == NULL)
+ return SECFailure;
+ must_free_cert = PR_TRUE;
+ }
+
+ if (cert == NULL) {
+ /* no preferred cert found?
+ * find the cert the signerinfo is signed with instead */
+ cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb);
+ if (cert == NULL || cert->emailAddr == NULL || !cert->emailAddr[0])
+ return SECFailure;
+ }
+
+/* verify this cert for encryption (has been verified for signing so far) */
+/* don't verify this cert for encryption. It may just be a signing cert.
+ * that's OK, we can still save the S/MIME profile. The encryption cert
+ * should have already been saved */
+#ifdef notdef
+ if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
+ if (must_free_cert)
+ CERT_DestroyCertificate(cert);
+ return SECFailure;
+ }
+#endif
+
+ /* XXX store encryption cert permanently? */
+
+ /*
+ * Remember the current error set because we do not care about
+ * anything set by the functions we are about to call.
+ */
+ save_error = PORT_GetError();
+
+ if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
+ attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
+ SEC_OID_PKCS9_SMIME_CAPABILITIES,
+ PR_TRUE);
+ profile = NSS_CMSAttribute_GetValue(attr);
+ attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
+ SEC_OID_PKCS9_SIGNING_TIME,
+ PR_TRUE);
+ stime = NSS_CMSAttribute_GetValue(attr);
+ }
+
+ rv = CERT_SaveSMimeProfile(cert, profile, stime);
+ if (must_free_cert)
+ CERT_DestroyCertificate(cert);
+
+ /*
+ * Restore the saved error in case the calls above set a new
+ * one that we do not actually care about.
+ */
+ PORT_SetError(save_error);
+
+ return rv;
+}
+
+/*
+ * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
+ */
+SECStatus
+NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo,
+ NSSCMSCertChainMode cm, SECCertUsage usage)
+{
+ if (signerinfo->cert == NULL)
+ return SECFailure;
+
+ /* don't leak if we get called twice */
+ if (signerinfo->certList != NULL) {
+ CERT_DestroyCertificateList(signerinfo->certList);
+ signerinfo->certList = NULL;
+ }
+
+ switch (cm) {
+ case NSSCMSCM_None:
+ signerinfo->certList = NULL;
+ break;
+ case NSSCMSCM_CertOnly:
+ signerinfo->certList = CERT_CertListFromCert(signerinfo->cert);
+ break;
+ case NSSCMSCM_CertChain:
+ signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert,
+ usage, PR_FALSE);
+ break;
+ case NSSCMSCM_CertChainWithRoot:
+ signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert,
+ usage, PR_TRUE);
+ break;
+ }
+
+ if (cm != NSSCMSCM_None && signerinfo->certList == NULL)
+ return SECFailure;
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/smime/cmst.h b/security/nss/lib/smime/cmst.h
new file mode 100644
index 000000000..3d888bc04
--- /dev/null
+++ b/security/nss/lib/smime/cmst.h
@@ -0,0 +1,491 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Header for CMS types.
+ */
+
+#ifndef _CMST_H_
+#define _CMST_H_
+
+#include "seccomon.h"
+#include "secoidt.h"
+#include "certt.h"
+#include "secmodt.h"
+#include "secmodt.h"
+
+#include "plarena.h"
+
+/* Non-opaque objects. NOTE, though: I want them to be treated as
+ * opaque as much as possible. If I could hide them completely,
+ * I would. (I tried, but ran into trouble that was taking me too
+ * much time to get out of.) I still intend to try to do so.
+ * In fact, the only type that "outsiders" should even *name* is
+ * NSSCMSMessage, and they should not reference its fields.
+ */
+/* rjr: PKCS #11 cert handling (pk11cert.c) does use NSSCMSRecipientInfo's.
+ * This is because when we search the recipient list for the cert and key we
+ * want, we need to invert the order of the loops we used to have. The old
+ * loops were:
+ *
+ * For each recipient {
+ * find_cert = PK11_Find_AllCert(recipient->issuerSN);
+ * [which unrolls to... ]
+ * For each slot {
+ * Log into slot;
+ * search slot for cert;
+ * }
+ * }
+ *
+ * the new loop searchs all the recipients at once on a slot. this allows
+ * PKCS #11 to order slots in such a way that logout slots don't get checked
+ * if we can find the cert on a logged in slot. This eliminates lots of
+ * spurious password prompts when smart cards are installed... so why this
+ * comment? If you make NSSCMSRecipientInfo completely opaque, you need
+ * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
+ * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
+ * function.
+ */
+
+typedef struct NSSCMSMessageStr NSSCMSMessage;
+
+typedef union NSSCMSContentUnion NSSCMSContent;
+typedef struct NSSCMSContentInfoStr NSSCMSContentInfo;
+
+typedef struct NSSCMSSignedDataStr NSSCMSSignedData;
+typedef struct NSSCMSSignerInfoStr NSSCMSSignerInfo;
+typedef struct NSSCMSSignerIdentifierStr NSSCMSSignerIdentifier;
+
+typedef struct NSSCMSEnvelopedDataStr NSSCMSEnvelopedData;
+typedef struct NSSCMSOriginatorInfoStr NSSCMSOriginatorInfo;
+typedef struct NSSCMSRecipientInfoStr NSSCMSRecipientInfo;
+
+typedef struct NSSCMSDigestedDataStr NSSCMSDigestedData;
+typedef struct NSSCMSEncryptedDataStr NSSCMSEncryptedData;
+
+typedef struct NSSCMSGenericWrapperDataStr NSSCMSGenericWrapperData;
+
+typedef struct NSSCMSAttributeStr NSSCMSAttribute;
+
+typedef struct NSSCMSDecoderContextStr NSSCMSDecoderContext;
+typedef struct NSSCMSEncoderContextStr NSSCMSEncoderContext;
+
+typedef struct NSSCMSCipherContextStr NSSCMSCipherContext;
+typedef struct NSSCMSDigestContextStr NSSCMSDigestContext;
+
+typedef struct NSSCMSContentInfoPrivateStr NSSCMSContentInfoPrivate;
+
+typedef SECStatus (*NSSCMSGenericWrapperDataCallback)(NSSCMSGenericWrapperData *);
+typedef void (*NSSCMSGenericWrapperDataDestroy)(NSSCMSGenericWrapperData *);
+
+extern const SEC_ASN1Template NSSCMSGenericWrapperDataTemplate[];
+extern const SEC_ASN1Template NSS_PointerToCMSGenericWrapperDataTemplate[];
+
+SEC_ASN1_CHOOSER_DECLARE(NSS_PointerToCMSGenericWrapperDataTemplate)
+SEC_ASN1_CHOOSER_DECLARE(NSSCMSGenericWrapperDataTemplate)
+
+/*
+ * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart.
+ * If specified, this is where the content bytes (only) will be "sent"
+ * as they are recovered during the decoding.
+ * And:
+ * Type of function passed to NSSCMSEncode or NSSCMSEncoderStart.
+ * This is where the DER-encoded bytes will be "sent".
+ *
+ * XXX Should just combine this with NSSCMSEncoderContentCallback type
+ * and use a simpler, common name.
+ */
+typedef void (*NSSCMSContentCallback)(void *arg, const char *buf, unsigned long len);
+
+/*
+ * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart
+ * to retrieve the decryption key. This function is intended to be
+ * used for EncryptedData content info's which do not have a key available
+ * in a certificate, etc.
+ */
+typedef PK11SymKey *(*NSSCMSGetDecryptKeyCallback)(void *arg, SECAlgorithmID *algid);
+
+/* =============================================================================
+ * ENCAPSULATED CONTENTINFO & CONTENTINFO
+ */
+
+union NSSCMSContentUnion {
+ /* either unstructured */
+ SECItem *data;
+ /* or structured data */
+ NSSCMSDigestedData *digestedData;
+ NSSCMSEncryptedData *encryptedData;
+ NSSCMSEnvelopedData *envelopedData;
+ NSSCMSSignedData *signedData;
+ NSSCMSGenericWrapperData *genericData;
+ /* or anonymous pointer to something */
+ void *pointer;
+};
+
+struct NSSCMSContentInfoStr {
+ SECItem contentType;
+ NSSCMSContent content;
+ /* --------- local; not part of encoding --------- */
+ SECOidData *contentTypeTag;
+
+ /* additional info for encryptedData and envelopedData */
+ /* we waste this space for signedData and digestedData. sue me. */
+
+ SECAlgorithmID contentEncAlg;
+ SECItem *rawContent; /* encrypted DER, optional */
+ /* XXXX bytes not encrypted, but encoded? */
+ /* --------- local; not part of encoding --------- */
+ PK11SymKey *bulkkey; /* bulk encryption key */
+ int keysize; /* size of bulk encryption key
+ * (only used by creation code) */
+ SECOidTag contentEncAlgTag; /* oid tag of encryption algorithm
+ * (only used by creation code) */
+ NSSCMSContentInfoPrivate *privateInfo; /* place for NSS private info */
+ void *reserved; /* keep binary compatibility */
+};
+
+/* =============================================================================
+ * MESSAGE
+ */
+
+struct NSSCMSMessageStr {
+ NSSCMSContentInfo contentInfo; /* "outer" cinfo */
+ /* --------- local; not part of encoding --------- */
+ PLArenaPool *poolp;
+ PRBool poolp_is_ours;
+ int refCount;
+ /* properties of the "inner" data */
+ SECAlgorithmID **detached_digestalgs;
+ SECItem **detached_digests;
+ void *pwfn_arg;
+ NSSCMSGetDecryptKeyCallback decrypt_key_cb;
+ void *decrypt_key_cb_arg;
+};
+
+/* ============================================================================
+ * GENERIC WRAPPER
+ *
+ * used for user defined types.
+ */
+struct NSSCMSGenericWrapperDataStr {
+ NSSCMSContentInfo contentInfo;
+ /* ---- local; not part of encoding ------ */
+ NSSCMSMessage *cmsg;
+ /* wrapperspecific data starts here */
+};
+
+/* =============================================================================
+ * SIGNEDDATA
+ */
+
+struct NSSCMSSignedDataStr {
+ SECItem version;
+ SECAlgorithmID **digestAlgorithms;
+ NSSCMSContentInfo contentInfo;
+ SECItem **rawCerts;
+ CERTSignedCrl **crls;
+ NSSCMSSignerInfo **signerInfos;
+ /* --------- local; not part of encoding --------- */
+ NSSCMSMessage *cmsg; /* back pointer to message */
+ SECItem **digests;
+ CERTCertificate **certs;
+ CERTCertificateList **certLists;
+ CERTCertificate **tempCerts; /* temporary certs, needed
+ * for example for signature
+ * verification */
+};
+#define NSS_CMS_SIGNED_DATA_VERSION_BASIC 1 /* what we *create* */
+#define NSS_CMS_SIGNED_DATA_VERSION_EXT 3 /* what we *create* */
+
+typedef enum {
+ NSSCMSVS_Unverified = 0,
+ NSSCMSVS_GoodSignature = 1,
+ NSSCMSVS_BadSignature = 2,
+ NSSCMSVS_DigestMismatch = 3,
+ NSSCMSVS_SigningCertNotFound = 4,
+ NSSCMSVS_SigningCertNotTrusted = 5,
+ NSSCMSVS_SignatureAlgorithmUnknown = 6,
+ NSSCMSVS_SignatureAlgorithmUnsupported = 7,
+ NSSCMSVS_MalformedSignature = 8,
+ NSSCMSVS_ProcessingError = 9
+} NSSCMSVerificationStatus;
+
+typedef enum {
+ NSSCMSSignerID_IssuerSN = 0,
+ NSSCMSSignerID_SubjectKeyID = 1
+} NSSCMSSignerIDSelector;
+
+struct NSSCMSSignerIdentifierStr {
+ NSSCMSSignerIDSelector identifierType;
+ union {
+ CERTIssuerAndSN *issuerAndSN;
+ SECItem *subjectKeyID;
+ } id;
+};
+
+struct NSSCMSSignerInfoStr {
+ SECItem version;
+ NSSCMSSignerIdentifier signerIdentifier;
+ SECAlgorithmID digestAlg;
+ NSSCMSAttribute **authAttr;
+ SECAlgorithmID digestEncAlg;
+ SECItem encDigest;
+ NSSCMSAttribute **unAuthAttr;
+ /* --------- local; not part of encoding --------- */
+ NSSCMSMessage *cmsg; /* back pointer to message */
+ CERTCertificate *cert;
+ CERTCertificateList *certList;
+ PRTime signingTime;
+ NSSCMSVerificationStatus verificationStatus;
+ SECKEYPrivateKey *signingKey; /* Used if we're using subjKeyID*/
+ SECKEYPublicKey *pubKey;
+};
+#define NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN 1 /* what we *create* */
+#define NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY 3 /* what we *create* */
+
+typedef enum {
+ NSSCMSCM_None = 0,
+ NSSCMSCM_CertOnly = 1,
+ NSSCMSCM_CertChain = 2,
+ NSSCMSCM_CertChainWithRoot = 3
+} NSSCMSCertChainMode;
+
+/* =============================================================================
+ * ENVELOPED DATA
+ */
+struct NSSCMSEnvelopedDataStr {
+ SECItem version;
+ NSSCMSOriginatorInfo *originatorInfo; /* optional */
+ NSSCMSRecipientInfo **recipientInfos;
+ NSSCMSContentInfo contentInfo;
+ NSSCMSAttribute **unprotectedAttr;
+ /* --------- local; not part of encoding --------- */
+ NSSCMSMessage *cmsg; /* back pointer to message */
+};
+#define NSS_CMS_ENVELOPED_DATA_VERSION_REG 0 /* what we *create* */
+#define NSS_CMS_ENVELOPED_DATA_VERSION_ADV 2 /* what we *create* */
+
+struct NSSCMSOriginatorInfoStr {
+ SECItem **rawCerts;
+ CERTSignedCrl **crls;
+ /* --------- local; not part of encoding --------- */
+ CERTCertificate **certs;
+};
+
+/* -----------------------------------------------------------------------------
+ * key transport recipient info
+ */
+typedef enum {
+ NSSCMSRecipientID_IssuerSN = 0,
+ NSSCMSRecipientID_SubjectKeyID = 1,
+ NSSCMSRecipientID_BrandNew = 2
+} NSSCMSRecipientIDSelector;
+
+struct NSSCMSRecipientIdentifierStr {
+ NSSCMSRecipientIDSelector identifierType;
+ union {
+ CERTIssuerAndSN *issuerAndSN;
+ SECItem *subjectKeyID;
+ } id;
+};
+typedef struct NSSCMSRecipientIdentifierStr NSSCMSRecipientIdentifier;
+
+struct NSSCMSKeyTransRecipientInfoStr {
+ SECItem version;
+ NSSCMSRecipientIdentifier recipientIdentifier;
+ SECAlgorithmID keyEncAlg;
+ SECItem encKey;
+};
+typedef struct NSSCMSKeyTransRecipientInfoStr NSSCMSKeyTransRecipientInfo;
+
+/*
+ * View comments before NSSCMSRecipientInfoStr for purpose of this
+ * structure.
+ */
+struct NSSCMSKeyTransRecipientInfoExStr {
+ NSSCMSKeyTransRecipientInfo recipientInfo;
+ int version; /* version of this structure (0) */
+ SECKEYPublicKey *pubKey;
+};
+
+typedef struct NSSCMSKeyTransRecipientInfoExStr NSSCMSKeyTransRecipientInfoEx;
+
+#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN 0 /* what we *create* */
+#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY 2 /* what we *create* */
+
+/* -----------------------------------------------------------------------------
+ * key agreement recipient info
+ */
+struct NSSCMSOriginatorPublicKeyStr {
+ SECAlgorithmID algorithmIdentifier;
+ SECItem publicKey; /* bit string! */
+};
+typedef struct NSSCMSOriginatorPublicKeyStr NSSCMSOriginatorPublicKey;
+
+typedef enum {
+ NSSCMSOriginatorIDOrKey_IssuerSN = 0,
+ NSSCMSOriginatorIDOrKey_SubjectKeyID = 1,
+ NSSCMSOriginatorIDOrKey_OriginatorPublicKey = 2
+} NSSCMSOriginatorIDOrKeySelector;
+
+struct NSSCMSOriginatorIdentifierOrKeyStr {
+ NSSCMSOriginatorIDOrKeySelector identifierType;
+ union {
+ CERTIssuerAndSN *issuerAndSN; /* static-static */
+ SECItem *subjectKeyID; /* static-static */
+ NSSCMSOriginatorPublicKey originatorPublicKey; /* ephemeral-static */
+ } id;
+};
+typedef struct NSSCMSOriginatorIdentifierOrKeyStr NSSCMSOriginatorIdentifierOrKey;
+
+struct NSSCMSRecipientKeyIdentifierStr {
+ SECItem *subjectKeyIdentifier;
+ SECItem *date; /* optional */
+ SECItem *other; /* optional */
+};
+typedef struct NSSCMSRecipientKeyIdentifierStr NSSCMSRecipientKeyIdentifier;
+
+typedef enum {
+ NSSCMSKeyAgreeRecipientID_IssuerSN = 0,
+ NSSCMSKeyAgreeRecipientID_RKeyID = 1
+} NSSCMSKeyAgreeRecipientIDSelector;
+
+struct NSSCMSKeyAgreeRecipientIdentifierStr {
+ NSSCMSKeyAgreeRecipientIDSelector identifierType;
+ union {
+ CERTIssuerAndSN *issuerAndSN;
+ NSSCMSRecipientKeyIdentifier recipientKeyIdentifier;
+ } id;
+};
+typedef struct NSSCMSKeyAgreeRecipientIdentifierStr NSSCMSKeyAgreeRecipientIdentifier;
+
+struct NSSCMSRecipientEncryptedKeyStr {
+ NSSCMSKeyAgreeRecipientIdentifier recipientIdentifier;
+ SECItem encKey;
+};
+typedef struct NSSCMSRecipientEncryptedKeyStr NSSCMSRecipientEncryptedKey;
+
+struct NSSCMSKeyAgreeRecipientInfoStr {
+ SECItem version;
+ NSSCMSOriginatorIdentifierOrKey originatorIdentifierOrKey;
+ SECItem *ukm; /* optional */
+ SECAlgorithmID keyEncAlg;
+ NSSCMSRecipientEncryptedKey **recipientEncryptedKeys;
+};
+typedef struct NSSCMSKeyAgreeRecipientInfoStr NSSCMSKeyAgreeRecipientInfo;
+
+#define NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION 3 /* what we *create* */
+
+/* -----------------------------------------------------------------------------
+ * KEK recipient info
+ */
+struct NSSCMSKEKIdentifierStr {
+ SECItem keyIdentifier;
+ SECItem *date; /* optional */
+ SECItem *other; /* optional */
+};
+typedef struct NSSCMSKEKIdentifierStr NSSCMSKEKIdentifier;
+
+struct NSSCMSKEKRecipientInfoStr {
+ SECItem version;
+ NSSCMSKEKIdentifier kekIdentifier;
+ SECAlgorithmID keyEncAlg;
+ SECItem encKey;
+};
+typedef struct NSSCMSKEKRecipientInfoStr NSSCMSKEKRecipientInfo;
+
+#define NSS_CMS_KEK_RECIPIENT_INFO_VERSION 4 /* what we *create* */
+
+/* -----------------------------------------------------------------------------
+ * recipient info
+ */
+
+typedef enum {
+ NSSCMSRecipientInfoID_KeyTrans = 0,
+ NSSCMSRecipientInfoID_KeyAgree = 1,
+ NSSCMSRecipientInfoID_KEK = 2
+} NSSCMSRecipientInfoIDSelector;
+
+/*
+ * In order to preserve backwards binary compatibility when implementing
+ * creation of Recipient Info's that uses subjectKeyID in the
+ * keyTransRecipientInfo we need to stash a public key pointer in this
+ * structure somewhere. We figured out that NSSCMSKeyTransRecipientInfo
+ * is the smallest member of the ri union. We're in luck since that's
+ * the very structure that would need to use the public key. So we created
+ * a new structure NSSCMSKeyTransRecipientInfoEx which has a member
+ * NSSCMSKeyTransRecipientInfo as the first member followed by a version
+ * and a public key pointer. This way we can keep backwards compatibility
+ * without changing the size of this structure.
+ *
+ * BTW, size of structure:
+ * NSSCMSKeyTransRecipientInfo: 9 ints, 4 pointers
+ * NSSCMSKeyAgreeRecipientInfo: 12 ints, 8 pointers
+ * NSSCMSKEKRecipientInfo: 10 ints, 7 pointers
+ *
+ * The new structure:
+ * NSSCMSKeyTransRecipientInfoEx: sizeof(NSSCMSKeyTransRecipientInfo) +
+ * 1 int, 1 pointer
+ */
+
+struct NSSCMSRecipientInfoStr {
+ NSSCMSRecipientInfoIDSelector recipientInfoType;
+ union {
+ NSSCMSKeyTransRecipientInfo keyTransRecipientInfo;
+ NSSCMSKeyAgreeRecipientInfo keyAgreeRecipientInfo;
+ NSSCMSKEKRecipientInfo kekRecipientInfo;
+ NSSCMSKeyTransRecipientInfoEx keyTransRecipientInfoEx;
+ } ri;
+ /* --------- local; not part of encoding --------- */
+ NSSCMSMessage *cmsg; /* back pointer to message */
+ CERTCertificate *cert; /* recipient's certificate */
+};
+
+/* =============================================================================
+ * DIGESTED DATA
+ */
+struct NSSCMSDigestedDataStr {
+ SECItem version;
+ SECAlgorithmID digestAlg;
+ NSSCMSContentInfo contentInfo;
+ SECItem digest;
+ /* --------- local; not part of encoding --------- */
+ NSSCMSMessage *cmsg; /* back pointer */
+ SECItem cdigest; /* calculated digest */
+};
+#define NSS_CMS_DIGESTED_DATA_VERSION_DATA 0 /* what we *create* */
+#define NSS_CMS_DIGESTED_DATA_VERSION_ENCAP 2 /* what we *create* */
+
+/* =============================================================================
+ * ENCRYPTED DATA
+ */
+struct NSSCMSEncryptedDataStr {
+ SECItem version;
+ NSSCMSContentInfo contentInfo;
+ NSSCMSAttribute **unprotectedAttr; /* optional */
+ /* --------- local; not part of encoding --------- */
+ NSSCMSMessage *cmsg; /* back pointer */
+};
+#define NSS_CMS_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
+#define NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR 2 /* what we *create* */
+
+/*
+ * *****************************************************************************
+ * *****************************************************************************
+ * *****************************************************************************
+ */
+
+/*
+ * See comment above about this type not really belonging to CMS.
+ */
+struct NSSCMSAttributeStr {
+ /* The following fields make up an encoded Attribute: */
+ SECItem type;
+ SECItem **values; /* data may or may not be encoded */
+ /* The following fields are not part of an encoded Attribute: */
+ SECOidData *typeTag;
+ PRBool encoded; /* when true, values are encoded */
+};
+
+#endif /* _CMST_H_ */
diff --git a/security/nss/lib/smime/cmsudf.c b/security/nss/lib/smime/cmsudf.c
new file mode 100644
index 000000000..3ef4268d4
--- /dev/null
+++ b/security/nss/lib/smime/cmsudf.c
@@ -0,0 +1,440 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS User Define Types
+ */
+
+#include "cmslocal.h"
+
+#include "prinit.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "secerr.h"
+#include "nss.h"
+
+typedef struct nsscmstypeInfoStr nsscmstypeInfo;
+struct nsscmstypeInfoStr {
+ SECOidTag type;
+ SEC_ASN1Template *template;
+ size_t size;
+ PRBool isData;
+ NSSCMSGenericWrapperDataDestroy destroy;
+ NSSCMSGenericWrapperDataCallback decode_before;
+ NSSCMSGenericWrapperDataCallback decode_after;
+ NSSCMSGenericWrapperDataCallback decode_end;
+ NSSCMSGenericWrapperDataCallback encode_start;
+ NSSCMSGenericWrapperDataCallback encode_before;
+ NSSCMSGenericWrapperDataCallback encode_after;
+};
+
+/* make sure the global tables are only initialized once */
+static PRCallOnceType nsscmstypeOnce;
+static PRCallOnceType nsscmstypeClearOnce;
+/* lock for adding a new entry */
+static PRLock *nsscmstypeAddLock;
+/* lock for the hash table */
+static PRLock *nsscmstypeHashLock;
+/* the hash table itself */
+static PLHashTable *nsscmstypeHash;
+/* arena to hold all the hash table data */
+static PLArenaPool *nsscmstypeArena;
+
+/*
+ * clean up our global tables
+ */
+SECStatus
+nss_cmstype_shutdown(void *appData, void *reserved)
+{
+ if (nsscmstypeHashLock) {
+ PR_Lock(nsscmstypeHashLock);
+ }
+ if (nsscmstypeHash) {
+ PL_HashTableDestroy(nsscmstypeHash);
+ nsscmstypeHash = NULL;
+ }
+ if (nsscmstypeArena) {
+ PORT_FreeArena(nsscmstypeArena, PR_FALSE);
+ nsscmstypeArena = NULL;
+ }
+ if (nsscmstypeAddLock) {
+ PR_DestroyLock(nsscmstypeAddLock);
+ }
+ if (nsscmstypeHashLock) {
+ PRLock *oldLock = nsscmstypeHashLock;
+ nsscmstypeHashLock = NULL;
+ PR_Unlock(oldLock);
+ PR_DestroyLock(oldLock);
+ }
+
+ /* don't clear out the PR_ONCE data if we failed our inital call */
+ if (appData == NULL) {
+ nsscmstypeOnce = nsscmstypeClearOnce;
+ }
+ return SECSuccess;
+}
+
+static PLHashNumber
+nss_cmstype_hash_key(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+static PRIntn
+nss_cmstype_compare_keys(const void *v1, const void *v2)
+{
+ PLHashNumber value1 = nss_cmstype_hash_key(v1);
+ PLHashNumber value2 = nss_cmstype_hash_key(v2);
+
+ return (value1 == value2);
+}
+
+/*
+ * initialize our hash tables, called once on the first attemat to register
+ * a new SMIME type.
+ */
+static PRStatus
+nss_cmstype_init(void)
+{
+ SECStatus rv;
+
+ nsscmstypeHashLock = PR_NewLock();
+ if (nsscmstypeHashLock == NULL) {
+ return PR_FAILURE;
+ }
+ nsscmstypeAddLock = PR_NewLock();
+ if (nsscmstypeHashLock == NULL) {
+ goto fail;
+ }
+ nsscmstypeHash = PL_NewHashTable(64, nss_cmstype_hash_key,
+ nss_cmstype_compare_keys,
+ PL_CompareValues, NULL, NULL);
+ if (nsscmstypeHash == NULL) {
+ goto fail;
+ }
+ nsscmstypeArena = PORT_NewArena(2048);
+ if (nsscmstypeArena == NULL) {
+ goto fail;
+ }
+ rv = NSS_RegisterShutdown(nss_cmstype_shutdown, NULL);
+ if (rv != SECSuccess) {
+ goto fail;
+ }
+ return PR_SUCCESS;
+
+fail:
+ nss_cmstype_shutdown(&nsscmstypeOnce, NULL);
+ return PR_FAILURE;
+}
+
+/*
+ * look up and registered SIME type
+ */
+static const nsscmstypeInfo *
+nss_cmstype_lookup(SECOidTag type)
+{
+ nsscmstypeInfo *typeInfo = NULL;
+ ;
+ if (!nsscmstypeHash) {
+ return NULL;
+ }
+ PR_Lock(nsscmstypeHashLock);
+ if (nsscmstypeHash) {
+ typeInfo = PL_HashTableLookupConst(nsscmstypeHash, (void *)type);
+ }
+ PR_Unlock(nsscmstypeHashLock);
+ return typeInfo;
+}
+
+/*
+ * add a new type to the SMIME type table
+ */
+static SECStatus
+nss_cmstype_add(SECOidTag type, nsscmstypeInfo *typeinfo)
+{
+ PLHashEntry *entry;
+
+ if (!nsscmstypeHash) {
+ /* assert? this shouldn't happen */
+ return SECFailure;
+ }
+ PR_Lock(nsscmstypeHashLock);
+ /* this is really paranoia. If we really are racing nsscmstypeHash, we'll
+ * also be racing nsscmstypeHashLock... */
+ if (!nsscmstypeHash) {
+ PR_Unlock(nsscmstypeHashLock);
+ return SECFailure;
+ }
+ entry = PL_HashTableAdd(nsscmstypeHash, (void *)type, typeinfo);
+ PR_Unlock(nsscmstypeHashLock);
+ return entry ? SECSuccess : SECFailure;
+}
+
+/* helper functions to manage new content types
+ */
+
+PRBool
+NSS_CMSType_IsWrapper(SECOidTag type)
+{
+ const nsscmstypeInfo *typeInfo = NULL;
+
+ switch (type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ return PR_TRUE;
+ default:
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo && !typeInfo->isData) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+PRBool
+NSS_CMSType_IsData(SECOidTag type)
+{
+ const nsscmstypeInfo *typeInfo = NULL;
+
+ switch (type) {
+ case SEC_OID_PKCS7_DATA:
+ return PR_TRUE;
+ default:
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo && typeInfo->isData) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+const SEC_ASN1Template *
+NSS_CMSType_GetTemplate(SECOidTag type)
+{
+ const nsscmstypeInfo *typeInfo = nss_cmstype_lookup(type);
+
+ if (typeInfo && typeInfo->template) {
+ return typeInfo->template;
+ }
+ return SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
+}
+
+size_t
+NSS_CMSType_GetContentSize(SECOidTag type)
+{
+ const nsscmstypeInfo *typeInfo = nss_cmstype_lookup(type);
+
+ if (typeInfo) {
+ return typeInfo->size;
+ }
+ return sizeof(SECItem *);
+}
+
+void
+NSS_CMSGenericWrapperData_Destroy(SECOidTag type, NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo = nss_cmstype_lookup(type);
+
+ if (typeInfo && typeInfo->destroy) {
+ (*typeInfo->destroy)(gd);
+ }
+}
+
+SECStatus
+NSS_CMSGenericWrapperData_Decode_BeforeData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo;
+
+ /* short cut common case */
+ if (type == SEC_OID_PKCS7_DATA) {
+ return SECSuccess;
+ }
+
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo) {
+ if (typeInfo->decode_before) {
+ return (*typeInfo->decode_before)(gd);
+ }
+ /* decoder ops optional for data tags */
+ if (typeInfo->isData) {
+ return SECSuccess;
+ }
+ }
+ /* expected a function, but none existed */
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSGenericWrapperData_Decode_AfterData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo;
+
+ /* short cut common case */
+ if (type == SEC_OID_PKCS7_DATA) {
+ return SECSuccess;
+ }
+
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo) {
+ if (typeInfo->decode_after) {
+ return (*typeInfo->decode_after)(gd);
+ }
+ /* decoder ops optional for data tags */
+ if (typeInfo->isData) {
+ return SECSuccess;
+ }
+ }
+ /* expected a function, but none existed */
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSGenericWrapperData_Decode_AfterEnd(SECOidTag type,
+ NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo;
+
+ /* short cut common case */
+ if (type == SEC_OID_PKCS7_DATA) {
+ return SECSuccess;
+ }
+
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo) {
+ if (typeInfo->decode_end) {
+ return (*typeInfo->decode_end)(gd);
+ }
+ /* decoder ops optional for data tags */
+ if (typeInfo->isData) {
+ return SECSuccess;
+ }
+ }
+ /* expected a function, but none existed */
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSGenericWrapperData_Encode_BeforeStart(SECOidTag type,
+ NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo;
+
+ /* short cut common case */
+ if (type == SEC_OID_PKCS7_DATA) {
+ return SECSuccess;
+ }
+
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo) {
+ if (typeInfo->encode_start) {
+ return (*typeInfo->encode_start)(gd);
+ }
+ /* decoder ops optional for data tags */
+ if (typeInfo->isData) {
+ return SECSuccess;
+ }
+ }
+ /* expected a function, but none existed */
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSGenericWrapperData_Encode_BeforeData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo;
+
+ /* short cut common case */
+ if (type == SEC_OID_PKCS7_DATA) {
+ return SECSuccess;
+ }
+
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo) {
+ if (typeInfo->encode_before) {
+ return (*typeInfo->encode_before)(gd);
+ }
+ /* decoder ops optional for data tags */
+ if (typeInfo->isData) {
+ return SECSuccess;
+ }
+ }
+ /* expected a function, but none existed */
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSGenericWrapperData_Encode_AfterData(SECOidTag type,
+ NSSCMSGenericWrapperData *gd)
+{
+ const nsscmstypeInfo *typeInfo;
+
+ /* short cut common case */
+ if (type == SEC_OID_PKCS7_DATA) {
+ return SECSuccess;
+ }
+
+ typeInfo = nss_cmstype_lookup(type);
+ if (typeInfo) {
+ if (typeInfo->encode_after) {
+ return (*typeInfo->encode_after)(gd);
+ }
+ /* decoder ops optional for data tags */
+ if (typeInfo->isData) {
+ return SECSuccess;
+ }
+ }
+ /* expected a function, but none existed */
+ return SECFailure;
+}
+
+SECStatus
+NSS_CMSType_RegisterContentType(SECOidTag type,
+ SEC_ASN1Template *asn1Template, size_t size,
+ NSSCMSGenericWrapperDataDestroy destroy,
+ NSSCMSGenericWrapperDataCallback decode_before,
+ NSSCMSGenericWrapperDataCallback decode_after,
+ NSSCMSGenericWrapperDataCallback decode_end,
+ NSSCMSGenericWrapperDataCallback encode_start,
+ NSSCMSGenericWrapperDataCallback encode_before,
+ NSSCMSGenericWrapperDataCallback encode_after,
+ PRBool isData)
+{
+ PRStatus rc;
+ SECStatus rv;
+ nsscmstypeInfo *typeInfo;
+ const nsscmstypeInfo *exists;
+
+ rc = PR_CallOnce(&nsscmstypeOnce, nss_cmstype_init);
+ if (rc == PR_FAILURE) {
+ return SECFailure;
+ }
+ PR_Lock(nsscmstypeAddLock);
+ exists = nss_cmstype_lookup(type);
+ if (exists) {
+ PR_Unlock(nsscmstypeAddLock);
+ /* already added */
+ return SECSuccess;
+ }
+ typeInfo = PORT_ArenaNew(nsscmstypeArena, nsscmstypeInfo);
+ typeInfo->type = type;
+ typeInfo->size = size;
+ typeInfo->isData = isData;
+ typeInfo->template = asn1Template;
+ typeInfo->destroy = destroy;
+ typeInfo->decode_before = decode_before;
+ typeInfo->decode_after = decode_after;
+ typeInfo->decode_end = decode_end;
+ typeInfo->encode_start = encode_start;
+ typeInfo->encode_before = encode_before;
+ typeInfo->encode_after = encode_after;
+ rv = nss_cmstype_add(type, typeInfo);
+ PR_Unlock(nsscmstypeAddLock);
+ return rv;
+}
diff --git a/security/nss/lib/smime/cmsutil.c b/security/nss/lib/smime/cmsutil.c
new file mode 100644
index 000000000..cd12603fa
--- /dev/null
+++ b/security/nss/lib/smime/cmsutil.c
@@ -0,0 +1,367 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * CMS miscellaneous utility functions.
+ */
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "secerr.h"
+#include "sechash.h"
+
+/*
+ * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
+ *
+ * make sure that the order of the objects guarantees valid DER (which must be
+ * in lexigraphically ascending order for a SET OF); if reordering is necessary it
+ * will be done in place (in objs).
+ */
+SECStatus
+NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2)
+{
+ PLArenaPool *poolp;
+ int num_objs;
+ SECItem **enc_objs;
+ SECStatus rv = SECFailure;
+ int i;
+
+ if (objs == NULL) /* already sorted */
+ return SECSuccess;
+
+ num_objs = NSS_CMSArray_Count((void **)objs);
+ if (num_objs == 0 || num_objs == 1) /* already sorted. */
+ return SECSuccess;
+
+ poolp = PORT_NewArena(1024); /* arena for temporaries */
+ if (poolp == NULL)
+ return SECFailure; /* no memory; nothing we can do... */
+
+ /*
+ * Allocate arrays to hold the individual encodings which we will use
+ * for comparisons and the reordered attributes as they are sorted.
+ */
+ enc_objs = (SECItem **)PORT_ArenaZAlloc(poolp, (num_objs + 1) * sizeof(SECItem *));
+ if (enc_objs == NULL)
+ goto loser;
+
+ /* DER encode each individual object. */
+ for (i = 0; i < num_objs; i++) {
+ enc_objs[i] = SEC_ASN1EncodeItem(poolp, NULL, objs[i], objtemplate);
+ if (enc_objs[i] == NULL)
+ goto loser;
+ }
+ enc_objs[num_objs] = NULL;
+
+ /* now compare and sort objs by the order of enc_objs */
+ NSS_CMSArray_Sort((void **)enc_objs, NSS_CMSUtil_DERCompare, objs, objs2);
+
+ rv = SECSuccess;
+
+loser:
+ PORT_FreeArena(poolp, PR_FALSE);
+ return rv;
+}
+
+/*
+ * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
+ * sort arrays of SECItems containing DER
+ */
+int
+NSS_CMSUtil_DERCompare(void *a, void *b)
+{
+ SECItem *der1 = (SECItem *)a;
+ SECItem *der2 = (SECItem *)b;
+ unsigned int j;
+
+ /*
+ * Find the lowest (lexigraphically) encoding. One that is
+ * shorter than all the rest is known to be "less" because each
+ * attribute is of the same type (a SEQUENCE) and so thus the
+ * first octet of each is the same, and the second octet is
+ * the length (or the length of the length with the high bit
+ * set, followed by the length, which also works out to always
+ * order the shorter first). Two (or more) that have the
+ * same length need to be compared byte by byte until a mismatch
+ * is found.
+ */
+ if (der1->len != der2->len)
+ return (der1->len < der2->len) ? -1 : 1;
+
+ for (j = 0; j < der1->len; j++) {
+ if (der1->data[j] == der2->data[j])
+ continue;
+ return (der1->data[j] < der2->data[j]) ? -1 : 1;
+ }
+ return 0;
+}
+
+/*
+ * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
+ * algorithms.
+ *
+ * algorithmArray - array of algorithm IDs
+ * algid - algorithmid of algorithm to pick
+ *
+ * Returns:
+ * An integer containing the index of the algorithm in the array or -1 if
+ * algorithm was not found.
+ */
+int
+NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid)
+{
+ int i;
+
+ if (algorithmArray == NULL || algorithmArray[0] == NULL)
+ return -1;
+
+ for (i = 0; algorithmArray[i] != NULL; i++) {
+ if (SECOID_CompareAlgorithmID(algorithmArray[i], algid) == SECEqual)
+ break; /* bingo */
+ }
+
+ if (algorithmArray[i] == NULL)
+ return -1; /* not found */
+
+ return i;
+}
+
+/*
+ * NSS_CMSAlgArray_GetIndexByAlgTag - find a specific algorithm in an array of
+ * algorithms.
+ *
+ * algorithmArray - array of algorithm IDs
+ * algtag - algorithm tag of algorithm to pick
+ *
+ * Returns:
+ * An integer containing the index of the algorithm in the array or -1 if
+ * algorithm was not found.
+ */
+int
+NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray,
+ SECOidTag algtag)
+{
+ SECOidData *algid;
+ int i = -1;
+
+ if (algorithmArray == NULL || algorithmArray[0] == NULL)
+ return i;
+
+#ifdef ORDER_N_SQUARED
+ for (i = 0; algorithmArray[i] != NULL; i++) {
+ algid = SECOID_FindOID(&(algorithmArray[i]->algorithm));
+ if (algid->offset == algtag)
+ break; /* bingo */
+ }
+#else
+ algid = SECOID_FindOIDByTag(algtag);
+ if (!algid)
+ return i;
+ for (i = 0; algorithmArray[i] != NULL; i++) {
+ if (SECITEM_ItemsAreEqual(&algorithmArray[i]->algorithm, &algid->oid))
+ break; /* bingo */
+ }
+#endif
+
+ if (algorithmArray[i] == NULL)
+ return -1; /* not found */
+
+ return i;
+}
+
+/*
+ * Map a sign algorithm to a digest algorithm.
+ * This is used to handle incorrectly formatted packages sent to us
+ * from Windows 2003.
+ */
+SECOidTag
+NSS_CMSUtil_MapSignAlgs(SECOidTag signAlg)
+{
+ switch (signAlg) {
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ return SEC_OID_MD2;
+ break;
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ return SEC_OID_MD5;
+ break;
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+ case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+ return SEC_OID_SHA1;
+ break;
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+ return SEC_OID_SHA256;
+ break;
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+ return SEC_OID_SHA384;
+ break;
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+ return SEC_OID_SHA512;
+ break;
+ default:
+ break;
+ }
+ /* not one of the algtags incorrectly sent to us*/
+ return signAlg;
+}
+
+const SECHashObject *
+NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid)
+{
+ SECOidTag oidTag = SECOID_FindOIDTag(&(algid->algorithm));
+ const SECHashObject *digobj = HASH_GetHashObjectByOidTag(oidTag);
+
+ return digobj;
+}
+
+const SEC_ASN1Template *
+NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type)
+{
+ const SEC_ASN1Template *template;
+ extern const SEC_ASN1Template NSSCMSSignedDataTemplate[];
+ extern const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[];
+ extern const SEC_ASN1Template NSSCMSEncryptedDataTemplate[];
+ extern const SEC_ASN1Template NSSCMSDigestedDataTemplate[];
+
+ switch (type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ template = NSSCMSSignedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ template = NSSCMSEnvelopedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ template = NSSCMSEncryptedDataTemplate;
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ template = NSSCMSDigestedDataTemplate;
+ break;
+ default:
+ template = NSS_CMSType_GetTemplate(type);
+ break;
+ }
+ return template;
+}
+
+size_t
+NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type)
+{
+ size_t size;
+
+ switch (type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ size = sizeof(NSSCMSSignedData);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ size = sizeof(NSSCMSEnvelopedData);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ size = sizeof(NSSCMSEncryptedData);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ size = sizeof(NSSCMSDigestedData);
+ break;
+ default:
+ size = NSS_CMSType_GetContentSize(type);
+ break;
+ }
+ return size;
+}
+
+NSSCMSContentInfo *
+NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type)
+{
+ NSSCMSContent c;
+ NSSCMSContentInfo *cinfo = NULL;
+
+ if (!msg)
+ return cinfo;
+ c.pointer = msg;
+ switch (type) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+ cinfo = &(c.signedData->contentInfo);
+ break;
+ case SEC_OID_PKCS7_ENVELOPED_DATA:
+ cinfo = &(c.envelopedData->contentInfo);
+ break;
+ case SEC_OID_PKCS7_ENCRYPTED_DATA:
+ cinfo = &(c.encryptedData->contentInfo);
+ break;
+ case SEC_OID_PKCS7_DIGESTED_DATA:
+ cinfo = &(c.digestedData->contentInfo);
+ break;
+ default:
+ cinfo = NULL;
+ if (NSS_CMSType_IsWrapper(type)) {
+ cinfo = &(c.genericData->contentInfo);
+ }
+ }
+ return cinfo;
+}
+
+const char *
+NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs)
+{
+ switch (vs) {
+ case NSSCMSVS_Unverified:
+ return "Unverified";
+ case NSSCMSVS_GoodSignature:
+ return "GoodSignature";
+ case NSSCMSVS_BadSignature:
+ return "BadSignature";
+ case NSSCMSVS_DigestMismatch:
+ return "DigestMismatch";
+ case NSSCMSVS_SigningCertNotFound:
+ return "SigningCertNotFound";
+ case NSSCMSVS_SigningCertNotTrusted:
+ return "SigningCertNotTrusted";
+ case NSSCMSVS_SignatureAlgorithmUnknown:
+ return "SignatureAlgorithmUnknown";
+ case NSSCMSVS_SignatureAlgorithmUnsupported:
+ return "SignatureAlgorithmUnsupported";
+ case NSSCMSVS_MalformedSignature:
+ return "MalformedSignature";
+ case NSSCMSVS_ProcessingError:
+ return "ProcessingError";
+ default:
+ return "Unknown";
+ }
+}
+
+SECStatus
+NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut,
+ PLArenaPool *arena)
+{
+ NSSCMSEncoderContext *ecx;
+ SECStatus rv = SECSuccess;
+ if (!cmsg || !derOut || !arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ ecx = NSS_CMSEncoder_Start(cmsg, 0, 0, derOut, arena, 0, 0, 0, 0, 0, 0);
+ if (!ecx) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (input) {
+ rv = NSS_CMSEncoder_Update(ecx, (const char *)input->data, input->len);
+ if (rv) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ }
+ }
+ rv |= NSS_CMSEncoder_Finish(ecx);
+ if (rv) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+ return rv;
+}
diff --git a/security/nss/lib/smime/config.mk b/security/nss/lib/smime/config.mk
new file mode 100644
index 000000000..85d39e825
--- /dev/null
+++ b/security/nss/lib/smime/config.mk
@@ -0,0 +1,63 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+RELEASE_LIBS = $(TARGETS)
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/smime.res
+RESNAME = smime.rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -lnss3 \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+else # ! NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ $(DIST)/lib/nss3.lib \
+ $(DIST)/lib/nssutil3.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -lnss3 \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+
+endif
+
+
+SHARED_LIBRARY_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \
+ $(NULL)
+
+SHARED_LIBRARY_DIRS = \
+ ../pkcs12 \
+ ../pkcs7 \
+ $(NULL)
+
diff --git a/security/nss/lib/smime/exports.gyp b/security/nss/lib/smime/exports.gyp
new file mode 100644
index 000000000..3865bb4da
--- /dev/null
+++ b/security/nss/lib/smime/exports.gyp
@@ -0,0 +1,34 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_smime_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'cms.h',
+ 'cmsreclist.h',
+ 'cmst.h',
+ 'smime.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'cmslocal.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/smime/manifest.mn b/security/nss/lib/smime/manifest.mn
new file mode 100644
index 000000000..e049d8873
--- /dev/null
+++ b/security/nss/lib/smime/manifest.mn
@@ -0,0 +1,51 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ cms.h \
+ cmst.h \
+ smime.h \
+ cmsreclist.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ cmslocal.h \
+ $(NULL)
+
+MODULE = nss
+MAPFILE = $(OBJDIR)/smime.def
+
+CSRCS = \
+ cmsarray.c \
+ cmsasn1.c \
+ cmsattr.c \
+ cmscinfo.c \
+ cmscipher.c \
+ cmsdecode.c \
+ cmsdigdata.c \
+ cmsdigest.c \
+ cmsencdata.c \
+ cmsencode.c \
+ cmsenvdata.c \
+ cmsmessage.c \
+ cmspubkey.c \
+ cmsrecinfo.c \
+ cmsreclist.c \
+ cmssigdata.c \
+ cmssiginfo.c \
+ cmsudf.c \
+ cmsutil.c \
+ smimemessage.c \
+ smimeutil.c \
+ smimever.c \
+ $(NULL)
+
+LIBRARY_NAME = smime
+LIBRARY_VERSION = 3
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/smime/smime.def b/security/nss/lib/smime/smime.def
new file mode 100644
index 000000000..900d6df61
--- /dev/null
+++ b/security/nss/lib/smime/smime.def
@@ -0,0 +1,287 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSS_3.2 { # NSS 3.2 release
+;+ global:
+LIBRARY smime3 ;-
+EXPORTS ;-
+NSS_CMSContentInfo_GetBulkKey;
+NSS_CMSContentInfo_GetBulkKeySize;
+NSS_CMSContentInfo_GetContent;
+NSS_CMSContentInfo_GetContentEncAlgTag;
+NSS_CMSContentInfo_GetContentTypeTag;
+NSS_CMSContentInfo_SetBulkKey;
+NSS_CMSContentInfo_SetContent;
+NSS_CMSContentInfo_SetContentEncAlg;
+NSS_CMSContentInfo_SetContent_Data;
+NSS_CMSContentInfo_SetContent_DigestedData;
+NSS_CMSContentInfo_SetContent_EncryptedData;
+NSS_CMSContentInfo_SetContent_EnvelopedData;
+NSS_CMSContentInfo_SetContent_SignedData;
+NSS_CMSDEREncode;
+NSS_CMSDecoder_Cancel;
+NSS_CMSDecoder_Finish;
+NSS_CMSDecoder_Start;
+NSS_CMSDecoder_Update;
+NSS_CMSDigestContext_Cancel;
+NSS_CMSDigestContext_FinishMultiple;
+NSS_CMSDigestContext_FinishSingle;
+NSS_CMSDigestContext_StartMultiple;
+NSS_CMSDigestContext_StartSingle;
+NSS_CMSDigestContext_Update;
+NSS_CMSDigestedData_Create;
+NSS_CMSDigestedData_Destroy;
+NSS_CMSDigestedData_GetContentInfo;
+NSS_CMSEncoder_Cancel;
+NSS_CMSEncoder_Finish;
+NSS_CMSEncoder_Start;
+NSS_CMSEncoder_Update;
+NSS_CMSEncryptedData_Create;
+NSS_CMSEncryptedData_Destroy;
+NSS_CMSEncryptedData_GetContentInfo;
+NSS_CMSEnvelopedData_AddRecipient;
+NSS_CMSEnvelopedData_Create;
+NSS_CMSEnvelopedData_Destroy;
+NSS_CMSEnvelopedData_GetContentInfo;
+NSS_CMSMessage_ContentLevel;
+NSS_CMSMessage_ContentLevelCount;
+NSS_CMSMessage_Copy;
+NSS_CMSMessage_Create;
+NSS_CMSMessage_CreateFromDER;
+NSS_CMSMessage_Destroy;
+NSS_CMSMessage_GetContent;
+NSS_CMSMessage_GetContentInfo;
+NSS_CMSRecipientInfo_Create;
+NSS_CMSRecipientInfo_Destroy;
+NSS_CMSSignedData_AddCertChain;
+NSS_CMSSignedData_AddCertList;
+NSS_CMSSignedData_AddCertificate;
+NSS_CMSSignedData_AddDigest;
+NSS_CMSSignedData_AddSignerInfo;
+NSS_CMSSignedData_Create;
+NSS_CMSSignedData_CreateCertsOnly;
+NSS_CMSSignedData_Destroy;
+NSS_CMSSignedData_GetContentInfo;
+NSS_CMSSignedData_GetDigestAlgs;
+NSS_CMSSignedData_GetSignerInfo;
+NSS_CMSSignedData_HasDigests;
+NSS_CMSSignedData_ImportCerts;
+NSS_CMSSignedData_SetDigests;
+NSS_CMSSignedData_SignerInfoCount;
+NSS_CMSSignedData_VerifyCertsOnly;
+NSS_CMSSignedData_VerifySignerInfo;
+NSS_CMSSignerInfo_AddSMIMECaps;
+NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs;
+NSS_CMSSignerInfo_AddSigningTime;
+NSS_CMSSignerInfo_Create;
+NSS_CMSSignerInfo_Destroy;
+NSS_CMSSignerInfo_GetCertList;
+NSS_CMSSignerInfo_GetSignerCommonName;
+NSS_CMSSignerInfo_GetSignerEmailAddress;
+NSS_CMSSignerInfo_GetSigningCertificate;
+NSS_CMSSignerInfo_GetSigningTime;
+NSS_CMSSignerInfo_GetVerificationStatus;
+NSS_CMSSignerInfo_GetVersion;
+NSS_CMSSignerInfo_IncludeCerts;
+NSS_CMSUtil_VerificationStatusToString;
+NSS_SMIMEUtil_FindBulkAlgForRecipients;
+CERT_DecodeCertPackage;
+SEC_PKCS7AddRecipient;
+SEC_PKCS7AddSigningTime;
+SEC_PKCS7ContentType;
+SEC_PKCS7CreateData;
+SEC_PKCS7CreateEncryptedData;
+SEC_PKCS7CreateEnvelopedData;
+SEC_PKCS7CreateSignedData;
+SEC_PKCS7DecodeItem;
+SEC_PKCS7DecoderFinish;
+SEC_PKCS7DecoderStart;
+SEC_PKCS7DecoderUpdate;
+SEC_PKCS7DecryptContents;
+SEC_PKCS7DestroyContentInfo;
+SEC_PKCS7EncoderFinish;
+SEC_PKCS7EncoderStart;
+SEC_PKCS7EncoderUpdate;
+SEC_PKCS7GetCertificateList;
+SEC_PKCS7GetContent;
+SEC_PKCS7GetEncryptionAlgorithm;
+SEC_PKCS7IncludeCertChain;
+SEC_PKCS7IsContentEmpty;
+SEC_PKCS7VerifySignature;
+SEC_PKCS12AddCertAndKey;
+SEC_PKCS12AddPasswordIntegrity;
+SEC_PKCS12CreateExportContext;
+SEC_PKCS12CreatePasswordPrivSafe;
+SEC_PKCS12CreateUnencryptedSafe;
+SEC_PKCS12EnableCipher;
+SEC_PKCS12Encode;
+SEC_PKCS12DecoderImportBags;
+SEC_PKCS12DecoderFinish;
+SEC_PKCS12DecoderStart;
+SEC_PKCS12DecoderUpdate;
+SEC_PKCS12DecoderValidateBags;
+SEC_PKCS12DecoderVerify;
+SEC_PKCS12DestroyExportContext;
+SEC_PKCS12IsEncryptionAllowed;
+SEC_PKCS12SetPreferredCipher;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.2.1 { # NSS 3.2.1 release
+;+ global:
+NSSSMIME_VersionCheck;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.3 { # NSS 3.3 release
+;+ global:
+SEC_PKCS7AddCertificate;
+SEC_PKCS7CreateCertsOnly;
+SEC_PKCS7Encode;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.4 { # NSS 3.4 release
+;+ global:
+CERT_DecodeCertFromPackage;
+NSS_CMSMessage_IsSigned;
+NSS_CMSSignedData_SetDigestValue;
+NSS_SMIMESignerInfo_SaveSMIMEProfile;
+SEC_PKCS12DecoderGetCerts;
+SEC_PKCS7ContainsCertsOrCrls;
+SEC_PKCS7ContentIsEncrypted;
+SEC_PKCS7ContentIsSigned;
+SEC_PKCS7CopyContentInfo;
+SEC_PKCS7GetSignerCommonName;
+SEC_PKCS7GetSignerEmailAddress;
+SEC_PKCS7GetSigningTime;
+SEC_PKCS7SetContent;
+SEC_PKCS7VerifyDetachedSignature;
+SECMIME_DecryptionAllowed;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.4.1 { # NSS 3.4.1 release
+;+ global:
+NSS_CMSMessage_IsEncrypted;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.6 { # NSS 3.6 release
+;+ global:
+NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs;
+NSS_CMSSignerInfo_CreateWithSubjKeyID;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.7 { # NSS 3.7 release
+;+ global:
+NSS_CMSRecipientInfo_CreateWithSubjKeyID;
+NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.7.2 { # NSS 3.7.2 release
+;+ global:
+NSS_CMSRecipientInfo_WrapBulkKey;
+NSS_CMSRecipientInfo_UnwrapBulkKey;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.8 { # NSS 3.8 release
+;+ global:
+NSS_CMSRecipientInfo_CreateNew;
+NSS_CMSRecipientInfo_CreateFromDER;
+NSS_CMSRecipientInfo_Encode;
+NSS_CMSRecipientInfo_GetCertAndKey;
+SEC_PKCS12DecoderSetTargetTokenCAs;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.9 { # NSS 3.9 release
+;+ global:
+SEC_PKCS7DecoderAbort;
+SEC_PKCS7EncoderAbort;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.9.3 { # NSS 3.9.3 release
+;+ global:
+CERT_ConvertAndDecodeCertificate;
+SEC_PKCS7EncodeItem;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.10 { # NSS 3.10 release
+;+ global:
+SEC_PKCS12DecoderIterateInit;
+SEC_PKCS12DecoderIterateNext;
+SEC_PKCS12DecryptionAllowed;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.2 { # NSS 3.12.2 release
+;+ global:
+SEC_PKCS12AddCertOrChainAndKey;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.12.10 { # NSS 3.12.10 release
+;+ global:
+NSS_CMSType_RegisterContentType;
+NSS_CMSContentInfo_SetDontStream;
+NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs;
+;+#
+;+# Data objects
+;+#
+;+# Don't export these DATA symbols on Windows because they don't work right.
+;+# Use the SEC_ASN1_GET / SEC_ASN1_SUB / SEC_ASN1_XTRN macros to access them.
+;+#
+;+# See nssutil for other examples.
+;+#
+;;NSSCMSGenericWrapperDataTemplate DATA ;
+;;NSS_PointerToCMSGenericWrapperDataTemplate DATA ;
+NSS_Get_NSSCMSGenericWrapperDataTemplate;
+NSS_Get_NSS_PointerToCMSGenericWrapperDataTemplate;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.13 { # NSS 3.13 release
+;+ global:
+NSSSMIME_GetVersion;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.15 { # NSS 3.15 release
+;+ global:
+SEC_PKCS7VerifyDetachedSignatureAtTime;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.16 { # NSS 3.16 release
+;+ global:
+NSS_CMSSignerInfo_Verify;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.18 { # NSS 3.18 release
+;+ global:
+SEC_PKCS12DecoderRenameCertNicknames;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/smime/smime.gyp b/security/nss/lib/smime/smime.gyp
new file mode 100644
index 000000000..fa74cd946
--- /dev/null
+++ b/security/nss/lib/smime/smime.gyp
@@ -0,0 +1,80 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'smime',
+ 'type': 'static_library',
+ 'sources': [
+ 'cmsarray.c',
+ 'cmsasn1.c',
+ 'cmsattr.c',
+ 'cmscinfo.c',
+ 'cmscipher.c',
+ 'cmsdecode.c',
+ 'cmsdigdata.c',
+ 'cmsdigest.c',
+ 'cmsencdata.c',
+ 'cmsencode.c',
+ 'cmsenvdata.c',
+ 'cmsmessage.c',
+ 'cmspubkey.c',
+ 'cmsrecinfo.c',
+ 'cmsreclist.c',
+ 'cmssigdata.c',
+ 'cmssiginfo.c',
+ 'cmsudf.c',
+ 'cmsutil.c',
+ 'smimemessage.c',
+ 'smimeutil.c',
+ 'smimever.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ ]
+ },
+ {
+ # This is here so Firefox can link this without having to
+ # repeat the list of dependencies.
+ 'target_name': 'smime3_deps',
+ 'type': 'none',
+ 'dependencies': [
+ 'smime',
+ '<(DEPTH)/lib/pkcs12/pkcs12.gyp:pkcs12',
+ '<(DEPTH)/lib/pkcs7/pkcs7.gyp:pkcs7'
+ ],
+ },
+ {
+ 'target_name': 'smime3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'smime3_deps',
+ '<(DEPTH)/lib/nss/nss.gyp:nss3',
+ '<(DEPTH)/lib/util/util.gyp:nssutil3'
+ ],
+ 'variables': {
+ 'mapfile': 'smime.def'
+ }
+ }
+ ],
+ 'conditions': [
+ [ 'moz_fold_libs==1', {
+ 'targets': [
+ {
+ 'target_name': 'smime3_static',
+ 'type': 'static_library',
+ 'dependencies': [
+ 'smime3_deps',
+ ],
+ }
+ ],
+ }],
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/smime/smime.h b/security/nss/lib/smime/smime.h
new file mode 100644
index 000000000..e534ef083
--- /dev/null
+++ b/security/nss/lib/smime/smime.h
@@ -0,0 +1,141 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Header file for routines specific to S/MIME. Keep things that are pure
+ * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
+ */
+
+#ifndef _SMIME_H_
+#define _SMIME_H_ 1
+
+#include "cms.h"
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/*
+ * Initialize the local recording of the user S/MIME cipher preferences.
+ * This function is called once for each cipher, the order being
+ * important (first call records greatest preference, and so on).
+ * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
+ * If the function is called again after that, it is assumed that
+ * the preferences are being reset, and the old preferences are
+ * discarded.
+ *
+ * XXX This is for a particular user, and right now the storage is
+ * XXX local, static. The preference should be stored elsewhere to allow
+ * XXX for multiple uses of one library? How does SSL handle this;
+ * XXX it has something similar?
+ *
+ * - The "which" values are defined in ciferfam.h (the SMIME_* values,
+ * for example SMIME_DES_CBC_56).
+ * - If "on" is non-zero then the named cipher is enabled, otherwise
+ * it is disabled. (It is not necessary to call the function for
+ * ciphers that are disabled, however, as that is the default.)
+ *
+ * If the cipher preference is successfully recorded, SECSuccess
+ * is returned. Otherwise SECFailure is returned. The only errors
+ * are due to failure allocating memory or bad parameters/calls:
+ * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
+ * SEC_ERROR_XXX (function is being called more times than there
+ * are known/expected ciphers)
+ */
+extern SECStatus NSS_SMIMEUtil_EnableCipher(long which, int on);
+
+/*
+ * Initialize the local recording of the S/MIME policy.
+ * This function is called to allow/disallow a particular cipher.
+ *
+ * XXX This is for the current module, I think, so local, static storage
+ * XXX is okay. Is that correct, or could multiple uses of the same
+ * XXX library expect to operate under different policies?
+ *
+ * - The "which" values are defined in ciferfam.h (the SMIME_* values,
+ * for example SMIME_DES_CBC_56).
+ * - If "on" is non-zero then the named cipher is enabled, otherwise
+ * it is disabled.
+ */
+extern SECStatus NSS_SMIMEUtils_AllowCipher(long which, int on);
+
+/*
+ * Does the current policy allow S/MIME decryption of this particular
+ * algorithm and keysize?
+ */
+extern PRBool NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
+
+/*
+ * Does the current policy allow *any* S/MIME encryption (or decryption)?
+ *
+ * This tells whether or not *any* S/MIME encryption can be done,
+ * according to policy. Callers may use this to do nicer user interface
+ * (say, greying out a checkbox so a user does not even try to encrypt
+ * a message when they are not allowed to) or for any reason they want
+ * to check whether S/MIME encryption (or decryption, for that matter)
+ * may be done.
+ *
+ * It takes no arguments. The return value is a simple boolean:
+ * PR_TRUE means encryption (or decryption) is *possible*
+ * (but may still fail due to other reasons, like because we cannot
+ * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
+ * PR_FALSE means encryption (or decryption) is not permitted
+ *
+ * There are no errors from this routine.
+ */
+extern PRBool NSS_SMIMEUtil_EncryptionPossible(void);
+
+/*
+ * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities attr value
+ *
+ * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
+ * S/MIME capabilities attribute value.
+ */
+extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest);
+
+/*
+ * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
+ */
+extern SECStatus NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp,
+ SECItem *dest, CERTCertificate *cert);
+
+/*
+ * NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value using MS oid
+ */
+extern SECStatus NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(PLArenaPool *poolp,
+ SECItem *dest, CERTCertificate *cert);
+
+/*
+ * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference - find cert marked by EncryptionKeyPreference
+ * attribute
+ */
+extern CERTCertificate *NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb,
+ SECItem *DERekp);
+
+/*
+ * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
+ */
+extern SECStatus
+NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts,
+ SECOidTag *bulkalgtag, int *keysize);
+
+/*
+ * Return a boolean that indicates whether the underlying library
+ * will perform as the caller expects.
+ *
+ * The only argument is a string, which should be the version
+ * identifier of the NSS library. That string will be compared
+ * against a string that represents the actual build version of
+ * the S/MIME library.
+ */
+extern PRBool NSSSMIME_VersionCheck(const char *importedVersion);
+
+/*
+ * Returns a const string of the S/MIME library version.
+ */
+extern const char *NSSSMIME_GetVersion(void);
+
+/************************************************************************/
+SEC_END_PROTOS
+
+#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/smime/smime.rc b/security/nss/lib/smime/smime.rc
new file mode 100644
index 000000000..ad24732e4
--- /dev/null
+++ b/security/nss/lib/smime/smime.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nss.h"
+#include <winver.h>
+
+#define MY_LIBNAME "smime"
+#define MY_FILEDESCRIPTION "NSS S/MIME Library"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if NSS_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,NSS_VBUILD
+ PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,NSS_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", NSS_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", NSS_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/smime/smimemessage.c b/security/nss/lib/smime/smimemessage.c
new file mode 100644
index 000000000..774b9f3fd
--- /dev/null
+++ b/security/nss/lib/smime/smimemessage.c
@@ -0,0 +1,183 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * SMIME message methods
+ */
+
+#include "cmslocal.h"
+#include "smime.h"
+
+#include "cert.h"
+#include "key.h"
+#include "secasn1.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "prtime.h"
+#include "secerr.h"
+
+#if 0
+/*
+ * NSS_SMIMEMessage_CreateEncrypted - start an S/MIME encrypting context.
+ *
+ * "scert" is the cert for the sender. It will be checked for validity.
+ * "rcerts" are the certs for the recipients. They will also be checked.
+ *
+ * "certdb" is the cert database to use for verifying the certs.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * This function already does all of the stuff specific to S/MIME protocol
+ * and local policy; the return value just needs to be passed to
+ * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
+ * and finally to SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+NSSCMSMessage *
+NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert,
+ CERTCertificate **rcerts,
+ CERTCertDBHandle *certdb,
+ PK11PasswordFunc pwfn,
+ void *pwfn_arg)
+{
+ NSSCMSMessage *cmsg;
+ long cipher;
+ SECOidTag encalg;
+ int keysize;
+ int mapi, rci;
+
+ cipher = smime_choose_cipher (scert, rcerts);
+ if (cipher < 0)
+ return NULL;
+
+ mapi = smime_mapi_by_cipher (cipher);
+ if (mapi < 0)
+ return NULL;
+
+ /*
+ * XXX This is stretching it -- CreateEnvelopedData should probably
+ * take a cipher itself of some sort, because we cannot know what the
+ * future will bring in terms of parameters for each type of algorithm.
+ * For example, just an algorithm and keysize is *not* sufficient to
+ * fully specify the usage of RC5 (which also needs to know rounds and
+ * block size). Work this out into a better API!
+ */
+ encalg = smime_cipher_map[mapi].algtag;
+ keysize = smime_keysize_by_cipher (cipher);
+ if (keysize < 0)
+ return NULL;
+
+ cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
+ certdb, encalg, keysize,
+ pwfn, pwfn_arg);
+ if (cinfo == NULL)
+ return NULL;
+
+ for (rci = 0; rcerts[rci] != NULL; rci++) {
+ if (rcerts[rci] == scert)
+ continue;
+ if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
+ NULL) != SECSuccess) {
+ SEC_PKCS7DestroyContentInfo (cinfo);
+ return NULL;
+ }
+ }
+
+ return cinfo;
+}
+
+
+/*
+ * Start an S/MIME signing context.
+ *
+ * "scert" is the cert that will be used to sign the data. It will be
+ * checked for validity.
+ *
+ * "ecert" is the signer's encryption cert. If it is different from
+ * scert, then it will be included in the signed message so that the
+ * recipient can save it for future encryptions.
+ *
+ * "certdb" is the cert database to use for verifying the cert.
+ * It can be NULL if a default database is available (like in the client).
+ *
+ * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
+ * XXX There should be SECMIME functions for hashing, or the hashing should
+ * be built into this interface, which we would like because we would
+ * support more smartcards that way, and then this argument should go away.)
+ *
+ * "digest" is the actual digest of the data. It must be provided in
+ * the case of detached data or NULL if the content will be included.
+ *
+ * This function already does all of the stuff specific to S/MIME protocol
+ * and local policy; the return value just needs to be passed to
+ * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
+ * and finally to SEC_PKCS7DestroyContentInfo().
+ *
+ * An error results in a return value of NULL and an error set.
+ * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
+ */
+
+NSSCMSMessage *
+NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert,
+ CERTCertificate *ecert,
+ CERTCertDBHandle *certdb,
+ SECOidTag digestalgtag,
+ SECItem *digest,
+ PK11PasswordFunc pwfn,
+ void *pwfn_arg)
+{
+ NSSCMSMessage *cmsg;
+ NSSCMSSignedData *sigd;
+ NSSCMSSignerInfo *signerinfo;
+
+ /* See note in header comment above about digestalg. */
+ /* Doesn't explain this. PORT_Assert (digestalgtag == SEC_OID_SHA1); */
+
+ cmsg = NSS_CMSMessage_Create(NULL);
+ if (cmsg == NULL)
+ return NULL;
+
+ sigd = NSS_CMSSignedData_Create(cmsg);
+ if (sigd == NULL)
+ goto loser;
+
+ /* create just one signerinfo */
+ signerinfo = NSS_CMSSignerInfo_Create(cmsg, scert, digestalgtag);
+ if (signerinfo == NULL)
+ goto loser;
+
+ /* Add the signing time to the signerinfo. */
+ if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) != SECSuccess)
+ goto loser;
+
+ /* and add the SMIME profile */
+ if (NSS_SMIMESignerInfo_AddSMIMEProfile(signerinfo, scert) != SECSuccess)
+ goto loser;
+
+ /* now add the signerinfo to the signeddata */
+ if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess)
+ goto loser;
+
+ /* include the signing cert and its entire chain */
+ /* note that there are no checks for duplicate certs in place, as all the */
+ /* essential data structures (like set of certificate) are not there */
+ if (NSS_CMSSignedData_AddCertChain(sigd, scert) != SECSuccess)
+ goto loser;
+
+ /* If the encryption cert and the signing cert differ, then include
+ * the encryption cert too. */
+ if ( ( ecert != NULL ) && ( ecert != scert ) ) {
+ if (NSS_CMSSignedData_AddCertificate(sigd, ecert) != SECSuccess)
+ goto loser;
+ }
+
+ return cmsg;
+loser:
+ if (cmsg)
+ NSS_CMSMessage_Destroy(cmsg);
+ return NULL;
+}
+#endif
diff --git a/security/nss/lib/smime/smimesym.c b/security/nss/lib/smime/smimesym.c
new file mode 100644
index 000000000..2ae39f400
--- /dev/null
+++ b/security/nss/lib/smime/smimesym.c
@@ -0,0 +1,12 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+extern void SEC_PKCS7DecodeItem();
+extern void SEC_PKCS7DestroyContentInfo();
+
+smime_CMDExports()
+{
+ SEC_PKCS7DecodeItem();
+ SEC_PKCS7DestroyContentInfo();
+}
diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c
new file mode 100644
index 000000000..7674a65fd
--- /dev/null
+++ b/security/nss/lib/smime/smimeutil.c
@@ -0,0 +1,776 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Stuff specific to S/MIME policy and interoperability.
+ */
+
+#include "secmime.h"
+#include "secoid.h"
+#include "pk11func.h"
+#include "ciferfam.h" /* for CIPHER_FAMILY symbols */
+#include "secasn1.h"
+#include "secitem.h"
+#include "cert.h"
+#include "key.h"
+#include "secerr.h"
+#include "cms.h"
+#include "nss.h"
+
+SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
+SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
+
+/* various integer's ASN.1 encoding */
+static unsigned char asn1_int40[] = { SEC_ASN1_INTEGER, 0x01, 0x28 };
+static unsigned char asn1_int64[] = { SEC_ASN1_INTEGER, 0x01, 0x40 };
+static unsigned char asn1_int128[] = { SEC_ASN1_INTEGER, 0x02, 0x00, 0x80 };
+
+/* RC2 algorithm parameters (used in smime_cipher_map) */
+static SECItem param_int40 = { siBuffer, asn1_int40, sizeof(asn1_int40) };
+static SECItem param_int64 = { siBuffer, asn1_int64, sizeof(asn1_int64) };
+static SECItem param_int128 = { siBuffer, asn1_int128, sizeof(asn1_int128) };
+
+/*
+ * XXX Would like the "parameters" field to be a SECItem *, but the
+ * encoder is having trouble with optional pointers to an ANY. Maybe
+ * once that is fixed, can change this back...
+ */
+typedef struct {
+ SECItem capabilityID;
+ SECItem parameters;
+ long cipher; /* optimization */
+} NSSSMIMECapability;
+
+static const SEC_ASN1Template NSSSMIMECapabilityTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSSMIMECapability) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(NSSSMIMECapability, capabilityID) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+ offsetof(NSSSMIMECapability, parameters) },
+ { 0 }
+};
+
+static const SEC_ASN1Template NSSSMIMECapabilitiesTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, NSSSMIMECapabilityTemplate }
+};
+
+/*
+ * NSSSMIMEEncryptionKeyPreference - if we find one of these, it needs to prompt us
+ * to store this and only this certificate permanently for the sender email address.
+ */
+typedef enum {
+ NSSSMIMEEncryptionKeyPref_IssuerSN,
+ NSSSMIMEEncryptionKeyPref_RKeyID,
+ NSSSMIMEEncryptionKeyPref_SubjectKeyID
+} NSSSMIMEEncryptionKeyPrefSelector;
+
+typedef struct {
+ NSSSMIMEEncryptionKeyPrefSelector selector;
+ union {
+ CERTIssuerAndSN *issuerAndSN;
+ NSSCMSRecipientKeyIdentifier *recipientKeyID;
+ SECItem *subjectKeyID;
+ } id;
+} NSSSMIMEEncryptionKeyPreference;
+
+extern const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[];
+
+static const SEC_ASN1Template smime_encryptionkeypref_template[] = {
+ { SEC_ASN1_CHOICE,
+ offsetof(NSSSMIMEEncryptionKeyPreference, selector), NULL,
+ sizeof(NSSSMIMEEncryptionKeyPreference) },
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0 | SEC_ASN1_CONSTRUCTED,
+ offsetof(NSSSMIMEEncryptionKeyPreference, id.issuerAndSN),
+ SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
+ NSSSMIMEEncryptionKeyPref_IssuerSN },
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 1 | SEC_ASN1_CONSTRUCTED,
+ offsetof(NSSSMIMEEncryptionKeyPreference, id.recipientKeyID),
+ NSSCMSRecipientKeyIdentifierTemplate,
+ NSSSMIMEEncryptionKeyPref_RKeyID },
+ { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2 | SEC_ASN1_CONSTRUCTED,
+ offsetof(NSSSMIMEEncryptionKeyPreference, id.subjectKeyID),
+ SEC_ASN1_SUB(SEC_OctetStringTemplate),
+ NSSSMIMEEncryptionKeyPref_SubjectKeyID },
+ { 0 }
+};
+
+/* smime_cipher_map - map of SMIME symmetric "ciphers" to algtag & parameters */
+typedef struct {
+ unsigned long cipher;
+ SECOidTag algtag;
+ SECItem *parms;
+ PRBool enabled; /* in the user's preferences */
+ PRBool allowed; /* per export policy */
+} smime_cipher_map_entry;
+
+/* global: list of supported SMIME symmetric ciphers, ordered roughly by increasing strength */
+static smime_cipher_map_entry smime_cipher_map[] = {
+ /* cipher, algtag, parms, enabled, allowed */
+ /* --------------------------------------- */
+ { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &param_int40, PR_TRUE, PR_TRUE },
+ { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL, PR_TRUE, PR_TRUE },
+ { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &param_int64, PR_TRUE, PR_TRUE },
+ { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &param_int128, PR_TRUE, PR_TRUE },
+ { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL, PR_TRUE, PR_TRUE },
+ { SMIME_AES_CBC_128, SEC_OID_AES_128_CBC, NULL, PR_TRUE, PR_TRUE },
+ { SMIME_AES_CBC_256, SEC_OID_AES_256_CBC, NULL, PR_TRUE, PR_TRUE }
+};
+static const int smime_cipher_map_count = sizeof(smime_cipher_map) / sizeof(smime_cipher_map_entry);
+
+/*
+ * smime_mapi_by_cipher - find index into smime_cipher_map by cipher
+ */
+static int
+smime_mapi_by_cipher(unsigned long cipher)
+{
+ int i;
+
+ for (i = 0; i < smime_cipher_map_count; i++) {
+ if (smime_cipher_map[i].cipher == cipher)
+ return i; /* bingo */
+ }
+ return -1; /* should not happen if we're consistent, right? */
+}
+
+/*
+ * NSS_SMIME_EnableCipher - this function locally records the user's preference
+ */
+SECStatus
+NSS_SMIMEUtil_EnableCipher(unsigned long which, PRBool on)
+{
+ unsigned long mask;
+ int mapi;
+
+ mask = which & CIPHER_FAMILYID_MASK;
+
+ PORT_Assert(mask == CIPHER_FAMILYID_SMIME);
+ if (mask != CIPHER_FAMILYID_SMIME)
+ /* XXX set an error! */
+ return SECFailure;
+
+ mapi = smime_mapi_by_cipher(which);
+ if (mapi < 0)
+ /* XXX set an error */
+ return SECFailure;
+
+ /* do we try to turn on a forbidden cipher? */
+ if (!smime_cipher_map[mapi].allowed && on) {
+ PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
+ return SECFailure;
+ }
+
+ if (smime_cipher_map[mapi].enabled != on)
+ smime_cipher_map[mapi].enabled = on;
+
+ return SECSuccess;
+}
+
+/*
+ * this function locally records the export policy
+ */
+SECStatus
+NSS_SMIMEUtil_AllowCipher(unsigned long which, PRBool on)
+{
+ unsigned long mask;
+ int mapi;
+
+ mask = which & CIPHER_FAMILYID_MASK;
+
+ PORT_Assert(mask == CIPHER_FAMILYID_SMIME);
+ if (mask != CIPHER_FAMILYID_SMIME)
+ /* XXX set an error! */
+ return SECFailure;
+
+ mapi = smime_mapi_by_cipher(which);
+ if (mapi < 0)
+ /* XXX set an error */
+ return SECFailure;
+
+ if (smime_cipher_map[mapi].allowed != on)
+ smime_cipher_map[mapi].allowed = on;
+
+ return SECSuccess;
+}
+
+/*
+ * Based on the given algorithm (including its parameters, in some cases!)
+ * and the given key (may or may not be inspected, depending on the
+ * algorithm), find the appropriate policy algorithm specification
+ * and return it. If no match can be made, -1 is returned.
+ */
+static SECStatus
+nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key,
+ unsigned long *cipher)
+{
+ SECOidTag algtag;
+ unsigned int keylen_bits;
+ unsigned long c;
+
+ algtag = SECOID_GetAlgorithmTag(algid);
+ switch (algtag) {
+ case SEC_OID_RC2_CBC:
+ keylen_bits = PK11_GetKeyStrength(key, algid);
+ switch (keylen_bits) {
+ case 40:
+ c = SMIME_RC2_CBC_40;
+ break;
+ case 64:
+ c = SMIME_RC2_CBC_64;
+ break;
+ case 128:
+ c = SMIME_RC2_CBC_128;
+ break;
+ default:
+ return SECFailure;
+ }
+ break;
+ case SEC_OID_DES_CBC:
+ c = SMIME_DES_CBC_56;
+ break;
+ case SEC_OID_DES_EDE3_CBC:
+ c = SMIME_DES_EDE3_168;
+ break;
+ case SEC_OID_AES_128_CBC:
+ c = SMIME_AES_CBC_128;
+ break;
+ case SEC_OID_AES_256_CBC:
+ c = SMIME_AES_CBC_256;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+ *cipher = c;
+ return SECSuccess;
+}
+
+static PRBool
+nss_smime_cipher_allowed(unsigned long which)
+{
+ int mapi;
+
+ mapi = smime_mapi_by_cipher(which);
+ if (mapi < 0)
+ return PR_FALSE;
+ return smime_cipher_map[mapi].allowed;
+}
+
+PRBool
+NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
+{
+ unsigned long which;
+
+ if (nss_smime_get_cipher_for_alg_and_key(algid, key, &which) != SECSuccess)
+ return PR_FALSE;
+
+ return nss_smime_cipher_allowed(which);
+}
+
+/*
+ * NSS_SMIME_EncryptionPossible - check if any encryption is allowed
+ *
+ * This tells whether or not *any* S/MIME encryption can be done,
+ * according to policy. Callers may use this to do nicer user interface
+ * (say, greying out a checkbox so a user does not even try to encrypt
+ * a message when they are not allowed to) or for any reason they want
+ * to check whether S/MIME encryption (or decryption, for that matter)
+ * may be done.
+ *
+ * It takes no arguments. The return value is a simple boolean:
+ * PR_TRUE means encryption (or decryption) is *possible*
+ * (but may still fail due to other reasons, like because we cannot
+ * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
+ * PR_FALSE means encryption (or decryption) is not permitted
+ *
+ * There are no errors from this routine.
+ */
+PRBool
+NSS_SMIMEUtil_EncryptionPossible(void)
+{
+ int i;
+
+ for (i = 0; i < smime_cipher_map_count; i++) {
+ if (smime_cipher_map[i].allowed)
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+static int
+nss_SMIME_FindCipherForSMIMECap(NSSSMIMECapability *cap)
+{
+ int i;
+ SECOidTag capIDTag;
+
+ /* we need the OIDTag here */
+ capIDTag = SECOID_FindOIDTag(&(cap->capabilityID));
+
+ /* go over all the SMIME ciphers we know and see if we find a match */
+ for (i = 0; i < smime_cipher_map_count; i++) {
+ if (smime_cipher_map[i].algtag != capIDTag)
+ continue;
+ /*
+ * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
+ * 2 NULLs as equal and NULL and non-NULL as not equal), we could
+ * use that here instead of all of the following comparison code.
+ */
+ if (!smime_cipher_map[i].parms) {
+ if (!cap->parameters.data || !cap->parameters.len)
+ break; /* both empty: bingo */
+ if (cap->parameters.len == 2 &&
+ cap->parameters.data[0] == SEC_ASN1_NULL &&
+ cap->parameters.data[1] == 0)
+ break; /* DER NULL == NULL, bingo */
+ } else if (cap->parameters.data != NULL &&
+ cap->parameters.len == smime_cipher_map[i].parms->len &&
+ PORT_Memcmp(cap->parameters.data, smime_cipher_map[i].parms->data,
+ cap->parameters.len) == 0) {
+ break; /* both not empty, same length & equal content: bingo */
+ }
+ }
+
+ if (i == smime_cipher_map_count)
+ return 0; /* no match found */
+ return smime_cipher_map[i].cipher; /* match found, point to cipher */
+}
+
+/*
+ * smime_choose_cipher - choose a cipher that works for all the recipients
+ *
+ * "scert" - sender's certificate
+ * "rcerts" - recipient's certificates
+ */
+static long
+smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
+{
+ PLArenaPool *poolp;
+ long cipher;
+ long chosen_cipher;
+ int *cipher_abilities;
+ int *cipher_votes;
+ int weak_mapi;
+ int strong_mapi;
+ int aes128_mapi;
+ int aes256_mapi;
+ int rcount, mapi, max, i;
+
+ chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
+ weak_mapi = smime_mapi_by_cipher(chosen_cipher);
+ aes128_mapi = smime_mapi_by_cipher(SMIME_AES_CBC_128);
+ aes256_mapi = smime_mapi_by_cipher(SMIME_AES_CBC_256);
+
+ poolp = PORT_NewArena(1024); /* XXX what is right value? */
+ if (poolp == NULL)
+ goto done;
+
+ cipher_abilities = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
+ cipher_votes = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
+ if (cipher_votes == NULL || cipher_abilities == NULL)
+ goto done;
+
+ /* Make triple-DES the strong cipher. */
+ strong_mapi = smime_mapi_by_cipher(SMIME_DES_EDE3_168);
+
+ /* walk all the recipient's certs */
+ for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
+ SECItem *profile;
+ NSSSMIMECapability **caps;
+ int pref;
+
+ /* the first cipher that matches in the user's SMIME profile gets
+ * "smime_cipher_map_count" votes; the next one gets "smime_cipher_map_count" - 1
+ * and so on. If every cipher matches, the last one gets 1 (one) vote */
+ pref = smime_cipher_map_count;
+
+ /* find recipient's SMIME profile */
+ profile = CERT_FindSMimeProfile(rcerts[rcount]);
+
+ if (profile != NULL && profile->data != NULL && profile->len > 0) {
+ /* we have a profile (still DER-encoded) */
+ caps = NULL;
+ /* decode it */
+ if (SEC_QuickDERDecodeItem(poolp, &caps,
+ NSSSMIMECapabilitiesTemplate, profile) == SECSuccess &&
+ caps != NULL) {
+ /* walk the SMIME capabilities for this recipient */
+ for (i = 0; caps[i] != NULL; i++) {
+ cipher = nss_SMIME_FindCipherForSMIMECap(caps[i]);
+ mapi = smime_mapi_by_cipher(cipher);
+ if (mapi >= 0) {
+ /* found the cipher */
+ cipher_abilities[mapi]++;
+ cipher_votes[mapi] += pref;
+ --pref;
+ }
+ }
+ }
+ } else {
+ /* no profile found - so we can only assume that the user can do
+ * the mandatory algorithms which are RC2-40 (weak crypto) and
+ * 3DES (strong crypto), unless the user has an elliptic curve
+ * key. For elliptic curve keys, RFC 5753 mandates support
+ * for AES 128 CBC. */
+ SECKEYPublicKey *key;
+ unsigned int pklen_bits;
+ KeyType key_type;
+
+ /*
+ * if recipient's public key length is > 512, vote for a strong cipher
+ * please not that the side effect of this is that if only one recipient
+ * has an export-level public key, the strong cipher is disabled.
+ *
+ * XXX This is probably only good for RSA keys. What I would
+ * really like is a function to just say; Is the public key in
+ * this cert an export-length key? Then I would not have to
+ * know things like the value 512, or the kind of key, or what
+ * a subjectPublicKeyInfo is, etc.
+ */
+ key = CERT_ExtractPublicKey(rcerts[rcount]);
+ pklen_bits = 0;
+ key_type = nullKey;
+ if (key != NULL) {
+ pklen_bits = SECKEY_PublicKeyStrengthInBits(key);
+ key_type = SECKEY_GetPublicKeyType(key);
+ SECKEY_DestroyPublicKey(key);
+ key = NULL;
+ }
+
+ if (key_type == ecKey) {
+ /* While RFC 5753 mandates support for AES-128 CBC, should use
+ * AES 256 if user's key provides more than 128 bits of
+ * security strength so that symmetric key is not weak link. */
+
+ /* RC2-40 is not compatible with elliptic curve keys. */
+ chosen_cipher = SMIME_DES_EDE3_168;
+ if (pklen_bits > 256) {
+ cipher_abilities[aes256_mapi]++;
+ cipher_votes[aes256_mapi] += pref;
+ pref--;
+ }
+ cipher_abilities[aes128_mapi]++;
+ cipher_votes[aes128_mapi] += pref;
+ pref--;
+ cipher_abilities[strong_mapi]++;
+ cipher_votes[strong_mapi] += pref;
+ pref--;
+ } else {
+ if (pklen_bits > 512) {
+ /* cast votes for the strong algorithm */
+ cipher_abilities[strong_mapi]++;
+ cipher_votes[strong_mapi] += pref;
+ pref--;
+ }
+
+ /* always cast (possibly less) votes for the weak algorithm */
+ cipher_abilities[weak_mapi]++;
+ cipher_votes[weak_mapi] += pref;
+ }
+ }
+ if (profile != NULL)
+ SECITEM_FreeItem(profile, PR_TRUE);
+ }
+
+ /* find cipher that is agreeable by all recipients and that has the most votes */
+ max = 0;
+ for (mapi = 0; mapi < smime_cipher_map_count; mapi++) {
+ /* if not all of the recipients can do this, forget it */
+ if (cipher_abilities[mapi] != rcount)
+ continue;
+ /* if cipher is not enabled or not allowed by policy, forget it */
+ if (!smime_cipher_map[mapi].enabled || !smime_cipher_map[mapi].allowed)
+ continue;
+ /* now see if this one has more votes than the last best one */
+ if (cipher_votes[mapi] >= max) {
+ /* if equal number of votes, prefer the ones further down in the list */
+ /* with the expectation that these are higher rated ciphers */
+ chosen_cipher = smime_cipher_map[mapi].cipher;
+ max = cipher_votes[mapi];
+ }
+ }
+/* if no common cipher was found, chosen_cipher stays at the default */
+
+done:
+ if (poolp != NULL)
+ PORT_FreeArena(poolp, PR_FALSE);
+
+ return chosen_cipher;
+}
+
+/*
+ * XXX This is a hack for now to satisfy our current interface.
+ * Eventually, with more parameters needing to be specified, just
+ * looking up the keysize is not going to be sufficient.
+ */
+static int
+smime_keysize_by_cipher(unsigned long which)
+{
+ int keysize;
+
+ switch (which) {
+ case SMIME_RC2_CBC_40:
+ keysize = 40;
+ break;
+ case SMIME_RC2_CBC_64:
+ keysize = 64;
+ break;
+ case SMIME_RC2_CBC_128:
+ case SMIME_AES_CBC_128:
+ keysize = 128;
+ break;
+ case SMIME_AES_CBC_256:
+ keysize = 256;
+ break;
+ case SMIME_DES_CBC_56:
+ case SMIME_DES_EDE3_168:
+ /*
+ * These are special; since the key size is fixed, we actually
+ * want to *avoid* specifying a key size.
+ */
+ keysize = 0;
+ break;
+ default:
+ keysize = -1;
+ break;
+ }
+
+ return keysize;
+}
+
+/*
+ * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
+ *
+ * it would be great for UI purposes if there would be a way to find out which recipients
+ * prevented a strong cipher from being used...
+ */
+SECStatus
+NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts,
+ SECOidTag *bulkalgtag, int *keysize)
+{
+ unsigned long cipher;
+ int mapi;
+
+ cipher = smime_choose_cipher(NULL, rcerts);
+ mapi = smime_mapi_by_cipher(cipher);
+
+ *bulkalgtag = smime_cipher_map[mapi].algtag;
+ *keysize = smime_keysize_by_cipher(smime_cipher_map[mapi].cipher);
+
+ return SECSuccess;
+}
+
+/*
+ * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities for this instance of NSS
+ *
+ * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
+ * S/MIME capabilities attribute value.
+ *
+ * XXX Please note that, in contradiction to RFC2633 2.5.2, the capabilities only include
+ * symmetric ciphers, NO signature algorithms or key encipherment algorithms.
+ *
+ * "poolp" - arena pool to create the S/MIME capabilities data on
+ * "dest" - SECItem to put the data in
+ */
+SECStatus
+NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest)
+{
+ NSSSMIMECapability *cap;
+ NSSSMIMECapability **smime_capabilities;
+ smime_cipher_map_entry *map;
+ SECOidData *oiddata;
+ SECItem *dummy;
+ int i, capIndex;
+
+ /* if we have an old NSSSMIMECapability array, we'll reuse it (has the right size) */
+ /* smime_cipher_map_count + 1 is an upper bound - we might end up with less */
+ smime_capabilities = (NSSSMIMECapability **)PORT_ZAlloc((smime_cipher_map_count + 1) * sizeof(NSSSMIMECapability *));
+ if (smime_capabilities == NULL)
+ return SECFailure;
+
+ capIndex = 0;
+
+ /* Add all the symmetric ciphers
+ * We walk the cipher list backwards, as it is ordered by increasing strength,
+ * we prefer the stronger cipher over a weaker one, and we have to list the
+ * preferred algorithm first */
+ for (i = smime_cipher_map_count - 1; i >= 0; i--) {
+ /* Find the corresponding entry in the cipher map. */
+ map = &(smime_cipher_map[i]);
+ if (!map->enabled)
+ continue;
+
+ /* get next SMIME capability */
+ cap = (NSSSMIMECapability *)PORT_ZAlloc(sizeof(NSSSMIMECapability));
+ if (cap == NULL)
+ break;
+ smime_capabilities[capIndex++] = cap;
+
+ oiddata = SECOID_FindOIDByTag(map->algtag);
+ if (oiddata == NULL)
+ break;
+
+ cap->capabilityID.data = oiddata->oid.data;
+ cap->capabilityID.len = oiddata->oid.len;
+ cap->parameters.data = map->parms ? map->parms->data : NULL;
+ cap->parameters.len = map->parms ? map->parms->len : 0;
+ cap->cipher = smime_cipher_map[i].cipher;
+ }
+
+ /* XXX add signature algorithms */
+ /* XXX add key encipherment algorithms */
+
+ smime_capabilities[capIndex] = NULL; /* last one - now encode */
+ dummy = SEC_ASN1EncodeItem(poolp, dest, &smime_capabilities, NSSSMIMECapabilitiesTemplate);
+
+ /* now that we have the proper encoded SMIMECapabilities (or not),
+ * free the work data */
+ for (i = 0; smime_capabilities[i] != NULL; i++)
+ PORT_Free(smime_capabilities[i]);
+ PORT_Free(smime_capabilities);
+
+ return (dummy == NULL) ? SECFailure : SECSuccess;
+}
+
+/*
+ * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
+ *
+ * "poolp" - arena pool to create the attr value on
+ * "dest" - SECItem to put the data in
+ * "cert" - certificate that should be marked as preferred encryption key
+ * cert is expected to have been verified for EmailRecipient usage.
+ */
+SECStatus
+NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert)
+{
+ NSSSMIMEEncryptionKeyPreference ekp;
+ SECItem *dummy = NULL;
+ PLArenaPool *tmppoolp = NULL;
+
+ if (cert == NULL)
+ goto loser;
+
+ tmppoolp = PORT_NewArena(1024);
+ if (tmppoolp == NULL)
+ goto loser;
+
+ /* XXX hardcoded IssuerSN choice for now */
+ ekp.selector = NSSSMIMEEncryptionKeyPref_IssuerSN;
+ ekp.id.issuerAndSN = CERT_GetCertIssuerAndSN(tmppoolp, cert);
+ if (ekp.id.issuerAndSN == NULL)
+ goto loser;
+
+ dummy = SEC_ASN1EncodeItem(poolp, dest, &ekp, smime_encryptionkeypref_template);
+
+loser:
+ if (tmppoolp)
+ PORT_FreeArena(tmppoolp, PR_FALSE);
+
+ return (dummy == NULL) ? SECFailure : SECSuccess;
+}
+
+/*
+ * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value using MS oid
+ *
+ * "poolp" - arena pool to create the attr value on
+ * "dest" - SECItem to put the data in
+ * "cert" - certificate that should be marked as preferred encryption key
+ * cert is expected to have been verified for EmailRecipient usage.
+ */
+SECStatus
+NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert)
+{
+ SECItem *dummy = NULL;
+ PLArenaPool *tmppoolp = NULL;
+ CERTIssuerAndSN *isn;
+
+ if (cert == NULL)
+ goto loser;
+
+ tmppoolp = PORT_NewArena(1024);
+ if (tmppoolp == NULL)
+ goto loser;
+
+ isn = CERT_GetCertIssuerAndSN(tmppoolp, cert);
+ if (isn == NULL)
+ goto loser;
+
+ dummy = SEC_ASN1EncodeItem(poolp, dest, isn, SEC_ASN1_GET(CERT_IssuerAndSNTemplate));
+
+loser:
+ if (tmppoolp)
+ PORT_FreeArena(tmppoolp, PR_FALSE);
+
+ return (dummy == NULL) ? SECFailure : SECSuccess;
+}
+
+/*
+ * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference -
+ * find cert marked by EncryptionKeyPreference attribute
+ *
+ * "certdb" - handle for the cert database to look in
+ * "DERekp" - DER-encoded value of S/MIME Encryption Key Preference attribute
+ *
+ * if certificate is supposed to be found among the message's included certificates,
+ * they are assumed to have been imported already.
+ */
+CERTCertificate *
+NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp)
+{
+ PLArenaPool *tmppoolp = NULL;
+ CERTCertificate *cert = NULL;
+ NSSSMIMEEncryptionKeyPreference ekp;
+
+ tmppoolp = PORT_NewArena(1024);
+ if (tmppoolp == NULL)
+ return NULL;
+
+ /* decode DERekp */
+ if (SEC_QuickDERDecodeItem(tmppoolp, &ekp, smime_encryptionkeypref_template,
+ DERekp) != SECSuccess)
+ goto loser;
+
+ /* find cert */
+ switch (ekp.selector) {
+ case NSSSMIMEEncryptionKeyPref_IssuerSN:
+ cert = CERT_FindCertByIssuerAndSN(certdb, ekp.id.issuerAndSN);
+ break;
+ case NSSSMIMEEncryptionKeyPref_RKeyID:
+ case NSSSMIMEEncryptionKeyPref_SubjectKeyID:
+ /* XXX not supported yet - we need to be able to look up certs by SubjectKeyID */
+ break;
+ default:
+ PORT_Assert(0);
+ }
+loser:
+ if (tmppoolp)
+ PORT_FreeArena(tmppoolp, PR_FALSE);
+
+ return cert;
+}
+
+extern const char __nss_smime_version[];
+
+PRBool
+NSSSMIME_VersionCheck(const char *importedVersion)
+{
+#define NSS_VERSION_VARIABLE __nss_smime_version
+#include "verref.h"
+ /*
+ * This is the secret handshake algorithm.
+ *
+ * This release has a simple version compatibility
+ * check algorithm. This release is not backward
+ * compatible with previous major releases. It is
+ * not compatible with future major, minor, or
+ * patch releases.
+ */
+ return NSS_VersionCheck(importedVersion);
+}
+
+const char *
+NSSSMIME_GetVersion(void)
+{
+ return NSS_VERSION;
+}
diff --git a/security/nss/lib/smime/smimever.c b/security/nss/lib/smime/smimever.c
new file mode 100644
index 000000000..8c06130ab
--- /dev/null
+++ b/security/nss/lib/smime/smimever.c
@@ -0,0 +1,18 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Library identity and versioning */
+
+#include "nss.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_smime_version[] = "Version: NSS " NSS_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/softoken/Makefile b/security/nss/lib/softoken/Makefile
new file mode 100644
index 000000000..90a9da263
--- /dev/null
+++ b/security/nss/lib/softoken/Makefile
@@ -0,0 +1,78 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+ifdef NSS_NO_INIT_SUPPORT
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif
+ifeq ($(OS_TARGET),Linux)
+ifeq ($(CPU_ARCH),ppc)
+ifdef USE_64
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif # USE_64
+endif # ppc
+endif # Linux
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+ifdef NSS_DISABLE_DBM
+DIRS=
+endif
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+# indicates dependency on freebl static lib
+$(SHARED_LIBRARY): $(CRYPTOLIB)
+
+# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
+# pkcs11c.c in 64-bit mode for unknown reasons. A workaround is
+# to compile it with optimizations turned on. (Bugzilla bug #63815)
+ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
+ifeq ($(USE_64),1)
+ifndef BUILD_OPT
+$(OBJDIR)/pkcs11.o: pkcs11.c
+ @$(MAKE_OBJDIR)
+ $(CC) -o $@ -c -O2 $(CFLAGS) $<
+$(OBJDIR)/pkcs11c.o: pkcs11c.c
+ @$(MAKE_OBJDIR)
+ $(CC) -o $@ -c -O2 $(CFLAGS) $<
+endif
+endif
+endif
diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk
new file mode 100644
index 000000000..2924b24f8
--- /dev/null
+++ b/security/nss/lib/softoken/config.mk
@@ -0,0 +1,63 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
+CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
+
+EXTRA_LIBS += \
+ $(CRYPTOLIB) \
+ $(NULL)
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/$(LIBRARY_NAME).res
+RESNAME = $(LIBRARY_NAME).rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(SQLITE_LIB_DIR) \
+ -l$(SQLITE_LIB_NAME) \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+else # ! NS_USE_GCC
+
+EXTRA_SHARED_LIBS += \
+ $(SQLITE_LIB_DIR)/$(SQLITE_LIB_NAME).lib \
+ $(NSSUTIL_LIB_DIR)/nssutil3.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
+# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
+EXTRA_SHARED_LIBS += \
+ -L$(SQLITE_LIB_DIR) \
+ -l$(SQLITE_LIB_NAME) \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+endif
+
+ifeq ($(OS_TARGET),AIX)
+OS_LIBS += -lpthread
+endif
diff --git a/security/nss/lib/softoken/exports.gyp b/security/nss/lib/softoken/exports.gyp
new file mode 100644
index 000000000..d11d8e49a
--- /dev/null
+++ b/security/nss/lib/softoken/exports.gyp
@@ -0,0 +1,38 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_softoken_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'lowkeyi.h',
+ 'lowkeyti.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'lgglue.h',
+ 'pkcs11ni.h',
+ 'sdb.h',
+ 'sftkdbt.h',
+ 'softkver.h',
+ 'softoken.h',
+ 'softoknt.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/softoken/fipsaudt.c b/security/nss/lib/softoken/fipsaudt.c
new file mode 100644
index 000000000..e0fd641eb
--- /dev/null
+++ b/security/nss/lib/softoken/fipsaudt.c
@@ -0,0 +1,321 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * This file implements audit logging required by FIPS 140-2 Security
+ * Level 2.
+ */
+
+#include "prprf.h"
+#include "softoken.h"
+
+/*
+ * Print the value of the returned object handle in the output buffer
+ * on a successful return of the PKCS #11 function. If the PKCS #11
+ * function failed or the pointer to object handle is NULL (which is
+ * the case for C_DeriveKey with CKM_TLS_KEY_AND_MAC_DERIVE), an empty
+ * string is stored in the output buffer.
+ *
+ * out: the output buffer
+ * outlen: the length of the output buffer
+ * argName: the name of the "pointer to object handle" argument
+ * phObject: the pointer to object handle
+ * rv: the return value of the PKCS #11 function
+ */
+static void
+sftk_PrintReturnedObjectHandle(char *out, PRUint32 outlen,
+ const char *argName, CK_OBJECT_HANDLE_PTR phObject, CK_RV rv)
+{
+ if ((rv == CKR_OK) && phObject) {
+ PR_snprintf(out, outlen,
+ " *%s=0x%08lX", argName, (PRUint32)*phObject);
+ } else {
+ PORT_Assert(outlen != 0);
+ out[0] = '\0';
+ }
+}
+
+/*
+ * MECHANISM_BUFSIZE needs to be large enough for sftk_PrintMechanism,
+ * which uses <= 49 bytes.
+ */
+#define MECHANISM_BUFSIZE 64
+
+static void
+sftk_PrintMechanism(char *out, PRUint32 outlen,
+ CK_MECHANISM_PTR pMechanism)
+{
+ if (pMechanism) {
+ /*
+ * If we change the format string, we need to make sure
+ * MECHANISM_BUFSIZE is still large enough. We allow
+ * 20 bytes for %p on a 64-bit platform.
+ */
+ PR_snprintf(out, outlen, "%p {mechanism=0x%08lX, ...}",
+ pMechanism, (PRUint32)pMechanism->mechanism);
+ } else {
+ PR_snprintf(out, outlen, "%p", pMechanism);
+ }
+}
+
+void
+sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject, CK_RV rv)
+{
+ char msg[256];
+ char shObject[32];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintReturnedObjectHandle(shObject, sizeof shObject,
+ "phObject", phObject, rv);
+ PR_snprintf(msg, sizeof msg,
+ "C_CreateObject(hSession=0x%08lX, pTemplate=%p, ulCount=%lu, "
+ "phObject=%p)=0x%08lX%s",
+ (PRUint32)hSession, pTemplate, (PRUint32)ulCount,
+ phObject, (PRUint32)rv, shObject);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_LOAD_KEY, msg);
+}
+
+void
+sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv)
+{
+ char msg[256];
+ char shNewObject[32];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintReturnedObjectHandle(shNewObject, sizeof shNewObject,
+ "phNewObject", phNewObject, rv);
+ PR_snprintf(msg, sizeof msg,
+ "C_CopyObject(hSession=0x%08lX, hObject=0x%08lX, "
+ "pTemplate=%p, ulCount=%lu, phNewObject=%p)=0x%08lX%s",
+ (PRUint32)hSession, (PRUint32)hObject,
+ pTemplate, (PRUint32)ulCount, phNewObject, (PRUint32)rv, shNewObject);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_COPY_KEY, msg);
+}
+
+/* WARNING: hObject has been destroyed and can only be printed. */
+void
+sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_RV rv)
+{
+ char msg[256];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ PR_snprintf(msg, sizeof msg,
+ "C_DestroyObject(hSession=0x%08lX, hObject=0x%08lX)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)hObject, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_DESTROY_KEY, msg);
+}
+
+void
+sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize, CK_RV rv)
+{
+ char msg[256];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ PR_snprintf(msg, sizeof msg,
+ "C_GetObjectSize(hSession=0x%08lX, hObject=0x%08lX, "
+ "pulSize=%p)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)hObject,
+ pulSize, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_ACCESS_KEY, msg);
+}
+
+void
+sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_RV rv)
+{
+ char msg[256];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ PR_snprintf(msg, sizeof msg,
+ "C_GetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, "
+ "pTemplate=%p, ulCount=%lu)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)hObject,
+ pTemplate, (PRUint32)ulCount, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_ACCESS_KEY, msg);
+}
+
+void
+sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_RV rv)
+{
+ char msg[256];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ PR_snprintf(msg, sizeof msg,
+ "C_SetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, "
+ "pTemplate=%p, ulCount=%lu)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)hObject,
+ pTemplate, (PRUint32)ulCount, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_CHANGE_KEY, msg);
+}
+
+void
+sftk_AuditCryptInit(const char *opName, CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey, CK_RV rv)
+{
+ char msg[256];
+ char mech[MECHANISM_BUFSIZE];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintMechanism(mech, sizeof mech, pMechanism);
+ PR_snprintf(msg, sizeof msg,
+ "C_%sInit(hSession=0x%08lX, pMechanism=%s, "
+ "hKey=0x%08lX)=0x%08lX",
+ opName, (PRUint32)hSession, mech,
+ (PRUint32)hKey, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_CRYPT, msg);
+}
+
+void
+sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
+{
+ char msg[256];
+ char mech[MECHANISM_BUFSIZE];
+ char shKey[32];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintMechanism(mech, sizeof mech, pMechanism);
+ sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
+ PR_snprintf(msg, sizeof msg,
+ "C_GenerateKey(hSession=0x%08lX, pMechanism=%s, "
+ "pTemplate=%p, ulCount=%lu, phKey=%p)=0x%08lX%s",
+ (PRUint32)hSession, mech,
+ pTemplate, (PRUint32)ulCount, phKey, (PRUint32)rv, shKey);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_GENERATE_KEY, msg);
+}
+
+void
+sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv)
+{
+ char msg[512];
+ char mech[MECHANISM_BUFSIZE];
+ char shPublicKey[32];
+ char shPrivateKey[32];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintMechanism(mech, sizeof mech, pMechanism);
+ sftk_PrintReturnedObjectHandle(shPublicKey, sizeof shPublicKey,
+ "phPublicKey", phPublicKey, rv);
+ sftk_PrintReturnedObjectHandle(shPrivateKey, sizeof shPrivateKey,
+ "phPrivateKey", phPrivateKey, rv);
+ PR_snprintf(msg, sizeof msg,
+ "C_GenerateKeyPair(hSession=0x%08lX, pMechanism=%s, "
+ "pPublicKeyTemplate=%p, ulPublicKeyAttributeCount=%lu, "
+ "pPrivateKeyTemplate=%p, ulPrivateKeyAttributeCount=%lu, "
+ "phPublicKey=%p, phPrivateKey=%p)=0x%08lX%s%s",
+ (PRUint32)hSession, mech,
+ pPublicKeyTemplate, (PRUint32)ulPublicKeyAttributeCount,
+ pPrivateKeyTemplate, (PRUint32)ulPrivateKeyAttributeCount,
+ phPublicKey, phPrivateKey, (PRUint32)rv, shPublicKey, shPrivateKey);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_GENERATE_KEY, msg);
+}
+
+void
+sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv)
+{
+ char msg[256];
+ char mech[MECHANISM_BUFSIZE];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintMechanism(mech, sizeof mech, pMechanism);
+ PR_snprintf(msg, sizeof msg,
+ "C_WrapKey(hSession=0x%08lX, pMechanism=%s, hWrappingKey=0x%08lX, "
+ "hKey=0x%08lX, pWrappedKey=%p, pulWrappedKeyLen=%p)=0x%08lX",
+ (PRUint32)hSession, mech, (PRUint32)hWrappingKey,
+ (PRUint32)hKey, pWrappedKey, pulWrappedKeyLen, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_WRAP_KEY, msg);
+}
+
+void
+sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
+{
+ char msg[256];
+ char mech[MECHANISM_BUFSIZE];
+ char shKey[32];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintMechanism(mech, sizeof mech, pMechanism);
+ sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
+ PR_snprintf(msg, sizeof msg,
+ "C_UnwrapKey(hSession=0x%08lX, pMechanism=%s, "
+ "hUnwrappingKey=0x%08lX, pWrappedKey=%p, ulWrappedKeyLen=%lu, "
+ "pTemplate=%p, ulAttributeCount=%lu, phKey=%p)=0x%08lX%s",
+ (PRUint32)hSession, mech,
+ (PRUint32)hUnwrappingKey, pWrappedKey, (PRUint32)ulWrappedKeyLen,
+ pTemplate, (PRUint32)ulAttributeCount, phKey, (PRUint32)rv, shKey);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_UNWRAP_KEY, msg);
+}
+
+void
+sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
+{
+ char msg[512];
+ char mech[MECHANISM_BUFSIZE];
+ char shKey[32];
+ char sTlsKeys[128];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ sftk_PrintMechanism(mech, sizeof mech, pMechanism);
+ sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
+ if ((rv == CKR_OK) &&
+ (pMechanism->mechanism == CKM_TLS_KEY_AND_MAC_DERIVE)) {
+ CK_SSL3_KEY_MAT_PARAMS *param =
+ (CK_SSL3_KEY_MAT_PARAMS *)pMechanism->pParameter;
+ CK_SSL3_KEY_MAT_OUT *keymat = param->pReturnedKeyMaterial;
+ PR_snprintf(sTlsKeys, sizeof sTlsKeys,
+ " hClientMacSecret=0x%08lX hServerMacSecret=0x%08lX"
+ " hClientKey=0x%08lX hServerKey=0x%08lX",
+ (PRUint32)keymat->hClientMacSecret,
+ (PRUint32)keymat->hServerMacSecret,
+ (PRUint32)keymat->hClientKey,
+ (PRUint32)keymat->hServerKey);
+ } else {
+ sTlsKeys[0] = '\0';
+ }
+ PR_snprintf(msg, sizeof msg,
+ "C_DeriveKey(hSession=0x%08lX, pMechanism=%s, "
+ "hBaseKey=0x%08lX, pTemplate=%p, ulAttributeCount=%lu, "
+ "phKey=%p)=0x%08lX%s%s",
+ (PRUint32)hSession, mech,
+ (PRUint32)hBaseKey, pTemplate, (PRUint32)ulAttributeCount,
+ phKey, (PRUint32)rv, shKey, sTlsKeys);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_DERIVE_KEY, msg);
+}
+
+void
+sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey, CK_RV rv)
+{
+ char msg[256];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+
+ PR_snprintf(msg, sizeof msg,
+ "C_DigestKey(hSession=0x%08lX, hKey=0x%08lX)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)hKey, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_DIGEST_KEY, msg);
+}
diff --git a/security/nss/lib/softoken/fipstest.c b/security/nss/lib/softoken/fipstest.c
new file mode 100644
index 000000000..3563bd2d2
--- /dev/null
+++ b/security/nss/lib/softoken/fipstest.c
@@ -0,0 +1,654 @@
+/*
+ * PKCS #11 FIPS Power-Up Self Test.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "seccomon.h"
+#include "blapi.h"
+#include "softoken.h"
+#include "lowkeyi.h"
+#include "secoid.h"
+#include "secerr.h"
+
+/*
+ * different platforms have different ways of calling and initial entry point
+ * when the dll/.so is loaded. Most platforms support either a posix pragma
+ * or the GCC attribute. Some platforms suppor a pre-defined name, and some
+ * platforms have a link line way of invoking this function.
+ */
+
+/* The pragma */
+#if defined(USE_INIT_PRAGMA)
+#pragma init(sftk_startup_tests)
+#endif
+
+/* GCC Attribute */
+#if defined(__GNUC__) && !defined(NSS_NO_INIT_SUPPORT)
+#define INIT_FUNCTION __attribute__((constructor))
+#else
+#define INIT_FUNCTION
+#endif
+
+static void INIT_FUNCTION sftk_startup_tests(void);
+
+/* Windows pre-defined entry */
+#if defined(XP_WIN) && !defined(NSS_NO_INIT_SUPPORT)
+#include <windows.h>
+
+BOOL WINAPI DllMain(
+ HINSTANCE hinstDLL, // handle to DLL module
+ DWORD fdwReason, // reason for calling function
+ LPVOID lpReserved) // reserved
+{
+ // Perform actions based on the reason for calling.
+ switch (fdwReason) {
+ case DLL_PROCESS_ATTACH:
+ // Initialize once for each new process.
+ // Return FALSE to fail DLL load.
+ sftk_startup_tests();
+ break;
+
+ case DLL_THREAD_ATTACH:
+ // Do thread-specific initialization.
+ break;
+
+ case DLL_THREAD_DETACH:
+ // Do thread-specific cleanup.
+ break;
+
+ case DLL_PROCESS_DETACH:
+ // Perform any necessary cleanup.
+ break;
+ }
+ return TRUE; // Successful DLL_PROCESS_ATTACH.
+}
+#endif
+
+/* FIPS preprocessor directives for RSA. */
+#define FIPS_RSA_TYPE siBuffer
+#define FIPS_RSA_PUBLIC_EXPONENT_LENGTH 3 /* 24-bits */
+#define FIPS_RSA_PRIVATE_VERSION_LENGTH 1 /* 8-bits */
+#define FIPS_RSA_MESSAGE_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_COEFFICIENT_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_PRIME0_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_PRIME1_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_EXPONENT0_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_EXPONENT1_LENGTH 128 /* 1024-bits */
+#define FIPS_RSA_PRIVATE_EXPONENT_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_ENCRYPT_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_DECRYPT_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_SIGNATURE_LENGTH 256 /* 2048-bits */
+#define FIPS_RSA_MODULUS_LENGTH 256 /* 2048-bits */
+
+/*
+* Test the softoken RSA_HashSign and RSH_HashCheckSign.
+*/
+static SECStatus
+sftk_fips_RSA_PowerUpSigSelfTest(HASH_HashType shaAlg,
+ NSSLOWKEYPublicKey *rsa_public_key,
+ NSSLOWKEYPrivateKey *rsa_private_key,
+ const unsigned char *rsa_known_msg,
+ const unsigned int rsa_kmsg_length,
+ const unsigned char *rsa_known_signature)
+{
+ SECOidTag shaOid; /* SHA OID */
+ unsigned char sha[HASH_LENGTH_MAX]; /* SHA digest */
+ unsigned int shaLength = 0; /* length of SHA */
+ unsigned int rsa_bytes_signed;
+ unsigned char rsa_computed_signature[FIPS_RSA_SIGNATURE_LENGTH];
+ SECStatus rv;
+
+ if (shaAlg == HASH_AlgSHA1) {
+ if (SHA1_HashBuf(sha, rsa_known_msg, rsa_kmsg_length) != SECSuccess) {
+ goto loser;
+ }
+ shaLength = SHA1_LENGTH;
+ shaOid = SEC_OID_SHA1;
+ } else if (shaAlg == HASH_AlgSHA256) {
+ if (SHA256_HashBuf(sha, rsa_known_msg, rsa_kmsg_length) != SECSuccess) {
+ goto loser;
+ }
+ shaLength = SHA256_LENGTH;
+ shaOid = SEC_OID_SHA256;
+ } else if (shaAlg == HASH_AlgSHA384) {
+ if (SHA384_HashBuf(sha, rsa_known_msg, rsa_kmsg_length) != SECSuccess) {
+ goto loser;
+ }
+ shaLength = SHA384_LENGTH;
+ shaOid = SEC_OID_SHA384;
+ } else if (shaAlg == HASH_AlgSHA512) {
+ if (SHA512_HashBuf(sha, rsa_known_msg, rsa_kmsg_length) != SECSuccess) {
+ goto loser;
+ }
+ shaLength = SHA512_LENGTH;
+ shaOid = SEC_OID_SHA512;
+ } else {
+ goto loser;
+ }
+
+ /*************************************************/
+ /* RSA Single-Round Known Answer Signature Test. */
+ /*************************************************/
+
+ /* Perform RSA signature with the RSA private key. */
+ rv = RSA_HashSign(shaOid,
+ rsa_private_key,
+ rsa_computed_signature,
+ &rsa_bytes_signed,
+ FIPS_RSA_SIGNATURE_LENGTH,
+ sha,
+ shaLength);
+
+ if ((rv != SECSuccess) ||
+ (rsa_bytes_signed != FIPS_RSA_SIGNATURE_LENGTH) ||
+ (PORT_Memcmp(rsa_computed_signature, rsa_known_signature,
+ FIPS_RSA_SIGNATURE_LENGTH) != 0)) {
+ goto loser;
+ }
+
+ /****************************************************/
+ /* RSA Single-Round Known Answer Verification Test. */
+ /****************************************************/
+
+ /* Perform RSA verification with the RSA public key. */
+ rv = RSA_HashCheckSign(shaOid,
+ rsa_public_key,
+ rsa_computed_signature,
+ rsa_bytes_signed,
+ sha,
+ shaLength);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ return (SECSuccess);
+
+loser:
+
+ return (SECFailure);
+}
+
+static SECStatus
+sftk_fips_RSA_PowerUpSelfTest(void)
+{
+ /* RSA Known Modulus used in both Public/Private Key Values (2048-bits). */
+ static const PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
+ 0xb8, 0x15, 0x00, 0x33, 0xda, 0x0c, 0x9d, 0xa5,
+ 0x14, 0x8c, 0xde, 0x1f, 0x23, 0x07, 0x54, 0xe2,
+ 0xc6, 0xb9, 0x51, 0x04, 0xc9, 0x65, 0x24, 0x6e,
+ 0x0a, 0x46, 0x34, 0x5c, 0x37, 0x86, 0x6b, 0x88,
+ 0x24, 0x27, 0xac, 0xa5, 0x02, 0x79, 0xfb, 0xed,
+ 0x75, 0xc5, 0x3f, 0x6e, 0xdf, 0x05, 0x5f, 0x0f,
+ 0x20, 0x70, 0xa0, 0x5b, 0x85, 0xdb, 0xac, 0xb9,
+ 0x5f, 0x02, 0xc2, 0x64, 0x1e, 0x84, 0x5b, 0x3e,
+ 0xad, 0xbf, 0xf6, 0x2e, 0x51, 0xd6, 0xad, 0xf7,
+ 0xa7, 0x86, 0x75, 0x86, 0xec, 0xa7, 0xe1, 0xf7,
+ 0x08, 0xbf, 0xdc, 0x56, 0xb1, 0x3b, 0xca, 0xd8,
+ 0xfc, 0x51, 0xdf, 0x9a, 0x2a, 0x37, 0x06, 0xf2,
+ 0xd1, 0x6b, 0x9a, 0x5e, 0x2a, 0xe5, 0x20, 0x57,
+ 0x35, 0x9f, 0x1f, 0x98, 0xcf, 0x40, 0xc7, 0xd6,
+ 0x98, 0xdb, 0xde, 0xf5, 0x64, 0x53, 0xf7, 0x9d,
+ 0x45, 0xf3, 0xd6, 0x78, 0xb9, 0xe3, 0xa3, 0x20,
+ 0xcd, 0x79, 0x43, 0x35, 0xef, 0xd7, 0xfb, 0xb9,
+ 0x80, 0x88, 0x27, 0x2f, 0x63, 0xa8, 0x67, 0x3d,
+ 0x4a, 0xfa, 0x06, 0xc6, 0xd2, 0x86, 0x0b, 0xa7,
+ 0x28, 0xfd, 0xe0, 0x1e, 0x93, 0x4b, 0x17, 0x2e,
+ 0xb0, 0x11, 0x6f, 0xc6, 0x2b, 0x98, 0x0f, 0x15,
+ 0xe3, 0x87, 0x16, 0x7a, 0x7c, 0x67, 0x3e, 0x12,
+ 0x2b, 0xf8, 0xbe, 0x48, 0xc1, 0x97, 0x47, 0xf4,
+ 0x1f, 0x81, 0x80, 0x12, 0x28, 0xe4, 0x7b, 0x1e,
+ 0xb7, 0x00, 0xa4, 0xde, 0xaa, 0xfb, 0x0f, 0x77,
+ 0x84, 0xa3, 0xd6, 0xb2, 0x03, 0x48, 0xdd, 0x53,
+ 0x8b, 0x46, 0x41, 0x28, 0x52, 0xc4, 0x53, 0xf0,
+ 0x1c, 0x95, 0xd9, 0x36, 0xe0, 0x0f, 0x26, 0x46,
+ 0x9c, 0x61, 0x0e, 0x80, 0xca, 0x86, 0xaf, 0x39,
+ 0x95, 0xe5, 0x60, 0x43, 0x61, 0x3e, 0x2b, 0xb4,
+ 0xe8, 0xbd, 0x8d, 0x77, 0x62, 0xf5, 0x32, 0x43,
+ 0x2f, 0x4b, 0x65, 0x82, 0x14, 0xdd, 0x29, 0x5b
+ };
+
+ /* RSA Known Public Key Values (24-bits). */
+ static const PRUint8 rsa_public_exponent[FIPS_RSA_PUBLIC_EXPONENT_LENGTH] = { 0x01, 0x00, 0x01 };
+ /* RSA Known Private Key Values (version is 8-bits), */
+ /* (private exponent is 2048-bits), */
+ /* (private prime0 is 1024-bits), */
+ /* (private prime1 is 1024-bits), */
+ /* (private prime exponent0 is 1024-bits), */
+ /* (private prime exponent1 is 1024-bits), */
+ /* and (private coefficient is 1024-bits). */
+ static const PRUint8 rsa_version[] = { 0x00 };
+
+ static const PRUint8 rsa_private_exponent[FIPS_RSA_PRIVATE_EXPONENT_LENGTH] = {
+ 0x29, 0x08, 0x05, 0x53, 0x89, 0x76, 0xe6, 0x6c,
+ 0xb5, 0x77, 0xf0, 0xca, 0xdf, 0xf3, 0xf2, 0x67,
+ 0xda, 0x03, 0xd4, 0x9b, 0x4c, 0x88, 0xce, 0xe5,
+ 0xf8, 0x44, 0x4d, 0xc7, 0x80, 0x58, 0xe5, 0xff,
+ 0x22, 0x8f, 0xf5, 0x5b, 0x92, 0x81, 0xbe, 0x35,
+ 0xdf, 0xda, 0x67, 0x99, 0x3e, 0xfc, 0xe3, 0x83,
+ 0x6b, 0xa7, 0xaf, 0x16, 0xb7, 0x6f, 0x8f, 0xc0,
+ 0x81, 0xfd, 0x0b, 0x77, 0x65, 0x95, 0xfb, 0x00,
+ 0xad, 0x99, 0xec, 0x35, 0xc6, 0xe8, 0x23, 0x3e,
+ 0xe0, 0x88, 0x88, 0x09, 0xdb, 0x16, 0x50, 0xb7,
+ 0xcf, 0xab, 0x74, 0x61, 0x9e, 0x7f, 0xc5, 0x67,
+ 0x38, 0x56, 0xc7, 0x90, 0x85, 0x78, 0x5e, 0x84,
+ 0x21, 0x49, 0xea, 0xce, 0xb2, 0xa0, 0xff, 0xe4,
+ 0x70, 0x7f, 0x57, 0x7b, 0xa8, 0x36, 0xb8, 0x54,
+ 0x8d, 0x1d, 0xf5, 0x44, 0x9d, 0x68, 0x59, 0xf9,
+ 0x24, 0x6e, 0x85, 0x8f, 0xc3, 0x5f, 0x8a, 0x2c,
+ 0x94, 0xb7, 0xbc, 0x0e, 0xa5, 0xef, 0x93, 0x06,
+ 0x38, 0xcd, 0x07, 0x0c, 0xae, 0xb8, 0x44, 0x1a,
+ 0xd8, 0xe7, 0xf5, 0x9a, 0x1e, 0x9c, 0x18, 0xc7,
+ 0x6a, 0xc2, 0x7f, 0x28, 0x01, 0x4f, 0xb4, 0xb8,
+ 0x90, 0x97, 0x5a, 0x43, 0x38, 0xad, 0xe8, 0x95,
+ 0x68, 0x83, 0x1a, 0x1b, 0x10, 0x07, 0xe6, 0x02,
+ 0x52, 0x1f, 0xbf, 0x76, 0x6b, 0x46, 0xd6, 0xfb,
+ 0xc3, 0xbe, 0xb5, 0xac, 0x52, 0x53, 0x01, 0x1c,
+ 0xf3, 0xc5, 0xeb, 0x64, 0xf2, 0x1e, 0xc4, 0x38,
+ 0xe9, 0xaa, 0xd9, 0xc3, 0x72, 0x51, 0xa5, 0x44,
+ 0x58, 0x69, 0x0b, 0x1b, 0x98, 0x7f, 0xf2, 0x23,
+ 0xff, 0xeb, 0xf0, 0x75, 0x24, 0xcf, 0xc5, 0x1e,
+ 0xb8, 0x6a, 0xc5, 0x2f, 0x4f, 0x23, 0x50, 0x7d,
+ 0x15, 0x9d, 0x19, 0x7a, 0x0b, 0x82, 0xe0, 0x21,
+ 0x5b, 0x5f, 0x9d, 0x50, 0x2b, 0x83, 0xe4, 0x48,
+ 0xcc, 0x39, 0xe5, 0xfb, 0x13, 0x7b, 0x6f, 0x81
+ };
+
+ static const PRUint8 rsa_prime0[FIPS_RSA_PRIME0_LENGTH] = {
+ 0xe4, 0xbf, 0x21, 0x62, 0x9b, 0xa9, 0x77, 0x40,
+ 0x8d, 0x2a, 0xce, 0xa1, 0x67, 0x5a, 0x4c, 0x96,
+ 0x45, 0x98, 0x67, 0xbd, 0x75, 0x22, 0x33, 0x6f,
+ 0xe6, 0xcb, 0x77, 0xde, 0x9e, 0x97, 0x7d, 0x96,
+ 0x8c, 0x5e, 0x5d, 0x34, 0xfb, 0x27, 0xfc, 0x6d,
+ 0x74, 0xdb, 0x9d, 0x2e, 0x6d, 0xf6, 0xea, 0xfc,
+ 0xce, 0x9e, 0xda, 0xa7, 0x25, 0xa2, 0xf4, 0x58,
+ 0x6d, 0x0a, 0x3f, 0x01, 0xc2, 0xb4, 0xab, 0x38,
+ 0xc1, 0x14, 0x85, 0xb6, 0xfa, 0x94, 0xc3, 0x85,
+ 0xf9, 0x3c, 0x2e, 0x96, 0x56, 0x01, 0xe7, 0xd6,
+ 0x14, 0x71, 0x4f, 0xfb, 0x4c, 0x85, 0x52, 0xc4,
+ 0x61, 0x1e, 0xa5, 0x1e, 0x96, 0x13, 0x0d, 0x8f,
+ 0x66, 0xae, 0xa0, 0xcd, 0x7d, 0x25, 0x66, 0x19,
+ 0x15, 0xc2, 0xcf, 0xc3, 0x12, 0x3c, 0xe8, 0xa4,
+ 0x52, 0x4c, 0xcb, 0x28, 0x3c, 0xc4, 0xbf, 0x95,
+ 0x33, 0xe3, 0x81, 0xea, 0x0c, 0x6c, 0xa2, 0x05
+ };
+ static const PRUint8 rsa_prime1[FIPS_RSA_PRIME1_LENGTH] = {
+ 0xce, 0x03, 0x94, 0xf4, 0xa9, 0x2c, 0x1e, 0x06,
+ 0xe7, 0x40, 0x30, 0x01, 0xf7, 0xbb, 0x68, 0x8c,
+ 0x27, 0xd2, 0x15, 0xe3, 0x28, 0x49, 0x5b, 0xa8,
+ 0xc1, 0x9a, 0x42, 0x7e, 0x31, 0xf9, 0x08, 0x34,
+ 0x81, 0xa2, 0x0f, 0x04, 0x61, 0x34, 0xe3, 0x36,
+ 0x92, 0xb1, 0x09, 0x2b, 0xe9, 0xef, 0x84, 0x88,
+ 0xbe, 0x9c, 0x98, 0x60, 0xa6, 0x60, 0x84, 0xe9,
+ 0x75, 0x6f, 0xcc, 0x81, 0xd1, 0x96, 0xef, 0xdd,
+ 0x2e, 0xca, 0xc4, 0xf5, 0x42, 0xfb, 0x13, 0x2b,
+ 0x57, 0xbf, 0x14, 0x5e, 0xc2, 0x7f, 0x77, 0x35,
+ 0x29, 0xc4, 0xe5, 0xe0, 0xf9, 0x6d, 0x15, 0x4a,
+ 0x42, 0x56, 0x1c, 0x3e, 0x0c, 0xc5, 0xce, 0x70,
+ 0x08, 0x63, 0x1e, 0x73, 0xdb, 0x7e, 0x74, 0x05,
+ 0x32, 0x01, 0xc6, 0x36, 0x32, 0x75, 0x6b, 0xed,
+ 0x9d, 0xfe, 0x7c, 0x7e, 0xa9, 0x57, 0xb4, 0xe9,
+ 0x22, 0xe4, 0xe7, 0xfe, 0x36, 0x07, 0x9b, 0xdf
+ };
+ static const PRUint8 rsa_exponent0[FIPS_RSA_EXPONENT0_LENGTH] = {
+ 0x04, 0x5a, 0x3a, 0xa9, 0x64, 0xaa, 0xd9, 0xd1,
+ 0x09, 0x9e, 0x99, 0xe5, 0xea, 0x50, 0x86, 0x8a,
+ 0x89, 0x72, 0x77, 0xee, 0xdb, 0xee, 0xb5, 0xa9,
+ 0xd8, 0x6b, 0x60, 0xb1, 0x84, 0xb4, 0xff, 0x37,
+ 0xc1, 0x1d, 0xfe, 0x8a, 0x06, 0x89, 0x61, 0x3d,
+ 0x37, 0xef, 0x01, 0xd3, 0xa3, 0x56, 0x02, 0x6c,
+ 0xa3, 0x05, 0xd4, 0xc5, 0x3f, 0x6b, 0x15, 0x59,
+ 0x25, 0x61, 0xff, 0x86, 0xea, 0x0c, 0x84, 0x01,
+ 0x85, 0x72, 0xfd, 0x84, 0x58, 0xca, 0x41, 0xda,
+ 0x27, 0xbe, 0xe4, 0x68, 0x09, 0xe4, 0xe9, 0x63,
+ 0x62, 0x6a, 0x31, 0x8a, 0x67, 0x8f, 0x55, 0xde,
+ 0xd4, 0xb6, 0x3f, 0x90, 0x10, 0x6c, 0xf6, 0x62,
+ 0x17, 0x23, 0x15, 0x7e, 0x33, 0x76, 0x65, 0xb5,
+ 0xee, 0x7b, 0x11, 0x76, 0xf5, 0xbe, 0xe0, 0xf2,
+ 0x57, 0x7a, 0x8c, 0x97, 0x0c, 0x68, 0xf5, 0xf8,
+ 0x41, 0xcf, 0x7f, 0x66, 0x53, 0xac, 0x31, 0x7d
+ };
+ static const PRUint8 rsa_exponent1[FIPS_RSA_EXPONENT1_LENGTH] = {
+ 0x93, 0x54, 0x14, 0x6e, 0x73, 0x9d, 0x4d, 0x4b,
+ 0xfa, 0x8c, 0xf8, 0xc8, 0x2f, 0x76, 0x22, 0xea,
+ 0x38, 0x80, 0x11, 0x8f, 0x05, 0xfc, 0x90, 0x44,
+ 0x3b, 0x50, 0x2a, 0x45, 0x3d, 0x4f, 0xaf, 0x02,
+ 0x7d, 0xc2, 0x7b, 0xa2, 0xd2, 0x31, 0x94, 0x5c,
+ 0x2e, 0xc3, 0xd4, 0x9f, 0x47, 0x09, 0x37, 0x6a,
+ 0xe3, 0x85, 0xf1, 0xa3, 0x0c, 0xd8, 0xf1, 0xb4,
+ 0x53, 0x7b, 0xc4, 0x71, 0x02, 0x86, 0x42, 0xbb,
+ 0x96, 0xff, 0x03, 0xa3, 0xb2, 0x67, 0x03, 0xea,
+ 0x77, 0x31, 0xfb, 0x4b, 0x59, 0x24, 0xf7, 0x07,
+ 0x59, 0xfb, 0xa9, 0xba, 0x1e, 0x26, 0x58, 0x97,
+ 0x66, 0xa1, 0x56, 0x49, 0x39, 0xb1, 0x2c, 0x55,
+ 0x0a, 0x6a, 0x78, 0x18, 0xba, 0xdb, 0xcf, 0xf4,
+ 0xf7, 0x32, 0x35, 0xa2, 0x04, 0xab, 0xdc, 0xa7,
+ 0x6d, 0xd9, 0xd5, 0x06, 0x6f, 0xec, 0x7d, 0x40,
+ 0x4c, 0xe8, 0x0e, 0xd0, 0xc9, 0xaa, 0xdf, 0x59
+ };
+ static const PRUint8 rsa_coefficient[FIPS_RSA_COEFFICIENT_LENGTH] = {
+ 0x17, 0xd7, 0xf5, 0x0a, 0xf0, 0x68, 0x97, 0x96,
+ 0xc4, 0x29, 0x18, 0x77, 0x9a, 0x1f, 0xe3, 0xf3,
+ 0x12, 0x13, 0x0f, 0x7e, 0x7b, 0xb9, 0xc1, 0x91,
+ 0xf9, 0xc7, 0x08, 0x56, 0x5c, 0xa4, 0xbc, 0x83,
+ 0x71, 0xf9, 0x78, 0xd9, 0x2b, 0xec, 0xfe, 0x6b,
+ 0xdc, 0x2f, 0x63, 0xc9, 0xcd, 0x50, 0x14, 0x5b,
+ 0xd3, 0x6e, 0x85, 0x4d, 0x0c, 0xa2, 0x0b, 0xa0,
+ 0x09, 0xb6, 0xca, 0x34, 0x9c, 0xc2, 0xc1, 0x4a,
+ 0xb0, 0xbc, 0x45, 0x93, 0xa5, 0x7e, 0x99, 0xb5,
+ 0xbd, 0xe4, 0x69, 0x29, 0x08, 0x28, 0xd2, 0xcd,
+ 0xab, 0x24, 0x78, 0x48, 0x41, 0x26, 0x0b, 0x37,
+ 0xa3, 0x43, 0xd1, 0x95, 0x1a, 0xd6, 0xee, 0x22,
+ 0x1c, 0x00, 0x0b, 0xc2, 0xb7, 0xa4, 0xa3, 0x21,
+ 0xa9, 0xcd, 0xe4, 0x69, 0xd3, 0x45, 0x02, 0xb1,
+ 0xb7, 0x3a, 0xbf, 0x51, 0x35, 0x1b, 0x78, 0xc2,
+ 0xcf, 0x0c, 0x0d, 0x60, 0x09, 0xa9, 0x44, 0x02
+ };
+
+ /* RSA Known Plaintext Message (1024-bits). */
+ static const PRUint8 rsa_known_plaintext_msg[FIPS_RSA_MESSAGE_LENGTH] = {
+ "Known plaintext message utilized"
+ "for RSA Encryption & Decryption"
+ "blocks SHA256, SHA384 and "
+ "SHA512 RSA Signature KAT tests. "
+ "Known plaintext message utilized"
+ "for RSA Encryption & Decryption"
+ "blocks SHA256, SHA384 and "
+ "SHA512 RSA Signature KAT tests."
+ };
+
+ /* RSA Known Signed Hash (2048-bits). */
+ static const PRUint8 rsa_known_sha256_signature[] = {
+ 0x8c, 0x2d, 0x2e, 0xfb, 0x37, 0xb5, 0x6f, 0x38,
+ 0x9f, 0x06, 0x5a, 0xf3, 0x8c, 0xa0, 0xd0, 0x7a,
+ 0xde, 0xcf, 0xf9, 0x14, 0x95, 0x59, 0xd3, 0x5f,
+ 0x51, 0x5d, 0x5d, 0xad, 0xd8, 0x71, 0x33, 0x50,
+ 0x1d, 0x03, 0x3b, 0x3a, 0x32, 0x00, 0xb4, 0xde,
+ 0x7f, 0xe4, 0xb1, 0xe5, 0x6b, 0x83, 0xf4, 0x80,
+ 0x10, 0x3b, 0xb8, 0x8a, 0xdb, 0xe8, 0x0a, 0x42,
+ 0x9e, 0x8d, 0xd7, 0xbe, 0xed, 0xde, 0x5a, 0x3d,
+ 0xc6, 0xdb, 0xfe, 0x49, 0x6a, 0xe9, 0x1e, 0x75,
+ 0x66, 0xf1, 0x3f, 0x9e, 0x3f, 0xff, 0x05, 0x65,
+ 0xde, 0xca, 0x62, 0x62, 0xf3, 0xec, 0x53, 0x09,
+ 0xa0, 0x37, 0xd5, 0x66, 0x62, 0x72, 0x14, 0xb6,
+ 0x51, 0x32, 0x67, 0x50, 0xc1, 0xe1, 0x2f, 0x9e,
+ 0x98, 0x4e, 0x53, 0x96, 0x55, 0x4b, 0xc4, 0x92,
+ 0xc3, 0xb4, 0x80, 0xf0, 0x35, 0xc9, 0x00, 0x4b,
+ 0x5c, 0x85, 0x92, 0xb1, 0xe8, 0x6e, 0xa5, 0x51,
+ 0x38, 0x9f, 0xc9, 0x11, 0xb6, 0x14, 0xdf, 0x34,
+ 0x64, 0x40, 0x82, 0x82, 0xde, 0x16, 0x69, 0x93,
+ 0x89, 0x4e, 0x5c, 0x32, 0xf2, 0x0a, 0x4e, 0x9e,
+ 0xbd, 0x63, 0x99, 0x4f, 0xf3, 0x15, 0x90, 0xc2,
+ 0xfe, 0x6f, 0xb7, 0xf4, 0xad, 0xd4, 0x8e, 0x0b,
+ 0xd2, 0xf5, 0x22, 0xd2, 0x71, 0x65, 0x13, 0xf7,
+ 0x82, 0x7b, 0x75, 0xb6, 0xc1, 0xb4, 0x45, 0xbd,
+ 0x8f, 0x95, 0xcf, 0x5b, 0x95, 0x32, 0xef, 0x18,
+ 0x5f, 0xd3, 0xdf, 0x7e, 0x22, 0xdd, 0x25, 0xeb,
+ 0xe1, 0xbf, 0x3b, 0x9a, 0x55, 0x75, 0x4f, 0x3c,
+ 0x38, 0x67, 0x57, 0x04, 0x04, 0x57, 0x27, 0xf6,
+ 0x34, 0x0e, 0x57, 0x8a, 0x7c, 0xff, 0x7d, 0xca,
+ 0x8c, 0x06, 0xf8, 0x9d, 0xdb, 0xe4, 0xd8, 0x19,
+ 0xdd, 0x4d, 0xfd, 0x8f, 0xa0, 0x06, 0x53, 0xe8,
+ 0x33, 0x00, 0x70, 0x3f, 0x6b, 0xc3, 0xbd, 0x9a,
+ 0x78, 0xb5, 0xa9, 0xef, 0x6d, 0xda, 0x67, 0x92
+ };
+
+ /* RSA Known Signed Hash (2048-bits). */
+ static const PRUint8 rsa_known_sha384_signature[] = {
+ 0x20, 0x2d, 0x21, 0x3a, 0xaa, 0x1e, 0x05, 0x15,
+ 0x5c, 0xca, 0x84, 0x86, 0xc0, 0x15, 0x81, 0xdf,
+ 0xd4, 0x06, 0x9f, 0xe0, 0xc1, 0xed, 0xef, 0x0f,
+ 0xfe, 0xb3, 0xc3, 0xbb, 0x28, 0xa5, 0x56, 0xbf,
+ 0xe3, 0x11, 0x5c, 0xc2, 0xc0, 0x0b, 0xfa, 0xfa,
+ 0x3d, 0xd3, 0x06, 0x20, 0xe2, 0xc9, 0xe4, 0x66,
+ 0x28, 0xb7, 0xc0, 0x3b, 0x3c, 0x96, 0xc6, 0x49,
+ 0x3b, 0xcf, 0x86, 0x49, 0x31, 0xaf, 0x5b, 0xa3,
+ 0xec, 0x63, 0x10, 0xdf, 0xda, 0x2f, 0x68, 0xac,
+ 0x7b, 0x3a, 0x49, 0xfa, 0xe6, 0x0d, 0xfe, 0x37,
+ 0x17, 0x56, 0x8e, 0x5c, 0x48, 0x97, 0x43, 0xf7,
+ 0xa0, 0xbc, 0xe3, 0x4b, 0x42, 0xde, 0x58, 0x1d,
+ 0xd9, 0x5d, 0xb3, 0x08, 0x35, 0xbd, 0xa4, 0xe1,
+ 0x80, 0xc3, 0x64, 0xab, 0x21, 0x97, 0xad, 0xfb,
+ 0x71, 0xee, 0xa3, 0x3d, 0x9c, 0xaa, 0xfa, 0x16,
+ 0x60, 0x46, 0x32, 0xda, 0x44, 0x2e, 0x10, 0x92,
+ 0x20, 0xd8, 0x98, 0x80, 0x84, 0x75, 0x5b, 0x70,
+ 0x91, 0x00, 0x33, 0x19, 0x69, 0xc9, 0x2a, 0xec,
+ 0x3d, 0xe5, 0x5f, 0x0f, 0x9a, 0xa7, 0x97, 0x1f,
+ 0x79, 0xc3, 0x1d, 0x65, 0x74, 0x62, 0xc5, 0xa1,
+ 0x23, 0x65, 0x4b, 0x84, 0xa1, 0x03, 0x98, 0xf3,
+ 0xf1, 0x02, 0x24, 0xca, 0xe5, 0xd4, 0xc8, 0xa2,
+ 0x30, 0xad, 0x72, 0x7d, 0x29, 0x60, 0x1a, 0x8e,
+ 0x6f, 0x23, 0xa4, 0xda, 0x68, 0xa4, 0x45, 0x9c,
+ 0x39, 0x70, 0x44, 0x18, 0x4b, 0x73, 0xfe, 0xf8,
+ 0x33, 0x53, 0x1d, 0x7e, 0x93, 0x93, 0xac, 0xc7,
+ 0x1e, 0x6e, 0x6b, 0xfd, 0x9e, 0xba, 0xa6, 0x71,
+ 0x70, 0x47, 0x6a, 0xd6, 0x82, 0x32, 0xa2, 0x6e,
+ 0x20, 0x72, 0xb0, 0xba, 0xec, 0x91, 0xbb, 0x6b,
+ 0xcc, 0x84, 0x0a, 0x33, 0x2b, 0x8a, 0x8d, 0xeb,
+ 0x71, 0xcd, 0xca, 0x67, 0x1b, 0xad, 0x10, 0xd4,
+ 0xce, 0x4f, 0xc0, 0x29, 0xec, 0xfa, 0xed, 0xfa
+ };
+
+ /* RSA Known Signed Hash (2048-bits). */
+ static const PRUint8 rsa_known_sha512_signature[] = {
+ 0x35, 0x0e, 0x74, 0x9d, 0xeb, 0xc7, 0x67, 0x31,
+ 0x9f, 0xff, 0x0b, 0xbb, 0x5e, 0x66, 0xb4, 0x2f,
+ 0xbf, 0x72, 0x60, 0x4f, 0xe9, 0xbd, 0xec, 0xc8,
+ 0x17, 0x79, 0x5f, 0x39, 0x83, 0xb4, 0x54, 0x2e,
+ 0x01, 0xb9, 0xd3, 0x20, 0x47, 0xcb, 0xd4, 0x42,
+ 0xf2, 0x6e, 0x36, 0xc1, 0x97, 0xad, 0xef, 0x8e,
+ 0xe6, 0x51, 0xee, 0x5e, 0x9e, 0x88, 0xb4, 0x9d,
+ 0xda, 0x3e, 0x77, 0x4b, 0xe8, 0xae, 0x48, 0x53,
+ 0x2c, 0xc4, 0xd3, 0x25, 0x6b, 0x23, 0xb7, 0x54,
+ 0x3c, 0x95, 0x8f, 0xfb, 0x6f, 0x6d, 0xc5, 0x56,
+ 0x39, 0x69, 0x28, 0x0e, 0x74, 0x9b, 0x31, 0xe8,
+ 0x76, 0x77, 0x2b, 0xc1, 0x44, 0x89, 0x81, 0x93,
+ 0xfc, 0xf6, 0xec, 0x5f, 0x8f, 0x89, 0xfc, 0x1d,
+ 0xa4, 0x53, 0x58, 0x8c, 0xe9, 0xc0, 0xc0, 0x26,
+ 0xe6, 0xdf, 0x6d, 0x27, 0xb1, 0x8e, 0x3e, 0xb6,
+ 0x47, 0xe1, 0x02, 0x96, 0xc2, 0x5f, 0x7f, 0x3d,
+ 0xc5, 0x6c, 0x2f, 0xea, 0xaa, 0x5e, 0x39, 0xfc,
+ 0x77, 0xca, 0x00, 0x02, 0x5c, 0x64, 0x7c, 0xce,
+ 0x7d, 0x63, 0x82, 0x05, 0xed, 0xf7, 0x5b, 0x55,
+ 0x58, 0xc0, 0xeb, 0x76, 0xd7, 0x95, 0x55, 0x37,
+ 0x85, 0x7d, 0x17, 0xad, 0xd2, 0x11, 0xfd, 0x97,
+ 0x48, 0xb5, 0xc2, 0x5e, 0xc7, 0x62, 0xc0, 0xe0,
+ 0x68, 0xa8, 0x61, 0x14, 0x41, 0xca, 0x25, 0x3a,
+ 0xec, 0x48, 0x54, 0x22, 0x83, 0x2b, 0x69, 0x54,
+ 0xfd, 0xc8, 0x99, 0x9a, 0xee, 0x37, 0x03, 0xa3,
+ 0x8f, 0x0f, 0x32, 0xb0, 0xaa, 0x74, 0x39, 0x04,
+ 0x7c, 0xd9, 0xc2, 0x8f, 0xbe, 0xf2, 0xc4, 0xbe,
+ 0xdd, 0x7a, 0x7a, 0x7f, 0x72, 0xd3, 0x80, 0x59,
+ 0x18, 0xa0, 0xa1, 0x2d, 0x6f, 0xa3, 0xa9, 0x48,
+ 0xed, 0x20, 0xa6, 0xea, 0xaa, 0x10, 0x83, 0x98,
+ 0x0c, 0x13, 0x69, 0x6e, 0xcd, 0x31, 0x6b, 0xd0,
+ 0x66, 0xa6, 0x5e, 0x30, 0x0c, 0x82, 0xd5, 0x81
+ };
+
+ static const RSAPublicKey bl_public_key = {
+ NULL,
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_modulus,
+ FIPS_RSA_MODULUS_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_public_exponent,
+ FIPS_RSA_PUBLIC_EXPONENT_LENGTH }
+ };
+ static const RSAPrivateKey bl_private_key = {
+ NULL,
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_version,
+ FIPS_RSA_PRIVATE_VERSION_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_modulus,
+ FIPS_RSA_MODULUS_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_public_exponent,
+ FIPS_RSA_PUBLIC_EXPONENT_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_private_exponent,
+ FIPS_RSA_PRIVATE_EXPONENT_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_prime0,
+ FIPS_RSA_PRIME0_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_prime1,
+ FIPS_RSA_PRIME1_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_exponent0,
+ FIPS_RSA_EXPONENT0_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_exponent1,
+ FIPS_RSA_EXPONENT1_LENGTH },
+ { FIPS_RSA_TYPE, (unsigned char *)rsa_coefficient,
+ FIPS_RSA_COEFFICIENT_LENGTH }
+ };
+
+/* RSA variables. */
+#ifdef CREATE_TEMP_ARENAS
+ PLArenaPool *rsa_public_arena;
+ PLArenaPool *rsa_private_arena;
+#endif
+ NSSLOWKEYPublicKey *rsa_public_key;
+ NSSLOWKEYPrivateKey *rsa_private_key;
+ SECStatus rsa_status;
+
+ NSSLOWKEYPublicKey low_public_key = { NULL, NSSLOWKEYRSAKey };
+ NSSLOWKEYPrivateKey low_private_key = { NULL, NSSLOWKEYRSAKey };
+
+ /****************************************/
+ /* Compose RSA Public/Private Key Pair. */
+ /****************************************/
+
+ low_public_key.u.rsa = bl_public_key;
+ low_private_key.u.rsa = bl_private_key;
+
+ rsa_public_key = &low_public_key;
+ rsa_private_key = &low_private_key;
+
+#ifdef CREATE_TEMP_ARENAS
+ /* Create some space for the RSA public key. */
+ rsa_public_arena = PORT_NewArena(NSS_SOFTOKEN_DEFAULT_CHUNKSIZE);
+
+ if (rsa_public_arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ /* Create some space for the RSA private key. */
+ rsa_private_arena = PORT_NewArena(NSS_SOFTOKEN_DEFAULT_CHUNKSIZE);
+
+ if (rsa_private_arena == NULL) {
+ PORT_FreeArena(rsa_public_arena, PR_TRUE);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (SECFailure);
+ }
+
+ rsa_public_key->arena = rsa_public_arena;
+ rsa_private_key->arena = rsa_private_arena;
+#endif
+
+ /**************************************************/
+ /* RSA Hash tests */
+ /**************************************************/
+
+ rsa_status = sftk_fips_RSA_PowerUpSigSelfTest(HASH_AlgSHA256,
+ rsa_public_key, rsa_private_key,
+ rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
+ rsa_known_sha256_signature);
+ if (rsa_status != SECSuccess)
+ goto rsa_loser;
+
+ rsa_status = sftk_fips_RSA_PowerUpSigSelfTest(HASH_AlgSHA384,
+ rsa_public_key, rsa_private_key,
+ rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
+ rsa_known_sha384_signature);
+ if (rsa_status != SECSuccess)
+ goto rsa_loser;
+
+ rsa_status = sftk_fips_RSA_PowerUpSigSelfTest(HASH_AlgSHA512,
+ rsa_public_key, rsa_private_key,
+ rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
+ rsa_known_sha512_signature);
+ if (rsa_status != SECSuccess)
+ goto rsa_loser;
+
+ /* Dispose of all RSA key material. */
+ nsslowkey_DestroyPublicKey(rsa_public_key);
+ nsslowkey_DestroyPrivateKey(rsa_private_key);
+
+ return (SECSuccess);
+
+rsa_loser:
+
+ nsslowkey_DestroyPublicKey(rsa_public_key);
+ nsslowkey_DestroyPrivateKey(rsa_private_key);
+
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return (SECFailure);
+}
+
+static PRBool sftk_self_tests_ran = PR_FALSE;
+static PRBool sftk_self_tests_success = PR_FALSE;
+
+/*
+ * This function is called at dll load time, the code tha makes this
+ * happen is platform specific on defined above.
+ */
+static void
+sftk_startup_tests(void)
+{
+ SECStatus rv;
+ const char *libraryName = SOFTOKEN_LIB_NAME;
+
+ PORT_Assert(!sftk_self_tests_ran);
+ PORT_Assert(!sftk_self_tests_success);
+ sftk_self_tests_ran = PR_TRUE;
+ sftk_self_tests_success = PR_FALSE; /* just in case */
+
+ /* need to initiallize the oid library before the RSA tests */
+ rv = SECOID_Init();
+ if (rv != SECSuccess) {
+ return;
+ }
+ /* make sure freebl is initialized, or our RSA check
+ * may fail. This is normally done at freebl load time, but it's
+ * possible we may have shut freebl down without unloading it. */
+ rv = BL_Init();
+ if (rv != SECSuccess) {
+ return;
+ }
+
+ rv = RNG_RNGInit();
+ if (rv != SECSuccess) {
+ return;
+ }
+ /* check the RSA combined functions in softoken */
+ rv = sftk_fips_RSA_PowerUpSelfTest();
+ if (rv != SECSuccess) {
+ return;
+ }
+ if (!BLAPI_SHVerify(libraryName,
+ (PRFuncPtr)&sftk_fips_RSA_PowerUpSelfTest)) {
+ /* something is wrong with the library, fail without enabling
+ * the token */
+ return;
+ }
+ sftk_self_tests_success = PR_TRUE;
+}
+
+/*
+ * this is called from nsc_Common_Initizialize entry points that gates access
+ * to * all other pkcs11 functions. This prevents softoken operation if our
+ * power on selftest failed.
+ */
+CK_RV
+sftk_FIPSEntryOK()
+{
+#ifdef NSS_NO_INIT_SUPPORT
+ /* this should only be set on platforms that can't handle one of the INIT
+ * schemes. This code allows those platforms to continue to function,
+ * though they don't meet the strict NIST requirements. If NSS_NO_INIT_SUPPORT
+ * is not set, and init support has not been properly enabled, softken
+ * will always fail because of the test below
+ */
+ if (!sftk_self_tests_ran) {
+ sftk_startup_tests();
+ }
+#endif
+ if (!sftk_self_tests_success) {
+ return CKR_DEVICE_ERROR;
+ }
+ return CKR_OK;
+}
diff --git a/security/nss/lib/softoken/fipstokn.c b/security/nss/lib/softoken/fipstokn.c
new file mode 100644
index 000000000..12ff77cf8
--- /dev/null
+++ b/security/nss/lib/softoken/fipstokn.c
@@ -0,0 +1,1656 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements PKCS 11 on top of our existing security modules
+ *
+ * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
+ * This implementation has two slots:
+ * slot 1 is our generic crypto support. It does not require login
+ * (unless you've enabled FIPS). It supports Public Key ops, and all they
+ * bulk ciphers and hashes. It can also support Private Key ops for imported
+ * Private keys. It does not have any token storage.
+ * slot 2 is our private key support. It requires a login before use. It
+ * can store Private Keys and Certs as token objects. Currently only private
+ * keys and their associated Certificates are saved on the token.
+ *
+ * In this implementation, session objects are only visible to the session
+ * that created or generated them.
+ */
+#include "seccomon.h"
+#include "softoken.h"
+#include "lowkeyi.h"
+#include "pkcs11.h"
+#include "pkcs11i.h"
+#include "prenv.h"
+#include "prprf.h"
+
+#include <ctype.h>
+
+#ifdef XP_UNIX
+#define NSS_AUDIT_WITH_SYSLOG 1
+#include <syslog.h>
+#include <unistd.h>
+#endif
+
+#ifdef LINUX
+#include <pthread.h>
+#include <dlfcn.h>
+#define LIBAUDIT_NAME "libaudit.so.0"
+#ifndef AUDIT_CRYPTO_TEST_USER
+#define AUDIT_CRYPTO_TEST_USER 2400 /* Crypto test results */
+#define AUDIT_CRYPTO_PARAM_CHANGE_USER 2401 /* Crypto attribute change */
+#define AUDIT_CRYPTO_LOGIN 2402 /* Logged in as crypto officer */
+#define AUDIT_CRYPTO_LOGOUT 2403 /* Logged out from crypto */
+#define AUDIT_CRYPTO_KEY_USER 2404 /* Create,delete,negotiate */
+#define AUDIT_CRYPTO_FAILURE_USER 2405 /* Fail decrypt,encrypt,randomize */
+#endif
+static void *libaudit_handle;
+static int (*audit_open_func)(void);
+static void (*audit_close_func)(int fd);
+static int (*audit_log_user_message_func)(int audit_fd, int type,
+ const char *message, const char *hostname, const char *addr,
+ const char *tty, int result);
+static int (*audit_send_user_message_func)(int fd, int type,
+ const char *message);
+
+static pthread_once_t libaudit_once_control = PTHREAD_ONCE_INIT;
+
+static void
+libaudit_init(void)
+{
+ libaudit_handle = dlopen(LIBAUDIT_NAME, RTLD_LAZY);
+ if (!libaudit_handle) {
+ return;
+ }
+ audit_open_func = dlsym(libaudit_handle, "audit_open");
+ audit_close_func = dlsym(libaudit_handle, "audit_close");
+ /*
+ * audit_send_user_message is the older function.
+ * audit_log_user_message, if available, is preferred.
+ */
+ audit_log_user_message_func = dlsym(libaudit_handle,
+ "audit_log_user_message");
+ if (!audit_log_user_message_func) {
+ audit_send_user_message_func = dlsym(libaudit_handle,
+ "audit_send_user_message");
+ }
+ if (!audit_open_func || !audit_close_func ||
+ (!audit_log_user_message_func && !audit_send_user_message_func)) {
+ dlclose(libaudit_handle);
+ libaudit_handle = NULL;
+ audit_open_func = NULL;
+ audit_close_func = NULL;
+ audit_log_user_message_func = NULL;
+ audit_send_user_message_func = NULL;
+ }
+}
+#endif /* LINUX */
+
+/*
+ * ******************** Password Utilities *******************************
+ */
+static PRBool isLoggedIn = PR_FALSE;
+static PRBool isLevel2 = PR_TRUE;
+PRBool sftk_fatalError = PR_FALSE;
+
+/*
+ * This function returns
+ * - CKR_PIN_INVALID if the password/PIN is not a legal UTF8 string
+ * - CKR_PIN_LEN_RANGE if the password/PIN is too short or does not
+ * consist of characters from three or more character classes.
+ * - CKR_OK otherwise
+ *
+ * The minimum password/PIN length is FIPS_MIN_PIN Unicode characters.
+ * We define five character classes: digits (0-9), ASCII lowercase letters,
+ * ASCII uppercase letters, ASCII non-alphanumeric characters (such as
+ * space and punctuation marks), and non-ASCII characters. If an ASCII
+ * uppercase letter is the first character of the password/PIN, the
+ * uppercase letter is not counted toward its character class. Similarly,
+ * if a digit is the last character of the password/PIN, the digit is not
+ * counted toward its character class.
+ *
+ * Although NSC_SetPIN and NSC_InitPIN already do the maximum and minimum
+ * password/PIN length checks, they check the length in bytes as opposed
+ * to characters. To meet the minimum password/PIN guessing probability
+ * requirements in FIPS 140-2, we need to check the length in characters.
+ */
+static CK_RV
+sftk_newPinCheck(CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
+{
+ unsigned int i;
+ int nchar = 0; /* number of characters */
+ int ntrail = 0; /* number of trailing bytes to follow */
+ int ndigit = 0; /* number of decimal digits */
+ int nlower = 0; /* number of ASCII lowercase letters */
+ int nupper = 0; /* number of ASCII uppercase letters */
+ int nnonalnum = 0; /* number of ASCII non-alphanumeric characters */
+ int nnonascii = 0; /* number of non-ASCII characters */
+ int nclass; /* number of character classes */
+
+ for (i = 0; i < ulPinLen; i++) {
+ unsigned int byte = pPin[i];
+
+ if (ntrail) {
+ if ((byte & 0xc0) != 0x80) {
+ /* illegal */
+ nchar = -1;
+ break;
+ }
+ if (--ntrail == 0) {
+ nchar++;
+ nnonascii++;
+ }
+ continue;
+ }
+ if ((byte & 0x80) == 0x00) {
+ /* single-byte (ASCII) character */
+ nchar++;
+ if (isdigit(byte)) {
+ if (i < ulPinLen - 1) {
+ ndigit++;
+ }
+ } else if (islower(byte)) {
+ nlower++;
+ } else if (isupper(byte)) {
+ if (i > 0) {
+ nupper++;
+ }
+ } else {
+ nnonalnum++;
+ }
+ } else if ((byte & 0xe0) == 0xc0) {
+ /* leading byte of two-byte character */
+ ntrail = 1;
+ } else if ((byte & 0xf0) == 0xe0) {
+ /* leading byte of three-byte character */
+ ntrail = 2;
+ } else if ((byte & 0xf8) == 0xf0) {
+ /* leading byte of four-byte character */
+ ntrail = 3;
+ } else {
+ /* illegal */
+ nchar = -1;
+ break;
+ }
+ }
+ if (nchar == -1) {
+ /* illegal UTF8 string */
+ return CKR_PIN_INVALID;
+ }
+ if (nchar < FIPS_MIN_PIN) {
+ return CKR_PIN_LEN_RANGE;
+ }
+ nclass = (ndigit != 0) + (nlower != 0) + (nupper != 0) +
+ (nnonalnum != 0) + (nnonascii != 0);
+ if (nclass < 3) {
+ return CKR_PIN_LEN_RANGE;
+ }
+ return CKR_OK;
+}
+
+/* FIPS required checks before any useful cryptographic services */
+static CK_RV
+sftk_fipsCheck(void)
+{
+ if (sftk_fatalError)
+ return CKR_DEVICE_ERROR;
+ if (isLevel2 && !isLoggedIn)
+ return CKR_USER_NOT_LOGGED_IN;
+ return CKR_OK;
+}
+
+#define SFTK_FIPSCHECK() \
+ CK_RV rv; \
+ if ((rv = sftk_fipsCheck()) != CKR_OK) \
+ return rv;
+
+#define SFTK_FIPSFATALCHECK() \
+ if (sftk_fatalError) \
+ return CKR_DEVICE_ERROR;
+
+/* grab an attribute out of a raw template */
+void *
+fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
+{
+ int i;
+
+ for (i = 0; i < (int)ulCount; i++) {
+ if (pTemplate[i].type == type) {
+ return pTemplate[i].pValue;
+ }
+ }
+ return NULL;
+}
+
+#define __PASTE(x, y) x##y
+
+/* ------------- forward declare all the NSC_ functions ------------- */
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS, name)
+#define CK_NEED_ARG_LIST 1
+
+#include "pkcs11f.h"
+
+/* ------------- forward declare all the FIPS functions ------------- */
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F, name)
+#define CK_NEED_ARG_LIST 1
+
+#include "pkcs11f.h"
+
+/* ------------- build the CK_CRYPTO_TABLE ------------------------- */
+static CK_FUNCTION_LIST sftk_fipsTable = {
+ { 1, 10 },
+
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+#define CK_PKCS11_FUNCTION_INFO(name) \
+ __PASTE(F, name) \
+ ,
+
+#include "pkcs11f.h"
+
+};
+
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+#undef __PASTE
+
+/* CKO_NOT_A_KEY can be any object class that's not a key object. */
+#define CKO_NOT_A_KEY CKO_DATA
+
+#define SFTK_IS_KEY_OBJECT(objClass) \
+ (((objClass) == CKO_PUBLIC_KEY) || \
+ ((objClass) == CKO_PRIVATE_KEY) || \
+ ((objClass) == CKO_SECRET_KEY))
+
+#define SFTK_IS_NONPUBLIC_KEY_OBJECT(objClass) \
+ (((objClass) == CKO_PRIVATE_KEY) || ((objClass) == CKO_SECRET_KEY))
+
+static CK_RV
+sftk_get_object_class_and_fipsCheck(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_OBJECT_CLASS *pObjClass)
+{
+ CK_RV rv;
+ CK_ATTRIBUTE class;
+ class.type = CKA_CLASS;
+ class.pValue = pObjClass;
+ class.ulValueLen = sizeof(*pObjClass);
+ rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
+ if ((rv == CKR_OK) && SFTK_IS_NONPUBLIC_KEY_OBJECT(*pObjClass)) {
+ rv = sftk_fipsCheck();
+ }
+ return rv;
+}
+
+#ifdef LINUX
+
+int
+sftk_mapLinuxAuditType(NSSAuditSeverity severity, NSSAuditType auditType)
+{
+ switch (auditType) {
+ case NSS_AUDIT_ACCESS_KEY:
+ case NSS_AUDIT_CHANGE_KEY:
+ case NSS_AUDIT_COPY_KEY:
+ case NSS_AUDIT_DERIVE_KEY:
+ case NSS_AUDIT_DESTROY_KEY:
+ case NSS_AUDIT_DIGEST_KEY:
+ case NSS_AUDIT_GENERATE_KEY:
+ case NSS_AUDIT_LOAD_KEY:
+ case NSS_AUDIT_UNWRAP_KEY:
+ case NSS_AUDIT_WRAP_KEY:
+ return AUDIT_CRYPTO_KEY_USER;
+ case NSS_AUDIT_CRYPT:
+ return (severity == NSS_AUDIT_ERROR) ? AUDIT_CRYPTO_FAILURE_USER : AUDIT_CRYPTO_KEY_USER;
+ case NSS_AUDIT_FIPS_STATE:
+ case NSS_AUDIT_INIT_PIN:
+ case NSS_AUDIT_INIT_TOKEN:
+ case NSS_AUDIT_SET_PIN:
+ return AUDIT_CRYPTO_PARAM_CHANGE_USER;
+ case NSS_AUDIT_SELF_TEST:
+ return AUDIT_CRYPTO_TEST_USER;
+ case NSS_AUDIT_LOGIN:
+ return AUDIT_CRYPTO_LOGIN;
+ case NSS_AUDIT_LOGOUT:
+ return AUDIT_CRYPTO_LOGOUT;
+ /* we skip the fault case here so we can get compiler
+ * warnings if new 'NSSAuditType's are added without
+ * added them to this list, defaults fall through */
+ }
+ /* default */
+ return AUDIT_CRYPTO_PARAM_CHANGE_USER;
+}
+#endif
+
+/**********************************************************************
+ *
+ * FIPS 140 auditable event logging
+ *
+ **********************************************************************/
+
+PRBool sftk_audit_enabled = PR_FALSE;
+
+/*
+ * Each audit record must have the following information:
+ * - Date and time of the event
+ * - Type of event
+ * - user (subject) identity
+ * - outcome (success or failure) of the event
+ * - process ID
+ * - name (ID) of the object
+ * - for changes to data (except for authentication data and CSPs), the new
+ * and old values of the data
+ * - for authentication attempts, the origin of the attempt (e.g., terminal
+ * identifier)
+ * - for assuming a role, the type of role, and the location of the request
+ */
+void
+sftk_LogAuditMessage(NSSAuditSeverity severity, NSSAuditType auditType,
+ const char *msg)
+{
+#ifdef NSS_AUDIT_WITH_SYSLOG
+ int level;
+
+ switch (severity) {
+ case NSS_AUDIT_ERROR:
+ level = LOG_ERR;
+ break;
+ case NSS_AUDIT_WARNING:
+ level = LOG_WARNING;
+ break;
+ default:
+ level = LOG_INFO;
+ break;
+ }
+ /* timestamp is provided by syslog in the message header */
+ syslog(level | LOG_USER /* facility */,
+ "NSS " SOFTOKEN_LIB_NAME "[pid=%d uid=%d]: %s",
+ (int)getpid(), (int)getuid(), msg);
+#ifdef LINUX
+ if (pthread_once(&libaudit_once_control, libaudit_init) != 0) {
+ return;
+ }
+ if (libaudit_handle) {
+ int audit_fd;
+ int linuxAuditType;
+ int result = (severity != NSS_AUDIT_ERROR); /* 1=success; 0=failed */
+ char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
+ if (!message) {
+ return;
+ }
+ audit_fd = audit_open_func();
+ if (audit_fd < 0) {
+ PR_smprintf_free(message);
+ return;
+ }
+ linuxAuditType = sftk_mapLinuxAuditType(severity, auditType);
+ if (audit_log_user_message_func) {
+ audit_log_user_message_func(audit_fd, linuxAuditType, message,
+ NULL, NULL, NULL, result);
+ } else {
+ audit_send_user_message_func(audit_fd, linuxAuditType, message);
+ }
+ audit_close_func(audit_fd);
+ PR_smprintf_free(message);
+ }
+#endif /* LINUX */
+#else
+/* do nothing */
+#endif
+}
+
+/**********************************************************************
+ *
+ * Start of PKCS 11 functions
+ *
+ **********************************************************************/
+/* return the function list */
+CK_RV
+FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
+{
+
+ CHECK_FORK();
+
+ *pFunctionList = &sftk_fipsTable;
+ return CKR_OK;
+}
+
+/* sigh global so pkcs11 can read it */
+PRBool nsf_init = PR_FALSE;
+
+void
+fc_log_init_error(CK_RV crv)
+{
+ if (sftk_audit_enabled) {
+ char msg[128];
+ PR_snprintf(msg, sizeof msg,
+ "C_Initialize()=0x%08lX "
+ "power-up self-tests failed",
+ (PRUint32)crv);
+ sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
+ }
+}
+
+/* FC_Initialize initializes the PKCS #11 library. */
+CK_RV
+FC_Initialize(CK_VOID_PTR pReserved)
+{
+ const char *envp;
+ CK_RV crv;
+
+ if ((envp = PR_GetEnv("NSS_ENABLE_AUDIT")) != NULL) {
+ sftk_audit_enabled = (atoi(envp) == 1);
+ }
+
+ /* At this point we should have already done post and integrity checks.
+ * if we haven't, it probably means the FIPS product has not been installed
+ * or the tests failed. Don't let an application try to enter FIPS mode */
+ crv = sftk_FIPSEntryOK();
+ if (crv != CKR_OK) {
+ sftk_fatalError = PR_TRUE;
+ fc_log_init_error(crv);
+ return crv;
+ }
+
+ sftk_ForkReset(pReserved, &crv);
+
+ if (nsf_init) {
+ return CKR_CRYPTOKI_ALREADY_INITIALIZED;
+ }
+
+ crv = nsc_CommonInitialize(pReserved, PR_TRUE);
+
+ /* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
+ if (crv != CKR_OK) {
+ sftk_fatalError = PR_TRUE;
+ return crv;
+ }
+
+ sftk_fatalError = PR_FALSE; /* any error has been reset */
+ nsf_init = PR_TRUE;
+ isLevel2 = PR_TRUE; /* assume level 2 unless we learn otherwise */
+
+ return CKR_OK;
+}
+
+/*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
+CK_RV
+FC_Finalize(CK_VOID_PTR pReserved)
+{
+ CK_RV crv;
+
+ if (sftk_ForkReset(pReserved, &crv)) {
+ return crv;
+ }
+
+ if (!nsf_init) {
+ return CKR_OK;
+ }
+
+ crv = nsc_CommonFinalize(pReserved, PR_TRUE);
+
+ nsf_init = (PRBool) !(crv == CKR_OK);
+ return crv;
+}
+
+/* FC_GetInfo returns general information about PKCS #11. */
+CK_RV
+FC_GetInfo(CK_INFO_PTR pInfo)
+{
+ CHECK_FORK();
+
+ return NSC_GetInfo(pInfo);
+}
+
+/* FC_GetSlotList obtains a list of slots in the system. */
+CK_RV
+FC_GetSlotList(CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
+{
+ CHECK_FORK();
+
+ return nsc_CommonGetSlotList(tokenPresent, pSlotList, pulCount,
+ NSC_FIPS_MODULE);
+}
+
+/* FC_GetSlotInfo obtains information about a particular slot in the system. */
+CK_RV
+FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
+{
+ CHECK_FORK();
+
+ return NSC_GetSlotInfo(slotID, pInfo);
+}
+
+/*FC_GetTokenInfo obtains information about a particular token in the system.*/
+CK_RV
+FC_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ crv = NSC_GetTokenInfo(slotID, pInfo);
+ if (crv == CKR_OK) {
+ if ((pInfo->flags & CKF_LOGIN_REQUIRED) == 0) {
+ isLevel2 = PR_FALSE;
+ }
+ }
+ return crv;
+}
+
+/*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
+CK_RV
+FC_GetMechanismList(CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount)
+{
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ if ((slotID == FIPS_SLOT_ID) || (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID)) {
+ slotID = NETSCAPE_SLOT_ID;
+ }
+ /* FIPS Slots support all functions */
+ return NSC_GetMechanismList(slotID, pMechanismList, pusCount);
+}
+
+/* FC_GetMechanismInfo obtains information about a particular mechanism
+ * possibly supported by a token. */
+CK_RV
+FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ if ((slotID == FIPS_SLOT_ID) || (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID)) {
+ slotID = NETSCAPE_SLOT_ID;
+ }
+ /* FIPS Slots support all functions */
+ return NSC_GetMechanismInfo(slotID, type, pInfo);
+}
+
+/* FC_InitToken initializes a token. */
+CK_RV
+FC_InitToken(CK_SLOT_ID slotID, CK_CHAR_PTR pPin,
+ CK_ULONG usPinLen, CK_CHAR_PTR pLabel)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ crv = NSC_InitToken(slotID, pPin, usPinLen, pLabel);
+ if (sftk_audit_enabled) {
+ char msg[128];
+ NSSAuditSeverity severity = (crv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+ /* pLabel points to a 32-byte label, which is not null-terminated */
+ PR_snprintf(msg, sizeof msg,
+ "C_InitToken(slotID=%lu, pLabel=\"%.32s\")=0x%08lX",
+ (PRUint32)slotID, pLabel, (PRUint32)crv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_TOKEN, msg);
+ }
+ return crv;
+}
+
+/* FC_InitPIN initializes the normal user's PIN. */
+CK_RV
+FC_InitPIN(CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
+{
+ CK_RV rv;
+
+ CHECK_FORK();
+
+ if (sftk_fatalError)
+ return CKR_DEVICE_ERROR;
+ /* NSC_InitPIN will only work once per database. We can either initialize
+ * it to level1 (pin len == 0) or level2. If we initialize to level 2, then
+ * we need to make sure the pin meets FIPS requirements */
+ if ((ulPinLen == 0) || ((rv = sftk_newPinCheck(pPin, ulPinLen)) == CKR_OK)) {
+ rv = NSC_InitPIN(hSession, pPin, ulPinLen);
+ if (rv == CKR_OK) {
+ isLevel2 = (ulPinLen > 0) ? PR_TRUE : PR_FALSE;
+ }
+ }
+ if (sftk_audit_enabled) {
+ char msg[128];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+ PR_snprintf(msg, sizeof msg,
+ "C_InitPIN(hSession=0x%08lX)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_PIN, msg);
+ }
+ return rv;
+}
+
+/* FC_SetPIN modifies the PIN of user that is currently logged in. */
+/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
+CK_RV
+FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
+ CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen)
+{
+ CK_RV rv;
+
+ CHECK_FORK();
+
+ if ((rv = sftk_fipsCheck()) == CKR_OK &&
+ (rv = sftk_newPinCheck(pNewPin, usNewLen)) == CKR_OK) {
+ rv = NSC_SetPIN(hSession, pOldPin, usOldLen, pNewPin, usNewLen);
+ if (rv == CKR_OK) {
+ /* if we set the password in level1 we now go
+ * to level2. NOTE: we don't allow the user to
+ * go from level2 to level1 */
+ isLevel2 = PR_TRUE;
+ }
+ }
+ if (sftk_audit_enabled) {
+ char msg[128];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+ PR_snprintf(msg, sizeof msg,
+ "C_SetPIN(hSession=0x%08lX)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_SET_PIN, msg);
+ }
+ return rv;
+}
+
+/* FC_OpenSession opens a session between an application and a token. */
+CK_RV
+FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
+ CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession)
+{
+ SFTK_FIPSFATALCHECK();
+
+ CHECK_FORK();
+
+ return NSC_OpenSession(slotID, flags, pApplication, Notify, phSession);
+}
+
+/* FC_CloseSession closes a session between an application and a token. */
+CK_RV
+FC_CloseSession(CK_SESSION_HANDLE hSession)
+{
+ CHECK_FORK();
+
+ return NSC_CloseSession(hSession);
+}
+
+/* FC_CloseAllSessions closes all sessions with a token. */
+CK_RV
+FC_CloseAllSessions(CK_SLOT_ID slotID)
+{
+
+ CHECK_FORK();
+
+ return NSC_CloseAllSessions(slotID);
+}
+
+/* FC_GetSessionInfo obtains information about the session. */
+CK_RV
+FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo)
+{
+ CK_RV rv;
+ SFTK_FIPSFATALCHECK();
+
+ CHECK_FORK();
+
+ rv = NSC_GetSessionInfo(hSession, pInfo);
+ if (rv == CKR_OK) {
+ if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
+ pInfo->state = CKS_RO_USER_FUNCTIONS;
+ }
+ if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
+ pInfo->state = CKS_RW_USER_FUNCTIONS;
+ }
+ }
+ return rv;
+}
+
+/* FC_Login logs a user into a token. */
+CK_RV
+FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin, CK_ULONG usPinLen)
+{
+ CK_RV rv;
+ PRBool successful;
+ if (sftk_fatalError)
+ return CKR_DEVICE_ERROR;
+ rv = NSC_Login(hSession, userType, pPin, usPinLen);
+ successful = (rv == CKR_OK) || (rv == CKR_USER_ALREADY_LOGGED_IN);
+ if (successful)
+ isLoggedIn = PR_TRUE;
+ if (sftk_audit_enabled) {
+ char msg[128];
+ NSSAuditSeverity severity;
+ severity = successful ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+ PR_snprintf(msg, sizeof msg,
+ "C_Login(hSession=0x%08lX, userType=%lu)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)userType, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_LOGIN, msg);
+ }
+ return rv;
+}
+
+/* FC_Logout logs a user out from a token. */
+CK_RV
+FC_Logout(CK_SESSION_HANDLE hSession)
+{
+ CK_RV rv;
+
+ CHECK_FORK();
+
+ if ((rv = sftk_fipsCheck()) == CKR_OK) {
+ rv = NSC_Logout(hSession);
+ isLoggedIn = PR_FALSE;
+ }
+ if (sftk_audit_enabled) {
+ char msg[128];
+ NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
+ PR_snprintf(msg, sizeof msg,
+ "C_Logout(hSession=0x%08lX)=0x%08lX",
+ (PRUint32)hSession, (PRUint32)rv);
+ sftk_LogAuditMessage(severity, NSS_AUDIT_LOGOUT, msg);
+ }
+ return rv;
+}
+
+/* FC_CreateObject creates a new object. */
+CK_RV
+FC_CreateObject(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject)
+{
+ CK_OBJECT_CLASS *classptr;
+ CK_RV rv = CKR_OK;
+
+ CHECK_FORK();
+
+ classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate, ulCount, CKA_CLASS);
+ if (classptr == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ if (*classptr == CKO_NETSCAPE_NEWSLOT || *classptr == CKO_NETSCAPE_DELSLOT) {
+ if (sftk_fatalError)
+ return CKR_DEVICE_ERROR;
+ } else {
+ rv = sftk_fipsCheck();
+ if (rv != CKR_OK)
+ return rv;
+ }
+
+ /* FIPS can't create keys from raw key material */
+ if (SFTK_IS_NONPUBLIC_KEY_OBJECT(*classptr)) {
+ rv = CKR_ATTRIBUTE_VALUE_INVALID;
+ } else {
+ rv = NSC_CreateObject(hSession, pTemplate, ulCount, phObject);
+ }
+ if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(*classptr)) {
+ sftk_AuditCreateObject(hSession, pTemplate, ulCount, phObject, rv);
+ }
+ return rv;
+}
+
+/* FC_CopyObject copies an object, creating a new object for the copy. */
+CK_RV
+FC_CopyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
+{
+ CK_RV rv;
+ CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
+ if (rv == CKR_OK) {
+ rv = NSC_CopyObject(hSession, hObject, pTemplate, ulCount, phNewObject);
+ }
+ if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
+ sftk_AuditCopyObject(hSession,
+ hObject, pTemplate, ulCount, phNewObject, rv);
+ }
+ return rv;
+}
+
+/* FC_DestroyObject destroys an object. */
+CK_RV
+FC_DestroyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject)
+{
+ CK_RV rv;
+ CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
+ if (rv == CKR_OK) {
+ rv = NSC_DestroyObject(hSession, hObject);
+ }
+ if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
+ sftk_AuditDestroyObject(hSession, hObject, rv);
+ }
+ return rv;
+}
+
+/* FC_GetObjectSize gets the size of an object in bytes. */
+CK_RV
+FC_GetObjectSize(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize)
+{
+ CK_RV rv;
+ CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
+ if (rv == CKR_OK) {
+ rv = NSC_GetObjectSize(hSession, hObject, pulSize);
+ }
+ if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
+ sftk_AuditGetObjectSize(hSession, hObject, pulSize, rv);
+ }
+ return rv;
+}
+
+/* FC_GetAttributeValue obtains the value of one or more object attributes. */
+CK_RV
+FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ CK_RV rv;
+ CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
+ if (rv == CKR_OK) {
+ rv = NSC_GetAttributeValue(hSession, hObject, pTemplate, ulCount);
+ }
+ if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
+ sftk_AuditGetAttributeValue(hSession, hObject, pTemplate, ulCount, rv);
+ }
+ return rv;
+}
+
+/* FC_SetAttributeValue modifies the value of one or more object attributes */
+CK_RV
+FC_SetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ CK_RV rv;
+ CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
+ if (rv == CKR_OK) {
+ rv = NSC_SetAttributeValue(hSession, hObject, pTemplate, ulCount);
+ }
+ if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
+ sftk_AuditSetAttributeValue(hSession, hObject, pTemplate, ulCount, rv);
+ }
+ return rv;
+}
+
+/* FC_FindObjectsInit initializes a search for token and session objects
+ * that match a template. */
+CK_RV
+FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount)
+{
+ /* let publically readable object be found */
+ unsigned int i;
+ CK_RV rv;
+ PRBool needLogin = PR_FALSE;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+
+ for (i = 0; i < usCount; i++) {
+ CK_OBJECT_CLASS class;
+ if (pTemplate[i].type != CKA_CLASS) {
+ continue;
+ }
+ if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
+ continue;
+ }
+ if (pTemplate[i].pValue == NULL) {
+ continue;
+ }
+ class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
+ if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
+ needLogin = PR_TRUE;
+ break;
+ }
+ }
+ if (needLogin) {
+ if ((rv = sftk_fipsCheck()) != CKR_OK)
+ return rv;
+ }
+ return NSC_FindObjectsInit(hSession, pTemplate, usCount);
+}
+
+/* FC_FindObjects continues a search for token and session objects
+ * that match a template, obtaining additional object handles. */
+CK_RV
+FC_FindObjects(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject, CK_ULONG usMaxObjectCount,
+ CK_ULONG_PTR pusObjectCount)
+{
+ CHECK_FORK();
+
+ /* let publically readable object be found */
+ SFTK_FIPSFATALCHECK();
+ return NSC_FindObjects(hSession, phObject, usMaxObjectCount,
+ pusObjectCount);
+}
+
+/*
+ ************** Crypto Functions: Encrypt ************************
+ */
+
+/* FC_EncryptInit initializes an encryption operation. */
+CK_RV
+FC_EncryptInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_EncryptInit(hSession, pMechanism, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditCryptInit("Encrypt", hSession, pMechanism, hKey, rv);
+ }
+ return rv;
+}
+
+/* FC_Encrypt encrypts single-part data. */
+CK_RV
+FC_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
+ CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pusEncryptedDataLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_Encrypt(hSession, pData, usDataLen, pEncryptedData,
+ pusEncryptedDataLen);
+}
+
+/* FC_EncryptUpdate continues a multiple-part encryption operation. */
+CK_RV
+FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pusEncryptedPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_EncryptUpdate(hSession, pPart, usPartLen, pEncryptedPart,
+ pusEncryptedPartLen);
+}
+
+/* FC_EncryptFinal finishes a multiple-part encryption operation. */
+CK_RV
+FC_EncryptFinal(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_EncryptFinal(hSession, pLastEncryptedPart,
+ pusLastEncryptedPartLen);
+}
+
+/*
+ ************** Crypto Functions: Decrypt ************************
+ */
+
+/* FC_DecryptInit initializes a decryption operation. */
+CK_RV
+FC_DecryptInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_DecryptInit(hSession, pMechanism, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditCryptInit("Decrypt", hSession, pMechanism, hKey, rv);
+ }
+ return rv;
+}
+
+/* FC_Decrypt decrypts encrypted data in a single part. */
+CK_RV
+FC_Decrypt(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData, CK_ULONG usEncryptedDataLen, CK_BYTE_PTR pData,
+ CK_ULONG_PTR pusDataLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_Decrypt(hSession, pEncryptedData, usEncryptedDataLen, pData,
+ pusDataLen);
+}
+
+/* FC_DecryptUpdate continues a multiple-part decryption operation. */
+CK_RV
+FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
+ CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_DecryptUpdate(hSession, pEncryptedPart, usEncryptedPartLen,
+ pPart, pusPartLen);
+}
+
+/* FC_DecryptFinal finishes a multiple-part decryption operation. */
+CK_RV
+FC_DecryptFinal(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_DecryptFinal(hSession, pLastPart, pusLastPartLen);
+}
+
+/*
+ ************** Crypto Functions: Digest (HASH) ************************
+ */
+
+/* FC_DigestInit initializes a message-digesting operation. */
+CK_RV
+FC_DigestInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism)
+{
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_DigestInit(hSession, pMechanism);
+}
+
+/* FC_Digest digests data in a single part. */
+CK_RV
+FC_Digest(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pusDigestLen)
+{
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_Digest(hSession, pData, usDataLen, pDigest, pusDigestLen);
+}
+
+/* FC_DigestUpdate continues a multiple-part message-digesting operation. */
+CK_RV
+FC_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG usPartLen)
+{
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_DigestUpdate(hSession, pPart, usPartLen);
+}
+
+/* FC_DigestFinal finishes a multiple-part message-digesting operation. */
+CK_RV
+FC_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pusDigestLen)
+{
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_DigestFinal(hSession, pDigest, pusDigestLen);
+}
+
+/*
+ ************** Crypto Functions: Sign ************************
+ */
+
+/* FC_SignInit initializes a signature (private key encryption) operation,
+ * where the signature is (will be) an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+FC_SignInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_SignInit(hSession, pMechanism, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditCryptInit("Sign", hSession, pMechanism, hKey, rv);
+ }
+ return rv;
+}
+
+/* FC_Sign signs (encrypts with private key) data in a single part,
+ * where the signature is (will be) an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+FC_Sign(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pusSignatureLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_Sign(hSession, pData, usDataLen, pSignature, pusSignatureLen);
+}
+
+/* FC_SignUpdate continues a multiple-part signature operation,
+ * where the signature is (will be) an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+FC_SignUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG usPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_SignUpdate(hSession, pPart, usPartLen);
+}
+
+/* FC_SignFinal finishes a multiple-part signature operation,
+ * returning the signature. */
+CK_RV
+FC_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pusSignatureLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_SignFinal(hSession, pSignature, pusSignatureLen);
+}
+
+/*
+ ************** Crypto Functions: Sign Recover ************************
+ */
+/* FC_SignRecoverInit initializes a signature operation,
+ * where the (digest) data can be recovered from the signature.
+ * E.g. encryption with the user's private key */
+CK_RV
+FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_SignRecoverInit(hSession, pMechanism, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditCryptInit("SignRecover", hSession, pMechanism, hKey, rv);
+ }
+ return rv;
+}
+
+/* FC_SignRecover signs data in a single operation
+ * where the (digest) data can be recovered from the signature.
+ * E.g. encryption with the user's private key */
+CK_RV
+FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
+ CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_SignRecover(hSession, pData, usDataLen, pSignature, pusSignatureLen);
+}
+
+/*
+ ************** Crypto Functions: verify ************************
+ */
+
+/* FC_VerifyInit initializes a verification operation,
+ * where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature (e.g. DSA) */
+CK_RV
+FC_VerifyInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_VerifyInit(hSession, pMechanism, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditCryptInit("Verify", hSession, pMechanism, hKey, rv);
+ }
+ return rv;
+}
+
+/* FC_Verify verifies a signature in a single-part operation,
+ * where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
+ CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen)
+{
+ /* make sure we're legal */
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_Verify(hSession, pData, usDataLen, pSignature, usSignatureLen);
+}
+
+/* FC_VerifyUpdate continues a multiple-part verification operation,
+ * where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+FC_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG usPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_VerifyUpdate(hSession, pPart, usPartLen);
+}
+
+/* FC_VerifyFinal finishes a multiple-part verification operation,
+ * checking the signature. */
+CK_RV
+FC_VerifyFinal(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_VerifyFinal(hSession, pSignature, usSignatureLen);
+}
+
+/*
+ ************** Crypto Functions: Verify Recover ************************
+ */
+
+/* FC_VerifyRecoverInit initializes a signature verification operation,
+ * where the data is recovered from the signature.
+ * E.g. Decryption with the user's public key */
+CK_RV
+FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_VerifyRecoverInit(hSession, pMechanism, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditCryptInit("VerifyRecover", hSession, pMechanism, hKey, rv);
+ }
+ return rv;
+}
+
+/* FC_VerifyRecover verifies a signature in a single-part operation,
+ * where the data is recovered from the signature.
+ * E.g. Decryption with the user's public key */
+CK_RV
+FC_VerifyRecover(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen,
+ CK_BYTE_PTR pData, CK_ULONG_PTR pusDataLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_VerifyRecover(hSession, pSignature, usSignatureLen, pData,
+ pusDataLen);
+}
+
+/*
+ **************************** Key Functions: ************************
+ */
+
+/* FC_GenerateKey generates a secret key, creating a new key object. */
+CK_RV
+FC_GenerateKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ CK_BBOOL *boolptr;
+
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ /* all secret keys must be sensitive, if the upper level code tries to say
+ * otherwise, reject it. */
+ boolptr = (CK_BBOOL *)fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
+ if (boolptr != NULL) {
+ if (!(*boolptr)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ }
+
+ rv = NSC_GenerateKey(hSession, pMechanism, pTemplate, ulCount, phKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditGenerateKey(hSession, pMechanism, pTemplate, ulCount, phKey, rv);
+ }
+ return rv;
+}
+
+/* FC_GenerateKeyPair generates a public-key/private-key pair,
+ * creating new key objects. */
+CK_RV
+FC_GenerateKeyPair(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey)
+{
+ CK_BBOOL *boolptr;
+ CK_RV crv;
+
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ /* all private keys must be sensitive, if the upper level code tries to say
+ * otherwise, reject it. */
+ boolptr = (CK_BBOOL *)fc_getAttribute(pPrivateKeyTemplate,
+ usPrivateKeyAttributeCount, CKA_SENSITIVE);
+ if (boolptr != NULL) {
+ if (!(*boolptr)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ }
+ crv = NSC_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
+ usPublicKeyAttributeCount, pPrivateKeyTemplate,
+ usPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
+ if (crv == CKR_GENERAL_ERROR) {
+ /* pairwise consistency check failed. */
+ sftk_fatalError = PR_TRUE;
+ }
+ if (sftk_audit_enabled) {
+ sftk_AuditGenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
+ usPublicKeyAttributeCount, pPrivateKeyTemplate,
+ usPrivateKeyAttributeCount, phPublicKey, phPrivateKey, crv);
+ }
+ return crv;
+}
+
+/* FC_WrapKey wraps (i.e., encrypts) a key. */
+CK_RV
+FC_WrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_WrapKey(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey,
+ pulWrappedKeyLen);
+ if (sftk_audit_enabled) {
+ sftk_AuditWrapKey(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey,
+ pulWrappedKeyLen, rv);
+ }
+ return rv;
+}
+
+/* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
+CK_RV
+FC_UnwrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ CK_BBOOL *boolptr;
+
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ /* all secret keys must be sensitive, if the upper level code tries to say
+ * otherwise, reject it. */
+ boolptr = (CK_BBOOL *)fc_getAttribute(pTemplate,
+ ulAttributeCount, CKA_SENSITIVE);
+ if (boolptr != NULL) {
+ if (!(*boolptr)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ }
+ rv = NSC_UnwrapKey(hSession, pMechanism, hUnwrappingKey, pWrappedKey,
+ ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditUnwrapKey(hSession, pMechanism, hUnwrappingKey, pWrappedKey,
+ ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey, rv);
+ }
+ return rv;
+}
+
+/* FC_DeriveKey derives a key from a base key, creating a new key object. */
+CK_RV
+FC_DeriveKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ CK_BBOOL *boolptr;
+
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ /* all secret keys must be sensitive, if the upper level code tries to say
+ * otherwise, reject it. */
+ boolptr = (CK_BBOOL *)fc_getAttribute(pTemplate,
+ ulAttributeCount, CKA_SENSITIVE);
+ if (boolptr != NULL) {
+ if (!(*boolptr)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ }
+ rv = NSC_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate,
+ ulAttributeCount, phKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditDeriveKey(hSession, pMechanism, hBaseKey, pTemplate,
+ ulAttributeCount, phKey, rv);
+ }
+ return rv;
+}
+
+/*
+ **************************** Radom Functions: ************************
+ */
+
+/* FC_SeedRandom mixes additional seed material into the token's random number
+ * generator. */
+CK_RV
+FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
+ CK_ULONG usSeedLen)
+{
+ CK_RV crv;
+
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ crv = NSC_SeedRandom(hSession, pSeed, usSeedLen);
+ if (crv != CKR_OK) {
+ sftk_fatalError = PR_TRUE;
+ }
+ return crv;
+}
+
+/* FC_GenerateRandom generates random data. */
+CK_RV
+FC_GenerateRandom(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ SFTK_FIPSFATALCHECK();
+ crv = NSC_GenerateRandom(hSession, pRandomData, ulRandomLen);
+ if (crv != CKR_OK) {
+ sftk_fatalError = PR_TRUE;
+ if (sftk_audit_enabled) {
+ char msg[128];
+ PR_snprintf(msg, sizeof msg,
+ "C_GenerateRandom(hSession=0x%08lX, pRandomData=%p, "
+ "ulRandomLen=%lu)=0x%08lX "
+ "self-test: continuous RNG test failed",
+ (PRUint32)hSession, pRandomData,
+ (PRUint32)ulRandomLen, (PRUint32)crv);
+ sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
+ }
+ }
+ return crv;
+}
+
+/* FC_GetFunctionStatus obtains an updated status of a function running
+ * in parallel with an application. */
+CK_RV
+FC_GetFunctionStatus(CK_SESSION_HANDLE hSession)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_GetFunctionStatus(hSession);
+}
+
+/* FC_CancelFunction cancels a function running in parallel */
+CK_RV
+FC_CancelFunction(CK_SESSION_HANDLE hSession)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_CancelFunction(hSession);
+}
+
+/*
+ **************************** Version 1.1 Functions: ************************
+ */
+
+/* FC_GetOperationState saves the state of the cryptographic
+ *operation in a session. */
+CK_RV
+FC_GetOperationState(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
+{
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_GetOperationState(hSession, pOperationState, pulOperationStateLen);
+}
+
+/* FC_SetOperationState restores the state of the cryptographic operation
+ * in a session. */
+CK_RV
+FC_SetOperationState(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
+{
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_SetOperationState(hSession, pOperationState, ulOperationStateLen,
+ hEncryptionKey, hAuthenticationKey);
+}
+
+/* FC_FindObjectsFinal finishes a search for token and session objects. */
+CK_RV
+FC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
+{
+ /* let publically readable object be found */
+ SFTK_FIPSFATALCHECK();
+ CHECK_FORK();
+
+ return NSC_FindObjectsFinal(hSession);
+}
+
+/* Dual-function cryptographic operations */
+
+/* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
+ * operation. */
+CK_RV
+FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_DigestEncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart,
+ pulEncryptedPartLen);
+}
+
+/* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
+ * operation. */
+CK_RV
+FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_DecryptDigestUpdate(hSession, pEncryptedPart, ulEncryptedPartLen,
+ pPart, pulPartLen);
+}
+
+/* FC_SignEncryptUpdate continues a multiple-part signing and encryption
+ * operation. */
+CK_RV
+FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_SignEncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart,
+ pulEncryptedPartLen);
+}
+
+/* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
+ * operation. */
+CK_RV
+FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ return NSC_DecryptVerifyUpdate(hSession, pEncryptedData, ulEncryptedDataLen,
+ pData, pulDataLen);
+}
+
+/* FC_DigestKey continues a multi-part message-digesting operation,
+ * by digesting the value of a secret key as part of the data already digested.
+ */
+CK_RV
+FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
+{
+ SFTK_FIPSCHECK();
+ CHECK_FORK();
+
+ rv = NSC_DigestKey(hSession, hKey);
+ if (sftk_audit_enabled) {
+ sftk_AuditDigestKey(hSession, hKey, rv);
+ }
+ return rv;
+}
+
+CK_RV
+FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved)
+{
+ CHECK_FORK();
+
+ return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
+}
diff --git a/security/nss/lib/softoken/jpakesftk.c b/security/nss/lib/softoken/jpakesftk.c
new file mode 100644
index 000000000..7ed1e3495
--- /dev/null
+++ b/security/nss/lib/softoken/jpakesftk.c
@@ -0,0 +1,359 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "seccomon.h"
+#include "secerr.h"
+#include "blapi.h"
+#include "pkcs11i.h"
+#include "softoken.h"
+
+static CK_RV
+jpake_mapStatus(SECStatus rv, CK_RV invalidArgsMapping)
+{
+ int err;
+ if (rv == SECSuccess)
+ return CKR_OK;
+ err = PORT_GetError();
+ switch (err) {
+ /* XXX: SEC_ERROR_INVALID_ARGS might be caused by invalid template
+ parameters. */
+ case SEC_ERROR_INVALID_ARGS:
+ return invalidArgsMapping;
+ case SEC_ERROR_BAD_SIGNATURE:
+ return CKR_SIGNATURE_INVALID;
+ case SEC_ERROR_NO_MEMORY:
+ return CKR_HOST_MEMORY;
+ }
+ return CKR_FUNCTION_FAILED;
+}
+
+/* If key is not NULL then the gx value will be stored as an attribute with
+ the type given by the gxAttrType parameter. */
+static CK_RV
+jpake_Sign(PLArenaPool *arena, const PQGParams *pqg, HASH_HashType hashType,
+ const SECItem *signerID, const SECItem *x,
+ CK_NSS_JPAKEPublicValue *out)
+{
+ SECItem gx, gv, r;
+ CK_RV crv;
+
+ PORT_Assert(arena != NULL);
+
+ gx.data = NULL;
+ gv.data = NULL;
+ r.data = NULL;
+ crv = jpake_mapStatus(JPAKE_Sign(arena, pqg, hashType, signerID, x, NULL,
+ NULL, &gx, &gv, &r),
+ CKR_MECHANISM_PARAM_INVALID);
+ if (crv == CKR_OK) {
+ if ((out->pGX != NULL && out->ulGXLen >= gx.len) ||
+ (out->pGV != NULL && out->ulGVLen >= gv.len) ||
+ (out->pR != NULL && out->ulRLen >= r.len)) {
+ PORT_Memcpy(out->pGX, gx.data, gx.len);
+ PORT_Memcpy(out->pGV, gv.data, gv.len);
+ PORT_Memcpy(out->pR, r.data, r.len);
+ out->ulGXLen = gx.len;
+ out->ulGVLen = gv.len;
+ out->ulRLen = r.len;
+ } else {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ }
+ }
+ return crv;
+}
+
+static CK_RV
+jpake_Verify(PLArenaPool *arena, const PQGParams *pqg,
+ HASH_HashType hashType, const SECItem *signerID,
+ const CK_BYTE *peerIDData, CK_ULONG peerIDLen,
+ const CK_NSS_JPAKEPublicValue *publicValueIn)
+{
+ SECItem peerID, gx, gv, r;
+ peerID.data = (unsigned char *)peerIDData;
+ peerID.len = peerIDLen;
+ gx.data = publicValueIn->pGX;
+ gx.len = publicValueIn->ulGXLen;
+ gv.data = publicValueIn->pGV;
+ gv.len = publicValueIn->ulGVLen;
+ r.data = publicValueIn->pR;
+ r.len = publicValueIn->ulRLen;
+ return jpake_mapStatus(JPAKE_Verify(arena, pqg, hashType, signerID, &peerID,
+ &gx, &gv, &r),
+ CKR_MECHANISM_PARAM_INVALID);
+}
+
+#define NUM_ELEM(x) (sizeof(x) / sizeof(x)[0])
+
+/* If the template has the key type set, ensure that it was set to the correct
+ * value. If the template did not have the key type set, set it to the
+ * correct value.
+ */
+static CK_RV
+jpake_enforceKeyType(SFTKObject *key, CK_KEY_TYPE keyType)
+{
+ CK_RV crv;
+ SFTKAttribute *keyTypeAttr = sftk_FindAttribute(key, CKA_KEY_TYPE);
+ if (keyTypeAttr != NULL) {
+ crv = *(CK_KEY_TYPE *)keyTypeAttr->attrib.pValue == keyType
+ ? CKR_OK
+ : CKR_TEMPLATE_INCONSISTENT;
+ sftk_FreeAttribute(keyTypeAttr);
+ } else {
+ crv = sftk_forceAttribute(key, CKA_KEY_TYPE, &keyType, sizeof keyType);
+ }
+ return crv;
+}
+
+static CK_RV
+jpake_MultipleSecItem2Attribute(SFTKObject *key, const SFTKItemTemplate *attrs,
+ size_t attrsCount)
+{
+ size_t i;
+
+ for (i = 0; i < attrsCount; ++i) {
+ CK_RV crv = sftk_forceAttribute(key, attrs[i].type, attrs[i].item->data,
+ attrs[i].item->len);
+ if (crv != CKR_OK)
+ return crv;
+ }
+ return CKR_OK;
+}
+
+CK_RV
+jpake_Round1(HASH_HashType hashType, CK_NSS_JPAKERound1Params *params,
+ SFTKObject *key)
+{
+ CK_RV crv;
+ PQGParams pqg;
+ PLArenaPool *arena;
+ SECItem signerID;
+ SFTKItemTemplate templateAttrs[] = {
+ { CKA_PRIME, &pqg.prime },
+ { CKA_SUBPRIME, &pqg.subPrime },
+ { CKA_BASE, &pqg.base },
+ { CKA_NSS_JPAKE_SIGNERID, &signerID }
+ };
+ SECItem x2, gx1, gx2;
+ const SFTKItemTemplate generatedAttrs[] = {
+ { CKA_NSS_JPAKE_X2, &x2 },
+ { CKA_NSS_JPAKE_GX1, &gx1 },
+ { CKA_NSS_JPAKE_GX2, &gx2 },
+ };
+ SECItem x1;
+
+ PORT_Assert(params != NULL);
+ PORT_Assert(key != NULL);
+
+ arena = PORT_NewArena(NSS_SOFTOKEN_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ crv = CKR_HOST_MEMORY;
+
+ crv = sftk_MultipleAttribute2SecItem(arena, key, templateAttrs,
+ NUM_ELEM(templateAttrs));
+
+ if (crv == CKR_OK && (signerID.data == NULL || signerID.len == 0))
+ crv = CKR_TEMPLATE_INCOMPLETE;
+
+ /* generate x1, g^x1 and the proof of knowledge of x1 */
+ if (crv == CKR_OK) {
+ x1.data = NULL;
+ crv = jpake_mapStatus(DSA_NewRandom(arena, &pqg.subPrime, &x1),
+ CKR_TEMPLATE_INCONSISTENT);
+ }
+ if (crv == CKR_OK)
+ crv = jpake_Sign(arena, &pqg, hashType, &signerID, &x1, &params->gx1);
+
+ /* generate x2, g^x2 and the proof of knowledge of x2 */
+ if (crv == CKR_OK) {
+ x2.data = NULL;
+ crv = jpake_mapStatus(DSA_NewRandom(arena, &pqg.subPrime, &x2),
+ CKR_TEMPLATE_INCONSISTENT);
+ }
+ if (crv == CKR_OK)
+ crv = jpake_Sign(arena, &pqg, hashType, &signerID, &x2, &params->gx2);
+
+ /* Save the values needed for round 2 into CKA_VALUE */
+ if (crv == CKR_OK) {
+ gx1.data = params->gx1.pGX;
+ gx1.len = params->gx1.ulGXLen;
+ gx2.data = params->gx2.pGX;
+ gx2.len = params->gx2.ulGXLen;
+ crv = jpake_MultipleSecItem2Attribute(key, generatedAttrs,
+ NUM_ELEM(generatedAttrs));
+ }
+
+ PORT_FreeArena(arena, PR_TRUE);
+ return crv;
+}
+
+CK_RV
+jpake_Round2(HASH_HashType hashType, CK_NSS_JPAKERound2Params *params,
+ SFTKObject *sourceKey, SFTKObject *key)
+{
+ CK_RV crv;
+ PLArenaPool *arena;
+ PQGParams pqg;
+ SECItem signerID, x2, gx1, gx2;
+ SFTKItemTemplate sourceAttrs[] = {
+ { CKA_PRIME, &pqg.prime },
+ { CKA_SUBPRIME, &pqg.subPrime },
+ { CKA_BASE, &pqg.base },
+ { CKA_NSS_JPAKE_SIGNERID, &signerID },
+ { CKA_NSS_JPAKE_X2, &x2 },
+ { CKA_NSS_JPAKE_GX1, &gx1 },
+ { CKA_NSS_JPAKE_GX2, &gx2 },
+ };
+ SECItem x2s, gx3, gx4;
+ const SFTKItemTemplate copiedAndGeneratedAttrs[] = {
+ { CKA_NSS_JPAKE_SIGNERID, &signerID },
+ { CKA_PRIME, &pqg.prime },
+ { CKA_SUBPRIME, &pqg.subPrime },
+ { CKA_NSS_JPAKE_X2, &x2 },
+ { CKA_NSS_JPAKE_X2S, &x2s },
+ { CKA_NSS_JPAKE_GX1, &gx1 },
+ { CKA_NSS_JPAKE_GX2, &gx2 },
+ { CKA_NSS_JPAKE_GX3, &gx3 },
+ { CKA_NSS_JPAKE_GX4, &gx4 }
+ };
+ SECItem peerID;
+
+ PORT_Assert(params != NULL);
+ PORT_Assert(sourceKey != NULL);
+ PORT_Assert(key != NULL);
+
+ arena = PORT_NewArena(NSS_SOFTOKEN_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ crv = CKR_HOST_MEMORY;
+
+ /* TODO: check CKK_NSS_JPAKE_ROUND1 */
+
+ crv = sftk_MultipleAttribute2SecItem(arena, sourceKey, sourceAttrs,
+ NUM_ELEM(sourceAttrs));
+
+ /* Get the peer's ID out of the template and sanity-check it. */
+ if (crv == CKR_OK)
+ crv = sftk_Attribute2SecItem(arena, &peerID, key,
+ CKA_NSS_JPAKE_PEERID);
+ if (crv == CKR_OK && (peerID.data == NULL || peerID.len == 0))
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ if (crv == CKR_OK && SECITEM_CompareItem(&signerID, &peerID) == SECEqual)
+ crv = CKR_TEMPLATE_INCONSISTENT;
+
+ /* Verify zero-knowledge proofs for g^x3 and g^x4 */
+ if (crv == CKR_OK)
+ crv = jpake_Verify(arena, &pqg, hashType, &signerID,
+ peerID.data, peerID.len, &params->gx3);
+ if (crv == CKR_OK)
+ crv = jpake_Verify(arena, &pqg, hashType, &signerID,
+ peerID.data, peerID.len, &params->gx4);
+
+ /* Calculate the base and x2s for A=base^x2s */
+ if (crv == CKR_OK) {
+ SECItem s;
+ s.data = params->pSharedKey;
+ s.len = params->ulSharedKeyLen;
+ gx3.data = params->gx3.pGX;
+ gx3.len = params->gx3.ulGXLen;
+ gx4.data = params->gx4.pGX;
+ gx4.len = params->gx4.ulGXLen;
+ pqg.base.data = NULL;
+ x2s.data = NULL;
+ crv = jpake_mapStatus(JPAKE_Round2(arena, &pqg.prime, &pqg.subPrime,
+ &gx1, &gx3, &gx4, &pqg.base,
+ &x2, &s, &x2s),
+ CKR_MECHANISM_PARAM_INVALID);
+ }
+
+ /* Generate A=base^x2s and its zero-knowledge proof. */
+ if (crv == CKR_OK)
+ crv = jpake_Sign(arena, &pqg, hashType, &signerID, &x2s, &params->A);
+
+ /* Copy P and Q from the ROUND1 key to the ROUND2 key and save the values
+ needed for the final key material derivation into CKA_VALUE. */
+ if (crv == CKR_OK)
+ crv = sftk_forceAttribute(key, CKA_PRIME, pqg.prime.data,
+ pqg.prime.len);
+ if (crv == CKR_OK)
+ crv = sftk_forceAttribute(key, CKA_SUBPRIME, pqg.subPrime.data,
+ pqg.subPrime.len);
+ if (crv == CKR_OK) {
+ crv = jpake_MultipleSecItem2Attribute(key, copiedAndGeneratedAttrs,
+ NUM_ELEM(copiedAndGeneratedAttrs));
+ }
+
+ if (crv == CKR_OK)
+ crv = jpake_enforceKeyType(key, CKK_NSS_JPAKE_ROUND2);
+
+ PORT_FreeArena(arena, PR_TRUE);
+ return crv;
+}
+
+CK_RV
+jpake_Final(HASH_HashType hashType, const CK_NSS_JPAKEFinalParams *param,
+ SFTKObject *sourceKey, SFTKObject *key)
+{
+ PLArenaPool *arena;
+ SECItem K;
+ PQGParams pqg;
+ CK_RV crv;
+ SECItem peerID, signerID, x2s, x2, gx1, gx2, gx3, gx4;
+ SFTKItemTemplate sourceAttrs[] = {
+ { CKA_NSS_JPAKE_PEERID, &peerID },
+ { CKA_NSS_JPAKE_SIGNERID, &signerID },
+ { CKA_PRIME, &pqg.prime },
+ { CKA_SUBPRIME, &pqg.subPrime },
+ { CKA_NSS_JPAKE_X2, &x2 },
+ { CKA_NSS_JPAKE_X2S, &x2s },
+ { CKA_NSS_JPAKE_GX1, &gx1 },
+ { CKA_NSS_JPAKE_GX2, &gx2 },
+ { CKA_NSS_JPAKE_GX3, &gx3 },
+ { CKA_NSS_JPAKE_GX4, &gx4 }
+ };
+
+ PORT_Assert(param != NULL);
+ PORT_Assert(sourceKey != NULL);
+ PORT_Assert(key != NULL);
+
+ arena = PORT_NewArena(NSS_SOFTOKEN_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ crv = CKR_HOST_MEMORY;
+
+ /* TODO: verify key type CKK_NSS_JPAKE_ROUND2 */
+
+ crv = sftk_MultipleAttribute2SecItem(arena, sourceKey, sourceAttrs,
+ NUM_ELEM(sourceAttrs));
+
+ /* Calculate base for B=base^x4s */
+ if (crv == CKR_OK) {
+ pqg.base.data = NULL;
+ crv = jpake_mapStatus(JPAKE_Round2(arena, &pqg.prime, &pqg.subPrime,
+ &gx1, &gx2, &gx3, &pqg.base,
+ NULL, NULL, NULL),
+ CKR_MECHANISM_PARAM_INVALID);
+ }
+
+ /* Verify zero-knowledge proof for B */
+ if (crv == CKR_OK)
+ crv = jpake_Verify(arena, &pqg, hashType, &signerID,
+ peerID.data, peerID.len, &param->B);
+ if (crv == CKR_OK) {
+ SECItem B;
+ B.data = param->B.pGX;
+ B.len = param->B.ulGXLen;
+ K.data = NULL;
+ crv = jpake_mapStatus(JPAKE_Final(arena, &pqg.prime, &pqg.subPrime,
+ &x2, &gx4, &x2s, &B, &K),
+ CKR_MECHANISM_PARAM_INVALID);
+ }
+
+ /* Save key material into CKA_VALUE. */
+ if (crv == CKR_OK)
+ crv = sftk_forceAttribute(key, CKA_VALUE, K.data, K.len);
+
+ if (crv == CKR_OK)
+ crv = jpake_enforceKeyType(key, CKK_GENERIC_SECRET);
+
+ PORT_FreeArena(arena, PR_TRUE);
+ return crv;
+}
diff --git a/security/nss/lib/softoken/legacydb/Makefile b/security/nss/lib/softoken/legacydb/Makefile
new file mode 100644
index 000000000..b7e94cae3
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/Makefile
@@ -0,0 +1,62 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+ifdef NSS_NO_INIT_SUPPORT
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif
+ifeq ($(OS_TARGET),Linux)
+ifeq ($(CPU_ARCH),ppc)
+ifdef USE_64
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif # USE_64
+endif # ppc
+else # !Linux
+ # turn off no init support everywhere for now
+ DEFINES += -DNSS_NO_INIT_SUPPORT
+endif # Linux
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+# indicates dependency on freebl static lib
+$(SHARED_LIBRARY): $(CRYPTOLIB)
diff --git a/security/nss/lib/softoken/legacydb/cdbhdl.h b/security/nss/lib/softoken/legacydb/cdbhdl.h
new file mode 100644
index 000000000..e7243db77
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/cdbhdl.h
@@ -0,0 +1,51 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * cdbhdl.h - certificate database handle
+ * private to the certdb module
+ */
+#ifndef _CDBHDL_H_
+#define _CDBHDL_H_
+
+#include "nspr.h"
+#include "mcom_db.h"
+#include "pcertt.h"
+#include "prtypes.h"
+
+/*
+ * Handle structure for open certificate databases
+ */
+struct NSSLOWCERTCertDBHandleStr {
+ DB *permCertDB;
+ PZMonitor *dbMon;
+ PRBool dbVerify;
+ PRInt32 ref; /* reference count */
+};
+
+#ifdef DBM_USING_NSPR
+#define NO_RDONLY PR_RDONLY
+#define NO_RDWR PR_RDWR
+#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
+#else
+#define NO_RDONLY O_RDONLY
+#define NO_RDWR O_RDWR
+#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
+#endif
+
+typedef DB *(*rdbfunc)(const char *appName, const char *prefix,
+ const char *type, int flags);
+typedef int (*rdbstatusfunc)(void);
+
+#define RDB_FAIL 1
+#define RDB_RETRY 2
+
+DB *rdbopen(const char *appName, const char *prefix,
+ const char *type, int flags, int *status);
+
+DB *dbsopen(const char *dbname, int flags, int mode, DBTYPE type,
+ const void *appData);
+SECStatus db_Copy(DB *dest, DB *src);
+int db_InitComplete(DB *db);
+
+#endif
diff --git a/security/nss/lib/softoken/legacydb/config.mk b/security/nss/lib/softoken/legacydb/config.mk
new file mode 100644
index 000000000..ac7240e4b
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/config.mk
@@ -0,0 +1,57 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
+CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
+
+EXTRA_LIBS += \
+ $(CRYPTOLIB) \
+ $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
+ $(NULL)
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/$(LIBRARY_NAME).res
+RESNAME = $(LIBRARY_NAME).rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+else # ! NS_USE_GCC
+
+EXTRA_SHARED_LIBS += \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(DIST)/lib/nssutil3.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
+# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+endif
diff --git a/security/nss/lib/softoken/legacydb/dbmshim.c b/security/nss/lib/softoken/legacydb/dbmshim.c
new file mode 100644
index 000000000..ae498faea
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/dbmshim.c
@@ -0,0 +1,600 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Berkeley DB 1.85 Shim code to handle blobs.
+ */
+#include "mcom_db.h"
+#include "secitem.h"
+#include "nssb64.h"
+#include "blapi.h"
+#include "secerr.h"
+
+#include "lgdb.h"
+
+/*
+ * Blob block:
+ * Byte 0 CERTDB Version -+ -+
+ * Byte 1 certDBEntryTypeBlob | BLOB_HEAD_LEN |
+ * Byte 2 flags (always '0'); | |
+ * Byte 3 reserved (always '0'); -+ |
+ * Byte 4 LSB length | <--BLOB_LENGTH_START | BLOB_BUF_LEN
+ * Byte 5 . | |
+ * Byte 6 . | BLOB_LENGTH_LEN |
+ * Byte 7 MSB length | |
+ * Byte 8 blob_filename -+ -+ <-- BLOB_NAME_START |
+ * Byte 9 . | BLOB_NAME_LEN |
+ * . . | |
+ * Byte 37 . -+ -+
+ */
+#define DBS_BLOCK_SIZE (16 * 1024) /* 16 k */
+#define DBS_MAX_ENTRY_SIZE (DBS_BLOCK_SIZE - (2048)) /* 14 k */
+#define DBS_CACHE_SIZE DBS_BLOCK_SIZE * 8
+#define ROUNDDIV(x, y) (x + (y - 1)) / y
+#define BLOB_HEAD_LEN 4
+#define BLOB_LENGTH_START BLOB_HEAD_LEN
+#define BLOB_LENGTH_LEN 4
+#define BLOB_NAME_START BLOB_LENGTH_START + BLOB_LENGTH_LEN
+#define BLOB_NAME_LEN 1 + ROUNDDIV(SHA1_LENGTH, 3) * 4 + 1
+#define BLOB_BUF_LEN BLOB_HEAD_LEN + BLOB_LENGTH_LEN + BLOB_NAME_LEN
+
+/* a Shim data structure. This data structure has a db built into it. */
+typedef struct DBSStr DBS;
+
+struct DBSStr {
+ DB db;
+ char *blobdir;
+ int mode;
+ PRBool readOnly;
+ PRFileMap *dbs_mapfile;
+ unsigned char *dbs_addr;
+ PRUint32 dbs_len;
+ char staticBlobArea[BLOB_BUF_LEN];
+};
+
+/*
+ * return true if the Datablock contains a blobtype
+ */
+static PRBool
+dbs_IsBlob(DBT *blobData)
+{
+ unsigned char *addr = (unsigned char *)blobData->data;
+ if (blobData->size < BLOB_BUF_LEN) {
+ return PR_FALSE;
+ }
+ return addr && ((certDBEntryType)addr[1] == certDBEntryTypeBlob);
+}
+
+/*
+ * extract the filename in the blob of the real data set.
+ * This value is not malloced (does not need to be freed by the caller.
+ */
+static const char *
+dbs_getBlobFileName(DBT *blobData)
+{
+ char *addr = (char *)blobData->data;
+
+ return &addr[BLOB_NAME_START];
+}
+
+/*
+ * extract the size of the actual blob from the blob record
+ */
+static PRUint32
+dbs_getBlobSize(DBT *blobData)
+{
+ unsigned char *addr = (unsigned char *)blobData->data;
+
+ return (PRUint32)(addr[BLOB_LENGTH_START + 3] << 24) |
+ (addr[BLOB_LENGTH_START + 2] << 16) |
+ (addr[BLOB_LENGTH_START + 1] << 8) |
+ addr[BLOB_LENGTH_START];
+}
+
+/* We are using base64 data for the filename, but base64 data can include a
+ * '/' which is interpreted as a path separator on many platforms. Replace it
+ * with an inocuous '-'. We don't need to convert back because we never actual
+ * decode the filename.
+ */
+
+static void
+dbs_replaceSlash(char *cp, int len)
+{
+ while (len--) {
+ if (*cp == '/')
+ *cp = '-';
+ cp++;
+ }
+}
+
+/*
+ * create a blob record from a key, data and return it in blobData.
+ * NOTE: The data element is static data (keeping with the dbm model).
+ */
+static void
+dbs_mkBlob(DBS *dbsp, const DBT *key, const DBT *data, DBT *blobData)
+{
+ unsigned char sha1_data[SHA1_LENGTH];
+ char *b = dbsp->staticBlobArea;
+ PRUint32 length = data->size;
+ SECItem sha1Item;
+
+ b[0] = CERT_DB_FILE_VERSION; /* certdb version number */
+ b[1] = (char)certDBEntryTypeBlob; /* type */
+ b[2] = 0; /* flags */
+ b[3] = 0; /* reserved */
+ b[BLOB_LENGTH_START] = length & 0xff;
+ b[BLOB_LENGTH_START + 1] = (length >> 8) & 0xff;
+ b[BLOB_LENGTH_START + 2] = (length >> 16) & 0xff;
+ b[BLOB_LENGTH_START + 3] = (length >> 24) & 0xff;
+ sha1Item.data = sha1_data;
+ sha1Item.len = SHA1_LENGTH;
+ SHA1_HashBuf(sha1_data, key->data, key->size);
+ b[BLOB_NAME_START] = 'b'; /* Make sure we start with a alpha */
+ NSSBase64_EncodeItem(NULL, &b[BLOB_NAME_START + 1], BLOB_NAME_LEN - 1, &sha1Item);
+ b[BLOB_BUF_LEN - 1] = 0;
+ dbs_replaceSlash(&b[BLOB_NAME_START + 1], BLOB_NAME_LEN - 1);
+ blobData->data = b;
+ blobData->size = BLOB_BUF_LEN;
+ return;
+}
+
+/*
+ * construct a path to the actual blob. The string returned must be
+ * freed by the caller with PR_smprintf_free.
+ *
+ * Note: this file does lots of consistancy checks on the DBT. The
+ * routines that call this depend on these checks, so they don't worry
+ * about them (success of this routine implies a good blobdata record).
+ */
+static char *
+dbs_getBlobFilePath(char *blobdir, DBT *blobData)
+{
+ const char *name;
+
+ if (blobdir == NULL) {
+ PR_SetError(SEC_ERROR_BAD_DATABASE, 0);
+ return NULL;
+ }
+ if (!dbs_IsBlob(blobData)) {
+ PR_SetError(SEC_ERROR_BAD_DATABASE, 0);
+ return NULL;
+ }
+ name = dbs_getBlobFileName(blobData);
+ if (!name || *name == 0) {
+ PR_SetError(SEC_ERROR_BAD_DATABASE, 0);
+ return NULL;
+ }
+ return PR_smprintf("%s" PATH_SEPARATOR "%s", blobdir, name);
+}
+
+/*
+ * Delete a blob file pointed to by the blob record.
+ */
+static void
+dbs_removeBlob(DBS *dbsp, DBT *blobData)
+{
+ char *file;
+
+ file = dbs_getBlobFilePath(dbsp->blobdir, blobData);
+ if (!file) {
+ return;
+ }
+ PR_Delete(file);
+ PR_smprintf_free(file);
+}
+
+/*
+ * Directory modes are slightly different, the 'x' bit needs to be on to
+ * access them. Copy all the read bits to 'x' bits
+ */
+static int
+dbs_DirMode(int mode)
+{
+ int x_bits = (mode >> 2) & 0111;
+ return mode | x_bits;
+}
+
+/*
+ * write a data blob to it's file. blobdData is the blob record that will be
+ * stored in the database. data is the actual data to go out on disk.
+ */
+static int
+dbs_writeBlob(DBS *dbsp, int mode, DBT *blobData, const DBT *data)
+{
+ char *file = NULL;
+ PRFileDesc *filed;
+ PRStatus status;
+ int len;
+ int error = 0;
+
+ file = dbs_getBlobFilePath(dbsp->blobdir, blobData);
+ if (!file) {
+ goto loser;
+ }
+ if (PR_Access(dbsp->blobdir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
+ status = PR_MkDir(dbsp->blobdir, dbs_DirMode(mode));
+ if (status != PR_SUCCESS) {
+ goto loser;
+ }
+ }
+ filed = PR_OpenFile(file, PR_CREATE_FILE | PR_TRUNCATE | PR_WRONLY, mode);
+ if (filed == NULL) {
+ error = PR_GetError();
+ goto loser;
+ }
+ len = PR_Write(filed, data->data, data->size);
+ error = PR_GetError();
+ PR_Close(filed);
+ if (len < (int)data->size) {
+ goto loser;
+ }
+ PR_smprintf_free(file);
+ return 0;
+
+loser:
+ if (file) {
+ PR_Delete(file);
+ PR_smprintf_free(file);
+ }
+ /* don't let close or delete reset the error */
+ PR_SetError(error, 0);
+ return -1;
+}
+
+/*
+ * we need to keep a address map in memory between calls to DBM.
+ * remember what we have mapped can close it when we get another dbm
+ * call.
+ *
+ * NOTE: Not all platforms support mapped files. This code is designed to
+ * detect this at runtime. If map files aren't supported the OS will indicate
+ * this by failing the PR_Memmap call. In this case we emulate mapped files
+ * by just reading in the file into regular memory. We signal this state by
+ * making dbs_mapfile NULL and dbs_addr non-NULL.
+ */
+
+static void
+dbs_freemap(DBS *dbsp)
+{
+ if (dbsp->dbs_mapfile) {
+ PR_MemUnmap(dbsp->dbs_addr, dbsp->dbs_len);
+ PR_CloseFileMap(dbsp->dbs_mapfile);
+ dbsp->dbs_mapfile = NULL;
+ dbsp->dbs_addr = NULL;
+ dbsp->dbs_len = 0;
+ } else if (dbsp->dbs_addr) {
+ PORT_Free(dbsp->dbs_addr);
+ dbsp->dbs_addr = NULL;
+ dbsp->dbs_len = 0;
+ }
+ return;
+}
+
+static void
+dbs_setmap(DBS *dbsp, PRFileMap *mapfile, unsigned char *addr, PRUint32 len)
+{
+ dbsp->dbs_mapfile = mapfile;
+ dbsp->dbs_addr = addr;
+ dbsp->dbs_len = len;
+}
+
+/*
+ * platforms that cannot map the file need to read it into a temp buffer.
+ */
+static unsigned char *
+dbs_EmulateMap(PRFileDesc *filed, int len)
+{
+ unsigned char *addr;
+ PRInt32 dataRead;
+
+ addr = PORT_Alloc(len);
+ if (addr == NULL) {
+ return NULL;
+ }
+
+ dataRead = PR_Read(filed, addr, len);
+ if (dataRead != len) {
+ PORT_Free(addr);
+ if (dataRead > 0) {
+ /* PR_Read didn't set an error, we need to */
+ PR_SetError(SEC_ERROR_BAD_DATABASE, 0);
+ }
+ return NULL;
+ }
+
+ return addr;
+}
+
+/*
+ * pull a database record off the disk
+ * data points to the blob record on input and the real record (if we could
+ * read it) on output. if there is an error data is not modified.
+ */
+static int
+dbs_readBlob(DBS *dbsp, DBT *data)
+{
+ char *file = NULL;
+ PRFileDesc *filed = NULL;
+ PRFileMap *mapfile = NULL;
+ unsigned char *addr = NULL;
+ int error;
+ int len = -1;
+
+ file = dbs_getBlobFilePath(dbsp->blobdir, data);
+ if (!file) {
+ goto loser;
+ }
+ filed = PR_OpenFile(file, PR_RDONLY, 0);
+ PR_smprintf_free(file);
+ file = NULL;
+ if (filed == NULL) {
+ goto loser;
+ }
+
+ len = dbs_getBlobSize(data);
+ /* Bug 1323150
+ * PR_MemMap fails on Windows for larger certificates.
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/aa366761(v=vs.85).aspx
+ * Let's always use the emulated map, i.e. read the file.
+ */
+ addr = dbs_EmulateMap(filed, len);
+ if (addr == NULL) {
+ goto loser;
+ }
+ PR_Close(filed);
+ dbs_setmap(dbsp, mapfile, addr, len);
+
+ data->data = addr;
+ data->size = len;
+ return 0;
+
+loser:
+ /* preserve the error code */
+ error = PR_GetError();
+ if (mapfile) {
+ PR_CloseFileMap(mapfile);
+ }
+ if (filed) {
+ PR_Close(filed);
+ }
+ PR_SetError(error, 0);
+ return -1;
+}
+
+/*
+ * actual DBM shims
+ */
+static int
+dbs_get(const DB *dbs, const DBT *key, DBT *data, unsigned int flags)
+{
+ int ret;
+ DBS *dbsp = (DBS *)dbs;
+ DB *db = (DB *)dbs->internal;
+
+ dbs_freemap(dbsp);
+
+ ret = (*db->get)(db, key, data, flags);
+ if ((ret == 0) && dbs_IsBlob(data)) {
+ ret = dbs_readBlob(dbsp, data);
+ }
+
+ return (ret);
+}
+
+static int
+dbs_put(const DB *dbs, DBT *key, const DBT *data, unsigned int flags)
+{
+ DBT blob;
+ int ret = 0;
+ DBS *dbsp = (DBS *)dbs;
+ DB *db = (DB *)dbs->internal;
+
+ dbs_freemap(dbsp);
+
+ /* If the db is readonly, just pass the data down to rdb and let it fail */
+ if (!dbsp->readOnly) {
+ DBT oldData;
+ int ret1;
+
+ /* make sure the current record is deleted if it's a blob */
+ ret1 = (*db->get)(db, key, &oldData, 0);
+ if ((ret1 == 0) && flags == R_NOOVERWRITE) {
+ /* let DBM return the error to maintain consistancy */
+ return (*db->put)(db, key, data, flags);
+ }
+ if ((ret1 == 0) && dbs_IsBlob(&oldData)) {
+ dbs_removeBlob(dbsp, &oldData);
+ }
+
+ if (data->size > DBS_MAX_ENTRY_SIZE) {
+ dbs_mkBlob(dbsp, key, data, &blob);
+ ret = dbs_writeBlob(dbsp, dbsp->mode, &blob, data);
+ data = &blob;
+ }
+ }
+
+ if (ret == 0) {
+ ret = (*db->put)(db, key, data, flags);
+ }
+ return (ret);
+}
+
+static int
+dbs_sync(const DB *dbs, unsigned int flags)
+{
+ DB *db = (DB *)dbs->internal;
+ DBS *dbsp = (DBS *)dbs;
+
+ dbs_freemap(dbsp);
+
+ return (*db->sync)(db, flags);
+}
+
+static int
+dbs_del(const DB *dbs, const DBT *key, unsigned int flags)
+{
+ int ret;
+ DBS *dbsp = (DBS *)dbs;
+ DB *db = (DB *)dbs->internal;
+
+ dbs_freemap(dbsp);
+
+ if (!dbsp->readOnly) {
+ DBT oldData;
+ ret = (*db->get)(db, key, &oldData, 0);
+ if ((ret == 0) && dbs_IsBlob(&oldData)) {
+ dbs_removeBlob(dbsp, &oldData);
+ }
+ }
+
+ return (*db->del)(db, key, flags);
+}
+
+static int
+dbs_seq(const DB *dbs, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret;
+ DBS *dbsp = (DBS *)dbs;
+ DB *db = (DB *)dbs->internal;
+
+ dbs_freemap(dbsp);
+
+ ret = (*db->seq)(db, key, data, flags);
+ if ((ret == 0) && dbs_IsBlob(data)) {
+ /* don't return a blob read as an error so traversals keep going */
+ (void)dbs_readBlob(dbsp, data);
+ }
+
+ return (ret);
+}
+
+static int
+dbs_close(DB *dbs)
+{
+ DBS *dbsp = (DBS *)dbs;
+ DB *db = (DB *)dbs->internal;
+ int ret;
+
+ dbs_freemap(dbsp);
+ ret = (*db->close)(db);
+ PORT_Free(dbsp->blobdir);
+ PORT_Free(dbsp);
+ return ret;
+}
+
+static int
+dbs_fd(const DB *dbs)
+{
+ DB *db = (DB *)dbs->internal;
+
+ return (*db->fd)(db);
+}
+
+/*
+ * the naming convention we use is
+ * change the .xxx into .dir. (for nss it's always .db);
+ * if no .extension exists or is equal to .dir, add a .dir
+ * the returned data must be freed.
+ */
+#define DIRSUFFIX ".dir"
+static char *
+dbs_mkBlobDirName(const char *dbname)
+{
+ int dbname_len = PORT_Strlen(dbname);
+ int dbname_end = dbname_len;
+ const char *cp;
+ char *blobDir = NULL;
+
+ /* scan back from the end looking for either a directory separator, a '.',
+ * or the end of the string. NOTE: Windows should check for both separators
+ * here. For now this is safe because we know NSS always uses a '.'
+ */
+ for (cp = &dbname[dbname_len];
+ (cp > dbname) && (*cp != '.') && (*cp != *PATH_SEPARATOR);
+ cp--)
+ /* Empty */;
+ if (*cp == '.') {
+ dbname_end = cp - dbname;
+ if (PORT_Strcmp(cp, DIRSUFFIX) == 0) {
+ dbname_end = dbname_len;
+ }
+ }
+ blobDir = PORT_ZAlloc(dbname_end + sizeof(DIRSUFFIX));
+ if (blobDir == NULL) {
+ return NULL;
+ }
+ PORT_Memcpy(blobDir, dbname, dbname_end);
+ PORT_Memcpy(&blobDir[dbname_end], DIRSUFFIX, sizeof(DIRSUFFIX));
+ return blobDir;
+}
+
+#define DBM_DEFAULT 0
+static const HASHINFO dbs_hashInfo = {
+ DBS_BLOCK_SIZE, /* bucket size, must be greater than = to
+ * or maximum entry size (+ header)
+ * we allow before blobing */
+ DBM_DEFAULT, /* Fill Factor */
+ DBM_DEFAULT, /* number of elements */
+ DBS_CACHE_SIZE, /* cache size */
+ DBM_DEFAULT, /* hash function */
+ DBM_DEFAULT, /* byte order */
+};
+
+/*
+ * the open function. NOTE: this is the only exposed function in this file.
+ * everything else is called through the function table pointer.
+ */
+DB *
+dbsopen(const char *dbname, int flags, int mode, DBTYPE type,
+ const void *userData)
+{
+ DB *db = NULL, *dbs = NULL;
+ DBS *dbsp = NULL;
+
+ /* NOTE: we are overriding userData with dbs_hashInfo. since all known
+ * callers pass 0, this is ok, otherwise we should merge the two */
+
+ dbsp = (DBS *)PORT_ZAlloc(sizeof(DBS));
+ if (!dbsp) {
+ return NULL;
+ }
+ dbs = &dbsp->db;
+
+ dbsp->blobdir = dbs_mkBlobDirName(dbname);
+ if (dbsp->blobdir == NULL) {
+ goto loser;
+ }
+ dbsp->mode = mode;
+ dbsp->readOnly = (PRBool)(flags == NO_RDONLY);
+ dbsp->dbs_mapfile = NULL;
+ dbsp->dbs_addr = NULL;
+ dbsp->dbs_len = 0;
+
+ /* the real dbm call */
+ db = dbopen(dbname, flags, mode, type, &dbs_hashInfo);
+ if (db == NULL) {
+ goto loser;
+ }
+ dbs->internal = (void *)db;
+ dbs->type = type;
+ dbs->close = dbs_close;
+ dbs->get = dbs_get;
+ dbs->del = dbs_del;
+ dbs->put = dbs_put;
+ dbs->seq = dbs_seq;
+ dbs->sync = dbs_sync;
+ dbs->fd = dbs_fd;
+
+ return dbs;
+loser:
+ if (db) {
+ (*db->close)(db);
+ }
+ if (dbsp->blobdir) {
+ PORT_Free(dbsp->blobdir);
+ }
+ PORT_Free(dbsp);
+ return NULL;
+}
diff --git a/security/nss/lib/softoken/legacydb/keydb.c b/security/nss/lib/softoken/legacydb/keydb.c
new file mode 100644
index 000000000..178e333ec
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/keydb.c
@@ -0,0 +1,2250 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "lowkeyi.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "secoid.h"
+#include "blapi.h"
+#include "secitem.h"
+#include "pcert.h"
+#include "mcom_db.h"
+#include "secerr.h"
+
+#include "keydbi.h"
+#include "lgdb.h"
+
+/*
+ * Record keys for keydb
+ */
+#define SALT_STRING "global-salt"
+#define VERSION_STRING "Version"
+#define KEYDB_PW_CHECK_STRING "password-check"
+#define KEYDB_PW_CHECK_LEN 14
+#define KEYDB_FAKE_PW_CHECK_STRING "fake-password-check"
+#define KEYDB_FAKE_PW_CHECK_LEN 19
+
+/* Size of the global salt for key database */
+#define SALT_LENGTH 16
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSLOWKEYEncryptedPrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSLOWKEYEncryptedPrivateKeyInfo, encryptedData) },
+ { 0 }
+};
+
+const SEC_ASN1Template nsslowkey_PointerToEncryptedPrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_POINTER, 0, nsslowkey_EncryptedPrivateKeyInfoTemplate }
+};
+
+/* ====== Default key databse encryption algorithm ====== */
+static void
+sec_destroy_dbkey(NSSLOWKEYDBKey *dbkey)
+{
+ if (dbkey && dbkey->arena) {
+ PORT_FreeArena(dbkey->arena, PR_FALSE);
+ }
+}
+
+static void
+free_dbt(DBT *dbt)
+{
+ if (dbt) {
+ PORT_Free(dbt->data);
+ PORT_Free(dbt);
+ }
+
+ return;
+}
+
+static int keydb_Get(NSSLOWKEYDBHandle *db, DBT *key, DBT *data,
+ unsigned int flags);
+static int keydb_Put(NSSLOWKEYDBHandle *db, DBT *key, DBT *data,
+ unsigned int flags);
+static int keydb_Sync(NSSLOWKEYDBHandle *db, unsigned int flags);
+static int keydb_Del(NSSLOWKEYDBHandle *db, DBT *key, unsigned int flags);
+static int keydb_Seq(NSSLOWKEYDBHandle *db, DBT *key, DBT *data,
+ unsigned int flags);
+static void keydb_Close(NSSLOWKEYDBHandle *db);
+
+/*
+ * format of key database entries for version 3 of database:
+ * byte offset field
+ * ----------- -----
+ * 0 version
+ * 1 salt-len
+ * 2 nn-len
+ * 3.. salt-data
+ * ... nickname
+ * ... encrypted-key-data
+ */
+static DBT *
+encode_dbkey(NSSLOWKEYDBKey *dbkey, unsigned char version)
+{
+ DBT *bufitem = NULL;
+ unsigned char *buf;
+ int nnlen;
+ char *nn;
+
+ bufitem = (DBT *)PORT_ZAlloc(sizeof(DBT));
+ if (bufitem == NULL) {
+ goto loser;
+ }
+
+ if (dbkey->nickname) {
+ nn = dbkey->nickname;
+ nnlen = PORT_Strlen(nn) + 1;
+ } else {
+ nn = "";
+ nnlen = 1;
+ }
+
+ /* compute the length of the record */
+ /* 1 + 1 + 1 == version number header + salt length + nn len */
+ bufitem->size = dbkey->salt.len + nnlen + dbkey->derPK.len + 1 + 1 + 1;
+
+ bufitem->data = (void *)PORT_ZAlloc(bufitem->size);
+ if (bufitem->data == NULL) {
+ goto loser;
+ }
+
+ buf = (unsigned char *)bufitem->data;
+
+ /* set version number */
+ buf[0] = version;
+
+ /* set length of salt */
+ PORT_Assert(dbkey->salt.len < 256);
+ buf[1] = dbkey->salt.len;
+
+ /* set length of nickname */
+ PORT_Assert(nnlen < 256);
+ buf[2] = nnlen;
+
+ /* copy salt */
+ if (dbkey->salt.len > 0) {
+ PORT_Memcpy(&buf[3], dbkey->salt.data, dbkey->salt.len);
+ }
+
+ /* copy nickname */
+ PORT_Memcpy(&buf[3 + dbkey->salt.len], nn, nnlen);
+
+ /* copy encrypted key */
+ PORT_Memcpy(&buf[3 + dbkey->salt.len + nnlen], dbkey->derPK.data,
+ dbkey->derPK.len);
+
+ return (bufitem);
+
+loser:
+ if (bufitem) {
+ free_dbt(bufitem);
+ }
+
+ return (NULL);
+}
+
+static NSSLOWKEYDBKey *
+decode_dbkey(DBT *bufitem, int expectedVersion)
+{
+ NSSLOWKEYDBKey *dbkey;
+ PLArenaPool *arena = NULL;
+ unsigned char *buf;
+ int version;
+ int keyoff;
+ int nnlen;
+ int saltoff;
+
+ buf = (unsigned char *)bufitem->data;
+
+ version = buf[0];
+
+ if (version != expectedVersion) {
+ goto loser;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
+ if (dbkey == NULL) {
+ goto loser;
+ }
+
+ dbkey->arena = arena;
+ dbkey->salt.data = NULL;
+ dbkey->derPK.data = NULL;
+
+ dbkey->salt.len = buf[1];
+ dbkey->salt.data = (unsigned char *)PORT_ArenaZAlloc(arena, dbkey->salt.len);
+ if (dbkey->salt.data == NULL) {
+ goto loser;
+ }
+
+ saltoff = 2;
+ keyoff = 2 + dbkey->salt.len;
+
+ if (expectedVersion >= 3) {
+ nnlen = buf[2];
+ if (nnlen) {
+ dbkey->nickname = (char *)PORT_ArenaZAlloc(arena, nnlen + 1);
+ if (dbkey->nickname) {
+ PORT_Memcpy(dbkey->nickname, &buf[keyoff + 1], nnlen);
+ }
+ }
+ keyoff += (nnlen + 1);
+ saltoff = 3;
+ }
+
+ PORT_Memcpy(dbkey->salt.data, &buf[saltoff], dbkey->salt.len);
+
+ dbkey->derPK.len = bufitem->size - keyoff;
+ dbkey->derPK.data = (unsigned char *)PORT_ArenaZAlloc(arena, dbkey->derPK.len);
+ if (dbkey->derPK.data == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(dbkey->derPK.data, &buf[keyoff], dbkey->derPK.len);
+
+ return (dbkey);
+
+loser:
+
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+static NSSLOWKEYDBKey *
+get_dbkey(NSSLOWKEYDBHandle *handle, DBT *index)
+{
+ NSSLOWKEYDBKey *dbkey;
+ DBT entry;
+ int ret;
+
+ /* get it from the database */
+ ret = keydb_Get(handle, index, &entry, 0);
+ if (ret) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return NULL;
+ }
+
+ /* set up dbkey struct */
+
+ dbkey = decode_dbkey(&entry, handle->version);
+
+ return (dbkey);
+}
+
+static SECStatus
+put_dbkey(NSSLOWKEYDBHandle *handle, DBT *index, NSSLOWKEYDBKey *dbkey, PRBool update)
+{
+ DBT *keydata = NULL;
+ int status;
+
+ keydata = encode_dbkey(dbkey, handle->version);
+ if (keydata == NULL) {
+ goto loser;
+ }
+
+ /* put it in the database */
+ if (update) {
+ status = keydb_Put(handle, index, keydata, 0);
+ } else {
+ status = keydb_Put(handle, index, keydata, R_NOOVERWRITE);
+ }
+
+ if (status) {
+ goto loser;
+ }
+
+ /* sync the database */
+ status = keydb_Sync(handle, 0);
+ if (status) {
+ goto loser;
+ }
+
+ free_dbt(keydata);
+ return (SECSuccess);
+
+loser:
+ if (keydata) {
+ free_dbt(keydata);
+ }
+
+ return (SECFailure);
+}
+
+SECStatus
+nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle,
+ SECStatus (*keyfunc)(DBT *k, DBT *d, void *pdata),
+ void *udata)
+{
+ DBT data;
+ DBT key;
+ SECStatus status;
+ int ret;
+
+ if (handle == NULL) {
+ return (SECFailure);
+ }
+
+ ret = keydb_Seq(handle, &key, &data, R_FIRST);
+ if (ret) {
+ return (SECFailure);
+ }
+
+ do {
+ /* skip version record */
+ if (data.size > 1) {
+ if (key.size == (sizeof(SALT_STRING) - 1)) {
+ if (PORT_Memcmp(key.data, SALT_STRING, key.size) == 0) {
+ continue;
+ }
+ }
+
+ /* skip password check */
+ if (key.size == KEYDB_PW_CHECK_LEN) {
+ if (PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
+ KEYDB_PW_CHECK_LEN) == 0) {
+ continue;
+ }
+ }
+
+ status = (*keyfunc)(&key, &data, udata);
+ if (status != SECSuccess) {
+ return (status);
+ }
+ }
+ } while (keydb_Seq(handle, &key, &data, R_NEXT) == 0);
+
+ return (SECSuccess);
+}
+
+#ifdef notdef
+typedef struct keyNode {
+ struct keyNode *next;
+ DBT key;
+} keyNode;
+
+typedef struct {
+ PLArenaPool *arena;
+ keyNode *head;
+} keyList;
+
+static SECStatus
+sec_add_key_to_list(DBT *key, DBT *data, void *arg)
+{
+ keyList *keylist;
+ keyNode *node;
+ void *keydata;
+
+ keylist = (keyList *)arg;
+
+ /* allocate the node struct */
+ node = (keyNode *)PORT_ArenaZAlloc(keylist->arena, sizeof(keyNode));
+ if (node == NULL) {
+ return (SECFailure);
+ }
+
+ /* allocate room for key data */
+ keydata = PORT_ArenaZAlloc(keylist->arena, key->size);
+ if (keydata == NULL) {
+ return (SECFailure);
+ }
+
+ /* link node into list */
+ node->next = keylist->head;
+ keylist->head = node;
+
+ /* copy key into node */
+ PORT_Memcpy(keydata, key->data, key->size);
+ node->key.size = key->size;
+ node->key.data = keydata;
+
+ return (SECSuccess);
+}
+#endif
+
+static SECItem *
+decodeKeyDBGlobalSalt(DBT *saltData)
+{
+ SECItem *saltitem;
+
+ saltitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (saltitem == NULL) {
+ return (NULL);
+ }
+
+ saltitem->data = (unsigned char *)PORT_ZAlloc(saltData->size);
+ if (saltitem->data == NULL) {
+ PORT_Free(saltitem);
+ return (NULL);
+ }
+
+ saltitem->len = saltData->size;
+ PORT_Memcpy(saltitem->data, saltData->data, saltitem->len);
+
+ return (saltitem);
+}
+
+static SECItem *
+GetKeyDBGlobalSalt(NSSLOWKEYDBHandle *handle)
+{
+ DBT saltKey;
+ DBT saltData;
+ int ret;
+
+ saltKey.data = SALT_STRING;
+ saltKey.size = sizeof(SALT_STRING) - 1;
+
+ ret = keydb_Get(handle, &saltKey, &saltData, 0);
+ if (ret) {
+ return (NULL);
+ }
+
+ return (decodeKeyDBGlobalSalt(&saltData));
+}
+
+static SECStatus
+StoreKeyDBGlobalSalt(NSSLOWKEYDBHandle *handle, SECItem *salt)
+{
+ DBT saltKey;
+ DBT saltData;
+ int status;
+
+ saltKey.data = SALT_STRING;
+ saltKey.size = sizeof(SALT_STRING) - 1;
+
+ saltData.data = (void *)salt->data;
+ saltData.size = salt->len;
+
+ /* put global salt into the database now */
+ status = keydb_Put(handle, &saltKey, &saltData, 0);
+ if (status) {
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+makeGlobalVersion(NSSLOWKEYDBHandle *handle)
+{
+ unsigned char version;
+ DBT versionData;
+ DBT versionKey;
+ int status;
+
+ version = NSSLOWKEY_DB_FILE_VERSION;
+ versionData.data = &version;
+ versionData.size = 1;
+ versionKey.data = VERSION_STRING;
+ versionKey.size = sizeof(VERSION_STRING) - 1;
+
+ /* put version string into the database now */
+ status = keydb_Put(handle, &versionKey, &versionData, 0);
+ if (status) {
+ return (SECFailure);
+ }
+ handle->version = version;
+
+ return (SECSuccess);
+}
+
+static SECStatus
+makeGlobalSalt(NSSLOWKEYDBHandle *handle)
+{
+ DBT saltKey;
+ DBT saltData;
+ unsigned char saltbuf[16];
+ int status;
+
+ saltKey.data = SALT_STRING;
+ saltKey.size = sizeof(SALT_STRING) - 1;
+
+ saltData.data = (void *)saltbuf;
+ saltData.size = sizeof(saltbuf);
+ RNG_GenerateGlobalRandomBytes(saltbuf, sizeof(saltbuf));
+
+ /* put global salt into the database now */
+ status = keydb_Put(handle, &saltKey, &saltData, 0);
+ if (status) {
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
+ SECItem *encCheck);
+
+static unsigned char
+nsslowkey_version(NSSLOWKEYDBHandle *handle)
+{
+ DBT versionKey;
+ DBT versionData;
+ int ret;
+ versionKey.data = VERSION_STRING;
+ versionKey.size = sizeof(VERSION_STRING) - 1;
+
+ if (handle->db == NULL) {
+ return 255;
+ }
+
+ /* lookup version string in database */
+ ret = keydb_Get(handle, &versionKey, &versionData, 0);
+
+ /* error accessing the database */
+ if (ret < 0) {
+ return 255;
+ }
+
+ if (ret >= 1) {
+ return 0;
+ }
+ return *((unsigned char *)versionData.data);
+}
+
+static PRBool
+seckey_HasAServerKey(NSSLOWKEYDBHandle *handle)
+{
+ DBT key;
+ DBT data;
+ int ret;
+ PRBool found = PR_FALSE;
+
+ ret = keydb_Seq(handle, &key, &data, R_FIRST);
+ if (ret) {
+ return PR_FALSE;
+ }
+
+ do {
+ /* skip version record */
+ if (data.size > 1) {
+ /* skip salt */
+ if (key.size == (sizeof(SALT_STRING) - 1)) {
+ if (PORT_Memcmp(key.data, SALT_STRING, key.size) == 0) {
+ continue;
+ }
+ }
+ /* skip pw check entry */
+ if (key.size == KEYDB_PW_CHECK_LEN) {
+ if (PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
+ KEYDB_PW_CHECK_LEN) == 0) {
+ continue;
+ }
+ }
+
+ /* keys stored by nickname will have 0 as the last byte of the
+ * db key. Other keys must be stored by modulus. We will not
+ * update those because they are left over from a keygen that
+ * never resulted in a cert.
+ */
+ if (((unsigned char *)key.data)[key.size - 1] != 0) {
+ continue;
+ }
+
+ if (PORT_Strcmp(key.data, "Server-Key") == 0) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+ } while (keydb_Seq(handle, &key, &data, R_NEXT) == 0);
+
+ return found;
+}
+
+/* forward declare local create function */
+static NSSLOWKEYDBHandle *nsslowkey_NewHandle(DB *dbHandle);
+
+/*
+ * currently updates key database from v2 to v3
+ */
+static SECStatus
+nsslowkey_UpdateKeyDBPass1(NSSLOWKEYDBHandle *handle)
+{
+ SECStatus rv;
+ DBT checkKey;
+ DBT checkData;
+ DBT saltKey;
+ DBT saltData;
+ DBT key;
+ DBT data;
+ unsigned char version;
+ NSSLOWKEYDBKey *dbkey = NULL;
+ NSSLOWKEYDBHandle *update = NULL;
+ SECItem *oldSalt = NULL;
+ int ret;
+ SECItem checkitem;
+
+ if (handle->updatedb == NULL) {
+ return SECSuccess;
+ }
+
+ /* create a full DB Handle for our update so we
+ * can use the correct locks for the db primatives */
+ update = nsslowkey_NewHandle(handle->updatedb);
+ if (update == NULL) {
+ return SECSuccess;
+ }
+
+ /* update has now inherited the database handle */
+ handle->updatedb = NULL;
+
+ /*
+ * check the version record
+ */
+ version = nsslowkey_version(update);
+ if (version != 2) {
+ goto done;
+ }
+
+ saltKey.data = SALT_STRING;
+ saltKey.size = sizeof(SALT_STRING) - 1;
+
+ ret = keydb_Get(update, &saltKey, &saltData, 0);
+ if (ret) {
+ /* no salt in old db, so it is corrupted */
+ goto done;
+ }
+
+ oldSalt = decodeKeyDBGlobalSalt(&saltData);
+ if (oldSalt == NULL) {
+ /* bad salt in old db, so it is corrupted */
+ goto done;
+ }
+
+ /*
+ * look for a pw check entry
+ */
+ checkKey.data = KEYDB_PW_CHECK_STRING;
+ checkKey.size = KEYDB_PW_CHECK_LEN;
+
+ ret = keydb_Get(update, &checkKey, &checkData, 0);
+ if (ret) {
+ /*
+ * if we have a key, but no KEYDB_PW_CHECK_STRING, then this must
+ * be an old server database, and it does have a password associated
+ * with it. Put a fake entry in so we can identify this db when we do
+ * get the password for it.
+ */
+ if (seckey_HasAServerKey(update)) {
+ DBT fcheckKey;
+ DBT fcheckData;
+
+ /*
+ * include a fake string
+ */
+ fcheckKey.data = KEYDB_FAKE_PW_CHECK_STRING;
+ fcheckKey.size = KEYDB_FAKE_PW_CHECK_LEN;
+ fcheckData.data = "1";
+ fcheckData.size = 1;
+ /* put global salt into the new database now */
+ ret = keydb_Put(handle, &saltKey, &saltData, 0);
+ if (ret) {
+ goto done;
+ }
+ ret = keydb_Put(handle, &fcheckKey, &fcheckData, 0);
+ if (ret) {
+ goto done;
+ }
+ } else {
+ goto done;
+ }
+ } else {
+ /* put global salt into the new database now */
+ ret = keydb_Put(handle, &saltKey, &saltData, 0);
+ if (ret) {
+ goto done;
+ }
+
+ dbkey = decode_dbkey(&checkData, 2);
+ if (dbkey == NULL) {
+ goto done;
+ }
+ checkitem = dbkey->derPK;
+ dbkey->derPK.data = NULL;
+
+ /* format the new pw check entry */
+ rv = encodePWCheckEntry(NULL, &dbkey->derPK, SEC_OID_RC4, &checkitem);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ rv = put_dbkey(handle, &checkKey, dbkey, PR_TRUE);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* free the dbkey */
+ sec_destroy_dbkey(dbkey);
+ dbkey = NULL;
+ }
+
+ /* now traverse the database */
+ ret = keydb_Seq(update, &key, &data, R_FIRST);
+ if (ret) {
+ goto done;
+ }
+
+ do {
+ /* skip version record */
+ if (data.size > 1) {
+ /* skip salt */
+ if (key.size == (sizeof(SALT_STRING) - 1)) {
+ if (PORT_Memcmp(key.data, SALT_STRING, key.size) == 0) {
+ continue;
+ }
+ }
+ /* skip pw check entry */
+ if (key.size == checkKey.size) {
+ if (PORT_Memcmp(key.data, checkKey.data, key.size) == 0) {
+ continue;
+ }
+ }
+
+ /* keys stored by nickname will have 0 as the last byte of the
+ * db key. Other keys must be stored by modulus. We will not
+ * update those because they are left over from a keygen that
+ * never resulted in a cert.
+ */
+ if (((unsigned char *)key.data)[key.size - 1] != 0) {
+ continue;
+ }
+
+ dbkey = decode_dbkey(&data, 2);
+ if (dbkey == NULL) {
+ continue;
+ }
+
+ /* This puts the key into the new database with the same
+ * index (nickname) that it had before. The second pass
+ * of the update will have the password. It will decrypt
+ * and re-encrypt the entries using a new algorithm.
+ */
+ dbkey->nickname = (char *)key.data;
+ rv = put_dbkey(handle, &key, dbkey, PR_FALSE);
+ dbkey->nickname = NULL;
+
+ sec_destroy_dbkey(dbkey);
+ }
+ } while (keydb_Seq(update, &key, &data, R_NEXT) == 0);
+
+ dbkey = NULL;
+
+done:
+ /* sync the database */
+ ret = keydb_Sync(handle, 0);
+
+ nsslowkey_CloseKeyDB(update);
+
+ if (oldSalt) {
+ SECITEM_FreeItem(oldSalt, PR_TRUE);
+ }
+
+ if (dbkey) {
+ sec_destroy_dbkey(dbkey);
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+openNewDB(const char *appName, const char *prefix, const char *dbname,
+ NSSLOWKEYDBHandle *handle, NSSLOWKEYDBNameFunc namecb, void *cbarg)
+{
+ SECStatus rv = SECFailure;
+ int status = RDB_FAIL;
+ char *updname = NULL;
+ DB *updatedb = NULL;
+ PRBool updated = PR_FALSE;
+ int ret;
+
+ if (appName) {
+ handle->db = rdbopen(appName, prefix, "key", NO_CREATE, &status);
+ } else {
+ handle->db = dbopen(dbname, NO_CREATE, 0600, DB_HASH, 0);
+ }
+ /* if create fails then we lose */
+ if (handle->db == NULL) {
+ return (status == RDB_RETRY) ? SECWouldBlock : SECFailure;
+ }
+
+ /* force a transactional read, which will verify that one and only one
+ * process attempts the update. */
+ if (nsslowkey_version(handle) == NSSLOWKEY_DB_FILE_VERSION) {
+ /* someone else has already updated the database for us */
+ db_InitComplete(handle->db);
+ return SECSuccess;
+ }
+
+ /*
+ * if we are creating a multiaccess database, see if there is a
+ * local database we can update from.
+ */
+ if (appName) {
+ NSSLOWKEYDBHandle *updateHandle;
+ updatedb = dbopen(dbname, NO_RDONLY, 0600, DB_HASH, 0);
+ if (!updatedb) {
+ goto noupdate;
+ }
+
+ /* nsslowkey_version needs a full handle because it calls
+ * the kdb_Get() function, which needs to lock.
+ */
+ updateHandle = nsslowkey_NewHandle(updatedb);
+ if (!updateHandle) {
+ updatedb->close(updatedb);
+ goto noupdate;
+ }
+
+ handle->version = nsslowkey_version(updateHandle);
+ if (handle->version != NSSLOWKEY_DB_FILE_VERSION) {
+ nsslowkey_CloseKeyDB(updateHandle);
+ goto noupdate;
+ }
+
+ /* copy the new DB from the old one */
+ db_Copy(handle->db, updatedb);
+ nsslowkey_CloseKeyDB(updateHandle);
+ db_InitComplete(handle->db);
+ return SECSuccess;
+ }
+noupdate:
+
+ /* update the version number */
+ rv = makeGlobalVersion(handle);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /*
+ * try to update from v2 db
+ */
+ updname = (*namecb)(cbarg, 2);
+ if (updname != NULL) {
+ handle->updatedb = dbopen(updname, NO_RDONLY, 0600, DB_HASH, 0);
+ PORT_Free(updname);
+
+ if (handle->updatedb) {
+ /*
+ * Try to update the db using a null password. If the db
+ * doesn't have a password, then this will work. If it does
+ * have a password, then this will fail and we will do the
+ * update later
+ */
+ rv = nsslowkey_UpdateKeyDBPass1(handle);
+ if (rv == SECSuccess) {
+ updated = PR_TRUE;
+ }
+ }
+ }
+
+ /* we are using the old salt if we updated from an old db */
+ if (!updated) {
+ rv = makeGlobalSalt(handle);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* sync the database */
+ ret = keydb_Sync(handle, 0);
+ if (ret) {
+ rv = SECFailure;
+ goto loser;
+ }
+ rv = SECSuccess;
+
+loser:
+ db_InitComplete(handle->db);
+ return rv;
+}
+
+static DB *
+openOldDB(const char *appName, const char *prefix, const char *dbname,
+ PRBool openflags)
+{
+ DB *db = NULL;
+
+ if (appName) {
+ db = rdbopen(appName, prefix, "key", openflags, NULL);
+ } else {
+ db = dbopen(dbname, openflags, 0600, DB_HASH, 0);
+ }
+
+ return db;
+}
+
+/* check for correct version number */
+static PRBool
+verifyVersion(NSSLOWKEYDBHandle *handle)
+{
+ int version = nsslowkey_version(handle);
+
+ handle->version = version;
+ if (version != NSSLOWKEY_DB_FILE_VERSION) {
+ if (handle->db) {
+ keydb_Close(handle);
+ handle->db = NULL;
+ }
+ }
+ return handle->db != NULL;
+}
+
+static NSSLOWKEYDBHandle *
+nsslowkey_NewHandle(DB *dbHandle)
+{
+ NSSLOWKEYDBHandle *handle;
+ handle = (NSSLOWKEYDBHandle *)PORT_ZAlloc(sizeof(NSSLOWKEYDBHandle));
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ handle->appname = NULL;
+ handle->dbname = NULL;
+ handle->global_salt = NULL;
+ handle->updatedb = NULL;
+ handle->db = dbHandle;
+ handle->ref = 1;
+ handle->lock = PZ_NewLock(nssILockKeyDB);
+
+ return handle;
+}
+
+NSSLOWKEYDBHandle *
+nsslowkey_OpenKeyDB(PRBool readOnly, const char *appName, const char *prefix,
+ NSSLOWKEYDBNameFunc namecb, void *cbarg)
+{
+ NSSLOWKEYDBHandle *handle = NULL;
+ SECStatus rv;
+ int openflags;
+ char *dbname = NULL;
+
+ handle = nsslowkey_NewHandle(NULL);
+
+ openflags = readOnly ? NO_RDONLY : NO_RDWR;
+
+ dbname = (*namecb)(cbarg, NSSLOWKEY_DB_FILE_VERSION);
+ if (dbname == NULL) {
+ goto loser;
+ }
+ handle->appname = appName ? PORT_Strdup(appName) : NULL;
+ handle->dbname = (appName == NULL) ? PORT_Strdup(dbname) : (prefix ? PORT_Strdup(prefix) : NULL);
+ handle->readOnly = readOnly;
+
+ handle->db = openOldDB(appName, prefix, dbname, openflags);
+ if (handle->db) {
+ verifyVersion(handle);
+ if (handle->version == 255) {
+ goto loser;
+ }
+ }
+
+ /* if first open fails, try to create a new DB */
+ if (handle->db == NULL) {
+ if (readOnly) {
+ goto loser;
+ }
+
+ rv = openNewDB(appName, prefix, dbname, handle, namecb, cbarg);
+ /* two processes started to initialize the database at the same time.
+ * The multiprocess code blocked the second one, then had it retry to
+ * see if it can just open the database normally */
+ if (rv == SECWouldBlock) {
+ handle->db = openOldDB(appName, prefix, dbname, openflags);
+ verifyVersion(handle);
+ if (handle->db == NULL) {
+ goto loser;
+ }
+ } else if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ handle->global_salt = GetKeyDBGlobalSalt(handle);
+ if (dbname)
+ PORT_Free(dbname);
+ return handle;
+
+loser:
+
+ if (dbname)
+ PORT_Free(dbname);
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ nsslowkey_CloseKeyDB(handle);
+ return NULL;
+}
+
+/*
+ * Close the database
+ */
+void
+nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle)
+{
+ if (handle != NULL) {
+ if (handle->db != NULL) {
+ keydb_Close(handle);
+ }
+ if (handle->updatedb) {
+ handle->updatedb->close(handle->updatedb);
+ }
+ if (handle->dbname)
+ PORT_Free(handle->dbname);
+ if (handle->appname)
+ PORT_Free(handle->appname);
+ if (handle->global_salt) {
+ SECITEM_FreeItem(handle->global_salt, PR_TRUE);
+ }
+ if (handle->lock != NULL) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(handle->lock));
+ }
+
+ PORT_Free(handle);
+ }
+}
+
+/* Get the key database version */
+int
+nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle)
+{
+ PORT_Assert(handle != NULL);
+
+ return handle->version;
+}
+
+/*
+ * Delete a private key that was stored in the database
+ */
+SECStatus
+nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, const SECItem *pubkey)
+{
+ DBT namekey;
+ int ret;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (SECFailure);
+ }
+
+ /* set up db key and data */
+ namekey.data = pubkey->data;
+ namekey.size = pubkey->len;
+
+ /* delete it from the database */
+ ret = keydb_Del(handle, &namekey, 0);
+ if (ret) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (SECFailure);
+ }
+
+ /* sync the database */
+ ret = keydb_Sync(handle, 0);
+ if (ret) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+/*
+ * Store a key in the database, indexed by its public key modulus.(value!)
+ */
+SECStatus
+nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYPrivateKey *privkey,
+ SECItem *pubKeyData,
+ char *nickname,
+ SDB *sdb)
+{
+ return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData,
+ nickname, sdb, PR_FALSE);
+}
+
+SECStatus
+nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYPrivateKey *privkey,
+ SECItem *pubKeyData,
+ char *nickname,
+ SDB *sdb)
+{
+ return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData,
+ nickname, sdb, PR_TRUE);
+}
+
+/* see if the symetric CKA_ID already Exists.
+ */
+PRBool
+nsslowkey_KeyForIDExists(NSSLOWKEYDBHandle *handle, SECItem *id)
+{
+ DBT namekey;
+ DBT dummy;
+ int status;
+
+ namekey.data = (char *)id->data;
+ namekey.size = id->len;
+ status = keydb_Get(handle, &namekey, &dummy, 0);
+ if (status) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+/* see if the public key for this cert is in the database filed
+ * by modulus
+ */
+PRBool
+nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle, NSSLOWCERTCertificate *cert)
+{
+ NSSLOWKEYPublicKey *pubkey = NULL;
+ DBT namekey;
+ DBT dummy;
+ int status;
+
+ /* get cert's public key */
+ pubkey = nsslowcert_ExtractPublicKey(cert);
+ if (pubkey == NULL) {
+ return PR_FALSE;
+ }
+
+ /* TNH - make key from NSSLOWKEYPublicKey */
+ switch (pubkey->keyType) {
+ case NSSLOWKEYRSAKey:
+ namekey.data = pubkey->u.rsa.modulus.data;
+ namekey.size = pubkey->u.rsa.modulus.len;
+ break;
+ case NSSLOWKEYDSAKey:
+ namekey.data = pubkey->u.dsa.publicValue.data;
+ namekey.size = pubkey->u.dsa.publicValue.len;
+ break;
+ case NSSLOWKEYDHKey:
+ namekey.data = pubkey->u.dh.publicValue.data;
+ namekey.size = pubkey->u.dh.publicValue.len;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ namekey.data = pubkey->u.ec.publicValue.data;
+ namekey.size = pubkey->u.ec.publicValue.len;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ /* XXX We don't do Fortezza or DH yet. */
+ return PR_FALSE;
+ }
+
+ if (handle->version != 3) {
+ unsigned char buf[SHA1_LENGTH];
+ SHA1_HashBuf(buf, namekey.data, namekey.size);
+ /* NOTE: don't use pubkey after this! it's now thrashed */
+ PORT_Memcpy(namekey.data, buf, sizeof(buf));
+ namekey.size = sizeof(buf);
+ }
+
+ status = keydb_Get(handle, &namekey, &dummy, 0);
+ /* some databases have the key stored as a signed value */
+ if (status) {
+ unsigned char *buf = (unsigned char *)PORT_Alloc(namekey.size + 1);
+ if (buf) {
+ PORT_Memcpy(&buf[1], namekey.data, namekey.size);
+ buf[0] = 0;
+ namekey.data = buf;
+ namekey.size++;
+ status = keydb_Get(handle, &namekey, &dummy, 0);
+ PORT_Free(buf);
+ }
+ }
+ lg_nsslowkey_DestroyPublicKey(pubkey);
+ if (status) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+typedef struct NSSLowPasswordDataParamStr {
+ SECItem salt;
+ SECItem iter;
+} NSSLowPasswordDataParam;
+
+static const SEC_ASN1Template NSSLOWPasswordParamTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLowPasswordDataParam) },
+ { SEC_ASN1_OCTET_STRING, offsetof(NSSLowPasswordDataParam, salt) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLowPasswordDataParam, iter) },
+ { 0 }
+ };
+struct LGEncryptedDataInfoStr {
+ SECAlgorithmID algorithm;
+ SECItem encryptedData;
+};
+typedef struct LGEncryptedDataInfoStr LGEncryptedDataInfo;
+
+const SEC_ASN1Template lg_EncryptedDataInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(LGEncryptedDataInfo) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(LGEncryptedDataInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(LGEncryptedDataInfo, encryptedData) },
+ { 0 }
+};
+
+static SECItem *
+nsslowkey_EncodePW(SECOidTag alg, const SECItem *salt, SECItem *data)
+{
+ NSSLowPasswordDataParam param;
+ LGEncryptedDataInfo edi;
+ PLArenaPool *arena;
+ unsigned char one = 1;
+ SECItem *epw = NULL;
+ SECItem *encParam;
+ SECStatus rv;
+
+ param.salt = *salt;
+ param.iter.type = siBuffer; /* encode as signed integer */
+ param.iter.data = &one;
+ param.iter.len = 1;
+ edi.encryptedData = *data;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ encParam = SEC_ASN1EncodeItem(arena, NULL, &param,
+ NSSLOWPasswordParamTemplate);
+ if (encParam == NULL) {
+ goto loser;
+ }
+ rv = SECOID_SetAlgorithmID(arena, &edi.algorithm, alg, encParam);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ epw = SEC_ASN1EncodeItem(NULL, NULL, &edi, lg_EncryptedDataInfoTemplate);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return epw;
+}
+
+static SECItem *
+nsslowkey_DecodePW(const SECItem *derData, SECOidTag *alg, SECItem *salt)
+{
+ NSSLowPasswordDataParam param;
+ LGEncryptedDataInfo edi;
+ PLArenaPool *arena;
+ SECItem *pwe = NULL;
+ SECStatus rv;
+
+ salt->data = NULL;
+ param.iter.type = siBuffer; /* decode as signed integer */
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, &edi, lg_EncryptedDataInfoTemplate,
+ derData);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ *alg = SECOID_GetAlgorithmTag(&edi.algorithm);
+ rv = SEC_QuickDERDecodeItem(arena, &param, NSSLOWPasswordParamTemplate,
+ &edi.algorithm.parameters);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(NULL, salt, &param.salt);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ pwe = SECITEM_DupItem(&edi.encryptedData);
+
+loser:
+ if (!pwe && salt->data) {
+ PORT_Free(salt->data);
+ salt->data = NULL;
+ }
+ PORT_FreeArena(arena, PR_FALSE);
+ return pwe;
+}
+
+/*
+ * check to see if the user has a password
+ */
+static SECStatus
+nsslowkey_GetPWCheckEntry(NSSLOWKEYDBHandle *handle, NSSLOWKEYPasswordEntry *entry)
+{
+ DBT checkkey; /*, checkdata; */
+ NSSLOWKEYDBKey *dbkey = NULL;
+ SECItem *global_salt = NULL;
+ SECItem *item = NULL;
+ SECItem entryData, oid;
+ SECItem none = { siBuffer, NULL, 0 };
+ SECStatus rv = SECFailure;
+ SECOidTag algorithm;
+
+ if (handle == NULL) {
+ /* PORT_SetError */
+ return (SECFailure);
+ }
+
+ global_salt = GetKeyDBGlobalSalt(handle);
+ if (!global_salt) {
+ global_salt = &none;
+ }
+ if (global_salt->len > sizeof(entry->data)) {
+ /* PORT_SetError */
+ goto loser;
+ }
+
+ PORT_Memcpy(entry->data, global_salt->data, global_salt->len);
+ entry->salt.data = entry->data;
+ entry->salt.len = global_salt->len;
+ entry->value.data = &entry->data[entry->salt.len];
+
+ checkkey.data = KEYDB_PW_CHECK_STRING;
+ checkkey.size = KEYDB_PW_CHECK_LEN;
+ dbkey = get_dbkey(handle, &checkkey);
+ if (dbkey == NULL) {
+ /* handle 'FAKE' check here */
+ goto loser;
+ }
+
+ oid.len = dbkey->derPK.data[0];
+ oid.data = &dbkey->derPK.data[1];
+
+ if (dbkey->derPK.len < (KEYDB_PW_CHECK_LEN + 1 + oid.len)) {
+ goto loser;
+ }
+ algorithm = SECOID_FindOIDTag(&oid);
+ entryData.type = siBuffer;
+ entryData.len = dbkey->derPK.len - (oid.len + 1);
+ entryData.data = &dbkey->derPK.data[oid.len + 1];
+
+ item = nsslowkey_EncodePW(algorithm, &dbkey->salt, &entryData);
+ if (!item || (item->len + entry->salt.len) > sizeof(entry->data)) {
+ goto loser;
+ }
+ PORT_Memcpy(entry->value.data, item->data, item->len);
+ entry->value.len = item->len;
+ rv = SECSuccess;
+
+loser:
+ if (item) {
+ SECITEM_FreeItem(item, PR_TRUE);
+ }
+ if (dbkey) {
+ sec_destroy_dbkey(dbkey);
+ }
+ if (global_salt != &none) {
+ SECITEM_FreeItem(global_salt, PR_TRUE);
+ }
+ return rv;
+}
+
+/*
+ * check to see if the user has a password
+ */
+static SECStatus
+nsslowkey_PutPWCheckEntry(NSSLOWKEYDBHandle *handle, NSSLOWKEYPasswordEntry *entry)
+{
+ DBT checkkey;
+ NSSLOWKEYDBKey *dbkey = NULL;
+ SECItem *item = NULL;
+ SECItem salt;
+ SECOidTag algid = SEC_OID_UNKNOWN;
+ SECStatus rv = SECFailure;
+ PLArenaPool *arena;
+ int ret;
+
+ if (handle == NULL) {
+ /* PORT_SetError */
+ return (SECFailure);
+ }
+
+ checkkey.data = KEYDB_PW_CHECK_STRING;
+ checkkey.size = KEYDB_PW_CHECK_LEN;
+
+ salt.data = NULL;
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return SECFailure;
+ }
+
+ item = nsslowkey_DecodePW(&entry->value, &algid, &salt);
+ if (item == NULL) {
+ goto loser;
+ }
+
+ dbkey = PORT_ArenaZNew(arena, NSSLOWKEYDBKey);
+ if (dbkey == NULL) {
+ goto loser;
+ }
+
+ dbkey->arena = arena;
+
+ rv = SECITEM_CopyItem(arena, &dbkey->salt, &salt);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = encodePWCheckEntry(arena, &dbkey->derPK, algid, item);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = put_dbkey(handle, &checkkey, dbkey, PR_TRUE);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (handle->global_salt) {
+ SECITEM_FreeItem(handle->global_salt, PR_TRUE);
+ handle->global_salt = NULL;
+ }
+ rv = StoreKeyDBGlobalSalt(handle, &entry->salt);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ ret = keydb_Sync(handle, 0);
+ if (ret) {
+ rv = SECFailure;
+ goto loser;
+ }
+ handle->global_salt = GetKeyDBGlobalSalt(handle);
+
+loser:
+ if (item) {
+ SECITEM_FreeItem(item, PR_TRUE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ if (salt.data) {
+ PORT_Free(salt.data);
+ }
+ return rv;
+}
+
+#ifdef EC_DEBUG
+#define SEC_PRINT(str1, str2, num, sitem) \
+ printf("pkcs11c.c:%s:%s (keytype=%d) [len=%d]\n", \
+ str1, str2, num, sitem->len); \
+ for (i = 0; i < sitem->len; i++) { \
+ printf("%02x:", sitem->data[i]); \
+ } \
+ printf("\n")
+#else
+#define SEC_PRINT(a, b, c, d)
+#endif /* EC_DEBUG */
+
+SECStatus
+seckey_encrypt_private_key(PLArenaPool *permarena, NSSLOWKEYPrivateKey *pk,
+ SDB *sdbpw, SECItem *result)
+{
+ NSSLOWKEYPrivateKeyInfo *pki = NULL;
+ SECStatus rv = SECFailure;
+ PLArenaPool *temparena = NULL;
+ SECItem *der_item = NULL;
+ SECItem *cipherText = NULL;
+ SECItem *dummy = NULL;
+#ifndef NSS_DISABLE_ECC
+#ifdef EC_DEBUG
+ SECItem *fordebug = NULL;
+#endif
+ int savelen;
+#endif
+
+ temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (temparena == NULL)
+ goto loser;
+
+ /* allocate structures */
+ pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena,
+ sizeof(NSSLOWKEYPrivateKeyInfo));
+ der_item = (SECItem *)PORT_ArenaZAlloc(temparena, sizeof(SECItem));
+ if ((pki == NULL) || (der_item == NULL))
+ goto loser;
+
+ /* setup private key info */
+ dummy = SEC_ASN1EncodeInteger(temparena, &(pki->version),
+ NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
+ if (dummy == NULL)
+ goto loser;
+
+ /* Encode the key, and set the algorithm (with params) */
+ switch (pk->keyType) {
+ case NSSLOWKEYRSAKey:
+ lg_prepare_low_rsa_priv_key_for_asn1(pk);
+ dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
+ lg_nsslowkey_RSAPrivateKeyTemplate);
+ if (dummy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
+ SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ break;
+ case NSSLOWKEYDSAKey:
+ lg_prepare_low_dsa_priv_key_for_asn1(pk);
+ dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
+ lg_nsslowkey_DSAPrivateKeyTemplate);
+ if (dummy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ lg_prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
+ dummy = SEC_ASN1EncodeItem(temparena, NULL, &pk->u.dsa.params,
+ lg_nsslowkey_PQGParamsTemplate);
+ if (dummy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
+ SEC_OID_ANSIX9_DSA_SIGNATURE, dummy);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ break;
+ case NSSLOWKEYDHKey:
+ lg_prepare_low_dh_priv_key_for_asn1(pk);
+ dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
+ lg_nsslowkey_DHPrivateKeyTemplate);
+ if (dummy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
+ SEC_OID_X942_DIFFIE_HELMAN_KEY, dummy);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ lg_prepare_low_ec_priv_key_for_asn1(pk);
+ /* Public value is encoded as a bit string so adjust length
+ * to be in bits before ASN encoding and readjust
+ * immediately after.
+ *
+ * Since the SECG specification recommends not including the
+ * parameters as part of ECPrivateKey, we zero out the curveOID
+ * length before encoding and restore it later.
+ */
+ pk->u.ec.publicValue.len <<= 3;
+ savelen = pk->u.ec.ecParams.curveOID.len;
+ pk->u.ec.ecParams.curveOID.len = 0;
+ dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
+ lg_nsslowkey_ECPrivateKeyTemplate);
+ pk->u.ec.ecParams.curveOID.len = savelen;
+ pk->u.ec.publicValue.len >>= 3;
+
+ if (dummy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ dummy = &pk->u.ec.ecParams.DEREncoding;
+
+ /* At this point dummy should contain the encoded params */
+ rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
+ SEC_OID_ANSIX962_EC_PUBLIC_KEY, dummy);
+
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+#ifdef EC_DEBUG
+ fordebug = &(pki->privateKey);
+ SEC_PRINT("seckey_encrypt_private_key()", "PrivateKey",
+ pk->keyType, fordebug);
+#endif
+
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ /* We don't support DH or Fortezza private keys yet */
+ PORT_Assert(PR_FALSE);
+ break;
+ }
+
+ /* setup encrypted private key info */
+ dummy = SEC_ASN1EncodeItem(temparena, der_item, pki,
+ lg_nsslowkey_PrivateKeyInfoTemplate);
+
+ SEC_PRINT("seckey_encrypt_private_key()", "PrivateKeyInfo",
+ pk->keyType, der_item);
+
+ if (dummy == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = lg_util_encrypt(temparena, sdbpw, dummy, &cipherText);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(permarena, result, cipherText);
+
+loser:
+
+ if (temparena != NULL)
+ PORT_FreeArena(temparena, PR_TRUE);
+
+ return rv;
+}
+
+static SECStatus
+seckey_put_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, SDB *sdbpw,
+ NSSLOWKEYPrivateKey *pk, char *nickname, PRBool update)
+{
+ NSSLOWKEYDBKey *dbkey = NULL;
+ PLArenaPool *arena = NULL;
+ SECStatus rv = SECFailure;
+
+ if ((keydb == NULL) || (index == NULL) || (sdbpw == NULL) ||
+ (pk == NULL))
+ return SECFailure;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL)
+ return SECFailure;
+
+ dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
+ if (dbkey == NULL)
+ goto loser;
+ dbkey->arena = arena;
+ dbkey->nickname = nickname;
+
+ rv = seckey_encrypt_private_key(arena, pk, sdbpw, &dbkey->derPK);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = put_dbkey(keydb, index, dbkey, update);
+
+/* let success fall through */
+loser:
+ if (arena != NULL)
+ PORT_FreeArena(arena, PR_TRUE);
+
+ return rv;
+}
+
+/*
+ * Store a key in the database, indexed by its public key modulus.
+ * Note that the nickname is optional. It was only used by keyutil.
+ */
+SECStatus
+nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYPrivateKey *privkey,
+ SECItem *pubKeyData,
+ char *nickname,
+ SDB *sdbpw,
+ PRBool update)
+{
+ DBT namekey;
+ SECStatus rv;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (SECFailure);
+ }
+
+ /* set up db key and data */
+ namekey.data = pubKeyData->data;
+ namekey.size = pubKeyData->len;
+
+ /* encrypt the private key */
+ rv = seckey_put_private_key(handle, &namekey, sdbpw, privkey, nickname,
+ update);
+
+ return (rv);
+}
+
+static NSSLOWKEYPrivateKey *
+seckey_decrypt_private_key(SECItem *epki,
+ SDB *sdbpw)
+{
+ NSSLOWKEYPrivateKey *pk = NULL;
+ NSSLOWKEYPrivateKeyInfo *pki = NULL;
+ SECStatus rv = SECFailure;
+ PLArenaPool *temparena = NULL, *permarena = NULL;
+ SECItem *dest = NULL;
+#ifdef EC_DEBUG
+ SECItem *fordebug = NULL;
+#endif
+
+ if ((epki == NULL) || (sdbpw == NULL))
+ goto loser;
+
+ temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if ((temparena == NULL) || (permarena == NULL))
+ goto loser;
+
+ /* allocate temporary items */
+ pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena,
+ sizeof(NSSLOWKEYPrivateKeyInfo));
+
+ /* allocate permanent arena items */
+ pk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(permarena,
+ sizeof(NSSLOWKEYPrivateKey));
+
+ if ((pk == NULL) || (pki == NULL))
+ goto loser;
+
+ pk->arena = permarena;
+
+ rv = lg_util_decrypt(sdbpw, epki, &dest);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (dest != NULL) {
+ SECItem newPrivateKey;
+ SECItem newAlgParms;
+
+ SEC_PRINT("seckey_decrypt_private_key()", "PrivateKeyInfo", -1,
+ dest);
+
+ rv = SEC_QuickDERDecodeItem(temparena, pki,
+ lg_nsslowkey_PrivateKeyInfoTemplate, dest);
+ if (rv == SECSuccess) {
+ switch (SECOID_GetAlgorithmTag(&pki->algorithm)) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ pk->keyType = NSSLOWKEYRSAKey;
+ lg_prepare_low_rsa_priv_key_for_asn1(pk);
+ if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
+ &pki->privateKey))
+ break;
+ rv = SEC_QuickDERDecodeItem(permarena, pk,
+ lg_nsslowkey_RSAPrivateKeyTemplate,
+ &newPrivateKey);
+ if (rv == SECSuccess) {
+ break;
+ }
+ /* Try decoding with the alternative template, but only allow
+ * a zero-length modulus for a secret key object.
+ * See bug 715073.
+ */
+ rv = SEC_QuickDERDecodeItem(permarena, pk,
+ lg_nsslowkey_RSAPrivateKeyTemplate2,
+ &newPrivateKey);
+ /* A publicExponent of 0 is the defining property of a secret
+ * key disguised as an RSA key. When decoding with the
+ * alternative template, only accept a secret key with an
+ * improperly encoded modulus and a publicExponent of 0.
+ */
+ if (rv == SECSuccess) {
+ if (pk->u.rsa.modulus.len == 2 &&
+ pk->u.rsa.modulus.data[0] == SEC_ASN1_INTEGER &&
+ pk->u.rsa.modulus.data[1] == 0 &&
+ pk->u.rsa.publicExponent.len == 1 &&
+ pk->u.rsa.publicExponent.data[0] == 0) {
+ /* Fix the zero-length integer by setting it to 0. */
+ pk->u.rsa.modulus.data = pk->u.rsa.publicExponent.data;
+ pk->u.rsa.modulus.len = pk->u.rsa.publicExponent.len;
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ }
+ }
+ break;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ pk->keyType = NSSLOWKEYDSAKey;
+ lg_prepare_low_dsa_priv_key_for_asn1(pk);
+ if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
+ &pki->privateKey))
+ break;
+ rv = SEC_QuickDERDecodeItem(permarena, pk,
+ lg_nsslowkey_DSAPrivateKeyTemplate,
+ &newPrivateKey);
+ if (rv != SECSuccess)
+ goto loser;
+ lg_prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
+ if (SECSuccess != SECITEM_CopyItem(permarena, &newAlgParms,
+ &pki->algorithm.parameters))
+ break;
+ rv = SEC_QuickDERDecodeItem(permarena, &pk->u.dsa.params,
+ lg_nsslowkey_PQGParamsTemplate,
+ &newAlgParms);
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ pk->keyType = NSSLOWKEYDHKey;
+ lg_prepare_low_dh_priv_key_for_asn1(pk);
+ if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
+ &pki->privateKey))
+ break;
+ rv = SEC_QuickDERDecodeItem(permarena, pk,
+ lg_nsslowkey_DHPrivateKeyTemplate,
+ &newPrivateKey);
+ break;
+#ifndef NSS_DISABLE_ECC
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ pk->keyType = NSSLOWKEYECKey;
+ lg_prepare_low_ec_priv_key_for_asn1(pk);
+
+#ifdef EC_DEBUG
+ fordebug = &pki->privateKey;
+ SEC_PRINT("seckey_decrypt_private_key()", "PrivateKey",
+ pk->keyType, fordebug);
+#endif
+ if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
+ &pki->privateKey))
+ break;
+ rv = SEC_QuickDERDecodeItem(permarena, pk,
+ lg_nsslowkey_ECPrivateKeyTemplate,
+ &newPrivateKey);
+ if (rv != SECSuccess)
+ goto loser;
+
+ lg_prepare_low_ecparams_for_asn1(&pk->u.ec.ecParams);
+
+ rv = SECITEM_CopyItem(permarena,
+ &pk->u.ec.ecParams.DEREncoding,
+ &pki->algorithm.parameters);
+
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Fill out the rest of EC params */
+ rv = LGEC_FillParams(permarena, &pk->u.ec.ecParams.DEREncoding,
+ &pk->u.ec.ecParams);
+
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (pk->u.ec.publicValue.len != 0) {
+ pk->u.ec.publicValue.len >>= 3;
+ }
+
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ rv = SECFailure;
+ break;
+ }
+ } else if (PORT_GetError() == SEC_ERROR_BAD_DER) {
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ goto loser;
+ }
+ }
+
+/* let success fall through */
+loser:
+ if (temparena != NULL)
+ PORT_FreeArena(temparena, PR_TRUE);
+ if (dest != NULL)
+ SECITEM_ZfreeItem(dest, PR_TRUE);
+
+ if (rv != SECSuccess) {
+ if (permarena != NULL)
+ PORT_FreeArena(permarena, PR_TRUE);
+ pk = NULL;
+ }
+
+ return pk;
+}
+
+static NSSLOWKEYPrivateKey *
+seckey_decode_encrypted_private_key(NSSLOWKEYDBKey *dbkey, SDB *sdbpw)
+{
+ if ((dbkey == NULL) || (sdbpw == NULL)) {
+ return NULL;
+ }
+
+ return seckey_decrypt_private_key(&(dbkey->derPK), sdbpw);
+}
+
+static NSSLOWKEYPrivateKey *
+seckey_get_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, char **nickname,
+ SDB *sdbpw)
+{
+ NSSLOWKEYDBKey *dbkey = NULL;
+ NSSLOWKEYPrivateKey *pk = NULL;
+
+ if ((keydb == NULL) || (index == NULL) || (sdbpw == NULL)) {
+ return NULL;
+ }
+
+ dbkey = get_dbkey(keydb, index);
+ if (dbkey == NULL) {
+ goto loser;
+ }
+
+ if (nickname) {
+ if (dbkey->nickname && (dbkey->nickname[0] != 0)) {
+ *nickname = PORT_Strdup(dbkey->nickname);
+ } else {
+ *nickname = NULL;
+ }
+ }
+
+ pk = seckey_decode_encrypted_private_key(dbkey, sdbpw);
+
+/* let success fall through */
+loser:
+
+ if (dbkey != NULL) {
+ sec_destroy_dbkey(dbkey);
+ }
+
+ return pk;
+}
+
+/*
+ * Find a key in the database, indexed by its public key modulus
+ * This is used to find keys that have been stored before their
+ * certificate arrives. Once the certificate arrives the key
+ * is looked up by the public modulus in the certificate, and the
+ * re-stored by its nickname.
+ */
+NSSLOWKEYPrivateKey *
+nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
+ SDB *sdbpw)
+{
+ DBT namekey;
+ NSSLOWKEYPrivateKey *pk = NULL;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return NULL;
+ }
+
+ /* set up db key */
+ namekey.data = modulus->data;
+ namekey.size = modulus->len;
+
+ pk = seckey_get_private_key(handle, &namekey, NULL, sdbpw);
+
+ /* no need to free dbkey, since its on the stack, and the data it
+ * points to is owned by the database
+ */
+ return (pk);
+}
+
+char *
+nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
+ SECItem *modulus, SDB *sdbpw)
+{
+ DBT namekey;
+ NSSLOWKEYPrivateKey *pk = NULL;
+ char *nickname = NULL;
+
+ if (handle == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return NULL;
+ }
+
+ /* set up db key */
+ namekey.data = modulus->data;
+ namekey.size = modulus->len;
+
+ pk = seckey_get_private_key(handle, &namekey, &nickname, sdbpw);
+ if (pk) {
+ lg_nsslowkey_DestroyPrivateKey(pk);
+ }
+
+ /* no need to free dbkey, since its on the stack, and the data it
+ * points to is owned by the database
+ */
+ return (nickname);
+}
+/* ===== ENCODING ROUTINES ===== */
+
+static SECStatus
+encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
+ SECItem *encCheck)
+{
+ SECOidData *oidData;
+
+ oidData = SECOID_FindOIDByTag(alg);
+ if (oidData == NULL) {
+ return SECFailure;
+ }
+
+ entry->len = 1 + oidData->oid.len + encCheck->len;
+ if (arena) {
+ entry->data = (unsigned char *)PORT_ArenaAlloc(arena, entry->len);
+ } else {
+ entry->data = (unsigned char *)PORT_Alloc(entry->len);
+ }
+
+ if (entry->data == NULL) {
+ return SECFailure;
+ }
+
+ /* first length of oid */
+ entry->data[0] = (unsigned char)oidData->oid.len;
+ /* next oid itself */
+ PORT_Memcpy(&entry->data[1], oidData->oid.data, oidData->oid.len);
+ /* finally the encrypted check string */
+ PORT_Memcpy(&entry->data[1 + oidData->oid.len], encCheck->data,
+ encCheck->len);
+
+ return SECSuccess;
+}
+
+#define MAX_DB_SIZE 0xffff
+/*
+ * Clear out all the keys in the existing database
+ */
+static SECStatus
+nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle)
+{
+ SECStatus rv;
+ int errors = 0;
+
+ if (handle->db == NULL) {
+ return (SECSuccess);
+ }
+
+ if (handle->readOnly) {
+ /* set an error code */
+ return SECFailure;
+ }
+
+ if (handle->appname == NULL && handle->dbname == NULL) {
+ return SECFailure;
+ }
+
+ keydb_Close(handle);
+ if (handle->appname) {
+ handle->db =
+ rdbopen(handle->appname, handle->dbname, "key", NO_CREATE, NULL);
+ } else {
+ handle->db = dbopen(handle->dbname, NO_CREATE, 0600, DB_HASH, 0);
+ }
+ if (handle->db == NULL) {
+ /* set an error code */
+ return SECFailure;
+ }
+
+ rv = makeGlobalVersion(handle);
+ if (rv != SECSuccess) {
+ errors++;
+ goto done;
+ }
+
+ if (handle->global_salt) {
+ rv = StoreKeyDBGlobalSalt(handle, handle->global_salt);
+ } else {
+ rv = makeGlobalSalt(handle);
+ if (rv == SECSuccess) {
+ handle->global_salt = GetKeyDBGlobalSalt(handle);
+ }
+ }
+ if (rv != SECSuccess) {
+ errors++;
+ }
+
+done:
+ /* sync the database */
+ (void)keydb_Sync(handle, 0);
+ db_InitComplete(handle->db);
+
+ return (errors == 0 ? SECSuccess : SECFailure);
+}
+
+static int
+keydb_Get(NSSLOWKEYDBHandle *kdb, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret;
+ PRLock *kdbLock = kdb->lock;
+ DB *db = kdb->db;
+
+ PORT_Assert(kdbLock != NULL);
+ PZ_Lock(kdbLock);
+
+ ret = (*db->get)(db, key, data, flags);
+
+ (void)PZ_Unlock(kdbLock);
+
+ return (ret);
+}
+
+static int
+keydb_Put(NSSLOWKEYDBHandle *kdb, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret = 0;
+ PRLock *kdbLock = kdb->lock;
+ DB *db = kdb->db;
+
+ PORT_Assert(kdbLock != NULL);
+ PZ_Lock(kdbLock);
+
+ ret = (*db->put)(db, key, data, flags);
+
+ (void)PZ_Unlock(kdbLock);
+
+ return (ret);
+}
+
+static int
+keydb_Sync(NSSLOWKEYDBHandle *kdb, unsigned int flags)
+{
+ int ret;
+ PRLock *kdbLock = kdb->lock;
+ DB *db = kdb->db;
+
+ PORT_Assert(kdbLock != NULL);
+ PZ_Lock(kdbLock);
+
+ ret = (*db->sync)(db, flags);
+
+ (void)PZ_Unlock(kdbLock);
+
+ return (ret);
+}
+
+static int
+keydb_Del(NSSLOWKEYDBHandle *kdb, DBT *key, unsigned int flags)
+{
+ int ret;
+ PRLock *kdbLock = kdb->lock;
+ DB *db = kdb->db;
+
+ PORT_Assert(kdbLock != NULL);
+ PZ_Lock(kdbLock);
+
+ ret = (*db->del)(db, key, flags);
+
+ (void)PZ_Unlock(kdbLock);
+
+ return (ret);
+}
+
+static int
+keydb_Seq(NSSLOWKEYDBHandle *kdb, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret;
+ PRLock *kdbLock = kdb->lock;
+ DB *db = kdb->db;
+
+ PORT_Assert(kdbLock != NULL);
+ PZ_Lock(kdbLock);
+
+ ret = (*db->seq)(db, key, data, flags);
+
+ (void)PZ_Unlock(kdbLock);
+
+ return (ret);
+}
+
+static void
+keydb_Close(NSSLOWKEYDBHandle *kdb)
+{
+ PRLock *kdbLock = kdb->lock;
+ DB *db = kdb->db;
+
+ PORT_Assert(kdbLock != NULL);
+ SKIP_AFTER_FORK(PZ_Lock(kdbLock));
+
+ (*db->close)(db);
+
+ SKIP_AFTER_FORK(PZ_Unlock(kdbLock));
+
+ return;
+}
+
+/*
+ * SDB Entry Points for the Key DB
+ */
+
+CK_RV
+lg_GetMetaData(SDB *sdb, const char *id, SECItem *item1, SECItem *item2)
+{
+ NSSLOWKEYDBHandle *keydb;
+ NSSLOWKEYPasswordEntry entry;
+ SECStatus rv;
+
+ keydb = lg_getKeyDB(sdb);
+ if (keydb == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ if (PORT_Strcmp(id, "password") != 0) {
+ /* shouldn't happen */
+ return CKR_GENERAL_ERROR; /* no extra data stored */
+ }
+ rv = nsslowkey_GetPWCheckEntry(keydb, &entry);
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ item1->len = entry.salt.len;
+ PORT_Memcpy(item1->data, entry.salt.data, item1->len);
+ item2->len = entry.value.len;
+ PORT_Memcpy(item2->data, entry.value.data, item2->len);
+ return CKR_OK;
+}
+
+CK_RV
+lg_PutMetaData(SDB *sdb, const char *id,
+ const SECItem *item1, const SECItem *item2)
+{
+ NSSLOWKEYDBHandle *keydb;
+ NSSLOWKEYPasswordEntry entry;
+ SECStatus rv;
+
+ keydb = lg_getKeyDB(sdb);
+ if (keydb == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ if (PORT_Strcmp(id, "password") != 0) {
+ /* shouldn't happen */
+ return CKR_GENERAL_ERROR; /* no extra data stored */
+ }
+ entry.salt = *item1;
+ entry.value = *item2;
+ rv = nsslowkey_PutPWCheckEntry(keydb, &entry);
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ return CKR_OK;
+}
+
+CK_RV
+lg_Reset(SDB *sdb)
+{
+ NSSLOWKEYDBHandle *keydb;
+ SECStatus rv;
+
+ keydb = lg_getKeyDB(sdb);
+ if (keydb == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ rv = nsslowkey_ResetKeyDB(keydb);
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ return CKR_OK;
+}
diff --git a/security/nss/lib/softoken/legacydb/keydbi.h b/security/nss/lib/softoken/legacydb/keydbi.h
new file mode 100644
index 000000000..783c98ecc
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/keydbi.h
@@ -0,0 +1,52 @@
+/*
+ * private.h - Private data structures for the software token library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _KEYDBI_H_
+#define _KEYDBI_H_
+
+#include "nspr.h"
+#include "seccomon.h"
+#include "mcom_db.h"
+
+/*
+ * Handle structure for open key databases
+ */
+struct NSSLOWKEYDBHandleStr {
+ DB *db;
+ DB *updatedb; /* used when updating an old version */
+ SECItem *global_salt; /* password hashing salt for this db */
+ int version; /* version of the database */
+ char *appname; /* multiaccess app name */
+ char *dbname; /* name of the openned DB */
+ PRBool readOnly; /* is the DB read only */
+ PRLock *lock;
+ PRInt32 ref; /* reference count */
+};
+
+/*
+** Typedef for callback for traversing key database.
+** "key" is the key used to index the data in the database (nickname)
+** "data" is the key data
+** "pdata" is the user's data
+*/
+typedef SECStatus (*NSSLOWKEYTraverseKeysFunc)(DBT *key, DBT *data, void *pdata);
+
+SEC_BEGIN_PROTOS
+
+/*
+** Traverse the entire key database, and pass the nicknames and keys to a
+** user supplied function.
+** "f" is the user function to call for each key
+** "udata" is the user's data, which is passed through to "f"
+*/
+extern SECStatus nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYTraverseKeysFunc f,
+ void *udata);
+
+SEC_END_PROTOS
+
+#endif /* _KEYDBI_H_ */
diff --git a/security/nss/lib/softoken/legacydb/legacydb.gyp b/security/nss/lib/softoken/legacydb/legacydb.gyp
new file mode 100644
index 000000000..6431fb5c1
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/legacydb.gyp
@@ -0,0 +1,66 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nssdbm',
+ 'type': 'static_library',
+ 'sources': [
+ 'dbmshim.c',
+ 'keydb.c',
+ 'lgattr.c',
+ 'lgcreate.c',
+ 'lgdestroy.c',
+ 'lgfind.c',
+ 'lgfips.c',
+ 'lginit.c',
+ 'lgutil.c',
+ 'lowcert.c',
+ 'lowkey.c',
+ 'pcertdb.c',
+ 'pk11db.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:dbm_exports',
+ '<(DEPTH)/exports.gyp:nss_exports',
+ '<(DEPTH)/lib/freebl/freebl.gyp:freebl',
+ '<(DEPTH)/lib/dbm/src/src.gyp:dbm'
+ ]
+ },
+ {
+ 'target_name': 'nssdbm3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'nssdbm'
+ ],
+ 'conditions': [
+ [ 'moz_fold_libs==0', {
+ 'dependencies': [
+ '<(DEPTH)/lib/util/util.gyp:nssutil3',
+ ],
+ }, {
+ 'libraries': [
+ '<(moz_folded_library_name)',
+ ],
+ }],
+ ],
+ 'variables': {
+ 'mapfile': 'nssdbm.def'
+ }
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'SHLIB_SUFFIX=\"<(dll_suffix)\"',
+ 'SHLIB_PREFIX=\"<(dll_prefix)\"',
+ 'LG_LIB_NAME=\"libnssdbm3.so\"'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/softoken/legacydb/lgattr.c b/security/nss/lib/softoken/legacydb/lgattr.c
new file mode 100644
index 000000000..5c2cbdbc6
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgattr.c
@@ -0,0 +1,1792 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal PKCS #11 functions. Should only be called by pkcs11.c
+ */
+#include "pkcs11.h"
+#include "lgdb.h"
+
+#include "pcertt.h"
+#include "lowkeyi.h"
+#include "pcert.h"
+#include "blapi.h"
+#include "secerr.h"
+#include "secasn1.h"
+
+/*
+ * Cache the object we are working on during Set's and Get's
+ */
+typedef struct LGObjectCacheStr {
+ CK_OBJECT_CLASS objclass;
+ CK_OBJECT_HANDLE handle;
+ SDB *sdb;
+ void *objectInfo;
+ LGFreeFunc infoFree;
+ SECItem dbKey;
+} LGObjectCache;
+
+static const CK_OBJECT_HANDLE lg_classArray[] = {
+ 0, CKO_PRIVATE_KEY, CKO_PUBLIC_KEY, CKO_SECRET_KEY,
+ CKO_NSS_TRUST, CKO_NSS_CRL, CKO_NSS_SMIME,
+ CKO_CERTIFICATE
+};
+
+#define handleToClass(handle) \
+ lg_classArray[((handle & LG_TOKEN_TYPE_MASK)) >> LG_TOKEN_TYPE_SHIFT]
+
+static void lg_DestroyObjectCache(LGObjectCache *obj);
+
+static LGObjectCache *
+lg_NewObjectCache(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE handle)
+{
+ LGObjectCache *obj = NULL;
+ SECStatus rv;
+
+ obj = PORT_New(LGObjectCache);
+ if (obj == NULL) {
+ return NULL;
+ }
+
+ obj->objclass = handleToClass(handle);
+ obj->handle = handle;
+ obj->sdb = sdb;
+ obj->objectInfo = NULL;
+ obj->infoFree = NULL;
+ obj->dbKey.data = NULL;
+ obj->dbKey.len = 0;
+ lg_DBLock(sdb);
+ if (dbKey == NULL) {
+ dbKey = lg_lookupTokenKeyByHandle(sdb, handle);
+ }
+ if (dbKey == NULL) {
+ lg_DBUnlock(sdb);
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(NULL, &obj->dbKey, dbKey);
+ lg_DBUnlock(sdb);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return obj;
+loser:
+ (void)lg_DestroyObjectCache(obj);
+ return NULL;
+}
+
+/*
+ * free all the data associated with an object. Object reference count must
+ * be 'zero'.
+ */
+static void
+lg_DestroyObjectCache(LGObjectCache *obj)
+{
+ if (obj->dbKey.data) {
+ PORT_Free(obj->dbKey.data);
+ obj->dbKey.data = NULL;
+ }
+ if (obj->objectInfo) {
+ (*obj->infoFree)(obj->objectInfo);
+ obj->objectInfo = NULL;
+ obj->infoFree = NULL;
+ }
+ PORT_Free(obj);
+}
+/*
+ * ******************** Attribute Utilities *******************************
+ */
+
+static CK_RV
+lg_ULongAttribute(CK_ATTRIBUTE *attr, CK_ATTRIBUTE_TYPE type, CK_ULONG value)
+{
+ unsigned char *data;
+ int i;
+
+ if (attr->pValue == NULL) {
+ attr->ulValueLen = 4;
+ return CKR_OK;
+ }
+ if (attr->ulValueLen < 4) {
+ attr->ulValueLen = (CK_ULONG)-1;
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ data = (unsigned char *)attr->pValue;
+ for (i = 0; i < 4; i++) {
+ data[i] = (value >> ((3 - i) * 8)) & 0xff;
+ }
+ attr->ulValueLen = 4;
+ return CKR_OK;
+}
+
+static CK_RV
+lg_CopyAttribute(CK_ATTRIBUTE *attr, CK_ATTRIBUTE_TYPE type,
+ CK_VOID_PTR value, CK_ULONG len)
+{
+
+ if (attr->pValue == NULL) {
+ attr->ulValueLen = len;
+ return CKR_OK;
+ }
+ if (attr->ulValueLen < len) {
+ attr->ulValueLen = (CK_ULONG)-1;
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ if (value != NULL) {
+ PORT_Memcpy(attr->pValue, value, len);
+ }
+ attr->ulValueLen = len;
+ return CKR_OK;
+}
+
+static CK_RV
+lg_CopyAttributeSigned(CK_ATTRIBUTE *attribute, CK_ATTRIBUTE_TYPE type,
+ void *value, CK_ULONG len)
+{
+ unsigned char *dval = (unsigned char *)value;
+ if (*dval == 0) {
+ dval++;
+ len--;
+ }
+ return lg_CopyAttribute(attribute, type, dval, len);
+}
+
+static CK_RV
+lg_CopyPrivAttribute(CK_ATTRIBUTE *attribute, CK_ATTRIBUTE_TYPE type,
+ void *value, CK_ULONG len, SDB *sdbpw)
+{
+ SECItem plainText, *cipherText = NULL;
+ CK_RV crv = CKR_USER_NOT_LOGGED_IN;
+ SECStatus rv;
+
+ plainText.data = value;
+ plainText.len = len;
+ rv = lg_util_encrypt(NULL, sdbpw, &plainText, &cipherText);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ crv = lg_CopyAttribute(attribute, type, cipherText->data, cipherText->len);
+loser:
+ if (cipherText) {
+ SECITEM_FreeItem(cipherText, PR_TRUE);
+ }
+ return crv;
+}
+
+static CK_RV
+lg_CopyPrivAttrSigned(CK_ATTRIBUTE *attribute, CK_ATTRIBUTE_TYPE type,
+ void *value, CK_ULONG len, SDB *sdbpw)
+{
+ unsigned char *dval = (unsigned char *)value;
+
+ if (*dval == 0) {
+ dval++;
+ len--;
+ }
+ return lg_CopyPrivAttribute(attribute, type, dval, len, sdbpw);
+}
+
+static CK_RV
+lg_invalidAttribute(CK_ATTRIBUTE *attr)
+{
+ attr->ulValueLen = (CK_ULONG)-1;
+ return CKR_ATTRIBUTE_TYPE_INVALID;
+}
+
+#define LG_DEF_ATTRIBUTE(value, len) \
+ { \
+ 0, value, len \
+ }
+
+#define LG_CLONE_ATTR(attribute, type, staticAttr) \
+ lg_CopyAttribute(attribute, type, staticAttr.pValue, staticAttr.ulValueLen)
+
+CK_BBOOL lg_staticTrueValue = CK_TRUE;
+CK_BBOOL lg_staticFalseValue = CK_FALSE;
+static const CK_ATTRIBUTE lg_StaticTrueAttr =
+ LG_DEF_ATTRIBUTE(&lg_staticTrueValue, sizeof(lg_staticTrueValue));
+static const CK_ATTRIBUTE lg_StaticFalseAttr =
+ LG_DEF_ATTRIBUTE(&lg_staticFalseValue, sizeof(lg_staticFalseValue));
+static const CK_ATTRIBUTE lg_StaticNullAttr = LG_DEF_ATTRIBUTE(NULL, 0);
+char lg_StaticOneValue = 1;
+
+/*
+ * helper functions which get the database and call the underlying
+ * low level database function.
+ */
+static char *
+lg_FindKeyNicknameByPublicKey(SDB *sdb, SECItem *dbKey)
+{
+ NSSLOWKEYDBHandle *keyHandle;
+ char *label;
+
+ keyHandle = lg_getKeyDB(sdb);
+ if (!keyHandle) {
+ return NULL;
+ }
+
+ label = nsslowkey_FindKeyNicknameByPublicKey(keyHandle, dbKey,
+ sdb);
+ return label;
+}
+
+NSSLOWKEYPrivateKey *
+lg_FindKeyByPublicKey(SDB *sdb, SECItem *dbKey)
+{
+ NSSLOWKEYPrivateKey *privKey;
+ NSSLOWKEYDBHandle *keyHandle;
+
+ keyHandle = lg_getKeyDB(sdb);
+ if (keyHandle == NULL) {
+ return NULL;
+ }
+ privKey = nsslowkey_FindKeyByPublicKey(keyHandle, dbKey, sdb);
+ if (privKey == NULL) {
+ return NULL;
+ }
+ return privKey;
+}
+
+static certDBEntrySMime *
+lg_getSMime(LGObjectCache *obj)
+{
+ certDBEntrySMime *entry;
+ NSSLOWCERTCertDBHandle *certHandle;
+
+ if (obj->objclass != CKO_NSS_SMIME) {
+ return NULL;
+ }
+ if (obj->objectInfo) {
+ return (certDBEntrySMime *)obj->objectInfo;
+ }
+
+ certHandle = lg_getCertDB(obj->sdb);
+ if (!certHandle) {
+ return NULL;
+ }
+ entry = nsslowcert_ReadDBSMimeEntry(certHandle, (char *)obj->dbKey.data);
+ obj->objectInfo = (void *)entry;
+ obj->infoFree = (LGFreeFunc)nsslowcert_DestroyDBEntry;
+ return entry;
+}
+
+static certDBEntryRevocation *
+lg_getCrl(LGObjectCache *obj)
+{
+ certDBEntryRevocation *crl;
+ PRBool isKrl;
+ NSSLOWCERTCertDBHandle *certHandle;
+
+ if (obj->objclass != CKO_NSS_CRL) {
+ return NULL;
+ }
+ if (obj->objectInfo) {
+ return (certDBEntryRevocation *)obj->objectInfo;
+ }
+
+ isKrl = (PRBool)(obj->handle == LG_TOKEN_KRL_HANDLE);
+ certHandle = lg_getCertDB(obj->sdb);
+ if (!certHandle) {
+ return NULL;
+ }
+
+ crl = nsslowcert_FindCrlByKey(certHandle, &obj->dbKey, isKrl);
+ obj->objectInfo = (void *)crl;
+ obj->infoFree = (LGFreeFunc)nsslowcert_DestroyDBEntry;
+ return crl;
+}
+
+static NSSLOWCERTCertificate *
+lg_getCert(LGObjectCache *obj, NSSLOWCERTCertDBHandle *certHandle)
+{
+ NSSLOWCERTCertificate *cert;
+ CK_OBJECT_CLASS objClass = obj->objclass;
+
+ if ((objClass != CKO_CERTIFICATE) && (objClass != CKO_NSS_TRUST)) {
+ return NULL;
+ }
+ if (objClass == CKO_CERTIFICATE && obj->objectInfo) {
+ return (NSSLOWCERTCertificate *)obj->objectInfo;
+ }
+ cert = nsslowcert_FindCertByKey(certHandle, &obj->dbKey);
+ if (objClass == CKO_CERTIFICATE) {
+ obj->objectInfo = (void *)cert;
+ obj->infoFree = (LGFreeFunc)nsslowcert_DestroyCertificate;
+ }
+ return cert;
+}
+
+static NSSLOWCERTTrust *
+lg_getTrust(LGObjectCache *obj, NSSLOWCERTCertDBHandle *certHandle)
+{
+ NSSLOWCERTTrust *trust;
+
+ if (obj->objclass != CKO_NSS_TRUST) {
+ return NULL;
+ }
+ if (obj->objectInfo) {
+ return (NSSLOWCERTTrust *)obj->objectInfo;
+ }
+ trust = nsslowcert_FindTrustByKey(certHandle, &obj->dbKey);
+ obj->objectInfo = (void *)trust;
+ obj->infoFree = (LGFreeFunc)nsslowcert_DestroyTrust;
+ return trust;
+}
+
+static NSSLOWKEYPublicKey *
+lg_GetPublicKey(LGObjectCache *obj)
+{
+ NSSLOWKEYPublicKey *pubKey;
+ NSSLOWKEYPrivateKey *privKey;
+
+ if (obj->objclass != CKO_PUBLIC_KEY) {
+ return NULL;
+ }
+ if (obj->objectInfo) {
+ return (NSSLOWKEYPublicKey *)obj->objectInfo;
+ }
+ privKey = lg_FindKeyByPublicKey(obj->sdb, &obj->dbKey);
+ if (privKey == NULL) {
+ return NULL;
+ }
+ pubKey = lg_nsslowkey_ConvertToPublicKey(privKey);
+ lg_nsslowkey_DestroyPrivateKey(privKey);
+ obj->objectInfo = (void *)pubKey;
+ obj->infoFree = (LGFreeFunc)lg_nsslowkey_DestroyPublicKey;
+ return pubKey;
+}
+
+/*
+ * we need two versions of lg_GetPrivateKey. One version that takes the
+ * DB handle so we can pass the handle we have already acquired in,
+ * rather than going through the 'getKeyDB' code again,
+ * which may fail the second time and another which just aquires
+ * the key handle from the sdb (where we don't already have a key handle.
+ * This version does the former.
+ */
+static NSSLOWKEYPrivateKey *
+lg_GetPrivateKeyWithDB(LGObjectCache *obj, NSSLOWKEYDBHandle *keyHandle)
+{
+ NSSLOWKEYPrivateKey *privKey;
+
+ if ((obj->objclass != CKO_PRIVATE_KEY) &&
+ (obj->objclass != CKO_SECRET_KEY)) {
+ return NULL;
+ }
+ if (obj->objectInfo) {
+ return (NSSLOWKEYPrivateKey *)obj->objectInfo;
+ }
+ privKey = nsslowkey_FindKeyByPublicKey(keyHandle, &obj->dbKey, obj->sdb);
+ if (privKey == NULL) {
+ return NULL;
+ }
+ obj->objectInfo = (void *)privKey;
+ obj->infoFree = (LGFreeFunc)lg_nsslowkey_DestroyPrivateKey;
+ return privKey;
+}
+
+/* this version does the latter */
+static NSSLOWKEYPrivateKey *
+lg_GetPrivateKey(LGObjectCache *obj)
+{
+ NSSLOWKEYDBHandle *keyHandle;
+ NSSLOWKEYPrivateKey *privKey;
+
+ keyHandle = lg_getKeyDB(obj->sdb);
+ if (!keyHandle) {
+ return NULL;
+ }
+ privKey = lg_GetPrivateKeyWithDB(obj, keyHandle);
+ return privKey;
+}
+
+/* lg_GetPubItem returns data associated with the public key.
+ * one only needs to free the public key. This comment is here
+ * because this sematic would be non-obvious otherwise. All callers
+ * should include this comment.
+ */
+static SECItem *
+lg_GetPubItem(NSSLOWKEYPublicKey *pubKey)
+{
+ SECItem *pubItem = NULL;
+ /* get value to compare from the cert's public key */
+ switch (pubKey->keyType) {
+ case NSSLOWKEYRSAKey:
+ pubItem = &pubKey->u.rsa.modulus;
+ break;
+ case NSSLOWKEYDSAKey:
+ pubItem = &pubKey->u.dsa.publicValue;
+ break;
+ case NSSLOWKEYDHKey:
+ pubItem = &pubKey->u.dh.publicValue;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ pubItem = &pubKey->u.ec.publicValue;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ break;
+ }
+ return pubItem;
+}
+
+static CK_RV
+lg_FindRSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_RSA;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.rsa.modulus.data, key->u.rsa.modulus.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_ENCRYPT:
+ case CKA_VERIFY:
+ case CKA_VERIFY_RECOVER:
+ case CKA_WRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_MODULUS:
+ return lg_CopyAttributeSigned(attribute, type, key->u.rsa.modulus.data,
+ key->u.rsa.modulus.len);
+ case CKA_PUBLIC_EXPONENT:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.rsa.publicExponent.data,
+ key->u.rsa.publicExponent.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindDSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_DSA;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.dsa.publicValue.data,
+ key->u.dsa.publicValue.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ case CKA_ENCRYPT:
+ case CKA_VERIFY_RECOVER:
+ case CKA_WRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_VERIFY:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_VALUE:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.publicValue.data,
+ key->u.dsa.publicValue.len);
+ case CKA_PRIME:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.params.prime.data,
+ key->u.dsa.params.prime.len);
+ case CKA_SUBPRIME:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.params.subPrime.data,
+ key->u.dsa.params.subPrime.len);
+ case CKA_BASE:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.params.base.data,
+ key->u.dsa.params.base.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindDHPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_DH;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.dh.publicValue.data, key->u.dh.publicValue.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_ENCRYPT:
+ case CKA_VERIFY:
+ case CKA_VERIFY_RECOVER:
+ case CKA_WRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_VALUE:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dh.publicValue.data,
+ key->u.dh.publicValue.len);
+ case CKA_PRIME:
+ return lg_CopyAttributeSigned(attribute, type, key->u.dh.prime.data,
+ key->u.dh.prime.len);
+ case CKA_BASE:
+ return lg_CopyAttributeSigned(attribute, type, key->u.dh.base.data,
+ key->u.dh.base.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+#ifndef NSS_DISABLE_ECC
+static CK_RV
+lg_FindECPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_EC;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.ec.publicValue.data,
+ key->u.ec.publicValue.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ case CKA_VERIFY:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_ENCRYPT:
+ case CKA_VERIFY_RECOVER:
+ case CKA_WRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_EC_PARAMS:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.ec.ecParams.DEREncoding.data,
+ key->u.ec.ecParams.DEREncoding.len);
+ case CKA_EC_POINT:
+ if (PR_GetEnvSecure("NSS_USE_DECODED_CKA_EC_POINT")) {
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.ec.publicValue.data,
+ key->u.ec.publicValue.len);
+ } else {
+ SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL,
+ &(key->u.ec.publicValue),
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ CK_RV crv;
+ if (!pubValue) {
+ return CKR_HOST_MEMORY;
+ }
+ crv = lg_CopyAttributeSigned(attribute, type,
+ pubValue->data,
+ pubValue->len);
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ return crv;
+ }
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+#endif /* NSS_DISABLE_ECC */
+
+static CK_RV
+lg_FindPublicKeyAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ NSSLOWKEYPublicKey *key;
+ CK_RV crv;
+ char *label;
+
+ switch (type) {
+ case CKA_PRIVATE:
+ case CKA_SENSITIVE:
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_NEVER_EXTRACTABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_MODIFIABLE:
+ case CKA_EXTRACTABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_SUBJECT:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ case CKA_START_DATE:
+ case CKA_END_DATE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ case CKA_LABEL:
+ label = lg_FindKeyNicknameByPublicKey(obj->sdb, &obj->dbKey);
+ if (label == NULL) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ }
+ crv = lg_CopyAttribute(attribute, type, label, PORT_Strlen(label));
+ PORT_Free(label);
+ return crv;
+ default:
+ break;
+ }
+
+ key = lg_GetPublicKey(obj);
+ if (key == NULL) {
+ if (type == CKA_ID) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ }
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ switch (key->keyType) {
+ case NSSLOWKEYRSAKey:
+ return lg_FindRSAPublicKeyAttribute(key, type, attribute);
+ case NSSLOWKEYDSAKey:
+ return lg_FindDSAPublicKeyAttribute(key, type, attribute);
+ case NSSLOWKEYDHKey:
+ return lg_FindDHPublicKeyAttribute(key, type, attribute);
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ return lg_FindECPublicKeyAttribute(key, type, attribute);
+#endif /* NSS_DISABLE_ECC */
+ default:
+ break;
+ }
+
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindSecretKeyAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ NSSLOWKEYPrivateKey *key;
+ char *label;
+ unsigned char *keyString;
+ CK_RV crv;
+ int keyTypeLen;
+ CK_ULONG keyLen;
+ CK_KEY_TYPE keyType;
+ PRUint32 keyTypeStorage;
+
+ switch (type) {
+ case CKA_PRIVATE:
+ case CKA_SENSITIVE:
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_EXTRACTABLE:
+ case CKA_DERIVE:
+ case CKA_ENCRYPT:
+ case CKA_DECRYPT:
+ case CKA_SIGN:
+ case CKA_VERIFY:
+ case CKA_WRAP:
+ case CKA_UNWRAP:
+ case CKA_MODIFIABLE:
+ case CKA_LOCAL:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_NEVER_EXTRACTABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_START_DATE:
+ case CKA_END_DATE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ case CKA_LABEL:
+ label = lg_FindKeyNicknameByPublicKey(obj->sdb, &obj->dbKey);
+ if (label == NULL) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ }
+ crv = lg_CopyAttribute(attribute, type, label, PORT_Strlen(label));
+ PORT_Free(label);
+ return crv;
+ case CKA_ID:
+ return lg_CopyAttribute(attribute, type, obj->dbKey.data,
+ obj->dbKey.len);
+ case CKA_KEY_TYPE:
+ case CKA_VALUE_LEN:
+ case CKA_VALUE:
+ break;
+ default:
+ return lg_invalidAttribute(attribute);
+ }
+
+ key = lg_GetPrivateKey(obj);
+ if (key == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ switch (type) {
+ case CKA_KEY_TYPE:
+ /* handle legacy databases. In legacy databases key_type was stored
+ * in host order, with any leading zeros stripped off. Only key types
+ * under 0x1f (AES) were stored. We assume that any values which are
+ * either 1 byte long (big endian), or have byte[0] between 0 and
+ * 0x7f and bytes[1]-bytes[3] equal to '0' (little endian). All other
+ * values are assumed to be from the new database, which is always 4
+ * bytes in network order */
+ keyType = 0;
+ keyString = key->u.rsa.coefficient.data;
+ keyTypeLen = key->u.rsa.coefficient.len;
+
+ /*
+ * Because of various endian and word lengths The database may have
+ * stored the keyType value in one of the following formats:
+ * (kt) <= 0x1f
+ * length data
+ * Big Endian, pre-3.9, all lengths: 1 (kt)
+ * Little Endian, pre-3.9, 32 bits: 4 (kt) 0 0 0
+ * Little Endian, pre-3.9, 64 bits: 8 (kt) 0 0 0 0 0 0 0
+ * All platforms, 3.9, 32 bits: 4 0 0 0 (kt)
+ * Big Endian, 3.9, 64 bits: 8 0 0 0 (kt) 0 0 0 0
+ * Little Endian, 3.9, 64 bits: 8 0 0 0 0 0 0 0 (kt)
+ * All platforms, >= 3.9.1, all lengths: 4 (a) k1 k2 k3
+ * where (a) is 0 or >= 0x80. currently (a) can only be 0.
+ */
+ /*
+ * this key was written on a 64 bit platform with a using NSS 3.9
+ * or earlier. Reduce the 64 bit possibilities above. When we are
+ * through, we will only have:
+ *
+ * Big Endian, pre-3.9, all lengths: 1 (kt)
+ * Little Endian, pre-3.9, all lengths: 4 (kt) 0 0 0
+ * All platforms, 3.9, all lengths: 4 0 0 0 (kt)
+ * All platforms, => 3.9.1, all lengths: 4 (a) k1 k2 k3
+ */
+ if (keyTypeLen == 8) {
+ keyTypeStorage = *(PRUint32 *)keyString;
+ if (keyTypeStorage == 0) {
+ keyString += sizeof(PRUint32);
+ }
+ keyTypeLen = 4;
+ }
+ /*
+ * Now Handle:
+ *
+ * All platforms, 3.9, all lengths: 4 0 0 0 (kt)
+ * All platforms, => 3.9.1, all lengths: 4 (a) k1 k2 k3
+ *
+ * NOTE: if kt == 0 or ak1k2k3 == 0, the test fails and
+ * we handle it as:
+ *
+ * Little Endian, pre-3.9, all lengths: 4 (kt) 0 0 0
+ */
+ if (keyTypeLen == sizeof(keyTypeStorage) &&
+ (((keyString[0] & 0x80) == 0x80) ||
+ !((keyString[1] == 0) && (keyString[2] == 0) && (keyString[3] == 0)))) {
+ PORT_Memcpy(&keyTypeStorage, keyString, sizeof(keyTypeStorage));
+ keyType = (CK_KEY_TYPE)PR_ntohl(keyTypeStorage);
+ } else {
+ /*
+ * Now Handle:
+ *
+ * Big Endian, pre-3.9, all lengths: 1 (kt)
+ * Little Endian, pre-3.9, all lengths: 4 (kt) 0 0 0
+ * -- KeyType == 0 all other cases ---: 4 0 0 0 0
+ */
+ keyType = (CK_KEY_TYPE)keyString[0];
+ }
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_VALUE:
+ return lg_CopyPrivAttribute(attribute, type, key->u.rsa.privateExponent.data,
+ key->u.rsa.privateExponent.len, obj->sdb);
+ case CKA_VALUE_LEN:
+ keyLen = key->u.rsa.privateExponent.len;
+ return lg_ULongAttribute(attribute, type, keyLen);
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindRSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute, SDB *sdbpw)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_RSA;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.rsa.modulus.data, key->u.rsa.modulus.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_DECRYPT:
+ case CKA_SIGN:
+ case CKA_SIGN_RECOVER:
+ case CKA_UNWRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_MODULUS:
+ return lg_CopyAttributeSigned(attribute, type, key->u.rsa.modulus.data,
+ key->u.rsa.modulus.len);
+ case CKA_PUBLIC_EXPONENT:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.rsa.publicExponent.data,
+ key->u.rsa.publicExponent.len);
+ case CKA_PRIVATE_EXPONENT:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.rsa.privateExponent.data,
+ key->u.rsa.privateExponent.len, sdbpw);
+ case CKA_PRIME_1:
+ return lg_CopyPrivAttrSigned(attribute, type, key->u.rsa.prime1.data,
+ key->u.rsa.prime1.len, sdbpw);
+ case CKA_PRIME_2:
+ return lg_CopyPrivAttrSigned(attribute, type, key->u.rsa.prime2.data,
+ key->u.rsa.prime2.len, sdbpw);
+ case CKA_EXPONENT_1:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.rsa.exponent1.data,
+ key->u.rsa.exponent1.len, sdbpw);
+ case CKA_EXPONENT_2:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.rsa.exponent2.data,
+ key->u.rsa.exponent2.len, sdbpw);
+ case CKA_COEFFICIENT:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.rsa.coefficient.data,
+ key->u.rsa.coefficient.len, sdbpw);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindDSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute, SDB *sdbpw)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_DSA;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.dsa.publicValue.data,
+ key->u.dsa.publicValue.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ case CKA_DECRYPT:
+ case CKA_SIGN_RECOVER:
+ case CKA_UNWRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_SIGN:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_VALUE:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.dsa.privateValue.data,
+ key->u.dsa.privateValue.len, sdbpw);
+ case CKA_PRIME:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.params.prime.data,
+ key->u.dsa.params.prime.len);
+ case CKA_SUBPRIME:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.params.subPrime.data,
+ key->u.dsa.params.subPrime.len);
+ case CKA_BASE:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.params.base.data,
+ key->u.dsa.params.base.len);
+ case CKA_NETSCAPE_DB:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dsa.publicValue.data,
+ key->u.dsa.publicValue.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindDHPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute, SDB *sdbpw)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_DH;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.dh.publicValue.data, key->u.dh.publicValue.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_DECRYPT:
+ case CKA_SIGN:
+ case CKA_SIGN_RECOVER:
+ case CKA_UNWRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_VALUE:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.dh.privateValue.data,
+ key->u.dh.privateValue.len, sdbpw);
+ case CKA_PRIME:
+ return lg_CopyAttributeSigned(attribute, type, key->u.dh.prime.data,
+ key->u.dh.prime.len);
+ case CKA_BASE:
+ return lg_CopyAttributeSigned(attribute, type, key->u.dh.base.data,
+ key->u.dh.base.len);
+ case CKA_NETSCAPE_DB:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.dh.publicValue.data,
+ key->u.dh.publicValue.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+#ifndef NSS_DISABLE_ECC
+static CK_RV
+lg_FindECPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute, SDB *sdbpw)
+{
+ unsigned char hash[SHA1_LENGTH];
+ CK_KEY_TYPE keyType = CKK_EC;
+
+ switch (type) {
+ case CKA_KEY_TYPE:
+ return lg_ULongAttribute(attribute, type, keyType);
+ case CKA_ID:
+ SHA1_HashBuf(hash, key->u.ec.publicValue.data, key->u.ec.publicValue.len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_DERIVE:
+ case CKA_SIGN:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_DECRYPT:
+ case CKA_SIGN_RECOVER:
+ case CKA_UNWRAP:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_VALUE:
+ return lg_CopyPrivAttrSigned(attribute, type,
+ key->u.ec.privateValue.data,
+ key->u.ec.privateValue.len, sdbpw);
+ case CKA_EC_PARAMS:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.ec.ecParams.DEREncoding.data,
+ key->u.ec.ecParams.DEREncoding.len);
+ case CKA_NETSCAPE_DB:
+ return lg_CopyAttributeSigned(attribute, type,
+ key->u.ec.publicValue.data,
+ key->u.ec.publicValue.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+#endif /* NSS_DISABLE_ECC */
+
+static CK_RV
+lg_FindPrivateKeyAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ NSSLOWKEYPrivateKey *key;
+ char *label;
+ CK_RV crv;
+
+ switch (type) {
+ case CKA_PRIVATE:
+ case CKA_SENSITIVE:
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_EXTRACTABLE:
+ case CKA_MODIFIABLE:
+ case CKA_LOCAL:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_NEVER_EXTRACTABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_SUBJECT:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ case CKA_START_DATE:
+ case CKA_END_DATE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ case CKA_LABEL:
+ label = lg_FindKeyNicknameByPublicKey(obj->sdb, &obj->dbKey);
+ if (label == NULL) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ }
+ crv = lg_CopyAttribute(attribute, type, label, PORT_Strlen(label));
+ PORT_Free(label);
+ return crv;
+ default:
+ break;
+ }
+ key = lg_GetPrivateKey(obj);
+ if (key == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ switch (key->keyType) {
+ case NSSLOWKEYRSAKey:
+ return lg_FindRSAPrivateKeyAttribute(key, type, attribute, obj->sdb);
+ case NSSLOWKEYDSAKey:
+ return lg_FindDSAPrivateKeyAttribute(key, type, attribute, obj->sdb);
+ case NSSLOWKEYDHKey:
+ return lg_FindDHPrivateKeyAttribute(key, type, attribute, obj->sdb);
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ return lg_FindECPrivateKeyAttribute(key, type, attribute, obj->sdb);
+#endif /* NSS_DISABLE_ECC */
+ default:
+ break;
+ }
+
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindSMIMEAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ certDBEntrySMime *entry;
+ switch (type) {
+ case CKA_PRIVATE:
+ case CKA_MODIFIABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_NSS_EMAIL:
+ return lg_CopyAttribute(attribute, type, obj->dbKey.data,
+ obj->dbKey.len - 1);
+ case CKA_NSS_SMIME_TIMESTAMP:
+ case CKA_SUBJECT:
+ case CKA_VALUE:
+ break;
+ default:
+ return lg_invalidAttribute(attribute);
+ }
+ entry = lg_getSMime(obj);
+ if (entry == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ switch (type) {
+ case CKA_NSS_SMIME_TIMESTAMP:
+ return lg_CopyAttribute(attribute, type, entry->optionsDate.data,
+ entry->optionsDate.len);
+ case CKA_SUBJECT:
+ return lg_CopyAttribute(attribute, type, entry->subjectName.data,
+ entry->subjectName.len);
+ case CKA_VALUE:
+ return lg_CopyAttribute(attribute, type, entry->smimeOptions.data,
+ entry->smimeOptions.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindTrustAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ NSSLOWCERTTrust *trust;
+ NSSLOWCERTCertDBHandle *certHandle;
+ NSSLOWCERTCertificate *cert;
+ unsigned char hash[SHA1_LENGTH];
+ unsigned int trustFlags;
+ CK_RV crv;
+
+ switch (type) {
+ case CKA_PRIVATE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_MODIFIABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_CERT_SHA1_HASH:
+ case CKA_CERT_MD5_HASH:
+ case CKA_TRUST_CLIENT_AUTH:
+ case CKA_TRUST_SERVER_AUTH:
+ case CKA_TRUST_EMAIL_PROTECTION:
+ case CKA_TRUST_CODE_SIGNING:
+ case CKA_TRUST_STEP_UP_APPROVED:
+ case CKA_ISSUER:
+ case CKA_SERIAL_NUMBER:
+ break;
+ default:
+ return lg_invalidAttribute(attribute);
+ }
+ certHandle = lg_getCertDB(obj->sdb);
+ if (!certHandle) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ trust = lg_getTrust(obj, certHandle);
+ if (trust == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ switch (type) {
+ case CKA_CERT_SHA1_HASH:
+ SHA1_HashBuf(hash, trust->derCert->data, trust->derCert->len);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_CERT_MD5_HASH:
+ MD5_HashBuf(hash, trust->derCert->data, trust->derCert->len);
+ return lg_CopyAttribute(attribute, type, hash, MD5_LENGTH);
+ case CKA_TRUST_CLIENT_AUTH:
+ trustFlags = trust->trust->sslFlags &
+ CERTDB_TRUSTED_CLIENT_CA
+ ? trust->trust->sslFlags | CERTDB_TRUSTED_CA
+ : 0;
+ goto trust;
+ case CKA_TRUST_SERVER_AUTH:
+ trustFlags = trust->trust->sslFlags;
+ goto trust;
+ case CKA_TRUST_EMAIL_PROTECTION:
+ trustFlags = trust->trust->emailFlags;
+ goto trust;
+ case CKA_TRUST_CODE_SIGNING:
+ trustFlags = trust->trust->objectSigningFlags;
+ trust:
+ if (trustFlags & CERTDB_TRUSTED_CA) {
+ return lg_ULongAttribute(attribute, type,
+ CKT_NSS_TRUSTED_DELEGATOR);
+ }
+ if (trustFlags & CERTDB_TRUSTED) {
+ return lg_ULongAttribute(attribute, type, CKT_NSS_TRUSTED);
+ }
+ if (trustFlags & CERTDB_MUST_VERIFY) {
+ return lg_ULongAttribute(attribute, type,
+ CKT_NSS_MUST_VERIFY_TRUST);
+ }
+ if (trustFlags & CERTDB_TRUSTED_UNKNOWN) {
+ return lg_ULongAttribute(attribute, type, CKT_NSS_TRUST_UNKNOWN);
+ }
+ if (trustFlags & CERTDB_VALID_CA) {
+ return lg_ULongAttribute(attribute, type, CKT_NSS_VALID_DELEGATOR);
+ }
+ if (trustFlags & CERTDB_TERMINAL_RECORD) {
+ return lg_ULongAttribute(attribute, type, CKT_NSS_NOT_TRUSTED);
+ }
+ return lg_ULongAttribute(attribute, type, CKT_NSS_TRUST_UNKNOWN);
+ case CKA_TRUST_STEP_UP_APPROVED:
+ if (trust->trust->sslFlags & CERTDB_GOVT_APPROVED_CA) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ } else {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ }
+ default:
+ break;
+ }
+
+ switch (type) {
+ case CKA_ISSUER:
+ cert = lg_getCert(obj, certHandle);
+ if (cert == NULL)
+ break;
+ crv = lg_CopyAttribute(attribute, type, cert->derIssuer.data,
+ cert->derIssuer.len);
+ break;
+ case CKA_SERIAL_NUMBER:
+ cert = lg_getCert(obj, certHandle);
+ if (cert == NULL)
+ break;
+ crv = lg_CopyAttribute(attribute, type, cert->derSN.data,
+ cert->derSN.len);
+ break;
+ default:
+ cert = NULL;
+ break;
+ }
+ if (cert) {
+ nsslowcert_DestroyCertificate(cert);
+ return crv;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindCrlAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ certDBEntryRevocation *crl;
+
+ switch (type) {
+ case CKA_PRIVATE:
+ case CKA_MODIFIABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_NSS_KRL:
+ return ((obj->handle == LG_TOKEN_KRL_HANDLE)
+ ? LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr)
+ : LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr));
+ case CKA_SUBJECT:
+ return lg_CopyAttribute(attribute, type, obj->dbKey.data,
+ obj->dbKey.len);
+ case CKA_NSS_URL:
+ case CKA_VALUE:
+ break;
+ default:
+ return lg_invalidAttribute(attribute);
+ }
+ crl = lg_getCrl(obj);
+ if (!crl) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ switch (type) {
+ case CKA_NSS_URL:
+ if (crl->url == NULL) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ }
+ return lg_CopyAttribute(attribute, type, crl->url,
+ PORT_Strlen(crl->url) + 1);
+ case CKA_VALUE:
+ return lg_CopyAttribute(attribute, type, crl->derCrl.data,
+ crl->derCrl.len);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+static CK_RV
+lg_FindCertAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *attribute)
+{
+ NSSLOWCERTCertificate *cert;
+ NSSLOWCERTCertDBHandle *certHandle;
+ NSSLOWKEYPublicKey *pubKey;
+ unsigned char hash[SHA1_LENGTH];
+ SECItem *item;
+
+ switch (type) {
+ case CKA_PRIVATE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
+ case CKA_MODIFIABLE:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_CERTIFICATE_TYPE:
+ /* hardcoding X.509 into here */
+ return lg_ULongAttribute(attribute, type, CKC_X_509);
+ case CKA_VALUE:
+ case CKA_ID:
+ case CKA_LABEL:
+ case CKA_SUBJECT:
+ case CKA_ISSUER:
+ case CKA_SERIAL_NUMBER:
+ case CKA_NSS_EMAIL:
+ break;
+ default:
+ return lg_invalidAttribute(attribute);
+ }
+
+ certHandle = lg_getCertDB(obj->sdb);
+ if (certHandle == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ cert = lg_getCert(obj, certHandle);
+ if (cert == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ switch (type) {
+ case CKA_VALUE:
+ return lg_CopyAttribute(attribute, type, cert->derCert.data,
+ cert->derCert.len);
+ case CKA_ID:
+ if (((cert->trust->sslFlags & CERTDB_USER) == 0) &&
+ ((cert->trust->emailFlags & CERTDB_USER) == 0) &&
+ ((cert->trust->objectSigningFlags & CERTDB_USER) == 0)) {
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ }
+ pubKey = nsslowcert_ExtractPublicKey(cert);
+ if (pubKey == NULL)
+ break;
+ item = lg_GetPubItem(pubKey);
+ if (item == NULL) {
+ lg_nsslowkey_DestroyPublicKey(pubKey);
+ break;
+ }
+ SHA1_HashBuf(hash, item->data, item->len);
+ /* item is imbedded in pubKey, just free the key */
+ lg_nsslowkey_DestroyPublicKey(pubKey);
+ return lg_CopyAttribute(attribute, type, hash, SHA1_LENGTH);
+ case CKA_LABEL:
+ return cert->nickname
+ ? lg_CopyAttribute(attribute, type, cert->nickname,
+ PORT_Strlen(cert->nickname))
+ : LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ case CKA_SUBJECT:
+ return lg_CopyAttribute(attribute, type, cert->derSubject.data,
+ cert->derSubject.len);
+ case CKA_ISSUER:
+ return lg_CopyAttribute(attribute, type, cert->derIssuer.data,
+ cert->derIssuer.len);
+ case CKA_SERIAL_NUMBER:
+ return lg_CopyAttribute(attribute, type, cert->derSN.data,
+ cert->derSN.len);
+ case CKA_NSS_EMAIL:
+ return (cert->emailAddr && cert->emailAddr[0])
+ ? lg_CopyAttribute(attribute, type, cert->emailAddr,
+ PORT_Strlen(cert->emailAddr))
+ : LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+CK_RV
+lg_GetSingleAttribute(LGObjectCache *obj, CK_ATTRIBUTE *attribute)
+{
+ /* handle the common ones */
+ CK_ATTRIBUTE_TYPE type = attribute->type;
+ switch (type) {
+ case CKA_CLASS:
+ return lg_ULongAttribute(attribute, type, obj->objclass);
+ case CKA_TOKEN:
+ return LG_CLONE_ATTR(attribute, type, lg_StaticTrueAttr);
+ case CKA_LABEL:
+ if ((obj->objclass == CKO_CERTIFICATE) ||
+ (obj->objclass == CKO_PRIVATE_KEY) ||
+ (obj->objclass == CKO_PUBLIC_KEY) ||
+ (obj->objclass == CKO_SECRET_KEY)) {
+ break;
+ }
+ return LG_CLONE_ATTR(attribute, type, lg_StaticNullAttr);
+ default:
+ break;
+ }
+ switch (obj->objclass) {
+ case CKO_CERTIFICATE:
+ return lg_FindCertAttribute(obj, type, attribute);
+ case CKO_NSS_CRL:
+ return lg_FindCrlAttribute(obj, type, attribute);
+ case CKO_NSS_TRUST:
+ return lg_FindTrustAttribute(obj, type, attribute);
+ case CKO_NSS_SMIME:
+ return lg_FindSMIMEAttribute(obj, type, attribute);
+ case CKO_PUBLIC_KEY:
+ return lg_FindPublicKeyAttribute(obj, type, attribute);
+ case CKO_PRIVATE_KEY:
+ return lg_FindPrivateKeyAttribute(obj, type, attribute);
+ case CKO_SECRET_KEY:
+ return lg_FindSecretKeyAttribute(obj, type, attribute);
+ default:
+ break;
+ }
+ return lg_invalidAttribute(attribute);
+}
+
+/*
+ * Fill in the attribute template based on the data in the database.
+ */
+CK_RV
+lg_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE handle, CK_ATTRIBUTE *templ,
+ CK_ULONG count)
+{
+ LGObjectCache *obj = lg_NewObjectCache(sdb, NULL, handle & ~LG_TOKEN_MASK);
+ CK_RV crv, crvCollect = CKR_OK;
+ unsigned int i;
+
+ if (obj == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ for (i = 0; i < count; i++) {
+ crv = lg_GetSingleAttribute(obj, &templ[i]);
+ if (crvCollect == CKR_OK)
+ crvCollect = crv;
+ }
+
+ lg_DestroyObjectCache(obj);
+ return crvCollect;
+}
+
+PRBool
+lg_cmpAttribute(LGObjectCache *obj, const CK_ATTRIBUTE *attribute)
+{
+ unsigned char buf[LG_BUF_SPACE];
+ CK_ATTRIBUTE testAttr;
+ unsigned char *tempBuf = NULL;
+ PRBool match = PR_TRUE;
+ CK_RV crv;
+
+ /* we're going to compare 'attribute' with the actual attribute from
+ * the object. We'll use the length of 'attribute' to decide how much
+ * space we need to read the test attribute. If 'attribute' doesn't give
+ * enough space, then we know the values don't match and that will
+ * show up as ckr != CKR_OK */
+ testAttr = *attribute;
+ testAttr.pValue = buf;
+
+ /* if we don't have enough space, malloc it */
+ if (attribute->ulValueLen > LG_BUF_SPACE) {
+ tempBuf = PORT_Alloc(attribute->ulValueLen);
+ if (!tempBuf) {
+ return PR_FALSE;
+ }
+ testAttr.pValue = tempBuf;
+ }
+
+ /* get the attribute */
+ crv = lg_GetSingleAttribute(obj, &testAttr);
+ /* if the attribute was read OK, compare it */
+ if ((crv != CKR_OK) ||
+ (attribute->pValue == NULL) ||
+ (attribute->ulValueLen != testAttr.ulValueLen) ||
+ (PORT_Memcmp(attribute->pValue, testAttr.pValue, testAttr.ulValueLen) != 0)) {
+ /* something didn't match, this isn't the object we are looking for */
+ match = PR_FALSE;
+ }
+ /* free the buffer we may have allocated */
+ if (tempBuf) {
+ PORT_Free(tempBuf);
+ }
+ return match;
+}
+
+PRBool
+lg_tokenMatch(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE class,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ PRBool match = PR_TRUE;
+ LGObjectCache *obj = lg_NewObjectCache(sdb, dbKey, class);
+ unsigned int i;
+
+ if (obj == NULL) {
+ return PR_FALSE;
+ }
+
+ for (i = 0; i < count; i++) {
+ match = lg_cmpAttribute(obj, &templ[i]);
+ if (!match) {
+ break;
+ }
+ }
+
+ /* done looking, free up our cache */
+ lg_DestroyObjectCache(obj);
+
+ /* if we get through the whole list without finding a mismatched attribute,
+ * then this object fits the criteria we are matching */
+ return match;
+}
+
+static CK_RV
+lg_SetCertAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len)
+{
+ NSSLOWCERTCertificate *cert;
+ NSSLOWCERTCertDBHandle *certHandle;
+ char *nickname = NULL;
+ SECStatus rv;
+ CK_RV crv;
+
+ /* we can't change the EMAIL values, but let the
+ * upper layers feel better about the fact we tried to set these */
+ if (type == CKA_NSS_EMAIL) {
+ return CKR_OK;
+ }
+
+ certHandle = lg_getCertDB(obj->sdb);
+ if (certHandle == NULL) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ goto done;
+ }
+
+ if ((type != CKA_LABEL) && (type != CKA_ID)) {
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ goto done;
+ }
+
+ cert = lg_getCert(obj, certHandle);
+ if (cert == NULL) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+
+ /* if the app is trying to set CKA_ID, it's probably because it just
+ * imported the key. Look to see if we need to set the CERTDB_USER bits.
+ */
+ if (type == CKA_ID) {
+ if (((cert->trust->sslFlags & CERTDB_USER) == 0) &&
+ ((cert->trust->emailFlags & CERTDB_USER) == 0) &&
+ ((cert->trust->objectSigningFlags & CERTDB_USER) == 0)) {
+ NSSLOWKEYDBHandle *keyHandle;
+
+ keyHandle = lg_getKeyDB(obj->sdb);
+ if (keyHandle) {
+ if (nsslowkey_KeyForCertExists(keyHandle, cert)) {
+ NSSLOWCERTCertTrust trust = *cert->trust;
+ trust.sslFlags |= CERTDB_USER;
+ trust.emailFlags |= CERTDB_USER;
+ trust.objectSigningFlags |= CERTDB_USER;
+ nsslowcert_ChangeCertTrust(certHandle, cert, &trust);
+ }
+ }
+ }
+ crv = CKR_OK;
+ goto done;
+ }
+
+ /* must be CKA_LABEL */
+ if (value != NULL) {
+ nickname = PORT_ZAlloc(len + 1);
+ if (nickname == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto done;
+ }
+ PORT_Memcpy(nickname, value, len);
+ nickname[len] = 0;
+ }
+ rv = nsslowcert_AddPermNickname(certHandle, cert, nickname);
+ crv = (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
+
+done:
+ if (nickname) {
+ PORT_Free(nickname);
+ }
+ return crv;
+}
+
+static CK_RV
+lg_SetPrivateKeyAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len,
+ PRBool *writePrivate)
+{
+ NSSLOWKEYPrivateKey *privKey;
+ NSSLOWKEYDBHandle *keyHandle;
+ char *nickname = NULL;
+ SECStatus rv;
+ CK_RV crv;
+
+ /* we can't change the ID and we don't store the subject, but let the
+ * upper layers feel better about the fact we tried to set these */
+ if ((type == CKA_ID) || (type == CKA_SUBJECT) ||
+ (type == CKA_LOCAL) || (type == CKA_NEVER_EXTRACTABLE) ||
+ (type == CKA_ALWAYS_SENSITIVE)) {
+ return CKR_OK;
+ }
+
+ keyHandle = lg_getKeyDB(obj->sdb);
+ if (keyHandle == NULL) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ goto done;
+ }
+
+ privKey = lg_GetPrivateKeyWithDB(obj, keyHandle);
+ if (privKey == NULL) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ switch (type) {
+ case CKA_LABEL:
+ if (value != NULL) {
+ nickname = PORT_ZAlloc(len + 1);
+ if (nickname == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto done;
+ }
+ PORT_Memcpy(nickname, value, len);
+ nickname[len] = 0;
+ }
+ rv = nsslowkey_UpdateNickname(keyHandle, privKey, &obj->dbKey,
+ nickname, obj->sdb);
+ crv = (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
+ break;
+ case CKA_UNWRAP:
+ case CKA_SIGN:
+ case CKA_DERIVE:
+ case CKA_SIGN_RECOVER:
+ case CKA_DECRYPT:
+ /* ignore attempts to change restrict these.
+ * legacyDB ignore these flags and always presents all of them
+ * that are valid as true.
+ * NOTE: We only get here if the current value and the new value do
+ * not match. */
+ if (*(char *)value == 0) {
+ crv = CKR_OK;
+ }
+ break;
+ case CKA_VALUE:
+ case CKA_PRIVATE_EXPONENT:
+ case CKA_PRIME_1:
+ case CKA_PRIME_2:
+ case CKA_EXPONENT_1:
+ case CKA_EXPONENT_2:
+ case CKA_COEFFICIENT:
+ /* We aren't really changing these values, we are just triggering
+ * the database to update it's entry */
+ *writePrivate = PR_TRUE;
+ crv = CKR_OK;
+ break;
+ default:
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ break;
+ }
+done:
+ if (nickname) {
+ PORT_Free(nickname);
+ }
+ return crv;
+}
+
+static CK_RV
+lg_SetPublicKeyAttribute(LGObjectCache *obj, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len,
+ PRBool *writePrivate)
+{
+ /* we can't change the ID and we don't store the subject, but let the
+ * upper layers feel better about the fact we tried to set these */
+ if ((type == CKA_ID) || (type == CKA_SUBJECT) || (type == CKA_LABEL)) {
+ return CKR_OK;
+ }
+ return CKR_ATTRIBUTE_READ_ONLY;
+}
+
+static CK_RV
+lg_SetTrustAttribute(LGObjectCache *obj, const CK_ATTRIBUTE *attr)
+{
+ unsigned int flags;
+ CK_TRUST trust;
+ NSSLOWCERTCertificate *cert = NULL;
+ NSSLOWCERTCertDBHandle *certHandle;
+ NSSLOWCERTCertTrust dbTrust;
+ SECStatus rv;
+ CK_RV crv;
+
+ if (attr->type == CKA_LABEL) {
+ return CKR_OK;
+ }
+
+ crv = lg_GetULongAttribute(attr->type, attr, 1, &trust);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ flags = lg_MapTrust(trust, (PRBool)(attr->type == CKA_TRUST_CLIENT_AUTH));
+
+ certHandle = lg_getCertDB(obj->sdb);
+
+ if (certHandle == NULL) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ goto done;
+ }
+
+ cert = lg_getCert(obj, certHandle);
+ if (cert == NULL) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ goto done;
+ }
+ dbTrust = *cert->trust;
+
+ switch (attr->type) {
+ case CKA_TRUST_EMAIL_PROTECTION:
+ dbTrust.emailFlags = flags |
+ (cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS);
+ break;
+ case CKA_TRUST_CODE_SIGNING:
+ dbTrust.objectSigningFlags = flags |
+ (cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS);
+ break;
+ case CKA_TRUST_CLIENT_AUTH:
+ dbTrust.sslFlags = flags | (cert->trust->sslFlags &
+ (CERTDB_PRESERVE_TRUST_BITS | CERTDB_TRUSTED_CA));
+ break;
+ case CKA_TRUST_SERVER_AUTH:
+ dbTrust.sslFlags = flags | (cert->trust->sslFlags &
+ (CERTDB_PRESERVE_TRUST_BITS | CERTDB_TRUSTED_CLIENT_CA));
+ break;
+ default:
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ goto done;
+ }
+
+ rv = nsslowcert_ChangeCertTrust(certHandle, cert, &dbTrust);
+ crv = (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
+done:
+ if (cert) {
+ nsslowcert_DestroyCertificate(cert);
+ }
+ return crv;
+}
+
+static CK_RV
+lg_SetSingleAttribute(LGObjectCache *obj, const CK_ATTRIBUTE *attr,
+ PRBool *writePrivate)
+{
+ CK_ATTRIBUTE attribLocal;
+ CK_RV crv;
+
+ if ((attr->type == CKA_NETSCAPE_DB) && (obj->objclass == CKO_PRIVATE_KEY)) {
+ *writePrivate = PR_TRUE;
+ return CKR_OK;
+ }
+
+ /* Make sure the attribute exists first */
+ attribLocal.type = attr->type;
+ attribLocal.pValue = NULL;
+ attribLocal.ulValueLen = 0;
+ crv = lg_GetSingleAttribute(obj, &attribLocal);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /* if we are just setting it to the value we already have,
+ * allow it to happen. Let label setting go through so
+ * we have the opportunity to repair any database corruption. */
+ if (attr->type != CKA_LABEL) {
+ if (lg_cmpAttribute(obj, attr)) {
+ return CKR_OK;
+ }
+ }
+
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ switch (obj->objclass) {
+ case CKO_CERTIFICATE:
+ /* change NICKNAME, EMAIL, */
+ crv = lg_SetCertAttribute(obj, attr->type,
+ attr->pValue, attr->ulValueLen);
+ break;
+ case CKO_NSS_CRL:
+ /* change URL */
+ break;
+ case CKO_NSS_TRUST:
+ crv = lg_SetTrustAttribute(obj, attr);
+ break;
+ case CKO_PRIVATE_KEY:
+ case CKO_SECRET_KEY:
+ crv = lg_SetPrivateKeyAttribute(obj, attr->type,
+ attr->pValue, attr->ulValueLen, writePrivate);
+ break;
+ case CKO_PUBLIC_KEY:
+ crv = lg_SetPublicKeyAttribute(obj, attr->type,
+ attr->pValue, attr->ulValueLen, writePrivate);
+ break;
+ }
+ return crv;
+}
+
+/*
+ * Fill in the attribute template based on the data in the database.
+ */
+CK_RV
+lg_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ LGObjectCache *obj = lg_NewObjectCache(sdb, NULL, handle & ~LG_TOKEN_MASK);
+ CK_RV crv, crvCollect = CKR_OK;
+ PRBool writePrivate = PR_FALSE;
+ unsigned int i;
+
+ if (obj == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ for (i = 0; i < count; i++) {
+ crv = lg_SetSingleAttribute(obj, &templ[i], &writePrivate);
+ if (crvCollect == CKR_OK)
+ crvCollect = crv;
+ }
+
+ /* Write any collected changes out for private and secret keys.
+ * don't do the write for just the label */
+ if (writePrivate) {
+ NSSLOWKEYPrivateKey *privKey = lg_GetPrivateKey(obj);
+ SECStatus rv = SECFailure;
+ char *label = lg_FindKeyNicknameByPublicKey(obj->sdb, &obj->dbKey);
+
+ if (privKey) {
+ rv = nsslowkey_StoreKeyByPublicKeyAlg(lg_getKeyDB(sdb), privKey,
+ &obj->dbKey, label, sdb, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ }
+ PORT_Free(label);
+ }
+
+ lg_DestroyObjectCache(obj);
+ return crvCollect;
+}
diff --git a/security/nss/lib/softoken/legacydb/lgcreate.c b/security/nss/lib/softoken/legacydb/lgcreate.c
new file mode 100644
index 000000000..a0d2b2e57
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgcreate.c
@@ -0,0 +1,1017 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "secitem.h"
+#include "pkcs11.h"
+#include "lgdb.h"
+#include "pcert.h"
+#include "lowkeyi.h"
+#include "blapi.h"
+#include "secder.h"
+#include "secasn1.h"
+
+#include "keydbi.h"
+
+/*
+ * ******************** Object Creation Utilities ***************************
+ */
+
+/*
+ * check the consistancy and initialize a Certificate Object
+ */
+static CK_RV
+lg_createCertObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ SECItem derCert;
+ NSSLOWCERTCertificate *cert;
+ NSSLOWCERTCertTrust *trust = NULL;
+ NSSLOWCERTCertTrust userTrust =
+ { CERTDB_USER, CERTDB_USER, CERTDB_USER };
+ NSSLOWCERTCertTrust defTrust =
+ { CERTDB_TRUSTED_UNKNOWN,
+ CERTDB_TRUSTED_UNKNOWN, CERTDB_TRUSTED_UNKNOWN };
+ char *label = NULL;
+ char *email = NULL;
+ SECStatus rv;
+ CK_RV crv;
+ PRBool inDB = PR_TRUE;
+ NSSLOWCERTCertDBHandle *certHandle = lg_getCertDB(sdb);
+ NSSLOWKEYDBHandle *keyHandle = NULL;
+ CK_CERTIFICATE_TYPE type;
+ const CK_ATTRIBUTE *attribute;
+
+ /* we can't store any certs private */
+ if (lg_isTrue(CKA_PRIVATE, templ, count)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* We only support X.509 Certs for now */
+ crv = lg_GetULongAttribute(CKA_CERTIFICATE_TYPE, templ, count, &type);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ if (type != CKC_X_509) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* X.509 Certificate */
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* get the der cert */
+ attribute = lg_FindAttribute(CKA_VALUE, templ, count);
+ if (!attribute) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ derCert.type = 0;
+ derCert.data = (unsigned char *)attribute->pValue;
+ derCert.len = attribute->ulValueLen;
+
+ label = lg_getString(CKA_LABEL, templ, count);
+
+ cert = nsslowcert_FindCertByDERCert(certHandle, &derCert);
+ if (cert == NULL) {
+ cert = nsslowcert_DecodeDERCertificate(&derCert, label);
+ inDB = PR_FALSE;
+ }
+ if (cert == NULL) {
+ if (label)
+ PORT_Free(label);
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ keyHandle = lg_getKeyDB(sdb);
+ if (keyHandle) {
+ if (nsslowkey_KeyForCertExists(keyHandle, cert)) {
+ trust = &userTrust;
+ }
+ }
+
+ if (!inDB) {
+ if (!trust)
+ trust = &defTrust;
+ rv = nsslowcert_AddPermCert(certHandle, cert, label, trust);
+ } else {
+ rv = trust ? nsslowcert_ChangeCertTrust(certHandle, cert, trust) : SECSuccess;
+ }
+
+ if (label)
+ PORT_Free(label);
+
+ if (rv != SECSuccess) {
+ nsslowcert_DestroyCertificate(cert);
+ return CKR_DEVICE_ERROR;
+ }
+
+ /*
+ * Add a NULL S/MIME profile if necessary.
+ */
+ email = lg_getString(CKA_NSS_EMAIL, templ, count);
+ if (email) {
+ certDBEntrySMime *entry;
+
+ entry = nsslowcert_ReadDBSMimeEntry(certHandle, email);
+ if (!entry) {
+ nsslowcert_SaveSMimeProfile(certHandle, email,
+ &cert->derSubject, NULL, NULL);
+ } else {
+ nsslowcert_DestroyDBEntry((certDBEntry *)entry);
+ }
+ PORT_Free(email);
+ }
+ *handle = lg_mkHandle(sdb, &cert->certKey, LG_TOKEN_TYPE_CERT);
+ nsslowcert_DestroyCertificate(cert);
+
+ return CKR_OK;
+}
+
+unsigned int
+lg_MapTrust(CK_TRUST trust, PRBool clientAuth)
+{
+ unsigned int trustCA = clientAuth ? CERTDB_TRUSTED_CLIENT_CA : CERTDB_TRUSTED_CA;
+ switch (trust) {
+ case CKT_NSS_TRUSTED:
+ return CERTDB_TERMINAL_RECORD | CERTDB_TRUSTED;
+ case CKT_NSS_TRUSTED_DELEGATOR:
+ return CERTDB_VALID_CA | trustCA;
+ case CKT_NSS_MUST_VERIFY_TRUST:
+ return CERTDB_MUST_VERIFY;
+ case CKT_NSS_NOT_TRUSTED:
+ return CERTDB_TERMINAL_RECORD;
+ case CKT_NSS_VALID_DELEGATOR: /* implies must verify */
+ return CERTDB_VALID_CA;
+ default:
+ break;
+ }
+ return CERTDB_TRUSTED_UNKNOWN;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+lg_createTrustObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ const CK_ATTRIBUTE *issuer = NULL;
+ const CK_ATTRIBUTE *serial = NULL;
+ NSSLOWCERTCertificate *cert = NULL;
+ const CK_ATTRIBUTE *trust;
+ CK_TRUST sslTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_TRUST clientTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_TRUST emailTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_TRUST signTrust = CKT_NSS_TRUST_UNKNOWN;
+ CK_BBOOL stepUp;
+ NSSLOWCERTCertTrust dbTrust = { 0 };
+ SECStatus rv;
+ NSSLOWCERTCertDBHandle *certHandle = lg_getCertDB(sdb);
+ NSSLOWCERTIssuerAndSN issuerSN;
+
+ /* we can't store any certs private */
+ if (lg_isTrue(CKA_PRIVATE, templ, count)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ issuer = lg_FindAttribute(CKA_ISSUER, templ, count);
+ serial = lg_FindAttribute(CKA_SERIAL_NUMBER, templ, count);
+
+ if (issuer && serial) {
+ issuerSN.derIssuer.data = (unsigned char *)issuer->pValue;
+ issuerSN.derIssuer.len = issuer->ulValueLen;
+
+ issuerSN.serialNumber.data = (unsigned char *)serial->pValue;
+ issuerSN.serialNumber.len = serial->ulValueLen;
+
+ cert = nsslowcert_FindCertByIssuerAndSN(certHandle, &issuerSN);
+ }
+
+ if (cert == NULL) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ lg_GetULongAttribute(CKA_TRUST_SERVER_AUTH, templ, count, &sslTrust);
+ lg_GetULongAttribute(CKA_TRUST_CLIENT_AUTH, templ, count, &clientTrust);
+ lg_GetULongAttribute(CKA_TRUST_EMAIL_PROTECTION, templ, count, &emailTrust);
+ lg_GetULongAttribute(CKA_TRUST_CODE_SIGNING, templ, count, &signTrust);
+ stepUp = CK_FALSE;
+ trust = lg_FindAttribute(CKA_TRUST_STEP_UP_APPROVED, templ, count);
+ if (trust) {
+ if (trust->ulValueLen == sizeof(CK_BBOOL)) {
+ stepUp = *(CK_BBOOL *)trust->pValue;
+ }
+ }
+
+ /* preserve certain old fields */
+ if (cert->trust) {
+ dbTrust.sslFlags = cert->trust->sslFlags & CERTDB_PRESERVE_TRUST_BITS;
+ dbTrust.emailFlags =
+ cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS;
+ dbTrust.objectSigningFlags =
+ cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS;
+ }
+
+ dbTrust.sslFlags |= lg_MapTrust(sslTrust, PR_FALSE);
+ dbTrust.sslFlags |= lg_MapTrust(clientTrust, PR_TRUE);
+ dbTrust.emailFlags |= lg_MapTrust(emailTrust, PR_FALSE);
+ dbTrust.objectSigningFlags |= lg_MapTrust(signTrust, PR_FALSE);
+ if (stepUp) {
+ dbTrust.sslFlags |= CERTDB_GOVT_APPROVED_CA;
+ }
+
+ rv = nsslowcert_ChangeCertTrust(certHandle, cert, &dbTrust);
+ *handle = lg_mkHandle(sdb, &cert->certKey, LG_TOKEN_TYPE_TRUST);
+ nsslowcert_DestroyCertificate(cert);
+ if (rv != SECSuccess) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+lg_createSMimeObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ SECItem derSubj, rawProfile, rawTime, emailKey;
+ SECItem *pRawProfile = NULL;
+ SECItem *pRawTime = NULL;
+ char *email = NULL;
+ const CK_ATTRIBUTE *subject = NULL,
+ *profile = NULL,
+ *time = NULL;
+ SECStatus rv;
+ NSSLOWCERTCertDBHandle *certHandle;
+ CK_RV ck_rv = CKR_OK;
+
+ /* we can't store any certs private */
+ if (lg_isTrue(CKA_PRIVATE, templ, count)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ certHandle = lg_getCertDB(sdb);
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* lookup SUBJECT */
+ subject = lg_FindAttribute(CKA_SUBJECT, templ, count);
+ PORT_Assert(subject);
+ if (!subject) {
+ ck_rv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ derSubj.data = (unsigned char *)subject->pValue;
+ derSubj.len = subject->ulValueLen;
+ derSubj.type = 0;
+
+ /* lookup VALUE */
+ profile = lg_FindAttribute(CKA_VALUE, templ, count);
+ if (profile) {
+ rawProfile.data = (unsigned char *)profile->pValue;
+ rawProfile.len = profile->ulValueLen;
+ rawProfile.type = siBuffer;
+ pRawProfile = &rawProfile;
+ }
+
+ /* lookup Time */
+ time = lg_FindAttribute(CKA_NSS_SMIME_TIMESTAMP, templ, count);
+ if (time) {
+ rawTime.data = (unsigned char *)time->pValue;
+ rawTime.len = time->ulValueLen;
+ rawTime.type = siBuffer;
+ pRawTime = &rawTime;
+ }
+
+ email = lg_getString(CKA_NSS_EMAIL, templ, count);
+ if (!email) {
+ ck_rv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ /* Store S/MIME Profile by SUBJECT */
+ rv = nsslowcert_SaveSMimeProfile(certHandle, email, &derSubj,
+ pRawProfile, pRawTime);
+ if (rv != SECSuccess) {
+ ck_rv = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+ emailKey.data = (unsigned char *)email;
+ emailKey.len = PORT_Strlen(email) + 1;
+
+ *handle = lg_mkHandle(sdb, &emailKey, LG_TOKEN_TYPE_SMIME);
+
+loser:
+ if (email)
+ PORT_Free(email);
+
+ return ck_rv;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+lg_createCrlObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ PRBool isKRL = PR_FALSE;
+ SECItem derSubj, derCrl;
+ char *url = NULL;
+ const CK_ATTRIBUTE *subject, *crl;
+ SECStatus rv;
+ NSSLOWCERTCertDBHandle *certHandle;
+
+ certHandle = lg_getCertDB(sdb);
+
+ /* we can't store any private crls */
+ if (lg_isTrue(CKA_PRIVATE, templ, count)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* lookup SUBJECT */
+ subject = lg_FindAttribute(CKA_SUBJECT, templ, count);
+ if (!subject) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ derSubj.data = (unsigned char *)subject->pValue;
+ derSubj.len = subject->ulValueLen;
+
+ /* lookup VALUE */
+ crl = lg_FindAttribute(CKA_VALUE, templ, count);
+ PORT_Assert(crl);
+ if (!crl) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ derCrl.data = (unsigned char *)crl->pValue;
+ derCrl.len = crl->ulValueLen;
+
+ url = lg_getString(CKA_NSS_URL, templ, count);
+ isKRL = lg_isTrue(CKA_NSS_KRL, templ, count);
+
+ /* Store CRL by SUBJECT */
+ rv = nsslowcert_AddCrl(certHandle, &derCrl, &derSubj, url, isKRL);
+
+ if (url) {
+ PORT_Free(url);
+ }
+ if (rv != SECSuccess) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ /* if we overwrote the existing CRL, poison the handle entry so we get
+ * a new object handle */
+ (void)lg_poisonHandle(sdb, &derSubj,
+ isKRL ? LG_TOKEN_KRL_HANDLE : LG_TOKEN_TYPE_CRL);
+ *handle = lg_mkHandle(sdb, &derSubj,
+ isKRL ? LG_TOKEN_KRL_HANDLE : LG_TOKEN_TYPE_CRL);
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Public Key Object
+ */
+static CK_RV
+lg_createPublicKeyObject(SDB *sdb, CK_KEY_TYPE key_type,
+ CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ CK_ATTRIBUTE_TYPE pubKeyAttr = CKA_VALUE;
+ CK_RV crv = CKR_OK;
+ NSSLOWKEYPrivateKey *priv;
+ SECItem pubKeySpace = { siBuffer, NULL, 0 };
+ SECItem *pubKey;
+#ifndef NSS_DISABLE_ECC
+ SECItem pubKey2Space = { siBuffer, NULL, 0 };
+ PLArenaPool *arena = NULL;
+#endif /* NSS_DISABLE_ECC */
+ NSSLOWKEYDBHandle *keyHandle = NULL;
+
+ switch (key_type) {
+ case CKK_RSA:
+ pubKeyAttr = CKA_MODULUS;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ pubKeyAttr = CKA_EC_POINT;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ case CKK_DSA:
+ case CKK_DH:
+ break;
+ default:
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ pubKey = &pubKeySpace;
+ crv = lg_Attribute2SSecItem(NULL, pubKeyAttr, templ, count, pubKey);
+ if (crv != CKR_OK)
+ return crv;
+
+#ifndef NSS_DISABLE_ECC
+ if (key_type == CKK_EC) {
+ SECStatus rv;
+ /*
+ * for ECC, use the decoded key first.
+ */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto done;
+ }
+ rv = SEC_QuickDERDecodeItem(arena, &pubKey2Space,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ pubKey);
+ if (rv != SECSuccess) {
+ /* decode didn't work, just try the pubKey */
+ PORT_FreeArena(arena, PR_FALSE);
+ arena = NULL;
+ } else {
+ /* try the decoded pub key first */
+ pubKey = &pubKey2Space;
+ }
+ }
+#endif /* NSS_DISABLE_ECC */
+
+ PORT_Assert(pubKey->data);
+ if (pubKey->data == NULL) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto done;
+ }
+ keyHandle = lg_getKeyDB(sdb);
+ if (keyHandle == NULL) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ goto done;
+ }
+ if (keyHandle->version != 3) {
+ unsigned char buf[SHA1_LENGTH];
+ SHA1_HashBuf(buf, pubKey->data, pubKey->len);
+ PORT_Memcpy(pubKey->data, buf, sizeof(buf));
+ pubKey->len = sizeof(buf);
+ }
+ /* make sure the associated private key already exists */
+ /* only works if we are logged in */
+ priv = nsslowkey_FindKeyByPublicKey(keyHandle, pubKey, sdb /*password*/);
+#ifndef NSS_DISABLE_ECC
+ if (priv == NULL && pubKey == &pubKey2Space) {
+ /* no match on the decoded key, match the original pubkey */
+ pubKey = &pubKeySpace;
+ priv = nsslowkey_FindKeyByPublicKey(keyHandle, pubKey,
+ sdb /*password*/);
+ }
+#endif
+ if (priv == NULL) {
+ /* the legacy database can only 'store' public keys which already
+ * have their corresponding private keys in the database */
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto done;
+ }
+ lg_nsslowkey_DestroyPrivateKey(priv);
+ crv = CKR_OK;
+
+ *handle = lg_mkHandle(sdb, pubKey, LG_TOKEN_TYPE_PUB);
+
+done:
+ PORT_Free(pubKeySpace.data);
+#ifndef NSS_DISABLE_ECC
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+#endif
+
+ return crv;
+}
+
+/* make a private key from a verified object */
+static NSSLOWKEYPrivateKey *
+lg_mkPrivKey(SDB *sdb, const CK_ATTRIBUTE *templ, CK_ULONG count,
+ CK_KEY_TYPE key_type, CK_RV *crvp)
+{
+ NSSLOWKEYPrivateKey *privKey;
+ PLArenaPool *arena;
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ privKey = (NSSLOWKEYPrivateKey *)
+ PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPrivateKey));
+ if (privKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ /* in future this would be a switch on key_type */
+ privKey->arena = arena;
+ switch (key_type) {
+ case CKK_RSA:
+ privKey->keyType = NSSLOWKEYRSAKey;
+ crv = lg_Attribute2SSecItem(arena, CKA_MODULUS, templ, count,
+ &privKey->u.rsa.modulus);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_Attribute2SSecItem(arena, CKA_PUBLIC_EXPONENT, templ, count,
+ &privKey->u.rsa.publicExponent);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_PRIVATE_EXPONENT, templ, count,
+ &privKey->u.rsa.privateExponent, sdb);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_PRIME_1, templ, count,
+ &privKey->u.rsa.prime1, sdb);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_PRIME_2, templ, count,
+ &privKey->u.rsa.prime2, sdb);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_EXPONENT_1, templ, count,
+ &privKey->u.rsa.exponent1, sdb);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_EXPONENT_2, templ, count,
+ &privKey->u.rsa.exponent2, sdb);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_COEFFICIENT, templ, count,
+ &privKey->u.rsa.coefficient, sdb);
+ if (crv != CKR_OK)
+ break;
+ rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
+ NSSLOWKEY_VERSION);
+ if (rv != SECSuccess)
+ crv = CKR_HOST_MEMORY;
+ break;
+
+ case CKK_DSA:
+ privKey->keyType = NSSLOWKEYDSAKey;
+ crv = lg_Attribute2SSecItem(arena, CKA_PRIME, templ, count,
+ &privKey->u.dsa.params.prime);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_Attribute2SSecItem(arena, CKA_SUBPRIME, templ, count,
+ &privKey->u.dsa.params.subPrime);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_Attribute2SSecItem(arena, CKA_BASE, templ, count,
+ &privKey->u.dsa.params.base);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_VALUE, templ, count,
+ &privKey->u.dsa.privateValue, sdb);
+ if (crv != CKR_OK)
+ break;
+ if (lg_hasAttribute(CKA_NETSCAPE_DB, templ, count)) {
+ crv = lg_Attribute2SSecItem(arena, CKA_NETSCAPE_DB, templ, count,
+ &privKey->u.dsa.publicValue);
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ }
+ break;
+
+ case CKK_DH:
+ privKey->keyType = NSSLOWKEYDHKey;
+ crv = lg_Attribute2SSecItem(arena, CKA_PRIME, templ, count,
+ &privKey->u.dh.prime);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_Attribute2SSecItem(arena, CKA_BASE, templ, count,
+ &privKey->u.dh.base);
+ if (crv != CKR_OK)
+ break;
+ crv = lg_PrivAttr2SSecItem(arena, CKA_VALUE, templ, count,
+ &privKey->u.dh.privateValue, sdb);
+ if (crv != CKR_OK)
+ break;
+ if (lg_hasAttribute(CKA_NETSCAPE_DB, templ, count)) {
+ crv = lg_Attribute2SSecItem(arena, CKA_NETSCAPE_DB, templ, count,
+ &privKey->u.dh.publicValue);
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ }
+ break;
+
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ privKey->keyType = NSSLOWKEYECKey;
+ crv = lg_Attribute2SSecItem(arena, CKA_EC_PARAMS, templ, count,
+ &privKey->u.ec.ecParams.DEREncoding);
+ if (crv != CKR_OK)
+ break;
+
+ /* Fill out the rest of the ecParams structure
+ * based on the encoded params
+ */
+ if (LGEC_FillParams(arena, &privKey->u.ec.ecParams.DEREncoding,
+ &privKey->u.ec.ecParams) != SECSuccess) {
+ crv = CKR_DOMAIN_PARAMS_INVALID;
+ break;
+ }
+ crv = lg_PrivAttr2SSecItem(arena, CKA_VALUE, templ, count,
+ &privKey->u.ec.privateValue, sdb);
+ if (crv != CKR_OK)
+ break;
+ if (lg_hasAttribute(CKA_NETSCAPE_DB, templ, count)) {
+ crv = lg_Attribute2SSecItem(arena, CKA_NETSCAPE_DB, templ, count,
+ &privKey->u.ec.publicValue);
+ if (crv != CKR_OK)
+ break;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ }
+ rv = DER_SetUInteger(privKey->arena, &privKey->u.ec.version,
+ NSSLOWKEY_EC_PRIVATE_KEY_VERSION);
+ if (rv != SECSuccess)
+ crv = CKR_HOST_MEMORY;
+ break;
+#endif /* NSS_DISABLE_ECC */
+
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ *crvp = crv;
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ return privKey;
+}
+
+/*
+ * check the consistancy and initialize a Private Key Object
+ */
+static CK_RV
+lg_createPrivateKeyObject(SDB *sdb, CK_KEY_TYPE key_type,
+ CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ NSSLOWKEYPrivateKey *privKey;
+ char *label;
+ SECStatus rv = SECSuccess;
+ CK_RV crv = CKR_DEVICE_ERROR;
+ SECItem pubKey;
+ NSSLOWKEYDBHandle *keyHandle = lg_getKeyDB(sdb);
+
+ if (keyHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ privKey = lg_mkPrivKey(sdb, templ, count, key_type, &crv);
+ if (privKey == NULL)
+ return crv;
+ label = lg_getString(CKA_LABEL, templ, count);
+
+ crv = lg_Attribute2SSecItem(NULL, CKA_NETSCAPE_DB, templ, count, &pubKey);
+ if (crv != CKR_OK) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ rv = SECFailure;
+ goto fail;
+ }
+#ifdef notdef
+ if (keyHandle->version != 3) {
+ unsigned char buf[SHA1_LENGTH];
+ SHA1_HashBuf(buf, pubKey.data, pubKey.len);
+ PORT_Memcpy(pubKey.data, buf, sizeof(buf));
+ pubKey.len = sizeof(buf);
+ }
+#endif
+ /* get the key type */
+ if (key_type == CKK_RSA) {
+ rv = RSA_PrivateKeyCheck(&privKey->u.rsa);
+ if (rv == SECFailure) {
+ goto fail;
+ }
+ }
+ rv = nsslowkey_StoreKeyByPublicKey(keyHandle, privKey, &pubKey,
+ label, sdb /*->password*/);
+
+fail:
+ if (label)
+ PORT_Free(label);
+ *handle = lg_mkHandle(sdb, &pubKey, LG_TOKEN_TYPE_PRIV);
+ if (pubKey.data)
+ PORT_Free(pubKey.data);
+ lg_nsslowkey_DestroyPrivateKey(privKey);
+ if (rv != SECSuccess)
+ return crv;
+
+ return CKR_OK;
+}
+
+#define LG_KEY_MAX_RETRIES 10 /* don't hang if we are having problems with the rng */
+#define LG_KEY_ID_SIZE 18 /* don't use either SHA1 or MD5 sizes */
+/*
+ * Secret keys must have a CKA_ID value to be stored in the database. This code
+ * will generate one if there wasn't one already.
+ */
+static CK_RV
+lg_GenerateSecretCKA_ID(NSSLOWKEYDBHandle *handle, SECItem *id, char *label)
+{
+ unsigned int retries;
+ SECStatus rv = SECSuccess;
+ CK_RV crv = CKR_OK;
+
+ id->data = NULL;
+ if (label) {
+ id->data = (unsigned char *)PORT_Strdup(label);
+ if (id->data == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ id->len = PORT_Strlen(label) + 1;
+ if (!nsslowkey_KeyForIDExists(handle, id)) {
+ return CKR_OK;
+ }
+ PORT_Free(id->data);
+ id->data = NULL;
+ id->len = 0;
+ }
+ id->data = (unsigned char *)PORT_Alloc(LG_KEY_ID_SIZE);
+ if (id->data == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ id->len = LG_KEY_ID_SIZE;
+
+ retries = 0;
+ do {
+ rv = RNG_GenerateGlobalRandomBytes(id->data, id->len);
+ } while (rv == SECSuccess && nsslowkey_KeyForIDExists(handle, id) &&
+ (++retries <= LG_KEY_MAX_RETRIES));
+
+ if ((rv != SECSuccess) || (retries > LG_KEY_MAX_RETRIES)) {
+ crv = CKR_DEVICE_ERROR; /* random number generator is bad */
+ PORT_Free(id->data);
+ id->data = NULL;
+ id->len = 0;
+ }
+ return crv;
+}
+
+static NSSLOWKEYPrivateKey *
+lg_mkSecretKeyRep(const CK_ATTRIBUTE *templ,
+ CK_ULONG count, CK_KEY_TYPE key_type,
+ SECItem *pubkey, SDB *sdbpw)
+{
+ NSSLOWKEYPrivateKey *privKey = 0;
+ PLArenaPool *arena = 0;
+ CK_KEY_TYPE keyType;
+ PRUint32 keyTypeStorage;
+ SECItem keyTypeItem;
+ CK_RV crv;
+ SECStatus rv;
+ static unsigned char derZero[1] = { 0 };
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ privKey = (NSSLOWKEYPrivateKey *)
+ PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPrivateKey));
+ if (privKey == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ privKey->arena = arena;
+
+ /* Secret keys are represented in the database as "fake" RSA keys.
+ * The RSA key is marked as a secret key representation by setting the
+ * public exponent field to 0, which is an invalid RSA exponent.
+ * The other fields are set as follows:
+ * modulus - CKA_ID value for the secret key
+ * private exponent - CKA_VALUE (the key itself)
+ * coefficient - CKA_KEY_TYPE, which indicates what encryption algorithm
+ * is used for the key.
+ * all others - set to integer 0
+ */
+ privKey->keyType = NSSLOWKEYRSAKey;
+
+ /* The modulus is set to the key id of the symmetric key */
+ privKey->u.rsa.modulus.data =
+ (unsigned char *)PORT_ArenaAlloc(arena, pubkey->len);
+ if (privKey->u.rsa.modulus.data == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ privKey->u.rsa.modulus.len = pubkey->len;
+ PORT_Memcpy(privKey->u.rsa.modulus.data, pubkey->data, pubkey->len);
+
+ /* The public exponent is set to 0 to indicate a special key */
+ privKey->u.rsa.publicExponent.len = sizeof derZero;
+ privKey->u.rsa.publicExponent.data = derZero;
+
+ /* The private exponent is the actual key value */
+ crv = lg_PrivAttr2SecItem(arena, CKA_VALUE, templ, count,
+ &privKey->u.rsa.privateExponent, sdbpw);
+ if (crv != CKR_OK)
+ goto loser;
+
+ /* All other fields empty - needs testing */
+ privKey->u.rsa.prime1.len = sizeof derZero;
+ privKey->u.rsa.prime1.data = derZero;
+
+ privKey->u.rsa.prime2.len = sizeof derZero;
+ privKey->u.rsa.prime2.data = derZero;
+
+ privKey->u.rsa.exponent1.len = sizeof derZero;
+ privKey->u.rsa.exponent1.data = derZero;
+
+ privKey->u.rsa.exponent2.len = sizeof derZero;
+ privKey->u.rsa.exponent2.data = derZero;
+
+ /* Coeficient set to KEY_TYPE */
+ crv = lg_GetULongAttribute(CKA_KEY_TYPE, templ, count, &keyType);
+ if (crv != CKR_OK)
+ goto loser;
+ /* on 64 bit platforms, we still want to store 32 bits of keyType (This is
+ * safe since the PKCS #11 defines for all types are 32 bits or less). */
+ keyTypeStorage = (PRUint32)keyType;
+ keyTypeStorage = PR_htonl(keyTypeStorage);
+ keyTypeItem.data = (unsigned char *)&keyTypeStorage;
+ keyTypeItem.len = sizeof(keyTypeStorage);
+ rv = SECITEM_CopyItem(arena, &privKey->u.rsa.coefficient, &keyTypeItem);
+ if (rv != SECSuccess) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ /* Private key version field set normally for compatibility */
+ rv = DER_SetUInteger(privKey->arena,
+ &privKey->u.rsa.version, NSSLOWKEY_VERSION);
+ if (rv != SECSuccess) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+loser:
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_FALSE);
+ privKey = 0;
+ }
+
+ return privKey;
+}
+
+/*
+ * check the consistancy and initialize a Secret Key Object
+ */
+static CK_RV
+lg_createSecretKeyObject(SDB *sdb, CK_KEY_TYPE key_type,
+ CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ CK_RV crv;
+ NSSLOWKEYPrivateKey *privKey = NULL;
+ NSSLOWKEYDBHandle *keyHandle = NULL;
+ SECItem pubKey;
+ char *label = NULL;
+ SECStatus rv = SECSuccess;
+
+ pubKey.data = 0;
+
+ /* If the object is a TOKEN object, store in the database */
+ keyHandle = lg_getKeyDB(sdb);
+
+ if (keyHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ label = lg_getString(CKA_LABEL, templ, count);
+
+ crv = lg_Attribute2SecItem(NULL, CKA_ID, templ, count, &pubKey);
+ /* Should this be ID? */
+ if (crv != CKR_OK)
+ goto loser;
+
+ /* if we don't have an ID, generate one */
+ if (pubKey.len == 0) {
+ if (pubKey.data) {
+ PORT_Free(pubKey.data);
+ pubKey.data = NULL;
+ }
+ crv = lg_GenerateSecretCKA_ID(keyHandle, &pubKey, label);
+ if (crv != CKR_OK)
+ goto loser;
+ }
+
+ privKey = lg_mkSecretKeyRep(templ, count, key_type, &pubKey, sdb);
+ if (privKey == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ rv = nsslowkey_StoreKeyByPublicKey(keyHandle,
+ privKey, &pubKey, label, sdb /*->password*/);
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ *handle = lg_mkHandle(sdb, &pubKey, LG_TOKEN_TYPE_KEY);
+
+loser:
+ if (label)
+ PORT_Free(label);
+ if (privKey)
+ lg_nsslowkey_DestroyPrivateKey(privKey);
+ if (pubKey.data)
+ PORT_Free(pubKey.data);
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Key Object
+ */
+static CK_RV
+lg_createKeyObject(SDB *sdb, CK_OBJECT_CLASS objclass,
+ CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ CK_RV crv;
+ CK_KEY_TYPE key_type;
+
+ /* get the key type */
+ crv = lg_GetULongAttribute(CKA_KEY_TYPE, templ, count, &key_type);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ switch (objclass) {
+ case CKO_PUBLIC_KEY:
+ return lg_createPublicKeyObject(sdb, key_type, handle, templ, count);
+ case CKO_PRIVATE_KEY:
+ return lg_createPrivateKeyObject(sdb, key_type, handle, templ, count);
+ case CKO_SECRET_KEY:
+ return lg_createSecretKeyObject(sdb, key_type, handle, templ, count);
+ default:
+ break;
+ }
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+}
+
+/*
+ * Parse the template and create an object stored in the DB that reflects.
+ * the object specified in the database.
+ */
+CK_RV
+lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ CK_RV crv;
+ CK_OBJECT_CLASS objclass;
+
+ /* get the object class */
+ crv = lg_GetULongAttribute(CKA_CLASS, templ, count, &objclass);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /* Now handle the specific object class.
+ */
+ switch (objclass) {
+ case CKO_CERTIFICATE:
+ crv = lg_createCertObject(sdb, handle, templ, count);
+ break;
+ case CKO_NSS_TRUST:
+ crv = lg_createTrustObject(sdb, handle, templ, count);
+ break;
+ case CKO_NSS_CRL:
+ crv = lg_createCrlObject(sdb, handle, templ, count);
+ break;
+ case CKO_NSS_SMIME:
+ crv = lg_createSMimeObject(sdb, handle, templ, count);
+ break;
+ case CKO_PRIVATE_KEY:
+ case CKO_PUBLIC_KEY:
+ case CKO_SECRET_KEY:
+ crv = lg_createKeyObject(sdb, objclass, handle, templ, count);
+ break;
+ default:
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+
+ return crv;
+}
diff --git a/security/nss/lib/softoken/legacydb/lgdb.h b/security/nss/lib/softoken/legacydb/lgdb.h
new file mode 100644
index 000000000..ee80f4b77
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgdb.h
@@ -0,0 +1,175 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal data structures and functions used by pkcs11.c
+ */
+#ifndef _LGDB_H_
+#define _LGDB_H_ 1
+
+#include "nssilock.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "lowkeyti.h"
+#include "pkcs11t.h"
+#include "sdb.h"
+#include "cdbhdl.h"
+
+#define MULTIACCESS "multiaccess:"
+
+/* path stuff (was machine dependent) used by dbinit.c and pk11db.c */
+#define PATH_SEPARATOR "/"
+#define SECMOD_DB "secmod.db"
+#define CERT_DB_FMT "%scert%s.db"
+#define KEY_DB_FMT "%skey%s.db"
+
+SEC_BEGIN_PROTOS
+
+/* internal utility functions used by pkcs11.c */
+extern const CK_ATTRIBUTE *lg_FindAttribute(CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count);
+extern CK_RV lg_Attribute2SecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item);
+extern CK_RV lg_Attribute2SSecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item);
+extern CK_RV lg_PrivAttr2SecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item, SDB *sdbpw);
+extern CK_RV lg_PrivAttr2SSecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item, SDB *sdbpw);
+extern CK_RV lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ CK_ULONG *out);
+extern PRBool lg_hasAttribute(CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count);
+extern PRBool lg_isTrue(CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count);
+extern PRBool lg_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
+extern char *lg_getString(CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count);
+extern unsigned int lg_MapTrust(CK_TRUST trust, PRBool clientAuth);
+
+/* clear out all the existing object ID to database key mappings.
+ * used to reinit a token */
+extern CK_RV lg_ClearTokenKeyHashTable(SDB *sdb);
+
+extern void lg_FreeSearch(SDBFind *search);
+
+NSSLOWCERTCertDBHandle *lg_getCertDB(SDB *sdb);
+NSSLOWKEYDBHandle *lg_getKeyDB(SDB *sdb);
+
+const char *lg_EvaluateConfigDir(const char *configdir, char **domain);
+
+/* verify the FIPS selftests ran and were successful */
+PRBool lg_FIPSEntryOK(void);
+
+/*
+ * object handle modifiers
+ */
+#define LG_TOKEN_MASK 0xc0000000L
+#define LG_TOKEN_TYPE_MASK 0x38000000L
+#define LG_TOKEN_TYPE_SHIFT 27
+/* keydb (high bit == 0) */
+#define LG_TOKEN_TYPE_PRIV 0x08000000L
+#define LG_TOKEN_TYPE_PUB 0x10000000L
+#define LG_TOKEN_TYPE_KEY 0x18000000L
+/* certdb (high bit == 1) */
+#define LG_TOKEN_TYPE_TRUST 0x20000000L
+#define LG_TOKEN_TYPE_CRL 0x28000000L
+#define LG_TOKEN_TYPE_SMIME 0x30000000L
+#define LG_TOKEN_TYPE_CERT 0x38000000L
+
+#define LG_TOKEN_KRL_HANDLE (LG_TOKEN_TYPE_CRL | 1)
+
+#define LG_SEARCH_BLOCK_SIZE 10
+#define LG_BUF_SPACE 50
+#define LG_STRICT PR_FALSE
+
+/*
+ * token object utilities
+ */
+void lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle);
+PRBool lg_poisonHandle(SDB *sdb, SECItem *dbkey, CK_OBJECT_HANDLE handle);
+PRBool lg_tokenMatch(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE class,
+ const CK_ATTRIBUTE *templ, CK_ULONG count);
+const SECItem *lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle);
+CK_OBJECT_HANDLE lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class);
+SECStatus lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle);
+
+SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdbpw,
+ SECItem *plainText, SECItem **cipherText);
+SECStatus lg_util_decrypt(SDB *sdbpw,
+ SECItem *cipherText, SECItem **plainText);
+PLHashTable *lg_GetHashTable(SDB *sdb);
+void lg_DBLock(SDB *sdb);
+void lg_DBUnlock(SDB *sdb);
+
+typedef void (*LGFreeFunc)(void *);
+
+/*
+ * database functions
+ */
+
+/* lg_FindObjectsInit initializes a search for token and session objects
+ * that match a template. */
+CK_RV lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate,
+ CK_ULONG ulCount, SDBFind **search);
+/* lg_FindObjects continues a search for token and session objects
+ * that match a template, obtaining additional object handles. */
+CK_RV lg_FindObjects(SDB *sdb, SDBFind *search,
+ CK_OBJECT_HANDLE *phObject, CK_ULONG ulMaxObjectCount,
+ CK_ULONG *pulObjectCount);
+
+/* lg_FindObjectsFinal finishes a search for token and session objects. */
+CK_RV lg_FindObjectsFinal(SDB *lgdb, SDBFind *search);
+
+/* lg_CreateObject parses the template and create an object stored in the
+ * DB that reflects the object specified in the template. */
+CK_RV lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
+ const CK_ATTRIBUTE *templ, CK_ULONG count);
+
+CK_RV lg_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id,
+ CK_ATTRIBUTE *template, CK_ULONG count);
+CK_RV lg_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id,
+ const CK_ATTRIBUTE *template, CK_ULONG count);
+CK_RV lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id);
+
+CK_RV lg_Close(SDB *sdb);
+CK_RV lg_Reset(SDB *sdb);
+
+/*
+ * The old database doesn't share and doesn't support
+ * transactions.
+ */
+CK_RV lg_Begin(SDB *sdb);
+CK_RV lg_Commit(SDB *sdb);
+CK_RV lg_Abort(SDB *sdb);
+CK_RV lg_GetMetaData(SDB *sdb, const char *id, SECItem *item1, SECItem *item2);
+CK_RV lg_PutMetaData(SDB *sdb, const char *id,
+ const SECItem *item1, const SECItem *item2);
+
+SEC_END_PROTOS
+
+#ifndef XP_UNIX
+
+#define NO_FORK_CHECK
+
+#endif
+
+#ifndef NO_FORK_CHECK
+
+extern PRBool lg_parentForkedAfterC_Initialize;
+#define SKIP_AFTER_FORK(x) \
+ if (!lg_parentForkedAfterC_Initialize) \
+ x
+
+#else
+
+#define SKIP_AFTER_FORK(x) x
+
+#endif /* NO_FORK_CHECK */
+
+#endif /* _LGDB_H_ */
diff --git a/security/nss/lib/softoken/legacydb/lgdestroy.c b/security/nss/lib/softoken/legacydb/lgdestroy.c
new file mode 100644
index 000000000..1e3839d7b
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgdestroy.c
@@ -0,0 +1,110 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal PKCS #11 functions. Should only be called by pkcs11.c
+ */
+#include "pkcs11.h"
+#include "lgdb.h"
+#include "pcert.h"
+#include "lowkeyi.h"
+
+/*
+ * remove an object.
+ */
+CK_RV
+lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id)
+{
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+ NSSLOWCERTCertificate *cert;
+ NSSLOWCERTCertTrust tmptrust;
+ PRBool isKrl;
+ NSSLOWKEYDBHandle *keyHandle;
+ NSSLOWCERTCertDBHandle *certHandle;
+ const SECItem *dbKey;
+
+ object_id &= ~LG_TOKEN_MASK;
+ dbKey = lg_lookupTokenKeyByHandle(sdb, object_id);
+ if (dbKey == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ /* remove the objects from the real data base */
+ switch (object_id & LG_TOKEN_TYPE_MASK) {
+ case LG_TOKEN_TYPE_PRIV:
+ case LG_TOKEN_TYPE_KEY:
+ /* KEYID is the public KEY for DSA and DH, and the MODULUS for
+ * RSA */
+ keyHandle = lg_getKeyDB(sdb);
+ if (!keyHandle) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ break;
+ }
+ rv = nsslowkey_DeleteKey(keyHandle, dbKey);
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ }
+ break;
+ case LG_TOKEN_TYPE_PUB:
+ break; /* public keys only exist at the behest of the priv key */
+ case LG_TOKEN_TYPE_CERT:
+ certHandle = lg_getCertDB(sdb);
+ if (!certHandle) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ break;
+ }
+ cert = nsslowcert_FindCertByKey(certHandle, dbKey);
+ if (cert == NULL) {
+ crv = CKR_DEVICE_ERROR;
+ break;
+ }
+ rv = nsslowcert_DeletePermCertificate(cert);
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ }
+ nsslowcert_DestroyCertificate(cert);
+ break;
+ case LG_TOKEN_TYPE_CRL:
+ certHandle = lg_getCertDB(sdb);
+ if (!certHandle) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ break;
+ }
+ isKrl = (PRBool)(object_id == LG_TOKEN_KRL_HANDLE);
+ rv = nsslowcert_DeletePermCRL(certHandle, dbKey, isKrl);
+ if (rv == SECFailure)
+ crv = CKR_DEVICE_ERROR;
+ break;
+ case LG_TOKEN_TYPE_TRUST:
+ certHandle = lg_getCertDB(sdb);
+ if (!certHandle) {
+ crv = CKR_TOKEN_WRITE_PROTECTED;
+ break;
+ }
+ cert = nsslowcert_FindCertByKey(certHandle, dbKey);
+ if (cert == NULL) {
+ crv = CKR_DEVICE_ERROR;
+ break;
+ }
+ tmptrust = *cert->trust;
+ tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS;
+ tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS;
+ tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS;
+ tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN;
+ tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN;
+ tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN;
+ rv = nsslowcert_ChangeCertTrust(certHandle, cert, &tmptrust);
+ if (rv != SECSuccess)
+ crv = CKR_DEVICE_ERROR;
+ nsslowcert_DestroyCertificate(cert);
+ break;
+ default:
+ break;
+ }
+ lg_DBLock(sdb);
+ lg_deleteTokenKeyByHandle(sdb, object_id);
+ lg_DBUnlock(sdb);
+
+ return crv;
+}
diff --git a/security/nss/lib/softoken/legacydb/lgfind.c b/security/nss/lib/softoken/legacydb/lgfind.c
new file mode 100644
index 000000000..288e56cac
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgfind.c
@@ -0,0 +1,912 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "secitem.h"
+#include "pkcs11.h"
+#include "lgdb.h"
+#include "lowkeyi.h"
+#include "pcert.h"
+#include "blapi.h"
+
+#include "keydbi.h"
+
+/*
+ * This code maps PKCS #11 Finds to legacy database searches. This code
+ * was orginally in pkcs11.c in previous versions of NSS.
+ */
+
+struct SDBFindStr {
+ CK_OBJECT_HANDLE *handles;
+ int size;
+ int index;
+ int array_size;
+};
+
+/*
+ * free a search structure
+ */
+void
+lg_FreeSearch(SDBFind *search)
+{
+ if (search->handles) {
+ PORT_Free(search->handles);
+ }
+ PORT_Free(search);
+}
+
+void
+lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle)
+{
+ if (search->handles == NULL) {
+ return;
+ }
+ if (search->size >= search->array_size) {
+ search->array_size += LG_SEARCH_BLOCK_SIZE;
+ search->handles = (CK_OBJECT_HANDLE *)PORT_Realloc(search->handles,
+ sizeof(CK_OBJECT_HANDLE) * search->array_size);
+ if (search->handles == NULL) {
+ return;
+ }
+ }
+ search->handles[search->size] = handle;
+ search->size++;
+}
+
+/*
+ * find any certs that may match the template and load them.
+ */
+#define LG_CERT 0x00000001
+#define LG_TRUST 0x00000002
+#define LG_CRL 0x00000004
+#define LG_SMIME 0x00000008
+#define LG_PRIVATE 0x00000010
+#define LG_PUBLIC 0x00000020
+#define LG_KEY 0x00000040
+
+/*
+ * structure to collect key handles.
+ */
+typedef struct lgEntryDataStr {
+ SDB *sdb;
+ SDBFind *searchHandles;
+ const CK_ATTRIBUTE *template;
+ CK_ULONG templ_count;
+} lgEntryData;
+
+static SECStatus
+lg_crl_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
+{
+ lgEntryData *crlData;
+ CK_OBJECT_HANDLE class_handle;
+ SDB *sdb;
+
+ crlData = (lgEntryData *)arg;
+ sdb = crlData->sdb;
+
+ class_handle = (type == certDBEntryTypeRevocation) ? LG_TOKEN_TYPE_CRL : LG_TOKEN_KRL_HANDLE;
+ if (lg_tokenMatch(sdb, key, class_handle,
+ crlData->template, crlData->templ_count)) {
+ lg_addHandle(crlData->searchHandles,
+ lg_mkHandle(sdb, key, class_handle));
+ }
+ return (SECSuccess);
+}
+
+static void
+lg_searchCrls(SDB *sdb, SECItem *derSubject, PRBool isKrl,
+ unsigned long classFlags, SDBFind *search,
+ const CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
+{
+ NSSLOWCERTCertDBHandle *certHandle = NULL;
+
+ certHandle = lg_getCertDB(sdb);
+ if (certHandle == NULL) {
+ return;
+ }
+ if (derSubject->data != NULL) {
+ certDBEntryRevocation *crl =
+ nsslowcert_FindCrlByKey(certHandle, derSubject, isKrl);
+
+ if (crl != NULL) {
+ lg_addHandle(search, lg_mkHandle(sdb, derSubject,
+ isKrl ? LG_TOKEN_KRL_HANDLE : LG_TOKEN_TYPE_CRL));
+ nsslowcert_DestroyDBEntry((certDBEntry *)crl);
+ }
+ } else {
+ lgEntryData crlData;
+
+ /* traverse */
+ crlData.sdb = sdb;
+ crlData.searchHandles = search;
+ crlData.template = pTemplate;
+ crlData.templ_count = ulCount;
+ nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeRevocation,
+ lg_crl_collect, (void *)&crlData);
+ nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeKeyRevocation,
+ lg_crl_collect, (void *)&crlData);
+ }
+}
+
+/*
+ * structure to collect key handles.
+ */
+typedef struct lgKeyDataStr {
+ SDB *sdb;
+ NSSLOWKEYDBHandle *keyHandle;
+ SDBFind *searchHandles;
+ SECItem *id;
+ const CK_ATTRIBUTE *template;
+ CK_ULONG templ_count;
+ unsigned long classFlags;
+ PRBool strict;
+} lgKeyData;
+
+static PRBool
+isSecretKey(NSSLOWKEYPrivateKey *privKey)
+{
+ if (privKey->keyType == NSSLOWKEYRSAKey &&
+ privKey->u.rsa.publicExponent.len == 1 &&
+ privKey->u.rsa.publicExponent.data[0] == 0)
+ return PR_TRUE;
+
+ return PR_FALSE;
+}
+
+static SECStatus
+lg_key_collect(DBT *key, DBT *data, void *arg)
+{
+ lgKeyData *keyData;
+ NSSLOWKEYPrivateKey *privKey = NULL;
+ SECItem tmpDBKey;
+ SDB *sdb;
+ unsigned long classFlags;
+
+ keyData = (lgKeyData *)arg;
+ sdb = keyData->sdb;
+ classFlags = keyData->classFlags;
+
+ tmpDBKey.data = key->data;
+ tmpDBKey.len = key->size;
+ tmpDBKey.type = siBuffer;
+
+ PORT_Assert(keyData->keyHandle);
+ if (!keyData->strict && keyData->id && keyData->id->data) {
+ SECItem result;
+ PRBool haveMatch = PR_FALSE;
+ unsigned char hashKey[SHA1_LENGTH];
+ result.data = hashKey;
+ result.len = sizeof(hashKey);
+
+ if (keyData->id->len == 0) {
+ /* Make sure this isn't a LG_KEY */
+ privKey = nsslowkey_FindKeyByPublicKey(keyData->keyHandle,
+ &tmpDBKey, keyData->sdb /*->password*/);
+ if (privKey) {
+ /* turn off the unneeded class flags */
+ classFlags &= isSecretKey(privKey) ? ~(LG_PRIVATE | LG_PUBLIC) : ~LG_KEY;
+ haveMatch = (PRBool)((classFlags & (LG_KEY | LG_PRIVATE | LG_PUBLIC)) != 0);
+ lg_nsslowkey_DestroyPrivateKey(privKey);
+ }
+ } else {
+ SHA1_HashBuf(hashKey, key->data, key->size); /* match id */
+ haveMatch = SECITEM_ItemsAreEqual(keyData->id, &result);
+ if (!haveMatch && ((unsigned char *)key->data)[0] == 0) {
+ /* This is a fix for backwards compatibility. The key
+ * database indexes private keys by the public key, and
+ * versions of NSS prior to 3.4 stored the public key as
+ * a signed integer. The public key is now treated as an
+ * unsigned integer, with no leading zero. In order to
+ * correctly compute the hash of an old key, it is necessary
+ * to fallback and detect the leading zero.
+ */
+ SHA1_HashBuf(hashKey,
+ (unsigned char *)key->data + 1, key->size - 1);
+ haveMatch = SECITEM_ItemsAreEqual(keyData->id, &result);
+ }
+ }
+ if (haveMatch) {
+ if (classFlags & LG_PRIVATE) {
+ lg_addHandle(keyData->searchHandles,
+ lg_mkHandle(sdb, &tmpDBKey, LG_TOKEN_TYPE_PRIV));
+ }
+ if (classFlags & LG_PUBLIC) {
+ lg_addHandle(keyData->searchHandles,
+ lg_mkHandle(sdb, &tmpDBKey, LG_TOKEN_TYPE_PUB));
+ }
+ if (classFlags & LG_KEY) {
+ lg_addHandle(keyData->searchHandles,
+ lg_mkHandle(sdb, &tmpDBKey, LG_TOKEN_TYPE_KEY));
+ }
+ }
+ return SECSuccess;
+ }
+
+ privKey = nsslowkey_FindKeyByPublicKey(keyData->keyHandle, &tmpDBKey,
+ keyData->sdb /*->password*/);
+ if (privKey == NULL) {
+ goto loser;
+ }
+
+ if (isSecretKey(privKey)) {
+ if ((classFlags & LG_KEY) &&
+ lg_tokenMatch(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_KEY,
+ keyData->template, keyData->templ_count)) {
+ lg_addHandle(keyData->searchHandles,
+ lg_mkHandle(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_KEY));
+ }
+ } else {
+ if ((classFlags & LG_PRIVATE) &&
+ lg_tokenMatch(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_PRIV,
+ keyData->template, keyData->templ_count)) {
+ lg_addHandle(keyData->searchHandles,
+ lg_mkHandle(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_PRIV));
+ }
+ if ((classFlags & LG_PUBLIC) &&
+ lg_tokenMatch(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_PUB,
+ keyData->template, keyData->templ_count)) {
+ lg_addHandle(keyData->searchHandles,
+ lg_mkHandle(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_PUB));
+ }
+ }
+
+loser:
+ if (privKey) {
+ lg_nsslowkey_DestroyPrivateKey(privKey);
+ }
+ return (SECSuccess);
+}
+
+static void
+lg_searchKeys(SDB *sdb, SECItem *key_id,
+ unsigned long classFlags, SDBFind *search, PRBool mustStrict,
+ const CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
+{
+ NSSLOWKEYDBHandle *keyHandle = NULL;
+ NSSLOWKEYPrivateKey *privKey;
+ lgKeyData keyData;
+ PRBool found = PR_FALSE;
+
+ keyHandle = lg_getKeyDB(sdb);
+ if (keyHandle == NULL) {
+ return;
+ }
+
+ if (key_id->data) {
+ privKey = nsslowkey_FindKeyByPublicKey(keyHandle, key_id, sdb);
+ if (privKey) {
+ if ((classFlags & LG_KEY) && isSecretKey(privKey)) {
+ lg_addHandle(search,
+ lg_mkHandle(sdb, key_id, LG_TOKEN_TYPE_KEY));
+ found = PR_TRUE;
+ }
+ if ((classFlags & LG_PRIVATE) && !isSecretKey(privKey)) {
+ lg_addHandle(search,
+ lg_mkHandle(sdb, key_id, LG_TOKEN_TYPE_PRIV));
+ found = PR_TRUE;
+ }
+ if ((classFlags & LG_PUBLIC) && !isSecretKey(privKey)) {
+ lg_addHandle(search,
+ lg_mkHandle(sdb, key_id, LG_TOKEN_TYPE_PUB));
+ found = PR_TRUE;
+ }
+ lg_nsslowkey_DestroyPrivateKey(privKey);
+ }
+ /* don't do the traversal if we have an up to date db */
+ if (keyHandle->version != 3) {
+ goto loser;
+ }
+ /* don't do the traversal if it can't possibly be the correct id */
+ /* all soft token id's are SHA1_HASH_LEN's */
+ if (key_id->len != SHA1_LENGTH) {
+ goto loser;
+ }
+ if (found) {
+ /* if we already found some keys, don't do the traversal */
+ goto loser;
+ }
+ }
+ keyData.sdb = sdb;
+ keyData.keyHandle = keyHandle;
+ keyData.searchHandles = search;
+ keyData.id = key_id;
+ keyData.template = pTemplate;
+ keyData.templ_count = ulCount;
+ keyData.classFlags = classFlags;
+ keyData.strict = mustStrict ? mustStrict : LG_STRICT;
+
+ nsslowkey_TraverseKeys(keyHandle, lg_key_collect, &keyData);
+
+loser:
+ return;
+}
+
+/*
+ * structure to collect certs into
+ */
+typedef struct lgCertDataStr {
+ SDB *sdb;
+ int cert_count;
+ int max_cert_count;
+ NSSLOWCERTCertificate **certs;
+ const CK_ATTRIBUTE *template;
+ CK_ULONG templ_count;
+ unsigned long classFlags;
+ PRBool strict;
+} lgCertData;
+
+/*
+ * collect all the certs from the traverse call.
+ */
+static SECStatus
+lg_cert_collect(NSSLOWCERTCertificate *cert, void *arg)
+{
+ lgCertData *cd = (lgCertData *)arg;
+
+ if (cert == NULL) {
+ return SECSuccess;
+ }
+
+ if (cd->certs == NULL) {
+ return SECFailure;
+ }
+
+ if (cd->strict) {
+ if ((cd->classFlags & LG_CERT) &&
+ !lg_tokenMatch(cd->sdb, &cert->certKey, LG_TOKEN_TYPE_CERT, cd->template, cd->templ_count)) {
+ return SECSuccess;
+ }
+ if ((cd->classFlags & LG_TRUST) &&
+ !lg_tokenMatch(cd->sdb, &cert->certKey, LG_TOKEN_TYPE_TRUST, cd->template, cd->templ_count)) {
+ return SECSuccess;
+ }
+ }
+
+ /* allocate more space if we need it. This should only happen in
+ * the general traversal case */
+ if (cd->cert_count >= cd->max_cert_count) {
+ int size;
+ cd->max_cert_count += LG_SEARCH_BLOCK_SIZE;
+ size = cd->max_cert_count * sizeof(NSSLOWCERTCertificate *);
+ cd->certs = (NSSLOWCERTCertificate **)PORT_Realloc(cd->certs, size);
+ if (cd->certs == NULL) {
+ return SECFailure;
+ }
+ }
+
+ cd->certs[cd->cert_count++] = nsslowcert_DupCertificate(cert);
+ return SECSuccess;
+}
+
+/* provide impedence matching ... */
+static SECStatus
+lg_cert_collect2(NSSLOWCERTCertificate *cert, SECItem *dymmy, void *arg)
+{
+ return lg_cert_collect(cert, arg);
+}
+
+static void
+lg_searchSingleCert(lgCertData *certData, NSSLOWCERTCertificate *cert)
+{
+ if (cert == NULL) {
+ return;
+ }
+ if (certData->strict &&
+ !lg_tokenMatch(certData->sdb, &cert->certKey, LG_TOKEN_TYPE_CERT,
+ certData->template, certData->templ_count)) {
+ nsslowcert_DestroyCertificate(cert);
+ return;
+ }
+ certData->certs = (NSSLOWCERTCertificate **)
+ PORT_Alloc(sizeof(NSSLOWCERTCertificate *));
+ if (certData->certs == NULL) {
+ nsslowcert_DestroyCertificate(cert);
+ return;
+ }
+ certData->certs[0] = cert;
+ certData->cert_count = 1;
+}
+
+static void
+lg_CertSetupData(lgCertData *certData, int count)
+{
+ certData->max_cert_count = count;
+
+ if (certData->max_cert_count <= 0) {
+ return;
+ }
+ certData->certs = (NSSLOWCERTCertificate **)
+ PORT_Alloc(count * sizeof(NSSLOWCERTCertificate *));
+ return;
+}
+
+static void
+lg_searchCertsAndTrust(SDB *sdb, SECItem *derCert, SECItem *name,
+ SECItem *derSubject, NSSLOWCERTIssuerAndSN *issuerSN,
+ SECItem *email,
+ unsigned long classFlags, SDBFind *handles,
+ const CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
+{
+ NSSLOWCERTCertDBHandle *certHandle = NULL;
+ lgCertData certData;
+ int i;
+
+ certHandle = lg_getCertDB(sdb);
+ if (certHandle == NULL)
+ return;
+
+ certData.sdb = sdb;
+ certData.max_cert_count = 0;
+ certData.certs = NULL;
+ certData.cert_count = 0;
+ certData.template = pTemplate;
+ certData.templ_count = ulCount;
+ certData.classFlags = classFlags;
+ certData.strict = LG_STRICT;
+
+ /*
+ * Find the Cert.
+ */
+ if (derCert->data != NULL) {
+ NSSLOWCERTCertificate *cert =
+ nsslowcert_FindCertByDERCert(certHandle, derCert);
+ lg_searchSingleCert(&certData, cert);
+ } else if (name->data != NULL) {
+ char *tmp_name = (char *)PORT_Alloc(name->len + 1);
+ int count;
+
+ if (tmp_name == NULL) {
+ return;
+ }
+ PORT_Memcpy(tmp_name, name->data, name->len);
+ tmp_name[name->len] = 0;
+
+ count = nsslowcert_NumPermCertsForNickname(certHandle, tmp_name);
+ lg_CertSetupData(&certData, count);
+ nsslowcert_TraversePermCertsForNickname(certHandle, tmp_name,
+ lg_cert_collect, &certData);
+ PORT_Free(tmp_name);
+ } else if (derSubject->data != NULL) {
+ int count;
+
+ count = nsslowcert_NumPermCertsForSubject(certHandle, derSubject);
+ lg_CertSetupData(&certData, count);
+ nsslowcert_TraversePermCertsForSubject(certHandle, derSubject,
+ lg_cert_collect, &certData);
+ } else if ((issuerSN->derIssuer.data != NULL) &&
+ (issuerSN->serialNumber.data != NULL)) {
+ if (classFlags & LG_CERT) {
+ NSSLOWCERTCertificate *cert =
+ nsslowcert_FindCertByIssuerAndSN(certHandle, issuerSN);
+
+ lg_searchSingleCert(&certData, cert);
+ }
+ if (classFlags & LG_TRUST) {
+ NSSLOWCERTTrust *trust =
+ nsslowcert_FindTrustByIssuerAndSN(certHandle, issuerSN);
+
+ if (trust) {
+ lg_addHandle(handles,
+ lg_mkHandle(sdb, &trust->dbKey, LG_TOKEN_TYPE_TRUST));
+ nsslowcert_DestroyTrust(trust);
+ }
+ }
+ } else if (email->data != NULL) {
+ char *tmp_name = (char *)PORT_Alloc(email->len + 1);
+ certDBEntrySMime *entry = NULL;
+
+ if (tmp_name == NULL) {
+ return;
+ }
+ PORT_Memcpy(tmp_name, email->data, email->len);
+ tmp_name[email->len] = 0;
+
+ entry = nsslowcert_ReadDBSMimeEntry(certHandle, tmp_name);
+ if (entry) {
+ int count;
+ SECItem *subjectName = &entry->subjectName;
+
+ count = nsslowcert_NumPermCertsForSubject(certHandle, subjectName);
+ lg_CertSetupData(&certData, count);
+ nsslowcert_TraversePermCertsForSubject(certHandle, subjectName,
+ lg_cert_collect, &certData);
+
+ nsslowcert_DestroyDBEntry((certDBEntry *)entry);
+ }
+ PORT_Free(tmp_name);
+ } else {
+ /* we aren't filtering the certs, we are working on all, so turn
+ * on the strict filters. */
+ certData.strict = PR_TRUE;
+ lg_CertSetupData(&certData, LG_SEARCH_BLOCK_SIZE);
+ nsslowcert_TraversePermCerts(certHandle, lg_cert_collect2, &certData);
+ }
+
+ /*
+ * build the handles
+ */
+ for (i = 0; i < certData.cert_count; i++) {
+ NSSLOWCERTCertificate *cert = certData.certs[i];
+
+ /* if we filtered it would have been on the stuff above */
+ if (classFlags & LG_CERT) {
+ lg_addHandle(handles,
+ lg_mkHandle(sdb, &cert->certKey, LG_TOKEN_TYPE_CERT));
+ }
+ if ((classFlags & LG_TRUST) && nsslowcert_hasTrust(cert->trust)) {
+ lg_addHandle(handles,
+ lg_mkHandle(sdb, &cert->certKey, LG_TOKEN_TYPE_TRUST));
+ }
+ nsslowcert_DestroyCertificate(cert);
+ }
+
+ if (certData.certs)
+ PORT_Free(certData.certs);
+ return;
+}
+
+static SECStatus
+lg_smime_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
+{
+ lgEntryData *smimeData;
+ SDB *sdb;
+
+ smimeData = (lgEntryData *)arg;
+ sdb = smimeData->sdb;
+
+ if (lg_tokenMatch(sdb, key, LG_TOKEN_TYPE_SMIME,
+ smimeData->template, smimeData->templ_count)) {
+ lg_addHandle(smimeData->searchHandles,
+ lg_mkHandle(sdb, key, LG_TOKEN_TYPE_SMIME));
+ }
+ return (SECSuccess);
+}
+
+static void
+lg_searchSMime(SDB *sdb, SECItem *email, SDBFind *handles,
+ const CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
+{
+ NSSLOWCERTCertDBHandle *certHandle = NULL;
+ certDBEntrySMime *entry;
+
+ certHandle = lg_getCertDB(sdb);
+ if (certHandle == NULL)
+ return;
+
+ if (email->data != NULL) {
+ char *tmp_name = (char *)PORT_Alloc(email->len + 1);
+
+ if (tmp_name == NULL) {
+ return;
+ }
+ PORT_Memcpy(tmp_name, email->data, email->len);
+ tmp_name[email->len] = 0;
+
+ entry = nsslowcert_ReadDBSMimeEntry(certHandle, tmp_name);
+ if (entry) {
+ SECItem emailKey;
+
+ emailKey.data = (unsigned char *)tmp_name;
+ emailKey.len = PORT_Strlen(tmp_name) + 1;
+ emailKey.type = 0;
+ lg_addHandle(handles,
+ lg_mkHandle(sdb, &emailKey, LG_TOKEN_TYPE_SMIME));
+ nsslowcert_DestroyDBEntry((certDBEntry *)entry);
+ }
+ PORT_Free(tmp_name);
+ } else {
+ /* traverse */
+ lgEntryData smimeData;
+
+ /* traverse */
+ smimeData.sdb = sdb;
+ smimeData.searchHandles = handles;
+ smimeData.template = pTemplate;
+ smimeData.templ_count = ulCount;
+ nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeSMimeProfile,
+ lg_smime_collect, (void *)&smimeData);
+ }
+ return;
+}
+
+static CK_RV
+lg_searchTokenList(SDB *sdb, SDBFind *search,
+ const CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
+{
+ int i;
+ PRBool isKrl = PR_FALSE;
+ SECItem derCert = { siBuffer, NULL, 0 };
+ SECItem derSubject = { siBuffer, NULL, 0 };
+ SECItem name = { siBuffer, NULL, 0 };
+ SECItem email = { siBuffer, NULL, 0 };
+ SECItem key_id = { siBuffer, NULL, 0 };
+ SECItem cert_sha1_hash = { siBuffer, NULL, 0 };
+ SECItem cert_md5_hash = { siBuffer, NULL, 0 };
+ NSSLOWCERTIssuerAndSN issuerSN = {
+ { siBuffer, NULL, 0 },
+ { siBuffer, NULL, 0 }
+ };
+ SECItem *copy = NULL;
+ CK_CERTIFICATE_TYPE certType;
+ CK_OBJECT_CLASS objectClass;
+ CK_RV crv;
+ unsigned long classFlags;
+
+ if (lg_getCertDB(sdb) == NULL) {
+ classFlags = LG_PRIVATE | LG_KEY;
+ } else {
+ classFlags = LG_CERT | LG_TRUST | LG_PUBLIC | LG_SMIME | LG_CRL;
+ }
+
+ /*
+ * look for things to search on token objects for. If the right options
+ * are specified, we can use them as direct indeces into the database
+ * (rather than using linear searches. We can also use the attributes to
+ * limit the kinds of objects we are searching for. Later we can use this
+ * array to filter the remaining objects more finely.
+ */
+ for (i = 0; classFlags && i < (int)ulCount; i++) {
+
+ switch (pTemplate[i].type) {
+ case CKA_SUBJECT:
+ copy = &derSubject;
+ classFlags &= (LG_CERT | LG_PRIVATE | LG_PUBLIC | LG_SMIME | LG_CRL);
+ break;
+ case CKA_ISSUER:
+ copy = &issuerSN.derIssuer;
+ classFlags &= (LG_CERT | LG_TRUST);
+ break;
+ case CKA_SERIAL_NUMBER:
+ copy = &issuerSN.serialNumber;
+ classFlags &= (LG_CERT | LG_TRUST);
+ break;
+ case CKA_VALUE:
+ copy = &derCert;
+ classFlags &= (LG_CERT | LG_CRL | LG_SMIME);
+ break;
+ case CKA_LABEL:
+ copy = &name;
+ break;
+ case CKA_NETSCAPE_EMAIL:
+ copy = &email;
+ classFlags &= LG_SMIME | LG_CERT;
+ break;
+ case CKA_NETSCAPE_SMIME_TIMESTAMP:
+ classFlags &= LG_SMIME;
+ break;
+ case CKA_CLASS:
+ crv = lg_GetULongAttribute(CKA_CLASS, &pTemplate[i], 1, &objectClass);
+ if (crv != CKR_OK) {
+ classFlags = 0;
+ break;
+ }
+ switch (objectClass) {
+ case CKO_CERTIFICATE:
+ classFlags &= LG_CERT;
+ break;
+ case CKO_NETSCAPE_TRUST:
+ classFlags &= LG_TRUST;
+ break;
+ case CKO_NETSCAPE_CRL:
+ classFlags &= LG_CRL;
+ break;
+ case CKO_NETSCAPE_SMIME:
+ classFlags &= LG_SMIME;
+ break;
+ case CKO_PRIVATE_KEY:
+ classFlags &= LG_PRIVATE;
+ break;
+ case CKO_PUBLIC_KEY:
+ classFlags &= LG_PUBLIC;
+ break;
+ case CKO_SECRET_KEY:
+ classFlags &= LG_KEY;
+ break;
+ default:
+ classFlags = 0;
+ break;
+ }
+ break;
+ case CKA_PRIVATE:
+ if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
+ classFlags = 0;
+ break;
+ }
+ if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
+ classFlags &= (LG_PRIVATE | LG_KEY);
+ } else {
+ classFlags &= ~(LG_PRIVATE | LG_KEY);
+ }
+ break;
+ case CKA_SENSITIVE:
+ if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
+ classFlags = 0;
+ break;
+ }
+ if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
+ classFlags &= (LG_PRIVATE | LG_KEY);
+ } else {
+ classFlags = 0;
+ }
+ break;
+ case CKA_TOKEN:
+ if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
+ classFlags = 0;
+ break;
+ }
+ if (*((CK_BBOOL *)pTemplate[i].pValue) != CK_TRUE) {
+ classFlags = 0;
+ }
+ break;
+ case CKA_CERT_SHA1_HASH:
+ classFlags &= LG_TRUST;
+ copy = &cert_sha1_hash;
+ break;
+ case CKA_CERT_MD5_HASH:
+ classFlags &= LG_TRUST;
+ copy = &cert_md5_hash;
+ break;
+ case CKA_CERTIFICATE_TYPE:
+ crv = lg_GetULongAttribute(CKA_CERTIFICATE_TYPE, &pTemplate[i],
+ 1, &certType);
+ if (crv != CKR_OK) {
+ classFlags = 0;
+ break;
+ }
+ classFlags &= LG_CERT;
+ if (certType != CKC_X_509) {
+ classFlags = 0;
+ }
+ break;
+ case CKA_ID:
+ copy = &key_id;
+ classFlags &= (LG_CERT | LG_PRIVATE | LG_KEY | LG_PUBLIC);
+ break;
+ case CKA_NETSCAPE_KRL:
+ if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
+ classFlags = 0;
+ break;
+ }
+ classFlags &= LG_CRL;
+ isKrl = (PRBool)(*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE);
+ break;
+ case CKA_MODIFIABLE:
+ break;
+ case CKA_KEY_TYPE:
+ case CKA_DERIVE:
+ classFlags &= LG_PUBLIC | LG_PRIVATE | LG_KEY;
+ break;
+ case CKA_VERIFY_RECOVER:
+ classFlags &= LG_PUBLIC;
+ break;
+ case CKA_SIGN_RECOVER:
+ classFlags &= LG_PRIVATE;
+ break;
+ case CKA_ENCRYPT:
+ case CKA_VERIFY:
+ case CKA_WRAP:
+ classFlags &= LG_PUBLIC | LG_KEY;
+ break;
+ case CKA_DECRYPT:
+ case CKA_SIGN:
+ case CKA_UNWRAP:
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_EXTRACTABLE:
+ case CKA_NEVER_EXTRACTABLE:
+ classFlags &= LG_PRIVATE | LG_KEY;
+ break;
+ /* can't be a certificate if it doesn't match one of the above
+ * attributes */
+ default:
+ classFlags = 0;
+ break;
+ }
+ if (copy) {
+ copy->data = (unsigned char *)pTemplate[i].pValue;
+ copy->len = pTemplate[i].ulValueLen;
+ }
+ copy = NULL;
+ }
+
+ /* certs */
+ if (classFlags & (LG_CERT | LG_TRUST)) {
+ lg_searchCertsAndTrust(sdb, &derCert, &name, &derSubject,
+ &issuerSN, &email, classFlags, search,
+ pTemplate, ulCount);
+ }
+
+ /* keys */
+ if (classFlags & (LG_PRIVATE | LG_PUBLIC | LG_KEY)) {
+ PRBool mustStrict = (name.len != 0);
+ lg_searchKeys(sdb, &key_id, classFlags, search,
+ mustStrict, pTemplate, ulCount);
+ }
+
+ /* crl's */
+ if (classFlags & LG_CRL) {
+ lg_searchCrls(sdb, &derSubject, isKrl, classFlags, search,
+ pTemplate, ulCount);
+ }
+ /* Add S/MIME entry stuff */
+ if (classFlags & LG_SMIME) {
+ lg_searchSMime(sdb, &email, search, pTemplate, ulCount);
+ }
+ return CKR_OK;
+}
+
+/* lg_FindObjectsInit initializes a search for token and session objects
+ * that match a template. */
+CK_RV
+lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate,
+ CK_ULONG ulCount, SDBFind **retSearch)
+{
+ SDBFind *search;
+ CK_RV crv = CKR_OK;
+
+ *retSearch = NULL;
+
+ search = (SDBFind *)PORT_Alloc(sizeof(SDBFind));
+ if (search == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ search->handles = (CK_OBJECT_HANDLE *)
+ PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * LG_SEARCH_BLOCK_SIZE);
+ if (search->handles == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ search->index = 0;
+ search->size = 0;
+ search->array_size = LG_SEARCH_BLOCK_SIZE;
+ /* FIXME - do we still need to get Login state? */
+
+ crv = lg_searchTokenList(sdb, search, pTemplate, ulCount);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ *retSearch = search;
+ return CKR_OK;
+
+loser:
+ if (search) {
+ lg_FreeSearch(search);
+ }
+ return crv;
+}
+
+/* lg_FindObjects continues a search for token and session objects
+ * that match a template, obtaining additional object handles. */
+CK_RV
+lg_FindObjects(SDB *sdb, SDBFind *search,
+ CK_OBJECT_HANDLE *phObject, CK_ULONG ulMaxObjectCount,
+ CK_ULONG *pulObjectCount)
+{
+ int transfer;
+ int left;
+
+ *pulObjectCount = 0;
+ left = search->size - search->index;
+ transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
+ if (transfer > 0) {
+ PORT_Memcpy(phObject, &search->handles[search->index],
+ transfer * sizeof(CK_OBJECT_HANDLE));
+ } else {
+ *phObject = CK_INVALID_HANDLE;
+ }
+
+ search->index += transfer;
+ *pulObjectCount = transfer;
+ return CKR_OK;
+}
+
+/* lg_FindObjectsFinal finishes a search for token and session objects. */
+CK_RV
+lg_FindObjectsFinal(SDB *lgdb, SDBFind *search)
+{
+
+ if (search != NULL) {
+ lg_FreeSearch(search);
+ }
+ return CKR_OK;
+}
diff --git a/security/nss/lib/softoken/legacydb/lgfips.c b/security/nss/lib/softoken/legacydb/lgfips.c
new file mode 100644
index 000000000..b017424db
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgfips.c
@@ -0,0 +1,115 @@
+/*
+ * PKCS #11 FIPS Power-Up Self Test.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* $Id: fipstest.c,v 1.31 2012/06/28 17:55:06 rrelyea%redhat.com Exp $ */
+
+#include "seccomon.h"
+#include "lgdb.h"
+#include "blapi.h"
+
+/*
+ * different platforms have different ways of calling and initial entry point
+ * when the dll/.so is loaded. Most platforms support either a posix pragma
+ * or the GCC attribute. Some platforms suppor a pre-defined name, and some
+ * platforms have a link line way of invoking this function.
+ */
+
+/* The pragma */
+#if defined(USE_INIT_PRAGMA)
+#pragma init(lg_startup_tests)
+#endif
+
+/* GCC Attribute */
+#if defined(__GNUC__) && !defined(NSS_NO_INIT_SUPPORT)
+#define INIT_FUNCTION __attribute__((constructor))
+#else
+#define INIT_FUNCTION
+#endif
+
+static void INIT_FUNCTION lg_startup_tests(void);
+
+/* Windows pre-defined entry */
+#if defined(XP_WIN) && !defined(NSS_NO_INIT_SUPPORT)
+#include <windows.h>
+
+BOOL WINAPI DllMain(
+ HINSTANCE hinstDLL, // handle to DLL module
+ DWORD fdwReason, // reason for calling function
+ LPVOID lpReserved) // reserved
+{
+ // Perform actions based on the reason for calling.
+ switch (fdwReason) {
+ case DLL_PROCESS_ATTACH:
+ // Initialize once for each new process.
+ // Return FALSE to fail DLL load.
+ lg_startup_tests();
+ break;
+
+ case DLL_THREAD_ATTACH:
+ // Do thread-specific initialization.
+ break;
+
+ case DLL_THREAD_DETACH:
+ // Do thread-specific cleanup.
+ break;
+
+ case DLL_PROCESS_DETACH:
+ // Perform any necessary cleanup.
+ break;
+ }
+ return TRUE; // Successful DLL_PROCESS_ATTACH.
+}
+#endif
+
+static PRBool lg_self_tests_ran = PR_FALSE;
+static PRBool lg_self_tests_success = PR_FALSE;
+
+static void
+lg_local_function(void)
+{
+}
+
+/*
+ * This function is called at dll load time, the code tha makes this
+ * happen is platform specific on defined above.
+ */
+static void
+lg_startup_tests(void)
+{
+ const char *libraryName = LG_LIB_NAME;
+
+ PORT_Assert(!lg_self_tests_ran);
+ PORT_Assert(!lg_self_tests_success);
+ lg_self_tests_ran = PR_TRUE;
+ lg_self_tests_success = PR_FALSE; /* just in case */
+
+ /* no self tests required for the legacy db, only the integrity check */
+ /* check the integrity of our shared library */
+ if (!BLAPI_SHVerify(libraryName, (PRFuncPtr)&lg_local_function)) {
+ /* something is wrong with the library, fail without enabling
+ * the fips token */
+ return;
+ }
+ /* FIPS product has been installed and is functioning, allow
+ * the module to operate in fips mode */
+ lg_self_tests_success = PR_TRUE;
+}
+
+PRBool
+lg_FIPSEntryOK()
+{
+#ifdef NSS_NO_INIT_SUPPORT
+ /* this should only be set on platforms that can't handle one of the INIT
+ * schemes. This code allows those platforms to continue to function,
+ * though they don't meet the strict NIST requirements. If NO_INIT_SUPPORT
+ * is not set, and init support has not been properly enabled, softken
+ * will always fail because of the test below */
+ if (!lg_self_tests_ran) {
+ lg_startup_tests();
+ }
+#endif
+ return lg_self_tests_success;
+}
diff --git a/security/nss/lib/softoken/legacydb/lginit.c b/security/nss/lib/softoken/legacydb/lginit.c
new file mode 100644
index 000000000..6913eea50
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lginit.c
@@ -0,0 +1,660 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "lowkeyi.h"
+#include "pcert.h"
+#include "keydbi.h"
+#include "lgdb.h"
+#include "secoid.h"
+#include "prenv.h"
+#include "softkver.h"
+
+/* Library identity and versioning */
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_dbm_version[] = "Version: NSS " SOFTOKEN_VERSION _DEBUG_STRING;
+
+typedef struct LGPrivateStr {
+ NSSLOWCERTCertDBHandle *certDB;
+ NSSLOWKEYDBHandle *keyDB;
+ PRLock *dbLock;
+ PLHashTable *hashTable;
+} LGPrivate;
+
+static char *
+lg_certdb_name_cb(void *arg, int dbVersion)
+{
+ const char *configdir = (const char *)arg;
+ const char *dbver;
+ char *smpname = NULL;
+ char *dbname = NULL;
+
+ switch (dbVersion) {
+ case 8:
+ dbver = "8";
+ break;
+ case 7:
+ dbver = "7";
+ break;
+ case 6:
+ dbver = "6";
+ break;
+ case 5:
+ dbver = "5";
+ break;
+ case 4:
+ default:
+ dbver = "";
+ break;
+ }
+
+ /* make sure we return something allocated with PORT_ so we have properly
+ * matched frees at the end */
+ smpname = PR_smprintf(CERT_DB_FMT, configdir, dbver);
+ if (smpname) {
+ dbname = PORT_Strdup(smpname);
+ PR_smprintf_free(smpname);
+ }
+ return dbname;
+}
+
+static char *
+lg_keydb_name_cb(void *arg, int dbVersion)
+{
+ const char *configdir = (const char *)arg;
+ const char *dbver;
+ char *smpname = NULL;
+ char *dbname = NULL;
+
+ switch (dbVersion) {
+ case 4:
+ dbver = "4";
+ break;
+ case 3:
+ dbver = "3";
+ break;
+ case 1:
+ dbver = "1";
+ break;
+ case 2:
+ default:
+ dbver = "";
+ break;
+ }
+
+ smpname = PR_smprintf(KEY_DB_FMT, configdir, dbver);
+ if (smpname) {
+ dbname = PORT_Strdup(smpname);
+ PR_smprintf_free(smpname);
+ }
+ return dbname;
+}
+
+const char *
+lg_EvaluateConfigDir(const char *configdir, char **appName)
+{
+ if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS) - 1) == 0) {
+ char *cdir;
+
+ *appName = PORT_Strdup(configdir + sizeof(MULTIACCESS) - 1);
+ if (*appName == NULL) {
+ return configdir;
+ }
+ cdir = *appName;
+ while (*cdir && *cdir != ':') {
+ cdir++;
+ }
+ if (*cdir == ':') {
+ *cdir = 0;
+ cdir++;
+ }
+ configdir = cdir;
+ }
+ return configdir;
+}
+
+static int rdbmapflags(int flags);
+static rdbfunc lg_rdbfunc = NULL;
+static rdbstatusfunc lg_rdbstatusfunc = NULL;
+
+/* NOTE: SHLIB_SUFFIX is defined on the command line */
+#define RDBLIB SHLIB_PREFIX "rdb." SHLIB_SUFFIX
+
+DB *
+rdbopen(const char *appName, const char *prefix,
+ const char *type, int flags, int *status)
+{
+ PRLibrary *lib;
+ DB *db;
+ char *disableUnload = NULL;
+
+ if (lg_rdbfunc) {
+ db = (*lg_rdbfunc)(appName, prefix, type, rdbmapflags(flags));
+ if (!db && status && lg_rdbstatusfunc) {
+ *status = (*lg_rdbstatusfunc)();
+ }
+ return db;
+ }
+
+ /*
+ * try to open the library.
+ */
+ lib = PR_LoadLibrary(RDBLIB);
+
+ if (!lib) {
+ return NULL;
+ }
+
+ /* get the entry points */
+ lg_rdbstatusfunc = (rdbstatusfunc)PR_FindSymbol(lib, "rdbstatus");
+ lg_rdbfunc = (rdbfunc)PR_FindSymbol(lib, "rdbopen");
+ if (lg_rdbfunc) {
+ db = (*lg_rdbfunc)(appName, prefix, type, rdbmapflags(flags));
+ if (!db && status && lg_rdbstatusfunc) {
+ *status = (*lg_rdbstatusfunc)();
+ }
+ return db;
+ }
+
+ /* couldn't find the entry point, unload the library and fail */
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+ if (!disableUnload) {
+ PR_UnloadLibrary(lib);
+ }
+ return NULL;
+}
+
+/*
+ * the following data structures are from rdb.h.
+ */
+struct RDBStr {
+ DB db;
+ int (*xactstart)(DB *db);
+ int (*xactdone)(DB *db, PRBool abort);
+ int version;
+ int (*dbinitcomplete)(DB *db);
+};
+
+#define DB_RDB ((DBTYPE)0xff)
+#define RDB_RDONLY 1
+#define RDB_RDWR 2
+#define RDB_CREATE 4
+
+static int
+rdbmapflags(int flags)
+{
+ switch (flags) {
+ case NO_RDONLY:
+ return RDB_RDONLY;
+ case NO_RDWR:
+ return RDB_RDWR;
+ case NO_CREATE:
+ return RDB_CREATE;
+ default:
+ break;
+ }
+ return 0;
+}
+
+PRBool
+db_IsRDB(DB *db)
+{
+ return (PRBool)db->type == DB_RDB;
+}
+
+int
+db_BeginTransaction(DB *db)
+{
+ struct RDBStr *rdb = (struct RDBStr *)db;
+ if (db->type != DB_RDB) {
+ return 0;
+ }
+
+ return rdb->xactstart(db);
+}
+
+int
+db_FinishTransaction(DB *db, PRBool abort)
+{
+ struct RDBStr *rdb = (struct RDBStr *)db;
+ if (db->type != DB_RDB) {
+ return 0;
+ }
+
+ return rdb->xactdone(db, abort);
+}
+
+static DB *
+lg_getRawDB(SDB *sdb)
+{
+ NSSLOWCERTCertDBHandle *certDB;
+ NSSLOWKEYDBHandle *keyDB;
+
+ certDB = lg_getCertDB(sdb);
+ if (certDB) {
+ return certDB->permCertDB;
+ }
+ keyDB = lg_getKeyDB(sdb);
+ if (keyDB) {
+ return keyDB->db;
+ }
+ return NULL;
+}
+
+CK_RV
+lg_Begin(SDB *sdb)
+{
+ DB *db = lg_getRawDB(sdb);
+ int ret;
+
+ if (db == NULL) {
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+ ret = db_BeginTransaction(db);
+ if (ret != 0) {
+ return CKR_GENERAL_ERROR; /* could happen */
+ }
+ return CKR_OK;
+}
+
+CK_RV
+lg_Commit(SDB *sdb)
+{
+ DB *db = lg_getRawDB(sdb);
+ int ret;
+
+ if (db == NULL) {
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+ ret = db_FinishTransaction(db, PR_FALSE);
+ if (ret != 0) {
+ return CKR_GENERAL_ERROR; /* could happen */
+ }
+ return CKR_OK;
+}
+
+CK_RV
+lg_Abort(SDB *sdb)
+{
+ DB *db = lg_getRawDB(sdb);
+ int ret;
+
+ if (db == NULL) {
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+ ret = db_FinishTransaction(db, PR_TRUE);
+ if (ret != 0) {
+ return CKR_GENERAL_ERROR; /* could happen */
+ }
+ return CKR_OK;
+}
+
+int
+db_InitComplete(DB *db)
+{
+ struct RDBStr *rdb = (struct RDBStr *)db;
+ if (db->type != DB_RDB) {
+ return 0;
+ }
+ /* we should have added a version number to the RDBS structure. Since we
+ * didn't, we detect that we have and 'extended' structure if the rdbstatus
+ * func exists */
+ if (!lg_rdbstatusfunc) {
+ return 0;
+ }
+
+ return rdb->dbinitcomplete(db);
+}
+
+SECStatus
+db_Copy(DB *dest, DB *src)
+{
+ int ret;
+ DBT key, data;
+ ret = (*src->seq)(src, &key, &data, R_FIRST);
+ if (ret) {
+ return SECSuccess;
+ }
+
+ do {
+ (void)(*dest->put)(dest, &key, &data, R_NOOVERWRITE);
+ } while ((*src->seq)(src, &key, &data, R_NEXT) == 0);
+ (void)(*dest->sync)(dest, 0);
+
+ return SECSuccess;
+}
+
+static CK_RV
+lg_OpenCertDB(const char *configdir, const char *prefix, PRBool readOnly,
+ NSSLOWCERTCertDBHandle **certdbPtr)
+{
+ NSSLOWCERTCertDBHandle *certdb = NULL;
+ CK_RV crv = CKR_NETSCAPE_CERTDB_FAILED;
+ SECStatus rv;
+ char *name = NULL;
+ char *appName = NULL;
+
+ if (prefix == NULL) {
+ prefix = "";
+ }
+
+ configdir = lg_EvaluateConfigDir(configdir, &appName);
+
+ name = PR_smprintf("%s" PATH_SEPARATOR "%s", configdir, prefix);
+ if (name == NULL)
+ goto loser;
+
+ certdb = (NSSLOWCERTCertDBHandle *)PORT_ZAlloc(sizeof(NSSLOWCERTCertDBHandle));
+ if (certdb == NULL)
+ goto loser;
+
+ certdb->ref = 1;
+ /* fix when we get the DB in */
+ rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
+ lg_certdb_name_cb, (void *)name, PR_FALSE);
+ if (rv == SECSuccess) {
+ crv = CKR_OK;
+ *certdbPtr = certdb;
+ certdb = NULL;
+ }
+loser:
+ if (certdb)
+ PR_Free(certdb);
+ if (name)
+ PR_smprintf_free(name);
+ if (appName)
+ PORT_Free(appName);
+ return crv;
+}
+
+static CK_RV
+lg_OpenKeyDB(const char *configdir, const char *prefix, PRBool readOnly,
+ NSSLOWKEYDBHandle **keydbPtr)
+{
+ NSSLOWKEYDBHandle *keydb;
+ char *name = NULL;
+ char *appName = NULL;
+
+ if (prefix == NULL) {
+ prefix = "";
+ }
+ configdir = lg_EvaluateConfigDir(configdir, &appName);
+
+ name = PR_smprintf("%s" PATH_SEPARATOR "%s", configdir, prefix);
+ if (name == NULL)
+ return CKR_HOST_MEMORY;
+ keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix,
+ lg_keydb_name_cb, (void *)name);
+ PR_smprintf_free(name);
+ if (appName)
+ PORT_Free(appName);
+ if (keydb == NULL)
+ return CKR_NETSCAPE_KEYDB_FAILED;
+ *keydbPtr = keydb;
+
+ return CKR_OK;
+}
+
+/*
+ * Accessors for the private parts of the sdb structure.
+ */
+void
+lg_DBLock(SDB *sdb)
+{
+ LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
+ SKIP_AFTER_FORK(PR_Lock(lgdb_p->dbLock));
+}
+
+void
+lg_DBUnlock(SDB *sdb)
+{
+ LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
+ SKIP_AFTER_FORK(PR_Unlock(lgdb_p->dbLock));
+}
+
+PLHashTable *
+lg_GetHashTable(SDB *sdb)
+{
+ LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
+ return lgdb_p->hashTable;
+}
+
+NSSLOWCERTCertDBHandle *
+lg_getCertDB(SDB *sdb)
+{
+ LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
+
+ return lgdb_p->certDB;
+}
+
+NSSLOWKEYDBHandle *
+lg_getKeyDB(SDB *sdb)
+{
+ LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
+
+ return lgdb_p->keyDB;
+}
+
+PRBool lg_parentForkedAfterC_Initialize;
+
+void
+lg_SetForkState(PRBool forked)
+{
+ lg_parentForkedAfterC_Initialize = forked;
+}
+
+CK_RV
+lg_Close(SDB *sdb)
+{
+ LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
+ lg_ClearTokenKeyHashTable(sdb);
+ if (lgdb_p) {
+ if (lgdb_p->certDB) {
+ nsslowcert_ClosePermCertDB(lgdb_p->certDB);
+ } else if (lgdb_p->keyDB) {
+ nsslowkey_CloseKeyDB(lgdb_p->keyDB);
+ }
+ if (lgdb_p->dbLock) {
+ SKIP_AFTER_FORK(PR_DestroyLock(lgdb_p->dbLock));
+ }
+ if (lgdb_p->hashTable) {
+ PL_HashTableDestroy(lgdb_p->hashTable);
+ }
+ PORT_Free(lgdb_p);
+ }
+ PORT_Free(sdb);
+ return CKR_OK;
+}
+
+static PLHashNumber
+lg_HashNumber(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+/*
+ * helper function to wrap a NSSLOWCERTCertDBHandle or a NSSLOWKEYDBHandle
+ * with and sdb structure.
+ */
+CK_RV
+lg_init(SDB **pSdb, int flags, NSSLOWCERTCertDBHandle *certdbPtr,
+ NSSLOWKEYDBHandle *keydbPtr)
+{
+ SDB *sdb = NULL;
+ LGPrivate *lgdb_p = NULL;
+ CK_RV error = CKR_HOST_MEMORY;
+
+ *pSdb = NULL;
+ sdb = (SDB *)PORT_Alloc(sizeof(SDB));
+ if (sdb == NULL) {
+ goto loser;
+ }
+ lgdb_p = (LGPrivate *)PORT_Alloc(sizeof(LGPrivate));
+ if (lgdb_p == NULL) {
+ goto loser;
+ }
+ /* invariant fields */
+ lgdb_p->certDB = certdbPtr;
+ lgdb_p->keyDB = keydbPtr;
+ lgdb_p->dbLock = PR_NewLock();
+ if (lgdb_p->dbLock == NULL) {
+ goto loser;
+ }
+ lgdb_p->hashTable = PL_NewHashTable(64, lg_HashNumber, PL_CompareValues,
+ SECITEM_HashCompare, NULL, 0);
+ if (lgdb_p->hashTable == NULL) {
+ goto loser;
+ }
+
+ sdb->private = lgdb_p;
+ sdb->version = 0;
+ sdb->sdb_flags = flags;
+ sdb->app_private = NULL;
+ sdb->sdb_FindObjectsInit = lg_FindObjectsInit;
+ sdb->sdb_FindObjects = lg_FindObjects;
+ sdb->sdb_FindObjectsFinal = lg_FindObjectsFinal;
+ sdb->sdb_GetAttributeValue = lg_GetAttributeValue;
+ sdb->sdb_SetAttributeValue = lg_SetAttributeValue;
+ sdb->sdb_CreateObject = lg_CreateObject;
+ sdb->sdb_DestroyObject = lg_DestroyObject;
+ sdb->sdb_GetMetaData = lg_GetMetaData;
+ sdb->sdb_PutMetaData = lg_PutMetaData;
+ sdb->sdb_Begin = lg_Begin;
+ sdb->sdb_Commit = lg_Commit;
+ sdb->sdb_Abort = lg_Abort;
+ sdb->sdb_Reset = lg_Reset;
+ sdb->sdb_Close = lg_Close;
+ sdb->sdb_SetForkState = lg_SetForkState;
+
+ *pSdb = sdb;
+ return CKR_OK;
+
+loser:
+ if (sdb) {
+ PORT_Free(sdb);
+ }
+ if (lgdb_p) {
+ if (lgdb_p->dbLock) {
+ PR_DestroyLock(lgdb_p->dbLock);
+ }
+ if (lgdb_p->hashTable) {
+ PL_HashTableDestroy(lgdb_p->hashTable);
+ }
+ PORT_Free(lgdb_p);
+ }
+ return error;
+}
+
+/*
+ * OK there are now lots of options here, lets go through them all:
+ *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * "https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * "https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * readOnly - Boolean: true if the databases are to be openned read only.
+ * nocertdb - Don't open the cert DB and key DB's, just initialize the
+ * Volatile certdb.
+ * nomoddb - Don't open the security module DB, just initialize the
+ * PKCS #11 module.
+ * forceOpen - Continue to force initializations even if the databases cannot
+ * be opened.
+ */
+CK_RV
+legacy_Open(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, int certVersion, int keyVersion,
+ int flags, SDB **certDB, SDB **keyDB)
+{
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+ PRBool readOnly = ((flags & 0x7) == SDB_RDONLY) ? PR_TRUE : PR_FALSE;
+
+#define NSS_VERSION_VARIABLE __nss_dbm_version
+#include "verref.h"
+
+ if (flags & SDB_FIPS) {
+ if (!lg_FIPSEntryOK()) {
+ return CKR_DEVICE_ERROR;
+ }
+ }
+
+ rv = SECOID_Init();
+ if (SECSuccess != rv) {
+ return CKR_DEVICE_ERROR;
+ }
+ nsslowcert_InitLocks();
+
+ if (keyDB)
+ *keyDB = NULL;
+ if (certDB)
+ *certDB = NULL;
+
+ if (certDB) {
+ NSSLOWCERTCertDBHandle *certdbPtr = NULL;
+
+ crv = lg_OpenCertDB(configdir, certPrefix, readOnly, &certdbPtr);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = lg_init(certDB, flags, certdbPtr, NULL);
+ if (crv != CKR_OK) {
+ nsslowcert_ClosePermCertDB(certdbPtr);
+ goto loser;
+ }
+ }
+ if (keyDB) {
+ NSSLOWKEYDBHandle *keydbPtr;
+
+ crv = lg_OpenKeyDB(configdir, keyPrefix, readOnly, &keydbPtr);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = lg_init(keyDB, flags, NULL, keydbPtr);
+ if (crv != CKR_OK) {
+ nsslowkey_CloseKeyDB(keydbPtr);
+ goto loser;
+ }
+ if (certDB && *certDB) {
+ LGPrivate *lgdb_p = (LGPrivate *)(*certDB)->private;
+ lgdb_p->keyDB = keydbPtr;
+ }
+ }
+
+loser:
+ if (crv != CKR_OK) {
+ if (keyDB && *keyDB) {
+ lg_Close(*keyDB);
+ *keyDB = NULL;
+ }
+ if (certDB && *certDB) {
+ lg_Close(*certDB);
+ *certDB = NULL;
+ }
+ }
+ return crv;
+}
+
+CK_RV
+legacy_Shutdown(PRBool forked)
+{
+ lg_SetForkState(forked);
+ nsslowcert_DestroyFreeLists();
+ nsslowcert_DestroyGlobalLocks();
+ SECOID_Shutdown();
+ lg_SetForkState(PR_FALSE);
+ return CKR_OK;
+}
diff --git a/security/nss/lib/softoken/legacydb/lgutil.c b/security/nss/lib/softoken/legacydb/lgutil.c
new file mode 100644
index 000000000..d872bf4b3
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lgutil.c
@@ -0,0 +1,399 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "lgdb.h"
+#include "secerr.h"
+#include "lgglue.h"
+
+/*
+ * ******************** Attribute Utilities *******************************
+ */
+
+/*
+ * look up and attribute structure from a type and Object structure.
+ * The returned attribute is referenced and needs to be freed when
+ * it is no longer needed.
+ */
+const CK_ATTRIBUTE *
+lg_FindAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
+ CK_ULONG count)
+{
+ unsigned int i;
+
+ for (i = 0; i < count; i++) {
+ if (templ[i].type == type) {
+ return &templ[i];
+ }
+ }
+ return NULL;
+}
+
+/*
+ * return true if object has attribute
+ */
+PRBool
+lg_hasAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
+ CK_ULONG count)
+{
+ if (lg_FindAttribute(type, templ, count) == NULL) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/*
+ * copy an attribute into a SECItem. Secitem is allocated in the specified
+ * arena.
+ */
+CK_RV
+lg_Attribute2SecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item)
+{
+ int len;
+ const CK_ATTRIBUTE *attribute;
+
+ attribute = lg_FindAttribute(type, templ, count);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ len = attribute->ulValueLen;
+
+ if (arena) {
+ item->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ } else {
+ item->data = (unsigned char *)PORT_Alloc(len);
+ }
+ if (item->data == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ item->len = len;
+ if (item->len) {
+ PORT_Memcpy(item->data, attribute->pValue, len);
+ }
+ return CKR_OK;
+}
+
+/*
+ * copy an unsigned attribute into a SECItem. Secitem is allocated in
+ * the specified arena.
+ */
+CK_RV
+lg_Attribute2SSecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item)
+{
+ const CK_ATTRIBUTE *attribute;
+ item->data = NULL;
+
+ attribute = lg_FindAttribute(type, templ, count);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ (void)SECITEM_AllocItem(arena, item, attribute->ulValueLen);
+ if (item->data == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ PORT_Memcpy(item->data, attribute->pValue, item->len);
+ return CKR_OK;
+}
+
+/*
+ * copy an unsigned attribute into a SECItem. Secitem is allocated in
+ * the specified arena.
+ */
+CK_RV
+lg_PrivAttr2SSecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item, SDB *sdbpw)
+{
+ const CK_ATTRIBUTE *attribute;
+ SECItem epki, *dest = NULL;
+ SECStatus rv;
+
+ item->data = NULL;
+
+ attribute = lg_FindAttribute(type, templ, count);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ epki.data = attribute->pValue;
+ epki.len = attribute->ulValueLen;
+
+ rv = lg_util_decrypt(sdbpw, &epki, &dest);
+ if (rv != SECSuccess) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+ (void)SECITEM_AllocItem(arena, item, dest->len);
+ if (item->data == NULL) {
+ SECITEM_FreeItem(dest, PR_TRUE);
+ return CKR_HOST_MEMORY;
+ }
+
+ PORT_Memcpy(item->data, dest->data, item->len);
+ SECITEM_FreeItem(dest, PR_TRUE);
+ return CKR_OK;
+}
+
+CK_RV
+lg_PrivAttr2SecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
+ const CK_ATTRIBUTE *templ, CK_ULONG count,
+ SECItem *item, SDB *sdbpw)
+{
+ return lg_PrivAttr2SSecItem(arena, type, templ, count, item, sdbpw);
+}
+
+/*
+ * this is only valid for CK_BBOOL type attributes. Return the state
+ * of that attribute.
+ */
+PRBool
+lg_isTrue(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ const CK_ATTRIBUTE *attribute;
+ PRBool tok = PR_FALSE;
+
+ attribute = lg_FindAttribute(type, templ, count);
+ if (attribute == NULL) {
+ return PR_FALSE;
+ }
+ tok = (PRBool)(*(CK_BBOOL *)attribute->pValue);
+
+ return tok;
+}
+
+/*
+ * return a null terminated string from attribute 'type'. This string
+ * is allocated and needs to be freed with PORT_Free() When complete.
+ */
+char *
+lg_getString(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ, CK_ULONG count)
+{
+ const CK_ATTRIBUTE *attribute;
+ char *label = NULL;
+
+ attribute = lg_FindAttribute(type, templ, count);
+ if (attribute == NULL)
+ return NULL;
+
+ if (attribute->pValue != NULL) {
+ label = (char *)PORT_Alloc(attribute->ulValueLen + 1);
+ if (label == NULL) {
+ return NULL;
+ }
+
+ PORT_Memcpy(label, attribute->pValue, attribute->ulValueLen);
+ label[attribute->ulValueLen] = 0;
+ }
+ return label;
+}
+
+CK_RV
+lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
+ CK_ULONG count, CK_ULONG *longData)
+{
+ const CK_ATTRIBUTE *attribute;
+ CK_ULONG value = 0;
+ const unsigned char *data;
+ int i;
+
+ attribute = lg_FindAttribute(type, templ, count);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ if (attribute->ulValueLen != 4) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ data = (const unsigned char *)attribute->pValue;
+ for (i = 0; i < 4; i++) {
+ value |= (CK_ULONG)(data[i]) << ((3 - i) * 8);
+ }
+
+ *longData = value;
+ return CKR_OK;
+}
+
+/*
+ * ******************** Object Utilities *******************************
+ */
+
+SECStatus
+lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle)
+{
+ SECItem *item;
+ PRBool rem;
+ PLHashTable *hashTable = lg_GetHashTable(sdb);
+
+ item = (SECItem *)PL_HashTableLookup(hashTable, (void *)handle);
+ rem = PL_HashTableRemove(hashTable, (void *)handle);
+ if (rem && item) {
+ SECITEM_FreeItem(item, PR_TRUE);
+ }
+ return rem ? SECSuccess : SECFailure;
+}
+
+/* must be called holding lg_DBLock(sdb) */
+static SECStatus
+lg_addTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle, SECItem *key)
+{
+ PLHashEntry *entry;
+ SECItem *item;
+ PLHashTable *hashTable = lg_GetHashTable(sdb);
+
+ item = SECITEM_DupItem(key);
+ if (item == NULL) {
+ return SECFailure;
+ }
+ entry = PL_HashTableAdd(hashTable, (void *)handle, item);
+ if (entry == NULL) {
+ SECITEM_FreeItem(item, PR_TRUE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* must be called holding lg_DBLock(sdb) */
+const SECItem *
+lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle)
+{
+ PLHashTable *hashTable = lg_GetHashTable(sdb);
+ return (const SECItem *)PL_HashTableLookup(hashTable, (void *)handle);
+}
+
+static PRIntn
+lg_freeHashItem(PLHashEntry *entry, PRIntn index, void *arg)
+{
+ SECItem *item = (SECItem *)entry->value;
+
+ SECITEM_FreeItem(item, PR_TRUE);
+ return HT_ENUMERATE_NEXT;
+}
+
+CK_RV
+lg_ClearTokenKeyHashTable(SDB *sdb)
+{
+ PLHashTable *hashTable;
+ lg_DBLock(sdb);
+ hashTable = lg_GetHashTable(sdb);
+ PL_HashTableEnumerateEntries(hashTable, lg_freeHashItem, NULL);
+ lg_DBUnlock(sdb);
+ return CKR_OK;
+}
+
+/*
+ * handle Token Object stuff
+ */
+static void
+lg_XORHash(unsigned char *key, unsigned char *dbkey, int len)
+{
+ int i;
+
+ PORT_Memset(key, 0, 4);
+
+ for (i = 0; i < len - 4; i += 4) {
+ key[0] ^= dbkey[i];
+ key[1] ^= dbkey[i + 1];
+ key[2] ^= dbkey[i + 2];
+ key[3] ^= dbkey[i + 3];
+ }
+}
+
+/* Make a token handle for an object and record it so we can find it again */
+CK_OBJECT_HANDLE
+lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class)
+{
+ unsigned char hashBuf[4];
+ CK_OBJECT_HANDLE handle;
+ const SECItem *key;
+
+ handle = class;
+ /* there is only one KRL, use a fixed handle for it */
+ if (handle != LG_TOKEN_KRL_HANDLE) {
+ lg_XORHash(hashBuf, dbKey->data, dbKey->len);
+ handle = ((CK_OBJECT_HANDLE)hashBuf[0] << 24) |
+ ((CK_OBJECT_HANDLE)hashBuf[1] << 16) |
+ ((CK_OBJECT_HANDLE)hashBuf[2] << 8) |
+ (CK_OBJECT_HANDLE)hashBuf[3];
+ handle = class | (handle & ~(LG_TOKEN_TYPE_MASK | LG_TOKEN_MASK));
+ /* we have a CRL who's handle has randomly matched the reserved KRL
+ * handle, increment it */
+ if (handle == LG_TOKEN_KRL_HANDLE) {
+ handle++;
+ }
+ }
+
+ lg_DBLock(sdb);
+ while ((key = lg_lookupTokenKeyByHandle(sdb, handle)) != NULL) {
+ if (SECITEM_ItemsAreEqual(key, dbKey)) {
+ lg_DBUnlock(sdb);
+ return handle;
+ }
+ handle++;
+ }
+ lg_addTokenKeyByHandle(sdb, handle, dbKey);
+ lg_DBUnlock(sdb);
+ return handle;
+}
+
+PRBool
+lg_poisonHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class)
+{
+ unsigned char hashBuf[4];
+ CK_OBJECT_HANDLE handle;
+ const SECItem *key;
+
+ handle = class;
+ /* there is only one KRL, use a fixed handle for it */
+ if (handle != LG_TOKEN_KRL_HANDLE) {
+ lg_XORHash(hashBuf, dbKey->data, dbKey->len);
+ handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) |
+ (hashBuf[2] << 8) | hashBuf[3];
+ handle = class | (handle & ~(LG_TOKEN_TYPE_MASK | LG_TOKEN_MASK));
+ /* we have a CRL who's handle has randomly matched the reserved KRL
+ * handle, increment it */
+ if (handle == LG_TOKEN_KRL_HANDLE) {
+ handle++;
+ }
+ }
+ lg_DBLock(sdb);
+ while ((key = lg_lookupTokenKeyByHandle(sdb, handle)) != NULL) {
+ if (SECITEM_ItemsAreEqual(key, dbKey)) {
+ key->data[0] ^= 0x80;
+ lg_DBUnlock(sdb);
+ return PR_TRUE;
+ }
+ handle++;
+ }
+ lg_DBUnlock(sdb);
+ return PR_FALSE;
+}
+
+static LGEncryptFunc lg_encrypt_stub = NULL;
+static LGDecryptFunc lg_decrypt_stub = NULL;
+
+void
+legacy_SetCryptFunctions(LGEncryptFunc enc, LGDecryptFunc dec)
+{
+ lg_encrypt_stub = enc;
+ lg_decrypt_stub = dec;
+}
+
+SECStatus
+lg_util_encrypt(PLArenaPool *arena, SDB *sdb,
+ SECItem *plainText, SECItem **cipherText)
+{
+ if (lg_encrypt_stub == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return (*lg_encrypt_stub)(arena, sdb, plainText, cipherText);
+}
+
+SECStatus
+lg_util_decrypt(SDB *sdb, SECItem *cipherText, SECItem **plainText)
+{
+ if (lg_decrypt_stub == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return (*lg_decrypt_stub)(sdb, cipherText, plainText);
+}
diff --git a/security/nss/lib/softoken/legacydb/lowcert.c b/security/nss/lib/softoken/legacydb/lowcert.c
new file mode 100644
index 000000000..2906120ee
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lowcert.c
@@ -0,0 +1,856 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Certificate handling code
+ */
+
+#include "seccomon.h"
+#include "secder.h"
+#include "nssilock.h"
+#include "lowkeyi.h"
+#include "secasn1.h"
+#include "secoid.h"
+#include "secerr.h"
+#include "pcert.h"
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+static const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSubjectPublicKeyInfo) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSLOWCERTSubjectPublicKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_BIT_STRING,
+ offsetof(NSSLOWCERTSubjectPublicKeyInfo, subjectPublicKey) },
+ { 0 }
+};
+
+static const SEC_ASN1Template nsslowcert_RSAPublicKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.modulus) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.publicExponent) },
+ { 0 }
+};
+static const SEC_ASN1Template nsslowcert_DSAPublicKeyTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.dsa.publicValue) },
+ { 0 }
+};
+static const SEC_ASN1Template nsslowcert_DHPublicKeyTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.dh.publicValue) },
+ { 0 }
+};
+
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+
+static void
+prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
+{
+ pubk->u.rsa.modulus.type = siUnsignedInteger;
+ pubk->u.rsa.publicExponent.type = siUnsignedInteger;
+}
+
+static void
+prepare_low_dsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
+{
+ pubk->u.dsa.publicValue.type = siUnsignedInteger;
+ pubk->u.dsa.params.prime.type = siUnsignedInteger;
+ pubk->u.dsa.params.subPrime.type = siUnsignedInteger;
+ pubk->u.dsa.params.base.type = siUnsignedInteger;
+}
+
+static void
+prepare_low_dh_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
+{
+ pubk->u.dh.prime.type = siUnsignedInteger;
+ pubk->u.dh.base.type = siUnsignedInteger;
+ pubk->u.dh.publicValue.type = siUnsignedInteger;
+}
+
+/*
+ * simple cert decoder to avoid the cost of asn1 engine
+ */
+static unsigned char *
+nsslowcert_dataStart(unsigned char *buf, unsigned int length,
+ unsigned int *data_length, PRBool includeTag,
+ unsigned char *rettag)
+{
+ unsigned char tag;
+ unsigned int used_length = 0;
+
+ /* need at least a tag and a 1 byte length */
+ if (length < 2) {
+ return NULL;
+ }
+
+ tag = buf[used_length++];
+
+ if (rettag) {
+ *rettag = tag;
+ }
+
+ /* blow out when we come to the end */
+ if (tag == 0) {
+ return NULL;
+ }
+
+ *data_length = buf[used_length++];
+
+ if (*data_length & 0x80) {
+ int len_count = *data_length & 0x7f;
+
+ if (len_count + used_length > length) {
+ return NULL;
+ }
+
+ *data_length = 0;
+
+ while (len_count-- > 0) {
+ *data_length = (*data_length << 8) | buf[used_length++];
+ }
+ }
+
+ if (*data_length > (length - used_length)) {
+ *data_length = length - used_length;
+ return NULL;
+ }
+ if (includeTag)
+ *data_length += used_length;
+
+ return (buf + (includeTag ? 0 : used_length));
+}
+
+static void
+SetTimeType(SECItem *item, unsigned char tagtype)
+{
+ switch (tagtype) {
+ case SEC_ASN1_UTC_TIME:
+ item->type = siUTCTime;
+ break;
+
+ case SEC_ASN1_GENERALIZED_TIME:
+ item->type = siGeneralizedTime;
+ break;
+
+ default:
+ PORT_Assert(0);
+ break;
+ }
+}
+
+static int
+nsslowcert_GetValidityFields(unsigned char *buf, int buf_length,
+ SECItem *notBefore, SECItem *notAfter)
+{
+ unsigned char tagtype;
+ notBefore->data = nsslowcert_dataStart(buf, buf_length,
+ &notBefore->len, PR_FALSE, &tagtype);
+ if (notBefore->data == NULL)
+ return SECFailure;
+ SetTimeType(notBefore, tagtype);
+ buf_length -= (notBefore->data - buf) + notBefore->len;
+ buf = notBefore->data + notBefore->len;
+ notAfter->data = nsslowcert_dataStart(buf, buf_length,
+ &notAfter->len, PR_FALSE, &tagtype);
+ if (notAfter->data == NULL)
+ return SECFailure;
+ SetTimeType(notAfter, tagtype);
+ return SECSuccess;
+}
+
+static int
+nsslowcert_GetCertFields(unsigned char *cert, int cert_length,
+ SECItem *issuer, SECItem *serial, SECItem *derSN, SECItem *subject,
+ SECItem *valid, SECItem *subjkey, SECItem *extensions)
+{
+ unsigned char *buf;
+ unsigned int buf_length;
+ unsigned char *dummy;
+ unsigned int dummylen;
+
+ /* get past the signature wrap */
+ buf = nsslowcert_dataStart(cert, cert_length, &buf_length, PR_FALSE, NULL);
+ if (buf == NULL)
+ return SECFailure;
+ /* get into the raw cert data */
+ buf = nsslowcert_dataStart(buf, buf_length, &buf_length, PR_FALSE, NULL);
+ if (buf == NULL)
+ return SECFailure;
+ /* skip past any optional version number */
+ if ((buf[0] & 0xa0) == 0xa0) {
+ dummy = nsslowcert_dataStart(buf, buf_length, &dummylen, PR_FALSE, NULL);
+ if (dummy == NULL)
+ return SECFailure;
+ buf_length -= (dummy - buf) + dummylen;
+ buf = dummy + dummylen;
+ }
+ /* serial number */
+ if (derSN) {
+ derSN->data = nsslowcert_dataStart(buf, buf_length, &derSN->len, PR_TRUE, NULL);
+ /* derSN->data doesn't need to be checked because if it fails so will
+ * serial->data below. The only difference between the two calls is
+ * whether or not the tags are included in the returned buffer */
+ }
+ serial->data = nsslowcert_dataStart(buf, buf_length, &serial->len, PR_FALSE, NULL);
+ if (serial->data == NULL)
+ return SECFailure;
+ buf_length -= (serial->data - buf) + serial->len;
+ buf = serial->data + serial->len;
+ /* skip the OID */
+ dummy = nsslowcert_dataStart(buf, buf_length, &dummylen, PR_FALSE, NULL);
+ if (dummy == NULL)
+ return SECFailure;
+ buf_length -= (dummy - buf) + dummylen;
+ buf = dummy + dummylen;
+ /* issuer */
+ issuer->data = nsslowcert_dataStart(buf, buf_length, &issuer->len, PR_TRUE, NULL);
+ if (issuer->data == NULL)
+ return SECFailure;
+ buf_length -= (issuer->data - buf) + issuer->len;
+ buf = issuer->data + issuer->len;
+
+ /* only wanted issuer/SN */
+ if (valid == NULL) {
+ return SECSuccess;
+ }
+ /* validity */
+ valid->data = nsslowcert_dataStart(buf, buf_length, &valid->len, PR_FALSE, NULL);
+ if (valid->data == NULL)
+ return SECFailure;
+ buf_length -= (valid->data - buf) + valid->len;
+ buf = valid->data + valid->len;
+ /*subject */
+ subject->data = nsslowcert_dataStart(buf, buf_length, &subject->len, PR_TRUE, NULL);
+ if (subject->data == NULL)
+ return SECFailure;
+ buf_length -= (subject->data - buf) + subject->len;
+ buf = subject->data + subject->len;
+ /* subject key info */
+ subjkey->data = nsslowcert_dataStart(buf, buf_length, &subjkey->len, PR_TRUE, NULL);
+ if (subjkey->data == NULL)
+ return SECFailure;
+ buf_length -= (subjkey->data - buf) + subjkey->len;
+ buf = subjkey->data + subjkey->len;
+
+ extensions->data = NULL;
+ extensions->len = 0;
+ while (buf_length > 0) {
+ /* EXTENSIONS */
+ if (buf[0] == 0xa3) {
+ extensions->data = nsslowcert_dataStart(buf, buf_length,
+ &extensions->len, PR_FALSE, NULL);
+ /* if the DER is bad, we should fail. Previously we accepted
+ * bad DER here and treated the extension as missin */
+ if (extensions->data == NULL ||
+ (extensions->data - buf) + extensions->len != buf_length)
+ return SECFailure;
+ buf = extensions->data;
+ buf_length = extensions->len;
+ /* now parse the SEQUENCE holding the extensions. */
+ dummy = nsslowcert_dataStart(buf, buf_length, &dummylen, PR_FALSE, NULL);
+ if (dummy == NULL ||
+ (dummy - buf) + dummylen != buf_length)
+ return SECFailure;
+ buf_length -= (dummy - buf);
+ buf = dummy;
+ /* Now parse the extensions inside this sequence */
+ }
+ dummy = nsslowcert_dataStart(buf, buf_length, &dummylen, PR_FALSE, NULL);
+ if (dummy == NULL)
+ return SECFailure;
+ buf_length -= (dummy - buf) + dummylen;
+ buf = dummy + dummylen;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+nsslowcert_GetCertTimes(NSSLOWCERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
+{
+ int rv;
+ NSSLOWCERTValidity validity;
+
+ rv = nsslowcert_GetValidityFields(c->validity.data, c->validity.len,
+ &validity.notBefore, &validity.notAfter);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ /* convert DER not-before time */
+ rv = DER_DecodeTimeChoice(notBefore, &validity.notBefore);
+ if (rv) {
+ return (SECFailure);
+ }
+
+ /* convert DER not-after time */
+ rv = DER_DecodeTimeChoice(notAfter, &validity.notAfter);
+ if (rv) {
+ return (SECFailure);
+ }
+
+ return (SECSuccess);
+}
+
+/*
+ * is certa newer than certb? If one is expired, pick the other one.
+ */
+PRBool
+nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb)
+{
+ PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
+ SECStatus rv;
+ PRBool newerbefore, newerafter;
+
+ rv = nsslowcert_GetCertTimes(certa, &notBeforeA, &notAfterA);
+ if (rv != SECSuccess) {
+ return (PR_FALSE);
+ }
+
+ rv = nsslowcert_GetCertTimes(certb, &notBeforeB, &notAfterB);
+ if (rv != SECSuccess) {
+ return (PR_TRUE);
+ }
+
+ newerbefore = PR_FALSE;
+ if (LL_CMP(notBeforeA, >, notBeforeB)) {
+ newerbefore = PR_TRUE;
+ }
+
+ newerafter = PR_FALSE;
+ if (LL_CMP(notAfterA, >, notAfterB)) {
+ newerafter = PR_TRUE;
+ }
+
+ if (newerbefore && newerafter) {
+ return (PR_TRUE);
+ }
+
+ if ((!newerbefore) && (!newerafter)) {
+ return (PR_FALSE);
+ }
+
+ /* get current time */
+ now = PR_Now();
+
+ if (newerbefore) {
+ /* cert A was issued after cert B, but expires sooner */
+ /* if A is expired, then pick B */
+ if (LL_CMP(notAfterA, <, now)) {
+ return (PR_FALSE);
+ }
+ return (PR_TRUE);
+ } else {
+ /* cert B was issued after cert A, but expires sooner */
+ /* if B is expired, then pick A */
+ if (LL_CMP(notAfterB, <, now)) {
+ return (PR_TRUE);
+ }
+ return (PR_FALSE);
+ }
+}
+
+#define SOFT_DEFAULT_CHUNKSIZE 2048
+
+static SECStatus
+nsslowcert_KeyFromIssuerAndSN(PLArenaPool *arena,
+ SECItem *issuer, SECItem *sn, SECItem *key)
+{
+ unsigned int len = sn->len + issuer->len;
+
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ if (len > NSS_MAX_LEGACY_DB_KEY_SIZE) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto loser;
+ }
+ key->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ if (!key->data) {
+ goto loser;
+ }
+
+ key->len = len;
+ /* copy the serialNumber */
+ PORT_Memcpy(key->data, sn->data, sn->len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+nsslowcert_KeyFromIssuerAndSNStatic(unsigned char *space,
+ int spaceLen, SECItem *issuer, SECItem *sn, SECItem *key)
+{
+ unsigned int len = sn->len + issuer->len;
+
+ key->data = pkcs11_allocStaticData(len, space, spaceLen);
+ if (!key->data) {
+ goto loser;
+ }
+
+ key->len = len;
+ /* copy the serialNumber */
+ PORT_Memcpy(key->data, sn->data, sn->len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+static char *
+nsslowcert_EmailName(SECItem *derDN, char *space, unsigned int len)
+{
+ unsigned char *buf;
+ unsigned int buf_length;
+
+ /* unwrap outer sequence */
+ buf = nsslowcert_dataStart(derDN->data, derDN->len, &buf_length, PR_FALSE, NULL);
+ if (buf == NULL)
+ return NULL;
+
+ /* Walk each RDN */
+ while (buf_length > 0) {
+ unsigned char *rdn;
+ unsigned int rdn_length;
+
+ /* grab next rdn */
+ rdn = nsslowcert_dataStart(buf, buf_length, &rdn_length, PR_FALSE, NULL);
+ if (rdn == NULL) {
+ return NULL;
+ }
+ buf_length -= (rdn - buf) + rdn_length;
+ buf = rdn + rdn_length;
+
+ while (rdn_length > 0) {
+ unsigned char *ava;
+ unsigned int ava_length;
+ unsigned char *oid;
+ unsigned int oid_length;
+ unsigned char *name;
+ unsigned int name_length;
+ SECItem oidItem;
+ SECOidTag type;
+
+ /* unwrap the ava */
+ ava = nsslowcert_dataStart(rdn, rdn_length, &ava_length, PR_FALSE,
+ NULL);
+ if (ava == NULL)
+ return NULL;
+ rdn_length -= (ava - rdn) + ava_length;
+ rdn = ava + ava_length;
+
+ oid = nsslowcert_dataStart(ava, ava_length, &oid_length, PR_FALSE,
+ NULL);
+ if (oid == NULL) {
+ return NULL;
+ }
+ ava_length -= (oid - ava) + oid_length;
+ ava = oid + oid_length;
+
+ name = nsslowcert_dataStart(ava, ava_length, &name_length, PR_FALSE,
+ NULL);
+ if (name == NULL) {
+ return NULL;
+ }
+ ava_length -= (name - ava) + name_length;
+ ava = name + name_length;
+
+ oidItem.data = oid;
+ oidItem.len = oid_length;
+ type = SECOID_FindOIDTag(&oidItem);
+ if ((type == SEC_OID_PKCS9_EMAIL_ADDRESS) ||
+ (type == SEC_OID_RFC1274_MAIL)) {
+ /* Email is supposed to be IA5String, so no
+ * translation necessary */
+ char *emailAddr;
+ emailAddr = (char *)pkcs11_copyStaticData(name, name_length + 1,
+ (unsigned char *)space, len);
+ if (emailAddr) {
+ emailAddr[name_length] = 0;
+ }
+ return emailAddr;
+ }
+ }
+ }
+ return NULL;
+}
+
+static char *
+nsslowcert_EmailAltName(NSSLOWCERTCertificate *cert, char *space,
+ unsigned int len)
+{
+ unsigned char *exts;
+ unsigned int exts_length;
+
+ /* unwrap the sequence */
+ exts = nsslowcert_dataStart(cert->extensions.data, cert->extensions.len,
+ &exts_length, PR_FALSE, NULL);
+ /* loop through extension */
+ while (exts && exts_length > 0) {
+ unsigned char *ext;
+ unsigned int ext_length;
+ unsigned char *oid;
+ unsigned int oid_length;
+ unsigned char *nameList;
+ unsigned int nameList_length;
+ SECItem oidItem;
+ SECOidTag type;
+
+ ext = nsslowcert_dataStart(exts, exts_length, &ext_length,
+ PR_FALSE, NULL);
+ if (ext == NULL) {
+ break;
+ }
+ exts_length -= (ext - exts) + ext_length;
+ exts = ext + ext_length;
+
+ oid = nsslowcert_dataStart(ext, ext_length, &oid_length, PR_FALSE, NULL);
+ if (oid == NULL) {
+ break;
+ }
+ ext_length -= (oid - ext) + oid_length;
+ ext = oid + oid_length;
+ oidItem.data = oid;
+ oidItem.len = oid_length;
+ type = SECOID_FindOIDTag(&oidItem);
+
+ /* get Alt Extension */
+ if (type != SEC_OID_X509_SUBJECT_ALT_NAME) {
+ continue;
+ }
+
+ /* skip passed the critical flag */
+ if (ext[0] == 0x01) { /* BOOLEAN */
+ unsigned char *dummy;
+ unsigned int dummy_length;
+ dummy = nsslowcert_dataStart(ext, ext_length, &dummy_length,
+ PR_FALSE, NULL);
+ if (dummy == NULL) {
+ break;
+ }
+ ext_length -= (dummy - ext) + dummy_length;
+ ext = dummy + dummy_length;
+ }
+
+ /* unwrap the name list */
+ nameList = nsslowcert_dataStart(ext, ext_length, &nameList_length,
+ PR_FALSE, NULL);
+ if (nameList == NULL) {
+ break;
+ }
+ ext_length -= (nameList - ext) + nameList_length;
+ ext = nameList + nameList_length;
+ nameList = nsslowcert_dataStart(nameList, nameList_length,
+ &nameList_length, PR_FALSE, NULL);
+ /* loop through the name list */
+ while (nameList && nameList_length > 0) {
+ unsigned char *thisName;
+ unsigned int thisName_length;
+
+ thisName = nsslowcert_dataStart(nameList, nameList_length,
+ &thisName_length, PR_FALSE, NULL);
+ if (thisName == NULL) {
+ break;
+ }
+ if (nameList[0] == 0xa2) { /* DNS Name */
+ SECItem dn;
+ char *emailAddr;
+
+ dn.data = thisName;
+ dn.len = thisName_length;
+ emailAddr = nsslowcert_EmailName(&dn, space, len);
+ if (emailAddr) {
+ return emailAddr;
+ }
+ }
+ if (nameList[0] == 0x81) { /* RFC 822name */
+ char *emailAddr;
+ emailAddr = (char *)pkcs11_copyStaticData(thisName,
+ thisName_length + 1, (unsigned char *)space, len);
+ if (emailAddr) {
+ emailAddr[thisName_length] = 0;
+ }
+ return emailAddr;
+ }
+ nameList_length -= (thisName - nameList) + thisName_length;
+ nameList = thisName + thisName_length;
+ }
+ break;
+ }
+ return NULL;
+}
+
+static char *
+nsslowcert_GetCertificateEmailAddress(NSSLOWCERTCertificate *cert)
+{
+ char *emailAddr = NULL;
+ char *str;
+
+ emailAddr = nsslowcert_EmailName(&cert->derSubject, cert->emailAddrSpace,
+ sizeof(cert->emailAddrSpace));
+ /* couldn't find the email address in the DN, check the subject Alt name */
+ if (!emailAddr && cert->extensions.data) {
+ emailAddr = nsslowcert_EmailAltName(cert, cert->emailAddrSpace,
+ sizeof(cert->emailAddrSpace));
+ }
+
+ /* make it lower case */
+ str = emailAddr;
+ while (str && *str) {
+ *str = tolower(*str);
+ str++;
+ }
+ return emailAddr;
+}
+
+/*
+ * take a DER certificate and decode it into a certificate structure
+ */
+NSSLOWCERTCertificate *
+nsslowcert_DecodeDERCertificate(SECItem *derSignedCert, char *nickname)
+{
+ NSSLOWCERTCertificate *cert;
+ int rv;
+
+ /* allocate the certificate structure */
+ cert = nsslowcert_CreateCert();
+
+ if (!cert) {
+ goto loser;
+ }
+
+ /* point to passed in DER data */
+ cert->derCert = *derSignedCert;
+ cert->nickname = NULL;
+ cert->certKey.data = NULL;
+ cert->referenceCount = 1;
+
+ /* decode the certificate info */
+ rv = nsslowcert_GetCertFields(cert->derCert.data, cert->derCert.len,
+ &cert->derIssuer, &cert->serialNumber, &cert->derSN, &cert->derSubject,
+ &cert->validity, &cert->derSubjKeyInfo, &cert->extensions);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* cert->subjectKeyID; x509v3 subject key identifier */
+ cert->subjectKeyID.data = NULL;
+ cert->subjectKeyID.len = 0;
+ cert->dbEntry = NULL;
+ cert->trust = NULL;
+ cert->dbhandle = NULL;
+
+ /* generate and save the database key for the cert */
+ rv = nsslowcert_KeyFromIssuerAndSNStatic(cert->certKeySpace,
+ sizeof(cert->certKeySpace), &cert->derIssuer,
+ &cert->serialNumber, &cert->certKey);
+ if (rv) {
+ goto loser;
+ }
+
+ /* set the nickname */
+ if (nickname == NULL) {
+ cert->nickname = NULL;
+ } else {
+ /* copy and install the nickname */
+ cert->nickname = pkcs11_copyNickname(nickname, cert->nicknameSpace,
+ sizeof(cert->nicknameSpace));
+ }
+
+#ifdef FIXME
+ /* initialize the subjectKeyID */
+ rv = cert_GetKeyID(cert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+#endif
+
+ /* set the email address */
+ cert->emailAddr = nsslowcert_GetCertificateEmailAddress(cert);
+
+ cert->referenceCount = 1;
+
+ return (cert);
+
+loser:
+ if (cert) {
+ nsslowcert_DestroyCertificate(cert);
+ }
+
+ return (0);
+}
+
+char *
+nsslowcert_FixupEmailAddr(char *emailAddr)
+{
+ char *retaddr;
+ char *str;
+
+ if (emailAddr == NULL) {
+ return (NULL);
+ }
+
+ /* copy the string */
+ str = retaddr = PORT_Strdup(emailAddr);
+ if (str == NULL) {
+ return (NULL);
+ }
+
+ /* make it lower case */
+ while (*str) {
+ *str = tolower(*str);
+ str++;
+ }
+
+ return (retaddr);
+}
+
+/*
+ * Generate a database key, based on serial number and issuer, from a
+ * DER certificate.
+ */
+SECStatus
+nsslowcert_KeyFromDERCert(PLArenaPool *arena, SECItem *derCert, SECItem *key)
+{
+ int rv;
+ NSSLOWCERTCertKey certkey;
+
+ PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));
+
+ rv = nsslowcert_GetCertFields(derCert->data, derCert->len,
+ &certkey.derIssuer, &certkey.serialNumber, NULL, NULL,
+ NULL, NULL, NULL);
+
+ if (rv) {
+ goto loser;
+ }
+
+ return (nsslowcert_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
+ &certkey.serialNumber, key));
+loser:
+ return (SECFailure);
+}
+
+NSSLOWKEYPublicKey *
+nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert)
+{
+ NSSLOWCERTSubjectPublicKeyInfo spki;
+ NSSLOWKEYPublicKey *pubk;
+ SECItem os;
+ SECStatus rv;
+ PLArenaPool *arena;
+ SECOidTag tag;
+ SECItem newDerSubjKeyInfo;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ return NULL;
+
+ pubk = (NSSLOWKEYPublicKey *)
+ PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey));
+ if (pubk == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ pubk->arena = arena;
+ PORT_Memset(&spki, 0, sizeof(spki));
+
+ /* copy the DER into the arena, since Quick DER returns data that points
+ into the DER input, which may get freed by the caller */
+ rv = SECITEM_CopyItem(arena, &newDerSubjKeyInfo, &cert->derSubjKeyInfo);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ /* we haven't bothered decoding the spki struct yet, do it now */
+ rv = SEC_QuickDERDecodeItem(arena, &spki,
+ nsslowcert_SubjectPublicKeyInfoTemplate, &newDerSubjKeyInfo);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ /* Convert bit string length from bits to bytes */
+ os = spki.subjectPublicKey;
+ DER_ConvertBitString(&os);
+
+ tag = SECOID_GetAlgorithmTag(&spki.algorithm);
+ switch (tag) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ pubk->keyType = NSSLOWKEYRSAKey;
+ prepare_low_rsa_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(arena, pubk,
+ nsslowcert_RSAPublicKeyTemplate, &os);
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ pubk->keyType = NSSLOWKEYDSAKey;
+ prepare_low_dsa_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(arena, pubk,
+ nsslowcert_DSAPublicKeyTemplate, &os);
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ pubk->keyType = NSSLOWKEYDHKey;
+ prepare_low_dh_pub_key_for_asn1(pubk);
+ rv = SEC_QuickDERDecodeItem(arena, pubk,
+ nsslowcert_DHPublicKeyTemplate, &os);
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ pubk->keyType = NSSLOWKEYECKey;
+ /* Since PKCS#11 directly takes the DER encoding of EC params
+ * and public value, we don't need any decoding here.
+ */
+ rv = SECITEM_CopyItem(arena, &pubk->u.ec.ecParams.DEREncoding,
+ &spki.algorithm.parameters);
+ if (rv != SECSuccess)
+ break;
+
+ /* Fill out the rest of the ecParams structure
+ * based on the encoded params
+ */
+ if (LGEC_FillParams(arena, &pubk->u.ec.ecParams.DEREncoding,
+ &pubk->u.ec.ecParams) != SECSuccess)
+ break;
+
+ rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, &os);
+ if (rv == SECSuccess)
+ return pubk;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ rv = SECFailure;
+ break;
+ }
+
+ lg_nsslowkey_DestroyPublicKey(pubk);
+ return NULL;
+}
diff --git a/security/nss/lib/softoken/legacydb/lowkey.c b/security/nss/lib/softoken/legacydb/lowkey.c
new file mode 100644
index 000000000..7de4197a1
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lowkey.c
@@ -0,0 +1,395 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "lowkeyi.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "secder.h"
+#include "secasn1.h"
+#include "secerr.h"
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_BitStringTemplate)
+SEC_ASN1_MKSUB(SEC_ObjectIDTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+static const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSLOWKEYAttribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(NSSLOWKEYAttribute, attrValue),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+static const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate },
+};
+/* ASN1 Templates for new decoder/encoder */
+const SEC_ASN1Template lg_nsslowkey_PrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSLOWKEYPrivateKeyInfo, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSLOWKEYPrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSLOWKEYPrivateKeyInfo, privateKey) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
+ nsslowkey_SetOfAttributeTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template lg_nsslowkey_PQGParamsTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
+ { SEC_ASN1_INTEGER, offsetof(PQGParams, prime) },
+ { SEC_ASN1_INTEGER, offsetof(PQGParams, subPrime) },
+ { SEC_ASN1_INTEGER, offsetof(PQGParams, base) },
+ { 0 }
+};
+
+const SEC_ASN1Template lg_nsslowkey_RSAPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.version) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient) },
+ { 0 }
+};
+
+/*
+ * Allows u.rsa.modulus to be zero length for secret keys with an empty
+ * CKA_ID incorrectly generated in NSS 3.13.3 or earlier. Only used for
+ * decoding. See bug 715073.
+ */
+const SEC_ASN1Template lg_nsslowkey_RSAPrivateKeyTemplate2[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.version) },
+ { SEC_ASN1_ANY, offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient) },
+ { 0 }
+};
+
+const SEC_ASN1Template lg_nsslowkey_DSAPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.publicValue) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template lg_nsslowkey_DHPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.publicValue) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.privateValue) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.base) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.prime) },
+ { 0 }
+};
+
+#ifndef NSS_DISABLE_ECC
+
+/* NOTE: The SECG specification allows the private key structure
+ * to contain curve parameters but recommends that they be stored
+ * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo
+ * instead.
+ */
+const SEC_ASN1Template lg_nsslowkey_ECPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.ec.version) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSLOWKEYPrivateKey, u.ec.privateValue) },
+ /* We only support named curves for which the parameters are
+ * encoded as an object ID.
+ */
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(NSSLOWKEYPrivateKey, u.ec.ecParams.curveOID),
+ SEC_ASN1_SUB(SEC_ObjectIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(NSSLOWKEYPrivateKey, u.ec.publicValue),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+
+/*
+ * smaller version of EC_FillParams. In this code, we only need
+ * oid and DER data.
+ */
+SECStatus
+LGEC_FillParams(PLArenaPool *arena, const SECItem *encodedParams,
+ ECParams *params)
+{
+ SECOidTag tag;
+ SECItem oid = { siBuffer, NULL, 0 };
+
+#if EC_DEBUG
+ int i;
+
+ printf("Encoded params in EC_DecodeParams: ");
+ for (i = 0; i < encodedParams->len; i++) {
+ printf("%02x:", encodedParams->data[i]);
+ }
+ printf("\n");
+#endif
+
+ oid.len = encodedParams->len - 2;
+ oid.data = encodedParams->data + 2;
+ if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) ||
+ ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return SECFailure;
+ }
+
+ params->arena = arena;
+
+ /* For named curves, fill out curveOID */
+ params->curveOID.len = oid.len;
+ params->curveOID.data = (unsigned char *)PORT_ArenaAlloc(arena, oid.len);
+ if (params->curveOID.data == NULL) {
+ return SECFailure;
+ }
+ memcpy(params->curveOID.data, oid.data, oid.len);
+
+ return SECSuccess;
+}
+
+/* Copy all of the fields from srcParams into dstParams
+ */
+SECStatus
+LGEC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
+ const ECParams *srcParams)
+{
+ SECStatus rv = SECFailure;
+
+ dstParams->arena = arena;
+ rv = SECITEM_CopyItem(arena, &dstParams->DEREncoding,
+ &srcParams->DEREncoding);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, &dstParams->curveOID,
+ &srcParams->curveOID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+#endif /* NSS_DISABLE_ECC */
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+
+void
+lg_prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.rsa.modulus.type = siUnsignedInteger;
+ key->u.rsa.publicExponent.type = siUnsignedInteger;
+ key->u.rsa.privateExponent.type = siUnsignedInteger;
+ key->u.rsa.prime1.type = siUnsignedInteger;
+ key->u.rsa.prime2.type = siUnsignedInteger;
+ key->u.rsa.exponent1.type = siUnsignedInteger;
+ key->u.rsa.exponent2.type = siUnsignedInteger;
+ key->u.rsa.coefficient.type = siUnsignedInteger;
+}
+
+void
+lg_prepare_low_pqg_params_for_asn1(PQGParams *params)
+{
+ params->prime.type = siUnsignedInteger;
+ params->subPrime.type = siUnsignedInteger;
+ params->base.type = siUnsignedInteger;
+}
+
+void
+lg_prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.dsa.publicValue.type = siUnsignedInteger;
+ key->u.dsa.privateValue.type = siUnsignedInteger;
+ key->u.dsa.params.prime.type = siUnsignedInteger;
+ key->u.dsa.params.subPrime.type = siUnsignedInteger;
+ key->u.dsa.params.base.type = siUnsignedInteger;
+}
+
+void
+lg_prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.dh.prime.type = siUnsignedInteger;
+ key->u.dh.base.type = siUnsignedInteger;
+ key->u.dh.publicValue.type = siUnsignedInteger;
+ key->u.dh.privateValue.type = siUnsignedInteger;
+}
+
+#ifndef NSS_DISABLE_ECC
+void
+lg_prepare_low_ecparams_for_asn1(ECParams *params)
+{
+ params->DEREncoding.type = siUnsignedInteger;
+ params->curveOID.type = siUnsignedInteger;
+}
+
+void
+lg_prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.ec.version.type = siUnsignedInteger;
+ key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger;
+ key->u.ec.ecParams.curveOID.type = siUnsignedInteger;
+ key->u.ec.privateValue.type = siUnsignedInteger;
+ key->u.ec.publicValue.type = siUnsignedInteger;
+}
+#endif /* NSS_DISABLE_ECC */
+
+void
+lg_nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
+{
+ if (privk && privk->arena) {
+ PORT_FreeArena(privk->arena, PR_TRUE);
+ }
+}
+
+void
+lg_nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
+{
+ if (pubk && pubk->arena) {
+ PORT_FreeArena(pubk->arena, PR_FALSE);
+ }
+}
+
+NSSLOWKEYPublicKey *
+lg_nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
+{
+ NSSLOWKEYPublicKey *pubk;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ switch (privk->keyType) {
+ case NSSLOWKEYRSAKey:
+ case NSSLOWKEYNullKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ if (privk->keyType == NSSLOWKEYNullKey)
+ return pubk;
+ rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
+ &privk->u.rsa.modulus);
+ if (rv == SECSuccess) {
+ rv = SECITEM_CopyItem(arena, &pubk->u.rsa.publicExponent,
+ &privk->u.rsa.publicExponent);
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ break;
+ case NSSLOWKEYDSAKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
+ &privk->u.dsa.publicValue);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
+ &privk->u.dsa.params.prime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
+ &privk->u.dsa.params.subPrime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
+ &privk->u.dsa.params.base);
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ break;
+ case NSSLOWKEYDHKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
+ &privk->u.dh.publicValue);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
+ &privk->u.dh.prime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
+ &privk->u.dh.base);
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue,
+ &privk->u.ec.publicValue);
+ if (rv != SECSuccess)
+ break;
+ pubk->u.ec.ecParams.arena = arena;
+ /* Copy the rest of the params */
+ rv = LGEC_CopyParams(arena, &(pubk->u.ec.ecParams),
+ &(privk->u.ec.ecParams));
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ break;
+#endif /* NSS_DISABLE_ECC */
+ /* No Fortezza in Low Key implementations (Fortezza keys aren't
+ * stored in our data base */
+ default:
+ break;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
diff --git a/security/nss/lib/softoken/legacydb/lowkeyi.h b/security/nss/lib/softoken/legacydb/lowkeyi.h
new file mode 100644
index 000000000..5136b56a5
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lowkeyi.h
@@ -0,0 +1,151 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _LOWKEYI_H_
+#define _LOWKEYI_H_
+
+#include "prtypes.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "pcertt.h"
+#include "lowkeyti.h"
+#include "sdb.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+extern void lg_prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void lg_prepare_low_pqg_params_for_asn1(PQGParams *params);
+extern void lg_prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void lg_prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+#ifndef NSS_DISABLE_ECC
+extern void lg_prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void lg_prepare_low_ecparams_for_asn1(ECParams *params);
+#endif /* NSS_DISABLE_ECC */
+
+typedef char *(*NSSLOWKEYDBNameFunc)(void *arg, int dbVersion);
+
+/*
+** Open a key database.
+*/
+extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
+ const char *domain,
+ const char *prefix,
+ NSSLOWKEYDBNameFunc namecb,
+ void *cbarg);
+
+/*
+** Close the specified key database.
+*/
+extern void nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle);
+
+/*
+ * Get the version number of the database
+ */
+extern int nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle);
+
+/*
+** Delete a key from the database
+*/
+extern SECStatus nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle,
+ const SECItem *pubkey);
+
+/*
+** Store a key in the database, indexed by its public key modulus.
+** "pk" is the private key to store
+** "f" is the callback function for getting the password
+** "arg" is the argument for the callback
+*/
+extern SECStatus nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYPrivateKey *pk,
+ SECItem *pubKeyData,
+ char *nickname,
+ SDB *sdb);
+
+/* does the key for this cert exist in the database filed by modulus */
+extern PRBool nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle,
+ NSSLOWCERTCertificate *cert);
+/* does a key with this ID already exist? */
+extern PRBool nsslowkey_KeyForIDExists(NSSLOWKEYDBHandle *handle, SECItem *id);
+
+/*
+** Destroy a private key object.
+** "key" the object
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void lg_nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
+
+/*
+** Destroy a public key object.
+** "key" the object
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void lg_nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
+
+/*
+** Convert a low private key "privateKey" into a public low key
+*/
+extern NSSLOWKEYPublicKey
+ *
+ lg_nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
+
+SECStatus
+nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYPrivateKey *privkey,
+ SECItem *pubKeyData,
+ char *nickname,
+ SDB *sdb);
+
+/* Store key by modulus and specify an encryption algorithm to use.
+ * handle is the pointer to the key database,
+ * privkey is the private key to be stored,
+ * f and arg are the function and arguments to the callback
+ * to get a password,
+ * algorithm is the algorithm which the privKey is to be stored.
+ * A return of anything but SECSuccess indicates failure.
+ */
+extern SECStatus
+nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle,
+ NSSLOWKEYPrivateKey *privkey,
+ SECItem *pubKeyData,
+ char *nickname,
+ SDB *sdb,
+ PRBool update);
+
+/* Find key by modulus. This function is the inverse of store key
+ * by modulus. An attempt to locate the key with "modulus" is
+ * performed. If the key is found, the private key is returned,
+ * else NULL is returned.
+ * modulus is the modulus to locate
+ */
+extern NSSLOWKEYPrivateKey *
+nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
+ SDB *sdb);
+
+extern char *
+nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
+ SECItem *modulus, SDB *sdb);
+
+#ifndef NSS_DISABLE_ECC
+/*
+ * smaller version of EC_FillParams. In this code, we only need
+ * oid and DER data.
+ */
+SECStatus LGEC_FillParams(PLArenaPool *arena, const SECItem *encodedParams,
+ ECParams *params);
+
+/* Copy all of the fields from srcParams into dstParams */
+SECStatus LGEC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
+ const ECParams *srcParams);
+#endif
+SEC_END_PROTOS
+
+#endif /* _LOWKEYI_H_ */
diff --git a/security/nss/lib/softoken/legacydb/lowkeyti.h b/security/nss/lib/softoken/legacydb/lowkeyti.h
new file mode 100644
index 000000000..ef92689e0
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/lowkeyti.h
@@ -0,0 +1,132 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _LOWKEYTI_H_
+#define _LOWKEYTI_H_ 1
+
+#include "blapit.h"
+#include "prtypes.h"
+#include "plarena.h"
+#include "secitem.h"
+#include "secasn1t.h"
+#include "secoidt.h"
+
+/*
+ * a key in/for the data base
+ */
+struct NSSLOWKEYDBKeyStr {
+ PLArenaPool *arena;
+ int version;
+ char *nickname;
+ SECItem salt;
+ SECItem derPK;
+};
+typedef struct NSSLOWKEYDBKeyStr NSSLOWKEYDBKey;
+
+typedef struct NSSLOWKEYDBHandleStr NSSLOWKEYDBHandle;
+
+#ifdef NSS_USE_KEY4_DB
+#define NSSLOWKEY_DB_FILE_VERSION 4
+#else
+#define NSSLOWKEY_DB_FILE_VERSION 3
+#endif
+
+#define NSSLOWKEY_VERSION 0 /* what we *create* */
+
+/*
+** Typedef for callback to get a password "key".
+*/
+extern const SEC_ASN1Template lg_nsslowkey_PQGParamsTemplate[];
+extern const SEC_ASN1Template lg_nsslowkey_RSAPrivateKeyTemplate[];
+extern const SEC_ASN1Template lg_nsslowkey_RSAPrivateKeyTemplate2[];
+extern const SEC_ASN1Template lg_nsslowkey_DSAPrivateKeyTemplate[];
+extern const SEC_ASN1Template lg_nsslowkey_DHPrivateKeyTemplate[];
+extern const SEC_ASN1Template lg_nsslowkey_DHPrivateKeyExportTemplate[];
+#ifndef NSS_DISABLE_ECC
+#define NSSLOWKEY_EC_PRIVATE_KEY_VERSION 1 /* as per SECG 1 C.4 */
+extern const SEC_ASN1Template lg_nsslowkey_ECPrivateKeyTemplate[];
+#endif /* NSS_DISABLE_ECC */
+
+extern const SEC_ASN1Template lg_nsslowkey_PrivateKeyInfoTemplate[];
+extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
+
+/*
+ * PKCS #8 attributes
+ */
+struct NSSLOWKEYAttributeStr {
+ SECItem attrType;
+ SECItem *attrValue;
+};
+typedef struct NSSLOWKEYAttributeStr NSSLOWKEYAttribute;
+
+/*
+** A PKCS#8 private key info object
+*/
+struct NSSLOWKEYPrivateKeyInfoStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECAlgorithmID algorithm;
+ SECItem privateKey;
+ NSSLOWKEYAttribute **attributes;
+};
+typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
+#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */
+
+/*
+** A PKCS#8 private key info object
+*/
+struct NSSLOWKEYEncryptedPrivateKeyInfoStr {
+ PLArenaPool *arena;
+ SECAlgorithmID algorithm;
+ SECItem encryptedData;
+};
+typedef struct NSSLOWKEYEncryptedPrivateKeyInfoStr NSSLOWKEYEncryptedPrivateKeyInfo;
+
+typedef enum {
+ NSSLOWKEYNullKey = 0,
+ NSSLOWKEYRSAKey = 1,
+ NSSLOWKEYDSAKey = 2,
+ NSSLOWKEYDHKey = 4,
+ NSSLOWKEYECKey = 5
+} NSSLOWKEYType;
+
+/*
+** An RSA public key object.
+*/
+struct NSSLOWKEYPublicKeyStr {
+ PLArenaPool *arena;
+ NSSLOWKEYType keyType;
+ union {
+ RSAPublicKey rsa;
+ DSAPublicKey dsa;
+ DHPublicKey dh;
+ ECPublicKey ec;
+ } u;
+};
+typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
+
+/*
+** Low Level private key object
+** This is only used by the raw Crypto engines (crypto), keydb (keydb),
+** and PKCS #11. Everyone else uses the high level key structure.
+*/
+struct NSSLOWKEYPrivateKeyStr {
+ PLArenaPool *arena;
+ NSSLOWKEYType keyType;
+ union {
+ RSAPrivateKey rsa;
+ DSAPrivateKey dsa;
+ DHPrivateKey dh;
+ ECPrivateKey ec;
+ } u;
+};
+typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
+
+typedef struct NSSLOWKEYPasswordEntryStr NSSLOWKEYPasswordEntry;
+struct NSSLOWKEYPasswordEntryStr {
+ SECItem salt;
+ SECItem value;
+ unsigned char data[128];
+};
+
+#endif /* _LOWKEYTI_H_ */
diff --git a/security/nss/lib/softoken/legacydb/manifest.mn b/security/nss/lib/softoken/legacydb/manifest.mn
new file mode 100644
index 000000000..9cce849f6
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/manifest.mn
@@ -0,0 +1,32 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../../..
+
+MODULE = nss
+
+REQUIRES = dbm
+
+LIBRARY_NAME = nssdbm
+LIBRARY_VERSION = 3
+MAPFILE = $(OBJDIR)/nssdbm.def
+
+DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DLG_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
+
+CSRCS = \
+ dbmshim.c \
+ keydb.c \
+ lgattr.c \
+ lgcreate.c \
+ lgdestroy.c \
+ lgfind.c \
+ lgfips.c \
+ lginit.c \
+ lgutil.c \
+ lowcert.c \
+ lowkey.c \
+ pcertdb.c \
+ pk11db.c \
+ $(NULL)
+
diff --git a/security/nss/lib/softoken/legacydb/nssdbm.def b/security/nss/lib/softoken/legacydb/nssdbm.def
new file mode 100644
index 000000000..dd6d5fa47
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/nssdbm.def
@@ -0,0 +1,31 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+NSSDBM_3.12 { # NSS 3.12 release
+;+ global:
+LIBRARY nssdbm3 ;-
+EXPORTS ;-
+legacy_Open;
+legacy_Shutdown;
+legacy_ReadSecmodDB;
+legacy_ReleaseSecmodDBData;
+legacy_AddSecmodDB;
+legacy_DeleteSecmodDB;
+legacy_SetCryptFunctions;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/softoken/legacydb/nssdbm.rc b/security/nss/lib/softoken/legacydb/nssdbm.rc
new file mode 100644
index 000000000..cff86168e
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/nssdbm.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "../softkver.h"
+#include <winver.h>
+
+#define MY_LIBNAME "nssdbm"
+#define MY_FILEDESCRIPTION "Legacy Database Driver"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define SOFTOKEN_VMAJOR_STR STRINGIZE2(SOFTOKEN_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if SOFTOKEN_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME SOFTOKEN_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,SOFTOKEN_VBUILD
+ PRODUCTVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,SOFTOKEN_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", SOFTOKEN_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", SOFTOKEN_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/softoken/legacydb/pcert.h b/security/nss/lib/softoken/legacydb/pcert.h
new file mode 100644
index 000000000..d4be3f93d
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/pcert.h
@@ -0,0 +1,228 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _PCERTDB_H_
+#define _PCERTDB_H_
+
+#include "plarena.h"
+#include "prlong.h"
+#include "pcertt.h"
+
+#include "lowkeyti.h" /* for struct NSSLOWKEYPublicKeyStr */
+
+SEC_BEGIN_PROTOS
+
+/*
+ * initialize any global certificate locks
+ */
+SECStatus nsslowcert_InitLocks(void);
+
+/*
+** Add a DER encoded certificate to the permanent database.
+** "derCert" is the DER encoded certificate.
+** "nickname" is the nickname to use for the cert
+** "trust" is the trust parameters for the cert
+*/
+SECStatus nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *handle,
+ NSSLOWCERTCertificate *cert,
+ char *nickname, NSSLOWCERTCertTrust *trust);
+SECStatus nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname);
+
+SECStatus nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert);
+
+typedef SECStatus(PR_CALLBACK *PermCertCallback)(NSSLOWCERTCertificate *cert,
+ SECItem *k, void *pdata);
+/*
+** Traverse the entire permanent database, and pass the certs off to a
+** user supplied function.
+** "certfunc" is the user function to call for each certificate
+** "udata" is the user's data, which is passed through to "certfunc"
+*/
+SECStatus
+nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
+ PermCertCallback certfunc,
+ void *udata);
+
+PRBool
+nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle);
+
+certDBEntryRevocation *
+nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle,
+ SECItem *crlKey, PRBool isKRL);
+
+SECStatus
+nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle, const SECItem *derName,
+ PRBool isKRL);
+SECStatus
+nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
+ SECItem *derKey, char *url, PRBool isKRL);
+
+NSSLOWCERTCertDBHandle *nsslowcert_GetDefaultCertDB();
+NSSLOWKEYPublicKey *nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *);
+
+NSSLOWCERTCertificate *
+nsslowcert_NewTempCertificate(NSSLOWCERTCertDBHandle *handle, SECItem *derCert,
+ char *nickname, PRBool isperm, PRBool copyDER);
+NSSLOWCERTCertificate *
+nsslowcert_DupCertificate(NSSLOWCERTCertificate *cert);
+void nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert);
+void nsslowcert_DestroyTrust(NSSLOWCERTTrust *Trust);
+
+/*
+ * Lookup a certificate in the databases without locking
+ * "certKey" is the database key to look for
+ *
+ * XXX - this should be internal, but pkcs 11 needs to call it during a
+ * traversal.
+ */
+NSSLOWCERTCertificate *
+nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey);
+
+/*
+ * Lookup trust for a certificate in the databases without locking
+ * "certKey" is the database key to look for
+ *
+ * XXX - this should be internal, but pkcs 11 needs to call it during a
+ * traversal.
+ */
+NSSLOWCERTTrust *
+nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey);
+
+/*
+** Generate a certificate key from the issuer and serialnumber, then look it
+** up in the database. Return the cert if found.
+** "issuerAndSN" is the issuer and serial number to look for
+*/
+extern NSSLOWCERTCertificate *
+nsslowcert_FindCertByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
+
+/*
+** Generate a certificate key from the issuer and serialnumber, then look it
+** up in the database. Return the cert if found.
+** "issuerAndSN" is the issuer and serial number to look for
+*/
+extern NSSLOWCERTTrust *
+nsslowcert_FindTrustByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
+
+/*
+** Find a certificate in the database by a DER encoded certificate
+** "derCert" is the DER encoded certificate
+*/
+extern NSSLOWCERTCertificate *
+nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
+
+/* convert an email address to lower case */
+char *nsslowcert_FixupEmailAddr(char *emailAddr);
+
+/*
+** Decode a DER encoded certificate into an NSSLOWCERTCertificate structure
+** "derSignedCert" is the DER encoded signed certificate
+** "copyDER" is true if the DER should be copied, false if the
+** existing copy should be referenced
+** "nickname" is the nickname to use in the database. If it is NULL
+** then a temporary nickname is generated.
+*/
+extern NSSLOWCERTCertificate *
+nsslowcert_DecodeDERCertificate(SECItem *derSignedCert, char *nickname);
+
+SECStatus
+nsslowcert_KeyFromDERCert(PLArenaPool *arena, SECItem *derCert, SECItem *key);
+
+certDBEntrySMime *
+nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *certHandle,
+ char *emailAddr);
+void
+nsslowcert_DestroyDBEntry(certDBEntry *entry);
+
+SECStatus
+nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
+ const char *domain, const char *prefix,
+ NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
+
+void
+nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle);
+
+/*
+ * is certa newer than certb? If one is expired, pick the other one.
+ */
+PRBool
+nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb);
+
+SECStatus
+nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
+ certDBEntryType type,
+ SECStatus (*callback)(SECItem *data, SECItem *key,
+ certDBEntryType type, void *pdata),
+ void *udata);
+SECStatus
+nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
+ SECItem *derSubject,
+ NSSLOWCERTCertCallback cb, void *cbarg);
+int
+nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
+ SECItem *derSubject);
+SECStatus
+nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
+ char *nickname, NSSLOWCERTCertCallback cb, void *cbarg);
+
+int
+nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
+ char *nickname);
+SECStatus
+nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert,
+ NSSLOWCERTCertTrust *trust);
+
+SECStatus
+nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr,
+ SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime);
+
+/*
+ * Change the trust attributes of a certificate and make them permanent
+ * in the database.
+ */
+SECStatus
+nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle,
+ NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust);
+
+PRBool
+nsslowcert_needDBVerify(NSSLOWCERTCertDBHandle *handle);
+
+void
+nsslowcert_setDBVerify(NSSLOWCERTCertDBHandle *handle, PRBool value);
+
+PRBool
+nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust);
+
+void
+nsslowcert_DestroyFreeLists(void);
+
+void
+nsslowcert_DestroyGlobalLocks(void);
+
+void
+pkcs11_freeNickname(char *nickname, char *space);
+
+char *
+pkcs11_copyNickname(char *nickname, char *space, int spaceLen);
+
+void
+pkcs11_freeStaticData(unsigned char *data, unsigned char *space);
+
+unsigned char *
+pkcs11_allocStaticData(int datalen, unsigned char *space, int spaceLen);
+
+unsigned char *
+pkcs11_copyStaticData(unsigned char *data, int datalen, unsigned char *space,
+ int spaceLen);
+NSSLOWCERTCertificate *
+nsslowcert_CreateCert(void);
+
+certDBEntry *
+nsslowcert_DecodeAnyDBEntry(SECItem *dbData, const SECItem *dbKey,
+ certDBEntryType entryType, void *pdata);
+
+SEC_END_PROTOS
+
+#endif /* _PCERTDB_H_ */
diff --git a/security/nss/lib/softoken/legacydb/pcertdb.c b/security/nss/lib/softoken/legacydb/pcertdb.c
new file mode 100644
index 000000000..65da51687
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/pcertdb.c
@@ -0,0 +1,5333 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Permanent Certificate database handling code
+ */
+#include "lowkeyti.h"
+#include "pcert.h"
+#include "mcom_db.h"
+#include "pcert.h"
+#include "secitem.h"
+#include "secder.h"
+
+#include "secerr.h"
+#include "lgdb.h"
+
+/* forward declaration */
+NSSLOWCERTCertificate *
+nsslowcert_FindCertByDERCertNoLocking(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
+static SECStatus
+nsslowcert_UpdateSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle,
+ char *emailAddr, SECItem *derSubject, SECItem *emailProfile,
+ SECItem *profileTime);
+static SECStatus
+nsslowcert_UpdatePermCert(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust);
+static SECStatus
+nsslowcert_UpdateCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
+ SECItem *crlKey, char *url, PRBool isKRL);
+
+static NSSLOWCERTCertificate *certListHead = NULL;
+static NSSLOWCERTTrust *trustListHead = NULL;
+static certDBEntryCert *entryListHead = NULL;
+static int certListCount = 0;
+static int trustListCount = 0;
+static int entryListCount = 0;
+#define MAX_CERT_LIST_COUNT 10
+#define MAX_TRUST_LIST_COUNT 10
+#define MAX_ENTRY_LIST_COUNT 10
+
+/*
+ * the following functions are wrappers for the db library that implement
+ * a global lock to make the database thread safe.
+ */
+static PZLock *dbLock = NULL;
+static PZLock *certRefCountLock = NULL;
+static PZLock *certTrustLock = NULL;
+static PZLock *freeListLock = NULL;
+
+void
+certdb_InitDBLock(NSSLOWCERTCertDBHandle *handle)
+{
+ if (dbLock == NULL) {
+ dbLock = PZ_NewLock(nssILockCertDB);
+ PORT_Assert(dbLock != NULL);
+ }
+}
+
+SECStatus
+nsslowcert_InitLocks(void)
+{
+ if (freeListLock == NULL) {
+ freeListLock = PZ_NewLock(nssILockRefLock);
+ if (freeListLock == NULL) {
+ return SECFailure;
+ }
+ }
+ if (certRefCountLock == NULL) {
+ certRefCountLock = PZ_NewLock(nssILockRefLock);
+ if (certRefCountLock == NULL) {
+ return SECFailure;
+ }
+ }
+ if (certTrustLock == NULL) {
+ certTrustLock = PZ_NewLock(nssILockCertDB);
+ if (certTrustLock == NULL) {
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Acquire the global lock on the cert database.
+ * This lock is currently used for the following operations:
+ * adding or deleting a cert to either the temp or perm databases
+ * converting a temp to perm or perm to temp
+ * changing (maybe just adding!?) the trust of a cert
+ * chaning the DB status checking Configuration
+ */
+static void
+nsslowcert_LockDB(NSSLOWCERTCertDBHandle *handle)
+{
+ PZ_EnterMonitor(handle->dbMon);
+ return;
+}
+
+/*
+ * Free the global cert database lock.
+ */
+static void
+nsslowcert_UnlockDB(NSSLOWCERTCertDBHandle *handle)
+{
+#ifdef DEBUG
+ PRStatus prstat = PZ_ExitMonitor(handle->dbMon);
+ PORT_Assert(prstat == PR_SUCCESS);
+#else
+ PZ_ExitMonitor(handle->dbMon);
+#endif
+}
+
+/*
+ * Acquire the cert reference count lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+static void
+nsslowcert_LockCertRefCount(NSSLOWCERTCertificate *cert)
+{
+ PORT_Assert(certRefCountLock != NULL);
+
+ PZ_Lock(certRefCountLock);
+ return;
+}
+
+/*
+ * Free the cert reference count lock
+ */
+static void
+nsslowcert_UnlockCertRefCount(NSSLOWCERTCertificate *cert)
+{
+ PORT_Assert(certRefCountLock != NULL);
+
+#ifdef DEBUG
+ {
+ PRStatus prstat = PZ_Unlock(certRefCountLock);
+ PORT_Assert(prstat == PR_SUCCESS);
+ }
+#else
+ PZ_Unlock(certRefCountLock);
+#endif
+}
+
+/*
+ * Acquire the cert trust lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+static void
+nsslowcert_LockCertTrust(NSSLOWCERTCertificate *cert)
+{
+ PORT_Assert(certTrustLock != NULL);
+
+ PZ_Lock(certTrustLock);
+ return;
+}
+
+/*
+ * Free the cert trust lock
+ */
+static void
+nsslowcert_UnlockCertTrust(NSSLOWCERTCertificate *cert)
+{
+ PORT_Assert(certTrustLock != NULL);
+
+#ifdef DEBUG
+ {
+ PRStatus prstat = PZ_Unlock(certTrustLock);
+ PORT_Assert(prstat == PR_SUCCESS);
+ }
+#else
+ PZ_Unlock(certTrustLock);
+#endif
+}
+
+/*
+ * Acquire the cert reference count lock
+ * There is currently one global lock for all certs, but I'm putting a cert
+ * arg here so that it will be easy to make it per-cert in the future if
+ * that turns out to be necessary.
+ */
+static void
+nsslowcert_LockFreeList(void)
+{
+ PORT_Assert(freeListLock != NULL);
+
+ SKIP_AFTER_FORK(PZ_Lock(freeListLock));
+ return;
+}
+
+/*
+ * Free the cert reference count lock
+ */
+static void
+nsslowcert_UnlockFreeList(void)
+{
+ PORT_Assert(freeListLock != NULL);
+
+#ifdef DEBUG
+ {
+ PRStatus prstat = PR_SUCCESS;
+ SKIP_AFTER_FORK(prstat = PZ_Unlock(freeListLock));
+ PORT_Assert(prstat == PR_SUCCESS);
+ }
+#else
+ SKIP_AFTER_FORK(PZ_Unlock(freeListLock));
+#endif
+}
+
+NSSLOWCERTCertificate *
+nsslowcert_DupCertificate(NSSLOWCERTCertificate *c)
+{
+ if (c) {
+ nsslowcert_LockCertRefCount(c);
+ ++c->referenceCount;
+ nsslowcert_UnlockCertRefCount(c);
+ }
+ return c;
+}
+
+static int
+certdb_Get(DB *db, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret;
+
+ PORT_Assert(dbLock != NULL);
+ PZ_Lock(dbLock);
+
+ ret = (*db->get)(db, key, data, flags);
+
+ (void)PZ_Unlock(dbLock);
+
+ return (ret);
+}
+
+static int
+certdb_Put(DB *db, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret = 0;
+
+ PORT_Assert(dbLock != NULL);
+ PZ_Lock(dbLock);
+
+ ret = (*db->put)(db, key, data, flags);
+
+ (void)PZ_Unlock(dbLock);
+
+ return (ret);
+}
+
+static int
+certdb_Sync(DB *db, unsigned int flags)
+{
+ int ret;
+
+ PORT_Assert(dbLock != NULL);
+ PZ_Lock(dbLock);
+
+ ret = (*db->sync)(db, flags);
+
+ (void)PZ_Unlock(dbLock);
+
+ return (ret);
+}
+
+#define DB_NOT_FOUND -30991 /* from DBM 3.2 */
+static int
+certdb_Del(DB *db, DBT *key, unsigned int flags)
+{
+ int ret;
+
+ PORT_Assert(dbLock != NULL);
+ PZ_Lock(dbLock);
+
+ ret = (*db->del)(db, key, flags);
+
+ (void)PZ_Unlock(dbLock);
+
+ /* don't fail if the record is already deleted */
+ if (ret == DB_NOT_FOUND) {
+ ret = 0;
+ }
+
+ return (ret);
+}
+
+static int
+certdb_Seq(DB *db, DBT *key, DBT *data, unsigned int flags)
+{
+ int ret;
+
+ PORT_Assert(dbLock != NULL);
+ PZ_Lock(dbLock);
+
+ ret = (*db->seq)(db, key, data, flags);
+
+ (void)PZ_Unlock(dbLock);
+
+ return (ret);
+}
+
+static void
+certdb_Close(DB *db)
+{
+ PORT_Assert(dbLock != NULL);
+ SKIP_AFTER_FORK(PZ_Lock(dbLock));
+
+ (*db->close)(db);
+
+ SKIP_AFTER_FORK(PZ_Unlock(dbLock));
+
+ return;
+}
+
+void
+pkcs11_freeNickname(char *nickname, char *space)
+{
+ if (nickname && nickname != space) {
+ PORT_Free(nickname);
+ }
+}
+
+char *
+pkcs11_copyNickname(char *nickname, char *space, int spaceLen)
+{
+ int len;
+ char *copy = NULL;
+
+ len = PORT_Strlen(nickname) + 1;
+ if (len <= spaceLen) {
+ copy = space;
+ PORT_Memcpy(copy, nickname, len);
+ } else {
+ copy = PORT_Strdup(nickname);
+ }
+
+ return copy;
+}
+
+void
+pkcs11_freeStaticData(unsigned char *data, unsigned char *space)
+{
+ if (data && data != space) {
+ PORT_Free(data);
+ }
+}
+
+unsigned char *
+pkcs11_allocStaticData(int len, unsigned char *space, int spaceLen)
+{
+ unsigned char *data = NULL;
+
+ if (len <= spaceLen) {
+ data = space;
+ } else {
+ data = (unsigned char *)PORT_Alloc(len);
+ }
+
+ return data;
+}
+
+unsigned char *
+pkcs11_copyStaticData(unsigned char *data, int len,
+ unsigned char *space, int spaceLen)
+{
+ unsigned char *copy = pkcs11_allocStaticData(len, space, spaceLen);
+ if (copy) {
+ PORT_Memcpy(copy, data, len);
+ }
+
+ return copy;
+}
+
+/*
+ * destroy a database entry
+ */
+static void
+DestroyDBEntry(certDBEntry *entry)
+{
+ PLArenaPool *arena = entry->common.arena;
+
+ /* must be one of our certDBEntry from the free list */
+ if (arena == NULL) {
+ certDBEntryCert *certEntry;
+ if (entry->common.type != certDBEntryTypeCert) {
+ return;
+ }
+ certEntry = (certDBEntryCert *)entry;
+
+ pkcs11_freeStaticData(certEntry->derCert.data, certEntry->derCertSpace);
+ pkcs11_freeNickname(certEntry->nickname, certEntry->nicknameSpace);
+
+ nsslowcert_LockFreeList();
+ if (entryListCount > MAX_ENTRY_LIST_COUNT) {
+ PORT_Free(certEntry);
+ } else {
+ entryListCount++;
+ PORT_Memset(certEntry, 0, sizeof(*certEntry));
+ certEntry->next = entryListHead;
+ entryListHead = certEntry;
+ }
+ nsslowcert_UnlockFreeList();
+ return;
+ }
+
+ /* Zero out the entry struct, so that any further attempts to use it
+ * will cause an exception (e.g. null pointer reference). */
+ PORT_Memset(&entry->common, 0, sizeof entry->common);
+ PORT_FreeArena(arena, PR_FALSE);
+
+ return;
+}
+
+/* forward references */
+static void nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert);
+
+static SECStatus
+DeleteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryType type, SECItem *dbkey)
+{
+ DBT key;
+ int ret;
+
+ /* init the database key */
+ key.data = dbkey->data;
+ key.size = dbkey->len;
+
+ dbkey->data[0] = (unsigned char)type;
+
+ /* delete entry from database */
+ ret = certdb_Del(handle->permCertDB, &key, 0);
+ if (ret != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ ret = certdb_Sync(handle->permCertDB, 0);
+ if (ret) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+ReadDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
+ SECItem *dbkey, SECItem *dbentry, PLArenaPool *arena)
+{
+ DBT data, key;
+ int ret;
+ unsigned char *buf;
+
+ /* init the database key */
+ key.data = dbkey->data;
+ key.size = dbkey->len;
+
+ dbkey->data[0] = (unsigned char)entry->type;
+
+ /* read entry from database */
+ ret = certdb_Get(handle->permCertDB, &key, &data, 0);
+ if (ret != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ /* validate the entry */
+ if (data.size < SEC_DB_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+ buf = (unsigned char *)data.data;
+ /* version 7 has the same schema, we may be using a v7 db if we openned
+ * the databases readonly. */
+ if (!((buf[0] == (unsigned char)CERT_DB_FILE_VERSION) ||
+ (buf[0] == (unsigned char)CERT_DB_V7_FILE_VERSION))) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+ if (buf[1] != (unsigned char)entry->type) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ /* copy out header information */
+ entry->version = (unsigned int)buf[0];
+ entry->type = (certDBEntryType)buf[1];
+ entry->flags = (unsigned int)buf[2];
+
+ /* format body of entry for return to caller */
+ dbentry->len = data.size - SEC_DB_ENTRY_HEADER_LEN;
+ if (dbentry->len) {
+ if (arena) {
+ dbentry->data = (unsigned char *)
+ PORT_ArenaAlloc(arena, dbentry->len);
+ if (dbentry->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_Memcpy(dbentry->data, &buf[SEC_DB_ENTRY_HEADER_LEN],
+ dbentry->len);
+ } else {
+ dbentry->data = &buf[SEC_DB_ENTRY_HEADER_LEN];
+ }
+ } else {
+ dbentry->data = NULL;
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/**
+ ** Implement low level database access
+ **/
+static SECStatus
+WriteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
+ SECItem *dbkey, SECItem *dbentry)
+{
+ int ret;
+ DBT data, key;
+ unsigned char *buf;
+
+ data.data = dbentry->data;
+ data.size = dbentry->len;
+
+ buf = (unsigned char *)data.data;
+
+ buf[0] = (unsigned char)entry->version;
+ buf[1] = (unsigned char)entry->type;
+ buf[2] = (unsigned char)entry->flags;
+
+ key.data = dbkey->data;
+ key.size = dbkey->len;
+
+ dbkey->data[0] = (unsigned char)entry->type;
+
+ /* put the record into the database now */
+ ret = certdb_Put(handle->permCertDB, &key, &data, 0);
+
+ if (ret != 0) {
+ goto loser;
+ }
+
+ ret = certdb_Sync(handle->permCertDB, 0);
+
+ if (ret) {
+ goto loser;
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * encode a database cert record
+ */
+static SECStatus
+EncodeDBCertEntry(certDBEntryCert *entry, PLArenaPool *arena, SECItem *dbitem)
+{
+ unsigned int nnlen;
+ unsigned char *buf;
+ char *nn;
+ char zbuf = 0;
+
+ if (entry->nickname) {
+ nn = entry->nickname;
+ } else {
+ nn = &zbuf;
+ }
+ nnlen = PORT_Strlen(nn) + 1;
+
+ /* allocate space for encoded database record, including space
+ * for low level header
+ */
+ dbitem->len = entry->derCert.len + nnlen + DB_CERT_ENTRY_HEADER_LEN +
+ SEC_DB_ENTRY_HEADER_LEN;
+
+ dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
+ if (dbitem->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* fill in database record */
+ buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
+
+ buf[0] = (PRUint8)(entry->trust.sslFlags >> 8);
+ buf[1] = (PRUint8)(entry->trust.sslFlags);
+ buf[2] = (PRUint8)(entry->trust.emailFlags >> 8);
+ buf[3] = (PRUint8)(entry->trust.emailFlags);
+ buf[4] = (PRUint8)(entry->trust.objectSigningFlags >> 8);
+ buf[5] = (PRUint8)(entry->trust.objectSigningFlags);
+ buf[6] = (PRUint8)(entry->derCert.len >> 8);
+ buf[7] = (PRUint8)(entry->derCert.len);
+ buf[8] = (PRUint8)(nnlen >> 8);
+ buf[9] = (PRUint8)(nnlen);
+
+ PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN], entry->derCert.data,
+ entry->derCert.len);
+
+ PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN + entry->derCert.len],
+ nn, nnlen);
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * encode a database key for a cert record
+ */
+static SECStatus
+EncodeDBCertKey(const SECItem *certKey, PLArenaPool *arena, SECItem *dbkey)
+{
+ unsigned int len = certKey->len + SEC_DB_KEY_HEADER_LEN;
+ if (len > NSS_MAX_LEGACY_DB_KEY_SIZE)
+ goto loser;
+ if (arena) {
+ dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ } else {
+ if (dbkey->len < len) {
+ dbkey->data = (unsigned char *)PORT_Alloc(len);
+ }
+ }
+ dbkey->len = len;
+ if (dbkey->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
+ certKey->data, certKey->len);
+ dbkey->data[0] = certDBEntryTypeCert;
+
+ return (SECSuccess);
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+EncodeDBGenericKey(const SECItem *certKey, PLArenaPool *arena, SECItem *dbkey,
+ certDBEntryType entryType)
+{
+ /*
+ * we only allow _one_ KRL key!
+ */
+ if (entryType == certDBEntryTypeKeyRevocation) {
+ dbkey->len = SEC_DB_KEY_HEADER_LEN;
+ dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
+ if (dbkey->data == NULL) {
+ goto loser;
+ }
+ dbkey->data[0] = (unsigned char)entryType;
+ return (SECSuccess);
+ }
+
+ dbkey->len = certKey->len + SEC_DB_KEY_HEADER_LEN;
+ if (dbkey->len > NSS_MAX_LEGACY_DB_KEY_SIZE)
+ goto loser;
+ dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
+ if (dbkey->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
+ certKey->data, certKey->len);
+ dbkey->data[0] = (unsigned char)entryType;
+
+ return (SECSuccess);
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
+{
+ unsigned int nnlen;
+ unsigned int headerlen;
+ int lenoff;
+
+ /* allow updates of old versions of the database */
+ switch (entry->common.version) {
+ case 5:
+ headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
+ lenoff = 3;
+ break;
+ case 6:
+ /* should not get here */
+ PORT_Assert(0);
+ headerlen = DB_CERT_V6_ENTRY_HEADER_LEN;
+ lenoff = 3;
+ break;
+ case 7:
+ case 8:
+ headerlen = DB_CERT_ENTRY_HEADER_LEN;
+ lenoff = 6;
+ break;
+ default:
+ /* better not get here */
+ PORT_Assert(0);
+ headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
+ lenoff = 3;
+ break;
+ }
+
+ /* is record long enough for header? */
+ if (dbentry->len < headerlen) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ /* is database entry correct length? */
+ entry->derCert.len = ((dbentry->data[lenoff] << 8) |
+ dbentry->data[lenoff + 1]);
+ nnlen = ((dbentry->data[lenoff + 2] << 8) | dbentry->data[lenoff + 3]);
+ lenoff = dbentry->len - (entry->derCert.len + nnlen + headerlen);
+ if (lenoff) {
+ if (lenoff < 0 || (lenoff & 0xffff) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+ /* The cert size exceeded 64KB. Reconstruct the correct length. */
+ entry->derCert.len += lenoff;
+ }
+
+ /* copy the dercert */
+ entry->derCert.data = pkcs11_copyStaticData(&dbentry->data[headerlen],
+ entry->derCert.len, entry->derCertSpace, sizeof(entry->derCertSpace));
+ if (entry->derCert.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* copy the nickname */
+ if (nnlen > 1) {
+ entry->nickname = (char *)pkcs11_copyStaticData(
+ &dbentry->data[headerlen + entry->derCert.len], nnlen,
+ (unsigned char *)entry->nicknameSpace,
+ sizeof(entry->nicknameSpace));
+ if (entry->nickname == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ } else {
+ entry->nickname = NULL;
+ }
+
+ if (entry->common.version < 7) {
+ /* allow updates of v5 db */
+ entry->trust.sslFlags = dbentry->data[0];
+ entry->trust.emailFlags = dbentry->data[1];
+ entry->trust.objectSigningFlags = dbentry->data[2];
+ } else {
+ entry->trust.sslFlags = (dbentry->data[0] << 8) | dbentry->data[1];
+ entry->trust.emailFlags = (dbentry->data[2] << 8) | dbentry->data[3];
+ entry->trust.objectSigningFlags =
+ (dbentry->data[4] << 8) | dbentry->data[5];
+ }
+
+ return (SECSuccess);
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Create a new certDBEntryCert from existing data
+ */
+static certDBEntryCert *
+NewDBCertEntry(SECItem *derCert, char *nickname,
+ NSSLOWCERTCertTrust *trust, int flags)
+{
+ certDBEntryCert *entry;
+ PLArenaPool *arena = NULL;
+ int nnlen;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ goto loser;
+ }
+
+ entry = PORT_ArenaZNew(arena, certDBEntryCert);
+ if (entry == NULL) {
+ goto loser;
+ }
+
+ /* fill in the dbCert */
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeCert;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.flags = flags;
+
+ if (trust) {
+ entry->trust = *trust;
+ }
+
+ entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, derCert->len);
+ if (!entry->derCert.data) {
+ goto loser;
+ }
+ entry->derCert.len = derCert->len;
+ PORT_Memcpy(entry->derCert.data, derCert->data, derCert->len);
+
+ nnlen = (nickname ? strlen(nickname) + 1 : 0);
+
+ if (nnlen) {
+ entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
+ if (!entry->nickname) {
+ goto loser;
+ }
+ PORT_Memcpy(entry->nickname, nickname, nnlen);
+
+ } else {
+ entry->nickname = 0;
+ }
+
+ return (entry);
+
+loser:
+
+ /* allocation error, free arena and return */
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (0);
+}
+
+/*
+ * Decode a version 4 DBCert from the byte stream database format
+ * and construct a current database entry struct
+ */
+static certDBEntryCert *
+DecodeV4DBCertEntry(unsigned char *buf, int len)
+{
+ certDBEntryCert *entry;
+ int certlen;
+ int nnlen;
+ PLArenaPool *arena;
+
+ /* make sure length is at least long enough for the header */
+ if (len < DBCERT_V4_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (0);
+ }
+
+ /* get other lengths */
+ certlen = buf[3] << 8 | buf[4];
+ nnlen = buf[5] << 8 | buf[6];
+
+ /* make sure DB entry is the right size */
+ if ((certlen + nnlen + DBCERT_V4_HEADER_LEN) != len) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (0);
+ }
+
+ /* allocate arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (0);
+ }
+
+ /* allocate structure and members */
+ entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
+
+ if (!entry) {
+ goto loser;
+ }
+
+ entry->common.arena = arena;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.type = certDBEntryTypeCert;
+ entry->common.flags = 0;
+ entry->trust.sslFlags = buf[0];
+ entry->trust.emailFlags = buf[1];
+ entry->trust.objectSigningFlags = buf[2];
+
+ entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, certlen);
+ if (!entry->derCert.data) {
+ goto loser;
+ }
+ entry->derCert.len = certlen;
+ PORT_Memcpy(entry->derCert.data, &buf[DBCERT_V4_HEADER_LEN], certlen);
+
+ if (nnlen) {
+ entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
+ if (!entry->nickname) {
+ goto loser;
+ }
+ PORT_Memcpy(entry->nickname, &buf[DBCERT_V4_HEADER_LEN + certlen], nnlen);
+
+ if (PORT_Strcmp(entry->nickname, "Server-Cert") == 0) {
+ entry->trust.sslFlags |= CERTDB_USER;
+ }
+ } else {
+ entry->nickname = 0;
+ }
+
+ return (entry);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (0);
+}
+
+/*
+ * Encode a Certificate database entry into byte stream suitable for
+ * the database
+ */
+static SECStatus
+WriteDBCertEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
+{
+ SECItem dbitem, dbkey;
+ PLArenaPool *tmparena = NULL;
+ SECItem tmpitem;
+ SECStatus rv;
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBCertEntry(entry, tmparena, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* get the database key and format it */
+ rv = nsslowcert_KeyFromDERCert(tmparena, &entry->derCert, &tmpitem);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ rv = EncodeDBCertKey(&tmpitem, tmparena, &dbkey);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ /* now write it to the database */
+ rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+
+/*
+ * delete a certificate entry
+ */
+static SECStatus
+DeleteDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
+{
+ SECItem dbkey;
+ SECStatus rv;
+
+ dbkey.data = NULL;
+ dbkey.len = 0;
+
+ rv = EncodeDBCertKey(certKey, NULL, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = DeleteDBEntry(handle, certDBEntryTypeCert, &dbkey);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ PORT_Free(dbkey.data);
+
+ return (SECSuccess);
+
+loser:
+ if (dbkey.data) {
+ PORT_Free(dbkey.data);
+ }
+ return (SECFailure);
+}
+
+static certDBEntryCert *
+CreateCertEntry(void)
+{
+ certDBEntryCert *entry;
+
+ nsslowcert_LockFreeList();
+ entry = entryListHead;
+ if (entry) {
+ entryListCount--;
+ entryListHead = entry->next;
+ }
+ PORT_Assert(entryListCount >= 0);
+ nsslowcert_UnlockFreeList();
+ if (entry) {
+ return entry;
+ }
+
+ return PORT_ZNew(certDBEntryCert);
+}
+
+static void
+DestroyCertEntryFreeList(void)
+{
+ certDBEntryCert *entry;
+
+ nsslowcert_LockFreeList();
+ while (NULL != (entry = entryListHead)) {
+ entryListCount--;
+ entryListHead = entry->next;
+ PORT_Free(entry);
+ }
+ PORT_Assert(!entryListCount);
+ entryListCount = 0;
+ nsslowcert_UnlockFreeList();
+}
+
+/*
+ * Read a certificate entry
+ */
+static certDBEntryCert *
+ReadDBCertEntry(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey)
+{
+ certDBEntryCert *entry;
+ SECItem dbkey;
+ SECItem dbentry;
+ SECStatus rv;
+ unsigned char buf[512];
+
+ dbkey.data = buf;
+ dbkey.len = sizeof(buf);
+
+ entry = CreateCertEntry();
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = NULL;
+ entry->common.type = certDBEntryTypeCert;
+
+ rv = EncodeDBCertKey(certKey, NULL, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, NULL);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ rv = DecodeDBCertEntry(entry, &dbentry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ pkcs11_freeStaticData(dbkey.data, buf);
+ dbkey.data = NULL;
+ return (entry);
+
+loser:
+ pkcs11_freeStaticData(dbkey.data, buf);
+ dbkey.data = NULL;
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+
+ return (NULL);
+}
+
+/*
+ * encode a database cert record
+ */
+static SECStatus
+EncodeDBCrlEntry(certDBEntryRevocation *entry, PLArenaPool *arena, SECItem *dbitem)
+{
+ unsigned int nnlen = 0;
+ unsigned char *buf;
+
+ if (entry->url) {
+ nnlen = PORT_Strlen(entry->url) + 1;
+ }
+
+ /* allocate space for encoded database record, including space
+ * for low level header
+ */
+ dbitem->len = entry->derCrl.len + nnlen + SEC_DB_ENTRY_HEADER_LEN + DB_CRL_ENTRY_HEADER_LEN;
+
+ dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
+ if (dbitem->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* fill in database record */
+ buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
+
+ buf[0] = (PRUint8)(entry->derCrl.len >> 8);
+ buf[1] = (PRUint8)(entry->derCrl.len);
+ buf[2] = (PRUint8)(nnlen >> 8);
+ buf[3] = (PRUint8)(nnlen);
+
+ PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN], entry->derCrl.data,
+ entry->derCrl.len);
+
+ if (nnlen != 0) {
+ PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
+ entry->url, nnlen);
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
+{
+ unsigned int urlLen;
+ int lenDiff;
+
+ /* is record long enough for header? */
+ if (dbentry->len < DB_CRL_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ /* is database entry correct length? */
+ entry->derCrl.len = ((dbentry->data[0] << 8) | dbentry->data[1]);
+ urlLen = ((dbentry->data[2] << 8) | dbentry->data[3]);
+ lenDiff = dbentry->len -
+ (entry->derCrl.len + urlLen + DB_CRL_ENTRY_HEADER_LEN);
+ if (lenDiff) {
+ if (lenDiff < 0 || (lenDiff & 0xffff) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+ /* CRL entry is greater than 64 K. Hack to make this continue to work */
+ entry->derCrl.len += lenDiff;
+ }
+
+ /* copy the der CRL */
+ entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
+ entry->derCrl.len);
+ if (entry->derCrl.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->derCrl.data, &dbentry->data[DB_CRL_ENTRY_HEADER_LEN],
+ entry->derCrl.len);
+
+ /* copy the url */
+ entry->url = NULL;
+ if (urlLen != 0) {
+ entry->url = (char *)PORT_ArenaAlloc(entry->common.arena, urlLen);
+ if (entry->url == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->url,
+ &dbentry->data[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
+ urlLen);
+ }
+
+ return (SECSuccess);
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Create a new certDBEntryRevocation from existing data
+ */
+static certDBEntryRevocation *
+NewDBCrlEntry(SECItem *derCrl, char *url, certDBEntryType crlType, int flags)
+{
+ certDBEntryRevocation *entry;
+ PLArenaPool *arena = NULL;
+ int nnlen;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+
+ if (!arena) {
+ goto loser;
+ }
+
+ entry = PORT_ArenaZNew(arena, certDBEntryRevocation);
+ if (entry == NULL) {
+ goto loser;
+ }
+
+ /* fill in the dbRevolcation */
+ entry->common.arena = arena;
+ entry->common.type = crlType;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.flags = flags;
+
+ entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(arena, derCrl->len);
+ if (!entry->derCrl.data) {
+ goto loser;
+ }
+
+ if (url) {
+ nnlen = PORT_Strlen(url) + 1;
+ entry->url = (char *)PORT_ArenaAlloc(arena, nnlen);
+ if (!entry->url) {
+ goto loser;
+ }
+ PORT_Memcpy(entry->url, url, nnlen);
+ } else {
+ entry->url = NULL;
+ }
+
+ entry->derCrl.len = derCrl->len;
+ PORT_Memcpy(entry->derCrl.data, derCrl->data, derCrl->len);
+
+ return (entry);
+
+loser:
+
+ /* allocation error, free arena and return */
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return (0);
+}
+
+static SECStatus
+WriteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryRevocation *entry,
+ SECItem *crlKey)
+{
+ SECItem dbkey;
+ PLArenaPool *tmparena = NULL;
+ SECItem encodedEntry;
+ SECStatus rv;
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBCrlEntry(entry, tmparena, &encodedEntry);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ rv = EncodeDBGenericKey(crlKey, tmparena, &dbkey, entry->common.type);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ /* now write it to the database */
+ rv = WriteDBEntry(handle, &entry->common, &dbkey, &encodedEntry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+/*
+ * delete a crl entry
+ */
+static SECStatus
+DeleteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, const SECItem *crlKey,
+ certDBEntryType crlType)
+{
+ SECItem dbkey;
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBGenericKey(crlKey, arena, &dbkey, crlType);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = DeleteDBEntry(handle, crlType, &dbkey);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (SECFailure);
+}
+
+/*
+ * Read a certificate entry
+ */
+static certDBEntryRevocation *
+ReadDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey,
+ certDBEntryType crlType)
+{
+ PLArenaPool *arena = NULL;
+ PLArenaPool *tmparena = NULL;
+ certDBEntryRevocation *entry;
+ SECItem dbkey;
+ SECItem dbentry;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntryRevocation *)
+ PORT_ArenaAlloc(arena, sizeof(certDBEntryRevocation));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = arena;
+ entry->common.type = crlType;
+
+ rv = EncodeDBGenericKey(certKey, tmparena, &dbkey, crlType);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, NULL);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ rv = DecodeDBCrlEntry(entry, &dbentry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (entry);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+void
+nsslowcert_DestroyDBEntry(certDBEntry *entry)
+{
+ DestroyDBEntry(entry);
+ return;
+}
+
+/*
+ * Encode a database nickname record
+ */
+static SECStatus
+EncodeDBNicknameEntry(certDBEntryNickname *entry, PLArenaPool *arena,
+ SECItem *dbitem)
+{
+ unsigned char *buf;
+
+ /* allocate space for encoded database record, including space
+ * for low level header
+ */
+ dbitem->len = entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN +
+ SEC_DB_ENTRY_HEADER_LEN;
+ dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
+ if (dbitem->data == NULL) {
+ goto loser;
+ }
+
+ /* fill in database record */
+ buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
+ buf[0] = (PRUint8)(entry->subjectName.len >> 8);
+ buf[1] = (PRUint8)(entry->subjectName.len);
+ PORT_Memcpy(&buf[DB_NICKNAME_ENTRY_HEADER_LEN], entry->subjectName.data,
+ entry->subjectName.len);
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Encode a database key for a nickname record
+ */
+static SECStatus
+EncodeDBNicknameKey(char *nickname, PLArenaPool *arena,
+ SECItem *dbkey)
+{
+ unsigned int nnlen;
+
+ nnlen = PORT_Strlen(nickname) + 1; /* includes null */
+
+ /* now get the database key and format it */
+ dbkey->len = nnlen + SEC_DB_KEY_HEADER_LEN;
+ if (dbkey->len > NSS_MAX_LEGACY_DB_KEY_SIZE)
+ goto loser;
+ dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
+ if (dbkey->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], nickname, nnlen);
+ dbkey->data[0] = certDBEntryTypeNickname;
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+DecodeDBNicknameEntry(certDBEntryNickname *entry, SECItem *dbentry,
+ char *nickname)
+{
+ int lenDiff;
+
+ /* is record long enough for header? */
+ if (dbentry->len < DB_NICKNAME_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ /* is database entry correct length? */
+ entry->subjectName.len = ((dbentry->data[0] << 8) | dbentry->data[1]);
+ lenDiff = dbentry->len -
+ (entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN);
+ if (lenDiff) {
+ if (lenDiff < 0 || (lenDiff & 0xffff) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+ /* The entry size exceeded 64KB. Reconstruct the correct length. */
+ entry->subjectName.len += lenDiff;
+ }
+
+ /* copy the certkey */
+ entry->subjectName.data =
+ (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
+ entry->subjectName.len);
+ if (entry->subjectName.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->subjectName.data,
+ &dbentry->data[DB_NICKNAME_ENTRY_HEADER_LEN],
+ entry->subjectName.len);
+ entry->subjectName.type = siBuffer;
+
+ entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena,
+ PORT_Strlen(nickname) + 1);
+ if (entry->nickname) {
+ PORT_Strcpy(entry->nickname, nickname);
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * create a new nickname entry
+ */
+static certDBEntryNickname *
+NewDBNicknameEntry(char *nickname, SECItem *subjectName, unsigned int flags)
+{
+ PLArenaPool *arena = NULL;
+ certDBEntryNickname *entry;
+ int nnlen;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntryNickname));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* init common fields */
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeNickname;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.flags = flags;
+
+ /* copy the nickname */
+ nnlen = PORT_Strlen(nickname) + 1;
+
+ entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
+ if (entry->nickname == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(entry->nickname, nickname, nnlen);
+
+ rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return (entry);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * delete a nickname entry
+ */
+static SECStatus
+DeleteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ SECItem dbkey;
+
+ if (nickname == NULL) {
+ return (SECSuccess);
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBNicknameKey(nickname, arena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = DeleteDBEntry(handle, certDBEntryTypeNickname, &dbkey);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (SECFailure);
+}
+
+/*
+ * Read a nickname entry
+ */
+static certDBEntryNickname *
+ReadDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
+{
+ PLArenaPool *arena = NULL;
+ PLArenaPool *tmparena = NULL;
+ certDBEntryNickname *entry;
+ SECItem dbkey;
+ SECItem dbentry;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntryNickname));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeNickname;
+
+ rv = EncodeDBNicknameKey(nickname, tmparena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ /* is record long enough for header? */
+ if (dbentry.len < DB_NICKNAME_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ rv = DecodeDBNicknameEntry(entry, &dbentry, nickname);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (entry);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * Encode a nickname entry into byte stream suitable for
+ * the database
+ */
+static SECStatus
+WriteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryNickname *entry)
+{
+ SECItem dbitem, dbkey;
+ PLArenaPool *tmparena = NULL;
+ SECStatus rv;
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBNicknameEntry(entry, tmparena, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = EncodeDBNicknameKey(entry->nickname, tmparena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* now write it to the database */
+ rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+
+static SECStatus
+EncodeDBSMimeEntry(certDBEntrySMime *entry, PLArenaPool *arena,
+ SECItem *dbitem)
+{
+ unsigned char *buf;
+
+ /* allocate space for encoded database record, including space
+ * for low level header
+ */
+ dbitem->len = entry->subjectName.len + entry->smimeOptions.len +
+ entry->optionsDate.len +
+ DB_SMIME_ENTRY_HEADER_LEN + SEC_DB_ENTRY_HEADER_LEN;
+
+ dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
+ if (dbitem->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* fill in database record */
+ buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
+
+ buf[0] = (PRUint8)(entry->subjectName.len >> 8);
+ buf[1] = (PRUint8)(entry->subjectName.len);
+ buf[2] = (PRUint8)(entry->smimeOptions.len >> 8);
+ buf[3] = (PRUint8)(entry->smimeOptions.len);
+ buf[4] = (PRUint8)(entry->optionsDate.len >> 8);
+ buf[5] = (PRUint8)(entry->optionsDate.len);
+
+ /* if no smime options, then there should not be an options date either */
+ PORT_Assert(!((entry->smimeOptions.len == 0) &&
+ (entry->optionsDate.len != 0)));
+
+ PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN], entry->subjectName.data,
+ entry->subjectName.len);
+ if (entry->smimeOptions.len) {
+ PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN + entry->subjectName.len],
+ entry->smimeOptions.data,
+ entry->smimeOptions.len);
+ PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN + entry->subjectName.len +
+ entry->smimeOptions.len],
+ entry->optionsDate.data,
+ entry->optionsDate.len);
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Encode a database key for a SMIME record
+ */
+static SECStatus
+EncodeDBSMimeKey(char *emailAddr, PLArenaPool *arena,
+ SECItem *dbkey)
+{
+ unsigned int addrlen;
+
+ addrlen = PORT_Strlen(emailAddr) + 1; /* includes null */
+
+ /* now get the database key and format it */
+ dbkey->len = addrlen + SEC_DB_KEY_HEADER_LEN;
+ if (dbkey->len > NSS_MAX_LEGACY_DB_KEY_SIZE)
+ goto loser;
+ dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
+ if (dbkey->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], emailAddr, addrlen);
+ dbkey->data[0] = certDBEntryTypeSMimeProfile;
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Decode a database SMIME record
+ */
+static SECStatus
+DecodeDBSMimeEntry(certDBEntrySMime *entry, SECItem *dbentry, char *emailAddr)
+{
+ int lenDiff;
+
+ /* is record long enough for header? */
+ if (dbentry->len < DB_SMIME_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ /* is database entry correct length? */
+ entry->subjectName.len = ((dbentry->data[0] << 8) | dbentry->data[1]);
+ entry->smimeOptions.len = ((dbentry->data[2] << 8) | dbentry->data[3]);
+ entry->optionsDate.len = ((dbentry->data[4] << 8) | dbentry->data[5]);
+ lenDiff = dbentry->len - (entry->subjectName.len +
+ entry->smimeOptions.len +
+ entry->optionsDate.len +
+ DB_SMIME_ENTRY_HEADER_LEN);
+ if (lenDiff) {
+ if (lenDiff < 0 || (lenDiff & 0xffff) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+ /* The entry size exceeded 64KB. Reconstruct the correct length. */
+ entry->subjectName.len += lenDiff;
+ }
+
+ /* copy the subject name */
+ entry->subjectName.data =
+ (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
+ entry->subjectName.len);
+ if (entry->subjectName.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->subjectName.data,
+ &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN],
+ entry->subjectName.len);
+
+ /* copy the smime options */
+ if (entry->smimeOptions.len) {
+ entry->smimeOptions.data =
+ (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
+ entry->smimeOptions.len);
+ if (entry->smimeOptions.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->smimeOptions.data,
+ &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
+ entry->subjectName.len],
+ entry->smimeOptions.len);
+ }
+ if (entry->optionsDate.len) {
+ entry->optionsDate.data =
+ (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
+ entry->optionsDate.len);
+ if (entry->optionsDate.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->optionsDate.data,
+ &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
+ entry->subjectName.len +
+ entry->smimeOptions.len],
+ entry->optionsDate.len);
+ }
+
+ /* both options and options date must either exist or not exist */
+ if (((entry->optionsDate.len == 0) ||
+ (entry->smimeOptions.len == 0)) &&
+ entry->smimeOptions.len != entry->optionsDate.len) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ entry->emailAddr = (char *)PORT_ArenaAlloc(entry->common.arena,
+ PORT_Strlen(emailAddr) + 1);
+ if (entry->emailAddr) {
+ PORT_Strcpy(entry->emailAddr, emailAddr);
+ }
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * create a new SMIME entry
+ */
+static certDBEntrySMime *
+NewDBSMimeEntry(char *emailAddr, SECItem *subjectName, SECItem *smimeOptions,
+ SECItem *optionsDate, unsigned int flags)
+{
+ PLArenaPool *arena = NULL;
+ certDBEntrySMime *entry;
+ int addrlen;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntrySMime));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* init common fields */
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeSMimeProfile;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.flags = flags;
+
+ /* copy the email addr */
+ addrlen = PORT_Strlen(emailAddr) + 1;
+
+ entry->emailAddr = (char *)PORT_ArenaAlloc(arena, addrlen);
+ if (entry->emailAddr == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(entry->emailAddr, emailAddr, addrlen);
+
+ /* copy the subject name */
+ rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* copy the smime options */
+ if (smimeOptions) {
+ rv = SECITEM_CopyItem(arena, &entry->smimeOptions, smimeOptions);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ PORT_Assert(optionsDate == NULL);
+ entry->smimeOptions.data = NULL;
+ entry->smimeOptions.len = 0;
+ }
+
+ /* copy the options date */
+ if (optionsDate) {
+ rv = SECITEM_CopyItem(arena, &entry->optionsDate, optionsDate);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ PORT_Assert(smimeOptions == NULL);
+ entry->optionsDate.data = NULL;
+ entry->optionsDate.len = 0;
+ }
+
+ return (entry);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * delete a SMIME entry
+ */
+static SECStatus
+DeleteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
+{
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+ SECItem dbkey;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBSMimeKey(emailAddr, arena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = DeleteDBEntry(handle, certDBEntryTypeSMimeProfile, &dbkey);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (SECFailure);
+}
+
+/*
+ * Read a SMIME entry
+ */
+certDBEntrySMime *
+nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
+{
+ PLArenaPool *arena = NULL;
+ PLArenaPool *tmparena = NULL;
+ certDBEntrySMime *entry;
+ SECItem dbkey;
+ SECItem dbentry;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntrySMime));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeSMimeProfile;
+
+ rv = EncodeDBSMimeKey(emailAddr, tmparena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ /* is record long enough for header? */
+ if (dbentry.len < DB_SMIME_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ rv = DecodeDBSMimeEntry(entry, &dbentry, emailAddr);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (entry);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * Encode a SMIME entry into byte stream suitable for
+ * the database
+ */
+static SECStatus
+WriteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySMime *entry)
+{
+ SECItem dbitem, dbkey;
+ PLArenaPool *tmparena = NULL;
+ SECStatus rv;
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBSMimeEntry(entry, tmparena, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = EncodeDBSMimeKey(entry->emailAddr, tmparena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* now write it to the database */
+ rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+
+/*
+ * Encode a database subject record
+ */
+static SECStatus
+EncodeDBSubjectEntry(certDBEntrySubject *entry, PLArenaPool *arena,
+ SECItem *dbitem)
+{
+ unsigned char *buf;
+ int len;
+ unsigned int ncerts;
+ unsigned int i;
+ unsigned char *tmpbuf;
+ unsigned int nnlen = 0;
+ unsigned int eaddrslen = 0;
+ int keyidoff;
+ SECItem *certKeys = entry->certKeys;
+ SECItem *keyIDs = entry->keyIDs;
+ ;
+
+ if (entry->nickname) {
+ nnlen = PORT_Strlen(entry->nickname) + 1;
+ }
+ if (entry->emailAddrs) {
+ eaddrslen = 2;
+ for (i = 0; i < entry->nemailAddrs; i++) {
+ eaddrslen += PORT_Strlen(entry->emailAddrs[i]) + 1 + 2;
+ }
+ }
+
+ ncerts = entry->ncerts;
+
+ /* compute the length of the entry */
+ keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen;
+ len = keyidoff + (4 * ncerts) + eaddrslen;
+ for (i = 0; i < ncerts; i++) {
+ if (keyIDs[i].len > 0xffff ||
+ (certKeys[i].len > 0xffff)) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto loser;
+ }
+ len += certKeys[i].len;
+ len += keyIDs[i].len;
+ }
+
+ /* allocate space for encoded database record, including space
+ * for low level header
+ */
+ dbitem->len = len + SEC_DB_ENTRY_HEADER_LEN;
+
+ dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
+ if (dbitem->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* fill in database record */
+ buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
+
+ buf[0] = (PRUint8)(ncerts >> 8);
+ buf[1] = (PRUint8)(ncerts);
+ buf[2] = (PRUint8)(nnlen >> 8);
+ buf[3] = (PRUint8)(nnlen);
+ /* v7 email field is NULL in v8 */
+ buf[4] = 0;
+ buf[5] = 0;
+
+ PORT_Assert(DB_SUBJECT_ENTRY_HEADER_LEN == 6);
+
+ if (entry->nickname) {
+ PORT_Memcpy(&buf[DB_SUBJECT_ENTRY_HEADER_LEN], entry->nickname, nnlen);
+ }
+ tmpbuf = &buf[keyidoff];
+ for (i = 0; i < ncerts; i++) {
+ tmpbuf[0] = (PRUint8)(certKeys[i].len >> 8);
+ tmpbuf[1] = (PRUint8)(certKeys[i].len);
+ tmpbuf += 2;
+ }
+ for (i = 0; i < ncerts; i++) {
+ tmpbuf[0] = (PRUint8)(keyIDs[i].len >> 8);
+ tmpbuf[1] = (PRUint8)(keyIDs[i].len);
+ tmpbuf += 2;
+ }
+
+ for (i = 0; i < ncerts; i++) {
+ PORT_Memcpy(tmpbuf, certKeys[i].data, certKeys[i].len);
+ tmpbuf += certKeys[i].len;
+ }
+ for (i = 0; i < ncerts; i++) {
+ if (keyIDs[i].len) {
+ PORT_Memcpy(tmpbuf, keyIDs[i].data, keyIDs[i].len);
+ tmpbuf += keyIDs[i].len;
+ }
+ }
+
+ if (entry->emailAddrs) {
+ tmpbuf[0] = (PRUint8)(entry->nemailAddrs >> 8);
+ tmpbuf[1] = (PRUint8)(entry->nemailAddrs);
+ tmpbuf += 2;
+ for (i = 0; i < entry->nemailAddrs; i++) {
+ int nameLen = PORT_Strlen(entry->emailAddrs[i]) + 1;
+ tmpbuf[0] = (PRUint8)(nameLen >> 8);
+ tmpbuf[1] = (PRUint8)(nameLen);
+ tmpbuf += 2;
+ PORT_Memcpy(tmpbuf, entry->emailAddrs[i], nameLen);
+ tmpbuf += nameLen;
+ }
+ }
+
+ PORT_Assert(tmpbuf == &buf[len]);
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * Encode a database key for a subject record
+ */
+static SECStatus
+EncodeDBSubjectKey(SECItem *derSubject, PLArenaPool *arena,
+ SECItem *dbkey)
+{
+ dbkey->len = derSubject->len + SEC_DB_KEY_HEADER_LEN;
+ if (dbkey->len > NSS_MAX_LEGACY_DB_KEY_SIZE)
+ goto loser;
+ dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
+ if (dbkey->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], derSubject->data,
+ derSubject->len);
+ dbkey->data[0] = certDBEntryTypeSubject;
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+static SECStatus
+DecodeDBSubjectEntry(certDBEntrySubject *entry, SECItem *dbentry,
+ const SECItem *derSubject)
+{
+ PLArenaPool *arena = entry->common.arena;
+ unsigned char *tmpbuf;
+ unsigned char *end;
+ void *mark = PORT_ArenaMark(arena);
+ unsigned int eaddrlen;
+ unsigned int i;
+ unsigned int keyidoff;
+ unsigned int len;
+ unsigned int ncerts = 0;
+ unsigned int nnlen;
+ SECStatus rv;
+
+ rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* is record long enough for header? */
+ if (dbentry->len < DB_SUBJECT_ENTRY_HEADER_LEN) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ entry->ncerts = ncerts = ((dbentry->data[0] << 8) | dbentry->data[1]);
+ nnlen = ((dbentry->data[2] << 8) | dbentry->data[3]);
+ eaddrlen = ((dbentry->data[4] << 8) | dbentry->data[5]);
+ keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
+ len = keyidoff + (4 * ncerts);
+ if (dbentry->len < len) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ entry->certKeys = PORT_ArenaNewArray(arena, SECItem, ncerts);
+ entry->keyIDs = PORT_ArenaNewArray(arena, SECItem, ncerts);
+ if ((entry->certKeys == NULL) || (entry->keyIDs == NULL)) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ if (nnlen > 1) { /* null terminator is stored */
+ entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
+ if (entry->nickname == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->nickname,
+ &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN],
+ nnlen);
+ } else {
+ entry->nickname = NULL;
+ }
+
+ /* if we have an old style email entry, there is only one */
+ entry->nemailAddrs = 0;
+ if (eaddrlen > 1) { /* null terminator is stored */
+ entry->emailAddrs = PORT_ArenaNewArray(arena, char *, 2);
+ if (entry->emailAddrs == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->emailAddrs[0] = (char *)PORT_ArenaAlloc(arena, eaddrlen);
+ if (entry->emailAddrs[0] == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->emailAddrs[0],
+ &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN + nnlen],
+ eaddrlen);
+ entry->nemailAddrs = 1;
+ } else {
+ entry->emailAddrs = NULL;
+ }
+
+ /* collect the lengths of the certKeys and keyIDs, and total the
+ * overall length.
+ */
+ tmpbuf = &dbentry->data[keyidoff];
+ for (i = 0; i < ncerts; i++) {
+ unsigned int itemlen = (tmpbuf[0] << 8) | tmpbuf[1];
+ entry->certKeys[i].len = itemlen;
+ len += itemlen;
+ tmpbuf += 2;
+ }
+ for (i = 0; i < ncerts; i++) {
+ unsigned int itemlen = (tmpbuf[0] << 8) | tmpbuf[1];
+ entry->keyIDs[i].len = itemlen;
+ len += itemlen;
+ tmpbuf += 2;
+ }
+
+ /* is encoded entry large enough ? */
+ if (len > dbentry->len) {
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ goto loser;
+ }
+
+ for (i = 0; i < ncerts; i++) {
+ unsigned int kLen = entry->certKeys[i].len;
+ entry->certKeys[i].data = (unsigned char *)PORT_ArenaAlloc(arena, kLen);
+ if (entry->certKeys[i].data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->certKeys[i].data, tmpbuf, kLen);
+ tmpbuf += kLen;
+ }
+ for (i = 0; i < ncerts; i++) {
+ unsigned int iLen = entry->keyIDs[i].len;
+ entry->keyIDs[i].data = (unsigned char *)PORT_ArenaAlloc(arena, iLen);
+ if (entry->keyIDs[i].data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->keyIDs[i].data, tmpbuf, iLen);
+ tmpbuf += iLen;
+ }
+
+ end = dbentry->data + dbentry->len;
+ if ((eaddrlen == 0) && (end - tmpbuf > 1)) {
+ /* read in the additional email addresses */
+ entry->nemailAddrs = (((unsigned int)tmpbuf[0]) << 8) | tmpbuf[1];
+ tmpbuf += 2;
+ if (end - tmpbuf < 2 * (int)entry->nemailAddrs)
+ goto loser;
+ entry->emailAddrs = PORT_ArenaNewArray(arena, char *, entry->nemailAddrs);
+ if (entry->emailAddrs == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ for (i = 0; i < entry->nemailAddrs; i++) {
+ int nameLen;
+ if (end - tmpbuf < 2) {
+ goto loser;
+ }
+ nameLen = (((int)tmpbuf[0]) << 8) | tmpbuf[1];
+ tmpbuf += 2;
+ if (end - tmpbuf < nameLen) {
+ goto loser;
+ }
+ entry->emailAddrs[i] = PORT_ArenaAlloc(arena, nameLen);
+ if (entry->emailAddrs == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PORT_Memcpy(entry->emailAddrs[i], tmpbuf, nameLen);
+ tmpbuf += nameLen;
+ }
+ if (tmpbuf != end)
+ goto loser;
+ }
+ PORT_ArenaUnmark(arena, mark);
+ return (SECSuccess);
+
+loser:
+ PORT_ArenaRelease(arena, mark); /* discard above allocations */
+ return (SECFailure);
+}
+
+/*
+ * create a new subject entry with a single cert
+ */
+static certDBEntrySubject *
+NewDBSubjectEntry(SECItem *derSubject, SECItem *certKey,
+ SECItem *keyID, char *nickname, char *emailAddr,
+ unsigned int flags)
+{
+ PLArenaPool *arena = NULL;
+ certDBEntrySubject *entry;
+ SECStatus rv;
+ unsigned int nnlen;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntrySubject));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* init common fields */
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeSubject;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.flags = flags;
+
+ /* copy the subject */
+ rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ entry->ncerts = 1;
+ entry->nemailAddrs = 0;
+ /* copy nickname */
+ if (nickname && (*nickname != '\0')) {
+ nnlen = PORT_Strlen(nickname) + 1;
+ entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
+ if (entry->nickname == NULL) {
+ goto loser;
+ }
+
+ PORT_Memcpy(entry->nickname, nickname, nnlen);
+ } else {
+ entry->nickname = NULL;
+ }
+
+ /* copy email addr */
+ if (emailAddr && (*emailAddr != '\0')) {
+ emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
+ if (emailAddr == NULL) {
+ entry->emailAddrs = NULL;
+ goto loser;
+ }
+
+ entry->emailAddrs = (char **)PORT_ArenaAlloc(arena, sizeof(char *));
+ if (entry->emailAddrs == NULL) {
+ PORT_Free(emailAddr);
+ goto loser;
+ }
+ entry->emailAddrs[0] = PORT_ArenaStrdup(arena, emailAddr);
+ if (entry->emailAddrs[0]) {
+ entry->nemailAddrs = 1;
+ }
+
+ PORT_Free(emailAddr);
+ } else {
+ entry->emailAddrs = NULL;
+ }
+
+ /* allocate space for certKeys and keyIDs */
+ entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
+ entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
+ if ((entry->certKeys == NULL) || (entry->keyIDs == NULL)) {
+ goto loser;
+ }
+
+ /* copy the certKey and keyID */
+ rv = SECITEM_CopyItem(arena, &entry->certKeys[0], certKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = SECITEM_CopyItem(arena, &entry->keyIDs[0], keyID);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ return (entry);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * delete a subject entry
+ */
+static SECStatus
+DeleteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
+{
+ SECItem dbkey;
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBSubjectKey(derSubject, arena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = DeleteDBEntry(handle, certDBEntryTypeSubject, &dbkey);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (SECFailure);
+}
+
+/*
+ * Read the subject entry
+ */
+static certDBEntrySubject *
+ReadDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
+{
+ /* |arena| isn't function-bounded, so cannot be a PORTCheapArenaPool. */
+ PLArenaPool *arena = NULL;
+ PORTCheapArenaPool tmpArena;
+
+ certDBEntrySubject *entry;
+ SECItem dbkey;
+ SECItem dbentry;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+
+ entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntrySubject));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeSubject;
+
+ rv = EncodeDBSubjectKey(derSubject, &tmpArena.arena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, &tmpArena.arena);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ rv = DecodeDBSubjectEntry(entry, &dbentry, derSubject);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+
+ PORT_DestroyCheapArena(&tmpArena);
+ return (entry);
+
+loser:
+ PORT_DestroyCheapArena(&tmpArena);
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * Encode a subject name entry into byte stream suitable for
+ * the database
+ */
+static SECStatus
+WriteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySubject *entry)
+{
+ SECItem dbitem, dbkey;
+ PLArenaPool *tmparena = NULL;
+ SECStatus rv;
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBSubjectEntry(entry, tmparena, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = EncodeDBSubjectKey(&entry->derSubject, tmparena, &dbkey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* now write it to the database */
+ rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+
+typedef enum { nsslowcert_remove,
+ nsslowcert_add } nsslowcertUpdateType;
+
+static SECStatus
+nsslowcert_UpdateSubjectEmailAddr(NSSLOWCERTCertDBHandle *dbhandle,
+ SECItem *derSubject, char *emailAddr, nsslowcertUpdateType updateType)
+{
+ certDBEntrySubject *entry = NULL;
+ int index = -1, i;
+ SECStatus rv;
+
+ if (emailAddr) {
+ emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
+ if (emailAddr == NULL) {
+ return SECFailure;
+ }
+ } else {
+ return SECSuccess;
+ }
+
+ entry = ReadDBSubjectEntry(dbhandle, derSubject);
+ if (entry == NULL) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ for (i = 0; i < (int)(entry->nemailAddrs); i++) {
+ if (PORT_Strcmp(entry->emailAddrs[i], emailAddr) == 0) {
+ index = i;
+ }
+ }
+
+ if (updateType == nsslowcert_remove) {
+ if (index == -1) {
+ rv = SECSuccess;
+ goto done;
+ }
+ entry->nemailAddrs--;
+ for (i = index; i < (int)(entry->nemailAddrs); i++) {
+ entry->emailAddrs[i] = entry->emailAddrs[i + 1];
+ }
+ } else {
+ char **newAddrs = NULL;
+
+ if (index != -1) {
+ rv = SECSuccess;
+ goto done;
+ }
+ newAddrs = (char **)PORT_ArenaAlloc(entry->common.arena,
+ (entry->nemailAddrs + 1) * sizeof(char *));
+ if (!newAddrs) {
+ rv = SECFailure;
+ goto done;
+ }
+ for (i = 0; i < (int)(entry->nemailAddrs); i++) {
+ newAddrs[i] = entry->emailAddrs[i];
+ }
+ newAddrs[entry->nemailAddrs] =
+ PORT_ArenaStrdup(entry->common.arena, emailAddr);
+ if (!newAddrs[entry->nemailAddrs]) {
+ rv = SECFailure;
+ goto done;
+ }
+ entry->emailAddrs = newAddrs;
+ entry->nemailAddrs++;
+ }
+
+ /* delete the subject entry */
+ DeleteDBSubjectEntry(dbhandle, derSubject);
+
+ /* write the new one */
+ rv = WriteDBSubjectEntry(dbhandle, entry);
+
+done:
+ if (entry)
+ DestroyDBEntry((certDBEntry *)entry);
+ if (emailAddr)
+ PORT_Free(emailAddr);
+ return rv;
+}
+
+/*
+ * writes a nickname to an existing subject entry that does not currently
+ * have one
+ */
+static SECStatus
+AddNicknameToSubject(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname)
+{
+ certDBEntrySubject *entry;
+ SECStatus rv;
+
+ if (nickname == NULL) {
+ return (SECFailure);
+ }
+
+ entry = ReadDBSubjectEntry(dbhandle, &cert->derSubject);
+ PORT_Assert(entry != NULL);
+ if (entry == NULL) {
+ goto loser;
+ }
+
+ PORT_Assert(entry->nickname == NULL);
+ if (entry->nickname != NULL) {
+ goto loser;
+ }
+
+ entry->nickname = PORT_ArenaStrdup(entry->common.arena, nickname);
+
+ if (entry->nickname == NULL) {
+ goto loser;
+ }
+
+ /* delete the subject entry */
+ DeleteDBSubjectEntry(dbhandle, &cert->derSubject);
+
+ /* write the new one */
+ rv = WriteDBSubjectEntry(dbhandle, entry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ DestroyDBEntry((certDBEntry *)entry);
+ return (SECSuccess);
+
+loser:
+ DestroyDBEntry((certDBEntry *)entry);
+ return (SECFailure);
+}
+
+/*
+ * create a new version entry
+ */
+static certDBEntryVersion *
+NewDBVersionEntry(unsigned int flags)
+{
+ PLArenaPool *arena = NULL;
+ certDBEntryVersion *entry;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
+ sizeof(certDBEntryVersion));
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeVersion;
+ entry->common.version = CERT_DB_FILE_VERSION;
+ entry->common.flags = flags;
+
+ return (entry);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * Read the version entry
+ */
+static certDBEntryVersion *
+ReadDBVersionEntry(NSSLOWCERTCertDBHandle *handle)
+{
+ PLArenaPool *arena = NULL;
+ PLArenaPool *tmparena = NULL;
+ certDBEntryVersion *entry;
+ SECItem dbkey;
+ SECItem dbentry;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ entry = PORT_ArenaZNew(arena, certDBEntryVersion);
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ entry->common.arena = arena;
+ entry->common.type = certDBEntryTypeVersion;
+
+ /* now get the database key and format it */
+ dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
+ dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
+ if (dbkey.data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
+ SEC_DB_VERSION_KEY_LEN);
+
+ rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (entry);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (NULL);
+}
+
+/*
+ * Encode a version entry into byte stream suitable for
+ * the database
+ */
+static SECStatus
+WriteDBVersionEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryVersion *entry)
+{
+ SECItem dbitem, dbkey;
+ PLArenaPool *tmparena = NULL;
+ SECStatus rv;
+
+ tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (tmparena == NULL) {
+ goto loser;
+ }
+
+ /* allocate space for encoded database record, including space
+ * for low level header
+ */
+ dbitem.len = SEC_DB_ENTRY_HEADER_LEN;
+
+ dbitem.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbitem.len);
+ if (dbitem.data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ /* now get the database key and format it */
+ dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
+ dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
+ if (dbkey.data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
+ SEC_DB_VERSION_KEY_LEN);
+
+ /* now write it to the database */
+ rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_FreeArena(tmparena, PR_FALSE);
+ return (SECSuccess);
+
+loser:
+ if (tmparena) {
+ PORT_FreeArena(tmparena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+
+/*
+ * cert is no longer a perm cert, but will remain a temp cert
+ */
+static SECStatus
+RemovePermSubjectNode(NSSLOWCERTCertificate *cert)
+{
+ certDBEntrySubject *entry;
+ unsigned int i;
+ SECStatus rv;
+
+ entry = ReadDBSubjectEntry(cert->dbhandle, &cert->derSubject);
+ if (entry == NULL) {
+ return (SECFailure);
+ }
+
+ PORT_Assert(entry->ncerts);
+ rv = SECFailure;
+
+ if (entry->ncerts > 1) {
+ for (i = 0; i < entry->ncerts; i++) {
+ if (SECITEM_CompareItem(&entry->certKeys[i], &cert->certKey) ==
+ SECEqual) {
+ /* copy rest of list forward one entry */
+ for (i = i + 1; i < entry->ncerts; i++) {
+ entry->certKeys[i - 1] = entry->certKeys[i];
+ entry->keyIDs[i - 1] = entry->keyIDs[i];
+ }
+ entry->ncerts--;
+ DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
+ rv = WriteDBSubjectEntry(cert->dbhandle, entry);
+ break;
+ }
+ }
+ } else {
+ /* no entries left, delete the perm entry in the DB */
+ if (entry->emailAddrs) {
+ /* if the subject had an email record, then delete it too */
+ for (i = 0; i < entry->nemailAddrs; i++) {
+ DeleteDBSMimeEntry(cert->dbhandle, entry->emailAddrs[i]);
+ }
+ }
+ if (entry->nickname) {
+ DeleteDBNicknameEntry(cert->dbhandle, entry->nickname);
+ }
+
+ DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
+ }
+ DestroyDBEntry((certDBEntry *)entry);
+
+ return (rv);
+}
+
+/*
+ * add a cert to the perm subject list
+ */
+static SECStatus
+AddPermSubjectNode(certDBEntrySubject *entry, NSSLOWCERTCertificate *cert,
+ char *nickname)
+{
+ SECItem *newCertKeys, *newKeyIDs;
+ unsigned int i, new_i;
+ SECStatus rv;
+ unsigned int ncerts;
+
+ PORT_Assert(entry);
+ ncerts = entry->ncerts;
+
+ if (nickname && entry->nickname) {
+ /* nicknames must be the same */
+ PORT_Assert(PORT_Strcmp(nickname, entry->nickname) == 0);
+ }
+
+ if ((entry->nickname == NULL) && (nickname != NULL)) {
+ /* copy nickname into the entry */
+ entry->nickname = PORT_ArenaStrdup(entry->common.arena, nickname);
+ if (entry->nickname == NULL) {
+ return (SECFailure);
+ }
+ }
+
+ /* a DB entry already exists, so add this cert */
+ newCertKeys = PORT_ArenaZNewArray(entry->common.arena, SECItem, ncerts + 1);
+ newKeyIDs = PORT_ArenaZNewArray(entry->common.arena, SECItem, ncerts + 1);
+
+ if ((newCertKeys == NULL) || (newKeyIDs == NULL)) {
+ return (SECFailure);
+ }
+
+ /* Step 1: copy certs older than "cert" into new entry. */
+ for (i = 0, new_i = 0; i < ncerts; i++) {
+ NSSLOWCERTCertificate *cmpcert;
+ PRBool isNewer;
+ cmpcert = nsslowcert_FindCertByKey(cert->dbhandle,
+ &entry->certKeys[i]);
+ /* The entry has been corrupted, remove it from the list */
+ if (!cmpcert) {
+ continue;
+ }
+
+ isNewer = nsslowcert_IsNewer(cert, cmpcert);
+ nsslowcert_DestroyCertificate(cmpcert);
+ if (isNewer)
+ break;
+ /* copy this cert entry */
+ newCertKeys[new_i] = entry->certKeys[i];
+ newKeyIDs[new_i] = entry->keyIDs[i];
+ new_i++;
+ }
+
+ /* Step 2: Add "cert" to the entry. */
+ rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[new_i],
+ &cert->certKey);
+ if (rv != SECSuccess) {
+ return (SECFailure);
+ }
+ rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[new_i],
+ &cert->subjectKeyID);
+ if (rv != SECSuccess) {
+ return (SECFailure);
+ }
+ new_i++;
+
+ /* Step 3: copy remaining certs (if any) from old entry to new. */
+ for (; i < ncerts; i++, new_i++) {
+ newCertKeys[new_i] = entry->certKeys[i];
+ newKeyIDs[new_i] = entry->keyIDs[i];
+ }
+
+ /* update certKeys and keyIDs */
+ entry->certKeys = newCertKeys;
+ entry->keyIDs = newKeyIDs;
+
+ /* set new count value */
+ entry->ncerts = new_i;
+
+ DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
+ rv = WriteDBSubjectEntry(cert->dbhandle, entry);
+ return (rv);
+}
+
+SECStatus
+nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
+ SECItem *derSubject,
+ NSSLOWCERTCertCallback cb, void *cbarg)
+{
+ certDBEntrySubject *entry;
+ unsigned int i;
+ NSSLOWCERTCertificate *cert;
+ SECStatus rv = SECSuccess;
+
+ entry = ReadDBSubjectEntry(handle, derSubject);
+
+ if (entry == NULL) {
+ return (SECFailure);
+ }
+
+ for (i = 0; i < entry->ncerts; i++) {
+ cert = nsslowcert_FindCertByKey(handle, &entry->certKeys[i]);
+ if (!cert) {
+ continue;
+ }
+ rv = (*cb)(cert, cbarg);
+ nsslowcert_DestroyCertificate(cert);
+ if (rv == SECFailure) {
+ break;
+ }
+ }
+
+ DestroyDBEntry((certDBEntry *)entry);
+
+ return (rv);
+}
+
+int
+nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
+ SECItem *derSubject)
+{
+ certDBEntrySubject *entry;
+ int ret;
+
+ entry = ReadDBSubjectEntry(handle, derSubject);
+
+ if (entry == NULL) {
+ return (SECFailure);
+ }
+
+ ret = entry->ncerts;
+
+ DestroyDBEntry((certDBEntry *)entry);
+
+ return (ret);
+}
+
+SECStatus
+nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
+ char *nickname, NSSLOWCERTCertCallback cb, void *cbarg)
+{
+ certDBEntryNickname *nnentry = NULL;
+ certDBEntrySMime *smentry = NULL;
+ SECStatus rv;
+ SECItem *derSubject = NULL;
+
+ nnentry = ReadDBNicknameEntry(handle, nickname);
+ if (nnentry) {
+ derSubject = &nnentry->subjectName;
+ } else {
+ smentry = nsslowcert_ReadDBSMimeEntry(handle, nickname);
+ if (smentry) {
+ derSubject = &smentry->subjectName;
+ }
+ }
+
+ if (derSubject) {
+ rv = nsslowcert_TraversePermCertsForSubject(handle, derSubject,
+ cb, cbarg);
+ } else {
+ rv = SECFailure;
+ }
+
+ if (nnentry) {
+ DestroyDBEntry((certDBEntry *)nnentry);
+ }
+ if (smentry) {
+ DestroyDBEntry((certDBEntry *)smentry);
+ }
+
+ return (rv);
+}
+
+int
+nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
+ char *nickname)
+{
+ certDBEntryNickname *entry;
+ int ret;
+
+ entry = ReadDBNicknameEntry(handle, nickname);
+
+ if (entry) {
+ ret = nsslowcert_NumPermCertsForSubject(handle, &entry->subjectName);
+ DestroyDBEntry((certDBEntry *)entry);
+ } else {
+ ret = 0;
+ }
+ return (ret);
+}
+
+/*
+ * add a nickname to a cert that doesn't have one
+ */
+static SECStatus
+AddNicknameToPermCert(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname)
+{
+ certDBEntryCert *entry;
+ int rv;
+
+ entry = cert->dbEntry;
+ PORT_Assert(entry != NULL);
+ if (entry == NULL) {
+ goto loser;
+ }
+
+ pkcs11_freeNickname(entry->nickname, entry->nicknameSpace);
+ entry->nickname = NULL;
+ entry->nickname = pkcs11_copyNickname(nickname, entry->nicknameSpace,
+ sizeof(entry->nicknameSpace));
+
+ rv = WriteDBCertEntry(dbhandle, entry);
+ if (rv) {
+ goto loser;
+ }
+
+ pkcs11_freeNickname(cert->nickname, cert->nicknameSpace);
+ cert->nickname = NULL;
+ cert->nickname = pkcs11_copyNickname(nickname, cert->nicknameSpace,
+ sizeof(cert->nicknameSpace));
+
+ return (SECSuccess);
+
+loser:
+ return (SECFailure);
+}
+
+/*
+ * add a nickname to a cert that is already in the perm database, but doesn't
+ * have one yet (it is probably an e-mail cert).
+ */
+SECStatus
+nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname)
+{
+ SECStatus rv = SECFailure;
+ certDBEntrySubject *entry = NULL;
+ certDBEntryNickname *nicknameEntry = NULL;
+
+ nsslowcert_LockDB(dbhandle);
+
+ entry = ReadDBSubjectEntry(dbhandle, &cert->derSubject);
+ if (entry == NULL)
+ goto loser;
+
+ if (entry->nickname == NULL) {
+
+ /* no nickname for subject */
+ rv = AddNicknameToSubject(dbhandle, cert, nickname);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = AddNicknameToPermCert(dbhandle, cert, nickname);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
+ if (nicknameEntry == NULL) {
+ goto loser;
+ }
+
+ rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ /* subject already has a nickname */
+ rv = AddNicknameToPermCert(dbhandle, cert, entry->nickname);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* make sure nickname entry exists. If the database was corrupted,
+ * we may have lost the nickname entry. Add it back now */
+ nicknameEntry = ReadDBNicknameEntry(dbhandle, entry->nickname);
+ if (nicknameEntry == NULL) {
+ nicknameEntry = NewDBNicknameEntry(entry->nickname,
+ &cert->derSubject, 0);
+ if (nicknameEntry == NULL) {
+ goto loser;
+ }
+
+ rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ }
+ rv = SECSuccess;
+
+loser:
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ if (nicknameEntry) {
+ DestroyDBEntry((certDBEntry *)nicknameEntry);
+ }
+ nsslowcert_UnlockDB(dbhandle);
+ return (rv);
+}
+
+static certDBEntryCert *
+AddCertToPermDB(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert,
+ char *nickname, NSSLOWCERTCertTrust *trust)
+{
+ certDBEntryCert *certEntry = NULL;
+ certDBEntryNickname *nicknameEntry = NULL;
+ certDBEntrySubject *subjectEntry = NULL;
+ int state = 0;
+ SECStatus rv;
+ PRBool donnentry = PR_FALSE;
+
+ if (nickname) {
+ donnentry = PR_TRUE;
+ }
+
+ subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
+
+ if (subjectEntry && subjectEntry->nickname) {
+ donnentry = PR_FALSE;
+ nickname = subjectEntry->nickname;
+ }
+
+ certEntry = NewDBCertEntry(&cert->derCert, nickname, trust, 0);
+ if (certEntry == NULL) {
+ goto loser;
+ }
+
+ if (donnentry) {
+ nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
+ if (nicknameEntry == NULL) {
+ goto loser;
+ }
+ }
+
+ rv = WriteDBCertEntry(handle, certEntry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ state = 1;
+
+ if (nicknameEntry) {
+ rv = WriteDBNicknameEntry(handle, nicknameEntry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ state = 2;
+
+ /* "Change" handles if necessary */
+ cert->dbhandle = handle;
+
+ /* add to or create new subject entry */
+ if (subjectEntry) {
+ /* REWRITE BASED ON SUBJECT ENTRY */
+ rv = AddPermSubjectNode(subjectEntry, cert, nickname);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ /* make a new subject entry - this case is only used when updating
+ * an old version of the database. This is OK because the oldnickname
+ * db format didn't allow multiple certs with the same subject.
+ */
+ /* where does subjectKeyID and certKey come from? */
+ subjectEntry = NewDBSubjectEntry(&cert->derSubject, &cert->certKey,
+ &cert->subjectKeyID, nickname,
+ NULL, 0);
+ if (subjectEntry == NULL) {
+ goto loser;
+ }
+ rv = WriteDBSubjectEntry(handle, subjectEntry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ state = 3;
+
+ if (nicknameEntry) {
+ DestroyDBEntry((certDBEntry *)nicknameEntry);
+ }
+
+ if (subjectEntry) {
+ DestroyDBEntry((certDBEntry *)subjectEntry);
+ }
+
+ return (certEntry);
+
+loser:
+ /* don't leave partial entry in the database */
+ if (state > 0) {
+ DeleteDBCertEntry(handle, &cert->certKey);
+ }
+ if ((state > 1) && donnentry) {
+ DeleteDBNicknameEntry(handle, nickname);
+ }
+ if (certEntry) {
+ DestroyDBEntry((certDBEntry *)certEntry);
+ }
+ if (nicknameEntry) {
+ DestroyDBEntry((certDBEntry *)nicknameEntry);
+ }
+ if (subjectEntry) {
+ DestroyDBEntry((certDBEntry *)subjectEntry);
+ }
+
+ return (NULL);
+}
+
+/* forward declaration */
+static SECStatus
+UpdateV7DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb);
+
+/*
+ * version 8 uses the same schema as version 7. The only differences are
+ * 1) version 8 db uses the blob shim to store data entries > 32k.
+ * 2) version 8 db sets the db block size to 32k.
+ * both of these are dealt with by the handle.
+ */
+
+static SECStatus
+UpdateV8DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
+{
+ return UpdateV7DB(handle, updatedb);
+}
+
+/*
+ * we could just blindly sequence through reading key data pairs and writing
+ * them back out, but some cert.db's have gotten quite large and may have some
+ * subtle corruption problems, so instead we cycle through the certs and
+ * CRL's and S/MIME profiles and rebuild our subject lists from those records.
+ */
+static SECStatus
+UpdateV7DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
+{
+ DBT key, data;
+ int ret;
+ NSSLOWCERTCertificate *cert;
+ PRBool isKRL = PR_FALSE;
+ certDBEntryType entryType;
+ SECItem dbEntry, dbKey;
+ certDBEntryRevocation crlEntry;
+ certDBEntryCert certEntry;
+ certDBEntrySMime smimeEntry;
+ SECStatus rv;
+
+ ret = (*updatedb->seq)(updatedb, &key, &data, R_FIRST);
+
+ if (ret) {
+ return (SECFailure);
+ }
+
+ do {
+ unsigned char *dataBuf = (unsigned char *)data.data;
+ unsigned char *keyBuf = (unsigned char *)key.data;
+ dbEntry.data = &dataBuf[SEC_DB_ENTRY_HEADER_LEN];
+ dbEntry.len = data.size - SEC_DB_ENTRY_HEADER_LEN;
+ entryType = (certDBEntryType)keyBuf[0];
+ dbKey.data = &keyBuf[SEC_DB_KEY_HEADER_LEN];
+ dbKey.len = key.size - SEC_DB_KEY_HEADER_LEN;
+ if ((dbEntry.len <= 0) || (dbKey.len <= 0)) {
+ continue;
+ }
+
+ switch (entryType) {
+ /* these entries will get regenerated as we read the
+ * rest of the data from the database */
+ case certDBEntryTypeVersion:
+ case certDBEntryTypeSubject:
+ case certDBEntryTypeContentVersion:
+ case certDBEntryTypeNickname:
+ /* smime profiles need entries created after the certs have
+ * been imported, loop over them in a second run */
+ case certDBEntryTypeSMimeProfile:
+ break;
+
+ case certDBEntryTypeCert:
+ /* decode Entry */
+ certEntry.common.version = (unsigned int)dataBuf[0];
+ certEntry.common.type = entryType;
+ certEntry.common.flags = (unsigned int)dataBuf[2];
+ rv = DecodeDBCertEntry(&certEntry, &dbEntry);
+ if (rv != SECSuccess) {
+ break;
+ }
+ /* should we check for existing duplicates? */
+ cert = nsslowcert_DecodeDERCertificate(&certEntry.derCert,
+ certEntry.nickname);
+ if (cert) {
+ nsslowcert_UpdatePermCert(handle, cert, certEntry.nickname,
+ &certEntry.trust);
+ nsslowcert_DestroyCertificate(cert);
+ }
+ /* free any data the decode may have allocated. */
+ pkcs11_freeStaticData(certEntry.derCert.data,
+ certEntry.derCertSpace);
+ pkcs11_freeNickname(certEntry.nickname, certEntry.nicknameSpace);
+ break;
+
+ case certDBEntryTypeKeyRevocation:
+ isKRL = PR_TRUE;
+ /* fall through */
+ case certDBEntryTypeRevocation:
+ crlEntry.common.version = (unsigned int)dataBuf[0];
+ crlEntry.common.type = entryType;
+ crlEntry.common.flags = (unsigned int)dataBuf[2];
+ crlEntry.common.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (crlEntry.common.arena == NULL) {
+ break;
+ }
+ rv = DecodeDBCrlEntry(&crlEntry, &dbEntry);
+ if (rv != SECSuccess) {
+ break;
+ }
+ nsslowcert_UpdateCrl(handle, &crlEntry.derCrl, &dbKey,
+ crlEntry.url, isKRL);
+ /* free data allocated by the decode */
+ PORT_FreeArena(crlEntry.common.arena, PR_FALSE);
+ crlEntry.common.arena = NULL;
+ break;
+
+ default:
+ break;
+ }
+ } while ((*updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0);
+
+ /* now loop again updating just the SMimeProfile. */
+ ret = (*updatedb->seq)(updatedb, &key, &data, R_FIRST);
+
+ if (ret) {
+ return (SECFailure);
+ }
+
+ do {
+ unsigned char *dataBuf = (unsigned char *)data.data;
+ unsigned char *keyBuf = (unsigned char *)key.data;
+ dbEntry.data = &dataBuf[SEC_DB_ENTRY_HEADER_LEN];
+ dbEntry.len = data.size - SEC_DB_ENTRY_HEADER_LEN;
+ entryType = (certDBEntryType)keyBuf[0];
+ if (entryType != certDBEntryTypeSMimeProfile) {
+ continue;
+ }
+ dbKey.data = &keyBuf[SEC_DB_KEY_HEADER_LEN];
+ dbKey.len = key.size - SEC_DB_KEY_HEADER_LEN;
+ if ((dbEntry.len <= 0) || (dbKey.len <= 0)) {
+ continue;
+ }
+ smimeEntry.common.version = (unsigned int)dataBuf[0];
+ smimeEntry.common.type = entryType;
+ smimeEntry.common.flags = (unsigned int)dataBuf[2];
+ smimeEntry.common.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ /* decode entry */
+ rv = DecodeDBSMimeEntry(&smimeEntry, &dbEntry, (char *)dbKey.data);
+ if (rv == SECSuccess) {
+ nsslowcert_UpdateSMimeProfile(handle, smimeEntry.emailAddr,
+ &smimeEntry.subjectName, &smimeEntry.smimeOptions,
+ &smimeEntry.optionsDate);
+ }
+ PORT_FreeArena(smimeEntry.common.arena, PR_FALSE);
+ smimeEntry.common.arena = NULL;
+ } while ((*updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0);
+
+ (*updatedb->close)(updatedb);
+
+ /* a database update is a good time to go back and verify the integrity of
+ * the keys and certs */
+ handle->dbVerify = PR_TRUE;
+ return (SECSuccess);
+}
+
+/*
+ * NOTE - Version 6 DB did not go out to the real world in a release,
+ * so we can remove this function in a later release.
+ */
+static SECStatus
+UpdateV6DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
+{
+ int ret;
+ DBT key, data;
+ unsigned char *buf, *tmpbuf = NULL;
+ certDBEntryType type;
+ certDBEntryNickname *nnEntry = NULL;
+ certDBEntrySubject *subjectEntry = NULL;
+ certDBEntrySMime *emailEntry = NULL;
+ char *nickname;
+ char *emailAddr;
+
+ /*
+ * Sequence through the old database and copy all of the entries
+ * to the new database. Subject name entries will have the new
+ * fields inserted into them (with zero length).
+ */
+ ret = (*updatedb->seq)(updatedb, &key, &data, R_FIRST);
+ if (ret) {
+ return (SECFailure);
+ }
+
+ do {
+ buf = (unsigned char *)data.data;
+
+ if (data.size >= 3) {
+ if (buf[0] == 6) { /* version number */
+ type = (certDBEntryType)buf[1];
+ if (type == certDBEntryTypeSubject) {
+ /* expando subjecto entrieo */
+ tmpbuf = (unsigned char *)PORT_Alloc(data.size + 4);
+ if (tmpbuf) {
+ /* copy header stuff */
+ PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN + 2);
+ /* insert 4 more bytes of zero'd header */
+ PORT_Memset(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 2],
+ 0, 4);
+ /* copy rest of the data */
+ PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
+ &buf[SEC_DB_ENTRY_HEADER_LEN + 2],
+ data.size - (SEC_DB_ENTRY_HEADER_LEN + 2));
+
+ data.data = (void *)tmpbuf;
+ data.size += 4;
+ buf = tmpbuf;
+ }
+ } else if (type == certDBEntryTypeCert) {
+ /* expando certo entrieo */
+ tmpbuf = (unsigned char *)PORT_Alloc(data.size + 3);
+ if (tmpbuf) {
+ /* copy header stuff */
+ PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN);
+
+ /* copy trust flage, setting msb's to 0 */
+ tmpbuf[SEC_DB_ENTRY_HEADER_LEN] = 0;
+ tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 1] =
+ buf[SEC_DB_ENTRY_HEADER_LEN];
+ tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 2] = 0;
+ tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 3] =
+ buf[SEC_DB_ENTRY_HEADER_LEN + 1];
+ tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 4] = 0;
+ tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 5] =
+ buf[SEC_DB_ENTRY_HEADER_LEN + 2];
+
+ /* copy rest of the data */
+ PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
+ &buf[SEC_DB_ENTRY_HEADER_LEN + 3],
+ data.size - (SEC_DB_ENTRY_HEADER_LEN + 3));
+
+ data.data = (void *)tmpbuf;
+ data.size += 3;
+ buf = tmpbuf;
+ }
+ }
+
+ /* update the record version number */
+ buf[0] = CERT_DB_FILE_VERSION;
+
+ /* copy to the new database */
+ ret = certdb_Put(handle->permCertDB, &key, &data, 0);
+ if (tmpbuf) {
+ PORT_Free(tmpbuf);
+ tmpbuf = NULL;
+ }
+ if (ret) {
+ return SECFailure;
+ }
+ }
+ }
+ } while ((*updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0);
+
+ ret = certdb_Sync(handle->permCertDB, 0);
+ if (ret) {
+ return SECFailure;
+ }
+
+ ret = (*updatedb->seq)(updatedb, &key, &data, R_FIRST);
+ if (ret) {
+ return (SECFailure);
+ }
+
+ do {
+ buf = (unsigned char *)data.data;
+
+ if (data.size >= 3) {
+ if (buf[0] == CERT_DB_FILE_VERSION) { /* version number */
+ type = (certDBEntryType)buf[1];
+ if (type == certDBEntryTypeNickname) {
+ nickname = &((char *)key.data)[1];
+
+ /* get the matching nickname entry in the new DB */
+ nnEntry = ReadDBNicknameEntry(handle, nickname);
+ if (nnEntry == NULL) {
+ goto endloop;
+ }
+
+ /* find the subject entry pointed to by nickname */
+ subjectEntry = ReadDBSubjectEntry(handle,
+ &nnEntry->subjectName);
+ if (subjectEntry == NULL) {
+ goto endloop;
+ }
+
+ subjectEntry->nickname =
+ (char *)PORT_ArenaAlloc(subjectEntry->common.arena,
+ key.size - 1);
+ if (subjectEntry->nickname) {
+ PORT_Memcpy(subjectEntry->nickname, nickname,
+ key.size - 1);
+ (void)WriteDBSubjectEntry(handle, subjectEntry);
+ }
+ } else if (type == certDBEntryTypeSMimeProfile) {
+ emailAddr = &((char *)key.data)[1];
+
+ /* get the matching smime entry in the new DB */
+ emailEntry = nsslowcert_ReadDBSMimeEntry(handle, emailAddr);
+ if (emailEntry == NULL) {
+ goto endloop;
+ }
+
+ /* find the subject entry pointed to by nickname */
+ subjectEntry = ReadDBSubjectEntry(handle,
+ &emailEntry->subjectName);
+ if (subjectEntry == NULL) {
+ goto endloop;
+ }
+
+ subjectEntry->emailAddrs = (char **)
+ PORT_ArenaAlloc(subjectEntry->common.arena,
+ sizeof(char *));
+ if (subjectEntry->emailAddrs) {
+ subjectEntry->emailAddrs[0] =
+ (char *)PORT_ArenaAlloc(subjectEntry->common.arena,
+ key.size - 1);
+ if (subjectEntry->emailAddrs[0]) {
+ PORT_Memcpy(subjectEntry->emailAddrs[0], emailAddr,
+ key.size - 1);
+ subjectEntry->nemailAddrs = 1;
+ (void)WriteDBSubjectEntry(handle, subjectEntry);
+ }
+ }
+ }
+
+ endloop:
+ if (subjectEntry) {
+ DestroyDBEntry((certDBEntry *)subjectEntry);
+ subjectEntry = NULL;
+ }
+ if (nnEntry) {
+ DestroyDBEntry((certDBEntry *)nnEntry);
+ nnEntry = NULL;
+ }
+ if (emailEntry) {
+ DestroyDBEntry((certDBEntry *)emailEntry);
+ emailEntry = NULL;
+ }
+ }
+ }
+ } while ((*updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0);
+
+ ret = certdb_Sync(handle->permCertDB, 0);
+ if (ret) {
+ return SECFailure;
+ }
+
+ (*updatedb->close)(updatedb);
+ return (SECSuccess);
+}
+
+static SECStatus
+updateV5Callback(NSSLOWCERTCertificate *cert, SECItem *k, void *pdata)
+{
+ NSSLOWCERTCertDBHandle *handle;
+ certDBEntryCert *entry;
+ NSSLOWCERTCertTrust *trust;
+
+ handle = (NSSLOWCERTCertDBHandle *)pdata;
+ trust = &cert->dbEntry->trust;
+
+ /* SSL user certs can be used for email if they have an email addr */
+ if (cert->emailAddr && (trust->sslFlags & CERTDB_USER) &&
+ (trust->emailFlags == 0)) {
+ trust->emailFlags = CERTDB_USER;
+ }
+ /* servers didn't set the user flags on the server cert.. */
+ if (PORT_Strcmp(cert->dbEntry->nickname, "Server-Cert") == 0) {
+ trust->sslFlags |= CERTDB_USER;
+ }
+
+ entry = AddCertToPermDB(handle, cert, cert->dbEntry->nickname,
+ &cert->dbEntry->trust);
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+
+ return (SECSuccess);
+}
+
+static SECStatus
+UpdateV5DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
+{
+ NSSLOWCERTCertDBHandle updatehandle;
+
+ updatehandle.permCertDB = updatedb;
+ updatehandle.dbMon = PZ_NewMonitor(nssILockCertDB);
+ updatehandle.dbVerify = 0;
+ updatehandle.ref = 1; /* prevent premature close */
+
+ (void)nsslowcert_TraversePermCerts(&updatehandle, updateV5Callback,
+ (void *)handle);
+
+ PZ_DestroyMonitor(updatehandle.dbMon);
+
+ (*updatedb->close)(updatedb);
+ return (SECSuccess);
+}
+
+static PRBool
+isV4DB(DB *db)
+{
+ DBT key, data;
+ int ret;
+
+ key.data = "Version";
+ key.size = 7;
+
+ ret = (*db->get)(db, &key, &data, 0);
+ if (ret) {
+ return PR_FALSE;
+ }
+
+ if ((data.size == 1) && (*(unsigned char *)data.data <= 4)) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
+
+static SECStatus
+UpdateV4DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
+{
+ DBT key, data;
+ certDBEntryCert *entry, *entry2;
+ int ret;
+ NSSLOWCERTCertificate *cert;
+
+ ret = (*updatedb->seq)(updatedb, &key, &data, R_FIRST);
+
+ if (ret) {
+ return (SECFailure);
+ }
+
+ do {
+ if (data.size != 1) { /* skip version number */
+
+ /* decode the old DB entry */
+ entry = (certDBEntryCert *)
+ DecodeV4DBCertEntry((unsigned char *)data.data, data.size);
+
+ if (entry) {
+ cert = nsslowcert_DecodeDERCertificate(&entry->derCert,
+ entry->nickname);
+
+ if (cert != NULL) {
+ /* add to new database */
+ entry2 = AddCertToPermDB(handle, cert, entry->nickname,
+ &entry->trust);
+
+ nsslowcert_DestroyCertificate(cert);
+ if (entry2) {
+ DestroyDBEntry((certDBEntry *)entry2);
+ }
+ }
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ }
+ } while ((*updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0);
+
+ (*updatedb->close)(updatedb);
+ return (SECSuccess);
+}
+
+/*
+ * return true if a database key conflict exists
+ */
+PRBool
+nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle)
+{
+ SECStatus rv;
+ DBT tmpdata;
+ DBT namekey;
+ int ret;
+ SECItem keyitem;
+ PLArenaPool *arena = NULL;
+ SECItem derKey;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ /* get the db key of the cert */
+ rv = nsslowcert_KeyFromDERCert(arena, derCert, &derKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = EncodeDBCertKey(&derKey, arena, &keyitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ namekey.data = keyitem.data;
+ namekey.size = keyitem.len;
+
+ ret = certdb_Get(handle->permCertDB, &namekey, &tmpdata, 0);
+ if (ret == 0) {
+ goto loser;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+
+ return (PR_FALSE);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return (PR_TRUE);
+}
+
+/*
+ * return true if a nickname conflict exists
+ * NOTE: caller must have already made sure that this exact cert
+ * doesn't exist in the DB
+ */
+static PRBool
+nsslowcert_CertNicknameConflict(char *nickname, SECItem *derSubject,
+ NSSLOWCERTCertDBHandle *handle)
+{
+ PRBool rv;
+ certDBEntryNickname *entry;
+
+ if (nickname == NULL) {
+ return (PR_FALSE);
+ }
+
+ entry = ReadDBNicknameEntry(handle, nickname);
+
+ if (entry == NULL) {
+ /* no entry for this nickname, so no conflict */
+ return (PR_FALSE);
+ }
+
+ rv = PR_TRUE;
+ if (SECITEM_CompareItem(derSubject, &entry->subjectName) == SECEqual) {
+ /* if subject names are the same, then no conflict */
+ rv = PR_FALSE;
+ }
+
+ DestroyDBEntry((certDBEntry *)entry);
+ return (rv);
+}
+
+#ifdef DBM_USING_NSPR
+#define NO_RDONLY PR_RDONLY
+#define NO_RDWR PR_RDWR
+#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
+#else
+#define NO_RDONLY O_RDONLY
+#define NO_RDWR O_RDWR
+#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
+#endif
+
+/*
+ * open an old database that needs to be updated
+ */
+static DB *
+nsslowcert_openolddb(NSSLOWCERTDBNameFunc namecb, void *cbarg, int version)
+{
+ char *tmpname;
+ DB *updatedb = NULL;
+
+ tmpname = (*namecb)(cbarg, version); /* get v6 db name */
+ if (tmpname) {
+ updatedb = dbopen(tmpname, NO_RDONLY, 0600, DB_HASH, 0);
+ PORT_Free(tmpname);
+ }
+ return updatedb;
+}
+
+static SECStatus
+openNewCertDB(const char *appName, const char *prefix, const char *certdbname,
+ NSSLOWCERTCertDBHandle *handle, NSSLOWCERTDBNameFunc namecb, void *cbarg)
+{
+ SECStatus rv;
+ certDBEntryVersion *versionEntry = NULL;
+ DB *updatedb = NULL;
+ int status = RDB_FAIL;
+
+ if (appName) {
+ handle->permCertDB = rdbopen(appName, prefix, "cert", NO_CREATE, &status);
+ } else {
+ handle->permCertDB = dbsopen(certdbname, NO_CREATE, 0600, DB_HASH, 0);
+ }
+
+ /* if create fails then we lose */
+ if (handle->permCertDB == 0) {
+ return status == RDB_RETRY ? SECWouldBlock : SECFailure;
+ }
+
+ /* Verify version number; */
+ versionEntry = NewDBVersionEntry(0);
+ if (versionEntry == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = WriteDBVersionEntry(handle, versionEntry);
+
+ DestroyDBEntry((certDBEntry *)versionEntry);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* rv must already be Success here because of previous if statement */
+ /* try to upgrade old db here */
+ if (appName &&
+ (updatedb = dbsopen(certdbname, NO_RDONLY, 0600, DB_HASH, 0)) != NULL) {
+ rv = UpdateV8DB(handle, updatedb);
+ } else if ((updatedb = nsslowcert_openolddb(namecb, cbarg, 7)) != NULL) {
+ rv = UpdateV7DB(handle, updatedb);
+ } else if ((updatedb = nsslowcert_openolddb(namecb, cbarg, 6)) != NULL) {
+ rv = UpdateV6DB(handle, updatedb);
+ } else if ((updatedb = nsslowcert_openolddb(namecb, cbarg, 5)) != NULL) {
+ rv = UpdateV5DB(handle, updatedb);
+ } else if ((updatedb = nsslowcert_openolddb(namecb, cbarg, 4)) != NULL) {
+ /* NES has v5 format db's with v4 db names! */
+ if (isV4DB(updatedb)) {
+ rv = UpdateV4DB(handle, updatedb);
+ } else {
+ rv = UpdateV5DB(handle, updatedb);
+ }
+ }
+
+loser:
+ db_InitComplete(handle->permCertDB);
+ return rv;
+}
+
+static int
+nsslowcert_GetVersionNumber(NSSLOWCERTCertDBHandle *handle)
+{
+ certDBEntryVersion *versionEntry = NULL;
+ int version = 0;
+
+ versionEntry = ReadDBVersionEntry(handle);
+ if (versionEntry == NULL) {
+ return 0;
+ }
+ version = versionEntry->common.version;
+ DestroyDBEntry((certDBEntry *)versionEntry);
+ return version;
+}
+
+/*
+ * Open the certificate database and index databases. Create them if
+ * they are not there or bad.
+ */
+static SECStatus
+nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
+ const char *appName, const char *prefix,
+ NSSLOWCERTDBNameFunc namecb, void *cbarg)
+{
+ SECStatus rv;
+ int openflags;
+ char *certdbname;
+ int version = 0;
+
+ certdbname = (*namecb)(cbarg, CERT_DB_FILE_VERSION);
+ if (certdbname == NULL) {
+ return (SECFailure);
+ }
+
+ openflags = readOnly ? NO_RDONLY : NO_RDWR;
+
+ /*
+ * first open the permanent file based database.
+ */
+ if (appName) {
+ handle->permCertDB = rdbopen(appName, prefix, "cert", openflags, NULL);
+ } else {
+ handle->permCertDB = dbsopen(certdbname, openflags, 0600, DB_HASH, 0);
+ }
+
+ /* check for correct version number */
+ if (handle->permCertDB) {
+ version = nsslowcert_GetVersionNumber(handle);
+ if ((version != CERT_DB_FILE_VERSION) &&
+ !(appName && version == CERT_DB_V7_FILE_VERSION)) {
+ goto loser;
+ }
+ } else if (readOnly) {
+ /* don't create if readonly */
+ /* Try openning a version 7 database */
+ handle->permCertDB = nsslowcert_openolddb(namecb, cbarg, 7);
+ if (!handle->permCertDB) {
+ goto loser;
+ }
+ if (nsslowcert_GetVersionNumber(handle) != 7) {
+ goto loser;
+ }
+ } else {
+ /* if first open fails, try to create a new DB */
+ rv = openNewCertDB(appName, prefix, certdbname, handle, namecb, cbarg);
+ if (rv == SECWouldBlock) {
+ /* only the rdb version can fail with wouldblock */
+ handle->permCertDB =
+ rdbopen(appName, prefix, "cert", openflags, NULL);
+
+ /* check for correct version number */
+ if (!handle->permCertDB) {
+ goto loser;
+ }
+ version = nsslowcert_GetVersionNumber(handle);
+ if ((version != CERT_DB_FILE_VERSION) &&
+ !(appName && version == CERT_DB_V7_FILE_VERSION)) {
+ goto loser;
+ }
+ } else if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ PORT_Free(certdbname);
+
+ return (SECSuccess);
+
+loser:
+
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+
+ if (handle->permCertDB) {
+ certdb_Close(handle->permCertDB);
+ handle->permCertDB = 0;
+ }
+
+ PORT_Free(certdbname);
+
+ return (SECFailure);
+}
+
+/*
+ * delete all DB records associated with a particular certificate
+ */
+static SECStatus
+DeletePermCert(NSSLOWCERTCertificate *cert)
+{
+ SECStatus rv;
+ SECStatus ret;
+
+ ret = SECSuccess;
+
+ rv = DeleteDBCertEntry(cert->dbhandle, &cert->certKey);
+ if (rv != SECSuccess) {
+ ret = SECFailure;
+ }
+
+ rv = RemovePermSubjectNode(cert);
+
+ return (ret);
+}
+
+/*
+ * Delete a certificate from the permanent database.
+ */
+SECStatus
+nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert)
+{
+ SECStatus rv;
+
+ nsslowcert_LockDB(cert->dbhandle);
+
+ /* delete the records from the permanent database */
+ rv = DeletePermCert(cert);
+
+ /* get rid of dbcert and stuff pointing to it */
+ DestroyDBEntry((certDBEntry *)cert->dbEntry);
+ cert->dbEntry = NULL;
+ cert->trust = NULL;
+
+ nsslowcert_UnlockDB(cert->dbhandle);
+ return (rv);
+}
+
+/*
+ * Traverse all of the entries in the database of a particular type
+ * call the given function for each one.
+ */
+SECStatus
+nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
+ certDBEntryType type,
+ SECStatus (*callback)(SECItem *data, SECItem *key,
+ certDBEntryType type, void *pdata),
+ void *udata)
+{
+ DBT data;
+ DBT key;
+ SECStatus rv = SECSuccess;
+ int ret;
+ SECItem dataitem;
+ SECItem keyitem;
+ unsigned char *buf;
+ unsigned char *keybuf;
+
+ ret = certdb_Seq(handle->permCertDB, &key, &data, R_FIRST);
+ if (ret) {
+ return (SECFailure);
+ }
+ /* here, ret is zero and rv is SECSuccess.
+ * Below here, ret is a count of successful calls to the callback function.
+ */
+ do {
+ buf = (unsigned char *)data.data;
+
+ if (buf[1] == (unsigned char)type) {
+ dataitem.len = data.size;
+ dataitem.data = buf;
+ dataitem.type = siBuffer;
+ keyitem.len = key.size - SEC_DB_KEY_HEADER_LEN;
+ keybuf = (unsigned char *)key.data;
+ keyitem.data = &keybuf[SEC_DB_KEY_HEADER_LEN];
+ keyitem.type = siBuffer;
+ /* type should equal keybuf[0]. */
+
+ rv = (*callback)(&dataitem, &keyitem, type, udata);
+ if (rv == SECSuccess) {
+ ++ret;
+ }
+ }
+ } while (certdb_Seq(handle->permCertDB, &key, &data, R_NEXT) == 0);
+ /* If any callbacks succeeded, or no calls to callbacks were made,
+ * then report success. Otherwise, report failure.
+ */
+ return (ret ? SECSuccess : rv);
+}
+/*
+ * Decode a certificate and enter it into the temporary certificate database.
+ * Deal with nicknames correctly
+ *
+ * This is the private entry point.
+ */
+static NSSLOWCERTCertificate *
+DecodeACert(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
+{
+ NSSLOWCERTCertificate *cert = NULL;
+
+ cert = nsslowcert_DecodeDERCertificate(&entry->derCert, entry->nickname);
+
+ if (cert == NULL) {
+ goto loser;
+ }
+
+ cert->dbhandle = handle;
+ cert->dbEntry = entry;
+ cert->trust = &entry->trust;
+
+ return (cert);
+
+loser:
+ return (0);
+}
+
+static NSSLOWCERTTrust *
+CreateTrust(void)
+{
+ NSSLOWCERTTrust *trust = NULL;
+
+ nsslowcert_LockFreeList();
+ trust = trustListHead;
+ if (trust) {
+ trustListCount--;
+ trustListHead = trust->next;
+ }
+ PORT_Assert(trustListCount >= 0);
+ nsslowcert_UnlockFreeList();
+ if (trust) {
+ return trust;
+ }
+
+ return PORT_ZNew(NSSLOWCERTTrust);
+}
+
+static void
+DestroyTrustFreeList(void)
+{
+ NSSLOWCERTTrust *trust;
+
+ nsslowcert_LockFreeList();
+ while (NULL != (trust = trustListHead)) {
+ trustListCount--;
+ trustListHead = trust->next;
+ PORT_Free(trust);
+ }
+ PORT_Assert(!trustListCount);
+ trustListCount = 0;
+ nsslowcert_UnlockFreeList();
+}
+
+static NSSLOWCERTTrust *
+DecodeTrustEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry,
+ const SECItem *dbKey)
+{
+ NSSLOWCERTTrust *trust = CreateTrust();
+ if (trust == NULL) {
+ return trust;
+ }
+ trust->dbhandle = handle;
+ trust->dbEntry = entry;
+ trust->dbKey.data = pkcs11_copyStaticData(dbKey->data, dbKey->len,
+ trust->dbKeySpace, sizeof(trust->dbKeySpace));
+ if (!trust->dbKey.data) {
+ PORT_Free(trust);
+ return NULL;
+ }
+ trust->dbKey.len = dbKey->len;
+
+ trust->trust = &entry->trust;
+ trust->derCert = &entry->derCert;
+
+ return (trust);
+}
+
+typedef struct {
+ PermCertCallback certfunc;
+ NSSLOWCERTCertDBHandle *handle;
+ void *data;
+} PermCertCallbackState;
+
+/*
+ * traversal callback to decode certs and call callers callback
+ */
+static SECStatus
+certcallback(SECItem *dbdata, SECItem *dbkey, certDBEntryType type, void *data)
+{
+ PermCertCallbackState *mystate;
+ SECStatus rv;
+ certDBEntryCert *entry;
+ SECItem entryitem;
+ NSSLOWCERTCertificate *cert;
+ PLArenaPool *arena = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
+ if (!entry) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ mystate = (PermCertCallbackState *)data;
+ entry->common.version = (unsigned int)dbdata->data[0];
+ entry->common.type = (certDBEntryType)dbdata->data[1];
+ entry->common.flags = (unsigned int)dbdata->data[2];
+ entry->common.arena = arena;
+
+ entryitem.len = dbdata->len - SEC_DB_ENTRY_HEADER_LEN;
+ entryitem.data = &dbdata->data[SEC_DB_ENTRY_HEADER_LEN];
+
+ rv = DecodeDBCertEntry(entry, &entryitem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ entry->derCert.type = siBuffer;
+
+ /* note: Entry is 'inheritted'. */
+ cert = DecodeACert(mystate->handle, entry);
+
+ rv = (*mystate->certfunc)(cert, dbkey, mystate->data);
+
+ /* arena stored in entry destroyed by nsslowcert_DestroyCertificate */
+ nsslowcert_DestroyCertificateNoLocking(cert);
+
+ return (rv);
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return (SECFailure);
+}
+
+/*
+ * Traverse all of the certificates in the permanent database and
+ * call the given function for each one; expect the caller to have lock.
+ */
+static SECStatus
+TraversePermCertsNoLocking(NSSLOWCERTCertDBHandle *handle,
+ SECStatus (*certfunc)(NSSLOWCERTCertificate *cert,
+ SECItem *k,
+ void *pdata),
+ void *udata)
+{
+ SECStatus rv;
+ PermCertCallbackState mystate;
+
+ mystate.certfunc = certfunc;
+ mystate.handle = handle;
+ mystate.data = udata;
+ rv = nsslowcert_TraverseDBEntries(handle, certDBEntryTypeCert, certcallback,
+ (void *)&mystate);
+
+ return (rv);
+}
+
+/*
+ * Traverse all of the certificates in the permanent database and
+ * call the given function for each one.
+ */
+SECStatus
+nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
+ SECStatus (*certfunc)(NSSLOWCERTCertificate *cert, SECItem *k,
+ void *pdata),
+ void *udata)
+{
+ SECStatus rv;
+
+ nsslowcert_LockDB(handle);
+ rv = TraversePermCertsNoLocking(handle, certfunc, udata);
+ nsslowcert_UnlockDB(handle);
+
+ return (rv);
+}
+
+/*
+ * Close the database
+ */
+void
+nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle)
+{
+ if (handle) {
+ if (handle->permCertDB) {
+ certdb_Close(handle->permCertDB);
+ handle->permCertDB = NULL;
+ }
+ if (handle->dbMon) {
+ PZ_DestroyMonitor(handle->dbMon);
+ handle->dbMon = NULL;
+ }
+ PORT_Free(handle);
+ }
+ return;
+}
+
+/*
+ * Get the trust attributes from a certificate
+ */
+SECStatus
+nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
+{
+ SECStatus rv;
+
+ nsslowcert_LockCertTrust(cert);
+
+ if (cert->trust == NULL) {
+ rv = SECFailure;
+ } else {
+ *trust = *cert->trust;
+ rv = SECSuccess;
+ }
+
+ nsslowcert_UnlockCertTrust(cert);
+ return (rv);
+}
+
+/*
+ * Change the trust attributes of a certificate and make them permanent
+ * in the database.
+ */
+SECStatus
+nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle,
+ NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
+{
+ certDBEntryCert *entry;
+ int rv;
+ SECStatus ret;
+
+ nsslowcert_LockDB(handle);
+ nsslowcert_LockCertTrust(cert);
+ /* only set the trust on permanent certs */
+ if (cert->trust == NULL) {
+ ret = SECFailure;
+ goto done;
+ }
+
+ *cert->trust = *trust;
+ if (cert->dbEntry == NULL) {
+ ret = SECSuccess; /* not in permanent database */
+ goto done;
+ }
+
+ entry = cert->dbEntry;
+ entry->trust = *trust;
+
+ rv = WriteDBCertEntry(handle, entry);
+ if (rv) {
+ ret = SECFailure;
+ goto done;
+ }
+
+ ret = SECSuccess;
+
+done:
+ nsslowcert_UnlockCertTrust(cert);
+ nsslowcert_UnlockDB(handle);
+ return (ret);
+}
+
+static SECStatus
+nsslowcert_UpdatePermCert(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
+{
+ char *oldnn;
+ certDBEntryCert *entry;
+ PRBool conflict;
+ SECStatus ret;
+
+ PORT_Assert(!cert->dbEntry);
+
+ /* don't add a conflicting nickname */
+ conflict = nsslowcert_CertNicknameConflict(nickname, &cert->derSubject,
+ dbhandle);
+ if (conflict) {
+ ret = SECFailure;
+ goto done;
+ }
+
+ /* save old nickname so that we can delete it */
+ oldnn = cert->nickname;
+
+ entry = AddCertToPermDB(dbhandle, cert, nickname, trust);
+
+ if (entry == NULL) {
+ ret = SECFailure;
+ goto done;
+ }
+
+ pkcs11_freeNickname(oldnn, cert->nicknameSpace);
+
+ cert->nickname = (entry->nickname) ? pkcs11_copyNickname(entry->nickname,
+ cert->nicknameSpace, sizeof(cert->nicknameSpace))
+ : NULL;
+ cert->trust = &entry->trust;
+ cert->dbEntry = entry;
+
+ ret = SECSuccess;
+done:
+ return (ret);
+}
+
+SECStatus
+nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *dbhandle,
+ NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
+{
+ SECStatus ret;
+
+ nsslowcert_LockDB(dbhandle);
+
+ ret = nsslowcert_UpdatePermCert(dbhandle, cert, nickname, trust);
+
+ nsslowcert_UnlockDB(dbhandle);
+ return (ret);
+}
+
+/*
+ * Open the certificate database and index databases. Create them if
+ * they are not there or bad.
+ */
+SECStatus
+nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
+ const char *appName, const char *prefix,
+ NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
+{
+ int rv;
+
+ certdb_InitDBLock(handle);
+
+ handle->dbMon = PZ_NewMonitor(nssILockCertDB);
+ PORT_Assert(handle->dbMon != NULL);
+ handle->dbVerify = PR_FALSE;
+
+ rv = nsslowcert_OpenPermCertDB(handle, readOnly, appName, prefix,
+ namecb, cbarg);
+ if (rv) {
+ goto loser;
+ }
+
+ return (SECSuccess);
+
+loser:
+ if (handle->dbMon) {
+ PZ_DestroyMonitor(handle->dbMon);
+ handle->dbMon = NULL;
+ }
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+ return (SECFailure);
+}
+
+PRBool
+nsslowcert_needDBVerify(NSSLOWCERTCertDBHandle *handle)
+{
+ if (!handle)
+ return PR_FALSE;
+ return handle->dbVerify;
+}
+
+void
+nsslowcert_setDBVerify(NSSLOWCERTCertDBHandle *handle, PRBool value)
+{
+ handle->dbVerify = value;
+}
+
+/*
+ * Lookup a certificate in the databases.
+ */
+static NSSLOWCERTCertificate *
+FindCertByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey, PRBool lockdb)
+{
+ NSSLOWCERTCertificate *cert = NULL;
+ certDBEntryCert *entry;
+ PRBool locked = PR_FALSE;
+
+ if (lockdb) {
+ locked = PR_TRUE;
+ nsslowcert_LockDB(handle);
+ }
+
+ /* find in perm database */
+ entry = ReadDBCertEntry(handle, certKey);
+
+ if (entry == NULL) {
+ goto loser;
+ }
+
+ /* inherit entry */
+ cert = DecodeACert(handle, entry);
+
+loser:
+ if (cert == NULL) {
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ }
+
+ if (locked) {
+ nsslowcert_UnlockDB(handle);
+ }
+
+ return (cert);
+}
+
+/*
+ * Lookup a certificate in the databases.
+ */
+static NSSLOWCERTTrust *
+FindTrustByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey, PRBool lockdb)
+{
+ NSSLOWCERTTrust *trust = NULL;
+ certDBEntryCert *entry;
+ PRBool locked = PR_FALSE;
+
+ if (lockdb) {
+ locked = PR_TRUE;
+ nsslowcert_LockDB(handle);
+ }
+
+ /* find in perm database */
+ entry = ReadDBCertEntry(handle, certKey);
+
+ if (entry == NULL) {
+ goto loser;
+ }
+
+ if (!nsslowcert_hasTrust(&entry->trust)) {
+ goto loser;
+ }
+
+ /* inherit entry */
+ trust = DecodeTrustEntry(handle, entry, certKey);
+
+loser:
+ if (trust == NULL) {
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ }
+
+ if (locked) {
+ nsslowcert_UnlockDB(handle);
+ }
+
+ return (trust);
+}
+
+/*
+ * Lookup a certificate in the databases without locking
+ */
+NSSLOWCERTCertificate *
+nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey)
+{
+ return (FindCertByKey(handle, certKey, PR_FALSE));
+}
+
+/*
+ * Lookup a trust object in the databases without locking
+ */
+NSSLOWCERTTrust *
+nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey)
+{
+ return (FindTrustByKey(handle, certKey, PR_FALSE));
+}
+
+/*
+ * Generate a key from an issuerAndSerialNumber, and find the
+ * associated cert in the database.
+ */
+NSSLOWCERTCertificate *
+nsslowcert_FindCertByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN)
+{
+ SECItem certKey;
+ SECItem *sn = &issuerAndSN->serialNumber;
+ SECItem *issuer = &issuerAndSN->derIssuer;
+ NSSLOWCERTCertificate *cert;
+ int data_len = sn->len;
+ int index = 0;
+
+ /* automatically detect DER encoded serial numbers and remove the der
+ * encoding since the database expects unencoded data.
+ * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
+ if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
+ /* remove the der encoding of the serial number before generating the
+ * key.. */
+ int data_left = sn->len - 2;
+ data_len = sn->data[1];
+ index = 2;
+
+ /* extended length ? (not very likely for a serial number) */
+ if (data_len & 0x80) {
+ int len_count = data_len & 0x7f;
+
+ data_len = 0;
+ data_left -= len_count;
+ if (data_left > 0) {
+ while (len_count--) {
+ data_len = (data_len << 8) | sn->data[index++];
+ }
+ }
+ }
+ /* XXX leaving any leading zeros on the serial number for backwards
+ * compatibility
+ */
+ /* not a valid der, must be just an unlucky serial number value */
+ if (data_len != data_left) {
+ data_len = sn->len;
+ index = 0;
+ }
+ }
+
+ certKey.type = 0;
+ certKey.data = (unsigned char *)PORT_Alloc(sn->len + issuer->len);
+ certKey.len = data_len + issuer->len;
+
+ if (certKey.data == NULL) {
+ return (0);
+ }
+
+ /* first try the serial number as hand-decoded above*/
+ /* copy the serialNumber */
+ PORT_Memcpy(certKey.data, &sn->data[index], data_len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&certKey.data[data_len], issuer->data, issuer->len);
+
+ cert = nsslowcert_FindCertByKey(handle, &certKey);
+ if (cert) {
+ PORT_Free(certKey.data);
+ return (cert);
+ }
+
+ /* didn't find it, try by der encoded serial number */
+ /* copy the serialNumber */
+ PORT_Memcpy(certKey.data, sn->data, sn->len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&certKey.data[sn->len], issuer->data, issuer->len);
+ certKey.len = sn->len + issuer->len;
+
+ cert = nsslowcert_FindCertByKey(handle, &certKey);
+
+ PORT_Free(certKey.data);
+
+ return (cert);
+}
+
+/*
+ * Generate a key from an issuerAndSerialNumber, and find the
+ * associated cert in the database.
+ */
+NSSLOWCERTTrust *
+nsslowcert_FindTrustByIssuerAndSN(NSSLOWCERTCertDBHandle *handle,
+ NSSLOWCERTIssuerAndSN *issuerAndSN)
+{
+ SECItem certKey;
+ SECItem *sn = &issuerAndSN->serialNumber;
+ SECItem *issuer = &issuerAndSN->derIssuer;
+ NSSLOWCERTTrust *trust;
+ unsigned char keyBuf[512];
+ int data_len = sn->len;
+ int index = 0;
+ int len;
+
+ /* automatically detect DER encoded serial numbers and remove the der
+ * encoding since the database expects unencoded data.
+ * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
+ if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
+ /* remove the der encoding of the serial number before generating the
+ * key.. */
+ int data_left = sn->len - 2;
+ data_len = sn->data[1];
+ index = 2;
+
+ /* extended length ? (not very likely for a serial number) */
+ if (data_len & 0x80) {
+ int len_count = data_len & 0x7f;
+
+ data_len = 0;
+ data_left -= len_count;
+ if (data_left > 0) {
+ while (len_count--) {
+ data_len = (data_len << 8) | sn->data[index++];
+ }
+ }
+ }
+ /* XXX leaving any leading zeros on the serial number for backwards
+ * compatibility
+ */
+ /* not a valid der, must be just an unlucky serial number value */
+ if (data_len != data_left) {
+ data_len = sn->len;
+ index = 0;
+ }
+ }
+
+ certKey.type = 0;
+ certKey.len = data_len + issuer->len;
+ len = sn->len + issuer->len;
+ if (len > sizeof(keyBuf)) {
+ certKey.data = (unsigned char *)PORT_Alloc(len);
+ } else {
+ certKey.data = keyBuf;
+ }
+
+ if (certKey.data == NULL) {
+ return (0);
+ }
+
+ /* first try the serial number as hand-decoded above*/
+ /* copy the serialNumber */
+ PORT_Memcpy(certKey.data, &sn->data[index], data_len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&certKey.data[data_len], issuer->data, issuer->len);
+
+ trust = nsslowcert_FindTrustByKey(handle, &certKey);
+ if (trust) {
+ pkcs11_freeStaticData(certKey.data, keyBuf);
+ return (trust);
+ }
+
+ if (index == 0) {
+ pkcs11_freeStaticData(certKey.data, keyBuf);
+ return NULL;
+ }
+
+ /* didn't find it, try by der encoded serial number */
+ /* copy the serialNumber */
+ PORT_Memcpy(certKey.data, sn->data, sn->len);
+
+ /* copy the issuer */
+ PORT_Memcpy(&certKey.data[sn->len], issuer->data, issuer->len);
+ certKey.len = sn->len + issuer->len;
+
+ trust = nsslowcert_FindTrustByKey(handle, &certKey);
+
+ pkcs11_freeStaticData(certKey.data, keyBuf);
+
+ return (trust);
+}
+
+/*
+ * look for the given DER certificate in the database
+ */
+NSSLOWCERTCertificate *
+nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert)
+{
+ PLArenaPool *arena;
+ SECItem certKey;
+ SECStatus rv;
+ NSSLOWCERTCertificate *cert = NULL;
+
+ /* create a scratch arena */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return (NULL);
+ }
+
+ /* extract the database key from the cert */
+ rv = nsslowcert_KeyFromDERCert(arena, derCert, &certKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* find the certificate */
+ cert = nsslowcert_FindCertByKey(handle, &certKey);
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return (cert);
+}
+
+static void
+DestroyCertificate(NSSLOWCERTCertificate *cert, PRBool lockdb)
+{
+ int refCount;
+ NSSLOWCERTCertDBHandle *handle;
+
+ if (cert) {
+
+ handle = cert->dbhandle;
+
+ /*
+ * handle may be NULL, for example if the cert was created with
+ * nsslowcert_DecodeDERCertificate.
+ */
+ if (lockdb && handle) {
+ nsslowcert_LockDB(handle);
+ }
+
+ nsslowcert_LockCertRefCount(cert);
+ PORT_Assert(cert->referenceCount > 0);
+ refCount = --cert->referenceCount;
+ nsslowcert_UnlockCertRefCount(cert);
+
+ if (refCount == 0) {
+ certDBEntryCert *entry = cert->dbEntry;
+
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+
+ pkcs11_freeNickname(cert->nickname, cert->nicknameSpace);
+ pkcs11_freeNickname(cert->emailAddr, cert->emailAddrSpace);
+ pkcs11_freeStaticData(cert->certKey.data, cert->certKeySpace);
+ cert->certKey.data = NULL;
+ cert->nickname = NULL;
+
+ /* zero cert before freeing. Any stale references to this cert
+ * after this point will probably cause an exception. */
+ PORT_Memset(cert, 0, sizeof *cert);
+
+ /* use reflock to protect the free list */
+ nsslowcert_LockFreeList();
+ if (certListCount > MAX_CERT_LIST_COUNT) {
+ PORT_Free(cert);
+ } else {
+ certListCount++;
+ cert->next = certListHead;
+ certListHead = cert;
+ }
+ nsslowcert_UnlockFreeList();
+ cert = NULL;
+ }
+ if (lockdb && handle) {
+ nsslowcert_UnlockDB(handle);
+ }
+ }
+
+ return;
+}
+
+NSSLOWCERTCertificate *
+nsslowcert_CreateCert(void)
+{
+ NSSLOWCERTCertificate *cert;
+ nsslowcert_LockFreeList();
+ cert = certListHead;
+ if (cert) {
+ certListHead = cert->next;
+ certListCount--;
+ }
+ PORT_Assert(certListCount >= 0);
+ nsslowcert_UnlockFreeList();
+ if (cert) {
+ return cert;
+ }
+ return PORT_ZNew(NSSLOWCERTCertificate);
+}
+
+static void
+DestroyCertFreeList(void)
+{
+ NSSLOWCERTCertificate *cert;
+
+ nsslowcert_LockFreeList();
+ while (NULL != (cert = certListHead)) {
+ certListCount--;
+ certListHead = cert->next;
+ PORT_Free(cert);
+ }
+ PORT_Assert(!certListCount);
+ certListCount = 0;
+ nsslowcert_UnlockFreeList();
+}
+
+void
+nsslowcert_DestroyTrust(NSSLOWCERTTrust *trust)
+{
+ certDBEntryCert *entry = trust->dbEntry;
+
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ pkcs11_freeStaticData(trust->dbKey.data, trust->dbKeySpace);
+ PORT_Memset(trust, 0, sizeof(*trust));
+
+ nsslowcert_LockFreeList();
+ if (trustListCount > MAX_TRUST_LIST_COUNT) {
+ PORT_Free(trust);
+ } else {
+ trustListCount++;
+ trust->next = trustListHead;
+ trustListHead = trust;
+ }
+ nsslowcert_UnlockFreeList();
+
+ return;
+}
+
+void
+nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert)
+{
+ DestroyCertificate(cert, PR_TRUE);
+ return;
+}
+
+static void
+nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert)
+{
+ DestroyCertificate(cert, PR_FALSE);
+ return;
+}
+
+/*
+ * Lookup a CRL in the databases. We mirror the same fast caching data base
+ * caching stuff used by certificates....?
+ */
+certDBEntryRevocation *
+nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle,
+ SECItem *crlKey, PRBool isKRL)
+{
+ SECItem keyitem;
+ SECStatus rv;
+ PLArenaPool *arena = NULL;
+ certDBEntryRevocation *entry = NULL;
+ certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
+ : certDBEntryTypeRevocation;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+
+ rv = EncodeDBGenericKey(crlKey, arena, &keyitem, crlType);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* find in perm database */
+ entry = ReadDBCrlEntry(handle, crlKey, crlType);
+
+ if (entry == NULL) {
+ goto loser;
+ }
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+
+ return entry;
+}
+
+/*
+ * replace the existing URL in the data base with a new one
+ */
+static SECStatus
+nsslowcert_UpdateCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
+ SECItem *crlKey, char *url, PRBool isKRL)
+{
+ SECStatus rv = SECFailure;
+ certDBEntryRevocation *entry = NULL;
+ certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
+ : certDBEntryTypeRevocation;
+ DeleteDBCrlEntry(handle, crlKey, crlType);
+
+ /* Write the new entry into the data base */
+ entry = NewDBCrlEntry(derCrl, url, crlType, 0);
+ if (entry == NULL)
+ goto done;
+
+ rv = WriteDBCrlEntry(handle, entry, crlKey);
+ if (rv != SECSuccess)
+ goto done;
+
+done:
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ return rv;
+}
+
+SECStatus
+nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
+ SECItem *crlKey, char *url, PRBool isKRL)
+{
+ SECStatus rv;
+
+ rv = nsslowcert_UpdateCrl(handle, derCrl, crlKey, url, isKRL);
+
+ return rv;
+}
+
+SECStatus
+nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle, const SECItem *derName,
+ PRBool isKRL)
+{
+ SECStatus rv;
+ certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
+ : certDBEntryTypeRevocation;
+
+ rv = DeleteDBCrlEntry(handle, derName, crlType);
+ if (rv != SECSuccess)
+ goto done;
+
+done:
+ return rv;
+}
+
+PRBool
+nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust)
+{
+ if (trust == NULL) {
+ return PR_FALSE;
+ }
+ return !((trust->sslFlags & CERTDB_TRUSTED_UNKNOWN) &&
+ (trust->emailFlags & CERTDB_TRUSTED_UNKNOWN) &&
+ (trust->objectSigningFlags & CERTDB_TRUSTED_UNKNOWN));
+}
+
+/*
+ * This function has the logic that decides if another person's cert and
+ * email profile from an S/MIME message should be saved. It can deal with
+ * the case when there is no profile.
+ */
+static SECStatus
+nsslowcert_UpdateSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle,
+ char *emailAddr, SECItem *derSubject, SECItem *emailProfile,
+ SECItem *profileTime)
+{
+ certDBEntrySMime *entry = NULL;
+ SECStatus rv = SECFailure;
+ ;
+
+ /* find our existing entry */
+ entry = nsslowcert_ReadDBSMimeEntry(dbhandle, emailAddr);
+
+ if (entry) {
+ /* keep our old db entry consistant for old applications. */
+ if (!SECITEM_ItemsAreEqual(derSubject, &entry->subjectName)) {
+ nsslowcert_UpdateSubjectEmailAddr(dbhandle, &entry->subjectName,
+ emailAddr, nsslowcert_remove);
+ }
+ DestroyDBEntry((certDBEntry *)entry);
+ entry = NULL;
+ }
+
+ /* now save the entry */
+ entry = NewDBSMimeEntry(emailAddr, derSubject, emailProfile,
+ profileTime, 0);
+ if (entry == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ nsslowcert_LockDB(dbhandle);
+
+ rv = DeleteDBSMimeEntry(dbhandle, emailAddr);
+ /* if delete fails, try to write new entry anyway... */
+
+ /* link subject entry back here */
+ rv = nsslowcert_UpdateSubjectEmailAddr(dbhandle, derSubject, emailAddr,
+ nsslowcert_add);
+ if (rv != SECSuccess) {
+ nsslowcert_UnlockDB(dbhandle);
+ goto loser;
+ }
+
+ rv = WriteDBSMimeEntry(dbhandle, entry);
+ if (rv != SECSuccess) {
+ nsslowcert_UnlockDB(dbhandle);
+ goto loser;
+ }
+
+ nsslowcert_UnlockDB(dbhandle);
+
+ rv = SECSuccess;
+
+loser:
+ if (entry) {
+ DestroyDBEntry((certDBEntry *)entry);
+ }
+ return (rv);
+}
+
+SECStatus
+nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr,
+ SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime)
+{
+ SECStatus rv = SECFailure;
+ ;
+
+ rv = nsslowcert_UpdateSMimeProfile(dbhandle, emailAddr,
+ derSubject, emailProfile, profileTime);
+
+ return (rv);
+}
+
+void
+nsslowcert_DestroyFreeLists(void)
+{
+ if (freeListLock == NULL) {
+ return;
+ }
+ DestroyCertEntryFreeList();
+ DestroyTrustFreeList();
+ DestroyCertFreeList();
+ SKIP_AFTER_FORK(PZ_DestroyLock(freeListLock));
+ freeListLock = NULL;
+}
+
+void
+nsslowcert_DestroyGlobalLocks(void)
+{
+ if (dbLock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(dbLock));
+ dbLock = NULL;
+ }
+ if (certRefCountLock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(certRefCountLock));
+ certRefCountLock = NULL;
+ }
+ if (certTrustLock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(certTrustLock));
+ certTrustLock = NULL;
+ }
+}
+
+certDBEntry *
+nsslowcert_DecodeAnyDBEntry(SECItem *dbData, const SECItem *dbKey,
+ certDBEntryType entryType, void *pdata)
+{
+ PLArenaPool *arena = NULL;
+ certDBEntry *entry;
+ SECStatus rv;
+ SECItem dbEntry;
+
+ if ((dbData->len < SEC_DB_ENTRY_HEADER_LEN) || (dbKey->len == 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ dbEntry.data = &dbData->data[SEC_DB_ENTRY_HEADER_LEN];
+ dbEntry.len = dbData->len - SEC_DB_ENTRY_HEADER_LEN;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto loser;
+ }
+ entry = PORT_ArenaZNew(arena, certDBEntry);
+ if (!entry)
+ goto loser;
+
+ entry->common.version = (unsigned int)dbData->data[0];
+ entry->common.flags = (unsigned int)dbData->data[2];
+ entry->common.type = entryType;
+ entry->common.arena = arena;
+
+ switch (entryType) {
+ case certDBEntryTypeContentVersion: /* This type appears to be unused */
+ case certDBEntryTypeVersion: /* This type has only the common hdr */
+ rv = SECSuccess;
+ break;
+
+ case certDBEntryTypeSubject:
+ rv = DecodeDBSubjectEntry(&entry->subject, &dbEntry, dbKey);
+ break;
+
+ case certDBEntryTypeNickname:
+ rv = DecodeDBNicknameEntry(&entry->nickname, &dbEntry,
+ (char *)dbKey->data);
+ break;
+
+ /* smime profiles need entries created after the certs have
+ * been imported, loop over them in a second run */
+ case certDBEntryTypeSMimeProfile:
+ rv = DecodeDBSMimeEntry(&entry->smime, &dbEntry, (char *)dbKey->data);
+ break;
+
+ case certDBEntryTypeCert:
+ rv = DecodeDBCertEntry(&entry->cert, &dbEntry);
+ break;
+
+ case certDBEntryTypeKeyRevocation:
+ case certDBEntryTypeRevocation:
+ rv = DecodeDBCrlEntry(&entry->revocation, &dbEntry);
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+
+ if (rv == SECSuccess)
+ return entry;
+
+loser:
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
diff --git a/security/nss/lib/softoken/legacydb/pcertt.h b/security/nss/lib/softoken/legacydb/pcertt.h
new file mode 100644
index 000000000..7eaa82def
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/pcertt.h
@@ -0,0 +1,418 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * certt.h - public data structures for the certificate library
+ */
+#ifndef _PCERTT_H_
+#define _PCERTT_H_
+
+#include "prclist.h"
+#include "pkcs11t.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "plarena.h"
+#include "prcvar.h"
+#include "nssilock.h"
+#include "prio.h"
+#include "prmon.h"
+
+/* Non-opaque objects */
+typedef struct NSSLOWCERTCertDBHandleStr NSSLOWCERTCertDBHandle;
+typedef struct NSSLOWCERTCertKeyStr NSSLOWCERTCertKey;
+
+typedef struct NSSLOWCERTTrustStr NSSLOWCERTTrust;
+typedef struct NSSLOWCERTCertTrustStr NSSLOWCERTCertTrust;
+typedef struct NSSLOWCERTCertificateStr NSSLOWCERTCertificate;
+typedef struct NSSLOWCERTCertificateListStr NSSLOWCERTCertificateList;
+typedef struct NSSLOWCERTIssuerAndSNStr NSSLOWCERTIssuerAndSN;
+typedef struct NSSLOWCERTSignedDataStr NSSLOWCERTSignedData;
+typedef struct NSSLOWCERTSubjectPublicKeyInfoStr NSSLOWCERTSubjectPublicKeyInfo;
+typedef struct NSSLOWCERTValidityStr NSSLOWCERTValidity;
+
+/*
+** An X.509 validity object
+*/
+struct NSSLOWCERTValidityStr {
+ PLArenaPool *arena;
+ SECItem notBefore;
+ SECItem notAfter;
+};
+
+/*
+ * A serial number and issuer name, which is used as a database key
+ */
+struct NSSLOWCERTCertKeyStr {
+ SECItem serialNumber;
+ SECItem derIssuer;
+};
+
+/*
+** A signed data object. Used to implement the "signed" macro used
+** in the X.500 specs.
+*/
+struct NSSLOWCERTSignedDataStr {
+ SECItem data;
+ SECAlgorithmID signatureAlgorithm;
+ SECItem signature;
+};
+
+/*
+** An X.509 subject-public-key-info object
+*/
+struct NSSLOWCERTSubjectPublicKeyInfoStr {
+ PLArenaPool *arena;
+ SECAlgorithmID algorithm;
+ SECItem subjectPublicKey;
+};
+
+typedef struct _certDBEntryCert certDBEntryCert;
+typedef struct _certDBEntryRevocation certDBEntryRevocation;
+
+struct NSSLOWCERTCertTrustStr {
+ unsigned int sslFlags;
+ unsigned int emailFlags;
+ unsigned int objectSigningFlags;
+};
+
+/*
+** PKCS11 Trust representation
+*/
+struct NSSLOWCERTTrustStr {
+ NSSLOWCERTTrust *next;
+ NSSLOWCERTCertDBHandle *dbhandle;
+ SECItem dbKey; /* database key for this cert */
+ certDBEntryCert *dbEntry; /* database entry struct */
+ NSSLOWCERTCertTrust *trust;
+ SECItem *derCert; /* original DER for the cert */
+ unsigned char dbKeySpace[512];
+};
+
+/*
+** An X.509 certificate object (the unsigned form)
+*/
+struct NSSLOWCERTCertificateStr {
+ /* the arena is used to allocate any data structures that have the same
+ * lifetime as the cert. This is all stuff that hangs off of the cert
+ * structure, and is all freed at the same time. I is used when the
+ * cert is decoded, destroyed, and at some times when it changes
+ * state
+ */
+ NSSLOWCERTCertificate *next;
+ NSSLOWCERTCertDBHandle *dbhandle;
+
+ SECItem derCert; /* original DER for the cert */
+ SECItem derIssuer; /* DER for issuer name */
+ SECItem derSN;
+ SECItem serialNumber;
+ SECItem derSubject; /* DER for subject name */
+ SECItem derSubjKeyInfo;
+ NSSLOWCERTSubjectPublicKeyInfo *subjectPublicKeyInfo;
+ SECItem certKey; /* database key for this cert */
+ SECItem validity;
+ certDBEntryCert *dbEntry; /* database entry struct */
+ SECItem subjectKeyID; /* x509v3 subject key identifier */
+ SECItem extensions;
+ char *nickname;
+ char *emailAddr;
+ NSSLOWCERTCertTrust *trust;
+
+ /* the reference count is modified whenever someone looks up, dups
+ * or destroys a certificate
+ */
+ int referenceCount;
+
+ char nicknameSpace[200];
+ char emailAddrSpace[200];
+ unsigned char certKeySpace[512];
+};
+
+#define SEC_CERTIFICATE_VERSION_1 0 /* default created */
+#define SEC_CERTIFICATE_VERSION_2 1 /* v2 */
+#define SEC_CERTIFICATE_VERSION_3 2 /* v3 extensions */
+
+#define SEC_CRL_VERSION_1 0 /* default */
+#define SEC_CRL_VERSION_2 1 /* v2 extensions */
+
+#define NSS_MAX_LEGACY_DB_KEY_SIZE (60 * 1024)
+
+struct NSSLOWCERTIssuerAndSNStr {
+ SECItem derIssuer;
+ SECItem serialNumber;
+};
+
+typedef SECStatus (*NSSLOWCERTCertCallback)(NSSLOWCERTCertificate *cert, void *arg);
+
+/* This is the typedef for the callback passed to nsslowcert_OpenCertDB() */
+/* callback to return database name based on version number */
+typedef char *(*NSSLOWCERTDBNameFunc)(void *arg, int dbVersion);
+
+/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
+
+#include "secasn1t.h" /* way down here because I expect template stuff to
+ * move out of here anyway */
+
+/*
+ * Certificate Database related definitions and data structures
+ */
+
+/* version number of certificate database */
+#define CERT_DB_FILE_VERSION 8
+#define CERT_DB_V7_FILE_VERSION 7
+#define CERT_DB_CONTENT_VERSION 2
+
+#define SEC_DB_ENTRY_HEADER_LEN 3
+#define SEC_DB_KEY_HEADER_LEN 1
+
+/* All database entries have this form:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 version
+ * 1 type
+ * 2 flags
+ */
+
+/* database entry types */
+typedef enum {
+ certDBEntryTypeVersion = 0,
+ certDBEntryTypeCert = 1,
+ certDBEntryTypeNickname = 2,
+ certDBEntryTypeSubject = 3,
+ certDBEntryTypeRevocation = 4,
+ certDBEntryTypeKeyRevocation = 5,
+ certDBEntryTypeSMimeProfile = 6,
+ certDBEntryTypeContentVersion = 7,
+ certDBEntryTypeBlob = 8
+} certDBEntryType;
+
+typedef struct {
+ certDBEntryType type;
+ unsigned int version;
+ unsigned int flags;
+ PLArenaPool *arena;
+} certDBEntryCommon;
+
+/*
+ * Certificate entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 sslFlags-msb
+ * 1 sslFlags-lsb
+ * 2 emailFlags-msb
+ * 3 emailFlags-lsb
+ * 4 objectSigningFlags-msb
+ * 5 objectSigningFlags-lsb
+ * 6 derCert-len-msb
+ * 7 derCert-len-lsb
+ * 8 nickname-len-msb
+ * 9 nickname-len-lsb
+ * ... derCert
+ * ... nickname
+ *
+ * NOTE: the nickname string as stored in the database is null terminated,
+ * in other words, the last byte of the db entry is always 0
+ * if a nickname is present.
+ * NOTE: if nickname is not present, then nickname-len-msb and
+ * nickname-len-lsb will both be zero.
+ */
+struct _certDBEntryCert {
+ certDBEntryCommon common;
+ certDBEntryCert *next;
+ NSSLOWCERTCertTrust trust;
+ SECItem derCert;
+ char *nickname;
+ char nicknameSpace[200];
+ unsigned char derCertSpace[2048];
+};
+
+/*
+ * Certificate Nickname entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 subjectname-len-msb
+ * 1 subjectname-len-lsb
+ * 2... subjectname
+ *
+ * The database key for this type of entry is a nickname string
+ * The "subjectname" value is the DER encoded DN of the identity
+ * that matches this nickname.
+ */
+typedef struct {
+ certDBEntryCommon common;
+ char *nickname;
+ SECItem subjectName;
+} certDBEntryNickname;
+
+#define DB_NICKNAME_ENTRY_HEADER_LEN 2
+
+/*
+ * Certificate Subject entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 ncerts-msb
+ * 1 ncerts-lsb
+ * 2 nickname-msb
+ * 3 nickname-lsb
+ * 4 emailAddr-msb
+ * 5 emailAddr-lsb
+ * ... nickname
+ * ... emailAddr
+ * ...+2*i certkey-len-msb
+ * ...+1+2*i certkey-len-lsb
+ * ...+2*ncerts+2*i keyid-len-msb
+ * ...+1+2*ncerts+2*i keyid-len-lsb
+ * ... certkeys
+ * ... keyids
+ *
+ * The database key for this type of entry is the DER encoded subject name
+ * The "certkey" value is an array of certificate database lookup keys that
+ * points to the database entries for the certificates that matche
+ * this subject.
+ *
+ */
+typedef struct _certDBEntrySubject {
+ certDBEntryCommon common;
+ SECItem derSubject;
+ unsigned int ncerts;
+ char *nickname;
+ SECItem *certKeys;
+ SECItem *keyIDs;
+ char **emailAddrs;
+ unsigned int nemailAddrs;
+} certDBEntrySubject;
+
+#define DB_SUBJECT_ENTRY_HEADER_LEN 6
+
+/*
+ * Certificate SMIME profile entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 subjectname-len-msb
+ * 1 subjectname-len-lsb
+ * 2 smimeoptions-len-msb
+ * 3 smimeoptions-len-lsb
+ * 4 options-date-len-msb
+ * 5 options-date-len-lsb
+ * 6... subjectname
+ * ... smimeoptions
+ * ... options-date
+ *
+ * The database key for this type of entry is the email address string
+ * The "subjectname" value is the DER encoded DN of the identity
+ * that matches this nickname.
+ * The "smimeoptions" value is a string that represents the algorithm
+ * capabilities on the remote user.
+ * The "options-date" is the date that the smime options value was created.
+ * This is generally the signing time of the signed message that contained
+ * the options. It is a UTCTime value.
+ */
+typedef struct {
+ certDBEntryCommon common;
+ char *emailAddr;
+ SECItem subjectName;
+ SECItem smimeOptions;
+ SECItem optionsDate;
+} certDBEntrySMime;
+
+#define DB_SMIME_ENTRY_HEADER_LEN 6
+
+/*
+ * Crl/krl entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 derCert-len-msb
+ * 1 derCert-len-lsb
+ * 2 url-len-msb
+ * 3 url-len-lsb
+ * ... derCert
+ * ... url
+ *
+ * NOTE: the url string as stored in the database is null terminated,
+ * in other words, the last byte of the db entry is always 0
+ * if a nickname is present.
+ * NOTE: if url is not present, then url-len-msb and
+ * url-len-lsb will both be zero.
+ */
+#define DB_CRL_ENTRY_HEADER_LEN 4
+struct _certDBEntryRevocation {
+ certDBEntryCommon common;
+ SECItem derCrl;
+ char *url; /* where to load the crl from */
+};
+
+/*
+ * Database Version Entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * only the low level header...
+ *
+ * The database key for this type of entry is the string "Version"
+ */
+typedef struct {
+ certDBEntryCommon common;
+} certDBEntryVersion;
+
+#define SEC_DB_VERSION_KEY "Version"
+#define SEC_DB_VERSION_KEY_LEN sizeof(SEC_DB_VERSION_KEY)
+
+/*
+ * Database Content Version Entry:
+ *
+ * byte offset field
+ * ----------- -----
+ * 0 contentVersion
+ *
+ * The database key for this type of entry is the string "ContentVersion"
+ */
+typedef struct {
+ certDBEntryCommon common;
+ char contentVersion;
+} certDBEntryContentVersion;
+
+#define SEC_DB_CONTENT_VERSION_KEY "ContentVersion"
+#define SEC_DB_CONTENT_VERSION_KEY_LEN sizeof(SEC_DB_CONTENT_VERSION_KEY)
+
+typedef union {
+ certDBEntryCommon common;
+ certDBEntryCert cert;
+ certDBEntryContentVersion content;
+ certDBEntryNickname nickname;
+ certDBEntryRevocation revocation;
+ certDBEntrySMime smime;
+ certDBEntrySubject subject;
+ certDBEntryVersion version;
+} certDBEntry;
+
+/* length of the fixed part of a database entry */
+#define DBCERT_V4_HEADER_LEN 7
+#define DB_CERT_V5_ENTRY_HEADER_LEN 7
+#define DB_CERT_V6_ENTRY_HEADER_LEN 7
+#define DB_CERT_ENTRY_HEADER_LEN 10
+
+/* common flags for all types of certificates */
+#define CERTDB_TERMINAL_RECORD (1u << 0)
+#define CERTDB_TRUSTED (1u << 1)
+#define CERTDB_SEND_WARN (1u << 2)
+#define CERTDB_VALID_CA (1u << 3)
+#define CERTDB_TRUSTED_CA (1u << 4) /* trusted for issuing server certs */
+#define CERTDB_NS_TRUSTED_CA (1u << 5)
+#define CERTDB_USER (1u << 6)
+#define CERTDB_TRUSTED_CLIENT_CA (1u << 7) /* trusted for issuing client certs */
+#define CERTDB_INVISIBLE_CA (1u << 8) /* don't show in UI */
+#define CERTDB_GOVT_APPROVED_CA (1u << 9) /* can do strong crypto in export ver */
+#define CERTDB_MUST_VERIFY (1u << 10) /* explicitly don't trust this cert */
+#define CERTDB_TRUSTED_UNKNOWN (1u << 11) /* accept trust from another source */
+
+/* bits not affected by the CKO_NETSCAPE_TRUST object */
+#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | \
+ CERTDB_NS_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_INVISIBLE_CA | \
+ CERTDB_GOVT_APPROVED_CA)
+
+#endif /* _PCERTT_H_ */
diff --git a/security/nss/lib/softoken/legacydb/pk11db.c b/security/nss/lib/softoken/legacydb/pk11db.c
new file mode 100644
index 000000000..a7421c83d
--- /dev/null
+++ b/security/nss/lib/softoken/legacydb/pk11db.c
@@ -0,0 +1,731 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. This file is written to abstract away how the modules are
+ * stored so we can deside that later.
+ */
+
+#include "lgdb.h"
+#include "mcom_db.h"
+#include "secerr.h"
+#include "utilpars.h"
+
+#define FREE_CLEAR(p) \
+ if (p) { \
+ PORT_Free(p); \
+ p = NULL; \
+ }
+
+/* Construct a database key for a given module */
+static SECStatus
+lgdb_MakeKey(DBT *key, char *module)
+{
+ int len = 0;
+ char *commonName;
+
+ commonName = NSSUTIL_ArgGetParamValue("name", module);
+ if (commonName == NULL) {
+ commonName = NSSUTIL_ArgGetParamValue("library", module);
+ }
+ if (commonName == NULL)
+ return SECFailure;
+ len = PORT_Strlen(commonName);
+ key->data = commonName;
+ key->size = len;
+ return SECSuccess;
+}
+
+/* free out constructed database key */
+static void
+lgdb_FreeKey(DBT *key)
+{
+ if (key->data) {
+ PORT_Free(key->data);
+ }
+ key->data = NULL;
+ key->size = 0;
+}
+
+typedef struct lgdbDataStr lgdbData;
+typedef struct lgdbSlotDataStr lgdbSlotData;
+struct lgdbDataStr {
+ unsigned char major;
+ unsigned char minor;
+ unsigned char nameStart[2];
+ unsigned char slotOffset[2];
+ unsigned char internal;
+ unsigned char fips;
+ unsigned char ssl[8];
+ unsigned char trustOrder[4];
+ unsigned char cipherOrder[4];
+ unsigned char reserved1;
+ unsigned char isModuleDB;
+ unsigned char isModuleDBOnly;
+ unsigned char isCritical;
+ unsigned char reserved[4];
+ unsigned char names[6]; /* enough space for the length fields */
+};
+
+struct lgdbSlotDataStr {
+ unsigned char slotID[4];
+ unsigned char defaultFlags[4];
+ unsigned char timeout[4];
+ unsigned char askpw;
+ unsigned char hasRootCerts;
+ unsigned char reserved[18]; /* this makes it a round 32 bytes */
+};
+
+#define LGDB_DB_VERSION_MAJOR 0
+#define LGDB_DB_VERSION_MINOR 6
+#define LGDB_DB_EXT1_VERSION_MAJOR 0
+#define LGDB_DB_EXT1_VERSION_MINOR 6
+#define LGDB_DB_NOUI_VERSION_MAJOR 0
+#define LGDB_DB_NOUI_VERSION_MINOR 4
+
+#define LGDB_PUTSHORT(dest, src) \
+ (dest)[1] = (unsigned char)((src)&0xff); \
+ (dest)[0] = (unsigned char)(((src) >> 8) & 0xff);
+#define LGDB_PUTLONG(dest, src) \
+ (dest)[3] = (unsigned char)((src)&0xff); \
+ (dest)[2] = (unsigned char)(((src) >> 8) & 0xff); \
+ (dest)[1] = (unsigned char)(((src) >> 16) & 0xff); \
+ (dest)[0] = (unsigned char)(((src) >> 24) & 0xff);
+#define LGDB_GETSHORT(src) \
+ ((unsigned short)(((src)[0] << 8) | (src)[1]))
+#define LGDB_GETLONG(src) \
+ ((unsigned long)(((unsigned long)(src)[0] << 24) | \
+ ((unsigned long)(src)[1] << 16) | \
+ ((unsigned long)(src)[2] << 8) | \
+ (unsigned long)(src)[3]))
+
+/*
+ * build a data base entry from a module
+ */
+static SECStatus
+lgdb_EncodeData(DBT *data, char *module)
+{
+ lgdbData *encoded = NULL;
+ lgdbSlotData *slot;
+ unsigned char *dataPtr, *offsetPtr;
+ unsigned short len, len2 = 0, len3 = 0;
+ int count = 0;
+ unsigned short offset;
+ int dataLen, i;
+ unsigned long order;
+ unsigned long ssl[2];
+ char *commonName = NULL, *dllName = NULL, *param = NULL, *nss = NULL;
+ char *slotParams, *ciphers;
+ struct NSSUTILPreSlotInfoStr *slotInfo = NULL;
+ SECStatus rv = SECFailure;
+
+ rv = NSSUTIL_ArgParseModuleSpec(module, &dllName, &commonName, &param, &nss);
+ if (rv != SECSuccess)
+ return rv;
+ rv = SECFailure;
+
+ if (commonName == NULL) {
+ /* set error */
+ goto loser;
+ }
+
+ len = PORT_Strlen(commonName);
+ if (dllName) {
+ len2 = PORT_Strlen(dllName);
+ }
+ if (param) {
+ len3 = PORT_Strlen(param);
+ }
+
+ slotParams = NSSUTIL_ArgGetParamValue("slotParams", nss);
+ slotInfo = NSSUTIL_ArgParseSlotInfo(NULL, slotParams, &count);
+ if (slotParams)
+ PORT_Free(slotParams);
+
+ if (count && slotInfo == NULL) {
+ /* set error */
+ goto loser;
+ }
+
+ dataLen = sizeof(lgdbData) + len + len2 + len3 + sizeof(unsigned short) +
+ count * sizeof(lgdbSlotData);
+
+ data->data = (unsigned char *)PORT_ZAlloc(dataLen);
+ encoded = (lgdbData *)data->data;
+ dataPtr = (unsigned char *)data->data;
+ data->size = dataLen;
+
+ if (encoded == NULL) {
+ /* set error */
+ goto loser;
+ }
+
+ encoded->major = LGDB_DB_VERSION_MAJOR;
+ encoded->minor = LGDB_DB_VERSION_MINOR;
+ encoded->internal = (unsigned char)(NSSUTIL_ArgHasFlag("flags", "internal", nss) ? 1 : 0);
+ encoded->fips = (unsigned char)(NSSUTIL_ArgHasFlag("flags", "FIPS", nss) ? 1 : 0);
+ encoded->isModuleDB = (unsigned char)(NSSUTIL_ArgHasFlag("flags", "isModuleDB", nss) ? 1 : 0);
+ encoded->isModuleDBOnly = (unsigned char)(NSSUTIL_ArgHasFlag("flags", "isModuleDBOnly", nss) ? 1 : 0);
+ encoded->isCritical = (unsigned char)(NSSUTIL_ArgHasFlag("flags", "critical", nss) ? 1 : 0);
+
+ order = NSSUTIL_ArgReadLong("trustOrder", nss,
+ NSSUTIL_DEFAULT_TRUST_ORDER, NULL);
+ LGDB_PUTLONG(encoded->trustOrder, order);
+ order = NSSUTIL_ArgReadLong("cipherOrder", nss,
+ NSSUTIL_DEFAULT_CIPHER_ORDER, NULL);
+ LGDB_PUTLONG(encoded->cipherOrder, order);
+
+ ciphers = NSSUTIL_ArgGetParamValue("ciphers", nss);
+ NSSUTIL_ArgParseCipherFlags(&ssl[0], ciphers);
+ LGDB_PUTLONG(encoded->ssl, ssl[0]);
+ LGDB_PUTLONG(&encoded->ssl[4], ssl[1]);
+ if (ciphers)
+ PORT_Free(ciphers);
+
+ offset = (unsigned short)offsetof(lgdbData, names);
+ LGDB_PUTSHORT(encoded->nameStart, offset);
+ offset = offset + len + len2 + len3 + 3 * sizeof(unsigned short);
+ LGDB_PUTSHORT(encoded->slotOffset, offset);
+
+ LGDB_PUTSHORT(&dataPtr[offset], ((unsigned short)count));
+ slot = (lgdbSlotData *)(dataPtr + offset + sizeof(unsigned short));
+
+ offsetPtr = encoded->names;
+ LGDB_PUTSHORT(encoded->names, len);
+ offsetPtr += sizeof(unsigned short);
+ PORT_Memcpy(offsetPtr, commonName, len);
+ offsetPtr += len;
+
+ LGDB_PUTSHORT(offsetPtr, len2);
+ offsetPtr += sizeof(unsigned short);
+ if (len2) {
+ PORT_Memcpy(offsetPtr, dllName, len2);
+ }
+ offsetPtr += len2;
+
+ LGDB_PUTSHORT(offsetPtr, len3);
+ offsetPtr += sizeof(unsigned short);
+ if (len3) {
+ PORT_Memcpy(offsetPtr, param, len3);
+ }
+ offsetPtr += len3;
+
+ if (count) {
+ for (i = 0; i < count; i++) {
+ LGDB_PUTLONG(slot[i].slotID, slotInfo[i].slotID);
+ LGDB_PUTLONG(slot[i].defaultFlags,
+ slotInfo[i].defaultFlags);
+ LGDB_PUTLONG(slot[i].timeout, slotInfo[i].timeout);
+ slot[i].askpw = slotInfo[i].askpw;
+ slot[i].hasRootCerts = slotInfo[i].hasRootCerts;
+ PORT_Memset(slot[i].reserved, 0, sizeof(slot[i].reserved));
+ }
+ }
+ rv = SECSuccess;
+
+loser:
+ if (commonName)
+ PORT_Free(commonName);
+ if (dllName)
+ PORT_Free(dllName);
+ if (param)
+ PORT_Free(param);
+ if (slotInfo)
+ PORT_Free(slotInfo);
+ if (nss)
+ PORT_Free(nss);
+ return rv;
+}
+
+static void
+lgdb_FreeData(DBT *data)
+{
+ if (data->data) {
+ PORT_Free(data->data);
+ }
+}
+
+static void
+lgdb_FreeSlotStrings(char **slotStrings, int count)
+{
+ int i;
+
+ for (i = 0; i < count; i++) {
+ if (slotStrings[i]) {
+ PR_smprintf_free(slotStrings[i]);
+ slotStrings[i] = NULL;
+ }
+ }
+}
+
+/*
+ * build a module from the data base entry.
+ */
+static char *
+lgdb_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
+{
+ lgdbData *encoded;
+ lgdbSlotData *slots;
+ PLArenaPool *arena;
+ char *commonName = NULL;
+ char *dllName = NULL;
+ char *parameters = NULL;
+ char *nss;
+ char *moduleSpec;
+ char **slotStrings = NULL;
+ unsigned char *names;
+ unsigned long slotCount;
+ unsigned long ssl0 = 0;
+ unsigned long ssl1 = 0;
+ unsigned long slotID;
+ unsigned long defaultFlags;
+ unsigned long timeout;
+ unsigned long trustOrder = NSSUTIL_DEFAULT_TRUST_ORDER;
+ unsigned long cipherOrder = NSSUTIL_DEFAULT_CIPHER_ORDER;
+ unsigned short len;
+ unsigned short namesOffset = 0; /* start of the names block */
+ unsigned long namesRunningOffset; /* offset to name we are
+ * currently processing */
+ unsigned short slotOffset;
+ PRBool isOldVersion = PR_FALSE;
+ PRBool internal;
+ PRBool isFIPS;
+ PRBool isModuleDB = PR_FALSE;
+ PRBool isModuleDBOnly = PR_FALSE;
+ PRBool extended = PR_FALSE;
+ int i;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL)
+ return NULL;
+
+#define CHECK_SIZE(x) \
+ if ((unsigned int)data->size < (unsigned int)(x)) \
+ goto db_loser
+
+ /* -------------------------------------------------------------
+ ** Process the buffer header, which is the lgdbData struct.
+ ** It may be an old or new version. Check the length for each.
+ */
+
+ CHECK_SIZE(offsetof(lgdbData, trustOrder[0]));
+
+ encoded = (lgdbData *)data->data;
+
+ internal = (encoded->internal != 0) ? PR_TRUE : PR_FALSE;
+ isFIPS = (encoded->fips != 0) ? PR_TRUE : PR_FALSE;
+
+ if (retInternal)
+ *retInternal = internal;
+ if (internal) {
+ parameters = PORT_ArenaStrdup(arena, defParams);
+ if (parameters == NULL)
+ goto loser;
+ }
+ if (internal && (encoded->major == LGDB_DB_NOUI_VERSION_MAJOR) &&
+ (encoded->minor <= LGDB_DB_NOUI_VERSION_MINOR)) {
+ isOldVersion = PR_TRUE;
+ }
+ if ((encoded->major == LGDB_DB_EXT1_VERSION_MAJOR) &&
+ (encoded->minor >= LGDB_DB_EXT1_VERSION_MINOR)) {
+ CHECK_SIZE(sizeof(lgdbData));
+ trustOrder = LGDB_GETLONG(encoded->trustOrder);
+ cipherOrder = LGDB_GETLONG(encoded->cipherOrder);
+ isModuleDB = (encoded->isModuleDB != 0) ? PR_TRUE : PR_FALSE;
+ isModuleDBOnly = (encoded->isModuleDBOnly != 0) ? PR_TRUE : PR_FALSE;
+ extended = PR_TRUE;
+ }
+ if (internal && !extended) {
+ trustOrder = 0;
+ cipherOrder = 100;
+ }
+ /* decode SSL cipher enable flags */
+ ssl0 = LGDB_GETLONG(encoded->ssl);
+ ssl1 = LGDB_GETLONG(encoded->ssl + 4);
+
+ slotOffset = LGDB_GETSHORT(encoded->slotOffset);
+ namesOffset = LGDB_GETSHORT(encoded->nameStart);
+
+ /*--------------------------------------------------------------
+ ** Now process the variable length set of names.
+ ** The names have this structure:
+ ** struct {
+ ** BYTE commonNameLen[ 2 ];
+ ** BYTE commonName [ commonNameLen ];
+ ** BTTE libNameLen [ 2 ];
+ ** BYTE libName [ libNameLen ];
+ ** If it is "extended" it also has these members:
+ ** BYTE initStringLen[ 2 ];
+ ** BYTE initString [ initStringLen ];
+ ** }
+ */
+
+ namesRunningOffset = namesOffset;
+ /* copy the module's common name */
+ CHECK_SIZE(namesRunningOffset + 2);
+ names = (unsigned char *)data->data;
+ len = LGDB_GETSHORT(names + namesRunningOffset);
+
+ CHECK_SIZE(namesRunningOffset + 2 + len);
+ commonName = (char *)PORT_ArenaAlloc(arena, len + 1);
+ if (commonName == NULL)
+ goto loser;
+ PORT_Memcpy(commonName, names + namesRunningOffset + 2, len);
+ commonName[len] = 0;
+ namesRunningOffset += len + 2;
+
+ /* copy the module's shared library file name. */
+ CHECK_SIZE(namesRunningOffset + 2);
+ len = LGDB_GETSHORT(names + namesRunningOffset);
+ if (len) {
+ CHECK_SIZE(namesRunningOffset + 2 + len);
+ dllName = (char *)PORT_ArenaAlloc(arena, len + 1);
+ if (dllName == NULL)
+ goto loser;
+ PORT_Memcpy(dllName, names + namesRunningOffset + 2, len);
+ dllName[len] = 0;
+ }
+ namesRunningOffset += len + 2;
+
+ /* copy the module's initialization string, if present. */
+ if (!internal && extended) {
+ CHECK_SIZE(namesRunningOffset + 2);
+ len = LGDB_GETSHORT(names + namesRunningOffset);
+ if (len) {
+ CHECK_SIZE(namesRunningOffset + 2 + len);
+ parameters = (char *)PORT_ArenaAlloc(arena, len + 1);
+ if (parameters == NULL)
+ goto loser;
+ PORT_Memcpy(parameters, names + namesRunningOffset + 2, len);
+ parameters[len] = 0;
+ }
+ namesRunningOffset += len + 2;
+ }
+
+ /*
+ * Consistency check: Make sure the slot and names blocks don't
+ * overlap. These blocks can occur in any order, so this check is made
+ * in 2 parts. First we check the case where the slot block starts
+ * after the name block. Later, when we have the slot block length,
+ * we check the case where slot block starts before the name block.
+ * NOTE: in most cases any overlap will likely be detected by invalid
+ * data read from the blocks, but it's better to find out sooner
+ * than later.
+ */
+ if (slotOffset >= namesOffset) { /* slot block starts after name block */
+ if (slotOffset < namesRunningOffset) {
+ goto db_loser;
+ }
+ }
+
+ /* ------------------------------------------------------------------
+ ** Part 3, process the slot table.
+ ** This part has this structure:
+ ** struct {
+ ** BYTE slotCount [ 2 ];
+ ** lgdbSlotData [ slotCount ];
+ ** {
+ */
+
+ CHECK_SIZE(slotOffset + 2);
+ slotCount = LGDB_GETSHORT((unsigned char *)data->data + slotOffset);
+
+ /*
+ * Consistency check: Part 2. We now have the slot block length, we can
+ * check the case where the slotblock procedes the name block.
+ */
+ if (slotOffset < namesOffset) { /* slot block starts before name block */
+ if (namesOffset < slotOffset + 2 + slotCount * sizeof(lgdbSlotData)) {
+ goto db_loser;
+ }
+ }
+
+ CHECK_SIZE((slotOffset + 2 + slotCount * sizeof(lgdbSlotData)));
+ slots = (lgdbSlotData *)((unsigned char *)data->data + slotOffset + 2);
+
+ /* slotCount; */
+ slotStrings = (char **)PORT_ArenaZAlloc(arena, slotCount * sizeof(char *));
+ if (slotStrings == NULL)
+ goto loser;
+ for (i = 0; i < (int)slotCount; i++, slots++) {
+ PRBool hasRootCerts = PR_FALSE;
+ PRBool hasRootTrust = PR_FALSE;
+ slotID = LGDB_GETLONG(slots->slotID);
+ defaultFlags = LGDB_GETLONG(slots->defaultFlags);
+ timeout = LGDB_GETLONG(slots->timeout);
+ hasRootCerts = slots->hasRootCerts;
+ if (isOldVersion && internal && (slotID != 2)) {
+ unsigned long internalFlags =
+ NSSUTIL_ArgParseSlotFlags("slotFlags",
+ NSSUTIL_DEFAULT_SFTKN_FLAGS);
+ defaultFlags |= internalFlags;
+ }
+ if (hasRootCerts && !extended) {
+ trustOrder = 100;
+ }
+
+ slotStrings[i] = NSSUTIL_MkSlotString(slotID, defaultFlags, timeout,
+ (unsigned char)slots->askpw,
+ hasRootCerts, hasRootTrust);
+ if (slotStrings[i] == NULL) {
+ lgdb_FreeSlotStrings(slotStrings, i);
+ goto loser;
+ }
+ }
+
+ nss = NSSUTIL_MkNSSString(slotStrings, slotCount, internal, isFIPS,
+ isModuleDB, isModuleDBOnly, internal, trustOrder,
+ cipherOrder, ssl0, ssl1);
+ lgdb_FreeSlotStrings(slotStrings, slotCount);
+ /* it's permissible (and normal) for nss to be NULL. it simply means
+ * there are no NSS specific parameters in the database */
+ moduleSpec = NSSUTIL_MkModuleSpec(dllName, commonName, parameters, nss);
+ PR_smprintf_free(nss);
+ PORT_FreeArena(arena, PR_TRUE);
+ return moduleSpec;
+
+db_loser:
+ PORT_SetError(SEC_ERROR_BAD_DATABASE);
+loser:
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+}
+
+static DB *
+lgdb_OpenDB(const char *appName, const char *filename, const char *dbName,
+ PRBool readOnly, PRBool update)
+{
+ DB *pkcs11db = NULL;
+
+ if (appName) {
+ char *secname = PORT_Strdup(filename);
+ int len = strlen(secname);
+ int status = RDB_FAIL;
+
+ if (len >= 3 && PORT_Strcmp(&secname[len - 3], ".db") == 0) {
+ secname[len - 3] = 0;
+ }
+ pkcs11db =
+ rdbopen(appName, "", secname, readOnly ? NO_RDONLY : NO_RDWR, NULL);
+ if (update && !pkcs11db) {
+ DB *updatedb;
+
+ pkcs11db = rdbopen(appName, "", secname, NO_CREATE, &status);
+ if (!pkcs11db) {
+ if (status == RDB_RETRY) {
+ pkcs11db = rdbopen(appName, "", secname,
+ readOnly ? NO_RDONLY : NO_RDWR, NULL);
+ }
+ PORT_Free(secname);
+ return pkcs11db;
+ }
+ updatedb = dbopen(dbName, NO_RDONLY, 0600, DB_HASH, 0);
+ if (updatedb) {
+ db_Copy(pkcs11db, updatedb);
+ (*updatedb->close)(updatedb);
+ } else {
+ (*pkcs11db->close)(pkcs11db);
+ PORT_Free(secname);
+ return NULL;
+ }
+ }
+ PORT_Free(secname);
+ return pkcs11db;
+ }
+
+ /* I'm sure we should do more checks here sometime... */
+ pkcs11db = dbopen(dbName, readOnly ? NO_RDONLY : NO_RDWR, 0600, DB_HASH, 0);
+
+ /* didn't exist? create it */
+ if (pkcs11db == NULL) {
+ if (readOnly)
+ return NULL;
+
+ pkcs11db = dbopen(dbName, NO_CREATE, 0600, DB_HASH, 0);
+ if (pkcs11db)
+ (*pkcs11db->sync)(pkcs11db, 0);
+ }
+ return pkcs11db;
+}
+
+static void
+lgdb_CloseDB(DB *pkcs11db)
+{
+ (*pkcs11db->close)(pkcs11db);
+}
+
+SECStatus legacy_AddSecmodDB(const char *appName, const char *filename,
+ const char *dbname, char *module, PRBool rw);
+
+#define LGDB_STEP 10
+/*
+ * Read all the existing modules in
+ */
+char **
+legacy_ReadSecmodDB(const char *appName, const char *filename,
+ const char *dbname, char *params, PRBool rw)
+{
+ DBT key, data;
+ int ret;
+ DB *pkcs11db = NULL;
+ char **moduleList = NULL, **newModuleList = NULL;
+ int moduleCount = 1;
+ int useCount = LGDB_STEP;
+
+ moduleList = (char **)PORT_ZAlloc(useCount * sizeof(char **));
+ if (moduleList == NULL)
+ return NULL;
+
+ pkcs11db = lgdb_OpenDB(appName, filename, dbname, PR_TRUE, rw);
+ if (pkcs11db == NULL)
+ goto done;
+
+ /* read and parse the file or data base */
+ ret = (*pkcs11db->seq)(pkcs11db, &key, &data, R_FIRST);
+ if (ret)
+ goto done;
+
+ do {
+ char *moduleString;
+ PRBool internal = PR_FALSE;
+ if ((moduleCount + 1) >= useCount) {
+ useCount += LGDB_STEP;
+ newModuleList =
+ (char **)PORT_Realloc(moduleList, useCount * sizeof(char *));
+ if (newModuleList == NULL)
+ goto done;
+ moduleList = newModuleList;
+ PORT_Memset(&moduleList[moduleCount + 1], 0,
+ sizeof(char *) * LGDB_STEP);
+ }
+ moduleString = lgdb_DecodeData(params, &data, &internal);
+ if (internal) {
+ moduleList[0] = moduleString;
+ } else {
+ moduleList[moduleCount] = moduleString;
+ moduleCount++;
+ }
+ } while ((*pkcs11db->seq)(pkcs11db, &key, &data, R_NEXT) == 0);
+
+done:
+ if (!moduleList[0]) {
+ char *newparams = NSSUTIL_Quote(params, '"');
+ if (newparams) {
+ moduleList[0] = PR_smprintf(
+ NSSUTIL_DEFAULT_INTERNAL_INIT1 "%s" NSSUTIL_DEFAULT_INTERNAL_INIT2 "%s" NSSUTIL_DEFAULT_INTERNAL_INIT3,
+ newparams, NSSUTIL_DEFAULT_SFTKN_FLAGS);
+ PORT_Free(newparams);
+ }
+ }
+ /* deal with trust cert db here */
+
+ if (pkcs11db) {
+ lgdb_CloseDB(pkcs11db);
+ } else if (moduleList[0] && rw) {
+ legacy_AddSecmodDB(appName, filename, dbname, moduleList[0], rw);
+ }
+ if (!moduleList[0]) {
+ PORT_Free(moduleList);
+ moduleList = NULL;
+ }
+ return moduleList;
+}
+
+SECStatus
+legacy_ReleaseSecmodDBData(const char *appName, const char *filename,
+ const char *dbname, char **moduleSpecList, PRBool rw)
+{
+ if (moduleSpecList) {
+ char **index;
+ for (index = moduleSpecList; *index; index++) {
+ PR_smprintf_free(*index);
+ }
+ PORT_Free(moduleSpecList);
+ }
+ return SECSuccess;
+}
+
+/*
+ * Delete a module from the Data Base
+ */
+SECStatus
+legacy_DeleteSecmodDB(const char *appName, const char *filename,
+ const char *dbname, char *args, PRBool rw)
+{
+ DBT key;
+ SECStatus rv = SECFailure;
+ DB *pkcs11db = NULL;
+ int ret;
+
+ if (!rw)
+ return SECFailure;
+
+ /* make sure we have a db handle */
+ pkcs11db = lgdb_OpenDB(appName, filename, dbname, PR_FALSE, PR_FALSE);
+ if (pkcs11db == NULL) {
+ return SECFailure;
+ }
+
+ rv = lgdb_MakeKey(&key, args);
+ if (rv != SECSuccess)
+ goto done;
+ rv = SECFailure;
+ ret = (*pkcs11db->del)(pkcs11db, &key, 0);
+ lgdb_FreeKey(&key);
+ if (ret != 0)
+ goto done;
+
+ ret = (*pkcs11db->sync)(pkcs11db, 0);
+ if (ret == 0)
+ rv = SECSuccess;
+
+done:
+ lgdb_CloseDB(pkcs11db);
+ return rv;
+}
+
+/*
+ * Add a module to the Data base
+ */
+SECStatus
+legacy_AddSecmodDB(const char *appName, const char *filename,
+ const char *dbname, char *module, PRBool rw)
+{
+ DBT key, data;
+ SECStatus rv = SECFailure;
+ DB *pkcs11db = NULL;
+ int ret;
+
+ if (!rw)
+ return SECFailure;
+
+ /* make sure we have a db handle */
+ pkcs11db = lgdb_OpenDB(appName, filename, dbname, PR_FALSE, PR_FALSE);
+ if (pkcs11db == NULL) {
+ return SECFailure;
+ }
+
+ rv = lgdb_MakeKey(&key, module);
+ if (rv != SECSuccess)
+ goto done;
+ rv = lgdb_EncodeData(&data, module);
+ if (rv != SECSuccess) {
+ lgdb_FreeKey(&key);
+ goto done;
+ }
+ rv = SECFailure;
+ ret = (*pkcs11db->put)(pkcs11db, &key, &data, 0);
+ lgdb_FreeKey(&key);
+ lgdb_FreeData(&data);
+ if (ret != 0)
+ goto done;
+
+ ret = (*pkcs11db->sync)(pkcs11db, 0);
+ if (ret == 0)
+ rv = SECSuccess;
+
+done:
+ lgdb_CloseDB(pkcs11db);
+ return rv;
+}
diff --git a/security/nss/lib/softoken/lgglue.c b/security/nss/lib/softoken/lgglue.c
new file mode 100644
index 000000000..94f054129
--- /dev/null
+++ b/security/nss/lib/softoken/lgglue.c
@@ -0,0 +1,408 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. This file is written to abstract away how the modules are
+ * stored so we can deside that later.
+ */
+#include "sftkdb.h"
+#include "sftkdbti.h"
+#include "sdb.h"
+#include "prsystem.h"
+#include "prprf.h"
+#include "prenv.h"
+#include "lgglue.h"
+#include "secerr.h"
+#include "softoken.h"
+
+static LGOpenFunc legacy_glue_open = NULL;
+static LGReadSecmodFunc legacy_glue_readSecmod = NULL;
+static LGReleaseSecmodFunc legacy_glue_releaseSecmod = NULL;
+static LGDeleteSecmodFunc legacy_glue_deleteSecmod = NULL;
+static LGAddSecmodFunc legacy_glue_addSecmod = NULL;
+static LGShutdownFunc legacy_glue_shutdown = NULL;
+
+/*
+ * The following 3 functions duplicate the work done by bl_LoadLibrary.
+ * We should make bl_LoadLibrary a global and replace the call to
+ * sftkdb_LoadLibrary(const char *libname) with it.
+ */
+#ifdef XP_UNIX
+#include <unistd.h>
+#define LG_MAX_LINKS 20
+static char *
+sftkdb_resolvePath(const char *orig)
+{
+ int count = 0;
+ int len = 0;
+ int ret = -1;
+ char *resolved = NULL;
+ char *source = NULL;
+
+ len = 1025; /* MAX PATH +1*/
+ if (strlen(orig) + 1 > len) {
+ /* PATH TOO LONG */
+ return NULL;
+ }
+ resolved = PORT_Alloc(len);
+ if (!resolved) {
+ return NULL;
+ }
+ source = PORT_Alloc(len);
+ if (!source) {
+ goto loser;
+ }
+ PORT_Strcpy(source, orig);
+ /* Walk down all the links */
+ while (count++ < LG_MAX_LINKS) {
+ char *tmp;
+ /* swap our previous sorce out with resolved */
+ /* read it */
+ ret = readlink(source, resolved, len - 1);
+ if (ret < 0) {
+ break;
+ }
+ resolved[ret] = 0;
+ tmp = source;
+ source = resolved;
+ resolved = tmp;
+ }
+ if (count > 1) {
+ ret = 0;
+ }
+loser:
+ if (resolved) {
+ PORT_Free(resolved);
+ }
+ if (ret < 0) {
+ if (source) {
+ PORT_Free(source);
+ source = NULL;
+ }
+ }
+ return source;
+}
+
+#endif
+
+static PRLibrary *
+sftkdb_LoadFromPath(const char *path, const char *libname)
+{
+ char *c;
+ int pathLen, nameLen, fullPathLen;
+ char *fullPathName = NULL;
+ PRLibSpec libSpec;
+ PRLibrary *lib = NULL;
+
+ /* strip of our parent's library name */
+ c = strrchr(path, PR_GetDirectorySeparator());
+ if (!c) {
+ return NULL; /* invalid path */
+ }
+ pathLen = (c - path) + 1;
+ nameLen = strlen(libname);
+ fullPathLen = pathLen + nameLen + 1;
+ fullPathName = (char *)PORT_Alloc(fullPathLen);
+ if (fullPathName == NULL) {
+ return NULL; /* memory allocation error */
+ }
+ PORT_Memcpy(fullPathName, path, pathLen);
+ PORT_Memcpy(fullPathName + pathLen, libname, nameLen);
+ fullPathName[fullPathLen - 1] = 0;
+
+ libSpec.type = PR_LibSpec_Pathname;
+ libSpec.value.pathname = fullPathName;
+ lib = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
+ PORT_Free(fullPathName);
+ return lib;
+}
+
+static PRLibrary *
+sftkdb_LoadLibrary(const char *libname)
+{
+ PRLibrary *lib = NULL;
+ PRFuncPtr fn_addr;
+ char *parentLibPath = NULL;
+
+ fn_addr = (PRFuncPtr)&sftkdb_LoadLibrary;
+ parentLibPath = PR_GetLibraryFilePathname(SOFTOKEN_LIB_NAME, fn_addr);
+
+ if (!parentLibPath) {
+ goto done;
+ }
+
+ lib = sftkdb_LoadFromPath(parentLibPath, libname);
+#ifdef XP_UNIX
+ /* handle symbolic link case */
+ if (!lib) {
+ char *trueParentLibPath = sftkdb_resolvePath(parentLibPath);
+ if (!trueParentLibPath) {
+ goto done;
+ }
+ lib = sftkdb_LoadFromPath(trueParentLibPath, libname);
+ PORT_Free(trueParentLibPath);
+ }
+#endif
+
+done:
+ if (parentLibPath) {
+ PORT_Free(parentLibPath);
+ }
+
+ /* still couldn't load it, try the generic path */
+ if (!lib) {
+ PRLibSpec libSpec;
+ libSpec.type = PR_LibSpec_Pathname;
+ libSpec.value.pathname = libname;
+ lib = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
+ }
+
+ return lib;
+}
+
+/*
+ * stub files for legacy db's to be able to encrypt and decrypt
+ * various keys and attributes.
+ */
+static SECStatus
+sftkdb_encrypt_stub(PLArenaPool *arena, SDB *sdb, SECItem *plainText,
+ SECItem **cipherText)
+{
+ SFTKDBHandle *handle = sdb->app_private;
+ SECStatus rv;
+
+ if (handle == NULL) {
+ return SECFailure;
+ }
+
+ /* if we aren't the key handle, try the other handle */
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ handle = handle->peerDB;
+ }
+
+ /* not a key handle */
+ if (handle == NULL || handle->passwordLock == NULL) {
+ return SECFailure;
+ }
+
+ PZ_Lock(handle->passwordLock);
+ if (handle->passwordKey.data == NULL) {
+ PZ_Unlock(handle->passwordLock);
+ /* PORT_SetError */
+ return SECFailure;
+ }
+
+ rv = sftkdb_EncryptAttribute(arena,
+ handle->newKey ? handle->newKey : &handle->passwordKey,
+ plainText, cipherText);
+ PZ_Unlock(handle->passwordLock);
+
+ return rv;
+}
+
+/*
+ * stub files for legacy db's to be able to encrypt and decrypt
+ * various keys and attributes.
+ */
+static SECStatus
+sftkdb_decrypt_stub(SDB *sdb, SECItem *cipherText, SECItem **plainText)
+{
+ SFTKDBHandle *handle = sdb->app_private;
+ SECStatus rv;
+ SECItem *oldKey = NULL;
+
+ if (handle == NULL) {
+ return SECFailure;
+ }
+
+ /* if we aren't th handle, try the other handle */
+ oldKey = handle->oldKey;
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ handle = handle->peerDB;
+ }
+
+ /* not a key handle */
+ if (handle == NULL || handle->passwordLock == NULL) {
+ return SECFailure;
+ }
+
+ PZ_Lock(handle->passwordLock);
+ if (handle->passwordKey.data == NULL) {
+ PZ_Unlock(handle->passwordLock);
+ /* PORT_SetError */
+ return SECFailure;
+ }
+ rv = sftkdb_DecryptAttribute(oldKey ? oldKey : &handle->passwordKey,
+ cipherText, plainText);
+ PZ_Unlock(handle->passwordLock);
+
+ return rv;
+}
+
+static const char *LEGACY_LIB_NAME =
+ SHLIB_PREFIX "nssdbm" SHLIB_VERSION "." SHLIB_SUFFIX;
+/*
+ * 2 bools to tell us if we've check the legacy library successfully or
+ * not. Initialize on startup to false by the C BSS segment;
+ */
+static PRLibrary *legacy_glue_lib = NULL;
+static SECStatus
+sftkdbLoad_Legacy()
+{
+ PRLibrary *lib = NULL;
+ LGSetCryptFunc setCryptFunction = NULL;
+
+ if (legacy_glue_lib) {
+ return SECSuccess;
+ }
+
+ lib = sftkdb_LoadLibrary(LEGACY_LIB_NAME);
+ if (lib == NULL) {
+ return SECFailure;
+ }
+
+ legacy_glue_open = (LGOpenFunc)PR_FindFunctionSymbol(lib, "legacy_Open");
+ legacy_glue_readSecmod =
+ (LGReadSecmodFunc)PR_FindFunctionSymbol(lib, "legacy_ReadSecmodDB");
+ legacy_glue_releaseSecmod =
+ (LGReleaseSecmodFunc)PR_FindFunctionSymbol(lib, "legacy_ReleaseSecmodDBData");
+ legacy_glue_deleteSecmod =
+ (LGDeleteSecmodFunc)PR_FindFunctionSymbol(lib, "legacy_DeleteSecmodDB");
+ legacy_glue_addSecmod =
+ (LGAddSecmodFunc)PR_FindFunctionSymbol(lib, "legacy_AddSecmodDB");
+ legacy_glue_shutdown =
+ (LGShutdownFunc)PR_FindFunctionSymbol(lib, "legacy_Shutdown");
+ setCryptFunction =
+ (LGSetCryptFunc)PR_FindFunctionSymbol(lib, "legacy_SetCryptFunctions");
+
+ if (!legacy_glue_open || !legacy_glue_readSecmod ||
+ !legacy_glue_releaseSecmod || !legacy_glue_deleteSecmod ||
+ !legacy_glue_addSecmod || !setCryptFunction) {
+ PR_UnloadLibrary(lib);
+ return SECFailure;
+ }
+
+ setCryptFunction(sftkdb_encrypt_stub, sftkdb_decrypt_stub);
+ legacy_glue_lib = lib;
+ return SECSuccess;
+}
+
+CK_RV
+sftkdbCall_open(const char *dir, const char *certPrefix, const char *keyPrefix,
+ int certVersion, int keyVersion, int flags,
+ SDB **certDB, SDB **keyDB)
+{
+ SECStatus rv;
+
+ rv = sftkdbLoad_Legacy();
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ if (!legacy_glue_open) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return (*legacy_glue_open)(dir, certPrefix, keyPrefix,
+ certVersion, keyVersion,
+ flags, certDB, keyDB);
+}
+
+char **
+sftkdbCall_ReadSecmodDB(const char *appName, const char *filename,
+ const char *dbname, char *params, PRBool rw)
+{
+ SECStatus rv;
+
+ rv = sftkdbLoad_Legacy();
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+ if (!legacy_glue_readSecmod) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ return (*legacy_glue_readSecmod)(appName, filename, dbname, params, rw);
+}
+
+SECStatus
+sftkdbCall_ReleaseSecmodDBData(const char *appName,
+ const char *filename, const char *dbname,
+ char **moduleSpecList, PRBool rw)
+{
+ SECStatus rv;
+
+ rv = sftkdbLoad_Legacy();
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (!legacy_glue_releaseSecmod) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return (*legacy_glue_releaseSecmod)(appName, filename, dbname,
+ moduleSpecList, rw);
+}
+
+SECStatus
+sftkdbCall_DeleteSecmodDB(const char *appName,
+ const char *filename, const char *dbname,
+ char *args, PRBool rw)
+{
+ SECStatus rv;
+
+ rv = sftkdbLoad_Legacy();
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (!legacy_glue_deleteSecmod) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return (*legacy_glue_deleteSecmod)(appName, filename, dbname, args, rw);
+}
+
+SECStatus
+sftkdbCall_AddSecmodDB(const char *appName,
+ const char *filename, const char *dbname,
+ char *module, PRBool rw)
+{
+ SECStatus rv;
+
+ rv = sftkdbLoad_Legacy();
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (!legacy_glue_addSecmod) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return (*legacy_glue_addSecmod)(appName, filename, dbname, module, rw);
+}
+
+CK_RV
+sftkdbCall_Shutdown(void)
+{
+ CK_RV crv = CKR_OK;
+ char *disableUnload = NULL;
+ if (!legacy_glue_lib) {
+ return CKR_OK;
+ }
+ if (legacy_glue_shutdown) {
+#ifdef NO_FORK_CHECK
+ PRBool parentForkedAfterC_Initialize = PR_FALSE;
+#endif
+ crv = (*legacy_glue_shutdown)(parentForkedAfterC_Initialize);
+ }
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+ if (!disableUnload) {
+ PR_UnloadLibrary(legacy_glue_lib);
+ }
+ legacy_glue_lib = NULL;
+ legacy_glue_open = NULL;
+ legacy_glue_readSecmod = NULL;
+ legacy_glue_releaseSecmod = NULL;
+ legacy_glue_deleteSecmod = NULL;
+ legacy_glue_addSecmod = NULL;
+ return crv;
+}
diff --git a/security/nss/lib/softoken/lgglue.h b/security/nss/lib/softoken/lgglue.h
new file mode 100644
index 000000000..61dbfecf6
--- /dev/null
+++ b/security/nss/lib/softoken/lgglue.h
@@ -0,0 +1,59 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This code defines the glue layer between softoken and the legacy DB library
+ */
+#include "sdb.h"
+
+/*
+ * function prototypes for the callbacks into softoken from the legacyDB
+ */
+
+typedef SECStatus (*LGEncryptFunc)(PLArenaPool *arena, SDB *sdb,
+ SECItem *plainText, SECItem **cipherText);
+typedef SECStatus (*LGDecryptFunc)(SDB *sdb, SECItem *cipherText,
+ SECItem **plainText);
+
+/*
+ * function prototypes for the exported functions.
+ */
+typedef CK_RV (*LGOpenFunc)(const char *dir, const char *certPrefix,
+ const char *keyPrefix,
+ int certVersion, int keyVersion, int flags,
+ SDB **certDB, SDB **keyDB);
+typedef char **(*LGReadSecmodFunc)(const char *appName,
+ const char *filename,
+ const char *dbname, char *params, PRBool rw);
+typedef SECStatus (*LGReleaseSecmodFunc)(const char *appName,
+ const char *filename,
+ const char *dbname, char **params, PRBool rw);
+typedef SECStatus (*LGDeleteSecmodFunc)(const char *appName,
+ const char *filename,
+ const char *dbname, char *params, PRBool rw);
+typedef SECStatus (*LGAddSecmodFunc)(const char *appName,
+ const char *filename,
+ const char *dbname, char *params, PRBool rw);
+typedef SECStatus (*LGShutdownFunc)(PRBool forked);
+typedef void (*LGSetForkStateFunc)(PRBool);
+typedef void (*LGSetCryptFunc)(LGEncryptFunc, LGDecryptFunc);
+
+/*
+ * Softoken Glue Functions
+ */
+CK_RV sftkdbCall_open(const char *dir, const char *certPrefix,
+ const char *keyPrefix,
+ int certVersion, int keyVersion, int flags,
+ SDB **certDB, SDB **keyDB);
+char **sftkdbCall_ReadSecmodDB(const char *appName, const char *filename,
+ const char *dbname, char *params, PRBool rw);
+SECStatus sftkdbCall_ReleaseSecmodDBData(const char *appName,
+ const char *filename, const char *dbname,
+ char **moduleSpecList, PRBool rw);
+SECStatus sftkdbCall_DeleteSecmodDB(const char *appName,
+ const char *filename, const char *dbname,
+ char *args, PRBool rw);
+SECStatus sftkdbCall_AddSecmodDB(const char *appName,
+ const char *filename, const char *dbname,
+ char *module, PRBool rw);
+CK_RV sftkdbCall_Shutdown(void);
diff --git a/security/nss/lib/softoken/lowkey.c b/security/nss/lib/softoken/lowkey.c
new file mode 100644
index 000000000..73b1dc971
--- /dev/null
+++ b/security/nss/lib/softoken/lowkey.c
@@ -0,0 +1,500 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "lowkeyi.h"
+#include "secoid.h"
+#include "secitem.h"
+#include "secder.h"
+#include "base64.h"
+#include "secasn1.h"
+#include "secerr.h"
+
+#ifndef NSS_DISABLE_ECC
+#include "softoken.h"
+#endif
+
+SEC_ASN1_MKSUB(SEC_AnyTemplate)
+SEC_ASN1_MKSUB(SEC_BitStringTemplate)
+SEC_ASN1_MKSUB(SEC_ObjectIDTemplate)
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSLOWKEYAttribute) },
+ { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) },
+ { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
+ offsetof(NSSLOWKEYAttribute, attrValue),
+ SEC_ASN1_SUB(SEC_AnyTemplate) },
+ { 0 }
+};
+
+const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate },
+};
+/* ASN1 Templates for new decoder/encoder */
+const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSLOWKEYPrivateKeyInfo, version) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSLOWKEYPrivateKeyInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSLOWKEYPrivateKeyInfo, privateKey) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
+ nsslowkey_SetOfAttributeTemplate },
+ { 0 }
+};
+
+const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
+ { SEC_ASN1_INTEGER, offsetof(PQGParams, prime) },
+ { SEC_ASN1_INTEGER, offsetof(PQGParams, subPrime) },
+ { SEC_ASN1_INTEGER, offsetof(PQGParams, base) },
+ { 0 }
+};
+
+const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.version) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient) },
+ { 0 }
+};
+
+const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.publicValue) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue) },
+ { 0 }
+};
+
+const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = {
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue) },
+};
+
+const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.publicValue) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.privateValue) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.base) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.prime) },
+ { 0 }
+};
+
+#ifndef NSS_DISABLE_ECC
+
+/* NOTE: The SECG specification allows the private key structure
+ * to contain curve parameters but recommends that they be stored
+ * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo
+ * instead.
+ */
+const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[] = {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
+ { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.ec.version) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSLOWKEYPrivateKey, u.ec.privateValue) },
+ /* We only support named curves for which the parameters are
+ * encoded as an object ID.
+ */
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 0,
+ offsetof(NSSLOWKEYPrivateKey, u.ec.ecParams.curveOID),
+ SEC_ASN1_SUB(SEC_ObjectIDTemplate) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC |
+ SEC_ASN1_XTRN | 1,
+ offsetof(NSSLOWKEYPrivateKey, u.ec.publicValue),
+ SEC_ASN1_SUB(SEC_BitStringTemplate) },
+ { 0 }
+};
+#endif /* NSS_DISABLE_ECC */
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+
+void
+prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.rsa.modulus.type = siUnsignedInteger;
+ key->u.rsa.publicExponent.type = siUnsignedInteger;
+ key->u.rsa.privateExponent.type = siUnsignedInteger;
+ key->u.rsa.prime1.type = siUnsignedInteger;
+ key->u.rsa.prime2.type = siUnsignedInteger;
+ key->u.rsa.exponent1.type = siUnsignedInteger;
+ key->u.rsa.exponent2.type = siUnsignedInteger;
+ key->u.rsa.coefficient.type = siUnsignedInteger;
+}
+
+void
+prepare_low_pqg_params_for_asn1(PQGParams *params)
+{
+ params->prime.type = siUnsignedInteger;
+ params->subPrime.type = siUnsignedInteger;
+ params->base.type = siUnsignedInteger;
+}
+
+void
+prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.dsa.publicValue.type = siUnsignedInteger;
+ key->u.dsa.privateValue.type = siUnsignedInteger;
+ key->u.dsa.params.prime.type = siUnsignedInteger;
+ key->u.dsa.params.subPrime.type = siUnsignedInteger;
+ key->u.dsa.params.base.type = siUnsignedInteger;
+}
+
+void
+prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.dsa.privateValue.type = siUnsignedInteger;
+}
+
+void
+prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.dh.prime.type = siUnsignedInteger;
+ key->u.dh.base.type = siUnsignedInteger;
+ key->u.dh.publicValue.type = siUnsignedInteger;
+ key->u.dh.privateValue.type = siUnsignedInteger;
+}
+
+#ifndef NSS_DISABLE_ECC
+void
+prepare_low_ecparams_for_asn1(ECParams *params)
+{
+ params->DEREncoding.type = siUnsignedInteger;
+ params->curveOID.type = siUnsignedInteger;
+}
+
+void
+prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
+{
+ key->u.ec.version.type = siUnsignedInteger;
+ key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger;
+ key->u.ec.ecParams.curveOID.type = siUnsignedInteger;
+ key->u.ec.privateValue.type = siUnsignedInteger;
+ key->u.ec.publicValue.type = siUnsignedInteger;
+}
+#endif /* NSS_DISABLE_ECC */
+
+void
+nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
+{
+ if (privk && privk->arena) {
+ PORT_FreeArena(privk->arena, PR_TRUE);
+ }
+}
+
+void
+nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
+{
+ if (pubk && pubk->arena) {
+ PORT_FreeArena(pubk->arena, PR_FALSE);
+ }
+}
+unsigned
+nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
+{
+ unsigned char b0;
+
+ /* interpret modulus length as key strength... in
+ * fortezza that's the public key length */
+
+ switch (pubk->keyType) {
+ case NSSLOWKEYRSAKey:
+ b0 = pubk->u.rsa.modulus.data[0];
+ return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
+ default:
+ break;
+ }
+ return 0;
+}
+
+unsigned
+nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk)
+{
+
+ unsigned char b0;
+
+ switch (privk->keyType) {
+ case NSSLOWKEYRSAKey:
+ b0 = privk->u.rsa.modulus.data[0];
+ return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1;
+ default:
+ break;
+ }
+ return 0;
+}
+
+NSSLOWKEYPublicKey *
+nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
+{
+ NSSLOWKEYPublicKey *pubk;
+ PLArenaPool *arena;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ switch (privk->keyType) {
+ case NSSLOWKEYRSAKey:
+ case NSSLOWKEYNullKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ if (privk->keyType == NSSLOWKEYNullKey)
+ return pubk;
+ rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
+ &privk->u.rsa.modulus);
+ if (rv == SECSuccess) {
+ rv = SECITEM_CopyItem(arena, &pubk->u.rsa.publicExponent,
+ &privk->u.rsa.publicExponent);
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ break;
+ case NSSLOWKEYDSAKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
+ &privk->u.dsa.publicValue);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
+ &privk->u.dsa.params.prime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
+ &privk->u.dsa.params.subPrime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
+ &privk->u.dsa.params.base);
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ break;
+ case NSSLOWKEYDHKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
+ &privk->u.dh.publicValue);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
+ &privk->u.dh.prime);
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
+ &privk->u.dh.base);
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPublicKey));
+ if (pubk != NULL) {
+ SECStatus rv;
+
+ pubk->arena = arena;
+ pubk->keyType = privk->keyType;
+ rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue,
+ &privk->u.ec.publicValue);
+ if (rv != SECSuccess)
+ break;
+ pubk->u.ec.ecParams.arena = arena;
+ /* Copy the rest of the params */
+ rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams),
+ &(privk->u.ec.ecParams));
+ if (rv == SECSuccess)
+ return pubk;
+ }
+ break;
+#endif /* NSS_DISABLE_ECC */
+ /* No Fortezza in Low Key implementations (Fortezza keys aren't
+ * stored in our data base */
+ default:
+ break;
+ }
+
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+}
+
+NSSLOWKEYPrivateKey *
+nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey)
+{
+ NSSLOWKEYPrivateKey *returnKey = NULL;
+ SECStatus rv = SECFailure;
+ PLArenaPool *poolp;
+
+ if (!privKey) {
+ return NULL;
+ }
+
+ poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!poolp) {
+ return NULL;
+ }
+
+ returnKey = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPrivateKey));
+ if (!returnKey) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ returnKey->keyType = privKey->keyType;
+ returnKey->arena = poolp;
+
+ switch (privKey->keyType) {
+ case NSSLOWKEYRSAKey:
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus),
+ &(privKey->u.rsa.modulus));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version),
+ &(privKey->u.rsa.version));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent),
+ &(privKey->u.rsa.publicExponent));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent),
+ &(privKey->u.rsa.privateExponent));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1),
+ &(privKey->u.rsa.prime1));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2),
+ &(privKey->u.rsa.prime2));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1),
+ &(privKey->u.rsa.exponent1));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2),
+ &(privKey->u.rsa.exponent2));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient),
+ &(privKey->u.rsa.coefficient));
+ if (rv != SECSuccess)
+ break;
+ break;
+ case NSSLOWKEYDSAKey:
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue),
+ &(privKey->u.dsa.publicValue));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue),
+ &(privKey->u.dsa.privateValue));
+ if (rv != SECSuccess)
+ break;
+ returnKey->u.dsa.params.arena = poolp;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime),
+ &(privKey->u.dsa.params.prime));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime),
+ &(privKey->u.dsa.params.subPrime));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base),
+ &(privKey->u.dsa.params.base));
+ if (rv != SECSuccess)
+ break;
+ break;
+ case NSSLOWKEYDHKey:
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue),
+ &(privKey->u.dh.publicValue));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue),
+ &(privKey->u.dh.privateValue));
+ if (rv != SECSuccess)
+ break;
+ returnKey->u.dsa.params.arena = poolp;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime),
+ &(privKey->u.dh.prime));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base),
+ &(privKey->u.dh.base));
+ if (rv != SECSuccess)
+ break;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version),
+ &(privKey->u.ec.version));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue),
+ &(privKey->u.ec.publicValue));
+ if (rv != SECSuccess)
+ break;
+ rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue),
+ &(privKey->u.ec.privateValue));
+ if (rv != SECSuccess)
+ break;
+ returnKey->u.ec.ecParams.arena = poolp;
+ /* Copy the rest of the params */
+ rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams),
+ &(privKey->u.ec.ecParams));
+ if (rv != SECSuccess)
+ break;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ rv = SECFailure;
+ }
+
+loser:
+
+ if (rv != SECSuccess) {
+ PORT_FreeArena(poolp, PR_TRUE);
+ returnKey = NULL;
+ }
+
+ return returnKey;
+}
diff --git a/security/nss/lib/softoken/lowkeyi.h b/security/nss/lib/softoken/lowkeyi.h
new file mode 100644
index 000000000..a5878c2f6
--- /dev/null
+++ b/security/nss/lib/softoken/lowkeyi.h
@@ -0,0 +1,71 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _LOWKEYI_H_
+#define _LOWKEYI_H_
+
+#include "prtypes.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "lowkeyti.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+ * See bugzilla bug 125359
+ * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
+ * all of the templates above that en/decode into integers must be converted
+ * from ASN.1's signed integer type. This is done by marking either the
+ * source or destination (encoding or decoding, respectively) type as
+ * siUnsignedInteger.
+ */
+extern void prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void prepare_low_pqg_params_for_asn1(PQGParams *params);
+extern void prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+#ifndef NSS_DISABLE_ECC
+extern void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
+extern void prepare_low_ecparams_for_asn1(ECParams *params);
+#endif /* NSS_DISABLE_ECC */
+
+/*
+** Destroy a private key object.
+** "key" the object
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
+
+/*
+** Destroy a public key object.
+** "key" the object
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
+
+/*
+** Return the modulus length of "pubKey".
+*/
+extern unsigned int nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubKey);
+
+/*
+** Return the modulus length of "privKey".
+*/
+extern unsigned int nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privKey);
+
+/*
+** Convert a low private key "privateKey" into a public low key
+*/
+extern NSSLOWKEYPublicKey *
+nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
+
+/* Make a copy of a low private key in it's own arena.
+ * a return of NULL indicates an error.
+ */
+extern NSSLOWKEYPrivateKey *
+nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey);
+
+SEC_END_PROTOS
+
+#endif /* _LOWKEYI_H_ */
diff --git a/security/nss/lib/softoken/lowkeyti.h b/security/nss/lib/softoken/lowkeyti.h
new file mode 100644
index 000000000..2ef16405f
--- /dev/null
+++ b/security/nss/lib/softoken/lowkeyti.h
@@ -0,0 +1,93 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _LOWKEYTI_H_
+#define _LOWKEYTI_H_ 1
+
+#include "blapit.h"
+#include "prtypes.h"
+#include "plarena.h"
+#include "secitem.h"
+#include "secasn1t.h"
+#include "secoidt.h"
+
+/*
+** Typedef for callback to get a password "key".
+*/
+extern const SEC_ASN1Template nsslowkey_PQGParamsTemplate[];
+extern const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[];
+extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[];
+extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[];
+extern const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[];
+extern const SEC_ASN1Template nsslowkey_DHPrivateKeyExportTemplate[];
+#ifndef NSS_DISABLE_ECC
+#define NSSLOWKEY_EC_PRIVATE_KEY_VERSION 1 /* as per SECG 1 C.4 */
+extern const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[];
+#endif /* NSS_DISABLE_ECC */
+
+extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
+extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
+
+/*
+ * PKCS #8 attributes
+ */
+struct NSSLOWKEYAttributeStr {
+ SECItem attrType;
+ SECItem *attrValue;
+};
+typedef struct NSSLOWKEYAttributeStr NSSLOWKEYAttribute;
+
+/*
+** A PKCS#8 private key info object
+*/
+struct NSSLOWKEYPrivateKeyInfoStr {
+ PLArenaPool *arena;
+ SECItem version;
+ SECAlgorithmID algorithm;
+ SECItem privateKey;
+ NSSLOWKEYAttribute **attributes;
+};
+typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
+#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */
+
+typedef enum {
+ NSSLOWKEYNullKey = 0,
+ NSSLOWKEYRSAKey = 1,
+ NSSLOWKEYDSAKey = 2,
+ NSSLOWKEYDHKey = 4,
+ NSSLOWKEYECKey = 5
+} NSSLOWKEYType;
+
+/*
+** An RSA public key object.
+*/
+struct NSSLOWKEYPublicKeyStr {
+ PLArenaPool *arena;
+ NSSLOWKEYType keyType;
+ union {
+ RSAPublicKey rsa;
+ DSAPublicKey dsa;
+ DHPublicKey dh;
+ ECPublicKey ec;
+ } u;
+};
+typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
+
+/*
+** Low Level private key object
+** This is only used by the raw Crypto engines (crypto), keydb (keydb),
+** and PKCS #11. Everyone else uses the high level key structure.
+*/
+struct NSSLOWKEYPrivateKeyStr {
+ PLArenaPool *arena;
+ NSSLOWKEYType keyType;
+ union {
+ RSAPrivateKey rsa;
+ DSAPrivateKey dsa;
+ DHPrivateKey dh;
+ ECPrivateKey ec;
+ } u;
+};
+typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
+
+#endif /* _LOWKEYTI_H_ */
diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c
new file mode 100644
index 000000000..b78302ed7
--- /dev/null
+++ b/security/nss/lib/softoken/lowpbe.c
@@ -0,0 +1,1363 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secitem.h"
+#include "secport.h"
+#include "hasht.h"
+#include "pkcs11t.h"
+#include "blapi.h"
+#include "hasht.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "lowpbe.h"
+#include "secoid.h"
+#include "alghmac.h"
+#include "softoken.h"
+#include "secerr.h"
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+/* template for PKCS 5 PBE Parameter. This template has been expanded
+ * based upon the additions in PKCS 12. This should eventually be moved
+ * if RSA updates PKCS 5.
+ */
+static const SEC_ASN1Template NSSPKCS5PBEParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(NSSPKCS5PBEParameter) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(NSSPKCS5PBEParameter, salt) },
+ { SEC_ASN1_INTEGER,
+ offsetof(NSSPKCS5PBEParameter, iteration) },
+ { 0 }
+ };
+
+static const SEC_ASN1Template NSSPKCS5PKCS12V2PBEParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSPKCS5PBEParameter) },
+ { SEC_ASN1_OCTET_STRING, offsetof(NSSPKCS5PBEParameter, salt) },
+ { SEC_ASN1_INTEGER, offsetof(NSSPKCS5PBEParameter, iteration) },
+ { 0 }
+ };
+
+/* PKCS5 v2 */
+
+struct nsspkcs5V2PBEParameterStr {
+ SECAlgorithmID keyParams; /* parameters of the key generation */
+ SECAlgorithmID algParams; /* parameters for the encryption or mac op */
+};
+
+typedef struct nsspkcs5V2PBEParameterStr nsspkcs5V2PBEParameter;
+
+static const SEC_ASN1Template NSSPKCS5V2PBES2ParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(nsspkcs5V2PBEParameter) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(nsspkcs5V2PBEParameter, keyParams),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(nsspkcs5V2PBEParameter, algParams),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { 0 }
+ };
+
+static const SEC_ASN1Template NSSPKCS5V2PBEParameterTemplate[] =
+ {
+ { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSPKCS5PBEParameter) },
+ /* this is really a choice, but since we don't understand any other
+ * choice, just inline it. */
+ { SEC_ASN1_OCTET_STRING, offsetof(NSSPKCS5PBEParameter, salt) },
+ { SEC_ASN1_INTEGER, offsetof(NSSPKCS5PBEParameter, iteration) },
+ { SEC_ASN1_INTEGER, offsetof(NSSPKCS5PBEParameter, keyLength) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(NSSPKCS5PBEParameter, prfAlg),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { 0 }
+ };
+
+SECStatus
+nsspkcs5_HashBuf(const SECHashObject *hashObj, unsigned char *dest,
+ unsigned char *src, int len)
+{
+ void *ctx;
+ unsigned int retLen;
+
+ ctx = hashObj->create();
+ if (ctx == NULL) {
+ return SECFailure;
+ }
+ hashObj->begin(ctx);
+ hashObj->update(ctx, src, len);
+ hashObj->end(ctx, dest, &retLen, hashObj->length);
+ hashObj->destroy(ctx, PR_TRUE);
+ return SECSuccess;
+}
+
+/* generate bits using any hash
+ */
+static SECItem *
+nsspkcs5_PBKDF1(const SECHashObject *hashObj, SECItem *salt, SECItem *pwd,
+ int iter, PRBool faulty3DES)
+{
+ SECItem *hash = NULL, *pre_hash = NULL;
+ SECStatus rv = SECFailure;
+
+ if ((salt == NULL) || (pwd == NULL) || (iter < 0)) {
+ return NULL;
+ }
+
+ hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ pre_hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+
+ if ((hash != NULL) && (pre_hash != NULL)) {
+ int i, ph_len;
+
+ ph_len = hashObj->length;
+ if ((salt->len + pwd->len) > hashObj->length) {
+ ph_len = salt->len + pwd->len;
+ }
+
+ rv = SECFailure;
+
+ /* allocate buffers */
+ hash->len = hashObj->length;
+ hash->data = (unsigned char *)PORT_ZAlloc(hash->len);
+ pre_hash->data = (unsigned char *)PORT_ZAlloc(ph_len);
+
+ /* in pbeSHA1TripleDESCBC there was an allocation error that made
+ * it into the caller. We do not want to propagate those errors
+ * further, so we are doing it correctly, but reading the old method.
+ */
+ if (faulty3DES) {
+ pre_hash->len = ph_len;
+ } else {
+ pre_hash->len = salt->len + pwd->len;
+ }
+
+ /* preform hash */
+ if ((hash->data != NULL) && (pre_hash->data != NULL)) {
+ rv = SECSuccess;
+ /* check for 0 length password */
+ if (pwd->len > 0) {
+ PORT_Memcpy(pre_hash->data, pwd->data, pwd->len);
+ }
+ if (salt->len > 0) {
+ PORT_Memcpy((pre_hash->data + pwd->len), salt->data, salt->len);
+ }
+ for (i = 0; ((i < iter) && (rv == SECSuccess)); i++) {
+ rv = nsspkcs5_HashBuf(hashObj, hash->data,
+ pre_hash->data, pre_hash->len);
+ if (rv != SECFailure) {
+ pre_hash->len = hashObj->length;
+ PORT_Memcpy(pre_hash->data, hash->data, hashObj->length);
+ }
+ }
+ }
+ }
+
+ if (pre_hash != NULL) {
+ SECITEM_FreeItem(pre_hash, PR_TRUE);
+ }
+
+ if ((rv != SECSuccess) && (hash != NULL)) {
+ SECITEM_FreeItem(hash, PR_TRUE);
+ hash = NULL;
+ }
+
+ return hash;
+}
+
+/* this bit generation routine is described in PKCS 12 and the proposed
+ * extensions to PKCS 5. an initial hash is generated following the
+ * instructions laid out in PKCS 5. If the number of bits generated is
+ * insufficient, then the method discussed in the proposed extensions to
+ * PKCS 5 in PKCS 12 are used. This extension makes use of the HMAC
+ * function. And the P_Hash function from the TLS standard.
+ */
+static SECItem *
+nsspkcs5_PFXPBE(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param,
+ SECItem *init_hash, unsigned int bytes_needed)
+{
+ SECItem *ret_bits = NULL;
+ int hash_size = 0;
+ unsigned int i;
+ unsigned int hash_iter;
+ unsigned int dig_len;
+ SECStatus rv = SECFailure;
+ unsigned char *state = NULL;
+ unsigned int state_len;
+ HMACContext *cx = NULL;
+
+ hash_size = hashObj->length;
+ hash_iter = (bytes_needed + (unsigned int)hash_size - 1) / hash_size;
+
+ /* allocate return buffer */
+ ret_bits = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (ret_bits == NULL)
+ return NULL;
+ ret_bits->data = (unsigned char *)PORT_ZAlloc((hash_iter * hash_size) + 1);
+ ret_bits->len = (hash_iter * hash_size);
+ if (ret_bits->data == NULL) {
+ PORT_Free(ret_bits);
+ return NULL;
+ }
+
+ /* allocate intermediate hash buffer. 8 is for the 8 bytes of
+ * data which are added based on iteration number
+ */
+
+ if ((unsigned int)hash_size > pbe_param->salt.len) {
+ state_len = hash_size;
+ } else {
+ state_len = pbe_param->salt.len;
+ }
+ state = (unsigned char *)PORT_ZAlloc(state_len);
+ if (state == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ if (pbe_param->salt.len > 0) {
+ PORT_Memcpy(state, pbe_param->salt.data, pbe_param->salt.len);
+ }
+
+ cx = HMAC_Create(hashObj, init_hash->data, init_hash->len, PR_TRUE);
+ if (cx == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ for (i = 0; i < hash_iter; i++) {
+
+ /* generate output bits */
+ HMAC_Begin(cx);
+ HMAC_Update(cx, state, state_len);
+ HMAC_Update(cx, pbe_param->salt.data, pbe_param->salt.len);
+ rv = HMAC_Finish(cx, ret_bits->data + (i * hash_size),
+ &dig_len, hash_size);
+ if (rv != SECSuccess)
+ goto loser;
+ PORT_Assert((unsigned int)hash_size == dig_len);
+
+ /* generate new state */
+ HMAC_Begin(cx);
+ HMAC_Update(cx, state, state_len);
+ rv = HMAC_Finish(cx, state, &state_len, state_len);
+ if (rv != SECSuccess)
+ goto loser;
+ PORT_Assert(state_len == dig_len);
+ }
+
+loser:
+ if (state != NULL)
+ PORT_ZFree(state, state_len);
+ HMAC_Destroy(cx, PR_TRUE);
+
+ if (rv != SECSuccess) {
+ SECITEM_ZfreeItem(ret_bits, PR_TRUE);
+ ret_bits = NULL;
+ }
+
+ return ret_bits;
+}
+
+/* generate bits for the key and iv determination. if enough bits
+ * are not generated using PKCS 5, then we need to generate more bits
+ * based on the extension proposed in PKCS 12
+ */
+static SECItem *
+nsspkcs5_PBKDF1Extended(const SECHashObject *hashObj,
+ NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem, PRBool faulty3DES)
+{
+ SECItem *hash = NULL;
+ SECItem *newHash = NULL;
+ int bytes_needed;
+ int bytes_available;
+
+ bytes_needed = pbe_param->ivLen + pbe_param->keyLen;
+ bytes_available = hashObj->length;
+
+ hash = nsspkcs5_PBKDF1(hashObj, &pbe_param->salt, pwitem,
+ pbe_param->iter, faulty3DES);
+
+ if (hash == NULL) {
+ return NULL;
+ }
+
+ if (bytes_needed <= bytes_available) {
+ return hash;
+ }
+
+ newHash = nsspkcs5_PFXPBE(hashObj, pbe_param, hash, bytes_needed);
+ if (hash != newHash)
+ SECITEM_FreeItem(hash, PR_TRUE);
+ return newHash;
+}
+
+/*
+ * PBDKDF2 is PKCS #5 v2.0 it's currently not used by NSS
+ */
+static void
+do_xor(unsigned char *dest, unsigned char *src, int len)
+{
+ /* use byt xor, not all platforms are happy about inaligned
+ * integer fetches */
+ while (len--) {
+ *dest = *dest ^ *src;
+ dest++;
+ src++;
+ }
+}
+
+static SECStatus
+nsspkcs5_PBKDF2_F(const SECHashObject *hashobj, SECItem *pwitem, SECItem *salt,
+ int iterations, unsigned int i, unsigned char *T)
+{
+ int j;
+ HMACContext *cx = NULL;
+ unsigned int hLen = hashobj->length;
+ SECStatus rv = SECFailure;
+ unsigned char *last = NULL;
+ unsigned int lastLength = salt->len + 4;
+ unsigned int lastBufLength;
+
+ cx = HMAC_Create(hashobj, pwitem->data, pwitem->len, PR_FALSE);
+ if (cx == NULL) {
+ goto loser;
+ }
+ PORT_Memset(T, 0, hLen);
+ lastBufLength = PR_MAX(lastLength, hLen);
+ last = PORT_Alloc(lastBufLength);
+ if (last == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(last, salt->data, salt->len);
+ last[salt->len] = (i >> 24) & 0xff;
+ last[salt->len + 1] = (i >> 16) & 0xff;
+ last[salt->len + 2] = (i >> 8) & 0xff;
+ last[salt->len + 3] = i & 0xff;
+
+ /* NOTE: we need at least one iteration to return success! */
+ for (j = 0; j < iterations; j++) {
+ HMAC_Begin(cx);
+ HMAC_Update(cx, last, lastLength);
+ rv = HMAC_Finish(cx, last, &lastLength, hLen);
+ if (rv != SECSuccess) {
+ break;
+ }
+ do_xor(T, last, hLen);
+ }
+loser:
+ if (cx) {
+ HMAC_Destroy(cx, PR_TRUE);
+ }
+ if (last) {
+ PORT_ZFree(last, lastBufLength);
+ }
+ return rv;
+}
+
+static SECItem *
+nsspkcs5_PBKDF2(const SECHashObject *hashobj, NSSPKCS5PBEParameter *pbe_param,
+ SECItem *pwitem)
+{
+ int iterations = pbe_param->iter;
+ int bytesNeeded = pbe_param->keyLen;
+ unsigned int dkLen = bytesNeeded;
+ unsigned int hLen = hashobj->length;
+ unsigned int nblocks = (dkLen + hLen - 1) / hLen;
+ unsigned int i;
+ unsigned char *rp;
+ unsigned char *T = NULL;
+ SECItem *result = NULL;
+ SECItem *salt = &pbe_param->salt;
+ SECStatus rv = SECFailure;
+
+ result = SECITEM_AllocItem(NULL, NULL, nblocks * hLen);
+ if (result == NULL) {
+ return NULL;
+ }
+
+ T = PORT_Alloc(hLen);
+ if (T == NULL) {
+ goto loser;
+ }
+
+ for (i = 1, rp = result->data; i <= nblocks; i++, rp += hLen) {
+ rv = nsspkcs5_PBKDF2_F(hashobj, pwitem, salt, iterations, i, T);
+ if (rv != SECSuccess) {
+ break;
+ }
+ PORT_Memcpy(rp, T, hLen);
+ }
+
+loser:
+ if (T) {
+ PORT_ZFree(T, hLen);
+ }
+ if (rv != SECSuccess) {
+ SECITEM_FreeItem(result, PR_TRUE);
+ result = NULL;
+ } else {
+ result->len = dkLen;
+ }
+
+ return result;
+}
+
+#define HMAC_BUFFER 64
+#define NSSPBE_ROUNDUP(x, y) ((((x) + ((y)-1)) / (y)) * (y))
+#define NSSPBE_MIN(x, y) ((x) < (y) ? (x) : (y))
+/*
+ * This is the extended PBE function defined by the final PKCS #12 spec.
+ */
+static SECItem *
+nsspkcs5_PKCS12PBE(const SECHashObject *hashObject,
+ NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
+ PBEBitGenID bitGenPurpose, unsigned int bytesNeeded)
+{
+ PLArenaPool *arena = NULL;
+ unsigned int SLen, PLen;
+ unsigned int hashLength = hashObject->length;
+ unsigned char *S, *P;
+ SECItem *A = NULL, B, D, I;
+ SECItem *salt = &pbe_param->salt;
+ unsigned int c, i = 0;
+ unsigned int hashLen;
+ int iter;
+ unsigned char *iterBuf;
+ void *hash = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ return NULL;
+ }
+
+ /* how many hash object lengths are needed */
+ c = (bytesNeeded + (hashLength - 1)) / hashLength;
+
+ /* initialize our buffers */
+ D.len = HMAC_BUFFER;
+ /* B and D are the same length, use one alloc go get both */
+ D.data = (unsigned char *)PORT_ArenaZAlloc(arena, D.len * 2);
+ B.len = D.len;
+ B.data = D.data + D.len;
+
+ /* if all goes well, A will be returned, so don't use our temp arena */
+ A = SECITEM_AllocItem(NULL, NULL, c * hashLength);
+ if (A == NULL) {
+ goto loser;
+ }
+
+ SLen = NSSPBE_ROUNDUP(salt->len, HMAC_BUFFER);
+ PLen = NSSPBE_ROUNDUP(pwitem->len, HMAC_BUFFER);
+ I.len = SLen + PLen;
+ I.data = (unsigned char *)PORT_ArenaZAlloc(arena, I.len);
+ if (I.data == NULL) {
+ goto loser;
+ }
+
+ /* S & P are only used to initialize I */
+ S = I.data;
+ P = S + SLen;
+
+ PORT_Memset(D.data, (char)bitGenPurpose, D.len);
+ if (SLen) {
+ for (i = 0; i < SLen; i += salt->len) {
+ PORT_Memcpy(S + i, salt->data, NSSPBE_MIN(SLen - i, salt->len));
+ }
+ }
+ if (PLen) {
+ for (i = 0; i < PLen; i += pwitem->len) {
+ PORT_Memcpy(P + i, pwitem->data, NSSPBE_MIN(PLen - i, pwitem->len));
+ }
+ }
+
+ iterBuf = (unsigned char *)PORT_ArenaZAlloc(arena, hashLength);
+ if (iterBuf == NULL) {
+ goto loser;
+ }
+
+ hash = hashObject->create();
+ if (!hash) {
+ goto loser;
+ }
+ /* calculate the PBE now */
+ for (i = 0; i < c; i++) {
+ int Bidx; /* must be signed or the for loop won't terminate */
+ unsigned int k, j;
+ unsigned char *Ai = A->data + i * hashLength;
+
+ for (iter = 0; iter < pbe_param->iter; iter++) {
+ hashObject->begin(hash);
+
+ if (iter) {
+ hashObject->update(hash, iterBuf, hashLen);
+ } else {
+ hashObject->update(hash, D.data, D.len);
+ hashObject->update(hash, I.data, I.len);
+ }
+
+ hashObject->end(hash, iterBuf, &hashLen, hashObject->length);
+ if (hashLen != hashObject->length) {
+ break;
+ }
+ }
+
+ PORT_Memcpy(Ai, iterBuf, hashLength);
+ for (Bidx = 0; Bidx < (int)B.len; Bidx += hashLength) {
+ PORT_Memcpy(B.data + Bidx, iterBuf, NSSPBE_MIN(B.len - Bidx, hashLength));
+ }
+
+ k = I.len / B.len;
+ for (j = 0; j < k; j++) {
+ unsigned int q, carryBit;
+ unsigned char *Ij = I.data + j * B.len;
+
+ /* (Ij = Ij+B+1) */
+ for (Bidx = (B.len - 1), q = 1, carryBit = 0; Bidx >= 0; Bidx--, q = 0) {
+ q += (unsigned int)Ij[Bidx];
+ q += (unsigned int)B.data[Bidx];
+ q += carryBit;
+
+ carryBit = (q > 0xff);
+ Ij[Bidx] = (unsigned char)(q & 0xff);
+ }
+ }
+ }
+loser:
+ if (hash) {
+ hashObject->destroy(hash, PR_TRUE);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+
+ if (A) {
+ /* if i != c, then we didn't complete the loop above and must of failed
+ * somwhere along the way */
+ if (i != c) {
+ SECITEM_ZfreeItem(A, PR_TRUE);
+ A = NULL;
+ } else {
+ A->len = bytesNeeded;
+ }
+ }
+
+ return A;
+}
+
+/*
+ * generate key as per PKCS 5
+ */
+SECItem *
+nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
+ SECItem *iv, PRBool faulty3DES)
+{
+ SECItem *hash = NULL, *key = NULL;
+ const SECHashObject *hashObj;
+ PRBool getIV = PR_FALSE;
+
+ if ((pbe_param == NULL) || (pwitem == NULL)) {
+ return NULL;
+ }
+
+ key = SECITEM_AllocItem(NULL, NULL, pbe_param->keyLen);
+ if (key == NULL) {
+ return NULL;
+ }
+
+ if (iv && (pbe_param->ivLen) && (iv->data == NULL)) {
+ getIV = PR_TRUE;
+ iv->data = (unsigned char *)PORT_Alloc(pbe_param->ivLen);
+ if (iv->data == NULL) {
+ goto loser;
+ }
+ iv->len = pbe_param->ivLen;
+ }
+
+ hashObj = HASH_GetRawHashObject(pbe_param->hashType);
+ switch (pbe_param->pbeType) {
+ case NSSPKCS5_PBKDF1:
+ hash = nsspkcs5_PBKDF1Extended(hashObj, pbe_param, pwitem, faulty3DES);
+ if (hash == NULL) {
+ goto loser;
+ }
+ PORT_Assert(hash->len >= key->len + (getIV ? iv->len : 0));
+ if (getIV) {
+ PORT_Memcpy(iv->data, hash->data + (hash->len - iv->len), iv->len);
+ }
+
+ break;
+ case NSSPKCS5_PBKDF2:
+ hash = nsspkcs5_PBKDF2(hashObj, pbe_param, pwitem);
+ if (getIV) {
+ PORT_Memcpy(iv->data, pbe_param->ivData, iv->len);
+ }
+ break;
+ case NSSPKCS5_PKCS12_V2:
+ if (getIV) {
+ hash = nsspkcs5_PKCS12PBE(hashObj, pbe_param, pwitem,
+ pbeBitGenCipherIV, iv->len);
+ if (hash == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(iv->data, hash->data, iv->len);
+ SECITEM_ZfreeItem(hash, PR_TRUE);
+ hash = NULL;
+ }
+ hash = nsspkcs5_PKCS12PBE(hashObj, pbe_param, pwitem,
+ pbe_param->keyID, key->len);
+ default:
+ break;
+ }
+
+ if (hash == NULL) {
+ goto loser;
+ }
+
+ if (pbe_param->is2KeyDES) {
+ PORT_Memcpy(key->data, hash->data, (key->len * 2) / 3);
+ PORT_Memcpy(&(key->data[(key->len * 2) / 3]), key->data,
+ key->len / 3);
+ } else {
+ PORT_Memcpy(key->data, hash->data, key->len);
+ }
+
+ SECITEM_ZfreeItem(hash, PR_TRUE);
+ return key;
+
+loser:
+ if (getIV && iv->data) {
+ PORT_ZFree(iv->data, iv->len);
+ iv->data = NULL;
+ }
+
+ SECITEM_ZfreeItem(key, PR_TRUE);
+ return NULL;
+}
+
+static SECStatus
+nsspkcs5_FillInParam(SECOidTag algorithm, HASH_HashType hashType,
+ NSSPKCS5PBEParameter *pbe_param)
+{
+ PRBool skipType = PR_FALSE;
+
+ pbe_param->keyLen = 5;
+ pbe_param->ivLen = 8;
+ pbe_param->hashType = hashType;
+ pbe_param->pbeType = NSSPKCS5_PBKDF1;
+ pbe_param->encAlg = SEC_OID_RC2_CBC;
+ pbe_param->is2KeyDES = PR_FALSE;
+ switch (algorithm) {
+ /* DES3 Algorithms */
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
+ pbe_param->is2KeyDES = PR_TRUE;
+ /* fall through */
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
+ pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
+ /* fall through */
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
+ pbe_param->keyLen = 24;
+ pbe_param->encAlg = SEC_OID_DES_EDE3_CBC;
+ break;
+
+ /* DES Algorithms */
+ case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
+ pbe_param->hashType = HASH_AlgMD2;
+ goto finish_des;
+ case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
+ pbe_param->hashType = HASH_AlgMD5;
+ /* fall through */
+ case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
+ finish_des:
+ pbe_param->keyLen = 8;
+ pbe_param->encAlg = SEC_OID_DES_CBC;
+ break;
+
+ /* RC2 Algorithms */
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ pbe_param->keyLen = 16;
+ /* fall through */
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
+ break;
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
+ pbe_param->keyLen = 16;
+ /* fall through */
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
+ break;
+
+ /* RC4 algorithms */
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ skipType = PR_TRUE;
+ /* fall through */
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
+ pbe_param->keyLen = 16;
+ /* fall through */
+ case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ if (!skipType) {
+ pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
+ }
+ /* fall through */
+ case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
+ pbe_param->ivLen = 0;
+ pbe_param->encAlg = SEC_OID_RC4;
+ break;
+
+ case SEC_OID_PKCS5_PBKDF2:
+ case SEC_OID_PKCS5_PBES2:
+ case SEC_OID_PKCS5_PBMAC1:
+ /* everything else will be filled in by the template */
+ pbe_param->ivLen = 0;
+ pbe_param->pbeType = NSSPKCS5_PBKDF2;
+ pbe_param->encAlg = SEC_OID_PKCS5_PBKDF2;
+ pbe_param->keyLen = 0; /* needs to be set by caller after return */
+ break;
+
+ default:
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/* decode the algid and generate a PKCS 5 parameter from it
+ */
+NSSPKCS5PBEParameter *
+nsspkcs5_NewParam(SECOidTag alg, HASH_HashType hashType, SECItem *salt,
+ int iterationCount)
+{
+ PLArenaPool *arena = NULL;
+ NSSPKCS5PBEParameter *pbe_param = NULL;
+ SECStatus rv = SECFailure;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL)
+ return NULL;
+
+ /* allocate memory for the parameter */
+ pbe_param = (NSSPKCS5PBEParameter *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSPKCS5PBEParameter));
+
+ if (pbe_param == NULL) {
+ goto loser;
+ }
+
+ pbe_param->poolp = arena;
+
+ rv = nsspkcs5_FillInParam(alg, hashType, pbe_param);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ pbe_param->iter = iterationCount;
+ if (salt) {
+ rv = SECITEM_CopyItem(arena, &pbe_param->salt, salt);
+ }
+
+ /* default key gen */
+ pbe_param->keyID = pbeBitGenCipherKey;
+
+loser:
+ if (rv != SECSuccess) {
+ PORT_FreeArena(arena, PR_TRUE);
+ pbe_param = NULL;
+ }
+
+ return pbe_param;
+}
+
+/*
+ * find the hash type needed to implement a specific HMAC.
+ * OID definitions are from pkcs 5 v2.0 and 2.1
+ */
+HASH_HashType
+HASH_FromHMACOid(SECOidTag hmac)
+{
+ switch (hmac) {
+ case SEC_OID_HMAC_SHA1:
+ return HASH_AlgSHA1;
+ case SEC_OID_HMAC_SHA256:
+ return HASH_AlgSHA256;
+ case SEC_OID_HMAC_SHA384:
+ return HASH_AlgSHA384;
+ case SEC_OID_HMAC_SHA512:
+ return HASH_AlgSHA512;
+ case SEC_OID_HMAC_SHA224:
+ default:
+ break;
+ }
+ return HASH_AlgNULL;
+}
+
+/* decode the algid and generate a PKCS 5 parameter from it
+ */
+NSSPKCS5PBEParameter *
+nsspkcs5_AlgidToParam(SECAlgorithmID *algid)
+{
+ NSSPKCS5PBEParameter *pbe_param = NULL;
+ nsspkcs5V2PBEParameter pbev2_param;
+ SECOidTag algorithm;
+ SECStatus rv = SECFailure;
+
+ if (algid == NULL) {
+ return NULL;
+ }
+
+ algorithm = SECOID_GetAlgorithmTag(algid);
+ if (algorithm == SEC_OID_UNKNOWN) {
+ goto loser;
+ }
+
+ pbe_param = nsspkcs5_NewParam(algorithm, HASH_AlgSHA1, NULL, 1);
+ if (pbe_param == NULL) {
+ goto loser;
+ }
+
+ /* decode parameter */
+ rv = SECFailure;
+ switch (pbe_param->pbeType) {
+ case NSSPKCS5_PBKDF1:
+ rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
+ NSSPKCS5PBEParameterTemplate, &algid->parameters);
+ break;
+ case NSSPKCS5_PKCS12_V2:
+ rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
+ NSSPKCS5PKCS12V2PBEParameterTemplate, &algid->parameters);
+ break;
+ case NSSPKCS5_PBKDF2:
+ PORT_Memset(&pbev2_param, 0, sizeof(pbev2_param));
+ /* just the PBE */
+ if (algorithm == SEC_OID_PKCS5_PBKDF2) {
+ rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
+ NSSPKCS5V2PBEParameterTemplate, &algid->parameters);
+ } else {
+ /* PBE data an others */
+ rv = SEC_ASN1DecodeItem(pbe_param->poolp, &pbev2_param,
+ NSSPKCS5V2PBES2ParameterTemplate, &algid->parameters);
+ if (rv != SECSuccess) {
+ break;
+ }
+ pbe_param->encAlg = SECOID_GetAlgorithmTag(&pbev2_param.algParams);
+ rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
+ NSSPKCS5V2PBEParameterTemplate,
+ &pbev2_param.keyParams.parameters);
+ if (rv != SECSuccess) {
+ break;
+ }
+ pbe_param->keyLen = DER_GetInteger(&pbe_param->keyLength);
+ }
+ /* we we are encrypting, save any iv's */
+ if (algorithm == SEC_OID_PKCS5_PBES2) {
+ pbe_param->ivLen = pbev2_param.algParams.parameters.len;
+ pbe_param->ivData = pbev2_param.algParams.parameters.data;
+ }
+ pbe_param->hashType =
+ HASH_FromHMACOid(SECOID_GetAlgorithmTag(&pbe_param->prfAlg));
+ if (pbe_param->hashType == HASH_AlgNULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ rv = SECFailure;
+ }
+ break;
+ }
+
+loser:
+ if (rv == SECSuccess) {
+ pbe_param->iter = DER_GetInteger(&pbe_param->iteration);
+ } else {
+ nsspkcs5_DestroyPBEParameter(pbe_param);
+ pbe_param = NULL;
+ }
+
+ return pbe_param;
+}
+
+/* destroy a pbe parameter. it assumes that the parameter was
+ * generated using the appropriate create function and therefor
+ * contains an arena pool.
+ */
+void
+nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *pbe_param)
+{
+ if (pbe_param != NULL) {
+ PORT_FreeArena(pbe_param->poolp, PR_FALSE);
+ }
+}
+
+/* crypto routines */
+/* perform DES encryption and decryption. these routines are called
+ * by nsspkcs5_CipherData. In the case of an error, NULL is returned.
+ */
+static SECItem *
+sec_pkcs5_des(SECItem *key, SECItem *iv, SECItem *src, PRBool triple_des,
+ PRBool encrypt)
+{
+ SECItem *dest;
+ SECItem *dup_src;
+ SECStatus rv = SECFailure;
+ int pad;
+
+ if ((src == NULL) || (key == NULL) || (iv == NULL))
+ return NULL;
+
+ dup_src = SECITEM_DupItem(src);
+ if (dup_src == NULL) {
+ return NULL;
+ }
+
+ if (encrypt != PR_FALSE) {
+ void *dummy;
+
+ dummy = CBC_PadBuffer(NULL, dup_src->data,
+ dup_src->len, &dup_src->len, 8 /* DES_BLOCK_SIZE */);
+ if (dummy == NULL) {
+ SECITEM_FreeItem(dup_src, PR_TRUE);
+ return NULL;
+ }
+ dup_src->data = (unsigned char *)dummy;
+ }
+
+ dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (dest != NULL) {
+ /* allocate with over flow */
+ dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
+ if (dest->data != NULL) {
+ DESContext *ctxt;
+ ctxt = DES_CreateContext(key->data, iv->data,
+ (triple_des ? NSS_DES_EDE3_CBC : NSS_DES_CBC),
+ encrypt);
+
+ if (ctxt != NULL) {
+ rv = (encrypt ? DES_Encrypt : DES_Decrypt)(
+ ctxt, dest->data, &dest->len,
+ dup_src->len + 64, dup_src->data, dup_src->len);
+
+ /* remove padding -- assumes 64 bit blocks */
+ if ((encrypt == PR_FALSE) && (rv == SECSuccess)) {
+ pad = dest->data[dest->len - 1];
+ if ((pad > 0) && (pad <= 8)) {
+ if (dest->data[dest->len - pad] != pad) {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ } else {
+ dest->len -= pad;
+ }
+ } else {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ }
+ }
+ DES_DestroyContext(ctxt, PR_TRUE);
+ }
+ }
+ }
+
+ if (rv == SECFailure) {
+ if (dest != NULL) {
+ SECITEM_FreeItem(dest, PR_TRUE);
+ }
+ dest = NULL;
+ }
+
+ if (dup_src != NULL) {
+ SECITEM_FreeItem(dup_src, PR_TRUE);
+ }
+
+ return dest;
+}
+
+/* perform aes encryption/decryption if an error occurs, NULL is returned
+ */
+static SECItem *
+sec_pkcs5_aes(SECItem *key, SECItem *iv, SECItem *src, PRBool triple_des,
+ PRBool encrypt)
+{
+ SECItem *dest;
+ SECItem *dup_src;
+ SECStatus rv = SECFailure;
+ int pad;
+
+ if ((src == NULL) || (key == NULL) || (iv == NULL))
+ return NULL;
+
+ dup_src = SECITEM_DupItem(src);
+ if (dup_src == NULL) {
+ return NULL;
+ }
+
+ if (encrypt != PR_FALSE) {
+ void *dummy;
+
+ dummy = CBC_PadBuffer(NULL, dup_src->data,
+ dup_src->len, &dup_src->len, AES_BLOCK_SIZE);
+ if (dummy == NULL) {
+ SECITEM_FreeItem(dup_src, PR_TRUE);
+ return NULL;
+ }
+ dup_src->data = (unsigned char *)dummy;
+ }
+
+ dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (dest != NULL) {
+ /* allocate with over flow */
+ dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
+ if (dest->data != NULL) {
+ AESContext *ctxt;
+ ctxt = AES_CreateContext(key->data, iv->data,
+ NSS_AES_CBC, encrypt, key->len, 16);
+
+ if (ctxt != NULL) {
+ rv = (encrypt ? AES_Encrypt : AES_Decrypt)(
+ ctxt, dest->data, &dest->len,
+ dup_src->len + 64, dup_src->data, dup_src->len);
+
+ /* remove padding -- assumes 64 bit blocks */
+ if ((encrypt == PR_FALSE) && (rv == SECSuccess)) {
+ pad = dest->data[dest->len - 1];
+ if ((pad > 0) && (pad <= 16)) {
+ if (dest->data[dest->len - pad] != pad) {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ } else {
+ dest->len -= pad;
+ }
+ } else {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ }
+ }
+ AES_DestroyContext(ctxt, PR_TRUE);
+ }
+ }
+ }
+
+ if (rv == SECFailure) {
+ if (dest != NULL) {
+ SECITEM_FreeItem(dest, PR_TRUE);
+ }
+ dest = NULL;
+ }
+
+ if (dup_src != NULL) {
+ SECITEM_FreeItem(dup_src, PR_TRUE);
+ }
+
+ return dest;
+}
+
+/* perform rc2 encryption/decryption if an error occurs, NULL is returned
+ */
+static SECItem *
+sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy,
+ PRBool encrypt)
+{
+ SECItem *dest;
+ SECItem *dup_src;
+ SECStatus rv = SECFailure;
+ int pad;
+
+ if ((src == NULL) || (key == NULL) || (iv == NULL)) {
+ return NULL;
+ }
+
+ dup_src = SECITEM_DupItem(src);
+ if (dup_src == NULL) {
+ return NULL;
+ }
+
+ if (encrypt != PR_FALSE) {
+ void *dummy;
+
+ dummy = CBC_PadBuffer(NULL, dup_src->data,
+ dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */);
+ if (dummy == NULL) {
+ SECITEM_FreeItem(dup_src, PR_TRUE);
+ return NULL;
+ }
+ dup_src->data = (unsigned char *)dummy;
+ }
+
+ dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (dest != NULL) {
+ dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
+ if (dest->data != NULL) {
+ RC2Context *ctxt;
+
+ ctxt = RC2_CreateContext(key->data, key->len, iv->data,
+ NSS_RC2_CBC, key->len);
+
+ if (ctxt != NULL) {
+ rv = (encrypt ? RC2_Encrypt : RC2_Decrypt)(
+ ctxt, dest->data, &dest->len,
+ dup_src->len + 64, dup_src->data, dup_src->len);
+
+ /* assumes 8 byte blocks -- remove padding */
+ if ((rv == SECSuccess) && (encrypt != PR_TRUE)) {
+ pad = dest->data[dest->len - 1];
+ if ((pad > 0) && (pad <= 8)) {
+ if (dest->data[dest->len - pad] != pad) {
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ rv = SECFailure;
+ } else {
+ dest->len -= pad;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_PASSWORD);
+ rv = SECFailure;
+ }
+ }
+ }
+ }
+ }
+
+ if ((rv != SECSuccess) && (dest != NULL)) {
+ SECITEM_FreeItem(dest, PR_TRUE);
+ dest = NULL;
+ }
+
+ if (dup_src != NULL) {
+ SECITEM_FreeItem(dup_src, PR_TRUE);
+ }
+
+ return dest;
+}
+
+/* perform rc4 encryption and decryption */
+static SECItem *
+sec_pkcs5_rc4(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy_op,
+ PRBool encrypt)
+{
+ SECItem *dest;
+ SECStatus rv = SECFailure;
+
+ if ((src == NULL) || (key == NULL) || (iv == NULL)) {
+ return NULL;
+ }
+
+ dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
+ if (dest != NULL) {
+ dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
+ (src->len + 64));
+ if (dest->data != NULL) {
+ RC4Context *ctxt;
+
+ ctxt = RC4_CreateContext(key->data, key->len);
+ if (ctxt) {
+ rv = (encrypt ? RC4_Encrypt : RC4_Decrypt)(
+ ctxt, dest->data, &dest->len,
+ src->len + 64, src->data, src->len);
+ RC4_DestroyContext(ctxt, PR_TRUE);
+ }
+ }
+ }
+
+ if ((rv != SECSuccess) && (dest)) {
+ SECITEM_FreeItem(dest, PR_TRUE);
+ dest = NULL;
+ }
+
+ return dest;
+}
+/* function pointer template for crypto functions */
+typedef SECItem *(*pkcs5_crypto_func)(SECItem *key, SECItem *iv,
+ SECItem *src, PRBool op1, PRBool op2);
+
+/* performs the cipher operation on the src and returns the result.
+ * if an error occurs, NULL is returned.
+ *
+ * a null length password is allowed. this corresponds to encrypting
+ * the data with ust the salt.
+ */
+/* change this to use PKCS 11? */
+SECItem *
+nsspkcs5_CipherData(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
+ SECItem *src, PRBool encrypt, PRBool *update)
+{
+ SECItem *key = NULL, iv;
+ SECItem *dest = NULL;
+ PRBool tripleDES = PR_TRUE;
+ pkcs5_crypto_func cryptof;
+
+ iv.data = NULL;
+
+ if (update) {
+ *update = PR_FALSE;
+ }
+
+ if ((pwitem == NULL) || (src == NULL)) {
+ return NULL;
+ }
+
+ /* get key, and iv */
+ key = nsspkcs5_ComputeKeyAndIV(pbe_param, pwitem, &iv, PR_FALSE);
+ if (key == NULL) {
+ return NULL;
+ }
+
+ switch (pbe_param->encAlg) {
+ /* PKCS 5 v2 only */
+ case SEC_OID_AES_128_CBC:
+ case SEC_OID_AES_192_CBC:
+ case SEC_OID_AES_256_CBC:
+ cryptof = sec_pkcs5_aes;
+ break;
+ case SEC_OID_DES_EDE3_CBC:
+ cryptof = sec_pkcs5_des;
+ tripleDES = PR_TRUE;
+ break;
+ case SEC_OID_DES_CBC:
+ cryptof = sec_pkcs5_des;
+ tripleDES = PR_FALSE;
+ break;
+ case SEC_OID_RC2_CBC:
+ cryptof = sec_pkcs5_rc2;
+ break;
+ case SEC_OID_RC4:
+ cryptof = sec_pkcs5_rc4;
+ break;
+ default:
+ cryptof = NULL;
+ break;
+ }
+
+ if (cryptof == NULL) {
+ goto loser;
+ }
+
+ dest = (*cryptof)(key, &iv, src, tripleDES, encrypt);
+ /*
+ * it's possible for some keys and keydb's to claim to
+ * be triple des when they're really des. In this case
+ * we simply try des. If des works we set the update flag
+ * so the key db knows it needs to update all it's entries.
+ * The case can only happen on decrypted of a
+ * SEC_OID_DES_EDE3_CBD.
+ */
+ if ((dest == NULL) && (encrypt == PR_FALSE) &&
+ (pbe_param->encAlg == SEC_OID_DES_EDE3_CBC)) {
+ dest = (*cryptof)(key, &iv, src, PR_FALSE, encrypt);
+ if (update && (dest != NULL))
+ *update = PR_TRUE;
+ }
+
+loser:
+ if (key != NULL) {
+ SECITEM_ZfreeItem(key, PR_TRUE);
+ }
+ if (iv.data != NULL) {
+ SECITEM_ZfreeItem(&iv, PR_FALSE);
+ }
+
+ return dest;
+}
+
+/* creates a algorithm ID containing the PBE algorithm and appropriate
+ * parameters. the required parameter is the algorithm. if salt is
+ * not specified, it is generated randomly. if IV is specified, it overrides
+ * the PKCS 5 generation of the IV.
+ *
+ * the returned SECAlgorithmID should be destroyed using
+ * SECOID_DestroyAlgorithmID
+ */
+SECAlgorithmID *
+nsspkcs5_CreateAlgorithmID(PLArenaPool *arena, SECOidTag algorithm,
+ NSSPKCS5PBEParameter *pbe_param)
+{
+ SECAlgorithmID *algid, *ret_algid = NULL;
+ SECItem der_param;
+ nsspkcs5V2PBEParameter pkcs5v2_param;
+
+ SECStatus rv = SECFailure;
+ void *dummy = NULL;
+
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ der_param.data = NULL;
+ der_param.len = 0;
+
+ /* generate the algorithm id */
+ algid = (SECAlgorithmID *)PORT_ArenaZAlloc(arena, sizeof(SECAlgorithmID));
+ if (algid == NULL) {
+ goto loser;
+ }
+
+ if (pbe_param->iteration.data == NULL) {
+ dummy = SEC_ASN1EncodeInteger(pbe_param->poolp, &pbe_param->iteration,
+ pbe_param->iter);
+ if (dummy == NULL) {
+ goto loser;
+ }
+ }
+ switch (pbe_param->pbeType) {
+ case NSSPKCS5_PBKDF1:
+ dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
+ NSSPKCS5PBEParameterTemplate);
+ break;
+ case NSSPKCS5_PKCS12_V2:
+ dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
+ NSSPKCS5PKCS12V2PBEParameterTemplate);
+ break;
+ case NSSPKCS5_PBKDF2:
+ if (pbe_param->keyLength.data == NULL) {
+ dummy = SEC_ASN1EncodeInteger(pbe_param->poolp,
+ &pbe_param->keyLength, pbe_param->keyLen);
+ if (dummy == NULL) {
+ goto loser;
+ }
+ }
+ PORT_Memset(&pkcs5v2_param, 0, sizeof(pkcs5v2_param));
+ dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
+ NSSPKCS5V2PBEParameterTemplate);
+ if (dummy == NULL) {
+ break;
+ }
+ dummy = NULL;
+ rv = SECOID_SetAlgorithmID(arena, &pkcs5v2_param.keyParams,
+ SEC_OID_PKCS5_PBKDF2, &der_param);
+ if (rv != SECSuccess) {
+ break;
+ }
+ der_param.data = pbe_param->ivData;
+ der_param.len = pbe_param->ivLen;
+ rv = SECOID_SetAlgorithmID(arena, &pkcs5v2_param.algParams,
+ pbe_param->encAlg, pbe_param->ivLen ? &der_param : NULL);
+ if (rv != SECSuccess) {
+ break;
+ }
+ dummy = SEC_ASN1EncodeItem(arena, &der_param, &pkcs5v2_param,
+ NSSPKCS5V2PBES2ParameterTemplate);
+ break;
+ default:
+ break;
+ }
+
+ if (dummy == NULL) {
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, algid, algorithm, &der_param);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
+ if (ret_algid == NULL) {
+ goto loser;
+ }
+
+ rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
+ if (rv != SECSuccess) {
+ SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
+ ret_algid = NULL;
+ }
+
+loser:
+
+ return ret_algid;
+}
diff --git a/security/nss/lib/softoken/lowpbe.h b/security/nss/lib/softoken/lowpbe.h
new file mode 100644
index 000000000..208013818
--- /dev/null
+++ b/security/nss/lib/softoken/lowpbe.h
@@ -0,0 +1,107 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECPKCS5_H_
+#define _SECPKCS5_H_
+
+#include "plarena.h"
+#include "secitem.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "hasht.h"
+
+typedef SECItem *(*SEC_PKCS5GetPBEPassword)(void *arg);
+
+/* used for V2 PKCS 12 Draft Spec */
+typedef enum {
+ pbeBitGenIDNull = 0,
+ pbeBitGenCipherKey = 0x01,
+ pbeBitGenCipherIV = 0x02,
+ pbeBitGenIntegrityKey = 0x03
+} PBEBitGenID;
+
+typedef enum {
+ NSSPKCS5_PBKDF1 = 0,
+ NSSPKCS5_PBKDF2 = 1,
+ NSSPKCS5_PKCS12_V2 = 2
+} NSSPKCS5PBEType;
+
+typedef struct NSSPKCS5PBEParameterStr NSSPKCS5PBEParameter;
+
+struct NSSPKCS5PBEParameterStr {
+ PLArenaPool *poolp;
+ SECItem salt; /* octet string */
+ SECItem iteration; /* integer */
+ SECItem keyLength; /* integer */
+
+ /* used locally */
+ int iter;
+ int keyLen;
+ int ivLen;
+ unsigned char *ivData;
+ HASH_HashType hashType;
+ NSSPKCS5PBEType pbeType;
+ SECAlgorithmID prfAlg;
+ PBEBitGenID keyID;
+ SECOidTag encAlg;
+ PRBool is2KeyDES;
+};
+
+SEC_BEGIN_PROTOS
+/* Create a PKCS5 Algorithm ID
+ * The algorithm ID is set up using the PKCS #5 parameter structure
+ * algorithm is the PBE algorithm ID for the desired algorithm
+ * pbe is a pbe param block with all the info needed to create the
+ * algorithm id.
+ * If an error occurs or the algorithm specified is not supported
+ * or is not a password based encryption algorithm, NULL is returned.
+ * Otherwise, a pointer to the algorithm id is returned.
+ */
+extern SECAlgorithmID *
+nsspkcs5_CreateAlgorithmID(PLArenaPool *arena, SECOidTag algorithm,
+ NSSPKCS5PBEParameter *pbe);
+
+/*
+ * Convert an Algorithm ID to a PBE Param.
+ * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
+ * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
+ */
+NSSPKCS5PBEParameter *
+nsspkcs5_AlgidToParam(SECAlgorithmID *algid);
+
+/*
+ * Convert an Algorithm ID to a PBE Param.
+ * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
+ * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
+ */
+NSSPKCS5PBEParameter *
+nsspkcs5_NewParam(SECOidTag alg, HASH_HashType hashType, SECItem *salt,
+ int iterationCount);
+
+/* Encrypt/Decrypt data using password based encryption.
+ * algid is the PBE algorithm identifier,
+ * pwitem is the password,
+ * src is the source for encryption/decryption,
+ * encrypt is PR_TRUE for encryption, PR_FALSE for decryption.
+ * The key and iv are generated based upon PKCS #5 then the src
+ * is either encrypted or decrypted. If an error occurs, NULL
+ * is returned, otherwise the ciphered contents is returned.
+ */
+extern SECItem *
+nsspkcs5_CipherData(NSSPKCS5PBEParameter *, SECItem *pwitem,
+ SECItem *src, PRBool encrypt, PRBool *update);
+
+extern SECItem *
+nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *, SECItem *pwitem,
+ SECItem *iv, PRBool faulty3DES);
+
+/* Destroys PBE parameter */
+extern void
+nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *param);
+
+HASH_HashType HASH_FromHMACOid(SECOidTag oid);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/softoken/manifest.mn b/security/nss/lib/softoken/manifest.mn
new file mode 100644
index 000000000..256d443ea
--- /dev/null
+++ b/security/nss/lib/softoken/manifest.mn
@@ -0,0 +1,61 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+MODULE = nss
+DIRS = legacydb
+
+LIBRARY_NAME = softokn
+LIBRARY_VERSION = 3
+MAPFILE = $(OBJDIR)/softokn.def
+
+DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
+
+ifdef SQLITE_INCLUDE_DIR
+INCLUDES += -I$(SQLITE_INCLUDE_DIR)
+endif
+
+EXPORTS = \
+ lowkeyi.h \
+ lowkeyti.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ lgglue.h \
+ pkcs11ni.h \
+ softoken.h \
+ softoknt.h \
+ softkver.h \
+ sdb.h \
+ sftkdbt.h \
+ $(NULL)
+
+CSRCS = \
+ fipsaudt.c \
+ fipstest.c \
+ fipstokn.c \
+ lgglue.c \
+ lowkey.c \
+ lowpbe.c \
+ padbuf.c \
+ pkcs11.c \
+ pkcs11c.c \
+ pkcs11u.c \
+ sdb.c \
+ sftkdb.c \
+ sftkhmac.c \
+ sftkpars.c \
+ sftkpwd.c \
+ softkver.c \
+ tlsprf.c \
+ jpakesftk.c \
+ $(NULL)
+
+ifdef SQLITE_UNSAFE_THREADS
+DEFINES += -DSQLITE_UNSAFE_THREADS
+endif
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/softoken/padbuf.c b/security/nss/lib/softoken/padbuf.c
new file mode 100644
index 000000000..6e897f213
--- /dev/null
+++ b/security/nss/lib/softoken/padbuf.c
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "blapit.h"
+#include "secport.h"
+#include "secerr.h"
+
+/*
+ * Prepare a buffer for any padded CBC encryption algorithm, growing to the
+ * appropriate boundary and filling with the appropriate padding.
+ * blockSize must be a power of 2.
+ *
+ * NOTE: If arena is non-NULL, we re-allocate from there, otherwise
+ * we assume (and use) XP memory (re)allocation.
+ */
+unsigned char *
+CBC_PadBuffer(PLArenaPool *arena, unsigned char *inbuf, unsigned int inlen,
+ unsigned int *outlen, int blockSize)
+{
+ unsigned char *outbuf;
+ unsigned int des_len;
+ unsigned int i;
+ unsigned char des_pad_len;
+
+ /*
+ * We need from 1 to blockSize bytes -- we *always* grow.
+ * The extra bytes contain the value of the length of the padding:
+ * if we have 2 bytes of padding, then the padding is "0x02, 0x02".
+ */
+ des_len = (inlen + blockSize) & ~(blockSize - 1);
+
+ if (arena != NULL) {
+ outbuf = (unsigned char *)PORT_ArenaGrow(arena, inbuf, inlen, des_len);
+ } else {
+ outbuf = (unsigned char *)PORT_Realloc(inbuf, des_len);
+ }
+
+ if (outbuf == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ des_pad_len = des_len - inlen;
+ for (i = inlen; i < des_len; i++)
+ outbuf[i] = des_pad_len;
+
+ *outlen = des_len;
+ return outbuf;
+}
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
new file mode 100644
index 000000000..ee255cf21
--- /dev/null
+++ b/security/nss/lib/softoken/pkcs11.c
@@ -0,0 +1,4930 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements PKCS 11 on top of our existing security modules
+ *
+ * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
+ * This implementation has two slots:
+ * slot 1 is our generic crypto support. It does not require login.
+ * It supports Public Key ops, and all they bulk ciphers and hashes.
+ * It can also support Private Key ops for imported Private keys. It does
+ * not have any token storage.
+ * slot 2 is our private key support. It requires a login before use. It
+ * can store Private Keys and Certs as token objects. Currently only private
+ * keys and their associated Certificates are saved on the token.
+ *
+ * In this implementation, session objects are only visible to the session
+ * that created or generated them.
+ */
+#include "seccomon.h"
+#include "secitem.h"
+#include "pkcs11.h"
+#include "pkcs11i.h"
+#include "softoken.h"
+#include "lowkeyi.h"
+#include "blapi.h"
+#include "secder.h"
+#include "secport.h"
+#include "secrng.h"
+#include "prtypes.h"
+#include "nspr.h"
+#include "softkver.h"
+#include "secoid.h"
+#include "sftkdb.h"
+#include "utilpars.h"
+#include "ec.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "lgglue.h"
+
+PRBool parentForkedAfterC_Initialize;
+
+#ifndef NO_FORK_CHECK
+
+PRBool sftkForkCheckDisabled;
+
+#if defined(CHECK_FORK_PTHREAD) || defined(CHECK_FORK_MIXED)
+PRBool forked = PR_FALSE;
+#endif
+
+#if defined(CHECK_FORK_GETPID) || defined(CHECK_FORK_MIXED)
+#include <unistd.h>
+pid_t myPid;
+#endif
+
+#ifdef CHECK_FORK_MIXED
+#include <sys/systeminfo.h>
+PRBool usePthread_atfork;
+#endif
+
+#endif
+
+/*
+ * ******************** Static data *******************************
+ */
+
+/* The next three strings must be exactly 32 characters long */
+static char *manufacturerID = "Mozilla Foundation ";
+static char manufacturerID_space[33];
+static char *libraryDescription = "NSS Internal Crypto Services ";
+static char libraryDescription_space[33];
+
+/*
+ * In FIPS mode, we disallow login attempts for 1 second after a login
+ * failure so that there are at most 60 login attempts per minute.
+ */
+static PRIntervalTime loginWaitTime;
+static PRUint32 minSessionObjectHandle = 1U;
+
+#define __PASTE(x, y) x##y
+
+/*
+ * we renamed all our internal functions, get the correct
+ * definitions for them...
+ */
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#define CK_EXTERN extern
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ CK_RV __PASTE(NS, func)
+#define CK_NEED_ARG_LIST 1
+
+#include "pkcs11f.h"
+
+/* build the crypto module table */
+static const CK_FUNCTION_LIST sftk_funcList = {
+ { 1, 10 },
+
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ __PASTE(NS, func) \
+ ,
+#include "pkcs11f.h"
+
+};
+
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#undef __PASTE
+
+/* List of DES Weak Keys */
+typedef unsigned char desKey[8];
+static const desKey sftk_desWeakTable[] = {
+#ifdef noParity
+ /* weak */
+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+ { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },
+ { 0xe0, 0xe0, 0xe0, 0xe0, 0xf0, 0xf0, 0xf0, 0xf0 },
+ { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
+ /* semi-weak */
+ { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },
+ { 0xfe, 0x00, 0xfe, 0x00, 0x00, 0xfe, 0x00, 0xfe },
+
+ { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },
+ { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
+
+ { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0x0f, 0x00, 0x0f },
+ { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
+
+ { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
+ { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
+
+ { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },
+ { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },
+
+ { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },
+ { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
+#else
+ /* weak */
+ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
+ { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e },
+ { 0xe0, 0xe0, 0xe0, 0xe0, 0xf1, 0xf1, 0xf1, 0xf1 },
+ { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
+
+ /* semi-weak */
+ { 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe },
+ { 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01 },
+
+ { 0x1f, 0xe0, 0x1f, 0xe0, 0x0e, 0xf1, 0x0e, 0xf1 },
+ { 0xe0, 0x1f, 0xe0, 0x1f, 0xf1, 0x0e, 0xf1, 0x0e },
+
+ { 0x01, 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1 },
+ { 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1, 0x01 },
+
+ { 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
+ { 0xfe, 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e },
+
+ { 0x01, 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e },
+ { 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e, 0x01 },
+
+ { 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1, 0xfe },
+ { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1 }
+#endif
+};
+
+static const int sftk_desWeakTableSize = sizeof(sftk_desWeakTable) /
+ sizeof(sftk_desWeakTable[0]);
+
+/* DES KEY Parity conversion table. Takes each byte/2 as an index, returns
+ * that byte with the proper parity bit set */
+static const unsigned char parityTable[256] = {
+ /* Even...0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e */
+ /* E */ 0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e,
+ /* Odd....0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e */
+ /* O */ 0x10, 0x13, 0x15, 0x16, 0x19, 0x1a, 0x1c, 0x1f,
+ /* Odd....0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e */
+ /* O */ 0x20, 0x23, 0x25, 0x26, 0x29, 0x2a, 0x2c, 0x2f,
+ /* Even...0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e */
+ /* E */ 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e,
+ /* Odd....0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e */
+ /* O */ 0x40, 0x43, 0x45, 0x46, 0x49, 0x4a, 0x4c, 0x4f,
+ /* Even...0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e */
+ /* E */ 0x51, 0x52, 0x54, 0x57, 0x58, 0x5b, 0x5d, 0x5e,
+ /* Even...0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e */
+ /* E */ 0x61, 0x62, 0x64, 0x67, 0x68, 0x6b, 0x6d, 0x6e,
+ /* Odd....0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e */
+ /* O */ 0x70, 0x73, 0x75, 0x76, 0x79, 0x7a, 0x7c, 0x7f,
+ /* Odd....0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e */
+ /* O */ 0x80, 0x83, 0x85, 0x86, 0x89, 0x8a, 0x8c, 0x8f,
+ /* Even...0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e */
+ /* E */ 0x91, 0x92, 0x94, 0x97, 0x98, 0x9b, 0x9d, 0x9e,
+ /* Even...0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae */
+ /* E */ 0xa1, 0xa2, 0xa4, 0xa7, 0xa8, 0xab, 0xad, 0xae,
+ /* Odd....0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe */
+ /* O */ 0xb0, 0xb3, 0xb5, 0xb6, 0xb9, 0xba, 0xbc, 0xbf,
+ /* Even...0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce */
+ /* E */ 0xc1, 0xc2, 0xc4, 0xc7, 0xc8, 0xcb, 0xcd, 0xce,
+ /* Odd....0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde */
+ /* O */ 0xd0, 0xd3, 0xd5, 0xd6, 0xd9, 0xda, 0xdc, 0xdf,
+ /* Odd....0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee */
+ /* O */ 0xe0, 0xe3, 0xe5, 0xe6, 0xe9, 0xea, 0xec, 0xef,
+ /* Even...0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe */
+ /* E */ 0xf1, 0xf2, 0xf4, 0xf7, 0xf8, 0xfb, 0xfd, 0xfe,
+};
+
+/* Mechanisms */
+struct mechanismList {
+ CK_MECHANISM_TYPE type;
+ CK_MECHANISM_INFO info;
+ PRBool privkey;
+};
+
+/*
+ * the following table includes a complete list of mechanism defined by
+ * PKCS #11 version 2.01. Those Mechanisms not supported by this PKCS #11
+ * module are ifdef'ed out.
+ */
+#define CKF_EN_DE CKF_ENCRYPT | CKF_DECRYPT
+#define CKF_WR_UN CKF_WRAP | CKF_UNWRAP
+#define CKF_SN_VR CKF_SIGN | CKF_VERIFY
+#define CKF_SN_RE CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER
+
+#define CKF_EN_DE_WR_UN CKF_EN_DE | CKF_WR_UN
+#define CKF_SN_VR_RE CKF_SN_VR | CKF_SN_RE
+#define CKF_DUZ_IT_ALL CKF_EN_DE_WR_UN | CKF_SN_VR_RE
+
+#define CKF_EC_PNU CKF_EC_FP | CKF_EC_NAMEDCURVE | CKF_EC_UNCOMPRESS
+
+#define CKF_EC_BPNU CKF_EC_F_2M | CKF_EC_PNU
+
+#define CK_MAX 0xffffffff
+
+static const struct mechanismList mechanisms[] = {
+
+ /*
+ * PKCS #11 Mechanism List.
+ *
+ * The first argument is the PKCS #11 Mechanism we support.
+ * The second argument is Mechanism info structure. It includes:
+ * The minimum key size,
+ * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
+ * in bytes for RC5, AES, Camellia, and CAST*
+ * ignored for DES*, IDEA and FORTEZZA based
+ * The maximum key size,
+ * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
+ * in bytes for RC5, AES, Camellia, and CAST*
+ * ignored for DES*, IDEA and FORTEZZA based
+ * Flags
+ * What operations are supported by this mechanism.
+ * The third argument is a bool which tells if this mechanism is
+ * supported in the database token.
+ *
+ */
+
+ /* ------------------------- RSA Operations ---------------------------*/
+ { CKM_RSA_PKCS_KEY_PAIR_GEN, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_DUZ_IT_ALL }, PR_TRUE },
+ { CKM_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_RSA_PKCS_OAEP, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_EN_DE_WR_UN }, PR_TRUE },
+#ifdef SFTK_RSA9796_SUPPORTED
+ { CKM_RSA_9796, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_DUZ_IT_ALL }, PR_TRUE },
+#endif
+ { CKM_RSA_X_509, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_DUZ_IT_ALL }, PR_TRUE },
+ /* -------------- RSA Multipart Signing Operations -------------------- */
+ { CKM_MD2_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD5_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA1_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ /* ------------------------- DSA Operations --------------------------- */
+ { CKM_DSA_KEY_PAIR_GEN, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_DSA, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ { CKM_DSA_PARAMETER_GEN, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_GENERATE }, PR_TRUE },
+ { CKM_DSA_SHA1, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ /* -------------------- Diffie Hellman Operations --------------------- */
+ /* no diffie hellman yet */
+ { CKM_DH_PKCS_KEY_PAIR_GEN, { DH_MIN_P_BITS, DH_MAX_P_BITS, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_DH_PKCS_DERIVE, { DH_MIN_P_BITS, DH_MAX_P_BITS, CKF_DERIVE }, PR_TRUE },
+#ifndef NSS_DISABLE_ECC
+ /* -------------------- Elliptic Curve Operations --------------------- */
+ { CKM_EC_KEY_PAIR_GEN, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_GENERATE_KEY_PAIR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDH1_DERIVE, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_DERIVE | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA_SHA1, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+#endif /* NSS_DISABLE_ECC */
+ /* ------------------------- RC2 Operations --------------------------- */
+ { CKM_RC2_KEY_GEN, { 1, 128, CKF_GENERATE }, PR_TRUE },
+ { CKM_RC2_ECB, { 1, 128, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC2_CBC, { 1, 128, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC2_MAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC2_MAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC2_CBC_PAD, { 1, 128, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- RC4 Operations --------------------------- */
+ { CKM_RC4_KEY_GEN, { 1, 256, CKF_GENERATE }, PR_FALSE },
+ { CKM_RC4, { 1, 256, CKF_EN_DE_WR_UN }, PR_FALSE },
+ /* ------------------------- DES Operations --------------------------- */
+ { CKM_DES_KEY_GEN, { 8, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_DES_ECB, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES_CBC, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES_MAC, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES_MAC_GENERAL, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES2_KEY_GEN, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_DES3_KEY_GEN, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_DES3_ECB, { 24, 24, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES3_CBC, { 24, 24, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES3_MAC, { 24, 24, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES3_MAC_GENERAL, { 24, 24, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES3_CBC_PAD, { 24, 24, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- CDMF Operations --------------------------- */
+ { CKM_CDMF_KEY_GEN, { 8, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_CDMF_ECB, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CDMF_CBC, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CDMF_MAC, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CDMF_MAC_GENERAL, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CDMF_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- AES Operations --------------------------- */
+ { CKM_AES_KEY_GEN, { 16, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_AES_ECB, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_CBC, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_CTS, { 16, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_AES_CTR, { 16, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_AES_GCM, { 16, 32, CKF_EN_DE }, PR_TRUE },
+ /* ------------------------- Camellia Operations --------------------- */
+ { CKM_CAMELLIA_KEY_GEN, { 16, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAMELLIA_ECB, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAMELLIA_CBC, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAMELLIA_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAMELLIA_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAMELLIA_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- SEED Operations --------------------------- */
+ { CKM_SEED_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_SEED_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_SEED_CBC, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_SEED_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_SEED_MAC_GENERAL, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_SEED_CBC_PAD, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+#ifndef NSS_DISABLE_CHACHAPOLY
+ /* ------------------------- ChaCha20 Operations ---------------------- */
+ { CKM_NSS_CHACHA20_KEY_GEN, { 32, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_CHACHA20_POLY1305, { 32, 32, CKF_EN_DE }, PR_TRUE },
+#endif /* NSS_DISABLE_CHACHAPOLY */
+ /* ------------------------- Hashing Operations ----------------------- */
+ { CKM_MD2, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_MD2_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD2_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD5, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_MD5_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD5_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA_1, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA_1_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA_1_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA224_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA256_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA384_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA512_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_TLS_PRF_GENERAL, { 0, 512, CKF_SN_VR }, PR_FALSE },
+ { CKM_TLS_MAC, { 0, 512, CKF_SN_VR }, PR_FALSE },
+ { CKM_NSS_TLS_PRF_GENERAL_SHA256,
+ { 0, 512, CKF_SN_VR },
+ PR_FALSE },
+ /* ------------------------- HKDF Operations -------------------------- */
+ { CKM_NSS_HKDF_SHA1, { 1, 128, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA256, { 1, 128, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA384, { 1, 128, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA512, { 1, 128, CKF_DERIVE }, PR_TRUE },
+/* ------------------------- CAST Operations --------------------------- */
+#ifdef NSS_SOFTOKEN_DOES_CAST
+ /* Cast operations are not supported ( yet? ) */
+ { CKM_CAST_KEY_GEN, { 1, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAST_ECB, { 1, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST_CBC, { 1, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST_MAC, { 1, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST_MAC_GENERAL, { 1, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST_CBC_PAD, { 1, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST3_KEY_GEN, { 1, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAST3_ECB, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST3_CBC, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST3_MAC, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST3_MAC_GENERAL, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST3_CBC_PAD, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST5_KEY_GEN, { 1, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAST5_ECB, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST5_CBC, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST5_MAC, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST5_MAC_GENERAL, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST5_CBC_PAD, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+#if NSS_SOFTOKEN_DOES_RC5
+ /* ------------------------- RC5 Operations --------------------------- */
+ { CKM_RC5_KEY_GEN, { 1, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_RC5_ECB, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC5_CBC, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC5_MAC, { 1, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC5_MAC_GENERAL, { 1, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC5_CBC_PAD, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+#ifdef NSS_SOFTOKEN_DOES_IDEA
+ /* ------------------------- IDEA Operations -------------------------- */
+ { CKM_IDEA_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_IDEA_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_IDEA_CBC, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_IDEA_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_IDEA_MAC_GENERAL, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_IDEA_CBC_PAD, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+ /* --------------------- Secret Key Operations ------------------------ */
+ { CKM_GENERIC_SECRET_KEY_GEN, { 1, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_CONCATENATE_BASE_AND_KEY, { 1, 32, CKF_GENERATE }, PR_FALSE },
+ { CKM_CONCATENATE_BASE_AND_DATA, { 1, 32, CKF_GENERATE }, PR_FALSE },
+ { CKM_CONCATENATE_DATA_AND_BASE, { 1, 32, CKF_GENERATE }, PR_FALSE },
+ { CKM_XOR_BASE_AND_DATA, { 1, 32, CKF_GENERATE }, PR_FALSE },
+ { CKM_EXTRACT_KEY_FROM_KEY, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ /* ---------------------- SSL Key Derivations ------------------------- */
+ { CKM_SSL3_PRE_MASTER_KEY_GEN, { 48, 48, CKF_GENERATE }, PR_FALSE },
+ { CKM_SSL3_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_MASTER_KEY_DERIVE_DH, { 8, 128, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_KEY_AND_MAC_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE }, PR_FALSE },
+ { CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE }, PR_FALSE },
+ { CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA224_KEY_DERIVATION, { 0, 28, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA256_KEY_DERIVATION, { 0, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA384_KEY_DERIVATION, { 0, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA512_KEY_DERIVATION, { 0, 64, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS12_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256,
+ { 48, 48, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_TLS_MASTER_KEY_DERIVE_DH, { 8, 128, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS12_MASTER_KEY_DERIVE_DH, { 8, 128, CKF_DERIVE }, PR_FALSE },
+ { CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256,
+ { 8, 128, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_TLS_KEY_AND_MAC_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS12_KEY_AND_MAC_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256,
+ { 48, 48, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE,
+ { 48, 128, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH,
+ { 48, 128, CKF_DERIVE },
+ PR_FALSE },
+ /* ---------------------- PBE Key Derivations ------------------------ */
+ { CKM_PBE_MD2_DES_CBC, { 8, 8, CKF_DERIVE }, PR_TRUE },
+ { CKM_PBE_MD5_DES_CBC, { 8, 8, CKF_DERIVE }, PR_TRUE },
+ /* ------------------ NETSCAPE PBE Key Derivations ------------------- */
+ { CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_DES3_EDE_CBC, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_DES2_EDE_CBC, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC2_40_CBC, { 40, 40, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC2_128_CBC, { 128, 128, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC4_40, { 40, 40, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC4_128, { 128, 128, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBA_SHA1_WITH_SHA1_HMAC, { 20, 20, CKF_GENERATE }, PR_TRUE },
+ { CKM_PKCS5_PBKD2, { 1, 256, CKF_GENERATE }, PR_TRUE },
+ { CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, { 20, 20, CKF_GENERATE }, PR_TRUE },
+ { CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ /* ------------------ AES Key Wrap (also encrypt) ------------------- */
+ { CKM_NETSCAPE_AES_KEY_WRAP, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_NETSCAPE_AES_KEY_WRAP_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* --------------------------- J-PAKE -------------------------------- */
+ { CKM_NSS_JPAKE_ROUND1_SHA1, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND1_SHA256, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND1_SHA384, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND1_SHA512, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA1, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA256, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA384, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA512, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA1, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA256, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA384, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA512, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ /* -------------------- Constant Time TLS MACs ----------------------- */
+ { CKM_NSS_HMAC_CONSTANT_TIME, { 0, 0, CKF_DIGEST }, PR_TRUE },
+ { CKM_NSS_SSL3_MAC_CONSTANT_TIME, { 0, 0, CKF_DIGEST }, PR_TRUE }
+};
+static const CK_ULONG mechanismCount = sizeof(mechanisms) / sizeof(mechanisms[0]);
+
+/* sigh global so fipstokn can read it */
+PRBool nsc_init = PR_FALSE;
+
+#if defined(CHECK_FORK_PTHREAD) || defined(CHECK_FORK_MIXED)
+
+#include <pthread.h>
+
+static void
+ForkedChild(void)
+{
+ if (nsc_init || nsf_init) {
+ forked = PR_TRUE;
+ }
+}
+
+#endif
+
+static char *
+sftk_setStringName(const char *inString, char *buffer, int buffer_length, PRBool nullTerminate)
+{
+ int full_length, string_length;
+
+ full_length = nullTerminate ? buffer_length - 1 : buffer_length;
+ string_length = PORT_Strlen(inString);
+ /*
+ * shorten the string, respecting utf8 encoding
+ * to do so, we work backward from the end
+ * bytes looking from the end are either:
+ * - ascii [0x00,0x7f]
+ * - the [2-n]th byte of a multibyte sequence
+ * [0x3F,0xBF], i.e, most significant 2 bits are '10'
+ * - the first byte of a multibyte sequence [0xC0,0xFD],
+ * i.e, most significant 2 bits are '11'
+ *
+ * When the string is too long, we lop off any trailing '10' bytes,
+ * if any. When these are all eliminated we lop off
+ * one additional byte. Thus if we lopped any '10'
+ * we'll be lopping a '11' byte (the first byte of the multibyte sequence),
+ * otherwise we're lopping off an ascii character.
+ *
+ * To test for '10' bytes, we first AND it with
+ * 11000000 (0xc0) so that we get 10000000 (0x80) if and only if
+ * the byte starts with 10. We test for equality.
+ */
+ while (string_length > full_length) {
+ /* need to shorten */
+ while (string_length > 0 &&
+ ((inString[string_length - 1] & (char)0xc0) == (char)0x80)) {
+ /* lop off '10' byte */
+ string_length--;
+ }
+ /*
+ * test string_length in case bad data is received
+ * and string consisted of all '10' bytes,
+ * avoiding any infinite loop
+ */
+ if (string_length) {
+ /* remove either '11' byte or an asci byte */
+ string_length--;
+ }
+ }
+ PORT_Memset(buffer, ' ', full_length);
+ if (nullTerminate) {
+ buffer[full_length] = 0;
+ }
+ PORT_Memcpy(buffer, inString, string_length);
+ return buffer;
+}
+/*
+ * Configuration utils
+ */
+static CK_RV
+sftk_configure(const char *man, const char *libdes)
+{
+
+ /* make sure the internationalization was done correctly... */
+ if (man) {
+ manufacturerID = sftk_setStringName(man, manufacturerID_space,
+ sizeof(manufacturerID_space), PR_TRUE);
+ }
+ if (libdes) {
+ libraryDescription = sftk_setStringName(libdes,
+ libraryDescription_space, sizeof(libraryDescription_space),
+ PR_TRUE);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * ******************** Password Utilities *******************************
+ */
+
+/*
+ * see if the key DB password is enabled
+ */
+static PRBool
+sftk_hasNullPassword(SFTKSlot *slot, SFTKDBHandle *keydb)
+{
+ PRBool pwenabled;
+
+ pwenabled = PR_FALSE;
+ if (sftkdb_HasPasswordSet(keydb) == SECSuccess) {
+ PRBool tokenRemoved = PR_FALSE;
+ SECStatus rv = sftkdb_CheckPassword(keydb, "", &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ return (rv == SECSuccess);
+ }
+
+ return pwenabled;
+}
+
+/*
+ * ******************** Object Creation Utilities ***************************
+ */
+
+/* Make sure a given attribute exists. If it doesn't, initialize it to
+ * value and len
+ */
+CK_RV
+sftk_defaultAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len)
+{
+ if (!sftk_hasAttribute(object, type)) {
+ return sftk_AddAttributeType(object, type, value, len);
+ }
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Data Object
+ */
+static CK_RV
+sftk_handleDataObject(SFTKSession *session, SFTKObject *object)
+{
+ CK_RV crv;
+
+ /* first reject private and token data objects */
+ if (sftk_isTrue(object, CKA_PRIVATE) || sftk_isTrue(object, CKA_TOKEN)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* now just verify the required date fields */
+ crv = sftk_defaultAttribute(object, CKA_APPLICATION, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VALUE, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Certificate Object
+ */
+static CK_RV
+sftk_handleCertObject(SFTKSession *session, SFTKObject *object)
+{
+ CK_CERTIFICATE_TYPE type;
+ SFTKAttribute *attribute;
+ CK_RV crv;
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_CERTIFICATE_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* We only support X.509 Certs for now */
+ attribute = sftk_FindAttribute(object, CKA_CERTIFICATE_TYPE);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ type = *(CK_CERTIFICATE_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ if (type != CKC_X_509) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* X.509 Certificate */
+
+ /* make sure we have a cert */
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* in PKCS #11, Subject is a required field */
+ if (!sftk_hasAttribute(object, CKA_SUBJECT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* in PKCS #11, Issuer is a required field */
+ if (!sftk_hasAttribute(object, CKA_ISSUER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* in PKCS #11, Serial is a required field */
+ if (!sftk_hasAttribute(object, CKA_SERIAL_NUMBER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* add it to the object */
+ object->objectInfo = NULL;
+ object->infoFree = (SFTKFree)NULL;
+
+ /* now just verify the required date fields */
+ crv = sftk_defaultAttribute(object, CKA_ID, NULL, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+sftk_handleTrustObject(SFTKSession *session, SFTKObject *object)
+{
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_ISSUER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_SERIAL_NUMBER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_CERT_SHA1_HASH)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_CERT_MD5_HASH)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+ CK_RV crv;
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+sftk_handleSMimeObject(SFTKSession *session, SFTKObject *object)
+{
+
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_SUBJECT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_NETSCAPE_EMAIL)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle;
+ CK_RV crv;
+
+ PORT_Assert(slot);
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ certHandle = sftk_getCertDB(slot);
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+sftk_handleCrlObject(SFTKSession *session, SFTKObject *object)
+{
+
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_SUBJECT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+ CK_RV crv;
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Public Key Object
+ */
+static CK_RV
+sftk_handlePublicKeyObject(SFTKSession *session, SFTKObject *object,
+ CK_KEY_TYPE key_type)
+{
+ CK_BBOOL encrypt = CK_TRUE;
+ CK_BBOOL recover = CK_TRUE;
+ CK_BBOOL wrap = CK_TRUE;
+ CK_BBOOL derive = CK_FALSE;
+ CK_BBOOL verify = CK_TRUE;
+ CK_RV crv;
+
+ switch (key_type) {
+ case CKK_RSA:
+ crv = sftk_ConstrainAttribute(object, CKA_MODULUS,
+ RSA_MIN_MODULUS_BITS, 0, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_PUBLIC_EXPONENT, 2, 0, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ break;
+ case CKK_DSA:
+ crv = sftk_ConstrainAttribute(object, CKA_SUBPRIME,
+ DSA_MIN_Q_BITS, DSA_MAX_Q_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_PRIME,
+ DSA_MIN_P_BITS, DSA_MAX_P_BITS, 64);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_BASE, 2, DSA_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_VALUE, 2, DSA_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ case CKK_DH:
+ crv = sftk_ConstrainAttribute(object, CKA_PRIME,
+ DH_MIN_P_BITS, DH_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_BASE, 2, DH_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_VALUE, 2, DH_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ verify = CK_FALSE;
+ derive = CK_TRUE;
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ if (!sftk_hasAttribute(object, CKA_EC_PARAMS)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_EC_POINT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ derive = CK_TRUE; /* for ECDH */
+ verify = CK_TRUE; /* for ECDSA */
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* make sure the required fields exist */
+ crv = sftk_defaultAttribute(object, CKA_SUBJECT, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_ENCRYPT, &encrypt, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VERIFY, &verify, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VERIFY_RECOVER,
+ &recover, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_WRAP, &wrap, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DERIVE, &derive, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ object->objectInfo = sftk_GetPubKey(object, key_type, &crv);
+ if (object->objectInfo == NULL) {
+ return crv;
+ }
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPublicKey;
+
+ /* Check that an imported EC key is valid */
+ if (key_type == CKK_EC) {
+ NSSLOWKEYPublicKey *pubKey = (NSSLOWKEYPublicKey *)object->objectInfo;
+ SECStatus rv = EC_ValidatePublicKey(&pubKey->u.ec.ecParams,
+ &pubKey->u.ec.publicValue);
+
+ if (rv != SECSuccess) {
+ return CKR_TEMPLATE_INCONSISTENT;
+ }
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+static NSSLOWKEYPrivateKey *
+sftk_mkPrivKey(SFTKObject *object, CK_KEY_TYPE key, CK_RV *rvp);
+
+static SECStatus
+sftk_verifyRSAPrivateKey(SFTKObject *object, PRBool fillIfNeeded);
+
+/*
+ * check the consistancy and initialize a Private Key Object
+ */
+static CK_RV
+sftk_handlePrivateKeyObject(SFTKSession *session, SFTKObject *object, CK_KEY_TYPE key_type)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL encrypt = CK_TRUE;
+ CK_BBOOL sign = CK_FALSE;
+ CK_BBOOL recover = CK_TRUE;
+ CK_BBOOL wrap = CK_TRUE;
+ CK_BBOOL derive = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ PRBool createObjectInfo = PR_TRUE;
+ PRBool fillPrivateKey = PR_FALSE;
+ int missing_rsa_mod_component = 0;
+ int missing_rsa_exp_component = 0;
+ int missing_rsa_crt_component = 0;
+
+ SECItem mod;
+ CK_RV crv;
+ SECStatus rv;
+
+ switch (key_type) {
+ case CKK_RSA:
+ if (!sftk_hasAttribute(object, CKA_MODULUS)) {
+ missing_rsa_mod_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
+ missing_rsa_exp_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
+ missing_rsa_exp_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PRIME_1)) {
+ missing_rsa_mod_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PRIME_2)) {
+ missing_rsa_mod_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_EXPONENT_1)) {
+ missing_rsa_crt_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_EXPONENT_2)) {
+ missing_rsa_crt_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_COEFFICIENT)) {
+ missing_rsa_crt_component++;
+ }
+ if (missing_rsa_mod_component || missing_rsa_exp_component ||
+ missing_rsa_crt_component) {
+ /* we are missing a component, see if we have enough to rebuild
+ * the rest */
+ int have_exp = 2 - missing_rsa_exp_component;
+ int have_component = 5 -
+ (missing_rsa_exp_component + missing_rsa_mod_component);
+
+ if ((have_exp == 0) || (have_component < 3)) {
+ /* nope, not enough to reconstruct the private key */
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ fillPrivateKey = PR_TRUE;
+ }
+ /*verify the parameters for consistency*/
+ rv = sftk_verifyRSAPrivateKey(object, fillPrivateKey);
+ if (rv != SECSuccess) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* make sure Netscape DB attribute is set correctly */
+ crv = sftk_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_forceAttribute(object, CKA_NETSCAPE_DB,
+ sftk_item_expand(&mod));
+ if (mod.data)
+ PORT_Free(mod.data);
+ if (crv != CKR_OK)
+ return crv;
+
+ sign = CK_TRUE;
+ derive = CK_FALSE;
+ break;
+ case CKK_DSA:
+ if (!sftk_hasAttribute(object, CKA_SUBPRIME)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ sign = CK_TRUE;
+ derive = CK_FALSE;
+ /* fall through */
+ case CKK_DH:
+ if (!sftk_hasAttribute(object, CKA_PRIME)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_BASE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ if (!sftk_hasAttribute(object, CKA_EC_PARAMS)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ encrypt = CK_FALSE;
+ sign = CK_TRUE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ case CKK_NSS_JPAKE_ROUND1:
+ if (!sftk_hasAttribute(object, CKA_PRIME) ||
+ !sftk_hasAttribute(object, CKA_SUBPRIME) ||
+ !sftk_hasAttribute(object, CKA_BASE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ /* fall through */
+ case CKK_NSS_JPAKE_ROUND2:
+ /* CKA_NSS_JPAKE_SIGNERID and CKA_NSS_JPAKE_PEERID are checked in
+ the J-PAKE code. */
+ encrypt = sign = recover = wrap = CK_FALSE;
+ derive = CK_TRUE;
+ createObjectInfo = PR_FALSE;
+ break;
+ default:
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ crv = sftk_defaultAttribute(object, CKA_SUBJECT, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SENSITIVE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_EXTRACTABLE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DECRYPT, &encrypt, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SIGN, &sign, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SIGN_RECOVER, &recover,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_UNWRAP, &wrap, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DERIVE, &derive, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ /* the next two bits get modified only in the key gen and token cases */
+ crv = sftk_forceAttribute(object, CKA_ALWAYS_SENSITIVE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_forceAttribute(object, CKA_NEVER_EXTRACTABLE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* should we check the non-token RSA private keys? */
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
+
+ if (keyHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(keyHandle, object, &object->handle);
+ sftk_freeDB(keyHandle);
+ return crv;
+ } else if (createObjectInfo) {
+ object->objectInfo = sftk_mkPrivKey(object, key_type, &crv);
+ if (object->objectInfo == NULL)
+ return crv;
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPrivateKey;
+ }
+ return CKR_OK;
+}
+
+/* forward declare the DES formating function for handleSecretKey */
+void sftk_FormatDESKey(unsigned char *key, int length);
+
+/* Validate secret key data, and set defaults */
+static CK_RV
+validateSecretKey(SFTKSession *session, SFTKObject *object,
+ CK_KEY_TYPE key_type, PRBool isFIPS)
+{
+ CK_RV crv;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ SFTKAttribute *attribute = NULL;
+ unsigned long requiredLen;
+
+ crv = sftk_defaultAttribute(object, CKA_SENSITIVE,
+ isFIPS ? &cktrue : &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_EXTRACTABLE,
+ &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_ENCRYPT, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DECRYPT, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SIGN, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VERIFY, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_WRAP, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_UNWRAP, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ /* the next two bits get modified only in the key gen and token cases */
+ crv = sftk_forceAttribute(object, CKA_ALWAYS_SENSITIVE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_forceAttribute(object, CKA_NEVER_EXTRACTABLE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* some types of keys have a value length */
+ crv = CKR_OK;
+ switch (key_type) {
+ /* force CKA_VALUE_LEN to be set */
+ case CKK_GENERIC_SECRET:
+ case CKK_RC2:
+ case CKK_RC4:
+#if NSS_SOFTOKEN_DOES_RC5
+ case CKK_RC5:
+#endif
+#ifdef NSS_SOFTOKEN_DOES_CAST
+ case CKK_CAST:
+ case CKK_CAST3:
+ case CKK_CAST5:
+#endif
+#if NSS_SOFTOKEN_DOES_IDEA
+ case CKK_IDEA:
+#endif
+ attribute = sftk_FindAttribute(object, CKA_VALUE);
+ /* shouldn't happen */
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ crv = sftk_forceAttribute(object, CKA_VALUE_LEN,
+ &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
+ sftk_FreeAttribute(attribute);
+ break;
+ /* force the value to have the correct parity */
+ case CKK_DES:
+ case CKK_DES2:
+ case CKK_DES3:
+ case CKK_CDMF:
+ attribute = sftk_FindAttribute(object, CKA_VALUE);
+ /* shouldn't happen */
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ requiredLen = sftk_MapKeySize(key_type);
+ if (attribute->attrib.ulValueLen != requiredLen) {
+ sftk_FreeAttribute(attribute);
+ return CKR_KEY_SIZE_RANGE;
+ }
+ sftk_FormatDESKey((unsigned char *)attribute->attrib.pValue,
+ attribute->attrib.ulValueLen);
+ sftk_FreeAttribute(attribute);
+ break;
+ case CKK_AES:
+ attribute = sftk_FindAttribute(object, CKA_VALUE);
+ /* shouldn't happen */
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ if (attribute->attrib.ulValueLen != 16 &&
+ attribute->attrib.ulValueLen != 24 &&
+ attribute->attrib.ulValueLen != 32) {
+ sftk_FreeAttribute(attribute);
+ return CKR_KEY_SIZE_RANGE;
+ }
+ crv = sftk_forceAttribute(object, CKA_VALUE_LEN,
+ &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
+ sftk_FreeAttribute(attribute);
+ break;
+ default:
+ break;
+ }
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Secret Key Object
+ */
+static CK_RV
+sftk_handleSecretKeyObject(SFTKSession *session, SFTKObject *object,
+ CK_KEY_TYPE key_type, PRBool isFIPS)
+{
+ CK_RV crv;
+
+ /* First validate and set defaults */
+ crv = validateSecretKey(session, object, key_type, isFIPS);
+ if (crv != CKR_OK)
+ goto loser;
+
+ /* If the object is a TOKEN object, store in the database */
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
+ CK_RV crv;
+
+ if (keyHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(keyHandle, object, &object->handle);
+ sftk_freeDB(keyHandle);
+ return crv;
+ }
+
+loser:
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Key Object
+ */
+static CK_RV
+sftk_handleKeyObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKAttribute *attribute;
+ CK_KEY_TYPE key_type;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_RV crv;
+
+ /* verify the required fields */
+ if (!sftk_hasAttribute(object, CKA_KEY_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* now verify the common fields */
+ crv = sftk_defaultAttribute(object, CKA_ID, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_START_DATE, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_END_DATE, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ /* CKA_DERIVE is common to all keys, but it's default value is
+ * key dependent */
+ crv = sftk_defaultAttribute(object, CKA_LOCAL, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* get the key type */
+ attribute = sftk_FindAttribute(object, CKA_KEY_TYPE);
+ if (!attribute) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ switch (object->objclass) {
+ case CKO_PUBLIC_KEY:
+ return sftk_handlePublicKeyObject(session, object, key_type);
+ case CKO_PRIVATE_KEY:
+ return sftk_handlePrivateKeyObject(session, object, key_type);
+ case CKO_SECRET_KEY:
+ /* make sure the required fields exist */
+ return sftk_handleSecretKeyObject(session, object, key_type,
+ (PRBool)(session->slot->slotID == FIPS_SLOT_ID));
+ default:
+ break;
+ }
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+}
+
+/*
+ * check the consistancy and Verify a DSA Parameter Object
+ */
+static CK_RV
+sftk_handleDSAParameterObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKAttribute *primeAttr = NULL;
+ SFTKAttribute *subPrimeAttr = NULL;
+ SFTKAttribute *baseAttr = NULL;
+ SFTKAttribute *seedAttr = NULL;
+ SFTKAttribute *hAttr = NULL;
+ SFTKAttribute *attribute;
+ CK_RV crv = CKR_TEMPLATE_INCOMPLETE;
+ PQGParams params;
+ PQGVerify vfy, *verify = NULL;
+ SECStatus result, rv;
+ /* This bool keeps track of whether or not we need verify parameters.
+ * If a P, Q and G or supplied, we dont' need verify parameters, as we
+ * have PQ and G.
+ * - If G is not supplied, the presumption is that we want to
+ * verify P and Q only.
+ * - If counter is supplied, it is presumed we want to verify PQ because
+ * the counter is only used in verification.
+ * - If H is supplied, is is presumed we want to verify G because H is
+ * only used to verify G.
+ * - Any verification step must have the SEED (counter or H could be
+ * missing depending on exactly what we want to verify). If SEED is supplied,
+ * the code just goes ahead and runs verify (other errors are parameter
+ * errors are detected by the PQG_VerifyParams function). If SEED is not
+ * supplied, but we determined that we are trying to verify (because needVfy
+ * is set, go ahead and return CKR_TEMPLATE_INCOMPLETE.
+ */
+ PRBool needVfy = PR_FALSE;
+
+ primeAttr = sftk_FindAttribute(object, CKA_PRIME);
+ if (primeAttr == NULL)
+ goto loser;
+ params.prime.data = primeAttr->attrib.pValue;
+ params.prime.len = primeAttr->attrib.ulValueLen;
+
+ subPrimeAttr = sftk_FindAttribute(object, CKA_SUBPRIME);
+ if (subPrimeAttr == NULL)
+ goto loser;
+ params.subPrime.data = subPrimeAttr->attrib.pValue;
+ params.subPrime.len = subPrimeAttr->attrib.ulValueLen;
+
+ baseAttr = sftk_FindAttribute(object, CKA_BASE);
+ if (baseAttr != NULL) {
+ params.base.data = baseAttr->attrib.pValue;
+ params.base.len = baseAttr->attrib.ulValueLen;
+ } else {
+ params.base.data = NULL;
+ params.base.len = 0;
+ needVfy = PR_TRUE; /* presumably only including PQ so we can verify
+ * them. */
+ }
+
+ attribute = sftk_FindAttribute(object, CKA_NETSCAPE_PQG_COUNTER);
+ if (attribute != NULL) {
+ vfy.counter = *(CK_ULONG *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+ needVfy = PR_TRUE; /* included a count so we can verify PQ */
+ } else {
+ vfy.counter = -1;
+ }
+
+ hAttr = sftk_FindAttribute(object, CKA_NETSCAPE_PQG_H);
+ if (hAttr != NULL) {
+ vfy.h.data = hAttr->attrib.pValue;
+ vfy.h.len = hAttr->attrib.ulValueLen;
+ needVfy = PR_TRUE; /* included H so we can verify G */
+ } else {
+ vfy.h.data = NULL;
+ vfy.h.len = 0;
+ }
+ seedAttr = sftk_FindAttribute(object, CKA_NETSCAPE_PQG_SEED);
+ if (seedAttr != NULL) {
+ vfy.seed.data = seedAttr->attrib.pValue;
+ vfy.seed.len = seedAttr->attrib.ulValueLen;
+
+ verify = &vfy;
+ } else if (needVfy) {
+ goto loser; /* Verify always needs seed, if we need verify and not seed
+ * then fail */
+ }
+
+ crv = CKR_FUNCTION_FAILED;
+ rv = PQG_VerifyParams(&params, verify, &result);
+ if (rv == SECSuccess) {
+ crv = (result == SECSuccess) ? CKR_OK : CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+loser:
+ if (hAttr)
+ sftk_FreeAttribute(hAttr);
+ if (seedAttr)
+ sftk_FreeAttribute(seedAttr);
+ if (baseAttr)
+ sftk_FreeAttribute(baseAttr);
+ if (subPrimeAttr)
+ sftk_FreeAttribute(subPrimeAttr);
+ if (primeAttr)
+ sftk_FreeAttribute(primeAttr);
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Key Parameter Object
+ */
+static CK_RV
+sftk_handleKeyParameterObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKAttribute *attribute;
+ CK_KEY_TYPE key_type;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_RV crv;
+
+ /* verify the required fields */
+ if (!sftk_hasAttribute(object, CKA_KEY_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* now verify the common fields */
+ crv = sftk_defaultAttribute(object, CKA_LOCAL, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* get the key type */
+ attribute = sftk_FindAttribute(object, CKA_KEY_TYPE);
+ if (!attribute) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ switch (key_type) {
+ case CKK_DSA:
+ return sftk_handleDSAParameterObject(session, object);
+
+ default:
+ break;
+ }
+ return CKR_KEY_TYPE_INCONSISTENT;
+}
+
+/*
+ * Handle Object does all the object consistancy checks, automatic attribute
+ * generation, attribute defaulting, etc. If handleObject succeeds, the object
+ * will be assigned an object handle, and the object installed in the session
+ * or stored in the DB.
+ */
+CK_RV
+sftk_handleObject(SFTKObject *object, SFTKSession *session)
+{
+ SFTKSlot *slot = session->slot;
+ SFTKAttribute *attribute;
+ SFTKObject *duplicateObject = NULL;
+ CK_OBJECT_HANDLE handle;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_RV crv;
+
+ /* make sure all the base object types are defined. If not set the
+ * defaults */
+ crv = sftk_defaultAttribute(object, CKA_TOKEN, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_PRIVATE, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_LABEL, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_MODIFIABLE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* don't create a private object if we aren't logged in */
+ if ((!slot->isLoggedIn) && (slot->needLogin) &&
+ (sftk_isTrue(object, CKA_PRIVATE))) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ if (((session->info.flags & CKF_RW_SESSION) == 0) &&
+ (sftk_isTrue(object, CKA_TOKEN))) {
+ return CKR_SESSION_READ_ONLY;
+ }
+
+ /* Assign a unique SESSION object handle to every new object,
+ * whether it is a session object or a token object.
+ * At this point, all new objects are structured as session objects.
+ * Objects with the CKA_TOKEN attribute true will be turned into
+ * token objects and will have a token object handle assigned to
+ * them by a call to sftk_mkHandle in the handler for each object
+ * class, invoked below.
+ *
+ * It may be helpful to note/remember that
+ * sftk_narrowToXxxObject uses sftk_isToken,
+ * sftk_isToken examines the sign bit of the object's handle, but
+ * sftk_isTrue(...,CKA_TOKEN) examines the CKA_TOKEN attribute.
+ */
+ do {
+ PRUint32 wrappedAround;
+
+ duplicateObject = NULL;
+ PZ_Lock(slot->objectLock);
+ wrappedAround = slot->sessionObjectHandleCount & SFTK_TOKEN_MASK;
+ handle = slot->sessionObjectHandleCount & ~SFTK_TOKEN_MASK;
+ if (!handle) /* don't allow zero handle */
+ handle = minSessionObjectHandle;
+ slot->sessionObjectHandleCount = (handle + 1U) | wrappedAround;
+ /* Is there already a session object with this handle? */
+ if (wrappedAround) {
+ sftkqueue_find(duplicateObject, handle, slot->sessObjHashTable,
+ slot->sessObjHashSize);
+ }
+ PZ_Unlock(slot->objectLock);
+ } while (duplicateObject != NULL);
+ object->handle = handle;
+
+ /* get the object class */
+ attribute = sftk_FindAttribute(object, CKA_CLASS);
+ if (attribute == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ object->objclass = *(CK_OBJECT_CLASS *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ /* Now handle the specific object class.
+ * At this point, all objects are session objects, and the session
+ * number must be passed to the object class handlers.
+ */
+ switch (object->objclass) {
+ case CKO_DATA:
+ crv = sftk_handleDataObject(session, object);
+ break;
+ case CKO_CERTIFICATE:
+ crv = sftk_handleCertObject(session, object);
+ break;
+ case CKO_NETSCAPE_TRUST:
+ crv = sftk_handleTrustObject(session, object);
+ break;
+ case CKO_NETSCAPE_CRL:
+ crv = sftk_handleCrlObject(session, object);
+ break;
+ case CKO_NETSCAPE_SMIME:
+ crv = sftk_handleSMimeObject(session, object);
+ break;
+ case CKO_PRIVATE_KEY:
+ case CKO_PUBLIC_KEY:
+ case CKO_SECRET_KEY:
+ crv = sftk_handleKeyObject(session, object);
+ break;
+ case CKO_KG_PARAMETERS:
+ crv = sftk_handleKeyParameterObject(session, object);
+ break;
+ default:
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+
+ /* can't fail from here on out unless the pk_handlXXX functions have
+ * failed the request */
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /* Now link the object into the slot and session structures.
+ * If the object has a true CKA_TOKEN attribute, the above object
+ * class handlers will have set the sign bit in the object handle,
+ * causing the following test to be true.
+ */
+ if (sftk_isToken(object->handle)) {
+ sftk_convertSessionToToken(object);
+ } else {
+ object->slot = slot;
+ sftk_AddObject(session, object);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * ******************** Public Key Utilities ***************************
+ */
+/* Generate a low public key structure from an object */
+NSSLOWKEYPublicKey *
+sftk_GetPubKey(SFTKObject *object, CK_KEY_TYPE key_type,
+ CK_RV *crvp)
+{
+ NSSLOWKEYPublicKey *pubKey;
+ PLArenaPool *arena;
+ CK_RV crv;
+
+ if (object->objclass != CKO_PUBLIC_KEY) {
+ *crvp = CKR_KEY_TYPE_INCONSISTENT;
+ return NULL;
+ }
+
+ if (sftk_isToken(object->handle)) {
+ /* ferret out the token object handle */
+ }
+
+ /* If we already have a key, use it */
+ if (object->objectInfo) {
+ *crvp = CKR_OK;
+ return (NSSLOWKEYPublicKey *)object->objectInfo;
+ }
+
+ /* allocate the structure */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ pubKey = (NSSLOWKEYPublicKey *)
+ PORT_ArenaAlloc(arena, sizeof(NSSLOWKEYPublicKey));
+ if (pubKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ /* fill in the structure */
+ pubKey->arena = arena;
+ switch (key_type) {
+ case CKK_RSA:
+ pubKey->keyType = NSSLOWKEYRSAKey;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.rsa.modulus,
+ object, CKA_MODULUS);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.rsa.publicExponent,
+ object, CKA_PUBLIC_EXPONENT);
+ break;
+ case CKK_DSA:
+ pubKey->keyType = NSSLOWKEYDSAKey;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.params.prime,
+ object, CKA_PRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.params.subPrime,
+ object, CKA_SUBPRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.params.base,
+ object, CKA_BASE);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.publicValue,
+ object, CKA_VALUE);
+ break;
+ case CKK_DH:
+ pubKey->keyType = NSSLOWKEYDHKey;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dh.prime,
+ object, CKA_PRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dh.base,
+ object, CKA_BASE);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dh.publicValue,
+ object, CKA_VALUE);
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ pubKey->keyType = NSSLOWKEYECKey;
+ crv = sftk_Attribute2SSecItem(arena,
+ &pubKey->u.ec.ecParams.DEREncoding,
+ object, CKA_EC_PARAMS);
+ if (crv != CKR_OK)
+ break;
+
+ /* Fill out the rest of the ecParams structure
+ * based on the encoded params
+ */
+ if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding,
+ &pubKey->u.ec.ecParams) != SECSuccess) {
+ crv = CKR_DOMAIN_PARAMS_INVALID;
+ break;
+ }
+
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.ec.publicValue,
+ object, CKA_EC_POINT);
+ if (crv == CKR_OK) {
+ unsigned int keyLen = EC_GetPointSize(&pubKey->u.ec.ecParams);
+
+ /* special note: We can't just use the first byte to distinguish
+ * between EC_POINT_FORM_UNCOMPRESSED and SEC_ASN1_OCTET_STRING.
+ * Both are 0x04. */
+
+ /* Handle the non-DER encoded case.
+ * Some curves are always pressumed to be non-DER.
+ */
+ if (pubKey->u.ec.publicValue.len == keyLen &&
+ (pubKey->u.ec.ecParams.fieldID.type == ec_field_plain ||
+ pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED)) {
+ break; /* key was not DER encoded, no need to unwrap */
+ }
+
+ PORT_Assert(pubKey->u.ec.ecParams.name != ECCurve25519);
+
+ /* handle the encoded case */
+ if ((pubKey->u.ec.publicValue.data[0] == SEC_ASN1_OCTET_STRING) &&
+ pubKey->u.ec.publicValue.len > keyLen) {
+ SECItem publicValue;
+ SECStatus rv;
+
+ rv = SEC_QuickDERDecodeItem(arena, &publicValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ &pubKey->u.ec.publicValue);
+ /* nope, didn't decode correctly */
+ if ((rv != SECSuccess) || (publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED) || (publicValue.len != keyLen)) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+ /* replace our previous with the decoded key */
+ pubKey->u.ec.publicValue = publicValue;
+ break;
+ }
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ *crvp = crv;
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ object->objectInfo = pubKey;
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPublicKey;
+ return pubKey;
+}
+
+/* make a private key from a verified object */
+static NSSLOWKEYPrivateKey *
+sftk_mkPrivKey(SFTKObject *object, CK_KEY_TYPE key_type, CK_RV *crvp)
+{
+ NSSLOWKEYPrivateKey *privKey;
+ SFTKItemTemplate itemTemplate[SFTK_MAX_ITEM_TEMPLATE];
+ int itemTemplateCount = 0;
+ PLArenaPool *arena;
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ privKey = (NSSLOWKEYPrivateKey *)
+ PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPrivateKey));
+ if (privKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ /* in future this would be a switch on key_type */
+ privKey->arena = arena;
+ switch (key_type) {
+ case CKK_RSA:
+ privKey->keyType = NSSLOWKEYRSAKey;
+
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.modulus, CKA_MODULUS);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.publicExponent, CKA_PUBLIC_EXPONENT);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.privateExponent, CKA_PRIVATE_EXPONENT);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.prime1, CKA_PRIME_1);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.prime2, CKA_PRIME_2);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.exponent1, CKA_EXPONENT_1);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.exponent2, CKA_EXPONENT_2);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.coefficient, CKA_COEFFICIENT);
+ itemTemplateCount++;
+ rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
+ NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
+ if (rv != SECSuccess)
+ crv = CKR_HOST_MEMORY;
+ break;
+
+ case CKK_DSA:
+ privKey->keyType = NSSLOWKEYDSAKey;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.params.prime, CKA_PRIME);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.params.subPrime, CKA_SUBPRIME);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.params.base, CKA_BASE);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.privateValue, CKA_VALUE);
+ itemTemplateCount++;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ break;
+
+ case CKK_DH:
+ privKey->keyType = NSSLOWKEYDHKey;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dh.prime, CKA_PRIME);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dh.base, CKA_BASE);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dh.privateValue, CKA_VALUE);
+ itemTemplateCount++;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ break;
+
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ privKey->keyType = NSSLOWKEYECKey;
+ crv = sftk_Attribute2SSecItem(arena,
+ &privKey->u.ec.ecParams.DEREncoding,
+ object, CKA_EC_PARAMS);
+ if (crv != CKR_OK)
+ break;
+
+ /* Fill out the rest of the ecParams structure
+ * based on the encoded params
+ */
+ if (EC_FillParams(arena, &privKey->u.ec.ecParams.DEREncoding,
+ &privKey->u.ec.ecParams) != SECSuccess) {
+ crv = CKR_DOMAIN_PARAMS_INVALID;
+ break;
+ }
+ crv = sftk_Attribute2SSecItem(arena, &privKey->u.ec.privateValue,
+ object, CKA_VALUE);
+ if (crv != CKR_OK)
+ break;
+
+ if (sftk_hasAttribute(object, CKA_NETSCAPE_DB)) {
+ crv = sftk_Attribute2SSecItem(arena, &privKey->u.ec.publicValue,
+ object, CKA_NETSCAPE_DB);
+ if (crv != CKR_OK)
+ break;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ }
+ rv = DER_SetUInteger(privKey->arena, &privKey->u.ec.version,
+ NSSLOWKEY_EC_PRIVATE_KEY_VERSION);
+ if (rv != SECSuccess) {
+ crv = CKR_HOST_MEMORY;
+/* The following ifdef is needed for Linux arm distros and
+ * Android as gcc 4.6 has a bug when targeting arm (but not
+ * thumb). The bug has been fixed in gcc 4.7.
+ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56561
+ */
+#if defined(__arm__) && !defined(__thumb__) && defined(__GNUC__)
+ *crvp = CKR_HOST_MEMORY;
+ break;
+#endif
+ }
+ break;
+#endif /* NSS_DISABLE_ECC */
+
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ if (crv == CKR_OK && itemTemplateCount != 0) {
+ PORT_Assert(itemTemplateCount > 0);
+ PORT_Assert(itemTemplateCount <= SFTK_MAX_ITEM_TEMPLATE);
+ crv = sftk_MultipleAttribute2SecItem(arena, object, itemTemplate,
+ itemTemplateCount);
+ }
+ *crvp = crv;
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ return privKey;
+}
+
+/*
+ * If a partial RSA private key is present, fill in the rest if necessary,
+ * and then verify the parameters are well-formed
+ */
+static SECStatus
+sftk_verifyRSAPrivateKey(SFTKObject *object, PRBool fillIfNeeded)
+{
+ RSAPrivateKey tmpKey = { 0 };
+ SFTKAttribute *modulus = NULL;
+ SFTKAttribute *prime1 = NULL;
+ SFTKAttribute *prime2 = NULL;
+ SFTKAttribute *privateExponent = NULL;
+ SFTKAttribute *publicExponent = NULL;
+ SFTKAttribute *exponent1 = NULL;
+ SFTKAttribute *exponent2 = NULL;
+ SFTKAttribute *coefficient = NULL;
+ SECStatus rv;
+ CK_RV crv;
+
+ /* first fill in the components that we have. Populate only uses
+ * the non-crt components, so only fill those in */
+ tmpKey.arena = NULL;
+ modulus = sftk_FindAttribute(object, CKA_MODULUS);
+ if (modulus) {
+ tmpKey.modulus.data = modulus->attrib.pValue;
+ tmpKey.modulus.len = modulus->attrib.ulValueLen;
+ }
+ prime1 = sftk_FindAttribute(object, CKA_PRIME_1);
+ if (prime1) {
+ tmpKey.prime1.data = prime1->attrib.pValue;
+ tmpKey.prime1.len = prime1->attrib.ulValueLen;
+ }
+ prime2 = sftk_FindAttribute(object, CKA_PRIME_2);
+ if (prime2) {
+ tmpKey.prime2.data = prime2->attrib.pValue;
+ tmpKey.prime2.len = prime2->attrib.ulValueLen;
+ }
+ privateExponent = sftk_FindAttribute(object, CKA_PRIVATE_EXPONENT);
+ if (privateExponent) {
+ tmpKey.privateExponent.data = privateExponent->attrib.pValue;
+ tmpKey.privateExponent.len = privateExponent->attrib.ulValueLen;
+ }
+ publicExponent = sftk_FindAttribute(object, CKA_PUBLIC_EXPONENT);
+ if (publicExponent) {
+ tmpKey.publicExponent.data = publicExponent->attrib.pValue;
+ tmpKey.publicExponent.len = publicExponent->attrib.ulValueLen;
+ }
+ exponent1 = sftk_FindAttribute(object, CKA_EXPONENT_1);
+ if (exponent1) {
+ tmpKey.exponent1.data = exponent1->attrib.pValue;
+ tmpKey.exponent1.len = exponent1->attrib.ulValueLen;
+ }
+ exponent2 = sftk_FindAttribute(object, CKA_EXPONENT_2);
+ if (exponent2) {
+ tmpKey.exponent2.data = exponent2->attrib.pValue;
+ tmpKey.exponent2.len = exponent2->attrib.ulValueLen;
+ }
+ coefficient = sftk_FindAttribute(object, CKA_COEFFICIENT);
+ if (coefficient) {
+ tmpKey.coefficient.data = coefficient->attrib.pValue;
+ tmpKey.coefficient.len = coefficient->attrib.ulValueLen;
+ }
+
+ if (fillIfNeeded) {
+ /*
+ * populate requires one exponent plus 2 other components to work.
+ * we expected our caller to check that first. If that didn't happen,
+ * populate will simply return an error here.
+ */
+ rv = RSA_PopulatePrivateKey(&tmpKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ rv = RSA_PrivateKeyCheck(&tmpKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* now that we have a fully populated key, set all our attribute values */
+ rv = SECFailure;
+ if (!modulus || modulus->attrib.pValue != tmpKey.modulus.data) {
+ crv = sftk_forceAttribute(object, CKA_MODULUS,
+ sftk_item_expand(&tmpKey.modulus));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!publicExponent ||
+ publicExponent->attrib.pValue != tmpKey.publicExponent.data) {
+ crv = sftk_forceAttribute(object, CKA_PUBLIC_EXPONENT,
+ sftk_item_expand(&tmpKey.publicExponent));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!privateExponent ||
+ privateExponent->attrib.pValue != tmpKey.privateExponent.data) {
+ crv = sftk_forceAttribute(object, CKA_PRIVATE_EXPONENT,
+ sftk_item_expand(&tmpKey.privateExponent));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!prime1 || prime1->attrib.pValue != tmpKey.prime1.data) {
+ crv = sftk_forceAttribute(object, CKA_PRIME_1,
+ sftk_item_expand(&tmpKey.prime1));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!prime2 || prime2->attrib.pValue != tmpKey.prime2.data) {
+ crv = sftk_forceAttribute(object, CKA_PRIME_2,
+ sftk_item_expand(&tmpKey.prime2));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!exponent1 || exponent1->attrib.pValue != tmpKey.exponent1.data) {
+ crv = sftk_forceAttribute(object, CKA_EXPONENT_1,
+ sftk_item_expand(&tmpKey.exponent1));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!exponent2 || exponent2->attrib.pValue != tmpKey.exponent2.data) {
+ crv = sftk_forceAttribute(object, CKA_EXPONENT_2,
+ sftk_item_expand(&tmpKey.exponent2));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!coefficient || coefficient->attrib.pValue != tmpKey.coefficient.data) {
+ crv = sftk_forceAttribute(object, CKA_COEFFICIENT,
+ sftk_item_expand(&tmpKey.coefficient));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ rv = SECSuccess;
+
+/* we're done (one way or the other), clean up all our stuff */
+loser:
+ if (tmpKey.arena) {
+ PORT_FreeArena(tmpKey.arena, PR_TRUE);
+ }
+ if (modulus) {
+ sftk_FreeAttribute(modulus);
+ }
+ if (prime1) {
+ sftk_FreeAttribute(prime1);
+ }
+ if (prime2) {
+ sftk_FreeAttribute(prime2);
+ }
+ if (privateExponent) {
+ sftk_FreeAttribute(privateExponent);
+ }
+ if (publicExponent) {
+ sftk_FreeAttribute(publicExponent);
+ }
+ if (exponent1) {
+ sftk_FreeAttribute(exponent1);
+ }
+ if (exponent2) {
+ sftk_FreeAttribute(exponent2);
+ }
+ if (coefficient) {
+ sftk_FreeAttribute(coefficient);
+ }
+ return rv;
+}
+
+/* Generate a low private key structure from an object */
+NSSLOWKEYPrivateKey *
+sftk_GetPrivKey(SFTKObject *object, CK_KEY_TYPE key_type, CK_RV *crvp)
+{
+ NSSLOWKEYPrivateKey *priv = NULL;
+
+ if (object->objclass != CKO_PRIVATE_KEY) {
+ *crvp = CKR_KEY_TYPE_INCONSISTENT;
+ return NULL;
+ }
+ if (object->objectInfo) {
+ *crvp = CKR_OK;
+ return (NSSLOWKEYPrivateKey *)object->objectInfo;
+ }
+
+ priv = sftk_mkPrivKey(object, key_type, crvp);
+ object->objectInfo = priv;
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPrivateKey;
+ return priv;
+}
+
+/*
+ **************************** Symetric Key utils ************************
+ */
+/*
+ * set the DES key with parity bits correctly
+ */
+void
+sftk_FormatDESKey(unsigned char *key, int length)
+{
+ int i;
+
+ /* format the des key */
+ for (i = 0; i < length; i++) {
+ key[i] = parityTable[key[i] >> 1];
+ }
+}
+
+/*
+ * check a des key (des2 or des3 subkey) for weak keys.
+ */
+PRBool
+sftk_CheckDESKey(unsigned char *key)
+{
+ int i;
+
+ /* format the des key with parity */
+ sftk_FormatDESKey(key, 8);
+
+ for (i = 0; i < sftk_desWeakTableSize; i++) {
+ if (PORT_Memcmp(key, sftk_desWeakTable[i], 8) == 0) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+/*
+ * check if a des or triple des key is weak.
+ */
+PRBool
+sftk_IsWeakKey(unsigned char *key, CK_KEY_TYPE key_type)
+{
+
+ switch (key_type) {
+ case CKK_DES:
+ return sftk_CheckDESKey(key);
+ case CKM_DES2_KEY_GEN:
+ if (sftk_CheckDESKey(key))
+ return PR_TRUE;
+ return sftk_CheckDESKey(&key[8]);
+ case CKM_DES3_KEY_GEN:
+ if (sftk_CheckDESKey(key))
+ return PR_TRUE;
+ if (sftk_CheckDESKey(&key[8]))
+ return PR_TRUE;
+ return sftk_CheckDESKey(&key[16]);
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+/**********************************************************************
+ *
+ * Start of PKCS 11 functions
+ *
+ **********************************************************************/
+
+/* return the function list */
+CK_RV
+NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
+{
+ *pFunctionList = (CK_FUNCTION_LIST_PTR)&sftk_funcList;
+ return CKR_OK;
+}
+
+/* return the function list */
+CK_RV
+C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
+{
+ return NSC_GetFunctionList(pFunctionList);
+}
+
+static PLHashNumber
+sftk_HashNumber(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+/*
+ * eventually I'd like to expunge all occurances of XXX_SLOT_ID and
+ * just go with the info in the slot. This is one place, however,
+ * where it might be a little difficult.
+ */
+const char *
+sftk_getDefTokName(CK_SLOT_ID slotID)
+{
+ static char buf[33];
+
+ switch (slotID) {
+ case NETSCAPE_SLOT_ID:
+ return "NSS Generic Crypto Services ";
+ case PRIVATE_KEY_SLOT_ID:
+ return "NSS Certificate DB ";
+ case FIPS_SLOT_ID:
+ return "NSS FIPS 140-2 Certificate DB ";
+ default:
+ break;
+ }
+ sprintf(buf, "NSS Application Token %08x ", (unsigned int)slotID);
+ return buf;
+}
+
+const char *
+sftk_getDefSlotName(CK_SLOT_ID slotID)
+{
+ static char buf[65];
+
+ switch (slotID) {
+ case NETSCAPE_SLOT_ID:
+ return "NSS Internal Cryptographic Services ";
+ case PRIVATE_KEY_SLOT_ID:
+ return "NSS User Private Key and Certificate Services ";
+ case FIPS_SLOT_ID:
+ return "NSS FIPS 140-2 User Private Key Services ";
+ default:
+ break;
+ }
+ sprintf(buf,
+ "NSS Application Slot %08x ",
+ (unsigned int)slotID);
+ return buf;
+}
+
+static CK_ULONG nscSlotCount[2] = { 0, 0 };
+static CK_SLOT_ID_PTR nscSlotList[2] = { NULL, NULL };
+static CK_ULONG nscSlotListSize[2] = { 0, 0 };
+static PLHashTable *nscSlotHashTable[2] = { NULL, NULL };
+
+static unsigned int
+sftk_GetModuleIndex(CK_SLOT_ID slotID)
+{
+ if ((slotID == FIPS_SLOT_ID) || (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID)) {
+ return NSC_FIPS_MODULE;
+ }
+ return NSC_NON_FIPS_MODULE;
+}
+
+/* look up a slot structure from the ID (used to be a macro when we only
+ * had two slots) */
+/* if all is true, return the slot even if it has been 'unloaded' */
+/* if all is false, only return the slots which are present */
+SFTKSlot *
+sftk_SlotFromID(CK_SLOT_ID slotID, PRBool all)
+{
+ SFTKSlot *slot;
+ int index = sftk_GetModuleIndex(slotID);
+
+ if (nscSlotHashTable[index] == NULL)
+ return NULL;
+ slot = (SFTKSlot *)PL_HashTableLookupConst(nscSlotHashTable[index],
+ (void *)slotID);
+ /* cleared slots shouldn't 'show up' */
+ if (slot && !all && !slot->present)
+ slot = NULL;
+ return slot;
+}
+
+SFTKSlot *
+sftk_SlotFromSessionHandle(CK_SESSION_HANDLE handle)
+{
+ CK_ULONG slotIDIndex = (handle >> 24) & 0x7f;
+ CK_ULONG moduleIndex = (handle >> 31) & 1;
+
+ if (slotIDIndex >= nscSlotCount[moduleIndex]) {
+ return NULL;
+ }
+
+ return sftk_SlotFromID(nscSlotList[moduleIndex][slotIDIndex], PR_FALSE);
+}
+
+static CK_RV
+sftk_RegisterSlot(SFTKSlot *slot, int moduleIndex)
+{
+ PLHashEntry *entry;
+ unsigned int index;
+
+ index = sftk_GetModuleIndex(slot->slotID);
+
+ /* make sure the slotID for this module is valid */
+ if (moduleIndex != index) {
+ return CKR_SLOT_ID_INVALID;
+ }
+
+ if (nscSlotList[index] == NULL) {
+ nscSlotListSize[index] = NSC_SLOT_LIST_BLOCK_SIZE;
+ nscSlotList[index] = (CK_SLOT_ID *)
+ PORT_ZAlloc(nscSlotListSize[index] * sizeof(CK_SLOT_ID));
+ if (nscSlotList[index] == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ }
+ if (nscSlotCount[index] >= nscSlotListSize[index]) {
+ CK_SLOT_ID *oldNscSlotList = nscSlotList[index];
+ CK_ULONG oldNscSlotListSize = nscSlotListSize[index];
+ nscSlotListSize[index] += NSC_SLOT_LIST_BLOCK_SIZE;
+ nscSlotList[index] = (CK_SLOT_ID *)PORT_Realloc(oldNscSlotList,
+ nscSlotListSize[index] * sizeof(CK_SLOT_ID));
+ if (nscSlotList[index] == NULL) {
+ nscSlotList[index] = oldNscSlotList;
+ nscSlotListSize[index] = oldNscSlotListSize;
+ return CKR_HOST_MEMORY;
+ }
+ }
+
+ if (nscSlotHashTable[index] == NULL) {
+ nscSlotHashTable[index] = PL_NewHashTable(64, sftk_HashNumber,
+ PL_CompareValues, PL_CompareValues, NULL, 0);
+ if (nscSlotHashTable[index] == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ }
+
+ entry = PL_HashTableAdd(nscSlotHashTable[index], (void *)slot->slotID, slot);
+ if (entry == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ slot->index = (nscSlotCount[index] & 0x7f) | ((index << 7) & 0x80);
+ nscSlotList[index][nscSlotCount[index]++] = slot->slotID;
+
+ return CKR_OK;
+}
+
+/*
+ * ths function has all the common initialization that happens whenever we
+ * create a new slot or repurpose an old slot (only valid for slotID's 4
+ * and greater).
+ *
+ * things that are not reinitialized are:
+ * slotID (can't change)
+ * slotDescription (can't change once defined)
+ * the locks and hash tables (difficult to change in running code, and
+ * unnecessary. hash tables and list are cleared on shutdown, but they
+ * are cleared in a 'friendly' way).
+ * session and object ID counters -- so any old sessions and objects in the
+ * application will get properly notified that the world has changed.
+ *
+ * things that are reinitialized:
+ * database (otherwise what would the point be;).
+ * state variables related to databases.
+ * session count stat info.
+ * tokenDescription.
+ *
+ * NOTE: slotID's 4 and greater show up as removable devices.
+ *
+ */
+CK_RV
+SFTK_SlotReInit(SFTKSlot *slot, char *configdir, char *updatedir,
+ char *updateID, sftk_token_parameters *params, int moduleIndex)
+{
+ PRBool needLogin = !params->noKeyDB;
+ CK_RV crv;
+
+ slot->hasTokens = PR_FALSE;
+ slot->sessionIDConflict = 0;
+ slot->sessionCount = 0;
+ slot->rwSessionCount = 0;
+ slot->needLogin = PR_FALSE;
+ slot->isLoggedIn = PR_FALSE;
+ slot->ssoLoggedIn = PR_FALSE;
+ slot->DB_loaded = PR_FALSE;
+ slot->certDB = NULL;
+ slot->keyDB = NULL;
+ slot->minimumPinLen = 0;
+ slot->readOnly = params->readOnly;
+ sftk_setStringName(params->tokdes ? params->tokdes : sftk_getDefTokName(slot->slotID), slot->tokDescription,
+ sizeof(slot->tokDescription), PR_TRUE);
+ sftk_setStringName(params->updtokdes ? params->updtokdes : " ",
+ slot->updateTokDescription,
+ sizeof(slot->updateTokDescription), PR_TRUE);
+
+ if ((!params->noCertDB) || (!params->noKeyDB)) {
+ SFTKDBHandle *certHandle = NULL;
+ SFTKDBHandle *keyHandle = NULL;
+ crv = sftk_DBInit(params->configdir ? params->configdir : configdir,
+ params->certPrefix, params->keyPrefix,
+ params->updatedir ? params->updatedir : updatedir,
+ params->updCertPrefix, params->updKeyPrefix,
+ params->updateID ? params->updateID : updateID,
+ params->readOnly, params->noCertDB, params->noKeyDB,
+ params->forceOpen,
+ moduleIndex == NSC_FIPS_MODULE,
+ &certHandle, &keyHandle);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ slot->certDB = certHandle;
+ slot->keyDB = keyHandle;
+ }
+ if (needLogin) {
+ /* if the data base is initialized with a null password,remember that */
+ slot->needLogin =
+ (PRBool)!sftk_hasNullPassword(slot, slot->keyDB);
+ if ((params->minPW >= 0) && (params->minPW <= SFTK_MAX_PIN)) {
+ slot->minimumPinLen = params->minPW;
+ }
+ if ((slot->minimumPinLen == 0) && (params->pwRequired)) {
+ slot->minimumPinLen = 1;
+ }
+ /* Make sure the pin len is set to the Minimum allowed value for fips
+ * when in FIPS mode. NOTE: we don't set it if the database has not
+ * been initialized yet so that we can init into level1 mode if needed
+ */
+ if ((sftkdb_HasPasswordSet(slot->keyDB) == SECSuccess) &&
+ (moduleIndex == NSC_FIPS_MODULE) &&
+ (slot->minimumPinLen < FIPS_MIN_PIN)) {
+ slot->minimumPinLen = FIPS_MIN_PIN;
+ }
+ }
+
+ slot->present = PR_TRUE;
+ return CKR_OK;
+
+loser:
+ SFTK_ShutdownSlot(slot);
+ return crv;
+}
+
+/*
+ * initialize one of the slot structures. figure out which by the ID
+ */
+CK_RV
+SFTK_SlotInit(char *configdir, char *updatedir, char *updateID,
+ sftk_token_parameters *params, int moduleIndex)
+{
+ unsigned int i;
+ CK_SLOT_ID slotID = params->slotID;
+ SFTKSlot *slot;
+ CK_RV crv = CKR_HOST_MEMORY;
+
+ /*
+ * first we initialize everything that is 'permanent' with this slot.
+ * that is everything we aren't going to shutdown if we close this slot
+ * and open it up again with different databases */
+
+ slot = PORT_ZNew(SFTKSlot);
+
+ if (slot == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ slot->optimizeSpace = params->optimizeSpace;
+ if (slot->optimizeSpace) {
+ slot->sessObjHashSize = SPACE_SESSION_OBJECT_HASH_SIZE;
+ slot->sessHashSize = SPACE_SESSION_HASH_SIZE;
+ slot->numSessionLocks = 1;
+ } else {
+ slot->sessObjHashSize = TIME_SESSION_OBJECT_HASH_SIZE;
+ slot->sessHashSize = TIME_SESSION_HASH_SIZE;
+ slot->numSessionLocks = slot->sessHashSize / BUCKETS_PER_SESSION_LOCK;
+ }
+ slot->sessionLockMask = slot->numSessionLocks - 1;
+
+ slot->slotLock = PZ_NewLock(nssILockSession);
+ if (slot->slotLock == NULL)
+ goto mem_loser;
+ slot->sessionLock = PORT_ZNewArray(PZLock *, slot->numSessionLocks);
+ if (slot->sessionLock == NULL)
+ goto mem_loser;
+ for (i = 0; i < slot->numSessionLocks; i++) {
+ slot->sessionLock[i] = PZ_NewLock(nssILockSession);
+ if (slot->sessionLock[i] == NULL)
+ goto mem_loser;
+ }
+ slot->objectLock = PZ_NewLock(nssILockObject);
+ if (slot->objectLock == NULL)
+ goto mem_loser;
+ slot->pwCheckLock = PR_NewLock();
+ if (slot->pwCheckLock == NULL)
+ goto mem_loser;
+ slot->head = PORT_ZNewArray(SFTKSession *, slot->sessHashSize);
+ if (slot->head == NULL)
+ goto mem_loser;
+ slot->sessObjHashTable = PORT_ZNewArray(SFTKObject *, slot->sessObjHashSize);
+ if (slot->sessObjHashTable == NULL)
+ goto mem_loser;
+ slot->tokObjHashTable = PL_NewHashTable(64, sftk_HashNumber, PL_CompareValues,
+ SECITEM_HashCompare, NULL, 0);
+ if (slot->tokObjHashTable == NULL)
+ goto mem_loser;
+
+ slot->sessionIDCount = 0;
+ slot->sessionObjectHandleCount = minSessionObjectHandle;
+ slot->slotID = slotID;
+ sftk_setStringName(params->slotdes ? params->slotdes : sftk_getDefSlotName(slotID), slot->slotDescription,
+ sizeof(slot->slotDescription), PR_TRUE);
+
+ /* call the reinit code to set everything that changes between token
+ * init calls */
+ crv = SFTK_SlotReInit(slot, configdir, updatedir, updateID,
+ params, moduleIndex);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = sftk_RegisterSlot(slot, moduleIndex);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ return CKR_OK;
+
+mem_loser:
+ crv = CKR_HOST_MEMORY;
+loser:
+ SFTK_DestroySlotData(slot);
+ return crv;
+}
+
+CK_RV
+sftk_CloseAllSessions(SFTKSlot *slot, PRBool logout)
+{
+ SFTKSession *session;
+ unsigned int i;
+ SFTKDBHandle *handle;
+
+ /* first log out the card */
+ /* special case - if we are in a middle of upgrade, we want to close the
+ * sessions to fake a token removal to tell the upper level code we have
+ * switched from one database to another, but we don't want to
+ * explicity logout in case we can continue the upgrade with the
+ * existing password if possible.
+ */
+ if (logout) {
+ handle = sftk_getKeyDB(slot);
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ slot->isLoggedIn = PR_FALSE;
+ if (slot->needLogin && handle) {
+ sftkdb_ClearPassword(handle);
+ }
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ }
+
+ /* now close all the current sessions */
+ /* NOTE: If you try to open new sessions before NSC_CloseAllSessions
+ * completes, some of those new sessions may or may not be closed by
+ * NSC_CloseAllSessions... but any session running when this code starts
+ * will guarrenteed be close, and no session will be partially closed */
+ for (i = 0; i < slot->sessHashSize; i++) {
+ PZLock *lock = SFTK_SESSION_LOCK(slot, i);
+ do {
+ SKIP_AFTER_FORK(PZ_Lock(lock));
+ session = slot->head[i];
+ /* hand deque */
+ /* this duplicates function of NSC_close session functions, but
+ * because we know that we are freeing all the sessions, we can
+ * do more efficient processing */
+ if (session) {
+ slot->head[i] = session->next;
+ if (session->next)
+ session->next->prev = NULL;
+ session->next = session->prev = NULL;
+ SKIP_AFTER_FORK(PZ_Unlock(lock));
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ --slot->sessionCount;
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ if (session->info.flags & CKF_RW_SESSION) {
+ (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount);
+ }
+ } else {
+ SKIP_AFTER_FORK(PZ_Unlock(lock));
+ }
+ if (session)
+ sftk_FreeSession(session);
+ } while (session != NULL);
+ }
+ return CKR_OK;
+}
+
+/*
+ * shut down the databases.
+ * we get the slot lock (which also protects slot->certDB and slot->keyDB)
+ * and clear the values so the new users will not find the databases.
+ * once things are clear, we can release our references to the databases.
+ * The databases will close when the last reference is released.
+ *
+ * We use reference counts so that we don't crash if someone shuts down
+ * a token that another thread is actively using.
+ */
+static void
+sftk_DBShutdown(SFTKSlot *slot)
+{
+ SFTKDBHandle *certHandle;
+ SFTKDBHandle *keyHandle;
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ certHandle = slot->certDB;
+ slot->certDB = NULL;
+ keyHandle = slot->keyDB;
+ slot->keyDB = NULL;
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ if (certHandle) {
+ sftk_freeDB(certHandle);
+ }
+ if (keyHandle) {
+ sftk_freeDB(keyHandle);
+ }
+}
+
+CK_RV
+SFTK_ShutdownSlot(SFTKSlot *slot)
+{
+ /* make sure no new PK11 calls work except C_GetSlotInfo */
+ slot->present = PR_FALSE;
+
+ /* close all outstanding sessions
+ * the sessHashSize variable guarentees we have all the session
+ * mechanism set up */
+ if (slot->head) {
+ sftk_CloseAllSessions(slot, PR_TRUE);
+ }
+
+ /* clear all objects.. session objects are cleared as a result of
+ * closing all the sessions. We just need to clear the token object
+ * cache. slot->tokObjHashTable guarentees we have the token
+ * infrastructure set up. */
+ if (slot->tokObjHashTable) {
+ SFTK_ClearTokenKeyHashTable(slot);
+ }
+
+ /* clear the slot description for the next guy */
+ PORT_Memset(slot->tokDescription, 0, sizeof(slot->tokDescription));
+
+ /* now shut down the databases. */
+ sftk_DBShutdown(slot);
+ return CKR_OK;
+}
+
+/*
+ * initialize one of the slot structures. figure out which by the ID
+ */
+CK_RV
+SFTK_DestroySlotData(SFTKSlot *slot)
+{
+ unsigned int i;
+
+ SFTK_ShutdownSlot(slot);
+
+ if (slot->tokObjHashTable) {
+ PL_HashTableDestroy(slot->tokObjHashTable);
+ slot->tokObjHashTable = NULL;
+ }
+
+ if (slot->sessObjHashTable) {
+ PORT_Free(slot->sessObjHashTable);
+ slot->sessObjHashTable = NULL;
+ }
+ slot->sessObjHashSize = 0;
+
+ if (slot->head) {
+ PORT_Free(slot->head);
+ slot->head = NULL;
+ }
+ slot->sessHashSize = 0;
+
+ /* OK everything has been disassembled, now we can finally get rid
+ * of the locks */
+ SKIP_AFTER_FORK(PZ_DestroyLock(slot->slotLock));
+ slot->slotLock = NULL;
+ if (slot->sessionLock) {
+ for (i = 0; i < slot->numSessionLocks; i++) {
+ if (slot->sessionLock[i]) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(slot->sessionLock[i]));
+ slot->sessionLock[i] = NULL;
+ }
+ }
+ PORT_Free(slot->sessionLock);
+ slot->sessionLock = NULL;
+ }
+ if (slot->objectLock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(slot->objectLock));
+ slot->objectLock = NULL;
+ }
+ if (slot->pwCheckLock) {
+ SKIP_AFTER_FORK(PR_DestroyLock(slot->pwCheckLock));
+ slot->pwCheckLock = NULL;
+ }
+ PORT_Free(slot);
+ return CKR_OK;
+}
+
+/*
+ * handle the SECMOD.db
+ */
+char **
+NSC_ModuleDBFunc(unsigned long function, char *parameters, void *args)
+{
+ char *secmod = NULL;
+ char *appName = NULL;
+ char *filename = NULL;
+ NSSDBType dbType = NSS_DB_TYPE_NONE;
+ PRBool rw;
+ static char *success = "Success";
+ char **rvstr = NULL;
+
+ rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args);
+ if (rvstr != NULL) {
+ return rvstr;
+ }
+
+ if (PORT_GetError() != SEC_ERROR_LEGACY_DATABASE) {
+ return NULL;
+ }
+
+ /* The legacy database uses the old dbm, which is only linked with the
+ * legacy DB handler, which is only callable from softoken */
+
+ secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName,
+ &filename, &rw);
+
+ switch (function) {
+ case SECMOD_MODULE_DB_FUNCTION_FIND:
+ if (secmod == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ if (rw && (dbType != NSS_DB_TYPE_LEGACY) &&
+ (dbType != NSS_DB_TYPE_MULTIACCESS)) {
+ /* if we get here, we are trying to update the local database */
+ /* force data from the legacy DB */
+ char *oldSecmod = NULL;
+ char *oldAppName = NULL;
+ char *oldFilename = NULL;
+ PRBool oldrw;
+ char **strings = NULL;
+ int i;
+
+ dbType = NSS_DB_TYPE_LEGACY;
+ oldSecmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &oldAppName,
+ &oldFilename, &oldrw);
+ strings = sftkdbCall_ReadSecmodDB(appName, oldFilename, oldSecmod,
+ (char *)parameters, oldrw);
+ if (strings) {
+ /* write out the strings */
+ for (i = 0; strings[i]; i++) {
+ NSSUTIL_DoModuleDBFunction(SECMOD_MODULE_DB_FUNCTION_ADD,
+ parameters, strings[i]);
+ }
+ sftkdbCall_ReleaseSecmodDBData(oldAppName, oldFilename, oldSecmod,
+ (char **)strings, oldrw);
+ } else {
+ /* write out a dummy record */
+ NSSUTIL_DoModuleDBFunction(SECMOD_MODULE_DB_FUNCTION_ADD,
+ parameters, " ");
+ }
+ if (oldSecmod) {
+ PR_smprintf_free(oldSecmod);
+ }
+ if (oldAppName) {
+ PORT_Free(oldAppName);
+ }
+ if (oldFilename) {
+ PORT_Free(oldFilename);
+ }
+ rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args);
+ break;
+ }
+ rvstr = sftkdbCall_ReadSecmodDB(appName, filename, secmod,
+ (char *)parameters, rw);
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_ADD:
+ if (secmod == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ rvstr = (sftkdbCall_AddSecmodDB(appName, filename, secmod,
+ (char *)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_DEL:
+ if (secmod == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ rvstr = (sftkdbCall_DeleteSecmodDB(appName, filename, secmod,
+ (char *)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_RELEASE:
+ rvstr = (sftkdbCall_ReleaseSecmodDBData(appName, filename, secmod,
+ (char **)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ }
+
+loser:
+ if (secmod)
+ PR_smprintf_free(secmod);
+ if (appName)
+ PORT_Free(appName);
+ if (filename)
+ PORT_Free(filename);
+ return rvstr;
+}
+
+static void
+nscFreeAllSlots(int moduleIndex)
+{
+ /* free all the slots */
+ SFTKSlot *slot = NULL;
+ CK_SLOT_ID slotID;
+ int i;
+
+ if (nscSlotList[moduleIndex]) {
+ CK_ULONG tmpSlotCount = nscSlotCount[moduleIndex];
+ CK_SLOT_ID_PTR tmpSlotList = nscSlotList[moduleIndex];
+ PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
+
+ /* first close all the session */
+ for (i = 0; i < (int)tmpSlotCount; i++) {
+ slotID = tmpSlotList[i];
+ (void)NSC_CloseAllSessions(slotID);
+ }
+
+ /* now clear out the statics */
+ nscSlotList[moduleIndex] = NULL;
+ nscSlotCount[moduleIndex] = 0;
+ nscSlotHashTable[moduleIndex] = NULL;
+ nscSlotListSize[moduleIndex] = 0;
+
+ for (i = 0; i < (int)tmpSlotCount; i++) {
+ slotID = tmpSlotList[i];
+ slot = (SFTKSlot *)
+ PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
+ PORT_Assert(slot);
+ if (!slot)
+ continue;
+ SFTK_DestroySlotData(slot);
+ PL_HashTableRemove(tmpSlotHashTable, (void *)slotID);
+ }
+ PORT_Free(tmpSlotList);
+ PL_HashTableDestroy(tmpSlotHashTable);
+ }
+}
+
+static void
+sftk_closePeer(PRBool isFIPS)
+{
+ CK_SLOT_ID slotID = isFIPS ? PRIVATE_KEY_SLOT_ID : FIPS_SLOT_ID;
+ SFTKSlot *slot;
+ int moduleIndex = isFIPS ? NSC_NON_FIPS_MODULE : NSC_FIPS_MODULE;
+ PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
+
+ slot = (SFTKSlot *)PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
+ if (slot == NULL) {
+ return;
+ }
+ sftk_DBShutdown(slot);
+ return;
+}
+
+/* NSC_Initialize initializes the Cryptoki library. */
+CK_RV
+nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS)
+{
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+ CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *)pReserved;
+ int i;
+ int moduleIndex = isFIPS ? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE;
+
+ if (isFIPS) {
+ loginWaitTime = PR_SecondsToInterval(1);
+ }
+
+ ENABLE_FORK_CHECK();
+
+ rv = SECOID_Init();
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ return crv;
+ }
+
+ rv = RNG_RNGInit(); /* initialize random number generator */
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ return crv;
+ }
+ rv = BL_Init(); /* initialize freebl engine */
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ return crv;
+ }
+
+ /* NOTE:
+ * we should be getting out mutexes from this list, not statically binding
+ * them from NSPR. This should happen before we allow the internal to split
+ * off from the rest on NSS.
+ */
+
+ /* initialize the key and cert db's */
+ if (init_args && (!(init_args->flags & CKF_OS_LOCKING_OK))) {
+ if (init_args->CreateMutex && init_args->DestroyMutex &&
+ init_args->LockMutex && init_args->UnlockMutex) {
+ /* softoken always uses NSPR (ie. OS locking), and doesn't know how
+ * to use the lock functions provided by the application.
+ */
+ crv = CKR_CANT_LOCK;
+ return crv;
+ }
+ if (init_args->CreateMutex || init_args->DestroyMutex ||
+ init_args->LockMutex || init_args->UnlockMutex) {
+ /* only some of the lock functions were provided by the
+ * application. This is invalid per PKCS#11 spec.
+ */
+ crv = CKR_ARGUMENTS_BAD;
+ return crv;
+ }
+ }
+ crv = CKR_ARGUMENTS_BAD;
+ if ((init_args && init_args->LibraryParameters)) {
+ sftk_parameters paramStrings;
+
+ crv = sftk_parseParameters((char *)init_args->LibraryParameters, &paramStrings, isFIPS);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_configure(paramStrings.man, paramStrings.libdes);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* if we have a peer already open, have him close his DB's so we
+ * don't clobber each other. */
+ if ((isFIPS && nsc_init) || (!isFIPS && nsf_init)) {
+ sftk_closePeer(isFIPS);
+ if (sftk_audit_enabled) {
+ if (isFIPS && nsc_init) {
+ sftk_LogAuditMessage(NSS_AUDIT_INFO, NSS_AUDIT_FIPS_STATE,
+ "enabled FIPS mode");
+ } else {
+ sftk_LogAuditMessage(NSS_AUDIT_INFO, NSS_AUDIT_FIPS_STATE,
+ "disabled FIPS mode");
+ }
+ }
+ }
+
+ for (i = 0; i < paramStrings.token_count; i++) {
+ crv = SFTK_SlotInit(paramStrings.configdir,
+ paramStrings.updatedir, paramStrings.updateID,
+ &paramStrings.tokens[i], moduleIndex);
+ if (crv != CKR_OK) {
+ nscFreeAllSlots(moduleIndex);
+ break;
+ }
+ }
+ loser:
+ sftk_freeParams(&paramStrings);
+ }
+ if (CKR_OK == crv) {
+ sftk_InitFreeLists();
+ }
+
+#ifndef NO_FORK_CHECK
+ if (CKR_OK == crv) {
+#if defined(CHECK_FORK_MIXED)
+ /* Before Solaris 10, fork handlers are not unregistered at dlclose()
+ * time. So, we only use pthread_atfork on Solaris 10 and later. For
+ * earlier versions, we use PID checks.
+ */
+ char buf[200];
+ int major = 0, minor = 0;
+
+ long rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0 && rv < sizeof(buf)) {
+ if (2 == sscanf(buf, "%d.%d", &major, &minor)) {
+ /* Are we on Solaris 10 or greater ? */
+ if (major > 5 || (5 == major && minor >= 10)) {
+ /* we are safe to use pthread_atfork */
+ usePthread_atfork = PR_TRUE;
+ }
+ }
+ }
+ if (usePthread_atfork) {
+ pthread_atfork(NULL, NULL, ForkedChild);
+ } else {
+ myPid = getpid();
+ }
+
+#elif defined(CHECK_FORK_PTHREAD)
+ pthread_atfork(NULL, NULL, ForkedChild);
+#elif defined(CHECK_FORK_GETPID)
+ myPid = getpid();
+#else
+#error Incorrect fork check method.
+#endif
+ }
+#endif
+ return crv;
+}
+
+CK_RV
+NSC_Initialize(CK_VOID_PTR pReserved)
+{
+ CK_RV crv;
+
+ sftk_ForkReset(pReserved, &crv);
+
+ if (nsc_init) {
+ return CKR_CRYPTOKI_ALREADY_INITIALIZED;
+ }
+ crv = nsc_CommonInitialize(pReserved, PR_FALSE);
+ nsc_init = (PRBool)(crv == CKR_OK);
+ return crv;
+}
+
+/* NSC_Finalize indicates that an application is done with the
+ * Cryptoki library.*/
+CK_RV
+nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS)
+{
+ /* propagate the fork status to freebl and util */
+ BL_SetForkState(parentForkedAfterC_Initialize);
+ UTIL_SetForkState(parentForkedAfterC_Initialize);
+
+ nscFreeAllSlots(isFIPS ? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE);
+
+ /* don't muck with the globals if our peer is still initialized */
+ if (isFIPS && nsc_init) {
+ return CKR_OK;
+ }
+ if (!isFIPS && nsf_init) {
+ return CKR_OK;
+ }
+
+ sftk_CleanupFreeLists();
+ sftkdb_Shutdown();
+
+ /* This function does not discard all our previously aquired entropy. */
+ RNG_RNGShutdown();
+
+ /* tell freeBL to clean up after itself */
+ BL_Cleanup();
+
+ /* reset fork status in freebl. We must do this before BL_Unload so that
+ * this call doesn't force freebl to be reloaded. */
+ BL_SetForkState(PR_FALSE);
+
+ /* unload freeBL shared library from memory. This may only decrement the
+ * OS refcount if it's been loaded multiple times, eg. by libssl */
+ BL_Unload();
+
+ /* clean up the default OID table */
+ SECOID_Shutdown();
+
+ /* reset fork status in util */
+ UTIL_SetForkState(PR_FALSE);
+
+ nsc_init = PR_FALSE;
+
+#ifdef CHECK_FORK_MIXED
+ if (!usePthread_atfork) {
+ myPid = 0; /* allow CHECK_FORK in the next softoken initialization to
+ * succeed */
+ } else {
+ forked = PR_FALSE; /* allow reinitialization */
+ }
+#elif defined(CHECK_FORK_GETPID)
+ myPid = 0; /* allow reinitialization */
+#elif defined(CHECK_FORK_PTHREAD)
+ forked = PR_FALSE; /* allow reinitialization */
+#endif
+ return CKR_OK;
+}
+
+/* Hard-reset the entire softoken PKCS#11 module if the parent process forked
+ * while it was initialized. */
+PRBool
+sftk_ForkReset(CK_VOID_PTR pReserved, CK_RV *crv)
+{
+#ifndef NO_FORK_CHECK
+ if (PARENT_FORKED()) {
+ parentForkedAfterC_Initialize = PR_TRUE;
+ if (nsc_init) {
+ /* finalize non-FIPS token */
+ *crv = nsc_CommonFinalize(pReserved, PR_FALSE);
+ PORT_Assert(CKR_OK == *crv);
+ nsc_init = (PRBool) !(*crv == CKR_OK);
+ }
+ if (nsf_init) {
+ /* finalize FIPS token */
+ *crv = nsc_CommonFinalize(pReserved, PR_TRUE);
+ PORT_Assert(CKR_OK == *crv);
+ nsf_init = (PRBool) !(*crv == CKR_OK);
+ }
+ parentForkedAfterC_Initialize = PR_FALSE;
+ return PR_TRUE;
+ }
+#endif
+ return PR_FALSE;
+}
+
+/* NSC_Finalize indicates that an application is done with the
+ * Cryptoki library.*/
+CK_RV
+NSC_Finalize(CK_VOID_PTR pReserved)
+{
+ CK_RV crv;
+
+ /* reset entire PKCS#11 module upon fork */
+ if (sftk_ForkReset(pReserved, &crv)) {
+ return crv;
+ }
+
+ if (!nsc_init) {
+ return CKR_OK;
+ }
+
+ crv = nsc_CommonFinalize(pReserved, PR_FALSE);
+
+ nsc_init = (PRBool) !(crv == CKR_OK);
+
+ return crv;
+}
+
+extern const char __nss_softokn_version[];
+
+/* NSC_GetInfo returns general information about Cryptoki. */
+CK_RV
+NSC_GetInfo(CK_INFO_PTR pInfo)
+{
+#define NSS_VERSION_VARIABLE __nss_softokn_version
+#include "verref.h"
+
+ CHECK_FORK();
+
+ pInfo->cryptokiVersion.major = 2;
+ pInfo->cryptokiVersion.minor = 20;
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID, 32);
+ pInfo->libraryVersion.major = SOFTOKEN_VMAJOR;
+ pInfo->libraryVersion.minor = SOFTOKEN_VMINOR;
+ PORT_Memcpy(pInfo->libraryDescription, libraryDescription, 32);
+ pInfo->flags = 0;
+ return CKR_OK;
+}
+
+/* NSC_GetSlotList obtains a list of slots in the system. */
+CK_RV
+nsc_CommonGetSlotList(CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex)
+{
+ *pulCount = nscSlotCount[moduleIndex];
+ if (pSlotList != NULL) {
+ PORT_Memcpy(pSlotList, nscSlotList[moduleIndex],
+ nscSlotCount[moduleIndex] * sizeof(CK_SLOT_ID));
+ }
+ return CKR_OK;
+}
+
+/* NSC_GetSlotList obtains a list of slots in the system. */
+CK_RV
+NSC_GetSlotList(CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
+{
+ CHECK_FORK();
+ return nsc_CommonGetSlotList(tokenPresent, pSlotList, pulCount,
+ NSC_NON_FIPS_MODULE);
+}
+
+/* NSC_GetSlotInfo obtains information about a particular slot in the system. */
+CK_RV
+NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
+{
+ SFTKSlot *slot = sftk_SlotFromID(slotID, PR_TRUE);
+
+ CHECK_FORK();
+
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID,
+ sizeof(pInfo->manufacturerID));
+ PORT_Memcpy(pInfo->slotDescription, slot->slotDescription,
+ sizeof(pInfo->slotDescription));
+ pInfo->flags = (slot->present) ? CKF_TOKEN_PRESENT : 0;
+
+ /* all user defined slots are defined as removable */
+ if (slotID >= SFTK_MIN_USER_SLOT_ID) {
+ pInfo->flags |= CKF_REMOVABLE_DEVICE;
+ } else {
+ /* In the case where we are doing a merge update, we need
+ * the DB slot to be removable so the token name can change
+ * appropriately. */
+ SFTKDBHandle *handle = sftk_getKeyDB(slot);
+ if (handle) {
+ if (sftkdb_InUpdateMerge(handle)) {
+ pInfo->flags |= CKF_REMOVABLE_DEVICE;
+ }
+ sftk_freeDB(handle);
+ }
+ }
+
+ /* ok we really should read it out of the keydb file. */
+ /* pInfo->hardwareVersion.major = NSSLOWKEY_DB_FILE_VERSION; */
+ pInfo->hardwareVersion.major = SOFTOKEN_VMAJOR;
+ pInfo->hardwareVersion.minor = SOFTOKEN_VMINOR;
+ pInfo->firmwareVersion.major = SOFTOKEN_VPATCH;
+ pInfo->firmwareVersion.minor = SOFTOKEN_VBUILD;
+ return CKR_OK;
+}
+
+/*
+ * check the current state of the 'needLogin' flag in case the database has
+ * been changed underneath us.
+ */
+static PRBool
+sftk_checkNeedLogin(SFTKSlot *slot, SFTKDBHandle *keyHandle)
+{
+ if (sftkdb_PWCached(keyHandle) == SECSuccess) {
+ return slot->needLogin;
+ }
+ slot->needLogin = (PRBool)!sftk_hasNullPassword(slot, keyHandle);
+ return (slot->needLogin);
+}
+
+static PRBool
+sftk_isBlank(const char *s, int len)
+{
+ int i;
+ for (i = 0; i < len; i++) {
+ if (s[i] != ' ') {
+ return PR_FALSE;
+ }
+ }
+ return PR_TRUE;
+}
+
+/* NSC_GetTokenInfo obtains information about a particular token in
+ * the system. */
+CK_RV
+NSC_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
+{
+ SFTKSlot *slot;
+ SFTKDBHandle *handle;
+
+ CHECK_FORK();
+
+ if (!nsc_init && !nsf_init)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ slot = sftk_SlotFromID(slotID, PR_FALSE);
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID, 32);
+ PORT_Memcpy(pInfo->model, "NSS 3 ", 16);
+ PORT_Memcpy(pInfo->serialNumber, "0000000000000000", 16);
+ PORT_Memcpy(pInfo->utcTime, "0000000000000000", 16);
+ pInfo->ulMaxSessionCount = 0; /* arbitrarily large */
+ pInfo->ulSessionCount = slot->sessionCount;
+ pInfo->ulMaxRwSessionCount = 0; /* arbitarily large */
+ pInfo->ulRwSessionCount = slot->rwSessionCount;
+ pInfo->firmwareVersion.major = 0;
+ pInfo->firmwareVersion.minor = 0;
+ PORT_Memcpy(pInfo->label, slot->tokDescription, sizeof(pInfo->label));
+ handle = sftk_getKeyDB(slot);
+ pInfo->flags = CKF_RNG | CKF_DUAL_CRYPTO_OPERATIONS;
+ if (handle == NULL) {
+ pInfo->flags |= CKF_WRITE_PROTECTED;
+ pInfo->ulMaxPinLen = 0;
+ pInfo->ulMinPinLen = 0;
+ pInfo->ulTotalPublicMemory = 0;
+ pInfo->ulFreePublicMemory = 0;
+ pInfo->ulTotalPrivateMemory = 0;
+ pInfo->ulFreePrivateMemory = 0;
+ pInfo->hardwareVersion.major = 4;
+ pInfo->hardwareVersion.minor = 0;
+ } else {
+ /*
+ * we have three possible states which we may be in:
+ * (1) No DB password has been initialized. This also means we
+ * have no keys in the key db.
+ * (2) Password initialized to NULL. This means we have keys, but
+ * the user has chosen not use a password.
+ * (3) Finally we have an initialized password whicn is not NULL, and
+ * we will need to prompt for it.
+ */
+ if (sftkdb_HasPasswordSet(handle) == SECFailure) {
+ pInfo->flags |= CKF_LOGIN_REQUIRED;
+ } else if (!sftk_checkNeedLogin(slot, handle)) {
+ pInfo->flags |= CKF_USER_PIN_INITIALIZED;
+ } else {
+ pInfo->flags |= CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED;
+ /*
+ * if we are doing a merge style update, and we need to get the password
+ * of our source database (the database we are updating from), make sure we
+ * return a token name that will match the database we are prompting for.
+ */
+ if (sftkdb_NeedUpdateDBPassword(handle)) {
+ /* if we have an update tok description, use it. otherwise
+ * use the updateID for this database */
+ if (!sftk_isBlank(slot->updateTokDescription,
+ sizeof(pInfo->label))) {
+ PORT_Memcpy(pInfo->label, slot->updateTokDescription,
+ sizeof(pInfo->label));
+ } else {
+ /* build from updateID */
+ const char *updateID = sftkdb_GetUpdateID(handle);
+ if (updateID) {
+ sftk_setStringName(updateID, (char *)pInfo->label,
+ sizeof(pInfo->label), PR_FALSE);
+ }
+ }
+ }
+ }
+ pInfo->ulMaxPinLen = SFTK_MAX_PIN;
+ pInfo->ulMinPinLen = (CK_ULONG)slot->minimumPinLen;
+ pInfo->ulTotalPublicMemory = 1;
+ pInfo->ulFreePublicMemory = 1;
+ pInfo->ulTotalPrivateMemory = 1;
+ pInfo->ulFreePrivateMemory = 1;
+#ifdef SHDB_FIXME
+ pInfo->hardwareVersion.major = CERT_DB_FILE_VERSION;
+ pInfo->hardwareVersion.minor = handle->version;
+#else
+ pInfo->hardwareVersion.major = 0;
+ pInfo->hardwareVersion.minor = 0;
+#endif
+ sftk_freeDB(handle);
+ }
+ /*
+ * CKF_LOGIN_REQUIRED CKF_USER_PIN_INITIALIZED how CKF_TOKEN_INITIALIZED
+ * should be set
+ * 0 0 1
+ * 1 0 0
+ * 0 1 1
+ * 1 1 1
+ */
+ if (!(pInfo->flags & CKF_LOGIN_REQUIRED) ||
+ (pInfo->flags & CKF_USER_PIN_INITIALIZED)) {
+ pInfo->flags |= CKF_TOKEN_INITIALIZED;
+ }
+ return CKR_OK;
+}
+
+/* NSC_GetMechanismList obtains a list of mechanism types
+ * supported by a token. */
+CK_RV
+NSC_GetMechanismList(CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount)
+{
+ CK_ULONG i;
+
+ CHECK_FORK();
+
+ switch (slotID) {
+ /* default: */
+ case NETSCAPE_SLOT_ID:
+ *pulCount = mechanismCount;
+ if (pMechanismList != NULL) {
+ for (i = 0; i < mechanismCount; i++) {
+ pMechanismList[i] = mechanisms[i].type;
+ }
+ }
+ break;
+ default:
+ *pulCount = 0;
+ for (i = 0; i < mechanismCount; i++) {
+ if (mechanisms[i].privkey) {
+ (*pulCount)++;
+ if (pMechanismList != NULL) {
+ *pMechanismList++ = mechanisms[i].type;
+ }
+ }
+ }
+ break;
+ }
+ return CKR_OK;
+}
+
+/* NSC_GetMechanismInfo obtains information about a particular mechanism
+ * possibly supported by a token. */
+CK_RV
+NSC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ PRBool isPrivateKey;
+ CK_ULONG i;
+
+ CHECK_FORK();
+
+ switch (slotID) {
+ case NETSCAPE_SLOT_ID:
+ isPrivateKey = PR_FALSE;
+ break;
+ default:
+ isPrivateKey = PR_TRUE;
+ break;
+ }
+ for (i = 0; i < mechanismCount; i++) {
+ if (type == mechanisms[i].type) {
+ if (isPrivateKey && !mechanisms[i].privkey) {
+ return CKR_MECHANISM_INVALID;
+ }
+ PORT_Memcpy(pInfo, &mechanisms[i].info, sizeof(CK_MECHANISM_INFO));
+ return CKR_OK;
+ }
+ }
+ return CKR_MECHANISM_INVALID;
+}
+
+CK_RV
+sftk_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op)
+{
+ CK_ULONG i;
+ CK_FLAGS flags;
+
+ switch (op) {
+ case CKA_ENCRYPT:
+ flags = CKF_ENCRYPT;
+ break;
+ case CKA_DECRYPT:
+ flags = CKF_DECRYPT;
+ break;
+ case CKA_WRAP:
+ flags = CKF_WRAP;
+ break;
+ case CKA_UNWRAP:
+ flags = CKF_UNWRAP;
+ break;
+ case CKA_SIGN:
+ flags = CKF_SIGN;
+ break;
+ case CKA_SIGN_RECOVER:
+ flags = CKF_SIGN_RECOVER;
+ break;
+ case CKA_VERIFY:
+ flags = CKF_VERIFY;
+ break;
+ case CKA_VERIFY_RECOVER:
+ flags = CKF_VERIFY_RECOVER;
+ break;
+ case CKA_DERIVE:
+ flags = CKF_DERIVE;
+ break;
+ default:
+ return CKR_ARGUMENTS_BAD;
+ }
+ for (i = 0; i < mechanismCount; i++) {
+ if (type == mechanisms[i].type) {
+ return (flags & mechanisms[i].info.flags) ? CKR_OK
+ : CKR_MECHANISM_INVALID;
+ }
+ }
+ return CKR_MECHANISM_INVALID;
+}
+
+/* NSC_InitToken initializes a token. */
+CK_RV
+NSC_InitToken(CK_SLOT_ID slotID, CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen, CK_CHAR_PTR pLabel)
+{
+ SFTKSlot *slot = sftk_SlotFromID(slotID, PR_FALSE);
+ SFTKDBHandle *handle;
+ SFTKDBHandle *certHandle;
+ SECStatus rv;
+ unsigned int i;
+ SFTKObject *object;
+
+ CHECK_FORK();
+
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ /* don't initialize the database if we aren't talking to a token
+ * that uses the key database.
+ */
+ if (slotID == NETSCAPE_SLOT_ID) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* first, delete all our loaded key and cert objects from our
+ * internal list. */
+ PZ_Lock(slot->objectLock);
+ for (i = 0; i < slot->sessObjHashSize; i++) {
+ do {
+ object = slot->sessObjHashTable[i];
+ /* hand deque */
+ /* this duplicates function of NSC_close session functions, but
+ * because we know that we are freeing all the sessions, we can
+ * do more efficient processing */
+ if (object) {
+ slot->sessObjHashTable[i] = object->next;
+
+ if (object->next)
+ object->next->prev = NULL;
+ object->next = object->prev = NULL;
+ }
+ if (object)
+ sftk_FreeObject(object);
+ } while (object != NULL);
+ }
+ slot->DB_loaded = PR_FALSE;
+ PZ_Unlock(slot->objectLock);
+
+ /* then clear out the key database */
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ rv = sftkdb_ResetKeyDB(handle);
+ sftk_freeDB(handle);
+ if (rv != SECSuccess) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ /* finally mark all the user certs as non-user certs */
+ certHandle = sftk_getCertDB(slot);
+ if (certHandle == NULL)
+ return CKR_OK;
+
+ sftk_freeDB(certHandle);
+
+ return CKR_OK; /*is this the right function for not implemented*/
+}
+
+/* NSC_InitPIN initializes the normal user's PIN. */
+CK_RV
+NSC_InitPIN(CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
+{
+ SFTKSession *sp = NULL;
+ SFTKSlot *slot;
+ SFTKDBHandle *handle = NULL;
+ char newPinStr[SFTK_MAX_PIN + 1];
+ SECStatus rv;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+ PRBool tokenRemoved = PR_FALSE;
+
+ CHECK_FORK();
+
+ sp = sftk_SessionFromHandle(hSession);
+ if (sp == NULL) {
+ goto loser;
+ }
+
+ slot = sftk_SlotFromSession(sp);
+ if (slot == NULL) {
+ goto loser;
+ }
+
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+
+ if (sp->info.state != CKS_RW_SO_FUNCTIONS) {
+ crv = CKR_USER_NOT_LOGGED_IN;
+ goto loser;
+ }
+
+ sftk_FreeSession(sp);
+ sp = NULL;
+
+ /* make sure the pins aren't too long */
+ if (ulPinLen > SFTK_MAX_PIN) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+ if (ulPinLen < (CK_ULONG)slot->minimumPinLen) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+
+ if (sftkdb_HasPasswordSet(handle) != SECFailure) {
+ crv = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ /* convert to null terminated string */
+ PORT_Memcpy(newPinStr, pPin, ulPinLen);
+ newPinStr[ulPinLen] = 0;
+
+ /* build the hashed pins which we pass around */
+
+ /* change the data base */
+ rv = sftkdb_ChangePassword(handle, NULL, newPinStr, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ sftk_freeDB(handle);
+ handle = NULL;
+
+ /* Now update our local copy of the pin */
+ if (rv == SECSuccess) {
+ if (ulPinLen == 0)
+ slot->needLogin = PR_FALSE;
+ /* database has been initialized, now force min password in FIPS
+ * mode. NOTE: if we are in level1, we may not have a password, but
+ * forcing it now will prevent an insufficient password from being set.
+ */
+ if ((sftk_GetModuleIndex(slot->slotID) == NSC_FIPS_MODULE) &&
+ (slot->minimumPinLen < FIPS_MIN_PIN)) {
+ slot->minimumPinLen = FIPS_MIN_PIN;
+ }
+ return CKR_OK;
+ }
+ crv = CKR_PIN_INCORRECT;
+
+loser:
+ if (sp) {
+ sftk_FreeSession(sp);
+ }
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+/* NSC_SetPIN modifies the PIN of user that is currently logged in. */
+/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
+CK_RV
+NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen, CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
+{
+ SFTKSession *sp = NULL;
+ SFTKSlot *slot;
+ SFTKDBHandle *handle = NULL;
+ char newPinStr[SFTK_MAX_PIN + 1], oldPinStr[SFTK_MAX_PIN + 1];
+ SECStatus rv;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+ PRBool tokenRemoved = PR_FALSE;
+
+ CHECK_FORK();
+
+ sp = sftk_SessionFromHandle(hSession);
+ if (sp == NULL) {
+ goto loser;
+ }
+
+ slot = sftk_SlotFromSession(sp);
+ if (!slot) {
+ goto loser;
+ }
+
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ sftk_FreeSession(sp);
+ return CKR_PIN_LEN_RANGE; /* XXX FIXME wrong return value */
+ }
+
+ if (slot->needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
+ crv = CKR_USER_NOT_LOGGED_IN;
+ goto loser;
+ }
+
+ sftk_FreeSession(sp);
+ sp = NULL;
+
+ /* make sure the pins aren't too long */
+ if ((ulNewLen > SFTK_MAX_PIN) || (ulOldLen > SFTK_MAX_PIN)) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+ if (ulNewLen < (CK_ULONG)slot->minimumPinLen) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+
+ /* convert to null terminated string */
+ PORT_Memcpy(newPinStr, pNewPin, ulNewLen);
+ newPinStr[ulNewLen] = 0;
+ PORT_Memcpy(oldPinStr, pOldPin, ulOldLen);
+ oldPinStr[ulOldLen] = 0;
+
+ /* change the data base password */
+ PR_Lock(slot->pwCheckLock);
+ rv = sftkdb_ChangePassword(handle, oldPinStr, newPinStr, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ if ((rv != SECSuccess) && (slot->slotID == FIPS_SLOT_ID)) {
+ PR_Sleep(loginWaitTime);
+ }
+ PR_Unlock(slot->pwCheckLock);
+
+ /* Now update our local copy of the pin */
+ if (rv == SECSuccess) {
+ slot->needLogin = (PRBool)(ulNewLen != 0);
+ /* Reset login flags. */
+ if (ulNewLen == 0) {
+ PRBool tokenRemoved = PR_FALSE;
+ PZ_Lock(slot->slotLock);
+ slot->isLoggedIn = PR_FALSE;
+ slot->ssoLoggedIn = PR_FALSE;
+ PZ_Unlock(slot->slotLock);
+
+ rv = sftkdb_CheckPassword(handle, "", &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ }
+ sftk_update_all_states(slot);
+ sftk_freeDB(handle);
+ return CKR_OK;
+ }
+ crv = CKR_PIN_INCORRECT;
+loser:
+ if (sp) {
+ sftk_FreeSession(sp);
+ }
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+/* NSC_OpenSession opens a session between an application and a token. */
+CK_RV
+NSC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
+ CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession)
+{
+ SFTKSlot *slot;
+ CK_SESSION_HANDLE sessionID;
+ SFTKSession *session;
+ SFTKSession *sameID;
+
+ CHECK_FORK();
+
+ slot = sftk_SlotFromID(slotID, PR_FALSE);
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ /* new session (we only have serial sessions) */
+ session = sftk_NewSession(slotID, Notify, pApplication,
+ flags | CKF_SERIAL_SESSION);
+ if (session == NULL)
+ return CKR_HOST_MEMORY;
+
+ if (slot->readOnly && (flags & CKF_RW_SESSION)) {
+ /* NETSCAPE_SLOT_ID is Read ONLY */
+ session->info.flags &= ~CKF_RW_SESSION;
+ }
+ PZ_Lock(slot->slotLock);
+ ++slot->sessionCount;
+ PZ_Unlock(slot->slotLock);
+ if (session->info.flags & CKF_RW_SESSION) {
+ (void)PR_ATOMIC_INCREMENT(&slot->rwSessionCount);
+ }
+
+ do {
+ PZLock *lock;
+ do {
+ sessionID = (PR_ATOMIC_INCREMENT(&slot->sessionIDCount) & 0xffffff) | (slot->index << 24);
+ } while (sessionID == CK_INVALID_HANDLE);
+ lock = SFTK_SESSION_LOCK(slot, sessionID);
+ PZ_Lock(lock);
+ sftkqueue_find(sameID, sessionID, slot->head, slot->sessHashSize);
+ if (sameID == NULL) {
+ session->handle = sessionID;
+ sftk_update_state(slot, session);
+ sftkqueue_add(session, sessionID, slot->head, slot->sessHashSize);
+ } else {
+ slot->sessionIDConflict++; /* for debugging */
+ }
+ PZ_Unlock(lock);
+ } while (sameID != NULL);
+
+ *phSession = sessionID;
+ return CKR_OK;
+}
+
+/* NSC_CloseSession closes a session between an application and a token. */
+CK_RV
+NSC_CloseSession(CK_SESSION_HANDLE hSession)
+{
+ SFTKSlot *slot;
+ SFTKSession *session;
+ PRBool sessionFound;
+ PZLock *lock;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ slot = sftk_SlotFromSession(session);
+ sessionFound = PR_FALSE;
+
+ /* lock */
+ lock = SFTK_SESSION_LOCK(slot, hSession);
+ PZ_Lock(lock);
+ if (sftkqueue_is_queued(session, hSession, slot->head, slot->sessHashSize)) {
+ sessionFound = PR_TRUE;
+ sftkqueue_delete(session, hSession, slot->head, slot->sessHashSize);
+ session->refCount--; /* can't go to zero while we hold the reference */
+ PORT_Assert(session->refCount > 0);
+ }
+ PZ_Unlock(lock);
+
+ if (sessionFound) {
+ SFTKDBHandle *handle;
+ handle = sftk_getKeyDB(slot);
+ PZ_Lock(slot->slotLock);
+ if (--slot->sessionCount == 0) {
+ slot->isLoggedIn = PR_FALSE;
+ if (slot->needLogin && handle) {
+ sftkdb_ClearPassword(handle);
+ }
+ }
+ PZ_Unlock(slot->slotLock);
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ if (session->info.flags & CKF_RW_SESSION) {
+ (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount);
+ }
+ }
+
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_CloseAllSessions closes all sessions with a token. */
+CK_RV
+NSC_CloseAllSessions(CK_SLOT_ID slotID)
+{
+ SFTKSlot *slot;
+
+#ifndef NO_FORK_CHECK
+ /* skip fork check if we are being called from C_Initialize or C_Finalize */
+ if (!parentForkedAfterC_Initialize) {
+ CHECK_FORK();
+ }
+#endif
+
+ slot = sftk_SlotFromID(slotID, PR_FALSE);
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ return sftk_CloseAllSessions(slot, PR_TRUE);
+}
+
+/* NSC_GetSessionInfo obtains information about the session. */
+CK_RV
+NSC_GetSessionInfo(CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo)
+{
+ SFTKSession *session;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+
+ PORT_Memcpy(pInfo, &session->info, sizeof(CK_SESSION_INFO));
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_Login logs a user into a token. */
+CK_RV
+NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
+{
+ SFTKSlot *slot;
+ SFTKSession *session;
+ SFTKDBHandle *handle;
+ CK_FLAGS sessionFlags;
+ SECStatus rv;
+ CK_RV crv;
+ char pinStr[SFTK_MAX_PIN + 1];
+ PRBool tokenRemoved = PR_FALSE;
+
+ CHECK_FORK();
+
+ /* get the slot */
+ slot = sftk_SlotFromSessionHandle(hSession);
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /* make sure the session is valid */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ sessionFlags = session->info.flags;
+ sftk_FreeSession(session);
+ session = NULL;
+
+ /* can't log into the Netscape Slot */
+ if (slot->slotID == NETSCAPE_SLOT_ID) {
+ return CKR_USER_TYPE_INVALID;
+ }
+
+ if (slot->isLoggedIn)
+ return CKR_USER_ALREADY_LOGGED_IN;
+ if (!slot->needLogin) {
+ return ulPinLen ? CKR_PIN_INCORRECT : CKR_OK;
+ }
+ slot->ssoLoggedIn = PR_FALSE;
+
+ if (ulPinLen > SFTK_MAX_PIN)
+ return CKR_PIN_LEN_RANGE;
+
+ /* convert to null terminated string */
+ if (ulPinLen) {
+ PORT_Memcpy(pinStr, pPin, ulPinLen);
+ }
+ pinStr[ulPinLen] = 0;
+
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ return CKR_USER_TYPE_INVALID;
+ }
+
+ /*
+ * Deal with bootstrap. We allow the SSO to login in with a NULL
+ * password if and only if we haven't initialized the KEY DB yet.
+ * We only allow this on a RW session.
+ */
+ rv = sftkdb_HasPasswordSet(handle);
+ if (rv == SECFailure) {
+ /* allow SSO's to log in only if there is not password on the
+ * key database */
+ if (((userType == CKU_SO) && (sessionFlags & CKF_RW_SESSION))
+ /* fips always needs to authenticate, even if there isn't a db */
+ || (slot->slotID == FIPS_SLOT_ID)) {
+ /* should this be a fixed password? */
+ if (ulPinLen == 0) {
+ sftkdb_ClearPassword(handle);
+ PZ_Lock(slot->slotLock);
+ slot->isLoggedIn = PR_TRUE;
+ slot->ssoLoggedIn = (PRBool)(userType == CKU_SO);
+ PZ_Unlock(slot->slotLock);
+ sftk_update_all_states(slot);
+ crv = CKR_OK;
+ goto done;
+ }
+ crv = CKR_PIN_INCORRECT;
+ goto done;
+ }
+ crv = CKR_USER_TYPE_INVALID;
+ goto done;
+ }
+
+ /* don't allow the SSO to log in if the user is already initialized */
+ if (userType != CKU_USER) {
+ crv = CKR_USER_TYPE_INVALID;
+ goto done;
+ }
+
+ /* build the hashed pins which we pass around */
+ PR_Lock(slot->pwCheckLock);
+ rv = sftkdb_CheckPassword(handle, pinStr, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ if ((rv != SECSuccess) && (slot->slotID == FIPS_SLOT_ID)) {
+ PR_Sleep(loginWaitTime);
+ }
+ PR_Unlock(slot->pwCheckLock);
+ if (rv == SECSuccess) {
+ PZ_Lock(slot->slotLock);
+ /* make sure the login state matches the underlying
+ * database state */
+ slot->isLoggedIn = sftkdb_PWCached(handle) == SECSuccess ? PR_TRUE : PR_FALSE;
+ PZ_Unlock(slot->slotLock);
+
+ sftk_freeDB(handle);
+ handle = NULL;
+
+ /* update all sessions */
+ sftk_update_all_states(slot);
+ return CKR_OK;
+ }
+
+ crv = CKR_PIN_INCORRECT;
+done:
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+/* NSC_Logout logs a user out from a token. */
+CK_RV
+NSC_Logout(CK_SESSION_HANDLE hSession)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKDBHandle *handle;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ sftk_FreeSession(session);
+ session = NULL;
+
+ if (!slot->isLoggedIn)
+ return CKR_USER_NOT_LOGGED_IN;
+
+ handle = sftk_getKeyDB(slot);
+ PZ_Lock(slot->slotLock);
+ slot->isLoggedIn = PR_FALSE;
+ slot->ssoLoggedIn = PR_FALSE;
+ if (slot->needLogin && handle) {
+ sftkdb_ClearPassword(handle);
+ }
+ PZ_Unlock(slot->slotLock);
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+
+ sftk_update_all_states(slot);
+ return CKR_OK;
+}
+
+/*
+ * Create or remove a new slot on the fly.
+ * When creating a slot, "slot" is the slot that the request came from. The
+ * resulting slot will live in the same module as "slot".
+ * When removing a slot, "slot" is the slot to be removed.
+ * "object" is the creation object that specifies the module spec for the slot
+ * to add or remove.
+ */
+static CK_RV
+sftk_CreateNewSlot(SFTKSlot *slot, CK_OBJECT_CLASS class,
+ SFTKObject *object)
+{
+ PRBool isValidUserSlot = PR_FALSE;
+ PRBool isValidFIPSUserSlot = PR_FALSE;
+ PRBool isValidSlot = PR_FALSE;
+ PRBool isFIPS = PR_FALSE;
+ unsigned long moduleIndex = NSC_NON_FIPS_MODULE;
+ SFTKAttribute *attribute;
+ sftk_parameters paramStrings;
+ char *paramString;
+ CK_SLOT_ID slotID = 0;
+ SFTKSlot *newSlot = NULL;
+ CK_RV crv = CKR_OK;
+
+ if (class != CKO_NETSCAPE_DELSLOT && class != CKO_NETSCAPE_NEWSLOT) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ if (class == CKO_NETSCAPE_NEWSLOT && slot->slotID == FIPS_SLOT_ID) {
+ isFIPS = PR_TRUE;
+ }
+ attribute = sftk_FindAttribute(object, CKA_NETSCAPE_MODULE_SPEC);
+ if (attribute == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ paramString = (char *)attribute->attrib.pValue;
+ crv = sftk_parseParameters(paramString, &paramStrings, isFIPS);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* enforce only one at a time */
+ if (paramStrings.token_count != 1) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ slotID = paramStrings.tokens[0].slotID;
+
+ /* stay within the valid ID space */
+ isValidUserSlot = (slotID >= SFTK_MIN_USER_SLOT_ID &&
+ slotID <= SFTK_MAX_USER_SLOT_ID);
+ isValidFIPSUserSlot = (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID &&
+ slotID <= SFTK_MAX_FIPS_USER_SLOT_ID);
+
+ if (class == CKO_NETSCAPE_DELSLOT) {
+ if (slot->slotID == slotID) {
+ isValidSlot = isValidUserSlot || isValidFIPSUserSlot;
+ }
+ } else {
+ /* only the crypto or FIPS slots can create new slot objects */
+ if (slot->slotID == NETSCAPE_SLOT_ID) {
+ isValidSlot = isValidUserSlot;
+ moduleIndex = NSC_NON_FIPS_MODULE;
+ } else if (slot->slotID == FIPS_SLOT_ID) {
+ isValidSlot = isValidFIPSUserSlot;
+ moduleIndex = NSC_FIPS_MODULE;
+ }
+ }
+
+ if (!isValidSlot) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ /* unload any existing slot at this id */
+ newSlot = sftk_SlotFromID(slotID, PR_TRUE);
+ if (newSlot && newSlot->present) {
+ crv = SFTK_ShutdownSlot(newSlot);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ }
+
+ /* if we were just planning on deleting the slot, then do so now */
+ if (class == CKO_NETSCAPE_DELSLOT) {
+ /* sort of a unconventional use of this error code, be we are
+ * overusing CKR_ATTRIBUTE_VALUE_INVALID, and it does apply */
+ crv = newSlot ? CKR_OK : CKR_SLOT_ID_INVALID;
+ goto loser; /* really exit */
+ }
+
+ if (newSlot) {
+ crv = SFTK_SlotReInit(newSlot, paramStrings.configdir,
+ paramStrings.updatedir, paramStrings.updateID,
+ &paramStrings.tokens[0], moduleIndex);
+ } else {
+ crv = SFTK_SlotInit(paramStrings.configdir,
+ paramStrings.updatedir, paramStrings.updateID,
+ &paramStrings.tokens[0], moduleIndex);
+ }
+
+loser:
+ sftk_freeParams(&paramStrings);
+ sftk_FreeAttribute(attribute);
+
+ return crv;
+}
+
+/* NSC_CreateObject creates a new object. */
+CK_RV
+NSC_CreateObject(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKObject *object;
+ /* make sure class isn't randomly CKO_NETSCAPE_NEWSLOT or
+ * CKO_NETSCPE_DELSLOT. */
+ CK_OBJECT_CLASS class = CKO_VENDOR_DEFINED;
+ CK_RV crv;
+ int i;
+
+ CHECK_FORK();
+
+ *phObject = CK_INVALID_HANDLE;
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ object = sftk_NewObject(slot); /* fill in the handle later */
+ if (object == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulCount; i++) {
+ crv = sftk_AddAttributeType(object, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK) {
+ sftk_FreeObject(object);
+ return crv;
+ }
+ if ((pTemplate[i].type == CKA_CLASS) && pTemplate[i].pValue) {
+ class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
+ }
+ }
+
+ /* get the session */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ sftk_FreeObject(object);
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /*
+ * handle pseudo objects (CKO_NEWSLOT)
+ */
+ if ((class == CKO_NETSCAPE_NEWSLOT) || (class == CKO_NETSCAPE_DELSLOT)) {
+ crv = sftk_CreateNewSlot(slot, class, object);
+ goto done;
+ }
+
+ /*
+ * handle the base object stuff
+ */
+ crv = sftk_handleObject(object, session);
+ *phObject = object->handle;
+done:
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+
+ return crv;
+}
+
+/* NSC_CopyObject copies an object, creating a new object for the copy. */
+CK_RV
+NSC_CopyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
+{
+ SFTKObject *destObject, *srcObject;
+ SFTKSession *session;
+ CK_RV crv = CKR_OK;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ int i;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /* Get srcObject so we can find the class */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ srcObject = sftk_ObjectFromHandle(hObject, session);
+ if (srcObject == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ /*
+ * create an object to hang the attributes off of
+ */
+ destObject = sftk_NewObject(slot); /* fill in the handle later */
+ if (destObject == NULL) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(srcObject);
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulCount; i++) {
+ if (sftk_modifyType(pTemplate[i].type, srcObject->objclass) == SFTK_NEVER) {
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ break;
+ }
+ crv = sftk_AddAttributeType(destObject, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK) {
+ break;
+ }
+ }
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(srcObject);
+ sftk_FreeObject(destObject);
+ return crv;
+ }
+
+ /* sensitive can only be changed to CK_TRUE */
+ if (sftk_hasAttribute(destObject, CKA_SENSITIVE)) {
+ if (!sftk_isTrue(destObject, CKA_SENSITIVE)) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(srcObject);
+ sftk_FreeObject(destObject);
+ return CKR_ATTRIBUTE_READ_ONLY;
+ }
+ }
+
+ /*
+ * now copy the old attributes from the new attributes
+ */
+ /* don't create a token object if we aren't in a rw session */
+ /* we need to hold the lock to copy a consistant version of
+ * the object. */
+ crv = sftk_CopyObject(destObject, srcObject);
+
+ destObject->objclass = srcObject->objclass;
+ sftk_FreeObject(srcObject);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(destObject);
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ crv = sftk_handleObject(destObject, session);
+ *phNewObject = destObject->handle;
+ sftk_FreeSession(session);
+ sftk_FreeObject(destObject);
+
+ return crv;
+}
+
+/* NSC_GetObjectSize gets the size of an object in bytes. */
+CK_RV
+NSC_GetObjectSize(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize)
+{
+ CHECK_FORK();
+
+ *pulSize = 0;
+ return CKR_OK;
+}
+
+/* NSC_GetAttributeValue obtains the value of one or more object attributes. */
+CK_RV
+NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKObject *object;
+ SFTKAttribute *attribute;
+ PRBool sensitive;
+ CK_RV crv;
+ int i;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * make sure we're allowed
+ */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /* short circuit everything for token objects */
+ if (sftk_isToken(hObject)) {
+ SFTKSlot *slot = sftk_SlotFromSession(session);
+ SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject);
+ SFTKDBHandle *keydb = NULL;
+
+ if (dbHandle == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount);
+
+ /* make sure we don't export any sensitive information */
+ keydb = sftk_getKeyDB(slot);
+ if (dbHandle == keydb) {
+ for (i = 0; i < (int)ulCount; i++) {
+ if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) {
+ crv = CKR_ATTRIBUTE_SENSITIVE;
+ if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) {
+ PORT_Memset(pTemplate[i].pValue, 0,
+ pTemplate[i].ulValueLen);
+ }
+ pTemplate[i].ulValueLen = -1;
+ }
+ }
+ }
+
+ sftk_FreeSession(session);
+ sftk_freeDB(dbHandle);
+ if (keydb) {
+ sftk_freeDB(keydb);
+ }
+ return crv;
+ }
+
+ /* handle the session object */
+ object = sftk_ObjectFromHandle(hObject, session);
+ sftk_FreeSession(session);
+ if (object == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ /* don't read a private object if we aren't logged in */
+ if ((!slot->isLoggedIn) && (slot->needLogin) &&
+ (sftk_isTrue(object, CKA_PRIVATE))) {
+ sftk_FreeObject(object);
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ crv = CKR_OK;
+ sensitive = sftk_isTrue(object, CKA_SENSITIVE);
+ for (i = 0; i < (int)ulCount; i++) {
+ /* Make sure that this attribute is retrievable */
+ if (sensitive && sftk_isSensitive(pTemplate[i].type, object->objclass)) {
+ crv = CKR_ATTRIBUTE_SENSITIVE;
+ pTemplate[i].ulValueLen = -1;
+ continue;
+ }
+ attribute = sftk_FindAttribute(object, pTemplate[i].type);
+ if (attribute == NULL) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ pTemplate[i].ulValueLen = -1;
+ continue;
+ }
+ if (pTemplate[i].pValue != NULL) {
+ PORT_Memcpy(pTemplate[i].pValue, attribute->attrib.pValue,
+ attribute->attrib.ulValueLen);
+ }
+ pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
+ sftk_FreeAttribute(attribute);
+ }
+
+ sftk_FreeObject(object);
+ return crv;
+}
+
+/* NSC_SetAttributeValue modifies the value of one or more object attributes */
+CK_RV
+NSC_SetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKAttribute *attribute;
+ SFTKObject *object;
+ PRBool isToken;
+ CK_RV crv = CKR_OK;
+ CK_BBOOL legal;
+ int i;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * make sure we're allowed
+ */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ object = sftk_ObjectFromHandle(hObject, session);
+ if (object == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ /* don't modify a private object if we aren't logged in */
+ if ((!slot->isLoggedIn) && (slot->needLogin) &&
+ (sftk_isTrue(object, CKA_PRIVATE))) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ /* don't modify a token object if we aren't in a rw session */
+ isToken = sftk_isTrue(object, CKA_TOKEN);
+ if (((session->info.flags & CKF_RW_SESSION) == 0) && isToken) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+ return CKR_SESSION_READ_ONLY;
+ }
+ sftk_FreeSession(session);
+
+ /* only change modifiable objects */
+ if (!sftk_isTrue(object, CKA_MODIFIABLE)) {
+ sftk_FreeObject(object);
+ return CKR_ATTRIBUTE_READ_ONLY;
+ }
+
+ for (i = 0; i < (int)ulCount; i++) {
+ /* Make sure that this attribute is changeable */
+ switch (sftk_modifyType(pTemplate[i].type, object->objclass)) {
+ case SFTK_NEVER:
+ case SFTK_ONCOPY:
+ default:
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ break;
+
+ case SFTK_SENSITIVE:
+ legal = (pTemplate[i].type == CKA_EXTRACTABLE) ? CK_FALSE : CK_TRUE;
+ if ((*(CK_BBOOL *)pTemplate[i].pValue) != legal) {
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ }
+ break;
+ case SFTK_ALWAYS:
+ break;
+ }
+ if (crv != CKR_OK)
+ break;
+
+ /* find the old attribute */
+ attribute = sftk_FindAttribute(object, pTemplate[i].type);
+ if (attribute == NULL) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ sftk_FreeAttribute(attribute);
+ crv = sftk_forceAttribute(object, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+ }
+
+ sftk_FreeObject(object);
+ return crv;
+}
+
+static CK_RV
+sftk_expandSearchList(SFTKSearchResults *search, int count)
+{
+ search->array_size += count;
+ search->handles = (CK_OBJECT_HANDLE *)PORT_Realloc(search->handles,
+ sizeof(CK_OBJECT_HANDLE) * search->array_size);
+ return search->handles ? CKR_OK : CKR_HOST_MEMORY;
+}
+
+static CK_RV
+sftk_searchDatabase(SFTKDBHandle *handle, SFTKSearchResults *search,
+ const CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
+{
+ CK_RV crv;
+ int objectListSize = search->array_size - search->size;
+ CK_OBJECT_HANDLE *array = &search->handles[search->size];
+ SDBFind *find;
+ CK_ULONG count;
+
+ crv = sftkdb_FindObjectsInit(handle, pTemplate, ulCount, &find);
+ if (crv != CKR_OK)
+ return crv;
+ do {
+ crv = sftkdb_FindObjects(handle, find, array, objectListSize, &count);
+ if ((crv != CKR_OK) || (count == 0))
+ break;
+ search->size += count;
+ objectListSize -= count;
+ if (objectListSize > 0)
+ break;
+ crv = sftk_expandSearchList(search, NSC_SEARCH_BLOCK_SIZE);
+ objectListSize = NSC_SEARCH_BLOCK_SIZE;
+ array = &search->handles[search->size];
+ } while (crv == CKR_OK);
+ sftkdb_FindObjectsFinal(handle, find);
+
+ return crv;
+}
+
+/* softoken used to search the SMimeEntries automatically instead of
+ * doing this in pk11wrap. This code should really be up in
+ * pk11wrap so that it will work with other tokens other than softoken.
+ */
+CK_RV
+sftk_emailhack(SFTKSlot *slot, SFTKDBHandle *handle,
+ SFTKSearchResults *search, CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
+{
+ PRBool isCert = PR_FALSE;
+ int emailIndex = -1;
+ unsigned int i;
+ SFTKSearchResults smime_search;
+ CK_ATTRIBUTE smime_template[2];
+ CK_OBJECT_CLASS smime_class = CKO_NETSCAPE_SMIME;
+ SFTKAttribute *attribute = NULL;
+ SFTKObject *object = NULL;
+ CK_RV crv = CKR_OK;
+
+ smime_search.handles = NULL; /* paranoia, some one is bound to add a goto
+ * loser before this gets initialized */
+
+ /* see if we are looking for email certs */
+ for (i = 0; i < ulCount; i++) {
+ if (pTemplate[i].type == CKA_CLASS) {
+ if ((pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS) ||
+ (*(CK_OBJECT_CLASS *)pTemplate[i].pValue) != CKO_CERTIFICATE)) {
+ /* not a cert, skip out */
+ break;
+ }
+ isCert = PR_TRUE;
+ } else if (pTemplate[i].type == CKA_NETSCAPE_EMAIL) {
+ emailIndex = i;
+ }
+ if (isCert && (emailIndex != -1))
+ break;
+ }
+
+ if (!isCert || (emailIndex == -1)) {
+ return CKR_OK;
+ }
+
+ /* we are doing a cert and email search, find the SMimeEntry */
+ smime_template[0].type = CKA_CLASS;
+ smime_template[0].pValue = &smime_class;
+ smime_template[0].ulValueLen = sizeof(smime_class);
+ smime_template[1] = pTemplate[emailIndex];
+
+ smime_search.handles = (CK_OBJECT_HANDLE *)
+ PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
+ if (smime_search.handles == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ smime_search.index = 0;
+ smime_search.size = 0;
+ smime_search.array_size = NSC_SEARCH_BLOCK_SIZE;
+
+ crv = sftk_searchDatabase(handle, &smime_search, smime_template, 2);
+ if (crv != CKR_OK || smime_search.size == 0) {
+ goto loser;
+ }
+
+ /* get the SMime subject */
+ object = sftk_NewTokenObject(slot, NULL, smime_search.handles[0]);
+ if (object == NULL) {
+ crv = CKR_HOST_MEMORY; /* is there any other reason for this failure? */
+ goto loser;
+ }
+ attribute = sftk_FindAttribute(object, CKA_SUBJECT);
+ if (attribute == NULL) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+
+ /* now find the certs with that subject */
+ pTemplate[emailIndex] = attribute->attrib;
+ /* now add the appropriate certs to the search list */
+ crv = sftk_searchDatabase(handle, search, pTemplate, ulCount);
+ pTemplate[emailIndex] = smime_template[1]; /* restore the user's template*/
+
+loser:
+ if (attribute) {
+ sftk_FreeAttribute(attribute);
+ }
+ if (object) {
+ sftk_FreeObject(object);
+ }
+ if (smime_search.handles) {
+ PORT_Free(smime_search.handles);
+ }
+
+ return crv;
+}
+
+static void
+sftk_pruneSearch(CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount,
+ PRBool *searchCertDB, PRBool *searchKeyDB)
+{
+ CK_ULONG i;
+
+ *searchCertDB = PR_TRUE;
+ *searchKeyDB = PR_TRUE;
+ for (i = 0; i < ulCount; i++) {
+ if (pTemplate[i].type == CKA_CLASS && pTemplate[i].pValue != NULL) {
+ CK_OBJECT_CLASS class = *((CK_OBJECT_CLASS *)pTemplate[i].pValue);
+ if (class == CKO_PRIVATE_KEY || class == CKO_SECRET_KEY) {
+ *searchCertDB = PR_FALSE;
+ } else {
+ *searchKeyDB = PR_FALSE;
+ }
+ break;
+ }
+ }
+}
+
+static CK_RV
+sftk_searchTokenList(SFTKSlot *slot, SFTKSearchResults *search,
+ CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount,
+ PRBool *tokenOnly, PRBool isLoggedIn)
+{
+ CK_RV crv = CKR_OK;
+ CK_RV crv2;
+ PRBool searchCertDB;
+ PRBool searchKeyDB;
+
+ sftk_pruneSearch(pTemplate, ulCount, &searchCertDB, &searchKeyDB);
+
+ if (searchCertDB) {
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+ crv = sftk_searchDatabase(certHandle, search, pTemplate, ulCount);
+ crv2 = sftk_emailhack(slot, certHandle, search, pTemplate, ulCount);
+ if (crv == CKR_OK)
+ crv = crv2;
+ sftk_freeDB(certHandle);
+ }
+
+ if (crv == CKR_OK && isLoggedIn && searchKeyDB) {
+ SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
+ crv = sftk_searchDatabase(keyHandle, search, pTemplate, ulCount);
+ sftk_freeDB(keyHandle);
+ }
+ return crv;
+}
+
+/* NSC_FindObjectsInit initializes a search for token and session objects
+ * that match a template. */
+CK_RV
+NSC_FindObjectsInit(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSearchResults *search = NULL, *freeSearch = NULL;
+ SFTKSession *session = NULL;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ PRBool tokenOnly = PR_FALSE;
+ CK_RV crv = CKR_OK;
+ PRBool isLoggedIn;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ crv = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ search = (SFTKSearchResults *)PORT_Alloc(sizeof(SFTKSearchResults));
+ if (search == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ search->handles = (CK_OBJECT_HANDLE *)
+ PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
+ if (search->handles == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ search->index = 0;
+ search->size = 0;
+ search->array_size = NSC_SEARCH_BLOCK_SIZE;
+ isLoggedIn = (PRBool)((!slot->needLogin) || slot->isLoggedIn);
+
+ crv = sftk_searchTokenList(slot, search, pTemplate, ulCount, &tokenOnly,
+ isLoggedIn);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* build list of found objects in the session */
+ if (!tokenOnly) {
+ crv = sftk_searchObjectList(search, slot->sessObjHashTable,
+ slot->sessObjHashSize, slot->objectLock,
+ pTemplate, ulCount, isLoggedIn);
+ }
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ if ((freeSearch = session->search) != NULL) {
+ session->search = NULL;
+ sftk_FreeSearch(freeSearch);
+ }
+ session->search = search;
+ sftk_FreeSession(session);
+ return CKR_OK;
+
+loser:
+ if (search) {
+ sftk_FreeSearch(search);
+ }
+ if (session) {
+ sftk_FreeSession(session);
+ }
+ return crv;
+}
+
+/* NSC_FindObjects continues a search for token and session objects
+ * that match a template, obtaining additional object handles. */
+CK_RV
+NSC_FindObjects(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount)
+{
+ SFTKSession *session;
+ SFTKSearchResults *search;
+ int transfer;
+ int left;
+
+ CHECK_FORK();
+
+ *pulObjectCount = 0;
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ if (session->search == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OK;
+ }
+ search = session->search;
+ left = session->search->size - session->search->index;
+ transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
+ if (transfer > 0) {
+ PORT_Memcpy(phObject, &search->handles[search->index],
+ transfer * sizeof(CK_OBJECT_HANDLE));
+ } else {
+ *phObject = CK_INVALID_HANDLE;
+ }
+
+ search->index += transfer;
+ if (search->index == search->size) {
+ session->search = NULL;
+ sftk_FreeSearch(search);
+ }
+ *pulObjectCount = transfer;
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_FindObjectsFinal finishes a search for token and session objects. */
+CK_RV
+NSC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
+{
+ SFTKSession *session;
+ SFTKSearchResults *search;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ search = session->search;
+ session->search = NULL;
+ sftk_FreeSession(session);
+ if (search != NULL) {
+ sftk_FreeSearch(search);
+ }
+ return CKR_OK;
+}
+
+CK_RV
+NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved)
+{
+ CHECK_FORK();
+
+ return CKR_FUNCTION_NOT_SUPPORTED;
+}
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
new file mode 100644
index 000000000..5c696115b
--- /dev/null
+++ b/security/nss/lib/softoken/pkcs11c.c
@@ -0,0 +1,7797 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements PKCS 11 on top of our existing security modules
+ *
+ * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
+ * This implementation has two slots:
+ * slot 1 is our generic crypto support. It does not require login.
+ * It supports Public Key ops, and all they bulk ciphers and hashes.
+ * It can also support Private Key ops for imported Private keys. It does
+ * not have any token storage.
+ * slot 2 is our private key support. It requires a login before use. It
+ * can store Private Keys and Certs as token objects. Currently only private
+ * keys and their associated Certificates are saved on the token.
+ *
+ * In this implementation, session objects are only visible to the session
+ * that created or generated them.
+ */
+#include "seccomon.h"
+#include "secitem.h"
+#include "secport.h"
+#include "blapi.h"
+#include "pkcs11.h"
+#include "pkcs11i.h"
+#include "pkcs1sig.h"
+#include "lowkeyi.h"
+#include "secder.h"
+#include "secdig.h"
+#include "lowpbe.h" /* We do PBE below */
+#include "pkcs11t.h"
+#include "secoid.h"
+#include "alghmac.h"
+#include "softoken.h"
+#include "secasn1.h"
+#include "secerr.h"
+
+#include "prprf.h"
+#include "prenv.h"
+
+#define __PASTE(x, y) x##y
+
+/*
+ * we renamed all our internal functions, get the correct
+ * definitions for them...
+ */
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#define CK_EXTERN extern
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ CK_RV __PASTE(NS, func)
+#define CK_NEED_ARG_LIST 1
+
+#include "pkcs11f.h"
+
+typedef struct {
+ PRUint8 client_version[2];
+ PRUint8 random[46];
+} SSL3RSAPreMasterSecret;
+
+static void
+sftk_Null(void *data, PRBool freeit)
+{
+ return;
+}
+
+#ifndef NSS_DISABLE_ECC
+#ifdef EC_DEBUG
+#define SEC_PRINT(str1, str2, num, sitem) \
+ printf("pkcs11c.c:%s:%s (keytype=%d) [len=%d]\n", \
+ str1, str2, num, sitem->len); \
+ for (i = 0; i < sitem->len; i++) { \
+ printf("%02x:", sitem->data[i]); \
+ } \
+ printf("\n")
+#else
+#undef EC_DEBUG
+#define SEC_PRINT(a, b, c, d)
+#endif
+#endif /* NSS_DISABLE_ECC */
+
+/*
+ * free routines.... Free local type allocated data, and convert
+ * other free routines to the destroy signature.
+ */
+static void
+sftk_FreePrivKey(NSSLOWKEYPrivateKey *key, PRBool freeit)
+{
+ nsslowkey_DestroyPrivateKey(key);
+}
+
+static void
+sftk_Space(void *data, PRBool freeit)
+{
+ PORT_Free(data);
+}
+
+/*
+ * map all the SEC_ERROR_xxx error codes that may be returned by freebl
+ * functions to CKR_xxx. return CKR_DEVICE_ERROR by default for backward
+ * compatibility.
+ */
+static CK_RV
+sftk_MapCryptError(int error)
+{
+ switch (error) {
+ case SEC_ERROR_INVALID_ARGS:
+ case SEC_ERROR_BAD_DATA: /* MP_RANGE gets mapped to this */
+ return CKR_ARGUMENTS_BAD;
+ case SEC_ERROR_INPUT_LEN:
+ return CKR_DATA_LEN_RANGE;
+ case SEC_ERROR_OUTPUT_LEN:
+ return CKR_BUFFER_TOO_SMALL;
+ case SEC_ERROR_LIBRARY_FAILURE:
+ return CKR_GENERAL_ERROR;
+ case SEC_ERROR_NO_MEMORY:
+ return CKR_HOST_MEMORY;
+ case SEC_ERROR_BAD_SIGNATURE:
+ return CKR_SIGNATURE_INVALID;
+ case SEC_ERROR_INVALID_KEY:
+ return CKR_KEY_SIZE_RANGE;
+ case SEC_ERROR_BAD_KEY: /* an EC public key that fails validation */
+ return CKR_KEY_SIZE_RANGE; /* the closest error code */
+ case SEC_ERROR_UNSUPPORTED_EC_POINT_FORM:
+ return CKR_TEMPLATE_INCONSISTENT;
+ /* EC functions set this error if NSS_DISABLE_ECC is defined */
+ case SEC_ERROR_UNSUPPORTED_KEYALG:
+ return CKR_MECHANISM_INVALID;
+ case SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE:
+ return CKR_DOMAIN_PARAMS_INVALID;
+ /* key pair generation failed after max number of attempts */
+ case SEC_ERROR_NEED_RANDOM:
+ return CKR_FUNCTION_FAILED;
+ }
+ return CKR_DEVICE_ERROR;
+}
+
+/* used by Decrypt and UnwrapKey (indirectly) */
+static CK_RV
+sftk_MapDecryptError(int error)
+{
+ switch (error) {
+ case SEC_ERROR_BAD_DATA:
+ return CKR_ENCRYPTED_DATA_INVALID;
+ default:
+ return sftk_MapCryptError(error);
+ }
+}
+
+/*
+ * return CKR_SIGNATURE_INVALID instead of CKR_DEVICE_ERROR by default for
+ * backward compatibilty.
+ */
+static CK_RV
+sftk_MapVerifyError(int error)
+{
+ CK_RV crv = sftk_MapCryptError(error);
+ if (crv == CKR_DEVICE_ERROR)
+ crv = CKR_SIGNATURE_INVALID;
+ return crv;
+}
+
+/*
+ * turn a CDMF key into a des key. CDMF is an old IBM scheme to export DES by
+ * Deprecating a full des key to 40 bit key strenth.
+ */
+static CK_RV
+sftk_cdmf2des(unsigned char *cdmfkey, unsigned char *deskey)
+{
+ unsigned char key1[8] = { 0xc4, 0x08, 0xb0, 0x54, 0x0b, 0xa1, 0xe0, 0xae };
+ unsigned char key2[8] = { 0xef, 0x2c, 0x04, 0x1c, 0xe6, 0x38, 0x2f, 0xe6 };
+ unsigned char enc_src[8];
+ unsigned char enc_dest[8];
+ unsigned int leng, i;
+ DESContext *descx;
+ SECStatus rv;
+
+ /* zero the parity bits */
+ for (i = 0; i < 8; i++) {
+ enc_src[i] = cdmfkey[i] & 0xfe;
+ }
+
+ /* encrypt with key 1 */
+ descx = DES_CreateContext(key1, NULL, NSS_DES, PR_TRUE);
+ if (descx == NULL)
+ return CKR_HOST_MEMORY;
+ rv = DES_Encrypt(descx, enc_dest, &leng, 8, enc_src, 8);
+ DES_DestroyContext(descx, PR_TRUE);
+ if (rv != SECSuccess)
+ return sftk_MapCryptError(PORT_GetError());
+
+ /* xor source with des, zero the parity bits and deprecate the key*/
+ for (i = 0; i < 8; i++) {
+ if (i & 1) {
+ enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0xfe;
+ } else {
+ enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0x0e;
+ }
+ }
+
+ /* encrypt with key 2 */
+ descx = DES_CreateContext(key2, NULL, NSS_DES, PR_TRUE);
+ if (descx == NULL)
+ return CKR_HOST_MEMORY;
+ rv = DES_Encrypt(descx, deskey, &leng, 8, enc_src, 8);
+ DES_DestroyContext(descx, PR_TRUE);
+ if (rv != SECSuccess)
+ return sftk_MapCryptError(PORT_GetError());
+
+ /* set the corret parity on our new des key */
+ sftk_FormatDESKey(deskey, 8);
+ return CKR_OK;
+}
+
+/* NSC_DestroyObject destroys an object. */
+CK_RV
+NSC_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKObject *object;
+ SFTKFreeStatus status;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * This whole block just makes sure we really can destroy the
+ * requested object.
+ */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ object = sftk_ObjectFromHandle(hObject, session);
+ if (object == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ /* don't destroy a private object if we aren't logged in */
+ if ((!slot->isLoggedIn) && (slot->needLogin) &&
+ (sftk_isTrue(object, CKA_PRIVATE))) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ /* don't destroy a token object if we aren't in a rw session */
+
+ if (((session->info.flags & CKF_RW_SESSION) == 0) &&
+ (sftk_isTrue(object, CKA_TOKEN))) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+ return CKR_SESSION_READ_ONLY;
+ }
+
+ sftk_DeleteObject(session, object);
+
+ sftk_FreeSession(session);
+
+ /*
+ * get some indication if the object is destroyed. Note: this is not
+ * 100%. Someone may have an object reference outstanding (though that
+ * should not be the case by here. Also note that the object is "half"
+ * destroyed. Our internal representation is destroyed, but it may still
+ * be in the data base.
+ */
+ status = sftk_FreeObject(object);
+
+ return (status != SFTK_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR;
+}
+
+/*
+ ************** Crypto Functions: Utilities ************************
+ */
+/*
+ * Utility function for converting PSS/OAEP parameter types into
+ * HASH_HashTypes. Note: Only SHA family functions are defined in RFC 3447.
+ */
+static HASH_HashType
+GetHashTypeFromMechanism(CK_MECHANISM_TYPE mech)
+{
+ switch (mech) {
+ case CKM_SHA_1:
+ case CKG_MGF1_SHA1:
+ return HASH_AlgSHA1;
+ case CKM_SHA224:
+ case CKG_MGF1_SHA224:
+ return HASH_AlgSHA224;
+ case CKM_SHA256:
+ case CKG_MGF1_SHA256:
+ return HASH_AlgSHA256;
+ case CKM_SHA384:
+ case CKG_MGF1_SHA384:
+ return HASH_AlgSHA384;
+ case CKM_SHA512:
+ case CKG_MGF1_SHA512:
+ return HASH_AlgSHA512;
+ default:
+ return HASH_AlgNULL;
+ }
+}
+
+/*
+ * Returns true if "params" contains a valid set of PSS parameters
+ */
+static PRBool
+sftk_ValidatePssParams(const CK_RSA_PKCS_PSS_PARAMS *params)
+{
+ if (!params) {
+ return PR_FALSE;
+ }
+ if (GetHashTypeFromMechanism(params->hashAlg) == HASH_AlgNULL ||
+ GetHashTypeFromMechanism(params->mgf) == HASH_AlgNULL) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/*
+ * Returns true if "params" contains a valid set of OAEP parameters
+ */
+static PRBool
+sftk_ValidateOaepParams(const CK_RSA_PKCS_OAEP_PARAMS *params)
+{
+ if (!params) {
+ return PR_FALSE;
+ }
+ /* The requirements of ulSourceLen/pSourceData come from PKCS #11, which
+ * state:
+ * If the parameter is empty, pSourceData must be NULL and
+ * ulSourceDataLen must be zero.
+ */
+ if (params->source != CKZ_DATA_SPECIFIED ||
+ (GetHashTypeFromMechanism(params->hashAlg) == HASH_AlgNULL) ||
+ (GetHashTypeFromMechanism(params->mgf) == HASH_AlgNULL) ||
+ (params->ulSourceDataLen == 0 && params->pSourceData != NULL) ||
+ (params->ulSourceDataLen != 0 && params->pSourceData == NULL)) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/*
+ * return a context based on the SFTKContext type.
+ */
+SFTKSessionContext *
+sftk_ReturnContextByType(SFTKSession *session, SFTKContextType type)
+{
+ switch (type) {
+ case SFTK_ENCRYPT:
+ case SFTK_DECRYPT:
+ return session->enc_context;
+ case SFTK_HASH:
+ return session->hash_context;
+ case SFTK_SIGN:
+ case SFTK_SIGN_RECOVER:
+ case SFTK_VERIFY:
+ case SFTK_VERIFY_RECOVER:
+ return session->hash_context;
+ }
+ return NULL;
+}
+
+/*
+ * change a context based on the SFTKContext type.
+ */
+void
+sftk_SetContextByType(SFTKSession *session, SFTKContextType type,
+ SFTKSessionContext *context)
+{
+ switch (type) {
+ case SFTK_ENCRYPT:
+ case SFTK_DECRYPT:
+ session->enc_context = context;
+ break;
+ case SFTK_HASH:
+ session->hash_context = context;
+ break;
+ case SFTK_SIGN:
+ case SFTK_SIGN_RECOVER:
+ case SFTK_VERIFY:
+ case SFTK_VERIFY_RECOVER:
+ session->hash_context = context;
+ break;
+ }
+ return;
+}
+
+/*
+ * code to grab the context. Needed by every C_XXXUpdate, C_XXXFinal,
+ * and C_XXX function. The function takes a session handle, the context type,
+ * and wether or not the session needs to be multipart. It returns the context,
+ * and optionally returns the session pointer (if sessionPtr != NULL) if session
+ * pointer is returned, the caller is responsible for freeing it.
+ */
+static CK_RV
+sftk_GetContext(CK_SESSION_HANDLE handle, SFTKSessionContext **contextPtr,
+ SFTKContextType type, PRBool needMulti, SFTKSession **sessionPtr)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+
+ session = sftk_SessionFromHandle(handle);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ context = sftk_ReturnContextByType(session, type);
+ /* make sure the context is valid */
+ if ((context == NULL) || (context->type != type) || (needMulti && !(context->multi))) {
+ sftk_FreeSession(session);
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+ *contextPtr = context;
+ if (sessionPtr != NULL) {
+ *sessionPtr = session;
+ } else {
+ sftk_FreeSession(session);
+ }
+ return CKR_OK;
+}
+
+/** Terminate operation (in the PKCS#11 spec sense).
+ * Intuitive name for FreeContext/SetNullContext pair.
+ */
+static void
+sftk_TerminateOp(SFTKSession *session, SFTKContextType ctype,
+ SFTKSessionContext *context)
+{
+ sftk_FreeContext(context);
+ sftk_SetContextByType(session, ctype, NULL);
+}
+
+/*
+ ************** Crypto Functions: Encrypt ************************
+ */
+
+/*
+ * All the NSC_InitXXX functions have a set of common checks and processing they
+ * all need to do at the beginning. This is done here.
+ */
+static CK_RV
+sftk_InitGeneric(SFTKSession *session, SFTKSessionContext **contextPtr,
+ SFTKContextType ctype, SFTKObject **keyPtr,
+ CK_OBJECT_HANDLE hKey, CK_KEY_TYPE *keyTypePtr,
+ CK_OBJECT_CLASS pubKeyType, CK_ATTRIBUTE_TYPE operation)
+{
+ SFTKObject *key = NULL;
+ SFTKAttribute *att;
+ SFTKSessionContext *context;
+
+ /* We can only init if there is not current context active */
+ if (sftk_ReturnContextByType(session, ctype) != NULL) {
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ /* find the key */
+ if (keyPtr) {
+ key = sftk_ObjectFromHandle(hKey, session);
+ if (key == NULL) {
+ return CKR_KEY_HANDLE_INVALID;
+ }
+
+ /* make sure it's a valid key for this operation */
+ if (((key->objclass != CKO_SECRET_KEY) && (key->objclass != pubKeyType)) || !sftk_isTrue(key, operation)) {
+ sftk_FreeObject(key);
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ /* get the key type */
+ att = sftk_FindAttribute(key, CKA_KEY_TYPE);
+ if (att == NULL) {
+ sftk_FreeObject(key);
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ PORT_Assert(att->attrib.ulValueLen == sizeof(CK_KEY_TYPE));
+ if (att->attrib.ulValueLen != sizeof(CK_KEY_TYPE)) {
+ sftk_FreeAttribute(att);
+ sftk_FreeObject(key);
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ PORT_Memcpy(keyTypePtr, att->attrib.pValue, sizeof(CK_KEY_TYPE));
+ sftk_FreeAttribute(att);
+ *keyPtr = key;
+ }
+
+ /* allocate the context structure */
+ context = (SFTKSessionContext *)PORT_Alloc(sizeof(SFTKSessionContext));
+ if (context == NULL) {
+ if (key)
+ sftk_FreeObject(key);
+ return CKR_HOST_MEMORY;
+ }
+ context->type = ctype;
+ context->multi = PR_TRUE;
+ context->rsa = PR_FALSE;
+ context->cipherInfo = NULL;
+ context->hashInfo = NULL;
+ context->doPad = PR_FALSE;
+ context->padDataLength = 0;
+ context->key = key;
+ context->blockSize = 0;
+ context->maxLen = 0;
+
+ *contextPtr = context;
+ return CKR_OK;
+}
+
+static int
+sftk_aes_mode(CK_MECHANISM_TYPE mechanism)
+{
+ switch (mechanism) {
+ case CKM_AES_CBC_PAD:
+ case CKM_AES_CBC:
+ return NSS_AES_CBC;
+ case CKM_AES_ECB:
+ return NSS_AES;
+ case CKM_AES_CTS:
+ return NSS_AES_CTS;
+ case CKM_AES_CTR:
+ return NSS_AES_CTR;
+ case CKM_AES_GCM:
+ return NSS_AES_GCM;
+ }
+ return -1;
+}
+
+static SECStatus
+sftk_RSAEncryptRaw(NSSLOWKEYPublicKey *key, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = RSA_EncryptRaw(&key->u.rsa, output, outputLen, maxLen, input,
+ inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+
+ return rv;
+}
+
+static SECStatus
+sftk_RSADecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = RSA_DecryptRaw(&key->u.rsa, output, outputLen, maxLen, input,
+ inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+
+ return rv;
+}
+
+static SECStatus
+sftk_RSAEncrypt(NSSLOWKEYPublicKey *key, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = RSA_EncryptBlock(&key->u.rsa, output, outputLen, maxLen, input,
+ inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+
+ return rv;
+}
+
+static SECStatus
+sftk_RSADecrypt(NSSLOWKEYPrivateKey *key, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = RSA_DecryptBlock(&key->u.rsa, output, outputLen, maxLen, input,
+ inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+
+ return rv;
+}
+
+static SECStatus
+sftk_RSAEncryptOAEP(SFTKOAEPEncryptInfo *info, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ HASH_HashType hashAlg;
+ HASH_HashType maskHashAlg;
+
+ PORT_Assert(info->key->keyType == NSSLOWKEYRSAKey);
+ if (info->key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ hashAlg = GetHashTypeFromMechanism(info->params->hashAlg);
+ maskHashAlg = GetHashTypeFromMechanism(info->params->mgf);
+
+ return RSA_EncryptOAEP(&info->key->u.rsa, hashAlg, maskHashAlg,
+ (const unsigned char *)info->params->pSourceData,
+ info->params->ulSourceDataLen, NULL, 0,
+ output, outputLen, maxLen, input, inputLen);
+}
+
+static SECStatus
+sftk_RSADecryptOAEP(SFTKOAEPDecryptInfo *info, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+ HASH_HashType hashAlg;
+ HASH_HashType maskHashAlg;
+
+ PORT_Assert(info->key->keyType == NSSLOWKEYRSAKey);
+ if (info->key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ hashAlg = GetHashTypeFromMechanism(info->params->hashAlg);
+ maskHashAlg = GetHashTypeFromMechanism(info->params->mgf);
+
+ rv = RSA_DecryptOAEP(&info->key->u.rsa, hashAlg, maskHashAlg,
+ (const unsigned char *)info->params->pSourceData,
+ info->params->ulSourceDataLen,
+ output, outputLen, maxLen, input, inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ return rv;
+}
+
+static SFTKChaCha20Poly1305Info *
+sftk_ChaCha20Poly1305_CreateContext(const unsigned char *key,
+ unsigned int keyLen,
+ const CK_NSS_AEAD_PARAMS *params)
+{
+ SFTKChaCha20Poly1305Info *ctx;
+
+ if (params->ulNonceLen != sizeof(ctx->nonce)) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return NULL;
+ }
+
+ ctx = PORT_New(SFTKChaCha20Poly1305Info);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ if (ChaCha20Poly1305_InitContext(&ctx->freeblCtx, key, keyLen,
+ params->ulTagLen) != SECSuccess) {
+ PORT_Free(ctx);
+ return NULL;
+ }
+
+ PORT_Memcpy(ctx->nonce, params->pNonce, sizeof(ctx->nonce));
+
+ /* AAD data and length must both be null, or both non-null. */
+ PORT_Assert((params->pAAD == NULL) == (params->ulAADLen == 0));
+
+ if (params->ulAADLen > sizeof(ctx->ad)) {
+ /* Need to allocate an overflow buffer for the additional data. */
+ ctx->adOverflow = (unsigned char *)PORT_Alloc(params->ulAADLen);
+ if (!ctx->adOverflow) {
+ PORT_Free(ctx);
+ return NULL;
+ }
+ PORT_Memcpy(ctx->adOverflow, params->pAAD, params->ulAADLen);
+ } else {
+ ctx->adOverflow = NULL;
+ if (params->pAAD) {
+ PORT_Memcpy(ctx->ad, params->pAAD, params->ulAADLen);
+ }
+ }
+ ctx->adLen = params->ulAADLen;
+
+ return ctx;
+}
+
+static void
+sftk_ChaCha20Poly1305_DestroyContext(SFTKChaCha20Poly1305Info *ctx,
+ PRBool freeit)
+{
+ ChaCha20Poly1305_DestroyContext(&ctx->freeblCtx, PR_FALSE);
+ if (ctx->adOverflow != NULL) {
+ PORT_Free(ctx->adOverflow);
+ ctx->adOverflow = NULL;
+ }
+ ctx->adLen = 0;
+ if (freeit) {
+ PORT_Free(ctx);
+ }
+}
+
+static SECStatus
+sftk_ChaCha20Poly1305_Encrypt(const SFTKChaCha20Poly1305Info *ctx,
+ unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ const unsigned char *ad = ctx->adOverflow;
+
+ if (ad == NULL) {
+ ad = ctx->ad;
+ }
+
+ return ChaCha20Poly1305_Seal(&ctx->freeblCtx, output, outputLen,
+ maxOutputLen, input, inputLen, ctx->nonce,
+ sizeof(ctx->nonce), ad, ctx->adLen);
+}
+
+static SECStatus
+sftk_ChaCha20Poly1305_Decrypt(const SFTKChaCha20Poly1305Info *ctx,
+ unsigned char *output, unsigned int *outputLen,
+ unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ const unsigned char *ad = ctx->adOverflow;
+
+ if (ad == NULL) {
+ ad = ctx->ad;
+ }
+
+ return ChaCha20Poly1305_Open(&ctx->freeblCtx, output, outputLen,
+ maxOutputLen, input, inputLen, ctx->nonce,
+ sizeof(ctx->nonce), ad, ctx->adLen);
+}
+
+/** NSC_CryptInit initializes an encryption/Decryption operation.
+ *
+ * Always called by NSC_EncryptInit, NSC_DecryptInit, NSC_WrapKey,NSC_UnwrapKey.
+ * Called by NSC_SignInit, NSC_VerifyInit (via sftk_InitCBCMac) only for block
+ * ciphers MAC'ing.
+ */
+static CK_RV
+sftk_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey,
+ CK_ATTRIBUTE_TYPE mechUsage, CK_ATTRIBUTE_TYPE keyUsage,
+ SFTKContextType contextType, PRBool isEncrypt)
+{
+ SFTKSession *session;
+ SFTKObject *key;
+ SFTKSessionContext *context;
+ SFTKAttribute *att;
+ CK_RC2_CBC_PARAMS *rc2_param;
+#if NSS_SOFTOKEN_DOES_RC5
+ CK_RC5_CBC_PARAMS *rc5_param;
+ SECItem rc5Key;
+#endif
+ CK_KEY_TYPE key_type;
+ CK_RV crv = CKR_OK;
+ unsigned effectiveKeyLength;
+ unsigned char newdeskey[24];
+ PRBool useNewKey = PR_FALSE;
+ int t;
+
+ crv = sftk_MechAllowsOperation(pMechanism->mechanism, mechUsage);
+ if (crv != CKR_OK)
+ return crv;
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+
+ crv = sftk_InitGeneric(session, &context, contextType, &key, hKey, &key_type,
+ isEncrypt ? CKO_PUBLIC_KEY : CKO_PRIVATE_KEY, keyUsage);
+
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ context->doPad = PR_FALSE;
+ switch (pMechanism->mechanism) {
+ case CKM_RSA_PKCS:
+ case CKM_RSA_X_509:
+ if (key_type != CKK_RSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ context->multi = PR_FALSE;
+ context->rsa = PR_TRUE;
+ if (isEncrypt) {
+ NSSLOWKEYPublicKey *pubKey = sftk_GetPubKey(key, CKK_RSA, &crv);
+ if (pubKey == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->maxLen = nsslowkey_PublicModulusLen(pubKey);
+ context->cipherInfo = (void *)pubKey;
+ context->update = (SFTKCipher)(pMechanism->mechanism == CKM_RSA_X_509
+ ? sftk_RSAEncryptRaw
+ : sftk_RSAEncrypt);
+ } else {
+ NSSLOWKEYPrivateKey *privKey = sftk_GetPrivKey(key, CKK_RSA, &crv);
+ if (privKey == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->maxLen = nsslowkey_PrivateModulusLen(privKey);
+ context->cipherInfo = (void *)privKey;
+ context->update = (SFTKCipher)(pMechanism->mechanism == CKM_RSA_X_509
+ ? sftk_RSADecryptRaw
+ : sftk_RSADecrypt);
+ }
+ context->destroy = sftk_Null;
+ break;
+ case CKM_RSA_PKCS_OAEP:
+ if (key_type != CKK_RSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ if (pMechanism->ulParameterLen != sizeof(CK_RSA_PKCS_OAEP_PARAMS) ||
+ !sftk_ValidateOaepParams((CK_RSA_PKCS_OAEP_PARAMS *)pMechanism->pParameter)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ context->multi = PR_FALSE;
+ context->rsa = PR_TRUE;
+ if (isEncrypt) {
+ SFTKOAEPEncryptInfo *info = PORT_New(SFTKOAEPEncryptInfo);
+ if (info == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ info->params = pMechanism->pParameter;
+ info->key = sftk_GetPubKey(key, CKK_RSA, &crv);
+ if (info->key == NULL) {
+ PORT_Free(info);
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->update = (SFTKCipher)sftk_RSAEncryptOAEP;
+ context->maxLen = nsslowkey_PublicModulusLen(info->key);
+ context->cipherInfo = info;
+ } else {
+ SFTKOAEPDecryptInfo *info = PORT_New(SFTKOAEPDecryptInfo);
+ if (info == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ info->params = pMechanism->pParameter;
+ info->key = sftk_GetPrivKey(key, CKK_RSA, &crv);
+ if (info->key == NULL) {
+ PORT_Free(info);
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->update = (SFTKCipher)sftk_RSADecryptOAEP;
+ context->maxLen = nsslowkey_PrivateModulusLen(info->key);
+ context->cipherInfo = info;
+ }
+ context->destroy = (SFTKDestroy)sftk_Space;
+ break;
+ case CKM_RC2_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_RC2_ECB:
+ case CKM_RC2_CBC:
+ context->blockSize = 8;
+ if (key_type != CKK_RC2) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ rc2_param = (CK_RC2_CBC_PARAMS *)pMechanism->pParameter;
+ effectiveKeyLength = (rc2_param->ulEffectiveBits + 7) / 8;
+ context->cipherInfo =
+ RC2_CreateContext((unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen, rc2_param->iv,
+ pMechanism->mechanism == CKM_RC2_ECB ? NSS_RC2 : NSS_RC2_CBC, effectiveKeyLength);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? RC2_Encrypt : RC2_Decrypt);
+ context->destroy = (SFTKDestroy)RC2_DestroyContext;
+ break;
+#if NSS_SOFTOKEN_DOES_RC5
+ case CKM_RC5_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_RC5_ECB:
+ case CKM_RC5_CBC:
+ if (key_type != CKK_RC5) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ rc5_param = (CK_RC5_CBC_PARAMS *)pMechanism->pParameter;
+ context->blockSize = rc5_param->ulWordsize * 2;
+ rc5Key.data = (unsigned char *)att->attrib.pValue;
+ rc5Key.len = att->attrib.ulValueLen;
+ context->cipherInfo = RC5_CreateContext(&rc5Key, rc5_param->ulRounds,
+ rc5_param->ulWordsize, rc5_param->pIv,
+ pMechanism->mechanism == CKM_RC5_ECB ? NSS_RC5 : NSS_RC5_CBC);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? RC5_Encrypt : RC5_Decrypt);
+ context->destroy = (SFTKDestroy)RC5_DestroyContext;
+ break;
+#endif
+ case CKM_RC4:
+ if (key_type != CKK_RC4) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->cipherInfo =
+ RC4_CreateContext((unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY; /* WRONG !!! */
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? RC4_Encrypt : RC4_Decrypt);
+ context->destroy = (SFTKDestroy)RC4_DestroyContext;
+ break;
+ case CKM_CDMF_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_CDMF_ECB:
+ case CKM_CDMF_CBC:
+ if (key_type != CKK_CDMF) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ t = (pMechanism->mechanism == CKM_CDMF_ECB) ? NSS_DES : NSS_DES_CBC;
+ goto finish_des;
+ case CKM_DES_ECB:
+ if (key_type != CKK_DES) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ t = NSS_DES;
+ goto finish_des;
+ case CKM_DES_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_DES_CBC:
+ if (key_type != CKK_DES) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ t = NSS_DES_CBC;
+ goto finish_des;
+ case CKM_DES3_ECB:
+ if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ t = NSS_DES_EDE3;
+ goto finish_des;
+ case CKM_DES3_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_DES3_CBC:
+ if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ t = NSS_DES_EDE3_CBC;
+ finish_des:
+ context->blockSize = 8;
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ if (key_type == CKK_DES2 &&
+ (t == NSS_DES_EDE3_CBC || t == NSS_DES_EDE3)) {
+ /* extend DES2 key to DES3 key. */
+ memcpy(newdeskey, att->attrib.pValue, 16);
+ memcpy(newdeskey + 16, newdeskey, 8);
+ useNewKey = PR_TRUE;
+ } else if (key_type == CKK_CDMF) {
+ crv = sftk_cdmf2des((unsigned char *)att->attrib.pValue, newdeskey);
+ if (crv != CKR_OK) {
+ sftk_FreeAttribute(att);
+ break;
+ }
+ useNewKey = PR_TRUE;
+ }
+ context->cipherInfo = DES_CreateContext(
+ useNewKey ? newdeskey : (unsigned char *)att->attrib.pValue,
+ (unsigned char *)pMechanism->pParameter, t, isEncrypt);
+ if (useNewKey)
+ memset(newdeskey, 0, sizeof newdeskey);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? DES_Encrypt : DES_Decrypt);
+ context->destroy = (SFTKDestroy)DES_DestroyContext;
+ break;
+ case CKM_SEED_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_SEED_CBC:
+ if (!pMechanism->pParameter ||
+ pMechanism->ulParameterLen != 16) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ /* fall thru */
+ case CKM_SEED_ECB:
+ context->blockSize = 16;
+ if (key_type != CKK_SEED) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->cipherInfo = SEED_CreateContext(
+ (unsigned char *)att->attrib.pValue,
+ (unsigned char *)pMechanism->pParameter,
+ pMechanism->mechanism == CKM_SEED_ECB ? NSS_SEED : NSS_SEED_CBC,
+ isEncrypt);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? SEED_Encrypt : SEED_Decrypt);
+ context->destroy = (SFTKDestroy)SEED_DestroyContext;
+ break;
+
+ case CKM_CAMELLIA_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_CAMELLIA_CBC:
+ if (!pMechanism->pParameter ||
+ pMechanism->ulParameterLen != 16) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ /* fall thru */
+ case CKM_CAMELLIA_ECB:
+ context->blockSize = 16;
+ if (key_type != CKK_CAMELLIA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->cipherInfo = Camellia_CreateContext(
+ (unsigned char *)att->attrib.pValue,
+ (unsigned char *)pMechanism->pParameter,
+ pMechanism->mechanism ==
+ CKM_CAMELLIA_ECB
+ ? NSS_CAMELLIA
+ : NSS_CAMELLIA_CBC,
+ isEncrypt, att->attrib.ulValueLen);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? Camellia_Encrypt : Camellia_Decrypt);
+ context->destroy = (SFTKDestroy)Camellia_DestroyContext;
+ break;
+
+ case CKM_AES_CBC_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_AES_ECB:
+ case CKM_AES_CBC:
+ context->blockSize = 16;
+ case CKM_AES_CTS:
+ case CKM_AES_CTR:
+ case CKM_AES_GCM:
+ if (pMechanism->mechanism == CKM_AES_GCM) {
+ context->multi = PR_FALSE;
+ }
+ if (key_type != CKK_AES) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->cipherInfo = AES_CreateContext(
+ (unsigned char *)att->attrib.pValue,
+ (unsigned char *)pMechanism->pParameter,
+ sftk_aes_mode(pMechanism->mechanism),
+ isEncrypt, att->attrib.ulValueLen, 16);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? AES_Encrypt : AES_Decrypt);
+ context->destroy = (SFTKDestroy)AES_DestroyContext;
+ break;
+
+ case CKM_NSS_CHACHA20_POLY1305:
+ if (pMechanism->ulParameterLen != sizeof(CK_NSS_AEAD_PARAMS)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ context->multi = PR_FALSE;
+ if (key_type != CKK_NSS_CHACHA20) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->cipherInfo = sftk_ChaCha20Poly1305_CreateContext(
+ (unsigned char *)att->attrib.pValue, att->attrib.ulValueLen,
+ (CK_NSS_AEAD_PARAMS *)pMechanism->pParameter);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? sftk_ChaCha20Poly1305_Encrypt : sftk_ChaCha20Poly1305_Decrypt);
+ context->destroy = (SFTKDestroy)sftk_ChaCha20Poly1305_DestroyContext;
+ break;
+
+ case CKM_NSS_AES_KEY_WRAP_PAD:
+ context->doPad = PR_TRUE;
+ /* fall thru */
+ case CKM_NSS_AES_KEY_WRAP:
+ context->multi = PR_FALSE;
+ context->blockSize = 8;
+ if (key_type != CKK_AES) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ if (att == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ context->cipherInfo = AESKeyWrap_CreateContext(
+ (unsigned char *)att->attrib.pValue,
+ (unsigned char *)pMechanism->pParameter,
+ isEncrypt, att->attrib.ulValueLen);
+ sftk_FreeAttribute(att);
+ if (context->cipherInfo == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->update = (SFTKCipher)(isEncrypt ? AESKeyWrap_Encrypt
+ : AESKeyWrap_Decrypt);
+ context->destroy = (SFTKDestroy)AESKeyWrap_DestroyContext;
+ break;
+
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeContext(context);
+ sftk_FreeSession(session);
+ return crv;
+ }
+ sftk_SetContextByType(session, contextType, context);
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_EncryptInit initializes an encryption operation. */
+CK_RV
+NSC_EncryptInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ CHECK_FORK();
+ return sftk_CryptInit(hSession, pMechanism, hKey, CKA_ENCRYPT, CKA_ENCRYPT,
+ SFTK_ENCRYPT, PR_TRUE);
+}
+
+/* NSC_EncryptUpdate continues a multiple-part encryption operation. */
+CK_RV
+NSC_EncryptUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ SFTKSessionContext *context;
+ unsigned int outlen, i;
+ unsigned int padoutlen = 0;
+ unsigned int maxout = *pulEncryptedPartLen;
+ CK_RV crv;
+ SECStatus rv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_ENCRYPT, PR_TRUE, NULL);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (!pEncryptedPart) {
+ if (context->doPad) {
+ CK_ULONG totalDataAvailable = ulPartLen + context->padDataLength;
+ CK_ULONG blocksToSend = totalDataAvailable / context->blockSize;
+
+ *pulEncryptedPartLen = blocksToSend * context->blockSize;
+ return CKR_OK;
+ }
+ *pulEncryptedPartLen = ulPartLen;
+ return CKR_OK;
+ }
+
+ /* do padding */
+ if (context->doPad) {
+ /* deal with previous buffered data */
+ if (context->padDataLength != 0) {
+ /* fill in the padded to a full block size */
+ for (i = context->padDataLength;
+ (ulPartLen != 0) && i < context->blockSize; i++) {
+ context->padBuf[i] = *pPart++;
+ ulPartLen--;
+ context->padDataLength++;
+ }
+
+ /* not enough data to encrypt yet? then return */
+ if (context->padDataLength != context->blockSize) {
+ *pulEncryptedPartLen = 0;
+ return CKR_OK;
+ }
+ /* encrypt the current padded data */
+ rv = (*context->update)(context->cipherInfo, pEncryptedPart,
+ &padoutlen, context->blockSize, context->padBuf,
+ context->blockSize);
+ if (rv != SECSuccess) {
+ return sftk_MapCryptError(PORT_GetError());
+ }
+ pEncryptedPart += padoutlen;
+ maxout -= padoutlen;
+ }
+ /* save the residual */
+ context->padDataLength = ulPartLen % context->blockSize;
+ if (context->padDataLength) {
+ PORT_Memcpy(context->padBuf,
+ &pPart[ulPartLen - context->padDataLength],
+ context->padDataLength);
+ ulPartLen -= context->padDataLength;
+ }
+ /* if we've exhausted our new buffer, we're done */
+ if (ulPartLen == 0) {
+ *pulEncryptedPartLen = padoutlen;
+ return CKR_OK;
+ }
+ }
+
+ /* do it: NOTE: this assumes buf size in is >= buf size out! */
+ rv = (*context->update)(context->cipherInfo, pEncryptedPart,
+ &outlen, maxout, pPart, ulPartLen);
+ *pulEncryptedPartLen = (CK_ULONG)(outlen + padoutlen);
+ return (rv == SECSuccess) ? CKR_OK : sftk_MapCryptError(PORT_GetError());
+}
+
+/* NSC_EncryptFinal finishes a multiple-part encryption operation. */
+CK_RV
+NSC_EncryptFinal(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int outlen, i;
+ unsigned int maxout = *pulLastEncryptedPartLen;
+ CK_RV crv;
+ SECStatus rv = SECSuccess;
+ PRBool contextFinished = PR_TRUE;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_ENCRYPT, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ *pulLastEncryptedPartLen = 0;
+ if (!pLastEncryptedPart) {
+ /* caller is checking the amount of remaining data */
+ if (context->blockSize > 0 && context->doPad) {
+ *pulLastEncryptedPartLen = context->blockSize;
+ contextFinished = PR_FALSE; /* still have padding to go */
+ }
+ goto finish;
+ }
+
+ /* do padding */
+ if (context->doPad) {
+ unsigned char padbyte = (unsigned char)(context->blockSize - context->padDataLength);
+ /* fill out rest of pad buffer with pad magic*/
+ for (i = context->padDataLength; i < context->blockSize; i++) {
+ context->padBuf[i] = padbyte;
+ }
+ rv = (*context->update)(context->cipherInfo, pLastEncryptedPart,
+ &outlen, maxout, context->padBuf, context->blockSize);
+ if (rv == SECSuccess)
+ *pulLastEncryptedPartLen = (CK_ULONG)outlen;
+ }
+
+finish:
+ if (contextFinished)
+ sftk_TerminateOp(session, SFTK_ENCRYPT, context);
+ sftk_FreeSession(session);
+ return (rv == SECSuccess) ? CKR_OK : sftk_MapCryptError(PORT_GetError());
+}
+
+/* NSC_Encrypt encrypts single-part data. */
+CK_RV
+NSC_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData,
+ CK_ULONG_PTR pulEncryptedDataLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int outlen;
+ unsigned int maxoutlen = *pulEncryptedDataLen;
+ CK_RV crv;
+ CK_RV crv2;
+ SECStatus rv = SECSuccess;
+ SECItem pText;
+
+ pText.type = siBuffer;
+ pText.data = pData;
+ pText.len = ulDataLen;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_ENCRYPT, PR_FALSE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (!pEncryptedData) {
+ *pulEncryptedDataLen = context->rsa ? context->maxLen : ulDataLen + 2 * context->blockSize;
+ goto finish;
+ }
+
+ if (context->doPad) {
+ if (context->multi) {
+ CK_ULONG finalLen;
+ /* padding is fairly complicated, have the update and final
+ * code deal with it */
+ sftk_FreeSession(session);
+ crv = NSC_EncryptUpdate(hSession, pData, ulDataLen, pEncryptedData,
+ pulEncryptedDataLen);
+ if (crv != CKR_OK)
+ *pulEncryptedDataLen = 0;
+ maxoutlen -= *pulEncryptedDataLen;
+ pEncryptedData += *pulEncryptedDataLen;
+ finalLen = maxoutlen;
+ crv2 = NSC_EncryptFinal(hSession, pEncryptedData, &finalLen);
+ if (crv2 == CKR_OK)
+ *pulEncryptedDataLen += finalLen;
+ return crv == CKR_OK ? crv2 : crv;
+ }
+ /* doPad without multi means that padding must be done on the first
+ ** and only update. There will be no final.
+ */
+ PORT_Assert(context->blockSize > 1);
+ if (context->blockSize > 1) {
+ CK_ULONG remainder = ulDataLen % context->blockSize;
+ CK_ULONG padding = context->blockSize - remainder;
+ pText.len += padding;
+ pText.data = PORT_ZAlloc(pText.len);
+ if (pText.data) {
+ memcpy(pText.data, pData, ulDataLen);
+ memset(pText.data + ulDataLen, padding, padding);
+ } else {
+ crv = CKR_HOST_MEMORY;
+ goto fail;
+ }
+ }
+ }
+
+ /* do it: NOTE: this assumes buf size is big enough. */
+ rv = (*context->update)(context->cipherInfo, pEncryptedData,
+ &outlen, maxoutlen, pText.data, pText.len);
+ crv = (rv == SECSuccess) ? CKR_OK : sftk_MapCryptError(PORT_GetError());
+ *pulEncryptedDataLen = (CK_ULONG)outlen;
+ if (pText.data != pData)
+ PORT_ZFree(pText.data, pText.len);
+fail:
+ sftk_TerminateOp(session, SFTK_ENCRYPT, context);
+finish:
+ sftk_FreeSession(session);
+
+ return crv;
+}
+
+/*
+ ************** Crypto Functions: Decrypt ************************
+ */
+
+/* NSC_DecryptInit initializes a decryption operation. */
+CK_RV
+NSC_DecryptInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ CHECK_FORK();
+ return sftk_CryptInit(hSession, pMechanism, hKey, CKA_DECRYPT, CKA_DECRYPT,
+ SFTK_DECRYPT, PR_FALSE);
+}
+
+/* NSC_DecryptUpdate continues a multiple-part decryption operation. */
+CK_RV
+NSC_DecryptUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
+{
+ SFTKSessionContext *context;
+ unsigned int padoutlen = 0;
+ unsigned int outlen;
+ unsigned int maxout = *pulPartLen;
+ CK_RV crv;
+ SECStatus rv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_DECRYPT, PR_TRUE, NULL);
+ if (crv != CKR_OK)
+ return crv;
+
+ /* this can only happen on an NSS programming error */
+ PORT_Assert((context->padDataLength == 0) || context->padDataLength == context->blockSize);
+
+ if (context->doPad) {
+ /* Check the data length for block ciphers. If we are padding,
+ * then we must be using a block cipher. In the non-padding case
+ * the error will be returned by the underlying decryption
+ * function when we do the actual decrypt. We need to do the
+ * check here to avoid returning a negative length to the caller
+ * or reading before the beginning of the pEncryptedPart buffer.
+ */
+ if ((ulEncryptedPartLen == 0) ||
+ (ulEncryptedPartLen % context->blockSize) != 0) {
+ return CKR_ENCRYPTED_DATA_LEN_RANGE;
+ }
+ }
+
+ if (!pPart) {
+ if (context->doPad) {
+ *pulPartLen =
+ ulEncryptedPartLen + context->padDataLength - context->blockSize;
+ return CKR_OK;
+ }
+ /* for stream ciphers there is are no constraints on ulEncryptedPartLen.
+ * for block ciphers, it must be a multiple of blockSize. The error is
+ * detected when this function is called again do decrypt the output.
+ */
+ *pulPartLen = ulEncryptedPartLen;
+ return CKR_OK;
+ }
+
+ if (context->doPad) {
+ /* first decrypt our saved buffer */
+ if (context->padDataLength != 0) {
+ rv = (*context->update)(context->cipherInfo, pPart, &padoutlen,
+ maxout, context->padBuf, context->blockSize);
+ if (rv != SECSuccess)
+ return sftk_MapDecryptError(PORT_GetError());
+ pPart += padoutlen;
+ maxout -= padoutlen;
+ }
+ /* now save the final block for the next decrypt or the final */
+ PORT_Memcpy(context->padBuf, &pEncryptedPart[ulEncryptedPartLen -
+ context->blockSize],
+ context->blockSize);
+ context->padDataLength = context->blockSize;
+ ulEncryptedPartLen -= context->padDataLength;
+ }
+
+ /* do it: NOTE: this assumes buf size in is >= buf size out! */
+ rv = (*context->update)(context->cipherInfo, pPart, &outlen,
+ maxout, pEncryptedPart, ulEncryptedPartLen);
+ *pulPartLen = (CK_ULONG)(outlen + padoutlen);
+ return (rv == SECSuccess) ? CKR_OK : sftk_MapDecryptError(PORT_GetError());
+}
+
+/* NSC_DecryptFinal finishes a multiple-part decryption operation. */
+CK_RV
+NSC_DecryptFinal(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int outlen;
+ unsigned int maxout = *pulLastPartLen;
+ CK_RV crv;
+ SECStatus rv = SECSuccess;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_DECRYPT, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ *pulLastPartLen = 0;
+ if (!pLastPart) {
+ /* caller is checking the amount of remaining data */
+ if (context->padDataLength > 0) {
+ *pulLastPartLen = context->padDataLength;
+ }
+ goto finish;
+ }
+
+ if (context->doPad) {
+ /* decrypt our saved buffer */
+ if (context->padDataLength != 0) {
+ /* this assumes that pLastPart is big enough to hold the *whole*
+ * buffer!!! */
+ rv = (*context->update)(context->cipherInfo, pLastPart, &outlen,
+ maxout, context->padBuf, context->blockSize);
+ if (rv != SECSuccess) {
+ crv = sftk_MapDecryptError(PORT_GetError());
+ } else {
+ unsigned int padSize =
+ (unsigned int)pLastPart[context->blockSize - 1];
+ if ((padSize > context->blockSize) || (padSize == 0)) {
+ crv = CKR_ENCRYPTED_DATA_INVALID;
+ } else {
+ unsigned int i;
+ unsigned int badPadding = 0; /* used as a boolean */
+ for (i = 0; i < padSize; i++) {
+ badPadding |=
+ (unsigned int)pLastPart[context->blockSize - 1 - i] ^
+ padSize;
+ }
+ if (badPadding) {
+ crv = CKR_ENCRYPTED_DATA_INVALID;
+ } else {
+ *pulLastPartLen = outlen - padSize;
+ }
+ }
+ }
+ }
+ }
+
+ sftk_TerminateOp(session, SFTK_DECRYPT, context);
+finish:
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/* NSC_Decrypt decrypts encrypted data in a single part. */
+CK_RV
+NSC_Decrypt(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData,
+ CK_ULONG_PTR pulDataLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int outlen;
+ unsigned int maxoutlen = *pulDataLen;
+ CK_RV crv;
+ CK_RV crv2;
+ SECStatus rv = SECSuccess;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_DECRYPT, PR_FALSE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (!pData) {
+ *pulDataLen = ulEncryptedDataLen + context->blockSize;
+ goto finish;
+ }
+
+ if (context->doPad && context->multi) {
+ CK_ULONG finalLen;
+ /* padding is fairly complicated, have the update and final
+ * code deal with it */
+ sftk_FreeSession(session);
+ crv = NSC_DecryptUpdate(hSession, pEncryptedData, ulEncryptedDataLen,
+ pData, pulDataLen);
+ if (crv != CKR_OK)
+ *pulDataLen = 0;
+ maxoutlen -= *pulDataLen;
+ pData += *pulDataLen;
+ finalLen = maxoutlen;
+ crv2 = NSC_DecryptFinal(hSession, pData, &finalLen);
+ if (crv2 == CKR_OK)
+ *pulDataLen += finalLen;
+ return crv == CKR_OK ? crv2 : crv;
+ }
+
+ rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen,
+ pEncryptedData, ulEncryptedDataLen);
+ /* XXX need to do MUCH better error mapping than this. */
+ crv = (rv == SECSuccess) ? CKR_OK : sftk_MapDecryptError(PORT_GetError());
+ if (rv == SECSuccess && context->doPad) {
+ unsigned int padding = pData[outlen - 1];
+ if (padding > context->blockSize || !padding) {
+ crv = CKR_ENCRYPTED_DATA_INVALID;
+ } else {
+ unsigned int i;
+ unsigned int badPadding = 0; /* used as a boolean */
+ for (i = 0; i < padding; i++) {
+ badPadding |= (unsigned int)pData[outlen - 1 - i] ^ padding;
+ }
+ if (badPadding) {
+ crv = CKR_ENCRYPTED_DATA_INVALID;
+ } else {
+ outlen -= padding;
+ }
+ }
+ }
+ *pulDataLen = (CK_ULONG)outlen;
+ sftk_TerminateOp(session, SFTK_DECRYPT, context);
+finish:
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/*
+ ************** Crypto Functions: Digest (HASH) ************************
+ */
+
+/* NSC_DigestInit initializes a message-digesting operation. */
+CK_RV
+NSC_DigestInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ CK_RV crv = CKR_OK;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ crv = sftk_InitGeneric(session, &context, SFTK_HASH, NULL, 0, NULL, 0, 0);
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+#define INIT_MECH(mech, mmm) \
+ case mech: { \
+ mmm##Context *mmm##_ctx = mmm##_NewContext(); \
+ context->cipherInfo = (void *)mmm##_ctx; \
+ context->cipherInfoLen = mmm##_FlattenSize(mmm##_ctx); \
+ context->currentMech = mech; \
+ context->hashUpdate = (SFTKHash)mmm##_Update; \
+ context->end = (SFTKEnd)mmm##_End; \
+ context->destroy = (SFTKDestroy)mmm##_DestroyContext; \
+ context->maxLen = mmm##_LENGTH; \
+ if (mmm##_ctx) \
+ mmm##_Begin(mmm##_ctx); \
+ else \
+ crv = CKR_HOST_MEMORY; \
+ break; \
+ }
+
+ switch (pMechanism->mechanism) {
+ INIT_MECH(CKM_MD2, MD2)
+ INIT_MECH(CKM_MD5, MD5)
+ INIT_MECH(CKM_SHA_1, SHA1)
+ INIT_MECH(CKM_SHA224, SHA224)
+ INIT_MECH(CKM_SHA256, SHA256)
+ INIT_MECH(CKM_SHA384, SHA384)
+ INIT_MECH(CKM_SHA512, SHA512)
+
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeContext(context);
+ sftk_FreeSession(session);
+ return crv;
+ }
+ sftk_SetContextByType(session, SFTK_HASH, context);
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_Digest digests data in a single part. */
+CK_RV
+NSC_Digest(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int digestLen;
+ unsigned int maxout = *pulDigestLen;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_HASH, PR_FALSE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (pDigest == NULL) {
+ *pulDigestLen = context->maxLen;
+ goto finish;
+ }
+
+ /* do it: */
+ (*context->hashUpdate)(context->cipherInfo, pData, ulDataLen);
+ /* NOTE: this assumes buf size is bigenough for the algorithm */
+ (*context->end)(context->cipherInfo, pDigest, &digestLen, maxout);
+ *pulDigestLen = digestLen;
+
+ sftk_TerminateOp(session, SFTK_HASH, context);
+finish:
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_DigestUpdate continues a multiple-part message-digesting operation. */
+CK_RV
+NSC_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ SFTKSessionContext *context;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_HASH, PR_TRUE, NULL);
+ if (crv != CKR_OK)
+ return crv;
+ /* do it: */
+ (*context->hashUpdate)(context->cipherInfo, pPart, ulPartLen);
+ return CKR_OK;
+}
+
+/* NSC_DigestFinal finishes a multiple-part message-digesting operation. */
+CK_RV
+NSC_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int maxout = *pulDigestLen;
+ unsigned int digestLen;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_HASH, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (pDigest != NULL) {
+ (*context->end)(context->cipherInfo, pDigest, &digestLen, maxout);
+ *pulDigestLen = digestLen;
+ sftk_TerminateOp(session, SFTK_HASH, context);
+ } else {
+ *pulDigestLen = context->maxLen;
+ }
+
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/*
+ * these helper functions are used by Generic Macing and Signing functions
+ * that use hashes as part of their operations.
+ */
+#define DOSUB(mmm) \
+ static CK_RV \
+ sftk_doSub##mmm(SFTKSessionContext *context) \
+ { \
+ mmm##Context *mmm##_ctx = mmm##_NewContext(); \
+ context->hashInfo = (void *)mmm##_ctx; \
+ context->hashUpdate = (SFTKHash)mmm##_Update; \
+ context->end = (SFTKEnd)mmm##_End; \
+ context->hashdestroy = (SFTKDestroy)mmm##_DestroyContext; \
+ if (!context->hashInfo) { \
+ return CKR_HOST_MEMORY; \
+ } \
+ mmm##_Begin(mmm##_ctx); \
+ return CKR_OK; \
+ }
+
+DOSUB(MD2)
+DOSUB(MD5)
+DOSUB(SHA1)
+DOSUB(SHA224)
+DOSUB(SHA256)
+DOSUB(SHA384)
+DOSUB(SHA512)
+
+static SECStatus
+sftk_SignCopy(
+ CK_ULONG *copyLen,
+ void *out, unsigned int *outLength,
+ unsigned int maxLength,
+ const unsigned char *hashResult,
+ unsigned int hashResultLength)
+{
+ unsigned int toCopy = *copyLen;
+ if (toCopy > maxLength) {
+ toCopy = maxLength;
+ }
+ if (toCopy > hashResultLength) {
+ toCopy = hashResultLength;
+ }
+ memcpy(out, hashResult, toCopy);
+ if (outLength) {
+ *outLength = toCopy;
+ }
+ return SECSuccess;
+}
+
+/* Verify is just a compare for HMAC */
+static SECStatus
+sftk_HMACCmp(CK_ULONG *copyLen, unsigned char *sig, unsigned int sigLen,
+ unsigned char *hash, unsigned int hashLen)
+{
+ return (PORT_Memcmp(sig, hash, *copyLen) == 0) ? SECSuccess : SECFailure;
+}
+
+/*
+ * common HMAC initalization routine
+ */
+static CK_RV
+sftk_doHMACInit(SFTKSessionContext *context, HASH_HashType hash,
+ SFTKObject *key, CK_ULONG mac_size)
+{
+ SFTKAttribute *keyval;
+ HMACContext *HMACcontext;
+ CK_ULONG *intpointer;
+ const SECHashObject *hashObj = HASH_GetRawHashObject(hash);
+ PRBool isFIPS = (key->slot->slotID == FIPS_SLOT_ID);
+
+ /* required by FIPS 198 Section 4 */
+ if (isFIPS && (mac_size < 4 || mac_size < hashObj->length / 2)) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ keyval = sftk_FindAttribute(key, CKA_VALUE);
+ if (keyval == NULL)
+ return CKR_KEY_SIZE_RANGE;
+
+ HMACcontext = HMAC_Create(hashObj,
+ (const unsigned char *)keyval->attrib.pValue,
+ keyval->attrib.ulValueLen, isFIPS);
+ context->hashInfo = HMACcontext;
+ context->multi = PR_TRUE;
+ sftk_FreeAttribute(keyval);
+ if (context->hashInfo == NULL) {
+ if (PORT_GetError() == SEC_ERROR_INVALID_ARGS) {
+ return CKR_KEY_SIZE_RANGE;
+ }
+ return CKR_HOST_MEMORY;
+ }
+ context->hashUpdate = (SFTKHash)HMAC_Update;
+ context->end = (SFTKEnd)HMAC_Finish;
+
+ context->hashdestroy = (SFTKDestroy)HMAC_Destroy;
+ intpointer = PORT_New(CK_ULONG);
+ if (intpointer == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ *intpointer = mac_size;
+ context->cipherInfo = intpointer;
+ context->destroy = (SFTKDestroy)sftk_Space;
+ context->update = (SFTKCipher)sftk_SignCopy;
+ context->verify = (SFTKVerify)sftk_HMACCmp;
+ context->maxLen = hashObj->length;
+ HMAC_Begin(HMACcontext);
+ return CKR_OK;
+}
+
+/*
+ * SSL Macing support. SSL Macs are inited, then update with the base
+ * hashing algorithm, then finalized in sign and verify
+ */
+
+/*
+ * FROM SSL:
+ * 60 bytes is 3 times the maximum length MAC size that is supported.
+ * We probably should have one copy of this table. We still need this table
+ * in ssl to 'sign' the handshake hashes.
+ */
+static unsigned char ssl_pad_1[60] = {
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36
+};
+static unsigned char ssl_pad_2[60] = {
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c
+};
+
+static SECStatus
+sftk_SSLMACSign(SFTKSSLMACInfo *info, unsigned char *sig, unsigned int *sigLen,
+ unsigned int maxLen, unsigned char *hash, unsigned int hashLen)
+{
+ unsigned char tmpBuf[SFTK_MAX_MAC_LENGTH];
+ unsigned int out;
+
+ info->begin(info->hashContext);
+ info->update(info->hashContext, info->key, info->keySize);
+ info->update(info->hashContext, ssl_pad_2, info->padSize);
+ info->update(info->hashContext, hash, hashLen);
+ info->end(info->hashContext, tmpBuf, &out, SFTK_MAX_MAC_LENGTH);
+ PORT_Memcpy(sig, tmpBuf, info->macSize);
+ *sigLen = info->macSize;
+ return SECSuccess;
+}
+
+static SECStatus
+sftk_SSLMACVerify(SFTKSSLMACInfo *info, unsigned char *sig, unsigned int sigLen,
+ unsigned char *hash, unsigned int hashLen)
+{
+ unsigned char tmpBuf[SFTK_MAX_MAC_LENGTH];
+ unsigned int out;
+
+ info->begin(info->hashContext);
+ info->update(info->hashContext, info->key, info->keySize);
+ info->update(info->hashContext, ssl_pad_2, info->padSize);
+ info->update(info->hashContext, hash, hashLen);
+ info->end(info->hashContext, tmpBuf, &out, SFTK_MAX_MAC_LENGTH);
+ return (PORT_Memcmp(sig, tmpBuf, info->macSize) == 0) ? SECSuccess : SECFailure;
+}
+
+/*
+ * common HMAC initalization routine
+ */
+static CK_RV
+sftk_doSSLMACInit(SFTKSessionContext *context, SECOidTag oid,
+ SFTKObject *key, CK_ULONG mac_size)
+{
+ SFTKAttribute *keyval;
+ SFTKBegin begin;
+ int padSize;
+ SFTKSSLMACInfo *sslmacinfo;
+ CK_RV crv = CKR_MECHANISM_INVALID;
+
+ if (oid == SEC_OID_SHA1) {
+ crv = sftk_doSubSHA1(context);
+ if (crv != CKR_OK)
+ return crv;
+ begin = (SFTKBegin)SHA1_Begin;
+ padSize = 40;
+ } else {
+ crv = sftk_doSubMD5(context);
+ if (crv != CKR_OK)
+ return crv;
+ begin = (SFTKBegin)MD5_Begin;
+ padSize = 48;
+ }
+ context->multi = PR_TRUE;
+
+ keyval = sftk_FindAttribute(key, CKA_VALUE);
+ if (keyval == NULL)
+ return CKR_KEY_SIZE_RANGE;
+
+ context->hashUpdate(context->hashInfo, keyval->attrib.pValue,
+ keyval->attrib.ulValueLen);
+ context->hashUpdate(context->hashInfo, ssl_pad_1, padSize);
+ sslmacinfo = (SFTKSSLMACInfo *)PORT_Alloc(sizeof(SFTKSSLMACInfo));
+ if (sslmacinfo == NULL) {
+ sftk_FreeAttribute(keyval);
+ return CKR_HOST_MEMORY;
+ }
+ sslmacinfo->macSize = mac_size;
+ sslmacinfo->hashContext = context->hashInfo;
+ PORT_Memcpy(sslmacinfo->key, keyval->attrib.pValue,
+ keyval->attrib.ulValueLen);
+ sslmacinfo->keySize = keyval->attrib.ulValueLen;
+ sslmacinfo->begin = begin;
+ sslmacinfo->end = context->end;
+ sslmacinfo->update = context->hashUpdate;
+ sslmacinfo->padSize = padSize;
+ sftk_FreeAttribute(keyval);
+ context->cipherInfo = (void *)sslmacinfo;
+ context->destroy = (SFTKDestroy)sftk_Space;
+ context->update = (SFTKCipher)sftk_SSLMACSign;
+ context->verify = (SFTKVerify)sftk_SSLMACVerify;
+ context->maxLen = mac_size;
+ return CKR_OK;
+}
+
+/*
+ ************** Crypto Functions: Sign ************************
+ */
+
+/**
+ * Check if We're using CBCMacing and initialize the session context if we are.
+ * @param contextType SFTK_SIGN or SFTK_VERIFY
+ * @param keyUsage check whether key allows this usage
+ */
+static CK_RV
+sftk_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE keyUsage,
+ SFTKContextType contextType)
+
+{
+ CK_MECHANISM cbc_mechanism;
+ CK_ULONG mac_bytes = SFTK_INVALID_MAC_SIZE;
+ CK_RC2_CBC_PARAMS rc2_params;
+#if NSS_SOFTOKEN_DOES_RC5
+ CK_RC5_CBC_PARAMS rc5_params;
+ CK_RC5_MAC_GENERAL_PARAMS *rc5_mac;
+#endif
+ unsigned char ivBlock[SFTK_MAX_BLOCK_SIZE];
+ SFTKSessionContext *context;
+ CK_RV crv;
+ unsigned int blockSize;
+
+ switch (pMechanism->mechanism) {
+ case CKM_RC2_MAC_GENERAL:
+ if (!pMechanism->pParameter) {
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+ mac_bytes =
+ ((CK_RC2_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
+ /* fall through */
+ case CKM_RC2_MAC:
+ /* this works because ulEffectiveBits is in the same place in both the
+ * CK_RC2_MAC_GENERAL_PARAMS and CK_RC2_CBC_PARAMS */
+ rc2_params.ulEffectiveBits = ((CK_RC2_MAC_GENERAL_PARAMS *)
+ pMechanism->pParameter)
+ ->ulEffectiveBits;
+ PORT_Memset(rc2_params.iv, 0, sizeof(rc2_params.iv));
+ cbc_mechanism.mechanism = CKM_RC2_CBC;
+ cbc_mechanism.pParameter = &rc2_params;
+ cbc_mechanism.ulParameterLen = sizeof(rc2_params);
+ blockSize = 8;
+ break;
+#if NSS_SOFTOKEN_DOES_RC5
+ case CKM_RC5_MAC_GENERAL:
+ mac_bytes =
+ ((CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
+ /* fall through */
+ case CKM_RC5_MAC:
+ /* this works because ulEffectiveBits is in the same place in both the
+ * CK_RC5_MAC_GENERAL_PARAMS and CK_RC5_CBC_PARAMS */
+ rc5_mac = (CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter;
+ rc5_params.ulWordsize = rc5_mac->ulWordsize;
+ rc5_params.ulRounds = rc5_mac->ulRounds;
+ rc5_params.pIv = ivBlock;
+ if ((blockSize = rc5_mac->ulWordsize * 2) > SFTK_MAX_BLOCK_SIZE)
+ return CKR_MECHANISM_PARAM_INVALID;
+ rc5_params.ulIvLen = blockSize;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_RC5_CBC;
+ cbc_mechanism.pParameter = &rc5_params;
+ cbc_mechanism.ulParameterLen = sizeof(rc5_params);
+ break;
+#endif
+ /* add cast and idea later */
+ case CKM_DES_MAC_GENERAL:
+ mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
+ /* fall through */
+ case CKM_DES_MAC:
+ blockSize = 8;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_DES_CBC;
+ cbc_mechanism.pParameter = &ivBlock;
+ cbc_mechanism.ulParameterLen = blockSize;
+ break;
+ case CKM_DES3_MAC_GENERAL:
+ mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
+ /* fall through */
+ case CKM_DES3_MAC:
+ blockSize = 8;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_DES3_CBC;
+ cbc_mechanism.pParameter = &ivBlock;
+ cbc_mechanism.ulParameterLen = blockSize;
+ break;
+ case CKM_CDMF_MAC_GENERAL:
+ mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
+ /* fall through */
+ case CKM_CDMF_MAC:
+ blockSize = 8;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_CDMF_CBC;
+ cbc_mechanism.pParameter = &ivBlock;
+ cbc_mechanism.ulParameterLen = blockSize;
+ break;
+ case CKM_SEED_MAC_GENERAL:
+ mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
+ /* fall through */
+ case CKM_SEED_MAC:
+ blockSize = 16;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_SEED_CBC;
+ cbc_mechanism.pParameter = &ivBlock;
+ cbc_mechanism.ulParameterLen = blockSize;
+ break;
+ case CKM_CAMELLIA_MAC_GENERAL:
+ mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
+ /* fall through */
+ case CKM_CAMELLIA_MAC:
+ blockSize = 16;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_CAMELLIA_CBC;
+ cbc_mechanism.pParameter = &ivBlock;
+ cbc_mechanism.ulParameterLen = blockSize;
+ break;
+ case CKM_AES_MAC_GENERAL:
+ mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
+ /* fall through */
+ case CKM_AES_MAC:
+ blockSize = 16;
+ PORT_Memset(ivBlock, 0, blockSize);
+ cbc_mechanism.mechanism = CKM_AES_CBC;
+ cbc_mechanism.pParameter = &ivBlock;
+ cbc_mechanism.ulParameterLen = blockSize;
+ break;
+ default:
+ return CKR_FUNCTION_NOT_SUPPORTED;
+ }
+
+ /* if MAC size is externally supplied, it should be checked.
+ */
+ if (mac_bytes == SFTK_INVALID_MAC_SIZE)
+ mac_bytes = blockSize >> 1;
+ else {
+ if (mac_bytes > blockSize)
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+
+ crv = sftk_CryptInit(hSession, &cbc_mechanism, hKey,
+ CKA_ENCRYPT, /* CBC mech is able to ENCRYPT, not SIGN/VERIFY */
+ keyUsage, contextType, PR_TRUE);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_GetContext(hSession, &context, contextType, PR_TRUE, NULL);
+
+ /* this shouldn't happen! */
+ PORT_Assert(crv == CKR_OK);
+ if (crv != CKR_OK)
+ return crv;
+ context->blockSize = blockSize;
+ context->macSize = mac_bytes;
+ return CKR_OK;
+}
+
+/*
+ * encode RSA PKCS #1 Signature data before signing...
+ */
+static SECStatus
+sftk_RSAHashSign(SFTKHashSignInfo *info, unsigned char *sig,
+ unsigned int *sigLen, unsigned int maxLen,
+ const unsigned char *hash, unsigned int hashLen)
+{
+ PORT_Assert(info->key->keyType == NSSLOWKEYRSAKey);
+ if (info->key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ return RSA_HashSign(info->hashOid, info->key, sig, sigLen, maxLen,
+ hash, hashLen);
+}
+
+/* XXX Old template; want to expunge it eventually. */
+static DERTemplate SECAlgorithmIDTemplate[] = {
+ { DER_SEQUENCE,
+ 0, NULL, sizeof(SECAlgorithmID) },
+ { DER_OBJECT_ID,
+ offsetof(SECAlgorithmID, algorithm) },
+ { DER_OPTIONAL | DER_ANY,
+ offsetof(SECAlgorithmID, parameters) },
+ { 0 }
+};
+
+/*
+ * XXX OLD Template. Once all uses have been switched over to new one,
+ * remove this.
+ */
+static DERTemplate SGNDigestInfoTemplate[] = {
+ { DER_SEQUENCE,
+ 0, NULL, sizeof(SGNDigestInfo) },
+ { DER_INLINE,
+ offsetof(SGNDigestInfo, digestAlgorithm),
+ SECAlgorithmIDTemplate },
+ { DER_OCTET_STRING,
+ offsetof(SGNDigestInfo, digest) },
+ { 0 }
+};
+
+/*
+ * encode RSA PKCS #1 Signature data before signing...
+ */
+SECStatus
+RSA_HashSign(SECOidTag hashOid, NSSLOWKEYPrivateKey *key,
+ unsigned char *sig, unsigned int *sigLen, unsigned int maxLen,
+ const unsigned char *hash, unsigned int hashLen)
+{
+ SECStatus rv = SECFailure;
+ SECItem digder;
+ PLArenaPool *arena = NULL;
+ SGNDigestInfo *di = NULL;
+
+ digder.data = NULL;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ goto loser;
+ }
+
+ /* Construct digest info */
+ di = SGN_CreateDigestInfo(hashOid, hash, hashLen);
+ if (!di) {
+ goto loser;
+ }
+
+ /* Der encode the digest as a DigestInfo */
+ rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /*
+ ** Encrypt signature after constructing appropriate PKCS#1 signature
+ ** block
+ */
+ rv = RSA_Sign(&key->u.rsa, sig, sigLen, maxLen, digder.data,
+ digder.len);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+
+loser:
+ SGN_DestroyDigestInfo(di);
+ if (arena != NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return rv;
+}
+
+static SECStatus
+sftk_RSASign(NSSLOWKEYPrivateKey *key, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = RSA_Sign(&key->u.rsa, output, outputLen, maxOutputLen, input,
+ inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ return rv;
+}
+
+static SECStatus
+sftk_RSASignRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
+ unsigned int *outputLen, unsigned int maxOutputLen,
+ const unsigned char *input, unsigned int inputLen)
+{
+ SECStatus rv = SECFailure;
+
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ rv = RSA_SignRaw(&key->u.rsa, output, outputLen, maxOutputLen, input,
+ inputLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ return rv;
+}
+
+static SECStatus
+sftk_RSASignPSS(SFTKHashSignInfo *info, unsigned char *sig,
+ unsigned int *sigLen, unsigned int maxLen,
+ const unsigned char *hash, unsigned int hashLen)
+{
+ SECStatus rv = SECFailure;
+ HASH_HashType hashAlg;
+ HASH_HashType maskHashAlg;
+ CK_RSA_PKCS_PSS_PARAMS *params = (CK_RSA_PKCS_PSS_PARAMS *)info->params;
+
+ PORT_Assert(info->key->keyType == NSSLOWKEYRSAKey);
+ if (info->key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ hashAlg = GetHashTypeFromMechanism(params->hashAlg);
+ maskHashAlg = GetHashTypeFromMechanism(params->mgf);
+
+ rv = RSA_SignPSS(&info->key->u.rsa, hashAlg, maskHashAlg, NULL,
+ params->sLen, sig, sigLen, maxLen, hash, hashLen);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ return rv;
+}
+
+static SECStatus
+nsc_DSA_Verify_Stub(void *ctx, void *sigBuf, unsigned int sigLen,
+ void *dataBuf, unsigned int dataLen)
+{
+ SECItem signature, digest;
+ NSSLOWKEYPublicKey *key = (NSSLOWKEYPublicKey *)ctx;
+
+ signature.data = (unsigned char *)sigBuf;
+ signature.len = sigLen;
+ digest.data = (unsigned char *)dataBuf;
+ digest.len = dataLen;
+ return DSA_VerifyDigest(&(key->u.dsa), &signature, &digest);
+}
+
+static SECStatus
+nsc_DSA_Sign_Stub(void *ctx, void *sigBuf,
+ unsigned int *sigLen, unsigned int maxSigLen,
+ void *dataBuf, unsigned int dataLen)
+{
+ SECItem signature, digest;
+ SECStatus rv;
+ NSSLOWKEYPrivateKey *key = (NSSLOWKEYPrivateKey *)ctx;
+
+ signature.data = (unsigned char *)sigBuf;
+ signature.len = maxSigLen;
+ digest.data = (unsigned char *)dataBuf;
+ digest.len = dataLen;
+ rv = DSA_SignDigest(&(key->u.dsa), &signature, &digest);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ *sigLen = signature.len;
+ return rv;
+}
+
+#ifndef NSS_DISABLE_ECC
+static SECStatus
+nsc_ECDSAVerifyStub(void *ctx, void *sigBuf, unsigned int sigLen,
+ void *dataBuf, unsigned int dataLen)
+{
+ SECItem signature, digest;
+ NSSLOWKEYPublicKey *key = (NSSLOWKEYPublicKey *)ctx;
+
+ signature.data = (unsigned char *)sigBuf;
+ signature.len = sigLen;
+ digest.data = (unsigned char *)dataBuf;
+ digest.len = dataLen;
+ return ECDSA_VerifyDigest(&(key->u.ec), &signature, &digest);
+}
+
+static SECStatus
+nsc_ECDSASignStub(void *ctx, void *sigBuf,
+ unsigned int *sigLen, unsigned int maxSigLen,
+ void *dataBuf, unsigned int dataLen)
+{
+ SECItem signature, digest;
+ SECStatus rv;
+ NSSLOWKEYPrivateKey *key = (NSSLOWKEYPrivateKey *)ctx;
+
+ signature.data = (unsigned char *)sigBuf;
+ signature.len = maxSigLen;
+ digest.data = (unsigned char *)dataBuf;
+ digest.len = dataLen;
+ rv = ECDSA_SignDigest(&(key->u.ec), &signature, &digest);
+ if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ *sigLen = signature.len;
+ return rv;
+}
+#endif /* NSS_DISABLE_ECC */
+
+/* NSC_SignInit setups up the signing operations. There are three basic
+ * types of signing:
+ * (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied
+ * to data in a single Sign operation (which often looks a lot like an
+ * encrypt, with data coming in and data going out).
+ * (2) Hash based signing, where we continually hash the data, then apply
+ * some sort of signature to the end.
+ * (3) Block Encryption CBC MAC's, where the Data is encrypted with a key,
+ * and only the final block is part of the mac.
+ *
+ * For case number 3, we initialize a context much like the Encryption Context
+ * (in fact we share code). We detect case 3 in C_SignUpdate, C_Sign, and
+ * C_Final by the following method... if it's not multi-part, and it's doesn't
+ * have a hash context, it must be a block Encryption CBC MAC.
+ *
+ * For case number 2, we initialize a hash structure, as well as make it
+ * multi-part. Updates are simple calls to the hash update function. Final
+ * calls the hashend, then passes the result to the 'update' function (which
+ * operates as a final signature function). In some hash based MAC'ing (as
+ * opposed to hash base signatures), the update function is can be simply a
+ * copy (as is the case with HMAC).
+ */
+CK_RV
+NSC_SignInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTKSession *session;
+ SFTKObject *key;
+ SFTKSessionContext *context;
+ CK_KEY_TYPE key_type;
+ CK_RV crv = CKR_OK;
+ NSSLOWKEYPrivateKey *privKey;
+ SFTKHashSignInfo *info = NULL;
+
+ CHECK_FORK();
+
+ /* Block Cipher MACing Algorithms use a different Context init method..*/
+ crv = sftk_InitCBCMac(hSession, pMechanism, hKey, CKA_SIGN, SFTK_SIGN);
+ if (crv != CKR_FUNCTION_NOT_SUPPORTED)
+ return crv;
+
+ /* we're not using a block cipher mac */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ crv = sftk_InitGeneric(session, &context, SFTK_SIGN, &key, hKey, &key_type,
+ CKO_PRIVATE_KEY, CKA_SIGN);
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ context->multi = PR_FALSE;
+
+#define INIT_RSA_SIGN_MECH(mmm) \
+ case CKM_##mmm##_RSA_PKCS: \
+ context->multi = PR_TRUE; \
+ crv = sftk_doSub##mmm(context); \
+ if (crv != CKR_OK) \
+ break; \
+ context->update = (SFTKCipher)sftk_RSAHashSign; \
+ info = PORT_New(SFTKHashSignInfo); \
+ if (info == NULL) { \
+ crv = CKR_HOST_MEMORY; \
+ break; \
+ } \
+ info->hashOid = SEC_OID_##mmm; \
+ goto finish_rsa;
+
+ switch (pMechanism->mechanism) {
+ INIT_RSA_SIGN_MECH(MD5)
+ INIT_RSA_SIGN_MECH(MD2)
+ INIT_RSA_SIGN_MECH(SHA1)
+ INIT_RSA_SIGN_MECH(SHA224)
+ INIT_RSA_SIGN_MECH(SHA256)
+ INIT_RSA_SIGN_MECH(SHA384)
+ INIT_RSA_SIGN_MECH(SHA512)
+
+ case CKM_RSA_PKCS:
+ context->update = (SFTKCipher)sftk_RSASign;
+ goto finish_rsa;
+ case CKM_RSA_X_509:
+ context->update = (SFTKCipher)sftk_RSASignRaw;
+ finish_rsa:
+ if (key_type != CKK_RSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ context->rsa = PR_TRUE;
+ privKey = sftk_GetPrivKey(key, CKK_RSA, &crv);
+ if (privKey == NULL) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ /* OK, info is allocated only if we're doing hash and sign mechanism.
+ * It's necessary to be able to set the correct OID in the final
+ * signature.
+ */
+ if (info) {
+ info->key = privKey;
+ context->cipherInfo = info;
+ context->destroy = (SFTKDestroy)sftk_Space;
+ } else {
+ context->cipherInfo = privKey;
+ context->destroy = (SFTKDestroy)sftk_Null;
+ }
+ context->maxLen = nsslowkey_PrivateModulusLen(privKey);
+ break;
+ case CKM_RSA_PKCS_PSS:
+ if (key_type != CKK_RSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ context->rsa = PR_TRUE;
+ if (pMechanism->ulParameterLen != sizeof(CK_RSA_PKCS_PSS_PARAMS) ||
+ !sftk_ValidatePssParams((const CK_RSA_PKCS_PSS_PARAMS *)pMechanism->pParameter)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ info = PORT_New(SFTKHashSignInfo);
+ if (info == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ info->params = pMechanism->pParameter;
+ info->key = sftk_GetPrivKey(key, CKK_RSA, &crv);
+ if (info->key == NULL) {
+ PORT_Free(info);
+ break;
+ }
+ context->cipherInfo = info;
+ context->destroy = (SFTKDestroy)sftk_Space;
+ context->update = (SFTKCipher)sftk_RSASignPSS;
+ context->maxLen = nsslowkey_PrivateModulusLen(info->key);
+ break;
+
+ case CKM_DSA_SHA1:
+ context->multi = PR_TRUE;
+ crv = sftk_doSubSHA1(context);
+ if (crv != CKR_OK)
+ break;
+ /* fall through */
+ case CKM_DSA:
+ if (key_type != CKK_DSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ privKey = sftk_GetPrivKey(key, CKK_DSA, &crv);
+ if (privKey == NULL) {
+ break;
+ }
+ context->cipherInfo = privKey;
+ context->update = (SFTKCipher)nsc_DSA_Sign_Stub;
+ context->destroy = (privKey == key->objectInfo) ? (SFTKDestroy)sftk_Null : (SFTKDestroy)sftk_FreePrivKey;
+ context->maxLen = DSA_MAX_SIGNATURE_LEN;
+
+ break;
+
+#ifndef NSS_DISABLE_ECC
+ case CKM_ECDSA_SHA1:
+ context->multi = PR_TRUE;
+ crv = sftk_doSubSHA1(context);
+ if (crv != CKR_OK)
+ break;
+ /* fall through */
+ case CKM_ECDSA:
+ if (key_type != CKK_EC) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ privKey = sftk_GetPrivKey(key, CKK_EC, &crv);
+ if (privKey == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->cipherInfo = privKey;
+ context->update = (SFTKCipher)nsc_ECDSASignStub;
+ context->destroy = (privKey == key->objectInfo) ? (SFTKDestroy)sftk_Null : (SFTKDestroy)sftk_FreePrivKey;
+ context->maxLen = MAX_ECKEY_LEN * 2;
+
+ break;
+#endif /* NSS_DISABLE_ECC */
+
+#define INIT_HMAC_MECH(mmm) \
+ case CKM_##mmm##_HMAC_GENERAL: \
+ crv = sftk_doHMACInit(context, HASH_Alg##mmm, key, \
+ *(CK_ULONG *)pMechanism->pParameter); \
+ break; \
+ case CKM_##mmm##_HMAC: \
+ crv = sftk_doHMACInit(context, HASH_Alg##mmm, key, mmm##_LENGTH); \
+ break;
+
+ INIT_HMAC_MECH(MD2)
+ INIT_HMAC_MECH(MD5)
+ INIT_HMAC_MECH(SHA224)
+ INIT_HMAC_MECH(SHA256)
+ INIT_HMAC_MECH(SHA384)
+ INIT_HMAC_MECH(SHA512)
+
+ case CKM_SHA_1_HMAC_GENERAL:
+ crv = sftk_doHMACInit(context, HASH_AlgSHA1, key,
+ *(CK_ULONG *)pMechanism->pParameter);
+ break;
+ case CKM_SHA_1_HMAC:
+ crv = sftk_doHMACInit(context, HASH_AlgSHA1, key, SHA1_LENGTH);
+ break;
+
+ case CKM_SSL3_MD5_MAC:
+ crv = sftk_doSSLMACInit(context, SEC_OID_MD5, key,
+ *(CK_ULONG *)pMechanism->pParameter);
+ break;
+ case CKM_SSL3_SHA1_MAC:
+ crv = sftk_doSSLMACInit(context, SEC_OID_SHA1, key,
+ *(CK_ULONG *)pMechanism->pParameter);
+ break;
+ case CKM_TLS_PRF_GENERAL:
+ crv = sftk_TLSPRFInit(context, key, key_type, HASH_AlgNULL, 0);
+ break;
+ case CKM_TLS_MAC: {
+ CK_TLS_MAC_PARAMS *tls12_mac_params;
+ HASH_HashType tlsPrfHash;
+ const char *label;
+
+ if (pMechanism->ulParameterLen != sizeof(CK_TLS_MAC_PARAMS)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ tls12_mac_params = (CK_TLS_MAC_PARAMS *)pMechanism->pParameter;
+ if (tls12_mac_params->prfMechanism == CKM_TLS_PRF) {
+ /* The TLS 1.0 and 1.1 PRF */
+ tlsPrfHash = HASH_AlgNULL;
+ if (tls12_mac_params->ulMacLength != 12) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ } else {
+ /* The hash function for the TLS 1.2 PRF */
+ tlsPrfHash =
+ GetHashTypeFromMechanism(tls12_mac_params->prfMechanism);
+ if (tlsPrfHash == HASH_AlgNULL ||
+ tls12_mac_params->ulMacLength < 12) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ }
+ if (tls12_mac_params->ulServerOrClient == 1) {
+ label = "server finished";
+ } else if (tls12_mac_params->ulServerOrClient == 2) {
+ label = "client finished";
+ } else {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ crv = sftk_TLSPRFInit(context, key, key_type, tlsPrfHash,
+ tls12_mac_params->ulMacLength);
+ if (crv == CKR_OK) {
+ context->hashUpdate(context->hashInfo, label, 15);
+ }
+ break;
+ }
+ case CKM_NSS_TLS_PRF_GENERAL_SHA256:
+ crv = sftk_TLSPRFInit(context, key, key_type, HASH_AlgSHA256, 0);
+ break;
+
+ case CKM_NSS_HMAC_CONSTANT_TIME: {
+ sftk_MACConstantTimeCtx *ctx =
+ sftk_HMACConstantTime_New(pMechanism, key);
+ CK_ULONG *intpointer;
+
+ if (ctx == NULL) {
+ crv = CKR_ARGUMENTS_BAD;
+ break;
+ }
+ intpointer = PORT_New(CK_ULONG);
+ if (intpointer == NULL) {
+ PORT_Free(ctx);
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ *intpointer = ctx->hash->length;
+
+ context->cipherInfo = intpointer;
+ context->hashInfo = ctx;
+ context->currentMech = pMechanism->mechanism;
+ context->hashUpdate = sftk_HMACConstantTime_Update;
+ context->hashdestroy = sftk_MACConstantTime_DestroyContext;
+ context->end = sftk_MACConstantTime_EndHash;
+ context->update = (SFTKCipher)sftk_SignCopy;
+ context->destroy = sftk_Space;
+ context->maxLen = 64;
+ context->multi = PR_TRUE;
+ break;
+ }
+
+ case CKM_NSS_SSL3_MAC_CONSTANT_TIME: {
+ sftk_MACConstantTimeCtx *ctx =
+ sftk_SSLv3MACConstantTime_New(pMechanism, key);
+ CK_ULONG *intpointer;
+
+ if (ctx == NULL) {
+ crv = CKR_ARGUMENTS_BAD;
+ break;
+ }
+ intpointer = PORT_New(CK_ULONG);
+ if (intpointer == NULL) {
+ PORT_Free(ctx);
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ *intpointer = ctx->hash->length;
+
+ context->cipherInfo = intpointer;
+ context->hashInfo = ctx;
+ context->currentMech = pMechanism->mechanism;
+ context->hashUpdate = sftk_SSLv3MACConstantTime_Update;
+ context->hashdestroy = sftk_MACConstantTime_DestroyContext;
+ context->end = sftk_MACConstantTime_EndHash;
+ context->update = (SFTKCipher)sftk_SignCopy;
+ context->destroy = sftk_Space;
+ context->maxLen = 64;
+ context->multi = PR_TRUE;
+ break;
+ }
+
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ if (info)
+ PORT_Free(info);
+ sftk_FreeContext(context);
+ sftk_FreeSession(session);
+ return crv;
+ }
+ sftk_SetContextByType(session, SFTK_SIGN, context);
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/** MAC one block of data by block cipher
+ */
+static CK_RV
+sftk_MACBlock(SFTKSessionContext *ctx, void *blk)
+{
+ unsigned int outlen;
+ return (SECSuccess == (ctx->update)(ctx->cipherInfo, ctx->macBuf, &outlen,
+ SFTK_MAX_BLOCK_SIZE, blk, ctx->blockSize))
+ ? CKR_OK
+ : sftk_MapCryptError(PORT_GetError());
+}
+
+/** MAC last (incomplete) block of data by block cipher
+ *
+ * Call once, then terminate MACing operation.
+ */
+static CK_RV
+sftk_MACFinal(SFTKSessionContext *ctx)
+{
+ unsigned int padLen = ctx->padDataLength;
+ /* pad and proceed the residual */
+ if (padLen) {
+ /* shd clr ctx->padLen to make sftk_MACFinal idempotent */
+ PORT_Memset(ctx->padBuf + padLen, 0, ctx->blockSize - padLen);
+ return sftk_MACBlock(ctx, ctx->padBuf);
+ } else
+ return CKR_OK;
+}
+
+/** The common implementation for {Sign,Verify}Update. (S/V only vary in their
+ * setup and final operations).
+ *
+ * A call which results in an error terminates the operation [PKCS#11,v2.11]
+ */
+static CK_RV
+sftk_MACUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, SFTKContextType type)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ CK_RV crv;
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, type, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (context->hashInfo) {
+ (*context->hashUpdate)(context->hashInfo, pPart, ulPartLen);
+ } else {
+ /* must be block cipher MACing */
+
+ unsigned int blkSize = context->blockSize;
+ unsigned char *residual = /* free room in context->padBuf */
+ context->padBuf + context->padDataLength;
+ unsigned int minInput = /* min input for MACing at least one block */
+ blkSize - context->padDataLength;
+
+ /* not enough data even for one block */
+ if (ulPartLen < minInput) {
+ PORT_Memcpy(residual, pPart, ulPartLen);
+ context->padDataLength += ulPartLen;
+ goto cleanup;
+ }
+ /* MACing residual */
+ if (context->padDataLength) {
+ PORT_Memcpy(residual, pPart, minInput);
+ ulPartLen -= minInput;
+ pPart += minInput;
+ if (CKR_OK != (crv = sftk_MACBlock(context, context->padBuf)))
+ goto terminate;
+ }
+ /* MACing full blocks */
+ while (ulPartLen >= blkSize) {
+ if (CKR_OK != (crv = sftk_MACBlock(context, pPart)))
+ goto terminate;
+ ulPartLen -= blkSize;
+ pPart += blkSize;
+ }
+ /* save the residual */
+ if ((context->padDataLength = ulPartLen))
+ PORT_Memcpy(context->padBuf, pPart, ulPartLen);
+ } /* blk cipher MACing */
+
+ goto cleanup;
+
+terminate:
+ sftk_TerminateOp(session, type, context);
+cleanup:
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/* NSC_SignUpdate continues a multiple-part signature operation,
+ * where the signature is (will be) an appendix to the data,
+ * and plaintext cannot be recovered from the signature
+ *
+ * A call which results in an error terminates the operation [PKCS#11,v2.11]
+ */
+CK_RV
+NSC_SignUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ CHECK_FORK();
+ return sftk_MACUpdate(hSession, pPart, ulPartLen, SFTK_SIGN);
+}
+
+/* NSC_SignFinal finishes a multiple-part signature operation,
+ * returning the signature. */
+CK_RV
+NSC_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int outlen;
+ unsigned int maxoutlen = *pulSignatureLen;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_SIGN, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (context->hashInfo) {
+ unsigned int digestLen;
+ unsigned char tmpbuf[SFTK_MAX_MAC_LENGTH];
+
+ if (!pSignature) {
+ outlen = context->maxLen;
+ goto finish;
+ }
+ (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
+ if (SECSuccess != (context->update)(context->cipherInfo, pSignature,
+ &outlen, maxoutlen, tmpbuf, digestLen))
+ crv = sftk_MapCryptError(PORT_GetError());
+ /* CKR_BUFFER_TOO_SMALL here isn't continuable, let operation terminate.
+ * Keeping "too small" CK_RV intact is a standard violation, but allows
+ * application read EXACT signature length */
+ } else {
+ /* must be block cipher MACing */
+ outlen = context->macSize;
+ /* null or "too small" buf doesn't terminate operation [PKCS#11,v2.11]*/
+ if (!pSignature || maxoutlen < outlen) {
+ if (pSignature)
+ crv = CKR_BUFFER_TOO_SMALL;
+ goto finish;
+ }
+ if (CKR_OK == (crv = sftk_MACFinal(context)))
+ PORT_Memcpy(pSignature, context->macBuf, outlen);
+ }
+
+ sftk_TerminateOp(session, SFTK_SIGN, context);
+finish:
+ *pulSignatureLen = outlen;
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/* NSC_Sign signs (encrypts with private key) data in a single part,
+ * where the signature is (will be) an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+NSC_Sign(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_SIGN, PR_FALSE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (!pSignature) {
+ /* see also how C_SignUpdate implements this */
+ *pulSignatureLen = (!context->multi || context->hashInfo)
+ ? context->maxLen
+ : context->macSize; /* must be block cipher MACing */
+ goto finish;
+ }
+
+ /* multi part Signing are completely implemented by SignUpdate and
+ * sign Final */
+ if (context->multi) {
+ /* SignFinal can't follow failed SignUpdate */
+ if (CKR_OK == (crv = NSC_SignUpdate(hSession, pData, ulDataLen)))
+ crv = NSC_SignFinal(hSession, pSignature, pulSignatureLen);
+ } else {
+ /* single-part PKC signature (e.g. CKM_ECDSA) */
+ unsigned int outlen;
+ unsigned int maxoutlen = *pulSignatureLen;
+ if (SECSuccess != (*context->update)(context->cipherInfo, pSignature,
+ &outlen, maxoutlen, pData, ulDataLen))
+ crv = sftk_MapCryptError(PORT_GetError());
+ *pulSignatureLen = (CK_ULONG)outlen;
+ /* "too small" here is certainly continuable */
+ if (crv != CKR_BUFFER_TOO_SMALL)
+ sftk_TerminateOp(session, SFTK_SIGN, context);
+ } /* single-part */
+
+finish:
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/*
+ ************** Crypto Functions: Sign Recover ************************
+ */
+/* NSC_SignRecoverInit initializes a signature operation,
+ * where the (digest) data can be recovered from the signature.
+ * E.g. encryption with the user's private key */
+CK_RV
+NSC_SignRecoverInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ CHECK_FORK();
+
+ switch (pMechanism->mechanism) {
+ case CKM_RSA_PKCS:
+ case CKM_RSA_X_509:
+ return NSC_SignInit(hSession, pMechanism, hKey);
+ default:
+ break;
+ }
+ return CKR_MECHANISM_INVALID;
+}
+
+/* NSC_SignRecover signs data in a single operation
+ * where the (digest) data can be recovered from the signature.
+ * E.g. encryption with the user's private key */
+CK_RV
+NSC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
+{
+ CHECK_FORK();
+
+ return NSC_Sign(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
+}
+
+/*
+ ************** Crypto Functions: verify ************************
+ */
+
+/* Handle RSA Signature formatting */
+static SECStatus
+sftk_hashCheckSign(SFTKHashVerifyInfo *info, const unsigned char *sig,
+ unsigned int sigLen, const unsigned char *digest,
+ unsigned int digestLen)
+{
+ PORT_Assert(info->key->keyType == NSSLOWKEYRSAKey);
+ if (info->key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ return RSA_HashCheckSign(info->hashOid, info->key, sig, sigLen, digest,
+ digestLen);
+}
+
+SECStatus
+RSA_HashCheckSign(SECOidTag digestOid, NSSLOWKEYPublicKey *key,
+ const unsigned char *sig, unsigned int sigLen,
+ const unsigned char *digestData, unsigned int digestLen)
+{
+ unsigned char *pkcs1DigestInfoData;
+ SECItem pkcs1DigestInfo;
+ SECItem digest;
+ unsigned int bufferSize;
+ SECStatus rv;
+
+ /* pkcs1DigestInfo.data must be less than key->u.rsa.modulus.len */
+ bufferSize = key->u.rsa.modulus.len;
+ pkcs1DigestInfoData = PORT_ZAlloc(bufferSize);
+ if (!pkcs1DigestInfoData) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ pkcs1DigestInfo.data = pkcs1DigestInfoData;
+ pkcs1DigestInfo.len = bufferSize;
+
+ /* decrypt the block */
+ rv = RSA_CheckSignRecover(&key->u.rsa, pkcs1DigestInfo.data,
+ &pkcs1DigestInfo.len, pkcs1DigestInfo.len,
+ sig, sigLen);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ } else {
+ digest.data = (PRUint8 *)digestData;
+ digest.len = digestLen;
+ rv = _SGN_VerifyPKCS1DigestInfo(
+ digestOid, &digest, &pkcs1DigestInfo,
+ PR_TRUE /*XXX: unsafeAllowMissingParameters*/);
+ }
+
+ PORT_Free(pkcs1DigestInfoData);
+ return rv;
+}
+
+static SECStatus
+sftk_RSACheckSign(NSSLOWKEYPublicKey *key, const unsigned char *sig,
+ unsigned int sigLen, const unsigned char *digest,
+ unsigned int digestLen)
+{
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ return RSA_CheckSign(&key->u.rsa, sig, sigLen, digest, digestLen);
+}
+
+static SECStatus
+sftk_RSACheckSignRaw(NSSLOWKEYPublicKey *key, const unsigned char *sig,
+ unsigned int sigLen, const unsigned char *digest,
+ unsigned int digestLen)
+{
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ return RSA_CheckSignRaw(&key->u.rsa, sig, sigLen, digest, digestLen);
+}
+
+static SECStatus
+sftk_RSACheckSignPSS(SFTKHashVerifyInfo *info, const unsigned char *sig,
+ unsigned int sigLen, const unsigned char *digest,
+ unsigned int digestLen)
+{
+ HASH_HashType hashAlg;
+ HASH_HashType maskHashAlg;
+ CK_RSA_PKCS_PSS_PARAMS *params = (CK_RSA_PKCS_PSS_PARAMS *)info->params;
+
+ PORT_Assert(info->key->keyType == NSSLOWKEYRSAKey);
+ if (info->key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ hashAlg = GetHashTypeFromMechanism(params->hashAlg);
+ maskHashAlg = GetHashTypeFromMechanism(params->mgf);
+
+ return RSA_CheckSignPSS(&info->key->u.rsa, hashAlg, maskHashAlg,
+ params->sLen, sig, sigLen, digest, digestLen);
+}
+
+/* NSC_VerifyInit initializes a verification operation,
+ * where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature (e.g. DSA) */
+CK_RV
+NSC_VerifyInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTKSession *session;
+ SFTKObject *key;
+ SFTKSessionContext *context;
+ CK_KEY_TYPE key_type;
+ CK_RV crv = CKR_OK;
+ NSSLOWKEYPublicKey *pubKey;
+ SFTKHashVerifyInfo *info = NULL;
+
+ CHECK_FORK();
+
+ /* Block Cipher MACing Algorithms use a different Context init method..*/
+ crv = sftk_InitCBCMac(hSession, pMechanism, hKey, CKA_VERIFY, SFTK_VERIFY);
+ if (crv != CKR_FUNCTION_NOT_SUPPORTED)
+ return crv;
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ crv = sftk_InitGeneric(session, &context, SFTK_VERIFY, &key, hKey, &key_type,
+ CKO_PUBLIC_KEY, CKA_VERIFY);
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ context->multi = PR_FALSE;
+
+#define INIT_RSA_VFY_MECH(mmm) \
+ case CKM_##mmm##_RSA_PKCS: \
+ context->multi = PR_TRUE; \
+ crv = sftk_doSub##mmm(context); \
+ if (crv != CKR_OK) \
+ break; \
+ context->verify = (SFTKVerify)sftk_hashCheckSign; \
+ info = PORT_New(SFTKHashVerifyInfo); \
+ if (info == NULL) { \
+ crv = CKR_HOST_MEMORY; \
+ break; \
+ } \
+ info->hashOid = SEC_OID_##mmm; \
+ goto finish_rsa;
+
+ switch (pMechanism->mechanism) {
+ INIT_RSA_VFY_MECH(MD5)
+ INIT_RSA_VFY_MECH(MD2)
+ INIT_RSA_VFY_MECH(SHA1)
+ INIT_RSA_VFY_MECH(SHA224)
+ INIT_RSA_VFY_MECH(SHA256)
+ INIT_RSA_VFY_MECH(SHA384)
+ INIT_RSA_VFY_MECH(SHA512)
+
+ case CKM_RSA_PKCS:
+ context->verify = (SFTKVerify)sftk_RSACheckSign;
+ goto finish_rsa;
+ case CKM_RSA_X_509:
+ context->verify = (SFTKVerify)sftk_RSACheckSignRaw;
+ finish_rsa:
+ if (key_type != CKK_RSA) {
+ if (info)
+ PORT_Free(info);
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ context->rsa = PR_TRUE;
+ pubKey = sftk_GetPubKey(key, CKK_RSA, &crv);
+ if (pubKey == NULL) {
+ if (info)
+ PORT_Free(info);
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ if (info) {
+ info->key = pubKey;
+ context->cipherInfo = info;
+ context->destroy = sftk_Space;
+ } else {
+ context->cipherInfo = pubKey;
+ context->destroy = sftk_Null;
+ }
+ break;
+ case CKM_RSA_PKCS_PSS:
+ if (key_type != CKK_RSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ context->rsa = PR_TRUE;
+ if (pMechanism->ulParameterLen != sizeof(CK_RSA_PKCS_PSS_PARAMS) ||
+ !sftk_ValidatePssParams((const CK_RSA_PKCS_PSS_PARAMS *)pMechanism->pParameter)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ info = PORT_New(SFTKHashVerifyInfo);
+ if (info == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ info->params = pMechanism->pParameter;
+ info->key = sftk_GetPubKey(key, CKK_RSA, &crv);
+ if (info->key == NULL) {
+ PORT_Free(info);
+ break;
+ }
+ context->cipherInfo = info;
+ context->destroy = (SFTKDestroy)sftk_Space;
+ context->verify = (SFTKVerify)sftk_RSACheckSignPSS;
+ break;
+ case CKM_DSA_SHA1:
+ context->multi = PR_TRUE;
+ crv = sftk_doSubSHA1(context);
+ if (crv != CKR_OK)
+ break;
+ /* fall through */
+ case CKM_DSA:
+ if (key_type != CKK_DSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ pubKey = sftk_GetPubKey(key, CKK_DSA, &crv);
+ if (pubKey == NULL) {
+ break;
+ }
+ context->cipherInfo = pubKey;
+ context->verify = (SFTKVerify)nsc_DSA_Verify_Stub;
+ context->destroy = sftk_Null;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKM_ECDSA_SHA1:
+ context->multi = PR_TRUE;
+ crv = sftk_doSubSHA1(context);
+ if (crv != CKR_OK)
+ break;
+ /* fall through */
+ case CKM_ECDSA:
+ if (key_type != CKK_EC) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ pubKey = sftk_GetPubKey(key, CKK_EC, &crv);
+ if (pubKey == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ context->cipherInfo = pubKey;
+ context->verify = (SFTKVerify)nsc_ECDSAVerifyStub;
+ context->destroy = sftk_Null;
+ break;
+#endif /* NSS_DISABLE_ECC */
+
+ INIT_HMAC_MECH(MD2)
+ INIT_HMAC_MECH(MD5)
+ INIT_HMAC_MECH(SHA224)
+ INIT_HMAC_MECH(SHA256)
+ INIT_HMAC_MECH(SHA384)
+ INIT_HMAC_MECH(SHA512)
+
+ case CKM_SHA_1_HMAC_GENERAL:
+ crv = sftk_doHMACInit(context, HASH_AlgSHA1, key,
+ *(CK_ULONG *)pMechanism->pParameter);
+ break;
+ case CKM_SHA_1_HMAC:
+ crv = sftk_doHMACInit(context, HASH_AlgSHA1, key, SHA1_LENGTH);
+ break;
+
+ case CKM_SSL3_MD5_MAC:
+ crv = sftk_doSSLMACInit(context, SEC_OID_MD5, key,
+ *(CK_ULONG *)pMechanism->pParameter);
+ break;
+ case CKM_SSL3_SHA1_MAC:
+ crv = sftk_doSSLMACInit(context, SEC_OID_SHA1, key,
+ *(CK_ULONG *)pMechanism->pParameter);
+ break;
+ case CKM_TLS_PRF_GENERAL:
+ crv = sftk_TLSPRFInit(context, key, key_type, HASH_AlgNULL, 0);
+ break;
+ case CKM_NSS_TLS_PRF_GENERAL_SHA256:
+ crv = sftk_TLSPRFInit(context, key, key_type, HASH_AlgSHA256, 0);
+ break;
+
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ if (info)
+ PORT_Free(info);
+ sftk_FreeContext(context);
+ sftk_FreeSession(session);
+ return crv;
+ }
+ sftk_SetContextByType(session, SFTK_VERIFY, context);
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_Verify verifies a signature in a single-part operation,
+ * where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature */
+CK_RV
+NSC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
+ CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_VERIFY, PR_FALSE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ /* multi part Verifying are completely implemented by VerifyUpdate and
+ * VerifyFinal */
+ if (context->multi) {
+ /* VerifyFinal can't follow failed VerifyUpdate */
+ if (CKR_OK == (crv = NSC_VerifyUpdate(hSession, pData, ulDataLen)))
+ crv = NSC_VerifyFinal(hSession, pSignature, ulSignatureLen);
+ } else {
+ if (SECSuccess != (*context->verify)(context->cipherInfo, pSignature,
+ ulSignatureLen, pData, ulDataLen))
+ crv = sftk_MapCryptError(PORT_GetError());
+
+ sftk_TerminateOp(session, SFTK_VERIFY, context);
+ }
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/* NSC_VerifyUpdate continues a multiple-part verification operation,
+ * where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature
+ *
+ * A call which results in an error terminates the operation [PKCS#11,v2.11]
+ */
+CK_RV
+NSC_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen)
+{
+ CHECK_FORK();
+ return sftk_MACUpdate(hSession, pPart, ulPartLen, SFTK_VERIFY);
+}
+
+/* NSC_VerifyFinal finishes a multiple-part verification operation,
+ * checking the signature. */
+CK_RV
+NSC_VerifyFinal(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ if (!pSignature)
+ return CKR_ARGUMENTS_BAD;
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_VERIFY, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ if (context->hashInfo) {
+ unsigned int digestLen;
+ unsigned char tmpbuf[SFTK_MAX_MAC_LENGTH];
+
+ (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
+ if (SECSuccess != (context->verify)(context->cipherInfo, pSignature,
+ ulSignatureLen, tmpbuf, digestLen))
+ crv = sftk_MapCryptError(PORT_GetError());
+ } else if (ulSignatureLen != context->macSize) {
+ /* must be block cipher MACing */
+ crv = CKR_SIGNATURE_LEN_RANGE;
+ } else if (CKR_OK == (crv = sftk_MACFinal(context))) {
+ if (PORT_Memcmp(pSignature, context->macBuf, ulSignatureLen))
+ crv = CKR_SIGNATURE_INVALID;
+ }
+
+ sftk_TerminateOp(session, SFTK_VERIFY, context);
+ sftk_FreeSession(session);
+ return crv;
+}
+
+/*
+ ************** Crypto Functions: Verify Recover ************************
+ */
+static SECStatus
+sftk_RSACheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
+ unsigned int *dataLen, unsigned int maxDataLen,
+ const unsigned char *sig, unsigned int sigLen)
+{
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ return RSA_CheckSignRecover(&key->u.rsa, data, dataLen, maxDataLen,
+ sig, sigLen);
+}
+
+static SECStatus
+sftk_RSACheckSignRecoverRaw(NSSLOWKEYPublicKey *key, unsigned char *data,
+ unsigned int *dataLen, unsigned int maxDataLen,
+ const unsigned char *sig, unsigned int sigLen)
+{
+ PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
+ if (key->keyType != NSSLOWKEYRSAKey) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+
+ return RSA_CheckSignRecoverRaw(&key->u.rsa, data, dataLen, maxDataLen,
+ sig, sigLen);
+}
+
+/* NSC_VerifyRecoverInit initializes a signature verification operation,
+ * where the data is recovered from the signature.
+ * E.g. Decryption with the user's public key */
+CK_RV
+NSC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
+{
+ SFTKSession *session;
+ SFTKObject *key;
+ SFTKSessionContext *context;
+ CK_KEY_TYPE key_type;
+ CK_RV crv = CKR_OK;
+ NSSLOWKEYPublicKey *pubKey;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ crv = sftk_InitGeneric(session, &context, SFTK_VERIFY_RECOVER,
+ &key, hKey, &key_type, CKO_PUBLIC_KEY, CKA_VERIFY_RECOVER);
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ context->multi = PR_TRUE;
+
+ switch (pMechanism->mechanism) {
+ case CKM_RSA_PKCS:
+ case CKM_RSA_X_509:
+ if (key_type != CKK_RSA) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ context->multi = PR_FALSE;
+ context->rsa = PR_TRUE;
+ pubKey = sftk_GetPubKey(key, CKK_RSA, &crv);
+ if (pubKey == NULL) {
+ break;
+ }
+ context->cipherInfo = pubKey;
+ context->update = (SFTKCipher)(pMechanism->mechanism == CKM_RSA_X_509
+ ? sftk_RSACheckSignRecoverRaw
+ : sftk_RSACheckSignRecover);
+ context->destroy = sftk_Null;
+ break;
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ PORT_Free(context);
+ sftk_FreeSession(session);
+ return crv;
+ }
+ sftk_SetContextByType(session, SFTK_VERIFY_RECOVER, context);
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_VerifyRecover verifies a signature in a single-part operation,
+ * where the data is recovered from the signature.
+ * E.g. Decryption with the user's public key */
+CK_RV
+NSC_VerifyRecover(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen,
+ CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
+{
+ SFTKSession *session;
+ SFTKSessionContext *context;
+ unsigned int outlen;
+ unsigned int maxoutlen = *pulDataLen;
+ CK_RV crv;
+ SECStatus rv;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_VERIFY_RECOVER,
+ PR_FALSE, &session);
+ if (crv != CKR_OK)
+ return crv;
+ if (pData == NULL) {
+ /* to return the actual size, we need to do the decrypt, just return
+ * the max size, which is the size of the input signature. */
+ *pulDataLen = ulSignatureLen;
+ rv = SECSuccess;
+ goto finish;
+ }
+
+ rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen,
+ pSignature, ulSignatureLen);
+ *pulDataLen = (CK_ULONG)outlen;
+
+ sftk_TerminateOp(session, SFTK_VERIFY_RECOVER, context);
+finish:
+ sftk_FreeSession(session);
+ return (rv == SECSuccess) ? CKR_OK : sftk_MapVerifyError(PORT_GetError());
+}
+
+/*
+ **************************** Random Functions: ************************
+ */
+
+/* NSC_SeedRandom mixes additional seed material into the token's random number
+ * generator. */
+CK_RV
+NSC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
+ CK_ULONG ulSeedLen)
+{
+ SECStatus rv;
+
+ CHECK_FORK();
+
+ rv = RNG_RandomUpdate(pSeed, ulSeedLen);
+ return (rv == SECSuccess) ? CKR_OK : sftk_MapCryptError(PORT_GetError());
+}
+
+/* NSC_GenerateRandom generates random data. */
+CK_RV
+NSC_GenerateRandom(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
+{
+ SECStatus rv;
+
+ CHECK_FORK();
+
+ rv = RNG_GenerateGlobalRandomBytes(pRandomData, ulRandomLen);
+ /*
+ * This may fail with SEC_ERROR_NEED_RANDOM, which means the RNG isn't
+ * seeded with enough entropy.
+ */
+ return (rv == SECSuccess) ? CKR_OK : sftk_MapCryptError(PORT_GetError());
+}
+
+/*
+ **************************** Key Functions: ************************
+ */
+
+/*
+ * generate a password based encryption key. This code uses
+ * PKCS5 to do the work.
+ */
+static CK_RV
+nsc_pbe_key_gen(NSSPKCS5PBEParameter *pkcs5_pbe, CK_MECHANISM_PTR pMechanism,
+ void *buf, CK_ULONG *key_length, PRBool faulty3DES)
+{
+ SECItem *pbe_key = NULL, iv, pwitem;
+ CK_PBE_PARAMS *pbe_params = NULL;
+ CK_PKCS5_PBKD2_PARAMS *pbkd2_params = NULL;
+
+ *key_length = 0;
+ iv.data = NULL;
+ iv.len = 0;
+
+ if (pMechanism->mechanism == CKM_PKCS5_PBKD2) {
+ pbkd2_params = (CK_PKCS5_PBKD2_PARAMS *)pMechanism->pParameter;
+ pwitem.data = (unsigned char *)pbkd2_params->pPassword;
+ /* was this a typo in the PKCS #11 spec? */
+ pwitem.len = *pbkd2_params->ulPasswordLen;
+ } else {
+ pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
+ pwitem.data = (unsigned char *)pbe_params->pPassword;
+ pwitem.len = pbe_params->ulPasswordLen;
+ }
+ pbe_key = nsspkcs5_ComputeKeyAndIV(pkcs5_pbe, &pwitem, &iv, faulty3DES);
+ if (pbe_key == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ PORT_Memcpy(buf, pbe_key->data, pbe_key->len);
+ *key_length = pbe_key->len;
+ SECITEM_ZfreeItem(pbe_key, PR_TRUE);
+ pbe_key = NULL;
+
+ if (iv.data) {
+ if (pbe_params && pbe_params->pInitVector != NULL) {
+ PORT_Memcpy(pbe_params->pInitVector, iv.data, iv.len);
+ }
+ PORT_Free(iv.data);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * this is coded for "full" support. These selections will be limitted to
+ * the official subset by freebl.
+ */
+static unsigned int
+sftk_GetSubPrimeFromPrime(unsigned int primeBits)
+{
+ if (primeBits <= 1024) {
+ return 160;
+ } else if (primeBits <= 2048) {
+ return 224;
+ } else if (primeBits <= 3072) {
+ return 256;
+ } else if (primeBits <= 7680) {
+ return 384;
+ } else {
+ return 512;
+ }
+}
+
+static CK_RV
+nsc_parameter_gen(CK_KEY_TYPE key_type, SFTKObject *key)
+{
+ SFTKAttribute *attribute;
+ CK_ULONG counter;
+ unsigned int seedBits = 0;
+ unsigned int subprimeBits = 0;
+ unsigned int primeBits;
+ unsigned int j = 8; /* default to 1024 bits */
+ CK_RV crv = CKR_OK;
+ PQGParams *params = NULL;
+ PQGVerify *vfy = NULL;
+ SECStatus rv;
+
+ attribute = sftk_FindAttribute(key, CKA_PRIME_BITS);
+ if (attribute == NULL) {
+ attribute = sftk_FindAttribute(key, CKA_PRIME);
+ if (attribute == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ } else {
+ primeBits = attribute->attrib.ulValueLen;
+ sftk_FreeAttribute(attribute);
+ }
+ } else {
+ primeBits = (unsigned int)*(CK_ULONG *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+ }
+ if (primeBits < 1024) {
+ j = PQG_PBITS_TO_INDEX(primeBits);
+ if (j == (unsigned int)-1) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ }
+
+ attribute = sftk_FindAttribute(key, CKA_NSS_PQG_SEED_BITS);
+ if (attribute != NULL) {
+ seedBits = (unsigned int)*(CK_ULONG *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+ }
+
+ attribute = sftk_FindAttribute(key, CKA_SUBPRIME_BITS);
+ if (attribute != NULL) {
+ subprimeBits = (unsigned int)*(CK_ULONG *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+ }
+
+ /* if P and Q are supplied, we want to generate a new G */
+ attribute = sftk_FindAttribute(key, CKA_PRIME);
+ if (attribute != NULL) {
+ PLArenaPool *arena;
+
+ sftk_FreeAttribute(attribute);
+ arena = PORT_NewArena(1024);
+ if (arena == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ params = PORT_ArenaAlloc(arena, sizeof(*params));
+ if (params == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ params->arena = arena;
+ crv = sftk_Attribute2SSecItem(arena, &params->prime, key, CKA_PRIME);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = sftk_Attribute2SSecItem(arena, &params->subPrime,
+ key, CKA_SUBPRIME);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ arena = PORT_NewArena(1024);
+ if (arena == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ vfy = PORT_ArenaAlloc(arena, sizeof(*vfy));
+ if (vfy == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ vfy->arena = arena;
+ crv = sftk_Attribute2SSecItem(arena, &vfy->seed, key, CKA_NSS_PQG_SEED);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = sftk_Attribute2SSecItem(arena, &vfy->h, key, CKA_NSS_PQG_H);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ sftk_DeleteAttributeType(key, CKA_PRIME);
+ sftk_DeleteAttributeType(key, CKA_SUBPRIME);
+ sftk_DeleteAttributeType(key, CKA_NSS_PQG_SEED);
+ sftk_DeleteAttributeType(key, CKA_NSS_PQG_H);
+ }
+
+ sftk_DeleteAttributeType(key, CKA_PRIME_BITS);
+ sftk_DeleteAttributeType(key, CKA_SUBPRIME_BITS);
+ sftk_DeleteAttributeType(key, CKA_NSS_PQG_SEED_BITS);
+
+ /* use the old PQG interface if we have old input data */
+ if ((primeBits < 1024) || ((primeBits == 1024) && (subprimeBits == 0))) {
+ if (seedBits == 0) {
+ rv = PQG_ParamGen(j, &params, &vfy);
+ } else {
+ rv = PQG_ParamGenSeedLen(j, seedBits / 8, &params, &vfy);
+ }
+ } else {
+ if (subprimeBits == 0) {
+ subprimeBits = sftk_GetSubPrimeFromPrime(primeBits);
+ }
+ if (seedBits == 0) {
+ seedBits = primeBits;
+ }
+ rv = PQG_ParamGenV2(primeBits, subprimeBits, seedBits / 8, &params, &vfy);
+ }
+
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ return sftk_MapCryptError(PORT_GetError());
+ }
+ crv = sftk_AddAttributeType(key, CKA_PRIME,
+ params->prime.data, params->prime.len);
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_AddAttributeType(key, CKA_SUBPRIME,
+ params->subPrime.data, params->subPrime.len);
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_AddAttributeType(key, CKA_BASE,
+ params->base.data, params->base.len);
+ if (crv != CKR_OK)
+ goto loser;
+ counter = vfy->counter;
+ crv = sftk_AddAttributeType(key, CKA_NSS_PQG_COUNTER,
+ &counter, sizeof(counter));
+ crv = sftk_AddAttributeType(key, CKA_NSS_PQG_SEED,
+ vfy->seed.data, vfy->seed.len);
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_AddAttributeType(key, CKA_NSS_PQG_H,
+ vfy->h.data, vfy->h.len);
+ if (crv != CKR_OK)
+ goto loser;
+
+loser:
+ if (params) {
+ PQG_DestroyParams(params);
+ }
+
+ if (vfy) {
+ PQG_DestroyVerify(vfy);
+ }
+ return crv;
+}
+
+static CK_RV
+nsc_SetupBulkKeyGen(CK_MECHANISM_TYPE mechanism, CK_KEY_TYPE *key_type,
+ CK_ULONG *key_length)
+{
+ CK_RV crv = CKR_OK;
+
+ switch (mechanism) {
+ case CKM_RC2_KEY_GEN:
+ *key_type = CKK_RC2;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+#if NSS_SOFTOKEN_DOES_RC5
+ case CKM_RC5_KEY_GEN:
+ *key_type = CKK_RC5;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+#endif
+ case CKM_RC4_KEY_GEN:
+ *key_type = CKK_RC4;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ case CKM_GENERIC_SECRET_KEY_GEN:
+ *key_type = CKK_GENERIC_SECRET;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ case CKM_CDMF_KEY_GEN:
+ *key_type = CKK_CDMF;
+ *key_length = 8;
+ break;
+ case CKM_DES_KEY_GEN:
+ *key_type = CKK_DES;
+ *key_length = 8;
+ break;
+ case CKM_DES2_KEY_GEN:
+ *key_type = CKK_DES2;
+ *key_length = 16;
+ break;
+ case CKM_DES3_KEY_GEN:
+ *key_type = CKK_DES3;
+ *key_length = 24;
+ break;
+ case CKM_SEED_KEY_GEN:
+ *key_type = CKK_SEED;
+ *key_length = 16;
+ break;
+ case CKM_CAMELLIA_KEY_GEN:
+ *key_type = CKK_CAMELLIA;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ case CKM_AES_KEY_GEN:
+ *key_type = CKK_AES;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ case CKM_NSS_CHACHA20_KEY_GEN:
+ *key_type = CKK_NSS_CHACHA20;
+ if (*key_length == 0)
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ default:
+ PORT_Assert(0);
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ return crv;
+}
+
+CK_RV
+nsc_SetupHMACKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe)
+{
+ SECItem salt;
+ CK_PBE_PARAMS *pbe_params = NULL;
+ NSSPKCS5PBEParameter *params;
+ PLArenaPool *arena = NULL;
+ SECStatus rv;
+
+ *pbe = NULL;
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ params = (NSSPKCS5PBEParameter *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSPKCS5PBEParameter));
+ if (params == NULL) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return CKR_HOST_MEMORY;
+ }
+
+ params->poolp = arena;
+ params->ivLen = 0;
+ params->pbeType = NSSPKCS5_PKCS12_V2;
+ params->hashType = HASH_AlgSHA1;
+ params->encAlg = SEC_OID_SHA1; /* any invalid value */
+ params->is2KeyDES = PR_FALSE;
+ params->keyID = pbeBitGenIntegrityKey;
+ pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
+ params->iter = pbe_params->ulIteration;
+
+ salt.data = (unsigned char *)pbe_params->pSalt;
+ salt.len = (unsigned int)pbe_params->ulSaltLen;
+ salt.type = siBuffer;
+ rv = SECITEM_CopyItem(arena, &params->salt, &salt);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return CKR_HOST_MEMORY;
+ }
+ switch (pMechanism->mechanism) {
+ case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
+ case CKM_PBA_SHA1_WITH_SHA1_HMAC:
+ params->hashType = HASH_AlgSHA1;
+ params->keyLen = 20;
+ break;
+ case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
+ params->hashType = HASH_AlgMD5;
+ params->keyLen = 16;
+ break;
+ case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
+ params->hashType = HASH_AlgMD2;
+ params->keyLen = 16;
+ break;
+ default:
+ PORT_FreeArena(arena, PR_TRUE);
+ return CKR_MECHANISM_INVALID;
+ }
+ *pbe = params;
+ return CKR_OK;
+}
+
+/* maybe this should be table driven? */
+static CK_RV
+nsc_SetupPBEKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe,
+ CK_KEY_TYPE *key_type, CK_ULONG *key_length)
+{
+ CK_RV crv = CKR_OK;
+ SECOidData *oid;
+ CK_PBE_PARAMS *pbe_params = NULL;
+ NSSPKCS5PBEParameter *params = NULL;
+ HASH_HashType hashType = HASH_AlgSHA1;
+ CK_PKCS5_PBKD2_PARAMS *pbkd2_params = NULL;
+ SECItem salt;
+ CK_ULONG iteration = 0;
+
+ *pbe = NULL;
+
+ oid = SECOID_FindOIDByMechanism(pMechanism->mechanism);
+ if (oid == NULL) {
+ return CKR_MECHANISM_INVALID;
+ }
+
+ if (pMechanism->mechanism == CKM_PKCS5_PBKD2) {
+ pbkd2_params = (CK_PKCS5_PBKD2_PARAMS *)pMechanism->pParameter;
+ if (pbkd2_params == NULL) {
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+ switch (pbkd2_params->prf) {
+ case CKP_PKCS5_PBKD2_HMAC_SHA1:
+ hashType = HASH_AlgSHA1;
+ break;
+ case CKP_PKCS5_PBKD2_HMAC_SHA224:
+ hashType = HASH_AlgSHA224;
+ break;
+ case CKP_PKCS5_PBKD2_HMAC_SHA256:
+ hashType = HASH_AlgSHA256;
+ break;
+ case CKP_PKCS5_PBKD2_HMAC_SHA384:
+ hashType = HASH_AlgSHA384;
+ break;
+ case CKP_PKCS5_PBKD2_HMAC_SHA512:
+ hashType = HASH_AlgSHA512;
+ break;
+ default:
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+ if (pbkd2_params->saltSource != CKZ_SALT_SPECIFIED) {
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+ salt.data = (unsigned char *)pbkd2_params->pSaltSourceData;
+ salt.len = (unsigned int)pbkd2_params->ulSaltSourceDataLen;
+ iteration = pbkd2_params->iterations;
+ } else {
+ pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
+ salt.data = (unsigned char *)pbe_params->pSalt;
+ salt.len = (unsigned int)pbe_params->ulSaltLen;
+ iteration = pbe_params->ulIteration;
+ }
+ params = nsspkcs5_NewParam(oid->offset, hashType, &salt, iteration);
+ if (params == NULL) {
+ return CKR_MECHANISM_INVALID;
+ }
+
+ switch (params->encAlg) {
+ case SEC_OID_DES_CBC:
+ *key_type = CKK_DES;
+ *key_length = params->keyLen;
+ break;
+ case SEC_OID_DES_EDE3_CBC:
+ *key_type = params->is2KeyDES ? CKK_DES2 : CKK_DES3;
+ *key_length = params->keyLen;
+ break;
+ case SEC_OID_RC2_CBC:
+ *key_type = CKK_RC2;
+ *key_length = params->keyLen;
+ break;
+ case SEC_OID_RC4:
+ *key_type = CKK_RC4;
+ *key_length = params->keyLen;
+ break;
+ case SEC_OID_PKCS5_PBKDF2:
+ /* key type must already be set */
+ if (*key_type == CKK_INVALID_KEY_TYPE) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ }
+ /* PBKDF2 needs to calculate the key length from the other parameters
+ */
+ if (*key_length == 0) {
+ *key_length = sftk_MapKeySize(*key_type);
+ }
+ if (*key_length == 0) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ }
+ params->keyLen = *key_length;
+ break;
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ nsspkcs5_DestroyPBEParameter(params);
+ break;
+ }
+ if (crv == CKR_OK) {
+ *pbe = params;
+ }
+ return crv;
+}
+
+/* NSC_GenerateKey generates a secret key, creating a new key object. */
+CK_RV
+NSC_GenerateKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ SFTKObject *key;
+ SFTKSession *session;
+ PRBool checkWeak = PR_FALSE;
+ CK_ULONG key_length = 0;
+ CK_KEY_TYPE key_type = CKK_INVALID_KEY_TYPE;
+ CK_OBJECT_CLASS objclass = CKO_SECRET_KEY;
+ CK_RV crv = CKR_OK;
+ CK_BBOOL cktrue = CK_TRUE;
+ int i;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ unsigned char buf[MAX_KEY_LEN];
+ enum { nsc_pbe,
+ nsc_ssl,
+ nsc_bulk,
+ nsc_param,
+ nsc_jpake } key_gen_type;
+ NSSPKCS5PBEParameter *pbe_param;
+ SSL3RSAPreMasterSecret *rsa_pms;
+ CK_VERSION *version;
+ /* in very old versions of NSS, there were implementation errors with key
+ * generation methods. We want to beable to read these, but not
+ * produce them any more. The affected algorithm was 3DES.
+ */
+ PRBool faultyPBE3DES = PR_FALSE;
+ HASH_HashType hashType = HASH_AlgNULL;
+
+ CHECK_FORK();
+
+ if (!slot) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ key = sftk_NewObject(slot); /* fill in the handle later */
+ if (key == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulCount; i++) {
+ if (pTemplate[i].type == CKA_VALUE_LEN) {
+ key_length = *(CK_ULONG *)pTemplate[i].pValue;
+ continue;
+ }
+ /* some algorithms need keytype specified */
+ if (pTemplate[i].type == CKA_KEY_TYPE) {
+ key_type = *(CK_ULONG *)pTemplate[i].pValue;
+ continue;
+ }
+
+ crv = sftk_AddAttributeType(key, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+ }
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ /* make sure we don't have any class, key_type, or value fields */
+ sftk_DeleteAttributeType(key, CKA_CLASS);
+ sftk_DeleteAttributeType(key, CKA_KEY_TYPE);
+ sftk_DeleteAttributeType(key, CKA_VALUE);
+
+ /* Now Set up the parameters to generate the key (based on mechanism) */
+ key_gen_type = nsc_bulk; /* bulk key by default */
+ switch (pMechanism->mechanism) {
+ case CKM_CDMF_KEY_GEN:
+ case CKM_DES_KEY_GEN:
+ case CKM_DES2_KEY_GEN:
+ case CKM_DES3_KEY_GEN:
+ checkWeak = PR_TRUE;
+ /* fall through */
+ case CKM_RC2_KEY_GEN:
+ case CKM_RC4_KEY_GEN:
+ case CKM_GENERIC_SECRET_KEY_GEN:
+ case CKM_SEED_KEY_GEN:
+ case CKM_CAMELLIA_KEY_GEN:
+ case CKM_AES_KEY_GEN:
+ case CKM_NSS_CHACHA20_KEY_GEN:
+#if NSS_SOFTOKEN_DOES_RC5
+ case CKM_RC5_KEY_GEN:
+#endif
+ crv = nsc_SetupBulkKeyGen(pMechanism->mechanism, &key_type, &key_length);
+ break;
+ case CKM_SSL3_PRE_MASTER_KEY_GEN:
+ key_type = CKK_GENERIC_SECRET;
+ key_length = 48;
+ key_gen_type = nsc_ssl;
+ break;
+ case CKM_PBA_SHA1_WITH_SHA1_HMAC:
+ case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
+ case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
+ case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
+ key_gen_type = nsc_pbe;
+ key_type = CKK_GENERIC_SECRET;
+ crv = nsc_SetupHMACKeyGen(pMechanism, &pbe_param);
+ break;
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ faultyPBE3DES = PR_TRUE;
+ /* fall through */
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ case CKM_PBE_SHA1_RC2_128_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ case CKM_PBE_SHA1_RC4_128:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PKCS5_PBKD2:
+ key_gen_type = nsc_pbe;
+ crv = nsc_SetupPBEKeyGen(pMechanism, &pbe_param, &key_type, &key_length);
+ break;
+ case CKM_DSA_PARAMETER_GEN:
+ key_gen_type = nsc_param;
+ key_type = CKK_DSA;
+ objclass = CKO_KG_PARAMETERS;
+ crv = CKR_OK;
+ break;
+ case CKM_NSS_JPAKE_ROUND1_SHA1:
+ hashType = HASH_AlgSHA1;
+ goto jpake1;
+ case CKM_NSS_JPAKE_ROUND1_SHA256:
+ hashType = HASH_AlgSHA256;
+ goto jpake1;
+ case CKM_NSS_JPAKE_ROUND1_SHA384:
+ hashType = HASH_AlgSHA384;
+ goto jpake1;
+ case CKM_NSS_JPAKE_ROUND1_SHA512:
+ hashType = HASH_AlgSHA512;
+ goto jpake1;
+ jpake1:
+ key_gen_type = nsc_jpake;
+ key_type = CKK_NSS_JPAKE_ROUND1;
+ objclass = CKO_PRIVATE_KEY;
+ if (pMechanism->pParameter == NULL ||
+ pMechanism->ulParameterLen != sizeof(CK_NSS_JPAKERound1Params)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ if (sftk_isTrue(key, CKA_TOKEN)) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ crv = CKR_OK;
+ break;
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ break;
+ }
+
+ /* make sure we aren't going to overflow the buffer */
+ if (sizeof(buf) < key_length) {
+ /* someone is getting pretty optimistic about how big their key can
+ * be... */
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ /* if there was no error,
+ * key_type *MUST* be set in the switch statement above */
+ PORT_Assert(key_type != CKK_INVALID_KEY_TYPE);
+
+ /*
+ * now to the actual key gen.
+ */
+ switch (key_gen_type) {
+ case nsc_pbe:
+ crv = nsc_pbe_key_gen(pbe_param, pMechanism, buf, &key_length,
+ faultyPBE3DES);
+ nsspkcs5_DestroyPBEParameter(pbe_param);
+ break;
+ case nsc_ssl:
+ rsa_pms = (SSL3RSAPreMasterSecret *)buf;
+ version = (CK_VERSION *)pMechanism->pParameter;
+ rsa_pms->client_version[0] = version->major;
+ rsa_pms->client_version[1] = version->minor;
+ crv =
+ NSC_GenerateRandom(0, &rsa_pms->random[0], sizeof(rsa_pms->random));
+ break;
+ case nsc_bulk:
+ /* get the key, check for weak keys and repeat if found */
+ do {
+ crv = NSC_GenerateRandom(0, buf, key_length);
+ } while (crv == CKR_OK && checkWeak && sftk_IsWeakKey(buf, key_type));
+ break;
+ case nsc_param:
+ /* generate parameters */
+ *buf = 0;
+ crv = nsc_parameter_gen(key_type, key);
+ break;
+ case nsc_jpake:
+ crv = jpake_Round1(hashType,
+ (CK_NSS_JPAKERound1Params *)pMechanism->pParameter,
+ key);
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ /* Add the class, key_type, and value */
+ crv = sftk_AddAttributeType(key, CKA_CLASS, &objclass, sizeof(CK_OBJECT_CLASS));
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+ crv = sftk_AddAttributeType(key, CKA_KEY_TYPE, &key_type, sizeof(CK_KEY_TYPE));
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+ if (key_length != 0) {
+ crv = sftk_AddAttributeType(key, CKA_VALUE, buf, key_length);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+ }
+
+ /* get the session */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ sftk_FreeObject(key);
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /*
+ * handle the base object stuff
+ */
+ crv = sftk_handleObject(key, session);
+ sftk_FreeSession(session);
+ if (crv == CKR_OK && sftk_isTrue(key, CKA_SENSITIVE)) {
+ crv = sftk_forceAttribute(key, CKA_ALWAYS_SENSITIVE, &cktrue, sizeof(CK_BBOOL));
+ }
+ if (crv == CKR_OK && !sftk_isTrue(key, CKA_EXTRACTABLE)) {
+ crv = sftk_forceAttribute(key, CKA_NEVER_EXTRACTABLE, &cktrue, sizeof(CK_BBOOL));
+ }
+ if (crv == CKR_OK) {
+ *phKey = key->handle;
+ }
+ sftk_FreeObject(key);
+ return crv;
+}
+
+#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
+#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
+
+/*
+ * FIPS 140-2 pairwise consistency check utilized to validate key pair.
+ *
+ * This function returns
+ * CKR_OK if pairwise consistency check passed
+ * CKR_GENERAL_ERROR if pairwise consistency check failed
+ * other error codes if paiswise consistency check could not be
+ * performed, for example, CKR_HOST_MEMORY.
+ */
+static CK_RV
+sftk_PairwiseConsistencyCheck(CK_SESSION_HANDLE hSession,
+ SFTKObject *publicKey, SFTKObject *privateKey, CK_KEY_TYPE keyType)
+{
+ /*
+ * Key type Mechanism type
+ * --------------------------------
+ * For encrypt/decrypt: CKK_RSA => CKM_RSA_PKCS
+ * others => CKM_INVALID_MECHANISM
+ *
+ * For sign/verify: CKK_RSA => CKM_RSA_PKCS
+ * CKK_DSA => CKM_DSA
+ * CKK_EC => CKM_ECDSA
+ * others => CKM_INVALID_MECHANISM
+ *
+ * None of these mechanisms has a parameter.
+ */
+ CK_MECHANISM mech = { 0, NULL, 0 };
+
+ CK_ULONG modulusLen = 0;
+ CK_ULONG subPrimeLen = 0;
+ PRBool isEncryptable = PR_FALSE;
+ PRBool canSignVerify = PR_FALSE;
+ PRBool isDerivable = PR_FALSE;
+ CK_RV crv;
+
+ /* Variables used for Encrypt/Decrypt functions. */
+ unsigned char *known_message = (unsigned char *)"Known Crypto Message";
+ unsigned char plaintext[PAIRWISE_MESSAGE_LENGTH];
+ CK_ULONG bytes_decrypted;
+ unsigned char *ciphertext;
+ unsigned char *text_compared;
+ CK_ULONG bytes_encrypted;
+ CK_ULONG bytes_compared;
+ CK_ULONG pairwise_digest_length = PAIRWISE_DIGEST_LENGTH;
+
+ /* Variables used for Signature/Verification functions. */
+ /* Must be at least 256 bits for DSA2 digest */
+ unsigned char *known_digest = (unsigned char *)"Mozilla Rules the World through NSS!";
+ unsigned char *signature;
+ CK_ULONG signature_length;
+
+ if (keyType == CKK_RSA) {
+ SFTKAttribute *attribute;
+
+ /* Get modulus length of private key. */
+ attribute = sftk_FindAttribute(privateKey, CKA_MODULUS);
+ if (attribute == NULL) {
+ return CKR_DEVICE_ERROR;
+ }
+ modulusLen = attribute->attrib.ulValueLen;
+ if (*(unsigned char *)attribute->attrib.pValue == 0) {
+ modulusLen--;
+ }
+ sftk_FreeAttribute(attribute);
+ } else if (keyType == CKK_DSA) {
+ SFTKAttribute *attribute;
+
+ /* Get subprime length of private key. */
+ attribute = sftk_FindAttribute(privateKey, CKA_SUBPRIME);
+ if (attribute == NULL) {
+ return CKR_DEVICE_ERROR;
+ }
+ subPrimeLen = attribute->attrib.ulValueLen;
+ if (subPrimeLen > 1 && *(unsigned char *)attribute->attrib.pValue == 0) {
+ subPrimeLen--;
+ }
+ sftk_FreeAttribute(attribute);
+ }
+
+ /**************************************************/
+ /* Pairwise Consistency Check of Encrypt/Decrypt. */
+ /**************************************************/
+
+ isEncryptable = sftk_isTrue(privateKey, CKA_DECRYPT);
+
+ /*
+ * If the decryption attribute is set, attempt to encrypt
+ * with the public key and decrypt with the private key.
+ */
+ if (isEncryptable) {
+ if (keyType != CKK_RSA) {
+ return CKR_DEVICE_ERROR;
+ }
+ bytes_encrypted = modulusLen;
+ mech.mechanism = CKM_RSA_PKCS;
+
+ /* Allocate space for ciphertext. */
+ ciphertext = (unsigned char *)PORT_ZAlloc(bytes_encrypted);
+ if (ciphertext == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* Prepare for encryption using the public key. */
+ crv = NSC_EncryptInit(hSession, &mech, publicKey->handle);
+ if (crv != CKR_OK) {
+ PORT_Free(ciphertext);
+ return crv;
+ }
+
+ /* Encrypt using the public key. */
+ crv = NSC_Encrypt(hSession,
+ known_message,
+ PAIRWISE_MESSAGE_LENGTH,
+ ciphertext,
+ &bytes_encrypted);
+ if (crv != CKR_OK) {
+ PORT_Free(ciphertext);
+ return crv;
+ }
+
+ /* Always use the smaller of these two values . . . */
+ bytes_compared = PR_MIN(bytes_encrypted, PAIRWISE_MESSAGE_LENGTH);
+
+ /*
+ * If there was a failure, the plaintext
+ * goes at the end, therefore . . .
+ */
+ text_compared = ciphertext + bytes_encrypted - bytes_compared;
+
+ /*
+ * Check to ensure that ciphertext does
+ * NOT EQUAL known input message text
+ * per FIPS PUB 140-2 directive.
+ */
+ if (PORT_Memcmp(text_compared, known_message,
+ bytes_compared) == 0) {
+ /* Set error to Invalid PRIVATE Key. */
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ PORT_Free(ciphertext);
+ return CKR_GENERAL_ERROR;
+ }
+
+ /* Prepare for decryption using the private key. */
+ crv = NSC_DecryptInit(hSession, &mech, privateKey->handle);
+ if (crv != CKR_OK) {
+ PORT_Free(ciphertext);
+ return crv;
+ }
+
+ memset(plaintext, 0, PAIRWISE_MESSAGE_LENGTH);
+
+ /*
+ * Initialize bytes decrypted to be the
+ * expected PAIRWISE_MESSAGE_LENGTH.
+ */
+ bytes_decrypted = PAIRWISE_MESSAGE_LENGTH;
+
+ /*
+ * Decrypt using the private key.
+ * NOTE: No need to reset the
+ * value of bytes_encrypted.
+ */
+ crv = NSC_Decrypt(hSession,
+ ciphertext,
+ bytes_encrypted,
+ plaintext,
+ &bytes_decrypted);
+
+ /* Finished with ciphertext; free it. */
+ PORT_Free(ciphertext);
+
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /*
+ * Check to ensure that the output plaintext
+ * does EQUAL known input message text.
+ */
+ if ((bytes_decrypted != PAIRWISE_MESSAGE_LENGTH) ||
+ (PORT_Memcmp(plaintext, known_message,
+ PAIRWISE_MESSAGE_LENGTH) != 0)) {
+ /* Set error to Bad PUBLIC Key. */
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return CKR_GENERAL_ERROR;
+ }
+ }
+
+ /**********************************************/
+ /* Pairwise Consistency Check of Sign/Verify. */
+ /**********************************************/
+
+ canSignVerify = sftk_isTrue(privateKey, CKA_SIGN);
+ /* Unfortunately CKA_SIGN is always true in lg dbs. We have to check the
+ * actual curve to determine if we can do sign/verify. */
+ if (canSignVerify && keyType == CKK_EC) {
+ NSSLOWKEYPrivateKey *privKey = sftk_GetPrivKey(privateKey, CKK_EC, &crv);
+ if (privKey && privKey->u.ec.ecParams.name == ECCurve25519) {
+ canSignVerify = PR_FALSE;
+ }
+ }
+
+ if (canSignVerify) {
+ /* Determine length of signature. */
+ switch (keyType) {
+ case CKK_RSA:
+ signature_length = modulusLen;
+ mech.mechanism = CKM_RSA_PKCS;
+ break;
+ case CKK_DSA:
+ signature_length = DSA_MAX_SIGNATURE_LEN;
+ pairwise_digest_length = subPrimeLen;
+ mech.mechanism = CKM_DSA;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ signature_length = MAX_ECKEY_LEN * 2;
+ mech.mechanism = CKM_ECDSA;
+ break;
+#endif
+ default:
+ return CKR_DEVICE_ERROR;
+ }
+
+ /* Allocate space for signature data. */
+ signature = (unsigned char *)PORT_ZAlloc(signature_length);
+ if (signature == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* Sign the known hash using the private key. */
+ crv = NSC_SignInit(hSession, &mech, privateKey->handle);
+ if (crv != CKR_OK) {
+ PORT_Free(signature);
+ return crv;
+ }
+
+ crv = NSC_Sign(hSession,
+ known_digest,
+ pairwise_digest_length,
+ signature,
+ &signature_length);
+ if (crv != CKR_OK) {
+ PORT_Free(signature);
+ return crv;
+ }
+
+ /* Verify the known hash using the public key. */
+ crv = NSC_VerifyInit(hSession, &mech, publicKey->handle);
+ if (crv != CKR_OK) {
+ PORT_Free(signature);
+ return crv;
+ }
+
+ crv = NSC_Verify(hSession,
+ known_digest,
+ pairwise_digest_length,
+ signature,
+ signature_length);
+
+ /* Free signature data. */
+ PORT_Free(signature);
+
+ if ((crv == CKR_SIGNATURE_LEN_RANGE) ||
+ (crv == CKR_SIGNATURE_INVALID)) {
+ return CKR_GENERAL_ERROR;
+ }
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ }
+
+ /**********************************************/
+ /* Pairwise Consistency Check for Derivation */
+ /**********************************************/
+
+ isDerivable = sftk_isTrue(privateKey, CKA_DERIVE);
+
+ if (isDerivable) {
+ /*
+ * We are not doing consistency check for Diffie-Hellman Key -
+ * otherwise it would be here
+ * This is also true for Elliptic Curve Diffie-Hellman keys
+ * NOTE: EC keys are currently subjected to pairwise
+ * consistency check for signing/verification.
+ */
+ /*
+ * FIPS 140-2 had the following pairwise consistency test for
+ * public and private keys used for key agreement:
+ * If the keys are used to perform key agreement, then the
+ * cryptographic module shall create a second, compatible
+ * key pair. The cryptographic module shall perform both
+ * sides of the key agreement algorithm and shall compare
+ * the resulting shared values. If the shared values are
+ * not equal, the test shall fail.
+ * This test was removed in Change Notice 3.
+ */
+ }
+
+ return CKR_OK;
+}
+
+/* NSC_GenerateKeyPair generates a public-key/private-key pair,
+ * creating new key objects. */
+CK_RV
+NSC_GenerateKeyPair(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey)
+{
+ SFTKObject *publicKey, *privateKey;
+ SFTKSession *session;
+ CK_KEY_TYPE key_type;
+ CK_RV crv = CKR_OK;
+ CK_BBOOL cktrue = CK_TRUE;
+ SECStatus rv;
+ CK_OBJECT_CLASS pubClass = CKO_PUBLIC_KEY;
+ CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
+ int i;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ unsigned int bitSize;
+
+ /* RSA */
+ int public_modulus_bits = 0;
+ SECItem pubExp;
+ RSAPrivateKey *rsaPriv;
+
+ /* DSA */
+ PQGParams pqgParam;
+ DHParams dhParam;
+ DSAPrivateKey *dsaPriv;
+
+ /* Diffie Hellman */
+ DHPrivateKey *dhPriv;
+
+#ifndef NSS_DISABLE_ECC
+ /* Elliptic Curve Cryptography */
+ SECItem ecEncodedParams; /* DER Encoded parameters */
+ ECPrivateKey *ecPriv;
+ ECParams *ecParams;
+#endif /* NSS_DISABLE_ECC */
+
+ CHECK_FORK();
+
+ if (!slot) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ publicKey = sftk_NewObject(slot); /* fill in the handle later */
+ if (publicKey == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * load the template values into the publicKey
+ */
+ for (i = 0; i < (int)ulPublicKeyAttributeCount; i++) {
+ if (pPublicKeyTemplate[i].type == CKA_MODULUS_BITS) {
+ public_modulus_bits = *(CK_ULONG *)pPublicKeyTemplate[i].pValue;
+ continue;
+ }
+
+ crv = sftk_AddAttributeType(publicKey,
+ sftk_attr_expand(&pPublicKeyTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeObject(publicKey);
+ return CKR_HOST_MEMORY;
+ }
+
+ privateKey = sftk_NewObject(slot); /* fill in the handle later */
+ if (privateKey == NULL) {
+ sftk_FreeObject(publicKey);
+ return CKR_HOST_MEMORY;
+ }
+ /*
+ * now load the private key template
+ */
+ for (i = 0; i < (int)ulPrivateKeyAttributeCount; i++) {
+ if (pPrivateKeyTemplate[i].type == CKA_VALUE_BITS) {
+ continue;
+ }
+
+ crv = sftk_AddAttributeType(privateKey,
+ sftk_attr_expand(&pPrivateKeyTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeObject(publicKey);
+ sftk_FreeObject(privateKey);
+ return CKR_HOST_MEMORY;
+ }
+ sftk_DeleteAttributeType(privateKey, CKA_CLASS);
+ sftk_DeleteAttributeType(privateKey, CKA_KEY_TYPE);
+ sftk_DeleteAttributeType(privateKey, CKA_VALUE);
+ sftk_DeleteAttributeType(publicKey, CKA_CLASS);
+ sftk_DeleteAttributeType(publicKey, CKA_KEY_TYPE);
+ sftk_DeleteAttributeType(publicKey, CKA_VALUE);
+
+ /* Now Set up the parameters to generate the key (based on mechanism) */
+ switch (pMechanism->mechanism) {
+ case CKM_RSA_PKCS_KEY_PAIR_GEN:
+ /* format the keys */
+ sftk_DeleteAttributeType(publicKey, CKA_MODULUS);
+ sftk_DeleteAttributeType(privateKey, CKA_NETSCAPE_DB);
+ sftk_DeleteAttributeType(privateKey, CKA_MODULUS);
+ sftk_DeleteAttributeType(privateKey, CKA_PRIVATE_EXPONENT);
+ sftk_DeleteAttributeType(privateKey, CKA_PUBLIC_EXPONENT);
+ sftk_DeleteAttributeType(privateKey, CKA_PRIME_1);
+ sftk_DeleteAttributeType(privateKey, CKA_PRIME_2);
+ sftk_DeleteAttributeType(privateKey, CKA_EXPONENT_1);
+ sftk_DeleteAttributeType(privateKey, CKA_EXPONENT_2);
+ sftk_DeleteAttributeType(privateKey, CKA_COEFFICIENT);
+ key_type = CKK_RSA;
+ if (public_modulus_bits == 0) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ }
+ if (public_modulus_bits < RSA_MIN_MODULUS_BITS) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+ if (public_modulus_bits % 2 != 0) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+
+ /* extract the exponent */
+ crv = sftk_Attribute2SSecItem(NULL, &pubExp, publicKey, CKA_PUBLIC_EXPONENT);
+ if (crv != CKR_OK)
+ break;
+ bitSize = sftk_GetLengthInBits(pubExp.data, pubExp.len);
+ if (bitSize < 2) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+ crv = sftk_AddAttributeType(privateKey, CKA_PUBLIC_EXPONENT,
+ sftk_item_expand(&pubExp));
+ if (crv != CKR_OK) {
+ PORT_Free(pubExp.data);
+ break;
+ }
+
+ rsaPriv = RSA_NewKey(public_modulus_bits, &pubExp);
+ PORT_Free(pubExp.data);
+ if (rsaPriv == NULL) {
+ if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+ /* now fill in the RSA dependent paramenters in the public key */
+ crv = sftk_AddAttributeType(publicKey, CKA_MODULUS,
+ sftk_item_expand(&rsaPriv->modulus));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ /* now fill in the RSA dependent paramenters in the private key */
+ crv = sftk_AddAttributeType(privateKey, CKA_NETSCAPE_DB,
+ sftk_item_expand(&rsaPriv->modulus));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_MODULUS,
+ sftk_item_expand(&rsaPriv->modulus));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_PRIVATE_EXPONENT,
+ sftk_item_expand(&rsaPriv->privateExponent));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_PRIME_1,
+ sftk_item_expand(&rsaPriv->prime1));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_PRIME_2,
+ sftk_item_expand(&rsaPriv->prime2));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_EXPONENT_1,
+ sftk_item_expand(&rsaPriv->exponent1));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_EXPONENT_2,
+ sftk_item_expand(&rsaPriv->exponent2));
+ if (crv != CKR_OK)
+ goto kpg_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_COEFFICIENT,
+ sftk_item_expand(&rsaPriv->coefficient));
+ kpg_done:
+ /* Should zeroize the contents first, since this func doesn't. */
+ PORT_FreeArena(rsaPriv->arena, PR_TRUE);
+ break;
+ case CKM_DSA_KEY_PAIR_GEN:
+ sftk_DeleteAttributeType(publicKey, CKA_VALUE);
+ sftk_DeleteAttributeType(privateKey, CKA_NETSCAPE_DB);
+ sftk_DeleteAttributeType(privateKey, CKA_PRIME);
+ sftk_DeleteAttributeType(privateKey, CKA_SUBPRIME);
+ sftk_DeleteAttributeType(privateKey, CKA_BASE);
+ key_type = CKK_DSA;
+
+ /* extract the necessary parameters and copy them to the private key */
+ crv = sftk_Attribute2SSecItem(NULL, &pqgParam.prime, publicKey, CKA_PRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(NULL, &pqgParam.subPrime, publicKey,
+ CKA_SUBPRIME);
+ if (crv != CKR_OK) {
+ PORT_Free(pqgParam.prime.data);
+ break;
+ }
+ crv = sftk_Attribute2SSecItem(NULL, &pqgParam.base, publicKey, CKA_BASE);
+ if (crv != CKR_OK) {
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ break;
+ }
+ crv = sftk_AddAttributeType(privateKey, CKA_PRIME,
+ sftk_item_expand(&pqgParam.prime));
+ if (crv != CKR_OK) {
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+ break;
+ }
+ crv = sftk_AddAttributeType(privateKey, CKA_SUBPRIME,
+ sftk_item_expand(&pqgParam.subPrime));
+ if (crv != CKR_OK) {
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+ break;
+ }
+ crv = sftk_AddAttributeType(privateKey, CKA_BASE,
+ sftk_item_expand(&pqgParam.base));
+ if (crv != CKR_OK) {
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+ break;
+ }
+
+ /*
+ * these are checked by DSA_NewKey
+ */
+ bitSize = sftk_GetLengthInBits(pqgParam.subPrime.data,
+ pqgParam.subPrime.len);
+ if ((bitSize < DSA_MIN_Q_BITS) || (bitSize > DSA_MAX_Q_BITS)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+ break;
+ }
+ bitSize = sftk_GetLengthInBits(pqgParam.prime.data, pqgParam.prime.len);
+ if ((bitSize < DSA_MIN_P_BITS) || (bitSize > DSA_MAX_P_BITS)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+ break;
+ }
+ bitSize = sftk_GetLengthInBits(pqgParam.base.data, pqgParam.base.len);
+ if ((bitSize < 2) || (bitSize > DSA_MAX_P_BITS)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+ break;
+ }
+
+ /* Generate the key */
+ rv = DSA_NewKey(&pqgParam, &dsaPriv);
+
+ PORT_Free(pqgParam.prime.data);
+ PORT_Free(pqgParam.subPrime.data);
+ PORT_Free(pqgParam.base.data);
+
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+
+ /* store the generated key into the attributes */
+ crv = sftk_AddAttributeType(publicKey, CKA_VALUE,
+ sftk_item_expand(&dsaPriv->publicValue));
+ if (crv != CKR_OK)
+ goto dsagn_done;
+
+ /* now fill in the RSA dependent paramenters in the private key */
+ crv = sftk_AddAttributeType(privateKey, CKA_NETSCAPE_DB,
+ sftk_item_expand(&dsaPriv->publicValue));
+ if (crv != CKR_OK)
+ goto dsagn_done;
+ crv = sftk_AddAttributeType(privateKey, CKA_VALUE,
+ sftk_item_expand(&dsaPriv->privateValue));
+
+ dsagn_done:
+ /* should zeroize, since this function doesn't. */
+ PORT_FreeArena(dsaPriv->params.arena, PR_TRUE);
+ break;
+
+ case CKM_DH_PKCS_KEY_PAIR_GEN:
+ sftk_DeleteAttributeType(privateKey, CKA_PRIME);
+ sftk_DeleteAttributeType(privateKey, CKA_BASE);
+ sftk_DeleteAttributeType(privateKey, CKA_VALUE);
+ sftk_DeleteAttributeType(privateKey, CKA_NETSCAPE_DB);
+ key_type = CKK_DH;
+
+ /* extract the necessary parameters and copy them to private keys */
+ crv = sftk_Attribute2SSecItem(NULL, &dhParam.prime, publicKey,
+ CKA_PRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(NULL, &dhParam.base, publicKey, CKA_BASE);
+ if (crv != CKR_OK) {
+ PORT_Free(dhParam.prime.data);
+ break;
+ }
+ crv = sftk_AddAttributeType(privateKey, CKA_PRIME,
+ sftk_item_expand(&dhParam.prime));
+ if (crv != CKR_OK) {
+ PORT_Free(dhParam.prime.data);
+ PORT_Free(dhParam.base.data);
+ break;
+ }
+ crv = sftk_AddAttributeType(privateKey, CKA_BASE,
+ sftk_item_expand(&dhParam.base));
+ if (crv != CKR_OK) {
+ PORT_Free(dhParam.prime.data);
+ PORT_Free(dhParam.base.data);
+ break;
+ }
+ bitSize = sftk_GetLengthInBits(dhParam.prime.data, dhParam.prime.len);
+ if ((bitSize < DH_MIN_P_BITS) || (bitSize > DH_MAX_P_BITS)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ PORT_Free(dhParam.prime.data);
+ PORT_Free(dhParam.base.data);
+ break;
+ }
+ bitSize = sftk_GetLengthInBits(dhParam.base.data, dhParam.base.len);
+ if ((bitSize < 1) || (bitSize > DH_MAX_P_BITS)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ PORT_Free(dhParam.prime.data);
+ PORT_Free(dhParam.base.data);
+ break;
+ }
+
+ rv = DH_NewKey(&dhParam, &dhPriv);
+ PORT_Free(dhParam.prime.data);
+ PORT_Free(dhParam.base.data);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+
+ crv = sftk_AddAttributeType(publicKey, CKA_VALUE,
+ sftk_item_expand(&dhPriv->publicValue));
+ if (crv != CKR_OK)
+ goto dhgn_done;
+
+ crv = sftk_AddAttributeType(privateKey, CKA_NETSCAPE_DB,
+ sftk_item_expand(&dhPriv->publicValue));
+ if (crv != CKR_OK)
+ goto dhgn_done;
+
+ crv = sftk_AddAttributeType(privateKey, CKA_VALUE,
+ sftk_item_expand(&dhPriv->privateValue));
+
+ dhgn_done:
+ /* should zeroize, since this function doesn't. */
+ PORT_FreeArena(dhPriv->arena, PR_TRUE);
+ break;
+
+#ifndef NSS_DISABLE_ECC
+ case CKM_EC_KEY_PAIR_GEN:
+ sftk_DeleteAttributeType(privateKey, CKA_EC_PARAMS);
+ sftk_DeleteAttributeType(privateKey, CKA_VALUE);
+ sftk_DeleteAttributeType(privateKey, CKA_NETSCAPE_DB);
+ key_type = CKK_EC;
+
+ /* extract the necessary parameters and copy them to private keys */
+ crv = sftk_Attribute2SSecItem(NULL, &ecEncodedParams, publicKey,
+ CKA_EC_PARAMS);
+ if (crv != CKR_OK)
+ break;
+
+ crv = sftk_AddAttributeType(privateKey, CKA_EC_PARAMS,
+ sftk_item_expand(&ecEncodedParams));
+ if (crv != CKR_OK) {
+ PORT_Free(ecEncodedParams.data);
+ break;
+ }
+
+ /* Decode ec params before calling EC_NewKey */
+ rv = EC_DecodeParams(&ecEncodedParams, &ecParams);
+ PORT_Free(ecEncodedParams.data);
+ if (rv != SECSuccess) {
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+ rv = EC_NewKey(ecParams, &ecPriv);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
+ sftk_fatalError = PR_TRUE;
+ }
+ PORT_FreeArena(ecParams->arena, PR_TRUE);
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+
+ if (PR_GetEnvSecure("NSS_USE_DECODED_CKA_EC_POINT") ||
+ ecParams->fieldID.type == ec_field_plain) {
+ PORT_FreeArena(ecParams->arena, PR_TRUE);
+ crv = sftk_AddAttributeType(publicKey, CKA_EC_POINT,
+ sftk_item_expand(&ecPriv->publicValue));
+ } else {
+ PORT_FreeArena(ecParams->arena, PR_TRUE);
+ SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL,
+ &ecPriv->publicValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (!pubValue) {
+ crv = CKR_ARGUMENTS_BAD;
+ goto ecgn_done;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_EC_POINT,
+ sftk_item_expand(pubValue));
+ SECITEM_FreeItem(pubValue, PR_TRUE);
+ }
+ if (crv != CKR_OK)
+ goto ecgn_done;
+
+ crv = sftk_AddAttributeType(privateKey, CKA_VALUE,
+ sftk_item_expand(&ecPriv->privateValue));
+ if (crv != CKR_OK)
+ goto ecgn_done;
+
+ crv = sftk_AddAttributeType(privateKey, CKA_NETSCAPE_DB,
+ sftk_item_expand(&ecPriv->publicValue));
+ ecgn_done:
+ /* should zeroize, since this function doesn't. */
+ PORT_FreeArena(ecPriv->ecParams.arena, PR_TRUE);
+ break;
+#endif /* NSS_DISABLE_ECC */
+
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ }
+
+ if (crv != CKR_OK) {
+ sftk_FreeObject(privateKey);
+ sftk_FreeObject(publicKey);
+ return crv;
+ }
+
+ /* Add the class, key_type The loop lets us check errors blow out
+ * on errors and clean up at the bottom */
+ session = NULL; /* make pedtantic happy... session cannot leave the*/
+ /* loop below NULL unless an error is set... */
+ do {
+ crv = sftk_AddAttributeType(privateKey, CKA_CLASS, &privClass,
+ sizeof(CK_OBJECT_CLASS));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(publicKey, CKA_CLASS, &pubClass,
+ sizeof(CK_OBJECT_CLASS));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(privateKey, CKA_KEY_TYPE, &key_type,
+ sizeof(CK_KEY_TYPE));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(publicKey, CKA_KEY_TYPE, &key_type,
+ sizeof(CK_KEY_TYPE));
+ if (crv != CKR_OK)
+ break;
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ crv = CKR_SESSION_HANDLE_INVALID;
+ } while (0);
+
+ if (crv != CKR_OK) {
+ sftk_FreeObject(privateKey);
+ sftk_FreeObject(publicKey);
+ return crv;
+ }
+
+ /*
+ * handle the base object cleanup for the public Key
+ */
+ crv = sftk_handleObject(privateKey, session);
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(privateKey);
+ sftk_FreeObject(publicKey);
+ return crv;
+ }
+
+ /*
+ * handle the base object cleanup for the private Key
+ * If we have any problems, we destroy the public Key we've
+ * created and linked.
+ */
+ crv = sftk_handleObject(publicKey, session);
+ sftk_FreeSession(session);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(publicKey);
+ NSC_DestroyObject(hSession, privateKey->handle);
+ sftk_FreeObject(privateKey);
+ return crv;
+ }
+ if (sftk_isTrue(privateKey, CKA_SENSITIVE)) {
+ crv = sftk_forceAttribute(privateKey, CKA_ALWAYS_SENSITIVE,
+ &cktrue, sizeof(CK_BBOOL));
+ }
+ if (crv == CKR_OK && sftk_isTrue(publicKey, CKA_SENSITIVE)) {
+ crv = sftk_forceAttribute(publicKey, CKA_ALWAYS_SENSITIVE,
+ &cktrue, sizeof(CK_BBOOL));
+ }
+ if (crv == CKR_OK && !sftk_isTrue(privateKey, CKA_EXTRACTABLE)) {
+ crv = sftk_forceAttribute(privateKey, CKA_NEVER_EXTRACTABLE,
+ &cktrue, sizeof(CK_BBOOL));
+ }
+ if (crv == CKR_OK && !sftk_isTrue(publicKey, CKA_EXTRACTABLE)) {
+ crv = sftk_forceAttribute(publicKey, CKA_NEVER_EXTRACTABLE,
+ &cktrue, sizeof(CK_BBOOL));
+ }
+
+ if (crv == CKR_OK) {
+ /* Perform FIPS 140-2 pairwise consistency check. */
+ crv = sftk_PairwiseConsistencyCheck(hSession,
+ publicKey, privateKey, key_type);
+ if (crv != CKR_OK) {
+ if (sftk_audit_enabled) {
+ char msg[128];
+ PR_snprintf(msg, sizeof msg,
+ "C_GenerateKeyPair(hSession=0x%08lX, "
+ "pMechanism->mechanism=0x%08lX)=0x%08lX "
+ "self-test: pair-wise consistency test failed",
+ (PRUint32)hSession, (PRUint32)pMechanism->mechanism,
+ (PRUint32)crv);
+ sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
+ }
+ }
+ }
+
+ if (crv != CKR_OK) {
+ NSC_DestroyObject(hSession, publicKey->handle);
+ sftk_FreeObject(publicKey);
+ NSC_DestroyObject(hSession, privateKey->handle);
+ sftk_FreeObject(privateKey);
+ return crv;
+ }
+
+ *phPrivateKey = privateKey->handle;
+ *phPublicKey = publicKey->handle;
+ sftk_FreeObject(publicKey);
+ sftk_FreeObject(privateKey);
+
+ return CKR_OK;
+}
+
+static SECItem *
+sftk_PackagePrivateKey(SFTKObject *key, CK_RV *crvp)
+{
+ NSSLOWKEYPrivateKey *lk = NULL;
+ NSSLOWKEYPrivateKeyInfo *pki = NULL;
+ SFTKAttribute *attribute = NULL;
+ PLArenaPool *arena = NULL;
+ SECOidTag algorithm = SEC_OID_UNKNOWN;
+ void *dummy, *param = NULL;
+ SECStatus rv = SECSuccess;
+ SECItem *encodedKey = NULL;
+#ifndef NSS_DISABLE_ECC
+#ifdef EC_DEBUG
+ SECItem *fordebug;
+#endif
+ int savelen;
+#endif
+
+ if (!key) {
+ *crvp = CKR_KEY_HANDLE_INVALID; /* really can't happen */
+ return NULL;
+ }
+
+ attribute = sftk_FindAttribute(key, CKA_KEY_TYPE);
+ if (!attribute) {
+ *crvp = CKR_KEY_TYPE_INCONSISTENT;
+ return NULL;
+ }
+
+ lk = sftk_GetPrivKey(key, *(CK_KEY_TYPE *)attribute->attrib.pValue, crvp);
+ sftk_FreeAttribute(attribute);
+ if (!lk) {
+ return NULL;
+ }
+
+ arena = PORT_NewArena(2048); /* XXX different size? */
+ if (!arena) {
+ *crvp = CKR_HOST_MEMORY;
+ rv = SECFailure;
+ goto loser;
+ }
+
+ pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPrivateKeyInfo));
+ if (!pki) {
+ *crvp = CKR_HOST_MEMORY;
+ rv = SECFailure;
+ goto loser;
+ }
+ pki->arena = arena;
+
+ param = NULL;
+ switch (lk->keyType) {
+ case NSSLOWKEYRSAKey:
+ prepare_low_rsa_priv_key_for_asn1(lk);
+ dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
+ nsslowkey_RSAPrivateKeyTemplate);
+ algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
+ break;
+ case NSSLOWKEYDSAKey:
+ prepare_low_dsa_priv_key_export_for_asn1(lk);
+ dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
+ nsslowkey_DSAPrivateKeyExportTemplate);
+ prepare_low_pqg_params_for_asn1(&lk->u.dsa.params);
+ param = SEC_ASN1EncodeItem(NULL, NULL, &(lk->u.dsa.params),
+ nsslowkey_PQGParamsTemplate);
+ algorithm = SEC_OID_ANSIX9_DSA_SIGNATURE;
+ break;
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ prepare_low_ec_priv_key_for_asn1(lk);
+ /* Public value is encoded as a bit string so adjust length
+ * to be in bits before ASN encoding and readjust
+ * immediately after.
+ *
+ * Since the SECG specification recommends not including the
+ * parameters as part of ECPrivateKey, we zero out the curveOID
+ * length before encoding and restore it later.
+ */
+ lk->u.ec.publicValue.len <<= 3;
+ savelen = lk->u.ec.ecParams.curveOID.len;
+ lk->u.ec.ecParams.curveOID.len = 0;
+ dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
+ nsslowkey_ECPrivateKeyTemplate);
+ lk->u.ec.ecParams.curveOID.len = savelen;
+ lk->u.ec.publicValue.len >>= 3;
+
+#ifdef EC_DEBUG
+ fordebug = &pki->privateKey;
+ SEC_PRINT("sftk_PackagePrivateKey()", "PrivateKey", lk->keyType,
+ fordebug);
+#endif
+
+ param = SECITEM_DupItem(&lk->u.ec.ecParams.DEREncoding);
+
+ algorithm = SEC_OID_ANSIX962_EC_PUBLIC_KEY;
+ break;
+#endif /* NSS_DISABLE_ECC */
+ case NSSLOWKEYDHKey:
+ default:
+ dummy = NULL;
+ break;
+ }
+
+ if (!dummy || ((lk->keyType == NSSLOWKEYDSAKey) && !param)) {
+ *crvp = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ rv = SECFailure;
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm,
+ (SECItem *)param);
+ if (rv != SECSuccess) {
+ *crvp = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ rv = SECFailure;
+ goto loser;
+ }
+
+ dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
+ NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
+ if (!dummy) {
+ *crvp = CKR_DEVICE_ERROR; /* should map NSS SECError */
+ rv = SECFailure;
+ goto loser;
+ }
+
+ encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki,
+ nsslowkey_PrivateKeyInfoTemplate);
+ *crvp = encodedKey ? CKR_OK : CKR_DEVICE_ERROR;
+
+#ifdef EC_DEBUG
+ fordebug = encodedKey;
+ SEC_PRINT("sftk_PackagePrivateKey()", "PrivateKeyInfo", lk->keyType,
+ fordebug);
+#endif
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+
+ if (lk && (lk != key->objectInfo)) {
+ nsslowkey_DestroyPrivateKey(lk);
+ }
+
+ if (param) {
+ SECITEM_ZfreeItem((SECItem *)param, PR_TRUE);
+ }
+
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ return encodedKey;
+}
+
+/* it doesn't matter yet, since we colapse error conditions in the
+ * level above, but we really should map those few key error differences */
+static CK_RV
+sftk_mapWrap(CK_RV crv)
+{
+ switch (crv) {
+ case CKR_ENCRYPTED_DATA_INVALID:
+ crv = CKR_WRAPPED_KEY_INVALID;
+ break;
+ }
+ return crv;
+}
+
+/* NSC_WrapKey wraps (i.e., encrypts) a key. */
+CK_RV
+NSC_WrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
+ CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen)
+{
+ SFTKSession *session;
+ SFTKAttribute *attribute;
+ SFTKObject *key;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ key = sftk_ObjectFromHandle(hKey, session);
+ sftk_FreeSession(session);
+ if (key == NULL) {
+ return CKR_KEY_HANDLE_INVALID;
+ }
+
+ switch (key->objclass) {
+ case CKO_SECRET_KEY: {
+ SFTKSessionContext *context = NULL;
+ SECItem pText;
+
+ attribute = sftk_FindAttribute(key, CKA_VALUE);
+
+ if (attribute == NULL) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ crv = sftk_CryptInit(hSession, pMechanism, hWrappingKey,
+ CKA_WRAP, CKA_WRAP, SFTK_ENCRYPT, PR_TRUE);
+ if (crv != CKR_OK) {
+ sftk_FreeAttribute(attribute);
+ break;
+ }
+
+ pText.type = siBuffer;
+ pText.data = (unsigned char *)attribute->attrib.pValue;
+ pText.len = attribute->attrib.ulValueLen;
+
+ /* Find out if this is a block cipher. */
+ crv = sftk_GetContext(hSession, &context, SFTK_ENCRYPT, PR_FALSE, NULL);
+ if (crv != CKR_OK || !context)
+ break;
+ if (context->blockSize > 1) {
+ unsigned int remainder = pText.len % context->blockSize;
+ if (!context->doPad && remainder) {
+ /* When wrapping secret keys with unpadded block ciphers,
+ ** the keys are zero padded, if necessary, to fill out
+ ** a full block.
+ */
+ pText.len += context->blockSize - remainder;
+ pText.data = PORT_ZAlloc(pText.len);
+ if (pText.data)
+ memcpy(pText.data, attribute->attrib.pValue,
+ attribute->attrib.ulValueLen);
+ else {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ }
+ }
+
+ crv = NSC_Encrypt(hSession, (CK_BYTE_PTR)pText.data,
+ pText.len, pWrappedKey, pulWrappedKeyLen);
+ /* always force a finalize, both on errors and when
+ * we are just getting the size */
+ if (crv != CKR_OK || pWrappedKey == NULL) {
+ CK_RV lcrv;
+ lcrv = sftk_GetContext(hSession, &context,
+ SFTK_ENCRYPT, PR_FALSE, NULL);
+ sftk_SetContextByType(session, SFTK_ENCRYPT, NULL);
+ if (lcrv == CKR_OK && context) {
+ sftk_FreeContext(context);
+ }
+ }
+
+ if (pText.data != (unsigned char *)attribute->attrib.pValue)
+ PORT_ZFree(pText.data, pText.len);
+ sftk_FreeAttribute(attribute);
+ break;
+ }
+
+ case CKO_PRIVATE_KEY: {
+ SECItem *bpki = sftk_PackagePrivateKey(key, &crv);
+ SFTKSessionContext *context = NULL;
+
+ if (!bpki) {
+ break;
+ }
+
+ crv = sftk_CryptInit(hSession, pMechanism, hWrappingKey,
+ CKA_WRAP, CKA_WRAP, SFTK_ENCRYPT, PR_TRUE);
+ if (crv != CKR_OK) {
+ SECITEM_ZfreeItem(bpki, PR_TRUE);
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+
+ crv = NSC_Encrypt(hSession, bpki->data, bpki->len,
+ pWrappedKey, pulWrappedKeyLen);
+ /* always force a finalize */
+ if (crv != CKR_OK || pWrappedKey == NULL) {
+ CK_RV lcrv;
+ lcrv = sftk_GetContext(hSession, &context,
+ SFTK_ENCRYPT, PR_FALSE, NULL);
+ sftk_SetContextByType(session, SFTK_ENCRYPT, NULL);
+ if (lcrv == CKR_OK && context) {
+ sftk_FreeContext(context);
+ }
+ }
+ SECITEM_ZfreeItem(bpki, PR_TRUE);
+ break;
+ }
+
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ sftk_FreeObject(key);
+
+ return sftk_mapWrap(crv);
+}
+
+/*
+ * import a pprivate key info into the desired slot
+ */
+static SECStatus
+sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_KEY_TYPE keyType = CKK_RSA;
+ SECStatus rv = SECFailure;
+ const SEC_ASN1Template *keyTemplate, *paramTemplate;
+ void *paramDest = NULL;
+ PLArenaPool *arena;
+ NSSLOWKEYPrivateKey *lpk = NULL;
+ NSSLOWKEYPrivateKeyInfo *pki = NULL;
+ CK_RV crv = CKR_KEY_TYPE_INCONSISTENT;
+
+ arena = PORT_NewArena(2048);
+ if (!arena) {
+ return SECFailure;
+ }
+
+ pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPrivateKeyInfo));
+ if (!pki) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return SECFailure;
+ }
+
+ if (SEC_ASN1DecodeItem(arena, pki, nsslowkey_PrivateKeyInfoTemplate, bpki) != SECSuccess) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return SECFailure;
+ }
+
+ lpk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(arena,
+ sizeof(NSSLOWKEYPrivateKey));
+ if (lpk == NULL) {
+ goto loser;
+ }
+ lpk->arena = arena;
+
+ switch (SECOID_GetAlgorithmTag(&pki->algorithm)) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ keyTemplate = nsslowkey_RSAPrivateKeyTemplate;
+ paramTemplate = NULL;
+ paramDest = NULL;
+ lpk->keyType = NSSLOWKEYRSAKey;
+ prepare_low_rsa_priv_key_for_asn1(lpk);
+ break;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ keyTemplate = nsslowkey_DSAPrivateKeyExportTemplate;
+ paramTemplate = nsslowkey_PQGParamsTemplate;
+ paramDest = &(lpk->u.dsa.params);
+ lpk->keyType = NSSLOWKEYDSAKey;
+ prepare_low_dsa_priv_key_export_for_asn1(lpk);
+ prepare_low_pqg_params_for_asn1(&lpk->u.dsa.params);
+ break;
+/* case NSSLOWKEYDHKey: */
+#ifndef NSS_DISABLE_ECC
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ keyTemplate = nsslowkey_ECPrivateKeyTemplate;
+ paramTemplate = NULL;
+ paramDest = &(lpk->u.ec.ecParams.DEREncoding);
+ lpk->keyType = NSSLOWKEYECKey;
+ prepare_low_ec_priv_key_for_asn1(lpk);
+ prepare_low_ecparams_for_asn1(&lpk->u.ec.ecParams);
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ keyTemplate = NULL;
+ paramTemplate = NULL;
+ paramDest = NULL;
+ break;
+ }
+
+ if (!keyTemplate) {
+ goto loser;
+ }
+
+ /* decode the private key and any algorithm parameters */
+ rv = SEC_QuickDERDecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
+
+#ifndef NSS_DISABLE_ECC
+ if (lpk->keyType == NSSLOWKEYECKey) {
+ /* convert length in bits to length in bytes */
+ lpk->u.ec.publicValue.len >>= 3;
+ rv = SECITEM_CopyItem(arena,
+ &(lpk->u.ec.ecParams.DEREncoding),
+ &(pki->algorithm.parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+#endif /* NSS_DISABLE_ECC */
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (paramDest && paramTemplate) {
+ rv = SEC_QuickDERDecodeItem(arena, paramDest, paramTemplate,
+ &(pki->algorithm.parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ rv = SECFailure;
+
+ switch (lpk->keyType) {
+ case NSSLOWKEYRSAKey:
+ keyType = CKK_RSA;
+ if (sftk_hasAttribute(key, CKA_NETSCAPE_DB)) {
+ sftk_DeleteAttributeType(key, CKA_NETSCAPE_DB);
+ }
+ crv = sftk_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
+ sizeof(keyType));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_UNWRAP, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_DECRYPT, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SIGN, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_MODULUS,
+ sftk_item_expand(&lpk->u.rsa.modulus));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_PUBLIC_EXPONENT,
+ sftk_item_expand(&lpk->u.rsa.publicExponent));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_PRIVATE_EXPONENT,
+ sftk_item_expand(&lpk->u.rsa.privateExponent));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_PRIME_1,
+ sftk_item_expand(&lpk->u.rsa.prime1));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_PRIME_2,
+ sftk_item_expand(&lpk->u.rsa.prime2));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_EXPONENT_1,
+ sftk_item_expand(&lpk->u.rsa.exponent1));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_EXPONENT_2,
+ sftk_item_expand(&lpk->u.rsa.exponent2));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_COEFFICIENT,
+ sftk_item_expand(&lpk->u.rsa.coefficient));
+ break;
+ case NSSLOWKEYDSAKey:
+ keyType = CKK_DSA;
+ crv = (sftk_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK : CKR_KEY_TYPE_INCONSISTENT;
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
+ sizeof(keyType));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SIGN, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_PRIME,
+ sftk_item_expand(&lpk->u.dsa.params.prime));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SUBPRIME,
+ sftk_item_expand(&lpk->u.dsa.params.subPrime));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_BASE,
+ sftk_item_expand(&lpk->u.dsa.params.base));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_VALUE,
+ sftk_item_expand(&lpk->u.dsa.privateValue));
+ if (crv != CKR_OK)
+ break;
+ break;
+#ifdef notdef
+ case NSSLOWKEYDHKey:
+ template = dhTemplate;
+ templateCount = sizeof(dhTemplate) / sizeof(CK_ATTRIBUTE);
+ keyType = CKK_DH;
+ break;
+#endif
+/* what about fortezza??? */
+#ifndef NSS_DISABLE_ECC
+ case NSSLOWKEYECKey:
+ keyType = CKK_EC;
+ crv = (sftk_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK : CKR_KEY_TYPE_INCONSISTENT;
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
+ sizeof(keyType));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SIGN, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_DERIVE, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_EC_PARAMS,
+ sftk_item_expand(&lpk->u.ec.ecParams.DEREncoding));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_AddAttributeType(key, CKA_VALUE,
+ sftk_item_expand(&lpk->u.ec.privateValue));
+ if (crv != CKR_OK)
+ break;
+ /* XXX Do we need to decode the EC Params here ?? */
+ break;
+#endif /* NSS_DISABLE_ECC */
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+
+loser:
+ if (lpk) {
+ nsslowkey_DestroyPrivateKey(lpk);
+ }
+
+ if (crv != CKR_OK) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/* NSC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
+CK_RV
+NSC_UnwrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ SFTKObject *key = NULL;
+ SFTKSession *session;
+ CK_ULONG key_length = 0;
+ unsigned char *buf = NULL;
+ CK_RV crv = CKR_OK;
+ int i;
+ CK_ULONG bsize = ulWrappedKeyLen;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SECItem bpki;
+ CK_OBJECT_CLASS target_type = CKO_SECRET_KEY;
+
+ CHECK_FORK();
+
+ if (!slot) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ key = sftk_NewObject(slot); /* fill in the handle later */
+ if (key == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulAttributeCount; i++) {
+ if (pTemplate[i].type == CKA_VALUE_LEN) {
+ key_length = *(CK_ULONG *)pTemplate[i].pValue;
+ continue;
+ }
+ if (pTemplate[i].type == CKA_CLASS) {
+ target_type = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
+ }
+ crv = sftk_AddAttributeType(key, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+ }
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ crv = sftk_CryptInit(hSession, pMechanism, hUnwrappingKey, CKA_UNWRAP,
+ CKA_UNWRAP, SFTK_DECRYPT, PR_FALSE);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return sftk_mapWrap(crv);
+ }
+
+ /* allocate the buffer to decrypt into
+ * this assumes the unwrapped key is never larger than the
+ * wrapped key. For all the mechanisms we support this is true */
+ buf = (unsigned char *)PORT_Alloc(ulWrappedKeyLen);
+ bsize = ulWrappedKeyLen;
+
+ crv = NSC_Decrypt(hSession, pWrappedKey, ulWrappedKeyLen, buf, &bsize);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ PORT_Free(buf);
+ return sftk_mapWrap(crv);
+ }
+
+ switch (target_type) {
+ case CKO_SECRET_KEY:
+ if (!sftk_hasAttribute(key, CKA_KEY_TYPE)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ }
+
+ if (key_length == 0 || key_length > bsize) {
+ key_length = bsize;
+ }
+ if (key_length > MAX_KEY_LEN) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+
+ /* add the value */
+ crv = sftk_AddAttributeType(key, CKA_VALUE, buf, key_length);
+ break;
+ case CKO_PRIVATE_KEY:
+ bpki.data = (unsigned char *)buf;
+ bpki.len = bsize;
+ crv = CKR_OK;
+ if (sftk_unwrapPrivateKey(key, &bpki) != SECSuccess) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ }
+ break;
+ default:
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+
+ PORT_ZFree(buf, bsize);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ /* get the session */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ sftk_FreeObject(key);
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /*
+ * handle the base object stuff
+ */
+ crv = sftk_handleObject(key, session);
+ *phKey = key->handle;
+ sftk_FreeSession(session);
+ sftk_FreeObject(key);
+
+ return crv;
+}
+
+/*
+ * The SSL key gen mechanism create's lots of keys. This function handles the
+ * details of each of these key creation.
+ */
+static CK_RV
+sftk_buildSSLKey(CK_SESSION_HANDLE hSession, SFTKObject *baseKey,
+ PRBool isMacKey, unsigned char *keyBlock, unsigned int keySize,
+ CK_OBJECT_HANDLE *keyHandle)
+{
+ SFTKObject *key;
+ SFTKSession *session;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_RV crv = CKR_HOST_MEMORY;
+
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ *keyHandle = CK_INVALID_HANDLE;
+ key = sftk_NewObject(baseKey->slot);
+ if (key == NULL)
+ return CKR_HOST_MEMORY;
+ sftk_narrowToSessionObject(key)->wasDerived = PR_TRUE;
+
+ crv = sftk_CopyObject(key, baseKey);
+ if (crv != CKR_OK)
+ goto loser;
+ if (isMacKey) {
+ crv = sftk_forceAttribute(key, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_ENCRYPT, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_DECRYPT, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_SIGN, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_WRAP, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ crv = sftk_forceAttribute(key, CKA_UNWRAP, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ crv = sftk_forceAttribute(key, CKA_VALUE, keyBlock, keySize);
+ if (crv != CKR_OK)
+ goto loser;
+
+ /* get the session */
+ crv = CKR_HOST_MEMORY;
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ goto loser;
+ }
+
+ crv = sftk_handleObject(key, session);
+ sftk_FreeSession(session);
+ *keyHandle = key->handle;
+loser:
+ if (key)
+ sftk_FreeObject(key);
+ return crv;
+}
+
+/*
+ * if there is an error, we need to free the keys we already created in SSL
+ * This is the routine that will do it..
+ */
+static void
+sftk_freeSSLKeys(CK_SESSION_HANDLE session,
+ CK_SSL3_KEY_MAT_OUT *returnedMaterial)
+{
+ if (returnedMaterial->hClientMacSecret != CK_INVALID_HANDLE) {
+ NSC_DestroyObject(session, returnedMaterial->hClientMacSecret);
+ }
+ if (returnedMaterial->hServerMacSecret != CK_INVALID_HANDLE) {
+ NSC_DestroyObject(session, returnedMaterial->hServerMacSecret);
+ }
+ if (returnedMaterial->hClientKey != CK_INVALID_HANDLE) {
+ NSC_DestroyObject(session, returnedMaterial->hClientKey);
+ }
+ if (returnedMaterial->hServerKey != CK_INVALID_HANDLE) {
+ NSC_DestroyObject(session, returnedMaterial->hServerKey);
+ }
+}
+
+/*
+ * when deriving from sensitive and extractable keys, we need to preserve some
+ * of the semantics in the derived key. This helper routine maintains these
+ * semantics.
+ */
+static CK_RV
+sftk_DeriveSensitiveCheck(SFTKObject *baseKey, SFTKObject *destKey)
+{
+ PRBool hasSensitive;
+ PRBool sensitive = PR_FALSE;
+ PRBool hasExtractable;
+ PRBool extractable = PR_TRUE;
+ CK_RV crv = CKR_OK;
+ SFTKAttribute *att;
+
+ hasSensitive = PR_FALSE;
+ att = sftk_FindAttribute(destKey, CKA_SENSITIVE);
+ if (att) {
+ hasSensitive = PR_TRUE;
+ sensitive = (PRBool) * (CK_BBOOL *)att->attrib.pValue;
+ sftk_FreeAttribute(att);
+ }
+
+ hasExtractable = PR_FALSE;
+ att = sftk_FindAttribute(destKey, CKA_EXTRACTABLE);
+ if (att) {
+ hasExtractable = PR_TRUE;
+ extractable = (PRBool) * (CK_BBOOL *)att->attrib.pValue;
+ sftk_FreeAttribute(att);
+ }
+
+ /* don't make a key more accessible */
+ if (sftk_isTrue(baseKey, CKA_SENSITIVE) && hasSensitive &&
+ (sensitive == PR_FALSE)) {
+ return CKR_KEY_FUNCTION_NOT_PERMITTED;
+ }
+ if (!sftk_isTrue(baseKey, CKA_EXTRACTABLE) && hasExtractable &&
+ (extractable == PR_TRUE)) {
+ return CKR_KEY_FUNCTION_NOT_PERMITTED;
+ }
+
+ /* inherit parent's sensitivity */
+ if (!hasSensitive) {
+ att = sftk_FindAttribute(baseKey, CKA_SENSITIVE);
+ if (att == NULL)
+ return CKR_KEY_TYPE_INCONSISTENT;
+ crv = sftk_defaultAttribute(destKey, sftk_attr_expand(&att->attrib));
+ sftk_FreeAttribute(att);
+ if (crv != CKR_OK)
+ return crv;
+ }
+ if (!hasExtractable) {
+ att = sftk_FindAttribute(baseKey, CKA_EXTRACTABLE);
+ if (att == NULL)
+ return CKR_KEY_TYPE_INCONSISTENT;
+ crv = sftk_defaultAttribute(destKey, sftk_attr_expand(&att->attrib));
+ sftk_FreeAttribute(att);
+ if (crv != CKR_OK)
+ return crv;
+ }
+
+ /* we should inherit the parent's always extractable/ never sensitive info,
+ * but handleObject always forces this attributes, so we would need to do
+ * something special. */
+ return CKR_OK;
+}
+
+/*
+ * make known fixed PKCS #11 key types to their sizes in bytes
+ */
+unsigned long
+sftk_MapKeySize(CK_KEY_TYPE keyType)
+{
+ switch (keyType) {
+ case CKK_CDMF:
+ return 8;
+ case CKK_DES:
+ return 8;
+ case CKK_DES2:
+ return 16;
+ case CKK_DES3:
+ return 24;
+ /* IDEA and CAST need to be added */
+ default:
+ break;
+ }
+ return 0;
+}
+
+#ifndef NSS_DISABLE_ECC
+/* Inputs:
+ * key_len: Length of derived key to be generated.
+ * SharedSecret: a shared secret that is the output of a key agreement primitive.
+ * SharedInfo: (Optional) some data shared by the entities computing the secret key.
+ * SharedInfoLen: the length in octets of SharedInfo
+ * Hash: The hash function to be used in the KDF
+ * HashLen: the length in octets of the output of Hash
+ * Output:
+ * key: Pointer to a buffer containing derived key, if return value is SECSuccess.
+ */
+static CK_RV
+sftk_compute_ANSI_X9_63_kdf(CK_BYTE **key, CK_ULONG key_len, SECItem *SharedSecret,
+ CK_BYTE_PTR SharedInfo, CK_ULONG SharedInfoLen,
+ SECStatus Hash(unsigned char *, const unsigned char *, PRUint32),
+ CK_ULONG HashLen)
+{
+ unsigned char *buffer = NULL, *output_buffer = NULL;
+ PRUint32 buffer_len, max_counter, i;
+ SECStatus rv;
+ CK_RV crv;
+
+ /* Check that key_len isn't too long. The maximum key length could be
+ * greatly increased if the code below did not limit the 4-byte counter
+ * to a maximum value of 255. */
+ if (key_len > 254 * HashLen)
+ return CKR_ARGUMENTS_BAD;
+
+ if (SharedInfo == NULL)
+ SharedInfoLen = 0;
+
+ buffer_len = SharedSecret->len + 4 + SharedInfoLen;
+ buffer = (CK_BYTE *)PORT_Alloc(buffer_len);
+ if (buffer == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ max_counter = key_len / HashLen;
+ if (key_len > max_counter * HashLen)
+ max_counter++;
+
+ output_buffer = (CK_BYTE *)PORT_Alloc(max_counter * HashLen);
+ if (output_buffer == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ /* Populate buffer with SharedSecret || Counter || [SharedInfo]
+ * where Counter is 0x00000001 */
+ PORT_Memcpy(buffer, SharedSecret->data, SharedSecret->len);
+ buffer[SharedSecret->len] = 0;
+ buffer[SharedSecret->len + 1] = 0;
+ buffer[SharedSecret->len + 2] = 0;
+ buffer[SharedSecret->len + 3] = 1;
+ if (SharedInfo) {
+ PORT_Memcpy(&buffer[SharedSecret->len + 4], SharedInfo, SharedInfoLen);
+ }
+
+ for (i = 0; i < max_counter; i++) {
+ rv = Hash(&output_buffer[i * HashLen], buffer, buffer_len);
+ if (rv != SECSuccess) {
+ /* 'Hash' should not fail. */
+ crv = CKR_FUNCTION_FAILED;
+ goto loser;
+ }
+
+ /* Increment counter (assumes max_counter < 255) */
+ buffer[SharedSecret->len + 3]++;
+ }
+
+ PORT_ZFree(buffer, buffer_len);
+ if (key_len < max_counter * HashLen) {
+ PORT_Memset(output_buffer + key_len, 0, max_counter * HashLen - key_len);
+ }
+ *key = output_buffer;
+
+ return CKR_OK;
+
+loser:
+ if (buffer) {
+ PORT_ZFree(buffer, buffer_len);
+ }
+ if (output_buffer) {
+ PORT_ZFree(output_buffer, max_counter * HashLen);
+ }
+ return crv;
+}
+
+static CK_RV
+sftk_ANSI_X9_63_kdf(CK_BYTE **key, CK_ULONG key_len,
+ SECItem *SharedSecret,
+ CK_BYTE_PTR SharedInfo, CK_ULONG SharedInfoLen,
+ CK_EC_KDF_TYPE kdf)
+{
+ if (kdf == CKD_SHA1_KDF)
+ return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
+ SharedInfoLen, SHA1_HashBuf, SHA1_LENGTH);
+ else if (kdf == CKD_SHA224_KDF)
+ return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
+ SharedInfoLen, SHA224_HashBuf, SHA224_LENGTH);
+ else if (kdf == CKD_SHA256_KDF)
+ return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
+ SharedInfoLen, SHA256_HashBuf, SHA256_LENGTH);
+ else if (kdf == CKD_SHA384_KDF)
+ return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
+ SharedInfoLen, SHA384_HashBuf, SHA384_LENGTH);
+ else if (kdf == CKD_SHA512_KDF)
+ return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
+ SharedInfoLen, SHA512_HashBuf, SHA512_LENGTH);
+ else
+ return CKR_MECHANISM_INVALID;
+}
+#endif /* NSS_DISABLE_ECC */
+
+/*
+ * SSL Key generation given pre master secret
+ */
+#define NUM_MIXERS 9
+static const char *const mixers[NUM_MIXERS] = {
+ "A",
+ "BB",
+ "CCC",
+ "DDDD",
+ "EEEEE",
+ "FFFFFF",
+ "GGGGGGG",
+ "HHHHHHHH",
+ "IIIIIIIII"
+};
+#define SSL3_PMS_LENGTH 48
+#define SSL3_MASTER_SECRET_LENGTH 48
+#define SSL3_RANDOM_LENGTH 32
+
+/* NSC_DeriveKey derives a key from a base key, creating a new key object. */
+CK_RV
+NSC_DeriveKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ SFTKSession *session;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKObject *key;
+ SFTKObject *sourceKey;
+ SFTKAttribute *att = NULL;
+ SFTKAttribute *att2 = NULL;
+ unsigned char *buf;
+ SHA1Context *sha;
+ MD5Context *md5;
+ MD2Context *md2;
+ CK_ULONG macSize;
+ CK_ULONG tmpKeySize;
+ CK_ULONG IVSize;
+ CK_ULONG keySize = 0;
+ CK_RV crv = CKR_OK;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
+ CK_OBJECT_CLASS classType = CKO_SECRET_KEY;
+ CK_KEY_DERIVATION_STRING_DATA *stringPtr;
+ CK_MECHANISM_TYPE mechanism = pMechanism->mechanism;
+ PRBool isTLS = PR_FALSE;
+ PRBool isDH = PR_FALSE;
+ HASH_HashType tlsPrfHash = HASH_AlgNULL;
+ SECStatus rv;
+ int i;
+ unsigned int outLen;
+ unsigned char sha_out[SHA1_LENGTH];
+ unsigned char key_block[NUM_MIXERS * SFTK_MAX_MAC_LENGTH];
+ PRBool isFIPS;
+ HASH_HashType hashType;
+ PRBool extractValue = PR_TRUE;
+
+ CHECK_FORK();
+
+ if (!slot) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ if (phKey)
+ *phKey = CK_INVALID_HANDLE;
+
+ key = sftk_NewObject(slot); /* fill in the handle later */
+ if (key == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ isFIPS = (slot->slotID == FIPS_SLOT_ID);
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulAttributeCount; i++) {
+ crv = sftk_AddAttributeType(key, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+
+ if (pTemplate[i].type == CKA_KEY_TYPE) {
+ keyType = *(CK_KEY_TYPE *)pTemplate[i].pValue;
+ }
+ if (pTemplate[i].type == CKA_VALUE_LEN) {
+ keySize = *(CK_ULONG *)pTemplate[i].pValue;
+ }
+ }
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ if (keySize == 0) {
+ keySize = sftk_MapKeySize(keyType);
+ }
+
+ switch (mechanism) {
+ case CKM_NSS_JPAKE_ROUND2_SHA1: /* fall through */
+ case CKM_NSS_JPAKE_ROUND2_SHA256: /* fall through */
+ case CKM_NSS_JPAKE_ROUND2_SHA384: /* fall through */
+ case CKM_NSS_JPAKE_ROUND2_SHA512:
+ extractValue = PR_FALSE;
+ classType = CKO_PRIVATE_KEY;
+ break;
+ case CKM_NSS_JPAKE_FINAL_SHA1: /* fall through */
+ case CKM_NSS_JPAKE_FINAL_SHA256: /* fall through */
+ case CKM_NSS_JPAKE_FINAL_SHA384: /* fall through */
+ case CKM_NSS_JPAKE_FINAL_SHA512:
+ extractValue = PR_FALSE;
+ /* fall through */
+ default:
+ classType = CKO_SECRET_KEY;
+ }
+
+ crv = sftk_forceAttribute(key, CKA_CLASS, &classType, sizeof(classType));
+ if (crv != CKR_OK) {
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ /* look up the base key we're deriving with */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ sftk_FreeObject(key);
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ sourceKey = sftk_ObjectFromHandle(hBaseKey, session);
+ sftk_FreeSession(session);
+ if (sourceKey == NULL) {
+ sftk_FreeObject(key);
+ return CKR_KEY_HANDLE_INVALID;
+ }
+
+ if (extractValue) {
+ /* get the value of the base key */
+ att = sftk_FindAttribute(sourceKey, CKA_VALUE);
+ if (att == NULL) {
+ sftk_FreeObject(key);
+ sftk_FreeObject(sourceKey);
+ return CKR_KEY_HANDLE_INVALID;
+ }
+ }
+
+ switch (mechanism) {
+ /*
+ * generate the master secret
+ */
+ case CKM_TLS12_MASTER_KEY_DERIVE:
+ case CKM_TLS12_MASTER_KEY_DERIVE_DH:
+ case CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256:
+ case CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256:
+ case CKM_TLS_MASTER_KEY_DERIVE:
+ case CKM_TLS_MASTER_KEY_DERIVE_DH:
+ case CKM_SSL3_MASTER_KEY_DERIVE:
+ case CKM_SSL3_MASTER_KEY_DERIVE_DH: {
+ CK_SSL3_MASTER_KEY_DERIVE_PARAMS *ssl3_master;
+ SSL3RSAPreMasterSecret *rsa_pms;
+ unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
+
+ if ((mechanism == CKM_TLS12_MASTER_KEY_DERIVE) ||
+ (mechanism == CKM_TLS12_MASTER_KEY_DERIVE_DH)) {
+ CK_TLS12_MASTER_KEY_DERIVE_PARAMS *tls12_master =
+ (CK_TLS12_MASTER_KEY_DERIVE_PARAMS *)pMechanism->pParameter;
+ tlsPrfHash = GetHashTypeFromMechanism(tls12_master->prfHashMechanism);
+ if (tlsPrfHash == HASH_AlgNULL) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ } else if ((mechanism == CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256) ||
+ (mechanism == CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256)) {
+ tlsPrfHash = HASH_AlgSHA256;
+ }
+
+ if ((mechanism != CKM_SSL3_MASTER_KEY_DERIVE) &&
+ (mechanism != CKM_SSL3_MASTER_KEY_DERIVE_DH)) {
+ isTLS = PR_TRUE;
+ }
+ if ((mechanism == CKM_SSL3_MASTER_KEY_DERIVE_DH) ||
+ (mechanism == CKM_TLS_MASTER_KEY_DERIVE_DH) ||
+ (mechanism == CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256) ||
+ (mechanism == CKM_TLS12_MASTER_KEY_DERIVE_DH)) {
+ isDH = PR_TRUE;
+ }
+
+ /* first do the consistency checks */
+ if (!isDH && (att->attrib.ulValueLen != SSL3_PMS_LENGTH)) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att2 = sftk_FindAttribute(sourceKey, CKA_KEY_TYPE);
+ if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
+ CKK_GENERIC_SECRET)) {
+ if (att2)
+ sftk_FreeAttribute(att2);
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+ sftk_FreeAttribute(att2);
+ if (keyType != CKK_GENERIC_SECRET) {
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+ if ((keySize != 0) && (keySize != SSL3_MASTER_SECRET_LENGTH)) {
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+
+ /* finally do the key gen */
+ ssl3_master = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *)
+ pMechanism->pParameter;
+
+ PORT_Memcpy(crsrdata,
+ ssl3_master->RandomInfo.pClientRandom, SSL3_RANDOM_LENGTH);
+ PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH,
+ ssl3_master->RandomInfo.pServerRandom, SSL3_RANDOM_LENGTH);
+
+ if (ssl3_master->pVersion) {
+ SFTKSessionObject *sessKey = sftk_narrowToSessionObject(key);
+ rsa_pms = (SSL3RSAPreMasterSecret *)att->attrib.pValue;
+ /* don't leak more key material then necessary for SSL to work */
+ if ((sessKey == NULL) || sessKey->wasDerived) {
+ ssl3_master->pVersion->major = 0xff;
+ ssl3_master->pVersion->minor = 0xff;
+ } else {
+ ssl3_master->pVersion->major = rsa_pms->client_version[0];
+ ssl3_master->pVersion->minor = rsa_pms->client_version[1];
+ }
+ }
+ if (ssl3_master->RandomInfo.ulClientRandomLen != SSL3_RANDOM_LENGTH) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ if (ssl3_master->RandomInfo.ulServerRandomLen != SSL3_RANDOM_LENGTH) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+
+ if (isTLS) {
+ SECStatus status;
+ SECItem crsr = { siBuffer, NULL, 0 };
+ SECItem master = { siBuffer, NULL, 0 };
+ SECItem pms = { siBuffer, NULL, 0 };
+
+ crsr.data = crsrdata;
+ crsr.len = sizeof crsrdata;
+ master.data = key_block;
+ master.len = SSL3_MASTER_SECRET_LENGTH;
+ pms.data = (unsigned char *)att->attrib.pValue;
+ pms.len = att->attrib.ulValueLen;
+
+ if (tlsPrfHash != HASH_AlgNULL) {
+ status = TLS_P_hash(tlsPrfHash, &pms, "master secret",
+ &crsr, &master, isFIPS);
+ } else {
+ status = TLS_PRF(&pms, "master secret", &crsr, &master, isFIPS);
+ }
+ if (status != SECSuccess) {
+ crv = CKR_FUNCTION_FAILED;
+ break;
+ }
+ } else {
+ /* now allocate the hash contexts */
+ md5 = MD5_NewContext();
+ if (md5 == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ sha = SHA1_NewContext();
+ if (sha == NULL) {
+ PORT_Free(md5);
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ for (i = 0; i < 3; i++) {
+ SHA1_Begin(sha);
+ SHA1_Update(sha, (unsigned char *)mixers[i], strlen(mixers[i]));
+ SHA1_Update(sha, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ SHA1_Update(sha, crsrdata, sizeof crsrdata);
+ SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
+ PORT_Assert(outLen == SHA1_LENGTH);
+
+ MD5_Begin(md5);
+ MD5_Update(md5, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ MD5_Update(md5, sha_out, outLen);
+ MD5_End(md5, &key_block[i * MD5_LENGTH], &outLen, MD5_LENGTH);
+ PORT_Assert(outLen == MD5_LENGTH);
+ }
+ PORT_Free(md5);
+ PORT_Free(sha);
+ }
+
+ /* store the results */
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, SSL3_MASTER_SECRET_LENGTH);
+ if (crv != CKR_OK)
+ break;
+ keyType = CKK_GENERIC_SECRET;
+ crv = sftk_forceAttribute(key, CKA_KEY_TYPE, &keyType, sizeof(keyType));
+ if (isTLS) {
+ /* TLS's master secret is used to "sign" finished msgs with PRF. */
+ /* XXX This seems like a hack. But SFTK_Derive only accepts
+ * one "operation" argument. */
+ crv = sftk_forceAttribute(key, CKA_SIGN, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_forceAttribute(key, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ /* While we're here, we might as well force this, too. */
+ crv = sftk_forceAttribute(key, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ break;
+ }
+ break;
+ }
+
+ /* Extended master key derivation [draft-ietf-tls-session-hash] */
+ case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE:
+ case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH: {
+ CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS *ems_params;
+ SSL3RSAPreMasterSecret *rsa_pms;
+ SECStatus status;
+ SECItem pms = { siBuffer, NULL, 0 };
+ SECItem seed = { siBuffer, NULL, 0 };
+ SECItem master = { siBuffer, NULL, 0 };
+
+ ems_params = (CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS *)
+ pMechanism->pParameter;
+
+ /* First do the consistency checks */
+ if ((mechanism == CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE) &&
+ (att->attrib.ulValueLen != SSL3_PMS_LENGTH)) {
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ att2 = sftk_FindAttribute(sourceKey, CKA_KEY_TYPE);
+ if ((att2 == NULL) ||
+ (*(CK_KEY_TYPE *)att2->attrib.pValue != CKK_GENERIC_SECRET)) {
+ if (att2)
+ sftk_FreeAttribute(att2);
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+ sftk_FreeAttribute(att2);
+ if (keyType != CKK_GENERIC_SECRET) {
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+ if ((keySize != 0) && (keySize != SSL3_MASTER_SECRET_LENGTH)) {
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+
+ /* Do the key derivation */
+ pms.data = (unsigned char *)att->attrib.pValue;
+ pms.len = att->attrib.ulValueLen;
+ seed.data = ems_params->pSessionHash;
+ seed.len = ems_params->ulSessionHashLen;
+ master.data = key_block;
+ master.len = SSL3_MASTER_SECRET_LENGTH;
+ if (ems_params->prfHashMechanism == CKM_TLS_PRF) {
+ /*
+ * In this case, the session hash is the concatenation of SHA-1
+ * and MD5, so it should be 36 bytes long.
+ */
+ if (seed.len != MD5_LENGTH + SHA1_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+
+ status = TLS_PRF(&pms, "extended master secret",
+ &seed, &master, isFIPS);
+ } else {
+ const SECHashObject *hashObj;
+
+ tlsPrfHash = GetHashTypeFromMechanism(ems_params->prfHashMechanism);
+ if (tlsPrfHash == HASH_AlgNULL) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+
+ hashObj = HASH_GetRawHashObject(tlsPrfHash);
+ if (seed.len != hashObj->length) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+
+ status = TLS_P_hash(tlsPrfHash, &pms, "extended master secret",
+ &seed, &master, isFIPS);
+ }
+ if (status != SECSuccess) {
+ crv = CKR_FUNCTION_FAILED;
+ break;
+ }
+
+ /* Reflect the version if required */
+ if (ems_params->pVersion) {
+ SFTKSessionObject *sessKey = sftk_narrowToSessionObject(key);
+ rsa_pms = (SSL3RSAPreMasterSecret *)att->attrib.pValue;
+ /* don't leak more key material than necessary for SSL to work */
+ if ((sessKey == NULL) || sessKey->wasDerived) {
+ ems_params->pVersion->major = 0xff;
+ ems_params->pVersion->minor = 0xff;
+ } else {
+ ems_params->pVersion->major = rsa_pms->client_version[0];
+ ems_params->pVersion->minor = rsa_pms->client_version[1];
+ }
+ }
+
+ /* Store the results */
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block,
+ SSL3_MASTER_SECRET_LENGTH);
+ break;
+ }
+
+ case CKM_TLS12_KEY_AND_MAC_DERIVE:
+ case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256:
+ case CKM_TLS_KEY_AND_MAC_DERIVE:
+ case CKM_SSL3_KEY_AND_MAC_DERIVE: {
+ CK_SSL3_KEY_MAT_PARAMS *ssl3_keys;
+ CK_SSL3_KEY_MAT_OUT *ssl3_keys_out;
+ CK_ULONG effKeySize;
+ unsigned int block_needed;
+ unsigned char srcrdata[SSL3_RANDOM_LENGTH * 2];
+ unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
+
+ if (mechanism == CKM_TLS12_KEY_AND_MAC_DERIVE) {
+ CK_TLS12_KEY_MAT_PARAMS *tls12_keys =
+ (CK_TLS12_KEY_MAT_PARAMS *)pMechanism->pParameter;
+ tlsPrfHash = GetHashTypeFromMechanism(tls12_keys->prfHashMechanism);
+ if (tlsPrfHash == HASH_AlgNULL) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ } else if (mechanism == CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256) {
+ tlsPrfHash = HASH_AlgSHA256;
+ }
+
+ if (mechanism != CKM_SSL3_KEY_AND_MAC_DERIVE) {
+ isTLS = PR_TRUE;
+ }
+
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ if (att->attrib.ulValueLen != SSL3_MASTER_SECRET_LENGTH) {
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+ att2 = sftk_FindAttribute(sourceKey, CKA_KEY_TYPE);
+ if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
+ CKK_GENERIC_SECRET)) {
+ if (att2)
+ sftk_FreeAttribute(att2);
+ crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
+ break;
+ }
+ sftk_FreeAttribute(att2);
+ md5 = MD5_NewContext();
+ if (md5 == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ sha = SHA1_NewContext();
+ if (sha == NULL) {
+ MD5_DestroyContext(md5, PR_TRUE);
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ ssl3_keys = (CK_SSL3_KEY_MAT_PARAMS *)pMechanism->pParameter;
+
+ PORT_Memcpy(srcrdata,
+ ssl3_keys->RandomInfo.pServerRandom, SSL3_RANDOM_LENGTH);
+ PORT_Memcpy(srcrdata + SSL3_RANDOM_LENGTH,
+ ssl3_keys->RandomInfo.pClientRandom, SSL3_RANDOM_LENGTH);
+
+ PORT_Memcpy(crsrdata,
+ ssl3_keys->RandomInfo.pClientRandom, SSL3_RANDOM_LENGTH);
+ PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH,
+ ssl3_keys->RandomInfo.pServerRandom, SSL3_RANDOM_LENGTH);
+
+ /*
+ * clear out our returned keys so we can recover on failure
+ */
+ ssl3_keys_out = ssl3_keys->pReturnedKeyMaterial;
+ ssl3_keys_out->hClientMacSecret = CK_INVALID_HANDLE;
+ ssl3_keys_out->hServerMacSecret = CK_INVALID_HANDLE;
+ ssl3_keys_out->hClientKey = CK_INVALID_HANDLE;
+ ssl3_keys_out->hServerKey = CK_INVALID_HANDLE;
+
+ /*
+ * How much key material do we need?
+ */
+ macSize = ssl3_keys->ulMacSizeInBits / 8;
+ effKeySize = ssl3_keys->ulKeySizeInBits / 8;
+ IVSize = ssl3_keys->ulIVSizeInBits / 8;
+ if (keySize == 0) {
+ effKeySize = keySize;
+ }
+
+ /* bIsExport must be false. */
+ if (ssl3_keys->bIsExport) {
+ MD5_DestroyContext(md5, PR_TRUE);
+ SHA1_DestroyContext(sha, PR_TRUE);
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+
+ block_needed = 2 * (macSize + effKeySize + IVSize);
+ PORT_Assert(block_needed <= sizeof key_block);
+ if (block_needed > sizeof key_block)
+ block_needed = sizeof key_block;
+
+ /*
+ * generate the key material: This looks amazingly similar to the
+ * PMS code, and is clearly crying out for a function to provide it.
+ */
+ if (isTLS) {
+ SECStatus status;
+ SECItem srcr = { siBuffer, NULL, 0 };
+ SECItem keyblk = { siBuffer, NULL, 0 };
+ SECItem master = { siBuffer, NULL, 0 };
+
+ srcr.data = srcrdata;
+ srcr.len = sizeof srcrdata;
+ keyblk.data = key_block;
+ keyblk.len = block_needed;
+ master.data = (unsigned char *)att->attrib.pValue;
+ master.len = att->attrib.ulValueLen;
+
+ if (tlsPrfHash != HASH_AlgNULL) {
+ status = TLS_P_hash(tlsPrfHash, &master, "key expansion",
+ &srcr, &keyblk, isFIPS);
+ } else {
+ status = TLS_PRF(&master, "key expansion", &srcr, &keyblk,
+ isFIPS);
+ }
+ if (status != SECSuccess) {
+ goto key_and_mac_derive_fail;
+ }
+ } else {
+ unsigned int block_bytes = 0;
+ /* key_block =
+ * MD5(master_secret + SHA('A' + master_secret +
+ * ServerHello.random + ClientHello.random)) +
+ * MD5(master_secret + SHA('BB' + master_secret +
+ * ServerHello.random + ClientHello.random)) +
+ * MD5(master_secret + SHA('CCC' + master_secret +
+ * ServerHello.random + ClientHello.random)) +
+ * [...];
+ */
+ for (i = 0; i < NUM_MIXERS && block_bytes < block_needed; i++) {
+ SHA1_Begin(sha);
+ SHA1_Update(sha, (unsigned char *)mixers[i], strlen(mixers[i]));
+ SHA1_Update(sha, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ SHA1_Update(sha, srcrdata, sizeof srcrdata);
+ SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
+ PORT_Assert(outLen == SHA1_LENGTH);
+ MD5_Begin(md5);
+ MD5_Update(md5, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ MD5_Update(md5, sha_out, outLen);
+ MD5_End(md5, &key_block[i * MD5_LENGTH], &outLen, MD5_LENGTH);
+ PORT_Assert(outLen == MD5_LENGTH);
+ block_bytes += outLen;
+ }
+ }
+
+ /*
+ * Put the key material where it goes.
+ */
+ i = 0; /* now shows how much consumed */
+
+ /*
+ * The key_block is partitioned as follows:
+ * client_write_MAC_secret[CipherSpec.hash_size]
+ */
+ crv = sftk_buildSSLKey(hSession, key, PR_TRUE, &key_block[i], macSize,
+ &ssl3_keys_out->hClientMacSecret);
+ if (crv != CKR_OK)
+ goto key_and_mac_derive_fail;
+
+ i += macSize;
+
+ /*
+ * server_write_MAC_secret[CipherSpec.hash_size]
+ */
+ crv = sftk_buildSSLKey(hSession, key, PR_TRUE, &key_block[i], macSize,
+ &ssl3_keys_out->hServerMacSecret);
+ if (crv != CKR_OK) {
+ goto key_and_mac_derive_fail;
+ }
+ i += macSize;
+
+ if (keySize) {
+ /*
+ ** Generate Domestic write keys and IVs.
+ ** client_write_key[CipherSpec.key_material]
+ */
+ crv = sftk_buildSSLKey(hSession, key, PR_FALSE, &key_block[i],
+ keySize, &ssl3_keys_out->hClientKey);
+ if (crv != CKR_OK) {
+ goto key_and_mac_derive_fail;
+ }
+ i += keySize;
+
+ /*
+ ** server_write_key[CipherSpec.key_material]
+ */
+ crv = sftk_buildSSLKey(hSession, key, PR_FALSE, &key_block[i],
+ keySize, &ssl3_keys_out->hServerKey);
+ if (crv != CKR_OK) {
+ goto key_and_mac_derive_fail;
+ }
+ i += keySize;
+
+ /*
+ ** client_write_IV[CipherSpec.IV_size]
+ */
+ if (IVSize > 0) {
+ PORT_Memcpy(ssl3_keys_out->pIVClient,
+ &key_block[i], IVSize);
+ i += IVSize;
+ }
+
+ /*
+ ** server_write_IV[CipherSpec.IV_size]
+ */
+ if (IVSize > 0) {
+ PORT_Memcpy(ssl3_keys_out->pIVServer,
+ &key_block[i], IVSize);
+ i += IVSize;
+ }
+ PORT_Assert(i <= sizeof key_block);
+ }
+
+ crv = CKR_OK;
+
+ if (0) {
+ key_and_mac_derive_fail:
+ if (crv == CKR_OK)
+ crv = CKR_FUNCTION_FAILED;
+ sftk_freeSSLKeys(hSession, ssl3_keys_out);
+ }
+ MD5_DestroyContext(md5, PR_TRUE);
+ SHA1_DestroyContext(sha, PR_TRUE);
+ sftk_FreeObject(key);
+ key = NULL;
+ break;
+ }
+
+ case CKM_CONCATENATE_BASE_AND_KEY: {
+ SFTKObject *newKey;
+
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ crv = CKR_SESSION_HANDLE_INVALID;
+ break;
+ }
+
+ newKey = sftk_ObjectFromHandle(*(CK_OBJECT_HANDLE *)
+ pMechanism->pParameter,
+ session);
+ sftk_FreeSession(session);
+ if (newKey == NULL) {
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+
+ if (sftk_isTrue(newKey, CKA_SENSITIVE)) {
+ crv = sftk_forceAttribute(newKey, CKA_SENSITIVE, &cktrue,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK) {
+ sftk_FreeObject(newKey);
+ break;
+ }
+ }
+
+ att2 = sftk_FindAttribute(newKey, CKA_VALUE);
+ if (att2 == NULL) {
+ sftk_FreeObject(newKey);
+ crv = CKR_KEY_HANDLE_INVALID;
+ break;
+ }
+ tmpKeySize = att->attrib.ulValueLen + att2->attrib.ulValueLen;
+ if (keySize == 0)
+ keySize = tmpKeySize;
+ if (keySize > tmpKeySize) {
+ sftk_FreeObject(newKey);
+ sftk_FreeAttribute(att2);
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ buf = (unsigned char *)PORT_Alloc(tmpKeySize);
+ if (buf == NULL) {
+ sftk_FreeAttribute(att2);
+ sftk_FreeObject(newKey);
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+
+ PORT_Memcpy(buf, att->attrib.pValue, att->attrib.ulValueLen);
+ PORT_Memcpy(buf + att->attrib.ulValueLen,
+ att2->attrib.pValue, att2->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, buf, keySize);
+ PORT_ZFree(buf, tmpKeySize);
+ sftk_FreeAttribute(att2);
+ sftk_FreeObject(newKey);
+ break;
+ }
+
+ case CKM_CONCATENATE_BASE_AND_DATA:
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
+ tmpKeySize = att->attrib.ulValueLen + stringPtr->ulLen;
+ if (keySize == 0)
+ keySize = tmpKeySize;
+ if (keySize > tmpKeySize) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ buf = (unsigned char *)PORT_Alloc(tmpKeySize);
+ if (buf == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+
+ PORT_Memcpy(buf, att->attrib.pValue, att->attrib.ulValueLen);
+ PORT_Memcpy(buf + att->attrib.ulValueLen, stringPtr->pData,
+ stringPtr->ulLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, buf, keySize);
+ PORT_ZFree(buf, tmpKeySize);
+ break;
+ case CKM_CONCATENATE_DATA_AND_BASE:
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
+ tmpKeySize = att->attrib.ulValueLen + stringPtr->ulLen;
+ if (keySize == 0)
+ keySize = tmpKeySize;
+ if (keySize > tmpKeySize) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ buf = (unsigned char *)PORT_Alloc(tmpKeySize);
+ if (buf == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+
+ PORT_Memcpy(buf, stringPtr->pData, stringPtr->ulLen);
+ PORT_Memcpy(buf + stringPtr->ulLen, att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, buf, keySize);
+ PORT_ZFree(buf, tmpKeySize);
+ break;
+ case CKM_XOR_BASE_AND_DATA:
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
+ tmpKeySize = PR_MIN(att->attrib.ulValueLen, stringPtr->ulLen);
+ if (keySize == 0)
+ keySize = tmpKeySize;
+ if (keySize > tmpKeySize) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ buf = (unsigned char *)PORT_Alloc(keySize);
+ if (buf == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+
+ PORT_Memcpy(buf, att->attrib.pValue, keySize);
+ for (i = 0; i < (int)keySize; i++) {
+ buf[i] ^= stringPtr->pData[i];
+ }
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, buf, keySize);
+ PORT_ZFree(buf, keySize);
+ break;
+
+ case CKM_EXTRACT_KEY_FROM_KEY: {
+ /* the following assumes 8 bits per byte */
+ CK_ULONG extract = *(CK_EXTRACT_PARAMS *)pMechanism->pParameter;
+ CK_ULONG shift = extract & 0x7; /* extract mod 8 the fast way */
+ CK_ULONG offset = extract >> 3; /* extract div 8 the fast way */
+
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ if (keySize == 0) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ break;
+ }
+ /* make sure we have enough bits in the original key */
+ if (att->attrib.ulValueLen <
+ (offset + keySize + ((shift != 0) ? 1 : 0))) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ buf = (unsigned char *)PORT_Alloc(keySize);
+ if (buf == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+
+ /* copy the bits we need into the new key */
+ for (i = 0; i < (int)keySize; i++) {
+ unsigned char *value =
+ ((unsigned char *)att->attrib.pValue) + offset + i;
+ if (shift) {
+ buf[i] = (value[0] << (shift)) | (value[1] >> (8 - shift));
+ } else {
+ buf[i] = value[0];
+ }
+ }
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, buf, keySize);
+ PORT_ZFree(buf, keySize);
+ break;
+ }
+ case CKM_MD2_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = MD2_LENGTH;
+ if (keySize > MD2_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ /* now allocate the hash contexts */
+ md2 = MD2_NewContext();
+ if (md2 == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ MD2_Begin(md2);
+ MD2_Update(md2, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ MD2_End(md2, key_block, &outLen, MD2_LENGTH);
+ MD2_DestroyContext(md2, PR_TRUE);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+ case CKM_MD5_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = MD5_LENGTH;
+ if (keySize > MD5_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ MD5_HashBuf(key_block, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+ case CKM_SHA1_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = SHA1_LENGTH;
+ if (keySize > SHA1_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ SHA1_HashBuf(key_block, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+
+ case CKM_SHA224_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = SHA224_LENGTH;
+ if (keySize > SHA224_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ SHA224_HashBuf(key_block, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+
+ case CKM_SHA256_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = SHA256_LENGTH;
+ if (keySize > SHA256_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ SHA256_HashBuf(key_block, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+
+ case CKM_SHA384_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = SHA384_LENGTH;
+ if (keySize > SHA384_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ SHA384_HashBuf(key_block, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+
+ case CKM_SHA512_KEY_DERIVATION:
+ if (keySize == 0)
+ keySize = SHA512_LENGTH;
+ if (keySize > SHA512_LENGTH) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ SHA512_HashBuf(key_block, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+
+ crv = sftk_forceAttribute(key, CKA_VALUE, key_block, keySize);
+ break;
+
+ case CKM_DH_PKCS_DERIVE: {
+ SECItem derived, dhPublic;
+ SECItem dhPrime, dhValue;
+ /* sourceKey - values for the local existing low key */
+ /* get prime and value attributes */
+ crv = sftk_Attribute2SecItem(NULL, &dhPrime, sourceKey, CKA_PRIME);
+ if (crv != SECSuccess)
+ break;
+ crv = sftk_Attribute2SecItem(NULL, &dhValue, sourceKey, CKA_VALUE);
+ if (crv != SECSuccess) {
+ PORT_Free(dhPrime.data);
+ break;
+ }
+
+ dhPublic.data = pMechanism->pParameter;
+ dhPublic.len = pMechanism->ulParameterLen;
+
+ /* calculate private value - oct */
+ rv = DH_Derive(&dhPublic, &dhPrime, &dhValue, &derived, keySize);
+
+ PORT_Free(dhPrime.data);
+ PORT_Free(dhValue.data);
+
+ if (rv == SECSuccess) {
+ sftk_forceAttribute(key, CKA_VALUE, derived.data, derived.len);
+ PORT_ZFree(derived.data, derived.len);
+ } else
+ crv = CKR_HOST_MEMORY;
+
+ break;
+ }
+
+#ifndef NSS_DISABLE_ECC
+ case CKM_ECDH1_DERIVE:
+ case CKM_ECDH1_COFACTOR_DERIVE: {
+ SECItem ecScalar, ecPoint;
+ SECItem tmp;
+ PRBool withCofactor = PR_FALSE;
+ unsigned char *secret;
+ unsigned char *keyData = NULL;
+ unsigned int secretlen, pubKeyLen;
+ CK_ECDH1_DERIVE_PARAMS *mechParams;
+ NSSLOWKEYPrivateKey *privKey;
+ PLArenaPool *arena = NULL;
+
+ /* Check mechanism parameters */
+ mechParams = (CK_ECDH1_DERIVE_PARAMS *)pMechanism->pParameter;
+ if ((pMechanism->ulParameterLen != sizeof(CK_ECDH1_DERIVE_PARAMS)) ||
+ ((mechParams->kdf == CKD_NULL) &&
+ ((mechParams->ulSharedDataLen != 0) ||
+ (mechParams->pSharedData != NULL)))) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+
+ privKey = sftk_GetPrivKey(sourceKey, CKK_EC, &crv);
+ if (privKey == NULL) {
+ break;
+ }
+
+ /* Now we are working with a non-NULL private key */
+ SECITEM_CopyItem(NULL, &ecScalar, &privKey->u.ec.privateValue);
+
+ ecPoint.data = mechParams->pPublicData;
+ ecPoint.len = mechParams->ulPublicDataLen;
+
+ pubKeyLen = EC_GetPointSize(&privKey->u.ec.ecParams);
+
+ /* if the len is too small, can't be a valid point */
+ if (ecPoint.len < pubKeyLen) {
+ goto ec_loser;
+ }
+ /* if the len is too large, must be an encoded point (length is
+ * equal case just falls through */
+ if (ecPoint.len > pubKeyLen) {
+ SECItem newPoint;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ goto ec_loser;
+ }
+
+ rv = SEC_QuickDERDecodeItem(arena, &newPoint,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ &ecPoint);
+ if (rv != SECSuccess) {
+ goto ec_loser;
+ }
+ ecPoint = newPoint;
+ }
+
+ if (mechanism == CKM_ECDH1_COFACTOR_DERIVE) {
+ withCofactor = PR_TRUE;
+ } else {
+ /* When not using cofactor derivation, one should
+ * validate the public key to avoid small subgroup
+ * attacks.
+ */
+ if (EC_ValidatePublicKey(&privKey->u.ec.ecParams, &ecPoint) != SECSuccess) {
+ goto ec_loser;
+ }
+ }
+
+ rv = ECDH_Derive(&ecPoint, &privKey->u.ec.ecParams, &ecScalar,
+ withCofactor, &tmp);
+ PORT_Free(ecScalar.data);
+ ecScalar.data = NULL;
+ if (privKey != sourceKey->objectInfo) {
+ nsslowkey_DestroyPrivateKey(privKey);
+ privKey = NULL;
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ arena = NULL;
+ }
+
+ if (rv != SECSuccess) {
+ crv = sftk_MapCryptError(PORT_GetError());
+ break;
+ }
+
+ /*
+ * apply the kdf function.
+ */
+ if (mechParams->kdf == CKD_NULL) {
+ /*
+ * tmp is the raw data created by ECDH_Derive,
+ * secret and secretlen are the values we will
+ * eventually pass as our generated key.
+ */
+ secret = tmp.data;
+ secretlen = tmp.len;
+ } else {
+ secretlen = keySize;
+ crv = sftk_ANSI_X9_63_kdf(&secret, keySize,
+ &tmp, mechParams->pSharedData,
+ mechParams->ulSharedDataLen, mechParams->kdf);
+ PORT_ZFree(tmp.data, tmp.len);
+ if (crv != CKR_OK) {
+ break;
+ }
+ tmp.data = secret;
+ tmp.len = secretlen;
+ }
+
+ /*
+ * if keySize is supplied, then we are generating a key of a specific
+ * length. This is done by taking the least significant 'keySize'
+ * bytes from the unsigned value calculated by ECDH. Note: this may
+ * mean padding temp with extra leading zeros from what ECDH_Derive
+ * already returned (which itself may contain leading zeros).
+ */
+ if (keySize) {
+ if (secretlen < keySize) {
+ keyData = PORT_ZAlloc(keySize);
+ if (!keyData) {
+ PORT_ZFree(tmp.data, tmp.len);
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ PORT_Memcpy(&keyData[keySize - secretlen], secret, secretlen);
+ secret = keyData;
+ } else {
+ secret += (secretlen - keySize);
+ }
+ secretlen = keySize;
+ }
+
+ sftk_forceAttribute(key, CKA_VALUE, secret, secretlen);
+ PORT_ZFree(tmp.data, tmp.len);
+ if (keyData) {
+ PORT_ZFree(keyData, keySize);
+ }
+ break;
+
+ ec_loser:
+ crv = CKR_ARGUMENTS_BAD;
+ PORT_Free(ecScalar.data);
+ if (privKey != sourceKey->objectInfo)
+ nsslowkey_DestroyPrivateKey(privKey);
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ break;
+ }
+#endif /* NSS_DISABLE_ECC */
+
+ /* See RFC 5869 and CK_NSS_HKDFParams for documentation. */
+ case CKM_NSS_HKDF_SHA1:
+ hashType = HASH_AlgSHA1;
+ goto hkdf;
+ case CKM_NSS_HKDF_SHA256:
+ hashType = HASH_AlgSHA256;
+ goto hkdf;
+ case CKM_NSS_HKDF_SHA384:
+ hashType = HASH_AlgSHA384;
+ goto hkdf;
+ case CKM_NSS_HKDF_SHA512:
+ hashType = HASH_AlgSHA512;
+ goto hkdf;
+ hkdf : {
+ const CK_NSS_HKDFParams *params =
+ (const CK_NSS_HKDFParams *)pMechanism->pParameter;
+ const SECHashObject *rawHash;
+ unsigned hashLen;
+ CK_BYTE buf[HASH_LENGTH_MAX];
+ CK_BYTE *prk; /* psuedo-random key */
+ CK_ULONG prkLen;
+ CK_BYTE *okm; /* output keying material */
+
+ rawHash = HASH_GetRawHashObject(hashType);
+ if (rawHash == NULL || rawHash->length > sizeof buf) {
+ crv = CKR_FUNCTION_FAILED;
+ break;
+ }
+ hashLen = rawHash->length;
+
+ if (pMechanism->ulParameterLen != sizeof(CK_NSS_HKDFParams) ||
+ !params || (!params->bExpand && !params->bExtract) ||
+ (params->bExtract && params->ulSaltLen > 0 && !params->pSalt) ||
+ (params->bExpand && params->ulInfoLen > 0 && !params->pInfo)) {
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ break;
+ }
+ if (keySize == 0 || keySize > sizeof key_block ||
+ (!params->bExpand && keySize > hashLen) ||
+ (params->bExpand && keySize > 255 * hashLen)) {
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ break;
+ }
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv != CKR_OK)
+ break;
+
+ /* HKDF-Extract(salt, base key value) */
+ if (params->bExtract) {
+ CK_BYTE *salt;
+ CK_ULONG saltLen;
+ HMACContext *hmac;
+ unsigned int bufLen;
+
+ salt = params->pSalt;
+ saltLen = params->ulSaltLen;
+ if (salt == NULL) {
+ saltLen = hashLen;
+ salt = buf;
+ memset(salt, 0, saltLen);
+ }
+ hmac = HMAC_Create(rawHash, salt, saltLen, isFIPS);
+ if (!hmac) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ HMAC_Begin(hmac);
+ HMAC_Update(hmac, (const unsigned char *)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ HMAC_Finish(hmac, buf, &bufLen, sizeof(buf));
+ HMAC_Destroy(hmac, PR_TRUE);
+ PORT_Assert(bufLen == rawHash->length);
+ prk = buf;
+ prkLen = bufLen;
+ } else {
+ /* PRK = base key value */
+ prk = (CK_BYTE *)att->attrib.pValue;
+ prkLen = att->attrib.ulValueLen;
+ }
+
+ /* HKDF-Expand */
+ if (!params->bExpand) {
+ okm = prk;
+ } else {
+ /* T(1) = HMAC-Hash(prk, "" | info | 0x01)
+ * T(n) = HMAC-Hash(prk, T(n-1) | info | n
+ * key material = T(1) | ... | T(n)
+ */
+ HMACContext *hmac;
+ CK_BYTE i;
+ unsigned iterations = PR_ROUNDUP(keySize, hashLen) / hashLen;
+ hmac = HMAC_Create(rawHash, prk, prkLen, isFIPS);
+ if (hmac == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ for (i = 1; i <= iterations; ++i) {
+ unsigned len;
+ HMAC_Begin(hmac);
+ if (i > 1) {
+ HMAC_Update(hmac, key_block + ((i - 2) * hashLen), hashLen);
+ }
+ if (params->ulInfoLen != 0) {
+ HMAC_Update(hmac, params->pInfo, params->ulInfoLen);
+ }
+ HMAC_Update(hmac, &i, 1);
+ HMAC_Finish(hmac, key_block + ((i - 1) * hashLen), &len,
+ hashLen);
+ PORT_Assert(len == hashLen);
+ }
+ HMAC_Destroy(hmac, PR_TRUE);
+ okm = key_block;
+ }
+ /* key material = prk */
+ crv = sftk_forceAttribute(key, CKA_VALUE, okm, keySize);
+ break;
+ } /* end of CKM_NSS_HKDF_* */
+
+ case CKM_NSS_JPAKE_ROUND2_SHA1:
+ hashType = HASH_AlgSHA1;
+ goto jpake2;
+ case CKM_NSS_JPAKE_ROUND2_SHA256:
+ hashType = HASH_AlgSHA256;
+ goto jpake2;
+ case CKM_NSS_JPAKE_ROUND2_SHA384:
+ hashType = HASH_AlgSHA384;
+ goto jpake2;
+ case CKM_NSS_JPAKE_ROUND2_SHA512:
+ hashType = HASH_AlgSHA512;
+ goto jpake2;
+ jpake2:
+ if (pMechanism->pParameter == NULL ||
+ pMechanism->ulParameterLen != sizeof(CK_NSS_JPAKERound2Params))
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ if (crv == CKR_OK && sftk_isTrue(key, CKA_TOKEN))
+ crv = CKR_TEMPLATE_INCONSISTENT;
+ if (crv == CKR_OK)
+ crv = sftk_DeriveSensitiveCheck(sourceKey, key);
+ if (crv == CKR_OK)
+ crv = jpake_Round2(hashType,
+ (CK_NSS_JPAKERound2Params *)pMechanism->pParameter,
+ sourceKey, key);
+ break;
+
+ case CKM_NSS_JPAKE_FINAL_SHA1:
+ hashType = HASH_AlgSHA1;
+ goto jpakeFinal;
+ case CKM_NSS_JPAKE_FINAL_SHA256:
+ hashType = HASH_AlgSHA256;
+ goto jpakeFinal;
+ case CKM_NSS_JPAKE_FINAL_SHA384:
+ hashType = HASH_AlgSHA384;
+ goto jpakeFinal;
+ case CKM_NSS_JPAKE_FINAL_SHA512:
+ hashType = HASH_AlgSHA512;
+ goto jpakeFinal;
+ jpakeFinal:
+ if (pMechanism->pParameter == NULL ||
+ pMechanism->ulParameterLen != sizeof(CK_NSS_JPAKEFinalParams))
+ crv = CKR_MECHANISM_PARAM_INVALID;
+ /* We purposely do not do the derive sensitivity check; we want to be
+ able to derive non-sensitive keys while allowing the ROUND1 and
+ ROUND2 keys to be sensitive (which they always are, since they are
+ in the CKO_PRIVATE_KEY class). The caller must include CKA_SENSITIVE
+ in the template in order for the resultant keyblock key to be
+ sensitive.
+ */
+ if (crv == CKR_OK)
+ crv = jpake_Final(hashType,
+ (CK_NSS_JPAKEFinalParams *)pMechanism->pParameter,
+ sourceKey, key);
+ break;
+
+ default:
+ crv = CKR_MECHANISM_INVALID;
+ }
+ if (att) {
+ sftk_FreeAttribute(att);
+ }
+ sftk_FreeObject(sourceKey);
+ if (crv != CKR_OK) {
+ if (key)
+ sftk_FreeObject(key);
+ return crv;
+ }
+
+ /* link the key object into the list */
+ if (key) {
+ SFTKSessionObject *sessKey = sftk_narrowToSessionObject(key);
+ PORT_Assert(sessKey);
+ /* get the session */
+ sessKey->wasDerived = PR_TRUE;
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ sftk_FreeObject(key);
+ return CKR_HOST_MEMORY;
+ }
+
+ crv = sftk_handleObject(key, session);
+ sftk_FreeSession(session);
+ *phKey = key->handle;
+ sftk_FreeObject(key);
+ }
+ return crv;
+}
+
+/* NSC_GetFunctionStatus obtains an updated status of a function running
+ * in parallel with an application. */
+CK_RV
+NSC_GetFunctionStatus(CK_SESSION_HANDLE hSession)
+{
+ CHECK_FORK();
+
+ return CKR_FUNCTION_NOT_PARALLEL;
+}
+
+/* NSC_CancelFunction cancels a function running in parallel */
+CK_RV
+NSC_CancelFunction(CK_SESSION_HANDLE hSession)
+{
+ CHECK_FORK();
+
+ return CKR_FUNCTION_NOT_PARALLEL;
+}
+
+/* NSC_GetOperationState saves the state of the cryptographic
+ * operation in a session.
+ * NOTE: This code only works for digest functions for now. eventually need
+ * to add full flatten/resurect to our state stuff so that all types of state
+ * can be saved */
+CK_RV
+NSC_GetOperationState(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
+{
+ SFTKSessionContext *context;
+ SFTKSession *session;
+ CK_RV crv;
+ CK_ULONG pOSLen = *pulOperationStateLen;
+
+ CHECK_FORK();
+
+ /* make sure we're legal */
+ crv = sftk_GetContext(hSession, &context, SFTK_HASH, PR_TRUE, &session);
+ if (crv != CKR_OK)
+ return crv;
+
+ *pulOperationStateLen = context->cipherInfoLen + sizeof(CK_MECHANISM_TYPE) + sizeof(SFTKContextType);
+ if (pOperationState == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OK;
+ } else {
+ if (pOSLen < *pulOperationStateLen) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ }
+ PORT_Memcpy(pOperationState, &context->type, sizeof(SFTKContextType));
+ pOperationState += sizeof(SFTKContextType);
+ PORT_Memcpy(pOperationState, &context->currentMech,
+ sizeof(CK_MECHANISM_TYPE));
+ pOperationState += sizeof(CK_MECHANISM_TYPE);
+ PORT_Memcpy(pOperationState, context->cipherInfo, context->cipherInfoLen);
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+#define sftk_Decrement(stateSize, len) \
+ stateSize = ((stateSize) > (CK_ULONG)(len)) ? ((stateSize) - (CK_ULONG)(len)) : 0;
+
+/* NSC_SetOperationState restores the state of the cryptographic
+ * operation in a session. This is coded like it can restore lots of
+ * states, but it only works for truly flat cipher structures. */
+CK_RV
+NSC_SetOperationState(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
+ CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
+{
+ SFTKSessionContext *context;
+ SFTKSession *session;
+ SFTKContextType type;
+ CK_MECHANISM mech;
+ CK_RV crv = CKR_OK;
+
+ CHECK_FORK();
+
+ while (ulOperationStateLen != 0) {
+ /* get what type of state we're dealing with... */
+ PORT_Memcpy(&type, pOperationState, sizeof(SFTKContextType));
+
+ /* fix up session contexts based on type */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ context = sftk_ReturnContextByType(session, type);
+ sftk_SetContextByType(session, type, NULL);
+ if (context) {
+ sftk_FreeContext(context);
+ }
+ pOperationState += sizeof(SFTKContextType);
+ sftk_Decrement(ulOperationStateLen, sizeof(SFTKContextType));
+
+ /* get the mechanism structure */
+ PORT_Memcpy(&mech.mechanism, pOperationState, sizeof(CK_MECHANISM_TYPE));
+ pOperationState += sizeof(CK_MECHANISM_TYPE);
+ sftk_Decrement(ulOperationStateLen, sizeof(CK_MECHANISM_TYPE));
+ /* should be filled in... but not necessary for hash */
+ mech.pParameter = NULL;
+ mech.ulParameterLen = 0;
+ switch (type) {
+ case SFTK_HASH:
+ crv = NSC_DigestInit(hSession, &mech);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_GetContext(hSession, &context, SFTK_HASH, PR_TRUE,
+ NULL);
+ if (crv != CKR_OK)
+ break;
+ PORT_Memcpy(context->cipherInfo, pOperationState,
+ context->cipherInfoLen);
+ pOperationState += context->cipherInfoLen;
+ sftk_Decrement(ulOperationStateLen, context->cipherInfoLen);
+ break;
+ default:
+ /* do sign/encrypt/decrypt later */
+ crv = CKR_SAVED_STATE_INVALID;
+ }
+ sftk_FreeSession(session);
+ if (crv != CKR_OK)
+ break;
+ }
+ return crv;
+}
+
+/* Dual-function cryptographic operations */
+
+/* NSC_DigestEncryptUpdate continues a multiple-part digesting and encryption
+ * operation. */
+CK_RV
+NSC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ crv = NSC_EncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart,
+ pulEncryptedPartLen);
+ if (crv != CKR_OK)
+ return crv;
+ crv = NSC_DigestUpdate(hSession, pPart, ulPartLen);
+
+ return crv;
+}
+
+/* NSC_DecryptDigestUpdate continues a multiple-part decryption and
+ * digesting operation. */
+CK_RV
+NSC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
+ CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ crv = NSC_DecryptUpdate(hSession, pEncryptedPart, ulEncryptedPartLen,
+ pPart, pulPartLen);
+ if (crv != CKR_OK)
+ return crv;
+ crv = NSC_DigestUpdate(hSession, pPart, *pulPartLen);
+
+ return crv;
+}
+
+/* NSC_SignEncryptUpdate continues a multiple-part signing and
+ * encryption operation. */
+CK_RV
+NSC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ crv = NSC_EncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart,
+ pulEncryptedPartLen);
+ if (crv != CKR_OK)
+ return crv;
+ crv = NSC_SignUpdate(hSession, pPart, ulPartLen);
+
+ return crv;
+}
+
+/* NSC_DecryptVerifyUpdate continues a multiple-part decryption
+ * and verify operation. */
+CK_RV
+NSC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
+ CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
+ CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
+{
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ crv = NSC_DecryptUpdate(hSession, pEncryptedData, ulEncryptedDataLen,
+ pData, pulDataLen);
+ if (crv != CKR_OK)
+ return crv;
+ crv = NSC_VerifyUpdate(hSession, pData, *pulDataLen);
+
+ return crv;
+}
+
+/* NSC_DigestKey continues a multi-part message-digesting operation,
+ * by digesting the value of a secret key as part of the data already digested.
+ */
+CK_RV
+NSC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
+{
+ SFTKSession *session = NULL;
+ SFTKObject *key = NULL;
+ SFTKAttribute *att;
+ CK_RV crv;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+
+ key = sftk_ObjectFromHandle(hKey, session);
+ sftk_FreeSession(session);
+ if (key == NULL)
+ return CKR_KEY_HANDLE_INVALID;
+
+ /* PUT ANY DIGEST KEY RESTRICTION CHECKS HERE */
+
+ /* make sure it's a valid key for this operation */
+ if (key->objclass != CKO_SECRET_KEY) {
+ sftk_FreeObject(key);
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ /* get the key value */
+ att = sftk_FindAttribute(key, CKA_VALUE);
+ sftk_FreeObject(key);
+ if (!att) {
+ return CKR_KEY_HANDLE_INVALID;
+ }
+ crv = NSC_DigestUpdate(hSession, (CK_BYTE_PTR)att->attrib.pValue,
+ att->attrib.ulValueLen);
+ sftk_FreeAttribute(att);
+ return crv;
+}
diff --git a/security/nss/lib/softoken/pkcs11i.h b/security/nss/lib/softoken/pkcs11i.h
new file mode 100644
index 000000000..c5f21c30a
--- /dev/null
+++ b/security/nss/lib/softoken/pkcs11i.h
@@ -0,0 +1,763 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal data structures and functions used by pkcs11.c
+ */
+#ifndef _PKCS11I_H_
+#define _PKCS11I_H_ 1
+
+#include "nssilock.h"
+#include "seccomon.h"
+#include "secoidt.h"
+#include "lowkeyti.h"
+#include "pkcs11t.h"
+
+#include "sftkdbt.h"
+#include "chacha20poly1305.h"
+#include "hasht.h"
+
+/*
+ * Configuration Defines
+ *
+ * The following defines affect the space verse speed trade offs of
+ * the PKCS #11 module. For the most part the current settings are optimized
+ * for web servers, where we want faster speed and lower lock contention at
+ * the expense of space.
+ */
+
+/*
+ * The attribute allocation strategy is static allocation:
+ * Attributes are pre-allocated as part of the session object and used from
+ * the object array.
+ */
+#define MAX_OBJS_ATTRS 45 /* number of attributes to preallocate in \
+ * the object (must me the absolute max) */
+#define ATTR_SPACE 50 /* Maximum size of attribute data before extra \
+ * data needs to be allocated. This is set to \
+ * enough space to hold an SSL MASTER secret */
+
+#define NSC_STRICT PR_FALSE /* forces the code to do strict template \
+ * matching when doing C_FindObject on token \
+ * objects. This will slow down search in \
+ * NSS. */
+/* default search block allocations and increments */
+#define NSC_CERT_BLOCK_SIZE 50
+#define NSC_SEARCH_BLOCK_SIZE 5
+#define NSC_SLOT_LIST_BLOCK_SIZE 10
+
+#define NSC_FIPS_MODULE 1
+#define NSC_NON_FIPS_MODULE 0
+
+/* these are data base storage hashes, not cryptographic hashes.. The define
+ * the effective size of the various object hash tables */
+/* clients care more about memory usage than lookup performance on
+ * cyrptographic objects. Clients also have less objects around to play with
+ *
+ * we eventually should make this configurable at runtime! Especially now that
+ * NSS is a shared library.
+ */
+#define SPACE_ATTRIBUTE_HASH_SIZE 32
+#define SPACE_SESSION_OBJECT_HASH_SIZE 32
+#define SPACE_SESSION_HASH_SIZE 32
+#define TIME_ATTRIBUTE_HASH_SIZE 32
+#define TIME_SESSION_OBJECT_HASH_SIZE 1024
+#define TIME_SESSION_HASH_SIZE 1024
+#define MAX_OBJECT_LIST_SIZE 800
+/* how many objects to keep on the free list
+ * before we start freeing them */
+#define MAX_KEY_LEN 256 /* maximum symmetric key length in bytes */
+
+/*
+ * LOG2_BUCKETS_PER_SESSION_LOCK must be a prime number.
+ * With SESSION_HASH_SIZE=1024, LOG2 can be 9, 5, 1, or 0.
+ * With SESSION_HASH_SIZE=4096, LOG2 can be 11, 9, 5, 1, or 0.
+ *
+ * HASH_SIZE LOG2_BUCKETS_PER BUCKETS_PER_LOCK NUMBER_OF_BUCKETS
+ * 1024 9 512 2
+ * 1024 5 32 32
+ * 1024 1 2 512
+ * 1024 0 1 1024
+ * 4096 11 2048 2
+ * 4096 9 512 8
+ * 4096 5 32 128
+ * 4096 1 2 2048
+ * 4096 0 1 4096
+ */
+#define LOG2_BUCKETS_PER_SESSION_LOCK 1
+#define BUCKETS_PER_SESSION_LOCK (1 << (LOG2_BUCKETS_PER_SESSION_LOCK))
+/* NOSPREAD sessionID to hash table index macro has been slower. */
+
+/* define typedefs, double as forward declarations as well */
+typedef struct SFTKAttributeStr SFTKAttribute;
+typedef struct SFTKObjectListStr SFTKObjectList;
+typedef struct SFTKObjectFreeListStr SFTKObjectFreeList;
+typedef struct SFTKObjectListElementStr SFTKObjectListElement;
+typedef struct SFTKObjectStr SFTKObject;
+typedef struct SFTKSessionObjectStr SFTKSessionObject;
+typedef struct SFTKTokenObjectStr SFTKTokenObject;
+typedef struct SFTKSessionStr SFTKSession;
+typedef struct SFTKSlotStr SFTKSlot;
+typedef struct SFTKSessionContextStr SFTKSessionContext;
+typedef struct SFTKSearchResultsStr SFTKSearchResults;
+typedef struct SFTKHashVerifyInfoStr SFTKHashVerifyInfo;
+typedef struct SFTKHashSignInfoStr SFTKHashSignInfo;
+typedef struct SFTKOAEPEncryptInfoStr SFTKOAEPEncryptInfo;
+typedef struct SFTKOAEPDecryptInfoStr SFTKOAEPDecryptInfo;
+typedef struct SFTKSSLMACInfoStr SFTKSSLMACInfo;
+typedef struct SFTKChaCha20Poly1305InfoStr SFTKChaCha20Poly1305Info;
+typedef struct SFTKItemTemplateStr SFTKItemTemplate;
+
+/* define function pointer typdefs for pointer tables */
+typedef void (*SFTKDestroy)(void *, PRBool);
+typedef void (*SFTKBegin)(void *);
+typedef SECStatus (*SFTKCipher)(void *, void *, unsigned int *, unsigned int,
+ void *, unsigned int);
+typedef SECStatus (*SFTKVerify)(void *, void *, unsigned int, void *, unsigned int);
+typedef void (*SFTKHash)(void *, const void *, unsigned int);
+typedef void (*SFTKEnd)(void *, void *, unsigned int *, unsigned int);
+typedef void (*SFTKFree)(void *);
+
+/* Value to tell if an attribute is modifiable or not.
+ * NEVER: attribute is only set on creation.
+ * ONCOPY: attribute is set on creation and can only be changed on copy.
+ * SENSITIVE: attribute can only be changed to TRUE.
+ * ALWAYS: attribute can always be changed.
+ */
+typedef enum {
+ SFTK_NEVER = 0,
+ SFTK_ONCOPY = 1,
+ SFTK_SENSITIVE = 2,
+ SFTK_ALWAYS = 3
+} SFTKModifyType;
+
+/*
+ * Free Status Enum... tell us more information when we think we're
+ * deleting an object.
+ */
+typedef enum {
+ SFTK_DestroyFailure,
+ SFTK_Destroyed,
+ SFTK_Busy
+} SFTKFreeStatus;
+
+/*
+ * attribute values of an object.
+ */
+struct SFTKAttributeStr {
+ SFTKAttribute *next;
+ SFTKAttribute *prev;
+ PRBool freeAttr;
+ PRBool freeData;
+ /*must be called handle to make sftkqueue_find work */
+ CK_ATTRIBUTE_TYPE handle;
+ CK_ATTRIBUTE attrib;
+ unsigned char space[ATTR_SPACE];
+};
+
+/*
+ * doubly link list of objects
+ */
+struct SFTKObjectListStr {
+ SFTKObjectList *next;
+ SFTKObjectList *prev;
+ SFTKObject *parent;
+};
+
+struct SFTKObjectFreeListStr {
+ SFTKObject *head;
+ PZLock *lock;
+ int count;
+};
+
+/*
+ * PKCS 11 crypto object structure
+ */
+struct SFTKObjectStr {
+ SFTKObject *next;
+ SFTKObject *prev;
+ CK_OBJECT_CLASS objclass;
+ CK_OBJECT_HANDLE handle;
+ int refCount;
+ PZLock *refLock;
+ SFTKSlot *slot;
+ void *objectInfo;
+ SFTKFree infoFree;
+};
+
+struct SFTKTokenObjectStr {
+ SFTKObject obj;
+ SECItem dbKey;
+};
+
+struct SFTKSessionObjectStr {
+ SFTKObject obj;
+ SFTKObjectList sessionList;
+ PZLock *attributeLock;
+ SFTKSession *session;
+ PRBool wasDerived;
+ int nextAttr;
+ SFTKAttribute attrList[MAX_OBJS_ATTRS];
+ PRBool optimizeSpace;
+ unsigned int hashSize;
+ SFTKAttribute *head[1];
+};
+
+/*
+ * struct to deal with a temparary list of objects
+ */
+struct SFTKObjectListElementStr {
+ SFTKObjectListElement *next;
+ SFTKObject *object;
+};
+
+/*
+ * Area to hold Search results
+ */
+struct SFTKSearchResultsStr {
+ CK_OBJECT_HANDLE *handles;
+ int size;
+ int index;
+ int array_size;
+};
+
+/*
+ * the universal crypto/hash/sign/verify context structure
+ */
+typedef enum {
+ SFTK_ENCRYPT,
+ SFTK_DECRYPT,
+ SFTK_HASH,
+ SFTK_SIGN,
+ SFTK_SIGN_RECOVER,
+ SFTK_VERIFY,
+ SFTK_VERIFY_RECOVER
+} SFTKContextType;
+
+/** max block size of supported block ciphers */
+#define SFTK_MAX_BLOCK_SIZE 16
+/** currently SHA512 is the biggest hash length */
+#define SFTK_MAX_MAC_LENGTH 64
+#define SFTK_INVALID_MAC_SIZE 0xffffffff
+
+/** Particular ongoing operation in session (sign/verify/digest/encrypt/...)
+ *
+ * Understanding sign/verify context:
+ * multi=1 hashInfo=0 block (symmetric) cipher MACing
+ * multi=1 hashInfo=X PKC S/V with prior hashing
+ * multi=0 hashInfo=0 PKC S/V one shot (w/o hashing)
+ * multi=0 hashInfo=X *** shouldn't happen ***
+ */
+struct SFTKSessionContextStr {
+ SFTKContextType type;
+ PRBool multi; /* is multipart */
+ PRBool rsa; /* is rsa */
+ PRBool doPad; /* use PKCS padding for block ciphers */
+ unsigned int blockSize; /* blocksize for padding */
+ unsigned int padDataLength; /* length of the valid data in padbuf */
+ /** latest incomplete block of data for block cipher */
+ unsigned char padBuf[SFTK_MAX_BLOCK_SIZE];
+ /** result of MAC'ing of latest full block of data with block cipher */
+ unsigned char macBuf[SFTK_MAX_BLOCK_SIZE];
+ CK_ULONG macSize; /* size of a general block cipher mac*/
+ void *cipherInfo;
+ void *hashInfo;
+ unsigned int cipherInfoLen;
+ CK_MECHANISM_TYPE currentMech;
+ SFTKCipher update;
+ SFTKHash hashUpdate;
+ SFTKEnd end;
+ SFTKDestroy destroy;
+ SFTKDestroy hashdestroy;
+ SFTKVerify verify;
+ unsigned int maxLen;
+ SFTKObject *key;
+};
+
+/*
+ * Sessions (have objects)
+ */
+struct SFTKSessionStr {
+ SFTKSession *next;
+ SFTKSession *prev;
+ CK_SESSION_HANDLE handle;
+ int refCount;
+ PZLock *objectLock;
+ int objectIDCount;
+ CK_SESSION_INFO info;
+ CK_NOTIFY notify;
+ CK_VOID_PTR appData;
+ SFTKSlot *slot;
+ SFTKSearchResults *search;
+ SFTKSessionContext *enc_context;
+ SFTKSessionContext *hash_context;
+ SFTKSessionContext *sign_context;
+ SFTKObjectList *objects[1];
+};
+
+/*
+ * slots (have sessions and objects)
+ *
+ * The array of sessionLock's protect the session hash table (head[])
+ * as well as the reference count of session objects in that bucket
+ * (head[]->refCount), objectLock protects all elements of the slot's
+ * object hash tables (sessObjHashTable[] and tokObjHashTable), and
+ * sessionObjectHandleCount.
+ * slotLock protects the remaining protected elements:
+ * password, isLoggedIn, ssoLoggedIn, and sessionCount,
+ * and pwCheckLock serializes the key database password checks in
+ * NSC_SetPIN and NSC_Login.
+ *
+ * Each of the fields below has the following lifetime as commented
+ * next to the fields:
+ * invariant - This value is set when the slot is first created and
+ * never changed until it is destroyed.
+ * per load - This value is set when the slot is first created, or
+ * when the slot is used to open another directory. Between open and close
+ * this field does not change.
+ * variable - This value changes through the normal process of slot operation.
+ * - reset. The value of this variable is cleared during an open/close
+ * cycles.
+ * - preserved. The value of this variable is preserved over open/close
+ * cycles.
+ */
+struct SFTKSlotStr {
+ CK_SLOT_ID slotID; /* invariant */
+ PZLock *slotLock; /* invariant */
+ PZLock **sessionLock; /* invariant */
+ unsigned int numSessionLocks; /* invariant */
+ unsigned long sessionLockMask; /* invariant */
+ PZLock *objectLock; /* invariant */
+ PRLock *pwCheckLock; /* invariant */
+ PRBool present; /* variable -set */
+ PRBool hasTokens; /* per load */
+ PRBool isLoggedIn; /* variable - reset */
+ PRBool ssoLoggedIn; /* variable - reset */
+ PRBool needLogin; /* per load */
+ PRBool DB_loaded; /* per load */
+ PRBool readOnly; /* per load */
+ PRBool optimizeSpace; /* invariant */
+ SFTKDBHandle *certDB; /* per load */
+ SFTKDBHandle *keyDB; /* per load */
+ int minimumPinLen; /* per load */
+ PRInt32 sessionIDCount; /* atomically incremented */
+ /* (preserved) */
+ int sessionIDConflict; /* not protected by a lock */
+ /* (preserved) */
+ int sessionCount; /* variable - reset */
+ PRInt32 rwSessionCount; /* set by atomic operations */
+ /* (reset) */
+ int sessionObjectHandleCount; /* variable - perserved */
+ CK_ULONG index; /* invariant */
+ PLHashTable *tokObjHashTable; /* invariant */
+ SFTKObject **sessObjHashTable; /* variable - reset */
+ unsigned int sessObjHashSize; /* invariant */
+ SFTKSession **head; /* variable -reset */
+ unsigned int sessHashSize; /* invariant */
+ char tokDescription[33]; /* per load */
+ char updateTokDescription[33]; /* per load */
+ char slotDescription[65]; /* invariant */
+};
+
+/*
+ * special joint operations Contexts
+ */
+struct SFTKHashVerifyInfoStr {
+ SECOidTag hashOid;
+ void *params;
+ NSSLOWKEYPublicKey *key;
+};
+
+struct SFTKHashSignInfoStr {
+ SECOidTag hashOid;
+ void *params;
+ NSSLOWKEYPrivateKey *key;
+};
+
+/**
+ * Contexts for RSA-OAEP
+ */
+struct SFTKOAEPEncryptInfoStr {
+ CK_RSA_PKCS_OAEP_PARAMS *params;
+ NSSLOWKEYPublicKey *key;
+};
+
+struct SFTKOAEPDecryptInfoStr {
+ CK_RSA_PKCS_OAEP_PARAMS *params;
+ NSSLOWKEYPrivateKey *key;
+};
+
+/* context for the Final SSLMAC message */
+struct SFTKSSLMACInfoStr {
+ void *hashContext;
+ SFTKBegin begin;
+ SFTKHash update;
+ SFTKEnd end;
+ CK_ULONG macSize;
+ int padSize;
+ unsigned char key[MAX_KEY_LEN];
+ unsigned int keySize;
+};
+
+/* SFTKChaCha20Poly1305Info saves the key, tag length, nonce,
+ * and additional data for a ChaCha20+Poly1305 AEAD operation. */
+struct SFTKChaCha20Poly1305InfoStr {
+ ChaCha20Poly1305Context freeblCtx;
+ unsigned char nonce[12];
+ unsigned char ad[16];
+ unsigned char *adOverflow;
+ unsigned int adLen;
+};
+
+/*
+ * Template based on SECItems, suitable for passing as arrays
+ */
+struct SFTKItemTemplateStr {
+ CK_ATTRIBUTE_TYPE type;
+ SECItem *item;
+};
+
+/* macro for setting SFTKTemplates. */
+#define SFTK_SET_ITEM_TEMPLATE(templ, count, itemPtr, attr) \
+ templ[count].type = attr; \
+ templ[count].item = itemPtr
+
+#define SFTK_MAX_ITEM_TEMPLATE 10
+
+/*
+ * session handle modifiers
+ */
+#define SFTK_SESSION_SLOT_MASK 0xff000000L
+
+/*
+ * object handle modifiers
+ */
+#define SFTK_TOKEN_MASK 0x80000000L
+#define SFTK_TOKEN_MAGIC 0x80000000L
+#define SFTK_TOKEN_TYPE_MASK 0x70000000L
+/* keydb (high bit == 0) */
+#define SFTK_TOKEN_TYPE_PRIV 0x10000000L
+#define SFTK_TOKEN_TYPE_PUB 0x20000000L
+#define SFTK_TOKEN_TYPE_KEY 0x30000000L
+/* certdb (high bit == 1) */
+#define SFTK_TOKEN_TYPE_TRUST 0x40000000L
+#define SFTK_TOKEN_TYPE_CRL 0x50000000L
+#define SFTK_TOKEN_TYPE_SMIME 0x60000000L
+#define SFTK_TOKEN_TYPE_CERT 0x70000000L
+
+#define SFTK_TOKEN_KRL_HANDLE (SFTK_TOKEN_MAGIC | SFTK_TOKEN_TYPE_CRL | 1)
+/* how big (in bytes) a password/pin we can deal with */
+#define SFTK_MAX_PIN 255
+/* minimum password/pin length (in Unicode characters) in FIPS mode */
+#define FIPS_MIN_PIN 7
+
+/* slot ID's */
+#define NETSCAPE_SLOT_ID 1
+#define PRIVATE_KEY_SLOT_ID 2
+#define FIPS_SLOT_ID 3
+
+/* slot helper macros */
+#define sftk_SlotFromSession(sp) ((sp)->slot)
+#define sftk_isToken(id) (((id)&SFTK_TOKEN_MASK) == SFTK_TOKEN_MAGIC)
+
+/* the session hash multiplier (see bug 201081) */
+#define SHMULTIPLIER 1791398085
+
+/* queueing helper macros */
+#define sftk_hash(value, size) \
+ ((PRUint32)((value)*SHMULTIPLIER) & (size - 1))
+#define sftkqueue_add(element, id, head, hash_size) \
+ { \
+ int tmp = sftk_hash(id, hash_size); \
+ (element)->next = (head)[tmp]; \
+ (element)->prev = NULL; \
+ if ((head)[tmp]) \
+ (head)[tmp]->prev = (element); \
+ (head)[tmp] = (element); \
+ }
+#define sftkqueue_find(element, id, head, hash_size) \
+ for ((element) = (head)[sftk_hash(id, hash_size)]; (element) != NULL; \
+ (element) = (element)->next) { \
+ if ((element)->handle == (id)) { \
+ break; \
+ } \
+ }
+#define sftkqueue_is_queued(element, id, head, hash_size) \
+ (((element)->next) || ((element)->prev) || \
+ ((head)[sftk_hash(id, hash_size)] == (element)))
+#define sftkqueue_delete(element, id, head, hash_size) \
+ if ((element)->next) \
+ (element)->next->prev = (element)->prev; \
+ if ((element)->prev) \
+ (element)->prev->next = (element)->next; \
+ else \
+ (head)[sftk_hash(id, hash_size)] = ((element)->next); \
+ (element)->next = NULL; \
+ (element)->prev = NULL;
+
+#define sftkqueue_init_element(element) \
+ (element)->prev = NULL;
+
+#define sftkqueue_add2(element, id, index, head) \
+ { \
+ (element)->next = (head)[index]; \
+ if ((head)[index]) \
+ (head)[index]->prev = (element); \
+ (head)[index] = (element); \
+ }
+
+#define sftkqueue_find2(element, id, index, head) \
+ for ((element) = (head)[index]; \
+ (element) != NULL; \
+ (element) = (element)->next) { \
+ if ((element)->handle == (id)) { \
+ break; \
+ } \
+ }
+
+#define sftkqueue_delete2(element, id, index, head) \
+ if ((element)->next) \
+ (element)->next->prev = (element)->prev; \
+ if ((element)->prev) \
+ (element)->prev->next = (element)->next; \
+ else \
+ (head)[index] = ((element)->next);
+
+#define sftkqueue_clear_deleted_element(element) \
+ (element)->next = NULL; \
+ (element)->prev = NULL;
+
+/* sessionID (handle) is used to determine session lock bucket */
+#ifdef NOSPREAD
+/* NOSPREAD: (ID>>L2LPB) & (perbucket-1) */
+#define SFTK_SESSION_LOCK(slot, handle) \
+ ((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) & (slot)->sessionLockMask])
+#else
+/* SPREAD: ID & (perbucket-1) */
+#define SFTK_SESSION_LOCK(slot, handle) \
+ ((slot)->sessionLock[(handle) & (slot)->sessionLockMask])
+#endif
+
+/* expand an attribute & secitem structures out */
+#define sftk_attr_expand(ap) (ap)->type, (ap)->pValue, (ap)->ulValueLen
+#define sftk_item_expand(ip) (ip)->data, (ip)->len
+
+typedef struct sftk_token_parametersStr {
+ CK_SLOT_ID slotID;
+ char *configdir;
+ char *certPrefix;
+ char *keyPrefix;
+ char *updatedir;
+ char *updCertPrefix;
+ char *updKeyPrefix;
+ char *updateID;
+ char *tokdes;
+ char *slotdes;
+ char *updtokdes;
+ int minPW;
+ PRBool readOnly;
+ PRBool noCertDB;
+ PRBool noKeyDB;
+ PRBool forceOpen;
+ PRBool pwRequired;
+ PRBool optimizeSpace;
+} sftk_token_parameters;
+
+typedef struct sftk_parametersStr {
+ char *configdir;
+ char *updatedir;
+ char *updateID;
+ char *secmodName;
+ char *man;
+ char *libdes;
+ PRBool readOnly;
+ PRBool noModDB;
+ PRBool noCertDB;
+ PRBool forceOpen;
+ PRBool pwRequired;
+ PRBool optimizeSpace;
+ sftk_token_parameters *tokens;
+ int token_count;
+} sftk_parameters;
+
+/* path stuff (was machine dependent) used by dbinit.c and pk11db.c */
+#define CERT_DB_FMT "%scert%s.db"
+#define KEY_DB_FMT "%skey%s.db"
+
+SEC_BEGIN_PROTOS
+
+/* shared functions between pkcs11.c and fipstokn.c */
+extern PRBool nsf_init;
+extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
+extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS);
+extern PRBool sftk_ForkReset(CK_VOID_PTR pReserved, CK_RV *crv);
+extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent,
+ CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex);
+
+/* slot initialization, reinit, shutdown and destruction */
+extern CK_RV SFTK_SlotInit(char *configdir, char *updatedir, char *updateID,
+ sftk_token_parameters *params, int moduleIndex);
+extern CK_RV SFTK_SlotReInit(SFTKSlot *slot, char *configdir,
+ char *updatedir, char *updateID,
+ sftk_token_parameters *params, int moduleIndex);
+extern CK_RV SFTK_DestroySlotData(SFTKSlot *slot);
+extern CK_RV SFTK_ShutdownSlot(SFTKSlot *slot);
+extern CK_RV sftk_CloseAllSessions(SFTKSlot *slot, PRBool logout);
+
+/* internal utility functions used by pkcs11.c */
+extern SFTKAttribute *sftk_FindAttribute(SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type);
+extern void sftk_FreeAttribute(SFTKAttribute *attribute);
+extern CK_RV sftk_AddAttributeType(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *valPtr, CK_ULONG length);
+extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
+ SFTKObject *object, CK_ATTRIBUTE_TYPE type);
+extern CK_RV sftk_MultipleAttribute2SecItem(PLArenaPool *arena,
+ SFTKObject *object,
+ SFTKItemTemplate *templ, int count);
+extern unsigned int sftk_GetLengthInBits(unsigned char *buf,
+ unsigned int bufLen);
+extern CK_RV sftk_ConstrainAttribute(SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type, int minLength,
+ int maxLength, int minMultiple);
+extern PRBool sftk_hasAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
+extern PRBool sftk_isTrue(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
+extern void sftk_DeleteAttributeType(SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type);
+extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
+ SFTKObject *object, CK_ATTRIBUTE_TYPE type);
+extern CK_RV sftk_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
+ SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type);
+extern SFTKModifyType sftk_modifyType(CK_ATTRIBUTE_TYPE type,
+ CK_OBJECT_CLASS inClass);
+extern PRBool sftk_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
+extern char *sftk_getString(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
+extern void sftk_nullAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
+extern CK_RV sftk_GetULongAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ CK_ULONG *longData);
+extern CK_RV sftk_forceAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len);
+extern CK_RV sftk_defaultAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len);
+extern unsigned int sftk_MapTrust(CK_TRUST trust, PRBool clientAuth);
+
+extern SFTKObject *sftk_NewObject(SFTKSlot *slot);
+extern CK_RV sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject);
+extern SFTKFreeStatus sftk_FreeObject(SFTKObject *object);
+extern CK_RV sftk_DeleteObject(SFTKSession *session, SFTKObject *object);
+extern void sftk_ReferenceObject(SFTKObject *object);
+extern SFTKObject *sftk_ObjectFromHandle(CK_OBJECT_HANDLE handle,
+ SFTKSession *session);
+extern void sftk_AddSlotObject(SFTKSlot *slot, SFTKObject *object);
+extern void sftk_AddObject(SFTKSession *session, SFTKObject *object);
+/* clear out all the existing object ID to database key mappings.
+ * used to reinit a token */
+extern CK_RV SFTK_ClearTokenKeyHashTable(SFTKSlot *slot);
+
+extern CK_RV sftk_searchObjectList(SFTKSearchResults *search,
+ SFTKObject **head, unsigned int size,
+ PZLock *lock, CK_ATTRIBUTE_PTR inTemplate,
+ int count, PRBool isLoggedIn);
+extern SFTKObjectListElement *sftk_FreeObjectListElement(
+ SFTKObjectListElement *objectList);
+extern void sftk_FreeObjectList(SFTKObjectListElement *objectList);
+extern void sftk_FreeSearch(SFTKSearchResults *search);
+extern CK_RV sftk_handleObject(SFTKObject *object, SFTKSession *session);
+
+extern SFTKSlot *sftk_SlotFromID(CK_SLOT_ID slotID, PRBool all);
+extern SFTKSlot *sftk_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
+extern SFTKSession *sftk_SessionFromHandle(CK_SESSION_HANDLE handle);
+extern void sftk_FreeSession(SFTKSession *session);
+extern SFTKSession *sftk_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
+ CK_VOID_PTR pApplication, CK_FLAGS flags);
+extern void sftk_update_state(SFTKSlot *slot, SFTKSession *session);
+extern void sftk_update_all_states(SFTKSlot *slot);
+extern void sftk_FreeContext(SFTKSessionContext *context);
+extern void sftk_InitFreeLists(void);
+extern void sftk_CleanupFreeLists(void);
+
+extern NSSLOWKEYPublicKey *sftk_GetPubKey(SFTKObject *object,
+ CK_KEY_TYPE key_type, CK_RV *crvp);
+extern NSSLOWKEYPrivateKey *sftk_GetPrivKey(SFTKObject *object,
+ CK_KEY_TYPE key_type, CK_RV *crvp);
+extern void sftk_FormatDESKey(unsigned char *key, int length);
+extern PRBool sftk_CheckDESKey(unsigned char *key);
+extern PRBool sftk_IsWeakKey(unsigned char *key, CK_KEY_TYPE key_type);
+
+/* mechanism allows this operation */
+extern CK_RV sftk_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op);
+
+/* helper function which calls nsslowkey_FindKeyByPublicKey after safely
+ * acquiring a reference to the keydb from the slot */
+NSSLOWKEYPrivateKey *sftk_FindKeyByPublicKey(SFTKSlot *slot, SECItem *dbKey);
+
+/*
+ * parameter parsing functions
+ */
+CK_RV sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS);
+void sftk_freeParams(sftk_parameters *params);
+
+/*
+ * narrow objects
+ */
+SFTKSessionObject *sftk_narrowToSessionObject(SFTKObject *);
+SFTKTokenObject *sftk_narrowToTokenObject(SFTKObject *);
+
+/*
+ * token object utilities
+ */
+void sftk_addHandle(SFTKSearchResults *search, CK_OBJECT_HANDLE handle);
+PRBool sftk_poisonHandle(SFTKSlot *slot, SECItem *dbkey,
+ CK_OBJECT_HANDLE handle);
+SFTKObject *sftk_NewTokenObject(SFTKSlot *slot, SECItem *dbKey,
+ CK_OBJECT_HANDLE handle);
+SFTKTokenObject *sftk_convertSessionToToken(SFTKObject *so);
+
+/* J-PAKE (jpakesftk.c) */
+extern CK_RV jpake_Round1(HASH_HashType hashType,
+ CK_NSS_JPAKERound1Params *params,
+ SFTKObject *key);
+extern CK_RV jpake_Round2(HASH_HashType hashType,
+ CK_NSS_JPAKERound2Params *params,
+ SFTKObject *sourceKey, SFTKObject *key);
+extern CK_RV jpake_Final(HASH_HashType hashType,
+ const CK_NSS_JPAKEFinalParams *params,
+ SFTKObject *sourceKey, SFTKObject *key);
+
+/* Constant time MAC functions (hmacct.c) */
+
+struct sftk_MACConstantTimeCtxStr {
+ const SECHashObject *hash;
+ unsigned char mac[64];
+ unsigned char secret[64];
+ unsigned int headerLength;
+ unsigned int secretLength;
+ unsigned int totalLength;
+ unsigned char header[75];
+};
+typedef struct sftk_MACConstantTimeCtxStr sftk_MACConstantTimeCtx;
+sftk_MACConstantTimeCtx *sftk_HMACConstantTime_New(
+ CK_MECHANISM_PTR mech, SFTKObject *key);
+sftk_MACConstantTimeCtx *sftk_SSLv3MACConstantTime_New(
+ CK_MECHANISM_PTR mech, SFTKObject *key);
+void sftk_HMACConstantTime_Update(void *pctx, const void *data, unsigned int len);
+void sftk_SSLv3MACConstantTime_Update(void *pctx, const void *data, unsigned int len);
+void sftk_MACConstantTime_EndHash(
+ void *pctx, void *out, unsigned int *outLength, unsigned int maxLength);
+void sftk_MACConstantTime_DestroyContext(void *pctx, PRBool);
+
+/****************************************
+ * implement TLS Pseudo Random Function (PRF)
+ */
+
+extern CK_RV
+sftk_TLSPRFInit(SFTKSessionContext *context,
+ SFTKObject *key,
+ CK_KEY_TYPE key_type,
+ HASH_HashType hash_alg,
+ unsigned int out_len);
+
+SEC_END_PROTOS
+
+#endif /* _PKCS11I_H_ */
diff --git a/security/nss/lib/softoken/pkcs11ni.h b/security/nss/lib/softoken/pkcs11ni.h
new file mode 100644
index 000000000..612842c93
--- /dev/null
+++ b/security/nss/lib/softoken/pkcs11ni.h
@@ -0,0 +1,20 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _PKCS11NI_H_
+#define _PKCS11NI_H_
+
+/*
+ * pkcs11ni.h
+ *
+ * This file contains softoken private exports for NSS
+ */
+
+/* softoken slot ID's */
+#define SFTK_MIN_USER_SLOT_ID 4
+#define SFTK_MAX_USER_SLOT_ID 100
+#define SFTK_MIN_FIPS_USER_SLOT_ID 101
+#define SFTK_MAX_FIPS_USER_SLOT_ID 127
+
+#endif /* _PKCS11NI_H_ */
diff --git a/security/nss/lib/softoken/pkcs11u.c b/security/nss/lib/softoken/pkcs11u.c
new file mode 100644
index 000000000..a5694ee38
--- /dev/null
+++ b/security/nss/lib/softoken/pkcs11u.c
@@ -0,0 +1,1994 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Internal PKCS #11 functions. Should only be called by pkcs11.c
+ */
+#include "pkcs11.h"
+#include "pkcs11i.h"
+#include "lowkeyi.h"
+#include "secasn1.h"
+#include "blapi.h"
+#include "secerr.h"
+#include "prnetdb.h" /* for PR_ntohl */
+#include "sftkdb.h"
+#include "softoken.h"
+
+/*
+ * ******************** Attribute Utilities *******************************
+ */
+
+/*
+ * create a new attribute with type, value, and length. Space is allocated
+ * to hold value.
+ */
+static SFTKAttribute *
+sftk_NewAttribute(SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type, const void *value, CK_ULONG len)
+{
+ SFTKAttribute *attribute;
+
+ SFTKSessionObject *so = sftk_narrowToSessionObject(object);
+ int index;
+
+ if (so == NULL) {
+ /* allocate new attribute in a buffer */
+ PORT_Assert(0);
+ return NULL;
+ }
+ /*
+ * We attempt to keep down contention on Malloc and Arena locks by
+ * limiting the number of these calls on high traversed paths. This
+ * is done for attributes by 'allocating' them from a pool already
+ * allocated by the parent object.
+ */
+ PZ_Lock(so->attributeLock);
+ index = so->nextAttr++;
+ PZ_Unlock(so->attributeLock);
+ PORT_Assert(index < MAX_OBJS_ATTRS);
+ if (index >= MAX_OBJS_ATTRS)
+ return NULL;
+
+ attribute = &so->attrList[index];
+ attribute->attrib.type = type;
+ attribute->freeAttr = PR_FALSE;
+ attribute->freeData = PR_FALSE;
+ if (value) {
+ if (len <= ATTR_SPACE) {
+ attribute->attrib.pValue = attribute->space;
+ } else {
+ attribute->attrib.pValue = PORT_Alloc(len);
+ attribute->freeData = PR_TRUE;
+ }
+ if (attribute->attrib.pValue == NULL) {
+ return NULL;
+ }
+ PORT_Memcpy(attribute->attrib.pValue, value, len);
+ attribute->attrib.ulValueLen = len;
+ } else {
+ attribute->attrib.pValue = NULL;
+ attribute->attrib.ulValueLen = 0;
+ }
+ attribute->attrib.type = type;
+ attribute->handle = type;
+ attribute->next = attribute->prev = NULL;
+ return attribute;
+}
+
+/*
+ * Free up all the memory associated with an attribute. Reference count
+ * must be zero to call this.
+ */
+static void
+sftk_DestroyAttribute(SFTKAttribute *attribute)
+{
+ if (attribute->freeData) {
+ if (attribute->attrib.pValue) {
+ /* clear out the data in the attribute value... it may have been
+ * sensitive data */
+ PORT_Memset(attribute->attrib.pValue, 0,
+ attribute->attrib.ulValueLen);
+ }
+ PORT_Free(attribute->attrib.pValue);
+ }
+ PORT_Free(attribute);
+}
+
+/*
+ * release a reference to an attribute structure
+ */
+void
+sftk_FreeAttribute(SFTKAttribute *attribute)
+{
+ if (attribute->freeAttr) {
+ sftk_DestroyAttribute(attribute);
+ return;
+ }
+}
+
+static SFTKAttribute *
+sftk_FindTokenAttribute(SFTKTokenObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *myattribute = NULL;
+ SFTKDBHandle *dbHandle = NULL;
+ CK_RV crv = CKR_HOST_MEMORY;
+
+ myattribute = (SFTKAttribute *)PORT_Alloc(sizeof(SFTKAttribute));
+ if (myattribute == NULL) {
+ goto loser;
+ }
+
+ dbHandle = sftk_getDBForTokenObject(object->obj.slot, object->obj.handle);
+
+ myattribute->handle = type;
+ myattribute->attrib.type = type;
+ myattribute->attrib.pValue = myattribute->space;
+ myattribute->attrib.ulValueLen = ATTR_SPACE;
+ myattribute->next = myattribute->prev = NULL;
+ myattribute->freeAttr = PR_TRUE;
+ myattribute->freeData = PR_FALSE;
+
+ crv = sftkdb_GetAttributeValue(dbHandle, object->obj.handle,
+ &myattribute->attrib, 1);
+
+ /* attribute is bigger than our attribute space buffer, malloc it */
+ if (crv == CKR_BUFFER_TOO_SMALL) {
+ myattribute->attrib.pValue = NULL;
+ crv = sftkdb_GetAttributeValue(dbHandle, object->obj.handle,
+ &myattribute->attrib, 1);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ myattribute->attrib.pValue = PORT_Alloc(myattribute->attrib.ulValueLen);
+ if (myattribute->attrib.pValue == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ myattribute->freeData = PR_TRUE;
+ crv = sftkdb_GetAttributeValue(dbHandle, object->obj.handle,
+ &myattribute->attrib, 1);
+ }
+loser:
+ if (dbHandle) {
+ sftk_freeDB(dbHandle);
+ }
+ if (crv != CKR_OK) {
+ if (myattribute) {
+ myattribute->attrib.ulValueLen = 0;
+ sftk_FreeAttribute(myattribute);
+ myattribute = NULL;
+ }
+ }
+ return myattribute;
+}
+
+/*
+ * look up and attribute structure from a type and Object structure.
+ * The returned attribute is referenced and needs to be freed when
+ * it is no longer needed.
+ */
+SFTKAttribute *
+sftk_FindAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+ SFTKSessionObject *sessObject = sftk_narrowToSessionObject(object);
+
+ if (sessObject == NULL) {
+ return sftk_FindTokenAttribute(sftk_narrowToTokenObject(object), type);
+ }
+
+ PZ_Lock(sessObject->attributeLock);
+ sftkqueue_find(attribute, type, sessObject->head, sessObject->hashSize);
+ PZ_Unlock(sessObject->attributeLock);
+
+ return (attribute);
+}
+
+/*
+ * Take a buffer and it's length and return it's true size in bits;
+ */
+unsigned int
+sftk_GetLengthInBits(unsigned char *buf, unsigned int bufLen)
+{
+ unsigned int size = bufLen * 8;
+ unsigned int i;
+
+ /* Get the real length in bytes */
+ for (i = 0; i < bufLen; i++) {
+ unsigned char c = *buf++;
+ if (c != 0) {
+ unsigned char m;
+ for (m = 0x80; m > 0; m = m >> 1) {
+ if ((c & m) != 0) {
+ break;
+ }
+ size--;
+ }
+ break;
+ }
+ size -= 8;
+ }
+ return size;
+}
+
+/*
+ * Constrain a big num attribute. to size and padding
+ * minLength means length of the object must be greater than equal to minLength
+ * maxLength means length of the object must be less than equal to maxLength
+ * minMultiple means that object length mod minMultiple must equal 0.
+ * all input sizes are in bits.
+ * if any constraint is '0' that constraint is not checked.
+ */
+CK_RV
+sftk_ConstrainAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ int minLength, int maxLength, int minMultiple)
+{
+ SFTKAttribute *attribute;
+ int size;
+ unsigned char *ptr;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (!attribute) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ ptr = (unsigned char *)attribute->attrib.pValue;
+ if (ptr == NULL) {
+ sftk_FreeAttribute(attribute);
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ size = sftk_GetLengthInBits(ptr, attribute->attrib.ulValueLen);
+ sftk_FreeAttribute(attribute);
+
+ if ((minLength != 0) && (size < minLength)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ if ((maxLength != 0) && (size > maxLength)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ if ((minMultiple != 0) && ((size % minMultiple) != 0)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ return CKR_OK;
+}
+
+PRBool
+sftk_hasAttributeToken(SFTKTokenObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ CK_ATTRIBUTE template;
+ CK_RV crv;
+ SFTKDBHandle *dbHandle;
+
+ dbHandle = sftk_getDBForTokenObject(object->obj.slot, object->obj.handle);
+ template.type = type;
+ template.pValue = NULL;
+ template.ulValueLen = 0;
+
+ crv = sftkdb_GetAttributeValue(dbHandle, object->obj.handle, &template, 1);
+ sftk_freeDB(dbHandle);
+
+ /* attribute is bigger than our attribute space buffer, malloc it */
+ return (crv == CKR_OK) ? PR_TRUE : PR_FALSE;
+}
+
+/*
+ * return true if object has attribute
+ */
+PRBool
+sftk_hasAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+ SFTKSessionObject *sessObject = sftk_narrowToSessionObject(object);
+
+ if (sessObject == NULL) {
+ return sftk_hasAttributeToken(sftk_narrowToTokenObject(object), type);
+ }
+
+ PZ_Lock(sessObject->attributeLock);
+ sftkqueue_find(attribute, type, sessObject->head, sessObject->hashSize);
+ PZ_Unlock(sessObject->attributeLock);
+
+ return (PRBool)(attribute != NULL);
+}
+
+/*
+ * add an attribute to an object
+ */
+static void
+sftk_AddAttribute(SFTKObject *object, SFTKAttribute *attribute)
+{
+ SFTKSessionObject *sessObject = sftk_narrowToSessionObject(object);
+
+ if (sessObject == NULL)
+ return;
+ PZ_Lock(sessObject->attributeLock);
+ sftkqueue_add(attribute, attribute->handle,
+ sessObject->head, sessObject->hashSize);
+ PZ_Unlock(sessObject->attributeLock);
+}
+
+/*
+ * copy an unsigned attribute into a SECItem. Secitem is allocated in
+ * the specified arena.
+ */
+CK_RV
+sftk_Attribute2SSecItem(PLArenaPool *arena, SECItem *item, SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+
+ item->data = NULL;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ (void)SECITEM_AllocItem(arena, item, attribute->attrib.ulValueLen);
+ if (item->data == NULL) {
+ sftk_FreeAttribute(attribute);
+ return CKR_HOST_MEMORY;
+ }
+ PORT_Memcpy(item->data, attribute->attrib.pValue, item->len);
+ sftk_FreeAttribute(attribute);
+ return CKR_OK;
+}
+
+/*
+ * fetch multiple attributes into SECItems. Secitem data is allocated in
+ * the specified arena.
+ */
+CK_RV
+sftk_MultipleAttribute2SecItem(PLArenaPool *arena, SFTKObject *object,
+ SFTKItemTemplate *itemTemplate, int itemTemplateCount)
+{
+
+ CK_RV crv = CKR_OK;
+ CK_ATTRIBUTE templateSpace[SFTK_MAX_ITEM_TEMPLATE];
+ CK_ATTRIBUTE *template;
+ SFTKTokenObject *tokObject;
+ SFTKDBHandle *dbHandle = NULL;
+ int i;
+
+ tokObject = sftk_narrowToTokenObject(object);
+
+ /* session objects, just loop through the list */
+ if (tokObject == NULL) {
+ for (i = 0; i < itemTemplateCount; i++) {
+ crv = sftk_Attribute2SecItem(arena, itemTemplate[i].item, object,
+ itemTemplate[i].type);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ }
+ return CKR_OK;
+ }
+
+ /* don't do any work if none is required */
+ if (itemTemplateCount == 0) {
+ return CKR_OK;
+ }
+
+ /* don't allocate the template unless we need it */
+ if (itemTemplateCount > SFTK_MAX_ITEM_TEMPLATE) {
+ template = PORT_NewArray(CK_ATTRIBUTE, itemTemplateCount);
+ } else {
+ template = templateSpace;
+ }
+
+ if (template == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ dbHandle = sftk_getDBForTokenObject(object->slot, object->handle);
+ if (dbHandle == NULL) {
+ crv = CKR_OBJECT_HANDLE_INVALID;
+ goto loser;
+ }
+
+ /* set up the PKCS #11 template */
+ for (i = 0; i < itemTemplateCount; i++) {
+ template[i].type = itemTemplate[i].type;
+ template[i].pValue = NULL;
+ template[i].ulValueLen = 0;
+ }
+
+ /* fetch the attribute lengths */
+ crv = sftkdb_GetAttributeValue(dbHandle, object->handle,
+ template, itemTemplateCount);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* allocate space for the attributes */
+ for (i = 0; i < itemTemplateCount; i++) {
+ template[i].pValue = PORT_ArenaAlloc(arena, template[i].ulValueLen);
+ if (template[i].pValue == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+
+ /* fetch the attributes */
+ crv = sftkdb_GetAttributeValue(dbHandle, object->handle,
+ template, itemTemplateCount);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* Fill in the items */
+ for (i = 0; i < itemTemplateCount; i++) {
+ itemTemplate[i].item->data = template[i].pValue;
+ itemTemplate[i].item->len = template[i].ulValueLen;
+ }
+
+loser:
+ if (template != templateSpace) {
+ PORT_Free(template);
+ }
+ if (dbHandle) {
+ sftk_freeDB(dbHandle);
+ }
+
+ return crv;
+}
+
+/*
+ * delete an attribute from an object
+ */
+static void
+sftk_DeleteAttribute(SFTKObject *object, SFTKAttribute *attribute)
+{
+ SFTKSessionObject *sessObject = sftk_narrowToSessionObject(object);
+
+ if (sessObject == NULL) {
+ return;
+ }
+ PZ_Lock(sessObject->attributeLock);
+ if (sftkqueue_is_queued(attribute, attribute->handle,
+ sessObject->head, sessObject->hashSize)) {
+ sftkqueue_delete(attribute, attribute->handle,
+ sessObject->head, sessObject->hashSize);
+ }
+ PZ_Unlock(sessObject->attributeLock);
+}
+
+/*
+ * this is only valid for CK_BBOOL type attributes. Return the state
+ * of that attribute.
+ */
+PRBool
+sftk_isTrue(SFTKObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+ PRBool tok = PR_FALSE;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL) {
+ return PR_FALSE;
+ }
+ tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
+ sftk_FreeAttribute(attribute);
+
+ return tok;
+}
+
+/*
+ * force an attribute to null.
+ * this is for sensitive keys which are stored in the database, we don't
+ * want to keep this info around in memory in the clear.
+ */
+void
+sftk_nullAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return;
+
+ if (attribute->attrib.pValue != NULL) {
+ PORT_Memset(attribute->attrib.pValue, 0, attribute->attrib.ulValueLen);
+ if (attribute->freeData) {
+ PORT_Free(attribute->attrib.pValue);
+ }
+ attribute->freeData = PR_FALSE;
+ attribute->attrib.pValue = NULL;
+ attribute->attrib.ulValueLen = 0;
+ }
+ sftk_FreeAttribute(attribute);
+}
+
+static CK_RV
+sftk_forceTokenAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len)
+{
+ CK_ATTRIBUTE attribute;
+ SFTKDBHandle *dbHandle = NULL;
+ SFTKTokenObject *to = sftk_narrowToTokenObject(object);
+ CK_RV crv;
+
+ PORT_Assert(to);
+ if (to == NULL) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ dbHandle = sftk_getDBForTokenObject(object->slot, object->handle);
+
+ attribute.type = type;
+ attribute.pValue = (void *)value;
+ attribute.ulValueLen = len;
+
+ crv = sftkdb_SetAttributeValue(dbHandle, object, &attribute, 1);
+ sftk_freeDB(dbHandle);
+ return crv;
+}
+
+/*
+ * force an attribute to a specifc value.
+ */
+CK_RV
+sftk_forceAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len)
+{
+ SFTKAttribute *attribute;
+ void *att_val = NULL;
+ PRBool freeData = PR_FALSE;
+
+ PORT_Assert(object);
+ PORT_Assert(object->refCount);
+ PORT_Assert(object->slot);
+ if (!object ||
+ !object->refCount ||
+ !object->slot) {
+ return CKR_DEVICE_ERROR;
+ }
+ if (sftk_isToken(object->handle)) {
+ return sftk_forceTokenAttribute(object, type, value, len);
+ }
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return sftk_AddAttributeType(object, type, value, len);
+
+ if (value) {
+ if (len <= ATTR_SPACE) {
+ att_val = attribute->space;
+ } else {
+ att_val = PORT_Alloc(len);
+ freeData = PR_TRUE;
+ }
+ if (att_val == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ if (attribute->attrib.pValue == att_val) {
+ PORT_Memset(attribute->attrib.pValue, 0,
+ attribute->attrib.ulValueLen);
+ }
+ PORT_Memcpy(att_val, value, len);
+ }
+ if (attribute->attrib.pValue != NULL) {
+ if (attribute->attrib.pValue != att_val) {
+ PORT_Memset(attribute->attrib.pValue, 0,
+ attribute->attrib.ulValueLen);
+ }
+ if (attribute->freeData) {
+ PORT_Free(attribute->attrib.pValue);
+ }
+ attribute->freeData = PR_FALSE;
+ attribute->attrib.pValue = NULL;
+ attribute->attrib.ulValueLen = 0;
+ }
+ if (att_val) {
+ attribute->attrib.pValue = att_val;
+ attribute->attrib.ulValueLen = len;
+ attribute->freeData = freeData;
+ }
+ sftk_FreeAttribute(attribute);
+ return CKR_OK;
+}
+
+/*
+ * return a null terminated string from attribute 'type'. This string
+ * is allocated and needs to be freed with PORT_Free() When complete.
+ */
+char *
+sftk_getString(SFTKObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+ char *label = NULL;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return NULL;
+
+ if (attribute->attrib.pValue != NULL) {
+ label = (char *)PORT_Alloc(attribute->attrib.ulValueLen + 1);
+ if (label == NULL) {
+ sftk_FreeAttribute(attribute);
+ return NULL;
+ }
+
+ PORT_Memcpy(label, attribute->attrib.pValue,
+ attribute->attrib.ulValueLen);
+ label[attribute->attrib.ulValueLen] = 0;
+ }
+ sftk_FreeAttribute(attribute);
+ return label;
+}
+
+/*
+ * decode when a particular attribute may be modified
+ * SFTK_NEVER: This attribute must be set at object creation time and
+ * can never be modified.
+ * SFTK_ONCOPY: This attribute may be modified only when you copy the
+ * object.
+ * SFTK_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
+ * CK_FALSE to CK_TRUE.
+ * SFTK_ALWAYS: This attribute can always be modified.
+ * Some attributes vary their modification type based on the class of the
+ * object.
+ */
+SFTKModifyType
+sftk_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
+{
+ /* if we don't know about it, user user defined, always allow modify */
+ SFTKModifyType mtype = SFTK_ALWAYS;
+
+ switch (type) {
+ /* NEVER */
+ case CKA_CLASS:
+ case CKA_CERTIFICATE_TYPE:
+ case CKA_KEY_TYPE:
+ case CKA_MODULUS:
+ case CKA_MODULUS_BITS:
+ case CKA_PUBLIC_EXPONENT:
+ case CKA_PRIVATE_EXPONENT:
+ case CKA_PRIME:
+ case CKA_SUBPRIME:
+ case CKA_BASE:
+ case CKA_PRIME_1:
+ case CKA_PRIME_2:
+ case CKA_EXPONENT_1:
+ case CKA_EXPONENT_2:
+ case CKA_COEFFICIENT:
+ case CKA_VALUE_LEN:
+ case CKA_ALWAYS_SENSITIVE:
+ case CKA_NEVER_EXTRACTABLE:
+ case CKA_NETSCAPE_DB:
+ mtype = SFTK_NEVER;
+ break;
+
+ /* ONCOPY */
+ case CKA_TOKEN:
+ case CKA_PRIVATE:
+ case CKA_MODIFIABLE:
+ mtype = SFTK_ONCOPY;
+ break;
+
+ /* SENSITIVE */
+ case CKA_SENSITIVE:
+ case CKA_EXTRACTABLE:
+ mtype = SFTK_SENSITIVE;
+ break;
+
+ /* ALWAYS */
+ case CKA_LABEL:
+ case CKA_APPLICATION:
+ case CKA_ID:
+ case CKA_SERIAL_NUMBER:
+ case CKA_START_DATE:
+ case CKA_END_DATE:
+ case CKA_DERIVE:
+ case CKA_ENCRYPT:
+ case CKA_DECRYPT:
+ case CKA_SIGN:
+ case CKA_VERIFY:
+ case CKA_SIGN_RECOVER:
+ case CKA_VERIFY_RECOVER:
+ case CKA_WRAP:
+ case CKA_UNWRAP:
+ mtype = SFTK_ALWAYS;
+ break;
+
+ /* DEPENDS ON CLASS */
+ case CKA_VALUE:
+ mtype = (inClass == CKO_DATA) ? SFTK_ALWAYS : SFTK_NEVER;
+ break;
+
+ case CKA_SUBJECT:
+ mtype = (inClass == CKO_CERTIFICATE) ? SFTK_NEVER : SFTK_ALWAYS;
+ break;
+ default:
+ break;
+ }
+ return mtype;
+}
+
+/* decode if a particular attribute is sensitive (cannot be read
+ * back to the user of if the object is set to SENSITIVE) */
+PRBool
+sftk_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
+{
+ switch (type) {
+ /* ALWAYS */
+ case CKA_PRIVATE_EXPONENT:
+ case CKA_PRIME_1:
+ case CKA_PRIME_2:
+ case CKA_EXPONENT_1:
+ case CKA_EXPONENT_2:
+ case CKA_COEFFICIENT:
+ return PR_TRUE;
+
+ /* DEPENDS ON CLASS */
+ case CKA_VALUE:
+ /* PRIVATE and SECRET KEYS have SENSITIVE values */
+ return (PRBool)((inClass == CKO_PRIVATE_KEY) || (inClass == CKO_SECRET_KEY));
+
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * copy an attribute into a SECItem. Secitem is allocated in the specified
+ * arena.
+ */
+CK_RV
+sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item, SFTKObject *object,
+ CK_ATTRIBUTE_TYPE type)
+{
+ int len;
+ SFTKAttribute *attribute;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ len = attribute->attrib.ulValueLen;
+
+ if (arena) {
+ item->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ } else {
+ item->data = (unsigned char *)PORT_Alloc(len);
+ }
+ if (item->data == NULL) {
+ sftk_FreeAttribute(attribute);
+ return CKR_HOST_MEMORY;
+ }
+ item->len = len;
+ PORT_Memcpy(item->data, attribute->attrib.pValue, len);
+ sftk_FreeAttribute(attribute);
+ return CKR_OK;
+}
+
+CK_RV
+sftk_GetULongAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ CK_ULONG *longData)
+{
+ SFTKAttribute *attribute;
+
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+
+ if (attribute->attrib.ulValueLen != sizeof(CK_ULONG)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ *longData = *(CK_ULONG *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+ return CKR_OK;
+}
+
+void
+sftk_DeleteAttributeType(SFTKObject *object, CK_ATTRIBUTE_TYPE type)
+{
+ SFTKAttribute *attribute;
+ attribute = sftk_FindAttribute(object, type);
+ if (attribute == NULL)
+ return;
+ sftk_DeleteAttribute(object, attribute);
+ sftk_FreeAttribute(attribute);
+}
+
+CK_RV
+sftk_AddAttributeType(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *valPtr, CK_ULONG length)
+{
+ SFTKAttribute *attribute;
+ attribute = sftk_NewAttribute(object, type, valPtr, length);
+ if (attribute == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ sftk_AddAttribute(object, attribute);
+ return CKR_OK;
+}
+
+/*
+ * ******************** Object Utilities *******************************
+ */
+
+/* must be called holding sftk_tokenKeyLock(slot) */
+static SECItem *
+sftk_lookupTokenKeyByHandle(SFTKSlot *slot, CK_OBJECT_HANDLE handle)
+{
+ return (SECItem *)PL_HashTableLookup(slot->tokObjHashTable, (void *)handle);
+}
+
+/*
+ * use the refLock. This operations should be very rare, so the added
+ * contention on the ref lock should be lower than the overhead of adding
+ * a new lock. We use separate functions for this just in case I'm wrong.
+ */
+static void
+sftk_tokenKeyLock(SFTKSlot *slot)
+{
+ SKIP_AFTER_FORK(PZ_Lock(slot->objectLock));
+}
+
+static void
+sftk_tokenKeyUnlock(SFTKSlot *slot)
+{
+ SKIP_AFTER_FORK(PZ_Unlock(slot->objectLock));
+}
+
+static PRIntn
+sftk_freeHashItem(PLHashEntry *entry, PRIntn index, void *arg)
+{
+ SECItem *item = (SECItem *)entry->value;
+
+ SECITEM_FreeItem(item, PR_TRUE);
+ return HT_ENUMERATE_NEXT;
+}
+
+CK_RV
+SFTK_ClearTokenKeyHashTable(SFTKSlot *slot)
+{
+ sftk_tokenKeyLock(slot);
+ PORT_Assert(!slot->present);
+ PL_HashTableEnumerateEntries(slot->tokObjHashTable, sftk_freeHashItem, NULL);
+ sftk_tokenKeyUnlock(slot);
+ return CKR_OK;
+}
+
+/* allocation hooks that allow us to recycle old object structures */
+static SFTKObjectFreeList sessionObjectList = { NULL, NULL, 0 };
+static SFTKObjectFreeList tokenObjectList = { NULL, NULL, 0 };
+
+SFTKObject *
+sftk_GetObjectFromList(PRBool *hasLocks, PRBool optimizeSpace,
+ SFTKObjectFreeList *list, unsigned int hashSize, PRBool isSessionObject)
+{
+ SFTKObject *object;
+ int size = 0;
+
+ if (!optimizeSpace) {
+ PZ_Lock(list->lock);
+ object = list->head;
+ if (object) {
+ list->head = object->next;
+ list->count--;
+ }
+ PZ_Unlock(list->lock);
+ if (object) {
+ object->next = object->prev = NULL;
+ *hasLocks = PR_TRUE;
+ return object;
+ }
+ }
+ size = isSessionObject ? sizeof(SFTKSessionObject) + hashSize * sizeof(SFTKAttribute *) : sizeof(SFTKTokenObject);
+
+ object = (SFTKObject *)PORT_ZAlloc(size);
+ if (isSessionObject && object) {
+ ((SFTKSessionObject *)object)->hashSize = hashSize;
+ }
+ *hasLocks = PR_FALSE;
+ return object;
+}
+
+static void
+sftk_PutObjectToList(SFTKObject *object, SFTKObjectFreeList *list,
+ PRBool isSessionObject)
+{
+
+ /* the code below is equivalent to :
+ * optimizeSpace = isSessionObject ? object->optimizeSpace : PR_FALSE;
+ * just faster.
+ */
+ PRBool optimizeSpace = isSessionObject &&
+ ((SFTKSessionObject *)object)->optimizeSpace;
+ if (object->refLock && !optimizeSpace && (list->count < MAX_OBJECT_LIST_SIZE)) {
+ PZ_Lock(list->lock);
+ object->next = list->head;
+ list->head = object;
+ list->count++;
+ PZ_Unlock(list->lock);
+ return;
+ }
+ if (isSessionObject) {
+ SFTKSessionObject *so = (SFTKSessionObject *)object;
+ PZ_DestroyLock(so->attributeLock);
+ so->attributeLock = NULL;
+ }
+ if (object->refLock) {
+ PZ_DestroyLock(object->refLock);
+ object->refLock = NULL;
+ }
+ PORT_Free(object);
+}
+
+static SFTKObject *
+sftk_freeObjectData(SFTKObject *object)
+{
+ SFTKObject *next = object->next;
+
+ PORT_Free(object);
+ return next;
+}
+
+static void
+sftk_InitFreeList(SFTKObjectFreeList *list)
+{
+ if (!list->lock) {
+ list->lock = PZ_NewLock(nssILockObject);
+ }
+}
+
+void
+sftk_InitFreeLists(void)
+{
+ sftk_InitFreeList(&sessionObjectList);
+ sftk_InitFreeList(&tokenObjectList);
+}
+
+static void
+sftk_CleanupFreeList(SFTKObjectFreeList *list, PRBool isSessionList)
+{
+ SFTKObject *object;
+
+ if (!list->lock) {
+ return;
+ }
+ SKIP_AFTER_FORK(PZ_Lock(list->lock));
+ for (object = list->head; object != NULL;
+ object = sftk_freeObjectData(object)) {
+ PZ_DestroyLock(object->refLock);
+ if (isSessionList) {
+ PZ_DestroyLock(((SFTKSessionObject *)object)->attributeLock);
+ }
+ }
+ list->count = 0;
+ list->head = NULL;
+ SKIP_AFTER_FORK(PZ_Unlock(list->lock));
+ SKIP_AFTER_FORK(PZ_DestroyLock(list->lock));
+ list->lock = NULL;
+}
+
+void
+sftk_CleanupFreeLists(void)
+{
+ sftk_CleanupFreeList(&sessionObjectList, PR_TRUE);
+ sftk_CleanupFreeList(&tokenObjectList, PR_FALSE);
+}
+
+/*
+ * Create a new object
+ */
+SFTKObject *
+sftk_NewObject(SFTKSlot *slot)
+{
+ SFTKObject *object;
+ SFTKSessionObject *sessObject;
+ PRBool hasLocks = PR_FALSE;
+ unsigned int i;
+ unsigned int hashSize = 0;
+
+ hashSize = (slot->optimizeSpace) ? SPACE_ATTRIBUTE_HASH_SIZE : TIME_ATTRIBUTE_HASH_SIZE;
+
+ object = sftk_GetObjectFromList(&hasLocks, slot->optimizeSpace,
+ &sessionObjectList, hashSize, PR_TRUE);
+ if (object == NULL) {
+ return NULL;
+ }
+ sessObject = (SFTKSessionObject *)object;
+ sessObject->nextAttr = 0;
+
+ for (i = 0; i < MAX_OBJS_ATTRS; i++) {
+ sessObject->attrList[i].attrib.pValue = NULL;
+ sessObject->attrList[i].freeData = PR_FALSE;
+ }
+ sessObject->optimizeSpace = slot->optimizeSpace;
+
+ object->handle = 0;
+ object->next = object->prev = NULL;
+ object->slot = slot;
+
+ object->refCount = 1;
+ sessObject->sessionList.next = NULL;
+ sessObject->sessionList.prev = NULL;
+ sessObject->sessionList.parent = object;
+ sessObject->session = NULL;
+ sessObject->wasDerived = PR_FALSE;
+ if (!hasLocks)
+ object->refLock = PZ_NewLock(nssILockRefLock);
+ if (object->refLock == NULL) {
+ PORT_Free(object);
+ return NULL;
+ }
+ if (!hasLocks)
+ sessObject->attributeLock = PZ_NewLock(nssILockAttribute);
+ if (sessObject->attributeLock == NULL) {
+ PZ_DestroyLock(object->refLock);
+ PORT_Free(object);
+ return NULL;
+ }
+ for (i = 0; i < sessObject->hashSize; i++) {
+ sessObject->head[i] = NULL;
+ }
+ object->objectInfo = NULL;
+ object->infoFree = NULL;
+ return object;
+}
+
+static CK_RV
+sftk_DestroySessionObjectData(SFTKSessionObject *so)
+{
+ int i;
+
+ for (i = 0; i < MAX_OBJS_ATTRS; i++) {
+ unsigned char *value = so->attrList[i].attrib.pValue;
+ if (value) {
+ PORT_Memset(value, 0, so->attrList[i].attrib.ulValueLen);
+ if (so->attrList[i].freeData) {
+ PORT_Free(value);
+ }
+ so->attrList[i].attrib.pValue = NULL;
+ so->attrList[i].freeData = PR_FALSE;
+ }
+ }
+ /* PZ_DestroyLock(so->attributeLock);*/
+ return CKR_OK;
+}
+
+/*
+ * free all the data associated with an object. Object reference count must
+ * be 'zero'.
+ */
+static CK_RV
+sftk_DestroyObject(SFTKObject *object)
+{
+ CK_RV crv = CKR_OK;
+ SFTKSessionObject *so = sftk_narrowToSessionObject(object);
+ SFTKTokenObject *to = sftk_narrowToTokenObject(object);
+
+ PORT_Assert(object->refCount == 0);
+
+ /* delete the database value */
+ if (to) {
+ if (to->dbKey.data) {
+ PORT_Free(to->dbKey.data);
+ to->dbKey.data = NULL;
+ }
+ }
+ if (so) {
+ sftk_DestroySessionObjectData(so);
+ }
+ if (object->objectInfo) {
+ (*object->infoFree)(object->objectInfo);
+ object->objectInfo = NULL;
+ object->infoFree = NULL;
+ }
+ if (so) {
+ sftk_PutObjectToList(object, &sessionObjectList, PR_TRUE);
+ } else {
+ sftk_PutObjectToList(object, &tokenObjectList, PR_FALSE);
+ }
+ return crv;
+}
+
+void
+sftk_ReferenceObject(SFTKObject *object)
+{
+ PZ_Lock(object->refLock);
+ object->refCount++;
+ PZ_Unlock(object->refLock);
+}
+
+static SFTKObject *
+sftk_ObjectFromHandleOnSlot(CK_OBJECT_HANDLE handle, SFTKSlot *slot)
+{
+ SFTKObject *object;
+ PRUint32 index = sftk_hash(handle, slot->sessObjHashSize);
+
+ if (sftk_isToken(handle)) {
+ return sftk_NewTokenObject(slot, NULL, handle);
+ }
+
+ PZ_Lock(slot->objectLock);
+ sftkqueue_find2(object, handle, index, slot->sessObjHashTable);
+ if (object) {
+ sftk_ReferenceObject(object);
+ }
+ PZ_Unlock(slot->objectLock);
+
+ return (object);
+}
+/*
+ * look up and object structure from a handle. OBJECT_Handles only make
+ * sense in terms of a given session. make a reference to that object
+ * structure returned.
+ */
+SFTKObject *
+sftk_ObjectFromHandle(CK_OBJECT_HANDLE handle, SFTKSession *session)
+{
+ SFTKSlot *slot = sftk_SlotFromSession(session);
+
+ return sftk_ObjectFromHandleOnSlot(handle, slot);
+}
+
+/*
+ * release a reference to an object handle
+ */
+SFTKFreeStatus
+sftk_FreeObject(SFTKObject *object)
+{
+ PRBool destroy = PR_FALSE;
+ CK_RV crv;
+
+ PZ_Lock(object->refLock);
+ if (object->refCount == 1)
+ destroy = PR_TRUE;
+ object->refCount--;
+ PZ_Unlock(object->refLock);
+
+ if (destroy) {
+ crv = sftk_DestroyObject(object);
+ if (crv != CKR_OK) {
+ return SFTK_DestroyFailure;
+ }
+ return SFTK_Destroyed;
+ }
+ return SFTK_Busy;
+}
+
+/*
+ * add an object to a slot and session queue. These two functions
+ * adopt the object.
+ */
+void
+sftk_AddSlotObject(SFTKSlot *slot, SFTKObject *object)
+{
+ PRUint32 index = sftk_hash(object->handle, slot->sessObjHashSize);
+ sftkqueue_init_element(object);
+ PZ_Lock(slot->objectLock);
+ sftkqueue_add2(object, object->handle, index, slot->sessObjHashTable);
+ PZ_Unlock(slot->objectLock);
+}
+
+void
+sftk_AddObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKSlot *slot = sftk_SlotFromSession(session);
+ SFTKSessionObject *so = sftk_narrowToSessionObject(object);
+
+ if (so) {
+ PZ_Lock(session->objectLock);
+ sftkqueue_add(&so->sessionList, 0, session->objects, 0);
+ so->session = session;
+ PZ_Unlock(session->objectLock);
+ }
+ sftk_AddSlotObject(slot, object);
+ sftk_ReferenceObject(object);
+}
+
+/*
+ * delete an object from a slot and session queue
+ */
+CK_RV
+sftk_DeleteObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKSlot *slot = sftk_SlotFromSession(session);
+ SFTKSessionObject *so = sftk_narrowToSessionObject(object);
+ CK_RV crv = CKR_OK;
+ PRUint32 index = sftk_hash(object->handle, slot->sessObjHashSize);
+
+ /* Handle Token case */
+ if (so && so->session) {
+ SFTKSession *session = so->session;
+ PZ_Lock(session->objectLock);
+ sftkqueue_delete(&so->sessionList, 0, session->objects, 0);
+ PZ_Unlock(session->objectLock);
+ PZ_Lock(slot->objectLock);
+ sftkqueue_delete2(object, object->handle, index, slot->sessObjHashTable);
+ PZ_Unlock(slot->objectLock);
+ sftkqueue_clear_deleted_element(object);
+ sftk_FreeObject(object); /* free the reference owned by the queue */
+ } else {
+ SFTKDBHandle *handle = sftk_getDBForTokenObject(slot, object->handle);
+#ifdef DEBUG
+ SFTKTokenObject *to = sftk_narrowToTokenObject(object);
+ PORT_Assert(to);
+#endif
+ crv = sftkdb_DestroyObject(handle, object->handle);
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+/*
+ * Token objects don't explicitly store their attributes, so we need to know
+ * what attributes make up a particular token object before we can copy it.
+ * below are the tables by object type.
+ */
+static const CK_ATTRIBUTE_TYPE commonAttrs[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_LABEL, CKA_MODIFIABLE
+};
+static const CK_ULONG commonAttrsCount =
+ sizeof(commonAttrs) / sizeof(commonAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE commonKeyAttrs[] = {
+ CKA_ID, CKA_START_DATE, CKA_END_DATE, CKA_DERIVE, CKA_LOCAL, CKA_KEY_TYPE
+};
+static const CK_ULONG commonKeyAttrsCount =
+ sizeof(commonKeyAttrs) / sizeof(commonKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE secretKeyAttrs[] = {
+ CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_ENCRYPT, CKA_DECRYPT, CKA_SIGN,
+ CKA_VERIFY, CKA_WRAP, CKA_UNWRAP, CKA_VALUE
+};
+static const CK_ULONG secretKeyAttrsCount =
+ sizeof(secretKeyAttrs) / sizeof(secretKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE commonPubKeyAttrs[] = {
+ CKA_ENCRYPT, CKA_VERIFY, CKA_VERIFY_RECOVER, CKA_WRAP, CKA_SUBJECT
+};
+static const CK_ULONG commonPubKeyAttrsCount =
+ sizeof(commonPubKeyAttrs) / sizeof(commonPubKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE rsaPubKeyAttrs[] = {
+ CKA_MODULUS, CKA_PUBLIC_EXPONENT
+};
+static const CK_ULONG rsaPubKeyAttrsCount =
+ sizeof(rsaPubKeyAttrs) / sizeof(rsaPubKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE dsaPubKeyAttrs[] = {
+ CKA_SUBPRIME, CKA_PRIME, CKA_BASE, CKA_VALUE
+};
+static const CK_ULONG dsaPubKeyAttrsCount =
+ sizeof(dsaPubKeyAttrs) / sizeof(dsaPubKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE dhPubKeyAttrs[] = {
+ CKA_PRIME, CKA_BASE, CKA_VALUE
+};
+static const CK_ULONG dhPubKeyAttrsCount =
+ sizeof(dhPubKeyAttrs) / sizeof(dhPubKeyAttrs[0]);
+#ifndef NSS_DISABLE_ECC
+static const CK_ATTRIBUTE_TYPE ecPubKeyAttrs[] = {
+ CKA_EC_PARAMS, CKA_EC_POINT
+};
+static const CK_ULONG ecPubKeyAttrsCount =
+ sizeof(ecPubKeyAttrs) / sizeof(ecPubKeyAttrs[0]);
+#endif
+
+static const CK_ATTRIBUTE_TYPE commonPrivKeyAttrs[] = {
+ CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER, CKA_UNWRAP, CKA_SUBJECT,
+ CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB
+};
+static const CK_ULONG commonPrivKeyAttrsCount =
+ sizeof(commonPrivKeyAttrs) / sizeof(commonPrivKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE rsaPrivKeyAttrs[] = {
+ CKA_MODULUS, CKA_PUBLIC_EXPONENT, CKA_PRIVATE_EXPONENT,
+ CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2, CKA_COEFFICIENT
+};
+static const CK_ULONG rsaPrivKeyAttrsCount =
+ sizeof(rsaPrivKeyAttrs) / sizeof(rsaPrivKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE dsaPrivKeyAttrs[] = {
+ CKA_SUBPRIME, CKA_PRIME, CKA_BASE, CKA_VALUE
+};
+static const CK_ULONG dsaPrivKeyAttrsCount =
+ sizeof(dsaPrivKeyAttrs) / sizeof(dsaPrivKeyAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE dhPrivKeyAttrs[] = {
+ CKA_PRIME, CKA_BASE, CKA_VALUE
+};
+static const CK_ULONG dhPrivKeyAttrsCount =
+ sizeof(dhPrivKeyAttrs) / sizeof(dhPrivKeyAttrs[0]);
+#ifndef NSS_DISABLE_ECC
+static const CK_ATTRIBUTE_TYPE ecPrivKeyAttrs[] = {
+ CKA_EC_PARAMS, CKA_VALUE
+};
+static const CK_ULONG ecPrivKeyAttrsCount =
+ sizeof(ecPrivKeyAttrs) / sizeof(ecPrivKeyAttrs[0]);
+#endif
+
+static const CK_ATTRIBUTE_TYPE certAttrs[] = {
+ CKA_CERTIFICATE_TYPE, CKA_VALUE, CKA_SUBJECT, CKA_ISSUER, CKA_SERIAL_NUMBER
+};
+static const CK_ULONG certAttrsCount =
+ sizeof(certAttrs) / sizeof(certAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE trustAttrs[] = {
+ CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH,
+ CKA_TRUST_SERVER_AUTH, CKA_TRUST_CLIENT_AUTH, CKA_TRUST_EMAIL_PROTECTION,
+ CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
+};
+static const CK_ULONG trustAttrsCount =
+ sizeof(trustAttrs) / sizeof(trustAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE smimeAttrs[] = {
+ CKA_SUBJECT, CKA_NETSCAPE_EMAIL, CKA_NETSCAPE_SMIME_TIMESTAMP, CKA_VALUE
+};
+static const CK_ULONG smimeAttrsCount =
+ sizeof(smimeAttrs) / sizeof(smimeAttrs[0]);
+
+static const CK_ATTRIBUTE_TYPE crlAttrs[] = {
+ CKA_SUBJECT, CKA_VALUE, CKA_NETSCAPE_URL, CKA_NETSCAPE_KRL
+};
+static const CK_ULONG crlAttrsCount =
+ sizeof(crlAttrs) / sizeof(crlAttrs[0]);
+
+/* copy an object based on it's table */
+CK_RV
+stfk_CopyTokenAttributes(SFTKObject *destObject, SFTKTokenObject *src_to,
+ const CK_ATTRIBUTE_TYPE *attrArray, CK_ULONG attrCount)
+{
+ SFTKAttribute *attribute;
+ SFTKAttribute *newAttribute;
+ CK_RV crv = CKR_OK;
+ unsigned int i;
+
+ for (i = 0; i < attrCount; i++) {
+ if (!sftk_hasAttribute(destObject, attrArray[i])) {
+ attribute = sftk_FindAttribute(&src_to->obj, attrArray[i]);
+ if (!attribute) {
+ continue; /* return CKR_ATTRIBUTE_VALUE_INVALID; */
+ }
+ /* we need to copy the attribute since each attribute
+ * only has one set of link list pointers */
+ newAttribute = sftk_NewAttribute(destObject,
+ sftk_attr_expand(&attribute->attrib));
+ sftk_FreeAttribute(attribute); /* free the old attribute */
+ if (!newAttribute) {
+ return CKR_HOST_MEMORY;
+ }
+ sftk_AddAttribute(destObject, newAttribute);
+ }
+ }
+ return crv;
+}
+
+CK_RV
+stfk_CopyTokenPrivateKey(SFTKObject *destObject, SFTKTokenObject *src_to)
+{
+ CK_RV crv;
+ CK_KEY_TYPE key_type;
+ SFTKAttribute *attribute;
+
+ /* copy the common attributes for all keys first */
+ crv = stfk_CopyTokenAttributes(destObject, src_to, commonKeyAttrs,
+ commonKeyAttrsCount);
+ if (crv != CKR_OK) {
+ goto fail;
+ }
+ /* copy the common attributes for all private keys next */
+ crv = stfk_CopyTokenAttributes(destObject, src_to, commonPrivKeyAttrs,
+ commonPrivKeyAttrsCount);
+ if (crv != CKR_OK) {
+ goto fail;
+ }
+ attribute = sftk_FindAttribute(&src_to->obj, CKA_KEY_TYPE);
+ PORT_Assert(attribute); /* if it wasn't here, ww should have failed
+ * copying the common attributes */
+ if (!attribute) {
+ /* OK, so CKR_ATTRIBUTE_VALUE_INVALID is the immediate error, but
+ * the fact is, the only reason we couldn't get the attribute would
+ * be a memory error or database error (an error in the 'device').
+ * if we have a database error code, we could return it here */
+ crv = CKR_DEVICE_ERROR;
+ goto fail;
+ }
+ key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ /* finally copy the attributes for various private key types */
+ switch (key_type) {
+ case CKK_RSA:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, rsaPrivKeyAttrs,
+ rsaPrivKeyAttrsCount);
+ break;
+ case CKK_DSA:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, dsaPrivKeyAttrs,
+ dsaPrivKeyAttrsCount);
+ break;
+ case CKK_DH:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, dhPrivKeyAttrs,
+ dhPrivKeyAttrsCount);
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, ecPrivKeyAttrs,
+ ecPrivKeyAttrsCount);
+ break;
+#endif
+ default:
+ crv = CKR_DEVICE_ERROR; /* shouldn't happen unless we store more types
+ * of token keys into our database. */
+ }
+fail:
+ return crv;
+}
+
+CK_RV
+stfk_CopyTokenPublicKey(SFTKObject *destObject, SFTKTokenObject *src_to)
+{
+ CK_RV crv;
+ CK_KEY_TYPE key_type;
+ SFTKAttribute *attribute;
+
+ /* copy the common attributes for all keys first */
+ crv = stfk_CopyTokenAttributes(destObject, src_to, commonKeyAttrs,
+ commonKeyAttrsCount);
+ if (crv != CKR_OK) {
+ goto fail;
+ }
+
+ /* copy the common attributes for all public keys next */
+ crv = stfk_CopyTokenAttributes(destObject, src_to, commonPubKeyAttrs,
+ commonPubKeyAttrsCount);
+ if (crv != CKR_OK) {
+ goto fail;
+ }
+ attribute = sftk_FindAttribute(&src_to->obj, CKA_KEY_TYPE);
+ PORT_Assert(attribute); /* if it wasn't here, ww should have failed
+ * copying the common attributes */
+ if (!attribute) {
+ /* OK, so CKR_ATTRIBUTE_VALUE_INVALID is the immediate error, but
+ * the fact is, the only reason we couldn't get the attribute would
+ * be a memory error or database error (an error in the 'device').
+ * if we have a database error code, we could return it here */
+ crv = CKR_DEVICE_ERROR;
+ goto fail;
+ }
+ key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ /* finally copy the attributes for various public key types */
+ switch (key_type) {
+ case CKK_RSA:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, rsaPubKeyAttrs,
+ rsaPubKeyAttrsCount);
+ break;
+ case CKK_DSA:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, dsaPubKeyAttrs,
+ dsaPubKeyAttrsCount);
+ break;
+ case CKK_DH:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, dhPubKeyAttrs,
+ dhPubKeyAttrsCount);
+ break;
+#ifndef NSS_DISABLE_ECC
+ case CKK_EC:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, ecPubKeyAttrs,
+ ecPubKeyAttrsCount);
+ break;
+#endif
+ default:
+ crv = CKR_DEVICE_ERROR; /* shouldn't happen unless we store more types
+ * of token keys into our database. */
+ }
+fail:
+ return crv;
+}
+CK_RV
+stfk_CopyTokenSecretKey(SFTKObject *destObject, SFTKTokenObject *src_to)
+{
+ CK_RV crv;
+ crv = stfk_CopyTokenAttributes(destObject, src_to, commonKeyAttrs,
+ commonKeyAttrsCount);
+ if (crv != CKR_OK) {
+ goto fail;
+ }
+ crv = stfk_CopyTokenAttributes(destObject, src_to, secretKeyAttrs,
+ secretKeyAttrsCount);
+fail:
+ return crv;
+}
+
+/*
+ * Copy a token object. We need to explicitly copy the relevant
+ * attributes since token objects don't store those attributes in
+ * the token itself.
+ */
+CK_RV
+sftk_CopyTokenObject(SFTKObject *destObject, SFTKObject *srcObject)
+{
+ SFTKTokenObject *src_to = sftk_narrowToTokenObject(srcObject);
+ CK_RV crv;
+
+ PORT_Assert(src_to);
+ if (src_to == NULL) {
+ return CKR_DEVICE_ERROR; /* internal state inconsistant */
+ }
+
+ crv = stfk_CopyTokenAttributes(destObject, src_to, commonAttrs,
+ commonAttrsCount);
+ if (crv != CKR_OK) {
+ goto fail;
+ }
+ switch (src_to->obj.objclass) {
+ case CKO_CERTIFICATE:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, certAttrs,
+ certAttrsCount);
+ break;
+ case CKO_NETSCAPE_TRUST:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, trustAttrs,
+ trustAttrsCount);
+ break;
+ case CKO_NETSCAPE_SMIME:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, smimeAttrs,
+ smimeAttrsCount);
+ break;
+ case CKO_NETSCAPE_CRL:
+ crv = stfk_CopyTokenAttributes(destObject, src_to, crlAttrs,
+ crlAttrsCount);
+ break;
+ case CKO_PRIVATE_KEY:
+ crv = stfk_CopyTokenPrivateKey(destObject, src_to);
+ break;
+ case CKO_PUBLIC_KEY:
+ crv = stfk_CopyTokenPublicKey(destObject, src_to);
+ break;
+ case CKO_SECRET_KEY:
+ crv = stfk_CopyTokenSecretKey(destObject, src_to);
+ break;
+ default:
+ crv = CKR_DEVICE_ERROR; /* shouldn't happen unless we store more types
+ * of token keys into our database. */
+ }
+fail:
+ return crv;
+}
+
+/*
+ * copy the attributes from one object to another. Don't overwrite existing
+ * attributes. NOTE: This is a pretty expensive operation since it
+ * grabs the attribute locks for the src object for a *long* time.
+ */
+CK_RV
+sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject)
+{
+ SFTKAttribute *attribute;
+ SFTKSessionObject *src_so = sftk_narrowToSessionObject(srcObject);
+ unsigned int i;
+
+ if (src_so == NULL) {
+ return sftk_CopyTokenObject(destObject, srcObject);
+ }
+
+ PZ_Lock(src_so->attributeLock);
+ for (i = 0; i < src_so->hashSize; i++) {
+ attribute = src_so->head[i];
+ do {
+ if (attribute) {
+ if (!sftk_hasAttribute(destObject, attribute->handle)) {
+ /* we need to copy the attribute since each attribute
+ * only has one set of link list pointers */
+ SFTKAttribute *newAttribute = sftk_NewAttribute(
+ destObject, sftk_attr_expand(&attribute->attrib));
+ if (newAttribute == NULL) {
+ PZ_Unlock(src_so->attributeLock);
+ return CKR_HOST_MEMORY;
+ }
+ sftk_AddAttribute(destObject, newAttribute);
+ }
+ attribute = attribute->next;
+ }
+ } while (attribute != NULL);
+ }
+ PZ_Unlock(src_so->attributeLock);
+
+ return CKR_OK;
+}
+
+/*
+ * ******************** Search Utilities *******************************
+ */
+
+/* add an object to a search list */
+CK_RV
+AddToList(SFTKObjectListElement **list, SFTKObject *object)
+{
+ SFTKObjectListElement *newElem =
+ (SFTKObjectListElement *)PORT_Alloc(sizeof(SFTKObjectListElement));
+
+ if (newElem == NULL)
+ return CKR_HOST_MEMORY;
+
+ newElem->next = *list;
+ newElem->object = object;
+ sftk_ReferenceObject(object);
+
+ *list = newElem;
+ return CKR_OK;
+}
+
+/* return true if the object matches the template */
+PRBool
+sftk_objectMatch(SFTKObject *object, CK_ATTRIBUTE_PTR theTemplate, int count)
+{
+ int i;
+
+ for (i = 0; i < count; i++) {
+ SFTKAttribute *attribute = sftk_FindAttribute(object, theTemplate[i].type);
+ if (attribute == NULL) {
+ return PR_FALSE;
+ }
+ if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
+ if (PORT_Memcmp(attribute->attrib.pValue, theTemplate[i].pValue,
+ theTemplate[i].ulValueLen) == 0) {
+ sftk_FreeAttribute(attribute);
+ continue;
+ }
+ }
+ sftk_FreeAttribute(attribute);
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/* search through all the objects in the queue and return the template matches
+ * in the object list.
+ */
+CK_RV
+sftk_searchObjectList(SFTKSearchResults *search, SFTKObject **head,
+ unsigned int size, PZLock *lock, CK_ATTRIBUTE_PTR theTemplate,
+ int count, PRBool isLoggedIn)
+{
+ unsigned int i;
+ SFTKObject *object;
+ CK_RV crv = CKR_OK;
+
+ for (i = 0; i < size; i++) {
+ /* We need to hold the lock to copy a consistant version of
+ * the linked list. */
+ PZ_Lock(lock);
+ for (object = head[i]; object != NULL; object = object->next) {
+ if (sftk_objectMatch(object, theTemplate, count)) {
+ /* don't return objects that aren't yet visible */
+ if ((!isLoggedIn) && sftk_isTrue(object, CKA_PRIVATE))
+ continue;
+ sftk_addHandle(search, object->handle);
+ }
+ }
+ PZ_Unlock(lock);
+ }
+ return crv;
+}
+
+/*
+ * free a single list element. Return the Next object in the list.
+ */
+SFTKObjectListElement *
+sftk_FreeObjectListElement(SFTKObjectListElement *objectList)
+{
+ SFTKObjectListElement *ol = objectList->next;
+
+ sftk_FreeObject(objectList->object);
+ PORT_Free(objectList);
+ return ol;
+}
+
+/* free an entire object list */
+void
+sftk_FreeObjectList(SFTKObjectListElement *objectList)
+{
+ SFTKObjectListElement *ol;
+
+ for (ol = objectList; ol != NULL; ol = sftk_FreeObjectListElement(ol)) {
+ }
+}
+
+/*
+ * free a search structure
+ */
+void
+sftk_FreeSearch(SFTKSearchResults *search)
+{
+ if (search->handles) {
+ PORT_Free(search->handles);
+ }
+ PORT_Free(search);
+}
+
+/*
+ * ******************** Session Utilities *******************************
+ */
+
+/* update the sessions state based in it's flags and wether or not it's
+ * logged in */
+void
+sftk_update_state(SFTKSlot *slot, SFTKSession *session)
+{
+ if (slot->isLoggedIn) {
+ if (slot->ssoLoggedIn) {
+ session->info.state = CKS_RW_SO_FUNCTIONS;
+ } else if (session->info.flags & CKF_RW_SESSION) {
+ session->info.state = CKS_RW_USER_FUNCTIONS;
+ } else {
+ session->info.state = CKS_RO_USER_FUNCTIONS;
+ }
+ } else {
+ if (session->info.flags & CKF_RW_SESSION) {
+ session->info.state = CKS_RW_PUBLIC_SESSION;
+ } else {
+ session->info.state = CKS_RO_PUBLIC_SESSION;
+ }
+ }
+}
+
+/* update the state of all the sessions on a slot */
+void
+sftk_update_all_states(SFTKSlot *slot)
+{
+ unsigned int i;
+ SFTKSession *session;
+
+ for (i = 0; i < slot->sessHashSize; i++) {
+ PZLock *lock = SFTK_SESSION_LOCK(slot, i);
+ PZ_Lock(lock);
+ for (session = slot->head[i]; session; session = session->next) {
+ sftk_update_state(slot, session);
+ }
+ PZ_Unlock(lock);
+ }
+}
+
+/*
+ * context are cipher and digest contexts that are associated with a session
+ */
+void
+sftk_FreeContext(SFTKSessionContext *context)
+{
+ if (context->cipherInfo) {
+ (*context->destroy)(context->cipherInfo, PR_TRUE);
+ }
+ if (context->hashInfo) {
+ (*context->hashdestroy)(context->hashInfo, PR_TRUE);
+ }
+ if (context->key) {
+ sftk_FreeObject(context->key);
+ context->key = NULL;
+ }
+ PORT_Free(context);
+}
+
+/*
+ * create a new nession. NOTE: The session handle is not set, and the
+ * session is not added to the slot's session queue.
+ */
+SFTKSession *
+sftk_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify, CK_VOID_PTR pApplication,
+ CK_FLAGS flags)
+{
+ SFTKSession *session;
+ SFTKSlot *slot = sftk_SlotFromID(slotID, PR_FALSE);
+
+ if (slot == NULL)
+ return NULL;
+
+ session = (SFTKSession *)PORT_Alloc(sizeof(SFTKSession));
+ if (session == NULL)
+ return NULL;
+
+ session->next = session->prev = NULL;
+ session->refCount = 1;
+ session->enc_context = NULL;
+ session->hash_context = NULL;
+ session->sign_context = NULL;
+ session->search = NULL;
+ session->objectIDCount = 1;
+ session->objectLock = PZ_NewLock(nssILockObject);
+ if (session->objectLock == NULL) {
+ PORT_Free(session);
+ return NULL;
+ }
+ session->objects[0] = NULL;
+
+ session->slot = slot;
+ session->notify = notify;
+ session->appData = pApplication;
+ session->info.flags = flags;
+ session->info.slotID = slotID;
+ session->info.ulDeviceError = 0;
+ sftk_update_state(slot, session);
+ return session;
+}
+
+/* free all the data associated with a session. */
+static void
+sftk_DestroySession(SFTKSession *session)
+{
+ SFTKObjectList *op, *next;
+ PORT_Assert(session->refCount == 0);
+
+ /* clean out the attributes */
+ /* since no one is referencing us, it's safe to walk the chain
+ * without a lock */
+ for (op = session->objects[0]; op != NULL; op = next) {
+ next = op->next;
+ /* paranoia */
+ op->next = op->prev = NULL;
+ sftk_DeleteObject(session, op->parent);
+ }
+ PZ_DestroyLock(session->objectLock);
+ if (session->enc_context) {
+ sftk_FreeContext(session->enc_context);
+ }
+ if (session->hash_context) {
+ sftk_FreeContext(session->hash_context);
+ }
+ if (session->sign_context) {
+ sftk_FreeContext(session->sign_context);
+ }
+ if (session->search) {
+ sftk_FreeSearch(session->search);
+ }
+ PORT_Free(session);
+}
+
+/*
+ * look up a session structure from a session handle
+ * generate a reference to it.
+ */
+SFTKSession *
+sftk_SessionFromHandle(CK_SESSION_HANDLE handle)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(handle);
+ SFTKSession *session;
+ PZLock *lock;
+
+ if (!slot)
+ return NULL;
+ lock = SFTK_SESSION_LOCK(slot, handle);
+
+ PZ_Lock(lock);
+ sftkqueue_find(session, handle, slot->head, slot->sessHashSize);
+ if (session)
+ session->refCount++;
+ PZ_Unlock(lock);
+
+ return (session);
+}
+
+/*
+ * release a reference to a session handle
+ */
+void
+sftk_FreeSession(SFTKSession *session)
+{
+ PRBool destroy = PR_FALSE;
+ SFTKSlot *slot = sftk_SlotFromSession(session);
+ PZLock *lock = SFTK_SESSION_LOCK(slot, session->handle);
+
+ PZ_Lock(lock);
+ if (session->refCount == 1)
+ destroy = PR_TRUE;
+ session->refCount--;
+ PZ_Unlock(lock);
+
+ if (destroy)
+ sftk_DestroySession(session);
+}
+
+void
+sftk_addHandle(SFTKSearchResults *search, CK_OBJECT_HANDLE handle)
+{
+ if (search->handles == NULL) {
+ return;
+ }
+ if (search->size >= search->array_size) {
+ search->array_size += NSC_SEARCH_BLOCK_SIZE;
+ search->handles = (CK_OBJECT_HANDLE *)PORT_Realloc(search->handles,
+ sizeof(CK_OBJECT_HANDLE) * search->array_size);
+ if (search->handles == NULL) {
+ return;
+ }
+ }
+ search->handles[search->size] = handle;
+ search->size++;
+}
+
+static CK_RV
+handleToClass(SFTKSlot *slot, CK_OBJECT_HANDLE handle,
+ CK_OBJECT_CLASS *objClass)
+{
+ SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, handle);
+ CK_ATTRIBUTE objClassTemplate;
+ CK_RV crv;
+
+ *objClass = CKO_DATA;
+ objClassTemplate.type = CKA_CLASS;
+ objClassTemplate.pValue = objClass;
+ objClassTemplate.ulValueLen = sizeof(*objClass);
+ crv = sftkdb_GetAttributeValue(dbHandle, handle, &objClassTemplate, 1);
+ sftk_freeDB(dbHandle);
+ return crv;
+}
+
+SFTKObject *
+sftk_NewTokenObject(SFTKSlot *slot, SECItem *dbKey, CK_OBJECT_HANDLE handle)
+{
+ SFTKObject *object = NULL;
+ PRBool hasLocks = PR_FALSE;
+ CK_RV crv;
+
+ object = sftk_GetObjectFromList(&hasLocks, PR_FALSE, &tokenObjectList, 0,
+ PR_FALSE);
+ if (object == NULL) {
+ return NULL;
+ }
+
+ object->handle = handle;
+ /* every object must have a class, if we can't get it, the object
+ * doesn't exist */
+ crv = handleToClass(slot, handle, &object->objclass);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ object->slot = slot;
+ object->objectInfo = NULL;
+ object->infoFree = NULL;
+ if (!hasLocks) {
+ object->refLock = PZ_NewLock(nssILockRefLock);
+ }
+ if (object->refLock == NULL) {
+ goto loser;
+ }
+ object->refCount = 1;
+
+ return object;
+loser:
+ (void)sftk_DestroyObject(object);
+ return NULL;
+}
+
+SFTKTokenObject *
+sftk_convertSessionToToken(SFTKObject *obj)
+{
+ SECItem *key;
+ SFTKSessionObject *so = (SFTKSessionObject *)obj;
+ SFTKTokenObject *to = sftk_narrowToTokenObject(obj);
+ SECStatus rv;
+
+ sftk_DestroySessionObjectData(so);
+ PZ_DestroyLock(so->attributeLock);
+ if (to == NULL) {
+ return NULL;
+ }
+ sftk_tokenKeyLock(so->obj.slot);
+ key = sftk_lookupTokenKeyByHandle(so->obj.slot, so->obj.handle);
+ if (key == NULL) {
+ sftk_tokenKeyUnlock(so->obj.slot);
+ return NULL;
+ }
+ rv = SECITEM_CopyItem(NULL, &to->dbKey, key);
+ sftk_tokenKeyUnlock(so->obj.slot);
+ if (rv == SECFailure) {
+ return NULL;
+ }
+
+ return to;
+}
+
+SFTKSessionObject *
+sftk_narrowToSessionObject(SFTKObject *obj)
+{
+ return !sftk_isToken(obj->handle) ? (SFTKSessionObject *)obj : NULL;
+}
+
+SFTKTokenObject *
+sftk_narrowToTokenObject(SFTKObject *obj)
+{
+ return sftk_isToken(obj->handle) ? (SFTKTokenObject *)obj : NULL;
+}
diff --git a/security/nss/lib/softoken/sdb.c b/security/nss/lib/softoken/sdb.c
new file mode 100644
index 000000000..0e321dd52
--- /dev/null
+++ b/security/nss/lib/softoken/sdb.c
@@ -0,0 +1,2107 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements PKCS 11 on top of our existing security modules
+ *
+ * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
+ * This implementation has two slots:
+ * slot 1 is our generic crypto support. It does not require login.
+ * It supports Public Key ops, and all they bulk ciphers and hashes.
+ * It can also support Private Key ops for imported Private keys. It does
+ * not have any token storage.
+ * slot 2 is our private key support. It requires a login before use. It
+ * can store Private Keys and Certs as token objects. Currently only private
+ * keys and their associated Certificates are saved on the token.
+ *
+ * In this implementation, session objects are only visible to the session
+ * that created or generated them.
+ */
+
+#include "sdb.h"
+#include "pkcs11t.h"
+#include "seccomon.h"
+#include <sqlite3.h>
+#include "prthread.h"
+#include "prio.h"
+#include <stdio.h>
+#include "secport.h"
+#include "prmon.h"
+#include "prenv.h"
+#include "prprf.h"
+#include "prsystem.h" /* for PR_GetDirectorySeparator() */
+#include <sys/stat.h>
+#if defined(_WIN32)
+#include <io.h>
+#include <windows.h>
+#elif defined(XP_UNIX)
+#include <unistd.h>
+#endif
+
+#ifdef SQLITE_UNSAFE_THREADS
+#include "prlock.h"
+/*
+ * SQLite can be compiled to be thread safe or not.
+ * turn on SQLITE_UNSAFE_THREADS if the OS does not support
+ * a thread safe version of sqlite.
+ */
+static PRLock *sqlite_lock = NULL;
+
+#define LOCK_SQLITE() PR_Lock(sqlite_lock);
+#define UNLOCK_SQLITE() PR_Unlock(sqlite_lock);
+#else
+#define LOCK_SQLITE()
+#define UNLOCK_SQLITE()
+#endif
+
+typedef enum {
+ SDB_CERT = 1,
+ SDB_KEY = 2
+} sdbDataType;
+
+/*
+ * defines controlling how long we wait to acquire locks.
+ *
+ * SDB_SQLITE_BUSY_TIMEOUT specifies how long (in milliseconds)
+ * sqlite will wait on lock. If that timeout expires, sqlite will
+ * return SQLITE_BUSY.
+ * SDB_BUSY_RETRY_TIME specifies how many seconds the sdb_ code waits
+ * after receiving a busy before retrying.
+ * SDB_MAX_BUSY_RETRIES specifies how many times the sdb_ will retry on
+ * a busy condition.
+ *
+ * SDB_SQLITE_BUSY_TIMEOUT affects all opertions, both manual
+ * (prepare/step/reset/finalize) and automatic (sqlite3_exec()).
+ * SDB_BUSY_RETRY_TIME and SDB_MAX_BUSY_RETRIES only affect manual operations
+ *
+ * total wait time for automatic operations:
+ * 1 second (SDB_SQLITE_BUSY_TIMEOUT/1000).
+ * total wait time for manual operations:
+ * (1 second + 5 seconds) * 10 = 60 seconds.
+ * (SDB_SQLITE_BUSY_TIMEOUT/1000 + SDB_BUSY_RETRY_TIME)*SDB_MAX_BUSY_RETRIES
+ */
+#define SDB_SQLITE_BUSY_TIMEOUT 1000 /* milliseconds */
+#define SDB_BUSY_RETRY_TIME 5 /* seconds */
+#define SDB_MAX_BUSY_RETRIES 10
+
+/*
+ * Note on use of sqlReadDB: Only one thread at a time may have an actual
+ * operation going on given sqlite3 * database. An operation is defined as
+ * the time from a sqlite3_prepare() until the sqlite3_finalize().
+ * Multiple sqlite3 * databases can be open and have simultaneous operations
+ * going. We use the sqlXactDB for all write operations. This database
+ * is only opened when we first create a transaction and closed when the
+ * transaction is complete. sqlReadDB is open when we first opened the database
+ * and is used for all read operation. It's use is protected by a monitor. This
+ * is because an operation can span the use of FindObjectsInit() through the
+ * call to FindObjectsFinal(). In the intermediate time it is possible to call
+ * other operations like NSC_GetAttributeValue */
+
+struct SDBPrivateStr {
+ char *sqlDBName; /* invariant, path to this database */
+ sqlite3 *sqlXactDB; /* access protected by dbMon, use protected
+ * by the transaction. Current transaction db*/
+ PRThread *sqlXactThread; /* protected by dbMon,
+ * current transaction thread */
+ sqlite3 *sqlReadDB; /* use protected by dbMon, value invariant */
+ PRIntervalTime lastUpdateTime; /* last time the cache was updated */
+ PRIntervalTime updateInterval; /* how long the cache can go before it
+ * must be updated again */
+ sdbDataType type; /* invariant, database type */
+ char *table; /* invariant, SQL table which contains the db */
+ char *cacheTable; /* invariant, SQL table cache of db */
+ PRMonitor *dbMon; /* invariant, monitor to protect
+ * sqlXact* fields, and use of the sqlReadDB */
+};
+
+typedef struct SDBPrivateStr SDBPrivate;
+
+/*
+ * known attributes
+ */
+static const CK_ATTRIBUTE_TYPE known_attributes[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_LABEL, CKA_APPLICATION,
+ CKA_VALUE, CKA_OBJECT_ID, CKA_CERTIFICATE_TYPE, CKA_ISSUER,
+ CKA_SERIAL_NUMBER, CKA_AC_ISSUER, CKA_OWNER, CKA_ATTR_TYPES, CKA_TRUSTED,
+ CKA_CERTIFICATE_CATEGORY, CKA_JAVA_MIDP_SECURITY_DOMAIN, CKA_URL,
+ CKA_HASH_OF_SUBJECT_PUBLIC_KEY, CKA_HASH_OF_ISSUER_PUBLIC_KEY,
+ CKA_CHECK_VALUE, CKA_KEY_TYPE, CKA_SUBJECT, CKA_ID, CKA_SENSITIVE,
+ CKA_ENCRYPT, CKA_DECRYPT, CKA_WRAP, CKA_UNWRAP, CKA_SIGN, CKA_SIGN_RECOVER,
+ CKA_VERIFY, CKA_VERIFY_RECOVER, CKA_DERIVE, CKA_START_DATE, CKA_END_DATE,
+ CKA_MODULUS, CKA_MODULUS_BITS, CKA_PUBLIC_EXPONENT, CKA_PRIVATE_EXPONENT,
+ CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2, CKA_COEFFICIENT,
+ CKA_PRIME, CKA_SUBPRIME, CKA_BASE, CKA_PRIME_BITS,
+ CKA_SUB_PRIME_BITS, CKA_VALUE_BITS, CKA_VALUE_LEN, CKA_EXTRACTABLE,
+ CKA_LOCAL, CKA_NEVER_EXTRACTABLE, CKA_ALWAYS_SENSITIVE,
+ CKA_KEY_GEN_MECHANISM, CKA_MODIFIABLE, CKA_EC_PARAMS,
+ CKA_EC_POINT, CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
+ CKA_ALWAYS_AUTHENTICATE, CKA_WRAP_WITH_TRUSTED, CKA_WRAP_TEMPLATE,
+ CKA_UNWRAP_TEMPLATE, CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT,
+ CKA_HAS_RESET, CKA_PIXEL_X, CKA_PIXEL_Y, CKA_RESOLUTION, CKA_CHAR_ROWS,
+ CKA_CHAR_COLUMNS, CKA_COLOR, CKA_BITS_PER_PIXEL, CKA_CHAR_SETS,
+ CKA_ENCODING_METHODS, CKA_MIME_TYPES, CKA_MECHANISM_TYPE,
+ CKA_REQUIRED_CMS_ATTRIBUTES, CKA_DEFAULT_CMS_ATTRIBUTES,
+ CKA_SUPPORTED_CMS_ATTRIBUTES, CKA_NETSCAPE_URL, CKA_NETSCAPE_EMAIL,
+ CKA_NETSCAPE_SMIME_INFO, CKA_NETSCAPE_SMIME_TIMESTAMP,
+ CKA_NETSCAPE_PKCS8_SALT, CKA_NETSCAPE_PASSWORD_CHECK, CKA_NETSCAPE_EXPIRES,
+ CKA_NETSCAPE_KRL, CKA_NETSCAPE_PQG_COUNTER, CKA_NETSCAPE_PQG_SEED,
+ CKA_NETSCAPE_PQG_H, CKA_NETSCAPE_PQG_SEED_BITS, CKA_NETSCAPE_MODULE_SPEC,
+ CKA_TRUST_DIGITAL_SIGNATURE, CKA_TRUST_NON_REPUDIATION,
+ CKA_TRUST_KEY_ENCIPHERMENT, CKA_TRUST_DATA_ENCIPHERMENT,
+ CKA_TRUST_KEY_AGREEMENT, CKA_TRUST_KEY_CERT_SIGN, CKA_TRUST_CRL_SIGN,
+ CKA_TRUST_SERVER_AUTH, CKA_TRUST_CLIENT_AUTH, CKA_TRUST_CODE_SIGNING,
+ CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM,
+ CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING,
+ CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH,
+ CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS
+};
+
+static int known_attributes_size = sizeof(known_attributes) /
+ sizeof(known_attributes[0]);
+
+/* Magic for an explicit NULL. NOTE: ideally this should be
+ * out of band data. Since it's not completely out of band, pick
+ * a value that has no meaning to any existing PKCS #11 attributes.
+ * This value is 1) not a valid string (imbedded '\0'). 2) not a U_LONG
+ * or a normal key (too short). 3) not a bool (too long). 4) not an RSA
+ * public exponent (too many bits).
+ */
+const unsigned char SQLITE_EXPLICIT_NULL[] = { 0xa5, 0x0, 0x5a };
+#define SQLITE_EXPLICIT_NULL_LEN 3
+
+/*
+ * determine when we've completed our tasks
+ */
+static int
+sdb_done(int err, int *count)
+{
+ /* allow as many rows as the database wants to give */
+ if (err == SQLITE_ROW) {
+ *count = 0;
+ return 0;
+ }
+ if (err != SQLITE_BUSY) {
+ return 1;
+ }
+ /* err == SQLITE_BUSY, Dont' retry forever in this case */
+ if (++(*count) >= SDB_MAX_BUSY_RETRIES) {
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * find out where sqlite stores the temp tables. We do this by replicating
+ * the logic from sqlite.
+ */
+#if defined(_WIN32)
+static char *
+sdb_getFallbackTempDir(void)
+{
+ /* sqlite uses sqlite3_temp_directory if it is not NULL. We don't have
+ * access to sqlite3_temp_directory because it is not exported from
+ * sqlite3.dll. Assume sqlite3_win32_set_directory isn't called and
+ * sqlite3_temp_directory is NULL.
+ */
+ char path[MAX_PATH];
+ DWORD rv;
+ size_t len;
+
+ rv = GetTempPathA(MAX_PATH, path);
+ if (rv > MAX_PATH || rv == 0)
+ return NULL;
+ len = strlen(path);
+ if (len == 0)
+ return NULL;
+ /* The returned string ends with a backslash, for example, "C:\TEMP\". */
+ if (path[len - 1] == '\\')
+ path[len - 1] = '\0';
+ return PORT_Strdup(path);
+}
+#elif defined(XP_UNIX)
+static char *
+sdb_getFallbackTempDir(void)
+{
+ const char *azDirs[] = {
+ NULL,
+ NULL,
+ "/var/tmp",
+ "/usr/tmp",
+ "/tmp",
+ NULL /* List terminator */
+ };
+ unsigned int i;
+ struct stat buf;
+ const char *zDir = NULL;
+
+ azDirs[0] = sqlite3_temp_directory;
+ azDirs[1] = PR_GetEnvSecure("TMPDIR");
+
+ for (i = 0; i < PR_ARRAY_SIZE(azDirs); i++) {
+ zDir = azDirs[i];
+ if (zDir == NULL)
+ continue;
+ if (stat(zDir, &buf))
+ continue;
+ if (!S_ISDIR(buf.st_mode))
+ continue;
+ if (access(zDir, 07))
+ continue;
+ break;
+ }
+
+ if (zDir == NULL)
+ return NULL;
+ return PORT_Strdup(zDir);
+}
+#else
+#error "sdb_getFallbackTempDir not implemented"
+#endif
+
+#ifndef SQLITE_FCNTL_TEMPFILENAME
+/* SQLITE_FCNTL_TEMPFILENAME was added in SQLite 3.7.15 */
+#define SQLITE_FCNTL_TEMPFILENAME 16
+#endif
+
+static char *
+sdb_getTempDir(sqlite3 *sqlDB)
+{
+ int sqlrv;
+ char *result = NULL;
+ char *tempName = NULL;
+ char *foundSeparator = NULL;
+
+ /* Obtain temporary filename in sqlite's directory for temporary tables */
+ sqlrv = sqlite3_file_control(sqlDB, 0, SQLITE_FCNTL_TEMPFILENAME,
+ (void *)&tempName);
+ if (sqlrv == SQLITE_NOTFOUND) {
+ /* SQLITE_FCNTL_TEMPFILENAME not implemented because we are using
+ * an older SQLite. */
+ return sdb_getFallbackTempDir();
+ }
+ if (sqlrv != SQLITE_OK) {
+ return NULL;
+ }
+
+ /* We'll extract the temporary directory from tempName */
+ foundSeparator = PORT_Strrchr(tempName, PR_GetDirectorySeparator());
+ if (foundSeparator) {
+ /* We shorten the temp filename string to contain only
+ * the directory name (including the trailing separator).
+ * We know the byte after the foundSeparator position is
+ * safe to use, in the shortest scenario it contains the
+ * end-of-string byte.
+ * By keeping the separator at the found position, it will
+ * even work if tempDir consists of the separator, only.
+ * (In this case the toplevel directory will be used for
+ * access speed testing). */
+ ++foundSeparator;
+ *foundSeparator = 0;
+
+ /* Now we copy the directory name for our caller */
+ result = PORT_Strdup(tempName);
+ }
+
+ sqlite3_free(tempName);
+ return result;
+}
+
+/*
+ * Map SQL_LITE errors to PKCS #11 errors as best we can.
+ */
+static CK_RV
+sdb_mapSQLError(sdbDataType type, int sqlerr)
+{
+ switch (sqlerr) {
+ /* good matches */
+ case SQLITE_OK:
+ case SQLITE_DONE:
+ return CKR_OK;
+ case SQLITE_NOMEM:
+ return CKR_HOST_MEMORY;
+ case SQLITE_READONLY:
+ return CKR_TOKEN_WRITE_PROTECTED;
+ /* close matches */
+ case SQLITE_AUTH:
+ case SQLITE_PERM:
+ /*return CKR_USER_NOT_LOGGED_IN; */
+ case SQLITE_CANTOPEN:
+ case SQLITE_NOTFOUND:
+ /* NSS distiguishes between failure to open the cert and the key db */
+ return type == SDB_CERT ? CKR_NETSCAPE_CERTDB_FAILED : CKR_NETSCAPE_KEYDB_FAILED;
+ case SQLITE_IOERR:
+ return CKR_DEVICE_ERROR;
+ default:
+ break;
+ }
+ return CKR_GENERAL_ERROR;
+}
+
+/*
+ * build up database name from a directory, prefix, name, version and flags.
+ */
+static char *
+sdb_BuildFileName(const char *directory,
+ const char *prefix, const char *type,
+ int version)
+{
+ char *dbname = NULL;
+ /* build the full dbname */
+ dbname = sqlite3_mprintf("%s%c%s%s%d.db", directory,
+ (int)(unsigned char)PR_GetDirectorySeparator(),
+ prefix, type, version);
+ return dbname;
+}
+
+/*
+ * find out how expensive the access system call is for non-existant files
+ * in the given directory. Return the number of operations done in 33 ms.
+ */
+static PRUint32
+sdb_measureAccess(const char *directory)
+{
+ PRUint32 i;
+ PRIntervalTime time;
+ PRIntervalTime delta;
+ PRIntervalTime duration = PR_MillisecondsToInterval(33);
+ const char *doesntExistName = "_dOeSnotExist_.db";
+ char *temp, *tempStartOfFilename;
+ size_t maxTempLen, maxFileNameLen, directoryLength;
+
+ /* no directory, just return one */
+ if (directory == NULL) {
+ return 1;
+ }
+
+ /* our calculation assumes time is a 4 bytes == 32 bit integer */
+ PORT_Assert(sizeof(time) == 4);
+
+ directoryLength = strlen(directory);
+
+ maxTempLen = directoryLength + strlen(doesntExistName) + 1 /* potential additional separator char */
+ + 11 /* max chars for 32 bit int plus potential sign */
+ + 1; /* zero terminator */
+
+ temp = PORT_Alloc(maxTempLen);
+ if (!temp) {
+ return 1;
+ }
+
+ /* We'll copy directory into temp just once, then ensure it ends
+ * with the directory separator, then remember the position after
+ * the separator, and calculate the number of remaining bytes. */
+
+ strcpy(temp, directory);
+ if (directory[directoryLength - 1] != PR_GetDirectorySeparator()) {
+ temp[directoryLength++] = PR_GetDirectorySeparator();
+ }
+ tempStartOfFilename = temp + directoryLength;
+ maxFileNameLen = maxTempLen - directoryLength;
+
+ /* measure number of Access operations that can be done in 33 milliseconds
+ * (1/30'th of a second), or 10000 operations, which ever comes first.
+ */
+ time = PR_IntervalNow();
+ for (i = 0; i < 10000u; i++) {
+ PRIntervalTime next;
+
+ /* We'll use the variable part first in the filename string, just in
+ * case it's longer than assumed, so if anything gets cut off, it
+ * will be cut off from the constant part.
+ * This code assumes the directory name at the beginning of
+ * temp remains unchanged during our loop. */
+ PR_snprintf(tempStartOfFilename, maxFileNameLen,
+ ".%lu%s", (PRUint32)(time + i), doesntExistName);
+ PR_Access(temp, PR_ACCESS_EXISTS);
+ next = PR_IntervalNow();
+ delta = next - time;
+ if (delta >= duration)
+ break;
+ }
+
+ PORT_Free(temp);
+
+ /* always return 1 or greater */
+ return i ? i : 1u;
+}
+
+/*
+ * some file sytems are very slow to run sqlite3 on, particularly if the
+ * access count is pretty high. On these filesystems is faster to create
+ * a temporary database on the local filesystem and access that. This
+ * code uses a temporary table to create that cache. Temp tables are
+ * automatically cleared when the database handle it was created on
+ * Is freed.
+ */
+static const char DROP_CACHE_CMD[] = "DROP TABLE %s";
+static const char CREATE_CACHE_CMD[] =
+ "CREATE TEMPORARY TABLE %s AS SELECT * FROM %s";
+static const char CREATE_ISSUER_INDEX_CMD[] =
+ "CREATE INDEX issuer ON %s (a81)";
+static const char CREATE_SUBJECT_INDEX_CMD[] =
+ "CREATE INDEX subject ON %s (a101)";
+static const char CREATE_LABEL_INDEX_CMD[] = "CREATE INDEX label ON %s (a3)";
+static const char CREATE_ID_INDEX_CMD[] = "CREATE INDEX ckaid ON %s (a102)";
+
+static CK_RV
+sdb_buildCache(sqlite3 *sqlDB, sdbDataType type,
+ const char *cacheTable, const char *table)
+{
+ char *newStr;
+ int sqlerr = SQLITE_OK;
+
+ newStr = sqlite3_mprintf(CREATE_CACHE_CMD, cacheTable, table);
+ if (newStr == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK) {
+ return sdb_mapSQLError(type, sqlerr);
+ }
+ /* failure to create the indexes is not an issue */
+ newStr = sqlite3_mprintf(CREATE_ISSUER_INDEX_CMD, cacheTable);
+ if (newStr == NULL) {
+ return CKR_OK;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ newStr = sqlite3_mprintf(CREATE_SUBJECT_INDEX_CMD, cacheTable);
+ if (newStr == NULL) {
+ return CKR_OK;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ newStr = sqlite3_mprintf(CREATE_LABEL_INDEX_CMD, cacheTable);
+ if (newStr == NULL) {
+ return CKR_OK;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ newStr = sqlite3_mprintf(CREATE_ID_INDEX_CMD, cacheTable);
+ if (newStr == NULL) {
+ return CKR_OK;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ return CKR_OK;
+}
+
+/*
+ * update the cache and the data records describing it.
+ * The cache is updated by dropping the temp database and recreating it.
+ */
+static CK_RV
+sdb_updateCache(SDBPrivate *sdb_p)
+{
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ char *newStr;
+
+ /* drop the old table */
+ newStr = sqlite3_mprintf(DROP_CACHE_CMD, sdb_p->cacheTable);
+ if (newStr == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ sqlerr = sqlite3_exec(sdb_p->sqlReadDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if ((sqlerr != SQLITE_OK) && (sqlerr != SQLITE_ERROR)) {
+ /* something went wrong with the drop, don't try to refresh...
+ * NOTE: SQLITE_ERROR is returned if the table doesn't exist. In
+ * that case, we just continue on and try to reload it */
+ return sdb_mapSQLError(sdb_p->type, sqlerr);
+ }
+
+ /* set up the new table */
+ error = sdb_buildCache(sdb_p->sqlReadDB, sdb_p->type,
+ sdb_p->cacheTable, sdb_p->table);
+ if (error == CKR_OK) {
+ /* we have a new cache! */
+ sdb_p->lastUpdateTime = PR_IntervalNow();
+ }
+ return error;
+}
+
+/*
+ * The sharing of sqlite3 handles across threads is tricky. Older versions
+ * couldn't at all, but newer ones can under strict conditions. Basically
+ * no 2 threads can use the same handle while another thread has an open
+ * stmt running. Once the sqlite3_stmt is finalized, another thread can then
+ * use the database handle.
+ *
+ * We use monitors to protect against trying to use a database before
+ * it's sqlite3_stmt is finalized. This is preferable to the opening and
+ * closing the database each operation because there is significant overhead
+ * in the open and close. Also continually opening and closing the database
+ * defeats the cache code as the cache table is lost on close (thus
+ * requiring us to have to reinitialize the cache every operation).
+ *
+ * An execption to the shared handle is transations. All writes happen
+ * through a transaction. When we are in a transaction, we must use the
+ * same database pointer for that entire transation. In this case we save
+ * the transaction database and use it for all accesses on the transaction
+ * thread. Other threads use the common database.
+ *
+ * There can only be once active transaction on the database at a time.
+ *
+ * sdb_openDBLocal() provides us with a valid database handle for whatever
+ * state we are in (reading or in a transaction), and acquires any locks
+ * appropriate to that state. It also decides when it's time to refresh
+ * the cache before we start an operation. Any database handle returned
+ * just eventually be closed with sdb_closeDBLocal().
+ *
+ * The table returned either points to the database's physical table, or
+ * to the cached shadow. Tranactions always return the physical table
+ * and read operations return either the physical table or the cache
+ * depending on whether or not the cache exists.
+ */
+static CK_RV
+sdb_openDBLocal(SDBPrivate *sdb_p, sqlite3 **sqlDB, const char **table)
+{
+ *sqlDB = NULL;
+
+ PR_EnterMonitor(sdb_p->dbMon);
+
+ if (table) {
+ *table = sdb_p->table;
+ }
+
+ /* We're in a transaction, use the transaction DB */
+ if ((sdb_p->sqlXactDB) && (sdb_p->sqlXactThread == PR_GetCurrentThread())) {
+ *sqlDB = sdb_p->sqlXactDB;
+ /* only one thread can get here, safe to unlock */
+ PR_ExitMonitor(sdb_p->dbMon);
+ return CKR_OK;
+ }
+
+ /*
+ * if we are just reading from the table, we may have the table
+ * cached in a temporary table (especially if it's on a shared FS).
+ * In that case we want to see updates to the table, the the granularity
+ * is on order of human scale, not computer scale.
+ */
+ if (table && sdb_p->cacheTable) {
+ PRIntervalTime now = PR_IntervalNow();
+ if ((now - sdb_p->lastUpdateTime) > sdb_p->updateInterval) {
+ sdb_updateCache(sdb_p);
+ }
+ *table = sdb_p->cacheTable;
+ }
+
+ *sqlDB = sdb_p->sqlReadDB;
+
+ /* leave holding the lock. only one thread can actually use a given
+ * database connection at once */
+
+ return CKR_OK;
+}
+
+/* closing the local database currenly means unlocking the monitor */
+static CK_RV
+sdb_closeDBLocal(SDBPrivate *sdb_p, sqlite3 *sqlDB)
+{
+ if (sdb_p->sqlXactDB != sqlDB) {
+ /* if we weren't in a transaction, we got a lock */
+ PR_ExitMonitor(sdb_p->dbMon);
+ }
+ return CKR_OK;
+}
+
+/*
+ * wrapper to sqlite3_open which also sets the busy_timeout
+ */
+static int
+sdb_openDB(const char *name, sqlite3 **sqlDB, int flags)
+{
+ int sqlerr;
+ /*
+ * in sqlite3 3.5.0, there is a new open call that allows us
+ * to specify read only. Most new OS's are still on 3.3.x (including
+ * NSS's internal version and the version shipped with Firefox).
+ */
+ *sqlDB = NULL;
+ sqlerr = sqlite3_open(name, sqlDB);
+ if (sqlerr != SQLITE_OK) {
+ return sqlerr;
+ }
+
+ sqlerr = sqlite3_busy_timeout(*sqlDB, SDB_SQLITE_BUSY_TIMEOUT);
+ if (sqlerr != SQLITE_OK) {
+ sqlite3_close(*sqlDB);
+ *sqlDB = NULL;
+ return sqlerr;
+ }
+ return SQLITE_OK;
+}
+
+/* Sigh, if we created a new table since we opened the database,
+ * the database handle will not see the new table, we need to close this
+ * database and reopen it. Caller must be in a transaction or holding
+ * the dbMon. sqlDB is changed on success. */
+static int
+sdb_reopenDBLocal(SDBPrivate *sdb_p, sqlite3 **sqlDB)
+{
+ sqlite3 *newDB;
+ int sqlerr;
+
+ /* open a new database */
+ sqlerr = sdb_openDB(sdb_p->sqlDBName, &newDB, SDB_RDONLY);
+ if (sqlerr != SQLITE_OK) {
+ return sqlerr;
+ }
+
+ /* if we are in a transaction, we may not be holding the monitor.
+ * grab it before we update the transaction database. This is
+ * safe since are using monitors. */
+ PR_EnterMonitor(sdb_p->dbMon);
+ /* update our view of the database */
+ if (sdb_p->sqlReadDB == *sqlDB) {
+ sdb_p->sqlReadDB = newDB;
+ } else if (sdb_p->sqlXactDB == *sqlDB) {
+ sdb_p->sqlXactDB = newDB;
+ }
+ PR_ExitMonitor(sdb_p->dbMon);
+
+ /* close the old one */
+ sqlite3_close(*sqlDB);
+
+ *sqlDB = newDB;
+ return SQLITE_OK;
+}
+
+struct SDBFindStr {
+ sqlite3 *sqlDB;
+ sqlite3_stmt *findstmt;
+};
+
+static const char FIND_OBJECTS_CMD[] = "SELECT ALL * FROM %s WHERE %s;";
+static const char FIND_OBJECTS_ALL_CMD[] = "SELECT ALL * FROM %s;";
+CK_RV
+sdb_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *template, CK_ULONG count,
+ SDBFind **find)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ const char *table;
+ char *newStr, *findStr = NULL;
+ sqlite3_stmt *findstmt = NULL;
+ char *join = "";
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ unsigned int i;
+
+ LOCK_SQLITE()
+ *find = NULL;
+ error = sdb_openDBLocal(sdb_p, &sqlDB, &table);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+
+ findStr = sqlite3_mprintf("");
+ for (i = 0; findStr && i < count; i++) {
+ newStr = sqlite3_mprintf("%s%sa%x=$DATA%d", findStr, join,
+ template[i].type, i);
+ join = " AND ";
+ sqlite3_free(findStr);
+ findStr = newStr;
+ }
+
+ if (findStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ if (count == 0) {
+ newStr = sqlite3_mprintf(FIND_OBJECTS_ALL_CMD, table);
+ } else {
+ newStr = sqlite3_mprintf(FIND_OBJECTS_CMD, table, findStr);
+ }
+ sqlite3_free(findStr);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_prepare_v2(sqlDB, newStr, -1, &findstmt, NULL);
+ sqlite3_free(newStr);
+ for (i = 0; sqlerr == SQLITE_OK && i < count; i++) {
+ const void *blobData = template[i].pValue;
+ unsigned int blobSize = template[i].ulValueLen;
+ if (blobSize == 0) {
+ blobSize = SQLITE_EXPLICIT_NULL_LEN;
+ blobData = SQLITE_EXPLICIT_NULL;
+ }
+ sqlerr = sqlite3_bind_blob(findstmt, i + 1, blobData, blobSize,
+ SQLITE_TRANSIENT);
+ }
+ if (sqlerr == SQLITE_OK) {
+ *find = PORT_New(SDBFind);
+ if (*find == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ (*find)->findstmt = findstmt;
+ (*find)->sqlDB = sqlDB;
+ UNLOCK_SQLITE()
+ return CKR_OK;
+ }
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+
+loser:
+ if (findstmt) {
+ sqlite3_reset(findstmt);
+ sqlite3_finalize(findstmt);
+ }
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+ UNLOCK_SQLITE()
+ return error;
+}
+
+CK_RV
+sdb_FindObjects(SDB *sdb, SDBFind *sdbFind, CK_OBJECT_HANDLE *object,
+ CK_ULONG arraySize, CK_ULONG *count)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3_stmt *stmt = sdbFind->findstmt;
+ int sqlerr = SQLITE_OK;
+ int retry = 0;
+
+ *count = 0;
+
+ if (arraySize == 0) {
+ return CKR_OK;
+ }
+ LOCK_SQLITE()
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ if (sqlerr == SQLITE_ROW) {
+ /* only care about the id */
+ *object++ = sqlite3_column_int(stmt, 0);
+ arraySize--;
+ (*count)++;
+ }
+ } while (!sdb_done(sqlerr, &retry) && (arraySize > 0));
+
+ /* we only have some of the objects, there is probably more,
+ * set the sqlerr to an OK value so we return CKR_OK */
+ if (sqlerr == SQLITE_ROW && arraySize == 0) {
+ sqlerr = SQLITE_DONE;
+ }
+ UNLOCK_SQLITE()
+
+ return sdb_mapSQLError(sdb_p->type, sqlerr);
+}
+
+CK_RV
+sdb_FindObjectsFinal(SDB *sdb, SDBFind *sdbFind)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3_stmt *stmt = sdbFind->findstmt;
+ sqlite3 *sqlDB = sdbFind->sqlDB;
+ int sqlerr = SQLITE_OK;
+
+ LOCK_SQLITE()
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlerr = sqlite3_finalize(stmt);
+ }
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+ PORT_Free(sdbFind);
+
+ UNLOCK_SQLITE()
+ return sdb_mapSQLError(sdb_p->type, sqlerr);
+}
+
+static const char GET_ATTRIBUTE_CMD[] = "SELECT ALL %s FROM %s WHERE id=$ID;";
+CK_RV
+sdb_GetAttributeValueNoLock(SDB *sdb, CK_OBJECT_HANDLE object_id,
+ CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ sqlite3_stmt *stmt = NULL;
+ char *getStr = NULL;
+ char *newStr = NULL;
+ const char *table = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ int found = 0;
+ int retry = 0;
+ unsigned int i;
+
+ /* open a new db if necessary */
+ error = sdb_openDBLocal(sdb_p, &sqlDB, &table);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+
+ for (i = 0; i < count; i++) {
+ getStr = sqlite3_mprintf("a%x", template[i].type);
+
+ if (getStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ newStr = sqlite3_mprintf(GET_ATTRIBUTE_CMD, getStr, table);
+ sqlite3_free(getStr);
+ getStr = NULL;
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ sqlerr = sqlite3_prepare_v2(sqlDB, newStr, -1, &stmt, NULL);
+ sqlite3_free(newStr);
+ newStr = NULL;
+ if (sqlerr == SQLITE_ERROR) {
+ template[i].ulValueLen = -1;
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ continue;
+ } else if (sqlerr != SQLITE_OK) {
+ goto loser;
+ }
+
+ sqlerr = sqlite3_bind_int(stmt, 1, object_id);
+ if (sqlerr != SQLITE_OK) {
+ goto loser;
+ }
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ if (sqlerr == SQLITE_ROW) {
+ unsigned int blobSize;
+ const char *blobData;
+
+ blobSize = sqlite3_column_bytes(stmt, 0);
+ blobData = sqlite3_column_blob(stmt, 0);
+ if (blobData == NULL) {
+ template[i].ulValueLen = -1;
+ error = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ /* If the blob equals our explicit NULL value, then the
+ * attribute is a NULL. */
+ if ((blobSize == SQLITE_EXPLICIT_NULL_LEN) &&
+ (PORT_Memcmp(blobData, SQLITE_EXPLICIT_NULL,
+ SQLITE_EXPLICIT_NULL_LEN) == 0)) {
+ blobSize = 0;
+ }
+ if (template[i].pValue) {
+ if (template[i].ulValueLen < blobSize) {
+ template[i].ulValueLen = -1;
+ error = CKR_BUFFER_TOO_SMALL;
+ break;
+ }
+ PORT_Memcpy(template[i].pValue, blobData, blobSize);
+ }
+ template[i].ulValueLen = blobSize;
+ found = 1;
+ }
+ } while (!sdb_done(sqlerr, &retry));
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ stmt = NULL;
+ }
+
+loser:
+ /* fix up the error if necessary */
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ if (!found && error == CKR_OK) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ }
+ }
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ /* if we had to open a new database, free it now */
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+ return error;
+}
+
+CK_RV
+sdb_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id,
+ CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ CK_RV crv;
+
+ if (count == 0) {
+ return CKR_OK;
+ }
+
+ LOCK_SQLITE()
+ crv = sdb_GetAttributeValueNoLock(sdb, object_id, template, count);
+ UNLOCK_SQLITE()
+ return crv;
+}
+
+static const char SET_ATTRIBUTE_CMD[] = "UPDATE %s SET %s WHERE id=$ID;";
+CK_RV
+sdb_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id,
+ const CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ sqlite3_stmt *stmt = NULL;
+ char *setStr = NULL;
+ char *newStr = NULL;
+ int sqlerr = SQLITE_OK;
+ int retry = 0;
+ CK_RV error = CKR_OK;
+ unsigned int i;
+
+ if ((sdb->sdb_flags & SDB_RDONLY) != 0) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ if (count == 0) {
+ return CKR_OK;
+ }
+
+ LOCK_SQLITE()
+ setStr = sqlite3_mprintf("");
+ for (i = 0; setStr && i < count; i++) {
+ if (i == 0) {
+ sqlite3_free(setStr);
+ setStr = sqlite3_mprintf("a%x=$VALUE%d",
+ template[i].type, i);
+ continue;
+ }
+ newStr = sqlite3_mprintf("%s,a%x=$VALUE%d", setStr,
+ template[i].type, i);
+ sqlite3_free(setStr);
+ setStr = newStr;
+ }
+ newStr = NULL;
+
+ if (setStr == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ newStr = sqlite3_mprintf(SET_ATTRIBUTE_CMD, sdb_p->table, setStr);
+ sqlite3_free(setStr);
+ if (newStr == NULL) {
+ UNLOCK_SQLITE()
+ return CKR_HOST_MEMORY;
+ }
+ error = sdb_openDBLocal(sdb_p, &sqlDB, NULL);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+ sqlerr = sqlite3_prepare_v2(sqlDB, newStr, -1, &stmt, NULL);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ for (i = 0; i < count; i++) {
+ if (template[i].ulValueLen != 0) {
+ sqlerr = sqlite3_bind_blob(stmt, i + 1, template[i].pValue,
+ template[i].ulValueLen, SQLITE_STATIC);
+ } else {
+ sqlerr = sqlite3_bind_blob(stmt, i + 1, SQLITE_EXPLICIT_NULL,
+ SQLITE_EXPLICIT_NULL_LEN, SQLITE_STATIC);
+ }
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ }
+ sqlerr = sqlite3_bind_int(stmt, i + 1, object_id);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+loser:
+ if (newStr) {
+ sqlite3_free(newStr);
+ }
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ }
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+
+ UNLOCK_SQLITE()
+ return error;
+}
+
+/*
+ * check to see if a candidate object handle already exists.
+ */
+static PRBool
+sdb_objectExists(SDB *sdb, CK_OBJECT_HANDLE candidate)
+{
+ CK_RV crv;
+ CK_ATTRIBUTE template = { CKA_LABEL, NULL, 0 };
+
+ crv = sdb_GetAttributeValueNoLock(sdb, candidate, &template, 1);
+ if (crv == CKR_OBJECT_HANDLE_INVALID) {
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/*
+ * if we're here, we are in a transaction, so it's safe
+ * to examine the current state of the database
+ */
+static CK_OBJECT_HANDLE
+sdb_getObjectId(SDB *sdb)
+{
+ CK_OBJECT_HANDLE candidate;
+ static CK_OBJECT_HANDLE next_obj = CK_INVALID_HANDLE;
+ int count;
+ /*
+ * get an initial object handle to use
+ */
+ if (next_obj == CK_INVALID_HANDLE) {
+ PRTime time;
+ time = PR_Now();
+
+ next_obj = (CK_OBJECT_HANDLE)(time & 0x3fffffffL);
+ }
+ candidate = next_obj++;
+ /* detect that we've looped through all the handles... */
+ for (count = 0; count < 0x40000000; count++, candidate = next_obj++) {
+ /* mask off excess bits */
+ candidate &= 0x3fffffff;
+ /* if we hit zero, go to the next entry */
+ if (candidate == CK_INVALID_HANDLE) {
+ continue;
+ }
+ /* make sure we aren't already using */
+ if (!sdb_objectExists(sdb, candidate)) {
+ /* this one is free */
+ return candidate;
+ }
+ }
+
+ /* no handle is free, fail */
+ return CK_INVALID_HANDLE;
+}
+
+static const char CREATE_CMD[] = "INSERT INTO %s (id%s) VALUES($ID%s);";
+CK_RV
+sdb_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *object_id,
+ const CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ sqlite3_stmt *stmt = NULL;
+ char *columnStr = NULL;
+ char *valueStr = NULL;
+ char *newStr = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ CK_OBJECT_HANDLE this_object = CK_INVALID_HANDLE;
+ int retry = 0;
+ unsigned int i;
+
+ if ((sdb->sdb_flags & SDB_RDONLY) != 0) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ LOCK_SQLITE()
+ if ((*object_id != CK_INVALID_HANDLE) &&
+ !sdb_objectExists(sdb, *object_id)) {
+ this_object = *object_id;
+ } else {
+ this_object = sdb_getObjectId(sdb);
+ }
+ if (this_object == CK_INVALID_HANDLE) {
+ UNLOCK_SQLITE();
+ return CKR_HOST_MEMORY;
+ }
+ columnStr = sqlite3_mprintf("");
+ valueStr = sqlite3_mprintf("");
+ *object_id = this_object;
+ for (i = 0; columnStr && valueStr && i < count; i++) {
+ newStr = sqlite3_mprintf("%s,a%x", columnStr, template[i].type);
+ sqlite3_free(columnStr);
+ columnStr = newStr;
+ newStr = sqlite3_mprintf("%s,$VALUE%d", valueStr, i);
+ sqlite3_free(valueStr);
+ valueStr = newStr;
+ }
+ newStr = NULL;
+ if ((columnStr == NULL) || (valueStr == NULL)) {
+ if (columnStr) {
+ sqlite3_free(columnStr);
+ }
+ if (valueStr) {
+ sqlite3_free(valueStr);
+ }
+ UNLOCK_SQLITE()
+ return CKR_HOST_MEMORY;
+ }
+ newStr = sqlite3_mprintf(CREATE_CMD, sdb_p->table, columnStr, valueStr);
+ sqlite3_free(columnStr);
+ sqlite3_free(valueStr);
+ error = sdb_openDBLocal(sdb_p, &sqlDB, NULL);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+ sqlerr = sqlite3_prepare_v2(sqlDB, newStr, -1, &stmt, NULL);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ sqlerr = sqlite3_bind_int(stmt, 1, *object_id);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ for (i = 0; i < count; i++) {
+ if (template[i].ulValueLen) {
+ sqlerr = sqlite3_bind_blob(stmt, i + 2, template[i].pValue,
+ template[i].ulValueLen, SQLITE_STATIC);
+ } else {
+ sqlerr = sqlite3_bind_blob(stmt, i + 2, SQLITE_EXPLICIT_NULL,
+ SQLITE_EXPLICIT_NULL_LEN, SQLITE_STATIC);
+ }
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ }
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+loser:
+ if (newStr) {
+ sqlite3_free(newStr);
+ }
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ }
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+ UNLOCK_SQLITE()
+
+ return error;
+}
+
+static const char DESTROY_CMD[] = "DELETE FROM %s WHERE (id=$ID);";
+
+CK_RV
+sdb_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ sqlite3_stmt *stmt = NULL;
+ char *newStr = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ int retry = 0;
+
+ if ((sdb->sdb_flags & SDB_RDONLY) != 0) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ LOCK_SQLITE()
+ error = sdb_openDBLocal(sdb_p, &sqlDB, NULL);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+ newStr = sqlite3_mprintf(DESTROY_CMD, sdb_p->table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_prepare_v2(sqlDB, newStr, -1, &stmt, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ sqlerr = sqlite3_bind_int(stmt, 1, object_id);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+loser:
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ }
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+
+ UNLOCK_SQLITE()
+ return error;
+}
+
+static const char BEGIN_CMD[] = "BEGIN IMMEDIATE TRANSACTION;";
+
+/*
+ * start a transaction.
+ *
+ * We need to open a new database, then store that new database into
+ * the private data structure. We open the database first, then use locks
+ * to protect storing the data to prevent deadlocks.
+ */
+CK_RV
+sdb_Begin(SDB *sdb)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ int retry = 0;
+
+ if ((sdb->sdb_flags & SDB_RDONLY) != 0) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ LOCK_SQLITE()
+
+ /* get a new version that we will use for the entire transaction */
+ sqlerr = sdb_openDB(sdb_p->sqlDBName, &sqlDB, SDB_RDWR);
+ if (sqlerr != SQLITE_OK) {
+ goto loser;
+ }
+
+ sqlerr = sqlite3_prepare_v2(sqlDB, BEGIN_CMD, -1, &stmt, NULL);
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+loser:
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+
+ /* we are starting a new transaction,
+ * and if we succeeded, then save this database for the rest of
+ * our transaction */
+ if (error == CKR_OK) {
+ /* we hold a 'BEGIN TRANSACTION' and a sdb_p->lock. At this point
+ * sdb_p->sqlXactDB MUST be null */
+ PR_EnterMonitor(sdb_p->dbMon);
+ PORT_Assert(sdb_p->sqlXactDB == NULL);
+ sdb_p->sqlXactDB = sqlDB;
+ sdb_p->sqlXactThread = PR_GetCurrentThread();
+ PR_ExitMonitor(sdb_p->dbMon);
+ } else {
+ /* we failed to start our transaction,
+ * free any databases we opened. */
+ if (sqlDB) {
+ sqlite3_close(sqlDB);
+ }
+ }
+
+ UNLOCK_SQLITE()
+ return error;
+}
+
+/*
+ * Complete a transaction. Basically undo everything we did in begin.
+ * There are 2 flavors Abort and Commit. Basically the only differerence between
+ * these 2 are what the database will show. (no change in to former, change in
+ * the latter).
+ */
+static CK_RV
+sdb_complete(SDB *sdb, const char *cmd)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ int retry = 0;
+
+ if ((sdb->sdb_flags & SDB_RDONLY) != 0) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* We must have a transation database, or we shouldn't have arrived here */
+ PR_EnterMonitor(sdb_p->dbMon);
+ PORT_Assert(sdb_p->sqlXactDB);
+ if (sdb_p->sqlXactDB == NULL) {
+ PR_ExitMonitor(sdb_p->dbMon);
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+ PORT_Assert(sdb_p->sqlXactThread == PR_GetCurrentThread());
+ if (sdb_p->sqlXactThread != PR_GetCurrentThread()) {
+ PR_ExitMonitor(sdb_p->dbMon);
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+ sqlDB = sdb_p->sqlXactDB;
+ sdb_p->sqlXactDB = NULL; /* no one else can get to this DB,
+ * safe to unlock */
+ sdb_p->sqlXactThread = NULL;
+ PR_ExitMonitor(sdb_p->dbMon);
+
+ sqlerr = sqlite3_prepare_v2(sqlDB, cmd, -1, &stmt, NULL);
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+ /* Pending BEGIN TRANSACTIONS Can move forward at this point. */
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ /* we we have a cached DB image, update it as well */
+ if (sdb_p->cacheTable) {
+ PR_EnterMonitor(sdb_p->dbMon);
+ sdb_updateCache(sdb_p);
+ PR_ExitMonitor(sdb_p->dbMon);
+ }
+
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+
+ /* We just finished a transaction.
+ * Free the database, and remove it from the list */
+ sqlite3_close(sqlDB);
+
+ return error;
+}
+
+static const char COMMIT_CMD[] = "COMMIT TRANSACTION;";
+CK_RV
+sdb_Commit(SDB *sdb)
+{
+ CK_RV crv;
+ LOCK_SQLITE()
+ crv = sdb_complete(sdb, COMMIT_CMD);
+ UNLOCK_SQLITE()
+ return crv;
+}
+
+static const char ROLLBACK_CMD[] = "ROLLBACK TRANSACTION;";
+CK_RV
+sdb_Abort(SDB *sdb)
+{
+ CK_RV crv;
+ LOCK_SQLITE()
+ crv = sdb_complete(sdb, ROLLBACK_CMD);
+ UNLOCK_SQLITE()
+ return crv;
+}
+
+static int tableExists(sqlite3 *sqlDB, const char *tableName);
+
+static const char GET_PW_CMD[] = "SELECT ALL * FROM metaData WHERE id=$ID;";
+CK_RV
+sdb_GetMetaData(SDB *sdb, const char *id, SECItem *item1, SECItem *item2)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = sdb_p->sqlXactDB;
+ sqlite3_stmt *stmt = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ int found = 0;
+ int retry = 0;
+
+ LOCK_SQLITE()
+ error = sdb_openDBLocal(sdb_p, &sqlDB, NULL);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+
+ /* handle 'test' versions of the sqlite db */
+ sqlerr = sqlite3_prepare_v2(sqlDB, GET_PW_CMD, -1, &stmt, NULL);
+ /* Sigh, if we created a new table since we opened the database,
+ * the database handle will not see the new table, we need to close this
+ * database and reopen it. This is safe because we are holding the lock
+ * still. */
+ if (sqlerr == SQLITE_SCHEMA) {
+ sqlerr = sdb_reopenDBLocal(sdb_p, &sqlDB);
+ if (sqlerr != SQLITE_OK) {
+ goto loser;
+ }
+ sqlerr = sqlite3_prepare_v2(sqlDB, GET_PW_CMD, -1, &stmt, NULL);
+ }
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ sqlerr = sqlite3_bind_text(stmt, 1, id, PORT_Strlen(id), SQLITE_STATIC);
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ if (sqlerr == SQLITE_ROW) {
+ const char *blobData;
+ unsigned int len = item1->len;
+ item1->len = sqlite3_column_bytes(stmt, 1);
+ if (item1->len > len) {
+ error = CKR_BUFFER_TOO_SMALL;
+ continue;
+ }
+ blobData = sqlite3_column_blob(stmt, 1);
+ PORT_Memcpy(item1->data, blobData, item1->len);
+ if (item2) {
+ len = item2->len;
+ item2->len = sqlite3_column_bytes(stmt, 2);
+ if (item2->len > len) {
+ error = CKR_BUFFER_TOO_SMALL;
+ continue;
+ }
+ blobData = sqlite3_column_blob(stmt, 2);
+ PORT_Memcpy(item2->data, blobData, item2->len);
+ }
+ found = 1;
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+loser:
+ /* fix up the error if necessary */
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ if (!found && error == CKR_OK) {
+ error = CKR_OBJECT_HANDLE_INVALID;
+ }
+ }
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+ UNLOCK_SQLITE()
+
+ return error;
+}
+
+static const char PW_CREATE_TABLE_CMD[] =
+ "CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);";
+static const char PW_CREATE_CMD[] =
+ "INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);";
+static const char MD_CREATE_CMD[] =
+ "INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);";
+
+CK_RV
+sdb_PutMetaData(SDB *sdb, const char *id, const SECItem *item1,
+ const SECItem *item2)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = sdb_p->sqlXactDB;
+ sqlite3_stmt *stmt = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ int retry = 0;
+ const char *cmd = PW_CREATE_CMD;
+
+ if ((sdb->sdb_flags & SDB_RDONLY) != 0) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ LOCK_SQLITE()
+ error = sdb_openDBLocal(sdb_p, &sqlDB, NULL);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+
+ if (!tableExists(sqlDB, "metaData")) {
+ sqlerr = sqlite3_exec(sqlDB, PW_CREATE_TABLE_CMD, NULL, 0, NULL);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ }
+ if (item2 == NULL) {
+ cmd = MD_CREATE_CMD;
+ }
+ sqlerr = sqlite3_prepare_v2(sqlDB, cmd, -1, &stmt, NULL);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ sqlerr = sqlite3_bind_text(stmt, 1, id, PORT_Strlen(id), SQLITE_STATIC);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ sqlerr = sqlite3_bind_blob(stmt, 2, item1->data, item1->len, SQLITE_STATIC);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ if (item2) {
+ sqlerr = sqlite3_bind_blob(stmt, 3, item2->data,
+ item2->len, SQLITE_STATIC);
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+ }
+
+ do {
+ sqlerr = sqlite3_step(stmt);
+ if (sqlerr == SQLITE_BUSY) {
+ PR_Sleep(SDB_BUSY_RETRY_TIME);
+ }
+ } while (!sdb_done(sqlerr, &retry));
+
+loser:
+ /* fix up the error if necessary */
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ }
+
+ if (stmt) {
+ sqlite3_reset(stmt);
+ sqlite3_finalize(stmt);
+ }
+
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+ UNLOCK_SQLITE()
+
+ return error;
+}
+
+static const char RESET_CMD[] = "DROP TABLE IF EXISTS %s;";
+CK_RV
+sdb_Reset(SDB *sdb)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ sqlite3 *sqlDB = NULL;
+ char *newStr;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+
+ /* only Key databases can be reset */
+ if (sdb_p->type != SDB_KEY) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ LOCK_SQLITE()
+ error = sdb_openDBLocal(sdb_p, &sqlDB, NULL);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+
+ /* delete the key table */
+ newStr = sqlite3_mprintf(RESET_CMD, sdb_p->table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+
+ if (sqlerr != SQLITE_OK)
+ goto loser;
+
+ /* delete the password entry table */
+ sqlerr = sqlite3_exec(sqlDB, "DROP TABLE IF EXISTS metaData;",
+ NULL, 0, NULL);
+
+loser:
+ /* fix up the error if necessary */
+ if (error == CKR_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ }
+
+ if (sqlDB) {
+ sdb_closeDBLocal(sdb_p, sqlDB);
+ }
+
+ UNLOCK_SQLITE()
+ return error;
+}
+
+CK_RV
+sdb_Close(SDB *sdb)
+{
+ SDBPrivate *sdb_p = sdb->private;
+ int sqlerr = SQLITE_OK;
+ sdbDataType type = sdb_p->type;
+
+ sqlerr = sqlite3_close(sdb_p->sqlReadDB);
+ PORT_Free(sdb_p->sqlDBName);
+ if (sdb_p->cacheTable) {
+ sqlite3_free(sdb_p->cacheTable);
+ }
+ if (sdb_p->dbMon) {
+ PR_DestroyMonitor(sdb_p->dbMon);
+ }
+ free(sdb_p);
+ free(sdb);
+ return sdb_mapSQLError(type, sqlerr);
+}
+
+/*
+ * functions to support open
+ */
+
+static const char CHECK_TABLE_CMD[] = "SELECT ALL * FROM %s LIMIT 0;";
+
+/* return 1 if sqlDB contains table 'tableName */
+static int
+tableExists(sqlite3 *sqlDB, const char *tableName)
+{
+ char *cmd = sqlite3_mprintf(CHECK_TABLE_CMD, tableName);
+ int sqlerr = SQLITE_OK;
+
+ if (cmd == NULL) {
+ return 0;
+ }
+
+ sqlerr = sqlite3_exec(sqlDB, cmd, NULL, 0, 0);
+ sqlite3_free(cmd);
+
+ return (sqlerr == SQLITE_OK) ? 1 : 0;
+}
+
+void
+sdb_SetForkState(PRBool forked)
+{
+ /* XXXright now this is a no-op. The global fork state in the softokn3
+ * shared library is already taken care of at the PKCS#11 level.
+ * If and when we add fork state to the sqlite shared library and extern
+ * interface, we will need to set it and reset it from here */
+}
+
+/*
+ * initialize a single database
+ */
+static const char INIT_CMD[] =
+ "CREATE TABLE %s (id PRIMARY KEY UNIQUE ON CONFLICT ABORT%s)";
+
+CK_RV
+sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,
+ int *newInit, int inFlags, PRUint32 accessOps, SDB **pSdb)
+{
+ int i;
+ char *initStr = NULL;
+ char *newStr;
+ int inTransaction = 0;
+ SDB *sdb = NULL;
+ SDBPrivate *sdb_p = NULL;
+ sqlite3 *sqlDB = NULL;
+ int sqlerr = SQLITE_OK;
+ CK_RV error = CKR_OK;
+ char *cacheTable = NULL;
+ PRIntervalTime now = 0;
+ char *env;
+ PRBool enableCache = PR_FALSE;
+ PRBool create;
+ int flags = inFlags & 0x7;
+
+ *pSdb = NULL;
+ *inUpdate = 0;
+
+ /* sqlite3 doesn't have a flag to specify that we want to
+ * open the database read only. If the db doesn't exist,
+ * sqlite3 will always create it.
+ */
+ LOCK_SQLITE();
+ create = (PR_Access(dbname, PR_ACCESS_EXISTS) != PR_SUCCESS);
+ if ((flags == SDB_RDONLY) && create) {
+ error = sdb_mapSQLError(type, SQLITE_CANTOPEN);
+ goto loser;
+ }
+ sqlerr = sdb_openDB(dbname, &sqlDB, flags);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+
+ /*
+ * SQL created the file, but it doesn't set appropriate modes for
+ * a database.
+ *
+ * NO NSPR call for chmod? :(
+ */
+ if (create && chmod(dbname, 0600) != 0) {
+ error = sdb_mapSQLError(type, SQLITE_CANTOPEN);
+ goto loser;
+ }
+
+ if (flags != SDB_RDONLY) {
+ sqlerr = sqlite3_exec(sqlDB, BEGIN_CMD, NULL, 0, NULL);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+ inTransaction = 1;
+ }
+ if (!tableExists(sqlDB, table)) {
+ *newInit = 1;
+ if (flags != SDB_CREATE) {
+ error = sdb_mapSQLError(type, SQLITE_CANTOPEN);
+ goto loser;
+ }
+ initStr = sqlite3_mprintf("");
+ for (i = 0; initStr && i < known_attributes_size; i++) {
+ newStr = sqlite3_mprintf("%s, a%x", initStr, known_attributes[i]);
+ sqlite3_free(initStr);
+ initStr = newStr;
+ }
+ if (initStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ newStr = sqlite3_mprintf(INIT_CMD, table, initStr);
+ sqlite3_free(initStr);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+
+ newStr = sqlite3_mprintf(CREATE_ISSUER_INDEX_CMD, table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+
+ newStr = sqlite3_mprintf(CREATE_SUBJECT_INDEX_CMD, table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+
+ newStr = sqlite3_mprintf(CREATE_LABEL_INDEX_CMD, table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+
+ newStr = sqlite3_mprintf(CREATE_ID_INDEX_CMD, table);
+ if (newStr == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ sqlerr = sqlite3_exec(sqlDB, newStr, NULL, 0, NULL);
+ sqlite3_free(newStr);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(type, sqlerr);
+ goto loser;
+ }
+ }
+ /*
+ * detect the case where we have created the database, but have
+ * not yet updated it.
+ *
+ * We only check the Key database because only the key database has
+ * a metaData table. The metaData table is created when a password
+ * is set, or in the case of update, when a password is supplied.
+ * If no key database exists, then the update would have happened immediately
+ * on noticing that the cert database didn't exist (see newInit set above).
+ */
+ if (type == SDB_KEY && !tableExists(sqlDB, "metaData")) {
+ *newInit = 1;
+ }
+
+ /* access to network filesystems are significantly slower than local ones
+ * for database operations. In those cases we need to create a cached copy
+ * of the database in a temporary location on the local disk. SQLITE
+ * already provides a way to create a temporary table and initialize it,
+ * so we use it for the cache (see sdb_buildCache for how it's done).*/
+
+ /*
+ * we decide whether or not to use the cache based on the following input.
+ *
+ * NSS_SDB_USE_CACHE environment variable is non-existant or set to
+ * anything other than "no" or "yes" ("auto", for instance).
+ * This is the normal case. NSS will measure the performance of access
+ * to the temp database versus the access to the users passed in
+ * database location. If the temp database location is "significantly"
+ * faster we will use the cache.
+ *
+ * NSS_SDB_USE_CACHE environment variable is set to "no": cache will not
+ * be used.
+ *
+ * NSS_SDB_USE_CACHE environment variable is set to "yes": cache will
+ * always be used.
+ *
+ * It is expected that most applications would use the "auto" selection,
+ * the environment variable is primarily to simplify testing, and to
+ * correct potential corner cases where */
+
+ env = PR_GetEnvSecure("NSS_SDB_USE_CACHE");
+
+ if (env && PORT_Strcasecmp(env, "no") == 0) {
+ enableCache = PR_FALSE;
+ } else if (env && PORT_Strcasecmp(env, "yes") == 0) {
+ enableCache = PR_TRUE;
+ } else {
+ char *tempDir = NULL;
+ PRUint32 tempOps = 0;
+ /*
+ * Use PR_Access to determine how expensive it
+ * is to check for the existance of a local file compared to the same
+ * check in the temp directory. If the temp directory is faster, cache
+ * the database there. */
+ tempDir = sdb_getTempDir(sqlDB);
+ if (tempDir) {
+ tempOps = sdb_measureAccess(tempDir);
+ PORT_Free(tempDir);
+
+ /* There is a cost to continually copying the database.
+ * Account for that cost with the arbitrary factor of 10 */
+ enableCache = (PRBool)(tempOps > accessOps * 10);
+ }
+ }
+
+ if (enableCache) {
+ /* try to set the temp store to memory.*/
+ sqlite3_exec(sqlDB, "PRAGMA temp_store=MEMORY", NULL, 0, NULL);
+ /* Failure to set the temp store to memory is not fatal,
+ * ignore the error */
+
+ cacheTable = sqlite3_mprintf("%sCache", table);
+ if (cacheTable == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ /* build the cache table */
+ error = sdb_buildCache(sqlDB, type, cacheTable, table);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+ /* initialize the last cache build time */
+ now = PR_IntervalNow();
+ }
+
+ sdb = (SDB *)malloc(sizeof(SDB));
+ sdb_p = (SDBPrivate *)malloc(sizeof(SDBPrivate));
+
+ /* invariant fields */
+ sdb_p->sqlDBName = PORT_Strdup(dbname);
+ sdb_p->type = type;
+ sdb_p->table = table;
+ sdb_p->cacheTable = cacheTable;
+ sdb_p->lastUpdateTime = now;
+ /* set the cache delay time. This is how long we will wait before we
+ * decide the existing cache is stale. Currently set to 10 sec */
+ sdb_p->updateInterval = PR_SecondsToInterval(10);
+ sdb_p->dbMon = PR_NewMonitor();
+ /* these fields are protected by the lock */
+ sdb_p->sqlXactDB = NULL;
+ sdb_p->sqlXactThread = NULL;
+ sdb->private = sdb_p;
+ sdb->version = 0;
+ sdb->sdb_flags = inFlags | SDB_HAS_META;
+ sdb->app_private = NULL;
+ sdb->sdb_FindObjectsInit = sdb_FindObjectsInit;
+ sdb->sdb_FindObjects = sdb_FindObjects;
+ sdb->sdb_FindObjectsFinal = sdb_FindObjectsFinal;
+ sdb->sdb_GetAttributeValue = sdb_GetAttributeValue;
+ sdb->sdb_SetAttributeValue = sdb_SetAttributeValue;
+ sdb->sdb_CreateObject = sdb_CreateObject;
+ sdb->sdb_DestroyObject = sdb_DestroyObject;
+ sdb->sdb_GetMetaData = sdb_GetMetaData;
+ sdb->sdb_PutMetaData = sdb_PutMetaData;
+ sdb->sdb_Begin = sdb_Begin;
+ sdb->sdb_Commit = sdb_Commit;
+ sdb->sdb_Abort = sdb_Abort;
+ sdb->sdb_Reset = sdb_Reset;
+ sdb->sdb_Close = sdb_Close;
+ sdb->sdb_SetForkState = sdb_SetForkState;
+
+ if (inTransaction) {
+ sqlerr = sqlite3_exec(sqlDB, COMMIT_CMD, NULL, 0, NULL);
+ if (sqlerr != SQLITE_OK) {
+ error = sdb_mapSQLError(sdb_p->type, sqlerr);
+ goto loser;
+ }
+ inTransaction = 0;
+ }
+
+ sdb_p->sqlReadDB = sqlDB;
+
+ *pSdb = sdb;
+ UNLOCK_SQLITE();
+ return CKR_OK;
+
+loser:
+ /* lots of stuff to do */
+ if (inTransaction) {
+ sqlite3_exec(sqlDB, ROLLBACK_CMD, NULL, 0, NULL);
+ }
+ if (sdb) {
+ free(sdb);
+ }
+ if (sdb_p) {
+ free(sdb_p);
+ }
+ if (sqlDB) {
+ sqlite3_close(sqlDB);
+ }
+ UNLOCK_SQLITE();
+ return error;
+}
+
+/* sdbopen */
+CK_RV
+s_open(const char *directory, const char *certPrefix, const char *keyPrefix,
+ int cert_version, int key_version, int flags,
+ SDB **certdb, SDB **keydb, int *newInit)
+{
+ char *cert = sdb_BuildFileName(directory, certPrefix,
+ "cert", cert_version);
+ char *key = sdb_BuildFileName(directory, keyPrefix,
+ "key", key_version);
+ CK_RV error = CKR_OK;
+ int inUpdate;
+ PRUint32 accessOps;
+
+ if (certdb)
+ *certdb = NULL;
+ if (keydb)
+ *keydb = NULL;
+ *newInit = 0;
+
+#ifdef SQLITE_UNSAFE_THREADS
+ if (sqlite_lock == NULL) {
+ sqlite_lock = PR_NewLock();
+ if (sqlite_lock == NULL) {
+ error = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+#endif
+
+ /* how long does it take to test for a non-existant file in our working
+ * directory? Allows us to test if we may be on a network file system */
+ accessOps = 1;
+ {
+ char *env;
+ env = PR_GetEnvSecure("NSS_SDB_USE_CACHE");
+ /* If the environment variable is set to yes or no, sdb_init() will
+ * ignore the value of accessOps, and we can skip the measuring.*/
+ if (!env || ((PORT_Strcasecmp(env, "no") != 0) &&
+ (PORT_Strcasecmp(env, "yes") != 0))) {
+ accessOps = sdb_measureAccess(directory);
+ }
+ }
+
+ /*
+ * open the cert data base
+ */
+ if (certdb) {
+ /* initialize Certificate database */
+ error = sdb_init(cert, "nssPublic", SDB_CERT, &inUpdate,
+ newInit, flags, accessOps, certdb);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+ }
+
+ /*
+ * open the key data base:
+ * NOTE:if we want to implement a single database, we open
+ * the same database file as the certificate here.
+ *
+ * cert an key db's have different tables, so they will not
+ * conflict.
+ */
+ if (keydb) {
+ /* initialize the Key database */
+ error = sdb_init(key, "nssPrivate", SDB_KEY, &inUpdate,
+ newInit, flags, accessOps, keydb);
+ if (error != CKR_OK) {
+ goto loser;
+ }
+ }
+
+loser:
+ if (cert) {
+ sqlite3_free(cert);
+ }
+ if (key) {
+ sqlite3_free(key);
+ }
+
+ if (error != CKR_OK) {
+ /* currently redundant, but could be necessary if more code is added
+ * just before loser */
+ if (keydb && *keydb) {
+ sdb_Close(*keydb);
+ }
+ if (certdb && *certdb) {
+ sdb_Close(*certdb);
+ }
+ }
+
+ return error;
+}
+
+CK_RV
+s_shutdown()
+{
+#ifdef SQLITE_UNSAFE_THREADS
+ if (sqlite_lock) {
+ PR_DestroyLock(sqlite_lock);
+ sqlite_lock = NULL;
+ }
+#endif
+ return CKR_OK;
+}
diff --git a/security/nss/lib/softoken/sdb.h b/security/nss/lib/softoken/sdb.h
new file mode 100644
index 000000000..04b873e02
--- /dev/null
+++ b/security/nss/lib/softoken/sdb.h
@@ -0,0 +1,93 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements PKCS 11 on top of our existing security modules
+ *
+ * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
+ * This implementation has two slots:
+ * slot 1 is our generic crypto support. It does not require login.
+ * It supports Public Key ops, and all they bulk ciphers and hashes.
+ * It can also support Private Key ops for imported Private keys. It does
+ * not have any token storage.
+ * slot 2 is our private key support. It requires a login before use. It
+ * can store Private Keys and Certs as token objects. Currently only private
+ * keys and their associated Certificates are saved on the token.
+ *
+ * In this implementation, session objects are only visible to the session
+ * that created or generated them.
+ */
+
+/*
+ * the following data structures should be moved to a 'rdb.h'.
+ */
+
+#ifndef _SDB_H
+#define _SDB_H 1
+#include "pkcs11t.h"
+#include "secitem.h"
+#include "sftkdbt.h"
+
+#define STATIC_CMD_SIZE 2048
+
+typedef struct SDBFindStr SDBFind;
+typedef struct SDBStr SDB;
+
+struct SDBStr {
+ void *private;
+ int version;
+ int reserved;
+ int sdb_flags;
+ void *app_private;
+ CK_RV(*sdb_FindObjectsInit)
+ (SDB *sdb, const CK_ATTRIBUTE *template,
+ CK_ULONG count, SDBFind **find);
+ CK_RV(*sdb_FindObjects)
+ (SDB *sdb, SDBFind *find, CK_OBJECT_HANDLE *ids,
+ CK_ULONG arraySize, CK_ULONG *count);
+ CK_RV(*sdb_FindObjectsFinal)
+ (SDB *sdb, SDBFind *find);
+ CK_RV(*sdb_GetAttributeValue)
+ (SDB *sdb, CK_OBJECT_HANDLE object,
+ CK_ATTRIBUTE *template, CK_ULONG count);
+ CK_RV(*sdb_SetAttributeValue)
+ (SDB *sdb, CK_OBJECT_HANDLE object,
+ const CK_ATTRIBUTE *template, CK_ULONG count);
+ CK_RV(*sdb_CreateObject)
+ (SDB *sdb, CK_OBJECT_HANDLE *object,
+ const CK_ATTRIBUTE *template, CK_ULONG count);
+ CK_RV(*sdb_DestroyObject)
+ (SDB *sdb, CK_OBJECT_HANDLE object);
+ CK_RV(*sdb_GetMetaData)
+ (SDB *sdb, const char *id,
+ SECItem *item1, SECItem *item2);
+ CK_RV(*sdb_PutMetaData)
+ (SDB *sdb, const char *id,
+ const SECItem *item1, const SECItem *item2);
+ CK_RV(*sdb_Begin)
+ (SDB *sdb);
+ CK_RV(*sdb_Commit)
+ (SDB *sdb);
+ CK_RV(*sdb_Abort)
+ (SDB *sdb);
+ CK_RV(*sdb_Reset)
+ (SDB *sdb);
+ CK_RV(*sdb_Close)
+ (SDB *sdb);
+ void (*sdb_SetForkState)(PRBool forked);
+};
+
+CK_RV s_open(const char *directory, const char *certPrefix,
+ const char *keyPrefix,
+ int cert_version, int key_version,
+ int flags, SDB **certdb, SDB **keydb, int *newInit);
+CK_RV s_shutdown();
+
+/* flags */
+#define SDB_RDONLY 1
+#define SDB_RDWR 2
+#define SDB_CREATE 4
+#define SDB_HAS_META 8
+#define SDB_FIPS 0x10
+
+#endif
diff --git a/security/nss/lib/softoken/sftkdb.c b/security/nss/lib/softoken/sftkdb.c
new file mode 100644
index 000000000..52e516117
--- /dev/null
+++ b/security/nss/lib/softoken/sftkdb.c
@@ -0,0 +1,2716 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. For the rest of NSS, only one kind of database handle exists:
+ *
+ * SFTKDBHandle
+ *
+ * There is one SFTKDBHandle for the each key database and one for each cert
+ * database. These databases are opened as associated pairs, one pair per
+ * slot. SFTKDBHandles are reference counted objects.
+ *
+ * Each SFTKDBHandle points to a low level database handle (SDB). This handle
+ * represents the underlying physical database. These objects are not
+ * reference counted, an are 'owned' by their respective SFTKDBHandles.
+ *
+ *
+ */
+#include "sftkdb.h"
+#include "sftkdbti.h"
+#include "pkcs11t.h"
+#include "pkcs11i.h"
+#include "sdb.h"
+#include "prprf.h"
+#include "pratom.h"
+#include "lgglue.h"
+#include "utilpars.h"
+#include "secerr.h"
+#include "softoken.h"
+
+/*
+ * We want all databases to have the same binary representation independent of
+ * endianness or length of the host architecture. In general PKCS #11 attributes
+ * are endian/length independent except those attributes that pass CK_ULONG.
+ *
+ * The following functions fixes up the CK_ULONG type attributes so that the data
+ * base sees a machine independent view. CK_ULONGs are stored as 4 byte network
+ * byte order values (big endian).
+ */
+#define BBP 8
+
+static PRBool
+sftkdb_isULONGAttribute(CK_ATTRIBUTE_TYPE type)
+{
+ switch (type) {
+ case CKA_CERTIFICATE_CATEGORY:
+ case CKA_CERTIFICATE_TYPE:
+ case CKA_CLASS:
+ case CKA_JAVA_MIDP_SECURITY_DOMAIN:
+ case CKA_KEY_GEN_MECHANISM:
+ case CKA_KEY_TYPE:
+ case CKA_MECHANISM_TYPE:
+ case CKA_MODULUS_BITS:
+ case CKA_PRIME_BITS:
+ case CKA_SUBPRIME_BITS:
+ case CKA_VALUE_BITS:
+ case CKA_VALUE_LEN:
+
+ case CKA_TRUST_DIGITAL_SIGNATURE:
+ case CKA_TRUST_NON_REPUDIATION:
+ case CKA_TRUST_KEY_ENCIPHERMENT:
+ case CKA_TRUST_DATA_ENCIPHERMENT:
+ case CKA_TRUST_KEY_AGREEMENT:
+ case CKA_TRUST_KEY_CERT_SIGN:
+ case CKA_TRUST_CRL_SIGN:
+
+ case CKA_TRUST_SERVER_AUTH:
+ case CKA_TRUST_CLIENT_AUTH:
+ case CKA_TRUST_CODE_SIGNING:
+ case CKA_TRUST_EMAIL_PROTECTION:
+ case CKA_TRUST_IPSEC_END_SYSTEM:
+ case CKA_TRUST_IPSEC_TUNNEL:
+ case CKA_TRUST_IPSEC_USER:
+ case CKA_TRUST_TIME_STAMPING:
+ case CKA_TRUST_STEP_UP_APPROVED:
+ return PR_TRUE;
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+/* are the attributes private? */
+static PRBool
+sftkdb_isPrivateAttribute(CK_ATTRIBUTE_TYPE type)
+{
+ switch (type) {
+ case CKA_VALUE:
+ case CKA_PRIVATE_EXPONENT:
+ case CKA_PRIME_1:
+ case CKA_PRIME_2:
+ case CKA_EXPONENT_1:
+ case CKA_EXPONENT_2:
+ case CKA_COEFFICIENT:
+ return PR_TRUE;
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+/* These attributes must be authenticated with an hmac. */
+static PRBool
+sftkdb_isAuthenticatedAttribute(CK_ATTRIBUTE_TYPE type)
+{
+ switch (type) {
+ case CKA_MODULUS:
+ case CKA_PUBLIC_EXPONENT:
+ case CKA_CERT_SHA1_HASH:
+ case CKA_CERT_MD5_HASH:
+ case CKA_TRUST_SERVER_AUTH:
+ case CKA_TRUST_CLIENT_AUTH:
+ case CKA_TRUST_EMAIL_PROTECTION:
+ case CKA_TRUST_CODE_SIGNING:
+ case CKA_TRUST_STEP_UP_APPROVED:
+ case CKA_NSS_OVERRIDE_EXTENSIONS:
+ return PR_TRUE;
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * convert a native ULONG to a database ulong. Database ulong's
+ * are all 4 byte big endian values.
+ */
+void
+sftk_ULong2SDBULong(unsigned char *data, CK_ULONG value)
+{
+ int i;
+
+ for (i = 0; i < SDB_ULONG_SIZE; i++) {
+ data[i] = (value >> (SDB_ULONG_SIZE - 1 - i) * BBP) & 0xff;
+ }
+}
+
+/*
+ * convert a database ulong back to a native ULONG. (reverse of the above
+ * function.
+ */
+static CK_ULONG
+sftk_SDBULong2ULong(unsigned char *data)
+{
+ int i;
+ CK_ULONG value = 0;
+
+ for (i = 0; i < SDB_ULONG_SIZE; i++) {
+ value |= (((CK_ULONG)data[i]) << (SDB_ULONG_SIZE - 1 - i) * BBP);
+ }
+ return value;
+}
+
+/*
+ * fix up the input templates. Our fixed up ints are stored in data and must
+ * be freed by the caller. The new template must also be freed. If there are no
+ * CK_ULONG attributes, the orignal template is passed in as is.
+ */
+static CK_ATTRIBUTE *
+sftkdb_fixupTemplateIn(const CK_ATTRIBUTE *template, int count,
+ unsigned char **dataOut)
+{
+ int i;
+ int ulongCount = 0;
+ unsigned char *data;
+ CK_ATTRIBUTE *ntemplate;
+
+ *dataOut = NULL;
+
+ /* first count the number of CK_ULONG attributes */
+ for (i = 0; i < count; i++) {
+ /* Don't 'fixup' NULL values */
+ if (!template[i].pValue) {
+ continue;
+ }
+ if (template[i].ulValueLen == sizeof(CK_ULONG)) {
+ if (sftkdb_isULONGAttribute(template[i].type)) {
+ ulongCount++;
+ }
+ }
+ }
+ /* no attributes to fixup, just call on through */
+ if (ulongCount == 0) {
+ return (CK_ATTRIBUTE *)template;
+ }
+
+ /* allocate space for new ULONGS */
+ data = (unsigned char *)PORT_Alloc(SDB_ULONG_SIZE * ulongCount);
+ if (!data) {
+ return NULL;
+ }
+
+ /* allocate new template */
+ ntemplate = PORT_NewArray(CK_ATTRIBUTE, count);
+ if (!ntemplate) {
+ PORT_Free(data);
+ return NULL;
+ }
+ *dataOut = data;
+ /* copy the old template, fixup the actual ulongs */
+ for (i = 0; i < count; i++) {
+ ntemplate[i] = template[i];
+ /* Don't 'fixup' NULL values */
+ if (!template[i].pValue) {
+ continue;
+ }
+ if (template[i].ulValueLen == sizeof(CK_ULONG)) {
+ if (sftkdb_isULONGAttribute(template[i].type)) {
+ CK_ULONG value = *(CK_ULONG *)template[i].pValue;
+ sftk_ULong2SDBULong(data, value);
+ ntemplate[i].pValue = data;
+ ntemplate[i].ulValueLen = SDB_ULONG_SIZE;
+ data += SDB_ULONG_SIZE;
+ }
+ }
+ }
+ return ntemplate;
+}
+
+static const char SFTKDB_META_SIG_TEMPLATE[] = "sig_%s_%08x_%08x";
+
+/*
+ * return a string describing the database type (key or cert)
+ */
+const char *
+sftkdb_TypeString(SFTKDBHandle *handle)
+{
+ return (handle->type == SFTK_KEYDB_TYPE) ? "key" : "cert";
+}
+
+/*
+ * Some attributes are signed with an Hmac and a pbe key generated from
+ * the password. This signature is stored indexed by object handle and
+ * attribute type in the meta data table in the key database.
+ *
+ * Signature entries are indexed by the string
+ * sig_[cert/key]_{ObjectID}_{Attribute}
+ *
+ * This function fetches that pkcs5 signature. Caller supplies a SECItem
+ * pre-allocated to the appropriate size if the SECItem is too small the
+ * function will fail with CKR_BUFFER_TOO_SMALL.
+ */
+static CK_RV
+sftkdb_getAttributeSignature(SFTKDBHandle *handle, SFTKDBHandle *keyHandle,
+ CK_OBJECT_HANDLE objectID, CK_ATTRIBUTE_TYPE type,
+ SECItem *signText)
+{
+ SDB *db;
+ char id[30];
+ CK_RV crv;
+
+ db = SFTK_GET_SDB(keyHandle);
+
+ sprintf(id, SFTKDB_META_SIG_TEMPLATE,
+ sftkdb_TypeString(handle),
+ (unsigned int)objectID, (unsigned int)type);
+
+ crv = (*db->sdb_GetMetaData)(db, id, signText, NULL);
+ return crv;
+}
+
+/*
+ * Some attributes are signed with an Hmac and a pbe key generated from
+ * the password. This signature is stored indexed by object handle and
+ * attribute type in the meta data table in the key database.
+ *
+ * Signature entries are indexed by the string
+ * sig_[cert/key]_{ObjectID}_{Attribute}
+ *
+ * This function stores that pkcs5 signature.
+ */
+CK_RV
+sftkdb_PutAttributeSignature(SFTKDBHandle *handle, SDB *keyTarget,
+ CK_OBJECT_HANDLE objectID, CK_ATTRIBUTE_TYPE type,
+ SECItem *signText)
+{
+ char id[30];
+ CK_RV crv;
+
+ sprintf(id, SFTKDB_META_SIG_TEMPLATE,
+ sftkdb_TypeString(handle),
+ (unsigned int)objectID, (unsigned int)type);
+
+ crv = (*keyTarget->sdb_PutMetaData)(keyTarget, id, signText, NULL);
+ return crv;
+}
+
+/*
+ * fix up returned data. NOTE: sftkdb_fixupTemplateIn has already allocated
+ * separate data sections for the database ULONG values.
+ */
+static CK_RV
+sftkdb_fixupTemplateOut(CK_ATTRIBUTE *template, CK_OBJECT_HANDLE objectID,
+ CK_ATTRIBUTE *ntemplate, int count, SFTKDBHandle *handle)
+{
+ int i;
+ CK_RV crv = CKR_OK;
+ SFTKDBHandle *keyHandle;
+ PRBool checkSig = PR_TRUE;
+ PRBool checkEnc = PR_TRUE;
+
+ PORT_Assert(handle);
+
+ /* find the key handle */
+ keyHandle = handle;
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ checkEnc = PR_FALSE;
+ keyHandle = handle->peerDB;
+ }
+
+ if ((keyHandle == NULL) ||
+ ((SFTK_GET_SDB(keyHandle)->sdb_flags & SDB_HAS_META) == 0) ||
+ (keyHandle->passwordKey.data == NULL)) {
+ checkSig = PR_FALSE;
+ }
+
+ for (i = 0; i < count; i++) {
+ CK_ULONG length = template[i].ulValueLen;
+ template[i].ulValueLen = ntemplate[i].ulValueLen;
+ /* fixup ulongs */
+ if (ntemplate[i].ulValueLen == SDB_ULONG_SIZE) {
+ if (sftkdb_isULONGAttribute(template[i].type)) {
+ if (template[i].pValue) {
+ CK_ULONG value;
+
+ value = sftk_SDBULong2ULong(ntemplate[i].pValue);
+ if (length < sizeof(CK_ULONG)) {
+ template[i].ulValueLen = -1;
+ crv = CKR_BUFFER_TOO_SMALL;
+ continue;
+ }
+ PORT_Memcpy(template[i].pValue, &value, sizeof(CK_ULONG));
+ }
+ template[i].ulValueLen = sizeof(CK_ULONG);
+ }
+ }
+
+ /* if no data was retrieved, no need to process encrypted or signed
+ * attributes */
+ if ((template[i].pValue == NULL) || (template[i].ulValueLen == -1)) {
+ continue;
+ }
+
+ /* fixup private attributes */
+ if (checkEnc && sftkdb_isPrivateAttribute(ntemplate[i].type)) {
+ /* we have a private attribute */
+ /* This code depends on the fact that the cipherText is bigger
+ * than the plain text */
+ SECItem cipherText;
+ SECItem *plainText;
+ SECStatus rv;
+
+ cipherText.data = ntemplate[i].pValue;
+ cipherText.len = ntemplate[i].ulValueLen;
+ PZ_Lock(handle->passwordLock);
+ if (handle->passwordKey.data == NULL) {
+ PZ_Unlock(handle->passwordLock);
+ template[i].ulValueLen = -1;
+ crv = CKR_USER_NOT_LOGGED_IN;
+ continue;
+ }
+ rv = sftkdb_DecryptAttribute(&handle->passwordKey,
+ &cipherText, &plainText);
+ PZ_Unlock(handle->passwordLock);
+ if (rv != SECSuccess) {
+ PORT_Memset(template[i].pValue, 0, template[i].ulValueLen);
+ template[i].ulValueLen = -1;
+ crv = CKR_GENERAL_ERROR;
+ continue;
+ }
+ PORT_Assert(template[i].ulValueLen >= plainText->len);
+ if (template[i].ulValueLen < plainText->len) {
+ SECITEM_FreeItem(plainText, PR_TRUE);
+ PORT_Memset(template[i].pValue, 0, template[i].ulValueLen);
+ template[i].ulValueLen = -1;
+ crv = CKR_GENERAL_ERROR;
+ continue;
+ }
+
+ /* copy the plain text back into the template */
+ PORT_Memcpy(template[i].pValue, plainText->data, plainText->len);
+ template[i].ulValueLen = plainText->len;
+ SECITEM_FreeItem(plainText, PR_TRUE);
+ }
+ /* make sure signed attributes are valid */
+ if (checkSig && sftkdb_isAuthenticatedAttribute(ntemplate[i].type)) {
+ SECStatus rv;
+ SECItem signText;
+ SECItem plainText;
+ unsigned char signData[SDB_MAX_META_DATA_LEN];
+
+ signText.data = signData;
+ signText.len = sizeof(signData);
+
+ rv = sftkdb_getAttributeSignature(handle, keyHandle,
+ objectID, ntemplate[i].type, &signText);
+ if (rv != SECSuccess) {
+ PORT_Memset(template[i].pValue, 0, template[i].ulValueLen);
+ template[i].ulValueLen = -1;
+ crv = CKR_DATA_INVALID; /* better error code? */
+ continue;
+ }
+
+ plainText.data = ntemplate[i].pValue;
+ plainText.len = ntemplate[i].ulValueLen;
+
+ /*
+ * we do a second check holding the lock just in case the user
+ * loggout while we were trying to get the signature.
+ */
+ PZ_Lock(keyHandle->passwordLock);
+ if (keyHandle->passwordKey.data == NULL) {
+ /* if we are no longer logged in, no use checking the other
+ * Signatures either. */
+ checkSig = PR_FALSE;
+ PZ_Unlock(keyHandle->passwordLock);
+ continue;
+ }
+
+ rv = sftkdb_VerifyAttribute(&keyHandle->passwordKey,
+ objectID, ntemplate[i].type,
+ &plainText, &signText);
+ PZ_Unlock(keyHandle->passwordLock);
+ if (rv != SECSuccess) {
+ PORT_Memset(template[i].pValue, 0, template[i].ulValueLen);
+ template[i].ulValueLen = -1;
+ crv = CKR_SIGNATURE_INVALID; /* better error code? */
+ }
+ /* This Attribute is fine */
+ }
+ }
+ return crv;
+}
+
+/*
+ * Some attributes are signed with an HMAC and a pbe key generated from
+ * the password. This signature is stored indexed by object handle and
+ *
+ * Those attributes are:
+ * 1) Trust object hashes and trust values.
+ * 2) public key values.
+ *
+ * Certs themselves are considered properly authenticated by virtue of their
+ * signature, or their matching hash with the trust object.
+ *
+ * These signature is only checked for objects coming from shared databases.
+ * Older dbm style databases have such no signature checks. HMACs are also
+ * only checked when the token is logged in, as it requires a pbe generated
+ * from the password.
+ *
+ * Tokens which have no key database (and therefore no master password) do not
+ * have any stored signature values. Signature values are stored in the key
+ * database, since the signature data is tightly coupled to the key database
+ * password.
+ *
+ * This function takes a template of attributes that were either created or
+ * modified. These attributes are checked to see if the need to be signed.
+ * If they do, then this function signs the attributes and writes them
+ * to the meta data store.
+ *
+ * This function can fail if there are attributes that must be signed, but
+ * the token is not logged in.
+ *
+ * The caller is expected to abort any transaction he was in in the
+ * event of a failure of this function.
+ */
+static CK_RV
+sftk_signTemplate(PLArenaPool *arena, SFTKDBHandle *handle,
+ PRBool mayBeUpdateDB,
+ CK_OBJECT_HANDLE objectID, const CK_ATTRIBUTE *template,
+ CK_ULONG count)
+{
+ unsigned int i;
+ CK_RV crv;
+ SFTKDBHandle *keyHandle = handle;
+ SDB *keyTarget = NULL;
+ PRBool usingPeerDB = PR_FALSE;
+ PRBool inPeerDBTransaction = PR_FALSE;
+
+ PORT_Assert(handle);
+
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ keyHandle = handle->peerDB;
+ usingPeerDB = PR_TRUE;
+ }
+
+ /* no key DB defined? then no need to sign anything */
+ if (keyHandle == NULL) {
+ crv = CKR_OK;
+ goto loser;
+ }
+
+ /* When we are in a middle of an update, we have an update database set,
+ * but we want to write to the real database. The bool mayBeUpdateDB is
+ * set to TRUE if it's possible that we want to write an update database
+ * rather than a primary */
+ keyTarget = (mayBeUpdateDB && keyHandle->update) ? keyHandle->update : keyHandle->db;
+
+ /* skip the the database does not support meta data */
+ if ((keyTarget->sdb_flags & SDB_HAS_META) == 0) {
+ crv = CKR_OK;
+ goto loser;
+ }
+
+ /* If we had to switch databases, we need to initialize a transaction. */
+ if (usingPeerDB) {
+ crv = (*keyTarget->sdb_Begin)(keyTarget);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ inPeerDBTransaction = PR_TRUE;
+ }
+
+ for (i = 0; i < count; i++) {
+ if (sftkdb_isAuthenticatedAttribute(template[i].type)) {
+ SECStatus rv;
+ SECItem *signText;
+ SECItem plainText;
+
+ plainText.data = template[i].pValue;
+ plainText.len = template[i].ulValueLen;
+ PZ_Lock(keyHandle->passwordLock);
+ if (keyHandle->passwordKey.data == NULL) {
+ PZ_Unlock(keyHandle->passwordLock);
+ crv = CKR_USER_NOT_LOGGED_IN;
+ goto loser;
+ }
+ rv = sftkdb_SignAttribute(arena, &keyHandle->passwordKey,
+ objectID, template[i].type,
+ &plainText, &signText);
+ PZ_Unlock(keyHandle->passwordLock);
+ if (rv != SECSuccess) {
+ crv = CKR_GENERAL_ERROR; /* better error code here? */
+ goto loser;
+ }
+ rv = sftkdb_PutAttributeSignature(handle, keyTarget,
+ objectID, template[i].type, signText);
+ if (rv != SECSuccess) {
+ crv = CKR_GENERAL_ERROR; /* better error code here? */
+ goto loser;
+ }
+ }
+ }
+ crv = CKR_OK;
+
+ /* If necessary, commit the transaction */
+ if (inPeerDBTransaction) {
+ crv = (*keyTarget->sdb_Commit)(keyTarget);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ inPeerDBTransaction = PR_FALSE;
+ }
+
+loser:
+ if (inPeerDBTransaction) {
+ /* The transaction must have failed. Abort. */
+ (*keyTarget->sdb_Abort)(keyTarget);
+ PORT_Assert(crv != CKR_OK);
+ if (crv == CKR_OK)
+ crv = CKR_GENERAL_ERROR;
+ }
+ return crv;
+}
+
+static CK_RV
+sftkdb_CreateObject(PLArenaPool *arena, SFTKDBHandle *handle,
+ SDB *db, CK_OBJECT_HANDLE *objectID,
+ CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ CK_RV crv;
+
+ crv = (*db->sdb_CreateObject)(db, objectID, template, count);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = sftk_signTemplate(arena, handle, (db == handle->update),
+ *objectID, template, count);
+loser:
+
+ return crv;
+}
+
+CK_ATTRIBUTE *
+sftk_ExtractTemplate(PLArenaPool *arena, SFTKObject *object,
+ SFTKDBHandle *handle, CK_ULONG *pcount,
+ CK_RV *crv)
+{
+ unsigned int count;
+ CK_ATTRIBUTE *template;
+ unsigned int i, templateIndex;
+ SFTKSessionObject *sessObject = sftk_narrowToSessionObject(object);
+ PRBool doEnc = PR_TRUE;
+
+ *crv = CKR_OK;
+
+ if (sessObject == NULL) {
+ *crv = CKR_GENERAL_ERROR; /* internal programming error */
+ return NULL;
+ }
+
+ PORT_Assert(handle);
+ /* find the key handle */
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ doEnc = PR_FALSE;
+ }
+
+ PZ_Lock(sessObject->attributeLock);
+ count = 0;
+ for (i = 0; i < sessObject->hashSize; i++) {
+ SFTKAttribute *attr;
+ for (attr = sessObject->head[i]; attr; attr = attr->next) {
+ count++;
+ }
+ }
+ template = PORT_ArenaNewArray(arena, CK_ATTRIBUTE, count);
+ if (template == NULL) {
+ PZ_Unlock(sessObject->attributeLock);
+ *crv = CKR_HOST_MEMORY;
+ return NULL;
+ }
+ templateIndex = 0;
+ for (i = 0; i < sessObject->hashSize; i++) {
+ SFTKAttribute *attr;
+ for (attr = sessObject->head[i]; attr; attr = attr->next) {
+ CK_ATTRIBUTE *tp = &template[templateIndex++];
+ /* copy the attribute */
+ *tp = attr->attrib;
+
+ /* fixup ULONG s */
+ if ((tp->ulValueLen == sizeof(CK_ULONG)) &&
+ (sftkdb_isULONGAttribute(tp->type))) {
+ CK_ULONG value = *(CK_ULONG *)tp->pValue;
+ unsigned char *data;
+
+ tp->pValue = PORT_ArenaAlloc(arena, SDB_ULONG_SIZE);
+ data = (unsigned char *)tp->pValue;
+ if (data == NULL) {
+ *crv = CKR_HOST_MEMORY;
+ break;
+ }
+ sftk_ULong2SDBULong(data, value);
+ tp->ulValueLen = SDB_ULONG_SIZE;
+ }
+
+ /* encrypt private attributes */
+ if (doEnc && sftkdb_isPrivateAttribute(tp->type)) {
+ /* we have a private attribute */
+ SECItem *cipherText;
+ SECItem plainText;
+ SECStatus rv;
+
+ plainText.data = tp->pValue;
+ plainText.len = tp->ulValueLen;
+ PZ_Lock(handle->passwordLock);
+ if (handle->passwordKey.data == NULL) {
+ PZ_Unlock(handle->passwordLock);
+ *crv = CKR_USER_NOT_LOGGED_IN;
+ break;
+ }
+ rv = sftkdb_EncryptAttribute(arena, &handle->passwordKey,
+ &plainText, &cipherText);
+ PZ_Unlock(handle->passwordLock);
+ if (rv == SECSuccess) {
+ tp->pValue = cipherText->data;
+ tp->ulValueLen = cipherText->len;
+ } else {
+ *crv = CKR_GENERAL_ERROR; /* better error code here? */
+ break;
+ }
+ PORT_Memset(plainText.data, 0, plainText.len);
+ }
+ }
+ }
+ PORT_Assert(templateIndex <= count);
+ PZ_Unlock(sessObject->attributeLock);
+
+ if (*crv != CKR_OK) {
+ return NULL;
+ }
+ if (pcount) {
+ *pcount = count;
+ }
+ return template;
+}
+
+/*
+ * return a pointer to the attribute in the give template.
+ * The return value is not const, as the caller may modify
+ * the given attribute value, but such modifications will
+ * modify the actual value in the template.
+ */
+static CK_ATTRIBUTE *
+sftkdb_getAttributeFromTemplate(CK_ATTRIBUTE_TYPE attribute,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG len)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < len; i++) {
+ if (attribute == ptemplate[i].type) {
+ return &ptemplate[i];
+ }
+ }
+ return NULL;
+}
+
+static const CK_ATTRIBUTE *
+sftkdb_getAttributeFromConstTemplate(CK_ATTRIBUTE_TYPE attribute,
+ const CK_ATTRIBUTE *ptemplate, CK_ULONG len)
+{
+ CK_ULONG i;
+
+ for (i = 0; i < len; i++) {
+ if (attribute == ptemplate[i].type) {
+ return &ptemplate[i];
+ }
+ }
+ return NULL;
+}
+
+/*
+ * fetch a template which identifies 'unique' entries based on object type
+ */
+static CK_RV
+sftkdb_getFindTemplate(CK_OBJECT_CLASS objectType, unsigned char *objTypeData,
+ CK_ATTRIBUTE *findTemplate, CK_ULONG *findCount,
+ CK_ATTRIBUTE *ptemplate, int len)
+{
+ CK_ATTRIBUTE *attr;
+ CK_ULONG count = 1;
+
+ sftk_ULong2SDBULong(objTypeData, objectType);
+ findTemplate[0].type = CKA_CLASS;
+ findTemplate[0].pValue = objTypeData;
+ findTemplate[0].ulValueLen = SDB_ULONG_SIZE;
+
+ switch (objectType) {
+ case CKO_CERTIFICATE:
+ case CKO_NSS_TRUST:
+ attr = sftkdb_getAttributeFromTemplate(CKA_ISSUER, ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ findTemplate[1] = *attr;
+ attr = sftkdb_getAttributeFromTemplate(CKA_SERIAL_NUMBER,
+ ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ findTemplate[2] = *attr;
+ count = 3;
+ break;
+
+ case CKO_PRIVATE_KEY:
+ case CKO_PUBLIC_KEY:
+ case CKO_SECRET_KEY:
+ attr = sftkdb_getAttributeFromTemplate(CKA_ID, ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (attr->ulValueLen == 0) {
+ /* key is too generic to determine that it's unique, usually
+ * happens in the key gen case */
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ findTemplate[1] = *attr;
+ count = 2;
+ break;
+
+ case CKO_NSS_CRL:
+ attr = sftkdb_getAttributeFromTemplate(CKA_SUBJECT, ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ findTemplate[1] = *attr;
+ count = 2;
+ break;
+
+ case CKO_NSS_SMIME:
+ attr = sftkdb_getAttributeFromTemplate(CKA_SUBJECT, ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ findTemplate[1] = *attr;
+ attr = sftkdb_getAttributeFromTemplate(CKA_NSS_EMAIL, ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ findTemplate[2] = *attr;
+ count = 3;
+ break;
+ default:
+ attr = sftkdb_getAttributeFromTemplate(CKA_VALUE, ptemplate, len);
+ if (attr == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ findTemplate[1] = *attr;
+ count = 2;
+ break;
+ }
+ *findCount = count;
+
+ return CKR_OK;
+}
+
+/*
+ * look to see if this object already exists and return its object ID if
+ * it does.
+ */
+static CK_RV
+sftkdb_lookupObject(SDB *db, CK_OBJECT_CLASS objectType,
+ CK_OBJECT_HANDLE *id, CK_ATTRIBUTE *ptemplate, CK_ULONG len)
+{
+ CK_ATTRIBUTE findTemplate[3];
+ CK_ULONG count = 1;
+ CK_ULONG objCount = 0;
+ SDBFind *find = NULL;
+ unsigned char objTypeData[SDB_ULONG_SIZE];
+ CK_RV crv;
+
+ *id = CK_INVALID_HANDLE;
+ if (objectType == CKO_NSS_CRL) {
+ return CKR_OK;
+ }
+ crv = sftkdb_getFindTemplate(objectType, objTypeData,
+ findTemplate, &count, ptemplate, len);
+
+ if (crv == CKR_OBJECT_HANDLE_INVALID) {
+ /* key is too generic to determine that it's unique, usually
+ * happens in the key gen case, tell the caller to go ahead
+ * and just create it */
+ return CKR_OK;
+ }
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /* use the raw find, so we get the correct database */
+ crv = (*db->sdb_FindObjectsInit)(db, findTemplate, count, &find);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ (*db->sdb_FindObjects)(db, find, id, 1, &objCount);
+ (*db->sdb_FindObjectsFinal)(db, find);
+
+ if (objCount == 0) {
+ *id = CK_INVALID_HANDLE;
+ }
+ return CKR_OK;
+}
+
+/*
+ * check to see if this template conflicts with others in our current database.
+ */
+static CK_RV
+sftkdb_checkConflicts(SDB *db, CK_OBJECT_CLASS objectType,
+ const CK_ATTRIBUTE *ptemplate, CK_ULONG len,
+ CK_OBJECT_HANDLE sourceID)
+{
+ CK_ATTRIBUTE findTemplate[2];
+ unsigned char objTypeData[SDB_ULONG_SIZE];
+ /* we may need to allocate some temporaries. Keep track of what was
+ * allocated so we can free it in the end */
+ unsigned char *temp1 = NULL;
+ unsigned char *temp2 = NULL;
+ CK_ULONG objCount = 0;
+ SDBFind *find = NULL;
+ CK_OBJECT_HANDLE id;
+ const CK_ATTRIBUTE *attr, *attr2;
+ CK_RV crv;
+ CK_ATTRIBUTE subject;
+
+ /* Currently the only conflict is with nicknames pointing to the same
+ * subject when creating or modifying a certificate. */
+ /* If the object is not a cert, no problem. */
+ if (objectType != CKO_CERTIFICATE) {
+ return CKR_OK;
+ }
+ /* if not setting a nickname then there's still no problem */
+ attr = sftkdb_getAttributeFromConstTemplate(CKA_LABEL, ptemplate, len);
+ if ((attr == NULL) || (attr->ulValueLen == 0)) {
+ return CKR_OK;
+ }
+ /* fetch the subject of the source. For creation and merge, this should
+ * be found in the template */
+ attr2 = sftkdb_getAttributeFromConstTemplate(CKA_SUBJECT, ptemplate, len);
+ if (sourceID == CK_INVALID_HANDLE) {
+ if ((attr2 == NULL) || ((CK_LONG)attr2->ulValueLen < 0)) {
+ crv = CKR_TEMPLATE_INCOMPLETE;
+ goto done;
+ }
+ } else if ((attr2 == NULL) || ((CK_LONG)attr2->ulValueLen <= 0)) {
+ /* sourceID is set if we are trying to modify an existing entry instead
+ * of creating a new one. In this case the subject may not be (probably
+ * isn't) in the template, we have to read it from the database */
+ subject.type = CKA_SUBJECT;
+ subject.pValue = NULL;
+ subject.ulValueLen = 0;
+ crv = (*db->sdb_GetAttributeValue)(db, sourceID, &subject, 1);
+ if (crv != CKR_OK) {
+ goto done;
+ }
+ if ((CK_LONG)subject.ulValueLen < 0) {
+ crv = CKR_DEVICE_ERROR; /* closest pkcs11 error to corrupted DB */
+ goto done;
+ }
+ temp1 = subject.pValue = PORT_Alloc(++subject.ulValueLen);
+ if (temp1 == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto done;
+ }
+ crv = (*db->sdb_GetAttributeValue)(db, sourceID, &subject, 1);
+ if (crv != CKR_OK) {
+ goto done;
+ }
+ attr2 = &subject;
+ }
+
+ /* check for another cert in the database with the same nickname */
+ sftk_ULong2SDBULong(objTypeData, objectType);
+ findTemplate[0].type = CKA_CLASS;
+ findTemplate[0].pValue = objTypeData;
+ findTemplate[0].ulValueLen = SDB_ULONG_SIZE;
+ findTemplate[1] = *attr;
+
+ crv = (*db->sdb_FindObjectsInit)(db, findTemplate, 2, &find);
+ if (crv != CKR_OK) {
+ goto done;
+ }
+ (*db->sdb_FindObjects)(db, find, &id, 1, &objCount);
+ (*db->sdb_FindObjectsFinal)(db, find);
+
+ /* object count == 0 means no conflicting certs found,
+ * go on with the operation */
+ if (objCount == 0) {
+ crv = CKR_OK;
+ goto done;
+ }
+
+ /* There is a least one cert that shares the nickname, make sure it also
+ * matches the subject. */
+ findTemplate[0] = *attr2;
+ /* we know how big the source subject was. Use that length to create the
+ * space for the target. If it's not enough space, then it means the
+ * source subject is too big, and therefore not a match. GetAttributeValue
+ * will return CKR_BUFFER_TOO_SMALL. Otherwise it should be exactly enough
+ * space (or enough space to be able to compare the result. */
+ temp2 = findTemplate[0].pValue = PORT_Alloc(++findTemplate[0].ulValueLen);
+ if (temp2 == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto done;
+ }
+ crv = (*db->sdb_GetAttributeValue)(db, id, findTemplate, 1);
+ if (crv != CKR_OK) {
+ if (crv == CKR_BUFFER_TOO_SMALL) {
+ /* if our buffer is too small, then the Subjects clearly do
+ * not match */
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ /* otherwise we couldn't get the value, just fail */
+ goto done;
+ }
+
+ /* Ok, we have both subjects, make sure they are the same.
+ * Compare the subjects */
+ if ((findTemplate[0].ulValueLen != attr2->ulValueLen) ||
+ (attr2->ulValueLen > 0 &&
+ PORT_Memcmp(findTemplate[0].pValue, attr2->pValue, attr2->ulValueLen) != 0)) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+ crv = CKR_OK;
+
+done:
+ /* If we've failed for some other reason than a conflict, make sure we
+ * return an error code other than CKR_ATTRIBUTE_VALUE_INVALID.
+ * (NOTE: neither sdb_FindObjectsInit nor sdb_GetAttributeValue should
+ * return CKR_ATTRIBUTE_VALUE_INVALID, so the following is paranoia).
+ */
+ if (crv == CKR_ATTRIBUTE_VALUE_INVALID) {
+ crv = CKR_GENERAL_ERROR; /* clearly a programming error */
+ }
+
+/* exit point if we found a conflict */
+loser:
+ PORT_Free(temp1);
+ PORT_Free(temp2);
+ return crv;
+}
+
+/*
+ * try to update the template to fix any errors. This is only done
+ * during update.
+ *
+ * NOTE: we must update the template or return an error, or the update caller
+ * will loop forever!
+ *
+ * Two copies of the source code for this algorithm exist in NSS.
+ * Changes must be made in both copies.
+ * The other copy is in pk11_IncrementNickname() in pk11wrap/pk11merge.c.
+ *
+ */
+static CK_RV
+sftkdb_resolveConflicts(PLArenaPool *arena, CK_OBJECT_CLASS objectType,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG *plen)
+{
+ CK_ATTRIBUTE *attr;
+ char *nickname, *newNickname;
+ unsigned int end, digit;
+
+ /* sanity checks. We should never get here with these errors */
+ if (objectType != CKO_CERTIFICATE) {
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+ attr = sftkdb_getAttributeFromTemplate(CKA_LABEL, ptemplate, *plen);
+ if ((attr == NULL) || (attr->ulValueLen == 0)) {
+ return CKR_GENERAL_ERROR; /* shouldn't happen */
+ }
+
+ /* update the nickname */
+ /* is there a number at the end of the nickname already?
+ * if so just increment that number */
+ nickname = (char *)attr->pValue;
+
+ /* does nickname end with " #n*" ? */
+ for (end = attr->ulValueLen - 1;
+ end >= 2 && (digit = nickname[end]) <= '9' && digit >= '0';
+ end--) /* just scan */
+ ;
+ if (attr->ulValueLen >= 3 &&
+ end < (attr->ulValueLen - 1) /* at least one digit */ &&
+ nickname[end] == '#' &&
+ nickname[end - 1] == ' ') {
+ /* Already has a suitable suffix string */
+ } else {
+ /* ... append " #2" to the name */
+ static const char num2[] = " #2";
+ newNickname = PORT_ArenaAlloc(arena, attr->ulValueLen + sizeof(num2));
+ if (!newNickname) {
+ return CKR_HOST_MEMORY;
+ }
+ PORT_Memcpy(newNickname, nickname, attr->ulValueLen);
+ PORT_Memcpy(&newNickname[attr->ulValueLen], num2, sizeof(num2));
+ attr->pValue = newNickname; /* modifies ptemplate */
+ attr->ulValueLen += 3; /* 3 is strlen(num2) */
+ return CKR_OK;
+ }
+
+ for (end = attr->ulValueLen; end-- > 0;) {
+ digit = nickname[end];
+ if (digit > '9' || digit < '0') {
+ break;
+ }
+ if (digit < '9') {
+ nickname[end]++;
+ return CKR_OK;
+ }
+ nickname[end] = '0';
+ }
+
+ /* we overflowed, insert a new '1' for a carry in front of the number */
+ newNickname = PORT_ArenaAlloc(arena, attr->ulValueLen + 1);
+ if (!newNickname) {
+ return CKR_HOST_MEMORY;
+ }
+ /* PORT_Memcpy should handle len of '0' */
+ PORT_Memcpy(newNickname, nickname, ++end);
+ newNickname[end] = '1';
+ PORT_Memset(&newNickname[end + 1], '0', attr->ulValueLen - end);
+ attr->pValue = newNickname;
+ attr->ulValueLen++;
+ return CKR_OK;
+}
+
+/*
+ * set an attribute and sign it if necessary
+ */
+static CK_RV
+sftkdb_setAttributeValue(PLArenaPool *arena, SFTKDBHandle *handle,
+ SDB *db, CK_OBJECT_HANDLE objectID, const CK_ATTRIBUTE *template,
+ CK_ULONG count)
+{
+ CK_RV crv;
+ crv = (*db->sdb_SetAttributeValue)(db, objectID, template, count);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_signTemplate(arena, handle, db == handle->update,
+ objectID, template, count);
+ return crv;
+}
+
+/*
+ * write a softoken object out to the database.
+ */
+CK_RV
+sftkdb_write(SFTKDBHandle *handle, SFTKObject *object,
+ CK_OBJECT_HANDLE *objectID)
+{
+ CK_ATTRIBUTE *template;
+ PLArenaPool *arena;
+ CK_ULONG count;
+ CK_RV crv;
+ SDB *db;
+ PRBool inTransaction = PR_FALSE;
+ CK_OBJECT_HANDLE id;
+
+ *objectID = CK_INVALID_HANDLE;
+
+ if (handle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ db = SFTK_GET_SDB(handle);
+
+ /*
+ * we have opened a new database, but we have not yet updated it. We are
+ * still running pointing to the old database (so the application can
+ * still read). We don't want to write to the old database at this point,
+ * however, since it leads to user confusion. So at this point we simply
+ * require a user login. Let NSS know this so it can prompt the user.
+ */
+ if (db == handle->update) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ arena = PORT_NewArena(256);
+ if (arena == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ template = sftk_ExtractTemplate(arena, object, handle, &count, &crv);
+ if (!template) {
+ goto loser;
+ }
+
+ crv = (*db->sdb_Begin)(db);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ inTransaction = PR_TRUE;
+
+ /*
+ * We want to make the base database as free from object specific knowledge
+ * as possible. To maintain compatibility, keep some of the desirable
+ * object specific semantics of the old database.
+ *
+ * These were 2 fold:
+ * 1) there were certain conflicts (like trying to set the same nickname
+ * on two different subjects) that would return an error.
+ * 2) Importing the 'same' object would silently update that object.
+ *
+ * The following 2 functions mimic the desirable effects of these two
+ * semantics without pushing any object knowledge to the underlying database
+ * code.
+ */
+
+ /* make sure we don't have attributes that conflict with the existing DB */
+ crv = sftkdb_checkConflicts(db, object->objclass, template, count,
+ CK_INVALID_HANDLE);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ /* Find any copies that match this particular object */
+ crv = sftkdb_lookupObject(db, object->objclass, &id, template, count);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ if (id == CK_INVALID_HANDLE) {
+ crv = sftkdb_CreateObject(arena, handle, db, objectID, template, count);
+ } else {
+ /* object already exists, modify it's attributes */
+ *objectID = id;
+ crv = sftkdb_setAttributeValue(arena, handle, db, id, template, count);
+ }
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ crv = (*db->sdb_Commit)(db);
+ inTransaction = PR_FALSE;
+
+loser:
+ if (inTransaction) {
+ (*db->sdb_Abort)(db);
+ /* It is trivial to show the following code cannot
+ * happen unless something is horribly wrong with our compilier or
+ * hardware */
+ PORT_Assert(crv != CKR_OK);
+ if (crv == CKR_OK)
+ crv = CKR_GENERAL_ERROR;
+ }
+
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ if (crv == CKR_OK) {
+ *objectID |= (handle->type | SFTK_TOKEN_TYPE);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_FindObjectsInit(SFTKDBHandle *handle, const CK_ATTRIBUTE *template,
+ CK_ULONG count, SDBFind **find)
+{
+ unsigned char *data = NULL;
+ CK_ATTRIBUTE *ntemplate = NULL;
+ CK_RV crv;
+ SDB *db;
+
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ db = SFTK_GET_SDB(handle);
+
+ if (count != 0) {
+ ntemplate = sftkdb_fixupTemplateIn(template, count, &data);
+ if (ntemplate == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ }
+
+ crv = (*db->sdb_FindObjectsInit)(db, ntemplate,
+ count, find);
+ if (data) {
+ PORT_Free(ntemplate);
+ PORT_Free(data);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_FindObjects(SFTKDBHandle *handle, SDBFind *find,
+ CK_OBJECT_HANDLE *ids, int arraySize, CK_ULONG *count)
+{
+ CK_RV crv;
+ SDB *db;
+
+ if (handle == NULL) {
+ *count = 0;
+ return CKR_OK;
+ }
+ db = SFTK_GET_SDB(handle);
+
+ crv = (*db->sdb_FindObjects)(db, find, ids,
+ arraySize, count);
+ if (crv == CKR_OK) {
+ unsigned int i;
+ for (i = 0; i < *count; i++) {
+ ids[i] |= (handle->type | SFTK_TOKEN_TYPE);
+ }
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_FindObjectsFinal(SFTKDBHandle *handle, SDBFind *find)
+{
+ SDB *db;
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ db = SFTK_GET_SDB(handle);
+ return (*db->sdb_FindObjectsFinal)(db, find);
+}
+
+CK_RV
+sftkdb_GetAttributeValue(SFTKDBHandle *handle, CK_OBJECT_HANDLE objectID,
+ CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ CK_RV crv, crv2;
+ CK_ATTRIBUTE *ntemplate;
+ unsigned char *data = NULL;
+ SDB *db;
+
+ if (handle == NULL) {
+ return CKR_GENERAL_ERROR;
+ }
+
+ /* short circuit common attributes */
+ if (count == 1 &&
+ (template[0].type == CKA_TOKEN ||
+ template[0].type == CKA_PRIVATE ||
+ template[0].type == CKA_SENSITIVE)) {
+ CK_BBOOL boolVal = CK_TRUE;
+
+ if (template[0].pValue == NULL) {
+ template[0].ulValueLen = sizeof(CK_BBOOL);
+ return CKR_OK;
+ }
+ if (template[0].ulValueLen < sizeof(CK_BBOOL)) {
+ template[0].ulValueLen = -1;
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ if ((template[0].type == CKA_PRIVATE) &&
+ (handle->type != SFTK_KEYDB_TYPE)) {
+ boolVal = CK_FALSE;
+ }
+ if ((template[0].type == CKA_SENSITIVE) &&
+ (handle->type != SFTK_KEYDB_TYPE)) {
+ boolVal = CK_FALSE;
+ }
+ *(CK_BBOOL *)template[0].pValue = boolVal;
+ template[0].ulValueLen = sizeof(CK_BBOOL);
+ return CKR_OK;
+ }
+
+ db = SFTK_GET_SDB(handle);
+ /* nothing to do */
+ if (count == 0) {
+ return CKR_OK;
+ }
+ ntemplate = sftkdb_fixupTemplateIn(template, count, &data);
+ if (ntemplate == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ objectID &= SFTK_OBJ_ID_MASK;
+ crv = (*db->sdb_GetAttributeValue)(db, objectID,
+ ntemplate, count);
+ crv2 = sftkdb_fixupTemplateOut(template, objectID, ntemplate,
+ count, handle);
+ if (crv == CKR_OK)
+ crv = crv2;
+ if (data) {
+ PORT_Free(ntemplate);
+ PORT_Free(data);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_SetAttributeValue(SFTKDBHandle *handle, SFTKObject *object,
+ const CK_ATTRIBUTE *template, CK_ULONG count)
+{
+ CK_ATTRIBUTE *ntemplate;
+ unsigned char *data = NULL;
+ PLArenaPool *arena = NULL;
+ SDB *db;
+ CK_RV crv = CKR_OK;
+ CK_OBJECT_HANDLE objectID = (object->handle & SFTK_OBJ_ID_MASK);
+ PRBool inTransaction = PR_FALSE;
+
+ if (handle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ db = SFTK_GET_SDB(handle);
+ /* nothing to do */
+ if (count == 0) {
+ return CKR_OK;
+ }
+ /*
+ * we have opened a new database, but we have not yet updated it. We are
+ * still running pointing to the old database (so the application can
+ * still read). We don't want to write to the old database at this point,
+ * however, since it leads to user confusion. So at this point we simply
+ * require a user login. Let NSS know this so it can prompt the user.
+ */
+ if (db == handle->update) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ ntemplate = sftkdb_fixupTemplateIn(template, count, &data);
+ if (ntemplate == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* make sure we don't have attributes that conflict with the existing DB */
+ crv = sftkdb_checkConflicts(db, object->objclass, template, count, objectID);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ arena = PORT_NewArena(256);
+ if (arena == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+
+ crv = (*db->sdb_Begin)(db);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ inTransaction = PR_TRUE;
+ crv = sftkdb_setAttributeValue(arena, handle, db,
+ objectID, template, count);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = (*db->sdb_Commit)(db);
+loser:
+ if (crv != CKR_OK && inTransaction) {
+ (*db->sdb_Abort)(db);
+ }
+ if (data) {
+ PORT_Free(ntemplate);
+ PORT_Free(data);
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_DestroyObject(SFTKDBHandle *handle, CK_OBJECT_HANDLE objectID)
+{
+ CK_RV crv = CKR_OK;
+ SDB *db;
+
+ if (handle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ db = SFTK_GET_SDB(handle);
+ objectID &= SFTK_OBJ_ID_MASK;
+ crv = (*db->sdb_Begin)(db);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = (*db->sdb_DestroyObject)(db, objectID);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = (*db->sdb_Commit)(db);
+loser:
+ if (crv != CKR_OK) {
+ (*db->sdb_Abort)(db);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_CloseDB(SFTKDBHandle *handle)
+{
+#ifdef NO_FORK_CHECK
+ PRBool parentForkedAfterC_Initialize = PR_FALSE;
+#endif
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ if (handle->update) {
+ if (handle->db->sdb_SetForkState) {
+ (*handle->db->sdb_SetForkState)(parentForkedAfterC_Initialize);
+ }
+ (*handle->update->sdb_Close)(handle->update);
+ }
+ if (handle->db) {
+ if (handle->db->sdb_SetForkState) {
+ (*handle->db->sdb_SetForkState)(parentForkedAfterC_Initialize);
+ }
+ (*handle->db->sdb_Close)(handle->db);
+ }
+ if (handle->passwordKey.data) {
+ PORT_ZFree(handle->passwordKey.data, handle->passwordKey.len);
+ }
+ if (handle->passwordLock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(handle->passwordLock));
+ }
+ if (handle->updatePasswordKey) {
+ SECITEM_FreeItem(handle->updatePasswordKey, PR_TRUE);
+ }
+ if (handle->updateID) {
+ PORT_Free(handle->updateID);
+ }
+ PORT_Free(handle);
+ return CKR_OK;
+}
+
+/*
+ * reset a database to it's uninitialized state.
+ */
+static CK_RV
+sftkdb_ResetDB(SFTKDBHandle *handle)
+{
+ CK_RV crv = CKR_OK;
+ SDB *db;
+ if (handle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+ db = SFTK_GET_SDB(handle);
+ crv = (*db->sdb_Begin)(db);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = (*db->sdb_Reset)(db);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ crv = (*db->sdb_Commit)(db);
+loser:
+ if (crv != CKR_OK) {
+ (*db->sdb_Abort)(db);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_Begin(SFTKDBHandle *handle)
+{
+ CK_RV crv = CKR_OK;
+ SDB *db;
+
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ db = SFTK_GET_SDB(handle);
+ if (db) {
+ crv = (*db->sdb_Begin)(db);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_Commit(SFTKDBHandle *handle)
+{
+ CK_RV crv = CKR_OK;
+ SDB *db;
+
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ db = SFTK_GET_SDB(handle);
+ if (db) {
+ (*db->sdb_Commit)(db);
+ }
+ return crv;
+}
+
+CK_RV
+sftkdb_Abort(SFTKDBHandle *handle)
+{
+ CK_RV crv = CKR_OK;
+ SDB *db;
+
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ db = SFTK_GET_SDB(handle);
+ if (db) {
+ crv = (db->sdb_Abort)(db);
+ }
+ return crv;
+}
+
+/*
+ * functions to update the database from an old database
+ */
+
+/*
+ * known attributes
+ */
+static const CK_ATTRIBUTE_TYPE known_attributes[] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_LABEL, CKA_APPLICATION,
+ CKA_VALUE, CKA_OBJECT_ID, CKA_CERTIFICATE_TYPE, CKA_ISSUER,
+ CKA_SERIAL_NUMBER, CKA_AC_ISSUER, CKA_OWNER, CKA_ATTR_TYPES, CKA_TRUSTED,
+ CKA_CERTIFICATE_CATEGORY, CKA_JAVA_MIDP_SECURITY_DOMAIN, CKA_URL,
+ CKA_HASH_OF_SUBJECT_PUBLIC_KEY, CKA_HASH_OF_ISSUER_PUBLIC_KEY,
+ CKA_CHECK_VALUE, CKA_KEY_TYPE, CKA_SUBJECT, CKA_ID, CKA_SENSITIVE,
+ CKA_ENCRYPT, CKA_DECRYPT, CKA_WRAP, CKA_UNWRAP, CKA_SIGN, CKA_SIGN_RECOVER,
+ CKA_VERIFY, CKA_VERIFY_RECOVER, CKA_DERIVE, CKA_START_DATE, CKA_END_DATE,
+ CKA_MODULUS, CKA_MODULUS_BITS, CKA_PUBLIC_EXPONENT, CKA_PRIVATE_EXPONENT,
+ CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2, CKA_COEFFICIENT,
+ CKA_PRIME, CKA_SUBPRIME, CKA_BASE, CKA_PRIME_BITS,
+ CKA_SUB_PRIME_BITS, CKA_VALUE_BITS, CKA_VALUE_LEN, CKA_EXTRACTABLE,
+ CKA_LOCAL, CKA_NEVER_EXTRACTABLE, CKA_ALWAYS_SENSITIVE,
+ CKA_KEY_GEN_MECHANISM, CKA_MODIFIABLE, CKA_EC_PARAMS,
+ CKA_EC_POINT, CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
+ CKA_ALWAYS_AUTHENTICATE, CKA_WRAP_WITH_TRUSTED, CKA_WRAP_TEMPLATE,
+ CKA_UNWRAP_TEMPLATE, CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT,
+ CKA_HAS_RESET, CKA_PIXEL_X, CKA_PIXEL_Y, CKA_RESOLUTION, CKA_CHAR_ROWS,
+ CKA_CHAR_COLUMNS, CKA_COLOR, CKA_BITS_PER_PIXEL, CKA_CHAR_SETS,
+ CKA_ENCODING_METHODS, CKA_MIME_TYPES, CKA_MECHANISM_TYPE,
+ CKA_REQUIRED_CMS_ATTRIBUTES, CKA_DEFAULT_CMS_ATTRIBUTES,
+ CKA_SUPPORTED_CMS_ATTRIBUTES, CKA_NSS_URL, CKA_NSS_EMAIL,
+ CKA_NSS_SMIME_INFO, CKA_NSS_SMIME_TIMESTAMP,
+ CKA_NSS_PKCS8_SALT, CKA_NSS_PASSWORD_CHECK, CKA_NSS_EXPIRES,
+ CKA_NSS_KRL, CKA_NSS_PQG_COUNTER, CKA_NSS_PQG_SEED,
+ CKA_NSS_PQG_H, CKA_NSS_PQG_SEED_BITS, CKA_NSS_MODULE_SPEC,
+ CKA_TRUST_DIGITAL_SIGNATURE, CKA_TRUST_NON_REPUDIATION,
+ CKA_TRUST_KEY_ENCIPHERMENT, CKA_TRUST_DATA_ENCIPHERMENT,
+ CKA_TRUST_KEY_AGREEMENT, CKA_TRUST_KEY_CERT_SIGN, CKA_TRUST_CRL_SIGN,
+ CKA_TRUST_SERVER_AUTH, CKA_TRUST_CLIENT_AUTH, CKA_TRUST_CODE_SIGNING,
+ CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM,
+ CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING,
+ CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH,
+ CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS
+};
+
+static unsigned int known_attributes_size = sizeof(known_attributes) /
+ sizeof(known_attributes[0]);
+
+static CK_RV
+sftkdb_GetObjectTemplate(SDB *source, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG *max)
+{
+ unsigned int i, j;
+ CK_RV crv;
+
+ if (*max < known_attributes_size) {
+ *max = known_attributes_size;
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ for (i = 0; i < known_attributes_size; i++) {
+ ptemplate[i].type = known_attributes[i];
+ ptemplate[i].pValue = NULL;
+ ptemplate[i].ulValueLen = 0;
+ }
+
+ crv = (*source->sdb_GetAttributeValue)(source, id,
+ ptemplate, known_attributes_size);
+
+ if ((crv != CKR_OK) && (crv != CKR_ATTRIBUTE_TYPE_INVALID)) {
+ return crv;
+ }
+
+ for (i = 0, j = 0; i < known_attributes_size; i++, j++) {
+ while (i < known_attributes_size && (ptemplate[i].ulValueLen == -1)) {
+ i++;
+ }
+ if (i >= known_attributes_size) {
+ break;
+ }
+ /* cheap optimization */
+ if (i == j) {
+ continue;
+ }
+ ptemplate[j] = ptemplate[i];
+ }
+ *max = j;
+ return CKR_OK;
+}
+
+static const char SFTKDB_META_UPDATE_TEMPLATE[] = "upd_%s_%s";
+
+/*
+ * check to see if we have already updated this database.
+ * a NULL updateID means we are trying to do an in place
+ * single database update. In that case we have already
+ * determined that an update was necessary.
+ */
+static PRBool
+sftkdb_hasUpdate(const char *typeString, SDB *db, const char *updateID)
+{
+ char *id;
+ CK_RV crv;
+ SECItem dummy = { 0, NULL, 0 };
+ unsigned char dummyData[SDB_MAX_META_DATA_LEN];
+
+ if (!updateID) {
+ return PR_FALSE;
+ }
+ id = PR_smprintf(SFTKDB_META_UPDATE_TEMPLATE, typeString, updateID);
+ if (id == NULL) {
+ return PR_FALSE;
+ }
+ dummy.data = dummyData;
+ dummy.len = sizeof(dummyData);
+
+ crv = (*db->sdb_GetMetaData)(db, id, &dummy, NULL);
+ PR_smprintf_free(id);
+ return crv == CKR_OK ? PR_TRUE : PR_FALSE;
+}
+
+/*
+ * we just completed an update, store the update id
+ * so we don't need to do it again. If non was given,
+ * there is nothing to do.
+ */
+static CK_RV
+sftkdb_putUpdate(const char *typeString, SDB *db, const char *updateID)
+{
+ char *id;
+ CK_RV crv;
+ SECItem dummy = { 0, NULL, 0 };
+
+ /* if no id was given, nothing to do */
+ if (updateID == NULL) {
+ return CKR_OK;
+ }
+
+ dummy.data = (unsigned char *)updateID;
+ dummy.len = PORT_Strlen(updateID);
+
+ id = PR_smprintf(SFTKDB_META_UPDATE_TEMPLATE, typeString, updateID);
+ if (id == NULL) {
+ return PR_FALSE;
+ }
+
+ crv = (*db->sdb_PutMetaData)(db, id, &dummy, NULL);
+ PR_smprintf_free(id);
+ return crv;
+}
+
+/*
+ * get a ULong attribute from a template:
+ * NOTE: this is a raw templated stored in database order!
+ */
+static CK_ULONG
+sftkdb_getULongFromTemplate(CK_ATTRIBUTE_TYPE type,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG len)
+{
+ CK_ATTRIBUTE *attr = sftkdb_getAttributeFromTemplate(type,
+ ptemplate, len);
+
+ if (attr && attr->pValue && attr->ulValueLen == SDB_ULONG_SIZE) {
+ return sftk_SDBULong2ULong(attr->pValue);
+ }
+ return (CK_ULONG)-1;
+}
+
+/*
+ * we need to find a unique CKA_ID.
+ * The basic idea is to just increment the lowest byte.
+ * This code also handles the following corner cases:
+ * 1) the single byte overflows. On overflow we increment the next byte up
+ * and so forth until we have overflowed the entire CKA_ID.
+ * 2) If we overflow the entire CKA_ID we expand it by one byte.
+ * 3) the CKA_ID is non-existant, we create a new one with one byte.
+ * This means no matter what CKA_ID is passed, the result of this function
+ * is always a new CKA_ID, and this function will never return the same
+ * CKA_ID the it has returned in the passed.
+ */
+static CK_RV
+sftkdb_incrementCKAID(PLArenaPool *arena, CK_ATTRIBUTE *ptemplate)
+{
+ unsigned char *buf = ptemplate->pValue;
+ CK_ULONG len = ptemplate->ulValueLen;
+
+ if (buf == NULL || len == (CK_ULONG)-1) {
+ /* we have no valid CKAID, we'll create a basic one byte CKA_ID below */
+ len = 0;
+ } else {
+ CK_ULONG i;
+
+ /* walk from the back to front, incrementing
+ * the CKA_ID until we no longer have a carry,
+ * or have hit the front of the id. */
+ for (i = len; i != 0; i--) {
+ buf[i - 1]++;
+ if (buf[i - 1] != 0) {
+ /* no more carries, the increment is complete */
+ return CKR_OK;
+ }
+ }
+ /* we've now overflowed, fall through and expand the CKA_ID by
+ * one byte */
+ }
+ buf = PORT_ArenaAlloc(arena, len + 1);
+ if (!buf) {
+ return CKR_HOST_MEMORY;
+ }
+ if (len > 0) {
+ PORT_Memcpy(buf, ptemplate->pValue, len);
+ }
+ buf[len] = 0;
+ ptemplate->pValue = buf;
+ ptemplate->ulValueLen = len + 1;
+ return CKR_OK;
+}
+
+/*
+ * drop an attribute from a template.
+ */
+void
+sftkdb_dropAttribute(CK_ATTRIBUTE *attr, CK_ATTRIBUTE *ptemplate,
+ CK_ULONG *plen)
+{
+ CK_ULONG count = *plen;
+ CK_ULONG i;
+
+ for (i = 0; i < count; i++) {
+ if (attr->type == ptemplate[i].type) {
+ break;
+ }
+ }
+
+ if (i == count) {
+ /* attribute not found */
+ return;
+ }
+
+ /* copy the remaining attributes up */
+ for (i++; i < count; i++) {
+ ptemplate[i - 1] = ptemplate[i];
+ }
+
+ /* decrement the template size */
+ *plen = count - 1;
+}
+
+/*
+ * create some defines for the following functions to document the meaning
+ * of true/false. (make's it easier to remember what means what.
+ */
+typedef enum {
+ SFTKDB_DO_NOTHING = 0,
+ SFTKDB_ADD_OBJECT,
+ SFTKDB_MODIFY_OBJECT,
+ SFTKDB_DROP_ATTRIBUTE
+} sftkdbUpdateStatus;
+
+/*
+ * helper function to reconcile a single trust entry.
+ * Identify which trust entry we want to keep.
+ * If we don't need to do anything (the records are already equal).
+ * return SFTKDB_DO_NOTHING.
+ * If we want to use the source version,
+ * return SFTKDB_MODIFY_OBJECT
+ * If we want to use the target version,
+ * return SFTKDB_DROP_ATTRIBUTE
+ *
+ * In the end the caller will remove any attributes in the source
+ * template when SFTKDB_DROP_ATTRIBUTE is specified, then use do a
+ * set attributes with that template on the target if we received
+ * any SFTKDB_MODIFY_OBJECT returns.
+ */
+sftkdbUpdateStatus
+sftkdb_reconcileTrustEntry(PLArenaPool *arena, CK_ATTRIBUTE *target,
+ CK_ATTRIBUTE *source)
+{
+ CK_ULONG targetTrust = sftkdb_getULongFromTemplate(target->type,
+ target, 1);
+ CK_ULONG sourceTrust = sftkdb_getULongFromTemplate(target->type,
+ source, 1);
+
+ /*
+ * try to pick the best solution between the source and the
+ * target. Update the source template if we want the target value
+ * to win out. Prefer cases where we don't actually update the
+ * trust entry.
+ */
+
+ /* they are the same, everything is already kosher */
+ if (targetTrust == sourceTrust) {
+ return SFTKDB_DO_NOTHING;
+ }
+
+ /* handle the case where the source Trust attribute may be a bit
+ * flakey */
+ if (sourceTrust == (CK_ULONG)-1) {
+ /*
+ * The source Trust is invalid. We know that the target Trust
+ * must be valid here, otherwise the above
+ * targetTrust == sourceTrust check would have succeeded.
+ */
+ return SFTKDB_DROP_ATTRIBUTE;
+ }
+
+ /* target is invalid, use the source's idea of the trust value */
+ if (targetTrust == (CK_ULONG)-1) {
+ /* overwriting the target in this case is OK */
+ return SFTKDB_MODIFY_OBJECT;
+ }
+
+ /* at this point we know that both attributes exist and have the
+ * appropriate length (SDB_ULONG_SIZE). We no longer need to check
+ * ulValueLen for either attribute.
+ */
+ if (sourceTrust == CKT_NSS_TRUST_UNKNOWN) {
+ return SFTKDB_DROP_ATTRIBUTE;
+ }
+
+ /* target has no idea, use the source's idea of the trust value */
+ if (targetTrust == CKT_NSS_TRUST_UNKNOWN) {
+ /* overwriting the target in this case is OK */
+ return SFTKDB_MODIFY_OBJECT;
+ }
+
+ /* so both the target and the source have some idea of what this
+ * trust attribute should be, and neither agree exactly.
+ * At this point, we prefer 'hard' attributes over 'soft' ones.
+ * 'hard' ones are CKT_NSS_TRUSTED, CKT_NSS_TRUSTED_DELEGATOR, and
+ * CKT_NSS_NOT_TRUTED. Soft ones are ones which don't change the
+ * actual trust of the cert (CKT_MUST_VERIFY_TRUST,
+ * CKT_NSS_VALID_DELEGATOR).
+ */
+ if ((sourceTrust == CKT_NSS_MUST_VERIFY_TRUST) || (sourceTrust == CKT_NSS_VALID_DELEGATOR)) {
+ return SFTKDB_DROP_ATTRIBUTE;
+ }
+ if ((targetTrust == CKT_NSS_MUST_VERIFY_TRUST) || (targetTrust == CKT_NSS_VALID_DELEGATOR)) {
+ /* again, overwriting the target in this case is OK */
+ return SFTKDB_MODIFY_OBJECT;
+ }
+
+ /* both have hard attributes, we have a conflict, let the target win. */
+ return SFTKDB_DROP_ATTRIBUTE;
+}
+
+const CK_ATTRIBUTE_TYPE sftkdb_trustList[] =
+ { CKA_TRUST_SERVER_AUTH, CKA_TRUST_CLIENT_AUTH,
+ CKA_TRUST_CODE_SIGNING, CKA_TRUST_EMAIL_PROTECTION,
+ CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER,
+ CKA_TRUST_TIME_STAMPING };
+
+#define SFTK_TRUST_TEMPLATE_COUNT \
+ (sizeof(sftkdb_trustList) / sizeof(sftkdb_trustList[0]))
+/*
+ * Run through the list of known trust types, and reconcile each trust
+ * entry one by one. Keep track of we really need to write out the source
+ * trust object (overwriting the existing one).
+ */
+static sftkdbUpdateStatus
+sftkdb_reconcileTrust(PLArenaPool *arena, SDB *db, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG *plen)
+{
+ CK_ATTRIBUTE trustTemplate[SFTK_TRUST_TEMPLATE_COUNT];
+ unsigned char trustData[SFTK_TRUST_TEMPLATE_COUNT * SDB_ULONG_SIZE];
+ sftkdbUpdateStatus update = SFTKDB_DO_NOTHING;
+ CK_ULONG i;
+ CK_RV crv;
+
+ for (i = 0; i < SFTK_TRUST_TEMPLATE_COUNT; i++) {
+ trustTemplate[i].type = sftkdb_trustList[i];
+ trustTemplate[i].pValue = &trustData[i * SDB_ULONG_SIZE];
+ trustTemplate[i].ulValueLen = SDB_ULONG_SIZE;
+ }
+ crv = (*db->sdb_GetAttributeValue)(db, id,
+ trustTemplate, SFTK_TRUST_TEMPLATE_COUNT);
+ if ((crv != CKR_OK) && (crv != CKR_ATTRIBUTE_TYPE_INVALID)) {
+ /* target trust has some problems, update it */
+ update = SFTKDB_MODIFY_OBJECT;
+ goto done;
+ }
+
+ for (i = 0; i < SFTK_TRUST_TEMPLATE_COUNT; i++) {
+ CK_ATTRIBUTE *attr = sftkdb_getAttributeFromTemplate(
+ trustTemplate[i].type, ptemplate, *plen);
+ sftkdbUpdateStatus status;
+
+ /* if target trust value doesn't exist, nothing to merge */
+ if (trustTemplate[i].ulValueLen == (CK_ULONG)-1) {
+ /* if the source exists, then we want the source entry,
+ * go ahead and update */
+ if (attr && attr->ulValueLen != (CK_ULONG)-1) {
+ update = SFTKDB_MODIFY_OBJECT;
+ }
+ continue;
+ }
+
+ /*
+ * the source doesn't have the attribute, go to the next attribute
+ */
+ if (attr == NULL) {
+ continue;
+ }
+ status = sftkdb_reconcileTrustEntry(arena, &trustTemplate[i], attr);
+ if (status == SFTKDB_MODIFY_OBJECT) {
+ update = SFTKDB_MODIFY_OBJECT;
+ } else if (status == SFTKDB_DROP_ATTRIBUTE) {
+ /* drop the source copy of the attribute, we are going with
+ * the target's version */
+ sftkdb_dropAttribute(attr, ptemplate, plen);
+ }
+ }
+
+ /* finally manage stepup */
+ if (update == SFTKDB_MODIFY_OBJECT) {
+ CK_BBOOL stepUpBool = CK_FALSE;
+ /* if we are going to write from the source, make sure we don't
+ * overwrite the stepup bit if it's on*/
+ trustTemplate[0].type = CKA_TRUST_STEP_UP_APPROVED;
+ trustTemplate[0].pValue = &stepUpBool;
+ trustTemplate[0].ulValueLen = sizeof(stepUpBool);
+ crv = (*db->sdb_GetAttributeValue)(db, id, trustTemplate, 1);
+ if ((crv == CKR_OK) && (stepUpBool == CK_TRUE)) {
+ sftkdb_dropAttribute(trustTemplate, ptemplate, plen);
+ }
+ } else {
+ /* we currently aren't going to update. If the source stepup bit is
+ * on however, do an update so the target gets it as well */
+ CK_ATTRIBUTE *attr;
+
+ attr = sftkdb_getAttributeFromTemplate(CKA_TRUST_STEP_UP_APPROVED,
+ ptemplate, *plen);
+ if (attr && (attr->ulValueLen == sizeof(CK_BBOOL)) &&
+ (*(CK_BBOOL *)(attr->pValue) == CK_TRUE)) {
+ update = SFTKDB_MODIFY_OBJECT;
+ }
+ }
+
+done:
+ return update;
+}
+
+static sftkdbUpdateStatus
+sftkdb_handleIDAndName(PLArenaPool *arena, SDB *db, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG *plen)
+{
+ sftkdbUpdateStatus update = SFTKDB_DO_NOTHING;
+ CK_ATTRIBUTE *attr1, *attr2;
+ CK_ATTRIBUTE ttemplate[2] = {
+ { CKA_ID, NULL, 0 },
+ { CKA_LABEL, NULL, 0 }
+ };
+
+ attr1 = sftkdb_getAttributeFromTemplate(CKA_LABEL, ptemplate, *plen);
+ attr2 = sftkdb_getAttributeFromTemplate(CKA_ID, ptemplate, *plen);
+
+ /* if the source has neither an id nor label, don't bother updating */
+ if ((!attr1 || attr1->ulValueLen == 0) &&
+ (!attr2 || attr2->ulValueLen == 0)) {
+ return SFTKDB_DO_NOTHING;
+ }
+
+ /* the source has either an id or a label, see what the target has */
+ (void)(*db->sdb_GetAttributeValue)(db, id, ttemplate, 2);
+
+ /* if the target has neither, update from the source */
+ if (((ttemplate[0].ulValueLen == 0) ||
+ (ttemplate[0].ulValueLen == (CK_ULONG)-1)) &&
+ ((ttemplate[1].ulValueLen == 0) ||
+ (ttemplate[1].ulValueLen == (CK_ULONG)-1))) {
+ return SFTKDB_MODIFY_OBJECT;
+ }
+
+ /* check the CKA_ID */
+ if ((ttemplate[0].ulValueLen != 0) &&
+ (ttemplate[0].ulValueLen != (CK_ULONG)-1)) {
+ /* we have a CKA_ID in the target, don't overwrite
+ * the target with an empty CKA_ID from the source*/
+ if (attr1 && attr1->ulValueLen == 0) {
+ sftkdb_dropAttribute(attr1, ptemplate, plen);
+ }
+ } else if (attr1 && attr1->ulValueLen != 0) {
+ /* source has a CKA_ID, but the target doesn't, update the target */
+ update = SFTKDB_MODIFY_OBJECT;
+ }
+
+ /* check the nickname */
+ if ((ttemplate[1].ulValueLen != 0) &&
+ (ttemplate[1].ulValueLen != (CK_ULONG)-1)) {
+
+ /* we have a nickname in the target, and we don't have to update
+ * the CKA_ID. We are done. NOTE: if we add addition attributes
+ * in this check, this shortcut can only go on the last of them. */
+ if (update == SFTKDB_DO_NOTHING) {
+ return update;
+ }
+ /* we have a nickname in the target, don't overwrite
+ * the target with an empty nickname from the source */
+ if (attr2 && attr2->ulValueLen == 0) {
+ sftkdb_dropAttribute(attr2, ptemplate, plen);
+ }
+ } else if (attr2 && attr2->ulValueLen != 0) {
+ /* source has a nickname, but the target doesn't, update the target */
+ update = SFTKDB_MODIFY_OBJECT;
+ }
+
+ return update;
+}
+
+/*
+ * This function updates the template before we write the object out.
+ *
+ * If we are going to skip updating this object, return PR_FALSE.
+ * If it should be updated we return PR_TRUE.
+ * To help readability, these have been defined
+ * as SFTK_DONT_UPDATE and SFTK_UPDATE respectively.
+ */
+static PRBool
+sftkdb_updateObjectTemplate(PLArenaPool *arena, SDB *db,
+ CK_OBJECT_CLASS objectType,
+ CK_ATTRIBUTE *ptemplate, CK_ULONG *plen,
+ CK_OBJECT_HANDLE *targetID)
+{
+ PRBool done; /* should we repeat the loop? */
+ CK_OBJECT_HANDLE id;
+ CK_RV crv = CKR_OK;
+
+ do {
+ crv = sftkdb_checkConflicts(db, objectType, ptemplate,
+ *plen, CK_INVALID_HANDLE);
+ if (crv != CKR_ATTRIBUTE_VALUE_INVALID) {
+ break;
+ }
+ crv = sftkdb_resolveConflicts(arena, objectType, ptemplate, plen);
+ } while (crv == CKR_OK);
+
+ if (crv != CKR_OK) {
+ return SFTKDB_DO_NOTHING;
+ }
+
+ do {
+ done = PR_TRUE;
+ crv = sftkdb_lookupObject(db, objectType, &id, ptemplate, *plen);
+ if (crv != CKR_OK) {
+ return SFTKDB_DO_NOTHING;
+ }
+
+ /* This object already exists, merge it, don't update */
+ if (id != CK_INVALID_HANDLE) {
+ CK_ATTRIBUTE *attr = NULL;
+ /* special post processing for attributes */
+ switch (objectType) {
+ case CKO_CERTIFICATE:
+ case CKO_PUBLIC_KEY:
+ case CKO_PRIVATE_KEY:
+ /* update target's CKA_ID and labels if they don't already
+ * exist */
+ *targetID = id;
+ return sftkdb_handleIDAndName(arena, db, id, ptemplate, plen);
+ case CKO_NSS_TRUST:
+ /* if we have conflicting trust object types,
+ * we need to reconcile them */
+ *targetID = id;
+ return sftkdb_reconcileTrust(arena, db, id, ptemplate, plen);
+ case CKO_SECRET_KEY:
+ /* secret keys in the old database are all sdr keys,
+ * unfortunately they all appear to have the same CKA_ID,
+ * even though they are truly different keys, so we always
+ * want to update these keys, but we need to
+ * give them a new CKA_ID */
+ /* NOTE: this changes ptemplate */
+ attr = sftkdb_getAttributeFromTemplate(CKA_ID, ptemplate, *plen);
+ crv = attr ? sftkdb_incrementCKAID(arena, attr)
+ : CKR_HOST_MEMORY;
+ /* in the extremely rare event that we needed memory and
+ * couldn't get it, just drop the key */
+ if (crv != CKR_OK) {
+ return SFTKDB_DO_NOTHING;
+ }
+ done = PR_FALSE; /* repeat this find loop */
+ break;
+ default:
+ /* for all other objects, if we found the equivalent object,
+ * don't update it */
+ return SFTKDB_DO_NOTHING;
+ }
+ }
+ } while (!done);
+
+ /* this object doesn't exist, update it */
+ return SFTKDB_ADD_OBJECT;
+}
+
+#define MAX_ATTRIBUTES 500
+static CK_RV
+sftkdb_mergeObject(SFTKDBHandle *handle, CK_OBJECT_HANDLE id,
+ SECItem *key)
+{
+ CK_ATTRIBUTE template[MAX_ATTRIBUTES];
+ CK_ATTRIBUTE *ptemplate;
+ CK_ULONG max_attributes = MAX_ATTRIBUTES;
+ CK_OBJECT_CLASS objectType;
+ SDB *source = handle->update;
+ SDB *target = handle->db;
+ unsigned int i;
+ CK_RV crv;
+ PLArenaPool *arena = NULL;
+
+ arena = PORT_NewArena(256);
+ if (arena == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ ptemplate = &template[0];
+ id &= SFTK_OBJ_ID_MASK;
+ crv = sftkdb_GetObjectTemplate(source, id, ptemplate, &max_attributes);
+ if (crv == CKR_BUFFER_TOO_SMALL) {
+ ptemplate = PORT_ArenaNewArray(arena, CK_ATTRIBUTE, max_attributes);
+ if (ptemplate == NULL) {
+ crv = CKR_HOST_MEMORY;
+ } else {
+ crv = sftkdb_GetObjectTemplate(source, id,
+ ptemplate, &max_attributes);
+ }
+ }
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ for (i = 0; i < max_attributes; i++) {
+ ptemplate[i].pValue = PORT_ArenaAlloc(arena, ptemplate[i].ulValueLen);
+ if (ptemplate[i].pValue == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ }
+ crv = (*source->sdb_GetAttributeValue)(source, id,
+ ptemplate, max_attributes);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ objectType = sftkdb_getULongFromTemplate(CKA_CLASS, ptemplate,
+ max_attributes);
+
+ /*
+ * Update Object updates the object template if necessary then returns
+ * whether or not we need to actually write the object out to our target
+ * database.
+ */
+ if (!handle->updateID) {
+ crv = sftkdb_CreateObject(arena, handle, target, &id,
+ ptemplate, max_attributes);
+ } else {
+ sftkdbUpdateStatus update_status;
+ update_status = sftkdb_updateObjectTemplate(arena, target,
+ objectType, ptemplate, &max_attributes, &id);
+ switch (update_status) {
+ case SFTKDB_ADD_OBJECT:
+ crv = sftkdb_CreateObject(arena, handle, target, &id,
+ ptemplate, max_attributes);
+ break;
+ case SFTKDB_MODIFY_OBJECT:
+ crv = sftkdb_setAttributeValue(arena, handle, target,
+ id, ptemplate, max_attributes);
+ break;
+ case SFTKDB_DO_NOTHING:
+ case SFTKDB_DROP_ATTRIBUTE:
+ break;
+ }
+ }
+
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_TRUE);
+ }
+ return crv;
+}
+
+#define MAX_IDS 10
+/*
+ * update a new database from an old one, now that we have the key
+ */
+CK_RV
+sftkdb_Update(SFTKDBHandle *handle, SECItem *key)
+{
+ SDBFind *find = NULL;
+ CK_ULONG idCount = MAX_IDS;
+ CK_OBJECT_HANDLE ids[MAX_IDS];
+ SECItem *updatePasswordKey = NULL;
+ CK_RV crv, crv2;
+ PRBool inTransaction = PR_FALSE;
+ unsigned int i;
+
+ if (handle == NULL) {
+ return CKR_OK;
+ }
+ if (handle->update == NULL) {
+ return CKR_OK;
+ }
+
+ /*
+ * put the whole update under a transaction. This allows us to handle
+ * any possible race conditions between with the updateID check.
+ */
+ crv = (*handle->db->sdb_Begin)(handle->db);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ inTransaction = PR_TRUE;
+
+ /* some one else has already updated this db */
+ if (sftkdb_hasUpdate(sftkdb_TypeString(handle),
+ handle->db, handle->updateID)) {
+ crv = CKR_OK;
+ goto done;
+ }
+
+ updatePasswordKey = sftkdb_GetUpdatePasswordKey(handle);
+ if (updatePasswordKey) {
+ /* pass the source DB key to the legacy code,
+ * so it can decrypt things */
+ handle->oldKey = updatePasswordKey;
+ }
+
+ /* find all the objects */
+ crv = sftkdb_FindObjectsInit(handle, NULL, 0, &find);
+
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ while ((crv == CKR_OK) && (idCount == MAX_IDS)) {
+ crv = sftkdb_FindObjects(handle, find, ids, MAX_IDS, &idCount);
+ for (i = 0; (crv == CKR_OK) && (i < idCount); i++) {
+ crv = sftkdb_mergeObject(handle, ids[i], key);
+ }
+ }
+ crv2 = sftkdb_FindObjectsFinal(handle, find);
+ if (crv == CKR_OK)
+ crv = crv2;
+
+loser:
+ /* no longer need the old key value */
+ handle->oldKey = NULL;
+
+ /* update the password - even if we didn't update objects */
+ if (handle->type == SFTK_KEYDB_TYPE) {
+ SECItem item1, item2;
+ unsigned char data1[SDB_MAX_META_DATA_LEN];
+ unsigned char data2[SDB_MAX_META_DATA_LEN];
+
+ item1.data = data1;
+ item1.len = sizeof(data1);
+ item2.data = data2;
+ item2.len = sizeof(data2);
+
+ /* if the target db already has a password, skip this. */
+ crv = (*handle->db->sdb_GetMetaData)(handle->db, "password",
+ &item1, &item2);
+ if (crv == CKR_OK) {
+ goto done;
+ }
+
+ /* nope, update it from the source */
+ crv = (*handle->update->sdb_GetMetaData)(handle->update, "password",
+ &item1, &item2);
+ if (crv != CKR_OK) {
+ goto done;
+ }
+ crv = (*handle->db->sdb_PutMetaData)(handle->db, "password", &item1,
+ &item2);
+ if (crv != CKR_OK) {
+ goto done;
+ }
+ }
+
+done:
+ /* finally mark this up to date db up to date */
+ /* some one else has already updated this db */
+ if (crv == CKR_OK) {
+ crv = sftkdb_putUpdate(sftkdb_TypeString(handle),
+ handle->db, handle->updateID);
+ }
+
+ if (inTransaction) {
+ if (crv == CKR_OK) {
+ crv = (*handle->db->sdb_Commit)(handle->db);
+ } else {
+ (*handle->db->sdb_Abort)(handle->db);
+ }
+ }
+ if (handle->update) {
+ (*handle->update->sdb_Close)(handle->update);
+ handle->update = NULL;
+ }
+ if (handle->updateID) {
+ PORT_Free(handle->updateID);
+ handle->updateID = NULL;
+ }
+ sftkdb_FreeUpdatePasswordKey(handle);
+ if (updatePasswordKey) {
+ SECITEM_ZfreeItem(updatePasswordKey, PR_TRUE);
+ }
+ handle->updateDBIsInit = PR_FALSE;
+ return crv;
+}
+
+/******************************************************************
+ * DB handle managing functions.
+ *
+ * These functions are called by softoken to initialize, acquire,
+ * and release database handles.
+ */
+
+const char *
+sftkdb_GetUpdateID(SFTKDBHandle *handle)
+{
+ return handle->updateID;
+}
+
+/* release a database handle */
+void
+sftk_freeDB(SFTKDBHandle *handle)
+{
+ PRInt32 ref;
+
+ if (!handle)
+ return;
+ ref = PR_ATOMIC_DECREMENT(&handle->ref);
+ if (ref == 0) {
+ sftkdb_CloseDB(handle);
+ }
+ return;
+}
+
+/*
+ * acquire a database handle for a certificate db
+ * (database for public objects)
+ */
+SFTKDBHandle *
+sftk_getCertDB(SFTKSlot *slot)
+{
+ SFTKDBHandle *dbHandle;
+
+ PZ_Lock(slot->slotLock);
+ dbHandle = slot->certDB;
+ if (dbHandle) {
+ (void)PR_ATOMIC_INCREMENT(&dbHandle->ref);
+ }
+ PZ_Unlock(slot->slotLock);
+ return dbHandle;
+}
+
+/*
+ * acquire a database handle for a key database
+ * (database for private objects)
+ */
+SFTKDBHandle *
+sftk_getKeyDB(SFTKSlot *slot)
+{
+ SFTKDBHandle *dbHandle;
+
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ dbHandle = slot->keyDB;
+ if (dbHandle) {
+ (void)PR_ATOMIC_INCREMENT(&dbHandle->ref);
+ }
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ return dbHandle;
+}
+
+/*
+ * acquire the database for a specific object. NOTE: objectID must point
+ * to a Token object!
+ */
+SFTKDBHandle *
+sftk_getDBForTokenObject(SFTKSlot *slot, CK_OBJECT_HANDLE objectID)
+{
+ SFTKDBHandle *dbHandle;
+
+ PZ_Lock(slot->slotLock);
+ dbHandle = objectID & SFTK_KEYDB_TYPE ? slot->keyDB : slot->certDB;
+ if (dbHandle) {
+ (void)PR_ATOMIC_INCREMENT(&dbHandle->ref);
+ }
+ PZ_Unlock(slot->slotLock);
+ return dbHandle;
+}
+
+/*
+ * initialize a new database handle
+ */
+static SFTKDBHandle *
+sftk_NewDBHandle(SDB *sdb, int type)
+{
+ SFTKDBHandle *handle = PORT_New(SFTKDBHandle);
+ handle->ref = 1;
+ handle->db = sdb;
+ handle->update = NULL;
+ handle->peerDB = NULL;
+ handle->newKey = NULL;
+ handle->oldKey = NULL;
+ handle->updatePasswordKey = NULL;
+ handle->updateID = NULL;
+ handle->type = type;
+ handle->passwordKey.data = NULL;
+ handle->passwordKey.len = 0;
+ handle->passwordLock = NULL;
+ if (type == SFTK_KEYDB_TYPE) {
+ handle->passwordLock = PZ_NewLock(nssILockAttribute);
+ }
+ sdb->app_private = handle;
+ return handle;
+}
+
+/*
+ * reset the key database to it's uninitialized state. This call
+ * will clear all the key entried.
+ */
+SECStatus
+sftkdb_ResetKeyDB(SFTKDBHandle *handle)
+{
+ CK_RV crv;
+
+ /* only rest the key db */
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ return SECFailure;
+ }
+ crv = sftkdb_ResetDB(handle);
+ if (crv != CKR_OK) {
+ /* set error */
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static PRBool
+sftk_oldVersionExists(const char *dir, int version)
+{
+ int i;
+ PRStatus exists = PR_FAILURE;
+ char *file = NULL;
+
+ for (i = version; i > 1; i--) {
+ file = PR_smprintf("%s%d.db", dir, i);
+ if (file == NULL) {
+ continue;
+ }
+ exists = PR_Access(file, PR_ACCESS_EXISTS);
+ PR_smprintf_free(file);
+ if (exists == PR_SUCCESS) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+static PRBool
+sftk_hasLegacyDB(const char *confdir, const char *certPrefix,
+ const char *keyPrefix, int certVersion, int keyVersion)
+{
+ char *dir;
+ PRBool exists;
+
+ if (certPrefix == NULL) {
+ certPrefix = "";
+ }
+
+ if (keyPrefix == NULL) {
+ keyPrefix = "";
+ }
+
+ dir = PR_smprintf("%s/%scert", confdir, certPrefix);
+ if (dir == NULL) {
+ return PR_FALSE;
+ }
+
+ exists = sftk_oldVersionExists(dir, certVersion);
+ PR_smprintf_free(dir);
+ if (exists) {
+ return PR_TRUE;
+ }
+
+ dir = PR_smprintf("%s/%skey", confdir, keyPrefix);
+ if (dir == NULL) {
+ return PR_FALSE;
+ }
+
+ exists = sftk_oldVersionExists(dir, keyVersion);
+ PR_smprintf_free(dir);
+ return exists;
+}
+
+/*
+ * initialize certificate and key database handles as a pair.
+ *
+ * This function figures out what type of database we are opening and
+ * calls the appropriate low level function to open the database.
+ * It also figures out whether or not to setup up automatic update.
+ */
+CK_RV
+sftk_DBInit(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, const char *updatedir,
+ const char *updCertPrefix, const char *updKeyPrefix,
+ const char *updateID, PRBool readOnly, PRBool noCertDB,
+ PRBool noKeyDB, PRBool forceOpen, PRBool isFIPS,
+ SFTKDBHandle **certDB, SFTKDBHandle **keyDB)
+{
+ const char *confdir;
+ NSSDBType dbType = NSS_DB_TYPE_NONE;
+ char *appName = NULL;
+ SDB *keySDB, *certSDB;
+ CK_RV crv = CKR_OK;
+ int flags = SDB_RDONLY;
+ PRBool newInit = PR_FALSE;
+ PRBool needUpdate = PR_FALSE;
+
+ if (!readOnly) {
+ flags = SDB_CREATE;
+ }
+ if (isFIPS) {
+ flags |= SDB_FIPS;
+ }
+
+ *certDB = NULL;
+ *keyDB = NULL;
+
+ if (noKeyDB && noCertDB) {
+ return CKR_OK;
+ }
+ confdir = _NSSUTIL_EvaluateConfigDir(configdir, &dbType, &appName);
+
+ /*
+ * now initialize the appropriate database
+ */
+ switch (dbType) {
+ case NSS_DB_TYPE_LEGACY:
+ crv = sftkdbCall_open(confdir, certPrefix, keyPrefix, 8, 3, flags,
+ noCertDB ? NULL : &certSDB, noKeyDB ? NULL : &keySDB);
+ break;
+ case NSS_DB_TYPE_MULTIACCESS:
+ crv = sftkdbCall_open(configdir, certPrefix, keyPrefix, 8, 3, flags,
+ noCertDB ? NULL : &certSDB, noKeyDB ? NULL : &keySDB);
+ break;
+ case NSS_DB_TYPE_SQL:
+ case NSS_DB_TYPE_EXTERN: /* SHOULD open a loadable db */
+ crv = s_open(confdir, certPrefix, keyPrefix, 9, 4, flags,
+ noCertDB ? NULL : &certSDB, noKeyDB ? NULL : &keySDB, &newInit);
+
+ /*
+ * if we failed to open the DB's read only, use the old ones if
+ * the exists.
+ */
+ if (crv != CKR_OK) {
+ if (((flags & SDB_RDONLY) == SDB_RDONLY) &&
+ sftk_hasLegacyDB(confdir, certPrefix, keyPrefix, 8, 3)) {
+ /* we have legacy databases, if we failed to open the new format
+ * DB's read only, just use the legacy ones */
+ crv = sftkdbCall_open(confdir, certPrefix,
+ keyPrefix, 8, 3, flags,
+ noCertDB ? NULL : &certSDB, noKeyDB ? NULL : &keySDB);
+ }
+ /* Handle the database merge case.
+ *
+ * For the merge case, we need help from the application. Only
+ * the application knows where the old database is, and what unique
+ * identifier it has associated with it.
+ *
+ * If the client supplies these values, we use them to determine
+ * if we need to update.
+ */
+ } else if (
+ /* both update params have been supplied */
+ updatedir && *updatedir && updateID && *updateID
+ /* old dbs exist? */
+ && sftk_hasLegacyDB(updatedir, updCertPrefix, updKeyPrefix, 8, 3)
+ /* and they have not yet been updated? */
+ && ((noKeyDB || !sftkdb_hasUpdate("key", keySDB, updateID)) || (noCertDB || !sftkdb_hasUpdate("cert", certSDB, updateID)))) {
+ /* we need to update */
+ confdir = updatedir;
+ certPrefix = updCertPrefix;
+ keyPrefix = updKeyPrefix;
+ needUpdate = PR_TRUE;
+ } else if (newInit) {
+ /* if the new format DB was also a newly created DB, and we
+ * succeeded, then need to update that new database with data
+ * from the existing legacy DB */
+ if (sftk_hasLegacyDB(confdir, certPrefix, keyPrefix, 8, 3)) {
+ needUpdate = PR_TRUE;
+ }
+ }
+ break;
+ default:
+ crv = CKR_GENERAL_ERROR; /* can't happen, EvaluationConfigDir MUST
+ * return one of the types we already
+ * specified. */
+ }
+ if (crv != CKR_OK) {
+ goto done;
+ }
+ if (!noCertDB) {
+ *certDB = sftk_NewDBHandle(certSDB, SFTK_CERTDB_TYPE);
+ } else {
+ *certDB = NULL;
+ }
+ if (!noKeyDB) {
+ *keyDB = sftk_NewDBHandle(keySDB, SFTK_KEYDB_TYPE);
+ } else {
+ *keyDB = NULL;
+ }
+
+ /* link them together */
+ if (*certDB) {
+ (*certDB)->peerDB = *keyDB;
+ }
+ if (*keyDB) {
+ (*keyDB)->peerDB = *certDB;
+ }
+
+ /*
+ * if we need to update, open the legacy database and
+ * mark the handle as needing update.
+ */
+ if (needUpdate) {
+ SDB *updateCert = NULL;
+ SDB *updateKey = NULL;
+ CK_RV crv2;
+
+ crv2 = sftkdbCall_open(confdir, certPrefix, keyPrefix, 8, 3, flags,
+ noCertDB ? NULL : &updateCert,
+ noKeyDB ? NULL : &updateKey);
+ if (crv2 == CKR_OK) {
+ if (*certDB) {
+ (*certDB)->update = updateCert;
+ (*certDB)->updateID = updateID && *updateID
+ ? PORT_Strdup(updateID)
+ : NULL;
+ updateCert->app_private = (*certDB);
+ }
+ if (*keyDB) {
+ PRBool tokenRemoved = PR_FALSE;
+ (*keyDB)->update = updateKey;
+ (*keyDB)->updateID = updateID && *updateID ? PORT_Strdup(updateID) : NULL;
+ updateKey->app_private = (*keyDB);
+ (*keyDB)->updateDBIsInit = PR_TRUE;
+ (*keyDB)->updateDBIsInit =
+ (sftkdb_HasPasswordSet(*keyDB) == SECSuccess) ? PR_TRUE : PR_FALSE;
+ /* if the password on the key db is NULL, kick off our update
+ * chain of events */
+ sftkdb_CheckPassword((*keyDB), "", &tokenRemoved);
+ } else {
+ /* we don't have a key DB, update the certificate DB now */
+ sftkdb_Update(*certDB, NULL);
+ }
+ }
+ }
+done:
+ if (appName) {
+ PORT_Free(appName);
+ }
+ return forceOpen ? CKR_OK : crv;
+}
+
+CK_RV
+sftkdb_Shutdown(void)
+{
+ s_shutdown();
+ sftkdbCall_Shutdown();
+ return CKR_OK;
+}
diff --git a/security/nss/lib/softoken/sftkdb.h b/security/nss/lib/softoken/sftkdb.h
new file mode 100644
index 000000000..a47c89670
--- /dev/null
+++ b/security/nss/lib/softoken/sftkdb.h
@@ -0,0 +1,71 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "sftkdbt.h"
+#include "sdb.h"
+#include "pkcs11i.h"
+#include "pkcs11t.h"
+
+/* raw database stuff */
+CK_RV sftkdb_write(SFTKDBHandle *handle, SFTKObject *, CK_OBJECT_HANDLE *);
+CK_RV sftkdb_FindObjectsInit(SFTKDBHandle *sdb, const CK_ATTRIBUTE *template,
+ CK_ULONG count, SDBFind **find);
+CK_RV sftkdb_FindObjects(SFTKDBHandle *sdb, SDBFind *find,
+ CK_OBJECT_HANDLE *ids, int arraySize, CK_ULONG *count);
+CK_RV sftkdb_FindObjectsFinal(SFTKDBHandle *sdb, SDBFind *find);
+CK_RV sftkdb_GetAttributeValue(SFTKDBHandle *handle,
+ CK_OBJECT_HANDLE object_id, CK_ATTRIBUTE *template, CK_ULONG count);
+CK_RV sftkdb_SetAttributeValue(SFTKDBHandle *handle, SFTKObject *object,
+ const CK_ATTRIBUTE *template, CK_ULONG count);
+CK_RV sftkdb_DestroyObject(SFTKDBHandle *handle, CK_OBJECT_HANDLE object_id);
+CK_RV sftkdb_closeDB(SFTKDBHandle *handle);
+
+/* keydb functions */
+
+SECStatus sftkdb_PWIsInitialized(SFTKDBHandle *keydb);
+SECStatus sftkdb_CheckPassword(SFTKDBHandle *keydb, const char *pw,
+ PRBool *tokenRemoved);
+SECStatus sftkdb_PWCached(SFTKDBHandle *keydb);
+SECStatus sftkdb_HasPasswordSet(SFTKDBHandle *keydb);
+SECStatus sftkdb_ResetKeyDB(SFTKDBHandle *keydb);
+SECStatus sftkdb_ChangePassword(SFTKDBHandle *keydb,
+ char *oldPin, char *newPin,
+ PRBool *tokenRemoved);
+SECStatus sftkdb_ClearPassword(SFTKDBHandle *keydb);
+PRBool sftkdb_InUpdateMerge(SFTKDBHandle *keydb);
+PRBool sftkdb_NeedUpdateDBPassword(SFTKDBHandle *keydb);
+const char *sftkdb_GetUpdateID(SFTKDBHandle *keydb);
+SECItem *sftkdb_GetUpdatePasswordKey(SFTKDBHandle *keydb);
+void sftkdb_FreeUpdatePasswordKey(SFTKDBHandle *keydb);
+
+/* Utility functions */
+/*
+ * OK there are now lots of options here, lets go through them all:
+ *
+ * configdir - base directory where all the cert, key, and module datbases live.
+ * certPrefix - prefix added to the beginning of the cert database example: "
+ * "https-server1-"
+ * keyPrefix - prefix added to the beginning of the key database example: "
+ * "https-server1-"
+ * secmodName - name of the security module database (usually "secmod.db").
+ * readOnly - Boolean: true if the databases are to be openned read only.
+ * nocertdb - Don't open the cert DB and key DB's, just initialize the
+ * Volatile certdb.
+ * nomoddb - Don't open the security module DB, just initialize the
+ * PKCS #11 module.
+ * forceOpen - Continue to force initializations even if the databases cannot
+ * be opened.
+ */
+CK_RV sftk_DBInit(const char *configdir, const char *certPrefix,
+ const char *keyPrefix, const char *updatedir,
+ const char *updCertPrefix, const char *updKeyPrefix,
+ const char *updateID, PRBool readOnly, PRBool noCertDB,
+ PRBool noKeyDB, PRBool forceOpen, PRBool isFIPS,
+ SFTKDBHandle **certDB, SFTKDBHandle **keyDB);
+CK_RV sftkdb_Shutdown(void);
+
+SFTKDBHandle *sftk_getCertDB(SFTKSlot *slot);
+SFTKDBHandle *sftk_getKeyDB(SFTKSlot *slot);
+SFTKDBHandle *sftk_getDBForTokenObject(SFTKSlot *slot,
+ CK_OBJECT_HANDLE objectID);
+void sftk_freeDB(SFTKDBHandle *certHandle);
diff --git a/security/nss/lib/softoken/sftkdbt.h b/security/nss/lib/softoken/sftkdbt.h
new file mode 100644
index 000000000..77beb845e
--- /dev/null
+++ b/security/nss/lib/softoken/sftkdbt.h
@@ -0,0 +1,12 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef SFTKDBT_H
+#define SFTKDBT_H 1
+typedef struct SFTKDBHandleStr SFTKDBHandle;
+
+#define SDB_MAX_META_DATA_LEN 256
+#define SDB_ULONG_SIZE 4
+
+#endif
diff --git a/security/nss/lib/softoken/sftkdbti.h b/security/nss/lib/softoken/sftkdbti.h
new file mode 100644
index 000000000..4942e1b12
--- /dev/null
+++ b/security/nss/lib/softoken/sftkdbti.h
@@ -0,0 +1,58 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef SFTKDBTI_H
+#define SFTKDBTI_H 1
+
+/*
+ * private defines
+ */
+struct SFTKDBHandleStr {
+ SDB *db;
+ PRInt32 ref;
+ CK_OBJECT_HANDLE type;
+ SECItem passwordKey;
+ SECItem *newKey;
+ SECItem *oldKey;
+ SECItem *updatePasswordKey;
+ PZLock *passwordLock;
+ SFTKDBHandle *peerDB;
+ SDB *update;
+ char *updateID;
+ PRBool updateDBIsInit;
+};
+
+#define SFTK_KEYDB_TYPE 0x40000000
+#define SFTK_CERTDB_TYPE 0x00000000
+#define SFTK_OBJ_TYPE_MASK 0xc0000000
+#define SFTK_OBJ_ID_MASK (~SFTK_OBJ_TYPE_MASK)
+#define SFTK_TOKEN_TYPE 0x80000000
+
+/* the following is the number of id's to handle on the stack at a time,
+ * it's not an upper limit of IDS that can be stored in the database */
+#define SFTK_MAX_IDS 10
+
+#define SFTK_GET_SDB(handle) \
+ ((handle)->update ? (handle)->update : (handle)->db)
+
+SECStatus sftkdb_DecryptAttribute(SECItem *passKey, SECItem *cipherText,
+ SECItem **plainText);
+SECStatus sftkdb_EncryptAttribute(PLArenaPool *arena, SECItem *passKey,
+ SECItem *plainText, SECItem **cipherText);
+SECStatus sftkdb_SignAttribute(PLArenaPool *arena, SECItem *passKey,
+ CK_OBJECT_HANDLE objectID,
+ CK_ATTRIBUTE_TYPE attrType,
+ SECItem *plainText, SECItem **sigText);
+SECStatus sftkdb_VerifyAttribute(SECItem *passKey,
+ CK_OBJECT_HANDLE objectID,
+ CK_ATTRIBUTE_TYPE attrType,
+ SECItem *plainText, SECItem *sigText);
+
+void sftk_ULong2SDBULong(unsigned char *data, CK_ULONG value);
+CK_RV sftkdb_Update(SFTKDBHandle *handle, SECItem *key);
+CK_RV sftkdb_PutAttributeSignature(SFTKDBHandle *handle,
+ SDB *keyTarget, CK_OBJECT_HANDLE objectID,
+ CK_ATTRIBUTE_TYPE type, SECItem *signText);
+
+#endif
diff --git a/security/nss/lib/softoken/sftkhmac.c b/security/nss/lib/softoken/sftkhmac.c
new file mode 100644
index 000000000..be6344c70
--- /dev/null
+++ b/security/nss/lib/softoken/sftkhmac.c
@@ -0,0 +1,190 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "seccomon.h"
+#include "secerr.h"
+#include "blapi.h"
+#include "pkcs11i.h"
+#include "softoken.h"
+#include "hmacct.h"
+
+/* MACMechanismToHash converts a PKCS#11 MAC mechanism into a freebl hash
+ * type. */
+static HASH_HashType
+MACMechanismToHash(CK_MECHANISM_TYPE mech)
+{
+ switch (mech) {
+ case CKM_MD5_HMAC:
+ case CKM_SSL3_MD5_MAC:
+ return HASH_AlgMD5;
+ case CKM_SHA_1_HMAC:
+ case CKM_SSL3_SHA1_MAC:
+ return HASH_AlgSHA1;
+ case CKM_SHA224_HMAC:
+ return HASH_AlgSHA224;
+ case CKM_SHA256_HMAC:
+ return HASH_AlgSHA256;
+ case CKM_SHA384_HMAC:
+ return HASH_AlgSHA384;
+ case CKM_SHA512_HMAC:
+ return HASH_AlgSHA512;
+ }
+ return HASH_AlgNULL;
+}
+
+static sftk_MACConstantTimeCtx *
+SetupMAC(CK_MECHANISM_PTR mech, SFTKObject *key)
+{
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
+ (CK_NSS_MAC_CONSTANT_TIME_PARAMS *)mech->pParameter;
+ sftk_MACConstantTimeCtx *ctx;
+ HASH_HashType alg;
+ SFTKAttribute *keyval;
+ unsigned char secret[sizeof(ctx->secret)];
+ unsigned int secretLength;
+
+ if (mech->ulParameterLen != sizeof(CK_NSS_MAC_CONSTANT_TIME_PARAMS)) {
+ return NULL;
+ }
+
+ alg = MACMechanismToHash(params->macAlg);
+ if (alg == HASH_AlgNULL) {
+ return NULL;
+ }
+
+ keyval = sftk_FindAttribute(key, CKA_VALUE);
+ if (keyval == NULL) {
+ return NULL;
+ }
+ secretLength = keyval->attrib.ulValueLen;
+ if (secretLength > sizeof(secret)) {
+ sftk_FreeAttribute(keyval);
+ return NULL;
+ }
+ memcpy(secret, keyval->attrib.pValue, secretLength);
+ sftk_FreeAttribute(keyval);
+
+ ctx = PORT_Alloc(sizeof(sftk_MACConstantTimeCtx));
+ if (!ctx) {
+ return NULL;
+ }
+
+ memcpy(ctx->secret, secret, secretLength);
+ ctx->secretLength = secretLength;
+ ctx->hash = HASH_GetRawHashObject(alg);
+ ctx->totalLength = params->ulBodyTotalLen;
+
+ return ctx;
+}
+
+sftk_MACConstantTimeCtx *
+sftk_HMACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
+{
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
+ (CK_NSS_MAC_CONSTANT_TIME_PARAMS *)mech->pParameter;
+ sftk_MACConstantTimeCtx *ctx;
+
+ if (params->ulHeaderLen > sizeof(ctx->header)) {
+ return NULL;
+ }
+ ctx = SetupMAC(mech, key);
+ if (!ctx) {
+ return NULL;
+ }
+
+ ctx->headerLength = params->ulHeaderLen;
+ memcpy(ctx->header, params->pHeader, params->ulHeaderLen);
+ return ctx;
+}
+
+sftk_MACConstantTimeCtx *
+sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
+{
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
+ (CK_NSS_MAC_CONSTANT_TIME_PARAMS *)mech->pParameter;
+ unsigned int padLength = 40, j;
+ sftk_MACConstantTimeCtx *ctx;
+
+ if (params->macAlg != CKM_SSL3_MD5_MAC &&
+ params->macAlg != CKM_SSL3_SHA1_MAC) {
+ return NULL;
+ }
+ ctx = SetupMAC(mech, key);
+ if (!ctx) {
+ return NULL;
+ }
+
+ if (params->macAlg == CKM_SSL3_MD5_MAC) {
+ padLength = 48;
+ }
+
+ ctx->headerLength =
+ ctx->secretLength +
+ padLength +
+ params->ulHeaderLen;
+
+ if (ctx->headerLength > sizeof(ctx->header)) {
+ goto loser;
+ }
+
+ j = 0;
+ memcpy(&ctx->header[j], ctx->secret, ctx->secretLength);
+ j += ctx->secretLength;
+ memset(&ctx->header[j], 0x36, padLength);
+ j += padLength;
+ memcpy(&ctx->header[j], params->pHeader, params->ulHeaderLen);
+
+ return ctx;
+
+loser:
+ PORT_Free(ctx);
+ return NULL;
+}
+
+void
+sftk_HMACConstantTime_Update(void *pctx, const void *data, unsigned int len)
+{
+ sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *)pctx;
+ PORT_CheckSuccess(HMAC_ConstantTime(
+ ctx->mac, NULL, sizeof(ctx->mac),
+ ctx->hash,
+ ctx->secret, ctx->secretLength,
+ ctx->header, ctx->headerLength,
+ data, len,
+ ctx->totalLength));
+}
+
+void
+sftk_SSLv3MACConstantTime_Update(void *pctx, const void *data, unsigned int len)
+{
+ sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *)pctx;
+ PORT_CheckSuccess(SSLv3_MAC_ConstantTime(
+ ctx->mac, NULL, sizeof(ctx->mac),
+ ctx->hash,
+ ctx->secret, ctx->secretLength,
+ ctx->header, ctx->headerLength,
+ data, len,
+ ctx->totalLength));
+}
+
+void
+sftk_MACConstantTime_EndHash(void *pctx, void *out, unsigned int *outLength,
+ unsigned int maxLength)
+{
+ const sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *)pctx;
+ unsigned int toCopy = ctx->hash->length;
+ if (toCopy > maxLength) {
+ toCopy = maxLength;
+ }
+ memcpy(out, ctx->mac, toCopy);
+ if (outLength) {
+ *outLength = toCopy;
+ }
+}
+
+void
+sftk_MACConstantTime_DestroyContext(void *pctx, PRBool free)
+{
+ PORT_Free(pctx);
+}
diff --git a/security/nss/lib/softoken/sftkpars.c b/security/nss/lib/softoken/sftkpars.c
new file mode 100644
index 000000000..e972fe854
--- /dev/null
+++ b/security/nss/lib/softoken/sftkpars.c
@@ -0,0 +1,251 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. This file is written to abstract away how the modules are
+ * stored so we can deside that later.
+ */
+#include "pkcs11i.h"
+#include "sdb.h"
+#include "prprf.h"
+#include "prenv.h"
+#include "utilpars.h"
+
+#define FREE_CLEAR(p) \
+ if (p) { \
+ PORT_Free(p); \
+ p = NULL; \
+ }
+
+static void
+sftk_parseTokenFlags(char *tmp, sftk_token_parameters *parsed)
+{
+ parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);
+ parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);
+ parsed->noKeyDB = NSSUTIL_ArgHasFlag("flags", "noKeyDB", tmp);
+ parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);
+ parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);
+ parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);
+ return;
+}
+
+static void
+sftk_parseFlags(char *tmp, sftk_parameters *parsed)
+{
+ parsed->noModDB = NSSUTIL_ArgHasFlag("flags", "noModDB", tmp);
+ parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);
+ /* keep legacy interface working */
+ parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);
+ parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);
+ parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);
+ parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);
+ return;
+}
+
+static CK_RV
+sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed)
+{
+ int next;
+ char *tmp = NULL;
+ const char *index;
+ index = NSSUTIL_ArgStrip(param);
+
+ while (*index) {
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updCertPrefix, "updateCertPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updKeyPrefix, "updateKeyPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->certPrefix, "certPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->keyPrefix, "keyPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->tokdes, "tokenDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updtokdes, "updateTokenDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->slotdes, "slotDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, tmp, "minPWLen=",
+ if (tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); tmp = NULL; })
+ NSSUTIL_HANDLE_STRING_ARG(index, tmp, "flags=",
+ if (tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })
+ NSSUTIL_HANDLE_FINAL_ARG(index)
+ }
+ return CKR_OK;
+}
+
+static void
+sftk_parseTokens(char *tokenParams, sftk_parameters *parsed)
+{
+ const char *tokenIndex;
+ sftk_token_parameters *tokens = NULL;
+ int i = 0, count = 0, next;
+
+ if ((tokenParams == NULL) || (*tokenParams == 0))
+ return;
+
+ /* first count the number of slots */
+ for (tokenIndex = NSSUTIL_ArgStrip(tokenParams); *tokenIndex;
+ tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) {
+ count++;
+ }
+
+ /* get the data structures */
+ tokens = (sftk_token_parameters *)
+ PORT_ZAlloc(count * sizeof(sftk_token_parameters));
+ if (tokens == NULL)
+ return;
+
+ for (tokenIndex = NSSUTIL_ArgStrip(tokenParams), i = 0;
+ *tokenIndex && i < count; i++) {
+ char *name;
+ name = NSSUTIL_ArgGetLabel(tokenIndex, &next);
+ tokenIndex += next;
+
+ tokens[i].slotID = NSSUTIL_ArgDecodeNumber(name);
+ tokens[i].readOnly = PR_FALSE;
+ tokens[i].noCertDB = PR_FALSE;
+ tokens[i].noKeyDB = PR_FALSE;
+ if (!NSSUTIL_ArgIsBlank(*tokenIndex)) {
+ char *args = NSSUTIL_ArgFetchValue(tokenIndex, &next);
+ tokenIndex += next;
+ if (args) {
+ sftk_parseTokenParameters(args, &tokens[i]);
+ PORT_Free(args);
+ }
+ }
+ if (name)
+ PORT_Free(name);
+ tokenIndex = NSSUTIL_ArgStrip(tokenIndex);
+ }
+ parsed->token_count = i;
+ parsed->tokens = tokens;
+ return;
+}
+
+CK_RV
+sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)
+{
+ int next;
+ char *tmp = NULL;
+ const char *index;
+ char *certPrefix = NULL, *keyPrefix = NULL;
+ char *tokdes = NULL, *ptokdes = NULL, *pupdtokdes = NULL;
+ char *slotdes = NULL, *pslotdes = NULL;
+ char *fslotdes = NULL, *ftokdes = NULL;
+ char *minPW = NULL;
+ index = NSSUTIL_ArgStrip(param);
+
+ PORT_Memset(parsed, 0, sizeof(sftk_parameters));
+
+ while (*index) {
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->secmodName, "secmod=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->man, "manufacturerID=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, parsed->libdes, "libraryDescription=", ;)
+ /* constructed values, used so legacy interfaces still work */
+ NSSUTIL_HANDLE_STRING_ARG(index, certPrefix, "certPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, keyPrefix, "keyPrefix=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, tokdes, "cryptoTokenDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, ptokdes, "dbTokenDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, slotdes, "cryptoSlotDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, pslotdes, "dbSlotDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, fslotdes, "FIPSSlotDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, ftokdes, "FIPSTokenDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, pupdtokdes, "updateTokenDescription=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(index, minPW, "minPWLen=", ;)
+
+ NSSUTIL_HANDLE_STRING_ARG(index, tmp, "flags=",
+ if (tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })
+ NSSUTIL_HANDLE_STRING_ARG(index, tmp, "tokens=",
+ if (tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); tmp = NULL; })
+ NSSUTIL_HANDLE_FINAL_ARG(index)
+ }
+ if (parsed->tokens == NULL) {
+ int count = isFIPS ? 1 : 2;
+ int index = count - 1;
+ sftk_token_parameters *tokens = NULL;
+
+ tokens = (sftk_token_parameters *)
+ PORT_ZAlloc(count * sizeof(sftk_token_parameters));
+ if (tokens == NULL) {
+ goto loser;
+ }
+ parsed->tokens = tokens;
+ parsed->token_count = count;
+ tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
+ tokens[index].certPrefix = certPrefix;
+ tokens[index].keyPrefix = keyPrefix;
+ tokens[index].minPW = minPW ? atoi(minPW) : 0;
+ tokens[index].readOnly = parsed->readOnly;
+ tokens[index].noCertDB = parsed->noCertDB;
+ tokens[index].noKeyDB = parsed->noCertDB;
+ tokens[index].forceOpen = parsed->forceOpen;
+ tokens[index].pwRequired = parsed->pwRequired;
+ tokens[index].optimizeSpace = parsed->optimizeSpace;
+ tokens[0].optimizeSpace = parsed->optimizeSpace;
+ certPrefix = NULL;
+ keyPrefix = NULL;
+ if (isFIPS) {
+ tokens[index].tokdes = ftokdes;
+ tokens[index].updtokdes = pupdtokdes;
+ tokens[index].slotdes = fslotdes;
+ fslotdes = NULL;
+ ftokdes = NULL;
+ pupdtokdes = NULL;
+ } else {
+ tokens[index].tokdes = ptokdes;
+ tokens[index].updtokdes = pupdtokdes;
+ tokens[index].slotdes = pslotdes;
+ tokens[0].slotID = NETSCAPE_SLOT_ID;
+ tokens[0].tokdes = tokdes;
+ tokens[0].slotdes = slotdes;
+ tokens[0].noCertDB = PR_TRUE;
+ tokens[0].noKeyDB = PR_TRUE;
+ pupdtokdes = NULL;
+ ptokdes = NULL;
+ pslotdes = NULL;
+ tokdes = NULL;
+ slotdes = NULL;
+ }
+ }
+
+loser:
+ FREE_CLEAR(certPrefix);
+ FREE_CLEAR(keyPrefix);
+ FREE_CLEAR(tokdes);
+ FREE_CLEAR(ptokdes);
+ FREE_CLEAR(pupdtokdes);
+ FREE_CLEAR(slotdes);
+ FREE_CLEAR(pslotdes);
+ FREE_CLEAR(fslotdes);
+ FREE_CLEAR(ftokdes);
+ FREE_CLEAR(minPW);
+ return CKR_OK;
+}
+
+void
+sftk_freeParams(sftk_parameters *params)
+{
+ int i;
+
+ for (i = 0; i < params->token_count; i++) {
+ FREE_CLEAR(params->tokens[i].configdir);
+ FREE_CLEAR(params->tokens[i].certPrefix);
+ FREE_CLEAR(params->tokens[i].keyPrefix);
+ FREE_CLEAR(params->tokens[i].tokdes);
+ FREE_CLEAR(params->tokens[i].slotdes);
+ FREE_CLEAR(params->tokens[i].updatedir);
+ FREE_CLEAR(params->tokens[i].updCertPrefix);
+ FREE_CLEAR(params->tokens[i].updKeyPrefix);
+ FREE_CLEAR(params->tokens[i].updateID);
+ FREE_CLEAR(params->tokens[i].updtokdes);
+ }
+
+ FREE_CLEAR(params->configdir);
+ FREE_CLEAR(params->secmodName);
+ FREE_CLEAR(params->man);
+ FREE_CLEAR(params->libdes);
+ FREE_CLEAR(params->tokens);
+ FREE_CLEAR(params->updatedir);
+ FREE_CLEAR(params->updateID);
+}
diff --git a/security/nss/lib/softoken/sftkpars.h b/security/nss/lib/softoken/sftkpars.h
new file mode 100644
index 000000000..a7707fc2b
--- /dev/null
+++ b/security/nss/lib/softoken/sftkpars.h
@@ -0,0 +1,14 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "pkcs11i.h"
+#include "sftkdbt.h"
+
+/* parsing functions */
+char *sftk_argFetchValue(char *string, int *pcount);
+char *sftk_getSecmodName(char *param, SDBType *dbType, char **appName, char **filename, PRBool *rw);
+char *sftk_argStrip(char *c);
+CK_RV sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS);
+void sftk_freeParams(sftk_parameters *params);
+const char *sftk_EvaluateConfigDir(const char *configdir, SDBType *dbType, char **app);
+char *sftk_argGetParamValue(char *paramName, char *parameters);
diff --git a/security/nss/lib/softoken/sftkpwd.c b/security/nss/lib/softoken/sftkpwd.c
new file mode 100644
index 000000000..0b8c91bfd
--- /dev/null
+++ b/security/nss/lib/softoken/sftkpwd.c
@@ -0,0 +1,1261 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. For the rest of NSS, only one kind of database handle exists:
+ *
+ * SFTKDBHandle
+ *
+ * There is one SFTKDBHandle for the each key database and one for each cert
+ * database. These databases are opened as associated pairs, one pair per
+ * slot. SFTKDBHandles are reference counted objects.
+ *
+ * Each SFTKDBHandle points to a low level database handle (SDB). This handle
+ * represents the underlying physical database. These objects are not
+ * reference counted, an are 'owned' by their respective SFTKDBHandles.
+ *
+ *
+ */
+#include "sftkdb.h"
+#include "sftkdbti.h"
+#include "pkcs11t.h"
+#include "pkcs11i.h"
+#include "sdb.h"
+#include "prprf.h"
+#include "secasn1.h"
+#include "pratom.h"
+#include "blapi.h"
+#include "secoid.h"
+#include "lowpbe.h"
+#include "secdert.h"
+#include "prsystem.h"
+#include "lgglue.h"
+#include "secerr.h"
+#include "softoken.h"
+
+/******************************************************************
+ *
+ * Key DB password handling functions
+ *
+ * These functions manage the key db password (set, reset, initialize, use).
+ *
+ * The key is managed on 'this side' of the database. All private data is
+ * encrypted before it is sent to the database itself. Besides PBE's, the
+ * database management code can also mix in various fixed keys so the data
+ * in the database is no longer considered 'plain text'.
+ */
+
+/* take string password and turn it into a key. The key is dependent
+ * on a global salt entry acquired from the database. This salted
+ * value will be based to a pkcs5 pbe function before it is used
+ * in an actual encryption */
+static SECStatus
+sftkdb_passwordToKey(SFTKDBHandle *keydb, SECItem *salt,
+ const char *pw, SECItem *key)
+{
+ SHA1Context *cx = NULL;
+ SECStatus rv = SECFailure;
+
+ key->data = PORT_Alloc(SHA1_LENGTH);
+ if (key->data == NULL) {
+ goto loser;
+ }
+ key->len = SHA1_LENGTH;
+
+ cx = SHA1_NewContext();
+ if (cx == NULL) {
+ goto loser;
+ }
+ SHA1_Begin(cx);
+ if (salt && salt->data) {
+ SHA1_Update(cx, salt->data, salt->len);
+ }
+ SHA1_Update(cx, (unsigned char *)pw, PORT_Strlen(pw));
+ SHA1_End(cx, key->data, &key->len, key->len);
+ rv = SECSuccess;
+
+loser:
+ if (cx) {
+ SHA1_DestroyContext(cx, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ if (key->data != NULL) {
+ PORT_ZFree(key->data, key->len);
+ }
+ key->data = NULL;
+ }
+ return rv;
+}
+
+/*
+ * Cipher text stored in the database contains 3 elements:
+ * 1) an identifier describing the encryption algorithm.
+ * 2) an entry specific salt value.
+ * 3) the encrypted value.
+ *
+ * The following data structure represents the encrypted data in a decoded
+ * (but still encrypted) form.
+ */
+typedef struct sftkCipherValueStr sftkCipherValue;
+struct sftkCipherValueStr {
+ PLArenaPool *arena;
+ SECOidTag alg;
+ NSSPKCS5PBEParameter *param;
+ SECItem salt;
+ SECItem value;
+};
+
+#define SFTK_CIPHERTEXT_VERSION 3
+
+struct SFTKDBEncryptedDataInfoStr {
+ SECAlgorithmID algorithm;
+ SECItem encryptedData;
+};
+typedef struct SFTKDBEncryptedDataInfoStr SFTKDBEncryptedDataInfo;
+
+SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
+
+const SEC_ASN1Template sftkdb_EncryptedDataInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SFTKDBEncryptedDataInfo) },
+ { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
+ offsetof(SFTKDBEncryptedDataInfo, algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SFTKDBEncryptedDataInfo, encryptedData) },
+ { 0 }
+};
+
+/*
+ * This parses the cipherText into cipher value. NOTE: cipherValue will point
+ * to data in cipherText, if cipherText is freed, cipherValue will be invalid.
+ */
+static SECStatus
+sftkdb_decodeCipherText(SECItem *cipherText, sftkCipherValue *cipherValue)
+{
+ PLArenaPool *arena = NULL;
+ SFTKDBEncryptedDataInfo edi;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return SECFailure;
+ }
+ cipherValue->arena = NULL;
+ cipherValue->param = NULL;
+
+ rv = SEC_QuickDERDecodeItem(arena, &edi, sftkdb_EncryptedDataInfoTemplate,
+ cipherText);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ cipherValue->alg = SECOID_GetAlgorithmTag(&edi.algorithm);
+ cipherValue->param = nsspkcs5_AlgidToParam(&edi.algorithm);
+ if (cipherValue->param == NULL) {
+ goto loser;
+ }
+ cipherValue->value = edi.encryptedData;
+ cipherValue->arena = arena;
+
+ return SECSuccess;
+loser:
+ if (cipherValue->param) {
+ nsspkcs5_DestroyPBEParameter(cipherValue->param);
+ cipherValue->param = NULL;
+ }
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ return SECFailure;
+}
+
+/*
+ * unlike decode, Encode actually allocates a SECItem the caller must free
+ * The caller can pass an optional arena to to indicate where to place
+ * the resultant cipherText.
+ */
+static SECStatus
+sftkdb_encodeCipherText(PLArenaPool *arena, sftkCipherValue *cipherValue,
+ SECItem **cipherText)
+{
+ SFTKDBEncryptedDataInfo edi;
+ SECAlgorithmID *algid;
+ SECStatus rv;
+ PLArenaPool *localArena = NULL;
+
+ localArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (localArena == NULL) {
+ return SECFailure;
+ }
+
+ algid = nsspkcs5_CreateAlgorithmID(localArena, cipherValue->alg,
+ cipherValue->param);
+ if (algid == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ rv = SECOID_CopyAlgorithmID(localArena, &edi.algorithm, algid);
+ SECOID_DestroyAlgorithmID(algid, PR_TRUE);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ edi.encryptedData = cipherValue->value;
+
+ *cipherText = SEC_ASN1EncodeItem(arena, NULL, &edi,
+ sftkdb_EncryptedDataInfoTemplate);
+ if (*cipherText == NULL) {
+ rv = SECFailure;
+ }
+
+loser:
+ if (localArena) {
+ PORT_FreeArena(localArena, PR_FALSE);
+ }
+
+ return rv;
+}
+
+/*
+ * Use our key to decode a cipherText block from the database.
+ *
+ * plain text is allocated by nsspkcs5_CipherData and must be freed
+ * with SECITEM_FreeItem by the caller.
+ */
+SECStatus
+sftkdb_DecryptAttribute(SECItem *passKey, SECItem *cipherText, SECItem **plain)
+{
+ SECStatus rv;
+ sftkCipherValue cipherValue;
+
+ /* First get the cipher type */
+ rv = sftkdb_decodeCipherText(cipherText, &cipherValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ *plain = nsspkcs5_CipherData(cipherValue.param, passKey, &cipherValue.value,
+ PR_FALSE, NULL);
+ if (*plain == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+loser:
+ if (cipherValue.param) {
+ nsspkcs5_DestroyPBEParameter(cipherValue.param);
+ }
+ if (cipherValue.arena) {
+ PORT_FreeArena(cipherValue.arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*
+ * encrypt a block. This function returned the encrypted ciphertext which
+ * the caller must free. If the caller provides an arena, cipherText will
+ * be allocated out of that arena. This also generated the per entry
+ * salt automatically.
+ */
+SECStatus
+sftkdb_EncryptAttribute(PLArenaPool *arena, SECItem *passKey,
+ SECItem *plainText, SECItem **cipherText)
+{
+ SECStatus rv;
+ sftkCipherValue cipherValue;
+ SECItem *cipher = NULL;
+ NSSPKCS5PBEParameter *param = NULL;
+ unsigned char saltData[HASH_LENGTH_MAX];
+
+ cipherValue.alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
+ cipherValue.salt.len = SHA1_LENGTH;
+ cipherValue.salt.data = saltData;
+ RNG_GenerateGlobalRandomBytes(saltData, cipherValue.salt.len);
+
+ param = nsspkcs5_NewParam(cipherValue.alg, HASH_AlgSHA1, &cipherValue.salt,
+ 1);
+ if (param == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ cipher = nsspkcs5_CipherData(param, passKey, plainText, PR_TRUE, NULL);
+ if (cipher == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ cipherValue.value = *cipher;
+ cipherValue.param = param;
+
+ rv = sftkdb_encodeCipherText(arena, &cipherValue, cipherText);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+loser:
+ if (cipher) {
+ SECITEM_FreeItem(cipher, PR_TRUE);
+ }
+ if (param) {
+ nsspkcs5_DestroyPBEParameter(param);
+ }
+ return rv;
+}
+
+/*
+ * use the password and the pbe parameters to generate an HMAC for the
+ * given plain text data. This is used by sftkdb_VerifyAttribute and
+ * sftkdb_SignAttribute. Signature is returned in signData. The caller
+ * must preallocate the space in the secitem.
+ */
+static SECStatus
+sftkdb_pbehash(SECOidTag sigOid, SECItem *passKey,
+ NSSPKCS5PBEParameter *param,
+ CK_OBJECT_HANDLE objectID, CK_ATTRIBUTE_TYPE attrType,
+ SECItem *plainText, SECItem *signData)
+{
+ SECStatus rv = SECFailure;
+ SECItem *key = NULL;
+ HMACContext *hashCx = NULL;
+ HASH_HashType hashType = HASH_AlgNULL;
+ const SECHashObject *hashObj;
+ unsigned char addressData[SDB_ULONG_SIZE];
+
+ hashType = HASH_FromHMACOid(param->encAlg);
+ if (hashType == HASH_AlgNULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ hashObj = HASH_GetRawHashObject(hashType);
+ if (hashObj == NULL) {
+ goto loser;
+ }
+
+ key = nsspkcs5_ComputeKeyAndIV(param, passKey, NULL, PR_FALSE);
+ if (!key) {
+ goto loser;
+ }
+
+ hashCx = HMAC_Create(hashObj, key->data, key->len, PR_TRUE);
+ if (!hashCx) {
+ goto loser;
+ }
+ HMAC_Begin(hashCx);
+ /* Tie this value to a particular object. This is most important for
+ * the trust attributes, where and attacker could copy a value for
+ * 'validCA' from another cert in the database */
+ sftk_ULong2SDBULong(addressData, objectID);
+ HMAC_Update(hashCx, addressData, SDB_ULONG_SIZE);
+ sftk_ULong2SDBULong(addressData, attrType);
+ HMAC_Update(hashCx, addressData, SDB_ULONG_SIZE);
+
+ HMAC_Update(hashCx, plainText->data, plainText->len);
+ rv = HMAC_Finish(hashCx, signData->data, &signData->len, signData->len);
+
+loser:
+ if (hashCx) {
+ HMAC_Destroy(hashCx, PR_TRUE);
+ }
+ if (key) {
+ SECITEM_FreeItem(key, PR_TRUE);
+ }
+ return rv;
+}
+
+/*
+ * Use our key to verify a signText block from the database matches
+ * the plainText from the database. The signText is a PKCS 5 v2 pbe.
+ * plainText is the plainText of the attribute.
+ */
+SECStatus
+sftkdb_VerifyAttribute(SECItem *passKey, CK_OBJECT_HANDLE objectID,
+ CK_ATTRIBUTE_TYPE attrType,
+ SECItem *plainText, SECItem *signText)
+{
+ SECStatus rv;
+ sftkCipherValue signValue;
+ SECItem signature;
+ unsigned char signData[HASH_LENGTH_MAX];
+
+ /* First get the cipher type */
+ rv = sftkdb_decodeCipherText(signText, &signValue);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ signature.data = signData;
+ signature.len = sizeof(signData);
+
+ rv = sftkdb_pbehash(signValue.alg, passKey, signValue.param,
+ objectID, attrType, plainText, &signature);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (SECITEM_CompareItem(&signValue.value, &signature) != 0) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ }
+
+loser:
+ if (signValue.param) {
+ nsspkcs5_DestroyPBEParameter(signValue.param);
+ }
+ if (signValue.arena) {
+ PORT_FreeArena(signValue.arena, PR_FALSE);
+ }
+ return rv;
+}
+
+/*
+ * Use our key to create a signText block the plain text of an
+ * attribute. The signText is a PKCS 5 v2 pbe.
+ */
+SECStatus
+sftkdb_SignAttribute(PLArenaPool *arena, SECItem *passKey,
+ CK_OBJECT_HANDLE objectID, CK_ATTRIBUTE_TYPE attrType,
+ SECItem *plainText, SECItem **signature)
+{
+ SECStatus rv;
+ sftkCipherValue signValue;
+ NSSPKCS5PBEParameter *param = NULL;
+ unsigned char saltData[HASH_LENGTH_MAX];
+ unsigned char signData[HASH_LENGTH_MAX];
+ SECOidTag hmacAlg = SEC_OID_HMAC_SHA256; /* hash for authentication */
+ SECOidTag prfAlg = SEC_OID_HMAC_SHA256; /* hash for pb key generation */
+ HASH_HashType prfType;
+ unsigned int hmacLength;
+ unsigned int prfLength;
+
+ /* this code allows us to fetch the lengths and hashes on the fly
+ * by simply changing the OID above */
+ prfType = HASH_FromHMACOid(prfAlg);
+ PORT_Assert(prfType != HASH_AlgNULL);
+ prfLength = HASH_GetRawHashObject(prfType)->length;
+ PORT_Assert(prfLength <= HASH_LENGTH_MAX);
+
+ hmacLength = HASH_GetRawHashObject(HASH_FromHMACOid(hmacAlg))->length;
+ PORT_Assert(hmacLength <= HASH_LENGTH_MAX);
+
+ /* initialize our CipherValue structure */
+ signValue.alg = SEC_OID_PKCS5_PBMAC1;
+ signValue.salt.len = prfLength;
+ signValue.salt.data = saltData;
+ signValue.value.data = signData;
+ signValue.value.len = hmacLength;
+ RNG_GenerateGlobalRandomBytes(saltData, prfLength);
+
+ /* initialize our pkcs5 parameter */
+ param = nsspkcs5_NewParam(signValue.alg, HASH_AlgSHA1, &signValue.salt, 1);
+ if (param == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ param->keyID = pbeBitGenIntegrityKey;
+ /* set the PKCS 5 v2 parameters, not extractable from the
+ * data passed into nsspkcs5_NewParam */
+ param->encAlg = hmacAlg;
+ param->hashType = prfType;
+ param->keyLen = hmacLength;
+ rv = SECOID_SetAlgorithmID(param->poolp, &param->prfAlg, prfAlg, NULL);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* calculate the mac */
+ rv = sftkdb_pbehash(signValue.alg, passKey, param, objectID, attrType,
+ plainText, &signValue.value);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ signValue.param = param;
+
+ /* write it out */
+ rv = sftkdb_encodeCipherText(arena, &signValue, signature);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+loser:
+ if (param) {
+ nsspkcs5_DestroyPBEParameter(param);
+ }
+ return rv;
+}
+
+/*
+ * safely swith the passed in key for the one caches in the keydb handle
+ *
+ * A key attached to the handle tells us the the token is logged in.
+ * We can used the key attached to the handle in sftkdb_EncryptAttribute
+ * and sftkdb_DecryptAttribute calls.
+ */
+static void
+sftkdb_switchKeys(SFTKDBHandle *keydb, SECItem *passKey)
+{
+ unsigned char *data;
+ int len;
+
+ if (keydb->passwordLock == NULL) {
+ PORT_Assert(keydb->type != SFTK_KEYDB_TYPE);
+ return;
+ }
+
+ /* an atomic pointer set would be nice */
+ SKIP_AFTER_FORK(PZ_Lock(keydb->passwordLock));
+ data = keydb->passwordKey.data;
+ len = keydb->passwordKey.len;
+ keydb->passwordKey.data = passKey->data;
+ keydb->passwordKey.len = passKey->len;
+ passKey->data = data;
+ passKey->len = len;
+ SKIP_AFTER_FORK(PZ_Unlock(keydb->passwordLock));
+}
+
+/*
+ * returns true if we are in a middle of a merge style update.
+ */
+PRBool
+sftkdb_InUpdateMerge(SFTKDBHandle *keydb)
+{
+ return keydb->updateID ? PR_TRUE : PR_FALSE;
+}
+
+/*
+ * returns true if we are looking for the password for the user's old source
+ * database as part of a merge style update.
+ */
+PRBool
+sftkdb_NeedUpdateDBPassword(SFTKDBHandle *keydb)
+{
+ if (!sftkdb_InUpdateMerge(keydb)) {
+ return PR_FALSE;
+ }
+ if (keydb->updateDBIsInit && !keydb->updatePasswordKey) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+/*
+ * fetch an update password key from a handle.
+ */
+SECItem *
+sftkdb_GetUpdatePasswordKey(SFTKDBHandle *handle)
+{
+ SECItem *key = NULL;
+
+ /* if we're a cert db, fetch it from our peer key db */
+ if (handle->type == SFTK_CERTDB_TYPE) {
+ handle = handle->peerDB;
+ }
+
+ /* don't have one */
+ if (!handle) {
+ return NULL;
+ }
+
+ PZ_Lock(handle->passwordLock);
+ if (handle->updatePasswordKey) {
+ key = SECITEM_DupItem(handle->updatePasswordKey);
+ }
+ PZ_Unlock(handle->passwordLock);
+
+ return key;
+}
+
+/*
+ * free the update password key from a handle.
+ */
+void
+sftkdb_FreeUpdatePasswordKey(SFTKDBHandle *handle)
+{
+ SECItem *key = NULL;
+
+ /* don't have one */
+ if (!handle) {
+ return;
+ }
+
+ /* if we're a cert db, we don't have one */
+ if (handle->type == SFTK_CERTDB_TYPE) {
+ return;
+ }
+
+ PZ_Lock(handle->passwordLock);
+ if (handle->updatePasswordKey) {
+ key = handle->updatePasswordKey;
+ handle->updatePasswordKey = NULL;
+ }
+ PZ_Unlock(handle->passwordLock);
+
+ if (key) {
+ SECITEM_ZfreeItem(key, PR_TRUE);
+ }
+
+ return;
+}
+
+/*
+ * what password db we use depends heavily on the update state machine
+ *
+ * 1) no update db, return the normal database.
+ * 2) update db and no merge return the update db.
+ * 3) update db and in merge:
+ * return the update db if we need the update db's password,
+ * otherwise return our normal datbase.
+ */
+static SDB *
+sftk_getPWSDB(SFTKDBHandle *keydb)
+{
+ if (!keydb->update) {
+ return keydb->db;
+ }
+ if (!sftkdb_InUpdateMerge(keydb)) {
+ return keydb->update;
+ }
+ if (sftkdb_NeedUpdateDBPassword(keydb)) {
+ return keydb->update;
+ }
+ return keydb->db;
+}
+
+/*
+ * return success if we have a valid password entry.
+ * This is will show up outside of PKCS #11 as CKF_USER_PIN_INIT
+ * in the token flags.
+ */
+SECStatus
+sftkdb_HasPasswordSet(SFTKDBHandle *keydb)
+{
+ SECItem salt, value;
+ unsigned char saltData[SDB_MAX_META_DATA_LEN];
+ unsigned char valueData[SDB_MAX_META_DATA_LEN];
+ CK_RV crv;
+ SDB *db;
+
+ if (keydb == NULL) {
+ return SECFailure;
+ }
+
+ db = sftk_getPWSDB(keydb);
+ if (db == NULL) {
+ return SECFailure;
+ }
+
+ salt.data = saltData;
+ salt.len = sizeof(saltData);
+ value.data = valueData;
+ value.len = sizeof(valueData);
+ crv = (*db->sdb_GetMetaData)(db, "password", &salt, &value);
+
+ /* If no password is set, we can update right away */
+ if (((keydb->db->sdb_flags & SDB_RDONLY) == 0) && keydb->update && crv != CKR_OK) {
+ /* update the peer certdb if it exists */
+ if (keydb->peerDB) {
+ sftkdb_Update(keydb->peerDB, NULL);
+ }
+ sftkdb_Update(keydb, NULL);
+ }
+ return (crv == CKR_OK) ? SECSuccess : SECFailure;
+}
+
+#define SFTK_PW_CHECK_STRING "password-check"
+#define SFTK_PW_CHECK_LEN 14
+
+/*
+ * check if the supplied password is valid
+ */
+SECStatus
+sftkdb_CheckPassword(SFTKDBHandle *keydb, const char *pw, PRBool *tokenRemoved)
+{
+ SECStatus rv;
+ SECItem salt, value;
+ unsigned char saltData[SDB_MAX_META_DATA_LEN];
+ unsigned char valueData[SDB_MAX_META_DATA_LEN];
+ SECItem key;
+ SECItem *result = NULL;
+ SDB *db;
+ CK_RV crv;
+
+ if (keydb == NULL) {
+ return SECFailure;
+ }
+
+ db = sftk_getPWSDB(keydb);
+ if (db == NULL) {
+ return SECFailure;
+ }
+
+ key.data = NULL;
+ key.len = 0;
+
+ if (pw == NULL)
+ pw = "";
+
+ /* get the entry from the database */
+ salt.data = saltData;
+ salt.len = sizeof(saltData);
+ value.data = valueData;
+ value.len = sizeof(valueData);
+ crv = (*db->sdb_GetMetaData)(db, "password", &salt, &value);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* get our intermediate key based on the entry salt value */
+ rv = sftkdb_passwordToKey(keydb, &salt, pw, &key);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* decrypt the entry value */
+ rv = sftkdb_DecryptAttribute(&key, &value, &result);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* if it's what we expect, update our key in the database handle and
+ * return Success */
+ if ((result->len == SFTK_PW_CHECK_LEN) &&
+ PORT_Memcmp(result->data, SFTK_PW_CHECK_STRING, SFTK_PW_CHECK_LEN) == 0) {
+ /*
+ * We have a password, now lets handle any potential update cases..
+ *
+ * First, the normal case: no update. In this case we only need the
+ * the password for our only DB, which we now have, we switch
+ * the keys and fall through.
+ * Second regular (non-merge) update: The target DB does not yet have
+ * a password initialized, we now have the password for the source DB,
+ * so we can switch the keys and simply update the target database.
+ * Merge update case: This one is trickier.
+ * 1) If we need the source DB password, then we just got it here.
+ * We need to save that password,
+ * then we need to check to see if we need or have the target
+ * database password.
+ * If we have it (it's the same as the source), or don't need
+ * it (it's not set or is ""), we can start the update now.
+ * If we don't have it, we need the application to get it from
+ * the user. Clear our sessions out to simulate a token
+ * removal. C_GetTokenInfo will change the token description
+ * and the token will still appear to be logged out.
+ * 2) If we already have the source DB password, this password is
+ * for the target database. We can now move forward with the
+ * update, as we now have both required passwords.
+ *
+ */
+ PZ_Lock(keydb->passwordLock);
+ if (sftkdb_NeedUpdateDBPassword(keydb)) {
+ /* Squirrel this special key away.
+ * This has the side effect of turning sftkdb_NeedLegacyPW off,
+ * as well as changing which database is returned from
+ * SFTK_GET_PW_DB (thus effecting both sftkdb_CheckPassword()
+ * and sftkdb_HasPasswordSet()) */
+ keydb->updatePasswordKey = SECITEM_DupItem(&key);
+ PZ_Unlock(keydb->passwordLock);
+ if (keydb->updatePasswordKey == NULL) {
+ /* PORT_Error set by SECITEM_DupItem */
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* Simulate a token removal -- we need to do this any
+ * any case at this point so the token name is correct. */
+ *tokenRemoved = PR_TRUE;
+
+ /*
+ * OK, we got the update DB password, see if we need a password
+ * for the target...
+ */
+ if (sftkdb_HasPasswordSet(keydb) == SECSuccess) {
+ /* We have a password, do we know what the password is?
+ * check 1) for the password the user supplied for the
+ * update DB,
+ * and 2) for the null password.
+ *
+ * RECURSION NOTE: we are calling ourselves here. This means
+ * any updates, switchKeys, etc will have been completed
+ * if these functions return successfully, in those cases
+ * just exit returning Success. We don't recurse infinitely
+ * because we are making this call from a NeedUpdateDBPassword
+ * block and we've already set that update password at this
+ * point. */
+ rv = sftkdb_CheckPassword(keydb, pw, tokenRemoved);
+ if (rv == SECSuccess) {
+ /* source and target databases have the same password, we
+ * are good to go */
+ goto done;
+ }
+ sftkdb_CheckPassword(keydb, "", tokenRemoved);
+
+ /*
+ * Important 'NULL' code here. At this point either we
+ * succeeded in logging in with "" or we didn't.
+ *
+ * If we did succeed at login, our machine state will be set
+ * to logged in appropriately. The application will find that
+ * it's logged in as soon as it opens a new session. We have
+ * also completed the update. Life is good.
+ *
+ * If we did not succeed, well the user still successfully
+ * logged into the update database, since we faked the token
+ * removal it's just like the user logged into his smart card
+ * then removed it. the actual login work, so we report that
+ * success back to the user, but we won't actually be
+ * logged in. The application will find this out when it
+ * checks it's login state, thus triggering another password
+ * prompt so we can get the real target DB password.
+ *
+ * summary, we exit from here with SECSuccess no matter what.
+ */
+ rv = SECSuccess;
+ goto done;
+ } else {
+ /* there is no password, just fall through to update.
+ * update will write the source DB's password record
+ * into the target DB just like it would in a non-merge
+ * update case. */
+ }
+ } else {
+ PZ_Unlock(keydb->passwordLock);
+ }
+ /* load the keys, so the keydb can parse it's key set */
+ sftkdb_switchKeys(keydb, &key);
+
+ /* we need to update, do it now */
+ if (((keydb->db->sdb_flags & SDB_RDONLY) == 0) && keydb->update) {
+ /* update the peer certdb if it exists */
+ if (keydb->peerDB) {
+ sftkdb_Update(keydb->peerDB, &key);
+ }
+ sftkdb_Update(keydb, &key);
+ }
+ } else {
+ rv = SECFailure;
+ /*PORT_SetError( bad password); */
+ }
+
+done:
+ if (key.data) {
+ PORT_ZFree(key.data, key.len);
+ }
+ if (result) {
+ SECITEM_FreeItem(result, PR_TRUE);
+ }
+ return rv;
+}
+
+/*
+ * return Success if the there is a cached password key.
+ */
+SECStatus
+sftkdb_PWCached(SFTKDBHandle *keydb)
+{
+ return keydb->passwordKey.data ? SECSuccess : SECFailure;
+}
+
+static CK_RV
+sftk_updateMacs(PLArenaPool *arena, SFTKDBHandle *handle,
+ CK_OBJECT_HANDLE id, SECItem *newKey)
+{
+ CK_ATTRIBUTE authAttrs[] = {
+ { CKA_MODULUS, NULL, 0 },
+ { CKA_PUBLIC_EXPONENT, NULL, 0 },
+ { CKA_CERT_SHA1_HASH, NULL, 0 },
+ { CKA_CERT_MD5_HASH, NULL, 0 },
+ { CKA_TRUST_SERVER_AUTH, NULL, 0 },
+ { CKA_TRUST_CLIENT_AUTH, NULL, 0 },
+ { CKA_TRUST_EMAIL_PROTECTION, NULL, 0 },
+ { CKA_TRUST_CODE_SIGNING, NULL, 0 },
+ { CKA_TRUST_STEP_UP_APPROVED, NULL, 0 },
+ { CKA_NSS_OVERRIDE_EXTENSIONS, NULL, 0 },
+ };
+ CK_ULONG authAttrCount = sizeof(authAttrs) / sizeof(CK_ATTRIBUTE);
+ unsigned int i, count;
+ SFTKDBHandle *keyHandle = handle;
+ SDB *keyTarget = NULL;
+
+ id &= SFTK_OBJ_ID_MASK;
+
+ if (handle->type != SFTK_KEYDB_TYPE) {
+ keyHandle = handle->peerDB;
+ }
+
+ if (keyHandle == NULL) {
+ return CKR_OK;
+ }
+
+ /* old DB's don't have meta data, finished with MACs */
+ keyTarget = SFTK_GET_SDB(keyHandle);
+ if ((keyTarget->sdb_flags & SDB_HAS_META) == 0) {
+ return CKR_OK;
+ }
+
+ /*
+ * STEP 1: find the MACed attributes of this object
+ */
+ (void)sftkdb_GetAttributeValue(handle, id, authAttrs, authAttrCount);
+ count = 0;
+ /* allocate space for the attributes */
+ for (i = 0; i < authAttrCount; i++) {
+ if ((authAttrs[i].ulValueLen == -1) || (authAttrs[i].ulValueLen == 0)) {
+ continue;
+ }
+ count++;
+ authAttrs[i].pValue = PORT_ArenaAlloc(arena, authAttrs[i].ulValueLen);
+ if (authAttrs[i].pValue == NULL) {
+ break;
+ }
+ }
+
+ /* if count was zero, none were found, finished with MACs */
+ if (count == 0) {
+ return CKR_OK;
+ }
+
+ (void)sftkdb_GetAttributeValue(handle, id, authAttrs, authAttrCount);
+ /* ignore error code, we expect some possible errors */
+
+ /* GetAttributeValue just verified the old macs, safe to write
+ * them out then... */
+ for (i = 0; i < authAttrCount; i++) {
+ SECItem *signText;
+ SECItem plainText;
+ SECStatus rv;
+
+ if ((authAttrs[i].ulValueLen == -1) || (authAttrs[i].ulValueLen == 0)) {
+ continue;
+ }
+
+ plainText.data = authAttrs[i].pValue;
+ plainText.len = authAttrs[i].ulValueLen;
+ rv = sftkdb_SignAttribute(arena, newKey, id,
+ authAttrs[i].type, &plainText, &signText);
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ rv = sftkdb_PutAttributeSignature(handle, keyTarget, id,
+ authAttrs[i].type, signText);
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ }
+
+ return CKR_OK;
+}
+
+static CK_RV
+sftk_updateEncrypted(PLArenaPool *arena, SFTKDBHandle *keydb,
+ CK_OBJECT_HANDLE id, SECItem *newKey)
+{
+ CK_RV crv = CKR_OK;
+ CK_RV crv2;
+ CK_ATTRIBUTE *first, *last;
+ CK_ATTRIBUTE privAttrs[] = {
+ { CKA_VALUE, NULL, 0 },
+ { CKA_PRIVATE_EXPONENT, NULL, 0 },
+ { CKA_PRIME_1, NULL, 0 },
+ { CKA_PRIME_2, NULL, 0 },
+ { CKA_EXPONENT_1, NULL, 0 },
+ { CKA_EXPONENT_2, NULL, 0 },
+ { CKA_COEFFICIENT, NULL, 0 }
+ };
+ CK_ULONG privAttrCount = sizeof(privAttrs) / sizeof(CK_ATTRIBUTE);
+ unsigned int i, count;
+
+ /*
+ * STEP 1. Read the old attributes in the clear.
+ */
+
+ /* Get the attribute sizes.
+ * ignore the error code, we will have unknown attributes here */
+ crv2 = sftkdb_GetAttributeValue(keydb, id, privAttrs, privAttrCount);
+
+ /*
+ * find the valid block of attributes and fill allocate space for
+ * their data */
+ first = last = NULL;
+ for (i = 0; i < privAttrCount; i++) {
+ /* find the block of attributes that are appropriate for this
+ * objects. There should only be once contiguous block, if not
+ * there's an error.
+ *
+ * find the first and last good entry.
+ */
+ if ((privAttrs[i].ulValueLen == -1) || (privAttrs[i].ulValueLen == 0)) {
+ if (!first)
+ continue;
+ if (!last) {
+ /* previous entry was last good entry */
+ last = &privAttrs[i - 1];
+ }
+ continue;
+ }
+ if (!first) {
+ first = &privAttrs[i];
+ }
+ if (last) {
+ /* OOPS, we've found another good entry beyond the end of the
+ * last good entry, we need to fail here. */
+ crv = CKR_GENERAL_ERROR;
+ break;
+ }
+ privAttrs[i].pValue = PORT_ArenaAlloc(arena, privAttrs[i].ulValueLen);
+ if (privAttrs[i].pValue == NULL) {
+ crv = CKR_HOST_MEMORY;
+ break;
+ }
+ }
+ if (first == NULL) {
+ /* no valid entries found, return error based on crv2 */
+ return crv2;
+ }
+ if (last == NULL) {
+ last = &privAttrs[privAttrCount - 1];
+ }
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ /* read the attributes */
+ count = (last - first) + 1;
+ crv = sftkdb_GetAttributeValue(keydb, id, first, count);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /*
+ * STEP 2: read the encrypt the attributes with the new key.
+ */
+ for (i = 0; i < count; i++) {
+ SECItem plainText;
+ SECItem *result;
+ SECStatus rv;
+
+ plainText.data = first[i].pValue;
+ plainText.len = first[i].ulValueLen;
+ rv = sftkdb_EncryptAttribute(arena, newKey, &plainText, &result);
+ if (rv != SECSuccess) {
+ return CKR_GENERAL_ERROR;
+ }
+ first[i].pValue = result->data;
+ first[i].ulValueLen = result->len;
+ /* clear our sensitive data out */
+ PORT_Memset(plainText.data, 0, plainText.len);
+ }
+
+ /*
+ * STEP 3: write the newly encrypted attributes out directly
+ */
+ id &= SFTK_OBJ_ID_MASK;
+ keydb->newKey = newKey;
+ crv = (*keydb->db->sdb_SetAttributeValue)(keydb->db, id, first, count);
+ keydb->newKey = NULL;
+
+ return crv;
+}
+
+static CK_RV
+sftk_convertAttributes(SFTKDBHandle *handle,
+ CK_OBJECT_HANDLE id, SECItem *newKey)
+{
+ CK_RV crv = CKR_OK;
+ PLArenaPool *arena = NULL;
+
+ /* get a new arena to simplify cleanup */
+ arena = PORT_NewArena(1024);
+ if (!arena) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * first handle the MACS
+ */
+ crv = sftk_updateMacs(arena, handle, id, newKey);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ if (handle->type == SFTK_KEYDB_TYPE) {
+ crv = sftk_updateEncrypted(arena, handle, id, newKey);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ }
+
+ /* free up our mess */
+ /* NOTE: at this point we know we've cleared out any unencrypted data */
+ PORT_FreeArena(arena, PR_FALSE);
+ return CKR_OK;
+
+loser:
+ /* there may be unencrypted data, clear it out down */
+ PORT_FreeArena(arena, PR_TRUE);
+ return crv;
+}
+
+/*
+ * must be called with the old key active.
+ */
+CK_RV
+sftkdb_convertObjects(SFTKDBHandle *handle, CK_ATTRIBUTE *template,
+ CK_ULONG count, SECItem *newKey)
+{
+ SDBFind *find = NULL;
+ CK_ULONG idCount = SFTK_MAX_IDS;
+ CK_OBJECT_HANDLE ids[SFTK_MAX_IDS];
+ CK_RV crv, crv2;
+ unsigned int i;
+
+ crv = sftkdb_FindObjectsInit(handle, template, count, &find);
+
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ while ((crv == CKR_OK) && (idCount == SFTK_MAX_IDS)) {
+ crv = sftkdb_FindObjects(handle, find, ids, SFTK_MAX_IDS, &idCount);
+ for (i = 0; (crv == CKR_OK) && (i < idCount); i++) {
+ crv = sftk_convertAttributes(handle, ids[i], newKey);
+ }
+ }
+ crv2 = sftkdb_FindObjectsFinal(handle, find);
+ if (crv == CKR_OK)
+ crv = crv2;
+
+ return crv;
+}
+
+/*
+ * change the database password.
+ */
+SECStatus
+sftkdb_ChangePassword(SFTKDBHandle *keydb,
+ char *oldPin, char *newPin, PRBool *tokenRemoved)
+{
+ SECStatus rv = SECSuccess;
+ SECItem plainText;
+ SECItem newKey;
+ SECItem *result = NULL;
+ SECItem salt, value;
+ SFTKDBHandle *certdb;
+ unsigned char saltData[SDB_MAX_META_DATA_LEN];
+ unsigned char valueData[SDB_MAX_META_DATA_LEN];
+ CK_RV crv;
+ SDB *db;
+
+ if (keydb == NULL) {
+ return SECFailure;
+ }
+
+ db = SFTK_GET_SDB(keydb);
+ if (db == NULL) {
+ return SECFailure;
+ }
+
+ newKey.data = NULL;
+
+ /* make sure we have a valid old pin */
+ crv = (*keydb->db->sdb_Begin)(keydb->db);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+ salt.data = saltData;
+ salt.len = sizeof(saltData);
+ value.data = valueData;
+ value.len = sizeof(valueData);
+ crv = (*db->sdb_GetMetaData)(db, "password", &salt, &value);
+ if (crv == CKR_OK) {
+ rv = sftkdb_CheckPassword(keydb, oldPin, tokenRemoved);
+ if (rv == SECFailure) {
+ goto loser;
+ }
+ } else {
+ salt.len = SHA1_LENGTH;
+ RNG_GenerateGlobalRandomBytes(salt.data, salt.len);
+ }
+
+ rv = sftkdb_passwordToKey(keydb, &salt, newPin, &newKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /*
+ * convert encrypted entries here.
+ */
+ crv = sftkdb_convertObjects(keydb, NULL, 0, &newKey);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+ /* fix up certdb macs */
+ certdb = keydb->peerDB;
+ if (certdb) {
+ CK_ATTRIBUTE objectType = { CKA_CLASS, 0, sizeof(CK_OBJECT_CLASS) };
+ CK_OBJECT_CLASS myClass = CKO_NETSCAPE_TRUST;
+
+ objectType.pValue = &myClass;
+ crv = sftkdb_convertObjects(certdb, &objectType, 1, &newKey);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+ myClass = CKO_PUBLIC_KEY;
+ crv = sftkdb_convertObjects(certdb, &objectType, 1, &newKey);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+ }
+
+ plainText.data = (unsigned char *)SFTK_PW_CHECK_STRING;
+ plainText.len = SFTK_PW_CHECK_LEN;
+
+ rv = sftkdb_EncryptAttribute(NULL, &newKey, &plainText, &result);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ value.data = result->data;
+ value.len = result->len;
+ crv = (*keydb->db->sdb_PutMetaData)(keydb->db, "password", &salt, &value);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+ crv = (*keydb->db->sdb_Commit)(keydb->db);
+ if (crv != CKR_OK) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ keydb->newKey = NULL;
+
+ sftkdb_switchKeys(keydb, &newKey);
+
+loser:
+ if (newKey.data) {
+ PORT_ZFree(newKey.data, newKey.len);
+ }
+ if (result) {
+ SECITEM_FreeItem(result, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ (*keydb->db->sdb_Abort)(keydb->db);
+ }
+
+ return rv;
+}
+
+/*
+ * lose our cached password
+ */
+SECStatus
+sftkdb_ClearPassword(SFTKDBHandle *keydb)
+{
+ SECItem oldKey;
+ oldKey.data = NULL;
+ oldKey.len = 0;
+ sftkdb_switchKeys(keydb, &oldKey);
+ if (oldKey.data) {
+ PORT_ZFree(oldKey.data, oldKey.len);
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/softoken/softkver.c b/security/nss/lib/softoken/softkver.c
new file mode 100644
index 000000000..3f20fad27
--- /dev/null
+++ b/security/nss/lib/softoken/softkver.c
@@ -0,0 +1,18 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Library identity and versioning */
+
+#include "softkver.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_softokn_version[] = "Version: NSS " SOFTOKEN_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h
new file mode 100644
index 000000000..cc46891a4
--- /dev/null
+++ b/security/nss/lib/softoken/softkver.h
@@ -0,0 +1,31 @@
+/*
+ * Softoken version numbers
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SOFTKVER_H_
+#define _SOFTKVER_H_
+
+#ifndef NSS_DISABLE_ECC
+#define SOFTOKEN_ECC_STRING " Basic ECC"
+#else
+#define SOFTOKEN_ECC_STRING ""
+#endif
+
+/*
+ * Softoken's major version, minor version, patch level, build number,
+ * and whether this is a beta release.
+ *
+ * The format of the version string should be
+ * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
+ */
+#define SOFTOKEN_VERSION "3.28.6" SOFTOKEN_ECC_STRING
+#define SOFTOKEN_VMAJOR 3
+#define SOFTOKEN_VMINOR 28
+#define SOFTOKEN_VPATCH 6
+#define SOFTOKEN_VBUILD 0
+#define SOFTOKEN_BETA PR_FALSE
+
+#endif /* _SOFTKVER_H_ */
diff --git a/security/nss/lib/softoken/softoken.gyp b/security/nss/lib/softoken/softoken.gyp
new file mode 100644
index 000000000..8d72e60c5
--- /dev/null
+++ b/security/nss/lib/softoken/softoken.gyp
@@ -0,0 +1,71 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'softokn',
+ 'type': 'static_library',
+ 'sources': [
+ 'fipsaudt.c',
+ 'fipstest.c',
+ 'fipstokn.c',
+ 'jpakesftk.c',
+ 'lgglue.c',
+ 'lowkey.c',
+ 'lowpbe.c',
+ 'padbuf.c',
+ 'pkcs11.c',
+ 'pkcs11c.c',
+ 'pkcs11u.c',
+ 'sdb.c',
+ 'sftkdb.c',
+ 'sftkhmac.c',
+ 'sftkpars.c',
+ 'sftkpwd.c',
+ 'softkver.c',
+ 'tlsprf.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ '<(DEPTH)/lib/sqlite/sqlite.gyp:sqlite3',
+ '<(DEPTH)/lib/freebl/freebl.gyp:freebl',
+ ]
+ },
+ {
+ 'target_name': 'softokn3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'softokn',
+ ],
+ 'conditions': [
+ [ 'moz_fold_libs==0', {
+ 'dependencies': [
+ '<(DEPTH)/lib/util/util.gyp:nssutil3',
+ ],
+ }, {
+ 'libraries': [
+ '<(moz_folded_library_name)',
+ ],
+ }],
+ ],
+ 'variables': {
+ 'mapfile': 'softokn.def'
+ }
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'SHLIB_SUFFIX=\"<(dll_suffix)\"',
+ 'SHLIB_PREFIX=\"<(dll_prefix)\"',
+ 'SOFTOKEN_LIB_NAME=\"libsoftokn3.so\"',
+ 'SHLIB_VERSION=\"3\"'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/softoken/softoken.h b/security/nss/lib/softoken/softoken.h
new file mode 100644
index 000000000..0e943d3cb
--- /dev/null
+++ b/security/nss/lib/softoken/softoken.h
@@ -0,0 +1,265 @@
+/*
+ * softoken.h - private data structures and prototypes for the softoken lib
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SOFTOKEN_H_
+#define _SOFTOKEN_H_
+
+#include "blapi.h"
+#include "lowkeyti.h"
+#include "softoknt.h"
+#include "secoidt.h"
+
+#include "pkcs11t.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+ * Convenience wrapper for doing a single PKCS#1 v1.5 RSA operations where the
+ * encoded digest info is computed internally, rather than by the caller.
+ *
+ * The HashSign variants expect as input the value of H, the computed hash
+ * from RFC 3447, Section 9.2, Step 1, and will compute the DER-encoded
+ * DigestInfo structure internally prior to signing/verifying.
+ */
+extern SECStatus
+RSA_HashSign(SECOidTag hashOid, NSSLOWKEYPrivateKey *key,
+ unsigned char *sig, unsigned int *sigLen, unsigned int maxLen,
+ const unsigned char *hash, unsigned int hashLen);
+
+extern SECStatus
+RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key,
+ const unsigned char *sig, unsigned int sigLen,
+ const unsigned char *hash, unsigned int hashLen);
+
+/*
+** Prepare a buffer for padded CBC encryption, growing to the appropriate
+** boundary, filling with the appropriate padding.
+**
+** blockSize must be a power of 2.
+**
+** We add from 1 to blockSize bytes -- we *always* grow.
+** The extra bytes contain the value of the length of the padding:
+** if we have 2 bytes of padding, then the padding is "0x02, 0x02".
+**
+** NOTE: If arena is non-NULL, we re-allocate from there, otherwise
+** we assume (and use) PR memory (re)allocation.
+*/
+extern unsigned char *CBC_PadBuffer(PLArenaPool *arena, unsigned char *inbuf,
+ unsigned int inlen, unsigned int *outlen,
+ int blockSize);
+
+/****************************************/
+/*
+** Power-Up selftests are required for FIPS.
+*/
+/* make sure Power-up selftests have been run. */
+extern CK_RV sftk_FIPSEntryOK(void);
+
+/*
+** make known fixed PKCS #11 key types to their sizes in bytes
+*/
+unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType);
+
+/*
+** FIPS 140-2 auditing
+*/
+extern PRBool sftk_audit_enabled;
+
+extern void sftk_LogAuditMessage(NSSAuditSeverity severity,
+ NSSAuditType, const char *msg);
+
+extern void sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject, CK_RV rv);
+
+extern void sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv);
+
+extern void sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_RV rv);
+
+extern void sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize,
+ CK_RV rv);
+
+extern void sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_RV rv);
+
+extern void sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_RV rv);
+
+extern void sftk_AuditCryptInit(const char *opName,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey, CK_RV rv);
+
+extern void sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
+
+extern void sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate,
+ CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
+ CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey,
+ CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv);
+
+extern void sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey,
+ CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv);
+
+extern void sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hUnwrappingKey,
+ CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
+
+extern void sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,
+ CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
+ CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
+
+extern void sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hKey, CK_RV rv);
+
+/*
+** FIPS 140-2 Error state
+*/
+extern PRBool sftk_fatalError;
+
+/*
+** macros to check for forked child process after C_Initialize
+*/
+#if defined(XP_UNIX) && !defined(NO_FORK_CHECK)
+
+#ifdef DEBUG
+
+#define FORK_ASSERT() \
+ { \
+ char *forkAssert = PR_GetEnvSecure("NSS_STRICT_NOFORK"); \
+ if ((!forkAssert) || (0 == strcmp(forkAssert, "1"))) { \
+ PORT_Assert(0); \
+ } \
+ }
+
+#else
+
+#define FORK_ASSERT()
+
+#endif
+
+/* we have 3 methods of implementing the fork checks :
+ * - Solaris "mixed" method
+ * - pthread_atfork method
+ * - getpid method
+ */
+
+#if !defined(CHECK_FORK_MIXED) && !defined(CHECK_FORK_PTHREAD) && \
+ !defined(CHECK_FORK_GETPID)
+
+/* Choose fork check method automatically unless specified
+ * This section should be updated as more platforms get pthread fixes
+ * to unregister fork handlers in dlclose.
+ */
+
+#ifdef SOLARIS
+
+/* Solaris 8, s9 use PID checks, s10 uses pthread_atfork */
+
+#define CHECK_FORK_MIXED
+
+#elif defined(LINUX)
+
+#define CHECK_FORK_PTHREAD
+
+#else
+
+/* Other Unix platforms use only PID checks. Even if pthread_atfork is
+ * available, the behavior of dlclose isn't guaranteed by POSIX to
+ * unregister the fork handler. */
+
+#define CHECK_FORK_GETPID
+
+#endif
+
+#endif
+
+#if defined(CHECK_FORK_MIXED)
+
+extern PRBool usePthread_atfork;
+#include <unistd.h>
+extern pid_t myPid;
+extern PRBool forked;
+
+#define PARENT_FORKED() (usePthread_atfork ? forked : (myPid && myPid != getpid()))
+
+#elif defined(CHECK_FORK_PTHREAD)
+
+extern PRBool forked;
+
+#define PARENT_FORKED() forked
+
+#elif defined(CHECK_FORK_GETPID)
+
+#include <unistd.h>
+extern pid_t myPid;
+
+#define PARENT_FORKED() (myPid && myPid != getpid())
+
+#endif
+
+extern PRBool parentForkedAfterC_Initialize;
+extern PRBool sftkForkCheckDisabled;
+
+#define CHECK_FORK() \
+ do { \
+ if (!sftkForkCheckDisabled && PARENT_FORKED()) { \
+ FORK_ASSERT(); \
+ return CKR_DEVICE_ERROR; \
+ } \
+ } while (0)
+
+#define SKIP_AFTER_FORK(x) \
+ if (!parentForkedAfterC_Initialize) \
+ x
+
+#define ENABLE_FORK_CHECK() \
+ { \
+ char *doForkCheck = PR_GetEnvSecure("NSS_STRICT_NOFORK"); \
+ if (doForkCheck && !strcmp(doForkCheck, "DISABLED")) { \
+ sftkForkCheckDisabled = PR_TRUE; \
+ } \
+ }
+
+#else
+
+/* non-Unix platforms, or fork check disabled */
+
+#define CHECK_FORK()
+#define SKIP_AFTER_FORK(x) x
+#define ENABLE_FORK_CHECK()
+
+#ifndef NO_FORK_CHECK
+#define NO_FORK_CHECK
+#endif
+
+#endif
+
+SEC_END_PROTOS
+
+#endif /* _SOFTOKEN_H_ */
diff --git a/security/nss/lib/softoken/softokn.def b/security/nss/lib/softoken/softokn.def
new file mode 100644
index 000000000..0c71a1b4c
--- /dev/null
+++ b/security/nss/lib/softoken/softokn.def
@@ -0,0 +1,28 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+NSS_3.4 { # NSS 3.4 release
+;+ global:
+LIBRARY softokn3 ;-
+EXPORTS ;-
+C_GetFunctionList; Make this function like a real PKCS #11 module as well
+FC_GetFunctionList;
+NSC_GetFunctionList;
+NSC_ModuleDBFunc;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/softoken/softokn.rc b/security/nss/lib/softoken/softokn.rc
new file mode 100644
index 000000000..f3dbb5c42
--- /dev/null
+++ b/security/nss/lib/softoken/softokn.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "softkver.h"
+#include <winver.h>
+
+#define MY_LIBNAME "softokn"
+#define MY_FILEDESCRIPTION "NSS PKCS #11 Library"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define SOFTOKEN_VMAJOR_STR STRINGIZE2(SOFTOKEN_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if SOFTOKEN_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME SOFTOKEN_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,SOFTOKEN_VBUILD
+ PRODUCTVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,SOFTOKEN_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", SOFTOKEN_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", SOFTOKEN_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/softoken/softoknt.h b/security/nss/lib/softoken/softoknt.h
new file mode 100644
index 000000000..071689842
--- /dev/null
+++ b/security/nss/lib/softoken/softoknt.h
@@ -0,0 +1,43 @@
+/*
+ * softoknt.h - public data structures for the software token library
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SOFTOKNT_H_
+#define _SOFTOKNT_H_
+
+#define NSS_SOFTOKEN_DEFAULT_CHUNKSIZE 2048
+
+/*
+ * FIPS 140-2 auditing
+ */
+typedef enum {
+ NSS_AUDIT_ERROR = 3, /* errors */
+ NSS_AUDIT_WARNING = 2, /* warning messages */
+ NSS_AUDIT_INFO = 1 /* informational messages */
+} NSSAuditSeverity;
+
+typedef enum {
+ NSS_AUDIT_ACCESS_KEY = 0,
+ NSS_AUDIT_CHANGE_KEY,
+ NSS_AUDIT_COPY_KEY,
+ NSS_AUDIT_CRYPT,
+ NSS_AUDIT_DERIVE_KEY,
+ NSS_AUDIT_DESTROY_KEY,
+ NSS_AUDIT_DIGEST_KEY,
+ NSS_AUDIT_FIPS_STATE,
+ NSS_AUDIT_GENERATE_KEY,
+ NSS_AUDIT_INIT_PIN,
+ NSS_AUDIT_INIT_TOKEN,
+ NSS_AUDIT_LOAD_KEY,
+ NSS_AUDIT_LOGIN,
+ NSS_AUDIT_LOGOUT,
+ NSS_AUDIT_SELF_TEST,
+ NSS_AUDIT_SET_PIN,
+ NSS_AUDIT_UNWRAP_KEY,
+ NSS_AUDIT_WRAP_KEY
+} NSSAuditType;
+
+#endif /* _SOFTOKNT_H_ */
diff --git a/security/nss/lib/softoken/tlsprf.c b/security/nss/lib/softoken/tlsprf.c
new file mode 100644
index 000000000..05e246887
--- /dev/null
+++ b/security/nss/lib/softoken/tlsprf.c
@@ -0,0 +1,198 @@
+/* tlsprf.c - TLS Pseudo Random Function (PRF) implementation
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "pkcs11i.h"
+#include "blapi.h"
+#include "secerr.h"
+
+static void
+sftk_TLSPRFNull(void *data, PRBool freeit)
+{
+ return;
+}
+
+typedef struct {
+ PRUint32 cxSize; /* size of allocated block, in bytes. */
+ PRUint32 cxBufSize; /* sizeof buffer at cxBufPtr. */
+ unsigned char *cxBufPtr; /* points to real buffer, may be cxBuf. */
+ PRUint32 cxKeyLen; /* bytes of cxBufPtr containing key. */
+ PRUint32 cxDataLen; /* bytes of cxBufPtr containing data. */
+ SECStatus cxRv; /* records failure of void functions. */
+ PRBool cxIsFIPS; /* true if conforming to FIPS 198. */
+ HASH_HashType cxHashAlg; /* hash algorithm to use for TLS 1.2+ */
+ unsigned int cxOutLen; /* bytes of output if nonzero */
+ unsigned char cxBuf[512]; /* actual size may be larger than 512. */
+} TLSPRFContext;
+
+static void
+sftk_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
+ unsigned int data_len)
+{
+ PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen;
+
+ if (cx->cxRv != SECSuccess) /* function has previously failed. */
+ return;
+ if (bytesUsed + data_len > cx->cxBufSize) {
+ /* We don't use realloc here because
+ ** (a) realloc doesn't zero out the old block, and
+ ** (b) if realloc fails, we lose the old block.
+ */
+ PRUint32 newBufSize = bytesUsed + data_len + 512;
+ unsigned char *newBuf = (unsigned char *)PORT_Alloc(newBufSize);
+ if (!newBuf) {
+ cx->cxRv = SECFailure;
+ return;
+ }
+ PORT_Memcpy(newBuf, cx->cxBufPtr, bytesUsed);
+ if (cx->cxBufPtr != cx->cxBuf) {
+ PORT_ZFree(cx->cxBufPtr, bytesUsed);
+ }
+ cx->cxBufPtr = newBuf;
+ cx->cxBufSize = newBufSize;
+ }
+ PORT_Memcpy(cx->cxBufPtr + bytesUsed, data, data_len);
+ cx->cxDataLen += data_len;
+}
+
+static void
+sftk_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
+ unsigned int *pDigestLen, unsigned int maxDigestLen)
+{
+ *pDigestLen = 0; /* tells Verify that no data has been input yet. */
+}
+
+/* Compute the PRF values from the data previously input. */
+static SECStatus
+sftk_TLSPRFUpdate(TLSPRFContext *cx,
+ unsigned char *sig, /* output goes here. */
+ unsigned int *sigLen, /* how much output. */
+ unsigned int maxLen, /* output buffer size */
+ unsigned char *hash, /* unused. */
+ unsigned int hashLen) /* unused. */
+{
+ SECStatus rv;
+ SECItem sigItem;
+ SECItem seedItem;
+ SECItem secretItem;
+
+ if (cx->cxRv != SECSuccess)
+ return cx->cxRv;
+
+ secretItem.data = cx->cxBufPtr;
+ secretItem.len = cx->cxKeyLen;
+
+ seedItem.data = cx->cxBufPtr + cx->cxKeyLen;
+ seedItem.len = cx->cxDataLen;
+
+ sigItem.data = sig;
+ if (cx->cxOutLen == 0) {
+ sigItem.len = maxLen;
+ } else if (cx->cxOutLen <= maxLen) {
+ sigItem.len = cx->cxOutLen;
+ } else {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ if (cx->cxHashAlg != HASH_AlgNULL) {
+ rv = TLS_P_hash(cx->cxHashAlg, &secretItem, NULL, &seedItem, &sigItem,
+ cx->cxIsFIPS);
+ } else {
+ rv = TLS_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS);
+ }
+ if (rv == SECSuccess && sigLen != NULL)
+ *sigLen = sigItem.len;
+ return rv;
+}
+
+static SECStatus
+sftk_TLSPRFVerify(TLSPRFContext *cx,
+ unsigned char *sig, /* input, for comparison. */
+ unsigned int sigLen, /* length of sig. */
+ unsigned char *hash, /* data to be verified. */
+ unsigned int hashLen) /* size of hash data. */
+{
+ unsigned char *tmp = (unsigned char *)PORT_Alloc(sigLen);
+ unsigned int tmpLen = sigLen;
+ SECStatus rv;
+
+ if (!tmp)
+ return SECFailure;
+ if (hashLen) {
+ /* hashLen is non-zero when the user does a one-step verify.
+ ** In this case, none of the data has been input yet.
+ */
+ sftk_TLSPRFHashUpdate(cx, hash, hashLen);
+ }
+ rv = sftk_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
+ if (rv == SECSuccess) {
+ rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen));
+ }
+ PORT_ZFree(tmp, sigLen);
+ return rv;
+}
+
+static void
+sftk_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
+{
+ if (freeit) {
+ if (cx->cxBufPtr != cx->cxBuf)
+ PORT_ZFree(cx->cxBufPtr, cx->cxBufSize);
+ PORT_ZFree(cx, cx->cxSize);
+ }
+}
+
+CK_RV
+sftk_TLSPRFInit(SFTKSessionContext *context,
+ SFTKObject *key,
+ CK_KEY_TYPE key_type,
+ HASH_HashType hash_alg,
+ unsigned int out_len)
+{
+ SFTKAttribute *keyVal;
+ TLSPRFContext *prf_cx;
+ CK_RV crv = CKR_HOST_MEMORY;
+ PRUint32 keySize;
+ PRUint32 blockSize;
+
+ if (key_type != CKK_GENERIC_SECRET)
+ return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */
+
+ context->multi = PR_TRUE;
+
+ keyVal = sftk_FindAttribute(key, CKA_VALUE);
+ keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
+ blockSize = keySize + sizeof(TLSPRFContext);
+ prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
+ if (!prf_cx)
+ goto done;
+ prf_cx->cxSize = blockSize;
+ prf_cx->cxKeyLen = keySize;
+ prf_cx->cxDataLen = 0;
+ prf_cx->cxBufSize = blockSize - offsetof(TLSPRFContext, cxBuf);
+ prf_cx->cxRv = SECSuccess;
+ prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID);
+ prf_cx->cxBufPtr = prf_cx->cxBuf;
+ prf_cx->cxHashAlg = hash_alg;
+ prf_cx->cxOutLen = out_len;
+ if (keySize)
+ PORT_Memcpy(prf_cx->cxBufPtr, keyVal->attrib.pValue, keySize);
+
+ context->hashInfo = (void *)prf_cx;
+ context->cipherInfo = (void *)prf_cx;
+ context->hashUpdate = (SFTKHash)sftk_TLSPRFHashUpdate;
+ context->end = (SFTKEnd)sftk_TLSPRFEnd;
+ context->update = (SFTKCipher)sftk_TLSPRFUpdate;
+ context->verify = (SFTKVerify)sftk_TLSPRFVerify;
+ context->destroy = (SFTKDestroy)sftk_TLSPRFNull;
+ context->hashdestroy = (SFTKDestroy)sftk_TLSPRFHashDestroy;
+ crv = CKR_OK;
+
+done:
+ if (keyVal)
+ sftk_FreeAttribute(keyVal);
+ return crv;
+}
diff --git a/security/nss/lib/sqlite/Makefile b/security/nss/lib/sqlite/Makefile
new file mode 100644
index 000000000..91493687a
--- /dev/null
+++ b/security/nss/lib/sqlite/Makefile
@@ -0,0 +1,54 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+USE_GCOV =
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+-include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+ifeq (WINNT,$(OS_ARCH))
+# sqlite calls the deprecated GetVersionExA method
+OS_CFLAGS += -w44996
+endif
+
diff --git a/security/nss/lib/sqlite/README b/security/nss/lib/sqlite/README
new file mode 100644
index 000000000..b3a726f78
--- /dev/null
+++ b/security/nss/lib/sqlite/README
@@ -0,0 +1,3 @@
+This is SQLite 3.10.2.
+
+Local changes:
diff --git a/security/nss/lib/sqlite/config.mk b/security/nss/lib/sqlite/config.mk
new file mode 100644
index 000000000..b0e9390f1
--- /dev/null
+++ b/security/nss/lib/sqlite/config.mk
@@ -0,0 +1,43 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+#RES = $(OBJDIR)/$(LIBRARY_NAME).res
+#RESNAME = $(LIBRARY_NAME).rc
+endif
+
+ifeq ($(OS_TARGET),AIX)
+EXTRA_LIBS += -lpthreads
+ifdef BUILD_OPT
+OPTIMIZER=
+endif
+endif
+
+ifeq ($(OS_TARGET),Darwin)
+# These version numbers come from the -version-info 8:6:8 libtool option in
+# sqlite upstream's Makefile.in. (Given -version-info current:revision:age,
+# libtool passes
+# -compatibility_version current+1 -current_version current+1.revision
+# to the linker.) Apple builds the system libsqlite3.dylib with these
+# version numbers, so we use the same to be compatible.
+DARWIN_DYLIB_VERSIONS = -compatibility_version 9 -current_version 9.6
+
+# The SQLite code that uses the Apple zone allocator calls
+# OSAtomicCompareAndSwapPtrBarrier, which is only available on Mac OS X 10.5
+# (Darwin 9.0) and later. Define SQLITE_WITHOUT_ZONEMALLOC to disable
+# that code for older versions of Mac OS X. See bug 820374.
+DARWIN_VER_MAJOR := $(shell uname -r | cut -f1 -d.)
+DARWIN_LT_9 := $(shell [ $(DARWIN_VER_MAJOR) -lt 9 ] && echo true)
+ifeq ($(DARWIN_LT_9),true)
+OS_CFLAGS += -DSQLITE_WITHOUT_ZONEMALLOC
+endif
+endif # Darwin
diff --git a/security/nss/lib/sqlite/exports.gyp b/security/nss/lib/sqlite/exports.gyp
new file mode 100644
index 000000000..0a424bac8
--- /dev/null
+++ b/security/nss/lib/sqlite/exports.gyp
@@ -0,0 +1,25 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_sqlite_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'sqlite3.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/sqlite/manifest.mn b/security/nss/lib/sqlite/manifest.mn
new file mode 100644
index 000000000..022749b6e
--- /dev/null
+++ b/security/nss/lib/sqlite/manifest.mn
@@ -0,0 +1,34 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+MODULE = nss
+
+LIBRARY_NAME = sqlite
+LIBRARY_VERSION = 3
+MAPFILE = $(OBJDIR)/sqlite.def
+DEFINES += -DSQLITE_THREADSAFE=1
+
+EXPORTS = \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ sqlite3.h \
+ $(NULL)
+
+
+CSRCS = \
+ sqlite3.c \
+ $(NULL)
+
+
+
+# only add module debugging in opt builds if DEBUG_PKCS11 is set
+ifdef DEBUG_PKCS11
+ DEFINES += -DDEBUG_MODULE
+endif
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/sqlite/sqlite.def b/security/nss/lib/sqlite/sqlite.def
new file mode 100644
index 000000000..00fa623ab
--- /dev/null
+++ b/security/nss/lib/sqlite/sqlite.def
@@ -0,0 +1,147 @@
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+SQLITE_3 {
+;+ global:
+LIBRARY sqlite3 ;-
+EXPORTS ;-
+sqlite3_aggregate_context;
+sqlite3_aggregate_count;
+sqlite3_auto_extension;
+sqlite3_bind_blob;
+sqlite3_bind_double;
+sqlite3_bind_int;
+sqlite3_bind_int64;
+sqlite3_bind_null;
+sqlite3_bind_parameter_count;
+sqlite3_bind_parameter_index;
+sqlite3_bind_parameter_name;
+sqlite3_bind_text;
+sqlite3_bind_text16;
+sqlite3_bind_value;
+sqlite3_busy_handler;
+sqlite3_busy_timeout;
+sqlite3_changes;
+sqlite3_clear_bindings;
+sqlite3_close;
+sqlite3_collation_needed;
+sqlite3_collation_needed16;
+sqlite3_column_blob;
+sqlite3_column_bytes;
+sqlite3_column_bytes16;
+sqlite3_column_count;
+sqlite3_column_decltype;
+sqlite3_column_decltype16;
+sqlite3_column_double;
+sqlite3_column_int;
+sqlite3_column_int64;
+sqlite3_column_name;
+sqlite3_column_name16;
+sqlite3_column_text;
+sqlite3_column_text16;
+sqlite3_column_type;
+sqlite3_column_value;
+sqlite3_commit_hook;
+sqlite3_complete;
+sqlite3_complete16;
+sqlite3_create_collation;
+sqlite3_create_collation16;
+sqlite3_create_function;
+sqlite3_create_function16;
+sqlite3_create_module;
+sqlite3_data_count;
+sqlite3_db_handle;
+sqlite3_declare_vtab;
+sqlite3_enable_load_extension;
+sqlite3_enable_shared_cache;
+sqlite3_errcode;
+sqlite3_errmsg;
+sqlite3_errmsg16;
+sqlite3_exec;
+sqlite3_expired;
+sqlite3_extended_result_codes;
+sqlite3_file_control;
+sqlite3_finalize;
+sqlite3_free;
+sqlite3_free_table;
+sqlite3_get_autocommit;
+sqlite3_get_auxdata;
+sqlite3_get_table;
+sqlite3_global_recover;
+sqlite3_interrupt;
+sqlite3_last_insert_rowid;
+sqlite3_libversion;
+sqlite3_libversion_number;
+sqlite3_load_extension;
+sqlite3_malloc;
+sqlite3_mprintf;
+sqlite3_open;
+sqlite3_open16;
+sqlite3_open_v2;
+sqlite3_overload_function;
+sqlite3_prepare;
+sqlite3_prepare16;
+sqlite3_prepare16_v2;
+sqlite3_prepare_v2;
+sqlite3_profile;
+sqlite3_progress_handler;
+sqlite3_realloc;
+sqlite3_reset;
+sqlite3_reset_auto_extension;
+sqlite3_result_blob;
+sqlite3_result_double;
+sqlite3_result_error;
+sqlite3_result_error16;
+sqlite3_result_int;
+sqlite3_result_int64;
+sqlite3_result_null;
+sqlite3_result_text;
+sqlite3_result_text16;
+sqlite3_result_text16be;
+sqlite3_result_text16le;
+sqlite3_result_value;
+sqlite3_rollback_hook;
+sqlite3_set_authorizer;
+sqlite3_set_auxdata;
+sqlite3_sleep;
+sqlite3_snprintf;
+sqlite3_step;
+;;sqlite3_temp_directory DATA ;
+sqlite3_thread_cleanup;
+sqlite3_total_changes;
+sqlite3_trace;
+sqlite3_transfer_bindings;
+sqlite3_update_hook;
+sqlite3_user_data;
+sqlite3_value_blob;
+sqlite3_value_bytes;
+sqlite3_value_bytes16;
+sqlite3_value_double;
+sqlite3_value_int;
+sqlite3_value_int64;
+sqlite3_value_numeric_type;
+sqlite3_value_text;
+sqlite3_value_text16;
+sqlite3_value_text16be;
+sqlite3_value_text16le;
+sqlite3_value_type;
+sqlite3_version;
+sqlite3_vmprintf;
+sqlite3_wal_checkpoint;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/sqlite/sqlite.gyp b/security/nss/lib/sqlite/sqlite.gyp
new file mode 100644
index 000000000..6969893d6
--- /dev/null
+++ b/security/nss/lib/sqlite/sqlite.gyp
@@ -0,0 +1,50 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'conditions': [
+ ['use_system_sqlite==1', {
+ 'targets': [{
+ 'target_name': 'sqlite3',
+ 'type': 'none',
+ 'link_settings': {
+ 'libraries': ['<(sqlite_libs)'],
+ },
+ }],
+ }, {
+ 'targets': [
+ {
+ 'target_name': 'sqlite',
+ 'type': 'static_library',
+ 'sources': [
+ 'sqlite3.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ },
+ {
+ 'target_name': 'sqlite3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'sqlite'
+ ],
+ 'variables': {
+ 'mapfile': 'sqlite.def'
+ }
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'SQLITE_THREADSAFE=1'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+ }]
+ ],
+}
diff --git a/security/nss/lib/sqlite/sqlite3.c b/security/nss/lib/sqlite/sqlite3.c
new file mode 100644
index 000000000..c0ab2337e
--- /dev/null
+++ b/security/nss/lib/sqlite/sqlite3.c
@@ -0,0 +1,186041 @@
+/******************************************************************************
+** This file is an amalgamation of many separate C source files from SQLite
+** version 3.10.2. By combining all the individual C code files into this
+** single large file, the entire code can be compiled as a single translation
+** unit. This allows many compilers to do optimizations that would not be
+** possible if the files were compiled separately. Performance improvements
+** of 5% or more are commonly seen when SQLite is compiled as a single
+** translation unit.
+**
+** This file is all you need to compile SQLite. To use SQLite in other
+** programs, you need this file and the "sqlite3.h" header file that defines
+** the programming interface to the SQLite library. (If you do not have
+** the "sqlite3.h" header file at hand, you will find a copy embedded within
+** the text of this file. Search for "Begin file sqlite3.h" to find the start
+** of the embedded sqlite3.h header file.) Additional code files may be needed
+** if you want a wrapper to interface SQLite with your choice of programming
+** language. The code for the "sqlite3" command-line shell is also in a
+** separate file. This file contains only code for the core SQLite library.
+*/
+#define SQLITE_CORE 1
+#define SQLITE_AMALGAMATION 1
+#ifndef SQLITE_PRIVATE
+# define SQLITE_PRIVATE static
+#endif
+/************** Begin file sqliteInt.h ***************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Internal interface definitions for SQLite.
+**
+*/
+#ifndef _SQLITEINT_H_
+#define _SQLITEINT_H_
+
+/*
+** Include the header file used to customize the compiler options for MSVC.
+** This should be done first so that it can successfully prevent spurious
+** compiler warnings due to subsequent content in this file and other files
+** that are included by this file.
+*/
+/************** Include msvc.h in the middle of sqliteInt.h ******************/
+/************** Begin file msvc.h ********************************************/
+/*
+** 2015 January 12
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains code that is specific to MSVC.
+*/
+#ifndef _MSVC_H_
+#define _MSVC_H_
+
+#if defined(_MSC_VER)
+#pragma warning(disable : 4054)
+#pragma warning(disable : 4055)
+#pragma warning(disable : 4100)
+#pragma warning(disable : 4127)
+#pragma warning(disable : 4130)
+#pragma warning(disable : 4152)
+#pragma warning(disable : 4189)
+#pragma warning(disable : 4206)
+#pragma warning(disable : 4210)
+#pragma warning(disable : 4232)
+#pragma warning(disable : 4244)
+#pragma warning(disable : 4305)
+#pragma warning(disable : 4306)
+#pragma warning(disable : 4702)
+#pragma warning(disable : 4706)
+#endif /* defined(_MSC_VER) */
+
+#endif /* _MSVC_H_ */
+
+/************** End of msvc.h ************************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+
+/*
+** Special setup for VxWorks
+*/
+/************** Include vxworks.h in the middle of sqliteInt.h ***************/
+/************** Begin file vxworks.h *****************************************/
+/*
+** 2015-03-02
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains code that is specific to Wind River's VxWorks
+*/
+#if defined(__RTP__) || defined(_WRS_KERNEL)
+/* This is VxWorks. Set up things specially for that OS
+*/
+#include <vxWorks.h>
+#include <pthread.h> /* amalgamator: dontcache */
+#define OS_VXWORKS 1
+#define SQLITE_OS_OTHER 0
+#define SQLITE_HOMEGROWN_RECURSIVE_MUTEX 1
+#define SQLITE_OMIT_LOAD_EXTENSION 1
+#define SQLITE_ENABLE_LOCKING_STYLE 0
+#define HAVE_UTIME 1
+#else
+/* This is not VxWorks. */
+#define OS_VXWORKS 0
+#endif /* defined(_WRS_KERNEL) */
+
+/************** End of vxworks.h *********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+
+/*
+** These #defines should enable >2GB file support on POSIX if the
+** underlying operating system supports it. If the OS lacks
+** large file support, or if the OS is windows, these should be no-ops.
+**
+** Ticket #2739: The _LARGEFILE_SOURCE macro must appear before any
+** system #includes. Hence, this block of code must be the very first
+** code in all source files.
+**
+** Large file support can be disabled using the -DSQLITE_DISABLE_LFS switch
+** on the compiler command line. This is necessary if you are compiling
+** on a recent machine (ex: Red Hat 7.2) but you want your code to work
+** on an older machine (ex: Red Hat 6.0). If you compile on Red Hat 7.2
+** without this option, LFS is enable. But LFS does not exist in the kernel
+** in Red Hat 6.0, so the code won't work. Hence, for maximum binary
+** portability you should omit LFS.
+**
+** The previous paragraph was written in 2005. (This paragraph is written
+** on 2008-11-28.) These days, all Linux kernels support large files, so
+** you should probably leave LFS enabled. But some embedded platforms might
+** lack LFS in which case the SQLITE_DISABLE_LFS macro might still be useful.
+**
+** Similar is true for Mac OS X. LFS is only supported on Mac OS X 9 and later.
+*/
+#ifndef SQLITE_DISABLE_LFS
+# define _LARGE_FILE 1
+# ifndef _FILE_OFFSET_BITS
+# define _FILE_OFFSET_BITS 64
+# endif
+# define _LARGEFILE_SOURCE 1
+#endif
+
+/* What version of GCC is being used. 0 means GCC is not being used */
+#ifdef __GNUC__
+# define GCC_VERSION (__GNUC__*1000000+__GNUC_MINOR__*1000+__GNUC_PATCHLEVEL__)
+#else
+# define GCC_VERSION 0
+#endif
+
+/* Needed for various definitions... */
+#if defined(__GNUC__) && !defined(_GNU_SOURCE)
+# define _GNU_SOURCE
+#endif
+
+#if defined(__OpenBSD__) && !defined(_BSD_SOURCE)
+# define _BSD_SOURCE
+#endif
+
+/*
+** For MinGW, check to see if we can include the header file containing its
+** version information, among other things. Normally, this internal MinGW
+** header file would [only] be included automatically by other MinGW header
+** files; however, the contained version information is now required by this
+** header file to work around binary compatibility issues (see below) and
+** this is the only known way to reliably obtain it. This entire #if block
+** would be completely unnecessary if there was any other way of detecting
+** MinGW via their preprocessor (e.g. if they customized their GCC to define
+** some MinGW-specific macros). When compiling for MinGW, either the
+** _HAVE_MINGW_H or _HAVE__MINGW_H (note the extra underscore) macro must be
+** defined; otherwise, detection of conditions specific to MinGW will be
+** disabled.
+*/
+#if defined(_HAVE_MINGW_H)
+# include "mingw.h"
+#elif defined(_HAVE__MINGW_H)
+# include "_mingw.h"
+#endif
+
+/*
+** For MinGW version 4.x (and higher), check to see if the _USE_32BIT_TIME_T
+** define is required to maintain binary compatibility with the MSVC runtime
+** library in use (e.g. for Windows XP).
+*/
+#if !defined(_USE_32BIT_TIME_T) && !defined(_USE_64BIT_TIME_T) && \
+ defined(_WIN32) && !defined(_WIN64) && \
+ defined(__MINGW_MAJOR_VERSION) && __MINGW_MAJOR_VERSION >= 4 && \
+ defined(__MSVCRT__)
+# define _USE_32BIT_TIME_T
+#endif
+
+/* The public SQLite interface. The _FILE_OFFSET_BITS macro must appear
+** first in QNX. Also, the _USE_32BIT_TIME_T macro must appear first for
+** MinGW.
+*/
+/************** Include sqlite3.h in the middle of sqliteInt.h ***************/
+/************** Begin file sqlite3.h *****************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the interface that the SQLite library
+** presents to client programs. If a C-function, structure, datatype,
+** or constant definition does not appear in this file, then it is
+** not a published API of SQLite, is subject to change without
+** notice, and should not be referenced by programs that use SQLite.
+**
+** Some of the definitions that are in this file are marked as
+** "experimental". Experimental interfaces are normally new
+** features recently added to SQLite. We do not anticipate changes
+** to experimental interfaces but reserve the right to make minor changes
+** if experience from use "in the wild" suggest such changes are prudent.
+**
+** The official C-language API documentation for SQLite is derived
+** from comments in this file. This file is the authoritative source
+** on how SQLite interfaces are supposed to operate.
+**
+** The name of this file under configuration management is "sqlite.h.in".
+** The makefile makes some minor changes to this file (such as inserting
+** the version number) and changes its name to "sqlite3.h" as
+** part of the build process.
+*/
+#ifndef _SQLITE3_H_
+#define _SQLITE3_H_
+#include <stdarg.h> /* Needed for the definition of va_list */
+
+/*
+** Make sure we can call this stuff from C++.
+*/
+#if 0
+extern "C" {
+#endif
+
+
+/*
+** Provide the ability to override linkage features of the interface.
+*/
+#ifndef SQLITE_EXTERN
+# define SQLITE_EXTERN extern
+#endif
+#ifndef SQLITE_API
+# define SQLITE_API
+#endif
+#ifndef SQLITE_CDECL
+# define SQLITE_CDECL
+#endif
+#ifndef SQLITE_STDCALL
+# define SQLITE_STDCALL
+#endif
+
+/*
+** These no-op macros are used in front of interfaces to mark those
+** interfaces as either deprecated or experimental. New applications
+** should not use deprecated interfaces - they are supported for backwards
+** compatibility only. Application writers should be aware that
+** experimental interfaces are subject to change in point releases.
+**
+** These macros used to resolve to various kinds of compiler magic that
+** would generate warning messages when they were used. But that
+** compiler magic ended up generating such a flurry of bug reports
+** that we have taken it all out and gone back to using simple
+** noop macros.
+*/
+#define SQLITE_DEPRECATED
+#define SQLITE_EXPERIMENTAL
+
+/*
+** Ensure these symbols were not defined by some previous header file.
+*/
+#ifdef SQLITE_VERSION
+# undef SQLITE_VERSION
+#endif
+#ifdef SQLITE_VERSION_NUMBER
+# undef SQLITE_VERSION_NUMBER
+#endif
+
+/*
+** CAPI3REF: Compile-Time Library Version Numbers
+**
+** ^(The [SQLITE_VERSION] C preprocessor macro in the sqlite3.h header
+** evaluates to a string literal that is the SQLite version in the
+** format "X.Y.Z" where X is the major version number (always 3 for
+** SQLite3) and Y is the minor version number and Z is the release number.)^
+** ^(The [SQLITE_VERSION_NUMBER] C preprocessor macro resolves to an integer
+** with the value (X*1000000 + Y*1000 + Z) where X, Y, and Z are the same
+** numbers used in [SQLITE_VERSION].)^
+** The SQLITE_VERSION_NUMBER for any given release of SQLite will also
+** be larger than the release from which it is derived. Either Y will
+** be held constant and Z will be incremented or else Y will be incremented
+** and Z will be reset to zero.
+**
+** Since version 3.6.18, SQLite source code has been stored in the
+** <a href="http://www.fossil-scm.org/">Fossil configuration management
+** system</a>. ^The SQLITE_SOURCE_ID macro evaluates to
+** a string which identifies a particular check-in of SQLite
+** within its configuration management system. ^The SQLITE_SOURCE_ID
+** string contains the date and time of the check-in (UTC) and an SHA1
+** hash of the entire source tree.
+**
+** See also: [sqlite3_libversion()],
+** [sqlite3_libversion_number()], [sqlite3_sourceid()],
+** [sqlite_version()] and [sqlite_source_id()].
+*/
+#define SQLITE_VERSION "3.10.2"
+#define SQLITE_VERSION_NUMBER 3010002
+#define SQLITE_SOURCE_ID "2016-01-20 15:27:19 17efb4209f97fb4971656086b138599a91a75ff9"
+
+/*
+** CAPI3REF: Run-Time Library Version Numbers
+** KEYWORDS: sqlite3_version, sqlite3_sourceid
+**
+** These interfaces provide the same information as the [SQLITE_VERSION],
+** [SQLITE_VERSION_NUMBER], and [SQLITE_SOURCE_ID] C preprocessor macros
+** but are associated with the library instead of the header file. ^(Cautious
+** programmers might include assert() statements in their application to
+** verify that values returned by these interfaces match the macros in
+** the header, and thus ensure that the application is
+** compiled with matching library and header files.
+**
+** <blockquote><pre>
+** assert( sqlite3_libversion_number()==SQLITE_VERSION_NUMBER );
+** assert( strcmp(sqlite3_sourceid(),SQLITE_SOURCE_ID)==0 );
+** assert( strcmp(sqlite3_libversion(),SQLITE_VERSION)==0 );
+** </pre></blockquote>)^
+**
+** ^The sqlite3_version[] string constant contains the text of [SQLITE_VERSION]
+** macro. ^The sqlite3_libversion() function returns a pointer to the
+** to the sqlite3_version[] string constant. The sqlite3_libversion()
+** function is provided for use in DLLs since DLL users usually do not have
+** direct access to string constants within the DLL. ^The
+** sqlite3_libversion_number() function returns an integer equal to
+** [SQLITE_VERSION_NUMBER]. ^The sqlite3_sourceid() function returns
+** a pointer to a string constant whose value is the same as the
+** [SQLITE_SOURCE_ID] C preprocessor macro.
+**
+** See also: [sqlite_version()] and [sqlite_source_id()].
+*/
+SQLITE_API const char sqlite3_version[] = SQLITE_VERSION;
+SQLITE_API const char *SQLITE_STDCALL sqlite3_libversion(void);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_sourceid(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_libversion_number(void);
+
+/*
+** CAPI3REF: Run-Time Library Compilation Options Diagnostics
+**
+** ^The sqlite3_compileoption_used() function returns 0 or 1
+** indicating whether the specified option was defined at
+** compile time. ^The SQLITE_ prefix may be omitted from the
+** option name passed to sqlite3_compileoption_used().
+**
+** ^The sqlite3_compileoption_get() function allows iterating
+** over the list of options that were defined at compile time by
+** returning the N-th compile time option string. ^If N is out of range,
+** sqlite3_compileoption_get() returns a NULL pointer. ^The SQLITE_
+** prefix is omitted from any strings returned by
+** sqlite3_compileoption_get().
+**
+** ^Support for the diagnostic functions sqlite3_compileoption_used()
+** and sqlite3_compileoption_get() may be omitted by specifying the
+** [SQLITE_OMIT_COMPILEOPTION_DIAGS] option at compile time.
+**
+** See also: SQL functions [sqlite_compileoption_used()] and
+** [sqlite_compileoption_get()] and the [compile_options pragma].
+*/
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+SQLITE_API int SQLITE_STDCALL sqlite3_compileoption_used(const char *zOptName);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_compileoption_get(int N);
+#endif
+
+/*
+** CAPI3REF: Test To See If The Library Is Threadsafe
+**
+** ^The sqlite3_threadsafe() function returns zero if and only if
+** SQLite was compiled with mutexing code omitted due to the
+** [SQLITE_THREADSAFE] compile-time option being set to 0.
+**
+** SQLite can be compiled with or without mutexes. When
+** the [SQLITE_THREADSAFE] C preprocessor macro is 1 or 2, mutexes
+** are enabled and SQLite is threadsafe. When the
+** [SQLITE_THREADSAFE] macro is 0,
+** the mutexes are omitted. Without the mutexes, it is not safe
+** to use SQLite concurrently from more than one thread.
+**
+** Enabling mutexes incurs a measurable performance penalty.
+** So if speed is of utmost importance, it makes sense to disable
+** the mutexes. But for maximum safety, mutexes should be enabled.
+** ^The default behavior is for mutexes to be enabled.
+**
+** This interface can be used by an application to make sure that the
+** version of SQLite that it is linking against was compiled with
+** the desired setting of the [SQLITE_THREADSAFE] macro.
+**
+** This interface only reports on the compile-time mutex setting
+** of the [SQLITE_THREADSAFE] flag. If SQLite is compiled with
+** SQLITE_THREADSAFE=1 or =2 then mutexes are enabled by default but
+** can be fully or partially disabled using a call to [sqlite3_config()]
+** with the verbs [SQLITE_CONFIG_SINGLETHREAD], [SQLITE_CONFIG_MULTITHREAD],
+** or [SQLITE_CONFIG_SERIALIZED]. ^(The return value of the
+** sqlite3_threadsafe() function shows only the compile-time setting of
+** thread safety, not any run-time changes to that setting made by
+** sqlite3_config(). In other words, the return value from sqlite3_threadsafe()
+** is unchanged by calls to sqlite3_config().)^
+**
+** See the [threading mode] documentation for additional information.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_threadsafe(void);
+
+/*
+** CAPI3REF: Database Connection Handle
+** KEYWORDS: {database connection} {database connections}
+**
+** Each open SQLite database is represented by a pointer to an instance of
+** the opaque structure named "sqlite3". It is useful to think of an sqlite3
+** pointer as an object. The [sqlite3_open()], [sqlite3_open16()], and
+** [sqlite3_open_v2()] interfaces are its constructors, and [sqlite3_close()]
+** and [sqlite3_close_v2()] are its destructors. There are many other
+** interfaces (such as
+** [sqlite3_prepare_v2()], [sqlite3_create_function()], and
+** [sqlite3_busy_timeout()] to name but three) that are methods on an
+** sqlite3 object.
+*/
+typedef struct sqlite3 sqlite3;
+
+/*
+** CAPI3REF: 64-Bit Integer Types
+** KEYWORDS: sqlite_int64 sqlite_uint64
+**
+** Because there is no cross-platform way to specify 64-bit integer types
+** SQLite includes typedefs for 64-bit signed and unsigned integers.
+**
+** The sqlite3_int64 and sqlite3_uint64 are the preferred type definitions.
+** The sqlite_int64 and sqlite_uint64 types are supported for backwards
+** compatibility only.
+**
+** ^The sqlite3_int64 and sqlite_int64 types can store integer values
+** between -9223372036854775808 and +9223372036854775807 inclusive. ^The
+** sqlite3_uint64 and sqlite_uint64 types can store integer values
+** between 0 and +18446744073709551615 inclusive.
+*/
+#ifdef SQLITE_INT64_TYPE
+ typedef SQLITE_INT64_TYPE sqlite_int64;
+ typedef unsigned SQLITE_INT64_TYPE sqlite_uint64;
+#elif defined(_MSC_VER) || defined(__BORLANDC__)
+ typedef __int64 sqlite_int64;
+ typedef unsigned __int64 sqlite_uint64;
+#else
+ typedef long long int sqlite_int64;
+ typedef unsigned long long int sqlite_uint64;
+#endif
+typedef sqlite_int64 sqlite3_int64;
+typedef sqlite_uint64 sqlite3_uint64;
+
+/*
+** If compiling for a processor that lacks floating point support,
+** substitute integer for floating-point.
+*/
+#ifdef SQLITE_OMIT_FLOATING_POINT
+# define double sqlite3_int64
+#endif
+
+/*
+** CAPI3REF: Closing A Database Connection
+** DESTRUCTOR: sqlite3
+**
+** ^The sqlite3_close() and sqlite3_close_v2() routines are destructors
+** for the [sqlite3] object.
+** ^Calls to sqlite3_close() and sqlite3_close_v2() return [SQLITE_OK] if
+** the [sqlite3] object is successfully destroyed and all associated
+** resources are deallocated.
+**
+** ^If the database connection is associated with unfinalized prepared
+** statements or unfinished sqlite3_backup objects then sqlite3_close()
+** will leave the database connection open and return [SQLITE_BUSY].
+** ^If sqlite3_close_v2() is called with unfinalized prepared statements
+** and/or unfinished sqlite3_backups, then the database connection becomes
+** an unusable "zombie" which will automatically be deallocated when the
+** last prepared statement is finalized or the last sqlite3_backup is
+** finished. The sqlite3_close_v2() interface is intended for use with
+** host languages that are garbage collected, and where the order in which
+** destructors are called is arbitrary.
+**
+** Applications should [sqlite3_finalize | finalize] all [prepared statements],
+** [sqlite3_blob_close | close] all [BLOB handles], and
+** [sqlite3_backup_finish | finish] all [sqlite3_backup] objects associated
+** with the [sqlite3] object prior to attempting to close the object. ^If
+** sqlite3_close_v2() is called on a [database connection] that still has
+** outstanding [prepared statements], [BLOB handles], and/or
+** [sqlite3_backup] objects then it returns [SQLITE_OK] and the deallocation
+** of resources is deferred until all [prepared statements], [BLOB handles],
+** and [sqlite3_backup] objects are also destroyed.
+**
+** ^If an [sqlite3] object is destroyed while a transaction is open,
+** the transaction is automatically rolled back.
+**
+** The C parameter to [sqlite3_close(C)] and [sqlite3_close_v2(C)]
+** must be either a NULL
+** pointer or an [sqlite3] object pointer obtained
+** from [sqlite3_open()], [sqlite3_open16()], or
+** [sqlite3_open_v2()], and not previously closed.
+** ^Calling sqlite3_close() or sqlite3_close_v2() with a NULL pointer
+** argument is a harmless no-op.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_close(sqlite3*);
+SQLITE_API int SQLITE_STDCALL sqlite3_close_v2(sqlite3*);
+
+/*
+** The type for a callback function.
+** This is legacy and deprecated. It is included for historical
+** compatibility and is not documented.
+*/
+typedef int (*sqlite3_callback)(void*,int,char**, char**);
+
+/*
+** CAPI3REF: One-Step Query Execution Interface
+** METHOD: sqlite3
+**
+** The sqlite3_exec() interface is a convenience wrapper around
+** [sqlite3_prepare_v2()], [sqlite3_step()], and [sqlite3_finalize()],
+** that allows an application to run multiple statements of SQL
+** without having to use a lot of C code.
+**
+** ^The sqlite3_exec() interface runs zero or more UTF-8 encoded,
+** semicolon-separate SQL statements passed into its 2nd argument,
+** in the context of the [database connection] passed in as its 1st
+** argument. ^If the callback function of the 3rd argument to
+** sqlite3_exec() is not NULL, then it is invoked for each result row
+** coming out of the evaluated SQL statements. ^The 4th argument to
+** sqlite3_exec() is relayed through to the 1st argument of each
+** callback invocation. ^If the callback pointer to sqlite3_exec()
+** is NULL, then no callback is ever invoked and result rows are
+** ignored.
+**
+** ^If an error occurs while evaluating the SQL statements passed into
+** sqlite3_exec(), then execution of the current statement stops and
+** subsequent statements are skipped. ^If the 5th parameter to sqlite3_exec()
+** is not NULL then any error message is written into memory obtained
+** from [sqlite3_malloc()] and passed back through the 5th parameter.
+** To avoid memory leaks, the application should invoke [sqlite3_free()]
+** on error message strings returned through the 5th parameter of
+** of sqlite3_exec() after the error message string is no longer needed.
+** ^If the 5th parameter to sqlite3_exec() is not NULL and no errors
+** occur, then sqlite3_exec() sets the pointer in its 5th parameter to
+** NULL before returning.
+**
+** ^If an sqlite3_exec() callback returns non-zero, the sqlite3_exec()
+** routine returns SQLITE_ABORT without invoking the callback again and
+** without running any subsequent SQL statements.
+**
+** ^The 2nd argument to the sqlite3_exec() callback function is the
+** number of columns in the result. ^The 3rd argument to the sqlite3_exec()
+** callback is an array of pointers to strings obtained as if from
+** [sqlite3_column_text()], one for each column. ^If an element of a
+** result row is NULL then the corresponding string pointer for the
+** sqlite3_exec() callback is a NULL pointer. ^The 4th argument to the
+** sqlite3_exec() callback is an array of pointers to strings where each
+** entry represents the name of corresponding result column as obtained
+** from [sqlite3_column_name()].
+**
+** ^If the 2nd parameter to sqlite3_exec() is a NULL pointer, a pointer
+** to an empty string, or a pointer that contains only whitespace and/or
+** SQL comments, then no SQL statements are evaluated and the database
+** is not changed.
+**
+** Restrictions:
+**
+** <ul>
+** <li> The application must ensure that the 1st parameter to sqlite3_exec()
+** is a valid and open [database connection].
+** <li> The application must not close the [database connection] specified by
+** the 1st parameter to sqlite3_exec() while sqlite3_exec() is running.
+** <li> The application must not modify the SQL statement text passed into
+** the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running.
+** </ul>
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_exec(
+ sqlite3*, /* An open database */
+ const char *sql, /* SQL to be evaluated */
+ int (*callback)(void*,int,char**,char**), /* Callback function */
+ void *, /* 1st argument to callback */
+ char **errmsg /* Error msg written here */
+);
+
+/*
+** CAPI3REF: Result Codes
+** KEYWORDS: {result code definitions}
+**
+** Many SQLite functions return an integer result code from the set shown
+** here in order to indicate success or failure.
+**
+** New error codes may be added in future versions of SQLite.
+**
+** See also: [extended result code definitions]
+*/
+#define SQLITE_OK 0 /* Successful result */
+/* beginning-of-error-codes */
+#define SQLITE_ERROR 1 /* SQL error or missing database */
+#define SQLITE_INTERNAL 2 /* Internal logic error in SQLite */
+#define SQLITE_PERM 3 /* Access permission denied */
+#define SQLITE_ABORT 4 /* Callback routine requested an abort */
+#define SQLITE_BUSY 5 /* The database file is locked */
+#define SQLITE_LOCKED 6 /* A table in the database is locked */
+#define SQLITE_NOMEM 7 /* A malloc() failed */
+#define SQLITE_READONLY 8 /* Attempt to write a readonly database */
+#define SQLITE_INTERRUPT 9 /* Operation terminated by sqlite3_interrupt()*/
+#define SQLITE_IOERR 10 /* Some kind of disk I/O error occurred */
+#define SQLITE_CORRUPT 11 /* The database disk image is malformed */
+#define SQLITE_NOTFOUND 12 /* Unknown opcode in sqlite3_file_control() */
+#define SQLITE_FULL 13 /* Insertion failed because database is full */
+#define SQLITE_CANTOPEN 14 /* Unable to open the database file */
+#define SQLITE_PROTOCOL 15 /* Database lock protocol error */
+#define SQLITE_EMPTY 16 /* Database is empty */
+#define SQLITE_SCHEMA 17 /* The database schema changed */
+#define SQLITE_TOOBIG 18 /* String or BLOB exceeds size limit */
+#define SQLITE_CONSTRAINT 19 /* Abort due to constraint violation */
+#define SQLITE_MISMATCH 20 /* Data type mismatch */
+#define SQLITE_MISUSE 21 /* Library used incorrectly */
+#define SQLITE_NOLFS 22 /* Uses OS features not supported on host */
+#define SQLITE_AUTH 23 /* Authorization denied */
+#define SQLITE_FORMAT 24 /* Auxiliary database format error */
+#define SQLITE_RANGE 25 /* 2nd parameter to sqlite3_bind out of range */
+#define SQLITE_NOTADB 26 /* File opened that is not a database file */
+#define SQLITE_NOTICE 27 /* Notifications from sqlite3_log() */
+#define SQLITE_WARNING 28 /* Warnings from sqlite3_log() */
+#define SQLITE_ROW 100 /* sqlite3_step() has another row ready */
+#define SQLITE_DONE 101 /* sqlite3_step() has finished executing */
+/* end-of-error-codes */
+
+/*
+** CAPI3REF: Extended Result Codes
+** KEYWORDS: {extended result code definitions}
+**
+** In its default configuration, SQLite API routines return one of 30 integer
+** [result codes]. However, experience has shown that many of
+** these result codes are too coarse-grained. They do not provide as
+** much information about problems as programmers might like. In an effort to
+** address this, newer versions of SQLite (version 3.3.8 and later) include
+** support for additional result codes that provide more detailed information
+** about errors. These [extended result codes] are enabled or disabled
+** on a per database connection basis using the
+** [sqlite3_extended_result_codes()] API. Or, the extended code for
+** the most recent error can be obtained using
+** [sqlite3_extended_errcode()].
+*/
+#define SQLITE_IOERR_READ (SQLITE_IOERR | (1<<8))
+#define SQLITE_IOERR_SHORT_READ (SQLITE_IOERR | (2<<8))
+#define SQLITE_IOERR_WRITE (SQLITE_IOERR | (3<<8))
+#define SQLITE_IOERR_FSYNC (SQLITE_IOERR | (4<<8))
+#define SQLITE_IOERR_DIR_FSYNC (SQLITE_IOERR | (5<<8))
+#define SQLITE_IOERR_TRUNCATE (SQLITE_IOERR | (6<<8))
+#define SQLITE_IOERR_FSTAT (SQLITE_IOERR | (7<<8))
+#define SQLITE_IOERR_UNLOCK (SQLITE_IOERR | (8<<8))
+#define SQLITE_IOERR_RDLOCK (SQLITE_IOERR | (9<<8))
+#define SQLITE_IOERR_DELETE (SQLITE_IOERR | (10<<8))
+#define SQLITE_IOERR_BLOCKED (SQLITE_IOERR | (11<<8))
+#define SQLITE_IOERR_NOMEM (SQLITE_IOERR | (12<<8))
+#define SQLITE_IOERR_ACCESS (SQLITE_IOERR | (13<<8))
+#define SQLITE_IOERR_CHECKRESERVEDLOCK (SQLITE_IOERR | (14<<8))
+#define SQLITE_IOERR_LOCK (SQLITE_IOERR | (15<<8))
+#define SQLITE_IOERR_CLOSE (SQLITE_IOERR | (16<<8))
+#define SQLITE_IOERR_DIR_CLOSE (SQLITE_IOERR | (17<<8))
+#define SQLITE_IOERR_SHMOPEN (SQLITE_IOERR | (18<<8))
+#define SQLITE_IOERR_SHMSIZE (SQLITE_IOERR | (19<<8))
+#define SQLITE_IOERR_SHMLOCK (SQLITE_IOERR | (20<<8))
+#define SQLITE_IOERR_SHMMAP (SQLITE_IOERR | (21<<8))
+#define SQLITE_IOERR_SEEK (SQLITE_IOERR | (22<<8))
+#define SQLITE_IOERR_DELETE_NOENT (SQLITE_IOERR | (23<<8))
+#define SQLITE_IOERR_MMAP (SQLITE_IOERR | (24<<8))
+#define SQLITE_IOERR_GETTEMPPATH (SQLITE_IOERR | (25<<8))
+#define SQLITE_IOERR_CONVPATH (SQLITE_IOERR | (26<<8))
+#define SQLITE_IOERR_VNODE (SQLITE_IOERR | (27<<8))
+#define SQLITE_IOERR_AUTH (SQLITE_IOERR | (28<<8))
+#define SQLITE_LOCKED_SHAREDCACHE (SQLITE_LOCKED | (1<<8))
+#define SQLITE_BUSY_RECOVERY (SQLITE_BUSY | (1<<8))
+#define SQLITE_BUSY_SNAPSHOT (SQLITE_BUSY | (2<<8))
+#define SQLITE_CANTOPEN_NOTEMPDIR (SQLITE_CANTOPEN | (1<<8))
+#define SQLITE_CANTOPEN_ISDIR (SQLITE_CANTOPEN | (2<<8))
+#define SQLITE_CANTOPEN_FULLPATH (SQLITE_CANTOPEN | (3<<8))
+#define SQLITE_CANTOPEN_CONVPATH (SQLITE_CANTOPEN | (4<<8))
+#define SQLITE_CORRUPT_VTAB (SQLITE_CORRUPT | (1<<8))
+#define SQLITE_READONLY_RECOVERY (SQLITE_READONLY | (1<<8))
+#define SQLITE_READONLY_CANTLOCK (SQLITE_READONLY | (2<<8))
+#define SQLITE_READONLY_ROLLBACK (SQLITE_READONLY | (3<<8))
+#define SQLITE_READONLY_DBMOVED (SQLITE_READONLY | (4<<8))
+#define SQLITE_ABORT_ROLLBACK (SQLITE_ABORT | (2<<8))
+#define SQLITE_CONSTRAINT_CHECK (SQLITE_CONSTRAINT | (1<<8))
+#define SQLITE_CONSTRAINT_COMMITHOOK (SQLITE_CONSTRAINT | (2<<8))
+#define SQLITE_CONSTRAINT_FOREIGNKEY (SQLITE_CONSTRAINT | (3<<8))
+#define SQLITE_CONSTRAINT_FUNCTION (SQLITE_CONSTRAINT | (4<<8))
+#define SQLITE_CONSTRAINT_NOTNULL (SQLITE_CONSTRAINT | (5<<8))
+#define SQLITE_CONSTRAINT_PRIMARYKEY (SQLITE_CONSTRAINT | (6<<8))
+#define SQLITE_CONSTRAINT_TRIGGER (SQLITE_CONSTRAINT | (7<<8))
+#define SQLITE_CONSTRAINT_UNIQUE (SQLITE_CONSTRAINT | (8<<8))
+#define SQLITE_CONSTRAINT_VTAB (SQLITE_CONSTRAINT | (9<<8))
+#define SQLITE_CONSTRAINT_ROWID (SQLITE_CONSTRAINT |(10<<8))
+#define SQLITE_NOTICE_RECOVER_WAL (SQLITE_NOTICE | (1<<8))
+#define SQLITE_NOTICE_RECOVER_ROLLBACK (SQLITE_NOTICE | (2<<8))
+#define SQLITE_WARNING_AUTOINDEX (SQLITE_WARNING | (1<<8))
+#define SQLITE_AUTH_USER (SQLITE_AUTH | (1<<8))
+
+/*
+** CAPI3REF: Flags For File Open Operations
+**
+** These bit values are intended for use in the
+** 3rd parameter to the [sqlite3_open_v2()] interface and
+** in the 4th parameter to the [sqlite3_vfs.xOpen] method.
+*/
+#define SQLITE_OPEN_READONLY 0x00000001 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_READWRITE 0x00000002 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_CREATE 0x00000004 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_DELETEONCLOSE 0x00000008 /* VFS only */
+#define SQLITE_OPEN_EXCLUSIVE 0x00000010 /* VFS only */
+#define SQLITE_OPEN_AUTOPROXY 0x00000020 /* VFS only */
+#define SQLITE_OPEN_URI 0x00000040 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_MEMORY 0x00000080 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_MAIN_DB 0x00000100 /* VFS only */
+#define SQLITE_OPEN_TEMP_DB 0x00000200 /* VFS only */
+#define SQLITE_OPEN_TRANSIENT_DB 0x00000400 /* VFS only */
+#define SQLITE_OPEN_MAIN_JOURNAL 0x00000800 /* VFS only */
+#define SQLITE_OPEN_TEMP_JOURNAL 0x00001000 /* VFS only */
+#define SQLITE_OPEN_SUBJOURNAL 0x00002000 /* VFS only */
+#define SQLITE_OPEN_MASTER_JOURNAL 0x00004000 /* VFS only */
+#define SQLITE_OPEN_NOMUTEX 0x00008000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_FULLMUTEX 0x00010000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_SHAREDCACHE 0x00020000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_PRIVATECACHE 0x00040000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_WAL 0x00080000 /* VFS only */
+
+/* Reserved: 0x00F00000 */
+
+/*
+** CAPI3REF: Device Characteristics
+**
+** The xDeviceCharacteristics method of the [sqlite3_io_methods]
+** object returns an integer which is a vector of these
+** bit values expressing I/O characteristics of the mass storage
+** device that holds the file that the [sqlite3_io_methods]
+** refers to.
+**
+** The SQLITE_IOCAP_ATOMIC property means that all writes of
+** any size are atomic. The SQLITE_IOCAP_ATOMICnnn values
+** mean that writes of blocks that are nnn bytes in size and
+** are aligned to an address which is an integer multiple of
+** nnn are atomic. The SQLITE_IOCAP_SAFE_APPEND value means
+** that when data is appended to a file, the data is appended
+** first then the size of the file is extended, never the other
+** way around. The SQLITE_IOCAP_SEQUENTIAL property means that
+** information is written to disk in the same order as calls
+** to xWrite(). The SQLITE_IOCAP_POWERSAFE_OVERWRITE property means that
+** after reboot following a crash or power loss, the only bytes in a
+** file that were written at the application level might have changed
+** and that adjacent bytes, even bytes within the same sector are
+** guaranteed to be unchanged. The SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN
+** flag indicate that a file cannot be deleted when open. The
+** SQLITE_IOCAP_IMMUTABLE flag indicates that the file is on
+** read-only media and cannot be changed even by processes with
+** elevated privileges.
+*/
+#define SQLITE_IOCAP_ATOMIC 0x00000001
+#define SQLITE_IOCAP_ATOMIC512 0x00000002
+#define SQLITE_IOCAP_ATOMIC1K 0x00000004
+#define SQLITE_IOCAP_ATOMIC2K 0x00000008
+#define SQLITE_IOCAP_ATOMIC4K 0x00000010
+#define SQLITE_IOCAP_ATOMIC8K 0x00000020
+#define SQLITE_IOCAP_ATOMIC16K 0x00000040
+#define SQLITE_IOCAP_ATOMIC32K 0x00000080
+#define SQLITE_IOCAP_ATOMIC64K 0x00000100
+#define SQLITE_IOCAP_SAFE_APPEND 0x00000200
+#define SQLITE_IOCAP_SEQUENTIAL 0x00000400
+#define SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN 0x00000800
+#define SQLITE_IOCAP_POWERSAFE_OVERWRITE 0x00001000
+#define SQLITE_IOCAP_IMMUTABLE 0x00002000
+
+/*
+** CAPI3REF: File Locking Levels
+**
+** SQLite uses one of these integer values as the second
+** argument to calls it makes to the xLock() and xUnlock() methods
+** of an [sqlite3_io_methods] object.
+*/
+#define SQLITE_LOCK_NONE 0
+#define SQLITE_LOCK_SHARED 1
+#define SQLITE_LOCK_RESERVED 2
+#define SQLITE_LOCK_PENDING 3
+#define SQLITE_LOCK_EXCLUSIVE 4
+
+/*
+** CAPI3REF: Synchronization Type Flags
+**
+** When SQLite invokes the xSync() method of an
+** [sqlite3_io_methods] object it uses a combination of
+** these integer values as the second argument.
+**
+** When the SQLITE_SYNC_DATAONLY flag is used, it means that the
+** sync operation only needs to flush data to mass storage. Inode
+** information need not be flushed. If the lower four bits of the flag
+** equal SQLITE_SYNC_NORMAL, that means to use normal fsync() semantics.
+** If the lower four bits equal SQLITE_SYNC_FULL, that means
+** to use Mac OS X style fullsync instead of fsync().
+**
+** Do not confuse the SQLITE_SYNC_NORMAL and SQLITE_SYNC_FULL flags
+** with the [PRAGMA synchronous]=NORMAL and [PRAGMA synchronous]=FULL
+** settings. The [synchronous pragma] determines when calls to the
+** xSync VFS method occur and applies uniformly across all platforms.
+** The SQLITE_SYNC_NORMAL and SQLITE_SYNC_FULL flags determine how
+** energetic or rigorous or forceful the sync operations are and
+** only make a difference on Mac OSX for the default SQLite code.
+** (Third-party VFS implementations might also make the distinction
+** between SQLITE_SYNC_NORMAL and SQLITE_SYNC_FULL, but among the
+** operating systems natively supported by SQLite, only Mac OSX
+** cares about the difference.)
+*/
+#define SQLITE_SYNC_NORMAL 0x00002
+#define SQLITE_SYNC_FULL 0x00003
+#define SQLITE_SYNC_DATAONLY 0x00010
+
+/*
+** CAPI3REF: OS Interface Open File Handle
+**
+** An [sqlite3_file] object represents an open file in the
+** [sqlite3_vfs | OS interface layer]. Individual OS interface
+** implementations will
+** want to subclass this object by appending additional fields
+** for their own use. The pMethods entry is a pointer to an
+** [sqlite3_io_methods] object that defines methods for performing
+** I/O operations on the open file.
+*/
+typedef struct sqlite3_file sqlite3_file;
+struct sqlite3_file {
+ const struct sqlite3_io_methods *pMethods; /* Methods for an open file */
+};
+
+/*
+** CAPI3REF: OS Interface File Virtual Methods Object
+**
+** Every file opened by the [sqlite3_vfs.xOpen] method populates an
+** [sqlite3_file] object (or, more commonly, a subclass of the
+** [sqlite3_file] object) with a pointer to an instance of this object.
+** This object defines the methods used to perform various operations
+** against the open file represented by the [sqlite3_file] object.
+**
+** If the [sqlite3_vfs.xOpen] method sets the sqlite3_file.pMethods element
+** to a non-NULL pointer, then the sqlite3_io_methods.xClose method
+** may be invoked even if the [sqlite3_vfs.xOpen] reported that it failed. The
+** only way to prevent a call to xClose following a failed [sqlite3_vfs.xOpen]
+** is for the [sqlite3_vfs.xOpen] to set the sqlite3_file.pMethods element
+** to NULL.
+**
+** The flags argument to xSync may be one of [SQLITE_SYNC_NORMAL] or
+** [SQLITE_SYNC_FULL]. The first choice is the normal fsync().
+** The second choice is a Mac OS X style fullsync. The [SQLITE_SYNC_DATAONLY]
+** flag may be ORed in to indicate that only the data of the file
+** and not its inode needs to be synced.
+**
+** The integer values to xLock() and xUnlock() are one of
+** <ul>
+** <li> [SQLITE_LOCK_NONE],
+** <li> [SQLITE_LOCK_SHARED],
+** <li> [SQLITE_LOCK_RESERVED],
+** <li> [SQLITE_LOCK_PENDING], or
+** <li> [SQLITE_LOCK_EXCLUSIVE].
+** </ul>
+** xLock() increases the lock. xUnlock() decreases the lock.
+** The xCheckReservedLock() method checks whether any database connection,
+** either in this process or in some other process, is holding a RESERVED,
+** PENDING, or EXCLUSIVE lock on the file. It returns true
+** if such a lock exists and false otherwise.
+**
+** The xFileControl() method is a generic interface that allows custom
+** VFS implementations to directly control an open file using the
+** [sqlite3_file_control()] interface. The second "op" argument is an
+** integer opcode. The third argument is a generic pointer intended to
+** point to a structure that may contain arguments or space in which to
+** write return values. Potential uses for xFileControl() might be
+** functions to enable blocking locks with timeouts, to change the
+** locking strategy (for example to use dot-file locks), to inquire
+** about the status of a lock, or to break stale locks. The SQLite
+** core reserves all opcodes less than 100 for its own use.
+** A [file control opcodes | list of opcodes] less than 100 is available.
+** Applications that define a custom xFileControl method should use opcodes
+** greater than 100 to avoid conflicts. VFS implementations should
+** return [SQLITE_NOTFOUND] for file control opcodes that they do not
+** recognize.
+**
+** The xSectorSize() method returns the sector size of the
+** device that underlies the file. The sector size is the
+** minimum write that can be performed without disturbing
+** other bytes in the file. The xDeviceCharacteristics()
+** method returns a bit vector describing behaviors of the
+** underlying device:
+**
+** <ul>
+** <li> [SQLITE_IOCAP_ATOMIC]
+** <li> [SQLITE_IOCAP_ATOMIC512]
+** <li> [SQLITE_IOCAP_ATOMIC1K]
+** <li> [SQLITE_IOCAP_ATOMIC2K]
+** <li> [SQLITE_IOCAP_ATOMIC4K]
+** <li> [SQLITE_IOCAP_ATOMIC8K]
+** <li> [SQLITE_IOCAP_ATOMIC16K]
+** <li> [SQLITE_IOCAP_ATOMIC32K]
+** <li> [SQLITE_IOCAP_ATOMIC64K]
+** <li> [SQLITE_IOCAP_SAFE_APPEND]
+** <li> [SQLITE_IOCAP_SEQUENTIAL]
+** </ul>
+**
+** The SQLITE_IOCAP_ATOMIC property means that all writes of
+** any size are atomic. The SQLITE_IOCAP_ATOMICnnn values
+** mean that writes of blocks that are nnn bytes in size and
+** are aligned to an address which is an integer multiple of
+** nnn are atomic. The SQLITE_IOCAP_SAFE_APPEND value means
+** that when data is appended to a file, the data is appended
+** first then the size of the file is extended, never the other
+** way around. The SQLITE_IOCAP_SEQUENTIAL property means that
+** information is written to disk in the same order as calls
+** to xWrite().
+**
+** If xRead() returns SQLITE_IOERR_SHORT_READ it must also fill
+** in the unread portions of the buffer with zeros. A VFS that
+** fails to zero-fill short reads might seem to work. However,
+** failure to zero-fill short reads will eventually lead to
+** database corruption.
+*/
+typedef struct sqlite3_io_methods sqlite3_io_methods;
+struct sqlite3_io_methods {
+ int iVersion;
+ int (*xClose)(sqlite3_file*);
+ int (*xRead)(sqlite3_file*, void*, int iAmt, sqlite3_int64 iOfst);
+ int (*xWrite)(sqlite3_file*, const void*, int iAmt, sqlite3_int64 iOfst);
+ int (*xTruncate)(sqlite3_file*, sqlite3_int64 size);
+ int (*xSync)(sqlite3_file*, int flags);
+ int (*xFileSize)(sqlite3_file*, sqlite3_int64 *pSize);
+ int (*xLock)(sqlite3_file*, int);
+ int (*xUnlock)(sqlite3_file*, int);
+ int (*xCheckReservedLock)(sqlite3_file*, int *pResOut);
+ int (*xFileControl)(sqlite3_file*, int op, void *pArg);
+ int (*xSectorSize)(sqlite3_file*);
+ int (*xDeviceCharacteristics)(sqlite3_file*);
+ /* Methods above are valid for version 1 */
+ int (*xShmMap)(sqlite3_file*, int iPg, int pgsz, int, void volatile**);
+ int (*xShmLock)(sqlite3_file*, int offset, int n, int flags);
+ void (*xShmBarrier)(sqlite3_file*);
+ int (*xShmUnmap)(sqlite3_file*, int deleteFlag);
+ /* Methods above are valid for version 2 */
+ int (*xFetch)(sqlite3_file*, sqlite3_int64 iOfst, int iAmt, void **pp);
+ int (*xUnfetch)(sqlite3_file*, sqlite3_int64 iOfst, void *p);
+ /* Methods above are valid for version 3 */
+ /* Additional methods may be added in future releases */
+};
+
+/*
+** CAPI3REF: Standard File Control Opcodes
+** KEYWORDS: {file control opcodes} {file control opcode}
+**
+** These integer constants are opcodes for the xFileControl method
+** of the [sqlite3_io_methods] object and for the [sqlite3_file_control()]
+** interface.
+**
+** <ul>
+** <li>[[SQLITE_FCNTL_LOCKSTATE]]
+** The [SQLITE_FCNTL_LOCKSTATE] opcode is used for debugging. This
+** opcode causes the xFileControl method to write the current state of
+** the lock (one of [SQLITE_LOCK_NONE], [SQLITE_LOCK_SHARED],
+** [SQLITE_LOCK_RESERVED], [SQLITE_LOCK_PENDING], or [SQLITE_LOCK_EXCLUSIVE])
+** into an integer that the pArg argument points to. This capability
+** is used during testing and is only available when the SQLITE_TEST
+** compile-time option is used.
+**
+** <li>[[SQLITE_FCNTL_SIZE_HINT]]
+** The [SQLITE_FCNTL_SIZE_HINT] opcode is used by SQLite to give the VFS
+** layer a hint of how large the database file will grow to be during the
+** current transaction. This hint is not guaranteed to be accurate but it
+** is often close. The underlying VFS might choose to preallocate database
+** file space based on this hint in order to help writes to the database
+** file run faster.
+**
+** <li>[[SQLITE_FCNTL_CHUNK_SIZE]]
+** The [SQLITE_FCNTL_CHUNK_SIZE] opcode is used to request that the VFS
+** extends and truncates the database file in chunks of a size specified
+** by the user. The fourth argument to [sqlite3_file_control()] should
+** point to an integer (type int) containing the new chunk-size to use
+** for the nominated database. Allocating database file space in large
+** chunks (say 1MB at a time), may reduce file-system fragmentation and
+** improve performance on some systems.
+**
+** <li>[[SQLITE_FCNTL_FILE_POINTER]]
+** The [SQLITE_FCNTL_FILE_POINTER] opcode is used to obtain a pointer
+** to the [sqlite3_file] object associated with a particular database
+** connection. See also [SQLITE_FCNTL_JOURNAL_POINTER].
+**
+** <li>[[SQLITE_FCNTL_JOURNAL_POINTER]]
+** The [SQLITE_FCNTL_JOURNAL_POINTER] opcode is used to obtain a pointer
+** to the [sqlite3_file] object associated with the journal file (either
+** the [rollback journal] or the [write-ahead log]) for a particular database
+** connection. See also [SQLITE_FCNTL_FILE_POINTER].
+**
+** <li>[[SQLITE_FCNTL_SYNC_OMITTED]]
+** No longer in use.
+**
+** <li>[[SQLITE_FCNTL_SYNC]]
+** The [SQLITE_FCNTL_SYNC] opcode is generated internally by SQLite and
+** sent to the VFS immediately before the xSync method is invoked on a
+** database file descriptor. Or, if the xSync method is not invoked
+** because the user has configured SQLite with
+** [PRAGMA synchronous | PRAGMA synchronous=OFF] it is invoked in place
+** of the xSync method. In most cases, the pointer argument passed with
+** this file-control is NULL. However, if the database file is being synced
+** as part of a multi-database commit, the argument points to a nul-terminated
+** string containing the transactions master-journal file name. VFSes that
+** do not need this signal should silently ignore this opcode. Applications
+** should not call [sqlite3_file_control()] with this opcode as doing so may
+** disrupt the operation of the specialized VFSes that do require it.
+**
+** <li>[[SQLITE_FCNTL_COMMIT_PHASETWO]]
+** The [SQLITE_FCNTL_COMMIT_PHASETWO] opcode is generated internally by SQLite
+** and sent to the VFS after a transaction has been committed immediately
+** but before the database is unlocked. VFSes that do not need this signal
+** should silently ignore this opcode. Applications should not call
+** [sqlite3_file_control()] with this opcode as doing so may disrupt the
+** operation of the specialized VFSes that do require it.
+**
+** <li>[[SQLITE_FCNTL_WIN32_AV_RETRY]]
+** ^The [SQLITE_FCNTL_WIN32_AV_RETRY] opcode is used to configure automatic
+** retry counts and intervals for certain disk I/O operations for the
+** windows [VFS] in order to provide robustness in the presence of
+** anti-virus programs. By default, the windows VFS will retry file read,
+** file write, and file delete operations up to 10 times, with a delay
+** of 25 milliseconds before the first retry and with the delay increasing
+** by an additional 25 milliseconds with each subsequent retry. This
+** opcode allows these two values (10 retries and 25 milliseconds of delay)
+** to be adjusted. The values are changed for all database connections
+** within the same process. The argument is a pointer to an array of two
+** integers where the first integer i the new retry count and the second
+** integer is the delay. If either integer is negative, then the setting
+** is not changed but instead the prior value of that setting is written
+** into the array entry, allowing the current retry settings to be
+** interrogated. The zDbName parameter is ignored.
+**
+** <li>[[SQLITE_FCNTL_PERSIST_WAL]]
+** ^The [SQLITE_FCNTL_PERSIST_WAL] opcode is used to set or query the
+** persistent [WAL | Write Ahead Log] setting. By default, the auxiliary
+** write ahead log and shared memory files used for transaction control
+** are automatically deleted when the latest connection to the database
+** closes. Setting persistent WAL mode causes those files to persist after
+** close. Persisting the files is useful when other processes that do not
+** have write permission on the directory containing the database file want
+** to read the database file, as the WAL and shared memory files must exist
+** in order for the database to be readable. The fourth parameter to
+** [sqlite3_file_control()] for this opcode should be a pointer to an integer.
+** That integer is 0 to disable persistent WAL mode or 1 to enable persistent
+** WAL mode. If the integer is -1, then it is overwritten with the current
+** WAL persistence setting.
+**
+** <li>[[SQLITE_FCNTL_POWERSAFE_OVERWRITE]]
+** ^The [SQLITE_FCNTL_POWERSAFE_OVERWRITE] opcode is used to set or query the
+** persistent "powersafe-overwrite" or "PSOW" setting. The PSOW setting
+** determines the [SQLITE_IOCAP_POWERSAFE_OVERWRITE] bit of the
+** xDeviceCharacteristics methods. The fourth parameter to
+** [sqlite3_file_control()] for this opcode should be a pointer to an integer.
+** That integer is 0 to disable zero-damage mode or 1 to enable zero-damage
+** mode. If the integer is -1, then it is overwritten with the current
+** zero-damage mode setting.
+**
+** <li>[[SQLITE_FCNTL_OVERWRITE]]
+** ^The [SQLITE_FCNTL_OVERWRITE] opcode is invoked by SQLite after opening
+** a write transaction to indicate that, unless it is rolled back for some
+** reason, the entire database file will be overwritten by the current
+** transaction. This is used by VACUUM operations.
+**
+** <li>[[SQLITE_FCNTL_VFSNAME]]
+** ^The [SQLITE_FCNTL_VFSNAME] opcode can be used to obtain the names of
+** all [VFSes] in the VFS stack. The names are of all VFS shims and the
+** final bottom-level VFS are written into memory obtained from
+** [sqlite3_malloc()] and the result is stored in the char* variable
+** that the fourth parameter of [sqlite3_file_control()] points to.
+** The caller is responsible for freeing the memory when done. As with
+** all file-control actions, there is no guarantee that this will actually
+** do anything. Callers should initialize the char* variable to a NULL
+** pointer in case this file-control is not implemented. This file-control
+** is intended for diagnostic use only.
+**
+** <li>[[SQLITE_FCNTL_VFS_POINTER]]
+** ^The [SQLITE_FCNTL_VFS_POINTER] opcode finds a pointer to the top-level
+** [VFSes] currently in use. ^(The argument X in
+** sqlite3_file_control(db,SQLITE_FCNTL_VFS_POINTER,X) must be
+** of type "[sqlite3_vfs] **". This opcodes will set *X
+** to a pointer to the top-level VFS.)^
+** ^When there are multiple VFS shims in the stack, this opcode finds the
+** upper-most shim only.
+**
+** <li>[[SQLITE_FCNTL_PRAGMA]]
+** ^Whenever a [PRAGMA] statement is parsed, an [SQLITE_FCNTL_PRAGMA]
+** file control is sent to the open [sqlite3_file] object corresponding
+** to the database file to which the pragma statement refers. ^The argument
+** to the [SQLITE_FCNTL_PRAGMA] file control is an array of
+** pointers to strings (char**) in which the second element of the array
+** is the name of the pragma and the third element is the argument to the
+** pragma or NULL if the pragma has no argument. ^The handler for an
+** [SQLITE_FCNTL_PRAGMA] file control can optionally make the first element
+** of the char** argument point to a string obtained from [sqlite3_mprintf()]
+** or the equivalent and that string will become the result of the pragma or
+** the error message if the pragma fails. ^If the
+** [SQLITE_FCNTL_PRAGMA] file control returns [SQLITE_NOTFOUND], then normal
+** [PRAGMA] processing continues. ^If the [SQLITE_FCNTL_PRAGMA]
+** file control returns [SQLITE_OK], then the parser assumes that the
+** VFS has handled the PRAGMA itself and the parser generates a no-op
+** prepared statement if result string is NULL, or that returns a copy
+** of the result string if the string is non-NULL.
+** ^If the [SQLITE_FCNTL_PRAGMA] file control returns
+** any result code other than [SQLITE_OK] or [SQLITE_NOTFOUND], that means
+** that the VFS encountered an error while handling the [PRAGMA] and the
+** compilation of the PRAGMA fails with an error. ^The [SQLITE_FCNTL_PRAGMA]
+** file control occurs at the beginning of pragma statement analysis and so
+** it is able to override built-in [PRAGMA] statements.
+**
+** <li>[[SQLITE_FCNTL_BUSYHANDLER]]
+** ^The [SQLITE_FCNTL_BUSYHANDLER]
+** file-control may be invoked by SQLite on the database file handle
+** shortly after it is opened in order to provide a custom VFS with access
+** to the connections busy-handler callback. The argument is of type (void **)
+** - an array of two (void *) values. The first (void *) actually points
+** to a function of type (int (*)(void *)). In order to invoke the connections
+** busy-handler, this function should be invoked with the second (void *) in
+** the array as the only argument. If it returns non-zero, then the operation
+** should be retried. If it returns zero, the custom VFS should abandon the
+** current operation.
+**
+** <li>[[SQLITE_FCNTL_TEMPFILENAME]]
+** ^Application can invoke the [SQLITE_FCNTL_TEMPFILENAME] file-control
+** to have SQLite generate a
+** temporary filename using the same algorithm that is followed to generate
+** temporary filenames for TEMP tables and other internal uses. The
+** argument should be a char** which will be filled with the filename
+** written into memory obtained from [sqlite3_malloc()]. The caller should
+** invoke [sqlite3_free()] on the result to avoid a memory leak.
+**
+** <li>[[SQLITE_FCNTL_MMAP_SIZE]]
+** The [SQLITE_FCNTL_MMAP_SIZE] file control is used to query or set the
+** maximum number of bytes that will be used for memory-mapped I/O.
+** The argument is a pointer to a value of type sqlite3_int64 that
+** is an advisory maximum number of bytes in the file to memory map. The
+** pointer is overwritten with the old value. The limit is not changed if
+** the value originally pointed to is negative, and so the current limit
+** can be queried by passing in a pointer to a negative number. This
+** file-control is used internally to implement [PRAGMA mmap_size].
+**
+** <li>[[SQLITE_FCNTL_TRACE]]
+** The [SQLITE_FCNTL_TRACE] file control provides advisory information
+** to the VFS about what the higher layers of the SQLite stack are doing.
+** This file control is used by some VFS activity tracing [shims].
+** The argument is a zero-terminated string. Higher layers in the
+** SQLite stack may generate instances of this file control if
+** the [SQLITE_USE_FCNTL_TRACE] compile-time option is enabled.
+**
+** <li>[[SQLITE_FCNTL_HAS_MOVED]]
+** The [SQLITE_FCNTL_HAS_MOVED] file control interprets its argument as a
+** pointer to an integer and it writes a boolean into that integer depending
+** on whether or not the file has been renamed, moved, or deleted since it
+** was first opened.
+**
+** <li>[[SQLITE_FCNTL_WIN32_SET_HANDLE]]
+** The [SQLITE_FCNTL_WIN32_SET_HANDLE] opcode is used for debugging. This
+** opcode causes the xFileControl method to swap the file handle with the one
+** pointed to by the pArg argument. This capability is used during testing
+** and only needs to be supported when SQLITE_TEST is defined.
+**
+** <li>[[SQLITE_FCNTL_WAL_BLOCK]]
+** The [SQLITE_FCNTL_WAL_BLOCK] is a signal to the VFS layer that it might
+** be advantageous to block on the next WAL lock if the lock is not immediately
+** available. The WAL subsystem issues this signal during rare
+** circumstances in order to fix a problem with priority inversion.
+** Applications should <em>not</em> use this file-control.
+**
+** <li>[[SQLITE_FCNTL_ZIPVFS]]
+** The [SQLITE_FCNTL_ZIPVFS] opcode is implemented by zipvfs only. All other
+** VFS should return SQLITE_NOTFOUND for this opcode.
+**
+** <li>[[SQLITE_FCNTL_RBU]]
+** The [SQLITE_FCNTL_RBU] opcode is implemented by the special VFS used by
+** the RBU extension only. All other VFS should return SQLITE_NOTFOUND for
+** this opcode.
+** </ul>
+*/
+#define SQLITE_FCNTL_LOCKSTATE 1
+#define SQLITE_FCNTL_GET_LOCKPROXYFILE 2
+#define SQLITE_FCNTL_SET_LOCKPROXYFILE 3
+#define SQLITE_FCNTL_LAST_ERRNO 4
+#define SQLITE_FCNTL_SIZE_HINT 5
+#define SQLITE_FCNTL_CHUNK_SIZE 6
+#define SQLITE_FCNTL_FILE_POINTER 7
+#define SQLITE_FCNTL_SYNC_OMITTED 8
+#define SQLITE_FCNTL_WIN32_AV_RETRY 9
+#define SQLITE_FCNTL_PERSIST_WAL 10
+#define SQLITE_FCNTL_OVERWRITE 11
+#define SQLITE_FCNTL_VFSNAME 12
+#define SQLITE_FCNTL_POWERSAFE_OVERWRITE 13
+#define SQLITE_FCNTL_PRAGMA 14
+#define SQLITE_FCNTL_BUSYHANDLER 15
+#define SQLITE_FCNTL_TEMPFILENAME 16
+#define SQLITE_FCNTL_MMAP_SIZE 18
+#define SQLITE_FCNTL_TRACE 19
+#define SQLITE_FCNTL_HAS_MOVED 20
+#define SQLITE_FCNTL_SYNC 21
+#define SQLITE_FCNTL_COMMIT_PHASETWO 22
+#define SQLITE_FCNTL_WIN32_SET_HANDLE 23
+#define SQLITE_FCNTL_WAL_BLOCK 24
+#define SQLITE_FCNTL_ZIPVFS 25
+#define SQLITE_FCNTL_RBU 26
+#define SQLITE_FCNTL_VFS_POINTER 27
+#define SQLITE_FCNTL_JOURNAL_POINTER 28
+
+/* deprecated names */
+#define SQLITE_GET_LOCKPROXYFILE SQLITE_FCNTL_GET_LOCKPROXYFILE
+#define SQLITE_SET_LOCKPROXYFILE SQLITE_FCNTL_SET_LOCKPROXYFILE
+#define SQLITE_LAST_ERRNO SQLITE_FCNTL_LAST_ERRNO
+
+
+/*
+** CAPI3REF: Mutex Handle
+**
+** The mutex module within SQLite defines [sqlite3_mutex] to be an
+** abstract type for a mutex object. The SQLite core never looks
+** at the internal representation of an [sqlite3_mutex]. It only
+** deals with pointers to the [sqlite3_mutex] object.
+**
+** Mutexes are created using [sqlite3_mutex_alloc()].
+*/
+typedef struct sqlite3_mutex sqlite3_mutex;
+
+/*
+** CAPI3REF: OS Interface Object
+**
+** An instance of the sqlite3_vfs object defines the interface between
+** the SQLite core and the underlying operating system. The "vfs"
+** in the name of the object stands for "virtual file system". See
+** the [VFS | VFS documentation] for further information.
+**
+** The value of the iVersion field is initially 1 but may be larger in
+** future versions of SQLite. Additional fields may be appended to this
+** object when the iVersion value is increased. Note that the structure
+** of the sqlite3_vfs object changes in the transaction between
+** SQLite version 3.5.9 and 3.6.0 and yet the iVersion field was not
+** modified.
+**
+** The szOsFile field is the size of the subclassed [sqlite3_file]
+** structure used by this VFS. mxPathname is the maximum length of
+** a pathname in this VFS.
+**
+** Registered sqlite3_vfs objects are kept on a linked list formed by
+** the pNext pointer. The [sqlite3_vfs_register()]
+** and [sqlite3_vfs_unregister()] interfaces manage this list
+** in a thread-safe way. The [sqlite3_vfs_find()] interface
+** searches the list. Neither the application code nor the VFS
+** implementation should use the pNext pointer.
+**
+** The pNext field is the only field in the sqlite3_vfs
+** structure that SQLite will ever modify. SQLite will only access
+** or modify this field while holding a particular static mutex.
+** The application should never modify anything within the sqlite3_vfs
+** object once the object has been registered.
+**
+** The zName field holds the name of the VFS module. The name must
+** be unique across all VFS modules.
+**
+** [[sqlite3_vfs.xOpen]]
+** ^SQLite guarantees that the zFilename parameter to xOpen
+** is either a NULL pointer or string obtained
+** from xFullPathname() with an optional suffix added.
+** ^If a suffix is added to the zFilename parameter, it will
+** consist of a single "-" character followed by no more than
+** 11 alphanumeric and/or "-" characters.
+** ^SQLite further guarantees that
+** the string will be valid and unchanged until xClose() is
+** called. Because of the previous sentence,
+** the [sqlite3_file] can safely store a pointer to the
+** filename if it needs to remember the filename for some reason.
+** If the zFilename parameter to xOpen is a NULL pointer then xOpen
+** must invent its own temporary name for the file. ^Whenever the
+** xFilename parameter is NULL it will also be the case that the
+** flags parameter will include [SQLITE_OPEN_DELETEONCLOSE].
+**
+** The flags argument to xOpen() includes all bits set in
+** the flags argument to [sqlite3_open_v2()]. Or if [sqlite3_open()]
+** or [sqlite3_open16()] is used, then flags includes at least
+** [SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE].
+** If xOpen() opens a file read-only then it sets *pOutFlags to
+** include [SQLITE_OPEN_READONLY]. Other bits in *pOutFlags may be set.
+**
+** ^(SQLite will also add one of the following flags to the xOpen()
+** call, depending on the object being opened:
+**
+** <ul>
+** <li> [SQLITE_OPEN_MAIN_DB]
+** <li> [SQLITE_OPEN_MAIN_JOURNAL]
+** <li> [SQLITE_OPEN_TEMP_DB]
+** <li> [SQLITE_OPEN_TEMP_JOURNAL]
+** <li> [SQLITE_OPEN_TRANSIENT_DB]
+** <li> [SQLITE_OPEN_SUBJOURNAL]
+** <li> [SQLITE_OPEN_MASTER_JOURNAL]
+** <li> [SQLITE_OPEN_WAL]
+** </ul>)^
+**
+** The file I/O implementation can use the object type flags to
+** change the way it deals with files. For example, an application
+** that does not care about crash recovery or rollback might make
+** the open of a journal file a no-op. Writes to this journal would
+** also be no-ops, and any attempt to read the journal would return
+** SQLITE_IOERR. Or the implementation might recognize that a database
+** file will be doing page-aligned sector reads and writes in a random
+** order and set up its I/O subsystem accordingly.
+**
+** SQLite might also add one of the following flags to the xOpen method:
+**
+** <ul>
+** <li> [SQLITE_OPEN_DELETEONCLOSE]
+** <li> [SQLITE_OPEN_EXCLUSIVE]
+** </ul>
+**
+** The [SQLITE_OPEN_DELETEONCLOSE] flag means the file should be
+** deleted when it is closed. ^The [SQLITE_OPEN_DELETEONCLOSE]
+** will be set for TEMP databases and their journals, transient
+** databases, and subjournals.
+**
+** ^The [SQLITE_OPEN_EXCLUSIVE] flag is always used in conjunction
+** with the [SQLITE_OPEN_CREATE] flag, which are both directly
+** analogous to the O_EXCL and O_CREAT flags of the POSIX open()
+** API. The SQLITE_OPEN_EXCLUSIVE flag, when paired with the
+** SQLITE_OPEN_CREATE, is used to indicate that file should always
+** be created, and that it is an error if it already exists.
+** It is <i>not</i> used to indicate the file should be opened
+** for exclusive access.
+**
+** ^At least szOsFile bytes of memory are allocated by SQLite
+** to hold the [sqlite3_file] structure passed as the third
+** argument to xOpen. The xOpen method does not have to
+** allocate the structure; it should just fill it in. Note that
+** the xOpen method must set the sqlite3_file.pMethods to either
+** a valid [sqlite3_io_methods] object or to NULL. xOpen must do
+** this even if the open fails. SQLite expects that the sqlite3_file.pMethods
+** element will be valid after xOpen returns regardless of the success
+** or failure of the xOpen call.
+**
+** [[sqlite3_vfs.xAccess]]
+** ^The flags argument to xAccess() may be [SQLITE_ACCESS_EXISTS]
+** to test for the existence of a file, or [SQLITE_ACCESS_READWRITE] to
+** test whether a file is readable and writable, or [SQLITE_ACCESS_READ]
+** to test whether a file is at least readable. The file can be a
+** directory.
+**
+** ^SQLite will always allocate at least mxPathname+1 bytes for the
+** output buffer xFullPathname. The exact size of the output buffer
+** is also passed as a parameter to both methods. If the output buffer
+** is not large enough, [SQLITE_CANTOPEN] should be returned. Since this is
+** handled as a fatal error by SQLite, vfs implementations should endeavor
+** to prevent this by setting mxPathname to a sufficiently large value.
+**
+** The xRandomness(), xSleep(), xCurrentTime(), and xCurrentTimeInt64()
+** interfaces are not strictly a part of the filesystem, but they are
+** included in the VFS structure for completeness.
+** The xRandomness() function attempts to return nBytes bytes
+** of good-quality randomness into zOut. The return value is
+** the actual number of bytes of randomness obtained.
+** The xSleep() method causes the calling thread to sleep for at
+** least the number of microseconds given. ^The xCurrentTime()
+** method returns a Julian Day Number for the current date and time as
+** a floating point value.
+** ^The xCurrentTimeInt64() method returns, as an integer, the Julian
+** Day Number multiplied by 86400000 (the number of milliseconds in
+** a 24-hour day).
+** ^SQLite will use the xCurrentTimeInt64() method to get the current
+** date and time if that method is available (if iVersion is 2 or
+** greater and the function pointer is not NULL) and will fall back
+** to xCurrentTime() if xCurrentTimeInt64() is unavailable.
+**
+** ^The xSetSystemCall(), xGetSystemCall(), and xNestSystemCall() interfaces
+** are not used by the SQLite core. These optional interfaces are provided
+** by some VFSes to facilitate testing of the VFS code. By overriding
+** system calls with functions under its control, a test program can
+** simulate faults and error conditions that would otherwise be difficult
+** or impossible to induce. The set of system calls that can be overridden
+** varies from one VFS to another, and from one version of the same VFS to the
+** next. Applications that use these interfaces must be prepared for any
+** or all of these interfaces to be NULL or for their behavior to change
+** from one release to the next. Applications must not attempt to access
+** any of these methods if the iVersion of the VFS is less than 3.
+*/
+typedef struct sqlite3_vfs sqlite3_vfs;
+typedef void (*sqlite3_syscall_ptr)(void);
+struct sqlite3_vfs {
+ int iVersion; /* Structure version number (currently 3) */
+ int szOsFile; /* Size of subclassed sqlite3_file */
+ int mxPathname; /* Maximum file pathname length */
+ sqlite3_vfs *pNext; /* Next registered VFS */
+ const char *zName; /* Name of this virtual file system */
+ void *pAppData; /* Pointer to application-specific data */
+ int (*xOpen)(sqlite3_vfs*, const char *zName, sqlite3_file*,
+ int flags, int *pOutFlags);
+ int (*xDelete)(sqlite3_vfs*, const char *zName, int syncDir);
+ int (*xAccess)(sqlite3_vfs*, const char *zName, int flags, int *pResOut);
+ int (*xFullPathname)(sqlite3_vfs*, const char *zName, int nOut, char *zOut);
+ void *(*xDlOpen)(sqlite3_vfs*, const char *zFilename);
+ void (*xDlError)(sqlite3_vfs*, int nByte, char *zErrMsg);
+ void (*(*xDlSym)(sqlite3_vfs*,void*, const char *zSymbol))(void);
+ void (*xDlClose)(sqlite3_vfs*, void*);
+ int (*xRandomness)(sqlite3_vfs*, int nByte, char *zOut);
+ int (*xSleep)(sqlite3_vfs*, int microseconds);
+ int (*xCurrentTime)(sqlite3_vfs*, double*);
+ int (*xGetLastError)(sqlite3_vfs*, int, char *);
+ /*
+ ** The methods above are in version 1 of the sqlite_vfs object
+ ** definition. Those that follow are added in version 2 or later
+ */
+ int (*xCurrentTimeInt64)(sqlite3_vfs*, sqlite3_int64*);
+ /*
+ ** The methods above are in versions 1 and 2 of the sqlite_vfs object.
+ ** Those below are for version 3 and greater.
+ */
+ int (*xSetSystemCall)(sqlite3_vfs*, const char *zName, sqlite3_syscall_ptr);
+ sqlite3_syscall_ptr (*xGetSystemCall)(sqlite3_vfs*, const char *zName);
+ const char *(*xNextSystemCall)(sqlite3_vfs*, const char *zName);
+ /*
+ ** The methods above are in versions 1 through 3 of the sqlite_vfs object.
+ ** New fields may be appended in figure versions. The iVersion
+ ** value will increment whenever this happens.
+ */
+};
+
+/*
+** CAPI3REF: Flags for the xAccess VFS method
+**
+** These integer constants can be used as the third parameter to
+** the xAccess method of an [sqlite3_vfs] object. They determine
+** what kind of permissions the xAccess method is looking for.
+** With SQLITE_ACCESS_EXISTS, the xAccess method
+** simply checks whether the file exists.
+** With SQLITE_ACCESS_READWRITE, the xAccess method
+** checks whether the named directory is both readable and writable
+** (in other words, if files can be added, removed, and renamed within
+** the directory).
+** The SQLITE_ACCESS_READWRITE constant is currently used only by the
+** [temp_store_directory pragma], though this could change in a future
+** release of SQLite.
+** With SQLITE_ACCESS_READ, the xAccess method
+** checks whether the file is readable. The SQLITE_ACCESS_READ constant is
+** currently unused, though it might be used in a future release of
+** SQLite.
+*/
+#define SQLITE_ACCESS_EXISTS 0
+#define SQLITE_ACCESS_READWRITE 1 /* Used by PRAGMA temp_store_directory */
+#define SQLITE_ACCESS_READ 2 /* Unused */
+
+/*
+** CAPI3REF: Flags for the xShmLock VFS method
+**
+** These integer constants define the various locking operations
+** allowed by the xShmLock method of [sqlite3_io_methods]. The
+** following are the only legal combinations of flags to the
+** xShmLock method:
+**
+** <ul>
+** <li> SQLITE_SHM_LOCK | SQLITE_SHM_SHARED
+** <li> SQLITE_SHM_LOCK | SQLITE_SHM_EXCLUSIVE
+** <li> SQLITE_SHM_UNLOCK | SQLITE_SHM_SHARED
+** <li> SQLITE_SHM_UNLOCK | SQLITE_SHM_EXCLUSIVE
+** </ul>
+**
+** When unlocking, the same SHARED or EXCLUSIVE flag must be supplied as
+** was given on the corresponding lock.
+**
+** The xShmLock method can transition between unlocked and SHARED or
+** between unlocked and EXCLUSIVE. It cannot transition between SHARED
+** and EXCLUSIVE.
+*/
+#define SQLITE_SHM_UNLOCK 1
+#define SQLITE_SHM_LOCK 2
+#define SQLITE_SHM_SHARED 4
+#define SQLITE_SHM_EXCLUSIVE 8
+
+/*
+** CAPI3REF: Maximum xShmLock index
+**
+** The xShmLock method on [sqlite3_io_methods] may use values
+** between 0 and this upper bound as its "offset" argument.
+** The SQLite core will never attempt to acquire or release a
+** lock outside of this range
+*/
+#define SQLITE_SHM_NLOCK 8
+
+
+/*
+** CAPI3REF: Initialize The SQLite Library
+**
+** ^The sqlite3_initialize() routine initializes the
+** SQLite library. ^The sqlite3_shutdown() routine
+** deallocates any resources that were allocated by sqlite3_initialize().
+** These routines are designed to aid in process initialization and
+** shutdown on embedded systems. Workstation applications using
+** SQLite normally do not need to invoke either of these routines.
+**
+** A call to sqlite3_initialize() is an "effective" call if it is
+** the first time sqlite3_initialize() is invoked during the lifetime of
+** the process, or if it is the first time sqlite3_initialize() is invoked
+** following a call to sqlite3_shutdown(). ^(Only an effective call
+** of sqlite3_initialize() does any initialization. All other calls
+** are harmless no-ops.)^
+**
+** A call to sqlite3_shutdown() is an "effective" call if it is the first
+** call to sqlite3_shutdown() since the last sqlite3_initialize(). ^(Only
+** an effective call to sqlite3_shutdown() does any deinitialization.
+** All other valid calls to sqlite3_shutdown() are harmless no-ops.)^
+**
+** The sqlite3_initialize() interface is threadsafe, but sqlite3_shutdown()
+** is not. The sqlite3_shutdown() interface must only be called from a
+** single thread. All open [database connections] must be closed and all
+** other SQLite resources must be deallocated prior to invoking
+** sqlite3_shutdown().
+**
+** Among other things, ^sqlite3_initialize() will invoke
+** sqlite3_os_init(). Similarly, ^sqlite3_shutdown()
+** will invoke sqlite3_os_end().
+**
+** ^The sqlite3_initialize() routine returns [SQLITE_OK] on success.
+** ^If for some reason, sqlite3_initialize() is unable to initialize
+** the library (perhaps it is unable to allocate a needed resource such
+** as a mutex) it returns an [error code] other than [SQLITE_OK].
+**
+** ^The sqlite3_initialize() routine is called internally by many other
+** SQLite interfaces so that an application usually does not need to
+** invoke sqlite3_initialize() directly. For example, [sqlite3_open()]
+** calls sqlite3_initialize() so the SQLite library will be automatically
+** initialized when [sqlite3_open()] is called if it has not be initialized
+** already. ^However, if SQLite is compiled with the [SQLITE_OMIT_AUTOINIT]
+** compile-time option, then the automatic calls to sqlite3_initialize()
+** are omitted and the application must call sqlite3_initialize() directly
+** prior to using any other SQLite interface. For maximum portability,
+** it is recommended that applications always invoke sqlite3_initialize()
+** directly prior to using any other SQLite interface. Future releases
+** of SQLite may require this. In other words, the behavior exhibited
+** when SQLite is compiled with [SQLITE_OMIT_AUTOINIT] might become the
+** default behavior in some future release of SQLite.
+**
+** The sqlite3_os_init() routine does operating-system specific
+** initialization of the SQLite library. The sqlite3_os_end()
+** routine undoes the effect of sqlite3_os_init(). Typical tasks
+** performed by these routines include allocation or deallocation
+** of static resources, initialization of global variables,
+** setting up a default [sqlite3_vfs] module, or setting up
+** a default configuration using [sqlite3_config()].
+**
+** The application should never invoke either sqlite3_os_init()
+** or sqlite3_os_end() directly. The application should only invoke
+** sqlite3_initialize() and sqlite3_shutdown(). The sqlite3_os_init()
+** interface is called automatically by sqlite3_initialize() and
+** sqlite3_os_end() is called by sqlite3_shutdown(). Appropriate
+** implementations for sqlite3_os_init() and sqlite3_os_end()
+** are built into SQLite when it is compiled for Unix, Windows, or OS/2.
+** When [custom builds | built for other platforms]
+** (using the [SQLITE_OS_OTHER=1] compile-time
+** option) the application must supply a suitable implementation for
+** sqlite3_os_init() and sqlite3_os_end(). An application-supplied
+** implementation of sqlite3_os_init() or sqlite3_os_end()
+** must return [SQLITE_OK] on success and some other [error code] upon
+** failure.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_initialize(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_shutdown(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_os_init(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_os_end(void);
+
+/*
+** CAPI3REF: Configuring The SQLite Library
+**
+** The sqlite3_config() interface is used to make global configuration
+** changes to SQLite in order to tune SQLite to the specific needs of
+** the application. The default configuration is recommended for most
+** applications and so this routine is usually not necessary. It is
+** provided to support rare applications with unusual needs.
+**
+** <b>The sqlite3_config() interface is not threadsafe. The application
+** must ensure that no other SQLite interfaces are invoked by other
+** threads while sqlite3_config() is running.</b>
+**
+** The sqlite3_config() interface
+** may only be invoked prior to library initialization using
+** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()].
+** ^If sqlite3_config() is called after [sqlite3_initialize()] and before
+** [sqlite3_shutdown()] then it will return SQLITE_MISUSE.
+** Note, however, that ^sqlite3_config() can be called as part of the
+** implementation of an application-defined [sqlite3_os_init()].
+**
+** The first argument to sqlite3_config() is an integer
+** [configuration option] that determines
+** what property of SQLite is to be configured. Subsequent arguments
+** vary depending on the [configuration option]
+** in the first argument.
+**
+** ^When a configuration option is set, sqlite3_config() returns [SQLITE_OK].
+** ^If the option is unknown or SQLite is unable to set the option
+** then this routine returns a non-zero [error code].
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_config(int, ...);
+
+/*
+** CAPI3REF: Configure database connections
+** METHOD: sqlite3
+**
+** The sqlite3_db_config() interface is used to make configuration
+** changes to a [database connection]. The interface is similar to
+** [sqlite3_config()] except that the changes apply to a single
+** [database connection] (specified in the first argument).
+**
+** The second argument to sqlite3_db_config(D,V,...) is the
+** [SQLITE_DBCONFIG_LOOKASIDE | configuration verb] - an integer code
+** that indicates what aspect of the [database connection] is being configured.
+** Subsequent arguments vary depending on the configuration verb.
+**
+** ^Calls to sqlite3_db_config() return SQLITE_OK if and only if
+** the call is considered successful.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_db_config(sqlite3*, int op, ...);
+
+/*
+** CAPI3REF: Memory Allocation Routines
+**
+** An instance of this object defines the interface between SQLite
+** and low-level memory allocation routines.
+**
+** This object is used in only one place in the SQLite interface.
+** A pointer to an instance of this object is the argument to
+** [sqlite3_config()] when the configuration option is
+** [SQLITE_CONFIG_MALLOC] or [SQLITE_CONFIG_GETMALLOC].
+** By creating an instance of this object
+** and passing it to [sqlite3_config]([SQLITE_CONFIG_MALLOC])
+** during configuration, an application can specify an alternative
+** memory allocation subsystem for SQLite to use for all of its
+** dynamic memory needs.
+**
+** Note that SQLite comes with several [built-in memory allocators]
+** that are perfectly adequate for the overwhelming majority of applications
+** and that this object is only useful to a tiny minority of applications
+** with specialized memory allocation requirements. This object is
+** also used during testing of SQLite in order to specify an alternative
+** memory allocator that simulates memory out-of-memory conditions in
+** order to verify that SQLite recovers gracefully from such
+** conditions.
+**
+** The xMalloc, xRealloc, and xFree methods must work like the
+** malloc(), realloc() and free() functions from the standard C library.
+** ^SQLite guarantees that the second argument to
+** xRealloc is always a value returned by a prior call to xRoundup.
+**
+** xSize should return the allocated size of a memory allocation
+** previously obtained from xMalloc or xRealloc. The allocated size
+** is always at least as big as the requested size but may be larger.
+**
+** The xRoundup method returns what would be the allocated size of
+** a memory allocation given a particular requested size. Most memory
+** allocators round up memory allocations at least to the next multiple
+** of 8. Some allocators round up to a larger multiple or to a power of 2.
+** Every memory allocation request coming in through [sqlite3_malloc()]
+** or [sqlite3_realloc()] first calls xRoundup. If xRoundup returns 0,
+** that causes the corresponding memory allocation to fail.
+**
+** The xInit method initializes the memory allocator. For example,
+** it might allocate any require mutexes or initialize internal data
+** structures. The xShutdown method is invoked (indirectly) by
+** [sqlite3_shutdown()] and should deallocate any resources acquired
+** by xInit. The pAppData pointer is used as the only parameter to
+** xInit and xShutdown.
+**
+** SQLite holds the [SQLITE_MUTEX_STATIC_MASTER] mutex when it invokes
+** the xInit method, so the xInit method need not be threadsafe. The
+** xShutdown method is only called from [sqlite3_shutdown()] so it does
+** not need to be threadsafe either. For all other methods, SQLite
+** holds the [SQLITE_MUTEX_STATIC_MEM] mutex as long as the
+** [SQLITE_CONFIG_MEMSTATUS] configuration option is turned on (which
+** it is by default) and so the methods are automatically serialized.
+** However, if [SQLITE_CONFIG_MEMSTATUS] is disabled, then the other
+** methods must be threadsafe or else make their own arrangements for
+** serialization.
+**
+** SQLite will never invoke xInit() more than once without an intervening
+** call to xShutdown().
+*/
+typedef struct sqlite3_mem_methods sqlite3_mem_methods;
+struct sqlite3_mem_methods {
+ void *(*xMalloc)(int); /* Memory allocation function */
+ void (*xFree)(void*); /* Free a prior allocation */
+ void *(*xRealloc)(void*,int); /* Resize an allocation */
+ int (*xSize)(void*); /* Return the size of an allocation */
+ int (*xRoundup)(int); /* Round up request size to allocation size */
+ int (*xInit)(void*); /* Initialize the memory allocator */
+ void (*xShutdown)(void*); /* Deinitialize the memory allocator */
+ void *pAppData; /* Argument to xInit() and xShutdown() */
+};
+
+/*
+** CAPI3REF: Configuration Options
+** KEYWORDS: {configuration option}
+**
+** These constants are the available integer configuration options that
+** can be passed as the first argument to the [sqlite3_config()] interface.
+**
+** New configuration options may be added in future releases of SQLite.
+** Existing configuration options might be discontinued. Applications
+** should check the return code from [sqlite3_config()] to make sure that
+** the call worked. The [sqlite3_config()] interface will return a
+** non-zero [error code] if a discontinued or unsupported configuration option
+** is invoked.
+**
+** <dl>
+** [[SQLITE_CONFIG_SINGLETHREAD]] <dt>SQLITE_CONFIG_SINGLETHREAD</dt>
+** <dd>There are no arguments to this option. ^This option sets the
+** [threading mode] to Single-thread. In other words, it disables
+** all mutexing and puts SQLite into a mode where it can only be used
+** by a single thread. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** it is not possible to change the [threading mode] from its default
+** value of Single-thread and so [sqlite3_config()] will return
+** [SQLITE_ERROR] if called with the SQLITE_CONFIG_SINGLETHREAD
+** configuration option.</dd>
+**
+** [[SQLITE_CONFIG_MULTITHREAD]] <dt>SQLITE_CONFIG_MULTITHREAD</dt>
+** <dd>There are no arguments to this option. ^This option sets the
+** [threading mode] to Multi-thread. In other words, it disables
+** mutexing on [database connection] and [prepared statement] objects.
+** The application is responsible for serializing access to
+** [database connections] and [prepared statements]. But other mutexes
+** are enabled so that SQLite will be safe to use in a multi-threaded
+** environment as long as no two threads attempt to use the same
+** [database connection] at the same time. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** it is not possible to set the Multi-thread [threading mode] and
+** [sqlite3_config()] will return [SQLITE_ERROR] if called with the
+** SQLITE_CONFIG_MULTITHREAD configuration option.</dd>
+**
+** [[SQLITE_CONFIG_SERIALIZED]] <dt>SQLITE_CONFIG_SERIALIZED</dt>
+** <dd>There are no arguments to this option. ^This option sets the
+** [threading mode] to Serialized. In other words, this option enables
+** all mutexes including the recursive
+** mutexes on [database connection] and [prepared statement] objects.
+** In this mode (which is the default when SQLite is compiled with
+** [SQLITE_THREADSAFE=1]) the SQLite library will itself serialize access
+** to [database connections] and [prepared statements] so that the
+** application is free to use the same [database connection] or the
+** same [prepared statement] in different threads at the same time.
+** ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** it is not possible to set the Serialized [threading mode] and
+** [sqlite3_config()] will return [SQLITE_ERROR] if called with the
+** SQLITE_CONFIG_SERIALIZED configuration option.</dd>
+**
+** [[SQLITE_CONFIG_MALLOC]] <dt>SQLITE_CONFIG_MALLOC</dt>
+** <dd> ^(The SQLITE_CONFIG_MALLOC option takes a single argument which is
+** a pointer to an instance of the [sqlite3_mem_methods] structure.
+** The argument specifies
+** alternative low-level memory allocation routines to be used in place of
+** the memory allocation routines built into SQLite.)^ ^SQLite makes
+** its own private copy of the content of the [sqlite3_mem_methods] structure
+** before the [sqlite3_config()] call returns.</dd>
+**
+** [[SQLITE_CONFIG_GETMALLOC]] <dt>SQLITE_CONFIG_GETMALLOC</dt>
+** <dd> ^(The SQLITE_CONFIG_GETMALLOC option takes a single argument which
+** is a pointer to an instance of the [sqlite3_mem_methods] structure.
+** The [sqlite3_mem_methods]
+** structure is filled with the currently defined memory allocation routines.)^
+** This option can be used to overload the default memory allocation
+** routines with a wrapper that simulations memory allocation failure or
+** tracks memory usage, for example. </dd>
+**
+** [[SQLITE_CONFIG_MEMSTATUS]] <dt>SQLITE_CONFIG_MEMSTATUS</dt>
+** <dd> ^The SQLITE_CONFIG_MEMSTATUS option takes single argument of type int,
+** interpreted as a boolean, which enables or disables the collection of
+** memory allocation statistics. ^(When memory allocation statistics are
+** disabled, the following SQLite interfaces become non-operational:
+** <ul>
+** <li> [sqlite3_memory_used()]
+** <li> [sqlite3_memory_highwater()]
+** <li> [sqlite3_soft_heap_limit64()]
+** <li> [sqlite3_status64()]
+** </ul>)^
+** ^Memory allocation statistics are enabled by default unless SQLite is
+** compiled with [SQLITE_DEFAULT_MEMSTATUS]=0 in which case memory
+** allocation statistics are disabled by default.
+** </dd>
+**
+** [[SQLITE_CONFIG_SCRATCH]] <dt>SQLITE_CONFIG_SCRATCH</dt>
+** <dd> ^The SQLITE_CONFIG_SCRATCH option specifies a static memory buffer
+** that SQLite can use for scratch memory. ^(There are three arguments
+** to SQLITE_CONFIG_SCRATCH: A pointer an 8-byte
+** aligned memory buffer from which the scratch allocations will be
+** drawn, the size of each scratch allocation (sz),
+** and the maximum number of scratch allocations (N).)^
+** The first argument must be a pointer to an 8-byte aligned buffer
+** of at least sz*N bytes of memory.
+** ^SQLite will not use more than one scratch buffers per thread.
+** ^SQLite will never request a scratch buffer that is more than 6
+** times the database page size.
+** ^If SQLite needs needs additional
+** scratch memory beyond what is provided by this configuration option, then
+** [sqlite3_malloc()] will be used to obtain the memory needed.<p>
+** ^When the application provides any amount of scratch memory using
+** SQLITE_CONFIG_SCRATCH, SQLite avoids unnecessary large
+** [sqlite3_malloc|heap allocations].
+** This can help [Robson proof|prevent memory allocation failures] due to heap
+** fragmentation in low-memory embedded systems.
+** </dd>
+**
+** [[SQLITE_CONFIG_PAGECACHE]] <dt>SQLITE_CONFIG_PAGECACHE</dt>
+** <dd> ^The SQLITE_CONFIG_PAGECACHE option specifies a memory pool
+** that SQLite can use for the database page cache with the default page
+** cache implementation.
+** This configuration option is a no-op if an application-define page
+** cache implementation is loaded using the [SQLITE_CONFIG_PCACHE2].
+** ^There are three arguments to SQLITE_CONFIG_PAGECACHE: A pointer to
+** 8-byte aligned memory (pMem), the size of each page cache line (sz),
+** and the number of cache lines (N).
+** The sz argument should be the size of the largest database page
+** (a power of two between 512 and 65536) plus some extra bytes for each
+** page header. ^The number of extra bytes needed by the page header
+** can be determined using [SQLITE_CONFIG_PCACHE_HDRSZ].
+** ^It is harmless, apart from the wasted memory,
+** for the sz parameter to be larger than necessary. The pMem
+** argument must be either a NULL pointer or a pointer to an 8-byte
+** aligned block of memory of at least sz*N bytes, otherwise
+** subsequent behavior is undefined.
+** ^When pMem is not NULL, SQLite will strive to use the memory provided
+** to satisfy page cache needs, falling back to [sqlite3_malloc()] if
+** a page cache line is larger than sz bytes or if all of the pMem buffer
+** is exhausted.
+** ^If pMem is NULL and N is non-zero, then each database connection
+** does an initial bulk allocation for page cache memory
+** from [sqlite3_malloc()] sufficient for N cache lines if N is positive or
+** of -1024*N bytes if N is negative, . ^If additional
+** page cache memory is needed beyond what is provided by the initial
+** allocation, then SQLite goes to [sqlite3_malloc()] separately for each
+** additional cache line. </dd>
+**
+** [[SQLITE_CONFIG_HEAP]] <dt>SQLITE_CONFIG_HEAP</dt>
+** <dd> ^The SQLITE_CONFIG_HEAP option specifies a static memory buffer
+** that SQLite will use for all of its dynamic memory allocation needs
+** beyond those provided for by [SQLITE_CONFIG_SCRATCH] and
+** [SQLITE_CONFIG_PAGECACHE].
+** ^The SQLITE_CONFIG_HEAP option is only available if SQLite is compiled
+** with either [SQLITE_ENABLE_MEMSYS3] or [SQLITE_ENABLE_MEMSYS5] and returns
+** [SQLITE_ERROR] if invoked otherwise.
+** ^There are three arguments to SQLITE_CONFIG_HEAP:
+** An 8-byte aligned pointer to the memory,
+** the number of bytes in the memory buffer, and the minimum allocation size.
+** ^If the first pointer (the memory pointer) is NULL, then SQLite reverts
+** to using its default memory allocator (the system malloc() implementation),
+** undoing any prior invocation of [SQLITE_CONFIG_MALLOC]. ^If the
+** memory pointer is not NULL then the alternative memory
+** allocator is engaged to handle all of SQLites memory allocation needs.
+** The first pointer (the memory pointer) must be aligned to an 8-byte
+** boundary or subsequent behavior of SQLite will be undefined.
+** The minimum allocation size is capped at 2**12. Reasonable values
+** for the minimum allocation size are 2**5 through 2**8.</dd>
+**
+** [[SQLITE_CONFIG_MUTEX]] <dt>SQLITE_CONFIG_MUTEX</dt>
+** <dd> ^(The SQLITE_CONFIG_MUTEX option takes a single argument which is a
+** pointer to an instance of the [sqlite3_mutex_methods] structure.
+** The argument specifies alternative low-level mutex routines to be used
+** in place the mutex routines built into SQLite.)^ ^SQLite makes a copy of
+** the content of the [sqlite3_mutex_methods] structure before the call to
+** [sqlite3_config()] returns. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** the entire mutexing subsystem is omitted from the build and hence calls to
+** [sqlite3_config()] with the SQLITE_CONFIG_MUTEX configuration option will
+** return [SQLITE_ERROR].</dd>
+**
+** [[SQLITE_CONFIG_GETMUTEX]] <dt>SQLITE_CONFIG_GETMUTEX</dt>
+** <dd> ^(The SQLITE_CONFIG_GETMUTEX option takes a single argument which
+** is a pointer to an instance of the [sqlite3_mutex_methods] structure. The
+** [sqlite3_mutex_methods]
+** structure is filled with the currently defined mutex routines.)^
+** This option can be used to overload the default mutex allocation
+** routines with a wrapper used to track mutex usage for performance
+** profiling or testing, for example. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** the entire mutexing subsystem is omitted from the build and hence calls to
+** [sqlite3_config()] with the SQLITE_CONFIG_GETMUTEX configuration option will
+** return [SQLITE_ERROR].</dd>
+**
+** [[SQLITE_CONFIG_LOOKASIDE]] <dt>SQLITE_CONFIG_LOOKASIDE</dt>
+** <dd> ^(The SQLITE_CONFIG_LOOKASIDE option takes two arguments that determine
+** the default size of lookaside memory on each [database connection].
+** The first argument is the
+** size of each lookaside buffer slot and the second is the number of
+** slots allocated to each database connection.)^ ^(SQLITE_CONFIG_LOOKASIDE
+** sets the <i>default</i> lookaside size. The [SQLITE_DBCONFIG_LOOKASIDE]
+** option to [sqlite3_db_config()] can be used to change the lookaside
+** configuration on individual connections.)^ </dd>
+**
+** [[SQLITE_CONFIG_PCACHE2]] <dt>SQLITE_CONFIG_PCACHE2</dt>
+** <dd> ^(The SQLITE_CONFIG_PCACHE2 option takes a single argument which is
+** a pointer to an [sqlite3_pcache_methods2] object. This object specifies
+** the interface to a custom page cache implementation.)^
+** ^SQLite makes a copy of the [sqlite3_pcache_methods2] object.</dd>
+**
+** [[SQLITE_CONFIG_GETPCACHE2]] <dt>SQLITE_CONFIG_GETPCACHE2</dt>
+** <dd> ^(The SQLITE_CONFIG_GETPCACHE2 option takes a single argument which
+** is a pointer to an [sqlite3_pcache_methods2] object. SQLite copies of
+** the current page cache implementation into that object.)^ </dd>
+**
+** [[SQLITE_CONFIG_LOG]] <dt>SQLITE_CONFIG_LOG</dt>
+** <dd> The SQLITE_CONFIG_LOG option is used to configure the SQLite
+** global [error log].
+** (^The SQLITE_CONFIG_LOG option takes two arguments: a pointer to a
+** function with a call signature of void(*)(void*,int,const char*),
+** and a pointer to void. ^If the function pointer is not NULL, it is
+** invoked by [sqlite3_log()] to process each logging event. ^If the
+** function pointer is NULL, the [sqlite3_log()] interface becomes a no-op.
+** ^The void pointer that is the second argument to SQLITE_CONFIG_LOG is
+** passed through as the first parameter to the application-defined logger
+** function whenever that function is invoked. ^The second parameter to
+** the logger function is a copy of the first parameter to the corresponding
+** [sqlite3_log()] call and is intended to be a [result code] or an
+** [extended result code]. ^The third parameter passed to the logger is
+** log message after formatting via [sqlite3_snprintf()].
+** The SQLite logging interface is not reentrant; the logger function
+** supplied by the application must not invoke any SQLite interface.
+** In a multi-threaded application, the application-defined logger
+** function must be threadsafe. </dd>
+**
+** [[SQLITE_CONFIG_URI]] <dt>SQLITE_CONFIG_URI
+** <dd>^(The SQLITE_CONFIG_URI option takes a single argument of type int.
+** If non-zero, then URI handling is globally enabled. If the parameter is zero,
+** then URI handling is globally disabled.)^ ^If URI handling is globally
+** enabled, all filenames passed to [sqlite3_open()], [sqlite3_open_v2()],
+** [sqlite3_open16()] or
+** specified as part of [ATTACH] commands are interpreted as URIs, regardless
+** of whether or not the [SQLITE_OPEN_URI] flag is set when the database
+** connection is opened. ^If it is globally disabled, filenames are
+** only interpreted as URIs if the SQLITE_OPEN_URI flag is set when the
+** database connection is opened. ^(By default, URI handling is globally
+** disabled. The default value may be changed by compiling with the
+** [SQLITE_USE_URI] symbol defined.)^
+**
+** [[SQLITE_CONFIG_COVERING_INDEX_SCAN]] <dt>SQLITE_CONFIG_COVERING_INDEX_SCAN
+** <dd>^The SQLITE_CONFIG_COVERING_INDEX_SCAN option takes a single integer
+** argument which is interpreted as a boolean in order to enable or disable
+** the use of covering indices for full table scans in the query optimizer.
+** ^The default setting is determined
+** by the [SQLITE_ALLOW_COVERING_INDEX_SCAN] compile-time option, or is "on"
+** if that compile-time option is omitted.
+** The ability to disable the use of covering indices for full table scans
+** is because some incorrectly coded legacy applications might malfunction
+** when the optimization is enabled. Providing the ability to
+** disable the optimization allows the older, buggy application code to work
+** without change even with newer versions of SQLite.
+**
+** [[SQLITE_CONFIG_PCACHE]] [[SQLITE_CONFIG_GETPCACHE]]
+** <dt>SQLITE_CONFIG_PCACHE and SQLITE_CONFIG_GETPCACHE
+** <dd> These options are obsolete and should not be used by new code.
+** They are retained for backwards compatibility but are now no-ops.
+** </dd>
+**
+** [[SQLITE_CONFIG_SQLLOG]]
+** <dt>SQLITE_CONFIG_SQLLOG
+** <dd>This option is only available if sqlite is compiled with the
+** [SQLITE_ENABLE_SQLLOG] pre-processor macro defined. The first argument should
+** be a pointer to a function of type void(*)(void*,sqlite3*,const char*, int).
+** The second should be of type (void*). The callback is invoked by the library
+** in three separate circumstances, identified by the value passed as the
+** fourth parameter. If the fourth parameter is 0, then the database connection
+** passed as the second argument has just been opened. The third argument
+** points to a buffer containing the name of the main database file. If the
+** fourth parameter is 1, then the SQL statement that the third parameter
+** points to has just been executed. Or, if the fourth parameter is 2, then
+** the connection being passed as the second parameter is being closed. The
+** third parameter is passed NULL In this case. An example of using this
+** configuration option can be seen in the "test_sqllog.c" source file in
+** the canonical SQLite source tree.</dd>
+**
+** [[SQLITE_CONFIG_MMAP_SIZE]]
+** <dt>SQLITE_CONFIG_MMAP_SIZE
+** <dd>^SQLITE_CONFIG_MMAP_SIZE takes two 64-bit integer (sqlite3_int64) values
+** that are the default mmap size limit (the default setting for
+** [PRAGMA mmap_size]) and the maximum allowed mmap size limit.
+** ^The default setting can be overridden by each database connection using
+** either the [PRAGMA mmap_size] command, or by using the
+** [SQLITE_FCNTL_MMAP_SIZE] file control. ^(The maximum allowed mmap size
+** will be silently truncated if necessary so that it does not exceed the
+** compile-time maximum mmap size set by the
+** [SQLITE_MAX_MMAP_SIZE] compile-time option.)^
+** ^If either argument to this option is negative, then that argument is
+** changed to its compile-time default.
+**
+** [[SQLITE_CONFIG_WIN32_HEAPSIZE]]
+** <dt>SQLITE_CONFIG_WIN32_HEAPSIZE
+** <dd>^The SQLITE_CONFIG_WIN32_HEAPSIZE option is only available if SQLite is
+** compiled for Windows with the [SQLITE_WIN32_MALLOC] pre-processor macro
+** defined. ^SQLITE_CONFIG_WIN32_HEAPSIZE takes a 32-bit unsigned integer value
+** that specifies the maximum size of the created heap.
+**
+** [[SQLITE_CONFIG_PCACHE_HDRSZ]]
+** <dt>SQLITE_CONFIG_PCACHE_HDRSZ
+** <dd>^The SQLITE_CONFIG_PCACHE_HDRSZ option takes a single parameter which
+** is a pointer to an integer and writes into that integer the number of extra
+** bytes per page required for each page in [SQLITE_CONFIG_PAGECACHE].
+** The amount of extra space required can change depending on the compiler,
+** target platform, and SQLite version.
+**
+** [[SQLITE_CONFIG_PMASZ]]
+** <dt>SQLITE_CONFIG_PMASZ
+** <dd>^The SQLITE_CONFIG_PMASZ option takes a single parameter which
+** is an unsigned integer and sets the "Minimum PMA Size" for the multithreaded
+** sorter to that integer. The default minimum PMA Size is set by the
+** [SQLITE_SORTER_PMASZ] compile-time option. New threads are launched
+** to help with sort operations when multithreaded sorting
+** is enabled (using the [PRAGMA threads] command) and the amount of content
+** to be sorted exceeds the page size times the minimum of the
+** [PRAGMA cache_size] setting and this value.
+** </dl>
+*/
+#define SQLITE_CONFIG_SINGLETHREAD 1 /* nil */
+#define SQLITE_CONFIG_MULTITHREAD 2 /* nil */
+#define SQLITE_CONFIG_SERIALIZED 3 /* nil */
+#define SQLITE_CONFIG_MALLOC 4 /* sqlite3_mem_methods* */
+#define SQLITE_CONFIG_GETMALLOC 5 /* sqlite3_mem_methods* */
+#define SQLITE_CONFIG_SCRATCH 6 /* void*, int sz, int N */
+#define SQLITE_CONFIG_PAGECACHE 7 /* void*, int sz, int N */
+#define SQLITE_CONFIG_HEAP 8 /* void*, int nByte, int min */
+#define SQLITE_CONFIG_MEMSTATUS 9 /* boolean */
+#define SQLITE_CONFIG_MUTEX 10 /* sqlite3_mutex_methods* */
+#define SQLITE_CONFIG_GETMUTEX 11 /* sqlite3_mutex_methods* */
+/* previously SQLITE_CONFIG_CHUNKALLOC 12 which is now unused. */
+#define SQLITE_CONFIG_LOOKASIDE 13 /* int int */
+#define SQLITE_CONFIG_PCACHE 14 /* no-op */
+#define SQLITE_CONFIG_GETPCACHE 15 /* no-op */
+#define SQLITE_CONFIG_LOG 16 /* xFunc, void* */
+#define SQLITE_CONFIG_URI 17 /* int */
+#define SQLITE_CONFIG_PCACHE2 18 /* sqlite3_pcache_methods2* */
+#define SQLITE_CONFIG_GETPCACHE2 19 /* sqlite3_pcache_methods2* */
+#define SQLITE_CONFIG_COVERING_INDEX_SCAN 20 /* int */
+#define SQLITE_CONFIG_SQLLOG 21 /* xSqllog, void* */
+#define SQLITE_CONFIG_MMAP_SIZE 22 /* sqlite3_int64, sqlite3_int64 */
+#define SQLITE_CONFIG_WIN32_HEAPSIZE 23 /* int nByte */
+#define SQLITE_CONFIG_PCACHE_HDRSZ 24 /* int *psz */
+#define SQLITE_CONFIG_PMASZ 25 /* unsigned int szPma */
+
+/*
+** CAPI3REF: Database Connection Configuration Options
+**
+** These constants are the available integer configuration options that
+** can be passed as the second argument to the [sqlite3_db_config()] interface.
+**
+** New configuration options may be added in future releases of SQLite.
+** Existing configuration options might be discontinued. Applications
+** should check the return code from [sqlite3_db_config()] to make sure that
+** the call worked. ^The [sqlite3_db_config()] interface will return a
+** non-zero [error code] if a discontinued or unsupported configuration option
+** is invoked.
+**
+** <dl>
+** <dt>SQLITE_DBCONFIG_LOOKASIDE</dt>
+** <dd> ^This option takes three additional arguments that determine the
+** [lookaside memory allocator] configuration for the [database connection].
+** ^The first argument (the third parameter to [sqlite3_db_config()] is a
+** pointer to a memory buffer to use for lookaside memory.
+** ^The first argument after the SQLITE_DBCONFIG_LOOKASIDE verb
+** may be NULL in which case SQLite will allocate the
+** lookaside buffer itself using [sqlite3_malloc()]. ^The second argument is the
+** size of each lookaside buffer slot. ^The third argument is the number of
+** slots. The size of the buffer in the first argument must be greater than
+** or equal to the product of the second and third arguments. The buffer
+** must be aligned to an 8-byte boundary. ^If the second argument to
+** SQLITE_DBCONFIG_LOOKASIDE is not a multiple of 8, it is internally
+** rounded down to the next smaller multiple of 8. ^(The lookaside memory
+** configuration for a database connection can only be changed when that
+** connection is not currently using lookaside memory, or in other words
+** when the "current value" returned by
+** [sqlite3_db_status](D,[SQLITE_CONFIG_LOOKASIDE],...) is zero.
+** Any attempt to change the lookaside memory configuration when lookaside
+** memory is in use leaves the configuration unchanged and returns
+** [SQLITE_BUSY].)^</dd>
+**
+** <dt>SQLITE_DBCONFIG_ENABLE_FKEY</dt>
+** <dd> ^This option is used to enable or disable the enforcement of
+** [foreign key constraints]. There should be two additional arguments.
+** The first argument is an integer which is 0 to disable FK enforcement,
+** positive to enable FK enforcement or negative to leave FK enforcement
+** unchanged. The second parameter is a pointer to an integer into which
+** is written 0 or 1 to indicate whether FK enforcement is off or on
+** following this call. The second parameter may be a NULL pointer, in
+** which case the FK enforcement setting is not reported back. </dd>
+**
+** <dt>SQLITE_DBCONFIG_ENABLE_TRIGGER</dt>
+** <dd> ^This option is used to enable or disable [CREATE TRIGGER | triggers].
+** There should be two additional arguments.
+** The first argument is an integer which is 0 to disable triggers,
+** positive to enable triggers or negative to leave the setting unchanged.
+** The second parameter is a pointer to an integer into which
+** is written 0 or 1 to indicate whether triggers are disabled or enabled
+** following this call. The second parameter may be a NULL pointer, in
+** which case the trigger setting is not reported back. </dd>
+**
+** </dl>
+*/
+#define SQLITE_DBCONFIG_LOOKASIDE 1001 /* void* int int */
+#define SQLITE_DBCONFIG_ENABLE_FKEY 1002 /* int int* */
+#define SQLITE_DBCONFIG_ENABLE_TRIGGER 1003 /* int int* */
+
+
+/*
+** CAPI3REF: Enable Or Disable Extended Result Codes
+** METHOD: sqlite3
+**
+** ^The sqlite3_extended_result_codes() routine enables or disables the
+** [extended result codes] feature of SQLite. ^The extended result
+** codes are disabled by default for historical compatibility.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_extended_result_codes(sqlite3*, int onoff);
+
+/*
+** CAPI3REF: Last Insert Rowid
+** METHOD: sqlite3
+**
+** ^Each entry in most SQLite tables (except for [WITHOUT ROWID] tables)
+** has a unique 64-bit signed
+** integer key called the [ROWID | "rowid"]. ^The rowid is always available
+** as an undeclared column named ROWID, OID, or _ROWID_ as long as those
+** names are not also used by explicitly declared columns. ^If
+** the table has a column of type [INTEGER PRIMARY KEY] then that column
+** is another alias for the rowid.
+**
+** ^The sqlite3_last_insert_rowid(D) interface returns the [rowid] of the
+** most recent successful [INSERT] into a rowid table or [virtual table]
+** on database connection D.
+** ^Inserts into [WITHOUT ROWID] tables are not recorded.
+** ^If no successful [INSERT]s into rowid tables
+** have ever occurred on the database connection D,
+** then sqlite3_last_insert_rowid(D) returns zero.
+**
+** ^(If an [INSERT] occurs within a trigger or within a [virtual table]
+** method, then this routine will return the [rowid] of the inserted
+** row as long as the trigger or virtual table method is running.
+** But once the trigger or virtual table method ends, the value returned
+** by this routine reverts to what it was before the trigger or virtual
+** table method began.)^
+**
+** ^An [INSERT] that fails due to a constraint violation is not a
+** successful [INSERT] and does not change the value returned by this
+** routine. ^Thus INSERT OR FAIL, INSERT OR IGNORE, INSERT OR ROLLBACK,
+** and INSERT OR ABORT make no changes to the return value of this
+** routine when their insertion fails. ^(When INSERT OR REPLACE
+** encounters a constraint violation, it does not fail. The
+** INSERT continues to completion after deleting rows that caused
+** the constraint problem so INSERT OR REPLACE will always change
+** the return value of this interface.)^
+**
+** ^For the purposes of this routine, an [INSERT] is considered to
+** be successful even if it is subsequently rolled back.
+**
+** This function is accessible to SQL statements via the
+** [last_insert_rowid() SQL function].
+**
+** If a separate thread performs a new [INSERT] on the same
+** database connection while the [sqlite3_last_insert_rowid()]
+** function is running and thus changes the last insert [rowid],
+** then the value returned by [sqlite3_last_insert_rowid()] is
+** unpredictable and might not equal either the old or the new
+** last insert [rowid].
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_last_insert_rowid(sqlite3*);
+
+/*
+** CAPI3REF: Count The Number Of Rows Modified
+** METHOD: sqlite3
+**
+** ^This function returns the number of rows modified, inserted or
+** deleted by the most recently completed INSERT, UPDATE or DELETE
+** statement on the database connection specified by the only parameter.
+** ^Executing any other type of SQL statement does not modify the value
+** returned by this function.
+**
+** ^Only changes made directly by the INSERT, UPDATE or DELETE statement are
+** considered - auxiliary changes caused by [CREATE TRIGGER | triggers],
+** [foreign key actions] or [REPLACE] constraint resolution are not counted.
+**
+** Changes to a view that are intercepted by
+** [INSTEAD OF trigger | INSTEAD OF triggers] are not counted. ^The value
+** returned by sqlite3_changes() immediately after an INSERT, UPDATE or
+** DELETE statement run on a view is always zero. Only changes made to real
+** tables are counted.
+**
+** Things are more complicated if the sqlite3_changes() function is
+** executed while a trigger program is running. This may happen if the
+** program uses the [changes() SQL function], or if some other callback
+** function invokes sqlite3_changes() directly. Essentially:
+**
+** <ul>
+** <li> ^(Before entering a trigger program the value returned by
+** sqlite3_changes() function is saved. After the trigger program
+** has finished, the original value is restored.)^
+**
+** <li> ^(Within a trigger program each INSERT, UPDATE and DELETE
+** statement sets the value returned by sqlite3_changes()
+** upon completion as normal. Of course, this value will not include
+** any changes performed by sub-triggers, as the sqlite3_changes()
+** value will be saved and restored after each sub-trigger has run.)^
+** </ul>
+**
+** ^This means that if the changes() SQL function (or similar) is used
+** by the first INSERT, UPDATE or DELETE statement within a trigger, it
+** returns the value as set when the calling statement began executing.
+** ^If it is used by the second or subsequent such statement within a trigger
+** program, the value returned reflects the number of rows modified by the
+** previous INSERT, UPDATE or DELETE statement within the same trigger.
+**
+** See also the [sqlite3_total_changes()] interface, the
+** [count_changes pragma], and the [changes() SQL function].
+**
+** If a separate thread makes changes on the same database connection
+** while [sqlite3_changes()] is running then the value returned
+** is unpredictable and not meaningful.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_changes(sqlite3*);
+
+/*
+** CAPI3REF: Total Number Of Rows Modified
+** METHOD: sqlite3
+**
+** ^This function returns the total number of rows inserted, modified or
+** deleted by all [INSERT], [UPDATE] or [DELETE] statements completed
+** since the database connection was opened, including those executed as
+** part of trigger programs. ^Executing any other type of SQL statement
+** does not affect the value returned by sqlite3_total_changes().
+**
+** ^Changes made as part of [foreign key actions] are included in the
+** count, but those made as part of REPLACE constraint resolution are
+** not. ^Changes to a view that are intercepted by INSTEAD OF triggers
+** are not counted.
+**
+** See also the [sqlite3_changes()] interface, the
+** [count_changes pragma], and the [total_changes() SQL function].
+**
+** If a separate thread makes changes on the same database connection
+** while [sqlite3_total_changes()] is running then the value
+** returned is unpredictable and not meaningful.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_total_changes(sqlite3*);
+
+/*
+** CAPI3REF: Interrupt A Long-Running Query
+** METHOD: sqlite3
+**
+** ^This function causes any pending database operation to abort and
+** return at its earliest opportunity. This routine is typically
+** called in response to a user action such as pressing "Cancel"
+** or Ctrl-C where the user wants a long query operation to halt
+** immediately.
+**
+** ^It is safe to call this routine from a thread different from the
+** thread that is currently running the database operation. But it
+** is not safe to call this routine with a [database connection] that
+** is closed or might close before sqlite3_interrupt() returns.
+**
+** ^If an SQL operation is very nearly finished at the time when
+** sqlite3_interrupt() is called, then it might not have an opportunity
+** to be interrupted and might continue to completion.
+**
+** ^An SQL operation that is interrupted will return [SQLITE_INTERRUPT].
+** ^If the interrupted SQL operation is an INSERT, UPDATE, or DELETE
+** that is inside an explicit transaction, then the entire transaction
+** will be rolled back automatically.
+**
+** ^The sqlite3_interrupt(D) call is in effect until all currently running
+** SQL statements on [database connection] D complete. ^Any new SQL statements
+** that are started after the sqlite3_interrupt() call and before the
+** running statements reaches zero are interrupted as if they had been
+** running prior to the sqlite3_interrupt() call. ^New SQL statements
+** that are started after the running statement count reaches zero are
+** not effected by the sqlite3_interrupt().
+** ^A call to sqlite3_interrupt(D) that occurs when there are no running
+** SQL statements is a no-op and has no effect on SQL statements
+** that are started after the sqlite3_interrupt() call returns.
+**
+** If the database connection closes while [sqlite3_interrupt()]
+** is running then bad things will likely happen.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_interrupt(sqlite3*);
+
+/*
+** CAPI3REF: Determine If An SQL Statement Is Complete
+**
+** These routines are useful during command-line input to determine if the
+** currently entered text seems to form a complete SQL statement or
+** if additional input is needed before sending the text into
+** SQLite for parsing. ^These routines return 1 if the input string
+** appears to be a complete SQL statement. ^A statement is judged to be
+** complete if it ends with a semicolon token and is not a prefix of a
+** well-formed CREATE TRIGGER statement. ^Semicolons that are embedded within
+** string literals or quoted identifier names or comments are not
+** independent tokens (they are part of the token in which they are
+** embedded) and thus do not count as a statement terminator. ^Whitespace
+** and comments that follow the final semicolon are ignored.
+**
+** ^These routines return 0 if the statement is incomplete. ^If a
+** memory allocation fails, then SQLITE_NOMEM is returned.
+**
+** ^These routines do not parse the SQL statements thus
+** will not detect syntactically incorrect SQL.
+**
+** ^(If SQLite has not been initialized using [sqlite3_initialize()] prior
+** to invoking sqlite3_complete16() then sqlite3_initialize() is invoked
+** automatically by sqlite3_complete16(). If that initialization fails,
+** then the return value from sqlite3_complete16() will be non-zero
+** regardless of whether or not the input SQL is complete.)^
+**
+** The input to [sqlite3_complete()] must be a zero-terminated
+** UTF-8 string.
+**
+** The input to [sqlite3_complete16()] must be a zero-terminated
+** UTF-16 string in native byte order.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_complete(const char *sql);
+SQLITE_API int SQLITE_STDCALL sqlite3_complete16(const void *sql);
+
+/*
+** CAPI3REF: Register A Callback To Handle SQLITE_BUSY Errors
+** KEYWORDS: {busy-handler callback} {busy handler}
+** METHOD: sqlite3
+**
+** ^The sqlite3_busy_handler(D,X,P) routine sets a callback function X
+** that might be invoked with argument P whenever
+** an attempt is made to access a database table associated with
+** [database connection] D when another thread
+** or process has the table locked.
+** The sqlite3_busy_handler() interface is used to implement
+** [sqlite3_busy_timeout()] and [PRAGMA busy_timeout].
+**
+** ^If the busy callback is NULL, then [SQLITE_BUSY]
+** is returned immediately upon encountering the lock. ^If the busy callback
+** is not NULL, then the callback might be invoked with two arguments.
+**
+** ^The first argument to the busy handler is a copy of the void* pointer which
+** is the third argument to sqlite3_busy_handler(). ^The second argument to
+** the busy handler callback is the number of times that the busy handler has
+** been invoked previously for the same locking event. ^If the
+** busy callback returns 0, then no additional attempts are made to
+** access the database and [SQLITE_BUSY] is returned
+** to the application.
+** ^If the callback returns non-zero, then another attempt
+** is made to access the database and the cycle repeats.
+**
+** The presence of a busy handler does not guarantee that it will be invoked
+** when there is lock contention. ^If SQLite determines that invoking the busy
+** handler could result in a deadlock, it will go ahead and return [SQLITE_BUSY]
+** to the application instead of invoking the
+** busy handler.
+** Consider a scenario where one process is holding a read lock that
+** it is trying to promote to a reserved lock and
+** a second process is holding a reserved lock that it is trying
+** to promote to an exclusive lock. The first process cannot proceed
+** because it is blocked by the second and the second process cannot
+** proceed because it is blocked by the first. If both processes
+** invoke the busy handlers, neither will make any progress. Therefore,
+** SQLite returns [SQLITE_BUSY] for the first process, hoping that this
+** will induce the first process to release its read lock and allow
+** the second process to proceed.
+**
+** ^The default busy callback is NULL.
+**
+** ^(There can only be a single busy handler defined for each
+** [database connection]. Setting a new busy handler clears any
+** previously set handler.)^ ^Note that calling [sqlite3_busy_timeout()]
+** or evaluating [PRAGMA busy_timeout=N] will change the
+** busy handler and thus clear any previously set busy handler.
+**
+** The busy callback should not take any actions which modify the
+** database connection that invoked the busy handler. In other words,
+** the busy handler is not reentrant. Any such actions
+** result in undefined behavior.
+**
+** A busy handler must not close the database connection
+** or [prepared statement] that invoked the busy handler.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_busy_handler(sqlite3*, int(*)(void*,int), void*);
+
+/*
+** CAPI3REF: Set A Busy Timeout
+** METHOD: sqlite3
+**
+** ^This routine sets a [sqlite3_busy_handler | busy handler] that sleeps
+** for a specified amount of time when a table is locked. ^The handler
+** will sleep multiple times until at least "ms" milliseconds of sleeping
+** have accumulated. ^After at least "ms" milliseconds of sleeping,
+** the handler returns 0 which causes [sqlite3_step()] to return
+** [SQLITE_BUSY].
+**
+** ^Calling this routine with an argument less than or equal to zero
+** turns off all busy handlers.
+**
+** ^(There can only be a single busy handler for a particular
+** [database connection] at any given moment. If another busy handler
+** was defined (using [sqlite3_busy_handler()]) prior to calling
+** this routine, that other busy handler is cleared.)^
+**
+** See also: [PRAGMA busy_timeout]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_busy_timeout(sqlite3*, int ms);
+
+/*
+** CAPI3REF: Convenience Routines For Running Queries
+** METHOD: sqlite3
+**
+** This is a legacy interface that is preserved for backwards compatibility.
+** Use of this interface is not recommended.
+**
+** Definition: A <b>result table</b> is memory data structure created by the
+** [sqlite3_get_table()] interface. A result table records the
+** complete query results from one or more queries.
+**
+** The table conceptually has a number of rows and columns. But
+** these numbers are not part of the result table itself. These
+** numbers are obtained separately. Let N be the number of rows
+** and M be the number of columns.
+**
+** A result table is an array of pointers to zero-terminated UTF-8 strings.
+** There are (N+1)*M elements in the array. The first M pointers point
+** to zero-terminated strings that contain the names of the columns.
+** The remaining entries all point to query results. NULL values result
+** in NULL pointers. All other values are in their UTF-8 zero-terminated
+** string representation as returned by [sqlite3_column_text()].
+**
+** A result table might consist of one or more memory allocations.
+** It is not safe to pass a result table directly to [sqlite3_free()].
+** A result table should be deallocated using [sqlite3_free_table()].
+**
+** ^(As an example of the result table format, suppose a query result
+** is as follows:
+**
+** <blockquote><pre>
+** Name | Age
+** -----------------------
+** Alice | 43
+** Bob | 28
+** Cindy | 21
+** </pre></blockquote>
+**
+** There are two column (M==2) and three rows (N==3). Thus the
+** result table has 8 entries. Suppose the result table is stored
+** in an array names azResult. Then azResult holds this content:
+**
+** <blockquote><pre>
+** azResult&#91;0] = "Name";
+** azResult&#91;1] = "Age";
+** azResult&#91;2] = "Alice";
+** azResult&#91;3] = "43";
+** azResult&#91;4] = "Bob";
+** azResult&#91;5] = "28";
+** azResult&#91;6] = "Cindy";
+** azResult&#91;7] = "21";
+** </pre></blockquote>)^
+**
+** ^The sqlite3_get_table() function evaluates one or more
+** semicolon-separated SQL statements in the zero-terminated UTF-8
+** string of its 2nd parameter and returns a result table to the
+** pointer given in its 3rd parameter.
+**
+** After the application has finished with the result from sqlite3_get_table(),
+** it must pass the result table pointer to sqlite3_free_table() in order to
+** release the memory that was malloced. Because of the way the
+** [sqlite3_malloc()] happens within sqlite3_get_table(), the calling
+** function must not try to call [sqlite3_free()] directly. Only
+** [sqlite3_free_table()] is able to release the memory properly and safely.
+**
+** The sqlite3_get_table() interface is implemented as a wrapper around
+** [sqlite3_exec()]. The sqlite3_get_table() routine does not have access
+** to any internal data structures of SQLite. It uses only the public
+** interface defined here. As a consequence, errors that occur in the
+** wrapper layer outside of the internal [sqlite3_exec()] call are not
+** reflected in subsequent calls to [sqlite3_errcode()] or
+** [sqlite3_errmsg()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_get_table(
+ sqlite3 *db, /* An open database */
+ const char *zSql, /* SQL to be evaluated */
+ char ***pazResult, /* Results of the query */
+ int *pnRow, /* Number of result rows written here */
+ int *pnColumn, /* Number of result columns written here */
+ char **pzErrmsg /* Error msg written here */
+);
+SQLITE_API void SQLITE_STDCALL sqlite3_free_table(char **result);
+
+/*
+** CAPI3REF: Formatted String Printing Functions
+**
+** These routines are work-alikes of the "printf()" family of functions
+** from the standard C library.
+** These routines understand most of the common K&R formatting options,
+** plus some additional non-standard formats, detailed below.
+** Note that some of the more obscure formatting options from recent
+** C-library standards are omitted from this implementation.
+**
+** ^The sqlite3_mprintf() and sqlite3_vmprintf() routines write their
+** results into memory obtained from [sqlite3_malloc()].
+** The strings returned by these two routines should be
+** released by [sqlite3_free()]. ^Both routines return a
+** NULL pointer if [sqlite3_malloc()] is unable to allocate enough
+** memory to hold the resulting string.
+**
+** ^(The sqlite3_snprintf() routine is similar to "snprintf()" from
+** the standard C library. The result is written into the
+** buffer supplied as the second parameter whose size is given by
+** the first parameter. Note that the order of the
+** first two parameters is reversed from snprintf().)^ This is an
+** historical accident that cannot be fixed without breaking
+** backwards compatibility. ^(Note also that sqlite3_snprintf()
+** returns a pointer to its buffer instead of the number of
+** characters actually written into the buffer.)^ We admit that
+** the number of characters written would be a more useful return
+** value but we cannot change the implementation of sqlite3_snprintf()
+** now without breaking compatibility.
+**
+** ^As long as the buffer size is greater than zero, sqlite3_snprintf()
+** guarantees that the buffer is always zero-terminated. ^The first
+** parameter "n" is the total size of the buffer, including space for
+** the zero terminator. So the longest string that can be completely
+** written will be n-1 characters.
+**
+** ^The sqlite3_vsnprintf() routine is a varargs version of sqlite3_snprintf().
+**
+** These routines all implement some additional formatting
+** options that are useful for constructing SQL statements.
+** All of the usual printf() formatting options apply. In addition, there
+** is are "%q", "%Q", "%w" and "%z" options.
+**
+** ^(The %q option works like %s in that it substitutes a nul-terminated
+** string from the argument list. But %q also doubles every '\'' character.
+** %q is designed for use inside a string literal.)^ By doubling each '\''
+** character it escapes that character and allows it to be inserted into
+** the string.
+**
+** For example, assume the string variable zText contains text as follows:
+**
+** <blockquote><pre>
+** char *zText = "It's a happy day!";
+** </pre></blockquote>
+**
+** One can use this text in an SQL statement as follows:
+**
+** <blockquote><pre>
+** char *zSQL = sqlite3_mprintf("INSERT INTO table VALUES('%q')", zText);
+** sqlite3_exec(db, zSQL, 0, 0, 0);
+** sqlite3_free(zSQL);
+** </pre></blockquote>
+**
+** Because the %q format string is used, the '\'' character in zText
+** is escaped and the SQL generated is as follows:
+**
+** <blockquote><pre>
+** INSERT INTO table1 VALUES('It''s a happy day!')
+** </pre></blockquote>
+**
+** This is correct. Had we used %s instead of %q, the generated SQL
+** would have looked like this:
+**
+** <blockquote><pre>
+** INSERT INTO table1 VALUES('It's a happy day!');
+** </pre></blockquote>
+**
+** This second example is an SQL syntax error. As a general rule you should
+** always use %q instead of %s when inserting text into a string literal.
+**
+** ^(The %Q option works like %q except it also adds single quotes around
+** the outside of the total string. Additionally, if the parameter in the
+** argument list is a NULL pointer, %Q substitutes the text "NULL" (without
+** single quotes).)^ So, for example, one could say:
+**
+** <blockquote><pre>
+** char *zSQL = sqlite3_mprintf("INSERT INTO table VALUES(%Q)", zText);
+** sqlite3_exec(db, zSQL, 0, 0, 0);
+** sqlite3_free(zSQL);
+** </pre></blockquote>
+**
+** The code above will render a correct SQL statement in the zSQL
+** variable even if the zText variable is a NULL pointer.
+**
+** ^(The "%w" formatting option is like "%q" except that it expects to
+** be contained within double-quotes instead of single quotes, and it
+** escapes the double-quote character instead of the single-quote
+** character.)^ The "%w" formatting option is intended for safely inserting
+** table and column names into a constructed SQL statement.
+**
+** ^(The "%z" formatting option works like "%s" but with the
+** addition that after the string has been read and copied into
+** the result, [sqlite3_free()] is called on the input string.)^
+*/
+SQLITE_API char *SQLITE_CDECL sqlite3_mprintf(const char*,...);
+SQLITE_API char *SQLITE_STDCALL sqlite3_vmprintf(const char*, va_list);
+SQLITE_API char *SQLITE_CDECL sqlite3_snprintf(int,char*,const char*, ...);
+SQLITE_API char *SQLITE_STDCALL sqlite3_vsnprintf(int,char*,const char*, va_list);
+
+/*
+** CAPI3REF: Memory Allocation Subsystem
+**
+** The SQLite core uses these three routines for all of its own
+** internal memory allocation needs. "Core" in the previous sentence
+** does not include operating-system specific VFS implementation. The
+** Windows VFS uses native malloc() and free() for some operations.
+**
+** ^The sqlite3_malloc() routine returns a pointer to a block
+** of memory at least N bytes in length, where N is the parameter.
+** ^If sqlite3_malloc() is unable to obtain sufficient free
+** memory, it returns a NULL pointer. ^If the parameter N to
+** sqlite3_malloc() is zero or negative then sqlite3_malloc() returns
+** a NULL pointer.
+**
+** ^The sqlite3_malloc64(N) routine works just like
+** sqlite3_malloc(N) except that N is an unsigned 64-bit integer instead
+** of a signed 32-bit integer.
+**
+** ^Calling sqlite3_free() with a pointer previously returned
+** by sqlite3_malloc() or sqlite3_realloc() releases that memory so
+** that it might be reused. ^The sqlite3_free() routine is
+** a no-op if is called with a NULL pointer. Passing a NULL pointer
+** to sqlite3_free() is harmless. After being freed, memory
+** should neither be read nor written. Even reading previously freed
+** memory might result in a segmentation fault or other severe error.
+** Memory corruption, a segmentation fault, or other severe error
+** might result if sqlite3_free() is called with a non-NULL pointer that
+** was not obtained from sqlite3_malloc() or sqlite3_realloc().
+**
+** ^The sqlite3_realloc(X,N) interface attempts to resize a
+** prior memory allocation X to be at least N bytes.
+** ^If the X parameter to sqlite3_realloc(X,N)
+** is a NULL pointer then its behavior is identical to calling
+** sqlite3_malloc(N).
+** ^If the N parameter to sqlite3_realloc(X,N) is zero or
+** negative then the behavior is exactly the same as calling
+** sqlite3_free(X).
+** ^sqlite3_realloc(X,N) returns a pointer to a memory allocation
+** of at least N bytes in size or NULL if insufficient memory is available.
+** ^If M is the size of the prior allocation, then min(N,M) bytes
+** of the prior allocation are copied into the beginning of buffer returned
+** by sqlite3_realloc(X,N) and the prior allocation is freed.
+** ^If sqlite3_realloc(X,N) returns NULL and N is positive, then the
+** prior allocation is not freed.
+**
+** ^The sqlite3_realloc64(X,N) interfaces works the same as
+** sqlite3_realloc(X,N) except that N is a 64-bit unsigned integer instead
+** of a 32-bit signed integer.
+**
+** ^If X is a memory allocation previously obtained from sqlite3_malloc(),
+** sqlite3_malloc64(), sqlite3_realloc(), or sqlite3_realloc64(), then
+** sqlite3_msize(X) returns the size of that memory allocation in bytes.
+** ^The value returned by sqlite3_msize(X) might be larger than the number
+** of bytes requested when X was allocated. ^If X is a NULL pointer then
+** sqlite3_msize(X) returns zero. If X points to something that is not
+** the beginning of memory allocation, or if it points to a formerly
+** valid memory allocation that has now been freed, then the behavior
+** of sqlite3_msize(X) is undefined and possibly harmful.
+**
+** ^The memory returned by sqlite3_malloc(), sqlite3_realloc(),
+** sqlite3_malloc64(), and sqlite3_realloc64()
+** is always aligned to at least an 8 byte boundary, or to a
+** 4 byte boundary if the [SQLITE_4_BYTE_ALIGNED_MALLOC] compile-time
+** option is used.
+**
+** In SQLite version 3.5.0 and 3.5.1, it was possible to define
+** the SQLITE_OMIT_MEMORY_ALLOCATION which would cause the built-in
+** implementation of these routines to be omitted. That capability
+** is no longer provided. Only built-in memory allocators can be used.
+**
+** Prior to SQLite version 3.7.10, the Windows OS interface layer called
+** the system malloc() and free() directly when converting
+** filenames between the UTF-8 encoding used by SQLite
+** and whatever filename encoding is used by the particular Windows
+** installation. Memory allocation errors were detected, but
+** they were reported back as [SQLITE_CANTOPEN] or
+** [SQLITE_IOERR] rather than [SQLITE_NOMEM].
+**
+** The pointer arguments to [sqlite3_free()] and [sqlite3_realloc()]
+** must be either NULL or else pointers obtained from a prior
+** invocation of [sqlite3_malloc()] or [sqlite3_realloc()] that have
+** not yet been released.
+**
+** The application must not read or write any part of
+** a block of memory after it has been released using
+** [sqlite3_free()] or [sqlite3_realloc()].
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_malloc(int);
+SQLITE_API void *SQLITE_STDCALL sqlite3_malloc64(sqlite3_uint64);
+SQLITE_API void *SQLITE_STDCALL sqlite3_realloc(void*, int);
+SQLITE_API void *SQLITE_STDCALL sqlite3_realloc64(void*, sqlite3_uint64);
+SQLITE_API void SQLITE_STDCALL sqlite3_free(void*);
+SQLITE_API sqlite3_uint64 SQLITE_STDCALL sqlite3_msize(void*);
+
+/*
+** CAPI3REF: Memory Allocator Statistics
+**
+** SQLite provides these two interfaces for reporting on the status
+** of the [sqlite3_malloc()], [sqlite3_free()], and [sqlite3_realloc()]
+** routines, which form the built-in memory allocation subsystem.
+**
+** ^The [sqlite3_memory_used()] routine returns the number of bytes
+** of memory currently outstanding (malloced but not freed).
+** ^The [sqlite3_memory_highwater()] routine returns the maximum
+** value of [sqlite3_memory_used()] since the high-water mark
+** was last reset. ^The values returned by [sqlite3_memory_used()] and
+** [sqlite3_memory_highwater()] include any overhead
+** added by SQLite in its implementation of [sqlite3_malloc()],
+** but not overhead added by the any underlying system library
+** routines that [sqlite3_malloc()] may call.
+**
+** ^The memory high-water mark is reset to the current value of
+** [sqlite3_memory_used()] if and only if the parameter to
+** [sqlite3_memory_highwater()] is true. ^The value returned
+** by [sqlite3_memory_highwater(1)] is the high-water mark
+** prior to the reset.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_memory_used(void);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_memory_highwater(int resetFlag);
+
+/*
+** CAPI3REF: Pseudo-Random Number Generator
+**
+** SQLite contains a high-quality pseudo-random number generator (PRNG) used to
+** select random [ROWID | ROWIDs] when inserting new records into a table that
+** already uses the largest possible [ROWID]. The PRNG is also used for
+** the build-in random() and randomblob() SQL functions. This interface allows
+** applications to access the same PRNG for other purposes.
+**
+** ^A call to this routine stores N bytes of randomness into buffer P.
+** ^The P parameter can be a NULL pointer.
+**
+** ^If this routine has not been previously called or if the previous
+** call had N less than one or a NULL pointer for P, then the PRNG is
+** seeded using randomness obtained from the xRandomness method of
+** the default [sqlite3_vfs] object.
+** ^If the previous call to this routine had an N of 1 or more and a
+** non-NULL P then the pseudo-randomness is generated
+** internally and without recourse to the [sqlite3_vfs] xRandomness
+** method.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_randomness(int N, void *P);
+
+/*
+** CAPI3REF: Compile-Time Authorization Callbacks
+** METHOD: sqlite3
+**
+** ^This routine registers an authorizer callback with a particular
+** [database connection], supplied in the first argument.
+** ^The authorizer callback is invoked as SQL statements are being compiled
+** by [sqlite3_prepare()] or its variants [sqlite3_prepare_v2()],
+** [sqlite3_prepare16()] and [sqlite3_prepare16_v2()]. ^At various
+** points during the compilation process, as logic is being created
+** to perform various actions, the authorizer callback is invoked to
+** see if those actions are allowed. ^The authorizer callback should
+** return [SQLITE_OK] to allow the action, [SQLITE_IGNORE] to disallow the
+** specific action but allow the SQL statement to continue to be
+** compiled, or [SQLITE_DENY] to cause the entire SQL statement to be
+** rejected with an error. ^If the authorizer callback returns
+** any value other than [SQLITE_IGNORE], [SQLITE_OK], or [SQLITE_DENY]
+** then the [sqlite3_prepare_v2()] or equivalent call that triggered
+** the authorizer will fail with an error message.
+**
+** When the callback returns [SQLITE_OK], that means the operation
+** requested is ok. ^When the callback returns [SQLITE_DENY], the
+** [sqlite3_prepare_v2()] or equivalent call that triggered the
+** authorizer will fail with an error message explaining that
+** access is denied.
+**
+** ^The first parameter to the authorizer callback is a copy of the third
+** parameter to the sqlite3_set_authorizer() interface. ^The second parameter
+** to the callback is an integer [SQLITE_COPY | action code] that specifies
+** the particular action to be authorized. ^The third through sixth parameters
+** to the callback are zero-terminated strings that contain additional
+** details about the action to be authorized.
+**
+** ^If the action code is [SQLITE_READ]
+** and the callback returns [SQLITE_IGNORE] then the
+** [prepared statement] statement is constructed to substitute
+** a NULL value in place of the table column that would have
+** been read if [SQLITE_OK] had been returned. The [SQLITE_IGNORE]
+** return can be used to deny an untrusted user access to individual
+** columns of a table.
+** ^If the action code is [SQLITE_DELETE] and the callback returns
+** [SQLITE_IGNORE] then the [DELETE] operation proceeds but the
+** [truncate optimization] is disabled and all rows are deleted individually.
+**
+** An authorizer is used when [sqlite3_prepare | preparing]
+** SQL statements from an untrusted source, to ensure that the SQL statements
+** do not try to access data they are not allowed to see, or that they do not
+** try to execute malicious statements that damage the database. For
+** example, an application may allow a user to enter arbitrary
+** SQL queries for evaluation by a database. But the application does
+** not want the user to be able to make arbitrary changes to the
+** database. An authorizer could then be put in place while the
+** user-entered SQL is being [sqlite3_prepare | prepared] that
+** disallows everything except [SELECT] statements.
+**
+** Applications that need to process SQL from untrusted sources
+** might also consider lowering resource limits using [sqlite3_limit()]
+** and limiting database size using the [max_page_count] [PRAGMA]
+** in addition to using an authorizer.
+**
+** ^(Only a single authorizer can be in place on a database connection
+** at a time. Each call to sqlite3_set_authorizer overrides the
+** previous call.)^ ^Disable the authorizer by installing a NULL callback.
+** The authorizer is disabled by default.
+**
+** The authorizer callback must not do anything that will modify
+** the database connection that invoked the authorizer callback.
+** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
+** database connections for the meaning of "modify" in this paragraph.
+**
+** ^When [sqlite3_prepare_v2()] is used to prepare a statement, the
+** statement might be re-prepared during [sqlite3_step()] due to a
+** schema change. Hence, the application should ensure that the
+** correct authorizer callback remains in place during the [sqlite3_step()].
+**
+** ^Note that the authorizer callback is invoked only during
+** [sqlite3_prepare()] or its variants. Authorization is not
+** performed during statement evaluation in [sqlite3_step()], unless
+** as stated in the previous paragraph, sqlite3_step() invokes
+** sqlite3_prepare_v2() to reprepare a statement after a schema change.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_set_authorizer(
+ sqlite3*,
+ int (*xAuth)(void*,int,const char*,const char*,const char*,const char*),
+ void *pUserData
+);
+
+/*
+** CAPI3REF: Authorizer Return Codes
+**
+** The [sqlite3_set_authorizer | authorizer callback function] must
+** return either [SQLITE_OK] or one of these two constants in order
+** to signal SQLite whether or not the action is permitted. See the
+** [sqlite3_set_authorizer | authorizer documentation] for additional
+** information.
+**
+** Note that SQLITE_IGNORE is also used as a [conflict resolution mode]
+** returned from the [sqlite3_vtab_on_conflict()] interface.
+*/
+#define SQLITE_DENY 1 /* Abort the SQL statement with an error */
+#define SQLITE_IGNORE 2 /* Don't allow access, but don't generate an error */
+
+/*
+** CAPI3REF: Authorizer Action Codes
+**
+** The [sqlite3_set_authorizer()] interface registers a callback function
+** that is invoked to authorize certain SQL statement actions. The
+** second parameter to the callback is an integer code that specifies
+** what action is being authorized. These are the integer action codes that
+** the authorizer callback may be passed.
+**
+** These action code values signify what kind of operation is to be
+** authorized. The 3rd and 4th parameters to the authorization
+** callback function will be parameters or NULL depending on which of these
+** codes is used as the second parameter. ^(The 5th parameter to the
+** authorizer callback is the name of the database ("main", "temp",
+** etc.) if applicable.)^ ^The 6th parameter to the authorizer callback
+** is the name of the inner-most trigger or view that is responsible for
+** the access attempt or NULL if this access attempt is directly from
+** top-level SQL code.
+*/
+/******************************************* 3rd ************ 4th ***********/
+#define SQLITE_CREATE_INDEX 1 /* Index Name Table Name */
+#define SQLITE_CREATE_TABLE 2 /* Table Name NULL */
+#define SQLITE_CREATE_TEMP_INDEX 3 /* Index Name Table Name */
+#define SQLITE_CREATE_TEMP_TABLE 4 /* Table Name NULL */
+#define SQLITE_CREATE_TEMP_TRIGGER 5 /* Trigger Name Table Name */
+#define SQLITE_CREATE_TEMP_VIEW 6 /* View Name NULL */
+#define SQLITE_CREATE_TRIGGER 7 /* Trigger Name Table Name */
+#define SQLITE_CREATE_VIEW 8 /* View Name NULL */
+#define SQLITE_DELETE 9 /* Table Name NULL */
+#define SQLITE_DROP_INDEX 10 /* Index Name Table Name */
+#define SQLITE_DROP_TABLE 11 /* Table Name NULL */
+#define SQLITE_DROP_TEMP_INDEX 12 /* Index Name Table Name */
+#define SQLITE_DROP_TEMP_TABLE 13 /* Table Name NULL */
+#define SQLITE_DROP_TEMP_TRIGGER 14 /* Trigger Name Table Name */
+#define SQLITE_DROP_TEMP_VIEW 15 /* View Name NULL */
+#define SQLITE_DROP_TRIGGER 16 /* Trigger Name Table Name */
+#define SQLITE_DROP_VIEW 17 /* View Name NULL */
+#define SQLITE_INSERT 18 /* Table Name NULL */
+#define SQLITE_PRAGMA 19 /* Pragma Name 1st arg or NULL */
+#define SQLITE_READ 20 /* Table Name Column Name */
+#define SQLITE_SELECT 21 /* NULL NULL */
+#define SQLITE_TRANSACTION 22 /* Operation NULL */
+#define SQLITE_UPDATE 23 /* Table Name Column Name */
+#define SQLITE_ATTACH 24 /* Filename NULL */
+#define SQLITE_DETACH 25 /* Database Name NULL */
+#define SQLITE_ALTER_TABLE 26 /* Database Name Table Name */
+#define SQLITE_REINDEX 27 /* Index Name NULL */
+#define SQLITE_ANALYZE 28 /* Table Name NULL */
+#define SQLITE_CREATE_VTABLE 29 /* Table Name Module Name */
+#define SQLITE_DROP_VTABLE 30 /* Table Name Module Name */
+#define SQLITE_FUNCTION 31 /* NULL Function Name */
+#define SQLITE_SAVEPOINT 32 /* Operation Savepoint Name */
+#define SQLITE_COPY 0 /* No longer used */
+#define SQLITE_RECURSIVE 33 /* NULL NULL */
+
+/*
+** CAPI3REF: Tracing And Profiling Functions
+** METHOD: sqlite3
+**
+** These routines register callback functions that can be used for
+** tracing and profiling the execution of SQL statements.
+**
+** ^The callback function registered by sqlite3_trace() is invoked at
+** various times when an SQL statement is being run by [sqlite3_step()].
+** ^The sqlite3_trace() callback is invoked with a UTF-8 rendering of the
+** SQL statement text as the statement first begins executing.
+** ^(Additional sqlite3_trace() callbacks might occur
+** as each triggered subprogram is entered. The callbacks for triggers
+** contain a UTF-8 SQL comment that identifies the trigger.)^
+**
+** The [SQLITE_TRACE_SIZE_LIMIT] compile-time option can be used to limit
+** the length of [bound parameter] expansion in the output of sqlite3_trace().
+**
+** ^The callback function registered by sqlite3_profile() is invoked
+** as each SQL statement finishes. ^The profile callback contains
+** the original statement text and an estimate of wall-clock time
+** of how long that statement took to run. ^The profile callback
+** time is in units of nanoseconds, however the current implementation
+** is only capable of millisecond resolution so the six least significant
+** digits in the time are meaningless. Future versions of SQLite
+** might provide greater resolution on the profiler callback. The
+** sqlite3_profile() function is considered experimental and is
+** subject to change in future versions of SQLite.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_trace(sqlite3*, void(*xTrace)(void*,const char*), void*);
+SQLITE_API SQLITE_EXPERIMENTAL void *SQLITE_STDCALL sqlite3_profile(sqlite3*,
+ void(*xProfile)(void*,const char*,sqlite3_uint64), void*);
+
+/*
+** CAPI3REF: Query Progress Callbacks
+** METHOD: sqlite3
+**
+** ^The sqlite3_progress_handler(D,N,X,P) interface causes the callback
+** function X to be invoked periodically during long running calls to
+** [sqlite3_exec()], [sqlite3_step()] and [sqlite3_get_table()] for
+** database connection D. An example use for this
+** interface is to keep a GUI updated during a large query.
+**
+** ^The parameter P is passed through as the only parameter to the
+** callback function X. ^The parameter N is the approximate number of
+** [virtual machine instructions] that are evaluated between successive
+** invocations of the callback X. ^If N is less than one then the progress
+** handler is disabled.
+**
+** ^Only a single progress handler may be defined at one time per
+** [database connection]; setting a new progress handler cancels the
+** old one. ^Setting parameter X to NULL disables the progress handler.
+** ^The progress handler is also disabled by setting N to a value less
+** than 1.
+**
+** ^If the progress callback returns non-zero, the operation is
+** interrupted. This feature can be used to implement a
+** "Cancel" button on a GUI progress dialog box.
+**
+** The progress handler callback must not do anything that will modify
+** the database connection that invoked the progress handler.
+** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
+** database connections for the meaning of "modify" in this paragraph.
+**
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
+
+/*
+** CAPI3REF: Opening A New Database Connection
+** CONSTRUCTOR: sqlite3
+**
+** ^These routines open an SQLite database file as specified by the
+** filename argument. ^The filename argument is interpreted as UTF-8 for
+** sqlite3_open() and sqlite3_open_v2() and as UTF-16 in the native byte
+** order for sqlite3_open16(). ^(A [database connection] handle is usually
+** returned in *ppDb, even if an error occurs. The only exception is that
+** if SQLite is unable to allocate memory to hold the [sqlite3] object,
+** a NULL will be written into *ppDb instead of a pointer to the [sqlite3]
+** object.)^ ^(If the database is opened (and/or created) successfully, then
+** [SQLITE_OK] is returned. Otherwise an [error code] is returned.)^ ^The
+** [sqlite3_errmsg()] or [sqlite3_errmsg16()] routines can be used to obtain
+** an English language description of the error following a failure of any
+** of the sqlite3_open() routines.
+**
+** ^The default encoding will be UTF-8 for databases created using
+** sqlite3_open() or sqlite3_open_v2(). ^The default encoding for databases
+** created using sqlite3_open16() will be UTF-16 in the native byte order.
+**
+** Whether or not an error occurs when it is opened, resources
+** associated with the [database connection] handle should be released by
+** passing it to [sqlite3_close()] when it is no longer required.
+**
+** The sqlite3_open_v2() interface works like sqlite3_open()
+** except that it accepts two additional parameters for additional control
+** over the new database connection. ^(The flags parameter to
+** sqlite3_open_v2() can take one of
+** the following three values, optionally combined with the
+** [SQLITE_OPEN_NOMUTEX], [SQLITE_OPEN_FULLMUTEX], [SQLITE_OPEN_SHAREDCACHE],
+** [SQLITE_OPEN_PRIVATECACHE], and/or [SQLITE_OPEN_URI] flags:)^
+**
+** <dl>
+** ^(<dt>[SQLITE_OPEN_READONLY]</dt>
+** <dd>The database is opened in read-only mode. If the database does not
+** already exist, an error is returned.</dd>)^
+**
+** ^(<dt>[SQLITE_OPEN_READWRITE]</dt>
+** <dd>The database is opened for reading and writing if possible, or reading
+** only if the file is write protected by the operating system. In either
+** case the database must already exist, otherwise an error is returned.</dd>)^
+**
+** ^(<dt>[SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE]</dt>
+** <dd>The database is opened for reading and writing, and is created if
+** it does not already exist. This is the behavior that is always used for
+** sqlite3_open() and sqlite3_open16().</dd>)^
+** </dl>
+**
+** If the 3rd parameter to sqlite3_open_v2() is not one of the
+** combinations shown above optionally combined with other
+** [SQLITE_OPEN_READONLY | SQLITE_OPEN_* bits]
+** then the behavior is undefined.
+**
+** ^If the [SQLITE_OPEN_NOMUTEX] flag is set, then the database connection
+** opens in the multi-thread [threading mode] as long as the single-thread
+** mode has not been set at compile-time or start-time. ^If the
+** [SQLITE_OPEN_FULLMUTEX] flag is set then the database connection opens
+** in the serialized [threading mode] unless single-thread was
+** previously selected at compile-time or start-time.
+** ^The [SQLITE_OPEN_SHAREDCACHE] flag causes the database connection to be
+** eligible to use [shared cache mode], regardless of whether or not shared
+** cache is enabled using [sqlite3_enable_shared_cache()]. ^The
+** [SQLITE_OPEN_PRIVATECACHE] flag causes the database connection to not
+** participate in [shared cache mode] even if it is enabled.
+**
+** ^The fourth parameter to sqlite3_open_v2() is the name of the
+** [sqlite3_vfs] object that defines the operating system interface that
+** the new database connection should use. ^If the fourth parameter is
+** a NULL pointer then the default [sqlite3_vfs] object is used.
+**
+** ^If the filename is ":memory:", then a private, temporary in-memory database
+** is created for the connection. ^This in-memory database will vanish when
+** the database connection is closed. Future versions of SQLite might
+** make use of additional special filenames that begin with the ":" character.
+** It is recommended that when a database filename actually does begin with
+** a ":" character you should prefix the filename with a pathname such as
+** "./" to avoid ambiguity.
+**
+** ^If the filename is an empty string, then a private, temporary
+** on-disk database will be created. ^This private database will be
+** automatically deleted as soon as the database connection is closed.
+**
+** [[URI filenames in sqlite3_open()]] <h3>URI Filenames</h3>
+**
+** ^If [URI filename] interpretation is enabled, and the filename argument
+** begins with "file:", then the filename is interpreted as a URI. ^URI
+** filename interpretation is enabled if the [SQLITE_OPEN_URI] flag is
+** set in the fourth argument to sqlite3_open_v2(), or if it has
+** been enabled globally using the [SQLITE_CONFIG_URI] option with the
+** [sqlite3_config()] method or by the [SQLITE_USE_URI] compile-time option.
+** As of SQLite version 3.7.7, URI filename interpretation is turned off
+** by default, but future releases of SQLite might enable URI filename
+** interpretation by default. See "[URI filenames]" for additional
+** information.
+**
+** URI filenames are parsed according to RFC 3986. ^If the URI contains an
+** authority, then it must be either an empty string or the string
+** "localhost". ^If the authority is not an empty string or "localhost", an
+** error is returned to the caller. ^The fragment component of a URI, if
+** present, is ignored.
+**
+** ^SQLite uses the path component of the URI as the name of the disk file
+** which contains the database. ^If the path begins with a '/' character,
+** then it is interpreted as an absolute path. ^If the path does not begin
+** with a '/' (meaning that the authority section is omitted from the URI)
+** then the path is interpreted as a relative path.
+** ^(On windows, the first component of an absolute path
+** is a drive specification (e.g. "C:").)^
+**
+** [[core URI query parameters]]
+** The query component of a URI may contain parameters that are interpreted
+** either by SQLite itself, or by a [VFS | custom VFS implementation].
+** SQLite and its built-in [VFSes] interpret the
+** following query parameters:
+**
+** <ul>
+** <li> <b>vfs</b>: ^The "vfs" parameter may be used to specify the name of
+** a VFS object that provides the operating system interface that should
+** be used to access the database file on disk. ^If this option is set to
+** an empty string the default VFS object is used. ^Specifying an unknown
+** VFS is an error. ^If sqlite3_open_v2() is used and the vfs option is
+** present, then the VFS specified by the option takes precedence over
+** the value passed as the fourth parameter to sqlite3_open_v2().
+**
+** <li> <b>mode</b>: ^(The mode parameter may be set to either "ro", "rw",
+** "rwc", or "memory". Attempting to set it to any other value is
+** an error)^.
+** ^If "ro" is specified, then the database is opened for read-only
+** access, just as if the [SQLITE_OPEN_READONLY] flag had been set in the
+** third argument to sqlite3_open_v2(). ^If the mode option is set to
+** "rw", then the database is opened for read-write (but not create)
+** access, as if SQLITE_OPEN_READWRITE (but not SQLITE_OPEN_CREATE) had
+** been set. ^Value "rwc" is equivalent to setting both
+** SQLITE_OPEN_READWRITE and SQLITE_OPEN_CREATE. ^If the mode option is
+** set to "memory" then a pure [in-memory database] that never reads
+** or writes from disk is used. ^It is an error to specify a value for
+** the mode parameter that is less restrictive than that specified by
+** the flags passed in the third parameter to sqlite3_open_v2().
+**
+** <li> <b>cache</b>: ^The cache parameter may be set to either "shared" or
+** "private". ^Setting it to "shared" is equivalent to setting the
+** SQLITE_OPEN_SHAREDCACHE bit in the flags argument passed to
+** sqlite3_open_v2(). ^Setting the cache parameter to "private" is
+** equivalent to setting the SQLITE_OPEN_PRIVATECACHE bit.
+** ^If sqlite3_open_v2() is used and the "cache" parameter is present in
+** a URI filename, its value overrides any behavior requested by setting
+** SQLITE_OPEN_PRIVATECACHE or SQLITE_OPEN_SHAREDCACHE flag.
+**
+** <li> <b>psow</b>: ^The psow parameter indicates whether or not the
+** [powersafe overwrite] property does or does not apply to the
+** storage media on which the database file resides.
+**
+** <li> <b>nolock</b>: ^The nolock parameter is a boolean query parameter
+** which if set disables file locking in rollback journal modes. This
+** is useful for accessing a database on a filesystem that does not
+** support locking. Caution: Database corruption might result if two
+** or more processes write to the same database and any one of those
+** processes uses nolock=1.
+**
+** <li> <b>immutable</b>: ^The immutable parameter is a boolean query
+** parameter that indicates that the database file is stored on
+** read-only media. ^When immutable is set, SQLite assumes that the
+** database file cannot be changed, even by a process with higher
+** privilege, and so the database is opened read-only and all locking
+** and change detection is disabled. Caution: Setting the immutable
+** property on a database file that does in fact change can result
+** in incorrect query results and/or [SQLITE_CORRUPT] errors.
+** See also: [SQLITE_IOCAP_IMMUTABLE].
+**
+** </ul>
+**
+** ^Specifying an unknown parameter in the query component of a URI is not an
+** error. Future versions of SQLite might understand additional query
+** parameters. See "[query parameters with special meaning to SQLite]" for
+** additional information.
+**
+** [[URI filename examples]] <h3>URI filename examples</h3>
+**
+** <table border="1" align=center cellpadding=5>
+** <tr><th> URI filenames <th> Results
+** <tr><td> file:data.db <td>
+** Open the file "data.db" in the current directory.
+** <tr><td> file:/home/fred/data.db<br>
+** file:///home/fred/data.db <br>
+** file://localhost/home/fred/data.db <br> <td>
+** Open the database file "/home/fred/data.db".
+** <tr><td> file://darkstar/home/fred/data.db <td>
+** An error. "darkstar" is not a recognized authority.
+** <tr><td style="white-space:nowrap">
+** file:///C:/Documents%20and%20Settings/fred/Desktop/data.db
+** <td> Windows only: Open the file "data.db" on fred's desktop on drive
+** C:. Note that the %20 escaping in this example is not strictly
+** necessary - space characters can be used literally
+** in URI filenames.
+** <tr><td> file:data.db?mode=ro&cache=private <td>
+** Open file "data.db" in the current directory for read-only access.
+** Regardless of whether or not shared-cache mode is enabled by
+** default, use a private cache.
+** <tr><td> file:/home/fred/data.db?vfs=unix-dotfile <td>
+** Open file "/home/fred/data.db". Use the special VFS "unix-dotfile"
+** that uses dot-files in place of posix advisory locking.
+** <tr><td> file:data.db?mode=readonly <td>
+** An error. "readonly" is not a valid option for the "mode" parameter.
+** </table>
+**
+** ^URI hexadecimal escape sequences (%HH) are supported within the path and
+** query components of a URI. A hexadecimal escape sequence consists of a
+** percent sign - "%" - followed by exactly two hexadecimal digits
+** specifying an octet value. ^Before the path or query components of a
+** URI filename are interpreted, they are encoded using UTF-8 and all
+** hexadecimal escape sequences replaced by a single byte containing the
+** corresponding octet. If this process generates an invalid UTF-8 encoding,
+** the results are undefined.
+**
+** <b>Note to Windows users:</b> The encoding used for the filename argument
+** of sqlite3_open() and sqlite3_open_v2() must be UTF-8, not whatever
+** codepage is currently defined. Filenames containing international
+** characters must be converted to UTF-8 prior to passing them into
+** sqlite3_open() or sqlite3_open_v2().
+**
+** <b>Note to Windows Runtime users:</b> The temporary directory must be set
+** prior to calling sqlite3_open() or sqlite3_open_v2(). Otherwise, various
+** features that require the use of temporary files may fail.
+**
+** See also: [sqlite3_temp_directory]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_open(
+ const char *filename, /* Database filename (UTF-8) */
+ sqlite3 **ppDb /* OUT: SQLite db handle */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_open16(
+ const void *filename, /* Database filename (UTF-16) */
+ sqlite3 **ppDb /* OUT: SQLite db handle */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_open_v2(
+ const char *filename, /* Database filename (UTF-8) */
+ sqlite3 **ppDb, /* OUT: SQLite db handle */
+ int flags, /* Flags */
+ const char *zVfs /* Name of VFS module to use */
+);
+
+/*
+** CAPI3REF: Obtain Values For URI Parameters
+**
+** These are utility routines, useful to VFS implementations, that check
+** to see if a database file was a URI that contained a specific query
+** parameter, and if so obtains the value of that query parameter.
+**
+** If F is the database filename pointer passed into the xOpen() method of
+** a VFS implementation when the flags parameter to xOpen() has one or
+** more of the [SQLITE_OPEN_URI] or [SQLITE_OPEN_MAIN_DB] bits set and
+** P is the name of the query parameter, then
+** sqlite3_uri_parameter(F,P) returns the value of the P
+** parameter if it exists or a NULL pointer if P does not appear as a
+** query parameter on F. If P is a query parameter of F
+** has no explicit value, then sqlite3_uri_parameter(F,P) returns
+** a pointer to an empty string.
+**
+** The sqlite3_uri_boolean(F,P,B) routine assumes that P is a boolean
+** parameter and returns true (1) or false (0) according to the value
+** of P. The sqlite3_uri_boolean(F,P,B) routine returns true (1) if the
+** value of query parameter P is one of "yes", "true", or "on" in any
+** case or if the value begins with a non-zero number. The
+** sqlite3_uri_boolean(F,P,B) routines returns false (0) if the value of
+** query parameter P is one of "no", "false", or "off" in any case or
+** if the value begins with a numeric zero. If P is not a query
+** parameter on F or if the value of P is does not match any of the
+** above, then sqlite3_uri_boolean(F,P,B) returns (B!=0).
+**
+** The sqlite3_uri_int64(F,P,D) routine converts the value of P into a
+** 64-bit signed integer and returns that integer, or D if P does not
+** exist. If the value of P is something other than an integer, then
+** zero is returned.
+**
+** If F is a NULL pointer, then sqlite3_uri_parameter(F,P) returns NULL and
+** sqlite3_uri_boolean(F,P,B) returns B. If F is not a NULL pointer and
+** is not a database file pathname pointer that SQLite passed into the xOpen
+** VFS method, then the behavior of this routine is undefined and probably
+** undesirable.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_uri_parameter(const char *zFilename, const char *zParam);
+SQLITE_API int SQLITE_STDCALL sqlite3_uri_boolean(const char *zFile, const char *zParam, int bDefault);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_uri_int64(const char*, const char*, sqlite3_int64);
+
+
+/*
+** CAPI3REF: Error Codes And Messages
+** METHOD: sqlite3
+**
+** ^If the most recent sqlite3_* API call associated with
+** [database connection] D failed, then the sqlite3_errcode(D) interface
+** returns the numeric [result code] or [extended result code] for that
+** API call.
+** If the most recent API call was successful,
+** then the return value from sqlite3_errcode() is undefined.
+** ^The sqlite3_extended_errcode()
+** interface is the same except that it always returns the
+** [extended result code] even when extended result codes are
+** disabled.
+**
+** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language
+** text that describes the error, as either UTF-8 or UTF-16 respectively.
+** ^(Memory to hold the error message string is managed internally.
+** The application does not need to worry about freeing the result.
+** However, the error string might be overwritten or deallocated by
+** subsequent calls to other SQLite interface functions.)^
+**
+** ^The sqlite3_errstr() interface returns the English-language text
+** that describes the [result code], as UTF-8.
+** ^(Memory to hold the error message string is managed internally
+** and must not be freed by the application)^.
+**
+** When the serialized [threading mode] is in use, it might be the
+** case that a second error occurs on a separate thread in between
+** the time of the first error and the call to these interfaces.
+** When that happens, the second error will be reported since these
+** interfaces always report the most recent result. To avoid
+** this, each thread can obtain exclusive use of the [database connection] D
+** by invoking [sqlite3_mutex_enter]([sqlite3_db_mutex](D)) before beginning
+** to use D and invoking [sqlite3_mutex_leave]([sqlite3_db_mutex](D)) after
+** all calls to the interfaces listed here are completed.
+**
+** If an interface fails with SQLITE_MISUSE, that means the interface
+** was invoked incorrectly by the application. In that case, the
+** error code and message may or may not be set.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_errcode(sqlite3 *db);
+SQLITE_API int SQLITE_STDCALL sqlite3_extended_errcode(sqlite3 *db);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_errmsg(sqlite3*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_errmsg16(sqlite3*);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_errstr(int);
+
+/*
+** CAPI3REF: Prepared Statement Object
+** KEYWORDS: {prepared statement} {prepared statements}
+**
+** An instance of this object represents a single SQL statement that
+** has been compiled into binary form and is ready to be evaluated.
+**
+** Think of each SQL statement as a separate computer program. The
+** original SQL text is source code. A prepared statement object
+** is the compiled object code. All SQL must be converted into a
+** prepared statement before it can be run.
+**
+** The life-cycle of a prepared statement object usually goes like this:
+**
+** <ol>
+** <li> Create the prepared statement object using [sqlite3_prepare_v2()].
+** <li> Bind values to [parameters] using the sqlite3_bind_*()
+** interfaces.
+** <li> Run the SQL by calling [sqlite3_step()] one or more times.
+** <li> Reset the prepared statement using [sqlite3_reset()] then go back
+** to step 2. Do this zero or more times.
+** <li> Destroy the object using [sqlite3_finalize()].
+** </ol>
+*/
+typedef struct sqlite3_stmt sqlite3_stmt;
+
+/*
+** CAPI3REF: Run-time Limits
+** METHOD: sqlite3
+**
+** ^(This interface allows the size of various constructs to be limited
+** on a connection by connection basis. The first parameter is the
+** [database connection] whose limit is to be set or queried. The
+** second parameter is one of the [limit categories] that define a
+** class of constructs to be size limited. The third parameter is the
+** new limit for that construct.)^
+**
+** ^If the new limit is a negative number, the limit is unchanged.
+** ^(For each limit category SQLITE_LIMIT_<i>NAME</i> there is a
+** [limits | hard upper bound]
+** set at compile-time by a C preprocessor macro called
+** [limits | SQLITE_MAX_<i>NAME</i>].
+** (The "_LIMIT_" in the name is changed to "_MAX_".))^
+** ^Attempts to increase a limit above its hard upper bound are
+** silently truncated to the hard upper bound.
+**
+** ^Regardless of whether or not the limit was changed, the
+** [sqlite3_limit()] interface returns the prior value of the limit.
+** ^Hence, to find the current value of a limit without changing it,
+** simply invoke this interface with the third parameter set to -1.
+**
+** Run-time limits are intended for use in applications that manage
+** both their own internal database and also databases that are controlled
+** by untrusted external sources. An example application might be a
+** web browser that has its own databases for storing history and
+** separate databases controlled by JavaScript applications downloaded
+** off the Internet. The internal databases can be given the
+** large, default limits. Databases managed by external sources can
+** be given much smaller limits designed to prevent a denial of service
+** attack. Developers might also want to use the [sqlite3_set_authorizer()]
+** interface to further control untrusted SQL. The size of the database
+** created by an untrusted script can be contained using the
+** [max_page_count] [PRAGMA].
+**
+** New run-time limit categories may be added in future releases.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_limit(sqlite3*, int id, int newVal);
+
+/*
+** CAPI3REF: Run-Time Limit Categories
+** KEYWORDS: {limit category} {*limit categories}
+**
+** These constants define various performance limits
+** that can be lowered at run-time using [sqlite3_limit()].
+** The synopsis of the meanings of the various limits is shown below.
+** Additional information is available at [limits | Limits in SQLite].
+**
+** <dl>
+** [[SQLITE_LIMIT_LENGTH]] ^(<dt>SQLITE_LIMIT_LENGTH</dt>
+** <dd>The maximum size of any string or BLOB or table row, in bytes.<dd>)^
+**
+** [[SQLITE_LIMIT_SQL_LENGTH]] ^(<dt>SQLITE_LIMIT_SQL_LENGTH</dt>
+** <dd>The maximum length of an SQL statement, in bytes.</dd>)^
+**
+** [[SQLITE_LIMIT_COLUMN]] ^(<dt>SQLITE_LIMIT_COLUMN</dt>
+** <dd>The maximum number of columns in a table definition or in the
+** result set of a [SELECT] or the maximum number of columns in an index
+** or in an ORDER BY or GROUP BY clause.</dd>)^
+**
+** [[SQLITE_LIMIT_EXPR_DEPTH]] ^(<dt>SQLITE_LIMIT_EXPR_DEPTH</dt>
+** <dd>The maximum depth of the parse tree on any expression.</dd>)^
+**
+** [[SQLITE_LIMIT_COMPOUND_SELECT]] ^(<dt>SQLITE_LIMIT_COMPOUND_SELECT</dt>
+** <dd>The maximum number of terms in a compound SELECT statement.</dd>)^
+**
+** [[SQLITE_LIMIT_VDBE_OP]] ^(<dt>SQLITE_LIMIT_VDBE_OP</dt>
+** <dd>The maximum number of instructions in a virtual machine program
+** used to implement an SQL statement. This limit is not currently
+** enforced, though that might be added in some future release of
+** SQLite.</dd>)^
+**
+** [[SQLITE_LIMIT_FUNCTION_ARG]] ^(<dt>SQLITE_LIMIT_FUNCTION_ARG</dt>
+** <dd>The maximum number of arguments on a function.</dd>)^
+**
+** [[SQLITE_LIMIT_ATTACHED]] ^(<dt>SQLITE_LIMIT_ATTACHED</dt>
+** <dd>The maximum number of [ATTACH | attached databases].)^</dd>
+**
+** [[SQLITE_LIMIT_LIKE_PATTERN_LENGTH]]
+** ^(<dt>SQLITE_LIMIT_LIKE_PATTERN_LENGTH</dt>
+** <dd>The maximum length of the pattern argument to the [LIKE] or
+** [GLOB] operators.</dd>)^
+**
+** [[SQLITE_LIMIT_VARIABLE_NUMBER]]
+** ^(<dt>SQLITE_LIMIT_VARIABLE_NUMBER</dt>
+** <dd>The maximum index number of any [parameter] in an SQL statement.)^
+**
+** [[SQLITE_LIMIT_TRIGGER_DEPTH]] ^(<dt>SQLITE_LIMIT_TRIGGER_DEPTH</dt>
+** <dd>The maximum depth of recursion for triggers.</dd>)^
+**
+** [[SQLITE_LIMIT_WORKER_THREADS]] ^(<dt>SQLITE_LIMIT_WORKER_THREADS</dt>
+** <dd>The maximum number of auxiliary worker threads that a single
+** [prepared statement] may start.</dd>)^
+** </dl>
+*/
+#define SQLITE_LIMIT_LENGTH 0
+#define SQLITE_LIMIT_SQL_LENGTH 1
+#define SQLITE_LIMIT_COLUMN 2
+#define SQLITE_LIMIT_EXPR_DEPTH 3
+#define SQLITE_LIMIT_COMPOUND_SELECT 4
+#define SQLITE_LIMIT_VDBE_OP 5
+#define SQLITE_LIMIT_FUNCTION_ARG 6
+#define SQLITE_LIMIT_ATTACHED 7
+#define SQLITE_LIMIT_LIKE_PATTERN_LENGTH 8
+#define SQLITE_LIMIT_VARIABLE_NUMBER 9
+#define SQLITE_LIMIT_TRIGGER_DEPTH 10
+#define SQLITE_LIMIT_WORKER_THREADS 11
+
+/*
+** CAPI3REF: Compiling An SQL Statement
+** KEYWORDS: {SQL statement compiler}
+** METHOD: sqlite3
+** CONSTRUCTOR: sqlite3_stmt
+**
+** To execute an SQL query, it must first be compiled into a byte-code
+** program using one of these routines.
+**
+** The first argument, "db", is a [database connection] obtained from a
+** prior successful call to [sqlite3_open()], [sqlite3_open_v2()] or
+** [sqlite3_open16()]. The database connection must not have been closed.
+**
+** The second argument, "zSql", is the statement to be compiled, encoded
+** as either UTF-8 or UTF-16. The sqlite3_prepare() and sqlite3_prepare_v2()
+** interfaces use UTF-8, and sqlite3_prepare16() and sqlite3_prepare16_v2()
+** use UTF-16.
+**
+** ^If the nByte argument is negative, then zSql is read up to the
+** first zero terminator. ^If nByte is positive, then it is the
+** number of bytes read from zSql. ^If nByte is zero, then no prepared
+** statement is generated.
+** If the caller knows that the supplied string is nul-terminated, then
+** there is a small performance advantage to passing an nByte parameter that
+** is the number of bytes in the input string <i>including</i>
+** the nul-terminator.
+**
+** ^If pzTail is not NULL then *pzTail is made to point to the first byte
+** past the end of the first SQL statement in zSql. These routines only
+** compile the first statement in zSql, so *pzTail is left pointing to
+** what remains uncompiled.
+**
+** ^*ppStmt is left pointing to a compiled [prepared statement] that can be
+** executed using [sqlite3_step()]. ^If there is an error, *ppStmt is set
+** to NULL. ^If the input text contains no SQL (if the input is an empty
+** string or a comment) then *ppStmt is set to NULL.
+** The calling procedure is responsible for deleting the compiled
+** SQL statement using [sqlite3_finalize()] after it has finished with it.
+** ppStmt may not be NULL.
+**
+** ^On success, the sqlite3_prepare() family of routines return [SQLITE_OK];
+** otherwise an [error code] is returned.
+**
+** The sqlite3_prepare_v2() and sqlite3_prepare16_v2() interfaces are
+** recommended for all new programs. The two older interfaces are retained
+** for backwards compatibility, but their use is discouraged.
+** ^In the "v2" interfaces, the prepared statement
+** that is returned (the [sqlite3_stmt] object) contains a copy of the
+** original SQL text. This causes the [sqlite3_step()] interface to
+** behave differently in three ways:
+**
+** <ol>
+** <li>
+** ^If the database schema changes, instead of returning [SQLITE_SCHEMA] as it
+** always used to do, [sqlite3_step()] will automatically recompile the SQL
+** statement and try to run it again. As many as [SQLITE_MAX_SCHEMA_RETRY]
+** retries will occur before sqlite3_step() gives up and returns an error.
+** </li>
+**
+** <li>
+** ^When an error occurs, [sqlite3_step()] will return one of the detailed
+** [error codes] or [extended error codes]. ^The legacy behavior was that
+** [sqlite3_step()] would only return a generic [SQLITE_ERROR] result code
+** and the application would have to make a second call to [sqlite3_reset()]
+** in order to find the underlying cause of the problem. With the "v2" prepare
+** interfaces, the underlying reason for the error is returned immediately.
+** </li>
+**
+** <li>
+** ^If the specific value bound to [parameter | host parameter] in the
+** WHERE clause might influence the choice of query plan for a statement,
+** then the statement will be automatically recompiled, as if there had been
+** a schema change, on the first [sqlite3_step()] call following any change
+** to the [sqlite3_bind_text | bindings] of that [parameter].
+** ^The specific value of WHERE-clause [parameter] might influence the
+** choice of query plan if the parameter is the left-hand side of a [LIKE]
+** or [GLOB] operator or if the parameter is compared to an indexed column
+** and the [SQLITE_ENABLE_STAT3] compile-time option is enabled.
+** </li>
+** </ol>
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare(
+ sqlite3 *db, /* Database handle */
+ const char *zSql, /* SQL statement, UTF-8 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const char **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare_v2(
+ sqlite3 *db, /* Database handle */
+ const char *zSql, /* SQL statement, UTF-8 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const char **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare16(
+ sqlite3 *db, /* Database handle */
+ const void *zSql, /* SQL statement, UTF-16 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const void **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare16_v2(
+ sqlite3 *db, /* Database handle */
+ const void *zSql, /* SQL statement, UTF-16 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const void **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+
+/*
+** CAPI3REF: Retrieving Statement SQL
+** METHOD: sqlite3_stmt
+**
+** ^This interface can be used to retrieve a saved copy of the original
+** SQL text used to create a [prepared statement] if that statement was
+** compiled using either [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()].
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_sql(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Determine If An SQL Statement Writes The Database
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_stmt_readonly(X) interface returns true (non-zero) if
+** and only if the [prepared statement] X makes no direct changes to
+** the content of the database file.
+**
+** Note that [application-defined SQL functions] or
+** [virtual tables] might change the database indirectly as a side effect.
+** ^(For example, if an application defines a function "eval()" that
+** calls [sqlite3_exec()], then the following SQL statement would
+** change the database file through side-effects:
+**
+** <blockquote><pre>
+** SELECT eval('DELETE FROM t1') FROM t2;
+** </pre></blockquote>
+**
+** But because the [SELECT] statement does not change the database file
+** directly, sqlite3_stmt_readonly() would still return true.)^
+**
+** ^Transaction control statements such as [BEGIN], [COMMIT], [ROLLBACK],
+** [SAVEPOINT], and [RELEASE] cause sqlite3_stmt_readonly() to return true,
+** since the statements themselves do not actually modify the database but
+** rather they control the timing of when other statements modify the
+** database. ^The [ATTACH] and [DETACH] statements also cause
+** sqlite3_stmt_readonly() to return true since, while those statements
+** change the configuration of a database connection, they do not make
+** changes to the content of the database files on disk.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_readonly(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Determine If A Prepared Statement Has Been Reset
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_stmt_busy(S) interface returns true (non-zero) if the
+** [prepared statement] S has been stepped at least once using
+** [sqlite3_step(S)] but has neither run to completion (returned
+** [SQLITE_DONE] from [sqlite3_step(S)]) nor
+** been reset using [sqlite3_reset(S)]. ^The sqlite3_stmt_busy(S)
+** interface returns false if S is a NULL pointer. If S is not a
+** NULL pointer and is not a pointer to a valid [prepared statement]
+** object, then the behavior is undefined and probably undesirable.
+**
+** This interface can be used in combination [sqlite3_next_stmt()]
+** to locate all prepared statements associated with a database
+** connection that are in need of being reset. This can be used,
+** for example, in diagnostic routines to search for prepared
+** statements that are holding a transaction open.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_busy(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Dynamically Typed Value Object
+** KEYWORDS: {protected sqlite3_value} {unprotected sqlite3_value}
+**
+** SQLite uses the sqlite3_value object to represent all values
+** that can be stored in a database table. SQLite uses dynamic typing
+** for the values it stores. ^Values stored in sqlite3_value objects
+** can be integers, floating point values, strings, BLOBs, or NULL.
+**
+** An sqlite3_value object may be either "protected" or "unprotected".
+** Some interfaces require a protected sqlite3_value. Other interfaces
+** will accept either a protected or an unprotected sqlite3_value.
+** Every interface that accepts sqlite3_value arguments specifies
+** whether or not it requires a protected sqlite3_value. The
+** [sqlite3_value_dup()] interface can be used to construct a new
+** protected sqlite3_value from an unprotected sqlite3_value.
+**
+** The terms "protected" and "unprotected" refer to whether or not
+** a mutex is held. An internal mutex is held for a protected
+** sqlite3_value object but no mutex is held for an unprotected
+** sqlite3_value object. If SQLite is compiled to be single-threaded
+** (with [SQLITE_THREADSAFE=0] and with [sqlite3_threadsafe()] returning 0)
+** or if SQLite is run in one of reduced mutex modes
+** [SQLITE_CONFIG_SINGLETHREAD] or [SQLITE_CONFIG_MULTITHREAD]
+** then there is no distinction between protected and unprotected
+** sqlite3_value objects and they can be used interchangeably. However,
+** for maximum code portability it is recommended that applications
+** still make the distinction between protected and unprotected
+** sqlite3_value objects even when not strictly required.
+**
+** ^The sqlite3_value objects that are passed as parameters into the
+** implementation of [application-defined SQL functions] are protected.
+** ^The sqlite3_value object returned by
+** [sqlite3_column_value()] is unprotected.
+** Unprotected sqlite3_value objects may only be used with
+** [sqlite3_result_value()] and [sqlite3_bind_value()].
+** The [sqlite3_value_blob | sqlite3_value_type()] family of
+** interfaces require protected sqlite3_value objects.
+*/
+typedef struct Mem sqlite3_value;
+
+/*
+** CAPI3REF: SQL Function Context Object
+**
+** The context in which an SQL function executes is stored in an
+** sqlite3_context object. ^A pointer to an sqlite3_context object
+** is always first parameter to [application-defined SQL functions].
+** The application-defined SQL function implementation will pass this
+** pointer through into calls to [sqlite3_result_int | sqlite3_result()],
+** [sqlite3_aggregate_context()], [sqlite3_user_data()],
+** [sqlite3_context_db_handle()], [sqlite3_get_auxdata()],
+** and/or [sqlite3_set_auxdata()].
+*/
+typedef struct sqlite3_context sqlite3_context;
+
+/*
+** CAPI3REF: Binding Values To Prepared Statements
+** KEYWORDS: {host parameter} {host parameters} {host parameter name}
+** KEYWORDS: {SQL parameter} {SQL parameters} {parameter binding}
+** METHOD: sqlite3_stmt
+**
+** ^(In the SQL statement text input to [sqlite3_prepare_v2()] and its variants,
+** literals may be replaced by a [parameter] that matches one of following
+** templates:
+**
+** <ul>
+** <li> ?
+** <li> ?NNN
+** <li> :VVV
+** <li> @VVV
+** <li> $VVV
+** </ul>
+**
+** In the templates above, NNN represents an integer literal,
+** and VVV represents an alphanumeric identifier.)^ ^The values of these
+** parameters (also called "host parameter names" or "SQL parameters")
+** can be set using the sqlite3_bind_*() routines defined here.
+**
+** ^The first argument to the sqlite3_bind_*() routines is always
+** a pointer to the [sqlite3_stmt] object returned from
+** [sqlite3_prepare_v2()] or its variants.
+**
+** ^The second argument is the index of the SQL parameter to be set.
+** ^The leftmost SQL parameter has an index of 1. ^When the same named
+** SQL parameter is used more than once, second and subsequent
+** occurrences have the same index as the first occurrence.
+** ^The index for named parameters can be looked up using the
+** [sqlite3_bind_parameter_index()] API if desired. ^The index
+** for "?NNN" parameters is the value of NNN.
+** ^The NNN value must be between 1 and the [sqlite3_limit()]
+** parameter [SQLITE_LIMIT_VARIABLE_NUMBER] (default value: 999).
+**
+** ^The third argument is the value to bind to the parameter.
+** ^If the third parameter to sqlite3_bind_text() or sqlite3_bind_text16()
+** or sqlite3_bind_blob() is a NULL pointer then the fourth parameter
+** is ignored and the end result is the same as sqlite3_bind_null().
+**
+** ^(In those routines that have a fourth argument, its value is the
+** number of bytes in the parameter. To be clear: the value is the
+** number of <u>bytes</u> in the value, not the number of characters.)^
+** ^If the fourth parameter to sqlite3_bind_text() or sqlite3_bind_text16()
+** is negative, then the length of the string is
+** the number of bytes up to the first zero terminator.
+** If the fourth parameter to sqlite3_bind_blob() is negative, then
+** the behavior is undefined.
+** If a non-negative fourth parameter is provided to sqlite3_bind_text()
+** or sqlite3_bind_text16() or sqlite3_bind_text64() then
+** that parameter must be the byte offset
+** where the NUL terminator would occur assuming the string were NUL
+** terminated. If any NUL characters occur at byte offsets less than
+** the value of the fourth parameter then the resulting string value will
+** contain embedded NULs. The result of expressions involving strings
+** with embedded NULs is undefined.
+**
+** ^The fifth argument to the BLOB and string binding interfaces
+** is a destructor used to dispose of the BLOB or
+** string after SQLite has finished with it. ^The destructor is called
+** to dispose of the BLOB or string even if the call to bind API fails.
+** ^If the fifth argument is
+** the special value [SQLITE_STATIC], then SQLite assumes that the
+** information is in static, unmanaged space and does not need to be freed.
+** ^If the fifth argument has the value [SQLITE_TRANSIENT], then
+** SQLite makes its own private copy of the data immediately, before
+** the sqlite3_bind_*() routine returns.
+**
+** ^The sixth argument to sqlite3_bind_text64() must be one of
+** [SQLITE_UTF8], [SQLITE_UTF16], [SQLITE_UTF16BE], or [SQLITE_UTF16LE]
+** to specify the encoding of the text in the third parameter. If
+** the sixth argument to sqlite3_bind_text64() is not one of the
+** allowed values shown above, or if the text encoding is different
+** from the encoding specified by the sixth parameter, then the behavior
+** is undefined.
+**
+** ^The sqlite3_bind_zeroblob() routine binds a BLOB of length N that
+** is filled with zeroes. ^A zeroblob uses a fixed amount of memory
+** (just an integer to hold its size) while it is being processed.
+** Zeroblobs are intended to serve as placeholders for BLOBs whose
+** content is later written using
+** [sqlite3_blob_open | incremental BLOB I/O] routines.
+** ^A negative value for the zeroblob results in a zero-length BLOB.
+**
+** ^If any of the sqlite3_bind_*() routines are called with a NULL pointer
+** for the [prepared statement] or with a prepared statement for which
+** [sqlite3_step()] has been called more recently than [sqlite3_reset()],
+** then the call will return [SQLITE_MISUSE]. If any sqlite3_bind_()
+** routine is passed a [prepared statement] that has been finalized, the
+** result is undefined and probably harmful.
+**
+** ^Bindings are not cleared by the [sqlite3_reset()] routine.
+** ^Unbound parameters are interpreted as NULL.
+**
+** ^The sqlite3_bind_* routines return [SQLITE_OK] on success or an
+** [error code] if anything goes wrong.
+** ^[SQLITE_TOOBIG] might be returned if the size of a string or BLOB
+** exceeds limits imposed by [sqlite3_limit]([SQLITE_LIMIT_LENGTH]) or
+** [SQLITE_MAX_LENGTH].
+** ^[SQLITE_RANGE] is returned if the parameter
+** index is out of range. ^[SQLITE_NOMEM] is returned if malloc() fails.
+**
+** See also: [sqlite3_bind_parameter_count()],
+** [sqlite3_bind_parameter_name()], and [sqlite3_bind_parameter_index()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_blob(sqlite3_stmt*, int, const void*, int n, void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_blob64(sqlite3_stmt*, int, const void*, sqlite3_uint64,
+ void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_double(sqlite3_stmt*, int, double);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_int(sqlite3_stmt*, int, int);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_int64(sqlite3_stmt*, int, sqlite3_int64);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_null(sqlite3_stmt*, int);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text(sqlite3_stmt*,int,const char*,int,void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text16(sqlite3_stmt*, int, const void*, int, void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text64(sqlite3_stmt*, int, const char*, sqlite3_uint64,
+ void(*)(void*), unsigned char encoding);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_value(sqlite3_stmt*, int, const sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_zeroblob(sqlite3_stmt*, int, int n);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_zeroblob64(sqlite3_stmt*, int, sqlite3_uint64);
+
+/*
+** CAPI3REF: Number Of SQL Parameters
+** METHOD: sqlite3_stmt
+**
+** ^This routine can be used to find the number of [SQL parameters]
+** in a [prepared statement]. SQL parameters are tokens of the
+** form "?", "?NNN", ":AAA", "$AAA", or "@AAA" that serve as
+** placeholders for values that are [sqlite3_bind_blob | bound]
+** to the parameters at a later time.
+**
+** ^(This routine actually returns the index of the largest (rightmost)
+** parameter. For all forms except ?NNN, this will correspond to the
+** number of unique parameters. If parameters of the ?NNN form are used,
+** there may be gaps in the list.)^
+**
+** See also: [sqlite3_bind_blob|sqlite3_bind()],
+** [sqlite3_bind_parameter_name()], and
+** [sqlite3_bind_parameter_index()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_parameter_count(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Name Of A Host Parameter
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_bind_parameter_name(P,N) interface returns
+** the name of the N-th [SQL parameter] in the [prepared statement] P.
+** ^(SQL parameters of the form "?NNN" or ":AAA" or "@AAA" or "$AAA"
+** have a name which is the string "?NNN" or ":AAA" or "@AAA" or "$AAA"
+** respectively.
+** In other words, the initial ":" or "$" or "@" or "?"
+** is included as part of the name.)^
+** ^Parameters of the form "?" without a following integer have no name
+** and are referred to as "nameless" or "anonymous parameters".
+**
+** ^The first host parameter has an index of 1, not 0.
+**
+** ^If the value N is out of range or if the N-th parameter is
+** nameless, then NULL is returned. ^The returned string is
+** always in UTF-8 encoding even if the named parameter was
+** originally specified as UTF-16 in [sqlite3_prepare16()] or
+** [sqlite3_prepare16_v2()].
+**
+** See also: [sqlite3_bind_blob|sqlite3_bind()],
+** [sqlite3_bind_parameter_count()], and
+** [sqlite3_bind_parameter_index()].
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_bind_parameter_name(sqlite3_stmt*, int);
+
+/*
+** CAPI3REF: Index Of A Parameter With A Given Name
+** METHOD: sqlite3_stmt
+**
+** ^Return the index of an SQL parameter given its name. ^The
+** index value returned is suitable for use as the second
+** parameter to [sqlite3_bind_blob|sqlite3_bind()]. ^A zero
+** is returned if no matching parameter is found. ^The parameter
+** name must be given in UTF-8 even if the original statement
+** was prepared from UTF-16 text using [sqlite3_prepare16_v2()].
+**
+** See also: [sqlite3_bind_blob|sqlite3_bind()],
+** [sqlite3_bind_parameter_count()], and
+** [sqlite3_bind_parameter_name()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_parameter_index(sqlite3_stmt*, const char *zName);
+
+/*
+** CAPI3REF: Reset All Bindings On A Prepared Statement
+** METHOD: sqlite3_stmt
+**
+** ^Contrary to the intuition of many, [sqlite3_reset()] does not reset
+** the [sqlite3_bind_blob | bindings] on a [prepared statement].
+** ^Use this routine to reset all host parameters to NULL.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_clear_bindings(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Number Of Columns In A Result Set
+** METHOD: sqlite3_stmt
+**
+** ^Return the number of columns in the result set returned by the
+** [prepared statement]. ^This routine returns 0 if pStmt is an SQL
+** statement that does not return data (for example an [UPDATE]).
+**
+** See also: [sqlite3_data_count()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_column_count(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Column Names In A Result Set
+** METHOD: sqlite3_stmt
+**
+** ^These routines return the name assigned to a particular column
+** in the result set of a [SELECT] statement. ^The sqlite3_column_name()
+** interface returns a pointer to a zero-terminated UTF-8 string
+** and sqlite3_column_name16() returns a pointer to a zero-terminated
+** UTF-16 string. ^The first parameter is the [prepared statement]
+** that implements the [SELECT] statement. ^The second parameter is the
+** column number. ^The leftmost column is number 0.
+**
+** ^The returned string pointer is valid until either the [prepared statement]
+** is destroyed by [sqlite3_finalize()] or until the statement is automatically
+** reprepared by the first call to [sqlite3_step()] for a particular run
+** or until the next call to
+** sqlite3_column_name() or sqlite3_column_name16() on the same column.
+**
+** ^If sqlite3_malloc() fails during the processing of either routine
+** (for example during a conversion from UTF-8 to UTF-16) then a
+** NULL pointer is returned.
+**
+** ^The name of a result column is the value of the "AS" clause for
+** that column, if there is an AS clause. If there is no AS clause
+** then the name of the column is unspecified and may change from
+** one release of SQLite to the next.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_name(sqlite3_stmt*, int N);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_name16(sqlite3_stmt*, int N);
+
+/*
+** CAPI3REF: Source Of Data In A Query Result
+** METHOD: sqlite3_stmt
+**
+** ^These routines provide a means to determine the database, table, and
+** table column that is the origin of a particular result column in
+** [SELECT] statement.
+** ^The name of the database or table or column can be returned as
+** either a UTF-8 or UTF-16 string. ^The _database_ routines return
+** the database name, the _table_ routines return the table name, and
+** the origin_ routines return the column name.
+** ^The returned string is valid until the [prepared statement] is destroyed
+** using [sqlite3_finalize()] or until the statement is automatically
+** reprepared by the first call to [sqlite3_step()] for a particular run
+** or until the same information is requested
+** again in a different encoding.
+**
+** ^The names returned are the original un-aliased names of the
+** database, table, and column.
+**
+** ^The first argument to these interfaces is a [prepared statement].
+** ^These functions return information about the Nth result column returned by
+** the statement, where N is the second function argument.
+** ^The left-most column is column 0 for these routines.
+**
+** ^If the Nth column returned by the statement is an expression or
+** subquery and is not a column value, then all of these functions return
+** NULL. ^These routine might also return NULL if a memory allocation error
+** occurs. ^Otherwise, they return the name of the attached database, table,
+** or column that query result column was extracted from.
+**
+** ^As with all other SQLite APIs, those whose names end with "16" return
+** UTF-16 encoded strings and the other functions return UTF-8.
+**
+** ^These APIs are only available if the library was compiled with the
+** [SQLITE_ENABLE_COLUMN_METADATA] C-preprocessor symbol.
+**
+** If two or more threads call one or more of these routines against the same
+** prepared statement and column at the same time then the results are
+** undefined.
+**
+** If two or more threads call one or more
+** [sqlite3_column_database_name | column metadata interfaces]
+** for the same [prepared statement] and result column
+** at the same time then the results are undefined.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_database_name(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_database_name16(sqlite3_stmt*,int);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_table_name(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_table_name16(sqlite3_stmt*,int);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_origin_name(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_origin_name16(sqlite3_stmt*,int);
+
+/*
+** CAPI3REF: Declared Datatype Of A Query Result
+** METHOD: sqlite3_stmt
+**
+** ^(The first parameter is a [prepared statement].
+** If this statement is a [SELECT] statement and the Nth column of the
+** returned result set of that [SELECT] is a table column (not an
+** expression or subquery) then the declared type of the table
+** column is returned.)^ ^If the Nth column of the result set is an
+** expression or subquery, then a NULL pointer is returned.
+** ^The returned string is always UTF-8 encoded.
+**
+** ^(For example, given the database schema:
+**
+** CREATE TABLE t1(c1 VARIANT);
+**
+** and the following statement to be compiled:
+**
+** SELECT c1 + 1, c1 FROM t1;
+**
+** this routine would return the string "VARIANT" for the second result
+** column (i==1), and a NULL pointer for the first result column (i==0).)^
+**
+** ^SQLite uses dynamic run-time typing. ^So just because a column
+** is declared to contain a particular type does not mean that the
+** data stored in that column is of the declared type. SQLite is
+** strongly typed, but the typing is dynamic not static. ^Type
+** is associated with individual values, not with the containers
+** used to hold those values.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_decltype(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_decltype16(sqlite3_stmt*,int);
+
+/*
+** CAPI3REF: Evaluate An SQL Statement
+** METHOD: sqlite3_stmt
+**
+** After a [prepared statement] has been prepared using either
+** [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()] or one of the legacy
+** interfaces [sqlite3_prepare()] or [sqlite3_prepare16()], this function
+** must be called one or more times to evaluate the statement.
+**
+** The details of the behavior of the sqlite3_step() interface depend
+** on whether the statement was prepared using the newer "v2" interface
+** [sqlite3_prepare_v2()] and [sqlite3_prepare16_v2()] or the older legacy
+** interface [sqlite3_prepare()] and [sqlite3_prepare16()]. The use of the
+** new "v2" interface is recommended for new applications but the legacy
+** interface will continue to be supported.
+**
+** ^In the legacy interface, the return value will be either [SQLITE_BUSY],
+** [SQLITE_DONE], [SQLITE_ROW], [SQLITE_ERROR], or [SQLITE_MISUSE].
+** ^With the "v2" interface, any of the other [result codes] or
+** [extended result codes] might be returned as well.
+**
+** ^[SQLITE_BUSY] means that the database engine was unable to acquire the
+** database locks it needs to do its job. ^If the statement is a [COMMIT]
+** or occurs outside of an explicit transaction, then you can retry the
+** statement. If the statement is not a [COMMIT] and occurs within an
+** explicit transaction then you should rollback the transaction before
+** continuing.
+**
+** ^[SQLITE_DONE] means that the statement has finished executing
+** successfully. sqlite3_step() should not be called again on this virtual
+** machine without first calling [sqlite3_reset()] to reset the virtual
+** machine back to its initial state.
+**
+** ^If the SQL statement being executed returns any data, then [SQLITE_ROW]
+** is returned each time a new row of data is ready for processing by the
+** caller. The values may be accessed using the [column access functions].
+** sqlite3_step() is called again to retrieve the next row of data.
+**
+** ^[SQLITE_ERROR] means that a run-time error (such as a constraint
+** violation) has occurred. sqlite3_step() should not be called again on
+** the VM. More information may be found by calling [sqlite3_errmsg()].
+** ^With the legacy interface, a more specific error code (for example,
+** [SQLITE_INTERRUPT], [SQLITE_SCHEMA], [SQLITE_CORRUPT], and so forth)
+** can be obtained by calling [sqlite3_reset()] on the
+** [prepared statement]. ^In the "v2" interface,
+** the more specific error code is returned directly by sqlite3_step().
+**
+** [SQLITE_MISUSE] means that the this routine was called inappropriately.
+** Perhaps it was called on a [prepared statement] that has
+** already been [sqlite3_finalize | finalized] or on one that had
+** previously returned [SQLITE_ERROR] or [SQLITE_DONE]. Or it could
+** be the case that the same database connection is being used by two or
+** more threads at the same moment in time.
+**
+** For all versions of SQLite up to and including 3.6.23.1, a call to
+** [sqlite3_reset()] was required after sqlite3_step() returned anything
+** other than [SQLITE_ROW] before any subsequent invocation of
+** sqlite3_step(). Failure to reset the prepared statement using
+** [sqlite3_reset()] would result in an [SQLITE_MISUSE] return from
+** sqlite3_step(). But after version 3.6.23.1, sqlite3_step() began
+** calling [sqlite3_reset()] automatically in this circumstance rather
+** than returning [SQLITE_MISUSE]. This is not considered a compatibility
+** break because any application that ever receives an SQLITE_MISUSE error
+** is broken by definition. The [SQLITE_OMIT_AUTORESET] compile-time option
+** can be used to restore the legacy behavior.
+**
+** <b>Goofy Interface Alert:</b> In the legacy interface, the sqlite3_step()
+** API always returns a generic error code, [SQLITE_ERROR], following any
+** error other than [SQLITE_BUSY] and [SQLITE_MISUSE]. You must call
+** [sqlite3_reset()] or [sqlite3_finalize()] in order to find one of the
+** specific [error codes] that better describes the error.
+** We admit that this is a goofy design. The problem has been fixed
+** with the "v2" interface. If you prepare all of your SQL statements
+** using either [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()] instead
+** of the legacy [sqlite3_prepare()] and [sqlite3_prepare16()] interfaces,
+** then the more specific [error codes] are returned directly
+** by sqlite3_step(). The use of the "v2" interface is recommended.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_step(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Number of columns in a result set
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_data_count(P) interface returns the number of columns in the
+** current row of the result set of [prepared statement] P.
+** ^If prepared statement P does not have results ready to return
+** (via calls to the [sqlite3_column_int | sqlite3_column_*()] of
+** interfaces) then sqlite3_data_count(P) returns 0.
+** ^The sqlite3_data_count(P) routine also returns 0 if P is a NULL pointer.
+** ^The sqlite3_data_count(P) routine returns 0 if the previous call to
+** [sqlite3_step](P) returned [SQLITE_DONE]. ^The sqlite3_data_count(P)
+** will return non-zero if previous call to [sqlite3_step](P) returned
+** [SQLITE_ROW], except in the case of the [PRAGMA incremental_vacuum]
+** where it always returns zero since each step of that multi-step
+** pragma returns 0 columns of data.
+**
+** See also: [sqlite3_column_count()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_data_count(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Fundamental Datatypes
+** KEYWORDS: SQLITE_TEXT
+**
+** ^(Every value in SQLite has one of five fundamental datatypes:
+**
+** <ul>
+** <li> 64-bit signed integer
+** <li> 64-bit IEEE floating point number
+** <li> string
+** <li> BLOB
+** <li> NULL
+** </ul>)^
+**
+** These constants are codes for each of those types.
+**
+** Note that the SQLITE_TEXT constant was also used in SQLite version 2
+** for a completely different meaning. Software that links against both
+** SQLite version 2 and SQLite version 3 should use SQLITE3_TEXT, not
+** SQLITE_TEXT.
+*/
+#define SQLITE_INTEGER 1
+#define SQLITE_FLOAT 2
+#define SQLITE_BLOB 4
+#define SQLITE_NULL 5
+#ifdef SQLITE_TEXT
+# undef SQLITE_TEXT
+#else
+# define SQLITE_TEXT 3
+#endif
+#define SQLITE3_TEXT 3
+
+/*
+** CAPI3REF: Result Values From A Query
+** KEYWORDS: {column access functions}
+** METHOD: sqlite3_stmt
+**
+** ^These routines return information about a single column of the current
+** result row of a query. ^In every case the first argument is a pointer
+** to the [prepared statement] that is being evaluated (the [sqlite3_stmt*]
+** that was returned from [sqlite3_prepare_v2()] or one of its variants)
+** and the second argument is the index of the column for which information
+** should be returned. ^The leftmost column of the result set has the index 0.
+** ^The number of columns in the result can be determined using
+** [sqlite3_column_count()].
+**
+** If the SQL statement does not currently point to a valid row, or if the
+** column index is out of range, the result is undefined.
+** These routines may only be called when the most recent call to
+** [sqlite3_step()] has returned [SQLITE_ROW] and neither
+** [sqlite3_reset()] nor [sqlite3_finalize()] have been called subsequently.
+** If any of these routines are called after [sqlite3_reset()] or
+** [sqlite3_finalize()] or after [sqlite3_step()] has returned
+** something other than [SQLITE_ROW], the results are undefined.
+** If [sqlite3_step()] or [sqlite3_reset()] or [sqlite3_finalize()]
+** are called from a different thread while any of these routines
+** are pending, then the results are undefined.
+**
+** ^The sqlite3_column_type() routine returns the
+** [SQLITE_INTEGER | datatype code] for the initial data type
+** of the result column. ^The returned value is one of [SQLITE_INTEGER],
+** [SQLITE_FLOAT], [SQLITE_TEXT], [SQLITE_BLOB], or [SQLITE_NULL]. The value
+** returned by sqlite3_column_type() is only meaningful if no type
+** conversions have occurred as described below. After a type conversion,
+** the value returned by sqlite3_column_type() is undefined. Future
+** versions of SQLite may change the behavior of sqlite3_column_type()
+** following a type conversion.
+**
+** ^If the result is a BLOB or UTF-8 string then the sqlite3_column_bytes()
+** routine returns the number of bytes in that BLOB or string.
+** ^If the result is a UTF-16 string, then sqlite3_column_bytes() converts
+** the string to UTF-8 and then returns the number of bytes.
+** ^If the result is a numeric value then sqlite3_column_bytes() uses
+** [sqlite3_snprintf()] to convert that value to a UTF-8 string and returns
+** the number of bytes in that string.
+** ^If the result is NULL, then sqlite3_column_bytes() returns zero.
+**
+** ^If the result is a BLOB or UTF-16 string then the sqlite3_column_bytes16()
+** routine returns the number of bytes in that BLOB or string.
+** ^If the result is a UTF-8 string, then sqlite3_column_bytes16() converts
+** the string to UTF-16 and then returns the number of bytes.
+** ^If the result is a numeric value then sqlite3_column_bytes16() uses
+** [sqlite3_snprintf()] to convert that value to a UTF-16 string and returns
+** the number of bytes in that string.
+** ^If the result is NULL, then sqlite3_column_bytes16() returns zero.
+**
+** ^The values returned by [sqlite3_column_bytes()] and
+** [sqlite3_column_bytes16()] do not include the zero terminators at the end
+** of the string. ^For clarity: the values returned by
+** [sqlite3_column_bytes()] and [sqlite3_column_bytes16()] are the number of
+** bytes in the string, not the number of characters.
+**
+** ^Strings returned by sqlite3_column_text() and sqlite3_column_text16(),
+** even empty strings, are always zero-terminated. ^The return
+** value from sqlite3_column_blob() for a zero-length BLOB is a NULL pointer.
+**
+** <b>Warning:</b> ^The object returned by [sqlite3_column_value()] is an
+** [unprotected sqlite3_value] object. In a multithreaded environment,
+** an unprotected sqlite3_value object may only be used safely with
+** [sqlite3_bind_value()] and [sqlite3_result_value()].
+** If the [unprotected sqlite3_value] object returned by
+** [sqlite3_column_value()] is used in any other way, including calls
+** to routines like [sqlite3_value_int()], [sqlite3_value_text()],
+** or [sqlite3_value_bytes()], the behavior is not threadsafe.
+**
+** These routines attempt to convert the value where appropriate. ^For
+** example, if the internal representation is FLOAT and a text result
+** is requested, [sqlite3_snprintf()] is used internally to perform the
+** conversion automatically. ^(The following table details the conversions
+** that are applied:
+**
+** <blockquote>
+** <table border="1">
+** <tr><th> Internal<br>Type <th> Requested<br>Type <th> Conversion
+**
+** <tr><td> NULL <td> INTEGER <td> Result is 0
+** <tr><td> NULL <td> FLOAT <td> Result is 0.0
+** <tr><td> NULL <td> TEXT <td> Result is a NULL pointer
+** <tr><td> NULL <td> BLOB <td> Result is a NULL pointer
+** <tr><td> INTEGER <td> FLOAT <td> Convert from integer to float
+** <tr><td> INTEGER <td> TEXT <td> ASCII rendering of the integer
+** <tr><td> INTEGER <td> BLOB <td> Same as INTEGER->TEXT
+** <tr><td> FLOAT <td> INTEGER <td> [CAST] to INTEGER
+** <tr><td> FLOAT <td> TEXT <td> ASCII rendering of the float
+** <tr><td> FLOAT <td> BLOB <td> [CAST] to BLOB
+** <tr><td> TEXT <td> INTEGER <td> [CAST] to INTEGER
+** <tr><td> TEXT <td> FLOAT <td> [CAST] to REAL
+** <tr><td> TEXT <td> BLOB <td> No change
+** <tr><td> BLOB <td> INTEGER <td> [CAST] to INTEGER
+** <tr><td> BLOB <td> FLOAT <td> [CAST] to REAL
+** <tr><td> BLOB <td> TEXT <td> Add a zero terminator if needed
+** </table>
+** </blockquote>)^
+**
+** Note that when type conversions occur, pointers returned by prior
+** calls to sqlite3_column_blob(), sqlite3_column_text(), and/or
+** sqlite3_column_text16() may be invalidated.
+** Type conversions and pointer invalidations might occur
+** in the following cases:
+**
+** <ul>
+** <li> The initial content is a BLOB and sqlite3_column_text() or
+** sqlite3_column_text16() is called. A zero-terminator might
+** need to be added to the string.</li>
+** <li> The initial content is UTF-8 text and sqlite3_column_bytes16() or
+** sqlite3_column_text16() is called. The content must be converted
+** to UTF-16.</li>
+** <li> The initial content is UTF-16 text and sqlite3_column_bytes() or
+** sqlite3_column_text() is called. The content must be converted
+** to UTF-8.</li>
+** </ul>
+**
+** ^Conversions between UTF-16be and UTF-16le are always done in place and do
+** not invalidate a prior pointer, though of course the content of the buffer
+** that the prior pointer references will have been modified. Other kinds
+** of conversion are done in place when it is possible, but sometimes they
+** are not possible and in those cases prior pointers are invalidated.
+**
+** The safest policy is to invoke these routines
+** in one of the following ways:
+**
+** <ul>
+** <li>sqlite3_column_text() followed by sqlite3_column_bytes()</li>
+** <li>sqlite3_column_blob() followed by sqlite3_column_bytes()</li>
+** <li>sqlite3_column_text16() followed by sqlite3_column_bytes16()</li>
+** </ul>
+**
+** In other words, you should call sqlite3_column_text(),
+** sqlite3_column_blob(), or sqlite3_column_text16() first to force the result
+** into the desired format, then invoke sqlite3_column_bytes() or
+** sqlite3_column_bytes16() to find the size of the result. Do not mix calls
+** to sqlite3_column_text() or sqlite3_column_blob() with calls to
+** sqlite3_column_bytes16(), and do not mix calls to sqlite3_column_text16()
+** with calls to sqlite3_column_bytes().
+**
+** ^The pointers returned are valid until a type conversion occurs as
+** described above, or until [sqlite3_step()] or [sqlite3_reset()] or
+** [sqlite3_finalize()] is called. ^The memory space used to hold strings
+** and BLOBs is freed automatically. Do <em>not</em> pass the pointers returned
+** from [sqlite3_column_blob()], [sqlite3_column_text()], etc. into
+** [sqlite3_free()].
+**
+** ^(If a memory allocation error occurs during the evaluation of any
+** of these routines, a default value is returned. The default value
+** is either the integer 0, the floating point number 0.0, or a NULL
+** pointer. Subsequent calls to [sqlite3_errcode()] will return
+** [SQLITE_NOMEM].)^
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_blob(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_bytes(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_bytes16(sqlite3_stmt*, int iCol);
+SQLITE_API double SQLITE_STDCALL sqlite3_column_double(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_int(sqlite3_stmt*, int iCol);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_column_int64(sqlite3_stmt*, int iCol);
+SQLITE_API const unsigned char *SQLITE_STDCALL sqlite3_column_text(sqlite3_stmt*, int iCol);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_text16(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_type(sqlite3_stmt*, int iCol);
+SQLITE_API sqlite3_value *SQLITE_STDCALL sqlite3_column_value(sqlite3_stmt*, int iCol);
+
+/*
+** CAPI3REF: Destroy A Prepared Statement Object
+** DESTRUCTOR: sqlite3_stmt
+**
+** ^The sqlite3_finalize() function is called to delete a [prepared statement].
+** ^If the most recent evaluation of the statement encountered no errors
+** or if the statement is never been evaluated, then sqlite3_finalize() returns
+** SQLITE_OK. ^If the most recent evaluation of statement S failed, then
+** sqlite3_finalize(S) returns the appropriate [error code] or
+** [extended error code].
+**
+** ^The sqlite3_finalize(S) routine can be called at any point during
+** the life cycle of [prepared statement] S:
+** before statement S is ever evaluated, after
+** one or more calls to [sqlite3_reset()], or after any call
+** to [sqlite3_step()] regardless of whether or not the statement has
+** completed execution.
+**
+** ^Invoking sqlite3_finalize() on a NULL pointer is a harmless no-op.
+**
+** The application must finalize every [prepared statement] in order to avoid
+** resource leaks. It is a grievous error for the application to try to use
+** a prepared statement after it has been finalized. Any use of a prepared
+** statement after it has been finalized can result in undefined and
+** undesirable behavior such as segfaults and heap corruption.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_finalize(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Reset A Prepared Statement Object
+** METHOD: sqlite3_stmt
+**
+** The sqlite3_reset() function is called to reset a [prepared statement]
+** object back to its initial state, ready to be re-executed.
+** ^Any SQL statement variables that had values bound to them using
+** the [sqlite3_bind_blob | sqlite3_bind_*() API] retain their values.
+** Use [sqlite3_clear_bindings()] to reset the bindings.
+**
+** ^The [sqlite3_reset(S)] interface resets the [prepared statement] S
+** back to the beginning of its program.
+**
+** ^If the most recent call to [sqlite3_step(S)] for the
+** [prepared statement] S returned [SQLITE_ROW] or [SQLITE_DONE],
+** or if [sqlite3_step(S)] has never before been called on S,
+** then [sqlite3_reset(S)] returns [SQLITE_OK].
+**
+** ^If the most recent call to [sqlite3_step(S)] for the
+** [prepared statement] S indicated an error, then
+** [sqlite3_reset(S)] returns an appropriate [error code].
+**
+** ^The [sqlite3_reset(S)] interface does not change the values
+** of any [sqlite3_bind_blob|bindings] on the [prepared statement] S.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_reset(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Create Or Redefine SQL Functions
+** KEYWORDS: {function creation routines}
+** KEYWORDS: {application-defined SQL function}
+** KEYWORDS: {application-defined SQL functions}
+** METHOD: sqlite3
+**
+** ^These functions (collectively known as "function creation routines")
+** are used to add SQL functions or aggregates or to redefine the behavior
+** of existing SQL functions or aggregates. The only differences between
+** these routines are the text encoding expected for
+** the second parameter (the name of the function being created)
+** and the presence or absence of a destructor callback for
+** the application data pointer.
+**
+** ^The first parameter is the [database connection] to which the SQL
+** function is to be added. ^If an application uses more than one database
+** connection then application-defined SQL functions must be added
+** to each database connection separately.
+**
+** ^The second parameter is the name of the SQL function to be created or
+** redefined. ^The length of the name is limited to 255 bytes in a UTF-8
+** representation, exclusive of the zero-terminator. ^Note that the name
+** length limit is in UTF-8 bytes, not characters nor UTF-16 bytes.
+** ^Any attempt to create a function with a longer name
+** will result in [SQLITE_MISUSE] being returned.
+**
+** ^The third parameter (nArg)
+** is the number of arguments that the SQL function or
+** aggregate takes. ^If this parameter is -1, then the SQL function or
+** aggregate may take any number of arguments between 0 and the limit
+** set by [sqlite3_limit]([SQLITE_LIMIT_FUNCTION_ARG]). If the third
+** parameter is less than -1 or greater than 127 then the behavior is
+** undefined.
+**
+** ^The fourth parameter, eTextRep, specifies what
+** [SQLITE_UTF8 | text encoding] this SQL function prefers for
+** its parameters. The application should set this parameter to
+** [SQLITE_UTF16LE] if the function implementation invokes
+** [sqlite3_value_text16le()] on an input, or [SQLITE_UTF16BE] if the
+** implementation invokes [sqlite3_value_text16be()] on an input, or
+** [SQLITE_UTF16] if [sqlite3_value_text16()] is used, or [SQLITE_UTF8]
+** otherwise. ^The same SQL function may be registered multiple times using
+** different preferred text encodings, with different implementations for
+** each encoding.
+** ^When multiple implementations of the same function are available, SQLite
+** will pick the one that involves the least amount of data conversion.
+**
+** ^The fourth parameter may optionally be ORed with [SQLITE_DETERMINISTIC]
+** to signal that the function will always return the same result given
+** the same inputs within a single SQL statement. Most SQL functions are
+** deterministic. The built-in [random()] SQL function is an example of a
+** function that is not deterministic. The SQLite query planner is able to
+** perform additional optimizations on deterministic functions, so use
+** of the [SQLITE_DETERMINISTIC] flag is recommended where possible.
+**
+** ^(The fifth parameter is an arbitrary pointer. The implementation of the
+** function can gain access to this pointer using [sqlite3_user_data()].)^
+**
+** ^The sixth, seventh and eighth parameters, xFunc, xStep and xFinal, are
+** pointers to C-language functions that implement the SQL function or
+** aggregate. ^A scalar SQL function requires an implementation of the xFunc
+** callback only; NULL pointers must be passed as the xStep and xFinal
+** parameters. ^An aggregate SQL function requires an implementation of xStep
+** and xFinal and NULL pointer must be passed for xFunc. ^To delete an existing
+** SQL function or aggregate, pass NULL pointers for all three function
+** callbacks.
+**
+** ^(If the ninth parameter to sqlite3_create_function_v2() is not NULL,
+** then it is destructor for the application data pointer.
+** The destructor is invoked when the function is deleted, either by being
+** overloaded or when the database connection closes.)^
+** ^The destructor is also invoked if the call to
+** sqlite3_create_function_v2() fails.
+** ^When the destructor callback of the tenth parameter is invoked, it
+** is passed a single argument which is a copy of the application data
+** pointer which was the fifth parameter to sqlite3_create_function_v2().
+**
+** ^It is permitted to register multiple implementations of the same
+** functions with the same name but with either differing numbers of
+** arguments or differing preferred text encodings. ^SQLite will use
+** the implementation that most closely matches the way in which the
+** SQL function is used. ^A function implementation with a non-negative
+** nArg parameter is a better match than a function implementation with
+** a negative nArg. ^A function where the preferred text encoding
+** matches the database encoding is a better
+** match than a function where the encoding is different.
+** ^A function where the encoding difference is between UTF16le and UTF16be
+** is a closer match than a function where the encoding difference is
+** between UTF8 and UTF16.
+**
+** ^Built-in functions may be overloaded by new application-defined functions.
+**
+** ^An application-defined function is permitted to call other
+** SQLite interfaces. However, such calls must not
+** close the database connection nor finalize or reset the prepared
+** statement in which the function is running.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function(
+ sqlite3 *db,
+ const char *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *pApp,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function16(
+ sqlite3 *db,
+ const void *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *pApp,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function_v2(
+ sqlite3 *db,
+ const char *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *pApp,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*),
+ void(*xDestroy)(void*)
+);
+
+/*
+** CAPI3REF: Text Encodings
+**
+** These constant define integer codes that represent the various
+** text encodings supported by SQLite.
+*/
+#define SQLITE_UTF8 1 /* IMP: R-37514-35566 */
+#define SQLITE_UTF16LE 2 /* IMP: R-03371-37637 */
+#define SQLITE_UTF16BE 3 /* IMP: R-51971-34154 */
+#define SQLITE_UTF16 4 /* Use native byte order */
+#define SQLITE_ANY 5 /* Deprecated */
+#define SQLITE_UTF16_ALIGNED 8 /* sqlite3_create_collation only */
+
+/*
+** CAPI3REF: Function Flags
+**
+** These constants may be ORed together with the
+** [SQLITE_UTF8 | preferred text encoding] as the fourth argument
+** to [sqlite3_create_function()], [sqlite3_create_function16()], or
+** [sqlite3_create_function_v2()].
+*/
+#define SQLITE_DETERMINISTIC 0x800
+
+/*
+** CAPI3REF: Deprecated Functions
+** DEPRECATED
+**
+** These functions are [deprecated]. In order to maintain
+** backwards compatibility with older code, these functions continue
+** to be supported. However, new applications should avoid
+** the use of these functions. To encourage programmers to avoid
+** these functions, we will not explain what they do.
+*/
+#ifndef SQLITE_OMIT_DEPRECATED
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_aggregate_count(sqlite3_context*);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_expired(sqlite3_stmt*);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_transfer_bindings(sqlite3_stmt*, sqlite3_stmt*);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_global_recover(void);
+SQLITE_API SQLITE_DEPRECATED void SQLITE_STDCALL sqlite3_thread_cleanup(void);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_memory_alarm(void(*)(void*,sqlite3_int64,int),
+ void*,sqlite3_int64);
+#endif
+
+/*
+** CAPI3REF: Obtaining SQL Values
+** METHOD: sqlite3_value
+**
+** The C-language implementation of SQL functions and aggregates uses
+** this set of interface routines to access the parameter values on
+** the function or aggregate.
+**
+** The xFunc (for scalar functions) or xStep (for aggregates) parameters
+** to [sqlite3_create_function()] and [sqlite3_create_function16()]
+** define callbacks that implement the SQL functions and aggregates.
+** The 3rd parameter to these callbacks is an array of pointers to
+** [protected sqlite3_value] objects. There is one [sqlite3_value] object for
+** each parameter to the SQL function. These routines are used to
+** extract values from the [sqlite3_value] objects.
+**
+** These routines work only with [protected sqlite3_value] objects.
+** Any attempt to use these routines on an [unprotected sqlite3_value]
+** object results in undefined behavior.
+**
+** ^These routines work just like the corresponding [column access functions]
+** except that these routines take a single [protected sqlite3_value] object
+** pointer instead of a [sqlite3_stmt*] pointer and an integer column number.
+**
+** ^The sqlite3_value_text16() interface extracts a UTF-16 string
+** in the native byte-order of the host machine. ^The
+** sqlite3_value_text16be() and sqlite3_value_text16le() interfaces
+** extract UTF-16 strings as big-endian and little-endian respectively.
+**
+** ^(The sqlite3_value_numeric_type() interface attempts to apply
+** numeric affinity to the value. This means that an attempt is
+** made to convert the value to an integer or floating point. If
+** such a conversion is possible without loss of information (in other
+** words, if the value is a string that looks like a number)
+** then the conversion is performed. Otherwise no conversion occurs.
+** The [SQLITE_INTEGER | datatype] after conversion is returned.)^
+**
+** Please pay particular attention to the fact that the pointer returned
+** from [sqlite3_value_blob()], [sqlite3_value_text()], or
+** [sqlite3_value_text16()] can be invalidated by a subsequent call to
+** [sqlite3_value_bytes()], [sqlite3_value_bytes16()], [sqlite3_value_text()],
+** or [sqlite3_value_text16()].
+**
+** These routines must be called from the same thread as
+** the SQL function that supplied the [sqlite3_value*] parameters.
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_blob(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_bytes(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_bytes16(sqlite3_value*);
+SQLITE_API double SQLITE_STDCALL sqlite3_value_double(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_int(sqlite3_value*);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_value_int64(sqlite3_value*);
+SQLITE_API const unsigned char *SQLITE_STDCALL sqlite3_value_text(sqlite3_value*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16(sqlite3_value*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16le(sqlite3_value*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16be(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_type(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_numeric_type(sqlite3_value*);
+
+/*
+** CAPI3REF: Finding The Subtype Of SQL Values
+** METHOD: sqlite3_value
+**
+** The sqlite3_value_subtype(V) function returns the subtype for
+** an [application-defined SQL function] argument V. The subtype
+** information can be used to pass a limited amount of context from
+** one SQL function to another. Use the [sqlite3_result_subtype()]
+** routine to set the subtype for the return value of an SQL function.
+**
+** SQLite makes no use of subtype itself. It merely passes the subtype
+** from the result of one [application-defined SQL function] into the
+** input of another.
+*/
+SQLITE_API unsigned int SQLITE_STDCALL sqlite3_value_subtype(sqlite3_value*);
+
+/*
+** CAPI3REF: Copy And Free SQL Values
+** METHOD: sqlite3_value
+**
+** ^The sqlite3_value_dup(V) interface makes a copy of the [sqlite3_value]
+** object D and returns a pointer to that copy. ^The [sqlite3_value] returned
+** is a [protected sqlite3_value] object even if the input is not.
+** ^The sqlite3_value_dup(V) interface returns NULL if V is NULL or if a
+** memory allocation fails.
+**
+** ^The sqlite3_value_free(V) interface frees an [sqlite3_value] object
+** previously obtained from [sqlite3_value_dup()]. ^If V is a NULL pointer
+** then sqlite3_value_free(V) is a harmless no-op.
+*/
+SQLITE_API sqlite3_value *SQLITE_STDCALL sqlite3_value_dup(const sqlite3_value*);
+SQLITE_API void SQLITE_STDCALL sqlite3_value_free(sqlite3_value*);
+
+/*
+** CAPI3REF: Obtain Aggregate Function Context
+** METHOD: sqlite3_context
+**
+** Implementations of aggregate SQL functions use this
+** routine to allocate memory for storing their state.
+**
+** ^The first time the sqlite3_aggregate_context(C,N) routine is called
+** for a particular aggregate function, SQLite
+** allocates N of memory, zeroes out that memory, and returns a pointer
+** to the new memory. ^On second and subsequent calls to
+** sqlite3_aggregate_context() for the same aggregate function instance,
+** the same buffer is returned. Sqlite3_aggregate_context() is normally
+** called once for each invocation of the xStep callback and then one
+** last time when the xFinal callback is invoked. ^(When no rows match
+** an aggregate query, the xStep() callback of the aggregate function
+** implementation is never called and xFinal() is called exactly once.
+** In those cases, sqlite3_aggregate_context() might be called for the
+** first time from within xFinal().)^
+**
+** ^The sqlite3_aggregate_context(C,N) routine returns a NULL pointer
+** when first called if N is less than or equal to zero or if a memory
+** allocate error occurs.
+**
+** ^(The amount of space allocated by sqlite3_aggregate_context(C,N) is
+** determined by the N parameter on first successful call. Changing the
+** value of N in subsequent call to sqlite3_aggregate_context() within
+** the same aggregate function instance will not resize the memory
+** allocation.)^ Within the xFinal callback, it is customary to set
+** N=0 in calls to sqlite3_aggregate_context(C,N) so that no
+** pointless memory allocations occur.
+**
+** ^SQLite automatically frees the memory allocated by
+** sqlite3_aggregate_context() when the aggregate query concludes.
+**
+** The first parameter must be a copy of the
+** [sqlite3_context | SQL function context] that is the first parameter
+** to the xStep or xFinal callback routine that implements the aggregate
+** function.
+**
+** This routine must be called from the same thread in which
+** the aggregate SQL function is running.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_aggregate_context(sqlite3_context*, int nBytes);
+
+/*
+** CAPI3REF: User Data For Functions
+** METHOD: sqlite3_context
+**
+** ^The sqlite3_user_data() interface returns a copy of
+** the pointer that was the pUserData parameter (the 5th parameter)
+** of the [sqlite3_create_function()]
+** and [sqlite3_create_function16()] routines that originally
+** registered the application defined function.
+**
+** This routine must be called from the same thread in which
+** the application-defined function is running.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_user_data(sqlite3_context*);
+
+/*
+** CAPI3REF: Database Connection For Functions
+** METHOD: sqlite3_context
+**
+** ^The sqlite3_context_db_handle() interface returns a copy of
+** the pointer to the [database connection] (the 1st parameter)
+** of the [sqlite3_create_function()]
+** and [sqlite3_create_function16()] routines that originally
+** registered the application defined function.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3_context_db_handle(sqlite3_context*);
+
+/*
+** CAPI3REF: Function Auxiliary Data
+** METHOD: sqlite3_context
+**
+** These functions may be used by (non-aggregate) SQL functions to
+** associate metadata with argument values. If the same value is passed to
+** multiple invocations of the same SQL function during query execution, under
+** some circumstances the associated metadata may be preserved. An example
+** of where this might be useful is in a regular-expression matching
+** function. The compiled version of the regular expression can be stored as
+** metadata associated with the pattern string.
+** Then as long as the pattern string remains the same,
+** the compiled regular expression can be reused on multiple
+** invocations of the same function.
+**
+** ^The sqlite3_get_auxdata() interface returns a pointer to the metadata
+** associated by the sqlite3_set_auxdata() function with the Nth argument
+** value to the application-defined function. ^If there is no metadata
+** associated with the function argument, this sqlite3_get_auxdata() interface
+** returns a NULL pointer.
+**
+** ^The sqlite3_set_auxdata(C,N,P,X) interface saves P as metadata for the N-th
+** argument of the application-defined function. ^Subsequent
+** calls to sqlite3_get_auxdata(C,N) return P from the most recent
+** sqlite3_set_auxdata(C,N,P,X) call if the metadata is still valid or
+** NULL if the metadata has been discarded.
+** ^After each call to sqlite3_set_auxdata(C,N,P,X) where X is not NULL,
+** SQLite will invoke the destructor function X with parameter P exactly
+** once, when the metadata is discarded.
+** SQLite is free to discard the metadata at any time, including: <ul>
+** <li> when the corresponding function parameter changes, or
+** <li> when [sqlite3_reset()] or [sqlite3_finalize()] is called for the
+** SQL statement, or
+** <li> when sqlite3_set_auxdata() is invoked again on the same parameter, or
+** <li> during the original sqlite3_set_auxdata() call when a memory
+** allocation error occurs. </ul>)^
+**
+** Note the last bullet in particular. The destructor X in
+** sqlite3_set_auxdata(C,N,P,X) might be called immediately, before the
+** sqlite3_set_auxdata() interface even returns. Hence sqlite3_set_auxdata()
+** should be called near the end of the function implementation and the
+** function implementation should not make any use of P after
+** sqlite3_set_auxdata() has been called.
+**
+** ^(In practice, metadata is preserved between function calls for
+** function parameters that are compile-time constants, including literal
+** values and [parameters] and expressions composed from the same.)^
+**
+** These routines must be called from the same thread in which
+** the SQL function is running.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_get_auxdata(sqlite3_context*, int N);
+SQLITE_API void SQLITE_STDCALL sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(void*));
+
+
+/*
+** CAPI3REF: Constants Defining Special Destructor Behavior
+**
+** These are special values for the destructor that is passed in as the
+** final argument to routines like [sqlite3_result_blob()]. ^If the destructor
+** argument is SQLITE_STATIC, it means that the content pointer is constant
+** and will never change. It does not need to be destroyed. ^The
+** SQLITE_TRANSIENT value means that the content will likely change in
+** the near future and that SQLite should make its own private copy of
+** the content before returning.
+**
+** The typedef is necessary to work around problems in certain
+** C++ compilers.
+*/
+typedef void (*sqlite3_destructor_type)(void*);
+#define SQLITE_STATIC ((sqlite3_destructor_type)0)
+#define SQLITE_TRANSIENT ((sqlite3_destructor_type)-1)
+
+/*
+** CAPI3REF: Setting The Result Of An SQL Function
+** METHOD: sqlite3_context
+**
+** These routines are used by the xFunc or xFinal callbacks that
+** implement SQL functions and aggregates. See
+** [sqlite3_create_function()] and [sqlite3_create_function16()]
+** for additional information.
+**
+** These functions work very much like the [parameter binding] family of
+** functions used to bind values to host parameters in prepared statements.
+** Refer to the [SQL parameter] documentation for additional information.
+**
+** ^The sqlite3_result_blob() interface sets the result from
+** an application-defined function to be the BLOB whose content is pointed
+** to by the second parameter and which is N bytes long where N is the
+** third parameter.
+**
+** ^The sqlite3_result_zeroblob(C,N) and sqlite3_result_zeroblob64(C,N)
+** interfaces set the result of the application-defined function to be
+** a BLOB containing all zero bytes and N bytes in size.
+**
+** ^The sqlite3_result_double() interface sets the result from
+** an application-defined function to be a floating point value specified
+** by its 2nd argument.
+**
+** ^The sqlite3_result_error() and sqlite3_result_error16() functions
+** cause the implemented SQL function to throw an exception.
+** ^SQLite uses the string pointed to by the
+** 2nd parameter of sqlite3_result_error() or sqlite3_result_error16()
+** as the text of an error message. ^SQLite interprets the error
+** message string from sqlite3_result_error() as UTF-8. ^SQLite
+** interprets the string from sqlite3_result_error16() as UTF-16 in native
+** byte order. ^If the third parameter to sqlite3_result_error()
+** or sqlite3_result_error16() is negative then SQLite takes as the error
+** message all text up through the first zero character.
+** ^If the third parameter to sqlite3_result_error() or
+** sqlite3_result_error16() is non-negative then SQLite takes that many
+** bytes (not characters) from the 2nd parameter as the error message.
+** ^The sqlite3_result_error() and sqlite3_result_error16()
+** routines make a private copy of the error message text before
+** they return. Hence, the calling function can deallocate or
+** modify the text after they return without harm.
+** ^The sqlite3_result_error_code() function changes the error code
+** returned by SQLite as a result of an error in a function. ^By default,
+** the error code is SQLITE_ERROR. ^A subsequent call to sqlite3_result_error()
+** or sqlite3_result_error16() resets the error code to SQLITE_ERROR.
+**
+** ^The sqlite3_result_error_toobig() interface causes SQLite to throw an
+** error indicating that a string or BLOB is too long to represent.
+**
+** ^The sqlite3_result_error_nomem() interface causes SQLite to throw an
+** error indicating that a memory allocation failed.
+**
+** ^The sqlite3_result_int() interface sets the return value
+** of the application-defined function to be the 32-bit signed integer
+** value given in the 2nd argument.
+** ^The sqlite3_result_int64() interface sets the return value
+** of the application-defined function to be the 64-bit signed integer
+** value given in the 2nd argument.
+**
+** ^The sqlite3_result_null() interface sets the return value
+** of the application-defined function to be NULL.
+**
+** ^The sqlite3_result_text(), sqlite3_result_text16(),
+** sqlite3_result_text16le(), and sqlite3_result_text16be() interfaces
+** set the return value of the application-defined function to be
+** a text string which is represented as UTF-8, UTF-16 native byte order,
+** UTF-16 little endian, or UTF-16 big endian, respectively.
+** ^The sqlite3_result_text64() interface sets the return value of an
+** application-defined function to be a text string in an encoding
+** specified by the fifth (and last) parameter, which must be one
+** of [SQLITE_UTF8], [SQLITE_UTF16], [SQLITE_UTF16BE], or [SQLITE_UTF16LE].
+** ^SQLite takes the text result from the application from
+** the 2nd parameter of the sqlite3_result_text* interfaces.
+** ^If the 3rd parameter to the sqlite3_result_text* interfaces
+** is negative, then SQLite takes result text from the 2nd parameter
+** through the first zero character.
+** ^If the 3rd parameter to the sqlite3_result_text* interfaces
+** is non-negative, then as many bytes (not characters) of the text
+** pointed to by the 2nd parameter are taken as the application-defined
+** function result. If the 3rd parameter is non-negative, then it
+** must be the byte offset into the string where the NUL terminator would
+** appear if the string where NUL terminated. If any NUL characters occur
+** in the string at a byte offset that is less than the value of the 3rd
+** parameter, then the resulting string will contain embedded NULs and the
+** result of expressions operating on strings with embedded NULs is undefined.
+** ^If the 4th parameter to the sqlite3_result_text* interfaces
+** or sqlite3_result_blob is a non-NULL pointer, then SQLite calls that
+** function as the destructor on the text or BLOB result when it has
+** finished using that result.
+** ^If the 4th parameter to the sqlite3_result_text* interfaces or to
+** sqlite3_result_blob is the special constant SQLITE_STATIC, then SQLite
+** assumes that the text or BLOB result is in constant space and does not
+** copy the content of the parameter nor call a destructor on the content
+** when it has finished using that result.
+** ^If the 4th parameter to the sqlite3_result_text* interfaces
+** or sqlite3_result_blob is the special constant SQLITE_TRANSIENT
+** then SQLite makes a copy of the result into space obtained from
+** from [sqlite3_malloc()] before it returns.
+**
+** ^The sqlite3_result_value() interface sets the result of
+** the application-defined function to be a copy of the
+** [unprotected sqlite3_value] object specified by the 2nd parameter. ^The
+** sqlite3_result_value() interface makes a copy of the [sqlite3_value]
+** so that the [sqlite3_value] specified in the parameter may change or
+** be deallocated after sqlite3_result_value() returns without harm.
+** ^A [protected sqlite3_value] object may always be used where an
+** [unprotected sqlite3_value] object is required, so either
+** kind of [sqlite3_value] object can be used with this interface.
+**
+** If these routines are called from within the different thread
+** than the one containing the application-defined function that received
+** the [sqlite3_context] pointer, the results are undefined.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_result_blob(sqlite3_context*, const void*, int, void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_blob64(sqlite3_context*,const void*,
+ sqlite3_uint64,void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_double(sqlite3_context*, double);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error(sqlite3_context*, const char*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error16(sqlite3_context*, const void*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_toobig(sqlite3_context*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_nomem(sqlite3_context*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_code(sqlite3_context*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_int(sqlite3_context*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_int64(sqlite3_context*, sqlite3_int64);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_null(sqlite3_context*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text(sqlite3_context*, const char*, int, void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text64(sqlite3_context*, const char*,sqlite3_uint64,
+ void(*)(void*), unsigned char encoding);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16(sqlite3_context*, const void*, int, void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16le(sqlite3_context*, const void*, int,void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16be(sqlite3_context*, const void*, int,void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_value(sqlite3_context*, sqlite3_value*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_zeroblob(sqlite3_context*, int n);
+SQLITE_API int SQLITE_STDCALL sqlite3_result_zeroblob64(sqlite3_context*, sqlite3_uint64 n);
+
+
+/*
+** CAPI3REF: Setting The Subtype Of An SQL Function
+** METHOD: sqlite3_context
+**
+** The sqlite3_result_subtype(C,T) function causes the subtype of
+** the result from the [application-defined SQL function] with
+** [sqlite3_context] C to be the value T. Only the lower 8 bits
+** of the subtype T are preserved in current versions of SQLite;
+** higher order bits are discarded.
+** The number of subtype bytes preserved by SQLite might increase
+** in future releases of SQLite.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_result_subtype(sqlite3_context*,unsigned int);
+
+/*
+** CAPI3REF: Define New Collating Sequences
+** METHOD: sqlite3
+**
+** ^These functions add, remove, or modify a [collation] associated
+** with the [database connection] specified as the first argument.
+**
+** ^The name of the collation is a UTF-8 string
+** for sqlite3_create_collation() and sqlite3_create_collation_v2()
+** and a UTF-16 string in native byte order for sqlite3_create_collation16().
+** ^Collation names that compare equal according to [sqlite3_strnicmp()] are
+** considered to be the same name.
+**
+** ^(The third argument (eTextRep) must be one of the constants:
+** <ul>
+** <li> [SQLITE_UTF8],
+** <li> [SQLITE_UTF16LE],
+** <li> [SQLITE_UTF16BE],
+** <li> [SQLITE_UTF16], or
+** <li> [SQLITE_UTF16_ALIGNED].
+** </ul>)^
+** ^The eTextRep argument determines the encoding of strings passed
+** to the collating function callback, xCallback.
+** ^The [SQLITE_UTF16] and [SQLITE_UTF16_ALIGNED] values for eTextRep
+** force strings to be UTF16 with native byte order.
+** ^The [SQLITE_UTF16_ALIGNED] value for eTextRep forces strings to begin
+** on an even byte address.
+**
+** ^The fourth argument, pArg, is an application data pointer that is passed
+** through as the first argument to the collating function callback.
+**
+** ^The fifth argument, xCallback, is a pointer to the collating function.
+** ^Multiple collating functions can be registered using the same name but
+** with different eTextRep parameters and SQLite will use whichever
+** function requires the least amount of data transformation.
+** ^If the xCallback argument is NULL then the collating function is
+** deleted. ^When all collating functions having the same name are deleted,
+** that collation is no longer usable.
+**
+** ^The collating function callback is invoked with a copy of the pArg
+** application data pointer and with two strings in the encoding specified
+** by the eTextRep argument. The collating function must return an
+** integer that is negative, zero, or positive
+** if the first string is less than, equal to, or greater than the second,
+** respectively. A collating function must always return the same answer
+** given the same inputs. If two or more collating functions are registered
+** to the same collation name (using different eTextRep values) then all
+** must give an equivalent answer when invoked with equivalent strings.
+** The collating function must obey the following properties for all
+** strings A, B, and C:
+**
+** <ol>
+** <li> If A==B then B==A.
+** <li> If A==B and B==C then A==C.
+** <li> If A&lt;B THEN B&gt;A.
+** <li> If A&lt;B and B&lt;C then A&lt;C.
+** </ol>
+**
+** If a collating function fails any of the above constraints and that
+** collating function is registered and used, then the behavior of SQLite
+** is undefined.
+**
+** ^The sqlite3_create_collation_v2() works like sqlite3_create_collation()
+** with the addition that the xDestroy callback is invoked on pArg when
+** the collating function is deleted.
+** ^Collating functions are deleted when they are overridden by later
+** calls to the collation creation functions or when the
+** [database connection] is closed using [sqlite3_close()].
+**
+** ^The xDestroy callback is <u>not</u> called if the
+** sqlite3_create_collation_v2() function fails. Applications that invoke
+** sqlite3_create_collation_v2() with a non-NULL xDestroy argument should
+** check the return code and dispose of the application data pointer
+** themselves rather than expecting SQLite to deal with it for them.
+** This is different from every other SQLite interface. The inconsistency
+** is unfortunate but cannot be changed without breaking backwards
+** compatibility.
+**
+** See also: [sqlite3_collation_needed()] and [sqlite3_collation_needed16()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation(
+ sqlite3*,
+ const char *zName,
+ int eTextRep,
+ void *pArg,
+ int(*xCompare)(void*,int,const void*,int,const void*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation_v2(
+ sqlite3*,
+ const char *zName,
+ int eTextRep,
+ void *pArg,
+ int(*xCompare)(void*,int,const void*,int,const void*),
+ void(*xDestroy)(void*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation16(
+ sqlite3*,
+ const void *zName,
+ int eTextRep,
+ void *pArg,
+ int(*xCompare)(void*,int,const void*,int,const void*)
+);
+
+/*
+** CAPI3REF: Collation Needed Callbacks
+** METHOD: sqlite3
+**
+** ^To avoid having to register all collation sequences before a database
+** can be used, a single callback function may be registered with the
+** [database connection] to be invoked whenever an undefined collation
+** sequence is required.
+**
+** ^If the function is registered using the sqlite3_collation_needed() API,
+** then it is passed the names of undefined collation sequences as strings
+** encoded in UTF-8. ^If sqlite3_collation_needed16() is used,
+** the names are passed as UTF-16 in machine native byte order.
+** ^A call to either function replaces the existing collation-needed callback.
+**
+** ^(When the callback is invoked, the first argument passed is a copy
+** of the second argument to sqlite3_collation_needed() or
+** sqlite3_collation_needed16(). The second argument is the database
+** connection. The third argument is one of [SQLITE_UTF8], [SQLITE_UTF16BE],
+** or [SQLITE_UTF16LE], indicating the most desirable form of the collation
+** sequence function required. The fourth parameter is the name of the
+** required collation sequence.)^
+**
+** The callback function should register the desired collation using
+** [sqlite3_create_collation()], [sqlite3_create_collation16()], or
+** [sqlite3_create_collation_v2()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_collation_needed(
+ sqlite3*,
+ void*,
+ void(*)(void*,sqlite3*,int eTextRep,const char*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_collation_needed16(
+ sqlite3*,
+ void*,
+ void(*)(void*,sqlite3*,int eTextRep,const void*)
+);
+
+#ifdef SQLITE_HAS_CODEC
+/*
+** Specify the key for an encrypted database. This routine should be
+** called right after sqlite3_open().
+**
+** The code to implement this API is not available in the public release
+** of SQLite.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_key(
+ sqlite3 *db, /* Database to be rekeyed */
+ const void *pKey, int nKey /* The key */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_key_v2(
+ sqlite3 *db, /* Database to be rekeyed */
+ const char *zDbName, /* Name of the database */
+ const void *pKey, int nKey /* The key */
+);
+
+/*
+** Change the key on an open database. If the current database is not
+** encrypted, this routine will encrypt it. If pNew==0 or nNew==0, the
+** database is decrypted.
+**
+** The code to implement this API is not available in the public release
+** of SQLite.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rekey(
+ sqlite3 *db, /* Database to be rekeyed */
+ const void *pKey, int nKey /* The new key */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_rekey_v2(
+ sqlite3 *db, /* Database to be rekeyed */
+ const char *zDbName, /* Name of the database */
+ const void *pKey, int nKey /* The new key */
+);
+
+/*
+** Specify the activation key for a SEE database. Unless
+** activated, none of the SEE routines will work.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_activate_see(
+ const char *zPassPhrase /* Activation phrase */
+);
+#endif
+
+#ifdef SQLITE_ENABLE_CEROD
+/*
+** Specify the activation key for a CEROD database. Unless
+** activated, none of the CEROD routines will work.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_activate_cerod(
+ const char *zPassPhrase /* Activation phrase */
+);
+#endif
+
+/*
+** CAPI3REF: Suspend Execution For A Short Time
+**
+** The sqlite3_sleep() function causes the current thread to suspend execution
+** for at least a number of milliseconds specified in its parameter.
+**
+** If the operating system does not support sleep requests with
+** millisecond time resolution, then the time will be rounded up to
+** the nearest second. The number of milliseconds of sleep actually
+** requested from the operating system is returned.
+**
+** ^SQLite implements this interface by calling the xSleep()
+** method of the default [sqlite3_vfs] object. If the xSleep() method
+** of the default VFS is not implemented correctly, or not implemented at
+** all, then the behavior of sqlite3_sleep() may deviate from the description
+** in the previous paragraphs.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_sleep(int);
+
+/*
+** CAPI3REF: Name Of The Folder Holding Temporary Files
+**
+** ^(If this global variable is made to point to a string which is
+** the name of a folder (a.k.a. directory), then all temporary files
+** created by SQLite when using a built-in [sqlite3_vfs | VFS]
+** will be placed in that directory.)^ ^If this variable
+** is a NULL pointer, then SQLite performs a search for an appropriate
+** temporary file directory.
+**
+** Applications are strongly discouraged from using this global variable.
+** It is required to set a temporary folder on Windows Runtime (WinRT).
+** But for all other platforms, it is highly recommended that applications
+** neither read nor write this variable. This global variable is a relic
+** that exists for backwards compatibility of legacy applications and should
+** be avoided in new projects.
+**
+** It is not safe to read or modify this variable in more than one
+** thread at a time. It is not safe to read or modify this variable
+** if a [database connection] is being used at the same time in a separate
+** thread.
+** It is intended that this variable be set once
+** as part of process initialization and before any SQLite interface
+** routines have been called and that this variable remain unchanged
+** thereafter.
+**
+** ^The [temp_store_directory pragma] may modify this variable and cause
+** it to point to memory obtained from [sqlite3_malloc]. ^Furthermore,
+** the [temp_store_directory pragma] always assumes that any string
+** that this variable points to is held in memory obtained from
+** [sqlite3_malloc] and the pragma may attempt to free that memory
+** using [sqlite3_free].
+** Hence, if this variable is modified directly, either it should be
+** made NULL or made to point to memory obtained from [sqlite3_malloc]
+** or else the use of the [temp_store_directory pragma] should be avoided.
+** Except when requested by the [temp_store_directory pragma], SQLite
+** does not free the memory that sqlite3_temp_directory points to. If
+** the application wants that memory to be freed, it must do
+** so itself, taking care to only do so after all [database connection]
+** objects have been destroyed.
+**
+** <b>Note to Windows Runtime users:</b> The temporary directory must be set
+** prior to calling [sqlite3_open] or [sqlite3_open_v2]. Otherwise, various
+** features that require the use of temporary files may fail. Here is an
+** example of how to do this using C++ with the Windows Runtime:
+**
+** <blockquote><pre>
+** LPCWSTR zPath = Windows::Storage::ApplicationData::Current->
+** &nbsp; TemporaryFolder->Path->Data();
+** char zPathBuf&#91;MAX_PATH + 1&#93;;
+** memset(zPathBuf, 0, sizeof(zPathBuf));
+** WideCharToMultiByte(CP_UTF8, 0, zPath, -1, zPathBuf, sizeof(zPathBuf),
+** &nbsp; NULL, NULL);
+** sqlite3_temp_directory = sqlite3_mprintf("%s", zPathBuf);
+** </pre></blockquote>
+*/
+SQLITE_API char *sqlite3_temp_directory;
+
+/*
+** CAPI3REF: Name Of The Folder Holding Database Files
+**
+** ^(If this global variable is made to point to a string which is
+** the name of a folder (a.k.a. directory), then all database files
+** specified with a relative pathname and created or accessed by
+** SQLite when using a built-in windows [sqlite3_vfs | VFS] will be assumed
+** to be relative to that directory.)^ ^If this variable is a NULL
+** pointer, then SQLite assumes that all database files specified
+** with a relative pathname are relative to the current directory
+** for the process. Only the windows VFS makes use of this global
+** variable; it is ignored by the unix VFS.
+**
+** Changing the value of this variable while a database connection is
+** open can result in a corrupt database.
+**
+** It is not safe to read or modify this variable in more than one
+** thread at a time. It is not safe to read or modify this variable
+** if a [database connection] is being used at the same time in a separate
+** thread.
+** It is intended that this variable be set once
+** as part of process initialization and before any SQLite interface
+** routines have been called and that this variable remain unchanged
+** thereafter.
+**
+** ^The [data_store_directory pragma] may modify this variable and cause
+** it to point to memory obtained from [sqlite3_malloc]. ^Furthermore,
+** the [data_store_directory pragma] always assumes that any string
+** that this variable points to is held in memory obtained from
+** [sqlite3_malloc] and the pragma may attempt to free that memory
+** using [sqlite3_free].
+** Hence, if this variable is modified directly, either it should be
+** made NULL or made to point to memory obtained from [sqlite3_malloc]
+** or else the use of the [data_store_directory pragma] should be avoided.
+*/
+SQLITE_API char *sqlite3_data_directory;
+
+/*
+** CAPI3REF: Test For Auto-Commit Mode
+** KEYWORDS: {autocommit mode}
+** METHOD: sqlite3
+**
+** ^The sqlite3_get_autocommit() interface returns non-zero or
+** zero if the given database connection is or is not in autocommit mode,
+** respectively. ^Autocommit mode is on by default.
+** ^Autocommit mode is disabled by a [BEGIN] statement.
+** ^Autocommit mode is re-enabled by a [COMMIT] or [ROLLBACK].
+**
+** If certain kinds of errors occur on a statement within a multi-statement
+** transaction (errors including [SQLITE_FULL], [SQLITE_IOERR],
+** [SQLITE_NOMEM], [SQLITE_BUSY], and [SQLITE_INTERRUPT]) then the
+** transaction might be rolled back automatically. The only way to
+** find out whether SQLite automatically rolled back the transaction after
+** an error is to use this function.
+**
+** If another thread changes the autocommit status of the database
+** connection while this routine is running, then the return value
+** is undefined.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_get_autocommit(sqlite3*);
+
+/*
+** CAPI3REF: Find The Database Handle Of A Prepared Statement
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_db_handle interface returns the [database connection] handle
+** to which a [prepared statement] belongs. ^The [database connection]
+** returned by sqlite3_db_handle is the same [database connection]
+** that was the first argument
+** to the [sqlite3_prepare_v2()] call (or its variants) that was used to
+** create the statement in the first place.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3_db_handle(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Return The Filename For A Database Connection
+** METHOD: sqlite3
+**
+** ^The sqlite3_db_filename(D,N) interface returns a pointer to a filename
+** associated with database N of connection D. ^The main database file
+** has the name "main". If there is no attached database N on the database
+** connection D, or if database N is a temporary or in-memory database, then
+** a NULL pointer is returned.
+**
+** ^The filename returned by this function is the output of the
+** xFullPathname method of the [VFS]. ^In other words, the filename
+** will be an absolute pathname, even if the filename used
+** to open the database originally was a URI or relative pathname.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_db_filename(sqlite3 *db, const char *zDbName);
+
+/*
+** CAPI3REF: Determine if a database is read-only
+** METHOD: sqlite3
+**
+** ^The sqlite3_db_readonly(D,N) interface returns 1 if the database N
+** of connection D is read-only, 0 if it is read/write, or -1 if N is not
+** the name of a database on connection D.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_readonly(sqlite3 *db, const char *zDbName);
+
+/*
+** CAPI3REF: Find the next prepared statement
+** METHOD: sqlite3
+**
+** ^This interface returns a pointer to the next [prepared statement] after
+** pStmt associated with the [database connection] pDb. ^If pStmt is NULL
+** then this interface returns a pointer to the first prepared statement
+** associated with the database connection pDb. ^If no prepared statement
+** satisfies the conditions of this routine, it returns NULL.
+**
+** The [database connection] pointer D in a call to
+** [sqlite3_next_stmt(D,S)] must refer to an open database
+** connection and in particular must not be a NULL pointer.
+*/
+SQLITE_API sqlite3_stmt *SQLITE_STDCALL sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Commit And Rollback Notification Callbacks
+** METHOD: sqlite3
+**
+** ^The sqlite3_commit_hook() interface registers a callback
+** function to be invoked whenever a transaction is [COMMIT | committed].
+** ^Any callback set by a previous call to sqlite3_commit_hook()
+** for the same database connection is overridden.
+** ^The sqlite3_rollback_hook() interface registers a callback
+** function to be invoked whenever a transaction is [ROLLBACK | rolled back].
+** ^Any callback set by a previous call to sqlite3_rollback_hook()
+** for the same database connection is overridden.
+** ^The pArg argument is passed through to the callback.
+** ^If the callback on a commit hook function returns non-zero,
+** then the commit is converted into a rollback.
+**
+** ^The sqlite3_commit_hook(D,C,P) and sqlite3_rollback_hook(D,C,P) functions
+** return the P argument from the previous call of the same function
+** on the same [database connection] D, or NULL for
+** the first call for each function on D.
+**
+** The commit and rollback hook callbacks are not reentrant.
+** The callback implementation must not do anything that will modify
+** the database connection that invoked the callback. Any actions
+** to modify the database connection must be deferred until after the
+** completion of the [sqlite3_step()] call that triggered the commit
+** or rollback hook in the first place.
+** Note that running any other SQL statements, including SELECT statements,
+** or merely calling [sqlite3_prepare_v2()] and [sqlite3_step()] will modify
+** the database connections for the meaning of "modify" in this paragraph.
+**
+** ^Registering a NULL function disables the callback.
+**
+** ^When the commit hook callback routine returns zero, the [COMMIT]
+** operation is allowed to continue normally. ^If the commit hook
+** returns non-zero, then the [COMMIT] is converted into a [ROLLBACK].
+** ^The rollback hook is invoked on a rollback that results from a commit
+** hook returning non-zero, just as it would be with any other rollback.
+**
+** ^For the purposes of this API, a transaction is said to have been
+** rolled back if an explicit "ROLLBACK" statement is executed, or
+** an error or constraint causes an implicit rollback to occur.
+** ^The rollback callback is not invoked if a transaction is
+** automatically rolled back because the database connection is closed.
+**
+** See also the [sqlite3_update_hook()] interface.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_commit_hook(sqlite3*, int(*)(void*), void*);
+SQLITE_API void *SQLITE_STDCALL sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*);
+
+/*
+** CAPI3REF: Data Change Notification Callbacks
+** METHOD: sqlite3
+**
+** ^The sqlite3_update_hook() interface registers a callback function
+** with the [database connection] identified by the first argument
+** to be invoked whenever a row is updated, inserted or deleted in
+** a rowid table.
+** ^Any callback set by a previous call to this function
+** for the same database connection is overridden.
+**
+** ^The second argument is a pointer to the function to invoke when a
+** row is updated, inserted or deleted in a rowid table.
+** ^The first argument to the callback is a copy of the third argument
+** to sqlite3_update_hook().
+** ^The second callback argument is one of [SQLITE_INSERT], [SQLITE_DELETE],
+** or [SQLITE_UPDATE], depending on the operation that caused the callback
+** to be invoked.
+** ^The third and fourth arguments to the callback contain pointers to the
+** database and table name containing the affected row.
+** ^The final callback parameter is the [rowid] of the row.
+** ^In the case of an update, this is the [rowid] after the update takes place.
+**
+** ^(The update hook is not invoked when internal system tables are
+** modified (i.e. sqlite_master and sqlite_sequence).)^
+** ^The update hook is not invoked when [WITHOUT ROWID] tables are modified.
+**
+** ^In the current implementation, the update hook
+** is not invoked when duplication rows are deleted because of an
+** [ON CONFLICT | ON CONFLICT REPLACE] clause. ^Nor is the update hook
+** invoked when rows are deleted using the [truncate optimization].
+** The exceptions defined in this paragraph might change in a future
+** release of SQLite.
+**
+** The update hook implementation must not do anything that will modify
+** the database connection that invoked the update hook. Any actions
+** to modify the database connection must be deferred until after the
+** completion of the [sqlite3_step()] call that triggered the update hook.
+** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
+** database connections for the meaning of "modify" in this paragraph.
+**
+** ^The sqlite3_update_hook(D,C,P) function
+** returns the P argument from the previous call
+** on the same [database connection] D, or NULL for
+** the first call on D.
+**
+** See also the [sqlite3_commit_hook()] and [sqlite3_rollback_hook()]
+** interfaces.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_update_hook(
+ sqlite3*,
+ void(*)(void *,int ,char const *,char const *,sqlite3_int64),
+ void*
+);
+
+/*
+** CAPI3REF: Enable Or Disable Shared Pager Cache
+**
+** ^(This routine enables or disables the sharing of the database cache
+** and schema data structures between [database connection | connections]
+** to the same database. Sharing is enabled if the argument is true
+** and disabled if the argument is false.)^
+**
+** ^Cache sharing is enabled and disabled for an entire process.
+** This is a change as of SQLite version 3.5.0. In prior versions of SQLite,
+** sharing was enabled or disabled for each thread separately.
+**
+** ^(The cache sharing mode set by this interface effects all subsequent
+** calls to [sqlite3_open()], [sqlite3_open_v2()], and [sqlite3_open16()].
+** Existing database connections continue use the sharing mode
+** that was in effect at the time they were opened.)^
+**
+** ^(This routine returns [SQLITE_OK] if shared cache was enabled or disabled
+** successfully. An [error code] is returned otherwise.)^
+**
+** ^Shared cache is disabled by default. But this might change in
+** future releases of SQLite. Applications that care about shared
+** cache setting should set it explicitly.
+**
+** Note: This method is disabled on MacOS X 10.7 and iOS version 5.0
+** and will always return SQLITE_MISUSE. On those systems,
+** shared cache mode should be enabled per-database connection via
+** [sqlite3_open_v2()] with [SQLITE_OPEN_SHAREDCACHE].
+**
+** This interface is threadsafe on processors where writing a
+** 32-bit integer is atomic.
+**
+** See Also: [SQLite Shared-Cache Mode]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_enable_shared_cache(int);
+
+/*
+** CAPI3REF: Attempt To Free Heap Memory
+**
+** ^The sqlite3_release_memory() interface attempts to free N bytes
+** of heap memory by deallocating non-essential memory allocations
+** held by the database library. Memory used to cache database
+** pages to improve performance is an example of non-essential memory.
+** ^sqlite3_release_memory() returns the number of bytes actually freed,
+** which might be more or less than the amount requested.
+** ^The sqlite3_release_memory() routine is a no-op returning zero
+** if SQLite is not compiled with [SQLITE_ENABLE_MEMORY_MANAGEMENT].
+**
+** See also: [sqlite3_db_release_memory()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_release_memory(int);
+
+/*
+** CAPI3REF: Free Memory Used By A Database Connection
+** METHOD: sqlite3
+**
+** ^The sqlite3_db_release_memory(D) interface attempts to free as much heap
+** memory as possible from database connection D. Unlike the
+** [sqlite3_release_memory()] interface, this interface is in effect even
+** when the [SQLITE_ENABLE_MEMORY_MANAGEMENT] compile-time option is
+** omitted.
+**
+** See also: [sqlite3_release_memory()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_release_memory(sqlite3*);
+
+/*
+** CAPI3REF: Impose A Limit On Heap Size
+**
+** ^The sqlite3_soft_heap_limit64() interface sets and/or queries the
+** soft limit on the amount of heap memory that may be allocated by SQLite.
+** ^SQLite strives to keep heap memory utilization below the soft heap
+** limit by reducing the number of pages held in the page cache
+** as heap memory usages approaches the limit.
+** ^The soft heap limit is "soft" because even though SQLite strives to stay
+** below the limit, it will exceed the limit rather than generate
+** an [SQLITE_NOMEM] error. In other words, the soft heap limit
+** is advisory only.
+**
+** ^The return value from sqlite3_soft_heap_limit64() is the size of
+** the soft heap limit prior to the call, or negative in the case of an
+** error. ^If the argument N is negative
+** then no change is made to the soft heap limit. Hence, the current
+** size of the soft heap limit can be determined by invoking
+** sqlite3_soft_heap_limit64() with a negative argument.
+**
+** ^If the argument N is zero then the soft heap limit is disabled.
+**
+** ^(The soft heap limit is not enforced in the current implementation
+** if one or more of following conditions are true:
+**
+** <ul>
+** <li> The soft heap limit is set to zero.
+** <li> Memory accounting is disabled using a combination of the
+** [sqlite3_config]([SQLITE_CONFIG_MEMSTATUS],...) start-time option and
+** the [SQLITE_DEFAULT_MEMSTATUS] compile-time option.
+** <li> An alternative page cache implementation is specified using
+** [sqlite3_config]([SQLITE_CONFIG_PCACHE2],...).
+** <li> The page cache allocates from its own memory pool supplied
+** by [sqlite3_config]([SQLITE_CONFIG_PAGECACHE],...) rather than
+** from the heap.
+** </ul>)^
+**
+** Beginning with SQLite version 3.7.3, the soft heap limit is enforced
+** regardless of whether or not the [SQLITE_ENABLE_MEMORY_MANAGEMENT]
+** compile-time option is invoked. With [SQLITE_ENABLE_MEMORY_MANAGEMENT],
+** the soft heap limit is enforced on every memory allocation. Without
+** [SQLITE_ENABLE_MEMORY_MANAGEMENT], the soft heap limit is only enforced
+** when memory is allocated by the page cache. Testing suggests that because
+** the page cache is the predominate memory user in SQLite, most
+** applications will achieve adequate soft heap limit enforcement without
+** the use of [SQLITE_ENABLE_MEMORY_MANAGEMENT].
+**
+** The circumstances under which SQLite will enforce the soft heap limit may
+** changes in future releases of SQLite.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_soft_heap_limit64(sqlite3_int64 N);
+
+/*
+** CAPI3REF: Deprecated Soft Heap Limit Interface
+** DEPRECATED
+**
+** This is a deprecated version of the [sqlite3_soft_heap_limit64()]
+** interface. This routine is provided for historical compatibility
+** only. All new applications should use the
+** [sqlite3_soft_heap_limit64()] interface rather than this one.
+*/
+SQLITE_API SQLITE_DEPRECATED void SQLITE_STDCALL sqlite3_soft_heap_limit(int N);
+
+
+/*
+** CAPI3REF: Extract Metadata About A Column Of A Table
+** METHOD: sqlite3
+**
+** ^(The sqlite3_table_column_metadata(X,D,T,C,....) routine returns
+** information about column C of table T in database D
+** on [database connection] X.)^ ^The sqlite3_table_column_metadata()
+** interface returns SQLITE_OK and fills in the non-NULL pointers in
+** the final five arguments with appropriate values if the specified
+** column exists. ^The sqlite3_table_column_metadata() interface returns
+** SQLITE_ERROR and if the specified column does not exist.
+** ^If the column-name parameter to sqlite3_table_column_metadata() is a
+** NULL pointer, then this routine simply checks for the existance of the
+** table and returns SQLITE_OK if the table exists and SQLITE_ERROR if it
+** does not.
+**
+** ^The column is identified by the second, third and fourth parameters to
+** this function. ^(The second parameter is either the name of the database
+** (i.e. "main", "temp", or an attached database) containing the specified
+** table or NULL.)^ ^If it is NULL, then all attached databases are searched
+** for the table using the same algorithm used by the database engine to
+** resolve unqualified table references.
+**
+** ^The third and fourth parameters to this function are the table and column
+** name of the desired column, respectively.
+**
+** ^Metadata is returned by writing to the memory locations passed as the 5th
+** and subsequent parameters to this function. ^Any of these arguments may be
+** NULL, in which case the corresponding element of metadata is omitted.
+**
+** ^(<blockquote>
+** <table border="1">
+** <tr><th> Parameter <th> Output<br>Type <th> Description
+**
+** <tr><td> 5th <td> const char* <td> Data type
+** <tr><td> 6th <td> const char* <td> Name of default collation sequence
+** <tr><td> 7th <td> int <td> True if column has a NOT NULL constraint
+** <tr><td> 8th <td> int <td> True if column is part of the PRIMARY KEY
+** <tr><td> 9th <td> int <td> True if column is [AUTOINCREMENT]
+** </table>
+** </blockquote>)^
+**
+** ^The memory pointed to by the character pointers returned for the
+** declaration type and collation sequence is valid until the next
+** call to any SQLite API function.
+**
+** ^If the specified table is actually a view, an [error code] is returned.
+**
+** ^If the specified column is "rowid", "oid" or "_rowid_" and the table
+** is not a [WITHOUT ROWID] table and an
+** [INTEGER PRIMARY KEY] column has been explicitly declared, then the output
+** parameters are set for the explicitly declared column. ^(If there is no
+** [INTEGER PRIMARY KEY] column, then the outputs
+** for the [rowid] are set as follows:
+**
+** <pre>
+** data type: "INTEGER"
+** collation sequence: "BINARY"
+** not null: 0
+** primary key: 1
+** auto increment: 0
+** </pre>)^
+**
+** ^This function causes all database schemas to be read from disk and
+** parsed, if that has not already been done, and returns an error if
+** any errors are encountered while loading the schema.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_table_column_metadata(
+ sqlite3 *db, /* Connection handle */
+ const char *zDbName, /* Database name or NULL */
+ const char *zTableName, /* Table name */
+ const char *zColumnName, /* Column name */
+ char const **pzDataType, /* OUTPUT: Declared data type */
+ char const **pzCollSeq, /* OUTPUT: Collation sequence name */
+ int *pNotNull, /* OUTPUT: True if NOT NULL constraint exists */
+ int *pPrimaryKey, /* OUTPUT: True if column part of PK */
+ int *pAutoinc /* OUTPUT: True if column is auto-increment */
+);
+
+/*
+** CAPI3REF: Load An Extension
+** METHOD: sqlite3
+**
+** ^This interface loads an SQLite extension library from the named file.
+**
+** ^The sqlite3_load_extension() interface attempts to load an
+** [SQLite extension] library contained in the file zFile. If
+** the file cannot be loaded directly, attempts are made to load
+** with various operating-system specific extensions added.
+** So for example, if "samplelib" cannot be loaded, then names like
+** "samplelib.so" or "samplelib.dylib" or "samplelib.dll" might
+** be tried also.
+**
+** ^The entry point is zProc.
+** ^(zProc may be 0, in which case SQLite will try to come up with an
+** entry point name on its own. It first tries "sqlite3_extension_init".
+** If that does not work, it constructs a name "sqlite3_X_init" where the
+** X is consists of the lower-case equivalent of all ASCII alphabetic
+** characters in the filename from the last "/" to the first following
+** "." and omitting any initial "lib".)^
+** ^The sqlite3_load_extension() interface returns
+** [SQLITE_OK] on success and [SQLITE_ERROR] if something goes wrong.
+** ^If an error occurs and pzErrMsg is not 0, then the
+** [sqlite3_load_extension()] interface shall attempt to
+** fill *pzErrMsg with error message text stored in memory
+** obtained from [sqlite3_malloc()]. The calling function
+** should free this memory by calling [sqlite3_free()].
+**
+** ^Extension loading must be enabled using
+** [sqlite3_enable_load_extension()] prior to calling this API,
+** otherwise an error will be returned.
+**
+** See also the [load_extension() SQL function].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_load_extension(
+ sqlite3 *db, /* Load the extension into this database connection */
+ const char *zFile, /* Name of the shared library containing extension */
+ const char *zProc, /* Entry point. Derived from zFile if 0 */
+ char **pzErrMsg /* Put error message here if not 0 */
+);
+
+/*
+** CAPI3REF: Enable Or Disable Extension Loading
+** METHOD: sqlite3
+**
+** ^So as not to open security holes in older applications that are
+** unprepared to deal with [extension loading], and as a means of disabling
+** [extension loading] while evaluating user-entered SQL, the following API
+** is provided to turn the [sqlite3_load_extension()] mechanism on and off.
+**
+** ^Extension loading is off by default.
+** ^Call the sqlite3_enable_load_extension() routine with onoff==1
+** to turn extension loading on and call it with onoff==0 to turn
+** it back off again.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_enable_load_extension(sqlite3 *db, int onoff);
+
+/*
+** CAPI3REF: Automatically Load Statically Linked Extensions
+**
+** ^This interface causes the xEntryPoint() function to be invoked for
+** each new [database connection] that is created. The idea here is that
+** xEntryPoint() is the entry point for a statically linked [SQLite extension]
+** that is to be automatically loaded into all new database connections.
+**
+** ^(Even though the function prototype shows that xEntryPoint() takes
+** no arguments and returns void, SQLite invokes xEntryPoint() with three
+** arguments and expects and integer result as if the signature of the
+** entry point where as follows:
+**
+** <blockquote><pre>
+** &nbsp; int xEntryPoint(
+** &nbsp; sqlite3 *db,
+** &nbsp; const char **pzErrMsg,
+** &nbsp; const struct sqlite3_api_routines *pThunk
+** &nbsp; );
+** </pre></blockquote>)^
+**
+** If the xEntryPoint routine encounters an error, it should make *pzErrMsg
+** point to an appropriate error message (obtained from [sqlite3_mprintf()])
+** and return an appropriate [error code]. ^SQLite ensures that *pzErrMsg
+** is NULL before calling the xEntryPoint(). ^SQLite will invoke
+** [sqlite3_free()] on *pzErrMsg after xEntryPoint() returns. ^If any
+** xEntryPoint() returns an error, the [sqlite3_open()], [sqlite3_open16()],
+** or [sqlite3_open_v2()] call that provoked the xEntryPoint() will fail.
+**
+** ^Calling sqlite3_auto_extension(X) with an entry point X that is already
+** on the list of automatic extensions is a harmless no-op. ^No entry point
+** will be called more than once for each database connection that is opened.
+**
+** See also: [sqlite3_reset_auto_extension()]
+** and [sqlite3_cancel_auto_extension()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_auto_extension(void (*xEntryPoint)(void));
+
+/*
+** CAPI3REF: Cancel Automatic Extension Loading
+**
+** ^The [sqlite3_cancel_auto_extension(X)] interface unregisters the
+** initialization routine X that was registered using a prior call to
+** [sqlite3_auto_extension(X)]. ^The [sqlite3_cancel_auto_extension(X)]
+** routine returns 1 if initialization routine X was successfully
+** unregistered and it returns 0 if X was not on the list of initialization
+** routines.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_cancel_auto_extension(void (*xEntryPoint)(void));
+
+/*
+** CAPI3REF: Reset Automatic Extension Loading
+**
+** ^This interface disables all automatic extensions previously
+** registered using [sqlite3_auto_extension()].
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_reset_auto_extension(void);
+
+/*
+** The interface to the virtual-table mechanism is currently considered
+** to be experimental. The interface might change in incompatible ways.
+** If this is a problem for you, do not use the interface at this time.
+**
+** When the virtual-table mechanism stabilizes, we will declare the
+** interface fixed, support it indefinitely, and remove this comment.
+*/
+
+/*
+** Structures used by the virtual table interface
+*/
+typedef struct sqlite3_vtab sqlite3_vtab;
+typedef struct sqlite3_index_info sqlite3_index_info;
+typedef struct sqlite3_vtab_cursor sqlite3_vtab_cursor;
+typedef struct sqlite3_module sqlite3_module;
+
+/*
+** CAPI3REF: Virtual Table Object
+** KEYWORDS: sqlite3_module {virtual table module}
+**
+** This structure, sometimes called a "virtual table module",
+** defines the implementation of a [virtual tables].
+** This structure consists mostly of methods for the module.
+**
+** ^A virtual table module is created by filling in a persistent
+** instance of this structure and passing a pointer to that instance
+** to [sqlite3_create_module()] or [sqlite3_create_module_v2()].
+** ^The registration remains valid until it is replaced by a different
+** module or until the [database connection] closes. The content
+** of this structure must not change while it is registered with
+** any database connection.
+*/
+struct sqlite3_module {
+ int iVersion;
+ int (*xCreate)(sqlite3*, void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVTab, char**);
+ int (*xConnect)(sqlite3*, void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVTab, char**);
+ int (*xBestIndex)(sqlite3_vtab *pVTab, sqlite3_index_info*);
+ int (*xDisconnect)(sqlite3_vtab *pVTab);
+ int (*xDestroy)(sqlite3_vtab *pVTab);
+ int (*xOpen)(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCursor);
+ int (*xClose)(sqlite3_vtab_cursor*);
+ int (*xFilter)(sqlite3_vtab_cursor*, int idxNum, const char *idxStr,
+ int argc, sqlite3_value **argv);
+ int (*xNext)(sqlite3_vtab_cursor*);
+ int (*xEof)(sqlite3_vtab_cursor*);
+ int (*xColumn)(sqlite3_vtab_cursor*, sqlite3_context*, int);
+ int (*xRowid)(sqlite3_vtab_cursor*, sqlite3_int64 *pRowid);
+ int (*xUpdate)(sqlite3_vtab *, int, sqlite3_value **, sqlite3_int64 *);
+ int (*xBegin)(sqlite3_vtab *pVTab);
+ int (*xSync)(sqlite3_vtab *pVTab);
+ int (*xCommit)(sqlite3_vtab *pVTab);
+ int (*xRollback)(sqlite3_vtab *pVTab);
+ int (*xFindFunction)(sqlite3_vtab *pVtab, int nArg, const char *zName,
+ void (**pxFunc)(sqlite3_context*,int,sqlite3_value**),
+ void **ppArg);
+ int (*xRename)(sqlite3_vtab *pVtab, const char *zNew);
+ /* The methods above are in version 1 of the sqlite_module object. Those
+ ** below are for version 2 and greater. */
+ int (*xSavepoint)(sqlite3_vtab *pVTab, int);
+ int (*xRelease)(sqlite3_vtab *pVTab, int);
+ int (*xRollbackTo)(sqlite3_vtab *pVTab, int);
+};
+
+/*
+** CAPI3REF: Virtual Table Indexing Information
+** KEYWORDS: sqlite3_index_info
+**
+** The sqlite3_index_info structure and its substructures is used as part
+** of the [virtual table] interface to
+** pass information into and receive the reply from the [xBestIndex]
+** method of a [virtual table module]. The fields under **Inputs** are the
+** inputs to xBestIndex and are read-only. xBestIndex inserts its
+** results into the **Outputs** fields.
+**
+** ^(The aConstraint[] array records WHERE clause constraints of the form:
+**
+** <blockquote>column OP expr</blockquote>
+**
+** where OP is =, &lt;, &lt;=, &gt;, or &gt;=.)^ ^(The particular operator is
+** stored in aConstraint[].op using one of the
+** [SQLITE_INDEX_CONSTRAINT_EQ | SQLITE_INDEX_CONSTRAINT_ values].)^
+** ^(The index of the column is stored in
+** aConstraint[].iColumn.)^ ^(aConstraint[].usable is TRUE if the
+** expr on the right-hand side can be evaluated (and thus the constraint
+** is usable) and false if it cannot.)^
+**
+** ^The optimizer automatically inverts terms of the form "expr OP column"
+** and makes other simplifications to the WHERE clause in an attempt to
+** get as many WHERE clause terms into the form shown above as possible.
+** ^The aConstraint[] array only reports WHERE clause terms that are
+** relevant to the particular virtual table being queried.
+**
+** ^Information about the ORDER BY clause is stored in aOrderBy[].
+** ^Each term of aOrderBy records a column of the ORDER BY clause.
+**
+** The colUsed field indicates which columns of the virtual table may be
+** required by the current scan. Virtual table columns are numbered from
+** zero in the order in which they appear within the CREATE TABLE statement
+** passed to sqlite3_declare_vtab(). For the first 63 columns (columns 0-62),
+** the corresponding bit is set within the colUsed mask if the column may be
+** required by SQLite. If the table has at least 64 columns and any column
+** to the right of the first 63 is required, then bit 63 of colUsed is also
+** set. In other words, column iCol may be required if the expression
+** (colUsed & ((sqlite3_uint64)1 << (iCol>=63 ? 63 : iCol))) evaluates to
+** non-zero.
+**
+** The [xBestIndex] method must fill aConstraintUsage[] with information
+** about what parameters to pass to xFilter. ^If argvIndex>0 then
+** the right-hand side of the corresponding aConstraint[] is evaluated
+** and becomes the argvIndex-th entry in argv. ^(If aConstraintUsage[].omit
+** is true, then the constraint is assumed to be fully handled by the
+** virtual table and is not checked again by SQLite.)^
+**
+** ^The idxNum and idxPtr values are recorded and passed into the
+** [xFilter] method.
+** ^[sqlite3_free()] is used to free idxPtr if and only if
+** needToFreeIdxPtr is true.
+**
+** ^The orderByConsumed means that output from [xFilter]/[xNext] will occur in
+** the correct order to satisfy the ORDER BY clause so that no separate
+** sorting step is required.
+**
+** ^The estimatedCost value is an estimate of the cost of a particular
+** strategy. A cost of N indicates that the cost of the strategy is similar
+** to a linear scan of an SQLite table with N rows. A cost of log(N)
+** indicates that the expense of the operation is similar to that of a
+** binary search on a unique indexed field of an SQLite table with N rows.
+**
+** ^The estimatedRows value is an estimate of the number of rows that
+** will be returned by the strategy.
+**
+** The xBestIndex method may optionally populate the idxFlags field with a
+** mask of SQLITE_INDEX_SCAN_* flags. Currently there is only one such flag -
+** SQLITE_INDEX_SCAN_UNIQUE. If the xBestIndex method sets this flag, SQLite
+** assumes that the strategy may visit at most one row.
+**
+** Additionally, if xBestIndex sets the SQLITE_INDEX_SCAN_UNIQUE flag, then
+** SQLite also assumes that if a call to the xUpdate() method is made as
+** part of the same statement to delete or update a virtual table row and the
+** implementation returns SQLITE_CONSTRAINT, then there is no need to rollback
+** any database changes. In other words, if the xUpdate() returns
+** SQLITE_CONSTRAINT, the database contents must be exactly as they were
+** before xUpdate was called. By contrast, if SQLITE_INDEX_SCAN_UNIQUE is not
+** set and xUpdate returns SQLITE_CONSTRAINT, any database changes made by
+** the xUpdate method are automatically rolled back by SQLite.
+**
+** IMPORTANT: The estimatedRows field was added to the sqlite3_index_info
+** structure for SQLite version 3.8.2. If a virtual table extension is
+** used with an SQLite version earlier than 3.8.2, the results of attempting
+** to read or write the estimatedRows field are undefined (but are likely
+** to included crashing the application). The estimatedRows field should
+** therefore only be used if [sqlite3_libversion_number()] returns a
+** value greater than or equal to 3008002. Similarly, the idxFlags field
+** was added for version 3.9.0. It may therefore only be used if
+** sqlite3_libversion_number() returns a value greater than or equal to
+** 3009000.
+*/
+struct sqlite3_index_info {
+ /* Inputs */
+ int nConstraint; /* Number of entries in aConstraint */
+ struct sqlite3_index_constraint {
+ int iColumn; /* Column on left-hand side of constraint */
+ unsigned char op; /* Constraint operator */
+ unsigned char usable; /* True if this constraint is usable */
+ int iTermOffset; /* Used internally - xBestIndex should ignore */
+ } *aConstraint; /* Table of WHERE clause constraints */
+ int nOrderBy; /* Number of terms in the ORDER BY clause */
+ struct sqlite3_index_orderby {
+ int iColumn; /* Column number */
+ unsigned char desc; /* True for DESC. False for ASC. */
+ } *aOrderBy; /* The ORDER BY clause */
+ /* Outputs */
+ struct sqlite3_index_constraint_usage {
+ int argvIndex; /* if >0, constraint is part of argv to xFilter */
+ unsigned char omit; /* Do not code a test for this constraint */
+ } *aConstraintUsage;
+ int idxNum; /* Number used to identify the index */
+ char *idxStr; /* String, possibly obtained from sqlite3_malloc */
+ int needToFreeIdxStr; /* Free idxStr using sqlite3_free() if true */
+ int orderByConsumed; /* True if output is already ordered */
+ double estimatedCost; /* Estimated cost of using this index */
+ /* Fields below are only available in SQLite 3.8.2 and later */
+ sqlite3_int64 estimatedRows; /* Estimated number of rows returned */
+ /* Fields below are only available in SQLite 3.9.0 and later */
+ int idxFlags; /* Mask of SQLITE_INDEX_SCAN_* flags */
+ /* Fields below are only available in SQLite 3.10.0 and later */
+ sqlite3_uint64 colUsed; /* Input: Mask of columns used by statement */
+};
+
+/*
+** CAPI3REF: Virtual Table Scan Flags
+*/
+#define SQLITE_INDEX_SCAN_UNIQUE 1 /* Scan visits at most 1 row */
+
+/*
+** CAPI3REF: Virtual Table Constraint Operator Codes
+**
+** These macros defined the allowed values for the
+** [sqlite3_index_info].aConstraint[].op field. Each value represents
+** an operator that is part of a constraint term in the wHERE clause of
+** a query that uses a [virtual table].
+*/
+#define SQLITE_INDEX_CONSTRAINT_EQ 2
+#define SQLITE_INDEX_CONSTRAINT_GT 4
+#define SQLITE_INDEX_CONSTRAINT_LE 8
+#define SQLITE_INDEX_CONSTRAINT_LT 16
+#define SQLITE_INDEX_CONSTRAINT_GE 32
+#define SQLITE_INDEX_CONSTRAINT_MATCH 64
+#define SQLITE_INDEX_CONSTRAINT_LIKE 65
+#define SQLITE_INDEX_CONSTRAINT_GLOB 66
+#define SQLITE_INDEX_CONSTRAINT_REGEXP 67
+
+/*
+** CAPI3REF: Register A Virtual Table Implementation
+** METHOD: sqlite3
+**
+** ^These routines are used to register a new [virtual table module] name.
+** ^Module names must be registered before
+** creating a new [virtual table] using the module and before using a
+** preexisting [virtual table] for the module.
+**
+** ^The module name is registered on the [database connection] specified
+** by the first parameter. ^The name of the module is given by the
+** second parameter. ^The third parameter is a pointer to
+** the implementation of the [virtual table module]. ^The fourth
+** parameter is an arbitrary client data pointer that is passed through
+** into the [xCreate] and [xConnect] methods of the virtual table module
+** when a new virtual table is be being created or reinitialized.
+**
+** ^The sqlite3_create_module_v2() interface has a fifth parameter which
+** is a pointer to a destructor for the pClientData. ^SQLite will
+** invoke the destructor function (if it is not NULL) when SQLite
+** no longer needs the pClientData pointer. ^The destructor will also
+** be invoked if the call to sqlite3_create_module_v2() fails.
+** ^The sqlite3_create_module()
+** interface is equivalent to sqlite3_create_module_v2() with a NULL
+** destructor.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_module(
+ sqlite3 *db, /* SQLite connection to register module with */
+ const char *zName, /* Name of the module */
+ const sqlite3_module *p, /* Methods for the module */
+ void *pClientData /* Client data for xCreate/xConnect */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_module_v2(
+ sqlite3 *db, /* SQLite connection to register module with */
+ const char *zName, /* Name of the module */
+ const sqlite3_module *p, /* Methods for the module */
+ void *pClientData, /* Client data for xCreate/xConnect */
+ void(*xDestroy)(void*) /* Module destructor function */
+);
+
+/*
+** CAPI3REF: Virtual Table Instance Object
+** KEYWORDS: sqlite3_vtab
+**
+** Every [virtual table module] implementation uses a subclass
+** of this object to describe a particular instance
+** of the [virtual table]. Each subclass will
+** be tailored to the specific needs of the module implementation.
+** The purpose of this superclass is to define certain fields that are
+** common to all module implementations.
+**
+** ^Virtual tables methods can set an error message by assigning a
+** string obtained from [sqlite3_mprintf()] to zErrMsg. The method should
+** take care that any prior string is freed by a call to [sqlite3_free()]
+** prior to assigning a new string to zErrMsg. ^After the error message
+** is delivered up to the client application, the string will be automatically
+** freed by sqlite3_free() and the zErrMsg field will be zeroed.
+*/
+struct sqlite3_vtab {
+ const sqlite3_module *pModule; /* The module for this virtual table */
+ int nRef; /* Number of open cursors */
+ char *zErrMsg; /* Error message from sqlite3_mprintf() */
+ /* Virtual table implementations will typically add additional fields */
+};
+
+/*
+** CAPI3REF: Virtual Table Cursor Object
+** KEYWORDS: sqlite3_vtab_cursor {virtual table cursor}
+**
+** Every [virtual table module] implementation uses a subclass of the
+** following structure to describe cursors that point into the
+** [virtual table] and are used
+** to loop through the virtual table. Cursors are created using the
+** [sqlite3_module.xOpen | xOpen] method of the module and are destroyed
+** by the [sqlite3_module.xClose | xClose] method. Cursors are used
+** by the [xFilter], [xNext], [xEof], [xColumn], and [xRowid] methods
+** of the module. Each module implementation will define
+** the content of a cursor structure to suit its own needs.
+**
+** This superclass exists in order to define fields of the cursor that
+** are common to all implementations.
+*/
+struct sqlite3_vtab_cursor {
+ sqlite3_vtab *pVtab; /* Virtual table of this cursor */
+ /* Virtual table implementations will typically add additional fields */
+};
+
+/*
+** CAPI3REF: Declare The Schema Of A Virtual Table
+**
+** ^The [xCreate] and [xConnect] methods of a
+** [virtual table module] call this interface
+** to declare the format (the names and datatypes of the columns) of
+** the virtual tables they implement.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_declare_vtab(sqlite3*, const char *zSQL);
+
+/*
+** CAPI3REF: Overload A Function For A Virtual Table
+** METHOD: sqlite3
+**
+** ^(Virtual tables can provide alternative implementations of functions
+** using the [xFindFunction] method of the [virtual table module].
+** But global versions of those functions
+** must exist in order to be overloaded.)^
+**
+** ^(This API makes sure a global version of a function with a particular
+** name and number of parameters exists. If no such function exists
+** before this API is called, a new function is created.)^ ^The implementation
+** of the new function always causes an exception to be thrown. So
+** the new function is not good for anything by itself. Its only
+** purpose is to be a placeholder function that can be overloaded
+** by a [virtual table].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_overload_function(sqlite3*, const char *zFuncName, int nArg);
+
+/*
+** The interface to the virtual-table mechanism defined above (back up
+** to a comment remarkably similar to this one) is currently considered
+** to be experimental. The interface might change in incompatible ways.
+** If this is a problem for you, do not use the interface at this time.
+**
+** When the virtual-table mechanism stabilizes, we will declare the
+** interface fixed, support it indefinitely, and remove this comment.
+*/
+
+/*
+** CAPI3REF: A Handle To An Open BLOB
+** KEYWORDS: {BLOB handle} {BLOB handles}
+**
+** An instance of this object represents an open BLOB on which
+** [sqlite3_blob_open | incremental BLOB I/O] can be performed.
+** ^Objects of this type are created by [sqlite3_blob_open()]
+** and destroyed by [sqlite3_blob_close()].
+** ^The [sqlite3_blob_read()] and [sqlite3_blob_write()] interfaces
+** can be used to read or write small subsections of the BLOB.
+** ^The [sqlite3_blob_bytes()] interface returns the size of the BLOB in bytes.
+*/
+typedef struct sqlite3_blob sqlite3_blob;
+
+/*
+** CAPI3REF: Open A BLOB For Incremental I/O
+** METHOD: sqlite3
+** CONSTRUCTOR: sqlite3_blob
+**
+** ^(This interfaces opens a [BLOB handle | handle] to the BLOB located
+** in row iRow, column zColumn, table zTable in database zDb;
+** in other words, the same BLOB that would be selected by:
+**
+** <pre>
+** SELECT zColumn FROM zDb.zTable WHERE [rowid] = iRow;
+** </pre>)^
+**
+** ^(Parameter zDb is not the filename that contains the database, but
+** rather the symbolic name of the database. For attached databases, this is
+** the name that appears after the AS keyword in the [ATTACH] statement.
+** For the main database file, the database name is "main". For TEMP
+** tables, the database name is "temp".)^
+**
+** ^If the flags parameter is non-zero, then the BLOB is opened for read
+** and write access. ^If the flags parameter is zero, the BLOB is opened for
+** read-only access.
+**
+** ^(On success, [SQLITE_OK] is returned and the new [BLOB handle] is stored
+** in *ppBlob. Otherwise an [error code] is returned and, unless the error
+** code is SQLITE_MISUSE, *ppBlob is set to NULL.)^ ^This means that, provided
+** the API is not misused, it is always safe to call [sqlite3_blob_close()]
+** on *ppBlob after this function it returns.
+**
+** This function fails with SQLITE_ERROR if any of the following are true:
+** <ul>
+** <li> ^(Database zDb does not exist)^,
+** <li> ^(Table zTable does not exist within database zDb)^,
+** <li> ^(Table zTable is a WITHOUT ROWID table)^,
+** <li> ^(Column zColumn does not exist)^,
+** <li> ^(Row iRow is not present in the table)^,
+** <li> ^(The specified column of row iRow contains a value that is not
+** a TEXT or BLOB value)^,
+** <li> ^(Column zColumn is part of an index, PRIMARY KEY or UNIQUE
+** constraint and the blob is being opened for read/write access)^,
+** <li> ^([foreign key constraints | Foreign key constraints] are enabled,
+** column zColumn is part of a [child key] definition and the blob is
+** being opened for read/write access)^.
+** </ul>
+**
+** ^Unless it returns SQLITE_MISUSE, this function sets the
+** [database connection] error code and message accessible via
+** [sqlite3_errcode()] and [sqlite3_errmsg()] and related functions.
+**
+**
+** ^(If the row that a BLOB handle points to is modified by an
+** [UPDATE], [DELETE], or by [ON CONFLICT] side-effects
+** then the BLOB handle is marked as "expired".
+** This is true if any column of the row is changed, even a column
+** other than the one the BLOB handle is open on.)^
+** ^Calls to [sqlite3_blob_read()] and [sqlite3_blob_write()] for
+** an expired BLOB handle fail with a return code of [SQLITE_ABORT].
+** ^(Changes written into a BLOB prior to the BLOB expiring are not
+** rolled back by the expiration of the BLOB. Such changes will eventually
+** commit if the transaction continues to completion.)^
+**
+** ^Use the [sqlite3_blob_bytes()] interface to determine the size of
+** the opened blob. ^The size of a blob may not be changed by this
+** interface. Use the [UPDATE] SQL command to change the size of a
+** blob.
+**
+** ^The [sqlite3_bind_zeroblob()] and [sqlite3_result_zeroblob()] interfaces
+** and the built-in [zeroblob] SQL function may be used to create a
+** zero-filled blob to read or write using the incremental-blob interface.
+**
+** To avoid a resource leak, every open [BLOB handle] should eventually
+** be released by a call to [sqlite3_blob_close()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_open(
+ sqlite3*,
+ const char *zDb,
+ const char *zTable,
+ const char *zColumn,
+ sqlite3_int64 iRow,
+ int flags,
+ sqlite3_blob **ppBlob
+);
+
+/*
+** CAPI3REF: Move a BLOB Handle to a New Row
+** METHOD: sqlite3_blob
+**
+** ^This function is used to move an existing blob handle so that it points
+** to a different row of the same database table. ^The new row is identified
+** by the rowid value passed as the second argument. Only the row can be
+** changed. ^The database, table and column on which the blob handle is open
+** remain the same. Moving an existing blob handle to a new row can be
+** faster than closing the existing handle and opening a new one.
+**
+** ^(The new row must meet the same criteria as for [sqlite3_blob_open()] -
+** it must exist and there must be either a blob or text value stored in
+** the nominated column.)^ ^If the new row is not present in the table, or if
+** it does not contain a blob or text value, or if another error occurs, an
+** SQLite error code is returned and the blob handle is considered aborted.
+** ^All subsequent calls to [sqlite3_blob_read()], [sqlite3_blob_write()] or
+** [sqlite3_blob_reopen()] on an aborted blob handle immediately return
+** SQLITE_ABORT. ^Calling [sqlite3_blob_bytes()] on an aborted blob handle
+** always returns zero.
+**
+** ^This function sets the database handle error code and message.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_reopen(sqlite3_blob *, sqlite3_int64);
+
+/*
+** CAPI3REF: Close A BLOB Handle
+** DESTRUCTOR: sqlite3_blob
+**
+** ^This function closes an open [BLOB handle]. ^(The BLOB handle is closed
+** unconditionally. Even if this routine returns an error code, the
+** handle is still closed.)^
+**
+** ^If the blob handle being closed was opened for read-write access, and if
+** the database is in auto-commit mode and there are no other open read-write
+** blob handles or active write statements, the current transaction is
+** committed. ^If an error occurs while committing the transaction, an error
+** code is returned and the transaction rolled back.
+**
+** Calling this function with an argument that is not a NULL pointer or an
+** open blob handle results in undefined behaviour. ^Calling this routine
+** with a null pointer (such as would be returned by a failed call to
+** [sqlite3_blob_open()]) is a harmless no-op. ^Otherwise, if this function
+** is passed a valid open blob handle, the values returned by the
+** sqlite3_errcode() and sqlite3_errmsg() functions are set before returning.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_close(sqlite3_blob *);
+
+/*
+** CAPI3REF: Return The Size Of An Open BLOB
+** METHOD: sqlite3_blob
+**
+** ^Returns the size in bytes of the BLOB accessible via the
+** successfully opened [BLOB handle] in its only argument. ^The
+** incremental blob I/O routines can only read or overwriting existing
+** blob content; they cannot change the size of a blob.
+**
+** This routine only works on a [BLOB handle] which has been created
+** by a prior successful call to [sqlite3_blob_open()] and which has not
+** been closed by [sqlite3_blob_close()]. Passing any other pointer in
+** to this routine results in undefined and probably undesirable behavior.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_bytes(sqlite3_blob *);
+
+/*
+** CAPI3REF: Read Data From A BLOB Incrementally
+** METHOD: sqlite3_blob
+**
+** ^(This function is used to read data from an open [BLOB handle] into a
+** caller-supplied buffer. N bytes of data are copied into buffer Z
+** from the open BLOB, starting at offset iOffset.)^
+**
+** ^If offset iOffset is less than N bytes from the end of the BLOB,
+** [SQLITE_ERROR] is returned and no data is read. ^If N or iOffset is
+** less than zero, [SQLITE_ERROR] is returned and no data is read.
+** ^The size of the blob (and hence the maximum value of N+iOffset)
+** can be determined using the [sqlite3_blob_bytes()] interface.
+**
+** ^An attempt to read from an expired [BLOB handle] fails with an
+** error code of [SQLITE_ABORT].
+**
+** ^(On success, sqlite3_blob_read() returns SQLITE_OK.
+** Otherwise, an [error code] or an [extended error code] is returned.)^
+**
+** This routine only works on a [BLOB handle] which has been created
+** by a prior successful call to [sqlite3_blob_open()] and which has not
+** been closed by [sqlite3_blob_close()]. Passing any other pointer in
+** to this routine results in undefined and probably undesirable behavior.
+**
+** See also: [sqlite3_blob_write()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_read(sqlite3_blob *, void *Z, int N, int iOffset);
+
+/*
+** CAPI3REF: Write Data Into A BLOB Incrementally
+** METHOD: sqlite3_blob
+**
+** ^(This function is used to write data into an open [BLOB handle] from a
+** caller-supplied buffer. N bytes of data are copied from the buffer Z
+** into the open BLOB, starting at offset iOffset.)^
+**
+** ^(On success, sqlite3_blob_write() returns SQLITE_OK.
+** Otherwise, an [error code] or an [extended error code] is returned.)^
+** ^Unless SQLITE_MISUSE is returned, this function sets the
+** [database connection] error code and message accessible via
+** [sqlite3_errcode()] and [sqlite3_errmsg()] and related functions.
+**
+** ^If the [BLOB handle] passed as the first argument was not opened for
+** writing (the flags parameter to [sqlite3_blob_open()] was zero),
+** this function returns [SQLITE_READONLY].
+**
+** This function may only modify the contents of the BLOB; it is
+** not possible to increase the size of a BLOB using this API.
+** ^If offset iOffset is less than N bytes from the end of the BLOB,
+** [SQLITE_ERROR] is returned and no data is written. The size of the
+** BLOB (and hence the maximum value of N+iOffset) can be determined
+** using the [sqlite3_blob_bytes()] interface. ^If N or iOffset are less
+** than zero [SQLITE_ERROR] is returned and no data is written.
+**
+** ^An attempt to write to an expired [BLOB handle] fails with an
+** error code of [SQLITE_ABORT]. ^Writes to the BLOB that occurred
+** before the [BLOB handle] expired are not rolled back by the
+** expiration of the handle, though of course those changes might
+** have been overwritten by the statement that expired the BLOB handle
+** or by other independent statements.
+**
+** This routine only works on a [BLOB handle] which has been created
+** by a prior successful call to [sqlite3_blob_open()] and which has not
+** been closed by [sqlite3_blob_close()]. Passing any other pointer in
+** to this routine results in undefined and probably undesirable behavior.
+**
+** See also: [sqlite3_blob_read()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_write(sqlite3_blob *, const void *z, int n, int iOffset);
+
+/*
+** CAPI3REF: Virtual File System Objects
+**
+** A virtual filesystem (VFS) is an [sqlite3_vfs] object
+** that SQLite uses to interact
+** with the underlying operating system. Most SQLite builds come with a
+** single default VFS that is appropriate for the host computer.
+** New VFSes can be registered and existing VFSes can be unregistered.
+** The following interfaces are provided.
+**
+** ^The sqlite3_vfs_find() interface returns a pointer to a VFS given its name.
+** ^Names are case sensitive.
+** ^Names are zero-terminated UTF-8 strings.
+** ^If there is no match, a NULL pointer is returned.
+** ^If zVfsName is NULL then the default VFS is returned.
+**
+** ^New VFSes are registered with sqlite3_vfs_register().
+** ^Each new VFS becomes the default VFS if the makeDflt flag is set.
+** ^The same VFS can be registered multiple times without injury.
+** ^To make an existing VFS into the default VFS, register it again
+** with the makeDflt flag set. If two different VFSes with the
+** same name are registered, the behavior is undefined. If a
+** VFS is registered with a name that is NULL or an empty string,
+** then the behavior is undefined.
+**
+** ^Unregister a VFS with the sqlite3_vfs_unregister() interface.
+** ^(If the default VFS is unregistered, another VFS is chosen as
+** the default. The choice for the new VFS is arbitrary.)^
+*/
+SQLITE_API sqlite3_vfs *SQLITE_STDCALL sqlite3_vfs_find(const char *zVfsName);
+SQLITE_API int SQLITE_STDCALL sqlite3_vfs_register(sqlite3_vfs*, int makeDflt);
+SQLITE_API int SQLITE_STDCALL sqlite3_vfs_unregister(sqlite3_vfs*);
+
+/*
+** CAPI3REF: Mutexes
+**
+** The SQLite core uses these routines for thread
+** synchronization. Though they are intended for internal
+** use by SQLite, code that links against SQLite is
+** permitted to use any of these routines.
+**
+** The SQLite source code contains multiple implementations
+** of these mutex routines. An appropriate implementation
+** is selected automatically at compile-time. The following
+** implementations are available in the SQLite core:
+**
+** <ul>
+** <li> SQLITE_MUTEX_PTHREADS
+** <li> SQLITE_MUTEX_W32
+** <li> SQLITE_MUTEX_NOOP
+** </ul>
+**
+** The SQLITE_MUTEX_NOOP implementation is a set of routines
+** that does no real locking and is appropriate for use in
+** a single-threaded application. The SQLITE_MUTEX_PTHREADS and
+** SQLITE_MUTEX_W32 implementations are appropriate for use on Unix
+** and Windows.
+**
+** If SQLite is compiled with the SQLITE_MUTEX_APPDEF preprocessor
+** macro defined (with "-DSQLITE_MUTEX_APPDEF=1"), then no mutex
+** implementation is included with the library. In this case the
+** application must supply a custom mutex implementation using the
+** [SQLITE_CONFIG_MUTEX] option of the sqlite3_config() function
+** before calling sqlite3_initialize() or any other public sqlite3_
+** function that calls sqlite3_initialize().
+**
+** ^The sqlite3_mutex_alloc() routine allocates a new
+** mutex and returns a pointer to it. ^The sqlite3_mutex_alloc()
+** routine returns NULL if it is unable to allocate the requested
+** mutex. The argument to sqlite3_mutex_alloc() must one of these
+** integer constants:
+**
+** <ul>
+** <li> SQLITE_MUTEX_FAST
+** <li> SQLITE_MUTEX_RECURSIVE
+** <li> SQLITE_MUTEX_STATIC_MASTER
+** <li> SQLITE_MUTEX_STATIC_MEM
+** <li> SQLITE_MUTEX_STATIC_OPEN
+** <li> SQLITE_MUTEX_STATIC_PRNG
+** <li> SQLITE_MUTEX_STATIC_LRU
+** <li> SQLITE_MUTEX_STATIC_PMEM
+** <li> SQLITE_MUTEX_STATIC_APP1
+** <li> SQLITE_MUTEX_STATIC_APP2
+** <li> SQLITE_MUTEX_STATIC_APP3
+** <li> SQLITE_MUTEX_STATIC_VFS1
+** <li> SQLITE_MUTEX_STATIC_VFS2
+** <li> SQLITE_MUTEX_STATIC_VFS3
+** </ul>
+**
+** ^The first two constants (SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE)
+** cause sqlite3_mutex_alloc() to create
+** a new mutex. ^The new mutex is recursive when SQLITE_MUTEX_RECURSIVE
+** is used but not necessarily so when SQLITE_MUTEX_FAST is used.
+** The mutex implementation does not need to make a distinction
+** between SQLITE_MUTEX_RECURSIVE and SQLITE_MUTEX_FAST if it does
+** not want to. SQLite will only request a recursive mutex in
+** cases where it really needs one. If a faster non-recursive mutex
+** implementation is available on the host platform, the mutex subsystem
+** might return such a mutex in response to SQLITE_MUTEX_FAST.
+**
+** ^The other allowed parameters to sqlite3_mutex_alloc() (anything other
+** than SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE) each return
+** a pointer to a static preexisting mutex. ^Nine static mutexes are
+** used by the current version of SQLite. Future versions of SQLite
+** may add additional static mutexes. Static mutexes are for internal
+** use by SQLite only. Applications that use SQLite mutexes should
+** use only the dynamic mutexes returned by SQLITE_MUTEX_FAST or
+** SQLITE_MUTEX_RECURSIVE.
+**
+** ^Note that if one of the dynamic mutex parameters (SQLITE_MUTEX_FAST
+** or SQLITE_MUTEX_RECURSIVE) is used then sqlite3_mutex_alloc()
+** returns a different mutex on every call. ^For the static
+** mutex types, the same mutex is returned on every call that has
+** the same type number.
+**
+** ^The sqlite3_mutex_free() routine deallocates a previously
+** allocated dynamic mutex. Attempting to deallocate a static
+** mutex results in undefined behavior.
+**
+** ^The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt
+** to enter a mutex. ^If another thread is already within the mutex,
+** sqlite3_mutex_enter() will block and sqlite3_mutex_try() will return
+** SQLITE_BUSY. ^The sqlite3_mutex_try() interface returns [SQLITE_OK]
+** upon successful entry. ^(Mutexes created using
+** SQLITE_MUTEX_RECURSIVE can be entered multiple times by the same thread.
+** In such cases, the
+** mutex must be exited an equal number of times before another thread
+** can enter.)^ If the same thread tries to enter any mutex other
+** than an SQLITE_MUTEX_RECURSIVE more than once, the behavior is undefined.
+**
+** ^(Some systems (for example, Windows 95) do not support the operation
+** implemented by sqlite3_mutex_try(). On those systems, sqlite3_mutex_try()
+** will always return SQLITE_BUSY. The SQLite core only ever uses
+** sqlite3_mutex_try() as an optimization so this is acceptable
+** behavior.)^
+**
+** ^The sqlite3_mutex_leave() routine exits a mutex that was
+** previously entered by the same thread. The behavior
+** is undefined if the mutex is not currently entered by the
+** calling thread or is not currently allocated.
+**
+** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), or
+** sqlite3_mutex_leave() is a NULL pointer, then all three routines
+** behave as no-ops.
+**
+** See also: [sqlite3_mutex_held()] and [sqlite3_mutex_notheld()].
+*/
+SQLITE_API sqlite3_mutex *SQLITE_STDCALL sqlite3_mutex_alloc(int);
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_free(sqlite3_mutex*);
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_enter(sqlite3_mutex*);
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_try(sqlite3_mutex*);
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_leave(sqlite3_mutex*);
+
+/*
+** CAPI3REF: Mutex Methods Object
+**
+** An instance of this structure defines the low-level routines
+** used to allocate and use mutexes.
+**
+** Usually, the default mutex implementations provided by SQLite are
+** sufficient, however the application has the option of substituting a custom
+** implementation for specialized deployments or systems for which SQLite
+** does not provide a suitable implementation. In this case, the application
+** creates and populates an instance of this structure to pass
+** to sqlite3_config() along with the [SQLITE_CONFIG_MUTEX] option.
+** Additionally, an instance of this structure can be used as an
+** output variable when querying the system for the current mutex
+** implementation, using the [SQLITE_CONFIG_GETMUTEX] option.
+**
+** ^The xMutexInit method defined by this structure is invoked as
+** part of system initialization by the sqlite3_initialize() function.
+** ^The xMutexInit routine is called by SQLite exactly once for each
+** effective call to [sqlite3_initialize()].
+**
+** ^The xMutexEnd method defined by this structure is invoked as
+** part of system shutdown by the sqlite3_shutdown() function. The
+** implementation of this method is expected to release all outstanding
+** resources obtained by the mutex methods implementation, especially
+** those obtained by the xMutexInit method. ^The xMutexEnd()
+** interface is invoked exactly once for each call to [sqlite3_shutdown()].
+**
+** ^(The remaining seven methods defined by this structure (xMutexAlloc,
+** xMutexFree, xMutexEnter, xMutexTry, xMutexLeave, xMutexHeld and
+** xMutexNotheld) implement the following interfaces (respectively):
+**
+** <ul>
+** <li> [sqlite3_mutex_alloc()] </li>
+** <li> [sqlite3_mutex_free()] </li>
+** <li> [sqlite3_mutex_enter()] </li>
+** <li> [sqlite3_mutex_try()] </li>
+** <li> [sqlite3_mutex_leave()] </li>
+** <li> [sqlite3_mutex_held()] </li>
+** <li> [sqlite3_mutex_notheld()] </li>
+** </ul>)^
+**
+** The only difference is that the public sqlite3_XXX functions enumerated
+** above silently ignore any invocations that pass a NULL pointer instead
+** of a valid mutex handle. The implementations of the methods defined
+** by this structure are not required to handle this case, the results
+** of passing a NULL pointer instead of a valid mutex handle are undefined
+** (i.e. it is acceptable to provide an implementation that segfaults if
+** it is passed a NULL pointer).
+**
+** The xMutexInit() method must be threadsafe. It must be harmless to
+** invoke xMutexInit() multiple times within the same process and without
+** intervening calls to xMutexEnd(). Second and subsequent calls to
+** xMutexInit() must be no-ops.
+**
+** xMutexInit() must not use SQLite memory allocation ([sqlite3_malloc()]
+** and its associates). Similarly, xMutexAlloc() must not use SQLite memory
+** allocation for a static mutex. ^However xMutexAlloc() may use SQLite
+** memory allocation for a fast or recursive mutex.
+**
+** ^SQLite will invoke the xMutexEnd() method when [sqlite3_shutdown()] is
+** called, but only if the prior call to xMutexInit returned SQLITE_OK.
+** If xMutexInit fails in any way, it is expected to clean up after itself
+** prior to returning.
+*/
+typedef struct sqlite3_mutex_methods sqlite3_mutex_methods;
+struct sqlite3_mutex_methods {
+ int (*xMutexInit)(void);
+ int (*xMutexEnd)(void);
+ sqlite3_mutex *(*xMutexAlloc)(int);
+ void (*xMutexFree)(sqlite3_mutex *);
+ void (*xMutexEnter)(sqlite3_mutex *);
+ int (*xMutexTry)(sqlite3_mutex *);
+ void (*xMutexLeave)(sqlite3_mutex *);
+ int (*xMutexHeld)(sqlite3_mutex *);
+ int (*xMutexNotheld)(sqlite3_mutex *);
+};
+
+/*
+** CAPI3REF: Mutex Verification Routines
+**
+** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routines
+** are intended for use inside assert() statements. The SQLite core
+** never uses these routines except inside an assert() and applications
+** are advised to follow the lead of the core. The SQLite core only
+** provides implementations for these routines when it is compiled
+** with the SQLITE_DEBUG flag. External mutex implementations
+** are only required to provide these routines if SQLITE_DEBUG is
+** defined and if NDEBUG is not defined.
+**
+** These routines should return true if the mutex in their argument
+** is held or not held, respectively, by the calling thread.
+**
+** The implementation is not required to provide versions of these
+** routines that actually work. If the implementation does not provide working
+** versions of these routines, it should at least provide stubs that always
+** return true so that one does not get spurious assertion failures.
+**
+** If the argument to sqlite3_mutex_held() is a NULL pointer then
+** the routine should return 1. This seems counter-intuitive since
+** clearly the mutex cannot be held if it does not exist. But
+** the reason the mutex does not exist is because the build is not
+** using mutexes. And we do not want the assert() containing the
+** call to sqlite3_mutex_held() to fail, so a non-zero return is
+** the appropriate thing to do. The sqlite3_mutex_notheld()
+** interface should also return 1 when given a NULL pointer.
+*/
+#ifndef NDEBUG
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_held(sqlite3_mutex*);
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_notheld(sqlite3_mutex*);
+#endif
+
+/*
+** CAPI3REF: Mutex Types
+**
+** The [sqlite3_mutex_alloc()] interface takes a single argument
+** which is one of these integer constants.
+**
+** The set of static mutexes may change from one SQLite release to the
+** next. Applications that override the built-in mutex logic must be
+** prepared to accommodate additional static mutexes.
+*/
+#define SQLITE_MUTEX_FAST 0
+#define SQLITE_MUTEX_RECURSIVE 1
+#define SQLITE_MUTEX_STATIC_MASTER 2
+#define SQLITE_MUTEX_STATIC_MEM 3 /* sqlite3_malloc() */
+#define SQLITE_MUTEX_STATIC_MEM2 4 /* NOT USED */
+#define SQLITE_MUTEX_STATIC_OPEN 4 /* sqlite3BtreeOpen() */
+#define SQLITE_MUTEX_STATIC_PRNG 5 /* sqlite3_random() */
+#define SQLITE_MUTEX_STATIC_LRU 6 /* lru page list */
+#define SQLITE_MUTEX_STATIC_LRU2 7 /* NOT USED */
+#define SQLITE_MUTEX_STATIC_PMEM 7 /* sqlite3PageMalloc() */
+#define SQLITE_MUTEX_STATIC_APP1 8 /* For use by application */
+#define SQLITE_MUTEX_STATIC_APP2 9 /* For use by application */
+#define SQLITE_MUTEX_STATIC_APP3 10 /* For use by application */
+#define SQLITE_MUTEX_STATIC_VFS1 11 /* For use by built-in VFS */
+#define SQLITE_MUTEX_STATIC_VFS2 12 /* For use by extension VFS */
+#define SQLITE_MUTEX_STATIC_VFS3 13 /* For use by application VFS */
+
+/*
+** CAPI3REF: Retrieve the mutex for a database connection
+** METHOD: sqlite3
+**
+** ^This interface returns a pointer the [sqlite3_mutex] object that
+** serializes access to the [database connection] given in the argument
+** when the [threading mode] is Serialized.
+** ^If the [threading mode] is Single-thread or Multi-thread then this
+** routine returns a NULL pointer.
+*/
+SQLITE_API sqlite3_mutex *SQLITE_STDCALL sqlite3_db_mutex(sqlite3*);
+
+/*
+** CAPI3REF: Low-Level Control Of Database Files
+** METHOD: sqlite3
+**
+** ^The [sqlite3_file_control()] interface makes a direct call to the
+** xFileControl method for the [sqlite3_io_methods] object associated
+** with a particular database identified by the second argument. ^The
+** name of the database is "main" for the main database or "temp" for the
+** TEMP database, or the name that appears after the AS keyword for
+** databases that are added using the [ATTACH] SQL command.
+** ^A NULL pointer can be used in place of "main" to refer to the
+** main database file.
+** ^The third and fourth parameters to this routine
+** are passed directly through to the second and third parameters of
+** the xFileControl method. ^The return value of the xFileControl
+** method becomes the return value of this routine.
+**
+** ^The SQLITE_FCNTL_FILE_POINTER value for the op parameter causes
+** a pointer to the underlying [sqlite3_file] object to be written into
+** the space pointed to by the 4th parameter. ^The SQLITE_FCNTL_FILE_POINTER
+** case is a short-circuit path which does not actually invoke the
+** underlying sqlite3_io_methods.xFileControl method.
+**
+** ^If the second parameter (zDbName) does not match the name of any
+** open database file, then SQLITE_ERROR is returned. ^This error
+** code is not remembered and will not be recalled by [sqlite3_errcode()]
+** or [sqlite3_errmsg()]. The underlying xFileControl method might
+** also return SQLITE_ERROR. There is no way to distinguish between
+** an incorrect zDbName and an SQLITE_ERROR return from the underlying
+** xFileControl method.
+**
+** See also: [SQLITE_FCNTL_LOCKSTATE]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_file_control(sqlite3*, const char *zDbName, int op, void*);
+
+/*
+** CAPI3REF: Testing Interface
+**
+** ^The sqlite3_test_control() interface is used to read out internal
+** state of SQLite and to inject faults into SQLite for testing
+** purposes. ^The first parameter is an operation code that determines
+** the number, meaning, and operation of all subsequent parameters.
+**
+** This interface is not for use by applications. It exists solely
+** for verifying the correct operation of the SQLite library. Depending
+** on how the SQLite library is compiled, this interface might not exist.
+**
+** The details of the operation codes, their meanings, the parameters
+** they take, and what they do are all subject to change without notice.
+** Unlike most of the SQLite API, this function is not guaranteed to
+** operate consistently from one release to the next.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_test_control(int op, ...);
+
+/*
+** CAPI3REF: Testing Interface Operation Codes
+**
+** These constants are the valid operation code parameters used
+** as the first argument to [sqlite3_test_control()].
+**
+** These parameters and their meanings are subject to change
+** without notice. These values are for testing purposes only.
+** Applications should not use any of these parameters or the
+** [sqlite3_test_control()] interface.
+*/
+#define SQLITE_TESTCTRL_FIRST 5
+#define SQLITE_TESTCTRL_PRNG_SAVE 5
+#define SQLITE_TESTCTRL_PRNG_RESTORE 6
+#define SQLITE_TESTCTRL_PRNG_RESET 7
+#define SQLITE_TESTCTRL_BITVEC_TEST 8
+#define SQLITE_TESTCTRL_FAULT_INSTALL 9
+#define SQLITE_TESTCTRL_BENIGN_MALLOC_HOOKS 10
+#define SQLITE_TESTCTRL_PENDING_BYTE 11
+#define SQLITE_TESTCTRL_ASSERT 12
+#define SQLITE_TESTCTRL_ALWAYS 13
+#define SQLITE_TESTCTRL_RESERVE 14
+#define SQLITE_TESTCTRL_OPTIMIZATIONS 15
+#define SQLITE_TESTCTRL_ISKEYWORD 16
+#define SQLITE_TESTCTRL_SCRATCHMALLOC 17
+#define SQLITE_TESTCTRL_LOCALTIME_FAULT 18
+#define SQLITE_TESTCTRL_EXPLAIN_STMT 19 /* NOT USED */
+#define SQLITE_TESTCTRL_NEVER_CORRUPT 20
+#define SQLITE_TESTCTRL_VDBE_COVERAGE 21
+#define SQLITE_TESTCTRL_BYTEORDER 22
+#define SQLITE_TESTCTRL_ISINIT 23
+#define SQLITE_TESTCTRL_SORTER_MMAP 24
+#define SQLITE_TESTCTRL_IMPOSTER 25
+#define SQLITE_TESTCTRL_LAST 25
+
+/*
+** CAPI3REF: SQLite Runtime Status
+**
+** ^These interfaces are used to retrieve runtime status information
+** about the performance of SQLite, and optionally to reset various
+** highwater marks. ^The first argument is an integer code for
+** the specific parameter to measure. ^(Recognized integer codes
+** are of the form [status parameters | SQLITE_STATUS_...].)^
+** ^The current value of the parameter is returned into *pCurrent.
+** ^The highest recorded value is returned in *pHighwater. ^If the
+** resetFlag is true, then the highest record value is reset after
+** *pHighwater is written. ^(Some parameters do not record the highest
+** value. For those parameters
+** nothing is written into *pHighwater and the resetFlag is ignored.)^
+** ^(Other parameters record only the highwater mark and not the current
+** value. For these latter parameters nothing is written into *pCurrent.)^
+**
+** ^The sqlite3_status() and sqlite3_status64() routines return
+** SQLITE_OK on success and a non-zero [error code] on failure.
+**
+** If either the current value or the highwater mark is too large to
+** be represented by a 32-bit integer, then the values returned by
+** sqlite3_status() are undefined.
+**
+** See also: [sqlite3_db_status()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_status(int op, int *pCurrent, int *pHighwater, int resetFlag);
+SQLITE_API int SQLITE_STDCALL sqlite3_status64(
+ int op,
+ sqlite3_int64 *pCurrent,
+ sqlite3_int64 *pHighwater,
+ int resetFlag
+);
+
+
+/*
+** CAPI3REF: Status Parameters
+** KEYWORDS: {status parameters}
+**
+** These integer constants designate various run-time status parameters
+** that can be returned by [sqlite3_status()].
+**
+** <dl>
+** [[SQLITE_STATUS_MEMORY_USED]] ^(<dt>SQLITE_STATUS_MEMORY_USED</dt>
+** <dd>This parameter is the current amount of memory checked out
+** using [sqlite3_malloc()], either directly or indirectly. The
+** figure includes calls made to [sqlite3_malloc()] by the application
+** and internal memory usage by the SQLite library. Scratch memory
+** controlled by [SQLITE_CONFIG_SCRATCH] and auxiliary page-cache
+** memory controlled by [SQLITE_CONFIG_PAGECACHE] is not included in
+** this parameter. The amount returned is the sum of the allocation
+** sizes as reported by the xSize method in [sqlite3_mem_methods].</dd>)^
+**
+** [[SQLITE_STATUS_MALLOC_SIZE]] ^(<dt>SQLITE_STATUS_MALLOC_SIZE</dt>
+** <dd>This parameter records the largest memory allocation request
+** handed to [sqlite3_malloc()] or [sqlite3_realloc()] (or their
+** internal equivalents). Only the value returned in the
+** *pHighwater parameter to [sqlite3_status()] is of interest.
+** The value written into the *pCurrent parameter is undefined.</dd>)^
+**
+** [[SQLITE_STATUS_MALLOC_COUNT]] ^(<dt>SQLITE_STATUS_MALLOC_COUNT</dt>
+** <dd>This parameter records the number of separate memory allocations
+** currently checked out.</dd>)^
+**
+** [[SQLITE_STATUS_PAGECACHE_USED]] ^(<dt>SQLITE_STATUS_PAGECACHE_USED</dt>
+** <dd>This parameter returns the number of pages used out of the
+** [pagecache memory allocator] that was configured using
+** [SQLITE_CONFIG_PAGECACHE]. The
+** value returned is in pages, not in bytes.</dd>)^
+**
+** [[SQLITE_STATUS_PAGECACHE_OVERFLOW]]
+** ^(<dt>SQLITE_STATUS_PAGECACHE_OVERFLOW</dt>
+** <dd>This parameter returns the number of bytes of page cache
+** allocation which could not be satisfied by the [SQLITE_CONFIG_PAGECACHE]
+** buffer and where forced to overflow to [sqlite3_malloc()]. The
+** returned value includes allocations that overflowed because they
+** where too large (they were larger than the "sz" parameter to
+** [SQLITE_CONFIG_PAGECACHE]) and allocations that overflowed because
+** no space was left in the page cache.</dd>)^
+**
+** [[SQLITE_STATUS_PAGECACHE_SIZE]] ^(<dt>SQLITE_STATUS_PAGECACHE_SIZE</dt>
+** <dd>This parameter records the largest memory allocation request
+** handed to [pagecache memory allocator]. Only the value returned in the
+** *pHighwater parameter to [sqlite3_status()] is of interest.
+** The value written into the *pCurrent parameter is undefined.</dd>)^
+**
+** [[SQLITE_STATUS_SCRATCH_USED]] ^(<dt>SQLITE_STATUS_SCRATCH_USED</dt>
+** <dd>This parameter returns the number of allocations used out of the
+** [scratch memory allocator] configured using
+** [SQLITE_CONFIG_SCRATCH]. The value returned is in allocations, not
+** in bytes. Since a single thread may only have one scratch allocation
+** outstanding at time, this parameter also reports the number of threads
+** using scratch memory at the same time.</dd>)^
+**
+** [[SQLITE_STATUS_SCRATCH_OVERFLOW]] ^(<dt>SQLITE_STATUS_SCRATCH_OVERFLOW</dt>
+** <dd>This parameter returns the number of bytes of scratch memory
+** allocation which could not be satisfied by the [SQLITE_CONFIG_SCRATCH]
+** buffer and where forced to overflow to [sqlite3_malloc()]. The values
+** returned include overflows because the requested allocation was too
+** larger (that is, because the requested allocation was larger than the
+** "sz" parameter to [SQLITE_CONFIG_SCRATCH]) and because no scratch buffer
+** slots were available.
+** </dd>)^
+**
+** [[SQLITE_STATUS_SCRATCH_SIZE]] ^(<dt>SQLITE_STATUS_SCRATCH_SIZE</dt>
+** <dd>This parameter records the largest memory allocation request
+** handed to [scratch memory allocator]. Only the value returned in the
+** *pHighwater parameter to [sqlite3_status()] is of interest.
+** The value written into the *pCurrent parameter is undefined.</dd>)^
+**
+** [[SQLITE_STATUS_PARSER_STACK]] ^(<dt>SQLITE_STATUS_PARSER_STACK</dt>
+** <dd>The *pHighwater parameter records the deepest parser stack.
+** The *pCurrent value is undefined. The *pHighwater value is only
+** meaningful if SQLite is compiled with [YYTRACKMAXSTACKDEPTH].</dd>)^
+** </dl>
+**
+** New status parameters may be added from time to time.
+*/
+#define SQLITE_STATUS_MEMORY_USED 0
+#define SQLITE_STATUS_PAGECACHE_USED 1
+#define SQLITE_STATUS_PAGECACHE_OVERFLOW 2
+#define SQLITE_STATUS_SCRATCH_USED 3
+#define SQLITE_STATUS_SCRATCH_OVERFLOW 4
+#define SQLITE_STATUS_MALLOC_SIZE 5
+#define SQLITE_STATUS_PARSER_STACK 6
+#define SQLITE_STATUS_PAGECACHE_SIZE 7
+#define SQLITE_STATUS_SCRATCH_SIZE 8
+#define SQLITE_STATUS_MALLOC_COUNT 9
+
+/*
+** CAPI3REF: Database Connection Status
+** METHOD: sqlite3
+**
+** ^This interface is used to retrieve runtime status information
+** about a single [database connection]. ^The first argument is the
+** database connection object to be interrogated. ^The second argument
+** is an integer constant, taken from the set of
+** [SQLITE_DBSTATUS options], that
+** determines the parameter to interrogate. The set of
+** [SQLITE_DBSTATUS options] is likely
+** to grow in future releases of SQLite.
+**
+** ^The current value of the requested parameter is written into *pCur
+** and the highest instantaneous value is written into *pHiwtr. ^If
+** the resetFlg is true, then the highest instantaneous value is
+** reset back down to the current value.
+**
+** ^The sqlite3_db_status() routine returns SQLITE_OK on success and a
+** non-zero [error code] on failure.
+**
+** See also: [sqlite3_status()] and [sqlite3_stmt_status()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int resetFlg);
+
+/*
+** CAPI3REF: Status Parameters for database connections
+** KEYWORDS: {SQLITE_DBSTATUS options}
+**
+** These constants are the available integer "verbs" that can be passed as
+** the second argument to the [sqlite3_db_status()] interface.
+**
+** New verbs may be added in future releases of SQLite. Existing verbs
+** might be discontinued. Applications should check the return code from
+** [sqlite3_db_status()] to make sure that the call worked.
+** The [sqlite3_db_status()] interface will return a non-zero error code
+** if a discontinued or unsupported verb is invoked.
+**
+** <dl>
+** [[SQLITE_DBSTATUS_LOOKASIDE_USED]] ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_USED</dt>
+** <dd>This parameter returns the number of lookaside memory slots currently
+** checked out.</dd>)^
+**
+** [[SQLITE_DBSTATUS_LOOKASIDE_HIT]] ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_HIT</dt>
+** <dd>This parameter returns the number malloc attempts that were
+** satisfied using lookaside memory. Only the high-water value is meaningful;
+** the current value is always zero.)^
+**
+** [[SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE]]
+** ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE</dt>
+** <dd>This parameter returns the number malloc attempts that might have
+** been satisfied using lookaside memory but failed due to the amount of
+** memory requested being larger than the lookaside slot size.
+** Only the high-water value is meaningful;
+** the current value is always zero.)^
+**
+** [[SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL]]
+** ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL</dt>
+** <dd>This parameter returns the number malloc attempts that might have
+** been satisfied using lookaside memory but failed due to all lookaside
+** memory already being in use.
+** Only the high-water value is meaningful;
+** the current value is always zero.)^
+**
+** [[SQLITE_DBSTATUS_CACHE_USED]] ^(<dt>SQLITE_DBSTATUS_CACHE_USED</dt>
+** <dd>This parameter returns the approximate number of bytes of heap
+** memory used by all pager caches associated with the database connection.)^
+** ^The highwater mark associated with SQLITE_DBSTATUS_CACHE_USED is always 0.
+**
+** [[SQLITE_DBSTATUS_SCHEMA_USED]] ^(<dt>SQLITE_DBSTATUS_SCHEMA_USED</dt>
+** <dd>This parameter returns the approximate number of bytes of heap
+** memory used to store the schema for all databases associated
+** with the connection - main, temp, and any [ATTACH]-ed databases.)^
+** ^The full amount of memory used by the schemas is reported, even if the
+** schema memory is shared with other database connections due to
+** [shared cache mode] being enabled.
+** ^The highwater mark associated with SQLITE_DBSTATUS_SCHEMA_USED is always 0.
+**
+** [[SQLITE_DBSTATUS_STMT_USED]] ^(<dt>SQLITE_DBSTATUS_STMT_USED</dt>
+** <dd>This parameter returns the approximate number of bytes of heap
+** and lookaside memory used by all prepared statements associated with
+** the database connection.)^
+** ^The highwater mark associated with SQLITE_DBSTATUS_STMT_USED is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_CACHE_HIT]] ^(<dt>SQLITE_DBSTATUS_CACHE_HIT</dt>
+** <dd>This parameter returns the number of pager cache hits that have
+** occurred.)^ ^The highwater mark associated with SQLITE_DBSTATUS_CACHE_HIT
+** is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_CACHE_MISS]] ^(<dt>SQLITE_DBSTATUS_CACHE_MISS</dt>
+** <dd>This parameter returns the number of pager cache misses that have
+** occurred.)^ ^The highwater mark associated with SQLITE_DBSTATUS_CACHE_MISS
+** is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_CACHE_WRITE]] ^(<dt>SQLITE_DBSTATUS_CACHE_WRITE</dt>
+** <dd>This parameter returns the number of dirty cache entries that have
+** been written to disk. Specifically, the number of pages written to the
+** wal file in wal mode databases, or the number of pages written to the
+** database file in rollback mode databases. Any pages written as part of
+** transaction rollback or database recovery operations are not included.
+** If an IO or other error occurs while writing a page to disk, the effect
+** on subsequent SQLITE_DBSTATUS_CACHE_WRITE requests is undefined.)^ ^The
+** highwater mark associated with SQLITE_DBSTATUS_CACHE_WRITE is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_DEFERRED_FKS]] ^(<dt>SQLITE_DBSTATUS_DEFERRED_FKS</dt>
+** <dd>This parameter returns zero for the current value if and only if
+** all foreign key constraints (deferred or immediate) have been
+** resolved.)^ ^The highwater mark is always 0.
+** </dd>
+** </dl>
+*/
+#define SQLITE_DBSTATUS_LOOKASIDE_USED 0
+#define SQLITE_DBSTATUS_CACHE_USED 1
+#define SQLITE_DBSTATUS_SCHEMA_USED 2
+#define SQLITE_DBSTATUS_STMT_USED 3
+#define SQLITE_DBSTATUS_LOOKASIDE_HIT 4
+#define SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE 5
+#define SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL 6
+#define SQLITE_DBSTATUS_CACHE_HIT 7
+#define SQLITE_DBSTATUS_CACHE_MISS 8
+#define SQLITE_DBSTATUS_CACHE_WRITE 9
+#define SQLITE_DBSTATUS_DEFERRED_FKS 10
+#define SQLITE_DBSTATUS_MAX 10 /* Largest defined DBSTATUS */
+
+
+/*
+** CAPI3REF: Prepared Statement Status
+** METHOD: sqlite3_stmt
+**
+** ^(Each prepared statement maintains various
+** [SQLITE_STMTSTATUS counters] that measure the number
+** of times it has performed specific operations.)^ These counters can
+** be used to monitor the performance characteristics of the prepared
+** statements. For example, if the number of table steps greatly exceeds
+** the number of table searches or result rows, that would tend to indicate
+** that the prepared statement is using a full table scan rather than
+** an index.
+**
+** ^(This interface is used to retrieve and reset counter values from
+** a [prepared statement]. The first argument is the prepared statement
+** object to be interrogated. The second argument
+** is an integer code for a specific [SQLITE_STMTSTATUS counter]
+** to be interrogated.)^
+** ^The current value of the requested counter is returned.
+** ^If the resetFlg is true, then the counter is reset to zero after this
+** interface call returns.
+**
+** See also: [sqlite3_status()] and [sqlite3_db_status()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_status(sqlite3_stmt*, int op,int resetFlg);
+
+/*
+** CAPI3REF: Status Parameters for prepared statements
+** KEYWORDS: {SQLITE_STMTSTATUS counter} {SQLITE_STMTSTATUS counters}
+**
+** These preprocessor macros define integer codes that name counter
+** values associated with the [sqlite3_stmt_status()] interface.
+** The meanings of the various counters are as follows:
+**
+** <dl>
+** [[SQLITE_STMTSTATUS_FULLSCAN_STEP]] <dt>SQLITE_STMTSTATUS_FULLSCAN_STEP</dt>
+** <dd>^This is the number of times that SQLite has stepped forward in
+** a table as part of a full table scan. Large numbers for this counter
+** may indicate opportunities for performance improvement through
+** careful use of indices.</dd>
+**
+** [[SQLITE_STMTSTATUS_SORT]] <dt>SQLITE_STMTSTATUS_SORT</dt>
+** <dd>^This is the number of sort operations that have occurred.
+** A non-zero value in this counter may indicate an opportunity to
+** improvement performance through careful use of indices.</dd>
+**
+** [[SQLITE_STMTSTATUS_AUTOINDEX]] <dt>SQLITE_STMTSTATUS_AUTOINDEX</dt>
+** <dd>^This is the number of rows inserted into transient indices that
+** were created automatically in order to help joins run faster.
+** A non-zero value in this counter may indicate an opportunity to
+** improvement performance by adding permanent indices that do not
+** need to be reinitialized each time the statement is run.</dd>
+**
+** [[SQLITE_STMTSTATUS_VM_STEP]] <dt>SQLITE_STMTSTATUS_VM_STEP</dt>
+** <dd>^This is the number of virtual machine operations executed
+** by the prepared statement if that number is less than or equal
+** to 2147483647. The number of virtual machine operations can be
+** used as a proxy for the total work done by the prepared statement.
+** If the number of virtual machine operations exceeds 2147483647
+** then the value returned by this statement status code is undefined.
+** </dd>
+** </dl>
+*/
+#define SQLITE_STMTSTATUS_FULLSCAN_STEP 1
+#define SQLITE_STMTSTATUS_SORT 2
+#define SQLITE_STMTSTATUS_AUTOINDEX 3
+#define SQLITE_STMTSTATUS_VM_STEP 4
+
+/*
+** CAPI3REF: Custom Page Cache Object
+**
+** The sqlite3_pcache type is opaque. It is implemented by
+** the pluggable module. The SQLite core has no knowledge of
+** its size or internal structure and never deals with the
+** sqlite3_pcache object except by holding and passing pointers
+** to the object.
+**
+** See [sqlite3_pcache_methods2] for additional information.
+*/
+typedef struct sqlite3_pcache sqlite3_pcache;
+
+/*
+** CAPI3REF: Custom Page Cache Object
+**
+** The sqlite3_pcache_page object represents a single page in the
+** page cache. The page cache will allocate instances of this
+** object. Various methods of the page cache use pointers to instances
+** of this object as parameters or as their return value.
+**
+** See [sqlite3_pcache_methods2] for additional information.
+*/
+typedef struct sqlite3_pcache_page sqlite3_pcache_page;
+struct sqlite3_pcache_page {
+ void *pBuf; /* The content of the page */
+ void *pExtra; /* Extra information associated with the page */
+};
+
+/*
+** CAPI3REF: Application Defined Page Cache.
+** KEYWORDS: {page cache}
+**
+** ^(The [sqlite3_config]([SQLITE_CONFIG_PCACHE2], ...) interface can
+** register an alternative page cache implementation by passing in an
+** instance of the sqlite3_pcache_methods2 structure.)^
+** In many applications, most of the heap memory allocated by
+** SQLite is used for the page cache.
+** By implementing a
+** custom page cache using this API, an application can better control
+** the amount of memory consumed by SQLite, the way in which
+** that memory is allocated and released, and the policies used to
+** determine exactly which parts of a database file are cached and for
+** how long.
+**
+** The alternative page cache mechanism is an
+** extreme measure that is only needed by the most demanding applications.
+** The built-in page cache is recommended for most uses.
+**
+** ^(The contents of the sqlite3_pcache_methods2 structure are copied to an
+** internal buffer by SQLite within the call to [sqlite3_config]. Hence
+** the application may discard the parameter after the call to
+** [sqlite3_config()] returns.)^
+**
+** [[the xInit() page cache method]]
+** ^(The xInit() method is called once for each effective
+** call to [sqlite3_initialize()])^
+** (usually only once during the lifetime of the process). ^(The xInit()
+** method is passed a copy of the sqlite3_pcache_methods2.pArg value.)^
+** The intent of the xInit() method is to set up global data structures
+** required by the custom page cache implementation.
+** ^(If the xInit() method is NULL, then the
+** built-in default page cache is used instead of the application defined
+** page cache.)^
+**
+** [[the xShutdown() page cache method]]
+** ^The xShutdown() method is called by [sqlite3_shutdown()].
+** It can be used to clean up
+** any outstanding resources before process shutdown, if required.
+** ^The xShutdown() method may be NULL.
+**
+** ^SQLite automatically serializes calls to the xInit method,
+** so the xInit method need not be threadsafe. ^The
+** xShutdown method is only called from [sqlite3_shutdown()] so it does
+** not need to be threadsafe either. All other methods must be threadsafe
+** in multithreaded applications.
+**
+** ^SQLite will never invoke xInit() more than once without an intervening
+** call to xShutdown().
+**
+** [[the xCreate() page cache methods]]
+** ^SQLite invokes the xCreate() method to construct a new cache instance.
+** SQLite will typically create one cache instance for each open database file,
+** though this is not guaranteed. ^The
+** first parameter, szPage, is the size in bytes of the pages that must
+** be allocated by the cache. ^szPage will always a power of two. ^The
+** second parameter szExtra is a number of bytes of extra storage
+** associated with each page cache entry. ^The szExtra parameter will
+** a number less than 250. SQLite will use the
+** extra szExtra bytes on each page to store metadata about the underlying
+** database page on disk. The value passed into szExtra depends
+** on the SQLite version, the target platform, and how SQLite was compiled.
+** ^The third argument to xCreate(), bPurgeable, is true if the cache being
+** created will be used to cache database pages of a file stored on disk, or
+** false if it is used for an in-memory database. The cache implementation
+** does not have to do anything special based with the value of bPurgeable;
+** it is purely advisory. ^On a cache where bPurgeable is false, SQLite will
+** never invoke xUnpin() except to deliberately delete a page.
+** ^In other words, calls to xUnpin() on a cache with bPurgeable set to
+** false will always have the "discard" flag set to true.
+** ^Hence, a cache created with bPurgeable false will
+** never contain any unpinned pages.
+**
+** [[the xCachesize() page cache method]]
+** ^(The xCachesize() method may be called at any time by SQLite to set the
+** suggested maximum cache-size (number of pages stored by) the cache
+** instance passed as the first argument. This is the value configured using
+** the SQLite "[PRAGMA cache_size]" command.)^ As with the bPurgeable
+** parameter, the implementation is not required to do anything with this
+** value; it is advisory only.
+**
+** [[the xPagecount() page cache methods]]
+** The xPagecount() method must return the number of pages currently
+** stored in the cache, both pinned and unpinned.
+**
+** [[the xFetch() page cache methods]]
+** The xFetch() method locates a page in the cache and returns a pointer to
+** an sqlite3_pcache_page object associated with that page, or a NULL pointer.
+** The pBuf element of the returned sqlite3_pcache_page object will be a
+** pointer to a buffer of szPage bytes used to store the content of a
+** single database page. The pExtra element of sqlite3_pcache_page will be
+** a pointer to the szExtra bytes of extra storage that SQLite has requested
+** for each entry in the page cache.
+**
+** The page to be fetched is determined by the key. ^The minimum key value
+** is 1. After it has been retrieved using xFetch, the page is considered
+** to be "pinned".
+**
+** If the requested page is already in the page cache, then the page cache
+** implementation must return a pointer to the page buffer with its content
+** intact. If the requested page is not already in the cache, then the
+** cache implementation should use the value of the createFlag
+** parameter to help it determined what action to take:
+**
+** <table border=1 width=85% align=center>
+** <tr><th> createFlag <th> Behavior when page is not already in cache
+** <tr><td> 0 <td> Do not allocate a new page. Return NULL.
+** <tr><td> 1 <td> Allocate a new page if it easy and convenient to do so.
+** Otherwise return NULL.
+** <tr><td> 2 <td> Make every effort to allocate a new page. Only return
+** NULL if allocating a new page is effectively impossible.
+** </table>
+**
+** ^(SQLite will normally invoke xFetch() with a createFlag of 0 or 1. SQLite
+** will only use a createFlag of 2 after a prior call with a createFlag of 1
+** failed.)^ In between the to xFetch() calls, SQLite may
+** attempt to unpin one or more cache pages by spilling the content of
+** pinned pages to disk and synching the operating system disk cache.
+**
+** [[the xUnpin() page cache method]]
+** ^xUnpin() is called by SQLite with a pointer to a currently pinned page
+** as its second argument. If the third parameter, discard, is non-zero,
+** then the page must be evicted from the cache.
+** ^If the discard parameter is
+** zero, then the page may be discarded or retained at the discretion of
+** page cache implementation. ^The page cache implementation
+** may choose to evict unpinned pages at any time.
+**
+** The cache must not perform any reference counting. A single
+** call to xUnpin() unpins the page regardless of the number of prior calls
+** to xFetch().
+**
+** [[the xRekey() page cache methods]]
+** The xRekey() method is used to change the key value associated with the
+** page passed as the second argument. If the cache
+** previously contains an entry associated with newKey, it must be
+** discarded. ^Any prior cache entry associated with newKey is guaranteed not
+** to be pinned.
+**
+** When SQLite calls the xTruncate() method, the cache must discard all
+** existing cache entries with page numbers (keys) greater than or equal
+** to the value of the iLimit parameter passed to xTruncate(). If any
+** of these pages are pinned, they are implicitly unpinned, meaning that
+** they can be safely discarded.
+**
+** [[the xDestroy() page cache method]]
+** ^The xDestroy() method is used to delete a cache allocated by xCreate().
+** All resources associated with the specified cache should be freed. ^After
+** calling the xDestroy() method, SQLite considers the [sqlite3_pcache*]
+** handle invalid, and will not use it with any other sqlite3_pcache_methods2
+** functions.
+**
+** [[the xShrink() page cache method]]
+** ^SQLite invokes the xShrink() method when it wants the page cache to
+** free up as much of heap memory as possible. The page cache implementation
+** is not obligated to free any memory, but well-behaved implementations should
+** do their best.
+*/
+typedef struct sqlite3_pcache_methods2 sqlite3_pcache_methods2;
+struct sqlite3_pcache_methods2 {
+ int iVersion;
+ void *pArg;
+ int (*xInit)(void*);
+ void (*xShutdown)(void*);
+ sqlite3_pcache *(*xCreate)(int szPage, int szExtra, int bPurgeable);
+ void (*xCachesize)(sqlite3_pcache*, int nCachesize);
+ int (*xPagecount)(sqlite3_pcache*);
+ sqlite3_pcache_page *(*xFetch)(sqlite3_pcache*, unsigned key, int createFlag);
+ void (*xUnpin)(sqlite3_pcache*, sqlite3_pcache_page*, int discard);
+ void (*xRekey)(sqlite3_pcache*, sqlite3_pcache_page*,
+ unsigned oldKey, unsigned newKey);
+ void (*xTruncate)(sqlite3_pcache*, unsigned iLimit);
+ void (*xDestroy)(sqlite3_pcache*);
+ void (*xShrink)(sqlite3_pcache*);
+};
+
+/*
+** This is the obsolete pcache_methods object that has now been replaced
+** by sqlite3_pcache_methods2. This object is not used by SQLite. It is
+** retained in the header file for backwards compatibility only.
+*/
+typedef struct sqlite3_pcache_methods sqlite3_pcache_methods;
+struct sqlite3_pcache_methods {
+ void *pArg;
+ int (*xInit)(void*);
+ void (*xShutdown)(void*);
+ sqlite3_pcache *(*xCreate)(int szPage, int bPurgeable);
+ void (*xCachesize)(sqlite3_pcache*, int nCachesize);
+ int (*xPagecount)(sqlite3_pcache*);
+ void *(*xFetch)(sqlite3_pcache*, unsigned key, int createFlag);
+ void (*xUnpin)(sqlite3_pcache*, void*, int discard);
+ void (*xRekey)(sqlite3_pcache*, void*, unsigned oldKey, unsigned newKey);
+ void (*xTruncate)(sqlite3_pcache*, unsigned iLimit);
+ void (*xDestroy)(sqlite3_pcache*);
+};
+
+
+/*
+** CAPI3REF: Online Backup Object
+**
+** The sqlite3_backup object records state information about an ongoing
+** online backup operation. ^The sqlite3_backup object is created by
+** a call to [sqlite3_backup_init()] and is destroyed by a call to
+** [sqlite3_backup_finish()].
+**
+** See Also: [Using the SQLite Online Backup API]
+*/
+typedef struct sqlite3_backup sqlite3_backup;
+
+/*
+** CAPI3REF: Online Backup API.
+**
+** The backup API copies the content of one database into another.
+** It is useful either for creating backups of databases or
+** for copying in-memory databases to or from persistent files.
+**
+** See Also: [Using the SQLite Online Backup API]
+**
+** ^SQLite holds a write transaction open on the destination database file
+** for the duration of the backup operation.
+** ^The source database is read-locked only while it is being read;
+** it is not locked continuously for the entire backup operation.
+** ^Thus, the backup may be performed on a live source database without
+** preventing other database connections from
+** reading or writing to the source database while the backup is underway.
+**
+** ^(To perform a backup operation:
+** <ol>
+** <li><b>sqlite3_backup_init()</b> is called once to initialize the
+** backup,
+** <li><b>sqlite3_backup_step()</b> is called one or more times to transfer
+** the data between the two databases, and finally
+** <li><b>sqlite3_backup_finish()</b> is called to release all resources
+** associated with the backup operation.
+** </ol>)^
+** There should be exactly one call to sqlite3_backup_finish() for each
+** successful call to sqlite3_backup_init().
+**
+** [[sqlite3_backup_init()]] <b>sqlite3_backup_init()</b>
+**
+** ^The D and N arguments to sqlite3_backup_init(D,N,S,M) are the
+** [database connection] associated with the destination database
+** and the database name, respectively.
+** ^The database name is "main" for the main database, "temp" for the
+** temporary database, or the name specified after the AS keyword in
+** an [ATTACH] statement for an attached database.
+** ^The S and M arguments passed to
+** sqlite3_backup_init(D,N,S,M) identify the [database connection]
+** and database name of the source database, respectively.
+** ^The source and destination [database connections] (parameters S and D)
+** must be different or else sqlite3_backup_init(D,N,S,M) will fail with
+** an error.
+**
+** ^A call to sqlite3_backup_init() will fail, returning SQLITE_ERROR, if
+** there is already a read or read-write transaction open on the
+** destination database.
+**
+** ^If an error occurs within sqlite3_backup_init(D,N,S,M), then NULL is
+** returned and an error code and error message are stored in the
+** destination [database connection] D.
+** ^The error code and message for the failed call to sqlite3_backup_init()
+** can be retrieved using the [sqlite3_errcode()], [sqlite3_errmsg()], and/or
+** [sqlite3_errmsg16()] functions.
+** ^A successful call to sqlite3_backup_init() returns a pointer to an
+** [sqlite3_backup] object.
+** ^The [sqlite3_backup] object may be used with the sqlite3_backup_step() and
+** sqlite3_backup_finish() functions to perform the specified backup
+** operation.
+**
+** [[sqlite3_backup_step()]] <b>sqlite3_backup_step()</b>
+**
+** ^Function sqlite3_backup_step(B,N) will copy up to N pages between
+** the source and destination databases specified by [sqlite3_backup] object B.
+** ^If N is negative, all remaining source pages are copied.
+** ^If sqlite3_backup_step(B,N) successfully copies N pages and there
+** are still more pages to be copied, then the function returns [SQLITE_OK].
+** ^If sqlite3_backup_step(B,N) successfully finishes copying all pages
+** from source to destination, then it returns [SQLITE_DONE].
+** ^If an error occurs while running sqlite3_backup_step(B,N),
+** then an [error code] is returned. ^As well as [SQLITE_OK] and
+** [SQLITE_DONE], a call to sqlite3_backup_step() may return [SQLITE_READONLY],
+** [SQLITE_NOMEM], [SQLITE_BUSY], [SQLITE_LOCKED], or an
+** [SQLITE_IOERR_ACCESS | SQLITE_IOERR_XXX] extended error code.
+**
+** ^(The sqlite3_backup_step() might return [SQLITE_READONLY] if
+** <ol>
+** <li> the destination database was opened read-only, or
+** <li> the destination database is using write-ahead-log journaling
+** and the destination and source page sizes differ, or
+** <li> the destination database is an in-memory database and the
+** destination and source page sizes differ.
+** </ol>)^
+**
+** ^If sqlite3_backup_step() cannot obtain a required file-system lock, then
+** the [sqlite3_busy_handler | busy-handler function]
+** is invoked (if one is specified). ^If the
+** busy-handler returns non-zero before the lock is available, then
+** [SQLITE_BUSY] is returned to the caller. ^In this case the call to
+** sqlite3_backup_step() can be retried later. ^If the source
+** [database connection]
+** is being used to write to the source database when sqlite3_backup_step()
+** is called, then [SQLITE_LOCKED] is returned immediately. ^Again, in this
+** case the call to sqlite3_backup_step() can be retried later on. ^(If
+** [SQLITE_IOERR_ACCESS | SQLITE_IOERR_XXX], [SQLITE_NOMEM], or
+** [SQLITE_READONLY] is returned, then
+** there is no point in retrying the call to sqlite3_backup_step(). These
+** errors are considered fatal.)^ The application must accept
+** that the backup operation has failed and pass the backup operation handle
+** to the sqlite3_backup_finish() to release associated resources.
+**
+** ^The first call to sqlite3_backup_step() obtains an exclusive lock
+** on the destination file. ^The exclusive lock is not released until either
+** sqlite3_backup_finish() is called or the backup operation is complete
+** and sqlite3_backup_step() returns [SQLITE_DONE]. ^Every call to
+** sqlite3_backup_step() obtains a [shared lock] on the source database that
+** lasts for the duration of the sqlite3_backup_step() call.
+** ^Because the source database is not locked between calls to
+** sqlite3_backup_step(), the source database may be modified mid-way
+** through the backup process. ^If the source database is modified by an
+** external process or via a database connection other than the one being
+** used by the backup operation, then the backup will be automatically
+** restarted by the next call to sqlite3_backup_step(). ^If the source
+** database is modified by the using the same database connection as is used
+** by the backup operation, then the backup database is automatically
+** updated at the same time.
+**
+** [[sqlite3_backup_finish()]] <b>sqlite3_backup_finish()</b>
+**
+** When sqlite3_backup_step() has returned [SQLITE_DONE], or when the
+** application wishes to abandon the backup operation, the application
+** should destroy the [sqlite3_backup] by passing it to sqlite3_backup_finish().
+** ^The sqlite3_backup_finish() interfaces releases all
+** resources associated with the [sqlite3_backup] object.
+** ^If sqlite3_backup_step() has not yet returned [SQLITE_DONE], then any
+** active write-transaction on the destination database is rolled back.
+** The [sqlite3_backup] object is invalid
+** and may not be used following a call to sqlite3_backup_finish().
+**
+** ^The value returned by sqlite3_backup_finish is [SQLITE_OK] if no
+** sqlite3_backup_step() errors occurred, regardless or whether or not
+** sqlite3_backup_step() completed.
+** ^If an out-of-memory condition or IO error occurred during any prior
+** sqlite3_backup_step() call on the same [sqlite3_backup] object, then
+** sqlite3_backup_finish() returns the corresponding [error code].
+**
+** ^A return of [SQLITE_BUSY] or [SQLITE_LOCKED] from sqlite3_backup_step()
+** is not a permanent error and does not affect the return value of
+** sqlite3_backup_finish().
+**
+** [[sqlite3_backup_remaining()]] [[sqlite3_backup_pagecount()]]
+** <b>sqlite3_backup_remaining() and sqlite3_backup_pagecount()</b>
+**
+** ^The sqlite3_backup_remaining() routine returns the number of pages still
+** to be backed up at the conclusion of the most recent sqlite3_backup_step().
+** ^The sqlite3_backup_pagecount() routine returns the total number of pages
+** in the source database at the conclusion of the most recent
+** sqlite3_backup_step().
+** ^(The values returned by these functions are only updated by
+** sqlite3_backup_step(). If the source database is modified in a way that
+** changes the size of the source database or the number of pages remaining,
+** those changes are not reflected in the output of sqlite3_backup_pagecount()
+** and sqlite3_backup_remaining() until after the next
+** sqlite3_backup_step().)^
+**
+** <b>Concurrent Usage of Database Handles</b>
+**
+** ^The source [database connection] may be used by the application for other
+** purposes while a backup operation is underway or being initialized.
+** ^If SQLite is compiled and configured to support threadsafe database
+** connections, then the source database connection may be used concurrently
+** from within other threads.
+**
+** However, the application must guarantee that the destination
+** [database connection] is not passed to any other API (by any thread) after
+** sqlite3_backup_init() is called and before the corresponding call to
+** sqlite3_backup_finish(). SQLite does not currently check to see
+** if the application incorrectly accesses the destination [database connection]
+** and so no error code is reported, but the operations may malfunction
+** nevertheless. Use of the destination database connection while a
+** backup is in progress might also also cause a mutex deadlock.
+**
+** If running in [shared cache mode], the application must
+** guarantee that the shared cache used by the destination database
+** is not accessed while the backup is running. In practice this means
+** that the application must guarantee that the disk file being
+** backed up to is not accessed by any connection within the process,
+** not just the specific connection that was passed to sqlite3_backup_init().
+**
+** The [sqlite3_backup] object itself is partially threadsafe. Multiple
+** threads may safely make multiple concurrent calls to sqlite3_backup_step().
+** However, the sqlite3_backup_remaining() and sqlite3_backup_pagecount()
+** APIs are not strictly speaking threadsafe. If they are invoked at the
+** same time as another thread is invoking sqlite3_backup_step() it is
+** possible that they return invalid values.
+*/
+SQLITE_API sqlite3_backup *SQLITE_STDCALL sqlite3_backup_init(
+ sqlite3 *pDest, /* Destination database handle */
+ const char *zDestName, /* Destination database name */
+ sqlite3 *pSource, /* Source database handle */
+ const char *zSourceName /* Source database name */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_step(sqlite3_backup *p, int nPage);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_finish(sqlite3_backup *p);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_remaining(sqlite3_backup *p);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_pagecount(sqlite3_backup *p);
+
+/*
+** CAPI3REF: Unlock Notification
+** METHOD: sqlite3
+**
+** ^When running in shared-cache mode, a database operation may fail with
+** an [SQLITE_LOCKED] error if the required locks on the shared-cache or
+** individual tables within the shared-cache cannot be obtained. See
+** [SQLite Shared-Cache Mode] for a description of shared-cache locking.
+** ^This API may be used to register a callback that SQLite will invoke
+** when the connection currently holding the required lock relinquishes it.
+** ^This API is only available if the library was compiled with the
+** [SQLITE_ENABLE_UNLOCK_NOTIFY] C-preprocessor symbol defined.
+**
+** See Also: [Using the SQLite Unlock Notification Feature].
+**
+** ^Shared-cache locks are released when a database connection concludes
+** its current transaction, either by committing it or rolling it back.
+**
+** ^When a connection (known as the blocked connection) fails to obtain a
+** shared-cache lock and SQLITE_LOCKED is returned to the caller, the
+** identity of the database connection (the blocking connection) that
+** has locked the required resource is stored internally. ^After an
+** application receives an SQLITE_LOCKED error, it may call the
+** sqlite3_unlock_notify() method with the blocked connection handle as
+** the first argument to register for a callback that will be invoked
+** when the blocking connections current transaction is concluded. ^The
+** callback is invoked from within the [sqlite3_step] or [sqlite3_close]
+** call that concludes the blocking connections transaction.
+**
+** ^(If sqlite3_unlock_notify() is called in a multi-threaded application,
+** there is a chance that the blocking connection will have already
+** concluded its transaction by the time sqlite3_unlock_notify() is invoked.
+** If this happens, then the specified callback is invoked immediately,
+** from within the call to sqlite3_unlock_notify().)^
+**
+** ^If the blocked connection is attempting to obtain a write-lock on a
+** shared-cache table, and more than one other connection currently holds
+** a read-lock on the same table, then SQLite arbitrarily selects one of
+** the other connections to use as the blocking connection.
+**
+** ^(There may be at most one unlock-notify callback registered by a
+** blocked connection. If sqlite3_unlock_notify() is called when the
+** blocked connection already has a registered unlock-notify callback,
+** then the new callback replaces the old.)^ ^If sqlite3_unlock_notify() is
+** called with a NULL pointer as its second argument, then any existing
+** unlock-notify callback is canceled. ^The blocked connections
+** unlock-notify callback may also be canceled by closing the blocked
+** connection using [sqlite3_close()].
+**
+** The unlock-notify callback is not reentrant. If an application invokes
+** any sqlite3_xxx API functions from within an unlock-notify callback, a
+** crash or deadlock may be the result.
+**
+** ^Unless deadlock is detected (see below), sqlite3_unlock_notify() always
+** returns SQLITE_OK.
+**
+** <b>Callback Invocation Details</b>
+**
+** When an unlock-notify callback is registered, the application provides a
+** single void* pointer that is passed to the callback when it is invoked.
+** However, the signature of the callback function allows SQLite to pass
+** it an array of void* context pointers. The first argument passed to
+** an unlock-notify callback is a pointer to an array of void* pointers,
+** and the second is the number of entries in the array.
+**
+** When a blocking connections transaction is concluded, there may be
+** more than one blocked connection that has registered for an unlock-notify
+** callback. ^If two or more such blocked connections have specified the
+** same callback function, then instead of invoking the callback function
+** multiple times, it is invoked once with the set of void* context pointers
+** specified by the blocked connections bundled together into an array.
+** This gives the application an opportunity to prioritize any actions
+** related to the set of unblocked database connections.
+**
+** <b>Deadlock Detection</b>
+**
+** Assuming that after registering for an unlock-notify callback a
+** database waits for the callback to be issued before taking any further
+** action (a reasonable assumption), then using this API may cause the
+** application to deadlock. For example, if connection X is waiting for
+** connection Y's transaction to be concluded, and similarly connection
+** Y is waiting on connection X's transaction, then neither connection
+** will proceed and the system may remain deadlocked indefinitely.
+**
+** To avoid this scenario, the sqlite3_unlock_notify() performs deadlock
+** detection. ^If a given call to sqlite3_unlock_notify() would put the
+** system in a deadlocked state, then SQLITE_LOCKED is returned and no
+** unlock-notify callback is registered. The system is said to be in
+** a deadlocked state if connection A has registered for an unlock-notify
+** callback on the conclusion of connection B's transaction, and connection
+** B has itself registered for an unlock-notify callback when connection
+** A's transaction is concluded. ^Indirect deadlock is also detected, so
+** the system is also considered to be deadlocked if connection B has
+** registered for an unlock-notify callback on the conclusion of connection
+** C's transaction, where connection C is waiting on connection A. ^Any
+** number of levels of indirection are allowed.
+**
+** <b>The "DROP TABLE" Exception</b>
+**
+** When a call to [sqlite3_step()] returns SQLITE_LOCKED, it is almost
+** always appropriate to call sqlite3_unlock_notify(). There is however,
+** one exception. When executing a "DROP TABLE" or "DROP INDEX" statement,
+** SQLite checks if there are any currently executing SELECT statements
+** that belong to the same connection. If there are, SQLITE_LOCKED is
+** returned. In this case there is no "blocking connection", so invoking
+** sqlite3_unlock_notify() results in the unlock-notify callback being
+** invoked immediately. If the application then re-attempts the "DROP TABLE"
+** or "DROP INDEX" query, an infinite loop might be the result.
+**
+** One way around this problem is to check the extended error code returned
+** by an sqlite3_step() call. ^(If there is a blocking connection, then the
+** extended error code is set to SQLITE_LOCKED_SHAREDCACHE. Otherwise, in
+** the special "DROP TABLE/INDEX" case, the extended error code is just
+** SQLITE_LOCKED.)^
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_unlock_notify(
+ sqlite3 *pBlocked, /* Waiting connection */
+ void (*xNotify)(void **apArg, int nArg), /* Callback function to invoke */
+ void *pNotifyArg /* Argument to pass to xNotify */
+);
+
+
+/*
+** CAPI3REF: String Comparison
+**
+** ^The [sqlite3_stricmp()] and [sqlite3_strnicmp()] APIs allow applications
+** and extensions to compare the contents of two buffers containing UTF-8
+** strings in a case-independent fashion, using the same definition of "case
+** independence" that SQLite uses internally when comparing identifiers.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stricmp(const char *, const char *);
+SQLITE_API int SQLITE_STDCALL sqlite3_strnicmp(const char *, const char *, int);
+
+/*
+** CAPI3REF: String Globbing
+*
+** ^The [sqlite3_strglob(P,X)] interface returns zero if and only if
+** string X matches the [GLOB] pattern P.
+** ^The definition of [GLOB] pattern matching used in
+** [sqlite3_strglob(P,X)] is the same as for the "X GLOB P" operator in the
+** SQL dialect understood by SQLite. ^The [sqlite3_strglob(P,X)] function
+** is case sensitive.
+**
+** Note that this routine returns zero on a match and non-zero if the strings
+** do not match, the same as [sqlite3_stricmp()] and [sqlite3_strnicmp()].
+**
+** See also: [sqlite3_strlike()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_strglob(const char *zGlob, const char *zStr);
+
+/*
+** CAPI3REF: String LIKE Matching
+*
+** ^The [sqlite3_strlike(P,X,E)] interface returns zero if and only if
+** string X matches the [LIKE] pattern P with escape character E.
+** ^The definition of [LIKE] pattern matching used in
+** [sqlite3_strlike(P,X,E)] is the same as for the "X LIKE P ESCAPE E"
+** operator in the SQL dialect understood by SQLite. ^For "X LIKE P" without
+** the ESCAPE clause, set the E parameter of [sqlite3_strlike(P,X,E)] to 0.
+** ^As with the LIKE operator, the [sqlite3_strlike(P,X,E)] function is case
+** insensitive - equivalent upper and lower case ASCII characters match
+** one another.
+**
+** ^The [sqlite3_strlike(P,X,E)] function matches Unicode characters, though
+** only ASCII characters are case folded.
+**
+** Note that this routine returns zero on a match and non-zero if the strings
+** do not match, the same as [sqlite3_stricmp()] and [sqlite3_strnicmp()].
+**
+** See also: [sqlite3_strglob()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_strlike(const char *zGlob, const char *zStr, unsigned int cEsc);
+
+/*
+** CAPI3REF: Error Logging Interface
+**
+** ^The [sqlite3_log()] interface writes a message into the [error log]
+** established by the [SQLITE_CONFIG_LOG] option to [sqlite3_config()].
+** ^If logging is enabled, the zFormat string and subsequent arguments are
+** used with [sqlite3_snprintf()] to generate the final output string.
+**
+** The sqlite3_log() interface is intended for use by extensions such as
+** virtual tables, collating functions, and SQL functions. While there is
+** nothing to prevent an application from calling sqlite3_log(), doing so
+** is considered bad form.
+**
+** The zFormat string must not be NULL.
+**
+** To avoid deadlocks and other threading problems, the sqlite3_log() routine
+** will not use dynamically allocated memory. The log message is stored in
+** a fixed-length buffer on the stack. If the log message is longer than
+** a few hundred characters, it will be truncated to the length of the
+** buffer.
+*/
+SQLITE_API void SQLITE_CDECL sqlite3_log(int iErrCode, const char *zFormat, ...);
+
+/*
+** CAPI3REF: Write-Ahead Log Commit Hook
+** METHOD: sqlite3
+**
+** ^The [sqlite3_wal_hook()] function is used to register a callback that
+** is invoked each time data is committed to a database in wal mode.
+**
+** ^(The callback is invoked by SQLite after the commit has taken place and
+** the associated write-lock on the database released)^, so the implementation
+** may read, write or [checkpoint] the database as required.
+**
+** ^The first parameter passed to the callback function when it is invoked
+** is a copy of the third parameter passed to sqlite3_wal_hook() when
+** registering the callback. ^The second is a copy of the database handle.
+** ^The third parameter is the name of the database that was written to -
+** either "main" or the name of an [ATTACH]-ed database. ^The fourth parameter
+** is the number of pages currently in the write-ahead log file,
+** including those that were just committed.
+**
+** The callback function should normally return [SQLITE_OK]. ^If an error
+** code is returned, that error will propagate back up through the
+** SQLite code base to cause the statement that provoked the callback
+** to report an error, though the commit will have still occurred. If the
+** callback returns [SQLITE_ROW] or [SQLITE_DONE], or if it returns a value
+** that does not correspond to any valid SQLite error code, the results
+** are undefined.
+**
+** A single database handle may have at most a single write-ahead log callback
+** registered at one time. ^Calling [sqlite3_wal_hook()] replaces any
+** previously registered write-ahead log callback. ^Note that the
+** [sqlite3_wal_autocheckpoint()] interface and the
+** [wal_autocheckpoint pragma] both invoke [sqlite3_wal_hook()] and will
+** those overwrite any prior [sqlite3_wal_hook()] settings.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_wal_hook(
+ sqlite3*,
+ int(*)(void *,sqlite3*,const char*,int),
+ void*
+);
+
+/*
+** CAPI3REF: Configure an auto-checkpoint
+** METHOD: sqlite3
+**
+** ^The [sqlite3_wal_autocheckpoint(D,N)] is a wrapper around
+** [sqlite3_wal_hook()] that causes any database on [database connection] D
+** to automatically [checkpoint]
+** after committing a transaction if there are N or
+** more frames in the [write-ahead log] file. ^Passing zero or
+** a negative value as the nFrame parameter disables automatic
+** checkpoints entirely.
+**
+** ^The callback registered by this function replaces any existing callback
+** registered using [sqlite3_wal_hook()]. ^Likewise, registering a callback
+** using [sqlite3_wal_hook()] disables the automatic checkpoint mechanism
+** configured by this function.
+**
+** ^The [wal_autocheckpoint pragma] can be used to invoke this interface
+** from SQL.
+**
+** ^Checkpoints initiated by this mechanism are
+** [sqlite3_wal_checkpoint_v2|PASSIVE].
+**
+** ^Every new [database connection] defaults to having the auto-checkpoint
+** enabled with a threshold of 1000 or [SQLITE_DEFAULT_WAL_AUTOCHECKPOINT]
+** pages. The use of this interface
+** is only necessary if the default setting is found to be suboptimal
+** for a particular application.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_autocheckpoint(sqlite3 *db, int N);
+
+/*
+** CAPI3REF: Checkpoint a database
+** METHOD: sqlite3
+**
+** ^(The sqlite3_wal_checkpoint(D,X) is equivalent to
+** [sqlite3_wal_checkpoint_v2](D,X,[SQLITE_CHECKPOINT_PASSIVE],0,0).)^
+**
+** In brief, sqlite3_wal_checkpoint(D,X) causes the content in the
+** [write-ahead log] for database X on [database connection] D to be
+** transferred into the database file and for the write-ahead log to
+** be reset. See the [checkpointing] documentation for addition
+** information.
+**
+** This interface used to be the only way to cause a checkpoint to
+** occur. But then the newer and more powerful [sqlite3_wal_checkpoint_v2()]
+** interface was added. This interface is retained for backwards
+** compatibility and as a convenience for applications that need to manually
+** start a callback but which do not need the full power (and corresponding
+** complication) of [sqlite3_wal_checkpoint_v2()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_checkpoint(sqlite3 *db, const char *zDb);
+
+/*
+** CAPI3REF: Checkpoint a database
+** METHOD: sqlite3
+**
+** ^(The sqlite3_wal_checkpoint_v2(D,X,M,L,C) interface runs a checkpoint
+** operation on database X of [database connection] D in mode M. Status
+** information is written back into integers pointed to by L and C.)^
+** ^(The M parameter must be a valid [checkpoint mode]:)^
+**
+** <dl>
+** <dt>SQLITE_CHECKPOINT_PASSIVE<dd>
+** ^Checkpoint as many frames as possible without waiting for any database
+** readers or writers to finish, then sync the database file if all frames
+** in the log were checkpointed. ^The [busy-handler callback]
+** is never invoked in the SQLITE_CHECKPOINT_PASSIVE mode.
+** ^On the other hand, passive mode might leave the checkpoint unfinished
+** if there are concurrent readers or writers.
+**
+** <dt>SQLITE_CHECKPOINT_FULL<dd>
+** ^This mode blocks (it invokes the
+** [sqlite3_busy_handler|busy-handler callback]) until there is no
+** database writer and all readers are reading from the most recent database
+** snapshot. ^It then checkpoints all frames in the log file and syncs the
+** database file. ^This mode blocks new database writers while it is pending,
+** but new database readers are allowed to continue unimpeded.
+**
+** <dt>SQLITE_CHECKPOINT_RESTART<dd>
+** ^This mode works the same way as SQLITE_CHECKPOINT_FULL with the addition
+** that after checkpointing the log file it blocks (calls the
+** [busy-handler callback])
+** until all readers are reading from the database file only. ^This ensures
+** that the next writer will restart the log file from the beginning.
+** ^Like SQLITE_CHECKPOINT_FULL, this mode blocks new
+** database writer attempts while it is pending, but does not impede readers.
+**
+** <dt>SQLITE_CHECKPOINT_TRUNCATE<dd>
+** ^This mode works the same way as SQLITE_CHECKPOINT_RESTART with the
+** addition that it also truncates the log file to zero bytes just prior
+** to a successful return.
+** </dl>
+**
+** ^If pnLog is not NULL, then *pnLog is set to the total number of frames in
+** the log file or to -1 if the checkpoint could not run because
+** of an error or because the database is not in [WAL mode]. ^If pnCkpt is not
+** NULL,then *pnCkpt is set to the total number of checkpointed frames in the
+** log file (including any that were already checkpointed before the function
+** was called) or to -1 if the checkpoint could not run due to an error or
+** because the database is not in WAL mode. ^Note that upon successful
+** completion of an SQLITE_CHECKPOINT_TRUNCATE, the log file will have been
+** truncated to zero bytes and so both *pnLog and *pnCkpt will be set to zero.
+**
+** ^All calls obtain an exclusive "checkpoint" lock on the database file. ^If
+** any other process is running a checkpoint operation at the same time, the
+** lock cannot be obtained and SQLITE_BUSY is returned. ^Even if there is a
+** busy-handler configured, it will not be invoked in this case.
+**
+** ^The SQLITE_CHECKPOINT_FULL, RESTART and TRUNCATE modes also obtain the
+** exclusive "writer" lock on the database file. ^If the writer lock cannot be
+** obtained immediately, and a busy-handler is configured, it is invoked and
+** the writer lock retried until either the busy-handler returns 0 or the lock
+** is successfully obtained. ^The busy-handler is also invoked while waiting for
+** database readers as described above. ^If the busy-handler returns 0 before
+** the writer lock is obtained or while waiting for database readers, the
+** checkpoint operation proceeds from that point in the same way as
+** SQLITE_CHECKPOINT_PASSIVE - checkpointing as many frames as possible
+** without blocking any further. ^SQLITE_BUSY is returned in this case.
+**
+** ^If parameter zDb is NULL or points to a zero length string, then the
+** specified operation is attempted on all WAL databases [attached] to
+** [database connection] db. In this case the
+** values written to output parameters *pnLog and *pnCkpt are undefined. ^If
+** an SQLITE_BUSY error is encountered when processing one or more of the
+** attached WAL databases, the operation is still attempted on any remaining
+** attached databases and SQLITE_BUSY is returned at the end. ^If any other
+** error occurs while processing an attached database, processing is abandoned
+** and the error code is returned to the caller immediately. ^If no error
+** (SQLITE_BUSY or otherwise) is encountered while processing the attached
+** databases, SQLITE_OK is returned.
+**
+** ^If database zDb is the name of an attached database that is not in WAL
+** mode, SQLITE_OK is returned and both *pnLog and *pnCkpt set to -1. ^If
+** zDb is not NULL (or a zero length string) and is not the name of any
+** attached database, SQLITE_ERROR is returned to the caller.
+**
+** ^Unless it returns SQLITE_MISUSE,
+** the sqlite3_wal_checkpoint_v2() interface
+** sets the error information that is queried by
+** [sqlite3_errcode()] and [sqlite3_errmsg()].
+**
+** ^The [PRAGMA wal_checkpoint] command can be used to invoke this interface
+** from SQL.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_checkpoint_v2(
+ sqlite3 *db, /* Database handle */
+ const char *zDb, /* Name of attached database (or NULL) */
+ int eMode, /* SQLITE_CHECKPOINT_* value */
+ int *pnLog, /* OUT: Size of WAL log in frames */
+ int *pnCkpt /* OUT: Total number of frames checkpointed */
+);
+
+/*
+** CAPI3REF: Checkpoint Mode Values
+** KEYWORDS: {checkpoint mode}
+**
+** These constants define all valid values for the "checkpoint mode" passed
+** as the third parameter to the [sqlite3_wal_checkpoint_v2()] interface.
+** See the [sqlite3_wal_checkpoint_v2()] documentation for details on the
+** meaning of each of these checkpoint modes.
+*/
+#define SQLITE_CHECKPOINT_PASSIVE 0 /* Do as much as possible w/o blocking */
+#define SQLITE_CHECKPOINT_FULL 1 /* Wait for writers, then checkpoint */
+#define SQLITE_CHECKPOINT_RESTART 2 /* Like FULL but wait for for readers */
+#define SQLITE_CHECKPOINT_TRUNCATE 3 /* Like RESTART but also truncate WAL */
+
+/*
+** CAPI3REF: Virtual Table Interface Configuration
+**
+** This function may be called by either the [xConnect] or [xCreate] method
+** of a [virtual table] implementation to configure
+** various facets of the virtual table interface.
+**
+** If this interface is invoked outside the context of an xConnect or
+** xCreate virtual table method then the behavior is undefined.
+**
+** At present, there is only one option that may be configured using
+** this function. (See [SQLITE_VTAB_CONSTRAINT_SUPPORT].) Further options
+** may be added in the future.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_vtab_config(sqlite3*, int op, ...);
+
+/*
+** CAPI3REF: Virtual Table Configuration Options
+**
+** These macros define the various options to the
+** [sqlite3_vtab_config()] interface that [virtual table] implementations
+** can use to customize and optimize their behavior.
+**
+** <dl>
+** <dt>SQLITE_VTAB_CONSTRAINT_SUPPORT
+** <dd>Calls of the form
+** [sqlite3_vtab_config](db,SQLITE_VTAB_CONSTRAINT_SUPPORT,X) are supported,
+** where X is an integer. If X is zero, then the [virtual table] whose
+** [xCreate] or [xConnect] method invoked [sqlite3_vtab_config()] does not
+** support constraints. In this configuration (which is the default) if
+** a call to the [xUpdate] method returns [SQLITE_CONSTRAINT], then the entire
+** statement is rolled back as if [ON CONFLICT | OR ABORT] had been
+** specified as part of the users SQL statement, regardless of the actual
+** ON CONFLICT mode specified.
+**
+** If X is non-zero, then the virtual table implementation guarantees
+** that if [xUpdate] returns [SQLITE_CONSTRAINT], it will do so before
+** any modifications to internal or persistent data structures have been made.
+** If the [ON CONFLICT] mode is ABORT, FAIL, IGNORE or ROLLBACK, SQLite
+** is able to roll back a statement or database transaction, and abandon
+** or continue processing the current SQL statement as appropriate.
+** If the ON CONFLICT mode is REPLACE and the [xUpdate] method returns
+** [SQLITE_CONSTRAINT], SQLite handles this as if the ON CONFLICT mode
+** had been ABORT.
+**
+** Virtual table implementations that are required to handle OR REPLACE
+** must do so within the [xUpdate] method. If a call to the
+** [sqlite3_vtab_on_conflict()] function indicates that the current ON
+** CONFLICT policy is REPLACE, the virtual table implementation should
+** silently replace the appropriate rows within the xUpdate callback and
+** return SQLITE_OK. Or, if this is not possible, it may return
+** SQLITE_CONSTRAINT, in which case SQLite falls back to OR ABORT
+** constraint handling.
+** </dl>
+*/
+#define SQLITE_VTAB_CONSTRAINT_SUPPORT 1
+
+/*
+** CAPI3REF: Determine The Virtual Table Conflict Policy
+**
+** This function may only be called from within a call to the [xUpdate] method
+** of a [virtual table] implementation for an INSERT or UPDATE operation. ^The
+** value returned is one of [SQLITE_ROLLBACK], [SQLITE_IGNORE], [SQLITE_FAIL],
+** [SQLITE_ABORT], or [SQLITE_REPLACE], according to the [ON CONFLICT] mode
+** of the SQL statement that triggered the call to the [xUpdate] method of the
+** [virtual table].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_vtab_on_conflict(sqlite3 *);
+
+/*
+** CAPI3REF: Conflict resolution modes
+** KEYWORDS: {conflict resolution mode}
+**
+** These constants are returned by [sqlite3_vtab_on_conflict()] to
+** inform a [virtual table] implementation what the [ON CONFLICT] mode
+** is for the SQL statement being evaluated.
+**
+** Note that the [SQLITE_IGNORE] constant is also used as a potential
+** return value from the [sqlite3_set_authorizer()] callback and that
+** [SQLITE_ABORT] is also a [result code].
+*/
+#define SQLITE_ROLLBACK 1
+/* #define SQLITE_IGNORE 2 // Also used by sqlite3_authorizer() callback */
+#define SQLITE_FAIL 3
+/* #define SQLITE_ABORT 4 // Also an error code */
+#define SQLITE_REPLACE 5
+
+/*
+** CAPI3REF: Prepared Statement Scan Status Opcodes
+** KEYWORDS: {scanstatus options}
+**
+** The following constants can be used for the T parameter to the
+** [sqlite3_stmt_scanstatus(S,X,T,V)] interface. Each constant designates a
+** different metric for sqlite3_stmt_scanstatus() to return.
+**
+** When the value returned to V is a string, space to hold that string is
+** managed by the prepared statement S and will be automatically freed when
+** S is finalized.
+**
+** <dl>
+** [[SQLITE_SCANSTAT_NLOOP]] <dt>SQLITE_SCANSTAT_NLOOP</dt>
+** <dd>^The [sqlite3_int64] variable pointed to by the T parameter will be
+** set to the total number of times that the X-th loop has run.</dd>
+**
+** [[SQLITE_SCANSTAT_NVISIT]] <dt>SQLITE_SCANSTAT_NVISIT</dt>
+** <dd>^The [sqlite3_int64] variable pointed to by the T parameter will be set
+** to the total number of rows examined by all iterations of the X-th loop.</dd>
+**
+** [[SQLITE_SCANSTAT_EST]] <dt>SQLITE_SCANSTAT_EST</dt>
+** <dd>^The "double" variable pointed to by the T parameter will be set to the
+** query planner's estimate for the average number of rows output from each
+** iteration of the X-th loop. If the query planner's estimates was accurate,
+** then this value will approximate the quotient NVISIT/NLOOP and the
+** product of this value for all prior loops with the same SELECTID will
+** be the NLOOP value for the current loop.
+**
+** [[SQLITE_SCANSTAT_NAME]] <dt>SQLITE_SCANSTAT_NAME</dt>
+** <dd>^The "const char *" variable pointed to by the T parameter will be set
+** to a zero-terminated UTF-8 string containing the name of the index or table
+** used for the X-th loop.
+**
+** [[SQLITE_SCANSTAT_EXPLAIN]] <dt>SQLITE_SCANSTAT_EXPLAIN</dt>
+** <dd>^The "const char *" variable pointed to by the T parameter will be set
+** to a zero-terminated UTF-8 string containing the [EXPLAIN QUERY PLAN]
+** description for the X-th loop.
+**
+** [[SQLITE_SCANSTAT_SELECTID]] <dt>SQLITE_SCANSTAT_SELECT</dt>
+** <dd>^The "int" variable pointed to by the T parameter will be set to the
+** "select-id" for the X-th loop. The select-id identifies which query or
+** subquery the loop is part of. The main query has a select-id of zero.
+** The select-id is the same value as is output in the first column
+** of an [EXPLAIN QUERY PLAN] query.
+** </dl>
+*/
+#define SQLITE_SCANSTAT_NLOOP 0
+#define SQLITE_SCANSTAT_NVISIT 1
+#define SQLITE_SCANSTAT_EST 2
+#define SQLITE_SCANSTAT_NAME 3
+#define SQLITE_SCANSTAT_EXPLAIN 4
+#define SQLITE_SCANSTAT_SELECTID 5
+
+/*
+** CAPI3REF: Prepared Statement Scan Status
+** METHOD: sqlite3_stmt
+**
+** This interface returns information about the predicted and measured
+** performance for pStmt. Advanced applications can use this
+** interface to compare the predicted and the measured performance and
+** issue warnings and/or rerun [ANALYZE] if discrepancies are found.
+**
+** Since this interface is expected to be rarely used, it is only
+** available if SQLite is compiled using the [SQLITE_ENABLE_STMT_SCANSTATUS]
+** compile-time option.
+**
+** The "iScanStatusOp" parameter determines which status information to return.
+** The "iScanStatusOp" must be one of the [scanstatus options] or the behavior
+** of this interface is undefined.
+** ^The requested measurement is written into a variable pointed to by
+** the "pOut" parameter.
+** Parameter "idx" identifies the specific loop to retrieve statistics for.
+** Loops are numbered starting from zero. ^If idx is out of range - less than
+** zero or greater than or equal to the total number of loops used to implement
+** the statement - a non-zero value is returned and the variable that pOut
+** points to is unchanged.
+**
+** ^Statistics might not be available for all loops in all statements. ^In cases
+** where there exist loops with no available statistics, this function behaves
+** as if the loop did not exist - it returns non-zero and leave the variable
+** that pOut points to unchanged.
+**
+** See also: [sqlite3_stmt_scanstatus_reset()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_scanstatus(
+ sqlite3_stmt *pStmt, /* Prepared statement for which info desired */
+ int idx, /* Index of loop to report on */
+ int iScanStatusOp, /* Information desired. SQLITE_SCANSTAT_* */
+ void *pOut /* Result written here */
+);
+
+/*
+** CAPI3REF: Zero Scan-Status Counters
+** METHOD: sqlite3_stmt
+**
+** ^Zero all [sqlite3_stmt_scanstatus()] related event counters.
+**
+** This API is only available if the library is built with pre-processor
+** symbol [SQLITE_ENABLE_STMT_SCANSTATUS] defined.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_stmt_scanstatus_reset(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Flush caches to disk mid-transaction
+**
+** ^If a write-transaction is open on [database connection] D when the
+** [sqlite3_db_cacheflush(D)] interface invoked, any dirty
+** pages in the pager-cache that are not currently in use are written out
+** to disk. A dirty page may be in use if a database cursor created by an
+** active SQL statement is reading from it, or if it is page 1 of a database
+** file (page 1 is always "in use"). ^The [sqlite3_db_cacheflush(D)]
+** interface flushes caches for all schemas - "main", "temp", and
+** any [attached] databases.
+**
+** ^If this function needs to obtain extra database locks before dirty pages
+** can be flushed to disk, it does so. ^If those locks cannot be obtained
+** immediately and there is a busy-handler callback configured, it is invoked
+** in the usual manner. ^If the required lock still cannot be obtained, then
+** the database is skipped and an attempt made to flush any dirty pages
+** belonging to the next (if any) database. ^If any databases are skipped
+** because locks cannot be obtained, but no other error occurs, this
+** function returns SQLITE_BUSY.
+**
+** ^If any other error occurs while flushing dirty pages to disk (for
+** example an IO error or out-of-memory condition), then processing is
+** abandoned and an SQLite [error code] is returned to the caller immediately.
+**
+** ^Otherwise, if no error occurs, [sqlite3_db_cacheflush()] returns SQLITE_OK.
+**
+** ^This function does not set the database handle error code or message
+** returned by the [sqlite3_errcode()] and [sqlite3_errmsg()] functions.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_cacheflush(sqlite3*);
+
+/*
+** CAPI3REF: Database Snapshot
+** KEYWORDS: {snapshot}
+** EXPERIMENTAL
+**
+** An instance of the snapshot object records the state of a [WAL mode]
+** database for some specific point in history.
+**
+** In [WAL mode], multiple [database connections] that are open on the
+** same database file can each be reading a different historical version
+** of the database file. When a [database connection] begins a read
+** transaction, that connection sees an unchanging copy of the database
+** as it existed for the point in time when the transaction first started.
+** Subsequent changes to the database from other connections are not seen
+** by the reader until a new read transaction is started.
+**
+** The sqlite3_snapshot object records state information about an historical
+** version of the database file so that it is possible to later open a new read
+** transaction that sees that historical version of the database rather than
+** the most recent version.
+**
+** The constructor for this object is [sqlite3_snapshot_get()]. The
+** [sqlite3_snapshot_open()] method causes a fresh read transaction to refer
+** to an historical snapshot (if possible). The destructor for
+** sqlite3_snapshot objects is [sqlite3_snapshot_free()].
+*/
+typedef struct sqlite3_snapshot sqlite3_snapshot;
+
+/*
+** CAPI3REF: Record A Database Snapshot
+** EXPERIMENTAL
+**
+** ^The [sqlite3_snapshot_get(D,S,P)] interface attempts to make a
+** new [sqlite3_snapshot] object that records the current state of
+** schema S in database connection D. ^On success, the
+** [sqlite3_snapshot_get(D,S,P)] interface writes a pointer to the newly
+** created [sqlite3_snapshot] object into *P and returns SQLITE_OK.
+** ^If schema S of [database connection] D is not a [WAL mode] database
+** that is in a read transaction, then [sqlite3_snapshot_get(D,S,P)]
+** leaves the *P value unchanged and returns an appropriate [error code].
+**
+** The [sqlite3_snapshot] object returned from a successful call to
+** [sqlite3_snapshot_get()] must be freed using [sqlite3_snapshot_free()]
+** to avoid a memory leak.
+**
+** The [sqlite3_snapshot_get()] interface is only available when the
+** SQLITE_ENABLE_SNAPSHOT compile-time option is used.
+*/
+SQLITE_API SQLITE_EXPERIMENTAL int SQLITE_STDCALL sqlite3_snapshot_get(
+ sqlite3 *db,
+ const char *zSchema,
+ sqlite3_snapshot **ppSnapshot
+);
+
+/*
+** CAPI3REF: Start a read transaction on an historical snapshot
+** EXPERIMENTAL
+**
+** ^The [sqlite3_snapshot_open(D,S,P)] interface attempts to move the
+** read transaction that is currently open on schema S of
+** [database connection] D so that it refers to historical [snapshot] P.
+** ^The [sqlite3_snapshot_open()] interface returns SQLITE_OK on success
+** or an appropriate [error code] if it fails.
+**
+** ^In order to succeed, a call to [sqlite3_snapshot_open(D,S,P)] must be
+** the first operation, apart from other sqlite3_snapshot_open() calls,
+** following the [BEGIN] that starts a new read transaction.
+** ^A [snapshot] will fail to open if it has been overwritten by a
+** [checkpoint].
+**
+** The [sqlite3_snapshot_open()] interface is only available when the
+** SQLITE_ENABLE_SNAPSHOT compile-time option is used.
+*/
+SQLITE_API SQLITE_EXPERIMENTAL int SQLITE_STDCALL sqlite3_snapshot_open(
+ sqlite3 *db,
+ const char *zSchema,
+ sqlite3_snapshot *pSnapshot
+);
+
+/*
+** CAPI3REF: Destroy a snapshot
+** EXPERIMENTAL
+**
+** ^The [sqlite3_snapshot_free(P)] interface destroys [sqlite3_snapshot] P.
+** The application must eventually free every [sqlite3_snapshot] object
+** using this routine to avoid a memory leak.
+**
+** The [sqlite3_snapshot_free()] interface is only available when the
+** SQLITE_ENABLE_SNAPSHOT compile-time option is used.
+*/
+SQLITE_API SQLITE_EXPERIMENTAL void SQLITE_STDCALL sqlite3_snapshot_free(sqlite3_snapshot*);
+
+/*
+** Undo the hack that converts floating point types to integer for
+** builds on processors without floating point support.
+*/
+#ifdef SQLITE_OMIT_FLOATING_POINT
+# undef double
+#endif
+
+#if 0
+} /* End of the 'extern "C"' block */
+#endif
+#endif /* _SQLITE3_H_ */
+
+/*
+** 2010 August 30
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+*/
+
+#ifndef _SQLITE3RTREE_H_
+#define _SQLITE3RTREE_H_
+
+
+#if 0
+extern "C" {
+#endif
+
+typedef struct sqlite3_rtree_geometry sqlite3_rtree_geometry;
+typedef struct sqlite3_rtree_query_info sqlite3_rtree_query_info;
+
+/* The double-precision datatype used by RTree depends on the
+** SQLITE_RTREE_INT_ONLY compile-time option.
+*/
+#ifdef SQLITE_RTREE_INT_ONLY
+ typedef sqlite3_int64 sqlite3_rtree_dbl;
+#else
+ typedef double sqlite3_rtree_dbl;
+#endif
+
+/*
+** Register a geometry callback named zGeom that can be used as part of an
+** R-Tree geometry query as follows:
+**
+** SELECT ... FROM <rtree> WHERE <rtree col> MATCH $zGeom(... params ...)
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_geometry_callback(
+ sqlite3 *db,
+ const char *zGeom,
+ int (*xGeom)(sqlite3_rtree_geometry*, int, sqlite3_rtree_dbl*,int*),
+ void *pContext
+);
+
+
+/*
+** A pointer to a structure of the following type is passed as the first
+** argument to callbacks registered using rtree_geometry_callback().
+*/
+struct sqlite3_rtree_geometry {
+ void *pContext; /* Copy of pContext passed to s_r_g_c() */
+ int nParam; /* Size of array aParam[] */
+ sqlite3_rtree_dbl *aParam; /* Parameters passed to SQL geom function */
+ void *pUser; /* Callback implementation user data */
+ void (*xDelUser)(void *); /* Called by SQLite to clean up pUser */
+};
+
+/*
+** Register a 2nd-generation geometry callback named zScore that can be
+** used as part of an R-Tree geometry query as follows:
+**
+** SELECT ... FROM <rtree> WHERE <rtree col> MATCH $zQueryFunc(... params ...)
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_query_callback(
+ sqlite3 *db,
+ const char *zQueryFunc,
+ int (*xQueryFunc)(sqlite3_rtree_query_info*),
+ void *pContext,
+ void (*xDestructor)(void*)
+);
+
+
+/*
+** A pointer to a structure of the following type is passed as the
+** argument to scored geometry callback registered using
+** sqlite3_rtree_query_callback().
+**
+** Note that the first 5 fields of this structure are identical to
+** sqlite3_rtree_geometry. This structure is a subclass of
+** sqlite3_rtree_geometry.
+*/
+struct sqlite3_rtree_query_info {
+ void *pContext; /* pContext from when function registered */
+ int nParam; /* Number of function parameters */
+ sqlite3_rtree_dbl *aParam; /* value of function parameters */
+ void *pUser; /* callback can use this, if desired */
+ void (*xDelUser)(void*); /* function to free pUser */
+ sqlite3_rtree_dbl *aCoord; /* Coordinates of node or entry to check */
+ unsigned int *anQueue; /* Number of pending entries in the queue */
+ int nCoord; /* Number of coordinates */
+ int iLevel; /* Level of current node or entry */
+ int mxLevel; /* The largest iLevel value in the tree */
+ sqlite3_int64 iRowid; /* Rowid for current entry */
+ sqlite3_rtree_dbl rParentScore; /* Score of parent node */
+ int eParentWithin; /* Visibility of parent node */
+ int eWithin; /* OUT: Visiblity */
+ sqlite3_rtree_dbl rScore; /* OUT: Write the score here */
+ /* The following fields are only available in 3.8.11 and later */
+ sqlite3_value **apSqlParam; /* Original SQL values of parameters */
+};
+
+/*
+** Allowed values for sqlite3_rtree_query.eWithin and .eParentWithin.
+*/
+#define NOT_WITHIN 0 /* Object completely outside of query region */
+#define PARTLY_WITHIN 1 /* Object partially overlaps query region */
+#define FULLY_WITHIN 2 /* Object fully contained within query region */
+
+
+#if 0
+} /* end of the 'extern "C"' block */
+#endif
+
+#endif /* ifndef _SQLITE3RTREE_H_ */
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Interfaces to extend FTS5. Using the interfaces defined in this file,
+** FTS5 may be extended with:
+**
+** * custom tokenizers, and
+** * custom auxiliary functions.
+*/
+
+
+#ifndef _FTS5_H
+#define _FTS5_H
+
+
+#if 0
+extern "C" {
+#endif
+
+/*************************************************************************
+** CUSTOM AUXILIARY FUNCTIONS
+**
+** Virtual table implementations may overload SQL functions by implementing
+** the sqlite3_module.xFindFunction() method.
+*/
+
+typedef struct Fts5ExtensionApi Fts5ExtensionApi;
+typedef struct Fts5Context Fts5Context;
+typedef struct Fts5PhraseIter Fts5PhraseIter;
+
+typedef void (*fts5_extension_function)(
+ const Fts5ExtensionApi *pApi, /* API offered by current FTS version */
+ Fts5Context *pFts, /* First arg to pass to pApi functions */
+ sqlite3_context *pCtx, /* Context for returning result/error */
+ int nVal, /* Number of values in apVal[] array */
+ sqlite3_value **apVal /* Array of trailing arguments */
+);
+
+struct Fts5PhraseIter {
+ const unsigned char *a;
+ const unsigned char *b;
+};
+
+/*
+** EXTENSION API FUNCTIONS
+**
+** xUserData(pFts):
+** Return a copy of the context pointer the extension function was
+** registered with.
+**
+** xColumnTotalSize(pFts, iCol, pnToken):
+** If parameter iCol is less than zero, set output variable *pnToken
+** to the total number of tokens in the FTS5 table. Or, if iCol is
+** non-negative but less than the number of columns in the table, return
+** the total number of tokens in column iCol, considering all rows in
+** the FTS5 table.
+**
+** If parameter iCol is greater than or equal to the number of columns
+** in the table, SQLITE_RANGE is returned. Or, if an error occurs (e.g.
+** an OOM condition or IO error), an appropriate SQLite error code is
+** returned.
+**
+** xColumnCount(pFts):
+** Return the number of columns in the table.
+**
+** xColumnSize(pFts, iCol, pnToken):
+** If parameter iCol is less than zero, set output variable *pnToken
+** to the total number of tokens in the current row. Or, if iCol is
+** non-negative but less than the number of columns in the table, set
+** *pnToken to the number of tokens in column iCol of the current row.
+**
+** If parameter iCol is greater than or equal to the number of columns
+** in the table, SQLITE_RANGE is returned. Or, if an error occurs (e.g.
+** an OOM condition or IO error), an appropriate SQLite error code is
+** returned.
+**
+** xColumnText:
+** This function attempts to retrieve the text of column iCol of the
+** current document. If successful, (*pz) is set to point to a buffer
+** containing the text in utf-8 encoding, (*pn) is set to the size in bytes
+** (not characters) of the buffer and SQLITE_OK is returned. Otherwise,
+** if an error occurs, an SQLite error code is returned and the final values
+** of (*pz) and (*pn) are undefined.
+**
+** xPhraseCount:
+** Returns the number of phrases in the current query expression.
+**
+** xPhraseSize:
+** Returns the number of tokens in phrase iPhrase of the query. Phrases
+** are numbered starting from zero.
+**
+** xInstCount:
+** Set *pnInst to the total number of occurrences of all phrases within
+** the query within the current row. Return SQLITE_OK if successful, or
+** an error code (i.e. SQLITE_NOMEM) if an error occurs.
+**
+** xInst:
+** Query for the details of phrase match iIdx within the current row.
+** Phrase matches are numbered starting from zero, so the iIdx argument
+** should be greater than or equal to zero and smaller than the value
+** output by xInstCount().
+**
+** Returns SQLITE_OK if successful, or an error code (i.e. SQLITE_NOMEM)
+** if an error occurs.
+**
+** xRowid:
+** Returns the rowid of the current row.
+**
+** xTokenize:
+** Tokenize text using the tokenizer belonging to the FTS5 table.
+**
+** xQueryPhrase(pFts5, iPhrase, pUserData, xCallback):
+** This API function is used to query the FTS table for phrase iPhrase
+** of the current query. Specifically, a query equivalent to:
+**
+** ... FROM ftstable WHERE ftstable MATCH $p ORDER BY rowid
+**
+** with $p set to a phrase equivalent to the phrase iPhrase of the
+** current query is executed. For each row visited, the callback function
+** passed as the fourth argument is invoked. The context and API objects
+** passed to the callback function may be used to access the properties of
+** each matched row. Invoking Api.xUserData() returns a copy of the pointer
+** passed as the third argument to pUserData.
+**
+** If the callback function returns any value other than SQLITE_OK, the
+** query is abandoned and the xQueryPhrase function returns immediately.
+** If the returned value is SQLITE_DONE, xQueryPhrase returns SQLITE_OK.
+** Otherwise, the error code is propagated upwards.
+**
+** If the query runs to completion without incident, SQLITE_OK is returned.
+** Or, if some error occurs before the query completes or is aborted by
+** the callback, an SQLite error code is returned.
+**
+**
+** xSetAuxdata(pFts5, pAux, xDelete)
+**
+** Save the pointer passed as the second argument as the extension functions
+** "auxiliary data". The pointer may then be retrieved by the current or any
+** future invocation of the same fts5 extension function made as part of
+** of the same MATCH query using the xGetAuxdata() API.
+**
+** Each extension function is allocated a single auxiliary data slot for
+** each FTS query (MATCH expression). If the extension function is invoked
+** more than once for a single FTS query, then all invocations share a
+** single auxiliary data context.
+**
+** If there is already an auxiliary data pointer when this function is
+** invoked, then it is replaced by the new pointer. If an xDelete callback
+** was specified along with the original pointer, it is invoked at this
+** point.
+**
+** The xDelete callback, if one is specified, is also invoked on the
+** auxiliary data pointer after the FTS5 query has finished.
+**
+** If an error (e.g. an OOM condition) occurs within this function, an
+** the auxiliary data is set to NULL and an error code returned. If the
+** xDelete parameter was not NULL, it is invoked on the auxiliary data
+** pointer before returning.
+**
+**
+** xGetAuxdata(pFts5, bClear)
+**
+** Returns the current auxiliary data pointer for the fts5 extension
+** function. See the xSetAuxdata() method for details.
+**
+** If the bClear argument is non-zero, then the auxiliary data is cleared
+** (set to NULL) before this function returns. In this case the xDelete,
+** if any, is not invoked.
+**
+**
+** xRowCount(pFts5, pnRow)
+**
+** This function is used to retrieve the total number of rows in the table.
+** In other words, the same value that would be returned by:
+**
+** SELECT count(*) FROM ftstable;
+**
+** xPhraseFirst()
+** This function is used, along with type Fts5PhraseIter and the xPhraseNext
+** method, to iterate through all instances of a single query phrase within
+** the current row. This is the same information as is accessible via the
+** xInstCount/xInst APIs. While the xInstCount/xInst APIs are more convenient
+** to use, this API may be faster under some circumstances. To iterate
+** through instances of phrase iPhrase, use the following code:
+**
+** Fts5PhraseIter iter;
+** int iCol, iOff;
+** for(pApi->xPhraseFirst(pFts, iPhrase, &iter, &iCol, &iOff);
+** iOff>=0;
+** pApi->xPhraseNext(pFts, &iter, &iCol, &iOff)
+** ){
+** // An instance of phrase iPhrase at offset iOff of column iCol
+** }
+**
+** The Fts5PhraseIter structure is defined above. Applications should not
+** modify this structure directly - it should only be used as shown above
+** with the xPhraseFirst() and xPhraseNext() API methods.
+**
+** xPhraseNext()
+** See xPhraseFirst above.
+*/
+struct Fts5ExtensionApi {
+ int iVersion; /* Currently always set to 1 */
+
+ void *(*xUserData)(Fts5Context*);
+
+ int (*xColumnCount)(Fts5Context*);
+ int (*xRowCount)(Fts5Context*, sqlite3_int64 *pnRow);
+ int (*xColumnTotalSize)(Fts5Context*, int iCol, sqlite3_int64 *pnToken);
+
+ int (*xTokenize)(Fts5Context*,
+ const char *pText, int nText, /* Text to tokenize */
+ void *pCtx, /* Context passed to xToken() */
+ int (*xToken)(void*, int, const char*, int, int, int) /* Callback */
+ );
+
+ int (*xPhraseCount)(Fts5Context*);
+ int (*xPhraseSize)(Fts5Context*, int iPhrase);
+
+ int (*xInstCount)(Fts5Context*, int *pnInst);
+ int (*xInst)(Fts5Context*, int iIdx, int *piPhrase, int *piCol, int *piOff);
+
+ sqlite3_int64 (*xRowid)(Fts5Context*);
+ int (*xColumnText)(Fts5Context*, int iCol, const char **pz, int *pn);
+ int (*xColumnSize)(Fts5Context*, int iCol, int *pnToken);
+
+ int (*xQueryPhrase)(Fts5Context*, int iPhrase, void *pUserData,
+ int(*)(const Fts5ExtensionApi*,Fts5Context*,void*)
+ );
+ int (*xSetAuxdata)(Fts5Context*, void *pAux, void(*xDelete)(void*));
+ void *(*xGetAuxdata)(Fts5Context*, int bClear);
+
+ void (*xPhraseFirst)(Fts5Context*, int iPhrase, Fts5PhraseIter*, int*, int*);
+ void (*xPhraseNext)(Fts5Context*, Fts5PhraseIter*, int *piCol, int *piOff);
+};
+
+/*
+** CUSTOM AUXILIARY FUNCTIONS
+*************************************************************************/
+
+/*************************************************************************
+** CUSTOM TOKENIZERS
+**
+** Applications may also register custom tokenizer types. A tokenizer
+** is registered by providing fts5 with a populated instance of the
+** following structure. All structure methods must be defined, setting
+** any member of the fts5_tokenizer struct to NULL leads to undefined
+** behaviour. The structure methods are expected to function as follows:
+**
+** xCreate:
+** This function is used to allocate and inititalize a tokenizer instance.
+** A tokenizer instance is required to actually tokenize text.
+**
+** The first argument passed to this function is a copy of the (void*)
+** pointer provided by the application when the fts5_tokenizer object
+** was registered with FTS5 (the third argument to xCreateTokenizer()).
+** The second and third arguments are an array of nul-terminated strings
+** containing the tokenizer arguments, if any, specified following the
+** tokenizer name as part of the CREATE VIRTUAL TABLE statement used
+** to create the FTS5 table.
+**
+** The final argument is an output variable. If successful, (*ppOut)
+** should be set to point to the new tokenizer handle and SQLITE_OK
+** returned. If an error occurs, some value other than SQLITE_OK should
+** be returned. In this case, fts5 assumes that the final value of *ppOut
+** is undefined.
+**
+** xDelete:
+** This function is invoked to delete a tokenizer handle previously
+** allocated using xCreate(). Fts5 guarantees that this function will
+** be invoked exactly once for each successful call to xCreate().
+**
+** xTokenize:
+** This function is expected to tokenize the nText byte string indicated
+** by argument pText. pText may or may not be nul-terminated. The first
+** argument passed to this function is a pointer to an Fts5Tokenizer object
+** returned by an earlier call to xCreate().
+**
+** The second argument indicates the reason that FTS5 is requesting
+** tokenization of the supplied text. This is always one of the following
+** four values:
+**
+** <ul><li> <b>FTS5_TOKENIZE_DOCUMENT</b> - A document is being inserted into
+** or removed from the FTS table. The tokenizer is being invoked to
+** determine the set of tokens to add to (or delete from) the
+** FTS index.
+**
+** <li> <b>FTS5_TOKENIZE_QUERY</b> - A MATCH query is being executed
+** against the FTS index. The tokenizer is being called to tokenize
+** a bareword or quoted string specified as part of the query.
+**
+** <li> <b>(FTS5_TOKENIZE_QUERY | FTS5_TOKENIZE_PREFIX)</b> - Same as
+** FTS5_TOKENIZE_QUERY, except that the bareword or quoted string is
+** followed by a "*" character, indicating that the last token
+** returned by the tokenizer will be treated as a token prefix.
+**
+** <li> <b>FTS5_TOKENIZE_AUX</b> - The tokenizer is being invoked to
+** satisfy an fts5_api.xTokenize() request made by an auxiliary
+** function. Or an fts5_api.xColumnSize() request made by the same
+** on a columnsize=0 database.
+** </ul>
+**
+** For each token in the input string, the supplied callback xToken() must
+** be invoked. The first argument to it should be a copy of the pointer
+** passed as the second argument to xTokenize(). The third and fourth
+** arguments are a pointer to a buffer containing the token text, and the
+** size of the token in bytes. The 4th and 5th arguments are the byte offsets
+** of the first byte of and first byte immediately following the text from
+** which the token is derived within the input.
+**
+** The second argument passed to the xToken() callback ("tflags") should
+** normally be set to 0. The exception is if the tokenizer supports
+** synonyms. In this case see the discussion below for details.
+**
+** FTS5 assumes the xToken() callback is invoked for each token in the
+** order that they occur within the input text.
+**
+** If an xToken() callback returns any value other than SQLITE_OK, then
+** the tokenization should be abandoned and the xTokenize() method should
+** immediately return a copy of the xToken() return value. Or, if the
+** input buffer is exhausted, xTokenize() should return SQLITE_OK. Finally,
+** if an error occurs with the xTokenize() implementation itself, it
+** may abandon the tokenization and return any error code other than
+** SQLITE_OK or SQLITE_DONE.
+**
+** SYNONYM SUPPORT
+**
+** Custom tokenizers may also support synonyms. Consider a case in which a
+** user wishes to query for a phrase such as "first place". Using the
+** built-in tokenizers, the FTS5 query 'first + place' will match instances
+** of "first place" within the document set, but not alternative forms
+** such as "1st place". In some applications, it would be better to match
+** all instances of "first place" or "1st place" regardless of which form
+** the user specified in the MATCH query text.
+**
+** There are several ways to approach this in FTS5:
+**
+** <ol><li> By mapping all synonyms to a single token. In this case, the
+** In the above example, this means that the tokenizer returns the
+** same token for inputs "first" and "1st". Say that token is in
+** fact "first", so that when the user inserts the document "I won
+** 1st place" entries are added to the index for tokens "i", "won",
+** "first" and "place". If the user then queries for '1st + place',
+** the tokenizer substitutes "first" for "1st" and the query works
+** as expected.
+**
+** <li> By adding multiple synonyms for a single term to the FTS index.
+** In this case, when tokenizing query text, the tokenizer may
+** provide multiple synonyms for a single term within the document.
+** FTS5 then queries the index for each synonym individually. For
+** example, faced with the query:
+**
+** <codeblock>
+** ... MATCH 'first place'</codeblock>
+**
+** the tokenizer offers both "1st" and "first" as synonyms for the
+** first token in the MATCH query and FTS5 effectively runs a query
+** similar to:
+**
+** <codeblock>
+** ... MATCH '(first OR 1st) place'</codeblock>
+**
+** except that, for the purposes of auxiliary functions, the query
+** still appears to contain just two phrases - "(first OR 1st)"
+** being treated as a single phrase.
+**
+** <li> By adding multiple synonyms for a single term to the FTS index.
+** Using this method, when tokenizing document text, the tokenizer
+** provides multiple synonyms for each token. So that when a
+** document such as "I won first place" is tokenized, entries are
+** added to the FTS index for "i", "won", "first", "1st" and
+** "place".
+**
+** This way, even if the tokenizer does not provide synonyms
+** when tokenizing query text (it should not - to do would be
+** inefficient), it doesn't matter if the user queries for
+** 'first + place' or '1st + place', as there are entires in the
+** FTS index corresponding to both forms of the first token.
+** </ol>
+**
+** Whether it is parsing document or query text, any call to xToken that
+** specifies a <i>tflags</i> argument with the FTS5_TOKEN_COLOCATED bit
+** is considered to supply a synonym for the previous token. For example,
+** when parsing the document "I won first place", a tokenizer that supports
+** synonyms would call xToken() 5 times, as follows:
+**
+** <codeblock>
+** xToken(pCtx, 0, "i", 1, 0, 1);
+** xToken(pCtx, 0, "won", 3, 2, 5);
+** xToken(pCtx, 0, "first", 5, 6, 11);
+** xToken(pCtx, FTS5_TOKEN_COLOCATED, "1st", 3, 6, 11);
+** xToken(pCtx, 0, "place", 5, 12, 17);
+**</codeblock>
+**
+** It is an error to specify the FTS5_TOKEN_COLOCATED flag the first time
+** xToken() is called. Multiple synonyms may be specified for a single token
+** by making multiple calls to xToken(FTS5_TOKEN_COLOCATED) in sequence.
+** There is no limit to the number of synonyms that may be provided for a
+** single token.
+**
+** In many cases, method (1) above is the best approach. It does not add
+** extra data to the FTS index or require FTS5 to query for multiple terms,
+** so it is efficient in terms of disk space and query speed. However, it
+** does not support prefix queries very well. If, as suggested above, the
+** token "first" is subsituted for "1st" by the tokenizer, then the query:
+**
+** <codeblock>
+** ... MATCH '1s*'</codeblock>
+**
+** will not match documents that contain the token "1st" (as the tokenizer
+** will probably not map "1s" to any prefix of "first").
+**
+** For full prefix support, method (3) may be preferred. In this case,
+** because the index contains entries for both "first" and "1st", prefix
+** queries such as 'fi*' or '1s*' will match correctly. However, because
+** extra entries are added to the FTS index, this method uses more space
+** within the database.
+**
+** Method (2) offers a midpoint between (1) and (3). Using this method,
+** a query such as '1s*' will match documents that contain the literal
+** token "1st", but not "first" (assuming the tokenizer is not able to
+** provide synonyms for prefixes). However, a non-prefix query like '1st'
+** will match against "1st" and "first". This method does not require
+** extra disk space, as no extra entries are added to the FTS index.
+** On the other hand, it may require more CPU cycles to run MATCH queries,
+** as separate queries of the FTS index are required for each synonym.
+**
+** When using methods (2) or (3), it is important that the tokenizer only
+** provide synonyms when tokenizing document text (method (2)) or query
+** text (method (3)), not both. Doing so will not cause any errors, but is
+** inefficient.
+*/
+typedef struct Fts5Tokenizer Fts5Tokenizer;
+typedef struct fts5_tokenizer fts5_tokenizer;
+struct fts5_tokenizer {
+ int (*xCreate)(void*, const char **azArg, int nArg, Fts5Tokenizer **ppOut);
+ void (*xDelete)(Fts5Tokenizer*);
+ int (*xTokenize)(Fts5Tokenizer*,
+ void *pCtx,
+ int flags, /* Mask of FTS5_TOKENIZE_* flags */
+ const char *pText, int nText,
+ int (*xToken)(
+ void *pCtx, /* Copy of 2nd argument to xTokenize() */
+ int tflags, /* Mask of FTS5_TOKEN_* flags */
+ const char *pToken, /* Pointer to buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStart, /* Byte offset of token within input text */
+ int iEnd /* Byte offset of end of token within input text */
+ )
+ );
+};
+
+/* Flags that may be passed as the third argument to xTokenize() */
+#define FTS5_TOKENIZE_QUERY 0x0001
+#define FTS5_TOKENIZE_PREFIX 0x0002
+#define FTS5_TOKENIZE_DOCUMENT 0x0004
+#define FTS5_TOKENIZE_AUX 0x0008
+
+/* Flags that may be passed by the tokenizer implementation back to FTS5
+** as the third argument to the supplied xToken callback. */
+#define FTS5_TOKEN_COLOCATED 0x0001 /* Same position as prev. token */
+
+/*
+** END OF CUSTOM TOKENIZERS
+*************************************************************************/
+
+/*************************************************************************
+** FTS5 EXTENSION REGISTRATION API
+*/
+typedef struct fts5_api fts5_api;
+struct fts5_api {
+ int iVersion; /* Currently always set to 2 */
+
+ /* Create a new tokenizer */
+ int (*xCreateTokenizer)(
+ fts5_api *pApi,
+ const char *zName,
+ void *pContext,
+ fts5_tokenizer *pTokenizer,
+ void (*xDestroy)(void*)
+ );
+
+ /* Find an existing tokenizer */
+ int (*xFindTokenizer)(
+ fts5_api *pApi,
+ const char *zName,
+ void **ppContext,
+ fts5_tokenizer *pTokenizer
+ );
+
+ /* Create a new auxiliary function */
+ int (*xCreateFunction)(
+ fts5_api *pApi,
+ const char *zName,
+ void *pContext,
+ fts5_extension_function xFunction,
+ void (*xDestroy)(void*)
+ );
+};
+
+/*
+** END OF REGISTRATION API
+*************************************************************************/
+
+#if 0
+} /* end of the 'extern "C"' block */
+#endif
+
+#endif /* _FTS5_H */
+
+
+
+/************** End of sqlite3.h *********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+
+/*
+** Include the configuration header output by 'configure' if we're using the
+** autoconf-based build
+*/
+#ifdef _HAVE_SQLITE_CONFIG_H
+#include "config.h"
+#endif
+
+/************** Include sqliteLimit.h in the middle of sqliteInt.h ***********/
+/************** Begin file sqliteLimit.h *************************************/
+/*
+** 2007 May 7
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file defines various limits of what SQLite can process.
+*/
+
+/*
+** The maximum length of a TEXT or BLOB in bytes. This also
+** limits the size of a row in a table or index.
+**
+** The hard limit is the ability of a 32-bit signed integer
+** to count the size: 2^31-1 or 2147483647.
+*/
+#ifndef SQLITE_MAX_LENGTH
+# define SQLITE_MAX_LENGTH 1000000000
+#endif
+
+/*
+** This is the maximum number of
+**
+** * Columns in a table
+** * Columns in an index
+** * Columns in a view
+** * Terms in the SET clause of an UPDATE statement
+** * Terms in the result set of a SELECT statement
+** * Terms in the GROUP BY or ORDER BY clauses of a SELECT statement.
+** * Terms in the VALUES clause of an INSERT statement
+**
+** The hard upper limit here is 32676. Most database people will
+** tell you that in a well-normalized database, you usually should
+** not have more than a dozen or so columns in any table. And if
+** that is the case, there is no point in having more than a few
+** dozen values in any of the other situations described above.
+*/
+#ifndef SQLITE_MAX_COLUMN
+# define SQLITE_MAX_COLUMN 2000
+#endif
+
+/*
+** The maximum length of a single SQL statement in bytes.
+**
+** It used to be the case that setting this value to zero would
+** turn the limit off. That is no longer true. It is not possible
+** to turn this limit off.
+*/
+#ifndef SQLITE_MAX_SQL_LENGTH
+# define SQLITE_MAX_SQL_LENGTH 1000000000
+#endif
+
+/*
+** The maximum depth of an expression tree. This is limited to
+** some extent by SQLITE_MAX_SQL_LENGTH. But sometime you might
+** want to place more severe limits on the complexity of an
+** expression.
+**
+** A value of 0 used to mean that the limit was not enforced.
+** But that is no longer true. The limit is now strictly enforced
+** at all times.
+*/
+#ifndef SQLITE_MAX_EXPR_DEPTH
+# define SQLITE_MAX_EXPR_DEPTH 1000
+#endif
+
+/*
+** The maximum number of terms in a compound SELECT statement.
+** The code generator for compound SELECT statements does one
+** level of recursion for each term. A stack overflow can result
+** if the number of terms is too large. In practice, most SQL
+** never has more than 3 or 4 terms. Use a value of 0 to disable
+** any limit on the number of terms in a compount SELECT.
+*/
+#ifndef SQLITE_MAX_COMPOUND_SELECT
+# define SQLITE_MAX_COMPOUND_SELECT 500
+#endif
+
+/*
+** The maximum number of opcodes in a VDBE program.
+** Not currently enforced.
+*/
+#ifndef SQLITE_MAX_VDBE_OP
+# define SQLITE_MAX_VDBE_OP 25000
+#endif
+
+/*
+** The maximum number of arguments to an SQL function.
+*/
+#ifndef SQLITE_MAX_FUNCTION_ARG
+# define SQLITE_MAX_FUNCTION_ARG 127
+#endif
+
+/*
+** The suggested maximum number of in-memory pages to use for
+** the main database table and for temporary tables.
+**
+** IMPLEMENTATION-OF: R-31093-59126 The default suggested cache size
+** is 2000 pages.
+** IMPLEMENTATION-OF: R-48205-43578 The default suggested cache size can be
+** altered using the SQLITE_DEFAULT_CACHE_SIZE compile-time options.
+*/
+#ifndef SQLITE_DEFAULT_CACHE_SIZE
+# define SQLITE_DEFAULT_CACHE_SIZE 2000
+#endif
+
+/*
+** The default number of frames to accumulate in the log file before
+** checkpointing the database in WAL mode.
+*/
+#ifndef SQLITE_DEFAULT_WAL_AUTOCHECKPOINT
+# define SQLITE_DEFAULT_WAL_AUTOCHECKPOINT 1000
+#endif
+
+/*
+** The maximum number of attached databases. This must be between 0
+** and 62. The upper bound on 62 is because a 64-bit integer bitmap
+** is used internally to track attached databases.
+*/
+#ifndef SQLITE_MAX_ATTACHED
+# define SQLITE_MAX_ATTACHED 10
+#endif
+
+
+/*
+** The maximum value of a ?nnn wildcard that the parser will accept.
+*/
+#ifndef SQLITE_MAX_VARIABLE_NUMBER
+# define SQLITE_MAX_VARIABLE_NUMBER 999
+#endif
+
+/* Maximum page size. The upper bound on this value is 65536. This a limit
+** imposed by the use of 16-bit offsets within each page.
+**
+** Earlier versions of SQLite allowed the user to change this value at
+** compile time. This is no longer permitted, on the grounds that it creates
+** a library that is technically incompatible with an SQLite library
+** compiled with a different limit. If a process operating on a database
+** with a page-size of 65536 bytes crashes, then an instance of SQLite
+** compiled with the default page-size limit will not be able to rollback
+** the aborted transaction. This could lead to database corruption.
+*/
+#ifdef SQLITE_MAX_PAGE_SIZE
+# undef SQLITE_MAX_PAGE_SIZE
+#endif
+#define SQLITE_MAX_PAGE_SIZE 65536
+
+
+/*
+** The default size of a database page.
+*/
+#ifndef SQLITE_DEFAULT_PAGE_SIZE
+# define SQLITE_DEFAULT_PAGE_SIZE 1024
+#endif
+#if SQLITE_DEFAULT_PAGE_SIZE>SQLITE_MAX_PAGE_SIZE
+# undef SQLITE_DEFAULT_PAGE_SIZE
+# define SQLITE_DEFAULT_PAGE_SIZE SQLITE_MAX_PAGE_SIZE
+#endif
+
+/*
+** Ordinarily, if no value is explicitly provided, SQLite creates databases
+** with page size SQLITE_DEFAULT_PAGE_SIZE. However, based on certain
+** device characteristics (sector-size and atomic write() support),
+** SQLite may choose a larger value. This constant is the maximum value
+** SQLite will choose on its own.
+*/
+#ifndef SQLITE_MAX_DEFAULT_PAGE_SIZE
+# define SQLITE_MAX_DEFAULT_PAGE_SIZE 8192
+#endif
+#if SQLITE_MAX_DEFAULT_PAGE_SIZE>SQLITE_MAX_PAGE_SIZE
+# undef SQLITE_MAX_DEFAULT_PAGE_SIZE
+# define SQLITE_MAX_DEFAULT_PAGE_SIZE SQLITE_MAX_PAGE_SIZE
+#endif
+
+
+/*
+** Maximum number of pages in one database file.
+**
+** This is really just the default value for the max_page_count pragma.
+** This value can be lowered (or raised) at run-time using that the
+** max_page_count macro.
+*/
+#ifndef SQLITE_MAX_PAGE_COUNT
+# define SQLITE_MAX_PAGE_COUNT 1073741823
+#endif
+
+/*
+** Maximum length (in bytes) of the pattern in a LIKE or GLOB
+** operator.
+*/
+#ifndef SQLITE_MAX_LIKE_PATTERN_LENGTH
+# define SQLITE_MAX_LIKE_PATTERN_LENGTH 50000
+#endif
+
+/*
+** Maximum depth of recursion for triggers.
+**
+** A value of 1 means that a trigger program will not be able to itself
+** fire any triggers. A value of 0 means that no trigger programs at all
+** may be executed.
+*/
+#ifndef SQLITE_MAX_TRIGGER_DEPTH
+# define SQLITE_MAX_TRIGGER_DEPTH 1000
+#endif
+
+/************** End of sqliteLimit.h *****************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+
+/* Disable nuisance warnings on Borland compilers */
+#if defined(__BORLANDC__)
+#pragma warn -rch /* unreachable code */
+#pragma warn -ccc /* Condition is always true or false */
+#pragma warn -aus /* Assigned value is never used */
+#pragma warn -csu /* Comparing signed and unsigned */
+#pragma warn -spa /* Suspicious pointer arithmetic */
+#endif
+
+/*
+** Include standard header files as necessary
+*/
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
+
+/*
+** The following macros are used to cast pointers to integers and
+** integers to pointers. The way you do this varies from one compiler
+** to the next, so we have developed the following set of #if statements
+** to generate appropriate macros for a wide range of compilers.
+**
+** The correct "ANSI" way to do this is to use the intptr_t type.
+** Unfortunately, that typedef is not available on all compilers, or
+** if it is available, it requires an #include of specific headers
+** that vary from one machine to the next.
+**
+** Ticket #3860: The llvm-gcc-4.2 compiler from Apple chokes on
+** the ((void*)&((char*)0)[X]) construct. But MSVC chokes on ((void*)(X)).
+** So we have to define the macros in different ways depending on the
+** compiler.
+*/
+#if defined(__PTRDIFF_TYPE__) /* This case should work for GCC */
+# define SQLITE_INT_TO_PTR(X) ((void*)(__PTRDIFF_TYPE__)(X))
+# define SQLITE_PTR_TO_INT(X) ((int)(__PTRDIFF_TYPE__)(X))
+#elif !defined(__GNUC__) /* Works for compilers other than LLVM */
+# define SQLITE_INT_TO_PTR(X) ((void*)&((char*)0)[X])
+# define SQLITE_PTR_TO_INT(X) ((int)(((char*)X)-(char*)0))
+#elif defined(HAVE_STDINT_H) /* Use this case if we have ANSI headers */
+# define SQLITE_INT_TO_PTR(X) ((void*)(intptr_t)(X))
+# define SQLITE_PTR_TO_INT(X) ((int)(intptr_t)(X))
+#else /* Generates a warning - but it always works */
+# define SQLITE_INT_TO_PTR(X) ((void*)(X))
+# define SQLITE_PTR_TO_INT(X) ((int)(X))
+#endif
+
+/*
+** The SQLITE_WITHIN(P,S,E) macro checks to see if pointer P points to
+** something between S (inclusive) and E (exclusive).
+**
+** In other words, S is a buffer and E is a pointer to the first byte after
+** the end of buffer S. This macro returns true if P points to something
+** contained within the buffer S.
+*/
+#if defined(HAVE_STDINT_H)
+# define SQLITE_WITHIN(P,S,E) \
+ ((uintptr_t)(P)>=(uintptr_t)(S) && (uintptr_t)(P)<(uintptr_t)(E))
+#else
+# define SQLITE_WITHIN(P,S,E) ((P)>=(S) && (P)<(E))
+#endif
+
+/*
+** A macro to hint to the compiler that a function should not be
+** inlined.
+*/
+#if defined(__GNUC__)
+# define SQLITE_NOINLINE __attribute__((noinline))
+#elif defined(_MSC_VER) && _MSC_VER>=1310
+# define SQLITE_NOINLINE __declspec(noinline)
+#else
+# define SQLITE_NOINLINE
+#endif
+
+/*
+** Make sure that the compiler intrinsics we desire are enabled when
+** compiling with an appropriate version of MSVC unless prevented by
+** the SQLITE_DISABLE_INTRINSIC define.
+*/
+#if !defined(SQLITE_DISABLE_INTRINSIC)
+# if defined(_MSC_VER) && _MSC_VER>=1300
+# if !defined(_WIN32_WCE)
+# include <intrin.h>
+# pragma intrinsic(_byteswap_ushort)
+# pragma intrinsic(_byteswap_ulong)
+# pragma intrinsic(_ReadWriteBarrier)
+# else
+# include <cmnintrin.h>
+# endif
+# endif
+#endif
+
+/*
+** The SQLITE_THREADSAFE macro must be defined as 0, 1, or 2.
+** 0 means mutexes are permanently disable and the library is never
+** threadsafe. 1 means the library is serialized which is the highest
+** level of threadsafety. 2 means the library is multithreaded - multiple
+** threads can use SQLite as long as no two threads try to use the same
+** database connection at the same time.
+**
+** Older versions of SQLite used an optional THREADSAFE macro.
+** We support that for legacy.
+*/
+#if !defined(SQLITE_THREADSAFE)
+# if defined(THREADSAFE)
+# define SQLITE_THREADSAFE THREADSAFE
+# else
+# define SQLITE_THREADSAFE 1 /* IMP: R-07272-22309 */
+# endif
+#endif
+
+/*
+** Powersafe overwrite is on by default. But can be turned off using
+** the -DSQLITE_POWERSAFE_OVERWRITE=0 command-line option.
+*/
+#ifndef SQLITE_POWERSAFE_OVERWRITE
+# define SQLITE_POWERSAFE_OVERWRITE 1
+#endif
+
+/*
+** EVIDENCE-OF: R-25715-37072 Memory allocation statistics are enabled by
+** default unless SQLite is compiled with SQLITE_DEFAULT_MEMSTATUS=0 in
+** which case memory allocation statistics are disabled by default.
+*/
+#if !defined(SQLITE_DEFAULT_MEMSTATUS)
+# define SQLITE_DEFAULT_MEMSTATUS 1
+#endif
+
+/*
+** Exactly one of the following macros must be defined in order to
+** specify which memory allocation subsystem to use.
+**
+** SQLITE_SYSTEM_MALLOC // Use normal system malloc()
+** SQLITE_WIN32_MALLOC // Use Win32 native heap API
+** SQLITE_ZERO_MALLOC // Use a stub allocator that always fails
+** SQLITE_MEMDEBUG // Debugging version of system malloc()
+**
+** On Windows, if the SQLITE_WIN32_MALLOC_VALIDATE macro is defined and the
+** assert() macro is enabled, each call into the Win32 native heap subsystem
+** will cause HeapValidate to be called. If heap validation should fail, an
+** assertion will be triggered.
+**
+** If none of the above are defined, then set SQLITE_SYSTEM_MALLOC as
+** the default.
+*/
+#if defined(SQLITE_SYSTEM_MALLOC) \
+ + defined(SQLITE_WIN32_MALLOC) \
+ + defined(SQLITE_ZERO_MALLOC) \
+ + defined(SQLITE_MEMDEBUG)>1
+# error "Two or more of the following compile-time configuration options\
+ are defined but at most one is allowed:\
+ SQLITE_SYSTEM_MALLOC, SQLITE_WIN32_MALLOC, SQLITE_MEMDEBUG,\
+ SQLITE_ZERO_MALLOC"
+#endif
+#if defined(SQLITE_SYSTEM_MALLOC) \
+ + defined(SQLITE_WIN32_MALLOC) \
+ + defined(SQLITE_ZERO_MALLOC) \
+ + defined(SQLITE_MEMDEBUG)==0
+# define SQLITE_SYSTEM_MALLOC 1
+#endif
+
+/*
+** If SQLITE_MALLOC_SOFT_LIMIT is not zero, then try to keep the
+** sizes of memory allocations below this value where possible.
+*/
+#if !defined(SQLITE_MALLOC_SOFT_LIMIT)
+# define SQLITE_MALLOC_SOFT_LIMIT 1024
+#endif
+
+/*
+** We need to define _XOPEN_SOURCE as follows in order to enable
+** recursive mutexes on most Unix systems and fchmod() on OpenBSD.
+** But _XOPEN_SOURCE define causes problems for Mac OS X, so omit
+** it.
+*/
+#if !defined(_XOPEN_SOURCE) && !defined(__DARWIN__) && !defined(__APPLE__)
+# define _XOPEN_SOURCE 600
+#endif
+
+/*
+** NDEBUG and SQLITE_DEBUG are opposites. It should always be true that
+** defined(NDEBUG)==!defined(SQLITE_DEBUG). If this is not currently true,
+** make it true by defining or undefining NDEBUG.
+**
+** Setting NDEBUG makes the code smaller and faster by disabling the
+** assert() statements in the code. So we want the default action
+** to be for NDEBUG to be set and NDEBUG to be undefined only if SQLITE_DEBUG
+** is set. Thus NDEBUG becomes an opt-in rather than an opt-out
+** feature.
+*/
+#if !defined(NDEBUG) && !defined(SQLITE_DEBUG)
+# define NDEBUG 1
+#endif
+#if defined(NDEBUG) && defined(SQLITE_DEBUG)
+# undef NDEBUG
+#endif
+
+/*
+** Enable SQLITE_ENABLE_EXPLAIN_COMMENTS if SQLITE_DEBUG is turned on.
+*/
+#if !defined(SQLITE_ENABLE_EXPLAIN_COMMENTS) && defined(SQLITE_DEBUG)
+# define SQLITE_ENABLE_EXPLAIN_COMMENTS 1
+#endif
+
+/*
+** The testcase() macro is used to aid in coverage testing. When
+** doing coverage testing, the condition inside the argument to
+** testcase() must be evaluated both true and false in order to
+** get full branch coverage. The testcase() macro is inserted
+** to help ensure adequate test coverage in places where simple
+** condition/decision coverage is inadequate. For example, testcase()
+** can be used to make sure boundary values are tested. For
+** bitmask tests, testcase() can be used to make sure each bit
+** is significant and used at least once. On switch statements
+** where multiple cases go to the same block of code, testcase()
+** can insure that all cases are evaluated.
+**
+*/
+#ifdef SQLITE_COVERAGE_TEST
+SQLITE_PRIVATE void sqlite3Coverage(int);
+# define testcase(X) if( X ){ sqlite3Coverage(__LINE__); }
+#else
+# define testcase(X)
+#endif
+
+/*
+** The TESTONLY macro is used to enclose variable declarations or
+** other bits of code that are needed to support the arguments
+** within testcase() and assert() macros.
+*/
+#if !defined(NDEBUG) || defined(SQLITE_COVERAGE_TEST)
+# define TESTONLY(X) X
+#else
+# define TESTONLY(X)
+#endif
+
+/*
+** Sometimes we need a small amount of code such as a variable initialization
+** to setup for a later assert() statement. We do not want this code to
+** appear when assert() is disabled. The following macro is therefore
+** used to contain that setup code. The "VVA" acronym stands for
+** "Verification, Validation, and Accreditation". In other words, the
+** code within VVA_ONLY() will only run during verification processes.
+*/
+#ifndef NDEBUG
+# define VVA_ONLY(X) X
+#else
+# define VVA_ONLY(X)
+#endif
+
+/*
+** The ALWAYS and NEVER macros surround boolean expressions which
+** are intended to always be true or false, respectively. Such
+** expressions could be omitted from the code completely. But they
+** are included in a few cases in order to enhance the resilience
+** of SQLite to unexpected behavior - to make the code "self-healing"
+** or "ductile" rather than being "brittle" and crashing at the first
+** hint of unplanned behavior.
+**
+** In other words, ALWAYS and NEVER are added for defensive code.
+**
+** When doing coverage testing ALWAYS and NEVER are hard-coded to
+** be true and false so that the unreachable code they specify will
+** not be counted as untested code.
+*/
+#if defined(SQLITE_COVERAGE_TEST)
+# define ALWAYS(X) (1)
+# define NEVER(X) (0)
+#elif !defined(NDEBUG)
+# define ALWAYS(X) ((X)?1:(assert(0),0))
+# define NEVER(X) ((X)?(assert(0),1):0)
+#else
+# define ALWAYS(X) (X)
+# define NEVER(X) (X)
+#endif
+
+/*
+** Declarations used for tracing the operating system interfaces.
+*/
+#if defined(SQLITE_FORCE_OS_TRACE) || defined(SQLITE_TEST) || \
+ (defined(SQLITE_DEBUG) && SQLITE_OS_WIN)
+ extern int sqlite3OSTrace;
+# define OSTRACE(X) if( sqlite3OSTrace ) sqlite3DebugPrintf X
+# define SQLITE_HAVE_OS_TRACE
+#else
+# define OSTRACE(X)
+# undef SQLITE_HAVE_OS_TRACE
+#endif
+
+/*
+** Is the sqlite3ErrName() function needed in the build? Currently,
+** it is needed by "mutex_w32.c" (when debugging), "os_win.c" (when
+** OSTRACE is enabled), and by several "test*.c" files (which are
+** compiled using SQLITE_TEST).
+*/
+#if defined(SQLITE_HAVE_OS_TRACE) || defined(SQLITE_TEST) || \
+ (defined(SQLITE_DEBUG) && SQLITE_OS_WIN)
+# define SQLITE_NEED_ERR_NAME
+#else
+# undef SQLITE_NEED_ERR_NAME
+#endif
+
+/*
+** Return true (non-zero) if the input is an integer that is too large
+** to fit in 32-bits. This macro is used inside of various testcase()
+** macros to verify that we have tested SQLite for large-file support.
+*/
+#define IS_BIG_INT(X) (((X)&~(i64)0xffffffff)!=0)
+
+/*
+** The macro unlikely() is a hint that surrounds a boolean
+** expression that is usually false. Macro likely() surrounds
+** a boolean expression that is usually true. These hints could,
+** in theory, be used by the compiler to generate better code, but
+** currently they are just comments for human readers.
+*/
+#define likely(X) (X)
+#define unlikely(X) (X)
+
+/************** Include hash.h in the middle of sqliteInt.h ******************/
+/************** Begin file hash.h ********************************************/
+/*
+** 2001 September 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This is the header file for the generic hash-table implementation
+** used in SQLite.
+*/
+#ifndef _SQLITE_HASH_H_
+#define _SQLITE_HASH_H_
+
+/* Forward declarations of structures. */
+typedef struct Hash Hash;
+typedef struct HashElem HashElem;
+
+/* A complete hash table is an instance of the following structure.
+** The internals of this structure are intended to be opaque -- client
+** code should not attempt to access or modify the fields of this structure
+** directly. Change this structure only by using the routines below.
+** However, some of the "procedures" and "functions" for modifying and
+** accessing this structure are really macros, so we can't really make
+** this structure opaque.
+**
+** All elements of the hash table are on a single doubly-linked list.
+** Hash.first points to the head of this list.
+**
+** There are Hash.htsize buckets. Each bucket points to a spot in
+** the global doubly-linked list. The contents of the bucket are the
+** element pointed to plus the next _ht.count-1 elements in the list.
+**
+** Hash.htsize and Hash.ht may be zero. In that case lookup is done
+** by a linear search of the global list. For small tables, the
+** Hash.ht table is never allocated because if there are few elements
+** in the table, it is faster to do a linear search than to manage
+** the hash table.
+*/
+struct Hash {
+ unsigned int htsize; /* Number of buckets in the hash table */
+ unsigned int count; /* Number of entries in this table */
+ HashElem *first; /* The first element of the array */
+ struct _ht { /* the hash table */
+ int count; /* Number of entries with this hash */
+ HashElem *chain; /* Pointer to first entry with this hash */
+ } *ht;
+};
+
+/* Each element in the hash table is an instance of the following
+** structure. All elements are stored on a single doubly-linked list.
+**
+** Again, this structure is intended to be opaque, but it can't really
+** be opaque because it is used by macros.
+*/
+struct HashElem {
+ HashElem *next, *prev; /* Next and previous elements in the table */
+ void *data; /* Data associated with this element */
+ const char *pKey; /* Key associated with this element */
+};
+
+/*
+** Access routines. To delete, insert a NULL pointer.
+*/
+SQLITE_PRIVATE void sqlite3HashInit(Hash*);
+SQLITE_PRIVATE void *sqlite3HashInsert(Hash*, const char *pKey, void *pData);
+SQLITE_PRIVATE void *sqlite3HashFind(const Hash*, const char *pKey);
+SQLITE_PRIVATE void sqlite3HashClear(Hash*);
+
+/*
+** Macros for looping over all elements of a hash table. The idiom is
+** like this:
+**
+** Hash h;
+** HashElem *p;
+** ...
+** for(p=sqliteHashFirst(&h); p; p=sqliteHashNext(p)){
+** SomeStructure *pData = sqliteHashData(p);
+** // do something with pData
+** }
+*/
+#define sqliteHashFirst(H) ((H)->first)
+#define sqliteHashNext(E) ((E)->next)
+#define sqliteHashData(E) ((E)->data)
+/* #define sqliteHashKey(E) ((E)->pKey) // NOT USED */
+/* #define sqliteHashKeysize(E) ((E)->nKey) // NOT USED */
+
+/*
+** Number of entries in a hash table
+*/
+/* #define sqliteHashCount(H) ((H)->count) // NOT USED */
+
+#endif /* _SQLITE_HASH_H_ */
+
+/************** End of hash.h ************************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+/************** Include parse.h in the middle of sqliteInt.h *****************/
+/************** Begin file parse.h *******************************************/
+#define TK_SEMI 1
+#define TK_EXPLAIN 2
+#define TK_QUERY 3
+#define TK_PLAN 4
+#define TK_BEGIN 5
+#define TK_TRANSACTION 6
+#define TK_DEFERRED 7
+#define TK_IMMEDIATE 8
+#define TK_EXCLUSIVE 9
+#define TK_COMMIT 10
+#define TK_END 11
+#define TK_ROLLBACK 12
+#define TK_SAVEPOINT 13
+#define TK_RELEASE 14
+#define TK_TO 15
+#define TK_TABLE 16
+#define TK_CREATE 17
+#define TK_IF 18
+#define TK_NOT 19
+#define TK_EXISTS 20
+#define TK_TEMP 21
+#define TK_LP 22
+#define TK_RP 23
+#define TK_AS 24
+#define TK_WITHOUT 25
+#define TK_COMMA 26
+#define TK_ID 27
+#define TK_INDEXED 28
+#define TK_ABORT 29
+#define TK_ACTION 30
+#define TK_AFTER 31
+#define TK_ANALYZE 32
+#define TK_ASC 33
+#define TK_ATTACH 34
+#define TK_BEFORE 35
+#define TK_BY 36
+#define TK_CASCADE 37
+#define TK_CAST 38
+#define TK_COLUMNKW 39
+#define TK_CONFLICT 40
+#define TK_DATABASE 41
+#define TK_DESC 42
+#define TK_DETACH 43
+#define TK_EACH 44
+#define TK_FAIL 45
+#define TK_FOR 46
+#define TK_IGNORE 47
+#define TK_INITIALLY 48
+#define TK_INSTEAD 49
+#define TK_LIKE_KW 50
+#define TK_MATCH 51
+#define TK_NO 52
+#define TK_KEY 53
+#define TK_OF 54
+#define TK_OFFSET 55
+#define TK_PRAGMA 56
+#define TK_RAISE 57
+#define TK_RECURSIVE 58
+#define TK_REPLACE 59
+#define TK_RESTRICT 60
+#define TK_ROW 61
+#define TK_TRIGGER 62
+#define TK_VACUUM 63
+#define TK_VIEW 64
+#define TK_VIRTUAL 65
+#define TK_WITH 66
+#define TK_REINDEX 67
+#define TK_RENAME 68
+#define TK_CTIME_KW 69
+#define TK_ANY 70
+#define TK_OR 71
+#define TK_AND 72
+#define TK_IS 73
+#define TK_BETWEEN 74
+#define TK_IN 75
+#define TK_ISNULL 76
+#define TK_NOTNULL 77
+#define TK_NE 78
+#define TK_EQ 79
+#define TK_GT 80
+#define TK_LE 81
+#define TK_LT 82
+#define TK_GE 83
+#define TK_ESCAPE 84
+#define TK_BITAND 85
+#define TK_BITOR 86
+#define TK_LSHIFT 87
+#define TK_RSHIFT 88
+#define TK_PLUS 89
+#define TK_MINUS 90
+#define TK_STAR 91
+#define TK_SLASH 92
+#define TK_REM 93
+#define TK_CONCAT 94
+#define TK_COLLATE 95
+#define TK_BITNOT 96
+#define TK_STRING 97
+#define TK_JOIN_KW 98
+#define TK_CONSTRAINT 99
+#define TK_DEFAULT 100
+#define TK_NULL 101
+#define TK_PRIMARY 102
+#define TK_UNIQUE 103
+#define TK_CHECK 104
+#define TK_REFERENCES 105
+#define TK_AUTOINCR 106
+#define TK_ON 107
+#define TK_INSERT 108
+#define TK_DELETE 109
+#define TK_UPDATE 110
+#define TK_SET 111
+#define TK_DEFERRABLE 112
+#define TK_FOREIGN 113
+#define TK_DROP 114
+#define TK_UNION 115
+#define TK_ALL 116
+#define TK_EXCEPT 117
+#define TK_INTERSECT 118
+#define TK_SELECT 119
+#define TK_VALUES 120
+#define TK_DISTINCT 121
+#define TK_DOT 122
+#define TK_FROM 123
+#define TK_JOIN 124
+#define TK_USING 125
+#define TK_ORDER 126
+#define TK_GROUP 127
+#define TK_HAVING 128
+#define TK_LIMIT 129
+#define TK_WHERE 130
+#define TK_INTO 131
+#define TK_INTEGER 132
+#define TK_FLOAT 133
+#define TK_BLOB 134
+#define TK_VARIABLE 135
+#define TK_CASE 136
+#define TK_WHEN 137
+#define TK_THEN 138
+#define TK_ELSE 139
+#define TK_INDEX 140
+#define TK_ALTER 141
+#define TK_ADD 142
+#define TK_TO_TEXT 143
+#define TK_TO_BLOB 144
+#define TK_TO_NUMERIC 145
+#define TK_TO_INT 146
+#define TK_TO_REAL 147
+#define TK_ISNOT 148
+#define TK_END_OF_FILE 149
+#define TK_UNCLOSED_STRING 150
+#define TK_FUNCTION 151
+#define TK_COLUMN 152
+#define TK_AGG_FUNCTION 153
+#define TK_AGG_COLUMN 154
+#define TK_UMINUS 155
+#define TK_UPLUS 156
+#define TK_REGISTER 157
+#define TK_ASTERISK 158
+#define TK_SPACE 159
+#define TK_ILLEGAL 160
+
+/* The token codes above must all fit in 8 bits */
+#define TKFLG_MASK 0xff
+
+/* Flags that can be added to a token code when it is not
+** being stored in a u8: */
+#define TKFLG_DONTFOLD 0x100 /* Omit constant folding optimizations */
+
+/************** End of parse.h ***********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <stddef.h>
+
+/*
+** If compiling for a processor that lacks floating point support,
+** substitute integer for floating-point
+*/
+#ifdef SQLITE_OMIT_FLOATING_POINT
+# define double sqlite_int64
+# define float sqlite_int64
+# define LONGDOUBLE_TYPE sqlite_int64
+# ifndef SQLITE_BIG_DBL
+# define SQLITE_BIG_DBL (((sqlite3_int64)1)<<50)
+# endif
+# define SQLITE_OMIT_DATETIME_FUNCS 1
+# define SQLITE_OMIT_TRACE 1
+# undef SQLITE_MIXED_ENDIAN_64BIT_FLOAT
+# undef SQLITE_HAVE_ISNAN
+#endif
+#ifndef SQLITE_BIG_DBL
+# define SQLITE_BIG_DBL (1e99)
+#endif
+
+/*
+** OMIT_TEMPDB is set to 1 if SQLITE_OMIT_TEMPDB is defined, or 0
+** afterward. Having this macro allows us to cause the C compiler
+** to omit code used by TEMP tables without messy #ifndef statements.
+*/
+#ifdef SQLITE_OMIT_TEMPDB
+#define OMIT_TEMPDB 1
+#else
+#define OMIT_TEMPDB 0
+#endif
+
+/*
+** The "file format" number is an integer that is incremented whenever
+** the VDBE-level file format changes. The following macros define the
+** the default file format for new databases and the maximum file format
+** that the library can read.
+*/
+#define SQLITE_MAX_FILE_FORMAT 4
+#ifndef SQLITE_DEFAULT_FILE_FORMAT
+# define SQLITE_DEFAULT_FILE_FORMAT 4
+#endif
+
+/*
+** Determine whether triggers are recursive by default. This can be
+** changed at run-time using a pragma.
+*/
+#ifndef SQLITE_DEFAULT_RECURSIVE_TRIGGERS
+# define SQLITE_DEFAULT_RECURSIVE_TRIGGERS 0
+#endif
+
+/*
+** Provide a default value for SQLITE_TEMP_STORE in case it is not specified
+** on the command-line
+*/
+#ifndef SQLITE_TEMP_STORE
+# define SQLITE_TEMP_STORE 1
+# define SQLITE_TEMP_STORE_xc 1 /* Exclude from ctime.c */
+#endif
+
+/*
+** If no value has been provided for SQLITE_MAX_WORKER_THREADS, or if
+** SQLITE_TEMP_STORE is set to 3 (never use temporary files), set it
+** to zero.
+*/
+#if SQLITE_TEMP_STORE==3 || SQLITE_THREADSAFE==0
+# undef SQLITE_MAX_WORKER_THREADS
+# define SQLITE_MAX_WORKER_THREADS 0
+#endif
+#ifndef SQLITE_MAX_WORKER_THREADS
+# define SQLITE_MAX_WORKER_THREADS 8
+#endif
+#ifndef SQLITE_DEFAULT_WORKER_THREADS
+# define SQLITE_DEFAULT_WORKER_THREADS 0
+#endif
+#if SQLITE_DEFAULT_WORKER_THREADS>SQLITE_MAX_WORKER_THREADS
+# undef SQLITE_MAX_WORKER_THREADS
+# define SQLITE_MAX_WORKER_THREADS SQLITE_DEFAULT_WORKER_THREADS
+#endif
+
+/*
+** The default initial allocation for the pagecache when using separate
+** pagecaches for each database connection. A positive number is the
+** number of pages. A negative number N translations means that a buffer
+** of -1024*N bytes is allocated and used for as many pages as it will hold.
+*/
+#ifndef SQLITE_DEFAULT_PCACHE_INITSZ
+# define SQLITE_DEFAULT_PCACHE_INITSZ 100
+#endif
+
+/*
+** GCC does not define the offsetof() macro so we'll have to do it
+** ourselves.
+*/
+#ifndef offsetof
+#define offsetof(STRUCTURE,FIELD) ((int)((char*)&((STRUCTURE*)0)->FIELD))
+#endif
+
+/*
+** Macros to compute minimum and maximum of two numbers.
+*/
+#define MIN(A,B) ((A)<(B)?(A):(B))
+#define MAX(A,B) ((A)>(B)?(A):(B))
+
+/*
+** Swap two objects of type TYPE.
+*/
+#define SWAP(TYPE,A,B) {TYPE t=A; A=B; B=t;}
+
+/*
+** Check to see if this machine uses EBCDIC. (Yes, believe it or
+** not, there are still machines out there that use EBCDIC.)
+*/
+#if 'A' == '\301'
+# define SQLITE_EBCDIC 1
+#else
+# define SQLITE_ASCII 1
+#endif
+
+/*
+** Integers of known sizes. These typedefs might change for architectures
+** where the sizes very. Preprocessor macros are available so that the
+** types can be conveniently redefined at compile-type. Like this:
+**
+** cc '-DUINTPTR_TYPE=long long int' ...
+*/
+#ifndef UINT32_TYPE
+# ifdef HAVE_UINT32_T
+# define UINT32_TYPE uint32_t
+# else
+# define UINT32_TYPE unsigned int
+# endif
+#endif
+#ifndef UINT16_TYPE
+# ifdef HAVE_UINT16_T
+# define UINT16_TYPE uint16_t
+# else
+# define UINT16_TYPE unsigned short int
+# endif
+#endif
+#ifndef INT16_TYPE
+# ifdef HAVE_INT16_T
+# define INT16_TYPE int16_t
+# else
+# define INT16_TYPE short int
+# endif
+#endif
+#ifndef UINT8_TYPE
+# ifdef HAVE_UINT8_T
+# define UINT8_TYPE uint8_t
+# else
+# define UINT8_TYPE unsigned char
+# endif
+#endif
+#ifndef INT8_TYPE
+# ifdef HAVE_INT8_T
+# define INT8_TYPE int8_t
+# else
+# define INT8_TYPE signed char
+# endif
+#endif
+#ifndef LONGDOUBLE_TYPE
+# define LONGDOUBLE_TYPE long double
+#endif
+typedef sqlite_int64 i64; /* 8-byte signed integer */
+typedef sqlite_uint64 u64; /* 8-byte unsigned integer */
+typedef UINT32_TYPE u32; /* 4-byte unsigned integer */
+typedef UINT16_TYPE u16; /* 2-byte unsigned integer */
+typedef INT16_TYPE i16; /* 2-byte signed integer */
+typedef UINT8_TYPE u8; /* 1-byte unsigned integer */
+typedef INT8_TYPE i8; /* 1-byte signed integer */
+
+/*
+** SQLITE_MAX_U32 is a u64 constant that is the maximum u64 value
+** that can be stored in a u32 without loss of data. The value
+** is 0x00000000ffffffff. But because of quirks of some compilers, we
+** have to specify the value in the less intuitive manner shown:
+*/
+#define SQLITE_MAX_U32 ((((u64)1)<<32)-1)
+
+/*
+** The datatype used to store estimates of the number of rows in a
+** table or index. This is an unsigned integer type. For 99.9% of
+** the world, a 32-bit integer is sufficient. But a 64-bit integer
+** can be used at compile-time if desired.
+*/
+#ifdef SQLITE_64BIT_STATS
+ typedef u64 tRowcnt; /* 64-bit only if requested at compile-time */
+#else
+ typedef u32 tRowcnt; /* 32-bit is the default */
+#endif
+
+/*
+** Estimated quantities used for query planning are stored as 16-bit
+** logarithms. For quantity X, the value stored is 10*log2(X). This
+** gives a possible range of values of approximately 1.0e986 to 1e-986.
+** But the allowed values are "grainy". Not every value is representable.
+** For example, quantities 16 and 17 are both represented by a LogEst
+** of 40. However, since LogEst quantities are suppose to be estimates,
+** not exact values, this imprecision is not a problem.
+**
+** "LogEst" is short for "Logarithmic Estimate".
+**
+** Examples:
+** 1 -> 0 20 -> 43 10000 -> 132
+** 2 -> 10 25 -> 46 25000 -> 146
+** 3 -> 16 100 -> 66 1000000 -> 199
+** 4 -> 20 1000 -> 99 1048576 -> 200
+** 10 -> 33 1024 -> 100 4294967296 -> 320
+**
+** The LogEst can be negative to indicate fractional values.
+** Examples:
+**
+** 0.5 -> -10 0.1 -> -33 0.0625 -> -40
+*/
+typedef INT16_TYPE LogEst;
+
+/*
+** Set the SQLITE_PTRSIZE macro to the number of bytes in a pointer
+*/
+#ifndef SQLITE_PTRSIZE
+# if defined(__SIZEOF_POINTER__)
+# define SQLITE_PTRSIZE __SIZEOF_POINTER__
+# elif defined(i386) || defined(__i386__) || defined(_M_IX86) || \
+ defined(_M_ARM) || defined(__arm__) || defined(__x86)
+# define SQLITE_PTRSIZE 4
+# else
+# define SQLITE_PTRSIZE 8
+# endif
+#endif
+
+/*
+** Macros to determine whether the machine is big or little endian,
+** and whether or not that determination is run-time or compile-time.
+**
+** For best performance, an attempt is made to guess at the byte-order
+** using C-preprocessor macros. If that is unsuccessful, or if
+** -DSQLITE_RUNTIME_BYTEORDER=1 is set, then byte-order is determined
+** at run-time.
+*/
+#if (defined(i386) || defined(__i386__) || defined(_M_IX86) || \
+ defined(__x86_64) || defined(__x86_64__) || defined(_M_X64) || \
+ defined(_M_AMD64) || defined(_M_ARM) || defined(__x86) || \
+ defined(__arm__)) && !defined(SQLITE_RUNTIME_BYTEORDER)
+# define SQLITE_BYTEORDER 1234
+# define SQLITE_BIGENDIAN 0
+# define SQLITE_LITTLEENDIAN 1
+# define SQLITE_UTF16NATIVE SQLITE_UTF16LE
+#endif
+#if (defined(sparc) || defined(__ppc__)) \
+ && !defined(SQLITE_RUNTIME_BYTEORDER)
+# define SQLITE_BYTEORDER 4321
+# define SQLITE_BIGENDIAN 1
+# define SQLITE_LITTLEENDIAN 0
+# define SQLITE_UTF16NATIVE SQLITE_UTF16BE
+#endif
+#if !defined(SQLITE_BYTEORDER)
+# ifdef SQLITE_AMALGAMATION
+ const int sqlite3one = 1;
+# else
+ extern const int sqlite3one;
+# endif
+# define SQLITE_BYTEORDER 0 /* 0 means "unknown at compile-time" */
+# define SQLITE_BIGENDIAN (*(char *)(&sqlite3one)==0)
+# define SQLITE_LITTLEENDIAN (*(char *)(&sqlite3one)==1)
+# define SQLITE_UTF16NATIVE (SQLITE_BIGENDIAN?SQLITE_UTF16BE:SQLITE_UTF16LE)
+#endif
+
+/*
+** Constants for the largest and smallest possible 64-bit signed integers.
+** These macros are designed to work correctly on both 32-bit and 64-bit
+** compilers.
+*/
+#define LARGEST_INT64 (0xffffffff|(((i64)0x7fffffff)<<32))
+#define SMALLEST_INT64 (((i64)-1) - LARGEST_INT64)
+
+/*
+** Round up a number to the next larger multiple of 8. This is used
+** to force 8-byte alignment on 64-bit architectures.
+*/
+#define ROUND8(x) (((x)+7)&~7)
+
+/*
+** Round down to the nearest multiple of 8
+*/
+#define ROUNDDOWN8(x) ((x)&~7)
+
+/*
+** Assert that the pointer X is aligned to an 8-byte boundary. This
+** macro is used only within assert() to verify that the code gets
+** all alignment restrictions correct.
+**
+** Except, if SQLITE_4_BYTE_ALIGNED_MALLOC is defined, then the
+** underlying malloc() implementation might return us 4-byte aligned
+** pointers. In that case, only verify 4-byte alignment.
+*/
+#ifdef SQLITE_4_BYTE_ALIGNED_MALLOC
+# define EIGHT_BYTE_ALIGNMENT(X) ((((char*)(X) - (char*)0)&3)==0)
+#else
+# define EIGHT_BYTE_ALIGNMENT(X) ((((char*)(X) - (char*)0)&7)==0)
+#endif
+
+/*
+** Disable MMAP on platforms where it is known to not work
+*/
+#if defined(__OpenBSD__) || defined(__QNXNTO__)
+# undef SQLITE_MAX_MMAP_SIZE
+# define SQLITE_MAX_MMAP_SIZE 0
+#endif
+
+/*
+** Default maximum size of memory used by memory-mapped I/O in the VFS
+*/
+#ifdef __APPLE__
+# include <TargetConditionals.h>
+# if TARGET_OS_IPHONE
+# undef SQLITE_MAX_MMAP_SIZE
+# define SQLITE_MAX_MMAP_SIZE 0
+# endif
+#endif
+#ifndef SQLITE_MAX_MMAP_SIZE
+# if defined(__linux__) \
+ || defined(_WIN32) \
+ || (defined(__APPLE__) && defined(__MACH__)) \
+ || defined(__sun) \
+ || defined(__FreeBSD__) \
+ || defined(__DragonFly__)
+# define SQLITE_MAX_MMAP_SIZE 0x7fff0000 /* 2147418112 */
+# else
+# define SQLITE_MAX_MMAP_SIZE 0
+# endif
+# define SQLITE_MAX_MMAP_SIZE_xc 1 /* exclude from ctime.c */
+#endif
+
+/*
+** The default MMAP_SIZE is zero on all platforms. Or, even if a larger
+** default MMAP_SIZE is specified at compile-time, make sure that it does
+** not exceed the maximum mmap size.
+*/
+#ifndef SQLITE_DEFAULT_MMAP_SIZE
+# define SQLITE_DEFAULT_MMAP_SIZE 0
+# define SQLITE_DEFAULT_MMAP_SIZE_xc 1 /* Exclude from ctime.c */
+#endif
+#if SQLITE_DEFAULT_MMAP_SIZE>SQLITE_MAX_MMAP_SIZE
+# undef SQLITE_DEFAULT_MMAP_SIZE
+# define SQLITE_DEFAULT_MMAP_SIZE SQLITE_MAX_MMAP_SIZE
+#endif
+
+/*
+** Only one of SQLITE_ENABLE_STAT3 or SQLITE_ENABLE_STAT4 can be defined.
+** Priority is given to SQLITE_ENABLE_STAT4. If either are defined, also
+** define SQLITE_ENABLE_STAT3_OR_STAT4
+*/
+#ifdef SQLITE_ENABLE_STAT4
+# undef SQLITE_ENABLE_STAT3
+# define SQLITE_ENABLE_STAT3_OR_STAT4 1
+#elif SQLITE_ENABLE_STAT3
+# define SQLITE_ENABLE_STAT3_OR_STAT4 1
+#elif SQLITE_ENABLE_STAT3_OR_STAT4
+# undef SQLITE_ENABLE_STAT3_OR_STAT4
+#endif
+
+/*
+** SELECTTRACE_ENABLED will be either 1 or 0 depending on whether or not
+** the Select query generator tracing logic is turned on.
+*/
+#if defined(SQLITE_DEBUG) || defined(SQLITE_ENABLE_SELECTTRACE)
+# define SELECTTRACE_ENABLED 1
+#else
+# define SELECTTRACE_ENABLED 0
+#endif
+
+/*
+** An instance of the following structure is used to store the busy-handler
+** callback for a given sqlite handle.
+**
+** The sqlite.busyHandler member of the sqlite struct contains the busy
+** callback for the database handle. Each pager opened via the sqlite
+** handle is passed a pointer to sqlite.busyHandler. The busy-handler
+** callback is currently invoked only from within pager.c.
+*/
+typedef struct BusyHandler BusyHandler;
+struct BusyHandler {
+ int (*xFunc)(void *,int); /* The busy callback */
+ void *pArg; /* First arg to busy callback */
+ int nBusy; /* Incremented with each busy call */
+};
+
+/*
+** Name of the master database table. The master database table
+** is a special table that holds the names and attributes of all
+** user tables and indices.
+*/
+#define MASTER_NAME "sqlite_master"
+#define TEMP_MASTER_NAME "sqlite_temp_master"
+
+/*
+** The root-page of the master database table.
+*/
+#define MASTER_ROOT 1
+
+/*
+** The name of the schema table.
+*/
+#define SCHEMA_TABLE(x) ((!OMIT_TEMPDB)&&(x==1)?TEMP_MASTER_NAME:MASTER_NAME)
+
+/*
+** A convenience macro that returns the number of elements in
+** an array.
+*/
+#define ArraySize(X) ((int)(sizeof(X)/sizeof(X[0])))
+
+/*
+** Determine if the argument is a power of two
+*/
+#define IsPowerOfTwo(X) (((X)&((X)-1))==0)
+
+/*
+** The following value as a destructor means to use sqlite3DbFree().
+** The sqlite3DbFree() routine requires two parameters instead of the
+** one parameter that destructors normally want. So we have to introduce
+** this magic value that the code knows to handle differently. Any
+** pointer will work here as long as it is distinct from SQLITE_STATIC
+** and SQLITE_TRANSIENT.
+*/
+#define SQLITE_DYNAMIC ((sqlite3_destructor_type)sqlite3MallocSize)
+
+/*
+** When SQLITE_OMIT_WSD is defined, it means that the target platform does
+** not support Writable Static Data (WSD) such as global and static variables.
+** All variables must either be on the stack or dynamically allocated from
+** the heap. When WSD is unsupported, the variable declarations scattered
+** throughout the SQLite code must become constants instead. The SQLITE_WSD
+** macro is used for this purpose. And instead of referencing the variable
+** directly, we use its constant as a key to lookup the run-time allocated
+** buffer that holds real variable. The constant is also the initializer
+** for the run-time allocated buffer.
+**
+** In the usual case where WSD is supported, the SQLITE_WSD and GLOBAL
+** macros become no-ops and have zero performance impact.
+*/
+#ifdef SQLITE_OMIT_WSD
+ #define SQLITE_WSD const
+ #define GLOBAL(t,v) (*(t*)sqlite3_wsd_find((void*)&(v), sizeof(v)))
+ #define sqlite3GlobalConfig GLOBAL(struct Sqlite3Config, sqlite3Config)
+SQLITE_API int SQLITE_STDCALL sqlite3_wsd_init(int N, int J);
+SQLITE_API void *SQLITE_STDCALL sqlite3_wsd_find(void *K, int L);
+#else
+ #define SQLITE_WSD
+ #define GLOBAL(t,v) v
+ #define sqlite3GlobalConfig sqlite3Config
+#endif
+
+/*
+** The following macros are used to suppress compiler warnings and to
+** make it clear to human readers when a function parameter is deliberately
+** left unused within the body of a function. This usually happens when
+** a function is called via a function pointer. For example the
+** implementation of an SQL aggregate step callback may not use the
+** parameter indicating the number of arguments passed to the aggregate,
+** if it knows that this is enforced elsewhere.
+**
+** When a function parameter is not used at all within the body of a function,
+** it is generally named "NotUsed" or "NotUsed2" to make things even clearer.
+** However, these macros may also be used to suppress warnings related to
+** parameters that may or may not be used depending on compilation options.
+** For example those parameters only used in assert() statements. In these
+** cases the parameters are named as per the usual conventions.
+*/
+#define UNUSED_PARAMETER(x) (void)(x)
+#define UNUSED_PARAMETER2(x,y) UNUSED_PARAMETER(x),UNUSED_PARAMETER(y)
+
+/*
+** Forward references to structures
+*/
+typedef struct AggInfo AggInfo;
+typedef struct AuthContext AuthContext;
+typedef struct AutoincInfo AutoincInfo;
+typedef struct Bitvec Bitvec;
+typedef struct CollSeq CollSeq;
+typedef struct Column Column;
+typedef struct Db Db;
+typedef struct Schema Schema;
+typedef struct Expr Expr;
+typedef struct ExprList ExprList;
+typedef struct ExprSpan ExprSpan;
+typedef struct FKey FKey;
+typedef struct FuncDestructor FuncDestructor;
+typedef struct FuncDef FuncDef;
+typedef struct FuncDefHash FuncDefHash;
+typedef struct IdList IdList;
+typedef struct Index Index;
+typedef struct IndexSample IndexSample;
+typedef struct KeyClass KeyClass;
+typedef struct KeyInfo KeyInfo;
+typedef struct Lookaside Lookaside;
+typedef struct LookasideSlot LookasideSlot;
+typedef struct Module Module;
+typedef struct NameContext NameContext;
+typedef struct Parse Parse;
+typedef struct PrintfArguments PrintfArguments;
+typedef struct RowSet RowSet;
+typedef struct Savepoint Savepoint;
+typedef struct Select Select;
+typedef struct SQLiteThread SQLiteThread;
+typedef struct SelectDest SelectDest;
+typedef struct SrcList SrcList;
+typedef struct StrAccum StrAccum;
+typedef struct Table Table;
+typedef struct TableLock TableLock;
+typedef struct Token Token;
+typedef struct TreeView TreeView;
+typedef struct Trigger Trigger;
+typedef struct TriggerPrg TriggerPrg;
+typedef struct TriggerStep TriggerStep;
+typedef struct UnpackedRecord UnpackedRecord;
+typedef struct VTable VTable;
+typedef struct VtabCtx VtabCtx;
+typedef struct Walker Walker;
+typedef struct WhereInfo WhereInfo;
+typedef struct With With;
+
+/*
+** Defer sourcing vdbe.h and btree.h until after the "u8" and
+** "BusyHandler" typedefs. vdbe.h also requires a few of the opaque
+** pointer types (i.e. FuncDef) defined above.
+*/
+/************** Include btree.h in the middle of sqliteInt.h *****************/
+/************** Begin file btree.h *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the interface that the sqlite B-Tree file
+** subsystem. See comments in the source code for a detailed description
+** of what each interface routine does.
+*/
+#ifndef _BTREE_H_
+#define _BTREE_H_
+
+/* TODO: This definition is just included so other modules compile. It
+** needs to be revisited.
+*/
+#define SQLITE_N_BTREE_META 16
+
+/*
+** If defined as non-zero, auto-vacuum is enabled by default. Otherwise
+** it must be turned on for each database using "PRAGMA auto_vacuum = 1".
+*/
+#ifndef SQLITE_DEFAULT_AUTOVACUUM
+ #define SQLITE_DEFAULT_AUTOVACUUM 0
+#endif
+
+#define BTREE_AUTOVACUUM_NONE 0 /* Do not do auto-vacuum */
+#define BTREE_AUTOVACUUM_FULL 1 /* Do full auto-vacuum */
+#define BTREE_AUTOVACUUM_INCR 2 /* Incremental vacuum */
+
+/*
+** Forward declarations of structure
+*/
+typedef struct Btree Btree;
+typedef struct BtCursor BtCursor;
+typedef struct BtShared BtShared;
+
+
+SQLITE_PRIVATE int sqlite3BtreeOpen(
+ sqlite3_vfs *pVfs, /* VFS to use with this b-tree */
+ const char *zFilename, /* Name of database file to open */
+ sqlite3 *db, /* Associated database connection */
+ Btree **ppBtree, /* Return open Btree* here */
+ int flags, /* Flags */
+ int vfsFlags /* Flags passed through to VFS open */
+);
+
+/* The flags parameter to sqlite3BtreeOpen can be the bitwise or of the
+** following values.
+**
+** NOTE: These values must match the corresponding PAGER_ values in
+** pager.h.
+*/
+#define BTREE_OMIT_JOURNAL 1 /* Do not create or use a rollback journal */
+#define BTREE_MEMORY 2 /* This is an in-memory DB */
+#define BTREE_SINGLE 4 /* The file contains at most 1 b-tree */
+#define BTREE_UNORDERED 8 /* Use of a hash implementation is OK */
+
+SQLITE_PRIVATE int sqlite3BtreeClose(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeSetCacheSize(Btree*,int);
+SQLITE_PRIVATE int sqlite3BtreeSetSpillSize(Btree*,int);
+#if SQLITE_MAX_MMAP_SIZE>0
+SQLITE_PRIVATE int sqlite3BtreeSetMmapLimit(Btree*,sqlite3_int64);
+#endif
+SQLITE_PRIVATE int sqlite3BtreeSetPagerFlags(Btree*,unsigned);
+SQLITE_PRIVATE int sqlite3BtreeSyncDisabled(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeSetPageSize(Btree *p, int nPagesize, int nReserve, int eFix);
+SQLITE_PRIVATE int sqlite3BtreeGetPageSize(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeMaxPageCount(Btree*,int);
+SQLITE_PRIVATE u32 sqlite3BtreeLastPage(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeSecureDelete(Btree*,int);
+SQLITE_PRIVATE int sqlite3BtreeGetOptimalReserve(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeGetReserveNoMutex(Btree *p);
+SQLITE_PRIVATE int sqlite3BtreeSetAutoVacuum(Btree *, int);
+SQLITE_PRIVATE int sqlite3BtreeGetAutoVacuum(Btree *);
+SQLITE_PRIVATE int sqlite3BtreeBeginTrans(Btree*,int);
+SQLITE_PRIVATE int sqlite3BtreeCommitPhaseOne(Btree*, const char *zMaster);
+SQLITE_PRIVATE int sqlite3BtreeCommitPhaseTwo(Btree*, int);
+SQLITE_PRIVATE int sqlite3BtreeCommit(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeRollback(Btree*,int,int);
+SQLITE_PRIVATE int sqlite3BtreeBeginStmt(Btree*,int);
+SQLITE_PRIVATE int sqlite3BtreeCreateTable(Btree*, int*, int flags);
+SQLITE_PRIVATE int sqlite3BtreeIsInTrans(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeIsInReadTrans(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeIsInBackup(Btree*);
+SQLITE_PRIVATE void *sqlite3BtreeSchema(Btree *, int, void(*)(void *));
+SQLITE_PRIVATE int sqlite3BtreeSchemaLocked(Btree *pBtree);
+SQLITE_PRIVATE int sqlite3BtreeLockTable(Btree *pBtree, int iTab, u8 isWriteLock);
+SQLITE_PRIVATE int sqlite3BtreeSavepoint(Btree *, int, int);
+
+SQLITE_PRIVATE const char *sqlite3BtreeGetFilename(Btree *);
+SQLITE_PRIVATE const char *sqlite3BtreeGetJournalname(Btree *);
+SQLITE_PRIVATE int sqlite3BtreeCopyFile(Btree *, Btree *);
+
+SQLITE_PRIVATE int sqlite3BtreeIncrVacuum(Btree *);
+
+/* The flags parameter to sqlite3BtreeCreateTable can be the bitwise OR
+** of the flags shown below.
+**
+** Every SQLite table must have either BTREE_INTKEY or BTREE_BLOBKEY set.
+** With BTREE_INTKEY, the table key is a 64-bit integer and arbitrary data
+** is stored in the leaves. (BTREE_INTKEY is used for SQL tables.) With
+** BTREE_BLOBKEY, the key is an arbitrary BLOB and no content is stored
+** anywhere - the key is the content. (BTREE_BLOBKEY is used for SQL
+** indices.)
+*/
+#define BTREE_INTKEY 1 /* Table has only 64-bit signed integer keys */
+#define BTREE_BLOBKEY 2 /* Table has keys only - no data */
+
+SQLITE_PRIVATE int sqlite3BtreeDropTable(Btree*, int, int*);
+SQLITE_PRIVATE int sqlite3BtreeClearTable(Btree*, int, int*);
+SQLITE_PRIVATE int sqlite3BtreeClearTableOfCursor(BtCursor*);
+SQLITE_PRIVATE int sqlite3BtreeTripAllCursors(Btree*, int, int);
+
+SQLITE_PRIVATE void sqlite3BtreeGetMeta(Btree *pBtree, int idx, u32 *pValue);
+SQLITE_PRIVATE int sqlite3BtreeUpdateMeta(Btree*, int idx, u32 value);
+
+SQLITE_PRIVATE int sqlite3BtreeNewDb(Btree *p);
+
+/*
+** The second parameter to sqlite3BtreeGetMeta or sqlite3BtreeUpdateMeta
+** should be one of the following values. The integer values are assigned
+** to constants so that the offset of the corresponding field in an
+** SQLite database header may be found using the following formula:
+**
+** offset = 36 + (idx * 4)
+**
+** For example, the free-page-count field is located at byte offset 36 of
+** the database file header. The incr-vacuum-flag field is located at
+** byte offset 64 (== 36+4*7).
+**
+** The BTREE_DATA_VERSION value is not really a value stored in the header.
+** It is a read-only number computed by the pager. But we merge it with
+** the header value access routines since its access pattern is the same.
+** Call it a "virtual meta value".
+*/
+#define BTREE_FREE_PAGE_COUNT 0
+#define BTREE_SCHEMA_VERSION 1
+#define BTREE_FILE_FORMAT 2
+#define BTREE_DEFAULT_CACHE_SIZE 3
+#define BTREE_LARGEST_ROOT_PAGE 4
+#define BTREE_TEXT_ENCODING 5
+#define BTREE_USER_VERSION 6
+#define BTREE_INCR_VACUUM 7
+#define BTREE_APPLICATION_ID 8
+#define BTREE_DATA_VERSION 15 /* A virtual meta-value */
+
+/*
+** Kinds of hints that can be passed into the sqlite3BtreeCursorHint()
+** interface.
+**
+** BTREE_HINT_RANGE (arguments: Expr*, Mem*)
+**
+** The first argument is an Expr* (which is guaranteed to be constant for
+** the lifetime of the cursor) that defines constraints on which rows
+** might be fetched with this cursor. The Expr* tree may contain
+** TK_REGISTER nodes that refer to values stored in the array of registers
+** passed as the second parameter. In other words, if Expr.op==TK_REGISTER
+** then the value of the node is the value in Mem[pExpr.iTable]. Any
+** TK_COLUMN node in the expression tree refers to the Expr.iColumn-th
+** column of the b-tree of the cursor. The Expr tree will not contain
+** any function calls nor subqueries nor references to b-trees other than
+** the cursor being hinted.
+**
+** The design of the _RANGE hint is aid b-tree implementations that try
+** to prefetch content from remote machines - to provide those
+** implementations with limits on what needs to be prefetched and thereby
+** reduce network bandwidth.
+**
+** Note that BTREE_HINT_FLAGS with BTREE_BULKLOAD is the only hint used by
+** standard SQLite. The other hints are provided for extentions that use
+** the SQLite parser and code generator but substitute their own storage
+** engine.
+*/
+#define BTREE_HINT_RANGE 0 /* Range constraints on queries */
+
+/*
+** Values that may be OR'd together to form the argument to the
+** BTREE_HINT_FLAGS hint for sqlite3BtreeCursorHint():
+**
+** The BTREE_BULKLOAD flag is set on index cursors when the index is going
+** to be filled with content that is already in sorted order.
+**
+** The BTREE_SEEK_EQ flag is set on cursors that will get OP_SeekGE or
+** OP_SeekLE opcodes for a range search, but where the range of entries
+** selected will all have the same key. In other words, the cursor will
+** be used only for equality key searches.
+**
+*/
+#define BTREE_BULKLOAD 0x00000001 /* Used to full index in sorted order */
+#define BTREE_SEEK_EQ 0x00000002 /* EQ seeks only - no range seeks */
+
+/*
+** Flags passed as the third argument to sqlite3BtreeCursor().
+**
+** For read-only cursors the wrFlag argument is always zero. For read-write
+** cursors it may be set to either (BTREE_WRCSR|BTREE_FORDELETE) or
+** (BTREE_WRCSR). If the BTREE_FORDELETE flag is set, then the cursor will
+** only be used by SQLite for the following:
+**
+** * to seek to and delete specific entries, and/or
+**
+** * to read values that will be used to create keys that other
+** BTREE_FORDELETE cursors will seek to and delete.
+*/
+#define BTREE_WRCSR 0x00000004 /* read-write cursor */
+#define BTREE_FORDELETE 0x00000008 /* Cursor is for seek/delete only */
+
+SQLITE_PRIVATE int sqlite3BtreeCursor(
+ Btree*, /* BTree containing table to open */
+ int iTable, /* Index of root page */
+ int wrFlag, /* 1 for writing. 0 for read-only */
+ struct KeyInfo*, /* First argument to compare function */
+ BtCursor *pCursor /* Space to write cursor structure */
+);
+SQLITE_PRIVATE int sqlite3BtreeCursorSize(void);
+SQLITE_PRIVATE void sqlite3BtreeCursorZero(BtCursor*);
+SQLITE_PRIVATE void sqlite3BtreeCursorHintFlags(BtCursor*, unsigned);
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+SQLITE_PRIVATE void sqlite3BtreeCursorHint(BtCursor*, int, ...);
+#endif
+
+SQLITE_PRIVATE int sqlite3BtreeCloseCursor(BtCursor*);
+SQLITE_PRIVATE int sqlite3BtreeMovetoUnpacked(
+ BtCursor*,
+ UnpackedRecord *pUnKey,
+ i64 intKey,
+ int bias,
+ int *pRes
+);
+SQLITE_PRIVATE int sqlite3BtreeCursorHasMoved(BtCursor*);
+SQLITE_PRIVATE int sqlite3BtreeCursorRestore(BtCursor*, int*);
+SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor*, int);
+SQLITE_PRIVATE int sqlite3BtreeInsert(BtCursor*, const void *pKey, i64 nKey,
+ const void *pData, int nData,
+ int nZero, int bias, int seekResult);
+SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor*, int *pRes);
+SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor*, int *pRes);
+SQLITE_PRIVATE int sqlite3BtreeNext(BtCursor*, int *pRes);
+SQLITE_PRIVATE int sqlite3BtreeEof(BtCursor*);
+SQLITE_PRIVATE int sqlite3BtreePrevious(BtCursor*, int *pRes);
+SQLITE_PRIVATE int sqlite3BtreeKeySize(BtCursor*, i64 *pSize);
+SQLITE_PRIVATE int sqlite3BtreeKey(BtCursor*, u32 offset, u32 amt, void*);
+SQLITE_PRIVATE const void *sqlite3BtreeKeyFetch(BtCursor*, u32 *pAmt);
+SQLITE_PRIVATE const void *sqlite3BtreeDataFetch(BtCursor*, u32 *pAmt);
+SQLITE_PRIVATE int sqlite3BtreeDataSize(BtCursor*, u32 *pSize);
+SQLITE_PRIVATE int sqlite3BtreeData(BtCursor*, u32 offset, u32 amt, void*);
+
+SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(Btree*, int *aRoot, int nRoot, int, int*);
+SQLITE_PRIVATE struct Pager *sqlite3BtreePager(Btree*);
+
+SQLITE_PRIVATE int sqlite3BtreePutData(BtCursor*, u32 offset, u32 amt, void*);
+SQLITE_PRIVATE void sqlite3BtreeIncrblobCursor(BtCursor *);
+SQLITE_PRIVATE void sqlite3BtreeClearCursor(BtCursor *);
+SQLITE_PRIVATE int sqlite3BtreeSetVersion(Btree *pBt, int iVersion);
+SQLITE_PRIVATE int sqlite3BtreeCursorHasHint(BtCursor*, unsigned int mask);
+SQLITE_PRIVATE int sqlite3BtreeIsReadonly(Btree *pBt);
+SQLITE_PRIVATE int sqlite3HeaderSizeBtree(void);
+
+#ifndef NDEBUG
+SQLITE_PRIVATE int sqlite3BtreeCursorIsValid(BtCursor*);
+#endif
+
+#ifndef SQLITE_OMIT_BTREECOUNT
+SQLITE_PRIVATE int sqlite3BtreeCount(BtCursor *, i64 *);
+#endif
+
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE int sqlite3BtreeCursorInfo(BtCursor*, int*, int);
+SQLITE_PRIVATE void sqlite3BtreeCursorList(Btree*);
+#endif
+
+#ifndef SQLITE_OMIT_WAL
+SQLITE_PRIVATE int sqlite3BtreeCheckpoint(Btree*, int, int *, int *);
+#endif
+
+/*
+** If we are not using shared cache, then there is no need to
+** use mutexes to access the BtShared structures. So make the
+** Enter and Leave procedures no-ops.
+*/
+#ifndef SQLITE_OMIT_SHARED_CACHE
+SQLITE_PRIVATE void sqlite3BtreeEnter(Btree*);
+SQLITE_PRIVATE void sqlite3BtreeEnterAll(sqlite3*);
+#else
+# define sqlite3BtreeEnter(X)
+# define sqlite3BtreeEnterAll(X)
+#endif
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && SQLITE_THREADSAFE
+SQLITE_PRIVATE int sqlite3BtreeSharable(Btree*);
+SQLITE_PRIVATE void sqlite3BtreeLeave(Btree*);
+SQLITE_PRIVATE void sqlite3BtreeEnterCursor(BtCursor*);
+SQLITE_PRIVATE void sqlite3BtreeLeaveCursor(BtCursor*);
+SQLITE_PRIVATE void sqlite3BtreeLeaveAll(sqlite3*);
+#ifndef NDEBUG
+ /* These routines are used inside assert() statements only. */
+SQLITE_PRIVATE int sqlite3BtreeHoldsMutex(Btree*);
+SQLITE_PRIVATE int sqlite3BtreeHoldsAllMutexes(sqlite3*);
+SQLITE_PRIVATE int sqlite3SchemaMutexHeld(sqlite3*,int,Schema*);
+#endif
+#else
+
+# define sqlite3BtreeSharable(X) 0
+# define sqlite3BtreeLeave(X)
+# define sqlite3BtreeEnterCursor(X)
+# define sqlite3BtreeLeaveCursor(X)
+# define sqlite3BtreeLeaveAll(X)
+
+# define sqlite3BtreeHoldsMutex(X) 1
+# define sqlite3BtreeHoldsAllMutexes(X) 1
+# define sqlite3SchemaMutexHeld(X,Y,Z) 1
+#endif
+
+
+#endif /* _BTREE_H_ */
+
+/************** End of btree.h ***********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+/************** Include vdbe.h in the middle of sqliteInt.h ******************/
+/************** Begin file vdbe.h ********************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Header file for the Virtual DataBase Engine (VDBE)
+**
+** This header defines the interface to the virtual database engine
+** or VDBE. The VDBE implements an abstract machine that runs a
+** simple program to access and modify the underlying database.
+*/
+#ifndef _SQLITE_VDBE_H_
+#define _SQLITE_VDBE_H_
+/* #include <stdio.h> */
+
+/*
+** A single VDBE is an opaque structure named "Vdbe". Only routines
+** in the source file sqliteVdbe.c are allowed to see the insides
+** of this structure.
+*/
+typedef struct Vdbe Vdbe;
+
+/*
+** The names of the following types declared in vdbeInt.h are required
+** for the VdbeOp definition.
+*/
+typedef struct Mem Mem;
+typedef struct SubProgram SubProgram;
+
+/*
+** A single instruction of the virtual machine has an opcode
+** and as many as three operands. The instruction is recorded
+** as an instance of the following structure:
+*/
+struct VdbeOp {
+ u8 opcode; /* What operation to perform */
+ signed char p4type; /* One of the P4_xxx constants for p4 */
+ u8 opflags; /* Mask of the OPFLG_* flags in opcodes.h */
+ u8 p5; /* Fifth parameter is an unsigned character */
+ int p1; /* First operand */
+ int p2; /* Second parameter (often the jump destination) */
+ int p3; /* The third parameter */
+ union p4union { /* fourth parameter */
+ int i; /* Integer value if p4type==P4_INT32 */
+ void *p; /* Generic pointer */
+ char *z; /* Pointer to data for string (char array) types */
+ i64 *pI64; /* Used when p4type is P4_INT64 */
+ double *pReal; /* Used when p4type is P4_REAL */
+ FuncDef *pFunc; /* Used when p4type is P4_FUNCDEF */
+ sqlite3_context *pCtx; /* Used when p4type is P4_FUNCCTX */
+ CollSeq *pColl; /* Used when p4type is P4_COLLSEQ */
+ Mem *pMem; /* Used when p4type is P4_MEM */
+ VTable *pVtab; /* Used when p4type is P4_VTAB */
+ KeyInfo *pKeyInfo; /* Used when p4type is P4_KEYINFO */
+ int *ai; /* Used when p4type is P4_INTARRAY */
+ SubProgram *pProgram; /* Used when p4type is P4_SUBPROGRAM */
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+ Expr *pExpr; /* Used when p4type is P4_EXPR */
+#endif
+ int (*xAdvance)(BtCursor *, int *);
+ } p4;
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ char *zComment; /* Comment to improve readability */
+#endif
+#ifdef VDBE_PROFILE
+ u32 cnt; /* Number of times this instruction was executed */
+ u64 cycles; /* Total time spent executing this instruction */
+#endif
+#ifdef SQLITE_VDBE_COVERAGE
+ int iSrcLine; /* Source-code line that generated this opcode */
+#endif
+};
+typedef struct VdbeOp VdbeOp;
+
+
+/*
+** A sub-routine used to implement a trigger program.
+*/
+struct SubProgram {
+ VdbeOp *aOp; /* Array of opcodes for sub-program */
+ int nOp; /* Elements in aOp[] */
+ int nMem; /* Number of memory cells required */
+ int nCsr; /* Number of cursors required */
+ int nOnce; /* Number of OP_Once instructions */
+ void *token; /* id that may be used to recursive triggers */
+ SubProgram *pNext; /* Next sub-program already visited */
+};
+
+/*
+** A smaller version of VdbeOp used for the VdbeAddOpList() function because
+** it takes up less space.
+*/
+struct VdbeOpList {
+ u8 opcode; /* What operation to perform */
+ signed char p1; /* First operand */
+ signed char p2; /* Second parameter (often the jump destination) */
+ signed char p3; /* Third parameter */
+};
+typedef struct VdbeOpList VdbeOpList;
+
+/*
+** Allowed values of VdbeOp.p4type
+*/
+#define P4_NOTUSED 0 /* The P4 parameter is not used */
+#define P4_DYNAMIC (-1) /* Pointer to a string obtained from sqliteMalloc() */
+#define P4_STATIC (-2) /* Pointer to a static string */
+#define P4_COLLSEQ (-4) /* P4 is a pointer to a CollSeq structure */
+#define P4_FUNCDEF (-5) /* P4 is a pointer to a FuncDef structure */
+#define P4_KEYINFO (-6) /* P4 is a pointer to a KeyInfo structure */
+#define P4_EXPR (-7) /* P4 is a pointer to an Expr tree */
+#define P4_MEM (-8) /* P4 is a pointer to a Mem* structure */
+#define P4_TRANSIENT 0 /* P4 is a pointer to a transient string */
+#define P4_VTAB (-10) /* P4 is a pointer to an sqlite3_vtab structure */
+#define P4_MPRINTF (-11) /* P4 is a string obtained from sqlite3_mprintf() */
+#define P4_REAL (-12) /* P4 is a 64-bit floating point value */
+#define P4_INT64 (-13) /* P4 is a 64-bit signed integer */
+#define P4_INT32 (-14) /* P4 is a 32-bit signed integer */
+#define P4_INTARRAY (-15) /* P4 is a vector of 32-bit integers */
+#define P4_SUBPROGRAM (-18) /* P4 is a pointer to a SubProgram structure */
+#define P4_ADVANCE (-19) /* P4 is a pointer to BtreeNext() or BtreePrev() */
+#define P4_FUNCCTX (-20) /* P4 is a pointer to an sqlite3_context object */
+
+/* Error message codes for OP_Halt */
+#define P5_ConstraintNotNull 1
+#define P5_ConstraintUnique 2
+#define P5_ConstraintCheck 3
+#define P5_ConstraintFK 4
+
+/*
+** The Vdbe.aColName array contains 5n Mem structures, where n is the
+** number of columns of data returned by the statement.
+*/
+#define COLNAME_NAME 0
+#define COLNAME_DECLTYPE 1
+#define COLNAME_DATABASE 2
+#define COLNAME_TABLE 3
+#define COLNAME_COLUMN 4
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+# define COLNAME_N 5 /* Number of COLNAME_xxx symbols */
+#else
+# ifdef SQLITE_OMIT_DECLTYPE
+# define COLNAME_N 1 /* Store only the name */
+# else
+# define COLNAME_N 2 /* Store the name and decltype */
+# endif
+#endif
+
+/*
+** The following macro converts a relative address in the p2 field
+** of a VdbeOp structure into a negative number so that
+** sqlite3VdbeAddOpList() knows that the address is relative. Calling
+** the macro again restores the address.
+*/
+#define ADDR(X) (-1-(X))
+
+/*
+** The makefile scans the vdbe.c source file and creates the "opcodes.h"
+** header file that defines a number for each opcode used by the VDBE.
+*/
+/************** Include opcodes.h in the middle of vdbe.h ********************/
+/************** Begin file opcodes.h *****************************************/
+/* Automatically generated. Do not edit */
+/* See the tool/mkopcodeh.tcl script for details */
+#define OP_Savepoint 1
+#define OP_AutoCommit 2
+#define OP_Transaction 3
+#define OP_SorterNext 4
+#define OP_PrevIfOpen 5
+#define OP_NextIfOpen 6
+#define OP_Prev 7
+#define OP_Next 8
+#define OP_Checkpoint 9
+#define OP_JournalMode 10
+#define OP_Vacuum 11
+#define OP_VFilter 12 /* synopsis: iplan=r[P3] zplan='P4' */
+#define OP_VUpdate 13 /* synopsis: data=r[P3@P2] */
+#define OP_Goto 14
+#define OP_Gosub 15
+#define OP_Return 16
+#define OP_InitCoroutine 17
+#define OP_EndCoroutine 18
+#define OP_Not 19 /* same as TK_NOT, synopsis: r[P2]= !r[P1] */
+#define OP_Yield 20
+#define OP_HaltIfNull 21 /* synopsis: if r[P3]=null halt */
+#define OP_Halt 22
+#define OP_Integer 23 /* synopsis: r[P2]=P1 */
+#define OP_Int64 24 /* synopsis: r[P2]=P4 */
+#define OP_String 25 /* synopsis: r[P2]='P4' (len=P1) */
+#define OP_Null 26 /* synopsis: r[P2..P3]=NULL */
+#define OP_SoftNull 27 /* synopsis: r[P1]=NULL */
+#define OP_Blob 28 /* synopsis: r[P2]=P4 (len=P1) */
+#define OP_Variable 29 /* synopsis: r[P2]=parameter(P1,P4) */
+#define OP_Move 30 /* synopsis: r[P2@P3]=r[P1@P3] */
+#define OP_Copy 31 /* synopsis: r[P2@P3+1]=r[P1@P3+1] */
+#define OP_SCopy 32 /* synopsis: r[P2]=r[P1] */
+#define OP_IntCopy 33 /* synopsis: r[P2]=r[P1] */
+#define OP_ResultRow 34 /* synopsis: output=r[P1@P2] */
+#define OP_CollSeq 35
+#define OP_Function0 36 /* synopsis: r[P3]=func(r[P2@P5]) */
+#define OP_Function 37 /* synopsis: r[P3]=func(r[P2@P5]) */
+#define OP_AddImm 38 /* synopsis: r[P1]=r[P1]+P2 */
+#define OP_MustBeInt 39
+#define OP_RealAffinity 40
+#define OP_Cast 41 /* synopsis: affinity(r[P1]) */
+#define OP_Permutation 42
+#define OP_Compare 43 /* synopsis: r[P1@P3] <-> r[P2@P3] */
+#define OP_Jump 44
+#define OP_Once 45
+#define OP_If 46
+#define OP_IfNot 47
+#define OP_Column 48 /* synopsis: r[P3]=PX */
+#define OP_Affinity 49 /* synopsis: affinity(r[P1@P2]) */
+#define OP_MakeRecord 50 /* synopsis: r[P3]=mkrec(r[P1@P2]) */
+#define OP_Count 51 /* synopsis: r[P2]=count() */
+#define OP_ReadCookie 52
+#define OP_SetCookie 53
+#define OP_ReopenIdx 54 /* synopsis: root=P2 iDb=P3 */
+#define OP_OpenRead 55 /* synopsis: root=P2 iDb=P3 */
+#define OP_OpenWrite 56 /* synopsis: root=P2 iDb=P3 */
+#define OP_OpenAutoindex 57 /* synopsis: nColumn=P2 */
+#define OP_OpenEphemeral 58 /* synopsis: nColumn=P2 */
+#define OP_SorterOpen 59
+#define OP_SequenceTest 60 /* synopsis: if( cursor[P1].ctr++ ) pc = P2 */
+#define OP_OpenPseudo 61 /* synopsis: P3 columns in r[P2] */
+#define OP_Close 62
+#define OP_ColumnsUsed 63
+#define OP_SeekLT 64 /* synopsis: key=r[P3@P4] */
+#define OP_SeekLE 65 /* synopsis: key=r[P3@P4] */
+#define OP_SeekGE 66 /* synopsis: key=r[P3@P4] */
+#define OP_SeekGT 67 /* synopsis: key=r[P3@P4] */
+#define OP_Seek 68 /* synopsis: intkey=r[P2] */
+#define OP_NoConflict 69 /* synopsis: key=r[P3@P4] */
+#define OP_NotFound 70 /* synopsis: key=r[P3@P4] */
+#define OP_Or 71 /* same as TK_OR, synopsis: r[P3]=(r[P1] || r[P2]) */
+#define OP_And 72 /* same as TK_AND, synopsis: r[P3]=(r[P1] && r[P2]) */
+#define OP_Found 73 /* synopsis: key=r[P3@P4] */
+#define OP_NotExists 74 /* synopsis: intkey=r[P3] */
+#define OP_Sequence 75 /* synopsis: r[P2]=cursor[P1].ctr++ */
+#define OP_IsNull 76 /* same as TK_ISNULL, synopsis: if r[P1]==NULL goto P2 */
+#define OP_NotNull 77 /* same as TK_NOTNULL, synopsis: if r[P1]!=NULL goto P2 */
+#define OP_Ne 78 /* same as TK_NE, synopsis: if r[P1]!=r[P3] goto P2 */
+#define OP_Eq 79 /* same as TK_EQ, synopsis: if r[P1]==r[P3] goto P2 */
+#define OP_Gt 80 /* same as TK_GT, synopsis: if r[P1]>r[P3] goto P2 */
+#define OP_Le 81 /* same as TK_LE, synopsis: if r[P1]<=r[P3] goto P2 */
+#define OP_Lt 82 /* same as TK_LT, synopsis: if r[P1]<r[P3] goto P2 */
+#define OP_Ge 83 /* same as TK_GE, synopsis: if r[P1]>=r[P3] goto P2 */
+#define OP_NewRowid 84 /* synopsis: r[P2]=rowid */
+#define OP_BitAnd 85 /* same as TK_BITAND, synopsis: r[P3]=r[P1]&r[P2] */
+#define OP_BitOr 86 /* same as TK_BITOR, synopsis: r[P3]=r[P1]|r[P2] */
+#define OP_ShiftLeft 87 /* same as TK_LSHIFT, synopsis: r[P3]=r[P2]<<r[P1] */
+#define OP_ShiftRight 88 /* same as TK_RSHIFT, synopsis: r[P3]=r[P2]>>r[P1] */
+#define OP_Add 89 /* same as TK_PLUS, synopsis: r[P3]=r[P1]+r[P2] */
+#define OP_Subtract 90 /* same as TK_MINUS, synopsis: r[P3]=r[P2]-r[P1] */
+#define OP_Multiply 91 /* same as TK_STAR, synopsis: r[P3]=r[P1]*r[P2] */
+#define OP_Divide 92 /* same as TK_SLASH, synopsis: r[P3]=r[P2]/r[P1] */
+#define OP_Remainder 93 /* same as TK_REM, synopsis: r[P3]=r[P2]%r[P1] */
+#define OP_Concat 94 /* same as TK_CONCAT, synopsis: r[P3]=r[P2]+r[P1] */
+#define OP_Insert 95 /* synopsis: intkey=r[P3] data=r[P2] */
+#define OP_BitNot 96 /* same as TK_BITNOT, synopsis: r[P1]= ~r[P1] */
+#define OP_String8 97 /* same as TK_STRING, synopsis: r[P2]='P4' */
+#define OP_InsertInt 98 /* synopsis: intkey=P3 data=r[P2] */
+#define OP_Delete 99
+#define OP_ResetCount 100
+#define OP_SorterCompare 101 /* synopsis: if key(P1)!=trim(r[P3],P4) goto P2 */
+#define OP_SorterData 102 /* synopsis: r[P2]=data */
+#define OP_RowKey 103 /* synopsis: r[P2]=key */
+#define OP_RowData 104 /* synopsis: r[P2]=data */
+#define OP_Rowid 105 /* synopsis: r[P2]=rowid */
+#define OP_NullRow 106
+#define OP_Last 107
+#define OP_SorterSort 108
+#define OP_Sort 109
+#define OP_Rewind 110
+#define OP_SorterInsert 111
+#define OP_IdxInsert 112 /* synopsis: key=r[P2] */
+#define OP_IdxDelete 113 /* synopsis: key=r[P2@P3] */
+#define OP_IdxRowid 114 /* synopsis: r[P2]=rowid */
+#define OP_IdxLE 115 /* synopsis: key=r[P3@P4] */
+#define OP_IdxGT 116 /* synopsis: key=r[P3@P4] */
+#define OP_IdxLT 117 /* synopsis: key=r[P3@P4] */
+#define OP_IdxGE 118 /* synopsis: key=r[P3@P4] */
+#define OP_Destroy 119
+#define OP_Clear 120
+#define OP_ResetSorter 121
+#define OP_CreateIndex 122 /* synopsis: r[P2]=root iDb=P1 */
+#define OP_CreateTable 123 /* synopsis: r[P2]=root iDb=P1 */
+#define OP_ParseSchema 124
+#define OP_LoadAnalysis 125
+#define OP_DropTable 126
+#define OP_DropIndex 127
+#define OP_DropTrigger 128
+#define OP_IntegrityCk 129
+#define OP_RowSetAdd 130 /* synopsis: rowset(P1)=r[P2] */
+#define OP_RowSetRead 131 /* synopsis: r[P3]=rowset(P1) */
+#define OP_RowSetTest 132 /* synopsis: if r[P3] in rowset(P1) goto P2 */
+#define OP_Real 133 /* same as TK_FLOAT, synopsis: r[P2]=P4 */
+#define OP_Program 134
+#define OP_Param 135
+#define OP_FkCounter 136 /* synopsis: fkctr[P1]+=P2 */
+#define OP_FkIfZero 137 /* synopsis: if fkctr[P1]==0 goto P2 */
+#define OP_MemMax 138 /* synopsis: r[P1]=max(r[P1],r[P2]) */
+#define OP_IfPos 139 /* synopsis: if r[P1]>0 then r[P1]-=P3, goto P2 */
+#define OP_SetIfNotPos 140 /* synopsis: if r[P1]<=0 then r[P2]=P3 */
+#define OP_IfNotZero 141 /* synopsis: if r[P1]!=0 then r[P1]-=P3, goto P2 */
+#define OP_DecrJumpZero 142 /* synopsis: if (--r[P1])==0 goto P2 */
+#define OP_JumpZeroIncr 143 /* synopsis: if (r[P1]++)==0 ) goto P2 */
+#define OP_AggStep0 144 /* synopsis: accum=r[P3] step(r[P2@P5]) */
+#define OP_AggStep 145 /* synopsis: accum=r[P3] step(r[P2@P5]) */
+#define OP_AggFinal 146 /* synopsis: accum=r[P1] N=P2 */
+#define OP_IncrVacuum 147
+#define OP_Expire 148
+#define OP_TableLock 149 /* synopsis: iDb=P1 root=P2 write=P3 */
+#define OP_VBegin 150
+#define OP_VCreate 151
+#define OP_VDestroy 152
+#define OP_VOpen 153
+#define OP_VColumn 154 /* synopsis: r[P3]=vcolumn(P2) */
+#define OP_VNext 155
+#define OP_VRename 156
+#define OP_Pagecount 157
+#define OP_MaxPgcnt 158
+#define OP_Init 159 /* synopsis: Start at P2 */
+#define OP_CursorHint 160
+#define OP_Noop 161
+#define OP_Explain 162
+
+/* Properties such as "out2" or "jump" that are specified in
+** comments following the "case" for each opcode in the vdbe.c
+** are encoded into bitvectors as follows:
+*/
+#define OPFLG_JUMP 0x0001 /* jump: P2 holds jmp target */
+#define OPFLG_IN1 0x0002 /* in1: P1 is an input */
+#define OPFLG_IN2 0x0004 /* in2: P2 is an input */
+#define OPFLG_IN3 0x0008 /* in3: P3 is an input */
+#define OPFLG_OUT2 0x0010 /* out2: P2 is an output */
+#define OPFLG_OUT3 0x0020 /* out3: P3 is an output */
+#define OPFLG_INITIALIZER {\
+/* 0 */ 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x01,\
+/* 8 */ 0x01, 0x00, 0x10, 0x00, 0x01, 0x00, 0x01, 0x01,\
+/* 16 */ 0x02, 0x01, 0x02, 0x12, 0x03, 0x08, 0x00, 0x10,\
+/* 24 */ 0x10, 0x10, 0x10, 0x00, 0x10, 0x10, 0x00, 0x00,\
+/* 32 */ 0x10, 0x10, 0x00, 0x00, 0x00, 0x00, 0x02, 0x03,\
+/* 40 */ 0x02, 0x02, 0x00, 0x00, 0x01, 0x01, 0x03, 0x03,\
+/* 48 */ 0x00, 0x00, 0x00, 0x10, 0x10, 0x08, 0x00, 0x00,\
+/* 56 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\
+/* 64 */ 0x09, 0x09, 0x09, 0x09, 0x04, 0x09, 0x09, 0x26,\
+/* 72 */ 0x26, 0x09, 0x09, 0x10, 0x03, 0x03, 0x0b, 0x0b,\
+/* 80 */ 0x0b, 0x0b, 0x0b, 0x0b, 0x10, 0x26, 0x26, 0x26,\
+/* 88 */ 0x26, 0x26, 0x26, 0x26, 0x26, 0x26, 0x26, 0x00,\
+/* 96 */ 0x12, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\
+/* 104 */ 0x00, 0x10, 0x00, 0x01, 0x01, 0x01, 0x01, 0x04,\
+/* 112 */ 0x04, 0x00, 0x10, 0x01, 0x01, 0x01, 0x01, 0x10,\
+/* 120 */ 0x00, 0x00, 0x10, 0x10, 0x00, 0x00, 0x00, 0x00,\
+/* 128 */ 0x00, 0x00, 0x06, 0x23, 0x0b, 0x10, 0x01, 0x10,\
+/* 136 */ 0x00, 0x01, 0x04, 0x03, 0x06, 0x03, 0x03, 0x03,\
+/* 144 */ 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,\
+/* 152 */ 0x00, 0x00, 0x00, 0x01, 0x00, 0x10, 0x10, 0x01,\
+/* 160 */ 0x00, 0x00, 0x00,}
+
+/************** End of opcodes.h *********************************************/
+/************** Continuing where we left off in vdbe.h ***********************/
+
+/*
+** Prototypes for the VDBE interface. See comments on the implementation
+** for a description of what each of these routines does.
+*/
+SQLITE_PRIVATE Vdbe *sqlite3VdbeCreate(Parse*);
+SQLITE_PRIVATE int sqlite3VdbeAddOp0(Vdbe*,int);
+SQLITE_PRIVATE int sqlite3VdbeAddOp1(Vdbe*,int,int);
+SQLITE_PRIVATE int sqlite3VdbeAddOp2(Vdbe*,int,int,int);
+SQLITE_PRIVATE int sqlite3VdbeGoto(Vdbe*,int);
+SQLITE_PRIVATE int sqlite3VdbeLoadString(Vdbe*,int,const char*);
+SQLITE_PRIVATE void sqlite3VdbeMultiLoad(Vdbe*,int,const char*,...);
+SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe*,int,int,int,int);
+SQLITE_PRIVATE int sqlite3VdbeAddOp4(Vdbe*,int,int,int,int,const char *zP4,int);
+SQLITE_PRIVATE int sqlite3VdbeAddOp4Dup8(Vdbe*,int,int,int,int,const u8*,int);
+SQLITE_PRIVATE int sqlite3VdbeAddOp4Int(Vdbe*,int,int,int,int,int);
+SQLITE_PRIVATE int sqlite3VdbeAddOpList(Vdbe*, int nOp, VdbeOpList const *aOp, int iLineno);
+SQLITE_PRIVATE void sqlite3VdbeAddParseSchemaOp(Vdbe*,int,char*);
+SQLITE_PRIVATE void sqlite3VdbeChangeOpcode(Vdbe*, u32 addr, u8);
+SQLITE_PRIVATE void sqlite3VdbeChangeP1(Vdbe*, u32 addr, int P1);
+SQLITE_PRIVATE void sqlite3VdbeChangeP2(Vdbe*, u32 addr, int P2);
+SQLITE_PRIVATE void sqlite3VdbeChangeP3(Vdbe*, u32 addr, int P3);
+SQLITE_PRIVATE void sqlite3VdbeChangeP5(Vdbe*, u8 P5);
+SQLITE_PRIVATE void sqlite3VdbeJumpHere(Vdbe*, int addr);
+SQLITE_PRIVATE void sqlite3VdbeChangeToNoop(Vdbe*, int addr);
+SQLITE_PRIVATE int sqlite3VdbeDeletePriorOpcode(Vdbe*, u8 op);
+SQLITE_PRIVATE void sqlite3VdbeChangeP4(Vdbe*, int addr, const char *zP4, int N);
+SQLITE_PRIVATE void sqlite3VdbeSetP4KeyInfo(Parse*, Index*);
+SQLITE_PRIVATE void sqlite3VdbeUsesBtree(Vdbe*, int);
+SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetOp(Vdbe*, int);
+SQLITE_PRIVATE int sqlite3VdbeMakeLabel(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeRunOnlyOnce(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeDelete(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeClearObject(sqlite3*,Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeMakeReady(Vdbe*,Parse*);
+SQLITE_PRIVATE int sqlite3VdbeFinalize(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeResolveLabel(Vdbe*, int);
+SQLITE_PRIVATE int sqlite3VdbeCurrentAddr(Vdbe*);
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE int sqlite3VdbeAssertMayAbort(Vdbe *, int);
+#endif
+SQLITE_PRIVATE void sqlite3VdbeResetStepResult(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeRewind(Vdbe*);
+SQLITE_PRIVATE int sqlite3VdbeReset(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeSetNumCols(Vdbe*,int);
+SQLITE_PRIVATE int sqlite3VdbeSetColName(Vdbe*, int, int, const char *, void(*)(void*));
+SQLITE_PRIVATE void sqlite3VdbeCountChanges(Vdbe*);
+SQLITE_PRIVATE sqlite3 *sqlite3VdbeDb(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeSetSql(Vdbe*, const char *z, int n, int);
+SQLITE_PRIVATE void sqlite3VdbeSwap(Vdbe*,Vdbe*);
+SQLITE_PRIVATE VdbeOp *sqlite3VdbeTakeOpArray(Vdbe*, int*, int*);
+SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetBoundValue(Vdbe*, int, u8);
+SQLITE_PRIVATE void sqlite3VdbeSetVarmask(Vdbe*, int);
+#ifndef SQLITE_OMIT_TRACE
+SQLITE_PRIVATE char *sqlite3VdbeExpandSql(Vdbe*, const char*);
+#endif
+SQLITE_PRIVATE int sqlite3MemCompare(const Mem*, const Mem*, const CollSeq*);
+
+SQLITE_PRIVATE void sqlite3VdbeRecordUnpack(KeyInfo*,int,const void*,UnpackedRecord*);
+SQLITE_PRIVATE int sqlite3VdbeRecordCompare(int,const void*,UnpackedRecord*);
+SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(int, const void *, UnpackedRecord *, int);
+SQLITE_PRIVATE UnpackedRecord *sqlite3VdbeAllocUnpackedRecord(KeyInfo *, char *, int, char **);
+
+typedef int (*RecordCompare)(int,const void*,UnpackedRecord*);
+SQLITE_PRIVATE RecordCompare sqlite3VdbeFindCompare(UnpackedRecord*);
+
+#ifndef SQLITE_OMIT_TRIGGER
+SQLITE_PRIVATE void sqlite3VdbeLinkSubProgram(Vdbe *, SubProgram *);
+#endif
+
+/* Use SQLITE_ENABLE_COMMENTS to enable generation of extra comments on
+** each VDBE opcode.
+**
+** Use the SQLITE_ENABLE_MODULE_COMMENTS macro to see some extra no-op
+** comments in VDBE programs that show key decision points in the code
+** generator.
+*/
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+SQLITE_PRIVATE void sqlite3VdbeComment(Vdbe*, const char*, ...);
+# define VdbeComment(X) sqlite3VdbeComment X
+SQLITE_PRIVATE void sqlite3VdbeNoopComment(Vdbe*, const char*, ...);
+# define VdbeNoopComment(X) sqlite3VdbeNoopComment X
+# ifdef SQLITE_ENABLE_MODULE_COMMENTS
+# define VdbeModuleComment(X) sqlite3VdbeNoopComment X
+# else
+# define VdbeModuleComment(X)
+# endif
+#else
+# define VdbeComment(X)
+# define VdbeNoopComment(X)
+# define VdbeModuleComment(X)
+#endif
+
+/*
+** The VdbeCoverage macros are used to set a coverage testing point
+** for VDBE branch instructions. The coverage testing points are line
+** numbers in the sqlite3.c source file. VDBE branch coverage testing
+** only works with an amalagmation build. That's ok since a VDBE branch
+** coverage build designed for testing the test suite only. No application
+** should ever ship with VDBE branch coverage measuring turned on.
+**
+** VdbeCoverage(v) // Mark the previously coded instruction
+** // as a branch
+**
+** VdbeCoverageIf(v, conditional) // Mark previous if conditional true
+**
+** VdbeCoverageAlwaysTaken(v) // Previous branch is always taken
+**
+** VdbeCoverageNeverTaken(v) // Previous branch is never taken
+**
+** Every VDBE branch operation must be tagged with one of the macros above.
+** If not, then when "make test" is run with -DSQLITE_VDBE_COVERAGE and
+** -DSQLITE_DEBUG then an ALWAYS() will fail in the vdbeTakeBranch()
+** routine in vdbe.c, alerting the developer to the missed tag.
+*/
+#ifdef SQLITE_VDBE_COVERAGE
+SQLITE_PRIVATE void sqlite3VdbeSetLineNumber(Vdbe*,int);
+# define VdbeCoverage(v) sqlite3VdbeSetLineNumber(v,__LINE__)
+# define VdbeCoverageIf(v,x) if(x)sqlite3VdbeSetLineNumber(v,__LINE__)
+# define VdbeCoverageAlwaysTaken(v) sqlite3VdbeSetLineNumber(v,2);
+# define VdbeCoverageNeverTaken(v) sqlite3VdbeSetLineNumber(v,1);
+# define VDBE_OFFSET_LINENO(x) (__LINE__+x)
+#else
+# define VdbeCoverage(v)
+# define VdbeCoverageIf(v,x)
+# define VdbeCoverageAlwaysTaken(v)
+# define VdbeCoverageNeverTaken(v)
+# define VDBE_OFFSET_LINENO(x) 0
+#endif
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+SQLITE_PRIVATE void sqlite3VdbeScanStatus(Vdbe*, int, int, int, LogEst, const char*);
+#else
+# define sqlite3VdbeScanStatus(a,b,c,d,e)
+#endif
+
+#endif
+
+/************** End of vdbe.h ************************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+/************** Include pager.h in the middle of sqliteInt.h *****************/
+/************** Begin file pager.h *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the interface that the sqlite page cache
+** subsystem. The page cache subsystem reads and writes a file a page
+** at a time and provides a journal for rollback.
+*/
+
+#ifndef _PAGER_H_
+#define _PAGER_H_
+
+/*
+** Default maximum size for persistent journal files. A negative
+** value means no limit. This value may be overridden using the
+** sqlite3PagerJournalSizeLimit() API. See also "PRAGMA journal_size_limit".
+*/
+#ifndef SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT
+ #define SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT -1
+#endif
+
+/*
+** The type used to represent a page number. The first page in a file
+** is called page 1. 0 is used to represent "not a page".
+*/
+typedef u32 Pgno;
+
+/*
+** Each open file is managed by a separate instance of the "Pager" structure.
+*/
+typedef struct Pager Pager;
+
+/*
+** Handle type for pages.
+*/
+typedef struct PgHdr DbPage;
+
+/*
+** Page number PAGER_MJ_PGNO is never used in an SQLite database (it is
+** reserved for working around a windows/posix incompatibility). It is
+** used in the journal to signify that the remainder of the journal file
+** is devoted to storing a master journal name - there are no more pages to
+** roll back. See comments for function writeMasterJournal() in pager.c
+** for details.
+*/
+#define PAGER_MJ_PGNO(x) ((Pgno)((PENDING_BYTE/((x)->pageSize))+1))
+
+/*
+** Allowed values for the flags parameter to sqlite3PagerOpen().
+**
+** NOTE: These values must match the corresponding BTREE_ values in btree.h.
+*/
+#define PAGER_OMIT_JOURNAL 0x0001 /* Do not use a rollback journal */
+#define PAGER_MEMORY 0x0002 /* In-memory database */
+
+/*
+** Valid values for the second argument to sqlite3PagerLockingMode().
+*/
+#define PAGER_LOCKINGMODE_QUERY -1
+#define PAGER_LOCKINGMODE_NORMAL 0
+#define PAGER_LOCKINGMODE_EXCLUSIVE 1
+
+/*
+** Numeric constants that encode the journalmode.
+*/
+#define PAGER_JOURNALMODE_QUERY (-1) /* Query the value of journalmode */
+#define PAGER_JOURNALMODE_DELETE 0 /* Commit by deleting journal file */
+#define PAGER_JOURNALMODE_PERSIST 1 /* Commit by zeroing journal header */
+#define PAGER_JOURNALMODE_OFF 2 /* Journal omitted. */
+#define PAGER_JOURNALMODE_TRUNCATE 3 /* Commit by truncating journal */
+#define PAGER_JOURNALMODE_MEMORY 4 /* In-memory journal file */
+#define PAGER_JOURNALMODE_WAL 5 /* Use write-ahead logging */
+
+/*
+** Flags that make up the mask passed to sqlite3PagerGet().
+*/
+#define PAGER_GET_NOCONTENT 0x01 /* Do not load data from disk */
+#define PAGER_GET_READONLY 0x02 /* Read-only page is acceptable */
+
+/*
+** Flags for sqlite3PagerSetFlags()
+*/
+#define PAGER_SYNCHRONOUS_OFF 0x01 /* PRAGMA synchronous=OFF */
+#define PAGER_SYNCHRONOUS_NORMAL 0x02 /* PRAGMA synchronous=NORMAL */
+#define PAGER_SYNCHRONOUS_FULL 0x03 /* PRAGMA synchronous=FULL */
+#define PAGER_SYNCHRONOUS_MASK 0x03 /* Mask for three values above */
+#define PAGER_FULLFSYNC 0x04 /* PRAGMA fullfsync=ON */
+#define PAGER_CKPT_FULLFSYNC 0x08 /* PRAGMA checkpoint_fullfsync=ON */
+#define PAGER_CACHESPILL 0x10 /* PRAGMA cache_spill=ON */
+#define PAGER_FLAGS_MASK 0x1c /* All above except SYNCHRONOUS */
+
+/*
+** The remainder of this file contains the declarations of the functions
+** that make up the Pager sub-system API. See source code comments for
+** a detailed description of each routine.
+*/
+
+/* Open and close a Pager connection. */
+SQLITE_PRIVATE int sqlite3PagerOpen(
+ sqlite3_vfs*,
+ Pager **ppPager,
+ const char*,
+ int,
+ int,
+ int,
+ void(*)(DbPage*)
+);
+SQLITE_PRIVATE int sqlite3PagerClose(Pager *pPager);
+SQLITE_PRIVATE int sqlite3PagerReadFileheader(Pager*, int, unsigned char*);
+
+/* Functions used to configure a Pager object. */
+SQLITE_PRIVATE void sqlite3PagerSetBusyhandler(Pager*, int(*)(void *), void *);
+SQLITE_PRIVATE int sqlite3PagerSetPagesize(Pager*, u32*, int);
+#ifdef SQLITE_HAS_CODEC
+SQLITE_PRIVATE void sqlite3PagerAlignReserve(Pager*,Pager*);
+#endif
+SQLITE_PRIVATE int sqlite3PagerMaxPageCount(Pager*, int);
+SQLITE_PRIVATE void sqlite3PagerSetCachesize(Pager*, int);
+SQLITE_PRIVATE int sqlite3PagerSetSpillsize(Pager*, int);
+SQLITE_PRIVATE void sqlite3PagerSetMmapLimit(Pager *, sqlite3_int64);
+SQLITE_PRIVATE void sqlite3PagerShrink(Pager*);
+SQLITE_PRIVATE void sqlite3PagerSetFlags(Pager*,unsigned);
+SQLITE_PRIVATE int sqlite3PagerLockingMode(Pager *, int);
+SQLITE_PRIVATE int sqlite3PagerSetJournalMode(Pager *, int);
+SQLITE_PRIVATE int sqlite3PagerGetJournalMode(Pager*);
+SQLITE_PRIVATE int sqlite3PagerOkToChangeJournalMode(Pager*);
+SQLITE_PRIVATE i64 sqlite3PagerJournalSizeLimit(Pager *, i64);
+SQLITE_PRIVATE sqlite3_backup **sqlite3PagerBackupPtr(Pager*);
+SQLITE_PRIVATE int sqlite3PagerFlush(Pager*);
+
+/* Functions used to obtain and release page references. */
+SQLITE_PRIVATE int sqlite3PagerGet(Pager *pPager, Pgno pgno, DbPage **ppPage, int clrFlag);
+SQLITE_PRIVATE DbPage *sqlite3PagerLookup(Pager *pPager, Pgno pgno);
+SQLITE_PRIVATE void sqlite3PagerRef(DbPage*);
+SQLITE_PRIVATE void sqlite3PagerUnref(DbPage*);
+SQLITE_PRIVATE void sqlite3PagerUnrefNotNull(DbPage*);
+
+/* Operations on page references. */
+SQLITE_PRIVATE int sqlite3PagerWrite(DbPage*);
+SQLITE_PRIVATE void sqlite3PagerDontWrite(DbPage*);
+SQLITE_PRIVATE int sqlite3PagerMovepage(Pager*,DbPage*,Pgno,int);
+SQLITE_PRIVATE int sqlite3PagerPageRefcount(DbPage*);
+SQLITE_PRIVATE void *sqlite3PagerGetData(DbPage *);
+SQLITE_PRIVATE void *sqlite3PagerGetExtra(DbPage *);
+
+/* Functions used to manage pager transactions and savepoints. */
+SQLITE_PRIVATE void sqlite3PagerPagecount(Pager*, int*);
+SQLITE_PRIVATE int sqlite3PagerBegin(Pager*, int exFlag, int);
+SQLITE_PRIVATE int sqlite3PagerCommitPhaseOne(Pager*,const char *zMaster, int);
+SQLITE_PRIVATE int sqlite3PagerExclusiveLock(Pager*);
+SQLITE_PRIVATE int sqlite3PagerSync(Pager *pPager, const char *zMaster);
+SQLITE_PRIVATE int sqlite3PagerCommitPhaseTwo(Pager*);
+SQLITE_PRIVATE int sqlite3PagerRollback(Pager*);
+SQLITE_PRIVATE int sqlite3PagerOpenSavepoint(Pager *pPager, int n);
+SQLITE_PRIVATE int sqlite3PagerSavepoint(Pager *pPager, int op, int iSavepoint);
+SQLITE_PRIVATE int sqlite3PagerSharedLock(Pager *pPager);
+
+#ifndef SQLITE_OMIT_WAL
+SQLITE_PRIVATE int sqlite3PagerCheckpoint(Pager *pPager, int, int*, int*);
+SQLITE_PRIVATE int sqlite3PagerWalSupported(Pager *pPager);
+SQLITE_PRIVATE int sqlite3PagerWalCallback(Pager *pPager);
+SQLITE_PRIVATE int sqlite3PagerOpenWal(Pager *pPager, int *pisOpen);
+SQLITE_PRIVATE int sqlite3PagerCloseWal(Pager *pPager);
+# ifdef SQLITE_ENABLE_SNAPSHOT
+SQLITE_PRIVATE int sqlite3PagerSnapshotGet(Pager *pPager, sqlite3_snapshot **ppSnapshot);
+SQLITE_PRIVATE int sqlite3PagerSnapshotOpen(Pager *pPager, sqlite3_snapshot *pSnapshot);
+# endif
+#endif
+
+#ifdef SQLITE_ENABLE_ZIPVFS
+SQLITE_PRIVATE int sqlite3PagerWalFramesize(Pager *pPager);
+#endif
+
+/* Functions used to query pager state and configuration. */
+SQLITE_PRIVATE u8 sqlite3PagerIsreadonly(Pager*);
+SQLITE_PRIVATE u32 sqlite3PagerDataVersion(Pager*);
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE int sqlite3PagerRefcount(Pager*);
+#endif
+SQLITE_PRIVATE int sqlite3PagerMemUsed(Pager*);
+SQLITE_PRIVATE const char *sqlite3PagerFilename(Pager*, int);
+SQLITE_PRIVATE sqlite3_vfs *sqlite3PagerVfs(Pager*);
+SQLITE_PRIVATE sqlite3_file *sqlite3PagerFile(Pager*);
+SQLITE_PRIVATE sqlite3_file *sqlite3PagerJrnlFile(Pager*);
+SQLITE_PRIVATE const char *sqlite3PagerJournalname(Pager*);
+SQLITE_PRIVATE int sqlite3PagerNosync(Pager*);
+SQLITE_PRIVATE void *sqlite3PagerTempSpace(Pager*);
+SQLITE_PRIVATE int sqlite3PagerIsMemdb(Pager*);
+SQLITE_PRIVATE void sqlite3PagerCacheStat(Pager *, int, int, int *);
+SQLITE_PRIVATE void sqlite3PagerClearCache(Pager *);
+SQLITE_PRIVATE int sqlite3SectorSize(sqlite3_file *);
+
+/* Functions used to truncate the database file. */
+SQLITE_PRIVATE void sqlite3PagerTruncateImage(Pager*,Pgno);
+
+SQLITE_PRIVATE void sqlite3PagerRekey(DbPage*, Pgno, u16);
+
+#if defined(SQLITE_HAS_CODEC) && !defined(SQLITE_OMIT_WAL)
+SQLITE_PRIVATE void *sqlite3PagerCodec(DbPage *);
+#endif
+
+/* Functions to support testing and debugging. */
+#if !defined(NDEBUG) || defined(SQLITE_TEST)
+SQLITE_PRIVATE Pgno sqlite3PagerPagenumber(DbPage*);
+SQLITE_PRIVATE int sqlite3PagerIswriteable(DbPage*);
+#endif
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE int *sqlite3PagerStats(Pager*);
+SQLITE_PRIVATE void sqlite3PagerRefdump(Pager*);
+ void disable_simulated_io_errors(void);
+ void enable_simulated_io_errors(void);
+#else
+# define disable_simulated_io_errors()
+# define enable_simulated_io_errors()
+#endif
+
+#endif /* _PAGER_H_ */
+
+/************** End of pager.h ***********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+/************** Include pcache.h in the middle of sqliteInt.h ****************/
+/************** Begin file pcache.h ******************************************/
+/*
+** 2008 August 05
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the interface that the sqlite page cache
+** subsystem.
+*/
+
+#ifndef _PCACHE_H_
+
+typedef struct PgHdr PgHdr;
+typedef struct PCache PCache;
+
+/*
+** Every page in the cache is controlled by an instance of the following
+** structure.
+*/
+struct PgHdr {
+ sqlite3_pcache_page *pPage; /* Pcache object page handle */
+ void *pData; /* Page data */
+ void *pExtra; /* Extra content */
+ PgHdr *pDirty; /* Transient list of dirty pages */
+ Pager *pPager; /* The pager this page is part of */
+ Pgno pgno; /* Page number for this page */
+#ifdef SQLITE_CHECK_PAGES
+ u32 pageHash; /* Hash of page content */
+#endif
+ u16 flags; /* PGHDR flags defined below */
+
+ /**********************************************************************
+ ** Elements above are public. All that follows is private to pcache.c
+ ** and should not be accessed by other modules.
+ */
+ i16 nRef; /* Number of users of this page */
+ PCache *pCache; /* Cache that owns this page */
+
+ PgHdr *pDirtyNext; /* Next element in list of dirty pages */
+ PgHdr *pDirtyPrev; /* Previous element in list of dirty pages */
+};
+
+/* Bit values for PgHdr.flags */
+#define PGHDR_CLEAN 0x001 /* Page not on the PCache.pDirty list */
+#define PGHDR_DIRTY 0x002 /* Page is on the PCache.pDirty list */
+#define PGHDR_WRITEABLE 0x004 /* Journaled and ready to modify */
+#define PGHDR_NEED_SYNC 0x008 /* Fsync the rollback journal before
+ ** writing this page to the database */
+#define PGHDR_NEED_READ 0x010 /* Content is unread */
+#define PGHDR_DONT_WRITE 0x020 /* Do not write content to disk */
+#define PGHDR_MMAP 0x040 /* This is an mmap page object */
+
+/* Initialize and shutdown the page cache subsystem */
+SQLITE_PRIVATE int sqlite3PcacheInitialize(void);
+SQLITE_PRIVATE void sqlite3PcacheShutdown(void);
+
+/* Page cache buffer management:
+** These routines implement SQLITE_CONFIG_PAGECACHE.
+*/
+SQLITE_PRIVATE void sqlite3PCacheBufferSetup(void *, int sz, int n);
+
+/* Create a new pager cache.
+** Under memory stress, invoke xStress to try to make pages clean.
+** Only clean and unpinned pages can be reclaimed.
+*/
+SQLITE_PRIVATE int sqlite3PcacheOpen(
+ int szPage, /* Size of every page */
+ int szExtra, /* Extra space associated with each page */
+ int bPurgeable, /* True if pages are on backing store */
+ int (*xStress)(void*, PgHdr*), /* Call to try to make pages clean */
+ void *pStress, /* Argument to xStress */
+ PCache *pToInit /* Preallocated space for the PCache */
+);
+
+/* Modify the page-size after the cache has been created. */
+SQLITE_PRIVATE int sqlite3PcacheSetPageSize(PCache *, int);
+
+/* Return the size in bytes of a PCache object. Used to preallocate
+** storage space.
+*/
+SQLITE_PRIVATE int sqlite3PcacheSize(void);
+
+/* One release per successful fetch. Page is pinned until released.
+** Reference counted.
+*/
+SQLITE_PRIVATE sqlite3_pcache_page *sqlite3PcacheFetch(PCache*, Pgno, int createFlag);
+SQLITE_PRIVATE int sqlite3PcacheFetchStress(PCache*, Pgno, sqlite3_pcache_page**);
+SQLITE_PRIVATE PgHdr *sqlite3PcacheFetchFinish(PCache*, Pgno, sqlite3_pcache_page *pPage);
+SQLITE_PRIVATE void sqlite3PcacheRelease(PgHdr*);
+
+SQLITE_PRIVATE void sqlite3PcacheDrop(PgHdr*); /* Remove page from cache */
+SQLITE_PRIVATE void sqlite3PcacheMakeDirty(PgHdr*); /* Make sure page is marked dirty */
+SQLITE_PRIVATE void sqlite3PcacheMakeClean(PgHdr*); /* Mark a single page as clean */
+SQLITE_PRIVATE void sqlite3PcacheCleanAll(PCache*); /* Mark all dirty list pages as clean */
+
+/* Change a page number. Used by incr-vacuum. */
+SQLITE_PRIVATE void sqlite3PcacheMove(PgHdr*, Pgno);
+
+/* Remove all pages with pgno>x. Reset the cache if x==0 */
+SQLITE_PRIVATE void sqlite3PcacheTruncate(PCache*, Pgno x);
+
+/* Get a list of all dirty pages in the cache, sorted by page number */
+SQLITE_PRIVATE PgHdr *sqlite3PcacheDirtyList(PCache*);
+
+/* Reset and close the cache object */
+SQLITE_PRIVATE void sqlite3PcacheClose(PCache*);
+
+/* Clear flags from pages of the page cache */
+SQLITE_PRIVATE void sqlite3PcacheClearSyncFlags(PCache *);
+
+/* Discard the contents of the cache */
+SQLITE_PRIVATE void sqlite3PcacheClear(PCache*);
+
+/* Return the total number of outstanding page references */
+SQLITE_PRIVATE int sqlite3PcacheRefCount(PCache*);
+
+/* Increment the reference count of an existing page */
+SQLITE_PRIVATE void sqlite3PcacheRef(PgHdr*);
+
+SQLITE_PRIVATE int sqlite3PcachePageRefcount(PgHdr*);
+
+/* Return the total number of pages stored in the cache */
+SQLITE_PRIVATE int sqlite3PcachePagecount(PCache*);
+
+#if defined(SQLITE_CHECK_PAGES) || defined(SQLITE_DEBUG)
+/* Iterate through all dirty pages currently stored in the cache. This
+** interface is only available if SQLITE_CHECK_PAGES is defined when the
+** library is built.
+*/
+SQLITE_PRIVATE void sqlite3PcacheIterateDirty(PCache *pCache, void (*xIter)(PgHdr *));
+#endif
+
+/* Set and get the suggested cache-size for the specified pager-cache.
+**
+** If no global maximum is configured, then the system attempts to limit
+** the total number of pages cached by purgeable pager-caches to the sum
+** of the suggested cache-sizes.
+*/
+SQLITE_PRIVATE void sqlite3PcacheSetCachesize(PCache *, int);
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE int sqlite3PcacheGetCachesize(PCache *);
+#endif
+
+/* Set or get the suggested spill-size for the specified pager-cache.
+**
+** The spill-size is the minimum number of pages in cache before the cache
+** will attempt to spill dirty pages by calling xStress.
+*/
+SQLITE_PRIVATE int sqlite3PcacheSetSpillsize(PCache *, int);
+
+/* Free up as much memory as possible from the page cache */
+SQLITE_PRIVATE void sqlite3PcacheShrink(PCache*);
+
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+/* Try to return memory used by the pcache module to the main memory heap */
+SQLITE_PRIVATE int sqlite3PcacheReleaseMemory(int);
+#endif
+
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE void sqlite3PcacheStats(int*,int*,int*,int*);
+#endif
+
+SQLITE_PRIVATE void sqlite3PCacheSetDefault(void);
+
+/* Return the header size */
+SQLITE_PRIVATE int sqlite3HeaderSizePcache(void);
+SQLITE_PRIVATE int sqlite3HeaderSizePcache1(void);
+
+#endif /* _PCACHE_H_ */
+
+/************** End of pcache.h **********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+
+/************** Include os.h in the middle of sqliteInt.h ********************/
+/************** Begin file os.h **********************************************/
+/*
+** 2001 September 16
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This header file (together with is companion C source-code file
+** "os.c") attempt to abstract the underlying operating system so that
+** the SQLite library will work on both POSIX and windows systems.
+**
+** This header file is #include-ed by sqliteInt.h and thus ends up
+** being included by every source file.
+*/
+#ifndef _SQLITE_OS_H_
+#define _SQLITE_OS_H_
+
+/*
+** Attempt to automatically detect the operating system and setup the
+** necessary pre-processor macros for it.
+*/
+/************** Include os_setup.h in the middle of os.h *********************/
+/************** Begin file os_setup.h ****************************************/
+/*
+** 2013 November 25
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains pre-processor directives related to operating system
+** detection and/or setup.
+*/
+#ifndef _OS_SETUP_H_
+#define _OS_SETUP_H_
+
+/*
+** Figure out if we are dealing with Unix, Windows, or some other operating
+** system.
+**
+** After the following block of preprocess macros, all of SQLITE_OS_UNIX,
+** SQLITE_OS_WIN, and SQLITE_OS_OTHER will defined to either 1 or 0. One of
+** the three will be 1. The other two will be 0.
+*/
+#if defined(SQLITE_OS_OTHER)
+# if SQLITE_OS_OTHER==1
+# undef SQLITE_OS_UNIX
+# define SQLITE_OS_UNIX 0
+# undef SQLITE_OS_WIN
+# define SQLITE_OS_WIN 0
+# else
+# undef SQLITE_OS_OTHER
+# endif
+#endif
+#if !defined(SQLITE_OS_UNIX) && !defined(SQLITE_OS_OTHER)
+# define SQLITE_OS_OTHER 0
+# ifndef SQLITE_OS_WIN
+# if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \
+ defined(__MINGW32__) || defined(__BORLANDC__)
+# define SQLITE_OS_WIN 1
+# define SQLITE_OS_UNIX 0
+# else
+# define SQLITE_OS_WIN 0
+# define SQLITE_OS_UNIX 1
+# endif
+# else
+# define SQLITE_OS_UNIX 0
+# endif
+#else
+# ifndef SQLITE_OS_WIN
+# define SQLITE_OS_WIN 0
+# endif
+#endif
+
+#endif /* _OS_SETUP_H_ */
+
+/************** End of os_setup.h ********************************************/
+/************** Continuing where we left off in os.h *************************/
+
+/* If the SET_FULLSYNC macro is not defined above, then make it
+** a no-op
+*/
+#ifndef SET_FULLSYNC
+# define SET_FULLSYNC(x,y)
+#endif
+
+/*
+** The default size of a disk sector
+*/
+#ifndef SQLITE_DEFAULT_SECTOR_SIZE
+# define SQLITE_DEFAULT_SECTOR_SIZE 4096
+#endif
+
+/*
+** Temporary files are named starting with this prefix followed by 16 random
+** alphanumeric characters, and no file extension. They are stored in the
+** OS's standard temporary file directory, and are deleted prior to exit.
+** If sqlite is being embedded in another program, you may wish to change the
+** prefix to reflect your program's name, so that if your program exits
+** prematurely, old temporary files can be easily identified. This can be done
+** using -DSQLITE_TEMP_FILE_PREFIX=myprefix_ on the compiler command line.
+**
+** 2006-10-31: The default prefix used to be "sqlite_". But then
+** Mcafee started using SQLite in their anti-virus product and it
+** started putting files with the "sqlite" name in the c:/temp folder.
+** This annoyed many windows users. Those users would then do a
+** Google search for "sqlite", find the telephone numbers of the
+** developers and call to wake them up at night and complain.
+** For this reason, the default name prefix is changed to be "sqlite"
+** spelled backwards. So the temp files are still identified, but
+** anybody smart enough to figure out the code is also likely smart
+** enough to know that calling the developer will not help get rid
+** of the file.
+*/
+#ifndef SQLITE_TEMP_FILE_PREFIX
+# define SQLITE_TEMP_FILE_PREFIX "etilqs_"
+#endif
+
+/*
+** The following values may be passed as the second argument to
+** sqlite3OsLock(). The various locks exhibit the following semantics:
+**
+** SHARED: Any number of processes may hold a SHARED lock simultaneously.
+** RESERVED: A single process may hold a RESERVED lock on a file at
+** any time. Other processes may hold and obtain new SHARED locks.
+** PENDING: A single process may hold a PENDING lock on a file at
+** any one time. Existing SHARED locks may persist, but no new
+** SHARED locks may be obtained by other processes.
+** EXCLUSIVE: An EXCLUSIVE lock precludes all other locks.
+**
+** PENDING_LOCK may not be passed directly to sqlite3OsLock(). Instead, a
+** process that requests an EXCLUSIVE lock may actually obtain a PENDING
+** lock. This can be upgraded to an EXCLUSIVE lock by a subsequent call to
+** sqlite3OsLock().
+*/
+#define NO_LOCK 0
+#define SHARED_LOCK 1
+#define RESERVED_LOCK 2
+#define PENDING_LOCK 3
+#define EXCLUSIVE_LOCK 4
+
+/*
+** File Locking Notes: (Mostly about windows but also some info for Unix)
+**
+** We cannot use LockFileEx() or UnlockFileEx() on Win95/98/ME because
+** those functions are not available. So we use only LockFile() and
+** UnlockFile().
+**
+** LockFile() prevents not just writing but also reading by other processes.
+** A SHARED_LOCK is obtained by locking a single randomly-chosen
+** byte out of a specific range of bytes. The lock byte is obtained at
+** random so two separate readers can probably access the file at the
+** same time, unless they are unlucky and choose the same lock byte.
+** An EXCLUSIVE_LOCK is obtained by locking all bytes in the range.
+** There can only be one writer. A RESERVED_LOCK is obtained by locking
+** a single byte of the file that is designated as the reserved lock byte.
+** A PENDING_LOCK is obtained by locking a designated byte different from
+** the RESERVED_LOCK byte.
+**
+** On WinNT/2K/XP systems, LockFileEx() and UnlockFileEx() are available,
+** which means we can use reader/writer locks. When reader/writer locks
+** are used, the lock is placed on the same range of bytes that is used
+** for probabilistic locking in Win95/98/ME. Hence, the locking scheme
+** will support two or more Win95 readers or two or more WinNT readers.
+** But a single Win95 reader will lock out all WinNT readers and a single
+** WinNT reader will lock out all other Win95 readers.
+**
+** The following #defines specify the range of bytes used for locking.
+** SHARED_SIZE is the number of bytes available in the pool from which
+** a random byte is selected for a shared lock. The pool of bytes for
+** shared locks begins at SHARED_FIRST.
+**
+** The same locking strategy and
+** byte ranges are used for Unix. This leaves open the possibility of having
+** clients on win95, winNT, and unix all talking to the same shared file
+** and all locking correctly. To do so would require that samba (or whatever
+** tool is being used for file sharing) implements locks correctly between
+** windows and unix. I'm guessing that isn't likely to happen, but by
+** using the same locking range we are at least open to the possibility.
+**
+** Locking in windows is manditory. For this reason, we cannot store
+** actual data in the bytes used for locking. The pager never allocates
+** the pages involved in locking therefore. SHARED_SIZE is selected so
+** that all locks will fit on a single page even at the minimum page size.
+** PENDING_BYTE defines the beginning of the locks. By default PENDING_BYTE
+** is set high so that we don't have to allocate an unused page except
+** for very large databases. But one should test the page skipping logic
+** by setting PENDING_BYTE low and running the entire regression suite.
+**
+** Changing the value of PENDING_BYTE results in a subtly incompatible
+** file format. Depending on how it is changed, you might not notice
+** the incompatibility right away, even running a full regression test.
+** The default location of PENDING_BYTE is the first byte past the
+** 1GB boundary.
+**
+*/
+#ifdef SQLITE_OMIT_WSD
+# define PENDING_BYTE (0x40000000)
+#else
+# define PENDING_BYTE sqlite3PendingByte
+#endif
+#define RESERVED_BYTE (PENDING_BYTE+1)
+#define SHARED_FIRST (PENDING_BYTE+2)
+#define SHARED_SIZE 510
+
+/*
+** Wrapper around OS specific sqlite3_os_init() function.
+*/
+SQLITE_PRIVATE int sqlite3OsInit(void);
+
+/*
+** Functions for accessing sqlite3_file methods
+*/
+SQLITE_PRIVATE int sqlite3OsClose(sqlite3_file*);
+SQLITE_PRIVATE int sqlite3OsRead(sqlite3_file*, void*, int amt, i64 offset);
+SQLITE_PRIVATE int sqlite3OsWrite(sqlite3_file*, const void*, int amt, i64 offset);
+SQLITE_PRIVATE int sqlite3OsTruncate(sqlite3_file*, i64 size);
+SQLITE_PRIVATE int sqlite3OsSync(sqlite3_file*, int);
+SQLITE_PRIVATE int sqlite3OsFileSize(sqlite3_file*, i64 *pSize);
+SQLITE_PRIVATE int sqlite3OsLock(sqlite3_file*, int);
+SQLITE_PRIVATE int sqlite3OsUnlock(sqlite3_file*, int);
+SQLITE_PRIVATE int sqlite3OsCheckReservedLock(sqlite3_file *id, int *pResOut);
+SQLITE_PRIVATE int sqlite3OsFileControl(sqlite3_file*,int,void*);
+SQLITE_PRIVATE void sqlite3OsFileControlHint(sqlite3_file*,int,void*);
+#define SQLITE_FCNTL_DB_UNCHANGED 0xca093fa0
+SQLITE_PRIVATE int sqlite3OsSectorSize(sqlite3_file *id);
+SQLITE_PRIVATE int sqlite3OsDeviceCharacteristics(sqlite3_file *id);
+SQLITE_PRIVATE int sqlite3OsShmMap(sqlite3_file *,int,int,int,void volatile **);
+SQLITE_PRIVATE int sqlite3OsShmLock(sqlite3_file *id, int, int, int);
+SQLITE_PRIVATE void sqlite3OsShmBarrier(sqlite3_file *id);
+SQLITE_PRIVATE int sqlite3OsShmUnmap(sqlite3_file *id, int);
+SQLITE_PRIVATE int sqlite3OsFetch(sqlite3_file *id, i64, int, void **);
+SQLITE_PRIVATE int sqlite3OsUnfetch(sqlite3_file *, i64, void *);
+
+
+/*
+** Functions for accessing sqlite3_vfs methods
+*/
+SQLITE_PRIVATE int sqlite3OsOpen(sqlite3_vfs *, const char *, sqlite3_file*, int, int *);
+SQLITE_PRIVATE int sqlite3OsDelete(sqlite3_vfs *, const char *, int);
+SQLITE_PRIVATE int sqlite3OsAccess(sqlite3_vfs *, const char *, int, int *pResOut);
+SQLITE_PRIVATE int sqlite3OsFullPathname(sqlite3_vfs *, const char *, int, char *);
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+SQLITE_PRIVATE void *sqlite3OsDlOpen(sqlite3_vfs *, const char *);
+SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs *, int, char *);
+SQLITE_PRIVATE void (*sqlite3OsDlSym(sqlite3_vfs *, void *, const char *))(void);
+SQLITE_PRIVATE void sqlite3OsDlClose(sqlite3_vfs *, void *);
+#endif /* SQLITE_OMIT_LOAD_EXTENSION */
+SQLITE_PRIVATE int sqlite3OsRandomness(sqlite3_vfs *, int, char *);
+SQLITE_PRIVATE int sqlite3OsSleep(sqlite3_vfs *, int);
+SQLITE_PRIVATE int sqlite3OsCurrentTimeInt64(sqlite3_vfs *, sqlite3_int64*);
+
+/*
+** Convenience functions for opening and closing files using
+** sqlite3_malloc() to obtain space for the file-handle structure.
+*/
+SQLITE_PRIVATE int sqlite3OsOpenMalloc(sqlite3_vfs *, const char *, sqlite3_file **, int,int*);
+SQLITE_PRIVATE int sqlite3OsCloseFree(sqlite3_file *);
+
+#endif /* _SQLITE_OS_H_ */
+
+/************** End of os.h **************************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+/************** Include mutex.h in the middle of sqliteInt.h *****************/
+/************** Begin file mutex.h *******************************************/
+/*
+** 2007 August 28
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains the common header for all mutex implementations.
+** The sqliteInt.h header #includes this file so that it is available
+** to all source files. We break it out in an effort to keep the code
+** better organized.
+**
+** NOTE: source files should *not* #include this header file directly.
+** Source files should #include the sqliteInt.h file and let that file
+** include this one indirectly.
+*/
+
+
+/*
+** Figure out what version of the code to use. The choices are
+**
+** SQLITE_MUTEX_OMIT No mutex logic. Not even stubs. The
+** mutexes implementation cannot be overridden
+** at start-time.
+**
+** SQLITE_MUTEX_NOOP For single-threaded applications. No
+** mutual exclusion is provided. But this
+** implementation can be overridden at
+** start-time.
+**
+** SQLITE_MUTEX_PTHREADS For multi-threaded applications on Unix.
+**
+** SQLITE_MUTEX_W32 For multi-threaded applications on Win32.
+*/
+#if !SQLITE_THREADSAFE
+# define SQLITE_MUTEX_OMIT
+#endif
+#if SQLITE_THREADSAFE && !defined(SQLITE_MUTEX_NOOP)
+# if SQLITE_OS_UNIX
+# define SQLITE_MUTEX_PTHREADS
+# elif SQLITE_OS_WIN
+# define SQLITE_MUTEX_W32
+# else
+# define SQLITE_MUTEX_NOOP
+# endif
+#endif
+
+#ifdef SQLITE_MUTEX_OMIT
+/*
+** If this is a no-op implementation, implement everything as macros.
+*/
+#define sqlite3_mutex_alloc(X) ((sqlite3_mutex*)8)
+#define sqlite3_mutex_free(X)
+#define sqlite3_mutex_enter(X)
+#define sqlite3_mutex_try(X) SQLITE_OK
+#define sqlite3_mutex_leave(X)
+#define sqlite3_mutex_held(X) ((void)(X),1)
+#define sqlite3_mutex_notheld(X) ((void)(X),1)
+#define sqlite3MutexAlloc(X) ((sqlite3_mutex*)8)
+#define sqlite3MutexInit() SQLITE_OK
+#define sqlite3MutexEnd()
+#define MUTEX_LOGIC(X)
+#else
+#define MUTEX_LOGIC(X) X
+#endif /* defined(SQLITE_MUTEX_OMIT) */
+
+/************** End of mutex.h ***********************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
+
+
+/*
+** Each database file to be accessed by the system is an instance
+** of the following structure. There are normally two of these structures
+** in the sqlite.aDb[] array. aDb[0] is the main database file and
+** aDb[1] is the database file used to hold temporary tables. Additional
+** databases may be attached.
+*/
+struct Db {
+ char *zName; /* Name of this database */
+ Btree *pBt; /* The B*Tree structure for this database file */
+ u8 safety_level; /* How aggressive at syncing data to disk */
+ Schema *pSchema; /* Pointer to database schema (possibly shared) */
+};
+
+/*
+** An instance of the following structure stores a database schema.
+**
+** Most Schema objects are associated with a Btree. The exception is
+** the Schema for the TEMP databaes (sqlite3.aDb[1]) which is free-standing.
+** In shared cache mode, a single Schema object can be shared by multiple
+** Btrees that refer to the same underlying BtShared object.
+**
+** Schema objects are automatically deallocated when the last Btree that
+** references them is destroyed. The TEMP Schema is manually freed by
+** sqlite3_close().
+*
+** A thread must be holding a mutex on the corresponding Btree in order
+** to access Schema content. This implies that the thread must also be
+** holding a mutex on the sqlite3 connection pointer that owns the Btree.
+** For a TEMP Schema, only the connection mutex is required.
+*/
+struct Schema {
+ int schema_cookie; /* Database schema version number for this file */
+ int iGeneration; /* Generation counter. Incremented with each change */
+ Hash tblHash; /* All tables indexed by name */
+ Hash idxHash; /* All (named) indices indexed by name */
+ Hash trigHash; /* All triggers indexed by name */
+ Hash fkeyHash; /* All foreign keys by referenced table name */
+ Table *pSeqTab; /* The sqlite_sequence table used by AUTOINCREMENT */
+ u8 file_format; /* Schema format version for this file */
+ u8 enc; /* Text encoding used by this database */
+ u16 schemaFlags; /* Flags associated with this schema */
+ int cache_size; /* Number of pages to use in the cache */
+};
+
+/*
+** These macros can be used to test, set, or clear bits in the
+** Db.pSchema->flags field.
+*/
+#define DbHasProperty(D,I,P) (((D)->aDb[I].pSchema->schemaFlags&(P))==(P))
+#define DbHasAnyProperty(D,I,P) (((D)->aDb[I].pSchema->schemaFlags&(P))!=0)
+#define DbSetProperty(D,I,P) (D)->aDb[I].pSchema->schemaFlags|=(P)
+#define DbClearProperty(D,I,P) (D)->aDb[I].pSchema->schemaFlags&=~(P)
+
+/*
+** Allowed values for the DB.pSchema->flags field.
+**
+** The DB_SchemaLoaded flag is set after the database schema has been
+** read into internal hash tables.
+**
+** DB_UnresetViews means that one or more views have column names that
+** have been filled out. If the schema changes, these column names might
+** changes and so the view will need to be reset.
+*/
+#define DB_SchemaLoaded 0x0001 /* The schema has been loaded */
+#define DB_UnresetViews 0x0002 /* Some views have defined column names */
+#define DB_Empty 0x0004 /* The file is empty (length 0 bytes) */
+
+/*
+** The number of different kinds of things that can be limited
+** using the sqlite3_limit() interface.
+*/
+#define SQLITE_N_LIMIT (SQLITE_LIMIT_WORKER_THREADS+1)
+
+/*
+** Lookaside malloc is a set of fixed-size buffers that can be used
+** to satisfy small transient memory allocation requests for objects
+** associated with a particular database connection. The use of
+** lookaside malloc provides a significant performance enhancement
+** (approx 10%) by avoiding numerous malloc/free requests while parsing
+** SQL statements.
+**
+** The Lookaside structure holds configuration information about the
+** lookaside malloc subsystem. Each available memory allocation in
+** the lookaside subsystem is stored on a linked list of LookasideSlot
+** objects.
+**
+** Lookaside allocations are only allowed for objects that are associated
+** with a particular database connection. Hence, schema information cannot
+** be stored in lookaside because in shared cache mode the schema information
+** is shared by multiple database connections. Therefore, while parsing
+** schema information, the Lookaside.bEnabled flag is cleared so that
+** lookaside allocations are not used to construct the schema objects.
+*/
+struct Lookaside {
+ u16 sz; /* Size of each buffer in bytes */
+ u8 bEnabled; /* False to disable new lookaside allocations */
+ u8 bMalloced; /* True if pStart obtained from sqlite3_malloc() */
+ int nOut; /* Number of buffers currently checked out */
+ int mxOut; /* Highwater mark for nOut */
+ int anStat[3]; /* 0: hits. 1: size misses. 2: full misses */
+ LookasideSlot *pFree; /* List of available buffers */
+ void *pStart; /* First byte of available memory space */
+ void *pEnd; /* First byte past end of available space */
+};
+struct LookasideSlot {
+ LookasideSlot *pNext; /* Next buffer in the list of free buffers */
+};
+
+/*
+** A hash table for function definitions.
+**
+** Hash each FuncDef structure into one of the FuncDefHash.a[] slots.
+** Collisions are on the FuncDef.pHash chain.
+*/
+struct FuncDefHash {
+ FuncDef *a[23]; /* Hash table for functions */
+};
+
+#ifdef SQLITE_USER_AUTHENTICATION
+/*
+** Information held in the "sqlite3" database connection object and used
+** to manage user authentication.
+*/
+typedef struct sqlite3_userauth sqlite3_userauth;
+struct sqlite3_userauth {
+ u8 authLevel; /* Current authentication level */
+ int nAuthPW; /* Size of the zAuthPW in bytes */
+ char *zAuthPW; /* Password used to authenticate */
+ char *zAuthUser; /* User name used to authenticate */
+};
+
+/* Allowed values for sqlite3_userauth.authLevel */
+#define UAUTH_Unknown 0 /* Authentication not yet checked */
+#define UAUTH_Fail 1 /* User authentication failed */
+#define UAUTH_User 2 /* Authenticated as a normal user */
+#define UAUTH_Admin 3 /* Authenticated as an administrator */
+
+/* Functions used only by user authorization logic */
+SQLITE_PRIVATE int sqlite3UserAuthTable(const char*);
+SQLITE_PRIVATE int sqlite3UserAuthCheckLogin(sqlite3*,const char*,u8*);
+SQLITE_PRIVATE void sqlite3UserAuthInit(sqlite3*);
+SQLITE_PRIVATE void sqlite3CryptFunc(sqlite3_context*,int,sqlite3_value**);
+
+#endif /* SQLITE_USER_AUTHENTICATION */
+
+/*
+** typedef for the authorization callback function.
+*/
+#ifdef SQLITE_USER_AUTHENTICATION
+ typedef int (*sqlite3_xauth)(void*,int,const char*,const char*,const char*,
+ const char*, const char*);
+#else
+ typedef int (*sqlite3_xauth)(void*,int,const char*,const char*,const char*,
+ const char*);
+#endif
+
+
+/*
+** Each database connection is an instance of the following structure.
+*/
+struct sqlite3 {
+ sqlite3_vfs *pVfs; /* OS Interface */
+ struct Vdbe *pVdbe; /* List of active virtual machines */
+ CollSeq *pDfltColl; /* The default collating sequence (BINARY) */
+ sqlite3_mutex *mutex; /* Connection mutex */
+ Db *aDb; /* All backends */
+ int nDb; /* Number of backends currently in use */
+ int flags; /* Miscellaneous flags. See below */
+ i64 lastRowid; /* ROWID of most recent insert (see above) */
+ i64 szMmap; /* Default mmap_size setting */
+ unsigned int openFlags; /* Flags passed to sqlite3_vfs.xOpen() */
+ int errCode; /* Most recent error code (SQLITE_*) */
+ int errMask; /* & result codes with this before returning */
+ u16 dbOptFlags; /* Flags to enable/disable optimizations */
+ u8 enc; /* Text encoding */
+ u8 autoCommit; /* The auto-commit flag. */
+ u8 temp_store; /* 1: file 2: memory 0: default */
+ u8 mallocFailed; /* True if we have seen a malloc failure */
+ u8 dfltLockMode; /* Default locking-mode for attached dbs */
+ signed char nextAutovac; /* Autovac setting after VACUUM if >=0 */
+ u8 suppressErr; /* Do not issue error messages if true */
+ u8 vtabOnConflict; /* Value to return for s3_vtab_on_conflict() */
+ u8 isTransactionSavepoint; /* True if the outermost savepoint is a TS */
+ int nextPagesize; /* Pagesize after VACUUM if >0 */
+ u32 magic; /* Magic number for detect library misuse */
+ int nChange; /* Value returned by sqlite3_changes() */
+ int nTotalChange; /* Value returned by sqlite3_total_changes() */
+ int aLimit[SQLITE_N_LIMIT]; /* Limits */
+ int nMaxSorterMmap; /* Maximum size of regions mapped by sorter */
+ struct sqlite3InitInfo { /* Information used during initialization */
+ int newTnum; /* Rootpage of table being initialized */
+ u8 iDb; /* Which db file is being initialized */
+ u8 busy; /* TRUE if currently initializing */
+ u8 orphanTrigger; /* Last statement is orphaned TEMP trigger */
+ u8 imposterTable; /* Building an imposter table */
+ } init;
+ int nVdbeActive; /* Number of VDBEs currently running */
+ int nVdbeRead; /* Number of active VDBEs that read or write */
+ int nVdbeWrite; /* Number of active VDBEs that read and write */
+ int nVdbeExec; /* Number of nested calls to VdbeExec() */
+ int nVDestroy; /* Number of active OP_VDestroy operations */
+ int nExtension; /* Number of loaded extensions */
+ void **aExtension; /* Array of shared library handles */
+ void (*xTrace)(void*,const char*); /* Trace function */
+ void *pTraceArg; /* Argument to the trace function */
+ void (*xProfile)(void*,const char*,u64); /* Profiling function */
+ void *pProfileArg; /* Argument to profile function */
+ void *pCommitArg; /* Argument to xCommitCallback() */
+ int (*xCommitCallback)(void*); /* Invoked at every commit. */
+ void *pRollbackArg; /* Argument to xRollbackCallback() */
+ void (*xRollbackCallback)(void*); /* Invoked at every commit. */
+ void *pUpdateArg;
+ void (*xUpdateCallback)(void*,int, const char*,const char*,sqlite_int64);
+#ifndef SQLITE_OMIT_WAL
+ int (*xWalCallback)(void *, sqlite3 *, const char *, int);
+ void *pWalArg;
+#endif
+ void(*xCollNeeded)(void*,sqlite3*,int eTextRep,const char*);
+ void(*xCollNeeded16)(void*,sqlite3*,int eTextRep,const void*);
+ void *pCollNeededArg;
+ sqlite3_value *pErr; /* Most recent error message */
+ union {
+ volatile int isInterrupted; /* True if sqlite3_interrupt has been called */
+ double notUsed1; /* Spacer */
+ } u1;
+ Lookaside lookaside; /* Lookaside malloc configuration */
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ sqlite3_xauth xAuth; /* Access authorization function */
+ void *pAuthArg; /* 1st argument to the access auth function */
+#endif
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+ int (*xProgress)(void *); /* The progress callback */
+ void *pProgressArg; /* Argument to the progress callback */
+ unsigned nProgressOps; /* Number of opcodes for progress callback */
+#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ int nVTrans; /* Allocated size of aVTrans */
+ Hash aModule; /* populated by sqlite3_create_module() */
+ VtabCtx *pVtabCtx; /* Context for active vtab connect/create */
+ VTable **aVTrans; /* Virtual tables with open transactions */
+ VTable *pDisconnect; /* Disconnect these in next sqlite3_prepare() */
+#endif
+ FuncDefHash aFunc; /* Hash table of connection functions */
+ Hash aCollSeq; /* All collating sequences */
+ BusyHandler busyHandler; /* Busy callback */
+ Db aDbStatic[2]; /* Static space for the 2 default backends */
+ Savepoint *pSavepoint; /* List of active savepoints */
+ int busyTimeout; /* Busy handler timeout, in msec */
+ int nSavepoint; /* Number of non-transaction savepoints */
+ int nStatement; /* Number of nested statement-transactions */
+ i64 nDeferredCons; /* Net deferred constraints this transaction. */
+ i64 nDeferredImmCons; /* Net deferred immediate constraints */
+ int *pnBytesFreed; /* If not NULL, increment this in DbFree() */
+#ifdef SQLITE_ENABLE_UNLOCK_NOTIFY
+ /* The following variables are all protected by the STATIC_MASTER
+ ** mutex, not by sqlite3.mutex. They are used by code in notify.c.
+ **
+ ** When X.pUnlockConnection==Y, that means that X is waiting for Y to
+ ** unlock so that it can proceed.
+ **
+ ** When X.pBlockingConnection==Y, that means that something that X tried
+ ** tried to do recently failed with an SQLITE_LOCKED error due to locks
+ ** held by Y.
+ */
+ sqlite3 *pBlockingConnection; /* Connection that caused SQLITE_LOCKED */
+ sqlite3 *pUnlockConnection; /* Connection to watch for unlock */
+ void *pUnlockArg; /* Argument to xUnlockNotify */
+ void (*xUnlockNotify)(void **, int); /* Unlock notify callback */
+ sqlite3 *pNextBlocked; /* Next in list of all blocked connections */
+#endif
+#ifdef SQLITE_USER_AUTHENTICATION
+ sqlite3_userauth auth; /* User authentication information */
+#endif
+};
+
+/*
+** A macro to discover the encoding of a database.
+*/
+#define SCHEMA_ENC(db) ((db)->aDb[0].pSchema->enc)
+#define ENC(db) ((db)->enc)
+
+/*
+** Possible values for the sqlite3.flags.
+*/
+#define SQLITE_VdbeTrace 0x00000001 /* True to trace VDBE execution */
+#define SQLITE_InternChanges 0x00000002 /* Uncommitted Hash table changes */
+#define SQLITE_FullFSync 0x00000004 /* Use full fsync on the backend */
+#define SQLITE_CkptFullFSync 0x00000008 /* Use full fsync for checkpoint */
+#define SQLITE_CacheSpill 0x00000010 /* OK to spill pager cache */
+#define SQLITE_FullColNames 0x00000020 /* Show full column names on SELECT */
+#define SQLITE_ShortColNames 0x00000040 /* Show short columns names */
+#define SQLITE_CountRows 0x00000080 /* Count rows changed by INSERT, */
+ /* DELETE, or UPDATE and return */
+ /* the count using a callback. */
+#define SQLITE_NullCallback 0x00000100 /* Invoke the callback once if the */
+ /* result set is empty */
+#define SQLITE_SqlTrace 0x00000200 /* Debug print SQL as it executes */
+#define SQLITE_VdbeListing 0x00000400 /* Debug listings of VDBE programs */
+#define SQLITE_WriteSchema 0x00000800 /* OK to update SQLITE_MASTER */
+#define SQLITE_VdbeAddopTrace 0x00001000 /* Trace sqlite3VdbeAddOp() calls */
+#define SQLITE_IgnoreChecks 0x00002000 /* Do not enforce check constraints */
+#define SQLITE_ReadUncommitted 0x0004000 /* For shared-cache mode */
+#define SQLITE_LegacyFileFmt 0x00008000 /* Create new databases in format 1 */
+#define SQLITE_RecoveryMode 0x00010000 /* Ignore schema errors */
+#define SQLITE_ReverseOrder 0x00020000 /* Reverse unordered SELECTs */
+#define SQLITE_RecTriggers 0x00040000 /* Enable recursive triggers */
+#define SQLITE_ForeignKeys 0x00080000 /* Enforce foreign key constraints */
+#define SQLITE_AutoIndex 0x00100000 /* Enable automatic indexes */
+#define SQLITE_PreferBuiltin 0x00200000 /* Preference to built-in funcs */
+#define SQLITE_LoadExtension 0x00400000 /* Enable load_extension */
+#define SQLITE_EnableTrigger 0x00800000 /* True to enable triggers */
+#define SQLITE_DeferFKs 0x01000000 /* Defer all FK constraints */
+#define SQLITE_QueryOnly 0x02000000 /* Disable database changes */
+#define SQLITE_VdbeEQP 0x04000000 /* Debug EXPLAIN QUERY PLAN */
+#define SQLITE_Vacuum 0x08000000 /* Currently in a VACUUM */
+#define SQLITE_CellSizeCk 0x10000000 /* Check btree cell sizes on load */
+
+
+/*
+** Bits of the sqlite3.dbOptFlags field that are used by the
+** sqlite3_test_control(SQLITE_TESTCTRL_OPTIMIZATIONS,...) interface to
+** selectively disable various optimizations.
+*/
+#define SQLITE_QueryFlattener 0x0001 /* Query flattening */
+#define SQLITE_ColumnCache 0x0002 /* Column cache */
+#define SQLITE_GroupByOrder 0x0004 /* GROUPBY cover of ORDERBY */
+#define SQLITE_FactorOutConst 0x0008 /* Constant factoring */
+/* not used 0x0010 // Was: SQLITE_IdxRealAsInt */
+#define SQLITE_DistinctOpt 0x0020 /* DISTINCT using indexes */
+#define SQLITE_CoverIdxScan 0x0040 /* Covering index scans */
+#define SQLITE_OrderByIdxJoin 0x0080 /* ORDER BY of joins via index */
+#define SQLITE_SubqCoroutine 0x0100 /* Evaluate subqueries as coroutines */
+#define SQLITE_Transitive 0x0200 /* Transitive constraints */
+#define SQLITE_OmitNoopJoin 0x0400 /* Omit unused tables in joins */
+#define SQLITE_Stat34 0x0800 /* Use STAT3 or STAT4 data */
+#define SQLITE_CursorHints 0x2000 /* Add OP_CursorHint opcodes */
+#define SQLITE_AllOpts 0xffff /* All optimizations */
+
+/*
+** Macros for testing whether or not optimizations are enabled or disabled.
+*/
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+#define OptimizationDisabled(db, mask) (((db)->dbOptFlags&(mask))!=0)
+#define OptimizationEnabled(db, mask) (((db)->dbOptFlags&(mask))==0)
+#else
+#define OptimizationDisabled(db, mask) 0
+#define OptimizationEnabled(db, mask) 1
+#endif
+
+/*
+** Return true if it OK to factor constant expressions into the initialization
+** code. The argument is a Parse object for the code generator.
+*/
+#define ConstFactorOk(P) ((P)->okConstFactor)
+
+/*
+** Possible values for the sqlite.magic field.
+** The numbers are obtained at random and have no special meaning, other
+** than being distinct from one another.
+*/
+#define SQLITE_MAGIC_OPEN 0xa029a697 /* Database is open */
+#define SQLITE_MAGIC_CLOSED 0x9f3c2d33 /* Database is closed */
+#define SQLITE_MAGIC_SICK 0x4b771290 /* Error and awaiting close */
+#define SQLITE_MAGIC_BUSY 0xf03b7906 /* Database currently in use */
+#define SQLITE_MAGIC_ERROR 0xb5357930 /* An SQLITE_MISUSE error occurred */
+#define SQLITE_MAGIC_ZOMBIE 0x64cffc7f /* Close with last statement close */
+
+/*
+** Each SQL function is defined by an instance of the following
+** structure. A pointer to this structure is stored in the sqlite.aFunc
+** hash table. When multiple functions have the same name, the hash table
+** points to a linked list of these structures.
+*/
+struct FuncDef {
+ i16 nArg; /* Number of arguments. -1 means unlimited */
+ u16 funcFlags; /* Some combination of SQLITE_FUNC_* */
+ void *pUserData; /* User data parameter */
+ FuncDef *pNext; /* Next function with same name */
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**); /* Regular function */
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**); /* Aggregate step */
+ void (*xFinalize)(sqlite3_context*); /* Aggregate finalizer */
+ char *zName; /* SQL name of the function. */
+ FuncDef *pHash; /* Next with a different name but the same hash */
+ FuncDestructor *pDestructor; /* Reference counted destructor function */
+};
+
+/*
+** This structure encapsulates a user-function destructor callback (as
+** configured using create_function_v2()) and a reference counter. When
+** create_function_v2() is called to create a function with a destructor,
+** a single object of this type is allocated. FuncDestructor.nRef is set to
+** the number of FuncDef objects created (either 1 or 3, depending on whether
+** or not the specified encoding is SQLITE_ANY). The FuncDef.pDestructor
+** member of each of the new FuncDef objects is set to point to the allocated
+** FuncDestructor.
+**
+** Thereafter, when one of the FuncDef objects is deleted, the reference
+** count on this object is decremented. When it reaches 0, the destructor
+** is invoked and the FuncDestructor structure freed.
+*/
+struct FuncDestructor {
+ int nRef;
+ void (*xDestroy)(void *);
+ void *pUserData;
+};
+
+/*
+** Possible values for FuncDef.flags. Note that the _LENGTH and _TYPEOF
+** values must correspond to OPFLAG_LENGTHARG and OPFLAG_TYPEOFARG. And
+** SQLITE_FUNC_CONSTANT must be the same as SQLITE_DETERMINISTIC. There
+** are assert() statements in the code to verify this.
+*/
+#define SQLITE_FUNC_ENCMASK 0x0003 /* SQLITE_UTF8, SQLITE_UTF16BE or UTF16LE */
+#define SQLITE_FUNC_LIKE 0x0004 /* Candidate for the LIKE optimization */
+#define SQLITE_FUNC_CASE 0x0008 /* Case-sensitive LIKE-type function */
+#define SQLITE_FUNC_EPHEM 0x0010 /* Ephemeral. Delete with VDBE */
+#define SQLITE_FUNC_NEEDCOLL 0x0020 /* sqlite3GetFuncCollSeq() might be called*/
+#define SQLITE_FUNC_LENGTH 0x0040 /* Built-in length() function */
+#define SQLITE_FUNC_TYPEOF 0x0080 /* Built-in typeof() function */
+#define SQLITE_FUNC_COUNT 0x0100 /* Built-in count(*) aggregate */
+#define SQLITE_FUNC_COALESCE 0x0200 /* Built-in coalesce() or ifnull() */
+#define SQLITE_FUNC_UNLIKELY 0x0400 /* Built-in unlikely() function */
+#define SQLITE_FUNC_CONSTANT 0x0800 /* Constant inputs give a constant output */
+#define SQLITE_FUNC_MINMAX 0x1000 /* True for min() and max() aggregates */
+#define SQLITE_FUNC_SLOCHNG 0x2000 /* "Slow Change". Value constant during a
+ ** single query - might change over time */
+
+/*
+** The following three macros, FUNCTION(), LIKEFUNC() and AGGREGATE() are
+** used to create the initializers for the FuncDef structures.
+**
+** FUNCTION(zName, nArg, iArg, bNC, xFunc)
+** Used to create a scalar function definition of a function zName
+** implemented by C function xFunc that accepts nArg arguments. The
+** value passed as iArg is cast to a (void*) and made available
+** as the user-data (sqlite3_user_data()) for the function. If
+** argument bNC is true, then the SQLITE_FUNC_NEEDCOLL flag is set.
+**
+** VFUNCTION(zName, nArg, iArg, bNC, xFunc)
+** Like FUNCTION except it omits the SQLITE_FUNC_CONSTANT flag.
+**
+** DFUNCTION(zName, nArg, iArg, bNC, xFunc)
+** Like FUNCTION except it omits the SQLITE_FUNC_CONSTANT flag and
+** adds the SQLITE_FUNC_SLOCHNG flag. Used for date & time functions
+** and functions like sqlite_version() that can change, but not during
+** a single query.
+**
+** AGGREGATE(zName, nArg, iArg, bNC, xStep, xFinal)
+** Used to create an aggregate function definition implemented by
+** the C functions xStep and xFinal. The first four parameters
+** are interpreted in the same way as the first 4 parameters to
+** FUNCTION().
+**
+** LIKEFUNC(zName, nArg, pArg, flags)
+** Used to create a scalar function definition of a function zName
+** that accepts nArg arguments and is implemented by a call to C
+** function likeFunc. Argument pArg is cast to a (void *) and made
+** available as the function user-data (sqlite3_user_data()). The
+** FuncDef.flags variable is set to the value passed as the flags
+** parameter.
+*/
+#define FUNCTION(zName, nArg, iArg, bNC, xFunc) \
+ {nArg, SQLITE_FUNC_CONSTANT|SQLITE_UTF8|(bNC*SQLITE_FUNC_NEEDCOLL), \
+ SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, #zName, 0, 0}
+#define VFUNCTION(zName, nArg, iArg, bNC, xFunc) \
+ {nArg, SQLITE_UTF8|(bNC*SQLITE_FUNC_NEEDCOLL), \
+ SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, #zName, 0, 0}
+#define DFUNCTION(zName, nArg, iArg, bNC, xFunc) \
+ {nArg, SQLITE_FUNC_SLOCHNG|SQLITE_UTF8|(bNC*SQLITE_FUNC_NEEDCOLL), \
+ SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, #zName, 0, 0}
+#define FUNCTION2(zName, nArg, iArg, bNC, xFunc, extraFlags) \
+ {nArg,SQLITE_FUNC_CONSTANT|SQLITE_UTF8|(bNC*SQLITE_FUNC_NEEDCOLL)|extraFlags,\
+ SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, #zName, 0, 0}
+#define STR_FUNCTION(zName, nArg, pArg, bNC, xFunc) \
+ {nArg, SQLITE_FUNC_SLOCHNG|SQLITE_UTF8|(bNC*SQLITE_FUNC_NEEDCOLL), \
+ pArg, 0, xFunc, 0, 0, #zName, 0, 0}
+#define LIKEFUNC(zName, nArg, arg, flags) \
+ {nArg, SQLITE_FUNC_CONSTANT|SQLITE_UTF8|flags, \
+ (void *)arg, 0, likeFunc, 0, 0, #zName, 0, 0}
+#define AGGREGATE(zName, nArg, arg, nc, xStep, xFinal) \
+ {nArg, SQLITE_UTF8|(nc*SQLITE_FUNC_NEEDCOLL), \
+ SQLITE_INT_TO_PTR(arg), 0, 0, xStep,xFinal,#zName,0,0}
+#define AGGREGATE2(zName, nArg, arg, nc, xStep, xFinal, extraFlags) \
+ {nArg, SQLITE_UTF8|(nc*SQLITE_FUNC_NEEDCOLL)|extraFlags, \
+ SQLITE_INT_TO_PTR(arg), 0, 0, xStep,xFinal,#zName,0,0}
+
+/*
+** All current savepoints are stored in a linked list starting at
+** sqlite3.pSavepoint. The first element in the list is the most recently
+** opened savepoint. Savepoints are added to the list by the vdbe
+** OP_Savepoint instruction.
+*/
+struct Savepoint {
+ char *zName; /* Savepoint name (nul-terminated) */
+ i64 nDeferredCons; /* Number of deferred fk violations */
+ i64 nDeferredImmCons; /* Number of deferred imm fk. */
+ Savepoint *pNext; /* Parent savepoint (if any) */
+};
+
+/*
+** The following are used as the second parameter to sqlite3Savepoint(),
+** and as the P1 argument to the OP_Savepoint instruction.
+*/
+#define SAVEPOINT_BEGIN 0
+#define SAVEPOINT_RELEASE 1
+#define SAVEPOINT_ROLLBACK 2
+
+
+/*
+** Each SQLite module (virtual table definition) is defined by an
+** instance of the following structure, stored in the sqlite3.aModule
+** hash table.
+*/
+struct Module {
+ const sqlite3_module *pModule; /* Callback pointers */
+ const char *zName; /* Name passed to create_module() */
+ void *pAux; /* pAux passed to create_module() */
+ void (*xDestroy)(void *); /* Module destructor function */
+ Table *pEpoTab; /* Eponymous table for this module */
+};
+
+/*
+** information about each column of an SQL table is held in an instance
+** of this structure.
+*/
+struct Column {
+ char *zName; /* Name of this column */
+ Expr *pDflt; /* Default value of this column */
+ char *zDflt; /* Original text of the default value */
+ char *zType; /* Data type for this column */
+ char *zColl; /* Collating sequence. If NULL, use the default */
+ u8 notNull; /* An OE_ code for handling a NOT NULL constraint */
+ char affinity; /* One of the SQLITE_AFF_... values */
+ u8 szEst; /* Estimated size of value in this column. sizeof(INT)==1 */
+ u8 colFlags; /* Boolean properties. See COLFLAG_ defines below */
+};
+
+/* Allowed values for Column.colFlags:
+*/
+#define COLFLAG_PRIMKEY 0x0001 /* Column is part of the primary key */
+#define COLFLAG_HIDDEN 0x0002 /* A hidden column in a virtual table */
+
+/*
+** A "Collating Sequence" is defined by an instance of the following
+** structure. Conceptually, a collating sequence consists of a name and
+** a comparison routine that defines the order of that sequence.
+**
+** If CollSeq.xCmp is NULL, it means that the
+** collating sequence is undefined. Indices built on an undefined
+** collating sequence may not be read or written.
+*/
+struct CollSeq {
+ char *zName; /* Name of the collating sequence, UTF-8 encoded */
+ u8 enc; /* Text encoding handled by xCmp() */
+ void *pUser; /* First argument to xCmp() */
+ int (*xCmp)(void*,int, const void*, int, const void*);
+ void (*xDel)(void*); /* Destructor for pUser */
+};
+
+/*
+** A sort order can be either ASC or DESC.
+*/
+#define SQLITE_SO_ASC 0 /* Sort in ascending order */
+#define SQLITE_SO_DESC 1 /* Sort in ascending order */
+#define SQLITE_SO_UNDEFINED -1 /* No sort order specified */
+
+/*
+** Column affinity types.
+**
+** These used to have mnemonic name like 'i' for SQLITE_AFF_INTEGER and
+** 't' for SQLITE_AFF_TEXT. But we can save a little space and improve
+** the speed a little by numbering the values consecutively.
+**
+** But rather than start with 0 or 1, we begin with 'A'. That way,
+** when multiple affinity types are concatenated into a string and
+** used as the P4 operand, they will be more readable.
+**
+** Note also that the numeric types are grouped together so that testing
+** for a numeric type is a single comparison. And the BLOB type is first.
+*/
+#define SQLITE_AFF_BLOB 'A'
+#define SQLITE_AFF_TEXT 'B'
+#define SQLITE_AFF_NUMERIC 'C'
+#define SQLITE_AFF_INTEGER 'D'
+#define SQLITE_AFF_REAL 'E'
+
+#define sqlite3IsNumericAffinity(X) ((X)>=SQLITE_AFF_NUMERIC)
+
+/*
+** The SQLITE_AFF_MASK values masks off the significant bits of an
+** affinity value.
+*/
+#define SQLITE_AFF_MASK 0x47
+
+/*
+** Additional bit values that can be ORed with an affinity without
+** changing the affinity.
+**
+** The SQLITE_NOTNULL flag is a combination of NULLEQ and JUMPIFNULL.
+** It causes an assert() to fire if either operand to a comparison
+** operator is NULL. It is added to certain comparison operators to
+** prove that the operands are always NOT NULL.
+*/
+#define SQLITE_JUMPIFNULL 0x10 /* jumps if either operand is NULL */
+#define SQLITE_STOREP2 0x20 /* Store result in reg[P2] rather than jump */
+#define SQLITE_NULLEQ 0x80 /* NULL=NULL */
+#define SQLITE_NOTNULL 0x90 /* Assert that operands are never NULL */
+
+/*
+** An object of this type is created for each virtual table present in
+** the database schema.
+**
+** If the database schema is shared, then there is one instance of this
+** structure for each database connection (sqlite3*) that uses the shared
+** schema. This is because each database connection requires its own unique
+** instance of the sqlite3_vtab* handle used to access the virtual table
+** implementation. sqlite3_vtab* handles can not be shared between
+** database connections, even when the rest of the in-memory database
+** schema is shared, as the implementation often stores the database
+** connection handle passed to it via the xConnect() or xCreate() method
+** during initialization internally. This database connection handle may
+** then be used by the virtual table implementation to access real tables
+** within the database. So that they appear as part of the callers
+** transaction, these accesses need to be made via the same database
+** connection as that used to execute SQL operations on the virtual table.
+**
+** All VTable objects that correspond to a single table in a shared
+** database schema are initially stored in a linked-list pointed to by
+** the Table.pVTable member variable of the corresponding Table object.
+** When an sqlite3_prepare() operation is required to access the virtual
+** table, it searches the list for the VTable that corresponds to the
+** database connection doing the preparing so as to use the correct
+** sqlite3_vtab* handle in the compiled query.
+**
+** When an in-memory Table object is deleted (for example when the
+** schema is being reloaded for some reason), the VTable objects are not
+** deleted and the sqlite3_vtab* handles are not xDisconnect()ed
+** immediately. Instead, they are moved from the Table.pVTable list to
+** another linked list headed by the sqlite3.pDisconnect member of the
+** corresponding sqlite3 structure. They are then deleted/xDisconnected
+** next time a statement is prepared using said sqlite3*. This is done
+** to avoid deadlock issues involving multiple sqlite3.mutex mutexes.
+** Refer to comments above function sqlite3VtabUnlockList() for an
+** explanation as to why it is safe to add an entry to an sqlite3.pDisconnect
+** list without holding the corresponding sqlite3.mutex mutex.
+**
+** The memory for objects of this type is always allocated by
+** sqlite3DbMalloc(), using the connection handle stored in VTable.db as
+** the first argument.
+*/
+struct VTable {
+ sqlite3 *db; /* Database connection associated with this table */
+ Module *pMod; /* Pointer to module implementation */
+ sqlite3_vtab *pVtab; /* Pointer to vtab instance */
+ int nRef; /* Number of pointers to this structure */
+ u8 bConstraint; /* True if constraints are supported */
+ int iSavepoint; /* Depth of the SAVEPOINT stack */
+ VTable *pNext; /* Next in linked list (see above) */
+};
+
+/*
+** The schema for each SQL table and view is represented in memory
+** by an instance of the following structure.
+*/
+struct Table {
+ char *zName; /* Name of the table or view */
+ Column *aCol; /* Information about each column */
+ Index *pIndex; /* List of SQL indexes on this table. */
+ Select *pSelect; /* NULL for tables. Points to definition if a view. */
+ FKey *pFKey; /* Linked list of all foreign keys in this table */
+ char *zColAff; /* String defining the affinity of each column */
+ ExprList *pCheck; /* All CHECK constraints */
+ /* ... also used as column name list in a VIEW */
+ int tnum; /* Root BTree page for this table */
+ i16 iPKey; /* If not negative, use aCol[iPKey] as the rowid */
+ i16 nCol; /* Number of columns in this table */
+ u16 nRef; /* Number of pointers to this Table */
+ LogEst nRowLogEst; /* Estimated rows in table - from sqlite_stat1 table */
+ LogEst szTabRow; /* Estimated size of each table row in bytes */
+#ifdef SQLITE_ENABLE_COSTMULT
+ LogEst costMult; /* Cost multiplier for using this table */
+#endif
+ u8 tabFlags; /* Mask of TF_* values */
+ u8 keyConf; /* What to do in case of uniqueness conflict on iPKey */
+#ifndef SQLITE_OMIT_ALTERTABLE
+ int addColOffset; /* Offset in CREATE TABLE stmt to add a new column */
+#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ int nModuleArg; /* Number of arguments to the module */
+ char **azModuleArg; /* 0: module 1: schema 2: vtab name 3...: args */
+ VTable *pVTable; /* List of VTable objects. */
+#endif
+ Trigger *pTrigger; /* List of triggers stored in pSchema */
+ Schema *pSchema; /* Schema that contains this table */
+ Table *pNextZombie; /* Next on the Parse.pZombieTab list */
+};
+
+/*
+** Allowed values for Table.tabFlags.
+**
+** TF_OOOHidden applies to tables or view that have hidden columns that are
+** followed by non-hidden columns. Example: "CREATE VIRTUAL TABLE x USING
+** vtab1(a HIDDEN, b);". Since "b" is a non-hidden column but "a" is hidden,
+** the TF_OOOHidden attribute would apply in this case. Such tables require
+** special handling during INSERT processing.
+*/
+#define TF_Readonly 0x01 /* Read-only system table */
+#define TF_Ephemeral 0x02 /* An ephemeral table */
+#define TF_HasPrimaryKey 0x04 /* Table has a primary key */
+#define TF_Autoincrement 0x08 /* Integer primary key is autoincrement */
+#define TF_Virtual 0x10 /* Is a virtual table */
+#define TF_WithoutRowid 0x20 /* No rowid. PRIMARY KEY is the key */
+#define TF_NoVisibleRowid 0x40 /* No user-visible "rowid" column */
+#define TF_OOOHidden 0x80 /* Out-of-Order hidden columns */
+
+
+/*
+** Test to see whether or not a table is a virtual table. This is
+** done as a macro so that it will be optimized out when virtual
+** table support is omitted from the build.
+*/
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+# define IsVirtual(X) (((X)->tabFlags & TF_Virtual)!=0)
+#else
+# define IsVirtual(X) 0
+#endif
+
+/*
+** Macros to determine if a column is hidden. IsOrdinaryHiddenColumn()
+** only works for non-virtual tables (ordinary tables and views) and is
+** always false unless SQLITE_ENABLE_HIDDEN_COLUMNS is defined. The
+** IsHiddenColumn() macro is general purpose.
+*/
+#if defined(SQLITE_ENABLE_HIDDEN_COLUMNS)
+# define IsHiddenColumn(X) (((X)->colFlags & COLFLAG_HIDDEN)!=0)
+# define IsOrdinaryHiddenColumn(X) (((X)->colFlags & COLFLAG_HIDDEN)!=0)
+#elif !defined(SQLITE_OMIT_VIRTUALTABLE)
+# define IsHiddenColumn(X) (((X)->colFlags & COLFLAG_HIDDEN)!=0)
+# define IsOrdinaryHiddenColumn(X) 0
+#else
+# define IsHiddenColumn(X) 0
+# define IsOrdinaryHiddenColumn(X) 0
+#endif
+
+
+/* Does the table have a rowid */
+#define HasRowid(X) (((X)->tabFlags & TF_WithoutRowid)==0)
+#define VisibleRowid(X) (((X)->tabFlags & TF_NoVisibleRowid)==0)
+
+/*
+** Each foreign key constraint is an instance of the following structure.
+**
+** A foreign key is associated with two tables. The "from" table is
+** the table that contains the REFERENCES clause that creates the foreign
+** key. The "to" table is the table that is named in the REFERENCES clause.
+** Consider this example:
+**
+** CREATE TABLE ex1(
+** a INTEGER PRIMARY KEY,
+** b INTEGER CONSTRAINT fk1 REFERENCES ex2(x)
+** );
+**
+** For foreign key "fk1", the from-table is "ex1" and the to-table is "ex2".
+** Equivalent names:
+**
+** from-table == child-table
+** to-table == parent-table
+**
+** Each REFERENCES clause generates an instance of the following structure
+** which is attached to the from-table. The to-table need not exist when
+** the from-table is created. The existence of the to-table is not checked.
+**
+** The list of all parents for child Table X is held at X.pFKey.
+**
+** A list of all children for a table named Z (which might not even exist)
+** is held in Schema.fkeyHash with a hash key of Z.
+*/
+struct FKey {
+ Table *pFrom; /* Table containing the REFERENCES clause (aka: Child) */
+ FKey *pNextFrom; /* Next FKey with the same in pFrom. Next parent of pFrom */
+ char *zTo; /* Name of table that the key points to (aka: Parent) */
+ FKey *pNextTo; /* Next with the same zTo. Next child of zTo. */
+ FKey *pPrevTo; /* Previous with the same zTo */
+ int nCol; /* Number of columns in this key */
+ /* EV: R-30323-21917 */
+ u8 isDeferred; /* True if constraint checking is deferred till COMMIT */
+ u8 aAction[2]; /* ON DELETE and ON UPDATE actions, respectively */
+ Trigger *apTrigger[2];/* Triggers for aAction[] actions */
+ struct sColMap { /* Mapping of columns in pFrom to columns in zTo */
+ int iFrom; /* Index of column in pFrom */
+ char *zCol; /* Name of column in zTo. If NULL use PRIMARY KEY */
+ } aCol[1]; /* One entry for each of nCol columns */
+};
+
+/*
+** SQLite supports many different ways to resolve a constraint
+** error. ROLLBACK processing means that a constraint violation
+** causes the operation in process to fail and for the current transaction
+** to be rolled back. ABORT processing means the operation in process
+** fails and any prior changes from that one operation are backed out,
+** but the transaction is not rolled back. FAIL processing means that
+** the operation in progress stops and returns an error code. But prior
+** changes due to the same operation are not backed out and no rollback
+** occurs. IGNORE means that the particular row that caused the constraint
+** error is not inserted or updated. Processing continues and no error
+** is returned. REPLACE means that preexisting database rows that caused
+** a UNIQUE constraint violation are removed so that the new insert or
+** update can proceed. Processing continues and no error is reported.
+**
+** RESTRICT, SETNULL, and CASCADE actions apply only to foreign keys.
+** RESTRICT is the same as ABORT for IMMEDIATE foreign keys and the
+** same as ROLLBACK for DEFERRED keys. SETNULL means that the foreign
+** key is set to NULL. CASCADE means that a DELETE or UPDATE of the
+** referenced table row is propagated into the row that holds the
+** foreign key.
+**
+** The following symbolic values are used to record which type
+** of action to take.
+*/
+#define OE_None 0 /* There is no constraint to check */
+#define OE_Rollback 1 /* Fail the operation and rollback the transaction */
+#define OE_Abort 2 /* Back out changes but do no rollback transaction */
+#define OE_Fail 3 /* Stop the operation but leave all prior changes */
+#define OE_Ignore 4 /* Ignore the error. Do not do the INSERT or UPDATE */
+#define OE_Replace 5 /* Delete existing record, then do INSERT or UPDATE */
+
+#define OE_Restrict 6 /* OE_Abort for IMMEDIATE, OE_Rollback for DEFERRED */
+#define OE_SetNull 7 /* Set the foreign key value to NULL */
+#define OE_SetDflt 8 /* Set the foreign key value to its default */
+#define OE_Cascade 9 /* Cascade the changes */
+
+#define OE_Default 10 /* Do whatever the default action is */
+
+
+/*
+** An instance of the following structure is passed as the first
+** argument to sqlite3VdbeKeyCompare and is used to control the
+** comparison of the two index keys.
+**
+** Note that aSortOrder[] and aColl[] have nField+1 slots. There
+** are nField slots for the columns of an index then one extra slot
+** for the rowid at the end.
+*/
+struct KeyInfo {
+ u32 nRef; /* Number of references to this KeyInfo object */
+ u8 enc; /* Text encoding - one of the SQLITE_UTF* values */
+ u16 nField; /* Number of key columns in the index */
+ u16 nXField; /* Number of columns beyond the key columns */
+ sqlite3 *db; /* The database connection */
+ u8 *aSortOrder; /* Sort order for each column. */
+ CollSeq *aColl[1]; /* Collating sequence for each term of the key */
+};
+
+/*
+** This object holds a record which has been parsed out into individual
+** fields, for the purposes of doing a comparison.
+**
+** A record is an object that contains one or more fields of data.
+** Records are used to store the content of a table row and to store
+** the key of an index. A blob encoding of a record is created by
+** the OP_MakeRecord opcode of the VDBE and is disassembled by the
+** OP_Column opcode.
+**
+** An instance of this object serves as a "key" for doing a search on
+** an index b+tree. The goal of the search is to find the entry that
+** is closed to the key described by this object. This object might hold
+** just a prefix of the key. The number of fields is given by
+** pKeyInfo->nField.
+**
+** The r1 and r2 fields are the values to return if this key is less than
+** or greater than a key in the btree, respectively. These are normally
+** -1 and +1 respectively, but might be inverted to +1 and -1 if the b-tree
+** is in DESC order.
+**
+** The key comparison functions actually return default_rc when they find
+** an equals comparison. default_rc can be -1, 0, or +1. If there are
+** multiple entries in the b-tree with the same key (when only looking
+** at the first pKeyInfo->nFields,) then default_rc can be set to -1 to
+** cause the search to find the last match, or +1 to cause the search to
+** find the first match.
+**
+** The key comparison functions will set eqSeen to true if they ever
+** get and equal results when comparing this structure to a b-tree record.
+** When default_rc!=0, the search might end up on the record immediately
+** before the first match or immediately after the last match. The
+** eqSeen field will indicate whether or not an exact match exists in the
+** b-tree.
+*/
+struct UnpackedRecord {
+ KeyInfo *pKeyInfo; /* Collation and sort-order information */
+ Mem *aMem; /* Values */
+ u16 nField; /* Number of entries in apMem[] */
+ i8 default_rc; /* Comparison result if keys are equal */
+ u8 errCode; /* Error detected by xRecordCompare (CORRUPT or NOMEM) */
+ i8 r1; /* Value to return if (lhs > rhs) */
+ i8 r2; /* Value to return if (rhs < lhs) */
+ u8 eqSeen; /* True if an equality comparison has been seen */
+};
+
+
+/*
+** Each SQL index is represented in memory by an
+** instance of the following structure.
+**
+** The columns of the table that are to be indexed are described
+** by the aiColumn[] field of this structure. For example, suppose
+** we have the following table and index:
+**
+** CREATE TABLE Ex1(c1 int, c2 int, c3 text);
+** CREATE INDEX Ex2 ON Ex1(c3,c1);
+**
+** In the Table structure describing Ex1, nCol==3 because there are
+** three columns in the table. In the Index structure describing
+** Ex2, nColumn==2 since 2 of the 3 columns of Ex1 are indexed.
+** The value of aiColumn is {2, 0}. aiColumn[0]==2 because the
+** first column to be indexed (c3) has an index of 2 in Ex1.aCol[].
+** The second column to be indexed (c1) has an index of 0 in
+** Ex1.aCol[], hence Ex2.aiColumn[1]==0.
+**
+** The Index.onError field determines whether or not the indexed columns
+** must be unique and what to do if they are not. When Index.onError=OE_None,
+** it means this is not a unique index. Otherwise it is a unique index
+** and the value of Index.onError indicate the which conflict resolution
+** algorithm to employ whenever an attempt is made to insert a non-unique
+** element.
+**
+** While parsing a CREATE TABLE or CREATE INDEX statement in order to
+** generate VDBE code (as opposed to parsing one read from an sqlite_master
+** table as part of parsing an existing database schema), transient instances
+** of this structure may be created. In this case the Index.tnum variable is
+** used to store the address of a VDBE instruction, not a database page
+** number (it cannot - the database page is not allocated until the VDBE
+** program is executed). See convertToWithoutRowidTable() for details.
+*/
+struct Index {
+ char *zName; /* Name of this index */
+ i16 *aiColumn; /* Which columns are used by this index. 1st is 0 */
+ LogEst *aiRowLogEst; /* From ANALYZE: Est. rows selected by each column */
+ Table *pTable; /* The SQL table being indexed */
+ char *zColAff; /* String defining the affinity of each column */
+ Index *pNext; /* The next index associated with the same table */
+ Schema *pSchema; /* Schema containing this index */
+ u8 *aSortOrder; /* for each column: True==DESC, False==ASC */
+ const char **azColl; /* Array of collation sequence names for index */
+ Expr *pPartIdxWhere; /* WHERE clause for partial indices */
+ ExprList *aColExpr; /* Column expressions */
+ int tnum; /* DB Page containing root of this index */
+ LogEst szIdxRow; /* Estimated average row size in bytes */
+ u16 nKeyCol; /* Number of columns forming the key */
+ u16 nColumn; /* Number of columns stored in the index */
+ u8 onError; /* OE_Abort, OE_Ignore, OE_Replace, or OE_None */
+ unsigned idxType:2; /* 1==UNIQUE, 2==PRIMARY KEY, 0==CREATE INDEX */
+ unsigned bUnordered:1; /* Use this index for == or IN queries only */
+ unsigned uniqNotNull:1; /* True if UNIQUE and NOT NULL for all columns */
+ unsigned isResized:1; /* True if resizeIndexObject() has been called */
+ unsigned isCovering:1; /* True if this is a covering index */
+ unsigned noSkipScan:1; /* Do not try to use skip-scan if true */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ int nSample; /* Number of elements in aSample[] */
+ int nSampleCol; /* Size of IndexSample.anEq[] and so on */
+ tRowcnt *aAvgEq; /* Average nEq values for keys not in aSample */
+ IndexSample *aSample; /* Samples of the left-most key */
+ tRowcnt *aiRowEst; /* Non-logarithmic stat1 data for this index */
+ tRowcnt nRowEst0; /* Non-logarithmic number of rows in the index */
+#endif
+};
+
+/*
+** Allowed values for Index.idxType
+*/
+#define SQLITE_IDXTYPE_APPDEF 0 /* Created using CREATE INDEX */
+#define SQLITE_IDXTYPE_UNIQUE 1 /* Implements a UNIQUE constraint */
+#define SQLITE_IDXTYPE_PRIMARYKEY 2 /* Is the PRIMARY KEY for the table */
+
+/* Return true if index X is a PRIMARY KEY index */
+#define IsPrimaryKeyIndex(X) ((X)->idxType==SQLITE_IDXTYPE_PRIMARYKEY)
+
+/* Return true if index X is a UNIQUE index */
+#define IsUniqueIndex(X) ((X)->onError!=OE_None)
+
+/* The Index.aiColumn[] values are normally positive integer. But
+** there are some negative values that have special meaning:
+*/
+#define XN_ROWID (-1) /* Indexed column is the rowid */
+#define XN_EXPR (-2) /* Indexed column is an expression */
+
+/*
+** Each sample stored in the sqlite_stat3 table is represented in memory
+** using a structure of this type. See documentation at the top of the
+** analyze.c source file for additional information.
+*/
+struct IndexSample {
+ void *p; /* Pointer to sampled record */
+ int n; /* Size of record in bytes */
+ tRowcnt *anEq; /* Est. number of rows where the key equals this sample */
+ tRowcnt *anLt; /* Est. number of rows where key is less than this sample */
+ tRowcnt *anDLt; /* Est. number of distinct keys less than this sample */
+};
+
+/*
+** Each token coming out of the lexer is an instance of
+** this structure. Tokens are also used as part of an expression.
+**
+** Note if Token.z==0 then Token.dyn and Token.n are undefined and
+** may contain random values. Do not make any assumptions about Token.dyn
+** and Token.n when Token.z==0.
+*/
+struct Token {
+ const char *z; /* Text of the token. Not NULL-terminated! */
+ unsigned int n; /* Number of characters in this token */
+};
+
+/*
+** An instance of this structure contains information needed to generate
+** code for a SELECT that contains aggregate functions.
+**
+** If Expr.op==TK_AGG_COLUMN or TK_AGG_FUNCTION then Expr.pAggInfo is a
+** pointer to this structure. The Expr.iColumn field is the index in
+** AggInfo.aCol[] or AggInfo.aFunc[] of information needed to generate
+** code for that node.
+**
+** AggInfo.pGroupBy and AggInfo.aFunc.pExpr point to fields within the
+** original Select structure that describes the SELECT statement. These
+** fields do not need to be freed when deallocating the AggInfo structure.
+*/
+struct AggInfo {
+ u8 directMode; /* Direct rendering mode means take data directly
+ ** from source tables rather than from accumulators */
+ u8 useSortingIdx; /* In direct mode, reference the sorting index rather
+ ** than the source table */
+ int sortingIdx; /* Cursor number of the sorting index */
+ int sortingIdxPTab; /* Cursor number of pseudo-table */
+ int nSortingColumn; /* Number of columns in the sorting index */
+ int mnReg, mxReg; /* Range of registers allocated for aCol and aFunc */
+ ExprList *pGroupBy; /* The group by clause */
+ struct AggInfo_col { /* For each column used in source tables */
+ Table *pTab; /* Source table */
+ int iTable; /* Cursor number of the source table */
+ int iColumn; /* Column number within the source table */
+ int iSorterColumn; /* Column number in the sorting index */
+ int iMem; /* Memory location that acts as accumulator */
+ Expr *pExpr; /* The original expression */
+ } *aCol;
+ int nColumn; /* Number of used entries in aCol[] */
+ int nAccumulator; /* Number of columns that show through to the output.
+ ** Additional columns are used only as parameters to
+ ** aggregate functions */
+ struct AggInfo_func { /* For each aggregate function */
+ Expr *pExpr; /* Expression encoding the function */
+ FuncDef *pFunc; /* The aggregate function implementation */
+ int iMem; /* Memory location that acts as accumulator */
+ int iDistinct; /* Ephemeral table used to enforce DISTINCT */
+ } *aFunc;
+ int nFunc; /* Number of entries in aFunc[] */
+};
+
+/*
+** The datatype ynVar is a signed integer, either 16-bit or 32-bit.
+** Usually it is 16-bits. But if SQLITE_MAX_VARIABLE_NUMBER is greater
+** than 32767 we have to make it 32-bit. 16-bit is preferred because
+** it uses less memory in the Expr object, which is a big memory user
+** in systems with lots of prepared statements. And few applications
+** need more than about 10 or 20 variables. But some extreme users want
+** to have prepared statements with over 32767 variables, and for them
+** the option is available (at compile-time).
+*/
+#if SQLITE_MAX_VARIABLE_NUMBER<=32767
+typedef i16 ynVar;
+#else
+typedef int ynVar;
+#endif
+
+/*
+** Each node of an expression in the parse tree is an instance
+** of this structure.
+**
+** Expr.op is the opcode. The integer parser token codes are reused
+** as opcodes here. For example, the parser defines TK_GE to be an integer
+** code representing the ">=" operator. This same integer code is reused
+** to represent the greater-than-or-equal-to operator in the expression
+** tree.
+**
+** If the expression is an SQL literal (TK_INTEGER, TK_FLOAT, TK_BLOB,
+** or TK_STRING), then Expr.token contains the text of the SQL literal. If
+** the expression is a variable (TK_VARIABLE), then Expr.token contains the
+** variable name. Finally, if the expression is an SQL function (TK_FUNCTION),
+** then Expr.token contains the name of the function.
+**
+** Expr.pRight and Expr.pLeft are the left and right subexpressions of a
+** binary operator. Either or both may be NULL.
+**
+** Expr.x.pList is a list of arguments if the expression is an SQL function,
+** a CASE expression or an IN expression of the form "<lhs> IN (<y>, <z>...)".
+** Expr.x.pSelect is used if the expression is a sub-select or an expression of
+** the form "<lhs> IN (SELECT ...)". If the EP_xIsSelect bit is set in the
+** Expr.flags mask, then Expr.x.pSelect is valid. Otherwise, Expr.x.pList is
+** valid.
+**
+** An expression of the form ID or ID.ID refers to a column in a table.
+** For such expressions, Expr.op is set to TK_COLUMN and Expr.iTable is
+** the integer cursor number of a VDBE cursor pointing to that table and
+** Expr.iColumn is the column number for the specific column. If the
+** expression is used as a result in an aggregate SELECT, then the
+** value is also stored in the Expr.iAgg column in the aggregate so that
+** it can be accessed after all aggregates are computed.
+**
+** If the expression is an unbound variable marker (a question mark
+** character '?' in the original SQL) then the Expr.iTable holds the index
+** number for that variable.
+**
+** If the expression is a subquery then Expr.iColumn holds an integer
+** register number containing the result of the subquery. If the
+** subquery gives a constant result, then iTable is -1. If the subquery
+** gives a different answer at different times during statement processing
+** then iTable is the address of a subroutine that computes the subquery.
+**
+** If the Expr is of type OP_Column, and the table it is selecting from
+** is a disk table or the "old.*" pseudo-table, then pTab points to the
+** corresponding table definition.
+**
+** ALLOCATION NOTES:
+**
+** Expr objects can use a lot of memory space in database schema. To
+** help reduce memory requirements, sometimes an Expr object will be
+** truncated. And to reduce the number of memory allocations, sometimes
+** two or more Expr objects will be stored in a single memory allocation,
+** together with Expr.zToken strings.
+**
+** If the EP_Reduced and EP_TokenOnly flags are set when
+** an Expr object is truncated. When EP_Reduced is set, then all
+** the child Expr objects in the Expr.pLeft and Expr.pRight subtrees
+** are contained within the same memory allocation. Note, however, that
+** the subtrees in Expr.x.pList or Expr.x.pSelect are always separately
+** allocated, regardless of whether or not EP_Reduced is set.
+*/
+struct Expr {
+ u8 op; /* Operation performed by this node */
+ char affinity; /* The affinity of the column or 0 if not a column */
+ u32 flags; /* Various flags. EP_* See below */
+ union {
+ char *zToken; /* Token value. Zero terminated and dequoted */
+ int iValue; /* Non-negative integer value if EP_IntValue */
+ } u;
+
+ /* If the EP_TokenOnly flag is set in the Expr.flags mask, then no
+ ** space is allocated for the fields below this point. An attempt to
+ ** access them will result in a segfault or malfunction.
+ *********************************************************************/
+
+ Expr *pLeft; /* Left subnode */
+ Expr *pRight; /* Right subnode */
+ union {
+ ExprList *pList; /* op = IN, EXISTS, SELECT, CASE, FUNCTION, BETWEEN */
+ Select *pSelect; /* EP_xIsSelect and op = IN, EXISTS, SELECT */
+ } x;
+
+ /* If the EP_Reduced flag is set in the Expr.flags mask, then no
+ ** space is allocated for the fields below this point. An attempt to
+ ** access them will result in a segfault or malfunction.
+ *********************************************************************/
+
+#if SQLITE_MAX_EXPR_DEPTH>0
+ int nHeight; /* Height of the tree headed by this node */
+#endif
+ int iTable; /* TK_COLUMN: cursor number of table holding column
+ ** TK_REGISTER: register number
+ ** TK_TRIGGER: 1 -> new, 0 -> old
+ ** EP_Unlikely: 134217728 times likelihood */
+ ynVar iColumn; /* TK_COLUMN: column index. -1 for rowid.
+ ** TK_VARIABLE: variable number (always >= 1). */
+ i16 iAgg; /* Which entry in pAggInfo->aCol[] or ->aFunc[] */
+ i16 iRightJoinTable; /* If EP_FromJoin, the right table of the join */
+ u8 op2; /* TK_REGISTER: original value of Expr.op
+ ** TK_COLUMN: the value of p5 for OP_Column
+ ** TK_AGG_FUNCTION: nesting depth */
+ AggInfo *pAggInfo; /* Used by TK_AGG_COLUMN and TK_AGG_FUNCTION */
+ Table *pTab; /* Table for TK_COLUMN expressions. */
+};
+
+/*
+** The following are the meanings of bits in the Expr.flags field.
+*/
+#define EP_FromJoin 0x000001 /* Originates in ON/USING clause of outer join */
+#define EP_Agg 0x000002 /* Contains one or more aggregate functions */
+#define EP_Resolved 0x000004 /* IDs have been resolved to COLUMNs */
+#define EP_Error 0x000008 /* Expression contains one or more errors */
+#define EP_Distinct 0x000010 /* Aggregate function with DISTINCT keyword */
+#define EP_VarSelect 0x000020 /* pSelect is correlated, not constant */
+#define EP_DblQuoted 0x000040 /* token.z was originally in "..." */
+#define EP_InfixFunc 0x000080 /* True for an infix function: LIKE, GLOB, etc */
+#define EP_Collate 0x000100 /* Tree contains a TK_COLLATE operator */
+#define EP_Generic 0x000200 /* Ignore COLLATE or affinity on this tree */
+#define EP_IntValue 0x000400 /* Integer value contained in u.iValue */
+#define EP_xIsSelect 0x000800 /* x.pSelect is valid (otherwise x.pList is) */
+#define EP_Skip 0x001000 /* COLLATE, AS, or UNLIKELY */
+#define EP_Reduced 0x002000 /* Expr struct EXPR_REDUCEDSIZE bytes only */
+#define EP_TokenOnly 0x004000 /* Expr struct EXPR_TOKENONLYSIZE bytes only */
+#define EP_Static 0x008000 /* Held in memory not obtained from malloc() */
+#define EP_MemToken 0x010000 /* Need to sqlite3DbFree() Expr.zToken */
+#define EP_NoReduce 0x020000 /* Cannot EXPRDUP_REDUCE this Expr */
+#define EP_Unlikely 0x040000 /* unlikely() or likelihood() function */
+#define EP_ConstFunc 0x080000 /* A SQLITE_FUNC_CONSTANT or _SLOCHNG function */
+#define EP_CanBeNull 0x100000 /* Can be null despite NOT NULL constraint */
+#define EP_Subquery 0x200000 /* Tree contains a TK_SELECT operator */
+#define EP_Alias 0x400000 /* Is an alias for a result set column */
+
+/*
+** Combinations of two or more EP_* flags
+*/
+#define EP_Propagate (EP_Collate|EP_Subquery) /* Propagate these bits up tree */
+
+/*
+** These macros can be used to test, set, or clear bits in the
+** Expr.flags field.
+*/
+#define ExprHasProperty(E,P) (((E)->flags&(P))!=0)
+#define ExprHasAllProperty(E,P) (((E)->flags&(P))==(P))
+#define ExprSetProperty(E,P) (E)->flags|=(P)
+#define ExprClearProperty(E,P) (E)->flags&=~(P)
+
+/* The ExprSetVVAProperty() macro is used for Verification, Validation,
+** and Accreditation only. It works like ExprSetProperty() during VVA
+** processes but is a no-op for delivery.
+*/
+#ifdef SQLITE_DEBUG
+# define ExprSetVVAProperty(E,P) (E)->flags|=(P)
+#else
+# define ExprSetVVAProperty(E,P)
+#endif
+
+/*
+** Macros to determine the number of bytes required by a normal Expr
+** struct, an Expr struct with the EP_Reduced flag set in Expr.flags
+** and an Expr struct with the EP_TokenOnly flag set.
+*/
+#define EXPR_FULLSIZE sizeof(Expr) /* Full size */
+#define EXPR_REDUCEDSIZE offsetof(Expr,iTable) /* Common features */
+#define EXPR_TOKENONLYSIZE offsetof(Expr,pLeft) /* Fewer features */
+
+/*
+** Flags passed to the sqlite3ExprDup() function. See the header comment
+** above sqlite3ExprDup() for details.
+*/
+#define EXPRDUP_REDUCE 0x0001 /* Used reduced-size Expr nodes */
+
+/*
+** A list of expressions. Each expression may optionally have a
+** name. An expr/name combination can be used in several ways, such
+** as the list of "expr AS ID" fields following a "SELECT" or in the
+** list of "ID = expr" items in an UPDATE. A list of expressions can
+** also be used as the argument to a function, in which case the a.zName
+** field is not used.
+**
+** By default the Expr.zSpan field holds a human-readable description of
+** the expression that is used in the generation of error messages and
+** column labels. In this case, Expr.zSpan is typically the text of a
+** column expression as it exists in a SELECT statement. However, if
+** the bSpanIsTab flag is set, then zSpan is overloaded to mean the name
+** of the result column in the form: DATABASE.TABLE.COLUMN. This later
+** form is used for name resolution with nested FROM clauses.
+*/
+struct ExprList {
+ int nExpr; /* Number of expressions on the list */
+ struct ExprList_item { /* For each expression in the list */
+ Expr *pExpr; /* The list of expressions */
+ char *zName; /* Token associated with this expression */
+ char *zSpan; /* Original text of the expression */
+ u8 sortOrder; /* 1 for DESC or 0 for ASC */
+ unsigned done :1; /* A flag to indicate when processing is finished */
+ unsigned bSpanIsTab :1; /* zSpan holds DB.TABLE.COLUMN */
+ unsigned reusable :1; /* Constant expression is reusable */
+ union {
+ struct {
+ u16 iOrderByCol; /* For ORDER BY, column number in result set */
+ u16 iAlias; /* Index into Parse.aAlias[] for zName */
+ } x;
+ int iConstExprReg; /* Register in which Expr value is cached */
+ } u;
+ } *a; /* Alloc a power of two greater or equal to nExpr */
+};
+
+/*
+** An instance of this structure is used by the parser to record both
+** the parse tree for an expression and the span of input text for an
+** expression.
+*/
+struct ExprSpan {
+ Expr *pExpr; /* The expression parse tree */
+ const char *zStart; /* First character of input text */
+ const char *zEnd; /* One character past the end of input text */
+};
+
+/*
+** An instance of this structure can hold a simple list of identifiers,
+** such as the list "a,b,c" in the following statements:
+**
+** INSERT INTO t(a,b,c) VALUES ...;
+** CREATE INDEX idx ON t(a,b,c);
+** CREATE TRIGGER trig BEFORE UPDATE ON t(a,b,c) ...;
+**
+** The IdList.a.idx field is used when the IdList represents the list of
+** column names after a table name in an INSERT statement. In the statement
+**
+** INSERT INTO t(a,b,c) ...
+**
+** If "a" is the k-th column of table "t", then IdList.a[0].idx==k.
+*/
+struct IdList {
+ struct IdList_item {
+ char *zName; /* Name of the identifier */
+ int idx; /* Index in some Table.aCol[] of a column named zName */
+ } *a;
+ int nId; /* Number of identifiers on the list */
+};
+
+/*
+** The bitmask datatype defined below is used for various optimizations.
+**
+** Changing this from a 64-bit to a 32-bit type limits the number of
+** tables in a join to 32 instead of 64. But it also reduces the size
+** of the library by 738 bytes on ix86.
+*/
+typedef u64 Bitmask;
+
+/*
+** The number of bits in a Bitmask. "BMS" means "BitMask Size".
+*/
+#define BMS ((int)(sizeof(Bitmask)*8))
+
+/*
+** A bit in a Bitmask
+*/
+#define MASKBIT(n) (((Bitmask)1)<<(n))
+#define MASKBIT32(n) (((unsigned int)1)<<(n))
+
+/*
+** The following structure describes the FROM clause of a SELECT statement.
+** Each table or subquery in the FROM clause is a separate element of
+** the SrcList.a[] array.
+**
+** With the addition of multiple database support, the following structure
+** can also be used to describe a particular table such as the table that
+** is modified by an INSERT, DELETE, or UPDATE statement. In standard SQL,
+** such a table must be a simple name: ID. But in SQLite, the table can
+** now be identified by a database name, a dot, then the table name: ID.ID.
+**
+** The jointype starts out showing the join type between the current table
+** and the next table on the list. The parser builds the list this way.
+** But sqlite3SrcListShiftJoinType() later shifts the jointypes so that each
+** jointype expresses the join between the table and the previous table.
+**
+** In the colUsed field, the high-order bit (bit 63) is set if the table
+** contains more than 63 columns and the 64-th or later column is used.
+*/
+struct SrcList {
+ int nSrc; /* Number of tables or subqueries in the FROM clause */
+ u32 nAlloc; /* Number of entries allocated in a[] below */
+ struct SrcList_item {
+ Schema *pSchema; /* Schema to which this item is fixed */
+ char *zDatabase; /* Name of database holding this table */
+ char *zName; /* Name of the table */
+ char *zAlias; /* The "B" part of a "A AS B" phrase. zName is the "A" */
+ Table *pTab; /* An SQL table corresponding to zName */
+ Select *pSelect; /* A SELECT statement used in place of a table name */
+ int addrFillSub; /* Address of subroutine to manifest a subquery */
+ int regReturn; /* Register holding return address of addrFillSub */
+ int regResult; /* Registers holding results of a co-routine */
+ struct {
+ u8 jointype; /* Type of join between this able and the previous */
+ unsigned notIndexed :1; /* True if there is a NOT INDEXED clause */
+ unsigned isIndexedBy :1; /* True if there is an INDEXED BY clause */
+ unsigned isTabFunc :1; /* True if table-valued-function syntax */
+ unsigned isCorrelated :1; /* True if sub-query is correlated */
+ unsigned viaCoroutine :1; /* Implemented as a co-routine */
+ unsigned isRecursive :1; /* True for recursive reference in WITH */
+ } fg;
+#ifndef SQLITE_OMIT_EXPLAIN
+ u8 iSelectId; /* If pSelect!=0, the id of the sub-select in EQP */
+#endif
+ int iCursor; /* The VDBE cursor number used to access this table */
+ Expr *pOn; /* The ON clause of a join */
+ IdList *pUsing; /* The USING clause of a join */
+ Bitmask colUsed; /* Bit N (1<<N) set if column N of pTab is used */
+ union {
+ char *zIndexedBy; /* Identifier from "INDEXED BY <zIndex>" clause */
+ ExprList *pFuncArg; /* Arguments to table-valued-function */
+ } u1;
+ Index *pIBIndex; /* Index structure corresponding to u1.zIndexedBy */
+ } a[1]; /* One entry for each identifier on the list */
+};
+
+/*
+** Permitted values of the SrcList.a.jointype field
+*/
+#define JT_INNER 0x0001 /* Any kind of inner or cross join */
+#define JT_CROSS 0x0002 /* Explicit use of the CROSS keyword */
+#define JT_NATURAL 0x0004 /* True for a "natural" join */
+#define JT_LEFT 0x0008 /* Left outer join */
+#define JT_RIGHT 0x0010 /* Right outer join */
+#define JT_OUTER 0x0020 /* The "OUTER" keyword is present */
+#define JT_ERROR 0x0040 /* unknown or unsupported join type */
+
+
+/*
+** Flags appropriate for the wctrlFlags parameter of sqlite3WhereBegin()
+** and the WhereInfo.wctrlFlags member.
+*/
+#define WHERE_ORDERBY_NORMAL 0x0000 /* No-op */
+#define WHERE_ORDERBY_MIN 0x0001 /* ORDER BY processing for min() func */
+#define WHERE_ORDERBY_MAX 0x0002 /* ORDER BY processing for max() func */
+#define WHERE_ONEPASS_DESIRED 0x0004 /* Want to do one-pass UPDATE/DELETE */
+#define WHERE_DUPLICATES_OK 0x0008 /* Ok to return a row more than once */
+#define WHERE_OMIT_OPEN_CLOSE 0x0010 /* Table cursors are already open */
+#define WHERE_FORCE_TABLE 0x0020 /* Do not use an index-only search */
+#define WHERE_ONETABLE_ONLY 0x0040 /* Only code the 1st table in pTabList */
+#define WHERE_NO_AUTOINDEX 0x0080 /* Disallow automatic indexes */
+#define WHERE_GROUPBY 0x0100 /* pOrderBy is really a GROUP BY */
+#define WHERE_DISTINCTBY 0x0200 /* pOrderby is really a DISTINCT clause */
+#define WHERE_WANT_DISTINCT 0x0400 /* All output needs to be distinct */
+#define WHERE_SORTBYGROUP 0x0800 /* Support sqlite3WhereIsSorted() */
+#define WHERE_REOPEN_IDX 0x1000 /* Try to use OP_ReopenIdx */
+#define WHERE_ONEPASS_MULTIROW 0x2000 /* ONEPASS is ok with multiple rows */
+
+/* Allowed return values from sqlite3WhereIsDistinct()
+*/
+#define WHERE_DISTINCT_NOOP 0 /* DISTINCT keyword not used */
+#define WHERE_DISTINCT_UNIQUE 1 /* No duplicates */
+#define WHERE_DISTINCT_ORDERED 2 /* All duplicates are adjacent */
+#define WHERE_DISTINCT_UNORDERED 3 /* Duplicates are scattered */
+
+/*
+** A NameContext defines a context in which to resolve table and column
+** names. The context consists of a list of tables (the pSrcList) field and
+** a list of named expression (pEList). The named expression list may
+** be NULL. The pSrc corresponds to the FROM clause of a SELECT or
+** to the table being operated on by INSERT, UPDATE, or DELETE. The
+** pEList corresponds to the result set of a SELECT and is NULL for
+** other statements.
+**
+** NameContexts can be nested. When resolving names, the inner-most
+** context is searched first. If no match is found, the next outer
+** context is checked. If there is still no match, the next context
+** is checked. This process continues until either a match is found
+** or all contexts are check. When a match is found, the nRef member of
+** the context containing the match is incremented.
+**
+** Each subquery gets a new NameContext. The pNext field points to the
+** NameContext in the parent query. Thus the process of scanning the
+** NameContext list corresponds to searching through successively outer
+** subqueries looking for a match.
+*/
+struct NameContext {
+ Parse *pParse; /* The parser */
+ SrcList *pSrcList; /* One or more tables used to resolve names */
+ ExprList *pEList; /* Optional list of result-set columns */
+ AggInfo *pAggInfo; /* Information about aggregates at this level */
+ NameContext *pNext; /* Next outer name context. NULL for outermost */
+ int nRef; /* Number of names resolved by this context */
+ int nErr; /* Number of errors encountered while resolving names */
+ u16 ncFlags; /* Zero or more NC_* flags defined below */
+};
+
+/*
+** Allowed values for the NameContext, ncFlags field.
+**
+** Note: NC_MinMaxAgg must have the same value as SF_MinMaxAgg and
+** SQLITE_FUNC_MINMAX.
+**
+*/
+#define NC_AllowAgg 0x0001 /* Aggregate functions are allowed here */
+#define NC_HasAgg 0x0002 /* One or more aggregate functions seen */
+#define NC_IsCheck 0x0004 /* True if resolving names in a CHECK constraint */
+#define NC_InAggFunc 0x0008 /* True if analyzing arguments to an agg func */
+#define NC_PartIdx 0x0010 /* True if resolving a partial index WHERE */
+#define NC_IdxExpr 0x0020 /* True if resolving columns of CREATE INDEX */
+#define NC_MinMaxAgg 0x1000 /* min/max aggregates seen. See note above */
+
+/*
+** An instance of the following structure contains all information
+** needed to generate code for a single SELECT statement.
+**
+** nLimit is set to -1 if there is no LIMIT clause. nOffset is set to 0.
+** If there is a LIMIT clause, the parser sets nLimit to the value of the
+** limit and nOffset to the value of the offset (or 0 if there is not
+** offset). But later on, nLimit and nOffset become the memory locations
+** in the VDBE that record the limit and offset counters.
+**
+** addrOpenEphm[] entries contain the address of OP_OpenEphemeral opcodes.
+** These addresses must be stored so that we can go back and fill in
+** the P4_KEYINFO and P2 parameters later. Neither the KeyInfo nor
+** the number of columns in P2 can be computed at the same time
+** as the OP_OpenEphm instruction is coded because not
+** enough information about the compound query is known at that point.
+** The KeyInfo for addrOpenTran[0] and [1] contains collating sequences
+** for the result set. The KeyInfo for addrOpenEphm[2] contains collating
+** sequences for the ORDER BY clause.
+*/
+struct Select {
+ ExprList *pEList; /* The fields of the result */
+ u8 op; /* One of: TK_UNION TK_ALL TK_INTERSECT TK_EXCEPT */
+ u16 selFlags; /* Various SF_* values */
+ int iLimit, iOffset; /* Memory registers holding LIMIT & OFFSET counters */
+#if SELECTTRACE_ENABLED
+ char zSelName[12]; /* Symbolic name of this SELECT use for debugging */
+#endif
+ int addrOpenEphm[2]; /* OP_OpenEphem opcodes related to this select */
+ u64 nSelectRow; /* Estimated number of result rows */
+ SrcList *pSrc; /* The FROM clause */
+ Expr *pWhere; /* The WHERE clause */
+ ExprList *pGroupBy; /* The GROUP BY clause */
+ Expr *pHaving; /* The HAVING clause */
+ ExprList *pOrderBy; /* The ORDER BY clause */
+ Select *pPrior; /* Prior select in a compound select statement */
+ Select *pNext; /* Next select to the left in a compound */
+ Expr *pLimit; /* LIMIT expression. NULL means not used. */
+ Expr *pOffset; /* OFFSET expression. NULL means not used. */
+ With *pWith; /* WITH clause attached to this select. Or NULL. */
+};
+
+/*
+** Allowed values for Select.selFlags. The "SF" prefix stands for
+** "Select Flag".
+*/
+#define SF_Distinct 0x0001 /* Output should be DISTINCT */
+#define SF_All 0x0002 /* Includes the ALL keyword */
+#define SF_Resolved 0x0004 /* Identifiers have been resolved */
+#define SF_Aggregate 0x0008 /* Contains aggregate functions */
+#define SF_UsesEphemeral 0x0010 /* Uses the OpenEphemeral opcode */
+#define SF_Expanded 0x0020 /* sqlite3SelectExpand() called on this */
+#define SF_HasTypeInfo 0x0040 /* FROM subqueries have Table metadata */
+#define SF_Compound 0x0080 /* Part of a compound query */
+#define SF_Values 0x0100 /* Synthesized from VALUES clause */
+#define SF_MultiValue 0x0200 /* Single VALUES term with multiple rows */
+#define SF_NestedFrom 0x0400 /* Part of a parenthesized FROM clause */
+#define SF_MaybeConvert 0x0800 /* Need convertCompoundSelectToSubquery() */
+#define SF_MinMaxAgg 0x1000 /* Aggregate containing min() or max() */
+#define SF_Recursive 0x2000 /* The recursive part of a recursive CTE */
+#define SF_Converted 0x4000 /* By convertCompoundSelectToSubquery() */
+#define SF_IncludeHidden 0x8000 /* Include hidden columns in output */
+
+
+/*
+** The results of a SELECT can be distributed in several ways, as defined
+** by one of the following macros. The "SRT" prefix means "SELECT Result
+** Type".
+**
+** SRT_Union Store results as a key in a temporary index
+** identified by pDest->iSDParm.
+**
+** SRT_Except Remove results from the temporary index pDest->iSDParm.
+**
+** SRT_Exists Store a 1 in memory cell pDest->iSDParm if the result
+** set is not empty.
+**
+** SRT_Discard Throw the results away. This is used by SELECT
+** statements within triggers whose only purpose is
+** the side-effects of functions.
+**
+** All of the above are free to ignore their ORDER BY clause. Those that
+** follow must honor the ORDER BY clause.
+**
+** SRT_Output Generate a row of output (using the OP_ResultRow
+** opcode) for each row in the result set.
+**
+** SRT_Mem Only valid if the result is a single column.
+** Store the first column of the first result row
+** in register pDest->iSDParm then abandon the rest
+** of the query. This destination implies "LIMIT 1".
+**
+** SRT_Set The result must be a single column. Store each
+** row of result as the key in table pDest->iSDParm.
+** Apply the affinity pDest->affSdst before storing
+** results. Used to implement "IN (SELECT ...)".
+**
+** SRT_EphemTab Create an temporary table pDest->iSDParm and store
+** the result there. The cursor is left open after
+** returning. This is like SRT_Table except that
+** this destination uses OP_OpenEphemeral to create
+** the table first.
+**
+** SRT_Coroutine Generate a co-routine that returns a new row of
+** results each time it is invoked. The entry point
+** of the co-routine is stored in register pDest->iSDParm
+** and the result row is stored in pDest->nDest registers
+** starting with pDest->iSdst.
+**
+** SRT_Table Store results in temporary table pDest->iSDParm.
+** SRT_Fifo This is like SRT_EphemTab except that the table
+** is assumed to already be open. SRT_Fifo has
+** the additional property of being able to ignore
+** the ORDER BY clause.
+**
+** SRT_DistFifo Store results in a temporary table pDest->iSDParm.
+** But also use temporary table pDest->iSDParm+1 as
+** a record of all prior results and ignore any duplicate
+** rows. Name means: "Distinct Fifo".
+**
+** SRT_Queue Store results in priority queue pDest->iSDParm (really
+** an index). Append a sequence number so that all entries
+** are distinct.
+**
+** SRT_DistQueue Store results in priority queue pDest->iSDParm only if
+** the same record has never been stored before. The
+** index at pDest->iSDParm+1 hold all prior stores.
+*/
+#define SRT_Union 1 /* Store result as keys in an index */
+#define SRT_Except 2 /* Remove result from a UNION index */
+#define SRT_Exists 3 /* Store 1 if the result is not empty */
+#define SRT_Discard 4 /* Do not save the results anywhere */
+#define SRT_Fifo 5 /* Store result as data with an automatic rowid */
+#define SRT_DistFifo 6 /* Like SRT_Fifo, but unique results only */
+#define SRT_Queue 7 /* Store result in an queue */
+#define SRT_DistQueue 8 /* Like SRT_Queue, but unique results only */
+
+/* The ORDER BY clause is ignored for all of the above */
+#define IgnorableOrderby(X) ((X->eDest)<=SRT_DistQueue)
+
+#define SRT_Output 9 /* Output each row of result */
+#define SRT_Mem 10 /* Store result in a memory cell */
+#define SRT_Set 11 /* Store results as keys in an index */
+#define SRT_EphemTab 12 /* Create transient tab and store like SRT_Table */
+#define SRT_Coroutine 13 /* Generate a single row of result */
+#define SRT_Table 14 /* Store result as data with an automatic rowid */
+
+/*
+** An instance of this object describes where to put of the results of
+** a SELECT statement.
+*/
+struct SelectDest {
+ u8 eDest; /* How to dispose of the results. On of SRT_* above. */
+ char affSdst; /* Affinity used when eDest==SRT_Set */
+ int iSDParm; /* A parameter used by the eDest disposal method */
+ int iSdst; /* Base register where results are written */
+ int nSdst; /* Number of registers allocated */
+ ExprList *pOrderBy; /* Key columns for SRT_Queue and SRT_DistQueue */
+};
+
+/*
+** During code generation of statements that do inserts into AUTOINCREMENT
+** tables, the following information is attached to the Table.u.autoInc.p
+** pointer of each autoincrement table to record some side information that
+** the code generator needs. We have to keep per-table autoincrement
+** information in case inserts are down within triggers. Triggers do not
+** normally coordinate their activities, but we do need to coordinate the
+** loading and saving of autoincrement information.
+*/
+struct AutoincInfo {
+ AutoincInfo *pNext; /* Next info block in a list of them all */
+ Table *pTab; /* Table this info block refers to */
+ int iDb; /* Index in sqlite3.aDb[] of database holding pTab */
+ int regCtr; /* Memory register holding the rowid counter */
+};
+
+/*
+** Size of the column cache
+*/
+#ifndef SQLITE_N_COLCACHE
+# define SQLITE_N_COLCACHE 10
+#endif
+
+/*
+** At least one instance of the following structure is created for each
+** trigger that may be fired while parsing an INSERT, UPDATE or DELETE
+** statement. All such objects are stored in the linked list headed at
+** Parse.pTriggerPrg and deleted once statement compilation has been
+** completed.
+**
+** A Vdbe sub-program that implements the body and WHEN clause of trigger
+** TriggerPrg.pTrigger, assuming a default ON CONFLICT clause of
+** TriggerPrg.orconf, is stored in the TriggerPrg.pProgram variable.
+** The Parse.pTriggerPrg list never contains two entries with the same
+** values for both pTrigger and orconf.
+**
+** The TriggerPrg.aColmask[0] variable is set to a mask of old.* columns
+** accessed (or set to 0 for triggers fired as a result of INSERT
+** statements). Similarly, the TriggerPrg.aColmask[1] variable is set to
+** a mask of new.* columns used by the program.
+*/
+struct TriggerPrg {
+ Trigger *pTrigger; /* Trigger this program was coded from */
+ TriggerPrg *pNext; /* Next entry in Parse.pTriggerPrg list */
+ SubProgram *pProgram; /* Program implementing pTrigger/orconf */
+ int orconf; /* Default ON CONFLICT policy */
+ u32 aColmask[2]; /* Masks of old.*, new.* columns accessed */
+};
+
+/*
+** The yDbMask datatype for the bitmask of all attached databases.
+*/
+#if SQLITE_MAX_ATTACHED>30
+ typedef unsigned char yDbMask[(SQLITE_MAX_ATTACHED+9)/8];
+# define DbMaskTest(M,I) (((M)[(I)/8]&(1<<((I)&7)))!=0)
+# define DbMaskZero(M) memset((M),0,sizeof(M))
+# define DbMaskSet(M,I) (M)[(I)/8]|=(1<<((I)&7))
+# define DbMaskAllZero(M) sqlite3DbMaskAllZero(M)
+# define DbMaskNonZero(M) (sqlite3DbMaskAllZero(M)==0)
+#else
+ typedef unsigned int yDbMask;
+# define DbMaskTest(M,I) (((M)&(((yDbMask)1)<<(I)))!=0)
+# define DbMaskZero(M) (M)=0
+# define DbMaskSet(M,I) (M)|=(((yDbMask)1)<<(I))
+# define DbMaskAllZero(M) (M)==0
+# define DbMaskNonZero(M) (M)!=0
+#endif
+
+/*
+** An SQL parser context. A copy of this structure is passed through
+** the parser and down into all the parser action routine in order to
+** carry around information that is global to the entire parse.
+**
+** The structure is divided into two parts. When the parser and code
+** generate call themselves recursively, the first part of the structure
+** is constant but the second part is reset at the beginning and end of
+** each recursion.
+**
+** The nTableLock and aTableLock variables are only used if the shared-cache
+** feature is enabled (if sqlite3Tsd()->useSharedData is true). They are
+** used to store the set of table-locks required by the statement being
+** compiled. Function sqlite3TableLock() is used to add entries to the
+** list.
+*/
+struct Parse {
+ sqlite3 *db; /* The main database structure */
+ char *zErrMsg; /* An error message */
+ Vdbe *pVdbe; /* An engine for executing database bytecode */
+ int rc; /* Return code from execution */
+ u8 colNamesSet; /* TRUE after OP_ColumnName has been issued to pVdbe */
+ u8 checkSchema; /* Causes schema cookie check after an error */
+ u8 nested; /* Number of nested calls to the parser/code generator */
+ u8 nTempReg; /* Number of temporary registers in aTempReg[] */
+ u8 isMultiWrite; /* True if statement may modify/insert multiple rows */
+ u8 mayAbort; /* True if statement may throw an ABORT exception */
+ u8 hasCompound; /* Need to invoke convertCompoundSelectToSubquery() */
+ u8 okConstFactor; /* OK to factor out constants */
+ int aTempReg[8]; /* Holding area for temporary registers */
+ int nRangeReg; /* Size of the temporary register block */
+ int iRangeReg; /* First register in temporary register block */
+ int nErr; /* Number of errors seen */
+ int nTab; /* Number of previously allocated VDBE cursors */
+ int nMem; /* Number of memory cells used so far */
+ int nSet; /* Number of sets used so far */
+ int nOnce; /* Number of OP_Once instructions so far */
+ int nOpAlloc; /* Number of slots allocated for Vdbe.aOp[] */
+ int szOpAlloc; /* Bytes of memory space allocated for Vdbe.aOp[] */
+ int iFixedOp; /* Never back out opcodes iFixedOp-1 or earlier */
+ int ckBase; /* Base register of data during check constraints */
+ int iSelfTab; /* Table of an index whose exprs are being coded */
+ int iCacheLevel; /* ColCache valid when aColCache[].iLevel<=iCacheLevel */
+ int iCacheCnt; /* Counter used to generate aColCache[].lru values */
+ int nLabel; /* Number of labels used */
+ int *aLabel; /* Space to hold the labels */
+ struct yColCache {
+ int iTable; /* Table cursor number */
+ i16 iColumn; /* Table column number */
+ u8 tempReg; /* iReg is a temp register that needs to be freed */
+ int iLevel; /* Nesting level */
+ int iReg; /* Reg with value of this column. 0 means none. */
+ int lru; /* Least recently used entry has the smallest value */
+ } aColCache[SQLITE_N_COLCACHE]; /* One for each column cache entry */
+ ExprList *pConstExpr;/* Constant expressions */
+ Token constraintName;/* Name of the constraint currently being parsed */
+ yDbMask writeMask; /* Start a write transaction on these databases */
+ yDbMask cookieMask; /* Bitmask of schema verified databases */
+ int cookieValue[SQLITE_MAX_ATTACHED+2]; /* Values of cookies to verify */
+ int regRowid; /* Register holding rowid of CREATE TABLE entry */
+ int regRoot; /* Register holding root page number for new objects */
+ int nMaxArg; /* Max args passed to user function by sub-program */
+#if SELECTTRACE_ENABLED
+ int nSelect; /* Number of SELECT statements seen */
+ int nSelectIndent; /* How far to indent SELECTTRACE() output */
+#endif
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ int nTableLock; /* Number of locks in aTableLock */
+ TableLock *aTableLock; /* Required table locks for shared-cache mode */
+#endif
+ AutoincInfo *pAinc; /* Information about AUTOINCREMENT counters */
+
+ /* Information used while coding trigger programs. */
+ Parse *pToplevel; /* Parse structure for main program (or NULL) */
+ Table *pTriggerTab; /* Table triggers are being coded for */
+ int addrCrTab; /* Address of OP_CreateTable opcode on CREATE TABLE */
+ u32 nQueryLoop; /* Est number of iterations of a query (10*log2(N)) */
+ u32 oldmask; /* Mask of old.* columns referenced */
+ u32 newmask; /* Mask of new.* columns referenced */
+ u8 eTriggerOp; /* TK_UPDATE, TK_INSERT or TK_DELETE */
+ u8 eOrconf; /* Default ON CONFLICT policy for trigger steps */
+ u8 disableTriggers; /* True to disable triggers */
+
+ /************************************************************************
+ ** Above is constant between recursions. Below is reset before and after
+ ** each recursion. The boundary between these two regions is determined
+ ** using offsetof(Parse,nVar) so the nVar field must be the first field
+ ** in the recursive region.
+ ************************************************************************/
+
+ int nVar; /* Number of '?' variables seen in the SQL so far */
+ int nzVar; /* Number of available slots in azVar[] */
+ u8 iPkSortOrder; /* ASC or DESC for INTEGER PRIMARY KEY */
+ u8 explain; /* True if the EXPLAIN flag is found on the query */
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ u8 declareVtab; /* True if inside sqlite3_declare_vtab() */
+ int nVtabLock; /* Number of virtual tables to lock */
+#endif
+ int nAlias; /* Number of aliased result set columns */
+ int nHeight; /* Expression tree height of current sub-select */
+#ifndef SQLITE_OMIT_EXPLAIN
+ int iSelectId; /* ID of current select for EXPLAIN output */
+ int iNextSelectId; /* Next available select ID for EXPLAIN output */
+#endif
+ char **azVar; /* Pointers to names of parameters */
+ Vdbe *pReprepare; /* VM being reprepared (sqlite3Reprepare()) */
+ const char *zTail; /* All SQL text past the last semicolon parsed */
+ Table *pNewTable; /* A table being constructed by CREATE TABLE */
+ Trigger *pNewTrigger; /* Trigger under construct by a CREATE TRIGGER */
+ const char *zAuthContext; /* The 6th parameter to db->xAuth callbacks */
+ Token sNameToken; /* Token with unqualified schema object name */
+ Token sLastToken; /* The last token parsed */
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ Token sArg; /* Complete text of a module argument */
+ Table **apVtabLock; /* Pointer to virtual tables needing locking */
+#endif
+ Table *pZombieTab; /* List of Table objects to delete after code gen */
+ TriggerPrg *pTriggerPrg; /* Linked list of coded triggers */
+ With *pWith; /* Current WITH clause, or NULL */
+ With *pWithToFree; /* Free this WITH object at the end of the parse */
+};
+
+/*
+** Return true if currently inside an sqlite3_declare_vtab() call.
+*/
+#ifdef SQLITE_OMIT_VIRTUALTABLE
+ #define IN_DECLARE_VTAB 0
+#else
+ #define IN_DECLARE_VTAB (pParse->declareVtab)
+#endif
+
+/*
+** An instance of the following structure can be declared on a stack and used
+** to save the Parse.zAuthContext value so that it can be restored later.
+*/
+struct AuthContext {
+ const char *zAuthContext; /* Put saved Parse.zAuthContext here */
+ Parse *pParse; /* The Parse structure */
+};
+
+/*
+** Bitfield flags for P5 value in various opcodes.
+*/
+#define OPFLAG_NCHANGE 0x01 /* Set to update db->nChange */
+#define OPFLAG_EPHEM 0x01 /* OP_Column: Ephemeral output is ok */
+#define OPFLAG_LASTROWID 0x02 /* Set to update db->lastRowid */
+#define OPFLAG_ISUPDATE 0x04 /* This OP_Insert is an sql UPDATE */
+#define OPFLAG_APPEND 0x08 /* This is likely to be an append */
+#define OPFLAG_USESEEKRESULT 0x10 /* Try to avoid a seek in BtreeInsert() */
+#define OPFLAG_LENGTHARG 0x40 /* OP_Column only used for length() */
+#define OPFLAG_TYPEOFARG 0x80 /* OP_Column only used for typeof() */
+#define OPFLAG_BULKCSR 0x01 /* OP_Open** used to open bulk cursor */
+#define OPFLAG_SEEKEQ 0x02 /* OP_Open** cursor uses EQ seek only */
+#define OPFLAG_FORDELETE 0x08 /* OP_Open is opening for-delete csr */
+#define OPFLAG_P2ISREG 0x10 /* P2 to OP_Open** is a register number */
+#define OPFLAG_PERMUTE 0x01 /* OP_Compare: use the permutation */
+
+/*
+ * Each trigger present in the database schema is stored as an instance of
+ * struct Trigger.
+ *
+ * Pointers to instances of struct Trigger are stored in two ways.
+ * 1. In the "trigHash" hash table (part of the sqlite3* that represents the
+ * database). This allows Trigger structures to be retrieved by name.
+ * 2. All triggers associated with a single table form a linked list, using the
+ * pNext member of struct Trigger. A pointer to the first element of the
+ * linked list is stored as the "pTrigger" member of the associated
+ * struct Table.
+ *
+ * The "step_list" member points to the first element of a linked list
+ * containing the SQL statements specified as the trigger program.
+ */
+struct Trigger {
+ char *zName; /* The name of the trigger */
+ char *table; /* The table or view to which the trigger applies */
+ u8 op; /* One of TK_DELETE, TK_UPDATE, TK_INSERT */
+ u8 tr_tm; /* One of TRIGGER_BEFORE, TRIGGER_AFTER */
+ Expr *pWhen; /* The WHEN clause of the expression (may be NULL) */
+ IdList *pColumns; /* If this is an UPDATE OF <column-list> trigger,
+ the <column-list> is stored here */
+ Schema *pSchema; /* Schema containing the trigger */
+ Schema *pTabSchema; /* Schema containing the table */
+ TriggerStep *step_list; /* Link list of trigger program steps */
+ Trigger *pNext; /* Next trigger associated with the table */
+};
+
+/*
+** A trigger is either a BEFORE or an AFTER trigger. The following constants
+** determine which.
+**
+** If there are multiple triggers, you might of some BEFORE and some AFTER.
+** In that cases, the constants below can be ORed together.
+*/
+#define TRIGGER_BEFORE 1
+#define TRIGGER_AFTER 2
+
+/*
+ * An instance of struct TriggerStep is used to store a single SQL statement
+ * that is a part of a trigger-program.
+ *
+ * Instances of struct TriggerStep are stored in a singly linked list (linked
+ * using the "pNext" member) referenced by the "step_list" member of the
+ * associated struct Trigger instance. The first element of the linked list is
+ * the first step of the trigger-program.
+ *
+ * The "op" member indicates whether this is a "DELETE", "INSERT", "UPDATE" or
+ * "SELECT" statement. The meanings of the other members is determined by the
+ * value of "op" as follows:
+ *
+ * (op == TK_INSERT)
+ * orconf -> stores the ON CONFLICT algorithm
+ * pSelect -> If this is an INSERT INTO ... SELECT ... statement, then
+ * this stores a pointer to the SELECT statement. Otherwise NULL.
+ * zTarget -> Dequoted name of the table to insert into.
+ * pExprList -> If this is an INSERT INTO ... VALUES ... statement, then
+ * this stores values to be inserted. Otherwise NULL.
+ * pIdList -> If this is an INSERT INTO ... (<column-names>) VALUES ...
+ * statement, then this stores the column-names to be
+ * inserted into.
+ *
+ * (op == TK_DELETE)
+ * zTarget -> Dequoted name of the table to delete from.
+ * pWhere -> The WHERE clause of the DELETE statement if one is specified.
+ * Otherwise NULL.
+ *
+ * (op == TK_UPDATE)
+ * zTarget -> Dequoted name of the table to update.
+ * pWhere -> The WHERE clause of the UPDATE statement if one is specified.
+ * Otherwise NULL.
+ * pExprList -> A list of the columns to update and the expressions to update
+ * them to. See sqlite3Update() documentation of "pChanges"
+ * argument.
+ *
+ */
+struct TriggerStep {
+ u8 op; /* One of TK_DELETE, TK_UPDATE, TK_INSERT, TK_SELECT */
+ u8 orconf; /* OE_Rollback etc. */
+ Trigger *pTrig; /* The trigger that this step is a part of */
+ Select *pSelect; /* SELECT statement or RHS of INSERT INTO SELECT ... */
+ char *zTarget; /* Target table for DELETE, UPDATE, INSERT */
+ Expr *pWhere; /* The WHERE clause for DELETE or UPDATE steps */
+ ExprList *pExprList; /* SET clause for UPDATE. */
+ IdList *pIdList; /* Column names for INSERT */
+ TriggerStep *pNext; /* Next in the link-list */
+ TriggerStep *pLast; /* Last element in link-list. Valid for 1st elem only */
+};
+
+/*
+** The following structure contains information used by the sqliteFix...
+** routines as they walk the parse tree to make database references
+** explicit.
+*/
+typedef struct DbFixer DbFixer;
+struct DbFixer {
+ Parse *pParse; /* The parsing context. Error messages written here */
+ Schema *pSchema; /* Fix items to this schema */
+ int bVarOnly; /* Check for variable references only */
+ const char *zDb; /* Make sure all objects are contained in this database */
+ const char *zType; /* Type of the container - used for error messages */
+ const Token *pName; /* Name of the container - used for error messages */
+};
+
+/*
+** An objected used to accumulate the text of a string where we
+** do not necessarily know how big the string will be in the end.
+*/
+struct StrAccum {
+ sqlite3 *db; /* Optional database for lookaside. Can be NULL */
+ char *zBase; /* A base allocation. Not from malloc. */
+ char *zText; /* The string collected so far */
+ u32 nChar; /* Length of the string so far */
+ u32 nAlloc; /* Amount of space allocated in zText */
+ u32 mxAlloc; /* Maximum allowed allocation. 0 for no malloc usage */
+ u8 accError; /* STRACCUM_NOMEM or STRACCUM_TOOBIG */
+ u8 bMalloced; /* zText points to allocated space */
+};
+#define STRACCUM_NOMEM 1
+#define STRACCUM_TOOBIG 2
+
+/*
+** A pointer to this structure is used to communicate information
+** from sqlite3Init and OP_ParseSchema into the sqlite3InitCallback.
+*/
+typedef struct {
+ sqlite3 *db; /* The database being initialized */
+ char **pzErrMsg; /* Error message stored here */
+ int iDb; /* 0 for main database. 1 for TEMP, 2.. for ATTACHed */
+ int rc; /* Result code stored here */
+} InitData;
+
+/*
+** Structure containing global configuration data for the SQLite library.
+**
+** This structure also contains some state information.
+*/
+struct Sqlite3Config {
+ int bMemstat; /* True to enable memory status */
+ int bCoreMutex; /* True to enable core mutexing */
+ int bFullMutex; /* True to enable full mutexing */
+ int bOpenUri; /* True to interpret filenames as URIs */
+ int bUseCis; /* Use covering indices for full-scans */
+ int mxStrlen; /* Maximum string length */
+ int neverCorrupt; /* Database is always well-formed */
+ int szLookaside; /* Default lookaside buffer size */
+ int nLookaside; /* Default lookaside buffer count */
+ sqlite3_mem_methods m; /* Low-level memory allocation interface */
+ sqlite3_mutex_methods mutex; /* Low-level mutex interface */
+ sqlite3_pcache_methods2 pcache2; /* Low-level page-cache interface */
+ void *pHeap; /* Heap storage space */
+ int nHeap; /* Size of pHeap[] */
+ int mnReq, mxReq; /* Min and max heap requests sizes */
+ sqlite3_int64 szMmap; /* mmap() space per open file */
+ sqlite3_int64 mxMmap; /* Maximum value for szMmap */
+ void *pScratch; /* Scratch memory */
+ int szScratch; /* Size of each scratch buffer */
+ int nScratch; /* Number of scratch buffers */
+ void *pPage; /* Page cache memory */
+ int szPage; /* Size of each page in pPage[] */
+ int nPage; /* Number of pages in pPage[] */
+ int mxParserStack; /* maximum depth of the parser stack */
+ int sharedCacheEnabled; /* true if shared-cache mode enabled */
+ u32 szPma; /* Maximum Sorter PMA size */
+ /* The above might be initialized to non-zero. The following need to always
+ ** initially be zero, however. */
+ int isInit; /* True after initialization has finished */
+ int inProgress; /* True while initialization in progress */
+ int isMutexInit; /* True after mutexes are initialized */
+ int isMallocInit; /* True after malloc is initialized */
+ int isPCacheInit; /* True after malloc is initialized */
+ int nRefInitMutex; /* Number of users of pInitMutex */
+ sqlite3_mutex *pInitMutex; /* Mutex used by sqlite3_initialize() */
+ void (*xLog)(void*,int,const char*); /* Function for logging */
+ void *pLogArg; /* First argument to xLog() */
+#ifdef SQLITE_ENABLE_SQLLOG
+ void(*xSqllog)(void*,sqlite3*,const char*, int);
+ void *pSqllogArg;
+#endif
+#ifdef SQLITE_VDBE_COVERAGE
+ /* The following callback (if not NULL) is invoked on every VDBE branch
+ ** operation. Set the callback using SQLITE_TESTCTRL_VDBE_COVERAGE.
+ */
+ void (*xVdbeBranch)(void*,int iSrcLine,u8 eThis,u8 eMx); /* Callback */
+ void *pVdbeBranchArg; /* 1st argument */
+#endif
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+ int (*xTestCallback)(int); /* Invoked by sqlite3FaultSim() */
+#endif
+ int bLocaltimeFault; /* True to fail localtime() calls */
+};
+
+/*
+** This macro is used inside of assert() statements to indicate that
+** the assert is only valid on a well-formed database. Instead of:
+**
+** assert( X );
+**
+** One writes:
+**
+** assert( X || CORRUPT_DB );
+**
+** CORRUPT_DB is true during normal operation. CORRUPT_DB does not indicate
+** that the database is definitely corrupt, only that it might be corrupt.
+** For most test cases, CORRUPT_DB is set to false using a special
+** sqlite3_test_control(). This enables assert() statements to prove
+** things that are always true for well-formed databases.
+*/
+#define CORRUPT_DB (sqlite3Config.neverCorrupt==0)
+
+/*
+** Context pointer passed down through the tree-walk.
+*/
+struct Walker {
+ int (*xExprCallback)(Walker*, Expr*); /* Callback for expressions */
+ int (*xSelectCallback)(Walker*,Select*); /* Callback for SELECTs */
+ void (*xSelectCallback2)(Walker*,Select*);/* Second callback for SELECTs */
+ Parse *pParse; /* Parser context. */
+ int walkerDepth; /* Number of subqueries */
+ u8 eCode; /* A small processing code */
+ union { /* Extra data for callback */
+ NameContext *pNC; /* Naming context */
+ int n; /* A counter */
+ int iCur; /* A cursor number */
+ SrcList *pSrcList; /* FROM clause */
+ struct SrcCount *pSrcCount; /* Counting column references */
+ struct CCurHint *pCCurHint; /* Used by codeCursorHint() */
+ } u;
+};
+
+/* Forward declarations */
+SQLITE_PRIVATE int sqlite3WalkExpr(Walker*, Expr*);
+SQLITE_PRIVATE int sqlite3WalkExprList(Walker*, ExprList*);
+SQLITE_PRIVATE int sqlite3WalkSelect(Walker*, Select*);
+SQLITE_PRIVATE int sqlite3WalkSelectExpr(Walker*, Select*);
+SQLITE_PRIVATE int sqlite3WalkSelectFrom(Walker*, Select*);
+SQLITE_PRIVATE int sqlite3ExprWalkNoop(Walker*, Expr*);
+
+/*
+** Return code from the parse-tree walking primitives and their
+** callbacks.
+*/
+#define WRC_Continue 0 /* Continue down into children */
+#define WRC_Prune 1 /* Omit children but continue walking siblings */
+#define WRC_Abort 2 /* Abandon the tree walk */
+
+/*
+** An instance of this structure represents a set of one or more CTEs
+** (common table expressions) created by a single WITH clause.
+*/
+struct With {
+ int nCte; /* Number of CTEs in the WITH clause */
+ With *pOuter; /* Containing WITH clause, or NULL */
+ struct Cte { /* For each CTE in the WITH clause.... */
+ char *zName; /* Name of this CTE */
+ ExprList *pCols; /* List of explicit column names, or NULL */
+ Select *pSelect; /* The definition of this CTE */
+ const char *zCteErr; /* Error message for circular references */
+ } a[1];
+};
+
+#ifdef SQLITE_DEBUG
+/*
+** An instance of the TreeView object is used for printing the content of
+** data structures on sqlite3DebugPrintf() using a tree-like view.
+*/
+struct TreeView {
+ int iLevel; /* Which level of the tree we are on */
+ u8 bLine[100]; /* Draw vertical in column i if bLine[i] is true */
+};
+#endif /* SQLITE_DEBUG */
+
+/*
+** Assuming zIn points to the first byte of a UTF-8 character,
+** advance zIn to point to the first byte of the next UTF-8 character.
+*/
+#define SQLITE_SKIP_UTF8(zIn) { \
+ if( (*(zIn++))>=0xc0 ){ \
+ while( (*zIn & 0xc0)==0x80 ){ zIn++; } \
+ } \
+}
+
+/*
+** The SQLITE_*_BKPT macros are substitutes for the error codes with
+** the same name but without the _BKPT suffix. These macros invoke
+** routines that report the line-number on which the error originated
+** using sqlite3_log(). The routines also provide a convenient place
+** to set a debugger breakpoint.
+*/
+SQLITE_PRIVATE int sqlite3CorruptError(int);
+SQLITE_PRIVATE int sqlite3MisuseError(int);
+SQLITE_PRIVATE int sqlite3CantopenError(int);
+#define SQLITE_CORRUPT_BKPT sqlite3CorruptError(__LINE__)
+#define SQLITE_MISUSE_BKPT sqlite3MisuseError(__LINE__)
+#define SQLITE_CANTOPEN_BKPT sqlite3CantopenError(__LINE__)
+
+
+/*
+** FTS4 is really an extension for FTS3. It is enabled using the
+** SQLITE_ENABLE_FTS3 macro. But to avoid confusion we also call
+** the SQLITE_ENABLE_FTS4 macro to serve as an alias for SQLITE_ENABLE_FTS3.
+*/
+#if defined(SQLITE_ENABLE_FTS4) && !defined(SQLITE_ENABLE_FTS3)
+# define SQLITE_ENABLE_FTS3 1
+#endif
+
+/*
+** The ctype.h header is needed for non-ASCII systems. It is also
+** needed by FTS3 when FTS3 is included in the amalgamation.
+*/
+#if !defined(SQLITE_ASCII) || \
+ (defined(SQLITE_ENABLE_FTS3) && defined(SQLITE_AMALGAMATION))
+# include <ctype.h>
+#endif
+
+/*
+** The following macros mimic the standard library functions toupper(),
+** isspace(), isalnum(), isdigit() and isxdigit(), respectively. The
+** sqlite versions only work for ASCII characters, regardless of locale.
+*/
+#ifdef SQLITE_ASCII
+# define sqlite3Toupper(x) ((x)&~(sqlite3CtypeMap[(unsigned char)(x)]&0x20))
+# define sqlite3Isspace(x) (sqlite3CtypeMap[(unsigned char)(x)]&0x01)
+# define sqlite3Isalnum(x) (sqlite3CtypeMap[(unsigned char)(x)]&0x06)
+# define sqlite3Isalpha(x) (sqlite3CtypeMap[(unsigned char)(x)]&0x02)
+# define sqlite3Isdigit(x) (sqlite3CtypeMap[(unsigned char)(x)]&0x04)
+# define sqlite3Isxdigit(x) (sqlite3CtypeMap[(unsigned char)(x)]&0x08)
+# define sqlite3Tolower(x) (sqlite3UpperToLower[(unsigned char)(x)])
+#else
+# define sqlite3Toupper(x) toupper((unsigned char)(x))
+# define sqlite3Isspace(x) isspace((unsigned char)(x))
+# define sqlite3Isalnum(x) isalnum((unsigned char)(x))
+# define sqlite3Isalpha(x) isalpha((unsigned char)(x))
+# define sqlite3Isdigit(x) isdigit((unsigned char)(x))
+# define sqlite3Isxdigit(x) isxdigit((unsigned char)(x))
+# define sqlite3Tolower(x) tolower((unsigned char)(x))
+#endif
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+SQLITE_PRIVATE int sqlite3IsIdChar(u8);
+#endif
+
+/*
+** Internal function prototypes
+*/
+#define sqlite3StrICmp sqlite3_stricmp
+SQLITE_PRIVATE int sqlite3Strlen30(const char*);
+#define sqlite3StrNICmp sqlite3_strnicmp
+
+SQLITE_PRIVATE int sqlite3MallocInit(void);
+SQLITE_PRIVATE void sqlite3MallocEnd(void);
+SQLITE_PRIVATE void *sqlite3Malloc(u64);
+SQLITE_PRIVATE void *sqlite3MallocZero(u64);
+SQLITE_PRIVATE void *sqlite3DbMallocZero(sqlite3*, u64);
+SQLITE_PRIVATE void *sqlite3DbMallocRaw(sqlite3*, u64);
+SQLITE_PRIVATE char *sqlite3DbStrDup(sqlite3*,const char*);
+SQLITE_PRIVATE char *sqlite3DbStrNDup(sqlite3*,const char*, u64);
+SQLITE_PRIVATE void *sqlite3Realloc(void*, u64);
+SQLITE_PRIVATE void *sqlite3DbReallocOrFree(sqlite3 *, void *, u64);
+SQLITE_PRIVATE void *sqlite3DbRealloc(sqlite3 *, void *, u64);
+SQLITE_PRIVATE void sqlite3DbFree(sqlite3*, void*);
+SQLITE_PRIVATE int sqlite3MallocSize(void*);
+SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3*, void*);
+SQLITE_PRIVATE void *sqlite3ScratchMalloc(int);
+SQLITE_PRIVATE void sqlite3ScratchFree(void*);
+SQLITE_PRIVATE void *sqlite3PageMalloc(int);
+SQLITE_PRIVATE void sqlite3PageFree(void*);
+SQLITE_PRIVATE void sqlite3MemSetDefault(void);
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+SQLITE_PRIVATE void sqlite3BenignMallocHooks(void (*)(void), void (*)(void));
+#endif
+SQLITE_PRIVATE int sqlite3HeapNearlyFull(void);
+
+/*
+** On systems with ample stack space and that support alloca(), make
+** use of alloca() to obtain space for large automatic objects. By default,
+** obtain space from malloc().
+**
+** The alloca() routine never returns NULL. This will cause code paths
+** that deal with sqlite3StackAlloc() failures to be unreachable.
+*/
+#ifdef SQLITE_USE_ALLOCA
+# define sqlite3StackAllocRaw(D,N) alloca(N)
+# define sqlite3StackAllocZero(D,N) memset(alloca(N), 0, N)
+# define sqlite3StackFree(D,P)
+#else
+# define sqlite3StackAllocRaw(D,N) sqlite3DbMallocRaw(D,N)
+# define sqlite3StackAllocZero(D,N) sqlite3DbMallocZero(D,N)
+# define sqlite3StackFree(D,P) sqlite3DbFree(D,P)
+#endif
+
+#ifdef SQLITE_ENABLE_MEMSYS3
+SQLITE_PRIVATE const sqlite3_mem_methods *sqlite3MemGetMemsys3(void);
+#endif
+#ifdef SQLITE_ENABLE_MEMSYS5
+SQLITE_PRIVATE const sqlite3_mem_methods *sqlite3MemGetMemsys5(void);
+#endif
+
+
+#ifndef SQLITE_MUTEX_OMIT
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3DefaultMutex(void);
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3NoopMutex(void);
+SQLITE_PRIVATE sqlite3_mutex *sqlite3MutexAlloc(int);
+SQLITE_PRIVATE int sqlite3MutexInit(void);
+SQLITE_PRIVATE int sqlite3MutexEnd(void);
+#endif
+#if !defined(SQLITE_MUTEX_OMIT) && !defined(SQLITE_MUTEX_NOOP)
+SQLITE_PRIVATE void sqlite3MemoryBarrier(void);
+#else
+# define sqlite3MemoryBarrier()
+#endif
+
+SQLITE_PRIVATE sqlite3_int64 sqlite3StatusValue(int);
+SQLITE_PRIVATE void sqlite3StatusUp(int, int);
+SQLITE_PRIVATE void sqlite3StatusDown(int, int);
+SQLITE_PRIVATE void sqlite3StatusHighwater(int, int);
+
+/* Access to mutexes used by sqlite3_status() */
+SQLITE_PRIVATE sqlite3_mutex *sqlite3Pcache1Mutex(void);
+SQLITE_PRIVATE sqlite3_mutex *sqlite3MallocMutex(void);
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+SQLITE_PRIVATE int sqlite3IsNaN(double);
+#else
+# define sqlite3IsNaN(X) 0
+#endif
+
+/*
+** An instance of the following structure holds information about SQL
+** functions arguments that are the parameters to the printf() function.
+*/
+struct PrintfArguments {
+ int nArg; /* Total number of arguments */
+ int nUsed; /* Number of arguments used so far */
+ sqlite3_value **apArg; /* The argument values */
+};
+
+#define SQLITE_PRINTF_INTERNAL 0x01
+#define SQLITE_PRINTF_SQLFUNC 0x02
+SQLITE_PRIVATE void sqlite3VXPrintf(StrAccum*, u32, const char*, va_list);
+SQLITE_PRIVATE void sqlite3XPrintf(StrAccum*, u32, const char*, ...);
+SQLITE_PRIVATE char *sqlite3MPrintf(sqlite3*,const char*, ...);
+SQLITE_PRIVATE char *sqlite3VMPrintf(sqlite3*,const char*, va_list);
+#if defined(SQLITE_DEBUG) || defined(SQLITE_HAVE_OS_TRACE)
+SQLITE_PRIVATE void sqlite3DebugPrintf(const char*, ...);
+#endif
+#if defined(SQLITE_TEST)
+SQLITE_PRIVATE void *sqlite3TestTextToPtr(const char*);
+#endif
+
+#if defined(SQLITE_DEBUG)
+SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView*, const Expr*, u8);
+SQLITE_PRIVATE void sqlite3TreeViewExprList(TreeView*, const ExprList*, u8, const char*);
+SQLITE_PRIVATE void sqlite3TreeViewSelect(TreeView*, const Select*, u8);
+SQLITE_PRIVATE void sqlite3TreeViewWith(TreeView*, const With*, u8);
+#endif
+
+
+SQLITE_PRIVATE void sqlite3SetString(char **, sqlite3*, const char*);
+SQLITE_PRIVATE void sqlite3ErrorMsg(Parse*, const char*, ...);
+SQLITE_PRIVATE int sqlite3Dequote(char*);
+SQLITE_PRIVATE int sqlite3KeywordCode(const unsigned char*, int);
+SQLITE_PRIVATE int sqlite3RunParser(Parse*, const char*, char **);
+SQLITE_PRIVATE void sqlite3FinishCoding(Parse*);
+SQLITE_PRIVATE int sqlite3GetTempReg(Parse*);
+SQLITE_PRIVATE void sqlite3ReleaseTempReg(Parse*,int);
+SQLITE_PRIVATE int sqlite3GetTempRange(Parse*,int);
+SQLITE_PRIVATE void sqlite3ReleaseTempRange(Parse*,int,int);
+SQLITE_PRIVATE void sqlite3ClearTempRegCache(Parse*);
+SQLITE_PRIVATE Expr *sqlite3ExprAlloc(sqlite3*,int,const Token*,int);
+SQLITE_PRIVATE Expr *sqlite3Expr(sqlite3*,int,const char*);
+SQLITE_PRIVATE void sqlite3ExprAttachSubtrees(sqlite3*,Expr*,Expr*,Expr*);
+SQLITE_PRIVATE Expr *sqlite3PExpr(Parse*, int, Expr*, Expr*, const Token*);
+SQLITE_PRIVATE Expr *sqlite3ExprAnd(sqlite3*,Expr*, Expr*);
+SQLITE_PRIVATE Expr *sqlite3ExprFunction(Parse*,ExprList*, Token*);
+SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse*, Expr*);
+SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3*, Expr*);
+SQLITE_PRIVATE ExprList *sqlite3ExprListAppend(Parse*,ExprList*,Expr*);
+SQLITE_PRIVATE void sqlite3ExprListSetSortOrder(ExprList*,int);
+SQLITE_PRIVATE void sqlite3ExprListSetName(Parse*,ExprList*,Token*,int);
+SQLITE_PRIVATE void sqlite3ExprListSetSpan(Parse*,ExprList*,ExprSpan*);
+SQLITE_PRIVATE void sqlite3ExprListDelete(sqlite3*, ExprList*);
+SQLITE_PRIVATE u32 sqlite3ExprListFlags(const ExprList*);
+SQLITE_PRIVATE int sqlite3Init(sqlite3*, char**);
+SQLITE_PRIVATE int sqlite3InitCallback(void*, int, char**, char**);
+SQLITE_PRIVATE void sqlite3Pragma(Parse*,Token*,Token*,Token*,int);
+SQLITE_PRIVATE void sqlite3ResetAllSchemasOfConnection(sqlite3*);
+SQLITE_PRIVATE void sqlite3ResetOneSchema(sqlite3*,int);
+SQLITE_PRIVATE void sqlite3CollapseDatabaseArray(sqlite3*);
+SQLITE_PRIVATE void sqlite3BeginParse(Parse*,int);
+SQLITE_PRIVATE void sqlite3CommitInternalChanges(sqlite3*);
+SQLITE_PRIVATE void sqlite3DeleteColumnNames(sqlite3*,Table*);
+SQLITE_PRIVATE int sqlite3ColumnsFromExprList(Parse*,ExprList*,i16*,Column**);
+SQLITE_PRIVATE Table *sqlite3ResultSetOfSelect(Parse*,Select*);
+SQLITE_PRIVATE void sqlite3OpenMasterTable(Parse *, int);
+SQLITE_PRIVATE Index *sqlite3PrimaryKeyIndex(Table*);
+SQLITE_PRIVATE i16 sqlite3ColumnOfIndex(Index*, i16);
+SQLITE_PRIVATE void sqlite3StartTable(Parse*,Token*,Token*,int,int,int,int);
+#if SQLITE_ENABLE_HIDDEN_COLUMNS
+SQLITE_PRIVATE void sqlite3ColumnPropertiesFromName(Table*, Column*);
+#else
+# define sqlite3ColumnPropertiesFromName(T,C) /* no-op */
+#endif
+SQLITE_PRIVATE void sqlite3AddColumn(Parse*,Token*);
+SQLITE_PRIVATE void sqlite3AddNotNull(Parse*, int);
+SQLITE_PRIVATE void sqlite3AddPrimaryKey(Parse*, ExprList*, int, int, int);
+SQLITE_PRIVATE void sqlite3AddCheckConstraint(Parse*, Expr*);
+SQLITE_PRIVATE void sqlite3AddColumnType(Parse*,Token*);
+SQLITE_PRIVATE void sqlite3AddDefaultValue(Parse*,ExprSpan*);
+SQLITE_PRIVATE void sqlite3AddCollateType(Parse*, Token*);
+SQLITE_PRIVATE void sqlite3EndTable(Parse*,Token*,Token*,u8,Select*);
+SQLITE_PRIVATE int sqlite3ParseUri(const char*,const char*,unsigned int*,
+ sqlite3_vfs**,char**,char **);
+SQLITE_PRIVATE Btree *sqlite3DbNameToBtree(sqlite3*,const char*);
+SQLITE_PRIVATE int sqlite3CodeOnce(Parse *);
+
+#ifdef SQLITE_OMIT_BUILTIN_TEST
+# define sqlite3FaultSim(X) SQLITE_OK
+#else
+SQLITE_PRIVATE int sqlite3FaultSim(int);
+#endif
+
+SQLITE_PRIVATE Bitvec *sqlite3BitvecCreate(u32);
+SQLITE_PRIVATE int sqlite3BitvecTest(Bitvec*, u32);
+SQLITE_PRIVATE int sqlite3BitvecTestNotNull(Bitvec*, u32);
+SQLITE_PRIVATE int sqlite3BitvecSet(Bitvec*, u32);
+SQLITE_PRIVATE void sqlite3BitvecClear(Bitvec*, u32, void*);
+SQLITE_PRIVATE void sqlite3BitvecDestroy(Bitvec*);
+SQLITE_PRIVATE u32 sqlite3BitvecSize(Bitvec*);
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+SQLITE_PRIVATE int sqlite3BitvecBuiltinTest(int,int*);
+#endif
+
+SQLITE_PRIVATE RowSet *sqlite3RowSetInit(sqlite3*, void*, unsigned int);
+SQLITE_PRIVATE void sqlite3RowSetClear(RowSet*);
+SQLITE_PRIVATE void sqlite3RowSetInsert(RowSet*, i64);
+SQLITE_PRIVATE int sqlite3RowSetTest(RowSet*, int iBatch, i64);
+SQLITE_PRIVATE int sqlite3RowSetNext(RowSet*, i64*);
+
+SQLITE_PRIVATE void sqlite3CreateView(Parse*,Token*,Token*,Token*,ExprList*,Select*,int,int);
+
+#if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE)
+SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse*,Table*);
+#else
+# define sqlite3ViewGetColumnNames(A,B) 0
+#endif
+
+#if SQLITE_MAX_ATTACHED>30
+SQLITE_PRIVATE int sqlite3DbMaskAllZero(yDbMask);
+#endif
+SQLITE_PRIVATE void sqlite3DropTable(Parse*, SrcList*, int, int);
+SQLITE_PRIVATE void sqlite3CodeDropTable(Parse*, Table*, int, int);
+SQLITE_PRIVATE void sqlite3DeleteTable(sqlite3*, Table*);
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+SQLITE_PRIVATE void sqlite3AutoincrementBegin(Parse *pParse);
+SQLITE_PRIVATE void sqlite3AutoincrementEnd(Parse *pParse);
+#else
+# define sqlite3AutoincrementBegin(X)
+# define sqlite3AutoincrementEnd(X)
+#endif
+SQLITE_PRIVATE void sqlite3Insert(Parse*, SrcList*, Select*, IdList*, int);
+SQLITE_PRIVATE void *sqlite3ArrayAllocate(sqlite3*,void*,int,int*,int*);
+SQLITE_PRIVATE IdList *sqlite3IdListAppend(sqlite3*, IdList*, Token*);
+SQLITE_PRIVATE int sqlite3IdListIndex(IdList*,const char*);
+SQLITE_PRIVATE SrcList *sqlite3SrcListEnlarge(sqlite3*, SrcList*, int, int);
+SQLITE_PRIVATE SrcList *sqlite3SrcListAppend(sqlite3*, SrcList*, Token*, Token*);
+SQLITE_PRIVATE SrcList *sqlite3SrcListAppendFromTerm(Parse*, SrcList*, Token*, Token*,
+ Token*, Select*, Expr*, IdList*);
+SQLITE_PRIVATE void sqlite3SrcListIndexedBy(Parse *, SrcList *, Token *);
+SQLITE_PRIVATE void sqlite3SrcListFuncArgs(Parse*, SrcList*, ExprList*);
+SQLITE_PRIVATE int sqlite3IndexedByLookup(Parse *, struct SrcList_item *);
+SQLITE_PRIVATE void sqlite3SrcListShiftJoinType(SrcList*);
+SQLITE_PRIVATE void sqlite3SrcListAssignCursors(Parse*, SrcList*);
+SQLITE_PRIVATE void sqlite3IdListDelete(sqlite3*, IdList*);
+SQLITE_PRIVATE void sqlite3SrcListDelete(sqlite3*, SrcList*);
+SQLITE_PRIVATE Index *sqlite3AllocateIndexObject(sqlite3*,i16,int,char**);
+SQLITE_PRIVATE Index *sqlite3CreateIndex(Parse*,Token*,Token*,SrcList*,ExprList*,int,Token*,
+ Expr*, int, int);
+SQLITE_PRIVATE void sqlite3DropIndex(Parse*, SrcList*, int);
+SQLITE_PRIVATE int sqlite3Select(Parse*, Select*, SelectDest*);
+SQLITE_PRIVATE Select *sqlite3SelectNew(Parse*,ExprList*,SrcList*,Expr*,ExprList*,
+ Expr*,ExprList*,u16,Expr*,Expr*);
+SQLITE_PRIVATE void sqlite3SelectDelete(sqlite3*, Select*);
+SQLITE_PRIVATE Table *sqlite3SrcListLookup(Parse*, SrcList*);
+SQLITE_PRIVATE int sqlite3IsReadOnly(Parse*, Table*, int);
+SQLITE_PRIVATE void sqlite3OpenTable(Parse*, int iCur, int iDb, Table*, int);
+#if defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY)
+SQLITE_PRIVATE Expr *sqlite3LimitWhere(Parse*,SrcList*,Expr*,ExprList*,Expr*,Expr*,char*);
+#endif
+SQLITE_PRIVATE void sqlite3DeleteFrom(Parse*, SrcList*, Expr*);
+SQLITE_PRIVATE void sqlite3Update(Parse*, SrcList*, ExprList*, Expr*, int);
+SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(Parse*,SrcList*,Expr*,ExprList*,ExprList*,u16,int);
+SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo*);
+SQLITE_PRIVATE u64 sqlite3WhereOutputRowCount(WhereInfo*);
+SQLITE_PRIVATE int sqlite3WhereIsDistinct(WhereInfo*);
+SQLITE_PRIVATE int sqlite3WhereIsOrdered(WhereInfo*);
+SQLITE_PRIVATE int sqlite3WhereIsSorted(WhereInfo*);
+SQLITE_PRIVATE int sqlite3WhereContinueLabel(WhereInfo*);
+SQLITE_PRIVATE int sqlite3WhereBreakLabel(WhereInfo*);
+SQLITE_PRIVATE int sqlite3WhereOkOnePass(WhereInfo*, int*);
+#define ONEPASS_OFF 0 /* Use of ONEPASS not allowed */
+#define ONEPASS_SINGLE 1 /* ONEPASS valid for a single row update */
+#define ONEPASS_MULTI 2 /* ONEPASS is valid for multiple rows */
+SQLITE_PRIVATE void sqlite3ExprCodeLoadIndexColumn(Parse*, Index*, int, int, int);
+SQLITE_PRIVATE int sqlite3ExprCodeGetColumn(Parse*, Table*, int, int, int, u8);
+SQLITE_PRIVATE void sqlite3ExprCodeGetColumnToReg(Parse*, Table*, int, int, int);
+SQLITE_PRIVATE void sqlite3ExprCodeGetColumnOfTable(Vdbe*, Table*, int, int, int);
+SQLITE_PRIVATE void sqlite3ExprCodeMove(Parse*, int, int, int);
+SQLITE_PRIVATE void sqlite3ExprCacheStore(Parse*, int, int, int);
+SQLITE_PRIVATE void sqlite3ExprCachePush(Parse*);
+SQLITE_PRIVATE void sqlite3ExprCachePop(Parse*);
+SQLITE_PRIVATE void sqlite3ExprCacheRemove(Parse*, int, int);
+SQLITE_PRIVATE void sqlite3ExprCacheClear(Parse*);
+SQLITE_PRIVATE void sqlite3ExprCacheAffinityChange(Parse*, int, int);
+SQLITE_PRIVATE void sqlite3ExprCode(Parse*, Expr*, int);
+SQLITE_PRIVATE void sqlite3ExprCodeCopy(Parse*, Expr*, int);
+SQLITE_PRIVATE void sqlite3ExprCodeFactorable(Parse*, Expr*, int);
+SQLITE_PRIVATE void sqlite3ExprCodeAtInit(Parse*, Expr*, int, u8);
+SQLITE_PRIVATE int sqlite3ExprCodeTemp(Parse*, Expr*, int*);
+SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse*, Expr*, int);
+SQLITE_PRIVATE void sqlite3ExprCodeAndCache(Parse*, Expr*, int);
+SQLITE_PRIVATE int sqlite3ExprCodeExprList(Parse*, ExprList*, int, int, u8);
+#define SQLITE_ECEL_DUP 0x01 /* Deep, not shallow copies */
+#define SQLITE_ECEL_FACTOR 0x02 /* Factor out constant terms */
+#define SQLITE_ECEL_REF 0x04 /* Use ExprList.u.x.iOrderByCol */
+SQLITE_PRIVATE void sqlite3ExprIfTrue(Parse*, Expr*, int, int);
+SQLITE_PRIVATE void sqlite3ExprIfFalse(Parse*, Expr*, int, int);
+SQLITE_PRIVATE void sqlite3ExprIfFalseDup(Parse*, Expr*, int, int);
+SQLITE_PRIVATE Table *sqlite3FindTable(sqlite3*,const char*, const char*);
+SQLITE_PRIVATE Table *sqlite3LocateTable(Parse*,int isView,const char*, const char*);
+SQLITE_PRIVATE Table *sqlite3LocateTableItem(Parse*,int isView,struct SrcList_item *);
+SQLITE_PRIVATE Index *sqlite3FindIndex(sqlite3*,const char*, const char*);
+SQLITE_PRIVATE void sqlite3UnlinkAndDeleteTable(sqlite3*,int,const char*);
+SQLITE_PRIVATE void sqlite3UnlinkAndDeleteIndex(sqlite3*,int,const char*);
+SQLITE_PRIVATE void sqlite3Vacuum(Parse*);
+SQLITE_PRIVATE int sqlite3RunVacuum(char**, sqlite3*);
+SQLITE_PRIVATE char *sqlite3NameFromToken(sqlite3*, Token*);
+SQLITE_PRIVATE int sqlite3ExprCompare(Expr*, Expr*, int);
+SQLITE_PRIVATE int sqlite3ExprListCompare(ExprList*, ExprList*, int);
+SQLITE_PRIVATE int sqlite3ExprImpliesExpr(Expr*, Expr*, int);
+SQLITE_PRIVATE void sqlite3ExprAnalyzeAggregates(NameContext*, Expr*);
+SQLITE_PRIVATE void sqlite3ExprAnalyzeAggList(NameContext*,ExprList*);
+SQLITE_PRIVATE int sqlite3FunctionUsesThisSrc(Expr*, SrcList*);
+SQLITE_PRIVATE Vdbe *sqlite3GetVdbe(Parse*);
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+SQLITE_PRIVATE void sqlite3PrngSaveState(void);
+SQLITE_PRIVATE void sqlite3PrngRestoreState(void);
+#endif
+SQLITE_PRIVATE void sqlite3RollbackAll(sqlite3*,int);
+SQLITE_PRIVATE void sqlite3CodeVerifySchema(Parse*, int);
+SQLITE_PRIVATE void sqlite3CodeVerifyNamedSchema(Parse*, const char *zDb);
+SQLITE_PRIVATE void sqlite3BeginTransaction(Parse*, int);
+SQLITE_PRIVATE void sqlite3CommitTransaction(Parse*);
+SQLITE_PRIVATE void sqlite3RollbackTransaction(Parse*);
+SQLITE_PRIVATE void sqlite3Savepoint(Parse*, int, Token*);
+SQLITE_PRIVATE void sqlite3CloseSavepoints(sqlite3 *);
+SQLITE_PRIVATE void sqlite3LeaveMutexAndCloseZombie(sqlite3*);
+SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr*);
+SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr*);
+SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr*, u8);
+SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr*,int);
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+SQLITE_PRIVATE int sqlite3ExprContainsSubquery(Expr*);
+#endif
+SQLITE_PRIVATE int sqlite3ExprIsInteger(Expr*, int*);
+SQLITE_PRIVATE int sqlite3ExprCanBeNull(const Expr*);
+SQLITE_PRIVATE int sqlite3ExprNeedsNoAffinityChange(const Expr*, char);
+SQLITE_PRIVATE int sqlite3IsRowid(const char*);
+SQLITE_PRIVATE void sqlite3GenerateRowDelete(
+ Parse*,Table*,Trigger*,int,int,int,i16,u8,u8,u8,int);
+SQLITE_PRIVATE void sqlite3GenerateRowIndexDelete(Parse*, Table*, int, int, int*, int);
+SQLITE_PRIVATE int sqlite3GenerateIndexKey(Parse*, Index*, int, int, int, int*,Index*,int);
+SQLITE_PRIVATE void sqlite3ResolvePartIdxLabel(Parse*,int);
+SQLITE_PRIVATE void sqlite3GenerateConstraintChecks(Parse*,Table*,int*,int,int,int,int,
+ u8,u8,int,int*);
+SQLITE_PRIVATE void sqlite3CompleteInsertion(Parse*,Table*,int,int,int,int*,int,int,int);
+SQLITE_PRIVATE int sqlite3OpenTableAndIndices(Parse*, Table*, int, u8, int, u8*, int*, int*);
+SQLITE_PRIVATE void sqlite3BeginWriteOperation(Parse*, int, int);
+SQLITE_PRIVATE void sqlite3MultiWrite(Parse*);
+SQLITE_PRIVATE void sqlite3MayAbort(Parse*);
+SQLITE_PRIVATE void sqlite3HaltConstraint(Parse*, int, int, char*, i8, u8);
+SQLITE_PRIVATE void sqlite3UniqueConstraint(Parse*, int, Index*);
+SQLITE_PRIVATE void sqlite3RowidConstraint(Parse*, int, Table*);
+SQLITE_PRIVATE Expr *sqlite3ExprDup(sqlite3*,Expr*,int);
+SQLITE_PRIVATE ExprList *sqlite3ExprListDup(sqlite3*,ExprList*,int);
+SQLITE_PRIVATE SrcList *sqlite3SrcListDup(sqlite3*,SrcList*,int);
+SQLITE_PRIVATE IdList *sqlite3IdListDup(sqlite3*,IdList*);
+SQLITE_PRIVATE Select *sqlite3SelectDup(sqlite3*,Select*,int);
+#if SELECTTRACE_ENABLED
+SQLITE_PRIVATE void sqlite3SelectSetName(Select*,const char*);
+#else
+# define sqlite3SelectSetName(A,B)
+#endif
+SQLITE_PRIVATE void sqlite3FuncDefInsert(FuncDefHash*, FuncDef*);
+SQLITE_PRIVATE FuncDef *sqlite3FindFunction(sqlite3*,const char*,int,int,u8,u8);
+SQLITE_PRIVATE void sqlite3RegisterBuiltinFunctions(sqlite3*);
+SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void);
+SQLITE_PRIVATE void sqlite3RegisterGlobalFunctions(void);
+SQLITE_PRIVATE int sqlite3SafetyCheckOk(sqlite3*);
+SQLITE_PRIVATE int sqlite3SafetyCheckSickOrOk(sqlite3*);
+SQLITE_PRIVATE void sqlite3ChangeCookie(Parse*, int);
+
+#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
+SQLITE_PRIVATE void sqlite3MaterializeView(Parse*, Table*, Expr*, int);
+#endif
+
+#ifndef SQLITE_OMIT_TRIGGER
+SQLITE_PRIVATE void sqlite3BeginTrigger(Parse*, Token*,Token*,int,int,IdList*,SrcList*,
+ Expr*,int, int);
+SQLITE_PRIVATE void sqlite3FinishTrigger(Parse*, TriggerStep*, Token*);
+SQLITE_PRIVATE void sqlite3DropTrigger(Parse*, SrcList*, int);
+SQLITE_PRIVATE void sqlite3DropTriggerPtr(Parse*, Trigger*);
+SQLITE_PRIVATE Trigger *sqlite3TriggersExist(Parse *, Table*, int, ExprList*, int *pMask);
+SQLITE_PRIVATE Trigger *sqlite3TriggerList(Parse *, Table *);
+SQLITE_PRIVATE void sqlite3CodeRowTrigger(Parse*, Trigger *, int, ExprList*, int, Table *,
+ int, int, int);
+SQLITE_PRIVATE void sqlite3CodeRowTriggerDirect(Parse *, Trigger *, Table *, int, int, int);
+ void sqliteViewTriggers(Parse*, Table*, Expr*, int, ExprList*);
+SQLITE_PRIVATE void sqlite3DeleteTriggerStep(sqlite3*, TriggerStep*);
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerSelectStep(sqlite3*,Select*);
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerInsertStep(sqlite3*,Token*, IdList*,
+ Select*,u8);
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerUpdateStep(sqlite3*,Token*,ExprList*, Expr*, u8);
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerDeleteStep(sqlite3*,Token*, Expr*);
+SQLITE_PRIVATE void sqlite3DeleteTrigger(sqlite3*, Trigger*);
+SQLITE_PRIVATE void sqlite3UnlinkAndDeleteTrigger(sqlite3*,int,const char*);
+SQLITE_PRIVATE u32 sqlite3TriggerColmask(Parse*,Trigger*,ExprList*,int,int,Table*,int);
+# define sqlite3ParseToplevel(p) ((p)->pToplevel ? (p)->pToplevel : (p))
+# define sqlite3IsToplevel(p) ((p)->pToplevel==0)
+#else
+# define sqlite3TriggersExist(B,C,D,E,F) 0
+# define sqlite3DeleteTrigger(A,B)
+# define sqlite3DropTriggerPtr(A,B)
+# define sqlite3UnlinkAndDeleteTrigger(A,B,C)
+# define sqlite3CodeRowTrigger(A,B,C,D,E,F,G,H,I)
+# define sqlite3CodeRowTriggerDirect(A,B,C,D,E,F)
+# define sqlite3TriggerList(X, Y) 0
+# define sqlite3ParseToplevel(p) p
+# define sqlite3IsToplevel(p) 1
+# define sqlite3TriggerColmask(A,B,C,D,E,F,G) 0
+#endif
+
+SQLITE_PRIVATE int sqlite3JoinType(Parse*, Token*, Token*, Token*);
+SQLITE_PRIVATE void sqlite3CreateForeignKey(Parse*, ExprList*, Token*, ExprList*, int);
+SQLITE_PRIVATE void sqlite3DeferForeignKey(Parse*, int);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+SQLITE_PRIVATE void sqlite3AuthRead(Parse*,Expr*,Schema*,SrcList*);
+SQLITE_PRIVATE int sqlite3AuthCheck(Parse*,int, const char*, const char*, const char*);
+SQLITE_PRIVATE void sqlite3AuthContextPush(Parse*, AuthContext*, const char*);
+SQLITE_PRIVATE void sqlite3AuthContextPop(AuthContext*);
+SQLITE_PRIVATE int sqlite3AuthReadCol(Parse*, const char *, const char *, int);
+#else
+# define sqlite3AuthRead(a,b,c,d)
+# define sqlite3AuthCheck(a,b,c,d,e) SQLITE_OK
+# define sqlite3AuthContextPush(a,b,c)
+# define sqlite3AuthContextPop(a) ((void)(a))
+#endif
+SQLITE_PRIVATE void sqlite3Attach(Parse*, Expr*, Expr*, Expr*);
+SQLITE_PRIVATE void sqlite3Detach(Parse*, Expr*);
+SQLITE_PRIVATE void sqlite3FixInit(DbFixer*, Parse*, int, const char*, const Token*);
+SQLITE_PRIVATE int sqlite3FixSrcList(DbFixer*, SrcList*);
+SQLITE_PRIVATE int sqlite3FixSelect(DbFixer*, Select*);
+SQLITE_PRIVATE int sqlite3FixExpr(DbFixer*, Expr*);
+SQLITE_PRIVATE int sqlite3FixExprList(DbFixer*, ExprList*);
+SQLITE_PRIVATE int sqlite3FixTriggerStep(DbFixer*, TriggerStep*);
+SQLITE_PRIVATE int sqlite3AtoF(const char *z, double*, int, u8);
+SQLITE_PRIVATE int sqlite3GetInt32(const char *, int*);
+SQLITE_PRIVATE int sqlite3Atoi(const char*);
+SQLITE_PRIVATE int sqlite3Utf16ByteLen(const void *pData, int nChar);
+SQLITE_PRIVATE int sqlite3Utf8CharLen(const char *pData, int nByte);
+SQLITE_PRIVATE u32 sqlite3Utf8Read(const u8**);
+SQLITE_PRIVATE LogEst sqlite3LogEst(u64);
+SQLITE_PRIVATE LogEst sqlite3LogEstAdd(LogEst,LogEst);
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+SQLITE_PRIVATE LogEst sqlite3LogEstFromDouble(double);
+#endif
+SQLITE_PRIVATE u64 sqlite3LogEstToInt(LogEst);
+
+/*
+** Routines to read and write variable-length integers. These used to
+** be defined locally, but now we use the varint routines in the util.c
+** file.
+*/
+SQLITE_PRIVATE int sqlite3PutVarint(unsigned char*, u64);
+SQLITE_PRIVATE u8 sqlite3GetVarint(const unsigned char *, u64 *);
+SQLITE_PRIVATE u8 sqlite3GetVarint32(const unsigned char *, u32 *);
+SQLITE_PRIVATE int sqlite3VarintLen(u64 v);
+
+/*
+** The common case is for a varint to be a single byte. They following
+** macros handle the common case without a procedure call, but then call
+** the procedure for larger varints.
+*/
+#define getVarint32(A,B) \
+ (u8)((*(A)<(u8)0x80)?((B)=(u32)*(A)),1:sqlite3GetVarint32((A),(u32 *)&(B)))
+#define putVarint32(A,B) \
+ (u8)(((u32)(B)<(u32)0x80)?(*(A)=(unsigned char)(B)),1:\
+ sqlite3PutVarint((A),(B)))
+#define getVarint sqlite3GetVarint
+#define putVarint sqlite3PutVarint
+
+
+SQLITE_PRIVATE const char *sqlite3IndexAffinityStr(sqlite3*, Index*);
+SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe*, Table*, int);
+SQLITE_PRIVATE char sqlite3CompareAffinity(Expr *pExpr, char aff2);
+SQLITE_PRIVATE int sqlite3IndexAffinityOk(Expr *pExpr, char idx_affinity);
+SQLITE_PRIVATE char sqlite3ExprAffinity(Expr *pExpr);
+SQLITE_PRIVATE int sqlite3Atoi64(const char*, i64*, int, u8);
+SQLITE_PRIVATE int sqlite3DecOrHexToI64(const char*, i64*);
+SQLITE_PRIVATE void sqlite3ErrorWithMsg(sqlite3*, int, const char*,...);
+SQLITE_PRIVATE void sqlite3Error(sqlite3*,int);
+SQLITE_PRIVATE void *sqlite3HexToBlob(sqlite3*, const char *z, int n);
+SQLITE_PRIVATE u8 sqlite3HexToInt(int h);
+SQLITE_PRIVATE int sqlite3TwoPartName(Parse *, Token *, Token *, Token **);
+
+#if defined(SQLITE_NEED_ERR_NAME)
+SQLITE_PRIVATE const char *sqlite3ErrName(int);
+#endif
+
+SQLITE_PRIVATE const char *sqlite3ErrStr(int);
+SQLITE_PRIVATE int sqlite3ReadSchema(Parse *pParse);
+SQLITE_PRIVATE CollSeq *sqlite3FindCollSeq(sqlite3*,u8 enc, const char*,int);
+SQLITE_PRIVATE CollSeq *sqlite3LocateCollSeq(Parse *pParse, const char*zName);
+SQLITE_PRIVATE CollSeq *sqlite3ExprCollSeq(Parse *pParse, Expr *pExpr);
+SQLITE_PRIVATE Expr *sqlite3ExprAddCollateToken(Parse *pParse, Expr*, const Token*, int);
+SQLITE_PRIVATE Expr *sqlite3ExprAddCollateString(Parse*,Expr*,const char*);
+SQLITE_PRIVATE Expr *sqlite3ExprSkipCollate(Expr*);
+SQLITE_PRIVATE int sqlite3CheckCollSeq(Parse *, CollSeq *);
+SQLITE_PRIVATE int sqlite3CheckObjectName(Parse *, const char *);
+SQLITE_PRIVATE void sqlite3VdbeSetChanges(sqlite3 *, int);
+SQLITE_PRIVATE int sqlite3AddInt64(i64*,i64);
+SQLITE_PRIVATE int sqlite3SubInt64(i64*,i64);
+SQLITE_PRIVATE int sqlite3MulInt64(i64*,i64);
+SQLITE_PRIVATE int sqlite3AbsInt32(int);
+#ifdef SQLITE_ENABLE_8_3_NAMES
+SQLITE_PRIVATE void sqlite3FileSuffix3(const char*, char*);
+#else
+# define sqlite3FileSuffix3(X,Y)
+#endif
+SQLITE_PRIVATE u8 sqlite3GetBoolean(const char *z,u8);
+
+SQLITE_PRIVATE const void *sqlite3ValueText(sqlite3_value*, u8);
+SQLITE_PRIVATE int sqlite3ValueBytes(sqlite3_value*, u8);
+SQLITE_PRIVATE void sqlite3ValueSetStr(sqlite3_value*, int, const void *,u8,
+ void(*)(void*));
+SQLITE_PRIVATE void sqlite3ValueSetNull(sqlite3_value*);
+SQLITE_PRIVATE void sqlite3ValueFree(sqlite3_value*);
+SQLITE_PRIVATE sqlite3_value *sqlite3ValueNew(sqlite3 *);
+SQLITE_PRIVATE char *sqlite3Utf16to8(sqlite3 *, const void*, int, u8);
+SQLITE_PRIVATE int sqlite3ValueFromExpr(sqlite3 *, Expr *, u8, u8, sqlite3_value **);
+SQLITE_PRIVATE void sqlite3ValueApplyAffinity(sqlite3_value *, u8, u8);
+#ifndef SQLITE_AMALGAMATION
+SQLITE_PRIVATE const unsigned char sqlite3OpcodeProperty[];
+SQLITE_PRIVATE const char sqlite3StrBINARY[];
+SQLITE_PRIVATE const unsigned char sqlite3UpperToLower[];
+SQLITE_PRIVATE const unsigned char sqlite3CtypeMap[];
+SQLITE_PRIVATE const Token sqlite3IntTokens[];
+SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config;
+SQLITE_PRIVATE SQLITE_WSD FuncDefHash sqlite3GlobalFunctions;
+#ifndef SQLITE_OMIT_WSD
+SQLITE_PRIVATE int sqlite3PendingByte;
+#endif
+#endif
+SQLITE_PRIVATE void sqlite3RootPageMoved(sqlite3*, int, int, int);
+SQLITE_PRIVATE void sqlite3Reindex(Parse*, Token*, Token*);
+SQLITE_PRIVATE void sqlite3AlterFunctions(void);
+SQLITE_PRIVATE void sqlite3AlterRenameTable(Parse*, SrcList*, Token*);
+SQLITE_PRIVATE int sqlite3GetToken(const unsigned char *, int *);
+SQLITE_PRIVATE void sqlite3NestedParse(Parse*, const char*, ...);
+SQLITE_PRIVATE void sqlite3ExpirePreparedStatements(sqlite3*);
+SQLITE_PRIVATE int sqlite3CodeSubselect(Parse *, Expr *, int, int);
+SQLITE_PRIVATE void sqlite3SelectPrep(Parse*, Select*, NameContext*);
+SQLITE_PRIVATE void sqlite3SelectWrongNumTermsError(Parse *pParse, Select *p);
+SQLITE_PRIVATE int sqlite3MatchSpanName(const char*, const char*, const char*, const char*);
+SQLITE_PRIVATE int sqlite3ResolveExprNames(NameContext*, Expr*);
+SQLITE_PRIVATE int sqlite3ResolveExprListNames(NameContext*, ExprList*);
+SQLITE_PRIVATE void sqlite3ResolveSelectNames(Parse*, Select*, NameContext*);
+SQLITE_PRIVATE void sqlite3ResolveSelfReference(Parse*,Table*,int,Expr*,ExprList*);
+SQLITE_PRIVATE int sqlite3ResolveOrderGroupBy(Parse*, Select*, ExprList*, const char*);
+SQLITE_PRIVATE void sqlite3ColumnDefault(Vdbe *, Table *, int, int);
+SQLITE_PRIVATE void sqlite3AlterFinishAddColumn(Parse *, Token *);
+SQLITE_PRIVATE void sqlite3AlterBeginAddColumn(Parse *, SrcList *);
+SQLITE_PRIVATE CollSeq *sqlite3GetCollSeq(Parse*, u8, CollSeq *, const char*);
+SQLITE_PRIVATE char sqlite3AffinityType(const char*, u8*);
+SQLITE_PRIVATE void sqlite3Analyze(Parse*, Token*, Token*);
+SQLITE_PRIVATE int sqlite3InvokeBusyHandler(BusyHandler*);
+SQLITE_PRIVATE int sqlite3FindDb(sqlite3*, Token*);
+SQLITE_PRIVATE int sqlite3FindDbName(sqlite3 *, const char *);
+SQLITE_PRIVATE int sqlite3AnalysisLoad(sqlite3*,int iDB);
+SQLITE_PRIVATE void sqlite3DeleteIndexSamples(sqlite3*,Index*);
+SQLITE_PRIVATE void sqlite3DefaultRowEst(Index*);
+SQLITE_PRIVATE void sqlite3RegisterLikeFunctions(sqlite3*, int);
+SQLITE_PRIVATE int sqlite3IsLikeFunction(sqlite3*,Expr*,int*,char*);
+SQLITE_PRIVATE void sqlite3MinimumFileFormat(Parse*, int, int);
+SQLITE_PRIVATE void sqlite3SchemaClear(void *);
+SQLITE_PRIVATE Schema *sqlite3SchemaGet(sqlite3 *, Btree *);
+SQLITE_PRIVATE int sqlite3SchemaToIndex(sqlite3 *db, Schema *);
+SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoAlloc(sqlite3*,int,int);
+SQLITE_PRIVATE void sqlite3KeyInfoUnref(KeyInfo*);
+SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoRef(KeyInfo*);
+SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoOfIndex(Parse*, Index*);
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE int sqlite3KeyInfoIsWriteable(KeyInfo*);
+#endif
+SQLITE_PRIVATE int sqlite3CreateFunc(sqlite3 *, const char *, int, int, void *,
+ void (*)(sqlite3_context*,int,sqlite3_value **),
+ void (*)(sqlite3_context*,int,sqlite3_value **), void (*)(sqlite3_context*),
+ FuncDestructor *pDestructor
+);
+SQLITE_PRIVATE int sqlite3ApiExit(sqlite3 *db, int);
+SQLITE_PRIVATE int sqlite3OpenTempDatabase(Parse *);
+
+SQLITE_PRIVATE void sqlite3StrAccumInit(StrAccum*, sqlite3*, char*, int, int);
+SQLITE_PRIVATE void sqlite3StrAccumAppend(StrAccum*,const char*,int);
+SQLITE_PRIVATE void sqlite3StrAccumAppendAll(StrAccum*,const char*);
+SQLITE_PRIVATE void sqlite3AppendChar(StrAccum*,int,char);
+SQLITE_PRIVATE char *sqlite3StrAccumFinish(StrAccum*);
+SQLITE_PRIVATE void sqlite3StrAccumReset(StrAccum*);
+SQLITE_PRIVATE void sqlite3SelectDestInit(SelectDest*,int,int);
+SQLITE_PRIVATE Expr *sqlite3CreateColumnExpr(sqlite3 *, SrcList *, int, int);
+
+SQLITE_PRIVATE void sqlite3BackupRestart(sqlite3_backup *);
+SQLITE_PRIVATE void sqlite3BackupUpdate(sqlite3_backup *, Pgno, const u8 *);
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+SQLITE_PRIVATE void sqlite3AnalyzeFunctions(void);
+SQLITE_PRIVATE int sqlite3Stat4ProbeSetValue(Parse*,Index*,UnpackedRecord**,Expr*,u8,int,int*);
+SQLITE_PRIVATE int sqlite3Stat4ValueFromExpr(Parse*, Expr*, u8, sqlite3_value**);
+SQLITE_PRIVATE void sqlite3Stat4ProbeFree(UnpackedRecord*);
+SQLITE_PRIVATE int sqlite3Stat4Column(sqlite3*, const void*, int, int, sqlite3_value**);
+#endif
+
+/*
+** The interface to the LEMON-generated parser
+*/
+SQLITE_PRIVATE void *sqlite3ParserAlloc(void*(*)(u64));
+SQLITE_PRIVATE void sqlite3ParserFree(void*, void(*)(void*));
+SQLITE_PRIVATE void sqlite3Parser(void*, int, Token, Parse*);
+#ifdef YYTRACKMAXSTACKDEPTH
+SQLITE_PRIVATE int sqlite3ParserStackPeak(void*);
+#endif
+
+SQLITE_PRIVATE void sqlite3AutoLoadExtensions(sqlite3*);
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+SQLITE_PRIVATE void sqlite3CloseExtensions(sqlite3*);
+#else
+# define sqlite3CloseExtensions(X)
+#endif
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+SQLITE_PRIVATE void sqlite3TableLock(Parse *, int, int, u8, const char *);
+#else
+ #define sqlite3TableLock(v,w,x,y,z)
+#endif
+
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE int sqlite3Utf8To8(unsigned char*);
+#endif
+
+#ifdef SQLITE_OMIT_VIRTUALTABLE
+# define sqlite3VtabClear(Y)
+# define sqlite3VtabSync(X,Y) SQLITE_OK
+# define sqlite3VtabRollback(X)
+# define sqlite3VtabCommit(X)
+# define sqlite3VtabInSync(db) 0
+# define sqlite3VtabLock(X)
+# define sqlite3VtabUnlock(X)
+# define sqlite3VtabUnlockList(X)
+# define sqlite3VtabSavepoint(X, Y, Z) SQLITE_OK
+# define sqlite3GetVTable(X,Y) ((VTable*)0)
+#else
+SQLITE_PRIVATE void sqlite3VtabClear(sqlite3 *db, Table*);
+SQLITE_PRIVATE void sqlite3VtabDisconnect(sqlite3 *db, Table *p);
+SQLITE_PRIVATE int sqlite3VtabSync(sqlite3 *db, Vdbe*);
+SQLITE_PRIVATE int sqlite3VtabRollback(sqlite3 *db);
+SQLITE_PRIVATE int sqlite3VtabCommit(sqlite3 *db);
+SQLITE_PRIVATE void sqlite3VtabLock(VTable *);
+SQLITE_PRIVATE void sqlite3VtabUnlock(VTable *);
+SQLITE_PRIVATE void sqlite3VtabUnlockList(sqlite3*);
+SQLITE_PRIVATE int sqlite3VtabSavepoint(sqlite3 *, int, int);
+SQLITE_PRIVATE void sqlite3VtabImportErrmsg(Vdbe*, sqlite3_vtab*);
+SQLITE_PRIVATE VTable *sqlite3GetVTable(sqlite3*, Table*);
+# define sqlite3VtabInSync(db) ((db)->nVTrans>0 && (db)->aVTrans==0)
+#endif
+SQLITE_PRIVATE int sqlite3VtabEponymousTableInit(Parse*,Module*);
+SQLITE_PRIVATE void sqlite3VtabEponymousTableClear(sqlite3*,Module*);
+SQLITE_PRIVATE void sqlite3VtabMakeWritable(Parse*,Table*);
+SQLITE_PRIVATE void sqlite3VtabBeginParse(Parse*, Token*, Token*, Token*, int);
+SQLITE_PRIVATE void sqlite3VtabFinishParse(Parse*, Token*);
+SQLITE_PRIVATE void sqlite3VtabArgInit(Parse*);
+SQLITE_PRIVATE void sqlite3VtabArgExtend(Parse*, Token*);
+SQLITE_PRIVATE int sqlite3VtabCallCreate(sqlite3*, int, const char *, char **);
+SQLITE_PRIVATE int sqlite3VtabCallConnect(Parse*, Table*);
+SQLITE_PRIVATE int sqlite3VtabCallDestroy(sqlite3*, int, const char *);
+SQLITE_PRIVATE int sqlite3VtabBegin(sqlite3 *, VTable *);
+SQLITE_PRIVATE FuncDef *sqlite3VtabOverloadFunction(sqlite3 *,FuncDef*, int nArg, Expr*);
+SQLITE_PRIVATE void sqlite3InvalidFunction(sqlite3_context*,int,sqlite3_value**);
+SQLITE_PRIVATE sqlite3_int64 sqlite3StmtCurrentTime(sqlite3_context*);
+SQLITE_PRIVATE int sqlite3VdbeParameterIndex(Vdbe*, const char*, int);
+SQLITE_PRIVATE int sqlite3TransferBindings(sqlite3_stmt *, sqlite3_stmt *);
+SQLITE_PRIVATE void sqlite3ParserReset(Parse*);
+SQLITE_PRIVATE int sqlite3Reprepare(Vdbe*);
+SQLITE_PRIVATE void sqlite3ExprListCheckLength(Parse*, ExprList*, const char*);
+SQLITE_PRIVATE CollSeq *sqlite3BinaryCompareCollSeq(Parse *, Expr *, Expr *);
+SQLITE_PRIVATE int sqlite3TempInMemory(const sqlite3*);
+SQLITE_PRIVATE const char *sqlite3JournalModename(int);
+#ifndef SQLITE_OMIT_WAL
+SQLITE_PRIVATE int sqlite3Checkpoint(sqlite3*, int, int, int*, int*);
+SQLITE_PRIVATE int sqlite3WalDefaultHook(void*,sqlite3*,const char*,int);
+#endif
+#ifndef SQLITE_OMIT_CTE
+SQLITE_PRIVATE With *sqlite3WithAdd(Parse*,With*,Token*,ExprList*,Select*);
+SQLITE_PRIVATE void sqlite3WithDelete(sqlite3*,With*);
+SQLITE_PRIVATE void sqlite3WithPush(Parse*, With*, u8);
+#else
+#define sqlite3WithPush(x,y,z)
+#define sqlite3WithDelete(x,y)
+#endif
+
+/* Declarations for functions in fkey.c. All of these are replaced by
+** no-op macros if OMIT_FOREIGN_KEY is defined. In this case no foreign
+** key functionality is available. If OMIT_TRIGGER is defined but
+** OMIT_FOREIGN_KEY is not, only some of the functions are no-oped. In
+** this case foreign keys are parsed, but no other functionality is
+** provided (enforcement of FK constraints requires the triggers sub-system).
+*/
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+SQLITE_PRIVATE void sqlite3FkCheck(Parse*, Table*, int, int, int*, int);
+SQLITE_PRIVATE void sqlite3FkDropTable(Parse*, SrcList *, Table*);
+SQLITE_PRIVATE void sqlite3FkActions(Parse*, Table*, ExprList*, int, int*, int);
+SQLITE_PRIVATE int sqlite3FkRequired(Parse*, Table*, int*, int);
+SQLITE_PRIVATE u32 sqlite3FkOldmask(Parse*, Table*);
+SQLITE_PRIVATE FKey *sqlite3FkReferences(Table *);
+#else
+ #define sqlite3FkActions(a,b,c,d,e,f)
+ #define sqlite3FkCheck(a,b,c,d,e,f)
+ #define sqlite3FkDropTable(a,b,c)
+ #define sqlite3FkOldmask(a,b) 0
+ #define sqlite3FkRequired(a,b,c,d) 0
+#endif
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+SQLITE_PRIVATE void sqlite3FkDelete(sqlite3 *, Table*);
+SQLITE_PRIVATE int sqlite3FkLocateIndex(Parse*,Table*,FKey*,Index**,int**);
+#else
+ #define sqlite3FkDelete(a,b)
+ #define sqlite3FkLocateIndex(a,b,c,d,e)
+#endif
+
+
+/*
+** Available fault injectors. Should be numbered beginning with 0.
+*/
+#define SQLITE_FAULTINJECTOR_MALLOC 0
+#define SQLITE_FAULTINJECTOR_COUNT 1
+
+/*
+** The interface to the code in fault.c used for identifying "benign"
+** malloc failures. This is only present if SQLITE_OMIT_BUILTIN_TEST
+** is not defined.
+*/
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+SQLITE_PRIVATE void sqlite3BeginBenignMalloc(void);
+SQLITE_PRIVATE void sqlite3EndBenignMalloc(void);
+#else
+ #define sqlite3BeginBenignMalloc()
+ #define sqlite3EndBenignMalloc()
+#endif
+
+/*
+** Allowed return values from sqlite3FindInIndex()
+*/
+#define IN_INDEX_ROWID 1 /* Search the rowid of the table */
+#define IN_INDEX_EPH 2 /* Search an ephemeral b-tree */
+#define IN_INDEX_INDEX_ASC 3 /* Existing index ASCENDING */
+#define IN_INDEX_INDEX_DESC 4 /* Existing index DESCENDING */
+#define IN_INDEX_NOOP 5 /* No table available. Use comparisons */
+/*
+** Allowed flags for the 3rd parameter to sqlite3FindInIndex().
+*/
+#define IN_INDEX_NOOP_OK 0x0001 /* OK to return IN_INDEX_NOOP */
+#define IN_INDEX_MEMBERSHIP 0x0002 /* IN operator used for membership test */
+#define IN_INDEX_LOOP 0x0004 /* IN operator used as a loop */
+SQLITE_PRIVATE int sqlite3FindInIndex(Parse *, Expr *, u32, int*);
+
+#ifdef SQLITE_ENABLE_ATOMIC_WRITE
+SQLITE_PRIVATE int sqlite3JournalOpen(sqlite3_vfs *, const char *, sqlite3_file *, int, int);
+SQLITE_PRIVATE int sqlite3JournalSize(sqlite3_vfs *);
+SQLITE_PRIVATE int sqlite3JournalCreate(sqlite3_file *);
+SQLITE_PRIVATE int sqlite3JournalExists(sqlite3_file *p);
+#else
+ #define sqlite3JournalSize(pVfs) ((pVfs)->szOsFile)
+ #define sqlite3JournalExists(p) 1
+#endif
+
+SQLITE_PRIVATE void sqlite3MemJournalOpen(sqlite3_file *);
+SQLITE_PRIVATE int sqlite3MemJournalSize(void);
+SQLITE_PRIVATE int sqlite3IsMemJournal(sqlite3_file *);
+
+SQLITE_PRIVATE void sqlite3ExprSetHeightAndFlags(Parse *pParse, Expr *p);
+#if SQLITE_MAX_EXPR_DEPTH>0
+SQLITE_PRIVATE int sqlite3SelectExprHeight(Select *);
+SQLITE_PRIVATE int sqlite3ExprCheckHeight(Parse*, int);
+#else
+ #define sqlite3SelectExprHeight(x) 0
+ #define sqlite3ExprCheckHeight(x,y)
+#endif
+
+SQLITE_PRIVATE u32 sqlite3Get4byte(const u8*);
+SQLITE_PRIVATE void sqlite3Put4byte(u8*, u32);
+
+#ifdef SQLITE_ENABLE_UNLOCK_NOTIFY
+SQLITE_PRIVATE void sqlite3ConnectionBlocked(sqlite3 *, sqlite3 *);
+SQLITE_PRIVATE void sqlite3ConnectionUnlocked(sqlite3 *db);
+SQLITE_PRIVATE void sqlite3ConnectionClosed(sqlite3 *db);
+#else
+ #define sqlite3ConnectionBlocked(x,y)
+ #define sqlite3ConnectionUnlocked(x)
+ #define sqlite3ConnectionClosed(x)
+#endif
+
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE void sqlite3ParserTrace(FILE*, char *);
+#endif
+
+/*
+** If the SQLITE_ENABLE IOTRACE exists then the global variable
+** sqlite3IoTrace is a pointer to a printf-like routine used to
+** print I/O tracing messages.
+*/
+#ifdef SQLITE_ENABLE_IOTRACE
+# define IOTRACE(A) if( sqlite3IoTrace ){ sqlite3IoTrace A; }
+SQLITE_PRIVATE void sqlite3VdbeIOTraceSql(Vdbe*);
+SQLITE_API SQLITE_EXTERN void (SQLITE_CDECL *sqlite3IoTrace)(const char*,...);
+#else
+# define IOTRACE(A)
+# define sqlite3VdbeIOTraceSql(X)
+#endif
+
+/*
+** These routines are available for the mem2.c debugging memory allocator
+** only. They are used to verify that different "types" of memory
+** allocations are properly tracked by the system.
+**
+** sqlite3MemdebugSetType() sets the "type" of an allocation to one of
+** the MEMTYPE_* macros defined below. The type must be a bitmask with
+** a single bit set.
+**
+** sqlite3MemdebugHasType() returns true if any of the bits in its second
+** argument match the type set by the previous sqlite3MemdebugSetType().
+** sqlite3MemdebugHasType() is intended for use inside assert() statements.
+**
+** sqlite3MemdebugNoType() returns true if none of the bits in its second
+** argument match the type set by the previous sqlite3MemdebugSetType().
+**
+** Perhaps the most important point is the difference between MEMTYPE_HEAP
+** and MEMTYPE_LOOKASIDE. If an allocation is MEMTYPE_LOOKASIDE, that means
+** it might have been allocated by lookaside, except the allocation was
+** too large or lookaside was already full. It is important to verify
+** that allocations that might have been satisfied by lookaside are not
+** passed back to non-lookaside free() routines. Asserts such as the
+** example above are placed on the non-lookaside free() routines to verify
+** this constraint.
+**
+** All of this is no-op for a production build. It only comes into
+** play when the SQLITE_MEMDEBUG compile-time option is used.
+*/
+#ifdef SQLITE_MEMDEBUG
+SQLITE_PRIVATE void sqlite3MemdebugSetType(void*,u8);
+SQLITE_PRIVATE int sqlite3MemdebugHasType(void*,u8);
+SQLITE_PRIVATE int sqlite3MemdebugNoType(void*,u8);
+#else
+# define sqlite3MemdebugSetType(X,Y) /* no-op */
+# define sqlite3MemdebugHasType(X,Y) 1
+# define sqlite3MemdebugNoType(X,Y) 1
+#endif
+#define MEMTYPE_HEAP 0x01 /* General heap allocations */
+#define MEMTYPE_LOOKASIDE 0x02 /* Heap that might have been lookaside */
+#define MEMTYPE_SCRATCH 0x04 /* Scratch allocations */
+#define MEMTYPE_PCACHE 0x08 /* Page cache allocations */
+
+/*
+** Threading interface
+*/
+#if SQLITE_MAX_WORKER_THREADS>0
+SQLITE_PRIVATE int sqlite3ThreadCreate(SQLiteThread**,void*(*)(void*),void*);
+SQLITE_PRIVATE int sqlite3ThreadJoin(SQLiteThread*, void**);
+#endif
+
+#if defined(SQLITE_ENABLE_DBSTAT_VTAB) || defined(SQLITE_TEST)
+SQLITE_PRIVATE int sqlite3DbstatRegister(sqlite3*);
+#endif
+
+#endif /* _SQLITEINT_H_ */
+
+/************** End of sqliteInt.h *******************************************/
+/************** Begin file global.c ******************************************/
+/*
+** 2008 June 13
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains definitions of global variables and constants.
+*/
+/* #include "sqliteInt.h" */
+
+/* An array to map all upper-case characters into their corresponding
+** lower-case character.
+**
+** SQLite only considers US-ASCII (or EBCDIC) characters. We do not
+** handle case conversions for the UTF character set since the tables
+** involved are nearly as big or bigger than SQLite itself.
+*/
+SQLITE_PRIVATE const unsigned char sqlite3UpperToLower[] = {
+#ifdef SQLITE_ASCII
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17,
+ 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35,
+ 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53,
+ 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 97, 98, 99,100,101,102,103,
+ 104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,
+ 122, 91, 92, 93, 94, 95, 96, 97, 98, 99,100,101,102,103,104,105,106,107,
+ 108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,
+ 126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,
+ 144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,
+ 162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,
+ 180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,
+ 198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,
+ 216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,
+ 234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,
+ 252,253,254,255
+#endif
+#ifdef SQLITE_EBCDIC
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, /* 0x */
+ 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, /* 1x */
+ 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, /* 2x */
+ 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, /* 3x */
+ 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, /* 4x */
+ 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, /* 5x */
+ 96, 97, 98, 99,100,101,102,103,104,105,106,107,108,109,110,111, /* 6x */
+ 112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127, /* 7x */
+ 128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143, /* 8x */
+ 144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159, /* 9x */
+ 160,161,162,163,164,165,166,167,168,169,170,171,140,141,142,175, /* Ax */
+ 176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191, /* Bx */
+ 192,129,130,131,132,133,134,135,136,137,202,203,204,205,206,207, /* Cx */
+ 208,145,146,147,148,149,150,151,152,153,218,219,220,221,222,223, /* Dx */
+ 224,225,162,163,164,165,166,167,168,169,234,235,236,237,238,239, /* Ex */
+ 240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255, /* Fx */
+#endif
+};
+
+/*
+** The following 256 byte lookup table is used to support SQLites built-in
+** equivalents to the following standard library functions:
+**
+** isspace() 0x01
+** isalpha() 0x02
+** isdigit() 0x04
+** isalnum() 0x06
+** isxdigit() 0x08
+** toupper() 0x20
+** SQLite identifier character 0x40
+**
+** Bit 0x20 is set if the mapped character requires translation to upper
+** case. i.e. if the character is a lower-case ASCII character.
+** If x is a lower-case ASCII character, then its upper-case equivalent
+** is (x - 0x20). Therefore toupper() can be implemented as:
+**
+** (x & ~(map[x]&0x20))
+**
+** Standard function tolower() is implemented using the sqlite3UpperToLower[]
+** array. tolower() is used more often than toupper() by SQLite.
+**
+** Bit 0x40 is set if the character non-alphanumeric and can be used in an
+** SQLite identifier. Identifiers are alphanumerics, "_", "$", and any
+** non-ASCII UTF character. Hence the test for whether or not a character is
+** part of an identifier is 0x46.
+**
+** SQLite's versions are identical to the standard versions assuming a
+** locale of "C". They are implemented as macros in sqliteInt.h.
+*/
+#ifdef SQLITE_ASCII
+SQLITE_PRIVATE const unsigned char sqlite3CtypeMap[256] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 00..07 ........ */
+ 0x00, 0x01, 0x01, 0x01, 0x01, 0x01, 0x00, 0x00, /* 08..0f ........ */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 10..17 ........ */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 18..1f ........ */
+ 0x01, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, /* 20..27 !"#$%&' */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 28..2f ()*+,-./ */
+ 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, /* 30..37 01234567 */
+ 0x0c, 0x0c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 38..3f 89:;<=>? */
+
+ 0x00, 0x0a, 0x0a, 0x0a, 0x0a, 0x0a, 0x0a, 0x02, /* 40..47 @ABCDEFG */
+ 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, /* 48..4f HIJKLMNO */
+ 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, /* 50..57 PQRSTUVW */
+ 0x02, 0x02, 0x02, 0x00, 0x00, 0x00, 0x00, 0x40, /* 58..5f XYZ[\]^_ */
+ 0x00, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x22, /* 60..67 `abcdefg */
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, /* 68..6f hijklmno */
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, /* 70..77 pqrstuvw */
+ 0x22, 0x22, 0x22, 0x00, 0x00, 0x00, 0x00, 0x00, /* 78..7f xyz{|}~. */
+
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* 80..87 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* 88..8f ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* 90..97 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* 98..9f ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* a0..a7 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* a8..af ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* b0..b7 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* b8..bf ........ */
+
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* c0..c7 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* c8..cf ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* d0..d7 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* d8..df ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* e0..e7 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* e8..ef ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, /* f0..f7 ........ */
+ 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40 /* f8..ff ........ */
+};
+#endif
+
+/* EVIDENCE-OF: R-02982-34736 In order to maintain full backwards
+** compatibility for legacy applications, the URI filename capability is
+** disabled by default.
+**
+** EVIDENCE-OF: R-38799-08373 URI filenames can be enabled or disabled
+** using the SQLITE_USE_URI=1 or SQLITE_USE_URI=0 compile-time options.
+**
+** EVIDENCE-OF: R-43642-56306 By default, URI handling is globally
+** disabled. The default value may be changed by compiling with the
+** SQLITE_USE_URI symbol defined.
+*/
+#ifndef SQLITE_USE_URI
+# define SQLITE_USE_URI 0
+#endif
+
+/* EVIDENCE-OF: R-38720-18127 The default setting is determined by the
+** SQLITE_ALLOW_COVERING_INDEX_SCAN compile-time option, or is "on" if
+** that compile-time option is omitted.
+*/
+#ifndef SQLITE_ALLOW_COVERING_INDEX_SCAN
+# define SQLITE_ALLOW_COVERING_INDEX_SCAN 1
+#endif
+
+/* The minimum PMA size is set to this value multiplied by the database
+** page size in bytes.
+*/
+#ifndef SQLITE_SORTER_PMASZ
+# define SQLITE_SORTER_PMASZ 250
+#endif
+
+/*
+** The following singleton contains the global configuration for
+** the SQLite library.
+*/
+SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config = {
+ SQLITE_DEFAULT_MEMSTATUS, /* bMemstat */
+ 1, /* bCoreMutex */
+ SQLITE_THREADSAFE==1, /* bFullMutex */
+ SQLITE_USE_URI, /* bOpenUri */
+ SQLITE_ALLOW_COVERING_INDEX_SCAN, /* bUseCis */
+ 0x7ffffffe, /* mxStrlen */
+ 0, /* neverCorrupt */
+ 128, /* szLookaside */
+ 500, /* nLookaside */
+ {0,0,0,0,0,0,0,0}, /* m */
+ {0,0,0,0,0,0,0,0,0}, /* mutex */
+ {0,0,0,0,0,0,0,0,0,0,0,0,0},/* pcache2 */
+ (void*)0, /* pHeap */
+ 0, /* nHeap */
+ 0, 0, /* mnHeap, mxHeap */
+ SQLITE_DEFAULT_MMAP_SIZE, /* szMmap */
+ SQLITE_MAX_MMAP_SIZE, /* mxMmap */
+ (void*)0, /* pScratch */
+ 0, /* szScratch */
+ 0, /* nScratch */
+ (void*)0, /* pPage */
+ 0, /* szPage */
+ SQLITE_DEFAULT_PCACHE_INITSZ, /* nPage */
+ 0, /* mxParserStack */
+ 0, /* sharedCacheEnabled */
+ SQLITE_SORTER_PMASZ, /* szPma */
+ /* All the rest should always be initialized to zero */
+ 0, /* isInit */
+ 0, /* inProgress */
+ 0, /* isMutexInit */
+ 0, /* isMallocInit */
+ 0, /* isPCacheInit */
+ 0, /* nRefInitMutex */
+ 0, /* pInitMutex */
+ 0, /* xLog */
+ 0, /* pLogArg */
+#ifdef SQLITE_ENABLE_SQLLOG
+ 0, /* xSqllog */
+ 0, /* pSqllogArg */
+#endif
+#ifdef SQLITE_VDBE_COVERAGE
+ 0, /* xVdbeBranch */
+ 0, /* pVbeBranchArg */
+#endif
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+ 0, /* xTestCallback */
+#endif
+ 0 /* bLocaltimeFault */
+};
+
+/*
+** Hash table for global functions - functions common to all
+** database connections. After initialization, this table is
+** read-only.
+*/
+SQLITE_PRIVATE SQLITE_WSD FuncDefHash sqlite3GlobalFunctions;
+
+/*
+** Constant tokens for values 0 and 1.
+*/
+SQLITE_PRIVATE const Token sqlite3IntTokens[] = {
+ { "0", 1 },
+ { "1", 1 }
+};
+
+
+/*
+** The value of the "pending" byte must be 0x40000000 (1 byte past the
+** 1-gibabyte boundary) in a compatible database. SQLite never uses
+** the database page that contains the pending byte. It never attempts
+** to read or write that page. The pending byte page is set assign
+** for use by the VFS layers as space for managing file locks.
+**
+** During testing, it is often desirable to move the pending byte to
+** a different position in the file. This allows code that has to
+** deal with the pending byte to run on files that are much smaller
+** than 1 GiB. The sqlite3_test_control() interface can be used to
+** move the pending byte.
+**
+** IMPORTANT: Changing the pending byte to any value other than
+** 0x40000000 results in an incompatible database file format!
+** Changing the pending byte during operation will result in undefined
+** and incorrect behavior.
+*/
+#ifndef SQLITE_OMIT_WSD
+SQLITE_PRIVATE int sqlite3PendingByte = 0x40000000;
+#endif
+
+/* #include "opcodes.h" */
+/*
+** Properties of opcodes. The OPFLG_INITIALIZER macro is
+** created by mkopcodeh.awk during compilation. Data is obtained
+** from the comments following the "case OP_xxxx:" statements in
+** the vdbe.c file.
+*/
+SQLITE_PRIVATE const unsigned char sqlite3OpcodeProperty[] = OPFLG_INITIALIZER;
+
+/*
+** Name of the default collating sequence
+*/
+SQLITE_PRIVATE const char sqlite3StrBINARY[] = "BINARY";
+
+/************** End of global.c **********************************************/
+/************** Begin file ctime.c *******************************************/
+/*
+** 2010 February 23
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file implements routines used to report what compile-time options
+** SQLite was built with.
+*/
+
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+
+/* #include "sqliteInt.h" */
+
+/*
+** An array of names of all compile-time options. This array should
+** be sorted A-Z.
+**
+** This array looks large, but in a typical installation actually uses
+** only a handful of compile-time options, so most times this array is usually
+** rather short and uses little memory space.
+*/
+static const char * const azCompileOpt[] = {
+
+/* These macros are provided to "stringify" the value of the define
+** for those options in which the value is meaningful. */
+#define CTIMEOPT_VAL_(opt) #opt
+#define CTIMEOPT_VAL(opt) CTIMEOPT_VAL_(opt)
+
+#if SQLITE_32BIT_ROWID
+ "32BIT_ROWID",
+#endif
+#if SQLITE_4_BYTE_ALIGNED_MALLOC
+ "4_BYTE_ALIGNED_MALLOC",
+#endif
+#if SQLITE_CASE_SENSITIVE_LIKE
+ "CASE_SENSITIVE_LIKE",
+#endif
+#if SQLITE_CHECK_PAGES
+ "CHECK_PAGES",
+#endif
+#if SQLITE_COVERAGE_TEST
+ "COVERAGE_TEST",
+#endif
+#if SQLITE_DEBUG
+ "DEBUG",
+#endif
+#if SQLITE_DEFAULT_LOCKING_MODE
+ "DEFAULT_LOCKING_MODE=" CTIMEOPT_VAL(SQLITE_DEFAULT_LOCKING_MODE),
+#endif
+#if defined(SQLITE_DEFAULT_MMAP_SIZE) && !defined(SQLITE_DEFAULT_MMAP_SIZE_xc)
+ "DEFAULT_MMAP_SIZE=" CTIMEOPT_VAL(SQLITE_DEFAULT_MMAP_SIZE),
+#endif
+#if SQLITE_DISABLE_DIRSYNC
+ "DISABLE_DIRSYNC",
+#endif
+#if SQLITE_DISABLE_LFS
+ "DISABLE_LFS",
+#endif
+#if SQLITE_ENABLE_8_3_NAMES
+ "ENABLE_8_3_NAMES",
+#endif
+#if SQLITE_ENABLE_API_ARMOR
+ "ENABLE_API_ARMOR",
+#endif
+#if SQLITE_ENABLE_ATOMIC_WRITE
+ "ENABLE_ATOMIC_WRITE",
+#endif
+#if SQLITE_ENABLE_CEROD
+ "ENABLE_CEROD",
+#endif
+#if SQLITE_ENABLE_COLUMN_METADATA
+ "ENABLE_COLUMN_METADATA",
+#endif
+#if SQLITE_ENABLE_DBSTAT_VTAB
+ "ENABLE_DBSTAT_VTAB",
+#endif
+#if SQLITE_ENABLE_EXPENSIVE_ASSERT
+ "ENABLE_EXPENSIVE_ASSERT",
+#endif
+#if SQLITE_ENABLE_FTS1
+ "ENABLE_FTS1",
+#endif
+#if SQLITE_ENABLE_FTS2
+ "ENABLE_FTS2",
+#endif
+#if SQLITE_ENABLE_FTS3
+ "ENABLE_FTS3",
+#endif
+#if SQLITE_ENABLE_FTS3_PARENTHESIS
+ "ENABLE_FTS3_PARENTHESIS",
+#endif
+#if SQLITE_ENABLE_FTS4
+ "ENABLE_FTS4",
+#endif
+#if SQLITE_ENABLE_FTS5
+ "ENABLE_FTS5",
+#endif
+#if SQLITE_ENABLE_ICU
+ "ENABLE_ICU",
+#endif
+#if SQLITE_ENABLE_IOTRACE
+ "ENABLE_IOTRACE",
+#endif
+#if SQLITE_ENABLE_JSON1
+ "ENABLE_JSON1",
+#endif
+#if SQLITE_ENABLE_LOAD_EXTENSION
+ "ENABLE_LOAD_EXTENSION",
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE
+ "ENABLE_LOCKING_STYLE=" CTIMEOPT_VAL(SQLITE_ENABLE_LOCKING_STYLE),
+#endif
+#if SQLITE_ENABLE_MEMORY_MANAGEMENT
+ "ENABLE_MEMORY_MANAGEMENT",
+#endif
+#if SQLITE_ENABLE_MEMSYS3
+ "ENABLE_MEMSYS3",
+#endif
+#if SQLITE_ENABLE_MEMSYS5
+ "ENABLE_MEMSYS5",
+#endif
+#if SQLITE_ENABLE_OVERSIZE_CELL_CHECK
+ "ENABLE_OVERSIZE_CELL_CHECK",
+#endif
+#if SQLITE_ENABLE_RTREE
+ "ENABLE_RTREE",
+#endif
+#if defined(SQLITE_ENABLE_STAT4)
+ "ENABLE_STAT4",
+#elif defined(SQLITE_ENABLE_STAT3)
+ "ENABLE_STAT3",
+#endif
+#if SQLITE_ENABLE_UNLOCK_NOTIFY
+ "ENABLE_UNLOCK_NOTIFY",
+#endif
+#if SQLITE_ENABLE_UPDATE_DELETE_LIMIT
+ "ENABLE_UPDATE_DELETE_LIMIT",
+#endif
+#if SQLITE_HAS_CODEC
+ "HAS_CODEC",
+#endif
+#if HAVE_ISNAN || SQLITE_HAVE_ISNAN
+ "HAVE_ISNAN",
+#endif
+#if SQLITE_HOMEGROWN_RECURSIVE_MUTEX
+ "HOMEGROWN_RECURSIVE_MUTEX",
+#endif
+#if SQLITE_IGNORE_AFP_LOCK_ERRORS
+ "IGNORE_AFP_LOCK_ERRORS",
+#endif
+#if SQLITE_IGNORE_FLOCK_LOCK_ERRORS
+ "IGNORE_FLOCK_LOCK_ERRORS",
+#endif
+#ifdef SQLITE_INT64_TYPE
+ "INT64_TYPE",
+#endif
+#ifdef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ "LIKE_DOESNT_MATCH_BLOBS",
+#endif
+#if SQLITE_LOCK_TRACE
+ "LOCK_TRACE",
+#endif
+#if defined(SQLITE_MAX_MMAP_SIZE) && !defined(SQLITE_MAX_MMAP_SIZE_xc)
+ "MAX_MMAP_SIZE=" CTIMEOPT_VAL(SQLITE_MAX_MMAP_SIZE),
+#endif
+#ifdef SQLITE_MAX_SCHEMA_RETRY
+ "MAX_SCHEMA_RETRY=" CTIMEOPT_VAL(SQLITE_MAX_SCHEMA_RETRY),
+#endif
+#if SQLITE_MEMDEBUG
+ "MEMDEBUG",
+#endif
+#if SQLITE_MIXED_ENDIAN_64BIT_FLOAT
+ "MIXED_ENDIAN_64BIT_FLOAT",
+#endif
+#if SQLITE_NO_SYNC
+ "NO_SYNC",
+#endif
+#if SQLITE_OMIT_ALTERTABLE
+ "OMIT_ALTERTABLE",
+#endif
+#if SQLITE_OMIT_ANALYZE
+ "OMIT_ANALYZE",
+#endif
+#if SQLITE_OMIT_ATTACH
+ "OMIT_ATTACH",
+#endif
+#if SQLITE_OMIT_AUTHORIZATION
+ "OMIT_AUTHORIZATION",
+#endif
+#if SQLITE_OMIT_AUTOINCREMENT
+ "OMIT_AUTOINCREMENT",
+#endif
+#if SQLITE_OMIT_AUTOINIT
+ "OMIT_AUTOINIT",
+#endif
+#if SQLITE_OMIT_AUTOMATIC_INDEX
+ "OMIT_AUTOMATIC_INDEX",
+#endif
+#if SQLITE_OMIT_AUTORESET
+ "OMIT_AUTORESET",
+#endif
+#if SQLITE_OMIT_AUTOVACUUM
+ "OMIT_AUTOVACUUM",
+#endif
+#if SQLITE_OMIT_BETWEEN_OPTIMIZATION
+ "OMIT_BETWEEN_OPTIMIZATION",
+#endif
+#if SQLITE_OMIT_BLOB_LITERAL
+ "OMIT_BLOB_LITERAL",
+#endif
+#if SQLITE_OMIT_BTREECOUNT
+ "OMIT_BTREECOUNT",
+#endif
+#if SQLITE_OMIT_BUILTIN_TEST
+ "OMIT_BUILTIN_TEST",
+#endif
+#if SQLITE_OMIT_CAST
+ "OMIT_CAST",
+#endif
+#if SQLITE_OMIT_CHECK
+ "OMIT_CHECK",
+#endif
+#if SQLITE_OMIT_COMPLETE
+ "OMIT_COMPLETE",
+#endif
+#if SQLITE_OMIT_COMPOUND_SELECT
+ "OMIT_COMPOUND_SELECT",
+#endif
+#if SQLITE_OMIT_CTE
+ "OMIT_CTE",
+#endif
+#if SQLITE_OMIT_DATETIME_FUNCS
+ "OMIT_DATETIME_FUNCS",
+#endif
+#if SQLITE_OMIT_DECLTYPE
+ "OMIT_DECLTYPE",
+#endif
+#if SQLITE_OMIT_DEPRECATED
+ "OMIT_DEPRECATED",
+#endif
+#if SQLITE_OMIT_DISKIO
+ "OMIT_DISKIO",
+#endif
+#if SQLITE_OMIT_EXPLAIN
+ "OMIT_EXPLAIN",
+#endif
+#if SQLITE_OMIT_FLAG_PRAGMAS
+ "OMIT_FLAG_PRAGMAS",
+#endif
+#if SQLITE_OMIT_FLOATING_POINT
+ "OMIT_FLOATING_POINT",
+#endif
+#if SQLITE_OMIT_FOREIGN_KEY
+ "OMIT_FOREIGN_KEY",
+#endif
+#if SQLITE_OMIT_GET_TABLE
+ "OMIT_GET_TABLE",
+#endif
+#if SQLITE_OMIT_INCRBLOB
+ "OMIT_INCRBLOB",
+#endif
+#if SQLITE_OMIT_INTEGRITY_CHECK
+ "OMIT_INTEGRITY_CHECK",
+#endif
+#if SQLITE_OMIT_LIKE_OPTIMIZATION
+ "OMIT_LIKE_OPTIMIZATION",
+#endif
+#if SQLITE_OMIT_LOAD_EXTENSION
+ "OMIT_LOAD_EXTENSION",
+#endif
+#if SQLITE_OMIT_LOCALTIME
+ "OMIT_LOCALTIME",
+#endif
+#if SQLITE_OMIT_LOOKASIDE
+ "OMIT_LOOKASIDE",
+#endif
+#if SQLITE_OMIT_MEMORYDB
+ "OMIT_MEMORYDB",
+#endif
+#if SQLITE_OMIT_OR_OPTIMIZATION
+ "OMIT_OR_OPTIMIZATION",
+#endif
+#if SQLITE_OMIT_PAGER_PRAGMAS
+ "OMIT_PAGER_PRAGMAS",
+#endif
+#if SQLITE_OMIT_PRAGMA
+ "OMIT_PRAGMA",
+#endif
+#if SQLITE_OMIT_PROGRESS_CALLBACK
+ "OMIT_PROGRESS_CALLBACK",
+#endif
+#if SQLITE_OMIT_QUICKBALANCE
+ "OMIT_QUICKBALANCE",
+#endif
+#if SQLITE_OMIT_REINDEX
+ "OMIT_REINDEX",
+#endif
+#if SQLITE_OMIT_SCHEMA_PRAGMAS
+ "OMIT_SCHEMA_PRAGMAS",
+#endif
+#if SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS
+ "OMIT_SCHEMA_VERSION_PRAGMAS",
+#endif
+#if SQLITE_OMIT_SHARED_CACHE
+ "OMIT_SHARED_CACHE",
+#endif
+#if SQLITE_OMIT_SUBQUERY
+ "OMIT_SUBQUERY",
+#endif
+#if SQLITE_OMIT_TCL_VARIABLE
+ "OMIT_TCL_VARIABLE",
+#endif
+#if SQLITE_OMIT_TEMPDB
+ "OMIT_TEMPDB",
+#endif
+#if SQLITE_OMIT_TRACE
+ "OMIT_TRACE",
+#endif
+#if SQLITE_OMIT_TRIGGER
+ "OMIT_TRIGGER",
+#endif
+#if SQLITE_OMIT_TRUNCATE_OPTIMIZATION
+ "OMIT_TRUNCATE_OPTIMIZATION",
+#endif
+#if SQLITE_OMIT_UTF16
+ "OMIT_UTF16",
+#endif
+#if SQLITE_OMIT_VACUUM
+ "OMIT_VACUUM",
+#endif
+#if SQLITE_OMIT_VIEW
+ "OMIT_VIEW",
+#endif
+#if SQLITE_OMIT_VIRTUALTABLE
+ "OMIT_VIRTUALTABLE",
+#endif
+#if SQLITE_OMIT_WAL
+ "OMIT_WAL",
+#endif
+#if SQLITE_OMIT_WSD
+ "OMIT_WSD",
+#endif
+#if SQLITE_OMIT_XFER_OPT
+ "OMIT_XFER_OPT",
+#endif
+#if SQLITE_PERFORMANCE_TRACE
+ "PERFORMANCE_TRACE",
+#endif
+#if SQLITE_PROXY_DEBUG
+ "PROXY_DEBUG",
+#endif
+#if SQLITE_RTREE_INT_ONLY
+ "RTREE_INT_ONLY",
+#endif
+#if SQLITE_SECURE_DELETE
+ "SECURE_DELETE",
+#endif
+#if SQLITE_SMALL_STACK
+ "SMALL_STACK",
+#endif
+#if SQLITE_SOUNDEX
+ "SOUNDEX",
+#endif
+#if SQLITE_SYSTEM_MALLOC
+ "SYSTEM_MALLOC",
+#endif
+#if SQLITE_TCL
+ "TCL",
+#endif
+#if defined(SQLITE_TEMP_STORE) && !defined(SQLITE_TEMP_STORE_xc)
+ "TEMP_STORE=" CTIMEOPT_VAL(SQLITE_TEMP_STORE),
+#endif
+#if SQLITE_TEST
+ "TEST",
+#endif
+#if defined(SQLITE_THREADSAFE)
+ "THREADSAFE=" CTIMEOPT_VAL(SQLITE_THREADSAFE),
+#endif
+#if SQLITE_USE_ALLOCA
+ "USE_ALLOCA",
+#endif
+#if SQLITE_USER_AUTHENTICATION
+ "USER_AUTHENTICATION",
+#endif
+#if SQLITE_WIN32_MALLOC
+ "WIN32_MALLOC",
+#endif
+#if SQLITE_ZERO_MALLOC
+ "ZERO_MALLOC"
+#endif
+};
+
+/*
+** Given the name of a compile-time option, return true if that option
+** was used and false if not.
+**
+** The name can optionally begin with "SQLITE_" but the "SQLITE_" prefix
+** is not required for a match.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_compileoption_used(const char *zOptName){
+ int i, n;
+
+#if SQLITE_ENABLE_API_ARMOR
+ if( zOptName==0 ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ if( sqlite3StrNICmp(zOptName, "SQLITE_", 7)==0 ) zOptName += 7;
+ n = sqlite3Strlen30(zOptName);
+
+ /* Since ArraySize(azCompileOpt) is normally in single digits, a
+ ** linear search is adequate. No need for a binary search. */
+ for(i=0; i<ArraySize(azCompileOpt); i++){
+ if( sqlite3StrNICmp(zOptName, azCompileOpt[i], n)==0
+ && sqlite3IsIdChar((unsigned char)azCompileOpt[i][n])==0
+ ){
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** Return the N-th compile-time option string. If N is out of range,
+** return a NULL pointer.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_compileoption_get(int N){
+ if( N>=0 && N<ArraySize(azCompileOpt) ){
+ return azCompileOpt[N];
+ }
+ return 0;
+}
+
+#endif /* SQLITE_OMIT_COMPILEOPTION_DIAGS */
+
+/************** End of ctime.c ***********************************************/
+/************** Begin file status.c ******************************************/
+/*
+** 2008 June 18
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This module implements the sqlite3_status() interface and related
+** functionality.
+*/
+/* #include "sqliteInt.h" */
+/************** Include vdbeInt.h in the middle of status.c ******************/
+/************** Begin file vdbeInt.h *****************************************/
+/*
+** 2003 September 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This is the header file for information that is private to the
+** VDBE. This information used to all be at the top of the single
+** source code file "vdbe.c". When that file became too big (over
+** 6000 lines long) it was split up into several smaller files and
+** this header information was factored out.
+*/
+#ifndef _VDBEINT_H_
+#define _VDBEINT_H_
+
+/*
+** The maximum number of times that a statement will try to reparse
+** itself before giving up and returning SQLITE_SCHEMA.
+*/
+#ifndef SQLITE_MAX_SCHEMA_RETRY
+# define SQLITE_MAX_SCHEMA_RETRY 50
+#endif
+
+/*
+** VDBE_DISPLAY_P4 is true or false depending on whether or not the
+** "explain" P4 display logic is enabled.
+*/
+#if !defined(SQLITE_OMIT_EXPLAIN) || !defined(NDEBUG) \
+ || defined(VDBE_PROFILE) || defined(SQLITE_DEBUG)
+# define VDBE_DISPLAY_P4 1
+#else
+# define VDBE_DISPLAY_P4 0
+#endif
+
+/*
+** SQL is translated into a sequence of instructions to be
+** executed by a virtual machine. Each instruction is an instance
+** of the following structure.
+*/
+typedef struct VdbeOp Op;
+
+/*
+** Boolean values
+*/
+typedef unsigned Bool;
+
+/* Opaque type used by code in vdbesort.c */
+typedef struct VdbeSorter VdbeSorter;
+
+/* Opaque type used by the explainer */
+typedef struct Explain Explain;
+
+/* Elements of the linked list at Vdbe.pAuxData */
+typedef struct AuxData AuxData;
+
+/* Types of VDBE cursors */
+#define CURTYPE_BTREE 0
+#define CURTYPE_SORTER 1
+#define CURTYPE_VTAB 2
+#define CURTYPE_PSEUDO 3
+
+/*
+** A VdbeCursor is an superclass (a wrapper) for various cursor objects:
+**
+** * A b-tree cursor
+** - In the main database or in an ephemeral database
+** - On either an index or a table
+** * A sorter
+** * A virtual table
+** * A one-row "pseudotable" stored in a single register
+*/
+struct VdbeCursor {
+ u8 eCurType; /* One of the CURTYPE_* values above */
+ i8 iDb; /* Index of cursor database in db->aDb[] (or -1) */
+ u8 nullRow; /* True if pointing to a row with no data */
+ u8 deferredMoveto; /* A call to sqlite3BtreeMoveto() is needed */
+ u8 isTable; /* True for rowid tables. False for indexes */
+#ifdef SQLITE_DEBUG
+ u8 seekOp; /* Most recent seek operation on this cursor */
+#endif
+ Bool isEphemeral:1; /* True for an ephemeral table */
+ Bool useRandomRowid:1;/* Generate new record numbers semi-randomly */
+ Bool isOrdered:1; /* True if the underlying table is BTREE_UNORDERED */
+ Pgno pgnoRoot; /* Root page of the open btree cursor */
+ i16 nField; /* Number of fields in the header */
+ u16 nHdrParsed; /* Number of header fields parsed so far */
+ union {
+ BtCursor *pCursor; /* CURTYPE_BTREE. Btree cursor */
+ sqlite3_vtab_cursor *pVCur; /* CURTYPE_VTAB. Vtab cursor */
+ int pseudoTableReg; /* CURTYPE_PSEUDO. Reg holding content. */
+ VdbeSorter *pSorter; /* CURTYPE_SORTER. Sorter object */
+ } uc;
+ Btree *pBt; /* Separate file holding temporary table */
+ KeyInfo *pKeyInfo; /* Info about index keys needed by index cursors */
+ int seekResult; /* Result of previous sqlite3BtreeMoveto() */
+ i64 seqCount; /* Sequence counter */
+ i64 movetoTarget; /* Argument to the deferred sqlite3BtreeMoveto() */
+#ifdef SQLITE_ENABLE_COLUMN_USED_MASK
+ u64 maskUsed; /* Mask of columns used by this cursor */
+#endif
+
+ /* Cached information about the header for the data record that the
+ ** cursor is currently pointing to. Only valid if cacheStatus matches
+ ** Vdbe.cacheCtr. Vdbe.cacheCtr will never take on the value of
+ ** CACHE_STALE and so setting cacheStatus=CACHE_STALE guarantees that
+ ** the cache is out of date.
+ **
+ ** aRow might point to (ephemeral) data for the current row, or it might
+ ** be NULL.
+ */
+ u32 cacheStatus; /* Cache is valid if this matches Vdbe.cacheCtr */
+ u32 payloadSize; /* Total number of bytes in the record */
+ u32 szRow; /* Byte available in aRow */
+ u32 iHdrOffset; /* Offset to next unparsed byte of the header */
+ const u8 *aRow; /* Data for the current row, if all on one page */
+ u32 *aOffset; /* Pointer to aType[nField] */
+ u32 aType[1]; /* Type values for all entries in the record */
+ /* 2*nField extra array elements allocated for aType[], beyond the one
+ ** static element declared in the structure. nField total array slots for
+ ** aType[] and nField+1 array slots for aOffset[] */
+};
+typedef struct VdbeCursor VdbeCursor;
+
+/*
+** When a sub-program is executed (OP_Program), a structure of this type
+** is allocated to store the current value of the program counter, as
+** well as the current memory cell array and various other frame specific
+** values stored in the Vdbe struct. When the sub-program is finished,
+** these values are copied back to the Vdbe from the VdbeFrame structure,
+** restoring the state of the VM to as it was before the sub-program
+** began executing.
+**
+** The memory for a VdbeFrame object is allocated and managed by a memory
+** cell in the parent (calling) frame. When the memory cell is deleted or
+** overwritten, the VdbeFrame object is not freed immediately. Instead, it
+** is linked into the Vdbe.pDelFrame list. The contents of the Vdbe.pDelFrame
+** list is deleted when the VM is reset in VdbeHalt(). The reason for doing
+** this instead of deleting the VdbeFrame immediately is to avoid recursive
+** calls to sqlite3VdbeMemRelease() when the memory cells belonging to the
+** child frame are released.
+**
+** The currently executing frame is stored in Vdbe.pFrame. Vdbe.pFrame is
+** set to NULL if the currently executing frame is the main program.
+*/
+typedef struct VdbeFrame VdbeFrame;
+struct VdbeFrame {
+ Vdbe *v; /* VM this frame belongs to */
+ VdbeFrame *pParent; /* Parent of this frame, or NULL if parent is main */
+ Op *aOp; /* Program instructions for parent frame */
+ i64 *anExec; /* Event counters from parent frame */
+ Mem *aMem; /* Array of memory cells for parent frame */
+ u8 *aOnceFlag; /* Array of OP_Once flags for parent frame */
+ VdbeCursor **apCsr; /* Array of Vdbe cursors for parent frame */
+ void *token; /* Copy of SubProgram.token */
+ i64 lastRowid; /* Last insert rowid (sqlite3.lastRowid) */
+ int nCursor; /* Number of entries in apCsr */
+ int pc; /* Program Counter in parent (calling) frame */
+ int nOp; /* Size of aOp array */
+ int nMem; /* Number of entries in aMem */
+ int nOnceFlag; /* Number of entries in aOnceFlag */
+ int nChildMem; /* Number of memory cells for child frame */
+ int nChildCsr; /* Number of cursors for child frame */
+ int nChange; /* Statement changes (Vdbe.nChange) */
+ int nDbChange; /* Value of db->nChange */
+};
+
+#define VdbeFrameMem(p) ((Mem *)&((u8 *)p)[ROUND8(sizeof(VdbeFrame))])
+
+/*
+** A value for VdbeCursor.cacheValid that means the cache is always invalid.
+*/
+#define CACHE_STALE 0
+
+/*
+** Internally, the vdbe manipulates nearly all SQL values as Mem
+** structures. Each Mem struct may cache multiple representations (string,
+** integer etc.) of the same value.
+*/
+struct Mem {
+ union MemValue {
+ double r; /* Real value used when MEM_Real is set in flags */
+ i64 i; /* Integer value used when MEM_Int is set in flags */
+ int nZero; /* Used when bit MEM_Zero is set in flags */
+ FuncDef *pDef; /* Used only when flags==MEM_Agg */
+ RowSet *pRowSet; /* Used only when flags==MEM_RowSet */
+ VdbeFrame *pFrame; /* Used when flags==MEM_Frame */
+ } u;
+ u16 flags; /* Some combination of MEM_Null, MEM_Str, MEM_Dyn, etc. */
+ u8 enc; /* SQLITE_UTF8, SQLITE_UTF16BE, SQLITE_UTF16LE */
+ u8 eSubtype; /* Subtype for this value */
+ int n; /* Number of characters in string value, excluding '\0' */
+ char *z; /* String or BLOB value */
+ /* ShallowCopy only needs to copy the information above */
+ char *zMalloc; /* Space to hold MEM_Str or MEM_Blob if szMalloc>0 */
+ int szMalloc; /* Size of the zMalloc allocation */
+ u32 uTemp; /* Transient storage for serial_type in OP_MakeRecord */
+ sqlite3 *db; /* The associated database connection */
+ void (*xDel)(void*);/* Destructor for Mem.z - only valid if MEM_Dyn */
+#ifdef SQLITE_DEBUG
+ Mem *pScopyFrom; /* This Mem is a shallow copy of pScopyFrom */
+ void *pFiller; /* So that sizeof(Mem) is a multiple of 8 */
+#endif
+};
+
+/*
+** Size of struct Mem not including the Mem.zMalloc member or anything that
+** follows.
+*/
+#define MEMCELLSIZE offsetof(Mem,zMalloc)
+
+/* One or more of the following flags are set to indicate the validOK
+** representations of the value stored in the Mem struct.
+**
+** If the MEM_Null flag is set, then the value is an SQL NULL value.
+** No other flags may be set in this case.
+**
+** If the MEM_Str flag is set then Mem.z points at a string representation.
+** Usually this is encoded in the same unicode encoding as the main
+** database (see below for exceptions). If the MEM_Term flag is also
+** set, then the string is nul terminated. The MEM_Int and MEM_Real
+** flags may coexist with the MEM_Str flag.
+*/
+#define MEM_Null 0x0001 /* Value is NULL */
+#define MEM_Str 0x0002 /* Value is a string */
+#define MEM_Int 0x0004 /* Value is an integer */
+#define MEM_Real 0x0008 /* Value is a real number */
+#define MEM_Blob 0x0010 /* Value is a BLOB */
+#define MEM_AffMask 0x001f /* Mask of affinity bits */
+#define MEM_RowSet 0x0020 /* Value is a RowSet object */
+#define MEM_Frame 0x0040 /* Value is a VdbeFrame object */
+#define MEM_Undefined 0x0080 /* Value is undefined */
+#define MEM_Cleared 0x0100 /* NULL set by OP_Null, not from data */
+#define MEM_TypeMask 0x01ff /* Mask of type bits */
+
+
+/* Whenever Mem contains a valid string or blob representation, one of
+** the following flags must be set to determine the memory management
+** policy for Mem.z. The MEM_Term flag tells us whether or not the
+** string is \000 or \u0000 terminated
+*/
+#define MEM_Term 0x0200 /* String rep is nul terminated */
+#define MEM_Dyn 0x0400 /* Need to call Mem.xDel() on Mem.z */
+#define MEM_Static 0x0800 /* Mem.z points to a static string */
+#define MEM_Ephem 0x1000 /* Mem.z points to an ephemeral string */
+#define MEM_Agg 0x2000 /* Mem.z points to an agg function context */
+#define MEM_Zero 0x4000 /* Mem.i contains count of 0s appended to blob */
+#ifdef SQLITE_OMIT_INCRBLOB
+ #undef MEM_Zero
+ #define MEM_Zero 0x0000
+#endif
+
+/*
+** Clear any existing type flags from a Mem and replace them with f
+*/
+#define MemSetTypeFlag(p, f) \
+ ((p)->flags = ((p)->flags&~(MEM_TypeMask|MEM_Zero))|f)
+
+/*
+** Return true if a memory cell is not marked as invalid. This macro
+** is for use inside assert() statements only.
+*/
+#ifdef SQLITE_DEBUG
+#define memIsValid(M) ((M)->flags & MEM_Undefined)==0
+#endif
+
+/*
+** Each auxiliary data pointer stored by a user defined function
+** implementation calling sqlite3_set_auxdata() is stored in an instance
+** of this structure. All such structures associated with a single VM
+** are stored in a linked list headed at Vdbe.pAuxData. All are destroyed
+** when the VM is halted (if not before).
+*/
+struct AuxData {
+ int iOp; /* Instruction number of OP_Function opcode */
+ int iArg; /* Index of function argument. */
+ void *pAux; /* Aux data pointer */
+ void (*xDelete)(void *); /* Destructor for the aux data */
+ AuxData *pNext; /* Next element in list */
+};
+
+/*
+** The "context" argument for an installable function. A pointer to an
+** instance of this structure is the first argument to the routines used
+** implement the SQL functions.
+**
+** There is a typedef for this structure in sqlite.h. So all routines,
+** even the public interface to SQLite, can use a pointer to this structure.
+** But this file is the only place where the internal details of this
+** structure are known.
+**
+** This structure is defined inside of vdbeInt.h because it uses substructures
+** (Mem) which are only defined there.
+*/
+struct sqlite3_context {
+ Mem *pOut; /* The return value is stored here */
+ FuncDef *pFunc; /* Pointer to function information */
+ Mem *pMem; /* Memory cell used to store aggregate context */
+ Vdbe *pVdbe; /* The VM that owns this context */
+ int iOp; /* Instruction number of OP_Function */
+ int isError; /* Error code returned by the function. */
+ u8 skipFlag; /* Skip accumulator loading if true */
+ u8 fErrorOrAux; /* isError!=0 or pVdbe->pAuxData modified */
+ u8 argc; /* Number of arguments */
+ sqlite3_value *argv[1]; /* Argument set */
+};
+
+/*
+** An Explain object accumulates indented output which is helpful
+** in describing recursive data structures.
+*/
+struct Explain {
+ Vdbe *pVdbe; /* Attach the explanation to this Vdbe */
+ StrAccum str; /* The string being accumulated */
+ int nIndent; /* Number of elements in aIndent */
+ u16 aIndent[100]; /* Levels of indentation */
+ char zBase[100]; /* Initial space */
+};
+
+/* A bitfield type for use inside of structures. Always follow with :N where
+** N is the number of bits.
+*/
+typedef unsigned bft; /* Bit Field Type */
+
+typedef struct ScanStatus ScanStatus;
+struct ScanStatus {
+ int addrExplain; /* OP_Explain for loop */
+ int addrLoop; /* Address of "loops" counter */
+ int addrVisit; /* Address of "rows visited" counter */
+ int iSelectID; /* The "Select-ID" for this loop */
+ LogEst nEst; /* Estimated output rows per loop */
+ char *zName; /* Name of table or index */
+};
+
+/*
+** An instance of the virtual machine. This structure contains the complete
+** state of the virtual machine.
+**
+** The "sqlite3_stmt" structure pointer that is returned by sqlite3_prepare()
+** is really a pointer to an instance of this structure.
+*/
+struct Vdbe {
+ sqlite3 *db; /* The database connection that owns this statement */
+ Op *aOp; /* Space to hold the virtual machine's program */
+ Mem *aMem; /* The memory locations */
+ Mem **apArg; /* Arguments to currently executing user function */
+ Mem *aColName; /* Column names to return */
+ Mem *pResultSet; /* Pointer to an array of results */
+ Parse *pParse; /* Parsing context used to create this Vdbe */
+ int nMem; /* Number of memory locations currently allocated */
+ int nOp; /* Number of instructions in the program */
+ int nCursor; /* Number of slots in apCsr[] */
+ u32 magic; /* Magic number for sanity checking */
+ char *zErrMsg; /* Error message written here */
+ Vdbe *pPrev,*pNext; /* Linked list of VDBEs with the same Vdbe.db */
+ VdbeCursor **apCsr; /* One element of this array for each open cursor */
+ Mem *aVar; /* Values for the OP_Variable opcode. */
+ char **azVar; /* Name of variables */
+ ynVar nVar; /* Number of entries in aVar[] */
+ ynVar nzVar; /* Number of entries in azVar[] */
+ u32 cacheCtr; /* VdbeCursor row cache generation counter */
+ int pc; /* The program counter */
+ int rc; /* Value to return */
+#ifdef SQLITE_DEBUG
+ int rcApp; /* errcode set by sqlite3_result_error_code() */
+#endif
+ u16 nResColumn; /* Number of columns in one row of the result set */
+ u8 errorAction; /* Recovery action to do in case of an error */
+ u8 minWriteFileFormat; /* Minimum file format for writable database files */
+ bft explain:2; /* True if EXPLAIN present on SQL command */
+ bft changeCntOn:1; /* True to update the change-counter */
+ bft expired:1; /* True if the VM needs to be recompiled */
+ bft runOnlyOnce:1; /* Automatically expire on reset */
+ bft usesStmtJournal:1; /* True if uses a statement journal */
+ bft readOnly:1; /* True for statements that do not write */
+ bft bIsReader:1; /* True for statements that read */
+ bft isPrepareV2:1; /* True if prepared with prepare_v2() */
+ bft doingRerun:1; /* True if rerunning after an auto-reprepare */
+ int nChange; /* Number of db changes made since last reset */
+ yDbMask btreeMask; /* Bitmask of db->aDb[] entries referenced */
+ yDbMask lockMask; /* Subset of btreeMask that requires a lock */
+ int iStatement; /* Statement number (or 0 if has not opened stmt) */
+ u32 aCounter[5]; /* Counters used by sqlite3_stmt_status() */
+#ifndef SQLITE_OMIT_TRACE
+ i64 startTime; /* Time when query started - used for profiling */
+#endif
+ i64 iCurrentTime; /* Value of julianday('now') for this statement */
+ i64 nFkConstraint; /* Number of imm. FK constraints this VM */
+ i64 nStmtDefCons; /* Number of def. constraints when stmt started */
+ i64 nStmtDefImmCons; /* Number of def. imm constraints when stmt started */
+ char *zSql; /* Text of the SQL statement that generated this */
+ void *pFree; /* Free this when deleting the vdbe */
+ VdbeFrame *pFrame; /* Parent frame */
+ VdbeFrame *pDelFrame; /* List of frame objects to free on VM reset */
+ int nFrame; /* Number of frames in pFrame list */
+ u32 expmask; /* Binding to these vars invalidates VM */
+ SubProgram *pProgram; /* Linked list of all sub-programs used by VM */
+ int nOnceFlag; /* Size of array aOnceFlag[] */
+ u8 *aOnceFlag; /* Flags for OP_Once */
+ AuxData *pAuxData; /* Linked list of auxdata allocations */
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ i64 *anExec; /* Number of times each op has been executed */
+ int nScan; /* Entries in aScan[] */
+ ScanStatus *aScan; /* Scan definitions for sqlite3_stmt_scanstatus() */
+#endif
+};
+
+/*
+** The following are allowed values for Vdbe.magic
+*/
+#define VDBE_MAGIC_INIT 0x26bceaa5 /* Building a VDBE program */
+#define VDBE_MAGIC_RUN 0xbdf20da3 /* VDBE is ready to execute */
+#define VDBE_MAGIC_HALT 0x519c2973 /* VDBE has completed execution */
+#define VDBE_MAGIC_DEAD 0xb606c3c8 /* The VDBE has been deallocated */
+
+/*
+** Function prototypes
+*/
+SQLITE_PRIVATE void sqlite3VdbeError(Vdbe*, const char *, ...);
+SQLITE_PRIVATE void sqlite3VdbeFreeCursor(Vdbe *, VdbeCursor*);
+void sqliteVdbePopStack(Vdbe*,int);
+SQLITE_PRIVATE int sqlite3VdbeCursorMoveto(VdbeCursor*);
+SQLITE_PRIVATE int sqlite3VdbeCursorRestore(VdbeCursor*);
+#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
+SQLITE_PRIVATE void sqlite3VdbePrintOp(FILE*, int, Op*);
+#endif
+SQLITE_PRIVATE u32 sqlite3VdbeSerialTypeLen(u32);
+SQLITE_PRIVATE u8 sqlite3VdbeOneByteSerialTypeLen(u8);
+SQLITE_PRIVATE u32 sqlite3VdbeSerialType(Mem*, int, u32*);
+SQLITE_PRIVATE u32 sqlite3VdbeSerialPut(unsigned char*, Mem*, u32);
+SQLITE_PRIVATE u32 sqlite3VdbeSerialGet(const unsigned char*, u32, Mem*);
+SQLITE_PRIVATE void sqlite3VdbeDeleteAuxData(Vdbe*, int, int);
+
+int sqlite2BtreeKeyCompare(BtCursor *, const void *, int, int, int *);
+SQLITE_PRIVATE int sqlite3VdbeIdxKeyCompare(sqlite3*,VdbeCursor*,UnpackedRecord*,int*);
+SQLITE_PRIVATE int sqlite3VdbeIdxRowid(sqlite3*, BtCursor*, i64*);
+SQLITE_PRIVATE int sqlite3VdbeExec(Vdbe*);
+SQLITE_PRIVATE int sqlite3VdbeList(Vdbe*);
+SQLITE_PRIVATE int sqlite3VdbeHalt(Vdbe*);
+SQLITE_PRIVATE int sqlite3VdbeChangeEncoding(Mem *, int);
+SQLITE_PRIVATE int sqlite3VdbeMemTooBig(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemCopy(Mem*, const Mem*);
+SQLITE_PRIVATE void sqlite3VdbeMemShallowCopy(Mem*, const Mem*, int);
+SQLITE_PRIVATE void sqlite3VdbeMemMove(Mem*, Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemNulTerminate(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemSetStr(Mem*, const char*, int, u8, void(*)(void*));
+SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem*, i64);
+#ifdef SQLITE_OMIT_FLOATING_POINT
+# define sqlite3VdbeMemSetDouble sqlite3VdbeMemSetInt64
+#else
+SQLITE_PRIVATE void sqlite3VdbeMemSetDouble(Mem*, double);
+#endif
+SQLITE_PRIVATE void sqlite3VdbeMemInit(Mem*,sqlite3*,u16);
+SQLITE_PRIVATE void sqlite3VdbeMemSetNull(Mem*);
+SQLITE_PRIVATE void sqlite3VdbeMemSetZeroBlob(Mem*,int);
+SQLITE_PRIVATE void sqlite3VdbeMemSetRowSet(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemMakeWriteable(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemStringify(Mem*, u8, u8);
+SQLITE_PRIVATE i64 sqlite3VdbeIntValue(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemIntegerify(Mem*);
+SQLITE_PRIVATE double sqlite3VdbeRealValue(Mem*);
+SQLITE_PRIVATE void sqlite3VdbeIntegerAffinity(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemRealify(Mem*);
+SQLITE_PRIVATE int sqlite3VdbeMemNumerify(Mem*);
+SQLITE_PRIVATE void sqlite3VdbeMemCast(Mem*,u8,u8);
+SQLITE_PRIVATE int sqlite3VdbeMemFromBtree(BtCursor*,u32,u32,int,Mem*);
+SQLITE_PRIVATE void sqlite3VdbeMemRelease(Mem *p);
+#define VdbeMemDynamic(X) \
+ (((X)->flags&(MEM_Agg|MEM_Dyn|MEM_RowSet|MEM_Frame))!=0)
+SQLITE_PRIVATE int sqlite3VdbeMemFinalize(Mem*, FuncDef*);
+SQLITE_PRIVATE const char *sqlite3OpcodeName(int);
+SQLITE_PRIVATE int sqlite3VdbeMemGrow(Mem *pMem, int n, int preserve);
+SQLITE_PRIVATE int sqlite3VdbeMemClearAndResize(Mem *pMem, int n);
+SQLITE_PRIVATE int sqlite3VdbeCloseStatement(Vdbe *, int);
+SQLITE_PRIVATE void sqlite3VdbeFrameDelete(VdbeFrame*);
+SQLITE_PRIVATE int sqlite3VdbeFrameRestore(VdbeFrame *);
+SQLITE_PRIVATE int sqlite3VdbeTransferError(Vdbe *p);
+
+SQLITE_PRIVATE int sqlite3VdbeSorterInit(sqlite3 *, int, VdbeCursor *);
+SQLITE_PRIVATE void sqlite3VdbeSorterReset(sqlite3 *, VdbeSorter *);
+SQLITE_PRIVATE void sqlite3VdbeSorterClose(sqlite3 *, VdbeCursor *);
+SQLITE_PRIVATE int sqlite3VdbeSorterRowkey(const VdbeCursor *, Mem *);
+SQLITE_PRIVATE int sqlite3VdbeSorterNext(sqlite3 *, const VdbeCursor *, int *);
+SQLITE_PRIVATE int sqlite3VdbeSorterRewind(const VdbeCursor *, int *);
+SQLITE_PRIVATE int sqlite3VdbeSorterWrite(const VdbeCursor *, Mem *);
+SQLITE_PRIVATE int sqlite3VdbeSorterCompare(const VdbeCursor *, Mem *, int, int *);
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && SQLITE_THREADSAFE>0
+SQLITE_PRIVATE void sqlite3VdbeEnter(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeLeave(Vdbe*);
+#else
+# define sqlite3VdbeEnter(X)
+# define sqlite3VdbeLeave(X)
+#endif
+
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE void sqlite3VdbeMemAboutToChange(Vdbe*,Mem*);
+SQLITE_PRIVATE int sqlite3VdbeCheckMemInvariants(Mem*);
+#endif
+
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+SQLITE_PRIVATE int sqlite3VdbeCheckFk(Vdbe *, int);
+#else
+# define sqlite3VdbeCheckFk(p,i) 0
+#endif
+
+SQLITE_PRIVATE int sqlite3VdbeMemTranslate(Mem*, u8);
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE void sqlite3VdbePrintSql(Vdbe*);
+SQLITE_PRIVATE void sqlite3VdbeMemPrettyPrint(Mem *pMem, char *zBuf);
+#endif
+SQLITE_PRIVATE int sqlite3VdbeMemHandleBom(Mem *pMem);
+
+#ifndef SQLITE_OMIT_INCRBLOB
+SQLITE_PRIVATE int sqlite3VdbeMemExpandBlob(Mem *);
+ #define ExpandBlob(P) (((P)->flags&MEM_Zero)?sqlite3VdbeMemExpandBlob(P):0)
+#else
+ #define sqlite3VdbeMemExpandBlob(x) SQLITE_OK
+ #define ExpandBlob(P) SQLITE_OK
+#endif
+
+#endif /* !defined(_VDBEINT_H_) */
+
+/************** End of vdbeInt.h *********************************************/
+/************** Continuing where we left off in status.c *********************/
+
+/*
+** Variables in which to record status information.
+*/
+#if SQLITE_PTRSIZE>4
+typedef sqlite3_int64 sqlite3StatValueType;
+#else
+typedef u32 sqlite3StatValueType;
+#endif
+typedef struct sqlite3StatType sqlite3StatType;
+static SQLITE_WSD struct sqlite3StatType {
+ sqlite3StatValueType nowValue[10]; /* Current value */
+ sqlite3StatValueType mxValue[10]; /* Maximum value */
+} sqlite3Stat = { {0,}, {0,} };
+
+/*
+** Elements of sqlite3Stat[] are protected by either the memory allocator
+** mutex, or by the pcache1 mutex. The following array determines which.
+*/
+static const char statMutex[] = {
+ 0, /* SQLITE_STATUS_MEMORY_USED */
+ 1, /* SQLITE_STATUS_PAGECACHE_USED */
+ 1, /* SQLITE_STATUS_PAGECACHE_OVERFLOW */
+ 0, /* SQLITE_STATUS_SCRATCH_USED */
+ 0, /* SQLITE_STATUS_SCRATCH_OVERFLOW */
+ 0, /* SQLITE_STATUS_MALLOC_SIZE */
+ 0, /* SQLITE_STATUS_PARSER_STACK */
+ 1, /* SQLITE_STATUS_PAGECACHE_SIZE */
+ 0, /* SQLITE_STATUS_SCRATCH_SIZE */
+ 0, /* SQLITE_STATUS_MALLOC_COUNT */
+};
+
+
+/* The "wsdStat" macro will resolve to the status information
+** state vector. If writable static data is unsupported on the target,
+** we have to locate the state vector at run-time. In the more common
+** case where writable static data is supported, wsdStat can refer directly
+** to the "sqlite3Stat" state vector declared above.
+*/
+#ifdef SQLITE_OMIT_WSD
+# define wsdStatInit sqlite3StatType *x = &GLOBAL(sqlite3StatType,sqlite3Stat)
+# define wsdStat x[0]
+#else
+# define wsdStatInit
+# define wsdStat sqlite3Stat
+#endif
+
+/*
+** Return the current value of a status parameter. The caller must
+** be holding the appropriate mutex.
+*/
+SQLITE_PRIVATE sqlite3_int64 sqlite3StatusValue(int op){
+ wsdStatInit;
+ assert( op>=0 && op<ArraySize(wsdStat.nowValue) );
+ assert( op>=0 && op<ArraySize(statMutex) );
+ assert( sqlite3_mutex_held(statMutex[op] ? sqlite3Pcache1Mutex()
+ : sqlite3MallocMutex()) );
+ return wsdStat.nowValue[op];
+}
+
+/*
+** Add N to the value of a status record. The caller must hold the
+** appropriate mutex. (Locking is checked by assert()).
+**
+** The StatusUp() routine can accept positive or negative values for N.
+** The value of N is added to the current status value and the high-water
+** mark is adjusted if necessary.
+**
+** The StatusDown() routine lowers the current value by N. The highwater
+** mark is unchanged. N must be non-negative for StatusDown().
+*/
+SQLITE_PRIVATE void sqlite3StatusUp(int op, int N){
+ wsdStatInit;
+ assert( op>=0 && op<ArraySize(wsdStat.nowValue) );
+ assert( op>=0 && op<ArraySize(statMutex) );
+ assert( sqlite3_mutex_held(statMutex[op] ? sqlite3Pcache1Mutex()
+ : sqlite3MallocMutex()) );
+ wsdStat.nowValue[op] += N;
+ if( wsdStat.nowValue[op]>wsdStat.mxValue[op] ){
+ wsdStat.mxValue[op] = wsdStat.nowValue[op];
+ }
+}
+SQLITE_PRIVATE void sqlite3StatusDown(int op, int N){
+ wsdStatInit;
+ assert( N>=0 );
+ assert( op>=0 && op<ArraySize(statMutex) );
+ assert( sqlite3_mutex_held(statMutex[op] ? sqlite3Pcache1Mutex()
+ : sqlite3MallocMutex()) );
+ assert( op>=0 && op<ArraySize(wsdStat.nowValue) );
+ wsdStat.nowValue[op] -= N;
+}
+
+/*
+** Adjust the highwater mark if necessary.
+** The caller must hold the appropriate mutex.
+*/
+SQLITE_PRIVATE void sqlite3StatusHighwater(int op, int X){
+ sqlite3StatValueType newValue;
+ wsdStatInit;
+ assert( X>=0 );
+ newValue = (sqlite3StatValueType)X;
+ assert( op>=0 && op<ArraySize(wsdStat.nowValue) );
+ assert( op>=0 && op<ArraySize(statMutex) );
+ assert( sqlite3_mutex_held(statMutex[op] ? sqlite3Pcache1Mutex()
+ : sqlite3MallocMutex()) );
+ assert( op==SQLITE_STATUS_MALLOC_SIZE
+ || op==SQLITE_STATUS_PAGECACHE_SIZE
+ || op==SQLITE_STATUS_SCRATCH_SIZE
+ || op==SQLITE_STATUS_PARSER_STACK );
+ if( newValue>wsdStat.mxValue[op] ){
+ wsdStat.mxValue[op] = newValue;
+ }
+}
+
+/*
+** Query status information.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_status64(
+ int op,
+ sqlite3_int64 *pCurrent,
+ sqlite3_int64 *pHighwater,
+ int resetFlag
+){
+ sqlite3_mutex *pMutex;
+ wsdStatInit;
+ if( op<0 || op>=ArraySize(wsdStat.nowValue) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( pCurrent==0 || pHighwater==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ pMutex = statMutex[op] ? sqlite3Pcache1Mutex() : sqlite3MallocMutex();
+ sqlite3_mutex_enter(pMutex);
+ *pCurrent = wsdStat.nowValue[op];
+ *pHighwater = wsdStat.mxValue[op];
+ if( resetFlag ){
+ wsdStat.mxValue[op] = wsdStat.nowValue[op];
+ }
+ sqlite3_mutex_leave(pMutex);
+ (void)pMutex; /* Prevent warning when SQLITE_THREADSAFE=0 */
+ return SQLITE_OK;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_status(int op, int *pCurrent, int *pHighwater, int resetFlag){
+ sqlite3_int64 iCur, iHwtr;
+ int rc;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( pCurrent==0 || pHighwater==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ rc = sqlite3_status64(op, &iCur, &iHwtr, resetFlag);
+ if( rc==0 ){
+ *pCurrent = (int)iCur;
+ *pHighwater = (int)iHwtr;
+ }
+ return rc;
+}
+
+/*
+** Query status information for a single database connection
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_status(
+ sqlite3 *db, /* The database connection whose status is desired */
+ int op, /* Status verb */
+ int *pCurrent, /* Write current value here */
+ int *pHighwater, /* Write high-water mark here */
+ int resetFlag /* Reset high-water mark if true */
+){
+ int rc = SQLITE_OK; /* Return code */
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || pCurrent==0|| pHighwater==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ switch( op ){
+ case SQLITE_DBSTATUS_LOOKASIDE_USED: {
+ *pCurrent = db->lookaside.nOut;
+ *pHighwater = db->lookaside.mxOut;
+ if( resetFlag ){
+ db->lookaside.mxOut = db->lookaside.nOut;
+ }
+ break;
+ }
+
+ case SQLITE_DBSTATUS_LOOKASIDE_HIT:
+ case SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE:
+ case SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL: {
+ testcase( op==SQLITE_DBSTATUS_LOOKASIDE_HIT );
+ testcase( op==SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE );
+ testcase( op==SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL );
+ assert( (op-SQLITE_DBSTATUS_LOOKASIDE_HIT)>=0 );
+ assert( (op-SQLITE_DBSTATUS_LOOKASIDE_HIT)<3 );
+ *pCurrent = 0;
+ *pHighwater = db->lookaside.anStat[op - SQLITE_DBSTATUS_LOOKASIDE_HIT];
+ if( resetFlag ){
+ db->lookaside.anStat[op - SQLITE_DBSTATUS_LOOKASIDE_HIT] = 0;
+ }
+ break;
+ }
+
+ /*
+ ** Return an approximation for the amount of memory currently used
+ ** by all pagers associated with the given database connection. The
+ ** highwater mark is meaningless and is returned as zero.
+ */
+ case SQLITE_DBSTATUS_CACHE_USED: {
+ int totalUsed = 0;
+ int i;
+ sqlite3BtreeEnterAll(db);
+ for(i=0; i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ Pager *pPager = sqlite3BtreePager(pBt);
+ totalUsed += sqlite3PagerMemUsed(pPager);
+ }
+ }
+ sqlite3BtreeLeaveAll(db);
+ *pCurrent = totalUsed;
+ *pHighwater = 0;
+ break;
+ }
+
+ /*
+ ** *pCurrent gets an accurate estimate of the amount of memory used
+ ** to store the schema for all databases (main, temp, and any ATTACHed
+ ** databases. *pHighwater is set to zero.
+ */
+ case SQLITE_DBSTATUS_SCHEMA_USED: {
+ int i; /* Used to iterate through schemas */
+ int nByte = 0; /* Used to accumulate return value */
+
+ sqlite3BtreeEnterAll(db);
+ db->pnBytesFreed = &nByte;
+ for(i=0; i<db->nDb; i++){
+ Schema *pSchema = db->aDb[i].pSchema;
+ if( ALWAYS(pSchema!=0) ){
+ HashElem *p;
+
+ nByte += sqlite3GlobalConfig.m.xRoundup(sizeof(HashElem)) * (
+ pSchema->tblHash.count
+ + pSchema->trigHash.count
+ + pSchema->idxHash.count
+ + pSchema->fkeyHash.count
+ );
+ nByte += sqlite3_msize(pSchema->tblHash.ht);
+ nByte += sqlite3_msize(pSchema->trigHash.ht);
+ nByte += sqlite3_msize(pSchema->idxHash.ht);
+ nByte += sqlite3_msize(pSchema->fkeyHash.ht);
+
+ for(p=sqliteHashFirst(&pSchema->trigHash); p; p=sqliteHashNext(p)){
+ sqlite3DeleteTrigger(db, (Trigger*)sqliteHashData(p));
+ }
+ for(p=sqliteHashFirst(&pSchema->tblHash); p; p=sqliteHashNext(p)){
+ sqlite3DeleteTable(db, (Table *)sqliteHashData(p));
+ }
+ }
+ }
+ db->pnBytesFreed = 0;
+ sqlite3BtreeLeaveAll(db);
+
+ *pHighwater = 0;
+ *pCurrent = nByte;
+ break;
+ }
+
+ /*
+ ** *pCurrent gets an accurate estimate of the amount of memory used
+ ** to store all prepared statements.
+ ** *pHighwater is set to zero.
+ */
+ case SQLITE_DBSTATUS_STMT_USED: {
+ struct Vdbe *pVdbe; /* Used to iterate through VMs */
+ int nByte = 0; /* Used to accumulate return value */
+
+ db->pnBytesFreed = &nByte;
+ for(pVdbe=db->pVdbe; pVdbe; pVdbe=pVdbe->pNext){
+ sqlite3VdbeClearObject(db, pVdbe);
+ sqlite3DbFree(db, pVdbe);
+ }
+ db->pnBytesFreed = 0;
+
+ *pHighwater = 0; /* IMP: R-64479-57858 */
+ *pCurrent = nByte;
+
+ break;
+ }
+
+ /*
+ ** Set *pCurrent to the total cache hits or misses encountered by all
+ ** pagers the database handle is connected to. *pHighwater is always set
+ ** to zero.
+ */
+ case SQLITE_DBSTATUS_CACHE_HIT:
+ case SQLITE_DBSTATUS_CACHE_MISS:
+ case SQLITE_DBSTATUS_CACHE_WRITE:{
+ int i;
+ int nRet = 0;
+ assert( SQLITE_DBSTATUS_CACHE_MISS==SQLITE_DBSTATUS_CACHE_HIT+1 );
+ assert( SQLITE_DBSTATUS_CACHE_WRITE==SQLITE_DBSTATUS_CACHE_HIT+2 );
+
+ for(i=0; i<db->nDb; i++){
+ if( db->aDb[i].pBt ){
+ Pager *pPager = sqlite3BtreePager(db->aDb[i].pBt);
+ sqlite3PagerCacheStat(pPager, op, resetFlag, &nRet);
+ }
+ }
+ *pHighwater = 0; /* IMP: R-42420-56072 */
+ /* IMP: R-54100-20147 */
+ /* IMP: R-29431-39229 */
+ *pCurrent = nRet;
+ break;
+ }
+
+ /* Set *pCurrent to non-zero if there are unresolved deferred foreign
+ ** key constraints. Set *pCurrent to zero if all foreign key constraints
+ ** have been satisfied. The *pHighwater is always set to zero.
+ */
+ case SQLITE_DBSTATUS_DEFERRED_FKS: {
+ *pHighwater = 0; /* IMP: R-11967-56545 */
+ *pCurrent = db->nDeferredImmCons>0 || db->nDeferredCons>0;
+ break;
+ }
+
+ default: {
+ rc = SQLITE_ERROR;
+ }
+ }
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/************** End of status.c **********************************************/
+/************** Begin file date.c ********************************************/
+/*
+** 2003 October 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement date and time
+** functions for SQLite.
+**
+** There is only one exported symbol in this file - the function
+** sqlite3RegisterDateTimeFunctions() found at the bottom of the file.
+** All other code has file scope.
+**
+** SQLite processes all times and dates as julian day numbers. The
+** dates and times are stored as the number of days since noon
+** in Greenwich on November 24, 4714 B.C. according to the Gregorian
+** calendar system.
+**
+** 1970-01-01 00:00:00 is JD 2440587.5
+** 2000-01-01 00:00:00 is JD 2451544.5
+**
+** This implementation requires years to be expressed as a 4-digit number
+** which means that only dates between 0000-01-01 and 9999-12-31 can
+** be represented, even though julian day numbers allow a much wider
+** range of dates.
+**
+** The Gregorian calendar system is used for all dates and times,
+** even those that predate the Gregorian calendar. Historians usually
+** use the julian calendar for dates prior to 1582-10-15 and for some
+** dates afterwards, depending on locale. Beware of this difference.
+**
+** The conversion algorithms are implemented based on descriptions
+** in the following text:
+**
+** Jean Meeus
+** Astronomical Algorithms, 2nd Edition, 1998
+** ISBM 0-943396-61-1
+** Willmann-Bell, Inc
+** Richmond, Virginia (USA)
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdlib.h> */
+/* #include <assert.h> */
+#include <time.h>
+
+#ifndef SQLITE_OMIT_DATETIME_FUNCS
+
+
+/*
+** A structure for holding a single date and time.
+*/
+typedef struct DateTime DateTime;
+struct DateTime {
+ sqlite3_int64 iJD; /* The julian day number times 86400000 */
+ int Y, M, D; /* Year, month, and day */
+ int h, m; /* Hour and minutes */
+ int tz; /* Timezone offset in minutes */
+ double s; /* Seconds */
+ char validYMD; /* True (1) if Y,M,D are valid */
+ char validHMS; /* True (1) if h,m,s are valid */
+ char validJD; /* True (1) if iJD is valid */
+ char validTZ; /* True (1) if tz is valid */
+ char tzSet; /* Timezone was set explicitly */
+};
+
+
+/*
+** Convert zDate into one or more integers. Additional arguments
+** come in groups of 5 as follows:
+**
+** N number of digits in the integer
+** min minimum allowed value of the integer
+** max maximum allowed value of the integer
+** nextC first character after the integer
+** pVal where to write the integers value.
+**
+** Conversions continue until one with nextC==0 is encountered.
+** The function returns the number of successful conversions.
+*/
+static int getDigits(const char *zDate, ...){
+ va_list ap;
+ int val;
+ int N;
+ int min;
+ int max;
+ int nextC;
+ int *pVal;
+ int cnt = 0;
+ va_start(ap, zDate);
+ do{
+ N = va_arg(ap, int);
+ min = va_arg(ap, int);
+ max = va_arg(ap, int);
+ nextC = va_arg(ap, int);
+ pVal = va_arg(ap, int*);
+ val = 0;
+ while( N-- ){
+ if( !sqlite3Isdigit(*zDate) ){
+ goto end_getDigits;
+ }
+ val = val*10 + *zDate - '0';
+ zDate++;
+ }
+ if( val<min || val>max || (nextC!=0 && nextC!=*zDate) ){
+ goto end_getDigits;
+ }
+ *pVal = val;
+ zDate++;
+ cnt++;
+ }while( nextC );
+end_getDigits:
+ va_end(ap);
+ return cnt;
+}
+
+/*
+** Parse a timezone extension on the end of a date-time.
+** The extension is of the form:
+**
+** (+/-)HH:MM
+**
+** Or the "zulu" notation:
+**
+** Z
+**
+** If the parse is successful, write the number of minutes
+** of change in p->tz and return 0. If a parser error occurs,
+** return non-zero.
+**
+** A missing specifier is not considered an error.
+*/
+static int parseTimezone(const char *zDate, DateTime *p){
+ int sgn = 0;
+ int nHr, nMn;
+ int c;
+ while( sqlite3Isspace(*zDate) ){ zDate++; }
+ p->tz = 0;
+ c = *zDate;
+ if( c=='-' ){
+ sgn = -1;
+ }else if( c=='+' ){
+ sgn = +1;
+ }else if( c=='Z' || c=='z' ){
+ zDate++;
+ goto zulu_time;
+ }else{
+ return c!=0;
+ }
+ zDate++;
+ if( getDigits(zDate, 2, 0, 14, ':', &nHr, 2, 0, 59, 0, &nMn)!=2 ){
+ return 1;
+ }
+ zDate += 5;
+ p->tz = sgn*(nMn + nHr*60);
+zulu_time:
+ while( sqlite3Isspace(*zDate) ){ zDate++; }
+ p->tzSet = 1;
+ return *zDate!=0;
+}
+
+/*
+** Parse times of the form HH:MM or HH:MM:SS or HH:MM:SS.FFFF.
+** The HH, MM, and SS must each be exactly 2 digits. The
+** fractional seconds FFFF can be one or more digits.
+**
+** Return 1 if there is a parsing error and 0 on success.
+*/
+static int parseHhMmSs(const char *zDate, DateTime *p){
+ int h, m, s;
+ double ms = 0.0;
+ if( getDigits(zDate, 2, 0, 24, ':', &h, 2, 0, 59, 0, &m)!=2 ){
+ return 1;
+ }
+ zDate += 5;
+ if( *zDate==':' ){
+ zDate++;
+ if( getDigits(zDate, 2, 0, 59, 0, &s)!=1 ){
+ return 1;
+ }
+ zDate += 2;
+ if( *zDate=='.' && sqlite3Isdigit(zDate[1]) ){
+ double rScale = 1.0;
+ zDate++;
+ while( sqlite3Isdigit(*zDate) ){
+ ms = ms*10.0 + *zDate - '0';
+ rScale *= 10.0;
+ zDate++;
+ }
+ ms /= rScale;
+ }
+ }else{
+ s = 0;
+ }
+ p->validJD = 0;
+ p->validHMS = 1;
+ p->h = h;
+ p->m = m;
+ p->s = s + ms;
+ if( parseTimezone(zDate, p) ) return 1;
+ p->validTZ = (p->tz!=0)?1:0;
+ return 0;
+}
+
+/*
+** Convert from YYYY-MM-DD HH:MM:SS to julian day. We always assume
+** that the YYYY-MM-DD is according to the Gregorian calendar.
+**
+** Reference: Meeus page 61
+*/
+static void computeJD(DateTime *p){
+ int Y, M, D, A, B, X1, X2;
+
+ if( p->validJD ) return;
+ if( p->validYMD ){
+ Y = p->Y;
+ M = p->M;
+ D = p->D;
+ }else{
+ Y = 2000; /* If no YMD specified, assume 2000-Jan-01 */
+ M = 1;
+ D = 1;
+ }
+ if( M<=2 ){
+ Y--;
+ M += 12;
+ }
+ A = Y/100;
+ B = 2 - A + (A/4);
+ X1 = 36525*(Y+4716)/100;
+ X2 = 306001*(M+1)/10000;
+ p->iJD = (sqlite3_int64)((X1 + X2 + D + B - 1524.5 ) * 86400000);
+ p->validJD = 1;
+ if( p->validHMS ){
+ p->iJD += p->h*3600000 + p->m*60000 + (sqlite3_int64)(p->s*1000);
+ if( p->validTZ ){
+ p->iJD -= p->tz*60000;
+ p->validYMD = 0;
+ p->validHMS = 0;
+ p->validTZ = 0;
+ }
+ }
+}
+
+/*
+** Parse dates of the form
+**
+** YYYY-MM-DD HH:MM:SS.FFF
+** YYYY-MM-DD HH:MM:SS
+** YYYY-MM-DD HH:MM
+** YYYY-MM-DD
+**
+** Write the result into the DateTime structure and return 0
+** on success and 1 if the input string is not a well-formed
+** date.
+*/
+static int parseYyyyMmDd(const char *zDate, DateTime *p){
+ int Y, M, D, neg;
+
+ if( zDate[0]=='-' ){
+ zDate++;
+ neg = 1;
+ }else{
+ neg = 0;
+ }
+ if( getDigits(zDate,4,0,9999,'-',&Y,2,1,12,'-',&M,2,1,31,0,&D)!=3 ){
+ return 1;
+ }
+ zDate += 10;
+ while( sqlite3Isspace(*zDate) || 'T'==*(u8*)zDate ){ zDate++; }
+ if( parseHhMmSs(zDate, p)==0 ){
+ /* We got the time */
+ }else if( *zDate==0 ){
+ p->validHMS = 0;
+ }else{
+ return 1;
+ }
+ p->validJD = 0;
+ p->validYMD = 1;
+ p->Y = neg ? -Y : Y;
+ p->M = M;
+ p->D = D;
+ if( p->validTZ ){
+ computeJD(p);
+ }
+ return 0;
+}
+
+/*
+** Set the time to the current time reported by the VFS.
+**
+** Return the number of errors.
+*/
+static int setDateTimeToCurrent(sqlite3_context *context, DateTime *p){
+ p->iJD = sqlite3StmtCurrentTime(context);
+ if( p->iJD>0 ){
+ p->validJD = 1;
+ return 0;
+ }else{
+ return 1;
+ }
+}
+
+/*
+** Attempt to parse the given string into a julian day number. Return
+** the number of errors.
+**
+** The following are acceptable forms for the input string:
+**
+** YYYY-MM-DD HH:MM:SS.FFF +/-HH:MM
+** DDDD.DD
+** now
+**
+** In the first form, the +/-HH:MM is always optional. The fractional
+** seconds extension (the ".FFF") is optional. The seconds portion
+** (":SS.FFF") is option. The year and date can be omitted as long
+** as there is a time string. The time string can be omitted as long
+** as there is a year and date.
+*/
+static int parseDateOrTime(
+ sqlite3_context *context,
+ const char *zDate,
+ DateTime *p
+){
+ double r;
+ if( parseYyyyMmDd(zDate,p)==0 ){
+ return 0;
+ }else if( parseHhMmSs(zDate, p)==0 ){
+ return 0;
+ }else if( sqlite3StrICmp(zDate,"now")==0){
+ return setDateTimeToCurrent(context, p);
+ }else if( sqlite3AtoF(zDate, &r, sqlite3Strlen30(zDate), SQLITE_UTF8) ){
+ p->iJD = (sqlite3_int64)(r*86400000.0 + 0.5);
+ p->validJD = 1;
+ return 0;
+ }
+ return 1;
+}
+
+/*
+** Compute the Year, Month, and Day from the julian day number.
+*/
+static void computeYMD(DateTime *p){
+ int Z, A, B, C, D, E, X1;
+ if( p->validYMD ) return;
+ if( !p->validJD ){
+ p->Y = 2000;
+ p->M = 1;
+ p->D = 1;
+ }else{
+ Z = (int)((p->iJD + 43200000)/86400000);
+ A = (int)((Z - 1867216.25)/36524.25);
+ A = Z + 1 + A - (A/4);
+ B = A + 1524;
+ C = (int)((B - 122.1)/365.25);
+ D = (36525*(C&32767))/100;
+ E = (int)((B-D)/30.6001);
+ X1 = (int)(30.6001*E);
+ p->D = B - D - X1;
+ p->M = E<14 ? E-1 : E-13;
+ p->Y = p->M>2 ? C - 4716 : C - 4715;
+ }
+ p->validYMD = 1;
+}
+
+/*
+** Compute the Hour, Minute, and Seconds from the julian day number.
+*/
+static void computeHMS(DateTime *p){
+ int s;
+ if( p->validHMS ) return;
+ computeJD(p);
+ s = (int)((p->iJD + 43200000) % 86400000);
+ p->s = s/1000.0;
+ s = (int)p->s;
+ p->s -= s;
+ p->h = s/3600;
+ s -= p->h*3600;
+ p->m = s/60;
+ p->s += s - p->m*60;
+ p->validHMS = 1;
+}
+
+/*
+** Compute both YMD and HMS
+*/
+static void computeYMD_HMS(DateTime *p){
+ computeYMD(p);
+ computeHMS(p);
+}
+
+/*
+** Clear the YMD and HMS and the TZ
+*/
+static void clearYMD_HMS_TZ(DateTime *p){
+ p->validYMD = 0;
+ p->validHMS = 0;
+ p->validTZ = 0;
+}
+
+/*
+** On recent Windows platforms, the localtime_s() function is available
+** as part of the "Secure CRT". It is essentially equivalent to
+** localtime_r() available under most POSIX platforms, except that the
+** order of the parameters is reversed.
+**
+** See http://msdn.microsoft.com/en-us/library/a442x3ye(VS.80).aspx.
+**
+** If the user has not indicated to use localtime_r() or localtime_s()
+** already, check for an MSVC build environment that provides
+** localtime_s().
+*/
+#if !HAVE_LOCALTIME_R && !HAVE_LOCALTIME_S \
+ && defined(_MSC_VER) && defined(_CRT_INSECURE_DEPRECATE)
+#undef HAVE_LOCALTIME_S
+#define HAVE_LOCALTIME_S 1
+#endif
+
+#ifndef SQLITE_OMIT_LOCALTIME
+/*
+** The following routine implements the rough equivalent of localtime_r()
+** using whatever operating-system specific localtime facility that
+** is available. This routine returns 0 on success and
+** non-zero on any kind of error.
+**
+** If the sqlite3GlobalConfig.bLocaltimeFault variable is true then this
+** routine will always fail.
+**
+** EVIDENCE-OF: R-62172-00036 In this implementation, the standard C
+** library function localtime_r() is used to assist in the calculation of
+** local time.
+*/
+static int osLocaltime(time_t *t, struct tm *pTm){
+ int rc;
+#if !HAVE_LOCALTIME_R && !HAVE_LOCALTIME_S
+ struct tm *pX;
+#if SQLITE_THREADSAFE>0
+ sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ sqlite3_mutex_enter(mutex);
+ pX = localtime(t);
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+ if( sqlite3GlobalConfig.bLocaltimeFault ) pX = 0;
+#endif
+ if( pX ) *pTm = *pX;
+ sqlite3_mutex_leave(mutex);
+ rc = pX==0;
+#else
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+ if( sqlite3GlobalConfig.bLocaltimeFault ) return 1;
+#endif
+#if HAVE_LOCALTIME_R
+ rc = localtime_r(t, pTm)==0;
+#else
+ rc = localtime_s(pTm, t);
+#endif /* HAVE_LOCALTIME_R */
+#endif /* HAVE_LOCALTIME_R || HAVE_LOCALTIME_S */
+ return rc;
+}
+#endif /* SQLITE_OMIT_LOCALTIME */
+
+
+#ifndef SQLITE_OMIT_LOCALTIME
+/*
+** Compute the difference (in milliseconds) between localtime and UTC
+** (a.k.a. GMT) for the time value p where p is in UTC. If no error occurs,
+** return this value and set *pRc to SQLITE_OK.
+**
+** Or, if an error does occur, set *pRc to SQLITE_ERROR. The returned value
+** is undefined in this case.
+*/
+static sqlite3_int64 localtimeOffset(
+ DateTime *p, /* Date at which to calculate offset */
+ sqlite3_context *pCtx, /* Write error here if one occurs */
+ int *pRc /* OUT: Error code. SQLITE_OK or ERROR */
+){
+ DateTime x, y;
+ time_t t;
+ struct tm sLocal;
+
+ /* Initialize the contents of sLocal to avoid a compiler warning. */
+ memset(&sLocal, 0, sizeof(sLocal));
+
+ x = *p;
+ computeYMD_HMS(&x);
+ if( x.Y<1971 || x.Y>=2038 ){
+ /* EVIDENCE-OF: R-55269-29598 The localtime_r() C function normally only
+ ** works for years between 1970 and 2037. For dates outside this range,
+ ** SQLite attempts to map the year into an equivalent year within this
+ ** range, do the calculation, then map the year back.
+ */
+ x.Y = 2000;
+ x.M = 1;
+ x.D = 1;
+ x.h = 0;
+ x.m = 0;
+ x.s = 0.0;
+ } else {
+ int s = (int)(x.s + 0.5);
+ x.s = s;
+ }
+ x.tz = 0;
+ x.validJD = 0;
+ computeJD(&x);
+ t = (time_t)(x.iJD/1000 - 21086676*(i64)10000);
+ if( osLocaltime(&t, &sLocal) ){
+ sqlite3_result_error(pCtx, "local time unavailable", -1);
+ *pRc = SQLITE_ERROR;
+ return 0;
+ }
+ y.Y = sLocal.tm_year + 1900;
+ y.M = sLocal.tm_mon + 1;
+ y.D = sLocal.tm_mday;
+ y.h = sLocal.tm_hour;
+ y.m = sLocal.tm_min;
+ y.s = sLocal.tm_sec;
+ y.validYMD = 1;
+ y.validHMS = 1;
+ y.validJD = 0;
+ y.validTZ = 0;
+ computeJD(&y);
+ *pRc = SQLITE_OK;
+ return y.iJD - x.iJD;
+}
+#endif /* SQLITE_OMIT_LOCALTIME */
+
+/*
+** Process a modifier to a date-time stamp. The modifiers are
+** as follows:
+**
+** NNN days
+** NNN hours
+** NNN minutes
+** NNN.NNNN seconds
+** NNN months
+** NNN years
+** start of month
+** start of year
+** start of week
+** start of day
+** weekday N
+** unixepoch
+** localtime
+** utc
+**
+** Return 0 on success and 1 if there is any kind of error. If the error
+** is in a system call (i.e. localtime()), then an error message is written
+** to context pCtx. If the error is an unrecognized modifier, no error is
+** written to pCtx.
+*/
+static int parseModifier(sqlite3_context *pCtx, const char *zMod, DateTime *p){
+ int rc = 1;
+ int n;
+ double r;
+ char *z, zBuf[30];
+ z = zBuf;
+ for(n=0; n<ArraySize(zBuf)-1 && zMod[n]; n++){
+ z[n] = (char)sqlite3UpperToLower[(u8)zMod[n]];
+ }
+ z[n] = 0;
+ switch( z[0] ){
+#ifndef SQLITE_OMIT_LOCALTIME
+ case 'l': {
+ /* localtime
+ **
+ ** Assuming the current time value is UTC (a.k.a. GMT), shift it to
+ ** show local time.
+ */
+ if( strcmp(z, "localtime")==0 ){
+ computeJD(p);
+ p->iJD += localtimeOffset(p, pCtx, &rc);
+ clearYMD_HMS_TZ(p);
+ }
+ break;
+ }
+#endif
+ case 'u': {
+ /*
+ ** unixepoch
+ **
+ ** Treat the current value of p->iJD as the number of
+ ** seconds since 1970. Convert to a real julian day number.
+ */
+ if( strcmp(z, "unixepoch")==0 && p->validJD ){
+ p->iJD = (p->iJD + 43200)/86400 + 21086676*(i64)10000000;
+ clearYMD_HMS_TZ(p);
+ rc = 0;
+ }
+#ifndef SQLITE_OMIT_LOCALTIME
+ else if( strcmp(z, "utc")==0 ){
+ if( p->tzSet==0 ){
+ sqlite3_int64 c1;
+ computeJD(p);
+ c1 = localtimeOffset(p, pCtx, &rc);
+ if( rc==SQLITE_OK ){
+ p->iJD -= c1;
+ clearYMD_HMS_TZ(p);
+ p->iJD += c1 - localtimeOffset(p, pCtx, &rc);
+ }
+ p->tzSet = 1;
+ }else{
+ rc = SQLITE_OK;
+ }
+ }
+#endif
+ break;
+ }
+ case 'w': {
+ /*
+ ** weekday N
+ **
+ ** Move the date to the same time on the next occurrence of
+ ** weekday N where 0==Sunday, 1==Monday, and so forth. If the
+ ** date is already on the appropriate weekday, this is a no-op.
+ */
+ if( strncmp(z, "weekday ", 8)==0
+ && sqlite3AtoF(&z[8], &r, sqlite3Strlen30(&z[8]), SQLITE_UTF8)
+ && (n=(int)r)==r && n>=0 && r<7 ){
+ sqlite3_int64 Z;
+ computeYMD_HMS(p);
+ p->validTZ = 0;
+ p->validJD = 0;
+ computeJD(p);
+ Z = ((p->iJD + 129600000)/86400000) % 7;
+ if( Z>n ) Z -= 7;
+ p->iJD += (n - Z)*86400000;
+ clearYMD_HMS_TZ(p);
+ rc = 0;
+ }
+ break;
+ }
+ case 's': {
+ /*
+ ** start of TTTTT
+ **
+ ** Move the date backwards to the beginning of the current day,
+ ** or month or year.
+ */
+ if( strncmp(z, "start of ", 9)!=0 ) break;
+ z += 9;
+ computeYMD(p);
+ p->validHMS = 1;
+ p->h = p->m = 0;
+ p->s = 0.0;
+ p->validTZ = 0;
+ p->validJD = 0;
+ if( strcmp(z,"month")==0 ){
+ p->D = 1;
+ rc = 0;
+ }else if( strcmp(z,"year")==0 ){
+ computeYMD(p);
+ p->M = 1;
+ p->D = 1;
+ rc = 0;
+ }else if( strcmp(z,"day")==0 ){
+ rc = 0;
+ }
+ break;
+ }
+ case '+':
+ case '-':
+ case '0':
+ case '1':
+ case '2':
+ case '3':
+ case '4':
+ case '5':
+ case '6':
+ case '7':
+ case '8':
+ case '9': {
+ double rRounder;
+ for(n=1; z[n] && z[n]!=':' && !sqlite3Isspace(z[n]); n++){}
+ if( !sqlite3AtoF(z, &r, n, SQLITE_UTF8) ){
+ rc = 1;
+ break;
+ }
+ if( z[n]==':' ){
+ /* A modifier of the form (+|-)HH:MM:SS.FFF adds (or subtracts) the
+ ** specified number of hours, minutes, seconds, and fractional seconds
+ ** to the time. The ".FFF" may be omitted. The ":SS.FFF" may be
+ ** omitted.
+ */
+ const char *z2 = z;
+ DateTime tx;
+ sqlite3_int64 day;
+ if( !sqlite3Isdigit(*z2) ) z2++;
+ memset(&tx, 0, sizeof(tx));
+ if( parseHhMmSs(z2, &tx) ) break;
+ computeJD(&tx);
+ tx.iJD -= 43200000;
+ day = tx.iJD/86400000;
+ tx.iJD -= day*86400000;
+ if( z[0]=='-' ) tx.iJD = -tx.iJD;
+ computeJD(p);
+ clearYMD_HMS_TZ(p);
+ p->iJD += tx.iJD;
+ rc = 0;
+ break;
+ }
+ z += n;
+ while( sqlite3Isspace(*z) ) z++;
+ n = sqlite3Strlen30(z);
+ if( n>10 || n<3 ) break;
+ if( z[n-1]=='s' ){ z[n-1] = 0; n--; }
+ computeJD(p);
+ rc = 0;
+ rRounder = r<0 ? -0.5 : +0.5;
+ if( n==3 && strcmp(z,"day")==0 ){
+ p->iJD += (sqlite3_int64)(r*86400000.0 + rRounder);
+ }else if( n==4 && strcmp(z,"hour")==0 ){
+ p->iJD += (sqlite3_int64)(r*(86400000.0/24.0) + rRounder);
+ }else if( n==6 && strcmp(z,"minute")==0 ){
+ p->iJD += (sqlite3_int64)(r*(86400000.0/(24.0*60.0)) + rRounder);
+ }else if( n==6 && strcmp(z,"second")==0 ){
+ p->iJD += (sqlite3_int64)(r*(86400000.0/(24.0*60.0*60.0)) + rRounder);
+ }else if( n==5 && strcmp(z,"month")==0 ){
+ int x, y;
+ computeYMD_HMS(p);
+ p->M += (int)r;
+ x = p->M>0 ? (p->M-1)/12 : (p->M-12)/12;
+ p->Y += x;
+ p->M -= x*12;
+ p->validJD = 0;
+ computeJD(p);
+ y = (int)r;
+ if( y!=r ){
+ p->iJD += (sqlite3_int64)((r - y)*30.0*86400000.0 + rRounder);
+ }
+ }else if( n==4 && strcmp(z,"year")==0 ){
+ int y = (int)r;
+ computeYMD_HMS(p);
+ p->Y += y;
+ p->validJD = 0;
+ computeJD(p);
+ if( y!=r ){
+ p->iJD += (sqlite3_int64)((r - y)*365.0*86400000.0 + rRounder);
+ }
+ }else{
+ rc = 1;
+ }
+ clearYMD_HMS_TZ(p);
+ break;
+ }
+ default: {
+ break;
+ }
+ }
+ return rc;
+}
+
+/*
+** Process time function arguments. argv[0] is a date-time stamp.
+** argv[1] and following are modifiers. Parse them all and write
+** the resulting time into the DateTime structure p. Return 0
+** on success and 1 if there are any errors.
+**
+** If there are zero parameters (if even argv[0] is undefined)
+** then assume a default value of "now" for argv[0].
+*/
+static int isDate(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv,
+ DateTime *p
+){
+ int i;
+ const unsigned char *z;
+ int eType;
+ memset(p, 0, sizeof(*p));
+ if( argc==0 ){
+ return setDateTimeToCurrent(context, p);
+ }
+ if( (eType = sqlite3_value_type(argv[0]))==SQLITE_FLOAT
+ || eType==SQLITE_INTEGER ){
+ p->iJD = (sqlite3_int64)(sqlite3_value_double(argv[0])*86400000.0 + 0.5);
+ p->validJD = 1;
+ }else{
+ z = sqlite3_value_text(argv[0]);
+ if( !z || parseDateOrTime(context, (char*)z, p) ){
+ return 1;
+ }
+ }
+ for(i=1; i<argc; i++){
+ z = sqlite3_value_text(argv[i]);
+ if( z==0 || parseModifier(context, (char*)z, p) ) return 1;
+ }
+ return 0;
+}
+
+
+/*
+** The following routines implement the various date and time functions
+** of SQLite.
+*/
+
+/*
+** julianday( TIMESTRING, MOD, MOD, ...)
+**
+** Return the julian day number of the date specified in the arguments
+*/
+static void juliandayFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ DateTime x;
+ if( isDate(context, argc, argv, &x)==0 ){
+ computeJD(&x);
+ sqlite3_result_double(context, x.iJD/86400000.0);
+ }
+}
+
+/*
+** datetime( TIMESTRING, MOD, MOD, ...)
+**
+** Return YYYY-MM-DD HH:MM:SS
+*/
+static void datetimeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ DateTime x;
+ if( isDate(context, argc, argv, &x)==0 ){
+ char zBuf[100];
+ computeYMD_HMS(&x);
+ sqlite3_snprintf(sizeof(zBuf), zBuf, "%04d-%02d-%02d %02d:%02d:%02d",
+ x.Y, x.M, x.D, x.h, x.m, (int)(x.s));
+ sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+ }
+}
+
+/*
+** time( TIMESTRING, MOD, MOD, ...)
+**
+** Return HH:MM:SS
+*/
+static void timeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ DateTime x;
+ if( isDate(context, argc, argv, &x)==0 ){
+ char zBuf[100];
+ computeHMS(&x);
+ sqlite3_snprintf(sizeof(zBuf), zBuf, "%02d:%02d:%02d", x.h, x.m, (int)x.s);
+ sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+ }
+}
+
+/*
+** date( TIMESTRING, MOD, MOD, ...)
+**
+** Return YYYY-MM-DD
+*/
+static void dateFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ DateTime x;
+ if( isDate(context, argc, argv, &x)==0 ){
+ char zBuf[100];
+ computeYMD(&x);
+ sqlite3_snprintf(sizeof(zBuf), zBuf, "%04d-%02d-%02d", x.Y, x.M, x.D);
+ sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+ }
+}
+
+/*
+** strftime( FORMAT, TIMESTRING, MOD, MOD, ...)
+**
+** Return a string described by FORMAT. Conversions as follows:
+**
+** %d day of month
+** %f ** fractional seconds SS.SSS
+** %H hour 00-24
+** %j day of year 000-366
+** %J ** julian day number
+** %m month 01-12
+** %M minute 00-59
+** %s seconds since 1970-01-01
+** %S seconds 00-59
+** %w day of week 0-6 sunday==0
+** %W week of year 00-53
+** %Y year 0000-9999
+** %% %
+*/
+static void strftimeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ DateTime x;
+ u64 n;
+ size_t i,j;
+ char *z;
+ sqlite3 *db;
+ const char *zFmt;
+ char zBuf[100];
+ if( argc==0 ) return;
+ zFmt = (const char*)sqlite3_value_text(argv[0]);
+ if( zFmt==0 || isDate(context, argc-1, argv+1, &x) ) return;
+ db = sqlite3_context_db_handle(context);
+ for(i=0, n=1; zFmt[i]; i++, n++){
+ if( zFmt[i]=='%' ){
+ switch( zFmt[i+1] ){
+ case 'd':
+ case 'H':
+ case 'm':
+ case 'M':
+ case 'S':
+ case 'W':
+ n++;
+ /* fall thru */
+ case 'w':
+ case '%':
+ break;
+ case 'f':
+ n += 8;
+ break;
+ case 'j':
+ n += 3;
+ break;
+ case 'Y':
+ n += 8;
+ break;
+ case 's':
+ case 'J':
+ n += 50;
+ break;
+ default:
+ return; /* ERROR. return a NULL */
+ }
+ i++;
+ }
+ }
+ testcase( n==sizeof(zBuf)-1 );
+ testcase( n==sizeof(zBuf) );
+ testcase( n==(u64)db->aLimit[SQLITE_LIMIT_LENGTH]+1 );
+ testcase( n==(u64)db->aLimit[SQLITE_LIMIT_LENGTH] );
+ if( n<sizeof(zBuf) ){
+ z = zBuf;
+ }else if( n>(u64)db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ sqlite3_result_error_toobig(context);
+ return;
+ }else{
+ z = sqlite3DbMallocRaw(db, (int)n);
+ if( z==0 ){
+ sqlite3_result_error_nomem(context);
+ return;
+ }
+ }
+ computeJD(&x);
+ computeYMD_HMS(&x);
+ for(i=j=0; zFmt[i]; i++){
+ if( zFmt[i]!='%' ){
+ z[j++] = zFmt[i];
+ }else{
+ i++;
+ switch( zFmt[i] ){
+ case 'd': sqlite3_snprintf(3, &z[j],"%02d",x.D); j+=2; break;
+ case 'f': {
+ double s = x.s;
+ if( s>59.999 ) s = 59.999;
+ sqlite3_snprintf(7, &z[j],"%06.3f", s);
+ j += sqlite3Strlen30(&z[j]);
+ break;
+ }
+ case 'H': sqlite3_snprintf(3, &z[j],"%02d",x.h); j+=2; break;
+ case 'W': /* Fall thru */
+ case 'j': {
+ int nDay; /* Number of days since 1st day of year */
+ DateTime y = x;
+ y.validJD = 0;
+ y.M = 1;
+ y.D = 1;
+ computeJD(&y);
+ nDay = (int)((x.iJD-y.iJD+43200000)/86400000);
+ if( zFmt[i]=='W' ){
+ int wd; /* 0=Monday, 1=Tuesday, ... 6=Sunday */
+ wd = (int)(((x.iJD+43200000)/86400000)%7);
+ sqlite3_snprintf(3, &z[j],"%02d",(nDay+7-wd)/7);
+ j += 2;
+ }else{
+ sqlite3_snprintf(4, &z[j],"%03d",nDay+1);
+ j += 3;
+ }
+ break;
+ }
+ case 'J': {
+ sqlite3_snprintf(20, &z[j],"%.16g",x.iJD/86400000.0);
+ j+=sqlite3Strlen30(&z[j]);
+ break;
+ }
+ case 'm': sqlite3_snprintf(3, &z[j],"%02d",x.M); j+=2; break;
+ case 'M': sqlite3_snprintf(3, &z[j],"%02d",x.m); j+=2; break;
+ case 's': {
+ sqlite3_snprintf(30,&z[j],"%lld",
+ (i64)(x.iJD/1000 - 21086676*(i64)10000));
+ j += sqlite3Strlen30(&z[j]);
+ break;
+ }
+ case 'S': sqlite3_snprintf(3,&z[j],"%02d",(int)x.s); j+=2; break;
+ case 'w': {
+ z[j++] = (char)(((x.iJD+129600000)/86400000) % 7) + '0';
+ break;
+ }
+ case 'Y': {
+ sqlite3_snprintf(5,&z[j],"%04d",x.Y); j+=sqlite3Strlen30(&z[j]);
+ break;
+ }
+ default: z[j++] = '%'; break;
+ }
+ }
+ }
+ z[j] = 0;
+ sqlite3_result_text(context, z, -1,
+ z==zBuf ? SQLITE_TRANSIENT : SQLITE_DYNAMIC);
+}
+
+/*
+** current_time()
+**
+** This function returns the same value as time('now').
+*/
+static void ctimeFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ timeFunc(context, 0, 0);
+}
+
+/*
+** current_date()
+**
+** This function returns the same value as date('now').
+*/
+static void cdateFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ dateFunc(context, 0, 0);
+}
+
+/*
+** current_timestamp()
+**
+** This function returns the same value as datetime('now').
+*/
+static void ctimestampFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ datetimeFunc(context, 0, 0);
+}
+#endif /* !defined(SQLITE_OMIT_DATETIME_FUNCS) */
+
+#ifdef SQLITE_OMIT_DATETIME_FUNCS
+/*
+** If the library is compiled to omit the full-scale date and time
+** handling (to get a smaller binary), the following minimal version
+** of the functions current_time(), current_date() and current_timestamp()
+** are included instead. This is to support column declarations that
+** include "DEFAULT CURRENT_TIME" etc.
+**
+** This function uses the C-library functions time(), gmtime()
+** and strftime(). The format string to pass to strftime() is supplied
+** as the user-data for the function.
+*/
+static void currentTimeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ time_t t;
+ char *zFormat = (char *)sqlite3_user_data(context);
+ sqlite3 *db;
+ sqlite3_int64 iT;
+ struct tm *pTm;
+ struct tm sNow;
+ char zBuf[20];
+
+ UNUSED_PARAMETER(argc);
+ UNUSED_PARAMETER(argv);
+
+ iT = sqlite3StmtCurrentTime(context);
+ if( iT<=0 ) return;
+ t = iT/1000 - 10000*(sqlite3_int64)21086676;
+#if HAVE_GMTIME_R
+ pTm = gmtime_r(&t, &sNow);
+#else
+ sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER));
+ pTm = gmtime(&t);
+ if( pTm ) memcpy(&sNow, pTm, sizeof(sNow));
+ sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER));
+#endif
+ if( pTm ){
+ strftime(zBuf, 20, zFormat, &sNow);
+ sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+ }
+}
+#endif
+
+/*
+** This function registered all of the above C functions as SQL
+** functions. This should be the only routine in this file with
+** external linkage.
+*/
+SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void){
+ static SQLITE_WSD FuncDef aDateTimeFuncs[] = {
+#ifndef SQLITE_OMIT_DATETIME_FUNCS
+ DFUNCTION(julianday, -1, 0, 0, juliandayFunc ),
+ DFUNCTION(date, -1, 0, 0, dateFunc ),
+ DFUNCTION(time, -1, 0, 0, timeFunc ),
+ DFUNCTION(datetime, -1, 0, 0, datetimeFunc ),
+ DFUNCTION(strftime, -1, 0, 0, strftimeFunc ),
+ DFUNCTION(current_time, 0, 0, 0, ctimeFunc ),
+ DFUNCTION(current_timestamp, 0, 0, 0, ctimestampFunc),
+ DFUNCTION(current_date, 0, 0, 0, cdateFunc ),
+#else
+ STR_FUNCTION(current_time, 0, "%H:%M:%S", 0, currentTimeFunc),
+ STR_FUNCTION(current_date, 0, "%Y-%m-%d", 0, currentTimeFunc),
+ STR_FUNCTION(current_timestamp, 0, "%Y-%m-%d %H:%M:%S", 0, currentTimeFunc),
+#endif
+ };
+ int i;
+ FuncDefHash *pHash = &GLOBAL(FuncDefHash, sqlite3GlobalFunctions);
+ FuncDef *aFunc = (FuncDef*)&GLOBAL(FuncDef, aDateTimeFuncs);
+
+ for(i=0; i<ArraySize(aDateTimeFuncs); i++){
+ sqlite3FuncDefInsert(pHash, &aFunc[i]);
+ }
+}
+
+/************** End of date.c ************************************************/
+/************** Begin file os.c **********************************************/
+/*
+** 2005 November 29
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains OS interface code that is common to all
+** architectures.
+*/
+#define _SQLITE_OS_C_ 1
+/* #include "sqliteInt.h" */
+#undef _SQLITE_OS_C_
+
+/*
+** The default SQLite sqlite3_vfs implementations do not allocate
+** memory (actually, os_unix.c allocates a small amount of memory
+** from within OsOpen()), but some third-party implementations may.
+** So we test the effects of a malloc() failing and the sqlite3OsXXX()
+** function returning SQLITE_IOERR_NOMEM using the DO_OS_MALLOC_TEST macro.
+**
+** The following functions are instrumented for malloc() failure
+** testing:
+**
+** sqlite3OsRead()
+** sqlite3OsWrite()
+** sqlite3OsSync()
+** sqlite3OsFileSize()
+** sqlite3OsLock()
+** sqlite3OsCheckReservedLock()
+** sqlite3OsFileControl()
+** sqlite3OsShmMap()
+** sqlite3OsOpen()
+** sqlite3OsDelete()
+** sqlite3OsAccess()
+** sqlite3OsFullPathname()
+**
+*/
+#if defined(SQLITE_TEST)
+SQLITE_API int sqlite3_memdebug_vfs_oom_test = 1;
+ #define DO_OS_MALLOC_TEST(x) \
+ if (sqlite3_memdebug_vfs_oom_test && (!x || !sqlite3IsMemJournal(x))) { \
+ void *pTstAlloc = sqlite3Malloc(10); \
+ if (!pTstAlloc) return SQLITE_IOERR_NOMEM; \
+ sqlite3_free(pTstAlloc); \
+ }
+#else
+ #define DO_OS_MALLOC_TEST(x)
+#endif
+
+/*
+** The following routines are convenience wrappers around methods
+** of the sqlite3_file object. This is mostly just syntactic sugar. All
+** of this would be completely automatic if SQLite were coded using
+** C++ instead of plain old C.
+*/
+SQLITE_PRIVATE int sqlite3OsClose(sqlite3_file *pId){
+ int rc = SQLITE_OK;
+ if( pId->pMethods ){
+ rc = pId->pMethods->xClose(pId);
+ pId->pMethods = 0;
+ }
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3OsRead(sqlite3_file *id, void *pBuf, int amt, i64 offset){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xRead(id, pBuf, amt, offset);
+}
+SQLITE_PRIVATE int sqlite3OsWrite(sqlite3_file *id, const void *pBuf, int amt, i64 offset){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xWrite(id, pBuf, amt, offset);
+}
+SQLITE_PRIVATE int sqlite3OsTruncate(sqlite3_file *id, i64 size){
+ return id->pMethods->xTruncate(id, size);
+}
+SQLITE_PRIVATE int sqlite3OsSync(sqlite3_file *id, int flags){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xSync(id, flags);
+}
+SQLITE_PRIVATE int sqlite3OsFileSize(sqlite3_file *id, i64 *pSize){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xFileSize(id, pSize);
+}
+SQLITE_PRIVATE int sqlite3OsLock(sqlite3_file *id, int lockType){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xLock(id, lockType);
+}
+SQLITE_PRIVATE int sqlite3OsUnlock(sqlite3_file *id, int lockType){
+ return id->pMethods->xUnlock(id, lockType);
+}
+SQLITE_PRIVATE int sqlite3OsCheckReservedLock(sqlite3_file *id, int *pResOut){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xCheckReservedLock(id, pResOut);
+}
+
+/*
+** Use sqlite3OsFileControl() when we are doing something that might fail
+** and we need to know about the failures. Use sqlite3OsFileControlHint()
+** when simply tossing information over the wall to the VFS and we do not
+** really care if the VFS receives and understands the information since it
+** is only a hint and can be safely ignored. The sqlite3OsFileControlHint()
+** routine has no return value since the return value would be meaningless.
+*/
+SQLITE_PRIVATE int sqlite3OsFileControl(sqlite3_file *id, int op, void *pArg){
+#ifdef SQLITE_TEST
+ if( op!=SQLITE_FCNTL_COMMIT_PHASETWO ){
+ /* Faults are not injected into COMMIT_PHASETWO because, assuming SQLite
+ ** is using a regular VFS, it is called after the corresponding
+ ** transaction has been committed. Injecting a fault at this point
+ ** confuses the test scripts - the COMMIT comand returns SQLITE_NOMEM
+ ** but the transaction is committed anyway.
+ **
+ ** The core must call OsFileControl() though, not OsFileControlHint(),
+ ** as if a custom VFS (e.g. zipvfs) returns an error here, it probably
+ ** means the commit really has failed and an error should be returned
+ ** to the user. */
+ DO_OS_MALLOC_TEST(id);
+ }
+#endif
+ return id->pMethods->xFileControl(id, op, pArg);
+}
+SQLITE_PRIVATE void sqlite3OsFileControlHint(sqlite3_file *id, int op, void *pArg){
+ (void)id->pMethods->xFileControl(id, op, pArg);
+}
+
+SQLITE_PRIVATE int sqlite3OsSectorSize(sqlite3_file *id){
+ int (*xSectorSize)(sqlite3_file*) = id->pMethods->xSectorSize;
+ return (xSectorSize ? xSectorSize(id) : SQLITE_DEFAULT_SECTOR_SIZE);
+}
+SQLITE_PRIVATE int sqlite3OsDeviceCharacteristics(sqlite3_file *id){
+ return id->pMethods->xDeviceCharacteristics(id);
+}
+SQLITE_PRIVATE int sqlite3OsShmLock(sqlite3_file *id, int offset, int n, int flags){
+ return id->pMethods->xShmLock(id, offset, n, flags);
+}
+SQLITE_PRIVATE void sqlite3OsShmBarrier(sqlite3_file *id){
+ id->pMethods->xShmBarrier(id);
+}
+SQLITE_PRIVATE int sqlite3OsShmUnmap(sqlite3_file *id, int deleteFlag){
+ return id->pMethods->xShmUnmap(id, deleteFlag);
+}
+SQLITE_PRIVATE int sqlite3OsShmMap(
+ sqlite3_file *id, /* Database file handle */
+ int iPage,
+ int pgsz,
+ int bExtend, /* True to extend file if necessary */
+ void volatile **pp /* OUT: Pointer to mapping */
+){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xShmMap(id, iPage, pgsz, bExtend, pp);
+}
+
+#if SQLITE_MAX_MMAP_SIZE>0
+/* The real implementation of xFetch and xUnfetch */
+SQLITE_PRIVATE int sqlite3OsFetch(sqlite3_file *id, i64 iOff, int iAmt, void **pp){
+ DO_OS_MALLOC_TEST(id);
+ return id->pMethods->xFetch(id, iOff, iAmt, pp);
+}
+SQLITE_PRIVATE int sqlite3OsUnfetch(sqlite3_file *id, i64 iOff, void *p){
+ return id->pMethods->xUnfetch(id, iOff, p);
+}
+#else
+/* No-op stubs to use when memory-mapped I/O is disabled */
+SQLITE_PRIVATE int sqlite3OsFetch(sqlite3_file *id, i64 iOff, int iAmt, void **pp){
+ *pp = 0;
+ return SQLITE_OK;
+}
+SQLITE_PRIVATE int sqlite3OsUnfetch(sqlite3_file *id, i64 iOff, void *p){
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** The next group of routines are convenience wrappers around the
+** VFS methods.
+*/
+SQLITE_PRIVATE int sqlite3OsOpen(
+ sqlite3_vfs *pVfs,
+ const char *zPath,
+ sqlite3_file *pFile,
+ int flags,
+ int *pFlagsOut
+){
+ int rc;
+ DO_OS_MALLOC_TEST(0);
+ /* 0x87f7f is a mask of SQLITE_OPEN_ flags that are valid to be passed
+ ** down into the VFS layer. Some SQLITE_OPEN_ flags (for example,
+ ** SQLITE_OPEN_FULLMUTEX or SQLITE_OPEN_SHAREDCACHE) are blocked before
+ ** reaching the VFS. */
+ rc = pVfs->xOpen(pVfs, zPath, pFile, flags & 0x87f7f, pFlagsOut);
+ assert( rc==SQLITE_OK || pFile->pMethods==0 );
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3OsDelete(sqlite3_vfs *pVfs, const char *zPath, int dirSync){
+ DO_OS_MALLOC_TEST(0);
+ assert( dirSync==0 || dirSync==1 );
+ return pVfs->xDelete(pVfs, zPath, dirSync);
+}
+SQLITE_PRIVATE int sqlite3OsAccess(
+ sqlite3_vfs *pVfs,
+ const char *zPath,
+ int flags,
+ int *pResOut
+){
+ DO_OS_MALLOC_TEST(0);
+ return pVfs->xAccess(pVfs, zPath, flags, pResOut);
+}
+SQLITE_PRIVATE int sqlite3OsFullPathname(
+ sqlite3_vfs *pVfs,
+ const char *zPath,
+ int nPathOut,
+ char *zPathOut
+){
+ DO_OS_MALLOC_TEST(0);
+ zPathOut[0] = 0;
+ return pVfs->xFullPathname(pVfs, zPath, nPathOut, zPathOut);
+}
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+SQLITE_PRIVATE void *sqlite3OsDlOpen(sqlite3_vfs *pVfs, const char *zPath){
+ return pVfs->xDlOpen(pVfs, zPath);
+}
+SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs *pVfs, int nByte, char *zBufOut){
+ pVfs->xDlError(pVfs, nByte, zBufOut);
+}
+SQLITE_PRIVATE void (*sqlite3OsDlSym(sqlite3_vfs *pVfs, void *pHdle, const char *zSym))(void){
+ return pVfs->xDlSym(pVfs, pHdle, zSym);
+}
+SQLITE_PRIVATE void sqlite3OsDlClose(sqlite3_vfs *pVfs, void *pHandle){
+ pVfs->xDlClose(pVfs, pHandle);
+}
+#endif /* SQLITE_OMIT_LOAD_EXTENSION */
+SQLITE_PRIVATE int sqlite3OsRandomness(sqlite3_vfs *pVfs, int nByte, char *zBufOut){
+ return pVfs->xRandomness(pVfs, nByte, zBufOut);
+}
+SQLITE_PRIVATE int sqlite3OsSleep(sqlite3_vfs *pVfs, int nMicro){
+ return pVfs->xSleep(pVfs, nMicro);
+}
+SQLITE_PRIVATE int sqlite3OsCurrentTimeInt64(sqlite3_vfs *pVfs, sqlite3_int64 *pTimeOut){
+ int rc;
+ /* IMPLEMENTATION-OF: R-49045-42493 SQLite will use the xCurrentTimeInt64()
+ ** method to get the current date and time if that method is available
+ ** (if iVersion is 2 or greater and the function pointer is not NULL) and
+ ** will fall back to xCurrentTime() if xCurrentTimeInt64() is
+ ** unavailable.
+ */
+ if( pVfs->iVersion>=2 && pVfs->xCurrentTimeInt64 ){
+ rc = pVfs->xCurrentTimeInt64(pVfs, pTimeOut);
+ }else{
+ double r;
+ rc = pVfs->xCurrentTime(pVfs, &r);
+ *pTimeOut = (sqlite3_int64)(r*86400000.0);
+ }
+ return rc;
+}
+
+SQLITE_PRIVATE int sqlite3OsOpenMalloc(
+ sqlite3_vfs *pVfs,
+ const char *zFile,
+ sqlite3_file **ppFile,
+ int flags,
+ int *pOutFlags
+){
+ int rc = SQLITE_NOMEM;
+ sqlite3_file *pFile;
+ pFile = (sqlite3_file *)sqlite3MallocZero(pVfs->szOsFile);
+ if( pFile ){
+ rc = sqlite3OsOpen(pVfs, zFile, pFile, flags, pOutFlags);
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(pFile);
+ }else{
+ *ppFile = pFile;
+ }
+ }
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3OsCloseFree(sqlite3_file *pFile){
+ int rc = SQLITE_OK;
+ assert( pFile );
+ rc = sqlite3OsClose(pFile);
+ sqlite3_free(pFile);
+ return rc;
+}
+
+/*
+** This function is a wrapper around the OS specific implementation of
+** sqlite3_os_init(). The purpose of the wrapper is to provide the
+** ability to simulate a malloc failure, so that the handling of an
+** error in sqlite3_os_init() by the upper layers can be tested.
+*/
+SQLITE_PRIVATE int sqlite3OsInit(void){
+ void *p = sqlite3_malloc(10);
+ if( p==0 ) return SQLITE_NOMEM;
+ sqlite3_free(p);
+ return sqlite3_os_init();
+}
+
+/*
+** The list of all registered VFS implementations.
+*/
+static sqlite3_vfs * SQLITE_WSD vfsList = 0;
+#define vfsList GLOBAL(sqlite3_vfs *, vfsList)
+
+/*
+** Locate a VFS by name. If no name is given, simply return the
+** first VFS on the list.
+*/
+SQLITE_API sqlite3_vfs *SQLITE_STDCALL sqlite3_vfs_find(const char *zVfs){
+ sqlite3_vfs *pVfs = 0;
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex;
+#endif
+#ifndef SQLITE_OMIT_AUTOINIT
+ int rc = sqlite3_initialize();
+ if( rc ) return 0;
+#endif
+#if SQLITE_THREADSAFE
+ mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ sqlite3_mutex_enter(mutex);
+ for(pVfs = vfsList; pVfs; pVfs=pVfs->pNext){
+ if( zVfs==0 ) break;
+ if( strcmp(zVfs, pVfs->zName)==0 ) break;
+ }
+ sqlite3_mutex_leave(mutex);
+ return pVfs;
+}
+
+/*
+** Unlink a VFS from the linked list
+*/
+static void vfsUnlink(sqlite3_vfs *pVfs){
+ assert( sqlite3_mutex_held(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER)) );
+ if( pVfs==0 ){
+ /* No-op */
+ }else if( vfsList==pVfs ){
+ vfsList = pVfs->pNext;
+ }else if( vfsList ){
+ sqlite3_vfs *p = vfsList;
+ while( p->pNext && p->pNext!=pVfs ){
+ p = p->pNext;
+ }
+ if( p->pNext==pVfs ){
+ p->pNext = pVfs->pNext;
+ }
+ }
+}
+
+/*
+** Register a VFS with the system. It is harmless to register the same
+** VFS multiple times. The new VFS becomes the default if makeDflt is
+** true.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_vfs_register(sqlite3_vfs *pVfs, int makeDflt){
+ MUTEX_LOGIC(sqlite3_mutex *mutex;)
+#ifndef SQLITE_OMIT_AUTOINIT
+ int rc = sqlite3_initialize();
+ if( rc ) return rc;
+#endif
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( pVfs==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+
+ MUTEX_LOGIC( mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER); )
+ sqlite3_mutex_enter(mutex);
+ vfsUnlink(pVfs);
+ if( makeDflt || vfsList==0 ){
+ pVfs->pNext = vfsList;
+ vfsList = pVfs;
+ }else{
+ pVfs->pNext = vfsList->pNext;
+ vfsList->pNext = pVfs;
+ }
+ assert(vfsList);
+ sqlite3_mutex_leave(mutex);
+ return SQLITE_OK;
+}
+
+/*
+** Unregister a VFS so that it is no longer accessible.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_vfs_unregister(sqlite3_vfs *pVfs){
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ sqlite3_mutex_enter(mutex);
+ vfsUnlink(pVfs);
+ sqlite3_mutex_leave(mutex);
+ return SQLITE_OK;
+}
+
+/************** End of os.c **************************************************/
+/************** Begin file fault.c *******************************************/
+/*
+** 2008 Jan 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code to support the concept of "benign"
+** malloc failures (when the xMalloc() or xRealloc() method of the
+** sqlite3_mem_methods structure fails to allocate a block of memory
+** and returns 0).
+**
+** Most malloc failures are non-benign. After they occur, SQLite
+** abandons the current operation and returns an error code (usually
+** SQLITE_NOMEM) to the user. However, sometimes a fault is not necessarily
+** fatal. For example, if a malloc fails while resizing a hash table, this
+** is completely recoverable simply by not carrying out the resize. The
+** hash table will continue to function normally. So a malloc failure
+** during a hash table resize is a benign fault.
+*/
+
+/* #include "sqliteInt.h" */
+
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+
+/*
+** Global variables.
+*/
+typedef struct BenignMallocHooks BenignMallocHooks;
+static SQLITE_WSD struct BenignMallocHooks {
+ void (*xBenignBegin)(void);
+ void (*xBenignEnd)(void);
+} sqlite3Hooks = { 0, 0 };
+
+/* The "wsdHooks" macro will resolve to the appropriate BenignMallocHooks
+** structure. If writable static data is unsupported on the target,
+** we have to locate the state vector at run-time. In the more common
+** case where writable static data is supported, wsdHooks can refer directly
+** to the "sqlite3Hooks" state vector declared above.
+*/
+#ifdef SQLITE_OMIT_WSD
+# define wsdHooksInit \
+ BenignMallocHooks *x = &GLOBAL(BenignMallocHooks,sqlite3Hooks)
+# define wsdHooks x[0]
+#else
+# define wsdHooksInit
+# define wsdHooks sqlite3Hooks
+#endif
+
+
+/*
+** Register hooks to call when sqlite3BeginBenignMalloc() and
+** sqlite3EndBenignMalloc() are called, respectively.
+*/
+SQLITE_PRIVATE void sqlite3BenignMallocHooks(
+ void (*xBenignBegin)(void),
+ void (*xBenignEnd)(void)
+){
+ wsdHooksInit;
+ wsdHooks.xBenignBegin = xBenignBegin;
+ wsdHooks.xBenignEnd = xBenignEnd;
+}
+
+/*
+** This (sqlite3EndBenignMalloc()) is called by SQLite code to indicate that
+** subsequent malloc failures are benign. A call to sqlite3EndBenignMalloc()
+** indicates that subsequent malloc failures are non-benign.
+*/
+SQLITE_PRIVATE void sqlite3BeginBenignMalloc(void){
+ wsdHooksInit;
+ if( wsdHooks.xBenignBegin ){
+ wsdHooks.xBenignBegin();
+ }
+}
+SQLITE_PRIVATE void sqlite3EndBenignMalloc(void){
+ wsdHooksInit;
+ if( wsdHooks.xBenignEnd ){
+ wsdHooks.xBenignEnd();
+ }
+}
+
+#endif /* #ifndef SQLITE_OMIT_BUILTIN_TEST */
+
+/************** End of fault.c ***********************************************/
+/************** Begin file mem0.c ********************************************/
+/*
+** 2008 October 28
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains a no-op memory allocation drivers for use when
+** SQLITE_ZERO_MALLOC is defined. The allocation drivers implemented
+** here always fail. SQLite will not operate with these drivers. These
+** are merely placeholders. Real drivers must be substituted using
+** sqlite3_config() before SQLite will operate.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** This version of the memory allocator is the default. It is
+** used when no other memory allocator is specified using compile-time
+** macros.
+*/
+#ifdef SQLITE_ZERO_MALLOC
+
+/*
+** No-op versions of all memory allocation routines
+*/
+static void *sqlite3MemMalloc(int nByte){ return 0; }
+static void sqlite3MemFree(void *pPrior){ return; }
+static void *sqlite3MemRealloc(void *pPrior, int nByte){ return 0; }
+static int sqlite3MemSize(void *pPrior){ return 0; }
+static int sqlite3MemRoundup(int n){ return n; }
+static int sqlite3MemInit(void *NotUsed){ return SQLITE_OK; }
+static void sqlite3MemShutdown(void *NotUsed){ return; }
+
+/*
+** This routine is the only routine in this file with external linkage.
+**
+** Populate the low-level memory allocation function pointers in
+** sqlite3GlobalConfig.m with pointers to the routines in this file.
+*/
+SQLITE_PRIVATE void sqlite3MemSetDefault(void){
+ static const sqlite3_mem_methods defaultMethods = {
+ sqlite3MemMalloc,
+ sqlite3MemFree,
+ sqlite3MemRealloc,
+ sqlite3MemSize,
+ sqlite3MemRoundup,
+ sqlite3MemInit,
+ sqlite3MemShutdown,
+ 0
+ };
+ sqlite3_config(SQLITE_CONFIG_MALLOC, &defaultMethods);
+}
+
+#endif /* SQLITE_ZERO_MALLOC */
+
+/************** End of mem0.c ************************************************/
+/************** Begin file mem1.c ********************************************/
+/*
+** 2007 August 14
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains low-level memory allocation drivers for when
+** SQLite will use the standard C-library malloc/realloc/free interface
+** to obtain the memory it needs.
+**
+** This file contains implementations of the low-level memory allocation
+** routines specified in the sqlite3_mem_methods object. The content of
+** this file is only used if SQLITE_SYSTEM_MALLOC is defined. The
+** SQLITE_SYSTEM_MALLOC macro is defined automatically if neither the
+** SQLITE_MEMDEBUG nor the SQLITE_WIN32_MALLOC macros are defined. The
+** default configuration is to use memory allocation routines in this
+** file.
+**
+** C-preprocessor macro summary:
+**
+** HAVE_MALLOC_USABLE_SIZE The configure script sets this symbol if
+** the malloc_usable_size() interface exists
+** on the target platform. Or, this symbol
+** can be set manually, if desired.
+** If an equivalent interface exists by
+** a different name, using a separate -D
+** option to rename it.
+**
+** SQLITE_WITHOUT_ZONEMALLOC Some older macs lack support for the zone
+** memory allocator. Set this symbol to enable
+** building on older macs.
+**
+** SQLITE_WITHOUT_MSIZE Set this symbol to disable the use of
+** _msize() on windows systems. This might
+** be necessary when compiling for Delphi,
+** for example.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** This version of the memory allocator is the default. It is
+** used when no other memory allocator is specified using compile-time
+** macros.
+*/
+#ifdef SQLITE_SYSTEM_MALLOC
+#if defined(__APPLE__) && !defined(SQLITE_WITHOUT_ZONEMALLOC)
+
+/*
+** Use the zone allocator available on apple products unless the
+** SQLITE_WITHOUT_ZONEMALLOC symbol is defined.
+*/
+#include <sys/sysctl.h>
+#include <malloc/malloc.h>
+#include <libkern/OSAtomic.h>
+static malloc_zone_t* _sqliteZone_;
+#define SQLITE_MALLOC(x) malloc_zone_malloc(_sqliteZone_, (x))
+#define SQLITE_FREE(x) malloc_zone_free(_sqliteZone_, (x));
+#define SQLITE_REALLOC(x,y) malloc_zone_realloc(_sqliteZone_, (x), (y))
+#define SQLITE_MALLOCSIZE(x) \
+ (_sqliteZone_ ? _sqliteZone_->size(_sqliteZone_,x) : malloc_size(x))
+
+#else /* if not __APPLE__ */
+
+/*
+** Use standard C library malloc and free on non-Apple systems.
+** Also used by Apple systems if SQLITE_WITHOUT_ZONEMALLOC is defined.
+*/
+#define SQLITE_MALLOC(x) malloc(x)
+#define SQLITE_FREE(x) free(x)
+#define SQLITE_REALLOC(x,y) realloc((x),(y))
+
+/*
+** The malloc.h header file is needed for malloc_usable_size() function
+** on some systems (e.g. Linux).
+*/
+#if HAVE_MALLOC_H && HAVE_MALLOC_USABLE_SIZE
+# define SQLITE_USE_MALLOC_H 1
+# define SQLITE_USE_MALLOC_USABLE_SIZE 1
+/*
+** The MSVCRT has malloc_usable_size(), but it is called _msize(). The
+** use of _msize() is automatic, but can be disabled by compiling with
+** -DSQLITE_WITHOUT_MSIZE. Using the _msize() function also requires
+** the malloc.h header file.
+*/
+#elif defined(_MSC_VER) && !defined(SQLITE_WITHOUT_MSIZE)
+# define SQLITE_USE_MALLOC_H
+# define SQLITE_USE_MSIZE
+#endif
+
+/*
+** Include the malloc.h header file, if necessary. Also set define macro
+** SQLITE_MALLOCSIZE to the appropriate function name, which is _msize()
+** for MSVC and malloc_usable_size() for most other systems (e.g. Linux).
+** The memory size function can always be overridden manually by defining
+** the macro SQLITE_MALLOCSIZE to the desired function name.
+*/
+#if defined(SQLITE_USE_MALLOC_H)
+# include <malloc.h>
+# if defined(SQLITE_USE_MALLOC_USABLE_SIZE)
+# if !defined(SQLITE_MALLOCSIZE)
+# define SQLITE_MALLOCSIZE(x) malloc_usable_size(x)
+# endif
+# elif defined(SQLITE_USE_MSIZE)
+# if !defined(SQLITE_MALLOCSIZE)
+# define SQLITE_MALLOCSIZE _msize
+# endif
+# endif
+#endif /* defined(SQLITE_USE_MALLOC_H) */
+
+#endif /* __APPLE__ or not __APPLE__ */
+
+/*
+** Like malloc(), but remember the size of the allocation
+** so that we can find it later using sqlite3MemSize().
+**
+** For this low-level routine, we are guaranteed that nByte>0 because
+** cases of nByte<=0 will be intercepted and dealt with by higher level
+** routines.
+*/
+static void *sqlite3MemMalloc(int nByte){
+#ifdef SQLITE_MALLOCSIZE
+ void *p = SQLITE_MALLOC( nByte );
+ if( p==0 ){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_NOMEM, "failed to allocate %u bytes of memory", nByte);
+ }
+ return p;
+#else
+ sqlite3_int64 *p;
+ assert( nByte>0 );
+ nByte = ROUND8(nByte);
+ p = SQLITE_MALLOC( nByte+8 );
+ if( p ){
+ p[0] = nByte;
+ p++;
+ }else{
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_NOMEM, "failed to allocate %u bytes of memory", nByte);
+ }
+ return (void *)p;
+#endif
+}
+
+/*
+** Like free() but works for allocations obtained from sqlite3MemMalloc()
+** or sqlite3MemRealloc().
+**
+** For this low-level routine, we already know that pPrior!=0 since
+** cases where pPrior==0 will have been intecepted and dealt with
+** by higher-level routines.
+*/
+static void sqlite3MemFree(void *pPrior){
+#ifdef SQLITE_MALLOCSIZE
+ SQLITE_FREE(pPrior);
+#else
+ sqlite3_int64 *p = (sqlite3_int64*)pPrior;
+ assert( pPrior!=0 );
+ p--;
+ SQLITE_FREE(p);
+#endif
+}
+
+/*
+** Report the allocated size of a prior return from xMalloc()
+** or xRealloc().
+*/
+static int sqlite3MemSize(void *pPrior){
+#ifdef SQLITE_MALLOCSIZE
+ assert( pPrior!=0 );
+ return (int)SQLITE_MALLOCSIZE(pPrior);
+#else
+ sqlite3_int64 *p;
+ assert( pPrior!=0 );
+ p = (sqlite3_int64*)pPrior;
+ p--;
+ return (int)p[0];
+#endif
+}
+
+/*
+** Like realloc(). Resize an allocation previously obtained from
+** sqlite3MemMalloc().
+**
+** For this low-level interface, we know that pPrior!=0. Cases where
+** pPrior==0 while have been intercepted by higher-level routine and
+** redirected to xMalloc. Similarly, we know that nByte>0 because
+** cases where nByte<=0 will have been intercepted by higher-level
+** routines and redirected to xFree.
+*/
+static void *sqlite3MemRealloc(void *pPrior, int nByte){
+#ifdef SQLITE_MALLOCSIZE
+ void *p = SQLITE_REALLOC(pPrior, nByte);
+ if( p==0 ){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_NOMEM,
+ "failed memory resize %u to %u bytes",
+ SQLITE_MALLOCSIZE(pPrior), nByte);
+ }
+ return p;
+#else
+ sqlite3_int64 *p = (sqlite3_int64*)pPrior;
+ assert( pPrior!=0 && nByte>0 );
+ assert( nByte==ROUND8(nByte) ); /* EV: R-46199-30249 */
+ p--;
+ p = SQLITE_REALLOC(p, nByte+8 );
+ if( p ){
+ p[0] = nByte;
+ p++;
+ }else{
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_NOMEM,
+ "failed memory resize %u to %u bytes",
+ sqlite3MemSize(pPrior), nByte);
+ }
+ return (void*)p;
+#endif
+}
+
+/*
+** Round up a request size to the next valid allocation size.
+*/
+static int sqlite3MemRoundup(int n){
+ return ROUND8(n);
+}
+
+/*
+** Initialize this module.
+*/
+static int sqlite3MemInit(void *NotUsed){
+#if defined(__APPLE__) && !defined(SQLITE_WITHOUT_ZONEMALLOC)
+ int cpuCount;
+ size_t len;
+ if( _sqliteZone_ ){
+ return SQLITE_OK;
+ }
+ len = sizeof(cpuCount);
+ /* One usually wants to use hw.acctivecpu for MT decisions, but not here */
+ sysctlbyname("hw.ncpu", &cpuCount, &len, NULL, 0);
+ if( cpuCount>1 ){
+ /* defer MT decisions to system malloc */
+ _sqliteZone_ = malloc_default_zone();
+ }else{
+ /* only 1 core, use our own zone to contention over global locks,
+ ** e.g. we have our own dedicated locks */
+ bool success;
+ malloc_zone_t* newzone = malloc_create_zone(4096, 0);
+ malloc_set_zone_name(newzone, "Sqlite_Heap");
+ do{
+ success = OSAtomicCompareAndSwapPtrBarrier(NULL, newzone,
+ (void * volatile *)&_sqliteZone_);
+ }while(!_sqliteZone_);
+ if( !success ){
+ /* somebody registered a zone first */
+ malloc_destroy_zone(newzone);
+ }
+ }
+#endif
+ UNUSED_PARAMETER(NotUsed);
+ return SQLITE_OK;
+}
+
+/*
+** Deinitialize this module.
+*/
+static void sqlite3MemShutdown(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ return;
+}
+
+/*
+** This routine is the only routine in this file with external linkage.
+**
+** Populate the low-level memory allocation function pointers in
+** sqlite3GlobalConfig.m with pointers to the routines in this file.
+*/
+SQLITE_PRIVATE void sqlite3MemSetDefault(void){
+ static const sqlite3_mem_methods defaultMethods = {
+ sqlite3MemMalloc,
+ sqlite3MemFree,
+ sqlite3MemRealloc,
+ sqlite3MemSize,
+ sqlite3MemRoundup,
+ sqlite3MemInit,
+ sqlite3MemShutdown,
+ 0
+ };
+ sqlite3_config(SQLITE_CONFIG_MALLOC, &defaultMethods);
+}
+
+#endif /* SQLITE_SYSTEM_MALLOC */
+
+/************** End of mem1.c ************************************************/
+/************** Begin file mem2.c ********************************************/
+/*
+** 2007 August 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains low-level memory allocation drivers for when
+** SQLite will use the standard C-library malloc/realloc/free interface
+** to obtain the memory it needs while adding lots of additional debugging
+** information to each allocation in order to help detect and fix memory
+** leaks and memory usage errors.
+**
+** This file contains implementations of the low-level memory allocation
+** routines specified in the sqlite3_mem_methods object.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** This version of the memory allocator is used only if the
+** SQLITE_MEMDEBUG macro is defined
+*/
+#ifdef SQLITE_MEMDEBUG
+
+/*
+** The backtrace functionality is only available with GLIBC
+*/
+#ifdef __GLIBC__
+ extern int backtrace(void**,int);
+ extern void backtrace_symbols_fd(void*const*,int,int);
+#else
+# define backtrace(A,B) 1
+# define backtrace_symbols_fd(A,B,C)
+#endif
+/* #include <stdio.h> */
+
+/*
+** Each memory allocation looks like this:
+**
+** ------------------------------------------------------------------------
+** | Title | backtrace pointers | MemBlockHdr | allocation | EndGuard |
+** ------------------------------------------------------------------------
+**
+** The application code sees only a pointer to the allocation. We have
+** to back up from the allocation pointer to find the MemBlockHdr. The
+** MemBlockHdr tells us the size of the allocation and the number of
+** backtrace pointers. There is also a guard word at the end of the
+** MemBlockHdr.
+*/
+struct MemBlockHdr {
+ i64 iSize; /* Size of this allocation */
+ struct MemBlockHdr *pNext, *pPrev; /* Linked list of all unfreed memory */
+ char nBacktrace; /* Number of backtraces on this alloc */
+ char nBacktraceSlots; /* Available backtrace slots */
+ u8 nTitle; /* Bytes of title; includes '\0' */
+ u8 eType; /* Allocation type code */
+ int iForeGuard; /* Guard word for sanity */
+};
+
+/*
+** Guard words
+*/
+#define FOREGUARD 0x80F5E153
+#define REARGUARD 0xE4676B53
+
+/*
+** Number of malloc size increments to track.
+*/
+#define NCSIZE 1000
+
+/*
+** All of the static variables used by this module are collected
+** into a single structure named "mem". This is to keep the
+** static variables organized and to reduce namespace pollution
+** when this module is combined with other in the amalgamation.
+*/
+static struct {
+
+ /*
+ ** Mutex to control access to the memory allocation subsystem.
+ */
+ sqlite3_mutex *mutex;
+
+ /*
+ ** Head and tail of a linked list of all outstanding allocations
+ */
+ struct MemBlockHdr *pFirst;
+ struct MemBlockHdr *pLast;
+
+ /*
+ ** The number of levels of backtrace to save in new allocations.
+ */
+ int nBacktrace;
+ void (*xBacktrace)(int, int, void **);
+
+ /*
+ ** Title text to insert in front of each block
+ */
+ int nTitle; /* Bytes of zTitle to save. Includes '\0' and padding */
+ char zTitle[100]; /* The title text */
+
+ /*
+ ** sqlite3MallocDisallow() increments the following counter.
+ ** sqlite3MallocAllow() decrements it.
+ */
+ int disallow; /* Do not allow memory allocation */
+
+ /*
+ ** Gather statistics on the sizes of memory allocations.
+ ** nAlloc[i] is the number of allocation attempts of i*8
+ ** bytes. i==NCSIZE is the number of allocation attempts for
+ ** sizes more than NCSIZE*8 bytes.
+ */
+ int nAlloc[NCSIZE]; /* Total number of allocations */
+ int nCurrent[NCSIZE]; /* Current number of allocations */
+ int mxCurrent[NCSIZE]; /* Highwater mark for nCurrent */
+
+} mem;
+
+
+/*
+** Adjust memory usage statistics
+*/
+static void adjustStats(int iSize, int increment){
+ int i = ROUND8(iSize)/8;
+ if( i>NCSIZE-1 ){
+ i = NCSIZE - 1;
+ }
+ if( increment>0 ){
+ mem.nAlloc[i]++;
+ mem.nCurrent[i]++;
+ if( mem.nCurrent[i]>mem.mxCurrent[i] ){
+ mem.mxCurrent[i] = mem.nCurrent[i];
+ }
+ }else{
+ mem.nCurrent[i]--;
+ assert( mem.nCurrent[i]>=0 );
+ }
+}
+
+/*
+** Given an allocation, find the MemBlockHdr for that allocation.
+**
+** This routine checks the guards at either end of the allocation and
+** if they are incorrect it asserts.
+*/
+static struct MemBlockHdr *sqlite3MemsysGetHeader(void *pAllocation){
+ struct MemBlockHdr *p;
+ int *pInt;
+ u8 *pU8;
+ int nReserve;
+
+ p = (struct MemBlockHdr*)pAllocation;
+ p--;
+ assert( p->iForeGuard==(int)FOREGUARD );
+ nReserve = ROUND8(p->iSize);
+ pInt = (int*)pAllocation;
+ pU8 = (u8*)pAllocation;
+ assert( pInt[nReserve/sizeof(int)]==(int)REARGUARD );
+ /* This checks any of the "extra" bytes allocated due
+ ** to rounding up to an 8 byte boundary to ensure
+ ** they haven't been overwritten.
+ */
+ while( nReserve-- > p->iSize ) assert( pU8[nReserve]==0x65 );
+ return p;
+}
+
+/*
+** Return the number of bytes currently allocated at address p.
+*/
+static int sqlite3MemSize(void *p){
+ struct MemBlockHdr *pHdr;
+ if( !p ){
+ return 0;
+ }
+ pHdr = sqlite3MemsysGetHeader(p);
+ return (int)pHdr->iSize;
+}
+
+/*
+** Initialize the memory allocation subsystem.
+*/
+static int sqlite3MemInit(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ assert( (sizeof(struct MemBlockHdr)&7) == 0 );
+ if( !sqlite3GlobalConfig.bMemstat ){
+ /* If memory status is enabled, then the malloc.c wrapper will already
+ ** hold the STATIC_MEM mutex when the routines here are invoked. */
+ mem.mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MEM);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Deinitialize the memory allocation subsystem.
+*/
+static void sqlite3MemShutdown(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ mem.mutex = 0;
+}
+
+/*
+** Round up a request size to the next valid allocation size.
+*/
+static int sqlite3MemRoundup(int n){
+ return ROUND8(n);
+}
+
+/*
+** Fill a buffer with pseudo-random bytes. This is used to preset
+** the content of a new memory allocation to unpredictable values and
+** to clear the content of a freed allocation to unpredictable values.
+*/
+static void randomFill(char *pBuf, int nByte){
+ unsigned int x, y, r;
+ x = SQLITE_PTR_TO_INT(pBuf);
+ y = nByte | 1;
+ while( nByte >= 4 ){
+ x = (x>>1) ^ (-(int)(x&1) & 0xd0000001);
+ y = y*1103515245 + 12345;
+ r = x ^ y;
+ *(int*)pBuf = r;
+ pBuf += 4;
+ nByte -= 4;
+ }
+ while( nByte-- > 0 ){
+ x = (x>>1) ^ (-(int)(x&1) & 0xd0000001);
+ y = y*1103515245 + 12345;
+ r = x ^ y;
+ *(pBuf++) = r & 0xff;
+ }
+}
+
+/*
+** Allocate nByte bytes of memory.
+*/
+static void *sqlite3MemMalloc(int nByte){
+ struct MemBlockHdr *pHdr;
+ void **pBt;
+ char *z;
+ int *pInt;
+ void *p = 0;
+ int totalSize;
+ int nReserve;
+ sqlite3_mutex_enter(mem.mutex);
+ assert( mem.disallow==0 );
+ nReserve = ROUND8(nByte);
+ totalSize = nReserve + sizeof(*pHdr) + sizeof(int) +
+ mem.nBacktrace*sizeof(void*) + mem.nTitle;
+ p = malloc(totalSize);
+ if( p ){
+ z = p;
+ pBt = (void**)&z[mem.nTitle];
+ pHdr = (struct MemBlockHdr*)&pBt[mem.nBacktrace];
+ pHdr->pNext = 0;
+ pHdr->pPrev = mem.pLast;
+ if( mem.pLast ){
+ mem.pLast->pNext = pHdr;
+ }else{
+ mem.pFirst = pHdr;
+ }
+ mem.pLast = pHdr;
+ pHdr->iForeGuard = FOREGUARD;
+ pHdr->eType = MEMTYPE_HEAP;
+ pHdr->nBacktraceSlots = mem.nBacktrace;
+ pHdr->nTitle = mem.nTitle;
+ if( mem.nBacktrace ){
+ void *aAddr[40];
+ pHdr->nBacktrace = backtrace(aAddr, mem.nBacktrace+1)-1;
+ memcpy(pBt, &aAddr[1], pHdr->nBacktrace*sizeof(void*));
+ assert(pBt[0]);
+ if( mem.xBacktrace ){
+ mem.xBacktrace(nByte, pHdr->nBacktrace-1, &aAddr[1]);
+ }
+ }else{
+ pHdr->nBacktrace = 0;
+ }
+ if( mem.nTitle ){
+ memcpy(z, mem.zTitle, mem.nTitle);
+ }
+ pHdr->iSize = nByte;
+ adjustStats(nByte, +1);
+ pInt = (int*)&pHdr[1];
+ pInt[nReserve/sizeof(int)] = REARGUARD;
+ randomFill((char*)pInt, nByte);
+ memset(((char*)pInt)+nByte, 0x65, nReserve-nByte);
+ p = (void*)pInt;
+ }
+ sqlite3_mutex_leave(mem.mutex);
+ return p;
+}
+
+/*
+** Free memory.
+*/
+static void sqlite3MemFree(void *pPrior){
+ struct MemBlockHdr *pHdr;
+ void **pBt;
+ char *z;
+ assert( sqlite3GlobalConfig.bMemstat || sqlite3GlobalConfig.bCoreMutex==0
+ || mem.mutex!=0 );
+ pHdr = sqlite3MemsysGetHeader(pPrior);
+ pBt = (void**)pHdr;
+ pBt -= pHdr->nBacktraceSlots;
+ sqlite3_mutex_enter(mem.mutex);
+ if( pHdr->pPrev ){
+ assert( pHdr->pPrev->pNext==pHdr );
+ pHdr->pPrev->pNext = pHdr->pNext;
+ }else{
+ assert( mem.pFirst==pHdr );
+ mem.pFirst = pHdr->pNext;
+ }
+ if( pHdr->pNext ){
+ assert( pHdr->pNext->pPrev==pHdr );
+ pHdr->pNext->pPrev = pHdr->pPrev;
+ }else{
+ assert( mem.pLast==pHdr );
+ mem.pLast = pHdr->pPrev;
+ }
+ z = (char*)pBt;
+ z -= pHdr->nTitle;
+ adjustStats((int)pHdr->iSize, -1);
+ randomFill(z, sizeof(void*)*pHdr->nBacktraceSlots + sizeof(*pHdr) +
+ (int)pHdr->iSize + sizeof(int) + pHdr->nTitle);
+ free(z);
+ sqlite3_mutex_leave(mem.mutex);
+}
+
+/*
+** Change the size of an existing memory allocation.
+**
+** For this debugging implementation, we *always* make a copy of the
+** allocation into a new place in memory. In this way, if the
+** higher level code is using pointer to the old allocation, it is
+** much more likely to break and we are much more liking to find
+** the error.
+*/
+static void *sqlite3MemRealloc(void *pPrior, int nByte){
+ struct MemBlockHdr *pOldHdr;
+ void *pNew;
+ assert( mem.disallow==0 );
+ assert( (nByte & 7)==0 ); /* EV: R-46199-30249 */
+ pOldHdr = sqlite3MemsysGetHeader(pPrior);
+ pNew = sqlite3MemMalloc(nByte);
+ if( pNew ){
+ memcpy(pNew, pPrior, (int)(nByte<pOldHdr->iSize ? nByte : pOldHdr->iSize));
+ if( nByte>pOldHdr->iSize ){
+ randomFill(&((char*)pNew)[pOldHdr->iSize], nByte - (int)pOldHdr->iSize);
+ }
+ sqlite3MemFree(pPrior);
+ }
+ return pNew;
+}
+
+/*
+** Populate the low-level memory allocation function pointers in
+** sqlite3GlobalConfig.m with pointers to the routines in this file.
+*/
+SQLITE_PRIVATE void sqlite3MemSetDefault(void){
+ static const sqlite3_mem_methods defaultMethods = {
+ sqlite3MemMalloc,
+ sqlite3MemFree,
+ sqlite3MemRealloc,
+ sqlite3MemSize,
+ sqlite3MemRoundup,
+ sqlite3MemInit,
+ sqlite3MemShutdown,
+ 0
+ };
+ sqlite3_config(SQLITE_CONFIG_MALLOC, &defaultMethods);
+}
+
+/*
+** Set the "type" of an allocation.
+*/
+SQLITE_PRIVATE void sqlite3MemdebugSetType(void *p, u8 eType){
+ if( p && sqlite3GlobalConfig.m.xMalloc==sqlite3MemMalloc ){
+ struct MemBlockHdr *pHdr;
+ pHdr = sqlite3MemsysGetHeader(p);
+ assert( pHdr->iForeGuard==FOREGUARD );
+ pHdr->eType = eType;
+ }
+}
+
+/*
+** Return TRUE if the mask of type in eType matches the type of the
+** allocation p. Also return true if p==NULL.
+**
+** This routine is designed for use within an assert() statement, to
+** verify the type of an allocation. For example:
+**
+** assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
+*/
+SQLITE_PRIVATE int sqlite3MemdebugHasType(void *p, u8 eType){
+ int rc = 1;
+ if( p && sqlite3GlobalConfig.m.xMalloc==sqlite3MemMalloc ){
+ struct MemBlockHdr *pHdr;
+ pHdr = sqlite3MemsysGetHeader(p);
+ assert( pHdr->iForeGuard==FOREGUARD ); /* Allocation is valid */
+ if( (pHdr->eType&eType)==0 ){
+ rc = 0;
+ }
+ }
+ return rc;
+}
+
+/*
+** Return TRUE if the mask of type in eType matches no bits of the type of the
+** allocation p. Also return true if p==NULL.
+**
+** This routine is designed for use within an assert() statement, to
+** verify the type of an allocation. For example:
+**
+** assert( sqlite3MemdebugNoType(p, MEMTYPE_LOOKASIDE) );
+*/
+SQLITE_PRIVATE int sqlite3MemdebugNoType(void *p, u8 eType){
+ int rc = 1;
+ if( p && sqlite3GlobalConfig.m.xMalloc==sqlite3MemMalloc ){
+ struct MemBlockHdr *pHdr;
+ pHdr = sqlite3MemsysGetHeader(p);
+ assert( pHdr->iForeGuard==FOREGUARD ); /* Allocation is valid */
+ if( (pHdr->eType&eType)!=0 ){
+ rc = 0;
+ }
+ }
+ return rc;
+}
+
+/*
+** Set the number of backtrace levels kept for each allocation.
+** A value of zero turns off backtracing. The number is always rounded
+** up to a multiple of 2.
+*/
+SQLITE_PRIVATE void sqlite3MemdebugBacktrace(int depth){
+ if( depth<0 ){ depth = 0; }
+ if( depth>20 ){ depth = 20; }
+ depth = (depth+1)&0xfe;
+ mem.nBacktrace = depth;
+}
+
+SQLITE_PRIVATE void sqlite3MemdebugBacktraceCallback(void (*xBacktrace)(int, int, void **)){
+ mem.xBacktrace = xBacktrace;
+}
+
+/*
+** Set the title string for subsequent allocations.
+*/
+SQLITE_PRIVATE void sqlite3MemdebugSettitle(const char *zTitle){
+ unsigned int n = sqlite3Strlen30(zTitle) + 1;
+ sqlite3_mutex_enter(mem.mutex);
+ if( n>=sizeof(mem.zTitle) ) n = sizeof(mem.zTitle)-1;
+ memcpy(mem.zTitle, zTitle, n);
+ mem.zTitle[n] = 0;
+ mem.nTitle = ROUND8(n);
+ sqlite3_mutex_leave(mem.mutex);
+}
+
+SQLITE_PRIVATE void sqlite3MemdebugSync(){
+ struct MemBlockHdr *pHdr;
+ for(pHdr=mem.pFirst; pHdr; pHdr=pHdr->pNext){
+ void **pBt = (void**)pHdr;
+ pBt -= pHdr->nBacktraceSlots;
+ mem.xBacktrace((int)pHdr->iSize, pHdr->nBacktrace-1, &pBt[1]);
+ }
+}
+
+/*
+** Open the file indicated and write a log of all unfreed memory
+** allocations into that log.
+*/
+SQLITE_PRIVATE void sqlite3MemdebugDump(const char *zFilename){
+ FILE *out;
+ struct MemBlockHdr *pHdr;
+ void **pBt;
+ int i;
+ out = fopen(zFilename, "w");
+ if( out==0 ){
+ fprintf(stderr, "** Unable to output memory debug output log: %s **\n",
+ zFilename);
+ return;
+ }
+ for(pHdr=mem.pFirst; pHdr; pHdr=pHdr->pNext){
+ char *z = (char*)pHdr;
+ z -= pHdr->nBacktraceSlots*sizeof(void*) + pHdr->nTitle;
+ fprintf(out, "**** %lld bytes at %p from %s ****\n",
+ pHdr->iSize, &pHdr[1], pHdr->nTitle ? z : "???");
+ if( pHdr->nBacktrace ){
+ fflush(out);
+ pBt = (void**)pHdr;
+ pBt -= pHdr->nBacktraceSlots;
+ backtrace_symbols_fd(pBt, pHdr->nBacktrace, fileno(out));
+ fprintf(out, "\n");
+ }
+ }
+ fprintf(out, "COUNTS:\n");
+ for(i=0; i<NCSIZE-1; i++){
+ if( mem.nAlloc[i] ){
+ fprintf(out, " %5d: %10d %10d %10d\n",
+ i*8, mem.nAlloc[i], mem.nCurrent[i], mem.mxCurrent[i]);
+ }
+ }
+ if( mem.nAlloc[NCSIZE-1] ){
+ fprintf(out, " %5d: %10d %10d %10d\n",
+ NCSIZE*8-8, mem.nAlloc[NCSIZE-1],
+ mem.nCurrent[NCSIZE-1], mem.mxCurrent[NCSIZE-1]);
+ }
+ fclose(out);
+}
+
+/*
+** Return the number of times sqlite3MemMalloc() has been called.
+*/
+SQLITE_PRIVATE int sqlite3MemdebugMallocCount(){
+ int i;
+ int nTotal = 0;
+ for(i=0; i<NCSIZE; i++){
+ nTotal += mem.nAlloc[i];
+ }
+ return nTotal;
+}
+
+
+#endif /* SQLITE_MEMDEBUG */
+
+/************** End of mem2.c ************************************************/
+/************** Begin file mem3.c ********************************************/
+/*
+** 2007 October 14
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement a memory
+** allocation subsystem for use by SQLite.
+**
+** This version of the memory allocation subsystem omits all
+** use of malloc(). The SQLite user supplies a block of memory
+** before calling sqlite3_initialize() from which allocations
+** are made and returned by the xMalloc() and xRealloc()
+** implementations. Once sqlite3_initialize() has been called,
+** the amount of memory available to SQLite is fixed and cannot
+** be changed.
+**
+** This version of the memory allocation subsystem is included
+** in the build only if SQLITE_ENABLE_MEMSYS3 is defined.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** This version of the memory allocator is only built into the library
+** SQLITE_ENABLE_MEMSYS3 is defined. Defining this symbol does not
+** mean that the library will use a memory-pool by default, just that
+** it is available. The mempool allocator is activated by calling
+** sqlite3_config().
+*/
+#ifdef SQLITE_ENABLE_MEMSYS3
+
+/*
+** Maximum size (in Mem3Blocks) of a "small" chunk.
+*/
+#define MX_SMALL 10
+
+
+/*
+** Number of freelist hash slots
+*/
+#define N_HASH 61
+
+/*
+** A memory allocation (also called a "chunk") consists of two or
+** more blocks where each block is 8 bytes. The first 8 bytes are
+** a header that is not returned to the user.
+**
+** A chunk is two or more blocks that is either checked out or
+** free. The first block has format u.hdr. u.hdr.size4x is 4 times the
+** size of the allocation in blocks if the allocation is free.
+** The u.hdr.size4x&1 bit is true if the chunk is checked out and
+** false if the chunk is on the freelist. The u.hdr.size4x&2 bit
+** is true if the previous chunk is checked out and false if the
+** previous chunk is free. The u.hdr.prevSize field is the size of
+** the previous chunk in blocks if the previous chunk is on the
+** freelist. If the previous chunk is checked out, then
+** u.hdr.prevSize can be part of the data for that chunk and should
+** not be read or written.
+**
+** We often identify a chunk by its index in mem3.aPool[]. When
+** this is done, the chunk index refers to the second block of
+** the chunk. In this way, the first chunk has an index of 1.
+** A chunk index of 0 means "no such chunk" and is the equivalent
+** of a NULL pointer.
+**
+** The second block of free chunks is of the form u.list. The
+** two fields form a double-linked list of chunks of related sizes.
+** Pointers to the head of the list are stored in mem3.aiSmall[]
+** for smaller chunks and mem3.aiHash[] for larger chunks.
+**
+** The second block of a chunk is user data if the chunk is checked
+** out. If a chunk is checked out, the user data may extend into
+** the u.hdr.prevSize value of the following chunk.
+*/
+typedef struct Mem3Block Mem3Block;
+struct Mem3Block {
+ union {
+ struct {
+ u32 prevSize; /* Size of previous chunk in Mem3Block elements */
+ u32 size4x; /* 4x the size of current chunk in Mem3Block elements */
+ } hdr;
+ struct {
+ u32 next; /* Index in mem3.aPool[] of next free chunk */
+ u32 prev; /* Index in mem3.aPool[] of previous free chunk */
+ } list;
+ } u;
+};
+
+/*
+** All of the static variables used by this module are collected
+** into a single structure named "mem3". This is to keep the
+** static variables organized and to reduce namespace pollution
+** when this module is combined with other in the amalgamation.
+*/
+static SQLITE_WSD struct Mem3Global {
+ /*
+ ** Memory available for allocation. nPool is the size of the array
+ ** (in Mem3Blocks) pointed to by aPool less 2.
+ */
+ u32 nPool;
+ Mem3Block *aPool;
+
+ /*
+ ** True if we are evaluating an out-of-memory callback.
+ */
+ int alarmBusy;
+
+ /*
+ ** Mutex to control access to the memory allocation subsystem.
+ */
+ sqlite3_mutex *mutex;
+
+ /*
+ ** The minimum amount of free space that we have seen.
+ */
+ u32 mnMaster;
+
+ /*
+ ** iMaster is the index of the master chunk. Most new allocations
+ ** occur off of this chunk. szMaster is the size (in Mem3Blocks)
+ ** of the current master. iMaster is 0 if there is not master chunk.
+ ** The master chunk is not in either the aiHash[] or aiSmall[].
+ */
+ u32 iMaster;
+ u32 szMaster;
+
+ /*
+ ** Array of lists of free blocks according to the block size
+ ** for smaller chunks, or a hash on the block size for larger
+ ** chunks.
+ */
+ u32 aiSmall[MX_SMALL-1]; /* For sizes 2 through MX_SMALL, inclusive */
+ u32 aiHash[N_HASH]; /* For sizes MX_SMALL+1 and larger */
+} mem3 = { 97535575 };
+
+#define mem3 GLOBAL(struct Mem3Global, mem3)
+
+/*
+** Unlink the chunk at mem3.aPool[i] from list it is currently
+** on. *pRoot is the list that i is a member of.
+*/
+static void memsys3UnlinkFromList(u32 i, u32 *pRoot){
+ u32 next = mem3.aPool[i].u.list.next;
+ u32 prev = mem3.aPool[i].u.list.prev;
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ if( prev==0 ){
+ *pRoot = next;
+ }else{
+ mem3.aPool[prev].u.list.next = next;
+ }
+ if( next ){
+ mem3.aPool[next].u.list.prev = prev;
+ }
+ mem3.aPool[i].u.list.next = 0;
+ mem3.aPool[i].u.list.prev = 0;
+}
+
+/*
+** Unlink the chunk at index i from
+** whatever list is currently a member of.
+*/
+static void memsys3Unlink(u32 i){
+ u32 size, hash;
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ assert( (mem3.aPool[i-1].u.hdr.size4x & 1)==0 );
+ assert( i>=1 );
+ size = mem3.aPool[i-1].u.hdr.size4x/4;
+ assert( size==mem3.aPool[i+size-1].u.hdr.prevSize );
+ assert( size>=2 );
+ if( size <= MX_SMALL ){
+ memsys3UnlinkFromList(i, &mem3.aiSmall[size-2]);
+ }else{
+ hash = size % N_HASH;
+ memsys3UnlinkFromList(i, &mem3.aiHash[hash]);
+ }
+}
+
+/*
+** Link the chunk at mem3.aPool[i] so that is on the list rooted
+** at *pRoot.
+*/
+static void memsys3LinkIntoList(u32 i, u32 *pRoot){
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ mem3.aPool[i].u.list.next = *pRoot;
+ mem3.aPool[i].u.list.prev = 0;
+ if( *pRoot ){
+ mem3.aPool[*pRoot].u.list.prev = i;
+ }
+ *pRoot = i;
+}
+
+/*
+** Link the chunk at index i into either the appropriate
+** small chunk list, or into the large chunk hash table.
+*/
+static void memsys3Link(u32 i){
+ u32 size, hash;
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ assert( i>=1 );
+ assert( (mem3.aPool[i-1].u.hdr.size4x & 1)==0 );
+ size = mem3.aPool[i-1].u.hdr.size4x/4;
+ assert( size==mem3.aPool[i+size-1].u.hdr.prevSize );
+ assert( size>=2 );
+ if( size <= MX_SMALL ){
+ memsys3LinkIntoList(i, &mem3.aiSmall[size-2]);
+ }else{
+ hash = size % N_HASH;
+ memsys3LinkIntoList(i, &mem3.aiHash[hash]);
+ }
+}
+
+/*
+** If the STATIC_MEM mutex is not already held, obtain it now. The mutex
+** will already be held (obtained by code in malloc.c) if
+** sqlite3GlobalConfig.bMemStat is true.
+*/
+static void memsys3Enter(void){
+ if( sqlite3GlobalConfig.bMemstat==0 && mem3.mutex==0 ){
+ mem3.mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MEM);
+ }
+ sqlite3_mutex_enter(mem3.mutex);
+}
+static void memsys3Leave(void){
+ sqlite3_mutex_leave(mem3.mutex);
+}
+
+/*
+** Called when we are unable to satisfy an allocation of nBytes.
+*/
+static void memsys3OutOfMemory(int nByte){
+ if( !mem3.alarmBusy ){
+ mem3.alarmBusy = 1;
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ sqlite3_mutex_leave(mem3.mutex);
+ sqlite3_release_memory(nByte);
+ sqlite3_mutex_enter(mem3.mutex);
+ mem3.alarmBusy = 0;
+ }
+}
+
+
+/*
+** Chunk i is a free chunk that has been unlinked. Adjust its
+** size parameters for check-out and return a pointer to the
+** user portion of the chunk.
+*/
+static void *memsys3Checkout(u32 i, u32 nBlock){
+ u32 x;
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ assert( i>=1 );
+ assert( mem3.aPool[i-1].u.hdr.size4x/4==nBlock );
+ assert( mem3.aPool[i+nBlock-1].u.hdr.prevSize==nBlock );
+ x = mem3.aPool[i-1].u.hdr.size4x;
+ mem3.aPool[i-1].u.hdr.size4x = nBlock*4 | 1 | (x&2);
+ mem3.aPool[i+nBlock-1].u.hdr.prevSize = nBlock;
+ mem3.aPool[i+nBlock-1].u.hdr.size4x |= 2;
+ return &mem3.aPool[i];
+}
+
+/*
+** Carve a piece off of the end of the mem3.iMaster free chunk.
+** Return a pointer to the new allocation. Or, if the master chunk
+** is not large enough, return 0.
+*/
+static void *memsys3FromMaster(u32 nBlock){
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ assert( mem3.szMaster>=nBlock );
+ if( nBlock>=mem3.szMaster-1 ){
+ /* Use the entire master */
+ void *p = memsys3Checkout(mem3.iMaster, mem3.szMaster);
+ mem3.iMaster = 0;
+ mem3.szMaster = 0;
+ mem3.mnMaster = 0;
+ return p;
+ }else{
+ /* Split the master block. Return the tail. */
+ u32 newi, x;
+ newi = mem3.iMaster + mem3.szMaster - nBlock;
+ assert( newi > mem3.iMaster+1 );
+ mem3.aPool[mem3.iMaster+mem3.szMaster-1].u.hdr.prevSize = nBlock;
+ mem3.aPool[mem3.iMaster+mem3.szMaster-1].u.hdr.size4x |= 2;
+ mem3.aPool[newi-1].u.hdr.size4x = nBlock*4 + 1;
+ mem3.szMaster -= nBlock;
+ mem3.aPool[newi-1].u.hdr.prevSize = mem3.szMaster;
+ x = mem3.aPool[mem3.iMaster-1].u.hdr.size4x & 2;
+ mem3.aPool[mem3.iMaster-1].u.hdr.size4x = mem3.szMaster*4 | x;
+ if( mem3.szMaster < mem3.mnMaster ){
+ mem3.mnMaster = mem3.szMaster;
+ }
+ return (void*)&mem3.aPool[newi];
+ }
+}
+
+/*
+** *pRoot is the head of a list of free chunks of the same size
+** or same size hash. In other words, *pRoot is an entry in either
+** mem3.aiSmall[] or mem3.aiHash[].
+**
+** This routine examines all entries on the given list and tries
+** to coalesce each entries with adjacent free chunks.
+**
+** If it sees a chunk that is larger than mem3.iMaster, it replaces
+** the current mem3.iMaster with the new larger chunk. In order for
+** this mem3.iMaster replacement to work, the master chunk must be
+** linked into the hash tables. That is not the normal state of
+** affairs, of course. The calling routine must link the master
+** chunk before invoking this routine, then must unlink the (possibly
+** changed) master chunk once this routine has finished.
+*/
+static void memsys3Merge(u32 *pRoot){
+ u32 iNext, prev, size, i, x;
+
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ for(i=*pRoot; i>0; i=iNext){
+ iNext = mem3.aPool[i].u.list.next;
+ size = mem3.aPool[i-1].u.hdr.size4x;
+ assert( (size&1)==0 );
+ if( (size&2)==0 ){
+ memsys3UnlinkFromList(i, pRoot);
+ assert( i > mem3.aPool[i-1].u.hdr.prevSize );
+ prev = i - mem3.aPool[i-1].u.hdr.prevSize;
+ if( prev==iNext ){
+ iNext = mem3.aPool[prev].u.list.next;
+ }
+ memsys3Unlink(prev);
+ size = i + size/4 - prev;
+ x = mem3.aPool[prev-1].u.hdr.size4x & 2;
+ mem3.aPool[prev-1].u.hdr.size4x = size*4 | x;
+ mem3.aPool[prev+size-1].u.hdr.prevSize = size;
+ memsys3Link(prev);
+ i = prev;
+ }else{
+ size /= 4;
+ }
+ if( size>mem3.szMaster ){
+ mem3.iMaster = i;
+ mem3.szMaster = size;
+ }
+ }
+}
+
+/*
+** Return a block of memory of at least nBytes in size.
+** Return NULL if unable.
+**
+** This function assumes that the necessary mutexes, if any, are
+** already held by the caller. Hence "Unsafe".
+*/
+static void *memsys3MallocUnsafe(int nByte){
+ u32 i;
+ u32 nBlock;
+ u32 toFree;
+
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ assert( sizeof(Mem3Block)==8 );
+ if( nByte<=12 ){
+ nBlock = 2;
+ }else{
+ nBlock = (nByte + 11)/8;
+ }
+ assert( nBlock>=2 );
+
+ /* STEP 1:
+ ** Look for an entry of the correct size in either the small
+ ** chunk table or in the large chunk hash table. This is
+ ** successful most of the time (about 9 times out of 10).
+ */
+ if( nBlock <= MX_SMALL ){
+ i = mem3.aiSmall[nBlock-2];
+ if( i>0 ){
+ memsys3UnlinkFromList(i, &mem3.aiSmall[nBlock-2]);
+ return memsys3Checkout(i, nBlock);
+ }
+ }else{
+ int hash = nBlock % N_HASH;
+ for(i=mem3.aiHash[hash]; i>0; i=mem3.aPool[i].u.list.next){
+ if( mem3.aPool[i-1].u.hdr.size4x/4==nBlock ){
+ memsys3UnlinkFromList(i, &mem3.aiHash[hash]);
+ return memsys3Checkout(i, nBlock);
+ }
+ }
+ }
+
+ /* STEP 2:
+ ** Try to satisfy the allocation by carving a piece off of the end
+ ** of the master chunk. This step usually works if step 1 fails.
+ */
+ if( mem3.szMaster>=nBlock ){
+ return memsys3FromMaster(nBlock);
+ }
+
+
+ /* STEP 3:
+ ** Loop through the entire memory pool. Coalesce adjacent free
+ ** chunks. Recompute the master chunk as the largest free chunk.
+ ** Then try again to satisfy the allocation by carving a piece off
+ ** of the end of the master chunk. This step happens very
+ ** rarely (we hope!)
+ */
+ for(toFree=nBlock*16; toFree<(mem3.nPool*16); toFree *= 2){
+ memsys3OutOfMemory(toFree);
+ if( mem3.iMaster ){
+ memsys3Link(mem3.iMaster);
+ mem3.iMaster = 0;
+ mem3.szMaster = 0;
+ }
+ for(i=0; i<N_HASH; i++){
+ memsys3Merge(&mem3.aiHash[i]);
+ }
+ for(i=0; i<MX_SMALL-1; i++){
+ memsys3Merge(&mem3.aiSmall[i]);
+ }
+ if( mem3.szMaster ){
+ memsys3Unlink(mem3.iMaster);
+ if( mem3.szMaster>=nBlock ){
+ return memsys3FromMaster(nBlock);
+ }
+ }
+ }
+
+ /* If none of the above worked, then we fail. */
+ return 0;
+}
+
+/*
+** Free an outstanding memory allocation.
+**
+** This function assumes that the necessary mutexes, if any, are
+** already held by the caller. Hence "Unsafe".
+*/
+static void memsys3FreeUnsafe(void *pOld){
+ Mem3Block *p = (Mem3Block*)pOld;
+ int i;
+ u32 size, x;
+ assert( sqlite3_mutex_held(mem3.mutex) );
+ assert( p>mem3.aPool && p<&mem3.aPool[mem3.nPool] );
+ i = p - mem3.aPool;
+ assert( (mem3.aPool[i-1].u.hdr.size4x&1)==1 );
+ size = mem3.aPool[i-1].u.hdr.size4x/4;
+ assert( i+size<=mem3.nPool+1 );
+ mem3.aPool[i-1].u.hdr.size4x &= ~1;
+ mem3.aPool[i+size-1].u.hdr.prevSize = size;
+ mem3.aPool[i+size-1].u.hdr.size4x &= ~2;
+ memsys3Link(i);
+
+ /* Try to expand the master using the newly freed chunk */
+ if( mem3.iMaster ){
+ while( (mem3.aPool[mem3.iMaster-1].u.hdr.size4x&2)==0 ){
+ size = mem3.aPool[mem3.iMaster-1].u.hdr.prevSize;
+ mem3.iMaster -= size;
+ mem3.szMaster += size;
+ memsys3Unlink(mem3.iMaster);
+ x = mem3.aPool[mem3.iMaster-1].u.hdr.size4x & 2;
+ mem3.aPool[mem3.iMaster-1].u.hdr.size4x = mem3.szMaster*4 | x;
+ mem3.aPool[mem3.iMaster+mem3.szMaster-1].u.hdr.prevSize = mem3.szMaster;
+ }
+ x = mem3.aPool[mem3.iMaster-1].u.hdr.size4x & 2;
+ while( (mem3.aPool[mem3.iMaster+mem3.szMaster-1].u.hdr.size4x&1)==0 ){
+ memsys3Unlink(mem3.iMaster+mem3.szMaster);
+ mem3.szMaster += mem3.aPool[mem3.iMaster+mem3.szMaster-1].u.hdr.size4x/4;
+ mem3.aPool[mem3.iMaster-1].u.hdr.size4x = mem3.szMaster*4 | x;
+ mem3.aPool[mem3.iMaster+mem3.szMaster-1].u.hdr.prevSize = mem3.szMaster;
+ }
+ }
+}
+
+/*
+** Return the size of an outstanding allocation, in bytes. The
+** size returned omits the 8-byte header overhead. This only
+** works for chunks that are currently checked out.
+*/
+static int memsys3Size(void *p){
+ Mem3Block *pBlock;
+ assert( p!=0 );
+ pBlock = (Mem3Block*)p;
+ assert( (pBlock[-1].u.hdr.size4x&1)!=0 );
+ return (pBlock[-1].u.hdr.size4x&~3)*2 - 4;
+}
+
+/*
+** Round up a request size to the next valid allocation size.
+*/
+static int memsys3Roundup(int n){
+ if( n<=12 ){
+ return 12;
+ }else{
+ return ((n+11)&~7) - 4;
+ }
+}
+
+/*
+** Allocate nBytes of memory.
+*/
+static void *memsys3Malloc(int nBytes){
+ sqlite3_int64 *p;
+ assert( nBytes>0 ); /* malloc.c filters out 0 byte requests */
+ memsys3Enter();
+ p = memsys3MallocUnsafe(nBytes);
+ memsys3Leave();
+ return (void*)p;
+}
+
+/*
+** Free memory.
+*/
+static void memsys3Free(void *pPrior){
+ assert( pPrior );
+ memsys3Enter();
+ memsys3FreeUnsafe(pPrior);
+ memsys3Leave();
+}
+
+/*
+** Change the size of an existing memory allocation
+*/
+static void *memsys3Realloc(void *pPrior, int nBytes){
+ int nOld;
+ void *p;
+ if( pPrior==0 ){
+ return sqlite3_malloc(nBytes);
+ }
+ if( nBytes<=0 ){
+ sqlite3_free(pPrior);
+ return 0;
+ }
+ nOld = memsys3Size(pPrior);
+ if( nBytes<=nOld && nBytes>=nOld-128 ){
+ return pPrior;
+ }
+ memsys3Enter();
+ p = memsys3MallocUnsafe(nBytes);
+ if( p ){
+ if( nOld<nBytes ){
+ memcpy(p, pPrior, nOld);
+ }else{
+ memcpy(p, pPrior, nBytes);
+ }
+ memsys3FreeUnsafe(pPrior);
+ }
+ memsys3Leave();
+ return p;
+}
+
+/*
+** Initialize this module.
+*/
+static int memsys3Init(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ if( !sqlite3GlobalConfig.pHeap ){
+ return SQLITE_ERROR;
+ }
+
+ /* Store a pointer to the memory block in global structure mem3. */
+ assert( sizeof(Mem3Block)==8 );
+ mem3.aPool = (Mem3Block *)sqlite3GlobalConfig.pHeap;
+ mem3.nPool = (sqlite3GlobalConfig.nHeap / sizeof(Mem3Block)) - 2;
+
+ /* Initialize the master block. */
+ mem3.szMaster = mem3.nPool;
+ mem3.mnMaster = mem3.szMaster;
+ mem3.iMaster = 1;
+ mem3.aPool[0].u.hdr.size4x = (mem3.szMaster<<2) + 2;
+ mem3.aPool[mem3.nPool].u.hdr.prevSize = mem3.nPool;
+ mem3.aPool[mem3.nPool].u.hdr.size4x = 1;
+
+ return SQLITE_OK;
+}
+
+/*
+** Deinitialize this module.
+*/
+static void memsys3Shutdown(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ mem3.mutex = 0;
+ return;
+}
+
+
+
+/*
+** Open the file indicated and write a log of all unfreed memory
+** allocations into that log.
+*/
+SQLITE_PRIVATE void sqlite3Memsys3Dump(const char *zFilename){
+#ifdef SQLITE_DEBUG
+ FILE *out;
+ u32 i, j;
+ u32 size;
+ if( zFilename==0 || zFilename[0]==0 ){
+ out = stdout;
+ }else{
+ out = fopen(zFilename, "w");
+ if( out==0 ){
+ fprintf(stderr, "** Unable to output memory debug output log: %s **\n",
+ zFilename);
+ return;
+ }
+ }
+ memsys3Enter();
+ fprintf(out, "CHUNKS:\n");
+ for(i=1; i<=mem3.nPool; i+=size/4){
+ size = mem3.aPool[i-1].u.hdr.size4x;
+ if( size/4<=1 ){
+ fprintf(out, "%p size error\n", &mem3.aPool[i]);
+ assert( 0 );
+ break;
+ }
+ if( (size&1)==0 && mem3.aPool[i+size/4-1].u.hdr.prevSize!=size/4 ){
+ fprintf(out, "%p tail size does not match\n", &mem3.aPool[i]);
+ assert( 0 );
+ break;
+ }
+ if( ((mem3.aPool[i+size/4-1].u.hdr.size4x&2)>>1)!=(size&1) ){
+ fprintf(out, "%p tail checkout bit is incorrect\n", &mem3.aPool[i]);
+ assert( 0 );
+ break;
+ }
+ if( size&1 ){
+ fprintf(out, "%p %6d bytes checked out\n", &mem3.aPool[i], (size/4)*8-8);
+ }else{
+ fprintf(out, "%p %6d bytes free%s\n", &mem3.aPool[i], (size/4)*8-8,
+ i==mem3.iMaster ? " **master**" : "");
+ }
+ }
+ for(i=0; i<MX_SMALL-1; i++){
+ if( mem3.aiSmall[i]==0 ) continue;
+ fprintf(out, "small(%2d):", i);
+ for(j = mem3.aiSmall[i]; j>0; j=mem3.aPool[j].u.list.next){
+ fprintf(out, " %p(%d)", &mem3.aPool[j],
+ (mem3.aPool[j-1].u.hdr.size4x/4)*8-8);
+ }
+ fprintf(out, "\n");
+ }
+ for(i=0; i<N_HASH; i++){
+ if( mem3.aiHash[i]==0 ) continue;
+ fprintf(out, "hash(%2d):", i);
+ for(j = mem3.aiHash[i]; j>0; j=mem3.aPool[j].u.list.next){
+ fprintf(out, " %p(%d)", &mem3.aPool[j],
+ (mem3.aPool[j-1].u.hdr.size4x/4)*8-8);
+ }
+ fprintf(out, "\n");
+ }
+ fprintf(out, "master=%d\n", mem3.iMaster);
+ fprintf(out, "nowUsed=%d\n", mem3.nPool*8 - mem3.szMaster*8);
+ fprintf(out, "mxUsed=%d\n", mem3.nPool*8 - mem3.mnMaster*8);
+ sqlite3_mutex_leave(mem3.mutex);
+ if( out==stdout ){
+ fflush(stdout);
+ }else{
+ fclose(out);
+ }
+#else
+ UNUSED_PARAMETER(zFilename);
+#endif
+}
+
+/*
+** This routine is the only routine in this file with external
+** linkage.
+**
+** Populate the low-level memory allocation function pointers in
+** sqlite3GlobalConfig.m with pointers to the routines in this file. The
+** arguments specify the block of memory to manage.
+**
+** This routine is only called by sqlite3_config(), and therefore
+** is not required to be threadsafe (it is not).
+*/
+SQLITE_PRIVATE const sqlite3_mem_methods *sqlite3MemGetMemsys3(void){
+ static const sqlite3_mem_methods mempoolMethods = {
+ memsys3Malloc,
+ memsys3Free,
+ memsys3Realloc,
+ memsys3Size,
+ memsys3Roundup,
+ memsys3Init,
+ memsys3Shutdown,
+ 0
+ };
+ return &mempoolMethods;
+}
+
+#endif /* SQLITE_ENABLE_MEMSYS3 */
+
+/************** End of mem3.c ************************************************/
+/************** Begin file mem5.c ********************************************/
+/*
+** 2007 October 14
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement a memory
+** allocation subsystem for use by SQLite.
+**
+** This version of the memory allocation subsystem omits all
+** use of malloc(). The application gives SQLite a block of memory
+** before calling sqlite3_initialize() from which allocations
+** are made and returned by the xMalloc() and xRealloc()
+** implementations. Once sqlite3_initialize() has been called,
+** the amount of memory available to SQLite is fixed and cannot
+** be changed.
+**
+** This version of the memory allocation subsystem is included
+** in the build only if SQLITE_ENABLE_MEMSYS5 is defined.
+**
+** This memory allocator uses the following algorithm:
+**
+** 1. All memory allocation sizes are rounded up to a power of 2.
+**
+** 2. If two adjacent free blocks are the halves of a larger block,
+** then the two blocks are coalesced into the single larger block.
+**
+** 3. New memory is allocated from the first available free block.
+**
+** This algorithm is described in: J. M. Robson. "Bounds for Some Functions
+** Concerning Dynamic Storage Allocation". Journal of the Association for
+** Computing Machinery, Volume 21, Number 8, July 1974, pages 491-499.
+**
+** Let n be the size of the largest allocation divided by the minimum
+** allocation size (after rounding all sizes up to a power of 2.) Let M
+** be the maximum amount of memory ever outstanding at one time. Let
+** N be the total amount of memory available for allocation. Robson
+** proved that this memory allocator will never breakdown due to
+** fragmentation as long as the following constraint holds:
+**
+** N >= M*(1 + log2(n)/2) - n + 1
+**
+** The sqlite3_status() logic tracks the maximum values of n and M so
+** that an application can, at any time, verify this constraint.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** This version of the memory allocator is used only when
+** SQLITE_ENABLE_MEMSYS5 is defined.
+*/
+#ifdef SQLITE_ENABLE_MEMSYS5
+
+/*
+** A minimum allocation is an instance of the following structure.
+** Larger allocations are an array of these structures where the
+** size of the array is a power of 2.
+**
+** The size of this object must be a power of two. That fact is
+** verified in memsys5Init().
+*/
+typedef struct Mem5Link Mem5Link;
+struct Mem5Link {
+ int next; /* Index of next free chunk */
+ int prev; /* Index of previous free chunk */
+};
+
+/*
+** Maximum size of any allocation is ((1<<LOGMAX)*mem5.szAtom). Since
+** mem5.szAtom is always at least 8 and 32-bit integers are used,
+** it is not actually possible to reach this limit.
+*/
+#define LOGMAX 30
+
+/*
+** Masks used for mem5.aCtrl[] elements.
+*/
+#define CTRL_LOGSIZE 0x1f /* Log2 Size of this block */
+#define CTRL_FREE 0x20 /* True if not checked out */
+
+/*
+** All of the static variables used by this module are collected
+** into a single structure named "mem5". This is to keep the
+** static variables organized and to reduce namespace pollution
+** when this module is combined with other in the amalgamation.
+*/
+static SQLITE_WSD struct Mem5Global {
+ /*
+ ** Memory available for allocation
+ */
+ int szAtom; /* Smallest possible allocation in bytes */
+ int nBlock; /* Number of szAtom sized blocks in zPool */
+ u8 *zPool; /* Memory available to be allocated */
+
+ /*
+ ** Mutex to control access to the memory allocation subsystem.
+ */
+ sqlite3_mutex *mutex;
+
+ /*
+ ** Performance statistics
+ */
+ u64 nAlloc; /* Total number of calls to malloc */
+ u64 totalAlloc; /* Total of all malloc calls - includes internal frag */
+ u64 totalExcess; /* Total internal fragmentation */
+ u32 currentOut; /* Current checkout, including internal fragmentation */
+ u32 currentCount; /* Current number of distinct checkouts */
+ u32 maxOut; /* Maximum instantaneous currentOut */
+ u32 maxCount; /* Maximum instantaneous currentCount */
+ u32 maxRequest; /* Largest allocation (exclusive of internal frag) */
+
+ /*
+ ** Lists of free blocks. aiFreelist[0] is a list of free blocks of
+ ** size mem5.szAtom. aiFreelist[1] holds blocks of size szAtom*2.
+ ** aiFreelist[2] holds free blocks of size szAtom*4. And so forth.
+ */
+ int aiFreelist[LOGMAX+1];
+
+ /*
+ ** Space for tracking which blocks are checked out and the size
+ ** of each block. One byte per block.
+ */
+ u8 *aCtrl;
+
+} mem5;
+
+/*
+** Access the static variable through a macro for SQLITE_OMIT_WSD.
+*/
+#define mem5 GLOBAL(struct Mem5Global, mem5)
+
+/*
+** Assuming mem5.zPool is divided up into an array of Mem5Link
+** structures, return a pointer to the idx-th such link.
+*/
+#define MEM5LINK(idx) ((Mem5Link *)(&mem5.zPool[(idx)*mem5.szAtom]))
+
+/*
+** Unlink the chunk at mem5.aPool[i] from list it is currently
+** on. It should be found on mem5.aiFreelist[iLogsize].
+*/
+static void memsys5Unlink(int i, int iLogsize){
+ int next, prev;
+ assert( i>=0 && i<mem5.nBlock );
+ assert( iLogsize>=0 && iLogsize<=LOGMAX );
+ assert( (mem5.aCtrl[i] & CTRL_LOGSIZE)==iLogsize );
+
+ next = MEM5LINK(i)->next;
+ prev = MEM5LINK(i)->prev;
+ if( prev<0 ){
+ mem5.aiFreelist[iLogsize] = next;
+ }else{
+ MEM5LINK(prev)->next = next;
+ }
+ if( next>=0 ){
+ MEM5LINK(next)->prev = prev;
+ }
+}
+
+/*
+** Link the chunk at mem5.aPool[i] so that is on the iLogsize
+** free list.
+*/
+static void memsys5Link(int i, int iLogsize){
+ int x;
+ assert( sqlite3_mutex_held(mem5.mutex) );
+ assert( i>=0 && i<mem5.nBlock );
+ assert( iLogsize>=0 && iLogsize<=LOGMAX );
+ assert( (mem5.aCtrl[i] & CTRL_LOGSIZE)==iLogsize );
+
+ x = MEM5LINK(i)->next = mem5.aiFreelist[iLogsize];
+ MEM5LINK(i)->prev = -1;
+ if( x>=0 ){
+ assert( x<mem5.nBlock );
+ MEM5LINK(x)->prev = i;
+ }
+ mem5.aiFreelist[iLogsize] = i;
+}
+
+/*
+** Obtain or release the mutex needed to access global data structures.
+*/
+static void memsys5Enter(void){
+ sqlite3_mutex_enter(mem5.mutex);
+}
+static void memsys5Leave(void){
+ sqlite3_mutex_leave(mem5.mutex);
+}
+
+/*
+** Return the size of an outstanding allocation, in bytes.
+** This only works for chunks that are currently checked out.
+*/
+static int memsys5Size(void *p){
+ int iSize, i;
+ assert( p!=0 );
+ i = (int)(((u8 *)p-mem5.zPool)/mem5.szAtom);
+ assert( i>=0 && i<mem5.nBlock );
+ iSize = mem5.szAtom * (1 << (mem5.aCtrl[i]&CTRL_LOGSIZE));
+ return iSize;
+}
+
+/*
+** Return a block of memory of at least nBytes in size.
+** Return NULL if unable. Return NULL if nBytes==0.
+**
+** The caller guarantees that nByte is positive.
+**
+** The caller has obtained a mutex prior to invoking this
+** routine so there is never any chance that two or more
+** threads can be in this routine at the same time.
+*/
+static void *memsys5MallocUnsafe(int nByte){
+ int i; /* Index of a mem5.aPool[] slot */
+ int iBin; /* Index into mem5.aiFreelist[] */
+ int iFullSz; /* Size of allocation rounded up to power of 2 */
+ int iLogsize; /* Log2 of iFullSz/POW2_MIN */
+
+ /* nByte must be a positive */
+ assert( nByte>0 );
+
+ /* Keep track of the maximum allocation request. Even unfulfilled
+ ** requests are counted */
+ if( (u32)nByte>mem5.maxRequest ){
+ /* Abort if the requested allocation size is larger than the largest
+ ** power of two that we can represent using 32-bit signed integers. */
+ if( nByte > 0x40000000 ) return 0;
+ mem5.maxRequest = nByte;
+ }
+
+ /* Round nByte up to the next valid power of two */
+ for(iFullSz=mem5.szAtom,iLogsize=0; iFullSz<nByte; iFullSz*=2,iLogsize++){}
+
+ /* Make sure mem5.aiFreelist[iLogsize] contains at least one free
+ ** block. If not, then split a block of the next larger power of
+ ** two in order to create a new free block of size iLogsize.
+ */
+ for(iBin=iLogsize; iBin<=LOGMAX && mem5.aiFreelist[iBin]<0; iBin++){}
+ if( iBin>LOGMAX ){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_NOMEM, "failed to allocate %u bytes", nByte);
+ return 0;
+ }
+ i = mem5.aiFreelist[iBin];
+ memsys5Unlink(i, iBin);
+ while( iBin>iLogsize ){
+ int newSize;
+
+ iBin--;
+ newSize = 1 << iBin;
+ mem5.aCtrl[i+newSize] = CTRL_FREE | iBin;
+ memsys5Link(i+newSize, iBin);
+ }
+ mem5.aCtrl[i] = iLogsize;
+
+ /* Update allocator performance statistics. */
+ mem5.nAlloc++;
+ mem5.totalAlloc += iFullSz;
+ mem5.totalExcess += iFullSz - nByte;
+ mem5.currentCount++;
+ mem5.currentOut += iFullSz;
+ if( mem5.maxCount<mem5.currentCount ) mem5.maxCount = mem5.currentCount;
+ if( mem5.maxOut<mem5.currentOut ) mem5.maxOut = mem5.currentOut;
+
+#ifdef SQLITE_DEBUG
+ /* Make sure the allocated memory does not assume that it is set to zero
+ ** or retains a value from a previous allocation */
+ memset(&mem5.zPool[i*mem5.szAtom], 0xAA, iFullSz);
+#endif
+
+ /* Return a pointer to the allocated memory. */
+ return (void*)&mem5.zPool[i*mem5.szAtom];
+}
+
+/*
+** Free an outstanding memory allocation.
+*/
+static void memsys5FreeUnsafe(void *pOld){
+ u32 size, iLogsize;
+ int iBlock;
+
+ /* Set iBlock to the index of the block pointed to by pOld in
+ ** the array of mem5.szAtom byte blocks pointed to by mem5.zPool.
+ */
+ iBlock = (int)(((u8 *)pOld-mem5.zPool)/mem5.szAtom);
+
+ /* Check that the pointer pOld points to a valid, non-free block. */
+ assert( iBlock>=0 && iBlock<mem5.nBlock );
+ assert( ((u8 *)pOld-mem5.zPool)%mem5.szAtom==0 );
+ assert( (mem5.aCtrl[iBlock] & CTRL_FREE)==0 );
+
+ iLogsize = mem5.aCtrl[iBlock] & CTRL_LOGSIZE;
+ size = 1<<iLogsize;
+ assert( iBlock+size-1<(u32)mem5.nBlock );
+
+ mem5.aCtrl[iBlock] |= CTRL_FREE;
+ mem5.aCtrl[iBlock+size-1] |= CTRL_FREE;
+ assert( mem5.currentCount>0 );
+ assert( mem5.currentOut>=(size*mem5.szAtom) );
+ mem5.currentCount--;
+ mem5.currentOut -= size*mem5.szAtom;
+ assert( mem5.currentOut>0 || mem5.currentCount==0 );
+ assert( mem5.currentCount>0 || mem5.currentOut==0 );
+
+ mem5.aCtrl[iBlock] = CTRL_FREE | iLogsize;
+ while( ALWAYS(iLogsize<LOGMAX) ){
+ int iBuddy;
+ if( (iBlock>>iLogsize) & 1 ){
+ iBuddy = iBlock - size;
+ }else{
+ iBuddy = iBlock + size;
+ }
+ assert( iBuddy>=0 );
+ if( (iBuddy+(1<<iLogsize))>mem5.nBlock ) break;
+ if( mem5.aCtrl[iBuddy]!=(CTRL_FREE | iLogsize) ) break;
+ memsys5Unlink(iBuddy, iLogsize);
+ iLogsize++;
+ if( iBuddy<iBlock ){
+ mem5.aCtrl[iBuddy] = CTRL_FREE | iLogsize;
+ mem5.aCtrl[iBlock] = 0;
+ iBlock = iBuddy;
+ }else{
+ mem5.aCtrl[iBlock] = CTRL_FREE | iLogsize;
+ mem5.aCtrl[iBuddy] = 0;
+ }
+ size *= 2;
+ }
+
+#ifdef SQLITE_DEBUG
+ /* Overwrite freed memory with the 0x55 bit pattern to verify that it is
+ ** not used after being freed */
+ memset(&mem5.zPool[iBlock*mem5.szAtom], 0x55, size);
+#endif
+
+ memsys5Link(iBlock, iLogsize);
+}
+
+/*
+** Allocate nBytes of memory.
+*/
+static void *memsys5Malloc(int nBytes){
+ sqlite3_int64 *p = 0;
+ if( nBytes>0 ){
+ memsys5Enter();
+ p = memsys5MallocUnsafe(nBytes);
+ memsys5Leave();
+ }
+ return (void*)p;
+}
+
+/*
+** Free memory.
+**
+** The outer layer memory allocator prevents this routine from
+** being called with pPrior==0.
+*/
+static void memsys5Free(void *pPrior){
+ assert( pPrior!=0 );
+ memsys5Enter();
+ memsys5FreeUnsafe(pPrior);
+ memsys5Leave();
+}
+
+/*
+** Change the size of an existing memory allocation.
+**
+** The outer layer memory allocator prevents this routine from
+** being called with pPrior==0.
+**
+** nBytes is always a value obtained from a prior call to
+** memsys5Round(). Hence nBytes is always a non-negative power
+** of two. If nBytes==0 that means that an oversize allocation
+** (an allocation larger than 0x40000000) was requested and this
+** routine should return 0 without freeing pPrior.
+*/
+static void *memsys5Realloc(void *pPrior, int nBytes){
+ int nOld;
+ void *p;
+ assert( pPrior!=0 );
+ assert( (nBytes&(nBytes-1))==0 ); /* EV: R-46199-30249 */
+ assert( nBytes>=0 );
+ if( nBytes==0 ){
+ return 0;
+ }
+ nOld = memsys5Size(pPrior);
+ if( nBytes<=nOld ){
+ return pPrior;
+ }
+ p = memsys5Malloc(nBytes);
+ if( p ){
+ memcpy(p, pPrior, nOld);
+ memsys5Free(pPrior);
+ }
+ return p;
+}
+
+/*
+** Round up a request size to the next valid allocation size. If
+** the allocation is too large to be handled by this allocation system,
+** return 0.
+**
+** All allocations must be a power of two and must be expressed by a
+** 32-bit signed integer. Hence the largest allocation is 0x40000000
+** or 1073741824 bytes.
+*/
+static int memsys5Roundup(int n){
+ int iFullSz;
+ if( n > 0x40000000 ) return 0;
+ for(iFullSz=mem5.szAtom; iFullSz<n; iFullSz *= 2);
+ return iFullSz;
+}
+
+/*
+** Return the ceiling of the logarithm base 2 of iValue.
+**
+** Examples: memsys5Log(1) -> 0
+** memsys5Log(2) -> 1
+** memsys5Log(4) -> 2
+** memsys5Log(5) -> 3
+** memsys5Log(8) -> 3
+** memsys5Log(9) -> 4
+*/
+static int memsys5Log(int iValue){
+ int iLog;
+ for(iLog=0; (iLog<(int)((sizeof(int)*8)-1)) && (1<<iLog)<iValue; iLog++);
+ return iLog;
+}
+
+/*
+** Initialize the memory allocator.
+**
+** This routine is not threadsafe. The caller must be holding a mutex
+** to prevent multiple threads from entering at the same time.
+*/
+static int memsys5Init(void *NotUsed){
+ int ii; /* Loop counter */
+ int nByte; /* Number of bytes of memory available to this allocator */
+ u8 *zByte; /* Memory usable by this allocator */
+ int nMinLog; /* Log base 2 of minimum allocation size in bytes */
+ int iOffset; /* An offset into mem5.aCtrl[] */
+
+ UNUSED_PARAMETER(NotUsed);
+
+ /* For the purposes of this routine, disable the mutex */
+ mem5.mutex = 0;
+
+ /* The size of a Mem5Link object must be a power of two. Verify that
+ ** this is case.
+ */
+ assert( (sizeof(Mem5Link)&(sizeof(Mem5Link)-1))==0 );
+
+ nByte = sqlite3GlobalConfig.nHeap;
+ zByte = (u8*)sqlite3GlobalConfig.pHeap;
+ assert( zByte!=0 ); /* sqlite3_config() does not allow otherwise */
+
+ /* boundaries on sqlite3GlobalConfig.mnReq are enforced in sqlite3_config() */
+ nMinLog = memsys5Log(sqlite3GlobalConfig.mnReq);
+ mem5.szAtom = (1<<nMinLog);
+ while( (int)sizeof(Mem5Link)>mem5.szAtom ){
+ mem5.szAtom = mem5.szAtom << 1;
+ }
+
+ mem5.nBlock = (nByte / (mem5.szAtom+sizeof(u8)));
+ mem5.zPool = zByte;
+ mem5.aCtrl = (u8 *)&mem5.zPool[mem5.nBlock*mem5.szAtom];
+
+ for(ii=0; ii<=LOGMAX; ii++){
+ mem5.aiFreelist[ii] = -1;
+ }
+
+ iOffset = 0;
+ for(ii=LOGMAX; ii>=0; ii--){
+ int nAlloc = (1<<ii);
+ if( (iOffset+nAlloc)<=mem5.nBlock ){
+ mem5.aCtrl[iOffset] = ii | CTRL_FREE;
+ memsys5Link(iOffset, ii);
+ iOffset += nAlloc;
+ }
+ assert((iOffset+nAlloc)>mem5.nBlock);
+ }
+
+ /* If a mutex is required for normal operation, allocate one */
+ if( sqlite3GlobalConfig.bMemstat==0 ){
+ mem5.mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MEM);
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Deinitialize this module.
+*/
+static void memsys5Shutdown(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ mem5.mutex = 0;
+ return;
+}
+
+#ifdef SQLITE_TEST
+/*
+** Open the file indicated and write a log of all unfreed memory
+** allocations into that log.
+*/
+SQLITE_PRIVATE void sqlite3Memsys5Dump(const char *zFilename){
+ FILE *out;
+ int i, j, n;
+ int nMinLog;
+
+ if( zFilename==0 || zFilename[0]==0 ){
+ out = stdout;
+ }else{
+ out = fopen(zFilename, "w");
+ if( out==0 ){
+ fprintf(stderr, "** Unable to output memory debug output log: %s **\n",
+ zFilename);
+ return;
+ }
+ }
+ memsys5Enter();
+ nMinLog = memsys5Log(mem5.szAtom);
+ for(i=0; i<=LOGMAX && i+nMinLog<32; i++){
+ for(n=0, j=mem5.aiFreelist[i]; j>=0; j = MEM5LINK(j)->next, n++){}
+ fprintf(out, "freelist items of size %d: %d\n", mem5.szAtom << i, n);
+ }
+ fprintf(out, "mem5.nAlloc = %llu\n", mem5.nAlloc);
+ fprintf(out, "mem5.totalAlloc = %llu\n", mem5.totalAlloc);
+ fprintf(out, "mem5.totalExcess = %llu\n", mem5.totalExcess);
+ fprintf(out, "mem5.currentOut = %u\n", mem5.currentOut);
+ fprintf(out, "mem5.currentCount = %u\n", mem5.currentCount);
+ fprintf(out, "mem5.maxOut = %u\n", mem5.maxOut);
+ fprintf(out, "mem5.maxCount = %u\n", mem5.maxCount);
+ fprintf(out, "mem5.maxRequest = %u\n", mem5.maxRequest);
+ memsys5Leave();
+ if( out==stdout ){
+ fflush(stdout);
+ }else{
+ fclose(out);
+ }
+}
+#endif
+
+/*
+** This routine is the only routine in this file with external
+** linkage. It returns a pointer to a static sqlite3_mem_methods
+** struct populated with the memsys5 methods.
+*/
+SQLITE_PRIVATE const sqlite3_mem_methods *sqlite3MemGetMemsys5(void){
+ static const sqlite3_mem_methods memsys5Methods = {
+ memsys5Malloc,
+ memsys5Free,
+ memsys5Realloc,
+ memsys5Size,
+ memsys5Roundup,
+ memsys5Init,
+ memsys5Shutdown,
+ 0
+ };
+ return &memsys5Methods;
+}
+
+#endif /* SQLITE_ENABLE_MEMSYS5 */
+
+/************** End of mem5.c ************************************************/
+/************** Begin file mutex.c *******************************************/
+/*
+** 2007 August 14
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement mutexes.
+**
+** This file contains code that is common across all mutex implementations.
+*/
+/* #include "sqliteInt.h" */
+
+#if defined(SQLITE_DEBUG) && !defined(SQLITE_MUTEX_OMIT)
+/*
+** For debugging purposes, record when the mutex subsystem is initialized
+** and uninitialized so that we can assert() if there is an attempt to
+** allocate a mutex while the system is uninitialized.
+*/
+static SQLITE_WSD int mutexIsInit = 0;
+#endif /* SQLITE_DEBUG && !defined(SQLITE_MUTEX_OMIT) */
+
+
+#ifndef SQLITE_MUTEX_OMIT
+/*
+** Initialize the mutex system.
+*/
+SQLITE_PRIVATE int sqlite3MutexInit(void){
+ int rc = SQLITE_OK;
+ if( !sqlite3GlobalConfig.mutex.xMutexAlloc ){
+ /* If the xMutexAlloc method has not been set, then the user did not
+ ** install a mutex implementation via sqlite3_config() prior to
+ ** sqlite3_initialize() being called. This block copies pointers to
+ ** the default implementation into the sqlite3GlobalConfig structure.
+ */
+ sqlite3_mutex_methods const *pFrom;
+ sqlite3_mutex_methods *pTo = &sqlite3GlobalConfig.mutex;
+
+ if( sqlite3GlobalConfig.bCoreMutex ){
+ pFrom = sqlite3DefaultMutex();
+ }else{
+ pFrom = sqlite3NoopMutex();
+ }
+ pTo->xMutexInit = pFrom->xMutexInit;
+ pTo->xMutexEnd = pFrom->xMutexEnd;
+ pTo->xMutexFree = pFrom->xMutexFree;
+ pTo->xMutexEnter = pFrom->xMutexEnter;
+ pTo->xMutexTry = pFrom->xMutexTry;
+ pTo->xMutexLeave = pFrom->xMutexLeave;
+ pTo->xMutexHeld = pFrom->xMutexHeld;
+ pTo->xMutexNotheld = pFrom->xMutexNotheld;
+ sqlite3MemoryBarrier();
+ pTo->xMutexAlloc = pFrom->xMutexAlloc;
+ }
+ assert( sqlite3GlobalConfig.mutex.xMutexInit );
+ rc = sqlite3GlobalConfig.mutex.xMutexInit();
+
+#ifdef SQLITE_DEBUG
+ GLOBAL(int, mutexIsInit) = 1;
+#endif
+
+ return rc;
+}
+
+/*
+** Shutdown the mutex system. This call frees resources allocated by
+** sqlite3MutexInit().
+*/
+SQLITE_PRIVATE int sqlite3MutexEnd(void){
+ int rc = SQLITE_OK;
+ if( sqlite3GlobalConfig.mutex.xMutexEnd ){
+ rc = sqlite3GlobalConfig.mutex.xMutexEnd();
+ }
+
+#ifdef SQLITE_DEBUG
+ GLOBAL(int, mutexIsInit) = 0;
+#endif
+
+ return rc;
+}
+
+/*
+** Retrieve a pointer to a static mutex or allocate a new dynamic one.
+*/
+SQLITE_API sqlite3_mutex *SQLITE_STDCALL sqlite3_mutex_alloc(int id){
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( id<=SQLITE_MUTEX_RECURSIVE && sqlite3_initialize() ) return 0;
+ if( id>SQLITE_MUTEX_RECURSIVE && sqlite3MutexInit() ) return 0;
+#endif
+ assert( sqlite3GlobalConfig.mutex.xMutexAlloc );
+ return sqlite3GlobalConfig.mutex.xMutexAlloc(id);
+}
+
+SQLITE_PRIVATE sqlite3_mutex *sqlite3MutexAlloc(int id){
+ if( !sqlite3GlobalConfig.bCoreMutex ){
+ return 0;
+ }
+ assert( GLOBAL(int, mutexIsInit) );
+ assert( sqlite3GlobalConfig.mutex.xMutexAlloc );
+ return sqlite3GlobalConfig.mutex.xMutexAlloc(id);
+}
+
+/*
+** Free a dynamic mutex.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_free(sqlite3_mutex *p){
+ if( p ){
+ assert( sqlite3GlobalConfig.mutex.xMutexFree );
+ sqlite3GlobalConfig.mutex.xMutexFree(p);
+ }
+}
+
+/*
+** Obtain the mutex p. If some other thread already has the mutex, block
+** until it can be obtained.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_enter(sqlite3_mutex *p){
+ if( p ){
+ assert( sqlite3GlobalConfig.mutex.xMutexEnter );
+ sqlite3GlobalConfig.mutex.xMutexEnter(p);
+ }
+}
+
+/*
+** Obtain the mutex p. If successful, return SQLITE_OK. Otherwise, if another
+** thread holds the mutex and it cannot be obtained, return SQLITE_BUSY.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_try(sqlite3_mutex *p){
+ int rc = SQLITE_OK;
+ if( p ){
+ assert( sqlite3GlobalConfig.mutex.xMutexTry );
+ return sqlite3GlobalConfig.mutex.xMutexTry(p);
+ }
+ return rc;
+}
+
+/*
+** The sqlite3_mutex_leave() routine exits a mutex that was previously
+** entered by the same thread. The behavior is undefined if the mutex
+** is not currently entered. If a NULL pointer is passed as an argument
+** this function is a no-op.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_leave(sqlite3_mutex *p){
+ if( p ){
+ assert( sqlite3GlobalConfig.mutex.xMutexLeave );
+ sqlite3GlobalConfig.mutex.xMutexLeave(p);
+ }
+}
+
+#ifndef NDEBUG
+/*
+** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routine are
+** intended for use inside assert() statements.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_held(sqlite3_mutex *p){
+ assert( p==0 || sqlite3GlobalConfig.mutex.xMutexHeld );
+ return p==0 || sqlite3GlobalConfig.mutex.xMutexHeld(p);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_notheld(sqlite3_mutex *p){
+ assert( p==0 || sqlite3GlobalConfig.mutex.xMutexNotheld );
+ return p==0 || sqlite3GlobalConfig.mutex.xMutexNotheld(p);
+}
+#endif
+
+#endif /* !defined(SQLITE_MUTEX_OMIT) */
+
+/************** End of mutex.c ***********************************************/
+/************** Begin file mutex_noop.c **************************************/
+/*
+** 2008 October 07
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement mutexes.
+**
+** This implementation in this file does not provide any mutual
+** exclusion and is thus suitable for use only in applications
+** that use SQLite in a single thread. The routines defined
+** here are place-holders. Applications can substitute working
+** mutex routines at start-time using the
+**
+** sqlite3_config(SQLITE_CONFIG_MUTEX,...)
+**
+** interface.
+**
+** If compiled with SQLITE_DEBUG, then additional logic is inserted
+** that does error checking on mutexes to make sure they are being
+** called correctly.
+*/
+/* #include "sqliteInt.h" */
+
+#ifndef SQLITE_MUTEX_OMIT
+
+#ifndef SQLITE_DEBUG
+/*
+** Stub routines for all mutex methods.
+**
+** This routines provide no mutual exclusion or error checking.
+*/
+static int noopMutexInit(void){ return SQLITE_OK; }
+static int noopMutexEnd(void){ return SQLITE_OK; }
+static sqlite3_mutex *noopMutexAlloc(int id){
+ UNUSED_PARAMETER(id);
+ return (sqlite3_mutex*)8;
+}
+static void noopMutexFree(sqlite3_mutex *p){ UNUSED_PARAMETER(p); return; }
+static void noopMutexEnter(sqlite3_mutex *p){ UNUSED_PARAMETER(p); return; }
+static int noopMutexTry(sqlite3_mutex *p){
+ UNUSED_PARAMETER(p);
+ return SQLITE_OK;
+}
+static void noopMutexLeave(sqlite3_mutex *p){ UNUSED_PARAMETER(p); return; }
+
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3NoopMutex(void){
+ static const sqlite3_mutex_methods sMutex = {
+ noopMutexInit,
+ noopMutexEnd,
+ noopMutexAlloc,
+ noopMutexFree,
+ noopMutexEnter,
+ noopMutexTry,
+ noopMutexLeave,
+
+ 0,
+ 0,
+ };
+
+ return &sMutex;
+}
+#endif /* !SQLITE_DEBUG */
+
+#ifdef SQLITE_DEBUG
+/*
+** In this implementation, error checking is provided for testing
+** and debugging purposes. The mutexes still do not provide any
+** mutual exclusion.
+*/
+
+/*
+** The mutex object
+*/
+typedef struct sqlite3_debug_mutex {
+ int id; /* The mutex type */
+ int cnt; /* Number of entries without a matching leave */
+} sqlite3_debug_mutex;
+
+/*
+** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routine are
+** intended for use inside assert() statements.
+*/
+static int debugMutexHeld(sqlite3_mutex *pX){
+ sqlite3_debug_mutex *p = (sqlite3_debug_mutex*)pX;
+ return p==0 || p->cnt>0;
+}
+static int debugMutexNotheld(sqlite3_mutex *pX){
+ sqlite3_debug_mutex *p = (sqlite3_debug_mutex*)pX;
+ return p==0 || p->cnt==0;
+}
+
+/*
+** Initialize and deinitialize the mutex subsystem.
+*/
+static int debugMutexInit(void){ return SQLITE_OK; }
+static int debugMutexEnd(void){ return SQLITE_OK; }
+
+/*
+** The sqlite3_mutex_alloc() routine allocates a new
+** mutex and returns a pointer to it. If it returns NULL
+** that means that a mutex could not be allocated.
+*/
+static sqlite3_mutex *debugMutexAlloc(int id){
+ static sqlite3_debug_mutex aStatic[SQLITE_MUTEX_STATIC_VFS3 - 1];
+ sqlite3_debug_mutex *pNew = 0;
+ switch( id ){
+ case SQLITE_MUTEX_FAST:
+ case SQLITE_MUTEX_RECURSIVE: {
+ pNew = sqlite3Malloc(sizeof(*pNew));
+ if( pNew ){
+ pNew->id = id;
+ pNew->cnt = 0;
+ }
+ break;
+ }
+ default: {
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( id-2<0 || id-2>=ArraySize(aStatic) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ pNew = &aStatic[id-2];
+ pNew->id = id;
+ break;
+ }
+ }
+ return (sqlite3_mutex*)pNew;
+}
+
+/*
+** This routine deallocates a previously allocated mutex.
+*/
+static void debugMutexFree(sqlite3_mutex *pX){
+ sqlite3_debug_mutex *p = (sqlite3_debug_mutex*)pX;
+ assert( p->cnt==0 );
+ if( p->id==SQLITE_MUTEX_RECURSIVE || p->id==SQLITE_MUTEX_FAST ){
+ sqlite3_free(p);
+ }else{
+#ifdef SQLITE_ENABLE_API_ARMOR
+ (void)SQLITE_MISUSE_BKPT;
+#endif
+ }
+}
+
+/*
+** The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt
+** to enter a mutex. If another thread is already within the mutex,
+** sqlite3_mutex_enter() will block and sqlite3_mutex_try() will return
+** SQLITE_BUSY. The sqlite3_mutex_try() interface returns SQLITE_OK
+** upon successful entry. Mutexes created using SQLITE_MUTEX_RECURSIVE can
+** be entered multiple times by the same thread. In such cases the,
+** mutex must be exited an equal number of times before another thread
+** can enter. If the same thread tries to enter any other kind of mutex
+** more than once, the behavior is undefined.
+*/
+static void debugMutexEnter(sqlite3_mutex *pX){
+ sqlite3_debug_mutex *p = (sqlite3_debug_mutex*)pX;
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || debugMutexNotheld(pX) );
+ p->cnt++;
+}
+static int debugMutexTry(sqlite3_mutex *pX){
+ sqlite3_debug_mutex *p = (sqlite3_debug_mutex*)pX;
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || debugMutexNotheld(pX) );
+ p->cnt++;
+ return SQLITE_OK;
+}
+
+/*
+** The sqlite3_mutex_leave() routine exits a mutex that was
+** previously entered by the same thread. The behavior
+** is undefined if the mutex is not currently entered or
+** is not currently allocated. SQLite will never do either.
+*/
+static void debugMutexLeave(sqlite3_mutex *pX){
+ sqlite3_debug_mutex *p = (sqlite3_debug_mutex*)pX;
+ assert( debugMutexHeld(pX) );
+ p->cnt--;
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || debugMutexNotheld(pX) );
+}
+
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3NoopMutex(void){
+ static const sqlite3_mutex_methods sMutex = {
+ debugMutexInit,
+ debugMutexEnd,
+ debugMutexAlloc,
+ debugMutexFree,
+ debugMutexEnter,
+ debugMutexTry,
+ debugMutexLeave,
+
+ debugMutexHeld,
+ debugMutexNotheld
+ };
+
+ return &sMutex;
+}
+#endif /* SQLITE_DEBUG */
+
+/*
+** If compiled with SQLITE_MUTEX_NOOP, then the no-op mutex implementation
+** is used regardless of the run-time threadsafety setting.
+*/
+#ifdef SQLITE_MUTEX_NOOP
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3DefaultMutex(void){
+ return sqlite3NoopMutex();
+}
+#endif /* defined(SQLITE_MUTEX_NOOP) */
+#endif /* !defined(SQLITE_MUTEX_OMIT) */
+
+/************** End of mutex_noop.c ******************************************/
+/************** Begin file mutex_unix.c **************************************/
+/*
+** 2007 August 28
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement mutexes for pthreads
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** The code in this file is only used if we are compiling threadsafe
+** under unix with pthreads.
+**
+** Note that this implementation requires a version of pthreads that
+** supports recursive mutexes.
+*/
+#ifdef SQLITE_MUTEX_PTHREADS
+
+#include <pthread.h>
+
+/*
+** The sqlite3_mutex.id, sqlite3_mutex.nRef, and sqlite3_mutex.owner fields
+** are necessary under two condidtions: (1) Debug builds and (2) using
+** home-grown mutexes. Encapsulate these conditions into a single #define.
+*/
+#if defined(SQLITE_DEBUG) || defined(SQLITE_HOMEGROWN_RECURSIVE_MUTEX)
+# define SQLITE_MUTEX_NREF 1
+#else
+# define SQLITE_MUTEX_NREF 0
+#endif
+
+/*
+** Each recursive mutex is an instance of the following structure.
+*/
+struct sqlite3_mutex {
+ pthread_mutex_t mutex; /* Mutex controlling the lock */
+#if SQLITE_MUTEX_NREF || defined(SQLITE_ENABLE_API_ARMOR)
+ int id; /* Mutex type */
+#endif
+#if SQLITE_MUTEX_NREF
+ volatile int nRef; /* Number of entrances */
+ volatile pthread_t owner; /* Thread that is within this mutex */
+ int trace; /* True to trace changes */
+#endif
+};
+#if SQLITE_MUTEX_NREF
+#define SQLITE3_MUTEX_INITIALIZER {PTHREAD_MUTEX_INITIALIZER,0,0,(pthread_t)0,0}
+#elif defined(SQLITE_ENABLE_API_ARMOR)
+#define SQLITE3_MUTEX_INITIALIZER { PTHREAD_MUTEX_INITIALIZER, 0 }
+#else
+#define SQLITE3_MUTEX_INITIALIZER { PTHREAD_MUTEX_INITIALIZER }
+#endif
+
+/*
+** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routine are
+** intended for use only inside assert() statements. On some platforms,
+** there might be race conditions that can cause these routines to
+** deliver incorrect results. In particular, if pthread_equal() is
+** not an atomic operation, then these routines might delivery
+** incorrect results. On most platforms, pthread_equal() is a
+** comparison of two integers and is therefore atomic. But we are
+** told that HPUX is not such a platform. If so, then these routines
+** will not always work correctly on HPUX.
+**
+** On those platforms where pthread_equal() is not atomic, SQLite
+** should be compiled without -DSQLITE_DEBUG and with -DNDEBUG to
+** make sure no assert() statements are evaluated and hence these
+** routines are never called.
+*/
+#if !defined(NDEBUG) || defined(SQLITE_DEBUG)
+static int pthreadMutexHeld(sqlite3_mutex *p){
+ return (p->nRef!=0 && pthread_equal(p->owner, pthread_self()));
+}
+static int pthreadMutexNotheld(sqlite3_mutex *p){
+ return p->nRef==0 || pthread_equal(p->owner, pthread_self())==0;
+}
+#endif
+
+/*
+** Try to provide a memory barrier operation, needed for initialization
+** and also for the implementation of xShmBarrier in the VFS in cases
+** where SQLite is compiled without mutexes.
+*/
+SQLITE_PRIVATE void sqlite3MemoryBarrier(void){
+#if defined(SQLITE_MEMORY_BARRIER)
+ SQLITE_MEMORY_BARRIER;
+#elif defined(__GNUC__) && GCC_VERSION>=4001000
+ __sync_synchronize();
+#endif
+}
+
+/*
+** Initialize and deinitialize the mutex subsystem.
+*/
+static int pthreadMutexInit(void){ return SQLITE_OK; }
+static int pthreadMutexEnd(void){ return SQLITE_OK; }
+
+/*
+** The sqlite3_mutex_alloc() routine allocates a new
+** mutex and returns a pointer to it. If it returns NULL
+** that means that a mutex could not be allocated. SQLite
+** will unwind its stack and return an error. The argument
+** to sqlite3_mutex_alloc() is one of these integer constants:
+**
+** <ul>
+** <li> SQLITE_MUTEX_FAST
+** <li> SQLITE_MUTEX_RECURSIVE
+** <li> SQLITE_MUTEX_STATIC_MASTER
+** <li> SQLITE_MUTEX_STATIC_MEM
+** <li> SQLITE_MUTEX_STATIC_OPEN
+** <li> SQLITE_MUTEX_STATIC_PRNG
+** <li> SQLITE_MUTEX_STATIC_LRU
+** <li> SQLITE_MUTEX_STATIC_PMEM
+** <li> SQLITE_MUTEX_STATIC_APP1
+** <li> SQLITE_MUTEX_STATIC_APP2
+** <li> SQLITE_MUTEX_STATIC_APP3
+** <li> SQLITE_MUTEX_STATIC_VFS1
+** <li> SQLITE_MUTEX_STATIC_VFS2
+** <li> SQLITE_MUTEX_STATIC_VFS3
+** </ul>
+**
+** The first two constants cause sqlite3_mutex_alloc() to create
+** a new mutex. The new mutex is recursive when SQLITE_MUTEX_RECURSIVE
+** is used but not necessarily so when SQLITE_MUTEX_FAST is used.
+** The mutex implementation does not need to make a distinction
+** between SQLITE_MUTEX_RECURSIVE and SQLITE_MUTEX_FAST if it does
+** not want to. But SQLite will only request a recursive mutex in
+** cases where it really needs one. If a faster non-recursive mutex
+** implementation is available on the host platform, the mutex subsystem
+** might return such a mutex in response to SQLITE_MUTEX_FAST.
+**
+** The other allowed parameters to sqlite3_mutex_alloc() each return
+** a pointer to a static preexisting mutex. Six static mutexes are
+** used by the current version of SQLite. Future versions of SQLite
+** may add additional static mutexes. Static mutexes are for internal
+** use by SQLite only. Applications that use SQLite mutexes should
+** use only the dynamic mutexes returned by SQLITE_MUTEX_FAST or
+** SQLITE_MUTEX_RECURSIVE.
+**
+** Note that if one of the dynamic mutex parameters (SQLITE_MUTEX_FAST
+** or SQLITE_MUTEX_RECURSIVE) is used then sqlite3_mutex_alloc()
+** returns a different mutex on every call. But for the static
+** mutex types, the same mutex is returned on every call that has
+** the same type number.
+*/
+static sqlite3_mutex *pthreadMutexAlloc(int iType){
+ static sqlite3_mutex staticMutexes[] = {
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER
+ };
+ sqlite3_mutex *p;
+ switch( iType ){
+ case SQLITE_MUTEX_RECURSIVE: {
+ p = sqlite3MallocZero( sizeof(*p) );
+ if( p ){
+#ifdef SQLITE_HOMEGROWN_RECURSIVE_MUTEX
+ /* If recursive mutexes are not available, we will have to
+ ** build our own. See below. */
+ pthread_mutex_init(&p->mutex, 0);
+#else
+ /* Use a recursive mutex if it is available */
+ pthread_mutexattr_t recursiveAttr;
+ pthread_mutexattr_init(&recursiveAttr);
+ pthread_mutexattr_settype(&recursiveAttr, PTHREAD_MUTEX_RECURSIVE);
+ pthread_mutex_init(&p->mutex, &recursiveAttr);
+ pthread_mutexattr_destroy(&recursiveAttr);
+#endif
+ }
+ break;
+ }
+ case SQLITE_MUTEX_FAST: {
+ p = sqlite3MallocZero( sizeof(*p) );
+ if( p ){
+ pthread_mutex_init(&p->mutex, 0);
+ }
+ break;
+ }
+ default: {
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( iType-2<0 || iType-2>=ArraySize(staticMutexes) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ p = &staticMutexes[iType-2];
+ break;
+ }
+ }
+#if SQLITE_MUTEX_NREF || defined(SQLITE_ENABLE_API_ARMOR)
+ if( p ) p->id = iType;
+#endif
+ return p;
+}
+
+
+/*
+** This routine deallocates a previously
+** allocated mutex. SQLite is careful to deallocate every
+** mutex that it allocates.
+*/
+static void pthreadMutexFree(sqlite3_mutex *p){
+ assert( p->nRef==0 );
+#if SQLITE_ENABLE_API_ARMOR
+ if( p->id==SQLITE_MUTEX_FAST || p->id==SQLITE_MUTEX_RECURSIVE )
+#endif
+ {
+ pthread_mutex_destroy(&p->mutex);
+ sqlite3_free(p);
+ }
+#ifdef SQLITE_ENABLE_API_ARMOR
+ else{
+ (void)SQLITE_MISUSE_BKPT;
+ }
+#endif
+}
+
+/*
+** The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt
+** to enter a mutex. If another thread is already within the mutex,
+** sqlite3_mutex_enter() will block and sqlite3_mutex_try() will return
+** SQLITE_BUSY. The sqlite3_mutex_try() interface returns SQLITE_OK
+** upon successful entry. Mutexes created using SQLITE_MUTEX_RECURSIVE can
+** be entered multiple times by the same thread. In such cases the,
+** mutex must be exited an equal number of times before another thread
+** can enter. If the same thread tries to enter any other kind of mutex
+** more than once, the behavior is undefined.
+*/
+static void pthreadMutexEnter(sqlite3_mutex *p){
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || pthreadMutexNotheld(p) );
+
+#ifdef SQLITE_HOMEGROWN_RECURSIVE_MUTEX
+ /* If recursive mutexes are not available, then we have to grow
+ ** our own. This implementation assumes that pthread_equal()
+ ** is atomic - that it cannot be deceived into thinking self
+ ** and p->owner are equal if p->owner changes between two values
+ ** that are not equal to self while the comparison is taking place.
+ ** This implementation also assumes a coherent cache - that
+ ** separate processes cannot read different values from the same
+ ** address at the same time. If either of these two conditions
+ ** are not met, then the mutexes will fail and problems will result.
+ */
+ {
+ pthread_t self = pthread_self();
+ if( p->nRef>0 && pthread_equal(p->owner, self) ){
+ p->nRef++;
+ }else{
+ pthread_mutex_lock(&p->mutex);
+ assert( p->nRef==0 );
+ p->owner = self;
+ p->nRef = 1;
+ }
+ }
+#else
+ /* Use the built-in recursive mutexes if they are available.
+ */
+ pthread_mutex_lock(&p->mutex);
+#if SQLITE_MUTEX_NREF
+ assert( p->nRef>0 || p->owner==0 );
+ p->owner = pthread_self();
+ p->nRef++;
+#endif
+#endif
+
+#ifdef SQLITE_DEBUG
+ if( p->trace ){
+ printf("enter mutex %p (%d) with nRef=%d\n", p, p->trace, p->nRef);
+ }
+#endif
+}
+static int pthreadMutexTry(sqlite3_mutex *p){
+ int rc;
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || pthreadMutexNotheld(p) );
+
+#ifdef SQLITE_HOMEGROWN_RECURSIVE_MUTEX
+ /* If recursive mutexes are not available, then we have to grow
+ ** our own. This implementation assumes that pthread_equal()
+ ** is atomic - that it cannot be deceived into thinking self
+ ** and p->owner are equal if p->owner changes between two values
+ ** that are not equal to self while the comparison is taking place.
+ ** This implementation also assumes a coherent cache - that
+ ** separate processes cannot read different values from the same
+ ** address at the same time. If either of these two conditions
+ ** are not met, then the mutexes will fail and problems will result.
+ */
+ {
+ pthread_t self = pthread_self();
+ if( p->nRef>0 && pthread_equal(p->owner, self) ){
+ p->nRef++;
+ rc = SQLITE_OK;
+ }else if( pthread_mutex_trylock(&p->mutex)==0 ){
+ assert( p->nRef==0 );
+ p->owner = self;
+ p->nRef = 1;
+ rc = SQLITE_OK;
+ }else{
+ rc = SQLITE_BUSY;
+ }
+ }
+#else
+ /* Use the built-in recursive mutexes if they are available.
+ */
+ if( pthread_mutex_trylock(&p->mutex)==0 ){
+#if SQLITE_MUTEX_NREF
+ p->owner = pthread_self();
+ p->nRef++;
+#endif
+ rc = SQLITE_OK;
+ }else{
+ rc = SQLITE_BUSY;
+ }
+#endif
+
+#ifdef SQLITE_DEBUG
+ if( rc==SQLITE_OK && p->trace ){
+ printf("enter mutex %p (%d) with nRef=%d\n", p, p->trace, p->nRef);
+ }
+#endif
+ return rc;
+}
+
+/*
+** The sqlite3_mutex_leave() routine exits a mutex that was
+** previously entered by the same thread. The behavior
+** is undefined if the mutex is not currently entered or
+** is not currently allocated. SQLite will never do either.
+*/
+static void pthreadMutexLeave(sqlite3_mutex *p){
+ assert( pthreadMutexHeld(p) );
+#if SQLITE_MUTEX_NREF
+ p->nRef--;
+ if( p->nRef==0 ) p->owner = 0;
+#endif
+ assert( p->nRef==0 || p->id==SQLITE_MUTEX_RECURSIVE );
+
+#ifdef SQLITE_HOMEGROWN_RECURSIVE_MUTEX
+ if( p->nRef==0 ){
+ pthread_mutex_unlock(&p->mutex);
+ }
+#else
+ pthread_mutex_unlock(&p->mutex);
+#endif
+
+#ifdef SQLITE_DEBUG
+ if( p->trace ){
+ printf("leave mutex %p (%d) with nRef=%d\n", p, p->trace, p->nRef);
+ }
+#endif
+}
+
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3DefaultMutex(void){
+ static const sqlite3_mutex_methods sMutex = {
+ pthreadMutexInit,
+ pthreadMutexEnd,
+ pthreadMutexAlloc,
+ pthreadMutexFree,
+ pthreadMutexEnter,
+ pthreadMutexTry,
+ pthreadMutexLeave,
+#ifdef SQLITE_DEBUG
+ pthreadMutexHeld,
+ pthreadMutexNotheld
+#else
+ 0,
+ 0
+#endif
+ };
+
+ return &sMutex;
+}
+
+#endif /* SQLITE_MUTEX_PTHREADS */
+
+/************** End of mutex_unix.c ******************************************/
+/************** Begin file mutex_w32.c ***************************************/
+/*
+** 2007 August 14
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C functions that implement mutexes for Win32.
+*/
+/* #include "sqliteInt.h" */
+
+#if SQLITE_OS_WIN
+/*
+** Include code that is common to all os_*.c files
+*/
+/************** Include os_common.h in the middle of mutex_w32.c *************/
+/************** Begin file os_common.h ***************************************/
+/*
+** 2004 May 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains macros and a little bit of code that is common to
+** all of the platform-specific files (os_*.c) and is #included into those
+** files.
+**
+** This file should be #included by the os_*.c files only. It is not a
+** general purpose header file.
+*/
+#ifndef _OS_COMMON_H_
+#define _OS_COMMON_H_
+
+/*
+** At least two bugs have slipped in because we changed the MEMORY_DEBUG
+** macro to SQLITE_DEBUG and some older makefiles have not yet made the
+** switch. The following code should catch this problem at compile-time.
+*/
+#ifdef MEMORY_DEBUG
+# error "The MEMORY_DEBUG macro is obsolete. Use SQLITE_DEBUG instead."
+#endif
+
+/*
+** Macros for performance tracing. Normally turned off. Only works
+** on i486 hardware.
+*/
+#ifdef SQLITE_PERFORMANCE_TRACE
+
+/*
+** hwtime.h contains inline assembler code for implementing
+** high-performance timing routines.
+*/
+/************** Include hwtime.h in the middle of os_common.h ****************/
+/************** Begin file hwtime.h ******************************************/
+/*
+** 2008 May 27
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains inline asm code for retrieving "high-performance"
+** counters for x86 class CPUs.
+*/
+#ifndef _HWTIME_H_
+#define _HWTIME_H_
+
+/*
+** The following routine only works on pentium-class (or newer) processors.
+** It uses the RDTSC opcode to read the cycle count value out of the
+** processor and returns that value. This can be used for high-res
+** profiling.
+*/
+#if (defined(__GNUC__) || defined(_MSC_VER)) && \
+ (defined(i386) || defined(__i386__) || defined(_M_IX86))
+
+ #if defined(__GNUC__)
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned int lo, hi;
+ __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
+ return (sqlite_uint64)hi << 32 | lo;
+ }
+
+ #elif defined(_MSC_VER)
+
+ __declspec(naked) __inline sqlite_uint64 __cdecl sqlite3Hwtime(void){
+ __asm {
+ rdtsc
+ ret ; return value at EDX:EAX
+ }
+ }
+
+ #endif
+
+#elif (defined(__GNUC__) && defined(__x86_64__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long val;
+ __asm__ __volatile__ ("rdtsc" : "=A" (val));
+ return val;
+ }
+
+#elif (defined(__GNUC__) && defined(__ppc__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long long retval;
+ unsigned long junk;
+ __asm__ __volatile__ ("\n\
+ 1: mftbu %1\n\
+ mftb %L0\n\
+ mftbu %0\n\
+ cmpw %0,%1\n\
+ bne 1b"
+ : "=r" (retval), "=r" (junk));
+ return retval;
+ }
+
+#else
+
+ #error Need implementation of sqlite3Hwtime() for your platform.
+
+ /*
+ ** To compile without implementing sqlite3Hwtime() for your platform,
+ ** you can remove the above #error and use the following
+ ** stub function. You will lose timing support for many
+ ** of the debugging and testing utilities, but it should at
+ ** least compile and run.
+ */
+SQLITE_PRIVATE sqlite_uint64 sqlite3Hwtime(void){ return ((sqlite_uint64)0); }
+
+#endif
+
+#endif /* !defined(_HWTIME_H_) */
+
+/************** End of hwtime.h **********************************************/
+/************** Continuing where we left off in os_common.h ******************/
+
+static sqlite_uint64 g_start;
+static sqlite_uint64 g_elapsed;
+#define TIMER_START g_start=sqlite3Hwtime()
+#define TIMER_END g_elapsed=sqlite3Hwtime()-g_start
+#define TIMER_ELAPSED g_elapsed
+#else
+#define TIMER_START
+#define TIMER_END
+#define TIMER_ELAPSED ((sqlite_uint64)0)
+#endif
+
+/*
+** If we compile with the SQLITE_TEST macro set, then the following block
+** of code will give us the ability to simulate a disk I/O error. This
+** is used for testing the I/O recovery logic.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_io_error_hit = 0; /* Total number of I/O Errors */
+SQLITE_API int sqlite3_io_error_hardhit = 0; /* Number of non-benign errors */
+SQLITE_API int sqlite3_io_error_pending = 0; /* Count down to first I/O error */
+SQLITE_API int sqlite3_io_error_persist = 0; /* True if I/O errors persist */
+SQLITE_API int sqlite3_io_error_benign = 0; /* True if errors are benign */
+SQLITE_API int sqlite3_diskfull_pending = 0;
+SQLITE_API int sqlite3_diskfull = 0;
+#define SimulateIOErrorBenign(X) sqlite3_io_error_benign=(X)
+#define SimulateIOError(CODE) \
+ if( (sqlite3_io_error_persist && sqlite3_io_error_hit) \
+ || sqlite3_io_error_pending-- == 1 ) \
+ { local_ioerr(); CODE; }
+static void local_ioerr(){
+ IOTRACE(("IOERR\n"));
+ sqlite3_io_error_hit++;
+ if( !sqlite3_io_error_benign ) sqlite3_io_error_hardhit++;
+}
+#define SimulateDiskfullError(CODE) \
+ if( sqlite3_diskfull_pending ){ \
+ if( sqlite3_diskfull_pending == 1 ){ \
+ local_ioerr(); \
+ sqlite3_diskfull = 1; \
+ sqlite3_io_error_hit = 1; \
+ CODE; \
+ }else{ \
+ sqlite3_diskfull_pending--; \
+ } \
+ }
+#else
+#define SimulateIOErrorBenign(X)
+#define SimulateIOError(A)
+#define SimulateDiskfullError(A)
+#endif
+
+/*
+** When testing, keep a count of the number of open files.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_open_file_count = 0;
+#define OpenCounter(X) sqlite3_open_file_count+=(X)
+#else
+#define OpenCounter(X)
+#endif
+
+#endif /* !defined(_OS_COMMON_H_) */
+
+/************** End of os_common.h *******************************************/
+/************** Continuing where we left off in mutex_w32.c ******************/
+
+/*
+** Include the header file for the Windows VFS.
+*/
+/************** Include os_win.h in the middle of mutex_w32.c ****************/
+/************** Begin file os_win.h ******************************************/
+/*
+** 2013 November 25
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains code that is specific to Windows.
+*/
+#ifndef _OS_WIN_H_
+#define _OS_WIN_H_
+
+/*
+** Include the primary Windows SDK header file.
+*/
+#include "windows.h"
+
+#ifdef __CYGWIN__
+# include <sys/cygwin.h>
+# include <errno.h> /* amalgamator: dontcache */
+#endif
+
+/*
+** Determine if we are dealing with Windows NT.
+**
+** We ought to be able to determine if we are compiling for Windows 9x or
+** Windows NT using the _WIN32_WINNT macro as follows:
+**
+** #if defined(_WIN32_WINNT)
+** # define SQLITE_OS_WINNT 1
+** #else
+** # define SQLITE_OS_WINNT 0
+** #endif
+**
+** However, Visual Studio 2005 does not set _WIN32_WINNT by default, as
+** it ought to, so the above test does not work. We'll just assume that
+** everything is Windows NT unless the programmer explicitly says otherwise
+** by setting SQLITE_OS_WINNT to 0.
+*/
+#if SQLITE_OS_WIN && !defined(SQLITE_OS_WINNT)
+# define SQLITE_OS_WINNT 1
+#endif
+
+/*
+** Determine if we are dealing with Windows CE - which has a much reduced
+** API.
+*/
+#if defined(_WIN32_WCE)
+# define SQLITE_OS_WINCE 1
+#else
+# define SQLITE_OS_WINCE 0
+#endif
+
+/*
+** Determine if we are dealing with WinRT, which provides only a subset of
+** the full Win32 API.
+*/
+#if !defined(SQLITE_OS_WINRT)
+# define SQLITE_OS_WINRT 0
+#endif
+
+/*
+** For WinCE, some API function parameters do not appear to be declared as
+** volatile.
+*/
+#if SQLITE_OS_WINCE
+# define SQLITE_WIN32_VOLATILE
+#else
+# define SQLITE_WIN32_VOLATILE volatile
+#endif
+
+/*
+** For some Windows sub-platforms, the _beginthreadex() / _endthreadex()
+** functions are not available (e.g. those not using MSVC, Cygwin, etc).
+*/
+#if SQLITE_OS_WIN && !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && \
+ SQLITE_THREADSAFE>0 && !defined(__CYGWIN__)
+# define SQLITE_OS_WIN_THREADS 1
+#else
+# define SQLITE_OS_WIN_THREADS 0
+#endif
+
+#endif /* _OS_WIN_H_ */
+
+/************** End of os_win.h **********************************************/
+/************** Continuing where we left off in mutex_w32.c ******************/
+#endif
+
+/*
+** The code in this file is only used if we are compiling multithreaded
+** on a Win32 system.
+*/
+#ifdef SQLITE_MUTEX_W32
+
+/*
+** Each recursive mutex is an instance of the following structure.
+*/
+struct sqlite3_mutex {
+ CRITICAL_SECTION mutex; /* Mutex controlling the lock */
+ int id; /* Mutex type */
+#ifdef SQLITE_DEBUG
+ volatile int nRef; /* Number of enterances */
+ volatile DWORD owner; /* Thread holding this mutex */
+ volatile int trace; /* True to trace changes */
+#endif
+};
+
+/*
+** These are the initializer values used when declaring a "static" mutex
+** on Win32. It should be noted that all mutexes require initialization
+** on the Win32 platform.
+*/
+#define SQLITE_W32_MUTEX_INITIALIZER { 0 }
+
+#ifdef SQLITE_DEBUG
+#define SQLITE3_MUTEX_INITIALIZER { SQLITE_W32_MUTEX_INITIALIZER, 0, \
+ 0L, (DWORD)0, 0 }
+#else
+#define SQLITE3_MUTEX_INITIALIZER { SQLITE_W32_MUTEX_INITIALIZER, 0 }
+#endif
+
+#ifdef SQLITE_DEBUG
+/*
+** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routine are
+** intended for use only inside assert() statements.
+*/
+static int winMutexHeld(sqlite3_mutex *p){
+ return p->nRef!=0 && p->owner==GetCurrentThreadId();
+}
+
+static int winMutexNotheld2(sqlite3_mutex *p, DWORD tid){
+ return p->nRef==0 || p->owner!=tid;
+}
+
+static int winMutexNotheld(sqlite3_mutex *p){
+ DWORD tid = GetCurrentThreadId();
+ return winMutexNotheld2(p, tid);
+}
+#endif
+
+/*
+** Try to provide a memory barrier operation, needed for initialization
+** and also for the xShmBarrier method of the VFS in cases when SQLite is
+** compiled without mutexes (SQLITE_THREADSAFE=0).
+*/
+SQLITE_PRIVATE void sqlite3MemoryBarrier(void){
+#if defined(SQLITE_MEMORY_BARRIER)
+ SQLITE_MEMORY_BARRIER;
+#elif defined(__GNUC__)
+ __sync_synchronize();
+#elif !defined(SQLITE_DISABLE_INTRINSIC) && \
+ defined(_MSC_VER) && _MSC_VER>=1300
+ _ReadWriteBarrier();
+#elif defined(MemoryBarrier)
+ MemoryBarrier();
+#endif
+}
+
+/*
+** Initialize and deinitialize the mutex subsystem.
+*/
+static sqlite3_mutex winMutex_staticMutexes[] = {
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER,
+ SQLITE3_MUTEX_INITIALIZER
+};
+
+static int winMutex_isInit = 0;
+static int winMutex_isNt = -1; /* <0 means "need to query" */
+
+/* As the winMutexInit() and winMutexEnd() functions are called as part
+** of the sqlite3_initialize() and sqlite3_shutdown() processing, the
+** "interlocked" magic used here is probably not strictly necessary.
+*/
+static LONG SQLITE_WIN32_VOLATILE winMutex_lock = 0;
+
+SQLITE_API int SQLITE_STDCALL sqlite3_win32_is_nt(void); /* os_win.c */
+SQLITE_API void SQLITE_STDCALL sqlite3_win32_sleep(DWORD milliseconds); /* os_win.c */
+
+static int winMutexInit(void){
+ /* The first to increment to 1 does actual initialization */
+ if( InterlockedCompareExchange(&winMutex_lock, 1, 0)==0 ){
+ int i;
+ for(i=0; i<ArraySize(winMutex_staticMutexes); i++){
+#if SQLITE_OS_WINRT
+ InitializeCriticalSectionEx(&winMutex_staticMutexes[i].mutex, 0, 0);
+#else
+ InitializeCriticalSection(&winMutex_staticMutexes[i].mutex);
+#endif
+ }
+ winMutex_isInit = 1;
+ }else{
+ /* Another thread is (in the process of) initializing the static
+ ** mutexes */
+ while( !winMutex_isInit ){
+ sqlite3_win32_sleep(1);
+ }
+ }
+ return SQLITE_OK;
+}
+
+static int winMutexEnd(void){
+ /* The first to decrement to 0 does actual shutdown
+ ** (which should be the last to shutdown.) */
+ if( InterlockedCompareExchange(&winMutex_lock, 0, 1)==1 ){
+ if( winMutex_isInit==1 ){
+ int i;
+ for(i=0; i<ArraySize(winMutex_staticMutexes); i++){
+ DeleteCriticalSection(&winMutex_staticMutexes[i].mutex);
+ }
+ winMutex_isInit = 0;
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** The sqlite3_mutex_alloc() routine allocates a new
+** mutex and returns a pointer to it. If it returns NULL
+** that means that a mutex could not be allocated. SQLite
+** will unwind its stack and return an error. The argument
+** to sqlite3_mutex_alloc() is one of these integer constants:
+**
+** <ul>
+** <li> SQLITE_MUTEX_FAST
+** <li> SQLITE_MUTEX_RECURSIVE
+** <li> SQLITE_MUTEX_STATIC_MASTER
+** <li> SQLITE_MUTEX_STATIC_MEM
+** <li> SQLITE_MUTEX_STATIC_OPEN
+** <li> SQLITE_MUTEX_STATIC_PRNG
+** <li> SQLITE_MUTEX_STATIC_LRU
+** <li> SQLITE_MUTEX_STATIC_PMEM
+** <li> SQLITE_MUTEX_STATIC_APP1
+** <li> SQLITE_MUTEX_STATIC_APP2
+** <li> SQLITE_MUTEX_STATIC_APP3
+** <li> SQLITE_MUTEX_STATIC_VFS1
+** <li> SQLITE_MUTEX_STATIC_VFS2
+** <li> SQLITE_MUTEX_STATIC_VFS3
+** </ul>
+**
+** The first two constants cause sqlite3_mutex_alloc() to create
+** a new mutex. The new mutex is recursive when SQLITE_MUTEX_RECURSIVE
+** is used but not necessarily so when SQLITE_MUTEX_FAST is used.
+** The mutex implementation does not need to make a distinction
+** between SQLITE_MUTEX_RECURSIVE and SQLITE_MUTEX_FAST if it does
+** not want to. But SQLite will only request a recursive mutex in
+** cases where it really needs one. If a faster non-recursive mutex
+** implementation is available on the host platform, the mutex subsystem
+** might return such a mutex in response to SQLITE_MUTEX_FAST.
+**
+** The other allowed parameters to sqlite3_mutex_alloc() each return
+** a pointer to a static preexisting mutex. Six static mutexes are
+** used by the current version of SQLite. Future versions of SQLite
+** may add additional static mutexes. Static mutexes are for internal
+** use by SQLite only. Applications that use SQLite mutexes should
+** use only the dynamic mutexes returned by SQLITE_MUTEX_FAST or
+** SQLITE_MUTEX_RECURSIVE.
+**
+** Note that if one of the dynamic mutex parameters (SQLITE_MUTEX_FAST
+** or SQLITE_MUTEX_RECURSIVE) is used then sqlite3_mutex_alloc()
+** returns a different mutex on every call. But for the static
+** mutex types, the same mutex is returned on every call that has
+** the same type number.
+*/
+static sqlite3_mutex *winMutexAlloc(int iType){
+ sqlite3_mutex *p;
+
+ switch( iType ){
+ case SQLITE_MUTEX_FAST:
+ case SQLITE_MUTEX_RECURSIVE: {
+ p = sqlite3MallocZero( sizeof(*p) );
+ if( p ){
+ p->id = iType;
+#ifdef SQLITE_DEBUG
+#ifdef SQLITE_WIN32_MUTEX_TRACE_DYNAMIC
+ p->trace = 1;
+#endif
+#endif
+#if SQLITE_OS_WINRT
+ InitializeCriticalSectionEx(&p->mutex, 0, 0);
+#else
+ InitializeCriticalSection(&p->mutex);
+#endif
+ }
+ break;
+ }
+ default: {
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( iType-2<0 || iType-2>=ArraySize(winMutex_staticMutexes) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ p = &winMutex_staticMutexes[iType-2];
+ p->id = iType;
+#ifdef SQLITE_DEBUG
+#ifdef SQLITE_WIN32_MUTEX_TRACE_STATIC
+ p->trace = 1;
+#endif
+#endif
+ break;
+ }
+ }
+ return p;
+}
+
+
+/*
+** This routine deallocates a previously
+** allocated mutex. SQLite is careful to deallocate every
+** mutex that it allocates.
+*/
+static void winMutexFree(sqlite3_mutex *p){
+ assert( p );
+ assert( p->nRef==0 && p->owner==0 );
+ if( p->id==SQLITE_MUTEX_FAST || p->id==SQLITE_MUTEX_RECURSIVE ){
+ DeleteCriticalSection(&p->mutex);
+ sqlite3_free(p);
+ }else{
+#ifdef SQLITE_ENABLE_API_ARMOR
+ (void)SQLITE_MISUSE_BKPT;
+#endif
+ }
+}
+
+/*
+** The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt
+** to enter a mutex. If another thread is already within the mutex,
+** sqlite3_mutex_enter() will block and sqlite3_mutex_try() will return
+** SQLITE_BUSY. The sqlite3_mutex_try() interface returns SQLITE_OK
+** upon successful entry. Mutexes created using SQLITE_MUTEX_RECURSIVE can
+** be entered multiple times by the same thread. In such cases the,
+** mutex must be exited an equal number of times before another thread
+** can enter. If the same thread tries to enter any other kind of mutex
+** more than once, the behavior is undefined.
+*/
+static void winMutexEnter(sqlite3_mutex *p){
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
+ DWORD tid = GetCurrentThreadId();
+#endif
+#ifdef SQLITE_DEBUG
+ assert( p );
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || winMutexNotheld2(p, tid) );
+#else
+ assert( p );
+#endif
+ assert( winMutex_isInit==1 );
+ EnterCriticalSection(&p->mutex);
+#ifdef SQLITE_DEBUG
+ assert( p->nRef>0 || p->owner==0 );
+ p->owner = tid;
+ p->nRef++;
+ if( p->trace ){
+ OSTRACE(("ENTER-MUTEX tid=%lu, mutex=%p (%d), nRef=%d\n",
+ tid, p, p->trace, p->nRef));
+ }
+#endif
+}
+
+static int winMutexTry(sqlite3_mutex *p){
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
+ DWORD tid = GetCurrentThreadId();
+#endif
+ int rc = SQLITE_BUSY;
+ assert( p );
+ assert( p->id==SQLITE_MUTEX_RECURSIVE || winMutexNotheld2(p, tid) );
+ /*
+ ** The sqlite3_mutex_try() routine is very rarely used, and when it
+ ** is used it is merely an optimization. So it is OK for it to always
+ ** fail.
+ **
+ ** The TryEnterCriticalSection() interface is only available on WinNT.
+ ** And some windows compilers complain if you try to use it without
+ ** first doing some #defines that prevent SQLite from building on Win98.
+ ** For that reason, we will omit this optimization for now. See
+ ** ticket #2685.
+ */
+#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0400
+ assert( winMutex_isInit==1 );
+ assert( winMutex_isNt>=-1 && winMutex_isNt<=1 );
+ if( winMutex_isNt<0 ){
+ winMutex_isNt = sqlite3_win32_is_nt();
+ }
+ assert( winMutex_isNt==0 || winMutex_isNt==1 );
+ if( winMutex_isNt && TryEnterCriticalSection(&p->mutex) ){
+#ifdef SQLITE_DEBUG
+ p->owner = tid;
+ p->nRef++;
+#endif
+ rc = SQLITE_OK;
+ }
+#else
+ UNUSED_PARAMETER(p);
+#endif
+#ifdef SQLITE_DEBUG
+ if( p->trace ){
+ OSTRACE(("TRY-MUTEX tid=%lu, mutex=%p (%d), owner=%lu, nRef=%d, rc=%s\n",
+ tid, p, p->trace, p->owner, p->nRef, sqlite3ErrName(rc)));
+ }
+#endif
+ return rc;
+}
+
+/*
+** The sqlite3_mutex_leave() routine exits a mutex that was
+** previously entered by the same thread. The behavior
+** is undefined if the mutex is not currently entered or
+** is not currently allocated. SQLite will never do either.
+*/
+static void winMutexLeave(sqlite3_mutex *p){
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
+ DWORD tid = GetCurrentThreadId();
+#endif
+ assert( p );
+#ifdef SQLITE_DEBUG
+ assert( p->nRef>0 );
+ assert( p->owner==tid );
+ p->nRef--;
+ if( p->nRef==0 ) p->owner = 0;
+ assert( p->nRef==0 || p->id==SQLITE_MUTEX_RECURSIVE );
+#endif
+ assert( winMutex_isInit==1 );
+ LeaveCriticalSection(&p->mutex);
+#ifdef SQLITE_DEBUG
+ if( p->trace ){
+ OSTRACE(("LEAVE-MUTEX tid=%lu, mutex=%p (%d), nRef=%d\n",
+ tid, p, p->trace, p->nRef));
+ }
+#endif
+}
+
+SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3DefaultMutex(void){
+ static const sqlite3_mutex_methods sMutex = {
+ winMutexInit,
+ winMutexEnd,
+ winMutexAlloc,
+ winMutexFree,
+ winMutexEnter,
+ winMutexTry,
+ winMutexLeave,
+#ifdef SQLITE_DEBUG
+ winMutexHeld,
+ winMutexNotheld
+#else
+ 0,
+ 0
+#endif
+ };
+ return &sMutex;
+}
+
+#endif /* SQLITE_MUTEX_W32 */
+
+/************** End of mutex_w32.c *******************************************/
+/************** Begin file malloc.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** Memory allocation functions used throughout sqlite.
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdarg.h> */
+
+/*
+** Attempt to release up to n bytes of non-essential memory currently
+** held by SQLite. An example of non-essential memory is memory used to
+** cache database pages that are not currently in use.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_release_memory(int n){
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+ return sqlite3PcacheReleaseMemory(n);
+#else
+ /* IMPLEMENTATION-OF: R-34391-24921 The sqlite3_release_memory() routine
+ ** is a no-op returning zero if SQLite is not compiled with
+ ** SQLITE_ENABLE_MEMORY_MANAGEMENT. */
+ UNUSED_PARAMETER(n);
+ return 0;
+#endif
+}
+
+/*
+** An instance of the following object records the location of
+** each unused scratch buffer.
+*/
+typedef struct ScratchFreeslot {
+ struct ScratchFreeslot *pNext; /* Next unused scratch buffer */
+} ScratchFreeslot;
+
+/*
+** State information local to the memory allocation subsystem.
+*/
+static SQLITE_WSD struct Mem0Global {
+ sqlite3_mutex *mutex; /* Mutex to serialize access */
+ sqlite3_int64 alarmThreshold; /* The soft heap limit */
+
+ /*
+ ** Pointers to the end of sqlite3GlobalConfig.pScratch memory
+ ** (so that a range test can be used to determine if an allocation
+ ** being freed came from pScratch) and a pointer to the list of
+ ** unused scratch allocations.
+ */
+ void *pScratchEnd;
+ ScratchFreeslot *pScratchFree;
+ u32 nScratchFree;
+
+ /*
+ ** True if heap is nearly "full" where "full" is defined by the
+ ** sqlite3_soft_heap_limit() setting.
+ */
+ int nearlyFull;
+} mem0 = { 0, 0, 0, 0, 0, 0 };
+
+#define mem0 GLOBAL(struct Mem0Global, mem0)
+
+/*
+** Return the memory allocator mutex. sqlite3_status() needs it.
+*/
+SQLITE_PRIVATE sqlite3_mutex *sqlite3MallocMutex(void){
+ return mem0.mutex;
+}
+
+#ifndef SQLITE_OMIT_DEPRECATED
+/*
+** Deprecated external interface. It used to set an alarm callback
+** that was invoked when memory usage grew too large. Now it is a
+** no-op.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_memory_alarm(
+ void(*xCallback)(void *pArg, sqlite3_int64 used,int N),
+ void *pArg,
+ sqlite3_int64 iThreshold
+){
+ (void)xCallback;
+ (void)pArg;
+ (void)iThreshold;
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** Set the soft heap-size limit for the library. Passing a zero or
+** negative value indicates no limit.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_soft_heap_limit64(sqlite3_int64 n){
+ sqlite3_int64 priorLimit;
+ sqlite3_int64 excess;
+ sqlite3_int64 nUsed;
+#ifndef SQLITE_OMIT_AUTOINIT
+ int rc = sqlite3_initialize();
+ if( rc ) return -1;
+#endif
+ sqlite3_mutex_enter(mem0.mutex);
+ priorLimit = mem0.alarmThreshold;
+ if( n<0 ){
+ sqlite3_mutex_leave(mem0.mutex);
+ return priorLimit;
+ }
+ mem0.alarmThreshold = n;
+ nUsed = sqlite3StatusValue(SQLITE_STATUS_MEMORY_USED);
+ mem0.nearlyFull = (n>0 && n<=nUsed);
+ sqlite3_mutex_leave(mem0.mutex);
+ excess = sqlite3_memory_used() - n;
+ if( excess>0 ) sqlite3_release_memory((int)(excess & 0x7fffffff));
+ return priorLimit;
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_soft_heap_limit(int n){
+ if( n<0 ) n = 0;
+ sqlite3_soft_heap_limit64(n);
+}
+
+/*
+** Initialize the memory allocation subsystem.
+*/
+SQLITE_PRIVATE int sqlite3MallocInit(void){
+ int rc;
+ if( sqlite3GlobalConfig.m.xMalloc==0 ){
+ sqlite3MemSetDefault();
+ }
+ memset(&mem0, 0, sizeof(mem0));
+ mem0.mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MEM);
+ if( sqlite3GlobalConfig.pScratch && sqlite3GlobalConfig.szScratch>=100
+ && sqlite3GlobalConfig.nScratch>0 ){
+ int i, n, sz;
+ ScratchFreeslot *pSlot;
+ sz = ROUNDDOWN8(sqlite3GlobalConfig.szScratch);
+ sqlite3GlobalConfig.szScratch = sz;
+ pSlot = (ScratchFreeslot*)sqlite3GlobalConfig.pScratch;
+ n = sqlite3GlobalConfig.nScratch;
+ mem0.pScratchFree = pSlot;
+ mem0.nScratchFree = n;
+ for(i=0; i<n-1; i++){
+ pSlot->pNext = (ScratchFreeslot*)(sz+(char*)pSlot);
+ pSlot = pSlot->pNext;
+ }
+ pSlot->pNext = 0;
+ mem0.pScratchEnd = (void*)&pSlot[1];
+ }else{
+ mem0.pScratchEnd = 0;
+ sqlite3GlobalConfig.pScratch = 0;
+ sqlite3GlobalConfig.szScratch = 0;
+ sqlite3GlobalConfig.nScratch = 0;
+ }
+ if( sqlite3GlobalConfig.pPage==0 || sqlite3GlobalConfig.szPage<512
+ || sqlite3GlobalConfig.nPage<=0 ){
+ sqlite3GlobalConfig.pPage = 0;
+ sqlite3GlobalConfig.szPage = 0;
+ }
+ rc = sqlite3GlobalConfig.m.xInit(sqlite3GlobalConfig.m.pAppData);
+ if( rc!=SQLITE_OK ) memset(&mem0, 0, sizeof(mem0));
+ return rc;
+}
+
+/*
+** Return true if the heap is currently under memory pressure - in other
+** words if the amount of heap used is close to the limit set by
+** sqlite3_soft_heap_limit().
+*/
+SQLITE_PRIVATE int sqlite3HeapNearlyFull(void){
+ return mem0.nearlyFull;
+}
+
+/*
+** Deinitialize the memory allocation subsystem.
+*/
+SQLITE_PRIVATE void sqlite3MallocEnd(void){
+ if( sqlite3GlobalConfig.m.xShutdown ){
+ sqlite3GlobalConfig.m.xShutdown(sqlite3GlobalConfig.m.pAppData);
+ }
+ memset(&mem0, 0, sizeof(mem0));
+}
+
+/*
+** Return the amount of memory currently checked out.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_memory_used(void){
+ sqlite3_int64 res, mx;
+ sqlite3_status64(SQLITE_STATUS_MEMORY_USED, &res, &mx, 0);
+ return res;
+}
+
+/*
+** Return the maximum amount of memory that has ever been
+** checked out since either the beginning of this process
+** or since the most recent reset.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_memory_highwater(int resetFlag){
+ sqlite3_int64 res, mx;
+ sqlite3_status64(SQLITE_STATUS_MEMORY_USED, &res, &mx, resetFlag);
+ return mx;
+}
+
+/*
+** Trigger the alarm
+*/
+static void sqlite3MallocAlarm(int nByte){
+ if( mem0.alarmThreshold<=0 ) return;
+ sqlite3_mutex_leave(mem0.mutex);
+ sqlite3_release_memory(nByte);
+ sqlite3_mutex_enter(mem0.mutex);
+}
+
+/*
+** Do a memory allocation with statistics and alarms. Assume the
+** lock is already held.
+*/
+static int mallocWithAlarm(int n, void **pp){
+ int nFull;
+ void *p;
+ assert( sqlite3_mutex_held(mem0.mutex) );
+ nFull = sqlite3GlobalConfig.m.xRoundup(n);
+ sqlite3StatusHighwater(SQLITE_STATUS_MALLOC_SIZE, n);
+ if( mem0.alarmThreshold>0 ){
+ sqlite3_int64 nUsed = sqlite3StatusValue(SQLITE_STATUS_MEMORY_USED);
+ if( nUsed >= mem0.alarmThreshold - nFull ){
+ mem0.nearlyFull = 1;
+ sqlite3MallocAlarm(nFull);
+ }else{
+ mem0.nearlyFull = 0;
+ }
+ }
+ p = sqlite3GlobalConfig.m.xMalloc(nFull);
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+ if( p==0 && mem0.alarmThreshold>0 ){
+ sqlite3MallocAlarm(nFull);
+ p = sqlite3GlobalConfig.m.xMalloc(nFull);
+ }
+#endif
+ if( p ){
+ nFull = sqlite3MallocSize(p);
+ sqlite3StatusUp(SQLITE_STATUS_MEMORY_USED, nFull);
+ sqlite3StatusUp(SQLITE_STATUS_MALLOC_COUNT, 1);
+ }
+ *pp = p;
+ return nFull;
+}
+
+/*
+** Allocate memory. This routine is like sqlite3_malloc() except that it
+** assumes the memory subsystem has already been initialized.
+*/
+SQLITE_PRIVATE void *sqlite3Malloc(u64 n){
+ void *p;
+ if( n==0 || n>=0x7fffff00 ){
+ /* A memory allocation of a number of bytes which is near the maximum
+ ** signed integer value might cause an integer overflow inside of the
+ ** xMalloc(). Hence we limit the maximum size to 0x7fffff00, giving
+ ** 255 bytes of overhead. SQLite itself will never use anything near
+ ** this amount. The only way to reach the limit is with sqlite3_malloc() */
+ p = 0;
+ }else if( sqlite3GlobalConfig.bMemstat ){
+ sqlite3_mutex_enter(mem0.mutex);
+ mallocWithAlarm((int)n, &p);
+ sqlite3_mutex_leave(mem0.mutex);
+ }else{
+ p = sqlite3GlobalConfig.m.xMalloc((int)n);
+ }
+ assert( EIGHT_BYTE_ALIGNMENT(p) ); /* IMP: R-11148-40995 */
+ return p;
+}
+
+/*
+** This version of the memory allocation is for use by the application.
+** First make sure the memory subsystem is initialized, then do the
+** allocation.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_malloc(int n){
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return 0;
+#endif
+ return n<=0 ? 0 : sqlite3Malloc(n);
+}
+SQLITE_API void *SQLITE_STDCALL sqlite3_malloc64(sqlite3_uint64 n){
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return 0;
+#endif
+ return sqlite3Malloc(n);
+}
+
+/*
+** Each thread may only have a single outstanding allocation from
+** xScratchMalloc(). We verify this constraint in the single-threaded
+** case by setting scratchAllocOut to 1 when an allocation
+** is outstanding clearing it when the allocation is freed.
+*/
+#if SQLITE_THREADSAFE==0 && !defined(NDEBUG)
+static int scratchAllocOut = 0;
+#endif
+
+
+/*
+** Allocate memory that is to be used and released right away.
+** This routine is similar to alloca() in that it is not intended
+** for situations where the memory might be held long-term. This
+** routine is intended to get memory to old large transient data
+** structures that would not normally fit on the stack of an
+** embedded processor.
+*/
+SQLITE_PRIVATE void *sqlite3ScratchMalloc(int n){
+ void *p;
+ assert( n>0 );
+
+ sqlite3_mutex_enter(mem0.mutex);
+ sqlite3StatusHighwater(SQLITE_STATUS_SCRATCH_SIZE, n);
+ if( mem0.nScratchFree && sqlite3GlobalConfig.szScratch>=n ){
+ p = mem0.pScratchFree;
+ mem0.pScratchFree = mem0.pScratchFree->pNext;
+ mem0.nScratchFree--;
+ sqlite3StatusUp(SQLITE_STATUS_SCRATCH_USED, 1);
+ sqlite3_mutex_leave(mem0.mutex);
+ }else{
+ sqlite3_mutex_leave(mem0.mutex);
+ p = sqlite3Malloc(n);
+ if( sqlite3GlobalConfig.bMemstat && p ){
+ sqlite3_mutex_enter(mem0.mutex);
+ sqlite3StatusUp(SQLITE_STATUS_SCRATCH_OVERFLOW, sqlite3MallocSize(p));
+ sqlite3_mutex_leave(mem0.mutex);
+ }
+ sqlite3MemdebugSetType(p, MEMTYPE_SCRATCH);
+ }
+ assert( sqlite3_mutex_notheld(mem0.mutex) );
+
+
+#if SQLITE_THREADSAFE==0 && !defined(NDEBUG)
+ /* EVIDENCE-OF: R-12970-05880 SQLite will not use more than one scratch
+ ** buffers per thread.
+ **
+ ** This can only be checked in single-threaded mode.
+ */
+ assert( scratchAllocOut==0 );
+ if( p ) scratchAllocOut++;
+#endif
+
+ return p;
+}
+SQLITE_PRIVATE void sqlite3ScratchFree(void *p){
+ if( p ){
+
+#if SQLITE_THREADSAFE==0 && !defined(NDEBUG)
+ /* Verify that no more than two scratch allocation per thread
+ ** is outstanding at one time. (This is only checked in the
+ ** single-threaded case since checking in the multi-threaded case
+ ** would be much more complicated.) */
+ assert( scratchAllocOut>=1 && scratchAllocOut<=2 );
+ scratchAllocOut--;
+#endif
+
+ if( SQLITE_WITHIN(p, sqlite3GlobalConfig.pScratch, mem0.pScratchEnd) ){
+ /* Release memory from the SQLITE_CONFIG_SCRATCH allocation */
+ ScratchFreeslot *pSlot;
+ pSlot = (ScratchFreeslot*)p;
+ sqlite3_mutex_enter(mem0.mutex);
+ pSlot->pNext = mem0.pScratchFree;
+ mem0.pScratchFree = pSlot;
+ mem0.nScratchFree++;
+ assert( mem0.nScratchFree <= (u32)sqlite3GlobalConfig.nScratch );
+ sqlite3StatusDown(SQLITE_STATUS_SCRATCH_USED, 1);
+ sqlite3_mutex_leave(mem0.mutex);
+ }else{
+ /* Release memory back to the heap */
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_SCRATCH) );
+ assert( sqlite3MemdebugNoType(p, (u8)~MEMTYPE_SCRATCH) );
+ sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
+ if( sqlite3GlobalConfig.bMemstat ){
+ int iSize = sqlite3MallocSize(p);
+ sqlite3_mutex_enter(mem0.mutex);
+ sqlite3StatusDown(SQLITE_STATUS_SCRATCH_OVERFLOW, iSize);
+ sqlite3StatusDown(SQLITE_STATUS_MEMORY_USED, iSize);
+ sqlite3StatusDown(SQLITE_STATUS_MALLOC_COUNT, 1);
+ sqlite3GlobalConfig.m.xFree(p);
+ sqlite3_mutex_leave(mem0.mutex);
+ }else{
+ sqlite3GlobalConfig.m.xFree(p);
+ }
+ }
+ }
+}
+
+/*
+** TRUE if p is a lookaside memory allocation from db
+*/
+#ifndef SQLITE_OMIT_LOOKASIDE
+static int isLookaside(sqlite3 *db, void *p){
+ return SQLITE_WITHIN(p, db->lookaside.pStart, db->lookaside.pEnd);
+}
+#else
+#define isLookaside(A,B) 0
+#endif
+
+/*
+** Return the size of a memory allocation previously obtained from
+** sqlite3Malloc() or sqlite3_malloc().
+*/
+SQLITE_PRIVATE int sqlite3MallocSize(void *p){
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
+ return sqlite3GlobalConfig.m.xSize(p);
+}
+SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3 *db, void *p){
+ assert( p!=0 );
+ if( db==0 || !isLookaside(db,p) ){
+#if SQLITE_DEBUG
+ if( db==0 ){
+ assert( sqlite3MemdebugNoType(p, (u8)~MEMTYPE_HEAP) );
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
+ }else{
+ assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+ assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+ }
+#endif
+ return sqlite3GlobalConfig.m.xSize(p);
+ }else{
+ assert( sqlite3_mutex_held(db->mutex) );
+ return db->lookaside.sz;
+ }
+}
+SQLITE_API sqlite3_uint64 SQLITE_STDCALL sqlite3_msize(void *p){
+ assert( sqlite3MemdebugNoType(p, (u8)~MEMTYPE_HEAP) );
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
+ return p ? sqlite3GlobalConfig.m.xSize(p) : 0;
+}
+
+/*
+** Free memory previously obtained from sqlite3Malloc().
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_free(void *p){
+ if( p==0 ) return; /* IMP: R-49053-54554 */
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
+ assert( sqlite3MemdebugNoType(p, (u8)~MEMTYPE_HEAP) );
+ if( sqlite3GlobalConfig.bMemstat ){
+ sqlite3_mutex_enter(mem0.mutex);
+ sqlite3StatusDown(SQLITE_STATUS_MEMORY_USED, sqlite3MallocSize(p));
+ sqlite3StatusDown(SQLITE_STATUS_MALLOC_COUNT, 1);
+ sqlite3GlobalConfig.m.xFree(p);
+ sqlite3_mutex_leave(mem0.mutex);
+ }else{
+ sqlite3GlobalConfig.m.xFree(p);
+ }
+}
+
+/*
+** Add the size of memory allocation "p" to the count in
+** *db->pnBytesFreed.
+*/
+static SQLITE_NOINLINE void measureAllocationSize(sqlite3 *db, void *p){
+ *db->pnBytesFreed += sqlite3DbMallocSize(db,p);
+}
+
+/*
+** Free memory that might be associated with a particular database
+** connection.
+*/
+SQLITE_PRIVATE void sqlite3DbFree(sqlite3 *db, void *p){
+ assert( db==0 || sqlite3_mutex_held(db->mutex) );
+ if( p==0 ) return;
+ if( db ){
+ if( db->pnBytesFreed ){
+ measureAllocationSize(db, p);
+ return;
+ }
+ if( isLookaside(db, p) ){
+ LookasideSlot *pBuf = (LookasideSlot*)p;
+#if SQLITE_DEBUG
+ /* Trash all content in the buffer being freed */
+ memset(p, 0xaa, db->lookaside.sz);
+#endif
+ pBuf->pNext = db->lookaside.pFree;
+ db->lookaside.pFree = pBuf;
+ db->lookaside.nOut--;
+ return;
+ }
+ }
+ assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+ assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+ assert( db!=0 || sqlite3MemdebugNoType(p, MEMTYPE_LOOKASIDE) );
+ sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
+ sqlite3_free(p);
+}
+
+/*
+** Change the size of an existing memory allocation
+*/
+SQLITE_PRIVATE void *sqlite3Realloc(void *pOld, u64 nBytes){
+ int nOld, nNew, nDiff;
+ void *pNew;
+ assert( sqlite3MemdebugHasType(pOld, MEMTYPE_HEAP) );
+ assert( sqlite3MemdebugNoType(pOld, (u8)~MEMTYPE_HEAP) );
+ if( pOld==0 ){
+ return sqlite3Malloc(nBytes); /* IMP: R-04300-56712 */
+ }
+ if( nBytes==0 ){
+ sqlite3_free(pOld); /* IMP: R-26507-47431 */
+ return 0;
+ }
+ if( nBytes>=0x7fffff00 ){
+ /* The 0x7ffff00 limit term is explained in comments on sqlite3Malloc() */
+ return 0;
+ }
+ nOld = sqlite3MallocSize(pOld);
+ /* IMPLEMENTATION-OF: R-46199-30249 SQLite guarantees that the second
+ ** argument to xRealloc is always a value returned by a prior call to
+ ** xRoundup. */
+ nNew = sqlite3GlobalConfig.m.xRoundup((int)nBytes);
+ if( nOld==nNew ){
+ pNew = pOld;
+ }else if( sqlite3GlobalConfig.bMemstat ){
+ sqlite3_mutex_enter(mem0.mutex);
+ sqlite3StatusHighwater(SQLITE_STATUS_MALLOC_SIZE, (int)nBytes);
+ nDiff = nNew - nOld;
+ if( sqlite3StatusValue(SQLITE_STATUS_MEMORY_USED) >=
+ mem0.alarmThreshold-nDiff ){
+ sqlite3MallocAlarm(nDiff);
+ }
+ pNew = sqlite3GlobalConfig.m.xRealloc(pOld, nNew);
+ if( pNew==0 && mem0.alarmThreshold>0 ){
+ sqlite3MallocAlarm((int)nBytes);
+ pNew = sqlite3GlobalConfig.m.xRealloc(pOld, nNew);
+ }
+ if( pNew ){
+ nNew = sqlite3MallocSize(pNew);
+ sqlite3StatusUp(SQLITE_STATUS_MEMORY_USED, nNew-nOld);
+ }
+ sqlite3_mutex_leave(mem0.mutex);
+ }else{
+ pNew = sqlite3GlobalConfig.m.xRealloc(pOld, nNew);
+ }
+ assert( EIGHT_BYTE_ALIGNMENT(pNew) ); /* IMP: R-11148-40995 */
+ return pNew;
+}
+
+/*
+** The public interface to sqlite3Realloc. Make sure that the memory
+** subsystem is initialized prior to invoking sqliteRealloc.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_realloc(void *pOld, int n){
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return 0;
+#endif
+ if( n<0 ) n = 0; /* IMP: R-26507-47431 */
+ return sqlite3Realloc(pOld, n);
+}
+SQLITE_API void *SQLITE_STDCALL sqlite3_realloc64(void *pOld, sqlite3_uint64 n){
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return 0;
+#endif
+ return sqlite3Realloc(pOld, n);
+}
+
+
+/*
+** Allocate and zero memory.
+*/
+SQLITE_PRIVATE void *sqlite3MallocZero(u64 n){
+ void *p = sqlite3Malloc(n);
+ if( p ){
+ memset(p, 0, (size_t)n);
+ }
+ return p;
+}
+
+/*
+** Allocate and zero memory. If the allocation fails, make
+** the mallocFailed flag in the connection pointer.
+*/
+SQLITE_PRIVATE void *sqlite3DbMallocZero(sqlite3 *db, u64 n){
+ void *p = sqlite3DbMallocRaw(db, n);
+ if( p ){
+ memset(p, 0, (size_t)n);
+ }
+ return p;
+}
+
+/*
+** Allocate and zero memory. If the allocation fails, make
+** the mallocFailed flag in the connection pointer.
+**
+** If db!=0 and db->mallocFailed is true (indicating a prior malloc
+** failure on the same database connection) then always return 0.
+** Hence for a particular database connection, once malloc starts
+** failing, it fails consistently until mallocFailed is reset.
+** This is an important assumption. There are many places in the
+** code that do things like this:
+**
+** int *a = (int*)sqlite3DbMallocRaw(db, 100);
+** int *b = (int*)sqlite3DbMallocRaw(db, 200);
+** if( b ) a[10] = 9;
+**
+** In other words, if a subsequent malloc (ex: "b") worked, it is assumed
+** that all prior mallocs (ex: "a") worked too.
+*/
+SQLITE_PRIVATE void *sqlite3DbMallocRaw(sqlite3 *db, u64 n){
+ void *p;
+ assert( db==0 || sqlite3_mutex_held(db->mutex) );
+ assert( db==0 || db->pnBytesFreed==0 );
+#ifndef SQLITE_OMIT_LOOKASIDE
+ if( db ){
+ LookasideSlot *pBuf;
+ if( db->mallocFailed ){
+ return 0;
+ }
+ if( db->lookaside.bEnabled ){
+ if( n>db->lookaside.sz ){
+ db->lookaside.anStat[1]++;
+ }else if( (pBuf = db->lookaside.pFree)==0 ){
+ db->lookaside.anStat[2]++;
+ }else{
+ db->lookaside.pFree = pBuf->pNext;
+ db->lookaside.nOut++;
+ db->lookaside.anStat[0]++;
+ if( db->lookaside.nOut>db->lookaside.mxOut ){
+ db->lookaside.mxOut = db->lookaside.nOut;
+ }
+ return (void*)pBuf;
+ }
+ }
+ }
+#else
+ if( db && db->mallocFailed ){
+ return 0;
+ }
+#endif
+ p = sqlite3Malloc(n);
+ if( !p && db ){
+ db->mallocFailed = 1;
+ }
+ sqlite3MemdebugSetType(p,
+ (db && db->lookaside.bEnabled) ? MEMTYPE_LOOKASIDE : MEMTYPE_HEAP);
+ return p;
+}
+
+/*
+** Resize the block of memory pointed to by p to n bytes. If the
+** resize fails, set the mallocFailed flag in the connection object.
+*/
+SQLITE_PRIVATE void *sqlite3DbRealloc(sqlite3 *db, void *p, u64 n){
+ void *pNew = 0;
+ assert( db!=0 );
+ assert( sqlite3_mutex_held(db->mutex) );
+ if( db->mallocFailed==0 ){
+ if( p==0 ){
+ return sqlite3DbMallocRaw(db, n);
+ }
+ if( isLookaside(db, p) ){
+ if( n<=db->lookaside.sz ){
+ return p;
+ }
+ pNew = sqlite3DbMallocRaw(db, n);
+ if( pNew ){
+ memcpy(pNew, p, db->lookaside.sz);
+ sqlite3DbFree(db, p);
+ }
+ }else{
+ assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+ assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+ sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
+ pNew = sqlite3_realloc64(p, n);
+ if( !pNew ){
+ db->mallocFailed = 1;
+ }
+ sqlite3MemdebugSetType(pNew,
+ (db->lookaside.bEnabled ? MEMTYPE_LOOKASIDE : MEMTYPE_HEAP));
+ }
+ }
+ return pNew;
+}
+
+/*
+** Attempt to reallocate p. If the reallocation fails, then free p
+** and set the mallocFailed flag in the database connection.
+*/
+SQLITE_PRIVATE void *sqlite3DbReallocOrFree(sqlite3 *db, void *p, u64 n){
+ void *pNew;
+ pNew = sqlite3DbRealloc(db, p, n);
+ if( !pNew ){
+ sqlite3DbFree(db, p);
+ }
+ return pNew;
+}
+
+/*
+** Make a copy of a string in memory obtained from sqliteMalloc(). These
+** functions call sqlite3MallocRaw() directly instead of sqliteMalloc(). This
+** is because when memory debugging is turned on, these two functions are
+** called via macros that record the current file and line number in the
+** ThreadData structure.
+*/
+SQLITE_PRIVATE char *sqlite3DbStrDup(sqlite3 *db, const char *z){
+ char *zNew;
+ size_t n;
+ if( z==0 ){
+ return 0;
+ }
+ n = sqlite3Strlen30(z) + 1;
+ assert( (n&0x7fffffff)==n );
+ zNew = sqlite3DbMallocRaw(db, (int)n);
+ if( zNew ){
+ memcpy(zNew, z, n);
+ }
+ return zNew;
+}
+SQLITE_PRIVATE char *sqlite3DbStrNDup(sqlite3 *db, const char *z, u64 n){
+ char *zNew;
+ if( z==0 ){
+ return 0;
+ }
+ assert( (n&0x7fffffff)==n );
+ zNew = sqlite3DbMallocRaw(db, n+1);
+ if( zNew ){
+ memcpy(zNew, z, (size_t)n);
+ zNew[n] = 0;
+ }
+ return zNew;
+}
+
+/*
+** Free any prior content in *pz and replace it with a copy of zNew.
+*/
+SQLITE_PRIVATE void sqlite3SetString(char **pz, sqlite3 *db, const char *zNew){
+ sqlite3DbFree(db, *pz);
+ *pz = sqlite3DbStrDup(db, zNew);
+}
+
+/*
+** Take actions at the end of an API call to indicate an OOM error
+*/
+static SQLITE_NOINLINE int apiOomError(sqlite3 *db){
+ db->mallocFailed = 0;
+ sqlite3Error(db, SQLITE_NOMEM);
+ return SQLITE_NOMEM;
+}
+
+/*
+** This function must be called before exiting any API function (i.e.
+** returning control to the user) that has called sqlite3_malloc or
+** sqlite3_realloc.
+**
+** The returned value is normally a copy of the second argument to this
+** function. However, if a malloc() failure has occurred since the previous
+** invocation SQLITE_NOMEM is returned instead.
+**
+** If an OOM as occurred, then the connection error-code (the value
+** returned by sqlite3_errcode()) is set to SQLITE_NOMEM.
+*/
+SQLITE_PRIVATE int sqlite3ApiExit(sqlite3* db, int rc){
+ /* If the db handle must hold the connection handle mutex here.
+ ** Otherwise the read (and possible write) of db->mallocFailed
+ ** is unsafe, as is the call to sqlite3Error().
+ */
+ assert( db!=0 );
+ assert( sqlite3_mutex_held(db->mutex) );
+ if( db->mallocFailed || rc==SQLITE_IOERR_NOMEM ){
+ return apiOomError(db);
+ }
+ return rc & db->errMask;
+}
+
+/************** End of malloc.c **********************************************/
+/************** Begin file printf.c ******************************************/
+/*
+** The "printf" code that follows dates from the 1980's. It is in
+** the public domain.
+**
+**************************************************************************
+**
+** This file contains code for a set of "printf"-like routines. These
+** routines format strings much like the printf() from the standard C
+** library, though the implementation here has enhancements to support
+** SQLite.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** Conversion types fall into various categories as defined by the
+** following enumeration.
+*/
+#define etRADIX 1 /* Integer types. %d, %x, %o, and so forth */
+#define etFLOAT 2 /* Floating point. %f */
+#define etEXP 3 /* Exponentional notation. %e and %E */
+#define etGENERIC 4 /* Floating or exponential, depending on exponent. %g */
+#define etSIZE 5 /* Return number of characters processed so far. %n */
+#define etSTRING 6 /* Strings. %s */
+#define etDYNSTRING 7 /* Dynamically allocated strings. %z */
+#define etPERCENT 8 /* Percent symbol. %% */
+#define etCHARX 9 /* Characters. %c */
+/* The rest are extensions, not normally found in printf() */
+#define etSQLESCAPE 10 /* Strings with '\'' doubled. %q */
+#define etSQLESCAPE2 11 /* Strings with '\'' doubled and enclosed in '',
+ NULL pointers replaced by SQL NULL. %Q */
+#define etTOKEN 12 /* a pointer to a Token structure */
+#define etSRCLIST 13 /* a pointer to a SrcList */
+#define etPOINTER 14 /* The %p conversion */
+#define etSQLESCAPE3 15 /* %w -> Strings with '\"' doubled */
+#define etORDINAL 16 /* %r -> 1st, 2nd, 3rd, 4th, etc. English only */
+
+#define etINVALID 0 /* Any unrecognized conversion type */
+
+
+/*
+** An "etByte" is an 8-bit unsigned value.
+*/
+typedef unsigned char etByte;
+
+/*
+** Each builtin conversion character (ex: the 'd' in "%d") is described
+** by an instance of the following structure
+*/
+typedef struct et_info { /* Information about each format field */
+ char fmttype; /* The format field code letter */
+ etByte base; /* The base for radix conversion */
+ etByte flags; /* One or more of FLAG_ constants below */
+ etByte type; /* Conversion paradigm */
+ etByte charset; /* Offset into aDigits[] of the digits string */
+ etByte prefix; /* Offset into aPrefix[] of the prefix string */
+} et_info;
+
+/*
+** Allowed values for et_info.flags
+*/
+#define FLAG_SIGNED 1 /* True if the value to convert is signed */
+#define FLAG_INTERN 2 /* True if for internal use only */
+#define FLAG_STRING 4 /* Allow infinity precision */
+
+
+/*
+** The following table is searched linearly, so it is good to put the
+** most frequently used conversion types first.
+*/
+static const char aDigits[] = "0123456789ABCDEF0123456789abcdef";
+static const char aPrefix[] = "-x0\000X0";
+static const et_info fmtinfo[] = {
+ { 'd', 10, 1, etRADIX, 0, 0 },
+ { 's', 0, 4, etSTRING, 0, 0 },
+ { 'g', 0, 1, etGENERIC, 30, 0 },
+ { 'z', 0, 4, etDYNSTRING, 0, 0 },
+ { 'q', 0, 4, etSQLESCAPE, 0, 0 },
+ { 'Q', 0, 4, etSQLESCAPE2, 0, 0 },
+ { 'w', 0, 4, etSQLESCAPE3, 0, 0 },
+ { 'c', 0, 0, etCHARX, 0, 0 },
+ { 'o', 8, 0, etRADIX, 0, 2 },
+ { 'u', 10, 0, etRADIX, 0, 0 },
+ { 'x', 16, 0, etRADIX, 16, 1 },
+ { 'X', 16, 0, etRADIX, 0, 4 },
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ { 'f', 0, 1, etFLOAT, 0, 0 },
+ { 'e', 0, 1, etEXP, 30, 0 },
+ { 'E', 0, 1, etEXP, 14, 0 },
+ { 'G', 0, 1, etGENERIC, 14, 0 },
+#endif
+ { 'i', 10, 1, etRADIX, 0, 0 },
+ { 'n', 0, 0, etSIZE, 0, 0 },
+ { '%', 0, 0, etPERCENT, 0, 0 },
+ { 'p', 16, 0, etPOINTER, 0, 1 },
+
+/* All the rest have the FLAG_INTERN bit set and are thus for internal
+** use only */
+ { 'T', 0, 2, etTOKEN, 0, 0 },
+ { 'S', 0, 2, etSRCLIST, 0, 0 },
+ { 'r', 10, 3, etORDINAL, 0, 0 },
+};
+
+/*
+** If SQLITE_OMIT_FLOATING_POINT is defined, then none of the floating point
+** conversions will work.
+*/
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/*
+** "*val" is a double such that 0.1 <= *val < 10.0
+** Return the ascii code for the leading digit of *val, then
+** multiply "*val" by 10.0 to renormalize.
+**
+** Example:
+** input: *val = 3.14159
+** output: *val = 1.4159 function return = '3'
+**
+** The counter *cnt is incremented each time. After counter exceeds
+** 16 (the number of significant digits in a 64-bit float) '0' is
+** always returned.
+*/
+static char et_getdigit(LONGDOUBLE_TYPE *val, int *cnt){
+ int digit;
+ LONGDOUBLE_TYPE d;
+ if( (*cnt)<=0 ) return '0';
+ (*cnt)--;
+ digit = (int)*val;
+ d = digit;
+ digit += '0';
+ *val = (*val - d)*10.0;
+ return (char)digit;
+}
+#endif /* SQLITE_OMIT_FLOATING_POINT */
+
+/*
+** Set the StrAccum object to an error mode.
+*/
+static void setStrAccumError(StrAccum *p, u8 eError){
+ assert( eError==STRACCUM_NOMEM || eError==STRACCUM_TOOBIG );
+ p->accError = eError;
+ p->nAlloc = 0;
+}
+
+/*
+** Extra argument values from a PrintfArguments object
+*/
+static sqlite3_int64 getIntArg(PrintfArguments *p){
+ if( p->nArg<=p->nUsed ) return 0;
+ return sqlite3_value_int64(p->apArg[p->nUsed++]);
+}
+static double getDoubleArg(PrintfArguments *p){
+ if( p->nArg<=p->nUsed ) return 0.0;
+ return sqlite3_value_double(p->apArg[p->nUsed++]);
+}
+static char *getTextArg(PrintfArguments *p){
+ if( p->nArg<=p->nUsed ) return 0;
+ return (char*)sqlite3_value_text(p->apArg[p->nUsed++]);
+}
+
+
+/*
+** On machines with a small stack size, you can redefine the
+** SQLITE_PRINT_BUF_SIZE to be something smaller, if desired.
+*/
+#ifndef SQLITE_PRINT_BUF_SIZE
+# define SQLITE_PRINT_BUF_SIZE 70
+#endif
+#define etBUFSIZE SQLITE_PRINT_BUF_SIZE /* Size of the output buffer */
+
+/*
+** Render a string given by "fmt" into the StrAccum object.
+*/
+SQLITE_PRIVATE void sqlite3VXPrintf(
+ StrAccum *pAccum, /* Accumulate results here */
+ u32 bFlags, /* SQLITE_PRINTF_* flags */
+ const char *fmt, /* Format string */
+ va_list ap /* arguments */
+){
+ int c; /* Next character in the format string */
+ char *bufpt; /* Pointer to the conversion buffer */
+ int precision; /* Precision of the current field */
+ int length; /* Length of the field */
+ int idx; /* A general purpose loop counter */
+ int width; /* Width of the current field */
+ etByte flag_leftjustify; /* True if "-" flag is present */
+ etByte flag_plussign; /* True if "+" flag is present */
+ etByte flag_blanksign; /* True if " " flag is present */
+ etByte flag_alternateform; /* True if "#" flag is present */
+ etByte flag_altform2; /* True if "!" flag is present */
+ etByte flag_zeropad; /* True if field width constant starts with zero */
+ etByte flag_long; /* True if "l" flag is present */
+ etByte flag_longlong; /* True if the "ll" flag is present */
+ etByte done; /* Loop termination flag */
+ etByte xtype = 0; /* Conversion paradigm */
+ u8 bArgList; /* True for SQLITE_PRINTF_SQLFUNC */
+ u8 useIntern; /* Ok to use internal conversions (ex: %T) */
+ char prefix; /* Prefix character. "+" or "-" or " " or '\0'. */
+ sqlite_uint64 longvalue; /* Value for integer types */
+ LONGDOUBLE_TYPE realvalue; /* Value for real types */
+ const et_info *infop; /* Pointer to the appropriate info structure */
+ char *zOut; /* Rendering buffer */
+ int nOut; /* Size of the rendering buffer */
+ char *zExtra = 0; /* Malloced memory used by some conversion */
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ int exp, e2; /* exponent of real numbers */
+ int nsd; /* Number of significant digits returned */
+ double rounder; /* Used for rounding floating point values */
+ etByte flag_dp; /* True if decimal point should be shown */
+ etByte flag_rtz; /* True if trailing zeros should be removed */
+#endif
+ PrintfArguments *pArgList = 0; /* Arguments for SQLITE_PRINTF_SQLFUNC */
+ char buf[etBUFSIZE]; /* Conversion buffer */
+
+ bufpt = 0;
+ if( bFlags ){
+ if( (bArgList = (bFlags & SQLITE_PRINTF_SQLFUNC))!=0 ){
+ pArgList = va_arg(ap, PrintfArguments*);
+ }
+ useIntern = bFlags & SQLITE_PRINTF_INTERNAL;
+ }else{
+ bArgList = useIntern = 0;
+ }
+ for(; (c=(*fmt))!=0; ++fmt){
+ if( c!='%' ){
+ bufpt = (char *)fmt;
+#if HAVE_STRCHRNUL
+ fmt = strchrnul(fmt, '%');
+#else
+ do{ fmt++; }while( *fmt && *fmt != '%' );
+#endif
+ sqlite3StrAccumAppend(pAccum, bufpt, (int)(fmt - bufpt));
+ if( *fmt==0 ) break;
+ }
+ if( (c=(*++fmt))==0 ){
+ sqlite3StrAccumAppend(pAccum, "%", 1);
+ break;
+ }
+ /* Find out what flags are present */
+ flag_leftjustify = flag_plussign = flag_blanksign =
+ flag_alternateform = flag_altform2 = flag_zeropad = 0;
+ done = 0;
+ do{
+ switch( c ){
+ case '-': flag_leftjustify = 1; break;
+ case '+': flag_plussign = 1; break;
+ case ' ': flag_blanksign = 1; break;
+ case '#': flag_alternateform = 1; break;
+ case '!': flag_altform2 = 1; break;
+ case '0': flag_zeropad = 1; break;
+ default: done = 1; break;
+ }
+ }while( !done && (c=(*++fmt))!=0 );
+ /* Get the field width */
+ if( c=='*' ){
+ if( bArgList ){
+ width = (int)getIntArg(pArgList);
+ }else{
+ width = va_arg(ap,int);
+ }
+ if( width<0 ){
+ flag_leftjustify = 1;
+ width = width >= -2147483647 ? -width : 0;
+ }
+ c = *++fmt;
+ }else{
+ unsigned wx = 0;
+ while( c>='0' && c<='9' ){
+ wx = wx*10 + c - '0';
+ c = *++fmt;
+ }
+ testcase( wx>0x7fffffff );
+ width = wx & 0x7fffffff;
+ }
+ assert( width>=0 );
+#ifdef SQLITE_PRINTF_PRECISION_LIMIT
+ if( width>SQLITE_PRINTF_PRECISION_LIMIT ){
+ width = SQLITE_PRINTF_PRECISION_LIMIT;
+ }
+#endif
+
+ /* Get the precision */
+ if( c=='.' ){
+ c = *++fmt;
+ if( c=='*' ){
+ if( bArgList ){
+ precision = (int)getIntArg(pArgList);
+ }else{
+ precision = va_arg(ap,int);
+ }
+ c = *++fmt;
+ if( precision<0 ){
+ precision = precision >= -2147483647 ? -precision : -1;
+ }
+ }else{
+ unsigned px = 0;
+ while( c>='0' && c<='9' ){
+ px = px*10 + c - '0';
+ c = *++fmt;
+ }
+ testcase( px>0x7fffffff );
+ precision = px & 0x7fffffff;
+ }
+ }else{
+ precision = -1;
+ }
+ assert( precision>=(-1) );
+#ifdef SQLITE_PRINTF_PRECISION_LIMIT
+ if( precision>SQLITE_PRINTF_PRECISION_LIMIT ){
+ precision = SQLITE_PRINTF_PRECISION_LIMIT;
+ }
+#endif
+
+
+ /* Get the conversion type modifier */
+ if( c=='l' ){
+ flag_long = 1;
+ c = *++fmt;
+ if( c=='l' ){
+ flag_longlong = 1;
+ c = *++fmt;
+ }else{
+ flag_longlong = 0;
+ }
+ }else{
+ flag_long = flag_longlong = 0;
+ }
+ /* Fetch the info entry for the field */
+ infop = &fmtinfo[0];
+ xtype = etINVALID;
+ for(idx=0; idx<ArraySize(fmtinfo); idx++){
+ if( c==fmtinfo[idx].fmttype ){
+ infop = &fmtinfo[idx];
+ if( useIntern || (infop->flags & FLAG_INTERN)==0 ){
+ xtype = infop->type;
+ }else{
+ return;
+ }
+ break;
+ }
+ }
+
+ /*
+ ** At this point, variables are initialized as follows:
+ **
+ ** flag_alternateform TRUE if a '#' is present.
+ ** flag_altform2 TRUE if a '!' is present.
+ ** flag_plussign TRUE if a '+' is present.
+ ** flag_leftjustify TRUE if a '-' is present or if the
+ ** field width was negative.
+ ** flag_zeropad TRUE if the width began with 0.
+ ** flag_long TRUE if the letter 'l' (ell) prefixed
+ ** the conversion character.
+ ** flag_longlong TRUE if the letter 'll' (ell ell) prefixed
+ ** the conversion character.
+ ** flag_blanksign TRUE if a ' ' is present.
+ ** width The specified field width. This is
+ ** always non-negative. Zero is the default.
+ ** precision The specified precision. The default
+ ** is -1.
+ ** xtype The class of the conversion.
+ ** infop Pointer to the appropriate info struct.
+ */
+ switch( xtype ){
+ case etPOINTER:
+ flag_longlong = sizeof(char*)==sizeof(i64);
+ flag_long = sizeof(char*)==sizeof(long int);
+ /* Fall through into the next case */
+ case etORDINAL:
+ case etRADIX:
+ if( infop->flags & FLAG_SIGNED ){
+ i64 v;
+ if( bArgList ){
+ v = getIntArg(pArgList);
+ }else if( flag_longlong ){
+ v = va_arg(ap,i64);
+ }else if( flag_long ){
+ v = va_arg(ap,long int);
+ }else{
+ v = va_arg(ap,int);
+ }
+ if( v<0 ){
+ if( v==SMALLEST_INT64 ){
+ longvalue = ((u64)1)<<63;
+ }else{
+ longvalue = -v;
+ }
+ prefix = '-';
+ }else{
+ longvalue = v;
+ if( flag_plussign ) prefix = '+';
+ else if( flag_blanksign ) prefix = ' ';
+ else prefix = 0;
+ }
+ }else{
+ if( bArgList ){
+ longvalue = (u64)getIntArg(pArgList);
+ }else if( flag_longlong ){
+ longvalue = va_arg(ap,u64);
+ }else if( flag_long ){
+ longvalue = va_arg(ap,unsigned long int);
+ }else{
+ longvalue = va_arg(ap,unsigned int);
+ }
+ prefix = 0;
+ }
+ if( longvalue==0 ) flag_alternateform = 0;
+ if( flag_zeropad && precision<width-(prefix!=0) ){
+ precision = width-(prefix!=0);
+ }
+ if( precision<etBUFSIZE-10 ){
+ nOut = etBUFSIZE;
+ zOut = buf;
+ }else{
+ nOut = precision + 10;
+ zOut = zExtra = sqlite3Malloc( nOut );
+ if( zOut==0 ){
+ setStrAccumError(pAccum, STRACCUM_NOMEM);
+ return;
+ }
+ }
+ bufpt = &zOut[nOut-1];
+ if( xtype==etORDINAL ){
+ static const char zOrd[] = "thstndrd";
+ int x = (int)(longvalue % 10);
+ if( x>=4 || (longvalue/10)%10==1 ){
+ x = 0;
+ }
+ *(--bufpt) = zOrd[x*2+1];
+ *(--bufpt) = zOrd[x*2];
+ }
+ {
+ const char *cset = &aDigits[infop->charset];
+ u8 base = infop->base;
+ do{ /* Convert to ascii */
+ *(--bufpt) = cset[longvalue%base];
+ longvalue = longvalue/base;
+ }while( longvalue>0 );
+ }
+ length = (int)(&zOut[nOut-1]-bufpt);
+ for(idx=precision-length; idx>0; idx--){
+ *(--bufpt) = '0'; /* Zero pad */
+ }
+ if( prefix ) *(--bufpt) = prefix; /* Add sign */
+ if( flag_alternateform && infop->prefix ){ /* Add "0" or "0x" */
+ const char *pre;
+ char x;
+ pre = &aPrefix[infop->prefix];
+ for(; (x=(*pre))!=0; pre++) *(--bufpt) = x;
+ }
+ length = (int)(&zOut[nOut-1]-bufpt);
+ break;
+ case etFLOAT:
+ case etEXP:
+ case etGENERIC:
+ if( bArgList ){
+ realvalue = getDoubleArg(pArgList);
+ }else{
+ realvalue = va_arg(ap,double);
+ }
+#ifdef SQLITE_OMIT_FLOATING_POINT
+ length = 0;
+#else
+ if( precision<0 ) precision = 6; /* Set default precision */
+ if( realvalue<0.0 ){
+ realvalue = -realvalue;
+ prefix = '-';
+ }else{
+ if( flag_plussign ) prefix = '+';
+ else if( flag_blanksign ) prefix = ' ';
+ else prefix = 0;
+ }
+ if( xtype==etGENERIC && precision>0 ) precision--;
+ testcase( precision>0xfff );
+ for(idx=precision&0xfff, rounder=0.5; idx>0; idx--, rounder*=0.1){}
+ if( xtype==etFLOAT ) realvalue += rounder;
+ /* Normalize realvalue to within 10.0 > realvalue >= 1.0 */
+ exp = 0;
+ if( sqlite3IsNaN((double)realvalue) ){
+ bufpt = "NaN";
+ length = 3;
+ break;
+ }
+ if( realvalue>0.0 ){
+ LONGDOUBLE_TYPE scale = 1.0;
+ while( realvalue>=1e100*scale && exp<=350 ){ scale *= 1e100;exp+=100;}
+ while( realvalue>=1e10*scale && exp<=350 ){ scale *= 1e10; exp+=10; }
+ while( realvalue>=10.0*scale && exp<=350 ){ scale *= 10.0; exp++; }
+ realvalue /= scale;
+ while( realvalue<1e-8 ){ realvalue *= 1e8; exp-=8; }
+ while( realvalue<1.0 ){ realvalue *= 10.0; exp--; }
+ if( exp>350 ){
+ bufpt = buf;
+ buf[0] = prefix;
+ memcpy(buf+(prefix!=0),"Inf",4);
+ length = 3+(prefix!=0);
+ break;
+ }
+ }
+ bufpt = buf;
+ /*
+ ** If the field type is etGENERIC, then convert to either etEXP
+ ** or etFLOAT, as appropriate.
+ */
+ if( xtype!=etFLOAT ){
+ realvalue += rounder;
+ if( realvalue>=10.0 ){ realvalue *= 0.1; exp++; }
+ }
+ if( xtype==etGENERIC ){
+ flag_rtz = !flag_alternateform;
+ if( exp<-4 || exp>precision ){
+ xtype = etEXP;
+ }else{
+ precision = precision - exp;
+ xtype = etFLOAT;
+ }
+ }else{
+ flag_rtz = flag_altform2;
+ }
+ if( xtype==etEXP ){
+ e2 = 0;
+ }else{
+ e2 = exp;
+ }
+ if( MAX(e2,0)+(i64)precision+(i64)width > etBUFSIZE - 15 ){
+ bufpt = zExtra
+ = sqlite3Malloc( MAX(e2,0)+(i64)precision+(i64)width+15 );
+ if( bufpt==0 ){
+ setStrAccumError(pAccum, STRACCUM_NOMEM);
+ return;
+ }
+ }
+ zOut = bufpt;
+ nsd = 16 + flag_altform2*10;
+ flag_dp = (precision>0 ?1:0) | flag_alternateform | flag_altform2;
+ /* The sign in front of the number */
+ if( prefix ){
+ *(bufpt++) = prefix;
+ }
+ /* Digits prior to the decimal point */
+ if( e2<0 ){
+ *(bufpt++) = '0';
+ }else{
+ for(; e2>=0; e2--){
+ *(bufpt++) = et_getdigit(&realvalue,&nsd);
+ }
+ }
+ /* The decimal point */
+ if( flag_dp ){
+ *(bufpt++) = '.';
+ }
+ /* "0" digits after the decimal point but before the first
+ ** significant digit of the number */
+ for(e2++; e2<0; precision--, e2++){
+ assert( precision>0 );
+ *(bufpt++) = '0';
+ }
+ /* Significant digits after the decimal point */
+ while( (precision--)>0 ){
+ *(bufpt++) = et_getdigit(&realvalue,&nsd);
+ }
+ /* Remove trailing zeros and the "." if no digits follow the "." */
+ if( flag_rtz && flag_dp ){
+ while( bufpt[-1]=='0' ) *(--bufpt) = 0;
+ assert( bufpt>zOut );
+ if( bufpt[-1]=='.' ){
+ if( flag_altform2 ){
+ *(bufpt++) = '0';
+ }else{
+ *(--bufpt) = 0;
+ }
+ }
+ }
+ /* Add the "eNNN" suffix */
+ if( xtype==etEXP ){
+ *(bufpt++) = aDigits[infop->charset];
+ if( exp<0 ){
+ *(bufpt++) = '-'; exp = -exp;
+ }else{
+ *(bufpt++) = '+';
+ }
+ if( exp>=100 ){
+ *(bufpt++) = (char)((exp/100)+'0'); /* 100's digit */
+ exp %= 100;
+ }
+ *(bufpt++) = (char)(exp/10+'0'); /* 10's digit */
+ *(bufpt++) = (char)(exp%10+'0'); /* 1's digit */
+ }
+ *bufpt = 0;
+
+ /* The converted number is in buf[] and zero terminated. Output it.
+ ** Note that the number is in the usual order, not reversed as with
+ ** integer conversions. */
+ length = (int)(bufpt-zOut);
+ bufpt = zOut;
+
+ /* Special case: Add leading zeros if the flag_zeropad flag is
+ ** set and we are not left justified */
+ if( flag_zeropad && !flag_leftjustify && length < width){
+ int i;
+ int nPad = width - length;
+ for(i=width; i>=nPad; i--){
+ bufpt[i] = bufpt[i-nPad];
+ }
+ i = prefix!=0;
+ while( nPad-- ) bufpt[i++] = '0';
+ length = width;
+ }
+#endif /* !defined(SQLITE_OMIT_FLOATING_POINT) */
+ break;
+ case etSIZE:
+ if( !bArgList ){
+ *(va_arg(ap,int*)) = pAccum->nChar;
+ }
+ length = width = 0;
+ break;
+ case etPERCENT:
+ buf[0] = '%';
+ bufpt = buf;
+ length = 1;
+ break;
+ case etCHARX:
+ if( bArgList ){
+ bufpt = getTextArg(pArgList);
+ c = bufpt ? bufpt[0] : 0;
+ }else{
+ c = va_arg(ap,int);
+ }
+ if( precision>1 ){
+ width -= precision-1;
+ if( width>1 && !flag_leftjustify ){
+ sqlite3AppendChar(pAccum, width-1, ' ');
+ width = 0;
+ }
+ sqlite3AppendChar(pAccum, precision-1, c);
+ }
+ length = 1;
+ buf[0] = c;
+ bufpt = buf;
+ break;
+ case etSTRING:
+ case etDYNSTRING:
+ if( bArgList ){
+ bufpt = getTextArg(pArgList);
+ xtype = etSTRING;
+ }else{
+ bufpt = va_arg(ap,char*);
+ }
+ if( bufpt==0 ){
+ bufpt = "";
+ }else if( xtype==etDYNSTRING ){
+ zExtra = bufpt;
+ }
+ if( precision>=0 ){
+ for(length=0; length<precision && bufpt[length]; length++){}
+ }else{
+ length = sqlite3Strlen30(bufpt);
+ }
+ break;
+ case etSQLESCAPE: /* Escape ' characters */
+ case etSQLESCAPE2: /* Escape ' and enclose in '...' */
+ case etSQLESCAPE3: { /* Escape " characters */
+ int i, j, k, n, isnull;
+ int needQuote;
+ char ch;
+ char q = ((xtype==etSQLESCAPE3)?'"':'\''); /* Quote character */
+ char *escarg;
+
+ if( bArgList ){
+ escarg = getTextArg(pArgList);
+ }else{
+ escarg = va_arg(ap,char*);
+ }
+ isnull = escarg==0;
+ if( isnull ) escarg = (xtype==etSQLESCAPE2 ? "NULL" : "(NULL)");
+ k = precision;
+ for(i=n=0; k!=0 && (ch=escarg[i])!=0; i++, k--){
+ if( ch==q ) n++;
+ }
+ needQuote = !isnull && xtype==etSQLESCAPE2;
+ n += i + 3;
+ if( n>etBUFSIZE ){
+ bufpt = zExtra = sqlite3Malloc( n );
+ if( bufpt==0 ){
+ setStrAccumError(pAccum, STRACCUM_NOMEM);
+ return;
+ }
+ }else{
+ bufpt = buf;
+ }
+ j = 0;
+ if( needQuote ) bufpt[j++] = q;
+ k = i;
+ for(i=0; i<k; i++){
+ bufpt[j++] = ch = escarg[i];
+ if( ch==q ) bufpt[j++] = ch;
+ }
+ if( needQuote ) bufpt[j++] = q;
+ bufpt[j] = 0;
+ length = j;
+ /* The precision in %q and %Q means how many input characters to
+ ** consume, not the length of the output...
+ ** if( precision>=0 && precision<length ) length = precision; */
+ break;
+ }
+ case etTOKEN: {
+ Token *pToken = va_arg(ap, Token*);
+ assert( bArgList==0 );
+ if( pToken && pToken->n ){
+ sqlite3StrAccumAppend(pAccum, (const char*)pToken->z, pToken->n);
+ }
+ length = width = 0;
+ break;
+ }
+ case etSRCLIST: {
+ SrcList *pSrc = va_arg(ap, SrcList*);
+ int k = va_arg(ap, int);
+ struct SrcList_item *pItem = &pSrc->a[k];
+ assert( bArgList==0 );
+ assert( k>=0 && k<pSrc->nSrc );
+ if( pItem->zDatabase ){
+ sqlite3StrAccumAppendAll(pAccum, pItem->zDatabase);
+ sqlite3StrAccumAppend(pAccum, ".", 1);
+ }
+ sqlite3StrAccumAppendAll(pAccum, pItem->zName);
+ length = width = 0;
+ break;
+ }
+ default: {
+ assert( xtype==etINVALID );
+ return;
+ }
+ }/* End switch over the format type */
+ /*
+ ** The text of the conversion is pointed to by "bufpt" and is
+ ** "length" characters long. The field width is "width". Do
+ ** the output.
+ */
+ width -= length;
+ if( width>0 && !flag_leftjustify ) sqlite3AppendChar(pAccum, width, ' ');
+ sqlite3StrAccumAppend(pAccum, bufpt, length);
+ if( width>0 && flag_leftjustify ) sqlite3AppendChar(pAccum, width, ' ');
+
+ if( zExtra ){
+ sqlite3DbFree(pAccum->db, zExtra);
+ zExtra = 0;
+ }
+ }/* End for loop over the format string */
+} /* End of function */
+
+/*
+** Enlarge the memory allocation on a StrAccum object so that it is
+** able to accept at least N more bytes of text.
+**
+** Return the number of bytes of text that StrAccum is able to accept
+** after the attempted enlargement. The value returned might be zero.
+*/
+static int sqlite3StrAccumEnlarge(StrAccum *p, int N){
+ char *zNew;
+ assert( p->nChar+(i64)N >= p->nAlloc ); /* Only called if really needed */
+ if( p->accError ){
+ testcase(p->accError==STRACCUM_TOOBIG);
+ testcase(p->accError==STRACCUM_NOMEM);
+ return 0;
+ }
+ if( p->mxAlloc==0 ){
+ N = p->nAlloc - p->nChar - 1;
+ setStrAccumError(p, STRACCUM_TOOBIG);
+ return N;
+ }else{
+ char *zOld = p->bMalloced ? p->zText : 0;
+ i64 szNew = p->nChar;
+ assert( (p->zText==0 || p->zText==p->zBase)==(p->bMalloced==0) );
+ szNew += N + 1;
+ if( szNew+p->nChar<=p->mxAlloc ){
+ /* Force exponential buffer size growth as long as it does not overflow,
+ ** to avoid having to call this routine too often */
+ szNew += p->nChar;
+ }
+ if( szNew > p->mxAlloc ){
+ sqlite3StrAccumReset(p);
+ setStrAccumError(p, STRACCUM_TOOBIG);
+ return 0;
+ }else{
+ p->nAlloc = (int)szNew;
+ }
+ if( p->db ){
+ zNew = sqlite3DbRealloc(p->db, zOld, p->nAlloc);
+ }else{
+ zNew = sqlite3_realloc64(zOld, p->nAlloc);
+ }
+ if( zNew ){
+ assert( p->zText!=0 || p->nChar==0 );
+ if( !p->bMalloced && p->nChar>0 ) memcpy(zNew, p->zText, p->nChar);
+ p->zText = zNew;
+ p->nAlloc = sqlite3DbMallocSize(p->db, zNew);
+ p->bMalloced = 1;
+ }else{
+ sqlite3StrAccumReset(p);
+ setStrAccumError(p, STRACCUM_NOMEM);
+ return 0;
+ }
+ }
+ return N;
+}
+
+/*
+** Append N copies of character c to the given string buffer.
+*/
+SQLITE_PRIVATE void sqlite3AppendChar(StrAccum *p, int N, char c){
+ testcase( p->nChar + (i64)N > 0x7fffffff );
+ if( p->nChar+(i64)N >= p->nAlloc && (N = sqlite3StrAccumEnlarge(p, N))<=0 ){
+ return;
+ }
+ assert( (p->zText==p->zBase)==(p->bMalloced==0) );
+ while( (N--)>0 ) p->zText[p->nChar++] = c;
+}
+
+/*
+** The StrAccum "p" is not large enough to accept N new bytes of z[].
+** So enlarge if first, then do the append.
+**
+** This is a helper routine to sqlite3StrAccumAppend() that does special-case
+** work (enlarging the buffer) using tail recursion, so that the
+** sqlite3StrAccumAppend() routine can use fast calling semantics.
+*/
+static void SQLITE_NOINLINE enlargeAndAppend(StrAccum *p, const char *z, int N){
+ N = sqlite3StrAccumEnlarge(p, N);
+ if( N>0 ){
+ memcpy(&p->zText[p->nChar], z, N);
+ p->nChar += N;
+ }
+ assert( (p->zText==0 || p->zText==p->zBase)==(p->bMalloced==0) );
+}
+
+/*
+** Append N bytes of text from z to the StrAccum object. Increase the
+** size of the memory allocation for StrAccum if necessary.
+*/
+SQLITE_PRIVATE void sqlite3StrAccumAppend(StrAccum *p, const char *z, int N){
+ assert( z!=0 || N==0 );
+ assert( p->zText!=0 || p->nChar==0 || p->accError );
+ assert( N>=0 );
+ assert( p->accError==0 || p->nAlloc==0 );
+ if( p->nChar+N >= p->nAlloc ){
+ enlargeAndAppend(p,z,N);
+ }else{
+ assert( p->zText );
+ p->nChar += N;
+ memcpy(&p->zText[p->nChar-N], z, N);
+ }
+}
+
+/*
+** Append the complete text of zero-terminated string z[] to the p string.
+*/
+SQLITE_PRIVATE void sqlite3StrAccumAppendAll(StrAccum *p, const char *z){
+ sqlite3StrAccumAppend(p, z, sqlite3Strlen30(z));
+}
+
+
+/*
+** Finish off a string by making sure it is zero-terminated.
+** Return a pointer to the resulting string. Return a NULL
+** pointer if any kind of error was encountered.
+*/
+SQLITE_PRIVATE char *sqlite3StrAccumFinish(StrAccum *p){
+ if( p->zText ){
+ assert( (p->zText==p->zBase)==(p->bMalloced==0) );
+ p->zText[p->nChar] = 0;
+ if( p->mxAlloc>0 && p->bMalloced==0 ){
+ p->zText = sqlite3DbMallocRaw(p->db, p->nChar+1 );
+ if( p->zText ){
+ memcpy(p->zText, p->zBase, p->nChar+1);
+ p->bMalloced = 1;
+ }else{
+ setStrAccumError(p, STRACCUM_NOMEM);
+ }
+ }
+ }
+ return p->zText;
+}
+
+/*
+** Reset an StrAccum string. Reclaim all malloced memory.
+*/
+SQLITE_PRIVATE void sqlite3StrAccumReset(StrAccum *p){
+ assert( (p->zText==0 || p->zText==p->zBase)==(p->bMalloced==0) );
+ if( p->bMalloced ){
+ sqlite3DbFree(p->db, p->zText);
+ p->bMalloced = 0;
+ }
+ p->zText = 0;
+}
+
+/*
+** Initialize a string accumulator.
+**
+** p: The accumulator to be initialized.
+** db: Pointer to a database connection. May be NULL. Lookaside
+** memory is used if not NULL. db->mallocFailed is set appropriately
+** when not NULL.
+** zBase: An initial buffer. May be NULL in which case the initial buffer
+** is malloced.
+** n: Size of zBase in bytes. If total space requirements never exceed
+** n then no memory allocations ever occur.
+** mx: Maximum number of bytes to accumulate. If mx==0 then no memory
+** allocations will ever occur.
+*/
+SQLITE_PRIVATE void sqlite3StrAccumInit(StrAccum *p, sqlite3 *db, char *zBase, int n, int mx){
+ p->zText = p->zBase = zBase;
+ p->db = db;
+ p->nChar = 0;
+ p->nAlloc = n;
+ p->mxAlloc = mx;
+ p->accError = 0;
+ p->bMalloced = 0;
+}
+
+/*
+** Print into memory obtained from sqliteMalloc(). Use the internal
+** %-conversion extensions.
+*/
+SQLITE_PRIVATE char *sqlite3VMPrintf(sqlite3 *db, const char *zFormat, va_list ap){
+ char *z;
+ char zBase[SQLITE_PRINT_BUF_SIZE];
+ StrAccum acc;
+ assert( db!=0 );
+ sqlite3StrAccumInit(&acc, db, zBase, sizeof(zBase),
+ db->aLimit[SQLITE_LIMIT_LENGTH]);
+ sqlite3VXPrintf(&acc, SQLITE_PRINTF_INTERNAL, zFormat, ap);
+ z = sqlite3StrAccumFinish(&acc);
+ if( acc.accError==STRACCUM_NOMEM ){
+ db->mallocFailed = 1;
+ }
+ return z;
+}
+
+/*
+** Print into memory obtained from sqliteMalloc(). Use the internal
+** %-conversion extensions.
+*/
+SQLITE_PRIVATE char *sqlite3MPrintf(sqlite3 *db, const char *zFormat, ...){
+ va_list ap;
+ char *z;
+ va_start(ap, zFormat);
+ z = sqlite3VMPrintf(db, zFormat, ap);
+ va_end(ap);
+ return z;
+}
+
+/*
+** Print into memory obtained from sqlite3_malloc(). Omit the internal
+** %-conversion extensions.
+*/
+SQLITE_API char *SQLITE_STDCALL sqlite3_vmprintf(const char *zFormat, va_list ap){
+ char *z;
+ char zBase[SQLITE_PRINT_BUF_SIZE];
+ StrAccum acc;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( zFormat==0 ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return 0;
+#endif
+ sqlite3StrAccumInit(&acc, 0, zBase, sizeof(zBase), SQLITE_MAX_LENGTH);
+ sqlite3VXPrintf(&acc, 0, zFormat, ap);
+ z = sqlite3StrAccumFinish(&acc);
+ return z;
+}
+
+/*
+** Print into memory obtained from sqlite3_malloc()(). Omit the internal
+** %-conversion extensions.
+*/
+SQLITE_API char *SQLITE_CDECL sqlite3_mprintf(const char *zFormat, ...){
+ va_list ap;
+ char *z;
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return 0;
+#endif
+ va_start(ap, zFormat);
+ z = sqlite3_vmprintf(zFormat, ap);
+ va_end(ap);
+ return z;
+}
+
+/*
+** sqlite3_snprintf() works like snprintf() except that it ignores the
+** current locale settings. This is important for SQLite because we
+** are not able to use a "," as the decimal point in place of "." as
+** specified by some locales.
+**
+** Oops: The first two arguments of sqlite3_snprintf() are backwards
+** from the snprintf() standard. Unfortunately, it is too late to change
+** this without breaking compatibility, so we just have to live with the
+** mistake.
+**
+** sqlite3_vsnprintf() is the varargs version.
+*/
+SQLITE_API char *SQLITE_STDCALL sqlite3_vsnprintf(int n, char *zBuf, const char *zFormat, va_list ap){
+ StrAccum acc;
+ if( n<=0 ) return zBuf;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( zBuf==0 || zFormat==0 ) {
+ (void)SQLITE_MISUSE_BKPT;
+ if( zBuf ) zBuf[0] = 0;
+ return zBuf;
+ }
+#endif
+ sqlite3StrAccumInit(&acc, 0, zBuf, n, 0);
+ sqlite3VXPrintf(&acc, 0, zFormat, ap);
+ return sqlite3StrAccumFinish(&acc);
+}
+SQLITE_API char *SQLITE_CDECL sqlite3_snprintf(int n, char *zBuf, const char *zFormat, ...){
+ char *z;
+ va_list ap;
+ va_start(ap,zFormat);
+ z = sqlite3_vsnprintf(n, zBuf, zFormat, ap);
+ va_end(ap);
+ return z;
+}
+
+/*
+** This is the routine that actually formats the sqlite3_log() message.
+** We house it in a separate routine from sqlite3_log() to avoid using
+** stack space on small-stack systems when logging is disabled.
+**
+** sqlite3_log() must render into a static buffer. It cannot dynamically
+** allocate memory because it might be called while the memory allocator
+** mutex is held.
+**
+** sqlite3VXPrintf() might ask for *temporary* memory allocations for
+** certain format characters (%q) or for very large precisions or widths.
+** Care must be taken that any sqlite3_log() calls that occur while the
+** memory mutex is held do not use these mechanisms.
+*/
+static void renderLogMsg(int iErrCode, const char *zFormat, va_list ap){
+ StrAccum acc; /* String accumulator */
+ char zMsg[SQLITE_PRINT_BUF_SIZE*3]; /* Complete log message */
+
+ sqlite3StrAccumInit(&acc, 0, zMsg, sizeof(zMsg), 0);
+ sqlite3VXPrintf(&acc, 0, zFormat, ap);
+ sqlite3GlobalConfig.xLog(sqlite3GlobalConfig.pLogArg, iErrCode,
+ sqlite3StrAccumFinish(&acc));
+}
+
+/*
+** Format and write a message to the log if logging is enabled.
+*/
+SQLITE_API void SQLITE_CDECL sqlite3_log(int iErrCode, const char *zFormat, ...){
+ va_list ap; /* Vararg list */
+ if( sqlite3GlobalConfig.xLog ){
+ va_start(ap, zFormat);
+ renderLogMsg(iErrCode, zFormat, ap);
+ va_end(ap);
+ }
+}
+
+#if defined(SQLITE_DEBUG) || defined(SQLITE_HAVE_OS_TRACE)
+/*
+** A version of printf() that understands %lld. Used for debugging.
+** The printf() built into some versions of windows does not understand %lld
+** and segfaults if you give it a long long int.
+*/
+SQLITE_PRIVATE void sqlite3DebugPrintf(const char *zFormat, ...){
+ va_list ap;
+ StrAccum acc;
+ char zBuf[500];
+ sqlite3StrAccumInit(&acc, 0, zBuf, sizeof(zBuf), 0);
+ va_start(ap,zFormat);
+ sqlite3VXPrintf(&acc, 0, zFormat, ap);
+ va_end(ap);
+ sqlite3StrAccumFinish(&acc);
+ fprintf(stdout,"%s", zBuf);
+ fflush(stdout);
+}
+#endif
+
+
+/*
+** variable-argument wrapper around sqlite3VXPrintf(). The bFlags argument
+** can contain the bit SQLITE_PRINTF_INTERNAL enable internal formats.
+*/
+SQLITE_PRIVATE void sqlite3XPrintf(StrAccum *p, u32 bFlags, const char *zFormat, ...){
+ va_list ap;
+ va_start(ap,zFormat);
+ sqlite3VXPrintf(p, bFlags, zFormat, ap);
+ va_end(ap);
+}
+
+/************** End of printf.c **********************************************/
+/************** Begin file treeview.c ****************************************/
+/*
+** 2015-06-08
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains C code to implement the TreeView debugging routines.
+** These routines print a parse tree to standard output for debugging and
+** analysis.
+**
+** The interfaces in this file is only available when compiling
+** with SQLITE_DEBUG.
+*/
+/* #include "sqliteInt.h" */
+#ifdef SQLITE_DEBUG
+
+/*
+** Add a new subitem to the tree. The moreToFollow flag indicates that this
+** is not the last item in the tree.
+*/
+static TreeView *sqlite3TreeViewPush(TreeView *p, u8 moreToFollow){
+ if( p==0 ){
+ p = sqlite3_malloc64( sizeof(*p) );
+ if( p==0 ) return 0;
+ memset(p, 0, sizeof(*p));
+ }else{
+ p->iLevel++;
+ }
+ assert( moreToFollow==0 || moreToFollow==1 );
+ if( p->iLevel<sizeof(p->bLine) ) p->bLine[p->iLevel] = moreToFollow;
+ return p;
+}
+
+/*
+** Finished with one layer of the tree
+*/
+static void sqlite3TreeViewPop(TreeView *p){
+ if( p==0 ) return;
+ p->iLevel--;
+ if( p->iLevel<0 ) sqlite3_free(p);
+}
+
+/*
+** Generate a single line of output for the tree, with a prefix that contains
+** all the appropriate tree lines
+*/
+static void sqlite3TreeViewLine(TreeView *p, const char *zFormat, ...){
+ va_list ap;
+ int i;
+ StrAccum acc;
+ char zBuf[500];
+ sqlite3StrAccumInit(&acc, 0, zBuf, sizeof(zBuf), 0);
+ if( p ){
+ for(i=0; i<p->iLevel && i<sizeof(p->bLine)-1; i++){
+ sqlite3StrAccumAppend(&acc, p->bLine[i] ? "| " : " ", 4);
+ }
+ sqlite3StrAccumAppend(&acc, p->bLine[i] ? "|-- " : "'-- ", 4);
+ }
+ va_start(ap, zFormat);
+ sqlite3VXPrintf(&acc, 0, zFormat, ap);
+ va_end(ap);
+ if( zBuf[acc.nChar-1]!='\n' ) sqlite3StrAccumAppend(&acc, "\n", 1);
+ sqlite3StrAccumFinish(&acc);
+ fprintf(stdout,"%s", zBuf);
+ fflush(stdout);
+}
+
+/*
+** Shorthand for starting a new tree item that consists of a single label
+*/
+static void sqlite3TreeViewItem(TreeView *p, const char *zLabel,u8 moreFollows){
+ p = sqlite3TreeViewPush(p, moreFollows);
+ sqlite3TreeViewLine(p, "%s", zLabel);
+}
+
+/*
+** Generate a human-readable description of a WITH clause.
+*/
+SQLITE_PRIVATE void sqlite3TreeViewWith(TreeView *pView, const With *pWith, u8 moreToFollow){
+ int i;
+ if( pWith==0 ) return;
+ if( pWith->nCte==0 ) return;
+ if( pWith->pOuter ){
+ sqlite3TreeViewLine(pView, "WITH (0x%p, pOuter=0x%p)",pWith,pWith->pOuter);
+ }else{
+ sqlite3TreeViewLine(pView, "WITH (0x%p)", pWith);
+ }
+ if( pWith->nCte>0 ){
+ pView = sqlite3TreeViewPush(pView, 1);
+ for(i=0; i<pWith->nCte; i++){
+ StrAccum x;
+ char zLine[1000];
+ const struct Cte *pCte = &pWith->a[i];
+ sqlite3StrAccumInit(&x, 0, zLine, sizeof(zLine), 0);
+ sqlite3XPrintf(&x, 0, "%s", pCte->zName);
+ if( pCte->pCols && pCte->pCols->nExpr>0 ){
+ char cSep = '(';
+ int j;
+ for(j=0; j<pCte->pCols->nExpr; j++){
+ sqlite3XPrintf(&x, 0, "%c%s", cSep, pCte->pCols->a[j].zName);
+ cSep = ',';
+ }
+ sqlite3XPrintf(&x, 0, ")");
+ }
+ sqlite3XPrintf(&x, 0, " AS");
+ sqlite3StrAccumFinish(&x);
+ sqlite3TreeViewItem(pView, zLine, i<pWith->nCte-1);
+ sqlite3TreeViewSelect(pView, pCte->pSelect, 0);
+ sqlite3TreeViewPop(pView);
+ }
+ sqlite3TreeViewPop(pView);
+ }
+}
+
+
+/*
+** Generate a human-readable description of a the Select object.
+*/
+SQLITE_PRIVATE void sqlite3TreeViewSelect(TreeView *pView, const Select *p, u8 moreToFollow){
+ int n = 0;
+ int cnt = 0;
+ pView = sqlite3TreeViewPush(pView, moreToFollow);
+ if( p->pWith ){
+ sqlite3TreeViewWith(pView, p->pWith, 1);
+ cnt = 1;
+ sqlite3TreeViewPush(pView, 1);
+ }
+ do{
+ sqlite3TreeViewLine(pView, "SELECT%s%s (0x%p) selFlags=0x%x",
+ ((p->selFlags & SF_Distinct) ? " DISTINCT" : ""),
+ ((p->selFlags & SF_Aggregate) ? " agg_flag" : ""), p, p->selFlags
+ );
+ if( cnt++ ) sqlite3TreeViewPop(pView);
+ if( p->pPrior ){
+ n = 1000;
+ }else{
+ n = 0;
+ if( p->pSrc && p->pSrc->nSrc ) n++;
+ if( p->pWhere ) n++;
+ if( p->pGroupBy ) n++;
+ if( p->pHaving ) n++;
+ if( p->pOrderBy ) n++;
+ if( p->pLimit ) n++;
+ if( p->pOffset ) n++;
+ }
+ sqlite3TreeViewExprList(pView, p->pEList, (n--)>0, "result-set");
+ if( p->pSrc && p->pSrc->nSrc ){
+ int i;
+ pView = sqlite3TreeViewPush(pView, (n--)>0);
+ sqlite3TreeViewLine(pView, "FROM");
+ for(i=0; i<p->pSrc->nSrc; i++){
+ struct SrcList_item *pItem = &p->pSrc->a[i];
+ StrAccum x;
+ char zLine[100];
+ sqlite3StrAccumInit(&x, 0, zLine, sizeof(zLine), 0);
+ sqlite3XPrintf(&x, 0, "{%d,*}", pItem->iCursor);
+ if( pItem->zDatabase ){
+ sqlite3XPrintf(&x, 0, " %s.%s", pItem->zDatabase, pItem->zName);
+ }else if( pItem->zName ){
+ sqlite3XPrintf(&x, 0, " %s", pItem->zName);
+ }
+ if( pItem->pTab ){
+ sqlite3XPrintf(&x, 0, " tabname=%Q", pItem->pTab->zName);
+ }
+ if( pItem->zAlias ){
+ sqlite3XPrintf(&x, 0, " (AS %s)", pItem->zAlias);
+ }
+ if( pItem->fg.jointype & JT_LEFT ){
+ sqlite3XPrintf(&x, 0, " LEFT-JOIN");
+ }
+ sqlite3StrAccumFinish(&x);
+ sqlite3TreeViewItem(pView, zLine, i<p->pSrc->nSrc-1);
+ if( pItem->pSelect ){
+ sqlite3TreeViewSelect(pView, pItem->pSelect, 0);
+ }
+ if( pItem->fg.isTabFunc ){
+ sqlite3TreeViewExprList(pView, pItem->u1.pFuncArg, 0, "func-args:");
+ }
+ sqlite3TreeViewPop(pView);
+ }
+ sqlite3TreeViewPop(pView);
+ }
+ if( p->pWhere ){
+ sqlite3TreeViewItem(pView, "WHERE", (n--)>0);
+ sqlite3TreeViewExpr(pView, p->pWhere, 0);
+ sqlite3TreeViewPop(pView);
+ }
+ if( p->pGroupBy ){
+ sqlite3TreeViewExprList(pView, p->pGroupBy, (n--)>0, "GROUPBY");
+ }
+ if( p->pHaving ){
+ sqlite3TreeViewItem(pView, "HAVING", (n--)>0);
+ sqlite3TreeViewExpr(pView, p->pHaving, 0);
+ sqlite3TreeViewPop(pView);
+ }
+ if( p->pOrderBy ){
+ sqlite3TreeViewExprList(pView, p->pOrderBy, (n--)>0, "ORDERBY");
+ }
+ if( p->pLimit ){
+ sqlite3TreeViewItem(pView, "LIMIT", (n--)>0);
+ sqlite3TreeViewExpr(pView, p->pLimit, 0);
+ sqlite3TreeViewPop(pView);
+ }
+ if( p->pOffset ){
+ sqlite3TreeViewItem(pView, "OFFSET", (n--)>0);
+ sqlite3TreeViewExpr(pView, p->pOffset, 0);
+ sqlite3TreeViewPop(pView);
+ }
+ if( p->pPrior ){
+ const char *zOp = "UNION";
+ switch( p->op ){
+ case TK_ALL: zOp = "UNION ALL"; break;
+ case TK_INTERSECT: zOp = "INTERSECT"; break;
+ case TK_EXCEPT: zOp = "EXCEPT"; break;
+ }
+ sqlite3TreeViewItem(pView, zOp, 1);
+ }
+ p = p->pPrior;
+ }while( p!=0 );
+ sqlite3TreeViewPop(pView);
+}
+
+/*
+** Generate a human-readable explanation of an expression tree.
+*/
+SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 moreToFollow){
+ const char *zBinOp = 0; /* Binary operator */
+ const char *zUniOp = 0; /* Unary operator */
+ char zFlgs[30];
+ pView = sqlite3TreeViewPush(pView, moreToFollow);
+ if( pExpr==0 ){
+ sqlite3TreeViewLine(pView, "nil");
+ sqlite3TreeViewPop(pView);
+ return;
+ }
+ if( pExpr->flags ){
+ sqlite3_snprintf(sizeof(zFlgs),zFlgs," flags=0x%x",pExpr->flags);
+ }else{
+ zFlgs[0] = 0;
+ }
+ switch( pExpr->op ){
+ case TK_AGG_COLUMN: {
+ sqlite3TreeViewLine(pView, "AGG{%d:%d}%s",
+ pExpr->iTable, pExpr->iColumn, zFlgs);
+ break;
+ }
+ case TK_COLUMN: {
+ if( pExpr->iTable<0 ){
+ /* This only happens when coding check constraints */
+ sqlite3TreeViewLine(pView, "COLUMN(%d)%s", pExpr->iColumn, zFlgs);
+ }else{
+ sqlite3TreeViewLine(pView, "{%d:%d}%s",
+ pExpr->iTable, pExpr->iColumn, zFlgs);
+ }
+ break;
+ }
+ case TK_INTEGER: {
+ if( pExpr->flags & EP_IntValue ){
+ sqlite3TreeViewLine(pView, "%d", pExpr->u.iValue);
+ }else{
+ sqlite3TreeViewLine(pView, "%s", pExpr->u.zToken);
+ }
+ break;
+ }
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ case TK_FLOAT: {
+ sqlite3TreeViewLine(pView,"%s", pExpr->u.zToken);
+ break;
+ }
+#endif
+ case TK_STRING: {
+ sqlite3TreeViewLine(pView,"%Q", pExpr->u.zToken);
+ break;
+ }
+ case TK_NULL: {
+ sqlite3TreeViewLine(pView,"NULL");
+ break;
+ }
+#ifndef SQLITE_OMIT_BLOB_LITERAL
+ case TK_BLOB: {
+ sqlite3TreeViewLine(pView,"%s", pExpr->u.zToken);
+ break;
+ }
+#endif
+ case TK_VARIABLE: {
+ sqlite3TreeViewLine(pView,"VARIABLE(%s,%d)",
+ pExpr->u.zToken, pExpr->iColumn);
+ break;
+ }
+ case TK_REGISTER: {
+ sqlite3TreeViewLine(pView,"REGISTER(%d)", pExpr->iTable);
+ break;
+ }
+ case TK_ID: {
+ sqlite3TreeViewLine(pView,"ID \"%w\"", pExpr->u.zToken);
+ break;
+ }
+#ifndef SQLITE_OMIT_CAST
+ case TK_CAST: {
+ /* Expressions of the form: CAST(pLeft AS token) */
+ sqlite3TreeViewLine(pView,"CAST %Q", pExpr->u.zToken);
+ sqlite3TreeViewExpr(pView, pExpr->pLeft, 0);
+ break;
+ }
+#endif /* SQLITE_OMIT_CAST */
+ case TK_LT: zBinOp = "LT"; break;
+ case TK_LE: zBinOp = "LE"; break;
+ case TK_GT: zBinOp = "GT"; break;
+ case TK_GE: zBinOp = "GE"; break;
+ case TK_NE: zBinOp = "NE"; break;
+ case TK_EQ: zBinOp = "EQ"; break;
+ case TK_IS: zBinOp = "IS"; break;
+ case TK_ISNOT: zBinOp = "ISNOT"; break;
+ case TK_AND: zBinOp = "AND"; break;
+ case TK_OR: zBinOp = "OR"; break;
+ case TK_PLUS: zBinOp = "ADD"; break;
+ case TK_STAR: zBinOp = "MUL"; break;
+ case TK_MINUS: zBinOp = "SUB"; break;
+ case TK_REM: zBinOp = "REM"; break;
+ case TK_BITAND: zBinOp = "BITAND"; break;
+ case TK_BITOR: zBinOp = "BITOR"; break;
+ case TK_SLASH: zBinOp = "DIV"; break;
+ case TK_LSHIFT: zBinOp = "LSHIFT"; break;
+ case TK_RSHIFT: zBinOp = "RSHIFT"; break;
+ case TK_CONCAT: zBinOp = "CONCAT"; break;
+ case TK_DOT: zBinOp = "DOT"; break;
+
+ case TK_UMINUS: zUniOp = "UMINUS"; break;
+ case TK_UPLUS: zUniOp = "UPLUS"; break;
+ case TK_BITNOT: zUniOp = "BITNOT"; break;
+ case TK_NOT: zUniOp = "NOT"; break;
+ case TK_ISNULL: zUniOp = "ISNULL"; break;
+ case TK_NOTNULL: zUniOp = "NOTNULL"; break;
+
+ case TK_COLLATE: {
+ sqlite3TreeViewLine(pView, "COLLATE %Q", pExpr->u.zToken);
+ sqlite3TreeViewExpr(pView, pExpr->pLeft, 0);
+ break;
+ }
+
+ case TK_AGG_FUNCTION:
+ case TK_FUNCTION: {
+ ExprList *pFarg; /* List of function arguments */
+ if( ExprHasProperty(pExpr, EP_TokenOnly) ){
+ pFarg = 0;
+ }else{
+ pFarg = pExpr->x.pList;
+ }
+ if( pExpr->op==TK_AGG_FUNCTION ){
+ sqlite3TreeViewLine(pView, "AGG_FUNCTION%d %Q",
+ pExpr->op2, pExpr->u.zToken);
+ }else{
+ sqlite3TreeViewLine(pView, "FUNCTION %Q", pExpr->u.zToken);
+ }
+ if( pFarg ){
+ sqlite3TreeViewExprList(pView, pFarg, 0, 0);
+ }
+ break;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case TK_EXISTS: {
+ sqlite3TreeViewLine(pView, "EXISTS-expr");
+ sqlite3TreeViewSelect(pView, pExpr->x.pSelect, 0);
+ break;
+ }
+ case TK_SELECT: {
+ sqlite3TreeViewLine(pView, "SELECT-expr");
+ sqlite3TreeViewSelect(pView, pExpr->x.pSelect, 0);
+ break;
+ }
+ case TK_IN: {
+ sqlite3TreeViewLine(pView, "IN");
+ sqlite3TreeViewExpr(pView, pExpr->pLeft, 1);
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ sqlite3TreeViewSelect(pView, pExpr->x.pSelect, 0);
+ }else{
+ sqlite3TreeViewExprList(pView, pExpr->x.pList, 0, 0);
+ }
+ break;
+ }
+#endif /* SQLITE_OMIT_SUBQUERY */
+
+ /*
+ ** x BETWEEN y AND z
+ **
+ ** This is equivalent to
+ **
+ ** x>=y AND x<=z
+ **
+ ** X is stored in pExpr->pLeft.
+ ** Y is stored in pExpr->pList->a[0].pExpr.
+ ** Z is stored in pExpr->pList->a[1].pExpr.
+ */
+ case TK_BETWEEN: {
+ Expr *pX = pExpr->pLeft;
+ Expr *pY = pExpr->x.pList->a[0].pExpr;
+ Expr *pZ = pExpr->x.pList->a[1].pExpr;
+ sqlite3TreeViewLine(pView, "BETWEEN");
+ sqlite3TreeViewExpr(pView, pX, 1);
+ sqlite3TreeViewExpr(pView, pY, 1);
+ sqlite3TreeViewExpr(pView, pZ, 0);
+ break;
+ }
+ case TK_TRIGGER: {
+ /* If the opcode is TK_TRIGGER, then the expression is a reference
+ ** to a column in the new.* or old.* pseudo-tables available to
+ ** trigger programs. In this case Expr.iTable is set to 1 for the
+ ** new.* pseudo-table, or 0 for the old.* pseudo-table. Expr.iColumn
+ ** is set to the column of the pseudo-table to read, or to -1 to
+ ** read the rowid field.
+ */
+ sqlite3TreeViewLine(pView, "%s(%d)",
+ pExpr->iTable ? "NEW" : "OLD", pExpr->iColumn);
+ break;
+ }
+ case TK_CASE: {
+ sqlite3TreeViewLine(pView, "CASE");
+ sqlite3TreeViewExpr(pView, pExpr->pLeft, 1);
+ sqlite3TreeViewExprList(pView, pExpr->x.pList, 0, 0);
+ break;
+ }
+#ifndef SQLITE_OMIT_TRIGGER
+ case TK_RAISE: {
+ const char *zType = "unk";
+ switch( pExpr->affinity ){
+ case OE_Rollback: zType = "rollback"; break;
+ case OE_Abort: zType = "abort"; break;
+ case OE_Fail: zType = "fail"; break;
+ case OE_Ignore: zType = "ignore"; break;
+ }
+ sqlite3TreeViewLine(pView, "RAISE %s(%Q)", zType, pExpr->u.zToken);
+ break;
+ }
+#endif
+ default: {
+ sqlite3TreeViewLine(pView, "op=%d", pExpr->op);
+ break;
+ }
+ }
+ if( zBinOp ){
+ sqlite3TreeViewLine(pView, "%s%s", zBinOp, zFlgs);
+ sqlite3TreeViewExpr(pView, pExpr->pLeft, 1);
+ sqlite3TreeViewExpr(pView, pExpr->pRight, 0);
+ }else if( zUniOp ){
+ sqlite3TreeViewLine(pView, "%s%s", zUniOp, zFlgs);
+ sqlite3TreeViewExpr(pView, pExpr->pLeft, 0);
+ }
+ sqlite3TreeViewPop(pView);
+}
+
+/*
+** Generate a human-readable explanation of an expression list.
+*/
+SQLITE_PRIVATE void sqlite3TreeViewExprList(
+ TreeView *pView,
+ const ExprList *pList,
+ u8 moreToFollow,
+ const char *zLabel
+){
+ int i;
+ pView = sqlite3TreeViewPush(pView, moreToFollow);
+ if( zLabel==0 || zLabel[0]==0 ) zLabel = "LIST";
+ if( pList==0 ){
+ sqlite3TreeViewLine(pView, "%s (empty)", zLabel);
+ }else{
+ sqlite3TreeViewLine(pView, "%s", zLabel);
+ for(i=0; i<pList->nExpr; i++){
+ int j = pList->a[i].u.x.iOrderByCol;
+ if( j ){
+ sqlite3TreeViewPush(pView, 0);
+ sqlite3TreeViewLine(pView, "iOrderByCol=%d", j);
+ }
+ sqlite3TreeViewExpr(pView, pList->a[i].pExpr, i<pList->nExpr-1);
+ if( j ) sqlite3TreeViewPop(pView);
+ }
+ }
+ sqlite3TreeViewPop(pView);
+}
+
+#endif /* SQLITE_DEBUG */
+
+/************** End of treeview.c ********************************************/
+/************** Begin file random.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code to implement a pseudo-random number
+** generator (PRNG) for SQLite.
+**
+** Random numbers are used by some of the database backends in order
+** to generate random integer keys for tables or random filenames.
+*/
+/* #include "sqliteInt.h" */
+
+
+/* All threads share a single random number generator.
+** This structure is the current state of the generator.
+*/
+static SQLITE_WSD struct sqlite3PrngType {
+ unsigned char isInit; /* True if initialized */
+ unsigned char i, j; /* State variables */
+ unsigned char s[256]; /* State variables */
+} sqlite3Prng;
+
+/*
+** Return N random bytes.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_randomness(int N, void *pBuf){
+ unsigned char t;
+ unsigned char *zBuf = pBuf;
+
+ /* The "wsdPrng" macro will resolve to the pseudo-random number generator
+ ** state vector. If writable static data is unsupported on the target,
+ ** we have to locate the state vector at run-time. In the more common
+ ** case where writable static data is supported, wsdPrng can refer directly
+ ** to the "sqlite3Prng" state vector declared above.
+ */
+#ifdef SQLITE_OMIT_WSD
+ struct sqlite3PrngType *p = &GLOBAL(struct sqlite3PrngType, sqlite3Prng);
+# define wsdPrng p[0]
+#else
+# define wsdPrng sqlite3Prng
+#endif
+
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex;
+#endif
+
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize() ) return;
+#endif
+
+#if SQLITE_THREADSAFE
+ mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_PRNG);
+#endif
+
+ sqlite3_mutex_enter(mutex);
+ if( N<=0 || pBuf==0 ){
+ wsdPrng.isInit = 0;
+ sqlite3_mutex_leave(mutex);
+ return;
+ }
+
+ /* Initialize the state of the random number generator once,
+ ** the first time this routine is called. The seed value does
+ ** not need to contain a lot of randomness since we are not
+ ** trying to do secure encryption or anything like that...
+ **
+ ** Nothing in this file or anywhere else in SQLite does any kind of
+ ** encryption. The RC4 algorithm is being used as a PRNG (pseudo-random
+ ** number generator) not as an encryption device.
+ */
+ if( !wsdPrng.isInit ){
+ int i;
+ char k[256];
+ wsdPrng.j = 0;
+ wsdPrng.i = 0;
+ sqlite3OsRandomness(sqlite3_vfs_find(0), 256, k);
+ for(i=0; i<256; i++){
+ wsdPrng.s[i] = (u8)i;
+ }
+ for(i=0; i<256; i++){
+ wsdPrng.j += wsdPrng.s[i] + k[i];
+ t = wsdPrng.s[wsdPrng.j];
+ wsdPrng.s[wsdPrng.j] = wsdPrng.s[i];
+ wsdPrng.s[i] = t;
+ }
+ wsdPrng.isInit = 1;
+ }
+
+ assert( N>0 );
+ do{
+ wsdPrng.i++;
+ t = wsdPrng.s[wsdPrng.i];
+ wsdPrng.j += t;
+ wsdPrng.s[wsdPrng.i] = wsdPrng.s[wsdPrng.j];
+ wsdPrng.s[wsdPrng.j] = t;
+ t += wsdPrng.s[wsdPrng.i];
+ *(zBuf++) = wsdPrng.s[t];
+ }while( --N );
+ sqlite3_mutex_leave(mutex);
+}
+
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+/*
+** For testing purposes, we sometimes want to preserve the state of
+** PRNG and restore the PRNG to its saved state at a later time, or
+** to reset the PRNG to its initial state. These routines accomplish
+** those tasks.
+**
+** The sqlite3_test_control() interface calls these routines to
+** control the PRNG.
+*/
+static SQLITE_WSD struct sqlite3PrngType sqlite3SavedPrng;
+SQLITE_PRIVATE void sqlite3PrngSaveState(void){
+ memcpy(
+ &GLOBAL(struct sqlite3PrngType, sqlite3SavedPrng),
+ &GLOBAL(struct sqlite3PrngType, sqlite3Prng),
+ sizeof(sqlite3Prng)
+ );
+}
+SQLITE_PRIVATE void sqlite3PrngRestoreState(void){
+ memcpy(
+ &GLOBAL(struct sqlite3PrngType, sqlite3Prng),
+ &GLOBAL(struct sqlite3PrngType, sqlite3SavedPrng),
+ sizeof(sqlite3Prng)
+ );
+}
+#endif /* SQLITE_OMIT_BUILTIN_TEST */
+
+/************** End of random.c **********************************************/
+/************** Begin file threads.c *****************************************/
+/*
+** 2012 July 21
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file presents a simple cross-platform threading interface for
+** use internally by SQLite.
+**
+** A "thread" can be created using sqlite3ThreadCreate(). This thread
+** runs independently of its creator until it is joined using
+** sqlite3ThreadJoin(), at which point it terminates.
+**
+** Threads do not have to be real. It could be that the work of the
+** "thread" is done by the main thread at either the sqlite3ThreadCreate()
+** or sqlite3ThreadJoin() call. This is, in fact, what happens in
+** single threaded systems. Nothing in SQLite requires multiple threads.
+** This interface exists so that applications that want to take advantage
+** of multiple cores can do so, while also allowing applications to stay
+** single-threaded if desired.
+*/
+/* #include "sqliteInt.h" */
+#if SQLITE_OS_WIN
+/* # include "os_win.h" */
+#endif
+
+#if SQLITE_MAX_WORKER_THREADS>0
+
+/********************************* Unix Pthreads ****************************/
+#if SQLITE_OS_UNIX && defined(SQLITE_MUTEX_PTHREADS) && SQLITE_THREADSAFE>0
+
+#define SQLITE_THREADS_IMPLEMENTED 1 /* Prevent the single-thread code below */
+/* #include <pthread.h> */
+
+/* A running thread */
+struct SQLiteThread {
+ pthread_t tid; /* Thread ID */
+ int done; /* Set to true when thread finishes */
+ void *pOut; /* Result returned by the thread */
+ void *(*xTask)(void*); /* The thread routine */
+ void *pIn; /* Argument to the thread */
+};
+
+/* Create a new thread */
+SQLITE_PRIVATE int sqlite3ThreadCreate(
+ SQLiteThread **ppThread, /* OUT: Write the thread object here */
+ void *(*xTask)(void*), /* Routine to run in a separate thread */
+ void *pIn /* Argument passed into xTask() */
+){
+ SQLiteThread *p;
+ int rc;
+
+ assert( ppThread!=0 );
+ assert( xTask!=0 );
+ /* This routine is never used in single-threaded mode */
+ assert( sqlite3GlobalConfig.bCoreMutex!=0 );
+
+ *ppThread = 0;
+ p = sqlite3Malloc(sizeof(*p));
+ if( p==0 ) return SQLITE_NOMEM;
+ memset(p, 0, sizeof(*p));
+ p->xTask = xTask;
+ p->pIn = pIn;
+ /* If the SQLITE_TESTCTRL_FAULT_INSTALL callback is registered to a
+ ** function that returns SQLITE_ERROR when passed the argument 200, that
+ ** forces worker threads to run sequentially and deterministically
+ ** for testing purposes. */
+ if( sqlite3FaultSim(200) ){
+ rc = 1;
+ }else{
+ rc = pthread_create(&p->tid, 0, xTask, pIn);
+ }
+ if( rc ){
+ p->done = 1;
+ p->pOut = xTask(pIn);
+ }
+ *ppThread = p;
+ return SQLITE_OK;
+}
+
+/* Get the results of the thread */
+SQLITE_PRIVATE int sqlite3ThreadJoin(SQLiteThread *p, void **ppOut){
+ int rc;
+
+ assert( ppOut!=0 );
+ if( NEVER(p==0) ) return SQLITE_NOMEM;
+ if( p->done ){
+ *ppOut = p->pOut;
+ rc = SQLITE_OK;
+ }else{
+ rc = pthread_join(p->tid, ppOut) ? SQLITE_ERROR : SQLITE_OK;
+ }
+ sqlite3_free(p);
+ return rc;
+}
+
+#endif /* SQLITE_OS_UNIX && defined(SQLITE_MUTEX_PTHREADS) */
+/******************************** End Unix Pthreads *************************/
+
+
+/********************************* Win32 Threads ****************************/
+#if SQLITE_OS_WIN_THREADS
+
+#define SQLITE_THREADS_IMPLEMENTED 1 /* Prevent the single-thread code below */
+#include <process.h>
+
+/* A running thread */
+struct SQLiteThread {
+ void *tid; /* The thread handle */
+ unsigned id; /* The thread identifier */
+ void *(*xTask)(void*); /* The routine to run as a thread */
+ void *pIn; /* Argument to xTask */
+ void *pResult; /* Result of xTask */
+};
+
+/* Thread procedure Win32 compatibility shim */
+static unsigned __stdcall sqlite3ThreadProc(
+ void *pArg /* IN: Pointer to the SQLiteThread structure */
+){
+ SQLiteThread *p = (SQLiteThread *)pArg;
+
+ assert( p!=0 );
+#if 0
+ /*
+ ** This assert appears to trigger spuriously on certain
+ ** versions of Windows, possibly due to _beginthreadex()
+ ** and/or CreateThread() not fully setting their thread
+ ** ID parameter before starting the thread.
+ */
+ assert( p->id==GetCurrentThreadId() );
+#endif
+ assert( p->xTask!=0 );
+ p->pResult = p->xTask(p->pIn);
+
+ _endthreadex(0);
+ return 0; /* NOT REACHED */
+}
+
+/* Create a new thread */
+SQLITE_PRIVATE int sqlite3ThreadCreate(
+ SQLiteThread **ppThread, /* OUT: Write the thread object here */
+ void *(*xTask)(void*), /* Routine to run in a separate thread */
+ void *pIn /* Argument passed into xTask() */
+){
+ SQLiteThread *p;
+
+ assert( ppThread!=0 );
+ assert( xTask!=0 );
+ *ppThread = 0;
+ p = sqlite3Malloc(sizeof(*p));
+ if( p==0 ) return SQLITE_NOMEM;
+ /* If the SQLITE_TESTCTRL_FAULT_INSTALL callback is registered to a
+ ** function that returns SQLITE_ERROR when passed the argument 200, that
+ ** forces worker threads to run sequentially and deterministically
+ ** (via the sqlite3FaultSim() term of the conditional) for testing
+ ** purposes. */
+ if( sqlite3GlobalConfig.bCoreMutex==0 || sqlite3FaultSim(200) ){
+ memset(p, 0, sizeof(*p));
+ }else{
+ p->xTask = xTask;
+ p->pIn = pIn;
+ p->tid = (void*)_beginthreadex(0, 0, sqlite3ThreadProc, p, 0, &p->id);
+ if( p->tid==0 ){
+ memset(p, 0, sizeof(*p));
+ }
+ }
+ if( p->xTask==0 ){
+ p->id = GetCurrentThreadId();
+ p->pResult = xTask(pIn);
+ }
+ *ppThread = p;
+ return SQLITE_OK;
+}
+
+SQLITE_PRIVATE DWORD sqlite3Win32Wait(HANDLE hObject); /* os_win.c */
+
+/* Get the results of the thread */
+SQLITE_PRIVATE int sqlite3ThreadJoin(SQLiteThread *p, void **ppOut){
+ DWORD rc;
+ BOOL bRc;
+
+ assert( ppOut!=0 );
+ if( NEVER(p==0) ) return SQLITE_NOMEM;
+ if( p->xTask==0 ){
+ /* assert( p->id==GetCurrentThreadId() ); */
+ rc = WAIT_OBJECT_0;
+ assert( p->tid==0 );
+ }else{
+ assert( p->id!=0 && p->id!=GetCurrentThreadId() );
+ rc = sqlite3Win32Wait((HANDLE)p->tid);
+ assert( rc!=WAIT_IO_COMPLETION );
+ bRc = CloseHandle((HANDLE)p->tid);
+ assert( bRc );
+ }
+ if( rc==WAIT_OBJECT_0 ) *ppOut = p->pResult;
+ sqlite3_free(p);
+ return (rc==WAIT_OBJECT_0) ? SQLITE_OK : SQLITE_ERROR;
+}
+
+#endif /* SQLITE_OS_WIN_THREADS */
+/******************************** End Win32 Threads *************************/
+
+
+/********************************* Single-Threaded **************************/
+#ifndef SQLITE_THREADS_IMPLEMENTED
+/*
+** This implementation does not actually create a new thread. It does the
+** work of the thread in the main thread, when either the thread is created
+** or when it is joined
+*/
+
+/* A running thread */
+struct SQLiteThread {
+ void *(*xTask)(void*); /* The routine to run as a thread */
+ void *pIn; /* Argument to xTask */
+ void *pResult; /* Result of xTask */
+};
+
+/* Create a new thread */
+SQLITE_PRIVATE int sqlite3ThreadCreate(
+ SQLiteThread **ppThread, /* OUT: Write the thread object here */
+ void *(*xTask)(void*), /* Routine to run in a separate thread */
+ void *pIn /* Argument passed into xTask() */
+){
+ SQLiteThread *p;
+
+ assert( ppThread!=0 );
+ assert( xTask!=0 );
+ *ppThread = 0;
+ p = sqlite3Malloc(sizeof(*p));
+ if( p==0 ) return SQLITE_NOMEM;
+ if( (SQLITE_PTR_TO_INT(p)/17)&1 ){
+ p->xTask = xTask;
+ p->pIn = pIn;
+ }else{
+ p->xTask = 0;
+ p->pResult = xTask(pIn);
+ }
+ *ppThread = p;
+ return SQLITE_OK;
+}
+
+/* Get the results of the thread */
+SQLITE_PRIVATE int sqlite3ThreadJoin(SQLiteThread *p, void **ppOut){
+
+ assert( ppOut!=0 );
+ if( NEVER(p==0) ) return SQLITE_NOMEM;
+ if( p->xTask ){
+ *ppOut = p->xTask(p->pIn);
+ }else{
+ *ppOut = p->pResult;
+ }
+ sqlite3_free(p);
+
+#if defined(SQLITE_TEST)
+ {
+ void *pTstAlloc = sqlite3Malloc(10);
+ if (!pTstAlloc) return SQLITE_NOMEM;
+ sqlite3_free(pTstAlloc);
+ }
+#endif
+
+ return SQLITE_OK;
+}
+
+#endif /* !defined(SQLITE_THREADS_IMPLEMENTED) */
+/****************************** End Single-Threaded *************************/
+#endif /* SQLITE_MAX_WORKER_THREADS>0 */
+
+/************** End of threads.c *********************************************/
+/************** Begin file utf.c *********************************************/
+/*
+** 2004 April 13
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains routines used to translate between UTF-8,
+** UTF-16, UTF-16BE, and UTF-16LE.
+**
+** Notes on UTF-8:
+**
+** Byte-0 Byte-1 Byte-2 Byte-3 Value
+** 0xxxxxxx 00000000 00000000 0xxxxxxx
+** 110yyyyy 10xxxxxx 00000000 00000yyy yyxxxxxx
+** 1110zzzz 10yyyyyy 10xxxxxx 00000000 zzzzyyyy yyxxxxxx
+** 11110uuu 10uuzzzz 10yyyyyy 10xxxxxx 000uuuuu zzzzyyyy yyxxxxxx
+**
+**
+** Notes on UTF-16: (with wwww+1==uuuuu)
+**
+** Word-0 Word-1 Value
+** 110110ww wwzzzzyy 110111yy yyxxxxxx 000uuuuu zzzzyyyy yyxxxxxx
+** zzzzyyyy yyxxxxxx 00000000 zzzzyyyy yyxxxxxx
+**
+**
+** BOM or Byte Order Mark:
+** 0xff 0xfe little-endian utf-16 follows
+** 0xfe 0xff big-endian utf-16 follows
+**
+*/
+/* #include "sqliteInt.h" */
+/* #include <assert.h> */
+/* #include "vdbeInt.h" */
+
+#if !defined(SQLITE_AMALGAMATION) && SQLITE_BYTEORDER==0
+/*
+** The following constant value is used by the SQLITE_BIGENDIAN and
+** SQLITE_LITTLEENDIAN macros.
+*/
+SQLITE_PRIVATE const int sqlite3one = 1;
+#endif /* SQLITE_AMALGAMATION && SQLITE_BYTEORDER==0 */
+
+/*
+** This lookup table is used to help decode the first byte of
+** a multi-byte UTF8 character.
+*/
+static const unsigned char sqlite3Utf8Trans1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x00, 0x01, 0x00, 0x00,
+};
+
+
+#define WRITE_UTF8(zOut, c) { \
+ if( c<0x00080 ){ \
+ *zOut++ = (u8)(c&0xFF); \
+ } \
+ else if( c<0x00800 ){ \
+ *zOut++ = 0xC0 + (u8)((c>>6)&0x1F); \
+ *zOut++ = 0x80 + (u8)(c & 0x3F); \
+ } \
+ else if( c<0x10000 ){ \
+ *zOut++ = 0xE0 + (u8)((c>>12)&0x0F); \
+ *zOut++ = 0x80 + (u8)((c>>6) & 0x3F); \
+ *zOut++ = 0x80 + (u8)(c & 0x3F); \
+ }else{ \
+ *zOut++ = 0xF0 + (u8)((c>>18) & 0x07); \
+ *zOut++ = 0x80 + (u8)((c>>12) & 0x3F); \
+ *zOut++ = 0x80 + (u8)((c>>6) & 0x3F); \
+ *zOut++ = 0x80 + (u8)(c & 0x3F); \
+ } \
+}
+
+#define WRITE_UTF16LE(zOut, c) { \
+ if( c<=0xFFFF ){ \
+ *zOut++ = (u8)(c&0x00FF); \
+ *zOut++ = (u8)((c>>8)&0x00FF); \
+ }else{ \
+ *zOut++ = (u8)(((c>>10)&0x003F) + (((c-0x10000)>>10)&0x00C0)); \
+ *zOut++ = (u8)(0x00D8 + (((c-0x10000)>>18)&0x03)); \
+ *zOut++ = (u8)(c&0x00FF); \
+ *zOut++ = (u8)(0x00DC + ((c>>8)&0x03)); \
+ } \
+}
+
+#define WRITE_UTF16BE(zOut, c) { \
+ if( c<=0xFFFF ){ \
+ *zOut++ = (u8)((c>>8)&0x00FF); \
+ *zOut++ = (u8)(c&0x00FF); \
+ }else{ \
+ *zOut++ = (u8)(0x00D8 + (((c-0x10000)>>18)&0x03)); \
+ *zOut++ = (u8)(((c>>10)&0x003F) + (((c-0x10000)>>10)&0x00C0)); \
+ *zOut++ = (u8)(0x00DC + ((c>>8)&0x03)); \
+ *zOut++ = (u8)(c&0x00FF); \
+ } \
+}
+
+#define READ_UTF16LE(zIn, TERM, c){ \
+ c = (*zIn++); \
+ c += ((*zIn++)<<8); \
+ if( c>=0xD800 && c<0xE000 && TERM ){ \
+ int c2 = (*zIn++); \
+ c2 += ((*zIn++)<<8); \
+ c = (c2&0x03FF) + ((c&0x003F)<<10) + (((c&0x03C0)+0x0040)<<10); \
+ } \
+}
+
+#define READ_UTF16BE(zIn, TERM, c){ \
+ c = ((*zIn++)<<8); \
+ c += (*zIn++); \
+ if( c>=0xD800 && c<0xE000 && TERM ){ \
+ int c2 = ((*zIn++)<<8); \
+ c2 += (*zIn++); \
+ c = (c2&0x03FF) + ((c&0x003F)<<10) + (((c&0x03C0)+0x0040)<<10); \
+ } \
+}
+
+/*
+** Translate a single UTF-8 character. Return the unicode value.
+**
+** During translation, assume that the byte that zTerm points
+** is a 0x00.
+**
+** Write a pointer to the next unread byte back into *pzNext.
+**
+** Notes On Invalid UTF-8:
+**
+** * This routine never allows a 7-bit character (0x00 through 0x7f) to
+** be encoded as a multi-byte character. Any multi-byte character that
+** attempts to encode a value between 0x00 and 0x7f is rendered as 0xfffd.
+**
+** * This routine never allows a UTF16 surrogate value to be encoded.
+** If a multi-byte character attempts to encode a value between
+** 0xd800 and 0xe000 then it is rendered as 0xfffd.
+**
+** * Bytes in the range of 0x80 through 0xbf which occur as the first
+** byte of a character are interpreted as single-byte characters
+** and rendered as themselves even though they are technically
+** invalid characters.
+**
+** * This routine accepts over-length UTF8 encodings
+** for unicode values 0x80 and greater. It does not change over-length
+** encodings to 0xfffd as some systems recommend.
+*/
+#define READ_UTF8(zIn, zTerm, c) \
+ c = *(zIn++); \
+ if( c>=0xc0 ){ \
+ c = sqlite3Utf8Trans1[c-0xc0]; \
+ while( zIn!=zTerm && (*zIn & 0xc0)==0x80 ){ \
+ c = (c<<6) + (0x3f & *(zIn++)); \
+ } \
+ if( c<0x80 \
+ || (c&0xFFFFF800)==0xD800 \
+ || (c&0xFFFFFFFE)==0xFFFE ){ c = 0xFFFD; } \
+ }
+SQLITE_PRIVATE u32 sqlite3Utf8Read(
+ const unsigned char **pz /* Pointer to string from which to read char */
+){
+ unsigned int c;
+
+ /* Same as READ_UTF8() above but without the zTerm parameter.
+ ** For this routine, we assume the UTF8 string is always zero-terminated.
+ */
+ c = *((*pz)++);
+ if( c>=0xc0 ){
+ c = sqlite3Utf8Trans1[c-0xc0];
+ while( (*(*pz) & 0xc0)==0x80 ){
+ c = (c<<6) + (0x3f & *((*pz)++));
+ }
+ if( c<0x80
+ || (c&0xFFFFF800)==0xD800
+ || (c&0xFFFFFFFE)==0xFFFE ){ c = 0xFFFD; }
+ }
+ return c;
+}
+
+
+
+
+/*
+** If the TRANSLATE_TRACE macro is defined, the value of each Mem is
+** printed on stderr on the way into and out of sqlite3VdbeMemTranslate().
+*/
+/* #define TRANSLATE_TRACE 1 */
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** This routine transforms the internal text encoding used by pMem to
+** desiredEnc. It is an error if the string is already of the desired
+** encoding, or if *pMem does not contain a string value.
+*/
+SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3VdbeMemTranslate(Mem *pMem, u8 desiredEnc){
+ int len; /* Maximum length of output string in bytes */
+ unsigned char *zOut; /* Output buffer */
+ unsigned char *zIn; /* Input iterator */
+ unsigned char *zTerm; /* End of input */
+ unsigned char *z; /* Output iterator */
+ unsigned int c;
+
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( pMem->flags&MEM_Str );
+ assert( pMem->enc!=desiredEnc );
+ assert( pMem->enc!=0 );
+ assert( pMem->n>=0 );
+
+#if defined(TRANSLATE_TRACE) && defined(SQLITE_DEBUG)
+ {
+ char zBuf[100];
+ sqlite3VdbeMemPrettyPrint(pMem, zBuf);
+ fprintf(stderr, "INPUT: %s\n", zBuf);
+ }
+#endif
+
+ /* If the translation is between UTF-16 little and big endian, then
+ ** all that is required is to swap the byte order. This case is handled
+ ** differently from the others.
+ */
+ if( pMem->enc!=SQLITE_UTF8 && desiredEnc!=SQLITE_UTF8 ){
+ u8 temp;
+ int rc;
+ rc = sqlite3VdbeMemMakeWriteable(pMem);
+ if( rc!=SQLITE_OK ){
+ assert( rc==SQLITE_NOMEM );
+ return SQLITE_NOMEM;
+ }
+ zIn = (u8*)pMem->z;
+ zTerm = &zIn[pMem->n&~1];
+ while( zIn<zTerm ){
+ temp = *zIn;
+ *zIn = *(zIn+1);
+ zIn++;
+ *zIn++ = temp;
+ }
+ pMem->enc = desiredEnc;
+ goto translate_out;
+ }
+
+ /* Set len to the maximum number of bytes required in the output buffer. */
+ if( desiredEnc==SQLITE_UTF8 ){
+ /* When converting from UTF-16, the maximum growth results from
+ ** translating a 2-byte character to a 4-byte UTF-8 character.
+ ** A single byte is required for the output string
+ ** nul-terminator.
+ */
+ pMem->n &= ~1;
+ len = pMem->n * 2 + 1;
+ }else{
+ /* When converting from UTF-8 to UTF-16 the maximum growth is caused
+ ** when a 1-byte UTF-8 character is translated into a 2-byte UTF-16
+ ** character. Two bytes are required in the output buffer for the
+ ** nul-terminator.
+ */
+ len = pMem->n * 2 + 2;
+ }
+
+ /* Set zIn to point at the start of the input buffer and zTerm to point 1
+ ** byte past the end.
+ **
+ ** Variable zOut is set to point at the output buffer, space obtained
+ ** from sqlite3_malloc().
+ */
+ zIn = (u8*)pMem->z;
+ zTerm = &zIn[pMem->n];
+ zOut = sqlite3DbMallocRaw(pMem->db, len);
+ if( !zOut ){
+ return SQLITE_NOMEM;
+ }
+ z = zOut;
+
+ if( pMem->enc==SQLITE_UTF8 ){
+ if( desiredEnc==SQLITE_UTF16LE ){
+ /* UTF-8 -> UTF-16 Little-endian */
+ while( zIn<zTerm ){
+ READ_UTF8(zIn, zTerm, c);
+ WRITE_UTF16LE(z, c);
+ }
+ }else{
+ assert( desiredEnc==SQLITE_UTF16BE );
+ /* UTF-8 -> UTF-16 Big-endian */
+ while( zIn<zTerm ){
+ READ_UTF8(zIn, zTerm, c);
+ WRITE_UTF16BE(z, c);
+ }
+ }
+ pMem->n = (int)(z - zOut);
+ *z++ = 0;
+ }else{
+ assert( desiredEnc==SQLITE_UTF8 );
+ if( pMem->enc==SQLITE_UTF16LE ){
+ /* UTF-16 Little-endian -> UTF-8 */
+ while( zIn<zTerm ){
+ READ_UTF16LE(zIn, zIn<zTerm, c);
+ WRITE_UTF8(z, c);
+ }
+ }else{
+ /* UTF-16 Big-endian -> UTF-8 */
+ while( zIn<zTerm ){
+ READ_UTF16BE(zIn, zIn<zTerm, c);
+ WRITE_UTF8(z, c);
+ }
+ }
+ pMem->n = (int)(z - zOut);
+ }
+ *z = 0;
+ assert( (pMem->n+(desiredEnc==SQLITE_UTF8?1:2))<=len );
+
+ c = pMem->flags;
+ sqlite3VdbeMemRelease(pMem);
+ pMem->flags = MEM_Str|MEM_Term|(c&MEM_AffMask);
+ pMem->enc = desiredEnc;
+ pMem->z = (char*)zOut;
+ pMem->zMalloc = pMem->z;
+ pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->z);
+
+translate_out:
+#if defined(TRANSLATE_TRACE) && defined(SQLITE_DEBUG)
+ {
+ char zBuf[100];
+ sqlite3VdbeMemPrettyPrint(pMem, zBuf);
+ fprintf(stderr, "OUTPUT: %s\n", zBuf);
+ }
+#endif
+ return SQLITE_OK;
+}
+
+/*
+** This routine checks for a byte-order mark at the beginning of the
+** UTF-16 string stored in *pMem. If one is present, it is removed and
+** the encoding of the Mem adjusted. This routine does not do any
+** byte-swapping, it just sets Mem.enc appropriately.
+**
+** The allocation (static, dynamic etc.) and encoding of the Mem may be
+** changed by this function.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemHandleBom(Mem *pMem){
+ int rc = SQLITE_OK;
+ u8 bom = 0;
+
+ assert( pMem->n>=0 );
+ if( pMem->n>1 ){
+ u8 b1 = *(u8 *)pMem->z;
+ u8 b2 = *(((u8 *)pMem->z) + 1);
+ if( b1==0xFE && b2==0xFF ){
+ bom = SQLITE_UTF16BE;
+ }
+ if( b1==0xFF && b2==0xFE ){
+ bom = SQLITE_UTF16LE;
+ }
+ }
+
+ if( bom ){
+ rc = sqlite3VdbeMemMakeWriteable(pMem);
+ if( rc==SQLITE_OK ){
+ pMem->n -= 2;
+ memmove(pMem->z, &pMem->z[2], pMem->n);
+ pMem->z[pMem->n] = '\0';
+ pMem->z[pMem->n+1] = '\0';
+ pMem->flags |= MEM_Term;
+ pMem->enc = bom;
+ }
+ }
+ return rc;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+/*
+** pZ is a UTF-8 encoded unicode string. If nByte is less than zero,
+** return the number of unicode characters in pZ up to (but not including)
+** the first 0x00 byte. If nByte is not less than zero, return the
+** number of unicode characters in the first nByte of pZ (or up to
+** the first 0x00, whichever comes first).
+*/
+SQLITE_PRIVATE int sqlite3Utf8CharLen(const char *zIn, int nByte){
+ int r = 0;
+ const u8 *z = (const u8*)zIn;
+ const u8 *zTerm;
+ if( nByte>=0 ){
+ zTerm = &z[nByte];
+ }else{
+ zTerm = (const u8*)(-1);
+ }
+ assert( z<=zTerm );
+ while( *z!=0 && z<zTerm ){
+ SQLITE_SKIP_UTF8(z);
+ r++;
+ }
+ return r;
+}
+
+/* This test function is not currently used by the automated test-suite.
+** Hence it is only available in debug builds.
+*/
+#if defined(SQLITE_TEST) && defined(SQLITE_DEBUG)
+/*
+** Translate UTF-8 to UTF-8.
+**
+** This has the effect of making sure that the string is well-formed
+** UTF-8. Miscoded characters are removed.
+**
+** The translation is done in-place and aborted if the output
+** overruns the input.
+*/
+SQLITE_PRIVATE int sqlite3Utf8To8(unsigned char *zIn){
+ unsigned char *zOut = zIn;
+ unsigned char *zStart = zIn;
+ u32 c;
+
+ while( zIn[0] && zOut<=zIn ){
+ c = sqlite3Utf8Read((const u8**)&zIn);
+ if( c!=0xfffd ){
+ WRITE_UTF8(zOut, c);
+ }
+ }
+ *zOut = 0;
+ return (int)(zOut - zStart);
+}
+#endif
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** Convert a UTF-16 string in the native encoding into a UTF-8 string.
+** Memory to hold the UTF-8 string is obtained from sqlite3_malloc and must
+** be freed by the calling function.
+**
+** NULL is returned if there is an allocation error.
+*/
+SQLITE_PRIVATE char *sqlite3Utf16to8(sqlite3 *db, const void *z, int nByte, u8 enc){
+ Mem m;
+ memset(&m, 0, sizeof(m));
+ m.db = db;
+ sqlite3VdbeMemSetStr(&m, z, nByte, enc, SQLITE_STATIC);
+ sqlite3VdbeChangeEncoding(&m, SQLITE_UTF8);
+ if( db->mallocFailed ){
+ sqlite3VdbeMemRelease(&m);
+ m.z = 0;
+ }
+ assert( (m.flags & MEM_Term)!=0 || db->mallocFailed );
+ assert( (m.flags & MEM_Str)!=0 || db->mallocFailed );
+ assert( m.z || db->mallocFailed );
+ return m.z;
+}
+
+/*
+** zIn is a UTF-16 encoded unicode string at least nChar characters long.
+** Return the number of bytes in the first nChar unicode characters
+** in pZ. nChar must be non-negative.
+*/
+SQLITE_PRIVATE int sqlite3Utf16ByteLen(const void *zIn, int nChar){
+ int c;
+ unsigned char const *z = zIn;
+ int n = 0;
+
+ if( SQLITE_UTF16NATIVE==SQLITE_UTF16BE ){
+ while( n<nChar ){
+ READ_UTF16BE(z, 1, c);
+ n++;
+ }
+ }else{
+ while( n<nChar ){
+ READ_UTF16LE(z, 1, c);
+ n++;
+ }
+ }
+ return (int)(z-(unsigned char const *)zIn);
+}
+
+#if defined(SQLITE_TEST)
+/*
+** This routine is called from the TCL test function "translate_selftest".
+** It checks that the primitives for serializing and deserializing
+** characters in each encoding are inverses of each other.
+*/
+SQLITE_PRIVATE void sqlite3UtfSelfTest(void){
+ unsigned int i, t;
+ unsigned char zBuf[20];
+ unsigned char *z;
+ int n;
+ unsigned int c;
+
+ for(i=0; i<0x00110000; i++){
+ z = zBuf;
+ WRITE_UTF8(z, i);
+ n = (int)(z-zBuf);
+ assert( n>0 && n<=4 );
+ z[0] = 0;
+ z = zBuf;
+ c = sqlite3Utf8Read((const u8**)&z);
+ t = i;
+ if( i>=0xD800 && i<=0xDFFF ) t = 0xFFFD;
+ if( (i&0xFFFFFFFE)==0xFFFE ) t = 0xFFFD;
+ assert( c==t );
+ assert( (z-zBuf)==n );
+ }
+ for(i=0; i<0x00110000; i++){
+ if( i>=0xD800 && i<0xE000 ) continue;
+ z = zBuf;
+ WRITE_UTF16LE(z, i);
+ n = (int)(z-zBuf);
+ assert( n>0 && n<=4 );
+ z[0] = 0;
+ z = zBuf;
+ READ_UTF16LE(z, 1, c);
+ assert( c==i );
+ assert( (z-zBuf)==n );
+ }
+ for(i=0; i<0x00110000; i++){
+ if( i>=0xD800 && i<0xE000 ) continue;
+ z = zBuf;
+ WRITE_UTF16BE(z, i);
+ n = (int)(z-zBuf);
+ assert( n>0 && n<=4 );
+ z[0] = 0;
+ z = zBuf;
+ READ_UTF16BE(z, 1, c);
+ assert( c==i );
+ assert( (z-zBuf)==n );
+ }
+}
+#endif /* SQLITE_TEST */
+#endif /* SQLITE_OMIT_UTF16 */
+
+/************** End of utf.c *************************************************/
+/************** Begin file util.c ********************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Utility functions used throughout sqlite.
+**
+** This file contains functions for allocating memory, comparing
+** strings, and stuff like that.
+**
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdarg.h> */
+#if HAVE_ISNAN || SQLITE_HAVE_ISNAN
+# include <math.h>
+#endif
+
+/*
+** Routine needed to support the testcase() macro.
+*/
+#ifdef SQLITE_COVERAGE_TEST
+SQLITE_PRIVATE void sqlite3Coverage(int x){
+ static unsigned dummy = 0;
+ dummy += (unsigned)x;
+}
+#endif
+
+/*
+** Give a callback to the test harness that can be used to simulate faults
+** in places where it is difficult or expensive to do so purely by means
+** of inputs.
+**
+** The intent of the integer argument is to let the fault simulator know
+** which of multiple sqlite3FaultSim() calls has been hit.
+**
+** Return whatever integer value the test callback returns, or return
+** SQLITE_OK if no test callback is installed.
+*/
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+SQLITE_PRIVATE int sqlite3FaultSim(int iTest){
+ int (*xCallback)(int) = sqlite3GlobalConfig.xTestCallback;
+ return xCallback ? xCallback(iTest) : SQLITE_OK;
+}
+#endif
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/*
+** Return true if the floating point value is Not a Number (NaN).
+**
+** Use the math library isnan() function if compiled with SQLITE_HAVE_ISNAN.
+** Otherwise, we have our own implementation that works on most systems.
+*/
+SQLITE_PRIVATE int sqlite3IsNaN(double x){
+ int rc; /* The value return */
+#if !SQLITE_HAVE_ISNAN && !HAVE_ISNAN
+ /*
+ ** Systems that support the isnan() library function should probably
+ ** make use of it by compiling with -DSQLITE_HAVE_ISNAN. But we have
+ ** found that many systems do not have a working isnan() function so
+ ** this implementation is provided as an alternative.
+ **
+ ** This NaN test sometimes fails if compiled on GCC with -ffast-math.
+ ** On the other hand, the use of -ffast-math comes with the following
+ ** warning:
+ **
+ ** This option [-ffast-math] should never be turned on by any
+ ** -O option since it can result in incorrect output for programs
+ ** which depend on an exact implementation of IEEE or ISO
+ ** rules/specifications for math functions.
+ **
+ ** Under MSVC, this NaN test may fail if compiled with a floating-
+ ** point precision mode other than /fp:precise. From the MSDN
+ ** documentation:
+ **
+ ** The compiler [with /fp:precise] will properly handle comparisons
+ ** involving NaN. For example, x != x evaluates to true if x is NaN
+ ** ...
+ */
+#ifdef __FAST_MATH__
+# error SQLite will not work correctly with the -ffast-math option of GCC.
+#endif
+ volatile double y = x;
+ volatile double z = y;
+ rc = (y!=z);
+#else /* if HAVE_ISNAN */
+ rc = isnan(x);
+#endif /* HAVE_ISNAN */
+ testcase( rc );
+ return rc;
+}
+#endif /* SQLITE_OMIT_FLOATING_POINT */
+
+/*
+** Compute a string length that is limited to what can be stored in
+** lower 30 bits of a 32-bit signed integer.
+**
+** The value returned will never be negative. Nor will it ever be greater
+** than the actual length of the string. For very long strings (greater
+** than 1GiB) the value returned might be less than the true string length.
+*/
+SQLITE_PRIVATE int sqlite3Strlen30(const char *z){
+ if( z==0 ) return 0;
+ return 0x3fffffff & (int)strlen(z);
+}
+
+/*
+** Set the current error code to err_code and clear any prior error message.
+*/
+SQLITE_PRIVATE void sqlite3Error(sqlite3 *db, int err_code){
+ assert( db!=0 );
+ db->errCode = err_code;
+ if( db->pErr ) sqlite3ValueSetNull(db->pErr);
+}
+
+/*
+** Set the most recent error code and error string for the sqlite
+** handle "db". The error code is set to "err_code".
+**
+** If it is not NULL, string zFormat specifies the format of the
+** error string in the style of the printf functions: The following
+** format characters are allowed:
+**
+** %s Insert a string
+** %z A string that should be freed after use
+** %d Insert an integer
+** %T Insert a token
+** %S Insert the first element of a SrcList
+**
+** zFormat and any string tokens that follow it are assumed to be
+** encoded in UTF-8.
+**
+** To clear the most recent error for sqlite handle "db", sqlite3Error
+** should be called with err_code set to SQLITE_OK and zFormat set
+** to NULL.
+*/
+SQLITE_PRIVATE void sqlite3ErrorWithMsg(sqlite3 *db, int err_code, const char *zFormat, ...){
+ assert( db!=0 );
+ db->errCode = err_code;
+ if( zFormat==0 ){
+ sqlite3Error(db, err_code);
+ }else if( db->pErr || (db->pErr = sqlite3ValueNew(db))!=0 ){
+ char *z;
+ va_list ap;
+ va_start(ap, zFormat);
+ z = sqlite3VMPrintf(db, zFormat, ap);
+ va_end(ap);
+ sqlite3ValueSetStr(db->pErr, -1, z, SQLITE_UTF8, SQLITE_DYNAMIC);
+ }
+}
+
+/*
+** Add an error message to pParse->zErrMsg and increment pParse->nErr.
+** The following formatting characters are allowed:
+**
+** %s Insert a string
+** %z A string that should be freed after use
+** %d Insert an integer
+** %T Insert a token
+** %S Insert the first element of a SrcList
+**
+** This function should be used to report any error that occurs while
+** compiling an SQL statement (i.e. within sqlite3_prepare()). The
+** last thing the sqlite3_prepare() function does is copy the error
+** stored by this function into the database handle using sqlite3Error().
+** Functions sqlite3Error() or sqlite3ErrorWithMsg() should be used
+** during statement execution (sqlite3_step() etc.).
+*/
+SQLITE_PRIVATE void sqlite3ErrorMsg(Parse *pParse, const char *zFormat, ...){
+ char *zMsg;
+ va_list ap;
+ sqlite3 *db = pParse->db;
+ va_start(ap, zFormat);
+ zMsg = sqlite3VMPrintf(db, zFormat, ap);
+ va_end(ap);
+ if( db->suppressErr ){
+ sqlite3DbFree(db, zMsg);
+ }else{
+ pParse->nErr++;
+ sqlite3DbFree(db, pParse->zErrMsg);
+ pParse->zErrMsg = zMsg;
+ pParse->rc = SQLITE_ERROR;
+ }
+}
+
+/*
+** Convert an SQL-style quoted string into a normal string by removing
+** the quote characters. The conversion is done in-place. If the
+** input does not begin with a quote character, then this routine
+** is a no-op.
+**
+** The input string must be zero-terminated. A new zero-terminator
+** is added to the dequoted string.
+**
+** The return value is -1 if no dequoting occurs or the length of the
+** dequoted string, exclusive of the zero terminator, if dequoting does
+** occur.
+**
+** 2002-Feb-14: This routine is extended to remove MS-Access style
+** brackets from around identifiers. For example: "[a-b-c]" becomes
+** "a-b-c".
+*/
+SQLITE_PRIVATE int sqlite3Dequote(char *z){
+ char quote;
+ int i, j;
+ if( z==0 ) return -1;
+ quote = z[0];
+ switch( quote ){
+ case '\'': break;
+ case '"': break;
+ case '`': break; /* For MySQL compatibility */
+ case '[': quote = ']'; break; /* For MS SqlServer compatibility */
+ default: return -1;
+ }
+ for(i=1, j=0;; i++){
+ assert( z[i] );
+ if( z[i]==quote ){
+ if( z[i+1]==quote ){
+ z[j++] = quote;
+ i++;
+ }else{
+ break;
+ }
+ }else{
+ z[j++] = z[i];
+ }
+ }
+ z[j] = 0;
+ return j;
+}
+
+/* Convenient short-hand */
+#define UpperToLower sqlite3UpperToLower
+
+/*
+** Some systems have stricmp(). Others have strcasecmp(). Because
+** there is no consistency, we will define our own.
+**
+** IMPLEMENTATION-OF: R-30243-02494 The sqlite3_stricmp() and
+** sqlite3_strnicmp() APIs allow applications and extensions to compare
+** the contents of two buffers containing UTF-8 strings in a
+** case-independent fashion, using the same definition of "case
+** independence" that SQLite uses internally when comparing identifiers.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stricmp(const char *zLeft, const char *zRight){
+ register unsigned char *a, *b;
+ if( zLeft==0 ){
+ return zRight ? -1 : 0;
+ }else if( zRight==0 ){
+ return 1;
+ }
+ a = (unsigned char *)zLeft;
+ b = (unsigned char *)zRight;
+ while( *a!=0 && UpperToLower[*a]==UpperToLower[*b]){ a++; b++; }
+ return UpperToLower[*a] - UpperToLower[*b];
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_strnicmp(const char *zLeft, const char *zRight, int N){
+ register unsigned char *a, *b;
+ if( zLeft==0 ){
+ return zRight ? -1 : 0;
+ }else if( zRight==0 ){
+ return 1;
+ }
+ a = (unsigned char *)zLeft;
+ b = (unsigned char *)zRight;
+ while( N-- > 0 && *a!=0 && UpperToLower[*a]==UpperToLower[*b]){ a++; b++; }
+ return N<0 ? 0 : UpperToLower[*a] - UpperToLower[*b];
+}
+
+/*
+** The string z[] is an text representation of a real number.
+** Convert this string to a double and write it into *pResult.
+**
+** The string z[] is length bytes in length (bytes, not characters) and
+** uses the encoding enc. The string is not necessarily zero-terminated.
+**
+** Return TRUE if the result is a valid real number (or integer) and FALSE
+** if the string is empty or contains extraneous text. Valid numbers
+** are in one of these formats:
+**
+** [+-]digits[E[+-]digits]
+** [+-]digits.[digits][E[+-]digits]
+** [+-].digits[E[+-]digits]
+**
+** Leading and trailing whitespace is ignored for the purpose of determining
+** validity.
+**
+** If some prefix of the input string is a valid number, this routine
+** returns FALSE but it still converts the prefix and writes the result
+** into *pResult.
+*/
+SQLITE_PRIVATE int sqlite3AtoF(const char *z, double *pResult, int length, u8 enc){
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ int incr;
+ const char *zEnd = z + length;
+ /* sign * significand * (10 ^ (esign * exponent)) */
+ int sign = 1; /* sign of significand */
+ i64 s = 0; /* significand */
+ int d = 0; /* adjust exponent for shifting decimal point */
+ int esign = 1; /* sign of exponent */
+ int e = 0; /* exponent */
+ int eValid = 1; /* True exponent is either not used or is well-formed */
+ double result;
+ int nDigits = 0;
+ int nonNum = 0;
+
+ assert( enc==SQLITE_UTF8 || enc==SQLITE_UTF16LE || enc==SQLITE_UTF16BE );
+ *pResult = 0.0; /* Default return value, in case of an error */
+
+ if( enc==SQLITE_UTF8 ){
+ incr = 1;
+ }else{
+ int i;
+ incr = 2;
+ assert( SQLITE_UTF16LE==2 && SQLITE_UTF16BE==3 );
+ for(i=3-enc; i<length && z[i]==0; i+=2){}
+ nonNum = i<length;
+ zEnd = z+i+enc-3;
+ z += (enc&1);
+ }
+
+ /* skip leading spaces */
+ while( z<zEnd && sqlite3Isspace(*z) ) z+=incr;
+ if( z>=zEnd ) return 0;
+
+ /* get sign of significand */
+ if( *z=='-' ){
+ sign = -1;
+ z+=incr;
+ }else if( *z=='+' ){
+ z+=incr;
+ }
+
+ /* skip leading zeroes */
+ while( z<zEnd && z[0]=='0' ) z+=incr, nDigits++;
+
+ /* copy max significant digits to significand */
+ while( z<zEnd && sqlite3Isdigit(*z) && s<((LARGEST_INT64-9)/10) ){
+ s = s*10 + (*z - '0');
+ z+=incr, nDigits++;
+ }
+
+ /* skip non-significant significand digits
+ ** (increase exponent by d to shift decimal left) */
+ while( z<zEnd && sqlite3Isdigit(*z) ) z+=incr, nDigits++, d++;
+ if( z>=zEnd ) goto do_atof_calc;
+
+ /* if decimal point is present */
+ if( *z=='.' ){
+ z+=incr;
+ /* copy digits from after decimal to significand
+ ** (decrease exponent by d to shift decimal right) */
+ while( z<zEnd && sqlite3Isdigit(*z) && s<((LARGEST_INT64-9)/10) ){
+ s = s*10 + (*z - '0');
+ z+=incr, nDigits++, d--;
+ }
+ /* skip non-significant digits */
+ while( z<zEnd && sqlite3Isdigit(*z) ) z+=incr, nDigits++;
+ }
+ if( z>=zEnd ) goto do_atof_calc;
+
+ /* if exponent is present */
+ if( *z=='e' || *z=='E' ){
+ z+=incr;
+ eValid = 0;
+ if( z>=zEnd ) goto do_atof_calc;
+ /* get sign of exponent */
+ if( *z=='-' ){
+ esign = -1;
+ z+=incr;
+ }else if( *z=='+' ){
+ z+=incr;
+ }
+ /* copy digits to exponent */
+ while( z<zEnd && sqlite3Isdigit(*z) ){
+ e = e<10000 ? (e*10 + (*z - '0')) : 10000;
+ z+=incr;
+ eValid = 1;
+ }
+ }
+
+ /* skip trailing spaces */
+ if( nDigits && eValid ){
+ while( z<zEnd && sqlite3Isspace(*z) ) z+=incr;
+ }
+
+do_atof_calc:
+ /* adjust exponent by d, and update sign */
+ e = (e*esign) + d;
+ if( e<0 ) {
+ esign = -1;
+ e *= -1;
+ } else {
+ esign = 1;
+ }
+
+ /* if 0 significand */
+ if( !s ) {
+ /* In the IEEE 754 standard, zero is signed.
+ ** Add the sign if we've seen at least one digit */
+ result = (sign<0 && nDigits) ? -(double)0 : (double)0;
+ } else {
+ /* attempt to reduce exponent */
+ if( esign>0 ){
+ while( s<(LARGEST_INT64/10) && e>0 ) e--,s*=10;
+ }else{
+ while( !(s%10) && e>0 ) e--,s/=10;
+ }
+
+ /* adjust the sign of significand */
+ s = sign<0 ? -s : s;
+
+ /* if exponent, scale significand as appropriate
+ ** and store in result. */
+ if( e ){
+ LONGDOUBLE_TYPE scale = 1.0;
+ /* attempt to handle extremely small/large numbers better */
+ if( e>307 && e<342 ){
+ while( e%308 ) { scale *= 1.0e+1; e -= 1; }
+ if( esign<0 ){
+ result = s / scale;
+ result /= 1.0e+308;
+ }else{
+ result = s * scale;
+ result *= 1.0e+308;
+ }
+ }else if( e>=342 ){
+ if( esign<0 ){
+ result = 0.0*s;
+ }else{
+ result = 1e308*1e308*s; /* Infinity */
+ }
+ }else{
+ /* 1.0e+22 is the largest power of 10 than can be
+ ** represented exactly. */
+ while( e%22 ) { scale *= 1.0e+1; e -= 1; }
+ while( e>0 ) { scale *= 1.0e+22; e -= 22; }
+ if( esign<0 ){
+ result = s / scale;
+ }else{
+ result = s * scale;
+ }
+ }
+ } else {
+ result = (double)s;
+ }
+ }
+
+ /* store the result */
+ *pResult = result;
+
+ /* return true if number and no extra non-whitespace chracters after */
+ return z>=zEnd && nDigits>0 && eValid && nonNum==0;
+#else
+ return !sqlite3Atoi64(z, pResult, length, enc);
+#endif /* SQLITE_OMIT_FLOATING_POINT */
+}
+
+/*
+** Compare the 19-character string zNum against the text representation
+** value 2^63: 9223372036854775808. Return negative, zero, or positive
+** if zNum is less than, equal to, or greater than the string.
+** Note that zNum must contain exactly 19 characters.
+**
+** Unlike memcmp() this routine is guaranteed to return the difference
+** in the values of the last digit if the only difference is in the
+** last digit. So, for example,
+**
+** compare2pow63("9223372036854775800", 1)
+**
+** will return -8.
+*/
+static int compare2pow63(const char *zNum, int incr){
+ int c = 0;
+ int i;
+ /* 012345678901234567 */
+ const char *pow63 = "922337203685477580";
+ for(i=0; c==0 && i<18; i++){
+ c = (zNum[i*incr]-pow63[i])*10;
+ }
+ if( c==0 ){
+ c = zNum[18*incr] - '8';
+ testcase( c==(-1) );
+ testcase( c==0 );
+ testcase( c==(+1) );
+ }
+ return c;
+}
+
+/*
+** Convert zNum to a 64-bit signed integer. zNum must be decimal. This
+** routine does *not* accept hexadecimal notation.
+**
+** If the zNum value is representable as a 64-bit twos-complement
+** integer, then write that value into *pNum and return 0.
+**
+** If zNum is exactly 9223372036854775808, return 2. This special
+** case is broken out because while 9223372036854775808 cannot be a
+** signed 64-bit integer, its negative -9223372036854775808 can be.
+**
+** If zNum is too big for a 64-bit integer and is not
+** 9223372036854775808 or if zNum contains any non-numeric text,
+** then return 1.
+**
+** length is the number of bytes in the string (bytes, not characters).
+** The string is not necessarily zero-terminated. The encoding is
+** given by enc.
+*/
+SQLITE_PRIVATE int sqlite3Atoi64(const char *zNum, i64 *pNum, int length, u8 enc){
+ int incr;
+ u64 u = 0;
+ int neg = 0; /* assume positive */
+ int i;
+ int c = 0;
+ int nonNum = 0;
+ const char *zStart;
+ const char *zEnd = zNum + length;
+ assert( enc==SQLITE_UTF8 || enc==SQLITE_UTF16LE || enc==SQLITE_UTF16BE );
+ if( enc==SQLITE_UTF8 ){
+ incr = 1;
+ }else{
+ incr = 2;
+ assert( SQLITE_UTF16LE==2 && SQLITE_UTF16BE==3 );
+ for(i=3-enc; i<length && zNum[i]==0; i+=2){}
+ nonNum = i<length;
+ zEnd = zNum+i+enc-3;
+ zNum += (enc&1);
+ }
+ while( zNum<zEnd && sqlite3Isspace(*zNum) ) zNum+=incr;
+ if( zNum<zEnd ){
+ if( *zNum=='-' ){
+ neg = 1;
+ zNum+=incr;
+ }else if( *zNum=='+' ){
+ zNum+=incr;
+ }
+ }
+ zStart = zNum;
+ while( zNum<zEnd && zNum[0]=='0' ){ zNum+=incr; } /* Skip leading zeros. */
+ for(i=0; &zNum[i]<zEnd && (c=zNum[i])>='0' && c<='9'; i+=incr){
+ u = u*10 + c - '0';
+ }
+ if( u>LARGEST_INT64 ){
+ *pNum = neg ? SMALLEST_INT64 : LARGEST_INT64;
+ }else if( neg ){
+ *pNum = -(i64)u;
+ }else{
+ *pNum = (i64)u;
+ }
+ testcase( i==18 );
+ testcase( i==19 );
+ testcase( i==20 );
+ if( (c!=0 && &zNum[i]<zEnd) || (i==0 && zStart==zNum)
+ || i>19*incr || nonNum ){
+ /* zNum is empty or contains non-numeric text or is longer
+ ** than 19 digits (thus guaranteeing that it is too large) */
+ return 1;
+ }else if( i<19*incr ){
+ /* Less than 19 digits, so we know that it fits in 64 bits */
+ assert( u<=LARGEST_INT64 );
+ return 0;
+ }else{
+ /* zNum is a 19-digit numbers. Compare it against 9223372036854775808. */
+ c = compare2pow63(zNum, incr);
+ if( c<0 ){
+ /* zNum is less than 9223372036854775808 so it fits */
+ assert( u<=LARGEST_INT64 );
+ return 0;
+ }else if( c>0 ){
+ /* zNum is greater than 9223372036854775808 so it overflows */
+ return 1;
+ }else{
+ /* zNum is exactly 9223372036854775808. Fits if negative. The
+ ** special case 2 overflow if positive */
+ assert( u-1==LARGEST_INT64 );
+ return neg ? 0 : 2;
+ }
+ }
+}
+
+/*
+** Transform a UTF-8 integer literal, in either decimal or hexadecimal,
+** into a 64-bit signed integer. This routine accepts hexadecimal literals,
+** whereas sqlite3Atoi64() does not.
+**
+** Returns:
+**
+** 0 Successful transformation. Fits in a 64-bit signed integer.
+** 1 Integer too large for a 64-bit signed integer or is malformed
+** 2 Special case of 9223372036854775808
+*/
+SQLITE_PRIVATE int sqlite3DecOrHexToI64(const char *z, i64 *pOut){
+#ifndef SQLITE_OMIT_HEX_INTEGER
+ if( z[0]=='0'
+ && (z[1]=='x' || z[1]=='X')
+ && sqlite3Isxdigit(z[2])
+ ){
+ u64 u = 0;
+ int i, k;
+ for(i=2; z[i]=='0'; i++){}
+ for(k=i; sqlite3Isxdigit(z[k]); k++){
+ u = u*16 + sqlite3HexToInt(z[k]);
+ }
+ memcpy(pOut, &u, 8);
+ return (z[k]==0 && k-i<=16) ? 0 : 1;
+ }else
+#endif /* SQLITE_OMIT_HEX_INTEGER */
+ {
+ return sqlite3Atoi64(z, pOut, sqlite3Strlen30(z), SQLITE_UTF8);
+ }
+}
+
+/*
+** If zNum represents an integer that will fit in 32-bits, then set
+** *pValue to that integer and return true. Otherwise return false.
+**
+** This routine accepts both decimal and hexadecimal notation for integers.
+**
+** Any non-numeric characters that following zNum are ignored.
+** This is different from sqlite3Atoi64() which requires the
+** input number to be zero-terminated.
+*/
+SQLITE_PRIVATE int sqlite3GetInt32(const char *zNum, int *pValue){
+ sqlite_int64 v = 0;
+ int i, c;
+ int neg = 0;
+ if( zNum[0]=='-' ){
+ neg = 1;
+ zNum++;
+ }else if( zNum[0]=='+' ){
+ zNum++;
+ }
+#ifndef SQLITE_OMIT_HEX_INTEGER
+ else if( zNum[0]=='0'
+ && (zNum[1]=='x' || zNum[1]=='X')
+ && sqlite3Isxdigit(zNum[2])
+ ){
+ u32 u = 0;
+ zNum += 2;
+ while( zNum[0]=='0' ) zNum++;
+ for(i=0; sqlite3Isxdigit(zNum[i]) && i<8; i++){
+ u = u*16 + sqlite3HexToInt(zNum[i]);
+ }
+ if( (u&0x80000000)==0 && sqlite3Isxdigit(zNum[i])==0 ){
+ memcpy(pValue, &u, 4);
+ return 1;
+ }else{
+ return 0;
+ }
+ }
+#endif
+ while( zNum[0]=='0' ) zNum++;
+ for(i=0; i<11 && (c = zNum[i] - '0')>=0 && c<=9; i++){
+ v = v*10 + c;
+ }
+
+ /* The longest decimal representation of a 32 bit integer is 10 digits:
+ **
+ ** 1234567890
+ ** 2^31 -> 2147483648
+ */
+ testcase( i==10 );
+ if( i>10 ){
+ return 0;
+ }
+ testcase( v-neg==2147483647 );
+ if( v-neg>2147483647 ){
+ return 0;
+ }
+ if( neg ){
+ v = -v;
+ }
+ *pValue = (int)v;
+ return 1;
+}
+
+/*
+** Return a 32-bit integer value extracted from a string. If the
+** string is not an integer, just return 0.
+*/
+SQLITE_PRIVATE int sqlite3Atoi(const char *z){
+ int x = 0;
+ if( z ) sqlite3GetInt32(z, &x);
+ return x;
+}
+
+/*
+** The variable-length integer encoding is as follows:
+**
+** KEY:
+** A = 0xxxxxxx 7 bits of data and one flag bit
+** B = 1xxxxxxx 7 bits of data and one flag bit
+** C = xxxxxxxx 8 bits of data
+**
+** 7 bits - A
+** 14 bits - BA
+** 21 bits - BBA
+** 28 bits - BBBA
+** 35 bits - BBBBA
+** 42 bits - BBBBBA
+** 49 bits - BBBBBBA
+** 56 bits - BBBBBBBA
+** 64 bits - BBBBBBBBC
+*/
+
+/*
+** Write a 64-bit variable-length integer to memory starting at p[0].
+** The length of data write will be between 1 and 9 bytes. The number
+** of bytes written is returned.
+**
+** A variable-length integer consists of the lower 7 bits of each byte
+** for all bytes that have the 8th bit set and one byte with the 8th
+** bit clear. Except, if we get to the 9th byte, it stores the full
+** 8 bits and is the last byte.
+*/
+static int SQLITE_NOINLINE putVarint64(unsigned char *p, u64 v){
+ int i, j, n;
+ u8 buf[10];
+ if( v & (((u64)0xff000000)<<32) ){
+ p[8] = (u8)v;
+ v >>= 8;
+ for(i=7; i>=0; i--){
+ p[i] = (u8)((v & 0x7f) | 0x80);
+ v >>= 7;
+ }
+ return 9;
+ }
+ n = 0;
+ do{
+ buf[n++] = (u8)((v & 0x7f) | 0x80);
+ v >>= 7;
+ }while( v!=0 );
+ buf[0] &= 0x7f;
+ assert( n<=9 );
+ for(i=0, j=n-1; j>=0; j--, i++){
+ p[i] = buf[j];
+ }
+ return n;
+}
+SQLITE_PRIVATE int sqlite3PutVarint(unsigned char *p, u64 v){
+ if( v<=0x7f ){
+ p[0] = v&0x7f;
+ return 1;
+ }
+ if( v<=0x3fff ){
+ p[0] = ((v>>7)&0x7f)|0x80;
+ p[1] = v&0x7f;
+ return 2;
+ }
+ return putVarint64(p,v);
+}
+
+/*
+** Bitmasks used by sqlite3GetVarint(). These precomputed constants
+** are defined here rather than simply putting the constant expressions
+** inline in order to work around bugs in the RVT compiler.
+**
+** SLOT_2_0 A mask for (0x7f<<14) | 0x7f
+**
+** SLOT_4_2_0 A mask for (0x7f<<28) | SLOT_2_0
+*/
+#define SLOT_2_0 0x001fc07f
+#define SLOT_4_2_0 0xf01fc07f
+
+
+/*
+** Read a 64-bit variable-length integer from memory starting at p[0].
+** Return the number of bytes read. The value is stored in *v.
+*/
+SQLITE_PRIVATE u8 sqlite3GetVarint(const unsigned char *p, u64 *v){
+ u32 a,b,s;
+
+ a = *p;
+ /* a: p0 (unmasked) */
+ if (!(a&0x80))
+ {
+ *v = a;
+ return 1;
+ }
+
+ p++;
+ b = *p;
+ /* b: p1 (unmasked) */
+ if (!(b&0x80))
+ {
+ a &= 0x7f;
+ a = a<<7;
+ a |= b;
+ *v = a;
+ return 2;
+ }
+
+ /* Verify that constants are precomputed correctly */
+ assert( SLOT_2_0 == ((0x7f<<14) | (0x7f)) );
+ assert( SLOT_4_2_0 == ((0xfU<<28) | (0x7f<<14) | (0x7f)) );
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<14 | p2 (unmasked) */
+ if (!(a&0x80))
+ {
+ a &= SLOT_2_0;
+ b &= 0x7f;
+ b = b<<7;
+ a |= b;
+ *v = a;
+ return 3;
+ }
+
+ /* CSE1 from below */
+ a &= SLOT_2_0;
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p1<<14 | p3 (unmasked) */
+ if (!(b&0x80))
+ {
+ b &= SLOT_2_0;
+ /* moved CSE1 up */
+ /* a &= (0x7f<<14)|(0x7f); */
+ a = a<<7;
+ a |= b;
+ *v = a;
+ return 4;
+ }
+
+ /* a: p0<<14 | p2 (masked) */
+ /* b: p1<<14 | p3 (unmasked) */
+ /* 1:save off p0<<21 | p1<<14 | p2<<7 | p3 (masked) */
+ /* moved CSE1 up */
+ /* a &= (0x7f<<14)|(0x7f); */
+ b &= SLOT_2_0;
+ s = a;
+ /* s: p0<<14 | p2 (masked) */
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<28 | p2<<14 | p4 (unmasked) */
+ if (!(a&0x80))
+ {
+ /* we can skip these cause they were (effectively) done above
+ ** while calculating s */
+ /* a &= (0x7f<<28)|(0x7f<<14)|(0x7f); */
+ /* b &= (0x7f<<14)|(0x7f); */
+ b = b<<7;
+ a |= b;
+ s = s>>18;
+ *v = ((u64)s)<<32 | a;
+ return 5;
+ }
+
+ /* 2:save off p0<<21 | p1<<14 | p2<<7 | p3 (masked) */
+ s = s<<7;
+ s |= b;
+ /* s: p0<<21 | p1<<14 | p2<<7 | p3 (masked) */
+
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p1<<28 | p3<<14 | p5 (unmasked) */
+ if (!(b&0x80))
+ {
+ /* we can skip this cause it was (effectively) done above in calc'ing s */
+ /* b &= (0x7f<<28)|(0x7f<<14)|(0x7f); */
+ a &= SLOT_2_0;
+ a = a<<7;
+ a |= b;
+ s = s>>18;
+ *v = ((u64)s)<<32 | a;
+ return 6;
+ }
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p2<<28 | p4<<14 | p6 (unmasked) */
+ if (!(a&0x80))
+ {
+ a &= SLOT_4_2_0;
+ b &= SLOT_2_0;
+ b = b<<7;
+ a |= b;
+ s = s>>11;
+ *v = ((u64)s)<<32 | a;
+ return 7;
+ }
+
+ /* CSE2 from below */
+ a &= SLOT_2_0;
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p3<<28 | p5<<14 | p7 (unmasked) */
+ if (!(b&0x80))
+ {
+ b &= SLOT_4_2_0;
+ /* moved CSE2 up */
+ /* a &= (0x7f<<14)|(0x7f); */
+ a = a<<7;
+ a |= b;
+ s = s>>4;
+ *v = ((u64)s)<<32 | a;
+ return 8;
+ }
+
+ p++;
+ a = a<<15;
+ a |= *p;
+ /* a: p4<<29 | p6<<15 | p8 (unmasked) */
+
+ /* moved CSE2 up */
+ /* a &= (0x7f<<29)|(0x7f<<15)|(0xff); */
+ b &= SLOT_2_0;
+ b = b<<8;
+ a |= b;
+
+ s = s<<4;
+ b = p[-4];
+ b &= 0x7f;
+ b = b>>3;
+ s |= b;
+
+ *v = ((u64)s)<<32 | a;
+
+ return 9;
+}
+
+/*
+** Read a 32-bit variable-length integer from memory starting at p[0].
+** Return the number of bytes read. The value is stored in *v.
+**
+** If the varint stored in p[0] is larger than can fit in a 32-bit unsigned
+** integer, then set *v to 0xffffffff.
+**
+** A MACRO version, getVarint32, is provided which inlines the
+** single-byte case. All code should use the MACRO version as
+** this function assumes the single-byte case has already been handled.
+*/
+SQLITE_PRIVATE u8 sqlite3GetVarint32(const unsigned char *p, u32 *v){
+ u32 a,b;
+
+ /* The 1-byte case. Overwhelmingly the most common. Handled inline
+ ** by the getVarin32() macro */
+ a = *p;
+ /* a: p0 (unmasked) */
+#ifndef getVarint32
+ if (!(a&0x80))
+ {
+ /* Values between 0 and 127 */
+ *v = a;
+ return 1;
+ }
+#endif
+
+ /* The 2-byte case */
+ p++;
+ b = *p;
+ /* b: p1 (unmasked) */
+ if (!(b&0x80))
+ {
+ /* Values between 128 and 16383 */
+ a &= 0x7f;
+ a = a<<7;
+ *v = a | b;
+ return 2;
+ }
+
+ /* The 3-byte case */
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<14 | p2 (unmasked) */
+ if (!(a&0x80))
+ {
+ /* Values between 16384 and 2097151 */
+ a &= (0x7f<<14)|(0x7f);
+ b &= 0x7f;
+ b = b<<7;
+ *v = a | b;
+ return 3;
+ }
+
+ /* A 32-bit varint is used to store size information in btrees.
+ ** Objects are rarely larger than 2MiB limit of a 3-byte varint.
+ ** A 3-byte varint is sufficient, for example, to record the size
+ ** of a 1048569-byte BLOB or string.
+ **
+ ** We only unroll the first 1-, 2-, and 3- byte cases. The very
+ ** rare larger cases can be handled by the slower 64-bit varint
+ ** routine.
+ */
+#if 1
+ {
+ u64 v64;
+ u8 n;
+
+ p -= 2;
+ n = sqlite3GetVarint(p, &v64);
+ assert( n>3 && n<=9 );
+ if( (v64 & SQLITE_MAX_U32)!=v64 ){
+ *v = 0xffffffff;
+ }else{
+ *v = (u32)v64;
+ }
+ return n;
+ }
+
+#else
+ /* For following code (kept for historical record only) shows an
+ ** unrolling for the 3- and 4-byte varint cases. This code is
+ ** slightly faster, but it is also larger and much harder to test.
+ */
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p1<<14 | p3 (unmasked) */
+ if (!(b&0x80))
+ {
+ /* Values between 2097152 and 268435455 */
+ b &= (0x7f<<14)|(0x7f);
+ a &= (0x7f<<14)|(0x7f);
+ a = a<<7;
+ *v = a | b;
+ return 4;
+ }
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<28 | p2<<14 | p4 (unmasked) */
+ if (!(a&0x80))
+ {
+ /* Values between 268435456 and 34359738367 */
+ a &= SLOT_4_2_0;
+ b &= SLOT_4_2_0;
+ b = b<<7;
+ *v = a | b;
+ return 5;
+ }
+
+ /* We can only reach this point when reading a corrupt database
+ ** file. In that case we are not in any hurry. Use the (relatively
+ ** slow) general-purpose sqlite3GetVarint() routine to extract the
+ ** value. */
+ {
+ u64 v64;
+ u8 n;
+
+ p -= 4;
+ n = sqlite3GetVarint(p, &v64);
+ assert( n>5 && n<=9 );
+ *v = (u32)v64;
+ return n;
+ }
+#endif
+}
+
+/*
+** Return the number of bytes that will be needed to store the given
+** 64-bit integer.
+*/
+SQLITE_PRIVATE int sqlite3VarintLen(u64 v){
+ int i;
+ for(i=1; (v >>= 7)!=0; i++){ assert( i<9 ); }
+ return i;
+}
+
+
+/*
+** Read or write a four-byte big-endian integer value.
+*/
+SQLITE_PRIVATE u32 sqlite3Get4byte(const u8 *p){
+#if SQLITE_BYTEORDER==4321
+ u32 x;
+ memcpy(&x,p,4);
+ return x;
+#elif SQLITE_BYTEORDER==1234 && !defined(SQLITE_DISABLE_INTRINSIC) \
+ && defined(__GNUC__) && GCC_VERSION>=4003000
+ u32 x;
+ memcpy(&x,p,4);
+ return __builtin_bswap32(x);
+#elif SQLITE_BYTEORDER==1234 && !defined(SQLITE_DISABLE_INTRINSIC) \
+ && defined(_MSC_VER) && _MSC_VER>=1300
+ u32 x;
+ memcpy(&x,p,4);
+ return _byteswap_ulong(x);
+#else
+ testcase( p[0]&0x80 );
+ return ((unsigned)p[0]<<24) | (p[1]<<16) | (p[2]<<8) | p[3];
+#endif
+}
+SQLITE_PRIVATE void sqlite3Put4byte(unsigned char *p, u32 v){
+#if SQLITE_BYTEORDER==4321
+ memcpy(p,&v,4);
+#elif SQLITE_BYTEORDER==1234 && defined(__GNUC__) && GCC_VERSION>=4003000
+ u32 x = __builtin_bswap32(v);
+ memcpy(p,&x,4);
+#elif SQLITE_BYTEORDER==1234 && defined(_MSC_VER) && _MSC_VER>=1300
+ u32 x = _byteswap_ulong(v);
+ memcpy(p,&x,4);
+#else
+ p[0] = (u8)(v>>24);
+ p[1] = (u8)(v>>16);
+ p[2] = (u8)(v>>8);
+ p[3] = (u8)v;
+#endif
+}
+
+
+
+/*
+** Translate a single byte of Hex into an integer.
+** This routine only works if h really is a valid hexadecimal
+** character: 0..9a..fA..F
+*/
+SQLITE_PRIVATE u8 sqlite3HexToInt(int h){
+ assert( (h>='0' && h<='9') || (h>='a' && h<='f') || (h>='A' && h<='F') );
+#ifdef SQLITE_ASCII
+ h += 9*(1&(h>>6));
+#endif
+#ifdef SQLITE_EBCDIC
+ h += 9*(1&~(h>>4));
+#endif
+ return (u8)(h & 0xf);
+}
+
+#if !defined(SQLITE_OMIT_BLOB_LITERAL) || defined(SQLITE_HAS_CODEC)
+/*
+** Convert a BLOB literal of the form "x'hhhhhh'" into its binary
+** value. Return a pointer to its binary value. Space to hold the
+** binary value has been obtained from malloc and must be freed by
+** the calling routine.
+*/
+SQLITE_PRIVATE void *sqlite3HexToBlob(sqlite3 *db, const char *z, int n){
+ char *zBlob;
+ int i;
+
+ zBlob = (char *)sqlite3DbMallocRaw(db, n/2 + 1);
+ n--;
+ if( zBlob ){
+ for(i=0; i<n; i+=2){
+ zBlob[i/2] = (sqlite3HexToInt(z[i])<<4) | sqlite3HexToInt(z[i+1]);
+ }
+ zBlob[i/2] = 0;
+ }
+ return zBlob;
+}
+#endif /* !SQLITE_OMIT_BLOB_LITERAL || SQLITE_HAS_CODEC */
+
+/*
+** Log an error that is an API call on a connection pointer that should
+** not have been used. The "type" of connection pointer is given as the
+** argument. The zType is a word like "NULL" or "closed" or "invalid".
+*/
+static void logBadConnection(const char *zType){
+ sqlite3_log(SQLITE_MISUSE,
+ "API call with %s database connection pointer",
+ zType
+ );
+}
+
+/*
+** Check to make sure we have a valid db pointer. This test is not
+** foolproof but it does provide some measure of protection against
+** misuse of the interface such as passing in db pointers that are
+** NULL or which have been previously closed. If this routine returns
+** 1 it means that the db pointer is valid and 0 if it should not be
+** dereferenced for any reason. The calling function should invoke
+** SQLITE_MISUSE immediately.
+**
+** sqlite3SafetyCheckOk() requires that the db pointer be valid for
+** use. sqlite3SafetyCheckSickOrOk() allows a db pointer that failed to
+** open properly and is not fit for general use but which can be
+** used as an argument to sqlite3_errmsg() or sqlite3_close().
+*/
+SQLITE_PRIVATE int sqlite3SafetyCheckOk(sqlite3 *db){
+ u32 magic;
+ if( db==0 ){
+ logBadConnection("NULL");
+ return 0;
+ }
+ magic = db->magic;
+ if( magic!=SQLITE_MAGIC_OPEN ){
+ if( sqlite3SafetyCheckSickOrOk(db) ){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ logBadConnection("unopened");
+ }
+ return 0;
+ }else{
+ return 1;
+ }
+}
+SQLITE_PRIVATE int sqlite3SafetyCheckSickOrOk(sqlite3 *db){
+ u32 magic;
+ magic = db->magic;
+ if( magic!=SQLITE_MAGIC_SICK &&
+ magic!=SQLITE_MAGIC_OPEN &&
+ magic!=SQLITE_MAGIC_BUSY ){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ logBadConnection("invalid");
+ return 0;
+ }else{
+ return 1;
+ }
+}
+
+/*
+** Attempt to add, substract, or multiply the 64-bit signed value iB against
+** the other 64-bit signed integer at *pA and store the result in *pA.
+** Return 0 on success. Or if the operation would have resulted in an
+** overflow, leave *pA unchanged and return 1.
+*/
+SQLITE_PRIVATE int sqlite3AddInt64(i64 *pA, i64 iB){
+ i64 iA = *pA;
+ testcase( iA==0 ); testcase( iA==1 );
+ testcase( iB==-1 ); testcase( iB==0 );
+ if( iB>=0 ){
+ testcase( iA>0 && LARGEST_INT64 - iA == iB );
+ testcase( iA>0 && LARGEST_INT64 - iA == iB - 1 );
+ if( iA>0 && LARGEST_INT64 - iA < iB ) return 1;
+ }else{
+ testcase( iA<0 && -(iA + LARGEST_INT64) == iB + 1 );
+ testcase( iA<0 && -(iA + LARGEST_INT64) == iB + 2 );
+ if( iA<0 && -(iA + LARGEST_INT64) > iB + 1 ) return 1;
+ }
+ *pA += iB;
+ return 0;
+}
+SQLITE_PRIVATE int sqlite3SubInt64(i64 *pA, i64 iB){
+ testcase( iB==SMALLEST_INT64+1 );
+ if( iB==SMALLEST_INT64 ){
+ testcase( (*pA)==(-1) ); testcase( (*pA)==0 );
+ if( (*pA)>=0 ) return 1;
+ *pA -= iB;
+ return 0;
+ }else{
+ return sqlite3AddInt64(pA, -iB);
+ }
+}
+#define TWOPOWER32 (((i64)1)<<32)
+#define TWOPOWER31 (((i64)1)<<31)
+SQLITE_PRIVATE int sqlite3MulInt64(i64 *pA, i64 iB){
+ i64 iA = *pA;
+ i64 iA1, iA0, iB1, iB0, r;
+
+ iA1 = iA/TWOPOWER32;
+ iA0 = iA % TWOPOWER32;
+ iB1 = iB/TWOPOWER32;
+ iB0 = iB % TWOPOWER32;
+ if( iA1==0 ){
+ if( iB1==0 ){
+ *pA *= iB;
+ return 0;
+ }
+ r = iA0*iB1;
+ }else if( iB1==0 ){
+ r = iA1*iB0;
+ }else{
+ /* If both iA1 and iB1 are non-zero, overflow will result */
+ return 1;
+ }
+ testcase( r==(-TWOPOWER31)-1 );
+ testcase( r==(-TWOPOWER31) );
+ testcase( r==TWOPOWER31 );
+ testcase( r==TWOPOWER31-1 );
+ if( r<(-TWOPOWER31) || r>=TWOPOWER31 ) return 1;
+ r *= TWOPOWER32;
+ if( sqlite3AddInt64(&r, iA0*iB0) ) return 1;
+ *pA = r;
+ return 0;
+}
+
+/*
+** Compute the absolute value of a 32-bit signed integer, of possible. Or
+** if the integer has a value of -2147483648, return +2147483647
+*/
+SQLITE_PRIVATE int sqlite3AbsInt32(int x){
+ if( x>=0 ) return x;
+ if( x==(int)0x80000000 ) return 0x7fffffff;
+ return -x;
+}
+
+#ifdef SQLITE_ENABLE_8_3_NAMES
+/*
+** If SQLITE_ENABLE_8_3_NAMES is set at compile-time and if the database
+** filename in zBaseFilename is a URI with the "8_3_names=1" parameter and
+** if filename in z[] has a suffix (a.k.a. "extension") that is longer than
+** three characters, then shorten the suffix on z[] to be the last three
+** characters of the original suffix.
+**
+** If SQLITE_ENABLE_8_3_NAMES is set to 2 at compile-time, then always
+** do the suffix shortening regardless of URI parameter.
+**
+** Examples:
+**
+** test.db-journal => test.nal
+** test.db-wal => test.wal
+** test.db-shm => test.shm
+** test.db-mj7f3319fa => test.9fa
+*/
+SQLITE_PRIVATE void sqlite3FileSuffix3(const char *zBaseFilename, char *z){
+#if SQLITE_ENABLE_8_3_NAMES<2
+ if( sqlite3_uri_boolean(zBaseFilename, "8_3_names", 0) )
+#endif
+ {
+ int i, sz;
+ sz = sqlite3Strlen30(z);
+ for(i=sz-1; i>0 && z[i]!='/' && z[i]!='.'; i--){}
+ if( z[i]=='.' && ALWAYS(sz>i+4) ) memmove(&z[i+1], &z[sz-3], 4);
+ }
+}
+#endif
+
+/*
+** Find (an approximate) sum of two LogEst values. This computation is
+** not a simple "+" operator because LogEst is stored as a logarithmic
+** value.
+**
+*/
+SQLITE_PRIVATE LogEst sqlite3LogEstAdd(LogEst a, LogEst b){
+ static const unsigned char x[] = {
+ 10, 10, /* 0,1 */
+ 9, 9, /* 2,3 */
+ 8, 8, /* 4,5 */
+ 7, 7, 7, /* 6,7,8 */
+ 6, 6, 6, /* 9,10,11 */
+ 5, 5, 5, /* 12-14 */
+ 4, 4, 4, 4, /* 15-18 */
+ 3, 3, 3, 3, 3, 3, /* 19-24 */
+ 2, 2, 2, 2, 2, 2, 2, /* 25-31 */
+ };
+ if( a>=b ){
+ if( a>b+49 ) return a;
+ if( a>b+31 ) return a+1;
+ return a+x[a-b];
+ }else{
+ if( b>a+49 ) return b;
+ if( b>a+31 ) return b+1;
+ return b+x[b-a];
+ }
+}
+
+/*
+** Convert an integer into a LogEst. In other words, compute an
+** approximation for 10*log2(x).
+*/
+SQLITE_PRIVATE LogEst sqlite3LogEst(u64 x){
+ static LogEst a[] = { 0, 2, 3, 5, 6, 7, 8, 9 };
+ LogEst y = 40;
+ if( x<8 ){
+ if( x<2 ) return 0;
+ while( x<8 ){ y -= 10; x <<= 1; }
+ }else{
+ while( x>255 ){ y += 40; x >>= 4; }
+ while( x>15 ){ y += 10; x >>= 1; }
+ }
+ return a[x&7] + y - 10;
+}
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Convert a double into a LogEst
+** In other words, compute an approximation for 10*log2(x).
+*/
+SQLITE_PRIVATE LogEst sqlite3LogEstFromDouble(double x){
+ u64 a;
+ LogEst e;
+ assert( sizeof(x)==8 && sizeof(a)==8 );
+ if( x<=1 ) return 0;
+ if( x<=2000000000 ) return sqlite3LogEst((u64)x);
+ memcpy(&a, &x, 8);
+ e = (a>>52) - 1022;
+ return e*10;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/*
+** Convert a LogEst into an integer.
+*/
+SQLITE_PRIVATE u64 sqlite3LogEstToInt(LogEst x){
+ u64 n;
+ if( x<10 ) return 1;
+ n = x%10;
+ x /= 10;
+ if( n>=5 ) n -= 2;
+ else if( n>=1 ) n -= 1;
+ if( x>=3 ){
+ return x>60 ? (u64)LARGEST_INT64 : (n+8)<<(x-3);
+ }
+ return (n+8)>>(3-x);
+}
+
+/************** End of util.c ************************************************/
+/************** Begin file hash.c ********************************************/
+/*
+** 2001 September 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This is the implementation of generic hash-tables
+** used in SQLite.
+*/
+/* #include "sqliteInt.h" */
+/* #include <assert.h> */
+
+/* Turn bulk memory into a hash table object by initializing the
+** fields of the Hash structure.
+**
+** "pNew" is a pointer to the hash table that is to be initialized.
+*/
+SQLITE_PRIVATE void sqlite3HashInit(Hash *pNew){
+ assert( pNew!=0 );
+ pNew->first = 0;
+ pNew->count = 0;
+ pNew->htsize = 0;
+ pNew->ht = 0;
+}
+
+/* Remove all entries from a hash table. Reclaim all memory.
+** Call this routine to delete a hash table or to reset a hash table
+** to the empty state.
+*/
+SQLITE_PRIVATE void sqlite3HashClear(Hash *pH){
+ HashElem *elem; /* For looping over all elements of the table */
+
+ assert( pH!=0 );
+ elem = pH->first;
+ pH->first = 0;
+ sqlite3_free(pH->ht);
+ pH->ht = 0;
+ pH->htsize = 0;
+ while( elem ){
+ HashElem *next_elem = elem->next;
+ sqlite3_free(elem);
+ elem = next_elem;
+ }
+ pH->count = 0;
+}
+
+/*
+** The hashing function.
+*/
+static unsigned int strHash(const char *z){
+ unsigned int h = 0;
+ unsigned char c;
+ while( (c = (unsigned char)*z++)!=0 ){
+ h = (h<<3) ^ h ^ sqlite3UpperToLower[c];
+ }
+ return h;
+}
+
+
+/* Link pNew element into the hash table pH. If pEntry!=0 then also
+** insert pNew into the pEntry hash bucket.
+*/
+static void insertElement(
+ Hash *pH, /* The complete hash table */
+ struct _ht *pEntry, /* The entry into which pNew is inserted */
+ HashElem *pNew /* The element to be inserted */
+){
+ HashElem *pHead; /* First element already in pEntry */
+ if( pEntry ){
+ pHead = pEntry->count ? pEntry->chain : 0;
+ pEntry->count++;
+ pEntry->chain = pNew;
+ }else{
+ pHead = 0;
+ }
+ if( pHead ){
+ pNew->next = pHead;
+ pNew->prev = pHead->prev;
+ if( pHead->prev ){ pHead->prev->next = pNew; }
+ else { pH->first = pNew; }
+ pHead->prev = pNew;
+ }else{
+ pNew->next = pH->first;
+ if( pH->first ){ pH->first->prev = pNew; }
+ pNew->prev = 0;
+ pH->first = pNew;
+ }
+}
+
+
+/* Resize the hash table so that it cantains "new_size" buckets.
+**
+** The hash table might fail to resize if sqlite3_malloc() fails or
+** if the new size is the same as the prior size.
+** Return TRUE if the resize occurs and false if not.
+*/
+static int rehash(Hash *pH, unsigned int new_size){
+ struct _ht *new_ht; /* The new hash table */
+ HashElem *elem, *next_elem; /* For looping over existing elements */
+
+#if SQLITE_MALLOC_SOFT_LIMIT>0
+ if( new_size*sizeof(struct _ht)>SQLITE_MALLOC_SOFT_LIMIT ){
+ new_size = SQLITE_MALLOC_SOFT_LIMIT/sizeof(struct _ht);
+ }
+ if( new_size==pH->htsize ) return 0;
+#endif
+
+ /* The inability to allocates space for a larger hash table is
+ ** a performance hit but it is not a fatal error. So mark the
+ ** allocation as a benign. Use sqlite3Malloc()/memset(0) instead of
+ ** sqlite3MallocZero() to make the allocation, as sqlite3MallocZero()
+ ** only zeroes the requested number of bytes whereas this module will
+ ** use the actual amount of space allocated for the hash table (which
+ ** may be larger than the requested amount).
+ */
+ sqlite3BeginBenignMalloc();
+ new_ht = (struct _ht *)sqlite3Malloc( new_size*sizeof(struct _ht) );
+ sqlite3EndBenignMalloc();
+
+ if( new_ht==0 ) return 0;
+ sqlite3_free(pH->ht);
+ pH->ht = new_ht;
+ pH->htsize = new_size = sqlite3MallocSize(new_ht)/sizeof(struct _ht);
+ memset(new_ht, 0, new_size*sizeof(struct _ht));
+ for(elem=pH->first, pH->first=0; elem; elem = next_elem){
+ unsigned int h = strHash(elem->pKey) % new_size;
+ next_elem = elem->next;
+ insertElement(pH, &new_ht[h], elem);
+ }
+ return 1;
+}
+
+/* This function (for internal use only) locates an element in an
+** hash table that matches the given key. The hash for this key is
+** also computed and returned in the *pH parameter.
+*/
+static HashElem *findElementWithHash(
+ const Hash *pH, /* The pH to be searched */
+ const char *pKey, /* The key we are searching for */
+ unsigned int *pHash /* Write the hash value here */
+){
+ HashElem *elem; /* Used to loop thru the element list */
+ int count; /* Number of elements left to test */
+ unsigned int h; /* The computed hash */
+
+ if( pH->ht ){
+ struct _ht *pEntry;
+ h = strHash(pKey) % pH->htsize;
+ pEntry = &pH->ht[h];
+ elem = pEntry->chain;
+ count = pEntry->count;
+ }else{
+ h = 0;
+ elem = pH->first;
+ count = pH->count;
+ }
+ *pHash = h;
+ while( count-- ){
+ assert( elem!=0 );
+ if( sqlite3StrICmp(elem->pKey,pKey)==0 ){
+ return elem;
+ }
+ elem = elem->next;
+ }
+ return 0;
+}
+
+/* Remove a single entry from the hash table given a pointer to that
+** element and a hash on the element's key.
+*/
+static void removeElementGivenHash(
+ Hash *pH, /* The pH containing "elem" */
+ HashElem* elem, /* The element to be removed from the pH */
+ unsigned int h /* Hash value for the element */
+){
+ struct _ht *pEntry;
+ if( elem->prev ){
+ elem->prev->next = elem->next;
+ }else{
+ pH->first = elem->next;
+ }
+ if( elem->next ){
+ elem->next->prev = elem->prev;
+ }
+ if( pH->ht ){
+ pEntry = &pH->ht[h];
+ if( pEntry->chain==elem ){
+ pEntry->chain = elem->next;
+ }
+ pEntry->count--;
+ assert( pEntry->count>=0 );
+ }
+ sqlite3_free( elem );
+ pH->count--;
+ if( pH->count==0 ){
+ assert( pH->first==0 );
+ assert( pH->count==0 );
+ sqlite3HashClear(pH);
+ }
+}
+
+/* Attempt to locate an element of the hash table pH with a key
+** that matches pKey. Return the data for this element if it is
+** found, or NULL if there is no match.
+*/
+SQLITE_PRIVATE void *sqlite3HashFind(const Hash *pH, const char *pKey){
+ HashElem *elem; /* The element that matches key */
+ unsigned int h; /* A hash on key */
+
+ assert( pH!=0 );
+ assert( pKey!=0 );
+ elem = findElementWithHash(pH, pKey, &h);
+ return elem ? elem->data : 0;
+}
+
+/* Insert an element into the hash table pH. The key is pKey
+** and the data is "data".
+**
+** If no element exists with a matching key, then a new
+** element is created and NULL is returned.
+**
+** If another element already exists with the same key, then the
+** new data replaces the old data and the old data is returned.
+** The key is not copied in this instance. If a malloc fails, then
+** the new data is returned and the hash table is unchanged.
+**
+** If the "data" parameter to this function is NULL, then the
+** element corresponding to "key" is removed from the hash table.
+*/
+SQLITE_PRIVATE void *sqlite3HashInsert(Hash *pH, const char *pKey, void *data){
+ unsigned int h; /* the hash of the key modulo hash table size */
+ HashElem *elem; /* Used to loop thru the element list */
+ HashElem *new_elem; /* New element added to the pH */
+
+ assert( pH!=0 );
+ assert( pKey!=0 );
+ elem = findElementWithHash(pH,pKey,&h);
+ if( elem ){
+ void *old_data = elem->data;
+ if( data==0 ){
+ removeElementGivenHash(pH,elem,h);
+ }else{
+ elem->data = data;
+ elem->pKey = pKey;
+ }
+ return old_data;
+ }
+ if( data==0 ) return 0;
+ new_elem = (HashElem*)sqlite3Malloc( sizeof(HashElem) );
+ if( new_elem==0 ) return data;
+ new_elem->pKey = pKey;
+ new_elem->data = data;
+ pH->count++;
+ if( pH->count>=10 && pH->count > 2*pH->htsize ){
+ if( rehash(pH, pH->count*2) ){
+ assert( pH->htsize>0 );
+ h = strHash(pKey) % pH->htsize;
+ }
+ }
+ insertElement(pH, pH->ht ? &pH->ht[h] : 0, new_elem);
+ return 0;
+}
+
+/************** End of hash.c ************************************************/
+/************** Begin file opcodes.c *****************************************/
+/* Automatically generated. Do not edit */
+/* See the tool/mkopcodec.tcl script for details. */
+#if !defined(SQLITE_OMIT_EXPLAIN) \
+ || defined(VDBE_PROFILE) \
+ || defined(SQLITE_DEBUG)
+#if defined(SQLITE_ENABLE_EXPLAIN_COMMENTS) || defined(SQLITE_DEBUG)
+# define OpHelp(X) "\0" X
+#else
+# define OpHelp(X)
+#endif
+SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
+ static const char *const azName[] = { "?",
+ /* 1 */ "Savepoint" OpHelp(""),
+ /* 2 */ "AutoCommit" OpHelp(""),
+ /* 3 */ "Transaction" OpHelp(""),
+ /* 4 */ "SorterNext" OpHelp(""),
+ /* 5 */ "PrevIfOpen" OpHelp(""),
+ /* 6 */ "NextIfOpen" OpHelp(""),
+ /* 7 */ "Prev" OpHelp(""),
+ /* 8 */ "Next" OpHelp(""),
+ /* 9 */ "Checkpoint" OpHelp(""),
+ /* 10 */ "JournalMode" OpHelp(""),
+ /* 11 */ "Vacuum" OpHelp(""),
+ /* 12 */ "VFilter" OpHelp("iplan=r[P3] zplan='P4'"),
+ /* 13 */ "VUpdate" OpHelp("data=r[P3@P2]"),
+ /* 14 */ "Goto" OpHelp(""),
+ /* 15 */ "Gosub" OpHelp(""),
+ /* 16 */ "Return" OpHelp(""),
+ /* 17 */ "InitCoroutine" OpHelp(""),
+ /* 18 */ "EndCoroutine" OpHelp(""),
+ /* 19 */ "Not" OpHelp("r[P2]= !r[P1]"),
+ /* 20 */ "Yield" OpHelp(""),
+ /* 21 */ "HaltIfNull" OpHelp("if r[P3]=null halt"),
+ /* 22 */ "Halt" OpHelp(""),
+ /* 23 */ "Integer" OpHelp("r[P2]=P1"),
+ /* 24 */ "Int64" OpHelp("r[P2]=P4"),
+ /* 25 */ "String" OpHelp("r[P2]='P4' (len=P1)"),
+ /* 26 */ "Null" OpHelp("r[P2..P3]=NULL"),
+ /* 27 */ "SoftNull" OpHelp("r[P1]=NULL"),
+ /* 28 */ "Blob" OpHelp("r[P2]=P4 (len=P1)"),
+ /* 29 */ "Variable" OpHelp("r[P2]=parameter(P1,P4)"),
+ /* 30 */ "Move" OpHelp("r[P2@P3]=r[P1@P3]"),
+ /* 31 */ "Copy" OpHelp("r[P2@P3+1]=r[P1@P3+1]"),
+ /* 32 */ "SCopy" OpHelp("r[P2]=r[P1]"),
+ /* 33 */ "IntCopy" OpHelp("r[P2]=r[P1]"),
+ /* 34 */ "ResultRow" OpHelp("output=r[P1@P2]"),
+ /* 35 */ "CollSeq" OpHelp(""),
+ /* 36 */ "Function0" OpHelp("r[P3]=func(r[P2@P5])"),
+ /* 37 */ "Function" OpHelp("r[P3]=func(r[P2@P5])"),
+ /* 38 */ "AddImm" OpHelp("r[P1]=r[P1]+P2"),
+ /* 39 */ "MustBeInt" OpHelp(""),
+ /* 40 */ "RealAffinity" OpHelp(""),
+ /* 41 */ "Cast" OpHelp("affinity(r[P1])"),
+ /* 42 */ "Permutation" OpHelp(""),
+ /* 43 */ "Compare" OpHelp("r[P1@P3] <-> r[P2@P3]"),
+ /* 44 */ "Jump" OpHelp(""),
+ /* 45 */ "Once" OpHelp(""),
+ /* 46 */ "If" OpHelp(""),
+ /* 47 */ "IfNot" OpHelp(""),
+ /* 48 */ "Column" OpHelp("r[P3]=PX"),
+ /* 49 */ "Affinity" OpHelp("affinity(r[P1@P2])"),
+ /* 50 */ "MakeRecord" OpHelp("r[P3]=mkrec(r[P1@P2])"),
+ /* 51 */ "Count" OpHelp("r[P2]=count()"),
+ /* 52 */ "ReadCookie" OpHelp(""),
+ /* 53 */ "SetCookie" OpHelp(""),
+ /* 54 */ "ReopenIdx" OpHelp("root=P2 iDb=P3"),
+ /* 55 */ "OpenRead" OpHelp("root=P2 iDb=P3"),
+ /* 56 */ "OpenWrite" OpHelp("root=P2 iDb=P3"),
+ /* 57 */ "OpenAutoindex" OpHelp("nColumn=P2"),
+ /* 58 */ "OpenEphemeral" OpHelp("nColumn=P2"),
+ /* 59 */ "SorterOpen" OpHelp(""),
+ /* 60 */ "SequenceTest" OpHelp("if( cursor[P1].ctr++ ) pc = P2"),
+ /* 61 */ "OpenPseudo" OpHelp("P3 columns in r[P2]"),
+ /* 62 */ "Close" OpHelp(""),
+ /* 63 */ "ColumnsUsed" OpHelp(""),
+ /* 64 */ "SeekLT" OpHelp("key=r[P3@P4]"),
+ /* 65 */ "SeekLE" OpHelp("key=r[P3@P4]"),
+ /* 66 */ "SeekGE" OpHelp("key=r[P3@P4]"),
+ /* 67 */ "SeekGT" OpHelp("key=r[P3@P4]"),
+ /* 68 */ "Seek" OpHelp("intkey=r[P2]"),
+ /* 69 */ "NoConflict" OpHelp("key=r[P3@P4]"),
+ /* 70 */ "NotFound" OpHelp("key=r[P3@P4]"),
+ /* 71 */ "Or" OpHelp("r[P3]=(r[P1] || r[P2])"),
+ /* 72 */ "And" OpHelp("r[P3]=(r[P1] && r[P2])"),
+ /* 73 */ "Found" OpHelp("key=r[P3@P4]"),
+ /* 74 */ "NotExists" OpHelp("intkey=r[P3]"),
+ /* 75 */ "Sequence" OpHelp("r[P2]=cursor[P1].ctr++"),
+ /* 76 */ "IsNull" OpHelp("if r[P1]==NULL goto P2"),
+ /* 77 */ "NotNull" OpHelp("if r[P1]!=NULL goto P2"),
+ /* 78 */ "Ne" OpHelp("if r[P1]!=r[P3] goto P2"),
+ /* 79 */ "Eq" OpHelp("if r[P1]==r[P3] goto P2"),
+ /* 80 */ "Gt" OpHelp("if r[P1]>r[P3] goto P2"),
+ /* 81 */ "Le" OpHelp("if r[P1]<=r[P3] goto P2"),
+ /* 82 */ "Lt" OpHelp("if r[P1]<r[P3] goto P2"),
+ /* 83 */ "Ge" OpHelp("if r[P1]>=r[P3] goto P2"),
+ /* 84 */ "NewRowid" OpHelp("r[P2]=rowid"),
+ /* 85 */ "BitAnd" OpHelp("r[P3]=r[P1]&r[P2]"),
+ /* 86 */ "BitOr" OpHelp("r[P3]=r[P1]|r[P2]"),
+ /* 87 */ "ShiftLeft" OpHelp("r[P3]=r[P2]<<r[P1]"),
+ /* 88 */ "ShiftRight" OpHelp("r[P3]=r[P2]>>r[P1]"),
+ /* 89 */ "Add" OpHelp("r[P3]=r[P1]+r[P2]"),
+ /* 90 */ "Subtract" OpHelp("r[P3]=r[P2]-r[P1]"),
+ /* 91 */ "Multiply" OpHelp("r[P3]=r[P1]*r[P2]"),
+ /* 92 */ "Divide" OpHelp("r[P3]=r[P2]/r[P1]"),
+ /* 93 */ "Remainder" OpHelp("r[P3]=r[P2]%r[P1]"),
+ /* 94 */ "Concat" OpHelp("r[P3]=r[P2]+r[P1]"),
+ /* 95 */ "Insert" OpHelp("intkey=r[P3] data=r[P2]"),
+ /* 96 */ "BitNot" OpHelp("r[P1]= ~r[P1]"),
+ /* 97 */ "String8" OpHelp("r[P2]='P4'"),
+ /* 98 */ "InsertInt" OpHelp("intkey=P3 data=r[P2]"),
+ /* 99 */ "Delete" OpHelp(""),
+ /* 100 */ "ResetCount" OpHelp(""),
+ /* 101 */ "SorterCompare" OpHelp("if key(P1)!=trim(r[P3],P4) goto P2"),
+ /* 102 */ "SorterData" OpHelp("r[P2]=data"),
+ /* 103 */ "RowKey" OpHelp("r[P2]=key"),
+ /* 104 */ "RowData" OpHelp("r[P2]=data"),
+ /* 105 */ "Rowid" OpHelp("r[P2]=rowid"),
+ /* 106 */ "NullRow" OpHelp(""),
+ /* 107 */ "Last" OpHelp(""),
+ /* 108 */ "SorterSort" OpHelp(""),
+ /* 109 */ "Sort" OpHelp(""),
+ /* 110 */ "Rewind" OpHelp(""),
+ /* 111 */ "SorterInsert" OpHelp(""),
+ /* 112 */ "IdxInsert" OpHelp("key=r[P2]"),
+ /* 113 */ "IdxDelete" OpHelp("key=r[P2@P3]"),
+ /* 114 */ "IdxRowid" OpHelp("r[P2]=rowid"),
+ /* 115 */ "IdxLE" OpHelp("key=r[P3@P4]"),
+ /* 116 */ "IdxGT" OpHelp("key=r[P3@P4]"),
+ /* 117 */ "IdxLT" OpHelp("key=r[P3@P4]"),
+ /* 118 */ "IdxGE" OpHelp("key=r[P3@P4]"),
+ /* 119 */ "Destroy" OpHelp(""),
+ /* 120 */ "Clear" OpHelp(""),
+ /* 121 */ "ResetSorter" OpHelp(""),
+ /* 122 */ "CreateIndex" OpHelp("r[P2]=root iDb=P1"),
+ /* 123 */ "CreateTable" OpHelp("r[P2]=root iDb=P1"),
+ /* 124 */ "ParseSchema" OpHelp(""),
+ /* 125 */ "LoadAnalysis" OpHelp(""),
+ /* 126 */ "DropTable" OpHelp(""),
+ /* 127 */ "DropIndex" OpHelp(""),
+ /* 128 */ "DropTrigger" OpHelp(""),
+ /* 129 */ "IntegrityCk" OpHelp(""),
+ /* 130 */ "RowSetAdd" OpHelp("rowset(P1)=r[P2]"),
+ /* 131 */ "RowSetRead" OpHelp("r[P3]=rowset(P1)"),
+ /* 132 */ "RowSetTest" OpHelp("if r[P3] in rowset(P1) goto P2"),
+ /* 133 */ "Real" OpHelp("r[P2]=P4"),
+ /* 134 */ "Program" OpHelp(""),
+ /* 135 */ "Param" OpHelp(""),
+ /* 136 */ "FkCounter" OpHelp("fkctr[P1]+=P2"),
+ /* 137 */ "FkIfZero" OpHelp("if fkctr[P1]==0 goto P2"),
+ /* 138 */ "MemMax" OpHelp("r[P1]=max(r[P1],r[P2])"),
+ /* 139 */ "IfPos" OpHelp("if r[P1]>0 then r[P1]-=P3, goto P2"),
+ /* 140 */ "SetIfNotPos" OpHelp("if r[P1]<=0 then r[P2]=P3"),
+ /* 141 */ "IfNotZero" OpHelp("if r[P1]!=0 then r[P1]-=P3, goto P2"),
+ /* 142 */ "DecrJumpZero" OpHelp("if (--r[P1])==0 goto P2"),
+ /* 143 */ "JumpZeroIncr" OpHelp("if (r[P1]++)==0 ) goto P2"),
+ /* 144 */ "AggStep0" OpHelp("accum=r[P3] step(r[P2@P5])"),
+ /* 145 */ "AggStep" OpHelp("accum=r[P3] step(r[P2@P5])"),
+ /* 146 */ "AggFinal" OpHelp("accum=r[P1] N=P2"),
+ /* 147 */ "IncrVacuum" OpHelp(""),
+ /* 148 */ "Expire" OpHelp(""),
+ /* 149 */ "TableLock" OpHelp("iDb=P1 root=P2 write=P3"),
+ /* 150 */ "VBegin" OpHelp(""),
+ /* 151 */ "VCreate" OpHelp(""),
+ /* 152 */ "VDestroy" OpHelp(""),
+ /* 153 */ "VOpen" OpHelp(""),
+ /* 154 */ "VColumn" OpHelp("r[P3]=vcolumn(P2)"),
+ /* 155 */ "VNext" OpHelp(""),
+ /* 156 */ "VRename" OpHelp(""),
+ /* 157 */ "Pagecount" OpHelp(""),
+ /* 158 */ "MaxPgcnt" OpHelp(""),
+ /* 159 */ "Init" OpHelp("Start at P2"),
+ /* 160 */ "CursorHint" OpHelp(""),
+ /* 161 */ "Noop" OpHelp(""),
+ /* 162 */ "Explain" OpHelp(""),
+ };
+ return azName[i];
+}
+#endif
+
+/************** End of opcodes.c *********************************************/
+/************** Begin file os_unix.c *****************************************/
+/*
+** 2004 May 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains the VFS implementation for unix-like operating systems
+** include Linux, MacOSX, *BSD, QNX, VxWorks, AIX, HPUX, and others.
+**
+** There are actually several different VFS implementations in this file.
+** The differences are in the way that file locking is done. The default
+** implementation uses Posix Advisory Locks. Alternative implementations
+** use flock(), dot-files, various proprietary locking schemas, or simply
+** skip locking all together.
+**
+** This source file is organized into divisions where the logic for various
+** subfunctions is contained within the appropriate division. PLEASE
+** KEEP THE STRUCTURE OF THIS FILE INTACT. New code should be placed
+** in the correct division and should be clearly labeled.
+**
+** The layout of divisions is as follows:
+**
+** * General-purpose declarations and utility functions.
+** * Unique file ID logic used by VxWorks.
+** * Various locking primitive implementations (all except proxy locking):
+** + for Posix Advisory Locks
+** + for no-op locks
+** + for dot-file locks
+** + for flock() locking
+** + for named semaphore locks (VxWorks only)
+** + for AFP filesystem locks (MacOSX only)
+** * sqlite3_file methods not associated with locking.
+** * Definitions of sqlite3_io_methods objects for all locking
+** methods plus "finder" functions for each locking method.
+** * sqlite3_vfs method implementations.
+** * Locking primitives for the proxy uber-locking-method. (MacOSX only)
+** * Definitions of sqlite3_vfs objects for all locking methods
+** plus implementations of sqlite3_os_init() and sqlite3_os_end().
+*/
+/* #include "sqliteInt.h" */
+#if SQLITE_OS_UNIX /* This file is used on unix only */
+
+/*
+** There are various methods for file locking used for concurrency
+** control:
+**
+** 1. POSIX locking (the default),
+** 2. No locking,
+** 3. Dot-file locking,
+** 4. flock() locking,
+** 5. AFP locking (OSX only),
+** 6. Named POSIX semaphores (VXWorks only),
+** 7. proxy locking. (OSX only)
+**
+** Styles 4, 5, and 7 are only available of SQLITE_ENABLE_LOCKING_STYLE
+** is defined to 1. The SQLITE_ENABLE_LOCKING_STYLE also enables automatic
+** selection of the appropriate locking style based on the filesystem
+** where the database is located.
+*/
+#if !defined(SQLITE_ENABLE_LOCKING_STYLE)
+# if defined(__APPLE__)
+# define SQLITE_ENABLE_LOCKING_STYLE 1
+# else
+# define SQLITE_ENABLE_LOCKING_STYLE 0
+# endif
+#endif
+
+/*
+** standard include files.
+*/
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+/* #include <time.h> */
+#include <sys/time.h>
+#include <errno.h>
+#if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+# include <sys/mman.h>
+#endif
+
+#if SQLITE_ENABLE_LOCKING_STYLE
+# include <sys/ioctl.h>
+# include <sys/file.h>
+# include <sys/param.h>
+#endif /* SQLITE_ENABLE_LOCKING_STYLE */
+
+#if defined(__APPLE__) && ((__MAC_OS_X_VERSION_MIN_REQUIRED > 1050) || \
+ (__IPHONE_OS_VERSION_MIN_REQUIRED > 2000))
+# if (!defined(TARGET_OS_EMBEDDED) || (TARGET_OS_EMBEDDED==0)) \
+ && (!defined(TARGET_IPHONE_SIMULATOR) || (TARGET_IPHONE_SIMULATOR==0))
+# define HAVE_GETHOSTUUID 1
+# else
+# warning "gethostuuid() is disabled."
+# endif
+#endif
+
+
+#if OS_VXWORKS
+/* # include <sys/ioctl.h> */
+# include <semaphore.h>
+# include <limits.h>
+#endif /* OS_VXWORKS */
+
+#if defined(__APPLE__) || SQLITE_ENABLE_LOCKING_STYLE
+# include <sys/mount.h>
+#endif
+
+#ifdef HAVE_UTIME
+# include <utime.h>
+#endif
+
+/*
+** Allowed values of unixFile.fsFlags
+*/
+#define SQLITE_FSFLAGS_IS_MSDOS 0x1
+
+/*
+** If we are to be thread-safe, include the pthreads header and define
+** the SQLITE_UNIX_THREADS macro.
+*/
+#if SQLITE_THREADSAFE
+/* # include <pthread.h> */
+# define SQLITE_UNIX_THREADS 1
+#endif
+
+/*
+** Default permissions when creating a new file
+*/
+#ifndef SQLITE_DEFAULT_FILE_PERMISSIONS
+# define SQLITE_DEFAULT_FILE_PERMISSIONS 0644
+#endif
+
+/*
+** Default permissions when creating auto proxy dir
+*/
+#ifndef SQLITE_DEFAULT_PROXYDIR_PERMISSIONS
+# define SQLITE_DEFAULT_PROXYDIR_PERMISSIONS 0755
+#endif
+
+/*
+** Maximum supported path-length.
+*/
+#define MAX_PATHNAME 512
+
+/* Always cast the getpid() return type for compatibility with
+** kernel modules in VxWorks. */
+#define osGetpid(X) (pid_t)getpid()
+
+/*
+** Only set the lastErrno if the error code is a real error and not
+** a normal expected return code of SQLITE_BUSY or SQLITE_OK
+*/
+#define IS_LOCK_ERROR(x) ((x != SQLITE_OK) && (x != SQLITE_BUSY))
+
+/* Forward references */
+typedef struct unixShm unixShm; /* Connection shared memory */
+typedef struct unixShmNode unixShmNode; /* Shared memory instance */
+typedef struct unixInodeInfo unixInodeInfo; /* An i-node */
+typedef struct UnixUnusedFd UnixUnusedFd; /* An unused file descriptor */
+
+/*
+** Sometimes, after a file handle is closed by SQLite, the file descriptor
+** cannot be closed immediately. In these cases, instances of the following
+** structure are used to store the file descriptor while waiting for an
+** opportunity to either close or reuse it.
+*/
+struct UnixUnusedFd {
+ int fd; /* File descriptor to close */
+ int flags; /* Flags this file descriptor was opened with */
+ UnixUnusedFd *pNext; /* Next unused file descriptor on same file */
+};
+
+/*
+** The unixFile structure is subclass of sqlite3_file specific to the unix
+** VFS implementations.
+*/
+typedef struct unixFile unixFile;
+struct unixFile {
+ sqlite3_io_methods const *pMethod; /* Always the first entry */
+ sqlite3_vfs *pVfs; /* The VFS that created this unixFile */
+ unixInodeInfo *pInode; /* Info about locks on this inode */
+ int h; /* The file descriptor */
+ unsigned char eFileLock; /* The type of lock held on this fd */
+ unsigned short int ctrlFlags; /* Behavioral bits. UNIXFILE_* flags */
+ int lastErrno; /* The unix errno from last I/O error */
+ void *lockingContext; /* Locking style specific state */
+ UnixUnusedFd *pUnused; /* Pre-allocated UnixUnusedFd */
+ const char *zPath; /* Name of the file */
+ unixShm *pShm; /* Shared memory segment information */
+ int szChunk; /* Configured by FCNTL_CHUNK_SIZE */
+#if SQLITE_MAX_MMAP_SIZE>0
+ int nFetchOut; /* Number of outstanding xFetch refs */
+ sqlite3_int64 mmapSize; /* Usable size of mapping at pMapRegion */
+ sqlite3_int64 mmapSizeActual; /* Actual size of mapping at pMapRegion */
+ sqlite3_int64 mmapSizeMax; /* Configured FCNTL_MMAP_SIZE value */
+ void *pMapRegion; /* Memory mapped region */
+#endif
+#ifdef __QNXNTO__
+ int sectorSize; /* Device sector size */
+ int deviceCharacteristics; /* Precomputed device characteristics */
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE
+ int openFlags; /* The flags specified at open() */
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE || defined(__APPLE__)
+ unsigned fsFlags; /* cached details from statfs() */
+#endif
+#if OS_VXWORKS
+ struct vxworksFileId *pId; /* Unique file ID */
+#endif
+#ifdef SQLITE_DEBUG
+ /* The next group of variables are used to track whether or not the
+ ** transaction counter in bytes 24-27 of database files are updated
+ ** whenever any part of the database changes. An assertion fault will
+ ** occur if a file is updated without also updating the transaction
+ ** counter. This test is made to avoid new problems similar to the
+ ** one described by ticket #3584.
+ */
+ unsigned char transCntrChng; /* True if the transaction counter changed */
+ unsigned char dbUpdate; /* True if any part of database file changed */
+ unsigned char inNormalWrite; /* True if in a normal write operation */
+
+#endif
+
+#ifdef SQLITE_TEST
+ /* In test mode, increase the size of this structure a bit so that
+ ** it is larger than the struct CrashFile defined in test6.c.
+ */
+ char aPadding[32];
+#endif
+};
+
+/* This variable holds the process id (pid) from when the xRandomness()
+** method was called. If xOpen() is called from a different process id,
+** indicating that a fork() has occurred, the PRNG will be reset.
+*/
+static pid_t randomnessPid = 0;
+
+/*
+** Allowed values for the unixFile.ctrlFlags bitmask:
+*/
+#define UNIXFILE_EXCL 0x01 /* Connections from one process only */
+#define UNIXFILE_RDONLY 0x02 /* Connection is read only */
+#define UNIXFILE_PERSIST_WAL 0x04 /* Persistent WAL mode */
+#ifndef SQLITE_DISABLE_DIRSYNC
+# define UNIXFILE_DIRSYNC 0x08 /* Directory sync needed */
+#else
+# define UNIXFILE_DIRSYNC 0x00
+#endif
+#define UNIXFILE_PSOW 0x10 /* SQLITE_IOCAP_POWERSAFE_OVERWRITE */
+#define UNIXFILE_DELETE 0x20 /* Delete on close */
+#define UNIXFILE_URI 0x40 /* Filename might have query parameters */
+#define UNIXFILE_NOLOCK 0x80 /* Do no file locking */
+
+/*
+** Include code that is common to all os_*.c files
+*/
+/************** Include os_common.h in the middle of os_unix.c ***************/
+/************** Begin file os_common.h ***************************************/
+/*
+** 2004 May 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains macros and a little bit of code that is common to
+** all of the platform-specific files (os_*.c) and is #included into those
+** files.
+**
+** This file should be #included by the os_*.c files only. It is not a
+** general purpose header file.
+*/
+#ifndef _OS_COMMON_H_
+#define _OS_COMMON_H_
+
+/*
+** At least two bugs have slipped in because we changed the MEMORY_DEBUG
+** macro to SQLITE_DEBUG and some older makefiles have not yet made the
+** switch. The following code should catch this problem at compile-time.
+*/
+#ifdef MEMORY_DEBUG
+# error "The MEMORY_DEBUG macro is obsolete. Use SQLITE_DEBUG instead."
+#endif
+
+/*
+** Macros for performance tracing. Normally turned off. Only works
+** on i486 hardware.
+*/
+#ifdef SQLITE_PERFORMANCE_TRACE
+
+/*
+** hwtime.h contains inline assembler code for implementing
+** high-performance timing routines.
+*/
+/************** Include hwtime.h in the middle of os_common.h ****************/
+/************** Begin file hwtime.h ******************************************/
+/*
+** 2008 May 27
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains inline asm code for retrieving "high-performance"
+** counters for x86 class CPUs.
+*/
+#ifndef _HWTIME_H_
+#define _HWTIME_H_
+
+/*
+** The following routine only works on pentium-class (or newer) processors.
+** It uses the RDTSC opcode to read the cycle count value out of the
+** processor and returns that value. This can be used for high-res
+** profiling.
+*/
+#if (defined(__GNUC__) || defined(_MSC_VER)) && \
+ (defined(i386) || defined(__i386__) || defined(_M_IX86))
+
+ #if defined(__GNUC__)
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned int lo, hi;
+ __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
+ return (sqlite_uint64)hi << 32 | lo;
+ }
+
+ #elif defined(_MSC_VER)
+
+ __declspec(naked) __inline sqlite_uint64 __cdecl sqlite3Hwtime(void){
+ __asm {
+ rdtsc
+ ret ; return value at EDX:EAX
+ }
+ }
+
+ #endif
+
+#elif (defined(__GNUC__) && defined(__x86_64__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long val;
+ __asm__ __volatile__ ("rdtsc" : "=A" (val));
+ return val;
+ }
+
+#elif (defined(__GNUC__) && defined(__ppc__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long long retval;
+ unsigned long junk;
+ __asm__ __volatile__ ("\n\
+ 1: mftbu %1\n\
+ mftb %L0\n\
+ mftbu %0\n\
+ cmpw %0,%1\n\
+ bne 1b"
+ : "=r" (retval), "=r" (junk));
+ return retval;
+ }
+
+#else
+
+ #error Need implementation of sqlite3Hwtime() for your platform.
+
+ /*
+ ** To compile without implementing sqlite3Hwtime() for your platform,
+ ** you can remove the above #error and use the following
+ ** stub function. You will lose timing support for many
+ ** of the debugging and testing utilities, but it should at
+ ** least compile and run.
+ */
+SQLITE_PRIVATE sqlite_uint64 sqlite3Hwtime(void){ return ((sqlite_uint64)0); }
+
+#endif
+
+#endif /* !defined(_HWTIME_H_) */
+
+/************** End of hwtime.h **********************************************/
+/************** Continuing where we left off in os_common.h ******************/
+
+static sqlite_uint64 g_start;
+static sqlite_uint64 g_elapsed;
+#define TIMER_START g_start=sqlite3Hwtime()
+#define TIMER_END g_elapsed=sqlite3Hwtime()-g_start
+#define TIMER_ELAPSED g_elapsed
+#else
+#define TIMER_START
+#define TIMER_END
+#define TIMER_ELAPSED ((sqlite_uint64)0)
+#endif
+
+/*
+** If we compile with the SQLITE_TEST macro set, then the following block
+** of code will give us the ability to simulate a disk I/O error. This
+** is used for testing the I/O recovery logic.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_io_error_hit = 0; /* Total number of I/O Errors */
+SQLITE_API int sqlite3_io_error_hardhit = 0; /* Number of non-benign errors */
+SQLITE_API int sqlite3_io_error_pending = 0; /* Count down to first I/O error */
+SQLITE_API int sqlite3_io_error_persist = 0; /* True if I/O errors persist */
+SQLITE_API int sqlite3_io_error_benign = 0; /* True if errors are benign */
+SQLITE_API int sqlite3_diskfull_pending = 0;
+SQLITE_API int sqlite3_diskfull = 0;
+#define SimulateIOErrorBenign(X) sqlite3_io_error_benign=(X)
+#define SimulateIOError(CODE) \
+ if( (sqlite3_io_error_persist && sqlite3_io_error_hit) \
+ || sqlite3_io_error_pending-- == 1 ) \
+ { local_ioerr(); CODE; }
+static void local_ioerr(){
+ IOTRACE(("IOERR\n"));
+ sqlite3_io_error_hit++;
+ if( !sqlite3_io_error_benign ) sqlite3_io_error_hardhit++;
+}
+#define SimulateDiskfullError(CODE) \
+ if( sqlite3_diskfull_pending ){ \
+ if( sqlite3_diskfull_pending == 1 ){ \
+ local_ioerr(); \
+ sqlite3_diskfull = 1; \
+ sqlite3_io_error_hit = 1; \
+ CODE; \
+ }else{ \
+ sqlite3_diskfull_pending--; \
+ } \
+ }
+#else
+#define SimulateIOErrorBenign(X)
+#define SimulateIOError(A)
+#define SimulateDiskfullError(A)
+#endif
+
+/*
+** When testing, keep a count of the number of open files.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_open_file_count = 0;
+#define OpenCounter(X) sqlite3_open_file_count+=(X)
+#else
+#define OpenCounter(X)
+#endif
+
+#endif /* !defined(_OS_COMMON_H_) */
+
+/************** End of os_common.h *******************************************/
+/************** Continuing where we left off in os_unix.c ********************/
+
+/*
+** Define various macros that are missing from some systems.
+*/
+#ifndef O_LARGEFILE
+# define O_LARGEFILE 0
+#endif
+#ifdef SQLITE_DISABLE_LFS
+# undef O_LARGEFILE
+# define O_LARGEFILE 0
+#endif
+#ifndef O_NOFOLLOW
+# define O_NOFOLLOW 0
+#endif
+#ifndef O_BINARY
+# define O_BINARY 0
+#endif
+
+/*
+** The threadid macro resolves to the thread-id or to 0. Used for
+** testing and debugging only.
+*/
+#if SQLITE_THREADSAFE
+#define threadid pthread_self()
+#else
+#define threadid 0
+#endif
+
+/*
+** HAVE_MREMAP defaults to true on Linux and false everywhere else.
+*/
+#if !defined(HAVE_MREMAP)
+# if defined(__linux__) && defined(_GNU_SOURCE)
+# define HAVE_MREMAP 1
+# else
+# define HAVE_MREMAP 0
+# endif
+#endif
+
+/*
+** Explicitly call the 64-bit version of lseek() on Android. Otherwise, lseek()
+** is the 32-bit version, even if _FILE_OFFSET_BITS=64 is defined.
+*/
+#ifdef __ANDROID__
+# define lseek lseek64
+#endif
+
+/*
+** Different Unix systems declare open() in different ways. Same use
+** open(const char*,int,mode_t). Others use open(const char*,int,...).
+** The difference is important when using a pointer to the function.
+**
+** The safest way to deal with the problem is to always use this wrapper
+** which always has the same well-defined interface.
+*/
+static int posixOpen(const char *zFile, int flags, int mode){
+ return open(zFile, flags, mode);
+}
+
+/* Forward reference */
+static int openDirectory(const char*, int*);
+static int unixGetpagesize(void);
+
+/*
+** Many system calls are accessed through pointer-to-functions so that
+** they may be overridden at runtime to facilitate fault injection during
+** testing and sandboxing. The following array holds the names and pointers
+** to all overrideable system calls.
+*/
+static struct unix_syscall {
+ const char *zName; /* Name of the system call */
+ sqlite3_syscall_ptr pCurrent; /* Current value of the system call */
+ sqlite3_syscall_ptr pDefault; /* Default value */
+} aSyscall[] = {
+ { "open", (sqlite3_syscall_ptr)posixOpen, 0 },
+#define osOpen ((int(*)(const char*,int,int))aSyscall[0].pCurrent)
+
+ { "close", (sqlite3_syscall_ptr)close, 0 },
+#define osClose ((int(*)(int))aSyscall[1].pCurrent)
+
+ { "access", (sqlite3_syscall_ptr)access, 0 },
+#define osAccess ((int(*)(const char*,int))aSyscall[2].pCurrent)
+
+ { "getcwd", (sqlite3_syscall_ptr)getcwd, 0 },
+#define osGetcwd ((char*(*)(char*,size_t))aSyscall[3].pCurrent)
+
+ { "stat", (sqlite3_syscall_ptr)stat, 0 },
+#define osStat ((int(*)(const char*,struct stat*))aSyscall[4].pCurrent)
+
+/*
+** The DJGPP compiler environment looks mostly like Unix, but it
+** lacks the fcntl() system call. So redefine fcntl() to be something
+** that always succeeds. This means that locking does not occur under
+** DJGPP. But it is DOS - what did you expect?
+*/
+#ifdef __DJGPP__
+ { "fstat", 0, 0 },
+#define osFstat(a,b,c) 0
+#else
+ { "fstat", (sqlite3_syscall_ptr)fstat, 0 },
+#define osFstat ((int(*)(int,struct stat*))aSyscall[5].pCurrent)
+#endif
+
+ { "ftruncate", (sqlite3_syscall_ptr)ftruncate, 0 },
+#define osFtruncate ((int(*)(int,off_t))aSyscall[6].pCurrent)
+
+ { "fcntl", (sqlite3_syscall_ptr)fcntl, 0 },
+#define osFcntl ((int(*)(int,int,...))aSyscall[7].pCurrent)
+
+ { "read", (sqlite3_syscall_ptr)read, 0 },
+#define osRead ((ssize_t(*)(int,void*,size_t))aSyscall[8].pCurrent)
+
+#if defined(USE_PREAD) || SQLITE_ENABLE_LOCKING_STYLE
+ { "pread", (sqlite3_syscall_ptr)pread, 0 },
+#else
+ { "pread", (sqlite3_syscall_ptr)0, 0 },
+#endif
+#define osPread ((ssize_t(*)(int,void*,size_t,off_t))aSyscall[9].pCurrent)
+
+#if defined(USE_PREAD64)
+ { "pread64", (sqlite3_syscall_ptr)pread64, 0 },
+#else
+ { "pread64", (sqlite3_syscall_ptr)0, 0 },
+#endif
+#define osPread64 ((ssize_t(*)(int,void*,size_t,off_t))aSyscall[10].pCurrent)
+
+ { "write", (sqlite3_syscall_ptr)write, 0 },
+#define osWrite ((ssize_t(*)(int,const void*,size_t))aSyscall[11].pCurrent)
+
+#if defined(USE_PREAD) || SQLITE_ENABLE_LOCKING_STYLE
+ { "pwrite", (sqlite3_syscall_ptr)pwrite, 0 },
+#else
+ { "pwrite", (sqlite3_syscall_ptr)0, 0 },
+#endif
+#define osPwrite ((ssize_t(*)(int,const void*,size_t,off_t))\
+ aSyscall[12].pCurrent)
+
+#if defined(USE_PREAD64)
+ { "pwrite64", (sqlite3_syscall_ptr)pwrite64, 0 },
+#else
+ { "pwrite64", (sqlite3_syscall_ptr)0, 0 },
+#endif
+#define osPwrite64 ((ssize_t(*)(int,const void*,size_t,off_t))\
+ aSyscall[13].pCurrent)
+
+ { "fchmod", (sqlite3_syscall_ptr)fchmod, 0 },
+#define osFchmod ((int(*)(int,mode_t))aSyscall[14].pCurrent)
+
+#if defined(HAVE_POSIX_FALLOCATE) && HAVE_POSIX_FALLOCATE
+ { "fallocate", (sqlite3_syscall_ptr)posix_fallocate, 0 },
+#else
+ { "fallocate", (sqlite3_syscall_ptr)0, 0 },
+#endif
+#define osFallocate ((int(*)(int,off_t,off_t))aSyscall[15].pCurrent)
+
+ { "unlink", (sqlite3_syscall_ptr)unlink, 0 },
+#define osUnlink ((int(*)(const char*))aSyscall[16].pCurrent)
+
+ { "openDirectory", (sqlite3_syscall_ptr)openDirectory, 0 },
+#define osOpenDirectory ((int(*)(const char*,int*))aSyscall[17].pCurrent)
+
+ { "mkdir", (sqlite3_syscall_ptr)mkdir, 0 },
+#define osMkdir ((int(*)(const char*,mode_t))aSyscall[18].pCurrent)
+
+ { "rmdir", (sqlite3_syscall_ptr)rmdir, 0 },
+#define osRmdir ((int(*)(const char*))aSyscall[19].pCurrent)
+
+ { "fchown", (sqlite3_syscall_ptr)fchown, 0 },
+#define osFchown ((int(*)(int,uid_t,gid_t))aSyscall[20].pCurrent)
+
+ { "geteuid", (sqlite3_syscall_ptr)geteuid, 0 },
+#define osGeteuid ((uid_t(*)(void))aSyscall[21].pCurrent)
+
+#if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+ { "mmap", (sqlite3_syscall_ptr)mmap, 0 },
+#define osMmap ((void*(*)(void*,size_t,int,int,int,off_t))aSyscall[22].pCurrent)
+
+ { "munmap", (sqlite3_syscall_ptr)munmap, 0 },
+#define osMunmap ((void*(*)(void*,size_t))aSyscall[23].pCurrent)
+
+#if HAVE_MREMAP
+ { "mremap", (sqlite3_syscall_ptr)mremap, 0 },
+#else
+ { "mremap", (sqlite3_syscall_ptr)0, 0 },
+#endif
+#define osMremap ((void*(*)(void*,size_t,size_t,int,...))aSyscall[24].pCurrent)
+
+ { "getpagesize", (sqlite3_syscall_ptr)unixGetpagesize, 0 },
+#define osGetpagesize ((int(*)(void))aSyscall[25].pCurrent)
+
+ { "readlink", (sqlite3_syscall_ptr)readlink, 0 },
+#define osReadlink ((ssize_t(*)(const char*,char*,size_t))aSyscall[26].pCurrent)
+
+#endif
+
+}; /* End of the overrideable system calls */
+
+
+/*
+** On some systems, calls to fchown() will trigger a message in a security
+** log if they come from non-root processes. So avoid calling fchown() if
+** we are not running as root.
+*/
+static int robustFchown(int fd, uid_t uid, gid_t gid){
+#if OS_VXWORKS
+ return 0;
+#else
+ return osGeteuid() ? 0 : osFchown(fd,uid,gid);
+#endif
+}
+
+/*
+** This is the xSetSystemCall() method of sqlite3_vfs for all of the
+** "unix" VFSes. Return SQLITE_OK opon successfully updating the
+** system call pointer, or SQLITE_NOTFOUND if there is no configurable
+** system call named zName.
+*/
+static int unixSetSystemCall(
+ sqlite3_vfs *pNotUsed, /* The VFS pointer. Not used */
+ const char *zName, /* Name of system call to override */
+ sqlite3_syscall_ptr pNewFunc /* Pointer to new system call value */
+){
+ unsigned int i;
+ int rc = SQLITE_NOTFOUND;
+
+ UNUSED_PARAMETER(pNotUsed);
+ if( zName==0 ){
+ /* If no zName is given, restore all system calls to their default
+ ** settings and return NULL
+ */
+ rc = SQLITE_OK;
+ for(i=0; i<sizeof(aSyscall)/sizeof(aSyscall[0]); i++){
+ if( aSyscall[i].pDefault ){
+ aSyscall[i].pCurrent = aSyscall[i].pDefault;
+ }
+ }
+ }else{
+ /* If zName is specified, operate on only the one system call
+ ** specified.
+ */
+ for(i=0; i<sizeof(aSyscall)/sizeof(aSyscall[0]); i++){
+ if( strcmp(zName, aSyscall[i].zName)==0 ){
+ if( aSyscall[i].pDefault==0 ){
+ aSyscall[i].pDefault = aSyscall[i].pCurrent;
+ }
+ rc = SQLITE_OK;
+ if( pNewFunc==0 ) pNewFunc = aSyscall[i].pDefault;
+ aSyscall[i].pCurrent = pNewFunc;
+ break;
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Return the value of a system call. Return NULL if zName is not a
+** recognized system call name. NULL is also returned if the system call
+** is currently undefined.
+*/
+static sqlite3_syscall_ptr unixGetSystemCall(
+ sqlite3_vfs *pNotUsed,
+ const char *zName
+){
+ unsigned int i;
+
+ UNUSED_PARAMETER(pNotUsed);
+ for(i=0; i<sizeof(aSyscall)/sizeof(aSyscall[0]); i++){
+ if( strcmp(zName, aSyscall[i].zName)==0 ) return aSyscall[i].pCurrent;
+ }
+ return 0;
+}
+
+/*
+** Return the name of the first system call after zName. If zName==NULL
+** then return the name of the first system call. Return NULL if zName
+** is the last system call or if zName is not the name of a valid
+** system call.
+*/
+static const char *unixNextSystemCall(sqlite3_vfs *p, const char *zName){
+ int i = -1;
+
+ UNUSED_PARAMETER(p);
+ if( zName ){
+ for(i=0; i<ArraySize(aSyscall)-1; i++){
+ if( strcmp(zName, aSyscall[i].zName)==0 ) break;
+ }
+ }
+ for(i++; i<ArraySize(aSyscall); i++){
+ if( aSyscall[i].pCurrent!=0 ) return aSyscall[i].zName;
+ }
+ return 0;
+}
+
+/*
+** Do not accept any file descriptor less than this value, in order to avoid
+** opening database file using file descriptors that are commonly used for
+** standard input, output, and error.
+*/
+#ifndef SQLITE_MINIMUM_FILE_DESCRIPTOR
+# define SQLITE_MINIMUM_FILE_DESCRIPTOR 3
+#endif
+
+/*
+** Invoke open(). Do so multiple times, until it either succeeds or
+** fails for some reason other than EINTR.
+**
+** If the file creation mode "m" is 0 then set it to the default for
+** SQLite. The default is SQLITE_DEFAULT_FILE_PERMISSIONS (normally
+** 0644) as modified by the system umask. If m is not 0, then
+** make the file creation mode be exactly m ignoring the umask.
+**
+** The m parameter will be non-zero only when creating -wal, -journal,
+** and -shm files. We want those files to have *exactly* the same
+** permissions as their original database, unadulterated by the umask.
+** In that way, if a database file is -rw-rw-rw or -rw-rw-r-, and a
+** transaction crashes and leaves behind hot journals, then any
+** process that is able to write to the database will also be able to
+** recover the hot journals.
+*/
+static int robust_open(const char *z, int f, mode_t m){
+ int fd;
+ mode_t m2 = m ? m : SQLITE_DEFAULT_FILE_PERMISSIONS;
+ while(1){
+#if defined(O_CLOEXEC)
+ fd = osOpen(z,f|O_CLOEXEC,m2);
+#else
+ fd = osOpen(z,f,m2);
+#endif
+ if( fd<0 ){
+ if( errno==EINTR ) continue;
+ break;
+ }
+ if( fd>=SQLITE_MINIMUM_FILE_DESCRIPTOR ) break;
+ osClose(fd);
+ sqlite3_log(SQLITE_WARNING,
+ "attempt to open \"%s\" as file descriptor %d", z, fd);
+ fd = -1;
+ if( osOpen("/dev/null", f, m)<0 ) break;
+ }
+ if( fd>=0 ){
+ if( m!=0 ){
+ struct stat statbuf;
+ if( osFstat(fd, &statbuf)==0
+ && statbuf.st_size==0
+ && (statbuf.st_mode&0777)!=m
+ ){
+ osFchmod(fd, m);
+ }
+ }
+#if defined(FD_CLOEXEC) && (!defined(O_CLOEXEC) || O_CLOEXEC==0)
+ osFcntl(fd, F_SETFD, osFcntl(fd, F_GETFD, 0) | FD_CLOEXEC);
+#endif
+ }
+ return fd;
+}
+
+/*
+** Helper functions to obtain and relinquish the global mutex. The
+** global mutex is used to protect the unixInodeInfo and
+** vxworksFileId objects used by this file, all of which may be
+** shared by multiple threads.
+**
+** Function unixMutexHeld() is used to assert() that the global mutex
+** is held when required. This function is only used as part of assert()
+** statements. e.g.
+**
+** unixEnterMutex()
+** assert( unixMutexHeld() );
+** unixEnterLeave()
+*/
+static void unixEnterMutex(void){
+ sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1));
+}
+static void unixLeaveMutex(void){
+ sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1));
+}
+#ifdef SQLITE_DEBUG
+static int unixMutexHeld(void) {
+ return sqlite3_mutex_held(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1));
+}
+#endif
+
+
+#ifdef SQLITE_HAVE_OS_TRACE
+/*
+** Helper function for printing out trace information from debugging
+** binaries. This returns the string representation of the supplied
+** integer lock-type.
+*/
+static const char *azFileLock(int eFileLock){
+ switch( eFileLock ){
+ case NO_LOCK: return "NONE";
+ case SHARED_LOCK: return "SHARED";
+ case RESERVED_LOCK: return "RESERVED";
+ case PENDING_LOCK: return "PENDING";
+ case EXCLUSIVE_LOCK: return "EXCLUSIVE";
+ }
+ return "ERROR";
+}
+#endif
+
+#ifdef SQLITE_LOCK_TRACE
+/*
+** Print out information about all locking operations.
+**
+** This routine is used for troubleshooting locks on multithreaded
+** platforms. Enable by compiling with the -DSQLITE_LOCK_TRACE
+** command-line option on the compiler. This code is normally
+** turned off.
+*/
+static int lockTrace(int fd, int op, struct flock *p){
+ char *zOpName, *zType;
+ int s;
+ int savedErrno;
+ if( op==F_GETLK ){
+ zOpName = "GETLK";
+ }else if( op==F_SETLK ){
+ zOpName = "SETLK";
+ }else{
+ s = osFcntl(fd, op, p);
+ sqlite3DebugPrintf("fcntl unknown %d %d %d\n", fd, op, s);
+ return s;
+ }
+ if( p->l_type==F_RDLCK ){
+ zType = "RDLCK";
+ }else if( p->l_type==F_WRLCK ){
+ zType = "WRLCK";
+ }else if( p->l_type==F_UNLCK ){
+ zType = "UNLCK";
+ }else{
+ assert( 0 );
+ }
+ assert( p->l_whence==SEEK_SET );
+ s = osFcntl(fd, op, p);
+ savedErrno = errno;
+ sqlite3DebugPrintf("fcntl %d %d %s %s %d %d %d %d\n",
+ threadid, fd, zOpName, zType, (int)p->l_start, (int)p->l_len,
+ (int)p->l_pid, s);
+ if( s==(-1) && op==F_SETLK && (p->l_type==F_RDLCK || p->l_type==F_WRLCK) ){
+ struct flock l2;
+ l2 = *p;
+ osFcntl(fd, F_GETLK, &l2);
+ if( l2.l_type==F_RDLCK ){
+ zType = "RDLCK";
+ }else if( l2.l_type==F_WRLCK ){
+ zType = "WRLCK";
+ }else if( l2.l_type==F_UNLCK ){
+ zType = "UNLCK";
+ }else{
+ assert( 0 );
+ }
+ sqlite3DebugPrintf("fcntl-failure-reason: %s %d %d %d\n",
+ zType, (int)l2.l_start, (int)l2.l_len, (int)l2.l_pid);
+ }
+ errno = savedErrno;
+ return s;
+}
+#undef osFcntl
+#define osFcntl lockTrace
+#endif /* SQLITE_LOCK_TRACE */
+
+/*
+** Retry ftruncate() calls that fail due to EINTR
+**
+** All calls to ftruncate() within this file should be made through
+** this wrapper. On the Android platform, bypassing the logic below
+** could lead to a corrupt database.
+*/
+static int robust_ftruncate(int h, sqlite3_int64 sz){
+ int rc;
+#ifdef __ANDROID__
+ /* On Android, ftruncate() always uses 32-bit offsets, even if
+ ** _FILE_OFFSET_BITS=64 is defined. This means it is unsafe to attempt to
+ ** truncate a file to any size larger than 2GiB. Silently ignore any
+ ** such attempts. */
+ if( sz>(sqlite3_int64)0x7FFFFFFF ){
+ rc = SQLITE_OK;
+ }else
+#endif
+ do{ rc = osFtruncate(h,sz); }while( rc<0 && errno==EINTR );
+ return rc;
+}
+
+/*
+** This routine translates a standard POSIX errno code into something
+** useful to the clients of the sqlite3 functions. Specifically, it is
+** intended to translate a variety of "try again" errors into SQLITE_BUSY
+** and a variety of "please close the file descriptor NOW" errors into
+** SQLITE_IOERR
+**
+** Errors during initialization of locks, or file system support for locks,
+** should handle ENOLCK, ENOTSUP, EOPNOTSUPP separately.
+*/
+static int sqliteErrorFromPosixError(int posixError, int sqliteIOErr) {
+ assert( (sqliteIOErr == SQLITE_IOERR_LOCK) ||
+ (sqliteIOErr == SQLITE_IOERR_UNLOCK) ||
+ (sqliteIOErr == SQLITE_IOERR_RDLOCK) ||
+ (sqliteIOErr == SQLITE_IOERR_CHECKRESERVEDLOCK) );
+ switch (posixError) {
+ case EACCES:
+ case EAGAIN:
+ case ETIMEDOUT:
+ case EBUSY:
+ case EINTR:
+ case ENOLCK:
+ /* random NFS retry error, unless during file system support
+ * introspection, in which it actually means what it says */
+ return SQLITE_BUSY;
+
+ case EPERM:
+ return SQLITE_PERM;
+
+ default:
+ return sqliteIOErr;
+ }
+}
+
+
+/******************************************************************************
+****************** Begin Unique File ID Utility Used By VxWorks ***************
+**
+** On most versions of unix, we can get a unique ID for a file by concatenating
+** the device number and the inode number. But this does not work on VxWorks.
+** On VxWorks, a unique file id must be based on the canonical filename.
+**
+** A pointer to an instance of the following structure can be used as a
+** unique file ID in VxWorks. Each instance of this structure contains
+** a copy of the canonical filename. There is also a reference count.
+** The structure is reclaimed when the number of pointers to it drops to
+** zero.
+**
+** There are never very many files open at one time and lookups are not
+** a performance-critical path, so it is sufficient to put these
+** structures on a linked list.
+*/
+struct vxworksFileId {
+ struct vxworksFileId *pNext; /* Next in a list of them all */
+ int nRef; /* Number of references to this one */
+ int nName; /* Length of the zCanonicalName[] string */
+ char *zCanonicalName; /* Canonical filename */
+};
+
+#if OS_VXWORKS
+/*
+** All unique filenames are held on a linked list headed by this
+** variable:
+*/
+static struct vxworksFileId *vxworksFileList = 0;
+
+/*
+** Simplify a filename into its canonical form
+** by making the following changes:
+**
+** * removing any trailing and duplicate /
+** * convert /./ into just /
+** * convert /A/../ where A is any simple name into just /
+**
+** Changes are made in-place. Return the new name length.
+**
+** The original filename is in z[0..n-1]. Return the number of
+** characters in the simplified name.
+*/
+static int vxworksSimplifyName(char *z, int n){
+ int i, j;
+ while( n>1 && z[n-1]=='/' ){ n--; }
+ for(i=j=0; i<n; i++){
+ if( z[i]=='/' ){
+ if( z[i+1]=='/' ) continue;
+ if( z[i+1]=='.' && i+2<n && z[i+2]=='/' ){
+ i += 1;
+ continue;
+ }
+ if( z[i+1]=='.' && i+3<n && z[i+2]=='.' && z[i+3]=='/' ){
+ while( j>0 && z[j-1]!='/' ){ j--; }
+ if( j>0 ){ j--; }
+ i += 2;
+ continue;
+ }
+ }
+ z[j++] = z[i];
+ }
+ z[j] = 0;
+ return j;
+}
+
+/*
+** Find a unique file ID for the given absolute pathname. Return
+** a pointer to the vxworksFileId object. This pointer is the unique
+** file ID.
+**
+** The nRef field of the vxworksFileId object is incremented before
+** the object is returned. A new vxworksFileId object is created
+** and added to the global list if necessary.
+**
+** If a memory allocation error occurs, return NULL.
+*/
+static struct vxworksFileId *vxworksFindFileId(const char *zAbsoluteName){
+ struct vxworksFileId *pNew; /* search key and new file ID */
+ struct vxworksFileId *pCandidate; /* For looping over existing file IDs */
+ int n; /* Length of zAbsoluteName string */
+
+ assert( zAbsoluteName[0]=='/' );
+ n = (int)strlen(zAbsoluteName);
+ pNew = sqlite3_malloc64( sizeof(*pNew) + (n+1) );
+ if( pNew==0 ) return 0;
+ pNew->zCanonicalName = (char*)&pNew[1];
+ memcpy(pNew->zCanonicalName, zAbsoluteName, n+1);
+ n = vxworksSimplifyName(pNew->zCanonicalName, n);
+
+ /* Search for an existing entry that matching the canonical name.
+ ** If found, increment the reference count and return a pointer to
+ ** the existing file ID.
+ */
+ unixEnterMutex();
+ for(pCandidate=vxworksFileList; pCandidate; pCandidate=pCandidate->pNext){
+ if( pCandidate->nName==n
+ && memcmp(pCandidate->zCanonicalName, pNew->zCanonicalName, n)==0
+ ){
+ sqlite3_free(pNew);
+ pCandidate->nRef++;
+ unixLeaveMutex();
+ return pCandidate;
+ }
+ }
+
+ /* No match was found. We will make a new file ID */
+ pNew->nRef = 1;
+ pNew->nName = n;
+ pNew->pNext = vxworksFileList;
+ vxworksFileList = pNew;
+ unixLeaveMutex();
+ return pNew;
+}
+
+/*
+** Decrement the reference count on a vxworksFileId object. Free
+** the object when the reference count reaches zero.
+*/
+static void vxworksReleaseFileId(struct vxworksFileId *pId){
+ unixEnterMutex();
+ assert( pId->nRef>0 );
+ pId->nRef--;
+ if( pId->nRef==0 ){
+ struct vxworksFileId **pp;
+ for(pp=&vxworksFileList; *pp && *pp!=pId; pp = &((*pp)->pNext)){}
+ assert( *pp==pId );
+ *pp = pId->pNext;
+ sqlite3_free(pId);
+ }
+ unixLeaveMutex();
+}
+#endif /* OS_VXWORKS */
+/*************** End of Unique File ID Utility Used By VxWorks ****************
+******************************************************************************/
+
+
+/******************************************************************************
+*************************** Posix Advisory Locking ****************************
+**
+** POSIX advisory locks are broken by design. ANSI STD 1003.1 (1996)
+** section 6.5.2.2 lines 483 through 490 specify that when a process
+** sets or clears a lock, that operation overrides any prior locks set
+** by the same process. It does not explicitly say so, but this implies
+** that it overrides locks set by the same process using a different
+** file descriptor. Consider this test case:
+**
+** int fd1 = open("./file1", O_RDWR|O_CREAT, 0644);
+** int fd2 = open("./file2", O_RDWR|O_CREAT, 0644);
+**
+** Suppose ./file1 and ./file2 are really the same file (because
+** one is a hard or symbolic link to the other) then if you set
+** an exclusive lock on fd1, then try to get an exclusive lock
+** on fd2, it works. I would have expected the second lock to
+** fail since there was already a lock on the file due to fd1.
+** But not so. Since both locks came from the same process, the
+** second overrides the first, even though they were on different
+** file descriptors opened on different file names.
+**
+** This means that we cannot use POSIX locks to synchronize file access
+** among competing threads of the same process. POSIX locks will work fine
+** to synchronize access for threads in separate processes, but not
+** threads within the same process.
+**
+** To work around the problem, SQLite has to manage file locks internally
+** on its own. Whenever a new database is opened, we have to find the
+** specific inode of the database file (the inode is determined by the
+** st_dev and st_ino fields of the stat structure that fstat() fills in)
+** and check for locks already existing on that inode. When locks are
+** created or removed, we have to look at our own internal record of the
+** locks to see if another thread has previously set a lock on that same
+** inode.
+**
+** (Aside: The use of inode numbers as unique IDs does not work on VxWorks.
+** For VxWorks, we have to use the alternative unique ID system based on
+** canonical filename and implemented in the previous division.)
+**
+** The sqlite3_file structure for POSIX is no longer just an integer file
+** descriptor. It is now a structure that holds the integer file
+** descriptor and a pointer to a structure that describes the internal
+** locks on the corresponding inode. There is one locking structure
+** per inode, so if the same inode is opened twice, both unixFile structures
+** point to the same locking structure. The locking structure keeps
+** a reference count (so we will know when to delete it) and a "cnt"
+** field that tells us its internal lock status. cnt==0 means the
+** file is unlocked. cnt==-1 means the file has an exclusive lock.
+** cnt>0 means there are cnt shared locks on the file.
+**
+** Any attempt to lock or unlock a file first checks the locking
+** structure. The fcntl() system call is only invoked to set a
+** POSIX lock if the internal lock structure transitions between
+** a locked and an unlocked state.
+**
+** But wait: there are yet more problems with POSIX advisory locks.
+**
+** If you close a file descriptor that points to a file that has locks,
+** all locks on that file that are owned by the current process are
+** released. To work around this problem, each unixInodeInfo object
+** maintains a count of the number of pending locks on tha inode.
+** When an attempt is made to close an unixFile, if there are
+** other unixFile open on the same inode that are holding locks, the call
+** to close() the file descriptor is deferred until all of the locks clear.
+** The unixInodeInfo structure keeps a list of file descriptors that need to
+** be closed and that list is walked (and cleared) when the last lock
+** clears.
+**
+** Yet another problem: LinuxThreads do not play well with posix locks.
+**
+** Many older versions of linux use the LinuxThreads library which is
+** not posix compliant. Under LinuxThreads, a lock created by thread
+** A cannot be modified or overridden by a different thread B.
+** Only thread A can modify the lock. Locking behavior is correct
+** if the appliation uses the newer Native Posix Thread Library (NPTL)
+** on linux - with NPTL a lock created by thread A can override locks
+** in thread B. But there is no way to know at compile-time which
+** threading library is being used. So there is no way to know at
+** compile-time whether or not thread A can override locks on thread B.
+** One has to do a run-time check to discover the behavior of the
+** current process.
+**
+** SQLite used to support LinuxThreads. But support for LinuxThreads
+** was dropped beginning with version 3.7.0. SQLite will still work with
+** LinuxThreads provided that (1) there is no more than one connection
+** per database file in the same process and (2) database connections
+** do not move across threads.
+*/
+
+/*
+** An instance of the following structure serves as the key used
+** to locate a particular unixInodeInfo object.
+*/
+struct unixFileId {
+ dev_t dev; /* Device number */
+#if OS_VXWORKS
+ struct vxworksFileId *pId; /* Unique file ID for vxworks. */
+#else
+ ino_t ino; /* Inode number */
+#endif
+};
+
+/*
+** An instance of the following structure is allocated for each open
+** inode. Or, on LinuxThreads, there is one of these structures for
+** each inode opened by each thread.
+**
+** A single inode can have multiple file descriptors, so each unixFile
+** structure contains a pointer to an instance of this object and this
+** object keeps a count of the number of unixFile pointing to it.
+*/
+struct unixInodeInfo {
+ struct unixFileId fileId; /* The lookup key */
+ int nShared; /* Number of SHARED locks held */
+ unsigned char eFileLock; /* One of SHARED_LOCK, RESERVED_LOCK etc. */
+ unsigned char bProcessLock; /* An exclusive process lock is held */
+ int nRef; /* Number of pointers to this structure */
+ unixShmNode *pShmNode; /* Shared memory associated with this inode */
+ int nLock; /* Number of outstanding file locks */
+ UnixUnusedFd *pUnused; /* Unused file descriptors to close */
+ unixInodeInfo *pNext; /* List of all unixInodeInfo objects */
+ unixInodeInfo *pPrev; /* .... doubly linked */
+#if SQLITE_ENABLE_LOCKING_STYLE
+ unsigned long long sharedByte; /* for AFP simulated shared lock */
+#endif
+#if OS_VXWORKS
+ sem_t *pSem; /* Named POSIX semaphore */
+ char aSemName[MAX_PATHNAME+2]; /* Name of that semaphore */
+#endif
+};
+
+/*
+** A lists of all unixInodeInfo objects.
+*/
+static unixInodeInfo *inodeList = 0;
+
+/*
+**
+** This function - unixLogErrorAtLine(), is only ever called via the macro
+** unixLogError().
+**
+** It is invoked after an error occurs in an OS function and errno has been
+** set. It logs a message using sqlite3_log() containing the current value of
+** errno and, if possible, the human-readable equivalent from strerror() or
+** strerror_r().
+**
+** The first argument passed to the macro should be the error code that
+** will be returned to SQLite (e.g. SQLITE_IOERR_DELETE, SQLITE_CANTOPEN).
+** The two subsequent arguments should be the name of the OS function that
+** failed (e.g. "unlink", "open") and the associated file-system path,
+** if any.
+*/
+#define unixLogError(a,b,c) unixLogErrorAtLine(a,b,c,__LINE__)
+static int unixLogErrorAtLine(
+ int errcode, /* SQLite error code */
+ const char *zFunc, /* Name of OS function that failed */
+ const char *zPath, /* File path associated with error */
+ int iLine /* Source line number where error occurred */
+){
+ char *zErr; /* Message from strerror() or equivalent */
+ int iErrno = errno; /* Saved syscall error number */
+
+ /* If this is not a threadsafe build (SQLITE_THREADSAFE==0), then use
+ ** the strerror() function to obtain the human-readable error message
+ ** equivalent to errno. Otherwise, use strerror_r().
+ */
+#if SQLITE_THREADSAFE && defined(HAVE_STRERROR_R)
+ char aErr[80];
+ memset(aErr, 0, sizeof(aErr));
+ zErr = aErr;
+
+ /* If STRERROR_R_CHAR_P (set by autoconf scripts) or __USE_GNU is defined,
+ ** assume that the system provides the GNU version of strerror_r() that
+ ** returns a pointer to a buffer containing the error message. That pointer
+ ** may point to aErr[], or it may point to some static storage somewhere.
+ ** Otherwise, assume that the system provides the POSIX version of
+ ** strerror_r(), which always writes an error message into aErr[].
+ **
+ ** If the code incorrectly assumes that it is the POSIX version that is
+ ** available, the error message will often be an empty string. Not a
+ ** huge problem. Incorrectly concluding that the GNU version is available
+ ** could lead to a segfault though.
+ */
+#if defined(STRERROR_R_CHAR_P) || defined(__USE_GNU)
+ zErr =
+# endif
+ strerror_r(iErrno, aErr, sizeof(aErr)-1);
+
+#elif SQLITE_THREADSAFE
+ /* This is a threadsafe build, but strerror_r() is not available. */
+ zErr = "";
+#else
+ /* Non-threadsafe build, use strerror(). */
+ zErr = strerror(iErrno);
+#endif
+
+ if( zPath==0 ) zPath = "";
+ sqlite3_log(errcode,
+ "os_unix.c:%d: (%d) %s(%s) - %s",
+ iLine, iErrno, zFunc, zPath, zErr
+ );
+
+ return errcode;
+}
+
+/*
+** Close a file descriptor.
+**
+** We assume that close() almost always works, since it is only in a
+** very sick application or on a very sick platform that it might fail.
+** If it does fail, simply leak the file descriptor, but do log the
+** error.
+**
+** Note that it is not safe to retry close() after EINTR since the
+** file descriptor might have already been reused by another thread.
+** So we don't even try to recover from an EINTR. Just log the error
+** and move on.
+*/
+static void robust_close(unixFile *pFile, int h, int lineno){
+ if( osClose(h) ){
+ unixLogErrorAtLine(SQLITE_IOERR_CLOSE, "close",
+ pFile ? pFile->zPath : 0, lineno);
+ }
+}
+
+/*
+** Set the pFile->lastErrno. Do this in a subroutine as that provides
+** a convenient place to set a breakpoint.
+*/
+static void storeLastErrno(unixFile *pFile, int error){
+ pFile->lastErrno = error;
+}
+
+/*
+** Close all file descriptors accumuated in the unixInodeInfo->pUnused list.
+*/
+static void closePendingFds(unixFile *pFile){
+ unixInodeInfo *pInode = pFile->pInode;
+ UnixUnusedFd *p;
+ UnixUnusedFd *pNext;
+ for(p=pInode->pUnused; p; p=pNext){
+ pNext = p->pNext;
+ robust_close(pFile, p->fd, __LINE__);
+ sqlite3_free(p);
+ }
+ pInode->pUnused = 0;
+}
+
+/*
+** Release a unixInodeInfo structure previously allocated by findInodeInfo().
+**
+** The mutex entered using the unixEnterMutex() function must be held
+** when this function is called.
+*/
+static void releaseInodeInfo(unixFile *pFile){
+ unixInodeInfo *pInode = pFile->pInode;
+ assert( unixMutexHeld() );
+ if( ALWAYS(pInode) ){
+ pInode->nRef--;
+ if( pInode->nRef==0 ){
+ assert( pInode->pShmNode==0 );
+ closePendingFds(pFile);
+ if( pInode->pPrev ){
+ assert( pInode->pPrev->pNext==pInode );
+ pInode->pPrev->pNext = pInode->pNext;
+ }else{
+ assert( inodeList==pInode );
+ inodeList = pInode->pNext;
+ }
+ if( pInode->pNext ){
+ assert( pInode->pNext->pPrev==pInode );
+ pInode->pNext->pPrev = pInode->pPrev;
+ }
+ sqlite3_free(pInode);
+ }
+ }
+}
+
+/*
+** Given a file descriptor, locate the unixInodeInfo object that
+** describes that file descriptor. Create a new one if necessary. The
+** return value might be uninitialized if an error occurs.
+**
+** The mutex entered using the unixEnterMutex() function must be held
+** when this function is called.
+**
+** Return an appropriate error code.
+*/
+static int findInodeInfo(
+ unixFile *pFile, /* Unix file with file desc used in the key */
+ unixInodeInfo **ppInode /* Return the unixInodeInfo object here */
+){
+ int rc; /* System call return code */
+ int fd; /* The file descriptor for pFile */
+ struct unixFileId fileId; /* Lookup key for the unixInodeInfo */
+ struct stat statbuf; /* Low-level file information */
+ unixInodeInfo *pInode = 0; /* Candidate unixInodeInfo object */
+
+ assert( unixMutexHeld() );
+
+ /* Get low-level information about the file that we can used to
+ ** create a unique name for the file.
+ */
+ fd = pFile->h;
+ rc = osFstat(fd, &statbuf);
+ if( rc!=0 ){
+ storeLastErrno(pFile, errno);
+#if defined(EOVERFLOW) && defined(SQLITE_DISABLE_LFS)
+ if( pFile->lastErrno==EOVERFLOW ) return SQLITE_NOLFS;
+#endif
+ return SQLITE_IOERR;
+ }
+
+#ifdef __APPLE__
+ /* On OS X on an msdos filesystem, the inode number is reported
+ ** incorrectly for zero-size files. See ticket #3260. To work
+ ** around this problem (we consider it a bug in OS X, not SQLite)
+ ** we always increase the file size to 1 by writing a single byte
+ ** prior to accessing the inode number. The one byte written is
+ ** an ASCII 'S' character which also happens to be the first byte
+ ** in the header of every SQLite database. In this way, if there
+ ** is a race condition such that another thread has already populated
+ ** the first page of the database, no damage is done.
+ */
+ if( statbuf.st_size==0 && (pFile->fsFlags & SQLITE_FSFLAGS_IS_MSDOS)!=0 ){
+ do{ rc = osWrite(fd, "S", 1); }while( rc<0 && errno==EINTR );
+ if( rc!=1 ){
+ storeLastErrno(pFile, errno);
+ return SQLITE_IOERR;
+ }
+ rc = osFstat(fd, &statbuf);
+ if( rc!=0 ){
+ storeLastErrno(pFile, errno);
+ return SQLITE_IOERR;
+ }
+ }
+#endif
+
+ memset(&fileId, 0, sizeof(fileId));
+ fileId.dev = statbuf.st_dev;
+#if OS_VXWORKS
+ fileId.pId = pFile->pId;
+#else
+ fileId.ino = statbuf.st_ino;
+#endif
+ pInode = inodeList;
+ while( pInode && memcmp(&fileId, &pInode->fileId, sizeof(fileId)) ){
+ pInode = pInode->pNext;
+ }
+ if( pInode==0 ){
+ pInode = sqlite3_malloc64( sizeof(*pInode) );
+ if( pInode==0 ){
+ return SQLITE_NOMEM;
+ }
+ memset(pInode, 0, sizeof(*pInode));
+ memcpy(&pInode->fileId, &fileId, sizeof(fileId));
+ pInode->nRef = 1;
+ pInode->pNext = inodeList;
+ pInode->pPrev = 0;
+ if( inodeList ) inodeList->pPrev = pInode;
+ inodeList = pInode;
+ }else{
+ pInode->nRef++;
+ }
+ *ppInode = pInode;
+ return SQLITE_OK;
+}
+
+/*
+** Return TRUE if pFile has been renamed or unlinked since it was first opened.
+*/
+static int fileHasMoved(unixFile *pFile){
+#if OS_VXWORKS
+ return pFile->pInode!=0 && pFile->pId!=pFile->pInode->fileId.pId;
+#else
+ struct stat buf;
+ return pFile->pInode!=0 &&
+ (osStat(pFile->zPath, &buf)!=0 || buf.st_ino!=pFile->pInode->fileId.ino);
+#endif
+}
+
+
+/*
+** Check a unixFile that is a database. Verify the following:
+**
+** (1) There is exactly one hard link on the file
+** (2) The file is not a symbolic link
+** (3) The file has not been renamed or unlinked
+**
+** Issue sqlite3_log(SQLITE_WARNING,...) messages if anything is not right.
+*/
+static void verifyDbFile(unixFile *pFile){
+ struct stat buf;
+ int rc;
+ rc = osFstat(pFile->h, &buf);
+ if( rc!=0 ){
+ sqlite3_log(SQLITE_WARNING, "cannot fstat db file %s", pFile->zPath);
+ return;
+ }
+ if( buf.st_nlink==0 && (pFile->ctrlFlags & UNIXFILE_DELETE)==0 ){
+ sqlite3_log(SQLITE_WARNING, "file unlinked while open: %s", pFile->zPath);
+ return;
+ }
+ if( buf.st_nlink>1 ){
+ sqlite3_log(SQLITE_WARNING, "multiple links to file: %s", pFile->zPath);
+ return;
+ }
+ if( fileHasMoved(pFile) ){
+ sqlite3_log(SQLITE_WARNING, "file renamed while open: %s", pFile->zPath);
+ return;
+ }
+}
+
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, set *pResOut
+** to a non-zero value otherwise *pResOut is set to zero. The return value
+** is set to SQLITE_OK unless an I/O error occurs during lock checking.
+*/
+static int unixCheckReservedLock(sqlite3_file *id, int *pResOut){
+ int rc = SQLITE_OK;
+ int reserved = 0;
+ unixFile *pFile = (unixFile*)id;
+
+ SimulateIOError( return SQLITE_IOERR_CHECKRESERVEDLOCK; );
+
+ assert( pFile );
+ assert( pFile->eFileLock<=SHARED_LOCK );
+ unixEnterMutex(); /* Because pFile->pInode is shared across threads */
+
+ /* Check if a thread in this process holds such a lock */
+ if( pFile->pInode->eFileLock>SHARED_LOCK ){
+ reserved = 1;
+ }
+
+ /* Otherwise see if some other process holds it.
+ */
+#ifndef __DJGPP__
+ if( !reserved && !pFile->pInode->bProcessLock ){
+ struct flock lock;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = RESERVED_BYTE;
+ lock.l_len = 1;
+ lock.l_type = F_WRLCK;
+ if( osFcntl(pFile->h, F_GETLK, &lock) ){
+ rc = SQLITE_IOERR_CHECKRESERVEDLOCK;
+ storeLastErrno(pFile, errno);
+ } else if( lock.l_type!=F_UNLCK ){
+ reserved = 1;
+ }
+ }
+#endif
+
+ unixLeaveMutex();
+ OSTRACE(("TEST WR-LOCK %d %d %d (unix)\n", pFile->h, rc, reserved));
+
+ *pResOut = reserved;
+ return rc;
+}
+
+/*
+** Attempt to set a system-lock on the file pFile. The lock is
+** described by pLock.
+**
+** If the pFile was opened read/write from unix-excl, then the only lock
+** ever obtained is an exclusive lock, and it is obtained exactly once
+** the first time any lock is attempted. All subsequent system locking
+** operations become no-ops. Locking operations still happen internally,
+** in order to coordinate access between separate database connections
+** within this process, but all of that is handled in memory and the
+** operating system does not participate.
+**
+** This function is a pass-through to fcntl(F_SETLK) if pFile is using
+** any VFS other than "unix-excl" or if pFile is opened on "unix-excl"
+** and is read-only.
+**
+** Zero is returned if the call completes successfully, or -1 if a call
+** to fcntl() fails. In this case, errno is set appropriately (by fcntl()).
+*/
+static int unixFileLock(unixFile *pFile, struct flock *pLock){
+ int rc;
+ unixInodeInfo *pInode = pFile->pInode;
+ assert( unixMutexHeld() );
+ assert( pInode!=0 );
+ if( (pFile->ctrlFlags & (UNIXFILE_EXCL|UNIXFILE_RDONLY))==UNIXFILE_EXCL ){
+ if( pInode->bProcessLock==0 ){
+ struct flock lock;
+ assert( pInode->nLock==0 );
+ lock.l_whence = SEEK_SET;
+ lock.l_start = SHARED_FIRST;
+ lock.l_len = SHARED_SIZE;
+ lock.l_type = F_WRLCK;
+ rc = osFcntl(pFile->h, F_SETLK, &lock);
+ if( rc<0 ) return rc;
+ pInode->bProcessLock = 1;
+ pInode->nLock++;
+ }else{
+ rc = 0;
+ }
+ }else{
+ rc = osFcntl(pFile->h, F_SETLK, pLock);
+ }
+ return rc;
+}
+
+/*
+** Lock the file with the lock specified by parameter eFileLock - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** This routine will only increase a lock. Use the sqlite3OsUnlock()
+** routine to lower a locking level.
+*/
+static int unixLock(sqlite3_file *id, int eFileLock){
+ /* The following describes the implementation of the various locks and
+ ** lock transitions in terms of the POSIX advisory shared and exclusive
+ ** lock primitives (called read-locks and write-locks below, to avoid
+ ** confusion with SQLite lock names). The algorithms are complicated
+ ** slightly in order to be compatible with windows systems simultaneously
+ ** accessing the same database file, in case that is ever required.
+ **
+ ** Symbols defined in os.h indentify the 'pending byte' and the 'reserved
+ ** byte', each single bytes at well known offsets, and the 'shared byte
+ ** range', a range of 510 bytes at a well known offset.
+ **
+ ** To obtain a SHARED lock, a read-lock is obtained on the 'pending
+ ** byte'. If this is successful, a random byte from the 'shared byte
+ ** range' is read-locked and the lock on the 'pending byte' released.
+ **
+ ** A process may only obtain a RESERVED lock after it has a SHARED lock.
+ ** A RESERVED lock is implemented by grabbing a write-lock on the
+ ** 'reserved byte'.
+ **
+ ** A process may only obtain a PENDING lock after it has obtained a
+ ** SHARED lock. A PENDING lock is implemented by obtaining a write-lock
+ ** on the 'pending byte'. This ensures that no new SHARED locks can be
+ ** obtained, but existing SHARED locks are allowed to persist. A process
+ ** does not have to obtain a RESERVED lock on the way to a PENDING lock.
+ ** This property is used by the algorithm for rolling back a journal file
+ ** after a crash.
+ **
+ ** An EXCLUSIVE lock, obtained after a PENDING lock is held, is
+ ** implemented by obtaining a write-lock on the entire 'shared byte
+ ** range'. Since all other locks require a read-lock on one of the bytes
+ ** within this range, this ensures that no other locks are held on the
+ ** database.
+ **
+ ** The reason a single byte cannot be used instead of the 'shared byte
+ ** range' is that some versions of windows do not support read-locks. By
+ ** locking a random byte from a range, concurrent SHARED locks may exist
+ ** even if the locking primitive used is always a write-lock.
+ */
+ int rc = SQLITE_OK;
+ unixFile *pFile = (unixFile*)id;
+ unixInodeInfo *pInode;
+ struct flock lock;
+ int tErrno = 0;
+
+ assert( pFile );
+ OSTRACE(("LOCK %d %s was %s(%s,%d) pid=%d (unix)\n", pFile->h,
+ azFileLock(eFileLock), azFileLock(pFile->eFileLock),
+ azFileLock(pFile->pInode->eFileLock), pFile->pInode->nShared,
+ osGetpid(0)));
+
+ /* If there is already a lock of this type or more restrictive on the
+ ** unixFile, do nothing. Don't use the end_lock: exit path, as
+ ** unixEnterMutex() hasn't been called yet.
+ */
+ if( pFile->eFileLock>=eFileLock ){
+ OSTRACE(("LOCK %d %s ok (already held) (unix)\n", pFile->h,
+ azFileLock(eFileLock)));
+ return SQLITE_OK;
+ }
+
+ /* Make sure the locking sequence is correct.
+ ** (1) We never move from unlocked to anything higher than shared lock.
+ ** (2) SQLite never explicitly requests a pendig lock.
+ ** (3) A shared lock is always held when a reserve lock is requested.
+ */
+ assert( pFile->eFileLock!=NO_LOCK || eFileLock==SHARED_LOCK );
+ assert( eFileLock!=PENDING_LOCK );
+ assert( eFileLock!=RESERVED_LOCK || pFile->eFileLock==SHARED_LOCK );
+
+ /* This mutex is needed because pFile->pInode is shared across threads
+ */
+ unixEnterMutex();
+ pInode = pFile->pInode;
+
+ /* If some thread using this PID has a lock via a different unixFile*
+ ** handle that precludes the requested lock, return BUSY.
+ */
+ if( (pFile->eFileLock!=pInode->eFileLock &&
+ (pInode->eFileLock>=PENDING_LOCK || eFileLock>SHARED_LOCK))
+ ){
+ rc = SQLITE_BUSY;
+ goto end_lock;
+ }
+
+ /* If a SHARED lock is requested, and some thread using this PID already
+ ** has a SHARED or RESERVED lock, then increment reference counts and
+ ** return SQLITE_OK.
+ */
+ if( eFileLock==SHARED_LOCK &&
+ (pInode->eFileLock==SHARED_LOCK || pInode->eFileLock==RESERVED_LOCK) ){
+ assert( eFileLock==SHARED_LOCK );
+ assert( pFile->eFileLock==0 );
+ assert( pInode->nShared>0 );
+ pFile->eFileLock = SHARED_LOCK;
+ pInode->nShared++;
+ pInode->nLock++;
+ goto end_lock;
+ }
+
+
+ /* A PENDING lock is needed before acquiring a SHARED lock and before
+ ** acquiring an EXCLUSIVE lock. For the SHARED lock, the PENDING will
+ ** be released.
+ */
+ lock.l_len = 1L;
+ lock.l_whence = SEEK_SET;
+ if( eFileLock==SHARED_LOCK
+ || (eFileLock==EXCLUSIVE_LOCK && pFile->eFileLock<PENDING_LOCK)
+ ){
+ lock.l_type = (eFileLock==SHARED_LOCK?F_RDLCK:F_WRLCK);
+ lock.l_start = PENDING_BYTE;
+ if( unixFileLock(pFile, &lock) ){
+ tErrno = errno;
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_LOCK);
+ if( rc!=SQLITE_BUSY ){
+ storeLastErrno(pFile, tErrno);
+ }
+ goto end_lock;
+ }
+ }
+
+
+ /* If control gets to this point, then actually go ahead and make
+ ** operating system calls for the specified lock.
+ */
+ if( eFileLock==SHARED_LOCK ){
+ assert( pInode->nShared==0 );
+ assert( pInode->eFileLock==0 );
+ assert( rc==SQLITE_OK );
+
+ /* Now get the read-lock */
+ lock.l_start = SHARED_FIRST;
+ lock.l_len = SHARED_SIZE;
+ if( unixFileLock(pFile, &lock) ){
+ tErrno = errno;
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_LOCK);
+ }
+
+ /* Drop the temporary PENDING lock */
+ lock.l_start = PENDING_BYTE;
+ lock.l_len = 1L;
+ lock.l_type = F_UNLCK;
+ if( unixFileLock(pFile, &lock) && rc==SQLITE_OK ){
+ /* This could happen with a network mount */
+ tErrno = errno;
+ rc = SQLITE_IOERR_UNLOCK;
+ }
+
+ if( rc ){
+ if( rc!=SQLITE_BUSY ){
+ storeLastErrno(pFile, tErrno);
+ }
+ goto end_lock;
+ }else{
+ pFile->eFileLock = SHARED_LOCK;
+ pInode->nLock++;
+ pInode->nShared = 1;
+ }
+ }else if( eFileLock==EXCLUSIVE_LOCK && pInode->nShared>1 ){
+ /* We are trying for an exclusive lock but another thread in this
+ ** same process is still holding a shared lock. */
+ rc = SQLITE_BUSY;
+ }else{
+ /* The request was for a RESERVED or EXCLUSIVE lock. It is
+ ** assumed that there is a SHARED or greater lock on the file
+ ** already.
+ */
+ assert( 0!=pFile->eFileLock );
+ lock.l_type = F_WRLCK;
+
+ assert( eFileLock==RESERVED_LOCK || eFileLock==EXCLUSIVE_LOCK );
+ if( eFileLock==RESERVED_LOCK ){
+ lock.l_start = RESERVED_BYTE;
+ lock.l_len = 1L;
+ }else{
+ lock.l_start = SHARED_FIRST;
+ lock.l_len = SHARED_SIZE;
+ }
+
+ if( unixFileLock(pFile, &lock) ){
+ tErrno = errno;
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_LOCK);
+ if( rc!=SQLITE_BUSY ){
+ storeLastErrno(pFile, tErrno);
+ }
+ }
+ }
+
+
+#ifdef SQLITE_DEBUG
+ /* Set up the transaction-counter change checking flags when
+ ** transitioning from a SHARED to a RESERVED lock. The change
+ ** from SHARED to RESERVED marks the beginning of a normal
+ ** write operation (not a hot journal rollback).
+ */
+ if( rc==SQLITE_OK
+ && pFile->eFileLock<=SHARED_LOCK
+ && eFileLock==RESERVED_LOCK
+ ){
+ pFile->transCntrChng = 0;
+ pFile->dbUpdate = 0;
+ pFile->inNormalWrite = 1;
+ }
+#endif
+
+
+ if( rc==SQLITE_OK ){
+ pFile->eFileLock = eFileLock;
+ pInode->eFileLock = eFileLock;
+ }else if( eFileLock==EXCLUSIVE_LOCK ){
+ pFile->eFileLock = PENDING_LOCK;
+ pInode->eFileLock = PENDING_LOCK;
+ }
+
+end_lock:
+ unixLeaveMutex();
+ OSTRACE(("LOCK %d %s %s (unix)\n", pFile->h, azFileLock(eFileLock),
+ rc==SQLITE_OK ? "ok" : "failed"));
+ return rc;
+}
+
+/*
+** Add the file descriptor used by file handle pFile to the corresponding
+** pUnused list.
+*/
+static void setPendingFd(unixFile *pFile){
+ unixInodeInfo *pInode = pFile->pInode;
+ UnixUnusedFd *p = pFile->pUnused;
+ p->pNext = pInode->pUnused;
+ pInode->pUnused = p;
+ pFile->h = -1;
+ pFile->pUnused = 0;
+}
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+**
+** If handleNFSUnlock is true, then on downgrading an EXCLUSIVE_LOCK to SHARED
+** the byte range is divided into 2 parts and the first part is unlocked then
+** set to a read lock, then the other part is simply unlocked. This works
+** around a bug in BSD NFS lockd (also seen on MacOSX 10.3+) that fails to
+** remove the write lock on a region when a read lock is set.
+*/
+static int posixUnlock(sqlite3_file *id, int eFileLock, int handleNFSUnlock){
+ unixFile *pFile = (unixFile*)id;
+ unixInodeInfo *pInode;
+ struct flock lock;
+ int rc = SQLITE_OK;
+
+ assert( pFile );
+ OSTRACE(("UNLOCK %d %d was %d(%d,%d) pid=%d (unix)\n", pFile->h, eFileLock,
+ pFile->eFileLock, pFile->pInode->eFileLock, pFile->pInode->nShared,
+ osGetpid(0)));
+
+ assert( eFileLock<=SHARED_LOCK );
+ if( pFile->eFileLock<=eFileLock ){
+ return SQLITE_OK;
+ }
+ unixEnterMutex();
+ pInode = pFile->pInode;
+ assert( pInode->nShared!=0 );
+ if( pFile->eFileLock>SHARED_LOCK ){
+ assert( pInode->eFileLock==pFile->eFileLock );
+
+#ifdef SQLITE_DEBUG
+ /* When reducing a lock such that other processes can start
+ ** reading the database file again, make sure that the
+ ** transaction counter was updated if any part of the database
+ ** file changed. If the transaction counter is not updated,
+ ** other connections to the same file might not realize that
+ ** the file has changed and hence might not know to flush their
+ ** cache. The use of a stale cache can lead to database corruption.
+ */
+ pFile->inNormalWrite = 0;
+#endif
+
+ /* downgrading to a shared lock on NFS involves clearing the write lock
+ ** before establishing the readlock - to avoid a race condition we downgrade
+ ** the lock in 2 blocks, so that part of the range will be covered by a
+ ** write lock until the rest is covered by a read lock:
+ ** 1: [WWWWW]
+ ** 2: [....W]
+ ** 3: [RRRRW]
+ ** 4: [RRRR.]
+ */
+ if( eFileLock==SHARED_LOCK ){
+#if !defined(__APPLE__) || !SQLITE_ENABLE_LOCKING_STYLE
+ (void)handleNFSUnlock;
+ assert( handleNFSUnlock==0 );
+#endif
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+ if( handleNFSUnlock ){
+ int tErrno; /* Error code from system call errors */
+ off_t divSize = SHARED_SIZE - 1;
+
+ lock.l_type = F_UNLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = SHARED_FIRST;
+ lock.l_len = divSize;
+ if( unixFileLock(pFile, &lock)==(-1) ){
+ tErrno = errno;
+ rc = SQLITE_IOERR_UNLOCK;
+ storeLastErrno(pFile, tErrno);
+ goto end_unlock;
+ }
+ lock.l_type = F_RDLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = SHARED_FIRST;
+ lock.l_len = divSize;
+ if( unixFileLock(pFile, &lock)==(-1) ){
+ tErrno = errno;
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_RDLOCK);
+ if( IS_LOCK_ERROR(rc) ){
+ storeLastErrno(pFile, tErrno);
+ }
+ goto end_unlock;
+ }
+ lock.l_type = F_UNLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = SHARED_FIRST+divSize;
+ lock.l_len = SHARED_SIZE-divSize;
+ if( unixFileLock(pFile, &lock)==(-1) ){
+ tErrno = errno;
+ rc = SQLITE_IOERR_UNLOCK;
+ storeLastErrno(pFile, tErrno);
+ goto end_unlock;
+ }
+ }else
+#endif /* defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE */
+ {
+ lock.l_type = F_RDLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = SHARED_FIRST;
+ lock.l_len = SHARED_SIZE;
+ if( unixFileLock(pFile, &lock) ){
+ /* In theory, the call to unixFileLock() cannot fail because another
+ ** process is holding an incompatible lock. If it does, this
+ ** indicates that the other process is not following the locking
+ ** protocol. If this happens, return SQLITE_IOERR_RDLOCK. Returning
+ ** SQLITE_BUSY would confuse the upper layer (in practice it causes
+ ** an assert to fail). */
+ rc = SQLITE_IOERR_RDLOCK;
+ storeLastErrno(pFile, errno);
+ goto end_unlock;
+ }
+ }
+ }
+ lock.l_type = F_UNLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = PENDING_BYTE;
+ lock.l_len = 2L; assert( PENDING_BYTE+1==RESERVED_BYTE );
+ if( unixFileLock(pFile, &lock)==0 ){
+ pInode->eFileLock = SHARED_LOCK;
+ }else{
+ rc = SQLITE_IOERR_UNLOCK;
+ storeLastErrno(pFile, errno);
+ goto end_unlock;
+ }
+ }
+ if( eFileLock==NO_LOCK ){
+ /* Decrement the shared lock counter. Release the lock using an
+ ** OS call only when all threads in this same process have released
+ ** the lock.
+ */
+ pInode->nShared--;
+ if( pInode->nShared==0 ){
+ lock.l_type = F_UNLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = lock.l_len = 0L;
+ if( unixFileLock(pFile, &lock)==0 ){
+ pInode->eFileLock = NO_LOCK;
+ }else{
+ rc = SQLITE_IOERR_UNLOCK;
+ storeLastErrno(pFile, errno);
+ pInode->eFileLock = NO_LOCK;
+ pFile->eFileLock = NO_LOCK;
+ }
+ }
+
+ /* Decrement the count of locks against this same file. When the
+ ** count reaches zero, close any other file descriptors whose close
+ ** was deferred because of outstanding locks.
+ */
+ pInode->nLock--;
+ assert( pInode->nLock>=0 );
+ if( pInode->nLock==0 ){
+ closePendingFds(pFile);
+ }
+ }
+
+end_unlock:
+ unixLeaveMutex();
+ if( rc==SQLITE_OK ) pFile->eFileLock = eFileLock;
+ return rc;
+}
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+*/
+static int unixUnlock(sqlite3_file *id, int eFileLock){
+#if SQLITE_MAX_MMAP_SIZE>0
+ assert( eFileLock==SHARED_LOCK || ((unixFile *)id)->nFetchOut==0 );
+#endif
+ return posixUnlock(id, eFileLock, 0);
+}
+
+#if SQLITE_MAX_MMAP_SIZE>0
+static int unixMapfile(unixFile *pFd, i64 nByte);
+static void unixUnmapfile(unixFile *pFd);
+#endif
+
+/*
+** This function performs the parts of the "close file" operation
+** common to all locking schemes. It closes the directory and file
+** handles, if they are valid, and sets all fields of the unixFile
+** structure to 0.
+**
+** It is *not* necessary to hold the mutex when this routine is called,
+** even on VxWorks. A mutex will be acquired on VxWorks by the
+** vxworksReleaseFileId() routine.
+*/
+static int closeUnixFile(sqlite3_file *id){
+ unixFile *pFile = (unixFile*)id;
+#if SQLITE_MAX_MMAP_SIZE>0
+ unixUnmapfile(pFile);
+#endif
+ if( pFile->h>=0 ){
+ robust_close(pFile, pFile->h, __LINE__);
+ pFile->h = -1;
+ }
+#if OS_VXWORKS
+ if( pFile->pId ){
+ if( pFile->ctrlFlags & UNIXFILE_DELETE ){
+ osUnlink(pFile->pId->zCanonicalName);
+ }
+ vxworksReleaseFileId(pFile->pId);
+ pFile->pId = 0;
+ }
+#endif
+#ifdef SQLITE_UNLINK_AFTER_CLOSE
+ if( pFile->ctrlFlags & UNIXFILE_DELETE ){
+ osUnlink(pFile->zPath);
+ sqlite3_free(*(char**)&pFile->zPath);
+ pFile->zPath = 0;
+ }
+#endif
+ OSTRACE(("CLOSE %-3d\n", pFile->h));
+ OpenCounter(-1);
+ sqlite3_free(pFile->pUnused);
+ memset(pFile, 0, sizeof(unixFile));
+ return SQLITE_OK;
+}
+
+/*
+** Close a file.
+*/
+static int unixClose(sqlite3_file *id){
+ int rc = SQLITE_OK;
+ unixFile *pFile = (unixFile *)id;
+ verifyDbFile(pFile);
+ unixUnlock(id, NO_LOCK);
+ unixEnterMutex();
+
+ /* unixFile.pInode is always valid here. Otherwise, a different close
+ ** routine (e.g. nolockClose()) would be called instead.
+ */
+ assert( pFile->pInode->nLock>0 || pFile->pInode->bProcessLock==0 );
+ if( ALWAYS(pFile->pInode) && pFile->pInode->nLock ){
+ /* If there are outstanding locks, do not actually close the file just
+ ** yet because that would clear those locks. Instead, add the file
+ ** descriptor to pInode->pUnused list. It will be automatically closed
+ ** when the last lock is cleared.
+ */
+ setPendingFd(pFile);
+ }
+ releaseInodeInfo(pFile);
+ rc = closeUnixFile(id);
+ unixLeaveMutex();
+ return rc;
+}
+
+/************** End of the posix advisory lock implementation *****************
+******************************************************************************/
+
+/******************************************************************************
+****************************** No-op Locking **********************************
+**
+** Of the various locking implementations available, this is by far the
+** simplest: locking is ignored. No attempt is made to lock the database
+** file for reading or writing.
+**
+** This locking mode is appropriate for use on read-only databases
+** (ex: databases that are burned into CD-ROM, for example.) It can
+** also be used if the application employs some external mechanism to
+** prevent simultaneous access of the same database by two or more
+** database connections. But there is a serious risk of database
+** corruption if this locking mode is used in situations where multiple
+** database connections are accessing the same database file at the same
+** time and one or more of those connections are writing.
+*/
+
+static int nolockCheckReservedLock(sqlite3_file *NotUsed, int *pResOut){
+ UNUSED_PARAMETER(NotUsed);
+ *pResOut = 0;
+ return SQLITE_OK;
+}
+static int nolockLock(sqlite3_file *NotUsed, int NotUsed2){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ return SQLITE_OK;
+}
+static int nolockUnlock(sqlite3_file *NotUsed, int NotUsed2){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ return SQLITE_OK;
+}
+
+/*
+** Close the file.
+*/
+static int nolockClose(sqlite3_file *id) {
+ return closeUnixFile(id);
+}
+
+/******************* End of the no-op lock implementation *********************
+******************************************************************************/
+
+/******************************************************************************
+************************* Begin dot-file Locking ******************************
+**
+** The dotfile locking implementation uses the existence of separate lock
+** files (really a directory) to control access to the database. This works
+** on just about every filesystem imaginable. But there are serious downsides:
+**
+** (1) There is zero concurrency. A single reader blocks all other
+** connections from reading or writing the database.
+**
+** (2) An application crash or power loss can leave stale lock files
+** sitting around that need to be cleared manually.
+**
+** Nevertheless, a dotlock is an appropriate locking mode for use if no
+** other locking strategy is available.
+**
+** Dotfile locking works by creating a subdirectory in the same directory as
+** the database and with the same name but with a ".lock" extension added.
+** The existence of a lock directory implies an EXCLUSIVE lock. All other
+** lock types (SHARED, RESERVED, PENDING) are mapped into EXCLUSIVE.
+*/
+
+/*
+** The file suffix added to the data base filename in order to create the
+** lock directory.
+*/
+#define DOTLOCK_SUFFIX ".lock"
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, set *pResOut
+** to a non-zero value otherwise *pResOut is set to zero. The return value
+** is set to SQLITE_OK unless an I/O error occurs during lock checking.
+**
+** In dotfile locking, either a lock exists or it does not. So in this
+** variation of CheckReservedLock(), *pResOut is set to true if any lock
+** is held on the file and false if the file is unlocked.
+*/
+static int dotlockCheckReservedLock(sqlite3_file *id, int *pResOut) {
+ int rc = SQLITE_OK;
+ int reserved = 0;
+ unixFile *pFile = (unixFile*)id;
+
+ SimulateIOError( return SQLITE_IOERR_CHECKRESERVEDLOCK; );
+
+ assert( pFile );
+ reserved = osAccess((const char*)pFile->lockingContext, 0)==0;
+ OSTRACE(("TEST WR-LOCK %d %d %d (dotlock)\n", pFile->h, rc, reserved));
+ *pResOut = reserved;
+ return rc;
+}
+
+/*
+** Lock the file with the lock specified by parameter eFileLock - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** This routine will only increase a lock. Use the sqlite3OsUnlock()
+** routine to lower a locking level.
+**
+** With dotfile locking, we really only support state (4): EXCLUSIVE.
+** But we track the other locking levels internally.
+*/
+static int dotlockLock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+ char *zLockFile = (char *)pFile->lockingContext;
+ int rc = SQLITE_OK;
+
+
+ /* If we have any lock, then the lock file already exists. All we have
+ ** to do is adjust our internal record of the lock level.
+ */
+ if( pFile->eFileLock > NO_LOCK ){
+ pFile->eFileLock = eFileLock;
+ /* Always update the timestamp on the old file */
+#ifdef HAVE_UTIME
+ utime(zLockFile, NULL);
+#else
+ utimes(zLockFile, NULL);
+#endif
+ return SQLITE_OK;
+ }
+
+ /* grab an exclusive lock */
+ rc = osMkdir(zLockFile, 0777);
+ if( rc<0 ){
+ /* failed to open/create the lock directory */
+ int tErrno = errno;
+ if( EEXIST == tErrno ){
+ rc = SQLITE_BUSY;
+ } else {
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_LOCK);
+ if( rc!=SQLITE_BUSY ){
+ storeLastErrno(pFile, tErrno);
+ }
+ }
+ return rc;
+ }
+
+ /* got it, set the type and return ok */
+ pFile->eFileLock = eFileLock;
+ return rc;
+}
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+**
+** When the locking level reaches NO_LOCK, delete the lock file.
+*/
+static int dotlockUnlock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+ char *zLockFile = (char *)pFile->lockingContext;
+ int rc;
+
+ assert( pFile );
+ OSTRACE(("UNLOCK %d %d was %d pid=%d (dotlock)\n", pFile->h, eFileLock,
+ pFile->eFileLock, osGetpid(0)));
+ assert( eFileLock<=SHARED_LOCK );
+
+ /* no-op if possible */
+ if( pFile->eFileLock==eFileLock ){
+ return SQLITE_OK;
+ }
+
+ /* To downgrade to shared, simply update our internal notion of the
+ ** lock state. No need to mess with the file on disk.
+ */
+ if( eFileLock==SHARED_LOCK ){
+ pFile->eFileLock = SHARED_LOCK;
+ return SQLITE_OK;
+ }
+
+ /* To fully unlock the database, delete the lock file */
+ assert( eFileLock==NO_LOCK );
+ rc = osRmdir(zLockFile);
+ if( rc<0 ){
+ int tErrno = errno;
+ if( tErrno==ENOENT ){
+ rc = SQLITE_OK;
+ }else{
+ rc = SQLITE_IOERR_UNLOCK;
+ storeLastErrno(pFile, tErrno);
+ }
+ return rc;
+ }
+ pFile->eFileLock = NO_LOCK;
+ return SQLITE_OK;
+}
+
+/*
+** Close a file. Make sure the lock has been released before closing.
+*/
+static int dotlockClose(sqlite3_file *id) {
+ unixFile *pFile = (unixFile*)id;
+ assert( id!=0 );
+ dotlockUnlock(id, NO_LOCK);
+ sqlite3_free(pFile->lockingContext);
+ return closeUnixFile(id);
+}
+/****************** End of the dot-file lock implementation *******************
+******************************************************************************/
+
+/******************************************************************************
+************************** Begin flock Locking ********************************
+**
+** Use the flock() system call to do file locking.
+**
+** flock() locking is like dot-file locking in that the various
+** fine-grain locking levels supported by SQLite are collapsed into
+** a single exclusive lock. In other words, SHARED, RESERVED, and
+** PENDING locks are the same thing as an EXCLUSIVE lock. SQLite
+** still works when you do this, but concurrency is reduced since
+** only a single process can be reading the database at a time.
+**
+** Omit this section if SQLITE_ENABLE_LOCKING_STYLE is turned off
+*/
+#if SQLITE_ENABLE_LOCKING_STYLE
+
+/*
+** Retry flock() calls that fail with EINTR
+*/
+#ifdef EINTR
+static int robust_flock(int fd, int op){
+ int rc;
+ do{ rc = flock(fd,op); }while( rc<0 && errno==EINTR );
+ return rc;
+}
+#else
+# define robust_flock(a,b) flock(a,b)
+#endif
+
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, set *pResOut
+** to a non-zero value otherwise *pResOut is set to zero. The return value
+** is set to SQLITE_OK unless an I/O error occurs during lock checking.
+*/
+static int flockCheckReservedLock(sqlite3_file *id, int *pResOut){
+ int rc = SQLITE_OK;
+ int reserved = 0;
+ unixFile *pFile = (unixFile*)id;
+
+ SimulateIOError( return SQLITE_IOERR_CHECKRESERVEDLOCK; );
+
+ assert( pFile );
+
+ /* Check if a thread in this process holds such a lock */
+ if( pFile->eFileLock>SHARED_LOCK ){
+ reserved = 1;
+ }
+
+ /* Otherwise see if some other process holds it. */
+ if( !reserved ){
+ /* attempt to get the lock */
+ int lrc = robust_flock(pFile->h, LOCK_EX | LOCK_NB);
+ if( !lrc ){
+ /* got the lock, unlock it */
+ lrc = robust_flock(pFile->h, LOCK_UN);
+ if ( lrc ) {
+ int tErrno = errno;
+ /* unlock failed with an error */
+ lrc = SQLITE_IOERR_UNLOCK;
+ storeLastErrno(pFile, tErrno);
+ rc = lrc;
+ }
+ } else {
+ int tErrno = errno;
+ reserved = 1;
+ /* someone else might have it reserved */
+ lrc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_LOCK);
+ if( IS_LOCK_ERROR(lrc) ){
+ storeLastErrno(pFile, tErrno);
+ rc = lrc;
+ }
+ }
+ }
+ OSTRACE(("TEST WR-LOCK %d %d %d (flock)\n", pFile->h, rc, reserved));
+
+#ifdef SQLITE_IGNORE_FLOCK_LOCK_ERRORS
+ if( (rc & SQLITE_IOERR) == SQLITE_IOERR ){
+ rc = SQLITE_OK;
+ reserved=1;
+ }
+#endif /* SQLITE_IGNORE_FLOCK_LOCK_ERRORS */
+ *pResOut = reserved;
+ return rc;
+}
+
+/*
+** Lock the file with the lock specified by parameter eFileLock - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** flock() only really support EXCLUSIVE locks. We track intermediate
+** lock states in the sqlite3_file structure, but all locks SHARED or
+** above are really EXCLUSIVE locks and exclude all other processes from
+** access the file.
+**
+** This routine will only increase a lock. Use the sqlite3OsUnlock()
+** routine to lower a locking level.
+*/
+static int flockLock(sqlite3_file *id, int eFileLock) {
+ int rc = SQLITE_OK;
+ unixFile *pFile = (unixFile*)id;
+
+ assert( pFile );
+
+ /* if we already have a lock, it is exclusive.
+ ** Just adjust level and punt on outta here. */
+ if (pFile->eFileLock > NO_LOCK) {
+ pFile->eFileLock = eFileLock;
+ return SQLITE_OK;
+ }
+
+ /* grab an exclusive lock */
+
+ if (robust_flock(pFile->h, LOCK_EX | LOCK_NB)) {
+ int tErrno = errno;
+ /* didn't get, must be busy */
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_LOCK);
+ if( IS_LOCK_ERROR(rc) ){
+ storeLastErrno(pFile, tErrno);
+ }
+ } else {
+ /* got it, set the type and return ok */
+ pFile->eFileLock = eFileLock;
+ }
+ OSTRACE(("LOCK %d %s %s (flock)\n", pFile->h, azFileLock(eFileLock),
+ rc==SQLITE_OK ? "ok" : "failed"));
+#ifdef SQLITE_IGNORE_FLOCK_LOCK_ERRORS
+ if( (rc & SQLITE_IOERR) == SQLITE_IOERR ){
+ rc = SQLITE_BUSY;
+ }
+#endif /* SQLITE_IGNORE_FLOCK_LOCK_ERRORS */
+ return rc;
+}
+
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+*/
+static int flockUnlock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+
+ assert( pFile );
+ OSTRACE(("UNLOCK %d %d was %d pid=%d (flock)\n", pFile->h, eFileLock,
+ pFile->eFileLock, osGetpid(0)));
+ assert( eFileLock<=SHARED_LOCK );
+
+ /* no-op if possible */
+ if( pFile->eFileLock==eFileLock ){
+ return SQLITE_OK;
+ }
+
+ /* shared can just be set because we always have an exclusive */
+ if (eFileLock==SHARED_LOCK) {
+ pFile->eFileLock = eFileLock;
+ return SQLITE_OK;
+ }
+
+ /* no, really, unlock. */
+ if( robust_flock(pFile->h, LOCK_UN) ){
+#ifdef SQLITE_IGNORE_FLOCK_LOCK_ERRORS
+ return SQLITE_OK;
+#endif /* SQLITE_IGNORE_FLOCK_LOCK_ERRORS */
+ return SQLITE_IOERR_UNLOCK;
+ }else{
+ pFile->eFileLock = NO_LOCK;
+ return SQLITE_OK;
+ }
+}
+
+/*
+** Close a file.
+*/
+static int flockClose(sqlite3_file *id) {
+ assert( id!=0 );
+ flockUnlock(id, NO_LOCK);
+ return closeUnixFile(id);
+}
+
+#endif /* SQLITE_ENABLE_LOCKING_STYLE && !OS_VXWORK */
+
+/******************* End of the flock lock implementation *********************
+******************************************************************************/
+
+/******************************************************************************
+************************ Begin Named Semaphore Locking ************************
+**
+** Named semaphore locking is only supported on VxWorks.
+**
+** Semaphore locking is like dot-lock and flock in that it really only
+** supports EXCLUSIVE locking. Only a single process can read or write
+** the database file at a time. This reduces potential concurrency, but
+** makes the lock implementation much easier.
+*/
+#if OS_VXWORKS
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, set *pResOut
+** to a non-zero value otherwise *pResOut is set to zero. The return value
+** is set to SQLITE_OK unless an I/O error occurs during lock checking.
+*/
+static int semXCheckReservedLock(sqlite3_file *id, int *pResOut) {
+ int rc = SQLITE_OK;
+ int reserved = 0;
+ unixFile *pFile = (unixFile*)id;
+
+ SimulateIOError( return SQLITE_IOERR_CHECKRESERVEDLOCK; );
+
+ assert( pFile );
+
+ /* Check if a thread in this process holds such a lock */
+ if( pFile->eFileLock>SHARED_LOCK ){
+ reserved = 1;
+ }
+
+ /* Otherwise see if some other process holds it. */
+ if( !reserved ){
+ sem_t *pSem = pFile->pInode->pSem;
+
+ if( sem_trywait(pSem)==-1 ){
+ int tErrno = errno;
+ if( EAGAIN != tErrno ){
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_CHECKRESERVEDLOCK);
+ storeLastErrno(pFile, tErrno);
+ } else {
+ /* someone else has the lock when we are in NO_LOCK */
+ reserved = (pFile->eFileLock < SHARED_LOCK);
+ }
+ }else{
+ /* we could have it if we want it */
+ sem_post(pSem);
+ }
+ }
+ OSTRACE(("TEST WR-LOCK %d %d %d (sem)\n", pFile->h, rc, reserved));
+
+ *pResOut = reserved;
+ return rc;
+}
+
+/*
+** Lock the file with the lock specified by parameter eFileLock - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** Semaphore locks only really support EXCLUSIVE locks. We track intermediate
+** lock states in the sqlite3_file structure, but all locks SHARED or
+** above are really EXCLUSIVE locks and exclude all other processes from
+** access the file.
+**
+** This routine will only increase a lock. Use the sqlite3OsUnlock()
+** routine to lower a locking level.
+*/
+static int semXLock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+ sem_t *pSem = pFile->pInode->pSem;
+ int rc = SQLITE_OK;
+
+ /* if we already have a lock, it is exclusive.
+ ** Just adjust level and punt on outta here. */
+ if (pFile->eFileLock > NO_LOCK) {
+ pFile->eFileLock = eFileLock;
+ rc = SQLITE_OK;
+ goto sem_end_lock;
+ }
+
+ /* lock semaphore now but bail out when already locked. */
+ if( sem_trywait(pSem)==-1 ){
+ rc = SQLITE_BUSY;
+ goto sem_end_lock;
+ }
+
+ /* got it, set the type and return ok */
+ pFile->eFileLock = eFileLock;
+
+ sem_end_lock:
+ return rc;
+}
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+*/
+static int semXUnlock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+ sem_t *pSem = pFile->pInode->pSem;
+
+ assert( pFile );
+ assert( pSem );
+ OSTRACE(("UNLOCK %d %d was %d pid=%d (sem)\n", pFile->h, eFileLock,
+ pFile->eFileLock, osGetpid(0)));
+ assert( eFileLock<=SHARED_LOCK );
+
+ /* no-op if possible */
+ if( pFile->eFileLock==eFileLock ){
+ return SQLITE_OK;
+ }
+
+ /* shared can just be set because we always have an exclusive */
+ if (eFileLock==SHARED_LOCK) {
+ pFile->eFileLock = eFileLock;
+ return SQLITE_OK;
+ }
+
+ /* no, really unlock. */
+ if ( sem_post(pSem)==-1 ) {
+ int rc, tErrno = errno;
+ rc = sqliteErrorFromPosixError(tErrno, SQLITE_IOERR_UNLOCK);
+ if( IS_LOCK_ERROR(rc) ){
+ storeLastErrno(pFile, tErrno);
+ }
+ return rc;
+ }
+ pFile->eFileLock = NO_LOCK;
+ return SQLITE_OK;
+}
+
+/*
+ ** Close a file.
+ */
+static int semXClose(sqlite3_file *id) {
+ if( id ){
+ unixFile *pFile = (unixFile*)id;
+ semXUnlock(id, NO_LOCK);
+ assert( pFile );
+ unixEnterMutex();
+ releaseInodeInfo(pFile);
+ unixLeaveMutex();
+ closeUnixFile(id);
+ }
+ return SQLITE_OK;
+}
+
+#endif /* OS_VXWORKS */
+/*
+** Named semaphore locking is only available on VxWorks.
+**
+*************** End of the named semaphore lock implementation ****************
+******************************************************************************/
+
+
+/******************************************************************************
+*************************** Begin AFP Locking *********************************
+**
+** AFP is the Apple Filing Protocol. AFP is a network filesystem found
+** on Apple Macintosh computers - both OS9 and OSX.
+**
+** Third-party implementations of AFP are available. But this code here
+** only works on OSX.
+*/
+
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+/*
+** The afpLockingContext structure contains all afp lock specific state
+*/
+typedef struct afpLockingContext afpLockingContext;
+struct afpLockingContext {
+ int reserved;
+ const char *dbPath; /* Name of the open file */
+};
+
+struct ByteRangeLockPB2
+{
+ unsigned long long offset; /* offset to first byte to lock */
+ unsigned long long length; /* nbr of bytes to lock */
+ unsigned long long retRangeStart; /* nbr of 1st byte locked if successful */
+ unsigned char unLockFlag; /* 1 = unlock, 0 = lock */
+ unsigned char startEndFlag; /* 1=rel to end of fork, 0=rel to start */
+ int fd; /* file desc to assoc this lock with */
+};
+
+#define afpfsByteRangeLock2FSCTL _IOWR('z', 23, struct ByteRangeLockPB2)
+
+/*
+** This is a utility for setting or clearing a bit-range lock on an
+** AFP filesystem.
+**
+** Return SQLITE_OK on success, SQLITE_BUSY on failure.
+*/
+static int afpSetLock(
+ const char *path, /* Name of the file to be locked or unlocked */
+ unixFile *pFile, /* Open file descriptor on path */
+ unsigned long long offset, /* First byte to be locked */
+ unsigned long long length, /* Number of bytes to lock */
+ int setLockFlag /* True to set lock. False to clear lock */
+){
+ struct ByteRangeLockPB2 pb;
+ int err;
+
+ pb.unLockFlag = setLockFlag ? 0 : 1;
+ pb.startEndFlag = 0;
+ pb.offset = offset;
+ pb.length = length;
+ pb.fd = pFile->h;
+
+ OSTRACE(("AFPSETLOCK [%s] for %d%s in range %llx:%llx\n",
+ (setLockFlag?"ON":"OFF"), pFile->h, (pb.fd==-1?"[testval-1]":""),
+ offset, length));
+ err = fsctl(path, afpfsByteRangeLock2FSCTL, &pb, 0);
+ if ( err==-1 ) {
+ int rc;
+ int tErrno = errno;
+ OSTRACE(("AFPSETLOCK failed to fsctl() '%s' %d %s\n",
+ path, tErrno, strerror(tErrno)));
+#ifdef SQLITE_IGNORE_AFP_LOCK_ERRORS
+ rc = SQLITE_BUSY;
+#else
+ rc = sqliteErrorFromPosixError(tErrno,
+ setLockFlag ? SQLITE_IOERR_LOCK : SQLITE_IOERR_UNLOCK);
+#endif /* SQLITE_IGNORE_AFP_LOCK_ERRORS */
+ if( IS_LOCK_ERROR(rc) ){
+ storeLastErrno(pFile, tErrno);
+ }
+ return rc;
+ } else {
+ return SQLITE_OK;
+ }
+}
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, set *pResOut
+** to a non-zero value otherwise *pResOut is set to zero. The return value
+** is set to SQLITE_OK unless an I/O error occurs during lock checking.
+*/
+static int afpCheckReservedLock(sqlite3_file *id, int *pResOut){
+ int rc = SQLITE_OK;
+ int reserved = 0;
+ unixFile *pFile = (unixFile*)id;
+ afpLockingContext *context;
+
+ SimulateIOError( return SQLITE_IOERR_CHECKRESERVEDLOCK; );
+
+ assert( pFile );
+ context = (afpLockingContext *) pFile->lockingContext;
+ if( context->reserved ){
+ *pResOut = 1;
+ return SQLITE_OK;
+ }
+ unixEnterMutex(); /* Because pFile->pInode is shared across threads */
+
+ /* Check if a thread in this process holds such a lock */
+ if( pFile->pInode->eFileLock>SHARED_LOCK ){
+ reserved = 1;
+ }
+
+ /* Otherwise see if some other process holds it.
+ */
+ if( !reserved ){
+ /* lock the RESERVED byte */
+ int lrc = afpSetLock(context->dbPath, pFile, RESERVED_BYTE, 1,1);
+ if( SQLITE_OK==lrc ){
+ /* if we succeeded in taking the reserved lock, unlock it to restore
+ ** the original state */
+ lrc = afpSetLock(context->dbPath, pFile, RESERVED_BYTE, 1, 0);
+ } else {
+ /* if we failed to get the lock then someone else must have it */
+ reserved = 1;
+ }
+ if( IS_LOCK_ERROR(lrc) ){
+ rc=lrc;
+ }
+ }
+
+ unixLeaveMutex();
+ OSTRACE(("TEST WR-LOCK %d %d %d (afp)\n", pFile->h, rc, reserved));
+
+ *pResOut = reserved;
+ return rc;
+}
+
+/*
+** Lock the file with the lock specified by parameter eFileLock - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** This routine will only increase a lock. Use the sqlite3OsUnlock()
+** routine to lower a locking level.
+*/
+static int afpLock(sqlite3_file *id, int eFileLock){
+ int rc = SQLITE_OK;
+ unixFile *pFile = (unixFile*)id;
+ unixInodeInfo *pInode = pFile->pInode;
+ afpLockingContext *context = (afpLockingContext *) pFile->lockingContext;
+
+ assert( pFile );
+ OSTRACE(("LOCK %d %s was %s(%s,%d) pid=%d (afp)\n", pFile->h,
+ azFileLock(eFileLock), azFileLock(pFile->eFileLock),
+ azFileLock(pInode->eFileLock), pInode->nShared , osGetpid(0)));
+
+ /* If there is already a lock of this type or more restrictive on the
+ ** unixFile, do nothing. Don't use the afp_end_lock: exit path, as
+ ** unixEnterMutex() hasn't been called yet.
+ */
+ if( pFile->eFileLock>=eFileLock ){
+ OSTRACE(("LOCK %d %s ok (already held) (afp)\n", pFile->h,
+ azFileLock(eFileLock)));
+ return SQLITE_OK;
+ }
+
+ /* Make sure the locking sequence is correct
+ ** (1) We never move from unlocked to anything higher than shared lock.
+ ** (2) SQLite never explicitly requests a pendig lock.
+ ** (3) A shared lock is always held when a reserve lock is requested.
+ */
+ assert( pFile->eFileLock!=NO_LOCK || eFileLock==SHARED_LOCK );
+ assert( eFileLock!=PENDING_LOCK );
+ assert( eFileLock!=RESERVED_LOCK || pFile->eFileLock==SHARED_LOCK );
+
+ /* This mutex is needed because pFile->pInode is shared across threads
+ */
+ unixEnterMutex();
+ pInode = pFile->pInode;
+
+ /* If some thread using this PID has a lock via a different unixFile*
+ ** handle that precludes the requested lock, return BUSY.
+ */
+ if( (pFile->eFileLock!=pInode->eFileLock &&
+ (pInode->eFileLock>=PENDING_LOCK || eFileLock>SHARED_LOCK))
+ ){
+ rc = SQLITE_BUSY;
+ goto afp_end_lock;
+ }
+
+ /* If a SHARED lock is requested, and some thread using this PID already
+ ** has a SHARED or RESERVED lock, then increment reference counts and
+ ** return SQLITE_OK.
+ */
+ if( eFileLock==SHARED_LOCK &&
+ (pInode->eFileLock==SHARED_LOCK || pInode->eFileLock==RESERVED_LOCK) ){
+ assert( eFileLock==SHARED_LOCK );
+ assert( pFile->eFileLock==0 );
+ assert( pInode->nShared>0 );
+ pFile->eFileLock = SHARED_LOCK;
+ pInode->nShared++;
+ pInode->nLock++;
+ goto afp_end_lock;
+ }
+
+ /* A PENDING lock is needed before acquiring a SHARED lock and before
+ ** acquiring an EXCLUSIVE lock. For the SHARED lock, the PENDING will
+ ** be released.
+ */
+ if( eFileLock==SHARED_LOCK
+ || (eFileLock==EXCLUSIVE_LOCK && pFile->eFileLock<PENDING_LOCK)
+ ){
+ int failed;
+ failed = afpSetLock(context->dbPath, pFile, PENDING_BYTE, 1, 1);
+ if (failed) {
+ rc = failed;
+ goto afp_end_lock;
+ }
+ }
+
+ /* If control gets to this point, then actually go ahead and make
+ ** operating system calls for the specified lock.
+ */
+ if( eFileLock==SHARED_LOCK ){
+ int lrc1, lrc2, lrc1Errno = 0;
+ long lk, mask;
+
+ assert( pInode->nShared==0 );
+ assert( pInode->eFileLock==0 );
+
+ mask = (sizeof(long)==8) ? LARGEST_INT64 : 0x7fffffff;
+ /* Now get the read-lock SHARED_LOCK */
+ /* note that the quality of the randomness doesn't matter that much */
+ lk = random();
+ pInode->sharedByte = (lk & mask)%(SHARED_SIZE - 1);
+ lrc1 = afpSetLock(context->dbPath, pFile,
+ SHARED_FIRST+pInode->sharedByte, 1, 1);
+ if( IS_LOCK_ERROR(lrc1) ){
+ lrc1Errno = pFile->lastErrno;
+ }
+ /* Drop the temporary PENDING lock */
+ lrc2 = afpSetLock(context->dbPath, pFile, PENDING_BYTE, 1, 0);
+
+ if( IS_LOCK_ERROR(lrc1) ) {
+ storeLastErrno(pFile, lrc1Errno);
+ rc = lrc1;
+ goto afp_end_lock;
+ } else if( IS_LOCK_ERROR(lrc2) ){
+ rc = lrc2;
+ goto afp_end_lock;
+ } else if( lrc1 != SQLITE_OK ) {
+ rc = lrc1;
+ } else {
+ pFile->eFileLock = SHARED_LOCK;
+ pInode->nLock++;
+ pInode->nShared = 1;
+ }
+ }else if( eFileLock==EXCLUSIVE_LOCK && pInode->nShared>1 ){
+ /* We are trying for an exclusive lock but another thread in this
+ ** same process is still holding a shared lock. */
+ rc = SQLITE_BUSY;
+ }else{
+ /* The request was for a RESERVED or EXCLUSIVE lock. It is
+ ** assumed that there is a SHARED or greater lock on the file
+ ** already.
+ */
+ int failed = 0;
+ assert( 0!=pFile->eFileLock );
+ if (eFileLock >= RESERVED_LOCK && pFile->eFileLock < RESERVED_LOCK) {
+ /* Acquire a RESERVED lock */
+ failed = afpSetLock(context->dbPath, pFile, RESERVED_BYTE, 1,1);
+ if( !failed ){
+ context->reserved = 1;
+ }
+ }
+ if (!failed && eFileLock == EXCLUSIVE_LOCK) {
+ /* Acquire an EXCLUSIVE lock */
+
+ /* Remove the shared lock before trying the range. we'll need to
+ ** reestablish the shared lock if we can't get the afpUnlock
+ */
+ if( !(failed = afpSetLock(context->dbPath, pFile, SHARED_FIRST +
+ pInode->sharedByte, 1, 0)) ){
+ int failed2 = SQLITE_OK;
+ /* now attemmpt to get the exclusive lock range */
+ failed = afpSetLock(context->dbPath, pFile, SHARED_FIRST,
+ SHARED_SIZE, 1);
+ if( failed && (failed2 = afpSetLock(context->dbPath, pFile,
+ SHARED_FIRST + pInode->sharedByte, 1, 1)) ){
+ /* Can't reestablish the shared lock. Sqlite can't deal, this is
+ ** a critical I/O error
+ */
+ rc = ((failed & SQLITE_IOERR) == SQLITE_IOERR) ? failed2 :
+ SQLITE_IOERR_LOCK;
+ goto afp_end_lock;
+ }
+ }else{
+ rc = failed;
+ }
+ }
+ if( failed ){
+ rc = failed;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ pFile->eFileLock = eFileLock;
+ pInode->eFileLock = eFileLock;
+ }else if( eFileLock==EXCLUSIVE_LOCK ){
+ pFile->eFileLock = PENDING_LOCK;
+ pInode->eFileLock = PENDING_LOCK;
+ }
+
+afp_end_lock:
+ unixLeaveMutex();
+ OSTRACE(("LOCK %d %s %s (afp)\n", pFile->h, azFileLock(eFileLock),
+ rc==SQLITE_OK ? "ok" : "failed"));
+ return rc;
+}
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+*/
+static int afpUnlock(sqlite3_file *id, int eFileLock) {
+ int rc = SQLITE_OK;
+ unixFile *pFile = (unixFile*)id;
+ unixInodeInfo *pInode;
+ afpLockingContext *context = (afpLockingContext *) pFile->lockingContext;
+ int skipShared = 0;
+#ifdef SQLITE_TEST
+ int h = pFile->h;
+#endif
+
+ assert( pFile );
+ OSTRACE(("UNLOCK %d %d was %d(%d,%d) pid=%d (afp)\n", pFile->h, eFileLock,
+ pFile->eFileLock, pFile->pInode->eFileLock, pFile->pInode->nShared,
+ osGetpid(0)));
+
+ assert( eFileLock<=SHARED_LOCK );
+ if( pFile->eFileLock<=eFileLock ){
+ return SQLITE_OK;
+ }
+ unixEnterMutex();
+ pInode = pFile->pInode;
+ assert( pInode->nShared!=0 );
+ if( pFile->eFileLock>SHARED_LOCK ){
+ assert( pInode->eFileLock==pFile->eFileLock );
+ SimulateIOErrorBenign(1);
+ SimulateIOError( h=(-1) )
+ SimulateIOErrorBenign(0);
+
+#ifdef SQLITE_DEBUG
+ /* When reducing a lock such that other processes can start
+ ** reading the database file again, make sure that the
+ ** transaction counter was updated if any part of the database
+ ** file changed. If the transaction counter is not updated,
+ ** other connections to the same file might not realize that
+ ** the file has changed and hence might not know to flush their
+ ** cache. The use of a stale cache can lead to database corruption.
+ */
+ assert( pFile->inNormalWrite==0
+ || pFile->dbUpdate==0
+ || pFile->transCntrChng==1 );
+ pFile->inNormalWrite = 0;
+#endif
+
+ if( pFile->eFileLock==EXCLUSIVE_LOCK ){
+ rc = afpSetLock(context->dbPath, pFile, SHARED_FIRST, SHARED_SIZE, 0);
+ if( rc==SQLITE_OK && (eFileLock==SHARED_LOCK || pInode->nShared>1) ){
+ /* only re-establish the shared lock if necessary */
+ int sharedLockByte = SHARED_FIRST+pInode->sharedByte;
+ rc = afpSetLock(context->dbPath, pFile, sharedLockByte, 1, 1);
+ } else {
+ skipShared = 1;
+ }
+ }
+ if( rc==SQLITE_OK && pFile->eFileLock>=PENDING_LOCK ){
+ rc = afpSetLock(context->dbPath, pFile, PENDING_BYTE, 1, 0);
+ }
+ if( rc==SQLITE_OK && pFile->eFileLock>=RESERVED_LOCK && context->reserved ){
+ rc = afpSetLock(context->dbPath, pFile, RESERVED_BYTE, 1, 0);
+ if( !rc ){
+ context->reserved = 0;
+ }
+ }
+ if( rc==SQLITE_OK && (eFileLock==SHARED_LOCK || pInode->nShared>1)){
+ pInode->eFileLock = SHARED_LOCK;
+ }
+ }
+ if( rc==SQLITE_OK && eFileLock==NO_LOCK ){
+
+ /* Decrement the shared lock counter. Release the lock using an
+ ** OS call only when all threads in this same process have released
+ ** the lock.
+ */
+ unsigned long long sharedLockByte = SHARED_FIRST+pInode->sharedByte;
+ pInode->nShared--;
+ if( pInode->nShared==0 ){
+ SimulateIOErrorBenign(1);
+ SimulateIOError( h=(-1) )
+ SimulateIOErrorBenign(0);
+ if( !skipShared ){
+ rc = afpSetLock(context->dbPath, pFile, sharedLockByte, 1, 0);
+ }
+ if( !rc ){
+ pInode->eFileLock = NO_LOCK;
+ pFile->eFileLock = NO_LOCK;
+ }
+ }
+ if( rc==SQLITE_OK ){
+ pInode->nLock--;
+ assert( pInode->nLock>=0 );
+ if( pInode->nLock==0 ){
+ closePendingFds(pFile);
+ }
+ }
+ }
+
+ unixLeaveMutex();
+ if( rc==SQLITE_OK ) pFile->eFileLock = eFileLock;
+ return rc;
+}
+
+/*
+** Close a file & cleanup AFP specific locking context
+*/
+static int afpClose(sqlite3_file *id) {
+ int rc = SQLITE_OK;
+ unixFile *pFile = (unixFile*)id;
+ assert( id!=0 );
+ afpUnlock(id, NO_LOCK);
+ unixEnterMutex();
+ if( pFile->pInode && pFile->pInode->nLock ){
+ /* If there are outstanding locks, do not actually close the file just
+ ** yet because that would clear those locks. Instead, add the file
+ ** descriptor to pInode->aPending. It will be automatically closed when
+ ** the last lock is cleared.
+ */
+ setPendingFd(pFile);
+ }
+ releaseInodeInfo(pFile);
+ sqlite3_free(pFile->lockingContext);
+ rc = closeUnixFile(id);
+ unixLeaveMutex();
+ return rc;
+}
+
+#endif /* defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE */
+/*
+** The code above is the AFP lock implementation. The code is specific
+** to MacOSX and does not work on other unix platforms. No alternative
+** is available. If you don't compile for a mac, then the "unix-afp"
+** VFS is not available.
+**
+********************* End of the AFP lock implementation **********************
+******************************************************************************/
+
+/******************************************************************************
+*************************** Begin NFS Locking ********************************/
+
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+/*
+ ** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+ ** must be either NO_LOCK or SHARED_LOCK.
+ **
+ ** If the locking level of the file descriptor is already at or below
+ ** the requested locking level, this routine is a no-op.
+ */
+static int nfsUnlock(sqlite3_file *id, int eFileLock){
+ return posixUnlock(id, eFileLock, 1);
+}
+
+#endif /* defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE */
+/*
+** The code above is the NFS lock implementation. The code is specific
+** to MacOSX and does not work on other unix platforms. No alternative
+** is available.
+**
+********************* End of the NFS lock implementation **********************
+******************************************************************************/
+
+/******************************************************************************
+**************** Non-locking sqlite3_file methods *****************************
+**
+** The next division contains implementations for all methods of the
+** sqlite3_file object other than the locking methods. The locking
+** methods were defined in divisions above (one locking method per
+** division). Those methods that are common to all locking modes
+** are gather together into this division.
+*/
+
+/*
+** Seek to the offset passed as the second argument, then read cnt
+** bytes into pBuf. Return the number of bytes actually read.
+**
+** NB: If you define USE_PREAD or USE_PREAD64, then it might also
+** be necessary to define _XOPEN_SOURCE to be 500. This varies from
+** one system to another. Since SQLite does not define USE_PREAD
+** in any form by default, we will not attempt to define _XOPEN_SOURCE.
+** See tickets #2741 and #2681.
+**
+** To avoid stomping the errno value on a failed read the lastErrno value
+** is set before returning.
+*/
+static int seekAndRead(unixFile *id, sqlite3_int64 offset, void *pBuf, int cnt){
+ int got;
+ int prior = 0;
+#if (!defined(USE_PREAD) && !defined(USE_PREAD64))
+ i64 newOffset;
+#endif
+ TIMER_START;
+ assert( cnt==(cnt&0x1ffff) );
+ assert( id->h>2 );
+ do{
+#if defined(USE_PREAD)
+ got = osPread(id->h, pBuf, cnt, offset);
+ SimulateIOError( got = -1 );
+#elif defined(USE_PREAD64)
+ got = osPread64(id->h, pBuf, cnt, offset);
+ SimulateIOError( got = -1 );
+#else
+ newOffset = lseek(id->h, offset, SEEK_SET);
+ SimulateIOError( newOffset = -1 );
+ if( newOffset<0 ){
+ storeLastErrno((unixFile*)id, errno);
+ return -1;
+ }
+ got = osRead(id->h, pBuf, cnt);
+#endif
+ if( got==cnt ) break;
+ if( got<0 ){
+ if( errno==EINTR ){ got = 1; continue; }
+ prior = 0;
+ storeLastErrno((unixFile*)id, errno);
+ break;
+ }else if( got>0 ){
+ cnt -= got;
+ offset += got;
+ prior += got;
+ pBuf = (void*)(got + (char*)pBuf);
+ }
+ }while( got>0 );
+ TIMER_END;
+ OSTRACE(("READ %-3d %5d %7lld %llu\n",
+ id->h, got+prior, offset-prior, TIMER_ELAPSED));
+ return got+prior;
+}
+
+/*
+** Read data from a file into a buffer. Return SQLITE_OK if all
+** bytes were read successfully and SQLITE_IOERR if anything goes
+** wrong.
+*/
+static int unixRead(
+ sqlite3_file *id,
+ void *pBuf,
+ int amt,
+ sqlite3_int64 offset
+){
+ unixFile *pFile = (unixFile *)id;
+ int got;
+ assert( id );
+ assert( offset>=0 );
+ assert( amt>0 );
+
+ /* If this is a database file (not a journal, master-journal or temp
+ ** file), the bytes in the locking range should never be read or written. */
+#if 0
+ assert( pFile->pUnused==0
+ || offset>=PENDING_BYTE+512
+ || offset+amt<=PENDING_BYTE
+ );
+#endif
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ /* Deal with as much of this read request as possible by transfering
+ ** data from the memory mapping using memcpy(). */
+ if( offset<pFile->mmapSize ){
+ if( offset+amt <= pFile->mmapSize ){
+ memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], amt);
+ return SQLITE_OK;
+ }else{
+ int nCopy = pFile->mmapSize - offset;
+ memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], nCopy);
+ pBuf = &((u8 *)pBuf)[nCopy];
+ amt -= nCopy;
+ offset += nCopy;
+ }
+ }
+#endif
+
+ got = seekAndRead(pFile, offset, pBuf, amt);
+ if( got==amt ){
+ return SQLITE_OK;
+ }else if( got<0 ){
+ /* lastErrno set by seekAndRead */
+ return SQLITE_IOERR_READ;
+ }else{
+ storeLastErrno(pFile, 0); /* not a system error */
+ /* Unread parts of the buffer must be zero-filled */
+ memset(&((char*)pBuf)[got], 0, amt-got);
+ return SQLITE_IOERR_SHORT_READ;
+ }
+}
+
+/*
+** Attempt to seek the file-descriptor passed as the first argument to
+** absolute offset iOff, then attempt to write nBuf bytes of data from
+** pBuf to it. If an error occurs, return -1 and set *piErrno. Otherwise,
+** return the actual number of bytes written (which may be less than
+** nBuf).
+*/
+static int seekAndWriteFd(
+ int fd, /* File descriptor to write to */
+ i64 iOff, /* File offset to begin writing at */
+ const void *pBuf, /* Copy data from this buffer to the file */
+ int nBuf, /* Size of buffer pBuf in bytes */
+ int *piErrno /* OUT: Error number if error occurs */
+){
+ int rc = 0; /* Value returned by system call */
+
+ assert( nBuf==(nBuf&0x1ffff) );
+ assert( fd>2 );
+ assert( piErrno!=0 );
+ nBuf &= 0x1ffff;
+ TIMER_START;
+
+#if defined(USE_PREAD)
+ do{ rc = (int)osPwrite(fd, pBuf, nBuf, iOff); }while( rc<0 && errno==EINTR );
+#elif defined(USE_PREAD64)
+ do{ rc = (int)osPwrite64(fd, pBuf, nBuf, iOff);}while( rc<0 && errno==EINTR);
+#else
+ do{
+ i64 iSeek = lseek(fd, iOff, SEEK_SET);
+ SimulateIOError( iSeek = -1 );
+ if( iSeek<0 ){
+ rc = -1;
+ break;
+ }
+ rc = osWrite(fd, pBuf, nBuf);
+ }while( rc<0 && errno==EINTR );
+#endif
+
+ TIMER_END;
+ OSTRACE(("WRITE %-3d %5d %7lld %llu\n", fd, rc, iOff, TIMER_ELAPSED));
+
+ if( rc<0 ) *piErrno = errno;
+ return rc;
+}
+
+
+/*
+** Seek to the offset in id->offset then read cnt bytes into pBuf.
+** Return the number of bytes actually read. Update the offset.
+**
+** To avoid stomping the errno value on a failed write the lastErrno value
+** is set before returning.
+*/
+static int seekAndWrite(unixFile *id, i64 offset, const void *pBuf, int cnt){
+ return seekAndWriteFd(id->h, offset, pBuf, cnt, &id->lastErrno);
+}
+
+
+/*
+** Write data from a buffer into a file. Return SQLITE_OK on success
+** or some other error code on failure.
+*/
+static int unixWrite(
+ sqlite3_file *id,
+ const void *pBuf,
+ int amt,
+ sqlite3_int64 offset
+){
+ unixFile *pFile = (unixFile*)id;
+ int wrote = 0;
+ assert( id );
+ assert( amt>0 );
+
+ /* If this is a database file (not a journal, master-journal or temp
+ ** file), the bytes in the locking range should never be read or written. */
+#if 0
+ assert( pFile->pUnused==0
+ || offset>=PENDING_BYTE+512
+ || offset+amt<=PENDING_BYTE
+ );
+#endif
+
+#ifdef SQLITE_DEBUG
+ /* If we are doing a normal write to a database file (as opposed to
+ ** doing a hot-journal rollback or a write to some file other than a
+ ** normal database file) then record the fact that the database
+ ** has changed. If the transaction counter is modified, record that
+ ** fact too.
+ */
+ if( pFile->inNormalWrite ){
+ pFile->dbUpdate = 1; /* The database has been modified */
+ if( offset<=24 && offset+amt>=27 ){
+ int rc;
+ char oldCntr[4];
+ SimulateIOErrorBenign(1);
+ rc = seekAndRead(pFile, 24, oldCntr, 4);
+ SimulateIOErrorBenign(0);
+ if( rc!=4 || memcmp(oldCntr, &((char*)pBuf)[24-offset], 4)!=0 ){
+ pFile->transCntrChng = 1; /* The transaction counter has changed */
+ }
+ }
+ }
+#endif
+
+#if defined(SQLITE_MMAP_READWRITE) && SQLITE_MAX_MMAP_SIZE>0
+ /* Deal with as much of this write request as possible by transfering
+ ** data from the memory mapping using memcpy(). */
+ if( offset<pFile->mmapSize ){
+ if( offset+amt <= pFile->mmapSize ){
+ memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, amt);
+ return SQLITE_OK;
+ }else{
+ int nCopy = pFile->mmapSize - offset;
+ memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, nCopy);
+ pBuf = &((u8 *)pBuf)[nCopy];
+ amt -= nCopy;
+ offset += nCopy;
+ }
+ }
+#endif
+
+ while( (wrote = seekAndWrite(pFile, offset, pBuf, amt))<amt && wrote>0 ){
+ amt -= wrote;
+ offset += wrote;
+ pBuf = &((char*)pBuf)[wrote];
+ }
+ SimulateIOError(( wrote=(-1), amt=1 ));
+ SimulateDiskfullError(( wrote=0, amt=1 ));
+
+ if( amt>wrote ){
+ if( wrote<0 && pFile->lastErrno!=ENOSPC ){
+ /* lastErrno set by seekAndWrite */
+ return SQLITE_IOERR_WRITE;
+ }else{
+ storeLastErrno(pFile, 0); /* not a system error */
+ return SQLITE_FULL;
+ }
+ }
+
+ return SQLITE_OK;
+}
+
+#ifdef SQLITE_TEST
+/*
+** Count the number of fullsyncs and normal syncs. This is used to test
+** that syncs and fullsyncs are occurring at the right times.
+*/
+SQLITE_API int sqlite3_sync_count = 0;
+SQLITE_API int sqlite3_fullsync_count = 0;
+#endif
+
+/*
+** We do not trust systems to provide a working fdatasync(). Some do.
+** Others do no. To be safe, we will stick with the (slightly slower)
+** fsync(). If you know that your system does support fdatasync() correctly,
+** then simply compile with -Dfdatasync=fdatasync or -DHAVE_FDATASYNC
+*/
+#if !defined(fdatasync) && !HAVE_FDATASYNC
+# define fdatasync fsync
+#endif
+
+/*
+** Define HAVE_FULLFSYNC to 0 or 1 depending on whether or not
+** the F_FULLFSYNC macro is defined. F_FULLFSYNC is currently
+** only available on Mac OS X. But that could change.
+*/
+#ifdef F_FULLFSYNC
+# define HAVE_FULLFSYNC 1
+#else
+# define HAVE_FULLFSYNC 0
+#endif
+
+
+/*
+** The fsync() system call does not work as advertised on many
+** unix systems. The following procedure is an attempt to make
+** it work better.
+**
+** The SQLITE_NO_SYNC macro disables all fsync()s. This is useful
+** for testing when we want to run through the test suite quickly.
+** You are strongly advised *not* to deploy with SQLITE_NO_SYNC
+** enabled, however, since with SQLITE_NO_SYNC enabled, an OS crash
+** or power failure will likely corrupt the database file.
+**
+** SQLite sets the dataOnly flag if the size of the file is unchanged.
+** The idea behind dataOnly is that it should only write the file content
+** to disk, not the inode. We only set dataOnly if the file size is
+** unchanged since the file size is part of the inode. However,
+** Ted Ts'o tells us that fdatasync() will also write the inode if the
+** file size has changed. The only real difference between fdatasync()
+** and fsync(), Ted tells us, is that fdatasync() will not flush the
+** inode if the mtime or owner or other inode attributes have changed.
+** We only care about the file size, not the other file attributes, so
+** as far as SQLite is concerned, an fdatasync() is always adequate.
+** So, we always use fdatasync() if it is available, regardless of
+** the value of the dataOnly flag.
+*/
+static int full_fsync(int fd, int fullSync, int dataOnly){
+ int rc;
+
+ /* The following "ifdef/elif/else/" block has the same structure as
+ ** the one below. It is replicated here solely to avoid cluttering
+ ** up the real code with the UNUSED_PARAMETER() macros.
+ */
+#ifdef SQLITE_NO_SYNC
+ UNUSED_PARAMETER(fd);
+ UNUSED_PARAMETER(fullSync);
+ UNUSED_PARAMETER(dataOnly);
+#elif HAVE_FULLFSYNC
+ UNUSED_PARAMETER(dataOnly);
+#else
+ UNUSED_PARAMETER(fullSync);
+ UNUSED_PARAMETER(dataOnly);
+#endif
+
+ /* Record the number of times that we do a normal fsync() and
+ ** FULLSYNC. This is used during testing to verify that this procedure
+ ** gets called with the correct arguments.
+ */
+#ifdef SQLITE_TEST
+ if( fullSync ) sqlite3_fullsync_count++;
+ sqlite3_sync_count++;
+#endif
+
+ /* If we compiled with the SQLITE_NO_SYNC flag, then syncing is a
+ ** no-op. But go ahead and call fstat() to validate the file
+ ** descriptor as we need a method to provoke a failure during
+ ** coverate testing.
+ */
+#ifdef SQLITE_NO_SYNC
+ {
+ struct stat buf;
+ rc = osFstat(fd, &buf);
+ }
+#elif HAVE_FULLFSYNC
+ if( fullSync ){
+ rc = osFcntl(fd, F_FULLFSYNC, 0);
+ }else{
+ rc = 1;
+ }
+ /* If the FULLFSYNC failed, fall back to attempting an fsync().
+ ** It shouldn't be possible for fullfsync to fail on the local
+ ** file system (on OSX), so failure indicates that FULLFSYNC
+ ** isn't supported for this file system. So, attempt an fsync
+ ** and (for now) ignore the overhead of a superfluous fcntl call.
+ ** It'd be better to detect fullfsync support once and avoid
+ ** the fcntl call every time sync is called.
+ */
+ if( rc ) rc = fsync(fd);
+
+#elif defined(__APPLE__)
+ /* fdatasync() on HFS+ doesn't yet flush the file size if it changed correctly
+ ** so currently we default to the macro that redefines fdatasync to fsync
+ */
+ rc = fsync(fd);
+#else
+ rc = fdatasync(fd);
+#if OS_VXWORKS
+ if( rc==-1 && errno==ENOTSUP ){
+ rc = fsync(fd);
+ }
+#endif /* OS_VXWORKS */
+#endif /* ifdef SQLITE_NO_SYNC elif HAVE_FULLFSYNC */
+
+ if( OS_VXWORKS && rc!= -1 ){
+ rc = 0;
+ }
+ return rc;
+}
+
+/*
+** Open a file descriptor to the directory containing file zFilename.
+** If successful, *pFd is set to the opened file descriptor and
+** SQLITE_OK is returned. If an error occurs, either SQLITE_NOMEM
+** or SQLITE_CANTOPEN is returned and *pFd is set to an undefined
+** value.
+**
+** The directory file descriptor is used for only one thing - to
+** fsync() a directory to make sure file creation and deletion events
+** are flushed to disk. Such fsyncs are not needed on newer
+** journaling filesystems, but are required on older filesystems.
+**
+** This routine can be overridden using the xSetSysCall interface.
+** The ability to override this routine was added in support of the
+** chromium sandbox. Opening a directory is a security risk (we are
+** told) so making it overrideable allows the chromium sandbox to
+** replace this routine with a harmless no-op. To make this routine
+** a no-op, replace it with a stub that returns SQLITE_OK but leaves
+** *pFd set to a negative number.
+**
+** If SQLITE_OK is returned, the caller is responsible for closing
+** the file descriptor *pFd using close().
+*/
+static int openDirectory(const char *zFilename, int *pFd){
+ int ii;
+ int fd = -1;
+ char zDirname[MAX_PATHNAME+1];
+
+ sqlite3_snprintf(MAX_PATHNAME, zDirname, "%s", zFilename);
+ for(ii=(int)strlen(zDirname); ii>0 && zDirname[ii]!='/'; ii--);
+ if( ii>0 ){
+ zDirname[ii] = '\0';
+ }else{
+ if( zDirname[0]!='/' ) zDirname[0] = '.';
+ zDirname[1] = 0;
+ }
+ fd = robust_open(zDirname, O_RDONLY|O_BINARY, 0);
+ if( fd>=0 ){
+ OSTRACE(("OPENDIR %-3d %s\n", fd, zDirname));
+ }
+ *pFd = fd;
+ if( fd>=0 ) return SQLITE_OK;
+ return unixLogError(SQLITE_CANTOPEN_BKPT, "openDirectory", zDirname);
+}
+
+/*
+** Make sure all writes to a particular file are committed to disk.
+**
+** If dataOnly==0 then both the file itself and its metadata (file
+** size, access time, etc) are synced. If dataOnly!=0 then only the
+** file data is synced.
+**
+** Under Unix, also make sure that the directory entry for the file
+** has been created by fsync-ing the directory that contains the file.
+** If we do not do this and we encounter a power failure, the directory
+** entry for the journal might not exist after we reboot. The next
+** SQLite to access the file will not know that the journal exists (because
+** the directory entry for the journal was never created) and the transaction
+** will not roll back - possibly leading to database corruption.
+*/
+static int unixSync(sqlite3_file *id, int flags){
+ int rc;
+ unixFile *pFile = (unixFile*)id;
+
+ int isDataOnly = (flags&SQLITE_SYNC_DATAONLY);
+ int isFullsync = (flags&0x0F)==SQLITE_SYNC_FULL;
+
+ /* Check that one of SQLITE_SYNC_NORMAL or FULL was passed */
+ assert((flags&0x0F)==SQLITE_SYNC_NORMAL
+ || (flags&0x0F)==SQLITE_SYNC_FULL
+ );
+
+ /* Unix cannot, but some systems may return SQLITE_FULL from here. This
+ ** line is to test that doing so does not cause any problems.
+ */
+ SimulateDiskfullError( return SQLITE_FULL );
+
+ assert( pFile );
+ OSTRACE(("SYNC %-3d\n", pFile->h));
+ rc = full_fsync(pFile->h, isFullsync, isDataOnly);
+ SimulateIOError( rc=1 );
+ if( rc ){
+ storeLastErrno(pFile, errno);
+ return unixLogError(SQLITE_IOERR_FSYNC, "full_fsync", pFile->zPath);
+ }
+
+ /* Also fsync the directory containing the file if the DIRSYNC flag
+ ** is set. This is a one-time occurrence. Many systems (examples: AIX)
+ ** are unable to fsync a directory, so ignore errors on the fsync.
+ */
+ if( pFile->ctrlFlags & UNIXFILE_DIRSYNC ){
+ int dirfd;
+ OSTRACE(("DIRSYNC %s (have_fullfsync=%d fullsync=%d)\n", pFile->zPath,
+ HAVE_FULLFSYNC, isFullsync));
+ rc = osOpenDirectory(pFile->zPath, &dirfd);
+ if( rc==SQLITE_OK ){
+ full_fsync(dirfd, 0, 0);
+ robust_close(pFile, dirfd, __LINE__);
+ }else{
+ assert( rc==SQLITE_CANTOPEN );
+ rc = SQLITE_OK;
+ }
+ pFile->ctrlFlags &= ~UNIXFILE_DIRSYNC;
+ }
+ return rc;
+}
+
+/*
+** Truncate an open file to a specified size
+*/
+static int unixTruncate(sqlite3_file *id, i64 nByte){
+ unixFile *pFile = (unixFile *)id;
+ int rc;
+ assert( pFile );
+ SimulateIOError( return SQLITE_IOERR_TRUNCATE );
+
+ /* If the user has configured a chunk-size for this file, truncate the
+ ** file so that it consists of an integer number of chunks (i.e. the
+ ** actual file size after the operation may be larger than the requested
+ ** size).
+ */
+ if( pFile->szChunk>0 ){
+ nByte = ((nByte + pFile->szChunk - 1)/pFile->szChunk) * pFile->szChunk;
+ }
+
+ rc = robust_ftruncate(pFile->h, nByte);
+ if( rc ){
+ storeLastErrno(pFile, errno);
+ return unixLogError(SQLITE_IOERR_TRUNCATE, "ftruncate", pFile->zPath);
+ }else{
+#ifdef SQLITE_DEBUG
+ /* If we are doing a normal write to a database file (as opposed to
+ ** doing a hot-journal rollback or a write to some file other than a
+ ** normal database file) and we truncate the file to zero length,
+ ** that effectively updates the change counter. This might happen
+ ** when restoring a database using the backup API from a zero-length
+ ** source.
+ */
+ if( pFile->inNormalWrite && nByte==0 ){
+ pFile->transCntrChng = 1;
+ }
+#endif
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ /* If the file was just truncated to a size smaller than the currently
+ ** mapped region, reduce the effective mapping size as well. SQLite will
+ ** use read() and write() to access data beyond this point from now on.
+ */
+ if( nByte<pFile->mmapSize ){
+ pFile->mmapSize = nByte;
+ }
+#endif
+
+ return SQLITE_OK;
+ }
+}
+
+/*
+** Determine the current size of a file in bytes
+*/
+static int unixFileSize(sqlite3_file *id, i64 *pSize){
+ int rc;
+ struct stat buf;
+ assert( id );
+ rc = osFstat(((unixFile*)id)->h, &buf);
+ SimulateIOError( rc=1 );
+ if( rc!=0 ){
+ storeLastErrno((unixFile*)id, errno);
+ return SQLITE_IOERR_FSTAT;
+ }
+ *pSize = buf.st_size;
+
+ /* When opening a zero-size database, the findInodeInfo() procedure
+ ** writes a single byte into that file in order to work around a bug
+ ** in the OS-X msdos filesystem. In order to avoid problems with upper
+ ** layers, we need to report this file size as zero even though it is
+ ** really 1. Ticket #3260.
+ */
+ if( *pSize==1 ) *pSize = 0;
+
+
+ return SQLITE_OK;
+}
+
+#if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__)
+/*
+** Handler for proxy-locking file-control verbs. Defined below in the
+** proxying locking division.
+*/
+static int proxyFileControl(sqlite3_file*,int,void*);
+#endif
+
+/*
+** This function is called to handle the SQLITE_FCNTL_SIZE_HINT
+** file-control operation. Enlarge the database to nBytes in size
+** (rounded up to the next chunk-size). If the database is already
+** nBytes or larger, this routine is a no-op.
+*/
+static int fcntlSizeHint(unixFile *pFile, i64 nByte){
+ if( pFile->szChunk>0 ){
+ i64 nSize; /* Required file size */
+ struct stat buf; /* Used to hold return values of fstat() */
+
+ if( osFstat(pFile->h, &buf) ){
+ return SQLITE_IOERR_FSTAT;
+ }
+
+ nSize = ((nByte+pFile->szChunk-1) / pFile->szChunk) * pFile->szChunk;
+ if( nSize>(i64)buf.st_size ){
+
+#if defined(HAVE_POSIX_FALLOCATE) && HAVE_POSIX_FALLOCATE
+ /* The code below is handling the return value of osFallocate()
+ ** correctly. posix_fallocate() is defined to "returns zero on success,
+ ** or an error number on failure". See the manpage for details. */
+ int err;
+ do{
+ err = osFallocate(pFile->h, buf.st_size, nSize-buf.st_size);
+ }while( err==EINTR );
+ if( err ) return SQLITE_IOERR_WRITE;
+#else
+ /* If the OS does not have posix_fallocate(), fake it. Write a
+ ** single byte to the last byte in each block that falls entirely
+ ** within the extended region. Then, if required, a single byte
+ ** at offset (nSize-1), to set the size of the file correctly.
+ ** This is a similar technique to that used by glibc on systems
+ ** that do not have a real fallocate() call.
+ */
+ int nBlk = buf.st_blksize; /* File-system block size */
+ int nWrite = 0; /* Number of bytes written by seekAndWrite */
+ i64 iWrite; /* Next offset to write to */
+
+ iWrite = (buf.st_size/nBlk)*nBlk + nBlk - 1;
+ assert( iWrite>=buf.st_size );
+ assert( ((iWrite+1)%nBlk)==0 );
+ for(/*no-op*/; iWrite<nSize+nBlk-1; iWrite+=nBlk ){
+ if( iWrite>=nSize ) iWrite = nSize - 1;
+ nWrite = seekAndWrite(pFile, iWrite, "", 1);
+ if( nWrite!=1 ) return SQLITE_IOERR_WRITE;
+ }
+#endif
+ }
+ }
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ if( pFile->mmapSizeMax>0 && nByte>pFile->mmapSize ){
+ int rc;
+ if( pFile->szChunk<=0 ){
+ if( robust_ftruncate(pFile->h, nByte) ){
+ storeLastErrno(pFile, errno);
+ return unixLogError(SQLITE_IOERR_TRUNCATE, "ftruncate", pFile->zPath);
+ }
+ }
+
+ rc = unixMapfile(pFile, nByte);
+ return rc;
+ }
+#endif
+
+ return SQLITE_OK;
+}
+
+/*
+** If *pArg is initially negative then this is a query. Set *pArg to
+** 1 or 0 depending on whether or not bit mask of pFile->ctrlFlags is set.
+**
+** If *pArg is 0 or 1, then clear or set the mask bit of pFile->ctrlFlags.
+*/
+static void unixModeBit(unixFile *pFile, unsigned char mask, int *pArg){
+ if( *pArg<0 ){
+ *pArg = (pFile->ctrlFlags & mask)!=0;
+ }else if( (*pArg)==0 ){
+ pFile->ctrlFlags &= ~mask;
+ }else{
+ pFile->ctrlFlags |= mask;
+ }
+}
+
+/* Forward declaration */
+static int unixGetTempname(int nBuf, char *zBuf);
+
+/*
+** Information and control of an open file handle.
+*/
+static int unixFileControl(sqlite3_file *id, int op, void *pArg){
+ unixFile *pFile = (unixFile*)id;
+ switch( op ){
+ case SQLITE_FCNTL_LOCKSTATE: {
+ *(int*)pArg = pFile->eFileLock;
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_LAST_ERRNO: {
+ *(int*)pArg = pFile->lastErrno;
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_CHUNK_SIZE: {
+ pFile->szChunk = *(int *)pArg;
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_SIZE_HINT: {
+ int rc;
+ SimulateIOErrorBenign(1);
+ rc = fcntlSizeHint(pFile, *(i64 *)pArg);
+ SimulateIOErrorBenign(0);
+ return rc;
+ }
+ case SQLITE_FCNTL_PERSIST_WAL: {
+ unixModeBit(pFile, UNIXFILE_PERSIST_WAL, (int*)pArg);
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_POWERSAFE_OVERWRITE: {
+ unixModeBit(pFile, UNIXFILE_PSOW, (int*)pArg);
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_VFSNAME: {
+ *(char**)pArg = sqlite3_mprintf("%s", pFile->pVfs->zName);
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_TEMPFILENAME: {
+ char *zTFile = sqlite3_malloc64( pFile->pVfs->mxPathname );
+ if( zTFile ){
+ unixGetTempname(pFile->pVfs->mxPathname, zTFile);
+ *(char**)pArg = zTFile;
+ }
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_HAS_MOVED: {
+ *(int*)pArg = fileHasMoved(pFile);
+ return SQLITE_OK;
+ }
+#if SQLITE_MAX_MMAP_SIZE>0
+ case SQLITE_FCNTL_MMAP_SIZE: {
+ i64 newLimit = *(i64*)pArg;
+ int rc = SQLITE_OK;
+ if( newLimit>sqlite3GlobalConfig.mxMmap ){
+ newLimit = sqlite3GlobalConfig.mxMmap;
+ }
+ *(i64*)pArg = pFile->mmapSizeMax;
+ if( newLimit>=0 && newLimit!=pFile->mmapSizeMax && pFile->nFetchOut==0 ){
+ pFile->mmapSizeMax = newLimit;
+ if( pFile->mmapSize>0 ){
+ unixUnmapfile(pFile);
+ rc = unixMapfile(pFile, -1);
+ }
+ }
+ return rc;
+ }
+#endif
+#ifdef SQLITE_DEBUG
+ /* The pager calls this method to signal that it has done
+ ** a rollback and that the database is therefore unchanged and
+ ** it hence it is OK for the transaction change counter to be
+ ** unchanged.
+ */
+ case SQLITE_FCNTL_DB_UNCHANGED: {
+ ((unixFile*)id)->dbUpdate = 0;
+ return SQLITE_OK;
+ }
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__)
+ case SQLITE_FCNTL_SET_LOCKPROXYFILE:
+ case SQLITE_FCNTL_GET_LOCKPROXYFILE: {
+ return proxyFileControl(id,op,pArg);
+ }
+#endif /* SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__) */
+ }
+ return SQLITE_NOTFOUND;
+}
+
+/*
+** Return the sector size in bytes of the underlying block device for
+** the specified file. This is almost always 512 bytes, but may be
+** larger for some devices.
+**
+** SQLite code assumes this function cannot fail. It also assumes that
+** if two files are created in the same file-system directory (i.e.
+** a database and its journal file) that the sector size will be the
+** same for both.
+*/
+#ifndef __QNXNTO__
+static int unixSectorSize(sqlite3_file *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ return SQLITE_DEFAULT_SECTOR_SIZE;
+}
+#endif
+
+/*
+** The following version of unixSectorSize() is optimized for QNX.
+*/
+#ifdef __QNXNTO__
+#include <sys/dcmd_blk.h>
+#include <sys/statvfs.h>
+static int unixSectorSize(sqlite3_file *id){
+ unixFile *pFile = (unixFile*)id;
+ if( pFile->sectorSize == 0 ){
+ struct statvfs fsInfo;
+
+ /* Set defaults for non-supported filesystems */
+ pFile->sectorSize = SQLITE_DEFAULT_SECTOR_SIZE;
+ pFile->deviceCharacteristics = 0;
+ if( fstatvfs(pFile->h, &fsInfo) == -1 ) {
+ return pFile->sectorSize;
+ }
+
+ if( !strcmp(fsInfo.f_basetype, "tmp") ) {
+ pFile->sectorSize = fsInfo.f_bsize;
+ pFile->deviceCharacteristics =
+ SQLITE_IOCAP_ATOMIC4K | /* All ram filesystem writes are atomic */
+ SQLITE_IOCAP_SAFE_APPEND | /* growing the file does not occur until
+ ** the write succeeds */
+ SQLITE_IOCAP_SEQUENTIAL | /* The ram filesystem has no write behind
+ ** so it is ordered */
+ 0;
+ }else if( strstr(fsInfo.f_basetype, "etfs") ){
+ pFile->sectorSize = fsInfo.f_bsize;
+ pFile->deviceCharacteristics =
+ /* etfs cluster size writes are atomic */
+ (pFile->sectorSize / 512 * SQLITE_IOCAP_ATOMIC512) |
+ SQLITE_IOCAP_SAFE_APPEND | /* growing the file does not occur until
+ ** the write succeeds */
+ SQLITE_IOCAP_SEQUENTIAL | /* The ram filesystem has no write behind
+ ** so it is ordered */
+ 0;
+ }else if( !strcmp(fsInfo.f_basetype, "qnx6") ){
+ pFile->sectorSize = fsInfo.f_bsize;
+ pFile->deviceCharacteristics =
+ SQLITE_IOCAP_ATOMIC | /* All filesystem writes are atomic */
+ SQLITE_IOCAP_SAFE_APPEND | /* growing the file does not occur until
+ ** the write succeeds */
+ SQLITE_IOCAP_SEQUENTIAL | /* The ram filesystem has no write behind
+ ** so it is ordered */
+ 0;
+ }else if( !strcmp(fsInfo.f_basetype, "qnx4") ){
+ pFile->sectorSize = fsInfo.f_bsize;
+ pFile->deviceCharacteristics =
+ /* full bitset of atomics from max sector size and smaller */
+ ((pFile->sectorSize / 512 * SQLITE_IOCAP_ATOMIC512) << 1) - 2 |
+ SQLITE_IOCAP_SEQUENTIAL | /* The ram filesystem has no write behind
+ ** so it is ordered */
+ 0;
+ }else if( strstr(fsInfo.f_basetype, "dos") ){
+ pFile->sectorSize = fsInfo.f_bsize;
+ pFile->deviceCharacteristics =
+ /* full bitset of atomics from max sector size and smaller */
+ ((pFile->sectorSize / 512 * SQLITE_IOCAP_ATOMIC512) << 1) - 2 |
+ SQLITE_IOCAP_SEQUENTIAL | /* The ram filesystem has no write behind
+ ** so it is ordered */
+ 0;
+ }else{
+ pFile->deviceCharacteristics =
+ SQLITE_IOCAP_ATOMIC512 | /* blocks are atomic */
+ SQLITE_IOCAP_SAFE_APPEND | /* growing the file does not occur until
+ ** the write succeeds */
+ 0;
+ }
+ }
+ /* Last chance verification. If the sector size isn't a multiple of 512
+ ** then it isn't valid.*/
+ if( pFile->sectorSize % 512 != 0 ){
+ pFile->deviceCharacteristics = 0;
+ pFile->sectorSize = SQLITE_DEFAULT_SECTOR_SIZE;
+ }
+ return pFile->sectorSize;
+}
+#endif /* __QNXNTO__ */
+
+/*
+** Return the device characteristics for the file.
+**
+** This VFS is set up to return SQLITE_IOCAP_POWERSAFE_OVERWRITE by default.
+** However, that choice is controversial since technically the underlying
+** file system does not always provide powersafe overwrites. (In other
+** words, after a power-loss event, parts of the file that were never
+** written might end up being altered.) However, non-PSOW behavior is very,
+** very rare. And asserting PSOW makes a large reduction in the amount
+** of required I/O for journaling, since a lot of padding is eliminated.
+** Hence, while POWERSAFE_OVERWRITE is on by default, there is a file-control
+** available to turn it off and URI query parameter available to turn it off.
+*/
+static int unixDeviceCharacteristics(sqlite3_file *id){
+ unixFile *p = (unixFile*)id;
+ int rc = 0;
+#ifdef __QNXNTO__
+ if( p->sectorSize==0 ) unixSectorSize(id);
+ rc = p->deviceCharacteristics;
+#endif
+ if( p->ctrlFlags & UNIXFILE_PSOW ){
+ rc |= SQLITE_IOCAP_POWERSAFE_OVERWRITE;
+ }
+ return rc;
+}
+
+#if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+
+/*
+** Return the system page size.
+**
+** This function should not be called directly by other code in this file.
+** Instead, it should be called via macro osGetpagesize().
+*/
+static int unixGetpagesize(void){
+#if OS_VXWORKS
+ return 1024;
+#elif defined(_BSD_SOURCE)
+ return getpagesize();
+#else
+ return (int)sysconf(_SC_PAGESIZE);
+#endif
+}
+
+#endif /* !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0 */
+
+#ifndef SQLITE_OMIT_WAL
+
+/*
+** Object used to represent an shared memory buffer.
+**
+** When multiple threads all reference the same wal-index, each thread
+** has its own unixShm object, but they all point to a single instance
+** of this unixShmNode object. In other words, each wal-index is opened
+** only once per process.
+**
+** Each unixShmNode object is connected to a single unixInodeInfo object.
+** We could coalesce this object into unixInodeInfo, but that would mean
+** every open file that does not use shared memory (in other words, most
+** open files) would have to carry around this extra information. So
+** the unixInodeInfo object contains a pointer to this unixShmNode object
+** and the unixShmNode object is created only when needed.
+**
+** unixMutexHeld() must be true when creating or destroying
+** this object or while reading or writing the following fields:
+**
+** nRef
+**
+** The following fields are read-only after the object is created:
+**
+** fid
+** zFilename
+**
+** Either unixShmNode.mutex must be held or unixShmNode.nRef==0 and
+** unixMutexHeld() is true when reading or writing any other field
+** in this structure.
+*/
+struct unixShmNode {
+ unixInodeInfo *pInode; /* unixInodeInfo that owns this SHM node */
+ sqlite3_mutex *mutex; /* Mutex to access this object */
+ char *zFilename; /* Name of the mmapped file */
+ int h; /* Open file descriptor */
+ int szRegion; /* Size of shared-memory regions */
+ u16 nRegion; /* Size of array apRegion */
+ u8 isReadonly; /* True if read-only */
+ char **apRegion; /* Array of mapped shared-memory regions */
+ int nRef; /* Number of unixShm objects pointing to this */
+ unixShm *pFirst; /* All unixShm objects pointing to this */
+#ifdef SQLITE_DEBUG
+ u8 exclMask; /* Mask of exclusive locks held */
+ u8 sharedMask; /* Mask of shared locks held */
+ u8 nextShmId; /* Next available unixShm.id value */
+#endif
+};
+
+/*
+** Structure used internally by this VFS to record the state of an
+** open shared memory connection.
+**
+** The following fields are initialized when this object is created and
+** are read-only thereafter:
+**
+** unixShm.pFile
+** unixShm.id
+**
+** All other fields are read/write. The unixShm.pFile->mutex must be held
+** while accessing any read/write fields.
+*/
+struct unixShm {
+ unixShmNode *pShmNode; /* The underlying unixShmNode object */
+ unixShm *pNext; /* Next unixShm with the same unixShmNode */
+ u8 hasMutex; /* True if holding the unixShmNode mutex */
+ u8 id; /* Id of this connection within its unixShmNode */
+ u16 sharedMask; /* Mask of shared locks held */
+ u16 exclMask; /* Mask of exclusive locks held */
+};
+
+/*
+** Constants used for locking
+*/
+#define UNIX_SHM_BASE ((22+SQLITE_SHM_NLOCK)*4) /* first lock byte */
+#define UNIX_SHM_DMS (UNIX_SHM_BASE+SQLITE_SHM_NLOCK) /* deadman switch */
+
+/*
+** Apply posix advisory locks for all bytes from ofst through ofst+n-1.
+**
+** Locks block if the mask is exactly UNIX_SHM_C and are non-blocking
+** otherwise.
+*/
+static int unixShmSystemLock(
+ unixFile *pFile, /* Open connection to the WAL file */
+ int lockType, /* F_UNLCK, F_RDLCK, or F_WRLCK */
+ int ofst, /* First byte of the locking range */
+ int n /* Number of bytes to lock */
+){
+ unixShmNode *pShmNode; /* Apply locks to this open shared-memory segment */
+ struct flock f; /* The posix advisory locking structure */
+ int rc = SQLITE_OK; /* Result code form fcntl() */
+
+ /* Access to the unixShmNode object is serialized by the caller */
+ pShmNode = pFile->pInode->pShmNode;
+ assert( sqlite3_mutex_held(pShmNode->mutex) || pShmNode->nRef==0 );
+
+ /* Shared locks never span more than one byte */
+ assert( n==1 || lockType!=F_RDLCK );
+
+ /* Locks are within range */
+ assert( n>=1 && n<=SQLITE_SHM_NLOCK );
+
+ if( pShmNode->h>=0 ){
+ /* Initialize the locking parameters */
+ memset(&f, 0, sizeof(f));
+ f.l_type = lockType;
+ f.l_whence = SEEK_SET;
+ f.l_start = ofst;
+ f.l_len = n;
+
+ rc = osFcntl(pShmNode->h, F_SETLK, &f);
+ rc = (rc!=(-1)) ? SQLITE_OK : SQLITE_BUSY;
+ }
+
+ /* Update the global lock state and do debug tracing */
+#ifdef SQLITE_DEBUG
+ { u16 mask;
+ OSTRACE(("SHM-LOCK "));
+ mask = ofst>31 ? 0xffff : (1<<(ofst+n)) - (1<<ofst);
+ if( rc==SQLITE_OK ){
+ if( lockType==F_UNLCK ){
+ OSTRACE(("unlock %d ok", ofst));
+ pShmNode->exclMask &= ~mask;
+ pShmNode->sharedMask &= ~mask;
+ }else if( lockType==F_RDLCK ){
+ OSTRACE(("read-lock %d ok", ofst));
+ pShmNode->exclMask &= ~mask;
+ pShmNode->sharedMask |= mask;
+ }else{
+ assert( lockType==F_WRLCK );
+ OSTRACE(("write-lock %d ok", ofst));
+ pShmNode->exclMask |= mask;
+ pShmNode->sharedMask &= ~mask;
+ }
+ }else{
+ if( lockType==F_UNLCK ){
+ OSTRACE(("unlock %d failed", ofst));
+ }else if( lockType==F_RDLCK ){
+ OSTRACE(("read-lock failed"));
+ }else{
+ assert( lockType==F_WRLCK );
+ OSTRACE(("write-lock %d failed", ofst));
+ }
+ }
+ OSTRACE((" - afterwards %03x,%03x\n",
+ pShmNode->sharedMask, pShmNode->exclMask));
+ }
+#endif
+
+ return rc;
+}
+
+/*
+** Return the minimum number of 32KB shm regions that should be mapped at
+** a time, assuming that each mapping must be an integer multiple of the
+** current system page-size.
+**
+** Usually, this is 1. The exception seems to be systems that are configured
+** to use 64KB pages - in this case each mapping must cover at least two
+** shm regions.
+*/
+static int unixShmRegionPerMap(void){
+ int shmsz = 32*1024; /* SHM region size */
+ int pgsz = osGetpagesize(); /* System page size */
+ assert( ((pgsz-1)&pgsz)==0 ); /* Page size must be a power of 2 */
+ if( pgsz<shmsz ) return 1;
+ return pgsz/shmsz;
+}
+
+/*
+** Purge the unixShmNodeList list of all entries with unixShmNode.nRef==0.
+**
+** This is not a VFS shared-memory method; it is a utility function called
+** by VFS shared-memory methods.
+*/
+static void unixShmPurge(unixFile *pFd){
+ unixShmNode *p = pFd->pInode->pShmNode;
+ assert( unixMutexHeld() );
+ if( p && ALWAYS(p->nRef==0) ){
+ int nShmPerMap = unixShmRegionPerMap();
+ int i;
+ assert( p->pInode==pFd->pInode );
+ sqlite3_mutex_free(p->mutex);
+ for(i=0; i<p->nRegion; i+=nShmPerMap){
+ if( p->h>=0 ){
+ osMunmap(p->apRegion[i], p->szRegion);
+ }else{
+ sqlite3_free(p->apRegion[i]);
+ }
+ }
+ sqlite3_free(p->apRegion);
+ if( p->h>=0 ){
+ robust_close(pFd, p->h, __LINE__);
+ p->h = -1;
+ }
+ p->pInode->pShmNode = 0;
+ sqlite3_free(p);
+ }
+}
+
+/*
+** Open a shared-memory area associated with open database file pDbFd.
+** This particular implementation uses mmapped files.
+**
+** The file used to implement shared-memory is in the same directory
+** as the open database file and has the same name as the open database
+** file with the "-shm" suffix added. For example, if the database file
+** is "/home/user1/config.db" then the file that is created and mmapped
+** for shared memory will be called "/home/user1/config.db-shm".
+**
+** Another approach to is to use files in /dev/shm or /dev/tmp or an
+** some other tmpfs mount. But if a file in a different directory
+** from the database file is used, then differing access permissions
+** or a chroot() might cause two different processes on the same
+** database to end up using different files for shared memory -
+** meaning that their memory would not really be shared - resulting
+** in database corruption. Nevertheless, this tmpfs file usage
+** can be enabled at compile-time using -DSQLITE_SHM_DIRECTORY="/dev/shm"
+** or the equivalent. The use of the SQLITE_SHM_DIRECTORY compile-time
+** option results in an incompatible build of SQLite; builds of SQLite
+** that with differing SQLITE_SHM_DIRECTORY settings attempt to use the
+** same database file at the same time, database corruption will likely
+** result. The SQLITE_SHM_DIRECTORY compile-time option is considered
+** "unsupported" and may go away in a future SQLite release.
+**
+** When opening a new shared-memory file, if no other instances of that
+** file are currently open, in this process or in other processes, then
+** the file must be truncated to zero length or have its header cleared.
+**
+** If the original database file (pDbFd) is using the "unix-excl" VFS
+** that means that an exclusive lock is held on the database file and
+** that no other processes are able to read or write the database. In
+** that case, we do not really need shared memory. No shared memory
+** file is created. The shared memory will be simulated with heap memory.
+*/
+static int unixOpenSharedMemory(unixFile *pDbFd){
+ struct unixShm *p = 0; /* The connection to be opened */
+ struct unixShmNode *pShmNode; /* The underlying mmapped file */
+ int rc; /* Result code */
+ unixInodeInfo *pInode; /* The inode of fd */
+ char *zShmFilename; /* Name of the file used for SHM */
+ int nShmFilename; /* Size of the SHM filename in bytes */
+
+ /* Allocate space for the new unixShm object. */
+ p = sqlite3_malloc64( sizeof(*p) );
+ if( p==0 ) return SQLITE_NOMEM;
+ memset(p, 0, sizeof(*p));
+ assert( pDbFd->pShm==0 );
+
+ /* Check to see if a unixShmNode object already exists. Reuse an existing
+ ** one if present. Create a new one if necessary.
+ */
+ unixEnterMutex();
+ pInode = pDbFd->pInode;
+ pShmNode = pInode->pShmNode;
+ if( pShmNode==0 ){
+ struct stat sStat; /* fstat() info for database file */
+#ifndef SQLITE_SHM_DIRECTORY
+ const char *zBasePath = pDbFd->zPath;
+#endif
+
+ /* Call fstat() to figure out the permissions on the database file. If
+ ** a new *-shm file is created, an attempt will be made to create it
+ ** with the same permissions.
+ */
+ if( osFstat(pDbFd->h, &sStat) ){
+ rc = SQLITE_IOERR_FSTAT;
+ goto shm_open_err;
+ }
+
+#ifdef SQLITE_SHM_DIRECTORY
+ nShmFilename = sizeof(SQLITE_SHM_DIRECTORY) + 31;
+#else
+ nShmFilename = 6 + (int)strlen(zBasePath);
+#endif
+ pShmNode = sqlite3_malloc64( sizeof(*pShmNode) + nShmFilename );
+ if( pShmNode==0 ){
+ rc = SQLITE_NOMEM;
+ goto shm_open_err;
+ }
+ memset(pShmNode, 0, sizeof(*pShmNode)+nShmFilename);
+ zShmFilename = pShmNode->zFilename = (char*)&pShmNode[1];
+#ifdef SQLITE_SHM_DIRECTORY
+ sqlite3_snprintf(nShmFilename, zShmFilename,
+ SQLITE_SHM_DIRECTORY "/sqlite-shm-%x-%x",
+ (u32)sStat.st_ino, (u32)sStat.st_dev);
+#else
+ sqlite3_snprintf(nShmFilename, zShmFilename, "%s-shm", zBasePath);
+ sqlite3FileSuffix3(pDbFd->zPath, zShmFilename);
+#endif
+ pShmNode->h = -1;
+ pDbFd->pInode->pShmNode = pShmNode;
+ pShmNode->pInode = pDbFd->pInode;
+ pShmNode->mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
+ if( pShmNode->mutex==0 ){
+ rc = SQLITE_NOMEM;
+ goto shm_open_err;
+ }
+
+ if( pInode->bProcessLock==0 ){
+ int openFlags = O_RDWR | O_CREAT;
+ if( sqlite3_uri_boolean(pDbFd->zPath, "readonly_shm", 0) ){
+ openFlags = O_RDONLY;
+ pShmNode->isReadonly = 1;
+ }
+ pShmNode->h = robust_open(zShmFilename, openFlags, (sStat.st_mode&0777));
+ if( pShmNode->h<0 ){
+ rc = unixLogError(SQLITE_CANTOPEN_BKPT, "open", zShmFilename);
+ goto shm_open_err;
+ }
+
+ /* If this process is running as root, make sure that the SHM file
+ ** is owned by the same user that owns the original database. Otherwise,
+ ** the original owner will not be able to connect.
+ */
+ robustFchown(pShmNode->h, sStat.st_uid, sStat.st_gid);
+
+ /* Check to see if another process is holding the dead-man switch.
+ ** If not, truncate the file to zero length.
+ */
+ rc = SQLITE_OK;
+ if( unixShmSystemLock(pDbFd, F_WRLCK, UNIX_SHM_DMS, 1)==SQLITE_OK ){
+ if( robust_ftruncate(pShmNode->h, 0) ){
+ rc = unixLogError(SQLITE_IOERR_SHMOPEN, "ftruncate", zShmFilename);
+ }
+ }
+ if( rc==SQLITE_OK ){
+ rc = unixShmSystemLock(pDbFd, F_RDLCK, UNIX_SHM_DMS, 1);
+ }
+ if( rc ) goto shm_open_err;
+ }
+ }
+
+ /* Make the new connection a child of the unixShmNode */
+ p->pShmNode = pShmNode;
+#ifdef SQLITE_DEBUG
+ p->id = pShmNode->nextShmId++;
+#endif
+ pShmNode->nRef++;
+ pDbFd->pShm = p;
+ unixLeaveMutex();
+
+ /* The reference count on pShmNode has already been incremented under
+ ** the cover of the unixEnterMutex() mutex and the pointer from the
+ ** new (struct unixShm) object to the pShmNode has been set. All that is
+ ** left to do is to link the new object into the linked list starting
+ ** at pShmNode->pFirst. This must be done while holding the pShmNode->mutex
+ ** mutex.
+ */
+ sqlite3_mutex_enter(pShmNode->mutex);
+ p->pNext = pShmNode->pFirst;
+ pShmNode->pFirst = p;
+ sqlite3_mutex_leave(pShmNode->mutex);
+ return SQLITE_OK;
+
+ /* Jump here on any error */
+shm_open_err:
+ unixShmPurge(pDbFd); /* This call frees pShmNode if required */
+ sqlite3_free(p);
+ unixLeaveMutex();
+ return rc;
+}
+
+/*
+** This function is called to obtain a pointer to region iRegion of the
+** shared-memory associated with the database file fd. Shared-memory regions
+** are numbered starting from zero. Each shared-memory region is szRegion
+** bytes in size.
+**
+** If an error occurs, an error code is returned and *pp is set to NULL.
+**
+** Otherwise, if the bExtend parameter is 0 and the requested shared-memory
+** region has not been allocated (by any client, including one running in a
+** separate process), then *pp is set to NULL and SQLITE_OK returned. If
+** bExtend is non-zero and the requested shared-memory region has not yet
+** been allocated, it is allocated by this function.
+**
+** If the shared-memory region has already been allocated or is allocated by
+** this call as described above, then it is mapped into this processes
+** address space (if it is not already), *pp is set to point to the mapped
+** memory and SQLITE_OK returned.
+*/
+static int unixShmMap(
+ sqlite3_file *fd, /* Handle open on database file */
+ int iRegion, /* Region to retrieve */
+ int szRegion, /* Size of regions */
+ int bExtend, /* True to extend file if necessary */
+ void volatile **pp /* OUT: Mapped memory */
+){
+ unixFile *pDbFd = (unixFile*)fd;
+ unixShm *p;
+ unixShmNode *pShmNode;
+ int rc = SQLITE_OK;
+ int nShmPerMap = unixShmRegionPerMap();
+ int nReqRegion;
+
+ /* If the shared-memory file has not yet been opened, open it now. */
+ if( pDbFd->pShm==0 ){
+ rc = unixOpenSharedMemory(pDbFd);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+
+ p = pDbFd->pShm;
+ pShmNode = p->pShmNode;
+ sqlite3_mutex_enter(pShmNode->mutex);
+ assert( szRegion==pShmNode->szRegion || pShmNode->nRegion==0 );
+ assert( pShmNode->pInode==pDbFd->pInode );
+ assert( pShmNode->h>=0 || pDbFd->pInode->bProcessLock==1 );
+ assert( pShmNode->h<0 || pDbFd->pInode->bProcessLock==0 );
+
+ /* Minimum number of regions required to be mapped. */
+ nReqRegion = ((iRegion+nShmPerMap) / nShmPerMap) * nShmPerMap;
+
+ if( pShmNode->nRegion<nReqRegion ){
+ char **apNew; /* New apRegion[] array */
+ int nByte = nReqRegion*szRegion; /* Minimum required file size */
+ struct stat sStat; /* Used by fstat() */
+
+ pShmNode->szRegion = szRegion;
+
+ if( pShmNode->h>=0 ){
+ /* The requested region is not mapped into this processes address space.
+ ** Check to see if it has been allocated (i.e. if the wal-index file is
+ ** large enough to contain the requested region).
+ */
+ if( osFstat(pShmNode->h, &sStat) ){
+ rc = SQLITE_IOERR_SHMSIZE;
+ goto shmpage_out;
+ }
+
+ if( sStat.st_size<nByte ){
+ /* The requested memory region does not exist. If bExtend is set to
+ ** false, exit early. *pp will be set to NULL and SQLITE_OK returned.
+ */
+ if( !bExtend ){
+ goto shmpage_out;
+ }
+
+ /* Alternatively, if bExtend is true, extend the file. Do this by
+ ** writing a single byte to the end of each (OS) page being
+ ** allocated or extended. Technically, we need only write to the
+ ** last page in order to extend the file. But writing to all new
+ ** pages forces the OS to allocate them immediately, which reduces
+ ** the chances of SIGBUS while accessing the mapped region later on.
+ */
+ else{
+ static const int pgsz = 4096;
+ int iPg;
+
+ /* Write to the last byte of each newly allocated or extended page */
+ assert( (nByte % pgsz)==0 );
+ for(iPg=(sStat.st_size/pgsz); iPg<(nByte/pgsz); iPg++){
+ int x = 0;
+ if( seekAndWriteFd(pShmNode->h, iPg*pgsz + pgsz-1, "", 1, &x)!=1 ){
+ const char *zFile = pShmNode->zFilename;
+ rc = unixLogError(SQLITE_IOERR_SHMSIZE, "write", zFile);
+ goto shmpage_out;
+ }
+ }
+ }
+ }
+ }
+
+ /* Map the requested memory region into this processes address space. */
+ apNew = (char **)sqlite3_realloc(
+ pShmNode->apRegion, nReqRegion*sizeof(char *)
+ );
+ if( !apNew ){
+ rc = SQLITE_IOERR_NOMEM;
+ goto shmpage_out;
+ }
+ pShmNode->apRegion = apNew;
+ while( pShmNode->nRegion<nReqRegion ){
+ int nMap = szRegion*nShmPerMap;
+ int i;
+ void *pMem;
+ if( pShmNode->h>=0 ){
+ pMem = osMmap(0, nMap,
+ pShmNode->isReadonly ? PROT_READ : PROT_READ|PROT_WRITE,
+ MAP_SHARED, pShmNode->h, szRegion*(i64)pShmNode->nRegion
+ );
+ if( pMem==MAP_FAILED ){
+ rc = unixLogError(SQLITE_IOERR_SHMMAP, "mmap", pShmNode->zFilename);
+ goto shmpage_out;
+ }
+ }else{
+ pMem = sqlite3_malloc64(szRegion);
+ if( pMem==0 ){
+ rc = SQLITE_NOMEM;
+ goto shmpage_out;
+ }
+ memset(pMem, 0, szRegion);
+ }
+
+ for(i=0; i<nShmPerMap; i++){
+ pShmNode->apRegion[pShmNode->nRegion+i] = &((char*)pMem)[szRegion*i];
+ }
+ pShmNode->nRegion += nShmPerMap;
+ }
+ }
+
+shmpage_out:
+ if( pShmNode->nRegion>iRegion ){
+ *pp = pShmNode->apRegion[iRegion];
+ }else{
+ *pp = 0;
+ }
+ if( pShmNode->isReadonly && rc==SQLITE_OK ) rc = SQLITE_READONLY;
+ sqlite3_mutex_leave(pShmNode->mutex);
+ return rc;
+}
+
+/*
+** Change the lock state for a shared-memory segment.
+**
+** Note that the relationship between SHAREd and EXCLUSIVE locks is a little
+** different here than in posix. In xShmLock(), one can go from unlocked
+** to shared and back or from unlocked to exclusive and back. But one may
+** not go from shared to exclusive or from exclusive to shared.
+*/
+static int unixShmLock(
+ sqlite3_file *fd, /* Database file holding the shared memory */
+ int ofst, /* First lock to acquire or release */
+ int n, /* Number of locks to acquire or release */
+ int flags /* What to do with the lock */
+){
+ unixFile *pDbFd = (unixFile*)fd; /* Connection holding shared memory */
+ unixShm *p = pDbFd->pShm; /* The shared memory being locked */
+ unixShm *pX; /* For looping over all siblings */
+ unixShmNode *pShmNode = p->pShmNode; /* The underlying file iNode */
+ int rc = SQLITE_OK; /* Result code */
+ u16 mask; /* Mask of locks to take or release */
+
+ assert( pShmNode==pDbFd->pInode->pShmNode );
+ assert( pShmNode->pInode==pDbFd->pInode );
+ assert( ofst>=0 && ofst+n<=SQLITE_SHM_NLOCK );
+ assert( n>=1 );
+ assert( flags==(SQLITE_SHM_LOCK | SQLITE_SHM_SHARED)
+ || flags==(SQLITE_SHM_LOCK | SQLITE_SHM_EXCLUSIVE)
+ || flags==(SQLITE_SHM_UNLOCK | SQLITE_SHM_SHARED)
+ || flags==(SQLITE_SHM_UNLOCK | SQLITE_SHM_EXCLUSIVE) );
+ assert( n==1 || (flags & SQLITE_SHM_EXCLUSIVE)!=0 );
+ assert( pShmNode->h>=0 || pDbFd->pInode->bProcessLock==1 );
+ assert( pShmNode->h<0 || pDbFd->pInode->bProcessLock==0 );
+
+ mask = (1<<(ofst+n)) - (1<<ofst);
+ assert( n>1 || mask==(1<<ofst) );
+ sqlite3_mutex_enter(pShmNode->mutex);
+ if( flags & SQLITE_SHM_UNLOCK ){
+ u16 allMask = 0; /* Mask of locks held by siblings */
+
+ /* See if any siblings hold this same lock */
+ for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
+ if( pX==p ) continue;
+ assert( (pX->exclMask & (p->exclMask|p->sharedMask))==0 );
+ allMask |= pX->sharedMask;
+ }
+
+ /* Unlock the system-level locks */
+ if( (mask & allMask)==0 ){
+ rc = unixShmSystemLock(pDbFd, F_UNLCK, ofst+UNIX_SHM_BASE, n);
+ }else{
+ rc = SQLITE_OK;
+ }
+
+ /* Undo the local locks */
+ if( rc==SQLITE_OK ){
+ p->exclMask &= ~mask;
+ p->sharedMask &= ~mask;
+ }
+ }else if( flags & SQLITE_SHM_SHARED ){
+ u16 allShared = 0; /* Union of locks held by connections other than "p" */
+
+ /* Find out which shared locks are already held by sibling connections.
+ ** If any sibling already holds an exclusive lock, go ahead and return
+ ** SQLITE_BUSY.
+ */
+ for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
+ if( (pX->exclMask & mask)!=0 ){
+ rc = SQLITE_BUSY;
+ break;
+ }
+ allShared |= pX->sharedMask;
+ }
+
+ /* Get shared locks at the system level, if necessary */
+ if( rc==SQLITE_OK ){
+ if( (allShared & mask)==0 ){
+ rc = unixShmSystemLock(pDbFd, F_RDLCK, ofst+UNIX_SHM_BASE, n);
+ }else{
+ rc = SQLITE_OK;
+ }
+ }
+
+ /* Get the local shared locks */
+ if( rc==SQLITE_OK ){
+ p->sharedMask |= mask;
+ }
+ }else{
+ /* Make sure no sibling connections hold locks that will block this
+ ** lock. If any do, return SQLITE_BUSY right away.
+ */
+ for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
+ if( (pX->exclMask & mask)!=0 || (pX->sharedMask & mask)!=0 ){
+ rc = SQLITE_BUSY;
+ break;
+ }
+ }
+
+ /* Get the exclusive locks at the system level. Then if successful
+ ** also mark the local connection as being locked.
+ */
+ if( rc==SQLITE_OK ){
+ rc = unixShmSystemLock(pDbFd, F_WRLCK, ofst+UNIX_SHM_BASE, n);
+ if( rc==SQLITE_OK ){
+ assert( (p->sharedMask & mask)==0 );
+ p->exclMask |= mask;
+ }
+ }
+ }
+ sqlite3_mutex_leave(pShmNode->mutex);
+ OSTRACE(("SHM-LOCK shmid-%d, pid-%d got %03x,%03x\n",
+ p->id, osGetpid(0), p->sharedMask, p->exclMask));
+ return rc;
+}
+
+/*
+** Implement a memory barrier or memory fence on shared memory.
+**
+** All loads and stores begun before the barrier must complete before
+** any load or store begun after the barrier.
+*/
+static void unixShmBarrier(
+ sqlite3_file *fd /* Database file holding the shared memory */
+){
+ UNUSED_PARAMETER(fd);
+ sqlite3MemoryBarrier(); /* compiler-defined memory barrier */
+ unixEnterMutex(); /* Also mutex, for redundancy */
+ unixLeaveMutex();
+}
+
+/*
+** Close a connection to shared-memory. Delete the underlying
+** storage if deleteFlag is true.
+**
+** If there is no shared memory associated with the connection then this
+** routine is a harmless no-op.
+*/
+static int unixShmUnmap(
+ sqlite3_file *fd, /* The underlying database file */
+ int deleteFlag /* Delete shared-memory if true */
+){
+ unixShm *p; /* The connection to be closed */
+ unixShmNode *pShmNode; /* The underlying shared-memory file */
+ unixShm **pp; /* For looping over sibling connections */
+ unixFile *pDbFd; /* The underlying database file */
+
+ pDbFd = (unixFile*)fd;
+ p = pDbFd->pShm;
+ if( p==0 ) return SQLITE_OK;
+ pShmNode = p->pShmNode;
+
+ assert( pShmNode==pDbFd->pInode->pShmNode );
+ assert( pShmNode->pInode==pDbFd->pInode );
+
+ /* Remove connection p from the set of connections associated
+ ** with pShmNode */
+ sqlite3_mutex_enter(pShmNode->mutex);
+ for(pp=&pShmNode->pFirst; (*pp)!=p; pp = &(*pp)->pNext){}
+ *pp = p->pNext;
+
+ /* Free the connection p */
+ sqlite3_free(p);
+ pDbFd->pShm = 0;
+ sqlite3_mutex_leave(pShmNode->mutex);
+
+ /* If pShmNode->nRef has reached 0, then close the underlying
+ ** shared-memory file, too */
+ unixEnterMutex();
+ assert( pShmNode->nRef>0 );
+ pShmNode->nRef--;
+ if( pShmNode->nRef==0 ){
+ if( deleteFlag && pShmNode->h>=0 ){
+ osUnlink(pShmNode->zFilename);
+ }
+ unixShmPurge(pDbFd);
+ }
+ unixLeaveMutex();
+
+ return SQLITE_OK;
+}
+
+
+#else
+# define unixShmMap 0
+# define unixShmLock 0
+# define unixShmBarrier 0
+# define unixShmUnmap 0
+#endif /* #ifndef SQLITE_OMIT_WAL */
+
+#if SQLITE_MAX_MMAP_SIZE>0
+/*
+** If it is currently memory mapped, unmap file pFd.
+*/
+static void unixUnmapfile(unixFile *pFd){
+ assert( pFd->nFetchOut==0 );
+ if( pFd->pMapRegion ){
+ osMunmap(pFd->pMapRegion, pFd->mmapSizeActual);
+ pFd->pMapRegion = 0;
+ pFd->mmapSize = 0;
+ pFd->mmapSizeActual = 0;
+ }
+}
+
+/*
+** Attempt to set the size of the memory mapping maintained by file
+** descriptor pFd to nNew bytes. Any existing mapping is discarded.
+**
+** If successful, this function sets the following variables:
+**
+** unixFile.pMapRegion
+** unixFile.mmapSize
+** unixFile.mmapSizeActual
+**
+** If unsuccessful, an error message is logged via sqlite3_log() and
+** the three variables above are zeroed. In this case SQLite should
+** continue accessing the database using the xRead() and xWrite()
+** methods.
+*/
+static void unixRemapfile(
+ unixFile *pFd, /* File descriptor object */
+ i64 nNew /* Required mapping size */
+){
+ const char *zErr = "mmap";
+ int h = pFd->h; /* File descriptor open on db file */
+ u8 *pOrig = (u8 *)pFd->pMapRegion; /* Pointer to current file mapping */
+ i64 nOrig = pFd->mmapSizeActual; /* Size of pOrig region in bytes */
+ u8 *pNew = 0; /* Location of new mapping */
+ int flags = PROT_READ; /* Flags to pass to mmap() */
+
+ assert( pFd->nFetchOut==0 );
+ assert( nNew>pFd->mmapSize );
+ assert( nNew<=pFd->mmapSizeMax );
+ assert( nNew>0 );
+ assert( pFd->mmapSizeActual>=pFd->mmapSize );
+ assert( MAP_FAILED!=0 );
+
+#ifdef SQLITE_MMAP_READWRITE
+ if( (pFd->ctrlFlags & UNIXFILE_RDONLY)==0 ) flags |= PROT_WRITE;
+#endif
+
+ if( pOrig ){
+#if HAVE_MREMAP
+ i64 nReuse = pFd->mmapSize;
+#else
+ const int szSyspage = osGetpagesize();
+ i64 nReuse = (pFd->mmapSize & ~(szSyspage-1));
+#endif
+ u8 *pReq = &pOrig[nReuse];
+
+ /* Unmap any pages of the existing mapping that cannot be reused. */
+ if( nReuse!=nOrig ){
+ osMunmap(pReq, nOrig-nReuse);
+ }
+
+#if HAVE_MREMAP
+ pNew = osMremap(pOrig, nReuse, nNew, MREMAP_MAYMOVE);
+ zErr = "mremap";
+#else
+ pNew = osMmap(pReq, nNew-nReuse, flags, MAP_SHARED, h, nReuse);
+ if( pNew!=MAP_FAILED ){
+ if( pNew!=pReq ){
+ osMunmap(pNew, nNew - nReuse);
+ pNew = 0;
+ }else{
+ pNew = pOrig;
+ }
+ }
+#endif
+
+ /* The attempt to extend the existing mapping failed. Free it. */
+ if( pNew==MAP_FAILED || pNew==0 ){
+ osMunmap(pOrig, nReuse);
+ }
+ }
+
+ /* If pNew is still NULL, try to create an entirely new mapping. */
+ if( pNew==0 ){
+ pNew = osMmap(0, nNew, flags, MAP_SHARED, h, 0);
+ }
+
+ if( pNew==MAP_FAILED ){
+ pNew = 0;
+ nNew = 0;
+ unixLogError(SQLITE_OK, zErr, pFd->zPath);
+
+ /* If the mmap() above failed, assume that all subsequent mmap() calls
+ ** will probably fail too. Fall back to using xRead/xWrite exclusively
+ ** in this case. */
+ pFd->mmapSizeMax = 0;
+ }
+ pFd->pMapRegion = (void *)pNew;
+ pFd->mmapSize = pFd->mmapSizeActual = nNew;
+}
+
+/*
+** Memory map or remap the file opened by file-descriptor pFd (if the file
+** is already mapped, the existing mapping is replaced by the new). Or, if
+** there already exists a mapping for this file, and there are still
+** outstanding xFetch() references to it, this function is a no-op.
+**
+** If parameter nByte is non-negative, then it is the requested size of
+** the mapping to create. Otherwise, if nByte is less than zero, then the
+** requested size is the size of the file on disk. The actual size of the
+** created mapping is either the requested size or the value configured
+** using SQLITE_FCNTL_MMAP_LIMIT, whichever is smaller.
+**
+** SQLITE_OK is returned if no error occurs (even if the mapping is not
+** recreated as a result of outstanding references) or an SQLite error
+** code otherwise.
+*/
+static int unixMapfile(unixFile *pFd, i64 nMap){
+ assert( nMap>=0 || pFd->nFetchOut==0 );
+ assert( nMap>0 || (pFd->mmapSize==0 && pFd->pMapRegion==0) );
+ if( pFd->nFetchOut>0 ) return SQLITE_OK;
+
+ if( nMap<0 ){
+ struct stat statbuf; /* Low-level file information */
+ if( osFstat(pFd->h, &statbuf) ){
+ return SQLITE_IOERR_FSTAT;
+ }
+ nMap = statbuf.st_size;
+ }
+ if( nMap>pFd->mmapSizeMax ){
+ nMap = pFd->mmapSizeMax;
+ }
+
+ assert( nMap>0 || (pFd->mmapSize==0 && pFd->pMapRegion==0) );
+ if( nMap!=pFd->mmapSize ){
+ unixRemapfile(pFd, nMap);
+ }
+
+ return SQLITE_OK;
+}
+#endif /* SQLITE_MAX_MMAP_SIZE>0 */
+
+/*
+** If possible, return a pointer to a mapping of file fd starting at offset
+** iOff. The mapping must be valid for at least nAmt bytes.
+**
+** If such a pointer can be obtained, store it in *pp and return SQLITE_OK.
+** Or, if one cannot but no error occurs, set *pp to 0 and return SQLITE_OK.
+** Finally, if an error does occur, return an SQLite error code. The final
+** value of *pp is undefined in this case.
+**
+** If this function does return a pointer, the caller must eventually
+** release the reference by calling unixUnfetch().
+*/
+static int unixFetch(sqlite3_file *fd, i64 iOff, int nAmt, void **pp){
+#if SQLITE_MAX_MMAP_SIZE>0
+ unixFile *pFd = (unixFile *)fd; /* The underlying database file */
+#endif
+ *pp = 0;
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ if( pFd->mmapSizeMax>0 ){
+ if( pFd->pMapRegion==0 ){
+ int rc = unixMapfile(pFd, -1);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ if( pFd->mmapSize >= iOff+nAmt ){
+ *pp = &((u8 *)pFd->pMapRegion)[iOff];
+ pFd->nFetchOut++;
+ }
+ }
+#endif
+ return SQLITE_OK;
+}
+
+/*
+** If the third argument is non-NULL, then this function releases a
+** reference obtained by an earlier call to unixFetch(). The second
+** argument passed to this function must be the same as the corresponding
+** argument that was passed to the unixFetch() invocation.
+**
+** Or, if the third argument is NULL, then this function is being called
+** to inform the VFS layer that, according to POSIX, any existing mapping
+** may now be invalid and should be unmapped.
+*/
+static int unixUnfetch(sqlite3_file *fd, i64 iOff, void *p){
+#if SQLITE_MAX_MMAP_SIZE>0
+ unixFile *pFd = (unixFile *)fd; /* The underlying database file */
+ UNUSED_PARAMETER(iOff);
+
+ /* If p==0 (unmap the entire file) then there must be no outstanding
+ ** xFetch references. Or, if p!=0 (meaning it is an xFetch reference),
+ ** then there must be at least one outstanding. */
+ assert( (p==0)==(pFd->nFetchOut==0) );
+
+ /* If p!=0, it must match the iOff value. */
+ assert( p==0 || p==&((u8 *)pFd->pMapRegion)[iOff] );
+
+ if( p ){
+ pFd->nFetchOut--;
+ }else{
+ unixUnmapfile(pFd);
+ }
+
+ assert( pFd->nFetchOut>=0 );
+#else
+ UNUSED_PARAMETER(fd);
+ UNUSED_PARAMETER(p);
+ UNUSED_PARAMETER(iOff);
+#endif
+ return SQLITE_OK;
+}
+
+/*
+** Here ends the implementation of all sqlite3_file methods.
+**
+********************** End sqlite3_file Methods *******************************
+******************************************************************************/
+
+/*
+** This division contains definitions of sqlite3_io_methods objects that
+** implement various file locking strategies. It also contains definitions
+** of "finder" functions. A finder-function is used to locate the appropriate
+** sqlite3_io_methods object for a particular database file. The pAppData
+** field of the sqlite3_vfs VFS objects are initialized to be pointers to
+** the correct finder-function for that VFS.
+**
+** Most finder functions return a pointer to a fixed sqlite3_io_methods
+** object. The only interesting finder-function is autolockIoFinder, which
+** looks at the filesystem type and tries to guess the best locking
+** strategy from that.
+**
+** For finder-function F, two objects are created:
+**
+** (1) The real finder-function named "FImpt()".
+**
+** (2) A constant pointer to this function named just "F".
+**
+**
+** A pointer to the F pointer is used as the pAppData value for VFS
+** objects. We have to do this instead of letting pAppData point
+** directly at the finder-function since C90 rules prevent a void*
+** from be cast into a function pointer.
+**
+**
+** Each instance of this macro generates two objects:
+**
+** * A constant sqlite3_io_methods object call METHOD that has locking
+** methods CLOSE, LOCK, UNLOCK, CKRESLOCK.
+**
+** * An I/O method finder function called FINDER that returns a pointer
+** to the METHOD object in the previous bullet.
+*/
+#define IOMETHODS(FINDER,METHOD,VERSION,CLOSE,LOCK,UNLOCK,CKLOCK,SHMMAP) \
+static const sqlite3_io_methods METHOD = { \
+ VERSION, /* iVersion */ \
+ CLOSE, /* xClose */ \
+ unixRead, /* xRead */ \
+ unixWrite, /* xWrite */ \
+ unixTruncate, /* xTruncate */ \
+ unixSync, /* xSync */ \
+ unixFileSize, /* xFileSize */ \
+ LOCK, /* xLock */ \
+ UNLOCK, /* xUnlock */ \
+ CKLOCK, /* xCheckReservedLock */ \
+ unixFileControl, /* xFileControl */ \
+ unixSectorSize, /* xSectorSize */ \
+ unixDeviceCharacteristics, /* xDeviceCapabilities */ \
+ SHMMAP, /* xShmMap */ \
+ unixShmLock, /* xShmLock */ \
+ unixShmBarrier, /* xShmBarrier */ \
+ unixShmUnmap, /* xShmUnmap */ \
+ unixFetch, /* xFetch */ \
+ unixUnfetch, /* xUnfetch */ \
+}; \
+static const sqlite3_io_methods *FINDER##Impl(const char *z, unixFile *p){ \
+ UNUSED_PARAMETER(z); UNUSED_PARAMETER(p); \
+ return &METHOD; \
+} \
+static const sqlite3_io_methods *(*const FINDER)(const char*,unixFile *p) \
+ = FINDER##Impl;
+
+/*
+** Here are all of the sqlite3_io_methods objects for each of the
+** locking strategies. Functions that return pointers to these methods
+** are also created.
+*/
+IOMETHODS(
+ posixIoFinder, /* Finder function name */
+ posixIoMethods, /* sqlite3_io_methods object name */
+ 3, /* shared memory and mmap are enabled */
+ unixClose, /* xClose method */
+ unixLock, /* xLock method */
+ unixUnlock, /* xUnlock method */
+ unixCheckReservedLock, /* xCheckReservedLock method */
+ unixShmMap /* xShmMap method */
+)
+IOMETHODS(
+ nolockIoFinder, /* Finder function name */
+ nolockIoMethods, /* sqlite3_io_methods object name */
+ 3, /* shared memory is disabled */
+ nolockClose, /* xClose method */
+ nolockLock, /* xLock method */
+ nolockUnlock, /* xUnlock method */
+ nolockCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+IOMETHODS(
+ dotlockIoFinder, /* Finder function name */
+ dotlockIoMethods, /* sqlite3_io_methods object name */
+ 1, /* shared memory is disabled */
+ dotlockClose, /* xClose method */
+ dotlockLock, /* xLock method */
+ dotlockUnlock, /* xUnlock method */
+ dotlockCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+
+#if SQLITE_ENABLE_LOCKING_STYLE
+IOMETHODS(
+ flockIoFinder, /* Finder function name */
+ flockIoMethods, /* sqlite3_io_methods object name */
+ 1, /* shared memory is disabled */
+ flockClose, /* xClose method */
+ flockLock, /* xLock method */
+ flockUnlock, /* xUnlock method */
+ flockCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+#endif
+
+#if OS_VXWORKS
+IOMETHODS(
+ semIoFinder, /* Finder function name */
+ semIoMethods, /* sqlite3_io_methods object name */
+ 1, /* shared memory is disabled */
+ semXClose, /* xClose method */
+ semXLock, /* xLock method */
+ semXUnlock, /* xUnlock method */
+ semXCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+#endif
+
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+IOMETHODS(
+ afpIoFinder, /* Finder function name */
+ afpIoMethods, /* sqlite3_io_methods object name */
+ 1, /* shared memory is disabled */
+ afpClose, /* xClose method */
+ afpLock, /* xLock method */
+ afpUnlock, /* xUnlock method */
+ afpCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+#endif
+
+/*
+** The proxy locking method is a "super-method" in the sense that it
+** opens secondary file descriptors for the conch and lock files and
+** it uses proxy, dot-file, AFP, and flock() locking methods on those
+** secondary files. For this reason, the division that implements
+** proxy locking is located much further down in the file. But we need
+** to go ahead and define the sqlite3_io_methods and finder function
+** for proxy locking here. So we forward declare the I/O methods.
+*/
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+static int proxyClose(sqlite3_file*);
+static int proxyLock(sqlite3_file*, int);
+static int proxyUnlock(sqlite3_file*, int);
+static int proxyCheckReservedLock(sqlite3_file*, int*);
+IOMETHODS(
+ proxyIoFinder, /* Finder function name */
+ proxyIoMethods, /* sqlite3_io_methods object name */
+ 1, /* shared memory is disabled */
+ proxyClose, /* xClose method */
+ proxyLock, /* xLock method */
+ proxyUnlock, /* xUnlock method */
+ proxyCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+#endif
+
+/* nfs lockd on OSX 10.3+ doesn't clear write locks when a read lock is set */
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+IOMETHODS(
+ nfsIoFinder, /* Finder function name */
+ nfsIoMethods, /* sqlite3_io_methods object name */
+ 1, /* shared memory is disabled */
+ unixClose, /* xClose method */
+ unixLock, /* xLock method */
+ nfsUnlock, /* xUnlock method */
+ unixCheckReservedLock, /* xCheckReservedLock method */
+ 0 /* xShmMap method */
+)
+#endif
+
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+/*
+** This "finder" function attempts to determine the best locking strategy
+** for the database file "filePath". It then returns the sqlite3_io_methods
+** object that implements that strategy.
+**
+** This is for MacOSX only.
+*/
+static const sqlite3_io_methods *autolockIoFinderImpl(
+ const char *filePath, /* name of the database file */
+ unixFile *pNew /* open file object for the database file */
+){
+ static const struct Mapping {
+ const char *zFilesystem; /* Filesystem type name */
+ const sqlite3_io_methods *pMethods; /* Appropriate locking method */
+ } aMap[] = {
+ { "hfs", &posixIoMethods },
+ { "ufs", &posixIoMethods },
+ { "afpfs", &afpIoMethods },
+ { "smbfs", &afpIoMethods },
+ { "webdav", &nolockIoMethods },
+ { 0, 0 }
+ };
+ int i;
+ struct statfs fsInfo;
+ struct flock lockInfo;
+
+ if( !filePath ){
+ /* If filePath==NULL that means we are dealing with a transient file
+ ** that does not need to be locked. */
+ return &nolockIoMethods;
+ }
+ if( statfs(filePath, &fsInfo) != -1 ){
+ if( fsInfo.f_flags & MNT_RDONLY ){
+ return &nolockIoMethods;
+ }
+ for(i=0; aMap[i].zFilesystem; i++){
+ if( strcmp(fsInfo.f_fstypename, aMap[i].zFilesystem)==0 ){
+ return aMap[i].pMethods;
+ }
+ }
+ }
+
+ /* Default case. Handles, amongst others, "nfs".
+ ** Test byte-range lock using fcntl(). If the call succeeds,
+ ** assume that the file-system supports POSIX style locks.
+ */
+ lockInfo.l_len = 1;
+ lockInfo.l_start = 0;
+ lockInfo.l_whence = SEEK_SET;
+ lockInfo.l_type = F_RDLCK;
+ if( osFcntl(pNew->h, F_GETLK, &lockInfo)!=-1 ) {
+ if( strcmp(fsInfo.f_fstypename, "nfs")==0 ){
+ return &nfsIoMethods;
+ } else {
+ return &posixIoMethods;
+ }
+ }else{
+ return &dotlockIoMethods;
+ }
+}
+static const sqlite3_io_methods
+ *(*const autolockIoFinder)(const char*,unixFile*) = autolockIoFinderImpl;
+
+#endif /* defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE */
+
+#if OS_VXWORKS
+/*
+** This "finder" function for VxWorks checks to see if posix advisory
+** locking works. If it does, then that is what is used. If it does not
+** work, then fallback to named semaphore locking.
+*/
+static const sqlite3_io_methods *vxworksIoFinderImpl(
+ const char *filePath, /* name of the database file */
+ unixFile *pNew /* the open file object */
+){
+ struct flock lockInfo;
+
+ if( !filePath ){
+ /* If filePath==NULL that means we are dealing with a transient file
+ ** that does not need to be locked. */
+ return &nolockIoMethods;
+ }
+
+ /* Test if fcntl() is supported and use POSIX style locks.
+ ** Otherwise fall back to the named semaphore method.
+ */
+ lockInfo.l_len = 1;
+ lockInfo.l_start = 0;
+ lockInfo.l_whence = SEEK_SET;
+ lockInfo.l_type = F_RDLCK;
+ if( osFcntl(pNew->h, F_GETLK, &lockInfo)!=-1 ) {
+ return &posixIoMethods;
+ }else{
+ return &semIoMethods;
+ }
+}
+static const sqlite3_io_methods
+ *(*const vxworksIoFinder)(const char*,unixFile*) = vxworksIoFinderImpl;
+
+#endif /* OS_VXWORKS */
+
+/*
+** An abstract type for a pointer to an IO method finder function:
+*/
+typedef const sqlite3_io_methods *(*finder_type)(const char*,unixFile*);
+
+
+/****************************************************************************
+**************************** sqlite3_vfs methods ****************************
+**
+** This division contains the implementation of methods on the
+** sqlite3_vfs object.
+*/
+
+/*
+** Initialize the contents of the unixFile structure pointed to by pId.
+*/
+static int fillInUnixFile(
+ sqlite3_vfs *pVfs, /* Pointer to vfs object */
+ int h, /* Open file descriptor of file being opened */
+ sqlite3_file *pId, /* Write to the unixFile structure here */
+ const char *zFilename, /* Name of the file being opened */
+ int ctrlFlags /* Zero or more UNIXFILE_* values */
+){
+ const sqlite3_io_methods *pLockingStyle;
+ unixFile *pNew = (unixFile *)pId;
+ int rc = SQLITE_OK;
+
+ assert( pNew->pInode==NULL );
+
+ /* Usually the path zFilename should not be a relative pathname. The
+ ** exception is when opening the proxy "conch" file in builds that
+ ** include the special Apple locking styles.
+ */
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+ assert( zFilename==0 || zFilename[0]=='/'
+ || pVfs->pAppData==(void*)&autolockIoFinder );
+#else
+ assert( zFilename==0 || zFilename[0]=='/' );
+#endif
+
+ /* No locking occurs in temporary files */
+ assert( zFilename!=0 || (ctrlFlags & UNIXFILE_NOLOCK)!=0 );
+
+ OSTRACE(("OPEN %-3d %s\n", h, zFilename));
+ pNew->h = h;
+ pNew->pVfs = pVfs;
+ pNew->zPath = zFilename;
+ pNew->ctrlFlags = (u8)ctrlFlags;
+#if SQLITE_MAX_MMAP_SIZE>0
+ pNew->mmapSizeMax = sqlite3GlobalConfig.szMmap;
+#endif
+ if( sqlite3_uri_boolean(((ctrlFlags & UNIXFILE_URI) ? zFilename : 0),
+ "psow", SQLITE_POWERSAFE_OVERWRITE) ){
+ pNew->ctrlFlags |= UNIXFILE_PSOW;
+ }
+ if( strcmp(pVfs->zName,"unix-excl")==0 ){
+ pNew->ctrlFlags |= UNIXFILE_EXCL;
+ }
+
+#if OS_VXWORKS
+ pNew->pId = vxworksFindFileId(zFilename);
+ if( pNew->pId==0 ){
+ ctrlFlags |= UNIXFILE_NOLOCK;
+ rc = SQLITE_NOMEM;
+ }
+#endif
+
+ if( ctrlFlags & UNIXFILE_NOLOCK ){
+ pLockingStyle = &nolockIoMethods;
+ }else{
+ pLockingStyle = (**(finder_type*)pVfs->pAppData)(zFilename, pNew);
+#if SQLITE_ENABLE_LOCKING_STYLE
+ /* Cache zFilename in the locking context (AFP and dotlock override) for
+ ** proxyLock activation is possible (remote proxy is based on db name)
+ ** zFilename remains valid until file is closed, to support */
+ pNew->lockingContext = (void*)zFilename;
+#endif
+ }
+
+ if( pLockingStyle == &posixIoMethods
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+ || pLockingStyle == &nfsIoMethods
+#endif
+ ){
+ unixEnterMutex();
+ rc = findInodeInfo(pNew, &pNew->pInode);
+ if( rc!=SQLITE_OK ){
+ /* If an error occurred in findInodeInfo(), close the file descriptor
+ ** immediately, before releasing the mutex. findInodeInfo() may fail
+ ** in two scenarios:
+ **
+ ** (a) A call to fstat() failed.
+ ** (b) A malloc failed.
+ **
+ ** Scenario (b) may only occur if the process is holding no other
+ ** file descriptors open on the same file. If there were other file
+ ** descriptors on this file, then no malloc would be required by
+ ** findInodeInfo(). If this is the case, it is quite safe to close
+ ** handle h - as it is guaranteed that no posix locks will be released
+ ** by doing so.
+ **
+ ** If scenario (a) caused the error then things are not so safe. The
+ ** implicit assumption here is that if fstat() fails, things are in
+ ** such bad shape that dropping a lock or two doesn't matter much.
+ */
+ robust_close(pNew, h, __LINE__);
+ h = -1;
+ }
+ unixLeaveMutex();
+ }
+
+#if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__)
+ else if( pLockingStyle == &afpIoMethods ){
+ /* AFP locking uses the file path so it needs to be included in
+ ** the afpLockingContext.
+ */
+ afpLockingContext *pCtx;
+ pNew->lockingContext = pCtx = sqlite3_malloc64( sizeof(*pCtx) );
+ if( pCtx==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ /* NB: zFilename exists and remains valid until the file is closed
+ ** according to requirement F11141. So we do not need to make a
+ ** copy of the filename. */
+ pCtx->dbPath = zFilename;
+ pCtx->reserved = 0;
+ srandomdev();
+ unixEnterMutex();
+ rc = findInodeInfo(pNew, &pNew->pInode);
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(pNew->lockingContext);
+ robust_close(pNew, h, __LINE__);
+ h = -1;
+ }
+ unixLeaveMutex();
+ }
+ }
+#endif
+
+ else if( pLockingStyle == &dotlockIoMethods ){
+ /* Dotfile locking uses the file path so it needs to be included in
+ ** the dotlockLockingContext
+ */
+ char *zLockFile;
+ int nFilename;
+ assert( zFilename!=0 );
+ nFilename = (int)strlen(zFilename) + 6;
+ zLockFile = (char *)sqlite3_malloc64(nFilename);
+ if( zLockFile==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ sqlite3_snprintf(nFilename, zLockFile, "%s" DOTLOCK_SUFFIX, zFilename);
+ }
+ pNew->lockingContext = zLockFile;
+ }
+
+#if OS_VXWORKS
+ else if( pLockingStyle == &semIoMethods ){
+ /* Named semaphore locking uses the file path so it needs to be
+ ** included in the semLockingContext
+ */
+ unixEnterMutex();
+ rc = findInodeInfo(pNew, &pNew->pInode);
+ if( (rc==SQLITE_OK) && (pNew->pInode->pSem==NULL) ){
+ char *zSemName = pNew->pInode->aSemName;
+ int n;
+ sqlite3_snprintf(MAX_PATHNAME, zSemName, "/%s.sem",
+ pNew->pId->zCanonicalName);
+ for( n=1; zSemName[n]; n++ )
+ if( zSemName[n]=='/' ) zSemName[n] = '_';
+ pNew->pInode->pSem = sem_open(zSemName, O_CREAT, 0666, 1);
+ if( pNew->pInode->pSem == SEM_FAILED ){
+ rc = SQLITE_NOMEM;
+ pNew->pInode->aSemName[0] = '\0';
+ }
+ }
+ unixLeaveMutex();
+ }
+#endif
+
+ storeLastErrno(pNew, 0);
+#if OS_VXWORKS
+ if( rc!=SQLITE_OK ){
+ if( h>=0 ) robust_close(pNew, h, __LINE__);
+ h = -1;
+ osUnlink(zFilename);
+ pNew->ctrlFlags |= UNIXFILE_DELETE;
+ }
+#endif
+ if( rc!=SQLITE_OK ){
+ if( h>=0 ) robust_close(pNew, h, __LINE__);
+ }else{
+ pNew->pMethod = pLockingStyle;
+ OpenCounter(+1);
+ verifyDbFile(pNew);
+ }
+ return rc;
+}
+
+/*
+** Return the name of a directory in which to put temporary files.
+** If no suitable temporary file directory can be found, return NULL.
+*/
+static const char *unixTempFileDir(void){
+ static const char *azDirs[] = {
+ 0,
+ 0,
+ "/var/tmp",
+ "/usr/tmp",
+ "/tmp",
+ "."
+ };
+ unsigned int i;
+ struct stat buf;
+ const char *zDir = sqlite3_temp_directory;
+
+ if( !azDirs[0] ) azDirs[0] = getenv("SQLITE_TMPDIR");
+ if( !azDirs[1] ) azDirs[1] = getenv("TMPDIR");
+ for(i=0; i<sizeof(azDirs)/sizeof(azDirs[0]); zDir=azDirs[i++]){
+ if( zDir==0 ) continue;
+ if( osStat(zDir, &buf) ) continue;
+ if( !S_ISDIR(buf.st_mode) ) continue;
+ if( osAccess(zDir, 07) ) continue;
+ break;
+ }
+ return zDir;
+}
+
+/*
+** Create a temporary file name in zBuf. zBuf must be allocated
+** by the calling process and must be big enough to hold at least
+** pVfs->mxPathname bytes.
+*/
+static int unixGetTempname(int nBuf, char *zBuf){
+ const char *zDir;
+ int iLimit = 0;
+
+ /* It's odd to simulate an io-error here, but really this is just
+ ** using the io-error infrastructure to test that SQLite handles this
+ ** function failing.
+ */
+ SimulateIOError( return SQLITE_IOERR );
+
+ zDir = unixTempFileDir();
+ do{
+ u64 r;
+ sqlite3_randomness(sizeof(r), &r);
+ assert( nBuf>2 );
+ zBuf[nBuf-2] = 0;
+ sqlite3_snprintf(nBuf, zBuf, "%s/"SQLITE_TEMP_FILE_PREFIX"%llx%c",
+ zDir, r, 0);
+ if( zBuf[nBuf-2]!=0 || (iLimit++)>10 ) return SQLITE_ERROR;
+ }while( osAccess(zBuf,0)==0 );
+ return SQLITE_OK;
+}
+
+#if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__)
+/*
+** Routine to transform a unixFile into a proxy-locking unixFile.
+** Implementation in the proxy-lock division, but used by unixOpen()
+** if SQLITE_PREFER_PROXY_LOCKING is defined.
+*/
+static int proxyTransformUnixFile(unixFile*, const char*);
+#endif
+
+/*
+** Search for an unused file descriptor that was opened on the database
+** file (not a journal or master-journal file) identified by pathname
+** zPath with SQLITE_OPEN_XXX flags matching those passed as the second
+** argument to this function.
+**
+** Such a file descriptor may exist if a database connection was closed
+** but the associated file descriptor could not be closed because some
+** other file descriptor open on the same file is holding a file-lock.
+** Refer to comments in the unixClose() function and the lengthy comment
+** describing "Posix Advisory Locking" at the start of this file for
+** further details. Also, ticket #4018.
+**
+** If a suitable file descriptor is found, then it is returned. If no
+** such file descriptor is located, -1 is returned.
+*/
+static UnixUnusedFd *findReusableFd(const char *zPath, int flags){
+ UnixUnusedFd *pUnused = 0;
+
+ /* Do not search for an unused file descriptor on vxworks. Not because
+ ** vxworks would not benefit from the change (it might, we're not sure),
+ ** but because no way to test it is currently available. It is better
+ ** not to risk breaking vxworks support for the sake of such an obscure
+ ** feature. */
+#if !OS_VXWORKS
+ struct stat sStat; /* Results of stat() call */
+
+ /* A stat() call may fail for various reasons. If this happens, it is
+ ** almost certain that an open() call on the same path will also fail.
+ ** For this reason, if an error occurs in the stat() call here, it is
+ ** ignored and -1 is returned. The caller will try to open a new file
+ ** descriptor on the same path, fail, and return an error to SQLite.
+ **
+ ** Even if a subsequent open() call does succeed, the consequences of
+ ** not searching for a reusable file descriptor are not dire. */
+ if( 0==osStat(zPath, &sStat) ){
+ unixInodeInfo *pInode;
+
+ unixEnterMutex();
+ pInode = inodeList;
+ while( pInode && (pInode->fileId.dev!=sStat.st_dev
+ || pInode->fileId.ino!=sStat.st_ino) ){
+ pInode = pInode->pNext;
+ }
+ if( pInode ){
+ UnixUnusedFd **pp;
+ for(pp=&pInode->pUnused; *pp && (*pp)->flags!=flags; pp=&((*pp)->pNext));
+ pUnused = *pp;
+ if( pUnused ){
+ *pp = pUnused->pNext;
+ }
+ }
+ unixLeaveMutex();
+ }
+#endif /* if !OS_VXWORKS */
+ return pUnused;
+}
+
+/*
+** This function is called by unixOpen() to determine the unix permissions
+** to create new files with. If no error occurs, then SQLITE_OK is returned
+** and a value suitable for passing as the third argument to open(2) is
+** written to *pMode. If an IO error occurs, an SQLite error code is
+** returned and the value of *pMode is not modified.
+**
+** In most cases, this routine sets *pMode to 0, which will become
+** an indication to robust_open() to create the file using
+** SQLITE_DEFAULT_FILE_PERMISSIONS adjusted by the umask.
+** But if the file being opened is a WAL or regular journal file, then
+** this function queries the file-system for the permissions on the
+** corresponding database file and sets *pMode to this value. Whenever
+** possible, WAL and journal files are created using the same permissions
+** as the associated database file.
+**
+** If the SQLITE_ENABLE_8_3_NAMES option is enabled, then the
+** original filename is unavailable. But 8_3_NAMES is only used for
+** FAT filesystems and permissions do not matter there, so just use
+** the default permissions.
+*/
+static int findCreateFileMode(
+ const char *zPath, /* Path of file (possibly) being created */
+ int flags, /* Flags passed as 4th argument to xOpen() */
+ mode_t *pMode, /* OUT: Permissions to open file with */
+ uid_t *pUid, /* OUT: uid to set on the file */
+ gid_t *pGid /* OUT: gid to set on the file */
+){
+ int rc = SQLITE_OK; /* Return Code */
+ *pMode = 0;
+ *pUid = 0;
+ *pGid = 0;
+ if( flags & (SQLITE_OPEN_WAL|SQLITE_OPEN_MAIN_JOURNAL) ){
+ char zDb[MAX_PATHNAME+1]; /* Database file path */
+ int nDb; /* Number of valid bytes in zDb */
+ struct stat sStat; /* Output of stat() on database file */
+
+ /* zPath is a path to a WAL or journal file. The following block derives
+ ** the path to the associated database file from zPath. This block handles
+ ** the following naming conventions:
+ **
+ ** "<path to db>-journal"
+ ** "<path to db>-wal"
+ ** "<path to db>-journalNN"
+ ** "<path to db>-walNN"
+ **
+ ** where NN is a decimal number. The NN naming schemes are
+ ** used by the test_multiplex.c module.
+ */
+ nDb = sqlite3Strlen30(zPath) - 1;
+ while( zPath[nDb]!='-' ){
+#ifndef SQLITE_ENABLE_8_3_NAMES
+ /* In the normal case (8+3 filenames disabled) the journal filename
+ ** is guaranteed to contain a '-' character. */
+ assert( nDb>0 );
+ assert( sqlite3Isalnum(zPath[nDb]) );
+#else
+ /* If 8+3 names are possible, then the journal file might not contain
+ ** a '-' character. So check for that case and return early. */
+ if( nDb==0 || zPath[nDb]=='.' ) return SQLITE_OK;
+#endif
+ nDb--;
+ }
+ memcpy(zDb, zPath, nDb);
+ zDb[nDb] = '\0';
+
+ if( 0==osStat(zDb, &sStat) ){
+ *pMode = sStat.st_mode & 0777;
+ *pUid = sStat.st_uid;
+ *pGid = sStat.st_gid;
+ }else{
+ rc = SQLITE_IOERR_FSTAT;
+ }
+ }else if( flags & SQLITE_OPEN_DELETEONCLOSE ){
+ *pMode = 0600;
+ }
+ return rc;
+}
+
+/*
+** Open the file zPath.
+**
+** Previously, the SQLite OS layer used three functions in place of this
+** one:
+**
+** sqlite3OsOpenReadWrite();
+** sqlite3OsOpenReadOnly();
+** sqlite3OsOpenExclusive();
+**
+** These calls correspond to the following combinations of flags:
+**
+** ReadWrite() -> (READWRITE | CREATE)
+** ReadOnly() -> (READONLY)
+** OpenExclusive() -> (READWRITE | CREATE | EXCLUSIVE)
+**
+** The old OpenExclusive() accepted a boolean argument - "delFlag". If
+** true, the file was configured to be automatically deleted when the
+** file handle closed. To achieve the same effect using this new
+** interface, add the DELETEONCLOSE flag to those specified above for
+** OpenExclusive().
+*/
+static int unixOpen(
+ sqlite3_vfs *pVfs, /* The VFS for which this is the xOpen method */
+ const char *zPath, /* Pathname of file to be opened */
+ sqlite3_file *pFile, /* The file descriptor to be filled in */
+ int flags, /* Input flags to control the opening */
+ int *pOutFlags /* Output flags returned to SQLite core */
+){
+ unixFile *p = (unixFile *)pFile;
+ int fd = -1; /* File descriptor returned by open() */
+ int openFlags = 0; /* Flags to pass to open() */
+ int eType = flags&0xFFFFFF00; /* Type of file to open */
+ int noLock; /* True to omit locking primitives */
+ int rc = SQLITE_OK; /* Function Return Code */
+ int ctrlFlags = 0; /* UNIXFILE_* flags */
+
+ int isExclusive = (flags & SQLITE_OPEN_EXCLUSIVE);
+ int isDelete = (flags & SQLITE_OPEN_DELETEONCLOSE);
+ int isCreate = (flags & SQLITE_OPEN_CREATE);
+ int isReadonly = (flags & SQLITE_OPEN_READONLY);
+ int isReadWrite = (flags & SQLITE_OPEN_READWRITE);
+#if SQLITE_ENABLE_LOCKING_STYLE
+ int isAutoProxy = (flags & SQLITE_OPEN_AUTOPROXY);
+#endif
+#if defined(__APPLE__) || SQLITE_ENABLE_LOCKING_STYLE
+ struct statfs fsInfo;
+#endif
+
+ /* If creating a master or main-file journal, this function will open
+ ** a file-descriptor on the directory too. The first time unixSync()
+ ** is called the directory file descriptor will be fsync()ed and close()d.
+ */
+ int syncDir = (isCreate && (
+ eType==SQLITE_OPEN_MASTER_JOURNAL
+ || eType==SQLITE_OPEN_MAIN_JOURNAL
+ || eType==SQLITE_OPEN_WAL
+ ));
+
+ /* If argument zPath is a NULL pointer, this function is required to open
+ ** a temporary file. Use this buffer to store the file name in.
+ */
+ char zTmpname[MAX_PATHNAME+2];
+ const char *zName = zPath;
+
+ /* Check the following statements are true:
+ **
+ ** (a) Exactly one of the READWRITE and READONLY flags must be set, and
+ ** (b) if CREATE is set, then READWRITE must also be set, and
+ ** (c) if EXCLUSIVE is set, then CREATE must also be set.
+ ** (d) if DELETEONCLOSE is set, then CREATE must also be set.
+ */
+ assert((isReadonly==0 || isReadWrite==0) && (isReadWrite || isReadonly));
+ assert(isCreate==0 || isReadWrite);
+ assert(isExclusive==0 || isCreate);
+ assert(isDelete==0 || isCreate);
+
+ /* The main DB, main journal, WAL file and master journal are never
+ ** automatically deleted. Nor are they ever temporary files. */
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_MAIN_DB );
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_MAIN_JOURNAL );
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_MASTER_JOURNAL );
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_WAL );
+
+ /* Assert that the upper layer has set one of the "file-type" flags. */
+ assert( eType==SQLITE_OPEN_MAIN_DB || eType==SQLITE_OPEN_TEMP_DB
+ || eType==SQLITE_OPEN_MAIN_JOURNAL || eType==SQLITE_OPEN_TEMP_JOURNAL
+ || eType==SQLITE_OPEN_SUBJOURNAL || eType==SQLITE_OPEN_MASTER_JOURNAL
+ || eType==SQLITE_OPEN_TRANSIENT_DB || eType==SQLITE_OPEN_WAL
+ );
+
+ /* Detect a pid change and reset the PRNG. There is a race condition
+ ** here such that two or more threads all trying to open databases at
+ ** the same instant might all reset the PRNG. But multiple resets
+ ** are harmless.
+ */
+ if( randomnessPid!=osGetpid(0) ){
+ randomnessPid = osGetpid(0);
+ sqlite3_randomness(0,0);
+ }
+
+ memset(p, 0, sizeof(unixFile));
+
+ if( eType==SQLITE_OPEN_MAIN_DB ){
+ UnixUnusedFd *pUnused;
+ pUnused = findReusableFd(zName, flags);
+ if( pUnused ){
+ fd = pUnused->fd;
+ }else{
+ pUnused = sqlite3_malloc64(sizeof(*pUnused));
+ if( !pUnused ){
+ return SQLITE_NOMEM;
+ }
+ }
+ p->pUnused = pUnused;
+
+ /* Database filenames are double-zero terminated if they are not
+ ** URIs with parameters. Hence, they can always be passed into
+ ** sqlite3_uri_parameter(). */
+ assert( (flags & SQLITE_OPEN_URI) || zName[strlen(zName)+1]==0 );
+
+ }else if( !zName ){
+ /* If zName is NULL, the upper layer is requesting a temp file. */
+ assert(isDelete && !syncDir);
+ rc = unixGetTempname(pVfs->mxPathname, zTmpname);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ zName = zTmpname;
+
+ /* Generated temporary filenames are always double-zero terminated
+ ** for use by sqlite3_uri_parameter(). */
+ assert( zName[strlen(zName)+1]==0 );
+ }
+
+ /* Determine the value of the flags parameter passed to POSIX function
+ ** open(). These must be calculated even if open() is not called, as
+ ** they may be stored as part of the file handle and used by the
+ ** 'conch file' locking functions later on. */
+ if( isReadonly ) openFlags |= O_RDONLY;
+ if( isReadWrite ) openFlags |= O_RDWR;
+ if( isCreate ) openFlags |= O_CREAT;
+ if( isExclusive ) openFlags |= (O_EXCL|O_NOFOLLOW);
+ openFlags |= (O_LARGEFILE|O_BINARY);
+
+ if( fd<0 ){
+ mode_t openMode; /* Permissions to create file with */
+ uid_t uid; /* Userid for the file */
+ gid_t gid; /* Groupid for the file */
+ rc = findCreateFileMode(zName, flags, &openMode, &uid, &gid);
+ if( rc!=SQLITE_OK ){
+ assert( !p->pUnused );
+ assert( eType==SQLITE_OPEN_WAL || eType==SQLITE_OPEN_MAIN_JOURNAL );
+ return rc;
+ }
+ fd = robust_open(zName, openFlags, openMode);
+ OSTRACE(("OPENX %-3d %s 0%o\n", fd, zName, openFlags));
+ assert( !isExclusive || (openFlags & O_CREAT)!=0 );
+ if( fd<0 && errno!=EISDIR && isReadWrite ){
+ /* Failed to open the file for read/write access. Try read-only. */
+ flags &= ~(SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE);
+ openFlags &= ~(O_RDWR|O_CREAT);
+ flags |= SQLITE_OPEN_READONLY;
+ openFlags |= O_RDONLY;
+ isReadonly = 1;
+ fd = robust_open(zName, openFlags, openMode);
+ }
+ if( fd<0 ){
+ rc = unixLogError(SQLITE_CANTOPEN_BKPT, "open", zName);
+ goto open_finished;
+ }
+
+ /* If this process is running as root and if creating a new rollback
+ ** journal or WAL file, set the ownership of the journal or WAL to be
+ ** the same as the original database.
+ */
+ if( flags & (SQLITE_OPEN_WAL|SQLITE_OPEN_MAIN_JOURNAL) ){
+ robustFchown(fd, uid, gid);
+ }
+ }
+ assert( fd>=0 );
+ if( pOutFlags ){
+ *pOutFlags = flags;
+ }
+
+ if( p->pUnused ){
+ p->pUnused->fd = fd;
+ p->pUnused->flags = flags;
+ }
+
+ if( isDelete ){
+#if OS_VXWORKS
+ zPath = zName;
+#elif defined(SQLITE_UNLINK_AFTER_CLOSE)
+ zPath = sqlite3_mprintf("%s", zName);
+ if( zPath==0 ){
+ robust_close(p, fd, __LINE__);
+ return SQLITE_NOMEM;
+ }
+#else
+ osUnlink(zName);
+#endif
+ }
+#if SQLITE_ENABLE_LOCKING_STYLE
+ else{
+ p->openFlags = openFlags;
+ }
+#endif
+
+ noLock = eType!=SQLITE_OPEN_MAIN_DB;
+
+
+#if defined(__APPLE__) || SQLITE_ENABLE_LOCKING_STYLE
+ if( fstatfs(fd, &fsInfo) == -1 ){
+ storeLastErrno(p, errno);
+ robust_close(p, fd, __LINE__);
+ return SQLITE_IOERR_ACCESS;
+ }
+ if (0 == strncmp("msdos", fsInfo.f_fstypename, 5)) {
+ ((unixFile*)pFile)->fsFlags |= SQLITE_FSFLAGS_IS_MSDOS;
+ }
+ if (0 == strncmp("exfat", fsInfo.f_fstypename, 5)) {
+ ((unixFile*)pFile)->fsFlags |= SQLITE_FSFLAGS_IS_MSDOS;
+ }
+#endif
+
+ /* Set up appropriate ctrlFlags */
+ if( isDelete ) ctrlFlags |= UNIXFILE_DELETE;
+ if( isReadonly ) ctrlFlags |= UNIXFILE_RDONLY;
+ if( noLock ) ctrlFlags |= UNIXFILE_NOLOCK;
+ if( syncDir ) ctrlFlags |= UNIXFILE_DIRSYNC;
+ if( flags & SQLITE_OPEN_URI ) ctrlFlags |= UNIXFILE_URI;
+
+#if SQLITE_ENABLE_LOCKING_STYLE
+#if SQLITE_PREFER_PROXY_LOCKING
+ isAutoProxy = 1;
+#endif
+ if( isAutoProxy && (zPath!=NULL) && (!noLock) && pVfs->xOpen ){
+ char *envforce = getenv("SQLITE_FORCE_PROXY_LOCKING");
+ int useProxy = 0;
+
+ /* SQLITE_FORCE_PROXY_LOCKING==1 means force always use proxy, 0 means
+ ** never use proxy, NULL means use proxy for non-local files only. */
+ if( envforce!=NULL ){
+ useProxy = atoi(envforce)>0;
+ }else{
+ useProxy = !(fsInfo.f_flags&MNT_LOCAL);
+ }
+ if( useProxy ){
+ rc = fillInUnixFile(pVfs, fd, pFile, zPath, ctrlFlags);
+ if( rc==SQLITE_OK ){
+ rc = proxyTransformUnixFile((unixFile*)pFile, ":auto:");
+ if( rc!=SQLITE_OK ){
+ /* Use unixClose to clean up the resources added in fillInUnixFile
+ ** and clear all the structure's references. Specifically,
+ ** pFile->pMethods will be NULL so sqlite3OsClose will be a no-op
+ */
+ unixClose(pFile);
+ return rc;
+ }
+ }
+ goto open_finished;
+ }
+ }
+#endif
+
+ rc = fillInUnixFile(pVfs, fd, pFile, zPath, ctrlFlags);
+
+open_finished:
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(p->pUnused);
+ }
+ return rc;
+}
+
+
+/*
+** Delete the file at zPath. If the dirSync argument is true, fsync()
+** the directory after deleting the file.
+*/
+static int unixDelete(
+ sqlite3_vfs *NotUsed, /* VFS containing this as the xDelete method */
+ const char *zPath, /* Name of file to be deleted */
+ int dirSync /* If true, fsync() directory after deleting file */
+){
+ int rc = SQLITE_OK;
+ UNUSED_PARAMETER(NotUsed);
+ SimulateIOError(return SQLITE_IOERR_DELETE);
+ if( osUnlink(zPath)==(-1) ){
+ if( errno==ENOENT
+#if OS_VXWORKS
+ || osAccess(zPath,0)!=0
+#endif
+ ){
+ rc = SQLITE_IOERR_DELETE_NOENT;
+ }else{
+ rc = unixLogError(SQLITE_IOERR_DELETE, "unlink", zPath);
+ }
+ return rc;
+ }
+#ifndef SQLITE_DISABLE_DIRSYNC
+ if( (dirSync & 1)!=0 ){
+ int fd;
+ rc = osOpenDirectory(zPath, &fd);
+ if( rc==SQLITE_OK ){
+#if OS_VXWORKS
+ if( fsync(fd)==-1 )
+#else
+ if( fsync(fd) )
+#endif
+ {
+ rc = unixLogError(SQLITE_IOERR_DIR_FSYNC, "fsync", zPath);
+ }
+ robust_close(0, fd, __LINE__);
+ }else{
+ assert( rc==SQLITE_CANTOPEN );
+ rc = SQLITE_OK;
+ }
+ }
+#endif
+ return rc;
+}
+
+/*
+** Test the existence of or access permissions of file zPath. The
+** test performed depends on the value of flags:
+**
+** SQLITE_ACCESS_EXISTS: Return 1 if the file exists
+** SQLITE_ACCESS_READWRITE: Return 1 if the file is read and writable.
+** SQLITE_ACCESS_READONLY: Return 1 if the file is readable.
+**
+** Otherwise return 0.
+*/
+static int unixAccess(
+ sqlite3_vfs *NotUsed, /* The VFS containing this xAccess method */
+ const char *zPath, /* Path of the file to examine */
+ int flags, /* What do we want to learn about the zPath file? */
+ int *pResOut /* Write result boolean here */
+){
+ UNUSED_PARAMETER(NotUsed);
+ SimulateIOError( return SQLITE_IOERR_ACCESS; );
+ assert( pResOut!=0 );
+
+ /* The spec says there are three possible values for flags. But only
+ ** two of them are actually used */
+ assert( flags==SQLITE_ACCESS_EXISTS || flags==SQLITE_ACCESS_READWRITE );
+
+ if( flags==SQLITE_ACCESS_EXISTS ){
+ struct stat buf;
+ *pResOut = (0==osStat(zPath, &buf) && buf.st_size>0);
+ }else{
+ *pResOut = osAccess(zPath, W_OK|R_OK)==0;
+ }
+ return SQLITE_OK;
+}
+
+
+/*
+** Turn a relative pathname into a full pathname. The relative path
+** is stored as a nul-terminated string in the buffer pointed to by
+** zPath.
+**
+** zOut points to a buffer of at least sqlite3_vfs.mxPathname bytes
+** (in this case, MAX_PATHNAME bytes). The full-path is written to
+** this buffer before returning.
+*/
+static int unixFullPathname(
+ sqlite3_vfs *pVfs, /* Pointer to vfs object */
+ const char *zPath, /* Possibly relative input path */
+ int nOut, /* Size of output buffer in bytes */
+ char *zOut /* Output buffer */
+){
+ int nByte;
+
+ /* It's odd to simulate an io-error here, but really this is just
+ ** using the io-error infrastructure to test that SQLite handles this
+ ** function failing. This function could fail if, for example, the
+ ** current working directory has been unlinked.
+ */
+ SimulateIOError( return SQLITE_ERROR );
+
+ assert( pVfs->mxPathname==MAX_PATHNAME );
+ UNUSED_PARAMETER(pVfs);
+
+ /* Attempt to resolve the path as if it were a symbolic link. If it is
+ ** a symbolic link, the resolved path is stored in buffer zOut[]. Or, if
+ ** the identified file is not a symbolic link or does not exist, then
+ ** zPath is copied directly into zOut. Either way, nByte is left set to
+ ** the size of the string copied into zOut[] in bytes. */
+ nByte = osReadlink(zPath, zOut, nOut-1);
+ if( nByte<0 ){
+ if( errno!=EINVAL && errno!=ENOENT ){
+ return unixLogError(SQLITE_CANTOPEN_BKPT, "readlink", zPath);
+ }
+ sqlite3_snprintf(nOut, zOut, "%s", zPath);
+ nByte = sqlite3Strlen30(zOut);
+ }else{
+ zOut[nByte] = '\0';
+ }
+
+ /* If buffer zOut[] now contains an absolute path there is nothing more
+ ** to do. If it contains a relative path, do the following:
+ **
+ ** * move the relative path string so that it is at the end of th
+ ** zOut[] buffer.
+ ** * Call getcwd() to read the path of the current working directory
+ ** into the start of the zOut[] buffer.
+ ** * Append a '/' character to the cwd string and move the
+ ** relative path back within the buffer so that it immediately
+ ** follows the '/'.
+ **
+ ** This code is written so that if the combination of the CWD and relative
+ ** path are larger than the allocated size of zOut[] the CWD is silently
+ ** truncated to make it fit. This is Ok, as SQLite refuses to open any
+ ** file for which this function returns a full path larger than (nOut-8)
+ ** bytes in size. */
+ testcase( nByte==nOut-5 );
+ testcase( nByte==nOut-4 );
+ if( zOut[0]!='/' && nByte<nOut-4 ){
+ int nCwd;
+ int nRem = nOut-nByte-1;
+ memmove(&zOut[nRem], zOut, nByte+1);
+ zOut[nRem-1] = '\0';
+ if( osGetcwd(zOut, nRem-1)==0 ){
+ return unixLogError(SQLITE_CANTOPEN_BKPT, "getcwd", zPath);
+ }
+ nCwd = sqlite3Strlen30(zOut);
+ assert( nCwd<=nRem-1 );
+ zOut[nCwd] = '/';
+ memmove(&zOut[nCwd+1], &zOut[nRem], nByte+1);
+ }
+
+ return SQLITE_OK;
+}
+
+
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+/*
+** Interfaces for opening a shared library, finding entry points
+** within the shared library, and closing the shared library.
+*/
+#include <dlfcn.h>
+static void *unixDlOpen(sqlite3_vfs *NotUsed, const char *zFilename){
+ UNUSED_PARAMETER(NotUsed);
+ return dlopen(zFilename, RTLD_NOW | RTLD_GLOBAL);
+}
+
+/*
+** SQLite calls this function immediately after a call to unixDlSym() or
+** unixDlOpen() fails (returns a null pointer). If a more detailed error
+** message is available, it is written to zBufOut. If no error message
+** is available, zBufOut is left unmodified and SQLite uses a default
+** error message.
+*/
+static void unixDlError(sqlite3_vfs *NotUsed, int nBuf, char *zBufOut){
+ const char *zErr;
+ UNUSED_PARAMETER(NotUsed);
+ unixEnterMutex();
+ zErr = dlerror();
+ if( zErr ){
+ sqlite3_snprintf(nBuf, zBufOut, "%s", zErr);
+ }
+ unixLeaveMutex();
+}
+static void (*unixDlSym(sqlite3_vfs *NotUsed, void *p, const char*zSym))(void){
+ /*
+ ** GCC with -pedantic-errors says that C90 does not allow a void* to be
+ ** cast into a pointer to a function. And yet the library dlsym() routine
+ ** returns a void* which is really a pointer to a function. So how do we
+ ** use dlsym() with -pedantic-errors?
+ **
+ ** Variable x below is defined to be a pointer to a function taking
+ ** parameters void* and const char* and returning a pointer to a function.
+ ** We initialize x by assigning it a pointer to the dlsym() function.
+ ** (That assignment requires a cast.) Then we call the function that
+ ** x points to.
+ **
+ ** This work-around is unlikely to work correctly on any system where
+ ** you really cannot cast a function pointer into void*. But then, on the
+ ** other hand, dlsym() will not work on such a system either, so we have
+ ** not really lost anything.
+ */
+ void (*(*x)(void*,const char*))(void);
+ UNUSED_PARAMETER(NotUsed);
+ x = (void(*(*)(void*,const char*))(void))dlsym;
+ return (*x)(p, zSym);
+}
+static void unixDlClose(sqlite3_vfs *NotUsed, void *pHandle){
+ UNUSED_PARAMETER(NotUsed);
+ dlclose(pHandle);
+}
+#else /* if SQLITE_OMIT_LOAD_EXTENSION is defined: */
+ #define unixDlOpen 0
+ #define unixDlError 0
+ #define unixDlSym 0
+ #define unixDlClose 0
+#endif
+
+/*
+** Write nBuf bytes of random data to the supplied buffer zBuf.
+*/
+static int unixRandomness(sqlite3_vfs *NotUsed, int nBuf, char *zBuf){
+ UNUSED_PARAMETER(NotUsed);
+ assert((size_t)nBuf>=(sizeof(time_t)+sizeof(int)));
+
+ /* We have to initialize zBuf to prevent valgrind from reporting
+ ** errors. The reports issued by valgrind are incorrect - we would
+ ** prefer that the randomness be increased by making use of the
+ ** uninitialized space in zBuf - but valgrind errors tend to worry
+ ** some users. Rather than argue, it seems easier just to initialize
+ ** the whole array and silence valgrind, even if that means less randomness
+ ** in the random seed.
+ **
+ ** When testing, initializing zBuf[] to zero is all we do. That means
+ ** that we always use the same random number sequence. This makes the
+ ** tests repeatable.
+ */
+ memset(zBuf, 0, nBuf);
+ randomnessPid = osGetpid(0);
+#if !defined(SQLITE_TEST) && !defined(SQLITE_OMIT_RANDOMNESS)
+ {
+ int fd, got;
+ fd = robust_open("/dev/urandom", O_RDONLY, 0);
+ if( fd<0 ){
+ time_t t;
+ time(&t);
+ memcpy(zBuf, &t, sizeof(t));
+ memcpy(&zBuf[sizeof(t)], &randomnessPid, sizeof(randomnessPid));
+ assert( sizeof(t)+sizeof(randomnessPid)<=(size_t)nBuf );
+ nBuf = sizeof(t) + sizeof(randomnessPid);
+ }else{
+ do{ got = osRead(fd, zBuf, nBuf); }while( got<0 && errno==EINTR );
+ robust_close(0, fd, __LINE__);
+ }
+ }
+#endif
+ return nBuf;
+}
+
+
+/*
+** Sleep for a little while. Return the amount of time slept.
+** The argument is the number of microseconds we want to sleep.
+** The return value is the number of microseconds of sleep actually
+** requested from the underlying operating system, a number which
+** might be greater than or equal to the argument, but not less
+** than the argument.
+*/
+static int unixSleep(sqlite3_vfs *NotUsed, int microseconds){
+#if OS_VXWORKS
+ struct timespec sp;
+
+ sp.tv_sec = microseconds / 1000000;
+ sp.tv_nsec = (microseconds % 1000000) * 1000;
+ nanosleep(&sp, NULL);
+ UNUSED_PARAMETER(NotUsed);
+ return microseconds;
+#elif defined(HAVE_USLEEP) && HAVE_USLEEP
+ usleep(microseconds);
+ UNUSED_PARAMETER(NotUsed);
+ return microseconds;
+#else
+ int seconds = (microseconds+999999)/1000000;
+ sleep(seconds);
+ UNUSED_PARAMETER(NotUsed);
+ return seconds*1000000;
+#endif
+}
+
+/*
+** The following variable, if set to a non-zero value, is interpreted as
+** the number of seconds since 1970 and is used to set the result of
+** sqlite3OsCurrentTime() during testing.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_current_time = 0; /* Fake system time in seconds since 1970. */
+#endif
+
+/*
+** Find the current time (in Universal Coordinated Time). Write into *piNow
+** the current time and date as a Julian Day number times 86_400_000. In
+** other words, write into *piNow the number of milliseconds since the Julian
+** epoch of noon in Greenwich on November 24, 4714 B.C according to the
+** proleptic Gregorian calendar.
+**
+** On success, return SQLITE_OK. Return SQLITE_ERROR if the time and date
+** cannot be found.
+*/
+static int unixCurrentTimeInt64(sqlite3_vfs *NotUsed, sqlite3_int64 *piNow){
+ static const sqlite3_int64 unixEpoch = 24405875*(sqlite3_int64)8640000;
+ int rc = SQLITE_OK;
+#if defined(NO_GETTOD)
+ time_t t;
+ time(&t);
+ *piNow = ((sqlite3_int64)t)*1000 + unixEpoch;
+#elif OS_VXWORKS
+ struct timespec sNow;
+ clock_gettime(CLOCK_REALTIME, &sNow);
+ *piNow = unixEpoch + 1000*(sqlite3_int64)sNow.tv_sec + sNow.tv_nsec/1000000;
+#else
+ struct timeval sNow;
+ (void)gettimeofday(&sNow, 0); /* Cannot fail given valid arguments */
+ *piNow = unixEpoch + 1000*(sqlite3_int64)sNow.tv_sec + sNow.tv_usec/1000;
+#endif
+
+#ifdef SQLITE_TEST
+ if( sqlite3_current_time ){
+ *piNow = 1000*(sqlite3_int64)sqlite3_current_time + unixEpoch;
+ }
+#endif
+ UNUSED_PARAMETER(NotUsed);
+ return rc;
+}
+
+#if 0 /* Not used */
+/*
+** Find the current time (in Universal Coordinated Time). Write the
+** current time and date as a Julian Day number into *prNow and
+** return 0. Return 1 if the time and date cannot be found.
+*/
+static int unixCurrentTime(sqlite3_vfs *NotUsed, double *prNow){
+ sqlite3_int64 i = 0;
+ int rc;
+ UNUSED_PARAMETER(NotUsed);
+ rc = unixCurrentTimeInt64(0, &i);
+ *prNow = i/86400000.0;
+ return rc;
+}
+#else
+# define unixCurrentTime 0
+#endif
+
+#if 0 /* Not used */
+/*
+** We added the xGetLastError() method with the intention of providing
+** better low-level error messages when operating-system problems come up
+** during SQLite operation. But so far, none of that has been implemented
+** in the core. So this routine is never called. For now, it is merely
+** a place-holder.
+*/
+static int unixGetLastError(sqlite3_vfs *NotUsed, int NotUsed2, char *NotUsed3){
+ UNUSED_PARAMETER(NotUsed);
+ UNUSED_PARAMETER(NotUsed2);
+ UNUSED_PARAMETER(NotUsed3);
+ return 0;
+}
+#else
+# define unixGetLastError 0
+#endif
+
+
+/*
+************************ End of sqlite3_vfs methods ***************************
+******************************************************************************/
+
+/******************************************************************************
+************************** Begin Proxy Locking ********************************
+**
+** Proxy locking is a "uber-locking-method" in this sense: It uses the
+** other locking methods on secondary lock files. Proxy locking is a
+** meta-layer over top of the primitive locking implemented above. For
+** this reason, the division that implements of proxy locking is deferred
+** until late in the file (here) after all of the other I/O methods have
+** been defined - so that the primitive locking methods are available
+** as services to help with the implementation of proxy locking.
+**
+****
+**
+** The default locking schemes in SQLite use byte-range locks on the
+** database file to coordinate safe, concurrent access by multiple readers
+** and writers [http://sqlite.org/lockingv3.html]. The five file locking
+** states (UNLOCKED, PENDING, SHARED, RESERVED, EXCLUSIVE) are implemented
+** as POSIX read & write locks over fixed set of locations (via fsctl),
+** on AFP and SMB only exclusive byte-range locks are available via fsctl
+** with _IOWR('z', 23, struct ByteRangeLockPB2) to track the same 5 states.
+** To simulate a F_RDLCK on the shared range, on AFP a randomly selected
+** address in the shared range is taken for a SHARED lock, the entire
+** shared range is taken for an EXCLUSIVE lock):
+**
+** PENDING_BYTE 0x40000000
+** RESERVED_BYTE 0x40000001
+** SHARED_RANGE 0x40000002 -> 0x40000200
+**
+** This works well on the local file system, but shows a nearly 100x
+** slowdown in read performance on AFP because the AFP client disables
+** the read cache when byte-range locks are present. Enabling the read
+** cache exposes a cache coherency problem that is present on all OS X
+** supported network file systems. NFS and AFP both observe the
+** close-to-open semantics for ensuring cache coherency
+** [http://nfs.sourceforge.net/#faq_a8], which does not effectively
+** address the requirements for concurrent database access by multiple
+** readers and writers
+** [http://www.nabble.com/SQLite-on-NFS-cache-coherency-td15655701.html].
+**
+** To address the performance and cache coherency issues, proxy file locking
+** changes the way database access is controlled by limiting access to a
+** single host at a time and moving file locks off of the database file
+** and onto a proxy file on the local file system.
+**
+**
+** Using proxy locks
+** -----------------
+**
+** C APIs
+**
+** sqlite3_file_control(db, dbname, SQLITE_FCNTL_SET_LOCKPROXYFILE,
+** <proxy_path> | ":auto:");
+** sqlite3_file_control(db, dbname, SQLITE_FCNTL_GET_LOCKPROXYFILE,
+** &<proxy_path>);
+**
+**
+** SQL pragmas
+**
+** PRAGMA [database.]lock_proxy_file=<proxy_path> | :auto:
+** PRAGMA [database.]lock_proxy_file
+**
+** Specifying ":auto:" means that if there is a conch file with a matching
+** host ID in it, the proxy path in the conch file will be used, otherwise
+** a proxy path based on the user's temp dir
+** (via confstr(_CS_DARWIN_USER_TEMP_DIR,...)) will be used and the
+** actual proxy file name is generated from the name and path of the
+** database file. For example:
+**
+** For database path "/Users/me/foo.db"
+** The lock path will be "<tmpdir>/sqliteplocks/_Users_me_foo.db:auto:")
+**
+** Once a lock proxy is configured for a database connection, it can not
+** be removed, however it may be switched to a different proxy path via
+** the above APIs (assuming the conch file is not being held by another
+** connection or process).
+**
+**
+** How proxy locking works
+** -----------------------
+**
+** Proxy file locking relies primarily on two new supporting files:
+**
+** * conch file to limit access to the database file to a single host
+** at a time
+**
+** * proxy file to act as a proxy for the advisory locks normally
+** taken on the database
+**
+** The conch file - to use a proxy file, sqlite must first "hold the conch"
+** by taking an sqlite-style shared lock on the conch file, reading the
+** contents and comparing the host's unique host ID (see below) and lock
+** proxy path against the values stored in the conch. The conch file is
+** stored in the same directory as the database file and the file name
+** is patterned after the database file name as ".<databasename>-conch".
+** If the conch file does not exist, or its contents do not match the
+** host ID and/or proxy path, then the lock is escalated to an exclusive
+** lock and the conch file contents is updated with the host ID and proxy
+** path and the lock is downgraded to a shared lock again. If the conch
+** is held by another process (with a shared lock), the exclusive lock
+** will fail and SQLITE_BUSY is returned.
+**
+** The proxy file - a single-byte file used for all advisory file locks
+** normally taken on the database file. This allows for safe sharing
+** of the database file for multiple readers and writers on the same
+** host (the conch ensures that they all use the same local lock file).
+**
+** Requesting the lock proxy does not immediately take the conch, it is
+** only taken when the first request to lock database file is made.
+** This matches the semantics of the traditional locking behavior, where
+** opening a connection to a database file does not take a lock on it.
+** The shared lock and an open file descriptor are maintained until
+** the connection to the database is closed.
+**
+** The proxy file and the lock file are never deleted so they only need
+** to be created the first time they are used.
+**
+** Configuration options
+** ---------------------
+**
+** SQLITE_PREFER_PROXY_LOCKING
+**
+** Database files accessed on non-local file systems are
+** automatically configured for proxy locking, lock files are
+** named automatically using the same logic as
+** PRAGMA lock_proxy_file=":auto:"
+**
+** SQLITE_PROXY_DEBUG
+**
+** Enables the logging of error messages during host id file
+** retrieval and creation
+**
+** LOCKPROXYDIR
+**
+** Overrides the default directory used for lock proxy files that
+** are named automatically via the ":auto:" setting
+**
+** SQLITE_DEFAULT_PROXYDIR_PERMISSIONS
+**
+** Permissions to use when creating a directory for storing the
+** lock proxy files, only used when LOCKPROXYDIR is not set.
+**
+**
+** As mentioned above, when compiled with SQLITE_PREFER_PROXY_LOCKING,
+** setting the environment variable SQLITE_FORCE_PROXY_LOCKING to 1 will
+** force proxy locking to be used for every database file opened, and 0
+** will force automatic proxy locking to be disabled for all database
+** files (explicitly calling the SQLITE_FCNTL_SET_LOCKPROXYFILE pragma or
+** sqlite_file_control API is not affected by SQLITE_FORCE_PROXY_LOCKING).
+*/
+
+/*
+** Proxy locking is only available on MacOSX
+*/
+#if defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE
+
+/*
+** The proxyLockingContext has the path and file structures for the remote
+** and local proxy files in it
+*/
+typedef struct proxyLockingContext proxyLockingContext;
+struct proxyLockingContext {
+ unixFile *conchFile; /* Open conch file */
+ char *conchFilePath; /* Name of the conch file */
+ unixFile *lockProxy; /* Open proxy lock file */
+ char *lockProxyPath; /* Name of the proxy lock file */
+ char *dbPath; /* Name of the open file */
+ int conchHeld; /* 1 if the conch is held, -1 if lockless */
+ int nFails; /* Number of conch taking failures */
+ void *oldLockingContext; /* Original lockingcontext to restore on close */
+ sqlite3_io_methods const *pOldMethod; /* Original I/O methods for close */
+};
+
+/*
+** The proxy lock file path for the database at dbPath is written into lPath,
+** which must point to valid, writable memory large enough for a maxLen length
+** file path.
+*/
+static int proxyGetLockPath(const char *dbPath, char *lPath, size_t maxLen){
+ int len;
+ int dbLen;
+ int i;
+
+#ifdef LOCKPROXYDIR
+ len = strlcpy(lPath, LOCKPROXYDIR, maxLen);
+#else
+# ifdef _CS_DARWIN_USER_TEMP_DIR
+ {
+ if( !confstr(_CS_DARWIN_USER_TEMP_DIR, lPath, maxLen) ){
+ OSTRACE(("GETLOCKPATH failed %s errno=%d pid=%d\n",
+ lPath, errno, osGetpid(0)));
+ return SQLITE_IOERR_LOCK;
+ }
+ len = strlcat(lPath, "sqliteplocks", maxLen);
+ }
+# else
+ len = strlcpy(lPath, "/tmp/", maxLen);
+# endif
+#endif
+
+ if( lPath[len-1]!='/' ){
+ len = strlcat(lPath, "/", maxLen);
+ }
+
+ /* transform the db path to a unique cache name */
+ dbLen = (int)strlen(dbPath);
+ for( i=0; i<dbLen && (i+len+7)<(int)maxLen; i++){
+ char c = dbPath[i];
+ lPath[i+len] = (c=='/')?'_':c;
+ }
+ lPath[i+len]='\0';
+ strlcat(lPath, ":auto:", maxLen);
+ OSTRACE(("GETLOCKPATH proxy lock path=%s pid=%d\n", lPath, osGetpid(0)));
+ return SQLITE_OK;
+}
+
+/*
+ ** Creates the lock file and any missing directories in lockPath
+ */
+static int proxyCreateLockPath(const char *lockPath){
+ int i, len;
+ char buf[MAXPATHLEN];
+ int start = 0;
+
+ assert(lockPath!=NULL);
+ /* try to create all the intermediate directories */
+ len = (int)strlen(lockPath);
+ buf[0] = lockPath[0];
+ for( i=1; i<len; i++ ){
+ if( lockPath[i] == '/' && (i - start > 0) ){
+ /* only mkdir if leaf dir != "." or "/" or ".." */
+ if( i-start>2 || (i-start==1 && buf[start] != '.' && buf[start] != '/')
+ || (i-start==2 && buf[start] != '.' && buf[start+1] != '.') ){
+ buf[i]='\0';
+ if( osMkdir(buf, SQLITE_DEFAULT_PROXYDIR_PERMISSIONS) ){
+ int err=errno;
+ if( err!=EEXIST ) {
+ OSTRACE(("CREATELOCKPATH FAILED creating %s, "
+ "'%s' proxy lock path=%s pid=%d\n",
+ buf, strerror(err), lockPath, osGetpid(0)));
+ return err;
+ }
+ }
+ }
+ start=i+1;
+ }
+ buf[i] = lockPath[i];
+ }
+ OSTRACE(("CREATELOCKPATH proxy lock path=%s pid=%d\n",lockPath,osGetpid(0)));
+ return 0;
+}
+
+/*
+** Create a new VFS file descriptor (stored in memory obtained from
+** sqlite3_malloc) and open the file named "path" in the file descriptor.
+**
+** The caller is responsible not only for closing the file descriptor
+** but also for freeing the memory associated with the file descriptor.
+*/
+static int proxyCreateUnixFile(
+ const char *path, /* path for the new unixFile */
+ unixFile **ppFile, /* unixFile created and returned by ref */
+ int islockfile /* if non zero missing dirs will be created */
+) {
+ int fd = -1;
+ unixFile *pNew;
+ int rc = SQLITE_OK;
+ int openFlags = O_RDWR | O_CREAT;
+ sqlite3_vfs dummyVfs;
+ int terrno = 0;
+ UnixUnusedFd *pUnused = NULL;
+
+ /* 1. first try to open/create the file
+ ** 2. if that fails, and this is a lock file (not-conch), try creating
+ ** the parent directories and then try again.
+ ** 3. if that fails, try to open the file read-only
+ ** otherwise return BUSY (if lock file) or CANTOPEN for the conch file
+ */
+ pUnused = findReusableFd(path, openFlags);
+ if( pUnused ){
+ fd = pUnused->fd;
+ }else{
+ pUnused = sqlite3_malloc64(sizeof(*pUnused));
+ if( !pUnused ){
+ return SQLITE_NOMEM;
+ }
+ }
+ if( fd<0 ){
+ fd = robust_open(path, openFlags, 0);
+ terrno = errno;
+ if( fd<0 && errno==ENOENT && islockfile ){
+ if( proxyCreateLockPath(path) == SQLITE_OK ){
+ fd = robust_open(path, openFlags, 0);
+ }
+ }
+ }
+ if( fd<0 ){
+ openFlags = O_RDONLY;
+ fd = robust_open(path, openFlags, 0);
+ terrno = errno;
+ }
+ if( fd<0 ){
+ if( islockfile ){
+ return SQLITE_BUSY;
+ }
+ switch (terrno) {
+ case EACCES:
+ return SQLITE_PERM;
+ case EIO:
+ return SQLITE_IOERR_LOCK; /* even though it is the conch */
+ default:
+ return SQLITE_CANTOPEN_BKPT;
+ }
+ }
+
+ pNew = (unixFile *)sqlite3_malloc64(sizeof(*pNew));
+ if( pNew==NULL ){
+ rc = SQLITE_NOMEM;
+ goto end_create_proxy;
+ }
+ memset(pNew, 0, sizeof(unixFile));
+ pNew->openFlags = openFlags;
+ memset(&dummyVfs, 0, sizeof(dummyVfs));
+ dummyVfs.pAppData = (void*)&autolockIoFinder;
+ dummyVfs.zName = "dummy";
+ pUnused->fd = fd;
+ pUnused->flags = openFlags;
+ pNew->pUnused = pUnused;
+
+ rc = fillInUnixFile(&dummyVfs, fd, (sqlite3_file*)pNew, path, 0);
+ if( rc==SQLITE_OK ){
+ *ppFile = pNew;
+ return SQLITE_OK;
+ }
+end_create_proxy:
+ robust_close(pNew, fd, __LINE__);
+ sqlite3_free(pNew);
+ sqlite3_free(pUnused);
+ return rc;
+}
+
+#ifdef SQLITE_TEST
+/* simulate multiple hosts by creating unique hostid file paths */
+SQLITE_API int sqlite3_hostid_num = 0;
+#endif
+
+#define PROXY_HOSTIDLEN 16 /* conch file host id length */
+
+#ifdef HAVE_GETHOSTUUID
+/* Not always defined in the headers as it ought to be */
+extern int gethostuuid(uuid_t id, const struct timespec *wait);
+#endif
+
+/* get the host ID via gethostuuid(), pHostID must point to PROXY_HOSTIDLEN
+** bytes of writable memory.
+*/
+static int proxyGetHostID(unsigned char *pHostID, int *pError){
+ assert(PROXY_HOSTIDLEN == sizeof(uuid_t));
+ memset(pHostID, 0, PROXY_HOSTIDLEN);
+#ifdef HAVE_GETHOSTUUID
+ {
+ struct timespec timeout = {1, 0}; /* 1 sec timeout */
+ if( gethostuuid(pHostID, &timeout) ){
+ int err = errno;
+ if( pError ){
+ *pError = err;
+ }
+ return SQLITE_IOERR;
+ }
+ }
+#else
+ UNUSED_PARAMETER(pError);
+#endif
+#ifdef SQLITE_TEST
+ /* simulate multiple hosts by creating unique hostid file paths */
+ if( sqlite3_hostid_num != 0){
+ pHostID[0] = (char)(pHostID[0] + (char)(sqlite3_hostid_num & 0xFF));
+ }
+#endif
+
+ return SQLITE_OK;
+}
+
+/* The conch file contains the header, host id and lock file path
+ */
+#define PROXY_CONCHVERSION 2 /* 1-byte header, 16-byte host id, path */
+#define PROXY_HEADERLEN 1 /* conch file header length */
+#define PROXY_PATHINDEX (PROXY_HEADERLEN+PROXY_HOSTIDLEN)
+#define PROXY_MAXCONCHLEN (PROXY_HEADERLEN+PROXY_HOSTIDLEN+MAXPATHLEN)
+
+/*
+** Takes an open conch file, copies the contents to a new path and then moves
+** it back. The newly created file's file descriptor is assigned to the
+** conch file structure and finally the original conch file descriptor is
+** closed. Returns zero if successful.
+*/
+static int proxyBreakConchLock(unixFile *pFile, uuid_t myHostID){
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+ unixFile *conchFile = pCtx->conchFile;
+ char tPath[MAXPATHLEN];
+ char buf[PROXY_MAXCONCHLEN];
+ char *cPath = pCtx->conchFilePath;
+ size_t readLen = 0;
+ size_t pathLen = 0;
+ char errmsg[64] = "";
+ int fd = -1;
+ int rc = -1;
+ UNUSED_PARAMETER(myHostID);
+
+ /* create a new path by replace the trailing '-conch' with '-break' */
+ pathLen = strlcpy(tPath, cPath, MAXPATHLEN);
+ if( pathLen>MAXPATHLEN || pathLen<6 ||
+ (strlcpy(&tPath[pathLen-5], "break", 6) != 5) ){
+ sqlite3_snprintf(sizeof(errmsg),errmsg,"path error (len %d)",(int)pathLen);
+ goto end_breaklock;
+ }
+ /* read the conch content */
+ readLen = osPread(conchFile->h, buf, PROXY_MAXCONCHLEN, 0);
+ if( readLen<PROXY_PATHINDEX ){
+ sqlite3_snprintf(sizeof(errmsg),errmsg,"read error (len %d)",(int)readLen);
+ goto end_breaklock;
+ }
+ /* write it out to the temporary break file */
+ fd = robust_open(tPath, (O_RDWR|O_CREAT|O_EXCL), 0);
+ if( fd<0 ){
+ sqlite3_snprintf(sizeof(errmsg), errmsg, "create failed (%d)", errno);
+ goto end_breaklock;
+ }
+ if( osPwrite(fd, buf, readLen, 0) != (ssize_t)readLen ){
+ sqlite3_snprintf(sizeof(errmsg), errmsg, "write failed (%d)", errno);
+ goto end_breaklock;
+ }
+ if( rename(tPath, cPath) ){
+ sqlite3_snprintf(sizeof(errmsg), errmsg, "rename failed (%d)", errno);
+ goto end_breaklock;
+ }
+ rc = 0;
+ fprintf(stderr, "broke stale lock on %s\n", cPath);
+ robust_close(pFile, conchFile->h, __LINE__);
+ conchFile->h = fd;
+ conchFile->openFlags = O_RDWR | O_CREAT;
+
+end_breaklock:
+ if( rc ){
+ if( fd>=0 ){
+ osUnlink(tPath);
+ robust_close(pFile, fd, __LINE__);
+ }
+ fprintf(stderr, "failed to break stale lock on %s, %s\n", cPath, errmsg);
+ }
+ return rc;
+}
+
+/* Take the requested lock on the conch file and break a stale lock if the
+** host id matches.
+*/
+static int proxyConchLock(unixFile *pFile, uuid_t myHostID, int lockType){
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+ unixFile *conchFile = pCtx->conchFile;
+ int rc = SQLITE_OK;
+ int nTries = 0;
+ struct timespec conchModTime;
+
+ memset(&conchModTime, 0, sizeof(conchModTime));
+ do {
+ rc = conchFile->pMethod->xLock((sqlite3_file*)conchFile, lockType);
+ nTries ++;
+ if( rc==SQLITE_BUSY ){
+ /* If the lock failed (busy):
+ * 1st try: get the mod time of the conch, wait 0.5s and try again.
+ * 2nd try: fail if the mod time changed or host id is different, wait
+ * 10 sec and try again
+ * 3rd try: break the lock unless the mod time has changed.
+ */
+ struct stat buf;
+ if( osFstat(conchFile->h, &buf) ){
+ storeLastErrno(pFile, errno);
+ return SQLITE_IOERR_LOCK;
+ }
+
+ if( nTries==1 ){
+ conchModTime = buf.st_mtimespec;
+ usleep(500000); /* wait 0.5 sec and try the lock again*/
+ continue;
+ }
+
+ assert( nTries>1 );
+ if( conchModTime.tv_sec != buf.st_mtimespec.tv_sec ||
+ conchModTime.tv_nsec != buf.st_mtimespec.tv_nsec ){
+ return SQLITE_BUSY;
+ }
+
+ if( nTries==2 ){
+ char tBuf[PROXY_MAXCONCHLEN];
+ int len = osPread(conchFile->h, tBuf, PROXY_MAXCONCHLEN, 0);
+ if( len<0 ){
+ storeLastErrno(pFile, errno);
+ return SQLITE_IOERR_LOCK;
+ }
+ if( len>PROXY_PATHINDEX && tBuf[0]==(char)PROXY_CONCHVERSION){
+ /* don't break the lock if the host id doesn't match */
+ if( 0!=memcmp(&tBuf[PROXY_HEADERLEN], myHostID, PROXY_HOSTIDLEN) ){
+ return SQLITE_BUSY;
+ }
+ }else{
+ /* don't break the lock on short read or a version mismatch */
+ return SQLITE_BUSY;
+ }
+ usleep(10000000); /* wait 10 sec and try the lock again */
+ continue;
+ }
+
+ assert( nTries==3 );
+ if( 0==proxyBreakConchLock(pFile, myHostID) ){
+ rc = SQLITE_OK;
+ if( lockType==EXCLUSIVE_LOCK ){
+ rc = conchFile->pMethod->xLock((sqlite3_file*)conchFile, SHARED_LOCK);
+ }
+ if( !rc ){
+ rc = conchFile->pMethod->xLock((sqlite3_file*)conchFile, lockType);
+ }
+ }
+ }
+ } while( rc==SQLITE_BUSY && nTries<3 );
+
+ return rc;
+}
+
+/* Takes the conch by taking a shared lock and read the contents conch, if
+** lockPath is non-NULL, the host ID and lock file path must match. A NULL
+** lockPath means that the lockPath in the conch file will be used if the
+** host IDs match, or a new lock path will be generated automatically
+** and written to the conch file.
+*/
+static int proxyTakeConch(unixFile *pFile){
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+
+ if( pCtx->conchHeld!=0 ){
+ return SQLITE_OK;
+ }else{
+ unixFile *conchFile = pCtx->conchFile;
+ uuid_t myHostID;
+ int pError = 0;
+ char readBuf[PROXY_MAXCONCHLEN];
+ char lockPath[MAXPATHLEN];
+ char *tempLockPath = NULL;
+ int rc = SQLITE_OK;
+ int createConch = 0;
+ int hostIdMatch = 0;
+ int readLen = 0;
+ int tryOldLockPath = 0;
+ int forceNewLockPath = 0;
+
+ OSTRACE(("TAKECONCH %d for %s pid=%d\n", conchFile->h,
+ (pCtx->lockProxyPath ? pCtx->lockProxyPath : ":auto:"),
+ osGetpid(0)));
+
+ rc = proxyGetHostID(myHostID, &pError);
+ if( (rc&0xff)==SQLITE_IOERR ){
+ storeLastErrno(pFile, pError);
+ goto end_takeconch;
+ }
+ rc = proxyConchLock(pFile, myHostID, SHARED_LOCK);
+ if( rc!=SQLITE_OK ){
+ goto end_takeconch;
+ }
+ /* read the existing conch file */
+ readLen = seekAndRead((unixFile*)conchFile, 0, readBuf, PROXY_MAXCONCHLEN);
+ if( readLen<0 ){
+ /* I/O error: lastErrno set by seekAndRead */
+ storeLastErrno(pFile, conchFile->lastErrno);
+ rc = SQLITE_IOERR_READ;
+ goto end_takeconch;
+ }else if( readLen<=(PROXY_HEADERLEN+PROXY_HOSTIDLEN) ||
+ readBuf[0]!=(char)PROXY_CONCHVERSION ){
+ /* a short read or version format mismatch means we need to create a new
+ ** conch file.
+ */
+ createConch = 1;
+ }
+ /* if the host id matches and the lock path already exists in the conch
+ ** we'll try to use the path there, if we can't open that path, we'll
+ ** retry with a new auto-generated path
+ */
+ do { /* in case we need to try again for an :auto: named lock file */
+
+ if( !createConch && !forceNewLockPath ){
+ hostIdMatch = !memcmp(&readBuf[PROXY_HEADERLEN], myHostID,
+ PROXY_HOSTIDLEN);
+ /* if the conch has data compare the contents */
+ if( !pCtx->lockProxyPath ){
+ /* for auto-named local lock file, just check the host ID and we'll
+ ** use the local lock file path that's already in there
+ */
+ if( hostIdMatch ){
+ size_t pathLen = (readLen - PROXY_PATHINDEX);
+
+ if( pathLen>=MAXPATHLEN ){
+ pathLen=MAXPATHLEN-1;
+ }
+ memcpy(lockPath, &readBuf[PROXY_PATHINDEX], pathLen);
+ lockPath[pathLen] = 0;
+ tempLockPath = lockPath;
+ tryOldLockPath = 1;
+ /* create a copy of the lock path if the conch is taken */
+ goto end_takeconch;
+ }
+ }else if( hostIdMatch
+ && !strncmp(pCtx->lockProxyPath, &readBuf[PROXY_PATHINDEX],
+ readLen-PROXY_PATHINDEX)
+ ){
+ /* conch host and lock path match */
+ goto end_takeconch;
+ }
+ }
+
+ /* if the conch isn't writable and doesn't match, we can't take it */
+ if( (conchFile->openFlags&O_RDWR) == 0 ){
+ rc = SQLITE_BUSY;
+ goto end_takeconch;
+ }
+
+ /* either the conch didn't match or we need to create a new one */
+ if( !pCtx->lockProxyPath ){
+ proxyGetLockPath(pCtx->dbPath, lockPath, MAXPATHLEN);
+ tempLockPath = lockPath;
+ /* create a copy of the lock path _only_ if the conch is taken */
+ }
+
+ /* update conch with host and path (this will fail if other process
+ ** has a shared lock already), if the host id matches, use the big
+ ** stick.
+ */
+ futimes(conchFile->h, NULL);
+ if( hostIdMatch && !createConch ){
+ if( conchFile->pInode && conchFile->pInode->nShared>1 ){
+ /* We are trying for an exclusive lock but another thread in this
+ ** same process is still holding a shared lock. */
+ rc = SQLITE_BUSY;
+ } else {
+ rc = proxyConchLock(pFile, myHostID, EXCLUSIVE_LOCK);
+ }
+ }else{
+ rc = proxyConchLock(pFile, myHostID, EXCLUSIVE_LOCK);
+ }
+ if( rc==SQLITE_OK ){
+ char writeBuffer[PROXY_MAXCONCHLEN];
+ int writeSize = 0;
+
+ writeBuffer[0] = (char)PROXY_CONCHVERSION;
+ memcpy(&writeBuffer[PROXY_HEADERLEN], myHostID, PROXY_HOSTIDLEN);
+ if( pCtx->lockProxyPath!=NULL ){
+ strlcpy(&writeBuffer[PROXY_PATHINDEX], pCtx->lockProxyPath,
+ MAXPATHLEN);
+ }else{
+ strlcpy(&writeBuffer[PROXY_PATHINDEX], tempLockPath, MAXPATHLEN);
+ }
+ writeSize = PROXY_PATHINDEX + strlen(&writeBuffer[PROXY_PATHINDEX]);
+ robust_ftruncate(conchFile->h, writeSize);
+ rc = unixWrite((sqlite3_file *)conchFile, writeBuffer, writeSize, 0);
+ fsync(conchFile->h);
+ /* If we created a new conch file (not just updated the contents of a
+ ** valid conch file), try to match the permissions of the database
+ */
+ if( rc==SQLITE_OK && createConch ){
+ struct stat buf;
+ int err = osFstat(pFile->h, &buf);
+ if( err==0 ){
+ mode_t cmode = buf.st_mode&(S_IRUSR|S_IWUSR | S_IRGRP|S_IWGRP |
+ S_IROTH|S_IWOTH);
+ /* try to match the database file R/W permissions, ignore failure */
+#ifndef SQLITE_PROXY_DEBUG
+ osFchmod(conchFile->h, cmode);
+#else
+ do{
+ rc = osFchmod(conchFile->h, cmode);
+ }while( rc==(-1) && errno==EINTR );
+ if( rc!=0 ){
+ int code = errno;
+ fprintf(stderr, "fchmod %o FAILED with %d %s\n",
+ cmode, code, strerror(code));
+ } else {
+ fprintf(stderr, "fchmod %o SUCCEDED\n",cmode);
+ }
+ }else{
+ int code = errno;
+ fprintf(stderr, "STAT FAILED[%d] with %d %s\n",
+ err, code, strerror(code));
+#endif
+ }
+ }
+ }
+ conchFile->pMethod->xUnlock((sqlite3_file*)conchFile, SHARED_LOCK);
+
+ end_takeconch:
+ OSTRACE(("TRANSPROXY: CLOSE %d\n", pFile->h));
+ if( rc==SQLITE_OK && pFile->openFlags ){
+ int fd;
+ if( pFile->h>=0 ){
+ robust_close(pFile, pFile->h, __LINE__);
+ }
+ pFile->h = -1;
+ fd = robust_open(pCtx->dbPath, pFile->openFlags, 0);
+ OSTRACE(("TRANSPROXY: OPEN %d\n", fd));
+ if( fd>=0 ){
+ pFile->h = fd;
+ }else{
+ rc=SQLITE_CANTOPEN_BKPT; /* SQLITE_BUSY? proxyTakeConch called
+ during locking */
+ }
+ }
+ if( rc==SQLITE_OK && !pCtx->lockProxy ){
+ char *path = tempLockPath ? tempLockPath : pCtx->lockProxyPath;
+ rc = proxyCreateUnixFile(path, &pCtx->lockProxy, 1);
+ if( rc!=SQLITE_OK && rc!=SQLITE_NOMEM && tryOldLockPath ){
+ /* we couldn't create the proxy lock file with the old lock file path
+ ** so try again via auto-naming
+ */
+ forceNewLockPath = 1;
+ tryOldLockPath = 0;
+ continue; /* go back to the do {} while start point, try again */
+ }
+ }
+ if( rc==SQLITE_OK ){
+ /* Need to make a copy of path if we extracted the value
+ ** from the conch file or the path was allocated on the stack
+ */
+ if( tempLockPath ){
+ pCtx->lockProxyPath = sqlite3DbStrDup(0, tempLockPath);
+ if( !pCtx->lockProxyPath ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ pCtx->conchHeld = 1;
+
+ if( pCtx->lockProxy->pMethod == &afpIoMethods ){
+ afpLockingContext *afpCtx;
+ afpCtx = (afpLockingContext *)pCtx->lockProxy->lockingContext;
+ afpCtx->dbPath = pCtx->lockProxyPath;
+ }
+ } else {
+ conchFile->pMethod->xUnlock((sqlite3_file*)conchFile, NO_LOCK);
+ }
+ OSTRACE(("TAKECONCH %d %s\n", conchFile->h,
+ rc==SQLITE_OK?"ok":"failed"));
+ return rc;
+ } while (1); /* in case we need to retry the :auto: lock file -
+ ** we should never get here except via the 'continue' call. */
+ }
+}
+
+/*
+** If pFile holds a lock on a conch file, then release that lock.
+*/
+static int proxyReleaseConch(unixFile *pFile){
+ int rc = SQLITE_OK; /* Subroutine return code */
+ proxyLockingContext *pCtx; /* The locking context for the proxy lock */
+ unixFile *conchFile; /* Name of the conch file */
+
+ pCtx = (proxyLockingContext *)pFile->lockingContext;
+ conchFile = pCtx->conchFile;
+ OSTRACE(("RELEASECONCH %d for %s pid=%d\n", conchFile->h,
+ (pCtx->lockProxyPath ? pCtx->lockProxyPath : ":auto:"),
+ osGetpid(0)));
+ if( pCtx->conchHeld>0 ){
+ rc = conchFile->pMethod->xUnlock((sqlite3_file*)conchFile, NO_LOCK);
+ }
+ pCtx->conchHeld = 0;
+ OSTRACE(("RELEASECONCH %d %s\n", conchFile->h,
+ (rc==SQLITE_OK ? "ok" : "failed")));
+ return rc;
+}
+
+/*
+** Given the name of a database file, compute the name of its conch file.
+** Store the conch filename in memory obtained from sqlite3_malloc64().
+** Make *pConchPath point to the new name. Return SQLITE_OK on success
+** or SQLITE_NOMEM if unable to obtain memory.
+**
+** The caller is responsible for ensuring that the allocated memory
+** space is eventually freed.
+**
+** *pConchPath is set to NULL if a memory allocation error occurs.
+*/
+static int proxyCreateConchPathname(char *dbPath, char **pConchPath){
+ int i; /* Loop counter */
+ int len = (int)strlen(dbPath); /* Length of database filename - dbPath */
+ char *conchPath; /* buffer in which to construct conch name */
+
+ /* Allocate space for the conch filename and initialize the name to
+ ** the name of the original database file. */
+ *pConchPath = conchPath = (char *)sqlite3_malloc64(len + 8);
+ if( conchPath==0 ){
+ return SQLITE_NOMEM;
+ }
+ memcpy(conchPath, dbPath, len+1);
+
+ /* now insert a "." before the last / character */
+ for( i=(len-1); i>=0; i-- ){
+ if( conchPath[i]=='/' ){
+ i++;
+ break;
+ }
+ }
+ conchPath[i]='.';
+ while ( i<len ){
+ conchPath[i+1]=dbPath[i];
+ i++;
+ }
+
+ /* append the "-conch" suffix to the file */
+ memcpy(&conchPath[i+1], "-conch", 7);
+ assert( (int)strlen(conchPath) == len+7 );
+
+ return SQLITE_OK;
+}
+
+
+/* Takes a fully configured proxy locking-style unix file and switches
+** the local lock file path
+*/
+static int switchLockProxyPath(unixFile *pFile, const char *path) {
+ proxyLockingContext *pCtx = (proxyLockingContext*)pFile->lockingContext;
+ char *oldPath = pCtx->lockProxyPath;
+ int rc = SQLITE_OK;
+
+ if( pFile->eFileLock!=NO_LOCK ){
+ return SQLITE_BUSY;
+ }
+
+ /* nothing to do if the path is NULL, :auto: or matches the existing path */
+ if( !path || path[0]=='\0' || !strcmp(path, ":auto:") ||
+ (oldPath && !strncmp(oldPath, path, MAXPATHLEN)) ){
+ return SQLITE_OK;
+ }else{
+ unixFile *lockProxy = pCtx->lockProxy;
+ pCtx->lockProxy=NULL;
+ pCtx->conchHeld = 0;
+ if( lockProxy!=NULL ){
+ rc=lockProxy->pMethod->xClose((sqlite3_file *)lockProxy);
+ if( rc ) return rc;
+ sqlite3_free(lockProxy);
+ }
+ sqlite3_free(oldPath);
+ pCtx->lockProxyPath = sqlite3DbStrDup(0, path);
+ }
+
+ return rc;
+}
+
+/*
+** pFile is a file that has been opened by a prior xOpen call. dbPath
+** is a string buffer at least MAXPATHLEN+1 characters in size.
+**
+** This routine find the filename associated with pFile and writes it
+** int dbPath.
+*/
+static int proxyGetDbPathForUnixFile(unixFile *pFile, char *dbPath){
+#if defined(__APPLE__)
+ if( pFile->pMethod == &afpIoMethods ){
+ /* afp style keeps a reference to the db path in the filePath field
+ ** of the struct */
+ assert( (int)strlen((char*)pFile->lockingContext)<=MAXPATHLEN );
+ strlcpy(dbPath, ((afpLockingContext *)pFile->lockingContext)->dbPath,
+ MAXPATHLEN);
+ } else
+#endif
+ if( pFile->pMethod == &dotlockIoMethods ){
+ /* dot lock style uses the locking context to store the dot lock
+ ** file path */
+ int len = strlen((char *)pFile->lockingContext) - strlen(DOTLOCK_SUFFIX);
+ memcpy(dbPath, (char *)pFile->lockingContext, len + 1);
+ }else{
+ /* all other styles use the locking context to store the db file path */
+ assert( strlen((char*)pFile->lockingContext)<=MAXPATHLEN );
+ strlcpy(dbPath, (char *)pFile->lockingContext, MAXPATHLEN);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Takes an already filled in unix file and alters it so all file locking
+** will be performed on the local proxy lock file. The following fields
+** are preserved in the locking context so that they can be restored and
+** the unix structure properly cleaned up at close time:
+** ->lockingContext
+** ->pMethod
+*/
+static int proxyTransformUnixFile(unixFile *pFile, const char *path) {
+ proxyLockingContext *pCtx;
+ char dbPath[MAXPATHLEN+1]; /* Name of the database file */
+ char *lockPath=NULL;
+ int rc = SQLITE_OK;
+
+ if( pFile->eFileLock!=NO_LOCK ){
+ return SQLITE_BUSY;
+ }
+ proxyGetDbPathForUnixFile(pFile, dbPath);
+ if( !path || path[0]=='\0' || !strcmp(path, ":auto:") ){
+ lockPath=NULL;
+ }else{
+ lockPath=(char *)path;
+ }
+
+ OSTRACE(("TRANSPROXY %d for %s pid=%d\n", pFile->h,
+ (lockPath ? lockPath : ":auto:"), osGetpid(0)));
+
+ pCtx = sqlite3_malloc64( sizeof(*pCtx) );
+ if( pCtx==0 ){
+ return SQLITE_NOMEM;
+ }
+ memset(pCtx, 0, sizeof(*pCtx));
+
+ rc = proxyCreateConchPathname(dbPath, &pCtx->conchFilePath);
+ if( rc==SQLITE_OK ){
+ rc = proxyCreateUnixFile(pCtx->conchFilePath, &pCtx->conchFile, 0);
+ if( rc==SQLITE_CANTOPEN && ((pFile->openFlags&O_RDWR) == 0) ){
+ /* if (a) the open flags are not O_RDWR, (b) the conch isn't there, and
+ ** (c) the file system is read-only, then enable no-locking access.
+ ** Ugh, since O_RDONLY==0x0000 we test for !O_RDWR since unixOpen asserts
+ ** that openFlags will have only one of O_RDONLY or O_RDWR.
+ */
+ struct statfs fsInfo;
+ struct stat conchInfo;
+ int goLockless = 0;
+
+ if( osStat(pCtx->conchFilePath, &conchInfo) == -1 ) {
+ int err = errno;
+ if( (err==ENOENT) && (statfs(dbPath, &fsInfo) != -1) ){
+ goLockless = (fsInfo.f_flags&MNT_RDONLY) == MNT_RDONLY;
+ }
+ }
+ if( goLockless ){
+ pCtx->conchHeld = -1; /* read only FS/ lockless */
+ rc = SQLITE_OK;
+ }
+ }
+ }
+ if( rc==SQLITE_OK && lockPath ){
+ pCtx->lockProxyPath = sqlite3DbStrDup(0, lockPath);
+ }
+
+ if( rc==SQLITE_OK ){
+ pCtx->dbPath = sqlite3DbStrDup(0, dbPath);
+ if( pCtx->dbPath==NULL ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+ if( rc==SQLITE_OK ){
+ /* all memory is allocated, proxys are created and assigned,
+ ** switch the locking context and pMethod then return.
+ */
+ pCtx->oldLockingContext = pFile->lockingContext;
+ pFile->lockingContext = pCtx;
+ pCtx->pOldMethod = pFile->pMethod;
+ pFile->pMethod = &proxyIoMethods;
+ }else{
+ if( pCtx->conchFile ){
+ pCtx->conchFile->pMethod->xClose((sqlite3_file *)pCtx->conchFile);
+ sqlite3_free(pCtx->conchFile);
+ }
+ sqlite3DbFree(0, pCtx->lockProxyPath);
+ sqlite3_free(pCtx->conchFilePath);
+ sqlite3_free(pCtx);
+ }
+ OSTRACE(("TRANSPROXY %d %s\n", pFile->h,
+ (rc==SQLITE_OK ? "ok" : "failed")));
+ return rc;
+}
+
+
+/*
+** This routine handles sqlite3_file_control() calls that are specific
+** to proxy locking.
+*/
+static int proxyFileControl(sqlite3_file *id, int op, void *pArg){
+ switch( op ){
+ case SQLITE_FCNTL_GET_LOCKPROXYFILE: {
+ unixFile *pFile = (unixFile*)id;
+ if( pFile->pMethod == &proxyIoMethods ){
+ proxyLockingContext *pCtx = (proxyLockingContext*)pFile->lockingContext;
+ proxyTakeConch(pFile);
+ if( pCtx->lockProxyPath ){
+ *(const char **)pArg = pCtx->lockProxyPath;
+ }else{
+ *(const char **)pArg = ":auto: (not held)";
+ }
+ } else {
+ *(const char **)pArg = NULL;
+ }
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_SET_LOCKPROXYFILE: {
+ unixFile *pFile = (unixFile*)id;
+ int rc = SQLITE_OK;
+ int isProxyStyle = (pFile->pMethod == &proxyIoMethods);
+ if( pArg==NULL || (const char *)pArg==0 ){
+ if( isProxyStyle ){
+ /* turn off proxy locking - not supported. If support is added for
+ ** switching proxy locking mode off then it will need to fail if
+ ** the journal mode is WAL mode.
+ */
+ rc = SQLITE_ERROR /*SQLITE_PROTOCOL? SQLITE_MISUSE?*/;
+ }else{
+ /* turn off proxy locking - already off - NOOP */
+ rc = SQLITE_OK;
+ }
+ }else{
+ const char *proxyPath = (const char *)pArg;
+ if( isProxyStyle ){
+ proxyLockingContext *pCtx =
+ (proxyLockingContext*)pFile->lockingContext;
+ if( !strcmp(pArg, ":auto:")
+ || (pCtx->lockProxyPath &&
+ !strncmp(pCtx->lockProxyPath, proxyPath, MAXPATHLEN))
+ ){
+ rc = SQLITE_OK;
+ }else{
+ rc = switchLockProxyPath(pFile, proxyPath);
+ }
+ }else{
+ /* turn on proxy file locking */
+ rc = proxyTransformUnixFile(pFile, proxyPath);
+ }
+ }
+ return rc;
+ }
+ default: {
+ assert( 0 ); /* The call assures that only valid opcodes are sent */
+ }
+ }
+ /*NOTREACHED*/
+ return SQLITE_ERROR;
+}
+
+/*
+** Within this division (the proxying locking implementation) the procedures
+** above this point are all utilities. The lock-related methods of the
+** proxy-locking sqlite3_io_method object follow.
+*/
+
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, set *pResOut
+** to a non-zero value otherwise *pResOut is set to zero. The return value
+** is set to SQLITE_OK unless an I/O error occurs during lock checking.
+*/
+static int proxyCheckReservedLock(sqlite3_file *id, int *pResOut) {
+ unixFile *pFile = (unixFile*)id;
+ int rc = proxyTakeConch(pFile);
+ if( rc==SQLITE_OK ){
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+ if( pCtx->conchHeld>0 ){
+ unixFile *proxy = pCtx->lockProxy;
+ return proxy->pMethod->xCheckReservedLock((sqlite3_file*)proxy, pResOut);
+ }else{ /* conchHeld < 0 is lockless */
+ pResOut=0;
+ }
+ }
+ return rc;
+}
+
+/*
+** Lock the file with the lock specified by parameter eFileLock - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** This routine will only increase a lock. Use the sqlite3OsUnlock()
+** routine to lower a locking level.
+*/
+static int proxyLock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+ int rc = proxyTakeConch(pFile);
+ if( rc==SQLITE_OK ){
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+ if( pCtx->conchHeld>0 ){
+ unixFile *proxy = pCtx->lockProxy;
+ rc = proxy->pMethod->xLock((sqlite3_file*)proxy, eFileLock);
+ pFile->eFileLock = proxy->eFileLock;
+ }else{
+ /* conchHeld < 0 is lockless */
+ }
+ }
+ return rc;
+}
+
+
+/*
+** Lower the locking level on file descriptor pFile to eFileLock. eFileLock
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+*/
+static int proxyUnlock(sqlite3_file *id, int eFileLock) {
+ unixFile *pFile = (unixFile*)id;
+ int rc = proxyTakeConch(pFile);
+ if( rc==SQLITE_OK ){
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+ if( pCtx->conchHeld>0 ){
+ unixFile *proxy = pCtx->lockProxy;
+ rc = proxy->pMethod->xUnlock((sqlite3_file*)proxy, eFileLock);
+ pFile->eFileLock = proxy->eFileLock;
+ }else{
+ /* conchHeld < 0 is lockless */
+ }
+ }
+ return rc;
+}
+
+/*
+** Close a file that uses proxy locks.
+*/
+static int proxyClose(sqlite3_file *id) {
+ if( ALWAYS(id) ){
+ unixFile *pFile = (unixFile*)id;
+ proxyLockingContext *pCtx = (proxyLockingContext *)pFile->lockingContext;
+ unixFile *lockProxy = pCtx->lockProxy;
+ unixFile *conchFile = pCtx->conchFile;
+ int rc = SQLITE_OK;
+
+ if( lockProxy ){
+ rc = lockProxy->pMethod->xUnlock((sqlite3_file*)lockProxy, NO_LOCK);
+ if( rc ) return rc;
+ rc = lockProxy->pMethod->xClose((sqlite3_file*)lockProxy);
+ if( rc ) return rc;
+ sqlite3_free(lockProxy);
+ pCtx->lockProxy = 0;
+ }
+ if( conchFile ){
+ if( pCtx->conchHeld ){
+ rc = proxyReleaseConch(pFile);
+ if( rc ) return rc;
+ }
+ rc = conchFile->pMethod->xClose((sqlite3_file*)conchFile);
+ if( rc ) return rc;
+ sqlite3_free(conchFile);
+ }
+ sqlite3DbFree(0, pCtx->lockProxyPath);
+ sqlite3_free(pCtx->conchFilePath);
+ sqlite3DbFree(0, pCtx->dbPath);
+ /* restore the original locking context and pMethod then close it */
+ pFile->lockingContext = pCtx->oldLockingContext;
+ pFile->pMethod = pCtx->pOldMethod;
+ sqlite3_free(pCtx);
+ return pFile->pMethod->xClose(id);
+ }
+ return SQLITE_OK;
+}
+
+
+
+#endif /* defined(__APPLE__) && SQLITE_ENABLE_LOCKING_STYLE */
+/*
+** The proxy locking style is intended for use with AFP filesystems.
+** And since AFP is only supported on MacOSX, the proxy locking is also
+** restricted to MacOSX.
+**
+**
+******************* End of the proxy lock implementation **********************
+******************************************************************************/
+
+/*
+** Initialize the operating system interface.
+**
+** This routine registers all VFS implementations for unix-like operating
+** systems. This routine, and the sqlite3_os_end() routine that follows,
+** should be the only routines in this file that are visible from other
+** files.
+**
+** This routine is called once during SQLite initialization and by a
+** single thread. The memory allocation and mutex subsystems have not
+** necessarily been initialized when this routine is called, and so they
+** should not be used.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_os_init(void){
+ /*
+ ** The following macro defines an initializer for an sqlite3_vfs object.
+ ** The name of the VFS is NAME. The pAppData is a pointer to a pointer
+ ** to the "finder" function. (pAppData is a pointer to a pointer because
+ ** silly C90 rules prohibit a void* from being cast to a function pointer
+ ** and so we have to go through the intermediate pointer to avoid problems
+ ** when compiling with -pedantic-errors on GCC.)
+ **
+ ** The FINDER parameter to this macro is the name of the pointer to the
+ ** finder-function. The finder-function returns a pointer to the
+ ** sqlite_io_methods object that implements the desired locking
+ ** behaviors. See the division above that contains the IOMETHODS
+ ** macro for addition information on finder-functions.
+ **
+ ** Most finders simply return a pointer to a fixed sqlite3_io_methods
+ ** object. But the "autolockIoFinder" available on MacOSX does a little
+ ** more than that; it looks at the filesystem type that hosts the
+ ** database file and tries to choose an locking method appropriate for
+ ** that filesystem time.
+ */
+ #define UNIXVFS(VFSNAME, FINDER) { \
+ 3, /* iVersion */ \
+ sizeof(unixFile), /* szOsFile */ \
+ MAX_PATHNAME, /* mxPathname */ \
+ 0, /* pNext */ \
+ VFSNAME, /* zName */ \
+ (void*)&FINDER, /* pAppData */ \
+ unixOpen, /* xOpen */ \
+ unixDelete, /* xDelete */ \
+ unixAccess, /* xAccess */ \
+ unixFullPathname, /* xFullPathname */ \
+ unixDlOpen, /* xDlOpen */ \
+ unixDlError, /* xDlError */ \
+ unixDlSym, /* xDlSym */ \
+ unixDlClose, /* xDlClose */ \
+ unixRandomness, /* xRandomness */ \
+ unixSleep, /* xSleep */ \
+ unixCurrentTime, /* xCurrentTime */ \
+ unixGetLastError, /* xGetLastError */ \
+ unixCurrentTimeInt64, /* xCurrentTimeInt64 */ \
+ unixSetSystemCall, /* xSetSystemCall */ \
+ unixGetSystemCall, /* xGetSystemCall */ \
+ unixNextSystemCall, /* xNextSystemCall */ \
+ }
+
+ /*
+ ** All default VFSes for unix are contained in the following array.
+ **
+ ** Note that the sqlite3_vfs.pNext field of the VFS object is modified
+ ** by the SQLite core when the VFS is registered. So the following
+ ** array cannot be const.
+ */
+ static sqlite3_vfs aVfs[] = {
+#if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__)
+ UNIXVFS("unix", autolockIoFinder ),
+#elif OS_VXWORKS
+ UNIXVFS("unix", vxworksIoFinder ),
+#else
+ UNIXVFS("unix", posixIoFinder ),
+#endif
+ UNIXVFS("unix-none", nolockIoFinder ),
+ UNIXVFS("unix-dotfile", dotlockIoFinder ),
+ UNIXVFS("unix-excl", posixIoFinder ),
+#if OS_VXWORKS
+ UNIXVFS("unix-namedsem", semIoFinder ),
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE || OS_VXWORKS
+ UNIXVFS("unix-posix", posixIoFinder ),
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE
+ UNIXVFS("unix-flock", flockIoFinder ),
+#endif
+#if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__)
+ UNIXVFS("unix-afp", afpIoFinder ),
+ UNIXVFS("unix-nfs", nfsIoFinder ),
+ UNIXVFS("unix-proxy", proxyIoFinder ),
+#endif
+ };
+ unsigned int i; /* Loop counter */
+
+ /* Double-check that the aSyscall[] array has been constructed
+ ** correctly. See ticket [bb3a86e890c8e96ab] */
+ assert( ArraySize(aSyscall)==27 );
+
+ /* Register all VFSes defined in the aVfs[] array */
+ for(i=0; i<(sizeof(aVfs)/sizeof(sqlite3_vfs)); i++){
+ sqlite3_vfs_register(&aVfs[i], i==0);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Shutdown the operating system interface.
+**
+** Some operating systems might need to do some cleanup in this routine,
+** to release dynamically allocated objects. But not on unix.
+** This routine is a no-op for unix.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_os_end(void){
+ return SQLITE_OK;
+}
+
+#endif /* SQLITE_OS_UNIX */
+
+/************** End of os_unix.c *********************************************/
+/************** Begin file os_win.c ******************************************/
+/*
+** 2004 May 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains code that is specific to Windows.
+*/
+/* #include "sqliteInt.h" */
+#if SQLITE_OS_WIN /* This file is used for Windows only */
+
+/*
+** Include code that is common to all os_*.c files
+*/
+/************** Include os_common.h in the middle of os_win.c ****************/
+/************** Begin file os_common.h ***************************************/
+/*
+** 2004 May 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains macros and a little bit of code that is common to
+** all of the platform-specific files (os_*.c) and is #included into those
+** files.
+**
+** This file should be #included by the os_*.c files only. It is not a
+** general purpose header file.
+*/
+#ifndef _OS_COMMON_H_
+#define _OS_COMMON_H_
+
+/*
+** At least two bugs have slipped in because we changed the MEMORY_DEBUG
+** macro to SQLITE_DEBUG and some older makefiles have not yet made the
+** switch. The following code should catch this problem at compile-time.
+*/
+#ifdef MEMORY_DEBUG
+# error "The MEMORY_DEBUG macro is obsolete. Use SQLITE_DEBUG instead."
+#endif
+
+/*
+** Macros for performance tracing. Normally turned off. Only works
+** on i486 hardware.
+*/
+#ifdef SQLITE_PERFORMANCE_TRACE
+
+/*
+** hwtime.h contains inline assembler code for implementing
+** high-performance timing routines.
+*/
+/************** Include hwtime.h in the middle of os_common.h ****************/
+/************** Begin file hwtime.h ******************************************/
+/*
+** 2008 May 27
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains inline asm code for retrieving "high-performance"
+** counters for x86 class CPUs.
+*/
+#ifndef _HWTIME_H_
+#define _HWTIME_H_
+
+/*
+** The following routine only works on pentium-class (or newer) processors.
+** It uses the RDTSC opcode to read the cycle count value out of the
+** processor and returns that value. This can be used for high-res
+** profiling.
+*/
+#if (defined(__GNUC__) || defined(_MSC_VER)) && \
+ (defined(i386) || defined(__i386__) || defined(_M_IX86))
+
+ #if defined(__GNUC__)
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned int lo, hi;
+ __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
+ return (sqlite_uint64)hi << 32 | lo;
+ }
+
+ #elif defined(_MSC_VER)
+
+ __declspec(naked) __inline sqlite_uint64 __cdecl sqlite3Hwtime(void){
+ __asm {
+ rdtsc
+ ret ; return value at EDX:EAX
+ }
+ }
+
+ #endif
+
+#elif (defined(__GNUC__) && defined(__x86_64__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long val;
+ __asm__ __volatile__ ("rdtsc" : "=A" (val));
+ return val;
+ }
+
+#elif (defined(__GNUC__) && defined(__ppc__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long long retval;
+ unsigned long junk;
+ __asm__ __volatile__ ("\n\
+ 1: mftbu %1\n\
+ mftb %L0\n\
+ mftbu %0\n\
+ cmpw %0,%1\n\
+ bne 1b"
+ : "=r" (retval), "=r" (junk));
+ return retval;
+ }
+
+#else
+
+ #error Need implementation of sqlite3Hwtime() for your platform.
+
+ /*
+ ** To compile without implementing sqlite3Hwtime() for your platform,
+ ** you can remove the above #error and use the following
+ ** stub function. You will lose timing support for many
+ ** of the debugging and testing utilities, but it should at
+ ** least compile and run.
+ */
+SQLITE_PRIVATE sqlite_uint64 sqlite3Hwtime(void){ return ((sqlite_uint64)0); }
+
+#endif
+
+#endif /* !defined(_HWTIME_H_) */
+
+/************** End of hwtime.h **********************************************/
+/************** Continuing where we left off in os_common.h ******************/
+
+static sqlite_uint64 g_start;
+static sqlite_uint64 g_elapsed;
+#define TIMER_START g_start=sqlite3Hwtime()
+#define TIMER_END g_elapsed=sqlite3Hwtime()-g_start
+#define TIMER_ELAPSED g_elapsed
+#else
+#define TIMER_START
+#define TIMER_END
+#define TIMER_ELAPSED ((sqlite_uint64)0)
+#endif
+
+/*
+** If we compile with the SQLITE_TEST macro set, then the following block
+** of code will give us the ability to simulate a disk I/O error. This
+** is used for testing the I/O recovery logic.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_io_error_hit = 0; /* Total number of I/O Errors */
+SQLITE_API int sqlite3_io_error_hardhit = 0; /* Number of non-benign errors */
+SQLITE_API int sqlite3_io_error_pending = 0; /* Count down to first I/O error */
+SQLITE_API int sqlite3_io_error_persist = 0; /* True if I/O errors persist */
+SQLITE_API int sqlite3_io_error_benign = 0; /* True if errors are benign */
+SQLITE_API int sqlite3_diskfull_pending = 0;
+SQLITE_API int sqlite3_diskfull = 0;
+#define SimulateIOErrorBenign(X) sqlite3_io_error_benign=(X)
+#define SimulateIOError(CODE) \
+ if( (sqlite3_io_error_persist && sqlite3_io_error_hit) \
+ || sqlite3_io_error_pending-- == 1 ) \
+ { local_ioerr(); CODE; }
+static void local_ioerr(){
+ IOTRACE(("IOERR\n"));
+ sqlite3_io_error_hit++;
+ if( !sqlite3_io_error_benign ) sqlite3_io_error_hardhit++;
+}
+#define SimulateDiskfullError(CODE) \
+ if( sqlite3_diskfull_pending ){ \
+ if( sqlite3_diskfull_pending == 1 ){ \
+ local_ioerr(); \
+ sqlite3_diskfull = 1; \
+ sqlite3_io_error_hit = 1; \
+ CODE; \
+ }else{ \
+ sqlite3_diskfull_pending--; \
+ } \
+ }
+#else
+#define SimulateIOErrorBenign(X)
+#define SimulateIOError(A)
+#define SimulateDiskfullError(A)
+#endif
+
+/*
+** When testing, keep a count of the number of open files.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_open_file_count = 0;
+#define OpenCounter(X) sqlite3_open_file_count+=(X)
+#else
+#define OpenCounter(X)
+#endif
+
+#endif /* !defined(_OS_COMMON_H_) */
+
+/************** End of os_common.h *******************************************/
+/************** Continuing where we left off in os_win.c *********************/
+
+/*
+** Include the header file for the Windows VFS.
+*/
+/* #include "os_win.h" */
+
+/*
+** Compiling and using WAL mode requires several APIs that are only
+** available in Windows platforms based on the NT kernel.
+*/
+#if !SQLITE_OS_WINNT && !defined(SQLITE_OMIT_WAL)
+# error "WAL mode requires support from the Windows NT kernel, compile\
+ with SQLITE_OMIT_WAL."
+#endif
+
+#if !SQLITE_OS_WINNT && SQLITE_MAX_MMAP_SIZE>0
+# error "Memory mapped files require support from the Windows NT kernel,\
+ compile with SQLITE_MAX_MMAP_SIZE=0."
+#endif
+
+/*
+** Are most of the Win32 ANSI APIs available (i.e. with certain exceptions
+** based on the sub-platform)?
+*/
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && !defined(SQLITE_WIN32_NO_ANSI)
+# define SQLITE_WIN32_HAS_ANSI
+#endif
+
+/*
+** Are most of the Win32 Unicode APIs available (i.e. with certain exceptions
+** based on the sub-platform)?
+*/
+#if (SQLITE_OS_WINCE || SQLITE_OS_WINNT || SQLITE_OS_WINRT) && \
+ !defined(SQLITE_WIN32_NO_WIDE)
+# define SQLITE_WIN32_HAS_WIDE
+#endif
+
+/*
+** Make sure at least one set of Win32 APIs is available.
+*/
+#if !defined(SQLITE_WIN32_HAS_ANSI) && !defined(SQLITE_WIN32_HAS_WIDE)
+# error "At least one of SQLITE_WIN32_HAS_ANSI and SQLITE_WIN32_HAS_WIDE\
+ must be defined."
+#endif
+
+/*
+** Define the required Windows SDK version constants if they are not
+** already available.
+*/
+#ifndef NTDDI_WIN8
+# define NTDDI_WIN8 0x06020000
+#endif
+
+#ifndef NTDDI_WINBLUE
+# define NTDDI_WINBLUE 0x06030000
+#endif
+
+/*
+** Check to see if the GetVersionEx[AW] functions are deprecated on the
+** target system. GetVersionEx was first deprecated in Win8.1.
+*/
+#ifndef SQLITE_WIN32_GETVERSIONEX
+# if defined(NTDDI_VERSION) && NTDDI_VERSION >= NTDDI_WINBLUE
+# define SQLITE_WIN32_GETVERSIONEX 0 /* GetVersionEx() is deprecated */
+# else
+# define SQLITE_WIN32_GETVERSIONEX 1 /* GetVersionEx() is current */
+# endif
+#endif
+
+/*
+** This constant should already be defined (in the "WinDef.h" SDK file).
+*/
+#ifndef MAX_PATH
+# define MAX_PATH (260)
+#endif
+
+/*
+** Maximum pathname length (in chars) for Win32. This should normally be
+** MAX_PATH.
+*/
+#ifndef SQLITE_WIN32_MAX_PATH_CHARS
+# define SQLITE_WIN32_MAX_PATH_CHARS (MAX_PATH)
+#endif
+
+/*
+** This constant should already be defined (in the "WinNT.h" SDK file).
+*/
+#ifndef UNICODE_STRING_MAX_CHARS
+# define UNICODE_STRING_MAX_CHARS (32767)
+#endif
+
+/*
+** Maximum pathname length (in chars) for WinNT. This should normally be
+** UNICODE_STRING_MAX_CHARS.
+*/
+#ifndef SQLITE_WINNT_MAX_PATH_CHARS
+# define SQLITE_WINNT_MAX_PATH_CHARS (UNICODE_STRING_MAX_CHARS)
+#endif
+
+/*
+** Maximum pathname length (in bytes) for Win32. The MAX_PATH macro is in
+** characters, so we allocate 4 bytes per character assuming worst-case of
+** 4-bytes-per-character for UTF8.
+*/
+#ifndef SQLITE_WIN32_MAX_PATH_BYTES
+# define SQLITE_WIN32_MAX_PATH_BYTES (SQLITE_WIN32_MAX_PATH_CHARS*4)
+#endif
+
+/*
+** Maximum pathname length (in bytes) for WinNT. This should normally be
+** UNICODE_STRING_MAX_CHARS * sizeof(WCHAR).
+*/
+#ifndef SQLITE_WINNT_MAX_PATH_BYTES
+# define SQLITE_WINNT_MAX_PATH_BYTES \
+ (sizeof(WCHAR) * SQLITE_WINNT_MAX_PATH_CHARS)
+#endif
+
+/*
+** Maximum error message length (in chars) for WinRT.
+*/
+#ifndef SQLITE_WIN32_MAX_ERRMSG_CHARS
+# define SQLITE_WIN32_MAX_ERRMSG_CHARS (1024)
+#endif
+
+/*
+** Returns non-zero if the character should be treated as a directory
+** separator.
+*/
+#ifndef winIsDirSep
+# define winIsDirSep(a) (((a) == '/') || ((a) == '\\'))
+#endif
+
+/*
+** This macro is used when a local variable is set to a value that is
+** [sometimes] not used by the code (e.g. via conditional compilation).
+*/
+#ifndef UNUSED_VARIABLE_VALUE
+# define UNUSED_VARIABLE_VALUE(x) (void)(x)
+#endif
+
+/*
+** Returns the character that should be used as the directory separator.
+*/
+#ifndef winGetDirSep
+# define winGetDirSep() '\\'
+#endif
+
+/*
+** Do we need to manually define the Win32 file mapping APIs for use with WAL
+** mode or memory mapped files (e.g. these APIs are available in the Windows
+** CE SDK; however, they are not present in the header file)?
+*/
+#if SQLITE_WIN32_FILEMAPPING_API && \
+ (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0)
+/*
+** Two of the file mapping APIs are different under WinRT. Figure out which
+** set we need.
+*/
+#if SQLITE_OS_WINRT
+WINBASEAPI HANDLE WINAPI CreateFileMappingFromApp(HANDLE, \
+ LPSECURITY_ATTRIBUTES, ULONG, ULONG64, LPCWSTR);
+
+WINBASEAPI LPVOID WINAPI MapViewOfFileFromApp(HANDLE, ULONG, ULONG64, SIZE_T);
+#else
+#if defined(SQLITE_WIN32_HAS_ANSI)
+WINBASEAPI HANDLE WINAPI CreateFileMappingA(HANDLE, LPSECURITY_ATTRIBUTES, \
+ DWORD, DWORD, DWORD, LPCSTR);
+#endif /* defined(SQLITE_WIN32_HAS_ANSI) */
+
+#if defined(SQLITE_WIN32_HAS_WIDE)
+WINBASEAPI HANDLE WINAPI CreateFileMappingW(HANDLE, LPSECURITY_ATTRIBUTES, \
+ DWORD, DWORD, DWORD, LPCWSTR);
+#endif /* defined(SQLITE_WIN32_HAS_WIDE) */
+
+WINBASEAPI LPVOID WINAPI MapViewOfFile(HANDLE, DWORD, DWORD, DWORD, SIZE_T);
+#endif /* SQLITE_OS_WINRT */
+
+/*
+** These file mapping APIs are common to both Win32 and WinRT.
+*/
+
+WINBASEAPI BOOL WINAPI FlushViewOfFile(LPCVOID, SIZE_T);
+WINBASEAPI BOOL WINAPI UnmapViewOfFile(LPCVOID);
+#endif /* SQLITE_WIN32_FILEMAPPING_API */
+
+/*
+** Some Microsoft compilers lack this definition.
+*/
+#ifndef INVALID_FILE_ATTRIBUTES
+# define INVALID_FILE_ATTRIBUTES ((DWORD)-1)
+#endif
+
+#ifndef FILE_FLAG_MASK
+# define FILE_FLAG_MASK (0xFF3C0000)
+#endif
+
+#ifndef FILE_ATTRIBUTE_MASK
+# define FILE_ATTRIBUTE_MASK (0x0003FFF7)
+#endif
+
+#ifndef SQLITE_OMIT_WAL
+/* Forward references to structures used for WAL */
+typedef struct winShm winShm; /* A connection to shared-memory */
+typedef struct winShmNode winShmNode; /* A region of shared-memory */
+#endif
+
+/*
+** WinCE lacks native support for file locking so we have to fake it
+** with some code of our own.
+*/
+#if SQLITE_OS_WINCE
+typedef struct winceLock {
+ int nReaders; /* Number of reader locks obtained */
+ BOOL bPending; /* Indicates a pending lock has been obtained */
+ BOOL bReserved; /* Indicates a reserved lock has been obtained */
+ BOOL bExclusive; /* Indicates an exclusive lock has been obtained */
+} winceLock;
+#endif
+
+/*
+** The winFile structure is a subclass of sqlite3_file* specific to the win32
+** portability layer.
+*/
+typedef struct winFile winFile;
+struct winFile {
+ const sqlite3_io_methods *pMethod; /*** Must be first ***/
+ sqlite3_vfs *pVfs; /* The VFS used to open this file */
+ HANDLE h; /* Handle for accessing the file */
+ u8 locktype; /* Type of lock currently held on this file */
+ short sharedLockByte; /* Randomly chosen byte used as a shared lock */
+ u8 ctrlFlags; /* Flags. See WINFILE_* below */
+ DWORD lastErrno; /* The Windows errno from the last I/O error */
+#ifndef SQLITE_OMIT_WAL
+ winShm *pShm; /* Instance of shared memory on this file */
+#endif
+ const char *zPath; /* Full pathname of this file */
+ int szChunk; /* Chunk size configured by FCNTL_CHUNK_SIZE */
+#if SQLITE_OS_WINCE
+ LPWSTR zDeleteOnClose; /* Name of file to delete when closing */
+ HANDLE hMutex; /* Mutex used to control access to shared lock */
+ HANDLE hShared; /* Shared memory segment used for locking */
+ winceLock local; /* Locks obtained by this instance of winFile */
+ winceLock *shared; /* Global shared lock memory for the file */
+#endif
+#if SQLITE_MAX_MMAP_SIZE>0
+ int nFetchOut; /* Number of outstanding xFetch references */
+ HANDLE hMap; /* Handle for accessing memory mapping */
+ void *pMapRegion; /* Area memory mapped */
+ sqlite3_int64 mmapSize; /* Usable size of mapped region */
+ sqlite3_int64 mmapSizeActual; /* Actual size of mapped region */
+ sqlite3_int64 mmapSizeMax; /* Configured FCNTL_MMAP_SIZE value */
+#endif
+};
+
+/*
+** Allowed values for winFile.ctrlFlags
+*/
+#define WINFILE_RDONLY 0x02 /* Connection is read only */
+#define WINFILE_PERSIST_WAL 0x04 /* Persistent WAL mode */
+#define WINFILE_PSOW 0x10 /* SQLITE_IOCAP_POWERSAFE_OVERWRITE */
+
+/*
+ * The size of the buffer used by sqlite3_win32_write_debug().
+ */
+#ifndef SQLITE_WIN32_DBG_BUF_SIZE
+# define SQLITE_WIN32_DBG_BUF_SIZE ((int)(4096-sizeof(DWORD)))
+#endif
+
+/*
+ * The value used with sqlite3_win32_set_directory() to specify that
+ * the data directory should be changed.
+ */
+#ifndef SQLITE_WIN32_DATA_DIRECTORY_TYPE
+# define SQLITE_WIN32_DATA_DIRECTORY_TYPE (1)
+#endif
+
+/*
+ * The value used with sqlite3_win32_set_directory() to specify that
+ * the temporary directory should be changed.
+ */
+#ifndef SQLITE_WIN32_TEMP_DIRECTORY_TYPE
+# define SQLITE_WIN32_TEMP_DIRECTORY_TYPE (2)
+#endif
+
+/*
+ * If compiled with SQLITE_WIN32_MALLOC on Windows, we will use the
+ * various Win32 API heap functions instead of our own.
+ */
+#ifdef SQLITE_WIN32_MALLOC
+
+/*
+ * If this is non-zero, an isolated heap will be created by the native Win32
+ * allocator subsystem; otherwise, the default process heap will be used. This
+ * setting has no effect when compiling for WinRT. By default, this is enabled
+ * and an isolated heap will be created to store all allocated data.
+ *
+ ******************************************************************************
+ * WARNING: It is important to note that when this setting is non-zero and the
+ * winMemShutdown function is called (e.g. by the sqlite3_shutdown
+ * function), all data that was allocated using the isolated heap will
+ * be freed immediately and any attempt to access any of that freed
+ * data will almost certainly result in an immediate access violation.
+ ******************************************************************************
+ */
+#ifndef SQLITE_WIN32_HEAP_CREATE
+# define SQLITE_WIN32_HEAP_CREATE (TRUE)
+#endif
+
+/*
+ * The initial size of the Win32-specific heap. This value may be zero.
+ */
+#ifndef SQLITE_WIN32_HEAP_INIT_SIZE
+# define SQLITE_WIN32_HEAP_INIT_SIZE ((SQLITE_DEFAULT_CACHE_SIZE) * \
+ (SQLITE_DEFAULT_PAGE_SIZE) + 4194304)
+#endif
+
+/*
+ * The maximum size of the Win32-specific heap. This value may be zero.
+ */
+#ifndef SQLITE_WIN32_HEAP_MAX_SIZE
+# define SQLITE_WIN32_HEAP_MAX_SIZE (0)
+#endif
+
+/*
+ * The extra flags to use in calls to the Win32 heap APIs. This value may be
+ * zero for the default behavior.
+ */
+#ifndef SQLITE_WIN32_HEAP_FLAGS
+# define SQLITE_WIN32_HEAP_FLAGS (0)
+#endif
+
+
+/*
+** The winMemData structure stores information required by the Win32-specific
+** sqlite3_mem_methods implementation.
+*/
+typedef struct winMemData winMemData;
+struct winMemData {
+#ifndef NDEBUG
+ u32 magic1; /* Magic number to detect structure corruption. */
+#endif
+ HANDLE hHeap; /* The handle to our heap. */
+ BOOL bOwned; /* Do we own the heap (i.e. destroy it on shutdown)? */
+#ifndef NDEBUG
+ u32 magic2; /* Magic number to detect structure corruption. */
+#endif
+};
+
+#ifndef NDEBUG
+#define WINMEM_MAGIC1 0x42b2830b
+#define WINMEM_MAGIC2 0xbd4d7cf4
+#endif
+
+static struct winMemData win_mem_data = {
+#ifndef NDEBUG
+ WINMEM_MAGIC1,
+#endif
+ NULL, FALSE
+#ifndef NDEBUG
+ ,WINMEM_MAGIC2
+#endif
+};
+
+#ifndef NDEBUG
+#define winMemAssertMagic1() assert( win_mem_data.magic1==WINMEM_MAGIC1 )
+#define winMemAssertMagic2() assert( win_mem_data.magic2==WINMEM_MAGIC2 )
+#define winMemAssertMagic() winMemAssertMagic1(); winMemAssertMagic2();
+#else
+#define winMemAssertMagic()
+#endif
+
+#define winMemGetDataPtr() &win_mem_data
+#define winMemGetHeap() win_mem_data.hHeap
+#define winMemGetOwned() win_mem_data.bOwned
+
+static void *winMemMalloc(int nBytes);
+static void winMemFree(void *pPrior);
+static void *winMemRealloc(void *pPrior, int nBytes);
+static int winMemSize(void *p);
+static int winMemRoundup(int n);
+static int winMemInit(void *pAppData);
+static void winMemShutdown(void *pAppData);
+
+SQLITE_PRIVATE const sqlite3_mem_methods *sqlite3MemGetWin32(void);
+#endif /* SQLITE_WIN32_MALLOC */
+
+/*
+** The following variable is (normally) set once and never changes
+** thereafter. It records whether the operating system is Win9x
+** or WinNT.
+**
+** 0: Operating system unknown.
+** 1: Operating system is Win9x.
+** 2: Operating system is WinNT.
+**
+** In order to facilitate testing on a WinNT system, the test fixture
+** can manually set this value to 1 to emulate Win98 behavior.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API LONG SQLITE_WIN32_VOLATILE sqlite3_os_type = 0;
+#else
+static LONG SQLITE_WIN32_VOLATILE sqlite3_os_type = 0;
+#endif
+
+#ifndef SYSCALL
+# define SYSCALL sqlite3_syscall_ptr
+#endif
+
+/*
+** This function is not available on Windows CE or WinRT.
+ */
+
+#if SQLITE_OS_WINCE || SQLITE_OS_WINRT
+# define osAreFileApisANSI() 1
+#endif
+
+/*
+** Many system calls are accessed through pointer-to-functions so that
+** they may be overridden at runtime to facilitate fault injection during
+** testing and sandboxing. The following array holds the names and pointers
+** to all overrideable system calls.
+*/
+static struct win_syscall {
+ const char *zName; /* Name of the system call */
+ sqlite3_syscall_ptr pCurrent; /* Current value of the system call */
+ sqlite3_syscall_ptr pDefault; /* Default value */
+} aSyscall[] = {
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT
+ { "AreFileApisANSI", (SYSCALL)AreFileApisANSI, 0 },
+#else
+ { "AreFileApisANSI", (SYSCALL)0, 0 },
+#endif
+
+#ifndef osAreFileApisANSI
+#define osAreFileApisANSI ((BOOL(WINAPI*)(VOID))aSyscall[0].pCurrent)
+#endif
+
+#if SQLITE_OS_WINCE && defined(SQLITE_WIN32_HAS_WIDE)
+ { "CharLowerW", (SYSCALL)CharLowerW, 0 },
+#else
+ { "CharLowerW", (SYSCALL)0, 0 },
+#endif
+
+#define osCharLowerW ((LPWSTR(WINAPI*)(LPWSTR))aSyscall[1].pCurrent)
+
+#if SQLITE_OS_WINCE && defined(SQLITE_WIN32_HAS_WIDE)
+ { "CharUpperW", (SYSCALL)CharUpperW, 0 },
+#else
+ { "CharUpperW", (SYSCALL)0, 0 },
+#endif
+
+#define osCharUpperW ((LPWSTR(WINAPI*)(LPWSTR))aSyscall[2].pCurrent)
+
+ { "CloseHandle", (SYSCALL)CloseHandle, 0 },
+
+#define osCloseHandle ((BOOL(WINAPI*)(HANDLE))aSyscall[3].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ { "CreateFileA", (SYSCALL)CreateFileA, 0 },
+#else
+ { "CreateFileA", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateFileA ((HANDLE(WINAPI*)(LPCSTR,DWORD,DWORD, \
+ LPSECURITY_ATTRIBUTES,DWORD,DWORD,HANDLE))aSyscall[4].pCurrent)
+
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE)
+ { "CreateFileW", (SYSCALL)CreateFileW, 0 },
+#else
+ { "CreateFileW", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateFileW ((HANDLE(WINAPI*)(LPCWSTR,DWORD,DWORD, \
+ LPSECURITY_ATTRIBUTES,DWORD,DWORD,HANDLE))aSyscall[5].pCurrent)
+
+#if (!SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_ANSI) && \
+ (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0))
+ { "CreateFileMappingA", (SYSCALL)CreateFileMappingA, 0 },
+#else
+ { "CreateFileMappingA", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateFileMappingA ((HANDLE(WINAPI*)(HANDLE,LPSECURITY_ATTRIBUTES, \
+ DWORD,DWORD,DWORD,LPCSTR))aSyscall[6].pCurrent)
+
+#if SQLITE_OS_WINCE || (!SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE) && \
+ (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0))
+ { "CreateFileMappingW", (SYSCALL)CreateFileMappingW, 0 },
+#else
+ { "CreateFileMappingW", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateFileMappingW ((HANDLE(WINAPI*)(HANDLE,LPSECURITY_ATTRIBUTES, \
+ DWORD,DWORD,DWORD,LPCWSTR))aSyscall[7].pCurrent)
+
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE)
+ { "CreateMutexW", (SYSCALL)CreateMutexW, 0 },
+#else
+ { "CreateMutexW", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateMutexW ((HANDLE(WINAPI*)(LPSECURITY_ATTRIBUTES,BOOL, \
+ LPCWSTR))aSyscall[8].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ { "DeleteFileA", (SYSCALL)DeleteFileA, 0 },
+#else
+ { "DeleteFileA", (SYSCALL)0, 0 },
+#endif
+
+#define osDeleteFileA ((BOOL(WINAPI*)(LPCSTR))aSyscall[9].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_WIDE)
+ { "DeleteFileW", (SYSCALL)DeleteFileW, 0 },
+#else
+ { "DeleteFileW", (SYSCALL)0, 0 },
+#endif
+
+#define osDeleteFileW ((BOOL(WINAPI*)(LPCWSTR))aSyscall[10].pCurrent)
+
+#if SQLITE_OS_WINCE
+ { "FileTimeToLocalFileTime", (SYSCALL)FileTimeToLocalFileTime, 0 },
+#else
+ { "FileTimeToLocalFileTime", (SYSCALL)0, 0 },
+#endif
+
+#define osFileTimeToLocalFileTime ((BOOL(WINAPI*)(CONST FILETIME*, \
+ LPFILETIME))aSyscall[11].pCurrent)
+
+#if SQLITE_OS_WINCE
+ { "FileTimeToSystemTime", (SYSCALL)FileTimeToSystemTime, 0 },
+#else
+ { "FileTimeToSystemTime", (SYSCALL)0, 0 },
+#endif
+
+#define osFileTimeToSystemTime ((BOOL(WINAPI*)(CONST FILETIME*, \
+ LPSYSTEMTIME))aSyscall[12].pCurrent)
+
+ { "FlushFileBuffers", (SYSCALL)FlushFileBuffers, 0 },
+
+#define osFlushFileBuffers ((BOOL(WINAPI*)(HANDLE))aSyscall[13].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ { "FormatMessageA", (SYSCALL)FormatMessageA, 0 },
+#else
+ { "FormatMessageA", (SYSCALL)0, 0 },
+#endif
+
+#define osFormatMessageA ((DWORD(WINAPI*)(DWORD,LPCVOID,DWORD,DWORD,LPSTR, \
+ DWORD,va_list*))aSyscall[14].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_WIDE)
+ { "FormatMessageW", (SYSCALL)FormatMessageW, 0 },
+#else
+ { "FormatMessageW", (SYSCALL)0, 0 },
+#endif
+
+#define osFormatMessageW ((DWORD(WINAPI*)(DWORD,LPCVOID,DWORD,DWORD,LPWSTR, \
+ DWORD,va_list*))aSyscall[15].pCurrent)
+
+#if !defined(SQLITE_OMIT_LOAD_EXTENSION)
+ { "FreeLibrary", (SYSCALL)FreeLibrary, 0 },
+#else
+ { "FreeLibrary", (SYSCALL)0, 0 },
+#endif
+
+#define osFreeLibrary ((BOOL(WINAPI*)(HMODULE))aSyscall[16].pCurrent)
+
+ { "GetCurrentProcessId", (SYSCALL)GetCurrentProcessId, 0 },
+
+#define osGetCurrentProcessId ((DWORD(WINAPI*)(VOID))aSyscall[17].pCurrent)
+
+#if !SQLITE_OS_WINCE && defined(SQLITE_WIN32_HAS_ANSI)
+ { "GetDiskFreeSpaceA", (SYSCALL)GetDiskFreeSpaceA, 0 },
+#else
+ { "GetDiskFreeSpaceA", (SYSCALL)0, 0 },
+#endif
+
+#define osGetDiskFreeSpaceA ((BOOL(WINAPI*)(LPCSTR,LPDWORD,LPDWORD,LPDWORD, \
+ LPDWORD))aSyscall[18].pCurrent)
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE)
+ { "GetDiskFreeSpaceW", (SYSCALL)GetDiskFreeSpaceW, 0 },
+#else
+ { "GetDiskFreeSpaceW", (SYSCALL)0, 0 },
+#endif
+
+#define osGetDiskFreeSpaceW ((BOOL(WINAPI*)(LPCWSTR,LPDWORD,LPDWORD,LPDWORD, \
+ LPDWORD))aSyscall[19].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ { "GetFileAttributesA", (SYSCALL)GetFileAttributesA, 0 },
+#else
+ { "GetFileAttributesA", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFileAttributesA ((DWORD(WINAPI*)(LPCSTR))aSyscall[20].pCurrent)
+
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE)
+ { "GetFileAttributesW", (SYSCALL)GetFileAttributesW, 0 },
+#else
+ { "GetFileAttributesW", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFileAttributesW ((DWORD(WINAPI*)(LPCWSTR))aSyscall[21].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_WIDE)
+ { "GetFileAttributesExW", (SYSCALL)GetFileAttributesExW, 0 },
+#else
+ { "GetFileAttributesExW", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFileAttributesExW ((BOOL(WINAPI*)(LPCWSTR,GET_FILEEX_INFO_LEVELS, \
+ LPVOID))aSyscall[22].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "GetFileSize", (SYSCALL)GetFileSize, 0 },
+#else
+ { "GetFileSize", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFileSize ((DWORD(WINAPI*)(HANDLE,LPDWORD))aSyscall[23].pCurrent)
+
+#if !SQLITE_OS_WINCE && defined(SQLITE_WIN32_HAS_ANSI)
+ { "GetFullPathNameA", (SYSCALL)GetFullPathNameA, 0 },
+#else
+ { "GetFullPathNameA", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFullPathNameA ((DWORD(WINAPI*)(LPCSTR,DWORD,LPSTR, \
+ LPSTR*))aSyscall[24].pCurrent)
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE)
+ { "GetFullPathNameW", (SYSCALL)GetFullPathNameW, 0 },
+#else
+ { "GetFullPathNameW", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFullPathNameW ((DWORD(WINAPI*)(LPCWSTR,DWORD,LPWSTR, \
+ LPWSTR*))aSyscall[25].pCurrent)
+
+ { "GetLastError", (SYSCALL)GetLastError, 0 },
+
+#define osGetLastError ((DWORD(WINAPI*)(VOID))aSyscall[26].pCurrent)
+
+#if !defined(SQLITE_OMIT_LOAD_EXTENSION)
+#if SQLITE_OS_WINCE
+ /* The GetProcAddressA() routine is only available on Windows CE. */
+ { "GetProcAddressA", (SYSCALL)GetProcAddressA, 0 },
+#else
+ /* All other Windows platforms expect GetProcAddress() to take
+ ** an ANSI string regardless of the _UNICODE setting */
+ { "GetProcAddressA", (SYSCALL)GetProcAddress, 0 },
+#endif
+#else
+ { "GetProcAddressA", (SYSCALL)0, 0 },
+#endif
+
+#define osGetProcAddressA ((FARPROC(WINAPI*)(HMODULE, \
+ LPCSTR))aSyscall[27].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "GetSystemInfo", (SYSCALL)GetSystemInfo, 0 },
+#else
+ { "GetSystemInfo", (SYSCALL)0, 0 },
+#endif
+
+#define osGetSystemInfo ((VOID(WINAPI*)(LPSYSTEM_INFO))aSyscall[28].pCurrent)
+
+ { "GetSystemTime", (SYSCALL)GetSystemTime, 0 },
+
+#define osGetSystemTime ((VOID(WINAPI*)(LPSYSTEMTIME))aSyscall[29].pCurrent)
+
+#if !SQLITE_OS_WINCE
+ { "GetSystemTimeAsFileTime", (SYSCALL)GetSystemTimeAsFileTime, 0 },
+#else
+ { "GetSystemTimeAsFileTime", (SYSCALL)0, 0 },
+#endif
+
+#define osGetSystemTimeAsFileTime ((VOID(WINAPI*)( \
+ LPFILETIME))aSyscall[30].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ { "GetTempPathA", (SYSCALL)GetTempPathA, 0 },
+#else
+ { "GetTempPathA", (SYSCALL)0, 0 },
+#endif
+
+#define osGetTempPathA ((DWORD(WINAPI*)(DWORD,LPSTR))aSyscall[31].pCurrent)
+
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE)
+ { "GetTempPathW", (SYSCALL)GetTempPathW, 0 },
+#else
+ { "GetTempPathW", (SYSCALL)0, 0 },
+#endif
+
+#define osGetTempPathW ((DWORD(WINAPI*)(DWORD,LPWSTR))aSyscall[32].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "GetTickCount", (SYSCALL)GetTickCount, 0 },
+#else
+ { "GetTickCount", (SYSCALL)0, 0 },
+#endif
+
+#define osGetTickCount ((DWORD(WINAPI*)(VOID))aSyscall[33].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI) && defined(SQLITE_WIN32_GETVERSIONEX) && \
+ SQLITE_WIN32_GETVERSIONEX
+ { "GetVersionExA", (SYSCALL)GetVersionExA, 0 },
+#else
+ { "GetVersionExA", (SYSCALL)0, 0 },
+#endif
+
+#define osGetVersionExA ((BOOL(WINAPI*)( \
+ LPOSVERSIONINFOA))aSyscall[34].pCurrent)
+
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE) && \
+ defined(SQLITE_WIN32_GETVERSIONEX) && SQLITE_WIN32_GETVERSIONEX
+ { "GetVersionExW", (SYSCALL)GetVersionExW, 0 },
+#else
+ { "GetVersionExW", (SYSCALL)0, 0 },
+#endif
+
+#define osGetVersionExW ((BOOL(WINAPI*)( \
+ LPOSVERSIONINFOW))aSyscall[35].pCurrent)
+
+ { "HeapAlloc", (SYSCALL)HeapAlloc, 0 },
+
+#define osHeapAlloc ((LPVOID(WINAPI*)(HANDLE,DWORD, \
+ SIZE_T))aSyscall[36].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "HeapCreate", (SYSCALL)HeapCreate, 0 },
+#else
+ { "HeapCreate", (SYSCALL)0, 0 },
+#endif
+
+#define osHeapCreate ((HANDLE(WINAPI*)(DWORD,SIZE_T, \
+ SIZE_T))aSyscall[37].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "HeapDestroy", (SYSCALL)HeapDestroy, 0 },
+#else
+ { "HeapDestroy", (SYSCALL)0, 0 },
+#endif
+
+#define osHeapDestroy ((BOOL(WINAPI*)(HANDLE))aSyscall[38].pCurrent)
+
+ { "HeapFree", (SYSCALL)HeapFree, 0 },
+
+#define osHeapFree ((BOOL(WINAPI*)(HANDLE,DWORD,LPVOID))aSyscall[39].pCurrent)
+
+ { "HeapReAlloc", (SYSCALL)HeapReAlloc, 0 },
+
+#define osHeapReAlloc ((LPVOID(WINAPI*)(HANDLE,DWORD,LPVOID, \
+ SIZE_T))aSyscall[40].pCurrent)
+
+ { "HeapSize", (SYSCALL)HeapSize, 0 },
+
+#define osHeapSize ((SIZE_T(WINAPI*)(HANDLE,DWORD, \
+ LPCVOID))aSyscall[41].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "HeapValidate", (SYSCALL)HeapValidate, 0 },
+#else
+ { "HeapValidate", (SYSCALL)0, 0 },
+#endif
+
+#define osHeapValidate ((BOOL(WINAPI*)(HANDLE,DWORD, \
+ LPCVOID))aSyscall[42].pCurrent)
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT
+ { "HeapCompact", (SYSCALL)HeapCompact, 0 },
+#else
+ { "HeapCompact", (SYSCALL)0, 0 },
+#endif
+
+#define osHeapCompact ((UINT(WINAPI*)(HANDLE,DWORD))aSyscall[43].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
+ { "LoadLibraryA", (SYSCALL)LoadLibraryA, 0 },
+#else
+ { "LoadLibraryA", (SYSCALL)0, 0 },
+#endif
+
+#define osLoadLibraryA ((HMODULE(WINAPI*)(LPCSTR))aSyscall[44].pCurrent)
+
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_HAS_WIDE) && \
+ !defined(SQLITE_OMIT_LOAD_EXTENSION)
+ { "LoadLibraryW", (SYSCALL)LoadLibraryW, 0 },
+#else
+ { "LoadLibraryW", (SYSCALL)0, 0 },
+#endif
+
+#define osLoadLibraryW ((HMODULE(WINAPI*)(LPCWSTR))aSyscall[45].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "LocalFree", (SYSCALL)LocalFree, 0 },
+#else
+ { "LocalFree", (SYSCALL)0, 0 },
+#endif
+
+#define osLocalFree ((HLOCAL(WINAPI*)(HLOCAL))aSyscall[46].pCurrent)
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT
+ { "LockFile", (SYSCALL)LockFile, 0 },
+#else
+ { "LockFile", (SYSCALL)0, 0 },
+#endif
+
+#ifndef osLockFile
+#define osLockFile ((BOOL(WINAPI*)(HANDLE,DWORD,DWORD,DWORD, \
+ DWORD))aSyscall[47].pCurrent)
+#endif
+
+#if !SQLITE_OS_WINCE
+ { "LockFileEx", (SYSCALL)LockFileEx, 0 },
+#else
+ { "LockFileEx", (SYSCALL)0, 0 },
+#endif
+
+#ifndef osLockFileEx
+#define osLockFileEx ((BOOL(WINAPI*)(HANDLE,DWORD,DWORD,DWORD,DWORD, \
+ LPOVERLAPPED))aSyscall[48].pCurrent)
+#endif
+
+#if SQLITE_OS_WINCE || (!SQLITE_OS_WINRT && \
+ (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0))
+ { "MapViewOfFile", (SYSCALL)MapViewOfFile, 0 },
+#else
+ { "MapViewOfFile", (SYSCALL)0, 0 },
+#endif
+
+#define osMapViewOfFile ((LPVOID(WINAPI*)(HANDLE,DWORD,DWORD,DWORD, \
+ SIZE_T))aSyscall[49].pCurrent)
+
+ { "MultiByteToWideChar", (SYSCALL)MultiByteToWideChar, 0 },
+
+#define osMultiByteToWideChar ((int(WINAPI*)(UINT,DWORD,LPCSTR,int,LPWSTR, \
+ int))aSyscall[50].pCurrent)
+
+ { "QueryPerformanceCounter", (SYSCALL)QueryPerformanceCounter, 0 },
+
+#define osQueryPerformanceCounter ((BOOL(WINAPI*)( \
+ LARGE_INTEGER*))aSyscall[51].pCurrent)
+
+ { "ReadFile", (SYSCALL)ReadFile, 0 },
+
+#define osReadFile ((BOOL(WINAPI*)(HANDLE,LPVOID,DWORD,LPDWORD, \
+ LPOVERLAPPED))aSyscall[52].pCurrent)
+
+ { "SetEndOfFile", (SYSCALL)SetEndOfFile, 0 },
+
+#define osSetEndOfFile ((BOOL(WINAPI*)(HANDLE))aSyscall[53].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "SetFilePointer", (SYSCALL)SetFilePointer, 0 },
+#else
+ { "SetFilePointer", (SYSCALL)0, 0 },
+#endif
+
+#define osSetFilePointer ((DWORD(WINAPI*)(HANDLE,LONG,PLONG, \
+ DWORD))aSyscall[54].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "Sleep", (SYSCALL)Sleep, 0 },
+#else
+ { "Sleep", (SYSCALL)0, 0 },
+#endif
+
+#define osSleep ((VOID(WINAPI*)(DWORD))aSyscall[55].pCurrent)
+
+ { "SystemTimeToFileTime", (SYSCALL)SystemTimeToFileTime, 0 },
+
+#define osSystemTimeToFileTime ((BOOL(WINAPI*)(CONST SYSTEMTIME*, \
+ LPFILETIME))aSyscall[56].pCurrent)
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT
+ { "UnlockFile", (SYSCALL)UnlockFile, 0 },
+#else
+ { "UnlockFile", (SYSCALL)0, 0 },
+#endif
+
+#ifndef osUnlockFile
+#define osUnlockFile ((BOOL(WINAPI*)(HANDLE,DWORD,DWORD,DWORD, \
+ DWORD))aSyscall[57].pCurrent)
+#endif
+
+#if !SQLITE_OS_WINCE
+ { "UnlockFileEx", (SYSCALL)UnlockFileEx, 0 },
+#else
+ { "UnlockFileEx", (SYSCALL)0, 0 },
+#endif
+
+#define osUnlockFileEx ((BOOL(WINAPI*)(HANDLE,DWORD,DWORD,DWORD, \
+ LPOVERLAPPED))aSyscall[58].pCurrent)
+
+#if SQLITE_OS_WINCE || !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+ { "UnmapViewOfFile", (SYSCALL)UnmapViewOfFile, 0 },
+#else
+ { "UnmapViewOfFile", (SYSCALL)0, 0 },
+#endif
+
+#define osUnmapViewOfFile ((BOOL(WINAPI*)(LPCVOID))aSyscall[59].pCurrent)
+
+ { "WideCharToMultiByte", (SYSCALL)WideCharToMultiByte, 0 },
+
+#define osWideCharToMultiByte ((int(WINAPI*)(UINT,DWORD,LPCWSTR,int,LPSTR,int, \
+ LPCSTR,LPBOOL))aSyscall[60].pCurrent)
+
+ { "WriteFile", (SYSCALL)WriteFile, 0 },
+
+#define osWriteFile ((BOOL(WINAPI*)(HANDLE,LPCVOID,DWORD,LPDWORD, \
+ LPOVERLAPPED))aSyscall[61].pCurrent)
+
+#if SQLITE_OS_WINRT
+ { "CreateEventExW", (SYSCALL)CreateEventExW, 0 },
+#else
+ { "CreateEventExW", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateEventExW ((HANDLE(WINAPI*)(LPSECURITY_ATTRIBUTES,LPCWSTR, \
+ DWORD,DWORD))aSyscall[62].pCurrent)
+
+#if !SQLITE_OS_WINRT
+ { "WaitForSingleObject", (SYSCALL)WaitForSingleObject, 0 },
+#else
+ { "WaitForSingleObject", (SYSCALL)0, 0 },
+#endif
+
+#define osWaitForSingleObject ((DWORD(WINAPI*)(HANDLE, \
+ DWORD))aSyscall[63].pCurrent)
+
+#if !SQLITE_OS_WINCE
+ { "WaitForSingleObjectEx", (SYSCALL)WaitForSingleObjectEx, 0 },
+#else
+ { "WaitForSingleObjectEx", (SYSCALL)0, 0 },
+#endif
+
+#define osWaitForSingleObjectEx ((DWORD(WINAPI*)(HANDLE,DWORD, \
+ BOOL))aSyscall[64].pCurrent)
+
+#if SQLITE_OS_WINRT
+ { "SetFilePointerEx", (SYSCALL)SetFilePointerEx, 0 },
+#else
+ { "SetFilePointerEx", (SYSCALL)0, 0 },
+#endif
+
+#define osSetFilePointerEx ((BOOL(WINAPI*)(HANDLE,LARGE_INTEGER, \
+ PLARGE_INTEGER,DWORD))aSyscall[65].pCurrent)
+
+#if SQLITE_OS_WINRT
+ { "GetFileInformationByHandleEx", (SYSCALL)GetFileInformationByHandleEx, 0 },
+#else
+ { "GetFileInformationByHandleEx", (SYSCALL)0, 0 },
+#endif
+
+#define osGetFileInformationByHandleEx ((BOOL(WINAPI*)(HANDLE, \
+ FILE_INFO_BY_HANDLE_CLASS,LPVOID,DWORD))aSyscall[66].pCurrent)
+
+#if SQLITE_OS_WINRT && (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0)
+ { "MapViewOfFileFromApp", (SYSCALL)MapViewOfFileFromApp, 0 },
+#else
+ { "MapViewOfFileFromApp", (SYSCALL)0, 0 },
+#endif
+
+#define osMapViewOfFileFromApp ((LPVOID(WINAPI*)(HANDLE,ULONG,ULONG64, \
+ SIZE_T))aSyscall[67].pCurrent)
+
+#if SQLITE_OS_WINRT
+ { "CreateFile2", (SYSCALL)CreateFile2, 0 },
+#else
+ { "CreateFile2", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateFile2 ((HANDLE(WINAPI*)(LPCWSTR,DWORD,DWORD,DWORD, \
+ LPCREATEFILE2_EXTENDED_PARAMETERS))aSyscall[68].pCurrent)
+
+#if SQLITE_OS_WINRT && !defined(SQLITE_OMIT_LOAD_EXTENSION)
+ { "LoadPackagedLibrary", (SYSCALL)LoadPackagedLibrary, 0 },
+#else
+ { "LoadPackagedLibrary", (SYSCALL)0, 0 },
+#endif
+
+#define osLoadPackagedLibrary ((HMODULE(WINAPI*)(LPCWSTR, \
+ DWORD))aSyscall[69].pCurrent)
+
+#if SQLITE_OS_WINRT
+ { "GetTickCount64", (SYSCALL)GetTickCount64, 0 },
+#else
+ { "GetTickCount64", (SYSCALL)0, 0 },
+#endif
+
+#define osGetTickCount64 ((ULONGLONG(WINAPI*)(VOID))aSyscall[70].pCurrent)
+
+#if SQLITE_OS_WINRT
+ { "GetNativeSystemInfo", (SYSCALL)GetNativeSystemInfo, 0 },
+#else
+ { "GetNativeSystemInfo", (SYSCALL)0, 0 },
+#endif
+
+#define osGetNativeSystemInfo ((VOID(WINAPI*)( \
+ LPSYSTEM_INFO))aSyscall[71].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ { "OutputDebugStringA", (SYSCALL)OutputDebugStringA, 0 },
+#else
+ { "OutputDebugStringA", (SYSCALL)0, 0 },
+#endif
+
+#define osOutputDebugStringA ((VOID(WINAPI*)(LPCSTR))aSyscall[72].pCurrent)
+
+#if defined(SQLITE_WIN32_HAS_WIDE)
+ { "OutputDebugStringW", (SYSCALL)OutputDebugStringW, 0 },
+#else
+ { "OutputDebugStringW", (SYSCALL)0, 0 },
+#endif
+
+#define osOutputDebugStringW ((VOID(WINAPI*)(LPCWSTR))aSyscall[73].pCurrent)
+
+ { "GetProcessHeap", (SYSCALL)GetProcessHeap, 0 },
+
+#define osGetProcessHeap ((HANDLE(WINAPI*)(VOID))aSyscall[74].pCurrent)
+
+#if SQLITE_OS_WINRT && (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0)
+ { "CreateFileMappingFromApp", (SYSCALL)CreateFileMappingFromApp, 0 },
+#else
+ { "CreateFileMappingFromApp", (SYSCALL)0, 0 },
+#endif
+
+#define osCreateFileMappingFromApp ((HANDLE(WINAPI*)(HANDLE, \
+ LPSECURITY_ATTRIBUTES,ULONG,ULONG64,LPCWSTR))aSyscall[75].pCurrent)
+
+/*
+** NOTE: On some sub-platforms, the InterlockedCompareExchange "function"
+** is really just a macro that uses a compiler intrinsic (e.g. x64).
+** So do not try to make this is into a redefinable interface.
+*/
+#if defined(InterlockedCompareExchange)
+ { "InterlockedCompareExchange", (SYSCALL)0, 0 },
+
+#define osInterlockedCompareExchange InterlockedCompareExchange
+#else
+ { "InterlockedCompareExchange", (SYSCALL)InterlockedCompareExchange, 0 },
+
+#define osInterlockedCompareExchange ((LONG(WINAPI*)(LONG \
+ SQLITE_WIN32_VOLATILE*, LONG,LONG))aSyscall[76].pCurrent)
+#endif /* defined(InterlockedCompareExchange) */
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && SQLITE_WIN32_USE_UUID
+ { "UuidCreate", (SYSCALL)UuidCreate, 0 },
+#else
+ { "UuidCreate", (SYSCALL)0, 0 },
+#endif
+
+#define osUuidCreate ((RPC_STATUS(RPC_ENTRY*)(UUID*))aSyscall[77].pCurrent)
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && SQLITE_WIN32_USE_UUID
+ { "UuidCreateSequential", (SYSCALL)UuidCreateSequential, 0 },
+#else
+ { "UuidCreateSequential", (SYSCALL)0, 0 },
+#endif
+
+#define osUuidCreateSequential \
+ ((RPC_STATUS(RPC_ENTRY*)(UUID*))aSyscall[78].pCurrent)
+
+#if !defined(SQLITE_NO_SYNC) && SQLITE_MAX_MMAP_SIZE>0
+ { "FlushViewOfFile", (SYSCALL)FlushViewOfFile, 0 },
+#else
+ { "FlushViewOfFile", (SYSCALL)0, 0 },
+#endif
+
+#define osFlushViewOfFile \
+ ((BOOL(WINAPI*)(LPCVOID,SIZE_T))aSyscall[79].pCurrent)
+
+}; /* End of the overrideable system calls */
+
+/*
+** This is the xSetSystemCall() method of sqlite3_vfs for all of the
+** "win32" VFSes. Return SQLITE_OK opon successfully updating the
+** system call pointer, or SQLITE_NOTFOUND if there is no configurable
+** system call named zName.
+*/
+static int winSetSystemCall(
+ sqlite3_vfs *pNotUsed, /* The VFS pointer. Not used */
+ const char *zName, /* Name of system call to override */
+ sqlite3_syscall_ptr pNewFunc /* Pointer to new system call value */
+){
+ unsigned int i;
+ int rc = SQLITE_NOTFOUND;
+
+ UNUSED_PARAMETER(pNotUsed);
+ if( zName==0 ){
+ /* If no zName is given, restore all system calls to their default
+ ** settings and return NULL
+ */
+ rc = SQLITE_OK;
+ for(i=0; i<sizeof(aSyscall)/sizeof(aSyscall[0]); i++){
+ if( aSyscall[i].pDefault ){
+ aSyscall[i].pCurrent = aSyscall[i].pDefault;
+ }
+ }
+ }else{
+ /* If zName is specified, operate on only the one system call
+ ** specified.
+ */
+ for(i=0; i<sizeof(aSyscall)/sizeof(aSyscall[0]); i++){
+ if( strcmp(zName, aSyscall[i].zName)==0 ){
+ if( aSyscall[i].pDefault==0 ){
+ aSyscall[i].pDefault = aSyscall[i].pCurrent;
+ }
+ rc = SQLITE_OK;
+ if( pNewFunc==0 ) pNewFunc = aSyscall[i].pDefault;
+ aSyscall[i].pCurrent = pNewFunc;
+ break;
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Return the value of a system call. Return NULL if zName is not a
+** recognized system call name. NULL is also returned if the system call
+** is currently undefined.
+*/
+static sqlite3_syscall_ptr winGetSystemCall(
+ sqlite3_vfs *pNotUsed,
+ const char *zName
+){
+ unsigned int i;
+
+ UNUSED_PARAMETER(pNotUsed);
+ for(i=0; i<sizeof(aSyscall)/sizeof(aSyscall[0]); i++){
+ if( strcmp(zName, aSyscall[i].zName)==0 ) return aSyscall[i].pCurrent;
+ }
+ return 0;
+}
+
+/*
+** Return the name of the first system call after zName. If zName==NULL
+** then return the name of the first system call. Return NULL if zName
+** is the last system call or if zName is not the name of a valid
+** system call.
+*/
+static const char *winNextSystemCall(sqlite3_vfs *p, const char *zName){
+ int i = -1;
+
+ UNUSED_PARAMETER(p);
+ if( zName ){
+ for(i=0; i<ArraySize(aSyscall)-1; i++){
+ if( strcmp(zName, aSyscall[i].zName)==0 ) break;
+ }
+ }
+ for(i++; i<ArraySize(aSyscall); i++){
+ if( aSyscall[i].pCurrent!=0 ) return aSyscall[i].zName;
+ }
+ return 0;
+}
+
+#ifdef SQLITE_WIN32_MALLOC
+/*
+** If a Win32 native heap has been configured, this function will attempt to
+** compact it. Upon success, SQLITE_OK will be returned. Upon failure, one
+** of SQLITE_NOMEM, SQLITE_ERROR, or SQLITE_NOTFOUND will be returned. The
+** "pnLargest" argument, if non-zero, will be used to return the size of the
+** largest committed free block in the heap, in bytes.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_win32_compact_heap(LPUINT pnLargest){
+ int rc = SQLITE_OK;
+ UINT nLargest = 0;
+ HANDLE hHeap;
+
+ winMemAssertMagic();
+ hHeap = winMemGetHeap();
+ assert( hHeap!=0 );
+ assert( hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(hHeap, SQLITE_WIN32_HEAP_FLAGS, NULL) );
+#endif
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT
+ if( (nLargest=osHeapCompact(hHeap, SQLITE_WIN32_HEAP_FLAGS))==0 ){
+ DWORD lastErrno = osGetLastError();
+ if( lastErrno==NO_ERROR ){
+ sqlite3_log(SQLITE_NOMEM, "failed to HeapCompact (no space), heap=%p",
+ (void*)hHeap);
+ rc = SQLITE_NOMEM;
+ }else{
+ sqlite3_log(SQLITE_ERROR, "failed to HeapCompact (%lu), heap=%p",
+ osGetLastError(), (void*)hHeap);
+ rc = SQLITE_ERROR;
+ }
+ }
+#else
+ sqlite3_log(SQLITE_NOTFOUND, "failed to HeapCompact, heap=%p",
+ (void*)hHeap);
+ rc = SQLITE_NOTFOUND;
+#endif
+ if( pnLargest ) *pnLargest = nLargest;
+ return rc;
+}
+
+/*
+** If a Win32 native heap has been configured, this function will attempt to
+** destroy and recreate it. If the Win32 native heap is not isolated and/or
+** the sqlite3_memory_used() function does not return zero, SQLITE_BUSY will
+** be returned and no changes will be made to the Win32 native heap.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_win32_reset_heap(){
+ int rc;
+ MUTEX_LOGIC( sqlite3_mutex *pMaster; ) /* The main static mutex */
+ MUTEX_LOGIC( sqlite3_mutex *pMem; ) /* The memsys static mutex */
+ MUTEX_LOGIC( pMaster = sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_MASTER); )
+ MUTEX_LOGIC( pMem = sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_MEM); )
+ sqlite3_mutex_enter(pMaster);
+ sqlite3_mutex_enter(pMem);
+ winMemAssertMagic();
+ if( winMemGetHeap()!=NULL && winMemGetOwned() && sqlite3_memory_used()==0 ){
+ /*
+ ** At this point, there should be no outstanding memory allocations on
+ ** the heap. Also, since both the master and memsys locks are currently
+ ** being held by us, no other function (i.e. from another thread) should
+ ** be able to even access the heap. Attempt to destroy and recreate our
+ ** isolated Win32 native heap now.
+ */
+ assert( winMemGetHeap()!=NULL );
+ assert( winMemGetOwned() );
+ assert( sqlite3_memory_used()==0 );
+ winMemShutdown(winMemGetDataPtr());
+ assert( winMemGetHeap()==NULL );
+ assert( !winMemGetOwned() );
+ assert( sqlite3_memory_used()==0 );
+ rc = winMemInit(winMemGetDataPtr());
+ assert( rc!=SQLITE_OK || winMemGetHeap()!=NULL );
+ assert( rc!=SQLITE_OK || winMemGetOwned() );
+ assert( rc!=SQLITE_OK || sqlite3_memory_used()==0 );
+ }else{
+ /*
+ ** The Win32 native heap cannot be modified because it may be in use.
+ */
+ rc = SQLITE_BUSY;
+ }
+ sqlite3_mutex_leave(pMem);
+ sqlite3_mutex_leave(pMaster);
+ return rc;
+}
+#endif /* SQLITE_WIN32_MALLOC */
+
+/*
+** This function outputs the specified (ANSI) string to the Win32 debugger
+** (if available).
+*/
+
+SQLITE_API void SQLITE_STDCALL sqlite3_win32_write_debug(const char *zBuf, int nBuf){
+ char zDbgBuf[SQLITE_WIN32_DBG_BUF_SIZE];
+ int nMin = MIN(nBuf, (SQLITE_WIN32_DBG_BUF_SIZE - 1)); /* may be negative. */
+ if( nMin<-1 ) nMin = -1; /* all negative values become -1. */
+ assert( nMin==-1 || nMin==0 || nMin<SQLITE_WIN32_DBG_BUF_SIZE );
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ if( nMin>0 ){
+ memset(zDbgBuf, 0, SQLITE_WIN32_DBG_BUF_SIZE);
+ memcpy(zDbgBuf, zBuf, nMin);
+ osOutputDebugStringA(zDbgBuf);
+ }else{
+ osOutputDebugStringA(zBuf);
+ }
+#elif defined(SQLITE_WIN32_HAS_WIDE)
+ memset(zDbgBuf, 0, SQLITE_WIN32_DBG_BUF_SIZE);
+ if ( osMultiByteToWideChar(
+ osAreFileApisANSI() ? CP_ACP : CP_OEMCP, 0, zBuf,
+ nMin, (LPWSTR)zDbgBuf, SQLITE_WIN32_DBG_BUF_SIZE/sizeof(WCHAR))<=0 ){
+ return;
+ }
+ osOutputDebugStringW((LPCWSTR)zDbgBuf);
+#else
+ if( nMin>0 ){
+ memset(zDbgBuf, 0, SQLITE_WIN32_DBG_BUF_SIZE);
+ memcpy(zDbgBuf, zBuf, nMin);
+ fprintf(stderr, "%s", zDbgBuf);
+ }else{
+ fprintf(stderr, "%s", zBuf);
+ }
+#endif
+}
+
+/*
+** The following routine suspends the current thread for at least ms
+** milliseconds. This is equivalent to the Win32 Sleep() interface.
+*/
+#if SQLITE_OS_WINRT
+static HANDLE sleepObj = NULL;
+#endif
+
+SQLITE_API void SQLITE_STDCALL sqlite3_win32_sleep(DWORD milliseconds){
+#if SQLITE_OS_WINRT
+ if ( sleepObj==NULL ){
+ sleepObj = osCreateEventExW(NULL, NULL, CREATE_EVENT_MANUAL_RESET,
+ SYNCHRONIZE);
+ }
+ assert( sleepObj!=NULL );
+ osWaitForSingleObjectEx(sleepObj, milliseconds, FALSE);
+#else
+ osSleep(milliseconds);
+#endif
+}
+
+#if SQLITE_MAX_WORKER_THREADS>0 && !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && \
+ SQLITE_THREADSAFE>0
+SQLITE_PRIVATE DWORD sqlite3Win32Wait(HANDLE hObject){
+ DWORD rc;
+ while( (rc = osWaitForSingleObjectEx(hObject, INFINITE,
+ TRUE))==WAIT_IO_COMPLETION ){}
+ return rc;
+}
+#endif
+
+/*
+** Return true (non-zero) if we are running under WinNT, Win2K, WinXP,
+** or WinCE. Return false (zero) for Win95, Win98, or WinME.
+**
+** Here is an interesting observation: Win95, Win98, and WinME lack
+** the LockFileEx() API. But we can still statically link against that
+** API as long as we don't call it when running Win95/98/ME. A call to
+** this routine is used to determine if the host is Win95/98/ME or
+** WinNT/2K/XP so that we will know whether or not we can safely call
+** the LockFileEx() API.
+*/
+
+#if !defined(SQLITE_WIN32_GETVERSIONEX) || !SQLITE_WIN32_GETVERSIONEX
+# define osIsNT() (1)
+#elif SQLITE_OS_WINCE || SQLITE_OS_WINRT || !defined(SQLITE_WIN32_HAS_ANSI)
+# define osIsNT() (1)
+#elif !defined(SQLITE_WIN32_HAS_WIDE)
+# define osIsNT() (0)
+#else
+# define osIsNT() ((sqlite3_os_type==2) || sqlite3_win32_is_nt())
+#endif
+
+/*
+** This function determines if the machine is running a version of Windows
+** based on the NT kernel.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_win32_is_nt(void){
+#if SQLITE_OS_WINRT
+ /*
+ ** NOTE: The WinRT sub-platform is always assumed to be based on the NT
+ ** kernel.
+ */
+ return 1;
+#elif defined(SQLITE_WIN32_GETVERSIONEX) && SQLITE_WIN32_GETVERSIONEX
+ if( osInterlockedCompareExchange(&sqlite3_os_type, 0, 0)==0 ){
+#if defined(SQLITE_WIN32_HAS_ANSI)
+ OSVERSIONINFOA sInfo;
+ sInfo.dwOSVersionInfoSize = sizeof(sInfo);
+ osGetVersionExA(&sInfo);
+ osInterlockedCompareExchange(&sqlite3_os_type,
+ (sInfo.dwPlatformId == VER_PLATFORM_WIN32_NT) ? 2 : 1, 0);
+#elif defined(SQLITE_WIN32_HAS_WIDE)
+ OSVERSIONINFOW sInfo;
+ sInfo.dwOSVersionInfoSize = sizeof(sInfo);
+ osGetVersionExW(&sInfo);
+ osInterlockedCompareExchange(&sqlite3_os_type,
+ (sInfo.dwPlatformId == VER_PLATFORM_WIN32_NT) ? 2 : 1, 0);
+#endif
+ }
+ return osInterlockedCompareExchange(&sqlite3_os_type, 2, 2)==2;
+#elif SQLITE_TEST
+ return osInterlockedCompareExchange(&sqlite3_os_type, 2, 2)==2;
+#else
+ /*
+ ** NOTE: All sub-platforms where the GetVersionEx[AW] functions are
+ ** deprecated are always assumed to be based on the NT kernel.
+ */
+ return 1;
+#endif
+}
+
+#ifdef SQLITE_WIN32_MALLOC
+/*
+** Allocate nBytes of memory.
+*/
+static void *winMemMalloc(int nBytes){
+ HANDLE hHeap;
+ void *p;
+
+ winMemAssertMagic();
+ hHeap = winMemGetHeap();
+ assert( hHeap!=0 );
+ assert( hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(hHeap, SQLITE_WIN32_HEAP_FLAGS, NULL) );
+#endif
+ assert( nBytes>=0 );
+ p = osHeapAlloc(hHeap, SQLITE_WIN32_HEAP_FLAGS, (SIZE_T)nBytes);
+ if( !p ){
+ sqlite3_log(SQLITE_NOMEM, "failed to HeapAlloc %u bytes (%lu), heap=%p",
+ nBytes, osGetLastError(), (void*)hHeap);
+ }
+ return p;
+}
+
+/*
+** Free memory.
+*/
+static void winMemFree(void *pPrior){
+ HANDLE hHeap;
+
+ winMemAssertMagic();
+ hHeap = winMemGetHeap();
+ assert( hHeap!=0 );
+ assert( hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(hHeap, SQLITE_WIN32_HEAP_FLAGS, pPrior) );
+#endif
+ if( !pPrior ) return; /* Passing NULL to HeapFree is undefined. */
+ if( !osHeapFree(hHeap, SQLITE_WIN32_HEAP_FLAGS, pPrior) ){
+ sqlite3_log(SQLITE_NOMEM, "failed to HeapFree block %p (%lu), heap=%p",
+ pPrior, osGetLastError(), (void*)hHeap);
+ }
+}
+
+/*
+** Change the size of an existing memory allocation
+*/
+static void *winMemRealloc(void *pPrior, int nBytes){
+ HANDLE hHeap;
+ void *p;
+
+ winMemAssertMagic();
+ hHeap = winMemGetHeap();
+ assert( hHeap!=0 );
+ assert( hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(hHeap, SQLITE_WIN32_HEAP_FLAGS, pPrior) );
+#endif
+ assert( nBytes>=0 );
+ if( !pPrior ){
+ p = osHeapAlloc(hHeap, SQLITE_WIN32_HEAP_FLAGS, (SIZE_T)nBytes);
+ }else{
+ p = osHeapReAlloc(hHeap, SQLITE_WIN32_HEAP_FLAGS, pPrior, (SIZE_T)nBytes);
+ }
+ if( !p ){
+ sqlite3_log(SQLITE_NOMEM, "failed to %s %u bytes (%lu), heap=%p",
+ pPrior ? "HeapReAlloc" : "HeapAlloc", nBytes, osGetLastError(),
+ (void*)hHeap);
+ }
+ return p;
+}
+
+/*
+** Return the size of an outstanding allocation, in bytes.
+*/
+static int winMemSize(void *p){
+ HANDLE hHeap;
+ SIZE_T n;
+
+ winMemAssertMagic();
+ hHeap = winMemGetHeap();
+ assert( hHeap!=0 );
+ assert( hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(hHeap, SQLITE_WIN32_HEAP_FLAGS, p) );
+#endif
+ if( !p ) return 0;
+ n = osHeapSize(hHeap, SQLITE_WIN32_HEAP_FLAGS, p);
+ if( n==(SIZE_T)-1 ){
+ sqlite3_log(SQLITE_NOMEM, "failed to HeapSize block %p (%lu), heap=%p",
+ p, osGetLastError(), (void*)hHeap);
+ return 0;
+ }
+ return (int)n;
+}
+
+/*
+** Round up a request size to the next valid allocation size.
+*/
+static int winMemRoundup(int n){
+ return n;
+}
+
+/*
+** Initialize this module.
+*/
+static int winMemInit(void *pAppData){
+ winMemData *pWinMemData = (winMemData *)pAppData;
+
+ if( !pWinMemData ) return SQLITE_ERROR;
+ assert( pWinMemData->magic1==WINMEM_MAGIC1 );
+ assert( pWinMemData->magic2==WINMEM_MAGIC2 );
+
+#if !SQLITE_OS_WINRT && SQLITE_WIN32_HEAP_CREATE
+ if( !pWinMemData->hHeap ){
+ DWORD dwInitialSize = SQLITE_WIN32_HEAP_INIT_SIZE;
+ DWORD dwMaximumSize = (DWORD)sqlite3GlobalConfig.nHeap;
+ if( dwMaximumSize==0 ){
+ dwMaximumSize = SQLITE_WIN32_HEAP_MAX_SIZE;
+ }else if( dwInitialSize>dwMaximumSize ){
+ dwInitialSize = dwMaximumSize;
+ }
+ pWinMemData->hHeap = osHeapCreate(SQLITE_WIN32_HEAP_FLAGS,
+ dwInitialSize, dwMaximumSize);
+ if( !pWinMemData->hHeap ){
+ sqlite3_log(SQLITE_NOMEM,
+ "failed to HeapCreate (%lu), flags=%u, initSize=%lu, maxSize=%lu",
+ osGetLastError(), SQLITE_WIN32_HEAP_FLAGS, dwInitialSize,
+ dwMaximumSize);
+ return SQLITE_NOMEM;
+ }
+ pWinMemData->bOwned = TRUE;
+ assert( pWinMemData->bOwned );
+ }
+#else
+ pWinMemData->hHeap = osGetProcessHeap();
+ if( !pWinMemData->hHeap ){
+ sqlite3_log(SQLITE_NOMEM,
+ "failed to GetProcessHeap (%lu)", osGetLastError());
+ return SQLITE_NOMEM;
+ }
+ pWinMemData->bOwned = FALSE;
+ assert( !pWinMemData->bOwned );
+#endif
+ assert( pWinMemData->hHeap!=0 );
+ assert( pWinMemData->hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(pWinMemData->hHeap, SQLITE_WIN32_HEAP_FLAGS, NULL) );
+#endif
+ return SQLITE_OK;
+}
+
+/*
+** Deinitialize this module.
+*/
+static void winMemShutdown(void *pAppData){
+ winMemData *pWinMemData = (winMemData *)pAppData;
+
+ if( !pWinMemData ) return;
+ assert( pWinMemData->magic1==WINMEM_MAGIC1 );
+ assert( pWinMemData->magic2==WINMEM_MAGIC2 );
+
+ if( pWinMemData->hHeap ){
+ assert( pWinMemData->hHeap!=INVALID_HANDLE_VALUE );
+#if !SQLITE_OS_WINRT && defined(SQLITE_WIN32_MALLOC_VALIDATE)
+ assert( osHeapValidate(pWinMemData->hHeap, SQLITE_WIN32_HEAP_FLAGS, NULL) );
+#endif
+ if( pWinMemData->bOwned ){
+ if( !osHeapDestroy(pWinMemData->hHeap) ){
+ sqlite3_log(SQLITE_NOMEM, "failed to HeapDestroy (%lu), heap=%p",
+ osGetLastError(), (void*)pWinMemData->hHeap);
+ }
+ pWinMemData->bOwned = FALSE;
+ }
+ pWinMemData->hHeap = NULL;
+ }
+}
+
+/*
+** Populate the low-level memory allocation function pointers in
+** sqlite3GlobalConfig.m with pointers to the routines in this file. The
+** arguments specify the block of memory to manage.
+**
+** This routine is only called by sqlite3_config(), and therefore
+** is not required to be threadsafe (it is not).
+*/
+SQLITE_PRIVATE const sqlite3_mem_methods *sqlite3MemGetWin32(void){
+ static const sqlite3_mem_methods winMemMethods = {
+ winMemMalloc,
+ winMemFree,
+ winMemRealloc,
+ winMemSize,
+ winMemRoundup,
+ winMemInit,
+ winMemShutdown,
+ &win_mem_data
+ };
+ return &winMemMethods;
+}
+
+SQLITE_PRIVATE void sqlite3MemSetDefault(void){
+ sqlite3_config(SQLITE_CONFIG_MALLOC, sqlite3MemGetWin32());
+}
+#endif /* SQLITE_WIN32_MALLOC */
+
+/*
+** Convert a UTF-8 string to Microsoft Unicode (UTF-16?).
+**
+** Space to hold the returned string is obtained from malloc.
+*/
+static LPWSTR winUtf8ToUnicode(const char *zFilename){
+ int nChar;
+ LPWSTR zWideFilename;
+
+ nChar = osMultiByteToWideChar(CP_UTF8, 0, zFilename, -1, NULL, 0);
+ if( nChar==0 ){
+ return 0;
+ }
+ zWideFilename = sqlite3MallocZero( nChar*sizeof(zWideFilename[0]) );
+ if( zWideFilename==0 ){
+ return 0;
+ }
+ nChar = osMultiByteToWideChar(CP_UTF8, 0, zFilename, -1, zWideFilename,
+ nChar);
+ if( nChar==0 ){
+ sqlite3_free(zWideFilename);
+ zWideFilename = 0;
+ }
+ return zWideFilename;
+}
+
+/*
+** Convert Microsoft Unicode to UTF-8. Space to hold the returned string is
+** obtained from sqlite3_malloc().
+*/
+static char *winUnicodeToUtf8(LPCWSTR zWideFilename){
+ int nByte;
+ char *zFilename;
+
+ nByte = osWideCharToMultiByte(CP_UTF8, 0, zWideFilename, -1, 0, 0, 0, 0);
+ if( nByte == 0 ){
+ return 0;
+ }
+ zFilename = sqlite3MallocZero( nByte );
+ if( zFilename==0 ){
+ return 0;
+ }
+ nByte = osWideCharToMultiByte(CP_UTF8, 0, zWideFilename, -1, zFilename, nByte,
+ 0, 0);
+ if( nByte == 0 ){
+ sqlite3_free(zFilename);
+ zFilename = 0;
+ }
+ return zFilename;
+}
+
+/*
+** Convert an ANSI string to Microsoft Unicode, based on the
+** current codepage settings for file apis.
+**
+** Space to hold the returned string is obtained
+** from sqlite3_malloc.
+*/
+static LPWSTR winMbcsToUnicode(const char *zFilename){
+ int nByte;
+ LPWSTR zMbcsFilename;
+ int codepage = osAreFileApisANSI() ? CP_ACP : CP_OEMCP;
+
+ nByte = osMultiByteToWideChar(codepage, 0, zFilename, -1, NULL,
+ 0)*sizeof(WCHAR);
+ if( nByte==0 ){
+ return 0;
+ }
+ zMbcsFilename = sqlite3MallocZero( nByte*sizeof(zMbcsFilename[0]) );
+ if( zMbcsFilename==0 ){
+ return 0;
+ }
+ nByte = osMultiByteToWideChar(codepage, 0, zFilename, -1, zMbcsFilename,
+ nByte);
+ if( nByte==0 ){
+ sqlite3_free(zMbcsFilename);
+ zMbcsFilename = 0;
+ }
+ return zMbcsFilename;
+}
+
+/*
+** Convert Microsoft Unicode to multi-byte character string, based on the
+** user's ANSI codepage.
+**
+** Space to hold the returned string is obtained from
+** sqlite3_malloc().
+*/
+static char *winUnicodeToMbcs(LPCWSTR zWideFilename){
+ int nByte;
+ char *zFilename;
+ int codepage = osAreFileApisANSI() ? CP_ACP : CP_OEMCP;
+
+ nByte = osWideCharToMultiByte(codepage, 0, zWideFilename, -1, 0, 0, 0, 0);
+ if( nByte == 0 ){
+ return 0;
+ }
+ zFilename = sqlite3MallocZero( nByte );
+ if( zFilename==0 ){
+ return 0;
+ }
+ nByte = osWideCharToMultiByte(codepage, 0, zWideFilename, -1, zFilename,
+ nByte, 0, 0);
+ if( nByte == 0 ){
+ sqlite3_free(zFilename);
+ zFilename = 0;
+ }
+ return zFilename;
+}
+
+/*
+** Convert multibyte character string to UTF-8. Space to hold the
+** returned string is obtained from sqlite3_malloc().
+*/
+SQLITE_API char *SQLITE_STDCALL sqlite3_win32_mbcs_to_utf8(const char *zFilename){
+ char *zFilenameUtf8;
+ LPWSTR zTmpWide;
+
+ zTmpWide = winMbcsToUnicode(zFilename);
+ if( zTmpWide==0 ){
+ return 0;
+ }
+ zFilenameUtf8 = winUnicodeToUtf8(zTmpWide);
+ sqlite3_free(zTmpWide);
+ return zFilenameUtf8;
+}
+
+/*
+** Convert UTF-8 to multibyte character string. Space to hold the
+** returned string is obtained from sqlite3_malloc().
+*/
+SQLITE_API char *SQLITE_STDCALL sqlite3_win32_utf8_to_mbcs(const char *zFilename){
+ char *zFilenameMbcs;
+ LPWSTR zTmpWide;
+
+ zTmpWide = winUtf8ToUnicode(zFilename);
+ if( zTmpWide==0 ){
+ return 0;
+ }
+ zFilenameMbcs = winUnicodeToMbcs(zTmpWide);
+ sqlite3_free(zTmpWide);
+ return zFilenameMbcs;
+}
+
+/*
+** This function sets the data directory or the temporary directory based on
+** the provided arguments. The type argument must be 1 in order to set the
+** data directory or 2 in order to set the temporary directory. The zValue
+** argument is the name of the directory to use. The return value will be
+** SQLITE_OK if successful.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_win32_set_directory(DWORD type, LPCWSTR zValue){
+ char **ppDirectory = 0;
+#ifndef SQLITE_OMIT_AUTOINIT
+ int rc = sqlite3_initialize();
+ if( rc ) return rc;
+#endif
+ if( type==SQLITE_WIN32_DATA_DIRECTORY_TYPE ){
+ ppDirectory = &sqlite3_data_directory;
+ }else if( type==SQLITE_WIN32_TEMP_DIRECTORY_TYPE ){
+ ppDirectory = &sqlite3_temp_directory;
+ }
+ assert( !ppDirectory || type==SQLITE_WIN32_DATA_DIRECTORY_TYPE
+ || type==SQLITE_WIN32_TEMP_DIRECTORY_TYPE
+ );
+ assert( !ppDirectory || sqlite3MemdebugHasType(*ppDirectory, MEMTYPE_HEAP) );
+ if( ppDirectory ){
+ char *zValueUtf8 = 0;
+ if( zValue && zValue[0] ){
+ zValueUtf8 = winUnicodeToUtf8(zValue);
+ if ( zValueUtf8==0 ){
+ return SQLITE_NOMEM;
+ }
+ }
+ sqlite3_free(*ppDirectory);
+ *ppDirectory = zValueUtf8;
+ return SQLITE_OK;
+ }
+ return SQLITE_ERROR;
+}
+
+/*
+** The return value of winGetLastErrorMsg
+** is zero if the error message fits in the buffer, or non-zero
+** otherwise (if the message was truncated).
+*/
+static int winGetLastErrorMsg(DWORD lastErrno, int nBuf, char *zBuf){
+ /* FormatMessage returns 0 on failure. Otherwise it
+ ** returns the number of TCHARs written to the output
+ ** buffer, excluding the terminating null char.
+ */
+ DWORD dwLen = 0;
+ char *zOut = 0;
+
+ if( osIsNT() ){
+#if SQLITE_OS_WINRT
+ WCHAR zTempWide[SQLITE_WIN32_MAX_ERRMSG_CHARS+1];
+ dwLen = osFormatMessageW(FORMAT_MESSAGE_FROM_SYSTEM |
+ FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ lastErrno,
+ 0,
+ zTempWide,
+ SQLITE_WIN32_MAX_ERRMSG_CHARS,
+ 0);
+#else
+ LPWSTR zTempWide = NULL;
+ dwLen = osFormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
+ FORMAT_MESSAGE_FROM_SYSTEM |
+ FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ lastErrno,
+ 0,
+ (LPWSTR) &zTempWide,
+ 0,
+ 0);
+#endif
+ if( dwLen > 0 ){
+ /* allocate a buffer and convert to UTF8 */
+ sqlite3BeginBenignMalloc();
+ zOut = winUnicodeToUtf8(zTempWide);
+ sqlite3EndBenignMalloc();
+#if !SQLITE_OS_WINRT
+ /* free the system buffer allocated by FormatMessage */
+ osLocalFree(zTempWide);
+#endif
+ }
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ char *zTemp = NULL;
+ dwLen = osFormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER |
+ FORMAT_MESSAGE_FROM_SYSTEM |
+ FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ lastErrno,
+ 0,
+ (LPSTR) &zTemp,
+ 0,
+ 0);
+ if( dwLen > 0 ){
+ /* allocate a buffer and convert to UTF8 */
+ sqlite3BeginBenignMalloc();
+ zOut = sqlite3_win32_mbcs_to_utf8(zTemp);
+ sqlite3EndBenignMalloc();
+ /* free the system buffer allocated by FormatMessage */
+ osLocalFree(zTemp);
+ }
+ }
+#endif
+ if( 0 == dwLen ){
+ sqlite3_snprintf(nBuf, zBuf, "OsError 0x%lx (%lu)", lastErrno, lastErrno);
+ }else{
+ /* copy a maximum of nBuf chars to output buffer */
+ sqlite3_snprintf(nBuf, zBuf, "%s", zOut);
+ /* free the UTF8 buffer */
+ sqlite3_free(zOut);
+ }
+ return 0;
+}
+
+/*
+**
+** This function - winLogErrorAtLine() - is only ever called via the macro
+** winLogError().
+**
+** This routine is invoked after an error occurs in an OS function.
+** It logs a message using sqlite3_log() containing the current value of
+** error code and, if possible, the human-readable equivalent from
+** FormatMessage.
+**
+** The first argument passed to the macro should be the error code that
+** will be returned to SQLite (e.g. SQLITE_IOERR_DELETE, SQLITE_CANTOPEN).
+** The two subsequent arguments should be the name of the OS function that
+** failed and the associated file-system path, if any.
+*/
+#define winLogError(a,b,c,d) winLogErrorAtLine(a,b,c,d,__LINE__)
+static int winLogErrorAtLine(
+ int errcode, /* SQLite error code */
+ DWORD lastErrno, /* Win32 last error */
+ const char *zFunc, /* Name of OS function that failed */
+ const char *zPath, /* File path associated with error */
+ int iLine /* Source line number where error occurred */
+){
+ char zMsg[500]; /* Human readable error text */
+ int i; /* Loop counter */
+
+ zMsg[0] = 0;
+ winGetLastErrorMsg(lastErrno, sizeof(zMsg), zMsg);
+ assert( errcode!=SQLITE_OK );
+ if( zPath==0 ) zPath = "";
+ for(i=0; zMsg[i] && zMsg[i]!='\r' && zMsg[i]!='\n'; i++){}
+ zMsg[i] = 0;
+ sqlite3_log(errcode,
+ "os_win.c:%d: (%lu) %s(%s) - %s",
+ iLine, lastErrno, zFunc, zPath, zMsg
+ );
+
+ return errcode;
+}
+
+/*
+** The number of times that a ReadFile(), WriteFile(), and DeleteFile()
+** will be retried following a locking error - probably caused by
+** antivirus software. Also the initial delay before the first retry.
+** The delay increases linearly with each retry.
+*/
+#ifndef SQLITE_WIN32_IOERR_RETRY
+# define SQLITE_WIN32_IOERR_RETRY 10
+#endif
+#ifndef SQLITE_WIN32_IOERR_RETRY_DELAY
+# define SQLITE_WIN32_IOERR_RETRY_DELAY 25
+#endif
+static int winIoerrRetry = SQLITE_WIN32_IOERR_RETRY;
+static int winIoerrRetryDelay = SQLITE_WIN32_IOERR_RETRY_DELAY;
+
+/*
+** The "winIoerrCanRetry1" macro is used to determine if a particular I/O
+** error code obtained via GetLastError() is eligible to be retried. It
+** must accept the error code DWORD as its only argument and should return
+** non-zero if the error code is transient in nature and the operation
+** responsible for generating the original error might succeed upon being
+** retried. The argument to this macro should be a variable.
+**
+** Additionally, a macro named "winIoerrCanRetry2" may be defined. If it
+** is defined, it will be consulted only when the macro "winIoerrCanRetry1"
+** returns zero. The "winIoerrCanRetry2" macro is completely optional and
+** may be used to include additional error codes in the set that should
+** result in the failing I/O operation being retried by the caller. If
+** defined, the "winIoerrCanRetry2" macro must exhibit external semantics
+** identical to those of the "winIoerrCanRetry1" macro.
+*/
+#if !defined(winIoerrCanRetry1)
+#define winIoerrCanRetry1(a) (((a)==ERROR_ACCESS_DENIED) || \
+ ((a)==ERROR_SHARING_VIOLATION) || \
+ ((a)==ERROR_LOCK_VIOLATION) || \
+ ((a)==ERROR_DEV_NOT_EXIST) || \
+ ((a)==ERROR_NETNAME_DELETED) || \
+ ((a)==ERROR_SEM_TIMEOUT) || \
+ ((a)==ERROR_NETWORK_UNREACHABLE))
+#endif
+
+/*
+** If a ReadFile() or WriteFile() error occurs, invoke this routine
+** to see if it should be retried. Return TRUE to retry. Return FALSE
+** to give up with an error.
+*/
+static int winRetryIoerr(int *pnRetry, DWORD *pError){
+ DWORD e = osGetLastError();
+ if( *pnRetry>=winIoerrRetry ){
+ if( pError ){
+ *pError = e;
+ }
+ return 0;
+ }
+ if( winIoerrCanRetry1(e) ){
+ sqlite3_win32_sleep(winIoerrRetryDelay*(1+*pnRetry));
+ ++*pnRetry;
+ return 1;
+ }
+#if defined(winIoerrCanRetry2)
+ else if( winIoerrCanRetry2(e) ){
+ sqlite3_win32_sleep(winIoerrRetryDelay*(1+*pnRetry));
+ ++*pnRetry;
+ return 1;
+ }
+#endif
+ if( pError ){
+ *pError = e;
+ }
+ return 0;
+}
+
+/*
+** Log a I/O error retry episode.
+*/
+static void winLogIoerr(int nRetry, int lineno){
+ if( nRetry ){
+ sqlite3_log(SQLITE_NOTICE,
+ "delayed %dms for lock/sharing conflict at line %d",
+ winIoerrRetryDelay*nRetry*(nRetry+1)/2, lineno
+ );
+ }
+}
+
+#if SQLITE_OS_WINCE
+/*************************************************************************
+** This section contains code for WinCE only.
+*/
+#if !defined(SQLITE_MSVC_LOCALTIME_API) || !SQLITE_MSVC_LOCALTIME_API
+/*
+** The MSVC CRT on Windows CE may not have a localtime() function. So
+** create a substitute.
+*/
+/* #include <time.h> */
+struct tm *__cdecl localtime(const time_t *t)
+{
+ static struct tm y;
+ FILETIME uTm, lTm;
+ SYSTEMTIME pTm;
+ sqlite3_int64 t64;
+ t64 = *t;
+ t64 = (t64 + 11644473600)*10000000;
+ uTm.dwLowDateTime = (DWORD)(t64 & 0xFFFFFFFF);
+ uTm.dwHighDateTime= (DWORD)(t64 >> 32);
+ osFileTimeToLocalFileTime(&uTm,&lTm);
+ osFileTimeToSystemTime(&lTm,&pTm);
+ y.tm_year = pTm.wYear - 1900;
+ y.tm_mon = pTm.wMonth - 1;
+ y.tm_wday = pTm.wDayOfWeek;
+ y.tm_mday = pTm.wDay;
+ y.tm_hour = pTm.wHour;
+ y.tm_min = pTm.wMinute;
+ y.tm_sec = pTm.wSecond;
+ return &y;
+}
+#endif
+
+#define HANDLE_TO_WINFILE(a) (winFile*)&((char*)a)[-(int)offsetof(winFile,h)]
+
+/*
+** Acquire a lock on the handle h
+*/
+static void winceMutexAcquire(HANDLE h){
+ DWORD dwErr;
+ do {
+ dwErr = osWaitForSingleObject(h, INFINITE);
+ } while (dwErr != WAIT_OBJECT_0 && dwErr != WAIT_ABANDONED);
+}
+/*
+** Release a lock acquired by winceMutexAcquire()
+*/
+#define winceMutexRelease(h) ReleaseMutex(h)
+
+/*
+** Create the mutex and shared memory used for locking in the file
+** descriptor pFile
+*/
+static int winceCreateLock(const char *zFilename, winFile *pFile){
+ LPWSTR zTok;
+ LPWSTR zName;
+ DWORD lastErrno;
+ BOOL bLogged = FALSE;
+ BOOL bInit = TRUE;
+
+ zName = winUtf8ToUnicode(zFilename);
+ if( zName==0 ){
+ /* out of memory */
+ return SQLITE_IOERR_NOMEM;
+ }
+
+ /* Initialize the local lockdata */
+ memset(&pFile->local, 0, sizeof(pFile->local));
+
+ /* Replace the backslashes from the filename and lowercase it
+ ** to derive a mutex name. */
+ zTok = osCharLowerW(zName);
+ for (;*zTok;zTok++){
+ if (*zTok == '\\') *zTok = '_';
+ }
+
+ /* Create/open the named mutex */
+ pFile->hMutex = osCreateMutexW(NULL, FALSE, zName);
+ if (!pFile->hMutex){
+ pFile->lastErrno = osGetLastError();
+ sqlite3_free(zName);
+ return winLogError(SQLITE_IOERR, pFile->lastErrno,
+ "winceCreateLock1", zFilename);
+ }
+
+ /* Acquire the mutex before continuing */
+ winceMutexAcquire(pFile->hMutex);
+
+ /* Since the names of named mutexes, semaphores, file mappings etc are
+ ** case-sensitive, take advantage of that by uppercasing the mutex name
+ ** and using that as the shared filemapping name.
+ */
+ osCharUpperW(zName);
+ pFile->hShared = osCreateFileMappingW(INVALID_HANDLE_VALUE, NULL,
+ PAGE_READWRITE, 0, sizeof(winceLock),
+ zName);
+
+ /* Set a flag that indicates we're the first to create the memory so it
+ ** must be zero-initialized */
+ lastErrno = osGetLastError();
+ if (lastErrno == ERROR_ALREADY_EXISTS){
+ bInit = FALSE;
+ }
+
+ sqlite3_free(zName);
+
+ /* If we succeeded in making the shared memory handle, map it. */
+ if( pFile->hShared ){
+ pFile->shared = (winceLock*)osMapViewOfFile(pFile->hShared,
+ FILE_MAP_READ|FILE_MAP_WRITE, 0, 0, sizeof(winceLock));
+ /* If mapping failed, close the shared memory handle and erase it */
+ if( !pFile->shared ){
+ pFile->lastErrno = osGetLastError();
+ winLogError(SQLITE_IOERR, pFile->lastErrno,
+ "winceCreateLock2", zFilename);
+ bLogged = TRUE;
+ osCloseHandle(pFile->hShared);
+ pFile->hShared = NULL;
+ }
+ }
+
+ /* If shared memory could not be created, then close the mutex and fail */
+ if( pFile->hShared==NULL ){
+ if( !bLogged ){
+ pFile->lastErrno = lastErrno;
+ winLogError(SQLITE_IOERR, pFile->lastErrno,
+ "winceCreateLock3", zFilename);
+ bLogged = TRUE;
+ }
+ winceMutexRelease(pFile->hMutex);
+ osCloseHandle(pFile->hMutex);
+ pFile->hMutex = NULL;
+ return SQLITE_IOERR;
+ }
+
+ /* Initialize the shared memory if we're supposed to */
+ if( bInit ){
+ memset(pFile->shared, 0, sizeof(winceLock));
+ }
+
+ winceMutexRelease(pFile->hMutex);
+ return SQLITE_OK;
+}
+
+/*
+** Destroy the part of winFile that deals with wince locks
+*/
+static void winceDestroyLock(winFile *pFile){
+ if (pFile->hMutex){
+ /* Acquire the mutex */
+ winceMutexAcquire(pFile->hMutex);
+
+ /* The following blocks should probably assert in debug mode, but they
+ are to cleanup in case any locks remained open */
+ if (pFile->local.nReaders){
+ pFile->shared->nReaders --;
+ }
+ if (pFile->local.bReserved){
+ pFile->shared->bReserved = FALSE;
+ }
+ if (pFile->local.bPending){
+ pFile->shared->bPending = FALSE;
+ }
+ if (pFile->local.bExclusive){
+ pFile->shared->bExclusive = FALSE;
+ }
+
+ /* De-reference and close our copy of the shared memory handle */
+ osUnmapViewOfFile(pFile->shared);
+ osCloseHandle(pFile->hShared);
+
+ /* Done with the mutex */
+ winceMutexRelease(pFile->hMutex);
+ osCloseHandle(pFile->hMutex);
+ pFile->hMutex = NULL;
+ }
+}
+
+/*
+** An implementation of the LockFile() API of Windows for CE
+*/
+static BOOL winceLockFile(
+ LPHANDLE phFile,
+ DWORD dwFileOffsetLow,
+ DWORD dwFileOffsetHigh,
+ DWORD nNumberOfBytesToLockLow,
+ DWORD nNumberOfBytesToLockHigh
+){
+ winFile *pFile = HANDLE_TO_WINFILE(phFile);
+ BOOL bReturn = FALSE;
+
+ UNUSED_PARAMETER(dwFileOffsetHigh);
+ UNUSED_PARAMETER(nNumberOfBytesToLockHigh);
+
+ if (!pFile->hMutex) return TRUE;
+ winceMutexAcquire(pFile->hMutex);
+
+ /* Wanting an exclusive lock? */
+ if (dwFileOffsetLow == (DWORD)SHARED_FIRST
+ && nNumberOfBytesToLockLow == (DWORD)SHARED_SIZE){
+ if (pFile->shared->nReaders == 0 && pFile->shared->bExclusive == 0){
+ pFile->shared->bExclusive = TRUE;
+ pFile->local.bExclusive = TRUE;
+ bReturn = TRUE;
+ }
+ }
+
+ /* Want a read-only lock? */
+ else if (dwFileOffsetLow == (DWORD)SHARED_FIRST &&
+ nNumberOfBytesToLockLow == 1){
+ if (pFile->shared->bExclusive == 0){
+ pFile->local.nReaders ++;
+ if (pFile->local.nReaders == 1){
+ pFile->shared->nReaders ++;
+ }
+ bReturn = TRUE;
+ }
+ }
+
+ /* Want a pending lock? */
+ else if (dwFileOffsetLow == (DWORD)PENDING_BYTE
+ && nNumberOfBytesToLockLow == 1){
+ /* If no pending lock has been acquired, then acquire it */
+ if (pFile->shared->bPending == 0) {
+ pFile->shared->bPending = TRUE;
+ pFile->local.bPending = TRUE;
+ bReturn = TRUE;
+ }
+ }
+
+ /* Want a reserved lock? */
+ else if (dwFileOffsetLow == (DWORD)RESERVED_BYTE
+ && nNumberOfBytesToLockLow == 1){
+ if (pFile->shared->bReserved == 0) {
+ pFile->shared->bReserved = TRUE;
+ pFile->local.bReserved = TRUE;
+ bReturn = TRUE;
+ }
+ }
+
+ winceMutexRelease(pFile->hMutex);
+ return bReturn;
+}
+
+/*
+** An implementation of the UnlockFile API of Windows for CE
+*/
+static BOOL winceUnlockFile(
+ LPHANDLE phFile,
+ DWORD dwFileOffsetLow,
+ DWORD dwFileOffsetHigh,
+ DWORD nNumberOfBytesToUnlockLow,
+ DWORD nNumberOfBytesToUnlockHigh
+){
+ winFile *pFile = HANDLE_TO_WINFILE(phFile);
+ BOOL bReturn = FALSE;
+
+ UNUSED_PARAMETER(dwFileOffsetHigh);
+ UNUSED_PARAMETER(nNumberOfBytesToUnlockHigh);
+
+ if (!pFile->hMutex) return TRUE;
+ winceMutexAcquire(pFile->hMutex);
+
+ /* Releasing a reader lock or an exclusive lock */
+ if (dwFileOffsetLow == (DWORD)SHARED_FIRST){
+ /* Did we have an exclusive lock? */
+ if (pFile->local.bExclusive){
+ assert(nNumberOfBytesToUnlockLow == (DWORD)SHARED_SIZE);
+ pFile->local.bExclusive = FALSE;
+ pFile->shared->bExclusive = FALSE;
+ bReturn = TRUE;
+ }
+
+ /* Did we just have a reader lock? */
+ else if (pFile->local.nReaders){
+ assert(nNumberOfBytesToUnlockLow == (DWORD)SHARED_SIZE
+ || nNumberOfBytesToUnlockLow == 1);
+ pFile->local.nReaders --;
+ if (pFile->local.nReaders == 0)
+ {
+ pFile->shared->nReaders --;
+ }
+ bReturn = TRUE;
+ }
+ }
+
+ /* Releasing a pending lock */
+ else if (dwFileOffsetLow == (DWORD)PENDING_BYTE
+ && nNumberOfBytesToUnlockLow == 1){
+ if (pFile->local.bPending){
+ pFile->local.bPending = FALSE;
+ pFile->shared->bPending = FALSE;
+ bReturn = TRUE;
+ }
+ }
+ /* Releasing a reserved lock */
+ else if (dwFileOffsetLow == (DWORD)RESERVED_BYTE
+ && nNumberOfBytesToUnlockLow == 1){
+ if (pFile->local.bReserved) {
+ pFile->local.bReserved = FALSE;
+ pFile->shared->bReserved = FALSE;
+ bReturn = TRUE;
+ }
+ }
+
+ winceMutexRelease(pFile->hMutex);
+ return bReturn;
+}
+/*
+** End of the special code for wince
+*****************************************************************************/
+#endif /* SQLITE_OS_WINCE */
+
+/*
+** Lock a file region.
+*/
+static BOOL winLockFile(
+ LPHANDLE phFile,
+ DWORD flags,
+ DWORD offsetLow,
+ DWORD offsetHigh,
+ DWORD numBytesLow,
+ DWORD numBytesHigh
+){
+#if SQLITE_OS_WINCE
+ /*
+ ** NOTE: Windows CE is handled differently here due its lack of the Win32
+ ** API LockFile.
+ */
+ return winceLockFile(phFile, offsetLow, offsetHigh,
+ numBytesLow, numBytesHigh);
+#else
+ if( osIsNT() ){
+ OVERLAPPED ovlp;
+ memset(&ovlp, 0, sizeof(OVERLAPPED));
+ ovlp.Offset = offsetLow;
+ ovlp.OffsetHigh = offsetHigh;
+ return osLockFileEx(*phFile, flags, 0, numBytesLow, numBytesHigh, &ovlp);
+ }else{
+ return osLockFile(*phFile, offsetLow, offsetHigh, numBytesLow,
+ numBytesHigh);
+ }
+#endif
+}
+
+/*
+** Unlock a file region.
+ */
+static BOOL winUnlockFile(
+ LPHANDLE phFile,
+ DWORD offsetLow,
+ DWORD offsetHigh,
+ DWORD numBytesLow,
+ DWORD numBytesHigh
+){
+#if SQLITE_OS_WINCE
+ /*
+ ** NOTE: Windows CE is handled differently here due its lack of the Win32
+ ** API UnlockFile.
+ */
+ return winceUnlockFile(phFile, offsetLow, offsetHigh,
+ numBytesLow, numBytesHigh);
+#else
+ if( osIsNT() ){
+ OVERLAPPED ovlp;
+ memset(&ovlp, 0, sizeof(OVERLAPPED));
+ ovlp.Offset = offsetLow;
+ ovlp.OffsetHigh = offsetHigh;
+ return osUnlockFileEx(*phFile, 0, numBytesLow, numBytesHigh, &ovlp);
+ }else{
+ return osUnlockFile(*phFile, offsetLow, offsetHigh, numBytesLow,
+ numBytesHigh);
+ }
+#endif
+}
+
+/*****************************************************************************
+** The next group of routines implement the I/O methods specified
+** by the sqlite3_io_methods object.
+******************************************************************************/
+
+/*
+** Some Microsoft compilers lack this definition.
+*/
+#ifndef INVALID_SET_FILE_POINTER
+# define INVALID_SET_FILE_POINTER ((DWORD)-1)
+#endif
+
+/*
+** Move the current position of the file handle passed as the first
+** argument to offset iOffset within the file. If successful, return 0.
+** Otherwise, set pFile->lastErrno and return non-zero.
+*/
+static int winSeekFile(winFile *pFile, sqlite3_int64 iOffset){
+#if !SQLITE_OS_WINRT
+ LONG upperBits; /* Most sig. 32 bits of new offset */
+ LONG lowerBits; /* Least sig. 32 bits of new offset */
+ DWORD dwRet; /* Value returned by SetFilePointer() */
+ DWORD lastErrno; /* Value returned by GetLastError() */
+
+ OSTRACE(("SEEK file=%p, offset=%lld\n", pFile->h, iOffset));
+
+ upperBits = (LONG)((iOffset>>32) & 0x7fffffff);
+ lowerBits = (LONG)(iOffset & 0xffffffff);
+
+ /* API oddity: If successful, SetFilePointer() returns a dword
+ ** containing the lower 32-bits of the new file-offset. Or, if it fails,
+ ** it returns INVALID_SET_FILE_POINTER. However according to MSDN,
+ ** INVALID_SET_FILE_POINTER may also be a valid new offset. So to determine
+ ** whether an error has actually occurred, it is also necessary to call
+ ** GetLastError().
+ */
+ dwRet = osSetFilePointer(pFile->h, lowerBits, &upperBits, FILE_BEGIN);
+
+ if( (dwRet==INVALID_SET_FILE_POINTER
+ && ((lastErrno = osGetLastError())!=NO_ERROR)) ){
+ pFile->lastErrno = lastErrno;
+ winLogError(SQLITE_IOERR_SEEK, pFile->lastErrno,
+ "winSeekFile", pFile->zPath);
+ OSTRACE(("SEEK file=%p, rc=SQLITE_IOERR_SEEK\n", pFile->h));
+ return 1;
+ }
+
+ OSTRACE(("SEEK file=%p, rc=SQLITE_OK\n", pFile->h));
+ return 0;
+#else
+ /*
+ ** Same as above, except that this implementation works for WinRT.
+ */
+
+ LARGE_INTEGER x; /* The new offset */
+ BOOL bRet; /* Value returned by SetFilePointerEx() */
+
+ x.QuadPart = iOffset;
+ bRet = osSetFilePointerEx(pFile->h, x, 0, FILE_BEGIN);
+
+ if(!bRet){
+ pFile->lastErrno = osGetLastError();
+ winLogError(SQLITE_IOERR_SEEK, pFile->lastErrno,
+ "winSeekFile", pFile->zPath);
+ OSTRACE(("SEEK file=%p, rc=SQLITE_IOERR_SEEK\n", pFile->h));
+ return 1;
+ }
+
+ OSTRACE(("SEEK file=%p, rc=SQLITE_OK\n", pFile->h));
+ return 0;
+#endif
+}
+
+#if SQLITE_MAX_MMAP_SIZE>0
+/* Forward references to VFS helper methods used for memory mapped files */
+static int winMapfile(winFile*, sqlite3_int64);
+static int winUnmapfile(winFile*);
+#endif
+
+/*
+** Close a file.
+**
+** It is reported that an attempt to close a handle might sometimes
+** fail. This is a very unreasonable result, but Windows is notorious
+** for being unreasonable so I do not doubt that it might happen. If
+** the close fails, we pause for 100 milliseconds and try again. As
+** many as MX_CLOSE_ATTEMPT attempts to close the handle are made before
+** giving up and returning an error.
+*/
+#define MX_CLOSE_ATTEMPT 3
+static int winClose(sqlite3_file *id){
+ int rc, cnt = 0;
+ winFile *pFile = (winFile*)id;
+
+ assert( id!=0 );
+#ifndef SQLITE_OMIT_WAL
+ assert( pFile->pShm==0 );
+#endif
+ assert( pFile->h!=NULL && pFile->h!=INVALID_HANDLE_VALUE );
+ OSTRACE(("CLOSE pid=%lu, pFile=%p, file=%p\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ winUnmapfile(pFile);
+#endif
+
+ do{
+ rc = osCloseHandle(pFile->h);
+ /* SimulateIOError( rc=0; cnt=MX_CLOSE_ATTEMPT; ); */
+ }while( rc==0 && ++cnt < MX_CLOSE_ATTEMPT && (sqlite3_win32_sleep(100), 1) );
+#if SQLITE_OS_WINCE
+#define WINCE_DELETION_ATTEMPTS 3
+ winceDestroyLock(pFile);
+ if( pFile->zDeleteOnClose ){
+ int cnt = 0;
+ while(
+ osDeleteFileW(pFile->zDeleteOnClose)==0
+ && osGetFileAttributesW(pFile->zDeleteOnClose)!=0xffffffff
+ && cnt++ < WINCE_DELETION_ATTEMPTS
+ ){
+ sqlite3_win32_sleep(100); /* Wait a little before trying again */
+ }
+ sqlite3_free(pFile->zDeleteOnClose);
+ }
+#endif
+ if( rc ){
+ pFile->h = NULL;
+ }
+ OpenCounter(-1);
+ OSTRACE(("CLOSE pid=%lu, pFile=%p, file=%p, rc=%s\n",
+ osGetCurrentProcessId(), pFile, pFile->h, rc ? "ok" : "failed"));
+ return rc ? SQLITE_OK
+ : winLogError(SQLITE_IOERR_CLOSE, osGetLastError(),
+ "winClose", pFile->zPath);
+}
+
+/*
+** Read data from a file into a buffer. Return SQLITE_OK if all
+** bytes were read successfully and SQLITE_IOERR if anything goes
+** wrong.
+*/
+static int winRead(
+ sqlite3_file *id, /* File to read from */
+ void *pBuf, /* Write content into this buffer */
+ int amt, /* Number of bytes to read */
+ sqlite3_int64 offset /* Begin reading at this offset */
+){
+#if !SQLITE_OS_WINCE && !defined(SQLITE_WIN32_NO_OVERLAPPED)
+ OVERLAPPED overlapped; /* The offset for ReadFile. */
+#endif
+ winFile *pFile = (winFile*)id; /* file handle */
+ DWORD nRead; /* Number of bytes actually read from file */
+ int nRetry = 0; /* Number of retrys */
+
+ assert( id!=0 );
+ assert( amt>0 );
+ assert( offset>=0 );
+ SimulateIOError(return SQLITE_IOERR_READ);
+ OSTRACE(("READ pid=%lu, pFile=%p, file=%p, buffer=%p, amount=%d, "
+ "offset=%lld, lock=%d\n", osGetCurrentProcessId(), pFile,
+ pFile->h, pBuf, amt, offset, pFile->locktype));
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ /* Deal with as much of this read request as possible by transfering
+ ** data from the memory mapping using memcpy(). */
+ if( offset<pFile->mmapSize ){
+ if( offset+amt <= pFile->mmapSize ){
+ memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], amt);
+ OSTRACE(("READ-MMAP pid=%lu, pFile=%p, file=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_OK;
+ }else{
+ int nCopy = (int)(pFile->mmapSize - offset);
+ memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], nCopy);
+ pBuf = &((u8 *)pBuf)[nCopy];
+ amt -= nCopy;
+ offset += nCopy;
+ }
+ }
+#endif
+
+#if SQLITE_OS_WINCE || defined(SQLITE_WIN32_NO_OVERLAPPED)
+ if( winSeekFile(pFile, offset) ){
+ OSTRACE(("READ pid=%lu, pFile=%p, file=%p, rc=SQLITE_FULL\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_FULL;
+ }
+ while( !osReadFile(pFile->h, pBuf, amt, &nRead, 0) ){
+#else
+ memset(&overlapped, 0, sizeof(OVERLAPPED));
+ overlapped.Offset = (LONG)(offset & 0xffffffff);
+ overlapped.OffsetHigh = (LONG)((offset>>32) & 0x7fffffff);
+ while( !osReadFile(pFile->h, pBuf, amt, &nRead, &overlapped) &&
+ osGetLastError()!=ERROR_HANDLE_EOF ){
+#endif
+ DWORD lastErrno;
+ if( winRetryIoerr(&nRetry, &lastErrno) ) continue;
+ pFile->lastErrno = lastErrno;
+ OSTRACE(("READ pid=%lu, pFile=%p, file=%p, rc=SQLITE_IOERR_READ\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return winLogError(SQLITE_IOERR_READ, pFile->lastErrno,
+ "winRead", pFile->zPath);
+ }
+ winLogIoerr(nRetry, __LINE__);
+ if( nRead<(DWORD)amt ){
+ /* Unread parts of the buffer must be zero-filled */
+ memset(&((char*)pBuf)[nRead], 0, amt-nRead);
+ OSTRACE(("READ pid=%lu, pFile=%p, file=%p, rc=SQLITE_IOERR_SHORT_READ\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_IOERR_SHORT_READ;
+ }
+
+ OSTRACE(("READ pid=%lu, pFile=%p, file=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_OK;
+}
+
+/*
+** Write data from a buffer into a file. Return SQLITE_OK on success
+** or some other error code on failure.
+*/
+static int winWrite(
+ sqlite3_file *id, /* File to write into */
+ const void *pBuf, /* The bytes to be written */
+ int amt, /* Number of bytes to write */
+ sqlite3_int64 offset /* Offset into the file to begin writing at */
+){
+ int rc = 0; /* True if error has occurred, else false */
+ winFile *pFile = (winFile*)id; /* File handle */
+ int nRetry = 0; /* Number of retries */
+
+ assert( amt>0 );
+ assert( pFile );
+ SimulateIOError(return SQLITE_IOERR_WRITE);
+ SimulateDiskfullError(return SQLITE_FULL);
+
+ OSTRACE(("WRITE pid=%lu, pFile=%p, file=%p, buffer=%p, amount=%d, "
+ "offset=%lld, lock=%d\n", osGetCurrentProcessId(), pFile,
+ pFile->h, pBuf, amt, offset, pFile->locktype));
+
+#if defined(SQLITE_MMAP_READWRITE) && SQLITE_MAX_MMAP_SIZE>0
+ /* Deal with as much of this write request as possible by transfering
+ ** data from the memory mapping using memcpy(). */
+ if( offset<pFile->mmapSize ){
+ if( offset+amt <= pFile->mmapSize ){
+ memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, amt);
+ OSTRACE(("WRITE-MMAP pid=%lu, pFile=%p, file=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_OK;
+ }else{
+ int nCopy = (int)(pFile->mmapSize - offset);
+ memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, nCopy);
+ pBuf = &((u8 *)pBuf)[nCopy];
+ amt -= nCopy;
+ offset += nCopy;
+ }
+ }
+#endif
+
+#if SQLITE_OS_WINCE || defined(SQLITE_WIN32_NO_OVERLAPPED)
+ rc = winSeekFile(pFile, offset);
+ if( rc==0 ){
+#else
+ {
+#endif
+#if !SQLITE_OS_WINCE && !defined(SQLITE_WIN32_NO_OVERLAPPED)
+ OVERLAPPED overlapped; /* The offset for WriteFile. */
+#endif
+ u8 *aRem = (u8 *)pBuf; /* Data yet to be written */
+ int nRem = amt; /* Number of bytes yet to be written */
+ DWORD nWrite; /* Bytes written by each WriteFile() call */
+ DWORD lastErrno = NO_ERROR; /* Value returned by GetLastError() */
+
+#if !SQLITE_OS_WINCE && !defined(SQLITE_WIN32_NO_OVERLAPPED)
+ memset(&overlapped, 0, sizeof(OVERLAPPED));
+ overlapped.Offset = (LONG)(offset & 0xffffffff);
+ overlapped.OffsetHigh = (LONG)((offset>>32) & 0x7fffffff);
+#endif
+
+ while( nRem>0 ){
+#if SQLITE_OS_WINCE || defined(SQLITE_WIN32_NO_OVERLAPPED)
+ if( !osWriteFile(pFile->h, aRem, nRem, &nWrite, 0) ){
+#else
+ if( !osWriteFile(pFile->h, aRem, nRem, &nWrite, &overlapped) ){
+#endif
+ if( winRetryIoerr(&nRetry, &lastErrno) ) continue;
+ break;
+ }
+ assert( nWrite==0 || nWrite<=(DWORD)nRem );
+ if( nWrite==0 || nWrite>(DWORD)nRem ){
+ lastErrno = osGetLastError();
+ break;
+ }
+#if !SQLITE_OS_WINCE && !defined(SQLITE_WIN32_NO_OVERLAPPED)
+ offset += nWrite;
+ overlapped.Offset = (LONG)(offset & 0xffffffff);
+ overlapped.OffsetHigh = (LONG)((offset>>32) & 0x7fffffff);
+#endif
+ aRem += nWrite;
+ nRem -= nWrite;
+ }
+ if( nRem>0 ){
+ pFile->lastErrno = lastErrno;
+ rc = 1;
+ }
+ }
+
+ if( rc ){
+ if( ( pFile->lastErrno==ERROR_HANDLE_DISK_FULL )
+ || ( pFile->lastErrno==ERROR_DISK_FULL )){
+ OSTRACE(("WRITE pid=%lu, pFile=%p, file=%p, rc=SQLITE_FULL\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return winLogError(SQLITE_FULL, pFile->lastErrno,
+ "winWrite1", pFile->zPath);
+ }
+ OSTRACE(("WRITE pid=%lu, pFile=%p, file=%p, rc=SQLITE_IOERR_WRITE\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return winLogError(SQLITE_IOERR_WRITE, pFile->lastErrno,
+ "winWrite2", pFile->zPath);
+ }else{
+ winLogIoerr(nRetry, __LINE__);
+ }
+ OSTRACE(("WRITE pid=%lu, pFile=%p, file=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_OK;
+}
+
+/*
+** Truncate an open file to a specified size
+*/
+static int winTruncate(sqlite3_file *id, sqlite3_int64 nByte){
+ winFile *pFile = (winFile*)id; /* File handle object */
+ int rc = SQLITE_OK; /* Return code for this function */
+ DWORD lastErrno;
+
+ assert( pFile );
+ SimulateIOError(return SQLITE_IOERR_TRUNCATE);
+ OSTRACE(("TRUNCATE pid=%lu, pFile=%p, file=%p, size=%lld, lock=%d\n",
+ osGetCurrentProcessId(), pFile, pFile->h, nByte, pFile->locktype));
+
+ /* If the user has configured a chunk-size for this file, truncate the
+ ** file so that it consists of an integer number of chunks (i.e. the
+ ** actual file size after the operation may be larger than the requested
+ ** size).
+ */
+ if( pFile->szChunk>0 ){
+ nByte = ((nByte + pFile->szChunk - 1)/pFile->szChunk) * pFile->szChunk;
+ }
+
+ /* SetEndOfFile() returns non-zero when successful, or zero when it fails. */
+ if( winSeekFile(pFile, nByte) ){
+ rc = winLogError(SQLITE_IOERR_TRUNCATE, pFile->lastErrno,
+ "winTruncate1", pFile->zPath);
+ }else if( 0==osSetEndOfFile(pFile->h) &&
+ ((lastErrno = osGetLastError())!=ERROR_USER_MAPPED_FILE) ){
+ pFile->lastErrno = lastErrno;
+ rc = winLogError(SQLITE_IOERR_TRUNCATE, pFile->lastErrno,
+ "winTruncate2", pFile->zPath);
+ }
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ /* If the file was truncated to a size smaller than the currently
+ ** mapped region, reduce the effective mapping size as well. SQLite will
+ ** use read() and write() to access data beyond this point from now on.
+ */
+ if( pFile->pMapRegion && nByte<pFile->mmapSize ){
+ pFile->mmapSize = nByte;
+ }
+#endif
+
+ OSTRACE(("TRUNCATE pid=%lu, pFile=%p, file=%p, rc=%s\n",
+ osGetCurrentProcessId(), pFile, pFile->h, sqlite3ErrName(rc)));
+ return rc;
+}
+
+#ifdef SQLITE_TEST
+/*
+** Count the number of fullsyncs and normal syncs. This is used to test
+** that syncs and fullsyncs are occuring at the right times.
+*/
+SQLITE_API int sqlite3_sync_count = 0;
+SQLITE_API int sqlite3_fullsync_count = 0;
+#endif
+
+/*
+** Make sure all writes to a particular file are committed to disk.
+*/
+static int winSync(sqlite3_file *id, int flags){
+#ifndef SQLITE_NO_SYNC
+ /*
+ ** Used only when SQLITE_NO_SYNC is not defined.
+ */
+ BOOL rc;
+#endif
+#if !defined(NDEBUG) || !defined(SQLITE_NO_SYNC) || \
+ defined(SQLITE_HAVE_OS_TRACE)
+ /*
+ ** Used when SQLITE_NO_SYNC is not defined and by the assert() and/or
+ ** OSTRACE() macros.
+ */
+ winFile *pFile = (winFile*)id;
+#else
+ UNUSED_PARAMETER(id);
+#endif
+
+ assert( pFile );
+ /* Check that one of SQLITE_SYNC_NORMAL or FULL was passed */
+ assert((flags&0x0F)==SQLITE_SYNC_NORMAL
+ || (flags&0x0F)==SQLITE_SYNC_FULL
+ );
+
+ /* Unix cannot, but some systems may return SQLITE_FULL from here. This
+ ** line is to test that doing so does not cause any problems.
+ */
+ SimulateDiskfullError( return SQLITE_FULL );
+
+ OSTRACE(("SYNC pid=%lu, pFile=%p, file=%p, flags=%x, lock=%d\n",
+ osGetCurrentProcessId(), pFile, pFile->h, flags,
+ pFile->locktype));
+
+#ifndef SQLITE_TEST
+ UNUSED_PARAMETER(flags);
+#else
+ if( (flags&0x0F)==SQLITE_SYNC_FULL ){
+ sqlite3_fullsync_count++;
+ }
+ sqlite3_sync_count++;
+#endif
+
+ /* If we compiled with the SQLITE_NO_SYNC flag, then syncing is a
+ ** no-op
+ */
+#ifdef SQLITE_NO_SYNC
+ OSTRACE(("SYNC-NOP pid=%lu, pFile=%p, file=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_OK;
+#else
+#if SQLITE_MAX_MMAP_SIZE>0
+ if( pFile->pMapRegion ){
+ if( osFlushViewOfFile(pFile->pMapRegion, 0) ){
+ OSTRACE(("SYNC-MMAP pid=%lu, pFile=%p, pMapRegion=%p, "
+ "rc=SQLITE_OK\n", osGetCurrentProcessId(),
+ pFile, pFile->pMapRegion));
+ }else{
+ pFile->lastErrno = osGetLastError();
+ OSTRACE(("SYNC-MMAP pid=%lu, pFile=%p, pMapRegion=%p, "
+ "rc=SQLITE_IOERR_MMAP\n", osGetCurrentProcessId(),
+ pFile, pFile->pMapRegion));
+ return winLogError(SQLITE_IOERR_MMAP, pFile->lastErrno,
+ "winSync1", pFile->zPath);
+ }
+ }
+#endif
+ rc = osFlushFileBuffers(pFile->h);
+ SimulateIOError( rc=FALSE );
+ if( rc ){
+ OSTRACE(("SYNC pid=%lu, pFile=%p, file=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return SQLITE_OK;
+ }else{
+ pFile->lastErrno = osGetLastError();
+ OSTRACE(("SYNC pid=%lu, pFile=%p, file=%p, rc=SQLITE_IOERR_FSYNC\n",
+ osGetCurrentProcessId(), pFile, pFile->h));
+ return winLogError(SQLITE_IOERR_FSYNC, pFile->lastErrno,
+ "winSync2", pFile->zPath);
+ }
+#endif
+}
+
+/*
+** Determine the current size of a file in bytes
+*/
+static int winFileSize(sqlite3_file *id, sqlite3_int64 *pSize){
+ winFile *pFile = (winFile*)id;
+ int rc = SQLITE_OK;
+
+ assert( id!=0 );
+ assert( pSize!=0 );
+ SimulateIOError(return SQLITE_IOERR_FSTAT);
+ OSTRACE(("SIZE file=%p, pSize=%p\n", pFile->h, pSize));
+
+#if SQLITE_OS_WINRT
+ {
+ FILE_STANDARD_INFO info;
+ if( osGetFileInformationByHandleEx(pFile->h, FileStandardInfo,
+ &info, sizeof(info)) ){
+ *pSize = info.EndOfFile.QuadPart;
+ }else{
+ pFile->lastErrno = osGetLastError();
+ rc = winLogError(SQLITE_IOERR_FSTAT, pFile->lastErrno,
+ "winFileSize", pFile->zPath);
+ }
+ }
+#else
+ {
+ DWORD upperBits;
+ DWORD lowerBits;
+ DWORD lastErrno;
+
+ lowerBits = osGetFileSize(pFile->h, &upperBits);
+ *pSize = (((sqlite3_int64)upperBits)<<32) + lowerBits;
+ if( (lowerBits == INVALID_FILE_SIZE)
+ && ((lastErrno = osGetLastError())!=NO_ERROR) ){
+ pFile->lastErrno = lastErrno;
+ rc = winLogError(SQLITE_IOERR_FSTAT, pFile->lastErrno,
+ "winFileSize", pFile->zPath);
+ }
+ }
+#endif
+ OSTRACE(("SIZE file=%p, pSize=%p, *pSize=%lld, rc=%s\n",
+ pFile->h, pSize, *pSize, sqlite3ErrName(rc)));
+ return rc;
+}
+
+/*
+** LOCKFILE_FAIL_IMMEDIATELY is undefined on some Windows systems.
+*/
+#ifndef LOCKFILE_FAIL_IMMEDIATELY
+# define LOCKFILE_FAIL_IMMEDIATELY 1
+#endif
+
+#ifndef LOCKFILE_EXCLUSIVE_LOCK
+# define LOCKFILE_EXCLUSIVE_LOCK 2
+#endif
+
+/*
+** Historically, SQLite has used both the LockFile and LockFileEx functions.
+** When the LockFile function was used, it was always expected to fail
+** immediately if the lock could not be obtained. Also, it always expected to
+** obtain an exclusive lock. These flags are used with the LockFileEx function
+** and reflect those expectations; therefore, they should not be changed.
+*/
+#ifndef SQLITE_LOCKFILE_FLAGS
+# define SQLITE_LOCKFILE_FLAGS (LOCKFILE_FAIL_IMMEDIATELY | \
+ LOCKFILE_EXCLUSIVE_LOCK)
+#endif
+
+/*
+** Currently, SQLite never calls the LockFileEx function without wanting the
+** call to fail immediately if the lock cannot be obtained.
+*/
+#ifndef SQLITE_LOCKFILEEX_FLAGS
+# define SQLITE_LOCKFILEEX_FLAGS (LOCKFILE_FAIL_IMMEDIATELY)
+#endif
+
+/*
+** Acquire a reader lock.
+** Different API routines are called depending on whether or not this
+** is Win9x or WinNT.
+*/
+static int winGetReadLock(winFile *pFile){
+ int res;
+ OSTRACE(("READ-LOCK file=%p, lock=%d\n", pFile->h, pFile->locktype));
+ if( osIsNT() ){
+#if SQLITE_OS_WINCE
+ /*
+ ** NOTE: Windows CE is handled differently here due its lack of the Win32
+ ** API LockFileEx.
+ */
+ res = winceLockFile(&pFile->h, SHARED_FIRST, 0, 1, 0);
+#else
+ res = winLockFile(&pFile->h, SQLITE_LOCKFILEEX_FLAGS, SHARED_FIRST, 0,
+ SHARED_SIZE, 0);
+#endif
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ int lk;
+ sqlite3_randomness(sizeof(lk), &lk);
+ pFile->sharedLockByte = (short)((lk & 0x7fffffff)%(SHARED_SIZE - 1));
+ res = winLockFile(&pFile->h, SQLITE_LOCKFILE_FLAGS,
+ SHARED_FIRST+pFile->sharedLockByte, 0, 1, 0);
+ }
+#endif
+ if( res == 0 ){
+ pFile->lastErrno = osGetLastError();
+ /* No need to log a failure to lock */
+ }
+ OSTRACE(("READ-LOCK file=%p, result=%d\n", pFile->h, res));
+ return res;
+}
+
+/*
+** Undo a readlock
+*/
+static int winUnlockReadLock(winFile *pFile){
+ int res;
+ DWORD lastErrno;
+ OSTRACE(("READ-UNLOCK file=%p, lock=%d\n", pFile->h, pFile->locktype));
+ if( osIsNT() ){
+ res = winUnlockFile(&pFile->h, SHARED_FIRST, 0, SHARED_SIZE, 0);
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ res = winUnlockFile(&pFile->h, SHARED_FIRST+pFile->sharedLockByte, 0, 1, 0);
+ }
+#endif
+ if( res==0 && ((lastErrno = osGetLastError())!=ERROR_NOT_LOCKED) ){
+ pFile->lastErrno = lastErrno;
+ winLogError(SQLITE_IOERR_UNLOCK, pFile->lastErrno,
+ "winUnlockReadLock", pFile->zPath);
+ }
+ OSTRACE(("READ-UNLOCK file=%p, result=%d\n", pFile->h, res));
+ return res;
+}
+
+/*
+** Lock the file with the lock specified by parameter locktype - one
+** of the following:
+**
+** (1) SHARED_LOCK
+** (2) RESERVED_LOCK
+** (3) PENDING_LOCK
+** (4) EXCLUSIVE_LOCK
+**
+** Sometimes when requesting one lock state, additional lock states
+** are inserted in between. The locking might fail on one of the later
+** transitions leaving the lock state different from what it started but
+** still short of its goal. The following chart shows the allowed
+** transitions and the inserted intermediate states:
+**
+** UNLOCKED -> SHARED
+** SHARED -> RESERVED
+** SHARED -> (PENDING) -> EXCLUSIVE
+** RESERVED -> (PENDING) -> EXCLUSIVE
+** PENDING -> EXCLUSIVE
+**
+** This routine will only increase a lock. The winUnlock() routine
+** erases all locks at once and returns us immediately to locking level 0.
+** It is not possible to lower the locking level one step at a time. You
+** must go straight to locking level 0.
+*/
+static int winLock(sqlite3_file *id, int locktype){
+ int rc = SQLITE_OK; /* Return code from subroutines */
+ int res = 1; /* Result of a Windows lock call */
+ int newLocktype; /* Set pFile->locktype to this value before exiting */
+ int gotPendingLock = 0;/* True if we acquired a PENDING lock this time */
+ winFile *pFile = (winFile*)id;
+ DWORD lastErrno = NO_ERROR;
+
+ assert( id!=0 );
+ OSTRACE(("LOCK file=%p, oldLock=%d(%d), newLock=%d\n",
+ pFile->h, pFile->locktype, pFile->sharedLockByte, locktype));
+
+ /* If there is already a lock of this type or more restrictive on the
+ ** OsFile, do nothing. Don't use the end_lock: exit path, as
+ ** sqlite3OsEnterMutex() hasn't been called yet.
+ */
+ if( pFile->locktype>=locktype ){
+ OSTRACE(("LOCK-HELD file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+
+ /* Do not allow any kind of write-lock on a read-only database
+ */
+ if( (pFile->ctrlFlags & WINFILE_RDONLY)!=0 && locktype>=RESERVED_LOCK ){
+ return SQLITE_IOERR_LOCK;
+ }
+
+ /* Make sure the locking sequence is correct
+ */
+ assert( pFile->locktype!=NO_LOCK || locktype==SHARED_LOCK );
+ assert( locktype!=PENDING_LOCK );
+ assert( locktype!=RESERVED_LOCK || pFile->locktype==SHARED_LOCK );
+
+ /* Lock the PENDING_LOCK byte if we need to acquire a PENDING lock or
+ ** a SHARED lock. If we are acquiring a SHARED lock, the acquisition of
+ ** the PENDING_LOCK byte is temporary.
+ */
+ newLocktype = pFile->locktype;
+ if( (pFile->locktype==NO_LOCK)
+ || ( (locktype==EXCLUSIVE_LOCK)
+ && (pFile->locktype==RESERVED_LOCK))
+ ){
+ int cnt = 3;
+ while( cnt-->0 && (res = winLockFile(&pFile->h, SQLITE_LOCKFILE_FLAGS,
+ PENDING_BYTE, 0, 1, 0))==0 ){
+ /* Try 3 times to get the pending lock. This is needed to work
+ ** around problems caused by indexing and/or anti-virus software on
+ ** Windows systems.
+ ** If you are using this code as a model for alternative VFSes, do not
+ ** copy this retry logic. It is a hack intended for Windows only.
+ */
+ lastErrno = osGetLastError();
+ OSTRACE(("LOCK-PENDING-FAIL file=%p, count=%d, result=%d\n",
+ pFile->h, cnt, res));
+ if( lastErrno==ERROR_INVALID_HANDLE ){
+ pFile->lastErrno = lastErrno;
+ rc = SQLITE_IOERR_LOCK;
+ OSTRACE(("LOCK-FAIL file=%p, count=%d, rc=%s\n",
+ pFile->h, cnt, sqlite3ErrName(rc)));
+ return rc;
+ }
+ if( cnt ) sqlite3_win32_sleep(1);
+ }
+ gotPendingLock = res;
+ if( !res ){
+ lastErrno = osGetLastError();
+ }
+ }
+
+ /* Acquire a shared lock
+ */
+ if( locktype==SHARED_LOCK && res ){
+ assert( pFile->locktype==NO_LOCK );
+ res = winGetReadLock(pFile);
+ if( res ){
+ newLocktype = SHARED_LOCK;
+ }else{
+ lastErrno = osGetLastError();
+ }
+ }
+
+ /* Acquire a RESERVED lock
+ */
+ if( locktype==RESERVED_LOCK && res ){
+ assert( pFile->locktype==SHARED_LOCK );
+ res = winLockFile(&pFile->h, SQLITE_LOCKFILE_FLAGS, RESERVED_BYTE, 0, 1, 0);
+ if( res ){
+ newLocktype = RESERVED_LOCK;
+ }else{
+ lastErrno = osGetLastError();
+ }
+ }
+
+ /* Acquire a PENDING lock
+ */
+ if( locktype==EXCLUSIVE_LOCK && res ){
+ newLocktype = PENDING_LOCK;
+ gotPendingLock = 0;
+ }
+
+ /* Acquire an EXCLUSIVE lock
+ */
+ if( locktype==EXCLUSIVE_LOCK && res ){
+ assert( pFile->locktype>=SHARED_LOCK );
+ res = winUnlockReadLock(pFile);
+ res = winLockFile(&pFile->h, SQLITE_LOCKFILE_FLAGS, SHARED_FIRST, 0,
+ SHARED_SIZE, 0);
+ if( res ){
+ newLocktype = EXCLUSIVE_LOCK;
+ }else{
+ lastErrno = osGetLastError();
+ winGetReadLock(pFile);
+ }
+ }
+
+ /* If we are holding a PENDING lock that ought to be released, then
+ ** release it now.
+ */
+ if( gotPendingLock && locktype==SHARED_LOCK ){
+ winUnlockFile(&pFile->h, PENDING_BYTE, 0, 1, 0);
+ }
+
+ /* Update the state of the lock has held in the file descriptor then
+ ** return the appropriate result code.
+ */
+ if( res ){
+ rc = SQLITE_OK;
+ }else{
+ pFile->lastErrno = lastErrno;
+ rc = SQLITE_BUSY;
+ OSTRACE(("LOCK-FAIL file=%p, wanted=%d, got=%d\n",
+ pFile->h, locktype, newLocktype));
+ }
+ pFile->locktype = (u8)newLocktype;
+ OSTRACE(("LOCK file=%p, lock=%d, rc=%s\n",
+ pFile->h, pFile->locktype, sqlite3ErrName(rc)));
+ return rc;
+}
+
+/*
+** This routine checks if there is a RESERVED lock held on the specified
+** file by this or any other process. If such a lock is held, return
+** non-zero, otherwise zero.
+*/
+static int winCheckReservedLock(sqlite3_file *id, int *pResOut){
+ int res;
+ winFile *pFile = (winFile*)id;
+
+ SimulateIOError( return SQLITE_IOERR_CHECKRESERVEDLOCK; );
+ OSTRACE(("TEST-WR-LOCK file=%p, pResOut=%p\n", pFile->h, pResOut));
+
+ assert( id!=0 );
+ if( pFile->locktype>=RESERVED_LOCK ){
+ res = 1;
+ OSTRACE(("TEST-WR-LOCK file=%p, result=%d (local)\n", pFile->h, res));
+ }else{
+ res = winLockFile(&pFile->h, SQLITE_LOCKFILEEX_FLAGS,RESERVED_BYTE,0,1,0);
+ if( res ){
+ winUnlockFile(&pFile->h, RESERVED_BYTE, 0, 1, 0);
+ }
+ res = !res;
+ OSTRACE(("TEST-WR-LOCK file=%p, result=%d (remote)\n", pFile->h, res));
+ }
+ *pResOut = res;
+ OSTRACE(("TEST-WR-LOCK file=%p, pResOut=%p, *pResOut=%d, rc=SQLITE_OK\n",
+ pFile->h, pResOut, *pResOut));
+ return SQLITE_OK;
+}
+
+/*
+** Lower the locking level on file descriptor id to locktype. locktype
+** must be either NO_LOCK or SHARED_LOCK.
+**
+** If the locking level of the file descriptor is already at or below
+** the requested locking level, this routine is a no-op.
+**
+** It is not possible for this routine to fail if the second argument
+** is NO_LOCK. If the second argument is SHARED_LOCK then this routine
+** might return SQLITE_IOERR;
+*/
+static int winUnlock(sqlite3_file *id, int locktype){
+ int type;
+ winFile *pFile = (winFile*)id;
+ int rc = SQLITE_OK;
+ assert( pFile!=0 );
+ assert( locktype<=SHARED_LOCK );
+ OSTRACE(("UNLOCK file=%p, oldLock=%d(%d), newLock=%d\n",
+ pFile->h, pFile->locktype, pFile->sharedLockByte, locktype));
+ type = pFile->locktype;
+ if( type>=EXCLUSIVE_LOCK ){
+ winUnlockFile(&pFile->h, SHARED_FIRST, 0, SHARED_SIZE, 0);
+ if( locktype==SHARED_LOCK && !winGetReadLock(pFile) ){
+ /* This should never happen. We should always be able to
+ ** reacquire the read lock */
+ rc = winLogError(SQLITE_IOERR_UNLOCK, osGetLastError(),
+ "winUnlock", pFile->zPath);
+ }
+ }
+ if( type>=RESERVED_LOCK ){
+ winUnlockFile(&pFile->h, RESERVED_BYTE, 0, 1, 0);
+ }
+ if( locktype==NO_LOCK && type>=SHARED_LOCK ){
+ winUnlockReadLock(pFile);
+ }
+ if( type>=PENDING_LOCK ){
+ winUnlockFile(&pFile->h, PENDING_BYTE, 0, 1, 0);
+ }
+ pFile->locktype = (u8)locktype;
+ OSTRACE(("UNLOCK file=%p, lock=%d, rc=%s\n",
+ pFile->h, pFile->locktype, sqlite3ErrName(rc)));
+ return rc;
+}
+
+/*
+** If *pArg is initially negative then this is a query. Set *pArg to
+** 1 or 0 depending on whether or not bit mask of pFile->ctrlFlags is set.
+**
+** If *pArg is 0 or 1, then clear or set the mask bit of pFile->ctrlFlags.
+*/
+static void winModeBit(winFile *pFile, unsigned char mask, int *pArg){
+ if( *pArg<0 ){
+ *pArg = (pFile->ctrlFlags & mask)!=0;
+ }else if( (*pArg)==0 ){
+ pFile->ctrlFlags &= ~mask;
+ }else{
+ pFile->ctrlFlags |= mask;
+ }
+}
+
+/* Forward references to VFS helper methods used for temporary files */
+static int winGetTempname(sqlite3_vfs *, char **);
+static int winIsDir(const void *);
+static BOOL winIsDriveLetterAndColon(const char *);
+
+/*
+** Control and query of the open file handle.
+*/
+static int winFileControl(sqlite3_file *id, int op, void *pArg){
+ winFile *pFile = (winFile*)id;
+ OSTRACE(("FCNTL file=%p, op=%d, pArg=%p\n", pFile->h, op, pArg));
+ switch( op ){
+ case SQLITE_FCNTL_LOCKSTATE: {
+ *(int*)pArg = pFile->locktype;
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_LAST_ERRNO: {
+ *(int*)pArg = (int)pFile->lastErrno;
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_CHUNK_SIZE: {
+ pFile->szChunk = *(int *)pArg;
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_SIZE_HINT: {
+ if( pFile->szChunk>0 ){
+ sqlite3_int64 oldSz;
+ int rc = winFileSize(id, &oldSz);
+ if( rc==SQLITE_OK ){
+ sqlite3_int64 newSz = *(sqlite3_int64*)pArg;
+ if( newSz>oldSz ){
+ SimulateIOErrorBenign(1);
+ rc = winTruncate(id, newSz);
+ SimulateIOErrorBenign(0);
+ }
+ }
+ OSTRACE(("FCNTL file=%p, rc=%s\n", pFile->h, sqlite3ErrName(rc)));
+ return rc;
+ }
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_PERSIST_WAL: {
+ winModeBit(pFile, WINFILE_PERSIST_WAL, (int*)pArg);
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_POWERSAFE_OVERWRITE: {
+ winModeBit(pFile, WINFILE_PSOW, (int*)pArg);
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_VFSNAME: {
+ *(char**)pArg = sqlite3_mprintf("%s", pFile->pVfs->zName);
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+ case SQLITE_FCNTL_WIN32_AV_RETRY: {
+ int *a = (int*)pArg;
+ if( a[0]>0 ){
+ winIoerrRetry = a[0];
+ }else{
+ a[0] = winIoerrRetry;
+ }
+ if( a[1]>0 ){
+ winIoerrRetryDelay = a[1];
+ }else{
+ a[1] = winIoerrRetryDelay;
+ }
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_OK\n", pFile->h));
+ return SQLITE_OK;
+ }
+#ifdef SQLITE_TEST
+ case SQLITE_FCNTL_WIN32_SET_HANDLE: {
+ LPHANDLE phFile = (LPHANDLE)pArg;
+ HANDLE hOldFile = pFile->h;
+ pFile->h = *phFile;
+ *phFile = hOldFile;
+ OSTRACE(("FCNTL oldFile=%p, newFile=%p, rc=SQLITE_OK\n",
+ hOldFile, pFile->h));
+ return SQLITE_OK;
+ }
+#endif
+ case SQLITE_FCNTL_TEMPFILENAME: {
+ char *zTFile = 0;
+ int rc = winGetTempname(pFile->pVfs, &zTFile);
+ if( rc==SQLITE_OK ){
+ *(char**)pArg = zTFile;
+ }
+ OSTRACE(("FCNTL file=%p, rc=%s\n", pFile->h, sqlite3ErrName(rc)));
+ return rc;
+ }
+#if SQLITE_MAX_MMAP_SIZE>0
+ case SQLITE_FCNTL_MMAP_SIZE: {
+ i64 newLimit = *(i64*)pArg;
+ int rc = SQLITE_OK;
+ if( newLimit>sqlite3GlobalConfig.mxMmap ){
+ newLimit = sqlite3GlobalConfig.mxMmap;
+ }
+ *(i64*)pArg = pFile->mmapSizeMax;
+ if( newLimit>=0 && newLimit!=pFile->mmapSizeMax && pFile->nFetchOut==0 ){
+ pFile->mmapSizeMax = newLimit;
+ if( pFile->mmapSize>0 ){
+ winUnmapfile(pFile);
+ rc = winMapfile(pFile, -1);
+ }
+ }
+ OSTRACE(("FCNTL file=%p, rc=%s\n", pFile->h, sqlite3ErrName(rc)));
+ return rc;
+ }
+#endif
+ }
+ OSTRACE(("FCNTL file=%p, rc=SQLITE_NOTFOUND\n", pFile->h));
+ return SQLITE_NOTFOUND;
+}
+
+/*
+** Return the sector size in bytes of the underlying block device for
+** the specified file. This is almost always 512 bytes, but may be
+** larger for some devices.
+**
+** SQLite code assumes this function cannot fail. It also assumes that
+** if two files are created in the same file-system directory (i.e.
+** a database and its journal file) that the sector size will be the
+** same for both.
+*/
+static int winSectorSize(sqlite3_file *id){
+ (void)id;
+ return SQLITE_DEFAULT_SECTOR_SIZE;
+}
+
+/*
+** Return a vector of device characteristics.
+*/
+static int winDeviceCharacteristics(sqlite3_file *id){
+ winFile *p = (winFile*)id;
+ return SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN |
+ ((p->ctrlFlags & WINFILE_PSOW)?SQLITE_IOCAP_POWERSAFE_OVERWRITE:0);
+}
+
+/*
+** Windows will only let you create file view mappings
+** on allocation size granularity boundaries.
+** During sqlite3_os_init() we do a GetSystemInfo()
+** to get the granularity size.
+*/
+static SYSTEM_INFO winSysInfo;
+
+#ifndef SQLITE_OMIT_WAL
+
+/*
+** Helper functions to obtain and relinquish the global mutex. The
+** global mutex is used to protect the winLockInfo objects used by
+** this file, all of which may be shared by multiple threads.
+**
+** Function winShmMutexHeld() is used to assert() that the global mutex
+** is held when required. This function is only used as part of assert()
+** statements. e.g.
+**
+** winShmEnterMutex()
+** assert( winShmMutexHeld() );
+** winShmLeaveMutex()
+*/
+static void winShmEnterMutex(void){
+ sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1));
+}
+static void winShmLeaveMutex(void){
+ sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1));
+}
+#ifndef NDEBUG
+static int winShmMutexHeld(void) {
+ return sqlite3_mutex_held(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1));
+}
+#endif
+
+/*
+** Object used to represent a single file opened and mmapped to provide
+** shared memory. When multiple threads all reference the same
+** log-summary, each thread has its own winFile object, but they all
+** point to a single instance of this object. In other words, each
+** log-summary is opened only once per process.
+**
+** winShmMutexHeld() must be true when creating or destroying
+** this object or while reading or writing the following fields:
+**
+** nRef
+** pNext
+**
+** The following fields are read-only after the object is created:
+**
+** fid
+** zFilename
+**
+** Either winShmNode.mutex must be held or winShmNode.nRef==0 and
+** winShmMutexHeld() is true when reading or writing any other field
+** in this structure.
+**
+*/
+struct winShmNode {
+ sqlite3_mutex *mutex; /* Mutex to access this object */
+ char *zFilename; /* Name of the file */
+ winFile hFile; /* File handle from winOpen */
+
+ int szRegion; /* Size of shared-memory regions */
+ int nRegion; /* Size of array apRegion */
+ struct ShmRegion {
+ HANDLE hMap; /* File handle from CreateFileMapping */
+ void *pMap;
+ } *aRegion;
+ DWORD lastErrno; /* The Windows errno from the last I/O error */
+
+ int nRef; /* Number of winShm objects pointing to this */
+ winShm *pFirst; /* All winShm objects pointing to this */
+ winShmNode *pNext; /* Next in list of all winShmNode objects */
+#if defined(SQLITE_DEBUG) || defined(SQLITE_HAVE_OS_TRACE)
+ u8 nextShmId; /* Next available winShm.id value */
+#endif
+};
+
+/*
+** A global array of all winShmNode objects.
+**
+** The winShmMutexHeld() must be true while reading or writing this list.
+*/
+static winShmNode *winShmNodeList = 0;
+
+/*
+** Structure used internally by this VFS to record the state of an
+** open shared memory connection.
+**
+** The following fields are initialized when this object is created and
+** are read-only thereafter:
+**
+** winShm.pShmNode
+** winShm.id
+**
+** All other fields are read/write. The winShm.pShmNode->mutex must be held
+** while accessing any read/write fields.
+*/
+struct winShm {
+ winShmNode *pShmNode; /* The underlying winShmNode object */
+ winShm *pNext; /* Next winShm with the same winShmNode */
+ u8 hasMutex; /* True if holding the winShmNode mutex */
+ u16 sharedMask; /* Mask of shared locks held */
+ u16 exclMask; /* Mask of exclusive locks held */
+#if defined(SQLITE_DEBUG) || defined(SQLITE_HAVE_OS_TRACE)
+ u8 id; /* Id of this connection with its winShmNode */
+#endif
+};
+
+/*
+** Constants used for locking
+*/
+#define WIN_SHM_BASE ((22+SQLITE_SHM_NLOCK)*4) /* first lock byte */
+#define WIN_SHM_DMS (WIN_SHM_BASE+SQLITE_SHM_NLOCK) /* deadman switch */
+
+/*
+** Apply advisory locks for all n bytes beginning at ofst.
+*/
+#define _SHM_UNLCK 1
+#define _SHM_RDLCK 2
+#define _SHM_WRLCK 3
+static int winShmSystemLock(
+ winShmNode *pFile, /* Apply locks to this open shared-memory segment */
+ int lockType, /* _SHM_UNLCK, _SHM_RDLCK, or _SHM_WRLCK */
+ int ofst, /* Offset to first byte to be locked/unlocked */
+ int nByte /* Number of bytes to lock or unlock */
+){
+ int rc = 0; /* Result code form Lock/UnlockFileEx() */
+
+ /* Access to the winShmNode object is serialized by the caller */
+ assert( sqlite3_mutex_held(pFile->mutex) || pFile->nRef==0 );
+
+ OSTRACE(("SHM-LOCK file=%p, lock=%d, offset=%d, size=%d\n",
+ pFile->hFile.h, lockType, ofst, nByte));
+
+ /* Release/Acquire the system-level lock */
+ if( lockType==_SHM_UNLCK ){
+ rc = winUnlockFile(&pFile->hFile.h, ofst, 0, nByte, 0);
+ }else{
+ /* Initialize the locking parameters */
+ DWORD dwFlags = LOCKFILE_FAIL_IMMEDIATELY;
+ if( lockType == _SHM_WRLCK ) dwFlags |= LOCKFILE_EXCLUSIVE_LOCK;
+ rc = winLockFile(&pFile->hFile.h, dwFlags, ofst, 0, nByte, 0);
+ }
+
+ if( rc!= 0 ){
+ rc = SQLITE_OK;
+ }else{
+ pFile->lastErrno = osGetLastError();
+ rc = SQLITE_BUSY;
+ }
+
+ OSTRACE(("SHM-LOCK file=%p, func=%s, errno=%lu, rc=%s\n",
+ pFile->hFile.h, (lockType == _SHM_UNLCK) ? "winUnlockFile" :
+ "winLockFile", pFile->lastErrno, sqlite3ErrName(rc)));
+
+ return rc;
+}
+
+/* Forward references to VFS methods */
+static int winOpen(sqlite3_vfs*,const char*,sqlite3_file*,int,int*);
+static int winDelete(sqlite3_vfs *,const char*,int);
+
+/*
+** Purge the winShmNodeList list of all entries with winShmNode.nRef==0.
+**
+** This is not a VFS shared-memory method; it is a utility function called
+** by VFS shared-memory methods.
+*/
+static void winShmPurge(sqlite3_vfs *pVfs, int deleteFlag){
+ winShmNode **pp;
+ winShmNode *p;
+ assert( winShmMutexHeld() );
+ OSTRACE(("SHM-PURGE pid=%lu, deleteFlag=%d\n",
+ osGetCurrentProcessId(), deleteFlag));
+ pp = &winShmNodeList;
+ while( (p = *pp)!=0 ){
+ if( p->nRef==0 ){
+ int i;
+ if( p->mutex ){ sqlite3_mutex_free(p->mutex); }
+ for(i=0; i<p->nRegion; i++){
+ BOOL bRc = osUnmapViewOfFile(p->aRegion[i].pMap);
+ OSTRACE(("SHM-PURGE-UNMAP pid=%lu, region=%d, rc=%s\n",
+ osGetCurrentProcessId(), i, bRc ? "ok" : "failed"));
+ UNUSED_VARIABLE_VALUE(bRc);
+ bRc = osCloseHandle(p->aRegion[i].hMap);
+ OSTRACE(("SHM-PURGE-CLOSE pid=%lu, region=%d, rc=%s\n",
+ osGetCurrentProcessId(), i, bRc ? "ok" : "failed"));
+ UNUSED_VARIABLE_VALUE(bRc);
+ }
+ if( p->hFile.h!=NULL && p->hFile.h!=INVALID_HANDLE_VALUE ){
+ SimulateIOErrorBenign(1);
+ winClose((sqlite3_file *)&p->hFile);
+ SimulateIOErrorBenign(0);
+ }
+ if( deleteFlag ){
+ SimulateIOErrorBenign(1);
+ sqlite3BeginBenignMalloc();
+ winDelete(pVfs, p->zFilename, 0);
+ sqlite3EndBenignMalloc();
+ SimulateIOErrorBenign(0);
+ }
+ *pp = p->pNext;
+ sqlite3_free(p->aRegion);
+ sqlite3_free(p);
+ }else{
+ pp = &p->pNext;
+ }
+ }
+}
+
+/*
+** Open the shared-memory area associated with database file pDbFd.
+**
+** When opening a new shared-memory file, if no other instances of that
+** file are currently open, in this process or in other processes, then
+** the file must be truncated to zero length or have its header cleared.
+*/
+static int winOpenSharedMemory(winFile *pDbFd){
+ struct winShm *p; /* The connection to be opened */
+ struct winShmNode *pShmNode = 0; /* The underlying mmapped file */
+ int rc; /* Result code */
+ struct winShmNode *pNew; /* Newly allocated winShmNode */
+ int nName; /* Size of zName in bytes */
+
+ assert( pDbFd->pShm==0 ); /* Not previously opened */
+
+ /* Allocate space for the new sqlite3_shm object. Also speculatively
+ ** allocate space for a new winShmNode and filename.
+ */
+ p = sqlite3MallocZero( sizeof(*p) );
+ if( p==0 ) return SQLITE_IOERR_NOMEM;
+ nName = sqlite3Strlen30(pDbFd->zPath);
+ pNew = sqlite3MallocZero( sizeof(*pShmNode) + nName + 17 );
+ if( pNew==0 ){
+ sqlite3_free(p);
+ return SQLITE_IOERR_NOMEM;
+ }
+ pNew->zFilename = (char*)&pNew[1];
+ sqlite3_snprintf(nName+15, pNew->zFilename, "%s-shm", pDbFd->zPath);
+ sqlite3FileSuffix3(pDbFd->zPath, pNew->zFilename);
+
+ /* Look to see if there is an existing winShmNode that can be used.
+ ** If no matching winShmNode currently exists, create a new one.
+ */
+ winShmEnterMutex();
+ for(pShmNode = winShmNodeList; pShmNode; pShmNode=pShmNode->pNext){
+ /* TBD need to come up with better match here. Perhaps
+ ** use FILE_ID_BOTH_DIR_INFO Structure.
+ */
+ if( sqlite3StrICmp(pShmNode->zFilename, pNew->zFilename)==0 ) break;
+ }
+ if( pShmNode ){
+ sqlite3_free(pNew);
+ }else{
+ pShmNode = pNew;
+ pNew = 0;
+ ((winFile*)(&pShmNode->hFile))->h = INVALID_HANDLE_VALUE;
+ pShmNode->pNext = winShmNodeList;
+ winShmNodeList = pShmNode;
+
+ pShmNode->mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
+ if( pShmNode->mutex==0 ){
+ rc = SQLITE_IOERR_NOMEM;
+ goto shm_open_err;
+ }
+
+ rc = winOpen(pDbFd->pVfs,
+ pShmNode->zFilename, /* Name of the file (UTF-8) */
+ (sqlite3_file*)&pShmNode->hFile, /* File handle here */
+ SQLITE_OPEN_WAL | SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
+ 0);
+ if( SQLITE_OK!=rc ){
+ goto shm_open_err;
+ }
+
+ /* Check to see if another process is holding the dead-man switch.
+ ** If not, truncate the file to zero length.
+ */
+ if( winShmSystemLock(pShmNode, _SHM_WRLCK, WIN_SHM_DMS, 1)==SQLITE_OK ){
+ rc = winTruncate((sqlite3_file *)&pShmNode->hFile, 0);
+ if( rc!=SQLITE_OK ){
+ rc = winLogError(SQLITE_IOERR_SHMOPEN, osGetLastError(),
+ "winOpenShm", pDbFd->zPath);
+ }
+ }
+ if( rc==SQLITE_OK ){
+ winShmSystemLock(pShmNode, _SHM_UNLCK, WIN_SHM_DMS, 1);
+ rc = winShmSystemLock(pShmNode, _SHM_RDLCK, WIN_SHM_DMS, 1);
+ }
+ if( rc ) goto shm_open_err;
+ }
+
+ /* Make the new connection a child of the winShmNode */
+ p->pShmNode = pShmNode;
+#if defined(SQLITE_DEBUG) || defined(SQLITE_HAVE_OS_TRACE)
+ p->id = pShmNode->nextShmId++;
+#endif
+ pShmNode->nRef++;
+ pDbFd->pShm = p;
+ winShmLeaveMutex();
+
+ /* The reference count on pShmNode has already been incremented under
+ ** the cover of the winShmEnterMutex() mutex and the pointer from the
+ ** new (struct winShm) object to the pShmNode has been set. All that is
+ ** left to do is to link the new object into the linked list starting
+ ** at pShmNode->pFirst. This must be done while holding the pShmNode->mutex
+ ** mutex.
+ */
+ sqlite3_mutex_enter(pShmNode->mutex);
+ p->pNext = pShmNode->pFirst;
+ pShmNode->pFirst = p;
+ sqlite3_mutex_leave(pShmNode->mutex);
+ return SQLITE_OK;
+
+ /* Jump here on any error */
+shm_open_err:
+ winShmSystemLock(pShmNode, _SHM_UNLCK, WIN_SHM_DMS, 1);
+ winShmPurge(pDbFd->pVfs, 0); /* This call frees pShmNode if required */
+ sqlite3_free(p);
+ sqlite3_free(pNew);
+ winShmLeaveMutex();
+ return rc;
+}
+
+/*
+** Close a connection to shared-memory. Delete the underlying
+** storage if deleteFlag is true.
+*/
+static int winShmUnmap(
+ sqlite3_file *fd, /* Database holding shared memory */
+ int deleteFlag /* Delete after closing if true */
+){
+ winFile *pDbFd; /* Database holding shared-memory */
+ winShm *p; /* The connection to be closed */
+ winShmNode *pShmNode; /* The underlying shared-memory file */
+ winShm **pp; /* For looping over sibling connections */
+
+ pDbFd = (winFile*)fd;
+ p = pDbFd->pShm;
+ if( p==0 ) return SQLITE_OK;
+ pShmNode = p->pShmNode;
+
+ /* Remove connection p from the set of connections associated
+ ** with pShmNode */
+ sqlite3_mutex_enter(pShmNode->mutex);
+ for(pp=&pShmNode->pFirst; (*pp)!=p; pp = &(*pp)->pNext){}
+ *pp = p->pNext;
+
+ /* Free the connection p */
+ sqlite3_free(p);
+ pDbFd->pShm = 0;
+ sqlite3_mutex_leave(pShmNode->mutex);
+
+ /* If pShmNode->nRef has reached 0, then close the underlying
+ ** shared-memory file, too */
+ winShmEnterMutex();
+ assert( pShmNode->nRef>0 );
+ pShmNode->nRef--;
+ if( pShmNode->nRef==0 ){
+ winShmPurge(pDbFd->pVfs, deleteFlag);
+ }
+ winShmLeaveMutex();
+
+ return SQLITE_OK;
+}
+
+/*
+** Change the lock state for a shared-memory segment.
+*/
+static int winShmLock(
+ sqlite3_file *fd, /* Database file holding the shared memory */
+ int ofst, /* First lock to acquire or release */
+ int n, /* Number of locks to acquire or release */
+ int flags /* What to do with the lock */
+){
+ winFile *pDbFd = (winFile*)fd; /* Connection holding shared memory */
+ winShm *p = pDbFd->pShm; /* The shared memory being locked */
+ winShm *pX; /* For looping over all siblings */
+ winShmNode *pShmNode = p->pShmNode;
+ int rc = SQLITE_OK; /* Result code */
+ u16 mask; /* Mask of locks to take or release */
+
+ assert( ofst>=0 && ofst+n<=SQLITE_SHM_NLOCK );
+ assert( n>=1 );
+ assert( flags==(SQLITE_SHM_LOCK | SQLITE_SHM_SHARED)
+ || flags==(SQLITE_SHM_LOCK | SQLITE_SHM_EXCLUSIVE)
+ || flags==(SQLITE_SHM_UNLOCK | SQLITE_SHM_SHARED)
+ || flags==(SQLITE_SHM_UNLOCK | SQLITE_SHM_EXCLUSIVE) );
+ assert( n==1 || (flags & SQLITE_SHM_EXCLUSIVE)!=0 );
+
+ mask = (u16)((1U<<(ofst+n)) - (1U<<ofst));
+ assert( n>1 || mask==(1<<ofst) );
+ sqlite3_mutex_enter(pShmNode->mutex);
+ if( flags & SQLITE_SHM_UNLOCK ){
+ u16 allMask = 0; /* Mask of locks held by siblings */
+
+ /* See if any siblings hold this same lock */
+ for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
+ if( pX==p ) continue;
+ assert( (pX->exclMask & (p->exclMask|p->sharedMask))==0 );
+ allMask |= pX->sharedMask;
+ }
+
+ /* Unlock the system-level locks */
+ if( (mask & allMask)==0 ){
+ rc = winShmSystemLock(pShmNode, _SHM_UNLCK, ofst+WIN_SHM_BASE, n);
+ }else{
+ rc = SQLITE_OK;
+ }
+
+ /* Undo the local locks */
+ if( rc==SQLITE_OK ){
+ p->exclMask &= ~mask;
+ p->sharedMask &= ~mask;
+ }
+ }else if( flags & SQLITE_SHM_SHARED ){
+ u16 allShared = 0; /* Union of locks held by connections other than "p" */
+
+ /* Find out which shared locks are already held by sibling connections.
+ ** If any sibling already holds an exclusive lock, go ahead and return
+ ** SQLITE_BUSY.
+ */
+ for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
+ if( (pX->exclMask & mask)!=0 ){
+ rc = SQLITE_BUSY;
+ break;
+ }
+ allShared |= pX->sharedMask;
+ }
+
+ /* Get shared locks at the system level, if necessary */
+ if( rc==SQLITE_OK ){
+ if( (allShared & mask)==0 ){
+ rc = winShmSystemLock(pShmNode, _SHM_RDLCK, ofst+WIN_SHM_BASE, n);
+ }else{
+ rc = SQLITE_OK;
+ }
+ }
+
+ /* Get the local shared locks */
+ if( rc==SQLITE_OK ){
+ p->sharedMask |= mask;
+ }
+ }else{
+ /* Make sure no sibling connections hold locks that will block this
+ ** lock. If any do, return SQLITE_BUSY right away.
+ */
+ for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
+ if( (pX->exclMask & mask)!=0 || (pX->sharedMask & mask)!=0 ){
+ rc = SQLITE_BUSY;
+ break;
+ }
+ }
+
+ /* Get the exclusive locks at the system level. Then if successful
+ ** also mark the local connection as being locked.
+ */
+ if( rc==SQLITE_OK ){
+ rc = winShmSystemLock(pShmNode, _SHM_WRLCK, ofst+WIN_SHM_BASE, n);
+ if( rc==SQLITE_OK ){
+ assert( (p->sharedMask & mask)==0 );
+ p->exclMask |= mask;
+ }
+ }
+ }
+ sqlite3_mutex_leave(pShmNode->mutex);
+ OSTRACE(("SHM-LOCK pid=%lu, id=%d, sharedMask=%03x, exclMask=%03x, rc=%s\n",
+ osGetCurrentProcessId(), p->id, p->sharedMask, p->exclMask,
+ sqlite3ErrName(rc)));
+ return rc;
+}
+
+/*
+** Implement a memory barrier or memory fence on shared memory.
+**
+** All loads and stores begun before the barrier must complete before
+** any load or store begun after the barrier.
+*/
+static void winShmBarrier(
+ sqlite3_file *fd /* Database holding the shared memory */
+){
+ UNUSED_PARAMETER(fd);
+ sqlite3MemoryBarrier(); /* compiler-defined memory barrier */
+ winShmEnterMutex(); /* Also mutex, for redundancy */
+ winShmLeaveMutex();
+}
+
+/*
+** This function is called to obtain a pointer to region iRegion of the
+** shared-memory associated with the database file fd. Shared-memory regions
+** are numbered starting from zero. Each shared-memory region is szRegion
+** bytes in size.
+**
+** If an error occurs, an error code is returned and *pp is set to NULL.
+**
+** Otherwise, if the isWrite parameter is 0 and the requested shared-memory
+** region has not been allocated (by any client, including one running in a
+** separate process), then *pp is set to NULL and SQLITE_OK returned. If
+** isWrite is non-zero and the requested shared-memory region has not yet
+** been allocated, it is allocated by this function.
+**
+** If the shared-memory region has already been allocated or is allocated by
+** this call as described above, then it is mapped into this processes
+** address space (if it is not already), *pp is set to point to the mapped
+** memory and SQLITE_OK returned.
+*/
+static int winShmMap(
+ sqlite3_file *fd, /* Handle open on database file */
+ int iRegion, /* Region to retrieve */
+ int szRegion, /* Size of regions */
+ int isWrite, /* True to extend file if necessary */
+ void volatile **pp /* OUT: Mapped memory */
+){
+ winFile *pDbFd = (winFile*)fd;
+ winShm *pShm = pDbFd->pShm;
+ winShmNode *pShmNode;
+ int rc = SQLITE_OK;
+
+ if( !pShm ){
+ rc = winOpenSharedMemory(pDbFd);
+ if( rc!=SQLITE_OK ) return rc;
+ pShm = pDbFd->pShm;
+ }
+ pShmNode = pShm->pShmNode;
+
+ sqlite3_mutex_enter(pShmNode->mutex);
+ assert( szRegion==pShmNode->szRegion || pShmNode->nRegion==0 );
+
+ if( pShmNode->nRegion<=iRegion ){
+ struct ShmRegion *apNew; /* New aRegion[] array */
+ int nByte = (iRegion+1)*szRegion; /* Minimum required file size */
+ sqlite3_int64 sz; /* Current size of wal-index file */
+
+ pShmNode->szRegion = szRegion;
+
+ /* The requested region is not mapped into this processes address space.
+ ** Check to see if it has been allocated (i.e. if the wal-index file is
+ ** large enough to contain the requested region).
+ */
+ rc = winFileSize((sqlite3_file *)&pShmNode->hFile, &sz);
+ if( rc!=SQLITE_OK ){
+ rc = winLogError(SQLITE_IOERR_SHMSIZE, osGetLastError(),
+ "winShmMap1", pDbFd->zPath);
+ goto shmpage_out;
+ }
+
+ if( sz<nByte ){
+ /* The requested memory region does not exist. If isWrite is set to
+ ** zero, exit early. *pp will be set to NULL and SQLITE_OK returned.
+ **
+ ** Alternatively, if isWrite is non-zero, use ftruncate() to allocate
+ ** the requested memory region.
+ */
+ if( !isWrite ) goto shmpage_out;
+ rc = winTruncate((sqlite3_file *)&pShmNode->hFile, nByte);
+ if( rc!=SQLITE_OK ){
+ rc = winLogError(SQLITE_IOERR_SHMSIZE, osGetLastError(),
+ "winShmMap2", pDbFd->zPath);
+ goto shmpage_out;
+ }
+ }
+
+ /* Map the requested memory region into this processes address space. */
+ apNew = (struct ShmRegion *)sqlite3_realloc64(
+ pShmNode->aRegion, (iRegion+1)*sizeof(apNew[0])
+ );
+ if( !apNew ){
+ rc = SQLITE_IOERR_NOMEM;
+ goto shmpage_out;
+ }
+ pShmNode->aRegion = apNew;
+
+ while( pShmNode->nRegion<=iRegion ){
+ HANDLE hMap = NULL; /* file-mapping handle */
+ void *pMap = 0; /* Mapped memory region */
+
+#if SQLITE_OS_WINRT
+ hMap = osCreateFileMappingFromApp(pShmNode->hFile.h,
+ NULL, PAGE_READWRITE, nByte, NULL
+ );
+#elif defined(SQLITE_WIN32_HAS_WIDE)
+ hMap = osCreateFileMappingW(pShmNode->hFile.h,
+ NULL, PAGE_READWRITE, 0, nByte, NULL
+ );
+#elif defined(SQLITE_WIN32_HAS_ANSI)
+ hMap = osCreateFileMappingA(pShmNode->hFile.h,
+ NULL, PAGE_READWRITE, 0, nByte, NULL
+ );
+#endif
+ OSTRACE(("SHM-MAP-CREATE pid=%lu, region=%d, size=%d, rc=%s\n",
+ osGetCurrentProcessId(), pShmNode->nRegion, nByte,
+ hMap ? "ok" : "failed"));
+ if( hMap ){
+ int iOffset = pShmNode->nRegion*szRegion;
+ int iOffsetShift = iOffset % winSysInfo.dwAllocationGranularity;
+#if SQLITE_OS_WINRT
+ pMap = osMapViewOfFileFromApp(hMap, FILE_MAP_WRITE | FILE_MAP_READ,
+ iOffset - iOffsetShift, szRegion + iOffsetShift
+ );
+#else
+ pMap = osMapViewOfFile(hMap, FILE_MAP_WRITE | FILE_MAP_READ,
+ 0, iOffset - iOffsetShift, szRegion + iOffsetShift
+ );
+#endif
+ OSTRACE(("SHM-MAP-MAP pid=%lu, region=%d, offset=%d, size=%d, rc=%s\n",
+ osGetCurrentProcessId(), pShmNode->nRegion, iOffset,
+ szRegion, pMap ? "ok" : "failed"));
+ }
+ if( !pMap ){
+ pShmNode->lastErrno = osGetLastError();
+ rc = winLogError(SQLITE_IOERR_SHMMAP, pShmNode->lastErrno,
+ "winShmMap3", pDbFd->zPath);
+ if( hMap ) osCloseHandle(hMap);
+ goto shmpage_out;
+ }
+
+ pShmNode->aRegion[pShmNode->nRegion].pMap = pMap;
+ pShmNode->aRegion[pShmNode->nRegion].hMap = hMap;
+ pShmNode->nRegion++;
+ }
+ }
+
+shmpage_out:
+ if( pShmNode->nRegion>iRegion ){
+ int iOffset = iRegion*szRegion;
+ int iOffsetShift = iOffset % winSysInfo.dwAllocationGranularity;
+ char *p = (char *)pShmNode->aRegion[iRegion].pMap;
+ *pp = (void *)&p[iOffsetShift];
+ }else{
+ *pp = 0;
+ }
+ sqlite3_mutex_leave(pShmNode->mutex);
+ return rc;
+}
+
+#else
+# define winShmMap 0
+# define winShmLock 0
+# define winShmBarrier 0
+# define winShmUnmap 0
+#endif /* #ifndef SQLITE_OMIT_WAL */
+
+/*
+** Cleans up the mapped region of the specified file, if any.
+*/
+#if SQLITE_MAX_MMAP_SIZE>0
+static int winUnmapfile(winFile *pFile){
+ assert( pFile!=0 );
+ OSTRACE(("UNMAP-FILE pid=%lu, pFile=%p, hMap=%p, pMapRegion=%p, "
+ "mmapSize=%lld, mmapSizeActual=%lld, mmapSizeMax=%lld\n",
+ osGetCurrentProcessId(), pFile, pFile->hMap, pFile->pMapRegion,
+ pFile->mmapSize, pFile->mmapSizeActual, pFile->mmapSizeMax));
+ if( pFile->pMapRegion ){
+ if( !osUnmapViewOfFile(pFile->pMapRegion) ){
+ pFile->lastErrno = osGetLastError();
+ OSTRACE(("UNMAP-FILE pid=%lu, pFile=%p, pMapRegion=%p, "
+ "rc=SQLITE_IOERR_MMAP\n", osGetCurrentProcessId(), pFile,
+ pFile->pMapRegion));
+ return winLogError(SQLITE_IOERR_MMAP, pFile->lastErrno,
+ "winUnmapfile1", pFile->zPath);
+ }
+ pFile->pMapRegion = 0;
+ pFile->mmapSize = 0;
+ pFile->mmapSizeActual = 0;
+ }
+ if( pFile->hMap!=NULL ){
+ if( !osCloseHandle(pFile->hMap) ){
+ pFile->lastErrno = osGetLastError();
+ OSTRACE(("UNMAP-FILE pid=%lu, pFile=%p, hMap=%p, rc=SQLITE_IOERR_MMAP\n",
+ osGetCurrentProcessId(), pFile, pFile->hMap));
+ return winLogError(SQLITE_IOERR_MMAP, pFile->lastErrno,
+ "winUnmapfile2", pFile->zPath);
+ }
+ pFile->hMap = NULL;
+ }
+ OSTRACE(("UNMAP-FILE pid=%lu, pFile=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFile));
+ return SQLITE_OK;
+}
+
+/*
+** Memory map or remap the file opened by file-descriptor pFd (if the file
+** is already mapped, the existing mapping is replaced by the new). Or, if
+** there already exists a mapping for this file, and there are still
+** outstanding xFetch() references to it, this function is a no-op.
+**
+** If parameter nByte is non-negative, then it is the requested size of
+** the mapping to create. Otherwise, if nByte is less than zero, then the
+** requested size is the size of the file on disk. The actual size of the
+** created mapping is either the requested size or the value configured
+** using SQLITE_FCNTL_MMAP_SIZE, whichever is smaller.
+**
+** SQLITE_OK is returned if no error occurs (even if the mapping is not
+** recreated as a result of outstanding references) or an SQLite error
+** code otherwise.
+*/
+static int winMapfile(winFile *pFd, sqlite3_int64 nByte){
+ sqlite3_int64 nMap = nByte;
+ int rc;
+
+ assert( nMap>=0 || pFd->nFetchOut==0 );
+ OSTRACE(("MAP-FILE pid=%lu, pFile=%p, size=%lld\n",
+ osGetCurrentProcessId(), pFd, nByte));
+
+ if( pFd->nFetchOut>0 ) return SQLITE_OK;
+
+ if( nMap<0 ){
+ rc = winFileSize((sqlite3_file*)pFd, &nMap);
+ if( rc ){
+ OSTRACE(("MAP-FILE pid=%lu, pFile=%p, rc=SQLITE_IOERR_FSTAT\n",
+ osGetCurrentProcessId(), pFd));
+ return SQLITE_IOERR_FSTAT;
+ }
+ }
+ if( nMap>pFd->mmapSizeMax ){
+ nMap = pFd->mmapSizeMax;
+ }
+ nMap &= ~(sqlite3_int64)(winSysInfo.dwPageSize - 1);
+
+ if( nMap==0 && pFd->mmapSize>0 ){
+ winUnmapfile(pFd);
+ }
+ if( nMap!=pFd->mmapSize ){
+ void *pNew = 0;
+ DWORD protect = PAGE_READONLY;
+ DWORD flags = FILE_MAP_READ;
+
+ winUnmapfile(pFd);
+#ifdef SQLITE_MMAP_READWRITE
+ if( (pFd->ctrlFlags & WINFILE_RDONLY)==0 ){
+ protect = PAGE_READWRITE;
+ flags |= FILE_MAP_WRITE;
+ }
+#endif
+#if SQLITE_OS_WINRT
+ pFd->hMap = osCreateFileMappingFromApp(pFd->h, NULL, protect, nMap, NULL);
+#elif defined(SQLITE_WIN32_HAS_WIDE)
+ pFd->hMap = osCreateFileMappingW(pFd->h, NULL, protect,
+ (DWORD)((nMap>>32) & 0xffffffff),
+ (DWORD)(nMap & 0xffffffff), NULL);
+#elif defined(SQLITE_WIN32_HAS_ANSI)
+ pFd->hMap = osCreateFileMappingA(pFd->h, NULL, protect,
+ (DWORD)((nMap>>32) & 0xffffffff),
+ (DWORD)(nMap & 0xffffffff), NULL);
+#endif
+ if( pFd->hMap==NULL ){
+ pFd->lastErrno = osGetLastError();
+ rc = winLogError(SQLITE_IOERR_MMAP, pFd->lastErrno,
+ "winMapfile1", pFd->zPath);
+ /* Log the error, but continue normal operation using xRead/xWrite */
+ OSTRACE(("MAP-FILE-CREATE pid=%lu, pFile=%p, rc=%s\n",
+ osGetCurrentProcessId(), pFd, sqlite3ErrName(rc)));
+ return SQLITE_OK;
+ }
+ assert( (nMap % winSysInfo.dwPageSize)==0 );
+ assert( sizeof(SIZE_T)==sizeof(sqlite3_int64) || nMap<=0xffffffff );
+#if SQLITE_OS_WINRT
+ pNew = osMapViewOfFileFromApp(pFd->hMap, flags, 0, (SIZE_T)nMap);
+#else
+ pNew = osMapViewOfFile(pFd->hMap, flags, 0, 0, (SIZE_T)nMap);
+#endif
+ if( pNew==NULL ){
+ osCloseHandle(pFd->hMap);
+ pFd->hMap = NULL;
+ pFd->lastErrno = osGetLastError();
+ rc = winLogError(SQLITE_IOERR_MMAP, pFd->lastErrno,
+ "winMapfile2", pFd->zPath);
+ /* Log the error, but continue normal operation using xRead/xWrite */
+ OSTRACE(("MAP-FILE-MAP pid=%lu, pFile=%p, rc=%s\n",
+ osGetCurrentProcessId(), pFd, sqlite3ErrName(rc)));
+ return SQLITE_OK;
+ }
+ pFd->pMapRegion = pNew;
+ pFd->mmapSize = nMap;
+ pFd->mmapSizeActual = nMap;
+ }
+
+ OSTRACE(("MAP-FILE pid=%lu, pFile=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), pFd));
+ return SQLITE_OK;
+}
+#endif /* SQLITE_MAX_MMAP_SIZE>0 */
+
+/*
+** If possible, return a pointer to a mapping of file fd starting at offset
+** iOff. The mapping must be valid for at least nAmt bytes.
+**
+** If such a pointer can be obtained, store it in *pp and return SQLITE_OK.
+** Or, if one cannot but no error occurs, set *pp to 0 and return SQLITE_OK.
+** Finally, if an error does occur, return an SQLite error code. The final
+** value of *pp is undefined in this case.
+**
+** If this function does return a pointer, the caller must eventually
+** release the reference by calling winUnfetch().
+*/
+static int winFetch(sqlite3_file *fd, i64 iOff, int nAmt, void **pp){
+#if SQLITE_MAX_MMAP_SIZE>0
+ winFile *pFd = (winFile*)fd; /* The underlying database file */
+#endif
+ *pp = 0;
+
+ OSTRACE(("FETCH pid=%lu, pFile=%p, offset=%lld, amount=%d, pp=%p\n",
+ osGetCurrentProcessId(), fd, iOff, nAmt, pp));
+
+#if SQLITE_MAX_MMAP_SIZE>0
+ if( pFd->mmapSizeMax>0 ){
+ if( pFd->pMapRegion==0 ){
+ int rc = winMapfile(pFd, -1);
+ if( rc!=SQLITE_OK ){
+ OSTRACE(("FETCH pid=%lu, pFile=%p, rc=%s\n",
+ osGetCurrentProcessId(), pFd, sqlite3ErrName(rc)));
+ return rc;
+ }
+ }
+ if( pFd->mmapSize >= iOff+nAmt ){
+ *pp = &((u8 *)pFd->pMapRegion)[iOff];
+ pFd->nFetchOut++;
+ }
+ }
+#endif
+
+ OSTRACE(("FETCH pid=%lu, pFile=%p, pp=%p, *pp=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), fd, pp, *pp));
+ return SQLITE_OK;
+}
+
+/*
+** If the third argument is non-NULL, then this function releases a
+** reference obtained by an earlier call to winFetch(). The second
+** argument passed to this function must be the same as the corresponding
+** argument that was passed to the winFetch() invocation.
+**
+** Or, if the third argument is NULL, then this function is being called
+** to inform the VFS layer that, according to POSIX, any existing mapping
+** may now be invalid and should be unmapped.
+*/
+static int winUnfetch(sqlite3_file *fd, i64 iOff, void *p){
+#if SQLITE_MAX_MMAP_SIZE>0
+ winFile *pFd = (winFile*)fd; /* The underlying database file */
+
+ /* If p==0 (unmap the entire file) then there must be no outstanding
+ ** xFetch references. Or, if p!=0 (meaning it is an xFetch reference),
+ ** then there must be at least one outstanding. */
+ assert( (p==0)==(pFd->nFetchOut==0) );
+
+ /* If p!=0, it must match the iOff value. */
+ assert( p==0 || p==&((u8 *)pFd->pMapRegion)[iOff] );
+
+ OSTRACE(("UNFETCH pid=%lu, pFile=%p, offset=%lld, p=%p\n",
+ osGetCurrentProcessId(), pFd, iOff, p));
+
+ if( p ){
+ pFd->nFetchOut--;
+ }else{
+ /* FIXME: If Windows truly always prevents truncating or deleting a
+ ** file while a mapping is held, then the following winUnmapfile() call
+ ** is unnecessary can be omitted - potentially improving
+ ** performance. */
+ winUnmapfile(pFd);
+ }
+
+ assert( pFd->nFetchOut>=0 );
+#endif
+
+ OSTRACE(("UNFETCH pid=%lu, pFile=%p, rc=SQLITE_OK\n",
+ osGetCurrentProcessId(), fd));
+ return SQLITE_OK;
+}
+
+/*
+** Here ends the implementation of all sqlite3_file methods.
+**
+********************** End sqlite3_file Methods *******************************
+******************************************************************************/
+
+/*
+** This vector defines all the methods that can operate on an
+** sqlite3_file for win32.
+*/
+static const sqlite3_io_methods winIoMethod = {
+ 3, /* iVersion */
+ winClose, /* xClose */
+ winRead, /* xRead */
+ winWrite, /* xWrite */
+ winTruncate, /* xTruncate */
+ winSync, /* xSync */
+ winFileSize, /* xFileSize */
+ winLock, /* xLock */
+ winUnlock, /* xUnlock */
+ winCheckReservedLock, /* xCheckReservedLock */
+ winFileControl, /* xFileControl */
+ winSectorSize, /* xSectorSize */
+ winDeviceCharacteristics, /* xDeviceCharacteristics */
+ winShmMap, /* xShmMap */
+ winShmLock, /* xShmLock */
+ winShmBarrier, /* xShmBarrier */
+ winShmUnmap, /* xShmUnmap */
+ winFetch, /* xFetch */
+ winUnfetch /* xUnfetch */
+};
+
+/****************************************************************************
+**************************** sqlite3_vfs methods ****************************
+**
+** This division contains the implementation of methods on the
+** sqlite3_vfs object.
+*/
+
+#if defined(__CYGWIN__)
+/*
+** Convert a filename from whatever the underlying operating system
+** supports for filenames into UTF-8. Space to hold the result is
+** obtained from malloc and must be freed by the calling function.
+*/
+static char *winConvertToUtf8Filename(const void *zFilename){
+ char *zConverted = 0;
+ if( osIsNT() ){
+ zConverted = winUnicodeToUtf8(zFilename);
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ zConverted = sqlite3_win32_mbcs_to_utf8(zFilename);
+ }
+#endif
+ /* caller will handle out of memory */
+ return zConverted;
+}
+#endif
+
+/*
+** Convert a UTF-8 filename into whatever form the underlying
+** operating system wants filenames in. Space to hold the result
+** is obtained from malloc and must be freed by the calling
+** function.
+*/
+static void *winConvertFromUtf8Filename(const char *zFilename){
+ void *zConverted = 0;
+ if( osIsNT() ){
+ zConverted = winUtf8ToUnicode(zFilename);
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ zConverted = sqlite3_win32_utf8_to_mbcs(zFilename);
+ }
+#endif
+ /* caller will handle out of memory */
+ return zConverted;
+}
+
+/*
+** This function returns non-zero if the specified UTF-8 string buffer
+** ends with a directory separator character or one was successfully
+** added to it.
+*/
+static int winMakeEndInDirSep(int nBuf, char *zBuf){
+ if( zBuf ){
+ int nLen = sqlite3Strlen30(zBuf);
+ if( nLen>0 ){
+ if( winIsDirSep(zBuf[nLen-1]) ){
+ return 1;
+ }else if( nLen+1<nBuf ){
+ zBuf[nLen] = winGetDirSep();
+ zBuf[nLen+1] = '\0';
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+/*
+** Create a temporary file name and store the resulting pointer into pzBuf.
+** The pointer returned in pzBuf must be freed via sqlite3_free().
+*/
+static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
+ static char zChars[] =
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789";
+ size_t i, j;
+ int nPre = sqlite3Strlen30(SQLITE_TEMP_FILE_PREFIX);
+ int nMax, nBuf, nDir, nLen;
+ char *zBuf;
+
+ /* It's odd to simulate an io-error here, but really this is just
+ ** using the io-error infrastructure to test that SQLite handles this
+ ** function failing.
+ */
+ SimulateIOError( return SQLITE_IOERR );
+
+ /* Allocate a temporary buffer to store the fully qualified file
+ ** name for the temporary file. If this fails, we cannot continue.
+ */
+ nMax = pVfs->mxPathname; nBuf = nMax + 2;
+ zBuf = sqlite3MallocZero( nBuf );
+ if( !zBuf ){
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+
+ /* Figure out the effective temporary directory. First, check if one
+ ** has been explicitly set by the application; otherwise, use the one
+ ** configured by the operating system.
+ */
+ nDir = nMax - (nPre + 15);
+ assert( nDir>0 );
+ if( sqlite3_temp_directory ){
+ int nDirLen = sqlite3Strlen30(sqlite3_temp_directory);
+ if( nDirLen>0 ){
+ if( !winIsDirSep(sqlite3_temp_directory[nDirLen-1]) ){
+ nDirLen++;
+ }
+ if( nDirLen>nDir ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n"));
+ return winLogError(SQLITE_ERROR, 0, "winGetTempname1", 0);
+ }
+ sqlite3_snprintf(nMax, zBuf, "%s", sqlite3_temp_directory);
+ }
+ }
+#if defined(__CYGWIN__)
+ else{
+ static const char *azDirs[] = {
+ 0, /* getenv("SQLITE_TMPDIR") */
+ 0, /* getenv("TMPDIR") */
+ 0, /* getenv("TMP") */
+ 0, /* getenv("TEMP") */
+ 0, /* getenv("USERPROFILE") */
+ "/var/tmp",
+ "/usr/tmp",
+ "/tmp",
+ ".",
+ 0 /* List terminator */
+ };
+ unsigned int i;
+ const char *zDir = 0;
+
+ if( !azDirs[0] ) azDirs[0] = getenv("SQLITE_TMPDIR");
+ if( !azDirs[1] ) azDirs[1] = getenv("TMPDIR");
+ if( !azDirs[2] ) azDirs[2] = getenv("TMP");
+ if( !azDirs[3] ) azDirs[3] = getenv("TEMP");
+ if( !azDirs[4] ) azDirs[4] = getenv("USERPROFILE");
+ for(i=0; i<sizeof(azDirs)/sizeof(azDirs[0]); zDir=azDirs[i++]){
+ void *zConverted;
+ if( zDir==0 ) continue;
+ /* If the path starts with a drive letter followed by the colon
+ ** character, assume it is already a native Win32 path; otherwise,
+ ** it must be converted to a native Win32 path via the Cygwin API
+ ** prior to using it.
+ */
+ if( winIsDriveLetterAndColon(zDir) ){
+ zConverted = winConvertFromUtf8Filename(zDir);
+ if( !zConverted ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( winIsDir(zConverted) ){
+ sqlite3_snprintf(nMax, zBuf, "%s", zDir);
+ sqlite3_free(zConverted);
+ break;
+ }
+ sqlite3_free(zConverted);
+ }else{
+ zConverted = sqlite3MallocZero( nMax+1 );
+ if( !zConverted ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( cygwin_conv_path(
+ osIsNT() ? CCP_POSIX_TO_WIN_W : CCP_POSIX_TO_WIN_A, zDir,
+ zConverted, nMax+1)<0 ){
+ sqlite3_free(zConverted);
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_CONVPATH\n"));
+ return winLogError(SQLITE_IOERR_CONVPATH, (DWORD)errno,
+ "winGetTempname2", zDir);
+ }
+ if( winIsDir(zConverted) ){
+ /* At this point, we know the candidate directory exists and should
+ ** be used. However, we may need to convert the string containing
+ ** its name into UTF-8 (i.e. if it is UTF-16 right now).
+ */
+ char *zUtf8 = winConvertToUtf8Filename(zConverted);
+ if( !zUtf8 ){
+ sqlite3_free(zConverted);
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ sqlite3_snprintf(nMax, zBuf, "%s", zUtf8);
+ sqlite3_free(zUtf8);
+ sqlite3_free(zConverted);
+ break;
+ }
+ sqlite3_free(zConverted);
+ }
+ }
+ }
+#elif !SQLITE_OS_WINRT && !defined(__CYGWIN__)
+ else if( osIsNT() ){
+ char *zMulti;
+ LPWSTR zWidePath = sqlite3MallocZero( nMax*sizeof(WCHAR) );
+ if( !zWidePath ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( osGetTempPathW(nMax, zWidePath)==0 ){
+ sqlite3_free(zWidePath);
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_GETTEMPPATH\n"));
+ return winLogError(SQLITE_IOERR_GETTEMPPATH, osGetLastError(),
+ "winGetTempname2", 0);
+ }
+ zMulti = winUnicodeToUtf8(zWidePath);
+ if( zMulti ){
+ sqlite3_snprintf(nMax, zBuf, "%s", zMulti);
+ sqlite3_free(zMulti);
+ sqlite3_free(zWidePath);
+ }else{
+ sqlite3_free(zWidePath);
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ char *zUtf8;
+ char *zMbcsPath = sqlite3MallocZero( nMax );
+ if( !zMbcsPath ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( osGetTempPathA(nMax, zMbcsPath)==0 ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_GETTEMPPATH\n"));
+ return winLogError(SQLITE_IOERR_GETTEMPPATH, osGetLastError(),
+ "winGetTempname3", 0);
+ }
+ zUtf8 = sqlite3_win32_mbcs_to_utf8(zMbcsPath);
+ if( zUtf8 ){
+ sqlite3_snprintf(nMax, zBuf, "%s", zUtf8);
+ sqlite3_free(zUtf8);
+ }else{
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
+ return SQLITE_IOERR_NOMEM;
+ }
+ }
+#endif /* SQLITE_WIN32_HAS_ANSI */
+#endif /* !SQLITE_OS_WINRT */
+
+ /*
+ ** Check to make sure the temporary directory ends with an appropriate
+ ** separator. If it does not and there is not enough space left to add
+ ** one, fail.
+ */
+ if( !winMakeEndInDirSep(nDir+1, zBuf) ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n"));
+ return winLogError(SQLITE_ERROR, 0, "winGetTempname4", 0);
+ }
+
+ /*
+ ** Check that the output buffer is large enough for the temporary file
+ ** name in the following format:
+ **
+ ** "<temporary_directory>/etilqs_XXXXXXXXXXXXXXX\0\0"
+ **
+ ** If not, return SQLITE_ERROR. The number 17 is used here in order to
+ ** account for the space used by the 15 character random suffix and the
+ ** two trailing NUL characters. The final directory separator character
+ ** has already added if it was not already present.
+ */
+ nLen = sqlite3Strlen30(zBuf);
+ if( (nLen + nPre + 17) > nBuf ){
+ sqlite3_free(zBuf);
+ OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n"));
+ return winLogError(SQLITE_ERROR, 0, "winGetTempname5", 0);
+ }
+
+ sqlite3_snprintf(nBuf-16-nLen, zBuf+nLen, SQLITE_TEMP_FILE_PREFIX);
+
+ j = sqlite3Strlen30(zBuf);
+ sqlite3_randomness(15, &zBuf[j]);
+ for(i=0; i<15; i++, j++){
+ zBuf[j] = (char)zChars[ ((unsigned char)zBuf[j])%(sizeof(zChars)-1) ];
+ }
+ zBuf[j] = 0;
+ zBuf[j+1] = 0;
+ *pzBuf = zBuf;
+
+ OSTRACE(("TEMP-FILENAME name=%s, rc=SQLITE_OK\n", zBuf));
+ return SQLITE_OK;
+}
+
+/*
+** Return TRUE if the named file is really a directory. Return false if
+** it is something other than a directory, or if there is any kind of memory
+** allocation failure.
+*/
+static int winIsDir(const void *zConverted){
+ DWORD attr;
+ int rc = 0;
+ DWORD lastErrno;
+
+ if( osIsNT() ){
+ int cnt = 0;
+ WIN32_FILE_ATTRIBUTE_DATA sAttrData;
+ memset(&sAttrData, 0, sizeof(sAttrData));
+ while( !(rc = osGetFileAttributesExW((LPCWSTR)zConverted,
+ GetFileExInfoStandard,
+ &sAttrData)) && winRetryIoerr(&cnt, &lastErrno) ){}
+ if( !rc ){
+ return 0; /* Invalid name? */
+ }
+ attr = sAttrData.dwFileAttributes;
+#if SQLITE_OS_WINCE==0
+ }else{
+ attr = osGetFileAttributesA((char*)zConverted);
+#endif
+ }
+ return (attr!=INVALID_FILE_ATTRIBUTES) && (attr&FILE_ATTRIBUTE_DIRECTORY);
+}
+
+/*
+** Open a file.
+*/
+static int winOpen(
+ sqlite3_vfs *pVfs, /* Used to get maximum path name length */
+ const char *zName, /* Name of the file (UTF-8) */
+ sqlite3_file *id, /* Write the SQLite file handle here */
+ int flags, /* Open mode flags */
+ int *pOutFlags /* Status return flags */
+){
+ HANDLE h;
+ DWORD lastErrno = 0;
+ DWORD dwDesiredAccess;
+ DWORD dwShareMode;
+ DWORD dwCreationDisposition;
+ DWORD dwFlagsAndAttributes = 0;
+#if SQLITE_OS_WINCE
+ int isTemp = 0;
+#endif
+ winFile *pFile = (winFile*)id;
+ void *zConverted; /* Filename in OS encoding */
+ const char *zUtf8Name = zName; /* Filename in UTF-8 encoding */
+ int cnt = 0;
+
+ /* If argument zPath is a NULL pointer, this function is required to open
+ ** a temporary file. Use this buffer to store the file name in.
+ */
+ char *zTmpname = 0; /* For temporary filename, if necessary. */
+
+ int rc = SQLITE_OK; /* Function Return Code */
+#if !defined(NDEBUG) || SQLITE_OS_WINCE
+ int eType = flags&0xFFFFFF00; /* Type of file to open */
+#endif
+
+ int isExclusive = (flags & SQLITE_OPEN_EXCLUSIVE);
+ int isDelete = (flags & SQLITE_OPEN_DELETEONCLOSE);
+ int isCreate = (flags & SQLITE_OPEN_CREATE);
+ int isReadonly = (flags & SQLITE_OPEN_READONLY);
+ int isReadWrite = (flags & SQLITE_OPEN_READWRITE);
+
+#ifndef NDEBUG
+ int isOpenJournal = (isCreate && (
+ eType==SQLITE_OPEN_MASTER_JOURNAL
+ || eType==SQLITE_OPEN_MAIN_JOURNAL
+ || eType==SQLITE_OPEN_WAL
+ ));
+#endif
+
+ OSTRACE(("OPEN name=%s, pFile=%p, flags=%x, pOutFlags=%p\n",
+ zUtf8Name, id, flags, pOutFlags));
+
+ /* Check the following statements are true:
+ **
+ ** (a) Exactly one of the READWRITE and READONLY flags must be set, and
+ ** (b) if CREATE is set, then READWRITE must also be set, and
+ ** (c) if EXCLUSIVE is set, then CREATE must also be set.
+ ** (d) if DELETEONCLOSE is set, then CREATE must also be set.
+ */
+ assert((isReadonly==0 || isReadWrite==0) && (isReadWrite || isReadonly));
+ assert(isCreate==0 || isReadWrite);
+ assert(isExclusive==0 || isCreate);
+ assert(isDelete==0 || isCreate);
+
+ /* The main DB, main journal, WAL file and master journal are never
+ ** automatically deleted. Nor are they ever temporary files. */
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_MAIN_DB );
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_MAIN_JOURNAL );
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_MASTER_JOURNAL );
+ assert( (!isDelete && zName) || eType!=SQLITE_OPEN_WAL );
+
+ /* Assert that the upper layer has set one of the "file-type" flags. */
+ assert( eType==SQLITE_OPEN_MAIN_DB || eType==SQLITE_OPEN_TEMP_DB
+ || eType==SQLITE_OPEN_MAIN_JOURNAL || eType==SQLITE_OPEN_TEMP_JOURNAL
+ || eType==SQLITE_OPEN_SUBJOURNAL || eType==SQLITE_OPEN_MASTER_JOURNAL
+ || eType==SQLITE_OPEN_TRANSIENT_DB || eType==SQLITE_OPEN_WAL
+ );
+
+ assert( pFile!=0 );
+ memset(pFile, 0, sizeof(winFile));
+ pFile->h = INVALID_HANDLE_VALUE;
+
+#if SQLITE_OS_WINRT
+ if( !zUtf8Name && !sqlite3_temp_directory ){
+ sqlite3_log(SQLITE_ERROR,
+ "sqlite3_temp_directory variable should be set for WinRT");
+ }
+#endif
+
+ /* If the second argument to this function is NULL, generate a
+ ** temporary file name to use
+ */
+ if( !zUtf8Name ){
+ assert( isDelete && !isOpenJournal );
+ rc = winGetTempname(pVfs, &zTmpname);
+ if( rc!=SQLITE_OK ){
+ OSTRACE(("OPEN name=%s, rc=%s", zUtf8Name, sqlite3ErrName(rc)));
+ return rc;
+ }
+ zUtf8Name = zTmpname;
+ }
+
+ /* Database filenames are double-zero terminated if they are not
+ ** URIs with parameters. Hence, they can always be passed into
+ ** sqlite3_uri_parameter().
+ */
+ assert( (eType!=SQLITE_OPEN_MAIN_DB) || (flags & SQLITE_OPEN_URI) ||
+ zUtf8Name[sqlite3Strlen30(zUtf8Name)+1]==0 );
+
+ /* Convert the filename to the system encoding. */
+ zConverted = winConvertFromUtf8Filename(zUtf8Name);
+ if( zConverted==0 ){
+ sqlite3_free(zTmpname);
+ OSTRACE(("OPEN name=%s, rc=SQLITE_IOERR_NOMEM", zUtf8Name));
+ return SQLITE_IOERR_NOMEM;
+ }
+
+ if( winIsDir(zConverted) ){
+ sqlite3_free(zConverted);
+ sqlite3_free(zTmpname);
+ OSTRACE(("OPEN name=%s, rc=SQLITE_CANTOPEN_ISDIR", zUtf8Name));
+ return SQLITE_CANTOPEN_ISDIR;
+ }
+
+ if( isReadWrite ){
+ dwDesiredAccess = GENERIC_READ | GENERIC_WRITE;
+ }else{
+ dwDesiredAccess = GENERIC_READ;
+ }
+
+ /* SQLITE_OPEN_EXCLUSIVE is used to make sure that a new file is
+ ** created. SQLite doesn't use it to indicate "exclusive access"
+ ** as it is usually understood.
+ */
+ if( isExclusive ){
+ /* Creates a new file, only if it does not already exist. */
+ /* If the file exists, it fails. */
+ dwCreationDisposition = CREATE_NEW;
+ }else if( isCreate ){
+ /* Open existing file, or create if it doesn't exist */
+ dwCreationDisposition = OPEN_ALWAYS;
+ }else{
+ /* Opens a file, only if it exists. */
+ dwCreationDisposition = OPEN_EXISTING;
+ }
+
+ dwShareMode = FILE_SHARE_READ | FILE_SHARE_WRITE;
+
+ if( isDelete ){
+#if SQLITE_OS_WINCE
+ dwFlagsAndAttributes = FILE_ATTRIBUTE_HIDDEN;
+ isTemp = 1;
+#else
+ dwFlagsAndAttributes = FILE_ATTRIBUTE_TEMPORARY
+ | FILE_ATTRIBUTE_HIDDEN
+ | FILE_FLAG_DELETE_ON_CLOSE;
+#endif
+ }else{
+ dwFlagsAndAttributes = FILE_ATTRIBUTE_NORMAL;
+ }
+ /* Reports from the internet are that performance is always
+ ** better if FILE_FLAG_RANDOM_ACCESS is used. Ticket #2699. */
+#if SQLITE_OS_WINCE
+ dwFlagsAndAttributes |= FILE_FLAG_RANDOM_ACCESS;
+#endif
+
+ if( osIsNT() ){
+#if SQLITE_OS_WINRT
+ CREATEFILE2_EXTENDED_PARAMETERS extendedParameters;
+ extendedParameters.dwSize = sizeof(CREATEFILE2_EXTENDED_PARAMETERS);
+ extendedParameters.dwFileAttributes =
+ dwFlagsAndAttributes & FILE_ATTRIBUTE_MASK;
+ extendedParameters.dwFileFlags = dwFlagsAndAttributes & FILE_FLAG_MASK;
+ extendedParameters.dwSecurityQosFlags = SECURITY_ANONYMOUS;
+ extendedParameters.lpSecurityAttributes = NULL;
+ extendedParameters.hTemplateFile = NULL;
+ while( (h = osCreateFile2((LPCWSTR)zConverted,
+ dwDesiredAccess,
+ dwShareMode,
+ dwCreationDisposition,
+ &extendedParameters))==INVALID_HANDLE_VALUE &&
+ winRetryIoerr(&cnt, &lastErrno) ){
+ /* Noop */
+ }
+#else
+ while( (h = osCreateFileW((LPCWSTR)zConverted,
+ dwDesiredAccess,
+ dwShareMode, NULL,
+ dwCreationDisposition,
+ dwFlagsAndAttributes,
+ NULL))==INVALID_HANDLE_VALUE &&
+ winRetryIoerr(&cnt, &lastErrno) ){
+ /* Noop */
+ }
+#endif
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ while( (h = osCreateFileA((LPCSTR)zConverted,
+ dwDesiredAccess,
+ dwShareMode, NULL,
+ dwCreationDisposition,
+ dwFlagsAndAttributes,
+ NULL))==INVALID_HANDLE_VALUE &&
+ winRetryIoerr(&cnt, &lastErrno) ){
+ /* Noop */
+ }
+ }
+#endif
+ winLogIoerr(cnt, __LINE__);
+
+ OSTRACE(("OPEN file=%p, name=%s, access=%lx, rc=%s\n", h, zUtf8Name,
+ dwDesiredAccess, (h==INVALID_HANDLE_VALUE) ? "failed" : "ok"));
+
+ if( h==INVALID_HANDLE_VALUE ){
+ pFile->lastErrno = lastErrno;
+ winLogError(SQLITE_CANTOPEN, pFile->lastErrno, "winOpen", zUtf8Name);
+ sqlite3_free(zConverted);
+ sqlite3_free(zTmpname);
+ if( isReadWrite && !isExclusive ){
+ return winOpen(pVfs, zName, id,
+ ((flags|SQLITE_OPEN_READONLY) &
+ ~(SQLITE_OPEN_CREATE|SQLITE_OPEN_READWRITE)),
+ pOutFlags);
+ }else{
+ return SQLITE_CANTOPEN_BKPT;
+ }
+ }
+
+ if( pOutFlags ){
+ if( isReadWrite ){
+ *pOutFlags = SQLITE_OPEN_READWRITE;
+ }else{
+ *pOutFlags = SQLITE_OPEN_READONLY;
+ }
+ }
+
+ OSTRACE(("OPEN file=%p, name=%s, access=%lx, pOutFlags=%p, *pOutFlags=%d, "
+ "rc=%s\n", h, zUtf8Name, dwDesiredAccess, pOutFlags, pOutFlags ?
+ *pOutFlags : 0, (h==INVALID_HANDLE_VALUE) ? "failed" : "ok"));
+
+#if SQLITE_OS_WINCE
+ if( isReadWrite && eType==SQLITE_OPEN_MAIN_DB
+ && (rc = winceCreateLock(zName, pFile))!=SQLITE_OK
+ ){
+ osCloseHandle(h);
+ sqlite3_free(zConverted);
+ sqlite3_free(zTmpname);
+ OSTRACE(("OPEN-CE-LOCK name=%s, rc=%s\n", zName, sqlite3ErrName(rc)));
+ return rc;
+ }
+ if( isTemp ){
+ pFile->zDeleteOnClose = zConverted;
+ }else
+#endif
+ {
+ sqlite3_free(zConverted);
+ }
+
+ sqlite3_free(zTmpname);
+ pFile->pMethod = &winIoMethod;
+ pFile->pVfs = pVfs;
+ pFile->h = h;
+ if( isReadonly ){
+ pFile->ctrlFlags |= WINFILE_RDONLY;
+ }
+ if( sqlite3_uri_boolean(zName, "psow", SQLITE_POWERSAFE_OVERWRITE) ){
+ pFile->ctrlFlags |= WINFILE_PSOW;
+ }
+ pFile->lastErrno = NO_ERROR;
+ pFile->zPath = zName;
+#if SQLITE_MAX_MMAP_SIZE>0
+ pFile->hMap = NULL;
+ pFile->pMapRegion = 0;
+ pFile->mmapSize = 0;
+ pFile->mmapSizeActual = 0;
+ pFile->mmapSizeMax = sqlite3GlobalConfig.szMmap;
+#endif
+
+ OpenCounter(+1);
+ return rc;
+}
+
+/*
+** Delete the named file.
+**
+** Note that Windows does not allow a file to be deleted if some other
+** process has it open. Sometimes a virus scanner or indexing program
+** will open a journal file shortly after it is created in order to do
+** whatever it does. While this other process is holding the
+** file open, we will be unable to delete it. To work around this
+** problem, we delay 100 milliseconds and try to delete again. Up
+** to MX_DELETION_ATTEMPTs deletion attempts are run before giving
+** up and returning an error.
+*/
+static int winDelete(
+ sqlite3_vfs *pVfs, /* Not used on win32 */
+ const char *zFilename, /* Name of file to delete */
+ int syncDir /* Not used on win32 */
+){
+ int cnt = 0;
+ int rc;
+ DWORD attr;
+ DWORD lastErrno = 0;
+ void *zConverted;
+ UNUSED_PARAMETER(pVfs);
+ UNUSED_PARAMETER(syncDir);
+
+ SimulateIOError(return SQLITE_IOERR_DELETE);
+ OSTRACE(("DELETE name=%s, syncDir=%d\n", zFilename, syncDir));
+
+ zConverted = winConvertFromUtf8Filename(zFilename);
+ if( zConverted==0 ){
+ OSTRACE(("DELETE name=%s, rc=SQLITE_IOERR_NOMEM\n", zFilename));
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( osIsNT() ){
+ do {
+#if SQLITE_OS_WINRT
+ WIN32_FILE_ATTRIBUTE_DATA sAttrData;
+ memset(&sAttrData, 0, sizeof(sAttrData));
+ if ( osGetFileAttributesExW(zConverted, GetFileExInfoStandard,
+ &sAttrData) ){
+ attr = sAttrData.dwFileAttributes;
+ }else{
+ lastErrno = osGetLastError();
+ if( lastErrno==ERROR_FILE_NOT_FOUND
+ || lastErrno==ERROR_PATH_NOT_FOUND ){
+ rc = SQLITE_IOERR_DELETE_NOENT; /* Already gone? */
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ break;
+ }
+#else
+ attr = osGetFileAttributesW(zConverted);
+#endif
+ if ( attr==INVALID_FILE_ATTRIBUTES ){
+ lastErrno = osGetLastError();
+ if( lastErrno==ERROR_FILE_NOT_FOUND
+ || lastErrno==ERROR_PATH_NOT_FOUND ){
+ rc = SQLITE_IOERR_DELETE_NOENT; /* Already gone? */
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ break;
+ }
+ if ( attr&FILE_ATTRIBUTE_DIRECTORY ){
+ rc = SQLITE_ERROR; /* Files only. */
+ break;
+ }
+ if ( osDeleteFileW(zConverted) ){
+ rc = SQLITE_OK; /* Deleted OK. */
+ break;
+ }
+ if ( !winRetryIoerr(&cnt, &lastErrno) ){
+ rc = SQLITE_ERROR; /* No more retries. */
+ break;
+ }
+ } while(1);
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ do {
+ attr = osGetFileAttributesA(zConverted);
+ if ( attr==INVALID_FILE_ATTRIBUTES ){
+ lastErrno = osGetLastError();
+ if( lastErrno==ERROR_FILE_NOT_FOUND
+ || lastErrno==ERROR_PATH_NOT_FOUND ){
+ rc = SQLITE_IOERR_DELETE_NOENT; /* Already gone? */
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ break;
+ }
+ if ( attr&FILE_ATTRIBUTE_DIRECTORY ){
+ rc = SQLITE_ERROR; /* Files only. */
+ break;
+ }
+ if ( osDeleteFileA(zConverted) ){
+ rc = SQLITE_OK; /* Deleted OK. */
+ break;
+ }
+ if ( !winRetryIoerr(&cnt, &lastErrno) ){
+ rc = SQLITE_ERROR; /* No more retries. */
+ break;
+ }
+ } while(1);
+ }
+#endif
+ if( rc && rc!=SQLITE_IOERR_DELETE_NOENT ){
+ rc = winLogError(SQLITE_IOERR_DELETE, lastErrno, "winDelete", zFilename);
+ }else{
+ winLogIoerr(cnt, __LINE__);
+ }
+ sqlite3_free(zConverted);
+ OSTRACE(("DELETE name=%s, rc=%s\n", zFilename, sqlite3ErrName(rc)));
+ return rc;
+}
+
+/*
+** Check the existence and status of a file.
+*/
+static int winAccess(
+ sqlite3_vfs *pVfs, /* Not used on win32 */
+ const char *zFilename, /* Name of file to check */
+ int flags, /* Type of test to make on this file */
+ int *pResOut /* OUT: Result */
+){
+ DWORD attr;
+ int rc = 0;
+ DWORD lastErrno = 0;
+ void *zConverted;
+ UNUSED_PARAMETER(pVfs);
+
+ SimulateIOError( return SQLITE_IOERR_ACCESS; );
+ OSTRACE(("ACCESS name=%s, flags=%x, pResOut=%p\n",
+ zFilename, flags, pResOut));
+
+ zConverted = winConvertFromUtf8Filename(zFilename);
+ if( zConverted==0 ){
+ OSTRACE(("ACCESS name=%s, rc=SQLITE_IOERR_NOMEM\n", zFilename));
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( osIsNT() ){
+ int cnt = 0;
+ WIN32_FILE_ATTRIBUTE_DATA sAttrData;
+ memset(&sAttrData, 0, sizeof(sAttrData));
+ while( !(rc = osGetFileAttributesExW((LPCWSTR)zConverted,
+ GetFileExInfoStandard,
+ &sAttrData)) && winRetryIoerr(&cnt, &lastErrno) ){}
+ if( rc ){
+ /* For an SQLITE_ACCESS_EXISTS query, treat a zero-length file
+ ** as if it does not exist.
+ */
+ if( flags==SQLITE_ACCESS_EXISTS
+ && sAttrData.nFileSizeHigh==0
+ && sAttrData.nFileSizeLow==0 ){
+ attr = INVALID_FILE_ATTRIBUTES;
+ }else{
+ attr = sAttrData.dwFileAttributes;
+ }
+ }else{
+ winLogIoerr(cnt, __LINE__);
+ if( lastErrno!=ERROR_FILE_NOT_FOUND && lastErrno!=ERROR_PATH_NOT_FOUND ){
+ sqlite3_free(zConverted);
+ return winLogError(SQLITE_IOERR_ACCESS, lastErrno, "winAccess",
+ zFilename);
+ }else{
+ attr = INVALID_FILE_ATTRIBUTES;
+ }
+ }
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ attr = osGetFileAttributesA((char*)zConverted);
+ }
+#endif
+ sqlite3_free(zConverted);
+ switch( flags ){
+ case SQLITE_ACCESS_READ:
+ case SQLITE_ACCESS_EXISTS:
+ rc = attr!=INVALID_FILE_ATTRIBUTES;
+ break;
+ case SQLITE_ACCESS_READWRITE:
+ rc = attr!=INVALID_FILE_ATTRIBUTES &&
+ (attr & FILE_ATTRIBUTE_READONLY)==0;
+ break;
+ default:
+ assert(!"Invalid flags argument");
+ }
+ *pResOut = rc;
+ OSTRACE(("ACCESS name=%s, pResOut=%p, *pResOut=%d, rc=SQLITE_OK\n",
+ zFilename, pResOut, *pResOut));
+ return SQLITE_OK;
+}
+
+/*
+** Returns non-zero if the specified path name starts with a drive letter
+** followed by a colon character.
+*/
+static BOOL winIsDriveLetterAndColon(
+ const char *zPathname
+){
+ return ( sqlite3Isalpha(zPathname[0]) && zPathname[1]==':' );
+}
+
+/*
+** Returns non-zero if the specified path name should be used verbatim. If
+** non-zero is returned from this function, the calling function must simply
+** use the provided path name verbatim -OR- resolve it into a full path name
+** using the GetFullPathName Win32 API function (if available).
+*/
+static BOOL winIsVerbatimPathname(
+ const char *zPathname
+){
+ /*
+ ** If the path name starts with a forward slash or a backslash, it is either
+ ** a legal UNC name, a volume relative path, or an absolute path name in the
+ ** "Unix" format on Windows. There is no easy way to differentiate between
+ ** the final two cases; therefore, we return the safer return value of TRUE
+ ** so that callers of this function will simply use it verbatim.
+ */
+ if ( winIsDirSep(zPathname[0]) ){
+ return TRUE;
+ }
+
+ /*
+ ** If the path name starts with a letter and a colon it is either a volume
+ ** relative path or an absolute path. Callers of this function must not
+ ** attempt to treat it as a relative path name (i.e. they should simply use
+ ** it verbatim).
+ */
+ if ( winIsDriveLetterAndColon(zPathname) ){
+ return TRUE;
+ }
+
+ /*
+ ** If we get to this point, the path name should almost certainly be a purely
+ ** relative one (i.e. not a UNC name, not absolute, and not volume relative).
+ */
+ return FALSE;
+}
+
+/*
+** Turn a relative pathname into a full pathname. Write the full
+** pathname into zOut[]. zOut[] will be at least pVfs->mxPathname
+** bytes in size.
+*/
+static int winFullPathname(
+ sqlite3_vfs *pVfs, /* Pointer to vfs object */
+ const char *zRelative, /* Possibly relative input path */
+ int nFull, /* Size of output buffer in bytes */
+ char *zFull /* Output buffer */
+){
+
+#if defined(__CYGWIN__)
+ SimulateIOError( return SQLITE_ERROR );
+ UNUSED_PARAMETER(nFull);
+ assert( nFull>=pVfs->mxPathname );
+ if ( sqlite3_data_directory && !winIsVerbatimPathname(zRelative) ){
+ /*
+ ** NOTE: We are dealing with a relative path name and the data
+ ** directory has been set. Therefore, use it as the basis
+ ** for converting the relative path name to an absolute
+ ** one by prepending the data directory and a slash.
+ */
+ char *zOut = sqlite3MallocZero( pVfs->mxPathname+1 );
+ if( !zOut ){
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( cygwin_conv_path(
+ (osIsNT() ? CCP_POSIX_TO_WIN_W : CCP_POSIX_TO_WIN_A) |
+ CCP_RELATIVE, zRelative, zOut, pVfs->mxPathname+1)<0 ){
+ sqlite3_free(zOut);
+ return winLogError(SQLITE_CANTOPEN_CONVPATH, (DWORD)errno,
+ "winFullPathname1", zRelative);
+ }else{
+ char *zUtf8 = winConvertToUtf8Filename(zOut);
+ if( !zUtf8 ){
+ sqlite3_free(zOut);
+ return SQLITE_IOERR_NOMEM;
+ }
+ sqlite3_snprintf(MIN(nFull, pVfs->mxPathname), zFull, "%s%c%s",
+ sqlite3_data_directory, winGetDirSep(), zUtf8);
+ sqlite3_free(zUtf8);
+ sqlite3_free(zOut);
+ }
+ }else{
+ char *zOut = sqlite3MallocZero( pVfs->mxPathname+1 );
+ if( !zOut ){
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( cygwin_conv_path(
+ (osIsNT() ? CCP_POSIX_TO_WIN_W : CCP_POSIX_TO_WIN_A),
+ zRelative, zOut, pVfs->mxPathname+1)<0 ){
+ sqlite3_free(zOut);
+ return winLogError(SQLITE_CANTOPEN_CONVPATH, (DWORD)errno,
+ "winFullPathname2", zRelative);
+ }else{
+ char *zUtf8 = winConvertToUtf8Filename(zOut);
+ if( !zUtf8 ){
+ sqlite3_free(zOut);
+ return SQLITE_IOERR_NOMEM;
+ }
+ sqlite3_snprintf(MIN(nFull, pVfs->mxPathname), zFull, "%s", zUtf8);
+ sqlite3_free(zUtf8);
+ sqlite3_free(zOut);
+ }
+ }
+ return SQLITE_OK;
+#endif
+
+#if (SQLITE_OS_WINCE || SQLITE_OS_WINRT) && !defined(__CYGWIN__)
+ SimulateIOError( return SQLITE_ERROR );
+ /* WinCE has no concept of a relative pathname, or so I am told. */
+ /* WinRT has no way to convert a relative path to an absolute one. */
+ if ( sqlite3_data_directory && !winIsVerbatimPathname(zRelative) ){
+ /*
+ ** NOTE: We are dealing with a relative path name and the data
+ ** directory has been set. Therefore, use it as the basis
+ ** for converting the relative path name to an absolute
+ ** one by prepending the data directory and a backslash.
+ */
+ sqlite3_snprintf(MIN(nFull, pVfs->mxPathname), zFull, "%s%c%s",
+ sqlite3_data_directory, winGetDirSep(), zRelative);
+ }else{
+ sqlite3_snprintf(MIN(nFull, pVfs->mxPathname), zFull, "%s", zRelative);
+ }
+ return SQLITE_OK;
+#endif
+
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && !defined(__CYGWIN__)
+ DWORD nByte;
+ void *zConverted;
+ char *zOut;
+
+ /* If this path name begins with "/X:", where "X" is any alphabetic
+ ** character, discard the initial "/" from the pathname.
+ */
+ if( zRelative[0]=='/' && winIsDriveLetterAndColon(zRelative+1) ){
+ zRelative++;
+ }
+
+ /* It's odd to simulate an io-error here, but really this is just
+ ** using the io-error infrastructure to test that SQLite handles this
+ ** function failing. This function could fail if, for example, the
+ ** current working directory has been unlinked.
+ */
+ SimulateIOError( return SQLITE_ERROR );
+ if ( sqlite3_data_directory && !winIsVerbatimPathname(zRelative) ){
+ /*
+ ** NOTE: We are dealing with a relative path name and the data
+ ** directory has been set. Therefore, use it as the basis
+ ** for converting the relative path name to an absolute
+ ** one by prepending the data directory and a backslash.
+ */
+ sqlite3_snprintf(MIN(nFull, pVfs->mxPathname), zFull, "%s%c%s",
+ sqlite3_data_directory, winGetDirSep(), zRelative);
+ return SQLITE_OK;
+ }
+ zConverted = winConvertFromUtf8Filename(zRelative);
+ if( zConverted==0 ){
+ return SQLITE_IOERR_NOMEM;
+ }
+ if( osIsNT() ){
+ LPWSTR zTemp;
+ nByte = osGetFullPathNameW((LPCWSTR)zConverted, 0, 0, 0);
+ if( nByte==0 ){
+ sqlite3_free(zConverted);
+ return winLogError(SQLITE_CANTOPEN_FULLPATH, osGetLastError(),
+ "winFullPathname1", zRelative);
+ }
+ nByte += 3;
+ zTemp = sqlite3MallocZero( nByte*sizeof(zTemp[0]) );
+ if( zTemp==0 ){
+ sqlite3_free(zConverted);
+ return SQLITE_IOERR_NOMEM;
+ }
+ nByte = osGetFullPathNameW((LPCWSTR)zConverted, nByte, zTemp, 0);
+ if( nByte==0 ){
+ sqlite3_free(zConverted);
+ sqlite3_free(zTemp);
+ return winLogError(SQLITE_CANTOPEN_FULLPATH, osGetLastError(),
+ "winFullPathname2", zRelative);
+ }
+ sqlite3_free(zConverted);
+ zOut = winUnicodeToUtf8(zTemp);
+ sqlite3_free(zTemp);
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ char *zTemp;
+ nByte = osGetFullPathNameA((char*)zConverted, 0, 0, 0);
+ if( nByte==0 ){
+ sqlite3_free(zConverted);
+ return winLogError(SQLITE_CANTOPEN_FULLPATH, osGetLastError(),
+ "winFullPathname3", zRelative);
+ }
+ nByte += 3;
+ zTemp = sqlite3MallocZero( nByte*sizeof(zTemp[0]) );
+ if( zTemp==0 ){
+ sqlite3_free(zConverted);
+ return SQLITE_IOERR_NOMEM;
+ }
+ nByte = osGetFullPathNameA((char*)zConverted, nByte, zTemp, 0);
+ if( nByte==0 ){
+ sqlite3_free(zConverted);
+ sqlite3_free(zTemp);
+ return winLogError(SQLITE_CANTOPEN_FULLPATH, osGetLastError(),
+ "winFullPathname4", zRelative);
+ }
+ sqlite3_free(zConverted);
+ zOut = sqlite3_win32_mbcs_to_utf8(zTemp);
+ sqlite3_free(zTemp);
+ }
+#endif
+ if( zOut ){
+ sqlite3_snprintf(MIN(nFull, pVfs->mxPathname), zFull, "%s", zOut);
+ sqlite3_free(zOut);
+ return SQLITE_OK;
+ }else{
+ return SQLITE_IOERR_NOMEM;
+ }
+#endif
+}
+
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+/*
+** Interfaces for opening a shared library, finding entry points
+** within the shared library, and closing the shared library.
+*/
+static void *winDlOpen(sqlite3_vfs *pVfs, const char *zFilename){
+ HANDLE h;
+#if defined(__CYGWIN__)
+ int nFull = pVfs->mxPathname+1;
+ char *zFull = sqlite3MallocZero( nFull );
+ void *zConverted = 0;
+ if( zFull==0 ){
+ OSTRACE(("DLOPEN name=%s, handle=%p\n", zFilename, (void*)0));
+ return 0;
+ }
+ if( winFullPathname(pVfs, zFilename, nFull, zFull)!=SQLITE_OK ){
+ sqlite3_free(zFull);
+ OSTRACE(("DLOPEN name=%s, handle=%p\n", zFilename, (void*)0));
+ return 0;
+ }
+ zConverted = winConvertFromUtf8Filename(zFull);
+ sqlite3_free(zFull);
+#else
+ void *zConverted = winConvertFromUtf8Filename(zFilename);
+ UNUSED_PARAMETER(pVfs);
+#endif
+ if( zConverted==0 ){
+ OSTRACE(("DLOPEN name=%s, handle=%p\n", zFilename, (void*)0));
+ return 0;
+ }
+ if( osIsNT() ){
+#if SQLITE_OS_WINRT
+ h = osLoadPackagedLibrary((LPCWSTR)zConverted, 0);
+#else
+ h = osLoadLibraryW((LPCWSTR)zConverted);
+#endif
+ }
+#ifdef SQLITE_WIN32_HAS_ANSI
+ else{
+ h = osLoadLibraryA((char*)zConverted);
+ }
+#endif
+ OSTRACE(("DLOPEN name=%s, handle=%p\n", zFilename, (void*)h));
+ sqlite3_free(zConverted);
+ return (void*)h;
+}
+static void winDlError(sqlite3_vfs *pVfs, int nBuf, char *zBufOut){
+ UNUSED_PARAMETER(pVfs);
+ winGetLastErrorMsg(osGetLastError(), nBuf, zBufOut);
+}
+static void (*winDlSym(sqlite3_vfs *pVfs,void *pH,const char *zSym))(void){
+ FARPROC proc;
+ UNUSED_PARAMETER(pVfs);
+ proc = osGetProcAddressA((HANDLE)pH, zSym);
+ OSTRACE(("DLSYM handle=%p, symbol=%s, address=%p\n",
+ (void*)pH, zSym, (void*)proc));
+ return (void(*)(void))proc;
+}
+static void winDlClose(sqlite3_vfs *pVfs, void *pHandle){
+ UNUSED_PARAMETER(pVfs);
+ osFreeLibrary((HANDLE)pHandle);
+ OSTRACE(("DLCLOSE handle=%p\n", (void*)pHandle));
+}
+#else /* if SQLITE_OMIT_LOAD_EXTENSION is defined: */
+ #define winDlOpen 0
+ #define winDlError 0
+ #define winDlSym 0
+ #define winDlClose 0
+#endif
+
+
+/*
+** Write up to nBuf bytes of randomness into zBuf.
+*/
+static int winRandomness(sqlite3_vfs *pVfs, int nBuf, char *zBuf){
+ int n = 0;
+ UNUSED_PARAMETER(pVfs);
+#if defined(SQLITE_TEST) || defined(SQLITE_OMIT_RANDOMNESS)
+ n = nBuf;
+ memset(zBuf, 0, nBuf);
+#else
+ if( sizeof(SYSTEMTIME)<=nBuf-n ){
+ SYSTEMTIME x;
+ osGetSystemTime(&x);
+ memcpy(&zBuf[n], &x, sizeof(x));
+ n += sizeof(x);
+ }
+ if( sizeof(DWORD)<=nBuf-n ){
+ DWORD pid = osGetCurrentProcessId();
+ memcpy(&zBuf[n], &pid, sizeof(pid));
+ n += sizeof(pid);
+ }
+#if SQLITE_OS_WINRT
+ if( sizeof(ULONGLONG)<=nBuf-n ){
+ ULONGLONG cnt = osGetTickCount64();
+ memcpy(&zBuf[n], &cnt, sizeof(cnt));
+ n += sizeof(cnt);
+ }
+#else
+ if( sizeof(DWORD)<=nBuf-n ){
+ DWORD cnt = osGetTickCount();
+ memcpy(&zBuf[n], &cnt, sizeof(cnt));
+ n += sizeof(cnt);
+ }
+#endif
+ if( sizeof(LARGE_INTEGER)<=nBuf-n ){
+ LARGE_INTEGER i;
+ osQueryPerformanceCounter(&i);
+ memcpy(&zBuf[n], &i, sizeof(i));
+ n += sizeof(i);
+ }
+#if !SQLITE_OS_WINCE && !SQLITE_OS_WINRT && SQLITE_WIN32_USE_UUID
+ if( sizeof(UUID)<=nBuf-n ){
+ UUID id;
+ memset(&id, 0, sizeof(UUID));
+ osUuidCreate(&id);
+ memcpy(&zBuf[n], &id, sizeof(UUID));
+ n += sizeof(UUID);
+ }
+ if( sizeof(UUID)<=nBuf-n ){
+ UUID id;
+ memset(&id, 0, sizeof(UUID));
+ osUuidCreateSequential(&id);
+ memcpy(&zBuf[n], &id, sizeof(UUID));
+ n += sizeof(UUID);
+ }
+#endif
+#endif /* defined(SQLITE_TEST) || defined(SQLITE_ZERO_PRNG_SEED) */
+ return n;
+}
+
+
+/*
+** Sleep for a little while. Return the amount of time slept.
+*/
+static int winSleep(sqlite3_vfs *pVfs, int microsec){
+ sqlite3_win32_sleep((microsec+999)/1000);
+ UNUSED_PARAMETER(pVfs);
+ return ((microsec+999)/1000)*1000;
+}
+
+/*
+** The following variable, if set to a non-zero value, is interpreted as
+** the number of seconds since 1970 and is used to set the result of
+** sqlite3OsCurrentTime() during testing.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_current_time = 0; /* Fake system time in seconds since 1970. */
+#endif
+
+/*
+** Find the current time (in Universal Coordinated Time). Write into *piNow
+** the current time and date as a Julian Day number times 86_400_000. In
+** other words, write into *piNow the number of milliseconds since the Julian
+** epoch of noon in Greenwich on November 24, 4714 B.C according to the
+** proleptic Gregorian calendar.
+**
+** On success, return SQLITE_OK. Return SQLITE_ERROR if the time and date
+** cannot be found.
+*/
+static int winCurrentTimeInt64(sqlite3_vfs *pVfs, sqlite3_int64 *piNow){
+ /* FILETIME structure is a 64-bit value representing the number of
+ 100-nanosecond intervals since January 1, 1601 (= JD 2305813.5).
+ */
+ FILETIME ft;
+ static const sqlite3_int64 winFiletimeEpoch = 23058135*(sqlite3_int64)8640000;
+#ifdef SQLITE_TEST
+ static const sqlite3_int64 unixEpoch = 24405875*(sqlite3_int64)8640000;
+#endif
+ /* 2^32 - to avoid use of LL and warnings in gcc */
+ static const sqlite3_int64 max32BitValue =
+ (sqlite3_int64)2000000000 + (sqlite3_int64)2000000000 +
+ (sqlite3_int64)294967296;
+
+#if SQLITE_OS_WINCE
+ SYSTEMTIME time;
+ osGetSystemTime(&time);
+ /* if SystemTimeToFileTime() fails, it returns zero. */
+ if (!osSystemTimeToFileTime(&time,&ft)){
+ return SQLITE_ERROR;
+ }
+#else
+ osGetSystemTimeAsFileTime( &ft );
+#endif
+
+ *piNow = winFiletimeEpoch +
+ ((((sqlite3_int64)ft.dwHighDateTime)*max32BitValue) +
+ (sqlite3_int64)ft.dwLowDateTime)/(sqlite3_int64)10000;
+
+#ifdef SQLITE_TEST
+ if( sqlite3_current_time ){
+ *piNow = 1000*(sqlite3_int64)sqlite3_current_time + unixEpoch;
+ }
+#endif
+ UNUSED_PARAMETER(pVfs);
+ return SQLITE_OK;
+}
+
+/*
+** Find the current time (in Universal Coordinated Time). Write the
+** current time and date as a Julian Day number into *prNow and
+** return 0. Return 1 if the time and date cannot be found.
+*/
+static int winCurrentTime(sqlite3_vfs *pVfs, double *prNow){
+ int rc;
+ sqlite3_int64 i;
+ rc = winCurrentTimeInt64(pVfs, &i);
+ if( !rc ){
+ *prNow = i/86400000.0;
+ }
+ return rc;
+}
+
+/*
+** The idea is that this function works like a combination of
+** GetLastError() and FormatMessage() on Windows (or errno and
+** strerror_r() on Unix). After an error is returned by an OS
+** function, SQLite calls this function with zBuf pointing to
+** a buffer of nBuf bytes. The OS layer should populate the
+** buffer with a nul-terminated UTF-8 encoded error message
+** describing the last IO error to have occurred within the calling
+** thread.
+**
+** If the error message is too large for the supplied buffer,
+** it should be truncated. The return value of xGetLastError
+** is zero if the error message fits in the buffer, or non-zero
+** otherwise (if the message was truncated). If non-zero is returned,
+** then it is not necessary to include the nul-terminator character
+** in the output buffer.
+**
+** Not supplying an error message will have no adverse effect
+** on SQLite. It is fine to have an implementation that never
+** returns an error message:
+**
+** int xGetLastError(sqlite3_vfs *pVfs, int nBuf, char *zBuf){
+** assert(zBuf[0]=='\0');
+** return 0;
+** }
+**
+** However if an error message is supplied, it will be incorporated
+** by sqlite into the error message available to the user using
+** sqlite3_errmsg(), possibly making IO errors easier to debug.
+*/
+static int winGetLastError(sqlite3_vfs *pVfs, int nBuf, char *zBuf){
+ UNUSED_PARAMETER(pVfs);
+ return winGetLastErrorMsg(osGetLastError(), nBuf, zBuf);
+}
+
+/*
+** Initialize and deinitialize the operating system interface.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_os_init(void){
+ static sqlite3_vfs winVfs = {
+ 3, /* iVersion */
+ sizeof(winFile), /* szOsFile */
+ SQLITE_WIN32_MAX_PATH_BYTES, /* mxPathname */
+ 0, /* pNext */
+ "win32", /* zName */
+ 0, /* pAppData */
+ winOpen, /* xOpen */
+ winDelete, /* xDelete */
+ winAccess, /* xAccess */
+ winFullPathname, /* xFullPathname */
+ winDlOpen, /* xDlOpen */
+ winDlError, /* xDlError */
+ winDlSym, /* xDlSym */
+ winDlClose, /* xDlClose */
+ winRandomness, /* xRandomness */
+ winSleep, /* xSleep */
+ winCurrentTime, /* xCurrentTime */
+ winGetLastError, /* xGetLastError */
+ winCurrentTimeInt64, /* xCurrentTimeInt64 */
+ winSetSystemCall, /* xSetSystemCall */
+ winGetSystemCall, /* xGetSystemCall */
+ winNextSystemCall, /* xNextSystemCall */
+ };
+#if defined(SQLITE_WIN32_HAS_WIDE)
+ static sqlite3_vfs winLongPathVfs = {
+ 3, /* iVersion */
+ sizeof(winFile), /* szOsFile */
+ SQLITE_WINNT_MAX_PATH_BYTES, /* mxPathname */
+ 0, /* pNext */
+ "win32-longpath", /* zName */
+ 0, /* pAppData */
+ winOpen, /* xOpen */
+ winDelete, /* xDelete */
+ winAccess, /* xAccess */
+ winFullPathname, /* xFullPathname */
+ winDlOpen, /* xDlOpen */
+ winDlError, /* xDlError */
+ winDlSym, /* xDlSym */
+ winDlClose, /* xDlClose */
+ winRandomness, /* xRandomness */
+ winSleep, /* xSleep */
+ winCurrentTime, /* xCurrentTime */
+ winGetLastError, /* xGetLastError */
+ winCurrentTimeInt64, /* xCurrentTimeInt64 */
+ winSetSystemCall, /* xSetSystemCall */
+ winGetSystemCall, /* xGetSystemCall */
+ winNextSystemCall, /* xNextSystemCall */
+ };
+#endif
+
+ /* Double-check that the aSyscall[] array has been constructed
+ ** correctly. See ticket [bb3a86e890c8e96ab] */
+ assert( ArraySize(aSyscall)==80 );
+
+ /* get memory map allocation granularity */
+ memset(&winSysInfo, 0, sizeof(SYSTEM_INFO));
+#if SQLITE_OS_WINRT
+ osGetNativeSystemInfo(&winSysInfo);
+#else
+ osGetSystemInfo(&winSysInfo);
+#endif
+ assert( winSysInfo.dwAllocationGranularity>0 );
+ assert( winSysInfo.dwPageSize>0 );
+
+ sqlite3_vfs_register(&winVfs, 1);
+
+#if defined(SQLITE_WIN32_HAS_WIDE)
+ sqlite3_vfs_register(&winLongPathVfs, 0);
+#endif
+
+ return SQLITE_OK;
+}
+
+SQLITE_API int SQLITE_STDCALL sqlite3_os_end(void){
+#if SQLITE_OS_WINRT
+ if( sleepObj!=NULL ){
+ osCloseHandle(sleepObj);
+ sleepObj = NULL;
+ }
+#endif
+ return SQLITE_OK;
+}
+
+#endif /* SQLITE_OS_WIN */
+
+/************** End of os_win.c **********************************************/
+/************** Begin file bitvec.c ******************************************/
+/*
+** 2008 February 16
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file implements an object that represents a fixed-length
+** bitmap. Bits are numbered starting with 1.
+**
+** A bitmap is used to record which pages of a database file have been
+** journalled during a transaction, or which pages have the "dont-write"
+** property. Usually only a few pages are meet either condition.
+** So the bitmap is usually sparse and has low cardinality.
+** But sometimes (for example when during a DROP of a large table) most
+** or all of the pages in a database can get journalled. In those cases,
+** the bitmap becomes dense with high cardinality. The algorithm needs
+** to handle both cases well.
+**
+** The size of the bitmap is fixed when the object is created.
+**
+** All bits are clear when the bitmap is created. Individual bits
+** may be set or cleared one at a time.
+**
+** Test operations are about 100 times more common that set operations.
+** Clear operations are exceedingly rare. There are usually between
+** 5 and 500 set operations per Bitvec object, though the number of sets can
+** sometimes grow into tens of thousands or larger. The size of the
+** Bitvec object is the number of pages in the database file at the
+** start of a transaction, and is thus usually less than a few thousand,
+** but can be as large as 2 billion for a really big database.
+*/
+/* #include "sqliteInt.h" */
+
+/* Size of the Bitvec structure in bytes. */
+#define BITVEC_SZ 512
+
+/* Round the union size down to the nearest pointer boundary, since that's how
+** it will be aligned within the Bitvec struct. */
+#define BITVEC_USIZE \
+ (((BITVEC_SZ-(3*sizeof(u32)))/sizeof(Bitvec*))*sizeof(Bitvec*))
+
+/* Type of the array "element" for the bitmap representation.
+** Should be a power of 2, and ideally, evenly divide into BITVEC_USIZE.
+** Setting this to the "natural word" size of your CPU may improve
+** performance. */
+#define BITVEC_TELEM u8
+/* Size, in bits, of the bitmap element. */
+#define BITVEC_SZELEM 8
+/* Number of elements in a bitmap array. */
+#define BITVEC_NELEM (BITVEC_USIZE/sizeof(BITVEC_TELEM))
+/* Number of bits in the bitmap array. */
+#define BITVEC_NBIT (BITVEC_NELEM*BITVEC_SZELEM)
+
+/* Number of u32 values in hash table. */
+#define BITVEC_NINT (BITVEC_USIZE/sizeof(u32))
+/* Maximum number of entries in hash table before
+** sub-dividing and re-hashing. */
+#define BITVEC_MXHASH (BITVEC_NINT/2)
+/* Hashing function for the aHash representation.
+** Empirical testing showed that the *37 multiplier
+** (an arbitrary prime)in the hash function provided
+** no fewer collisions than the no-op *1. */
+#define BITVEC_HASH(X) (((X)*1)%BITVEC_NINT)
+
+#define BITVEC_NPTR (BITVEC_USIZE/sizeof(Bitvec *))
+
+
+/*
+** A bitmap is an instance of the following structure.
+**
+** This bitmap records the existence of zero or more bits
+** with values between 1 and iSize, inclusive.
+**
+** There are three possible representations of the bitmap.
+** If iSize<=BITVEC_NBIT, then Bitvec.u.aBitmap[] is a straight
+** bitmap. The least significant bit is bit 1.
+**
+** If iSize>BITVEC_NBIT and iDivisor==0 then Bitvec.u.aHash[] is
+** a hash table that will hold up to BITVEC_MXHASH distinct values.
+**
+** Otherwise, the value i is redirected into one of BITVEC_NPTR
+** sub-bitmaps pointed to by Bitvec.u.apSub[]. Each subbitmap
+** handles up to iDivisor separate values of i. apSub[0] holds
+** values between 1 and iDivisor. apSub[1] holds values between
+** iDivisor+1 and 2*iDivisor. apSub[N] holds values between
+** N*iDivisor+1 and (N+1)*iDivisor. Each subbitmap is normalized
+** to hold deal with values between 1 and iDivisor.
+*/
+struct Bitvec {
+ u32 iSize; /* Maximum bit index. Max iSize is 4,294,967,296. */
+ u32 nSet; /* Number of bits that are set - only valid for aHash
+ ** element. Max is BITVEC_NINT. For BITVEC_SZ of 512,
+ ** this would be 125. */
+ u32 iDivisor; /* Number of bits handled by each apSub[] entry. */
+ /* Should >=0 for apSub element. */
+ /* Max iDivisor is max(u32) / BITVEC_NPTR + 1. */
+ /* For a BITVEC_SZ of 512, this would be 34,359,739. */
+ union {
+ BITVEC_TELEM aBitmap[BITVEC_NELEM]; /* Bitmap representation */
+ u32 aHash[BITVEC_NINT]; /* Hash table representation */
+ Bitvec *apSub[BITVEC_NPTR]; /* Recursive representation */
+ } u;
+};
+
+/*
+** Create a new bitmap object able to handle bits between 0 and iSize,
+** inclusive. Return a pointer to the new object. Return NULL if
+** malloc fails.
+*/
+SQLITE_PRIVATE Bitvec *sqlite3BitvecCreate(u32 iSize){
+ Bitvec *p;
+ assert( sizeof(*p)==BITVEC_SZ );
+ p = sqlite3MallocZero( sizeof(*p) );
+ if( p ){
+ p->iSize = iSize;
+ }
+ return p;
+}
+
+/*
+** Check to see if the i-th bit is set. Return true or false.
+** If p is NULL (if the bitmap has not been created) or if
+** i is out of range, then return false.
+*/
+SQLITE_PRIVATE int sqlite3BitvecTestNotNull(Bitvec *p, u32 i){
+ assert( p!=0 );
+ i--;
+ if( i>=p->iSize ) return 0;
+ while( p->iDivisor ){
+ u32 bin = i/p->iDivisor;
+ i = i%p->iDivisor;
+ p = p->u.apSub[bin];
+ if (!p) {
+ return 0;
+ }
+ }
+ if( p->iSize<=BITVEC_NBIT ){
+ return (p->u.aBitmap[i/BITVEC_SZELEM] & (1<<(i&(BITVEC_SZELEM-1))))!=0;
+ } else{
+ u32 h = BITVEC_HASH(i++);
+ while( p->u.aHash[h] ){
+ if( p->u.aHash[h]==i ) return 1;
+ h = (h+1) % BITVEC_NINT;
+ }
+ return 0;
+ }
+}
+SQLITE_PRIVATE int sqlite3BitvecTest(Bitvec *p, u32 i){
+ return p!=0 && sqlite3BitvecTestNotNull(p,i);
+}
+
+/*
+** Set the i-th bit. Return 0 on success and an error code if
+** anything goes wrong.
+**
+** This routine might cause sub-bitmaps to be allocated. Failing
+** to get the memory needed to hold the sub-bitmap is the only
+** that can go wrong with an insert, assuming p and i are valid.
+**
+** The calling function must ensure that p is a valid Bitvec object
+** and that the value for "i" is within range of the Bitvec object.
+** Otherwise the behavior is undefined.
+*/
+SQLITE_PRIVATE int sqlite3BitvecSet(Bitvec *p, u32 i){
+ u32 h;
+ if( p==0 ) return SQLITE_OK;
+ assert( i>0 );
+ assert( i<=p->iSize );
+ i--;
+ while((p->iSize > BITVEC_NBIT) && p->iDivisor) {
+ u32 bin = i/p->iDivisor;
+ i = i%p->iDivisor;
+ if( p->u.apSub[bin]==0 ){
+ p->u.apSub[bin] = sqlite3BitvecCreate( p->iDivisor );
+ if( p->u.apSub[bin]==0 ) return SQLITE_NOMEM;
+ }
+ p = p->u.apSub[bin];
+ }
+ if( p->iSize<=BITVEC_NBIT ){
+ p->u.aBitmap[i/BITVEC_SZELEM] |= 1 << (i&(BITVEC_SZELEM-1));
+ return SQLITE_OK;
+ }
+ h = BITVEC_HASH(i++);
+ /* if there wasn't a hash collision, and this doesn't */
+ /* completely fill the hash, then just add it without */
+ /* worring about sub-dividing and re-hashing. */
+ if( !p->u.aHash[h] ){
+ if (p->nSet<(BITVEC_NINT-1)) {
+ goto bitvec_set_end;
+ } else {
+ goto bitvec_set_rehash;
+ }
+ }
+ /* there was a collision, check to see if it's already */
+ /* in hash, if not, try to find a spot for it */
+ do {
+ if( p->u.aHash[h]==i ) return SQLITE_OK;
+ h++;
+ if( h>=BITVEC_NINT ) h = 0;
+ } while( p->u.aHash[h] );
+ /* we didn't find it in the hash. h points to the first */
+ /* available free spot. check to see if this is going to */
+ /* make our hash too "full". */
+bitvec_set_rehash:
+ if( p->nSet>=BITVEC_MXHASH ){
+ unsigned int j;
+ int rc;
+ u32 *aiValues = sqlite3StackAllocRaw(0, sizeof(p->u.aHash));
+ if( aiValues==0 ){
+ return SQLITE_NOMEM;
+ }else{
+ memcpy(aiValues, p->u.aHash, sizeof(p->u.aHash));
+ memset(p->u.apSub, 0, sizeof(p->u.apSub));
+ p->iDivisor = (p->iSize + BITVEC_NPTR - 1)/BITVEC_NPTR;
+ rc = sqlite3BitvecSet(p, i);
+ for(j=0; j<BITVEC_NINT; j++){
+ if( aiValues[j] ) rc |= sqlite3BitvecSet(p, aiValues[j]);
+ }
+ sqlite3StackFree(0, aiValues);
+ return rc;
+ }
+ }
+bitvec_set_end:
+ p->nSet++;
+ p->u.aHash[h] = i;
+ return SQLITE_OK;
+}
+
+/*
+** Clear the i-th bit.
+**
+** pBuf must be a pointer to at least BITVEC_SZ bytes of temporary storage
+** that BitvecClear can use to rebuilt its hash table.
+*/
+SQLITE_PRIVATE void sqlite3BitvecClear(Bitvec *p, u32 i, void *pBuf){
+ if( p==0 ) return;
+ assert( i>0 );
+ i--;
+ while( p->iDivisor ){
+ u32 bin = i/p->iDivisor;
+ i = i%p->iDivisor;
+ p = p->u.apSub[bin];
+ if (!p) {
+ return;
+ }
+ }
+ if( p->iSize<=BITVEC_NBIT ){
+ p->u.aBitmap[i/BITVEC_SZELEM] &= ~(1 << (i&(BITVEC_SZELEM-1)));
+ }else{
+ unsigned int j;
+ u32 *aiValues = pBuf;
+ memcpy(aiValues, p->u.aHash, sizeof(p->u.aHash));
+ memset(p->u.aHash, 0, sizeof(p->u.aHash));
+ p->nSet = 0;
+ for(j=0; j<BITVEC_NINT; j++){
+ if( aiValues[j] && aiValues[j]!=(i+1) ){
+ u32 h = BITVEC_HASH(aiValues[j]-1);
+ p->nSet++;
+ while( p->u.aHash[h] ){
+ h++;
+ if( h>=BITVEC_NINT ) h = 0;
+ }
+ p->u.aHash[h] = aiValues[j];
+ }
+ }
+ }
+}
+
+/*
+** Destroy a bitmap object. Reclaim all memory used.
+*/
+SQLITE_PRIVATE void sqlite3BitvecDestroy(Bitvec *p){
+ if( p==0 ) return;
+ if( p->iDivisor ){
+ unsigned int i;
+ for(i=0; i<BITVEC_NPTR; i++){
+ sqlite3BitvecDestroy(p->u.apSub[i]);
+ }
+ }
+ sqlite3_free(p);
+}
+
+/*
+** Return the value of the iSize parameter specified when Bitvec *p
+** was created.
+*/
+SQLITE_PRIVATE u32 sqlite3BitvecSize(Bitvec *p){
+ return p->iSize;
+}
+
+#ifndef SQLITE_OMIT_BUILTIN_TEST
+/*
+** Let V[] be an array of unsigned characters sufficient to hold
+** up to N bits. Let I be an integer between 0 and N. 0<=I<N.
+** Then the following macros can be used to set, clear, or test
+** individual bits within V.
+*/
+#define SETBIT(V,I) V[I>>3] |= (1<<(I&7))
+#define CLEARBIT(V,I) V[I>>3] &= ~(1<<(I&7))
+#define TESTBIT(V,I) (V[I>>3]&(1<<(I&7)))!=0
+
+/*
+** This routine runs an extensive test of the Bitvec code.
+**
+** The input is an array of integers that acts as a program
+** to test the Bitvec. The integers are opcodes followed
+** by 0, 1, or 3 operands, depending on the opcode. Another
+** opcode follows immediately after the last operand.
+**
+** There are 6 opcodes numbered from 0 through 5. 0 is the
+** "halt" opcode and causes the test to end.
+**
+** 0 Halt and return the number of errors
+** 1 N S X Set N bits beginning with S and incrementing by X
+** 2 N S X Clear N bits beginning with S and incrementing by X
+** 3 N Set N randomly chosen bits
+** 4 N Clear N randomly chosen bits
+** 5 N S X Set N bits from S increment X in array only, not in bitvec
+**
+** The opcodes 1 through 4 perform set and clear operations are performed
+** on both a Bitvec object and on a linear array of bits obtained from malloc.
+** Opcode 5 works on the linear array only, not on the Bitvec.
+** Opcode 5 is used to deliberately induce a fault in order to
+** confirm that error detection works.
+**
+** At the conclusion of the test the linear array is compared
+** against the Bitvec object. If there are any differences,
+** an error is returned. If they are the same, zero is returned.
+**
+** If a memory allocation error occurs, return -1.
+*/
+SQLITE_PRIVATE int sqlite3BitvecBuiltinTest(int sz, int *aOp){
+ Bitvec *pBitvec = 0;
+ unsigned char *pV = 0;
+ int rc = -1;
+ int i, nx, pc, op;
+ void *pTmpSpace;
+
+ /* Allocate the Bitvec to be tested and a linear array of
+ ** bits to act as the reference */
+ pBitvec = sqlite3BitvecCreate( sz );
+ pV = sqlite3MallocZero( (sz+7)/8 + 1 );
+ pTmpSpace = sqlite3_malloc64(BITVEC_SZ);
+ if( pBitvec==0 || pV==0 || pTmpSpace==0 ) goto bitvec_end;
+
+ /* NULL pBitvec tests */
+ sqlite3BitvecSet(0, 1);
+ sqlite3BitvecClear(0, 1, pTmpSpace);
+
+ /* Run the program */
+ pc = 0;
+ while( (op = aOp[pc])!=0 ){
+ switch( op ){
+ case 1:
+ case 2:
+ case 5: {
+ nx = 4;
+ i = aOp[pc+2] - 1;
+ aOp[pc+2] += aOp[pc+3];
+ break;
+ }
+ case 3:
+ case 4:
+ default: {
+ nx = 2;
+ sqlite3_randomness(sizeof(i), &i);
+ break;
+ }
+ }
+ if( (--aOp[pc+1]) > 0 ) nx = 0;
+ pc += nx;
+ i = (i & 0x7fffffff)%sz;
+ if( (op & 1)!=0 ){
+ SETBIT(pV, (i+1));
+ if( op!=5 ){
+ if( sqlite3BitvecSet(pBitvec, i+1) ) goto bitvec_end;
+ }
+ }else{
+ CLEARBIT(pV, (i+1));
+ sqlite3BitvecClear(pBitvec, i+1, pTmpSpace);
+ }
+ }
+
+ /* Test to make sure the linear array exactly matches the
+ ** Bitvec object. Start with the assumption that they do
+ ** match (rc==0). Change rc to non-zero if a discrepancy
+ ** is found.
+ */
+ rc = sqlite3BitvecTest(0,0) + sqlite3BitvecTest(pBitvec, sz+1)
+ + sqlite3BitvecTest(pBitvec, 0)
+ + (sqlite3BitvecSize(pBitvec) - sz);
+ for(i=1; i<=sz; i++){
+ if( (TESTBIT(pV,i))!=sqlite3BitvecTest(pBitvec,i) ){
+ rc = i;
+ break;
+ }
+ }
+
+ /* Free allocated structure */
+bitvec_end:
+ sqlite3_free(pTmpSpace);
+ sqlite3_free(pV);
+ sqlite3BitvecDestroy(pBitvec);
+ return rc;
+}
+#endif /* SQLITE_OMIT_BUILTIN_TEST */
+
+/************** End of bitvec.c **********************************************/
+/************** Begin file pcache.c ******************************************/
+/*
+** 2008 August 05
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file implements that page cache.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** A complete page cache is an instance of this structure.
+*/
+struct PCache {
+ PgHdr *pDirty, *pDirtyTail; /* List of dirty pages in LRU order */
+ PgHdr *pSynced; /* Last synced page in dirty page list */
+ int nRefSum; /* Sum of ref counts over all pages */
+ int szCache; /* Configured cache size */
+ int szSpill; /* Size before spilling occurs */
+ int szPage; /* Size of every page in this cache */
+ int szExtra; /* Size of extra space for each page */
+ u8 bPurgeable; /* True if pages are on backing store */
+ u8 eCreate; /* eCreate value for for xFetch() */
+ int (*xStress)(void*,PgHdr*); /* Call to try make a page clean */
+ void *pStress; /* Argument to xStress */
+ sqlite3_pcache *pCache; /* Pluggable cache module */
+};
+
+/********************************** Linked List Management ********************/
+
+/* Allowed values for second argument to pcacheManageDirtyList() */
+#define PCACHE_DIRTYLIST_REMOVE 1 /* Remove pPage from dirty list */
+#define PCACHE_DIRTYLIST_ADD 2 /* Add pPage to the dirty list */
+#define PCACHE_DIRTYLIST_FRONT 3 /* Move pPage to the front of the list */
+
+/*
+** Manage pPage's participation on the dirty list. Bits of the addRemove
+** argument determines what operation to do. The 0x01 bit means first
+** remove pPage from the dirty list. The 0x02 means add pPage back to
+** the dirty list. Doing both moves pPage to the front of the dirty list.
+*/
+static void pcacheManageDirtyList(PgHdr *pPage, u8 addRemove){
+ PCache *p = pPage->pCache;
+
+ if( addRemove & PCACHE_DIRTYLIST_REMOVE ){
+ assert( pPage->pDirtyNext || pPage==p->pDirtyTail );
+ assert( pPage->pDirtyPrev || pPage==p->pDirty );
+
+ /* Update the PCache1.pSynced variable if necessary. */
+ if( p->pSynced==pPage ){
+ PgHdr *pSynced = pPage->pDirtyPrev;
+ while( pSynced && (pSynced->flags&PGHDR_NEED_SYNC) ){
+ pSynced = pSynced->pDirtyPrev;
+ }
+ p->pSynced = pSynced;
+ }
+
+ if( pPage->pDirtyNext ){
+ pPage->pDirtyNext->pDirtyPrev = pPage->pDirtyPrev;
+ }else{
+ assert( pPage==p->pDirtyTail );
+ p->pDirtyTail = pPage->pDirtyPrev;
+ }
+ if( pPage->pDirtyPrev ){
+ pPage->pDirtyPrev->pDirtyNext = pPage->pDirtyNext;
+ }else{
+ assert( pPage==p->pDirty );
+ p->pDirty = pPage->pDirtyNext;
+ if( p->pDirty==0 && p->bPurgeable ){
+ assert( p->eCreate==1 );
+ p->eCreate = 2;
+ }
+ }
+ pPage->pDirtyNext = 0;
+ pPage->pDirtyPrev = 0;
+ }
+ if( addRemove & PCACHE_DIRTYLIST_ADD ){
+ assert( pPage->pDirtyNext==0 && pPage->pDirtyPrev==0 && p->pDirty!=pPage );
+
+ pPage->pDirtyNext = p->pDirty;
+ if( pPage->pDirtyNext ){
+ assert( pPage->pDirtyNext->pDirtyPrev==0 );
+ pPage->pDirtyNext->pDirtyPrev = pPage;
+ }else{
+ p->pDirtyTail = pPage;
+ if( p->bPurgeable ){
+ assert( p->eCreate==2 );
+ p->eCreate = 1;
+ }
+ }
+ p->pDirty = pPage;
+ if( !p->pSynced && 0==(pPage->flags&PGHDR_NEED_SYNC) ){
+ p->pSynced = pPage;
+ }
+ }
+}
+
+/*
+** Wrapper around the pluggable caches xUnpin method. If the cache is
+** being used for an in-memory database, this function is a no-op.
+*/
+static void pcacheUnpin(PgHdr *p){
+ if( p->pCache->bPurgeable ){
+ sqlite3GlobalConfig.pcache2.xUnpin(p->pCache->pCache, p->pPage, 0);
+ }
+}
+
+/*
+** Compute the number of pages of cache requested. p->szCache is the
+** cache size requested by the "PRAGMA cache_size" statement.
+*/
+static int numberOfCachePages(PCache *p){
+ if( p->szCache>=0 ){
+ /* IMPLEMENTATION-OF: R-42059-47211 If the argument N is positive then the
+ ** suggested cache size is set to N. */
+ return p->szCache;
+ }else{
+ /* IMPLEMENTATION-OF: R-61436-13639 If the argument N is negative, then
+ ** the number of cache pages is adjusted to use approximately abs(N*1024)
+ ** bytes of memory. */
+ return (int)((-1024*(i64)p->szCache)/(p->szPage+p->szExtra));
+ }
+}
+
+/*************************************************** General Interfaces ******
+**
+** Initialize and shutdown the page cache subsystem. Neither of these
+** functions are threadsafe.
+*/
+SQLITE_PRIVATE int sqlite3PcacheInitialize(void){
+ if( sqlite3GlobalConfig.pcache2.xInit==0 ){
+ /* IMPLEMENTATION-OF: R-26801-64137 If the xInit() method is NULL, then the
+ ** built-in default page cache is used instead of the application defined
+ ** page cache. */
+ sqlite3PCacheSetDefault();
+ }
+ return sqlite3GlobalConfig.pcache2.xInit(sqlite3GlobalConfig.pcache2.pArg);
+}
+SQLITE_PRIVATE void sqlite3PcacheShutdown(void){
+ if( sqlite3GlobalConfig.pcache2.xShutdown ){
+ /* IMPLEMENTATION-OF: R-26000-56589 The xShutdown() method may be NULL. */
+ sqlite3GlobalConfig.pcache2.xShutdown(sqlite3GlobalConfig.pcache2.pArg);
+ }
+}
+
+/*
+** Return the size in bytes of a PCache object.
+*/
+SQLITE_PRIVATE int sqlite3PcacheSize(void){ return sizeof(PCache); }
+
+/*
+** Create a new PCache object. Storage space to hold the object
+** has already been allocated and is passed in as the p pointer.
+** The caller discovers how much space needs to be allocated by
+** calling sqlite3PcacheSize().
+*/
+SQLITE_PRIVATE int sqlite3PcacheOpen(
+ int szPage, /* Size of every page */
+ int szExtra, /* Extra space associated with each page */
+ int bPurgeable, /* True if pages are on backing store */
+ int (*xStress)(void*,PgHdr*),/* Call to try to make pages clean */
+ void *pStress, /* Argument to xStress */
+ PCache *p /* Preallocated space for the PCache */
+){
+ memset(p, 0, sizeof(PCache));
+ p->szPage = 1;
+ p->szExtra = szExtra;
+ p->bPurgeable = bPurgeable;
+ p->eCreate = 2;
+ p->xStress = xStress;
+ p->pStress = pStress;
+ p->szCache = 100;
+ p->szSpill = 1;
+ return sqlite3PcacheSetPageSize(p, szPage);
+}
+
+/*
+** Change the page size for PCache object. The caller must ensure that there
+** are no outstanding page references when this function is called.
+*/
+SQLITE_PRIVATE int sqlite3PcacheSetPageSize(PCache *pCache, int szPage){
+ assert( pCache->nRefSum==0 && pCache->pDirty==0 );
+ if( pCache->szPage ){
+ sqlite3_pcache *pNew;
+ pNew = sqlite3GlobalConfig.pcache2.xCreate(
+ szPage, pCache->szExtra + ROUND8(sizeof(PgHdr)),
+ pCache->bPurgeable
+ );
+ if( pNew==0 ) return SQLITE_NOMEM;
+ sqlite3GlobalConfig.pcache2.xCachesize(pNew, numberOfCachePages(pCache));
+ if( pCache->pCache ){
+ sqlite3GlobalConfig.pcache2.xDestroy(pCache->pCache);
+ }
+ pCache->pCache = pNew;
+ pCache->szPage = szPage;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Try to obtain a page from the cache.
+**
+** This routine returns a pointer to an sqlite3_pcache_page object if
+** such an object is already in cache, or if a new one is created.
+** This routine returns a NULL pointer if the object was not in cache
+** and could not be created.
+**
+** The createFlags should be 0 to check for existing pages and should
+** be 3 (not 1, but 3) to try to create a new page.
+**
+** If the createFlag is 0, then NULL is always returned if the page
+** is not already in the cache. If createFlag is 1, then a new page
+** is created only if that can be done without spilling dirty pages
+** and without exceeding the cache size limit.
+**
+** The caller needs to invoke sqlite3PcacheFetchFinish() to properly
+** initialize the sqlite3_pcache_page object and convert it into a
+** PgHdr object. The sqlite3PcacheFetch() and sqlite3PcacheFetchFinish()
+** routines are split this way for performance reasons. When separated
+** they can both (usually) operate without having to push values to
+** the stack on entry and pop them back off on exit, which saves a
+** lot of pushing and popping.
+*/
+SQLITE_PRIVATE sqlite3_pcache_page *sqlite3PcacheFetch(
+ PCache *pCache, /* Obtain the page from this cache */
+ Pgno pgno, /* Page number to obtain */
+ int createFlag /* If true, create page if it does not exist already */
+){
+ int eCreate;
+
+ assert( pCache!=0 );
+ assert( pCache->pCache!=0 );
+ assert( createFlag==3 || createFlag==0 );
+ assert( pgno>0 );
+
+ /* eCreate defines what to do if the page does not exist.
+ ** 0 Do not allocate a new page. (createFlag==0)
+ ** 1 Allocate a new page if doing so is inexpensive.
+ ** (createFlag==1 AND bPurgeable AND pDirty)
+ ** 2 Allocate a new page even it doing so is difficult.
+ ** (createFlag==1 AND !(bPurgeable AND pDirty)
+ */
+ eCreate = createFlag & pCache->eCreate;
+ assert( eCreate==0 || eCreate==1 || eCreate==2 );
+ assert( createFlag==0 || pCache->eCreate==eCreate );
+ assert( createFlag==0 || eCreate==1+(!pCache->bPurgeable||!pCache->pDirty) );
+ return sqlite3GlobalConfig.pcache2.xFetch(pCache->pCache, pgno, eCreate);
+}
+
+/*
+** If the sqlite3PcacheFetch() routine is unable to allocate a new
+** page because new clean pages are available for reuse and the cache
+** size limit has been reached, then this routine can be invoked to
+** try harder to allocate a page. This routine might invoke the stress
+** callback to spill dirty pages to the journal. It will then try to
+** allocate the new page and will only fail to allocate a new page on
+** an OOM error.
+**
+** This routine should be invoked only after sqlite3PcacheFetch() fails.
+*/
+SQLITE_PRIVATE int sqlite3PcacheFetchStress(
+ PCache *pCache, /* Obtain the page from this cache */
+ Pgno pgno, /* Page number to obtain */
+ sqlite3_pcache_page **ppPage /* Write result here */
+){
+ PgHdr *pPg;
+ if( pCache->eCreate==2 ) return 0;
+
+ if( sqlite3PcachePagecount(pCache)>pCache->szSpill ){
+ /* Find a dirty page to write-out and recycle. First try to find a
+ ** page that does not require a journal-sync (one with PGHDR_NEED_SYNC
+ ** cleared), but if that is not possible settle for any other
+ ** unreferenced dirty page.
+ */
+ for(pPg=pCache->pSynced;
+ pPg && (pPg->nRef || (pPg->flags&PGHDR_NEED_SYNC));
+ pPg=pPg->pDirtyPrev
+ );
+ pCache->pSynced = pPg;
+ if( !pPg ){
+ for(pPg=pCache->pDirtyTail; pPg && pPg->nRef; pPg=pPg->pDirtyPrev);
+ }
+ if( pPg ){
+ int rc;
+#ifdef SQLITE_LOG_CACHE_SPILL
+ sqlite3_log(SQLITE_FULL,
+ "spill page %d making room for %d - cache used: %d/%d",
+ pPg->pgno, pgno,
+ sqlite3GlobalConfig.pcache.xPagecount(pCache->pCache),
+ numberOfCachePages(pCache));
+#endif
+ rc = pCache->xStress(pCache->pStress, pPg);
+ if( rc!=SQLITE_OK && rc!=SQLITE_BUSY ){
+ return rc;
+ }
+ }
+ }
+ *ppPage = sqlite3GlobalConfig.pcache2.xFetch(pCache->pCache, pgno, 2);
+ return *ppPage==0 ? SQLITE_NOMEM : SQLITE_OK;
+}
+
+/*
+** This is a helper routine for sqlite3PcacheFetchFinish()
+**
+** In the uncommon case where the page being fetched has not been
+** initialized, this routine is invoked to do the initialization.
+** This routine is broken out into a separate function since it
+** requires extra stack manipulation that can be avoided in the common
+** case.
+*/
+static SQLITE_NOINLINE PgHdr *pcacheFetchFinishWithInit(
+ PCache *pCache, /* Obtain the page from this cache */
+ Pgno pgno, /* Page number obtained */
+ sqlite3_pcache_page *pPage /* Page obtained by prior PcacheFetch() call */
+){
+ PgHdr *pPgHdr;
+ assert( pPage!=0 );
+ pPgHdr = (PgHdr*)pPage->pExtra;
+ assert( pPgHdr->pPage==0 );
+ memset(pPgHdr, 0, sizeof(PgHdr));
+ pPgHdr->pPage = pPage;
+ pPgHdr->pData = pPage->pBuf;
+ pPgHdr->pExtra = (void *)&pPgHdr[1];
+ memset(pPgHdr->pExtra, 0, pCache->szExtra);
+ pPgHdr->pCache = pCache;
+ pPgHdr->pgno = pgno;
+ pPgHdr->flags = PGHDR_CLEAN;
+ return sqlite3PcacheFetchFinish(pCache,pgno,pPage);
+}
+
+/*
+** This routine converts the sqlite3_pcache_page object returned by
+** sqlite3PcacheFetch() into an initialized PgHdr object. This routine
+** must be called after sqlite3PcacheFetch() in order to get a usable
+** result.
+*/
+SQLITE_PRIVATE PgHdr *sqlite3PcacheFetchFinish(
+ PCache *pCache, /* Obtain the page from this cache */
+ Pgno pgno, /* Page number obtained */
+ sqlite3_pcache_page *pPage /* Page obtained by prior PcacheFetch() call */
+){
+ PgHdr *pPgHdr;
+
+ assert( pPage!=0 );
+ pPgHdr = (PgHdr *)pPage->pExtra;
+
+ if( !pPgHdr->pPage ){
+ return pcacheFetchFinishWithInit(pCache, pgno, pPage);
+ }
+ pCache->nRefSum++;
+ pPgHdr->nRef++;
+ return pPgHdr;
+}
+
+/*
+** Decrement the reference count on a page. If the page is clean and the
+** reference count drops to 0, then it is made eligible for recycling.
+*/
+SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3PcacheRelease(PgHdr *p){
+ assert( p->nRef>0 );
+ p->pCache->nRefSum--;
+ if( (--p->nRef)==0 ){
+ if( p->flags&PGHDR_CLEAN ){
+ pcacheUnpin(p);
+ }else if( p->pDirtyPrev!=0 ){
+ /* Move the page to the head of the dirty list. */
+ pcacheManageDirtyList(p, PCACHE_DIRTYLIST_FRONT);
+ }
+ }
+}
+
+/*
+** Increase the reference count of a supplied page by 1.
+*/
+SQLITE_PRIVATE void sqlite3PcacheRef(PgHdr *p){
+ assert(p->nRef>0);
+ p->nRef++;
+ p->pCache->nRefSum++;
+}
+
+/*
+** Drop a page from the cache. There must be exactly one reference to the
+** page. This function deletes that reference, so after it returns the
+** page pointed to by p is invalid.
+*/
+SQLITE_PRIVATE void sqlite3PcacheDrop(PgHdr *p){
+ assert( p->nRef==1 );
+ if( p->flags&PGHDR_DIRTY ){
+ pcacheManageDirtyList(p, PCACHE_DIRTYLIST_REMOVE);
+ }
+ p->pCache->nRefSum--;
+ sqlite3GlobalConfig.pcache2.xUnpin(p->pCache->pCache, p->pPage, 1);
+}
+
+/*
+** Make sure the page is marked as dirty. If it isn't dirty already,
+** make it so.
+*/
+SQLITE_PRIVATE void sqlite3PcacheMakeDirty(PgHdr *p){
+ assert( p->nRef>0 );
+ if( p->flags & (PGHDR_CLEAN|PGHDR_DONT_WRITE) ){
+ p->flags &= ~PGHDR_DONT_WRITE;
+ if( p->flags & PGHDR_CLEAN ){
+ p->flags ^= (PGHDR_DIRTY|PGHDR_CLEAN);
+ assert( (p->flags & (PGHDR_DIRTY|PGHDR_CLEAN))==PGHDR_DIRTY );
+ pcacheManageDirtyList(p, PCACHE_DIRTYLIST_ADD);
+ }
+ }
+}
+
+/*
+** Make sure the page is marked as clean. If it isn't clean already,
+** make it so.
+*/
+SQLITE_PRIVATE void sqlite3PcacheMakeClean(PgHdr *p){
+ if( (p->flags & PGHDR_DIRTY) ){
+ assert( (p->flags & PGHDR_CLEAN)==0 );
+ pcacheManageDirtyList(p, PCACHE_DIRTYLIST_REMOVE);
+ p->flags &= ~(PGHDR_DIRTY|PGHDR_NEED_SYNC|PGHDR_WRITEABLE);
+ p->flags |= PGHDR_CLEAN;
+ if( p->nRef==0 ){
+ pcacheUnpin(p);
+ }
+ }
+}
+
+/*
+** Make every page in the cache clean.
+*/
+SQLITE_PRIVATE void sqlite3PcacheCleanAll(PCache *pCache){
+ PgHdr *p;
+ while( (p = pCache->pDirty)!=0 ){
+ sqlite3PcacheMakeClean(p);
+ }
+}
+
+/*
+** Clear the PGHDR_NEED_SYNC flag from all dirty pages.
+*/
+SQLITE_PRIVATE void sqlite3PcacheClearSyncFlags(PCache *pCache){
+ PgHdr *p;
+ for(p=pCache->pDirty; p; p=p->pDirtyNext){
+ p->flags &= ~PGHDR_NEED_SYNC;
+ }
+ pCache->pSynced = pCache->pDirtyTail;
+}
+
+/*
+** Change the page number of page p to newPgno.
+*/
+SQLITE_PRIVATE void sqlite3PcacheMove(PgHdr *p, Pgno newPgno){
+ PCache *pCache = p->pCache;
+ assert( p->nRef>0 );
+ assert( newPgno>0 );
+ sqlite3GlobalConfig.pcache2.xRekey(pCache->pCache, p->pPage, p->pgno,newPgno);
+ p->pgno = newPgno;
+ if( (p->flags&PGHDR_DIRTY) && (p->flags&PGHDR_NEED_SYNC) ){
+ pcacheManageDirtyList(p, PCACHE_DIRTYLIST_FRONT);
+ }
+}
+
+/*
+** Drop every cache entry whose page number is greater than "pgno". The
+** caller must ensure that there are no outstanding references to any pages
+** other than page 1 with a page number greater than pgno.
+**
+** If there is a reference to page 1 and the pgno parameter passed to this
+** function is 0, then the data area associated with page 1 is zeroed, but
+** the page object is not dropped.
+*/
+SQLITE_PRIVATE void sqlite3PcacheTruncate(PCache *pCache, Pgno pgno){
+ if( pCache->pCache ){
+ PgHdr *p;
+ PgHdr *pNext;
+ for(p=pCache->pDirty; p; p=pNext){
+ pNext = p->pDirtyNext;
+ /* This routine never gets call with a positive pgno except right
+ ** after sqlite3PcacheCleanAll(). So if there are dirty pages,
+ ** it must be that pgno==0.
+ */
+ assert( p->pgno>0 );
+ if( ALWAYS(p->pgno>pgno) ){
+ assert( p->flags&PGHDR_DIRTY );
+ sqlite3PcacheMakeClean(p);
+ }
+ }
+ if( pgno==0 && pCache->nRefSum ){
+ sqlite3_pcache_page *pPage1;
+ pPage1 = sqlite3GlobalConfig.pcache2.xFetch(pCache->pCache,1,0);
+ if( ALWAYS(pPage1) ){ /* Page 1 is always available in cache, because
+ ** pCache->nRefSum>0 */
+ memset(pPage1->pBuf, 0, pCache->szPage);
+ pgno = 1;
+ }
+ }
+ sqlite3GlobalConfig.pcache2.xTruncate(pCache->pCache, pgno+1);
+ }
+}
+
+/*
+** Close a cache.
+*/
+SQLITE_PRIVATE void sqlite3PcacheClose(PCache *pCache){
+ assert( pCache->pCache!=0 );
+ sqlite3GlobalConfig.pcache2.xDestroy(pCache->pCache);
+}
+
+/*
+** Discard the contents of the cache.
+*/
+SQLITE_PRIVATE void sqlite3PcacheClear(PCache *pCache){
+ sqlite3PcacheTruncate(pCache, 0);
+}
+
+/*
+** Merge two lists of pages connected by pDirty and in pgno order.
+** Do not both fixing the pDirtyPrev pointers.
+*/
+static PgHdr *pcacheMergeDirtyList(PgHdr *pA, PgHdr *pB){
+ PgHdr result, *pTail;
+ pTail = &result;
+ while( pA && pB ){
+ if( pA->pgno<pB->pgno ){
+ pTail->pDirty = pA;
+ pTail = pA;
+ pA = pA->pDirty;
+ }else{
+ pTail->pDirty = pB;
+ pTail = pB;
+ pB = pB->pDirty;
+ }
+ }
+ if( pA ){
+ pTail->pDirty = pA;
+ }else if( pB ){
+ pTail->pDirty = pB;
+ }else{
+ pTail->pDirty = 0;
+ }
+ return result.pDirty;
+}
+
+/*
+** Sort the list of pages in accending order by pgno. Pages are
+** connected by pDirty pointers. The pDirtyPrev pointers are
+** corrupted by this sort.
+**
+** Since there cannot be more than 2^31 distinct pages in a database,
+** there cannot be more than 31 buckets required by the merge sorter.
+** One extra bucket is added to catch overflow in case something
+** ever changes to make the previous sentence incorrect.
+*/
+#define N_SORT_BUCKET 32
+static PgHdr *pcacheSortDirtyList(PgHdr *pIn){
+ PgHdr *a[N_SORT_BUCKET], *p;
+ int i;
+ memset(a, 0, sizeof(a));
+ while( pIn ){
+ p = pIn;
+ pIn = p->pDirty;
+ p->pDirty = 0;
+ for(i=0; ALWAYS(i<N_SORT_BUCKET-1); i++){
+ if( a[i]==0 ){
+ a[i] = p;
+ break;
+ }else{
+ p = pcacheMergeDirtyList(a[i], p);
+ a[i] = 0;
+ }
+ }
+ if( NEVER(i==N_SORT_BUCKET-1) ){
+ /* To get here, there need to be 2^(N_SORT_BUCKET) elements in
+ ** the input list. But that is impossible.
+ */
+ a[i] = pcacheMergeDirtyList(a[i], p);
+ }
+ }
+ p = a[0];
+ for(i=1; i<N_SORT_BUCKET; i++){
+ p = pcacheMergeDirtyList(p, a[i]);
+ }
+ return p;
+}
+
+/*
+** Return a list of all dirty pages in the cache, sorted by page number.
+*/
+SQLITE_PRIVATE PgHdr *sqlite3PcacheDirtyList(PCache *pCache){
+ PgHdr *p;
+ for(p=pCache->pDirty; p; p=p->pDirtyNext){
+ p->pDirty = p->pDirtyNext;
+ }
+ return pcacheSortDirtyList(pCache->pDirty);
+}
+
+/*
+** Return the total number of references to all pages held by the cache.
+**
+** This is not the total number of pages referenced, but the sum of the
+** reference count for all pages.
+*/
+SQLITE_PRIVATE int sqlite3PcacheRefCount(PCache *pCache){
+ return pCache->nRefSum;
+}
+
+/*
+** Return the number of references to the page supplied as an argument.
+*/
+SQLITE_PRIVATE int sqlite3PcachePageRefcount(PgHdr *p){
+ return p->nRef;
+}
+
+/*
+** Return the total number of pages in the cache.
+*/
+SQLITE_PRIVATE int sqlite3PcachePagecount(PCache *pCache){
+ assert( pCache->pCache!=0 );
+ return sqlite3GlobalConfig.pcache2.xPagecount(pCache->pCache);
+}
+
+#ifdef SQLITE_TEST
+/*
+** Get the suggested cache-size value.
+*/
+SQLITE_PRIVATE int sqlite3PcacheGetCachesize(PCache *pCache){
+ return numberOfCachePages(pCache);
+}
+#endif
+
+/*
+** Set the suggested cache-size value.
+*/
+SQLITE_PRIVATE void sqlite3PcacheSetCachesize(PCache *pCache, int mxPage){
+ assert( pCache->pCache!=0 );
+ pCache->szCache = mxPage;
+ sqlite3GlobalConfig.pcache2.xCachesize(pCache->pCache,
+ numberOfCachePages(pCache));
+}
+
+/*
+** Set the suggested cache-spill value. Make no changes if if the
+** argument is zero. Return the effective cache-spill size, which will
+** be the larger of the szSpill and szCache.
+*/
+SQLITE_PRIVATE int sqlite3PcacheSetSpillsize(PCache *p, int mxPage){
+ int res;
+ assert( p->pCache!=0 );
+ if( mxPage ){
+ if( mxPage<0 ){
+ mxPage = (int)((-1024*(i64)mxPage)/(p->szPage+p->szExtra));
+ }
+ p->szSpill = mxPage;
+ }
+ res = numberOfCachePages(p);
+ if( res<p->szSpill ) res = p->szSpill;
+ return res;
+}
+
+/*
+** Free up as much memory as possible from the page cache.
+*/
+SQLITE_PRIVATE void sqlite3PcacheShrink(PCache *pCache){
+ assert( pCache->pCache!=0 );
+ sqlite3GlobalConfig.pcache2.xShrink(pCache->pCache);
+}
+
+/*
+** Return the size of the header added by this middleware layer
+** in the page-cache hierarchy.
+*/
+SQLITE_PRIVATE int sqlite3HeaderSizePcache(void){ return ROUND8(sizeof(PgHdr)); }
+
+
+#if defined(SQLITE_CHECK_PAGES) || defined(SQLITE_DEBUG)
+/*
+** For all dirty pages currently in the cache, invoke the specified
+** callback. This is only used if the SQLITE_CHECK_PAGES macro is
+** defined.
+*/
+SQLITE_PRIVATE void sqlite3PcacheIterateDirty(PCache *pCache, void (*xIter)(PgHdr *)){
+ PgHdr *pDirty;
+ for(pDirty=pCache->pDirty; pDirty; pDirty=pDirty->pDirtyNext){
+ xIter(pDirty);
+ }
+}
+#endif
+
+/************** End of pcache.c **********************************************/
+/************** Begin file pcache1.c *****************************************/
+/*
+** 2008 November 05
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file implements the default page cache implementation (the
+** sqlite3_pcache interface). It also contains part of the implementation
+** of the SQLITE_CONFIG_PAGECACHE and sqlite3_release_memory() features.
+** If the default page cache implementation is overridden, then neither of
+** these two features are available.
+**
+** A Page cache line looks like this:
+**
+** -------------------------------------------------------------
+** | database page content | PgHdr1 | MemPage | PgHdr |
+** -------------------------------------------------------------
+**
+** The database page content is up front (so that buffer overreads tend to
+** flow harmlessly into the PgHdr1, MemPage, and PgHdr extensions). MemPage
+** is the extension added by the btree.c module containing information such
+** as the database page number and how that database page is used. PgHdr
+** is added by the pcache.c layer and contains information used to keep track
+** of which pages are "dirty". PgHdr1 is an extension added by this
+** module (pcache1.c). The PgHdr1 header is a subclass of sqlite3_pcache_page.
+** PgHdr1 contains information needed to look up a page by its page number.
+** The superclass sqlite3_pcache_page.pBuf points to the start of the
+** database page content and sqlite3_pcache_page.pExtra points to PgHdr.
+**
+** The size of the extension (MemPage+PgHdr+PgHdr1) can be determined at
+** runtime using sqlite3_config(SQLITE_CONFIG_PCACHE_HDRSZ, &size). The
+** sizes of the extensions sum to 272 bytes on x64 for 3.8.10, but this
+** size can vary according to architecture, compile-time options, and
+** SQLite library version number.
+**
+** If SQLITE_PCACHE_SEPARATE_HEADER is defined, then the extension is obtained
+** using a separate memory allocation from the database page content. This
+** seeks to overcome the "clownshoe" problem (also called "internal
+** fragmentation" in academic literature) of allocating a few bytes more
+** than a power of two with the memory allocator rounding up to the next
+** power of two, and leaving the rounded-up space unused.
+**
+** This module tracks pointers to PgHdr1 objects. Only pcache.c communicates
+** with this module. Information is passed back and forth as PgHdr1 pointers.
+**
+** The pcache.c and pager.c modules deal pointers to PgHdr objects.
+** The btree.c module deals with pointers to MemPage objects.
+**
+** SOURCE OF PAGE CACHE MEMORY:
+**
+** Memory for a page might come from any of three sources:
+**
+** (1) The general-purpose memory allocator - sqlite3Malloc()
+** (2) Global page-cache memory provided using sqlite3_config() with
+** SQLITE_CONFIG_PAGECACHE.
+** (3) PCache-local bulk allocation.
+**
+** The third case is a chunk of heap memory (defaulting to 100 pages worth)
+** that is allocated when the page cache is created. The size of the local
+** bulk allocation can be adjusted using
+**
+** sqlite3_config(SQLITE_CONFIG_PAGECACHE, (void*)0, 0, N).
+**
+** If N is positive, then N pages worth of memory are allocated using a single
+** sqlite3Malloc() call and that memory is used for the first N pages allocated.
+** Or if N is negative, then -1024*N bytes of memory are allocated and used
+** for as many pages as can be accomodated.
+**
+** Only one of (2) or (3) can be used. Once the memory available to (2) or
+** (3) is exhausted, subsequent allocations fail over to the general-purpose
+** memory allocator (1).
+**
+** Earlier versions of SQLite used only methods (1) and (2). But experiments
+** show that method (3) with N==100 provides about a 5% performance boost for
+** common workloads.
+*/
+/* #include "sqliteInt.h" */
+
+typedef struct PCache1 PCache1;
+typedef struct PgHdr1 PgHdr1;
+typedef struct PgFreeslot PgFreeslot;
+typedef struct PGroup PGroup;
+
+/*
+** Each cache entry is represented by an instance of the following
+** structure. Unless SQLITE_PCACHE_SEPARATE_HEADER is defined, a buffer of
+** PgHdr1.pCache->szPage bytes is allocated directly before this structure
+** in memory.
+*/
+struct PgHdr1 {
+ sqlite3_pcache_page page; /* Base class. Must be first. pBuf & pExtra */
+ unsigned int iKey; /* Key value (page number) */
+ u8 isPinned; /* Page in use, not on the LRU list */
+ u8 isBulkLocal; /* This page from bulk local storage */
+ u8 isAnchor; /* This is the PGroup.lru element */
+ PgHdr1 *pNext; /* Next in hash table chain */
+ PCache1 *pCache; /* Cache that currently owns this page */
+ PgHdr1 *pLruNext; /* Next in LRU list of unpinned pages */
+ PgHdr1 *pLruPrev; /* Previous in LRU list of unpinned pages */
+};
+
+/* Each page cache (or PCache) belongs to a PGroup. A PGroup is a set
+** of one or more PCaches that are able to recycle each other's unpinned
+** pages when they are under memory pressure. A PGroup is an instance of
+** the following object.
+**
+** This page cache implementation works in one of two modes:
+**
+** (1) Every PCache is the sole member of its own PGroup. There is
+** one PGroup per PCache.
+**
+** (2) There is a single global PGroup that all PCaches are a member
+** of.
+**
+** Mode 1 uses more memory (since PCache instances are not able to rob
+** unused pages from other PCaches) but it also operates without a mutex,
+** and is therefore often faster. Mode 2 requires a mutex in order to be
+** threadsafe, but recycles pages more efficiently.
+**
+** For mode (1), PGroup.mutex is NULL. For mode (2) there is only a single
+** PGroup which is the pcache1.grp global variable and its mutex is
+** SQLITE_MUTEX_STATIC_LRU.
+*/
+struct PGroup {
+ sqlite3_mutex *mutex; /* MUTEX_STATIC_LRU or NULL */
+ unsigned int nMaxPage; /* Sum of nMax for purgeable caches */
+ unsigned int nMinPage; /* Sum of nMin for purgeable caches */
+ unsigned int mxPinned; /* nMaxpage + 10 - nMinPage */
+ unsigned int nCurrentPage; /* Number of purgeable pages allocated */
+ PgHdr1 lru; /* The beginning and end of the LRU list */
+};
+
+/* Each page cache is an instance of the following object. Every
+** open database file (including each in-memory database and each
+** temporary or transient database) has a single page cache which
+** is an instance of this object.
+**
+** Pointers to structures of this type are cast and returned as
+** opaque sqlite3_pcache* handles.
+*/
+struct PCache1 {
+ /* Cache configuration parameters. Page size (szPage) and the purgeable
+ ** flag (bPurgeable) are set when the cache is created. nMax may be
+ ** modified at any time by a call to the pcache1Cachesize() method.
+ ** The PGroup mutex must be held when accessing nMax.
+ */
+ PGroup *pGroup; /* PGroup this cache belongs to */
+ int szPage; /* Size of database content section */
+ int szExtra; /* sizeof(MemPage)+sizeof(PgHdr) */
+ int szAlloc; /* Total size of one pcache line */
+ int bPurgeable; /* True if cache is purgeable */
+ unsigned int nMin; /* Minimum number of pages reserved */
+ unsigned int nMax; /* Configured "cache_size" value */
+ unsigned int n90pct; /* nMax*9/10 */
+ unsigned int iMaxKey; /* Largest key seen since xTruncate() */
+
+ /* Hash table of all pages. The following variables may only be accessed
+ ** when the accessor is holding the PGroup mutex.
+ */
+ unsigned int nRecyclable; /* Number of pages in the LRU list */
+ unsigned int nPage; /* Total number of pages in apHash */
+ unsigned int nHash; /* Number of slots in apHash[] */
+ PgHdr1 **apHash; /* Hash table for fast lookup by key */
+ PgHdr1 *pFree; /* List of unused pcache-local pages */
+ void *pBulk; /* Bulk memory used by pcache-local */
+};
+
+/*
+** Free slots in the allocator used to divide up the global page cache
+** buffer provided using the SQLITE_CONFIG_PAGECACHE mechanism.
+*/
+struct PgFreeslot {
+ PgFreeslot *pNext; /* Next free slot */
+};
+
+/*
+** Global data used by this cache.
+*/
+static SQLITE_WSD struct PCacheGlobal {
+ PGroup grp; /* The global PGroup for mode (2) */
+
+ /* Variables related to SQLITE_CONFIG_PAGECACHE settings. The
+ ** szSlot, nSlot, pStart, pEnd, nReserve, and isInit values are all
+ ** fixed at sqlite3_initialize() time and do not require mutex protection.
+ ** The nFreeSlot and pFree values do require mutex protection.
+ */
+ int isInit; /* True if initialized */
+ int separateCache; /* Use a new PGroup for each PCache */
+ int nInitPage; /* Initial bulk allocation size */
+ int szSlot; /* Size of each free slot */
+ int nSlot; /* The number of pcache slots */
+ int nReserve; /* Try to keep nFreeSlot above this */
+ void *pStart, *pEnd; /* Bounds of global page cache memory */
+ /* Above requires no mutex. Use mutex below for variable that follow. */
+ sqlite3_mutex *mutex; /* Mutex for accessing the following: */
+ PgFreeslot *pFree; /* Free page blocks */
+ int nFreeSlot; /* Number of unused pcache slots */
+ /* The following value requires a mutex to change. We skip the mutex on
+ ** reading because (1) most platforms read a 32-bit integer atomically and
+ ** (2) even if an incorrect value is read, no great harm is done since this
+ ** is really just an optimization. */
+ int bUnderPressure; /* True if low on PAGECACHE memory */
+} pcache1_g;
+
+/*
+** All code in this file should access the global structure above via the
+** alias "pcache1". This ensures that the WSD emulation is used when
+** compiling for systems that do not support real WSD.
+*/
+#define pcache1 (GLOBAL(struct PCacheGlobal, pcache1_g))
+
+/*
+** Macros to enter and leave the PCache LRU mutex.
+*/
+#if !defined(SQLITE_ENABLE_MEMORY_MANAGEMENT) || SQLITE_THREADSAFE==0
+# define pcache1EnterMutex(X) assert((X)->mutex==0)
+# define pcache1LeaveMutex(X) assert((X)->mutex==0)
+# define PCACHE1_MIGHT_USE_GROUP_MUTEX 0
+#else
+# define pcache1EnterMutex(X) sqlite3_mutex_enter((X)->mutex)
+# define pcache1LeaveMutex(X) sqlite3_mutex_leave((X)->mutex)
+# define PCACHE1_MIGHT_USE_GROUP_MUTEX 1
+#endif
+
+/******************************************************************************/
+/******** Page Allocation/SQLITE_CONFIG_PCACHE Related Functions **************/
+
+
+/*
+** This function is called during initialization if a static buffer is
+** supplied to use for the page-cache by passing the SQLITE_CONFIG_PAGECACHE
+** verb to sqlite3_config(). Parameter pBuf points to an allocation large
+** enough to contain 'n' buffers of 'sz' bytes each.
+**
+** This routine is called from sqlite3_initialize() and so it is guaranteed
+** to be serialized already. There is no need for further mutexing.
+*/
+SQLITE_PRIVATE void sqlite3PCacheBufferSetup(void *pBuf, int sz, int n){
+ if( pcache1.isInit ){
+ PgFreeslot *p;
+ if( pBuf==0 ) sz = n = 0;
+ sz = ROUNDDOWN8(sz);
+ pcache1.szSlot = sz;
+ pcache1.nSlot = pcache1.nFreeSlot = n;
+ pcache1.nReserve = n>90 ? 10 : (n/10 + 1);
+ pcache1.pStart = pBuf;
+ pcache1.pFree = 0;
+ pcache1.bUnderPressure = 0;
+ while( n-- ){
+ p = (PgFreeslot*)pBuf;
+ p->pNext = pcache1.pFree;
+ pcache1.pFree = p;
+ pBuf = (void*)&((char*)pBuf)[sz];
+ }
+ pcache1.pEnd = pBuf;
+ }
+}
+
+/*
+** Try to initialize the pCache->pFree and pCache->pBulk fields. Return
+** true if pCache->pFree ends up containing one or more free pages.
+*/
+static int pcache1InitBulk(PCache1 *pCache){
+ i64 szBulk;
+ char *zBulk;
+ if( pcache1.nInitPage==0 ) return 0;
+ /* Do not bother with a bulk allocation if the cache size very small */
+ if( pCache->nMax<3 ) return 0;
+ sqlite3BeginBenignMalloc();
+ if( pcache1.nInitPage>0 ){
+ szBulk = pCache->szAlloc * (i64)pcache1.nInitPage;
+ }else{
+ szBulk = -1024 * (i64)pcache1.nInitPage;
+ }
+ if( szBulk > pCache->szAlloc*(i64)pCache->nMax ){
+ szBulk = pCache->szAlloc*pCache->nMax;
+ }
+ zBulk = pCache->pBulk = sqlite3Malloc( szBulk );
+ sqlite3EndBenignMalloc();
+ if( zBulk ){
+ int nBulk = sqlite3MallocSize(zBulk)/pCache->szAlloc;
+ int i;
+ for(i=0; i<nBulk; i++){
+ PgHdr1 *pX = (PgHdr1*)&zBulk[pCache->szPage];
+ pX->page.pBuf = zBulk;
+ pX->page.pExtra = &pX[1];
+ pX->isBulkLocal = 1;
+ pX->isAnchor = 0;
+ pX->pNext = pCache->pFree;
+ pCache->pFree = pX;
+ zBulk += pCache->szAlloc;
+ }
+ }
+ return pCache->pFree!=0;
+}
+
+/*
+** Malloc function used within this file to allocate space from the buffer
+** configured using sqlite3_config(SQLITE_CONFIG_PAGECACHE) option. If no
+** such buffer exists or there is no space left in it, this function falls
+** back to sqlite3Malloc().
+**
+** Multiple threads can run this routine at the same time. Global variables
+** in pcache1 need to be protected via mutex.
+*/
+static void *pcache1Alloc(int nByte){
+ void *p = 0;
+ assert( sqlite3_mutex_notheld(pcache1.grp.mutex) );
+ if( nByte<=pcache1.szSlot ){
+ sqlite3_mutex_enter(pcache1.mutex);
+ p = (PgHdr1 *)pcache1.pFree;
+ if( p ){
+ pcache1.pFree = pcache1.pFree->pNext;
+ pcache1.nFreeSlot--;
+ pcache1.bUnderPressure = pcache1.nFreeSlot<pcache1.nReserve;
+ assert( pcache1.nFreeSlot>=0 );
+ sqlite3StatusHighwater(SQLITE_STATUS_PAGECACHE_SIZE, nByte);
+ sqlite3StatusUp(SQLITE_STATUS_PAGECACHE_USED, 1);
+ }
+ sqlite3_mutex_leave(pcache1.mutex);
+ }
+ if( p==0 ){
+ /* Memory is not available in the SQLITE_CONFIG_PAGECACHE pool. Get
+ ** it from sqlite3Malloc instead.
+ */
+ p = sqlite3Malloc(nByte);
+#ifndef SQLITE_DISABLE_PAGECACHE_OVERFLOW_STATS
+ if( p ){
+ int sz = sqlite3MallocSize(p);
+ sqlite3_mutex_enter(pcache1.mutex);
+ sqlite3StatusHighwater(SQLITE_STATUS_PAGECACHE_SIZE, nByte);
+ sqlite3StatusUp(SQLITE_STATUS_PAGECACHE_OVERFLOW, sz);
+ sqlite3_mutex_leave(pcache1.mutex);
+ }
+#endif
+ sqlite3MemdebugSetType(p, MEMTYPE_PCACHE);
+ }
+ return p;
+}
+
+/*
+** Free an allocated buffer obtained from pcache1Alloc().
+*/
+static void pcache1Free(void *p){
+ int nFreed = 0;
+ if( p==0 ) return;
+ if( SQLITE_WITHIN(p, pcache1.pStart, pcache1.pEnd) ){
+ PgFreeslot *pSlot;
+ sqlite3_mutex_enter(pcache1.mutex);
+ sqlite3StatusDown(SQLITE_STATUS_PAGECACHE_USED, 1);
+ pSlot = (PgFreeslot*)p;
+ pSlot->pNext = pcache1.pFree;
+ pcache1.pFree = pSlot;
+ pcache1.nFreeSlot++;
+ pcache1.bUnderPressure = pcache1.nFreeSlot<pcache1.nReserve;
+ assert( pcache1.nFreeSlot<=pcache1.nSlot );
+ sqlite3_mutex_leave(pcache1.mutex);
+ }else{
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_PCACHE) );
+ sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
+#ifndef SQLITE_DISABLE_PAGECACHE_OVERFLOW_STATS
+ nFreed = sqlite3MallocSize(p);
+ sqlite3_mutex_enter(pcache1.mutex);
+ sqlite3StatusDown(SQLITE_STATUS_PAGECACHE_OVERFLOW, nFreed);
+ sqlite3_mutex_leave(pcache1.mutex);
+#endif
+ sqlite3_free(p);
+ }
+}
+
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+/*
+** Return the size of a pcache allocation
+*/
+static int pcache1MemSize(void *p){
+ if( p>=pcache1.pStart && p<pcache1.pEnd ){
+ return pcache1.szSlot;
+ }else{
+ int iSize;
+ assert( sqlite3MemdebugHasType(p, MEMTYPE_PCACHE) );
+ sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
+ iSize = sqlite3MallocSize(p);
+ sqlite3MemdebugSetType(p, MEMTYPE_PCACHE);
+ return iSize;
+ }
+}
+#endif /* SQLITE_ENABLE_MEMORY_MANAGEMENT */
+
+/*
+** Allocate a new page object initially associated with cache pCache.
+*/
+static PgHdr1 *pcache1AllocPage(PCache1 *pCache, int benignMalloc){
+ PgHdr1 *p = 0;
+ void *pPg;
+
+ assert( sqlite3_mutex_held(pCache->pGroup->mutex) );
+ if( pCache->pFree || (pCache->nPage==0 && pcache1InitBulk(pCache)) ){
+ p = pCache->pFree;
+ pCache->pFree = p->pNext;
+ p->pNext = 0;
+ }else{
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+ /* The group mutex must be released before pcache1Alloc() is called. This
+ ** is because it might call sqlite3_release_memory(), which assumes that
+ ** this mutex is not held. */
+ assert( pcache1.separateCache==0 );
+ assert( pCache->pGroup==&pcache1.grp );
+ pcache1LeaveMutex(pCache->pGroup);
+#endif
+ if( benignMalloc ){ sqlite3BeginBenignMalloc(); }
+#ifdef SQLITE_PCACHE_SEPARATE_HEADER
+ pPg = pcache1Alloc(pCache->szPage);
+ p = sqlite3Malloc(sizeof(PgHdr1) + pCache->szExtra);
+ if( !pPg || !p ){
+ pcache1Free(pPg);
+ sqlite3_free(p);
+ pPg = 0;
+ }
+#else
+ pPg = pcache1Alloc(pCache->szAlloc);
+ p = (PgHdr1 *)&((u8 *)pPg)[pCache->szPage];
+#endif
+ if( benignMalloc ){ sqlite3EndBenignMalloc(); }
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+ pcache1EnterMutex(pCache->pGroup);
+#endif
+ if( pPg==0 ) return 0;
+ p->page.pBuf = pPg;
+ p->page.pExtra = &p[1];
+ p->isBulkLocal = 0;
+ p->isAnchor = 0;
+ }
+ if( pCache->bPurgeable ){
+ pCache->pGroup->nCurrentPage++;
+ }
+ return p;
+}
+
+/*
+** Free a page object allocated by pcache1AllocPage().
+*/
+static void pcache1FreePage(PgHdr1 *p){
+ PCache1 *pCache;
+ assert( p!=0 );
+ pCache = p->pCache;
+ assert( sqlite3_mutex_held(p->pCache->pGroup->mutex) );
+ if( p->isBulkLocal ){
+ p->pNext = pCache->pFree;
+ pCache->pFree = p;
+ }else{
+ pcache1Free(p->page.pBuf);
+#ifdef SQLITE_PCACHE_SEPARATE_HEADER
+ sqlite3_free(p);
+#endif
+ }
+ if( pCache->bPurgeable ){
+ pCache->pGroup->nCurrentPage--;
+ }
+}
+
+/*
+** Malloc function used by SQLite to obtain space from the buffer configured
+** using sqlite3_config(SQLITE_CONFIG_PAGECACHE) option. If no such buffer
+** exists, this function falls back to sqlite3Malloc().
+*/
+SQLITE_PRIVATE void *sqlite3PageMalloc(int sz){
+ return pcache1Alloc(sz);
+}
+
+/*
+** Free an allocated buffer obtained from sqlite3PageMalloc().
+*/
+SQLITE_PRIVATE void sqlite3PageFree(void *p){
+ pcache1Free(p);
+}
+
+
+/*
+** Return true if it desirable to avoid allocating a new page cache
+** entry.
+**
+** If memory was allocated specifically to the page cache using
+** SQLITE_CONFIG_PAGECACHE but that memory has all been used, then
+** it is desirable to avoid allocating a new page cache entry because
+** presumably SQLITE_CONFIG_PAGECACHE was suppose to be sufficient
+** for all page cache needs and we should not need to spill the
+** allocation onto the heap.
+**
+** Or, the heap is used for all page cache memory but the heap is
+** under memory pressure, then again it is desirable to avoid
+** allocating a new page cache entry in order to avoid stressing
+** the heap even further.
+*/
+static int pcache1UnderMemoryPressure(PCache1 *pCache){
+ if( pcache1.nSlot && (pCache->szPage+pCache->szExtra)<=pcache1.szSlot ){
+ return pcache1.bUnderPressure;
+ }else{
+ return sqlite3HeapNearlyFull();
+ }
+}
+
+/******************************************************************************/
+/******** General Implementation Functions ************************************/
+
+/*
+** This function is used to resize the hash table used by the cache passed
+** as the first argument.
+**
+** The PCache mutex must be held when this function is called.
+*/
+static void pcache1ResizeHash(PCache1 *p){
+ PgHdr1 **apNew;
+ unsigned int nNew;
+ unsigned int i;
+
+ assert( sqlite3_mutex_held(p->pGroup->mutex) );
+
+ nNew = p->nHash*2;
+ if( nNew<256 ){
+ nNew = 256;
+ }
+
+ pcache1LeaveMutex(p->pGroup);
+ if( p->nHash ){ sqlite3BeginBenignMalloc(); }
+ apNew = (PgHdr1 **)sqlite3MallocZero(sizeof(PgHdr1 *)*nNew);
+ if( p->nHash ){ sqlite3EndBenignMalloc(); }
+ pcache1EnterMutex(p->pGroup);
+ if( apNew ){
+ for(i=0; i<p->nHash; i++){
+ PgHdr1 *pPage;
+ PgHdr1 *pNext = p->apHash[i];
+ while( (pPage = pNext)!=0 ){
+ unsigned int h = pPage->iKey % nNew;
+ pNext = pPage->pNext;
+ pPage->pNext = apNew[h];
+ apNew[h] = pPage;
+ }
+ }
+ sqlite3_free(p->apHash);
+ p->apHash = apNew;
+ p->nHash = nNew;
+ }
+}
+
+/*
+** This function is used internally to remove the page pPage from the
+** PGroup LRU list, if is part of it. If pPage is not part of the PGroup
+** LRU list, then this function is a no-op.
+**
+** The PGroup mutex must be held when this function is called.
+*/
+static PgHdr1 *pcache1PinPage(PgHdr1 *pPage){
+ PCache1 *pCache;
+
+ assert( pPage!=0 );
+ assert( pPage->isPinned==0 );
+ pCache = pPage->pCache;
+ assert( pPage->pLruNext );
+ assert( pPage->pLruPrev );
+ assert( sqlite3_mutex_held(pCache->pGroup->mutex) );
+ pPage->pLruPrev->pLruNext = pPage->pLruNext;
+ pPage->pLruNext->pLruPrev = pPage->pLruPrev;
+ pPage->pLruNext = 0;
+ pPage->pLruPrev = 0;
+ pPage->isPinned = 1;
+ assert( pPage->isAnchor==0 );
+ assert( pCache->pGroup->lru.isAnchor==1 );
+ pCache->nRecyclable--;
+ return pPage;
+}
+
+
+/*
+** Remove the page supplied as an argument from the hash table
+** (PCache1.apHash structure) that it is currently stored in.
+** Also free the page if freePage is true.
+**
+** The PGroup mutex must be held when this function is called.
+*/
+static void pcache1RemoveFromHash(PgHdr1 *pPage, int freeFlag){
+ unsigned int h;
+ PCache1 *pCache = pPage->pCache;
+ PgHdr1 **pp;
+
+ assert( sqlite3_mutex_held(pCache->pGroup->mutex) );
+ h = pPage->iKey % pCache->nHash;
+ for(pp=&pCache->apHash[h]; (*pp)!=pPage; pp=&(*pp)->pNext);
+ *pp = (*pp)->pNext;
+
+ pCache->nPage--;
+ if( freeFlag ) pcache1FreePage(pPage);
+}
+
+/*
+** If there are currently more than nMaxPage pages allocated, try
+** to recycle pages to reduce the number allocated to nMaxPage.
+*/
+static void pcache1EnforceMaxPage(PCache1 *pCache){
+ PGroup *pGroup = pCache->pGroup;
+ PgHdr1 *p;
+ assert( sqlite3_mutex_held(pGroup->mutex) );
+ while( pGroup->nCurrentPage>pGroup->nMaxPage
+ && (p=pGroup->lru.pLruPrev)->isAnchor==0
+ ){
+ assert( p->pCache->pGroup==pGroup );
+ assert( p->isPinned==0 );
+ pcache1PinPage(p);
+ pcache1RemoveFromHash(p, 1);
+ }
+ if( pCache->nPage==0 && pCache->pBulk ){
+ sqlite3_free(pCache->pBulk);
+ pCache->pBulk = pCache->pFree = 0;
+ }
+}
+
+/*
+** Discard all pages from cache pCache with a page number (key value)
+** greater than or equal to iLimit. Any pinned pages that meet this
+** criteria are unpinned before they are discarded.
+**
+** The PCache mutex must be held when this function is called.
+*/
+static void pcache1TruncateUnsafe(
+ PCache1 *pCache, /* The cache to truncate */
+ unsigned int iLimit /* Drop pages with this pgno or larger */
+){
+ TESTONLY( unsigned int nPage = 0; ) /* To assert pCache->nPage is correct */
+ unsigned int h;
+ assert( sqlite3_mutex_held(pCache->pGroup->mutex) );
+ for(h=0; h<pCache->nHash; h++){
+ PgHdr1 **pp = &pCache->apHash[h];
+ PgHdr1 *pPage;
+ while( (pPage = *pp)!=0 ){
+ if( pPage->iKey>=iLimit ){
+ pCache->nPage--;
+ *pp = pPage->pNext;
+ if( !pPage->isPinned ) pcache1PinPage(pPage);
+ pcache1FreePage(pPage);
+ }else{
+ pp = &pPage->pNext;
+ TESTONLY( nPage++; )
+ }
+ }
+ }
+ assert( pCache->nPage==nPage );
+}
+
+/******************************************************************************/
+/******** sqlite3_pcache Methods **********************************************/
+
+/*
+** Implementation of the sqlite3_pcache.xInit method.
+*/
+static int pcache1Init(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ assert( pcache1.isInit==0 );
+ memset(&pcache1, 0, sizeof(pcache1));
+
+
+ /*
+ ** The pcache1.separateCache variable is true if each PCache has its own
+ ** private PGroup (mode-1). pcache1.separateCache is false if the single
+ ** PGroup in pcache1.grp is used for all page caches (mode-2).
+ **
+ ** * Always use a unified cache (mode-2) if ENABLE_MEMORY_MANAGEMENT
+ **
+ ** * Use a unified cache in single-threaded applications that have
+ ** configured a start-time buffer for use as page-cache memory using
+ ** sqlite3_config(SQLITE_CONFIG_PAGECACHE, pBuf, sz, N) with non-NULL
+ ** pBuf argument.
+ **
+ ** * Otherwise use separate caches (mode-1)
+ */
+#if defined(SQLITE_ENABLE_MEMORY_MANAGEMENT)
+ pcache1.separateCache = 0;
+#elif SQLITE_THREADSAFE
+ pcache1.separateCache = sqlite3GlobalConfig.pPage==0
+ || sqlite3GlobalConfig.bCoreMutex>0;
+#else
+ pcache1.separateCache = sqlite3GlobalConfig.pPage==0;
+#endif
+
+#if SQLITE_THREADSAFE
+ if( sqlite3GlobalConfig.bCoreMutex ){
+ pcache1.grp.mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_LRU);
+ pcache1.mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_PMEM);
+ }
+#endif
+ if( pcache1.separateCache
+ && sqlite3GlobalConfig.nPage!=0
+ && sqlite3GlobalConfig.pPage==0
+ ){
+ pcache1.nInitPage = sqlite3GlobalConfig.nPage;
+ }else{
+ pcache1.nInitPage = 0;
+ }
+ pcache1.grp.mxPinned = 10;
+ pcache1.isInit = 1;
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of the sqlite3_pcache.xShutdown method.
+** Note that the static mutex allocated in xInit does
+** not need to be freed.
+*/
+static void pcache1Shutdown(void *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ assert( pcache1.isInit!=0 );
+ memset(&pcache1, 0, sizeof(pcache1));
+}
+
+/* forward declaration */
+static void pcache1Destroy(sqlite3_pcache *p);
+
+/*
+** Implementation of the sqlite3_pcache.xCreate method.
+**
+** Allocate a new cache.
+*/
+static sqlite3_pcache *pcache1Create(int szPage, int szExtra, int bPurgeable){
+ PCache1 *pCache; /* The newly created page cache */
+ PGroup *pGroup; /* The group the new page cache will belong to */
+ int sz; /* Bytes of memory required to allocate the new cache */
+
+ assert( (szPage & (szPage-1))==0 && szPage>=512 && szPage<=65536 );
+ assert( szExtra < 300 );
+
+ sz = sizeof(PCache1) + sizeof(PGroup)*pcache1.separateCache;
+ pCache = (PCache1 *)sqlite3MallocZero(sz);
+ if( pCache ){
+ if( pcache1.separateCache ){
+ pGroup = (PGroup*)&pCache[1];
+ pGroup->mxPinned = 10;
+ }else{
+ pGroup = &pcache1.grp;
+ }
+ if( pGroup->lru.isAnchor==0 ){
+ pGroup->lru.isAnchor = 1;
+ pGroup->lru.pLruPrev = pGroup->lru.pLruNext = &pGroup->lru;
+ }
+ pCache->pGroup = pGroup;
+ pCache->szPage = szPage;
+ pCache->szExtra = szExtra;
+ pCache->szAlloc = szPage + szExtra + ROUND8(sizeof(PgHdr1));
+ pCache->bPurgeable = (bPurgeable ? 1 : 0);
+ pcache1EnterMutex(pGroup);
+ pcache1ResizeHash(pCache);
+ if( bPurgeable ){
+ pCache->nMin = 10;
+ pGroup->nMinPage += pCache->nMin;
+ pGroup->mxPinned = pGroup->nMaxPage + 10 - pGroup->nMinPage;
+ }
+ pcache1LeaveMutex(pGroup);
+ if( pCache->nHash==0 ){
+ pcache1Destroy((sqlite3_pcache*)pCache);
+ pCache = 0;
+ }
+ }
+ return (sqlite3_pcache *)pCache;
+}
+
+/*
+** Implementation of the sqlite3_pcache.xCachesize method.
+**
+** Configure the cache_size limit for a cache.
+*/
+static void pcache1Cachesize(sqlite3_pcache *p, int nMax){
+ PCache1 *pCache = (PCache1 *)p;
+ if( pCache->bPurgeable ){
+ PGroup *pGroup = pCache->pGroup;
+ pcache1EnterMutex(pGroup);
+ pGroup->nMaxPage += (nMax - pCache->nMax);
+ pGroup->mxPinned = pGroup->nMaxPage + 10 - pGroup->nMinPage;
+ pCache->nMax = nMax;
+ pCache->n90pct = pCache->nMax*9/10;
+ pcache1EnforceMaxPage(pCache);
+ pcache1LeaveMutex(pGroup);
+ }
+}
+
+/*
+** Implementation of the sqlite3_pcache.xShrink method.
+**
+** Free up as much memory as possible.
+*/
+static void pcache1Shrink(sqlite3_pcache *p){
+ PCache1 *pCache = (PCache1*)p;
+ if( pCache->bPurgeable ){
+ PGroup *pGroup = pCache->pGroup;
+ int savedMaxPage;
+ pcache1EnterMutex(pGroup);
+ savedMaxPage = pGroup->nMaxPage;
+ pGroup->nMaxPage = 0;
+ pcache1EnforceMaxPage(pCache);
+ pGroup->nMaxPage = savedMaxPage;
+ pcache1LeaveMutex(pGroup);
+ }
+}
+
+/*
+** Implementation of the sqlite3_pcache.xPagecount method.
+*/
+static int pcache1Pagecount(sqlite3_pcache *p){
+ int n;
+ PCache1 *pCache = (PCache1*)p;
+ pcache1EnterMutex(pCache->pGroup);
+ n = pCache->nPage;
+ pcache1LeaveMutex(pCache->pGroup);
+ return n;
+}
+
+
+/*
+** Implement steps 3, 4, and 5 of the pcache1Fetch() algorithm described
+** in the header of the pcache1Fetch() procedure.
+**
+** This steps are broken out into a separate procedure because they are
+** usually not needed, and by avoiding the stack initialization required
+** for these steps, the main pcache1Fetch() procedure can run faster.
+*/
+static SQLITE_NOINLINE PgHdr1 *pcache1FetchStage2(
+ PCache1 *pCache,
+ unsigned int iKey,
+ int createFlag
+){
+ unsigned int nPinned;
+ PGroup *pGroup = pCache->pGroup;
+ PgHdr1 *pPage = 0;
+
+ /* Step 3: Abort if createFlag is 1 but the cache is nearly full */
+ assert( pCache->nPage >= pCache->nRecyclable );
+ nPinned = pCache->nPage - pCache->nRecyclable;
+ assert( pGroup->mxPinned == pGroup->nMaxPage + 10 - pGroup->nMinPage );
+ assert( pCache->n90pct == pCache->nMax*9/10 );
+ if( createFlag==1 && (
+ nPinned>=pGroup->mxPinned
+ || nPinned>=pCache->n90pct
+ || (pcache1UnderMemoryPressure(pCache) && pCache->nRecyclable<nPinned)
+ )){
+ return 0;
+ }
+
+ if( pCache->nPage>=pCache->nHash ) pcache1ResizeHash(pCache);
+ assert( pCache->nHash>0 && pCache->apHash );
+
+ /* Step 4. Try to recycle a page. */
+ if( pCache->bPurgeable
+ && !pGroup->lru.pLruPrev->isAnchor
+ && ((pCache->nPage+1>=pCache->nMax) || pcache1UnderMemoryPressure(pCache))
+ ){
+ PCache1 *pOther;
+ pPage = pGroup->lru.pLruPrev;
+ assert( pPage->isPinned==0 );
+ pcache1RemoveFromHash(pPage, 0);
+ pcache1PinPage(pPage);
+ pOther = pPage->pCache;
+ if( pOther->szAlloc != pCache->szAlloc ){
+ pcache1FreePage(pPage);
+ pPage = 0;
+ }else{
+ pGroup->nCurrentPage -= (pOther->bPurgeable - pCache->bPurgeable);
+ }
+ }
+
+ /* Step 5. If a usable page buffer has still not been found,
+ ** attempt to allocate a new one.
+ */
+ if( !pPage ){
+ pPage = pcache1AllocPage(pCache, createFlag==1);
+ }
+
+ if( pPage ){
+ unsigned int h = iKey % pCache->nHash;
+ pCache->nPage++;
+ pPage->iKey = iKey;
+ pPage->pNext = pCache->apHash[h];
+ pPage->pCache = pCache;
+ pPage->pLruPrev = 0;
+ pPage->pLruNext = 0;
+ pPage->isPinned = 1;
+ *(void **)pPage->page.pExtra = 0;
+ pCache->apHash[h] = pPage;
+ if( iKey>pCache->iMaxKey ){
+ pCache->iMaxKey = iKey;
+ }
+ }
+ return pPage;
+}
+
+/*
+** Implementation of the sqlite3_pcache.xFetch method.
+**
+** Fetch a page by key value.
+**
+** Whether or not a new page may be allocated by this function depends on
+** the value of the createFlag argument. 0 means do not allocate a new
+** page. 1 means allocate a new page if space is easily available. 2
+** means to try really hard to allocate a new page.
+**
+** For a non-purgeable cache (a cache used as the storage for an in-memory
+** database) there is really no difference between createFlag 1 and 2. So
+** the calling function (pcache.c) will never have a createFlag of 1 on
+** a non-purgeable cache.
+**
+** There are three different approaches to obtaining space for a page,
+** depending on the value of parameter createFlag (which may be 0, 1 or 2).
+**
+** 1. Regardless of the value of createFlag, the cache is searched for a
+** copy of the requested page. If one is found, it is returned.
+**
+** 2. If createFlag==0 and the page is not already in the cache, NULL is
+** returned.
+**
+** 3. If createFlag is 1, and the page is not already in the cache, then
+** return NULL (do not allocate a new page) if any of the following
+** conditions are true:
+**
+** (a) the number of pages pinned by the cache is greater than
+** PCache1.nMax, or
+**
+** (b) the number of pages pinned by the cache is greater than
+** the sum of nMax for all purgeable caches, less the sum of
+** nMin for all other purgeable caches, or
+**
+** 4. If none of the first three conditions apply and the cache is marked
+** as purgeable, and if one of the following is true:
+**
+** (a) The number of pages allocated for the cache is already
+** PCache1.nMax, or
+**
+** (b) The number of pages allocated for all purgeable caches is
+** already equal to or greater than the sum of nMax for all
+** purgeable caches,
+**
+** (c) The system is under memory pressure and wants to avoid
+** unnecessary pages cache entry allocations
+**
+** then attempt to recycle a page from the LRU list. If it is the right
+** size, return the recycled buffer. Otherwise, free the buffer and
+** proceed to step 5.
+**
+** 5. Otherwise, allocate and return a new page buffer.
+**
+** There are two versions of this routine. pcache1FetchWithMutex() is
+** the general case. pcache1FetchNoMutex() is a faster implementation for
+** the common case where pGroup->mutex is NULL. The pcache1Fetch() wrapper
+** invokes the appropriate routine.
+*/
+static PgHdr1 *pcache1FetchNoMutex(
+ sqlite3_pcache *p,
+ unsigned int iKey,
+ int createFlag
+){
+ PCache1 *pCache = (PCache1 *)p;
+ PgHdr1 *pPage = 0;
+
+ /* Step 1: Search the hash table for an existing entry. */
+ pPage = pCache->apHash[iKey % pCache->nHash];
+ while( pPage && pPage->iKey!=iKey ){ pPage = pPage->pNext; }
+
+ /* Step 2: If the page was found in the hash table, then return it.
+ ** If the page was not in the hash table and createFlag is 0, abort.
+ ** Otherwise (page not in hash and createFlag!=0) continue with
+ ** subsequent steps to try to create the page. */
+ if( pPage ){
+ if( !pPage->isPinned ){
+ return pcache1PinPage(pPage);
+ }else{
+ return pPage;
+ }
+ }else if( createFlag ){
+ /* Steps 3, 4, and 5 implemented by this subroutine */
+ return pcache1FetchStage2(pCache, iKey, createFlag);
+ }else{
+ return 0;
+ }
+}
+#if PCACHE1_MIGHT_USE_GROUP_MUTEX
+static PgHdr1 *pcache1FetchWithMutex(
+ sqlite3_pcache *p,
+ unsigned int iKey,
+ int createFlag
+){
+ PCache1 *pCache = (PCache1 *)p;
+ PgHdr1 *pPage;
+
+ pcache1EnterMutex(pCache->pGroup);
+ pPage = pcache1FetchNoMutex(p, iKey, createFlag);
+ assert( pPage==0 || pCache->iMaxKey>=iKey );
+ pcache1LeaveMutex(pCache->pGroup);
+ return pPage;
+}
+#endif
+static sqlite3_pcache_page *pcache1Fetch(
+ sqlite3_pcache *p,
+ unsigned int iKey,
+ int createFlag
+){
+#if PCACHE1_MIGHT_USE_GROUP_MUTEX || defined(SQLITE_DEBUG)
+ PCache1 *pCache = (PCache1 *)p;
+#endif
+
+ assert( offsetof(PgHdr1,page)==0 );
+ assert( pCache->bPurgeable || createFlag!=1 );
+ assert( pCache->bPurgeable || pCache->nMin==0 );
+ assert( pCache->bPurgeable==0 || pCache->nMin==10 );
+ assert( pCache->nMin==0 || pCache->bPurgeable );
+ assert( pCache->nHash>0 );
+#if PCACHE1_MIGHT_USE_GROUP_MUTEX
+ if( pCache->pGroup->mutex ){
+ return (sqlite3_pcache_page*)pcache1FetchWithMutex(p, iKey, createFlag);
+ }else
+#endif
+ {
+ return (sqlite3_pcache_page*)pcache1FetchNoMutex(p, iKey, createFlag);
+ }
+}
+
+
+/*
+** Implementation of the sqlite3_pcache.xUnpin method.
+**
+** Mark a page as unpinned (eligible for asynchronous recycling).
+*/
+static void pcache1Unpin(
+ sqlite3_pcache *p,
+ sqlite3_pcache_page *pPg,
+ int reuseUnlikely
+){
+ PCache1 *pCache = (PCache1 *)p;
+ PgHdr1 *pPage = (PgHdr1 *)pPg;
+ PGroup *pGroup = pCache->pGroup;
+
+ assert( pPage->pCache==pCache );
+ pcache1EnterMutex(pGroup);
+
+ /* It is an error to call this function if the page is already
+ ** part of the PGroup LRU list.
+ */
+ assert( pPage->pLruPrev==0 && pPage->pLruNext==0 );
+ assert( pPage->isPinned==1 );
+
+ if( reuseUnlikely || pGroup->nCurrentPage>pGroup->nMaxPage ){
+ pcache1RemoveFromHash(pPage, 1);
+ }else{
+ /* Add the page to the PGroup LRU list. */
+ PgHdr1 **ppFirst = &pGroup->lru.pLruNext;
+ pPage->pLruPrev = &pGroup->lru;
+ (pPage->pLruNext = *ppFirst)->pLruPrev = pPage;
+ *ppFirst = pPage;
+ pCache->nRecyclable++;
+ pPage->isPinned = 0;
+ }
+
+ pcache1LeaveMutex(pCache->pGroup);
+}
+
+/*
+** Implementation of the sqlite3_pcache.xRekey method.
+*/
+static void pcache1Rekey(
+ sqlite3_pcache *p,
+ sqlite3_pcache_page *pPg,
+ unsigned int iOld,
+ unsigned int iNew
+){
+ PCache1 *pCache = (PCache1 *)p;
+ PgHdr1 *pPage = (PgHdr1 *)pPg;
+ PgHdr1 **pp;
+ unsigned int h;
+ assert( pPage->iKey==iOld );
+ assert( pPage->pCache==pCache );
+
+ pcache1EnterMutex(pCache->pGroup);
+
+ h = iOld%pCache->nHash;
+ pp = &pCache->apHash[h];
+ while( (*pp)!=pPage ){
+ pp = &(*pp)->pNext;
+ }
+ *pp = pPage->pNext;
+
+ h = iNew%pCache->nHash;
+ pPage->iKey = iNew;
+ pPage->pNext = pCache->apHash[h];
+ pCache->apHash[h] = pPage;
+ if( iNew>pCache->iMaxKey ){
+ pCache->iMaxKey = iNew;
+ }
+
+ pcache1LeaveMutex(pCache->pGroup);
+}
+
+/*
+** Implementation of the sqlite3_pcache.xTruncate method.
+**
+** Discard all unpinned pages in the cache with a page number equal to
+** or greater than parameter iLimit. Any pinned pages with a page number
+** equal to or greater than iLimit are implicitly unpinned.
+*/
+static void pcache1Truncate(sqlite3_pcache *p, unsigned int iLimit){
+ PCache1 *pCache = (PCache1 *)p;
+ pcache1EnterMutex(pCache->pGroup);
+ if( iLimit<=pCache->iMaxKey ){
+ pcache1TruncateUnsafe(pCache, iLimit);
+ pCache->iMaxKey = iLimit-1;
+ }
+ pcache1LeaveMutex(pCache->pGroup);
+}
+
+/*
+** Implementation of the sqlite3_pcache.xDestroy method.
+**
+** Destroy a cache allocated using pcache1Create().
+*/
+static void pcache1Destroy(sqlite3_pcache *p){
+ PCache1 *pCache = (PCache1 *)p;
+ PGroup *pGroup = pCache->pGroup;
+ assert( pCache->bPurgeable || (pCache->nMax==0 && pCache->nMin==0) );
+ pcache1EnterMutex(pGroup);
+ pcache1TruncateUnsafe(pCache, 0);
+ assert( pGroup->nMaxPage >= pCache->nMax );
+ pGroup->nMaxPage -= pCache->nMax;
+ assert( pGroup->nMinPage >= pCache->nMin );
+ pGroup->nMinPage -= pCache->nMin;
+ pGroup->mxPinned = pGroup->nMaxPage + 10 - pGroup->nMinPage;
+ pcache1EnforceMaxPage(pCache);
+ pcache1LeaveMutex(pGroup);
+ sqlite3_free(pCache->pBulk);
+ sqlite3_free(pCache->apHash);
+ sqlite3_free(pCache);
+}
+
+/*
+** This function is called during initialization (sqlite3_initialize()) to
+** install the default pluggable cache module, assuming the user has not
+** already provided an alternative.
+*/
+SQLITE_PRIVATE void sqlite3PCacheSetDefault(void){
+ static const sqlite3_pcache_methods2 defaultMethods = {
+ 1, /* iVersion */
+ 0, /* pArg */
+ pcache1Init, /* xInit */
+ pcache1Shutdown, /* xShutdown */
+ pcache1Create, /* xCreate */
+ pcache1Cachesize, /* xCachesize */
+ pcache1Pagecount, /* xPagecount */
+ pcache1Fetch, /* xFetch */
+ pcache1Unpin, /* xUnpin */
+ pcache1Rekey, /* xRekey */
+ pcache1Truncate, /* xTruncate */
+ pcache1Destroy, /* xDestroy */
+ pcache1Shrink /* xShrink */
+ };
+ sqlite3_config(SQLITE_CONFIG_PCACHE2, &defaultMethods);
+}
+
+/*
+** Return the size of the header on each page of this PCACHE implementation.
+*/
+SQLITE_PRIVATE int sqlite3HeaderSizePcache1(void){ return ROUND8(sizeof(PgHdr1)); }
+
+/*
+** Return the global mutex used by this PCACHE implementation. The
+** sqlite3_status() routine needs access to this mutex.
+*/
+SQLITE_PRIVATE sqlite3_mutex *sqlite3Pcache1Mutex(void){
+ return pcache1.mutex;
+}
+
+#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
+/*
+** This function is called to free superfluous dynamically allocated memory
+** held by the pager system. Memory in use by any SQLite pager allocated
+** by the current thread may be sqlite3_free()ed.
+**
+** nReq is the number of bytes of memory required. Once this much has
+** been released, the function returns. The return value is the total number
+** of bytes of memory released.
+*/
+SQLITE_PRIVATE int sqlite3PcacheReleaseMemory(int nReq){
+ int nFree = 0;
+ assert( sqlite3_mutex_notheld(pcache1.grp.mutex) );
+ assert( sqlite3_mutex_notheld(pcache1.mutex) );
+ if( sqlite3GlobalConfig.nPage==0 ){
+ PgHdr1 *p;
+ pcache1EnterMutex(&pcache1.grp);
+ while( (nReq<0 || nFree<nReq)
+ && (p=pcache1.grp.lru.pLruPrev)!=0
+ && p->isAnchor==0
+ ){
+ nFree += pcache1MemSize(p->page.pBuf);
+#ifdef SQLITE_PCACHE_SEPARATE_HEADER
+ nFree += sqlite3MemSize(p);
+#endif
+ assert( p->isPinned==0 );
+ pcache1PinPage(p);
+ pcache1RemoveFromHash(p, 1);
+ }
+ pcache1LeaveMutex(&pcache1.grp);
+ }
+ return nFree;
+}
+#endif /* SQLITE_ENABLE_MEMORY_MANAGEMENT */
+
+#ifdef SQLITE_TEST
+/*
+** This function is used by test procedures to inspect the internal state
+** of the global cache.
+*/
+SQLITE_PRIVATE void sqlite3PcacheStats(
+ int *pnCurrent, /* OUT: Total number of pages cached */
+ int *pnMax, /* OUT: Global maximum cache size */
+ int *pnMin, /* OUT: Sum of PCache1.nMin for purgeable caches */
+ int *pnRecyclable /* OUT: Total number of pages available for recycling */
+){
+ PgHdr1 *p;
+ int nRecyclable = 0;
+ for(p=pcache1.grp.lru.pLruNext; p && !p->isAnchor; p=p->pLruNext){
+ assert( p->isPinned==0 );
+ nRecyclable++;
+ }
+ *pnCurrent = pcache1.grp.nCurrentPage;
+ *pnMax = (int)pcache1.grp.nMaxPage;
+ *pnMin = (int)pcache1.grp.nMinPage;
+ *pnRecyclable = nRecyclable;
+}
+#endif
+
+/************** End of pcache1.c *********************************************/
+/************** Begin file rowset.c ******************************************/
+/*
+** 2008 December 3
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This module implements an object we call a "RowSet".
+**
+** The RowSet object is a collection of rowids. Rowids
+** are inserted into the RowSet in an arbitrary order. Inserts
+** can be intermixed with tests to see if a given rowid has been
+** previously inserted into the RowSet.
+**
+** After all inserts are finished, it is possible to extract the
+** elements of the RowSet in sorted order. Once this extraction
+** process has started, no new elements may be inserted.
+**
+** Hence, the primitive operations for a RowSet are:
+**
+** CREATE
+** INSERT
+** TEST
+** SMALLEST
+** DESTROY
+**
+** The CREATE and DESTROY primitives are the constructor and destructor,
+** obviously. The INSERT primitive adds a new element to the RowSet.
+** TEST checks to see if an element is already in the RowSet. SMALLEST
+** extracts the least value from the RowSet.
+**
+** The INSERT primitive might allocate additional memory. Memory is
+** allocated in chunks so most INSERTs do no allocation. There is an
+** upper bound on the size of allocated memory. No memory is freed
+** until DESTROY.
+**
+** The TEST primitive includes a "batch" number. The TEST primitive
+** will only see elements that were inserted before the last change
+** in the batch number. In other words, if an INSERT occurs between
+** two TESTs where the TESTs have the same batch nubmer, then the
+** value added by the INSERT will not be visible to the second TEST.
+** The initial batch number is zero, so if the very first TEST contains
+** a non-zero batch number, it will see all prior INSERTs.
+**
+** No INSERTs may occurs after a SMALLEST. An assertion will fail if
+** that is attempted.
+**
+** The cost of an INSERT is roughly constant. (Sometimes new memory
+** has to be allocated on an INSERT.) The cost of a TEST with a new
+** batch number is O(NlogN) where N is the number of elements in the RowSet.
+** The cost of a TEST using the same batch number is O(logN). The cost
+** of the first SMALLEST is O(NlogN). Second and subsequent SMALLEST
+** primitives are constant time. The cost of DESTROY is O(N).
+**
+** There is an added cost of O(N) when switching between TEST and
+** SMALLEST primitives.
+*/
+/* #include "sqliteInt.h" */
+
+
+/*
+** Target size for allocation chunks.
+*/
+#define ROWSET_ALLOCATION_SIZE 1024
+
+/*
+** The number of rowset entries per allocation chunk.
+*/
+#define ROWSET_ENTRY_PER_CHUNK \
+ ((ROWSET_ALLOCATION_SIZE-8)/sizeof(struct RowSetEntry))
+
+/*
+** Each entry in a RowSet is an instance of the following object.
+**
+** This same object is reused to store a linked list of trees of RowSetEntry
+** objects. In that alternative use, pRight points to the next entry
+** in the list, pLeft points to the tree, and v is unused. The
+** RowSet.pForest value points to the head of this forest list.
+*/
+struct RowSetEntry {
+ i64 v; /* ROWID value for this entry */
+ struct RowSetEntry *pRight; /* Right subtree (larger entries) or list */
+ struct RowSetEntry *pLeft; /* Left subtree (smaller entries) */
+};
+
+/*
+** RowSetEntry objects are allocated in large chunks (instances of the
+** following structure) to reduce memory allocation overhead. The
+** chunks are kept on a linked list so that they can be deallocated
+** when the RowSet is destroyed.
+*/
+struct RowSetChunk {
+ struct RowSetChunk *pNextChunk; /* Next chunk on list of them all */
+ struct RowSetEntry aEntry[ROWSET_ENTRY_PER_CHUNK]; /* Allocated entries */
+};
+
+/*
+** A RowSet in an instance of the following structure.
+**
+** A typedef of this structure if found in sqliteInt.h.
+*/
+struct RowSet {
+ struct RowSetChunk *pChunk; /* List of all chunk allocations */
+ sqlite3 *db; /* The database connection */
+ struct RowSetEntry *pEntry; /* List of entries using pRight */
+ struct RowSetEntry *pLast; /* Last entry on the pEntry list */
+ struct RowSetEntry *pFresh; /* Source of new entry objects */
+ struct RowSetEntry *pForest; /* List of binary trees of entries */
+ u16 nFresh; /* Number of objects on pFresh */
+ u16 rsFlags; /* Various flags */
+ int iBatch; /* Current insert batch */
+};
+
+/*
+** Allowed values for RowSet.rsFlags
+*/
+#define ROWSET_SORTED 0x01 /* True if RowSet.pEntry is sorted */
+#define ROWSET_NEXT 0x02 /* True if sqlite3RowSetNext() has been called */
+
+/*
+** Turn bulk memory into a RowSet object. N bytes of memory
+** are available at pSpace. The db pointer is used as a memory context
+** for any subsequent allocations that need to occur.
+** Return a pointer to the new RowSet object.
+**
+** It must be the case that N is sufficient to make a Rowset. If not
+** an assertion fault occurs.
+**
+** If N is larger than the minimum, use the surplus as an initial
+** allocation of entries available to be filled.
+*/
+SQLITE_PRIVATE RowSet *sqlite3RowSetInit(sqlite3 *db, void *pSpace, unsigned int N){
+ RowSet *p;
+ assert( N >= ROUND8(sizeof(*p)) );
+ p = pSpace;
+ p->pChunk = 0;
+ p->db = db;
+ p->pEntry = 0;
+ p->pLast = 0;
+ p->pForest = 0;
+ p->pFresh = (struct RowSetEntry*)(ROUND8(sizeof(*p)) + (char*)p);
+ p->nFresh = (u16)((N - ROUND8(sizeof(*p)))/sizeof(struct RowSetEntry));
+ p->rsFlags = ROWSET_SORTED;
+ p->iBatch = 0;
+ return p;
+}
+
+/*
+** Deallocate all chunks from a RowSet. This frees all memory that
+** the RowSet has allocated over its lifetime. This routine is
+** the destructor for the RowSet.
+*/
+SQLITE_PRIVATE void sqlite3RowSetClear(RowSet *p){
+ struct RowSetChunk *pChunk, *pNextChunk;
+ for(pChunk=p->pChunk; pChunk; pChunk = pNextChunk){
+ pNextChunk = pChunk->pNextChunk;
+ sqlite3DbFree(p->db, pChunk);
+ }
+ p->pChunk = 0;
+ p->nFresh = 0;
+ p->pEntry = 0;
+ p->pLast = 0;
+ p->pForest = 0;
+ p->rsFlags = ROWSET_SORTED;
+}
+
+/*
+** Allocate a new RowSetEntry object that is associated with the
+** given RowSet. Return a pointer to the new and completely uninitialized
+** objected.
+**
+** In an OOM situation, the RowSet.db->mallocFailed flag is set and this
+** routine returns NULL.
+*/
+static struct RowSetEntry *rowSetEntryAlloc(RowSet *p){
+ assert( p!=0 );
+ if( p->nFresh==0 ){
+ struct RowSetChunk *pNew;
+ pNew = sqlite3DbMallocRaw(p->db, sizeof(*pNew));
+ if( pNew==0 ){
+ return 0;
+ }
+ pNew->pNextChunk = p->pChunk;
+ p->pChunk = pNew;
+ p->pFresh = pNew->aEntry;
+ p->nFresh = ROWSET_ENTRY_PER_CHUNK;
+ }
+ p->nFresh--;
+ return p->pFresh++;
+}
+
+/*
+** Insert a new value into a RowSet.
+**
+** The mallocFailed flag of the database connection is set if a
+** memory allocation fails.
+*/
+SQLITE_PRIVATE void sqlite3RowSetInsert(RowSet *p, i64 rowid){
+ struct RowSetEntry *pEntry; /* The new entry */
+ struct RowSetEntry *pLast; /* The last prior entry */
+
+ /* This routine is never called after sqlite3RowSetNext() */
+ assert( p!=0 && (p->rsFlags & ROWSET_NEXT)==0 );
+
+ pEntry = rowSetEntryAlloc(p);
+ if( pEntry==0 ) return;
+ pEntry->v = rowid;
+ pEntry->pRight = 0;
+ pLast = p->pLast;
+ if( pLast ){
+ if( (p->rsFlags & ROWSET_SORTED)!=0 && rowid<=pLast->v ){
+ p->rsFlags &= ~ROWSET_SORTED;
+ }
+ pLast->pRight = pEntry;
+ }else{
+ p->pEntry = pEntry;
+ }
+ p->pLast = pEntry;
+}
+
+/*
+** Merge two lists of RowSetEntry objects. Remove duplicates.
+**
+** The input lists are connected via pRight pointers and are
+** assumed to each already be in sorted order.
+*/
+static struct RowSetEntry *rowSetEntryMerge(
+ struct RowSetEntry *pA, /* First sorted list to be merged */
+ struct RowSetEntry *pB /* Second sorted list to be merged */
+){
+ struct RowSetEntry head;
+ struct RowSetEntry *pTail;
+
+ pTail = &head;
+ while( pA && pB ){
+ assert( pA->pRight==0 || pA->v<=pA->pRight->v );
+ assert( pB->pRight==0 || pB->v<=pB->pRight->v );
+ if( pA->v<pB->v ){
+ pTail->pRight = pA;
+ pA = pA->pRight;
+ pTail = pTail->pRight;
+ }else if( pB->v<pA->v ){
+ pTail->pRight = pB;
+ pB = pB->pRight;
+ pTail = pTail->pRight;
+ }else{
+ pA = pA->pRight;
+ }
+ }
+ if( pA ){
+ assert( pA->pRight==0 || pA->v<=pA->pRight->v );
+ pTail->pRight = pA;
+ }else{
+ assert( pB==0 || pB->pRight==0 || pB->v<=pB->pRight->v );
+ pTail->pRight = pB;
+ }
+ return head.pRight;
+}
+
+/*
+** Sort all elements on the list of RowSetEntry objects into order of
+** increasing v.
+*/
+static struct RowSetEntry *rowSetEntrySort(struct RowSetEntry *pIn){
+ unsigned int i;
+ struct RowSetEntry *pNext, *aBucket[40];
+
+ memset(aBucket, 0, sizeof(aBucket));
+ while( pIn ){
+ pNext = pIn->pRight;
+ pIn->pRight = 0;
+ for(i=0; aBucket[i]; i++){
+ pIn = rowSetEntryMerge(aBucket[i], pIn);
+ aBucket[i] = 0;
+ }
+ aBucket[i] = pIn;
+ pIn = pNext;
+ }
+ pIn = 0;
+ for(i=0; i<sizeof(aBucket)/sizeof(aBucket[0]); i++){
+ pIn = rowSetEntryMerge(pIn, aBucket[i]);
+ }
+ return pIn;
+}
+
+
+/*
+** The input, pIn, is a binary tree (or subtree) of RowSetEntry objects.
+** Convert this tree into a linked list connected by the pRight pointers
+** and return pointers to the first and last elements of the new list.
+*/
+static void rowSetTreeToList(
+ struct RowSetEntry *pIn, /* Root of the input tree */
+ struct RowSetEntry **ppFirst, /* Write head of the output list here */
+ struct RowSetEntry **ppLast /* Write tail of the output list here */
+){
+ assert( pIn!=0 );
+ if( pIn->pLeft ){
+ struct RowSetEntry *p;
+ rowSetTreeToList(pIn->pLeft, ppFirst, &p);
+ p->pRight = pIn;
+ }else{
+ *ppFirst = pIn;
+ }
+ if( pIn->pRight ){
+ rowSetTreeToList(pIn->pRight, &pIn->pRight, ppLast);
+ }else{
+ *ppLast = pIn;
+ }
+ assert( (*ppLast)->pRight==0 );
+}
+
+
+/*
+** Convert a sorted list of elements (connected by pRight) into a binary
+** tree with depth of iDepth. A depth of 1 means the tree contains a single
+** node taken from the head of *ppList. A depth of 2 means a tree with
+** three nodes. And so forth.
+**
+** Use as many entries from the input list as required and update the
+** *ppList to point to the unused elements of the list. If the input
+** list contains too few elements, then construct an incomplete tree
+** and leave *ppList set to NULL.
+**
+** Return a pointer to the root of the constructed binary tree.
+*/
+static struct RowSetEntry *rowSetNDeepTree(
+ struct RowSetEntry **ppList,
+ int iDepth
+){
+ struct RowSetEntry *p; /* Root of the new tree */
+ struct RowSetEntry *pLeft; /* Left subtree */
+ if( *ppList==0 ){
+ return 0;
+ }
+ if( iDepth==1 ){
+ p = *ppList;
+ *ppList = p->pRight;
+ p->pLeft = p->pRight = 0;
+ return p;
+ }
+ pLeft = rowSetNDeepTree(ppList, iDepth-1);
+ p = *ppList;
+ if( p==0 ){
+ return pLeft;
+ }
+ p->pLeft = pLeft;
+ *ppList = p->pRight;
+ p->pRight = rowSetNDeepTree(ppList, iDepth-1);
+ return p;
+}
+
+/*
+** Convert a sorted list of elements into a binary tree. Make the tree
+** as deep as it needs to be in order to contain the entire list.
+*/
+static struct RowSetEntry *rowSetListToTree(struct RowSetEntry *pList){
+ int iDepth; /* Depth of the tree so far */
+ struct RowSetEntry *p; /* Current tree root */
+ struct RowSetEntry *pLeft; /* Left subtree */
+
+ assert( pList!=0 );
+ p = pList;
+ pList = p->pRight;
+ p->pLeft = p->pRight = 0;
+ for(iDepth=1; pList; iDepth++){
+ pLeft = p;
+ p = pList;
+ pList = p->pRight;
+ p->pLeft = pLeft;
+ p->pRight = rowSetNDeepTree(&pList, iDepth);
+ }
+ return p;
+}
+
+/*
+** Take all the entries on p->pEntry and on the trees in p->pForest and
+** sort them all together into one big ordered list on p->pEntry.
+**
+** This routine should only be called once in the life of a RowSet.
+*/
+static void rowSetToList(RowSet *p){
+
+ /* This routine is called only once */
+ assert( p!=0 && (p->rsFlags & ROWSET_NEXT)==0 );
+
+ if( (p->rsFlags & ROWSET_SORTED)==0 ){
+ p->pEntry = rowSetEntrySort(p->pEntry);
+ }
+
+ /* While this module could theoretically support it, sqlite3RowSetNext()
+ ** is never called after sqlite3RowSetText() for the same RowSet. So
+ ** there is never a forest to deal with. Should this change, simply
+ ** remove the assert() and the #if 0. */
+ assert( p->pForest==0 );
+#if 0
+ while( p->pForest ){
+ struct RowSetEntry *pTree = p->pForest->pLeft;
+ if( pTree ){
+ struct RowSetEntry *pHead, *pTail;
+ rowSetTreeToList(pTree, &pHead, &pTail);
+ p->pEntry = rowSetEntryMerge(p->pEntry, pHead);
+ }
+ p->pForest = p->pForest->pRight;
+ }
+#endif
+ p->rsFlags |= ROWSET_NEXT; /* Verify this routine is never called again */
+}
+
+/*
+** Extract the smallest element from the RowSet.
+** Write the element into *pRowid. Return 1 on success. Return
+** 0 if the RowSet is already empty.
+**
+** After this routine has been called, the sqlite3RowSetInsert()
+** routine may not be called again.
+*/
+SQLITE_PRIVATE int sqlite3RowSetNext(RowSet *p, i64 *pRowid){
+ assert( p!=0 );
+
+ /* Merge the forest into a single sorted list on first call */
+ if( (p->rsFlags & ROWSET_NEXT)==0 ) rowSetToList(p);
+
+ /* Return the next entry on the list */
+ if( p->pEntry ){
+ *pRowid = p->pEntry->v;
+ p->pEntry = p->pEntry->pRight;
+ if( p->pEntry==0 ){
+ sqlite3RowSetClear(p);
+ }
+ return 1;
+ }else{
+ return 0;
+ }
+}
+
+/*
+** Check to see if element iRowid was inserted into the rowset as
+** part of any insert batch prior to iBatch. Return 1 or 0.
+**
+** If this is the first test of a new batch and if there exist entries
+** on pRowSet->pEntry, then sort those entries into the forest at
+** pRowSet->pForest so that they can be tested.
+*/
+SQLITE_PRIVATE int sqlite3RowSetTest(RowSet *pRowSet, int iBatch, sqlite3_int64 iRowid){
+ struct RowSetEntry *p, *pTree;
+
+ /* This routine is never called after sqlite3RowSetNext() */
+ assert( pRowSet!=0 && (pRowSet->rsFlags & ROWSET_NEXT)==0 );
+
+ /* Sort entries into the forest on the first test of a new batch
+ */
+ if( iBatch!=pRowSet->iBatch ){
+ p = pRowSet->pEntry;
+ if( p ){
+ struct RowSetEntry **ppPrevTree = &pRowSet->pForest;
+ if( (pRowSet->rsFlags & ROWSET_SORTED)==0 ){
+ p = rowSetEntrySort(p);
+ }
+ for(pTree = pRowSet->pForest; pTree; pTree=pTree->pRight){
+ ppPrevTree = &pTree->pRight;
+ if( pTree->pLeft==0 ){
+ pTree->pLeft = rowSetListToTree(p);
+ break;
+ }else{
+ struct RowSetEntry *pAux, *pTail;
+ rowSetTreeToList(pTree->pLeft, &pAux, &pTail);
+ pTree->pLeft = 0;
+ p = rowSetEntryMerge(pAux, p);
+ }
+ }
+ if( pTree==0 ){
+ *ppPrevTree = pTree = rowSetEntryAlloc(pRowSet);
+ if( pTree ){
+ pTree->v = 0;
+ pTree->pRight = 0;
+ pTree->pLeft = rowSetListToTree(p);
+ }
+ }
+ pRowSet->pEntry = 0;
+ pRowSet->pLast = 0;
+ pRowSet->rsFlags |= ROWSET_SORTED;
+ }
+ pRowSet->iBatch = iBatch;
+ }
+
+ /* Test to see if the iRowid value appears anywhere in the forest.
+ ** Return 1 if it does and 0 if not.
+ */
+ for(pTree = pRowSet->pForest; pTree; pTree=pTree->pRight){
+ p = pTree->pLeft;
+ while( p ){
+ if( p->v<iRowid ){
+ p = p->pRight;
+ }else if( p->v>iRowid ){
+ p = p->pLeft;
+ }else{
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+/************** End of rowset.c **********************************************/
+/************** Begin file pager.c *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This is the implementation of the page cache subsystem or "pager".
+**
+** The pager is used to access a database disk file. It implements
+** atomic commit and rollback through the use of a journal file that
+** is separate from the database file. The pager also implements file
+** locking to prevent two processes from writing the same database
+** file simultaneously, or one process from reading the database while
+** another is writing.
+*/
+#ifndef SQLITE_OMIT_DISKIO
+/* #include "sqliteInt.h" */
+/************** Include wal.h in the middle of pager.c ***********************/
+/************** Begin file wal.h *********************************************/
+/*
+** 2010 February 1
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the interface to the write-ahead logging
+** system. Refer to the comments below and the header comment attached to
+** the implementation of each function in log.c for further details.
+*/
+
+#ifndef _WAL_H_
+#define _WAL_H_
+
+/* #include "sqliteInt.h" */
+
+/* Additional values that can be added to the sync_flags argument of
+** sqlite3WalFrames():
+*/
+#define WAL_SYNC_TRANSACTIONS 0x20 /* Sync at the end of each transaction */
+#define SQLITE_SYNC_MASK 0x13 /* Mask off the SQLITE_SYNC_* values */
+
+#ifdef SQLITE_OMIT_WAL
+# define sqlite3WalOpen(x,y,z) 0
+# define sqlite3WalLimit(x,y)
+# define sqlite3WalClose(w,x,y,z) 0
+# define sqlite3WalBeginReadTransaction(y,z) 0
+# define sqlite3WalEndReadTransaction(z)
+# define sqlite3WalDbsize(y) 0
+# define sqlite3WalBeginWriteTransaction(y) 0
+# define sqlite3WalEndWriteTransaction(x) 0
+# define sqlite3WalUndo(x,y,z) 0
+# define sqlite3WalSavepoint(y,z)
+# define sqlite3WalSavepointUndo(y,z) 0
+# define sqlite3WalFrames(u,v,w,x,y,z) 0
+# define sqlite3WalCheckpoint(r,s,t,u,v,w,x,y,z) 0
+# define sqlite3WalCallback(z) 0
+# define sqlite3WalExclusiveMode(y,z) 0
+# define sqlite3WalHeapMemory(z) 0
+# define sqlite3WalFramesize(z) 0
+# define sqlite3WalFindFrame(x,y,z) 0
+# define sqlite3WalFile(x) 0
+#else
+
+#define WAL_SAVEPOINT_NDATA 4
+
+/* Connection to a write-ahead log (WAL) file.
+** There is one object of this type for each pager.
+*/
+typedef struct Wal Wal;
+
+/* Open and close a connection to a write-ahead log. */
+SQLITE_PRIVATE int sqlite3WalOpen(sqlite3_vfs*, sqlite3_file*, const char *, int, i64, Wal**);
+SQLITE_PRIVATE int sqlite3WalClose(Wal *pWal, int sync_flags, int, u8 *);
+
+/* Set the limiting size of a WAL file. */
+SQLITE_PRIVATE void sqlite3WalLimit(Wal*, i64);
+
+/* Used by readers to open (lock) and close (unlock) a snapshot. A
+** snapshot is like a read-transaction. It is the state of the database
+** at an instant in time. sqlite3WalOpenSnapshot gets a read lock and
+** preserves the current state even if the other threads or processes
+** write to or checkpoint the WAL. sqlite3WalCloseSnapshot() closes the
+** transaction and releases the lock.
+*/
+SQLITE_PRIVATE int sqlite3WalBeginReadTransaction(Wal *pWal, int *);
+SQLITE_PRIVATE void sqlite3WalEndReadTransaction(Wal *pWal);
+
+/* Read a page from the write-ahead log, if it is present. */
+SQLITE_PRIVATE int sqlite3WalFindFrame(Wal *, Pgno, u32 *);
+SQLITE_PRIVATE int sqlite3WalReadFrame(Wal *, u32, int, u8 *);
+
+/* If the WAL is not empty, return the size of the database. */
+SQLITE_PRIVATE Pgno sqlite3WalDbsize(Wal *pWal);
+
+/* Obtain or release the WRITER lock. */
+SQLITE_PRIVATE int sqlite3WalBeginWriteTransaction(Wal *pWal);
+SQLITE_PRIVATE int sqlite3WalEndWriteTransaction(Wal *pWal);
+
+/* Undo any frames written (but not committed) to the log */
+SQLITE_PRIVATE int sqlite3WalUndo(Wal *pWal, int (*xUndo)(void *, Pgno), void *pUndoCtx);
+
+/* Return an integer that records the current (uncommitted) write
+** position in the WAL */
+SQLITE_PRIVATE void sqlite3WalSavepoint(Wal *pWal, u32 *aWalData);
+
+/* Move the write position of the WAL back to iFrame. Called in
+** response to a ROLLBACK TO command. */
+SQLITE_PRIVATE int sqlite3WalSavepointUndo(Wal *pWal, u32 *aWalData);
+
+/* Write a frame or frames to the log. */
+SQLITE_PRIVATE int sqlite3WalFrames(Wal *pWal, int, PgHdr *, Pgno, int, int);
+
+/* Copy pages from the log to the database file */
+SQLITE_PRIVATE int sqlite3WalCheckpoint(
+ Wal *pWal, /* Write-ahead log connection */
+ int eMode, /* One of PASSIVE, FULL and RESTART */
+ int (*xBusy)(void*), /* Function to call when busy */
+ void *pBusyArg, /* Context argument for xBusyHandler */
+ int sync_flags, /* Flags to sync db file with (or 0) */
+ int nBuf, /* Size of buffer nBuf */
+ u8 *zBuf, /* Temporary buffer to use */
+ int *pnLog, /* OUT: Number of frames in WAL */
+ int *pnCkpt /* OUT: Number of backfilled frames in WAL */
+);
+
+/* Return the value to pass to a sqlite3_wal_hook callback, the
+** number of frames in the WAL at the point of the last commit since
+** sqlite3WalCallback() was called. If no commits have occurred since
+** the last call, then return 0.
+*/
+SQLITE_PRIVATE int sqlite3WalCallback(Wal *pWal);
+
+/* Tell the wal layer that an EXCLUSIVE lock has been obtained (or released)
+** by the pager layer on the database file.
+*/
+SQLITE_PRIVATE int sqlite3WalExclusiveMode(Wal *pWal, int op);
+
+/* Return true if the argument is non-NULL and the WAL module is using
+** heap-memory for the wal-index. Otherwise, if the argument is NULL or the
+** WAL module is using shared-memory, return false.
+*/
+SQLITE_PRIVATE int sqlite3WalHeapMemory(Wal *pWal);
+
+#ifdef SQLITE_ENABLE_SNAPSHOT
+SQLITE_PRIVATE int sqlite3WalSnapshotGet(Wal *pWal, sqlite3_snapshot **ppSnapshot);
+SQLITE_PRIVATE void sqlite3WalSnapshotOpen(Wal *pWal, sqlite3_snapshot *pSnapshot);
+#endif
+
+#ifdef SQLITE_ENABLE_ZIPVFS
+/* If the WAL file is not empty, return the number of bytes of content
+** stored in each frame (i.e. the db page-size when the WAL was created).
+*/
+SQLITE_PRIVATE int sqlite3WalFramesize(Wal *pWal);
+#endif
+
+/* Return the sqlite3_file object for the WAL file */
+SQLITE_PRIVATE sqlite3_file *sqlite3WalFile(Wal *pWal);
+
+#endif /* ifndef SQLITE_OMIT_WAL */
+#endif /* _WAL_H_ */
+
+/************** End of wal.h *************************************************/
+/************** Continuing where we left off in pager.c **********************/
+
+
+/******************* NOTES ON THE DESIGN OF THE PAGER ************************
+**
+** This comment block describes invariants that hold when using a rollback
+** journal. These invariants do not apply for journal_mode=WAL,
+** journal_mode=MEMORY, or journal_mode=OFF.
+**
+** Within this comment block, a page is deemed to have been synced
+** automatically as soon as it is written when PRAGMA synchronous=OFF.
+** Otherwise, the page is not synced until the xSync method of the VFS
+** is called successfully on the file containing the page.
+**
+** Definition: A page of the database file is said to be "overwriteable" if
+** one or more of the following are true about the page:
+**
+** (a) The original content of the page as it was at the beginning of
+** the transaction has been written into the rollback journal and
+** synced.
+**
+** (b) The page was a freelist leaf page at the start of the transaction.
+**
+** (c) The page number is greater than the largest page that existed in
+** the database file at the start of the transaction.
+**
+** (1) A page of the database file is never overwritten unless one of the
+** following are true:
+**
+** (a) The page and all other pages on the same sector are overwriteable.
+**
+** (b) The atomic page write optimization is enabled, and the entire
+** transaction other than the update of the transaction sequence
+** number consists of a single page change.
+**
+** (2) The content of a page written into the rollback journal exactly matches
+** both the content in the database when the rollback journal was written
+** and the content in the database at the beginning of the current
+** transaction.
+**
+** (3) Writes to the database file are an integer multiple of the page size
+** in length and are aligned on a page boundary.
+**
+** (4) Reads from the database file are either aligned on a page boundary and
+** an integer multiple of the page size in length or are taken from the
+** first 100 bytes of the database file.
+**
+** (5) All writes to the database file are synced prior to the rollback journal
+** being deleted, truncated, or zeroed.
+**
+** (6) If a master journal file is used, then all writes to the database file
+** are synced prior to the master journal being deleted.
+**
+** Definition: Two databases (or the same database at two points it time)
+** are said to be "logically equivalent" if they give the same answer to
+** all queries. Note in particular the content of freelist leaf
+** pages can be changed arbitrarily without affecting the logical equivalence
+** of the database.
+**
+** (7) At any time, if any subset, including the empty set and the total set,
+** of the unsynced changes to a rollback journal are removed and the
+** journal is rolled back, the resulting database file will be logically
+** equivalent to the database file at the beginning of the transaction.
+**
+** (8) When a transaction is rolled back, the xTruncate method of the VFS
+** is called to restore the database file to the same size it was at
+** the beginning of the transaction. (In some VFSes, the xTruncate
+** method is a no-op, but that does not change the fact the SQLite will
+** invoke it.)
+**
+** (9) Whenever the database file is modified, at least one bit in the range
+** of bytes from 24 through 39 inclusive will be changed prior to releasing
+** the EXCLUSIVE lock, thus signaling other connections on the same
+** database to flush their caches.
+**
+** (10) The pattern of bits in bytes 24 through 39 shall not repeat in less
+** than one billion transactions.
+**
+** (11) A database file is well-formed at the beginning and at the conclusion
+** of every transaction.
+**
+** (12) An EXCLUSIVE lock is held on the database file when writing to
+** the database file.
+**
+** (13) A SHARED lock is held on the database file while reading any
+** content out of the database file.
+**
+******************************************************************************/
+
+/*
+** Macros for troubleshooting. Normally turned off
+*/
+#if 0
+int sqlite3PagerTrace=1; /* True to enable tracing */
+#define sqlite3DebugPrintf printf
+#define PAGERTRACE(X) if( sqlite3PagerTrace ){ sqlite3DebugPrintf X; }
+#else
+#define PAGERTRACE(X)
+#endif
+
+/*
+** The following two macros are used within the PAGERTRACE() macros above
+** to print out file-descriptors.
+**
+** PAGERID() takes a pointer to a Pager struct as its argument. The
+** associated file-descriptor is returned. FILEHANDLEID() takes an sqlite3_file
+** struct as its argument.
+*/
+#define PAGERID(p) ((int)(p->fd))
+#define FILEHANDLEID(fd) ((int)fd)
+
+/*
+** The Pager.eState variable stores the current 'state' of a pager. A
+** pager may be in any one of the seven states shown in the following
+** state diagram.
+**
+** OPEN <------+------+
+** | | |
+** V | |
+** +---------> READER-------+ |
+** | | |
+** | V |
+** |<-------WRITER_LOCKED------> ERROR
+** | | ^
+** | V |
+** |<------WRITER_CACHEMOD-------->|
+** | | |
+** | V |
+** |<-------WRITER_DBMOD---------->|
+** | | |
+** | V |
+** +<------WRITER_FINISHED-------->+
+**
+**
+** List of state transitions and the C [function] that performs each:
+**
+** OPEN -> READER [sqlite3PagerSharedLock]
+** READER -> OPEN [pager_unlock]
+**
+** READER -> WRITER_LOCKED [sqlite3PagerBegin]
+** WRITER_LOCKED -> WRITER_CACHEMOD [pager_open_journal]
+** WRITER_CACHEMOD -> WRITER_DBMOD [syncJournal]
+** WRITER_DBMOD -> WRITER_FINISHED [sqlite3PagerCommitPhaseOne]
+** WRITER_*** -> READER [pager_end_transaction]
+**
+** WRITER_*** -> ERROR [pager_error]
+** ERROR -> OPEN [pager_unlock]
+**
+**
+** OPEN:
+**
+** The pager starts up in this state. Nothing is guaranteed in this
+** state - the file may or may not be locked and the database size is
+** unknown. The database may not be read or written.
+**
+** * No read or write transaction is active.
+** * Any lock, or no lock at all, may be held on the database file.
+** * The dbSize, dbOrigSize and dbFileSize variables may not be trusted.
+**
+** READER:
+**
+** In this state all the requirements for reading the database in
+** rollback (non-WAL) mode are met. Unless the pager is (or recently
+** was) in exclusive-locking mode, a user-level read transaction is
+** open. The database size is known in this state.
+**
+** A connection running with locking_mode=normal enters this state when
+** it opens a read-transaction on the database and returns to state
+** OPEN after the read-transaction is completed. However a connection
+** running in locking_mode=exclusive (including temp databases) remains in
+** this state even after the read-transaction is closed. The only way
+** a locking_mode=exclusive connection can transition from READER to OPEN
+** is via the ERROR state (see below).
+**
+** * A read transaction may be active (but a write-transaction cannot).
+** * A SHARED or greater lock is held on the database file.
+** * The dbSize variable may be trusted (even if a user-level read
+** transaction is not active). The dbOrigSize and dbFileSize variables
+** may not be trusted at this point.
+** * If the database is a WAL database, then the WAL connection is open.
+** * Even if a read-transaction is not open, it is guaranteed that
+** there is no hot-journal in the file-system.
+**
+** WRITER_LOCKED:
+**
+** The pager moves to this state from READER when a write-transaction
+** is first opened on the database. In WRITER_LOCKED state, all locks
+** required to start a write-transaction are held, but no actual
+** modifications to the cache or database have taken place.
+**
+** In rollback mode, a RESERVED or (if the transaction was opened with
+** BEGIN EXCLUSIVE) EXCLUSIVE lock is obtained on the database file when
+** moving to this state, but the journal file is not written to or opened
+** to in this state. If the transaction is committed or rolled back while
+** in WRITER_LOCKED state, all that is required is to unlock the database
+** file.
+**
+** IN WAL mode, WalBeginWriteTransaction() is called to lock the log file.
+** If the connection is running with locking_mode=exclusive, an attempt
+** is made to obtain an EXCLUSIVE lock on the database file.
+**
+** * A write transaction is active.
+** * If the connection is open in rollback-mode, a RESERVED or greater
+** lock is held on the database file.
+** * If the connection is open in WAL-mode, a WAL write transaction
+** is open (i.e. sqlite3WalBeginWriteTransaction() has been successfully
+** called).
+** * The dbSize, dbOrigSize and dbFileSize variables are all valid.
+** * The contents of the pager cache have not been modified.
+** * The journal file may or may not be open.
+** * Nothing (not even the first header) has been written to the journal.
+**
+** WRITER_CACHEMOD:
+**
+** A pager moves from WRITER_LOCKED state to this state when a page is
+** first modified by the upper layer. In rollback mode the journal file
+** is opened (if it is not already open) and a header written to the
+** start of it. The database file on disk has not been modified.
+**
+** * A write transaction is active.
+** * A RESERVED or greater lock is held on the database file.
+** * The journal file is open and the first header has been written
+** to it, but the header has not been synced to disk.
+** * The contents of the page cache have been modified.
+**
+** WRITER_DBMOD:
+**
+** The pager transitions from WRITER_CACHEMOD into WRITER_DBMOD state
+** when it modifies the contents of the database file. WAL connections
+** never enter this state (since they do not modify the database file,
+** just the log file).
+**
+** * A write transaction is active.
+** * An EXCLUSIVE or greater lock is held on the database file.
+** * The journal file is open and the first header has been written
+** and synced to disk.
+** * The contents of the page cache have been modified (and possibly
+** written to disk).
+**
+** WRITER_FINISHED:
+**
+** It is not possible for a WAL connection to enter this state.
+**
+** A rollback-mode pager changes to WRITER_FINISHED state from WRITER_DBMOD
+** state after the entire transaction has been successfully written into the
+** database file. In this state the transaction may be committed simply
+** by finalizing the journal file. Once in WRITER_FINISHED state, it is
+** not possible to modify the database further. At this point, the upper
+** layer must either commit or rollback the transaction.
+**
+** * A write transaction is active.
+** * An EXCLUSIVE or greater lock is held on the database file.
+** * All writing and syncing of journal and database data has finished.
+** If no error occurred, all that remains is to finalize the journal to
+** commit the transaction. If an error did occur, the caller will need
+** to rollback the transaction.
+**
+** ERROR:
+**
+** The ERROR state is entered when an IO or disk-full error (including
+** SQLITE_IOERR_NOMEM) occurs at a point in the code that makes it
+** difficult to be sure that the in-memory pager state (cache contents,
+** db size etc.) are consistent with the contents of the file-system.
+**
+** Temporary pager files may enter the ERROR state, but in-memory pagers
+** cannot.
+**
+** For example, if an IO error occurs while performing a rollback,
+** the contents of the page-cache may be left in an inconsistent state.
+** At this point it would be dangerous to change back to READER state
+** (as usually happens after a rollback). Any subsequent readers might
+** report database corruption (due to the inconsistent cache), and if
+** they upgrade to writers, they may inadvertently corrupt the database
+** file. To avoid this hazard, the pager switches into the ERROR state
+** instead of READER following such an error.
+**
+** Once it has entered the ERROR state, any attempt to use the pager
+** to read or write data returns an error. Eventually, once all
+** outstanding transactions have been abandoned, the pager is able to
+** transition back to OPEN state, discarding the contents of the
+** page-cache and any other in-memory state at the same time. Everything
+** is reloaded from disk (and, if necessary, hot-journal rollback peformed)
+** when a read-transaction is next opened on the pager (transitioning
+** the pager into READER state). At that point the system has recovered
+** from the error.
+**
+** Specifically, the pager jumps into the ERROR state if:
+**
+** 1. An error occurs while attempting a rollback. This happens in
+** function sqlite3PagerRollback().
+**
+** 2. An error occurs while attempting to finalize a journal file
+** following a commit in function sqlite3PagerCommitPhaseTwo().
+**
+** 3. An error occurs while attempting to write to the journal or
+** database file in function pagerStress() in order to free up
+** memory.
+**
+** In other cases, the error is returned to the b-tree layer. The b-tree
+** layer then attempts a rollback operation. If the error condition
+** persists, the pager enters the ERROR state via condition (1) above.
+**
+** Condition (3) is necessary because it can be triggered by a read-only
+** statement executed within a transaction. In this case, if the error
+** code were simply returned to the user, the b-tree layer would not
+** automatically attempt a rollback, as it assumes that an error in a
+** read-only statement cannot leave the pager in an internally inconsistent
+** state.
+**
+** * The Pager.errCode variable is set to something other than SQLITE_OK.
+** * There are one or more outstanding references to pages (after the
+** last reference is dropped the pager should move back to OPEN state).
+** * The pager is not an in-memory pager.
+**
+**
+** Notes:
+**
+** * A pager is never in WRITER_DBMOD or WRITER_FINISHED state if the
+** connection is open in WAL mode. A WAL connection is always in one
+** of the first four states.
+**
+** * Normally, a connection open in exclusive mode is never in PAGER_OPEN
+** state. There are two exceptions: immediately after exclusive-mode has
+** been turned on (and before any read or write transactions are
+** executed), and when the pager is leaving the "error state".
+**
+** * See also: assert_pager_state().
+*/
+#define PAGER_OPEN 0
+#define PAGER_READER 1
+#define PAGER_WRITER_LOCKED 2
+#define PAGER_WRITER_CACHEMOD 3
+#define PAGER_WRITER_DBMOD 4
+#define PAGER_WRITER_FINISHED 5
+#define PAGER_ERROR 6
+
+/*
+** The Pager.eLock variable is almost always set to one of the
+** following locking-states, according to the lock currently held on
+** the database file: NO_LOCK, SHARED_LOCK, RESERVED_LOCK or EXCLUSIVE_LOCK.
+** This variable is kept up to date as locks are taken and released by
+** the pagerLockDb() and pagerUnlockDb() wrappers.
+**
+** If the VFS xLock() or xUnlock() returns an error other than SQLITE_BUSY
+** (i.e. one of the SQLITE_IOERR subtypes), it is not clear whether or not
+** the operation was successful. In these circumstances pagerLockDb() and
+** pagerUnlockDb() take a conservative approach - eLock is always updated
+** when unlocking the file, and only updated when locking the file if the
+** VFS call is successful. This way, the Pager.eLock variable may be set
+** to a less exclusive (lower) value than the lock that is actually held
+** at the system level, but it is never set to a more exclusive value.
+**
+** This is usually safe. If an xUnlock fails or appears to fail, there may
+** be a few redundant xLock() calls or a lock may be held for longer than
+** required, but nothing really goes wrong.
+**
+** The exception is when the database file is unlocked as the pager moves
+** from ERROR to OPEN state. At this point there may be a hot-journal file
+** in the file-system that needs to be rolled back (as part of an OPEN->SHARED
+** transition, by the same pager or any other). If the call to xUnlock()
+** fails at this point and the pager is left holding an EXCLUSIVE lock, this
+** can confuse the call to xCheckReservedLock() call made later as part
+** of hot-journal detection.
+**
+** xCheckReservedLock() is defined as returning true "if there is a RESERVED
+** lock held by this process or any others". So xCheckReservedLock may
+** return true because the caller itself is holding an EXCLUSIVE lock (but
+** doesn't know it because of a previous error in xUnlock). If this happens
+** a hot-journal may be mistaken for a journal being created by an active
+** transaction in another process, causing SQLite to read from the database
+** without rolling it back.
+**
+** To work around this, if a call to xUnlock() fails when unlocking the
+** database in the ERROR state, Pager.eLock is set to UNKNOWN_LOCK. It
+** is only changed back to a real locking state after a successful call
+** to xLock(EXCLUSIVE). Also, the code to do the OPEN->SHARED state transition
+** omits the check for a hot-journal if Pager.eLock is set to UNKNOWN_LOCK
+** lock. Instead, it assumes a hot-journal exists and obtains an EXCLUSIVE
+** lock on the database file before attempting to roll it back. See function
+** PagerSharedLock() for more detail.
+**
+** Pager.eLock may only be set to UNKNOWN_LOCK when the pager is in
+** PAGER_OPEN state.
+*/
+#define UNKNOWN_LOCK (EXCLUSIVE_LOCK+1)
+
+/*
+** A macro used for invoking the codec if there is one
+*/
+#ifdef SQLITE_HAS_CODEC
+# define CODEC1(P,D,N,X,E) \
+ if( P->xCodec && P->xCodec(P->pCodec,D,N,X)==0 ){ E; }
+# define CODEC2(P,D,N,X,E,O) \
+ if( P->xCodec==0 ){ O=(char*)D; }else \
+ if( (O=(char*)(P->xCodec(P->pCodec,D,N,X)))==0 ){ E; }
+#else
+# define CODEC1(P,D,N,X,E) /* NO-OP */
+# define CODEC2(P,D,N,X,E,O) O=(char*)D
+#endif
+
+/*
+** The maximum allowed sector size. 64KiB. If the xSectorsize() method
+** returns a value larger than this, then MAX_SECTOR_SIZE is used instead.
+** This could conceivably cause corruption following a power failure on
+** such a system. This is currently an undocumented limit.
+*/
+#define MAX_SECTOR_SIZE 0x10000
+
+/*
+** An instance of the following structure is allocated for each active
+** savepoint and statement transaction in the system. All such structures
+** are stored in the Pager.aSavepoint[] array, which is allocated and
+** resized using sqlite3Realloc().
+**
+** When a savepoint is created, the PagerSavepoint.iHdrOffset field is
+** set to 0. If a journal-header is written into the main journal while
+** the savepoint is active, then iHdrOffset is set to the byte offset
+** immediately following the last journal record written into the main
+** journal before the journal-header. This is required during savepoint
+** rollback (see pagerPlaybackSavepoint()).
+*/
+typedef struct PagerSavepoint PagerSavepoint;
+struct PagerSavepoint {
+ i64 iOffset; /* Starting offset in main journal */
+ i64 iHdrOffset; /* See above */
+ Bitvec *pInSavepoint; /* Set of pages in this savepoint */
+ Pgno nOrig; /* Original number of pages in file */
+ Pgno iSubRec; /* Index of first record in sub-journal */
+#ifndef SQLITE_OMIT_WAL
+ u32 aWalData[WAL_SAVEPOINT_NDATA]; /* WAL savepoint context */
+#endif
+};
+
+/*
+** Bits of the Pager.doNotSpill flag. See further description below.
+*/
+#define SPILLFLAG_OFF 0x01 /* Never spill cache. Set via pragma */
+#define SPILLFLAG_ROLLBACK 0x02 /* Current rolling back, so do not spill */
+#define SPILLFLAG_NOSYNC 0x04 /* Spill is ok, but do not sync */
+
+/*
+** An open page cache is an instance of struct Pager. A description of
+** some of the more important member variables follows:
+**
+** eState
+**
+** The current 'state' of the pager object. See the comment and state
+** diagram above for a description of the pager state.
+**
+** eLock
+**
+** For a real on-disk database, the current lock held on the database file -
+** NO_LOCK, SHARED_LOCK, RESERVED_LOCK or EXCLUSIVE_LOCK.
+**
+** For a temporary or in-memory database (neither of which require any
+** locks), this variable is always set to EXCLUSIVE_LOCK. Since such
+** databases always have Pager.exclusiveMode==1, this tricks the pager
+** logic into thinking that it already has all the locks it will ever
+** need (and no reason to release them).
+**
+** In some (obscure) circumstances, this variable may also be set to
+** UNKNOWN_LOCK. See the comment above the #define of UNKNOWN_LOCK for
+** details.
+**
+** changeCountDone
+**
+** This boolean variable is used to make sure that the change-counter
+** (the 4-byte header field at byte offset 24 of the database file) is
+** not updated more often than necessary.
+**
+** It is set to true when the change-counter field is updated, which
+** can only happen if an exclusive lock is held on the database file.
+** It is cleared (set to false) whenever an exclusive lock is
+** relinquished on the database file. Each time a transaction is committed,
+** The changeCountDone flag is inspected. If it is true, the work of
+** updating the change-counter is omitted for the current transaction.
+**
+** This mechanism means that when running in exclusive mode, a connection
+** need only update the change-counter once, for the first transaction
+** committed.
+**
+** setMaster
+**
+** When PagerCommitPhaseOne() is called to commit a transaction, it may
+** (or may not) specify a master-journal name to be written into the
+** journal file before it is synced to disk.
+**
+** Whether or not a journal file contains a master-journal pointer affects
+** the way in which the journal file is finalized after the transaction is
+** committed or rolled back when running in "journal_mode=PERSIST" mode.
+** If a journal file does not contain a master-journal pointer, it is
+** finalized by overwriting the first journal header with zeroes. If
+** it does contain a master-journal pointer the journal file is finalized
+** by truncating it to zero bytes, just as if the connection were
+** running in "journal_mode=truncate" mode.
+**
+** Journal files that contain master journal pointers cannot be finalized
+** simply by overwriting the first journal-header with zeroes, as the
+** master journal pointer could interfere with hot-journal rollback of any
+** subsequently interrupted transaction that reuses the journal file.
+**
+** The flag is cleared as soon as the journal file is finalized (either
+** by PagerCommitPhaseTwo or PagerRollback). If an IO error prevents the
+** journal file from being successfully finalized, the setMaster flag
+** is cleared anyway (and the pager will move to ERROR state).
+**
+** doNotSpill
+**
+** This variables control the behavior of cache-spills (calls made by
+** the pcache module to the pagerStress() routine to write cached data
+** to the file-system in order to free up memory).
+**
+** When bits SPILLFLAG_OFF or SPILLFLAG_ROLLBACK of doNotSpill are set,
+** writing to the database from pagerStress() is disabled altogether.
+** The SPILLFLAG_ROLLBACK case is done in a very obscure case that
+** comes up during savepoint rollback that requires the pcache module
+** to allocate a new page to prevent the journal file from being written
+** while it is being traversed by code in pager_playback(). The SPILLFLAG_OFF
+** case is a user preference.
+**
+** If the SPILLFLAG_NOSYNC bit is set, writing to the database from
+** pagerStress() is permitted, but syncing the journal file is not.
+** This flag is set by sqlite3PagerWrite() when the file-system sector-size
+** is larger than the database page-size in order to prevent a journal sync
+** from happening in between the journalling of two pages on the same sector.
+**
+** subjInMemory
+**
+** This is a boolean variable. If true, then any required sub-journal
+** is opened as an in-memory journal file. If false, then in-memory
+** sub-journals are only used for in-memory pager files.
+**
+** This variable is updated by the upper layer each time a new
+** write-transaction is opened.
+**
+** dbSize, dbOrigSize, dbFileSize
+**
+** Variable dbSize is set to the number of pages in the database file.
+** It is valid in PAGER_READER and higher states (all states except for
+** OPEN and ERROR).
+**
+** dbSize is set based on the size of the database file, which may be
+** larger than the size of the database (the value stored at offset
+** 28 of the database header by the btree). If the size of the file
+** is not an integer multiple of the page-size, the value stored in
+** dbSize is rounded down (i.e. a 5KB file with 2K page-size has dbSize==2).
+** Except, any file that is greater than 0 bytes in size is considered
+** to have at least one page. (i.e. a 1KB file with 2K page-size leads
+** to dbSize==1).
+**
+** During a write-transaction, if pages with page-numbers greater than
+** dbSize are modified in the cache, dbSize is updated accordingly.
+** Similarly, if the database is truncated using PagerTruncateImage(),
+** dbSize is updated.
+**
+** Variables dbOrigSize and dbFileSize are valid in states
+** PAGER_WRITER_LOCKED and higher. dbOrigSize is a copy of the dbSize
+** variable at the start of the transaction. It is used during rollback,
+** and to determine whether or not pages need to be journalled before
+** being modified.
+**
+** Throughout a write-transaction, dbFileSize contains the size of
+** the file on disk in pages. It is set to a copy of dbSize when the
+** write-transaction is first opened, and updated when VFS calls are made
+** to write or truncate the database file on disk.
+**
+** The only reason the dbFileSize variable is required is to suppress
+** unnecessary calls to xTruncate() after committing a transaction. If,
+** when a transaction is committed, the dbFileSize variable indicates
+** that the database file is larger than the database image (Pager.dbSize),
+** pager_truncate() is called. The pager_truncate() call uses xFilesize()
+** to measure the database file on disk, and then truncates it if required.
+** dbFileSize is not used when rolling back a transaction. In this case
+** pager_truncate() is called unconditionally (which means there may be
+** a call to xFilesize() that is not strictly required). In either case,
+** pager_truncate() may cause the file to become smaller or larger.
+**
+** dbHintSize
+**
+** The dbHintSize variable is used to limit the number of calls made to
+** the VFS xFileControl(FCNTL_SIZE_HINT) method.
+**
+** dbHintSize is set to a copy of the dbSize variable when a
+** write-transaction is opened (at the same time as dbFileSize and
+** dbOrigSize). If the xFileControl(FCNTL_SIZE_HINT) method is called,
+** dbHintSize is increased to the number of pages that correspond to the
+** size-hint passed to the method call. See pager_write_pagelist() for
+** details.
+**
+** errCode
+**
+** The Pager.errCode variable is only ever used in PAGER_ERROR state. It
+** is set to zero in all other states. In PAGER_ERROR state, Pager.errCode
+** is always set to SQLITE_FULL, SQLITE_IOERR or one of the SQLITE_IOERR_XXX
+** sub-codes.
+*/
+struct Pager {
+ sqlite3_vfs *pVfs; /* OS functions to use for IO */
+ u8 exclusiveMode; /* Boolean. True if locking_mode==EXCLUSIVE */
+ u8 journalMode; /* One of the PAGER_JOURNALMODE_* values */
+ u8 useJournal; /* Use a rollback journal on this file */
+ u8 noSync; /* Do not sync the journal if true */
+ u8 fullSync; /* Do extra syncs of the journal for robustness */
+ u8 ckptSyncFlags; /* SYNC_NORMAL or SYNC_FULL for checkpoint */
+ u8 walSyncFlags; /* SYNC_NORMAL or SYNC_FULL for wal writes */
+ u8 syncFlags; /* SYNC_NORMAL or SYNC_FULL otherwise */
+ u8 tempFile; /* zFilename is a temporary or immutable file */
+ u8 noLock; /* Do not lock (except in WAL mode) */
+ u8 readOnly; /* True for a read-only database */
+ u8 memDb; /* True to inhibit all file I/O */
+
+ /**************************************************************************
+ ** The following block contains those class members that change during
+ ** routine operation. Class members not in this block are either fixed
+ ** when the pager is first created or else only change when there is a
+ ** significant mode change (such as changing the page_size, locking_mode,
+ ** or the journal_mode). From another view, these class members describe
+ ** the "state" of the pager, while other class members describe the
+ ** "configuration" of the pager.
+ */
+ u8 eState; /* Pager state (OPEN, READER, WRITER_LOCKED..) */
+ u8 eLock; /* Current lock held on database file */
+ u8 changeCountDone; /* Set after incrementing the change-counter */
+ u8 setMaster; /* True if a m-j name has been written to jrnl */
+ u8 doNotSpill; /* Do not spill the cache when non-zero */
+ u8 subjInMemory; /* True to use in-memory sub-journals */
+ u8 bUseFetch; /* True to use xFetch() */
+ u8 hasHeldSharedLock; /* True if a shared lock has ever been held */
+ Pgno dbSize; /* Number of pages in the database */
+ Pgno dbOrigSize; /* dbSize before the current transaction */
+ Pgno dbFileSize; /* Number of pages in the database file */
+ Pgno dbHintSize; /* Value passed to FCNTL_SIZE_HINT call */
+ int errCode; /* One of several kinds of errors */
+ int nRec; /* Pages journalled since last j-header written */
+ u32 cksumInit; /* Quasi-random value added to every checksum */
+ u32 nSubRec; /* Number of records written to sub-journal */
+ Bitvec *pInJournal; /* One bit for each page in the database file */
+ sqlite3_file *fd; /* File descriptor for database */
+ sqlite3_file *jfd; /* File descriptor for main journal */
+ sqlite3_file *sjfd; /* File descriptor for sub-journal */
+ i64 journalOff; /* Current write offset in the journal file */
+ i64 journalHdr; /* Byte offset to previous journal header */
+ sqlite3_backup *pBackup; /* Pointer to list of ongoing backup processes */
+ PagerSavepoint *aSavepoint; /* Array of active savepoints */
+ int nSavepoint; /* Number of elements in aSavepoint[] */
+ u32 iDataVersion; /* Changes whenever database content changes */
+ char dbFileVers[16]; /* Changes whenever database file changes */
+
+ int nMmapOut; /* Number of mmap pages currently outstanding */
+ sqlite3_int64 szMmap; /* Desired maximum mmap size */
+ PgHdr *pMmapFreelist; /* List of free mmap page headers (pDirty) */
+ /*
+ ** End of the routinely-changing class members
+ ***************************************************************************/
+
+ u16 nExtra; /* Add this many bytes to each in-memory page */
+ i16 nReserve; /* Number of unused bytes at end of each page */
+ u32 vfsFlags; /* Flags for sqlite3_vfs.xOpen() */
+ u32 sectorSize; /* Assumed sector size during rollback */
+ int pageSize; /* Number of bytes in a page */
+ Pgno mxPgno; /* Maximum allowed size of the database */
+ i64 journalSizeLimit; /* Size limit for persistent journal files */
+ char *zFilename; /* Name of the database file */
+ char *zJournal; /* Name of the journal file */
+ int (*xBusyHandler)(void*); /* Function to call when busy */
+ void *pBusyHandlerArg; /* Context argument for xBusyHandler */
+ int aStat[3]; /* Total cache hits, misses and writes */
+#ifdef SQLITE_TEST
+ int nRead; /* Database pages read */
+#endif
+ void (*xReiniter)(DbPage*); /* Call this routine when reloading pages */
+#ifdef SQLITE_HAS_CODEC
+ void *(*xCodec)(void*,void*,Pgno,int); /* Routine for en/decoding data */
+ void (*xCodecSizeChng)(void*,int,int); /* Notify of page size changes */
+ void (*xCodecFree)(void*); /* Destructor for the codec */
+ void *pCodec; /* First argument to xCodec... methods */
+#endif
+ char *pTmpSpace; /* Pager.pageSize bytes of space for tmp use */
+ PCache *pPCache; /* Pointer to page cache object */
+#ifndef SQLITE_OMIT_WAL
+ Wal *pWal; /* Write-ahead log used by "journal_mode=wal" */
+ char *zWal; /* File name for write-ahead log */
+#endif
+};
+
+/*
+** Indexes for use with Pager.aStat[]. The Pager.aStat[] array contains
+** the values accessed by passing SQLITE_DBSTATUS_CACHE_HIT, CACHE_MISS
+** or CACHE_WRITE to sqlite3_db_status().
+*/
+#define PAGER_STAT_HIT 0
+#define PAGER_STAT_MISS 1
+#define PAGER_STAT_WRITE 2
+
+/*
+** The following global variables hold counters used for
+** testing purposes only. These variables do not exist in
+** a non-testing build. These variables are not thread-safe.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_pager_readdb_count = 0; /* Number of full pages read from DB */
+SQLITE_API int sqlite3_pager_writedb_count = 0; /* Number of full pages written to DB */
+SQLITE_API int sqlite3_pager_writej_count = 0; /* Number of pages written to journal */
+# define PAGER_INCR(v) v++
+#else
+# define PAGER_INCR(v)
+#endif
+
+
+
+/*
+** Journal files begin with the following magic string. The data
+** was obtained from /dev/random. It is used only as a sanity check.
+**
+** Since version 2.8.0, the journal format contains additional sanity
+** checking information. If the power fails while the journal is being
+** written, semi-random garbage data might appear in the journal
+** file after power is restored. If an attempt is then made
+** to roll the journal back, the database could be corrupted. The additional
+** sanity checking data is an attempt to discover the garbage in the
+** journal and ignore it.
+**
+** The sanity checking information for the new journal format consists
+** of a 32-bit checksum on each page of data. The checksum covers both
+** the page number and the pPager->pageSize bytes of data for the page.
+** This cksum is initialized to a 32-bit random value that appears in the
+** journal file right after the header. The random initializer is important,
+** because garbage data that appears at the end of a journal is likely
+** data that was once in other files that have now been deleted. If the
+** garbage data came from an obsolete journal file, the checksums might
+** be correct. But by initializing the checksum to random value which
+** is different for every journal, we minimize that risk.
+*/
+static const unsigned char aJournalMagic[] = {
+ 0xd9, 0xd5, 0x05, 0xf9, 0x20, 0xa1, 0x63, 0xd7,
+};
+
+/*
+** The size of the of each page record in the journal is given by
+** the following macro.
+*/
+#define JOURNAL_PG_SZ(pPager) ((pPager->pageSize) + 8)
+
+/*
+** The journal header size for this pager. This is usually the same
+** size as a single disk sector. See also setSectorSize().
+*/
+#define JOURNAL_HDR_SZ(pPager) (pPager->sectorSize)
+
+/*
+** The macro MEMDB is true if we are dealing with an in-memory database.
+** We do this as a macro so that if the SQLITE_OMIT_MEMORYDB macro is set,
+** the value of MEMDB will be a constant and the compiler will optimize
+** out code that would never execute.
+*/
+#ifdef SQLITE_OMIT_MEMORYDB
+# define MEMDB 0
+#else
+# define MEMDB pPager->memDb
+#endif
+
+/*
+** The macro USEFETCH is true if we are allowed to use the xFetch and xUnfetch
+** interfaces to access the database using memory-mapped I/O.
+*/
+#if SQLITE_MAX_MMAP_SIZE>0
+# define USEFETCH(x) ((x)->bUseFetch)
+#else
+# define USEFETCH(x) 0
+#endif
+
+/*
+** The maximum legal page number is (2^31 - 1).
+*/
+#define PAGER_MAX_PGNO 2147483647
+
+/*
+** The argument to this macro is a file descriptor (type sqlite3_file*).
+** Return 0 if it is not open, or non-zero (but not 1) if it is.
+**
+** This is so that expressions can be written as:
+**
+** if( isOpen(pPager->jfd) ){ ...
+**
+** instead of
+**
+** if( pPager->jfd->pMethods ){ ...
+*/
+#define isOpen(pFd) ((pFd)->pMethods!=0)
+
+/*
+** Return true if this pager uses a write-ahead log instead of the usual
+** rollback journal. Otherwise false.
+*/
+#ifndef SQLITE_OMIT_WAL
+static int pagerUseWal(Pager *pPager){
+ return (pPager->pWal!=0);
+}
+#else
+# define pagerUseWal(x) 0
+# define pagerRollbackWal(x) 0
+# define pagerWalFrames(v,w,x,y) 0
+# define pagerOpenWalIfPresent(z) SQLITE_OK
+# define pagerBeginReadTransaction(z) SQLITE_OK
+#endif
+
+#ifndef NDEBUG
+/*
+** Usage:
+**
+** assert( assert_pager_state(pPager) );
+**
+** This function runs many asserts to try to find inconsistencies in
+** the internal state of the Pager object.
+*/
+static int assert_pager_state(Pager *p){
+ Pager *pPager = p;
+
+ /* State must be valid. */
+ assert( p->eState==PAGER_OPEN
+ || p->eState==PAGER_READER
+ || p->eState==PAGER_WRITER_LOCKED
+ || p->eState==PAGER_WRITER_CACHEMOD
+ || p->eState==PAGER_WRITER_DBMOD
+ || p->eState==PAGER_WRITER_FINISHED
+ || p->eState==PAGER_ERROR
+ );
+
+ /* Regardless of the current state, a temp-file connection always behaves
+ ** as if it has an exclusive lock on the database file. It never updates
+ ** the change-counter field, so the changeCountDone flag is always set.
+ */
+ assert( p->tempFile==0 || p->eLock==EXCLUSIVE_LOCK );
+ assert( p->tempFile==0 || pPager->changeCountDone );
+
+ /* If the useJournal flag is clear, the journal-mode must be "OFF".
+ ** And if the journal-mode is "OFF", the journal file must not be open.
+ */
+ assert( p->journalMode==PAGER_JOURNALMODE_OFF || p->useJournal );
+ assert( p->journalMode!=PAGER_JOURNALMODE_OFF || !isOpen(p->jfd) );
+
+ /* Check that MEMDB implies noSync. And an in-memory journal. Since
+ ** this means an in-memory pager performs no IO at all, it cannot encounter
+ ** either SQLITE_IOERR or SQLITE_FULL during rollback or while finalizing
+ ** a journal file. (although the in-memory journal implementation may
+ ** return SQLITE_IOERR_NOMEM while the journal file is being written). It
+ ** is therefore not possible for an in-memory pager to enter the ERROR
+ ** state.
+ */
+ if( MEMDB ){
+ assert( p->noSync );
+ assert( p->journalMode==PAGER_JOURNALMODE_OFF
+ || p->journalMode==PAGER_JOURNALMODE_MEMORY
+ );
+ assert( p->eState!=PAGER_ERROR && p->eState!=PAGER_OPEN );
+ assert( pagerUseWal(p)==0 );
+ }
+
+ /* If changeCountDone is set, a RESERVED lock or greater must be held
+ ** on the file.
+ */
+ assert( pPager->changeCountDone==0 || pPager->eLock>=RESERVED_LOCK );
+ assert( p->eLock!=PENDING_LOCK );
+
+ switch( p->eState ){
+ case PAGER_OPEN:
+ assert( !MEMDB );
+ assert( pPager->errCode==SQLITE_OK );
+ assert( sqlite3PcacheRefCount(pPager->pPCache)==0 || pPager->tempFile );
+ break;
+
+ case PAGER_READER:
+ assert( pPager->errCode==SQLITE_OK );
+ assert( p->eLock!=UNKNOWN_LOCK );
+ assert( p->eLock>=SHARED_LOCK );
+ break;
+
+ case PAGER_WRITER_LOCKED:
+ assert( p->eLock!=UNKNOWN_LOCK );
+ assert( pPager->errCode==SQLITE_OK );
+ if( !pagerUseWal(pPager) ){
+ assert( p->eLock>=RESERVED_LOCK );
+ }
+ assert( pPager->dbSize==pPager->dbOrigSize );
+ assert( pPager->dbOrigSize==pPager->dbFileSize );
+ assert( pPager->dbOrigSize==pPager->dbHintSize );
+ assert( pPager->setMaster==0 );
+ break;
+
+ case PAGER_WRITER_CACHEMOD:
+ assert( p->eLock!=UNKNOWN_LOCK );
+ assert( pPager->errCode==SQLITE_OK );
+ if( !pagerUseWal(pPager) ){
+ /* It is possible that if journal_mode=wal here that neither the
+ ** journal file nor the WAL file are open. This happens during
+ ** a rollback transaction that switches from journal_mode=off
+ ** to journal_mode=wal.
+ */
+ assert( p->eLock>=RESERVED_LOCK );
+ assert( isOpen(p->jfd)
+ || p->journalMode==PAGER_JOURNALMODE_OFF
+ || p->journalMode==PAGER_JOURNALMODE_WAL
+ );
+ }
+ assert( pPager->dbOrigSize==pPager->dbFileSize );
+ assert( pPager->dbOrigSize==pPager->dbHintSize );
+ break;
+
+ case PAGER_WRITER_DBMOD:
+ assert( p->eLock==EXCLUSIVE_LOCK );
+ assert( pPager->errCode==SQLITE_OK );
+ assert( !pagerUseWal(pPager) );
+ assert( p->eLock>=EXCLUSIVE_LOCK );
+ assert( isOpen(p->jfd)
+ || p->journalMode==PAGER_JOURNALMODE_OFF
+ || p->journalMode==PAGER_JOURNALMODE_WAL
+ );
+ assert( pPager->dbOrigSize<=pPager->dbHintSize );
+ break;
+
+ case PAGER_WRITER_FINISHED:
+ assert( p->eLock==EXCLUSIVE_LOCK );
+ assert( pPager->errCode==SQLITE_OK );
+ assert( !pagerUseWal(pPager) );
+ assert( isOpen(p->jfd)
+ || p->journalMode==PAGER_JOURNALMODE_OFF
+ || p->journalMode==PAGER_JOURNALMODE_WAL
+ );
+ break;
+
+ case PAGER_ERROR:
+ /* There must be at least one outstanding reference to the pager if
+ ** in ERROR state. Otherwise the pager should have already dropped
+ ** back to OPEN state.
+ */
+ assert( pPager->errCode!=SQLITE_OK );
+ assert( sqlite3PcacheRefCount(pPager->pPCache)>0 );
+ break;
+ }
+
+ return 1;
+}
+#endif /* ifndef NDEBUG */
+
+#ifdef SQLITE_DEBUG
+/*
+** Return a pointer to a human readable string in a static buffer
+** containing the state of the Pager object passed as an argument. This
+** is intended to be used within debuggers. For example, as an alternative
+** to "print *pPager" in gdb:
+**
+** (gdb) printf "%s", print_pager_state(pPager)
+*/
+static char *print_pager_state(Pager *p){
+ static char zRet[1024];
+
+ sqlite3_snprintf(1024, zRet,
+ "Filename: %s\n"
+ "State: %s errCode=%d\n"
+ "Lock: %s\n"
+ "Locking mode: locking_mode=%s\n"
+ "Journal mode: journal_mode=%s\n"
+ "Backing store: tempFile=%d memDb=%d useJournal=%d\n"
+ "Journal: journalOff=%lld journalHdr=%lld\n"
+ "Size: dbsize=%d dbOrigSize=%d dbFileSize=%d\n"
+ , p->zFilename
+ , p->eState==PAGER_OPEN ? "OPEN" :
+ p->eState==PAGER_READER ? "READER" :
+ p->eState==PAGER_WRITER_LOCKED ? "WRITER_LOCKED" :
+ p->eState==PAGER_WRITER_CACHEMOD ? "WRITER_CACHEMOD" :
+ p->eState==PAGER_WRITER_DBMOD ? "WRITER_DBMOD" :
+ p->eState==PAGER_WRITER_FINISHED ? "WRITER_FINISHED" :
+ p->eState==PAGER_ERROR ? "ERROR" : "?error?"
+ , (int)p->errCode
+ , p->eLock==NO_LOCK ? "NO_LOCK" :
+ p->eLock==RESERVED_LOCK ? "RESERVED" :
+ p->eLock==EXCLUSIVE_LOCK ? "EXCLUSIVE" :
+ p->eLock==SHARED_LOCK ? "SHARED" :
+ p->eLock==UNKNOWN_LOCK ? "UNKNOWN" : "?error?"
+ , p->exclusiveMode ? "exclusive" : "normal"
+ , p->journalMode==PAGER_JOURNALMODE_MEMORY ? "memory" :
+ p->journalMode==PAGER_JOURNALMODE_OFF ? "off" :
+ p->journalMode==PAGER_JOURNALMODE_DELETE ? "delete" :
+ p->journalMode==PAGER_JOURNALMODE_PERSIST ? "persist" :
+ p->journalMode==PAGER_JOURNALMODE_TRUNCATE ? "truncate" :
+ p->journalMode==PAGER_JOURNALMODE_WAL ? "wal" : "?error?"
+ , (int)p->tempFile, (int)p->memDb, (int)p->useJournal
+ , p->journalOff, p->journalHdr
+ , (int)p->dbSize, (int)p->dbOrigSize, (int)p->dbFileSize
+ );
+
+ return zRet;
+}
+#endif
+
+/*
+** Return true if it is necessary to write page *pPg into the sub-journal.
+** A page needs to be written into the sub-journal if there exists one
+** or more open savepoints for which:
+**
+** * The page-number is less than or equal to PagerSavepoint.nOrig, and
+** * The bit corresponding to the page-number is not set in
+** PagerSavepoint.pInSavepoint.
+*/
+static int subjRequiresPage(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ PagerSavepoint *p;
+ Pgno pgno = pPg->pgno;
+ int i;
+ for(i=0; i<pPager->nSavepoint; i++){
+ p = &pPager->aSavepoint[i];
+ if( p->nOrig>=pgno && 0==sqlite3BitvecTestNotNull(p->pInSavepoint, pgno) ){
+ return 1;
+ }
+ }
+ return 0;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** Return true if the page is already in the journal file.
+*/
+static int pageInJournal(Pager *pPager, PgHdr *pPg){
+ return sqlite3BitvecTest(pPager->pInJournal, pPg->pgno);
+}
+#endif
+
+/*
+** Read a 32-bit integer from the given file descriptor. Store the integer
+** that is read in *pRes. Return SQLITE_OK if everything worked, or an
+** error code is something goes wrong.
+**
+** All values are stored on disk as big-endian.
+*/
+static int read32bits(sqlite3_file *fd, i64 offset, u32 *pRes){
+ unsigned char ac[4];
+ int rc = sqlite3OsRead(fd, ac, sizeof(ac), offset);
+ if( rc==SQLITE_OK ){
+ *pRes = sqlite3Get4byte(ac);
+ }
+ return rc;
+}
+
+/*
+** Write a 32-bit integer into a string buffer in big-endian byte order.
+*/
+#define put32bits(A,B) sqlite3Put4byte((u8*)A,B)
+
+
+/*
+** Write a 32-bit integer into the given file descriptor. Return SQLITE_OK
+** on success or an error code is something goes wrong.
+*/
+static int write32bits(sqlite3_file *fd, i64 offset, u32 val){
+ char ac[4];
+ put32bits(ac, val);
+ return sqlite3OsWrite(fd, ac, 4, offset);
+}
+
+/*
+** Unlock the database file to level eLock, which must be either NO_LOCK
+** or SHARED_LOCK. Regardless of whether or not the call to xUnlock()
+** succeeds, set the Pager.eLock variable to match the (attempted) new lock.
+**
+** Except, if Pager.eLock is set to UNKNOWN_LOCK when this function is
+** called, do not modify it. See the comment above the #define of
+** UNKNOWN_LOCK for an explanation of this.
+*/
+static int pagerUnlockDb(Pager *pPager, int eLock){
+ int rc = SQLITE_OK;
+
+ assert( !pPager->exclusiveMode || pPager->eLock==eLock );
+ assert( eLock==NO_LOCK || eLock==SHARED_LOCK );
+ assert( eLock!=NO_LOCK || pagerUseWal(pPager)==0 );
+ if( isOpen(pPager->fd) ){
+ assert( pPager->eLock>=eLock );
+ rc = pPager->noLock ? SQLITE_OK : sqlite3OsUnlock(pPager->fd, eLock);
+ if( pPager->eLock!=UNKNOWN_LOCK ){
+ pPager->eLock = (u8)eLock;
+ }
+ IOTRACE(("UNLOCK %p %d\n", pPager, eLock))
+ }
+ return rc;
+}
+
+/*
+** Lock the database file to level eLock, which must be either SHARED_LOCK,
+** RESERVED_LOCK or EXCLUSIVE_LOCK. If the caller is successful, set the
+** Pager.eLock variable to the new locking state.
+**
+** Except, if Pager.eLock is set to UNKNOWN_LOCK when this function is
+** called, do not modify it unless the new locking state is EXCLUSIVE_LOCK.
+** See the comment above the #define of UNKNOWN_LOCK for an explanation
+** of this.
+*/
+static int pagerLockDb(Pager *pPager, int eLock){
+ int rc = SQLITE_OK;
+
+ assert( eLock==SHARED_LOCK || eLock==RESERVED_LOCK || eLock==EXCLUSIVE_LOCK );
+ if( pPager->eLock<eLock || pPager->eLock==UNKNOWN_LOCK ){
+ rc = pPager->noLock ? SQLITE_OK : sqlite3OsLock(pPager->fd, eLock);
+ if( rc==SQLITE_OK && (pPager->eLock!=UNKNOWN_LOCK||eLock==EXCLUSIVE_LOCK) ){
+ pPager->eLock = (u8)eLock;
+ IOTRACE(("LOCK %p %d\n", pPager, eLock))
+ }
+ }
+ return rc;
+}
+
+/*
+** This function determines whether or not the atomic-write optimization
+** can be used with this pager. The optimization can be used if:
+**
+** (a) the value returned by OsDeviceCharacteristics() indicates that
+** a database page may be written atomically, and
+** (b) the value returned by OsSectorSize() is less than or equal
+** to the page size.
+**
+** The optimization is also always enabled for temporary files. It is
+** an error to call this function if pPager is opened on an in-memory
+** database.
+**
+** If the optimization cannot be used, 0 is returned. If it can be used,
+** then the value returned is the size of the journal file when it
+** contains rollback data for exactly one page.
+*/
+#ifdef SQLITE_ENABLE_ATOMIC_WRITE
+static int jrnlBufferSize(Pager *pPager){
+ assert( !MEMDB );
+ if( !pPager->tempFile ){
+ int dc; /* Device characteristics */
+ int nSector; /* Sector size */
+ int szPage; /* Page size */
+
+ assert( isOpen(pPager->fd) );
+ dc = sqlite3OsDeviceCharacteristics(pPager->fd);
+ nSector = pPager->sectorSize;
+ szPage = pPager->pageSize;
+
+ assert(SQLITE_IOCAP_ATOMIC512==(512>>8));
+ assert(SQLITE_IOCAP_ATOMIC64K==(65536>>8));
+ if( 0==(dc&(SQLITE_IOCAP_ATOMIC|(szPage>>8)) || nSector>szPage) ){
+ return 0;
+ }
+ }
+
+ return JOURNAL_HDR_SZ(pPager) + JOURNAL_PG_SZ(pPager);
+}
+#endif
+
+/*
+** If SQLITE_CHECK_PAGES is defined then we do some sanity checking
+** on the cache using a hash function. This is used for testing
+** and debugging only.
+*/
+#ifdef SQLITE_CHECK_PAGES
+/*
+** Return a 32-bit hash of the page data for pPage.
+*/
+static u32 pager_datahash(int nByte, unsigned char *pData){
+ u32 hash = 0;
+ int i;
+ for(i=0; i<nByte; i++){
+ hash = (hash*1039) + pData[i];
+ }
+ return hash;
+}
+static u32 pager_pagehash(PgHdr *pPage){
+ return pager_datahash(pPage->pPager->pageSize, (unsigned char *)pPage->pData);
+}
+static void pager_set_pagehash(PgHdr *pPage){
+ pPage->pageHash = pager_pagehash(pPage);
+}
+
+/*
+** The CHECK_PAGE macro takes a PgHdr* as an argument. If SQLITE_CHECK_PAGES
+** is defined, and NDEBUG is not defined, an assert() statement checks
+** that the page is either dirty or still matches the calculated page-hash.
+*/
+#define CHECK_PAGE(x) checkPage(x)
+static void checkPage(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ assert( pPager->eState!=PAGER_ERROR );
+ assert( (pPg->flags&PGHDR_DIRTY) || pPg->pageHash==pager_pagehash(pPg) );
+}
+
+#else
+#define pager_datahash(X,Y) 0
+#define pager_pagehash(X) 0
+#define pager_set_pagehash(X)
+#define CHECK_PAGE(x)
+#endif /* SQLITE_CHECK_PAGES */
+
+/*
+** When this is called the journal file for pager pPager must be open.
+** This function attempts to read a master journal file name from the
+** end of the file and, if successful, copies it into memory supplied
+** by the caller. See comments above writeMasterJournal() for the format
+** used to store a master journal file name at the end of a journal file.
+**
+** zMaster must point to a buffer of at least nMaster bytes allocated by
+** the caller. This should be sqlite3_vfs.mxPathname+1 (to ensure there is
+** enough space to write the master journal name). If the master journal
+** name in the journal is longer than nMaster bytes (including a
+** nul-terminator), then this is handled as if no master journal name
+** were present in the journal.
+**
+** If a master journal file name is present at the end of the journal
+** file, then it is copied into the buffer pointed to by zMaster. A
+** nul-terminator byte is appended to the buffer following the master
+** journal file name.
+**
+** If it is determined that no master journal file name is present
+** zMaster[0] is set to 0 and SQLITE_OK returned.
+**
+** If an error occurs while reading from the journal file, an SQLite
+** error code is returned.
+*/
+static int readMasterJournal(sqlite3_file *pJrnl, char *zMaster, u32 nMaster){
+ int rc; /* Return code */
+ u32 len; /* Length in bytes of master journal name */
+ i64 szJ; /* Total size in bytes of journal file pJrnl */
+ u32 cksum; /* MJ checksum value read from journal */
+ u32 u; /* Unsigned loop counter */
+ unsigned char aMagic[8]; /* A buffer to hold the magic header */
+ zMaster[0] = '\0';
+
+ if( SQLITE_OK!=(rc = sqlite3OsFileSize(pJrnl, &szJ))
+ || szJ<16
+ || SQLITE_OK!=(rc = read32bits(pJrnl, szJ-16, &len))
+ || len>=nMaster
+ || len==0
+ || SQLITE_OK!=(rc = read32bits(pJrnl, szJ-12, &cksum))
+ || SQLITE_OK!=(rc = sqlite3OsRead(pJrnl, aMagic, 8, szJ-8))
+ || memcmp(aMagic, aJournalMagic, 8)
+ || SQLITE_OK!=(rc = sqlite3OsRead(pJrnl, zMaster, len, szJ-16-len))
+ ){
+ return rc;
+ }
+
+ /* See if the checksum matches the master journal name */
+ for(u=0; u<len; u++){
+ cksum -= zMaster[u];
+ }
+ if( cksum ){
+ /* If the checksum doesn't add up, then one or more of the disk sectors
+ ** containing the master journal filename is corrupted. This means
+ ** definitely roll back, so just return SQLITE_OK and report a (nul)
+ ** master-journal filename.
+ */
+ len = 0;
+ }
+ zMaster[len] = '\0';
+
+ return SQLITE_OK;
+}
+
+/*
+** Return the offset of the sector boundary at or immediately
+** following the value in pPager->journalOff, assuming a sector
+** size of pPager->sectorSize bytes.
+**
+** i.e for a sector size of 512:
+**
+** Pager.journalOff Return value
+** ---------------------------------------
+** 0 0
+** 512 512
+** 100 512
+** 2000 2048
+**
+*/
+static i64 journalHdrOffset(Pager *pPager){
+ i64 offset = 0;
+ i64 c = pPager->journalOff;
+ if( c ){
+ offset = ((c-1)/JOURNAL_HDR_SZ(pPager) + 1) * JOURNAL_HDR_SZ(pPager);
+ }
+ assert( offset%JOURNAL_HDR_SZ(pPager)==0 );
+ assert( offset>=c );
+ assert( (offset-c)<JOURNAL_HDR_SZ(pPager) );
+ return offset;
+}
+
+/*
+** The journal file must be open when this function is called.
+**
+** This function is a no-op if the journal file has not been written to
+** within the current transaction (i.e. if Pager.journalOff==0).
+**
+** If doTruncate is non-zero or the Pager.journalSizeLimit variable is
+** set to 0, then truncate the journal file to zero bytes in size. Otherwise,
+** zero the 28-byte header at the start of the journal file. In either case,
+** if the pager is not in no-sync mode, sync the journal file immediately
+** after writing or truncating it.
+**
+** If Pager.journalSizeLimit is set to a positive, non-zero value, and
+** following the truncation or zeroing described above the size of the
+** journal file in bytes is larger than this value, then truncate the
+** journal file to Pager.journalSizeLimit bytes. The journal file does
+** not need to be synced following this operation.
+**
+** If an IO error occurs, abandon processing and return the IO error code.
+** Otherwise, return SQLITE_OK.
+*/
+static int zeroJournalHdr(Pager *pPager, int doTruncate){
+ int rc = SQLITE_OK; /* Return code */
+ assert( isOpen(pPager->jfd) );
+ if( pPager->journalOff ){
+ const i64 iLimit = pPager->journalSizeLimit; /* Local cache of jsl */
+
+ IOTRACE(("JZEROHDR %p\n", pPager))
+ if( doTruncate || iLimit==0 ){
+ rc = sqlite3OsTruncate(pPager->jfd, 0);
+ }else{
+ static const char zeroHdr[28] = {0};
+ rc = sqlite3OsWrite(pPager->jfd, zeroHdr, sizeof(zeroHdr), 0);
+ }
+ if( rc==SQLITE_OK && !pPager->noSync ){
+ rc = sqlite3OsSync(pPager->jfd, SQLITE_SYNC_DATAONLY|pPager->syncFlags);
+ }
+
+ /* At this point the transaction is committed but the write lock
+ ** is still held on the file. If there is a size limit configured for
+ ** the persistent journal and the journal file currently consumes more
+ ** space than that limit allows for, truncate it now. There is no need
+ ** to sync the file following this operation.
+ */
+ if( rc==SQLITE_OK && iLimit>0 ){
+ i64 sz;
+ rc = sqlite3OsFileSize(pPager->jfd, &sz);
+ if( rc==SQLITE_OK && sz>iLimit ){
+ rc = sqlite3OsTruncate(pPager->jfd, iLimit);
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** The journal file must be open when this routine is called. A journal
+** header (JOURNAL_HDR_SZ bytes) is written into the journal file at the
+** current location.
+**
+** The format for the journal header is as follows:
+** - 8 bytes: Magic identifying journal format.
+** - 4 bytes: Number of records in journal, or -1 no-sync mode is on.
+** - 4 bytes: Random number used for page hash.
+** - 4 bytes: Initial database page count.
+** - 4 bytes: Sector size used by the process that wrote this journal.
+** - 4 bytes: Database page size.
+**
+** Followed by (JOURNAL_HDR_SZ - 28) bytes of unused space.
+*/
+static int writeJournalHdr(Pager *pPager){
+ int rc = SQLITE_OK; /* Return code */
+ char *zHeader = pPager->pTmpSpace; /* Temporary space used to build header */
+ u32 nHeader = (u32)pPager->pageSize;/* Size of buffer pointed to by zHeader */
+ u32 nWrite; /* Bytes of header sector written */
+ int ii; /* Loop counter */
+
+ assert( isOpen(pPager->jfd) ); /* Journal file must be open. */
+
+ if( nHeader>JOURNAL_HDR_SZ(pPager) ){
+ nHeader = JOURNAL_HDR_SZ(pPager);
+ }
+
+ /* If there are active savepoints and any of them were created
+ ** since the most recent journal header was written, update the
+ ** PagerSavepoint.iHdrOffset fields now.
+ */
+ for(ii=0; ii<pPager->nSavepoint; ii++){
+ if( pPager->aSavepoint[ii].iHdrOffset==0 ){
+ pPager->aSavepoint[ii].iHdrOffset = pPager->journalOff;
+ }
+ }
+
+ pPager->journalHdr = pPager->journalOff = journalHdrOffset(pPager);
+
+ /*
+ ** Write the nRec Field - the number of page records that follow this
+ ** journal header. Normally, zero is written to this value at this time.
+ ** After the records are added to the journal (and the journal synced,
+ ** if in full-sync mode), the zero is overwritten with the true number
+ ** of records (see syncJournal()).
+ **
+ ** A faster alternative is to write 0xFFFFFFFF to the nRec field. When
+ ** reading the journal this value tells SQLite to assume that the
+ ** rest of the journal file contains valid page records. This assumption
+ ** is dangerous, as if a failure occurred whilst writing to the journal
+ ** file it may contain some garbage data. There are two scenarios
+ ** where this risk can be ignored:
+ **
+ ** * When the pager is in no-sync mode. Corruption can follow a
+ ** power failure in this case anyway.
+ **
+ ** * When the SQLITE_IOCAP_SAFE_APPEND flag is set. This guarantees
+ ** that garbage data is never appended to the journal file.
+ */
+ assert( isOpen(pPager->fd) || pPager->noSync );
+ if( pPager->noSync || (pPager->journalMode==PAGER_JOURNALMODE_MEMORY)
+ || (sqlite3OsDeviceCharacteristics(pPager->fd)&SQLITE_IOCAP_SAFE_APPEND)
+ ){
+ memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic));
+ put32bits(&zHeader[sizeof(aJournalMagic)], 0xffffffff);
+ }else{
+ memset(zHeader, 0, sizeof(aJournalMagic)+4);
+ }
+
+ /* The random check-hash initializer */
+ sqlite3_randomness(sizeof(pPager->cksumInit), &pPager->cksumInit);
+ put32bits(&zHeader[sizeof(aJournalMagic)+4], pPager->cksumInit);
+ /* The initial database size */
+ put32bits(&zHeader[sizeof(aJournalMagic)+8], pPager->dbOrigSize);
+ /* The assumed sector size for this process */
+ put32bits(&zHeader[sizeof(aJournalMagic)+12], pPager->sectorSize);
+
+ /* The page size */
+ put32bits(&zHeader[sizeof(aJournalMagic)+16], pPager->pageSize);
+
+ /* Initializing the tail of the buffer is not necessary. Everything
+ ** works find if the following memset() is omitted. But initializing
+ ** the memory prevents valgrind from complaining, so we are willing to
+ ** take the performance hit.
+ */
+ memset(&zHeader[sizeof(aJournalMagic)+20], 0,
+ nHeader-(sizeof(aJournalMagic)+20));
+
+ /* In theory, it is only necessary to write the 28 bytes that the
+ ** journal header consumes to the journal file here. Then increment the
+ ** Pager.journalOff variable by JOURNAL_HDR_SZ so that the next
+ ** record is written to the following sector (leaving a gap in the file
+ ** that will be implicitly filled in by the OS).
+ **
+ ** However it has been discovered that on some systems this pattern can
+ ** be significantly slower than contiguously writing data to the file,
+ ** even if that means explicitly writing data to the block of
+ ** (JOURNAL_HDR_SZ - 28) bytes that will not be used. So that is what
+ ** is done.
+ **
+ ** The loop is required here in case the sector-size is larger than the
+ ** database page size. Since the zHeader buffer is only Pager.pageSize
+ ** bytes in size, more than one call to sqlite3OsWrite() may be required
+ ** to populate the entire journal header sector.
+ */
+ for(nWrite=0; rc==SQLITE_OK&&nWrite<JOURNAL_HDR_SZ(pPager); nWrite+=nHeader){
+ IOTRACE(("JHDR %p %lld %d\n", pPager, pPager->journalHdr, nHeader))
+ rc = sqlite3OsWrite(pPager->jfd, zHeader, nHeader, pPager->journalOff);
+ assert( pPager->journalHdr <= pPager->journalOff );
+ pPager->journalOff += nHeader;
+ }
+
+ return rc;
+}
+
+/*
+** The journal file must be open when this is called. A journal header file
+** (JOURNAL_HDR_SZ bytes) is read from the current location in the journal
+** file. The current location in the journal file is given by
+** pPager->journalOff. See comments above function writeJournalHdr() for
+** a description of the journal header format.
+**
+** If the header is read successfully, *pNRec is set to the number of
+** page records following this header and *pDbSize is set to the size of the
+** database before the transaction began, in pages. Also, pPager->cksumInit
+** is set to the value read from the journal header. SQLITE_OK is returned
+** in this case.
+**
+** If the journal header file appears to be corrupted, SQLITE_DONE is
+** returned and *pNRec and *PDbSize are undefined. If JOURNAL_HDR_SZ bytes
+** cannot be read from the journal file an error code is returned.
+*/
+static int readJournalHdr(
+ Pager *pPager, /* Pager object */
+ int isHot,
+ i64 journalSize, /* Size of the open journal file in bytes */
+ u32 *pNRec, /* OUT: Value read from the nRec field */
+ u32 *pDbSize /* OUT: Value of original database size field */
+){
+ int rc; /* Return code */
+ unsigned char aMagic[8]; /* A buffer to hold the magic header */
+ i64 iHdrOff; /* Offset of journal header being read */
+
+ assert( isOpen(pPager->jfd) ); /* Journal file must be open. */
+
+ /* Advance Pager.journalOff to the start of the next sector. If the
+ ** journal file is too small for there to be a header stored at this
+ ** point, return SQLITE_DONE.
+ */
+ pPager->journalOff = journalHdrOffset(pPager);
+ if( pPager->journalOff+JOURNAL_HDR_SZ(pPager) > journalSize ){
+ return SQLITE_DONE;
+ }
+ iHdrOff = pPager->journalOff;
+
+ /* Read in the first 8 bytes of the journal header. If they do not match
+ ** the magic string found at the start of each journal header, return
+ ** SQLITE_DONE. If an IO error occurs, return an error code. Otherwise,
+ ** proceed.
+ */
+ if( isHot || iHdrOff!=pPager->journalHdr ){
+ rc = sqlite3OsRead(pPager->jfd, aMagic, sizeof(aMagic), iHdrOff);
+ if( rc ){
+ return rc;
+ }
+ if( memcmp(aMagic, aJournalMagic, sizeof(aMagic))!=0 ){
+ return SQLITE_DONE;
+ }
+ }
+
+ /* Read the first three 32-bit fields of the journal header: The nRec
+ ** field, the checksum-initializer and the database size at the start
+ ** of the transaction. Return an error code if anything goes wrong.
+ */
+ if( SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+8, pNRec))
+ || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+12, &pPager->cksumInit))
+ || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+16, pDbSize))
+ ){
+ return rc;
+ }
+
+ if( pPager->journalOff==0 ){
+ u32 iPageSize; /* Page-size field of journal header */
+ u32 iSectorSize; /* Sector-size field of journal header */
+
+ /* Read the page-size and sector-size journal header fields. */
+ if( SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+20, &iSectorSize))
+ || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+24, &iPageSize))
+ ){
+ return rc;
+ }
+
+ /* Versions of SQLite prior to 3.5.8 set the page-size field of the
+ ** journal header to zero. In this case, assume that the Pager.pageSize
+ ** variable is already set to the correct page size.
+ */
+ if( iPageSize==0 ){
+ iPageSize = pPager->pageSize;
+ }
+
+ /* Check that the values read from the page-size and sector-size fields
+ ** are within range. To be 'in range', both values need to be a power
+ ** of two greater than or equal to 512 or 32, and not greater than their
+ ** respective compile time maximum limits.
+ */
+ if( iPageSize<512 || iSectorSize<32
+ || iPageSize>SQLITE_MAX_PAGE_SIZE || iSectorSize>MAX_SECTOR_SIZE
+ || ((iPageSize-1)&iPageSize)!=0 || ((iSectorSize-1)&iSectorSize)!=0
+ ){
+ /* If the either the page-size or sector-size in the journal-header is
+ ** invalid, then the process that wrote the journal-header must have
+ ** crashed before the header was synced. In this case stop reading
+ ** the journal file here.
+ */
+ return SQLITE_DONE;
+ }
+
+ /* Update the page-size to match the value read from the journal.
+ ** Use a testcase() macro to make sure that malloc failure within
+ ** PagerSetPagesize() is tested.
+ */
+ rc = sqlite3PagerSetPagesize(pPager, &iPageSize, -1);
+ testcase( rc!=SQLITE_OK );
+
+ /* Update the assumed sector-size to match the value used by
+ ** the process that created this journal. If this journal was
+ ** created by a process other than this one, then this routine
+ ** is being called from within pager_playback(). The local value
+ ** of Pager.sectorSize is restored at the end of that routine.
+ */
+ pPager->sectorSize = iSectorSize;
+ }
+
+ pPager->journalOff += JOURNAL_HDR_SZ(pPager);
+ return rc;
+}
+
+
+/*
+** Write the supplied master journal name into the journal file for pager
+** pPager at the current location. The master journal name must be the last
+** thing written to a journal file. If the pager is in full-sync mode, the
+** journal file descriptor is advanced to the next sector boundary before
+** anything is written. The format is:
+**
+** + 4 bytes: PAGER_MJ_PGNO.
+** + N bytes: Master journal filename in utf-8.
+** + 4 bytes: N (length of master journal name in bytes, no nul-terminator).
+** + 4 bytes: Master journal name checksum.
+** + 8 bytes: aJournalMagic[].
+**
+** The master journal page checksum is the sum of the bytes in the master
+** journal name, where each byte is interpreted as a signed 8-bit integer.
+**
+** If zMaster is a NULL pointer (occurs for a single database transaction),
+** this call is a no-op.
+*/
+static int writeMasterJournal(Pager *pPager, const char *zMaster){
+ int rc; /* Return code */
+ int nMaster; /* Length of string zMaster */
+ i64 iHdrOff; /* Offset of header in journal file */
+ i64 jrnlSize; /* Size of journal file on disk */
+ u32 cksum = 0; /* Checksum of string zMaster */
+
+ assert( pPager->setMaster==0 );
+ assert( !pagerUseWal(pPager) );
+
+ if( !zMaster
+ || pPager->journalMode==PAGER_JOURNALMODE_MEMORY
+ || !isOpen(pPager->jfd)
+ ){
+ return SQLITE_OK;
+ }
+ pPager->setMaster = 1;
+ assert( pPager->journalHdr <= pPager->journalOff );
+
+ /* Calculate the length in bytes and the checksum of zMaster */
+ for(nMaster=0; zMaster[nMaster]; nMaster++){
+ cksum += zMaster[nMaster];
+ }
+
+ /* If in full-sync mode, advance to the next disk sector before writing
+ ** the master journal name. This is in case the previous page written to
+ ** the journal has already been synced.
+ */
+ if( pPager->fullSync ){
+ pPager->journalOff = journalHdrOffset(pPager);
+ }
+ iHdrOff = pPager->journalOff;
+
+ /* Write the master journal data to the end of the journal file. If
+ ** an error occurs, return the error code to the caller.
+ */
+ if( (0 != (rc = write32bits(pPager->jfd, iHdrOff, PAGER_MJ_PGNO(pPager))))
+ || (0 != (rc = sqlite3OsWrite(pPager->jfd, zMaster, nMaster, iHdrOff+4)))
+ || (0 != (rc = write32bits(pPager->jfd, iHdrOff+4+nMaster, nMaster)))
+ || (0 != (rc = write32bits(pPager->jfd, iHdrOff+4+nMaster+4, cksum)))
+ || (0 != (rc = sqlite3OsWrite(pPager->jfd, aJournalMagic, 8,
+ iHdrOff+4+nMaster+8)))
+ ){
+ return rc;
+ }
+ pPager->journalOff += (nMaster+20);
+
+ /* If the pager is in peristent-journal mode, then the physical
+ ** journal-file may extend past the end of the master-journal name
+ ** and 8 bytes of magic data just written to the file. This is
+ ** dangerous because the code to rollback a hot-journal file
+ ** will not be able to find the master-journal name to determine
+ ** whether or not the journal is hot.
+ **
+ ** Easiest thing to do in this scenario is to truncate the journal
+ ** file to the required size.
+ */
+ if( SQLITE_OK==(rc = sqlite3OsFileSize(pPager->jfd, &jrnlSize))
+ && jrnlSize>pPager->journalOff
+ ){
+ rc = sqlite3OsTruncate(pPager->jfd, pPager->journalOff);
+ }
+ return rc;
+}
+
+/*
+** Discard the entire contents of the in-memory page-cache.
+*/
+static void pager_reset(Pager *pPager){
+ pPager->iDataVersion++;
+ sqlite3BackupRestart(pPager->pBackup);
+ sqlite3PcacheClear(pPager->pPCache);
+}
+
+/*
+** Return the pPager->iDataVersion value
+*/
+SQLITE_PRIVATE u32 sqlite3PagerDataVersion(Pager *pPager){
+ assert( pPager->eState>PAGER_OPEN );
+ return pPager->iDataVersion;
+}
+
+/*
+** Free all structures in the Pager.aSavepoint[] array and set both
+** Pager.aSavepoint and Pager.nSavepoint to zero. Close the sub-journal
+** if it is open and the pager is not in exclusive mode.
+*/
+static void releaseAllSavepoints(Pager *pPager){
+ int ii; /* Iterator for looping through Pager.aSavepoint */
+ for(ii=0; ii<pPager->nSavepoint; ii++){
+ sqlite3BitvecDestroy(pPager->aSavepoint[ii].pInSavepoint);
+ }
+ if( !pPager->exclusiveMode || sqlite3IsMemJournal(pPager->sjfd) ){
+ sqlite3OsClose(pPager->sjfd);
+ }
+ sqlite3_free(pPager->aSavepoint);
+ pPager->aSavepoint = 0;
+ pPager->nSavepoint = 0;
+ pPager->nSubRec = 0;
+}
+
+/*
+** Set the bit number pgno in the PagerSavepoint.pInSavepoint
+** bitvecs of all open savepoints. Return SQLITE_OK if successful
+** or SQLITE_NOMEM if a malloc failure occurs.
+*/
+static int addToSavepointBitvecs(Pager *pPager, Pgno pgno){
+ int ii; /* Loop counter */
+ int rc = SQLITE_OK; /* Result code */
+
+ for(ii=0; ii<pPager->nSavepoint; ii++){
+ PagerSavepoint *p = &pPager->aSavepoint[ii];
+ if( pgno<=p->nOrig ){
+ rc |= sqlite3BitvecSet(p->pInSavepoint, pgno);
+ testcase( rc==SQLITE_NOMEM );
+ assert( rc==SQLITE_OK || rc==SQLITE_NOMEM );
+ }
+ }
+ return rc;
+}
+
+/*
+** This function is a no-op if the pager is in exclusive mode and not
+** in the ERROR state. Otherwise, it switches the pager to PAGER_OPEN
+** state.
+**
+** If the pager is not in exclusive-access mode, the database file is
+** completely unlocked. If the file is unlocked and the file-system does
+** not exhibit the UNDELETABLE_WHEN_OPEN property, the journal file is
+** closed (if it is open).
+**
+** If the pager is in ERROR state when this function is called, the
+** contents of the pager cache are discarded before switching back to
+** the OPEN state. Regardless of whether the pager is in exclusive-mode
+** or not, any journal file left in the file-system will be treated
+** as a hot-journal and rolled back the next time a read-transaction
+** is opened (by this or by any other connection).
+*/
+static void pager_unlock(Pager *pPager){
+
+ assert( pPager->eState==PAGER_READER
+ || pPager->eState==PAGER_OPEN
+ || pPager->eState==PAGER_ERROR
+ );
+
+ sqlite3BitvecDestroy(pPager->pInJournal);
+ pPager->pInJournal = 0;
+ releaseAllSavepoints(pPager);
+
+ if( pagerUseWal(pPager) ){
+ assert( !isOpen(pPager->jfd) );
+ sqlite3WalEndReadTransaction(pPager->pWal);
+ pPager->eState = PAGER_OPEN;
+ }else if( !pPager->exclusiveMode ){
+ int rc; /* Error code returned by pagerUnlockDb() */
+ int iDc = isOpen(pPager->fd)?sqlite3OsDeviceCharacteristics(pPager->fd):0;
+
+ /* If the operating system support deletion of open files, then
+ ** close the journal file when dropping the database lock. Otherwise
+ ** another connection with journal_mode=delete might delete the file
+ ** out from under us.
+ */
+ assert( (PAGER_JOURNALMODE_MEMORY & 5)!=1 );
+ assert( (PAGER_JOURNALMODE_OFF & 5)!=1 );
+ assert( (PAGER_JOURNALMODE_WAL & 5)!=1 );
+ assert( (PAGER_JOURNALMODE_DELETE & 5)!=1 );
+ assert( (PAGER_JOURNALMODE_TRUNCATE & 5)==1 );
+ assert( (PAGER_JOURNALMODE_PERSIST & 5)==1 );
+ if( 0==(iDc & SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN)
+ || 1!=(pPager->journalMode & 5)
+ ){
+ sqlite3OsClose(pPager->jfd);
+ }
+
+ /* If the pager is in the ERROR state and the call to unlock the database
+ ** file fails, set the current lock to UNKNOWN_LOCK. See the comment
+ ** above the #define for UNKNOWN_LOCK for an explanation of why this
+ ** is necessary.
+ */
+ rc = pagerUnlockDb(pPager, NO_LOCK);
+ if( rc!=SQLITE_OK && pPager->eState==PAGER_ERROR ){
+ pPager->eLock = UNKNOWN_LOCK;
+ }
+
+ /* The pager state may be changed from PAGER_ERROR to PAGER_OPEN here
+ ** without clearing the error code. This is intentional - the error
+ ** code is cleared and the cache reset in the block below.
+ */
+ assert( pPager->errCode || pPager->eState!=PAGER_ERROR );
+ pPager->changeCountDone = 0;
+ pPager->eState = PAGER_OPEN;
+ }
+
+ /* If Pager.errCode is set, the contents of the pager cache cannot be
+ ** trusted. Now that there are no outstanding references to the pager,
+ ** it can safely move back to PAGER_OPEN state. This happens in both
+ ** normal and exclusive-locking mode.
+ */
+ if( pPager->errCode ){
+ assert( !MEMDB );
+ pager_reset(pPager);
+ pPager->changeCountDone = pPager->tempFile;
+ pPager->eState = PAGER_OPEN;
+ pPager->errCode = SQLITE_OK;
+ if( USEFETCH(pPager) ) sqlite3OsUnfetch(pPager->fd, 0, 0);
+ }
+
+ pPager->journalOff = 0;
+ pPager->journalHdr = 0;
+ pPager->setMaster = 0;
+}
+
+/*
+** This function is called whenever an IOERR or FULL error that requires
+** the pager to transition into the ERROR state may ahve occurred.
+** The first argument is a pointer to the pager structure, the second
+** the error-code about to be returned by a pager API function. The
+** value returned is a copy of the second argument to this function.
+**
+** If the second argument is SQLITE_FULL, SQLITE_IOERR or one of the
+** IOERR sub-codes, the pager enters the ERROR state and the error code
+** is stored in Pager.errCode. While the pager remains in the ERROR state,
+** all major API calls on the Pager will immediately return Pager.errCode.
+**
+** The ERROR state indicates that the contents of the pager-cache
+** cannot be trusted. This state can be cleared by completely discarding
+** the contents of the pager-cache. If a transaction was active when
+** the persistent error occurred, then the rollback journal may need
+** to be replayed to restore the contents of the database file (as if
+** it were a hot-journal).
+*/
+static int pager_error(Pager *pPager, int rc){
+ int rc2 = rc & 0xff;
+ assert( rc==SQLITE_OK || !MEMDB );
+ assert(
+ pPager->errCode==SQLITE_FULL ||
+ pPager->errCode==SQLITE_OK ||
+ (pPager->errCode & 0xff)==SQLITE_IOERR
+ );
+ if( rc2==SQLITE_FULL || rc2==SQLITE_IOERR ){
+ pPager->errCode = rc;
+ pPager->eState = PAGER_ERROR;
+ }
+ return rc;
+}
+
+static int pager_truncate(Pager *pPager, Pgno nPage);
+
+/*
+** This routine ends a transaction. A transaction is usually ended by
+** either a COMMIT or a ROLLBACK operation. This routine may be called
+** after rollback of a hot-journal, or if an error occurs while opening
+** the journal file or writing the very first journal-header of a
+** database transaction.
+**
+** This routine is never called in PAGER_ERROR state. If it is called
+** in PAGER_NONE or PAGER_SHARED state and the lock held is less
+** exclusive than a RESERVED lock, it is a no-op.
+**
+** Otherwise, any active savepoints are released.
+**
+** If the journal file is open, then it is "finalized". Once a journal
+** file has been finalized it is not possible to use it to roll back a
+** transaction. Nor will it be considered to be a hot-journal by this
+** or any other database connection. Exactly how a journal is finalized
+** depends on whether or not the pager is running in exclusive mode and
+** the current journal-mode (Pager.journalMode value), as follows:
+**
+** journalMode==MEMORY
+** Journal file descriptor is simply closed. This destroys an
+** in-memory journal.
+**
+** journalMode==TRUNCATE
+** Journal file is truncated to zero bytes in size.
+**
+** journalMode==PERSIST
+** The first 28 bytes of the journal file are zeroed. This invalidates
+** the first journal header in the file, and hence the entire journal
+** file. An invalid journal file cannot be rolled back.
+**
+** journalMode==DELETE
+** The journal file is closed and deleted using sqlite3OsDelete().
+**
+** If the pager is running in exclusive mode, this method of finalizing
+** the journal file is never used. Instead, if the journalMode is
+** DELETE and the pager is in exclusive mode, the method described under
+** journalMode==PERSIST is used instead.
+**
+** After the journal is finalized, the pager moves to PAGER_READER state.
+** If running in non-exclusive rollback mode, the lock on the file is
+** downgraded to a SHARED_LOCK.
+**
+** SQLITE_OK is returned if no error occurs. If an error occurs during
+** any of the IO operations to finalize the journal file or unlock the
+** database then the IO error code is returned to the user. If the
+** operation to finalize the journal file fails, then the code still
+** tries to unlock the database file if not in exclusive mode. If the
+** unlock operation fails as well, then the first error code related
+** to the first error encountered (the journal finalization one) is
+** returned.
+*/
+static int pager_end_transaction(Pager *pPager, int hasMaster, int bCommit){
+ int rc = SQLITE_OK; /* Error code from journal finalization operation */
+ int rc2 = SQLITE_OK; /* Error code from db file unlock operation */
+
+ /* Do nothing if the pager does not have an open write transaction
+ ** or at least a RESERVED lock. This function may be called when there
+ ** is no write-transaction active but a RESERVED or greater lock is
+ ** held under two circumstances:
+ **
+ ** 1. After a successful hot-journal rollback, it is called with
+ ** eState==PAGER_NONE and eLock==EXCLUSIVE_LOCK.
+ **
+ ** 2. If a connection with locking_mode=exclusive holding an EXCLUSIVE
+ ** lock switches back to locking_mode=normal and then executes a
+ ** read-transaction, this function is called with eState==PAGER_READER
+ ** and eLock==EXCLUSIVE_LOCK when the read-transaction is closed.
+ */
+ assert( assert_pager_state(pPager) );
+ assert( pPager->eState!=PAGER_ERROR );
+ if( pPager->eState<PAGER_WRITER_LOCKED && pPager->eLock<RESERVED_LOCK ){
+ return SQLITE_OK;
+ }
+
+ releaseAllSavepoints(pPager);
+ assert( isOpen(pPager->jfd) || pPager->pInJournal==0 );
+ if( isOpen(pPager->jfd) ){
+ assert( !pagerUseWal(pPager) );
+
+ /* Finalize the journal file. */
+ if( sqlite3IsMemJournal(pPager->jfd) ){
+ assert( pPager->journalMode==PAGER_JOURNALMODE_MEMORY );
+ sqlite3OsClose(pPager->jfd);
+ }else if( pPager->journalMode==PAGER_JOURNALMODE_TRUNCATE ){
+ if( pPager->journalOff==0 ){
+ rc = SQLITE_OK;
+ }else{
+ rc = sqlite3OsTruncate(pPager->jfd, 0);
+ if( rc==SQLITE_OK && pPager->fullSync ){
+ /* Make sure the new file size is written into the inode right away.
+ ** Otherwise the journal might resurrect following a power loss and
+ ** cause the last transaction to roll back. See
+ ** https://bugzilla.mozilla.org/show_bug.cgi?id=1072773
+ */
+ rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags);
+ }
+ }
+ pPager->journalOff = 0;
+ }else if( pPager->journalMode==PAGER_JOURNALMODE_PERSIST
+ || (pPager->exclusiveMode && pPager->journalMode!=PAGER_JOURNALMODE_WAL)
+ ){
+ rc = zeroJournalHdr(pPager, hasMaster);
+ pPager->journalOff = 0;
+ }else{
+ /* This branch may be executed with Pager.journalMode==MEMORY if
+ ** a hot-journal was just rolled back. In this case the journal
+ ** file should be closed and deleted. If this connection writes to
+ ** the database file, it will do so using an in-memory journal.
+ */
+ int bDelete = (!pPager->tempFile && sqlite3JournalExists(pPager->jfd));
+ assert( pPager->journalMode==PAGER_JOURNALMODE_DELETE
+ || pPager->journalMode==PAGER_JOURNALMODE_MEMORY
+ || pPager->journalMode==PAGER_JOURNALMODE_WAL
+ );
+ sqlite3OsClose(pPager->jfd);
+ if( bDelete ){
+ rc = sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0);
+ }
+ }
+ }
+
+#ifdef SQLITE_CHECK_PAGES
+ sqlite3PcacheIterateDirty(pPager->pPCache, pager_set_pagehash);
+ if( pPager->dbSize==0 && sqlite3PcacheRefCount(pPager->pPCache)>0 ){
+ PgHdr *p = sqlite3PagerLookup(pPager, 1);
+ if( p ){
+ p->pageHash = 0;
+ sqlite3PagerUnrefNotNull(p);
+ }
+ }
+#endif
+
+ sqlite3BitvecDestroy(pPager->pInJournal);
+ pPager->pInJournal = 0;
+ pPager->nRec = 0;
+ sqlite3PcacheCleanAll(pPager->pPCache);
+ sqlite3PcacheTruncate(pPager->pPCache, pPager->dbSize);
+
+ if( pagerUseWal(pPager) ){
+ /* Drop the WAL write-lock, if any. Also, if the connection was in
+ ** locking_mode=exclusive mode but is no longer, drop the EXCLUSIVE
+ ** lock held on the database file.
+ */
+ rc2 = sqlite3WalEndWriteTransaction(pPager->pWal);
+ assert( rc2==SQLITE_OK );
+ }else if( rc==SQLITE_OK && bCommit && pPager->dbFileSize>pPager->dbSize ){
+ /* This branch is taken when committing a transaction in rollback-journal
+ ** mode if the database file on disk is larger than the database image.
+ ** At this point the journal has been finalized and the transaction
+ ** successfully committed, but the EXCLUSIVE lock is still held on the
+ ** file. So it is safe to truncate the database file to its minimum
+ ** required size. */
+ assert( pPager->eLock==EXCLUSIVE_LOCK );
+ rc = pager_truncate(pPager, pPager->dbSize);
+ }
+
+ if( rc==SQLITE_OK && bCommit && isOpen(pPager->fd) ){
+ rc = sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_COMMIT_PHASETWO, 0);
+ if( rc==SQLITE_NOTFOUND ) rc = SQLITE_OK;
+ }
+
+ if( !pPager->exclusiveMode
+ && (!pagerUseWal(pPager) || sqlite3WalExclusiveMode(pPager->pWal, 0))
+ ){
+ rc2 = pagerUnlockDb(pPager, SHARED_LOCK);
+ pPager->changeCountDone = 0;
+ }
+ pPager->eState = PAGER_READER;
+ pPager->setMaster = 0;
+
+ return (rc==SQLITE_OK?rc2:rc);
+}
+
+/*
+** Execute a rollback if a transaction is active and unlock the
+** database file.
+**
+** If the pager has already entered the ERROR state, do not attempt
+** the rollback at this time. Instead, pager_unlock() is called. The
+** call to pager_unlock() will discard all in-memory pages, unlock
+** the database file and move the pager back to OPEN state. If this
+** means that there is a hot-journal left in the file-system, the next
+** connection to obtain a shared lock on the pager (which may be this one)
+** will roll it back.
+**
+** If the pager has not already entered the ERROR state, but an IO or
+** malloc error occurs during a rollback, then this will itself cause
+** the pager to enter the ERROR state. Which will be cleared by the
+** call to pager_unlock(), as described above.
+*/
+static void pagerUnlockAndRollback(Pager *pPager){
+ if( pPager->eState!=PAGER_ERROR && pPager->eState!=PAGER_OPEN ){
+ assert( assert_pager_state(pPager) );
+ if( pPager->eState>=PAGER_WRITER_LOCKED ){
+ sqlite3BeginBenignMalloc();
+ sqlite3PagerRollback(pPager);
+ sqlite3EndBenignMalloc();
+ }else if( !pPager->exclusiveMode ){
+ assert( pPager->eState==PAGER_READER );
+ pager_end_transaction(pPager, 0, 0);
+ }
+ }
+ pager_unlock(pPager);
+}
+
+/*
+** Parameter aData must point to a buffer of pPager->pageSize bytes
+** of data. Compute and return a checksum based ont the contents of the
+** page of data and the current value of pPager->cksumInit.
+**
+** This is not a real checksum. It is really just the sum of the
+** random initial value (pPager->cksumInit) and every 200th byte
+** of the page data, starting with byte offset (pPager->pageSize%200).
+** Each byte is interpreted as an 8-bit unsigned integer.
+**
+** Changing the formula used to compute this checksum results in an
+** incompatible journal file format.
+**
+** If journal corruption occurs due to a power failure, the most likely
+** scenario is that one end or the other of the record will be changed.
+** It is much less likely that the two ends of the journal record will be
+** correct and the middle be corrupt. Thus, this "checksum" scheme,
+** though fast and simple, catches the mostly likely kind of corruption.
+*/
+static u32 pager_cksum(Pager *pPager, const u8 *aData){
+ u32 cksum = pPager->cksumInit; /* Checksum value to return */
+ int i = pPager->pageSize-200; /* Loop counter */
+ while( i>0 ){
+ cksum += aData[i];
+ i -= 200;
+ }
+ return cksum;
+}
+
+/*
+** Report the current page size and number of reserved bytes back
+** to the codec.
+*/
+#ifdef SQLITE_HAS_CODEC
+static void pagerReportSize(Pager *pPager){
+ if( pPager->xCodecSizeChng ){
+ pPager->xCodecSizeChng(pPager->pCodec, pPager->pageSize,
+ (int)pPager->nReserve);
+ }
+}
+#else
+# define pagerReportSize(X) /* No-op if we do not support a codec */
+#endif
+
+#ifdef SQLITE_HAS_CODEC
+/*
+** Make sure the number of reserved bits is the same in the destination
+** pager as it is in the source. This comes up when a VACUUM changes the
+** number of reserved bits to the "optimal" amount.
+*/
+SQLITE_PRIVATE void sqlite3PagerAlignReserve(Pager *pDest, Pager *pSrc){
+ if( pDest->nReserve!=pSrc->nReserve ){
+ pDest->nReserve = pSrc->nReserve;
+ pagerReportSize(pDest);
+ }
+}
+#endif
+
+/*
+** Read a single page from either the journal file (if isMainJrnl==1) or
+** from the sub-journal (if isMainJrnl==0) and playback that page.
+** The page begins at offset *pOffset into the file. The *pOffset
+** value is increased to the start of the next page in the journal.
+**
+** The main rollback journal uses checksums - the statement journal does
+** not.
+**
+** If the page number of the page record read from the (sub-)journal file
+** is greater than the current value of Pager.dbSize, then playback is
+** skipped and SQLITE_OK is returned.
+**
+** If pDone is not NULL, then it is a record of pages that have already
+** been played back. If the page at *pOffset has already been played back
+** (if the corresponding pDone bit is set) then skip the playback.
+** Make sure the pDone bit corresponding to the *pOffset page is set
+** prior to returning.
+**
+** If the page record is successfully read from the (sub-)journal file
+** and played back, then SQLITE_OK is returned. If an IO error occurs
+** while reading the record from the (sub-)journal file or while writing
+** to the database file, then the IO error code is returned. If data
+** is successfully read from the (sub-)journal file but appears to be
+** corrupted, SQLITE_DONE is returned. Data is considered corrupted in
+** two circumstances:
+**
+** * If the record page-number is illegal (0 or PAGER_MJ_PGNO), or
+** * If the record is being rolled back from the main journal file
+** and the checksum field does not match the record content.
+**
+** Neither of these two scenarios are possible during a savepoint rollback.
+**
+** If this is a savepoint rollback, then memory may have to be dynamically
+** allocated by this function. If this is the case and an allocation fails,
+** SQLITE_NOMEM is returned.
+*/
+static int pager_playback_one_page(
+ Pager *pPager, /* The pager being played back */
+ i64 *pOffset, /* Offset of record to playback */
+ Bitvec *pDone, /* Bitvec of pages already played back */
+ int isMainJrnl, /* 1 -> main journal. 0 -> sub-journal. */
+ int isSavepnt /* True for a savepoint rollback */
+){
+ int rc;
+ PgHdr *pPg; /* An existing page in the cache */
+ Pgno pgno; /* The page number of a page in journal */
+ u32 cksum; /* Checksum used for sanity checking */
+ char *aData; /* Temporary storage for the page */
+ sqlite3_file *jfd; /* The file descriptor for the journal file */
+ int isSynced; /* True if journal page is synced */
+
+ assert( (isMainJrnl&~1)==0 ); /* isMainJrnl is 0 or 1 */
+ assert( (isSavepnt&~1)==0 ); /* isSavepnt is 0 or 1 */
+ assert( isMainJrnl || pDone ); /* pDone always used on sub-journals */
+ assert( isSavepnt || pDone==0 ); /* pDone never used on non-savepoint */
+
+ aData = pPager->pTmpSpace;
+ assert( aData ); /* Temp storage must have already been allocated */
+ assert( pagerUseWal(pPager)==0 || (!isMainJrnl && isSavepnt) );
+
+ /* Either the state is greater than PAGER_WRITER_CACHEMOD (a transaction
+ ** or savepoint rollback done at the request of the caller) or this is
+ ** a hot-journal rollback. If it is a hot-journal rollback, the pager
+ ** is in state OPEN and holds an EXCLUSIVE lock. Hot-journal rollback
+ ** only reads from the main journal, not the sub-journal.
+ */
+ assert( pPager->eState>=PAGER_WRITER_CACHEMOD
+ || (pPager->eState==PAGER_OPEN && pPager->eLock==EXCLUSIVE_LOCK)
+ );
+ assert( pPager->eState>=PAGER_WRITER_CACHEMOD || isMainJrnl );
+
+ /* Read the page number and page data from the journal or sub-journal
+ ** file. Return an error code to the caller if an IO error occurs.
+ */
+ jfd = isMainJrnl ? pPager->jfd : pPager->sjfd;
+ rc = read32bits(jfd, *pOffset, &pgno);
+ if( rc!=SQLITE_OK ) return rc;
+ rc = sqlite3OsRead(jfd, (u8*)aData, pPager->pageSize, (*pOffset)+4);
+ if( rc!=SQLITE_OK ) return rc;
+ *pOffset += pPager->pageSize + 4 + isMainJrnl*4;
+
+ /* Sanity checking on the page. This is more important that I originally
+ ** thought. If a power failure occurs while the journal is being written,
+ ** it could cause invalid data to be written into the journal. We need to
+ ** detect this invalid data (with high probability) and ignore it.
+ */
+ if( pgno==0 || pgno==PAGER_MJ_PGNO(pPager) ){
+ assert( !isSavepnt );
+ return SQLITE_DONE;
+ }
+ if( pgno>(Pgno)pPager->dbSize || sqlite3BitvecTest(pDone, pgno) ){
+ return SQLITE_OK;
+ }
+ if( isMainJrnl ){
+ rc = read32bits(jfd, (*pOffset)-4, &cksum);
+ if( rc ) return rc;
+ if( !isSavepnt && pager_cksum(pPager, (u8*)aData)!=cksum ){
+ return SQLITE_DONE;
+ }
+ }
+
+ /* If this page has already been played back before during the current
+ ** rollback, then don't bother to play it back again.
+ */
+ if( pDone && (rc = sqlite3BitvecSet(pDone, pgno))!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* When playing back page 1, restore the nReserve setting
+ */
+ if( pgno==1 && pPager->nReserve!=((u8*)aData)[20] ){
+ pPager->nReserve = ((u8*)aData)[20];
+ pagerReportSize(pPager);
+ }
+
+ /* If the pager is in CACHEMOD state, then there must be a copy of this
+ ** page in the pager cache. In this case just update the pager cache,
+ ** not the database file. The page is left marked dirty in this case.
+ **
+ ** An exception to the above rule: If the database is in no-sync mode
+ ** and a page is moved during an incremental vacuum then the page may
+ ** not be in the pager cache. Later: if a malloc() or IO error occurs
+ ** during a Movepage() call, then the page may not be in the cache
+ ** either. So the condition described in the above paragraph is not
+ ** assert()able.
+ **
+ ** If in WRITER_DBMOD, WRITER_FINISHED or OPEN state, then we update the
+ ** pager cache if it exists and the main file. The page is then marked
+ ** not dirty. Since this code is only executed in PAGER_OPEN state for
+ ** a hot-journal rollback, it is guaranteed that the page-cache is empty
+ ** if the pager is in OPEN state.
+ **
+ ** Ticket #1171: The statement journal might contain page content that is
+ ** different from the page content at the start of the transaction.
+ ** This occurs when a page is changed prior to the start of a statement
+ ** then changed again within the statement. When rolling back such a
+ ** statement we must not write to the original database unless we know
+ ** for certain that original page contents are synced into the main rollback
+ ** journal. Otherwise, a power loss might leave modified data in the
+ ** database file without an entry in the rollback journal that can
+ ** restore the database to its original form. Two conditions must be
+ ** met before writing to the database files. (1) the database must be
+ ** locked. (2) we know that the original page content is fully synced
+ ** in the main journal either because the page is not in cache or else
+ ** the page is marked as needSync==0.
+ **
+ ** 2008-04-14: When attempting to vacuum a corrupt database file, it
+ ** is possible to fail a statement on a database that does not yet exist.
+ ** Do not attempt to write if database file has never been opened.
+ */
+ if( pagerUseWal(pPager) ){
+ pPg = 0;
+ }else{
+ pPg = sqlite3PagerLookup(pPager, pgno);
+ }
+ assert( pPg || !MEMDB );
+ assert( pPager->eState!=PAGER_OPEN || pPg==0 );
+ PAGERTRACE(("PLAYBACK %d page %d hash(%08x) %s\n",
+ PAGERID(pPager), pgno, pager_datahash(pPager->pageSize, (u8*)aData),
+ (isMainJrnl?"main-journal":"sub-journal")
+ ));
+ if( isMainJrnl ){
+ isSynced = pPager->noSync || (*pOffset <= pPager->journalHdr);
+ }else{
+ isSynced = (pPg==0 || 0==(pPg->flags & PGHDR_NEED_SYNC));
+ }
+ if( isOpen(pPager->fd)
+ && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN)
+ && isSynced
+ ){
+ i64 ofst = (pgno-1)*(i64)pPager->pageSize;
+ testcase( !isSavepnt && pPg!=0 && (pPg->flags&PGHDR_NEED_SYNC)!=0 );
+ assert( !pagerUseWal(pPager) );
+ rc = sqlite3OsWrite(pPager->fd, (u8 *)aData, pPager->pageSize, ofst);
+ if( pgno>pPager->dbFileSize ){
+ pPager->dbFileSize = pgno;
+ }
+ if( pPager->pBackup ){
+ CODEC1(pPager, aData, pgno, 3, rc=SQLITE_NOMEM);
+ sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)aData);
+ CODEC2(pPager, aData, pgno, 7, rc=SQLITE_NOMEM, aData);
+ }
+ }else if( !isMainJrnl && pPg==0 ){
+ /* If this is a rollback of a savepoint and data was not written to
+ ** the database and the page is not in-memory, there is a potential
+ ** problem. When the page is next fetched by the b-tree layer, it
+ ** will be read from the database file, which may or may not be
+ ** current.
+ **
+ ** There are a couple of different ways this can happen. All are quite
+ ** obscure. When running in synchronous mode, this can only happen
+ ** if the page is on the free-list at the start of the transaction, then
+ ** populated, then moved using sqlite3PagerMovepage().
+ **
+ ** The solution is to add an in-memory page to the cache containing
+ ** the data just read from the sub-journal. Mark the page as dirty
+ ** and if the pager requires a journal-sync, then mark the page as
+ ** requiring a journal-sync before it is written.
+ */
+ assert( isSavepnt );
+ assert( (pPager->doNotSpill & SPILLFLAG_ROLLBACK)==0 );
+ pPager->doNotSpill |= SPILLFLAG_ROLLBACK;
+ rc = sqlite3PagerGet(pPager, pgno, &pPg, 1);
+ assert( (pPager->doNotSpill & SPILLFLAG_ROLLBACK)!=0 );
+ pPager->doNotSpill &= ~SPILLFLAG_ROLLBACK;
+ if( rc!=SQLITE_OK ) return rc;
+ pPg->flags &= ~PGHDR_NEED_READ;
+ sqlite3PcacheMakeDirty(pPg);
+ }
+ if( pPg ){
+ /* No page should ever be explicitly rolled back that is in use, except
+ ** for page 1 which is held in use in order to keep the lock on the
+ ** database active. However such a page may be rolled back as a result
+ ** of an internal error resulting in an automatic call to
+ ** sqlite3PagerRollback().
+ */
+ void *pData;
+ pData = pPg->pData;
+ memcpy(pData, (u8*)aData, pPager->pageSize);
+ pPager->xReiniter(pPg);
+ if( isMainJrnl && (!isSavepnt || *pOffset<=pPager->journalHdr) ){
+ /* If the contents of this page were just restored from the main
+ ** journal file, then its content must be as they were when the
+ ** transaction was first opened. In this case we can mark the page
+ ** as clean, since there will be no need to write it out to the
+ ** database.
+ **
+ ** There is one exception to this rule. If the page is being rolled
+ ** back as part of a savepoint (or statement) rollback from an
+ ** unsynced portion of the main journal file, then it is not safe
+ ** to mark the page as clean. This is because marking the page as
+ ** clean will clear the PGHDR_NEED_SYNC flag. Since the page is
+ ** already in the journal file (recorded in Pager.pInJournal) and
+ ** the PGHDR_NEED_SYNC flag is cleared, if the page is written to
+ ** again within this transaction, it will be marked as dirty but
+ ** the PGHDR_NEED_SYNC flag will not be set. It could then potentially
+ ** be written out into the database file before its journal file
+ ** segment is synced. If a crash occurs during or following this,
+ ** database corruption may ensue.
+ */
+ assert( !pagerUseWal(pPager) );
+ sqlite3PcacheMakeClean(pPg);
+ }
+ pager_set_pagehash(pPg);
+
+ /* If this was page 1, then restore the value of Pager.dbFileVers.
+ ** Do this before any decoding. */
+ if( pgno==1 ){
+ memcpy(&pPager->dbFileVers, &((u8*)pData)[24],sizeof(pPager->dbFileVers));
+ }
+
+ /* Decode the page just read from disk */
+ CODEC1(pPager, pData, pPg->pgno, 3, rc=SQLITE_NOMEM);
+ sqlite3PcacheRelease(pPg);
+ }
+ return rc;
+}
+
+/*
+** Parameter zMaster is the name of a master journal file. A single journal
+** file that referred to the master journal file has just been rolled back.
+** This routine checks if it is possible to delete the master journal file,
+** and does so if it is.
+**
+** Argument zMaster may point to Pager.pTmpSpace. So that buffer is not
+** available for use within this function.
+**
+** When a master journal file is created, it is populated with the names
+** of all of its child journals, one after another, formatted as utf-8
+** encoded text. The end of each child journal file is marked with a
+** nul-terminator byte (0x00). i.e. the entire contents of a master journal
+** file for a transaction involving two databases might be:
+**
+** "/home/bill/a.db-journal\x00/home/bill/b.db-journal\x00"
+**
+** A master journal file may only be deleted once all of its child
+** journals have been rolled back.
+**
+** This function reads the contents of the master-journal file into
+** memory and loops through each of the child journal names. For
+** each child journal, it checks if:
+**
+** * if the child journal exists, and if so
+** * if the child journal contains a reference to master journal
+** file zMaster
+**
+** If a child journal can be found that matches both of the criteria
+** above, this function returns without doing anything. Otherwise, if
+** no such child journal can be found, file zMaster is deleted from
+** the file-system using sqlite3OsDelete().
+**
+** If an IO error within this function, an error code is returned. This
+** function allocates memory by calling sqlite3Malloc(). If an allocation
+** fails, SQLITE_NOMEM is returned. Otherwise, if no IO or malloc errors
+** occur, SQLITE_OK is returned.
+**
+** TODO: This function allocates a single block of memory to load
+** the entire contents of the master journal file. This could be
+** a couple of kilobytes or so - potentially larger than the page
+** size.
+*/
+static int pager_delmaster(Pager *pPager, const char *zMaster){
+ sqlite3_vfs *pVfs = pPager->pVfs;
+ int rc; /* Return code */
+ sqlite3_file *pMaster; /* Malloc'd master-journal file descriptor */
+ sqlite3_file *pJournal; /* Malloc'd child-journal file descriptor */
+ char *zMasterJournal = 0; /* Contents of master journal file */
+ i64 nMasterJournal; /* Size of master journal file */
+ char *zJournal; /* Pointer to one journal within MJ file */
+ char *zMasterPtr; /* Space to hold MJ filename from a journal file */
+ int nMasterPtr; /* Amount of space allocated to zMasterPtr[] */
+
+ /* Allocate space for both the pJournal and pMaster file descriptors.
+ ** If successful, open the master journal file for reading.
+ */
+ pMaster = (sqlite3_file *)sqlite3MallocZero(pVfs->szOsFile * 2);
+ pJournal = (sqlite3_file *)(((u8 *)pMaster) + pVfs->szOsFile);
+ if( !pMaster ){
+ rc = SQLITE_NOMEM;
+ }else{
+ const int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_MASTER_JOURNAL);
+ rc = sqlite3OsOpen(pVfs, zMaster, pMaster, flags, 0);
+ }
+ if( rc!=SQLITE_OK ) goto delmaster_out;
+
+ /* Load the entire master journal file into space obtained from
+ ** sqlite3_malloc() and pointed to by zMasterJournal. Also obtain
+ ** sufficient space (in zMasterPtr) to hold the names of master
+ ** journal files extracted from regular rollback-journals.
+ */
+ rc = sqlite3OsFileSize(pMaster, &nMasterJournal);
+ if( rc!=SQLITE_OK ) goto delmaster_out;
+ nMasterPtr = pVfs->mxPathname+1;
+ zMasterJournal = sqlite3Malloc(nMasterJournal + nMasterPtr + 1);
+ if( !zMasterJournal ){
+ rc = SQLITE_NOMEM;
+ goto delmaster_out;
+ }
+ zMasterPtr = &zMasterJournal[nMasterJournal+1];
+ rc = sqlite3OsRead(pMaster, zMasterJournal, (int)nMasterJournal, 0);
+ if( rc!=SQLITE_OK ) goto delmaster_out;
+ zMasterJournal[nMasterJournal] = 0;
+
+ zJournal = zMasterJournal;
+ while( (zJournal-zMasterJournal)<nMasterJournal ){
+ int exists;
+ rc = sqlite3OsAccess(pVfs, zJournal, SQLITE_ACCESS_EXISTS, &exists);
+ if( rc!=SQLITE_OK ){
+ goto delmaster_out;
+ }
+ if( exists ){
+ /* One of the journals pointed to by the master journal exists.
+ ** Open it and check if it points at the master journal. If
+ ** so, return without deleting the master journal file.
+ */
+ int c;
+ int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_MAIN_JOURNAL);
+ rc = sqlite3OsOpen(pVfs, zJournal, pJournal, flags, 0);
+ if( rc!=SQLITE_OK ){
+ goto delmaster_out;
+ }
+
+ rc = readMasterJournal(pJournal, zMasterPtr, nMasterPtr);
+ sqlite3OsClose(pJournal);
+ if( rc!=SQLITE_OK ){
+ goto delmaster_out;
+ }
+
+ c = zMasterPtr[0]!=0 && strcmp(zMasterPtr, zMaster)==0;
+ if( c ){
+ /* We have a match. Do not delete the master journal file. */
+ goto delmaster_out;
+ }
+ }
+ zJournal += (sqlite3Strlen30(zJournal)+1);
+ }
+
+ sqlite3OsClose(pMaster);
+ rc = sqlite3OsDelete(pVfs, zMaster, 0);
+
+delmaster_out:
+ sqlite3_free(zMasterJournal);
+ if( pMaster ){
+ sqlite3OsClose(pMaster);
+ assert( !isOpen(pJournal) );
+ sqlite3_free(pMaster);
+ }
+ return rc;
+}
+
+
+/*
+** This function is used to change the actual size of the database
+** file in the file-system. This only happens when committing a transaction,
+** or rolling back a transaction (including rolling back a hot-journal).
+**
+** If the main database file is not open, or the pager is not in either
+** DBMOD or OPEN state, this function is a no-op. Otherwise, the size
+** of the file is changed to nPage pages (nPage*pPager->pageSize bytes).
+** If the file on disk is currently larger than nPage pages, then use the VFS
+** xTruncate() method to truncate it.
+**
+** Or, it might be the case that the file on disk is smaller than
+** nPage pages. Some operating system implementations can get confused if
+** you try to truncate a file to some size that is larger than it
+** currently is, so detect this case and write a single zero byte to
+** the end of the new file instead.
+**
+** If successful, return SQLITE_OK. If an IO error occurs while modifying
+** the database file, return the error code to the caller.
+*/
+static int pager_truncate(Pager *pPager, Pgno nPage){
+ int rc = SQLITE_OK;
+ assert( pPager->eState!=PAGER_ERROR );
+ assert( pPager->eState!=PAGER_READER );
+
+ if( isOpen(pPager->fd)
+ && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN)
+ ){
+ i64 currentSize, newSize;
+ int szPage = pPager->pageSize;
+ assert( pPager->eLock==EXCLUSIVE_LOCK );
+ /* TODO: Is it safe to use Pager.dbFileSize here? */
+ rc = sqlite3OsFileSize(pPager->fd, &currentSize);
+ newSize = szPage*(i64)nPage;
+ if( rc==SQLITE_OK && currentSize!=newSize ){
+ if( currentSize>newSize ){
+ rc = sqlite3OsTruncate(pPager->fd, newSize);
+ }else if( (currentSize+szPage)<=newSize ){
+ char *pTmp = pPager->pTmpSpace;
+ memset(pTmp, 0, szPage);
+ testcase( (newSize-szPage) == currentSize );
+ testcase( (newSize-szPage) > currentSize );
+ rc = sqlite3OsWrite(pPager->fd, pTmp, szPage, newSize-szPage);
+ }
+ if( rc==SQLITE_OK ){
+ pPager->dbFileSize = nPage;
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Return a sanitized version of the sector-size of OS file pFile. The
+** return value is guaranteed to lie between 32 and MAX_SECTOR_SIZE.
+*/
+SQLITE_PRIVATE int sqlite3SectorSize(sqlite3_file *pFile){
+ int iRet = sqlite3OsSectorSize(pFile);
+ if( iRet<32 ){
+ iRet = 512;
+ }else if( iRet>MAX_SECTOR_SIZE ){
+ assert( MAX_SECTOR_SIZE>=512 );
+ iRet = MAX_SECTOR_SIZE;
+ }
+ return iRet;
+}
+
+/*
+** Set the value of the Pager.sectorSize variable for the given
+** pager based on the value returned by the xSectorSize method
+** of the open database file. The sector size will be used
+** to determine the size and alignment of journal header and
+** master journal pointers within created journal files.
+**
+** For temporary files the effective sector size is always 512 bytes.
+**
+** Otherwise, for non-temporary files, the effective sector size is
+** the value returned by the xSectorSize() method rounded up to 32 if
+** it is less than 32, or rounded down to MAX_SECTOR_SIZE if it
+** is greater than MAX_SECTOR_SIZE.
+**
+** If the file has the SQLITE_IOCAP_POWERSAFE_OVERWRITE property, then set
+** the effective sector size to its minimum value (512). The purpose of
+** pPager->sectorSize is to define the "blast radius" of bytes that
+** might change if a crash occurs while writing to a single byte in
+** that range. But with POWERSAFE_OVERWRITE, the blast radius is zero
+** (that is what POWERSAFE_OVERWRITE means), so we minimize the sector
+** size. For backwards compatibility of the rollback journal file format,
+** we cannot reduce the effective sector size below 512.
+*/
+static void setSectorSize(Pager *pPager){
+ assert( isOpen(pPager->fd) || pPager->tempFile );
+
+ if( pPager->tempFile
+ || (sqlite3OsDeviceCharacteristics(pPager->fd) &
+ SQLITE_IOCAP_POWERSAFE_OVERWRITE)!=0
+ ){
+ /* Sector size doesn't matter for temporary files. Also, the file
+ ** may not have been opened yet, in which case the OsSectorSize()
+ ** call will segfault. */
+ pPager->sectorSize = 512;
+ }else{
+ pPager->sectorSize = sqlite3SectorSize(pPager->fd);
+ }
+}
+
+/*
+** Playback the journal and thus restore the database file to
+** the state it was in before we started making changes.
+**
+** The journal file format is as follows:
+**
+** (1) 8 byte prefix. A copy of aJournalMagic[].
+** (2) 4 byte big-endian integer which is the number of valid page records
+** in the journal. If this value is 0xffffffff, then compute the
+** number of page records from the journal size.
+** (3) 4 byte big-endian integer which is the initial value for the
+** sanity checksum.
+** (4) 4 byte integer which is the number of pages to truncate the
+** database to during a rollback.
+** (5) 4 byte big-endian integer which is the sector size. The header
+** is this many bytes in size.
+** (6) 4 byte big-endian integer which is the page size.
+** (7) zero padding out to the next sector size.
+** (8) Zero or more pages instances, each as follows:
+** + 4 byte page number.
+** + pPager->pageSize bytes of data.
+** + 4 byte checksum
+**
+** When we speak of the journal header, we mean the first 7 items above.
+** Each entry in the journal is an instance of the 8th item.
+**
+** Call the value from the second bullet "nRec". nRec is the number of
+** valid page entries in the journal. In most cases, you can compute the
+** value of nRec from the size of the journal file. But if a power
+** failure occurred while the journal was being written, it could be the
+** case that the size of the journal file had already been increased but
+** the extra entries had not yet made it safely to disk. In such a case,
+** the value of nRec computed from the file size would be too large. For
+** that reason, we always use the nRec value in the header.
+**
+** If the nRec value is 0xffffffff it means that nRec should be computed
+** from the file size. This value is used when the user selects the
+** no-sync option for the journal. A power failure could lead to corruption
+** in this case. But for things like temporary table (which will be
+** deleted when the power is restored) we don't care.
+**
+** If the file opened as the journal file is not a well-formed
+** journal file then all pages up to the first corrupted page are rolled
+** back (or no pages if the journal header is corrupted). The journal file
+** is then deleted and SQLITE_OK returned, just as if no corruption had
+** been encountered.
+**
+** If an I/O or malloc() error occurs, the journal-file is not deleted
+** and an error code is returned.
+**
+** The isHot parameter indicates that we are trying to rollback a journal
+** that might be a hot journal. Or, it could be that the journal is
+** preserved because of JOURNALMODE_PERSIST or JOURNALMODE_TRUNCATE.
+** If the journal really is hot, reset the pager cache prior rolling
+** back any content. If the journal is merely persistent, no reset is
+** needed.
+*/
+static int pager_playback(Pager *pPager, int isHot){
+ sqlite3_vfs *pVfs = pPager->pVfs;
+ i64 szJ; /* Size of the journal file in bytes */
+ u32 nRec; /* Number of Records in the journal */
+ u32 u; /* Unsigned loop counter */
+ Pgno mxPg = 0; /* Size of the original file in pages */
+ int rc; /* Result code of a subroutine */
+ int res = 1; /* Value returned by sqlite3OsAccess() */
+ char *zMaster = 0; /* Name of master journal file if any */
+ int needPagerReset; /* True to reset page prior to first page rollback */
+ int nPlayback = 0; /* Total number of pages restored from journal */
+
+ /* Figure out how many records are in the journal. Abort early if
+ ** the journal is empty.
+ */
+ assert( isOpen(pPager->jfd) );
+ rc = sqlite3OsFileSize(pPager->jfd, &szJ);
+ if( rc!=SQLITE_OK ){
+ goto end_playback;
+ }
+
+ /* Read the master journal name from the journal, if it is present.
+ ** If a master journal file name is specified, but the file is not
+ ** present on disk, then the journal is not hot and does not need to be
+ ** played back.
+ **
+ ** TODO: Technically the following is an error because it assumes that
+ ** buffer Pager.pTmpSpace is (mxPathname+1) bytes or larger. i.e. that
+ ** (pPager->pageSize >= pPager->pVfs->mxPathname+1). Using os_unix.c,
+ ** mxPathname is 512, which is the same as the minimum allowable value
+ ** for pageSize.
+ */
+ zMaster = pPager->pTmpSpace;
+ rc = readMasterJournal(pPager->jfd, zMaster, pPager->pVfs->mxPathname+1);
+ if( rc==SQLITE_OK && zMaster[0] ){
+ rc = sqlite3OsAccess(pVfs, zMaster, SQLITE_ACCESS_EXISTS, &res);
+ }
+ zMaster = 0;
+ if( rc!=SQLITE_OK || !res ){
+ goto end_playback;
+ }
+ pPager->journalOff = 0;
+ needPagerReset = isHot;
+
+ /* This loop terminates either when a readJournalHdr() or
+ ** pager_playback_one_page() call returns SQLITE_DONE or an IO error
+ ** occurs.
+ */
+ while( 1 ){
+ /* Read the next journal header from the journal file. If there are
+ ** not enough bytes left in the journal file for a complete header, or
+ ** it is corrupted, then a process must have failed while writing it.
+ ** This indicates nothing more needs to be rolled back.
+ */
+ rc = readJournalHdr(pPager, isHot, szJ, &nRec, &mxPg);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_DONE ){
+ rc = SQLITE_OK;
+ }
+ goto end_playback;
+ }
+
+ /* If nRec is 0xffffffff, then this journal was created by a process
+ ** working in no-sync mode. This means that the rest of the journal
+ ** file consists of pages, there are no more journal headers. Compute
+ ** the value of nRec based on this assumption.
+ */
+ if( nRec==0xffffffff ){
+ assert( pPager->journalOff==JOURNAL_HDR_SZ(pPager) );
+ nRec = (int)((szJ - JOURNAL_HDR_SZ(pPager))/JOURNAL_PG_SZ(pPager));
+ }
+
+ /* If nRec is 0 and this rollback is of a transaction created by this
+ ** process and if this is the final header in the journal, then it means
+ ** that this part of the journal was being filled but has not yet been
+ ** synced to disk. Compute the number of pages based on the remaining
+ ** size of the file.
+ **
+ ** The third term of the test was added to fix ticket #2565.
+ ** When rolling back a hot journal, nRec==0 always means that the next
+ ** chunk of the journal contains zero pages to be rolled back. But
+ ** when doing a ROLLBACK and the nRec==0 chunk is the last chunk in
+ ** the journal, it means that the journal might contain additional
+ ** pages that need to be rolled back and that the number of pages
+ ** should be computed based on the journal file size.
+ */
+ if( nRec==0 && !isHot &&
+ pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff ){
+ nRec = (int)((szJ - pPager->journalOff) / JOURNAL_PG_SZ(pPager));
+ }
+
+ /* If this is the first header read from the journal, truncate the
+ ** database file back to its original size.
+ */
+ if( pPager->journalOff==JOURNAL_HDR_SZ(pPager) ){
+ rc = pager_truncate(pPager, mxPg);
+ if( rc!=SQLITE_OK ){
+ goto end_playback;
+ }
+ pPager->dbSize = mxPg;
+ }
+
+ /* Copy original pages out of the journal and back into the
+ ** database file and/or page cache.
+ */
+ for(u=0; u<nRec; u++){
+ if( needPagerReset ){
+ pager_reset(pPager);
+ needPagerReset = 0;
+ }
+ rc = pager_playback_one_page(pPager,&pPager->journalOff,0,1,0);
+ if( rc==SQLITE_OK ){
+ nPlayback++;
+ }else{
+ if( rc==SQLITE_DONE ){
+ pPager->journalOff = szJ;
+ break;
+ }else if( rc==SQLITE_IOERR_SHORT_READ ){
+ /* If the journal has been truncated, simply stop reading and
+ ** processing the journal. This might happen if the journal was
+ ** not completely written and synced prior to a crash. In that
+ ** case, the database should have never been written in the
+ ** first place so it is OK to simply abandon the rollback. */
+ rc = SQLITE_OK;
+ goto end_playback;
+ }else{
+ /* If we are unable to rollback, quit and return the error
+ ** code. This will cause the pager to enter the error state
+ ** so that no further harm will be done. Perhaps the next
+ ** process to come along will be able to rollback the database.
+ */
+ goto end_playback;
+ }
+ }
+ }
+ }
+ /*NOTREACHED*/
+ assert( 0 );
+
+end_playback:
+ /* Following a rollback, the database file should be back in its original
+ ** state prior to the start of the transaction, so invoke the
+ ** SQLITE_FCNTL_DB_UNCHANGED file-control method to disable the
+ ** assertion that the transaction counter was modified.
+ */
+#ifdef SQLITE_DEBUG
+ if( pPager->fd->pMethods ){
+ sqlite3OsFileControlHint(pPager->fd,SQLITE_FCNTL_DB_UNCHANGED,0);
+ }
+#endif
+
+ /* If this playback is happening automatically as a result of an IO or
+ ** malloc error that occurred after the change-counter was updated but
+ ** before the transaction was committed, then the change-counter
+ ** modification may just have been reverted. If this happens in exclusive
+ ** mode, then subsequent transactions performed by the connection will not
+ ** update the change-counter at all. This may lead to cache inconsistency
+ ** problems for other processes at some point in the future. So, just
+ ** in case this has happened, clear the changeCountDone flag now.
+ */
+ pPager->changeCountDone = pPager->tempFile;
+
+ if( rc==SQLITE_OK ){
+ zMaster = pPager->pTmpSpace;
+ rc = readMasterJournal(pPager->jfd, zMaster, pPager->pVfs->mxPathname+1);
+ testcase( rc!=SQLITE_OK );
+ }
+ if( rc==SQLITE_OK
+ && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN)
+ ){
+ rc = sqlite3PagerSync(pPager, 0);
+ }
+ if( rc==SQLITE_OK ){
+ rc = pager_end_transaction(pPager, zMaster[0]!='\0', 0);
+ testcase( rc!=SQLITE_OK );
+ }
+ if( rc==SQLITE_OK && zMaster[0] && res ){
+ /* If there was a master journal and this routine will return success,
+ ** see if it is possible to delete the master journal.
+ */
+ rc = pager_delmaster(pPager, zMaster);
+ testcase( rc!=SQLITE_OK );
+ }
+ if( isHot && nPlayback ){
+ sqlite3_log(SQLITE_NOTICE_RECOVER_ROLLBACK, "recovered %d pages from %s",
+ nPlayback, pPager->zJournal);
+ }
+
+ /* The Pager.sectorSize variable may have been updated while rolling
+ ** back a journal created by a process with a different sector size
+ ** value. Reset it to the correct value for this process.
+ */
+ setSectorSize(pPager);
+ return rc;
+}
+
+
+/*
+** Read the content for page pPg out of the database file and into
+** pPg->pData. A shared lock or greater must be held on the database
+** file before this function is called.
+**
+** If page 1 is read, then the value of Pager.dbFileVers[] is set to
+** the value read from the database file.
+**
+** If an IO error occurs, then the IO error is returned to the caller.
+** Otherwise, SQLITE_OK is returned.
+*/
+static int readDbPage(PgHdr *pPg, u32 iFrame){
+ Pager *pPager = pPg->pPager; /* Pager object associated with page pPg */
+ Pgno pgno = pPg->pgno; /* Page number to read */
+ int rc = SQLITE_OK; /* Return code */
+ int pgsz = pPager->pageSize; /* Number of bytes to read */
+
+ assert( pPager->eState>=PAGER_READER && !MEMDB );
+ assert( isOpen(pPager->fd) );
+
+#ifndef SQLITE_OMIT_WAL
+ if( iFrame ){
+ /* Try to pull the page from the write-ahead log. */
+ rc = sqlite3WalReadFrame(pPager->pWal, iFrame, pgsz, pPg->pData);
+ }else
+#endif
+ {
+ i64 iOffset = (pgno-1)*(i64)pPager->pageSize;
+ rc = sqlite3OsRead(pPager->fd, pPg->pData, pgsz, iOffset);
+ if( rc==SQLITE_IOERR_SHORT_READ ){
+ rc = SQLITE_OK;
+ }
+ }
+
+ if( pgno==1 ){
+ if( rc ){
+ /* If the read is unsuccessful, set the dbFileVers[] to something
+ ** that will never be a valid file version. dbFileVers[] is a copy
+ ** of bytes 24..39 of the database. Bytes 28..31 should always be
+ ** zero or the size of the database in page. Bytes 32..35 and 35..39
+ ** should be page numbers which are never 0xffffffff. So filling
+ ** pPager->dbFileVers[] with all 0xff bytes should suffice.
+ **
+ ** For an encrypted database, the situation is more complex: bytes
+ ** 24..39 of the database are white noise. But the probability of
+ ** white noise equaling 16 bytes of 0xff is vanishingly small so
+ ** we should still be ok.
+ */
+ memset(pPager->dbFileVers, 0xff, sizeof(pPager->dbFileVers));
+ }else{
+ u8 *dbFileVers = &((u8*)pPg->pData)[24];
+ memcpy(&pPager->dbFileVers, dbFileVers, sizeof(pPager->dbFileVers));
+ }
+ }
+ CODEC1(pPager, pPg->pData, pgno, 3, rc = SQLITE_NOMEM);
+
+ PAGER_INCR(sqlite3_pager_readdb_count);
+ PAGER_INCR(pPager->nRead);
+ IOTRACE(("PGIN %p %d\n", pPager, pgno));
+ PAGERTRACE(("FETCH %d page %d hash(%08x)\n",
+ PAGERID(pPager), pgno, pager_pagehash(pPg)));
+
+ return rc;
+}
+
+/*
+** Update the value of the change-counter at offsets 24 and 92 in
+** the header and the sqlite version number at offset 96.
+**
+** This is an unconditional update. See also the pager_incr_changecounter()
+** routine which only updates the change-counter if the update is actually
+** needed, as determined by the pPager->changeCountDone state variable.
+*/
+static void pager_write_changecounter(PgHdr *pPg){
+ u32 change_counter;
+
+ /* Increment the value just read and write it back to byte 24. */
+ change_counter = sqlite3Get4byte((u8*)pPg->pPager->dbFileVers)+1;
+ put32bits(((char*)pPg->pData)+24, change_counter);
+
+ /* Also store the SQLite version number in bytes 96..99 and in
+ ** bytes 92..95 store the change counter for which the version number
+ ** is valid. */
+ put32bits(((char*)pPg->pData)+92, change_counter);
+ put32bits(((char*)pPg->pData)+96, SQLITE_VERSION_NUMBER);
+}
+
+#ifndef SQLITE_OMIT_WAL
+/*
+** This function is invoked once for each page that has already been
+** written into the log file when a WAL transaction is rolled back.
+** Parameter iPg is the page number of said page. The pCtx argument
+** is actually a pointer to the Pager structure.
+**
+** If page iPg is present in the cache, and has no outstanding references,
+** it is discarded. Otherwise, if there are one or more outstanding
+** references, the page content is reloaded from the database. If the
+** attempt to reload content from the database is required and fails,
+** return an SQLite error code. Otherwise, SQLITE_OK.
+*/
+static int pagerUndoCallback(void *pCtx, Pgno iPg){
+ int rc = SQLITE_OK;
+ Pager *pPager = (Pager *)pCtx;
+ PgHdr *pPg;
+
+ assert( pagerUseWal(pPager) );
+ pPg = sqlite3PagerLookup(pPager, iPg);
+ if( pPg ){
+ if( sqlite3PcachePageRefcount(pPg)==1 ){
+ sqlite3PcacheDrop(pPg);
+ }else{
+ u32 iFrame = 0;
+ rc = sqlite3WalFindFrame(pPager->pWal, pPg->pgno, &iFrame);
+ if( rc==SQLITE_OK ){
+ rc = readDbPage(pPg, iFrame);
+ }
+ if( rc==SQLITE_OK ){
+ pPager->xReiniter(pPg);
+ }
+ sqlite3PagerUnrefNotNull(pPg);
+ }
+ }
+
+ /* Normally, if a transaction is rolled back, any backup processes are
+ ** updated as data is copied out of the rollback journal and into the
+ ** database. This is not generally possible with a WAL database, as
+ ** rollback involves simply truncating the log file. Therefore, if one
+ ** or more frames have already been written to the log (and therefore
+ ** also copied into the backup databases) as part of this transaction,
+ ** the backups must be restarted.
+ */
+ sqlite3BackupRestart(pPager->pBackup);
+
+ return rc;
+}
+
+/*
+** This function is called to rollback a transaction on a WAL database.
+*/
+static int pagerRollbackWal(Pager *pPager){
+ int rc; /* Return Code */
+ PgHdr *pList; /* List of dirty pages to revert */
+
+ /* For all pages in the cache that are currently dirty or have already
+ ** been written (but not committed) to the log file, do one of the
+ ** following:
+ **
+ ** + Discard the cached page (if refcount==0), or
+ ** + Reload page content from the database (if refcount>0).
+ */
+ pPager->dbSize = pPager->dbOrigSize;
+ rc = sqlite3WalUndo(pPager->pWal, pagerUndoCallback, (void *)pPager);
+ pList = sqlite3PcacheDirtyList(pPager->pPCache);
+ while( pList && rc==SQLITE_OK ){
+ PgHdr *pNext = pList->pDirty;
+ rc = pagerUndoCallback((void *)pPager, pList->pgno);
+ pList = pNext;
+ }
+
+ return rc;
+}
+
+/*
+** This function is a wrapper around sqlite3WalFrames(). As well as logging
+** the contents of the list of pages headed by pList (connected by pDirty),
+** this function notifies any active backup processes that the pages have
+** changed.
+**
+** The list of pages passed into this routine is always sorted by page number.
+** Hence, if page 1 appears anywhere on the list, it will be the first page.
+*/
+static int pagerWalFrames(
+ Pager *pPager, /* Pager object */
+ PgHdr *pList, /* List of frames to log */
+ Pgno nTruncate, /* Database size after this commit */
+ int isCommit /* True if this is a commit */
+){
+ int rc; /* Return code */
+ int nList; /* Number of pages in pList */
+ PgHdr *p; /* For looping over pages */
+
+ assert( pPager->pWal );
+ assert( pList );
+#ifdef SQLITE_DEBUG
+ /* Verify that the page list is in accending order */
+ for(p=pList; p && p->pDirty; p=p->pDirty){
+ assert( p->pgno < p->pDirty->pgno );
+ }
+#endif
+
+ assert( pList->pDirty==0 || isCommit );
+ if( isCommit ){
+ /* If a WAL transaction is being committed, there is no point in writing
+ ** any pages with page numbers greater than nTruncate into the WAL file.
+ ** They will never be read by any client. So remove them from the pDirty
+ ** list here. */
+ PgHdr **ppNext = &pList;
+ nList = 0;
+ for(p=pList; (*ppNext = p)!=0; p=p->pDirty){
+ if( p->pgno<=nTruncate ){
+ ppNext = &p->pDirty;
+ nList++;
+ }
+ }
+ assert( pList );
+ }else{
+ nList = 1;
+ }
+ pPager->aStat[PAGER_STAT_WRITE] += nList;
+
+ if( pList->pgno==1 ) pager_write_changecounter(pList);
+ rc = sqlite3WalFrames(pPager->pWal,
+ pPager->pageSize, pList, nTruncate, isCommit, pPager->walSyncFlags
+ );
+ if( rc==SQLITE_OK && pPager->pBackup ){
+ for(p=pList; p; p=p->pDirty){
+ sqlite3BackupUpdate(pPager->pBackup, p->pgno, (u8 *)p->pData);
+ }
+ }
+
+#ifdef SQLITE_CHECK_PAGES
+ pList = sqlite3PcacheDirtyList(pPager->pPCache);
+ for(p=pList; p; p=p->pDirty){
+ pager_set_pagehash(p);
+ }
+#endif
+
+ return rc;
+}
+
+/*
+** Begin a read transaction on the WAL.
+**
+** This routine used to be called "pagerOpenSnapshot()" because it essentially
+** makes a snapshot of the database at the current point in time and preserves
+** that snapshot for use by the reader in spite of concurrently changes by
+** other writers or checkpointers.
+*/
+static int pagerBeginReadTransaction(Pager *pPager){
+ int rc; /* Return code */
+ int changed = 0; /* True if cache must be reset */
+
+ assert( pagerUseWal(pPager) );
+ assert( pPager->eState==PAGER_OPEN || pPager->eState==PAGER_READER );
+
+ /* sqlite3WalEndReadTransaction() was not called for the previous
+ ** transaction in locking_mode=EXCLUSIVE. So call it now. If we
+ ** are in locking_mode=NORMAL and EndRead() was previously called,
+ ** the duplicate call is harmless.
+ */
+ sqlite3WalEndReadTransaction(pPager->pWal);
+
+ rc = sqlite3WalBeginReadTransaction(pPager->pWal, &changed);
+ if( rc!=SQLITE_OK || changed ){
+ pager_reset(pPager);
+ if( USEFETCH(pPager) ) sqlite3OsUnfetch(pPager->fd, 0, 0);
+ }
+
+ return rc;
+}
+#endif
+
+/*
+** This function is called as part of the transition from PAGER_OPEN
+** to PAGER_READER state to determine the size of the database file
+** in pages (assuming the page size currently stored in Pager.pageSize).
+**
+** If no error occurs, SQLITE_OK is returned and the size of the database
+** in pages is stored in *pnPage. Otherwise, an error code (perhaps
+** SQLITE_IOERR_FSTAT) is returned and *pnPage is left unmodified.
+*/
+static int pagerPagecount(Pager *pPager, Pgno *pnPage){
+ Pgno nPage; /* Value to return via *pnPage */
+
+ /* Query the WAL sub-system for the database size. The WalDbsize()
+ ** function returns zero if the WAL is not open (i.e. Pager.pWal==0), or
+ ** if the database size is not available. The database size is not
+ ** available from the WAL sub-system if the log file is empty or
+ ** contains no valid committed transactions.
+ */
+ assert( pPager->eState==PAGER_OPEN );
+ assert( pPager->eLock>=SHARED_LOCK );
+ nPage = sqlite3WalDbsize(pPager->pWal);
+
+ /* If the number of pages in the database is not available from the
+ ** WAL sub-system, determine the page counte based on the size of
+ ** the database file. If the size of the database file is not an
+ ** integer multiple of the page-size, round up the result.
+ */
+ if( nPage==0 ){
+ i64 n = 0; /* Size of db file in bytes */
+ assert( isOpen(pPager->fd) || pPager->tempFile );
+ if( isOpen(pPager->fd) ){
+ int rc = sqlite3OsFileSize(pPager->fd, &n);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }
+ nPage = (Pgno)((n+pPager->pageSize-1) / pPager->pageSize);
+ }
+
+ /* If the current number of pages in the file is greater than the
+ ** configured maximum pager number, increase the allowed limit so
+ ** that the file can be read.
+ */
+ if( nPage>pPager->mxPgno ){
+ pPager->mxPgno = (Pgno)nPage;
+ }
+
+ *pnPage = nPage;
+ return SQLITE_OK;
+}
+
+#ifndef SQLITE_OMIT_WAL
+/*
+** Check if the *-wal file that corresponds to the database opened by pPager
+** exists if the database is not empy, or verify that the *-wal file does
+** not exist (by deleting it) if the database file is empty.
+**
+** If the database is not empty and the *-wal file exists, open the pager
+** in WAL mode. If the database is empty or if no *-wal file exists and
+** if no error occurs, make sure Pager.journalMode is not set to
+** PAGER_JOURNALMODE_WAL.
+**
+** Return SQLITE_OK or an error code.
+**
+** The caller must hold a SHARED lock on the database file to call this
+** function. Because an EXCLUSIVE lock on the db file is required to delete
+** a WAL on a none-empty database, this ensures there is no race condition
+** between the xAccess() below and an xDelete() being executed by some
+** other connection.
+*/
+static int pagerOpenWalIfPresent(Pager *pPager){
+ int rc = SQLITE_OK;
+ assert( pPager->eState==PAGER_OPEN );
+ assert( pPager->eLock>=SHARED_LOCK );
+
+ if( !pPager->tempFile ){
+ int isWal; /* True if WAL file exists */
+ Pgno nPage; /* Size of the database file */
+
+ rc = pagerPagecount(pPager, &nPage);
+ if( rc ) return rc;
+ if( nPage==0 ){
+ rc = sqlite3OsDelete(pPager->pVfs, pPager->zWal, 0);
+ if( rc==SQLITE_IOERR_DELETE_NOENT ) rc = SQLITE_OK;
+ isWal = 0;
+ }else{
+ rc = sqlite3OsAccess(
+ pPager->pVfs, pPager->zWal, SQLITE_ACCESS_EXISTS, &isWal
+ );
+ }
+ if( rc==SQLITE_OK ){
+ if( isWal ){
+ testcase( sqlite3PcachePagecount(pPager->pPCache)==0 );
+ rc = sqlite3PagerOpenWal(pPager, 0);
+ }else if( pPager->journalMode==PAGER_JOURNALMODE_WAL ){
+ pPager->journalMode = PAGER_JOURNALMODE_DELETE;
+ }
+ }
+ }
+ return rc;
+}
+#endif
+
+/*
+** Playback savepoint pSavepoint. Or, if pSavepoint==NULL, then playback
+** the entire master journal file. The case pSavepoint==NULL occurs when
+** a ROLLBACK TO command is invoked on a SAVEPOINT that is a transaction
+** savepoint.
+**
+** When pSavepoint is not NULL (meaning a non-transaction savepoint is
+** being rolled back), then the rollback consists of up to three stages,
+** performed in the order specified:
+**
+** * Pages are played back from the main journal starting at byte
+** offset PagerSavepoint.iOffset and continuing to
+** PagerSavepoint.iHdrOffset, or to the end of the main journal
+** file if PagerSavepoint.iHdrOffset is zero.
+**
+** * If PagerSavepoint.iHdrOffset is not zero, then pages are played
+** back starting from the journal header immediately following
+** PagerSavepoint.iHdrOffset to the end of the main journal file.
+**
+** * Pages are then played back from the sub-journal file, starting
+** with the PagerSavepoint.iSubRec and continuing to the end of
+** the journal file.
+**
+** Throughout the rollback process, each time a page is rolled back, the
+** corresponding bit is set in a bitvec structure (variable pDone in the
+** implementation below). This is used to ensure that a page is only
+** rolled back the first time it is encountered in either journal.
+**
+** If pSavepoint is NULL, then pages are only played back from the main
+** journal file. There is no need for a bitvec in this case.
+**
+** In either case, before playback commences the Pager.dbSize variable
+** is reset to the value that it held at the start of the savepoint
+** (or transaction). No page with a page-number greater than this value
+** is played back. If one is encountered it is simply skipped.
+*/
+static int pagerPlaybackSavepoint(Pager *pPager, PagerSavepoint *pSavepoint){
+ i64 szJ; /* Effective size of the main journal */
+ i64 iHdrOff; /* End of first segment of main-journal records */
+ int rc = SQLITE_OK; /* Return code */
+ Bitvec *pDone = 0; /* Bitvec to ensure pages played back only once */
+
+ assert( pPager->eState!=PAGER_ERROR );
+ assert( pPager->eState>=PAGER_WRITER_LOCKED );
+
+ /* Allocate a bitvec to use to store the set of pages rolled back */
+ if( pSavepoint ){
+ pDone = sqlite3BitvecCreate(pSavepoint->nOrig);
+ if( !pDone ){
+ return SQLITE_NOMEM;
+ }
+ }
+
+ /* Set the database size back to the value it was before the savepoint
+ ** being reverted was opened.
+ */
+ pPager->dbSize = pSavepoint ? pSavepoint->nOrig : pPager->dbOrigSize;
+ pPager->changeCountDone = pPager->tempFile;
+
+ if( !pSavepoint && pagerUseWal(pPager) ){
+ return pagerRollbackWal(pPager);
+ }
+
+ /* Use pPager->journalOff as the effective size of the main rollback
+ ** journal. The actual file might be larger than this in
+ ** PAGER_JOURNALMODE_TRUNCATE or PAGER_JOURNALMODE_PERSIST. But anything
+ ** past pPager->journalOff is off-limits to us.
+ */
+ szJ = pPager->journalOff;
+ assert( pagerUseWal(pPager)==0 || szJ==0 );
+
+ /* Begin by rolling back records from the main journal starting at
+ ** PagerSavepoint.iOffset and continuing to the next journal header.
+ ** There might be records in the main journal that have a page number
+ ** greater than the current database size (pPager->dbSize) but those
+ ** will be skipped automatically. Pages are added to pDone as they
+ ** are played back.
+ */
+ if( pSavepoint && !pagerUseWal(pPager) ){
+ iHdrOff = pSavepoint->iHdrOffset ? pSavepoint->iHdrOffset : szJ;
+ pPager->journalOff = pSavepoint->iOffset;
+ while( rc==SQLITE_OK && pPager->journalOff<iHdrOff ){
+ rc = pager_playback_one_page(pPager, &pPager->journalOff, pDone, 1, 1);
+ }
+ assert( rc!=SQLITE_DONE );
+ }else{
+ pPager->journalOff = 0;
+ }
+
+ /* Continue rolling back records out of the main journal starting at
+ ** the first journal header seen and continuing until the effective end
+ ** of the main journal file. Continue to skip out-of-range pages and
+ ** continue adding pages rolled back to pDone.
+ */
+ while( rc==SQLITE_OK && pPager->journalOff<szJ ){
+ u32 ii; /* Loop counter */
+ u32 nJRec = 0; /* Number of Journal Records */
+ u32 dummy;
+ rc = readJournalHdr(pPager, 0, szJ, &nJRec, &dummy);
+ assert( rc!=SQLITE_DONE );
+
+ /*
+ ** The "pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff"
+ ** test is related to ticket #2565. See the discussion in the
+ ** pager_playback() function for additional information.
+ */
+ if( nJRec==0
+ && pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff
+ ){
+ nJRec = (u32)((szJ - pPager->journalOff)/JOURNAL_PG_SZ(pPager));
+ }
+ for(ii=0; rc==SQLITE_OK && ii<nJRec && pPager->journalOff<szJ; ii++){
+ rc = pager_playback_one_page(pPager, &pPager->journalOff, pDone, 1, 1);
+ }
+ assert( rc!=SQLITE_DONE );
+ }
+ assert( rc!=SQLITE_OK || pPager->journalOff>=szJ );
+
+ /* Finally, rollback pages from the sub-journal. Page that were
+ ** previously rolled back out of the main journal (and are hence in pDone)
+ ** will be skipped. Out-of-range pages are also skipped.
+ */
+ if( pSavepoint ){
+ u32 ii; /* Loop counter */
+ i64 offset = (i64)pSavepoint->iSubRec*(4+pPager->pageSize);
+
+ if( pagerUseWal(pPager) ){
+ rc = sqlite3WalSavepointUndo(pPager->pWal, pSavepoint->aWalData);
+ }
+ for(ii=pSavepoint->iSubRec; rc==SQLITE_OK && ii<pPager->nSubRec; ii++){
+ assert( offset==(i64)ii*(4+pPager->pageSize) );
+ rc = pager_playback_one_page(pPager, &offset, pDone, 0, 1);
+ }
+ assert( rc!=SQLITE_DONE );
+ }
+
+ sqlite3BitvecDestroy(pDone);
+ if( rc==SQLITE_OK ){
+ pPager->journalOff = szJ;
+ }
+
+ return rc;
+}
+
+/*
+** Change the maximum number of in-memory pages that are allowed
+** before attempting to recycle clean and unused pages.
+*/
+SQLITE_PRIVATE void sqlite3PagerSetCachesize(Pager *pPager, int mxPage){
+ sqlite3PcacheSetCachesize(pPager->pPCache, mxPage);
+}
+
+/*
+** Change the maximum number of in-memory pages that are allowed
+** before attempting to spill pages to journal.
+*/
+SQLITE_PRIVATE int sqlite3PagerSetSpillsize(Pager *pPager, int mxPage){
+ return sqlite3PcacheSetSpillsize(pPager->pPCache, mxPage);
+}
+
+/*
+** Invoke SQLITE_FCNTL_MMAP_SIZE based on the current value of szMmap.
+*/
+static void pagerFixMaplimit(Pager *pPager){
+#if SQLITE_MAX_MMAP_SIZE>0
+ sqlite3_file *fd = pPager->fd;
+ if( isOpen(fd) && fd->pMethods->iVersion>=3 ){
+ sqlite3_int64 sz;
+ sz = pPager->szMmap;
+ pPager->bUseFetch = (sz>0);
+ sqlite3OsFileControlHint(pPager->fd, SQLITE_FCNTL_MMAP_SIZE, &sz);
+ }
+#endif
+}
+
+/*
+** Change the maximum size of any memory mapping made of the database file.
+*/
+SQLITE_PRIVATE void sqlite3PagerSetMmapLimit(Pager *pPager, sqlite3_int64 szMmap){
+ pPager->szMmap = szMmap;
+ pagerFixMaplimit(pPager);
+}
+
+/*
+** Free as much memory as possible from the pager.
+*/
+SQLITE_PRIVATE void sqlite3PagerShrink(Pager *pPager){
+ sqlite3PcacheShrink(pPager->pPCache);
+}
+
+/*
+** Adjust settings of the pager to those specified in the pgFlags parameter.
+**
+** The "level" in pgFlags & PAGER_SYNCHRONOUS_MASK sets the robustness
+** of the database to damage due to OS crashes or power failures by
+** changing the number of syncs()s when writing the journals.
+** There are three levels:
+**
+** OFF sqlite3OsSync() is never called. This is the default
+** for temporary and transient files.
+**
+** NORMAL The journal is synced once before writes begin on the
+** database. This is normally adequate protection, but
+** it is theoretically possible, though very unlikely,
+** that an inopertune power failure could leave the journal
+** in a state which would cause damage to the database
+** when it is rolled back.
+**
+** FULL The journal is synced twice before writes begin on the
+** database (with some additional information - the nRec field
+** of the journal header - being written in between the two
+** syncs). If we assume that writing a
+** single disk sector is atomic, then this mode provides
+** assurance that the journal will not be corrupted to the
+** point of causing damage to the database during rollback.
+**
+** The above is for a rollback-journal mode. For WAL mode, OFF continues
+** to mean that no syncs ever occur. NORMAL means that the WAL is synced
+** prior to the start of checkpoint and that the database file is synced
+** at the conclusion of the checkpoint if the entire content of the WAL
+** was written back into the database. But no sync operations occur for
+** an ordinary commit in NORMAL mode with WAL. FULL means that the WAL
+** file is synced following each commit operation, in addition to the
+** syncs associated with NORMAL.
+**
+** Do not confuse synchronous=FULL with SQLITE_SYNC_FULL. The
+** SQLITE_SYNC_FULL macro means to use the MacOSX-style full-fsync
+** using fcntl(F_FULLFSYNC). SQLITE_SYNC_NORMAL means to do an
+** ordinary fsync() call. There is no difference between SQLITE_SYNC_FULL
+** and SQLITE_SYNC_NORMAL on platforms other than MacOSX. But the
+** synchronous=FULL versus synchronous=NORMAL setting determines when
+** the xSync primitive is called and is relevant to all platforms.
+**
+** Numeric values associated with these states are OFF==1, NORMAL=2,
+** and FULL=3.
+*/
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+SQLITE_PRIVATE void sqlite3PagerSetFlags(
+ Pager *pPager, /* The pager to set safety level for */
+ unsigned pgFlags /* Various flags */
+){
+ unsigned level = pgFlags & PAGER_SYNCHRONOUS_MASK;
+ assert( level>=1 && level<=3 );
+ pPager->noSync = (level==1 || pPager->tempFile) ?1:0;
+ pPager->fullSync = (level==3 && !pPager->tempFile) ?1:0;
+ if( pPager->noSync ){
+ pPager->syncFlags = 0;
+ pPager->ckptSyncFlags = 0;
+ }else if( pgFlags & PAGER_FULLFSYNC ){
+ pPager->syncFlags = SQLITE_SYNC_FULL;
+ pPager->ckptSyncFlags = SQLITE_SYNC_FULL;
+ }else if( pgFlags & PAGER_CKPT_FULLFSYNC ){
+ pPager->syncFlags = SQLITE_SYNC_NORMAL;
+ pPager->ckptSyncFlags = SQLITE_SYNC_FULL;
+ }else{
+ pPager->syncFlags = SQLITE_SYNC_NORMAL;
+ pPager->ckptSyncFlags = SQLITE_SYNC_NORMAL;
+ }
+ pPager->walSyncFlags = pPager->syncFlags;
+ if( pPager->fullSync ){
+ pPager->walSyncFlags |= WAL_SYNC_TRANSACTIONS;
+ }
+ if( pgFlags & PAGER_CACHESPILL ){
+ pPager->doNotSpill &= ~SPILLFLAG_OFF;
+ }else{
+ pPager->doNotSpill |= SPILLFLAG_OFF;
+ }
+}
+#endif
+
+/*
+** The following global variable is incremented whenever the library
+** attempts to open a temporary file. This information is used for
+** testing and analysis only.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_opentemp_count = 0;
+#endif
+
+/*
+** Open a temporary file.
+**
+** Write the file descriptor into *pFile. Return SQLITE_OK on success
+** or some other error code if we fail. The OS will automatically
+** delete the temporary file when it is closed.
+**
+** The flags passed to the VFS layer xOpen() call are those specified
+** by parameter vfsFlags ORed with the following:
+**
+** SQLITE_OPEN_READWRITE
+** SQLITE_OPEN_CREATE
+** SQLITE_OPEN_EXCLUSIVE
+** SQLITE_OPEN_DELETEONCLOSE
+*/
+static int pagerOpentemp(
+ Pager *pPager, /* The pager object */
+ sqlite3_file *pFile, /* Write the file descriptor here */
+ int vfsFlags /* Flags passed through to the VFS */
+){
+ int rc; /* Return code */
+
+#ifdef SQLITE_TEST
+ sqlite3_opentemp_count++; /* Used for testing and analysis only */
+#endif
+
+ vfsFlags |= SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE |
+ SQLITE_OPEN_EXCLUSIVE | SQLITE_OPEN_DELETEONCLOSE;
+ rc = sqlite3OsOpen(pPager->pVfs, 0, pFile, vfsFlags, 0);
+ assert( rc!=SQLITE_OK || isOpen(pFile) );
+ return rc;
+}
+
+/*
+** Set the busy handler function.
+**
+** The pager invokes the busy-handler if sqlite3OsLock() returns
+** SQLITE_BUSY when trying to upgrade from no-lock to a SHARED lock,
+** or when trying to upgrade from a RESERVED lock to an EXCLUSIVE
+** lock. It does *not* invoke the busy handler when upgrading from
+** SHARED to RESERVED, or when upgrading from SHARED to EXCLUSIVE
+** (which occurs during hot-journal rollback). Summary:
+**
+** Transition | Invokes xBusyHandler
+** --------------------------------------------------------
+** NO_LOCK -> SHARED_LOCK | Yes
+** SHARED_LOCK -> RESERVED_LOCK | No
+** SHARED_LOCK -> EXCLUSIVE_LOCK | No
+** RESERVED_LOCK -> EXCLUSIVE_LOCK | Yes
+**
+** If the busy-handler callback returns non-zero, the lock is
+** retried. If it returns zero, then the SQLITE_BUSY error is
+** returned to the caller of the pager API function.
+*/
+SQLITE_PRIVATE void sqlite3PagerSetBusyhandler(
+ Pager *pPager, /* Pager object */
+ int (*xBusyHandler)(void *), /* Pointer to busy-handler function */
+ void *pBusyHandlerArg /* Argument to pass to xBusyHandler */
+){
+ pPager->xBusyHandler = xBusyHandler;
+ pPager->pBusyHandlerArg = pBusyHandlerArg;
+
+ if( isOpen(pPager->fd) ){
+ void **ap = (void **)&pPager->xBusyHandler;
+ assert( ((int(*)(void *))(ap[0]))==xBusyHandler );
+ assert( ap[1]==pBusyHandlerArg );
+ sqlite3OsFileControlHint(pPager->fd, SQLITE_FCNTL_BUSYHANDLER, (void *)ap);
+ }
+}
+
+/*
+** Change the page size used by the Pager object. The new page size
+** is passed in *pPageSize.
+**
+** If the pager is in the error state when this function is called, it
+** is a no-op. The value returned is the error state error code (i.e.
+** one of SQLITE_IOERR, an SQLITE_IOERR_xxx sub-code or SQLITE_FULL).
+**
+** Otherwise, if all of the following are true:
+**
+** * the new page size (value of *pPageSize) is valid (a power
+** of two between 512 and SQLITE_MAX_PAGE_SIZE, inclusive), and
+**
+** * there are no outstanding page references, and
+**
+** * the database is either not an in-memory database or it is
+** an in-memory database that currently consists of zero pages.
+**
+** then the pager object page size is set to *pPageSize.
+**
+** If the page size is changed, then this function uses sqlite3PagerMalloc()
+** to obtain a new Pager.pTmpSpace buffer. If this allocation attempt
+** fails, SQLITE_NOMEM is returned and the page size remains unchanged.
+** In all other cases, SQLITE_OK is returned.
+**
+** If the page size is not changed, either because one of the enumerated
+** conditions above is not true, the pager was in error state when this
+** function was called, or because the memory allocation attempt failed,
+** then *pPageSize is set to the old, retained page size before returning.
+*/
+SQLITE_PRIVATE int sqlite3PagerSetPagesize(Pager *pPager, u32 *pPageSize, int nReserve){
+ int rc = SQLITE_OK;
+
+ /* It is not possible to do a full assert_pager_state() here, as this
+ ** function may be called from within PagerOpen(), before the state
+ ** of the Pager object is internally consistent.
+ **
+ ** At one point this function returned an error if the pager was in
+ ** PAGER_ERROR state. But since PAGER_ERROR state guarantees that
+ ** there is at least one outstanding page reference, this function
+ ** is a no-op for that case anyhow.
+ */
+
+ u32 pageSize = *pPageSize;
+ assert( pageSize==0 || (pageSize>=512 && pageSize<=SQLITE_MAX_PAGE_SIZE) );
+ if( (pPager->memDb==0 || pPager->dbSize==0)
+ && sqlite3PcacheRefCount(pPager->pPCache)==0
+ && pageSize && pageSize!=(u32)pPager->pageSize
+ ){
+ char *pNew = NULL; /* New temp space */
+ i64 nByte = 0;
+
+ if( pPager->eState>PAGER_OPEN && isOpen(pPager->fd) ){
+ rc = sqlite3OsFileSize(pPager->fd, &nByte);
+ }
+ if( rc==SQLITE_OK ){
+ pNew = (char *)sqlite3PageMalloc(pageSize);
+ if( !pNew ) rc = SQLITE_NOMEM;
+ }
+
+ if( rc==SQLITE_OK ){
+ pager_reset(pPager);
+ rc = sqlite3PcacheSetPageSize(pPager->pPCache, pageSize);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3PageFree(pPager->pTmpSpace);
+ pPager->pTmpSpace = pNew;
+ pPager->dbSize = (Pgno)((nByte+pageSize-1)/pageSize);
+ pPager->pageSize = pageSize;
+ }else{
+ sqlite3PageFree(pNew);
+ }
+ }
+
+ *pPageSize = pPager->pageSize;
+ if( rc==SQLITE_OK ){
+ if( nReserve<0 ) nReserve = pPager->nReserve;
+ assert( nReserve>=0 && nReserve<1000 );
+ pPager->nReserve = (i16)nReserve;
+ pagerReportSize(pPager);
+ pagerFixMaplimit(pPager);
+ }
+ return rc;
+}
+
+/*
+** Return a pointer to the "temporary page" buffer held internally
+** by the pager. This is a buffer that is big enough to hold the
+** entire content of a database page. This buffer is used internally
+** during rollback and will be overwritten whenever a rollback
+** occurs. But other modules are free to use it too, as long as
+** no rollbacks are happening.
+*/
+SQLITE_PRIVATE void *sqlite3PagerTempSpace(Pager *pPager){
+ return pPager->pTmpSpace;
+}
+
+/*
+** Attempt to set the maximum database page count if mxPage is positive.
+** Make no changes if mxPage is zero or negative. And never reduce the
+** maximum page count below the current size of the database.
+**
+** Regardless of mxPage, return the current maximum page count.
+*/
+SQLITE_PRIVATE int sqlite3PagerMaxPageCount(Pager *pPager, int mxPage){
+ if( mxPage>0 ){
+ pPager->mxPgno = mxPage;
+ }
+ assert( pPager->eState!=PAGER_OPEN ); /* Called only by OP_MaxPgcnt */
+ assert( pPager->mxPgno>=pPager->dbSize ); /* OP_MaxPgcnt enforces this */
+ return pPager->mxPgno;
+}
+
+/*
+** The following set of routines are used to disable the simulated
+** I/O error mechanism. These routines are used to avoid simulated
+** errors in places where we do not care about errors.
+**
+** Unless -DSQLITE_TEST=1 is used, these routines are all no-ops
+** and generate no code.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API extern int sqlite3_io_error_pending;
+SQLITE_API extern int sqlite3_io_error_hit;
+static int saved_cnt;
+void disable_simulated_io_errors(void){
+ saved_cnt = sqlite3_io_error_pending;
+ sqlite3_io_error_pending = -1;
+}
+void enable_simulated_io_errors(void){
+ sqlite3_io_error_pending = saved_cnt;
+}
+#else
+# define disable_simulated_io_errors()
+# define enable_simulated_io_errors()
+#endif
+
+/*
+** Read the first N bytes from the beginning of the file into memory
+** that pDest points to.
+**
+** If the pager was opened on a transient file (zFilename==""), or
+** opened on a file less than N bytes in size, the output buffer is
+** zeroed and SQLITE_OK returned. The rationale for this is that this
+** function is used to read database headers, and a new transient or
+** zero sized database has a header than consists entirely of zeroes.
+**
+** If any IO error apart from SQLITE_IOERR_SHORT_READ is encountered,
+** the error code is returned to the caller and the contents of the
+** output buffer undefined.
+*/
+SQLITE_PRIVATE int sqlite3PagerReadFileheader(Pager *pPager, int N, unsigned char *pDest){
+ int rc = SQLITE_OK;
+ memset(pDest, 0, N);
+ assert( isOpen(pPager->fd) || pPager->tempFile );
+
+ /* This routine is only called by btree immediately after creating
+ ** the Pager object. There has not been an opportunity to transition
+ ** to WAL mode yet.
+ */
+ assert( !pagerUseWal(pPager) );
+
+ if( isOpen(pPager->fd) ){
+ IOTRACE(("DBHDR %p 0 %d\n", pPager, N))
+ rc = sqlite3OsRead(pPager->fd, pDest, N, 0);
+ if( rc==SQLITE_IOERR_SHORT_READ ){
+ rc = SQLITE_OK;
+ }
+ }
+ return rc;
+}
+
+/*
+** This function may only be called when a read-transaction is open on
+** the pager. It returns the total number of pages in the database.
+**
+** However, if the file is between 1 and <page-size> bytes in size, then
+** this is considered a 1 page file.
+*/
+SQLITE_PRIVATE void sqlite3PagerPagecount(Pager *pPager, int *pnPage){
+ assert( pPager->eState>=PAGER_READER );
+ assert( pPager->eState!=PAGER_WRITER_FINISHED );
+ *pnPage = (int)pPager->dbSize;
+}
+
+
+/*
+** Try to obtain a lock of type locktype on the database file. If
+** a similar or greater lock is already held, this function is a no-op
+** (returning SQLITE_OK immediately).
+**
+** Otherwise, attempt to obtain the lock using sqlite3OsLock(). Invoke
+** the busy callback if the lock is currently not available. Repeat
+** until the busy callback returns false or until the attempt to
+** obtain the lock succeeds.
+**
+** Return SQLITE_OK on success and an error code if we cannot obtain
+** the lock. If the lock is obtained successfully, set the Pager.state
+** variable to locktype before returning.
+*/
+static int pager_wait_on_lock(Pager *pPager, int locktype){
+ int rc; /* Return code */
+
+ /* Check that this is either a no-op (because the requested lock is
+ ** already held), or one of the transitions that the busy-handler
+ ** may be invoked during, according to the comment above
+ ** sqlite3PagerSetBusyhandler().
+ */
+ assert( (pPager->eLock>=locktype)
+ || (pPager->eLock==NO_LOCK && locktype==SHARED_LOCK)
+ || (pPager->eLock==RESERVED_LOCK && locktype==EXCLUSIVE_LOCK)
+ );
+
+ do {
+ rc = pagerLockDb(pPager, locktype);
+ }while( rc==SQLITE_BUSY && pPager->xBusyHandler(pPager->pBusyHandlerArg) );
+ return rc;
+}
+
+/*
+** Function assertTruncateConstraint(pPager) checks that one of the
+** following is true for all dirty pages currently in the page-cache:
+**
+** a) The page number is less than or equal to the size of the
+** current database image, in pages, OR
+**
+** b) if the page content were written at this time, it would not
+** be necessary to write the current content out to the sub-journal
+** (as determined by function subjRequiresPage()).
+**
+** If the condition asserted by this function were not true, and the
+** dirty page were to be discarded from the cache via the pagerStress()
+** routine, pagerStress() would not write the current page content to
+** the database file. If a savepoint transaction were rolled back after
+** this happened, the correct behavior would be to restore the current
+** content of the page. However, since this content is not present in either
+** the database file or the portion of the rollback journal and
+** sub-journal rolled back the content could not be restored and the
+** database image would become corrupt. It is therefore fortunate that
+** this circumstance cannot arise.
+*/
+#if defined(SQLITE_DEBUG)
+static void assertTruncateConstraintCb(PgHdr *pPg){
+ assert( pPg->flags&PGHDR_DIRTY );
+ assert( !subjRequiresPage(pPg) || pPg->pgno<=pPg->pPager->dbSize );
+}
+static void assertTruncateConstraint(Pager *pPager){
+ sqlite3PcacheIterateDirty(pPager->pPCache, assertTruncateConstraintCb);
+}
+#else
+# define assertTruncateConstraint(pPager)
+#endif
+
+/*
+** Truncate the in-memory database file image to nPage pages. This
+** function does not actually modify the database file on disk. It
+** just sets the internal state of the pager object so that the
+** truncation will be done when the current transaction is committed.
+**
+** This function is only called right before committing a transaction.
+** Once this function has been called, the transaction must either be
+** rolled back or committed. It is not safe to call this function and
+** then continue writing to the database.
+*/
+SQLITE_PRIVATE void sqlite3PagerTruncateImage(Pager *pPager, Pgno nPage){
+ assert( pPager->dbSize>=nPage );
+ assert( pPager->eState>=PAGER_WRITER_CACHEMOD );
+ pPager->dbSize = nPage;
+
+ /* At one point the code here called assertTruncateConstraint() to
+ ** ensure that all pages being truncated away by this operation are,
+ ** if one or more savepoints are open, present in the savepoint
+ ** journal so that they can be restored if the savepoint is rolled
+ ** back. This is no longer necessary as this function is now only
+ ** called right before committing a transaction. So although the
+ ** Pager object may still have open savepoints (Pager.nSavepoint!=0),
+ ** they cannot be rolled back. So the assertTruncateConstraint() call
+ ** is no longer correct. */
+}
+
+
+/*
+** This function is called before attempting a hot-journal rollback. It
+** syncs the journal file to disk, then sets pPager->journalHdr to the
+** size of the journal file so that the pager_playback() routine knows
+** that the entire journal file has been synced.
+**
+** Syncing a hot-journal to disk before attempting to roll it back ensures
+** that if a power-failure occurs during the rollback, the process that
+** attempts rollback following system recovery sees the same journal
+** content as this process.
+**
+** If everything goes as planned, SQLITE_OK is returned. Otherwise,
+** an SQLite error code.
+*/
+static int pagerSyncHotJournal(Pager *pPager){
+ int rc = SQLITE_OK;
+ if( !pPager->noSync ){
+ rc = sqlite3OsSync(pPager->jfd, SQLITE_SYNC_NORMAL);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3OsFileSize(pPager->jfd, &pPager->journalHdr);
+ }
+ return rc;
+}
+
+/*
+** Obtain a reference to a memory mapped page object for page number pgno.
+** The new object will use the pointer pData, obtained from xFetch().
+** If successful, set *ppPage to point to the new page reference
+** and return SQLITE_OK. Otherwise, return an SQLite error code and set
+** *ppPage to zero.
+**
+** Page references obtained by calling this function should be released
+** by calling pagerReleaseMapPage().
+*/
+static int pagerAcquireMapPage(
+ Pager *pPager, /* Pager object */
+ Pgno pgno, /* Page number */
+ void *pData, /* xFetch()'d data for this page */
+ PgHdr **ppPage /* OUT: Acquired page object */
+){
+ PgHdr *p; /* Memory mapped page to return */
+
+ if( pPager->pMmapFreelist ){
+ *ppPage = p = pPager->pMmapFreelist;
+ pPager->pMmapFreelist = p->pDirty;
+ p->pDirty = 0;
+ memset(p->pExtra, 0, pPager->nExtra);
+ }else{
+ *ppPage = p = (PgHdr *)sqlite3MallocZero(sizeof(PgHdr) + pPager->nExtra);
+ if( p==0 ){
+ sqlite3OsUnfetch(pPager->fd, (i64)(pgno-1) * pPager->pageSize, pData);
+ return SQLITE_NOMEM;
+ }
+ p->pExtra = (void *)&p[1];
+ p->flags = PGHDR_MMAP;
+ p->nRef = 1;
+ p->pPager = pPager;
+ }
+
+ assert( p->pExtra==(void *)&p[1] );
+ assert( p->pPage==0 );
+ assert( p->flags==PGHDR_MMAP );
+ assert( p->pPager==pPager );
+ assert( p->nRef==1 );
+
+ p->pgno = pgno;
+ p->pData = pData;
+ pPager->nMmapOut++;
+
+ return SQLITE_OK;
+}
+
+/*
+** Release a reference to page pPg. pPg must have been returned by an
+** earlier call to pagerAcquireMapPage().
+*/
+static void pagerReleaseMapPage(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ pPager->nMmapOut--;
+ pPg->pDirty = pPager->pMmapFreelist;
+ pPager->pMmapFreelist = pPg;
+
+ assert( pPager->fd->pMethods->iVersion>=3 );
+ sqlite3OsUnfetch(pPager->fd, (i64)(pPg->pgno-1)*pPager->pageSize, pPg->pData);
+}
+
+/*
+** Free all PgHdr objects stored in the Pager.pMmapFreelist list.
+*/
+static void pagerFreeMapHdrs(Pager *pPager){
+ PgHdr *p;
+ PgHdr *pNext;
+ for(p=pPager->pMmapFreelist; p; p=pNext){
+ pNext = p->pDirty;
+ sqlite3_free(p);
+ }
+}
+
+
+/*
+** Shutdown the page cache. Free all memory and close all files.
+**
+** If a transaction was in progress when this routine is called, that
+** transaction is rolled back. All outstanding pages are invalidated
+** and their memory is freed. Any attempt to use a page associated
+** with this page cache after this function returns will likely
+** result in a coredump.
+**
+** This function always succeeds. If a transaction is active an attempt
+** is made to roll it back. If an error occurs during the rollback
+** a hot journal may be left in the filesystem but no error is returned
+** to the caller.
+*/
+SQLITE_PRIVATE int sqlite3PagerClose(Pager *pPager){
+ u8 *pTmp = (u8 *)pPager->pTmpSpace;
+
+ assert( assert_pager_state(pPager) );
+ disable_simulated_io_errors();
+ sqlite3BeginBenignMalloc();
+ pagerFreeMapHdrs(pPager);
+ /* pPager->errCode = 0; */
+ pPager->exclusiveMode = 0;
+#ifndef SQLITE_OMIT_WAL
+ sqlite3WalClose(pPager->pWal, pPager->ckptSyncFlags, pPager->pageSize, pTmp);
+ pPager->pWal = 0;
+#endif
+ pager_reset(pPager);
+ if( MEMDB ){
+ pager_unlock(pPager);
+ }else{
+ /* If it is open, sync the journal file before calling UnlockAndRollback.
+ ** If this is not done, then an unsynced portion of the open journal
+ ** file may be played back into the database. If a power failure occurs
+ ** while this is happening, the database could become corrupt.
+ **
+ ** If an error occurs while trying to sync the journal, shift the pager
+ ** into the ERROR state. This causes UnlockAndRollback to unlock the
+ ** database and close the journal file without attempting to roll it
+ ** back or finalize it. The next database user will have to do hot-journal
+ ** rollback before accessing the database file.
+ */
+ if( isOpen(pPager->jfd) ){
+ pager_error(pPager, pagerSyncHotJournal(pPager));
+ }
+ pagerUnlockAndRollback(pPager);
+ }
+ sqlite3EndBenignMalloc();
+ enable_simulated_io_errors();
+ PAGERTRACE(("CLOSE %d\n", PAGERID(pPager)));
+ IOTRACE(("CLOSE %p\n", pPager))
+ sqlite3OsClose(pPager->jfd);
+ sqlite3OsClose(pPager->fd);
+ sqlite3PageFree(pTmp);
+ sqlite3PcacheClose(pPager->pPCache);
+
+#ifdef SQLITE_HAS_CODEC
+ if( pPager->xCodecFree ) pPager->xCodecFree(pPager->pCodec);
+#endif
+
+ assert( !pPager->aSavepoint && !pPager->pInJournal );
+ assert( !isOpen(pPager->jfd) && !isOpen(pPager->sjfd) );
+
+ sqlite3_free(pPager);
+ return SQLITE_OK;
+}
+
+#if !defined(NDEBUG) || defined(SQLITE_TEST)
+/*
+** Return the page number for page pPg.
+*/
+SQLITE_PRIVATE Pgno sqlite3PagerPagenumber(DbPage *pPg){
+ return pPg->pgno;
+}
+#endif
+
+/*
+** Increment the reference count for page pPg.
+*/
+SQLITE_PRIVATE void sqlite3PagerRef(DbPage *pPg){
+ sqlite3PcacheRef(pPg);
+}
+
+/*
+** Sync the journal. In other words, make sure all the pages that have
+** been written to the journal have actually reached the surface of the
+** disk and can be restored in the event of a hot-journal rollback.
+**
+** If the Pager.noSync flag is set, then this function is a no-op.
+** Otherwise, the actions required depend on the journal-mode and the
+** device characteristics of the file-system, as follows:
+**
+** * If the journal file is an in-memory journal file, no action need
+** be taken.
+**
+** * Otherwise, if the device does not support the SAFE_APPEND property,
+** then the nRec field of the most recently written journal header
+** is updated to contain the number of journal records that have
+** been written following it. If the pager is operating in full-sync
+** mode, then the journal file is synced before this field is updated.
+**
+** * If the device does not support the SEQUENTIAL property, then
+** journal file is synced.
+**
+** Or, in pseudo-code:
+**
+** if( NOT <in-memory journal> ){
+** if( NOT SAFE_APPEND ){
+** if( <full-sync mode> ) xSync(<journal file>);
+** <update nRec field>
+** }
+** if( NOT SEQUENTIAL ) xSync(<journal file>);
+** }
+**
+** If successful, this routine clears the PGHDR_NEED_SYNC flag of every
+** page currently held in memory before returning SQLITE_OK. If an IO
+** error is encountered, then the IO error code is returned to the caller.
+*/
+static int syncJournal(Pager *pPager, int newHdr){
+ int rc; /* Return code */
+
+ assert( pPager->eState==PAGER_WRITER_CACHEMOD
+ || pPager->eState==PAGER_WRITER_DBMOD
+ );
+ assert( assert_pager_state(pPager) );
+ assert( !pagerUseWal(pPager) );
+
+ rc = sqlite3PagerExclusiveLock(pPager);
+ if( rc!=SQLITE_OK ) return rc;
+
+ if( !pPager->noSync ){
+ assert( !pPager->tempFile );
+ if( isOpen(pPager->jfd) && pPager->journalMode!=PAGER_JOURNALMODE_MEMORY ){
+ const int iDc = sqlite3OsDeviceCharacteristics(pPager->fd);
+ assert( isOpen(pPager->jfd) );
+
+ if( 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){
+ /* This block deals with an obscure problem. If the last connection
+ ** that wrote to this database was operating in persistent-journal
+ ** mode, then the journal file may at this point actually be larger
+ ** than Pager.journalOff bytes. If the next thing in the journal
+ ** file happens to be a journal-header (written as part of the
+ ** previous connection's transaction), and a crash or power-failure
+ ** occurs after nRec is updated but before this connection writes
+ ** anything else to the journal file (or commits/rolls back its
+ ** transaction), then SQLite may become confused when doing the
+ ** hot-journal rollback following recovery. It may roll back all
+ ** of this connections data, then proceed to rolling back the old,
+ ** out-of-date data that follows it. Database corruption.
+ **
+ ** To work around this, if the journal file does appear to contain
+ ** a valid header following Pager.journalOff, then write a 0x00
+ ** byte to the start of it to prevent it from being recognized.
+ **
+ ** Variable iNextHdrOffset is set to the offset at which this
+ ** problematic header will occur, if it exists. aMagic is used
+ ** as a temporary buffer to inspect the first couple of bytes of
+ ** the potential journal header.
+ */
+ i64 iNextHdrOffset;
+ u8 aMagic[8];
+ u8 zHeader[sizeof(aJournalMagic)+4];
+
+ memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic));
+ put32bits(&zHeader[sizeof(aJournalMagic)], pPager->nRec);
+
+ iNextHdrOffset = journalHdrOffset(pPager);
+ rc = sqlite3OsRead(pPager->jfd, aMagic, 8, iNextHdrOffset);
+ if( rc==SQLITE_OK && 0==memcmp(aMagic, aJournalMagic, 8) ){
+ static const u8 zerobyte = 0;
+ rc = sqlite3OsWrite(pPager->jfd, &zerobyte, 1, iNextHdrOffset);
+ }
+ if( rc!=SQLITE_OK && rc!=SQLITE_IOERR_SHORT_READ ){
+ return rc;
+ }
+
+ /* Write the nRec value into the journal file header. If in
+ ** full-synchronous mode, sync the journal first. This ensures that
+ ** all data has really hit the disk before nRec is updated to mark
+ ** it as a candidate for rollback.
+ **
+ ** This is not required if the persistent media supports the
+ ** SAFE_APPEND property. Because in this case it is not possible
+ ** for garbage data to be appended to the file, the nRec field
+ ** is populated with 0xFFFFFFFF when the journal header is written
+ ** and never needs to be updated.
+ */
+ if( pPager->fullSync && 0==(iDc&SQLITE_IOCAP_SEQUENTIAL) ){
+ PAGERTRACE(("SYNC journal of %d\n", PAGERID(pPager)));
+ IOTRACE(("JSYNC %p\n", pPager))
+ rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ IOTRACE(("JHDR %p %lld\n", pPager, pPager->journalHdr));
+ rc = sqlite3OsWrite(
+ pPager->jfd, zHeader, sizeof(zHeader), pPager->journalHdr
+ );
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ if( 0==(iDc&SQLITE_IOCAP_SEQUENTIAL) ){
+ PAGERTRACE(("SYNC journal of %d\n", PAGERID(pPager)));
+ IOTRACE(("JSYNC %p\n", pPager))
+ rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags|
+ (pPager->syncFlags==SQLITE_SYNC_FULL?SQLITE_SYNC_DATAONLY:0)
+ );
+ if( rc!=SQLITE_OK ) return rc;
+ }
+
+ pPager->journalHdr = pPager->journalOff;
+ if( newHdr && 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){
+ pPager->nRec = 0;
+ rc = writeJournalHdr(pPager);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ }else{
+ pPager->journalHdr = pPager->journalOff;
+ }
+ }
+
+ /* Unless the pager is in noSync mode, the journal file was just
+ ** successfully synced. Either way, clear the PGHDR_NEED_SYNC flag on
+ ** all pages.
+ */
+ sqlite3PcacheClearSyncFlags(pPager->pPCache);
+ pPager->eState = PAGER_WRITER_DBMOD;
+ assert( assert_pager_state(pPager) );
+ return SQLITE_OK;
+}
+
+/*
+** The argument is the first in a linked list of dirty pages connected
+** by the PgHdr.pDirty pointer. This function writes each one of the
+** in-memory pages in the list to the database file. The argument may
+** be NULL, representing an empty list. In this case this function is
+** a no-op.
+**
+** The pager must hold at least a RESERVED lock when this function
+** is called. Before writing anything to the database file, this lock
+** is upgraded to an EXCLUSIVE lock. If the lock cannot be obtained,
+** SQLITE_BUSY is returned and no data is written to the database file.
+**
+** If the pager is a temp-file pager and the actual file-system file
+** is not yet open, it is created and opened before any data is
+** written out.
+**
+** Once the lock has been upgraded and, if necessary, the file opened,
+** the pages are written out to the database file in list order. Writing
+** a page is skipped if it meets either of the following criteria:
+**
+** * The page number is greater than Pager.dbSize, or
+** * The PGHDR_DONT_WRITE flag is set on the page.
+**
+** If writing out a page causes the database file to grow, Pager.dbFileSize
+** is updated accordingly. If page 1 is written out, then the value cached
+** in Pager.dbFileVers[] is updated to match the new value stored in
+** the database file.
+**
+** If everything is successful, SQLITE_OK is returned. If an IO error
+** occurs, an IO error code is returned. Or, if the EXCLUSIVE lock cannot
+** be obtained, SQLITE_BUSY is returned.
+*/
+static int pager_write_pagelist(Pager *pPager, PgHdr *pList){
+ int rc = SQLITE_OK; /* Return code */
+
+ /* This function is only called for rollback pagers in WRITER_DBMOD state. */
+ assert( !pagerUseWal(pPager) );
+ assert( pPager->eState==PAGER_WRITER_DBMOD );
+ assert( pPager->eLock==EXCLUSIVE_LOCK );
+
+ /* If the file is a temp-file has not yet been opened, open it now. It
+ ** is not possible for rc to be other than SQLITE_OK if this branch
+ ** is taken, as pager_wait_on_lock() is a no-op for temp-files.
+ */
+ if( !isOpen(pPager->fd) ){
+ assert( pPager->tempFile && rc==SQLITE_OK );
+ rc = pagerOpentemp(pPager, pPager->fd, pPager->vfsFlags);
+ }
+
+ /* Before the first write, give the VFS a hint of what the final
+ ** file size will be.
+ */
+ assert( rc!=SQLITE_OK || isOpen(pPager->fd) );
+ if( rc==SQLITE_OK
+ && pPager->dbHintSize<pPager->dbSize
+ && (pList->pDirty || pList->pgno>pPager->dbHintSize)
+ ){
+ sqlite3_int64 szFile = pPager->pageSize * (sqlite3_int64)pPager->dbSize;
+ sqlite3OsFileControlHint(pPager->fd, SQLITE_FCNTL_SIZE_HINT, &szFile);
+ pPager->dbHintSize = pPager->dbSize;
+ }
+
+ while( rc==SQLITE_OK && pList ){
+ Pgno pgno = pList->pgno;
+
+ /* If there are dirty pages in the page cache with page numbers greater
+ ** than Pager.dbSize, this means sqlite3PagerTruncateImage() was called to
+ ** make the file smaller (presumably by auto-vacuum code). Do not write
+ ** any such pages to the file.
+ **
+ ** Also, do not write out any page that has the PGHDR_DONT_WRITE flag
+ ** set (set by sqlite3PagerDontWrite()).
+ */
+ if( pgno<=pPager->dbSize && 0==(pList->flags&PGHDR_DONT_WRITE) ){
+ i64 offset = (pgno-1)*(i64)pPager->pageSize; /* Offset to write */
+ char *pData; /* Data to write */
+
+ assert( (pList->flags&PGHDR_NEED_SYNC)==0 );
+ if( pList->pgno==1 ) pager_write_changecounter(pList);
+
+ /* Encode the database */
+ CODEC2(pPager, pList->pData, pgno, 6, return SQLITE_NOMEM, pData);
+
+ /* Write out the page data. */
+ rc = sqlite3OsWrite(pPager->fd, pData, pPager->pageSize, offset);
+
+ /* If page 1 was just written, update Pager.dbFileVers to match
+ ** the value now stored in the database file. If writing this
+ ** page caused the database file to grow, update dbFileSize.
+ */
+ if( pgno==1 ){
+ memcpy(&pPager->dbFileVers, &pData[24], sizeof(pPager->dbFileVers));
+ }
+ if( pgno>pPager->dbFileSize ){
+ pPager->dbFileSize = pgno;
+ }
+ pPager->aStat[PAGER_STAT_WRITE]++;
+
+ /* Update any backup objects copying the contents of this pager. */
+ sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)pList->pData);
+
+ PAGERTRACE(("STORE %d page %d hash(%08x)\n",
+ PAGERID(pPager), pgno, pager_pagehash(pList)));
+ IOTRACE(("PGOUT %p %d\n", pPager, pgno));
+ PAGER_INCR(sqlite3_pager_writedb_count);
+ }else{
+ PAGERTRACE(("NOSTORE %d page %d\n", PAGERID(pPager), pgno));
+ }
+ pager_set_pagehash(pList);
+ pList = pList->pDirty;
+ }
+
+ return rc;
+}
+
+/*
+** Ensure that the sub-journal file is open. If it is already open, this
+** function is a no-op.
+**
+** SQLITE_OK is returned if everything goes according to plan. An
+** SQLITE_IOERR_XXX error code is returned if a call to sqlite3OsOpen()
+** fails.
+*/
+static int openSubJournal(Pager *pPager){
+ int rc = SQLITE_OK;
+ if( !isOpen(pPager->sjfd) ){
+ if( pPager->journalMode==PAGER_JOURNALMODE_MEMORY || pPager->subjInMemory ){
+ sqlite3MemJournalOpen(pPager->sjfd);
+ }else{
+ rc = pagerOpentemp(pPager, pPager->sjfd, SQLITE_OPEN_SUBJOURNAL);
+ }
+ }
+ return rc;
+}
+
+/*
+** Append a record of the current state of page pPg to the sub-journal.
+**
+** If successful, set the bit corresponding to pPg->pgno in the bitvecs
+** for all open savepoints before returning.
+**
+** This function returns SQLITE_OK if everything is successful, an IO
+** error code if the attempt to write to the sub-journal fails, or
+** SQLITE_NOMEM if a malloc fails while setting a bit in a savepoint
+** bitvec.
+*/
+static int subjournalPage(PgHdr *pPg){
+ int rc = SQLITE_OK;
+ Pager *pPager = pPg->pPager;
+ if( pPager->journalMode!=PAGER_JOURNALMODE_OFF ){
+
+ /* Open the sub-journal, if it has not already been opened */
+ assert( pPager->useJournal );
+ assert( isOpen(pPager->jfd) || pagerUseWal(pPager) );
+ assert( isOpen(pPager->sjfd) || pPager->nSubRec==0 );
+ assert( pagerUseWal(pPager)
+ || pageInJournal(pPager, pPg)
+ || pPg->pgno>pPager->dbOrigSize
+ );
+ rc = openSubJournal(pPager);
+
+ /* If the sub-journal was opened successfully (or was already open),
+ ** write the journal record into the file. */
+ if( rc==SQLITE_OK ){
+ void *pData = pPg->pData;
+ i64 offset = (i64)pPager->nSubRec*(4+pPager->pageSize);
+ char *pData2;
+
+ CODEC2(pPager, pData, pPg->pgno, 7, return SQLITE_NOMEM, pData2);
+ PAGERTRACE(("STMT-JOURNAL %d page %d\n", PAGERID(pPager), pPg->pgno));
+ rc = write32bits(pPager->sjfd, offset, pPg->pgno);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3OsWrite(pPager->sjfd, pData2, pPager->pageSize, offset+4);
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ pPager->nSubRec++;
+ assert( pPager->nSavepoint>0 );
+ rc = addToSavepointBitvecs(pPager, pPg->pgno);
+ }
+ return rc;
+}
+static int subjournalPageIfRequired(PgHdr *pPg){
+ if( subjRequiresPage(pPg) ){
+ return subjournalPage(pPg);
+ }else{
+ return SQLITE_OK;
+ }
+}
+
+/*
+** This function is called by the pcache layer when it has reached some
+** soft memory limit. The first argument is a pointer to a Pager object
+** (cast as a void*). The pager is always 'purgeable' (not an in-memory
+** database). The second argument is a reference to a page that is
+** currently dirty but has no outstanding references. The page
+** is always associated with the Pager object passed as the first
+** argument.
+**
+** The job of this function is to make pPg clean by writing its contents
+** out to the database file, if possible. This may involve syncing the
+** journal file.
+**
+** If successful, sqlite3PcacheMakeClean() is called on the page and
+** SQLITE_OK returned. If an IO error occurs while trying to make the
+** page clean, the IO error code is returned. If the page cannot be
+** made clean for some other reason, but no error occurs, then SQLITE_OK
+** is returned by sqlite3PcacheMakeClean() is not called.
+*/
+static int pagerStress(void *p, PgHdr *pPg){
+ Pager *pPager = (Pager *)p;
+ int rc = SQLITE_OK;
+
+ assert( pPg->pPager==pPager );
+ assert( pPg->flags&PGHDR_DIRTY );
+
+ /* The doNotSpill NOSYNC bit is set during times when doing a sync of
+ ** journal (and adding a new header) is not allowed. This occurs
+ ** during calls to sqlite3PagerWrite() while trying to journal multiple
+ ** pages belonging to the same sector.
+ **
+ ** The doNotSpill ROLLBACK and OFF bits inhibits all cache spilling
+ ** regardless of whether or not a sync is required. This is set during
+ ** a rollback or by user request, respectively.
+ **
+ ** Spilling is also prohibited when in an error state since that could
+ ** lead to database corruption. In the current implementation it
+ ** is impossible for sqlite3PcacheFetch() to be called with createFlag==3
+ ** while in the error state, hence it is impossible for this routine to
+ ** be called in the error state. Nevertheless, we include a NEVER()
+ ** test for the error state as a safeguard against future changes.
+ */
+ if( NEVER(pPager->errCode) ) return SQLITE_OK;
+ testcase( pPager->doNotSpill & SPILLFLAG_ROLLBACK );
+ testcase( pPager->doNotSpill & SPILLFLAG_OFF );
+ testcase( pPager->doNotSpill & SPILLFLAG_NOSYNC );
+ if( pPager->doNotSpill
+ && ((pPager->doNotSpill & (SPILLFLAG_ROLLBACK|SPILLFLAG_OFF))!=0
+ || (pPg->flags & PGHDR_NEED_SYNC)!=0)
+ ){
+ return SQLITE_OK;
+ }
+
+ pPg->pDirty = 0;
+ if( pagerUseWal(pPager) ){
+ /* Write a single frame for this page to the log. */
+ rc = subjournalPageIfRequired(pPg);
+ if( rc==SQLITE_OK ){
+ rc = pagerWalFrames(pPager, pPg, 0, 0);
+ }
+ }else{
+
+ /* Sync the journal file if required. */
+ if( pPg->flags&PGHDR_NEED_SYNC
+ || pPager->eState==PAGER_WRITER_CACHEMOD
+ ){
+ rc = syncJournal(pPager, 1);
+ }
+
+ /* Write the contents of the page out to the database file. */
+ if( rc==SQLITE_OK ){
+ assert( (pPg->flags&PGHDR_NEED_SYNC)==0 );
+ rc = pager_write_pagelist(pPager, pPg);
+ }
+ }
+
+ /* Mark the page as clean. */
+ if( rc==SQLITE_OK ){
+ PAGERTRACE(("STRESS %d page %d\n", PAGERID(pPager), pPg->pgno));
+ sqlite3PcacheMakeClean(pPg);
+ }
+
+ return pager_error(pPager, rc);
+}
+
+/*
+** Flush all unreferenced dirty pages to disk.
+*/
+SQLITE_PRIVATE int sqlite3PagerFlush(Pager *pPager){
+ int rc = pPager->errCode;
+ if( !MEMDB ){
+ PgHdr *pList = sqlite3PcacheDirtyList(pPager->pPCache);
+ assert( assert_pager_state(pPager) );
+ while( rc==SQLITE_OK && pList ){
+ PgHdr *pNext = pList->pDirty;
+ if( pList->nRef==0 ){
+ rc = pagerStress((void*)pPager, pList);
+ }
+ pList = pNext;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Allocate and initialize a new Pager object and put a pointer to it
+** in *ppPager. The pager should eventually be freed by passing it
+** to sqlite3PagerClose().
+**
+** The zFilename argument is the path to the database file to open.
+** If zFilename is NULL then a randomly-named temporary file is created
+** and used as the file to be cached. Temporary files are be deleted
+** automatically when they are closed. If zFilename is ":memory:" then
+** all information is held in cache. It is never written to disk.
+** This can be used to implement an in-memory database.
+**
+** The nExtra parameter specifies the number of bytes of space allocated
+** along with each page reference. This space is available to the user
+** via the sqlite3PagerGetExtra() API.
+**
+** The flags argument is used to specify properties that affect the
+** operation of the pager. It should be passed some bitwise combination
+** of the PAGER_* flags.
+**
+** The vfsFlags parameter is a bitmask to pass to the flags parameter
+** of the xOpen() method of the supplied VFS when opening files.
+**
+** If the pager object is allocated and the specified file opened
+** successfully, SQLITE_OK is returned and *ppPager set to point to
+** the new pager object. If an error occurs, *ppPager is set to NULL
+** and error code returned. This function may return SQLITE_NOMEM
+** (sqlite3Malloc() is used to allocate memory), SQLITE_CANTOPEN or
+** various SQLITE_IO_XXX errors.
+*/
+SQLITE_PRIVATE int sqlite3PagerOpen(
+ sqlite3_vfs *pVfs, /* The virtual file system to use */
+ Pager **ppPager, /* OUT: Return the Pager structure here */
+ const char *zFilename, /* Name of the database file to open */
+ int nExtra, /* Extra bytes append to each in-memory page */
+ int flags, /* flags controlling this file */
+ int vfsFlags, /* flags passed through to sqlite3_vfs.xOpen() */
+ void (*xReinit)(DbPage*) /* Function to reinitialize pages */
+){
+ u8 *pPtr;
+ Pager *pPager = 0; /* Pager object to allocate and return */
+ int rc = SQLITE_OK; /* Return code */
+ int tempFile = 0; /* True for temp files (incl. in-memory files) */
+ int memDb = 0; /* True if this is an in-memory file */
+ int readOnly = 0; /* True if this is a read-only file */
+ int journalFileSize; /* Bytes to allocate for each journal fd */
+ char *zPathname = 0; /* Full path to database file */
+ int nPathname = 0; /* Number of bytes in zPathname */
+ int useJournal = (flags & PAGER_OMIT_JOURNAL)==0; /* False to omit journal */
+ int pcacheSize = sqlite3PcacheSize(); /* Bytes to allocate for PCache */
+ u32 szPageDflt = SQLITE_DEFAULT_PAGE_SIZE; /* Default page size */
+ const char *zUri = 0; /* URI args to copy */
+ int nUri = 0; /* Number of bytes of URI args at *zUri */
+
+ /* Figure out how much space is required for each journal file-handle
+ ** (there are two of them, the main journal and the sub-journal). This
+ ** is the maximum space required for an in-memory journal file handle
+ ** and a regular journal file-handle. Note that a "regular journal-handle"
+ ** may be a wrapper capable of caching the first portion of the journal
+ ** file in memory to implement the atomic-write optimization (see
+ ** source file journal.c).
+ */
+ if( sqlite3JournalSize(pVfs)>sqlite3MemJournalSize() ){
+ journalFileSize = ROUND8(sqlite3JournalSize(pVfs));
+ }else{
+ journalFileSize = ROUND8(sqlite3MemJournalSize());
+ }
+
+ /* Set the output variable to NULL in case an error occurs. */
+ *ppPager = 0;
+
+#ifndef SQLITE_OMIT_MEMORYDB
+ if( flags & PAGER_MEMORY ){
+ memDb = 1;
+ if( zFilename && zFilename[0] ){
+ zPathname = sqlite3DbStrDup(0, zFilename);
+ if( zPathname==0 ) return SQLITE_NOMEM;
+ nPathname = sqlite3Strlen30(zPathname);
+ zFilename = 0;
+ }
+ }
+#endif
+
+ /* Compute and store the full pathname in an allocated buffer pointed
+ ** to by zPathname, length nPathname. Or, if this is a temporary file,
+ ** leave both nPathname and zPathname set to 0.
+ */
+ if( zFilename && zFilename[0] ){
+ const char *z;
+ nPathname = pVfs->mxPathname+1;
+ zPathname = sqlite3DbMallocRaw(0, nPathname*2);
+ if( zPathname==0 ){
+ return SQLITE_NOMEM;
+ }
+ zPathname[0] = 0; /* Make sure initialized even if FullPathname() fails */
+ rc = sqlite3OsFullPathname(pVfs, zFilename, nPathname, zPathname);
+ nPathname = sqlite3Strlen30(zPathname);
+ z = zUri = &zFilename[sqlite3Strlen30(zFilename)+1];
+ while( *z ){
+ z += sqlite3Strlen30(z)+1;
+ z += sqlite3Strlen30(z)+1;
+ }
+ nUri = (int)(&z[1] - zUri);
+ assert( nUri>=0 );
+ if( rc==SQLITE_OK && nPathname+8>pVfs->mxPathname ){
+ /* This branch is taken when the journal path required by
+ ** the database being opened will be more than pVfs->mxPathname
+ ** bytes in length. This means the database cannot be opened,
+ ** as it will not be possible to open the journal file or even
+ ** check for a hot-journal before reading.
+ */
+ rc = SQLITE_CANTOPEN_BKPT;
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3DbFree(0, zPathname);
+ return rc;
+ }
+ }
+
+ /* Allocate memory for the Pager structure, PCache object, the
+ ** three file descriptors, the database file name and the journal
+ ** file name. The layout in memory is as follows:
+ **
+ ** Pager object (sizeof(Pager) bytes)
+ ** PCache object (sqlite3PcacheSize() bytes)
+ ** Database file handle (pVfs->szOsFile bytes)
+ ** Sub-journal file handle (journalFileSize bytes)
+ ** Main journal file handle (journalFileSize bytes)
+ ** Database file name (nPathname+1 bytes)
+ ** Journal file name (nPathname+8+1 bytes)
+ */
+ pPtr = (u8 *)sqlite3MallocZero(
+ ROUND8(sizeof(*pPager)) + /* Pager structure */
+ ROUND8(pcacheSize) + /* PCache object */
+ ROUND8(pVfs->szOsFile) + /* The main db file */
+ journalFileSize * 2 + /* The two journal files */
+ nPathname + 1 + nUri + /* zFilename */
+ nPathname + 8 + 2 /* zJournal */
+#ifndef SQLITE_OMIT_WAL
+ + nPathname + 4 + 2 /* zWal */
+#endif
+ );
+ assert( EIGHT_BYTE_ALIGNMENT(SQLITE_INT_TO_PTR(journalFileSize)) );
+ if( !pPtr ){
+ sqlite3DbFree(0, zPathname);
+ return SQLITE_NOMEM;
+ }
+ pPager = (Pager*)(pPtr);
+ pPager->pPCache = (PCache*)(pPtr += ROUND8(sizeof(*pPager)));
+ pPager->fd = (sqlite3_file*)(pPtr += ROUND8(pcacheSize));
+ pPager->sjfd = (sqlite3_file*)(pPtr += ROUND8(pVfs->szOsFile));
+ pPager->jfd = (sqlite3_file*)(pPtr += journalFileSize);
+ pPager->zFilename = (char*)(pPtr += journalFileSize);
+ assert( EIGHT_BYTE_ALIGNMENT(pPager->jfd) );
+
+ /* Fill in the Pager.zFilename and Pager.zJournal buffers, if required. */
+ if( zPathname ){
+ assert( nPathname>0 );
+ pPager->zJournal = (char*)(pPtr += nPathname + 1 + nUri);
+ memcpy(pPager->zFilename, zPathname, nPathname);
+ if( nUri ) memcpy(&pPager->zFilename[nPathname+1], zUri, nUri);
+ memcpy(pPager->zJournal, zPathname, nPathname);
+ memcpy(&pPager->zJournal[nPathname], "-journal\000", 8+2);
+ sqlite3FileSuffix3(pPager->zFilename, pPager->zJournal);
+#ifndef SQLITE_OMIT_WAL
+ pPager->zWal = &pPager->zJournal[nPathname+8+1];
+ memcpy(pPager->zWal, zPathname, nPathname);
+ memcpy(&pPager->zWal[nPathname], "-wal\000", 4+1);
+ sqlite3FileSuffix3(pPager->zFilename, pPager->zWal);
+#endif
+ sqlite3DbFree(0, zPathname);
+ }
+ pPager->pVfs = pVfs;
+ pPager->vfsFlags = vfsFlags;
+
+ /* Open the pager file.
+ */
+ if( zFilename && zFilename[0] ){
+ int fout = 0; /* VFS flags returned by xOpen() */
+ rc = sqlite3OsOpen(pVfs, pPager->zFilename, pPager->fd, vfsFlags, &fout);
+ assert( !memDb );
+ readOnly = (fout&SQLITE_OPEN_READONLY);
+
+ /* If the file was successfully opened for read/write access,
+ ** choose a default page size in case we have to create the
+ ** database file. The default page size is the maximum of:
+ **
+ ** + SQLITE_DEFAULT_PAGE_SIZE,
+ ** + The value returned by sqlite3OsSectorSize()
+ ** + The largest page size that can be written atomically.
+ */
+ if( rc==SQLITE_OK ){
+ int iDc = sqlite3OsDeviceCharacteristics(pPager->fd);
+ if( !readOnly ){
+ setSectorSize(pPager);
+ assert(SQLITE_DEFAULT_PAGE_SIZE<=SQLITE_MAX_DEFAULT_PAGE_SIZE);
+ if( szPageDflt<pPager->sectorSize ){
+ if( pPager->sectorSize>SQLITE_MAX_DEFAULT_PAGE_SIZE ){
+ szPageDflt = SQLITE_MAX_DEFAULT_PAGE_SIZE;
+ }else{
+ szPageDflt = (u32)pPager->sectorSize;
+ }
+ }
+#ifdef SQLITE_ENABLE_ATOMIC_WRITE
+ {
+ int ii;
+ assert(SQLITE_IOCAP_ATOMIC512==(512>>8));
+ assert(SQLITE_IOCAP_ATOMIC64K==(65536>>8));
+ assert(SQLITE_MAX_DEFAULT_PAGE_SIZE<=65536);
+ for(ii=szPageDflt; ii<=SQLITE_MAX_DEFAULT_PAGE_SIZE; ii=ii*2){
+ if( iDc&(SQLITE_IOCAP_ATOMIC|(ii>>8)) ){
+ szPageDflt = ii;
+ }
+ }
+ }
+#endif
+ }
+ pPager->noLock = sqlite3_uri_boolean(zFilename, "nolock", 0);
+ if( (iDc & SQLITE_IOCAP_IMMUTABLE)!=0
+ || sqlite3_uri_boolean(zFilename, "immutable", 0) ){
+ vfsFlags |= SQLITE_OPEN_READONLY;
+ goto act_like_temp_file;
+ }
+ }
+ }else{
+ /* If a temporary file is requested, it is not opened immediately.
+ ** In this case we accept the default page size and delay actually
+ ** opening the file until the first call to OsWrite().
+ **
+ ** This branch is also run for an in-memory database. An in-memory
+ ** database is the same as a temp-file that is never written out to
+ ** disk and uses an in-memory rollback journal.
+ **
+ ** This branch also runs for files marked as immutable.
+ */
+act_like_temp_file:
+ tempFile = 1;
+ pPager->eState = PAGER_READER; /* Pretend we already have a lock */
+ pPager->eLock = EXCLUSIVE_LOCK; /* Pretend we are in EXCLUSIVE mode */
+ pPager->noLock = 1; /* Do no locking */
+ readOnly = (vfsFlags&SQLITE_OPEN_READONLY);
+ }
+
+ /* The following call to PagerSetPagesize() serves to set the value of
+ ** Pager.pageSize and to allocate the Pager.pTmpSpace buffer.
+ */
+ if( rc==SQLITE_OK ){
+ assert( pPager->memDb==0 );
+ rc = sqlite3PagerSetPagesize(pPager, &szPageDflt, -1);
+ testcase( rc!=SQLITE_OK );
+ }
+
+ /* Initialize the PCache object. */
+ if( rc==SQLITE_OK ){
+ assert( nExtra<1000 );
+ nExtra = ROUND8(nExtra);
+ rc = sqlite3PcacheOpen(szPageDflt, nExtra, !memDb,
+ !memDb?pagerStress:0, (void *)pPager, pPager->pPCache);
+ }
+
+ /* If an error occurred above, free the Pager structure and close the file.
+ */
+ if( rc!=SQLITE_OK ){
+ sqlite3OsClose(pPager->fd);
+ sqlite3PageFree(pPager->pTmpSpace);
+ sqlite3_free(pPager);
+ return rc;
+ }
+
+ PAGERTRACE(("OPEN %d %s\n", FILEHANDLEID(pPager->fd), pPager->zFilename));
+ IOTRACE(("OPEN %p %s\n", pPager, pPager->zFilename))
+
+ pPager->useJournal = (u8)useJournal;
+ /* pPager->stmtOpen = 0; */
+ /* pPager->stmtInUse = 0; */
+ /* pPager->nRef = 0; */
+ /* pPager->stmtSize = 0; */
+ /* pPager->stmtJSize = 0; */
+ /* pPager->nPage = 0; */
+ pPager->mxPgno = SQLITE_MAX_PAGE_COUNT;
+ /* pPager->state = PAGER_UNLOCK; */
+ /* pPager->errMask = 0; */
+ pPager->tempFile = (u8)tempFile;
+ assert( tempFile==PAGER_LOCKINGMODE_NORMAL
+ || tempFile==PAGER_LOCKINGMODE_EXCLUSIVE );
+ assert( PAGER_LOCKINGMODE_EXCLUSIVE==1 );
+ pPager->exclusiveMode = (u8)tempFile;
+ pPager->changeCountDone = pPager->tempFile;
+ pPager->memDb = (u8)memDb;
+ pPager->readOnly = (u8)readOnly;
+ assert( useJournal || pPager->tempFile );
+ pPager->noSync = pPager->tempFile;
+ if( pPager->noSync ){
+ assert( pPager->fullSync==0 );
+ assert( pPager->syncFlags==0 );
+ assert( pPager->walSyncFlags==0 );
+ assert( pPager->ckptSyncFlags==0 );
+ }else{
+ pPager->fullSync = 1;
+ pPager->syncFlags = SQLITE_SYNC_NORMAL;
+ pPager->walSyncFlags = SQLITE_SYNC_NORMAL | WAL_SYNC_TRANSACTIONS;
+ pPager->ckptSyncFlags = SQLITE_SYNC_NORMAL;
+ }
+ /* pPager->pFirst = 0; */
+ /* pPager->pFirstSynced = 0; */
+ /* pPager->pLast = 0; */
+ pPager->nExtra = (u16)nExtra;
+ pPager->journalSizeLimit = SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT;
+ assert( isOpen(pPager->fd) || tempFile );
+ setSectorSize(pPager);
+ if( !useJournal ){
+ pPager->journalMode = PAGER_JOURNALMODE_OFF;
+ }else if( memDb ){
+ pPager->journalMode = PAGER_JOURNALMODE_MEMORY;
+ }
+ /* pPager->xBusyHandler = 0; */
+ /* pPager->pBusyHandlerArg = 0; */
+ pPager->xReiniter = xReinit;
+ /* memset(pPager->aHash, 0, sizeof(pPager->aHash)); */
+ /* pPager->szMmap = SQLITE_DEFAULT_MMAP_SIZE // will be set by btree.c */
+
+ *ppPager = pPager;
+ return SQLITE_OK;
+}
+
+
+/* Verify that the database file has not be deleted or renamed out from
+** under the pager. Return SQLITE_OK if the database is still were it ought
+** to be on disk. Return non-zero (SQLITE_READONLY_DBMOVED or some other error
+** code from sqlite3OsAccess()) if the database has gone missing.
+*/
+static int databaseIsUnmoved(Pager *pPager){
+ int bHasMoved = 0;
+ int rc;
+
+ if( pPager->tempFile ) return SQLITE_OK;
+ if( pPager->dbSize==0 ) return SQLITE_OK;
+ assert( pPager->zFilename && pPager->zFilename[0] );
+ rc = sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_HAS_MOVED, &bHasMoved);
+ if( rc==SQLITE_NOTFOUND ){
+ /* If the HAS_MOVED file-control is unimplemented, assume that the file
+ ** has not been moved. That is the historical behavior of SQLite: prior to
+ ** version 3.8.3, it never checked */
+ rc = SQLITE_OK;
+ }else if( rc==SQLITE_OK && bHasMoved ){
+ rc = SQLITE_READONLY_DBMOVED;
+ }
+ return rc;
+}
+
+
+/*
+** This function is called after transitioning from PAGER_UNLOCK to
+** PAGER_SHARED state. It tests if there is a hot journal present in
+** the file-system for the given pager. A hot journal is one that
+** needs to be played back. According to this function, a hot-journal
+** file exists if the following criteria are met:
+**
+** * The journal file exists in the file system, and
+** * No process holds a RESERVED or greater lock on the database file, and
+** * The database file itself is greater than 0 bytes in size, and
+** * The first byte of the journal file exists and is not 0x00.
+**
+** If the current size of the database file is 0 but a journal file
+** exists, that is probably an old journal left over from a prior
+** database with the same name. In this case the journal file is
+** just deleted using OsDelete, *pExists is set to 0 and SQLITE_OK
+** is returned.
+**
+** This routine does not check if there is a master journal filename
+** at the end of the file. If there is, and that master journal file
+** does not exist, then the journal file is not really hot. In this
+** case this routine will return a false-positive. The pager_playback()
+** routine will discover that the journal file is not really hot and
+** will not roll it back.
+**
+** If a hot-journal file is found to exist, *pExists is set to 1 and
+** SQLITE_OK returned. If no hot-journal file is present, *pExists is
+** set to 0 and SQLITE_OK returned. If an IO error occurs while trying
+** to determine whether or not a hot-journal file exists, the IO error
+** code is returned and the value of *pExists is undefined.
+*/
+static int hasHotJournal(Pager *pPager, int *pExists){
+ sqlite3_vfs * const pVfs = pPager->pVfs;
+ int rc = SQLITE_OK; /* Return code */
+ int exists = 1; /* True if a journal file is present */
+ int jrnlOpen = !!isOpen(pPager->jfd);
+
+ assert( pPager->useJournal );
+ assert( isOpen(pPager->fd) );
+ assert( pPager->eState==PAGER_OPEN );
+
+ assert( jrnlOpen==0 || ( sqlite3OsDeviceCharacteristics(pPager->jfd) &
+ SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN
+ ));
+
+ *pExists = 0;
+ if( !jrnlOpen ){
+ rc = sqlite3OsAccess(pVfs, pPager->zJournal, SQLITE_ACCESS_EXISTS, &exists);
+ }
+ if( rc==SQLITE_OK && exists ){
+ int locked = 0; /* True if some process holds a RESERVED lock */
+
+ /* Race condition here: Another process might have been holding the
+ ** the RESERVED lock and have a journal open at the sqlite3OsAccess()
+ ** call above, but then delete the journal and drop the lock before
+ ** we get to the following sqlite3OsCheckReservedLock() call. If that
+ ** is the case, this routine might think there is a hot journal when
+ ** in fact there is none. This results in a false-positive which will
+ ** be dealt with by the playback routine. Ticket #3883.
+ */
+ rc = sqlite3OsCheckReservedLock(pPager->fd, &locked);
+ if( rc==SQLITE_OK && !locked ){
+ Pgno nPage; /* Number of pages in database file */
+
+ rc = pagerPagecount(pPager, &nPage);
+ if( rc==SQLITE_OK ){
+ /* If the database is zero pages in size, that means that either (1) the
+ ** journal is a remnant from a prior database with the same name where
+ ** the database file but not the journal was deleted, or (2) the initial
+ ** transaction that populates a new database is being rolled back.
+ ** In either case, the journal file can be deleted. However, take care
+ ** not to delete the journal file if it is already open due to
+ ** journal_mode=PERSIST.
+ */
+ if( nPage==0 && !jrnlOpen ){
+ sqlite3BeginBenignMalloc();
+ if( pagerLockDb(pPager, RESERVED_LOCK)==SQLITE_OK ){
+ sqlite3OsDelete(pVfs, pPager->zJournal, 0);
+ if( !pPager->exclusiveMode ) pagerUnlockDb(pPager, SHARED_LOCK);
+ }
+ sqlite3EndBenignMalloc();
+ }else{
+ /* The journal file exists and no other connection has a reserved
+ ** or greater lock on the database file. Now check that there is
+ ** at least one non-zero bytes at the start of the journal file.
+ ** If there is, then we consider this journal to be hot. If not,
+ ** it can be ignored.
+ */
+ if( !jrnlOpen ){
+ int f = SQLITE_OPEN_READONLY|SQLITE_OPEN_MAIN_JOURNAL;
+ rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &f);
+ }
+ if( rc==SQLITE_OK ){
+ u8 first = 0;
+ rc = sqlite3OsRead(pPager->jfd, (void *)&first, 1, 0);
+ if( rc==SQLITE_IOERR_SHORT_READ ){
+ rc = SQLITE_OK;
+ }
+ if( !jrnlOpen ){
+ sqlite3OsClose(pPager->jfd);
+ }
+ *pExists = (first!=0);
+ }else if( rc==SQLITE_CANTOPEN ){
+ /* If we cannot open the rollback journal file in order to see if
+ ** it has a zero header, that might be due to an I/O error, or
+ ** it might be due to the race condition described above and in
+ ** ticket #3883. Either way, assume that the journal is hot.
+ ** This might be a false positive. But if it is, then the
+ ** automatic journal playback and recovery mechanism will deal
+ ** with it under an EXCLUSIVE lock where we do not need to
+ ** worry so much with race conditions.
+ */
+ *pExists = 1;
+ rc = SQLITE_OK;
+ }
+ }
+ }
+ }
+ }
+
+ return rc;
+}
+
+/*
+** This function is called to obtain a shared lock on the database file.
+** It is illegal to call sqlite3PagerGet() until after this function
+** has been successfully called. If a shared-lock is already held when
+** this function is called, it is a no-op.
+**
+** The following operations are also performed by this function.
+**
+** 1) If the pager is currently in PAGER_OPEN state (no lock held
+** on the database file), then an attempt is made to obtain a
+** SHARED lock on the database file. Immediately after obtaining
+** the SHARED lock, the file-system is checked for a hot-journal,
+** which is played back if present. Following any hot-journal
+** rollback, the contents of the cache are validated by checking
+** the 'change-counter' field of the database file header and
+** discarded if they are found to be invalid.
+**
+** 2) If the pager is running in exclusive-mode, and there are currently
+** no outstanding references to any pages, and is in the error state,
+** then an attempt is made to clear the error state by discarding
+** the contents of the page cache and rolling back any open journal
+** file.
+**
+** If everything is successful, SQLITE_OK is returned. If an IO error
+** occurs while locking the database, checking for a hot-journal file or
+** rolling back a journal file, the IO error code is returned.
+*/
+SQLITE_PRIVATE int sqlite3PagerSharedLock(Pager *pPager){
+ int rc = SQLITE_OK; /* Return code */
+
+ /* This routine is only called from b-tree and only when there are no
+ ** outstanding pages. This implies that the pager state should either
+ ** be OPEN or READER. READER is only possible if the pager is or was in
+ ** exclusive access mode.
+ */
+ assert( sqlite3PcacheRefCount(pPager->pPCache)==0 );
+ assert( assert_pager_state(pPager) );
+ assert( pPager->eState==PAGER_OPEN || pPager->eState==PAGER_READER );
+ if( NEVER(MEMDB && pPager->errCode) ){ return pPager->errCode; }
+
+ if( !pagerUseWal(pPager) && pPager->eState==PAGER_OPEN ){
+ int bHotJournal = 1; /* True if there exists a hot journal-file */
+
+ assert( !MEMDB );
+
+ rc = pager_wait_on_lock(pPager, SHARED_LOCK);
+ if( rc!=SQLITE_OK ){
+ assert( pPager->eLock==NO_LOCK || pPager->eLock==UNKNOWN_LOCK );
+ goto failed;
+ }
+
+ /* If a journal file exists, and there is no RESERVED lock on the
+ ** database file, then it either needs to be played back or deleted.
+ */
+ if( pPager->eLock<=SHARED_LOCK ){
+ rc = hasHotJournal(pPager, &bHotJournal);
+ }
+ if( rc!=SQLITE_OK ){
+ goto failed;
+ }
+ if( bHotJournal ){
+ if( pPager->readOnly ){
+ rc = SQLITE_READONLY_ROLLBACK;
+ goto failed;
+ }
+
+ /* Get an EXCLUSIVE lock on the database file. At this point it is
+ ** important that a RESERVED lock is not obtained on the way to the
+ ** EXCLUSIVE lock. If it were, another process might open the
+ ** database file, detect the RESERVED lock, and conclude that the
+ ** database is safe to read while this process is still rolling the
+ ** hot-journal back.
+ **
+ ** Because the intermediate RESERVED lock is not requested, any
+ ** other process attempting to access the database file will get to
+ ** this point in the code and fail to obtain its own EXCLUSIVE lock
+ ** on the database file.
+ **
+ ** Unless the pager is in locking_mode=exclusive mode, the lock is
+ ** downgraded to SHARED_LOCK before this function returns.
+ */
+ rc = pagerLockDb(pPager, EXCLUSIVE_LOCK);
+ if( rc!=SQLITE_OK ){
+ goto failed;
+ }
+
+ /* If it is not already open and the file exists on disk, open the
+ ** journal for read/write access. Write access is required because
+ ** in exclusive-access mode the file descriptor will be kept open
+ ** and possibly used for a transaction later on. Also, write-access
+ ** is usually required to finalize the journal in journal_mode=persist
+ ** mode (and also for journal_mode=truncate on some systems).
+ **
+ ** If the journal does not exist, it usually means that some
+ ** other connection managed to get in and roll it back before
+ ** this connection obtained the exclusive lock above. Or, it
+ ** may mean that the pager was in the error-state when this
+ ** function was called and the journal file does not exist.
+ */
+ if( !isOpen(pPager->jfd) ){
+ sqlite3_vfs * const pVfs = pPager->pVfs;
+ int bExists; /* True if journal file exists */
+ rc = sqlite3OsAccess(
+ pVfs, pPager->zJournal, SQLITE_ACCESS_EXISTS, &bExists);
+ if( rc==SQLITE_OK && bExists ){
+ int fout = 0;
+ int f = SQLITE_OPEN_READWRITE|SQLITE_OPEN_MAIN_JOURNAL;
+ assert( !pPager->tempFile );
+ rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &fout);
+ assert( rc!=SQLITE_OK || isOpen(pPager->jfd) );
+ if( rc==SQLITE_OK && fout&SQLITE_OPEN_READONLY ){
+ rc = SQLITE_CANTOPEN_BKPT;
+ sqlite3OsClose(pPager->jfd);
+ }
+ }
+ }
+
+ /* Playback and delete the journal. Drop the database write
+ ** lock and reacquire the read lock. Purge the cache before
+ ** playing back the hot-journal so that we don't end up with
+ ** an inconsistent cache. Sync the hot journal before playing
+ ** it back since the process that crashed and left the hot journal
+ ** probably did not sync it and we are required to always sync
+ ** the journal before playing it back.
+ */
+ if( isOpen(pPager->jfd) ){
+ assert( rc==SQLITE_OK );
+ rc = pagerSyncHotJournal(pPager);
+ if( rc==SQLITE_OK ){
+ rc = pager_playback(pPager, 1);
+ pPager->eState = PAGER_OPEN;
+ }
+ }else if( !pPager->exclusiveMode ){
+ pagerUnlockDb(pPager, SHARED_LOCK);
+ }
+
+ if( rc!=SQLITE_OK ){
+ /* This branch is taken if an error occurs while trying to open
+ ** or roll back a hot-journal while holding an EXCLUSIVE lock. The
+ ** pager_unlock() routine will be called before returning to unlock
+ ** the file. If the unlock attempt fails, then Pager.eLock must be
+ ** set to UNKNOWN_LOCK (see the comment above the #define for
+ ** UNKNOWN_LOCK above for an explanation).
+ **
+ ** In order to get pager_unlock() to do this, set Pager.eState to
+ ** PAGER_ERROR now. This is not actually counted as a transition
+ ** to ERROR state in the state diagram at the top of this file,
+ ** since we know that the same call to pager_unlock() will very
+ ** shortly transition the pager object to the OPEN state. Calling
+ ** assert_pager_state() would fail now, as it should not be possible
+ ** to be in ERROR state when there are zero outstanding page
+ ** references.
+ */
+ pager_error(pPager, rc);
+ goto failed;
+ }
+
+ assert( pPager->eState==PAGER_OPEN );
+ assert( (pPager->eLock==SHARED_LOCK)
+ || (pPager->exclusiveMode && pPager->eLock>SHARED_LOCK)
+ );
+ }
+
+ if( !pPager->tempFile && pPager->hasHeldSharedLock ){
+ /* The shared-lock has just been acquired then check to
+ ** see if the database has been modified. If the database has changed,
+ ** flush the cache. The hasHeldSharedLock flag prevents this from
+ ** occurring on the very first access to a file, in order to save a
+ ** single unnecessary sqlite3OsRead() call at the start-up.
+ **
+ ** Database changes are detected by looking at 15 bytes beginning
+ ** at offset 24 into the file. The first 4 of these 16 bytes are
+ ** a 32-bit counter that is incremented with each change. The
+ ** other bytes change randomly with each file change when
+ ** a codec is in use.
+ **
+ ** There is a vanishingly small chance that a change will not be
+ ** detected. The chance of an undetected change is so small that
+ ** it can be neglected.
+ */
+ Pgno nPage = 0;
+ char dbFileVers[sizeof(pPager->dbFileVers)];
+
+ rc = pagerPagecount(pPager, &nPage);
+ if( rc ) goto failed;
+
+ if( nPage>0 ){
+ IOTRACE(("CKVERS %p %d\n", pPager, sizeof(dbFileVers)));
+ rc = sqlite3OsRead(pPager->fd, &dbFileVers, sizeof(dbFileVers), 24);
+ if( rc!=SQLITE_OK && rc!=SQLITE_IOERR_SHORT_READ ){
+ goto failed;
+ }
+ }else{
+ memset(dbFileVers, 0, sizeof(dbFileVers));
+ }
+
+ if( memcmp(pPager->dbFileVers, dbFileVers, sizeof(dbFileVers))!=0 ){
+ pager_reset(pPager);
+
+ /* Unmap the database file. It is possible that external processes
+ ** may have truncated the database file and then extended it back
+ ** to its original size while this process was not holding a lock.
+ ** In this case there may exist a Pager.pMap mapping that appears
+ ** to be the right size but is not actually valid. Avoid this
+ ** possibility by unmapping the db here. */
+ if( USEFETCH(pPager) ){
+ sqlite3OsUnfetch(pPager->fd, 0, 0);
+ }
+ }
+ }
+
+ /* If there is a WAL file in the file-system, open this database in WAL
+ ** mode. Otherwise, the following function call is a no-op.
+ */
+ rc = pagerOpenWalIfPresent(pPager);
+#ifndef SQLITE_OMIT_WAL
+ assert( pPager->pWal==0 || rc==SQLITE_OK );
+#endif
+ }
+
+ if( pagerUseWal(pPager) ){
+ assert( rc==SQLITE_OK );
+ rc = pagerBeginReadTransaction(pPager);
+ }
+
+ if( pPager->eState==PAGER_OPEN && rc==SQLITE_OK ){
+ rc = pagerPagecount(pPager, &pPager->dbSize);
+ }
+
+ failed:
+ if( rc!=SQLITE_OK ){
+ assert( !MEMDB );
+ pager_unlock(pPager);
+ assert( pPager->eState==PAGER_OPEN );
+ }else{
+ pPager->eState = PAGER_READER;
+ pPager->hasHeldSharedLock = 1;
+ }
+ return rc;
+}
+
+/*
+** If the reference count has reached zero, rollback any active
+** transaction and unlock the pager.
+**
+** Except, in locking_mode=EXCLUSIVE when there is nothing to in
+** the rollback journal, the unlock is not performed and there is
+** nothing to rollback, so this routine is a no-op.
+*/
+static void pagerUnlockIfUnused(Pager *pPager){
+ if( pPager->nMmapOut==0 && (sqlite3PcacheRefCount(pPager->pPCache)==0) ){
+ pagerUnlockAndRollback(pPager);
+ }
+}
+
+/*
+** Acquire a reference to page number pgno in pager pPager (a page
+** reference has type DbPage*). If the requested reference is
+** successfully obtained, it is copied to *ppPage and SQLITE_OK returned.
+**
+** If the requested page is already in the cache, it is returned.
+** Otherwise, a new page object is allocated and populated with data
+** read from the database file. In some cases, the pcache module may
+** choose not to allocate a new page object and may reuse an existing
+** object with no outstanding references.
+**
+** The extra data appended to a page is always initialized to zeros the
+** first time a page is loaded into memory. If the page requested is
+** already in the cache when this function is called, then the extra
+** data is left as it was when the page object was last used.
+**
+** If the database image is smaller than the requested page or if a
+** non-zero value is passed as the noContent parameter and the
+** requested page is not already stored in the cache, then no
+** actual disk read occurs. In this case the memory image of the
+** page is initialized to all zeros.
+**
+** If noContent is true, it means that we do not care about the contents
+** of the page. This occurs in two scenarios:
+**
+** a) When reading a free-list leaf page from the database, and
+**
+** b) When a savepoint is being rolled back and we need to load
+** a new page into the cache to be filled with the data read
+** from the savepoint journal.
+**
+** If noContent is true, then the data returned is zeroed instead of
+** being read from the database. Additionally, the bits corresponding
+** to pgno in Pager.pInJournal (bitvec of pages already written to the
+** journal file) and the PagerSavepoint.pInSavepoint bitvecs of any open
+** savepoints are set. This means if the page is made writable at any
+** point in the future, using a call to sqlite3PagerWrite(), its contents
+** will not be journaled. This saves IO.
+**
+** The acquisition might fail for several reasons. In all cases,
+** an appropriate error code is returned and *ppPage is set to NULL.
+**
+** See also sqlite3PagerLookup(). Both this routine and Lookup() attempt
+** to find a page in the in-memory cache first. If the page is not already
+** in memory, this routine goes to disk to read it in whereas Lookup()
+** just returns 0. This routine acquires a read-lock the first time it
+** has to go to disk, and could also playback an old journal if necessary.
+** Since Lookup() never goes to disk, it never has to deal with locks
+** or journal files.
+*/
+SQLITE_PRIVATE int sqlite3PagerGet(
+ Pager *pPager, /* The pager open on the database file */
+ Pgno pgno, /* Page number to fetch */
+ DbPage **ppPage, /* Write a pointer to the page here */
+ int flags /* PAGER_GET_XXX flags */
+){
+ int rc = SQLITE_OK;
+ PgHdr *pPg = 0;
+ u32 iFrame = 0; /* Frame to read from WAL file */
+ const int noContent = (flags & PAGER_GET_NOCONTENT);
+
+ /* It is acceptable to use a read-only (mmap) page for any page except
+ ** page 1 if there is no write-transaction open or the ACQUIRE_READONLY
+ ** flag was specified by the caller. And so long as the db is not a
+ ** temporary or in-memory database. */
+ const int bMmapOk = (pgno>1 && USEFETCH(pPager)
+ && (pPager->eState==PAGER_READER || (flags & PAGER_GET_READONLY))
+#ifdef SQLITE_HAS_CODEC
+ && pPager->xCodec==0
+#endif
+ );
+
+ /* Optimization note: Adding the "pgno<=1" term before "pgno==0" here
+ ** allows the compiler optimizer to reuse the results of the "pgno>1"
+ ** test in the previous statement, and avoid testing pgno==0 in the
+ ** common case where pgno is large. */
+ if( pgno<=1 && pgno==0 ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ assert( pPager->eState>=PAGER_READER );
+ assert( assert_pager_state(pPager) );
+ assert( noContent==0 || bMmapOk==0 );
+
+ assert( pPager->hasHeldSharedLock==1 );
+
+ /* If the pager is in the error state, return an error immediately.
+ ** Otherwise, request the page from the PCache layer. */
+ if( pPager->errCode!=SQLITE_OK ){
+ rc = pPager->errCode;
+ }else{
+ if( bMmapOk && pagerUseWal(pPager) ){
+ rc = sqlite3WalFindFrame(pPager->pWal, pgno, &iFrame);
+ if( rc!=SQLITE_OK ) goto pager_acquire_err;
+ }
+
+ if( bMmapOk && iFrame==0 ){
+ void *pData = 0;
+
+ rc = sqlite3OsFetch(pPager->fd,
+ (i64)(pgno-1) * pPager->pageSize, pPager->pageSize, &pData
+ );
+
+ if( rc==SQLITE_OK && pData ){
+ if( pPager->eState>PAGER_READER ){
+ pPg = sqlite3PagerLookup(pPager, pgno);
+ }
+ if( pPg==0 ){
+ rc = pagerAcquireMapPage(pPager, pgno, pData, &pPg);
+ }else{
+ sqlite3OsUnfetch(pPager->fd, (i64)(pgno-1)*pPager->pageSize, pData);
+ }
+ if( pPg ){
+ assert( rc==SQLITE_OK );
+ *ppPage = pPg;
+ return SQLITE_OK;
+ }
+ }
+ if( rc!=SQLITE_OK ){
+ goto pager_acquire_err;
+ }
+ }
+
+ {
+ sqlite3_pcache_page *pBase;
+ pBase = sqlite3PcacheFetch(pPager->pPCache, pgno, 3);
+ if( pBase==0 ){
+ rc = sqlite3PcacheFetchStress(pPager->pPCache, pgno, &pBase);
+ if( rc!=SQLITE_OK ) goto pager_acquire_err;
+ if( pBase==0 ){
+ pPg = *ppPage = 0;
+ rc = SQLITE_NOMEM;
+ goto pager_acquire_err;
+ }
+ }
+ pPg = *ppPage = sqlite3PcacheFetchFinish(pPager->pPCache, pgno, pBase);
+ assert( pPg!=0 );
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ /* Either the call to sqlite3PcacheFetch() returned an error or the
+ ** pager was already in the error-state when this function was called.
+ ** Set pPg to 0 and jump to the exception handler. */
+ pPg = 0;
+ goto pager_acquire_err;
+ }
+ assert( pPg==(*ppPage) );
+ assert( pPg->pgno==pgno );
+ assert( pPg->pPager==pPager || pPg->pPager==0 );
+
+ if( pPg->pPager && !noContent ){
+ /* In this case the pcache already contains an initialized copy of
+ ** the page. Return without further ado. */
+ assert( pgno<=PAGER_MAX_PGNO && pgno!=PAGER_MJ_PGNO(pPager) );
+ pPager->aStat[PAGER_STAT_HIT]++;
+ return SQLITE_OK;
+
+ }else{
+ /* The pager cache has created a new page. Its content needs to
+ ** be initialized. */
+
+ pPg->pPager = pPager;
+
+ /* The maximum page number is 2^31. Return SQLITE_CORRUPT if a page
+ ** number greater than this, or the unused locking-page, is requested. */
+ if( pgno>PAGER_MAX_PGNO || pgno==PAGER_MJ_PGNO(pPager) ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto pager_acquire_err;
+ }
+
+ if( MEMDB || pPager->dbSize<pgno || noContent || !isOpen(pPager->fd) ){
+ if( pgno>pPager->mxPgno ){
+ rc = SQLITE_FULL;
+ goto pager_acquire_err;
+ }
+ if( noContent ){
+ /* Failure to set the bits in the InJournal bit-vectors is benign.
+ ** It merely means that we might do some extra work to journal a
+ ** page that does not need to be journaled. Nevertheless, be sure
+ ** to test the case where a malloc error occurs while trying to set
+ ** a bit in a bit vector.
+ */
+ sqlite3BeginBenignMalloc();
+ if( pgno<=pPager->dbOrigSize ){
+ TESTONLY( rc = ) sqlite3BitvecSet(pPager->pInJournal, pgno);
+ testcase( rc==SQLITE_NOMEM );
+ }
+ TESTONLY( rc = ) addToSavepointBitvecs(pPager, pgno);
+ testcase( rc==SQLITE_NOMEM );
+ sqlite3EndBenignMalloc();
+ }
+ memset(pPg->pData, 0, pPager->pageSize);
+ IOTRACE(("ZERO %p %d\n", pPager, pgno));
+ }else{
+ if( pagerUseWal(pPager) && bMmapOk==0 ){
+ rc = sqlite3WalFindFrame(pPager->pWal, pgno, &iFrame);
+ if( rc!=SQLITE_OK ) goto pager_acquire_err;
+ }
+ assert( pPg->pPager==pPager );
+ pPager->aStat[PAGER_STAT_MISS]++;
+ rc = readDbPage(pPg, iFrame);
+ if( rc!=SQLITE_OK ){
+ goto pager_acquire_err;
+ }
+ }
+ pager_set_pagehash(pPg);
+ }
+
+ return SQLITE_OK;
+
+pager_acquire_err:
+ assert( rc!=SQLITE_OK );
+ if( pPg ){
+ sqlite3PcacheDrop(pPg);
+ }
+ pagerUnlockIfUnused(pPager);
+
+ *ppPage = 0;
+ return rc;
+}
+
+/*
+** Acquire a page if it is already in the in-memory cache. Do
+** not read the page from disk. Return a pointer to the page,
+** or 0 if the page is not in cache.
+**
+** See also sqlite3PagerGet(). The difference between this routine
+** and sqlite3PagerGet() is that _get() will go to the disk and read
+** in the page if the page is not already in cache. This routine
+** returns NULL if the page is not in cache or if a disk I/O error
+** has ever happened.
+*/
+SQLITE_PRIVATE DbPage *sqlite3PagerLookup(Pager *pPager, Pgno pgno){
+ sqlite3_pcache_page *pPage;
+ assert( pPager!=0 );
+ assert( pgno!=0 );
+ assert( pPager->pPCache!=0 );
+ pPage = sqlite3PcacheFetch(pPager->pPCache, pgno, 0);
+ assert( pPage==0 || pPager->hasHeldSharedLock );
+ if( pPage==0 ) return 0;
+ return sqlite3PcacheFetchFinish(pPager->pPCache, pgno, pPage);
+}
+
+/*
+** Release a page reference.
+**
+** If the number of references to the page drop to zero, then the
+** page is added to the LRU list. When all references to all pages
+** are released, a rollback occurs and the lock on the database is
+** removed.
+*/
+SQLITE_PRIVATE void sqlite3PagerUnrefNotNull(DbPage *pPg){
+ Pager *pPager;
+ assert( pPg!=0 );
+ pPager = pPg->pPager;
+ if( pPg->flags & PGHDR_MMAP ){
+ pagerReleaseMapPage(pPg);
+ }else{
+ sqlite3PcacheRelease(pPg);
+ }
+ pagerUnlockIfUnused(pPager);
+}
+SQLITE_PRIVATE void sqlite3PagerUnref(DbPage *pPg){
+ if( pPg ) sqlite3PagerUnrefNotNull(pPg);
+}
+
+/*
+** This function is called at the start of every write transaction.
+** There must already be a RESERVED or EXCLUSIVE lock on the database
+** file when this routine is called.
+**
+** Open the journal file for pager pPager and write a journal header
+** to the start of it. If there are active savepoints, open the sub-journal
+** as well. This function is only used when the journal file is being
+** opened to write a rollback log for a transaction. It is not used
+** when opening a hot journal file to roll it back.
+**
+** If the journal file is already open (as it may be in exclusive mode),
+** then this function just writes a journal header to the start of the
+** already open file.
+**
+** Whether or not the journal file is opened by this function, the
+** Pager.pInJournal bitvec structure is allocated.
+**
+** Return SQLITE_OK if everything is successful. Otherwise, return
+** SQLITE_NOMEM if the attempt to allocate Pager.pInJournal fails, or
+** an IO error code if opening or writing the journal file fails.
+*/
+static int pager_open_journal(Pager *pPager){
+ int rc = SQLITE_OK; /* Return code */
+ sqlite3_vfs * const pVfs = pPager->pVfs; /* Local cache of vfs pointer */
+
+ assert( pPager->eState==PAGER_WRITER_LOCKED );
+ assert( assert_pager_state(pPager) );
+ assert( pPager->pInJournal==0 );
+
+ /* If already in the error state, this function is a no-op. But on
+ ** the other hand, this routine is never called if we are already in
+ ** an error state. */
+ if( NEVER(pPager->errCode) ) return pPager->errCode;
+
+ if( !pagerUseWal(pPager) && pPager->journalMode!=PAGER_JOURNALMODE_OFF ){
+ pPager->pInJournal = sqlite3BitvecCreate(pPager->dbSize);
+ if( pPager->pInJournal==0 ){
+ return SQLITE_NOMEM;
+ }
+
+ /* Open the journal file if it is not already open. */
+ if( !isOpen(pPager->jfd) ){
+ if( pPager->journalMode==PAGER_JOURNALMODE_MEMORY ){
+ sqlite3MemJournalOpen(pPager->jfd);
+ }else{
+ const int flags = /* VFS flags to open journal file */
+ SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE|
+ (pPager->tempFile ?
+ (SQLITE_OPEN_DELETEONCLOSE|SQLITE_OPEN_TEMP_JOURNAL):
+ (SQLITE_OPEN_MAIN_JOURNAL)
+ );
+
+ /* Verify that the database still has the same name as it did when
+ ** it was originally opened. */
+ rc = databaseIsUnmoved(pPager);
+ if( rc==SQLITE_OK ){
+#ifdef SQLITE_ENABLE_ATOMIC_WRITE
+ rc = sqlite3JournalOpen(
+ pVfs, pPager->zJournal, pPager->jfd, flags, jrnlBufferSize(pPager)
+ );
+#else
+ rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, flags, 0);
+#endif
+ }
+ }
+ assert( rc!=SQLITE_OK || isOpen(pPager->jfd) );
+ }
+
+
+ /* Write the first journal header to the journal file and open
+ ** the sub-journal if necessary.
+ */
+ if( rc==SQLITE_OK ){
+ /* TODO: Check if all of these are really required. */
+ pPager->nRec = 0;
+ pPager->journalOff = 0;
+ pPager->setMaster = 0;
+ pPager->journalHdr = 0;
+ rc = writeJournalHdr(pPager);
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3BitvecDestroy(pPager->pInJournal);
+ pPager->pInJournal = 0;
+ }else{
+ assert( pPager->eState==PAGER_WRITER_LOCKED );
+ pPager->eState = PAGER_WRITER_CACHEMOD;
+ }
+
+ return rc;
+}
+
+/*
+** Begin a write-transaction on the specified pager object. If a
+** write-transaction has already been opened, this function is a no-op.
+**
+** If the exFlag argument is false, then acquire at least a RESERVED
+** lock on the database file. If exFlag is true, then acquire at least
+** an EXCLUSIVE lock. If such a lock is already held, no locking
+** functions need be called.
+**
+** If the subjInMemory argument is non-zero, then any sub-journal opened
+** within this transaction will be opened as an in-memory file. This
+** has no effect if the sub-journal is already opened (as it may be when
+** running in exclusive mode) or if the transaction does not require a
+** sub-journal. If the subjInMemory argument is zero, then any required
+** sub-journal is implemented in-memory if pPager is an in-memory database,
+** or using a temporary file otherwise.
+*/
+SQLITE_PRIVATE int sqlite3PagerBegin(Pager *pPager, int exFlag, int subjInMemory){
+ int rc = SQLITE_OK;
+
+ if( pPager->errCode ) return pPager->errCode;
+ assert( pPager->eState>=PAGER_READER && pPager->eState<PAGER_ERROR );
+ pPager->subjInMemory = (u8)subjInMemory;
+
+ if( ALWAYS(pPager->eState==PAGER_READER) ){
+ assert( pPager->pInJournal==0 );
+
+ if( pagerUseWal(pPager) ){
+ /* If the pager is configured to use locking_mode=exclusive, and an
+ ** exclusive lock on the database is not already held, obtain it now.
+ */
+ if( pPager->exclusiveMode && sqlite3WalExclusiveMode(pPager->pWal, -1) ){
+ rc = pagerLockDb(pPager, EXCLUSIVE_LOCK);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ (void)sqlite3WalExclusiveMode(pPager->pWal, 1);
+ }
+
+ /* Grab the write lock on the log file. If successful, upgrade to
+ ** PAGER_RESERVED state. Otherwise, return an error code to the caller.
+ ** The busy-handler is not invoked if another connection already
+ ** holds the write-lock. If possible, the upper layer will call it.
+ */
+ rc = sqlite3WalBeginWriteTransaction(pPager->pWal);
+ }else{
+ /* Obtain a RESERVED lock on the database file. If the exFlag parameter
+ ** is true, then immediately upgrade this to an EXCLUSIVE lock. The
+ ** busy-handler callback can be used when upgrading to the EXCLUSIVE
+ ** lock, but not when obtaining the RESERVED lock.
+ */
+ rc = pagerLockDb(pPager, RESERVED_LOCK);
+ if( rc==SQLITE_OK && exFlag ){
+ rc = pager_wait_on_lock(pPager, EXCLUSIVE_LOCK);
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ /* Change to WRITER_LOCKED state.
+ **
+ ** WAL mode sets Pager.eState to PAGER_WRITER_LOCKED or CACHEMOD
+ ** when it has an open transaction, but never to DBMOD or FINISHED.
+ ** This is because in those states the code to roll back savepoint
+ ** transactions may copy data from the sub-journal into the database
+ ** file as well as into the page cache. Which would be incorrect in
+ ** WAL mode.
+ */
+ pPager->eState = PAGER_WRITER_LOCKED;
+ pPager->dbHintSize = pPager->dbSize;
+ pPager->dbFileSize = pPager->dbSize;
+ pPager->dbOrigSize = pPager->dbSize;
+ pPager->journalOff = 0;
+ }
+
+ assert( rc==SQLITE_OK || pPager->eState==PAGER_READER );
+ assert( rc!=SQLITE_OK || pPager->eState==PAGER_WRITER_LOCKED );
+ assert( assert_pager_state(pPager) );
+ }
+
+ PAGERTRACE(("TRANSACTION %d\n", PAGERID(pPager)));
+ return rc;
+}
+
+/*
+** Write page pPg onto the end of the rollback journal.
+*/
+static SQLITE_NOINLINE int pagerAddPageToRollbackJournal(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ int rc;
+ u32 cksum;
+ char *pData2;
+ i64 iOff = pPager->journalOff;
+
+ /* We should never write to the journal file the page that
+ ** contains the database locks. The following assert verifies
+ ** that we do not. */
+ assert( pPg->pgno!=PAGER_MJ_PGNO(pPager) );
+
+ assert( pPager->journalHdr<=pPager->journalOff );
+ CODEC2(pPager, pPg->pData, pPg->pgno, 7, return SQLITE_NOMEM, pData2);
+ cksum = pager_cksum(pPager, (u8*)pData2);
+
+ /* Even if an IO or diskfull error occurs while journalling the
+ ** page in the block above, set the need-sync flag for the page.
+ ** Otherwise, when the transaction is rolled back, the logic in
+ ** playback_one_page() will think that the page needs to be restored
+ ** in the database file. And if an IO error occurs while doing so,
+ ** then corruption may follow.
+ */
+ pPg->flags |= PGHDR_NEED_SYNC;
+
+ rc = write32bits(pPager->jfd, iOff, pPg->pgno);
+ if( rc!=SQLITE_OK ) return rc;
+ rc = sqlite3OsWrite(pPager->jfd, pData2, pPager->pageSize, iOff+4);
+ if( rc!=SQLITE_OK ) return rc;
+ rc = write32bits(pPager->jfd, iOff+pPager->pageSize+4, cksum);
+ if( rc!=SQLITE_OK ) return rc;
+
+ IOTRACE(("JOUT %p %d %lld %d\n", pPager, pPg->pgno,
+ pPager->journalOff, pPager->pageSize));
+ PAGER_INCR(sqlite3_pager_writej_count);
+ PAGERTRACE(("JOURNAL %d page %d needSync=%d hash(%08x)\n",
+ PAGERID(pPager), pPg->pgno,
+ ((pPg->flags&PGHDR_NEED_SYNC)?1:0), pager_pagehash(pPg)));
+
+ pPager->journalOff += 8 + pPager->pageSize;
+ pPager->nRec++;
+ assert( pPager->pInJournal!=0 );
+ rc = sqlite3BitvecSet(pPager->pInJournal, pPg->pgno);
+ testcase( rc==SQLITE_NOMEM );
+ assert( rc==SQLITE_OK || rc==SQLITE_NOMEM );
+ rc |= addToSavepointBitvecs(pPager, pPg->pgno);
+ assert( rc==SQLITE_OK || rc==SQLITE_NOMEM );
+ return rc;
+}
+
+/*
+** Mark a single data page as writeable. The page is written into the
+** main journal or sub-journal as required. If the page is written into
+** one of the journals, the corresponding bit is set in the
+** Pager.pInJournal bitvec and the PagerSavepoint.pInSavepoint bitvecs
+** of any open savepoints as appropriate.
+*/
+static int pager_write(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ int rc = SQLITE_OK;
+
+ /* This routine is not called unless a write-transaction has already
+ ** been started. The journal file may or may not be open at this point.
+ ** It is never called in the ERROR state.
+ */
+ assert( pPager->eState==PAGER_WRITER_LOCKED
+ || pPager->eState==PAGER_WRITER_CACHEMOD
+ || pPager->eState==PAGER_WRITER_DBMOD
+ );
+ assert( assert_pager_state(pPager) );
+ assert( pPager->errCode==0 );
+ assert( pPager->readOnly==0 );
+ CHECK_PAGE(pPg);
+
+ /* The journal file needs to be opened. Higher level routines have already
+ ** obtained the necessary locks to begin the write-transaction, but the
+ ** rollback journal might not yet be open. Open it now if this is the case.
+ **
+ ** This is done before calling sqlite3PcacheMakeDirty() on the page.
+ ** Otherwise, if it were done after calling sqlite3PcacheMakeDirty(), then
+ ** an error might occur and the pager would end up in WRITER_LOCKED state
+ ** with pages marked as dirty in the cache.
+ */
+ if( pPager->eState==PAGER_WRITER_LOCKED ){
+ rc = pager_open_journal(pPager);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ assert( pPager->eState>=PAGER_WRITER_CACHEMOD );
+ assert( assert_pager_state(pPager) );
+
+ /* Mark the page that is about to be modified as dirty. */
+ sqlite3PcacheMakeDirty(pPg);
+
+ /* If a rollback journal is in use, them make sure the page that is about
+ ** to change is in the rollback journal, or if the page is a new page off
+ ** then end of the file, make sure it is marked as PGHDR_NEED_SYNC.
+ */
+ assert( (pPager->pInJournal!=0) == isOpen(pPager->jfd) );
+ if( pPager->pInJournal!=0
+ && sqlite3BitvecTestNotNull(pPager->pInJournal, pPg->pgno)==0
+ ){
+ assert( pagerUseWal(pPager)==0 );
+ if( pPg->pgno<=pPager->dbOrigSize ){
+ rc = pagerAddPageToRollbackJournal(pPg);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }else{
+ if( pPager->eState!=PAGER_WRITER_DBMOD ){
+ pPg->flags |= PGHDR_NEED_SYNC;
+ }
+ PAGERTRACE(("APPEND %d page %d needSync=%d\n",
+ PAGERID(pPager), pPg->pgno,
+ ((pPg->flags&PGHDR_NEED_SYNC)?1:0)));
+ }
+ }
+
+ /* The PGHDR_DIRTY bit is set above when the page was added to the dirty-list
+ ** and before writing the page into the rollback journal. Wait until now,
+ ** after the page has been successfully journalled, before setting the
+ ** PGHDR_WRITEABLE bit that indicates that the page can be safely modified.
+ */
+ pPg->flags |= PGHDR_WRITEABLE;
+
+ /* If the statement journal is open and the page is not in it,
+ ** then write the page into the statement journal.
+ */
+ if( pPager->nSavepoint>0 ){
+ rc = subjournalPageIfRequired(pPg);
+ }
+
+ /* Update the database size and return. */
+ if( pPager->dbSize<pPg->pgno ){
+ pPager->dbSize = pPg->pgno;
+ }
+ return rc;
+}
+
+/*
+** This is a variant of sqlite3PagerWrite() that runs when the sector size
+** is larger than the page size. SQLite makes the (reasonable) assumption that
+** all bytes of a sector are written together by hardware. Hence, all bytes of
+** a sector need to be journalled in case of a power loss in the middle of
+** a write.
+**
+** Usually, the sector size is less than or equal to the page size, in which
+** case pages can be individually written. This routine only runs in the
+** exceptional case where the page size is smaller than the sector size.
+*/
+static SQLITE_NOINLINE int pagerWriteLargeSector(PgHdr *pPg){
+ int rc = SQLITE_OK; /* Return code */
+ Pgno nPageCount; /* Total number of pages in database file */
+ Pgno pg1; /* First page of the sector pPg is located on. */
+ int nPage = 0; /* Number of pages starting at pg1 to journal */
+ int ii; /* Loop counter */
+ int needSync = 0; /* True if any page has PGHDR_NEED_SYNC */
+ Pager *pPager = pPg->pPager; /* The pager that owns pPg */
+ Pgno nPagePerSector = (pPager->sectorSize/pPager->pageSize);
+
+ /* Set the doNotSpill NOSYNC bit to 1. This is because we cannot allow
+ ** a journal header to be written between the pages journaled by
+ ** this function.
+ */
+ assert( !MEMDB );
+ assert( (pPager->doNotSpill & SPILLFLAG_NOSYNC)==0 );
+ pPager->doNotSpill |= SPILLFLAG_NOSYNC;
+
+ /* This trick assumes that both the page-size and sector-size are
+ ** an integer power of 2. It sets variable pg1 to the identifier
+ ** of the first page of the sector pPg is located on.
+ */
+ pg1 = ((pPg->pgno-1) & ~(nPagePerSector-1)) + 1;
+
+ nPageCount = pPager->dbSize;
+ if( pPg->pgno>nPageCount ){
+ nPage = (pPg->pgno - pg1)+1;
+ }else if( (pg1+nPagePerSector-1)>nPageCount ){
+ nPage = nPageCount+1-pg1;
+ }else{
+ nPage = nPagePerSector;
+ }
+ assert(nPage>0);
+ assert(pg1<=pPg->pgno);
+ assert((pg1+nPage)>pPg->pgno);
+
+ for(ii=0; ii<nPage && rc==SQLITE_OK; ii++){
+ Pgno pg = pg1+ii;
+ PgHdr *pPage;
+ if( pg==pPg->pgno || !sqlite3BitvecTest(pPager->pInJournal, pg) ){
+ if( pg!=PAGER_MJ_PGNO(pPager) ){
+ rc = sqlite3PagerGet(pPager, pg, &pPage, 0);
+ if( rc==SQLITE_OK ){
+ rc = pager_write(pPage);
+ if( pPage->flags&PGHDR_NEED_SYNC ){
+ needSync = 1;
+ }
+ sqlite3PagerUnrefNotNull(pPage);
+ }
+ }
+ }else if( (pPage = sqlite3PagerLookup(pPager, pg))!=0 ){
+ if( pPage->flags&PGHDR_NEED_SYNC ){
+ needSync = 1;
+ }
+ sqlite3PagerUnrefNotNull(pPage);
+ }
+ }
+
+ /* If the PGHDR_NEED_SYNC flag is set for any of the nPage pages
+ ** starting at pg1, then it needs to be set for all of them. Because
+ ** writing to any of these nPage pages may damage the others, the
+ ** journal file must contain sync()ed copies of all of them
+ ** before any of them can be written out to the database file.
+ */
+ if( rc==SQLITE_OK && needSync ){
+ assert( !MEMDB );
+ for(ii=0; ii<nPage; ii++){
+ PgHdr *pPage = sqlite3PagerLookup(pPager, pg1+ii);
+ if( pPage ){
+ pPage->flags |= PGHDR_NEED_SYNC;
+ sqlite3PagerUnrefNotNull(pPage);
+ }
+ }
+ }
+
+ assert( (pPager->doNotSpill & SPILLFLAG_NOSYNC)!=0 );
+ pPager->doNotSpill &= ~SPILLFLAG_NOSYNC;
+ return rc;
+}
+
+/*
+** Mark a data page as writeable. This routine must be called before
+** making changes to a page. The caller must check the return value
+** of this function and be careful not to change any page data unless
+** this routine returns SQLITE_OK.
+**
+** The difference between this function and pager_write() is that this
+** function also deals with the special case where 2 or more pages
+** fit on a single disk sector. In this case all co-resident pages
+** must have been written to the journal file before returning.
+**
+** If an error occurs, SQLITE_NOMEM or an IO error code is returned
+** as appropriate. Otherwise, SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3PagerWrite(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ assert( (pPg->flags & PGHDR_MMAP)==0 );
+ assert( pPager->eState>=PAGER_WRITER_LOCKED );
+ assert( assert_pager_state(pPager) );
+ if( pPager->errCode ){
+ return pPager->errCode;
+ }else if( (pPg->flags & PGHDR_WRITEABLE)!=0 && pPager->dbSize>=pPg->pgno ){
+ if( pPager->nSavepoint ) return subjournalPageIfRequired(pPg);
+ return SQLITE_OK;
+ }else if( pPager->sectorSize > (u32)pPager->pageSize ){
+ return pagerWriteLargeSector(pPg);
+ }else{
+ return pager_write(pPg);
+ }
+}
+
+/*
+** Return TRUE if the page given in the argument was previously passed
+** to sqlite3PagerWrite(). In other words, return TRUE if it is ok
+** to change the content of the page.
+*/
+#ifndef NDEBUG
+SQLITE_PRIVATE int sqlite3PagerIswriteable(DbPage *pPg){
+ return pPg->flags & PGHDR_WRITEABLE;
+}
+#endif
+
+/*
+** A call to this routine tells the pager that it is not necessary to
+** write the information on page pPg back to the disk, even though
+** that page might be marked as dirty. This happens, for example, when
+** the page has been added as a leaf of the freelist and so its
+** content no longer matters.
+**
+** The overlying software layer calls this routine when all of the data
+** on the given page is unused. The pager marks the page as clean so
+** that it does not get written to disk.
+**
+** Tests show that this optimization can quadruple the speed of large
+** DELETE operations.
+*/
+SQLITE_PRIVATE void sqlite3PagerDontWrite(PgHdr *pPg){
+ Pager *pPager = pPg->pPager;
+ if( (pPg->flags&PGHDR_DIRTY) && pPager->nSavepoint==0 ){
+ PAGERTRACE(("DONT_WRITE page %d of %d\n", pPg->pgno, PAGERID(pPager)));
+ IOTRACE(("CLEAN %p %d\n", pPager, pPg->pgno))
+ pPg->flags |= PGHDR_DONT_WRITE;
+ pPg->flags &= ~PGHDR_WRITEABLE;
+ pager_set_pagehash(pPg);
+ }
+}
+
+/*
+** This routine is called to increment the value of the database file
+** change-counter, stored as a 4-byte big-endian integer starting at
+** byte offset 24 of the pager file. The secondary change counter at
+** 92 is also updated, as is the SQLite version number at offset 96.
+**
+** But this only happens if the pPager->changeCountDone flag is false.
+** To avoid excess churning of page 1, the update only happens once.
+** See also the pager_write_changecounter() routine that does an
+** unconditional update of the change counters.
+**
+** If the isDirectMode flag is zero, then this is done by calling
+** sqlite3PagerWrite() on page 1, then modifying the contents of the
+** page data. In this case the file will be updated when the current
+** transaction is committed.
+**
+** The isDirectMode flag may only be non-zero if the library was compiled
+** with the SQLITE_ENABLE_ATOMIC_WRITE macro defined. In this case,
+** if isDirect is non-zero, then the database file is updated directly
+** by writing an updated version of page 1 using a call to the
+** sqlite3OsWrite() function.
+*/
+static int pager_incr_changecounter(Pager *pPager, int isDirectMode){
+ int rc = SQLITE_OK;
+
+ assert( pPager->eState==PAGER_WRITER_CACHEMOD
+ || pPager->eState==PAGER_WRITER_DBMOD
+ );
+ assert( assert_pager_state(pPager) );
+
+ /* Declare and initialize constant integer 'isDirect'. If the
+ ** atomic-write optimization is enabled in this build, then isDirect
+ ** is initialized to the value passed as the isDirectMode parameter
+ ** to this function. Otherwise, it is always set to zero.
+ **
+ ** The idea is that if the atomic-write optimization is not
+ ** enabled at compile time, the compiler can omit the tests of
+ ** 'isDirect' below, as well as the block enclosed in the
+ ** "if( isDirect )" condition.
+ */
+#ifndef SQLITE_ENABLE_ATOMIC_WRITE
+# define DIRECT_MODE 0
+ assert( isDirectMode==0 );
+ UNUSED_PARAMETER(isDirectMode);
+#else
+# define DIRECT_MODE isDirectMode
+#endif
+
+ if( !pPager->changeCountDone && ALWAYS(pPager->dbSize>0) ){
+ PgHdr *pPgHdr; /* Reference to page 1 */
+
+ assert( !pPager->tempFile && isOpen(pPager->fd) );
+
+ /* Open page 1 of the file for writing. */
+ rc = sqlite3PagerGet(pPager, 1, &pPgHdr, 0);
+ assert( pPgHdr==0 || rc==SQLITE_OK );
+
+ /* If page one was fetched successfully, and this function is not
+ ** operating in direct-mode, make page 1 writable. When not in
+ ** direct mode, page 1 is always held in cache and hence the PagerGet()
+ ** above is always successful - hence the ALWAYS on rc==SQLITE_OK.
+ */
+ if( !DIRECT_MODE && ALWAYS(rc==SQLITE_OK) ){
+ rc = sqlite3PagerWrite(pPgHdr);
+ }
+
+ if( rc==SQLITE_OK ){
+ /* Actually do the update of the change counter */
+ pager_write_changecounter(pPgHdr);
+
+ /* If running in direct mode, write the contents of page 1 to the file. */
+ if( DIRECT_MODE ){
+ const void *zBuf;
+ assert( pPager->dbFileSize>0 );
+ CODEC2(pPager, pPgHdr->pData, 1, 6, rc=SQLITE_NOMEM, zBuf);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3OsWrite(pPager->fd, zBuf, pPager->pageSize, 0);
+ pPager->aStat[PAGER_STAT_WRITE]++;
+ }
+ if( rc==SQLITE_OK ){
+ /* Update the pager's copy of the change-counter. Otherwise, the
+ ** next time a read transaction is opened the cache will be
+ ** flushed (as the change-counter values will not match). */
+ const void *pCopy = (const void *)&((const char *)zBuf)[24];
+ memcpy(&pPager->dbFileVers, pCopy, sizeof(pPager->dbFileVers));
+ pPager->changeCountDone = 1;
+ }
+ }else{
+ pPager->changeCountDone = 1;
+ }
+ }
+
+ /* Release the page reference. */
+ sqlite3PagerUnref(pPgHdr);
+ }
+ return rc;
+}
+
+/*
+** Sync the database file to disk. This is a no-op for in-memory databases
+** or pages with the Pager.noSync flag set.
+**
+** If successful, or if called on a pager for which it is a no-op, this
+** function returns SQLITE_OK. Otherwise, an IO error code is returned.
+*/
+SQLITE_PRIVATE int sqlite3PagerSync(Pager *pPager, const char *zMaster){
+ int rc = SQLITE_OK;
+
+ if( isOpen(pPager->fd) ){
+ void *pArg = (void*)zMaster;
+ rc = sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_SYNC, pArg);
+ if( rc==SQLITE_NOTFOUND ) rc = SQLITE_OK;
+ }
+ if( rc==SQLITE_OK && !pPager->noSync ){
+ assert( !MEMDB );
+ rc = sqlite3OsSync(pPager->fd, pPager->syncFlags);
+ }
+ return rc;
+}
+
+/*
+** This function may only be called while a write-transaction is active in
+** rollback. If the connection is in WAL mode, this call is a no-op.
+** Otherwise, if the connection does not already have an EXCLUSIVE lock on
+** the database file, an attempt is made to obtain one.
+**
+** If the EXCLUSIVE lock is already held or the attempt to obtain it is
+** successful, or the connection is in WAL mode, SQLITE_OK is returned.
+** Otherwise, either SQLITE_BUSY or an SQLITE_IOERR_XXX error code is
+** returned.
+*/
+SQLITE_PRIVATE int sqlite3PagerExclusiveLock(Pager *pPager){
+ int rc = pPager->errCode;
+ assert( assert_pager_state(pPager) );
+ if( rc==SQLITE_OK ){
+ assert( pPager->eState==PAGER_WRITER_CACHEMOD
+ || pPager->eState==PAGER_WRITER_DBMOD
+ || pPager->eState==PAGER_WRITER_LOCKED
+ );
+ assert( assert_pager_state(pPager) );
+ if( 0==pagerUseWal(pPager) ){
+ rc = pager_wait_on_lock(pPager, EXCLUSIVE_LOCK);
+ }
+ }
+ return rc;
+}
+
+/*
+** Sync the database file for the pager pPager. zMaster points to the name
+** of a master journal file that should be written into the individual
+** journal file. zMaster may be NULL, which is interpreted as no master
+** journal (a single database transaction).
+**
+** This routine ensures that:
+**
+** * The database file change-counter is updated,
+** * the journal is synced (unless the atomic-write optimization is used),
+** * all dirty pages are written to the database file,
+** * the database file is truncated (if required), and
+** * the database file synced.
+**
+** The only thing that remains to commit the transaction is to finalize
+** (delete, truncate or zero the first part of) the journal file (or
+** delete the master journal file if specified).
+**
+** Note that if zMaster==NULL, this does not overwrite a previous value
+** passed to an sqlite3PagerCommitPhaseOne() call.
+**
+** If the final parameter - noSync - is true, then the database file itself
+** is not synced. The caller must call sqlite3PagerSync() directly to
+** sync the database file before calling CommitPhaseTwo() to delete the
+** journal file in this case.
+*/
+SQLITE_PRIVATE int sqlite3PagerCommitPhaseOne(
+ Pager *pPager, /* Pager object */
+ const char *zMaster, /* If not NULL, the master journal name */
+ int noSync /* True to omit the xSync on the db file */
+){
+ int rc = SQLITE_OK; /* Return code */
+
+ assert( pPager->eState==PAGER_WRITER_LOCKED
+ || pPager->eState==PAGER_WRITER_CACHEMOD
+ || pPager->eState==PAGER_WRITER_DBMOD
+ || pPager->eState==PAGER_ERROR
+ );
+ assert( assert_pager_state(pPager) );
+
+ /* If a prior error occurred, report that error again. */
+ if( NEVER(pPager->errCode) ) return pPager->errCode;
+
+ PAGERTRACE(("DATABASE SYNC: File=%s zMaster=%s nSize=%d\n",
+ pPager->zFilename, zMaster, pPager->dbSize));
+
+ /* If no database changes have been made, return early. */
+ if( pPager->eState<PAGER_WRITER_CACHEMOD ) return SQLITE_OK;
+
+ if( MEMDB ){
+ /* If this is an in-memory db, or no pages have been written to, or this
+ ** function has already been called, it is mostly a no-op. However, any
+ ** backup in progress needs to be restarted.
+ */
+ sqlite3BackupRestart(pPager->pBackup);
+ }else{
+ if( pagerUseWal(pPager) ){
+ PgHdr *pList = sqlite3PcacheDirtyList(pPager->pPCache);
+ PgHdr *pPageOne = 0;
+ if( pList==0 ){
+ /* Must have at least one page for the WAL commit flag.
+ ** Ticket [2d1a5c67dfc2363e44f29d9bbd57f] 2011-05-18 */
+ rc = sqlite3PagerGet(pPager, 1, &pPageOne, 0);
+ pList = pPageOne;
+ pList->pDirty = 0;
+ }
+ assert( rc==SQLITE_OK );
+ if( ALWAYS(pList) ){
+ rc = pagerWalFrames(pPager, pList, pPager->dbSize, 1);
+ }
+ sqlite3PagerUnref(pPageOne);
+ if( rc==SQLITE_OK ){
+ sqlite3PcacheCleanAll(pPager->pPCache);
+ }
+ }else{
+ /* The following block updates the change-counter. Exactly how it
+ ** does this depends on whether or not the atomic-update optimization
+ ** was enabled at compile time, and if this transaction meets the
+ ** runtime criteria to use the operation:
+ **
+ ** * The file-system supports the atomic-write property for
+ ** blocks of size page-size, and
+ ** * This commit is not part of a multi-file transaction, and
+ ** * Exactly one page has been modified and store in the journal file.
+ **
+ ** If the optimization was not enabled at compile time, then the
+ ** pager_incr_changecounter() function is called to update the change
+ ** counter in 'indirect-mode'. If the optimization is compiled in but
+ ** is not applicable to this transaction, call sqlite3JournalCreate()
+ ** to make sure the journal file has actually been created, then call
+ ** pager_incr_changecounter() to update the change-counter in indirect
+ ** mode.
+ **
+ ** Otherwise, if the optimization is both enabled and applicable,
+ ** then call pager_incr_changecounter() to update the change-counter
+ ** in 'direct' mode. In this case the journal file will never be
+ ** created for this transaction.
+ */
+ #ifdef SQLITE_ENABLE_ATOMIC_WRITE
+ PgHdr *pPg;
+ assert( isOpen(pPager->jfd)
+ || pPager->journalMode==PAGER_JOURNALMODE_OFF
+ || pPager->journalMode==PAGER_JOURNALMODE_WAL
+ );
+ if( !zMaster && isOpen(pPager->jfd)
+ && pPager->journalOff==jrnlBufferSize(pPager)
+ && pPager->dbSize>=pPager->dbOrigSize
+ && (0==(pPg = sqlite3PcacheDirtyList(pPager->pPCache)) || 0==pPg->pDirty)
+ ){
+ /* Update the db file change counter via the direct-write method. The
+ ** following call will modify the in-memory representation of page 1
+ ** to include the updated change counter and then write page 1
+ ** directly to the database file. Because of the atomic-write
+ ** property of the host file-system, this is safe.
+ */
+ rc = pager_incr_changecounter(pPager, 1);
+ }else{
+ rc = sqlite3JournalCreate(pPager->jfd);
+ if( rc==SQLITE_OK ){
+ rc = pager_incr_changecounter(pPager, 0);
+ }
+ }
+ #else
+ rc = pager_incr_changecounter(pPager, 0);
+ #endif
+ if( rc!=SQLITE_OK ) goto commit_phase_one_exit;
+
+ /* Write the master journal name into the journal file. If a master
+ ** journal file name has already been written to the journal file,
+ ** or if zMaster is NULL (no master journal), then this call is a no-op.
+ */
+ rc = writeMasterJournal(pPager, zMaster);
+ if( rc!=SQLITE_OK ) goto commit_phase_one_exit;
+
+ /* Sync the journal file and write all dirty pages to the database.
+ ** If the atomic-update optimization is being used, this sync will not
+ ** create the journal file or perform any real IO.
+ **
+ ** Because the change-counter page was just modified, unless the
+ ** atomic-update optimization is used it is almost certain that the
+ ** journal requires a sync here. However, in locking_mode=exclusive
+ ** on a system under memory pressure it is just possible that this is
+ ** not the case. In this case it is likely enough that the redundant
+ ** xSync() call will be changed to a no-op by the OS anyhow.
+ */
+ rc = syncJournal(pPager, 0);
+ if( rc!=SQLITE_OK ) goto commit_phase_one_exit;
+
+ rc = pager_write_pagelist(pPager,sqlite3PcacheDirtyList(pPager->pPCache));
+ if( rc!=SQLITE_OK ){
+ assert( rc!=SQLITE_IOERR_BLOCKED );
+ goto commit_phase_one_exit;
+ }
+ sqlite3PcacheCleanAll(pPager->pPCache);
+
+ /* If the file on disk is smaller than the database image, use
+ ** pager_truncate to grow the file here. This can happen if the database
+ ** image was extended as part of the current transaction and then the
+ ** last page in the db image moved to the free-list. In this case the
+ ** last page is never written out to disk, leaving the database file
+ ** undersized. Fix this now if it is the case. */
+ if( pPager->dbSize>pPager->dbFileSize ){
+ Pgno nNew = pPager->dbSize - (pPager->dbSize==PAGER_MJ_PGNO(pPager));
+ assert( pPager->eState==PAGER_WRITER_DBMOD );
+ rc = pager_truncate(pPager, nNew);
+ if( rc!=SQLITE_OK ) goto commit_phase_one_exit;
+ }
+
+ /* Finally, sync the database file. */
+ if( !noSync ){
+ rc = sqlite3PagerSync(pPager, zMaster);
+ }
+ IOTRACE(("DBSYNC %p\n", pPager))
+ }
+ }
+
+commit_phase_one_exit:
+ if( rc==SQLITE_OK && !pagerUseWal(pPager) ){
+ pPager->eState = PAGER_WRITER_FINISHED;
+ }
+ return rc;
+}
+
+
+/*
+** When this function is called, the database file has been completely
+** updated to reflect the changes made by the current transaction and
+** synced to disk. The journal file still exists in the file-system
+** though, and if a failure occurs at this point it will eventually
+** be used as a hot-journal and the current transaction rolled back.
+**
+** This function finalizes the journal file, either by deleting,
+** truncating or partially zeroing it, so that it cannot be used
+** for hot-journal rollback. Once this is done the transaction is
+** irrevocably committed.
+**
+** If an error occurs, an IO error code is returned and the pager
+** moves into the error state. Otherwise, SQLITE_OK is returned.
+*/
+SQLITE_PRIVATE int sqlite3PagerCommitPhaseTwo(Pager *pPager){
+ int rc = SQLITE_OK; /* Return code */
+
+ /* This routine should not be called if a prior error has occurred.
+ ** But if (due to a coding error elsewhere in the system) it does get
+ ** called, just return the same error code without doing anything. */
+ if( NEVER(pPager->errCode) ) return pPager->errCode;
+
+ assert( pPager->eState==PAGER_WRITER_LOCKED
+ || pPager->eState==PAGER_WRITER_FINISHED
+ || (pagerUseWal(pPager) && pPager->eState==PAGER_WRITER_CACHEMOD)
+ );
+ assert( assert_pager_state(pPager) );
+
+ /* An optimization. If the database was not actually modified during
+ ** this transaction, the pager is running in exclusive-mode and is
+ ** using persistent journals, then this function is a no-op.
+ **
+ ** The start of the journal file currently contains a single journal
+ ** header with the nRec field set to 0. If such a journal is used as
+ ** a hot-journal during hot-journal rollback, 0 changes will be made
+ ** to the database file. So there is no need to zero the journal
+ ** header. Since the pager is in exclusive mode, there is no need
+ ** to drop any locks either.
+ */
+ if( pPager->eState==PAGER_WRITER_LOCKED
+ && pPager->exclusiveMode
+ && pPager->journalMode==PAGER_JOURNALMODE_PERSIST
+ ){
+ assert( pPager->journalOff==JOURNAL_HDR_SZ(pPager) || !pPager->journalOff );
+ pPager->eState = PAGER_READER;
+ return SQLITE_OK;
+ }
+
+ PAGERTRACE(("COMMIT %d\n", PAGERID(pPager)));
+ pPager->iDataVersion++;
+ rc = pager_end_transaction(pPager, pPager->setMaster, 1);
+ return pager_error(pPager, rc);
+}
+
+/*
+** If a write transaction is open, then all changes made within the
+** transaction are reverted and the current write-transaction is closed.
+** The pager falls back to PAGER_READER state if successful, or PAGER_ERROR
+** state if an error occurs.
+**
+** If the pager is already in PAGER_ERROR state when this function is called,
+** it returns Pager.errCode immediately. No work is performed in this case.
+**
+** Otherwise, in rollback mode, this function performs two functions:
+**
+** 1) It rolls back the journal file, restoring all database file and
+** in-memory cache pages to the state they were in when the transaction
+** was opened, and
+**
+** 2) It finalizes the journal file, so that it is not used for hot
+** rollback at any point in the future.
+**
+** Finalization of the journal file (task 2) is only performed if the
+** rollback is successful.
+**
+** In WAL mode, all cache-entries containing data modified within the
+** current transaction are either expelled from the cache or reverted to
+** their pre-transaction state by re-reading data from the database or
+** WAL files. The WAL transaction is then closed.
+*/
+SQLITE_PRIVATE int sqlite3PagerRollback(Pager *pPager){
+ int rc = SQLITE_OK; /* Return code */
+ PAGERTRACE(("ROLLBACK %d\n", PAGERID(pPager)));
+
+ /* PagerRollback() is a no-op if called in READER or OPEN state. If
+ ** the pager is already in the ERROR state, the rollback is not
+ ** attempted here. Instead, the error code is returned to the caller.
+ */
+ assert( assert_pager_state(pPager) );
+ if( pPager->eState==PAGER_ERROR ) return pPager->errCode;
+ if( pPager->eState<=PAGER_READER ) return SQLITE_OK;
+
+ if( pagerUseWal(pPager) ){
+ int rc2;
+ rc = sqlite3PagerSavepoint(pPager, SAVEPOINT_ROLLBACK, -1);
+ rc2 = pager_end_transaction(pPager, pPager->setMaster, 0);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }else if( !isOpen(pPager->jfd) || pPager->eState==PAGER_WRITER_LOCKED ){
+ int eState = pPager->eState;
+ rc = pager_end_transaction(pPager, 0, 0);
+ if( !MEMDB && eState>PAGER_WRITER_LOCKED ){
+ /* This can happen using journal_mode=off. Move the pager to the error
+ ** state to indicate that the contents of the cache may not be trusted.
+ ** Any active readers will get SQLITE_ABORT.
+ */
+ pPager->errCode = SQLITE_ABORT;
+ pPager->eState = PAGER_ERROR;
+ return rc;
+ }
+ }else{
+ rc = pager_playback(pPager, 0);
+ }
+
+ assert( pPager->eState==PAGER_READER || rc!=SQLITE_OK );
+ assert( rc==SQLITE_OK || rc==SQLITE_FULL || rc==SQLITE_CORRUPT
+ || rc==SQLITE_NOMEM || (rc&0xFF)==SQLITE_IOERR
+ || rc==SQLITE_CANTOPEN
+ );
+
+ /* If an error occurs during a ROLLBACK, we can no longer trust the pager
+ ** cache. So call pager_error() on the way out to make any error persistent.
+ */
+ return pager_error(pPager, rc);
+}
+
+/*
+** Return TRUE if the database file is opened read-only. Return FALSE
+** if the database is (in theory) writable.
+*/
+SQLITE_PRIVATE u8 sqlite3PagerIsreadonly(Pager *pPager){
+ return pPager->readOnly;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** Return the sum of the reference counts for all pages held by pPager.
+*/
+SQLITE_PRIVATE int sqlite3PagerRefcount(Pager *pPager){
+ return sqlite3PcacheRefCount(pPager->pPCache);
+}
+#endif
+
+/*
+** Return the approximate number of bytes of memory currently
+** used by the pager and its associated cache.
+*/
+SQLITE_PRIVATE int sqlite3PagerMemUsed(Pager *pPager){
+ int perPageSize = pPager->pageSize + pPager->nExtra + sizeof(PgHdr)
+ + 5*sizeof(void*);
+ return perPageSize*sqlite3PcachePagecount(pPager->pPCache)
+ + sqlite3MallocSize(pPager)
+ + pPager->pageSize;
+}
+
+/*
+** Return the number of references to the specified page.
+*/
+SQLITE_PRIVATE int sqlite3PagerPageRefcount(DbPage *pPage){
+ return sqlite3PcachePageRefcount(pPage);
+}
+
+#ifdef SQLITE_TEST
+/*
+** This routine is used for testing and analysis only.
+*/
+SQLITE_PRIVATE int *sqlite3PagerStats(Pager *pPager){
+ static int a[11];
+ a[0] = sqlite3PcacheRefCount(pPager->pPCache);
+ a[1] = sqlite3PcachePagecount(pPager->pPCache);
+ a[2] = sqlite3PcacheGetCachesize(pPager->pPCache);
+ a[3] = pPager->eState==PAGER_OPEN ? -1 : (int) pPager->dbSize;
+ a[4] = pPager->eState;
+ a[5] = pPager->errCode;
+ a[6] = pPager->aStat[PAGER_STAT_HIT];
+ a[7] = pPager->aStat[PAGER_STAT_MISS];
+ a[8] = 0; /* Used to be pPager->nOvfl */
+ a[9] = pPager->nRead;
+ a[10] = pPager->aStat[PAGER_STAT_WRITE];
+ return a;
+}
+#endif
+
+/*
+** Parameter eStat must be either SQLITE_DBSTATUS_CACHE_HIT or
+** SQLITE_DBSTATUS_CACHE_MISS. Before returning, *pnVal is incremented by the
+** current cache hit or miss count, according to the value of eStat. If the
+** reset parameter is non-zero, the cache hit or miss count is zeroed before
+** returning.
+*/
+SQLITE_PRIVATE void sqlite3PagerCacheStat(Pager *pPager, int eStat, int reset, int *pnVal){
+
+ assert( eStat==SQLITE_DBSTATUS_CACHE_HIT
+ || eStat==SQLITE_DBSTATUS_CACHE_MISS
+ || eStat==SQLITE_DBSTATUS_CACHE_WRITE
+ );
+
+ assert( SQLITE_DBSTATUS_CACHE_HIT+1==SQLITE_DBSTATUS_CACHE_MISS );
+ assert( SQLITE_DBSTATUS_CACHE_HIT+2==SQLITE_DBSTATUS_CACHE_WRITE );
+ assert( PAGER_STAT_HIT==0 && PAGER_STAT_MISS==1 && PAGER_STAT_WRITE==2 );
+
+ *pnVal += pPager->aStat[eStat - SQLITE_DBSTATUS_CACHE_HIT];
+ if( reset ){
+ pPager->aStat[eStat - SQLITE_DBSTATUS_CACHE_HIT] = 0;
+ }
+}
+
+/*
+** Return true if this is an in-memory pager.
+*/
+SQLITE_PRIVATE int sqlite3PagerIsMemdb(Pager *pPager){
+ return MEMDB;
+}
+
+/*
+** Check that there are at least nSavepoint savepoints open. If there are
+** currently less than nSavepoints open, then open one or more savepoints
+** to make up the difference. If the number of savepoints is already
+** equal to nSavepoint, then this function is a no-op.
+**
+** If a memory allocation fails, SQLITE_NOMEM is returned. If an error
+** occurs while opening the sub-journal file, then an IO error code is
+** returned. Otherwise, SQLITE_OK.
+*/
+static SQLITE_NOINLINE int pagerOpenSavepoint(Pager *pPager, int nSavepoint){
+ int rc = SQLITE_OK; /* Return code */
+ int nCurrent = pPager->nSavepoint; /* Current number of savepoints */
+ int ii; /* Iterator variable */
+ PagerSavepoint *aNew; /* New Pager.aSavepoint array */
+
+ assert( pPager->eState>=PAGER_WRITER_LOCKED );
+ assert( assert_pager_state(pPager) );
+ assert( nSavepoint>nCurrent && pPager->useJournal );
+
+ /* Grow the Pager.aSavepoint array using realloc(). Return SQLITE_NOMEM
+ ** if the allocation fails. Otherwise, zero the new portion in case a
+ ** malloc failure occurs while populating it in the for(...) loop below.
+ */
+ aNew = (PagerSavepoint *)sqlite3Realloc(
+ pPager->aSavepoint, sizeof(PagerSavepoint)*nSavepoint
+ );
+ if( !aNew ){
+ return SQLITE_NOMEM;
+ }
+ memset(&aNew[nCurrent], 0, (nSavepoint-nCurrent) * sizeof(PagerSavepoint));
+ pPager->aSavepoint = aNew;
+
+ /* Populate the PagerSavepoint structures just allocated. */
+ for(ii=nCurrent; ii<nSavepoint; ii++){
+ aNew[ii].nOrig = pPager->dbSize;
+ if( isOpen(pPager->jfd) && pPager->journalOff>0 ){
+ aNew[ii].iOffset = pPager->journalOff;
+ }else{
+ aNew[ii].iOffset = JOURNAL_HDR_SZ(pPager);
+ }
+ aNew[ii].iSubRec = pPager->nSubRec;
+ aNew[ii].pInSavepoint = sqlite3BitvecCreate(pPager->dbSize);
+ if( !aNew[ii].pInSavepoint ){
+ return SQLITE_NOMEM;
+ }
+ if( pagerUseWal(pPager) ){
+ sqlite3WalSavepoint(pPager->pWal, aNew[ii].aWalData);
+ }
+ pPager->nSavepoint = ii+1;
+ }
+ assert( pPager->nSavepoint==nSavepoint );
+ assertTruncateConstraint(pPager);
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3PagerOpenSavepoint(Pager *pPager, int nSavepoint){
+ assert( pPager->eState>=PAGER_WRITER_LOCKED );
+ assert( assert_pager_state(pPager) );
+
+ if( nSavepoint>pPager->nSavepoint && pPager->useJournal ){
+ return pagerOpenSavepoint(pPager, nSavepoint);
+ }else{
+ return SQLITE_OK;
+ }
+}
+
+
+/*
+** This function is called to rollback or release (commit) a savepoint.
+** The savepoint to release or rollback need not be the most recently
+** created savepoint.
+**
+** Parameter op is always either SAVEPOINT_ROLLBACK or SAVEPOINT_RELEASE.
+** If it is SAVEPOINT_RELEASE, then release and destroy the savepoint with
+** index iSavepoint. If it is SAVEPOINT_ROLLBACK, then rollback all changes
+** that have occurred since the specified savepoint was created.
+**
+** The savepoint to rollback or release is identified by parameter
+** iSavepoint. A value of 0 means to operate on the outermost savepoint
+** (the first created). A value of (Pager.nSavepoint-1) means operate
+** on the most recently created savepoint. If iSavepoint is greater than
+** (Pager.nSavepoint-1), then this function is a no-op.
+**
+** If a negative value is passed to this function, then the current
+** transaction is rolled back. This is different to calling
+** sqlite3PagerRollback() because this function does not terminate
+** the transaction or unlock the database, it just restores the
+** contents of the database to its original state.
+**
+** In any case, all savepoints with an index greater than iSavepoint
+** are destroyed. If this is a release operation (op==SAVEPOINT_RELEASE),
+** then savepoint iSavepoint is also destroyed.
+**
+** This function may return SQLITE_NOMEM if a memory allocation fails,
+** or an IO error code if an IO error occurs while rolling back a
+** savepoint. If no errors occur, SQLITE_OK is returned.
+*/
+SQLITE_PRIVATE int sqlite3PagerSavepoint(Pager *pPager, int op, int iSavepoint){
+ int rc = pPager->errCode; /* Return code */
+
+ assert( op==SAVEPOINT_RELEASE || op==SAVEPOINT_ROLLBACK );
+ assert( iSavepoint>=0 || op==SAVEPOINT_ROLLBACK );
+
+ if( rc==SQLITE_OK && iSavepoint<pPager->nSavepoint ){
+ int ii; /* Iterator variable */
+ int nNew; /* Number of remaining savepoints after this op. */
+
+ /* Figure out how many savepoints will still be active after this
+ ** operation. Store this value in nNew. Then free resources associated
+ ** with any savepoints that are destroyed by this operation.
+ */
+ nNew = iSavepoint + (( op==SAVEPOINT_RELEASE ) ? 0 : 1);
+ for(ii=nNew; ii<pPager->nSavepoint; ii++){
+ sqlite3BitvecDestroy(pPager->aSavepoint[ii].pInSavepoint);
+ }
+ pPager->nSavepoint = nNew;
+
+ /* If this is a release of the outermost savepoint, truncate
+ ** the sub-journal to zero bytes in size. */
+ if( op==SAVEPOINT_RELEASE ){
+ if( nNew==0 && isOpen(pPager->sjfd) ){
+ /* Only truncate if it is an in-memory sub-journal. */
+ if( sqlite3IsMemJournal(pPager->sjfd) ){
+ rc = sqlite3OsTruncate(pPager->sjfd, 0);
+ assert( rc==SQLITE_OK );
+ }
+ pPager->nSubRec = 0;
+ }
+ }
+ /* Else this is a rollback operation, playback the specified savepoint.
+ ** If this is a temp-file, it is possible that the journal file has
+ ** not yet been opened. In this case there have been no changes to
+ ** the database file, so the playback operation can be skipped.
+ */
+ else if( pagerUseWal(pPager) || isOpen(pPager->jfd) ){
+ PagerSavepoint *pSavepoint = (nNew==0)?0:&pPager->aSavepoint[nNew-1];
+ rc = pagerPlaybackSavepoint(pPager, pSavepoint);
+ assert(rc!=SQLITE_DONE);
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Return the full pathname of the database file.
+**
+** Except, if the pager is in-memory only, then return an empty string if
+** nullIfMemDb is true. This routine is called with nullIfMemDb==1 when
+** used to report the filename to the user, for compatibility with legacy
+** behavior. But when the Btree needs to know the filename for matching to
+** shared cache, it uses nullIfMemDb==0 so that in-memory databases can
+** participate in shared-cache.
+*/
+SQLITE_PRIVATE const char *sqlite3PagerFilename(Pager *pPager, int nullIfMemDb){
+ return (nullIfMemDb && pPager->memDb) ? "" : pPager->zFilename;
+}
+
+/*
+** Return the VFS structure for the pager.
+*/
+SQLITE_PRIVATE sqlite3_vfs *sqlite3PagerVfs(Pager *pPager){
+ return pPager->pVfs;
+}
+
+/*
+** Return the file handle for the database file associated
+** with the pager. This might return NULL if the file has
+** not yet been opened.
+*/
+SQLITE_PRIVATE sqlite3_file *sqlite3PagerFile(Pager *pPager){
+ return pPager->fd;
+}
+
+/*
+** Return the file handle for the journal file (if it exists).
+** This will be either the rollback journal or the WAL file.
+*/
+SQLITE_PRIVATE sqlite3_file *sqlite3PagerJrnlFile(Pager *pPager){
+#if SQLITE_OMIT_WAL
+ return pPager->jfd;
+#else
+ return pPager->pWal ? sqlite3WalFile(pPager->pWal) : pPager->jfd;
+#endif
+}
+
+/*
+** Return the full pathname of the journal file.
+*/
+SQLITE_PRIVATE const char *sqlite3PagerJournalname(Pager *pPager){
+ return pPager->zJournal;
+}
+
+/*
+** Return true if fsync() calls are disabled for this pager. Return FALSE
+** if fsync()s are executed normally.
+*/
+SQLITE_PRIVATE int sqlite3PagerNosync(Pager *pPager){
+ return pPager->noSync;
+}
+
+#ifdef SQLITE_HAS_CODEC
+/*
+** Set or retrieve the codec for this pager
+*/
+SQLITE_PRIVATE void sqlite3PagerSetCodec(
+ Pager *pPager,
+ void *(*xCodec)(void*,void*,Pgno,int),
+ void (*xCodecSizeChng)(void*,int,int),
+ void (*xCodecFree)(void*),
+ void *pCodec
+){
+ if( pPager->xCodecFree ) pPager->xCodecFree(pPager->pCodec);
+ pPager->xCodec = pPager->memDb ? 0 : xCodec;
+ pPager->xCodecSizeChng = xCodecSizeChng;
+ pPager->xCodecFree = xCodecFree;
+ pPager->pCodec = pCodec;
+ pagerReportSize(pPager);
+}
+SQLITE_PRIVATE void *sqlite3PagerGetCodec(Pager *pPager){
+ return pPager->pCodec;
+}
+
+/*
+** This function is called by the wal module when writing page content
+** into the log file.
+**
+** This function returns a pointer to a buffer containing the encrypted
+** page content. If a malloc fails, this function may return NULL.
+*/
+SQLITE_PRIVATE void *sqlite3PagerCodec(PgHdr *pPg){
+ void *aData = 0;
+ CODEC2(pPg->pPager, pPg->pData, pPg->pgno, 6, return 0, aData);
+ return aData;
+}
+
+/*
+** Return the current pager state
+*/
+SQLITE_PRIVATE int sqlite3PagerState(Pager *pPager){
+ return pPager->eState;
+}
+#endif /* SQLITE_HAS_CODEC */
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+/*
+** Move the page pPg to location pgno in the file.
+**
+** There must be no references to the page previously located at
+** pgno (which we call pPgOld) though that page is allowed to be
+** in cache. If the page previously located at pgno is not already
+** in the rollback journal, it is not put there by by this routine.
+**
+** References to the page pPg remain valid. Updating any
+** meta-data associated with pPg (i.e. data stored in the nExtra bytes
+** allocated along with the page) is the responsibility of the caller.
+**
+** A transaction must be active when this routine is called. It used to be
+** required that a statement transaction was not active, but this restriction
+** has been removed (CREATE INDEX needs to move a page when a statement
+** transaction is active).
+**
+** If the fourth argument, isCommit, is non-zero, then this page is being
+** moved as part of a database reorganization just before the transaction
+** is being committed. In this case, it is guaranteed that the database page
+** pPg refers to will not be written to again within this transaction.
+**
+** This function may return SQLITE_NOMEM or an IO error code if an error
+** occurs. Otherwise, it returns SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3PagerMovepage(Pager *pPager, DbPage *pPg, Pgno pgno, int isCommit){
+ PgHdr *pPgOld; /* The page being overwritten. */
+ Pgno needSyncPgno = 0; /* Old value of pPg->pgno, if sync is required */
+ int rc; /* Return code */
+ Pgno origPgno; /* The original page number */
+
+ assert( pPg->nRef>0 );
+ assert( pPager->eState==PAGER_WRITER_CACHEMOD
+ || pPager->eState==PAGER_WRITER_DBMOD
+ );
+ assert( assert_pager_state(pPager) );
+
+ /* In order to be able to rollback, an in-memory database must journal
+ ** the page we are moving from.
+ */
+ if( MEMDB ){
+ rc = sqlite3PagerWrite(pPg);
+ if( rc ) return rc;
+ }
+
+ /* If the page being moved is dirty and has not been saved by the latest
+ ** savepoint, then save the current contents of the page into the
+ ** sub-journal now. This is required to handle the following scenario:
+ **
+ ** BEGIN;
+ ** <journal page X, then modify it in memory>
+ ** SAVEPOINT one;
+ ** <Move page X to location Y>
+ ** ROLLBACK TO one;
+ **
+ ** If page X were not written to the sub-journal here, it would not
+ ** be possible to restore its contents when the "ROLLBACK TO one"
+ ** statement were is processed.
+ **
+ ** subjournalPage() may need to allocate space to store pPg->pgno into
+ ** one or more savepoint bitvecs. This is the reason this function
+ ** may return SQLITE_NOMEM.
+ */
+ if( (pPg->flags & PGHDR_DIRTY)!=0
+ && SQLITE_OK!=(rc = subjournalPageIfRequired(pPg))
+ ){
+ return rc;
+ }
+
+ PAGERTRACE(("MOVE %d page %d (needSync=%d) moves to %d\n",
+ PAGERID(pPager), pPg->pgno, (pPg->flags&PGHDR_NEED_SYNC)?1:0, pgno));
+ IOTRACE(("MOVE %p %d %d\n", pPager, pPg->pgno, pgno))
+
+ /* If the journal needs to be sync()ed before page pPg->pgno can
+ ** be written to, store pPg->pgno in local variable needSyncPgno.
+ **
+ ** If the isCommit flag is set, there is no need to remember that
+ ** the journal needs to be sync()ed before database page pPg->pgno
+ ** can be written to. The caller has already promised not to write to it.
+ */
+ if( (pPg->flags&PGHDR_NEED_SYNC) && !isCommit ){
+ needSyncPgno = pPg->pgno;
+ assert( pPager->journalMode==PAGER_JOURNALMODE_OFF ||
+ pageInJournal(pPager, pPg) || pPg->pgno>pPager->dbOrigSize );
+ assert( pPg->flags&PGHDR_DIRTY );
+ }
+
+ /* If the cache contains a page with page-number pgno, remove it
+ ** from its hash chain. Also, if the PGHDR_NEED_SYNC flag was set for
+ ** page pgno before the 'move' operation, it needs to be retained
+ ** for the page moved there.
+ */
+ pPg->flags &= ~PGHDR_NEED_SYNC;
+ pPgOld = sqlite3PagerLookup(pPager, pgno);
+ assert( !pPgOld || pPgOld->nRef==1 );
+ if( pPgOld ){
+ pPg->flags |= (pPgOld->flags&PGHDR_NEED_SYNC);
+ if( MEMDB ){
+ /* Do not discard pages from an in-memory database since we might
+ ** need to rollback later. Just move the page out of the way. */
+ sqlite3PcacheMove(pPgOld, pPager->dbSize+1);
+ }else{
+ sqlite3PcacheDrop(pPgOld);
+ }
+ }
+
+ origPgno = pPg->pgno;
+ sqlite3PcacheMove(pPg, pgno);
+ sqlite3PcacheMakeDirty(pPg);
+
+ /* For an in-memory database, make sure the original page continues
+ ** to exist, in case the transaction needs to roll back. Use pPgOld
+ ** as the original page since it has already been allocated.
+ */
+ if( MEMDB ){
+ assert( pPgOld );
+ sqlite3PcacheMove(pPgOld, origPgno);
+ sqlite3PagerUnrefNotNull(pPgOld);
+ }
+
+ if( needSyncPgno ){
+ /* If needSyncPgno is non-zero, then the journal file needs to be
+ ** sync()ed before any data is written to database file page needSyncPgno.
+ ** Currently, no such page exists in the page-cache and the
+ ** "is journaled" bitvec flag has been set. This needs to be remedied by
+ ** loading the page into the pager-cache and setting the PGHDR_NEED_SYNC
+ ** flag.
+ **
+ ** If the attempt to load the page into the page-cache fails, (due
+ ** to a malloc() or IO failure), clear the bit in the pInJournal[]
+ ** array. Otherwise, if the page is loaded and written again in
+ ** this transaction, it may be written to the database file before
+ ** it is synced into the journal file. This way, it may end up in
+ ** the journal file twice, but that is not a problem.
+ */
+ PgHdr *pPgHdr;
+ rc = sqlite3PagerGet(pPager, needSyncPgno, &pPgHdr, 0);
+ if( rc!=SQLITE_OK ){
+ if( needSyncPgno<=pPager->dbOrigSize ){
+ assert( pPager->pTmpSpace!=0 );
+ sqlite3BitvecClear(pPager->pInJournal, needSyncPgno, pPager->pTmpSpace);
+ }
+ return rc;
+ }
+ pPgHdr->flags |= PGHDR_NEED_SYNC;
+ sqlite3PcacheMakeDirty(pPgHdr);
+ sqlite3PagerUnrefNotNull(pPgHdr);
+ }
+
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** The page handle passed as the first argument refers to a dirty page
+** with a page number other than iNew. This function changes the page's
+** page number to iNew and sets the value of the PgHdr.flags field to
+** the value passed as the third parameter.
+*/
+SQLITE_PRIVATE void sqlite3PagerRekey(DbPage *pPg, Pgno iNew, u16 flags){
+ assert( pPg->pgno!=iNew );
+ pPg->flags = flags;
+ sqlite3PcacheMove(pPg, iNew);
+}
+
+/*
+** Return a pointer to the data for the specified page.
+*/
+SQLITE_PRIVATE void *sqlite3PagerGetData(DbPage *pPg){
+ assert( pPg->nRef>0 || pPg->pPager->memDb );
+ return pPg->pData;
+}
+
+/*
+** Return a pointer to the Pager.nExtra bytes of "extra" space
+** allocated along with the specified page.
+*/
+SQLITE_PRIVATE void *sqlite3PagerGetExtra(DbPage *pPg){
+ return pPg->pExtra;
+}
+
+/*
+** Get/set the locking-mode for this pager. Parameter eMode must be one
+** of PAGER_LOCKINGMODE_QUERY, PAGER_LOCKINGMODE_NORMAL or
+** PAGER_LOCKINGMODE_EXCLUSIVE. If the parameter is not _QUERY, then
+** the locking-mode is set to the value specified.
+**
+** The returned value is either PAGER_LOCKINGMODE_NORMAL or
+** PAGER_LOCKINGMODE_EXCLUSIVE, indicating the current (possibly updated)
+** locking-mode.
+*/
+SQLITE_PRIVATE int sqlite3PagerLockingMode(Pager *pPager, int eMode){
+ assert( eMode==PAGER_LOCKINGMODE_QUERY
+ || eMode==PAGER_LOCKINGMODE_NORMAL
+ || eMode==PAGER_LOCKINGMODE_EXCLUSIVE );
+ assert( PAGER_LOCKINGMODE_QUERY<0 );
+ assert( PAGER_LOCKINGMODE_NORMAL>=0 && PAGER_LOCKINGMODE_EXCLUSIVE>=0 );
+ assert( pPager->exclusiveMode || 0==sqlite3WalHeapMemory(pPager->pWal) );
+ if( eMode>=0 && !pPager->tempFile && !sqlite3WalHeapMemory(pPager->pWal) ){
+ pPager->exclusiveMode = (u8)eMode;
+ }
+ return (int)pPager->exclusiveMode;
+}
+
+/*
+** Set the journal-mode for this pager. Parameter eMode must be one of:
+**
+** PAGER_JOURNALMODE_DELETE
+** PAGER_JOURNALMODE_TRUNCATE
+** PAGER_JOURNALMODE_PERSIST
+** PAGER_JOURNALMODE_OFF
+** PAGER_JOURNALMODE_MEMORY
+** PAGER_JOURNALMODE_WAL
+**
+** The journalmode is set to the value specified if the change is allowed.
+** The change may be disallowed for the following reasons:
+**
+** * An in-memory database can only have its journal_mode set to _OFF
+** or _MEMORY.
+**
+** * Temporary databases cannot have _WAL journalmode.
+**
+** The returned indicate the current (possibly updated) journal-mode.
+*/
+SQLITE_PRIVATE int sqlite3PagerSetJournalMode(Pager *pPager, int eMode){
+ u8 eOld = pPager->journalMode; /* Prior journalmode */
+
+#ifdef SQLITE_DEBUG
+ /* The print_pager_state() routine is intended to be used by the debugger
+ ** only. We invoke it once here to suppress a compiler warning. */
+ print_pager_state(pPager);
+#endif
+
+
+ /* The eMode parameter is always valid */
+ assert( eMode==PAGER_JOURNALMODE_DELETE
+ || eMode==PAGER_JOURNALMODE_TRUNCATE
+ || eMode==PAGER_JOURNALMODE_PERSIST
+ || eMode==PAGER_JOURNALMODE_OFF
+ || eMode==PAGER_JOURNALMODE_WAL
+ || eMode==PAGER_JOURNALMODE_MEMORY );
+
+ /* This routine is only called from the OP_JournalMode opcode, and
+ ** the logic there will never allow a temporary file to be changed
+ ** to WAL mode.
+ */
+ assert( pPager->tempFile==0 || eMode!=PAGER_JOURNALMODE_WAL );
+
+ /* Do allow the journalmode of an in-memory database to be set to
+ ** anything other than MEMORY or OFF
+ */
+ if( MEMDB ){
+ assert( eOld==PAGER_JOURNALMODE_MEMORY || eOld==PAGER_JOURNALMODE_OFF );
+ if( eMode!=PAGER_JOURNALMODE_MEMORY && eMode!=PAGER_JOURNALMODE_OFF ){
+ eMode = eOld;
+ }
+ }
+
+ if( eMode!=eOld ){
+
+ /* Change the journal mode. */
+ assert( pPager->eState!=PAGER_ERROR );
+ pPager->journalMode = (u8)eMode;
+
+ /* When transistioning from TRUNCATE or PERSIST to any other journal
+ ** mode except WAL, unless the pager is in locking_mode=exclusive mode,
+ ** delete the journal file.
+ */
+ assert( (PAGER_JOURNALMODE_TRUNCATE & 5)==1 );
+ assert( (PAGER_JOURNALMODE_PERSIST & 5)==1 );
+ assert( (PAGER_JOURNALMODE_DELETE & 5)==0 );
+ assert( (PAGER_JOURNALMODE_MEMORY & 5)==4 );
+ assert( (PAGER_JOURNALMODE_OFF & 5)==0 );
+ assert( (PAGER_JOURNALMODE_WAL & 5)==5 );
+
+ assert( isOpen(pPager->fd) || pPager->exclusiveMode );
+ if( !pPager->exclusiveMode && (eOld & 5)==1 && (eMode & 1)==0 ){
+
+ /* In this case we would like to delete the journal file. If it is
+ ** not possible, then that is not a problem. Deleting the journal file
+ ** here is an optimization only.
+ **
+ ** Before deleting the journal file, obtain a RESERVED lock on the
+ ** database file. This ensures that the journal file is not deleted
+ ** while it is in use by some other client.
+ */
+ sqlite3OsClose(pPager->jfd);
+ if( pPager->eLock>=RESERVED_LOCK ){
+ sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0);
+ }else{
+ int rc = SQLITE_OK;
+ int state = pPager->eState;
+ assert( state==PAGER_OPEN || state==PAGER_READER );
+ if( state==PAGER_OPEN ){
+ rc = sqlite3PagerSharedLock(pPager);
+ }
+ if( pPager->eState==PAGER_READER ){
+ assert( rc==SQLITE_OK );
+ rc = pagerLockDb(pPager, RESERVED_LOCK);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0);
+ }
+ if( rc==SQLITE_OK && state==PAGER_READER ){
+ pagerUnlockDb(pPager, SHARED_LOCK);
+ }else if( state==PAGER_OPEN ){
+ pager_unlock(pPager);
+ }
+ assert( state==pPager->eState );
+ }
+ }else if( eMode==PAGER_JOURNALMODE_OFF ){
+ sqlite3OsClose(pPager->jfd);
+ }
+ }
+
+ /* Return the new journal mode */
+ return (int)pPager->journalMode;
+}
+
+/*
+** Return the current journal mode.
+*/
+SQLITE_PRIVATE int sqlite3PagerGetJournalMode(Pager *pPager){
+ return (int)pPager->journalMode;
+}
+
+/*
+** Return TRUE if the pager is in a state where it is OK to change the
+** journalmode. Journalmode changes can only happen when the database
+** is unmodified.
+*/
+SQLITE_PRIVATE int sqlite3PagerOkToChangeJournalMode(Pager *pPager){
+ assert( assert_pager_state(pPager) );
+ if( pPager->eState>=PAGER_WRITER_CACHEMOD ) return 0;
+ if( NEVER(isOpen(pPager->jfd) && pPager->journalOff>0) ) return 0;
+ return 1;
+}
+
+/*
+** Get/set the size-limit used for persistent journal files.
+**
+** Setting the size limit to -1 means no limit is enforced.
+** An attempt to set a limit smaller than -1 is a no-op.
+*/
+SQLITE_PRIVATE i64 sqlite3PagerJournalSizeLimit(Pager *pPager, i64 iLimit){
+ if( iLimit>=-1 ){
+ pPager->journalSizeLimit = iLimit;
+ sqlite3WalLimit(pPager->pWal, iLimit);
+ }
+ return pPager->journalSizeLimit;
+}
+
+/*
+** Return a pointer to the pPager->pBackup variable. The backup module
+** in backup.c maintains the content of this variable. This module
+** uses it opaquely as an argument to sqlite3BackupRestart() and
+** sqlite3BackupUpdate() only.
+*/
+SQLITE_PRIVATE sqlite3_backup **sqlite3PagerBackupPtr(Pager *pPager){
+ return &pPager->pBackup;
+}
+
+#ifndef SQLITE_OMIT_VACUUM
+/*
+** Unless this is an in-memory or temporary database, clear the pager cache.
+*/
+SQLITE_PRIVATE void sqlite3PagerClearCache(Pager *pPager){
+ if( !MEMDB && pPager->tempFile==0 ) pager_reset(pPager);
+}
+#endif
+
+#ifndef SQLITE_OMIT_WAL
+/*
+** This function is called when the user invokes "PRAGMA wal_checkpoint",
+** "PRAGMA wal_blocking_checkpoint" or calls the sqlite3_wal_checkpoint()
+** or wal_blocking_checkpoint() API functions.
+**
+** Parameter eMode is one of SQLITE_CHECKPOINT_PASSIVE, FULL or RESTART.
+*/
+SQLITE_PRIVATE int sqlite3PagerCheckpoint(Pager *pPager, int eMode, int *pnLog, int *pnCkpt){
+ int rc = SQLITE_OK;
+ if( pPager->pWal ){
+ rc = sqlite3WalCheckpoint(pPager->pWal, eMode,
+ (eMode==SQLITE_CHECKPOINT_PASSIVE ? 0 : pPager->xBusyHandler),
+ pPager->pBusyHandlerArg,
+ pPager->ckptSyncFlags, pPager->pageSize, (u8 *)pPager->pTmpSpace,
+ pnLog, pnCkpt
+ );
+ }
+ return rc;
+}
+
+SQLITE_PRIVATE int sqlite3PagerWalCallback(Pager *pPager){
+ return sqlite3WalCallback(pPager->pWal);
+}
+
+/*
+** Return true if the underlying VFS for the given pager supports the
+** primitives necessary for write-ahead logging.
+*/
+SQLITE_PRIVATE int sqlite3PagerWalSupported(Pager *pPager){
+ const sqlite3_io_methods *pMethods = pPager->fd->pMethods;
+ return pPager->exclusiveMode || (pMethods->iVersion>=2 && pMethods->xShmMap);
+}
+
+/*
+** Attempt to take an exclusive lock on the database file. If a PENDING lock
+** is obtained instead, immediately release it.
+*/
+static int pagerExclusiveLock(Pager *pPager){
+ int rc; /* Return code */
+
+ assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK );
+ rc = pagerLockDb(pPager, EXCLUSIVE_LOCK);
+ if( rc!=SQLITE_OK ){
+ /* If the attempt to grab the exclusive lock failed, release the
+ ** pending lock that may have been obtained instead. */
+ pagerUnlockDb(pPager, SHARED_LOCK);
+ }
+
+ return rc;
+}
+
+/*
+** Call sqlite3WalOpen() to open the WAL handle. If the pager is in
+** exclusive-locking mode when this function is called, take an EXCLUSIVE
+** lock on the database file and use heap-memory to store the wal-index
+** in. Otherwise, use the normal shared-memory.
+*/
+static int pagerOpenWal(Pager *pPager){
+ int rc = SQLITE_OK;
+
+ assert( pPager->pWal==0 && pPager->tempFile==0 );
+ assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK );
+
+ /* If the pager is already in exclusive-mode, the WAL module will use
+ ** heap-memory for the wal-index instead of the VFS shared-memory
+ ** implementation. Take the exclusive lock now, before opening the WAL
+ ** file, to make sure this is safe.
+ */
+ if( pPager->exclusiveMode ){
+ rc = pagerExclusiveLock(pPager);
+ }
+
+ /* Open the connection to the log file. If this operation fails,
+ ** (e.g. due to malloc() failure), return an error code.
+ */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3WalOpen(pPager->pVfs,
+ pPager->fd, pPager->zWal, pPager->exclusiveMode,
+ pPager->journalSizeLimit, &pPager->pWal
+ );
+ }
+ pagerFixMaplimit(pPager);
+
+ return rc;
+}
+
+
+/*
+** The caller must be holding a SHARED lock on the database file to call
+** this function.
+**
+** If the pager passed as the first argument is open on a real database
+** file (not a temp file or an in-memory database), and the WAL file
+** is not already open, make an attempt to open it now. If successful,
+** return SQLITE_OK. If an error occurs or the VFS used by the pager does
+** not support the xShmXXX() methods, return an error code. *pbOpen is
+** not modified in either case.
+**
+** If the pager is open on a temp-file (or in-memory database), or if
+** the WAL file is already open, set *pbOpen to 1 and return SQLITE_OK
+** without doing anything.
+*/
+SQLITE_PRIVATE int sqlite3PagerOpenWal(
+ Pager *pPager, /* Pager object */
+ int *pbOpen /* OUT: Set to true if call is a no-op */
+){
+ int rc = SQLITE_OK; /* Return code */
+
+ assert( assert_pager_state(pPager) );
+ assert( pPager->eState==PAGER_OPEN || pbOpen );
+ assert( pPager->eState==PAGER_READER || !pbOpen );
+ assert( pbOpen==0 || *pbOpen==0 );
+ assert( pbOpen!=0 || (!pPager->tempFile && !pPager->pWal) );
+
+ if( !pPager->tempFile && !pPager->pWal ){
+ if( !sqlite3PagerWalSupported(pPager) ) return SQLITE_CANTOPEN;
+
+ /* Close any rollback journal previously open */
+ sqlite3OsClose(pPager->jfd);
+
+ rc = pagerOpenWal(pPager);
+ if( rc==SQLITE_OK ){
+ pPager->journalMode = PAGER_JOURNALMODE_WAL;
+ pPager->eState = PAGER_OPEN;
+ }
+ }else{
+ *pbOpen = 1;
+ }
+
+ return rc;
+}
+
+/*
+** This function is called to close the connection to the log file prior
+** to switching from WAL to rollback mode.
+**
+** Before closing the log file, this function attempts to take an
+** EXCLUSIVE lock on the database file. If this cannot be obtained, an
+** error (SQLITE_BUSY) is returned and the log connection is not closed.
+** If successful, the EXCLUSIVE lock is not released before returning.
+*/
+SQLITE_PRIVATE int sqlite3PagerCloseWal(Pager *pPager){
+ int rc = SQLITE_OK;
+
+ assert( pPager->journalMode==PAGER_JOURNALMODE_WAL );
+
+ /* If the log file is not already open, but does exist in the file-system,
+ ** it may need to be checkpointed before the connection can switch to
+ ** rollback mode. Open it now so this can happen.
+ */
+ if( !pPager->pWal ){
+ int logexists = 0;
+ rc = pagerLockDb(pPager, SHARED_LOCK);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3OsAccess(
+ pPager->pVfs, pPager->zWal, SQLITE_ACCESS_EXISTS, &logexists
+ );
+ }
+ if( rc==SQLITE_OK && logexists ){
+ rc = pagerOpenWal(pPager);
+ }
+ }
+
+ /* Checkpoint and close the log. Because an EXCLUSIVE lock is held on
+ ** the database file, the log and log-summary files will be deleted.
+ */
+ if( rc==SQLITE_OK && pPager->pWal ){
+ rc = pagerExclusiveLock(pPager);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3WalClose(pPager->pWal, pPager->ckptSyncFlags,
+ pPager->pageSize, (u8*)pPager->pTmpSpace);
+ pPager->pWal = 0;
+ pagerFixMaplimit(pPager);
+ }
+ }
+ return rc;
+}
+
+#ifdef SQLITE_ENABLE_SNAPSHOT
+/*
+** If this is a WAL database, obtain a snapshot handle for the snapshot
+** currently open. Otherwise, return an error.
+*/
+SQLITE_PRIVATE int sqlite3PagerSnapshotGet(Pager *pPager, sqlite3_snapshot **ppSnapshot){
+ int rc = SQLITE_ERROR;
+ if( pPager->pWal ){
+ rc = sqlite3WalSnapshotGet(pPager->pWal, ppSnapshot);
+ }
+ return rc;
+}
+
+/*
+** If this is a WAL database, store a pointer to pSnapshot. Next time a
+** read transaction is opened, attempt to read from the snapshot it
+** identifies. If this is not a WAL database, return an error.
+*/
+SQLITE_PRIVATE int sqlite3PagerSnapshotOpen(Pager *pPager, sqlite3_snapshot *pSnapshot){
+ int rc = SQLITE_OK;
+ if( pPager->pWal ){
+ sqlite3WalSnapshotOpen(pPager->pWal, pSnapshot);
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ return rc;
+}
+#endif /* SQLITE_ENABLE_SNAPSHOT */
+#endif /* !SQLITE_OMIT_WAL */
+
+#ifdef SQLITE_ENABLE_ZIPVFS
+/*
+** A read-lock must be held on the pager when this function is called. If
+** the pager is in WAL mode and the WAL file currently contains one or more
+** frames, return the size in bytes of the page images stored within the
+** WAL frames. Otherwise, if this is not a WAL database or the WAL file
+** is empty, return 0.
+*/
+SQLITE_PRIVATE int sqlite3PagerWalFramesize(Pager *pPager){
+ assert( pPager->eState>=PAGER_READER );
+ return sqlite3WalFramesize(pPager->pWal);
+}
+#endif
+
+
+#endif /* SQLITE_OMIT_DISKIO */
+
+/************** End of pager.c ***********************************************/
+/************** Begin file wal.c *********************************************/
+/*
+** 2010 February 1
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains the implementation of a write-ahead log (WAL) used in
+** "journal_mode=WAL" mode.
+**
+** WRITE-AHEAD LOG (WAL) FILE FORMAT
+**
+** A WAL file consists of a header followed by zero or more "frames".
+** Each frame records the revised content of a single page from the
+** database file. All changes to the database are recorded by writing
+** frames into the WAL. Transactions commit when a frame is written that
+** contains a commit marker. A single WAL can and usually does record
+** multiple transactions. Periodically, the content of the WAL is
+** transferred back into the database file in an operation called a
+** "checkpoint".
+**
+** A single WAL file can be used multiple times. In other words, the
+** WAL can fill up with frames and then be checkpointed and then new
+** frames can overwrite the old ones. A WAL always grows from beginning
+** toward the end. Checksums and counters attached to each frame are
+** used to determine which frames within the WAL are valid and which
+** are leftovers from prior checkpoints.
+**
+** The WAL header is 32 bytes in size and consists of the following eight
+** big-endian 32-bit unsigned integer values:
+**
+** 0: Magic number. 0x377f0682 or 0x377f0683
+** 4: File format version. Currently 3007000
+** 8: Database page size. Example: 1024
+** 12: Checkpoint sequence number
+** 16: Salt-1, random integer incremented with each checkpoint
+** 20: Salt-2, a different random integer changing with each ckpt
+** 24: Checksum-1 (first part of checksum for first 24 bytes of header).
+** 28: Checksum-2 (second part of checksum for first 24 bytes of header).
+**
+** Immediately following the wal-header are zero or more frames. Each
+** frame consists of a 24-byte frame-header followed by a <page-size> bytes
+** of page data. The frame-header is six big-endian 32-bit unsigned
+** integer values, as follows:
+**
+** 0: Page number.
+** 4: For commit records, the size of the database image in pages
+** after the commit. For all other records, zero.
+** 8: Salt-1 (copied from the header)
+** 12: Salt-2 (copied from the header)
+** 16: Checksum-1.
+** 20: Checksum-2.
+**
+** A frame is considered valid if and only if the following conditions are
+** true:
+**
+** (1) The salt-1 and salt-2 values in the frame-header match
+** salt values in the wal-header
+**
+** (2) The checksum values in the final 8 bytes of the frame-header
+** exactly match the checksum computed consecutively on the
+** WAL header and the first 8 bytes and the content of all frames
+** up to and including the current frame.
+**
+** The checksum is computed using 32-bit big-endian integers if the
+** magic number in the first 4 bytes of the WAL is 0x377f0683 and it
+** is computed using little-endian if the magic number is 0x377f0682.
+** The checksum values are always stored in the frame header in a
+** big-endian format regardless of which byte order is used to compute
+** the checksum. The checksum is computed by interpreting the input as
+** an even number of unsigned 32-bit integers: x[0] through x[N]. The
+** algorithm used for the checksum is as follows:
+**
+** for i from 0 to n-1 step 2:
+** s0 += x[i] + s1;
+** s1 += x[i+1] + s0;
+** endfor
+**
+** Note that s0 and s1 are both weighted checksums using fibonacci weights
+** in reverse order (the largest fibonacci weight occurs on the first element
+** of the sequence being summed.) The s1 value spans all 32-bit
+** terms of the sequence whereas s0 omits the final term.
+**
+** On a checkpoint, the WAL is first VFS.xSync-ed, then valid content of the
+** WAL is transferred into the database, then the database is VFS.xSync-ed.
+** The VFS.xSync operations serve as write barriers - all writes launched
+** before the xSync must complete before any write that launches after the
+** xSync begins.
+**
+** After each checkpoint, the salt-1 value is incremented and the salt-2
+** value is randomized. This prevents old and new frames in the WAL from
+** being considered valid at the same time and being checkpointing together
+** following a crash.
+**
+** READER ALGORITHM
+**
+** To read a page from the database (call it page number P), a reader
+** first checks the WAL to see if it contains page P. If so, then the
+** last valid instance of page P that is a followed by a commit frame
+** or is a commit frame itself becomes the value read. If the WAL
+** contains no copies of page P that are valid and which are a commit
+** frame or are followed by a commit frame, then page P is read from
+** the database file.
+**
+** To start a read transaction, the reader records the index of the last
+** valid frame in the WAL. The reader uses this recorded "mxFrame" value
+** for all subsequent read operations. New transactions can be appended
+** to the WAL, but as long as the reader uses its original mxFrame value
+** and ignores the newly appended content, it will see a consistent snapshot
+** of the database from a single point in time. This technique allows
+** multiple concurrent readers to view different versions of the database
+** content simultaneously.
+**
+** The reader algorithm in the previous paragraphs works correctly, but
+** because frames for page P can appear anywhere within the WAL, the
+** reader has to scan the entire WAL looking for page P frames. If the
+** WAL is large (multiple megabytes is typical) that scan can be slow,
+** and read performance suffers. To overcome this problem, a separate
+** data structure called the wal-index is maintained to expedite the
+** search for frames of a particular page.
+**
+** WAL-INDEX FORMAT
+**
+** Conceptually, the wal-index is shared memory, though VFS implementations
+** might choose to implement the wal-index using a mmapped file. Because
+** the wal-index is shared memory, SQLite does not support journal_mode=WAL
+** on a network filesystem. All users of the database must be able to
+** share memory.
+**
+** The wal-index is transient. After a crash, the wal-index can (and should
+** be) reconstructed from the original WAL file. In fact, the VFS is required
+** to either truncate or zero the header of the wal-index when the last
+** connection to it closes. Because the wal-index is transient, it can
+** use an architecture-specific format; it does not have to be cross-platform.
+** Hence, unlike the database and WAL file formats which store all values
+** as big endian, the wal-index can store multi-byte values in the native
+** byte order of the host computer.
+**
+** The purpose of the wal-index is to answer this question quickly: Given
+** a page number P and a maximum frame index M, return the index of the
+** last frame in the wal before frame M for page P in the WAL, or return
+** NULL if there are no frames for page P in the WAL prior to M.
+**
+** The wal-index consists of a header region, followed by an one or
+** more index blocks.
+**
+** The wal-index header contains the total number of frames within the WAL
+** in the mxFrame field.
+**
+** Each index block except for the first contains information on
+** HASHTABLE_NPAGE frames. The first index block contains information on
+** HASHTABLE_NPAGE_ONE frames. The values of HASHTABLE_NPAGE_ONE and
+** HASHTABLE_NPAGE are selected so that together the wal-index header and
+** first index block are the same size as all other index blocks in the
+** wal-index.
+**
+** Each index block contains two sections, a page-mapping that contains the
+** database page number associated with each wal frame, and a hash-table
+** that allows readers to query an index block for a specific page number.
+** The page-mapping is an array of HASHTABLE_NPAGE (or HASHTABLE_NPAGE_ONE
+** for the first index block) 32-bit page numbers. The first entry in the
+** first index-block contains the database page number corresponding to the
+** first frame in the WAL file. The first entry in the second index block
+** in the WAL file corresponds to the (HASHTABLE_NPAGE_ONE+1)th frame in
+** the log, and so on.
+**
+** The last index block in a wal-index usually contains less than the full
+** complement of HASHTABLE_NPAGE (or HASHTABLE_NPAGE_ONE) page-numbers,
+** depending on the contents of the WAL file. This does not change the
+** allocated size of the page-mapping array - the page-mapping array merely
+** contains unused entries.
+**
+** Even without using the hash table, the last frame for page P
+** can be found by scanning the page-mapping sections of each index block
+** starting with the last index block and moving toward the first, and
+** within each index block, starting at the end and moving toward the
+** beginning. The first entry that equals P corresponds to the frame
+** holding the content for that page.
+**
+** The hash table consists of HASHTABLE_NSLOT 16-bit unsigned integers.
+** HASHTABLE_NSLOT = 2*HASHTABLE_NPAGE, and there is one entry in the
+** hash table for each page number in the mapping section, so the hash
+** table is never more than half full. The expected number of collisions
+** prior to finding a match is 1. Each entry of the hash table is an
+** 1-based index of an entry in the mapping section of the same
+** index block. Let K be the 1-based index of the largest entry in
+** the mapping section. (For index blocks other than the last, K will
+** always be exactly HASHTABLE_NPAGE (4096) and for the last index block
+** K will be (mxFrame%HASHTABLE_NPAGE).) Unused slots of the hash table
+** contain a value of 0.
+**
+** To look for page P in the hash table, first compute a hash iKey on
+** P as follows:
+**
+** iKey = (P * 383) % HASHTABLE_NSLOT
+**
+** Then start scanning entries of the hash table, starting with iKey
+** (wrapping around to the beginning when the end of the hash table is
+** reached) until an unused hash slot is found. Let the first unused slot
+** be at index iUnused. (iUnused might be less than iKey if there was
+** wrap-around.) Because the hash table is never more than half full,
+** the search is guaranteed to eventually hit an unused entry. Let
+** iMax be the value between iKey and iUnused, closest to iUnused,
+** where aHash[iMax]==P. If there is no iMax entry (if there exists
+** no hash slot such that aHash[i]==p) then page P is not in the
+** current index block. Otherwise the iMax-th mapping entry of the
+** current index block corresponds to the last entry that references
+** page P.
+**
+** A hash search begins with the last index block and moves toward the
+** first index block, looking for entries corresponding to page P. On
+** average, only two or three slots in each index block need to be
+** examined in order to either find the last entry for page P, or to
+** establish that no such entry exists in the block. Each index block
+** holds over 4000 entries. So two or three index blocks are sufficient
+** to cover a typical 10 megabyte WAL file, assuming 1K pages. 8 or 10
+** comparisons (on average) suffice to either locate a frame in the
+** WAL or to establish that the frame does not exist in the WAL. This
+** is much faster than scanning the entire 10MB WAL.
+**
+** Note that entries are added in order of increasing K. Hence, one
+** reader might be using some value K0 and a second reader that started
+** at a later time (after additional transactions were added to the WAL
+** and to the wal-index) might be using a different value K1, where K1>K0.
+** Both readers can use the same hash table and mapping section to get
+** the correct result. There may be entries in the hash table with
+** K>K0 but to the first reader, those entries will appear to be unused
+** slots in the hash table and so the first reader will get an answer as
+** if no values greater than K0 had ever been inserted into the hash table
+** in the first place - which is what reader one wants. Meanwhile, the
+** second reader using K1 will see additional values that were inserted
+** later, which is exactly what reader two wants.
+**
+** When a rollback occurs, the value of K is decreased. Hash table entries
+** that correspond to frames greater than the new K value are removed
+** from the hash table at this point.
+*/
+#ifndef SQLITE_OMIT_WAL
+
+/* #include "wal.h" */
+
+/*
+** Trace output macros
+*/
+#if defined(SQLITE_TEST) && defined(SQLITE_DEBUG)
+SQLITE_PRIVATE int sqlite3WalTrace = 0;
+# define WALTRACE(X) if(sqlite3WalTrace) sqlite3DebugPrintf X
+#else
+# define WALTRACE(X)
+#endif
+
+/*
+** The maximum (and only) versions of the wal and wal-index formats
+** that may be interpreted by this version of SQLite.
+**
+** If a client begins recovering a WAL file and finds that (a) the checksum
+** values in the wal-header are correct and (b) the version field is not
+** WAL_MAX_VERSION, recovery fails and SQLite returns SQLITE_CANTOPEN.
+**
+** Similarly, if a client successfully reads a wal-index header (i.e. the
+** checksum test is successful) and finds that the version field is not
+** WALINDEX_MAX_VERSION, then no read-transaction is opened and SQLite
+** returns SQLITE_CANTOPEN.
+*/
+#define WAL_MAX_VERSION 3007000
+#define WALINDEX_MAX_VERSION 3007000
+
+/*
+** Indices of various locking bytes. WAL_NREADER is the number
+** of available reader locks and should be at least 3. The default
+** is SQLITE_SHM_NLOCK==8 and WAL_NREADER==5.
+*/
+#define WAL_WRITE_LOCK 0
+#define WAL_ALL_BUT_WRITE 1
+#define WAL_CKPT_LOCK 1
+#define WAL_RECOVER_LOCK 2
+#define WAL_READ_LOCK(I) (3+(I))
+#define WAL_NREADER (SQLITE_SHM_NLOCK-3)
+
+
+/* Object declarations */
+typedef struct WalIndexHdr WalIndexHdr;
+typedef struct WalIterator WalIterator;
+typedef struct WalCkptInfo WalCkptInfo;
+
+
+/*
+** The following object holds a copy of the wal-index header content.
+**
+** The actual header in the wal-index consists of two copies of this
+** object followed by one instance of the WalCkptInfo object.
+** For all versions of SQLite through 3.10.0 and probably beyond,
+** the locking bytes (WalCkptInfo.aLock) start at offset 120 and
+** the total header size is 136 bytes.
+**
+** The szPage value can be any power of 2 between 512 and 32768, inclusive.
+** Or it can be 1 to represent a 65536-byte page. The latter case was
+** added in 3.7.1 when support for 64K pages was added.
+*/
+struct WalIndexHdr {
+ u32 iVersion; /* Wal-index version */
+ u32 unused; /* Unused (padding) field */
+ u32 iChange; /* Counter incremented each transaction */
+ u8 isInit; /* 1 when initialized */
+ u8 bigEndCksum; /* True if checksums in WAL are big-endian */
+ u16 szPage; /* Database page size in bytes. 1==64K */
+ u32 mxFrame; /* Index of last valid frame in the WAL */
+ u32 nPage; /* Size of database in pages */
+ u32 aFrameCksum[2]; /* Checksum of last frame in log */
+ u32 aSalt[2]; /* Two salt values copied from WAL header */
+ u32 aCksum[2]; /* Checksum over all prior fields */
+};
+
+/*
+** A copy of the following object occurs in the wal-index immediately
+** following the second copy of the WalIndexHdr. This object stores
+** information used by checkpoint.
+**
+** nBackfill is the number of frames in the WAL that have been written
+** back into the database. (We call the act of moving content from WAL to
+** database "backfilling".) The nBackfill number is never greater than
+** WalIndexHdr.mxFrame. nBackfill can only be increased by threads
+** holding the WAL_CKPT_LOCK lock (which includes a recovery thread).
+** However, a WAL_WRITE_LOCK thread can move the value of nBackfill from
+** mxFrame back to zero when the WAL is reset.
+**
+** nBackfillAttempted is the largest value of nBackfill that a checkpoint
+** has attempted to achieve. Normally nBackfill==nBackfillAtempted, however
+** the nBackfillAttempted is set before any backfilling is done and the
+** nBackfill is only set after all backfilling completes. So if a checkpoint
+** crashes, nBackfillAttempted might be larger than nBackfill. The
+** WalIndexHdr.mxFrame must never be less than nBackfillAttempted.
+**
+** The aLock[] field is a set of bytes used for locking. These bytes should
+** never be read or written.
+**
+** There is one entry in aReadMark[] for each reader lock. If a reader
+** holds read-lock K, then the value in aReadMark[K] is no greater than
+** the mxFrame for that reader. The value READMARK_NOT_USED (0xffffffff)
+** for any aReadMark[] means that entry is unused. aReadMark[0] is
+** a special case; its value is never used and it exists as a place-holder
+** to avoid having to offset aReadMark[] indexs by one. Readers holding
+** WAL_READ_LOCK(0) always ignore the entire WAL and read all content
+** directly from the database.
+**
+** The value of aReadMark[K] may only be changed by a thread that
+** is holding an exclusive lock on WAL_READ_LOCK(K). Thus, the value of
+** aReadMark[K] cannot changed while there is a reader is using that mark
+** since the reader will be holding a shared lock on WAL_READ_LOCK(K).
+**
+** The checkpointer may only transfer frames from WAL to database where
+** the frame numbers are less than or equal to every aReadMark[] that is
+** in use (that is, every aReadMark[j] for which there is a corresponding
+** WAL_READ_LOCK(j)). New readers (usually) pick the aReadMark[] with the
+** largest value and will increase an unused aReadMark[] to mxFrame if there
+** is not already an aReadMark[] equal to mxFrame. The exception to the
+** previous sentence is when nBackfill equals mxFrame (meaning that everything
+** in the WAL has been backfilled into the database) then new readers
+** will choose aReadMark[0] which has value 0 and hence such reader will
+** get all their all content directly from the database file and ignore
+** the WAL.
+**
+** Writers normally append new frames to the end of the WAL. However,
+** if nBackfill equals mxFrame (meaning that all WAL content has been
+** written back into the database) and if no readers are using the WAL
+** (in other words, if there are no WAL_READ_LOCK(i) where i>0) then
+** the writer will first "reset" the WAL back to the beginning and start
+** writing new content beginning at frame 1.
+**
+** We assume that 32-bit loads are atomic and so no locks are needed in
+** order to read from any aReadMark[] entries.
+*/
+struct WalCkptInfo {
+ u32 nBackfill; /* Number of WAL frames backfilled into DB */
+ u32 aReadMark[WAL_NREADER]; /* Reader marks */
+ u8 aLock[SQLITE_SHM_NLOCK]; /* Reserved space for locks */
+ u32 nBackfillAttempted; /* WAL frames perhaps written, or maybe not */
+ u32 notUsed0; /* Available for future enhancements */
+};
+#define READMARK_NOT_USED 0xffffffff
+
+
+/* A block of WALINDEX_LOCK_RESERVED bytes beginning at
+** WALINDEX_LOCK_OFFSET is reserved for locks. Since some systems
+** only support mandatory file-locks, we do not read or write data
+** from the region of the file on which locks are applied.
+*/
+#define WALINDEX_LOCK_OFFSET (sizeof(WalIndexHdr)*2+offsetof(WalCkptInfo,aLock))
+#define WALINDEX_HDR_SIZE (sizeof(WalIndexHdr)*2+sizeof(WalCkptInfo))
+
+/* Size of header before each frame in wal */
+#define WAL_FRAME_HDRSIZE 24
+
+/* Size of write ahead log header, including checksum. */
+/* #define WAL_HDRSIZE 24 */
+#define WAL_HDRSIZE 32
+
+/* WAL magic value. Either this value, or the same value with the least
+** significant bit also set (WAL_MAGIC | 0x00000001) is stored in 32-bit
+** big-endian format in the first 4 bytes of a WAL file.
+**
+** If the LSB is set, then the checksums for each frame within the WAL
+** file are calculated by treating all data as an array of 32-bit
+** big-endian words. Otherwise, they are calculated by interpreting
+** all data as 32-bit little-endian words.
+*/
+#define WAL_MAGIC 0x377f0682
+
+/*
+** Return the offset of frame iFrame in the write-ahead log file,
+** assuming a database page size of szPage bytes. The offset returned
+** is to the start of the write-ahead log frame-header.
+*/
+#define walFrameOffset(iFrame, szPage) ( \
+ WAL_HDRSIZE + ((iFrame)-1)*(i64)((szPage)+WAL_FRAME_HDRSIZE) \
+)
+
+/*
+** An open write-ahead log file is represented by an instance of the
+** following object.
+*/
+struct Wal {
+ sqlite3_vfs *pVfs; /* The VFS used to create pDbFd */
+ sqlite3_file *pDbFd; /* File handle for the database file */
+ sqlite3_file *pWalFd; /* File handle for WAL file */
+ u32 iCallback; /* Value to pass to log callback (or 0) */
+ i64 mxWalSize; /* Truncate WAL to this size upon reset */
+ int nWiData; /* Size of array apWiData */
+ int szFirstBlock; /* Size of first block written to WAL file */
+ volatile u32 **apWiData; /* Pointer to wal-index content in memory */
+ u32 szPage; /* Database page size */
+ i16 readLock; /* Which read lock is being held. -1 for none */
+ u8 syncFlags; /* Flags to use to sync header writes */
+ u8 exclusiveMode; /* Non-zero if connection is in exclusive mode */
+ u8 writeLock; /* True if in a write transaction */
+ u8 ckptLock; /* True if holding a checkpoint lock */
+ u8 readOnly; /* WAL_RDWR, WAL_RDONLY, or WAL_SHM_RDONLY */
+ u8 truncateOnCommit; /* True to truncate WAL file on commit */
+ u8 syncHeader; /* Fsync the WAL header if true */
+ u8 padToSectorBoundary; /* Pad transactions out to the next sector */
+ WalIndexHdr hdr; /* Wal-index header for current transaction */
+ u32 minFrame; /* Ignore wal frames before this one */
+ const char *zWalName; /* Name of WAL file */
+ u32 nCkpt; /* Checkpoint sequence counter in the wal-header */
+#ifdef SQLITE_DEBUG
+ u8 lockError; /* True if a locking error has occurred */
+#endif
+#ifdef SQLITE_ENABLE_SNAPSHOT
+ WalIndexHdr *pSnapshot; /* Start transaction here if not NULL */
+#endif
+};
+
+/*
+** Candidate values for Wal.exclusiveMode.
+*/
+#define WAL_NORMAL_MODE 0
+#define WAL_EXCLUSIVE_MODE 1
+#define WAL_HEAPMEMORY_MODE 2
+
+/*
+** Possible values for WAL.readOnly
+*/
+#define WAL_RDWR 0 /* Normal read/write connection */
+#define WAL_RDONLY 1 /* The WAL file is readonly */
+#define WAL_SHM_RDONLY 2 /* The SHM file is readonly */
+
+/*
+** Each page of the wal-index mapping contains a hash-table made up of
+** an array of HASHTABLE_NSLOT elements of the following type.
+*/
+typedef u16 ht_slot;
+
+/*
+** This structure is used to implement an iterator that loops through
+** all frames in the WAL in database page order. Where two or more frames
+** correspond to the same database page, the iterator visits only the
+** frame most recently written to the WAL (in other words, the frame with
+** the largest index).
+**
+** The internals of this structure are only accessed by:
+**
+** walIteratorInit() - Create a new iterator,
+** walIteratorNext() - Step an iterator,
+** walIteratorFree() - Free an iterator.
+**
+** This functionality is used by the checkpoint code (see walCheckpoint()).
+*/
+struct WalIterator {
+ int iPrior; /* Last result returned from the iterator */
+ int nSegment; /* Number of entries in aSegment[] */
+ struct WalSegment {
+ int iNext; /* Next slot in aIndex[] not yet returned */
+ ht_slot *aIndex; /* i0, i1, i2... such that aPgno[iN] ascend */
+ u32 *aPgno; /* Array of page numbers. */
+ int nEntry; /* Nr. of entries in aPgno[] and aIndex[] */
+ int iZero; /* Frame number associated with aPgno[0] */
+ } aSegment[1]; /* One for every 32KB page in the wal-index */
+};
+
+/*
+** Define the parameters of the hash tables in the wal-index file. There
+** is a hash-table following every HASHTABLE_NPAGE page numbers in the
+** wal-index.
+**
+** Changing any of these constants will alter the wal-index format and
+** create incompatibilities.
+*/
+#define HASHTABLE_NPAGE 4096 /* Must be power of 2 */
+#define HASHTABLE_HASH_1 383 /* Should be prime */
+#define HASHTABLE_NSLOT (HASHTABLE_NPAGE*2) /* Must be a power of 2 */
+
+/*
+** The block of page numbers associated with the first hash-table in a
+** wal-index is smaller than usual. This is so that there is a complete
+** hash-table on each aligned 32KB page of the wal-index.
+*/
+#define HASHTABLE_NPAGE_ONE (HASHTABLE_NPAGE - (WALINDEX_HDR_SIZE/sizeof(u32)))
+
+/* The wal-index is divided into pages of WALINDEX_PGSZ bytes each. */
+#define WALINDEX_PGSZ ( \
+ sizeof(ht_slot)*HASHTABLE_NSLOT + HASHTABLE_NPAGE*sizeof(u32) \
+)
+
+/*
+** Obtain a pointer to the iPage'th page of the wal-index. The wal-index
+** is broken into pages of WALINDEX_PGSZ bytes. Wal-index pages are
+** numbered from zero.
+**
+** If this call is successful, *ppPage is set to point to the wal-index
+** page and SQLITE_OK is returned. If an error (an OOM or VFS error) occurs,
+** then an SQLite error code is returned and *ppPage is set to 0.
+*/
+static int walIndexPage(Wal *pWal, int iPage, volatile u32 **ppPage){
+ int rc = SQLITE_OK;
+
+ /* Enlarge the pWal->apWiData[] array if required */
+ if( pWal->nWiData<=iPage ){
+ int nByte = sizeof(u32*)*(iPage+1);
+ volatile u32 **apNew;
+ apNew = (volatile u32 **)sqlite3_realloc64((void *)pWal->apWiData, nByte);
+ if( !apNew ){
+ *ppPage = 0;
+ return SQLITE_NOMEM;
+ }
+ memset((void*)&apNew[pWal->nWiData], 0,
+ sizeof(u32*)*(iPage+1-pWal->nWiData));
+ pWal->apWiData = apNew;
+ pWal->nWiData = iPage+1;
+ }
+
+ /* Request a pointer to the required page from the VFS */
+ if( pWal->apWiData[iPage]==0 ){
+ if( pWal->exclusiveMode==WAL_HEAPMEMORY_MODE ){
+ pWal->apWiData[iPage] = (u32 volatile *)sqlite3MallocZero(WALINDEX_PGSZ);
+ if( !pWal->apWiData[iPage] ) rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3OsShmMap(pWal->pDbFd, iPage, WALINDEX_PGSZ,
+ pWal->writeLock, (void volatile **)&pWal->apWiData[iPage]
+ );
+ if( rc==SQLITE_READONLY ){
+ pWal->readOnly |= WAL_SHM_RDONLY;
+ rc = SQLITE_OK;
+ }
+ }
+ }
+
+ *ppPage = pWal->apWiData[iPage];
+ assert( iPage==0 || *ppPage || rc!=SQLITE_OK );
+ return rc;
+}
+
+/*
+** Return a pointer to the WalCkptInfo structure in the wal-index.
+*/
+static volatile WalCkptInfo *walCkptInfo(Wal *pWal){
+ assert( pWal->nWiData>0 && pWal->apWiData[0] );
+ return (volatile WalCkptInfo*)&(pWal->apWiData[0][sizeof(WalIndexHdr)/2]);
+}
+
+/*
+** Return a pointer to the WalIndexHdr structure in the wal-index.
+*/
+static volatile WalIndexHdr *walIndexHdr(Wal *pWal){
+ assert( pWal->nWiData>0 && pWal->apWiData[0] );
+ return (volatile WalIndexHdr*)pWal->apWiData[0];
+}
+
+/*
+** The argument to this macro must be of type u32. On a little-endian
+** architecture, it returns the u32 value that results from interpreting
+** the 4 bytes as a big-endian value. On a big-endian architecture, it
+** returns the value that would be produced by interpreting the 4 bytes
+** of the input value as a little-endian integer.
+*/
+#define BYTESWAP32(x) ( \
+ (((x)&0x000000FF)<<24) + (((x)&0x0000FF00)<<8) \
+ + (((x)&0x00FF0000)>>8) + (((x)&0xFF000000)>>24) \
+)
+
+/*
+** Generate or extend an 8 byte checksum based on the data in
+** array aByte[] and the initial values of aIn[0] and aIn[1] (or
+** initial values of 0 and 0 if aIn==NULL).
+**
+** The checksum is written back into aOut[] before returning.
+**
+** nByte must be a positive multiple of 8.
+*/
+static void walChecksumBytes(
+ int nativeCksum, /* True for native byte-order, false for non-native */
+ u8 *a, /* Content to be checksummed */
+ int nByte, /* Bytes of content in a[]. Must be a multiple of 8. */
+ const u32 *aIn, /* Initial checksum value input */
+ u32 *aOut /* OUT: Final checksum value output */
+){
+ u32 s1, s2;
+ u32 *aData = (u32 *)a;
+ u32 *aEnd = (u32 *)&a[nByte];
+
+ if( aIn ){
+ s1 = aIn[0];
+ s2 = aIn[1];
+ }else{
+ s1 = s2 = 0;
+ }
+
+ assert( nByte>=8 );
+ assert( (nByte&0x00000007)==0 );
+
+ if( nativeCksum ){
+ do {
+ s1 += *aData++ + s2;
+ s2 += *aData++ + s1;
+ }while( aData<aEnd );
+ }else{
+ do {
+ s1 += BYTESWAP32(aData[0]) + s2;
+ s2 += BYTESWAP32(aData[1]) + s1;
+ aData += 2;
+ }while( aData<aEnd );
+ }
+
+ aOut[0] = s1;
+ aOut[1] = s2;
+}
+
+static void walShmBarrier(Wal *pWal){
+ if( pWal->exclusiveMode!=WAL_HEAPMEMORY_MODE ){
+ sqlite3OsShmBarrier(pWal->pDbFd);
+ }
+}
+
+/*
+** Write the header information in pWal->hdr into the wal-index.
+**
+** The checksum on pWal->hdr is updated before it is written.
+*/
+static void walIndexWriteHdr(Wal *pWal){
+ volatile WalIndexHdr *aHdr = walIndexHdr(pWal);
+ const int nCksum = offsetof(WalIndexHdr, aCksum);
+
+ assert( pWal->writeLock );
+ pWal->hdr.isInit = 1;
+ pWal->hdr.iVersion = WALINDEX_MAX_VERSION;
+ walChecksumBytes(1, (u8*)&pWal->hdr, nCksum, 0, pWal->hdr.aCksum);
+ memcpy((void*)&aHdr[1], (const void*)&pWal->hdr, sizeof(WalIndexHdr));
+ walShmBarrier(pWal);
+ memcpy((void*)&aHdr[0], (const void*)&pWal->hdr, sizeof(WalIndexHdr));
+}
+
+/*
+** This function encodes a single frame header and writes it to a buffer
+** supplied by the caller. A frame-header is made up of a series of
+** 4-byte big-endian integers, as follows:
+**
+** 0: Page number.
+** 4: For commit records, the size of the database image in pages
+** after the commit. For all other records, zero.
+** 8: Salt-1 (copied from the wal-header)
+** 12: Salt-2 (copied from the wal-header)
+** 16: Checksum-1.
+** 20: Checksum-2.
+*/
+static void walEncodeFrame(
+ Wal *pWal, /* The write-ahead log */
+ u32 iPage, /* Database page number for frame */
+ u32 nTruncate, /* New db size (or 0 for non-commit frames) */
+ u8 *aData, /* Pointer to page data */
+ u8 *aFrame /* OUT: Write encoded frame here */
+){
+ int nativeCksum; /* True for native byte-order checksums */
+ u32 *aCksum = pWal->hdr.aFrameCksum;
+ assert( WAL_FRAME_HDRSIZE==24 );
+ sqlite3Put4byte(&aFrame[0], iPage);
+ sqlite3Put4byte(&aFrame[4], nTruncate);
+ memcpy(&aFrame[8], pWal->hdr.aSalt, 8);
+
+ nativeCksum = (pWal->hdr.bigEndCksum==SQLITE_BIGENDIAN);
+ walChecksumBytes(nativeCksum, aFrame, 8, aCksum, aCksum);
+ walChecksumBytes(nativeCksum, aData, pWal->szPage, aCksum, aCksum);
+
+ sqlite3Put4byte(&aFrame[16], aCksum[0]);
+ sqlite3Put4byte(&aFrame[20], aCksum[1]);
+}
+
+/*
+** Check to see if the frame with header in aFrame[] and content
+** in aData[] is valid. If it is a valid frame, fill *piPage and
+** *pnTruncate and return true. Return if the frame is not valid.
+*/
+static int walDecodeFrame(
+ Wal *pWal, /* The write-ahead log */
+ u32 *piPage, /* OUT: Database page number for frame */
+ u32 *pnTruncate, /* OUT: New db size (or 0 if not commit) */
+ u8 *aData, /* Pointer to page data (for checksum) */
+ u8 *aFrame /* Frame data */
+){
+ int nativeCksum; /* True for native byte-order checksums */
+ u32 *aCksum = pWal->hdr.aFrameCksum;
+ u32 pgno; /* Page number of the frame */
+ assert( WAL_FRAME_HDRSIZE==24 );
+
+ /* A frame is only valid if the salt values in the frame-header
+ ** match the salt values in the wal-header.
+ */
+ if( memcmp(&pWal->hdr.aSalt, &aFrame[8], 8)!=0 ){
+ return 0;
+ }
+
+ /* A frame is only valid if the page number is creater than zero.
+ */
+ pgno = sqlite3Get4byte(&aFrame[0]);
+ if( pgno==0 ){
+ return 0;
+ }
+
+ /* A frame is only valid if a checksum of the WAL header,
+ ** all prior frams, the first 16 bytes of this frame-header,
+ ** and the frame-data matches the checksum in the last 8
+ ** bytes of this frame-header.
+ */
+ nativeCksum = (pWal->hdr.bigEndCksum==SQLITE_BIGENDIAN);
+ walChecksumBytes(nativeCksum, aFrame, 8, aCksum, aCksum);
+ walChecksumBytes(nativeCksum, aData, pWal->szPage, aCksum, aCksum);
+ if( aCksum[0]!=sqlite3Get4byte(&aFrame[16])
+ || aCksum[1]!=sqlite3Get4byte(&aFrame[20])
+ ){
+ /* Checksum failed. */
+ return 0;
+ }
+
+ /* If we reach this point, the frame is valid. Return the page number
+ ** and the new database size.
+ */
+ *piPage = pgno;
+ *pnTruncate = sqlite3Get4byte(&aFrame[4]);
+ return 1;
+}
+
+
+#if defined(SQLITE_TEST) && defined(SQLITE_DEBUG)
+/*
+** Names of locks. This routine is used to provide debugging output and is not
+** a part of an ordinary build.
+*/
+static const char *walLockName(int lockIdx){
+ if( lockIdx==WAL_WRITE_LOCK ){
+ return "WRITE-LOCK";
+ }else if( lockIdx==WAL_CKPT_LOCK ){
+ return "CKPT-LOCK";
+ }else if( lockIdx==WAL_RECOVER_LOCK ){
+ return "RECOVER-LOCK";
+ }else{
+ static char zName[15];
+ sqlite3_snprintf(sizeof(zName), zName, "READ-LOCK[%d]",
+ lockIdx-WAL_READ_LOCK(0));
+ return zName;
+ }
+}
+#endif /*defined(SQLITE_TEST) || defined(SQLITE_DEBUG) */
+
+
+/*
+** Set or release locks on the WAL. Locks are either shared or exclusive.
+** A lock cannot be moved directly between shared and exclusive - it must go
+** through the unlocked state first.
+**
+** In locking_mode=EXCLUSIVE, all of these routines become no-ops.
+*/
+static int walLockShared(Wal *pWal, int lockIdx){
+ int rc;
+ if( pWal->exclusiveMode ) return SQLITE_OK;
+ rc = sqlite3OsShmLock(pWal->pDbFd, lockIdx, 1,
+ SQLITE_SHM_LOCK | SQLITE_SHM_SHARED);
+ WALTRACE(("WAL%p: acquire SHARED-%s %s\n", pWal,
+ walLockName(lockIdx), rc ? "failed" : "ok"));
+ VVA_ONLY( pWal->lockError = (u8)(rc!=SQLITE_OK && rc!=SQLITE_BUSY); )
+ return rc;
+}
+static void walUnlockShared(Wal *pWal, int lockIdx){
+ if( pWal->exclusiveMode ) return;
+ (void)sqlite3OsShmLock(pWal->pDbFd, lockIdx, 1,
+ SQLITE_SHM_UNLOCK | SQLITE_SHM_SHARED);
+ WALTRACE(("WAL%p: release SHARED-%s\n", pWal, walLockName(lockIdx)));
+}
+static int walLockExclusive(Wal *pWal, int lockIdx, int n){
+ int rc;
+ if( pWal->exclusiveMode ) return SQLITE_OK;
+ rc = sqlite3OsShmLock(pWal->pDbFd, lockIdx, n,
+ SQLITE_SHM_LOCK | SQLITE_SHM_EXCLUSIVE);
+ WALTRACE(("WAL%p: acquire EXCLUSIVE-%s cnt=%d %s\n", pWal,
+ walLockName(lockIdx), n, rc ? "failed" : "ok"));
+ VVA_ONLY( pWal->lockError = (u8)(rc!=SQLITE_OK && rc!=SQLITE_BUSY); )
+ return rc;
+}
+static void walUnlockExclusive(Wal *pWal, int lockIdx, int n){
+ if( pWal->exclusiveMode ) return;
+ (void)sqlite3OsShmLock(pWal->pDbFd, lockIdx, n,
+ SQLITE_SHM_UNLOCK | SQLITE_SHM_EXCLUSIVE);
+ WALTRACE(("WAL%p: release EXCLUSIVE-%s cnt=%d\n", pWal,
+ walLockName(lockIdx), n));
+}
+
+/*
+** Compute a hash on a page number. The resulting hash value must land
+** between 0 and (HASHTABLE_NSLOT-1). The walHashNext() function advances
+** the hash to the next value in the event of a collision.
+*/
+static int walHash(u32 iPage){
+ assert( iPage>0 );
+ assert( (HASHTABLE_NSLOT & (HASHTABLE_NSLOT-1))==0 );
+ return (iPage*HASHTABLE_HASH_1) & (HASHTABLE_NSLOT-1);
+}
+static int walNextHash(int iPriorHash){
+ return (iPriorHash+1)&(HASHTABLE_NSLOT-1);
+}
+
+/*
+** Return pointers to the hash table and page number array stored on
+** page iHash of the wal-index. The wal-index is broken into 32KB pages
+** numbered starting from 0.
+**
+** Set output variable *paHash to point to the start of the hash table
+** in the wal-index file. Set *piZero to one less than the frame
+** number of the first frame indexed by this hash table. If a
+** slot in the hash table is set to N, it refers to frame number
+** (*piZero+N) in the log.
+**
+** Finally, set *paPgno so that *paPgno[1] is the page number of the
+** first frame indexed by the hash table, frame (*piZero+1).
+*/
+static int walHashGet(
+ Wal *pWal, /* WAL handle */
+ int iHash, /* Find the iHash'th table */
+ volatile ht_slot **paHash, /* OUT: Pointer to hash index */
+ volatile u32 **paPgno, /* OUT: Pointer to page number array */
+ u32 *piZero /* OUT: Frame associated with *paPgno[0] */
+){
+ int rc; /* Return code */
+ volatile u32 *aPgno;
+
+ rc = walIndexPage(pWal, iHash, &aPgno);
+ assert( rc==SQLITE_OK || iHash>0 );
+
+ if( rc==SQLITE_OK ){
+ u32 iZero;
+ volatile ht_slot *aHash;
+
+ aHash = (volatile ht_slot *)&aPgno[HASHTABLE_NPAGE];
+ if( iHash==0 ){
+ aPgno = &aPgno[WALINDEX_HDR_SIZE/sizeof(u32)];
+ iZero = 0;
+ }else{
+ iZero = HASHTABLE_NPAGE_ONE + (iHash-1)*HASHTABLE_NPAGE;
+ }
+
+ *paPgno = &aPgno[-1];
+ *paHash = aHash;
+ *piZero = iZero;
+ }
+ return rc;
+}
+
+/*
+** Return the number of the wal-index page that contains the hash-table
+** and page-number array that contain entries corresponding to WAL frame
+** iFrame. The wal-index is broken up into 32KB pages. Wal-index pages
+** are numbered starting from 0.
+*/
+static int walFramePage(u32 iFrame){
+ int iHash = (iFrame+HASHTABLE_NPAGE-HASHTABLE_NPAGE_ONE-1) / HASHTABLE_NPAGE;
+ assert( (iHash==0 || iFrame>HASHTABLE_NPAGE_ONE)
+ && (iHash>=1 || iFrame<=HASHTABLE_NPAGE_ONE)
+ && (iHash<=1 || iFrame>(HASHTABLE_NPAGE_ONE+HASHTABLE_NPAGE))
+ && (iHash>=2 || iFrame<=HASHTABLE_NPAGE_ONE+HASHTABLE_NPAGE)
+ && (iHash<=2 || iFrame>(HASHTABLE_NPAGE_ONE+2*HASHTABLE_NPAGE))
+ );
+ return iHash;
+}
+
+/*
+** Return the page number associated with frame iFrame in this WAL.
+*/
+static u32 walFramePgno(Wal *pWal, u32 iFrame){
+ int iHash = walFramePage(iFrame);
+ if( iHash==0 ){
+ return pWal->apWiData[0][WALINDEX_HDR_SIZE/sizeof(u32) + iFrame - 1];
+ }
+ return pWal->apWiData[iHash][(iFrame-1-HASHTABLE_NPAGE_ONE)%HASHTABLE_NPAGE];
+}
+
+/*
+** Remove entries from the hash table that point to WAL slots greater
+** than pWal->hdr.mxFrame.
+**
+** This function is called whenever pWal->hdr.mxFrame is decreased due
+** to a rollback or savepoint.
+**
+** At most only the hash table containing pWal->hdr.mxFrame needs to be
+** updated. Any later hash tables will be automatically cleared when
+** pWal->hdr.mxFrame advances to the point where those hash tables are
+** actually needed.
+*/
+static void walCleanupHash(Wal *pWal){
+ volatile ht_slot *aHash = 0; /* Pointer to hash table to clear */
+ volatile u32 *aPgno = 0; /* Page number array for hash table */
+ u32 iZero = 0; /* frame == (aHash[x]+iZero) */
+ int iLimit = 0; /* Zero values greater than this */
+ int nByte; /* Number of bytes to zero in aPgno[] */
+ int i; /* Used to iterate through aHash[] */
+
+ assert( pWal->writeLock );
+ testcase( pWal->hdr.mxFrame==HASHTABLE_NPAGE_ONE-1 );
+ testcase( pWal->hdr.mxFrame==HASHTABLE_NPAGE_ONE );
+ testcase( pWal->hdr.mxFrame==HASHTABLE_NPAGE_ONE+1 );
+
+ if( pWal->hdr.mxFrame==0 ) return;
+
+ /* Obtain pointers to the hash-table and page-number array containing
+ ** the entry that corresponds to frame pWal->hdr.mxFrame. It is guaranteed
+ ** that the page said hash-table and array reside on is already mapped.
+ */
+ assert( pWal->nWiData>walFramePage(pWal->hdr.mxFrame) );
+ assert( pWal->apWiData[walFramePage(pWal->hdr.mxFrame)] );
+ walHashGet(pWal, walFramePage(pWal->hdr.mxFrame), &aHash, &aPgno, &iZero);
+
+ /* Zero all hash-table entries that correspond to frame numbers greater
+ ** than pWal->hdr.mxFrame.
+ */
+ iLimit = pWal->hdr.mxFrame - iZero;
+ assert( iLimit>0 );
+ for(i=0; i<HASHTABLE_NSLOT; i++){
+ if( aHash[i]>iLimit ){
+ aHash[i] = 0;
+ }
+ }
+
+ /* Zero the entries in the aPgno array that correspond to frames with
+ ** frame numbers greater than pWal->hdr.mxFrame.
+ */
+ nByte = (int)((char *)aHash - (char *)&aPgno[iLimit+1]);
+ memset((void *)&aPgno[iLimit+1], 0, nByte);
+
+#ifdef SQLITE_ENABLE_EXPENSIVE_ASSERT
+ /* Verify that the every entry in the mapping region is still reachable
+ ** via the hash table even after the cleanup.
+ */
+ if( iLimit ){
+ int j; /* Loop counter */
+ int iKey; /* Hash key */
+ for(j=1; j<=iLimit; j++){
+ for(iKey=walHash(aPgno[j]); aHash[iKey]; iKey=walNextHash(iKey)){
+ if( aHash[iKey]==j ) break;
+ }
+ assert( aHash[iKey]==j );
+ }
+ }
+#endif /* SQLITE_ENABLE_EXPENSIVE_ASSERT */
+}
+
+
+/*
+** Set an entry in the wal-index that will map database page number
+** pPage into WAL frame iFrame.
+*/
+static int walIndexAppend(Wal *pWal, u32 iFrame, u32 iPage){
+ int rc; /* Return code */
+ u32 iZero = 0; /* One less than frame number of aPgno[1] */
+ volatile u32 *aPgno = 0; /* Page number array */
+ volatile ht_slot *aHash = 0; /* Hash table */
+
+ rc = walHashGet(pWal, walFramePage(iFrame), &aHash, &aPgno, &iZero);
+
+ /* Assuming the wal-index file was successfully mapped, populate the
+ ** page number array and hash table entry.
+ */
+ if( rc==SQLITE_OK ){
+ int iKey; /* Hash table key */
+ int idx; /* Value to write to hash-table slot */
+ int nCollide; /* Number of hash collisions */
+
+ idx = iFrame - iZero;
+ assert( idx <= HASHTABLE_NSLOT/2 + 1 );
+
+ /* If this is the first entry to be added to this hash-table, zero the
+ ** entire hash table and aPgno[] array before proceeding.
+ */
+ if( idx==1 ){
+ int nByte = (int)((u8 *)&aHash[HASHTABLE_NSLOT] - (u8 *)&aPgno[1]);
+ memset((void*)&aPgno[1], 0, nByte);
+ }
+
+ /* If the entry in aPgno[] is already set, then the previous writer
+ ** must have exited unexpectedly in the middle of a transaction (after
+ ** writing one or more dirty pages to the WAL to free up memory).
+ ** Remove the remnants of that writers uncommitted transaction from
+ ** the hash-table before writing any new entries.
+ */
+ if( aPgno[idx] ){
+ walCleanupHash(pWal);
+ assert( !aPgno[idx] );
+ }
+
+ /* Write the aPgno[] array entry and the hash-table slot. */
+ nCollide = idx;
+ for(iKey=walHash(iPage); aHash[iKey]; iKey=walNextHash(iKey)){
+ if( (nCollide--)==0 ) return SQLITE_CORRUPT_BKPT;
+ }
+ aPgno[idx] = iPage;
+ aHash[iKey] = (ht_slot)idx;
+
+#ifdef SQLITE_ENABLE_EXPENSIVE_ASSERT
+ /* Verify that the number of entries in the hash table exactly equals
+ ** the number of entries in the mapping region.
+ */
+ {
+ int i; /* Loop counter */
+ int nEntry = 0; /* Number of entries in the hash table */
+ for(i=0; i<HASHTABLE_NSLOT; i++){ if( aHash[i] ) nEntry++; }
+ assert( nEntry==idx );
+ }
+
+ /* Verify that the every entry in the mapping region is reachable
+ ** via the hash table. This turns out to be a really, really expensive
+ ** thing to check, so only do this occasionally - not on every
+ ** iteration.
+ */
+ if( (idx&0x3ff)==0 ){
+ int i; /* Loop counter */
+ for(i=1; i<=idx; i++){
+ for(iKey=walHash(aPgno[i]); aHash[iKey]; iKey=walNextHash(iKey)){
+ if( aHash[iKey]==i ) break;
+ }
+ assert( aHash[iKey]==i );
+ }
+ }
+#endif /* SQLITE_ENABLE_EXPENSIVE_ASSERT */
+ }
+
+
+ return rc;
+}
+
+
+/*
+** Recover the wal-index by reading the write-ahead log file.
+**
+** This routine first tries to establish an exclusive lock on the
+** wal-index to prevent other threads/processes from doing anything
+** with the WAL or wal-index while recovery is running. The
+** WAL_RECOVER_LOCK is also held so that other threads will know
+** that this thread is running recovery. If unable to establish
+** the necessary locks, this routine returns SQLITE_BUSY.
+*/
+static int walIndexRecover(Wal *pWal){
+ int rc; /* Return Code */
+ i64 nSize; /* Size of log file */
+ u32 aFrameCksum[2] = {0, 0};
+ int iLock; /* Lock offset to lock for checkpoint */
+ int nLock; /* Number of locks to hold */
+
+ /* Obtain an exclusive lock on all byte in the locking range not already
+ ** locked by the caller. The caller is guaranteed to have locked the
+ ** WAL_WRITE_LOCK byte, and may have also locked the WAL_CKPT_LOCK byte.
+ ** If successful, the same bytes that are locked here are unlocked before
+ ** this function returns.
+ */
+ assert( pWal->ckptLock==1 || pWal->ckptLock==0 );
+ assert( WAL_ALL_BUT_WRITE==WAL_WRITE_LOCK+1 );
+ assert( WAL_CKPT_LOCK==WAL_ALL_BUT_WRITE );
+ assert( pWal->writeLock );
+ iLock = WAL_ALL_BUT_WRITE + pWal->ckptLock;
+ nLock = SQLITE_SHM_NLOCK - iLock;
+ rc = walLockExclusive(pWal, iLock, nLock);
+ if( rc ){
+ return rc;
+ }
+ WALTRACE(("WAL%p: recovery begin...\n", pWal));
+
+ memset(&pWal->hdr, 0, sizeof(WalIndexHdr));
+
+ rc = sqlite3OsFileSize(pWal->pWalFd, &nSize);
+ if( rc!=SQLITE_OK ){
+ goto recovery_error;
+ }
+
+ if( nSize>WAL_HDRSIZE ){
+ u8 aBuf[WAL_HDRSIZE]; /* Buffer to load WAL header into */
+ u8 *aFrame = 0; /* Malloc'd buffer to load entire frame */
+ int szFrame; /* Number of bytes in buffer aFrame[] */
+ u8 *aData; /* Pointer to data part of aFrame buffer */
+ int iFrame; /* Index of last frame read */
+ i64 iOffset; /* Next offset to read from log file */
+ int szPage; /* Page size according to the log */
+ u32 magic; /* Magic value read from WAL header */
+ u32 version; /* Magic value read from WAL header */
+ int isValid; /* True if this frame is valid */
+
+ /* Read in the WAL header. */
+ rc = sqlite3OsRead(pWal->pWalFd, aBuf, WAL_HDRSIZE, 0);
+ if( rc!=SQLITE_OK ){
+ goto recovery_error;
+ }
+
+ /* If the database page size is not a power of two, or is greater than
+ ** SQLITE_MAX_PAGE_SIZE, conclude that the WAL file contains no valid
+ ** data. Similarly, if the 'magic' value is invalid, ignore the whole
+ ** WAL file.
+ */
+ magic = sqlite3Get4byte(&aBuf[0]);
+ szPage = sqlite3Get4byte(&aBuf[8]);
+ if( (magic&0xFFFFFFFE)!=WAL_MAGIC
+ || szPage&(szPage-1)
+ || szPage>SQLITE_MAX_PAGE_SIZE
+ || szPage<512
+ ){
+ goto finished;
+ }
+ pWal->hdr.bigEndCksum = (u8)(magic&0x00000001);
+ pWal->szPage = szPage;
+ pWal->nCkpt = sqlite3Get4byte(&aBuf[12]);
+ memcpy(&pWal->hdr.aSalt, &aBuf[16], 8);
+
+ /* Verify that the WAL header checksum is correct */
+ walChecksumBytes(pWal->hdr.bigEndCksum==SQLITE_BIGENDIAN,
+ aBuf, WAL_HDRSIZE-2*4, 0, pWal->hdr.aFrameCksum
+ );
+ if( pWal->hdr.aFrameCksum[0]!=sqlite3Get4byte(&aBuf[24])
+ || pWal->hdr.aFrameCksum[1]!=sqlite3Get4byte(&aBuf[28])
+ ){
+ goto finished;
+ }
+
+ /* Verify that the version number on the WAL format is one that
+ ** are able to understand */
+ version = sqlite3Get4byte(&aBuf[4]);
+ if( version!=WAL_MAX_VERSION ){
+ rc = SQLITE_CANTOPEN_BKPT;
+ goto finished;
+ }
+
+ /* Malloc a buffer to read frames into. */
+ szFrame = szPage + WAL_FRAME_HDRSIZE;
+ aFrame = (u8 *)sqlite3_malloc64(szFrame);
+ if( !aFrame ){
+ rc = SQLITE_NOMEM;
+ goto recovery_error;
+ }
+ aData = &aFrame[WAL_FRAME_HDRSIZE];
+
+ /* Read all frames from the log file. */
+ iFrame = 0;
+ for(iOffset=WAL_HDRSIZE; (iOffset+szFrame)<=nSize; iOffset+=szFrame){
+ u32 pgno; /* Database page number for frame */
+ u32 nTruncate; /* dbsize field from frame header */
+
+ /* Read and decode the next log frame. */
+ iFrame++;
+ rc = sqlite3OsRead(pWal->pWalFd, aFrame, szFrame, iOffset);
+ if( rc!=SQLITE_OK ) break;
+ isValid = walDecodeFrame(pWal, &pgno, &nTruncate, aData, aFrame);
+ if( !isValid ) break;
+ rc = walIndexAppend(pWal, iFrame, pgno);
+ if( rc!=SQLITE_OK ) break;
+
+ /* If nTruncate is non-zero, this is a commit record. */
+ if( nTruncate ){
+ pWal->hdr.mxFrame = iFrame;
+ pWal->hdr.nPage = nTruncate;
+ pWal->hdr.szPage = (u16)((szPage&0xff00) | (szPage>>16));
+ testcase( szPage<=32768 );
+ testcase( szPage>=65536 );
+ aFrameCksum[0] = pWal->hdr.aFrameCksum[0];
+ aFrameCksum[1] = pWal->hdr.aFrameCksum[1];
+ }
+ }
+
+ sqlite3_free(aFrame);
+ }
+
+finished:
+ if( rc==SQLITE_OK ){
+ volatile WalCkptInfo *pInfo;
+ int i;
+ pWal->hdr.aFrameCksum[0] = aFrameCksum[0];
+ pWal->hdr.aFrameCksum[1] = aFrameCksum[1];
+ walIndexWriteHdr(pWal);
+
+ /* Reset the checkpoint-header. This is safe because this thread is
+ ** currently holding locks that exclude all other readers, writers and
+ ** checkpointers.
+ */
+ pInfo = walCkptInfo(pWal);
+ pInfo->nBackfill = 0;
+ pInfo->nBackfillAttempted = pWal->hdr.mxFrame;
+ pInfo->aReadMark[0] = 0;
+ for(i=1; i<WAL_NREADER; i++) pInfo->aReadMark[i] = READMARK_NOT_USED;
+ if( pWal->hdr.mxFrame ) pInfo->aReadMark[1] = pWal->hdr.mxFrame;
+
+ /* If more than one frame was recovered from the log file, report an
+ ** event via sqlite3_log(). This is to help with identifying performance
+ ** problems caused by applications routinely shutting down without
+ ** checkpointing the log file.
+ */
+ if( pWal->hdr.nPage ){
+ sqlite3_log(SQLITE_NOTICE_RECOVER_WAL,
+ "recovered %d frames from WAL file %s",
+ pWal->hdr.mxFrame, pWal->zWalName
+ );
+ }
+ }
+
+recovery_error:
+ WALTRACE(("WAL%p: recovery %s\n", pWal, rc ? "failed" : "ok"));
+ walUnlockExclusive(pWal, iLock, nLock);
+ return rc;
+}
+
+/*
+** Close an open wal-index.
+*/
+static void walIndexClose(Wal *pWal, int isDelete){
+ if( pWal->exclusiveMode==WAL_HEAPMEMORY_MODE ){
+ int i;
+ for(i=0; i<pWal->nWiData; i++){
+ sqlite3_free((void *)pWal->apWiData[i]);
+ pWal->apWiData[i] = 0;
+ }
+ }else{
+ sqlite3OsShmUnmap(pWal->pDbFd, isDelete);
+ }
+}
+
+/*
+** Open a connection to the WAL file zWalName. The database file must
+** already be opened on connection pDbFd. The buffer that zWalName points
+** to must remain valid for the lifetime of the returned Wal* handle.
+**
+** A SHARED lock should be held on the database file when this function
+** is called. The purpose of this SHARED lock is to prevent any other
+** client from unlinking the WAL or wal-index file. If another process
+** were to do this just after this client opened one of these files, the
+** system would be badly broken.
+**
+** If the log file is successfully opened, SQLITE_OK is returned and
+** *ppWal is set to point to a new WAL handle. If an error occurs,
+** an SQLite error code is returned and *ppWal is left unmodified.
+*/
+SQLITE_PRIVATE int sqlite3WalOpen(
+ sqlite3_vfs *pVfs, /* vfs module to open wal and wal-index */
+ sqlite3_file *pDbFd, /* The open database file */
+ const char *zWalName, /* Name of the WAL file */
+ int bNoShm, /* True to run in heap-memory mode */
+ i64 mxWalSize, /* Truncate WAL to this size on reset */
+ Wal **ppWal /* OUT: Allocated Wal handle */
+){
+ int rc; /* Return Code */
+ Wal *pRet; /* Object to allocate and return */
+ int flags; /* Flags passed to OsOpen() */
+
+ assert( zWalName && zWalName[0] );
+ assert( pDbFd );
+
+ /* In the amalgamation, the os_unix.c and os_win.c source files come before
+ ** this source file. Verify that the #defines of the locking byte offsets
+ ** in os_unix.c and os_win.c agree with the WALINDEX_LOCK_OFFSET value.
+ ** For that matter, if the lock offset ever changes from its initial design
+ ** value of 120, we need to know that so there is an assert() to check it.
+ */
+ assert( 120==WALINDEX_LOCK_OFFSET );
+ assert( 136==WALINDEX_HDR_SIZE );
+#ifdef WIN_SHM_BASE
+ assert( WIN_SHM_BASE==WALINDEX_LOCK_OFFSET );
+#endif
+#ifdef UNIX_SHM_BASE
+ assert( UNIX_SHM_BASE==WALINDEX_LOCK_OFFSET );
+#endif
+
+
+ /* Allocate an instance of struct Wal to return. */
+ *ppWal = 0;
+ pRet = (Wal*)sqlite3MallocZero(sizeof(Wal) + pVfs->szOsFile);
+ if( !pRet ){
+ return SQLITE_NOMEM;
+ }
+
+ pRet->pVfs = pVfs;
+ pRet->pWalFd = (sqlite3_file *)&pRet[1];
+ pRet->pDbFd = pDbFd;
+ pRet->readLock = -1;
+ pRet->mxWalSize = mxWalSize;
+ pRet->zWalName = zWalName;
+ pRet->syncHeader = 1;
+ pRet->padToSectorBoundary = 1;
+ pRet->exclusiveMode = (bNoShm ? WAL_HEAPMEMORY_MODE: WAL_NORMAL_MODE);
+
+ /* Open file handle on the write-ahead log file. */
+ flags = (SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE|SQLITE_OPEN_WAL);
+ rc = sqlite3OsOpen(pVfs, zWalName, pRet->pWalFd, flags, &flags);
+ if( rc==SQLITE_OK && flags&SQLITE_OPEN_READONLY ){
+ pRet->readOnly = WAL_RDONLY;
+ }
+
+ if( rc!=SQLITE_OK ){
+ walIndexClose(pRet, 0);
+ sqlite3OsClose(pRet->pWalFd);
+ sqlite3_free(pRet);
+ }else{
+ int iDC = sqlite3OsDeviceCharacteristics(pDbFd);
+ if( iDC & SQLITE_IOCAP_SEQUENTIAL ){ pRet->syncHeader = 0; }
+ if( iDC & SQLITE_IOCAP_POWERSAFE_OVERWRITE ){
+ pRet->padToSectorBoundary = 0;
+ }
+ *ppWal = pRet;
+ WALTRACE(("WAL%d: opened\n", pRet));
+ }
+ return rc;
+}
+
+/*
+** Change the size to which the WAL file is trucated on each reset.
+*/
+SQLITE_PRIVATE void sqlite3WalLimit(Wal *pWal, i64 iLimit){
+ if( pWal ) pWal->mxWalSize = iLimit;
+}
+
+/*
+** Find the smallest page number out of all pages held in the WAL that
+** has not been returned by any prior invocation of this method on the
+** same WalIterator object. Write into *piFrame the frame index where
+** that page was last written into the WAL. Write into *piPage the page
+** number.
+**
+** Return 0 on success. If there are no pages in the WAL with a page
+** number larger than *piPage, then return 1.
+*/
+static int walIteratorNext(
+ WalIterator *p, /* Iterator */
+ u32 *piPage, /* OUT: The page number of the next page */
+ u32 *piFrame /* OUT: Wal frame index of next page */
+){
+ u32 iMin; /* Result pgno must be greater than iMin */
+ u32 iRet = 0xFFFFFFFF; /* 0xffffffff is never a valid page number */
+ int i; /* For looping through segments */
+
+ iMin = p->iPrior;
+ assert( iMin<0xffffffff );
+ for(i=p->nSegment-1; i>=0; i--){
+ struct WalSegment *pSegment = &p->aSegment[i];
+ while( pSegment->iNext<pSegment->nEntry ){
+ u32 iPg = pSegment->aPgno[pSegment->aIndex[pSegment->iNext]];
+ if( iPg>iMin ){
+ if( iPg<iRet ){
+ iRet = iPg;
+ *piFrame = pSegment->iZero + pSegment->aIndex[pSegment->iNext];
+ }
+ break;
+ }
+ pSegment->iNext++;
+ }
+ }
+
+ *piPage = p->iPrior = iRet;
+ return (iRet==0xFFFFFFFF);
+}
+
+/*
+** This function merges two sorted lists into a single sorted list.
+**
+** aLeft[] and aRight[] are arrays of indices. The sort key is
+** aContent[aLeft[]] and aContent[aRight[]]. Upon entry, the following
+** is guaranteed for all J<K:
+**
+** aContent[aLeft[J]] < aContent[aLeft[K]]
+** aContent[aRight[J]] < aContent[aRight[K]]
+**
+** This routine overwrites aRight[] with a new (probably longer) sequence
+** of indices such that the aRight[] contains every index that appears in
+** either aLeft[] or the old aRight[] and such that the second condition
+** above is still met.
+**
+** The aContent[aLeft[X]] values will be unique for all X. And the
+** aContent[aRight[X]] values will be unique too. But there might be
+** one or more combinations of X and Y such that
+**
+** aLeft[X]!=aRight[Y] && aContent[aLeft[X]] == aContent[aRight[Y]]
+**
+** When that happens, omit the aLeft[X] and use the aRight[Y] index.
+*/
+static void walMerge(
+ const u32 *aContent, /* Pages in wal - keys for the sort */
+ ht_slot *aLeft, /* IN: Left hand input list */
+ int nLeft, /* IN: Elements in array *paLeft */
+ ht_slot **paRight, /* IN/OUT: Right hand input list */
+ int *pnRight, /* IN/OUT: Elements in *paRight */
+ ht_slot *aTmp /* Temporary buffer */
+){
+ int iLeft = 0; /* Current index in aLeft */
+ int iRight = 0; /* Current index in aRight */
+ int iOut = 0; /* Current index in output buffer */
+ int nRight = *pnRight;
+ ht_slot *aRight = *paRight;
+
+ assert( nLeft>0 && nRight>0 );
+ while( iRight<nRight || iLeft<nLeft ){
+ ht_slot logpage;
+ Pgno dbpage;
+
+ if( (iLeft<nLeft)
+ && (iRight>=nRight || aContent[aLeft[iLeft]]<aContent[aRight[iRight]])
+ ){
+ logpage = aLeft[iLeft++];
+ }else{
+ logpage = aRight[iRight++];
+ }
+ dbpage = aContent[logpage];
+
+ aTmp[iOut++] = logpage;
+ if( iLeft<nLeft && aContent[aLeft[iLeft]]==dbpage ) iLeft++;
+
+ assert( iLeft>=nLeft || aContent[aLeft[iLeft]]>dbpage );
+ assert( iRight>=nRight || aContent[aRight[iRight]]>dbpage );
+ }
+
+ *paRight = aLeft;
+ *pnRight = iOut;
+ memcpy(aLeft, aTmp, sizeof(aTmp[0])*iOut);
+}
+
+/*
+** Sort the elements in list aList using aContent[] as the sort key.
+** Remove elements with duplicate keys, preferring to keep the
+** larger aList[] values.
+**
+** The aList[] entries are indices into aContent[]. The values in
+** aList[] are to be sorted so that for all J<K:
+**
+** aContent[aList[J]] < aContent[aList[K]]
+**
+** For any X and Y such that
+**
+** aContent[aList[X]] == aContent[aList[Y]]
+**
+** Keep the larger of the two values aList[X] and aList[Y] and discard
+** the smaller.
+*/
+static void walMergesort(
+ const u32 *aContent, /* Pages in wal */
+ ht_slot *aBuffer, /* Buffer of at least *pnList items to use */
+ ht_slot *aList, /* IN/OUT: List to sort */
+ int *pnList /* IN/OUT: Number of elements in aList[] */
+){
+ struct Sublist {
+ int nList; /* Number of elements in aList */
+ ht_slot *aList; /* Pointer to sub-list content */
+ };
+
+ const int nList = *pnList; /* Size of input list */
+ int nMerge = 0; /* Number of elements in list aMerge */
+ ht_slot *aMerge = 0; /* List to be merged */
+ int iList; /* Index into input list */
+ u32 iSub = 0; /* Index into aSub array */
+ struct Sublist aSub[13]; /* Array of sub-lists */
+
+ memset(aSub, 0, sizeof(aSub));
+ assert( nList<=HASHTABLE_NPAGE && nList>0 );
+ assert( HASHTABLE_NPAGE==(1<<(ArraySize(aSub)-1)) );
+
+ for(iList=0; iList<nList; iList++){
+ nMerge = 1;
+ aMerge = &aList[iList];
+ for(iSub=0; iList & (1<<iSub); iSub++){
+ struct Sublist *p;
+ assert( iSub<ArraySize(aSub) );
+ p = &aSub[iSub];
+ assert( p->aList && p->nList<=(1<<iSub) );
+ assert( p->aList==&aList[iList&~((2<<iSub)-1)] );
+ walMerge(aContent, p->aList, p->nList, &aMerge, &nMerge, aBuffer);
+ }
+ aSub[iSub].aList = aMerge;
+ aSub[iSub].nList = nMerge;
+ }
+
+ for(iSub++; iSub<ArraySize(aSub); iSub++){
+ if( nList & (1<<iSub) ){
+ struct Sublist *p;
+ assert( iSub<ArraySize(aSub) );
+ p = &aSub[iSub];
+ assert( p->nList<=(1<<iSub) );
+ assert( p->aList==&aList[nList&~((2<<iSub)-1)] );
+ walMerge(aContent, p->aList, p->nList, &aMerge, &nMerge, aBuffer);
+ }
+ }
+ assert( aMerge==aList );
+ *pnList = nMerge;
+
+#ifdef SQLITE_DEBUG
+ {
+ int i;
+ for(i=1; i<*pnList; i++){
+ assert( aContent[aList[i]] > aContent[aList[i-1]] );
+ }
+ }
+#endif
+}
+
+/*
+** Free an iterator allocated by walIteratorInit().
+*/
+static void walIteratorFree(WalIterator *p){
+ sqlite3_free(p);
+}
+
+/*
+** Construct a WalInterator object that can be used to loop over all
+** pages in the WAL in ascending order. The caller must hold the checkpoint
+** lock.
+**
+** On success, make *pp point to the newly allocated WalInterator object
+** return SQLITE_OK. Otherwise, return an error code. If this routine
+** returns an error, the value of *pp is undefined.
+**
+** The calling routine should invoke walIteratorFree() to destroy the
+** WalIterator object when it has finished with it.
+*/
+static int walIteratorInit(Wal *pWal, WalIterator **pp){
+ WalIterator *p; /* Return value */
+ int nSegment; /* Number of segments to merge */
+ u32 iLast; /* Last frame in log */
+ int nByte; /* Number of bytes to allocate */
+ int i; /* Iterator variable */
+ ht_slot *aTmp; /* Temp space used by merge-sort */
+ int rc = SQLITE_OK; /* Return Code */
+
+ /* This routine only runs while holding the checkpoint lock. And
+ ** it only runs if there is actually content in the log (mxFrame>0).
+ */
+ assert( pWal->ckptLock && pWal->hdr.mxFrame>0 );
+ iLast = pWal->hdr.mxFrame;
+
+ /* Allocate space for the WalIterator object. */
+ nSegment = walFramePage(iLast) + 1;
+ nByte = sizeof(WalIterator)
+ + (nSegment-1)*sizeof(struct WalSegment)
+ + iLast*sizeof(ht_slot);
+ p = (WalIterator *)sqlite3_malloc64(nByte);
+ if( !p ){
+ return SQLITE_NOMEM;
+ }
+ memset(p, 0, nByte);
+ p->nSegment = nSegment;
+
+ /* Allocate temporary space used by the merge-sort routine. This block
+ ** of memory will be freed before this function returns.
+ */
+ aTmp = (ht_slot *)sqlite3_malloc64(
+ sizeof(ht_slot) * (iLast>HASHTABLE_NPAGE?HASHTABLE_NPAGE:iLast)
+ );
+ if( !aTmp ){
+ rc = SQLITE_NOMEM;
+ }
+
+ for(i=0; rc==SQLITE_OK && i<nSegment; i++){
+ volatile ht_slot *aHash;
+ u32 iZero;
+ volatile u32 *aPgno;
+
+ rc = walHashGet(pWal, i, &aHash, &aPgno, &iZero);
+ if( rc==SQLITE_OK ){
+ int j; /* Counter variable */
+ int nEntry; /* Number of entries in this segment */
+ ht_slot *aIndex; /* Sorted index for this segment */
+
+ aPgno++;
+ if( (i+1)==nSegment ){
+ nEntry = (int)(iLast - iZero);
+ }else{
+ nEntry = (int)((u32*)aHash - (u32*)aPgno);
+ }
+ aIndex = &((ht_slot *)&p->aSegment[p->nSegment])[iZero];
+ iZero++;
+
+ for(j=0; j<nEntry; j++){
+ aIndex[j] = (ht_slot)j;
+ }
+ walMergesort((u32 *)aPgno, aTmp, aIndex, &nEntry);
+ p->aSegment[i].iZero = iZero;
+ p->aSegment[i].nEntry = nEntry;
+ p->aSegment[i].aIndex = aIndex;
+ p->aSegment[i].aPgno = (u32 *)aPgno;
+ }
+ }
+ sqlite3_free(aTmp);
+
+ if( rc!=SQLITE_OK ){
+ walIteratorFree(p);
+ }
+ *pp = p;
+ return rc;
+}
+
+/*
+** Attempt to obtain the exclusive WAL lock defined by parameters lockIdx and
+** n. If the attempt fails and parameter xBusy is not NULL, then it is a
+** busy-handler function. Invoke it and retry the lock until either the
+** lock is successfully obtained or the busy-handler returns 0.
+*/
+static int walBusyLock(
+ Wal *pWal, /* WAL connection */
+ int (*xBusy)(void*), /* Function to call when busy */
+ void *pBusyArg, /* Context argument for xBusyHandler */
+ int lockIdx, /* Offset of first byte to lock */
+ int n /* Number of bytes to lock */
+){
+ int rc;
+ do {
+ rc = walLockExclusive(pWal, lockIdx, n);
+ }while( xBusy && rc==SQLITE_BUSY && xBusy(pBusyArg) );
+ return rc;
+}
+
+/*
+** The cache of the wal-index header must be valid to call this function.
+** Return the page-size in bytes used by the database.
+*/
+static int walPagesize(Wal *pWal){
+ return (pWal->hdr.szPage&0xfe00) + ((pWal->hdr.szPage&0x0001)<<16);
+}
+
+/*
+** The following is guaranteed when this function is called:
+**
+** a) the WRITER lock is held,
+** b) the entire log file has been checkpointed, and
+** c) any existing readers are reading exclusively from the database
+** file - there are no readers that may attempt to read a frame from
+** the log file.
+**
+** This function updates the shared-memory structures so that the next
+** client to write to the database (which may be this one) does so by
+** writing frames into the start of the log file.
+**
+** The value of parameter salt1 is used as the aSalt[1] value in the
+** new wal-index header. It should be passed a pseudo-random value (i.e.
+** one obtained from sqlite3_randomness()).
+*/
+static void walRestartHdr(Wal *pWal, u32 salt1){
+ volatile WalCkptInfo *pInfo = walCkptInfo(pWal);
+ int i; /* Loop counter */
+ u32 *aSalt = pWal->hdr.aSalt; /* Big-endian salt values */
+ pWal->nCkpt++;
+ pWal->hdr.mxFrame = 0;
+ sqlite3Put4byte((u8*)&aSalt[0], 1 + sqlite3Get4byte((u8*)&aSalt[0]));
+ memcpy(&pWal->hdr.aSalt[1], &salt1, 4);
+ walIndexWriteHdr(pWal);
+ pInfo->nBackfill = 0;
+ pInfo->nBackfillAttempted = 0;
+ pInfo->aReadMark[1] = 0;
+ for(i=2; i<WAL_NREADER; i++) pInfo->aReadMark[i] = READMARK_NOT_USED;
+ assert( pInfo->aReadMark[0]==0 );
+}
+
+/*
+** Copy as much content as we can from the WAL back into the database file
+** in response to an sqlite3_wal_checkpoint() request or the equivalent.
+**
+** The amount of information copies from WAL to database might be limited
+** by active readers. This routine will never overwrite a database page
+** that a concurrent reader might be using.
+**
+** All I/O barrier operations (a.k.a fsyncs) occur in this routine when
+** SQLite is in WAL-mode in synchronous=NORMAL. That means that if
+** checkpoints are always run by a background thread or background
+** process, foreground threads will never block on a lengthy fsync call.
+**
+** Fsync is called on the WAL before writing content out of the WAL and
+** into the database. This ensures that if the new content is persistent
+** in the WAL and can be recovered following a power-loss or hard reset.
+**
+** Fsync is also called on the database file if (and only if) the entire
+** WAL content is copied into the database file. This second fsync makes
+** it safe to delete the WAL since the new content will persist in the
+** database file.
+**
+** This routine uses and updates the nBackfill field of the wal-index header.
+** This is the only routine that will increase the value of nBackfill.
+** (A WAL reset or recovery will revert nBackfill to zero, but not increase
+** its value.)
+**
+** The caller must be holding sufficient locks to ensure that no other
+** checkpoint is running (in any other thread or process) at the same
+** time.
+*/
+static int walCheckpoint(
+ Wal *pWal, /* Wal connection */
+ int eMode, /* One of PASSIVE, FULL or RESTART */
+ int (*xBusy)(void*), /* Function to call when busy */
+ void *pBusyArg, /* Context argument for xBusyHandler */
+ int sync_flags, /* Flags for OsSync() (or 0) */
+ u8 *zBuf /* Temporary buffer to use */
+){
+ int rc = SQLITE_OK; /* Return code */
+ int szPage; /* Database page-size */
+ WalIterator *pIter = 0; /* Wal iterator context */
+ u32 iDbpage = 0; /* Next database page to write */
+ u32 iFrame = 0; /* Wal frame containing data for iDbpage */
+ u32 mxSafeFrame; /* Max frame that can be backfilled */
+ u32 mxPage; /* Max database page to write */
+ int i; /* Loop counter */
+ volatile WalCkptInfo *pInfo; /* The checkpoint status information */
+
+ szPage = walPagesize(pWal);
+ testcase( szPage<=32768 );
+ testcase( szPage>=65536 );
+ pInfo = walCkptInfo(pWal);
+ if( pInfo->nBackfill<pWal->hdr.mxFrame ){
+
+ /* Allocate the iterator */
+ rc = walIteratorInit(pWal, &pIter);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ assert( pIter );
+
+ /* EVIDENCE-OF: R-62920-47450 The busy-handler callback is never invoked
+ ** in the SQLITE_CHECKPOINT_PASSIVE mode. */
+ assert( eMode!=SQLITE_CHECKPOINT_PASSIVE || xBusy==0 );
+
+ /* Compute in mxSafeFrame the index of the last frame of the WAL that is
+ ** safe to write into the database. Frames beyond mxSafeFrame might
+ ** overwrite database pages that are in use by active readers and thus
+ ** cannot be backfilled from the WAL.
+ */
+ mxSafeFrame = pWal->hdr.mxFrame;
+ mxPage = pWal->hdr.nPage;
+ for(i=1; i<WAL_NREADER; i++){
+ /* Thread-sanitizer reports that the following is an unsafe read,
+ ** as some other thread may be in the process of updating the value
+ ** of the aReadMark[] slot. The assumption here is that if that is
+ ** happening, the other client may only be increasing the value,
+ ** not decreasing it. So assuming either that either the "old" or
+ ** "new" version of the value is read, and not some arbitrary value
+ ** that would never be written by a real client, things are still
+ ** safe. */
+ u32 y = pInfo->aReadMark[i];
+ if( mxSafeFrame>y ){
+ assert( y<=pWal->hdr.mxFrame );
+ rc = walBusyLock(pWal, xBusy, pBusyArg, WAL_READ_LOCK(i), 1);
+ if( rc==SQLITE_OK ){
+ pInfo->aReadMark[i] = (i==1 ? mxSafeFrame : READMARK_NOT_USED);
+ walUnlockExclusive(pWal, WAL_READ_LOCK(i), 1);
+ }else if( rc==SQLITE_BUSY ){
+ mxSafeFrame = y;
+ xBusy = 0;
+ }else{
+ goto walcheckpoint_out;
+ }
+ }
+ }
+
+ if( pInfo->nBackfill<mxSafeFrame
+ && (rc = walBusyLock(pWal, xBusy, pBusyArg, WAL_READ_LOCK(0),1))==SQLITE_OK
+ ){
+ i64 nSize; /* Current size of database file */
+ u32 nBackfill = pInfo->nBackfill;
+
+ pInfo->nBackfillAttempted = mxSafeFrame;
+
+ /* Sync the WAL to disk */
+ if( sync_flags ){
+ rc = sqlite3OsSync(pWal->pWalFd, sync_flags);
+ }
+
+ /* If the database may grow as a result of this checkpoint, hint
+ ** about the eventual size of the db file to the VFS layer.
+ */
+ if( rc==SQLITE_OK ){
+ i64 nReq = ((i64)mxPage * szPage);
+ rc = sqlite3OsFileSize(pWal->pDbFd, &nSize);
+ if( rc==SQLITE_OK && nSize<nReq ){
+ sqlite3OsFileControlHint(pWal->pDbFd, SQLITE_FCNTL_SIZE_HINT, &nReq);
+ }
+ }
+
+
+ /* Iterate through the contents of the WAL, copying data to the db file */
+ while( rc==SQLITE_OK && 0==walIteratorNext(pIter, &iDbpage, &iFrame) ){
+ i64 iOffset;
+ assert( walFramePgno(pWal, iFrame)==iDbpage );
+ if( iFrame<=nBackfill || iFrame>mxSafeFrame || iDbpage>mxPage ){
+ continue;
+ }
+ iOffset = walFrameOffset(iFrame, szPage) + WAL_FRAME_HDRSIZE;
+ /* testcase( IS_BIG_INT(iOffset) ); // requires a 4GiB WAL file */
+ rc = sqlite3OsRead(pWal->pWalFd, zBuf, szPage, iOffset);
+ if( rc!=SQLITE_OK ) break;
+ iOffset = (iDbpage-1)*(i64)szPage;
+ testcase( IS_BIG_INT(iOffset) );
+ rc = sqlite3OsWrite(pWal->pDbFd, zBuf, szPage, iOffset);
+ if( rc!=SQLITE_OK ) break;
+ }
+
+ /* If work was actually accomplished... */
+ if( rc==SQLITE_OK ){
+ if( mxSafeFrame==walIndexHdr(pWal)->mxFrame ){
+ i64 szDb = pWal->hdr.nPage*(i64)szPage;
+ testcase( IS_BIG_INT(szDb) );
+ rc = sqlite3OsTruncate(pWal->pDbFd, szDb);
+ if( rc==SQLITE_OK && sync_flags ){
+ rc = sqlite3OsSync(pWal->pDbFd, sync_flags);
+ }
+ }
+ if( rc==SQLITE_OK ){
+ pInfo->nBackfill = mxSafeFrame;
+ }
+ }
+
+ /* Release the reader lock held while backfilling */
+ walUnlockExclusive(pWal, WAL_READ_LOCK(0), 1);
+ }
+
+ if( rc==SQLITE_BUSY ){
+ /* Reset the return code so as not to report a checkpoint failure
+ ** just because there are active readers. */
+ rc = SQLITE_OK;
+ }
+ }
+
+ /* If this is an SQLITE_CHECKPOINT_RESTART or TRUNCATE operation, and the
+ ** entire wal file has been copied into the database file, then block
+ ** until all readers have finished using the wal file. This ensures that
+ ** the next process to write to the database restarts the wal file.
+ */
+ if( rc==SQLITE_OK && eMode!=SQLITE_CHECKPOINT_PASSIVE ){
+ assert( pWal->writeLock );
+ if( pInfo->nBackfill<pWal->hdr.mxFrame ){
+ rc = SQLITE_BUSY;
+ }else if( eMode>=SQLITE_CHECKPOINT_RESTART ){
+ u32 salt1;
+ sqlite3_randomness(4, &salt1);
+ assert( pInfo->nBackfill==pWal->hdr.mxFrame );
+ rc = walBusyLock(pWal, xBusy, pBusyArg, WAL_READ_LOCK(1), WAL_NREADER-1);
+ if( rc==SQLITE_OK ){
+ if( eMode==SQLITE_CHECKPOINT_TRUNCATE ){
+ /* IMPLEMENTATION-OF: R-44699-57140 This mode works the same way as
+ ** SQLITE_CHECKPOINT_RESTART with the addition that it also
+ ** truncates the log file to zero bytes just prior to a
+ ** successful return.
+ **
+ ** In theory, it might be safe to do this without updating the
+ ** wal-index header in shared memory, as all subsequent reader or
+ ** writer clients should see that the entire log file has been
+ ** checkpointed and behave accordingly. This seems unsafe though,
+ ** as it would leave the system in a state where the contents of
+ ** the wal-index header do not match the contents of the
+ ** file-system. To avoid this, update the wal-index header to
+ ** indicate that the log file contains zero valid frames. */
+ walRestartHdr(pWal, salt1);
+ rc = sqlite3OsTruncate(pWal->pWalFd, 0);
+ }
+ walUnlockExclusive(pWal, WAL_READ_LOCK(1), WAL_NREADER-1);
+ }
+ }
+ }
+
+ walcheckpoint_out:
+ walIteratorFree(pIter);
+ return rc;
+}
+
+/*
+** If the WAL file is currently larger than nMax bytes in size, truncate
+** it to exactly nMax bytes. If an error occurs while doing so, ignore it.
+*/
+static void walLimitSize(Wal *pWal, i64 nMax){
+ i64 sz;
+ int rx;
+ sqlite3BeginBenignMalloc();
+ rx = sqlite3OsFileSize(pWal->pWalFd, &sz);
+ if( rx==SQLITE_OK && (sz > nMax ) ){
+ rx = sqlite3OsTruncate(pWal->pWalFd, nMax);
+ }
+ sqlite3EndBenignMalloc();
+ if( rx ){
+ sqlite3_log(rx, "cannot limit WAL size: %s", pWal->zWalName);
+ }
+}
+
+/*
+** Close a connection to a log file.
+*/
+SQLITE_PRIVATE int sqlite3WalClose(
+ Wal *pWal, /* Wal to close */
+ int sync_flags, /* Flags to pass to OsSync() (or 0) */
+ int nBuf,
+ u8 *zBuf /* Buffer of at least nBuf bytes */
+){
+ int rc = SQLITE_OK;
+ if( pWal ){
+ int isDelete = 0; /* True to unlink wal and wal-index files */
+
+ /* If an EXCLUSIVE lock can be obtained on the database file (using the
+ ** ordinary, rollback-mode locking methods, this guarantees that the
+ ** connection associated with this log file is the only connection to
+ ** the database. In this case checkpoint the database and unlink both
+ ** the wal and wal-index files.
+ **
+ ** The EXCLUSIVE lock is not released before returning.
+ */
+ rc = sqlite3OsLock(pWal->pDbFd, SQLITE_LOCK_EXCLUSIVE);
+ if( rc==SQLITE_OK ){
+ if( pWal->exclusiveMode==WAL_NORMAL_MODE ){
+ pWal->exclusiveMode = WAL_EXCLUSIVE_MODE;
+ }
+ rc = sqlite3WalCheckpoint(
+ pWal, SQLITE_CHECKPOINT_PASSIVE, 0, 0, sync_flags, nBuf, zBuf, 0, 0
+ );
+ if( rc==SQLITE_OK ){
+ int bPersist = -1;
+ sqlite3OsFileControlHint(
+ pWal->pDbFd, SQLITE_FCNTL_PERSIST_WAL, &bPersist
+ );
+ if( bPersist!=1 ){
+ /* Try to delete the WAL file if the checkpoint completed and
+ ** fsyned (rc==SQLITE_OK) and if we are not in persistent-wal
+ ** mode (!bPersist) */
+ isDelete = 1;
+ }else if( pWal->mxWalSize>=0 ){
+ /* Try to truncate the WAL file to zero bytes if the checkpoint
+ ** completed and fsynced (rc==SQLITE_OK) and we are in persistent
+ ** WAL mode (bPersist) and if the PRAGMA journal_size_limit is a
+ ** non-negative value (pWal->mxWalSize>=0). Note that we truncate
+ ** to zero bytes as truncating to the journal_size_limit might
+ ** leave a corrupt WAL file on disk. */
+ walLimitSize(pWal, 0);
+ }
+ }
+ }
+
+ walIndexClose(pWal, isDelete);
+ sqlite3OsClose(pWal->pWalFd);
+ if( isDelete ){
+ sqlite3BeginBenignMalloc();
+ sqlite3OsDelete(pWal->pVfs, pWal->zWalName, 0);
+ sqlite3EndBenignMalloc();
+ }
+ WALTRACE(("WAL%p: closed\n", pWal));
+ sqlite3_free((void *)pWal->apWiData);
+ sqlite3_free(pWal);
+ }
+ return rc;
+}
+
+/*
+** Try to read the wal-index header. Return 0 on success and 1 if
+** there is a problem.
+**
+** The wal-index is in shared memory. Another thread or process might
+** be writing the header at the same time this procedure is trying to
+** read it, which might result in inconsistency. A dirty read is detected
+** by verifying that both copies of the header are the same and also by
+** a checksum on the header.
+**
+** If and only if the read is consistent and the header is different from
+** pWal->hdr, then pWal->hdr is updated to the content of the new header
+** and *pChanged is set to 1.
+**
+** If the checksum cannot be verified return non-zero. If the header
+** is read successfully and the checksum verified, return zero.
+*/
+static int walIndexTryHdr(Wal *pWal, int *pChanged){
+ u32 aCksum[2]; /* Checksum on the header content */
+ WalIndexHdr h1, h2; /* Two copies of the header content */
+ WalIndexHdr volatile *aHdr; /* Header in shared memory */
+
+ /* The first page of the wal-index must be mapped at this point. */
+ assert( pWal->nWiData>0 && pWal->apWiData[0] );
+
+ /* Read the header. This might happen concurrently with a write to the
+ ** same area of shared memory on a different CPU in a SMP,
+ ** meaning it is possible that an inconsistent snapshot is read
+ ** from the file. If this happens, return non-zero.
+ **
+ ** There are two copies of the header at the beginning of the wal-index.
+ ** When reading, read [0] first then [1]. Writes are in the reverse order.
+ ** Memory barriers are used to prevent the compiler or the hardware from
+ ** reordering the reads and writes.
+ */
+ aHdr = walIndexHdr(pWal);
+ memcpy(&h1, (void *)&aHdr[0], sizeof(h1));
+ walShmBarrier(pWal);
+ memcpy(&h2, (void *)&aHdr[1], sizeof(h2));
+
+ if( memcmp(&h1, &h2, sizeof(h1))!=0 ){
+ return 1; /* Dirty read */
+ }
+ if( h1.isInit==0 ){
+ return 1; /* Malformed header - probably all zeros */
+ }
+ walChecksumBytes(1, (u8*)&h1, sizeof(h1)-sizeof(h1.aCksum), 0, aCksum);
+ if( aCksum[0]!=h1.aCksum[0] || aCksum[1]!=h1.aCksum[1] ){
+ return 1; /* Checksum does not match */
+ }
+
+ if( memcmp(&pWal->hdr, &h1, sizeof(WalIndexHdr)) ){
+ *pChanged = 1;
+ memcpy(&pWal->hdr, &h1, sizeof(WalIndexHdr));
+ pWal->szPage = (pWal->hdr.szPage&0xfe00) + ((pWal->hdr.szPage&0x0001)<<16);
+ testcase( pWal->szPage<=32768 );
+ testcase( pWal->szPage>=65536 );
+ }
+
+ /* The header was successfully read. Return zero. */
+ return 0;
+}
+
+/*
+** Read the wal-index header from the wal-index and into pWal->hdr.
+** If the wal-header appears to be corrupt, try to reconstruct the
+** wal-index from the WAL before returning.
+**
+** Set *pChanged to 1 if the wal-index header value in pWal->hdr is
+** changed by this operation. If pWal->hdr is unchanged, set *pChanged
+** to 0.
+**
+** If the wal-index header is successfully read, return SQLITE_OK.
+** Otherwise an SQLite error code.
+*/
+static int walIndexReadHdr(Wal *pWal, int *pChanged){
+ int rc; /* Return code */
+ int badHdr; /* True if a header read failed */
+ volatile u32 *page0; /* Chunk of wal-index containing header */
+
+ /* Ensure that page 0 of the wal-index (the page that contains the
+ ** wal-index header) is mapped. Return early if an error occurs here.
+ */
+ assert( pChanged );
+ rc = walIndexPage(pWal, 0, &page0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ };
+ assert( page0 || pWal->writeLock==0 );
+
+ /* If the first page of the wal-index has been mapped, try to read the
+ ** wal-index header immediately, without holding any lock. This usually
+ ** works, but may fail if the wal-index header is corrupt or currently
+ ** being modified by another thread or process.
+ */
+ badHdr = (page0 ? walIndexTryHdr(pWal, pChanged) : 1);
+
+ /* If the first attempt failed, it might have been due to a race
+ ** with a writer. So get a WRITE lock and try again.
+ */
+ assert( badHdr==0 || pWal->writeLock==0 );
+ if( badHdr ){
+ if( pWal->readOnly & WAL_SHM_RDONLY ){
+ if( SQLITE_OK==(rc = walLockShared(pWal, WAL_WRITE_LOCK)) ){
+ walUnlockShared(pWal, WAL_WRITE_LOCK);
+ rc = SQLITE_READONLY_RECOVERY;
+ }
+ }else if( SQLITE_OK==(rc = walLockExclusive(pWal, WAL_WRITE_LOCK, 1)) ){
+ pWal->writeLock = 1;
+ if( SQLITE_OK==(rc = walIndexPage(pWal, 0, &page0)) ){
+ badHdr = walIndexTryHdr(pWal, pChanged);
+ if( badHdr ){
+ /* If the wal-index header is still malformed even while holding
+ ** a WRITE lock, it can only mean that the header is corrupted and
+ ** needs to be reconstructed. So run recovery to do exactly that.
+ */
+ rc = walIndexRecover(pWal);
+ *pChanged = 1;
+ }
+ }
+ pWal->writeLock = 0;
+ walUnlockExclusive(pWal, WAL_WRITE_LOCK, 1);
+ }
+ }
+
+ /* If the header is read successfully, check the version number to make
+ ** sure the wal-index was not constructed with some future format that
+ ** this version of SQLite cannot understand.
+ */
+ if( badHdr==0 && pWal->hdr.iVersion!=WALINDEX_MAX_VERSION ){
+ rc = SQLITE_CANTOPEN_BKPT;
+ }
+
+ return rc;
+}
+
+/*
+** This is the value that walTryBeginRead returns when it needs to
+** be retried.
+*/
+#define WAL_RETRY (-1)
+
+/*
+** Attempt to start a read transaction. This might fail due to a race or
+** other transient condition. When that happens, it returns WAL_RETRY to
+** indicate to the caller that it is safe to retry immediately.
+**
+** On success return SQLITE_OK. On a permanent failure (such an
+** I/O error or an SQLITE_BUSY because another process is running
+** recovery) return a positive error code.
+**
+** The useWal parameter is true to force the use of the WAL and disable
+** the case where the WAL is bypassed because it has been completely
+** checkpointed. If useWal==0 then this routine calls walIndexReadHdr()
+** to make a copy of the wal-index header into pWal->hdr. If the
+** wal-index header has changed, *pChanged is set to 1 (as an indication
+** to the caller that the local paget cache is obsolete and needs to be
+** flushed.) When useWal==1, the wal-index header is assumed to already
+** be loaded and the pChanged parameter is unused.
+**
+** The caller must set the cnt parameter to the number of prior calls to
+** this routine during the current read attempt that returned WAL_RETRY.
+** This routine will start taking more aggressive measures to clear the
+** race conditions after multiple WAL_RETRY returns, and after an excessive
+** number of errors will ultimately return SQLITE_PROTOCOL. The
+** SQLITE_PROTOCOL return indicates that some other process has gone rogue
+** and is not honoring the locking protocol. There is a vanishingly small
+** chance that SQLITE_PROTOCOL could be returned because of a run of really
+** bad luck when there is lots of contention for the wal-index, but that
+** possibility is so small that it can be safely neglected, we believe.
+**
+** On success, this routine obtains a read lock on
+** WAL_READ_LOCK(pWal->readLock). The pWal->readLock integer is
+** in the range 0 <= pWal->readLock < WAL_NREADER. If pWal->readLock==(-1)
+** that means the Wal does not hold any read lock. The reader must not
+** access any database page that is modified by a WAL frame up to and
+** including frame number aReadMark[pWal->readLock]. The reader will
+** use WAL frames up to and including pWal->hdr.mxFrame if pWal->readLock>0
+** Or if pWal->readLock==0, then the reader will ignore the WAL
+** completely and get all content directly from the database file.
+** If the useWal parameter is 1 then the WAL will never be ignored and
+** this routine will always set pWal->readLock>0 on success.
+** When the read transaction is completed, the caller must release the
+** lock on WAL_READ_LOCK(pWal->readLock) and set pWal->readLock to -1.
+**
+** This routine uses the nBackfill and aReadMark[] fields of the header
+** to select a particular WAL_READ_LOCK() that strives to let the
+** checkpoint process do as much work as possible. This routine might
+** update values of the aReadMark[] array in the header, but if it does
+** so it takes care to hold an exclusive lock on the corresponding
+** WAL_READ_LOCK() while changing values.
+*/
+static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
+ volatile WalCkptInfo *pInfo; /* Checkpoint information in wal-index */
+ u32 mxReadMark; /* Largest aReadMark[] value */
+ int mxI; /* Index of largest aReadMark[] value */
+ int i; /* Loop counter */
+ int rc = SQLITE_OK; /* Return code */
+ u32 mxFrame; /* Wal frame to lock to */
+
+ assert( pWal->readLock<0 ); /* Not currently locked */
+
+ /* Take steps to avoid spinning forever if there is a protocol error.
+ **
+ ** Circumstances that cause a RETRY should only last for the briefest
+ ** instances of time. No I/O or other system calls are done while the
+ ** locks are held, so the locks should not be held for very long. But
+ ** if we are unlucky, another process that is holding a lock might get
+ ** paged out or take a page-fault that is time-consuming to resolve,
+ ** during the few nanoseconds that it is holding the lock. In that case,
+ ** it might take longer than normal for the lock to free.
+ **
+ ** After 5 RETRYs, we begin calling sqlite3OsSleep(). The first few
+ ** calls to sqlite3OsSleep() have a delay of 1 microsecond. Really this
+ ** is more of a scheduler yield than an actual delay. But on the 10th
+ ** an subsequent retries, the delays start becoming longer and longer,
+ ** so that on the 100th (and last) RETRY we delay for 323 milliseconds.
+ ** The total delay time before giving up is less than 10 seconds.
+ */
+ if( cnt>5 ){
+ int nDelay = 1; /* Pause time in microseconds */
+ if( cnt>100 ){
+ VVA_ONLY( pWal->lockError = 1; )
+ return SQLITE_PROTOCOL;
+ }
+ if( cnt>=10 ) nDelay = (cnt-9)*(cnt-9)*39;
+ sqlite3OsSleep(pWal->pVfs, nDelay);
+ }
+
+ if( !useWal ){
+ rc = walIndexReadHdr(pWal, pChanged);
+ if( rc==SQLITE_BUSY ){
+ /* If there is not a recovery running in another thread or process
+ ** then convert BUSY errors to WAL_RETRY. If recovery is known to
+ ** be running, convert BUSY to BUSY_RECOVERY. There is a race here
+ ** which might cause WAL_RETRY to be returned even if BUSY_RECOVERY
+ ** would be technically correct. But the race is benign since with
+ ** WAL_RETRY this routine will be called again and will probably be
+ ** right on the second iteration.
+ */
+ if( pWal->apWiData[0]==0 ){
+ /* This branch is taken when the xShmMap() method returns SQLITE_BUSY.
+ ** We assume this is a transient condition, so return WAL_RETRY. The
+ ** xShmMap() implementation used by the default unix and win32 VFS
+ ** modules may return SQLITE_BUSY due to a race condition in the
+ ** code that determines whether or not the shared-memory region
+ ** must be zeroed before the requested page is returned.
+ */
+ rc = WAL_RETRY;
+ }else if( SQLITE_OK==(rc = walLockShared(pWal, WAL_RECOVER_LOCK)) ){
+ walUnlockShared(pWal, WAL_RECOVER_LOCK);
+ rc = WAL_RETRY;
+ }else if( rc==SQLITE_BUSY ){
+ rc = SQLITE_BUSY_RECOVERY;
+ }
+ }
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }
+
+ pInfo = walCkptInfo(pWal);
+ if( !useWal && pInfo->nBackfill==pWal->hdr.mxFrame
+#ifdef SQLITE_ENABLE_SNAPSHOT
+ && (pWal->pSnapshot==0 || pWal->hdr.mxFrame==0
+ || 0==memcmp(&pWal->hdr, pWal->pSnapshot, sizeof(WalIndexHdr)))
+#endif
+ ){
+ /* The WAL has been completely backfilled (or it is empty).
+ ** and can be safely ignored.
+ */
+ rc = walLockShared(pWal, WAL_READ_LOCK(0));
+ walShmBarrier(pWal);
+ if( rc==SQLITE_OK ){
+ if( memcmp((void *)walIndexHdr(pWal), &pWal->hdr, sizeof(WalIndexHdr)) ){
+ /* It is not safe to allow the reader to continue here if frames
+ ** may have been appended to the log before READ_LOCK(0) was obtained.
+ ** When holding READ_LOCK(0), the reader ignores the entire log file,
+ ** which implies that the database file contains a trustworthy
+ ** snapshot. Since holding READ_LOCK(0) prevents a checkpoint from
+ ** happening, this is usually correct.
+ **
+ ** However, if frames have been appended to the log (or if the log
+ ** is wrapped and written for that matter) before the READ_LOCK(0)
+ ** is obtained, that is not necessarily true. A checkpointer may
+ ** have started to backfill the appended frames but crashed before
+ ** it finished. Leaving a corrupt image in the database file.
+ */
+ walUnlockShared(pWal, WAL_READ_LOCK(0));
+ return WAL_RETRY;
+ }
+ pWal->readLock = 0;
+ return SQLITE_OK;
+ }else if( rc!=SQLITE_BUSY ){
+ return rc;
+ }
+ }
+
+ /* If we get this far, it means that the reader will want to use
+ ** the WAL to get at content from recent commits. The job now is
+ ** to select one of the aReadMark[] entries that is closest to
+ ** but not exceeding pWal->hdr.mxFrame and lock that entry.
+ */
+ mxReadMark = 0;
+ mxI = 0;
+ mxFrame = pWal->hdr.mxFrame;
+#ifdef SQLITE_ENABLE_SNAPSHOT
+ if( pWal->pSnapshot && pWal->pSnapshot->mxFrame<mxFrame ){
+ mxFrame = pWal->pSnapshot->mxFrame;
+ }
+#endif
+ for(i=1; i<WAL_NREADER; i++){
+ u32 thisMark = pInfo->aReadMark[i];
+ if( mxReadMark<=thisMark && thisMark<=mxFrame ){
+ assert( thisMark!=READMARK_NOT_USED );
+ mxReadMark = thisMark;
+ mxI = i;
+ }
+ }
+ if( (pWal->readOnly & WAL_SHM_RDONLY)==0
+ && (mxReadMark<mxFrame || mxI==0)
+ ){
+ for(i=1; i<WAL_NREADER; i++){
+ rc = walLockExclusive(pWal, WAL_READ_LOCK(i), 1);
+ if( rc==SQLITE_OK ){
+ mxReadMark = pInfo->aReadMark[i] = mxFrame;
+ mxI = i;
+ walUnlockExclusive(pWal, WAL_READ_LOCK(i), 1);
+ break;
+ }else if( rc!=SQLITE_BUSY ){
+ return rc;
+ }
+ }
+ }
+ if( mxI==0 ){
+ assert( rc==SQLITE_BUSY || (pWal->readOnly & WAL_SHM_RDONLY)!=0 );
+ return rc==SQLITE_BUSY ? WAL_RETRY : SQLITE_READONLY_CANTLOCK;
+ }
+
+ rc = walLockShared(pWal, WAL_READ_LOCK(mxI));
+ if( rc ){
+ return rc==SQLITE_BUSY ? WAL_RETRY : rc;
+ }
+ /* Now that the read-lock has been obtained, check that neither the
+ ** value in the aReadMark[] array or the contents of the wal-index
+ ** header have changed.
+ **
+ ** It is necessary to check that the wal-index header did not change
+ ** between the time it was read and when the shared-lock was obtained
+ ** on WAL_READ_LOCK(mxI) was obtained to account for the possibility
+ ** that the log file may have been wrapped by a writer, or that frames
+ ** that occur later in the log than pWal->hdr.mxFrame may have been
+ ** copied into the database by a checkpointer. If either of these things
+ ** happened, then reading the database with the current value of
+ ** pWal->hdr.mxFrame risks reading a corrupted snapshot. So, retry
+ ** instead.
+ **
+ ** Before checking that the live wal-index header has not changed
+ ** since it was read, set Wal.minFrame to the first frame in the wal
+ ** file that has not yet been checkpointed. This client will not need
+ ** to read any frames earlier than minFrame from the wal file - they
+ ** can be safely read directly from the database file.
+ **
+ ** Because a ShmBarrier() call is made between taking the copy of
+ ** nBackfill and checking that the wal-header in shared-memory still
+ ** matches the one cached in pWal->hdr, it is guaranteed that the
+ ** checkpointer that set nBackfill was not working with a wal-index
+ ** header newer than that cached in pWal->hdr. If it were, that could
+ ** cause a problem. The checkpointer could omit to checkpoint
+ ** a version of page X that lies before pWal->minFrame (call that version
+ ** A) on the basis that there is a newer version (version B) of the same
+ ** page later in the wal file. But if version B happens to like past
+ ** frame pWal->hdr.mxFrame - then the client would incorrectly assume
+ ** that it can read version A from the database file. However, since
+ ** we can guarantee that the checkpointer that set nBackfill could not
+ ** see any pages past pWal->hdr.mxFrame, this problem does not come up.
+ */
+ pWal->minFrame = pInfo->nBackfill+1;
+ walShmBarrier(pWal);
+ if( pInfo->aReadMark[mxI]!=mxReadMark
+ || memcmp((void *)walIndexHdr(pWal), &pWal->hdr, sizeof(WalIndexHdr))
+ ){
+ walUnlockShared(pWal, WAL_READ_LOCK(mxI));
+ return WAL_RETRY;
+ }else{
+ assert( mxReadMark<=pWal->hdr.mxFrame );
+ pWal->readLock = (i16)mxI;
+ }
+ return rc;
+}
+
+/*
+** Begin a read transaction on the database.
+**
+** This routine used to be called sqlite3OpenSnapshot() and with good reason:
+** it takes a snapshot of the state of the WAL and wal-index for the current
+** instant in time. The current thread will continue to use this snapshot.
+** Other threads might append new content to the WAL and wal-index but
+** that extra content is ignored by the current thread.
+**
+** If the database contents have changes since the previous read
+** transaction, then *pChanged is set to 1 before returning. The
+** Pager layer will use this to know that is cache is stale and
+** needs to be flushed.
+*/
+SQLITE_PRIVATE int sqlite3WalBeginReadTransaction(Wal *pWal, int *pChanged){
+ int rc; /* Return code */
+ int cnt = 0; /* Number of TryBeginRead attempts */
+
+#ifdef SQLITE_ENABLE_SNAPSHOT
+ int bChanged = 0;
+ WalIndexHdr *pSnapshot = pWal->pSnapshot;
+ if( pSnapshot && memcmp(pSnapshot, &pWal->hdr, sizeof(WalIndexHdr))!=0 ){
+ bChanged = 1;
+ }
+#endif
+
+ do{
+ rc = walTryBeginRead(pWal, pChanged, 0, ++cnt);
+ }while( rc==WAL_RETRY );
+ testcase( (rc&0xff)==SQLITE_BUSY );
+ testcase( (rc&0xff)==SQLITE_IOERR );
+ testcase( rc==SQLITE_PROTOCOL );
+ testcase( rc==SQLITE_OK );
+
+#ifdef SQLITE_ENABLE_SNAPSHOT
+ if( rc==SQLITE_OK ){
+ if( pSnapshot && memcmp(pSnapshot, &pWal->hdr, sizeof(WalIndexHdr))!=0 ){
+ /* At this point the client has a lock on an aReadMark[] slot holding
+ ** a value equal to or smaller than pSnapshot->mxFrame, but pWal->hdr
+ ** is populated with the wal-index header corresponding to the head
+ ** of the wal file. Verify that pSnapshot is still valid before
+ ** continuing. Reasons why pSnapshot might no longer be valid:
+ **
+ ** (1) The WAL file has been reset since the snapshot was taken.
+ ** In this case, the salt will have changed.
+ **
+ ** (2) A checkpoint as been attempted that wrote frames past
+ ** pSnapshot->mxFrame into the database file. Note that the
+ ** checkpoint need not have completed for this to cause problems.
+ */
+ volatile WalCkptInfo *pInfo = walCkptInfo(pWal);
+
+ assert( pWal->readLock>0 || pWal->hdr.mxFrame==0 );
+ assert( pInfo->aReadMark[pWal->readLock]<=pSnapshot->mxFrame );
+
+ /* It is possible that there is a checkpointer thread running
+ ** concurrent with this code. If this is the case, it may be that the
+ ** checkpointer has already determined that it will checkpoint
+ ** snapshot X, where X is later in the wal file than pSnapshot, but
+ ** has not yet set the pInfo->nBackfillAttempted variable to indicate
+ ** its intent. To avoid the race condition this leads to, ensure that
+ ** there is no checkpointer process by taking a shared CKPT lock
+ ** before checking pInfo->nBackfillAttempted. */
+ rc = walLockShared(pWal, WAL_CKPT_LOCK);
+
+ if( rc==SQLITE_OK ){
+ /* Check that the wal file has not been wrapped. Assuming that it has
+ ** not, also check that no checkpointer has attempted to checkpoint any
+ ** frames beyond pSnapshot->mxFrame. If either of these conditions are
+ ** true, return SQLITE_BUSY_SNAPSHOT. Otherwise, overwrite pWal->hdr
+ ** with *pSnapshot and set *pChanged as appropriate for opening the
+ ** snapshot. */
+ if( !memcmp(pSnapshot->aSalt, pWal->hdr.aSalt, sizeof(pWal->hdr.aSalt))
+ && pSnapshot->mxFrame>=pInfo->nBackfillAttempted
+ ){
+ assert( pWal->readLock>0 );
+ memcpy(&pWal->hdr, pSnapshot, sizeof(WalIndexHdr));
+ *pChanged = bChanged;
+ }else{
+ rc = SQLITE_BUSY_SNAPSHOT;
+ }
+
+ /* Release the shared CKPT lock obtained above. */
+ walUnlockShared(pWal, WAL_CKPT_LOCK);
+ }
+
+
+ if( rc!=SQLITE_OK ){
+ sqlite3WalEndReadTransaction(pWal);
+ }
+ }
+ }
+#endif
+ return rc;
+}
+
+/*
+** Finish with a read transaction. All this does is release the
+** read-lock.
+*/
+SQLITE_PRIVATE void sqlite3WalEndReadTransaction(Wal *pWal){
+ sqlite3WalEndWriteTransaction(pWal);
+ if( pWal->readLock>=0 ){
+ walUnlockShared(pWal, WAL_READ_LOCK(pWal->readLock));
+ pWal->readLock = -1;
+ }
+}
+
+/*
+** Search the wal file for page pgno. If found, set *piRead to the frame that
+** contains the page. Otherwise, if pgno is not in the wal file, set *piRead
+** to zero.
+**
+** Return SQLITE_OK if successful, or an error code if an error occurs. If an
+** error does occur, the final value of *piRead is undefined.
+*/
+SQLITE_PRIVATE int sqlite3WalFindFrame(
+ Wal *pWal, /* WAL handle */
+ Pgno pgno, /* Database page number to read data for */
+ u32 *piRead /* OUT: Frame number (or zero) */
+){
+ u32 iRead = 0; /* If !=0, WAL frame to return data from */
+ u32 iLast = pWal->hdr.mxFrame; /* Last page in WAL for this reader */
+ int iHash; /* Used to loop through N hash tables */
+ int iMinHash;
+
+ /* This routine is only be called from within a read transaction. */
+ assert( pWal->readLock>=0 || pWal->lockError );
+
+ /* If the "last page" field of the wal-index header snapshot is 0, then
+ ** no data will be read from the wal under any circumstances. Return early
+ ** in this case as an optimization. Likewise, if pWal->readLock==0,
+ ** then the WAL is ignored by the reader so return early, as if the
+ ** WAL were empty.
+ */
+ if( iLast==0 || pWal->readLock==0 ){
+ *piRead = 0;
+ return SQLITE_OK;
+ }
+
+ /* Search the hash table or tables for an entry matching page number
+ ** pgno. Each iteration of the following for() loop searches one
+ ** hash table (each hash table indexes up to HASHTABLE_NPAGE frames).
+ **
+ ** This code might run concurrently to the code in walIndexAppend()
+ ** that adds entries to the wal-index (and possibly to this hash
+ ** table). This means the value just read from the hash
+ ** slot (aHash[iKey]) may have been added before or after the
+ ** current read transaction was opened. Values added after the
+ ** read transaction was opened may have been written incorrectly -
+ ** i.e. these slots may contain garbage data. However, we assume
+ ** that any slots written before the current read transaction was
+ ** opened remain unmodified.
+ **
+ ** For the reasons above, the if(...) condition featured in the inner
+ ** loop of the following block is more stringent that would be required
+ ** if we had exclusive access to the hash-table:
+ **
+ ** (aPgno[iFrame]==pgno):
+ ** This condition filters out normal hash-table collisions.
+ **
+ ** (iFrame<=iLast):
+ ** This condition filters out entries that were added to the hash
+ ** table after the current read-transaction had started.
+ */
+ iMinHash = walFramePage(pWal->minFrame);
+ for(iHash=walFramePage(iLast); iHash>=iMinHash && iRead==0; iHash--){
+ volatile ht_slot *aHash; /* Pointer to hash table */
+ volatile u32 *aPgno; /* Pointer to array of page numbers */
+ u32 iZero; /* Frame number corresponding to aPgno[0] */
+ int iKey; /* Hash slot index */
+ int nCollide; /* Number of hash collisions remaining */
+ int rc; /* Error code */
+
+ rc = walHashGet(pWal, iHash, &aHash, &aPgno, &iZero);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ nCollide = HASHTABLE_NSLOT;
+ for(iKey=walHash(pgno); aHash[iKey]; iKey=walNextHash(iKey)){
+ u32 iFrame = aHash[iKey] + iZero;
+ if( iFrame<=iLast && iFrame>=pWal->minFrame && aPgno[aHash[iKey]]==pgno ){
+ assert( iFrame>iRead || CORRUPT_DB );
+ iRead = iFrame;
+ }
+ if( (nCollide--)==0 ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ }
+ }
+
+#ifdef SQLITE_ENABLE_EXPENSIVE_ASSERT
+ /* If expensive assert() statements are available, do a linear search
+ ** of the wal-index file content. Make sure the results agree with the
+ ** result obtained using the hash indexes above. */
+ {
+ u32 iRead2 = 0;
+ u32 iTest;
+ assert( pWal->minFrame>0 );
+ for(iTest=iLast; iTest>=pWal->minFrame; iTest--){
+ if( walFramePgno(pWal, iTest)==pgno ){
+ iRead2 = iTest;
+ break;
+ }
+ }
+ assert( iRead==iRead2 );
+ }
+#endif
+
+ *piRead = iRead;
+ return SQLITE_OK;
+}
+
+/*
+** Read the contents of frame iRead from the wal file into buffer pOut
+** (which is nOut bytes in size). Return SQLITE_OK if successful, or an
+** error code otherwise.
+*/
+SQLITE_PRIVATE int sqlite3WalReadFrame(
+ Wal *pWal, /* WAL handle */
+ u32 iRead, /* Frame to read */
+ int nOut, /* Size of buffer pOut in bytes */
+ u8 *pOut /* Buffer to write page data to */
+){
+ int sz;
+ i64 iOffset;
+ sz = pWal->hdr.szPage;
+ sz = (sz&0xfe00) + ((sz&0x0001)<<16);
+ testcase( sz<=32768 );
+ testcase( sz>=65536 );
+ iOffset = walFrameOffset(iRead, sz) + WAL_FRAME_HDRSIZE;
+ /* testcase( IS_BIG_INT(iOffset) ); // requires a 4GiB WAL */
+ return sqlite3OsRead(pWal->pWalFd, pOut, (nOut>sz ? sz : nOut), iOffset);
+}
+
+/*
+** Return the size of the database in pages (or zero, if unknown).
+*/
+SQLITE_PRIVATE Pgno sqlite3WalDbsize(Wal *pWal){
+ if( pWal && ALWAYS(pWal->readLock>=0) ){
+ return pWal->hdr.nPage;
+ }
+ return 0;
+}
+
+
+/*
+** This function starts a write transaction on the WAL.
+**
+** A read transaction must have already been started by a prior call
+** to sqlite3WalBeginReadTransaction().
+**
+** If another thread or process has written into the database since
+** the read transaction was started, then it is not possible for this
+** thread to write as doing so would cause a fork. So this routine
+** returns SQLITE_BUSY in that case and no write transaction is started.
+**
+** There can only be a single writer active at a time.
+*/
+SQLITE_PRIVATE int sqlite3WalBeginWriteTransaction(Wal *pWal){
+ int rc;
+
+ /* Cannot start a write transaction without first holding a read
+ ** transaction. */
+ assert( pWal->readLock>=0 );
+
+ if( pWal->readOnly ){
+ return SQLITE_READONLY;
+ }
+
+ /* Only one writer allowed at a time. Get the write lock. Return
+ ** SQLITE_BUSY if unable.
+ */
+ rc = walLockExclusive(pWal, WAL_WRITE_LOCK, 1);
+ if( rc ){
+ return rc;
+ }
+ pWal->writeLock = 1;
+
+ /* If another connection has written to the database file since the
+ ** time the read transaction on this connection was started, then
+ ** the write is disallowed.
+ */
+ if( memcmp(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr))!=0 ){
+ walUnlockExclusive(pWal, WAL_WRITE_LOCK, 1);
+ pWal->writeLock = 0;
+ rc = SQLITE_BUSY_SNAPSHOT;
+ }
+
+ return rc;
+}
+
+/*
+** End a write transaction. The commit has already been done. This
+** routine merely releases the lock.
+*/
+SQLITE_PRIVATE int sqlite3WalEndWriteTransaction(Wal *pWal){
+ if( pWal->writeLock ){
+ walUnlockExclusive(pWal, WAL_WRITE_LOCK, 1);
+ pWal->writeLock = 0;
+ pWal->truncateOnCommit = 0;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** If any data has been written (but not committed) to the log file, this
+** function moves the write-pointer back to the start of the transaction.
+**
+** Additionally, the callback function is invoked for each frame written
+** to the WAL since the start of the transaction. If the callback returns
+** other than SQLITE_OK, it is not invoked again and the error code is
+** returned to the caller.
+**
+** Otherwise, if the callback function does not return an error, this
+** function returns SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3WalUndo(Wal *pWal, int (*xUndo)(void *, Pgno), void *pUndoCtx){
+ int rc = SQLITE_OK;
+ if( ALWAYS(pWal->writeLock) ){
+ Pgno iMax = pWal->hdr.mxFrame;
+ Pgno iFrame;
+
+ /* Restore the clients cache of the wal-index header to the state it
+ ** was in before the client began writing to the database.
+ */
+ memcpy(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr));
+
+ for(iFrame=pWal->hdr.mxFrame+1;
+ ALWAYS(rc==SQLITE_OK) && iFrame<=iMax;
+ iFrame++
+ ){
+ /* This call cannot fail. Unless the page for which the page number
+ ** is passed as the second argument is (a) in the cache and
+ ** (b) has an outstanding reference, then xUndo is either a no-op
+ ** (if (a) is false) or simply expels the page from the cache (if (b)
+ ** is false).
+ **
+ ** If the upper layer is doing a rollback, it is guaranteed that there
+ ** are no outstanding references to any page other than page 1. And
+ ** page 1 is never written to the log until the transaction is
+ ** committed. As a result, the call to xUndo may not fail.
+ */
+ assert( walFramePgno(pWal, iFrame)!=1 );
+ rc = xUndo(pUndoCtx, walFramePgno(pWal, iFrame));
+ }
+ if( iMax!=pWal->hdr.mxFrame ) walCleanupHash(pWal);
+ }
+ return rc;
+}
+
+/*
+** Argument aWalData must point to an array of WAL_SAVEPOINT_NDATA u32
+** values. This function populates the array with values required to
+** "rollback" the write position of the WAL handle back to the current
+** point in the event of a savepoint rollback (via WalSavepointUndo()).
+*/
+SQLITE_PRIVATE void sqlite3WalSavepoint(Wal *pWal, u32 *aWalData){
+ assert( pWal->writeLock );
+ aWalData[0] = pWal->hdr.mxFrame;
+ aWalData[1] = pWal->hdr.aFrameCksum[0];
+ aWalData[2] = pWal->hdr.aFrameCksum[1];
+ aWalData[3] = pWal->nCkpt;
+}
+
+/*
+** Move the write position of the WAL back to the point identified by
+** the values in the aWalData[] array. aWalData must point to an array
+** of WAL_SAVEPOINT_NDATA u32 values that has been previously populated
+** by a call to WalSavepoint().
+*/
+SQLITE_PRIVATE int sqlite3WalSavepointUndo(Wal *pWal, u32 *aWalData){
+ int rc = SQLITE_OK;
+
+ assert( pWal->writeLock );
+ assert( aWalData[3]!=pWal->nCkpt || aWalData[0]<=pWal->hdr.mxFrame );
+
+ if( aWalData[3]!=pWal->nCkpt ){
+ /* This savepoint was opened immediately after the write-transaction
+ ** was started. Right after that, the writer decided to wrap around
+ ** to the start of the log. Update the savepoint values to match.
+ */
+ aWalData[0] = 0;
+ aWalData[3] = pWal->nCkpt;
+ }
+
+ if( aWalData[0]<pWal->hdr.mxFrame ){
+ pWal->hdr.mxFrame = aWalData[0];
+ pWal->hdr.aFrameCksum[0] = aWalData[1];
+ pWal->hdr.aFrameCksum[1] = aWalData[2];
+ walCleanupHash(pWal);
+ }
+
+ return rc;
+}
+
+/*
+** This function is called just before writing a set of frames to the log
+** file (see sqlite3WalFrames()). It checks to see if, instead of appending
+** to the current log file, it is possible to overwrite the start of the
+** existing log file with the new frames (i.e. "reset" the log). If so,
+** it sets pWal->hdr.mxFrame to 0. Otherwise, pWal->hdr.mxFrame is left
+** unchanged.
+**
+** SQLITE_OK is returned if no error is encountered (regardless of whether
+** or not pWal->hdr.mxFrame is modified). An SQLite error code is returned
+** if an error occurs.
+*/
+static int walRestartLog(Wal *pWal){
+ int rc = SQLITE_OK;
+ int cnt;
+
+ if( pWal->readLock==0 ){
+ volatile WalCkptInfo *pInfo = walCkptInfo(pWal);
+ assert( pInfo->nBackfill==pWal->hdr.mxFrame );
+ if( pInfo->nBackfill>0 ){
+ u32 salt1;
+ sqlite3_randomness(4, &salt1);
+ rc = walLockExclusive(pWal, WAL_READ_LOCK(1), WAL_NREADER-1);
+ if( rc==SQLITE_OK ){
+ /* If all readers are using WAL_READ_LOCK(0) (in other words if no
+ ** readers are currently using the WAL), then the transactions
+ ** frames will overwrite the start of the existing log. Update the
+ ** wal-index header to reflect this.
+ **
+ ** In theory it would be Ok to update the cache of the header only
+ ** at this point. But updating the actual wal-index header is also
+ ** safe and means there is no special case for sqlite3WalUndo()
+ ** to handle if this transaction is rolled back. */
+ walRestartHdr(pWal, salt1);
+ walUnlockExclusive(pWal, WAL_READ_LOCK(1), WAL_NREADER-1);
+ }else if( rc!=SQLITE_BUSY ){
+ return rc;
+ }
+ }
+ walUnlockShared(pWal, WAL_READ_LOCK(0));
+ pWal->readLock = -1;
+ cnt = 0;
+ do{
+ int notUsed;
+ rc = walTryBeginRead(pWal, &notUsed, 1, ++cnt);
+ }while( rc==WAL_RETRY );
+ assert( (rc&0xff)!=SQLITE_BUSY ); /* BUSY not possible when useWal==1 */
+ testcase( (rc&0xff)==SQLITE_IOERR );
+ testcase( rc==SQLITE_PROTOCOL );
+ testcase( rc==SQLITE_OK );
+ }
+ return rc;
+}
+
+/*
+** Information about the current state of the WAL file and where
+** the next fsync should occur - passed from sqlite3WalFrames() into
+** walWriteToLog().
+*/
+typedef struct WalWriter {
+ Wal *pWal; /* The complete WAL information */
+ sqlite3_file *pFd; /* The WAL file to which we write */
+ sqlite3_int64 iSyncPoint; /* Fsync at this offset */
+ int syncFlags; /* Flags for the fsync */
+ int szPage; /* Size of one page */
+} WalWriter;
+
+/*
+** Write iAmt bytes of content into the WAL file beginning at iOffset.
+** Do a sync when crossing the p->iSyncPoint boundary.
+**
+** In other words, if iSyncPoint is in between iOffset and iOffset+iAmt,
+** first write the part before iSyncPoint, then sync, then write the
+** rest.
+*/
+static int walWriteToLog(
+ WalWriter *p, /* WAL to write to */
+ void *pContent, /* Content to be written */
+ int iAmt, /* Number of bytes to write */
+ sqlite3_int64 iOffset /* Start writing at this offset */
+){
+ int rc;
+ if( iOffset<p->iSyncPoint && iOffset+iAmt>=p->iSyncPoint ){
+ int iFirstAmt = (int)(p->iSyncPoint - iOffset);
+ rc = sqlite3OsWrite(p->pFd, pContent, iFirstAmt, iOffset);
+ if( rc ) return rc;
+ iOffset += iFirstAmt;
+ iAmt -= iFirstAmt;
+ pContent = (void*)(iFirstAmt + (char*)pContent);
+ assert( p->syncFlags & (SQLITE_SYNC_NORMAL|SQLITE_SYNC_FULL) );
+ rc = sqlite3OsSync(p->pFd, p->syncFlags & SQLITE_SYNC_MASK);
+ if( iAmt==0 || rc ) return rc;
+ }
+ rc = sqlite3OsWrite(p->pFd, pContent, iAmt, iOffset);
+ return rc;
+}
+
+/*
+** Write out a single frame of the WAL
+*/
+static int walWriteOneFrame(
+ WalWriter *p, /* Where to write the frame */
+ PgHdr *pPage, /* The page of the frame to be written */
+ int nTruncate, /* The commit flag. Usually 0. >0 for commit */
+ sqlite3_int64 iOffset /* Byte offset at which to write */
+){
+ int rc; /* Result code from subfunctions */
+ void *pData; /* Data actually written */
+ u8 aFrame[WAL_FRAME_HDRSIZE]; /* Buffer to assemble frame-header in */
+#if defined(SQLITE_HAS_CODEC)
+ if( (pData = sqlite3PagerCodec(pPage))==0 ) return SQLITE_NOMEM;
+#else
+ pData = pPage->pData;
+#endif
+ walEncodeFrame(p->pWal, pPage->pgno, nTruncate, pData, aFrame);
+ rc = walWriteToLog(p, aFrame, sizeof(aFrame), iOffset);
+ if( rc ) return rc;
+ /* Write the page data */
+ rc = walWriteToLog(p, pData, p->szPage, iOffset+sizeof(aFrame));
+ return rc;
+}
+
+/*
+** Write a set of frames to the log. The caller must hold the write-lock
+** on the log file (obtained using sqlite3WalBeginWriteTransaction()).
+*/
+SQLITE_PRIVATE int sqlite3WalFrames(
+ Wal *pWal, /* Wal handle to write to */
+ int szPage, /* Database page-size in bytes */
+ PgHdr *pList, /* List of dirty pages to write */
+ Pgno nTruncate, /* Database size after this commit */
+ int isCommit, /* True if this is a commit */
+ int sync_flags /* Flags to pass to OsSync() (or 0) */
+){
+ int rc; /* Used to catch return codes */
+ u32 iFrame; /* Next frame address */
+ PgHdr *p; /* Iterator to run through pList with. */
+ PgHdr *pLast = 0; /* Last frame in list */
+ int nExtra = 0; /* Number of extra copies of last page */
+ int szFrame; /* The size of a single frame */
+ i64 iOffset; /* Next byte to write in WAL file */
+ WalWriter w; /* The writer */
+
+ assert( pList );
+ assert( pWal->writeLock );
+
+ /* If this frame set completes a transaction, then nTruncate>0. If
+ ** nTruncate==0 then this frame set does not complete the transaction. */
+ assert( (isCommit!=0)==(nTruncate!=0) );
+
+#if defined(SQLITE_TEST) && defined(SQLITE_DEBUG)
+ { int cnt; for(cnt=0, p=pList; p; p=p->pDirty, cnt++){}
+ WALTRACE(("WAL%p: frame write begin. %d frames. mxFrame=%d. %s\n",
+ pWal, cnt, pWal->hdr.mxFrame, isCommit ? "Commit" : "Spill"));
+ }
+#endif
+
+ /* See if it is possible to write these frames into the start of the
+ ** log file, instead of appending to it at pWal->hdr.mxFrame.
+ */
+ if( SQLITE_OK!=(rc = walRestartLog(pWal)) ){
+ return rc;
+ }
+
+ /* If this is the first frame written into the log, write the WAL
+ ** header to the start of the WAL file. See comments at the top of
+ ** this source file for a description of the WAL header format.
+ */
+ iFrame = pWal->hdr.mxFrame;
+ if( iFrame==0 ){
+ u8 aWalHdr[WAL_HDRSIZE]; /* Buffer to assemble wal-header in */
+ u32 aCksum[2]; /* Checksum for wal-header */
+
+ sqlite3Put4byte(&aWalHdr[0], (WAL_MAGIC | SQLITE_BIGENDIAN));
+ sqlite3Put4byte(&aWalHdr[4], WAL_MAX_VERSION);
+ sqlite3Put4byte(&aWalHdr[8], szPage);
+ sqlite3Put4byte(&aWalHdr[12], pWal->nCkpt);
+ if( pWal->nCkpt==0 ) sqlite3_randomness(8, pWal->hdr.aSalt);
+ memcpy(&aWalHdr[16], pWal->hdr.aSalt, 8);
+ walChecksumBytes(1, aWalHdr, WAL_HDRSIZE-2*4, 0, aCksum);
+ sqlite3Put4byte(&aWalHdr[24], aCksum[0]);
+ sqlite3Put4byte(&aWalHdr[28], aCksum[1]);
+
+ pWal->szPage = szPage;
+ pWal->hdr.bigEndCksum = SQLITE_BIGENDIAN;
+ pWal->hdr.aFrameCksum[0] = aCksum[0];
+ pWal->hdr.aFrameCksum[1] = aCksum[1];
+ pWal->truncateOnCommit = 1;
+
+ rc = sqlite3OsWrite(pWal->pWalFd, aWalHdr, sizeof(aWalHdr), 0);
+ WALTRACE(("WAL%p: wal-header write %s\n", pWal, rc ? "failed" : "ok"));
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* Sync the header (unless SQLITE_IOCAP_SEQUENTIAL is true or unless
+ ** all syncing is turned off by PRAGMA synchronous=OFF). Otherwise
+ ** an out-of-order write following a WAL restart could result in
+ ** database corruption. See the ticket:
+ **
+ ** http://localhost:591/sqlite/info/ff5be73dee
+ */
+ if( pWal->syncHeader && sync_flags ){
+ rc = sqlite3OsSync(pWal->pWalFd, sync_flags & SQLITE_SYNC_MASK);
+ if( rc ) return rc;
+ }
+ }
+ assert( (int)pWal->szPage==szPage );
+
+ /* Setup information needed to write frames into the WAL */
+ w.pWal = pWal;
+ w.pFd = pWal->pWalFd;
+ w.iSyncPoint = 0;
+ w.syncFlags = sync_flags;
+ w.szPage = szPage;
+ iOffset = walFrameOffset(iFrame+1, szPage);
+ szFrame = szPage + WAL_FRAME_HDRSIZE;
+
+ /* Write all frames into the log file exactly once */
+ for(p=pList; p; p=p->pDirty){
+ int nDbSize; /* 0 normally. Positive == commit flag */
+ iFrame++;
+ assert( iOffset==walFrameOffset(iFrame, szPage) );
+ nDbSize = (isCommit && p->pDirty==0) ? nTruncate : 0;
+ rc = walWriteOneFrame(&w, p, nDbSize, iOffset);
+ if( rc ) return rc;
+ pLast = p;
+ iOffset += szFrame;
+ }
+
+ /* If this is the end of a transaction, then we might need to pad
+ ** the transaction and/or sync the WAL file.
+ **
+ ** Padding and syncing only occur if this set of frames complete a
+ ** transaction and if PRAGMA synchronous=FULL. If synchronous==NORMAL
+ ** or synchronous==OFF, then no padding or syncing are needed.
+ **
+ ** If SQLITE_IOCAP_POWERSAFE_OVERWRITE is defined, then padding is not
+ ** needed and only the sync is done. If padding is needed, then the
+ ** final frame is repeated (with its commit mark) until the next sector
+ ** boundary is crossed. Only the part of the WAL prior to the last
+ ** sector boundary is synced; the part of the last frame that extends
+ ** past the sector boundary is written after the sync.
+ */
+ if( isCommit && (sync_flags & WAL_SYNC_TRANSACTIONS)!=0 ){
+ if( pWal->padToSectorBoundary ){
+ int sectorSize = sqlite3SectorSize(pWal->pWalFd);
+ w.iSyncPoint = ((iOffset+sectorSize-1)/sectorSize)*sectorSize;
+ while( iOffset<w.iSyncPoint ){
+ rc = walWriteOneFrame(&w, pLast, nTruncate, iOffset);
+ if( rc ) return rc;
+ iOffset += szFrame;
+ nExtra++;
+ }
+ }else{
+ rc = sqlite3OsSync(w.pFd, sync_flags & SQLITE_SYNC_MASK);
+ }
+ }
+
+ /* If this frame set completes the first transaction in the WAL and
+ ** if PRAGMA journal_size_limit is set, then truncate the WAL to the
+ ** journal size limit, if possible.
+ */
+ if( isCommit && pWal->truncateOnCommit && pWal->mxWalSize>=0 ){
+ i64 sz = pWal->mxWalSize;
+ if( walFrameOffset(iFrame+nExtra+1, szPage)>pWal->mxWalSize ){
+ sz = walFrameOffset(iFrame+nExtra+1, szPage);
+ }
+ walLimitSize(pWal, sz);
+ pWal->truncateOnCommit = 0;
+ }
+
+ /* Append data to the wal-index. It is not necessary to lock the
+ ** wal-index to do this as the SQLITE_SHM_WRITE lock held on the wal-index
+ ** guarantees that there are no other writers, and no data that may
+ ** be in use by existing readers is being overwritten.
+ */
+ iFrame = pWal->hdr.mxFrame;
+ for(p=pList; p && rc==SQLITE_OK; p=p->pDirty){
+ iFrame++;
+ rc = walIndexAppend(pWal, iFrame, p->pgno);
+ }
+ while( rc==SQLITE_OK && nExtra>0 ){
+ iFrame++;
+ nExtra--;
+ rc = walIndexAppend(pWal, iFrame, pLast->pgno);
+ }
+
+ if( rc==SQLITE_OK ){
+ /* Update the private copy of the header. */
+ pWal->hdr.szPage = (u16)((szPage&0xff00) | (szPage>>16));
+ testcase( szPage<=32768 );
+ testcase( szPage>=65536 );
+ pWal->hdr.mxFrame = iFrame;
+ if( isCommit ){
+ pWal->hdr.iChange++;
+ pWal->hdr.nPage = nTruncate;
+ }
+ /* If this is a commit, update the wal-index header too. */
+ if( isCommit ){
+ walIndexWriteHdr(pWal);
+ pWal->iCallback = iFrame;
+ }
+ }
+
+ WALTRACE(("WAL%p: frame write %s\n", pWal, rc ? "failed" : "ok"));
+ return rc;
+}
+
+/*
+** This routine is called to implement sqlite3_wal_checkpoint() and
+** related interfaces.
+**
+** Obtain a CHECKPOINT lock and then backfill as much information as
+** we can from WAL into the database.
+**
+** If parameter xBusy is not NULL, it is a pointer to a busy-handler
+** callback. In this case this function runs a blocking checkpoint.
+*/
+SQLITE_PRIVATE int sqlite3WalCheckpoint(
+ Wal *pWal, /* Wal connection */
+ int eMode, /* PASSIVE, FULL, RESTART, or TRUNCATE */
+ int (*xBusy)(void*), /* Function to call when busy */
+ void *pBusyArg, /* Context argument for xBusyHandler */
+ int sync_flags, /* Flags to sync db file with (or 0) */
+ int nBuf, /* Size of temporary buffer */
+ u8 *zBuf, /* Temporary buffer to use */
+ int *pnLog, /* OUT: Number of frames in WAL */
+ int *pnCkpt /* OUT: Number of backfilled frames in WAL */
+){
+ int rc; /* Return code */
+ int isChanged = 0; /* True if a new wal-index header is loaded */
+ int eMode2 = eMode; /* Mode to pass to walCheckpoint() */
+ int (*xBusy2)(void*) = xBusy; /* Busy handler for eMode2 */
+
+ assert( pWal->ckptLock==0 );
+ assert( pWal->writeLock==0 );
+
+ /* EVIDENCE-OF: R-62920-47450 The busy-handler callback is never invoked
+ ** in the SQLITE_CHECKPOINT_PASSIVE mode. */
+ assert( eMode!=SQLITE_CHECKPOINT_PASSIVE || xBusy==0 );
+
+ if( pWal->readOnly ) return SQLITE_READONLY;
+ WALTRACE(("WAL%p: checkpoint begins\n", pWal));
+
+ /* IMPLEMENTATION-OF: R-62028-47212 All calls obtain an exclusive
+ ** "checkpoint" lock on the database file. */
+ rc = walLockExclusive(pWal, WAL_CKPT_LOCK, 1);
+ if( rc ){
+ /* EVIDENCE-OF: R-10421-19736 If any other process is running a
+ ** checkpoint operation at the same time, the lock cannot be obtained and
+ ** SQLITE_BUSY is returned.
+ ** EVIDENCE-OF: R-53820-33897 Even if there is a busy-handler configured,
+ ** it will not be invoked in this case.
+ */
+ testcase( rc==SQLITE_BUSY );
+ testcase( xBusy!=0 );
+ return rc;
+ }
+ pWal->ckptLock = 1;
+
+ /* IMPLEMENTATION-OF: R-59782-36818 The SQLITE_CHECKPOINT_FULL, RESTART and
+ ** TRUNCATE modes also obtain the exclusive "writer" lock on the database
+ ** file.
+ **
+ ** EVIDENCE-OF: R-60642-04082 If the writer lock cannot be obtained
+ ** immediately, and a busy-handler is configured, it is invoked and the
+ ** writer lock retried until either the busy-handler returns 0 or the
+ ** lock is successfully obtained.
+ */
+ if( eMode!=SQLITE_CHECKPOINT_PASSIVE ){
+ rc = walBusyLock(pWal, xBusy, pBusyArg, WAL_WRITE_LOCK, 1);
+ if( rc==SQLITE_OK ){
+ pWal->writeLock = 1;
+ }else if( rc==SQLITE_BUSY ){
+ eMode2 = SQLITE_CHECKPOINT_PASSIVE;
+ xBusy2 = 0;
+ rc = SQLITE_OK;
+ }
+ }
+
+ /* Read the wal-index header. */
+ if( rc==SQLITE_OK ){
+ rc = walIndexReadHdr(pWal, &isChanged);
+ if( isChanged && pWal->pDbFd->pMethods->iVersion>=3 ){
+ sqlite3OsUnfetch(pWal->pDbFd, 0, 0);
+ }
+ }
+
+ /* Copy data from the log to the database file. */
+ if( rc==SQLITE_OK ){
+ if( pWal->hdr.mxFrame && walPagesize(pWal)!=nBuf ){
+ rc = SQLITE_CORRUPT_BKPT;
+ }else{
+ rc = walCheckpoint(pWal, eMode2, xBusy2, pBusyArg, sync_flags, zBuf);
+ }
+
+ /* If no error occurred, set the output variables. */
+ if( rc==SQLITE_OK || rc==SQLITE_BUSY ){
+ if( pnLog ) *pnLog = (int)pWal->hdr.mxFrame;
+ if( pnCkpt ) *pnCkpt = (int)(walCkptInfo(pWal)->nBackfill);
+ }
+ }
+
+ if( isChanged ){
+ /* If a new wal-index header was loaded before the checkpoint was
+ ** performed, then the pager-cache associated with pWal is now
+ ** out of date. So zero the cached wal-index header to ensure that
+ ** next time the pager opens a snapshot on this database it knows that
+ ** the cache needs to be reset.
+ */
+ memset(&pWal->hdr, 0, sizeof(WalIndexHdr));
+ }
+
+ /* Release the locks. */
+ sqlite3WalEndWriteTransaction(pWal);
+ walUnlockExclusive(pWal, WAL_CKPT_LOCK, 1);
+ pWal->ckptLock = 0;
+ WALTRACE(("WAL%p: checkpoint %s\n", pWal, rc ? "failed" : "ok"));
+ return (rc==SQLITE_OK && eMode!=eMode2 ? SQLITE_BUSY : rc);
+}
+
+/* Return the value to pass to a sqlite3_wal_hook callback, the
+** number of frames in the WAL at the point of the last commit since
+** sqlite3WalCallback() was called. If no commits have occurred since
+** the last call, then return 0.
+*/
+SQLITE_PRIVATE int sqlite3WalCallback(Wal *pWal){
+ u32 ret = 0;
+ if( pWal ){
+ ret = pWal->iCallback;
+ pWal->iCallback = 0;
+ }
+ return (int)ret;
+}
+
+/*
+** This function is called to change the WAL subsystem into or out
+** of locking_mode=EXCLUSIVE.
+**
+** If op is zero, then attempt to change from locking_mode=EXCLUSIVE
+** into locking_mode=NORMAL. This means that we must acquire a lock
+** on the pWal->readLock byte. If the WAL is already in locking_mode=NORMAL
+** or if the acquisition of the lock fails, then return 0. If the
+** transition out of exclusive-mode is successful, return 1. This
+** operation must occur while the pager is still holding the exclusive
+** lock on the main database file.
+**
+** If op is one, then change from locking_mode=NORMAL into
+** locking_mode=EXCLUSIVE. This means that the pWal->readLock must
+** be released. Return 1 if the transition is made and 0 if the
+** WAL is already in exclusive-locking mode - meaning that this
+** routine is a no-op. The pager must already hold the exclusive lock
+** on the main database file before invoking this operation.
+**
+** If op is negative, then do a dry-run of the op==1 case but do
+** not actually change anything. The pager uses this to see if it
+** should acquire the database exclusive lock prior to invoking
+** the op==1 case.
+*/
+SQLITE_PRIVATE int sqlite3WalExclusiveMode(Wal *pWal, int op){
+ int rc;
+ assert( pWal->writeLock==0 );
+ assert( pWal->exclusiveMode!=WAL_HEAPMEMORY_MODE || op==-1 );
+
+ /* pWal->readLock is usually set, but might be -1 if there was a
+ ** prior error while attempting to acquire are read-lock. This cannot
+ ** happen if the connection is actually in exclusive mode (as no xShmLock
+ ** locks are taken in this case). Nor should the pager attempt to
+ ** upgrade to exclusive-mode following such an error.
+ */
+ assert( pWal->readLock>=0 || pWal->lockError );
+ assert( pWal->readLock>=0 || (op<=0 && pWal->exclusiveMode==0) );
+
+ if( op==0 ){
+ if( pWal->exclusiveMode ){
+ pWal->exclusiveMode = 0;
+ if( walLockShared(pWal, WAL_READ_LOCK(pWal->readLock))!=SQLITE_OK ){
+ pWal->exclusiveMode = 1;
+ }
+ rc = pWal->exclusiveMode==0;
+ }else{
+ /* Already in locking_mode=NORMAL */
+ rc = 0;
+ }
+ }else if( op>0 ){
+ assert( pWal->exclusiveMode==0 );
+ assert( pWal->readLock>=0 );
+ walUnlockShared(pWal, WAL_READ_LOCK(pWal->readLock));
+ pWal->exclusiveMode = 1;
+ rc = 1;
+ }else{
+ rc = pWal->exclusiveMode==0;
+ }
+ return rc;
+}
+
+/*
+** Return true if the argument is non-NULL and the WAL module is using
+** heap-memory for the wal-index. Otherwise, if the argument is NULL or the
+** WAL module is using shared-memory, return false.
+*/
+SQLITE_PRIVATE int sqlite3WalHeapMemory(Wal *pWal){
+ return (pWal && pWal->exclusiveMode==WAL_HEAPMEMORY_MODE );
+}
+
+#ifdef SQLITE_ENABLE_SNAPSHOT
+/* Create a snapshot object. The content of a snapshot is opaque to
+** every other subsystem, so the WAL module can put whatever it needs
+** in the object.
+*/
+SQLITE_PRIVATE int sqlite3WalSnapshotGet(Wal *pWal, sqlite3_snapshot **ppSnapshot){
+ int rc = SQLITE_OK;
+ WalIndexHdr *pRet;
+
+ assert( pWal->readLock>=0 && pWal->writeLock==0 );
+
+ pRet = (WalIndexHdr*)sqlite3_malloc(sizeof(WalIndexHdr));
+ if( pRet==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memcpy(pRet, &pWal->hdr, sizeof(WalIndexHdr));
+ *ppSnapshot = (sqlite3_snapshot*)pRet;
+ }
+
+ return rc;
+}
+
+/* Try to open on pSnapshot when the next read-transaction starts
+*/
+SQLITE_PRIVATE void sqlite3WalSnapshotOpen(Wal *pWal, sqlite3_snapshot *pSnapshot){
+ pWal->pSnapshot = (WalIndexHdr*)pSnapshot;
+}
+#endif /* SQLITE_ENABLE_SNAPSHOT */
+
+#ifdef SQLITE_ENABLE_ZIPVFS
+/*
+** If the argument is not NULL, it points to a Wal object that holds a
+** read-lock. This function returns the database page-size if it is known,
+** or zero if it is not (or if pWal is NULL).
+*/
+SQLITE_PRIVATE int sqlite3WalFramesize(Wal *pWal){
+ assert( pWal==0 || pWal->readLock>=0 );
+ return (pWal ? pWal->szPage : 0);
+}
+#endif
+
+/* Return the sqlite3_file object for the WAL file
+*/
+SQLITE_PRIVATE sqlite3_file *sqlite3WalFile(Wal *pWal){
+ return pWal->pWalFd;
+}
+
+#endif /* #ifndef SQLITE_OMIT_WAL */
+
+/************** End of wal.c *************************************************/
+/************** Begin file btmutex.c *****************************************/
+/*
+** 2007 August 27
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code used to implement mutexes on Btree objects.
+** This code really belongs in btree.c. But btree.c is getting too
+** big and we want to break it down some. This packaged seemed like
+** a good breakout.
+*/
+/************** Include btreeInt.h in the middle of btmutex.c ****************/
+/************** Begin file btreeInt.h ****************************************/
+/*
+** 2004 April 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file implements an external (disk-based) database using BTrees.
+** For a detailed discussion of BTrees, refer to
+**
+** Donald E. Knuth, THE ART OF COMPUTER PROGRAMMING, Volume 3:
+** "Sorting And Searching", pages 473-480. Addison-Wesley
+** Publishing Company, Reading, Massachusetts.
+**
+** The basic idea is that each page of the file contains N database
+** entries and N+1 pointers to subpages.
+**
+** ----------------------------------------------------------------
+** | Ptr(0) | Key(0) | Ptr(1) | Key(1) | ... | Key(N-1) | Ptr(N) |
+** ----------------------------------------------------------------
+**
+** All of the keys on the page that Ptr(0) points to have values less
+** than Key(0). All of the keys on page Ptr(1) and its subpages have
+** values greater than Key(0) and less than Key(1). All of the keys
+** on Ptr(N) and its subpages have values greater than Key(N-1). And
+** so forth.
+**
+** Finding a particular key requires reading O(log(M)) pages from the
+** disk where M is the number of entries in the tree.
+**
+** In this implementation, a single file can hold one or more separate
+** BTrees. Each BTree is identified by the index of its root page. The
+** key and data for any entry are combined to form the "payload". A
+** fixed amount of payload can be carried directly on the database
+** page. If the payload is larger than the preset amount then surplus
+** bytes are stored on overflow pages. The payload for an entry
+** and the preceding pointer are combined to form a "Cell". Each
+** page has a small header which contains the Ptr(N) pointer and other
+** information such as the size of key and data.
+**
+** FORMAT DETAILS
+**
+** The file is divided into pages. The first page is called page 1,
+** the second is page 2, and so forth. A page number of zero indicates
+** "no such page". The page size can be any power of 2 between 512 and 65536.
+** Each page can be either a btree page, a freelist page, an overflow
+** page, or a pointer-map page.
+**
+** The first page is always a btree page. The first 100 bytes of the first
+** page contain a special header (the "file header") that describes the file.
+** The format of the file header is as follows:
+**
+** OFFSET SIZE DESCRIPTION
+** 0 16 Header string: "SQLite format 3\000"
+** 16 2 Page size in bytes. (1 means 65536)
+** 18 1 File format write version
+** 19 1 File format read version
+** 20 1 Bytes of unused space at the end of each page
+** 21 1 Max embedded payload fraction (must be 64)
+** 22 1 Min embedded payload fraction (must be 32)
+** 23 1 Min leaf payload fraction (must be 32)
+** 24 4 File change counter
+** 28 4 Reserved for future use
+** 32 4 First freelist page
+** 36 4 Number of freelist pages in the file
+** 40 60 15 4-byte meta values passed to higher layers
+**
+** 40 4 Schema cookie
+** 44 4 File format of schema layer
+** 48 4 Size of page cache
+** 52 4 Largest root-page (auto/incr_vacuum)
+** 56 4 1=UTF-8 2=UTF16le 3=UTF16be
+** 60 4 User version
+** 64 4 Incremental vacuum mode
+** 68 4 Application-ID
+** 72 20 unused
+** 92 4 The version-valid-for number
+** 96 4 SQLITE_VERSION_NUMBER
+**
+** All of the integer values are big-endian (most significant byte first).
+**
+** The file change counter is incremented when the database is changed
+** This counter allows other processes to know when the file has changed
+** and thus when they need to flush their cache.
+**
+** The max embedded payload fraction is the amount of the total usable
+** space in a page that can be consumed by a single cell for standard
+** B-tree (non-LEAFDATA) tables. A value of 255 means 100%. The default
+** is to limit the maximum cell size so that at least 4 cells will fit
+** on one page. Thus the default max embedded payload fraction is 64.
+**
+** If the payload for a cell is larger than the max payload, then extra
+** payload is spilled to overflow pages. Once an overflow page is allocated,
+** as many bytes as possible are moved into the overflow pages without letting
+** the cell size drop below the min embedded payload fraction.
+**
+** The min leaf payload fraction is like the min embedded payload fraction
+** except that it applies to leaf nodes in a LEAFDATA tree. The maximum
+** payload fraction for a LEAFDATA tree is always 100% (or 255) and it
+** not specified in the header.
+**
+** Each btree pages is divided into three sections: The header, the
+** cell pointer array, and the cell content area. Page 1 also has a 100-byte
+** file header that occurs before the page header.
+**
+** |----------------|
+** | file header | 100 bytes. Page 1 only.
+** |----------------|
+** | page header | 8 bytes for leaves. 12 bytes for interior nodes
+** |----------------|
+** | cell pointer | | 2 bytes per cell. Sorted order.
+** | array | | Grows downward
+** | | v
+** |----------------|
+** | unallocated |
+** | space |
+** |----------------| ^ Grows upwards
+** | cell content | | Arbitrary order interspersed with freeblocks.
+** | area | | and free space fragments.
+** |----------------|
+**
+** The page headers looks like this:
+**
+** OFFSET SIZE DESCRIPTION
+** 0 1 Flags. 1: intkey, 2: zerodata, 4: leafdata, 8: leaf
+** 1 2 byte offset to the first freeblock
+** 3 2 number of cells on this page
+** 5 2 first byte of the cell content area
+** 7 1 number of fragmented free bytes
+** 8 4 Right child (the Ptr(N) value). Omitted on leaves.
+**
+** The flags define the format of this btree page. The leaf flag means that
+** this page has no children. The zerodata flag means that this page carries
+** only keys and no data. The intkey flag means that the key is an integer
+** which is stored in the key size entry of the cell header rather than in
+** the payload area.
+**
+** The cell pointer array begins on the first byte after the page header.
+** The cell pointer array contains zero or more 2-byte numbers which are
+** offsets from the beginning of the page to the cell content in the cell
+** content area. The cell pointers occur in sorted order. The system strives
+** to keep free space after the last cell pointer so that new cells can
+** be easily added without having to defragment the page.
+**
+** Cell content is stored at the very end of the page and grows toward the
+** beginning of the page.
+**
+** Unused space within the cell content area is collected into a linked list of
+** freeblocks. Each freeblock is at least 4 bytes in size. The byte offset
+** to the first freeblock is given in the header. Freeblocks occur in
+** increasing order. Because a freeblock must be at least 4 bytes in size,
+** any group of 3 or fewer unused bytes in the cell content area cannot
+** exist on the freeblock chain. A group of 3 or fewer free bytes is called
+** a fragment. The total number of bytes in all fragments is recorded.
+** in the page header at offset 7.
+**
+** SIZE DESCRIPTION
+** 2 Byte offset of the next freeblock
+** 2 Bytes in this freeblock
+**
+** Cells are of variable length. Cells are stored in the cell content area at
+** the end of the page. Pointers to the cells are in the cell pointer array
+** that immediately follows the page header. Cells is not necessarily
+** contiguous or in order, but cell pointers are contiguous and in order.
+**
+** Cell content makes use of variable length integers. A variable
+** length integer is 1 to 9 bytes where the lower 7 bits of each
+** byte are used. The integer consists of all bytes that have bit 8 set and
+** the first byte with bit 8 clear. The most significant byte of the integer
+** appears first. A variable-length integer may not be more than 9 bytes long.
+** As a special case, all 8 bytes of the 9th byte are used as data. This
+** allows a 64-bit integer to be encoded in 9 bytes.
+**
+** 0x00 becomes 0x00000000
+** 0x7f becomes 0x0000007f
+** 0x81 0x00 becomes 0x00000080
+** 0x82 0x00 becomes 0x00000100
+** 0x80 0x7f becomes 0x0000007f
+** 0x8a 0x91 0xd1 0xac 0x78 becomes 0x12345678
+** 0x81 0x81 0x81 0x81 0x01 becomes 0x10204081
+**
+** Variable length integers are used for rowids and to hold the number of
+** bytes of key and data in a btree cell.
+**
+** The content of a cell looks like this:
+**
+** SIZE DESCRIPTION
+** 4 Page number of the left child. Omitted if leaf flag is set.
+** var Number of bytes of data. Omitted if the zerodata flag is set.
+** var Number of bytes of key. Or the key itself if intkey flag is set.
+** * Payload
+** 4 First page of the overflow chain. Omitted if no overflow
+**
+** Overflow pages form a linked list. Each page except the last is completely
+** filled with data (pagesize - 4 bytes). The last page can have as little
+** as 1 byte of data.
+**
+** SIZE DESCRIPTION
+** 4 Page number of next overflow page
+** * Data
+**
+** Freelist pages come in two subtypes: trunk pages and leaf pages. The
+** file header points to the first in a linked list of trunk page. Each trunk
+** page points to multiple leaf pages. The content of a leaf page is
+** unspecified. A trunk page looks like this:
+**
+** SIZE DESCRIPTION
+** 4 Page number of next trunk page
+** 4 Number of leaf pointers on this page
+** * zero or more pages numbers of leaves
+*/
+/* #include "sqliteInt.h" */
+
+
+/* The following value is the maximum cell size assuming a maximum page
+** size give above.
+*/
+#define MX_CELL_SIZE(pBt) ((int)(pBt->pageSize-8))
+
+/* The maximum number of cells on a single page of the database. This
+** assumes a minimum cell size of 6 bytes (4 bytes for the cell itself
+** plus 2 bytes for the index to the cell in the page header). Such
+** small cells will be rare, but they are possible.
+*/
+#define MX_CELL(pBt) ((pBt->pageSize-8)/6)
+
+/* Forward declarations */
+typedef struct MemPage MemPage;
+typedef struct BtLock BtLock;
+typedef struct CellInfo CellInfo;
+
+/*
+** This is a magic string that appears at the beginning of every
+** SQLite database in order to identify the file as a real database.
+**
+** You can change this value at compile-time by specifying a
+** -DSQLITE_FILE_HEADER="..." on the compiler command-line. The
+** header must be exactly 16 bytes including the zero-terminator so
+** the string itself should be 15 characters long. If you change
+** the header, then your custom library will not be able to read
+** databases generated by the standard tools and the standard tools
+** will not be able to read databases created by your custom library.
+*/
+#ifndef SQLITE_FILE_HEADER /* 123456789 123456 */
+# define SQLITE_FILE_HEADER "SQLite format 3"
+#endif
+
+/*
+** Page type flags. An ORed combination of these flags appear as the
+** first byte of on-disk image of every BTree page.
+*/
+#define PTF_INTKEY 0x01
+#define PTF_ZERODATA 0x02
+#define PTF_LEAFDATA 0x04
+#define PTF_LEAF 0x08
+
+/*
+** As each page of the file is loaded into memory, an instance of the following
+** structure is appended and initialized to zero. This structure stores
+** information about the page that is decoded from the raw file page.
+**
+** The pParent field points back to the parent page. This allows us to
+** walk up the BTree from any leaf to the root. Care must be taken to
+** unref() the parent page pointer when this page is no longer referenced.
+** The pageDestructor() routine handles that chore.
+**
+** Access to all fields of this structure is controlled by the mutex
+** stored in MemPage.pBt->mutex.
+*/
+struct MemPage {
+ u8 isInit; /* True if previously initialized. MUST BE FIRST! */
+ u8 nOverflow; /* Number of overflow cell bodies in aCell[] */
+ u8 intKey; /* True if table b-trees. False for index b-trees */
+ u8 intKeyLeaf; /* True if the leaf of an intKey table */
+ u8 noPayload; /* True if internal intKey page (thus w/o data) */
+ u8 leaf; /* True if a leaf page */
+ u8 hdrOffset; /* 100 for page 1. 0 otherwise */
+ u8 childPtrSize; /* 0 if leaf==1. 4 if leaf==0 */
+ u8 max1bytePayload; /* min(maxLocal,127) */
+ u8 bBusy; /* Prevent endless loops on corrupt database files */
+ u16 maxLocal; /* Copy of BtShared.maxLocal or BtShared.maxLeaf */
+ u16 minLocal; /* Copy of BtShared.minLocal or BtShared.minLeaf */
+ u16 cellOffset; /* Index in aData of first cell pointer */
+ u16 nFree; /* Number of free bytes on the page */
+ u16 nCell; /* Number of cells on this page, local and ovfl */
+ u16 maskPage; /* Mask for page offset */
+ u16 aiOvfl[5]; /* Insert the i-th overflow cell before the aiOvfl-th
+ ** non-overflow cell */
+ u8 *apOvfl[5]; /* Pointers to the body of overflow cells */
+ BtShared *pBt; /* Pointer to BtShared that this page is part of */
+ u8 *aData; /* Pointer to disk image of the page data */
+ u8 *aDataEnd; /* One byte past the end of usable data */
+ u8 *aCellIdx; /* The cell index area */
+ u8 *aDataOfst; /* Same as aData for leaves. aData+4 for interior */
+ DbPage *pDbPage; /* Pager page handle */
+ u16 (*xCellSize)(MemPage*,u8*); /* cellSizePtr method */
+ void (*xParseCell)(MemPage*,u8*,CellInfo*); /* btreeParseCell method */
+ Pgno pgno; /* Page number for this page */
+};
+
+/*
+** The in-memory image of a disk page has the auxiliary information appended
+** to the end. EXTRA_SIZE is the number of bytes of space needed to hold
+** that extra information.
+*/
+#define EXTRA_SIZE sizeof(MemPage)
+
+/*
+** A linked list of the following structures is stored at BtShared.pLock.
+** Locks are added (or upgraded from READ_LOCK to WRITE_LOCK) when a cursor
+** is opened on the table with root page BtShared.iTable. Locks are removed
+** from this list when a transaction is committed or rolled back, or when
+** a btree handle is closed.
+*/
+struct BtLock {
+ Btree *pBtree; /* Btree handle holding this lock */
+ Pgno iTable; /* Root page of table */
+ u8 eLock; /* READ_LOCK or WRITE_LOCK */
+ BtLock *pNext; /* Next in BtShared.pLock list */
+};
+
+/* Candidate values for BtLock.eLock */
+#define READ_LOCK 1
+#define WRITE_LOCK 2
+
+/* A Btree handle
+**
+** A database connection contains a pointer to an instance of
+** this object for every database file that it has open. This structure
+** is opaque to the database connection. The database connection cannot
+** see the internals of this structure and only deals with pointers to
+** this structure.
+**
+** For some database files, the same underlying database cache might be
+** shared between multiple connections. In that case, each connection
+** has it own instance of this object. But each instance of this object
+** points to the same BtShared object. The database cache and the
+** schema associated with the database file are all contained within
+** the BtShared object.
+**
+** All fields in this structure are accessed under sqlite3.mutex.
+** The pBt pointer itself may not be changed while there exists cursors
+** in the referenced BtShared that point back to this Btree since those
+** cursors have to go through this Btree to find their BtShared and
+** they often do so without holding sqlite3.mutex.
+*/
+struct Btree {
+ sqlite3 *db; /* The database connection holding this btree */
+ BtShared *pBt; /* Sharable content of this btree */
+ u8 inTrans; /* TRANS_NONE, TRANS_READ or TRANS_WRITE */
+ u8 sharable; /* True if we can share pBt with another db */
+ u8 locked; /* True if db currently has pBt locked */
+ u8 hasIncrblobCur; /* True if there are one or more Incrblob cursors */
+ int wantToLock; /* Number of nested calls to sqlite3BtreeEnter() */
+ int nBackup; /* Number of backup operations reading this btree */
+ u32 iDataVersion; /* Combines with pBt->pPager->iDataVersion */
+ Btree *pNext; /* List of other sharable Btrees from the same db */
+ Btree *pPrev; /* Back pointer of the same list */
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ BtLock lock; /* Object used to lock page 1 */
+#endif
+};
+
+/*
+** Btree.inTrans may take one of the following values.
+**
+** If the shared-data extension is enabled, there may be multiple users
+** of the Btree structure. At most one of these may open a write transaction,
+** but any number may have active read transactions.
+*/
+#define TRANS_NONE 0
+#define TRANS_READ 1
+#define TRANS_WRITE 2
+
+/*
+** An instance of this object represents a single database file.
+**
+** A single database file can be in use at the same time by two
+** or more database connections. When two or more connections are
+** sharing the same database file, each connection has it own
+** private Btree object for the file and each of those Btrees points
+** to this one BtShared object. BtShared.nRef is the number of
+** connections currently sharing this database file.
+**
+** Fields in this structure are accessed under the BtShared.mutex
+** mutex, except for nRef and pNext which are accessed under the
+** global SQLITE_MUTEX_STATIC_MASTER mutex. The pPager field
+** may not be modified once it is initially set as long as nRef>0.
+** The pSchema field may be set once under BtShared.mutex and
+** thereafter is unchanged as long as nRef>0.
+**
+** isPending:
+**
+** If a BtShared client fails to obtain a write-lock on a database
+** table (because there exists one or more read-locks on the table),
+** the shared-cache enters 'pending-lock' state and isPending is
+** set to true.
+**
+** The shared-cache leaves the 'pending lock' state when either of
+** the following occur:
+**
+** 1) The current writer (BtShared.pWriter) concludes its transaction, OR
+** 2) The number of locks held by other connections drops to zero.
+**
+** while in the 'pending-lock' state, no connection may start a new
+** transaction.
+**
+** This feature is included to help prevent writer-starvation.
+*/
+struct BtShared {
+ Pager *pPager; /* The page cache */
+ sqlite3 *db; /* Database connection currently using this Btree */
+ BtCursor *pCursor; /* A list of all open cursors */
+ MemPage *pPage1; /* First page of the database */
+ u8 openFlags; /* Flags to sqlite3BtreeOpen() */
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ u8 autoVacuum; /* True if auto-vacuum is enabled */
+ u8 incrVacuum; /* True if incr-vacuum is enabled */
+ u8 bDoTruncate; /* True to truncate db on commit */
+#endif
+ u8 inTransaction; /* Transaction state */
+ u8 max1bytePayload; /* Maximum first byte of cell for a 1-byte payload */
+#ifdef SQLITE_HAS_CODEC
+ u8 optimalReserve; /* Desired amount of reserved space per page */
+#endif
+ u16 btsFlags; /* Boolean parameters. See BTS_* macros below */
+ u16 maxLocal; /* Maximum local payload in non-LEAFDATA tables */
+ u16 minLocal; /* Minimum local payload in non-LEAFDATA tables */
+ u16 maxLeaf; /* Maximum local payload in a LEAFDATA table */
+ u16 minLeaf; /* Minimum local payload in a LEAFDATA table */
+ u32 pageSize; /* Total number of bytes on a page */
+ u32 usableSize; /* Number of usable bytes on each page */
+ int nTransaction; /* Number of open transactions (read + write) */
+ u32 nPage; /* Number of pages in the database */
+ void *pSchema; /* Pointer to space allocated by sqlite3BtreeSchema() */
+ void (*xFreeSchema)(void*); /* Destructor for BtShared.pSchema */
+ sqlite3_mutex *mutex; /* Non-recursive mutex required to access this object */
+ Bitvec *pHasContent; /* Set of pages moved to free-list this transaction */
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ int nRef; /* Number of references to this structure */
+ BtShared *pNext; /* Next on a list of sharable BtShared structs */
+ BtLock *pLock; /* List of locks held on this shared-btree struct */
+ Btree *pWriter; /* Btree with currently open write transaction */
+#endif
+ u8 *pTmpSpace; /* Temp space sufficient to hold a single cell */
+};
+
+/*
+** Allowed values for BtShared.btsFlags
+*/
+#define BTS_READ_ONLY 0x0001 /* Underlying file is readonly */
+#define BTS_PAGESIZE_FIXED 0x0002 /* Page size can no longer be changed */
+#define BTS_SECURE_DELETE 0x0004 /* PRAGMA secure_delete is enabled */
+#define BTS_INITIALLY_EMPTY 0x0008 /* Database was empty at trans start */
+#define BTS_NO_WAL 0x0010 /* Do not open write-ahead-log files */
+#define BTS_EXCLUSIVE 0x0020 /* pWriter has an exclusive lock */
+#define BTS_PENDING 0x0040 /* Waiting for read-locks to clear */
+
+/*
+** An instance of the following structure is used to hold information
+** about a cell. The parseCellPtr() function fills in this structure
+** based on information extract from the raw disk page.
+*/
+struct CellInfo {
+ i64 nKey; /* The key for INTKEY tables, or nPayload otherwise */
+ u8 *pPayload; /* Pointer to the start of payload */
+ u32 nPayload; /* Bytes of payload */
+ u16 nLocal; /* Amount of payload held locally, not on overflow */
+ u16 nSize; /* Size of the cell content on the main b-tree page */
+};
+
+/*
+** Maximum depth of an SQLite B-Tree structure. Any B-Tree deeper than
+** this will be declared corrupt. This value is calculated based on a
+** maximum database size of 2^31 pages a minimum fanout of 2 for a
+** root-node and 3 for all other internal nodes.
+**
+** If a tree that appears to be taller than this is encountered, it is
+** assumed that the database is corrupt.
+*/
+#define BTCURSOR_MAX_DEPTH 20
+
+/*
+** A cursor is a pointer to a particular entry within a particular
+** b-tree within a database file.
+**
+** The entry is identified by its MemPage and the index in
+** MemPage.aCell[] of the entry.
+**
+** A single database file can be shared by two more database connections,
+** but cursors cannot be shared. Each cursor is associated with a
+** particular database connection identified BtCursor.pBtree.db.
+**
+** Fields in this structure are accessed under the BtShared.mutex
+** found at self->pBt->mutex.
+**
+** skipNext meaning:
+** eState==SKIPNEXT && skipNext>0: Next sqlite3BtreeNext() is no-op.
+** eState==SKIPNEXT && skipNext<0: Next sqlite3BtreePrevious() is no-op.
+** eState==FAULT: Cursor fault with skipNext as error code.
+*/
+struct BtCursor {
+ Btree *pBtree; /* The Btree to which this cursor belongs */
+ BtShared *pBt; /* The BtShared this cursor points to */
+ BtCursor *pNext; /* Forms a linked list of all cursors */
+ Pgno *aOverflow; /* Cache of overflow page locations */
+ CellInfo info; /* A parse of the cell we are pointing at */
+ i64 nKey; /* Size of pKey, or last integer key */
+ void *pKey; /* Saved key that was cursor last known position */
+ Pgno pgnoRoot; /* The root page of this tree */
+ int nOvflAlloc; /* Allocated size of aOverflow[] array */
+ int skipNext; /* Prev() is noop if negative. Next() is noop if positive.
+ ** Error code if eState==CURSOR_FAULT */
+ u8 curFlags; /* zero or more BTCF_* flags defined below */
+ u8 curPagerFlags; /* Flags to send to sqlite3PagerGet() */
+ u8 eState; /* One of the CURSOR_XXX constants (see below) */
+ u8 hints; /* As configured by CursorSetHints() */
+ /* All fields above are zeroed when the cursor is allocated. See
+ ** sqlite3BtreeCursorZero(). Fields that follow must be manually
+ ** initialized. */
+ i8 iPage; /* Index of current page in apPage */
+ u8 curIntKey; /* Value of apPage[0]->intKey */
+ struct KeyInfo *pKeyInfo; /* Argument passed to comparison function */
+ void *padding1; /* Make object size a multiple of 16 */
+ u16 aiIdx[BTCURSOR_MAX_DEPTH]; /* Current index in apPage[i] */
+ MemPage *apPage[BTCURSOR_MAX_DEPTH]; /* Pages from root to current page */
+};
+
+/*
+** Legal values for BtCursor.curFlags
+*/
+#define BTCF_WriteFlag 0x01 /* True if a write cursor */
+#define BTCF_ValidNKey 0x02 /* True if info.nKey is valid */
+#define BTCF_ValidOvfl 0x04 /* True if aOverflow is valid */
+#define BTCF_AtLast 0x08 /* Cursor is pointing ot the last entry */
+#define BTCF_Incrblob 0x10 /* True if an incremental I/O handle */
+#define BTCF_Multiple 0x20 /* Maybe another cursor on the same btree */
+
+/*
+** Potential values for BtCursor.eState.
+**
+** CURSOR_INVALID:
+** Cursor does not point to a valid entry. This can happen (for example)
+** because the table is empty or because BtreeCursorFirst() has not been
+** called.
+**
+** CURSOR_VALID:
+** Cursor points to a valid entry. getPayload() etc. may be called.
+**
+** CURSOR_SKIPNEXT:
+** Cursor is valid except that the Cursor.skipNext field is non-zero
+** indicating that the next sqlite3BtreeNext() or sqlite3BtreePrevious()
+** operation should be a no-op.
+**
+** CURSOR_REQUIRESEEK:
+** The table that this cursor was opened on still exists, but has been
+** modified since the cursor was last used. The cursor position is saved
+** in variables BtCursor.pKey and BtCursor.nKey. When a cursor is in
+** this state, restoreCursorPosition() can be called to attempt to
+** seek the cursor to the saved position.
+**
+** CURSOR_FAULT:
+** An unrecoverable error (an I/O error or a malloc failure) has occurred
+** on a different connection that shares the BtShared cache with this
+** cursor. The error has left the cache in an inconsistent state.
+** Do nothing else with this cursor. Any attempt to use the cursor
+** should return the error code stored in BtCursor.skipNext
+*/
+#define CURSOR_INVALID 0
+#define CURSOR_VALID 1
+#define CURSOR_SKIPNEXT 2
+#define CURSOR_REQUIRESEEK 3
+#define CURSOR_FAULT 4
+
+/*
+** The database page the PENDING_BYTE occupies. This page is never used.
+*/
+# define PENDING_BYTE_PAGE(pBt) PAGER_MJ_PGNO(pBt)
+
+/*
+** These macros define the location of the pointer-map entry for a
+** database page. The first argument to each is the number of usable
+** bytes on each page of the database (often 1024). The second is the
+** page number to look up in the pointer map.
+**
+** PTRMAP_PAGENO returns the database page number of the pointer-map
+** page that stores the required pointer. PTRMAP_PTROFFSET returns
+** the offset of the requested map entry.
+**
+** If the pgno argument passed to PTRMAP_PAGENO is a pointer-map page,
+** then pgno is returned. So (pgno==PTRMAP_PAGENO(pgsz, pgno)) can be
+** used to test if pgno is a pointer-map page. PTRMAP_ISPAGE implements
+** this test.
+*/
+#define PTRMAP_PAGENO(pBt, pgno) ptrmapPageno(pBt, pgno)
+#define PTRMAP_PTROFFSET(pgptrmap, pgno) (5*(pgno-pgptrmap-1))
+#define PTRMAP_ISPAGE(pBt, pgno) (PTRMAP_PAGENO((pBt),(pgno))==(pgno))
+
+/*
+** The pointer map is a lookup table that identifies the parent page for
+** each child page in the database file. The parent page is the page that
+** contains a pointer to the child. Every page in the database contains
+** 0 or 1 parent pages. (In this context 'database page' refers
+** to any page that is not part of the pointer map itself.) Each pointer map
+** entry consists of a single byte 'type' and a 4 byte parent page number.
+** The PTRMAP_XXX identifiers below are the valid types.
+**
+** The purpose of the pointer map is to facility moving pages from one
+** position in the file to another as part of autovacuum. When a page
+** is moved, the pointer in its parent must be updated to point to the
+** new location. The pointer map is used to locate the parent page quickly.
+**
+** PTRMAP_ROOTPAGE: The database page is a root-page. The page-number is not
+** used in this case.
+**
+** PTRMAP_FREEPAGE: The database page is an unused (free) page. The page-number
+** is not used in this case.
+**
+** PTRMAP_OVERFLOW1: The database page is the first page in a list of
+** overflow pages. The page number identifies the page that
+** contains the cell with a pointer to this overflow page.
+**
+** PTRMAP_OVERFLOW2: The database page is the second or later page in a list of
+** overflow pages. The page-number identifies the previous
+** page in the overflow page list.
+**
+** PTRMAP_BTREE: The database page is a non-root btree page. The page number
+** identifies the parent page in the btree.
+*/
+#define PTRMAP_ROOTPAGE 1
+#define PTRMAP_FREEPAGE 2
+#define PTRMAP_OVERFLOW1 3
+#define PTRMAP_OVERFLOW2 4
+#define PTRMAP_BTREE 5
+
+/* A bunch of assert() statements to check the transaction state variables
+** of handle p (type Btree*) are internally consistent.
+*/
+#define btreeIntegrity(p) \
+ assert( p->pBt->inTransaction!=TRANS_NONE || p->pBt->nTransaction==0 ); \
+ assert( p->pBt->inTransaction>=p->inTrans );
+
+
+/*
+** The ISAUTOVACUUM macro is used within balance_nonroot() to determine
+** if the database supports auto-vacuum or not. Because it is used
+** within an expression that is an argument to another macro
+** (sqliteMallocRaw), it is not possible to use conditional compilation.
+** So, this macro is defined instead.
+*/
+#ifndef SQLITE_OMIT_AUTOVACUUM
+#define ISAUTOVACUUM (pBt->autoVacuum)
+#else
+#define ISAUTOVACUUM 0
+#endif
+
+
+/*
+** This structure is passed around through all the sanity checking routines
+** in order to keep track of some global state information.
+**
+** The aRef[] array is allocated so that there is 1 bit for each page in
+** the database. As the integrity-check proceeds, for each page used in
+** the database the corresponding bit is set. This allows integrity-check to
+** detect pages that are used twice and orphaned pages (both of which
+** indicate corruption).
+*/
+typedef struct IntegrityCk IntegrityCk;
+struct IntegrityCk {
+ BtShared *pBt; /* The tree being checked out */
+ Pager *pPager; /* The associated pager. Also accessible by pBt->pPager */
+ u8 *aPgRef; /* 1 bit per page in the db (see above) */
+ Pgno nPage; /* Number of pages in the database */
+ int mxErr; /* Stop accumulating errors when this reaches zero */
+ int nErr; /* Number of messages written to zErrMsg so far */
+ int mallocFailed; /* A memory allocation error has occurred */
+ const char *zPfx; /* Error message prefix */
+ int v1, v2; /* Values for up to two %d fields in zPfx */
+ StrAccum errMsg; /* Accumulate the error message text here */
+ u32 *heap; /* Min-heap used for analyzing cell coverage */
+};
+
+/*
+** Routines to read or write a two- and four-byte big-endian integer values.
+*/
+#define get2byte(x) ((x)[0]<<8 | (x)[1])
+#define put2byte(p,v) ((p)[0] = (u8)((v)>>8), (p)[1] = (u8)(v))
+#define get4byte sqlite3Get4byte
+#define put4byte sqlite3Put4byte
+
+/*
+** get2byteAligned(), unlike get2byte(), requires that its argument point to a
+** two-byte aligned address. get2bytea() is only used for accessing the
+** cell addresses in a btree header.
+*/
+#if SQLITE_BYTEORDER==4321
+# define get2byteAligned(x) (*(u16*)(x))
+#elif SQLITE_BYTEORDER==1234 && !defined(SQLITE_DISABLE_INTRINSIC) \
+ && GCC_VERSION>=4008000
+# define get2byteAligned(x) __builtin_bswap16(*(u16*)(x))
+#elif SQLITE_BYTEORDER==1234 && !defined(SQLITE_DISABLE_INTRINSIC) \
+ && defined(_MSC_VER) && _MSC_VER>=1300
+# define get2byteAligned(x) _byteswap_ushort(*(u16*)(x))
+#else
+# define get2byteAligned(x) ((x)[0]<<8 | (x)[1])
+#endif
+
+/************** End of btreeInt.h ********************************************/
+/************** Continuing where we left off in btmutex.c ********************/
+#ifndef SQLITE_OMIT_SHARED_CACHE
+#if SQLITE_THREADSAFE
+
+/*
+** Obtain the BtShared mutex associated with B-Tree handle p. Also,
+** set BtShared.db to the database handle associated with p and the
+** p->locked boolean to true.
+*/
+static void lockBtreeMutex(Btree *p){
+ assert( p->locked==0 );
+ assert( sqlite3_mutex_notheld(p->pBt->mutex) );
+ assert( sqlite3_mutex_held(p->db->mutex) );
+
+ sqlite3_mutex_enter(p->pBt->mutex);
+ p->pBt->db = p->db;
+ p->locked = 1;
+}
+
+/*
+** Release the BtShared mutex associated with B-Tree handle p and
+** clear the p->locked boolean.
+*/
+static void SQLITE_NOINLINE unlockBtreeMutex(Btree *p){
+ BtShared *pBt = p->pBt;
+ assert( p->locked==1 );
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ assert( p->db==pBt->db );
+
+ sqlite3_mutex_leave(pBt->mutex);
+ p->locked = 0;
+}
+
+/* Forward reference */
+static void SQLITE_NOINLINE btreeLockCarefully(Btree *p);
+
+/*
+** Enter a mutex on the given BTree object.
+**
+** If the object is not sharable, then no mutex is ever required
+** and this routine is a no-op. The underlying mutex is non-recursive.
+** But we keep a reference count in Btree.wantToLock so the behavior
+** of this interface is recursive.
+**
+** To avoid deadlocks, multiple Btrees are locked in the same order
+** by all database connections. The p->pNext is a list of other
+** Btrees belonging to the same database connection as the p Btree
+** which need to be locked after p. If we cannot get a lock on
+** p, then first unlock all of the others on p->pNext, then wait
+** for the lock to become available on p, then relock all of the
+** subsequent Btrees that desire a lock.
+*/
+SQLITE_PRIVATE void sqlite3BtreeEnter(Btree *p){
+ /* Some basic sanity checking on the Btree. The list of Btrees
+ ** connected by pNext and pPrev should be in sorted order by
+ ** Btree.pBt value. All elements of the list should belong to
+ ** the same connection. Only shared Btrees are on the list. */
+ assert( p->pNext==0 || p->pNext->pBt>p->pBt );
+ assert( p->pPrev==0 || p->pPrev->pBt<p->pBt );
+ assert( p->pNext==0 || p->pNext->db==p->db );
+ assert( p->pPrev==0 || p->pPrev->db==p->db );
+ assert( p->sharable || (p->pNext==0 && p->pPrev==0) );
+
+ /* Check for locking consistency */
+ assert( !p->locked || p->wantToLock>0 );
+ assert( p->sharable || p->wantToLock==0 );
+
+ /* We should already hold a lock on the database connection */
+ assert( sqlite3_mutex_held(p->db->mutex) );
+
+ /* Unless the database is sharable and unlocked, then BtShared.db
+ ** should already be set correctly. */
+ assert( (p->locked==0 && p->sharable) || p->pBt->db==p->db );
+
+ if( !p->sharable ) return;
+ p->wantToLock++;
+ if( p->locked ) return;
+ btreeLockCarefully(p);
+}
+
+/* This is a helper function for sqlite3BtreeLock(). By moving
+** complex, but seldom used logic, out of sqlite3BtreeLock() and
+** into this routine, we avoid unnecessary stack pointer changes
+** and thus help the sqlite3BtreeLock() routine to run much faster
+** in the common case.
+*/
+static void SQLITE_NOINLINE btreeLockCarefully(Btree *p){
+ Btree *pLater;
+
+ /* In most cases, we should be able to acquire the lock we
+ ** want without having to go through the ascending lock
+ ** procedure that follows. Just be sure not to block.
+ */
+ if( sqlite3_mutex_try(p->pBt->mutex)==SQLITE_OK ){
+ p->pBt->db = p->db;
+ p->locked = 1;
+ return;
+ }
+
+ /* To avoid deadlock, first release all locks with a larger
+ ** BtShared address. Then acquire our lock. Then reacquire
+ ** the other BtShared locks that we used to hold in ascending
+ ** order.
+ */
+ for(pLater=p->pNext; pLater; pLater=pLater->pNext){
+ assert( pLater->sharable );
+ assert( pLater->pNext==0 || pLater->pNext->pBt>pLater->pBt );
+ assert( !pLater->locked || pLater->wantToLock>0 );
+ if( pLater->locked ){
+ unlockBtreeMutex(pLater);
+ }
+ }
+ lockBtreeMutex(p);
+ for(pLater=p->pNext; pLater; pLater=pLater->pNext){
+ if( pLater->wantToLock ){
+ lockBtreeMutex(pLater);
+ }
+ }
+}
+
+
+/*
+** Exit the recursive mutex on a Btree.
+*/
+SQLITE_PRIVATE void sqlite3BtreeLeave(Btree *p){
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ if( p->sharable ){
+ assert( p->wantToLock>0 );
+ p->wantToLock--;
+ if( p->wantToLock==0 ){
+ unlockBtreeMutex(p);
+ }
+ }
+}
+
+#ifndef NDEBUG
+/*
+** Return true if the BtShared mutex is held on the btree, or if the
+** B-Tree is not marked as sharable.
+**
+** This routine is used only from within assert() statements.
+*/
+SQLITE_PRIVATE int sqlite3BtreeHoldsMutex(Btree *p){
+ assert( p->sharable==0 || p->locked==0 || p->wantToLock>0 );
+ assert( p->sharable==0 || p->locked==0 || p->db==p->pBt->db );
+ assert( p->sharable==0 || p->locked==0 || sqlite3_mutex_held(p->pBt->mutex) );
+ assert( p->sharable==0 || p->locked==0 || sqlite3_mutex_held(p->db->mutex) );
+
+ return (p->sharable==0 || p->locked);
+}
+#endif
+
+
+#ifndef SQLITE_OMIT_INCRBLOB
+/*
+** Enter and leave a mutex on a Btree given a cursor owned by that
+** Btree. These entry points are used by incremental I/O and can be
+** omitted if that module is not used.
+*/
+SQLITE_PRIVATE void sqlite3BtreeEnterCursor(BtCursor *pCur){
+ sqlite3BtreeEnter(pCur->pBtree);
+}
+SQLITE_PRIVATE void sqlite3BtreeLeaveCursor(BtCursor *pCur){
+ sqlite3BtreeLeave(pCur->pBtree);
+}
+#endif /* SQLITE_OMIT_INCRBLOB */
+
+
+/*
+** Enter the mutex on every Btree associated with a database
+** connection. This is needed (for example) prior to parsing
+** a statement since we will be comparing table and column names
+** against all schemas and we do not want those schemas being
+** reset out from under us.
+**
+** There is a corresponding leave-all procedures.
+**
+** Enter the mutexes in accending order by BtShared pointer address
+** to avoid the possibility of deadlock when two threads with
+** two or more btrees in common both try to lock all their btrees
+** at the same instant.
+*/
+SQLITE_PRIVATE void sqlite3BtreeEnterAll(sqlite3 *db){
+ int i;
+ Btree *p;
+ assert( sqlite3_mutex_held(db->mutex) );
+ for(i=0; i<db->nDb; i++){
+ p = db->aDb[i].pBt;
+ if( p ) sqlite3BtreeEnter(p);
+ }
+}
+SQLITE_PRIVATE void sqlite3BtreeLeaveAll(sqlite3 *db){
+ int i;
+ Btree *p;
+ assert( sqlite3_mutex_held(db->mutex) );
+ for(i=0; i<db->nDb; i++){
+ p = db->aDb[i].pBt;
+ if( p ) sqlite3BtreeLeave(p);
+ }
+}
+
+/*
+** Return true if a particular Btree requires a lock. Return FALSE if
+** no lock is ever required since it is not sharable.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSharable(Btree *p){
+ return p->sharable;
+}
+
+#ifndef NDEBUG
+/*
+** Return true if the current thread holds the database connection
+** mutex and all required BtShared mutexes.
+**
+** This routine is used inside assert() statements only.
+*/
+SQLITE_PRIVATE int sqlite3BtreeHoldsAllMutexes(sqlite3 *db){
+ int i;
+ if( !sqlite3_mutex_held(db->mutex) ){
+ return 0;
+ }
+ for(i=0; i<db->nDb; i++){
+ Btree *p;
+ p = db->aDb[i].pBt;
+ if( p && p->sharable &&
+ (p->wantToLock==0 || !sqlite3_mutex_held(p->pBt->mutex)) ){
+ return 0;
+ }
+ }
+ return 1;
+}
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/*
+** Return true if the correct mutexes are held for accessing the
+** db->aDb[iDb].pSchema structure. The mutexes required for schema
+** access are:
+**
+** (1) The mutex on db
+** (2) if iDb!=1, then the mutex on db->aDb[iDb].pBt.
+**
+** If pSchema is not NULL, then iDb is computed from pSchema and
+** db using sqlite3SchemaToIndex().
+*/
+SQLITE_PRIVATE int sqlite3SchemaMutexHeld(sqlite3 *db, int iDb, Schema *pSchema){
+ Btree *p;
+ assert( db!=0 );
+ if( pSchema ) iDb = sqlite3SchemaToIndex(db, pSchema);
+ assert( iDb>=0 && iDb<db->nDb );
+ if( !sqlite3_mutex_held(db->mutex) ) return 0;
+ if( iDb==1 ) return 1;
+ p = db->aDb[iDb].pBt;
+ assert( p!=0 );
+ return p->sharable==0 || p->locked==1;
+}
+#endif /* NDEBUG */
+
+#else /* SQLITE_THREADSAFE>0 above. SQLITE_THREADSAFE==0 below */
+/*
+** The following are special cases for mutex enter routines for use
+** in single threaded applications that use shared cache. Except for
+** these two routines, all mutex operations are no-ops in that case and
+** are null #defines in btree.h.
+**
+** If shared cache is disabled, then all btree mutex routines, including
+** the ones below, are no-ops and are null #defines in btree.h.
+*/
+
+SQLITE_PRIVATE void sqlite3BtreeEnter(Btree *p){
+ p->pBt->db = p->db;
+}
+SQLITE_PRIVATE void sqlite3BtreeEnterAll(sqlite3 *db){
+ int i;
+ for(i=0; i<db->nDb; i++){
+ Btree *p = db->aDb[i].pBt;
+ if( p ){
+ p->pBt->db = p->db;
+ }
+ }
+}
+#endif /* if SQLITE_THREADSAFE */
+#endif /* ifndef SQLITE_OMIT_SHARED_CACHE */
+
+/************** End of btmutex.c *********************************************/
+/************** Begin file btree.c *******************************************/
+/*
+** 2004 April 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file implements an external (disk-based) database using BTrees.
+** See the header comment on "btreeInt.h" for additional information.
+** Including a description of file format and an overview of operation.
+*/
+/* #include "btreeInt.h" */
+
+/*
+** The header string that appears at the beginning of every
+** SQLite database.
+*/
+static const char zMagicHeader[] = SQLITE_FILE_HEADER;
+
+/*
+** Set this global variable to 1 to enable tracing using the TRACE
+** macro.
+*/
+#if 0
+int sqlite3BtreeTrace=1; /* True to enable tracing */
+# define TRACE(X) if(sqlite3BtreeTrace){printf X;fflush(stdout);}
+#else
+# define TRACE(X)
+#endif
+
+/*
+** Extract a 2-byte big-endian integer from an array of unsigned bytes.
+** But if the value is zero, make it 65536.
+**
+** This routine is used to extract the "offset to cell content area" value
+** from the header of a btree page. If the page size is 65536 and the page
+** is empty, the offset should be 65536, but the 2-byte value stores zero.
+** This routine makes the necessary adjustment to 65536.
+*/
+#define get2byteNotZero(X) (((((int)get2byte(X))-1)&0xffff)+1)
+
+/*
+** Values passed as the 5th argument to allocateBtreePage()
+*/
+#define BTALLOC_ANY 0 /* Allocate any page */
+#define BTALLOC_EXACT 1 /* Allocate exact page if possible */
+#define BTALLOC_LE 2 /* Allocate any page <= the parameter */
+
+/*
+** Macro IfNotOmitAV(x) returns (x) if SQLITE_OMIT_AUTOVACUUM is not
+** defined, or 0 if it is. For example:
+**
+** bIncrVacuum = IfNotOmitAV(pBtShared->incrVacuum);
+*/
+#ifndef SQLITE_OMIT_AUTOVACUUM
+#define IfNotOmitAV(expr) (expr)
+#else
+#define IfNotOmitAV(expr) 0
+#endif
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/*
+** A list of BtShared objects that are eligible for participation
+** in shared cache. This variable has file scope during normal builds,
+** but the test harness needs to access it so we make it global for
+** test builds.
+**
+** Access to this variable is protected by SQLITE_MUTEX_STATIC_MASTER.
+*/
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE BtShared *SQLITE_WSD sqlite3SharedCacheList = 0;
+#else
+static BtShared *SQLITE_WSD sqlite3SharedCacheList = 0;
+#endif
+#endif /* SQLITE_OMIT_SHARED_CACHE */
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/*
+** Enable or disable the shared pager and schema features.
+**
+** This routine has no effect on existing database connections.
+** The shared cache setting effects only future calls to
+** sqlite3_open(), sqlite3_open16(), or sqlite3_open_v2().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_enable_shared_cache(int enable){
+ sqlite3GlobalConfig.sharedCacheEnabled = enable;
+ return SQLITE_OK;
+}
+#endif
+
+
+
+#ifdef SQLITE_OMIT_SHARED_CACHE
+ /*
+ ** The functions querySharedCacheTableLock(), setSharedCacheTableLock(),
+ ** and clearAllSharedCacheTableLocks()
+ ** manipulate entries in the BtShared.pLock linked list used to store
+ ** shared-cache table level locks. If the library is compiled with the
+ ** shared-cache feature disabled, then there is only ever one user
+ ** of each BtShared structure and so this locking is not necessary.
+ ** So define the lock related functions as no-ops.
+ */
+ #define querySharedCacheTableLock(a,b,c) SQLITE_OK
+ #define setSharedCacheTableLock(a,b,c) SQLITE_OK
+ #define clearAllSharedCacheTableLocks(a)
+ #define downgradeAllSharedCacheTableLocks(a)
+ #define hasSharedCacheTableLock(a,b,c,d) 1
+ #define hasReadConflicts(a, b) 0
+#endif
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+
+#ifdef SQLITE_DEBUG
+/*
+**** This function is only used as part of an assert() statement. ***
+**
+** Check to see if pBtree holds the required locks to read or write to the
+** table with root page iRoot. Return 1 if it does and 0 if not.
+**
+** For example, when writing to a table with root-page iRoot via
+** Btree connection pBtree:
+**
+** assert( hasSharedCacheTableLock(pBtree, iRoot, 0, WRITE_LOCK) );
+**
+** When writing to an index that resides in a sharable database, the
+** caller should have first obtained a lock specifying the root page of
+** the corresponding table. This makes things a bit more complicated,
+** as this module treats each table as a separate structure. To determine
+** the table corresponding to the index being written, this
+** function has to search through the database schema.
+**
+** Instead of a lock on the table/index rooted at page iRoot, the caller may
+** hold a write-lock on the schema table (root page 1). This is also
+** acceptable.
+*/
+static int hasSharedCacheTableLock(
+ Btree *pBtree, /* Handle that must hold lock */
+ Pgno iRoot, /* Root page of b-tree */
+ int isIndex, /* True if iRoot is the root of an index b-tree */
+ int eLockType /* Required lock type (READ_LOCK or WRITE_LOCK) */
+){
+ Schema *pSchema = (Schema *)pBtree->pBt->pSchema;
+ Pgno iTab = 0;
+ BtLock *pLock;
+
+ /* If this database is not shareable, or if the client is reading
+ ** and has the read-uncommitted flag set, then no lock is required.
+ ** Return true immediately.
+ */
+ if( (pBtree->sharable==0)
+ || (eLockType==READ_LOCK && (pBtree->db->flags & SQLITE_ReadUncommitted))
+ ){
+ return 1;
+ }
+
+ /* If the client is reading or writing an index and the schema is
+ ** not loaded, then it is too difficult to actually check to see if
+ ** the correct locks are held. So do not bother - just return true.
+ ** This case does not come up very often anyhow.
+ */
+ if( isIndex && (!pSchema || (pSchema->schemaFlags&DB_SchemaLoaded)==0) ){
+ return 1;
+ }
+
+ /* Figure out the root-page that the lock should be held on. For table
+ ** b-trees, this is just the root page of the b-tree being read or
+ ** written. For index b-trees, it is the root page of the associated
+ ** table. */
+ if( isIndex ){
+ HashElem *p;
+ for(p=sqliteHashFirst(&pSchema->idxHash); p; p=sqliteHashNext(p)){
+ Index *pIdx = (Index *)sqliteHashData(p);
+ if( pIdx->tnum==(int)iRoot ){
+ if( iTab ){
+ /* Two or more indexes share the same root page. There must
+ ** be imposter tables. So just return true. The assert is not
+ ** useful in that case. */
+ return 1;
+ }
+ iTab = pIdx->pTable->tnum;
+ }
+ }
+ }else{
+ iTab = iRoot;
+ }
+
+ /* Search for the required lock. Either a write-lock on root-page iTab, a
+ ** write-lock on the schema table, or (if the client is reading) a
+ ** read-lock on iTab will suffice. Return 1 if any of these are found. */
+ for(pLock=pBtree->pBt->pLock; pLock; pLock=pLock->pNext){
+ if( pLock->pBtree==pBtree
+ && (pLock->iTable==iTab || (pLock->eLock==WRITE_LOCK && pLock->iTable==1))
+ && pLock->eLock>=eLockType
+ ){
+ return 1;
+ }
+ }
+
+ /* Failed to find the required lock. */
+ return 0;
+}
+#endif /* SQLITE_DEBUG */
+
+#ifdef SQLITE_DEBUG
+/*
+**** This function may be used as part of assert() statements only. ****
+**
+** Return true if it would be illegal for pBtree to write into the
+** table or index rooted at iRoot because other shared connections are
+** simultaneously reading that same table or index.
+**
+** It is illegal for pBtree to write if some other Btree object that
+** shares the same BtShared object is currently reading or writing
+** the iRoot table. Except, if the other Btree object has the
+** read-uncommitted flag set, then it is OK for the other object to
+** have a read cursor.
+**
+** For example, before writing to any part of the table or index
+** rooted at page iRoot, one should call:
+**
+** assert( !hasReadConflicts(pBtree, iRoot) );
+*/
+static int hasReadConflicts(Btree *pBtree, Pgno iRoot){
+ BtCursor *p;
+ for(p=pBtree->pBt->pCursor; p; p=p->pNext){
+ if( p->pgnoRoot==iRoot
+ && p->pBtree!=pBtree
+ && 0==(p->pBtree->db->flags & SQLITE_ReadUncommitted)
+ ){
+ return 1;
+ }
+ }
+ return 0;
+}
+#endif /* #ifdef SQLITE_DEBUG */
+
+/*
+** Query to see if Btree handle p may obtain a lock of type eLock
+** (READ_LOCK or WRITE_LOCK) on the table with root-page iTab. Return
+** SQLITE_OK if the lock may be obtained (by calling
+** setSharedCacheTableLock()), or SQLITE_LOCKED if not.
+*/
+static int querySharedCacheTableLock(Btree *p, Pgno iTab, u8 eLock){
+ BtShared *pBt = p->pBt;
+ BtLock *pIter;
+
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( eLock==READ_LOCK || eLock==WRITE_LOCK );
+ assert( p->db!=0 );
+ assert( !(p->db->flags&SQLITE_ReadUncommitted)||eLock==WRITE_LOCK||iTab==1 );
+
+ /* If requesting a write-lock, then the Btree must have an open write
+ ** transaction on this file. And, obviously, for this to be so there
+ ** must be an open write transaction on the file itself.
+ */
+ assert( eLock==READ_LOCK || (p==pBt->pWriter && p->inTrans==TRANS_WRITE) );
+ assert( eLock==READ_LOCK || pBt->inTransaction==TRANS_WRITE );
+
+ /* This routine is a no-op if the shared-cache is not enabled */
+ if( !p->sharable ){
+ return SQLITE_OK;
+ }
+
+ /* If some other connection is holding an exclusive lock, the
+ ** requested lock may not be obtained.
+ */
+ if( pBt->pWriter!=p && (pBt->btsFlags & BTS_EXCLUSIVE)!=0 ){
+ sqlite3ConnectionBlocked(p->db, pBt->pWriter->db);
+ return SQLITE_LOCKED_SHAREDCACHE;
+ }
+
+ for(pIter=pBt->pLock; pIter; pIter=pIter->pNext){
+ /* The condition (pIter->eLock!=eLock) in the following if(...)
+ ** statement is a simplification of:
+ **
+ ** (eLock==WRITE_LOCK || pIter->eLock==WRITE_LOCK)
+ **
+ ** since we know that if eLock==WRITE_LOCK, then no other connection
+ ** may hold a WRITE_LOCK on any table in this file (since there can
+ ** only be a single writer).
+ */
+ assert( pIter->eLock==READ_LOCK || pIter->eLock==WRITE_LOCK );
+ assert( eLock==READ_LOCK || pIter->pBtree==p || pIter->eLock==READ_LOCK);
+ if( pIter->pBtree!=p && pIter->iTable==iTab && pIter->eLock!=eLock ){
+ sqlite3ConnectionBlocked(p->db, pIter->pBtree->db);
+ if( eLock==WRITE_LOCK ){
+ assert( p==pBt->pWriter );
+ pBt->btsFlags |= BTS_PENDING;
+ }
+ return SQLITE_LOCKED_SHAREDCACHE;
+ }
+ }
+ return SQLITE_OK;
+}
+#endif /* !SQLITE_OMIT_SHARED_CACHE */
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/*
+** Add a lock on the table with root-page iTable to the shared-btree used
+** by Btree handle p. Parameter eLock must be either READ_LOCK or
+** WRITE_LOCK.
+**
+** This function assumes the following:
+**
+** (a) The specified Btree object p is connected to a sharable
+** database (one with the BtShared.sharable flag set), and
+**
+** (b) No other Btree objects hold a lock that conflicts
+** with the requested lock (i.e. querySharedCacheTableLock() has
+** already been called and returned SQLITE_OK).
+**
+** SQLITE_OK is returned if the lock is added successfully. SQLITE_NOMEM
+** is returned if a malloc attempt fails.
+*/
+static int setSharedCacheTableLock(Btree *p, Pgno iTable, u8 eLock){
+ BtShared *pBt = p->pBt;
+ BtLock *pLock = 0;
+ BtLock *pIter;
+
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( eLock==READ_LOCK || eLock==WRITE_LOCK );
+ assert( p->db!=0 );
+
+ /* A connection with the read-uncommitted flag set will never try to
+ ** obtain a read-lock using this function. The only read-lock obtained
+ ** by a connection in read-uncommitted mode is on the sqlite_master
+ ** table, and that lock is obtained in BtreeBeginTrans(). */
+ assert( 0==(p->db->flags&SQLITE_ReadUncommitted) || eLock==WRITE_LOCK );
+
+ /* This function should only be called on a sharable b-tree after it
+ ** has been determined that no other b-tree holds a conflicting lock. */
+ assert( p->sharable );
+ assert( SQLITE_OK==querySharedCacheTableLock(p, iTable, eLock) );
+
+ /* First search the list for an existing lock on this table. */
+ for(pIter=pBt->pLock; pIter; pIter=pIter->pNext){
+ if( pIter->iTable==iTable && pIter->pBtree==p ){
+ pLock = pIter;
+ break;
+ }
+ }
+
+ /* If the above search did not find a BtLock struct associating Btree p
+ ** with table iTable, allocate one and link it into the list.
+ */
+ if( !pLock ){
+ pLock = (BtLock *)sqlite3MallocZero(sizeof(BtLock));
+ if( !pLock ){
+ return SQLITE_NOMEM;
+ }
+ pLock->iTable = iTable;
+ pLock->pBtree = p;
+ pLock->pNext = pBt->pLock;
+ pBt->pLock = pLock;
+ }
+
+ /* Set the BtLock.eLock variable to the maximum of the current lock
+ ** and the requested lock. This means if a write-lock was already held
+ ** and a read-lock requested, we don't incorrectly downgrade the lock.
+ */
+ assert( WRITE_LOCK>READ_LOCK );
+ if( eLock>pLock->eLock ){
+ pLock->eLock = eLock;
+ }
+
+ return SQLITE_OK;
+}
+#endif /* !SQLITE_OMIT_SHARED_CACHE */
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/*
+** Release all the table locks (locks obtained via calls to
+** the setSharedCacheTableLock() procedure) held by Btree object p.
+**
+** This function assumes that Btree p has an open read or write
+** transaction. If it does not, then the BTS_PENDING flag
+** may be incorrectly cleared.
+*/
+static void clearAllSharedCacheTableLocks(Btree *p){
+ BtShared *pBt = p->pBt;
+ BtLock **ppIter = &pBt->pLock;
+
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( p->sharable || 0==*ppIter );
+ assert( p->inTrans>0 );
+
+ while( *ppIter ){
+ BtLock *pLock = *ppIter;
+ assert( (pBt->btsFlags & BTS_EXCLUSIVE)==0 || pBt->pWriter==pLock->pBtree );
+ assert( pLock->pBtree->inTrans>=pLock->eLock );
+ if( pLock->pBtree==p ){
+ *ppIter = pLock->pNext;
+ assert( pLock->iTable!=1 || pLock==&p->lock );
+ if( pLock->iTable!=1 ){
+ sqlite3_free(pLock);
+ }
+ }else{
+ ppIter = &pLock->pNext;
+ }
+ }
+
+ assert( (pBt->btsFlags & BTS_PENDING)==0 || pBt->pWriter );
+ if( pBt->pWriter==p ){
+ pBt->pWriter = 0;
+ pBt->btsFlags &= ~(BTS_EXCLUSIVE|BTS_PENDING);
+ }else if( pBt->nTransaction==2 ){
+ /* This function is called when Btree p is concluding its
+ ** transaction. If there currently exists a writer, and p is not
+ ** that writer, then the number of locks held by connections other
+ ** than the writer must be about to drop to zero. In this case
+ ** set the BTS_PENDING flag to 0.
+ **
+ ** If there is not currently a writer, then BTS_PENDING must
+ ** be zero already. So this next line is harmless in that case.
+ */
+ pBt->btsFlags &= ~BTS_PENDING;
+ }
+}
+
+/*
+** This function changes all write-locks held by Btree p into read-locks.
+*/
+static void downgradeAllSharedCacheTableLocks(Btree *p){
+ BtShared *pBt = p->pBt;
+ if( pBt->pWriter==p ){
+ BtLock *pLock;
+ pBt->pWriter = 0;
+ pBt->btsFlags &= ~(BTS_EXCLUSIVE|BTS_PENDING);
+ for(pLock=pBt->pLock; pLock; pLock=pLock->pNext){
+ assert( pLock->eLock==READ_LOCK || pLock->pBtree==p );
+ pLock->eLock = READ_LOCK;
+ }
+ }
+}
+
+#endif /* SQLITE_OMIT_SHARED_CACHE */
+
+static void releasePage(MemPage *pPage); /* Forward reference */
+
+/*
+***** This routine is used inside of assert() only ****
+**
+** Verify that the cursor holds the mutex on its BtShared
+*/
+#ifdef SQLITE_DEBUG
+static int cursorHoldsMutex(BtCursor *p){
+ return sqlite3_mutex_held(p->pBt->mutex);
+}
+#endif
+
+/*
+** Invalidate the overflow cache of the cursor passed as the first argument.
+** on the shared btree structure pBt.
+*/
+#define invalidateOverflowCache(pCur) (pCur->curFlags &= ~BTCF_ValidOvfl)
+
+/*
+** Invalidate the overflow page-list cache for all cursors opened
+** on the shared btree structure pBt.
+*/
+static void invalidateAllOverflowCache(BtShared *pBt){
+ BtCursor *p;
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ for(p=pBt->pCursor; p; p=p->pNext){
+ invalidateOverflowCache(p);
+ }
+}
+
+#ifndef SQLITE_OMIT_INCRBLOB
+/*
+** This function is called before modifying the contents of a table
+** to invalidate any incrblob cursors that are open on the
+** row or one of the rows being modified.
+**
+** If argument isClearTable is true, then the entire contents of the
+** table is about to be deleted. In this case invalidate all incrblob
+** cursors open on any row within the table with root-page pgnoRoot.
+**
+** Otherwise, if argument isClearTable is false, then the row with
+** rowid iRow is being replaced or deleted. In this case invalidate
+** only those incrblob cursors open on that specific row.
+*/
+static void invalidateIncrblobCursors(
+ Btree *pBtree, /* The database file to check */
+ i64 iRow, /* The rowid that might be changing */
+ int isClearTable /* True if all rows are being deleted */
+){
+ BtCursor *p;
+ if( pBtree->hasIncrblobCur==0 ) return;
+ assert( sqlite3BtreeHoldsMutex(pBtree) );
+ pBtree->hasIncrblobCur = 0;
+ for(p=pBtree->pBt->pCursor; p; p=p->pNext){
+ if( (p->curFlags & BTCF_Incrblob)!=0 ){
+ pBtree->hasIncrblobCur = 1;
+ if( isClearTable || p->info.nKey==iRow ){
+ p->eState = CURSOR_INVALID;
+ }
+ }
+ }
+}
+
+#else
+ /* Stub function when INCRBLOB is omitted */
+ #define invalidateIncrblobCursors(x,y,z)
+#endif /* SQLITE_OMIT_INCRBLOB */
+
+/*
+** Set bit pgno of the BtShared.pHasContent bitvec. This is called
+** when a page that previously contained data becomes a free-list leaf
+** page.
+**
+** The BtShared.pHasContent bitvec exists to work around an obscure
+** bug caused by the interaction of two useful IO optimizations surrounding
+** free-list leaf pages:
+**
+** 1) When all data is deleted from a page and the page becomes
+** a free-list leaf page, the page is not written to the database
+** (as free-list leaf pages contain no meaningful data). Sometimes
+** such a page is not even journalled (as it will not be modified,
+** why bother journalling it?).
+**
+** 2) When a free-list leaf page is reused, its content is not read
+** from the database or written to the journal file (why should it
+** be, if it is not at all meaningful?).
+**
+** By themselves, these optimizations work fine and provide a handy
+** performance boost to bulk delete or insert operations. However, if
+** a page is moved to the free-list and then reused within the same
+** transaction, a problem comes up. If the page is not journalled when
+** it is moved to the free-list and it is also not journalled when it
+** is extracted from the free-list and reused, then the original data
+** may be lost. In the event of a rollback, it may not be possible
+** to restore the database to its original configuration.
+**
+** The solution is the BtShared.pHasContent bitvec. Whenever a page is
+** moved to become a free-list leaf page, the corresponding bit is
+** set in the bitvec. Whenever a leaf page is extracted from the free-list,
+** optimization 2 above is omitted if the corresponding bit is already
+** set in BtShared.pHasContent. The contents of the bitvec are cleared
+** at the end of every transaction.
+*/
+static int btreeSetHasContent(BtShared *pBt, Pgno pgno){
+ int rc = SQLITE_OK;
+ if( !pBt->pHasContent ){
+ assert( pgno<=pBt->nPage );
+ pBt->pHasContent = sqlite3BitvecCreate(pBt->nPage);
+ if( !pBt->pHasContent ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+ if( rc==SQLITE_OK && pgno<=sqlite3BitvecSize(pBt->pHasContent) ){
+ rc = sqlite3BitvecSet(pBt->pHasContent, pgno);
+ }
+ return rc;
+}
+
+/*
+** Query the BtShared.pHasContent vector.
+**
+** This function is called when a free-list leaf page is removed from the
+** free-list for reuse. It returns false if it is safe to retrieve the
+** page from the pager layer with the 'no-content' flag set. True otherwise.
+*/
+static int btreeGetHasContent(BtShared *pBt, Pgno pgno){
+ Bitvec *p = pBt->pHasContent;
+ return (p && (pgno>sqlite3BitvecSize(p) || sqlite3BitvecTest(p, pgno)));
+}
+
+/*
+** Clear (destroy) the BtShared.pHasContent bitvec. This should be
+** invoked at the conclusion of each write-transaction.
+*/
+static void btreeClearHasContent(BtShared *pBt){
+ sqlite3BitvecDestroy(pBt->pHasContent);
+ pBt->pHasContent = 0;
+}
+
+/*
+** Release all of the apPage[] pages for a cursor.
+*/
+static void btreeReleaseAllCursorPages(BtCursor *pCur){
+ int i;
+ for(i=0; i<=pCur->iPage; i++){
+ releasePage(pCur->apPage[i]);
+ pCur->apPage[i] = 0;
+ }
+ pCur->iPage = -1;
+}
+
+/*
+** The cursor passed as the only argument must point to a valid entry
+** when this function is called (i.e. have eState==CURSOR_VALID). This
+** function saves the current cursor key in variables pCur->nKey and
+** pCur->pKey. SQLITE_OK is returned if successful or an SQLite error
+** code otherwise.
+**
+** If the cursor is open on an intkey table, then the integer key
+** (the rowid) is stored in pCur->nKey and pCur->pKey is left set to
+** NULL. If the cursor is open on a non-intkey table, then pCur->pKey is
+** set to point to a malloced buffer pCur->nKey bytes in size containing
+** the key.
+*/
+static int saveCursorKey(BtCursor *pCur){
+ int rc;
+ assert( CURSOR_VALID==pCur->eState );
+ assert( 0==pCur->pKey );
+ assert( cursorHoldsMutex(pCur) );
+
+ rc = sqlite3BtreeKeySize(pCur, &pCur->nKey);
+ assert( rc==SQLITE_OK ); /* KeySize() cannot fail */
+
+ /* If this is an intKey table, then the above call to BtreeKeySize()
+ ** stores the integer key in pCur->nKey. In this case this value is
+ ** all that is required. Otherwise, if pCur is not open on an intKey
+ ** table, then malloc space for and store the pCur->nKey bytes of key
+ ** data. */
+ if( 0==pCur->curIntKey ){
+ void *pKey = sqlite3Malloc( pCur->nKey );
+ if( pKey ){
+ rc = sqlite3BtreeKey(pCur, 0, (int)pCur->nKey, pKey);
+ if( rc==SQLITE_OK ){
+ pCur->pKey = pKey;
+ }else{
+ sqlite3_free(pKey);
+ }
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ }
+ assert( !pCur->curIntKey || !pCur->pKey );
+ return rc;
+}
+
+/*
+** Save the current cursor position in the variables BtCursor.nKey
+** and BtCursor.pKey. The cursor's state is set to CURSOR_REQUIRESEEK.
+**
+** The caller must ensure that the cursor is valid (has eState==CURSOR_VALID)
+** prior to calling this routine.
+*/
+static int saveCursorPosition(BtCursor *pCur){
+ int rc;
+
+ assert( CURSOR_VALID==pCur->eState || CURSOR_SKIPNEXT==pCur->eState );
+ assert( 0==pCur->pKey );
+ assert( cursorHoldsMutex(pCur) );
+
+ if( pCur->eState==CURSOR_SKIPNEXT ){
+ pCur->eState = CURSOR_VALID;
+ }else{
+ pCur->skipNext = 0;
+ }
+
+ rc = saveCursorKey(pCur);
+ if( rc==SQLITE_OK ){
+ btreeReleaseAllCursorPages(pCur);
+ pCur->eState = CURSOR_REQUIRESEEK;
+ }
+
+ pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl|BTCF_AtLast);
+ return rc;
+}
+
+/* Forward reference */
+static int SQLITE_NOINLINE saveCursorsOnList(BtCursor*,Pgno,BtCursor*);
+
+/*
+** Save the positions of all cursors (except pExcept) that are open on
+** the table with root-page iRoot. "Saving the cursor position" means that
+** the location in the btree is remembered in such a way that it can be
+** moved back to the same spot after the btree has been modified. This
+** routine is called just before cursor pExcept is used to modify the
+** table, for example in BtreeDelete() or BtreeInsert().
+**
+** If there are two or more cursors on the same btree, then all such
+** cursors should have their BTCF_Multiple flag set. The btreeCursor()
+** routine enforces that rule. This routine only needs to be called in
+** the uncommon case when pExpect has the BTCF_Multiple flag set.
+**
+** If pExpect!=NULL and if no other cursors are found on the same root-page,
+** then the BTCF_Multiple flag on pExpect is cleared, to avoid another
+** pointless call to this routine.
+**
+** Implementation note: This routine merely checks to see if any cursors
+** need to be saved. It calls out to saveCursorsOnList() in the (unusual)
+** event that cursors are in need to being saved.
+*/
+static int saveAllCursors(BtShared *pBt, Pgno iRoot, BtCursor *pExcept){
+ BtCursor *p;
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( pExcept==0 || pExcept->pBt==pBt );
+ for(p=pBt->pCursor; p; p=p->pNext){
+ if( p!=pExcept && (0==iRoot || p->pgnoRoot==iRoot) ) break;
+ }
+ if( p ) return saveCursorsOnList(p, iRoot, pExcept);
+ if( pExcept ) pExcept->curFlags &= ~BTCF_Multiple;
+ return SQLITE_OK;
+}
+
+/* This helper routine to saveAllCursors does the actual work of saving
+** the cursors if and when a cursor is found that actually requires saving.
+** The common case is that no cursors need to be saved, so this routine is
+** broken out from its caller to avoid unnecessary stack pointer movement.
+*/
+static int SQLITE_NOINLINE saveCursorsOnList(
+ BtCursor *p, /* The first cursor that needs saving */
+ Pgno iRoot, /* Only save cursor with this iRoot. Save all if zero */
+ BtCursor *pExcept /* Do not save this cursor */
+){
+ do{
+ if( p!=pExcept && (0==iRoot || p->pgnoRoot==iRoot) ){
+ if( p->eState==CURSOR_VALID || p->eState==CURSOR_SKIPNEXT ){
+ int rc = saveCursorPosition(p);
+ if( SQLITE_OK!=rc ){
+ return rc;
+ }
+ }else{
+ testcase( p->iPage>0 );
+ btreeReleaseAllCursorPages(p);
+ }
+ }
+ p = p->pNext;
+ }while( p );
+ return SQLITE_OK;
+}
+
+/*
+** Clear the current cursor position.
+*/
+SQLITE_PRIVATE void sqlite3BtreeClearCursor(BtCursor *pCur){
+ assert( cursorHoldsMutex(pCur) );
+ sqlite3_free(pCur->pKey);
+ pCur->pKey = 0;
+ pCur->eState = CURSOR_INVALID;
+}
+
+/*
+** In this version of BtreeMoveto, pKey is a packed index record
+** such as is generated by the OP_MakeRecord opcode. Unpack the
+** record and then call BtreeMovetoUnpacked() to do the work.
+*/
+static int btreeMoveto(
+ BtCursor *pCur, /* Cursor open on the btree to be searched */
+ const void *pKey, /* Packed key if the btree is an index */
+ i64 nKey, /* Integer key for tables. Size of pKey for indices */
+ int bias, /* Bias search to the high end */
+ int *pRes /* Write search results here */
+){
+ int rc; /* Status code */
+ UnpackedRecord *pIdxKey; /* Unpacked index key */
+ char aSpace[200]; /* Temp space for pIdxKey - to avoid a malloc */
+ char *pFree = 0;
+
+ if( pKey ){
+ assert( nKey==(i64)(int)nKey );
+ pIdxKey = sqlite3VdbeAllocUnpackedRecord(
+ pCur->pKeyInfo, aSpace, sizeof(aSpace), &pFree
+ );
+ if( pIdxKey==0 ) return SQLITE_NOMEM;
+ sqlite3VdbeRecordUnpack(pCur->pKeyInfo, (int)nKey, pKey, pIdxKey);
+ if( pIdxKey->nField==0 ){
+ sqlite3DbFree(pCur->pKeyInfo->db, pFree);
+ return SQLITE_CORRUPT_BKPT;
+ }
+ }else{
+ pIdxKey = 0;
+ }
+ rc = sqlite3BtreeMovetoUnpacked(pCur, pIdxKey, nKey, bias, pRes);
+ if( pFree ){
+ sqlite3DbFree(pCur->pKeyInfo->db, pFree);
+ }
+ return rc;
+}
+
+/*
+** Restore the cursor to the position it was in (or as close to as possible)
+** when saveCursorPosition() was called. Note that this call deletes the
+** saved position info stored by saveCursorPosition(), so there can be
+** at most one effective restoreCursorPosition() call after each
+** saveCursorPosition().
+*/
+static int btreeRestoreCursorPosition(BtCursor *pCur){
+ int rc;
+ int skipNext;
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState>=CURSOR_REQUIRESEEK );
+ if( pCur->eState==CURSOR_FAULT ){
+ return pCur->skipNext;
+ }
+ pCur->eState = CURSOR_INVALID;
+ rc = btreeMoveto(pCur, pCur->pKey, pCur->nKey, 0, &skipNext);
+ if( rc==SQLITE_OK ){
+ sqlite3_free(pCur->pKey);
+ pCur->pKey = 0;
+ assert( pCur->eState==CURSOR_VALID || pCur->eState==CURSOR_INVALID );
+ pCur->skipNext |= skipNext;
+ if( pCur->skipNext && pCur->eState==CURSOR_VALID ){
+ pCur->eState = CURSOR_SKIPNEXT;
+ }
+ }
+ return rc;
+}
+
+#define restoreCursorPosition(p) \
+ (p->eState>=CURSOR_REQUIRESEEK ? \
+ btreeRestoreCursorPosition(p) : \
+ SQLITE_OK)
+
+/*
+** Determine whether or not a cursor has moved from the position where
+** it was last placed, or has been invalidated for any other reason.
+** Cursors can move when the row they are pointing at is deleted out
+** from under them, for example. Cursor might also move if a btree
+** is rebalanced.
+**
+** Calling this routine with a NULL cursor pointer returns false.
+**
+** Use the separate sqlite3BtreeCursorRestore() routine to restore a cursor
+** back to where it ought to be if this routine returns true.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCursorHasMoved(BtCursor *pCur){
+ return pCur->eState!=CURSOR_VALID;
+}
+
+/*
+** This routine restores a cursor back to its original position after it
+** has been moved by some outside activity (such as a btree rebalance or
+** a row having been deleted out from under the cursor).
+**
+** On success, the *pDifferentRow parameter is false if the cursor is left
+** pointing at exactly the same row. *pDifferntRow is the row the cursor
+** was pointing to has been deleted, forcing the cursor to point to some
+** nearby row.
+**
+** This routine should only be called for a cursor that just returned
+** TRUE from sqlite3BtreeCursorHasMoved().
+*/
+SQLITE_PRIVATE int sqlite3BtreeCursorRestore(BtCursor *pCur, int *pDifferentRow){
+ int rc;
+
+ assert( pCur!=0 );
+ assert( pCur->eState!=CURSOR_VALID );
+ rc = restoreCursorPosition(pCur);
+ if( rc ){
+ *pDifferentRow = 1;
+ return rc;
+ }
+ if( pCur->eState!=CURSOR_VALID ){
+ *pDifferentRow = 1;
+ }else{
+ assert( pCur->skipNext==0 );
+ *pDifferentRow = 0;
+ }
+ return SQLITE_OK;
+}
+
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+/*
+** Provide hints to the cursor. The particular hint given (and the type
+** and number of the varargs parameters) is determined by the eHintType
+** parameter. See the definitions of the BTREE_HINT_* macros for details.
+*/
+SQLITE_PRIVATE void sqlite3BtreeCursorHint(BtCursor *pCur, int eHintType, ...){
+ /* Used only by system that substitute their own storage engine */
+}
+#endif
+
+/*
+** Provide flag hints to the cursor.
+*/
+SQLITE_PRIVATE void sqlite3BtreeCursorHintFlags(BtCursor *pCur, unsigned x){
+ assert( x==BTREE_SEEK_EQ || x==BTREE_BULKLOAD || x==0 );
+ pCur->hints = x;
+}
+
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+/*
+** Given a page number of a regular database page, return the page
+** number for the pointer-map page that contains the entry for the
+** input page number.
+**
+** Return 0 (not a valid page) for pgno==1 since there is
+** no pointer map associated with page 1. The integrity_check logic
+** requires that ptrmapPageno(*,1)!=1.
+*/
+static Pgno ptrmapPageno(BtShared *pBt, Pgno pgno){
+ int nPagesPerMapPage;
+ Pgno iPtrMap, ret;
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ if( pgno<2 ) return 0;
+ nPagesPerMapPage = (pBt->usableSize/5)+1;
+ iPtrMap = (pgno-2)/nPagesPerMapPage;
+ ret = (iPtrMap*nPagesPerMapPage) + 2;
+ if( ret==PENDING_BYTE_PAGE(pBt) ){
+ ret++;
+ }
+ return ret;
+}
+
+/*
+** Write an entry into the pointer map.
+**
+** This routine updates the pointer map entry for page number 'key'
+** so that it maps to type 'eType' and parent page number 'pgno'.
+**
+** If *pRC is initially non-zero (non-SQLITE_OK) then this routine is
+** a no-op. If an error occurs, the appropriate error code is written
+** into *pRC.
+*/
+static void ptrmapPut(BtShared *pBt, Pgno key, u8 eType, Pgno parent, int *pRC){
+ DbPage *pDbPage; /* The pointer map page */
+ u8 *pPtrmap; /* The pointer map data */
+ Pgno iPtrmap; /* The pointer map page number */
+ int offset; /* Offset in pointer map page */
+ int rc; /* Return code from subfunctions */
+
+ if( *pRC ) return;
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ /* The master-journal page number must never be used as a pointer map page */
+ assert( 0==PTRMAP_ISPAGE(pBt, PENDING_BYTE_PAGE(pBt)) );
+
+ assert( pBt->autoVacuum );
+ if( key==0 ){
+ *pRC = SQLITE_CORRUPT_BKPT;
+ return;
+ }
+ iPtrmap = PTRMAP_PAGENO(pBt, key);
+ rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage, 0);
+ if( rc!=SQLITE_OK ){
+ *pRC = rc;
+ return;
+ }
+ offset = PTRMAP_PTROFFSET(iPtrmap, key);
+ if( offset<0 ){
+ *pRC = SQLITE_CORRUPT_BKPT;
+ goto ptrmap_exit;
+ }
+ assert( offset <= (int)pBt->usableSize-5 );
+ pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
+
+ if( eType!=pPtrmap[offset] || get4byte(&pPtrmap[offset+1])!=parent ){
+ TRACE(("PTRMAP_UPDATE: %d->(%d,%d)\n", key, eType, parent));
+ *pRC= rc = sqlite3PagerWrite(pDbPage);
+ if( rc==SQLITE_OK ){
+ pPtrmap[offset] = eType;
+ put4byte(&pPtrmap[offset+1], parent);
+ }
+ }
+
+ptrmap_exit:
+ sqlite3PagerUnref(pDbPage);
+}
+
+/*
+** Read an entry from the pointer map.
+**
+** This routine retrieves the pointer map entry for page 'key', writing
+** the type and parent page number to *pEType and *pPgno respectively.
+** An error code is returned if something goes wrong, otherwise SQLITE_OK.
+*/
+static int ptrmapGet(BtShared *pBt, Pgno key, u8 *pEType, Pgno *pPgno){
+ DbPage *pDbPage; /* The pointer map page */
+ int iPtrmap; /* Pointer map page index */
+ u8 *pPtrmap; /* Pointer map page data */
+ int offset; /* Offset of entry in pointer map */
+ int rc;
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+
+ iPtrmap = PTRMAP_PAGENO(pBt, key);
+ rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage, 0);
+ if( rc!=0 ){
+ return rc;
+ }
+ pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
+
+ offset = PTRMAP_PTROFFSET(iPtrmap, key);
+ if( offset<0 ){
+ sqlite3PagerUnref(pDbPage);
+ return SQLITE_CORRUPT_BKPT;
+ }
+ assert( offset <= (int)pBt->usableSize-5 );
+ assert( pEType!=0 );
+ *pEType = pPtrmap[offset];
+ if( pPgno ) *pPgno = get4byte(&pPtrmap[offset+1]);
+
+ sqlite3PagerUnref(pDbPage);
+ if( *pEType<1 || *pEType>5 ) return SQLITE_CORRUPT_BKPT;
+ return SQLITE_OK;
+}
+
+#else /* if defined SQLITE_OMIT_AUTOVACUUM */
+ #define ptrmapPut(w,x,y,z,rc)
+ #define ptrmapGet(w,x,y,z) SQLITE_OK
+ #define ptrmapPutOvflPtr(x, y, rc)
+#endif
+
+/*
+** Given a btree page and a cell index (0 means the first cell on
+** the page, 1 means the second cell, and so forth) return a pointer
+** to the cell content.
+**
+** findCellPastPtr() does the same except it skips past the initial
+** 4-byte child pointer found on interior pages, if there is one.
+**
+** This routine works only for pages that do not contain overflow cells.
+*/
+#define findCell(P,I) \
+ ((P)->aData + ((P)->maskPage & get2byteAligned(&(P)->aCellIdx[2*(I)])))
+#define findCellPastPtr(P,I) \
+ ((P)->aDataOfst + ((P)->maskPage & get2byteAligned(&(P)->aCellIdx[2*(I)])))
+
+
+/*
+** This is common tail processing for btreeParseCellPtr() and
+** btreeParseCellPtrIndex() for the case when the cell does not fit entirely
+** on a single B-tree page. Make necessary adjustments to the CellInfo
+** structure.
+*/
+static SQLITE_NOINLINE void btreeParseCellAdjustSizeForOverflow(
+ MemPage *pPage, /* Page containing the cell */
+ u8 *pCell, /* Pointer to the cell text. */
+ CellInfo *pInfo /* Fill in this structure */
+){
+ /* If the payload will not fit completely on the local page, we have
+ ** to decide how much to store locally and how much to spill onto
+ ** overflow pages. The strategy is to minimize the amount of unused
+ ** space on overflow pages while keeping the amount of local storage
+ ** in between minLocal and maxLocal.
+ **
+ ** Warning: changing the way overflow payload is distributed in any
+ ** way will result in an incompatible file format.
+ */
+ int minLocal; /* Minimum amount of payload held locally */
+ int maxLocal; /* Maximum amount of payload held locally */
+ int surplus; /* Overflow payload available for local storage */
+
+ minLocal = pPage->minLocal;
+ maxLocal = pPage->maxLocal;
+ surplus = minLocal + (pInfo->nPayload - minLocal)%(pPage->pBt->usableSize-4);
+ testcase( surplus==maxLocal );
+ testcase( surplus==maxLocal+1 );
+ if( surplus <= maxLocal ){
+ pInfo->nLocal = (u16)surplus;
+ }else{
+ pInfo->nLocal = (u16)minLocal;
+ }
+ pInfo->nSize = (u16)(&pInfo->pPayload[pInfo->nLocal] - pCell) + 4;
+}
+
+/*
+** The following routines are implementations of the MemPage.xParseCell()
+** method.
+**
+** Parse a cell content block and fill in the CellInfo structure.
+**
+** btreeParseCellPtr() => table btree leaf nodes
+** btreeParseCellNoPayload() => table btree internal nodes
+** btreeParseCellPtrIndex() => index btree nodes
+**
+** There is also a wrapper function btreeParseCell() that works for
+** all MemPage types and that references the cell by index rather than
+** by pointer.
+*/
+static void btreeParseCellPtrNoPayload(
+ MemPage *pPage, /* Page containing the cell */
+ u8 *pCell, /* Pointer to the cell text. */
+ CellInfo *pInfo /* Fill in this structure */
+){
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( pPage->leaf==0 );
+ assert( pPage->noPayload );
+ assert( pPage->childPtrSize==4 );
+#ifndef SQLITE_DEBUG
+ UNUSED_PARAMETER(pPage);
+#endif
+ pInfo->nSize = 4 + getVarint(&pCell[4], (u64*)&pInfo->nKey);
+ pInfo->nPayload = 0;
+ pInfo->nLocal = 0;
+ pInfo->pPayload = 0;
+ return;
+}
+static void btreeParseCellPtr(
+ MemPage *pPage, /* Page containing the cell */
+ u8 *pCell, /* Pointer to the cell text. */
+ CellInfo *pInfo /* Fill in this structure */
+){
+ u8 *pIter; /* For scanning through pCell */
+ u32 nPayload; /* Number of bytes of cell payload */
+ u64 iKey; /* Extracted Key value */
+
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( pPage->leaf==0 || pPage->leaf==1 );
+ assert( pPage->intKeyLeaf || pPage->noPayload );
+ assert( pPage->noPayload==0 );
+ assert( pPage->intKeyLeaf );
+ assert( pPage->childPtrSize==0 );
+ pIter = pCell;
+
+ /* The next block of code is equivalent to:
+ **
+ ** pIter += getVarint32(pIter, nPayload);
+ **
+ ** The code is inlined to avoid a function call.
+ */
+ nPayload = *pIter;
+ if( nPayload>=0x80 ){
+ u8 *pEnd = &pIter[8];
+ nPayload &= 0x7f;
+ do{
+ nPayload = (nPayload<<7) | (*++pIter & 0x7f);
+ }while( (*pIter)>=0x80 && pIter<pEnd );
+ }
+ pIter++;
+
+ /* The next block of code is equivalent to:
+ **
+ ** pIter += getVarint(pIter, (u64*)&pInfo->nKey);
+ **
+ ** The code is inlined to avoid a function call.
+ */
+ iKey = *pIter;
+ if( iKey>=0x80 ){
+ u8 *pEnd = &pIter[7];
+ iKey &= 0x7f;
+ while(1){
+ iKey = (iKey<<7) | (*++pIter & 0x7f);
+ if( (*pIter)<0x80 ) break;
+ if( pIter>=pEnd ){
+ iKey = (iKey<<8) | *++pIter;
+ break;
+ }
+ }
+ }
+ pIter++;
+
+ pInfo->nKey = *(i64*)&iKey;
+ pInfo->nPayload = nPayload;
+ pInfo->pPayload = pIter;
+ testcase( nPayload==pPage->maxLocal );
+ testcase( nPayload==pPage->maxLocal+1 );
+ if( nPayload<=pPage->maxLocal ){
+ /* This is the (easy) common case where the entire payload fits
+ ** on the local page. No overflow is required.
+ */
+ pInfo->nSize = nPayload + (u16)(pIter - pCell);
+ if( pInfo->nSize<4 ) pInfo->nSize = 4;
+ pInfo->nLocal = (u16)nPayload;
+ }else{
+ btreeParseCellAdjustSizeForOverflow(pPage, pCell, pInfo);
+ }
+}
+static void btreeParseCellPtrIndex(
+ MemPage *pPage, /* Page containing the cell */
+ u8 *pCell, /* Pointer to the cell text. */
+ CellInfo *pInfo /* Fill in this structure */
+){
+ u8 *pIter; /* For scanning through pCell */
+ u32 nPayload; /* Number of bytes of cell payload */
+
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( pPage->leaf==0 || pPage->leaf==1 );
+ assert( pPage->intKeyLeaf==0 );
+ assert( pPage->noPayload==0 );
+ pIter = pCell + pPage->childPtrSize;
+ nPayload = *pIter;
+ if( nPayload>=0x80 ){
+ u8 *pEnd = &pIter[8];
+ nPayload &= 0x7f;
+ do{
+ nPayload = (nPayload<<7) | (*++pIter & 0x7f);
+ }while( *(pIter)>=0x80 && pIter<pEnd );
+ }
+ pIter++;
+ pInfo->nKey = nPayload;
+ pInfo->nPayload = nPayload;
+ pInfo->pPayload = pIter;
+ testcase( nPayload==pPage->maxLocal );
+ testcase( nPayload==pPage->maxLocal+1 );
+ if( nPayload<=pPage->maxLocal ){
+ /* This is the (easy) common case where the entire payload fits
+ ** on the local page. No overflow is required.
+ */
+ pInfo->nSize = nPayload + (u16)(pIter - pCell);
+ if( pInfo->nSize<4 ) pInfo->nSize = 4;
+ pInfo->nLocal = (u16)nPayload;
+ }else{
+ btreeParseCellAdjustSizeForOverflow(pPage, pCell, pInfo);
+ }
+}
+static void btreeParseCell(
+ MemPage *pPage, /* Page containing the cell */
+ int iCell, /* The cell index. First cell is 0 */
+ CellInfo *pInfo /* Fill in this structure */
+){
+ pPage->xParseCell(pPage, findCell(pPage, iCell), pInfo);
+}
+
+/*
+** The following routines are implementations of the MemPage.xCellSize
+** method.
+**
+** Compute the total number of bytes that a Cell needs in the cell
+** data area of the btree-page. The return number includes the cell
+** data header and the local payload, but not any overflow page or
+** the space used by the cell pointer.
+**
+** cellSizePtrNoPayload() => table internal nodes
+** cellSizePtr() => all index nodes & table leaf nodes
+*/
+static u16 cellSizePtr(MemPage *pPage, u8 *pCell){
+ u8 *pIter = pCell + pPage->childPtrSize; /* For looping over bytes of pCell */
+ u8 *pEnd; /* End mark for a varint */
+ u32 nSize; /* Size value to return */
+
+#ifdef SQLITE_DEBUG
+ /* The value returned by this function should always be the same as
+ ** the (CellInfo.nSize) value found by doing a full parse of the
+ ** cell. If SQLITE_DEBUG is defined, an assert() at the bottom of
+ ** this function verifies that this invariant is not violated. */
+ CellInfo debuginfo;
+ pPage->xParseCell(pPage, pCell, &debuginfo);
+#endif
+
+ assert( pPage->noPayload==0 );
+ nSize = *pIter;
+ if( nSize>=0x80 ){
+ pEnd = &pIter[8];
+ nSize &= 0x7f;
+ do{
+ nSize = (nSize<<7) | (*++pIter & 0x7f);
+ }while( *(pIter)>=0x80 && pIter<pEnd );
+ }
+ pIter++;
+ if( pPage->intKey ){
+ /* pIter now points at the 64-bit integer key value, a variable length
+ ** integer. The following block moves pIter to point at the first byte
+ ** past the end of the key value. */
+ pEnd = &pIter[9];
+ while( (*pIter++)&0x80 && pIter<pEnd );
+ }
+ testcase( nSize==pPage->maxLocal );
+ testcase( nSize==pPage->maxLocal+1 );
+ if( nSize<=pPage->maxLocal ){
+ nSize += (u32)(pIter - pCell);
+ if( nSize<4 ) nSize = 4;
+ }else{
+ int minLocal = pPage->minLocal;
+ nSize = minLocal + (nSize - minLocal) % (pPage->pBt->usableSize - 4);
+ testcase( nSize==pPage->maxLocal );
+ testcase( nSize==pPage->maxLocal+1 );
+ if( nSize>pPage->maxLocal ){
+ nSize = minLocal;
+ }
+ nSize += 4 + (u16)(pIter - pCell);
+ }
+ assert( nSize==debuginfo.nSize || CORRUPT_DB );
+ return (u16)nSize;
+}
+static u16 cellSizePtrNoPayload(MemPage *pPage, u8 *pCell){
+ u8 *pIter = pCell + 4; /* For looping over bytes of pCell */
+ u8 *pEnd; /* End mark for a varint */
+
+#ifdef SQLITE_DEBUG
+ /* The value returned by this function should always be the same as
+ ** the (CellInfo.nSize) value found by doing a full parse of the
+ ** cell. If SQLITE_DEBUG is defined, an assert() at the bottom of
+ ** this function verifies that this invariant is not violated. */
+ CellInfo debuginfo;
+ pPage->xParseCell(pPage, pCell, &debuginfo);
+#else
+ UNUSED_PARAMETER(pPage);
+#endif
+
+ assert( pPage->childPtrSize==4 );
+ pEnd = pIter + 9;
+ while( (*pIter++)&0x80 && pIter<pEnd );
+ assert( debuginfo.nSize==(u16)(pIter - pCell) || CORRUPT_DB );
+ return (u16)(pIter - pCell);
+}
+
+
+#ifdef SQLITE_DEBUG
+/* This variation on cellSizePtr() is used inside of assert() statements
+** only. */
+static u16 cellSize(MemPage *pPage, int iCell){
+ return pPage->xCellSize(pPage, findCell(pPage, iCell));
+}
+#endif
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+/*
+** If the cell pCell, part of page pPage contains a pointer
+** to an overflow page, insert an entry into the pointer-map
+** for the overflow page.
+*/
+static void ptrmapPutOvflPtr(MemPage *pPage, u8 *pCell, int *pRC){
+ CellInfo info;
+ if( *pRC ) return;
+ assert( pCell!=0 );
+ pPage->xParseCell(pPage, pCell, &info);
+ if( info.nLocal<info.nPayload ){
+ Pgno ovfl = get4byte(&pCell[info.nSize-4]);
+ ptrmapPut(pPage->pBt, ovfl, PTRMAP_OVERFLOW1, pPage->pgno, pRC);
+ }
+}
+#endif
+
+
+/*
+** Defragment the page given. All Cells are moved to the
+** end of the page and all free space is collected into one
+** big FreeBlk that occurs in between the header and cell
+** pointer array and the cell content area.
+**
+** EVIDENCE-OF: R-44582-60138 SQLite may from time to time reorganize a
+** b-tree page so that there are no freeblocks or fragment bytes, all
+** unused bytes are contained in the unallocated space region, and all
+** cells are packed tightly at the end of the page.
+*/
+static int defragmentPage(MemPage *pPage){
+ int i; /* Loop counter */
+ int pc; /* Address of the i-th cell */
+ int hdr; /* Offset to the page header */
+ int size; /* Size of a cell */
+ int usableSize; /* Number of usable bytes on a page */
+ int cellOffset; /* Offset to the cell pointer array */
+ int cbrk; /* Offset to the cell content area */
+ int nCell; /* Number of cells on the page */
+ unsigned char *data; /* The page data */
+ unsigned char *temp; /* Temp area for cell content */
+ unsigned char *src; /* Source of content */
+ int iCellFirst; /* First allowable cell index */
+ int iCellLast; /* Last possible cell index */
+
+
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ assert( pPage->pBt!=0 );
+ assert( pPage->pBt->usableSize <= SQLITE_MAX_PAGE_SIZE );
+ assert( pPage->nOverflow==0 );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ temp = 0;
+ src = data = pPage->aData;
+ hdr = pPage->hdrOffset;
+ cellOffset = pPage->cellOffset;
+ nCell = pPage->nCell;
+ assert( nCell==get2byte(&data[hdr+3]) );
+ usableSize = pPage->pBt->usableSize;
+ cbrk = usableSize;
+ iCellFirst = cellOffset + 2*nCell;
+ iCellLast = usableSize - 4;
+ for(i=0; i<nCell; i++){
+ u8 *pAddr; /* The i-th cell pointer */
+ pAddr = &data[cellOffset + i*2];
+ pc = get2byte(pAddr);
+ testcase( pc==iCellFirst );
+ testcase( pc==iCellLast );
+ /* These conditions have already been verified in btreeInitPage()
+ ** if PRAGMA cell_size_check=ON.
+ */
+ if( pc<iCellFirst || pc>iCellLast ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ assert( pc>=iCellFirst && pc<=iCellLast );
+ size = pPage->xCellSize(pPage, &src[pc]);
+ cbrk -= size;
+ if( cbrk<iCellFirst || pc+size>usableSize ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ assert( cbrk+size<=usableSize && cbrk>=iCellFirst );
+ testcase( cbrk+size==usableSize );
+ testcase( pc+size==usableSize );
+ put2byte(pAddr, cbrk);
+ if( temp==0 ){
+ int x;
+ if( cbrk==pc ) continue;
+ temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
+ x = get2byte(&data[hdr+5]);
+ memcpy(&temp[x], &data[x], (cbrk+size) - x);
+ src = temp;
+ }
+ memcpy(&data[cbrk], &src[pc], size);
+ }
+ assert( cbrk>=iCellFirst );
+ put2byte(&data[hdr+5], cbrk);
+ data[hdr+1] = 0;
+ data[hdr+2] = 0;
+ data[hdr+7] = 0;
+ memset(&data[iCellFirst], 0, cbrk-iCellFirst);
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ if( cbrk-iCellFirst!=pPage->nFree ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Search the free-list on page pPg for space to store a cell nByte bytes in
+** size. If one can be found, return a pointer to the space and remove it
+** from the free-list.
+**
+** If no suitable space can be found on the free-list, return NULL.
+**
+** This function may detect corruption within pPg. If corruption is
+** detected then *pRc is set to SQLITE_CORRUPT and NULL is returned.
+**
+** Slots on the free list that are between 1 and 3 bytes larger than nByte
+** will be ignored if adding the extra space to the fragmentation count
+** causes the fragmentation count to exceed 60.
+*/
+static u8 *pageFindSlot(MemPage *pPg, int nByte, int *pRc){
+ const int hdr = pPg->hdrOffset;
+ u8 * const aData = pPg->aData;
+ int iAddr = hdr + 1;
+ int pc = get2byte(&aData[iAddr]);
+ int x;
+ int usableSize = pPg->pBt->usableSize;
+
+ assert( pc>0 );
+ do{
+ int size; /* Size of the free slot */
+ /* EVIDENCE-OF: R-06866-39125 Freeblocks are always connected in order of
+ ** increasing offset. */
+ if( pc>usableSize-4 || pc<iAddr+4 ){
+ *pRc = SQLITE_CORRUPT_BKPT;
+ return 0;
+ }
+ /* EVIDENCE-OF: R-22710-53328 The third and fourth bytes of each
+ ** freeblock form a big-endian integer which is the size of the freeblock
+ ** in bytes, including the 4-byte header. */
+ size = get2byte(&aData[pc+2]);
+ if( (x = size - nByte)>=0 ){
+ testcase( x==4 );
+ testcase( x==3 );
+ if( pc < pPg->cellOffset+2*pPg->nCell || size+pc > usableSize ){
+ *pRc = SQLITE_CORRUPT_BKPT;
+ return 0;
+ }else if( x<4 ){
+ /* EVIDENCE-OF: R-11498-58022 In a well-formed b-tree page, the total
+ ** number of bytes in fragments may not exceed 60. */
+ if( aData[hdr+7]>57 ) return 0;
+
+ /* Remove the slot from the free-list. Update the number of
+ ** fragmented bytes within the page. */
+ memcpy(&aData[iAddr], &aData[pc], 2);
+ aData[hdr+7] += (u8)x;
+ }else{
+ /* The slot remains on the free-list. Reduce its size to account
+ ** for the portion used by the new allocation. */
+ put2byte(&aData[pc+2], x);
+ }
+ return &aData[pc + x];
+ }
+ iAddr = pc;
+ pc = get2byte(&aData[pc]);
+ }while( pc );
+
+ return 0;
+}
+
+/*
+** Allocate nByte bytes of space from within the B-Tree page passed
+** as the first argument. Write into *pIdx the index into pPage->aData[]
+** of the first byte of allocated space. Return either SQLITE_OK or
+** an error code (usually SQLITE_CORRUPT).
+**
+** The caller guarantees that there is sufficient space to make the
+** allocation. This routine might need to defragment in order to bring
+** all the space together, however. This routine will avoid using
+** the first two bytes past the cell pointer area since presumably this
+** allocation is being made in order to insert a new cell, so we will
+** also end up needing a new cell pointer.
+*/
+static int allocateSpace(MemPage *pPage, int nByte, int *pIdx){
+ const int hdr = pPage->hdrOffset; /* Local cache of pPage->hdrOffset */
+ u8 * const data = pPage->aData; /* Local cache of pPage->aData */
+ int top; /* First byte of cell content area */
+ int rc = SQLITE_OK; /* Integer return code */
+ int gap; /* First byte of gap between cell pointers and cell content */
+
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ assert( pPage->pBt );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( nByte>=0 ); /* Minimum cell size is 4 */
+ assert( pPage->nFree>=nByte );
+ assert( pPage->nOverflow==0 );
+ assert( nByte < (int)(pPage->pBt->usableSize-8) );
+
+ assert( pPage->cellOffset == hdr + 12 - 4*pPage->leaf );
+ gap = pPage->cellOffset + 2*pPage->nCell;
+ assert( gap<=65536 );
+ /* EVIDENCE-OF: R-29356-02391 If the database uses a 65536-byte page size
+ ** and the reserved space is zero (the usual value for reserved space)
+ ** then the cell content offset of an empty page wants to be 65536.
+ ** However, that integer is too large to be stored in a 2-byte unsigned
+ ** integer, so a value of 0 is used in its place. */
+ top = get2byte(&data[hdr+5]);
+ assert( top<=(int)pPage->pBt->usableSize ); /* Prevent by getAndInitPage() */
+ if( gap>top ){
+ if( top==0 && pPage->pBt->usableSize==65536 ){
+ top = 65536;
+ }else{
+ return SQLITE_CORRUPT_BKPT;
+ }
+ }
+
+ /* If there is enough space between gap and top for one more cell pointer
+ ** array entry offset, and if the freelist is not empty, then search the
+ ** freelist looking for a free slot big enough to satisfy the request.
+ */
+ testcase( gap+2==top );
+ testcase( gap+1==top );
+ testcase( gap==top );
+ if( (data[hdr+2] || data[hdr+1]) && gap+2<=top ){
+ u8 *pSpace = pageFindSlot(pPage, nByte, &rc);
+ if( pSpace ){
+ assert( pSpace>=data && (pSpace - data)<65536 );
+ *pIdx = (int)(pSpace - data);
+ return SQLITE_OK;
+ }else if( rc ){
+ return rc;
+ }
+ }
+
+ /* The request could not be fulfilled using a freelist slot. Check
+ ** to see if defragmentation is necessary.
+ */
+ testcase( gap+2+nByte==top );
+ if( gap+2+nByte>top ){
+ assert( pPage->nCell>0 || CORRUPT_DB );
+ rc = defragmentPage(pPage);
+ if( rc ) return rc;
+ top = get2byteNotZero(&data[hdr+5]);
+ assert( gap+nByte<=top );
+ }
+
+
+ /* Allocate memory from the gap in between the cell pointer array
+ ** and the cell content area. The btreeInitPage() call has already
+ ** validated the freelist. Given that the freelist is valid, there
+ ** is no way that the allocation can extend off the end of the page.
+ ** The assert() below verifies the previous sentence.
+ */
+ top -= nByte;
+ put2byte(&data[hdr+5], top);
+ assert( top+nByte <= (int)pPage->pBt->usableSize );
+ *pIdx = top;
+ return SQLITE_OK;
+}
+
+/*
+** Return a section of the pPage->aData to the freelist.
+** The first byte of the new free block is pPage->aData[iStart]
+** and the size of the block is iSize bytes.
+**
+** Adjacent freeblocks are coalesced.
+**
+** Note that even though the freeblock list was checked by btreeInitPage(),
+** that routine will not detect overlap between cells or freeblocks. Nor
+** does it detect cells or freeblocks that encrouch into the reserved bytes
+** at the end of the page. So do additional corruption checks inside this
+** routine and return SQLITE_CORRUPT if any problems are found.
+*/
+static int freeSpace(MemPage *pPage, u16 iStart, u16 iSize){
+ u16 iPtr; /* Address of ptr to next freeblock */
+ u16 iFreeBlk; /* Address of the next freeblock */
+ u8 hdr; /* Page header size. 0 or 100 */
+ u8 nFrag = 0; /* Reduction in fragmentation */
+ u16 iOrigSize = iSize; /* Original value of iSize */
+ u32 iLast = pPage->pBt->usableSize-4; /* Largest possible freeblock offset */
+ u32 iEnd = iStart + iSize; /* First byte past the iStart buffer */
+ unsigned char *data = pPage->aData; /* Page content */
+
+ assert( pPage->pBt!=0 );
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ assert( CORRUPT_DB || iStart>=pPage->hdrOffset+6+pPage->childPtrSize );
+ assert( CORRUPT_DB || iEnd <= pPage->pBt->usableSize );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( iSize>=4 ); /* Minimum cell size is 4 */
+ assert( iStart<=iLast );
+
+ /* Overwrite deleted information with zeros when the secure_delete
+ ** option is enabled */
+ if( pPage->pBt->btsFlags & BTS_SECURE_DELETE ){
+ memset(&data[iStart], 0, iSize);
+ }
+
+ /* The list of freeblocks must be in ascending order. Find the
+ ** spot on the list where iStart should be inserted.
+ */
+ hdr = pPage->hdrOffset;
+ iPtr = hdr + 1;
+ if( data[iPtr+1]==0 && data[iPtr]==0 ){
+ iFreeBlk = 0; /* Shortcut for the case when the freelist is empty */
+ }else{
+ while( (iFreeBlk = get2byte(&data[iPtr]))>0 && iFreeBlk<iStart ){
+ if( iFreeBlk<iPtr+4 ) return SQLITE_CORRUPT_BKPT;
+ iPtr = iFreeBlk;
+ }
+ if( iFreeBlk>iLast ) return SQLITE_CORRUPT_BKPT;
+ assert( iFreeBlk>iPtr || iFreeBlk==0 );
+
+ /* At this point:
+ ** iFreeBlk: First freeblock after iStart, or zero if none
+ ** iPtr: The address of a pointer to iFreeBlk
+ **
+ ** Check to see if iFreeBlk should be coalesced onto the end of iStart.
+ */
+ if( iFreeBlk && iEnd+3>=iFreeBlk ){
+ nFrag = iFreeBlk - iEnd;
+ if( iEnd>iFreeBlk ) return SQLITE_CORRUPT_BKPT;
+ iEnd = iFreeBlk + get2byte(&data[iFreeBlk+2]);
+ if( iEnd > pPage->pBt->usableSize ) return SQLITE_CORRUPT_BKPT;
+ iSize = iEnd - iStart;
+ iFreeBlk = get2byte(&data[iFreeBlk]);
+ }
+
+ /* If iPtr is another freeblock (that is, if iPtr is not the freelist
+ ** pointer in the page header) then check to see if iStart should be
+ ** coalesced onto the end of iPtr.
+ */
+ if( iPtr>hdr+1 ){
+ int iPtrEnd = iPtr + get2byte(&data[iPtr+2]);
+ if( iPtrEnd+3>=iStart ){
+ if( iPtrEnd>iStart ) return SQLITE_CORRUPT_BKPT;
+ nFrag += iStart - iPtrEnd;
+ iSize = iEnd - iPtr;
+ iStart = iPtr;
+ }
+ }
+ if( nFrag>data[hdr+7] ) return SQLITE_CORRUPT_BKPT;
+ data[hdr+7] -= nFrag;
+ }
+ if( iStart==get2byte(&data[hdr+5]) ){
+ /* The new freeblock is at the beginning of the cell content area,
+ ** so just extend the cell content area rather than create another
+ ** freelist entry */
+ if( iPtr!=hdr+1 ) return SQLITE_CORRUPT_BKPT;
+ put2byte(&data[hdr+1], iFreeBlk);
+ put2byte(&data[hdr+5], iEnd);
+ }else{
+ /* Insert the new freeblock into the freelist */
+ put2byte(&data[iPtr], iStart);
+ put2byte(&data[iStart], iFreeBlk);
+ put2byte(&data[iStart+2], iSize);
+ }
+ pPage->nFree += iOrigSize;
+ return SQLITE_OK;
+}
+
+/*
+** Decode the flags byte (the first byte of the header) for a page
+** and initialize fields of the MemPage structure accordingly.
+**
+** Only the following combinations are supported. Anything different
+** indicates a corrupt database files:
+**
+** PTF_ZERODATA
+** PTF_ZERODATA | PTF_LEAF
+** PTF_LEAFDATA | PTF_INTKEY
+** PTF_LEAFDATA | PTF_INTKEY | PTF_LEAF
+*/
+static int decodeFlags(MemPage *pPage, int flagByte){
+ BtShared *pBt; /* A copy of pPage->pBt */
+
+ assert( pPage->hdrOffset==(pPage->pgno==1 ? 100 : 0) );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ pPage->leaf = (u8)(flagByte>>3); assert( PTF_LEAF == 1<<3 );
+ flagByte &= ~PTF_LEAF;
+ pPage->childPtrSize = 4-4*pPage->leaf;
+ pPage->xCellSize = cellSizePtr;
+ pBt = pPage->pBt;
+ if( flagByte==(PTF_LEAFDATA | PTF_INTKEY) ){
+ /* EVIDENCE-OF: R-03640-13415 A value of 5 means the page is an interior
+ ** table b-tree page. */
+ assert( (PTF_LEAFDATA|PTF_INTKEY)==5 );
+ /* EVIDENCE-OF: R-20501-61796 A value of 13 means the page is a leaf
+ ** table b-tree page. */
+ assert( (PTF_LEAFDATA|PTF_INTKEY|PTF_LEAF)==13 );
+ pPage->intKey = 1;
+ if( pPage->leaf ){
+ pPage->intKeyLeaf = 1;
+ pPage->noPayload = 0;
+ pPage->xParseCell = btreeParseCellPtr;
+ }else{
+ pPage->intKeyLeaf = 0;
+ pPage->noPayload = 1;
+ pPage->xCellSize = cellSizePtrNoPayload;
+ pPage->xParseCell = btreeParseCellPtrNoPayload;
+ }
+ pPage->maxLocal = pBt->maxLeaf;
+ pPage->minLocal = pBt->minLeaf;
+ }else if( flagByte==PTF_ZERODATA ){
+ /* EVIDENCE-OF: R-27225-53936 A value of 2 means the page is an interior
+ ** index b-tree page. */
+ assert( (PTF_ZERODATA)==2 );
+ /* EVIDENCE-OF: R-16571-11615 A value of 10 means the page is a leaf
+ ** index b-tree page. */
+ assert( (PTF_ZERODATA|PTF_LEAF)==10 );
+ pPage->intKey = 0;
+ pPage->intKeyLeaf = 0;
+ pPage->noPayload = 0;
+ pPage->xParseCell = btreeParseCellPtrIndex;
+ pPage->maxLocal = pBt->maxLocal;
+ pPage->minLocal = pBt->minLocal;
+ }else{
+ /* EVIDENCE-OF: R-47608-56469 Any other value for the b-tree page type is
+ ** an error. */
+ return SQLITE_CORRUPT_BKPT;
+ }
+ pPage->max1bytePayload = pBt->max1bytePayload;
+ return SQLITE_OK;
+}
+
+/*
+** Initialize the auxiliary information for a disk block.
+**
+** Return SQLITE_OK on success. If we see that the page does
+** not contain a well-formed database page, then return
+** SQLITE_CORRUPT. Note that a return of SQLITE_OK does not
+** guarantee that the page is well-formed. It only shows that
+** we failed to detect any corruption.
+*/
+static int btreeInitPage(MemPage *pPage){
+
+ assert( pPage->pBt!=0 );
+ assert( pPage->pBt->db!=0 );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( pPage->pgno==sqlite3PagerPagenumber(pPage->pDbPage) );
+ assert( pPage == sqlite3PagerGetExtra(pPage->pDbPage) );
+ assert( pPage->aData == sqlite3PagerGetData(pPage->pDbPage) );
+
+ if( !pPage->isInit ){
+ u16 pc; /* Address of a freeblock within pPage->aData[] */
+ u8 hdr; /* Offset to beginning of page header */
+ u8 *data; /* Equal to pPage->aData */
+ BtShared *pBt; /* The main btree structure */
+ int usableSize; /* Amount of usable space on each page */
+ u16 cellOffset; /* Offset from start of page to first cell pointer */
+ int nFree; /* Number of unused bytes on the page */
+ int top; /* First byte of the cell content area */
+ int iCellFirst; /* First allowable cell or freeblock offset */
+ int iCellLast; /* Last possible cell or freeblock offset */
+
+ pBt = pPage->pBt;
+
+ hdr = pPage->hdrOffset;
+ data = pPage->aData;
+ /* EVIDENCE-OF: R-28594-02890 The one-byte flag at offset 0 indicating
+ ** the b-tree page type. */
+ if( decodeFlags(pPage, data[hdr]) ) return SQLITE_CORRUPT_BKPT;
+ assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
+ pPage->maskPage = (u16)(pBt->pageSize - 1);
+ pPage->nOverflow = 0;
+ usableSize = pBt->usableSize;
+ pPage->cellOffset = cellOffset = hdr + 8 + pPage->childPtrSize;
+ pPage->aDataEnd = &data[usableSize];
+ pPage->aCellIdx = &data[cellOffset];
+ pPage->aDataOfst = &data[pPage->childPtrSize];
+ /* EVIDENCE-OF: R-58015-48175 The two-byte integer at offset 5 designates
+ ** the start of the cell content area. A zero value for this integer is
+ ** interpreted as 65536. */
+ top = get2byteNotZero(&data[hdr+5]);
+ /* EVIDENCE-OF: R-37002-32774 The two-byte integer at offset 3 gives the
+ ** number of cells on the page. */
+ pPage->nCell = get2byte(&data[hdr+3]);
+ if( pPage->nCell>MX_CELL(pBt) ){
+ /* To many cells for a single page. The page must be corrupt */
+ return SQLITE_CORRUPT_BKPT;
+ }
+ testcase( pPage->nCell==MX_CELL(pBt) );
+ /* EVIDENCE-OF: R-24089-57979 If a page contains no cells (which is only
+ ** possible for a root page of a table that contains no rows) then the
+ ** offset to the cell content area will equal the page size minus the
+ ** bytes of reserved space. */
+ assert( pPage->nCell>0 || top==usableSize || CORRUPT_DB );
+
+ /* A malformed database page might cause us to read past the end
+ ** of page when parsing a cell.
+ **
+ ** The following block of code checks early to see if a cell extends
+ ** past the end of a page boundary and causes SQLITE_CORRUPT to be
+ ** returned if it does.
+ */
+ iCellFirst = cellOffset + 2*pPage->nCell;
+ iCellLast = usableSize - 4;
+ if( pBt->db->flags & SQLITE_CellSizeCk ){
+ int i; /* Index into the cell pointer array */
+ int sz; /* Size of a cell */
+
+ if( !pPage->leaf ) iCellLast--;
+ for(i=0; i<pPage->nCell; i++){
+ pc = get2byteAligned(&data[cellOffset+i*2]);
+ testcase( pc==iCellFirst );
+ testcase( pc==iCellLast );
+ if( pc<iCellFirst || pc>iCellLast ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ sz = pPage->xCellSize(pPage, &data[pc]);
+ testcase( pc+sz==usableSize );
+ if( pc+sz>usableSize ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ }
+ if( !pPage->leaf ) iCellLast++;
+ }
+
+ /* Compute the total free space on the page
+ ** EVIDENCE-OF: R-23588-34450 The two-byte integer at offset 1 gives the
+ ** start of the first freeblock on the page, or is zero if there are no
+ ** freeblocks. */
+ pc = get2byte(&data[hdr+1]);
+ nFree = data[hdr+7] + top; /* Init nFree to non-freeblock free space */
+ while( pc>0 ){
+ u16 next, size;
+ if( pc<iCellFirst || pc>iCellLast ){
+ /* EVIDENCE-OF: R-55530-52930 In a well-formed b-tree page, there will
+ ** always be at least one cell before the first freeblock.
+ **
+ ** Or, the freeblock is off the end of the page
+ */
+ return SQLITE_CORRUPT_BKPT;
+ }
+ next = get2byte(&data[pc]);
+ size = get2byte(&data[pc+2]);
+ if( (next>0 && next<=pc+size+3) || pc+size>usableSize ){
+ /* Free blocks must be in ascending order. And the last byte of
+ ** the free-block must lie on the database page. */
+ return SQLITE_CORRUPT_BKPT;
+ }
+ nFree = nFree + size;
+ pc = next;
+ }
+
+ /* At this point, nFree contains the sum of the offset to the start
+ ** of the cell-content area plus the number of free bytes within
+ ** the cell-content area. If this is greater than the usable-size
+ ** of the page, then the page must be corrupted. This check also
+ ** serves to verify that the offset to the start of the cell-content
+ ** area, according to the page header, lies within the page.
+ */
+ if( nFree>usableSize ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ pPage->nFree = (u16)(nFree - iCellFirst);
+ pPage->isInit = 1;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Set up a raw page so that it looks like a database page holding
+** no entries.
+*/
+static void zeroPage(MemPage *pPage, int flags){
+ unsigned char *data = pPage->aData;
+ BtShared *pBt = pPage->pBt;
+ u8 hdr = pPage->hdrOffset;
+ u16 first;
+
+ assert( sqlite3PagerPagenumber(pPage->pDbPage)==pPage->pgno );
+ assert( sqlite3PagerGetExtra(pPage->pDbPage) == (void*)pPage );
+ assert( sqlite3PagerGetData(pPage->pDbPage) == data );
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ if( pBt->btsFlags & BTS_SECURE_DELETE ){
+ memset(&data[hdr], 0, pBt->usableSize - hdr);
+ }
+ data[hdr] = (char)flags;
+ first = hdr + ((flags&PTF_LEAF)==0 ? 12 : 8);
+ memset(&data[hdr+1], 0, 4);
+ data[hdr+7] = 0;
+ put2byte(&data[hdr+5], pBt->usableSize);
+ pPage->nFree = (u16)(pBt->usableSize - first);
+ decodeFlags(pPage, flags);
+ pPage->cellOffset = first;
+ pPage->aDataEnd = &data[pBt->usableSize];
+ pPage->aCellIdx = &data[first];
+ pPage->aDataOfst = &data[pPage->childPtrSize];
+ pPage->nOverflow = 0;
+ assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
+ pPage->maskPage = (u16)(pBt->pageSize - 1);
+ pPage->nCell = 0;
+ pPage->isInit = 1;
+}
+
+
+/*
+** Convert a DbPage obtained from the pager into a MemPage used by
+** the btree layer.
+*/
+static MemPage *btreePageFromDbPage(DbPage *pDbPage, Pgno pgno, BtShared *pBt){
+ MemPage *pPage = (MemPage*)sqlite3PagerGetExtra(pDbPage);
+ if( pgno!=pPage->pgno ){
+ pPage->aData = sqlite3PagerGetData(pDbPage);
+ pPage->pDbPage = pDbPage;
+ pPage->pBt = pBt;
+ pPage->pgno = pgno;
+ pPage->hdrOffset = pgno==1 ? 100 : 0;
+ }
+ assert( pPage->aData==sqlite3PagerGetData(pDbPage) );
+ return pPage;
+}
+
+/*
+** Get a page from the pager. Initialize the MemPage.pBt and
+** MemPage.aData elements if needed. See also: btreeGetUnusedPage().
+**
+** If the PAGER_GET_NOCONTENT flag is set, it means that we do not care
+** about the content of the page at this time. So do not go to the disk
+** to fetch the content. Just fill in the content with zeros for now.
+** If in the future we call sqlite3PagerWrite() on this page, that
+** means we have started to be concerned about content and the disk
+** read should occur at that point.
+*/
+static int btreeGetPage(
+ BtShared *pBt, /* The btree */
+ Pgno pgno, /* Number of the page to fetch */
+ MemPage **ppPage, /* Return the page in this parameter */
+ int flags /* PAGER_GET_NOCONTENT or PAGER_GET_READONLY */
+){
+ int rc;
+ DbPage *pDbPage;
+
+ assert( flags==0 || flags==PAGER_GET_NOCONTENT || flags==PAGER_GET_READONLY );
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ rc = sqlite3PagerGet(pBt->pPager, pgno, (DbPage**)&pDbPage, flags);
+ if( rc ) return rc;
+ *ppPage = btreePageFromDbPage(pDbPage, pgno, pBt);
+ return SQLITE_OK;
+}
+
+/*
+** Retrieve a page from the pager cache. If the requested page is not
+** already in the pager cache return NULL. Initialize the MemPage.pBt and
+** MemPage.aData elements if needed.
+*/
+static MemPage *btreePageLookup(BtShared *pBt, Pgno pgno){
+ DbPage *pDbPage;
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ pDbPage = sqlite3PagerLookup(pBt->pPager, pgno);
+ if( pDbPage ){
+ return btreePageFromDbPage(pDbPage, pgno, pBt);
+ }
+ return 0;
+}
+
+/*
+** Return the size of the database file in pages. If there is any kind of
+** error, return ((unsigned int)-1).
+*/
+static Pgno btreePagecount(BtShared *pBt){
+ return pBt->nPage;
+}
+SQLITE_PRIVATE u32 sqlite3BtreeLastPage(Btree *p){
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( ((p->pBt->nPage)&0x8000000)==0 );
+ return btreePagecount(p->pBt);
+}
+
+/*
+** Get a page from the pager and initialize it.
+**
+** If pCur!=0 then the page is being fetched as part of a moveToChild()
+** call. Do additional sanity checking on the page in this case.
+** And if the fetch fails, this routine must decrement pCur->iPage.
+**
+** The page is fetched as read-write unless pCur is not NULL and is
+** a read-only cursor.
+**
+** If an error occurs, then *ppPage is undefined. It
+** may remain unchanged, or it may be set to an invalid value.
+*/
+static int getAndInitPage(
+ BtShared *pBt, /* The database file */
+ Pgno pgno, /* Number of the page to get */
+ MemPage **ppPage, /* Write the page pointer here */
+ BtCursor *pCur, /* Cursor to receive the page, or NULL */
+ int bReadOnly /* True for a read-only page */
+){
+ int rc;
+ DbPage *pDbPage;
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( pCur==0 || ppPage==&pCur->apPage[pCur->iPage] );
+ assert( pCur==0 || bReadOnly==pCur->curPagerFlags );
+ assert( pCur==0 || pCur->iPage>0 );
+
+ if( pgno>btreePagecount(pBt) ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto getAndInitPage_error;
+ }
+ rc = sqlite3PagerGet(pBt->pPager, pgno, (DbPage**)&pDbPage, bReadOnly);
+ if( rc ){
+ goto getAndInitPage_error;
+ }
+ *ppPage = (MemPage*)sqlite3PagerGetExtra(pDbPage);
+ if( (*ppPage)->isInit==0 ){
+ btreePageFromDbPage(pDbPage, pgno, pBt);
+ rc = btreeInitPage(*ppPage);
+ if( rc!=SQLITE_OK ){
+ releasePage(*ppPage);
+ goto getAndInitPage_error;
+ }
+ }
+ assert( (*ppPage)->pgno==pgno );
+ assert( (*ppPage)->aData==sqlite3PagerGetData(pDbPage) );
+
+ /* If obtaining a child page for a cursor, we must verify that the page is
+ ** compatible with the root page. */
+ if( pCur && ((*ppPage)->nCell<1 || (*ppPage)->intKey!=pCur->curIntKey) ){
+ rc = SQLITE_CORRUPT_BKPT;
+ releasePage(*ppPage);
+ goto getAndInitPage_error;
+ }
+ return SQLITE_OK;
+
+getAndInitPage_error:
+ if( pCur ) pCur->iPage--;
+ testcase( pgno==0 );
+ assert( pgno!=0 || rc==SQLITE_CORRUPT );
+ return rc;
+}
+
+/*
+** Release a MemPage. This should be called once for each prior
+** call to btreeGetPage.
+*/
+static void releasePageNotNull(MemPage *pPage){
+ assert( pPage->aData );
+ assert( pPage->pBt );
+ assert( pPage->pDbPage!=0 );
+ assert( sqlite3PagerGetExtra(pPage->pDbPage) == (void*)pPage );
+ assert( sqlite3PagerGetData(pPage->pDbPage)==pPage->aData );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ sqlite3PagerUnrefNotNull(pPage->pDbPage);
+}
+static void releasePage(MemPage *pPage){
+ if( pPage ) releasePageNotNull(pPage);
+}
+
+/*
+** Get an unused page.
+**
+** This works just like btreeGetPage() with the addition:
+**
+** * If the page is already in use for some other purpose, immediately
+** release it and return an SQLITE_CURRUPT error.
+** * Make sure the isInit flag is clear
+*/
+static int btreeGetUnusedPage(
+ BtShared *pBt, /* The btree */
+ Pgno pgno, /* Number of the page to fetch */
+ MemPage **ppPage, /* Return the page in this parameter */
+ int flags /* PAGER_GET_NOCONTENT or PAGER_GET_READONLY */
+){
+ int rc = btreeGetPage(pBt, pgno, ppPage, flags);
+ if( rc==SQLITE_OK ){
+ if( sqlite3PagerPageRefcount((*ppPage)->pDbPage)>1 ){
+ releasePage(*ppPage);
+ *ppPage = 0;
+ return SQLITE_CORRUPT_BKPT;
+ }
+ (*ppPage)->isInit = 0;
+ }else{
+ *ppPage = 0;
+ }
+ return rc;
+}
+
+
+/*
+** During a rollback, when the pager reloads information into the cache
+** so that the cache is restored to its original state at the start of
+** the transaction, for each page restored this routine is called.
+**
+** This routine needs to reset the extra data section at the end of the
+** page to agree with the restored data.
+*/
+static void pageReinit(DbPage *pData){
+ MemPage *pPage;
+ pPage = (MemPage *)sqlite3PagerGetExtra(pData);
+ assert( sqlite3PagerPageRefcount(pData)>0 );
+ if( pPage->isInit ){
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ pPage->isInit = 0;
+ if( sqlite3PagerPageRefcount(pData)>1 ){
+ /* pPage might not be a btree page; it might be an overflow page
+ ** or ptrmap page or a free page. In those cases, the following
+ ** call to btreeInitPage() will likely return SQLITE_CORRUPT.
+ ** But no harm is done by this. And it is very important that
+ ** btreeInitPage() be called on every btree page so we make
+ ** the call for every page that comes in for re-initing. */
+ btreeInitPage(pPage);
+ }
+ }
+}
+
+/*
+** Invoke the busy handler for a btree.
+*/
+static int btreeInvokeBusyHandler(void *pArg){
+ BtShared *pBt = (BtShared*)pArg;
+ assert( pBt->db );
+ assert( sqlite3_mutex_held(pBt->db->mutex) );
+ return sqlite3InvokeBusyHandler(&pBt->db->busyHandler);
+}
+
+/*
+** Open a database file.
+**
+** zFilename is the name of the database file. If zFilename is NULL
+** then an ephemeral database is created. The ephemeral database might
+** be exclusively in memory, or it might use a disk-based memory cache.
+** Either way, the ephemeral database will be automatically deleted
+** when sqlite3BtreeClose() is called.
+**
+** If zFilename is ":memory:" then an in-memory database is created
+** that is automatically destroyed when it is closed.
+**
+** The "flags" parameter is a bitmask that might contain bits like
+** BTREE_OMIT_JOURNAL and/or BTREE_MEMORY.
+**
+** If the database is already opened in the same database connection
+** and we are in shared cache mode, then the open will fail with an
+** SQLITE_CONSTRAINT error. We cannot allow two or more BtShared
+** objects in the same database connection since doing so will lead
+** to problems with locking.
+*/
+SQLITE_PRIVATE int sqlite3BtreeOpen(
+ sqlite3_vfs *pVfs, /* VFS to use for this b-tree */
+ const char *zFilename, /* Name of the file containing the BTree database */
+ sqlite3 *db, /* Associated database handle */
+ Btree **ppBtree, /* Pointer to new Btree object written here */
+ int flags, /* Options */
+ int vfsFlags /* Flags passed through to sqlite3_vfs.xOpen() */
+){
+ BtShared *pBt = 0; /* Shared part of btree structure */
+ Btree *p; /* Handle to return */
+ sqlite3_mutex *mutexOpen = 0; /* Prevents a race condition. Ticket #3537 */
+ int rc = SQLITE_OK; /* Result code from this function */
+ u8 nReserve; /* Byte of unused space on each page */
+ unsigned char zDbHeader[100]; /* Database header content */
+
+ /* True if opening an ephemeral, temporary database */
+ const int isTempDb = zFilename==0 || zFilename[0]==0;
+
+ /* Set the variable isMemdb to true for an in-memory database, or
+ ** false for a file-based database.
+ */
+#ifdef SQLITE_OMIT_MEMORYDB
+ const int isMemdb = 0;
+#else
+ const int isMemdb = (zFilename && strcmp(zFilename, ":memory:")==0)
+ || (isTempDb && sqlite3TempInMemory(db))
+ || (vfsFlags & SQLITE_OPEN_MEMORY)!=0;
+#endif
+
+ assert( db!=0 );
+ assert( pVfs!=0 );
+ assert( sqlite3_mutex_held(db->mutex) );
+ assert( (flags&0xff)==flags ); /* flags fit in 8 bits */
+
+ /* Only a BTREE_SINGLE database can be BTREE_UNORDERED */
+ assert( (flags & BTREE_UNORDERED)==0 || (flags & BTREE_SINGLE)!=0 );
+
+ /* A BTREE_SINGLE database is always a temporary and/or ephemeral */
+ assert( (flags & BTREE_SINGLE)==0 || isTempDb );
+
+ if( isMemdb ){
+ flags |= BTREE_MEMORY;
+ }
+ if( (vfsFlags & SQLITE_OPEN_MAIN_DB)!=0 && (isMemdb || isTempDb) ){
+ vfsFlags = (vfsFlags & ~SQLITE_OPEN_MAIN_DB) | SQLITE_OPEN_TEMP_DB;
+ }
+ p = sqlite3MallocZero(sizeof(Btree));
+ if( !p ){
+ return SQLITE_NOMEM;
+ }
+ p->inTrans = TRANS_NONE;
+ p->db = db;
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ p->lock.pBtree = p;
+ p->lock.iTable = 1;
+#endif
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && !defined(SQLITE_OMIT_DISKIO)
+ /*
+ ** If this Btree is a candidate for shared cache, try to find an
+ ** existing BtShared object that we can share with
+ */
+ if( isTempDb==0 && (isMemdb==0 || (vfsFlags&SQLITE_OPEN_URI)!=0) ){
+ if( vfsFlags & SQLITE_OPEN_SHAREDCACHE ){
+ int nFilename = sqlite3Strlen30(zFilename)+1;
+ int nFullPathname = pVfs->mxPathname+1;
+ char *zFullPathname = sqlite3Malloc(MAX(nFullPathname,nFilename));
+ MUTEX_LOGIC( sqlite3_mutex *mutexShared; )
+
+ p->sharable = 1;
+ if( !zFullPathname ){
+ sqlite3_free(p);
+ return SQLITE_NOMEM;
+ }
+ if( isMemdb ){
+ memcpy(zFullPathname, zFilename, nFilename);
+ }else{
+ rc = sqlite3OsFullPathname(pVfs, zFilename,
+ nFullPathname, zFullPathname);
+ if( rc ){
+ sqlite3_free(zFullPathname);
+ sqlite3_free(p);
+ return rc;
+ }
+ }
+#if SQLITE_THREADSAFE
+ mutexOpen = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_OPEN);
+ sqlite3_mutex_enter(mutexOpen);
+ mutexShared = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+ sqlite3_mutex_enter(mutexShared);
+#endif
+ for(pBt=GLOBAL(BtShared*,sqlite3SharedCacheList); pBt; pBt=pBt->pNext){
+ assert( pBt->nRef>0 );
+ if( 0==strcmp(zFullPathname, sqlite3PagerFilename(pBt->pPager, 0))
+ && sqlite3PagerVfs(pBt->pPager)==pVfs ){
+ int iDb;
+ for(iDb=db->nDb-1; iDb>=0; iDb--){
+ Btree *pExisting = db->aDb[iDb].pBt;
+ if( pExisting && pExisting->pBt==pBt ){
+ sqlite3_mutex_leave(mutexShared);
+ sqlite3_mutex_leave(mutexOpen);
+ sqlite3_free(zFullPathname);
+ sqlite3_free(p);
+ return SQLITE_CONSTRAINT;
+ }
+ }
+ p->pBt = pBt;
+ pBt->nRef++;
+ break;
+ }
+ }
+ sqlite3_mutex_leave(mutexShared);
+ sqlite3_free(zFullPathname);
+ }
+#ifdef SQLITE_DEBUG
+ else{
+ /* In debug mode, we mark all persistent databases as sharable
+ ** even when they are not. This exercises the locking code and
+ ** gives more opportunity for asserts(sqlite3_mutex_held())
+ ** statements to find locking problems.
+ */
+ p->sharable = 1;
+ }
+#endif
+ }
+#endif
+ if( pBt==0 ){
+ /*
+ ** The following asserts make sure that structures used by the btree are
+ ** the right size. This is to guard against size changes that result
+ ** when compiling on a different architecture.
+ */
+ assert( sizeof(i64)==8 );
+ assert( sizeof(u64)==8 );
+ assert( sizeof(u32)==4 );
+ assert( sizeof(u16)==2 );
+ assert( sizeof(Pgno)==4 );
+
+ pBt = sqlite3MallocZero( sizeof(*pBt) );
+ if( pBt==0 ){
+ rc = SQLITE_NOMEM;
+ goto btree_open_out;
+ }
+ rc = sqlite3PagerOpen(pVfs, &pBt->pPager, zFilename,
+ EXTRA_SIZE, flags, vfsFlags, pageReinit);
+ if( rc==SQLITE_OK ){
+ sqlite3PagerSetMmapLimit(pBt->pPager, db->szMmap);
+ rc = sqlite3PagerReadFileheader(pBt->pPager,sizeof(zDbHeader),zDbHeader);
+ }
+ if( rc!=SQLITE_OK ){
+ goto btree_open_out;
+ }
+ pBt->openFlags = (u8)flags;
+ pBt->db = db;
+ sqlite3PagerSetBusyhandler(pBt->pPager, btreeInvokeBusyHandler, pBt);
+ p->pBt = pBt;
+
+ pBt->pCursor = 0;
+ pBt->pPage1 = 0;
+ if( sqlite3PagerIsreadonly(pBt->pPager) ) pBt->btsFlags |= BTS_READ_ONLY;
+#ifdef SQLITE_SECURE_DELETE
+ pBt->btsFlags |= BTS_SECURE_DELETE;
+#endif
+ /* EVIDENCE-OF: R-51873-39618 The page size for a database file is
+ ** determined by the 2-byte integer located at an offset of 16 bytes from
+ ** the beginning of the database file. */
+ pBt->pageSize = (zDbHeader[16]<<8) | (zDbHeader[17]<<16);
+ if( pBt->pageSize<512 || pBt->pageSize>SQLITE_MAX_PAGE_SIZE
+ || ((pBt->pageSize-1)&pBt->pageSize)!=0 ){
+ pBt->pageSize = 0;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ /* If the magic name ":memory:" will create an in-memory database, then
+ ** leave the autoVacuum mode at 0 (do not auto-vacuum), even if
+ ** SQLITE_DEFAULT_AUTOVACUUM is true. On the other hand, if
+ ** SQLITE_OMIT_MEMORYDB has been defined, then ":memory:" is just a
+ ** regular file-name. In this case the auto-vacuum applies as per normal.
+ */
+ if( zFilename && !isMemdb ){
+ pBt->autoVacuum = (SQLITE_DEFAULT_AUTOVACUUM ? 1 : 0);
+ pBt->incrVacuum = (SQLITE_DEFAULT_AUTOVACUUM==2 ? 1 : 0);
+ }
+#endif
+ nReserve = 0;
+ }else{
+ /* EVIDENCE-OF: R-37497-42412 The size of the reserved region is
+ ** determined by the one-byte unsigned integer found at an offset of 20
+ ** into the database file header. */
+ nReserve = zDbHeader[20];
+ pBt->btsFlags |= BTS_PAGESIZE_FIXED;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ pBt->autoVacuum = (get4byte(&zDbHeader[36 + 4*4])?1:0);
+ pBt->incrVacuum = (get4byte(&zDbHeader[36 + 7*4])?1:0);
+#endif
+ }
+ rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize, nReserve);
+ if( rc ) goto btree_open_out;
+ pBt->usableSize = pBt->pageSize - nReserve;
+ assert( (pBt->pageSize & 7)==0 ); /* 8-byte alignment of pageSize */
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && !defined(SQLITE_OMIT_DISKIO)
+ /* Add the new BtShared object to the linked list sharable BtShareds.
+ */
+ if( p->sharable ){
+ MUTEX_LOGIC( sqlite3_mutex *mutexShared; )
+ pBt->nRef = 1;
+ MUTEX_LOGIC( mutexShared = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);)
+ if( SQLITE_THREADSAFE && sqlite3GlobalConfig.bCoreMutex ){
+ pBt->mutex = sqlite3MutexAlloc(SQLITE_MUTEX_FAST);
+ if( pBt->mutex==0 ){
+ rc = SQLITE_NOMEM;
+ db->mallocFailed = 0;
+ goto btree_open_out;
+ }
+ }
+ sqlite3_mutex_enter(mutexShared);
+ pBt->pNext = GLOBAL(BtShared*,sqlite3SharedCacheList);
+ GLOBAL(BtShared*,sqlite3SharedCacheList) = pBt;
+ sqlite3_mutex_leave(mutexShared);
+ }
+#endif
+ }
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && !defined(SQLITE_OMIT_DISKIO)
+ /* If the new Btree uses a sharable pBtShared, then link the new
+ ** Btree into the list of all sharable Btrees for the same connection.
+ ** The list is kept in ascending order by pBt address.
+ */
+ if( p->sharable ){
+ int i;
+ Btree *pSib;
+ for(i=0; i<db->nDb; i++){
+ if( (pSib = db->aDb[i].pBt)!=0 && pSib->sharable ){
+ while( pSib->pPrev ){ pSib = pSib->pPrev; }
+ if( p->pBt<pSib->pBt ){
+ p->pNext = pSib;
+ p->pPrev = 0;
+ pSib->pPrev = p;
+ }else{
+ while( pSib->pNext && pSib->pNext->pBt<p->pBt ){
+ pSib = pSib->pNext;
+ }
+ p->pNext = pSib->pNext;
+ p->pPrev = pSib;
+ if( p->pNext ){
+ p->pNext->pPrev = p;
+ }
+ pSib->pNext = p;
+ }
+ break;
+ }
+ }
+ }
+#endif
+ *ppBtree = p;
+
+btree_open_out:
+ if( rc!=SQLITE_OK ){
+ if( pBt && pBt->pPager ){
+ sqlite3PagerClose(pBt->pPager);
+ }
+ sqlite3_free(pBt);
+ sqlite3_free(p);
+ *ppBtree = 0;
+ }else{
+ /* If the B-Tree was successfully opened, set the pager-cache size to the
+ ** default value. Except, when opening on an existing shared pager-cache,
+ ** do not change the pager-cache size.
+ */
+ if( sqlite3BtreeSchema(p, 0, 0)==0 ){
+ sqlite3PagerSetCachesize(p->pBt->pPager, SQLITE_DEFAULT_CACHE_SIZE);
+ }
+ }
+ if( mutexOpen ){
+ assert( sqlite3_mutex_held(mutexOpen) );
+ sqlite3_mutex_leave(mutexOpen);
+ }
+ return rc;
+}
+
+/*
+** Decrement the BtShared.nRef counter. When it reaches zero,
+** remove the BtShared structure from the sharing list. Return
+** true if the BtShared.nRef counter reaches zero and return
+** false if it is still positive.
+*/
+static int removeFromSharingList(BtShared *pBt){
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ MUTEX_LOGIC( sqlite3_mutex *pMaster; )
+ BtShared *pList;
+ int removed = 0;
+
+ assert( sqlite3_mutex_notheld(pBt->mutex) );
+ MUTEX_LOGIC( pMaster = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER); )
+ sqlite3_mutex_enter(pMaster);
+ pBt->nRef--;
+ if( pBt->nRef<=0 ){
+ if( GLOBAL(BtShared*,sqlite3SharedCacheList)==pBt ){
+ GLOBAL(BtShared*,sqlite3SharedCacheList) = pBt->pNext;
+ }else{
+ pList = GLOBAL(BtShared*,sqlite3SharedCacheList);
+ while( ALWAYS(pList) && pList->pNext!=pBt ){
+ pList=pList->pNext;
+ }
+ if( ALWAYS(pList) ){
+ pList->pNext = pBt->pNext;
+ }
+ }
+ if( SQLITE_THREADSAFE ){
+ sqlite3_mutex_free(pBt->mutex);
+ }
+ removed = 1;
+ }
+ sqlite3_mutex_leave(pMaster);
+ return removed;
+#else
+ return 1;
+#endif
+}
+
+/*
+** Make sure pBt->pTmpSpace points to an allocation of
+** MX_CELL_SIZE(pBt) bytes with a 4-byte prefix for a left-child
+** pointer.
+*/
+static void allocateTempSpace(BtShared *pBt){
+ if( !pBt->pTmpSpace ){
+ pBt->pTmpSpace = sqlite3PageMalloc( pBt->pageSize );
+
+ /* One of the uses of pBt->pTmpSpace is to format cells before
+ ** inserting them into a leaf page (function fillInCell()). If
+ ** a cell is less than 4 bytes in size, it is rounded up to 4 bytes
+ ** by the various routines that manipulate binary cells. Which
+ ** can mean that fillInCell() only initializes the first 2 or 3
+ ** bytes of pTmpSpace, but that the first 4 bytes are copied from
+ ** it into a database page. This is not actually a problem, but it
+ ** does cause a valgrind error when the 1 or 2 bytes of unitialized
+ ** data is passed to system call write(). So to avoid this error,
+ ** zero the first 4 bytes of temp space here.
+ **
+ ** Also: Provide four bytes of initialized space before the
+ ** beginning of pTmpSpace as an area available to prepend the
+ ** left-child pointer to the beginning of a cell.
+ */
+ if( pBt->pTmpSpace ){
+ memset(pBt->pTmpSpace, 0, 8);
+ pBt->pTmpSpace += 4;
+ }
+ }
+}
+
+/*
+** Free the pBt->pTmpSpace allocation
+*/
+static void freeTempSpace(BtShared *pBt){
+ if( pBt->pTmpSpace ){
+ pBt->pTmpSpace -= 4;
+ sqlite3PageFree(pBt->pTmpSpace);
+ pBt->pTmpSpace = 0;
+ }
+}
+
+/*
+** Close an open database and invalidate all cursors.
+*/
+SQLITE_PRIVATE int sqlite3BtreeClose(Btree *p){
+ BtShared *pBt = p->pBt;
+ BtCursor *pCur;
+
+ /* Close all cursors opened via this handle. */
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ pCur = pBt->pCursor;
+ while( pCur ){
+ BtCursor *pTmp = pCur;
+ pCur = pCur->pNext;
+ if( pTmp->pBtree==p ){
+ sqlite3BtreeCloseCursor(pTmp);
+ }
+ }
+
+ /* Rollback any active transaction and free the handle structure.
+ ** The call to sqlite3BtreeRollback() drops any table-locks held by
+ ** this handle.
+ */
+ sqlite3BtreeRollback(p, SQLITE_OK, 0);
+ sqlite3BtreeLeave(p);
+
+ /* If there are still other outstanding references to the shared-btree
+ ** structure, return now. The remainder of this procedure cleans
+ ** up the shared-btree.
+ */
+ assert( p->wantToLock==0 && p->locked==0 );
+ if( !p->sharable || removeFromSharingList(pBt) ){
+ /* The pBt is no longer on the sharing list, so we can access
+ ** it without having to hold the mutex.
+ **
+ ** Clean out and delete the BtShared object.
+ */
+ assert( !pBt->pCursor );
+ sqlite3PagerClose(pBt->pPager);
+ if( pBt->xFreeSchema && pBt->pSchema ){
+ pBt->xFreeSchema(pBt->pSchema);
+ }
+ sqlite3DbFree(0, pBt->pSchema);
+ freeTempSpace(pBt);
+ sqlite3_free(pBt);
+ }
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ assert( p->wantToLock==0 );
+ assert( p->locked==0 );
+ if( p->pPrev ) p->pPrev->pNext = p->pNext;
+ if( p->pNext ) p->pNext->pPrev = p->pPrev;
+#endif
+
+ sqlite3_free(p);
+ return SQLITE_OK;
+}
+
+/*
+** Change the "soft" limit on the number of pages in the cache.
+** Unused and unmodified pages will be recycled when the number of
+** pages in the cache exceeds this soft limit. But the size of the
+** cache is allowed to grow larger than this limit if it contains
+** dirty pages or pages still in active use.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSetCacheSize(Btree *p, int mxPage){
+ BtShared *pBt = p->pBt;
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ sqlite3PagerSetCachesize(pBt->pPager, mxPage);
+ sqlite3BtreeLeave(p);
+ return SQLITE_OK;
+}
+
+/*
+** Change the "spill" limit on the number of pages in the cache.
+** If the number of pages exceeds this limit during a write transaction,
+** the pager might attempt to "spill" pages to the journal early in
+** order to free up memory.
+**
+** The value returned is the current spill size. If zero is passed
+** as an argument, no changes are made to the spill size setting, so
+** using mxPage of 0 is a way to query the current spill size.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSetSpillSize(Btree *p, int mxPage){
+ BtShared *pBt = p->pBt;
+ int res;
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ res = sqlite3PagerSetSpillsize(pBt->pPager, mxPage);
+ sqlite3BtreeLeave(p);
+ return res;
+}
+
+#if SQLITE_MAX_MMAP_SIZE>0
+/*
+** Change the limit on the amount of the database file that may be
+** memory mapped.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSetMmapLimit(Btree *p, sqlite3_int64 szMmap){
+ BtShared *pBt = p->pBt;
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ sqlite3PagerSetMmapLimit(pBt->pPager, szMmap);
+ sqlite3BtreeLeave(p);
+ return SQLITE_OK;
+}
+#endif /* SQLITE_MAX_MMAP_SIZE>0 */
+
+/*
+** Change the way data is synced to disk in order to increase or decrease
+** how well the database resists damage due to OS crashes and power
+** failures. Level 1 is the same as asynchronous (no syncs() occur and
+** there is a high probability of damage) Level 2 is the default. There
+** is a very low but non-zero probability of damage. Level 3 reduces the
+** probability of damage to near zero but with a write performance reduction.
+*/
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+SQLITE_PRIVATE int sqlite3BtreeSetPagerFlags(
+ Btree *p, /* The btree to set the safety level on */
+ unsigned pgFlags /* Various PAGER_* flags */
+){
+ BtShared *pBt = p->pBt;
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ sqlite3PagerSetFlags(pBt->pPager, pgFlags);
+ sqlite3BtreeLeave(p);
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** Return TRUE if the given btree is set to safety level 1. In other
+** words, return TRUE if no sync() occurs on the disk files.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSyncDisabled(Btree *p){
+ BtShared *pBt = p->pBt;
+ int rc;
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ assert( pBt && pBt->pPager );
+ rc = sqlite3PagerNosync(pBt->pPager);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** Change the default pages size and the number of reserved bytes per page.
+** Or, if the page size has already been fixed, return SQLITE_READONLY
+** without changing anything.
+**
+** The page size must be a power of 2 between 512 and 65536. If the page
+** size supplied does not meet this constraint then the page size is not
+** changed.
+**
+** Page sizes are constrained to be a power of two so that the region
+** of the database file used for locking (beginning at PENDING_BYTE,
+** the first byte past the 1GB boundary, 0x40000000) needs to occur
+** at the beginning of a page.
+**
+** If parameter nReserve is less than zero, then the number of reserved
+** bytes per page is left unchanged.
+**
+** If the iFix!=0 then the BTS_PAGESIZE_FIXED flag is set so that the page size
+** and autovacuum mode can no longer be changed.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSetPageSize(Btree *p, int pageSize, int nReserve, int iFix){
+ int rc = SQLITE_OK;
+ BtShared *pBt = p->pBt;
+ assert( nReserve>=-1 && nReserve<=255 );
+ sqlite3BtreeEnter(p);
+#if SQLITE_HAS_CODEC
+ if( nReserve>pBt->optimalReserve ) pBt->optimalReserve = (u8)nReserve;
+#endif
+ if( pBt->btsFlags & BTS_PAGESIZE_FIXED ){
+ sqlite3BtreeLeave(p);
+ return SQLITE_READONLY;
+ }
+ if( nReserve<0 ){
+ nReserve = pBt->pageSize - pBt->usableSize;
+ }
+ assert( nReserve>=0 && nReserve<=255 );
+ if( pageSize>=512 && pageSize<=SQLITE_MAX_PAGE_SIZE &&
+ ((pageSize-1)&pageSize)==0 ){
+ assert( (pageSize & 7)==0 );
+ assert( !pBt->pCursor );
+ pBt->pageSize = (u32)pageSize;
+ freeTempSpace(pBt);
+ }
+ rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize, nReserve);
+ pBt->usableSize = pBt->pageSize - (u16)nReserve;
+ if( iFix ) pBt->btsFlags |= BTS_PAGESIZE_FIXED;
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** Return the currently defined page size
+*/
+SQLITE_PRIVATE int sqlite3BtreeGetPageSize(Btree *p){
+ return p->pBt->pageSize;
+}
+
+/*
+** This function is similar to sqlite3BtreeGetReserve(), except that it
+** may only be called if it is guaranteed that the b-tree mutex is already
+** held.
+**
+** This is useful in one special case in the backup API code where it is
+** known that the shared b-tree mutex is held, but the mutex on the
+** database handle that owns *p is not. In this case if sqlite3BtreeEnter()
+** were to be called, it might collide with some other operation on the
+** database handle that owns *p, causing undefined behavior.
+*/
+SQLITE_PRIVATE int sqlite3BtreeGetReserveNoMutex(Btree *p){
+ int n;
+ assert( sqlite3_mutex_held(p->pBt->mutex) );
+ n = p->pBt->pageSize - p->pBt->usableSize;
+ return n;
+}
+
+/*
+** Return the number of bytes of space at the end of every page that
+** are intentually left unused. This is the "reserved" space that is
+** sometimes used by extensions.
+**
+** If SQLITE_HAS_MUTEX is defined then the number returned is the
+** greater of the current reserved space and the maximum requested
+** reserve space.
+*/
+SQLITE_PRIVATE int sqlite3BtreeGetOptimalReserve(Btree *p){
+ int n;
+ sqlite3BtreeEnter(p);
+ n = sqlite3BtreeGetReserveNoMutex(p);
+#ifdef SQLITE_HAS_CODEC
+ if( n<p->pBt->optimalReserve ) n = p->pBt->optimalReserve;
+#endif
+ sqlite3BtreeLeave(p);
+ return n;
+}
+
+
+/*
+** Set the maximum page count for a database if mxPage is positive.
+** No changes are made if mxPage is 0 or negative.
+** Regardless of the value of mxPage, return the maximum page count.
+*/
+SQLITE_PRIVATE int sqlite3BtreeMaxPageCount(Btree *p, int mxPage){
+ int n;
+ sqlite3BtreeEnter(p);
+ n = sqlite3PagerMaxPageCount(p->pBt->pPager, mxPage);
+ sqlite3BtreeLeave(p);
+ return n;
+}
+
+/*
+** Set the BTS_SECURE_DELETE flag if newFlag is 0 or 1. If newFlag is -1,
+** then make no changes. Always return the value of the BTS_SECURE_DELETE
+** setting after the change.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSecureDelete(Btree *p, int newFlag){
+ int b;
+ if( p==0 ) return 0;
+ sqlite3BtreeEnter(p);
+ if( newFlag>=0 ){
+ p->pBt->btsFlags &= ~BTS_SECURE_DELETE;
+ if( newFlag ) p->pBt->btsFlags |= BTS_SECURE_DELETE;
+ }
+ b = (p->pBt->btsFlags & BTS_SECURE_DELETE)!=0;
+ sqlite3BtreeLeave(p);
+ return b;
+}
+
+/*
+** Change the 'auto-vacuum' property of the database. If the 'autoVacuum'
+** parameter is non-zero, then auto-vacuum mode is enabled. If zero, it
+** is disabled. The default value for the auto-vacuum property is
+** determined by the SQLITE_DEFAULT_AUTOVACUUM macro.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSetAutoVacuum(Btree *p, int autoVacuum){
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ return SQLITE_READONLY;
+#else
+ BtShared *pBt = p->pBt;
+ int rc = SQLITE_OK;
+ u8 av = (u8)autoVacuum;
+
+ sqlite3BtreeEnter(p);
+ if( (pBt->btsFlags & BTS_PAGESIZE_FIXED)!=0 && (av ?1:0)!=pBt->autoVacuum ){
+ rc = SQLITE_READONLY;
+ }else{
+ pBt->autoVacuum = av ?1:0;
+ pBt->incrVacuum = av==2 ?1:0;
+ }
+ sqlite3BtreeLeave(p);
+ return rc;
+#endif
+}
+
+/*
+** Return the value of the 'auto-vacuum' property. If auto-vacuum is
+** enabled 1 is returned. Otherwise 0.
+*/
+SQLITE_PRIVATE int sqlite3BtreeGetAutoVacuum(Btree *p){
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ return BTREE_AUTOVACUUM_NONE;
+#else
+ int rc;
+ sqlite3BtreeEnter(p);
+ rc = (
+ (!p->pBt->autoVacuum)?BTREE_AUTOVACUUM_NONE:
+ (!p->pBt->incrVacuum)?BTREE_AUTOVACUUM_FULL:
+ BTREE_AUTOVACUUM_INCR
+ );
+ sqlite3BtreeLeave(p);
+ return rc;
+#endif
+}
+
+
+/*
+** Get a reference to pPage1 of the database file. This will
+** also acquire a readlock on that file.
+**
+** SQLITE_OK is returned on success. If the file is not a
+** well-formed database file, then SQLITE_CORRUPT is returned.
+** SQLITE_BUSY is returned if the database is locked. SQLITE_NOMEM
+** is returned if we run out of memory.
+*/
+static int lockBtree(BtShared *pBt){
+ int rc; /* Result code from subfunctions */
+ MemPage *pPage1; /* Page 1 of the database file */
+ int nPage; /* Number of pages in the database */
+ int nPageFile = 0; /* Number of pages in the database file */
+ int nPageHeader; /* Number of pages in the database according to hdr */
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( pBt->pPage1==0 );
+ rc = sqlite3PagerSharedLock(pBt->pPager);
+ if( rc!=SQLITE_OK ) return rc;
+ rc = btreeGetPage(pBt, 1, &pPage1, 0);
+ if( rc!=SQLITE_OK ) return rc;
+
+ /* Do some checking to help insure the file we opened really is
+ ** a valid database file.
+ */
+ nPage = nPageHeader = get4byte(28+(u8*)pPage1->aData);
+ sqlite3PagerPagecount(pBt->pPager, &nPageFile);
+ if( nPage==0 || memcmp(24+(u8*)pPage1->aData, 92+(u8*)pPage1->aData,4)!=0 ){
+ nPage = nPageFile;
+ }
+ if( nPage>0 ){
+ u32 pageSize;
+ u32 usableSize;
+ u8 *page1 = pPage1->aData;
+ rc = SQLITE_NOTADB;
+ /* EVIDENCE-OF: R-43737-39999 Every valid SQLite database file begins
+ ** with the following 16 bytes (in hex): 53 51 4c 69 74 65 20 66 6f 72 6d
+ ** 61 74 20 33 00. */
+ if( memcmp(page1, zMagicHeader, 16)!=0 ){
+ goto page1_init_failed;
+ }
+
+#ifdef SQLITE_OMIT_WAL
+ if( page1[18]>1 ){
+ pBt->btsFlags |= BTS_READ_ONLY;
+ }
+ if( page1[19]>1 ){
+ goto page1_init_failed;
+ }
+#else
+ if( page1[18]>2 ){
+ pBt->btsFlags |= BTS_READ_ONLY;
+ }
+ if( page1[19]>2 ){
+ goto page1_init_failed;
+ }
+
+ /* If the write version is set to 2, this database should be accessed
+ ** in WAL mode. If the log is not already open, open it now. Then
+ ** return SQLITE_OK and return without populating BtShared.pPage1.
+ ** The caller detects this and calls this function again. This is
+ ** required as the version of page 1 currently in the page1 buffer
+ ** may not be the latest version - there may be a newer one in the log
+ ** file.
+ */
+ if( page1[19]==2 && (pBt->btsFlags & BTS_NO_WAL)==0 ){
+ int isOpen = 0;
+ rc = sqlite3PagerOpenWal(pBt->pPager, &isOpen);
+ if( rc!=SQLITE_OK ){
+ goto page1_init_failed;
+ }else if( isOpen==0 ){
+ releasePage(pPage1);
+ return SQLITE_OK;
+ }
+ rc = SQLITE_NOTADB;
+ }
+#endif
+
+ /* EVIDENCE-OF: R-15465-20813 The maximum and minimum embedded payload
+ ** fractions and the leaf payload fraction values must be 64, 32, and 32.
+ **
+ ** The original design allowed these amounts to vary, but as of
+ ** version 3.6.0, we require them to be fixed.
+ */
+ if( memcmp(&page1[21], "\100\040\040",3)!=0 ){
+ goto page1_init_failed;
+ }
+ /* EVIDENCE-OF: R-51873-39618 The page size for a database file is
+ ** determined by the 2-byte integer located at an offset of 16 bytes from
+ ** the beginning of the database file. */
+ pageSize = (page1[16]<<8) | (page1[17]<<16);
+ /* EVIDENCE-OF: R-25008-21688 The size of a page is a power of two
+ ** between 512 and 65536 inclusive. */
+ if( ((pageSize-1)&pageSize)!=0
+ || pageSize>SQLITE_MAX_PAGE_SIZE
+ || pageSize<=256
+ ){
+ goto page1_init_failed;
+ }
+ assert( (pageSize & 7)==0 );
+ /* EVIDENCE-OF: R-59310-51205 The "reserved space" size in the 1-byte
+ ** integer at offset 20 is the number of bytes of space at the end of
+ ** each page to reserve for extensions.
+ **
+ ** EVIDENCE-OF: R-37497-42412 The size of the reserved region is
+ ** determined by the one-byte unsigned integer found at an offset of 20
+ ** into the database file header. */
+ usableSize = pageSize - page1[20];
+ if( (u32)pageSize!=pBt->pageSize ){
+ /* After reading the first page of the database assuming a page size
+ ** of BtShared.pageSize, we have discovered that the page-size is
+ ** actually pageSize. Unlock the database, leave pBt->pPage1 at
+ ** zero and return SQLITE_OK. The caller will call this function
+ ** again with the correct page-size.
+ */
+ releasePage(pPage1);
+ pBt->usableSize = usableSize;
+ pBt->pageSize = pageSize;
+ freeTempSpace(pBt);
+ rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize,
+ pageSize-usableSize);
+ return rc;
+ }
+ if( (pBt->db->flags & SQLITE_RecoveryMode)==0 && nPage>nPageFile ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto page1_init_failed;
+ }
+ /* EVIDENCE-OF: R-28312-64704 However, the usable size is not allowed to
+ ** be less than 480. In other words, if the page size is 512, then the
+ ** reserved space size cannot exceed 32. */
+ if( usableSize<480 ){
+ goto page1_init_failed;
+ }
+ pBt->pageSize = pageSize;
+ pBt->usableSize = usableSize;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ pBt->autoVacuum = (get4byte(&page1[36 + 4*4])?1:0);
+ pBt->incrVacuum = (get4byte(&page1[36 + 7*4])?1:0);
+#endif
+ }
+
+ /* maxLocal is the maximum amount of payload to store locally for
+ ** a cell. Make sure it is small enough so that at least minFanout
+ ** cells can will fit on one page. We assume a 10-byte page header.
+ ** Besides the payload, the cell must store:
+ ** 2-byte pointer to the cell
+ ** 4-byte child pointer
+ ** 9-byte nKey value
+ ** 4-byte nData value
+ ** 4-byte overflow page pointer
+ ** So a cell consists of a 2-byte pointer, a header which is as much as
+ ** 17 bytes long, 0 to N bytes of payload, and an optional 4 byte overflow
+ ** page pointer.
+ */
+ pBt->maxLocal = (u16)((pBt->usableSize-12)*64/255 - 23);
+ pBt->minLocal = (u16)((pBt->usableSize-12)*32/255 - 23);
+ pBt->maxLeaf = (u16)(pBt->usableSize - 35);
+ pBt->minLeaf = (u16)((pBt->usableSize-12)*32/255 - 23);
+ if( pBt->maxLocal>127 ){
+ pBt->max1bytePayload = 127;
+ }else{
+ pBt->max1bytePayload = (u8)pBt->maxLocal;
+ }
+ assert( pBt->maxLeaf + 23 <= MX_CELL_SIZE(pBt) );
+ pBt->pPage1 = pPage1;
+ pBt->nPage = nPage;
+ return SQLITE_OK;
+
+page1_init_failed:
+ releasePage(pPage1);
+ pBt->pPage1 = 0;
+ return rc;
+}
+
+#ifndef NDEBUG
+/*
+** Return the number of cursors open on pBt. This is for use
+** in assert() expressions, so it is only compiled if NDEBUG is not
+** defined.
+**
+** Only write cursors are counted if wrOnly is true. If wrOnly is
+** false then all cursors are counted.
+**
+** For the purposes of this routine, a cursor is any cursor that
+** is capable of reading or writing to the database. Cursors that
+** have been tripped into the CURSOR_FAULT state are not counted.
+*/
+static int countValidCursors(BtShared *pBt, int wrOnly){
+ BtCursor *pCur;
+ int r = 0;
+ for(pCur=pBt->pCursor; pCur; pCur=pCur->pNext){
+ if( (wrOnly==0 || (pCur->curFlags & BTCF_WriteFlag)!=0)
+ && pCur->eState!=CURSOR_FAULT ) r++;
+ }
+ return r;
+}
+#endif
+
+/*
+** If there are no outstanding cursors and we are not in the middle
+** of a transaction but there is a read lock on the database, then
+** this routine unrefs the first page of the database file which
+** has the effect of releasing the read lock.
+**
+** If there is a transaction in progress, this routine is a no-op.
+*/
+static void unlockBtreeIfUnused(BtShared *pBt){
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( countValidCursors(pBt,0)==0 || pBt->inTransaction>TRANS_NONE );
+ if( pBt->inTransaction==TRANS_NONE && pBt->pPage1!=0 ){
+ MemPage *pPage1 = pBt->pPage1;
+ assert( pPage1->aData );
+ assert( sqlite3PagerRefcount(pBt->pPager)==1 );
+ pBt->pPage1 = 0;
+ releasePageNotNull(pPage1);
+ }
+}
+
+/*
+** If pBt points to an empty file then convert that empty file
+** into a new empty database by initializing the first page of
+** the database.
+*/
+static int newDatabase(BtShared *pBt){
+ MemPage *pP1;
+ unsigned char *data;
+ int rc;
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ if( pBt->nPage>0 ){
+ return SQLITE_OK;
+ }
+ pP1 = pBt->pPage1;
+ assert( pP1!=0 );
+ data = pP1->aData;
+ rc = sqlite3PagerWrite(pP1->pDbPage);
+ if( rc ) return rc;
+ memcpy(data, zMagicHeader, sizeof(zMagicHeader));
+ assert( sizeof(zMagicHeader)==16 );
+ data[16] = (u8)((pBt->pageSize>>8)&0xff);
+ data[17] = (u8)((pBt->pageSize>>16)&0xff);
+ data[18] = 1;
+ data[19] = 1;
+ assert( pBt->usableSize<=pBt->pageSize && pBt->usableSize+255>=pBt->pageSize);
+ data[20] = (u8)(pBt->pageSize - pBt->usableSize);
+ data[21] = 64;
+ data[22] = 32;
+ data[23] = 32;
+ memset(&data[24], 0, 100-24);
+ zeroPage(pP1, PTF_INTKEY|PTF_LEAF|PTF_LEAFDATA );
+ pBt->btsFlags |= BTS_PAGESIZE_FIXED;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ assert( pBt->autoVacuum==1 || pBt->autoVacuum==0 );
+ assert( pBt->incrVacuum==1 || pBt->incrVacuum==0 );
+ put4byte(&data[36 + 4*4], pBt->autoVacuum);
+ put4byte(&data[36 + 7*4], pBt->incrVacuum);
+#endif
+ pBt->nPage = 1;
+ data[31] = 1;
+ return SQLITE_OK;
+}
+
+/*
+** Initialize the first page of the database file (creating a database
+** consisting of a single page and no schema objects). Return SQLITE_OK
+** if successful, or an SQLite error code otherwise.
+*/
+SQLITE_PRIVATE int sqlite3BtreeNewDb(Btree *p){
+ int rc;
+ sqlite3BtreeEnter(p);
+ p->pBt->nPage = 0;
+ rc = newDatabase(p->pBt);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** Attempt to start a new transaction. A write-transaction
+** is started if the second argument is nonzero, otherwise a read-
+** transaction. If the second argument is 2 or more and exclusive
+** transaction is started, meaning that no other process is allowed
+** to access the database. A preexisting transaction may not be
+** upgraded to exclusive by calling this routine a second time - the
+** exclusivity flag only works for a new transaction.
+**
+** A write-transaction must be started before attempting any
+** changes to the database. None of the following routines
+** will work unless a transaction is started first:
+**
+** sqlite3BtreeCreateTable()
+** sqlite3BtreeCreateIndex()
+** sqlite3BtreeClearTable()
+** sqlite3BtreeDropTable()
+** sqlite3BtreeInsert()
+** sqlite3BtreeDelete()
+** sqlite3BtreeUpdateMeta()
+**
+** If an initial attempt to acquire the lock fails because of lock contention
+** and the database was previously unlocked, then invoke the busy handler
+** if there is one. But if there was previously a read-lock, do not
+** invoke the busy handler - just return SQLITE_BUSY. SQLITE_BUSY is
+** returned when there is already a read-lock in order to avoid a deadlock.
+**
+** Suppose there are two processes A and B. A has a read lock and B has
+** a reserved lock. B tries to promote to exclusive but is blocked because
+** of A's read lock. A tries to promote to reserved but is blocked by B.
+** One or the other of the two processes must give way or there can be
+** no progress. By returning SQLITE_BUSY and not invoking the busy callback
+** when A already has a read lock, we encourage A to give up and let B
+** proceed.
+*/
+SQLITE_PRIVATE int sqlite3BtreeBeginTrans(Btree *p, int wrflag){
+ sqlite3 *pBlock = 0;
+ BtShared *pBt = p->pBt;
+ int rc = SQLITE_OK;
+
+ sqlite3BtreeEnter(p);
+ btreeIntegrity(p);
+
+ /* If the btree is already in a write-transaction, or it
+ ** is already in a read-transaction and a read-transaction
+ ** is requested, this is a no-op.
+ */
+ if( p->inTrans==TRANS_WRITE || (p->inTrans==TRANS_READ && !wrflag) ){
+ goto trans_begun;
+ }
+ assert( pBt->inTransaction==TRANS_WRITE || IfNotOmitAV(pBt->bDoTruncate)==0 );
+
+ /* Write transactions are not possible on a read-only database */
+ if( (pBt->btsFlags & BTS_READ_ONLY)!=0 && wrflag ){
+ rc = SQLITE_READONLY;
+ goto trans_begun;
+ }
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ /* If another database handle has already opened a write transaction
+ ** on this shared-btree structure and a second write transaction is
+ ** requested, return SQLITE_LOCKED.
+ */
+ if( (wrflag && pBt->inTransaction==TRANS_WRITE)
+ || (pBt->btsFlags & BTS_PENDING)!=0
+ ){
+ pBlock = pBt->pWriter->db;
+ }else if( wrflag>1 ){
+ BtLock *pIter;
+ for(pIter=pBt->pLock; pIter; pIter=pIter->pNext){
+ if( pIter->pBtree!=p ){
+ pBlock = pIter->pBtree->db;
+ break;
+ }
+ }
+ }
+ if( pBlock ){
+ sqlite3ConnectionBlocked(p->db, pBlock);
+ rc = SQLITE_LOCKED_SHAREDCACHE;
+ goto trans_begun;
+ }
+#endif
+
+ /* Any read-only or read-write transaction implies a read-lock on
+ ** page 1. So if some other shared-cache client already has a write-lock
+ ** on page 1, the transaction cannot be opened. */
+ rc = querySharedCacheTableLock(p, MASTER_ROOT, READ_LOCK);
+ if( SQLITE_OK!=rc ) goto trans_begun;
+
+ pBt->btsFlags &= ~BTS_INITIALLY_EMPTY;
+ if( pBt->nPage==0 ) pBt->btsFlags |= BTS_INITIALLY_EMPTY;
+ do {
+ /* Call lockBtree() until either pBt->pPage1 is populated or
+ ** lockBtree() returns something other than SQLITE_OK. lockBtree()
+ ** may return SQLITE_OK but leave pBt->pPage1 set to 0 if after
+ ** reading page 1 it discovers that the page-size of the database
+ ** file is not pBt->pageSize. In this case lockBtree() will update
+ ** pBt->pageSize to the page-size of the file on disk.
+ */
+ while( pBt->pPage1==0 && SQLITE_OK==(rc = lockBtree(pBt)) );
+
+ if( rc==SQLITE_OK && wrflag ){
+ if( (pBt->btsFlags & BTS_READ_ONLY)!=0 ){
+ rc = SQLITE_READONLY;
+ }else{
+ rc = sqlite3PagerBegin(pBt->pPager,wrflag>1,sqlite3TempInMemory(p->db));
+ if( rc==SQLITE_OK ){
+ rc = newDatabase(pBt);
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ unlockBtreeIfUnused(pBt);
+ }
+ }while( (rc&0xFF)==SQLITE_BUSY && pBt->inTransaction==TRANS_NONE &&
+ btreeInvokeBusyHandler(pBt) );
+
+ if( rc==SQLITE_OK ){
+ if( p->inTrans==TRANS_NONE ){
+ pBt->nTransaction++;
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ if( p->sharable ){
+ assert( p->lock.pBtree==p && p->lock.iTable==1 );
+ p->lock.eLock = READ_LOCK;
+ p->lock.pNext = pBt->pLock;
+ pBt->pLock = &p->lock;
+ }
+#endif
+ }
+ p->inTrans = (wrflag?TRANS_WRITE:TRANS_READ);
+ if( p->inTrans>pBt->inTransaction ){
+ pBt->inTransaction = p->inTrans;
+ }
+ if( wrflag ){
+ MemPage *pPage1 = pBt->pPage1;
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ assert( !pBt->pWriter );
+ pBt->pWriter = p;
+ pBt->btsFlags &= ~BTS_EXCLUSIVE;
+ if( wrflag>1 ) pBt->btsFlags |= BTS_EXCLUSIVE;
+#endif
+
+ /* If the db-size header field is incorrect (as it may be if an old
+ ** client has been writing the database file), update it now. Doing
+ ** this sooner rather than later means the database size can safely
+ ** re-read the database size from page 1 if a savepoint or transaction
+ ** rollback occurs within the transaction.
+ */
+ if( pBt->nPage!=get4byte(&pPage1->aData[28]) ){
+ rc = sqlite3PagerWrite(pPage1->pDbPage);
+ if( rc==SQLITE_OK ){
+ put4byte(&pPage1->aData[28], pBt->nPage);
+ }
+ }
+ }
+ }
+
+
+trans_begun:
+ if( rc==SQLITE_OK && wrflag ){
+ /* This call makes sure that the pager has the correct number of
+ ** open savepoints. If the second parameter is greater than 0 and
+ ** the sub-journal is not already open, then it will be opened here.
+ */
+ rc = sqlite3PagerOpenSavepoint(pBt->pPager, p->db->nSavepoint);
+ }
+
+ btreeIntegrity(p);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+
+/*
+** Set the pointer-map entries for all children of page pPage. Also, if
+** pPage contains cells that point to overflow pages, set the pointer
+** map entries for the overflow pages as well.
+*/
+static int setChildPtrmaps(MemPage *pPage){
+ int i; /* Counter variable */
+ int nCell; /* Number of cells in page pPage */
+ int rc; /* Return code */
+ BtShared *pBt = pPage->pBt;
+ u8 isInitOrig = pPage->isInit;
+ Pgno pgno = pPage->pgno;
+
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ rc = btreeInitPage(pPage);
+ if( rc!=SQLITE_OK ){
+ goto set_child_ptrmaps_out;
+ }
+ nCell = pPage->nCell;
+
+ for(i=0; i<nCell; i++){
+ u8 *pCell = findCell(pPage, i);
+
+ ptrmapPutOvflPtr(pPage, pCell, &rc);
+
+ if( !pPage->leaf ){
+ Pgno childPgno = get4byte(pCell);
+ ptrmapPut(pBt, childPgno, PTRMAP_BTREE, pgno, &rc);
+ }
+ }
+
+ if( !pPage->leaf ){
+ Pgno childPgno = get4byte(&pPage->aData[pPage->hdrOffset+8]);
+ ptrmapPut(pBt, childPgno, PTRMAP_BTREE, pgno, &rc);
+ }
+
+set_child_ptrmaps_out:
+ pPage->isInit = isInitOrig;
+ return rc;
+}
+
+/*
+** Somewhere on pPage is a pointer to page iFrom. Modify this pointer so
+** that it points to iTo. Parameter eType describes the type of pointer to
+** be modified, as follows:
+**
+** PTRMAP_BTREE: pPage is a btree-page. The pointer points at a child
+** page of pPage.
+**
+** PTRMAP_OVERFLOW1: pPage is a btree-page. The pointer points at an overflow
+** page pointed to by one of the cells on pPage.
+**
+** PTRMAP_OVERFLOW2: pPage is an overflow-page. The pointer points at the next
+** overflow page in the list.
+*/
+static int modifyPagePointer(MemPage *pPage, Pgno iFrom, Pgno iTo, u8 eType){
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ if( eType==PTRMAP_OVERFLOW2 ){
+ /* The pointer is always the first 4 bytes of the page in this case. */
+ if( get4byte(pPage->aData)!=iFrom ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ put4byte(pPage->aData, iTo);
+ }else{
+ u8 isInitOrig = pPage->isInit;
+ int i;
+ int nCell;
+ int rc;
+
+ rc = btreeInitPage(pPage);
+ if( rc ) return rc;
+ nCell = pPage->nCell;
+
+ for(i=0; i<nCell; i++){
+ u8 *pCell = findCell(pPage, i);
+ if( eType==PTRMAP_OVERFLOW1 ){
+ CellInfo info;
+ pPage->xParseCell(pPage, pCell, &info);
+ if( info.nLocal<info.nPayload
+ && pCell+info.nSize-1<=pPage->aData+pPage->maskPage
+ && iFrom==get4byte(pCell+info.nSize-4)
+ ){
+ put4byte(pCell+info.nSize-4, iTo);
+ break;
+ }
+ }else{
+ if( get4byte(pCell)==iFrom ){
+ put4byte(pCell, iTo);
+ break;
+ }
+ }
+ }
+
+ if( i==nCell ){
+ if( eType!=PTRMAP_BTREE ||
+ get4byte(&pPage->aData[pPage->hdrOffset+8])!=iFrom ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ put4byte(&pPage->aData[pPage->hdrOffset+8], iTo);
+ }
+
+ pPage->isInit = isInitOrig;
+ }
+ return SQLITE_OK;
+}
+
+
+/*
+** Move the open database page pDbPage to location iFreePage in the
+** database. The pDbPage reference remains valid.
+**
+** The isCommit flag indicates that there is no need to remember that
+** the journal needs to be sync()ed before database page pDbPage->pgno
+** can be written to. The caller has already promised not to write to that
+** page.
+*/
+static int relocatePage(
+ BtShared *pBt, /* Btree */
+ MemPage *pDbPage, /* Open page to move */
+ u8 eType, /* Pointer map 'type' entry for pDbPage */
+ Pgno iPtrPage, /* Pointer map 'page-no' entry for pDbPage */
+ Pgno iFreePage, /* The location to move pDbPage to */
+ int isCommit /* isCommit flag passed to sqlite3PagerMovepage */
+){
+ MemPage *pPtrPage; /* The page that contains a pointer to pDbPage */
+ Pgno iDbPage = pDbPage->pgno;
+ Pager *pPager = pBt->pPager;
+ int rc;
+
+ assert( eType==PTRMAP_OVERFLOW2 || eType==PTRMAP_OVERFLOW1 ||
+ eType==PTRMAP_BTREE || eType==PTRMAP_ROOTPAGE );
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( pDbPage->pBt==pBt );
+
+ /* Move page iDbPage from its current location to page number iFreePage */
+ TRACE(("AUTOVACUUM: Moving %d to free page %d (ptr page %d type %d)\n",
+ iDbPage, iFreePage, iPtrPage, eType));
+ rc = sqlite3PagerMovepage(pPager, pDbPage->pDbPage, iFreePage, isCommit);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ pDbPage->pgno = iFreePage;
+
+ /* If pDbPage was a btree-page, then it may have child pages and/or cells
+ ** that point to overflow pages. The pointer map entries for all these
+ ** pages need to be changed.
+ **
+ ** If pDbPage is an overflow page, then the first 4 bytes may store a
+ ** pointer to a subsequent overflow page. If this is the case, then
+ ** the pointer map needs to be updated for the subsequent overflow page.
+ */
+ if( eType==PTRMAP_BTREE || eType==PTRMAP_ROOTPAGE ){
+ rc = setChildPtrmaps(pDbPage);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }else{
+ Pgno nextOvfl = get4byte(pDbPage->aData);
+ if( nextOvfl!=0 ){
+ ptrmapPut(pBt, nextOvfl, PTRMAP_OVERFLOW2, iFreePage, &rc);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }
+ }
+
+ /* Fix the database pointer on page iPtrPage that pointed at iDbPage so
+ ** that it points at iFreePage. Also fix the pointer map entry for
+ ** iPtrPage.
+ */
+ if( eType!=PTRMAP_ROOTPAGE ){
+ rc = btreeGetPage(pBt, iPtrPage, &pPtrPage, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ rc = sqlite3PagerWrite(pPtrPage->pDbPage);
+ if( rc!=SQLITE_OK ){
+ releasePage(pPtrPage);
+ return rc;
+ }
+ rc = modifyPagePointer(pPtrPage, iDbPage, iFreePage, eType);
+ releasePage(pPtrPage);
+ if( rc==SQLITE_OK ){
+ ptrmapPut(pBt, iFreePage, eType, iPtrPage, &rc);
+ }
+ }
+ return rc;
+}
+
+/* Forward declaration required by incrVacuumStep(). */
+static int allocateBtreePage(BtShared *, MemPage **, Pgno *, Pgno, u8);
+
+/*
+** Perform a single step of an incremental-vacuum. If successful, return
+** SQLITE_OK. If there is no work to do (and therefore no point in
+** calling this function again), return SQLITE_DONE. Or, if an error
+** occurs, return some other error code.
+**
+** More specifically, this function attempts to re-organize the database so
+** that the last page of the file currently in use is no longer in use.
+**
+** Parameter nFin is the number of pages that this database would contain
+** were this function called until it returns SQLITE_DONE.
+**
+** If the bCommit parameter is non-zero, this function assumes that the
+** caller will keep calling incrVacuumStep() until it returns SQLITE_DONE
+** or an error. bCommit is passed true for an auto-vacuum-on-commit
+** operation, or false for an incremental vacuum.
+*/
+static int incrVacuumStep(BtShared *pBt, Pgno nFin, Pgno iLastPg, int bCommit){
+ Pgno nFreeList; /* Number of pages still on the free-list */
+ int rc;
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( iLastPg>nFin );
+
+ if( !PTRMAP_ISPAGE(pBt, iLastPg) && iLastPg!=PENDING_BYTE_PAGE(pBt) ){
+ u8 eType;
+ Pgno iPtrPage;
+
+ nFreeList = get4byte(&pBt->pPage1->aData[36]);
+ if( nFreeList==0 ){
+ return SQLITE_DONE;
+ }
+
+ rc = ptrmapGet(pBt, iLastPg, &eType, &iPtrPage);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ if( eType==PTRMAP_ROOTPAGE ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+
+ if( eType==PTRMAP_FREEPAGE ){
+ if( bCommit==0 ){
+ /* Remove the page from the files free-list. This is not required
+ ** if bCommit is non-zero. In that case, the free-list will be
+ ** truncated to zero after this function returns, so it doesn't
+ ** matter if it still contains some garbage entries.
+ */
+ Pgno iFreePg;
+ MemPage *pFreePg;
+ rc = allocateBtreePage(pBt, &pFreePg, &iFreePg, iLastPg, BTALLOC_EXACT);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ assert( iFreePg==iLastPg );
+ releasePage(pFreePg);
+ }
+ } else {
+ Pgno iFreePg; /* Index of free page to move pLastPg to */
+ MemPage *pLastPg;
+ u8 eMode = BTALLOC_ANY; /* Mode parameter for allocateBtreePage() */
+ Pgno iNear = 0; /* nearby parameter for allocateBtreePage() */
+
+ rc = btreeGetPage(pBt, iLastPg, &pLastPg, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* If bCommit is zero, this loop runs exactly once and page pLastPg
+ ** is swapped with the first free page pulled off the free list.
+ **
+ ** On the other hand, if bCommit is greater than zero, then keep
+ ** looping until a free-page located within the first nFin pages
+ ** of the file is found.
+ */
+ if( bCommit==0 ){
+ eMode = BTALLOC_LE;
+ iNear = nFin;
+ }
+ do {
+ MemPage *pFreePg;
+ rc = allocateBtreePage(pBt, &pFreePg, &iFreePg, iNear, eMode);
+ if( rc!=SQLITE_OK ){
+ releasePage(pLastPg);
+ return rc;
+ }
+ releasePage(pFreePg);
+ }while( bCommit && iFreePg>nFin );
+ assert( iFreePg<iLastPg );
+
+ rc = relocatePage(pBt, pLastPg, eType, iPtrPage, iFreePg, bCommit);
+ releasePage(pLastPg);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }
+ }
+
+ if( bCommit==0 ){
+ do {
+ iLastPg--;
+ }while( iLastPg==PENDING_BYTE_PAGE(pBt) || PTRMAP_ISPAGE(pBt, iLastPg) );
+ pBt->bDoTruncate = 1;
+ pBt->nPage = iLastPg;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** The database opened by the first argument is an auto-vacuum database
+** nOrig pages in size containing nFree free pages. Return the expected
+** size of the database in pages following an auto-vacuum operation.
+*/
+static Pgno finalDbSize(BtShared *pBt, Pgno nOrig, Pgno nFree){
+ int nEntry; /* Number of entries on one ptrmap page */
+ Pgno nPtrmap; /* Number of PtrMap pages to be freed */
+ Pgno nFin; /* Return value */
+
+ nEntry = pBt->usableSize/5;
+ nPtrmap = (nFree-nOrig+PTRMAP_PAGENO(pBt, nOrig)+nEntry)/nEntry;
+ nFin = nOrig - nFree - nPtrmap;
+ if( nOrig>PENDING_BYTE_PAGE(pBt) && nFin<PENDING_BYTE_PAGE(pBt) ){
+ nFin--;
+ }
+ while( PTRMAP_ISPAGE(pBt, nFin) || nFin==PENDING_BYTE_PAGE(pBt) ){
+ nFin--;
+ }
+
+ return nFin;
+}
+
+/*
+** A write-transaction must be opened before calling this function.
+** It performs a single unit of work towards an incremental vacuum.
+**
+** If the incremental vacuum is finished after this function has run,
+** SQLITE_DONE is returned. If it is not finished, but no error occurred,
+** SQLITE_OK is returned. Otherwise an SQLite error code.
+*/
+SQLITE_PRIVATE int sqlite3BtreeIncrVacuum(Btree *p){
+ int rc;
+ BtShared *pBt = p->pBt;
+
+ sqlite3BtreeEnter(p);
+ assert( pBt->inTransaction==TRANS_WRITE && p->inTrans==TRANS_WRITE );
+ if( !pBt->autoVacuum ){
+ rc = SQLITE_DONE;
+ }else{
+ Pgno nOrig = btreePagecount(pBt);
+ Pgno nFree = get4byte(&pBt->pPage1->aData[36]);
+ Pgno nFin = finalDbSize(pBt, nOrig, nFree);
+
+ if( nOrig<nFin ){
+ rc = SQLITE_CORRUPT_BKPT;
+ }else if( nFree>0 ){
+ rc = saveAllCursors(pBt, 0, 0);
+ if( rc==SQLITE_OK ){
+ invalidateAllOverflowCache(pBt);
+ rc = incrVacuumStep(pBt, nFin, nOrig, 0);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
+ put4byte(&pBt->pPage1->aData[28], pBt->nPage);
+ }
+ }else{
+ rc = SQLITE_DONE;
+ }
+ }
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** This routine is called prior to sqlite3PagerCommit when a transaction
+** is committed for an auto-vacuum database.
+**
+** If SQLITE_OK is returned, then *pnTrunc is set to the number of pages
+** the database file should be truncated to during the commit process.
+** i.e. the database has been reorganized so that only the first *pnTrunc
+** pages are in use.
+*/
+static int autoVacuumCommit(BtShared *pBt){
+ int rc = SQLITE_OK;
+ Pager *pPager = pBt->pPager;
+ VVA_ONLY( int nRef = sqlite3PagerRefcount(pPager); )
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ invalidateAllOverflowCache(pBt);
+ assert(pBt->autoVacuum);
+ if( !pBt->incrVacuum ){
+ Pgno nFin; /* Number of pages in database after autovacuuming */
+ Pgno nFree; /* Number of pages on the freelist initially */
+ Pgno iFree; /* The next page to be freed */
+ Pgno nOrig; /* Database size before freeing */
+
+ nOrig = btreePagecount(pBt);
+ if( PTRMAP_ISPAGE(pBt, nOrig) || nOrig==PENDING_BYTE_PAGE(pBt) ){
+ /* It is not possible to create a database for which the final page
+ ** is either a pointer-map page or the pending-byte page. If one
+ ** is encountered, this indicates corruption.
+ */
+ return SQLITE_CORRUPT_BKPT;
+ }
+
+ nFree = get4byte(&pBt->pPage1->aData[36]);
+ nFin = finalDbSize(pBt, nOrig, nFree);
+ if( nFin>nOrig ) return SQLITE_CORRUPT_BKPT;
+ if( nFin<nOrig ){
+ rc = saveAllCursors(pBt, 0, 0);
+ }
+ for(iFree=nOrig; iFree>nFin && rc==SQLITE_OK; iFree--){
+ rc = incrVacuumStep(pBt, nFin, iFree, 1);
+ }
+ if( (rc==SQLITE_DONE || rc==SQLITE_OK) && nFree>0 ){
+ rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
+ put4byte(&pBt->pPage1->aData[32], 0);
+ put4byte(&pBt->pPage1->aData[36], 0);
+ put4byte(&pBt->pPage1->aData[28], nFin);
+ pBt->bDoTruncate = 1;
+ pBt->nPage = nFin;
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3PagerRollback(pPager);
+ }
+ }
+
+ assert( nRef>=sqlite3PagerRefcount(pPager) );
+ return rc;
+}
+
+#else /* ifndef SQLITE_OMIT_AUTOVACUUM */
+# define setChildPtrmaps(x) SQLITE_OK
+#endif
+
+/*
+** This routine does the first phase of a two-phase commit. This routine
+** causes a rollback journal to be created (if it does not already exist)
+** and populated with enough information so that if a power loss occurs
+** the database can be restored to its original state by playing back
+** the journal. Then the contents of the journal are flushed out to
+** the disk. After the journal is safely on oxide, the changes to the
+** database are written into the database file and flushed to oxide.
+** At the end of this call, the rollback journal still exists on the
+** disk and we are still holding all locks, so the transaction has not
+** committed. See sqlite3BtreeCommitPhaseTwo() for the second phase of the
+** commit process.
+**
+** This call is a no-op if no write-transaction is currently active on pBt.
+**
+** Otherwise, sync the database file for the btree pBt. zMaster points to
+** the name of a master journal file that should be written into the
+** individual journal file, or is NULL, indicating no master journal file
+** (single database transaction).
+**
+** When this is called, the master journal should already have been
+** created, populated with this journal pointer and synced to disk.
+**
+** Once this is routine has returned, the only thing required to commit
+** the write-transaction for this database file is to delete the journal.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCommitPhaseOne(Btree *p, const char *zMaster){
+ int rc = SQLITE_OK;
+ if( p->inTrans==TRANS_WRITE ){
+ BtShared *pBt = p->pBt;
+ sqlite3BtreeEnter(p);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pBt->autoVacuum ){
+ rc = autoVacuumCommit(pBt);
+ if( rc!=SQLITE_OK ){
+ sqlite3BtreeLeave(p);
+ return rc;
+ }
+ }
+ if( pBt->bDoTruncate ){
+ sqlite3PagerTruncateImage(pBt->pPager, pBt->nPage);
+ }
+#endif
+ rc = sqlite3PagerCommitPhaseOne(pBt->pPager, zMaster, 0);
+ sqlite3BtreeLeave(p);
+ }
+ return rc;
+}
+
+/*
+** This function is called from both BtreeCommitPhaseTwo() and BtreeRollback()
+** at the conclusion of a transaction.
+*/
+static void btreeEndTransaction(Btree *p){
+ BtShared *pBt = p->pBt;
+ sqlite3 *db = p->db;
+ assert( sqlite3BtreeHoldsMutex(p) );
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ pBt->bDoTruncate = 0;
+#endif
+ if( p->inTrans>TRANS_NONE && db->nVdbeRead>1 ){
+ /* If there are other active statements that belong to this database
+ ** handle, downgrade to a read-only transaction. The other statements
+ ** may still be reading from the database. */
+ downgradeAllSharedCacheTableLocks(p);
+ p->inTrans = TRANS_READ;
+ }else{
+ /* If the handle had any kind of transaction open, decrement the
+ ** transaction count of the shared btree. If the transaction count
+ ** reaches 0, set the shared state to TRANS_NONE. The unlockBtreeIfUnused()
+ ** call below will unlock the pager. */
+ if( p->inTrans!=TRANS_NONE ){
+ clearAllSharedCacheTableLocks(p);
+ pBt->nTransaction--;
+ if( 0==pBt->nTransaction ){
+ pBt->inTransaction = TRANS_NONE;
+ }
+ }
+
+ /* Set the current transaction state to TRANS_NONE and unlock the
+ ** pager if this call closed the only read or write transaction. */
+ p->inTrans = TRANS_NONE;
+ unlockBtreeIfUnused(pBt);
+ }
+
+ btreeIntegrity(p);
+}
+
+/*
+** Commit the transaction currently in progress.
+**
+** This routine implements the second phase of a 2-phase commit. The
+** sqlite3BtreeCommitPhaseOne() routine does the first phase and should
+** be invoked prior to calling this routine. The sqlite3BtreeCommitPhaseOne()
+** routine did all the work of writing information out to disk and flushing the
+** contents so that they are written onto the disk platter. All this
+** routine has to do is delete or truncate or zero the header in the
+** the rollback journal (which causes the transaction to commit) and
+** drop locks.
+**
+** Normally, if an error occurs while the pager layer is attempting to
+** finalize the underlying journal file, this function returns an error and
+** the upper layer will attempt a rollback. However, if the second argument
+** is non-zero then this b-tree transaction is part of a multi-file
+** transaction. In this case, the transaction has already been committed
+** (by deleting a master journal file) and the caller will ignore this
+** functions return code. So, even if an error occurs in the pager layer,
+** reset the b-tree objects internal state to indicate that the write
+** transaction has been closed. This is quite safe, as the pager will have
+** transitioned to the error state.
+**
+** This will release the write lock on the database file. If there
+** are no active cursors, it also releases the read lock.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCommitPhaseTwo(Btree *p, int bCleanup){
+
+ if( p->inTrans==TRANS_NONE ) return SQLITE_OK;
+ sqlite3BtreeEnter(p);
+ btreeIntegrity(p);
+
+ /* If the handle has a write-transaction open, commit the shared-btrees
+ ** transaction and set the shared state to TRANS_READ.
+ */
+ if( p->inTrans==TRANS_WRITE ){
+ int rc;
+ BtShared *pBt = p->pBt;
+ assert( pBt->inTransaction==TRANS_WRITE );
+ assert( pBt->nTransaction>0 );
+ rc = sqlite3PagerCommitPhaseTwo(pBt->pPager);
+ if( rc!=SQLITE_OK && bCleanup==0 ){
+ sqlite3BtreeLeave(p);
+ return rc;
+ }
+ p->iDataVersion--; /* Compensate for pPager->iDataVersion++; */
+ pBt->inTransaction = TRANS_READ;
+ btreeClearHasContent(pBt);
+ }
+
+ btreeEndTransaction(p);
+ sqlite3BtreeLeave(p);
+ return SQLITE_OK;
+}
+
+/*
+** Do both phases of a commit.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCommit(Btree *p){
+ int rc;
+ sqlite3BtreeEnter(p);
+ rc = sqlite3BtreeCommitPhaseOne(p, 0);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3BtreeCommitPhaseTwo(p, 0);
+ }
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** This routine sets the state to CURSOR_FAULT and the error
+** code to errCode for every cursor on any BtShared that pBtree
+** references. Or if the writeOnly flag is set to 1, then only
+** trip write cursors and leave read cursors unchanged.
+**
+** Every cursor is a candidate to be tripped, including cursors
+** that belong to other database connections that happen to be
+** sharing the cache with pBtree.
+**
+** This routine gets called when a rollback occurs. If the writeOnly
+** flag is true, then only write-cursors need be tripped - read-only
+** cursors save their current positions so that they may continue
+** following the rollback. Or, if writeOnly is false, all cursors are
+** tripped. In general, writeOnly is false if the transaction being
+** rolled back modified the database schema. In this case b-tree root
+** pages may be moved or deleted from the database altogether, making
+** it unsafe for read cursors to continue.
+**
+** If the writeOnly flag is true and an error is encountered while
+** saving the current position of a read-only cursor, all cursors,
+** including all read-cursors are tripped.
+**
+** SQLITE_OK is returned if successful, or if an error occurs while
+** saving a cursor position, an SQLite error code.
+*/
+SQLITE_PRIVATE int sqlite3BtreeTripAllCursors(Btree *pBtree, int errCode, int writeOnly){
+ BtCursor *p;
+ int rc = SQLITE_OK;
+
+ assert( (writeOnly==0 || writeOnly==1) && BTCF_WriteFlag==1 );
+ if( pBtree ){
+ sqlite3BtreeEnter(pBtree);
+ for(p=pBtree->pBt->pCursor; p; p=p->pNext){
+ int i;
+ if( writeOnly && (p->curFlags & BTCF_WriteFlag)==0 ){
+ if( p->eState==CURSOR_VALID || p->eState==CURSOR_SKIPNEXT ){
+ rc = saveCursorPosition(p);
+ if( rc!=SQLITE_OK ){
+ (void)sqlite3BtreeTripAllCursors(pBtree, rc, 0);
+ break;
+ }
+ }
+ }else{
+ sqlite3BtreeClearCursor(p);
+ p->eState = CURSOR_FAULT;
+ p->skipNext = errCode;
+ }
+ for(i=0; i<=p->iPage; i++){
+ releasePage(p->apPage[i]);
+ p->apPage[i] = 0;
+ }
+ }
+ sqlite3BtreeLeave(pBtree);
+ }
+ return rc;
+}
+
+/*
+** Rollback the transaction in progress.
+**
+** If tripCode is not SQLITE_OK then cursors will be invalidated (tripped).
+** Only write cursors are tripped if writeOnly is true but all cursors are
+** tripped if writeOnly is false. Any attempt to use
+** a tripped cursor will result in an error.
+**
+** This will release the write lock on the database file. If there
+** are no active cursors, it also releases the read lock.
+*/
+SQLITE_PRIVATE int sqlite3BtreeRollback(Btree *p, int tripCode, int writeOnly){
+ int rc;
+ BtShared *pBt = p->pBt;
+ MemPage *pPage1;
+
+ assert( writeOnly==1 || writeOnly==0 );
+ assert( tripCode==SQLITE_ABORT_ROLLBACK || tripCode==SQLITE_OK );
+ sqlite3BtreeEnter(p);
+ if( tripCode==SQLITE_OK ){
+ rc = tripCode = saveAllCursors(pBt, 0, 0);
+ if( rc ) writeOnly = 0;
+ }else{
+ rc = SQLITE_OK;
+ }
+ if( tripCode ){
+ int rc2 = sqlite3BtreeTripAllCursors(p, tripCode, writeOnly);
+ assert( rc==SQLITE_OK || (writeOnly==0 && rc2==SQLITE_OK) );
+ if( rc2!=SQLITE_OK ) rc = rc2;
+ }
+ btreeIntegrity(p);
+
+ if( p->inTrans==TRANS_WRITE ){
+ int rc2;
+
+ assert( TRANS_WRITE==pBt->inTransaction );
+ rc2 = sqlite3PagerRollback(pBt->pPager);
+ if( rc2!=SQLITE_OK ){
+ rc = rc2;
+ }
+
+ /* The rollback may have destroyed the pPage1->aData value. So
+ ** call btreeGetPage() on page 1 again to make
+ ** sure pPage1->aData is set correctly. */
+ if( btreeGetPage(pBt, 1, &pPage1, 0)==SQLITE_OK ){
+ int nPage = get4byte(28+(u8*)pPage1->aData);
+ testcase( nPage==0 );
+ if( nPage==0 ) sqlite3PagerPagecount(pBt->pPager, &nPage);
+ testcase( pBt->nPage!=nPage );
+ pBt->nPage = nPage;
+ releasePage(pPage1);
+ }
+ assert( countValidCursors(pBt, 1)==0 );
+ pBt->inTransaction = TRANS_READ;
+ btreeClearHasContent(pBt);
+ }
+
+ btreeEndTransaction(p);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** Start a statement subtransaction. The subtransaction can be rolled
+** back independently of the main transaction. You must start a transaction
+** before starting a subtransaction. The subtransaction is ended automatically
+** if the main transaction commits or rolls back.
+**
+** Statement subtransactions are used around individual SQL statements
+** that are contained within a BEGIN...COMMIT block. If a constraint
+** error occurs within the statement, the effect of that one statement
+** can be rolled back without having to rollback the entire transaction.
+**
+** A statement sub-transaction is implemented as an anonymous savepoint. The
+** value passed as the second parameter is the total number of savepoints,
+** including the new anonymous savepoint, open on the B-Tree. i.e. if there
+** are no active savepoints and no other statement-transactions open,
+** iStatement is 1. This anonymous savepoint can be released or rolled back
+** using the sqlite3BtreeSavepoint() function.
+*/
+SQLITE_PRIVATE int sqlite3BtreeBeginStmt(Btree *p, int iStatement){
+ int rc;
+ BtShared *pBt = p->pBt;
+ sqlite3BtreeEnter(p);
+ assert( p->inTrans==TRANS_WRITE );
+ assert( (pBt->btsFlags & BTS_READ_ONLY)==0 );
+ assert( iStatement>0 );
+ assert( iStatement>p->db->nSavepoint );
+ assert( pBt->inTransaction==TRANS_WRITE );
+ /* At the pager level, a statement transaction is a savepoint with
+ ** an index greater than all savepoints created explicitly using
+ ** SQL statements. It is illegal to open, release or rollback any
+ ** such savepoints while the statement transaction savepoint is active.
+ */
+ rc = sqlite3PagerOpenSavepoint(pBt->pPager, iStatement);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** The second argument to this function, op, is always SAVEPOINT_ROLLBACK
+** or SAVEPOINT_RELEASE. This function either releases or rolls back the
+** savepoint identified by parameter iSavepoint, depending on the value
+** of op.
+**
+** Normally, iSavepoint is greater than or equal to zero. However, if op is
+** SAVEPOINT_ROLLBACK, then iSavepoint may also be -1. In this case the
+** contents of the entire transaction are rolled back. This is different
+** from a normal transaction rollback, as no locks are released and the
+** transaction remains open.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSavepoint(Btree *p, int op, int iSavepoint){
+ int rc = SQLITE_OK;
+ if( p && p->inTrans==TRANS_WRITE ){
+ BtShared *pBt = p->pBt;
+ assert( op==SAVEPOINT_RELEASE || op==SAVEPOINT_ROLLBACK );
+ assert( iSavepoint>=0 || (iSavepoint==-1 && op==SAVEPOINT_ROLLBACK) );
+ sqlite3BtreeEnter(p);
+ rc = sqlite3PagerSavepoint(pBt->pPager, op, iSavepoint);
+ if( rc==SQLITE_OK ){
+ if( iSavepoint<0 && (pBt->btsFlags & BTS_INITIALLY_EMPTY)!=0 ){
+ pBt->nPage = 0;
+ }
+ rc = newDatabase(pBt);
+ pBt->nPage = get4byte(28 + pBt->pPage1->aData);
+
+ /* The database size was written into the offset 28 of the header
+ ** when the transaction started, so we know that the value at offset
+ ** 28 is nonzero. */
+ assert( pBt->nPage>0 );
+ }
+ sqlite3BtreeLeave(p);
+ }
+ return rc;
+}
+
+/*
+** Create a new cursor for the BTree whose root is on the page
+** iTable. If a read-only cursor is requested, it is assumed that
+** the caller already has at least a read-only transaction open
+** on the database already. If a write-cursor is requested, then
+** the caller is assumed to have an open write transaction.
+**
+** If wrFlag==0, then the cursor can only be used for reading.
+** If wrFlag==1, then the cursor can be used for reading or for
+** writing if other conditions for writing are also met. These
+** are the conditions that must be met in order for writing to
+** be allowed:
+**
+** 1: The cursor must have been opened with wrFlag==1
+**
+** 2: Other database connections that share the same pager cache
+** but which are not in the READ_UNCOMMITTED state may not have
+** cursors open with wrFlag==0 on the same table. Otherwise
+** the changes made by this write cursor would be visible to
+** the read cursors in the other database connection.
+**
+** 3: The database must be writable (not on read-only media)
+**
+** 4: There must be an active transaction.
+**
+** No checking is done to make sure that page iTable really is the
+** root page of a b-tree. If it is not, then the cursor acquired
+** will not work correctly.
+**
+** It is assumed that the sqlite3BtreeCursorZero() has been called
+** on pCur to initialize the memory space prior to invoking this routine.
+*/
+static int btreeCursor(
+ Btree *p, /* The btree */
+ int iTable, /* Root page of table to open */
+ int wrFlag, /* 1 to write. 0 read-only */
+ struct KeyInfo *pKeyInfo, /* First arg to comparison function */
+ BtCursor *pCur /* Space for new cursor */
+){
+ BtShared *pBt = p->pBt; /* Shared b-tree handle */
+ BtCursor *pX; /* Looping over other all cursors */
+
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( wrFlag==0
+ || wrFlag==BTREE_WRCSR
+ || wrFlag==(BTREE_WRCSR|BTREE_FORDELETE)
+ );
+
+ /* The following assert statements verify that if this is a sharable
+ ** b-tree database, the connection is holding the required table locks,
+ ** and that no other connection has any open cursor that conflicts with
+ ** this lock. */
+ assert( hasSharedCacheTableLock(p, iTable, pKeyInfo!=0, (wrFlag?2:1)) );
+ assert( wrFlag==0 || !hasReadConflicts(p, iTable) );
+
+ /* Assert that the caller has opened the required transaction. */
+ assert( p->inTrans>TRANS_NONE );
+ assert( wrFlag==0 || p->inTrans==TRANS_WRITE );
+ assert( pBt->pPage1 && pBt->pPage1->aData );
+ assert( wrFlag==0 || (pBt->btsFlags & BTS_READ_ONLY)==0 );
+
+ if( wrFlag ){
+ allocateTempSpace(pBt);
+ if( pBt->pTmpSpace==0 ) return SQLITE_NOMEM;
+ }
+ if( iTable==1 && btreePagecount(pBt)==0 ){
+ assert( wrFlag==0 );
+ iTable = 0;
+ }
+
+ /* Now that no other errors can occur, finish filling in the BtCursor
+ ** variables and link the cursor into the BtShared list. */
+ pCur->pgnoRoot = (Pgno)iTable;
+ pCur->iPage = -1;
+ pCur->pKeyInfo = pKeyInfo;
+ pCur->pBtree = p;
+ pCur->pBt = pBt;
+ pCur->curFlags = wrFlag ? BTCF_WriteFlag : 0;
+ pCur->curPagerFlags = wrFlag ? 0 : PAGER_GET_READONLY;
+ /* If there are two or more cursors on the same btree, then all such
+ ** cursors *must* have the BTCF_Multiple flag set. */
+ for(pX=pBt->pCursor; pX; pX=pX->pNext){
+ if( pX->pgnoRoot==(Pgno)iTable ){
+ pX->curFlags |= BTCF_Multiple;
+ pCur->curFlags |= BTCF_Multiple;
+ }
+ }
+ pCur->pNext = pBt->pCursor;
+ pBt->pCursor = pCur;
+ pCur->eState = CURSOR_INVALID;
+ return SQLITE_OK;
+}
+SQLITE_PRIVATE int sqlite3BtreeCursor(
+ Btree *p, /* The btree */
+ int iTable, /* Root page of table to open */
+ int wrFlag, /* 1 to write. 0 read-only */
+ struct KeyInfo *pKeyInfo, /* First arg to xCompare() */
+ BtCursor *pCur /* Write new cursor here */
+){
+ int rc;
+ if( iTable<1 ){
+ rc = SQLITE_CORRUPT_BKPT;
+ }else{
+ sqlite3BtreeEnter(p);
+ rc = btreeCursor(p, iTable, wrFlag, pKeyInfo, pCur);
+ sqlite3BtreeLeave(p);
+ }
+ return rc;
+}
+
+/*
+** Return the size of a BtCursor object in bytes.
+**
+** This interfaces is needed so that users of cursors can preallocate
+** sufficient storage to hold a cursor. The BtCursor object is opaque
+** to users so they cannot do the sizeof() themselves - they must call
+** this routine.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCursorSize(void){
+ return ROUND8(sizeof(BtCursor));
+}
+
+/*
+** Initialize memory that will be converted into a BtCursor object.
+**
+** The simple approach here would be to memset() the entire object
+** to zero. But it turns out that the apPage[] and aiIdx[] arrays
+** do not need to be zeroed and they are large, so we can save a lot
+** of run-time by skipping the initialization of those elements.
+*/
+SQLITE_PRIVATE void sqlite3BtreeCursorZero(BtCursor *p){
+ memset(p, 0, offsetof(BtCursor, iPage));
+}
+
+/*
+** Close a cursor. The read lock on the database file is released
+** when the last cursor is closed.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCloseCursor(BtCursor *pCur){
+ Btree *pBtree = pCur->pBtree;
+ if( pBtree ){
+ int i;
+ BtShared *pBt = pCur->pBt;
+ sqlite3BtreeEnter(pBtree);
+ sqlite3BtreeClearCursor(pCur);
+ assert( pBt->pCursor!=0 );
+ if( pBt->pCursor==pCur ){
+ pBt->pCursor = pCur->pNext;
+ }else{
+ BtCursor *pPrev = pBt->pCursor;
+ do{
+ if( pPrev->pNext==pCur ){
+ pPrev->pNext = pCur->pNext;
+ break;
+ }
+ pPrev = pPrev->pNext;
+ }while( ALWAYS(pPrev) );
+ }
+ for(i=0; i<=pCur->iPage; i++){
+ releasePage(pCur->apPage[i]);
+ }
+ unlockBtreeIfUnused(pBt);
+ sqlite3_free(pCur->aOverflow);
+ /* sqlite3_free(pCur); */
+ sqlite3BtreeLeave(pBtree);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Make sure the BtCursor* given in the argument has a valid
+** BtCursor.info structure. If it is not already valid, call
+** btreeParseCell() to fill it in.
+**
+** BtCursor.info is a cache of the information in the current cell.
+** Using this cache reduces the number of calls to btreeParseCell().
+*/
+#ifndef NDEBUG
+ static void assertCellInfo(BtCursor *pCur){
+ CellInfo info;
+ int iPage = pCur->iPage;
+ memset(&info, 0, sizeof(info));
+ btreeParseCell(pCur->apPage[iPage], pCur->aiIdx[iPage], &info);
+ assert( CORRUPT_DB || memcmp(&info, &pCur->info, sizeof(info))==0 );
+ }
+#else
+ #define assertCellInfo(x)
+#endif
+static SQLITE_NOINLINE void getCellInfo(BtCursor *pCur){
+ if( pCur->info.nSize==0 ){
+ int iPage = pCur->iPage;
+ pCur->curFlags |= BTCF_ValidNKey;
+ btreeParseCell(pCur->apPage[iPage],pCur->aiIdx[iPage],&pCur->info);
+ }else{
+ assertCellInfo(pCur);
+ }
+}
+
+#ifndef NDEBUG /* The next routine used only within assert() statements */
+/*
+** Return true if the given BtCursor is valid. A valid cursor is one
+** that is currently pointing to a row in a (non-empty) table.
+** This is a verification routine is used only within assert() statements.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCursorIsValid(BtCursor *pCur){
+ return pCur && pCur->eState==CURSOR_VALID;
+}
+#endif /* NDEBUG */
+
+/*
+** Set *pSize to the size of the buffer needed to hold the value of
+** the key for the current entry. If the cursor is not pointing
+** to a valid entry, *pSize is set to 0.
+**
+** For a table with the INTKEY flag set, this routine returns the key
+** itself, not the number of bytes in the key.
+**
+** The caller must position the cursor prior to invoking this routine.
+**
+** This routine cannot fail. It always returns SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3BtreeKeySize(BtCursor *pCur, i64 *pSize){
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ getCellInfo(pCur);
+ *pSize = pCur->info.nKey;
+ return SQLITE_OK;
+}
+
+/*
+** Set *pSize to the number of bytes of data in the entry the
+** cursor currently points to.
+**
+** The caller must guarantee that the cursor is pointing to a non-NULL
+** valid entry. In other words, the calling procedure must guarantee
+** that the cursor has Cursor.eState==CURSOR_VALID.
+**
+** Failure is not possible. This function always returns SQLITE_OK.
+** It might just as well be a procedure (returning void) but we continue
+** to return an integer result code for historical reasons.
+*/
+SQLITE_PRIVATE int sqlite3BtreeDataSize(BtCursor *pCur, u32 *pSize){
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ assert( pCur->iPage>=0 );
+ assert( pCur->iPage<BTCURSOR_MAX_DEPTH );
+ assert( pCur->apPage[pCur->iPage]->intKeyLeaf==1 );
+ getCellInfo(pCur);
+ *pSize = pCur->info.nPayload;
+ return SQLITE_OK;
+}
+
+/*
+** Given the page number of an overflow page in the database (parameter
+** ovfl), this function finds the page number of the next page in the
+** linked list of overflow pages. If possible, it uses the auto-vacuum
+** pointer-map data instead of reading the content of page ovfl to do so.
+**
+** If an error occurs an SQLite error code is returned. Otherwise:
+**
+** The page number of the next overflow page in the linked list is
+** written to *pPgnoNext. If page ovfl is the last page in its linked
+** list, *pPgnoNext is set to zero.
+**
+** If ppPage is not NULL, and a reference to the MemPage object corresponding
+** to page number pOvfl was obtained, then *ppPage is set to point to that
+** reference. It is the responsibility of the caller to call releasePage()
+** on *ppPage to free the reference. In no reference was obtained (because
+** the pointer-map was used to obtain the value for *pPgnoNext), then
+** *ppPage is set to zero.
+*/
+static int getOverflowPage(
+ BtShared *pBt, /* The database file */
+ Pgno ovfl, /* Current overflow page number */
+ MemPage **ppPage, /* OUT: MemPage handle (may be NULL) */
+ Pgno *pPgnoNext /* OUT: Next overflow page number */
+){
+ Pgno next = 0;
+ MemPage *pPage = 0;
+ int rc = SQLITE_OK;
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert(pPgnoNext);
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ /* Try to find the next page in the overflow list using the
+ ** autovacuum pointer-map pages. Guess that the next page in
+ ** the overflow list is page number (ovfl+1). If that guess turns
+ ** out to be wrong, fall back to loading the data of page
+ ** number ovfl to determine the next page number.
+ */
+ if( pBt->autoVacuum ){
+ Pgno pgno;
+ Pgno iGuess = ovfl+1;
+ u8 eType;
+
+ while( PTRMAP_ISPAGE(pBt, iGuess) || iGuess==PENDING_BYTE_PAGE(pBt) ){
+ iGuess++;
+ }
+
+ if( iGuess<=btreePagecount(pBt) ){
+ rc = ptrmapGet(pBt, iGuess, &eType, &pgno);
+ if( rc==SQLITE_OK && eType==PTRMAP_OVERFLOW2 && pgno==ovfl ){
+ next = iGuess;
+ rc = SQLITE_DONE;
+ }
+ }
+ }
+#endif
+
+ assert( next==0 || rc==SQLITE_DONE );
+ if( rc==SQLITE_OK ){
+ rc = btreeGetPage(pBt, ovfl, &pPage, (ppPage==0) ? PAGER_GET_READONLY : 0);
+ assert( rc==SQLITE_OK || pPage==0 );
+ if( rc==SQLITE_OK ){
+ next = get4byte(pPage->aData);
+ }
+ }
+
+ *pPgnoNext = next;
+ if( ppPage ){
+ *ppPage = pPage;
+ }else{
+ releasePage(pPage);
+ }
+ return (rc==SQLITE_DONE ? SQLITE_OK : rc);
+}
+
+/*
+** Copy data from a buffer to a page, or from a page to a buffer.
+**
+** pPayload is a pointer to data stored on database page pDbPage.
+** If argument eOp is false, then nByte bytes of data are copied
+** from pPayload to the buffer pointed at by pBuf. If eOp is true,
+** then sqlite3PagerWrite() is called on pDbPage and nByte bytes
+** of data are copied from the buffer pBuf to pPayload.
+**
+** SQLITE_OK is returned on success, otherwise an error code.
+*/
+static int copyPayload(
+ void *pPayload, /* Pointer to page data */
+ void *pBuf, /* Pointer to buffer */
+ int nByte, /* Number of bytes to copy */
+ int eOp, /* 0 -> copy from page, 1 -> copy to page */
+ DbPage *pDbPage /* Page containing pPayload */
+){
+ if( eOp ){
+ /* Copy data from buffer to page (a write operation) */
+ int rc = sqlite3PagerWrite(pDbPage);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ memcpy(pPayload, pBuf, nByte);
+ }else{
+ /* Copy data from page to buffer (a read operation) */
+ memcpy(pBuf, pPayload, nByte);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** This function is used to read or overwrite payload information
+** for the entry that the pCur cursor is pointing to. The eOp
+** argument is interpreted as follows:
+**
+** 0: The operation is a read. Populate the overflow cache.
+** 1: The operation is a write. Populate the overflow cache.
+** 2: The operation is a read. Do not populate the overflow cache.
+**
+** A total of "amt" bytes are read or written beginning at "offset".
+** Data is read to or from the buffer pBuf.
+**
+** The content being read or written might appear on the main page
+** or be scattered out on multiple overflow pages.
+**
+** If the current cursor entry uses one or more overflow pages and the
+** eOp argument is not 2, this function may allocate space for and lazily
+** populates the overflow page-list cache array (BtCursor.aOverflow).
+** Subsequent calls use this cache to make seeking to the supplied offset
+** more efficient.
+**
+** Once an overflow page-list cache has been allocated, it may be
+** invalidated if some other cursor writes to the same table, or if
+** the cursor is moved to a different row. Additionally, in auto-vacuum
+** mode, the following events may invalidate an overflow page-list cache.
+**
+** * An incremental vacuum,
+** * A commit in auto_vacuum="full" mode,
+** * Creating a table (may require moving an overflow page).
+*/
+static int accessPayload(
+ BtCursor *pCur, /* Cursor pointing to entry to read from */
+ u32 offset, /* Begin reading this far into payload */
+ u32 amt, /* Read this many bytes */
+ unsigned char *pBuf, /* Write the bytes into this buffer */
+ int eOp /* zero to read. non-zero to write. */
+){
+ unsigned char *aPayload;
+ int rc = SQLITE_OK;
+ int iIdx = 0;
+ MemPage *pPage = pCur->apPage[pCur->iPage]; /* Btree page of current entry */
+ BtShared *pBt = pCur->pBt; /* Btree this cursor belongs to */
+#ifdef SQLITE_DIRECT_OVERFLOW_READ
+ unsigned char * const pBufStart = pBuf;
+ int bEnd; /* True if reading to end of data */
+#endif
+
+ assert( pPage );
+ assert( pCur->eState==CURSOR_VALID );
+ assert( pCur->aiIdx[pCur->iPage]<pPage->nCell );
+ assert( cursorHoldsMutex(pCur) );
+ assert( eOp!=2 || offset==0 ); /* Always start from beginning for eOp==2 */
+
+ getCellInfo(pCur);
+ aPayload = pCur->info.pPayload;
+#ifdef SQLITE_DIRECT_OVERFLOW_READ
+ bEnd = offset+amt==pCur->info.nPayload;
+#endif
+ assert( offset+amt <= pCur->info.nPayload );
+
+ if( &aPayload[pCur->info.nLocal] > &pPage->aData[pBt->usableSize] ){
+ /* Trying to read or write past the end of the data is an error */
+ return SQLITE_CORRUPT_BKPT;
+ }
+
+ /* Check if data must be read/written to/from the btree page itself. */
+ if( offset<pCur->info.nLocal ){
+ int a = amt;
+ if( a+offset>pCur->info.nLocal ){
+ a = pCur->info.nLocal - offset;
+ }
+ rc = copyPayload(&aPayload[offset], pBuf, a, (eOp & 0x01), pPage->pDbPage);
+ offset = 0;
+ pBuf += a;
+ amt -= a;
+ }else{
+ offset -= pCur->info.nLocal;
+ }
+
+
+ if( rc==SQLITE_OK && amt>0 ){
+ const u32 ovflSize = pBt->usableSize - 4; /* Bytes content per ovfl page */
+ Pgno nextPage;
+
+ nextPage = get4byte(&aPayload[pCur->info.nLocal]);
+
+ /* If the BtCursor.aOverflow[] has not been allocated, allocate it now.
+ ** Except, do not allocate aOverflow[] for eOp==2.
+ **
+ ** The aOverflow[] array is sized at one entry for each overflow page
+ ** in the overflow chain. The page number of the first overflow page is
+ ** stored in aOverflow[0], etc. A value of 0 in the aOverflow[] array
+ ** means "not yet known" (the cache is lazily populated).
+ */
+ if( eOp!=2 && (pCur->curFlags & BTCF_ValidOvfl)==0 ){
+ int nOvfl = (pCur->info.nPayload-pCur->info.nLocal+ovflSize-1)/ovflSize;
+ if( nOvfl>pCur->nOvflAlloc ){
+ Pgno *aNew = (Pgno*)sqlite3Realloc(
+ pCur->aOverflow, nOvfl*2*sizeof(Pgno)
+ );
+ if( aNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ pCur->nOvflAlloc = nOvfl*2;
+ pCur->aOverflow = aNew;
+ }
+ }
+ if( rc==SQLITE_OK ){
+ memset(pCur->aOverflow, 0, nOvfl*sizeof(Pgno));
+ pCur->curFlags |= BTCF_ValidOvfl;
+ }
+ }
+
+ /* If the overflow page-list cache has been allocated and the
+ ** entry for the first required overflow page is valid, skip
+ ** directly to it.
+ */
+ if( (pCur->curFlags & BTCF_ValidOvfl)!=0
+ && pCur->aOverflow[offset/ovflSize]
+ ){
+ iIdx = (offset/ovflSize);
+ nextPage = pCur->aOverflow[iIdx];
+ offset = (offset%ovflSize);
+ }
+
+ for( ; rc==SQLITE_OK && amt>0 && nextPage; iIdx++){
+
+ /* If required, populate the overflow page-list cache. */
+ if( (pCur->curFlags & BTCF_ValidOvfl)!=0 ){
+ assert( pCur->aOverflow[iIdx]==0
+ || pCur->aOverflow[iIdx]==nextPage
+ || CORRUPT_DB );
+ pCur->aOverflow[iIdx] = nextPage;
+ }
+
+ if( offset>=ovflSize ){
+ /* The only reason to read this page is to obtain the page
+ ** number for the next page in the overflow chain. The page
+ ** data is not required. So first try to lookup the overflow
+ ** page-list cache, if any, then fall back to the getOverflowPage()
+ ** function.
+ **
+ ** Note that the aOverflow[] array must be allocated because eOp!=2
+ ** here. If eOp==2, then offset==0 and this branch is never taken.
+ */
+ assert( eOp!=2 );
+ assert( pCur->curFlags & BTCF_ValidOvfl );
+ assert( pCur->pBtree->db==pBt->db );
+ if( pCur->aOverflow[iIdx+1] ){
+ nextPage = pCur->aOverflow[iIdx+1];
+ }else{
+ rc = getOverflowPage(pBt, nextPage, 0, &nextPage);
+ }
+ offset -= ovflSize;
+ }else{
+ /* Need to read this page properly. It contains some of the
+ ** range of data that is being read (eOp==0) or written (eOp!=0).
+ */
+#ifdef SQLITE_DIRECT_OVERFLOW_READ
+ sqlite3_file *fd;
+#endif
+ int a = amt;
+ if( a + offset > ovflSize ){
+ a = ovflSize - offset;
+ }
+
+#ifdef SQLITE_DIRECT_OVERFLOW_READ
+ /* If all the following are true:
+ **
+ ** 1) this is a read operation, and
+ ** 2) data is required from the start of this overflow page, and
+ ** 3) the database is file-backed, and
+ ** 4) there is no open write-transaction, and
+ ** 5) the database is not a WAL database,
+ ** 6) all data from the page is being read.
+ ** 7) at least 4 bytes have already been read into the output buffer
+ **
+ ** then data can be read directly from the database file into the
+ ** output buffer, bypassing the page-cache altogether. This speeds
+ ** up loading large records that span many overflow pages.
+ */
+ if( (eOp&0x01)==0 /* (1) */
+ && offset==0 /* (2) */
+ && (bEnd || a==ovflSize) /* (6) */
+ && pBt->inTransaction==TRANS_READ /* (4) */
+ && (fd = sqlite3PagerFile(pBt->pPager))->pMethods /* (3) */
+ && pBt->pPage1->aData[19]==0x01 /* (5) */
+ && &pBuf[-4]>=pBufStart /* (7) */
+ ){
+ u8 aSave[4];
+ u8 *aWrite = &pBuf[-4];
+ assert( aWrite>=pBufStart ); /* hence (7) */
+ memcpy(aSave, aWrite, 4);
+ rc = sqlite3OsRead(fd, aWrite, a+4, (i64)pBt->pageSize*(nextPage-1));
+ nextPage = get4byte(aWrite);
+ memcpy(aWrite, aSave, 4);
+ }else
+#endif
+
+ {
+ DbPage *pDbPage;
+ rc = sqlite3PagerGet(pBt->pPager, nextPage, &pDbPage,
+ ((eOp&0x01)==0 ? PAGER_GET_READONLY : 0)
+ );
+ if( rc==SQLITE_OK ){
+ aPayload = sqlite3PagerGetData(pDbPage);
+ nextPage = get4byte(aPayload);
+ rc = copyPayload(&aPayload[offset+4], pBuf, a, (eOp&0x01), pDbPage);
+ sqlite3PagerUnref(pDbPage);
+ offset = 0;
+ }
+ }
+ amt -= a;
+ pBuf += a;
+ }
+ }
+ }
+
+ if( rc==SQLITE_OK && amt>0 ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ return rc;
+}
+
+/*
+** Read part of the key associated with cursor pCur. Exactly
+** "amt" bytes will be transferred into pBuf[]. The transfer
+** begins at "offset".
+**
+** The caller must ensure that pCur is pointing to a valid row
+** in the table.
+**
+** Return SQLITE_OK on success or an error code if anything goes
+** wrong. An error is returned if "offset+amt" is larger than
+** the available payload.
+*/
+SQLITE_PRIVATE int sqlite3BtreeKey(BtCursor *pCur, u32 offset, u32 amt, void *pBuf){
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ assert( pCur->iPage>=0 && pCur->apPage[pCur->iPage] );
+ assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
+ return accessPayload(pCur, offset, amt, (unsigned char*)pBuf, 0);
+}
+
+/*
+** Read part of the data associated with cursor pCur. Exactly
+** "amt" bytes will be transfered into pBuf[]. The transfer
+** begins at "offset".
+**
+** Return SQLITE_OK on success or an error code if anything goes
+** wrong. An error is returned if "offset+amt" is larger than
+** the available payload.
+*/
+SQLITE_PRIVATE int sqlite3BtreeData(BtCursor *pCur, u32 offset, u32 amt, void *pBuf){
+ int rc;
+
+#ifndef SQLITE_OMIT_INCRBLOB
+ if ( pCur->eState==CURSOR_INVALID ){
+ return SQLITE_ABORT;
+ }
+#endif
+
+ assert( cursorHoldsMutex(pCur) );
+ rc = restoreCursorPosition(pCur);
+ if( rc==SQLITE_OK ){
+ assert( pCur->eState==CURSOR_VALID );
+ assert( pCur->iPage>=0 && pCur->apPage[pCur->iPage] );
+ assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
+ rc = accessPayload(pCur, offset, amt, pBuf, 0);
+ }
+ return rc;
+}
+
+/*
+** Return a pointer to payload information from the entry that the
+** pCur cursor is pointing to. The pointer is to the beginning of
+** the key if index btrees (pPage->intKey==0) and is the data for
+** table btrees (pPage->intKey==1). The number of bytes of available
+** key/data is written into *pAmt. If *pAmt==0, then the value
+** returned will not be a valid pointer.
+**
+** This routine is an optimization. It is common for the entire key
+** and data to fit on the local page and for there to be no overflow
+** pages. When that is so, this routine can be used to access the
+** key and data without making a copy. If the key and/or data spills
+** onto overflow pages, then accessPayload() must be used to reassemble
+** the key/data and copy it into a preallocated buffer.
+**
+** The pointer returned by this routine looks directly into the cached
+** page of the database. The data might change or move the next time
+** any btree routine is called.
+*/
+static const void *fetchPayload(
+ BtCursor *pCur, /* Cursor pointing to entry to read from */
+ u32 *pAmt /* Write the number of available bytes here */
+){
+ u32 amt;
+ assert( pCur!=0 && pCur->iPage>=0 && pCur->apPage[pCur->iPage]);
+ assert( pCur->eState==CURSOR_VALID );
+ assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
+ assert( pCur->info.nSize>0 );
+ assert( pCur->info.pPayload>pCur->apPage[pCur->iPage]->aData || CORRUPT_DB );
+ assert( pCur->info.pPayload<pCur->apPage[pCur->iPage]->aDataEnd ||CORRUPT_DB);
+ amt = (int)(pCur->apPage[pCur->iPage]->aDataEnd - pCur->info.pPayload);
+ if( pCur->info.nLocal<amt ) amt = pCur->info.nLocal;
+ *pAmt = amt;
+ return (void*)pCur->info.pPayload;
+}
+
+
+/*
+** For the entry that cursor pCur is point to, return as
+** many bytes of the key or data as are available on the local
+** b-tree page. Write the number of available bytes into *pAmt.
+**
+** The pointer returned is ephemeral. The key/data may move
+** or be destroyed on the next call to any Btree routine,
+** including calls from other threads against the same cache.
+** Hence, a mutex on the BtShared should be held prior to calling
+** this routine.
+**
+** These routines is used to get quick access to key and data
+** in the common case where no overflow pages are used.
+*/
+SQLITE_PRIVATE const void *sqlite3BtreeKeyFetch(BtCursor *pCur, u32 *pAmt){
+ return fetchPayload(pCur, pAmt);
+}
+SQLITE_PRIVATE const void *sqlite3BtreeDataFetch(BtCursor *pCur, u32 *pAmt){
+ return fetchPayload(pCur, pAmt);
+}
+
+
+/*
+** Move the cursor down to a new child page. The newPgno argument is the
+** page number of the child page to move to.
+**
+** This function returns SQLITE_CORRUPT if the page-header flags field of
+** the new child page does not match the flags field of the parent (i.e.
+** if an intkey page appears to be the parent of a non-intkey page, or
+** vice-versa).
+*/
+static int moveToChild(BtCursor *pCur, u32 newPgno){
+ BtShared *pBt = pCur->pBt;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ assert( pCur->iPage<BTCURSOR_MAX_DEPTH );
+ assert( pCur->iPage>=0 );
+ if( pCur->iPage>=(BTCURSOR_MAX_DEPTH-1) ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ pCur->info.nSize = 0;
+ pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+ pCur->iPage++;
+ pCur->aiIdx[pCur->iPage] = 0;
+ return getAndInitPage(pBt, newPgno, &pCur->apPage[pCur->iPage],
+ pCur, pCur->curPagerFlags);
+}
+
+#if SQLITE_DEBUG
+/*
+** Page pParent is an internal (non-leaf) tree page. This function
+** asserts that page number iChild is the left-child if the iIdx'th
+** cell in page pParent. Or, if iIdx is equal to the total number of
+** cells in pParent, that page number iChild is the right-child of
+** the page.
+*/
+static void assertParentIndex(MemPage *pParent, int iIdx, Pgno iChild){
+ if( CORRUPT_DB ) return; /* The conditions tested below might not be true
+ ** in a corrupt database */
+ assert( iIdx<=pParent->nCell );
+ if( iIdx==pParent->nCell ){
+ assert( get4byte(&pParent->aData[pParent->hdrOffset+8])==iChild );
+ }else{
+ assert( get4byte(findCell(pParent, iIdx))==iChild );
+ }
+}
+#else
+# define assertParentIndex(x,y,z)
+#endif
+
+/*
+** Move the cursor up to the parent page.
+**
+** pCur->idx is set to the cell index that contains the pointer
+** to the page we are coming from. If we are coming from the
+** right-most child page then pCur->idx is set to one more than
+** the largest cell index.
+*/
+static void moveToParent(BtCursor *pCur){
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ assert( pCur->iPage>0 );
+ assert( pCur->apPage[pCur->iPage] );
+ assertParentIndex(
+ pCur->apPage[pCur->iPage-1],
+ pCur->aiIdx[pCur->iPage-1],
+ pCur->apPage[pCur->iPage]->pgno
+ );
+ testcase( pCur->aiIdx[pCur->iPage-1] > pCur->apPage[pCur->iPage-1]->nCell );
+ pCur->info.nSize = 0;
+ pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+ releasePageNotNull(pCur->apPage[pCur->iPage--]);
+}
+
+/*
+** Move the cursor to point to the root page of its b-tree structure.
+**
+** If the table has a virtual root page, then the cursor is moved to point
+** to the virtual root page instead of the actual root page. A table has a
+** virtual root page when the actual root page contains no cells and a
+** single child page. This can only happen with the table rooted at page 1.
+**
+** If the b-tree structure is empty, the cursor state is set to
+** CURSOR_INVALID. Otherwise, the cursor is set to point to the first
+** cell located on the root (or virtual root) page and the cursor state
+** is set to CURSOR_VALID.
+**
+** If this function returns successfully, it may be assumed that the
+** page-header flags indicate that the [virtual] root-page is the expected
+** kind of b-tree page (i.e. if when opening the cursor the caller did not
+** specify a KeyInfo structure the flags byte is set to 0x05 or 0x0D,
+** indicating a table b-tree, or if the caller did specify a KeyInfo
+** structure the flags byte is set to 0x02 or 0x0A, indicating an index
+** b-tree).
+*/
+static int moveToRoot(BtCursor *pCur){
+ MemPage *pRoot;
+ int rc = SQLITE_OK;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( CURSOR_INVALID < CURSOR_REQUIRESEEK );
+ assert( CURSOR_VALID < CURSOR_REQUIRESEEK );
+ assert( CURSOR_FAULT > CURSOR_REQUIRESEEK );
+ if( pCur->eState>=CURSOR_REQUIRESEEK ){
+ if( pCur->eState==CURSOR_FAULT ){
+ assert( pCur->skipNext!=SQLITE_OK );
+ return pCur->skipNext;
+ }
+ sqlite3BtreeClearCursor(pCur);
+ }
+
+ if( pCur->iPage>=0 ){
+ while( pCur->iPage ){
+ assert( pCur->apPage[pCur->iPage]!=0 );
+ releasePageNotNull(pCur->apPage[pCur->iPage--]);
+ }
+ }else if( pCur->pgnoRoot==0 ){
+ pCur->eState = CURSOR_INVALID;
+ return SQLITE_OK;
+ }else{
+ assert( pCur->iPage==(-1) );
+ rc = getAndInitPage(pCur->pBtree->pBt, pCur->pgnoRoot, &pCur->apPage[0],
+ 0, pCur->curPagerFlags);
+ if( rc!=SQLITE_OK ){
+ pCur->eState = CURSOR_INVALID;
+ return rc;
+ }
+ pCur->iPage = 0;
+ pCur->curIntKey = pCur->apPage[0]->intKey;
+ }
+ pRoot = pCur->apPage[0];
+ assert( pRoot->pgno==pCur->pgnoRoot );
+
+ /* If pCur->pKeyInfo is not NULL, then the caller that opened this cursor
+ ** expected to open it on an index b-tree. Otherwise, if pKeyInfo is
+ ** NULL, the caller expects a table b-tree. If this is not the case,
+ ** return an SQLITE_CORRUPT error.
+ **
+ ** Earlier versions of SQLite assumed that this test could not fail
+ ** if the root page was already loaded when this function was called (i.e.
+ ** if pCur->iPage>=0). But this is not so if the database is corrupted
+ ** in such a way that page pRoot is linked into a second b-tree table
+ ** (or the freelist). */
+ assert( pRoot->intKey==1 || pRoot->intKey==0 );
+ if( pRoot->isInit==0 || (pCur->pKeyInfo==0)!=pRoot->intKey ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+
+ pCur->aiIdx[0] = 0;
+ pCur->info.nSize = 0;
+ pCur->curFlags &= ~(BTCF_AtLast|BTCF_ValidNKey|BTCF_ValidOvfl);
+
+ if( pRoot->nCell>0 ){
+ pCur->eState = CURSOR_VALID;
+ }else if( !pRoot->leaf ){
+ Pgno subpage;
+ if( pRoot->pgno!=1 ) return SQLITE_CORRUPT_BKPT;
+ subpage = get4byte(&pRoot->aData[pRoot->hdrOffset+8]);
+ pCur->eState = CURSOR_VALID;
+ rc = moveToChild(pCur, subpage);
+ }else{
+ pCur->eState = CURSOR_INVALID;
+ }
+ return rc;
+}
+
+/*
+** Move the cursor down to the left-most leaf entry beneath the
+** entry to which it is currently pointing.
+**
+** The left-most leaf is the one with the smallest key - the first
+** in ascending order.
+*/
+static int moveToLeftmost(BtCursor *pCur){
+ Pgno pgno;
+ int rc = SQLITE_OK;
+ MemPage *pPage;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ while( rc==SQLITE_OK && !(pPage = pCur->apPage[pCur->iPage])->leaf ){
+ assert( pCur->aiIdx[pCur->iPage]<pPage->nCell );
+ pgno = get4byte(findCell(pPage, pCur->aiIdx[pCur->iPage]));
+ rc = moveToChild(pCur, pgno);
+ }
+ return rc;
+}
+
+/*
+** Move the cursor down to the right-most leaf entry beneath the
+** page to which it is currently pointing. Notice the difference
+** between moveToLeftmost() and moveToRightmost(). moveToLeftmost()
+** finds the left-most entry beneath the *entry* whereas moveToRightmost()
+** finds the right-most entry beneath the *page*.
+**
+** The right-most entry is the one with the largest key - the last
+** key in ascending order.
+*/
+static int moveToRightmost(BtCursor *pCur){
+ Pgno pgno;
+ int rc = SQLITE_OK;
+ MemPage *pPage = 0;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->eState==CURSOR_VALID );
+ while( !(pPage = pCur->apPage[pCur->iPage])->leaf ){
+ pgno = get4byte(&pPage->aData[pPage->hdrOffset+8]);
+ pCur->aiIdx[pCur->iPage] = pPage->nCell;
+ rc = moveToChild(pCur, pgno);
+ if( rc ) return rc;
+ }
+ pCur->aiIdx[pCur->iPage] = pPage->nCell-1;
+ assert( pCur->info.nSize==0 );
+ assert( (pCur->curFlags & BTCF_ValidNKey)==0 );
+ return SQLITE_OK;
+}
+
+/* Move the cursor to the first entry in the table. Return SQLITE_OK
+** on success. Set *pRes to 0 if the cursor actually points to something
+** or set *pRes to 1 if the table is empty.
+*/
+SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor *pCur, int *pRes){
+ int rc;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
+ rc = moveToRoot(pCur);
+ if( rc==SQLITE_OK ){
+ if( pCur->eState==CURSOR_INVALID ){
+ assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->nCell==0 );
+ *pRes = 1;
+ }else{
+ assert( pCur->apPage[pCur->iPage]->nCell>0 );
+ *pRes = 0;
+ rc = moveToLeftmost(pCur);
+ }
+ }
+ return rc;
+}
+
+/* Move the cursor to the last entry in the table. Return SQLITE_OK
+** on success. Set *pRes to 0 if the cursor actually points to something
+** or set *pRes to 1 if the table is empty.
+*/
+SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor *pCur, int *pRes){
+ int rc;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
+
+ /* If the cursor already points to the last entry, this is a no-op. */
+ if( CURSOR_VALID==pCur->eState && (pCur->curFlags & BTCF_AtLast)!=0 ){
+#ifdef SQLITE_DEBUG
+ /* This block serves to assert() that the cursor really does point
+ ** to the last entry in the b-tree. */
+ int ii;
+ for(ii=0; ii<pCur->iPage; ii++){
+ assert( pCur->aiIdx[ii]==pCur->apPage[ii]->nCell );
+ }
+ assert( pCur->aiIdx[pCur->iPage]==pCur->apPage[pCur->iPage]->nCell-1 );
+ assert( pCur->apPage[pCur->iPage]->leaf );
+#endif
+ return SQLITE_OK;
+ }
+
+ rc = moveToRoot(pCur);
+ if( rc==SQLITE_OK ){
+ if( CURSOR_INVALID==pCur->eState ){
+ assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->nCell==0 );
+ *pRes = 1;
+ }else{
+ assert( pCur->eState==CURSOR_VALID );
+ *pRes = 0;
+ rc = moveToRightmost(pCur);
+ if( rc==SQLITE_OK ){
+ pCur->curFlags |= BTCF_AtLast;
+ }else{
+ pCur->curFlags &= ~BTCF_AtLast;
+ }
+
+ }
+ }
+ return rc;
+}
+
+/* Move the cursor so that it points to an entry near the key
+** specified by pIdxKey or intKey. Return a success code.
+**
+** For INTKEY tables, the intKey parameter is used. pIdxKey
+** must be NULL. For index tables, pIdxKey is used and intKey
+** is ignored.
+**
+** If an exact match is not found, then the cursor is always
+** left pointing at a leaf page which would hold the entry if it
+** were present. The cursor might point to an entry that comes
+** before or after the key.
+**
+** An integer is written into *pRes which is the result of
+** comparing the key with the entry to which the cursor is
+** pointing. The meaning of the integer written into
+** *pRes is as follows:
+**
+** *pRes<0 The cursor is left pointing at an entry that
+** is smaller than intKey/pIdxKey or if the table is empty
+** and the cursor is therefore left point to nothing.
+**
+** *pRes==0 The cursor is left pointing at an entry that
+** exactly matches intKey/pIdxKey.
+**
+** *pRes>0 The cursor is left pointing at an entry that
+** is larger than intKey/pIdxKey.
+**
+** For index tables, the pIdxKey->eqSeen field is set to 1 if there
+** exists an entry in the table that exactly matches pIdxKey.
+*/
+SQLITE_PRIVATE int sqlite3BtreeMovetoUnpacked(
+ BtCursor *pCur, /* The cursor to be moved */
+ UnpackedRecord *pIdxKey, /* Unpacked index key */
+ i64 intKey, /* The table key */
+ int biasRight, /* If true, bias the search to the high end */
+ int *pRes /* Write search results here */
+){
+ int rc;
+ RecordCompare xRecordCompare;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
+ assert( pRes );
+ assert( (pIdxKey==0)==(pCur->pKeyInfo==0) );
+
+ /* If the cursor is already positioned at the point we are trying
+ ** to move to, then just return without doing any work */
+ if( pCur->eState==CURSOR_VALID && (pCur->curFlags & BTCF_ValidNKey)!=0
+ && pCur->curIntKey
+ ){
+ if( pCur->info.nKey==intKey ){
+ *pRes = 0;
+ return SQLITE_OK;
+ }
+ if( (pCur->curFlags & BTCF_AtLast)!=0 && pCur->info.nKey<intKey ){
+ *pRes = -1;
+ return SQLITE_OK;
+ }
+ }
+
+ if( pIdxKey ){
+ xRecordCompare = sqlite3VdbeFindCompare(pIdxKey);
+ pIdxKey->errCode = 0;
+ assert( pIdxKey->default_rc==1
+ || pIdxKey->default_rc==0
+ || pIdxKey->default_rc==-1
+ );
+ }else{
+ xRecordCompare = 0; /* All keys are integers */
+ }
+
+ rc = moveToRoot(pCur);
+ if( rc ){
+ return rc;
+ }
+ assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage] );
+ assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->isInit );
+ assert( pCur->eState==CURSOR_INVALID || pCur->apPage[pCur->iPage]->nCell>0 );
+ if( pCur->eState==CURSOR_INVALID ){
+ *pRes = -1;
+ assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->nCell==0 );
+ return SQLITE_OK;
+ }
+ assert( pCur->apPage[0]->intKey==pCur->curIntKey );
+ assert( pCur->curIntKey || pIdxKey );
+ for(;;){
+ int lwr, upr, idx, c;
+ Pgno chldPg;
+ MemPage *pPage = pCur->apPage[pCur->iPage];
+ u8 *pCell; /* Pointer to current cell in pPage */
+
+ /* pPage->nCell must be greater than zero. If this is the root-page
+ ** the cursor would have been INVALID above and this for(;;) loop
+ ** not run. If this is not the root-page, then the moveToChild() routine
+ ** would have already detected db corruption. Similarly, pPage must
+ ** be the right kind (index or table) of b-tree page. Otherwise
+ ** a moveToChild() or moveToRoot() call would have detected corruption. */
+ assert( pPage->nCell>0 );
+ assert( pPage->intKey==(pIdxKey==0) );
+ lwr = 0;
+ upr = pPage->nCell-1;
+ assert( biasRight==0 || biasRight==1 );
+ idx = upr>>(1-biasRight); /* idx = biasRight ? upr : (lwr+upr)/2; */
+ pCur->aiIdx[pCur->iPage] = (u16)idx;
+ if( xRecordCompare==0 ){
+ for(;;){
+ i64 nCellKey;
+ pCell = findCellPastPtr(pPage, idx);
+ if( pPage->intKeyLeaf ){
+ while( 0x80 <= *(pCell++) ){
+ if( pCell>=pPage->aDataEnd ) return SQLITE_CORRUPT_BKPT;
+ }
+ }
+ getVarint(pCell, (u64*)&nCellKey);
+ if( nCellKey<intKey ){
+ lwr = idx+1;
+ if( lwr>upr ){ c = -1; break; }
+ }else if( nCellKey>intKey ){
+ upr = idx-1;
+ if( lwr>upr ){ c = +1; break; }
+ }else{
+ assert( nCellKey==intKey );
+ pCur->curFlags |= BTCF_ValidNKey;
+ pCur->info.nKey = nCellKey;
+ pCur->aiIdx[pCur->iPage] = (u16)idx;
+ if( !pPage->leaf ){
+ lwr = idx;
+ goto moveto_next_layer;
+ }else{
+ *pRes = 0;
+ rc = SQLITE_OK;
+ goto moveto_finish;
+ }
+ }
+ assert( lwr+upr>=0 );
+ idx = (lwr+upr)>>1; /* idx = (lwr+upr)/2; */
+ }
+ }else{
+ for(;;){
+ int nCell; /* Size of the pCell cell in bytes */
+ pCell = findCellPastPtr(pPage, idx);
+
+ /* The maximum supported page-size is 65536 bytes. This means that
+ ** the maximum number of record bytes stored on an index B-Tree
+ ** page is less than 16384 bytes and may be stored as a 2-byte
+ ** varint. This information is used to attempt to avoid parsing
+ ** the entire cell by checking for the cases where the record is
+ ** stored entirely within the b-tree page by inspecting the first
+ ** 2 bytes of the cell.
+ */
+ nCell = pCell[0];
+ if( nCell<=pPage->max1bytePayload ){
+ /* This branch runs if the record-size field of the cell is a
+ ** single byte varint and the record fits entirely on the main
+ ** b-tree page. */
+ testcase( pCell+nCell+1==pPage->aDataEnd );
+ c = xRecordCompare(nCell, (void*)&pCell[1], pIdxKey);
+ }else if( !(pCell[1] & 0x80)
+ && (nCell = ((nCell&0x7f)<<7) + pCell[1])<=pPage->maxLocal
+ ){
+ /* The record-size field is a 2 byte varint and the record
+ ** fits entirely on the main b-tree page. */
+ testcase( pCell+nCell+2==pPage->aDataEnd );
+ c = xRecordCompare(nCell, (void*)&pCell[2], pIdxKey);
+ }else{
+ /* The record flows over onto one or more overflow pages. In
+ ** this case the whole cell needs to be parsed, a buffer allocated
+ ** and accessPayload() used to retrieve the record into the
+ ** buffer before VdbeRecordCompare() can be called.
+ **
+ ** If the record is corrupt, the xRecordCompare routine may read
+ ** up to two varints past the end of the buffer. An extra 18
+ ** bytes of padding is allocated at the end of the buffer in
+ ** case this happens. */
+ void *pCellKey;
+ u8 * const pCellBody = pCell - pPage->childPtrSize;
+ pPage->xParseCell(pPage, pCellBody, &pCur->info);
+ nCell = (int)pCur->info.nKey;
+ testcase( nCell<0 ); /* True if key size is 2^32 or more */
+ testcase( nCell==0 ); /* Invalid key size: 0x80 0x80 0x00 */
+ testcase( nCell==1 ); /* Invalid key size: 0x80 0x80 0x01 */
+ testcase( nCell==2 ); /* Minimum legal index key size */
+ if( nCell<2 ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto moveto_finish;
+ }
+ pCellKey = sqlite3Malloc( nCell+18 );
+ if( pCellKey==0 ){
+ rc = SQLITE_NOMEM;
+ goto moveto_finish;
+ }
+ pCur->aiIdx[pCur->iPage] = (u16)idx;
+ rc = accessPayload(pCur, 0, nCell, (unsigned char*)pCellKey, 2);
+ if( rc ){
+ sqlite3_free(pCellKey);
+ goto moveto_finish;
+ }
+ c = xRecordCompare(nCell, pCellKey, pIdxKey);
+ sqlite3_free(pCellKey);
+ }
+ assert(
+ (pIdxKey->errCode!=SQLITE_CORRUPT || c==0)
+ && (pIdxKey->errCode!=SQLITE_NOMEM || pCur->pBtree->db->mallocFailed)
+ );
+ if( c<0 ){
+ lwr = idx+1;
+ }else if( c>0 ){
+ upr = idx-1;
+ }else{
+ assert( c==0 );
+ *pRes = 0;
+ rc = SQLITE_OK;
+ pCur->aiIdx[pCur->iPage] = (u16)idx;
+ if( pIdxKey->errCode ) rc = SQLITE_CORRUPT;
+ goto moveto_finish;
+ }
+ if( lwr>upr ) break;
+ assert( lwr+upr>=0 );
+ idx = (lwr+upr)>>1; /* idx = (lwr+upr)/2 */
+ }
+ }
+ assert( lwr==upr+1 || (pPage->intKey && !pPage->leaf) );
+ assert( pPage->isInit );
+ if( pPage->leaf ){
+ assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
+ pCur->aiIdx[pCur->iPage] = (u16)idx;
+ *pRes = c;
+ rc = SQLITE_OK;
+ goto moveto_finish;
+ }
+moveto_next_layer:
+ if( lwr>=pPage->nCell ){
+ chldPg = get4byte(&pPage->aData[pPage->hdrOffset+8]);
+ }else{
+ chldPg = get4byte(findCell(pPage, lwr));
+ }
+ pCur->aiIdx[pCur->iPage] = (u16)lwr;
+ rc = moveToChild(pCur, chldPg);
+ if( rc ) break;
+ }
+moveto_finish:
+ pCur->info.nSize = 0;
+ pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+ return rc;
+}
+
+
+/*
+** Return TRUE if the cursor is not pointing at an entry of the table.
+**
+** TRUE will be returned after a call to sqlite3BtreeNext() moves
+** past the last entry in the table or sqlite3BtreePrev() moves past
+** the first entry. TRUE is also returned if the table is empty.
+*/
+SQLITE_PRIVATE int sqlite3BtreeEof(BtCursor *pCur){
+ /* TODO: What if the cursor is in CURSOR_REQUIRESEEK but all table entries
+ ** have been deleted? This API will need to change to return an error code
+ ** as well as the boolean result value.
+ */
+ return (CURSOR_VALID!=pCur->eState);
+}
+
+/*
+** Advance the cursor to the next entry in the database. If
+** successful then set *pRes=0. If the cursor
+** was already pointing to the last entry in the database before
+** this routine was called, then set *pRes=1.
+**
+** The main entry point is sqlite3BtreeNext(). That routine is optimized
+** for the common case of merely incrementing the cell counter BtCursor.aiIdx
+** to the next cell on the current page. The (slower) btreeNext() helper
+** routine is called when it is necessary to move to a different page or
+** to restore the cursor.
+**
+** The calling function will set *pRes to 0 or 1. The initial *pRes value
+** will be 1 if the cursor being stepped corresponds to an SQL index and
+** if this routine could have been skipped if that SQL index had been
+** a unique index. Otherwise the caller will have set *pRes to zero.
+** Zero is the common case. The btree implementation is free to use the
+** initial *pRes value as a hint to improve performance, but the current
+** SQLite btree implementation does not. (Note that the comdb2 btree
+** implementation does use this hint, however.)
+*/
+static SQLITE_NOINLINE int btreeNext(BtCursor *pCur, int *pRes){
+ int rc;
+ int idx;
+ MemPage *pPage;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( pCur->skipNext==0 || pCur->eState!=CURSOR_VALID );
+ assert( *pRes==0 );
+ if( pCur->eState!=CURSOR_VALID ){
+ assert( (pCur->curFlags & BTCF_ValidOvfl)==0 );
+ rc = restoreCursorPosition(pCur);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ if( CURSOR_INVALID==pCur->eState ){
+ *pRes = 1;
+ return SQLITE_OK;
+ }
+ if( pCur->skipNext ){
+ assert( pCur->eState==CURSOR_VALID || pCur->eState==CURSOR_SKIPNEXT );
+ pCur->eState = CURSOR_VALID;
+ if( pCur->skipNext>0 ){
+ pCur->skipNext = 0;
+ return SQLITE_OK;
+ }
+ pCur->skipNext = 0;
+ }
+ }
+
+ pPage = pCur->apPage[pCur->iPage];
+ idx = ++pCur->aiIdx[pCur->iPage];
+ assert( pPage->isInit );
+
+ /* If the database file is corrupt, it is possible for the value of idx
+ ** to be invalid here. This can only occur if a second cursor modifies
+ ** the page while cursor pCur is holding a reference to it. Which can
+ ** only happen if the database is corrupt in such a way as to link the
+ ** page into more than one b-tree structure. */
+ testcase( idx>pPage->nCell );
+
+ if( idx>=pPage->nCell ){
+ if( !pPage->leaf ){
+ rc = moveToChild(pCur, get4byte(&pPage->aData[pPage->hdrOffset+8]));
+ if( rc ) return rc;
+ return moveToLeftmost(pCur);
+ }
+ do{
+ if( pCur->iPage==0 ){
+ *pRes = 1;
+ pCur->eState = CURSOR_INVALID;
+ return SQLITE_OK;
+ }
+ moveToParent(pCur);
+ pPage = pCur->apPage[pCur->iPage];
+ }while( pCur->aiIdx[pCur->iPage]>=pPage->nCell );
+ if( pPage->intKey ){
+ return sqlite3BtreeNext(pCur, pRes);
+ }else{
+ return SQLITE_OK;
+ }
+ }
+ if( pPage->leaf ){
+ return SQLITE_OK;
+ }else{
+ return moveToLeftmost(pCur);
+ }
+}
+SQLITE_PRIVATE int sqlite3BtreeNext(BtCursor *pCur, int *pRes){
+ MemPage *pPage;
+ assert( cursorHoldsMutex(pCur) );
+ assert( pRes!=0 );
+ assert( *pRes==0 || *pRes==1 );
+ assert( pCur->skipNext==0 || pCur->eState!=CURSOR_VALID );
+ pCur->info.nSize = 0;
+ pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+ *pRes = 0;
+ if( pCur->eState!=CURSOR_VALID ) return btreeNext(pCur, pRes);
+ pPage = pCur->apPage[pCur->iPage];
+ if( (++pCur->aiIdx[pCur->iPage])>=pPage->nCell ){
+ pCur->aiIdx[pCur->iPage]--;
+ return btreeNext(pCur, pRes);
+ }
+ if( pPage->leaf ){
+ return SQLITE_OK;
+ }else{
+ return moveToLeftmost(pCur);
+ }
+}
+
+/*
+** Step the cursor to the back to the previous entry in the database. If
+** successful then set *pRes=0. If the cursor
+** was already pointing to the first entry in the database before
+** this routine was called, then set *pRes=1.
+**
+** The main entry point is sqlite3BtreePrevious(). That routine is optimized
+** for the common case of merely decrementing the cell counter BtCursor.aiIdx
+** to the previous cell on the current page. The (slower) btreePrevious()
+** helper routine is called when it is necessary to move to a different page
+** or to restore the cursor.
+**
+** The calling function will set *pRes to 0 or 1. The initial *pRes value
+** will be 1 if the cursor being stepped corresponds to an SQL index and
+** if this routine could have been skipped if that SQL index had been
+** a unique index. Otherwise the caller will have set *pRes to zero.
+** Zero is the common case. The btree implementation is free to use the
+** initial *pRes value as a hint to improve performance, but the current
+** SQLite btree implementation does not. (Note that the comdb2 btree
+** implementation does use this hint, however.)
+*/
+static SQLITE_NOINLINE int btreePrevious(BtCursor *pCur, int *pRes){
+ int rc;
+ MemPage *pPage;
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( pRes!=0 );
+ assert( *pRes==0 );
+ assert( pCur->skipNext==0 || pCur->eState!=CURSOR_VALID );
+ assert( (pCur->curFlags & (BTCF_AtLast|BTCF_ValidOvfl|BTCF_ValidNKey))==0 );
+ assert( pCur->info.nSize==0 );
+ if( pCur->eState!=CURSOR_VALID ){
+ rc = restoreCursorPosition(pCur);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ if( CURSOR_INVALID==pCur->eState ){
+ *pRes = 1;
+ return SQLITE_OK;
+ }
+ if( pCur->skipNext ){
+ assert( pCur->eState==CURSOR_VALID || pCur->eState==CURSOR_SKIPNEXT );
+ pCur->eState = CURSOR_VALID;
+ if( pCur->skipNext<0 ){
+ pCur->skipNext = 0;
+ return SQLITE_OK;
+ }
+ pCur->skipNext = 0;
+ }
+ }
+
+ pPage = pCur->apPage[pCur->iPage];
+ assert( pPage->isInit );
+ if( !pPage->leaf ){
+ int idx = pCur->aiIdx[pCur->iPage];
+ rc = moveToChild(pCur, get4byte(findCell(pPage, idx)));
+ if( rc ) return rc;
+ rc = moveToRightmost(pCur);
+ }else{
+ while( pCur->aiIdx[pCur->iPage]==0 ){
+ if( pCur->iPage==0 ){
+ pCur->eState = CURSOR_INVALID;
+ *pRes = 1;
+ return SQLITE_OK;
+ }
+ moveToParent(pCur);
+ }
+ assert( pCur->info.nSize==0 );
+ assert( (pCur->curFlags & (BTCF_ValidNKey|BTCF_ValidOvfl))==0 );
+
+ pCur->aiIdx[pCur->iPage]--;
+ pPage = pCur->apPage[pCur->iPage];
+ if( pPage->intKey && !pPage->leaf ){
+ rc = sqlite3BtreePrevious(pCur, pRes);
+ }else{
+ rc = SQLITE_OK;
+ }
+ }
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3BtreePrevious(BtCursor *pCur, int *pRes){
+ assert( cursorHoldsMutex(pCur) );
+ assert( pRes!=0 );
+ assert( *pRes==0 || *pRes==1 );
+ assert( pCur->skipNext==0 || pCur->eState!=CURSOR_VALID );
+ *pRes = 0;
+ pCur->curFlags &= ~(BTCF_AtLast|BTCF_ValidOvfl|BTCF_ValidNKey);
+ pCur->info.nSize = 0;
+ if( pCur->eState!=CURSOR_VALID
+ || pCur->aiIdx[pCur->iPage]==0
+ || pCur->apPage[pCur->iPage]->leaf==0
+ ){
+ return btreePrevious(pCur, pRes);
+ }
+ pCur->aiIdx[pCur->iPage]--;
+ return SQLITE_OK;
+}
+
+/*
+** Allocate a new page from the database file.
+**
+** The new page is marked as dirty. (In other words, sqlite3PagerWrite()
+** has already been called on the new page.) The new page has also
+** been referenced and the calling routine is responsible for calling
+** sqlite3PagerUnref() on the new page when it is done.
+**
+** SQLITE_OK is returned on success. Any other return value indicates
+** an error. *ppPage is set to NULL in the event of an error.
+**
+** If the "nearby" parameter is not 0, then an effort is made to
+** locate a page close to the page number "nearby". This can be used in an
+** attempt to keep related pages close to each other in the database file,
+** which in turn can make database access faster.
+**
+** If the eMode parameter is BTALLOC_EXACT and the nearby page exists
+** anywhere on the free-list, then it is guaranteed to be returned. If
+** eMode is BTALLOC_LT then the page returned will be less than or equal
+** to nearby if any such page exists. If eMode is BTALLOC_ANY then there
+** are no restrictions on which page is returned.
+*/
+static int allocateBtreePage(
+ BtShared *pBt, /* The btree */
+ MemPage **ppPage, /* Store pointer to the allocated page here */
+ Pgno *pPgno, /* Store the page number here */
+ Pgno nearby, /* Search for a page near this one */
+ u8 eMode /* BTALLOC_EXACT, BTALLOC_LT, or BTALLOC_ANY */
+){
+ MemPage *pPage1;
+ int rc;
+ u32 n; /* Number of pages on the freelist */
+ u32 k; /* Number of leaves on the trunk of the freelist */
+ MemPage *pTrunk = 0;
+ MemPage *pPrevTrunk = 0;
+ Pgno mxPage; /* Total size of the database file */
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( eMode==BTALLOC_ANY || (nearby>0 && IfNotOmitAV(pBt->autoVacuum)) );
+ pPage1 = pBt->pPage1;
+ mxPage = btreePagecount(pBt);
+ /* EVIDENCE-OF: R-05119-02637 The 4-byte big-endian integer at offset 36
+ ** stores stores the total number of pages on the freelist. */
+ n = get4byte(&pPage1->aData[36]);
+ testcase( n==mxPage-1 );
+ if( n>=mxPage ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ if( n>0 ){
+ /* There are pages on the freelist. Reuse one of those pages. */
+ Pgno iTrunk;
+ u8 searchList = 0; /* If the free-list must be searched for 'nearby' */
+ u32 nSearch = 0; /* Count of the number of search attempts */
+
+ /* If eMode==BTALLOC_EXACT and a query of the pointer-map
+ ** shows that the page 'nearby' is somewhere on the free-list, then
+ ** the entire-list will be searched for that page.
+ */
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( eMode==BTALLOC_EXACT ){
+ if( nearby<=mxPage ){
+ u8 eType;
+ assert( nearby>0 );
+ assert( pBt->autoVacuum );
+ rc = ptrmapGet(pBt, nearby, &eType, 0);
+ if( rc ) return rc;
+ if( eType==PTRMAP_FREEPAGE ){
+ searchList = 1;
+ }
+ }
+ }else if( eMode==BTALLOC_LE ){
+ searchList = 1;
+ }
+#endif
+
+ /* Decrement the free-list count by 1. Set iTrunk to the index of the
+ ** first free-list trunk page. iPrevTrunk is initially 1.
+ */
+ rc = sqlite3PagerWrite(pPage1->pDbPage);
+ if( rc ) return rc;
+ put4byte(&pPage1->aData[36], n-1);
+
+ /* The code within this loop is run only once if the 'searchList' variable
+ ** is not true. Otherwise, it runs once for each trunk-page on the
+ ** free-list until the page 'nearby' is located (eMode==BTALLOC_EXACT)
+ ** or until a page less than 'nearby' is located (eMode==BTALLOC_LT)
+ */
+ do {
+ pPrevTrunk = pTrunk;
+ if( pPrevTrunk ){
+ /* EVIDENCE-OF: R-01506-11053 The first integer on a freelist trunk page
+ ** is the page number of the next freelist trunk page in the list or
+ ** zero if this is the last freelist trunk page. */
+ iTrunk = get4byte(&pPrevTrunk->aData[0]);
+ }else{
+ /* EVIDENCE-OF: R-59841-13798 The 4-byte big-endian integer at offset 32
+ ** stores the page number of the first page of the freelist, or zero if
+ ** the freelist is empty. */
+ iTrunk = get4byte(&pPage1->aData[32]);
+ }
+ testcase( iTrunk==mxPage );
+ if( iTrunk>mxPage || nSearch++ > n ){
+ rc = SQLITE_CORRUPT_BKPT;
+ }else{
+ rc = btreeGetUnusedPage(pBt, iTrunk, &pTrunk, 0);
+ }
+ if( rc ){
+ pTrunk = 0;
+ goto end_allocate_page;
+ }
+ assert( pTrunk!=0 );
+ assert( pTrunk->aData!=0 );
+ /* EVIDENCE-OF: R-13523-04394 The second integer on a freelist trunk page
+ ** is the number of leaf page pointers to follow. */
+ k = get4byte(&pTrunk->aData[4]);
+ if( k==0 && !searchList ){
+ /* The trunk has no leaves and the list is not being searched.
+ ** So extract the trunk page itself and use it as the newly
+ ** allocated page */
+ assert( pPrevTrunk==0 );
+ rc = sqlite3PagerWrite(pTrunk->pDbPage);
+ if( rc ){
+ goto end_allocate_page;
+ }
+ *pPgno = iTrunk;
+ memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
+ *ppPage = pTrunk;
+ pTrunk = 0;
+ TRACE(("ALLOCATE: %d trunk - %d free pages left\n", *pPgno, n-1));
+ }else if( k>(u32)(pBt->usableSize/4 - 2) ){
+ /* Value of k is out of range. Database corruption */
+ rc = SQLITE_CORRUPT_BKPT;
+ goto end_allocate_page;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ }else if( searchList
+ && (nearby==iTrunk || (iTrunk<nearby && eMode==BTALLOC_LE))
+ ){
+ /* The list is being searched and this trunk page is the page
+ ** to allocate, regardless of whether it has leaves.
+ */
+ *pPgno = iTrunk;
+ *ppPage = pTrunk;
+ searchList = 0;
+ rc = sqlite3PagerWrite(pTrunk->pDbPage);
+ if( rc ){
+ goto end_allocate_page;
+ }
+ if( k==0 ){
+ if( !pPrevTrunk ){
+ memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
+ }else{
+ rc = sqlite3PagerWrite(pPrevTrunk->pDbPage);
+ if( rc!=SQLITE_OK ){
+ goto end_allocate_page;
+ }
+ memcpy(&pPrevTrunk->aData[0], &pTrunk->aData[0], 4);
+ }
+ }else{
+ /* The trunk page is required by the caller but it contains
+ ** pointers to free-list leaves. The first leaf becomes a trunk
+ ** page in this case.
+ */
+ MemPage *pNewTrunk;
+ Pgno iNewTrunk = get4byte(&pTrunk->aData[8]);
+ if( iNewTrunk>mxPage ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto end_allocate_page;
+ }
+ testcase( iNewTrunk==mxPage );
+ rc = btreeGetUnusedPage(pBt, iNewTrunk, &pNewTrunk, 0);
+ if( rc!=SQLITE_OK ){
+ goto end_allocate_page;
+ }
+ rc = sqlite3PagerWrite(pNewTrunk->pDbPage);
+ if( rc!=SQLITE_OK ){
+ releasePage(pNewTrunk);
+ goto end_allocate_page;
+ }
+ memcpy(&pNewTrunk->aData[0], &pTrunk->aData[0], 4);
+ put4byte(&pNewTrunk->aData[4], k-1);
+ memcpy(&pNewTrunk->aData[8], &pTrunk->aData[12], (k-1)*4);
+ releasePage(pNewTrunk);
+ if( !pPrevTrunk ){
+ assert( sqlite3PagerIswriteable(pPage1->pDbPage) );
+ put4byte(&pPage1->aData[32], iNewTrunk);
+ }else{
+ rc = sqlite3PagerWrite(pPrevTrunk->pDbPage);
+ if( rc ){
+ goto end_allocate_page;
+ }
+ put4byte(&pPrevTrunk->aData[0], iNewTrunk);
+ }
+ }
+ pTrunk = 0;
+ TRACE(("ALLOCATE: %d trunk - %d free pages left\n", *pPgno, n-1));
+#endif
+ }else if( k>0 ){
+ /* Extract a leaf from the trunk */
+ u32 closest;
+ Pgno iPage;
+ unsigned char *aData = pTrunk->aData;
+ if( nearby>0 ){
+ u32 i;
+ closest = 0;
+ if( eMode==BTALLOC_LE ){
+ for(i=0; i<k; i++){
+ iPage = get4byte(&aData[8+i*4]);
+ if( iPage<=nearby ){
+ closest = i;
+ break;
+ }
+ }
+ }else{
+ int dist;
+ dist = sqlite3AbsInt32(get4byte(&aData[8]) - nearby);
+ for(i=1; i<k; i++){
+ int d2 = sqlite3AbsInt32(get4byte(&aData[8+i*4]) - nearby);
+ if( d2<dist ){
+ closest = i;
+ dist = d2;
+ }
+ }
+ }
+ }else{
+ closest = 0;
+ }
+
+ iPage = get4byte(&aData[8+closest*4]);
+ testcase( iPage==mxPage );
+ if( iPage>mxPage ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto end_allocate_page;
+ }
+ testcase( iPage==mxPage );
+ if( !searchList
+ || (iPage==nearby || (iPage<nearby && eMode==BTALLOC_LE))
+ ){
+ int noContent;
+ *pPgno = iPage;
+ TRACE(("ALLOCATE: %d was leaf %d of %d on trunk %d"
+ ": %d more free pages\n",
+ *pPgno, closest+1, k, pTrunk->pgno, n-1));
+ rc = sqlite3PagerWrite(pTrunk->pDbPage);
+ if( rc ) goto end_allocate_page;
+ if( closest<k-1 ){
+ memcpy(&aData[8+closest*4], &aData[4+k*4], 4);
+ }
+ put4byte(&aData[4], k-1);
+ noContent = !btreeGetHasContent(pBt, *pPgno)? PAGER_GET_NOCONTENT : 0;
+ rc = btreeGetUnusedPage(pBt, *pPgno, ppPage, noContent);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerWrite((*ppPage)->pDbPage);
+ if( rc!=SQLITE_OK ){
+ releasePage(*ppPage);
+ *ppPage = 0;
+ }
+ }
+ searchList = 0;
+ }
+ }
+ releasePage(pPrevTrunk);
+ pPrevTrunk = 0;
+ }while( searchList );
+ }else{
+ /* There are no pages on the freelist, so append a new page to the
+ ** database image.
+ **
+ ** Normally, new pages allocated by this block can be requested from the
+ ** pager layer with the 'no-content' flag set. This prevents the pager
+ ** from trying to read the pages content from disk. However, if the
+ ** current transaction has already run one or more incremental-vacuum
+ ** steps, then the page we are about to allocate may contain content
+ ** that is required in the event of a rollback. In this case, do
+ ** not set the no-content flag. This causes the pager to load and journal
+ ** the current page content before overwriting it.
+ **
+ ** Note that the pager will not actually attempt to load or journal
+ ** content for any page that really does lie past the end of the database
+ ** file on disk. So the effects of disabling the no-content optimization
+ ** here are confined to those pages that lie between the end of the
+ ** database image and the end of the database file.
+ */
+ int bNoContent = (0==IfNotOmitAV(pBt->bDoTruncate))? PAGER_GET_NOCONTENT:0;
+
+ rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
+ if( rc ) return rc;
+ pBt->nPage++;
+ if( pBt->nPage==PENDING_BYTE_PAGE(pBt) ) pBt->nPage++;
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pBt->autoVacuum && PTRMAP_ISPAGE(pBt, pBt->nPage) ){
+ /* If *pPgno refers to a pointer-map page, allocate two new pages
+ ** at the end of the file instead of one. The first allocated page
+ ** becomes a new pointer-map page, the second is used by the caller.
+ */
+ MemPage *pPg = 0;
+ TRACE(("ALLOCATE: %d from end of file (pointer-map page)\n", pBt->nPage));
+ assert( pBt->nPage!=PENDING_BYTE_PAGE(pBt) );
+ rc = btreeGetUnusedPage(pBt, pBt->nPage, &pPg, bNoContent);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerWrite(pPg->pDbPage);
+ releasePage(pPg);
+ }
+ if( rc ) return rc;
+ pBt->nPage++;
+ if( pBt->nPage==PENDING_BYTE_PAGE(pBt) ){ pBt->nPage++; }
+ }
+#endif
+ put4byte(28 + (u8*)pBt->pPage1->aData, pBt->nPage);
+ *pPgno = pBt->nPage;
+
+ assert( *pPgno!=PENDING_BYTE_PAGE(pBt) );
+ rc = btreeGetUnusedPage(pBt, *pPgno, ppPage, bNoContent);
+ if( rc ) return rc;
+ rc = sqlite3PagerWrite((*ppPage)->pDbPage);
+ if( rc!=SQLITE_OK ){
+ releasePage(*ppPage);
+ *ppPage = 0;
+ }
+ TRACE(("ALLOCATE: %d from end of file\n", *pPgno));
+ }
+
+ assert( *pPgno!=PENDING_BYTE_PAGE(pBt) );
+
+end_allocate_page:
+ releasePage(pTrunk);
+ releasePage(pPrevTrunk);
+ assert( rc!=SQLITE_OK || sqlite3PagerPageRefcount((*ppPage)->pDbPage)<=1 );
+ assert( rc!=SQLITE_OK || (*ppPage)->isInit==0 );
+ return rc;
+}
+
+/*
+** This function is used to add page iPage to the database file free-list.
+** It is assumed that the page is not already a part of the free-list.
+**
+** The value passed as the second argument to this function is optional.
+** If the caller happens to have a pointer to the MemPage object
+** corresponding to page iPage handy, it may pass it as the second value.
+** Otherwise, it may pass NULL.
+**
+** If a pointer to a MemPage object is passed as the second argument,
+** its reference count is not altered by this function.
+*/
+static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
+ MemPage *pTrunk = 0; /* Free-list trunk page */
+ Pgno iTrunk = 0; /* Page number of free-list trunk page */
+ MemPage *pPage1 = pBt->pPage1; /* Local reference to page 1 */
+ MemPage *pPage; /* Page being freed. May be NULL. */
+ int rc; /* Return Code */
+ int nFree; /* Initial number of pages on free-list */
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( CORRUPT_DB || iPage>1 );
+ assert( !pMemPage || pMemPage->pgno==iPage );
+
+ if( iPage<2 ) return SQLITE_CORRUPT_BKPT;
+ if( pMemPage ){
+ pPage = pMemPage;
+ sqlite3PagerRef(pPage->pDbPage);
+ }else{
+ pPage = btreePageLookup(pBt, iPage);
+ }
+
+ /* Increment the free page count on pPage1 */
+ rc = sqlite3PagerWrite(pPage1->pDbPage);
+ if( rc ) goto freepage_out;
+ nFree = get4byte(&pPage1->aData[36]);
+ put4byte(&pPage1->aData[36], nFree+1);
+
+ if( pBt->btsFlags & BTS_SECURE_DELETE ){
+ /* If the secure_delete option is enabled, then
+ ** always fully overwrite deleted information with zeros.
+ */
+ if( (!pPage && ((rc = btreeGetPage(pBt, iPage, &pPage, 0))!=0) )
+ || ((rc = sqlite3PagerWrite(pPage->pDbPage))!=0)
+ ){
+ goto freepage_out;
+ }
+ memset(pPage->aData, 0, pPage->pBt->pageSize);
+ }
+
+ /* If the database supports auto-vacuum, write an entry in the pointer-map
+ ** to indicate that the page is free.
+ */
+ if( ISAUTOVACUUM ){
+ ptrmapPut(pBt, iPage, PTRMAP_FREEPAGE, 0, &rc);
+ if( rc ) goto freepage_out;
+ }
+
+ /* Now manipulate the actual database free-list structure. There are two
+ ** possibilities. If the free-list is currently empty, or if the first
+ ** trunk page in the free-list is full, then this page will become a
+ ** new free-list trunk page. Otherwise, it will become a leaf of the
+ ** first trunk page in the current free-list. This block tests if it
+ ** is possible to add the page as a new free-list leaf.
+ */
+ if( nFree!=0 ){
+ u32 nLeaf; /* Initial number of leaf cells on trunk page */
+
+ iTrunk = get4byte(&pPage1->aData[32]);
+ rc = btreeGetPage(pBt, iTrunk, &pTrunk, 0);
+ if( rc!=SQLITE_OK ){
+ goto freepage_out;
+ }
+
+ nLeaf = get4byte(&pTrunk->aData[4]);
+ assert( pBt->usableSize>32 );
+ if( nLeaf > (u32)pBt->usableSize/4 - 2 ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto freepage_out;
+ }
+ if( nLeaf < (u32)pBt->usableSize/4 - 8 ){
+ /* In this case there is room on the trunk page to insert the page
+ ** being freed as a new leaf.
+ **
+ ** Note that the trunk page is not really full until it contains
+ ** usableSize/4 - 2 entries, not usableSize/4 - 8 entries as we have
+ ** coded. But due to a coding error in versions of SQLite prior to
+ ** 3.6.0, databases with freelist trunk pages holding more than
+ ** usableSize/4 - 8 entries will be reported as corrupt. In order
+ ** to maintain backwards compatibility with older versions of SQLite,
+ ** we will continue to restrict the number of entries to usableSize/4 - 8
+ ** for now. At some point in the future (once everyone has upgraded
+ ** to 3.6.0 or later) we should consider fixing the conditional above
+ ** to read "usableSize/4-2" instead of "usableSize/4-8".
+ **
+ ** EVIDENCE-OF: R-19920-11576 However, newer versions of SQLite still
+ ** avoid using the last six entries in the freelist trunk page array in
+ ** order that database files created by newer versions of SQLite can be
+ ** read by older versions of SQLite.
+ */
+ rc = sqlite3PagerWrite(pTrunk->pDbPage);
+ if( rc==SQLITE_OK ){
+ put4byte(&pTrunk->aData[4], nLeaf+1);
+ put4byte(&pTrunk->aData[8+nLeaf*4], iPage);
+ if( pPage && (pBt->btsFlags & BTS_SECURE_DELETE)==0 ){
+ sqlite3PagerDontWrite(pPage->pDbPage);
+ }
+ rc = btreeSetHasContent(pBt, iPage);
+ }
+ TRACE(("FREE-PAGE: %d leaf on trunk page %d\n",pPage->pgno,pTrunk->pgno));
+ goto freepage_out;
+ }
+ }
+
+ /* If control flows to this point, then it was not possible to add the
+ ** the page being freed as a leaf page of the first trunk in the free-list.
+ ** Possibly because the free-list is empty, or possibly because the
+ ** first trunk in the free-list is full. Either way, the page being freed
+ ** will become the new first trunk page in the free-list.
+ */
+ if( pPage==0 && SQLITE_OK!=(rc = btreeGetPage(pBt, iPage, &pPage, 0)) ){
+ goto freepage_out;
+ }
+ rc = sqlite3PagerWrite(pPage->pDbPage);
+ if( rc!=SQLITE_OK ){
+ goto freepage_out;
+ }
+ put4byte(pPage->aData, iTrunk);
+ put4byte(&pPage->aData[4], 0);
+ put4byte(&pPage1->aData[32], iPage);
+ TRACE(("FREE-PAGE: %d new trunk page replacing %d\n", pPage->pgno, iTrunk));
+
+freepage_out:
+ if( pPage ){
+ pPage->isInit = 0;
+ }
+ releasePage(pPage);
+ releasePage(pTrunk);
+ return rc;
+}
+static void freePage(MemPage *pPage, int *pRC){
+ if( (*pRC)==SQLITE_OK ){
+ *pRC = freePage2(pPage->pBt, pPage, pPage->pgno);
+ }
+}
+
+/*
+** Free any overflow pages associated with the given Cell. Write the
+** local Cell size (the number of bytes on the original page, omitting
+** overflow) into *pnSize.
+*/
+static int clearCell(
+ MemPage *pPage, /* The page that contains the Cell */
+ unsigned char *pCell, /* First byte of the Cell */
+ u16 *pnSize /* Write the size of the Cell here */
+){
+ BtShared *pBt = pPage->pBt;
+ CellInfo info;
+ Pgno ovflPgno;
+ int rc;
+ int nOvfl;
+ u32 ovflPageSize;
+
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ pPage->xParseCell(pPage, pCell, &info);
+ *pnSize = info.nSize;
+ if( info.nLocal==info.nPayload ){
+ return SQLITE_OK; /* No overflow pages. Return without doing anything */
+ }
+ if( pCell+info.nSize-1 > pPage->aData+pPage->maskPage ){
+ return SQLITE_CORRUPT_BKPT; /* Cell extends past end of page */
+ }
+ ovflPgno = get4byte(pCell + info.nSize - 4);
+ assert( pBt->usableSize > 4 );
+ ovflPageSize = pBt->usableSize - 4;
+ nOvfl = (info.nPayload - info.nLocal + ovflPageSize - 1)/ovflPageSize;
+ assert( nOvfl>0 ||
+ (CORRUPT_DB && (info.nPayload + ovflPageSize)<ovflPageSize)
+ );
+ while( nOvfl-- ){
+ Pgno iNext = 0;
+ MemPage *pOvfl = 0;
+ if( ovflPgno<2 || ovflPgno>btreePagecount(pBt) ){
+ /* 0 is not a legal page number and page 1 cannot be an
+ ** overflow page. Therefore if ovflPgno<2 or past the end of the
+ ** file the database must be corrupt. */
+ return SQLITE_CORRUPT_BKPT;
+ }
+ if( nOvfl ){
+ rc = getOverflowPage(pBt, ovflPgno, &pOvfl, &iNext);
+ if( rc ) return rc;
+ }
+
+ if( ( pOvfl || ((pOvfl = btreePageLookup(pBt, ovflPgno))!=0) )
+ && sqlite3PagerPageRefcount(pOvfl->pDbPage)!=1
+ ){
+ /* There is no reason any cursor should have an outstanding reference
+ ** to an overflow page belonging to a cell that is being deleted/updated.
+ ** So if there exists more than one reference to this page, then it
+ ** must not really be an overflow page and the database must be corrupt.
+ ** It is helpful to detect this before calling freePage2(), as
+ ** freePage2() may zero the page contents if secure-delete mode is
+ ** enabled. If this 'overflow' page happens to be a page that the
+ ** caller is iterating through or using in some other way, this
+ ** can be problematic.
+ */
+ rc = SQLITE_CORRUPT_BKPT;
+ }else{
+ rc = freePage2(pBt, pOvfl, ovflPgno);
+ }
+
+ if( pOvfl ){
+ sqlite3PagerUnref(pOvfl->pDbPage);
+ }
+ if( rc ) return rc;
+ ovflPgno = iNext;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Create the byte sequence used to represent a cell on page pPage
+** and write that byte sequence into pCell[]. Overflow pages are
+** allocated and filled in as necessary. The calling procedure
+** is responsible for making sure sufficient space has been allocated
+** for pCell[].
+**
+** Note that pCell does not necessary need to point to the pPage->aData
+** area. pCell might point to some temporary storage. The cell will
+** be constructed in this temporary area then copied into pPage->aData
+** later.
+*/
+static int fillInCell(
+ MemPage *pPage, /* The page that contains the cell */
+ unsigned char *pCell, /* Complete text of the cell */
+ const void *pKey, i64 nKey, /* The key */
+ const void *pData,int nData, /* The data */
+ int nZero, /* Extra zero bytes to append to pData */
+ int *pnSize /* Write cell size here */
+){
+ int nPayload;
+ const u8 *pSrc;
+ int nSrc, n, rc;
+ int spaceLeft;
+ MemPage *pOvfl = 0;
+ MemPage *pToRelease = 0;
+ unsigned char *pPrior;
+ unsigned char *pPayload;
+ BtShared *pBt = pPage->pBt;
+ Pgno pgnoOvfl = 0;
+ int nHeader;
+
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+
+ /* pPage is not necessarily writeable since pCell might be auxiliary
+ ** buffer space that is separate from the pPage buffer area */
+ assert( pCell<pPage->aData || pCell>=&pPage->aData[pBt->pageSize]
+ || sqlite3PagerIswriteable(pPage->pDbPage) );
+
+ /* Fill in the header. */
+ nHeader = pPage->childPtrSize;
+ nPayload = nData + nZero;
+ if( pPage->intKeyLeaf ){
+ nHeader += putVarint32(&pCell[nHeader], nPayload);
+ }else{
+ assert( nData==0 );
+ assert( nZero==0 );
+ }
+ nHeader += putVarint(&pCell[nHeader], *(u64*)&nKey);
+
+ /* Fill in the payload size */
+ if( pPage->intKey ){
+ pSrc = pData;
+ nSrc = nData;
+ nData = 0;
+ }else{
+ assert( nKey<=0x7fffffff && pKey!=0 );
+ nPayload = (int)nKey;
+ pSrc = pKey;
+ nSrc = (int)nKey;
+ }
+ if( nPayload<=pPage->maxLocal ){
+ n = nHeader + nPayload;
+ testcase( n==3 );
+ testcase( n==4 );
+ if( n<4 ) n = 4;
+ *pnSize = n;
+ spaceLeft = nPayload;
+ pPrior = pCell;
+ }else{
+ int mn = pPage->minLocal;
+ n = mn + (nPayload - mn) % (pPage->pBt->usableSize - 4);
+ testcase( n==pPage->maxLocal );
+ testcase( n==pPage->maxLocal+1 );
+ if( n > pPage->maxLocal ) n = mn;
+ spaceLeft = n;
+ *pnSize = n + nHeader + 4;
+ pPrior = &pCell[nHeader+n];
+ }
+ pPayload = &pCell[nHeader];
+
+ /* At this point variables should be set as follows:
+ **
+ ** nPayload Total payload size in bytes
+ ** pPayload Begin writing payload here
+ ** spaceLeft Space available at pPayload. If nPayload>spaceLeft,
+ ** that means content must spill into overflow pages.
+ ** *pnSize Size of the local cell (not counting overflow pages)
+ ** pPrior Where to write the pgno of the first overflow page
+ **
+ ** Use a call to btreeParseCellPtr() to verify that the values above
+ ** were computed correctly.
+ */
+#if SQLITE_DEBUG
+ {
+ CellInfo info;
+ pPage->xParseCell(pPage, pCell, &info);
+ assert( nHeader=(int)(info.pPayload - pCell) );
+ assert( info.nKey==nKey );
+ assert( *pnSize == info.nSize );
+ assert( spaceLeft == info.nLocal );
+ }
+#endif
+
+ /* Write the payload into the local Cell and any extra into overflow pages */
+ while( nPayload>0 ){
+ if( spaceLeft==0 ){
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ Pgno pgnoPtrmap = pgnoOvfl; /* Overflow page pointer-map entry page */
+ if( pBt->autoVacuum ){
+ do{
+ pgnoOvfl++;
+ } while(
+ PTRMAP_ISPAGE(pBt, pgnoOvfl) || pgnoOvfl==PENDING_BYTE_PAGE(pBt)
+ );
+ }
+#endif
+ rc = allocateBtreePage(pBt, &pOvfl, &pgnoOvfl, pgnoOvfl, 0);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ /* If the database supports auto-vacuum, and the second or subsequent
+ ** overflow page is being allocated, add an entry to the pointer-map
+ ** for that page now.
+ **
+ ** If this is the first overflow page, then write a partial entry
+ ** to the pointer-map. If we write nothing to this pointer-map slot,
+ ** then the optimistic overflow chain processing in clearCell()
+ ** may misinterpret the uninitialized values and delete the
+ ** wrong pages from the database.
+ */
+ if( pBt->autoVacuum && rc==SQLITE_OK ){
+ u8 eType = (pgnoPtrmap?PTRMAP_OVERFLOW2:PTRMAP_OVERFLOW1);
+ ptrmapPut(pBt, pgnoOvfl, eType, pgnoPtrmap, &rc);
+ if( rc ){
+ releasePage(pOvfl);
+ }
+ }
+#endif
+ if( rc ){
+ releasePage(pToRelease);
+ return rc;
+ }
+
+ /* If pToRelease is not zero than pPrior points into the data area
+ ** of pToRelease. Make sure pToRelease is still writeable. */
+ assert( pToRelease==0 || sqlite3PagerIswriteable(pToRelease->pDbPage) );
+
+ /* If pPrior is part of the data area of pPage, then make sure pPage
+ ** is still writeable */
+ assert( pPrior<pPage->aData || pPrior>=&pPage->aData[pBt->pageSize]
+ || sqlite3PagerIswriteable(pPage->pDbPage) );
+
+ put4byte(pPrior, pgnoOvfl);
+ releasePage(pToRelease);
+ pToRelease = pOvfl;
+ pPrior = pOvfl->aData;
+ put4byte(pPrior, 0);
+ pPayload = &pOvfl->aData[4];
+ spaceLeft = pBt->usableSize - 4;
+ }
+ n = nPayload;
+ if( n>spaceLeft ) n = spaceLeft;
+
+ /* If pToRelease is not zero than pPayload points into the data area
+ ** of pToRelease. Make sure pToRelease is still writeable. */
+ assert( pToRelease==0 || sqlite3PagerIswriteable(pToRelease->pDbPage) );
+
+ /* If pPayload is part of the data area of pPage, then make sure pPage
+ ** is still writeable */
+ assert( pPayload<pPage->aData || pPayload>=&pPage->aData[pBt->pageSize]
+ || sqlite3PagerIswriteable(pPage->pDbPage) );
+
+ if( nSrc>0 ){
+ if( n>nSrc ) n = nSrc;
+ assert( pSrc );
+ memcpy(pPayload, pSrc, n);
+ }else{
+ memset(pPayload, 0, n);
+ }
+ nPayload -= n;
+ pPayload += n;
+ pSrc += n;
+ nSrc -= n;
+ spaceLeft -= n;
+ if( nSrc==0 ){
+ nSrc = nData;
+ pSrc = pData;
+ }
+ }
+ releasePage(pToRelease);
+ return SQLITE_OK;
+}
+
+/*
+** Remove the i-th cell from pPage. This routine effects pPage only.
+** The cell content is not freed or deallocated. It is assumed that
+** the cell content has been copied someplace else. This routine just
+** removes the reference to the cell from pPage.
+**
+** "sz" must be the number of bytes in the cell.
+*/
+static void dropCell(MemPage *pPage, int idx, int sz, int *pRC){
+ u32 pc; /* Offset to cell content of cell being deleted */
+ u8 *data; /* pPage->aData */
+ u8 *ptr; /* Used to move bytes around within data[] */
+ int rc; /* The return code */
+ int hdr; /* Beginning of the header. 0 most pages. 100 page 1 */
+
+ if( *pRC ) return;
+
+ assert( idx>=0 && idx<pPage->nCell );
+ assert( CORRUPT_DB || sz==cellSize(pPage, idx) );
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ data = pPage->aData;
+ ptr = &pPage->aCellIdx[2*idx];
+ pc = get2byte(ptr);
+ hdr = pPage->hdrOffset;
+ testcase( pc==get2byte(&data[hdr+5]) );
+ testcase( pc+sz==pPage->pBt->usableSize );
+ if( pc < (u32)get2byte(&data[hdr+5]) || pc+sz > pPage->pBt->usableSize ){
+ *pRC = SQLITE_CORRUPT_BKPT;
+ return;
+ }
+ rc = freeSpace(pPage, pc, sz);
+ if( rc ){
+ *pRC = rc;
+ return;
+ }
+ pPage->nCell--;
+ if( pPage->nCell==0 ){
+ memset(&data[hdr+1], 0, 4);
+ data[hdr+7] = 0;
+ put2byte(&data[hdr+5], pPage->pBt->usableSize);
+ pPage->nFree = pPage->pBt->usableSize - pPage->hdrOffset
+ - pPage->childPtrSize - 8;
+ }else{
+ memmove(ptr, ptr+2, 2*(pPage->nCell - idx));
+ put2byte(&data[hdr+3], pPage->nCell);
+ pPage->nFree += 2;
+ }
+}
+
+/*
+** Insert a new cell on pPage at cell index "i". pCell points to the
+** content of the cell.
+**
+** If the cell content will fit on the page, then put it there. If it
+** will not fit, then make a copy of the cell content into pTemp if
+** pTemp is not null. Regardless of pTemp, allocate a new entry
+** in pPage->apOvfl[] and make it point to the cell content (either
+** in pTemp or the original pCell) and also record its index.
+** Allocating a new entry in pPage->aCell[] implies that
+** pPage->nOverflow is incremented.
+*/
+static void insertCell(
+ MemPage *pPage, /* Page into which we are copying */
+ int i, /* New cell becomes the i-th cell of the page */
+ u8 *pCell, /* Content of the new cell */
+ int sz, /* Bytes of content in pCell */
+ u8 *pTemp, /* Temp storage space for pCell, if needed */
+ Pgno iChild, /* If non-zero, replace first 4 bytes with this value */
+ int *pRC /* Read and write return code from here */
+){
+ int idx = 0; /* Where to write new cell content in data[] */
+ int j; /* Loop counter */
+ u8 *data; /* The content of the whole page */
+ u8 *pIns; /* The point in pPage->aCellIdx[] where no cell inserted */
+
+ if( *pRC ) return;
+
+ assert( i>=0 && i<=pPage->nCell+pPage->nOverflow );
+ assert( MX_CELL(pPage->pBt)<=10921 );
+ assert( pPage->nCell<=MX_CELL(pPage->pBt) || CORRUPT_DB );
+ assert( pPage->nOverflow<=ArraySize(pPage->apOvfl) );
+ assert( ArraySize(pPage->apOvfl)==ArraySize(pPage->aiOvfl) );
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ /* The cell should normally be sized correctly. However, when moving a
+ ** malformed cell from a leaf page to an interior page, if the cell size
+ ** wanted to be less than 4 but got rounded up to 4 on the leaf, then size
+ ** might be less than 8 (leaf-size + pointer) on the interior node. Hence
+ ** the term after the || in the following assert(). */
+ assert( sz==pPage->xCellSize(pPage, pCell) || (sz==8 && iChild>0) );
+ if( pPage->nOverflow || sz+2>pPage->nFree ){
+ if( pTemp ){
+ memcpy(pTemp, pCell, sz);
+ pCell = pTemp;
+ }
+ if( iChild ){
+ put4byte(pCell, iChild);
+ }
+ j = pPage->nOverflow++;
+ assert( j<(int)(sizeof(pPage->apOvfl)/sizeof(pPage->apOvfl[0])) );
+ pPage->apOvfl[j] = pCell;
+ pPage->aiOvfl[j] = (u16)i;
+
+ /* When multiple overflows occur, they are always sequential and in
+ ** sorted order. This invariants arise because multiple overflows can
+ ** only occur when inserting divider cells into the parent page during
+ ** balancing, and the dividers are adjacent and sorted.
+ */
+ assert( j==0 || pPage->aiOvfl[j-1]<(u16)i ); /* Overflows in sorted order */
+ assert( j==0 || i==pPage->aiOvfl[j-1]+1 ); /* Overflows are sequential */
+ }else{
+ int rc = sqlite3PagerWrite(pPage->pDbPage);
+ if( rc!=SQLITE_OK ){
+ *pRC = rc;
+ return;
+ }
+ assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+ data = pPage->aData;
+ assert( &data[pPage->cellOffset]==pPage->aCellIdx );
+ rc = allocateSpace(pPage, sz, &idx);
+ if( rc ){ *pRC = rc; return; }
+ /* The allocateSpace() routine guarantees the following properties
+ ** if it returns successfully */
+ assert( idx >= 0 );
+ assert( idx >= pPage->cellOffset+2*pPage->nCell+2 || CORRUPT_DB );
+ assert( idx+sz <= (int)pPage->pBt->usableSize );
+ pPage->nFree -= (u16)(2 + sz);
+ memcpy(&data[idx], pCell, sz);
+ if( iChild ){
+ put4byte(&data[idx], iChild);
+ }
+ pIns = pPage->aCellIdx + i*2;
+ memmove(pIns+2, pIns, 2*(pPage->nCell - i));
+ put2byte(pIns, idx);
+ pPage->nCell++;
+ /* increment the cell count */
+ if( (++data[pPage->hdrOffset+4])==0 ) data[pPage->hdrOffset+3]++;
+ assert( get2byte(&data[pPage->hdrOffset+3])==pPage->nCell );
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pPage->pBt->autoVacuum ){
+ /* The cell may contain a pointer to an overflow page. If so, write
+ ** the entry for the overflow page into the pointer map.
+ */
+ ptrmapPutOvflPtr(pPage, pCell, pRC);
+ }
+#endif
+ }
+}
+
+/*
+** A CellArray object contains a cache of pointers and sizes for a
+** consecutive sequence of cells that might be held multiple pages.
+*/
+typedef struct CellArray CellArray;
+struct CellArray {
+ int nCell; /* Number of cells in apCell[] */
+ MemPage *pRef; /* Reference page */
+ u8 **apCell; /* All cells begin balanced */
+ u16 *szCell; /* Local size of all cells in apCell[] */
+};
+
+/*
+** Make sure the cell sizes at idx, idx+1, ..., idx+N-1 have been
+** computed.
+*/
+static void populateCellCache(CellArray *p, int idx, int N){
+ assert( idx>=0 && idx+N<=p->nCell );
+ while( N>0 ){
+ assert( p->apCell[idx]!=0 );
+ if( p->szCell[idx]==0 ){
+ p->szCell[idx] = p->pRef->xCellSize(p->pRef, p->apCell[idx]);
+ }else{
+ assert( CORRUPT_DB ||
+ p->szCell[idx]==p->pRef->xCellSize(p->pRef, p->apCell[idx]) );
+ }
+ idx++;
+ N--;
+ }
+}
+
+/*
+** Return the size of the Nth element of the cell array
+*/
+static SQLITE_NOINLINE u16 computeCellSize(CellArray *p, int N){
+ assert( N>=0 && N<p->nCell );
+ assert( p->szCell[N]==0 );
+ p->szCell[N] = p->pRef->xCellSize(p->pRef, p->apCell[N]);
+ return p->szCell[N];
+}
+static u16 cachedCellSize(CellArray *p, int N){
+ assert( N>=0 && N<p->nCell );
+ if( p->szCell[N] ) return p->szCell[N];
+ return computeCellSize(p, N);
+}
+
+/*
+** Array apCell[] contains pointers to nCell b-tree page cells. The
+** szCell[] array contains the size in bytes of each cell. This function
+** replaces the current contents of page pPg with the contents of the cell
+** array.
+**
+** Some of the cells in apCell[] may currently be stored in pPg. This
+** function works around problems caused by this by making a copy of any
+** such cells before overwriting the page data.
+**
+** The MemPage.nFree field is invalidated by this function. It is the
+** responsibility of the caller to set it correctly.
+*/
+static int rebuildPage(
+ MemPage *pPg, /* Edit this page */
+ int nCell, /* Final number of cells on page */
+ u8 **apCell, /* Array of cells */
+ u16 *szCell /* Array of cell sizes */
+){
+ const int hdr = pPg->hdrOffset; /* Offset of header on pPg */
+ u8 * const aData = pPg->aData; /* Pointer to data for pPg */
+ const int usableSize = pPg->pBt->usableSize;
+ u8 * const pEnd = &aData[usableSize];
+ int i;
+ u8 *pCellptr = pPg->aCellIdx;
+ u8 *pTmp = sqlite3PagerTempSpace(pPg->pBt->pPager);
+ u8 *pData;
+
+ i = get2byte(&aData[hdr+5]);
+ memcpy(&pTmp[i], &aData[i], usableSize - i);
+
+ pData = pEnd;
+ for(i=0; i<nCell; i++){
+ u8 *pCell = apCell[i];
+ if( SQLITE_WITHIN(pCell,aData,pEnd) ){
+ pCell = &pTmp[pCell - aData];
+ }
+ pData -= szCell[i];
+ put2byte(pCellptr, (pData - aData));
+ pCellptr += 2;
+ if( pData < pCellptr ) return SQLITE_CORRUPT_BKPT;
+ memcpy(pData, pCell, szCell[i]);
+ assert( szCell[i]==pPg->xCellSize(pPg, pCell) || CORRUPT_DB );
+ testcase( szCell[i]!=pPg->xCellSize(pPg,pCell) );
+ }
+
+ /* The pPg->nFree field is now set incorrectly. The caller will fix it. */
+ pPg->nCell = nCell;
+ pPg->nOverflow = 0;
+
+ put2byte(&aData[hdr+1], 0);
+ put2byte(&aData[hdr+3], pPg->nCell);
+ put2byte(&aData[hdr+5], pData - aData);
+ aData[hdr+7] = 0x00;
+ return SQLITE_OK;
+}
+
+/*
+** Array apCell[] contains nCell pointers to b-tree cells. Array szCell
+** contains the size in bytes of each such cell. This function attempts to
+** add the cells stored in the array to page pPg. If it cannot (because
+** the page needs to be defragmented before the cells will fit), non-zero
+** is returned. Otherwise, if the cells are added successfully, zero is
+** returned.
+**
+** Argument pCellptr points to the first entry in the cell-pointer array
+** (part of page pPg) to populate. After cell apCell[0] is written to the
+** page body, a 16-bit offset is written to pCellptr. And so on, for each
+** cell in the array. It is the responsibility of the caller to ensure
+** that it is safe to overwrite this part of the cell-pointer array.
+**
+** When this function is called, *ppData points to the start of the
+** content area on page pPg. If the size of the content area is extended,
+** *ppData is updated to point to the new start of the content area
+** before returning.
+**
+** Finally, argument pBegin points to the byte immediately following the
+** end of the space required by this page for the cell-pointer area (for
+** all cells - not just those inserted by the current call). If the content
+** area must be extended to before this point in order to accomodate all
+** cells in apCell[], then the cells do not fit and non-zero is returned.
+*/
+static int pageInsertArray(
+ MemPage *pPg, /* Page to add cells to */
+ u8 *pBegin, /* End of cell-pointer array */
+ u8 **ppData, /* IN/OUT: Page content -area pointer */
+ u8 *pCellptr, /* Pointer to cell-pointer area */
+ int iFirst, /* Index of first cell to add */
+ int nCell, /* Number of cells to add to pPg */
+ CellArray *pCArray /* Array of cells */
+){
+ int i;
+ u8 *aData = pPg->aData;
+ u8 *pData = *ppData;
+ int iEnd = iFirst + nCell;
+ assert( CORRUPT_DB || pPg->hdrOffset==0 ); /* Never called on page 1 */
+ for(i=iFirst; i<iEnd; i++){
+ int sz, rc;
+ u8 *pSlot;
+ sz = cachedCellSize(pCArray, i);
+ if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){
+ pData -= sz;
+ if( pData<pBegin ) return 1;
+ pSlot = pData;
+ }
+ /* pSlot and pCArray->apCell[i] will never overlap on a well-formed
+ ** database. But they might for a corrupt database. Hence use memmove()
+ ** since memcpy() sends SIGABORT with overlapping buffers on OpenBSD */
+ assert( (pSlot+sz)<=pCArray->apCell[i]
+ || pSlot>=(pCArray->apCell[i]+sz)
+ || CORRUPT_DB );
+ memmove(pSlot, pCArray->apCell[i], sz);
+ put2byte(pCellptr, (pSlot - aData));
+ pCellptr += 2;
+ }
+ *ppData = pData;
+ return 0;
+}
+
+/*
+** Array apCell[] contains nCell pointers to b-tree cells. Array szCell
+** contains the size in bytes of each such cell. This function adds the
+** space associated with each cell in the array that is currently stored
+** within the body of pPg to the pPg free-list. The cell-pointers and other
+** fields of the page are not updated.
+**
+** This function returns the total number of cells added to the free-list.
+*/
+static int pageFreeArray(
+ MemPage *pPg, /* Page to edit */
+ int iFirst, /* First cell to delete */
+ int nCell, /* Cells to delete */
+ CellArray *pCArray /* Array of cells */
+){
+ u8 * const aData = pPg->aData;
+ u8 * const pEnd = &aData[pPg->pBt->usableSize];
+ u8 * const pStart = &aData[pPg->hdrOffset + 8 + pPg->childPtrSize];
+ int nRet = 0;
+ int i;
+ int iEnd = iFirst + nCell;
+ u8 *pFree = 0;
+ int szFree = 0;
+
+ for(i=iFirst; i<iEnd; i++){
+ u8 *pCell = pCArray->apCell[i];
+ if( SQLITE_WITHIN(pCell, pStart, pEnd) ){
+ int sz;
+ /* No need to use cachedCellSize() here. The sizes of all cells that
+ ** are to be freed have already been computing while deciding which
+ ** cells need freeing */
+ sz = pCArray->szCell[i]; assert( sz>0 );
+ if( pFree!=(pCell + sz) ){
+ if( pFree ){
+ assert( pFree>aData && (pFree - aData)<65536 );
+ freeSpace(pPg, (u16)(pFree - aData), szFree);
+ }
+ pFree = pCell;
+ szFree = sz;
+ if( pFree+sz>pEnd ) return 0;
+ }else{
+ pFree = pCell;
+ szFree += sz;
+ }
+ nRet++;
+ }
+ }
+ if( pFree ){
+ assert( pFree>aData && (pFree - aData)<65536 );
+ freeSpace(pPg, (u16)(pFree - aData), szFree);
+ }
+ return nRet;
+}
+
+/*
+** apCell[] and szCell[] contains pointers to and sizes of all cells in the
+** pages being balanced. The current page, pPg, has pPg->nCell cells starting
+** with apCell[iOld]. After balancing, this page should hold nNew cells
+** starting at apCell[iNew].
+**
+** This routine makes the necessary adjustments to pPg so that it contains
+** the correct cells after being balanced.
+**
+** The pPg->nFree field is invalid when this function returns. It is the
+** responsibility of the caller to set it correctly.
+*/
+static int editPage(
+ MemPage *pPg, /* Edit this page */
+ int iOld, /* Index of first cell currently on page */
+ int iNew, /* Index of new first cell on page */
+ int nNew, /* Final number of cells on page */
+ CellArray *pCArray /* Array of cells and sizes */
+){
+ u8 * const aData = pPg->aData;
+ const int hdr = pPg->hdrOffset;
+ u8 *pBegin = &pPg->aCellIdx[nNew * 2];
+ int nCell = pPg->nCell; /* Cells stored on pPg */
+ u8 *pData;
+ u8 *pCellptr;
+ int i;
+ int iOldEnd = iOld + pPg->nCell + pPg->nOverflow;
+ int iNewEnd = iNew + nNew;
+
+#ifdef SQLITE_DEBUG
+ u8 *pTmp = sqlite3PagerTempSpace(pPg->pBt->pPager);
+ memcpy(pTmp, aData, pPg->pBt->usableSize);
+#endif
+
+ /* Remove cells from the start and end of the page */
+ if( iOld<iNew ){
+ int nShift = pageFreeArray(pPg, iOld, iNew-iOld, pCArray);
+ memmove(pPg->aCellIdx, &pPg->aCellIdx[nShift*2], nCell*2);
+ nCell -= nShift;
+ }
+ if( iNewEnd < iOldEnd ){
+ nCell -= pageFreeArray(pPg, iNewEnd, iOldEnd - iNewEnd, pCArray);
+ }
+
+ pData = &aData[get2byteNotZero(&aData[hdr+5])];
+ if( pData<pBegin ) goto editpage_fail;
+
+ /* Add cells to the start of the page */
+ if( iNew<iOld ){
+ int nAdd = MIN(nNew,iOld-iNew);
+ assert( (iOld-iNew)<nNew || nCell==0 || CORRUPT_DB );
+ pCellptr = pPg->aCellIdx;
+ memmove(&pCellptr[nAdd*2], pCellptr, nCell*2);
+ if( pageInsertArray(
+ pPg, pBegin, &pData, pCellptr,
+ iNew, nAdd, pCArray
+ ) ) goto editpage_fail;
+ nCell += nAdd;
+ }
+
+ /* Add any overflow cells */
+ for(i=0; i<pPg->nOverflow; i++){
+ int iCell = (iOld + pPg->aiOvfl[i]) - iNew;
+ if( iCell>=0 && iCell<nNew ){
+ pCellptr = &pPg->aCellIdx[iCell * 2];
+ memmove(&pCellptr[2], pCellptr, (nCell - iCell) * 2);
+ nCell++;
+ if( pageInsertArray(
+ pPg, pBegin, &pData, pCellptr,
+ iCell+iNew, 1, pCArray
+ ) ) goto editpage_fail;
+ }
+ }
+
+ /* Append cells to the end of the page */
+ pCellptr = &pPg->aCellIdx[nCell*2];
+ if( pageInsertArray(
+ pPg, pBegin, &pData, pCellptr,
+ iNew+nCell, nNew-nCell, pCArray
+ ) ) goto editpage_fail;
+
+ pPg->nCell = nNew;
+ pPg->nOverflow = 0;
+
+ put2byte(&aData[hdr+3], pPg->nCell);
+ put2byte(&aData[hdr+5], pData - aData);
+
+#ifdef SQLITE_DEBUG
+ for(i=0; i<nNew && !CORRUPT_DB; i++){
+ u8 *pCell = pCArray->apCell[i+iNew];
+ int iOff = get2byteAligned(&pPg->aCellIdx[i*2]);
+ if( pCell>=aData && pCell<&aData[pPg->pBt->usableSize] ){
+ pCell = &pTmp[pCell - aData];
+ }
+ assert( 0==memcmp(pCell, &aData[iOff],
+ pCArray->pRef->xCellSize(pCArray->pRef, pCArray->apCell[i+iNew])) );
+ }
+#endif
+
+ return SQLITE_OK;
+ editpage_fail:
+ /* Unable to edit this page. Rebuild it from scratch instead. */
+ populateCellCache(pCArray, iNew, nNew);
+ return rebuildPage(pPg, nNew, &pCArray->apCell[iNew], &pCArray->szCell[iNew]);
+}
+
+/*
+** The following parameters determine how many adjacent pages get involved
+** in a balancing operation. NN is the number of neighbors on either side
+** of the page that participate in the balancing operation. NB is the
+** total number of pages that participate, including the target page and
+** NN neighbors on either side.
+**
+** The minimum value of NN is 1 (of course). Increasing NN above 1
+** (to 2 or 3) gives a modest improvement in SELECT and DELETE performance
+** in exchange for a larger degradation in INSERT and UPDATE performance.
+** The value of NN appears to give the best results overall.
+*/
+#define NN 1 /* Number of neighbors on either side of pPage */
+#define NB (NN*2+1) /* Total pages involved in the balance */
+
+
+#ifndef SQLITE_OMIT_QUICKBALANCE
+/*
+** This version of balance() handles the common special case where
+** a new entry is being inserted on the extreme right-end of the
+** tree, in other words, when the new entry will become the largest
+** entry in the tree.
+**
+** Instead of trying to balance the 3 right-most leaf pages, just add
+** a new page to the right-hand side and put the one new entry in
+** that page. This leaves the right side of the tree somewhat
+** unbalanced. But odds are that we will be inserting new entries
+** at the end soon afterwards so the nearly empty page will quickly
+** fill up. On average.
+**
+** pPage is the leaf page which is the right-most page in the tree.
+** pParent is its parent. pPage must have a single overflow entry
+** which is also the right-most entry on the page.
+**
+** The pSpace buffer is used to store a temporary copy of the divider
+** cell that will be inserted into pParent. Such a cell consists of a 4
+** byte page number followed by a variable length integer. In other
+** words, at most 13 bytes. Hence the pSpace buffer must be at
+** least 13 bytes in size.
+*/
+static int balance_quick(MemPage *pParent, MemPage *pPage, u8 *pSpace){
+ BtShared *const pBt = pPage->pBt; /* B-Tree Database */
+ MemPage *pNew; /* Newly allocated page */
+ int rc; /* Return Code */
+ Pgno pgnoNew; /* Page number of pNew */
+
+ assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+ assert( sqlite3PagerIswriteable(pParent->pDbPage) );
+ assert( pPage->nOverflow==1 );
+
+ /* This error condition is now caught prior to reaching this function */
+ if( NEVER(pPage->nCell==0) ) return SQLITE_CORRUPT_BKPT;
+
+ /* Allocate a new page. This page will become the right-sibling of
+ ** pPage. Make the parent page writable, so that the new divider cell
+ ** may be inserted. If both these operations are successful, proceed.
+ */
+ rc = allocateBtreePage(pBt, &pNew, &pgnoNew, 0, 0);
+
+ if( rc==SQLITE_OK ){
+
+ u8 *pOut = &pSpace[4];
+ u8 *pCell = pPage->apOvfl[0];
+ u16 szCell = pPage->xCellSize(pPage, pCell);
+ u8 *pStop;
+
+ assert( sqlite3PagerIswriteable(pNew->pDbPage) );
+ assert( pPage->aData[0]==(PTF_INTKEY|PTF_LEAFDATA|PTF_LEAF) );
+ zeroPage(pNew, PTF_INTKEY|PTF_LEAFDATA|PTF_LEAF);
+ rc = rebuildPage(pNew, 1, &pCell, &szCell);
+ if( NEVER(rc) ) return rc;
+ pNew->nFree = pBt->usableSize - pNew->cellOffset - 2 - szCell;
+
+ /* If this is an auto-vacuum database, update the pointer map
+ ** with entries for the new page, and any pointer from the
+ ** cell on the page to an overflow page. If either of these
+ ** operations fails, the return code is set, but the contents
+ ** of the parent page are still manipulated by thh code below.
+ ** That is Ok, at this point the parent page is guaranteed to
+ ** be marked as dirty. Returning an error code will cause a
+ ** rollback, undoing any changes made to the parent page.
+ */
+ if( ISAUTOVACUUM ){
+ ptrmapPut(pBt, pgnoNew, PTRMAP_BTREE, pParent->pgno, &rc);
+ if( szCell>pNew->minLocal ){
+ ptrmapPutOvflPtr(pNew, pCell, &rc);
+ }
+ }
+
+ /* Create a divider cell to insert into pParent. The divider cell
+ ** consists of a 4-byte page number (the page number of pPage) and
+ ** a variable length key value (which must be the same value as the
+ ** largest key on pPage).
+ **
+ ** To find the largest key value on pPage, first find the right-most
+ ** cell on pPage. The first two fields of this cell are the
+ ** record-length (a variable length integer at most 32-bits in size)
+ ** and the key value (a variable length integer, may have any value).
+ ** The first of the while(...) loops below skips over the record-length
+ ** field. The second while(...) loop copies the key value from the
+ ** cell on pPage into the pSpace buffer.
+ */
+ pCell = findCell(pPage, pPage->nCell-1);
+ pStop = &pCell[9];
+ while( (*(pCell++)&0x80) && pCell<pStop );
+ pStop = &pCell[9];
+ while( ((*(pOut++) = *(pCell++))&0x80) && pCell<pStop );
+
+ /* Insert the new divider cell into pParent. */
+ insertCell(pParent, pParent->nCell, pSpace, (int)(pOut-pSpace),
+ 0, pPage->pgno, &rc);
+
+ /* Set the right-child pointer of pParent to point to the new page. */
+ put4byte(&pParent->aData[pParent->hdrOffset+8], pgnoNew);
+
+ /* Release the reference to the new page. */
+ releasePage(pNew);
+ }
+
+ return rc;
+}
+#endif /* SQLITE_OMIT_QUICKBALANCE */
+
+#if 0
+/*
+** This function does not contribute anything to the operation of SQLite.
+** it is sometimes activated temporarily while debugging code responsible
+** for setting pointer-map entries.
+*/
+static int ptrmapCheckPages(MemPage **apPage, int nPage){
+ int i, j;
+ for(i=0; i<nPage; i++){
+ Pgno n;
+ u8 e;
+ MemPage *pPage = apPage[i];
+ BtShared *pBt = pPage->pBt;
+ assert( pPage->isInit );
+
+ for(j=0; j<pPage->nCell; j++){
+ CellInfo info;
+ u8 *z;
+
+ z = findCell(pPage, j);
+ pPage->xParseCell(pPage, z, &info);
+ if( info.nLocal<info.nPayload ){
+ Pgno ovfl = get4byte(&z[info.nSize-4]);
+ ptrmapGet(pBt, ovfl, &e, &n);
+ assert( n==pPage->pgno && e==PTRMAP_OVERFLOW1 );
+ }
+ if( !pPage->leaf ){
+ Pgno child = get4byte(z);
+ ptrmapGet(pBt, child, &e, &n);
+ assert( n==pPage->pgno && e==PTRMAP_BTREE );
+ }
+ }
+ if( !pPage->leaf ){
+ Pgno child = get4byte(&pPage->aData[pPage->hdrOffset+8]);
+ ptrmapGet(pBt, child, &e, &n);
+ assert( n==pPage->pgno && e==PTRMAP_BTREE );
+ }
+ }
+ return 1;
+}
+#endif
+
+/*
+** This function is used to copy the contents of the b-tree node stored
+** on page pFrom to page pTo. If page pFrom was not a leaf page, then
+** the pointer-map entries for each child page are updated so that the
+** parent page stored in the pointer map is page pTo. If pFrom contained
+** any cells with overflow page pointers, then the corresponding pointer
+** map entries are also updated so that the parent page is page pTo.
+**
+** If pFrom is currently carrying any overflow cells (entries in the
+** MemPage.apOvfl[] array), they are not copied to pTo.
+**
+** Before returning, page pTo is reinitialized using btreeInitPage().
+**
+** The performance of this function is not critical. It is only used by
+** the balance_shallower() and balance_deeper() procedures, neither of
+** which are called often under normal circumstances.
+*/
+static void copyNodeContent(MemPage *pFrom, MemPage *pTo, int *pRC){
+ if( (*pRC)==SQLITE_OK ){
+ BtShared * const pBt = pFrom->pBt;
+ u8 * const aFrom = pFrom->aData;
+ u8 * const aTo = pTo->aData;
+ int const iFromHdr = pFrom->hdrOffset;
+ int const iToHdr = ((pTo->pgno==1) ? 100 : 0);
+ int rc;
+ int iData;
+
+
+ assert( pFrom->isInit );
+ assert( pFrom->nFree>=iToHdr );
+ assert( get2byte(&aFrom[iFromHdr+5]) <= (int)pBt->usableSize );
+
+ /* Copy the b-tree node content from page pFrom to page pTo. */
+ iData = get2byte(&aFrom[iFromHdr+5]);
+ memcpy(&aTo[iData], &aFrom[iData], pBt->usableSize-iData);
+ memcpy(&aTo[iToHdr], &aFrom[iFromHdr], pFrom->cellOffset + 2*pFrom->nCell);
+
+ /* Reinitialize page pTo so that the contents of the MemPage structure
+ ** match the new data. The initialization of pTo can actually fail under
+ ** fairly obscure circumstances, even though it is a copy of initialized
+ ** page pFrom.
+ */
+ pTo->isInit = 0;
+ rc = btreeInitPage(pTo);
+ if( rc!=SQLITE_OK ){
+ *pRC = rc;
+ return;
+ }
+
+ /* If this is an auto-vacuum database, update the pointer-map entries
+ ** for any b-tree or overflow pages that pTo now contains the pointers to.
+ */
+ if( ISAUTOVACUUM ){
+ *pRC = setChildPtrmaps(pTo);
+ }
+ }
+}
+
+/*
+** This routine redistributes cells on the iParentIdx'th child of pParent
+** (hereafter "the page") and up to 2 siblings so that all pages have about the
+** same amount of free space. Usually a single sibling on either side of the
+** page are used in the balancing, though both siblings might come from one
+** side if the page is the first or last child of its parent. If the page
+** has fewer than 2 siblings (something which can only happen if the page
+** is a root page or a child of a root page) then all available siblings
+** participate in the balancing.
+**
+** The number of siblings of the page might be increased or decreased by
+** one or two in an effort to keep pages nearly full but not over full.
+**
+** Note that when this routine is called, some of the cells on the page
+** might not actually be stored in MemPage.aData[]. This can happen
+** if the page is overfull. This routine ensures that all cells allocated
+** to the page and its siblings fit into MemPage.aData[] before returning.
+**
+** In the course of balancing the page and its siblings, cells may be
+** inserted into or removed from the parent page (pParent). Doing so
+** may cause the parent page to become overfull or underfull. If this
+** happens, it is the responsibility of the caller to invoke the correct
+** balancing routine to fix this problem (see the balance() routine).
+**
+** If this routine fails for any reason, it might leave the database
+** in a corrupted state. So if this routine fails, the database should
+** be rolled back.
+**
+** The third argument to this function, aOvflSpace, is a pointer to a
+** buffer big enough to hold one page. If while inserting cells into the parent
+** page (pParent) the parent page becomes overfull, this buffer is
+** used to store the parent's overflow cells. Because this function inserts
+** a maximum of four divider cells into the parent page, and the maximum
+** size of a cell stored within an internal node is always less than 1/4
+** of the page-size, the aOvflSpace[] buffer is guaranteed to be large
+** enough for all overflow cells.
+**
+** If aOvflSpace is set to a null pointer, this function returns
+** SQLITE_NOMEM.
+*/
+static int balance_nonroot(
+ MemPage *pParent, /* Parent page of siblings being balanced */
+ int iParentIdx, /* Index of "the page" in pParent */
+ u8 *aOvflSpace, /* page-size bytes of space for parent ovfl */
+ int isRoot, /* True if pParent is a root-page */
+ int bBulk /* True if this call is part of a bulk load */
+){
+ BtShared *pBt; /* The whole database */
+ int nMaxCells = 0; /* Allocated size of apCell, szCell, aFrom. */
+ int nNew = 0; /* Number of pages in apNew[] */
+ int nOld; /* Number of pages in apOld[] */
+ int i, j, k; /* Loop counters */
+ int nxDiv; /* Next divider slot in pParent->aCell[] */
+ int rc = SQLITE_OK; /* The return code */
+ u16 leafCorrection; /* 4 if pPage is a leaf. 0 if not */
+ int leafData; /* True if pPage is a leaf of a LEAFDATA tree */
+ int usableSpace; /* Bytes in pPage beyond the header */
+ int pageFlags; /* Value of pPage->aData[0] */
+ int iSpace1 = 0; /* First unused byte of aSpace1[] */
+ int iOvflSpace = 0; /* First unused byte of aOvflSpace[] */
+ int szScratch; /* Size of scratch memory requested */
+ MemPage *apOld[NB]; /* pPage and up to two siblings */
+ MemPage *apNew[NB+2]; /* pPage and up to NB siblings after balancing */
+ u8 *pRight; /* Location in parent of right-sibling pointer */
+ u8 *apDiv[NB-1]; /* Divider cells in pParent */
+ int cntNew[NB+2]; /* Index in b.paCell[] of cell after i-th page */
+ int cntOld[NB+2]; /* Old index in b.apCell[] */
+ int szNew[NB+2]; /* Combined size of cells placed on i-th page */
+ u8 *aSpace1; /* Space for copies of dividers cells */
+ Pgno pgno; /* Temp var to store a page number in */
+ u8 abDone[NB+2]; /* True after i'th new page is populated */
+ Pgno aPgno[NB+2]; /* Page numbers of new pages before shuffling */
+ Pgno aPgOrder[NB+2]; /* Copy of aPgno[] used for sorting pages */
+ u16 aPgFlags[NB+2]; /* flags field of new pages before shuffling */
+ CellArray b; /* Parsed information on cells being balanced */
+
+ memset(abDone, 0, sizeof(abDone));
+ b.nCell = 0;
+ b.apCell = 0;
+ pBt = pParent->pBt;
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ assert( sqlite3PagerIswriteable(pParent->pDbPage) );
+
+#if 0
+ TRACE(("BALANCE: begin page %d child of %d\n", pPage->pgno, pParent->pgno));
+#endif
+
+ /* At this point pParent may have at most one overflow cell. And if
+ ** this overflow cell is present, it must be the cell with
+ ** index iParentIdx. This scenario comes about when this function
+ ** is called (indirectly) from sqlite3BtreeDelete().
+ */
+ assert( pParent->nOverflow==0 || pParent->nOverflow==1 );
+ assert( pParent->nOverflow==0 || pParent->aiOvfl[0]==iParentIdx );
+
+ if( !aOvflSpace ){
+ return SQLITE_NOMEM;
+ }
+
+ /* Find the sibling pages to balance. Also locate the cells in pParent
+ ** that divide the siblings. An attempt is made to find NN siblings on
+ ** either side of pPage. More siblings are taken from one side, however,
+ ** if there are fewer than NN siblings on the other side. If pParent
+ ** has NB or fewer children then all children of pParent are taken.
+ **
+ ** This loop also drops the divider cells from the parent page. This
+ ** way, the remainder of the function does not have to deal with any
+ ** overflow cells in the parent page, since if any existed they will
+ ** have already been removed.
+ */
+ i = pParent->nOverflow + pParent->nCell;
+ if( i<2 ){
+ nxDiv = 0;
+ }else{
+ assert( bBulk==0 || bBulk==1 );
+ if( iParentIdx==0 ){
+ nxDiv = 0;
+ }else if( iParentIdx==i ){
+ nxDiv = i-2+bBulk;
+ }else{
+ nxDiv = iParentIdx-1;
+ }
+ i = 2-bBulk;
+ }
+ nOld = i+1;
+ if( (i+nxDiv-pParent->nOverflow)==pParent->nCell ){
+ pRight = &pParent->aData[pParent->hdrOffset+8];
+ }else{
+ pRight = findCell(pParent, i+nxDiv-pParent->nOverflow);
+ }
+ pgno = get4byte(pRight);
+ while( 1 ){
+ rc = getAndInitPage(pBt, pgno, &apOld[i], 0, 0);
+ if( rc ){
+ memset(apOld, 0, (i+1)*sizeof(MemPage*));
+ goto balance_cleanup;
+ }
+ nMaxCells += 1+apOld[i]->nCell+apOld[i]->nOverflow;
+ if( (i--)==0 ) break;
+
+ if( i+nxDiv==pParent->aiOvfl[0] && pParent->nOverflow ){
+ apDiv[i] = pParent->apOvfl[0];
+ pgno = get4byte(apDiv[i]);
+ szNew[i] = pParent->xCellSize(pParent, apDiv[i]);
+ pParent->nOverflow = 0;
+ }else{
+ apDiv[i] = findCell(pParent, i+nxDiv-pParent->nOverflow);
+ pgno = get4byte(apDiv[i]);
+ szNew[i] = pParent->xCellSize(pParent, apDiv[i]);
+
+ /* Drop the cell from the parent page. apDiv[i] still points to
+ ** the cell within the parent, even though it has been dropped.
+ ** This is safe because dropping a cell only overwrites the first
+ ** four bytes of it, and this function does not need the first
+ ** four bytes of the divider cell. So the pointer is safe to use
+ ** later on.
+ **
+ ** But not if we are in secure-delete mode. In secure-delete mode,
+ ** the dropCell() routine will overwrite the entire cell with zeroes.
+ ** In this case, temporarily copy the cell into the aOvflSpace[]
+ ** buffer. It will be copied out again as soon as the aSpace[] buffer
+ ** is allocated. */
+ if( pBt->btsFlags & BTS_SECURE_DELETE ){
+ int iOff;
+
+ iOff = SQLITE_PTR_TO_INT(apDiv[i]) - SQLITE_PTR_TO_INT(pParent->aData);
+ if( (iOff+szNew[i])>(int)pBt->usableSize ){
+ rc = SQLITE_CORRUPT_BKPT;
+ memset(apOld, 0, (i+1)*sizeof(MemPage*));
+ goto balance_cleanup;
+ }else{
+ memcpy(&aOvflSpace[iOff], apDiv[i], szNew[i]);
+ apDiv[i] = &aOvflSpace[apDiv[i]-pParent->aData];
+ }
+ }
+ dropCell(pParent, i+nxDiv-pParent->nOverflow, szNew[i], &rc);
+ }
+ }
+
+ /* Make nMaxCells a multiple of 4 in order to preserve 8-byte
+ ** alignment */
+ nMaxCells = (nMaxCells + 3)&~3;
+
+ /*
+ ** Allocate space for memory structures
+ */
+ szScratch =
+ nMaxCells*sizeof(u8*) /* b.apCell */
+ + nMaxCells*sizeof(u16) /* b.szCell */
+ + pBt->pageSize; /* aSpace1 */
+
+ /* EVIDENCE-OF: R-28375-38319 SQLite will never request a scratch buffer
+ ** that is more than 6 times the database page size. */
+ assert( szScratch<=6*(int)pBt->pageSize );
+ b.apCell = sqlite3ScratchMalloc( szScratch );
+ if( b.apCell==0 ){
+ rc = SQLITE_NOMEM;
+ goto balance_cleanup;
+ }
+ b.szCell = (u16*)&b.apCell[nMaxCells];
+ aSpace1 = (u8*)&b.szCell[nMaxCells];
+ assert( EIGHT_BYTE_ALIGNMENT(aSpace1) );
+
+ /*
+ ** Load pointers to all cells on sibling pages and the divider cells
+ ** into the local b.apCell[] array. Make copies of the divider cells
+ ** into space obtained from aSpace1[]. The divider cells have already
+ ** been removed from pParent.
+ **
+ ** If the siblings are on leaf pages, then the child pointers of the
+ ** divider cells are stripped from the cells before they are copied
+ ** into aSpace1[]. In this way, all cells in b.apCell[] are without
+ ** child pointers. If siblings are not leaves, then all cell in
+ ** b.apCell[] include child pointers. Either way, all cells in b.apCell[]
+ ** are alike.
+ **
+ ** leafCorrection: 4 if pPage is a leaf. 0 if pPage is not a leaf.
+ ** leafData: 1 if pPage holds key+data and pParent holds only keys.
+ */
+ b.pRef = apOld[0];
+ leafCorrection = b.pRef->leaf*4;
+ leafData = b.pRef->intKeyLeaf;
+ for(i=0; i<nOld; i++){
+ MemPage *pOld = apOld[i];
+ int limit = pOld->nCell;
+ u8 *aData = pOld->aData;
+ u16 maskPage = pOld->maskPage;
+ u8 *piCell = aData + pOld->cellOffset;
+ u8 *piEnd;
+
+ /* Verify that all sibling pages are of the same "type" (table-leaf,
+ ** table-interior, index-leaf, or index-interior).
+ */
+ if( pOld->aData[0]!=apOld[0]->aData[0] ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto balance_cleanup;
+ }
+
+ /* Load b.apCell[] with pointers to all cells in pOld. If pOld
+ ** constains overflow cells, include them in the b.apCell[] array
+ ** in the correct spot.
+ **
+ ** Note that when there are multiple overflow cells, it is always the
+ ** case that they are sequential and adjacent. This invariant arises
+ ** because multiple overflows can only occurs when inserting divider
+ ** cells into a parent on a prior balance, and divider cells are always
+ ** adjacent and are inserted in order. There is an assert() tagged
+ ** with "NOTE 1" in the overflow cell insertion loop to prove this
+ ** invariant.
+ **
+ ** This must be done in advance. Once the balance starts, the cell
+ ** offset section of the btree page will be overwritten and we will no
+ ** long be able to find the cells if a pointer to each cell is not saved
+ ** first.
+ */
+ memset(&b.szCell[b.nCell], 0, sizeof(b.szCell[0])*limit);
+ if( pOld->nOverflow>0 ){
+ memset(&b.szCell[b.nCell+limit], 0, sizeof(b.szCell[0])*pOld->nOverflow);
+ limit = pOld->aiOvfl[0];
+ for(j=0; j<limit; j++){
+ b.apCell[b.nCell] = aData + (maskPage & get2byteAligned(piCell));
+ piCell += 2;
+ b.nCell++;
+ }
+ for(k=0; k<pOld->nOverflow; k++){
+ assert( k==0 || pOld->aiOvfl[k-1]+1==pOld->aiOvfl[k] );/* NOTE 1 */
+ b.apCell[b.nCell] = pOld->apOvfl[k];
+ b.nCell++;
+ }
+ }
+ piEnd = aData + pOld->cellOffset + 2*pOld->nCell;
+ while( piCell<piEnd ){
+ assert( b.nCell<nMaxCells );
+ b.apCell[b.nCell] = aData + (maskPage & get2byteAligned(piCell));
+ piCell += 2;
+ b.nCell++;
+ }
+
+ cntOld[i] = b.nCell;
+ if( i<nOld-1 && !leafData){
+ u16 sz = (u16)szNew[i];
+ u8 *pTemp;
+ assert( b.nCell<nMaxCells );
+ b.szCell[b.nCell] = sz;
+ pTemp = &aSpace1[iSpace1];
+ iSpace1 += sz;
+ assert( sz<=pBt->maxLocal+23 );
+ assert( iSpace1 <= (int)pBt->pageSize );
+ memcpy(pTemp, apDiv[i], sz);
+ b.apCell[b.nCell] = pTemp+leafCorrection;
+ assert( leafCorrection==0 || leafCorrection==4 );
+ b.szCell[b.nCell] = b.szCell[b.nCell] - leafCorrection;
+ if( !pOld->leaf ){
+ assert( leafCorrection==0 );
+ assert( pOld->hdrOffset==0 );
+ /* The right pointer of the child page pOld becomes the left
+ ** pointer of the divider cell */
+ memcpy(b.apCell[b.nCell], &pOld->aData[8], 4);
+ }else{
+ assert( leafCorrection==4 );
+ while( b.szCell[b.nCell]<4 ){
+ /* Do not allow any cells smaller than 4 bytes. If a smaller cell
+ ** does exist, pad it with 0x00 bytes. */
+ assert( b.szCell[b.nCell]==3 || CORRUPT_DB );
+ assert( b.apCell[b.nCell]==&aSpace1[iSpace1-3] || CORRUPT_DB );
+ aSpace1[iSpace1++] = 0x00;
+ b.szCell[b.nCell]++;
+ }
+ }
+ b.nCell++;
+ }
+ }
+
+ /*
+ ** Figure out the number of pages needed to hold all b.nCell cells.
+ ** Store this number in "k". Also compute szNew[] which is the total
+ ** size of all cells on the i-th page and cntNew[] which is the index
+ ** in b.apCell[] of the cell that divides page i from page i+1.
+ ** cntNew[k] should equal b.nCell.
+ **
+ ** Values computed by this block:
+ **
+ ** k: The total number of sibling pages
+ ** szNew[i]: Spaced used on the i-th sibling page.
+ ** cntNew[i]: Index in b.apCell[] and b.szCell[] for the first cell to
+ ** the right of the i-th sibling page.
+ ** usableSpace: Number of bytes of space available on each sibling.
+ **
+ */
+ usableSpace = pBt->usableSize - 12 + leafCorrection;
+ for(i=0; i<nOld; i++){
+ MemPage *p = apOld[i];
+ szNew[i] = usableSpace - p->nFree;
+ if( szNew[i]<0 ){ rc = SQLITE_CORRUPT_BKPT; goto balance_cleanup; }
+ for(j=0; j<p->nOverflow; j++){
+ szNew[i] += 2 + p->xCellSize(p, p->apOvfl[j]);
+ }
+ cntNew[i] = cntOld[i];
+ }
+ k = nOld;
+ for(i=0; i<k; i++){
+ int sz;
+ while( szNew[i]>usableSpace ){
+ if( i+1>=k ){
+ k = i+2;
+ if( k>NB+2 ){ rc = SQLITE_CORRUPT_BKPT; goto balance_cleanup; }
+ szNew[k-1] = 0;
+ cntNew[k-1] = b.nCell;
+ }
+ sz = 2 + cachedCellSize(&b, cntNew[i]-1);
+ szNew[i] -= sz;
+ if( !leafData ){
+ if( cntNew[i]<b.nCell ){
+ sz = 2 + cachedCellSize(&b, cntNew[i]);
+ }else{
+ sz = 0;
+ }
+ }
+ szNew[i+1] += sz;
+ cntNew[i]--;
+ }
+ while( cntNew[i]<b.nCell ){
+ sz = 2 + cachedCellSize(&b, cntNew[i]);
+ if( szNew[i]+sz>usableSpace ) break;
+ szNew[i] += sz;
+ cntNew[i]++;
+ if( !leafData ){
+ if( cntNew[i]<b.nCell ){
+ sz = 2 + cachedCellSize(&b, cntNew[i]);
+ }else{
+ sz = 0;
+ }
+ }
+ szNew[i+1] -= sz;
+ }
+ if( cntNew[i]>=b.nCell ){
+ k = i+1;
+ }else if( cntNew[i] <= (i>0 ? cntNew[i-1] : 0) ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto balance_cleanup;
+ }
+ }
+
+ /*
+ ** The packing computed by the previous block is biased toward the siblings
+ ** on the left side (siblings with smaller keys). The left siblings are
+ ** always nearly full, while the right-most sibling might be nearly empty.
+ ** The next block of code attempts to adjust the packing of siblings to
+ ** get a better balance.
+ **
+ ** This adjustment is more than an optimization. The packing above might
+ ** be so out of balance as to be illegal. For example, the right-most
+ ** sibling might be completely empty. This adjustment is not optional.
+ */
+ for(i=k-1; i>0; i--){
+ int szRight = szNew[i]; /* Size of sibling on the right */
+ int szLeft = szNew[i-1]; /* Size of sibling on the left */
+ int r; /* Index of right-most cell in left sibling */
+ int d; /* Index of first cell to the left of right sibling */
+
+ r = cntNew[i-1] - 1;
+ d = r + 1 - leafData;
+ (void)cachedCellSize(&b, d);
+ do{
+ assert( d<nMaxCells );
+ assert( r<nMaxCells );
+ (void)cachedCellSize(&b, r);
+ if( szRight!=0
+ && (bBulk || szRight+b.szCell[d]+2 > szLeft-(b.szCell[r]+2)) ){
+ break;
+ }
+ szRight += b.szCell[d] + 2;
+ szLeft -= b.szCell[r] + 2;
+ cntNew[i-1] = r;
+ r--;
+ d--;
+ }while( r>=0 );
+ szNew[i] = szRight;
+ szNew[i-1] = szLeft;
+ if( cntNew[i-1] <= (i>1 ? cntNew[i-2] : 0) ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto balance_cleanup;
+ }
+ }
+
+ /* Sanity check: For a non-corrupt database file one of the follwing
+ ** must be true:
+ ** (1) We found one or more cells (cntNew[0])>0), or
+ ** (2) pPage is a virtual root page. A virtual root page is when
+ ** the real root page is page 1 and we are the only child of
+ ** that page.
+ */
+ assert( cntNew[0]>0 || (pParent->pgno==1 && pParent->nCell==0) || CORRUPT_DB);
+ TRACE(("BALANCE: old: %d(nc=%d) %d(nc=%d) %d(nc=%d)\n",
+ apOld[0]->pgno, apOld[0]->nCell,
+ nOld>=2 ? apOld[1]->pgno : 0, nOld>=2 ? apOld[1]->nCell : 0,
+ nOld>=3 ? apOld[2]->pgno : 0, nOld>=3 ? apOld[2]->nCell : 0
+ ));
+
+ /*
+ ** Allocate k new pages. Reuse old pages where possible.
+ */
+ pageFlags = apOld[0]->aData[0];
+ for(i=0; i<k; i++){
+ MemPage *pNew;
+ if( i<nOld ){
+ pNew = apNew[i] = apOld[i];
+ apOld[i] = 0;
+ rc = sqlite3PagerWrite(pNew->pDbPage);
+ nNew++;
+ if( rc ) goto balance_cleanup;
+ }else{
+ assert( i>0 );
+ rc = allocateBtreePage(pBt, &pNew, &pgno, (bBulk ? 1 : pgno), 0);
+ if( rc ) goto balance_cleanup;
+ zeroPage(pNew, pageFlags);
+ apNew[i] = pNew;
+ nNew++;
+ cntOld[i] = b.nCell;
+
+ /* Set the pointer-map entry for the new sibling page. */
+ if( ISAUTOVACUUM ){
+ ptrmapPut(pBt, pNew->pgno, PTRMAP_BTREE, pParent->pgno, &rc);
+ if( rc!=SQLITE_OK ){
+ goto balance_cleanup;
+ }
+ }
+ }
+ }
+
+ /*
+ ** Reassign page numbers so that the new pages are in ascending order.
+ ** This helps to keep entries in the disk file in order so that a scan
+ ** of the table is closer to a linear scan through the file. That in turn
+ ** helps the operating system to deliver pages from the disk more rapidly.
+ **
+ ** An O(n^2) insertion sort algorithm is used, but since n is never more
+ ** than (NB+2) (a small constant), that should not be a problem.
+ **
+ ** When NB==3, this one optimization makes the database about 25% faster
+ ** for large insertions and deletions.
+ */
+ for(i=0; i<nNew; i++){
+ aPgOrder[i] = aPgno[i] = apNew[i]->pgno;
+ aPgFlags[i] = apNew[i]->pDbPage->flags;
+ for(j=0; j<i; j++){
+ if( aPgno[j]==aPgno[i] ){
+ /* This branch is taken if the set of sibling pages somehow contains
+ ** duplicate entries. This can happen if the database is corrupt.
+ ** It would be simpler to detect this as part of the loop below, but
+ ** we do the detection here in order to avoid populating the pager
+ ** cache with two separate objects associated with the same
+ ** page number. */
+ assert( CORRUPT_DB );
+ rc = SQLITE_CORRUPT_BKPT;
+ goto balance_cleanup;
+ }
+ }
+ }
+ for(i=0; i<nNew; i++){
+ int iBest = 0; /* aPgno[] index of page number to use */
+ for(j=1; j<nNew; j++){
+ if( aPgOrder[j]<aPgOrder[iBest] ) iBest = j;
+ }
+ pgno = aPgOrder[iBest];
+ aPgOrder[iBest] = 0xffffffff;
+ if( iBest!=i ){
+ if( iBest>i ){
+ sqlite3PagerRekey(apNew[iBest]->pDbPage, pBt->nPage+iBest+1, 0);
+ }
+ sqlite3PagerRekey(apNew[i]->pDbPage, pgno, aPgFlags[iBest]);
+ apNew[i]->pgno = pgno;
+ }
+ }
+
+ TRACE(("BALANCE: new: %d(%d nc=%d) %d(%d nc=%d) %d(%d nc=%d) "
+ "%d(%d nc=%d) %d(%d nc=%d)\n",
+ apNew[0]->pgno, szNew[0], cntNew[0],
+ nNew>=2 ? apNew[1]->pgno : 0, nNew>=2 ? szNew[1] : 0,
+ nNew>=2 ? cntNew[1] - cntNew[0] - !leafData : 0,
+ nNew>=3 ? apNew[2]->pgno : 0, nNew>=3 ? szNew[2] : 0,
+ nNew>=3 ? cntNew[2] - cntNew[1] - !leafData : 0,
+ nNew>=4 ? apNew[3]->pgno : 0, nNew>=4 ? szNew[3] : 0,
+ nNew>=4 ? cntNew[3] - cntNew[2] - !leafData : 0,
+ nNew>=5 ? apNew[4]->pgno : 0, nNew>=5 ? szNew[4] : 0,
+ nNew>=5 ? cntNew[4] - cntNew[3] - !leafData : 0
+ ));
+
+ assert( sqlite3PagerIswriteable(pParent->pDbPage) );
+ put4byte(pRight, apNew[nNew-1]->pgno);
+
+ /* If the sibling pages are not leaves, ensure that the right-child pointer
+ ** of the right-most new sibling page is set to the value that was
+ ** originally in the same field of the right-most old sibling page. */
+ if( (pageFlags & PTF_LEAF)==0 && nOld!=nNew ){
+ MemPage *pOld = (nNew>nOld ? apNew : apOld)[nOld-1];
+ memcpy(&apNew[nNew-1]->aData[8], &pOld->aData[8], 4);
+ }
+
+ /* Make any required updates to pointer map entries associated with
+ ** cells stored on sibling pages following the balance operation. Pointer
+ ** map entries associated with divider cells are set by the insertCell()
+ ** routine. The associated pointer map entries are:
+ **
+ ** a) if the cell contains a reference to an overflow chain, the
+ ** entry associated with the first page in the overflow chain, and
+ **
+ ** b) if the sibling pages are not leaves, the child page associated
+ ** with the cell.
+ **
+ ** If the sibling pages are not leaves, then the pointer map entry
+ ** associated with the right-child of each sibling may also need to be
+ ** updated. This happens below, after the sibling pages have been
+ ** populated, not here.
+ */
+ if( ISAUTOVACUUM ){
+ MemPage *pNew = apNew[0];
+ u8 *aOld = pNew->aData;
+ int cntOldNext = pNew->nCell + pNew->nOverflow;
+ int usableSize = pBt->usableSize;
+ int iNew = 0;
+ int iOld = 0;
+
+ for(i=0; i<b.nCell; i++){
+ u8 *pCell = b.apCell[i];
+ if( i==cntOldNext ){
+ MemPage *pOld = (++iOld)<nNew ? apNew[iOld] : apOld[iOld];
+ cntOldNext += pOld->nCell + pOld->nOverflow + !leafData;
+ aOld = pOld->aData;
+ }
+ if( i==cntNew[iNew] ){
+ pNew = apNew[++iNew];
+ if( !leafData ) continue;
+ }
+
+ /* Cell pCell is destined for new sibling page pNew. Originally, it
+ ** was either part of sibling page iOld (possibly an overflow cell),
+ ** or else the divider cell to the left of sibling page iOld. So,
+ ** if sibling page iOld had the same page number as pNew, and if
+ ** pCell really was a part of sibling page iOld (not a divider or
+ ** overflow cell), we can skip updating the pointer map entries. */
+ if( iOld>=nNew
+ || pNew->pgno!=aPgno[iOld]
+ || !SQLITE_WITHIN(pCell,aOld,&aOld[usableSize])
+ ){
+ if( !leafCorrection ){
+ ptrmapPut(pBt, get4byte(pCell), PTRMAP_BTREE, pNew->pgno, &rc);
+ }
+ if( cachedCellSize(&b,i)>pNew->minLocal ){
+ ptrmapPutOvflPtr(pNew, pCell, &rc);
+ }
+ if( rc ) goto balance_cleanup;
+ }
+ }
+ }
+
+ /* Insert new divider cells into pParent. */
+ for(i=0; i<nNew-1; i++){
+ u8 *pCell;
+ u8 *pTemp;
+ int sz;
+ MemPage *pNew = apNew[i];
+ j = cntNew[i];
+
+ assert( j<nMaxCells );
+ assert( b.apCell[j]!=0 );
+ pCell = b.apCell[j];
+ sz = b.szCell[j] + leafCorrection;
+ pTemp = &aOvflSpace[iOvflSpace];
+ if( !pNew->leaf ){
+ memcpy(&pNew->aData[8], pCell, 4);
+ }else if( leafData ){
+ /* If the tree is a leaf-data tree, and the siblings are leaves,
+ ** then there is no divider cell in b.apCell[]. Instead, the divider
+ ** cell consists of the integer key for the right-most cell of
+ ** the sibling-page assembled above only.
+ */
+ CellInfo info;
+ j--;
+ pNew->xParseCell(pNew, b.apCell[j], &info);
+ pCell = pTemp;
+ sz = 4 + putVarint(&pCell[4], info.nKey);
+ pTemp = 0;
+ }else{
+ pCell -= 4;
+ /* Obscure case for non-leaf-data trees: If the cell at pCell was
+ ** previously stored on a leaf node, and its reported size was 4
+ ** bytes, then it may actually be smaller than this
+ ** (see btreeParseCellPtr(), 4 bytes is the minimum size of
+ ** any cell). But it is important to pass the correct size to
+ ** insertCell(), so reparse the cell now.
+ **
+ ** Note that this can never happen in an SQLite data file, as all
+ ** cells are at least 4 bytes. It only happens in b-trees used
+ ** to evaluate "IN (SELECT ...)" and similar clauses.
+ */
+ if( b.szCell[j]==4 ){
+ assert(leafCorrection==4);
+ sz = pParent->xCellSize(pParent, pCell);
+ }
+ }
+ iOvflSpace += sz;
+ assert( sz<=pBt->maxLocal+23 );
+ assert( iOvflSpace <= (int)pBt->pageSize );
+ insertCell(pParent, nxDiv+i, pCell, sz, pTemp, pNew->pgno, &rc);
+ if( rc!=SQLITE_OK ) goto balance_cleanup;
+ assert( sqlite3PagerIswriteable(pParent->pDbPage) );
+ }
+
+ /* Now update the actual sibling pages. The order in which they are updated
+ ** is important, as this code needs to avoid disrupting any page from which
+ ** cells may still to be read. In practice, this means:
+ **
+ ** (1) If cells are moving left (from apNew[iPg] to apNew[iPg-1])
+ ** then it is not safe to update page apNew[iPg] until after
+ ** the left-hand sibling apNew[iPg-1] has been updated.
+ **
+ ** (2) If cells are moving right (from apNew[iPg] to apNew[iPg+1])
+ ** then it is not safe to update page apNew[iPg] until after
+ ** the right-hand sibling apNew[iPg+1] has been updated.
+ **
+ ** If neither of the above apply, the page is safe to update.
+ **
+ ** The iPg value in the following loop starts at nNew-1 goes down
+ ** to 0, then back up to nNew-1 again, thus making two passes over
+ ** the pages. On the initial downward pass, only condition (1) above
+ ** needs to be tested because (2) will always be true from the previous
+ ** step. On the upward pass, both conditions are always true, so the
+ ** upwards pass simply processes pages that were missed on the downward
+ ** pass.
+ */
+ for(i=1-nNew; i<nNew; i++){
+ int iPg = i<0 ? -i : i;
+ assert( iPg>=0 && iPg<nNew );
+ if( abDone[iPg] ) continue; /* Skip pages already processed */
+ if( i>=0 /* On the upwards pass, or... */
+ || cntOld[iPg-1]>=cntNew[iPg-1] /* Condition (1) is true */
+ ){
+ int iNew;
+ int iOld;
+ int nNewCell;
+
+ /* Verify condition (1): If cells are moving left, update iPg
+ ** only after iPg-1 has already been updated. */
+ assert( iPg==0 || cntOld[iPg-1]>=cntNew[iPg-1] || abDone[iPg-1] );
+
+ /* Verify condition (2): If cells are moving right, update iPg
+ ** only after iPg+1 has already been updated. */
+ assert( cntNew[iPg]>=cntOld[iPg] || abDone[iPg+1] );
+
+ if( iPg==0 ){
+ iNew = iOld = 0;
+ nNewCell = cntNew[0];
+ }else{
+ iOld = iPg<nOld ? (cntOld[iPg-1] + !leafData) : b.nCell;
+ iNew = cntNew[iPg-1] + !leafData;
+ nNewCell = cntNew[iPg] - iNew;
+ }
+
+ rc = editPage(apNew[iPg], iOld, iNew, nNewCell, &b);
+ if( rc ) goto balance_cleanup;
+ abDone[iPg]++;
+ apNew[iPg]->nFree = usableSpace-szNew[iPg];
+ assert( apNew[iPg]->nOverflow==0 );
+ assert( apNew[iPg]->nCell==nNewCell );
+ }
+ }
+
+ /* All pages have been processed exactly once */
+ assert( memcmp(abDone, "\01\01\01\01\01", nNew)==0 );
+
+ assert( nOld>0 );
+ assert( nNew>0 );
+
+ if( isRoot && pParent->nCell==0 && pParent->hdrOffset<=apNew[0]->nFree ){
+ /* The root page of the b-tree now contains no cells. The only sibling
+ ** page is the right-child of the parent. Copy the contents of the
+ ** child page into the parent, decreasing the overall height of the
+ ** b-tree structure by one. This is described as the "balance-shallower"
+ ** sub-algorithm in some documentation.
+ **
+ ** If this is an auto-vacuum database, the call to copyNodeContent()
+ ** sets all pointer-map entries corresponding to database image pages
+ ** for which the pointer is stored within the content being copied.
+ **
+ ** It is critical that the child page be defragmented before being
+ ** copied into the parent, because if the parent is page 1 then it will
+ ** by smaller than the child due to the database header, and so all the
+ ** free space needs to be up front.
+ */
+ assert( nNew==1 || CORRUPT_DB );
+ rc = defragmentPage(apNew[0]);
+ testcase( rc!=SQLITE_OK );
+ assert( apNew[0]->nFree ==
+ (get2byte(&apNew[0]->aData[5])-apNew[0]->cellOffset-apNew[0]->nCell*2)
+ || rc!=SQLITE_OK
+ );
+ copyNodeContent(apNew[0], pParent, &rc);
+ freePage(apNew[0], &rc);
+ }else if( ISAUTOVACUUM && !leafCorrection ){
+ /* Fix the pointer map entries associated with the right-child of each
+ ** sibling page. All other pointer map entries have already been taken
+ ** care of. */
+ for(i=0; i<nNew; i++){
+ u32 key = get4byte(&apNew[i]->aData[8]);
+ ptrmapPut(pBt, key, PTRMAP_BTREE, apNew[i]->pgno, &rc);
+ }
+ }
+
+ assert( pParent->isInit );
+ TRACE(("BALANCE: finished: old=%d new=%d cells=%d\n",
+ nOld, nNew, b.nCell));
+
+ /* Free any old pages that were not reused as new pages.
+ */
+ for(i=nNew; i<nOld; i++){
+ freePage(apOld[i], &rc);
+ }
+
+#if 0
+ if( ISAUTOVACUUM && rc==SQLITE_OK && apNew[0]->isInit ){
+ /* The ptrmapCheckPages() contains assert() statements that verify that
+ ** all pointer map pages are set correctly. This is helpful while
+ ** debugging. This is usually disabled because a corrupt database may
+ ** cause an assert() statement to fail. */
+ ptrmapCheckPages(apNew, nNew);
+ ptrmapCheckPages(&pParent, 1);
+ }
+#endif
+
+ /*
+ ** Cleanup before returning.
+ */
+balance_cleanup:
+ sqlite3ScratchFree(b.apCell);
+ for(i=0; i<nOld; i++){
+ releasePage(apOld[i]);
+ }
+ for(i=0; i<nNew; i++){
+ releasePage(apNew[i]);
+ }
+
+ return rc;
+}
+
+
+/*
+** This function is called when the root page of a b-tree structure is
+** overfull (has one or more overflow pages).
+**
+** A new child page is allocated and the contents of the current root
+** page, including overflow cells, are copied into the child. The root
+** page is then overwritten to make it an empty page with the right-child
+** pointer pointing to the new page.
+**
+** Before returning, all pointer-map entries corresponding to pages
+** that the new child-page now contains pointers to are updated. The
+** entry corresponding to the new right-child pointer of the root
+** page is also updated.
+**
+** If successful, *ppChild is set to contain a reference to the child
+** page and SQLITE_OK is returned. In this case the caller is required
+** to call releasePage() on *ppChild exactly once. If an error occurs,
+** an error code is returned and *ppChild is set to 0.
+*/
+static int balance_deeper(MemPage *pRoot, MemPage **ppChild){
+ int rc; /* Return value from subprocedures */
+ MemPage *pChild = 0; /* Pointer to a new child page */
+ Pgno pgnoChild = 0; /* Page number of the new child page */
+ BtShared *pBt = pRoot->pBt; /* The BTree */
+
+ assert( pRoot->nOverflow>0 );
+ assert( sqlite3_mutex_held(pBt->mutex) );
+
+ /* Make pRoot, the root page of the b-tree, writable. Allocate a new
+ ** page that will become the new right-child of pPage. Copy the contents
+ ** of the node stored on pRoot into the new child page.
+ */
+ rc = sqlite3PagerWrite(pRoot->pDbPage);
+ if( rc==SQLITE_OK ){
+ rc = allocateBtreePage(pBt,&pChild,&pgnoChild,pRoot->pgno,0);
+ copyNodeContent(pRoot, pChild, &rc);
+ if( ISAUTOVACUUM ){
+ ptrmapPut(pBt, pgnoChild, PTRMAP_BTREE, pRoot->pgno, &rc);
+ }
+ }
+ if( rc ){
+ *ppChild = 0;
+ releasePage(pChild);
+ return rc;
+ }
+ assert( sqlite3PagerIswriteable(pChild->pDbPage) );
+ assert( sqlite3PagerIswriteable(pRoot->pDbPage) );
+ assert( pChild->nCell==pRoot->nCell );
+
+ TRACE(("BALANCE: copy root %d into %d\n", pRoot->pgno, pChild->pgno));
+
+ /* Copy the overflow cells from pRoot to pChild */
+ memcpy(pChild->aiOvfl, pRoot->aiOvfl,
+ pRoot->nOverflow*sizeof(pRoot->aiOvfl[0]));
+ memcpy(pChild->apOvfl, pRoot->apOvfl,
+ pRoot->nOverflow*sizeof(pRoot->apOvfl[0]));
+ pChild->nOverflow = pRoot->nOverflow;
+
+ /* Zero the contents of pRoot. Then install pChild as the right-child. */
+ zeroPage(pRoot, pChild->aData[0] & ~PTF_LEAF);
+ put4byte(&pRoot->aData[pRoot->hdrOffset+8], pgnoChild);
+
+ *ppChild = pChild;
+ return SQLITE_OK;
+}
+
+/*
+** The page that pCur currently points to has just been modified in
+** some way. This function figures out if this modification means the
+** tree needs to be balanced, and if so calls the appropriate balancing
+** routine. Balancing routines are:
+**
+** balance_quick()
+** balance_deeper()
+** balance_nonroot()
+*/
+static int balance(BtCursor *pCur){
+ int rc = SQLITE_OK;
+ const int nMin = pCur->pBt->usableSize * 2 / 3;
+ u8 aBalanceQuickSpace[13];
+ u8 *pFree = 0;
+
+ TESTONLY( int balance_quick_called = 0 );
+ TESTONLY( int balance_deeper_called = 0 );
+
+ do {
+ int iPage = pCur->iPage;
+ MemPage *pPage = pCur->apPage[iPage];
+
+ if( iPage==0 ){
+ if( pPage->nOverflow ){
+ /* The root page of the b-tree is overfull. In this case call the
+ ** balance_deeper() function to create a new child for the root-page
+ ** and copy the current contents of the root-page to it. The
+ ** next iteration of the do-loop will balance the child page.
+ */
+ assert( (balance_deeper_called++)==0 );
+ rc = balance_deeper(pPage, &pCur->apPage[1]);
+ if( rc==SQLITE_OK ){
+ pCur->iPage = 1;
+ pCur->aiIdx[0] = 0;
+ pCur->aiIdx[1] = 0;
+ assert( pCur->apPage[1]->nOverflow );
+ }
+ }else{
+ break;
+ }
+ }else if( pPage->nOverflow==0 && pPage->nFree<=nMin ){
+ break;
+ }else{
+ MemPage * const pParent = pCur->apPage[iPage-1];
+ int const iIdx = pCur->aiIdx[iPage-1];
+
+ rc = sqlite3PagerWrite(pParent->pDbPage);
+ if( rc==SQLITE_OK ){
+#ifndef SQLITE_OMIT_QUICKBALANCE
+ if( pPage->intKeyLeaf
+ && pPage->nOverflow==1
+ && pPage->aiOvfl[0]==pPage->nCell
+ && pParent->pgno!=1
+ && pParent->nCell==iIdx
+ ){
+ /* Call balance_quick() to create a new sibling of pPage on which
+ ** to store the overflow cell. balance_quick() inserts a new cell
+ ** into pParent, which may cause pParent overflow. If this
+ ** happens, the next iteration of the do-loop will balance pParent
+ ** use either balance_nonroot() or balance_deeper(). Until this
+ ** happens, the overflow cell is stored in the aBalanceQuickSpace[]
+ ** buffer.
+ **
+ ** The purpose of the following assert() is to check that only a
+ ** single call to balance_quick() is made for each call to this
+ ** function. If this were not verified, a subtle bug involving reuse
+ ** of the aBalanceQuickSpace[] might sneak in.
+ */
+ assert( (balance_quick_called++)==0 );
+ rc = balance_quick(pParent, pPage, aBalanceQuickSpace);
+ }else
+#endif
+ {
+ /* In this case, call balance_nonroot() to redistribute cells
+ ** between pPage and up to 2 of its sibling pages. This involves
+ ** modifying the contents of pParent, which may cause pParent to
+ ** become overfull or underfull. The next iteration of the do-loop
+ ** will balance the parent page to correct this.
+ **
+ ** If the parent page becomes overfull, the overflow cell or cells
+ ** are stored in the pSpace buffer allocated immediately below.
+ ** A subsequent iteration of the do-loop will deal with this by
+ ** calling balance_nonroot() (balance_deeper() may be called first,
+ ** but it doesn't deal with overflow cells - just moves them to a
+ ** different page). Once this subsequent call to balance_nonroot()
+ ** has completed, it is safe to release the pSpace buffer used by
+ ** the previous call, as the overflow cell data will have been
+ ** copied either into the body of a database page or into the new
+ ** pSpace buffer passed to the latter call to balance_nonroot().
+ */
+ u8 *pSpace = sqlite3PageMalloc(pCur->pBt->pageSize);
+ rc = balance_nonroot(pParent, iIdx, pSpace, iPage==1,
+ pCur->hints&BTREE_BULKLOAD);
+ if( pFree ){
+ /* If pFree is not NULL, it points to the pSpace buffer used
+ ** by a previous call to balance_nonroot(). Its contents are
+ ** now stored either on real database pages or within the
+ ** new pSpace buffer, so it may be safely freed here. */
+ sqlite3PageFree(pFree);
+ }
+
+ /* The pSpace buffer will be freed after the next call to
+ ** balance_nonroot(), or just before this function returns, whichever
+ ** comes first. */
+ pFree = pSpace;
+ }
+ }
+
+ pPage->nOverflow = 0;
+
+ /* The next iteration of the do-loop balances the parent page. */
+ releasePage(pPage);
+ pCur->iPage--;
+ assert( pCur->iPage>=0 );
+ }
+ }while( rc==SQLITE_OK );
+
+ if( pFree ){
+ sqlite3PageFree(pFree);
+ }
+ return rc;
+}
+
+
+/*
+** Insert a new record into the BTree. The key is given by (pKey,nKey)
+** and the data is given by (pData,nData). The cursor is used only to
+** define what table the record should be inserted into. The cursor
+** is left pointing at a random location.
+**
+** For an INTKEY table, only the nKey value of the key is used. pKey is
+** ignored. For a ZERODATA table, the pData and nData are both ignored.
+**
+** If the seekResult parameter is non-zero, then a successful call to
+** MovetoUnpacked() to seek cursor pCur to (pKey, nKey) has already
+** been performed. seekResult is the search result returned (a negative
+** number if pCur points at an entry that is smaller than (pKey, nKey), or
+** a positive value if pCur points at an entry that is larger than
+** (pKey, nKey)).
+**
+** If the seekResult parameter is non-zero, then the caller guarantees that
+** cursor pCur is pointing at the existing copy of a row that is to be
+** overwritten. If the seekResult parameter is 0, then cursor pCur may
+** point to any entry or to no entry at all and so this function has to seek
+** the cursor before the new key can be inserted.
+*/
+SQLITE_PRIVATE int sqlite3BtreeInsert(
+ BtCursor *pCur, /* Insert data into the table of this cursor */
+ const void *pKey, i64 nKey, /* The key of the new record */
+ const void *pData, int nData, /* The data of the new record */
+ int nZero, /* Number of extra 0 bytes to append to data */
+ int appendBias, /* True if this is likely an append */
+ int seekResult /* Result of prior MovetoUnpacked() call */
+){
+ int rc;
+ int loc = seekResult; /* -1: before desired location +1: after */
+ int szNew = 0;
+ int idx;
+ MemPage *pPage;
+ Btree *p = pCur->pBtree;
+ BtShared *pBt = p->pBt;
+ unsigned char *oldCell;
+ unsigned char *newCell = 0;
+
+ if( pCur->eState==CURSOR_FAULT ){
+ assert( pCur->skipNext!=SQLITE_OK );
+ return pCur->skipNext;
+ }
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( (pCur->curFlags & BTCF_WriteFlag)!=0
+ && pBt->inTransaction==TRANS_WRITE
+ && (pBt->btsFlags & BTS_READ_ONLY)==0 );
+ assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
+
+ /* Assert that the caller has been consistent. If this cursor was opened
+ ** expecting an index b-tree, then the caller should be inserting blob
+ ** keys with no associated data. If the cursor was opened expecting an
+ ** intkey table, the caller should be inserting integer keys with a
+ ** blob of associated data. */
+ assert( (pKey==0)==(pCur->pKeyInfo==0) );
+
+ /* Save the positions of any other cursors open on this table.
+ **
+ ** In some cases, the call to btreeMoveto() below is a no-op. For
+ ** example, when inserting data into a table with auto-generated integer
+ ** keys, the VDBE layer invokes sqlite3BtreeLast() to figure out the
+ ** integer key to use. It then calls this function to actually insert the
+ ** data into the intkey B-Tree. In this case btreeMoveto() recognizes
+ ** that the cursor is already where it needs to be and returns without
+ ** doing any work. To avoid thwarting these optimizations, it is important
+ ** not to clear the cursor here.
+ */
+ if( pCur->curFlags & BTCF_Multiple ){
+ rc = saveAllCursors(pBt, pCur->pgnoRoot, pCur);
+ if( rc ) return rc;
+ }
+
+ if( pCur->pKeyInfo==0 ){
+ assert( pKey==0 );
+ /* If this is an insert into a table b-tree, invalidate any incrblob
+ ** cursors open on the row being replaced */
+ invalidateIncrblobCursors(p, nKey, 0);
+
+ /* If the cursor is currently on the last row and we are appending a
+ ** new row onto the end, set the "loc" to avoid an unnecessary
+ ** btreeMoveto() call */
+ if( (pCur->curFlags&BTCF_ValidNKey)!=0 && nKey>0
+ && pCur->info.nKey==nKey-1 ){
+ loc = -1;
+ }else if( loc==0 ){
+ rc = sqlite3BtreeMovetoUnpacked(pCur, 0, nKey, appendBias, &loc);
+ if( rc ) return rc;
+ }
+ }else if( loc==0 ){
+ rc = btreeMoveto(pCur, pKey, nKey, appendBias, &loc);
+ if( rc ) return rc;
+ }
+ assert( pCur->eState==CURSOR_VALID || (pCur->eState==CURSOR_INVALID && loc) );
+
+ pPage = pCur->apPage[pCur->iPage];
+ assert( pPage->intKey || nKey>=0 );
+ assert( pPage->leaf || !pPage->intKey );
+
+ TRACE(("INSERT: table=%d nkey=%lld ndata=%d page=%d %s\n",
+ pCur->pgnoRoot, nKey, nData, pPage->pgno,
+ loc==0 ? "overwrite" : "new entry"));
+ assert( pPage->isInit );
+ newCell = pBt->pTmpSpace;
+ assert( newCell!=0 );
+ rc = fillInCell(pPage, newCell, pKey, nKey, pData, nData, nZero, &szNew);
+ if( rc ) goto end_insert;
+ assert( szNew==pPage->xCellSize(pPage, newCell) );
+ assert( szNew <= MX_CELL_SIZE(pBt) );
+ idx = pCur->aiIdx[pCur->iPage];
+ if( loc==0 ){
+ u16 szOld;
+ assert( idx<pPage->nCell );
+ rc = sqlite3PagerWrite(pPage->pDbPage);
+ if( rc ){
+ goto end_insert;
+ }
+ oldCell = findCell(pPage, idx);
+ if( !pPage->leaf ){
+ memcpy(newCell, oldCell, 4);
+ }
+ rc = clearCell(pPage, oldCell, &szOld);
+ dropCell(pPage, idx, szOld, &rc);
+ if( rc ) goto end_insert;
+ }else if( loc<0 && pPage->nCell>0 ){
+ assert( pPage->leaf );
+ idx = ++pCur->aiIdx[pCur->iPage];
+ }else{
+ assert( pPage->leaf );
+ }
+ insertCell(pPage, idx, newCell, szNew, 0, 0, &rc);
+ assert( rc!=SQLITE_OK || pPage->nCell>0 || pPage->nOverflow>0 );
+
+ /* If no error has occurred and pPage has an overflow cell, call balance()
+ ** to redistribute the cells within the tree. Since balance() may move
+ ** the cursor, zero the BtCursor.info.nSize and BTCF_ValidNKey
+ ** variables.
+ **
+ ** Previous versions of SQLite called moveToRoot() to move the cursor
+ ** back to the root page as balance() used to invalidate the contents
+ ** of BtCursor.apPage[] and BtCursor.aiIdx[]. Instead of doing that,
+ ** set the cursor state to "invalid". This makes common insert operations
+ ** slightly faster.
+ **
+ ** There is a subtle but important optimization here too. When inserting
+ ** multiple records into an intkey b-tree using a single cursor (as can
+ ** happen while processing an "INSERT INTO ... SELECT" statement), it
+ ** is advantageous to leave the cursor pointing to the last entry in
+ ** the b-tree if possible. If the cursor is left pointing to the last
+ ** entry in the table, and the next row inserted has an integer key
+ ** larger than the largest existing key, it is possible to insert the
+ ** row without seeking the cursor. This can be a big performance boost.
+ */
+ pCur->info.nSize = 0;
+ if( rc==SQLITE_OK && pPage->nOverflow ){
+ pCur->curFlags &= ~(BTCF_ValidNKey);
+ rc = balance(pCur);
+
+ /* Must make sure nOverflow is reset to zero even if the balance()
+ ** fails. Internal data structure corruption will result otherwise.
+ ** Also, set the cursor state to invalid. This stops saveCursorPosition()
+ ** from trying to save the current position of the cursor. */
+ pCur->apPage[pCur->iPage]->nOverflow = 0;
+ pCur->eState = CURSOR_INVALID;
+ }
+ assert( pCur->apPage[pCur->iPage]->nOverflow==0 );
+
+end_insert:
+ return rc;
+}
+
+/*
+** Delete the entry that the cursor is pointing to.
+**
+** If the second parameter is zero, then the cursor is left pointing at an
+** arbitrary location after the delete. If it is non-zero, then the cursor
+** is left in a state such that the next call to BtreeNext() or BtreePrev()
+** moves it to the same row as it would if the call to BtreeDelete() had
+** been omitted.
+*/
+SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, int bPreserve){
+ Btree *p = pCur->pBtree;
+ BtShared *pBt = p->pBt;
+ int rc; /* Return code */
+ MemPage *pPage; /* Page to delete cell from */
+ unsigned char *pCell; /* Pointer to cell to delete */
+ int iCellIdx; /* Index of cell to delete */
+ int iCellDepth; /* Depth of node containing pCell */
+ u16 szCell; /* Size of the cell being deleted */
+ int bSkipnext = 0; /* Leaf cursor in SKIPNEXT state */
+
+ assert( cursorHoldsMutex(pCur) );
+ assert( pBt->inTransaction==TRANS_WRITE );
+ assert( (pBt->btsFlags & BTS_READ_ONLY)==0 );
+ assert( pCur->curFlags & BTCF_WriteFlag );
+ assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
+ assert( !hasReadConflicts(p, pCur->pgnoRoot) );
+ assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
+ assert( pCur->eState==CURSOR_VALID );
+
+ iCellDepth = pCur->iPage;
+ iCellIdx = pCur->aiIdx[iCellDepth];
+ pPage = pCur->apPage[iCellDepth];
+ pCell = findCell(pPage, iCellIdx);
+
+ /* If the page containing the entry to delete is not a leaf page, move
+ ** the cursor to the largest entry in the tree that is smaller than
+ ** the entry being deleted. This cell will replace the cell being deleted
+ ** from the internal node. The 'previous' entry is used for this instead
+ ** of the 'next' entry, as the previous entry is always a part of the
+ ** sub-tree headed by the child page of the cell being deleted. This makes
+ ** balancing the tree following the delete operation easier. */
+ if( !pPage->leaf ){
+ int notUsed = 0;
+ rc = sqlite3BtreePrevious(pCur, &notUsed);
+ if( rc ) return rc;
+ }
+
+ /* Save the positions of any other cursors open on this table before
+ ** making any modifications. */
+ if( pCur->curFlags & BTCF_Multiple ){
+ rc = saveAllCursors(pBt, pCur->pgnoRoot, pCur);
+ if( rc ) return rc;
+ }
+
+ /* If this is a delete operation to remove a row from a table b-tree,
+ ** invalidate any incrblob cursors open on the row being deleted. */
+ if( pCur->pKeyInfo==0 ){
+ invalidateIncrblobCursors(p, pCur->info.nKey, 0);
+ }
+
+ /* If the bPreserve flag is set to true, then the cursor position must
+ ** be preserved following this delete operation. If the current delete
+ ** will cause a b-tree rebalance, then this is done by saving the cursor
+ ** key and leaving the cursor in CURSOR_REQUIRESEEK state before
+ ** returning.
+ **
+ ** Or, if the current delete will not cause a rebalance, then the cursor
+ ** will be left in CURSOR_SKIPNEXT state pointing to the entry immediately
+ ** before or after the deleted entry. In this case set bSkipnext to true. */
+ if( bPreserve ){
+ if( !pPage->leaf
+ || (pPage->nFree+cellSizePtr(pPage,pCell)+2)>(int)(pBt->usableSize*2/3)
+ ){
+ /* A b-tree rebalance will be required after deleting this entry.
+ ** Save the cursor key. */
+ rc = saveCursorKey(pCur);
+ if( rc ) return rc;
+ }else{
+ bSkipnext = 1;
+ }
+ }
+
+ /* Make the page containing the entry to be deleted writable. Then free any
+ ** overflow pages associated with the entry and finally remove the cell
+ ** itself from within the page. */
+ rc = sqlite3PagerWrite(pPage->pDbPage);
+ if( rc ) return rc;
+ rc = clearCell(pPage, pCell, &szCell);
+ dropCell(pPage, iCellIdx, szCell, &rc);
+ if( rc ) return rc;
+
+ /* If the cell deleted was not located on a leaf page, then the cursor
+ ** is currently pointing to the largest entry in the sub-tree headed
+ ** by the child-page of the cell that was just deleted from an internal
+ ** node. The cell from the leaf node needs to be moved to the internal
+ ** node to replace the deleted cell. */
+ if( !pPage->leaf ){
+ MemPage *pLeaf = pCur->apPage[pCur->iPage];
+ int nCell;
+ Pgno n = pCur->apPage[iCellDepth+1]->pgno;
+ unsigned char *pTmp;
+
+ pCell = findCell(pLeaf, pLeaf->nCell-1);
+ if( pCell<&pLeaf->aData[4] ) return SQLITE_CORRUPT_BKPT;
+ nCell = pLeaf->xCellSize(pLeaf, pCell);
+ assert( MX_CELL_SIZE(pBt) >= nCell );
+ pTmp = pBt->pTmpSpace;
+ assert( pTmp!=0 );
+ rc = sqlite3PagerWrite(pLeaf->pDbPage);
+ insertCell(pPage, iCellIdx, pCell-4, nCell+4, pTmp, n, &rc);
+ dropCell(pLeaf, pLeaf->nCell-1, nCell, &rc);
+ if( rc ) return rc;
+ }
+
+ /* Balance the tree. If the entry deleted was located on a leaf page,
+ ** then the cursor still points to that page. In this case the first
+ ** call to balance() repairs the tree, and the if(...) condition is
+ ** never true.
+ **
+ ** Otherwise, if the entry deleted was on an internal node page, then
+ ** pCur is pointing to the leaf page from which a cell was removed to
+ ** replace the cell deleted from the internal node. This is slightly
+ ** tricky as the leaf node may be underfull, and the internal node may
+ ** be either under or overfull. In this case run the balancing algorithm
+ ** on the leaf node first. If the balance proceeds far enough up the
+ ** tree that we can be sure that any problem in the internal node has
+ ** been corrected, so be it. Otherwise, after balancing the leaf node,
+ ** walk the cursor up the tree to the internal node and balance it as
+ ** well. */
+ rc = balance(pCur);
+ if( rc==SQLITE_OK && pCur->iPage>iCellDepth ){
+ while( pCur->iPage>iCellDepth ){
+ releasePage(pCur->apPage[pCur->iPage--]);
+ }
+ rc = balance(pCur);
+ }
+
+ if( rc==SQLITE_OK ){
+ if( bSkipnext ){
+ assert( bPreserve && (pCur->iPage==iCellDepth || CORRUPT_DB) );
+ assert( pPage==pCur->apPage[pCur->iPage] );
+ assert( (pPage->nCell>0 || CORRUPT_DB) && iCellIdx<=pPage->nCell );
+ pCur->eState = CURSOR_SKIPNEXT;
+ if( iCellIdx>=pPage->nCell ){
+ pCur->skipNext = -1;
+ pCur->aiIdx[iCellDepth] = pPage->nCell-1;
+ }else{
+ pCur->skipNext = 1;
+ }
+ }else{
+ rc = moveToRoot(pCur);
+ if( bPreserve ){
+ pCur->eState = CURSOR_REQUIRESEEK;
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Create a new BTree table. Write into *piTable the page
+** number for the root page of the new table.
+**
+** The type of type is determined by the flags parameter. Only the
+** following values of flags are currently in use. Other values for
+** flags might not work:
+**
+** BTREE_INTKEY|BTREE_LEAFDATA Used for SQL tables with rowid keys
+** BTREE_ZERODATA Used for SQL indices
+*/
+static int btreeCreateTable(Btree *p, int *piTable, int createTabFlags){
+ BtShared *pBt = p->pBt;
+ MemPage *pRoot;
+ Pgno pgnoRoot;
+ int rc;
+ int ptfFlags; /* Page-type flage for the root page of new table */
+
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( pBt->inTransaction==TRANS_WRITE );
+ assert( (pBt->btsFlags & BTS_READ_ONLY)==0 );
+
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ rc = allocateBtreePage(pBt, &pRoot, &pgnoRoot, 1, 0);
+ if( rc ){
+ return rc;
+ }
+#else
+ if( pBt->autoVacuum ){
+ Pgno pgnoMove; /* Move a page here to make room for the root-page */
+ MemPage *pPageMove; /* The page to move to. */
+
+ /* Creating a new table may probably require moving an existing database
+ ** to make room for the new tables root page. In case this page turns
+ ** out to be an overflow page, delete all overflow page-map caches
+ ** held by open cursors.
+ */
+ invalidateAllOverflowCache(pBt);
+
+ /* Read the value of meta[3] from the database to determine where the
+ ** root page of the new table should go. meta[3] is the largest root-page
+ ** created so far, so the new root-page is (meta[3]+1).
+ */
+ sqlite3BtreeGetMeta(p, BTREE_LARGEST_ROOT_PAGE, &pgnoRoot);
+ pgnoRoot++;
+
+ /* The new root-page may not be allocated on a pointer-map page, or the
+ ** PENDING_BYTE page.
+ */
+ while( pgnoRoot==PTRMAP_PAGENO(pBt, pgnoRoot) ||
+ pgnoRoot==PENDING_BYTE_PAGE(pBt) ){
+ pgnoRoot++;
+ }
+ assert( pgnoRoot>=3 || CORRUPT_DB );
+ testcase( pgnoRoot<3 );
+
+ /* Allocate a page. The page that currently resides at pgnoRoot will
+ ** be moved to the allocated page (unless the allocated page happens
+ ** to reside at pgnoRoot).
+ */
+ rc = allocateBtreePage(pBt, &pPageMove, &pgnoMove, pgnoRoot, BTALLOC_EXACT);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ if( pgnoMove!=pgnoRoot ){
+ /* pgnoRoot is the page that will be used for the root-page of
+ ** the new table (assuming an error did not occur). But we were
+ ** allocated pgnoMove. If required (i.e. if it was not allocated
+ ** by extending the file), the current page at position pgnoMove
+ ** is already journaled.
+ */
+ u8 eType = 0;
+ Pgno iPtrPage = 0;
+
+ /* Save the positions of any open cursors. This is required in
+ ** case they are holding a reference to an xFetch reference
+ ** corresponding to page pgnoRoot. */
+ rc = saveAllCursors(pBt, 0, 0);
+ releasePage(pPageMove);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* Move the page currently at pgnoRoot to pgnoMove. */
+ rc = btreeGetPage(pBt, pgnoRoot, &pRoot, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ rc = ptrmapGet(pBt, pgnoRoot, &eType, &iPtrPage);
+ if( eType==PTRMAP_ROOTPAGE || eType==PTRMAP_FREEPAGE ){
+ rc = SQLITE_CORRUPT_BKPT;
+ }
+ if( rc!=SQLITE_OK ){
+ releasePage(pRoot);
+ return rc;
+ }
+ assert( eType!=PTRMAP_ROOTPAGE );
+ assert( eType!=PTRMAP_FREEPAGE );
+ rc = relocatePage(pBt, pRoot, eType, iPtrPage, pgnoMove, 0);
+ releasePage(pRoot);
+
+ /* Obtain the page at pgnoRoot */
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ rc = btreeGetPage(pBt, pgnoRoot, &pRoot, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ rc = sqlite3PagerWrite(pRoot->pDbPage);
+ if( rc!=SQLITE_OK ){
+ releasePage(pRoot);
+ return rc;
+ }
+ }else{
+ pRoot = pPageMove;
+ }
+
+ /* Update the pointer-map and meta-data with the new root-page number. */
+ ptrmapPut(pBt, pgnoRoot, PTRMAP_ROOTPAGE, 0, &rc);
+ if( rc ){
+ releasePage(pRoot);
+ return rc;
+ }
+
+ /* When the new root page was allocated, page 1 was made writable in
+ ** order either to increase the database filesize, or to decrement the
+ ** freelist count. Hence, the sqlite3BtreeUpdateMeta() call cannot fail.
+ */
+ assert( sqlite3PagerIswriteable(pBt->pPage1->pDbPage) );
+ rc = sqlite3BtreeUpdateMeta(p, 4, pgnoRoot);
+ if( NEVER(rc) ){
+ releasePage(pRoot);
+ return rc;
+ }
+
+ }else{
+ rc = allocateBtreePage(pBt, &pRoot, &pgnoRoot, 1, 0);
+ if( rc ) return rc;
+ }
+#endif
+ assert( sqlite3PagerIswriteable(pRoot->pDbPage) );
+ if( createTabFlags & BTREE_INTKEY ){
+ ptfFlags = PTF_INTKEY | PTF_LEAFDATA | PTF_LEAF;
+ }else{
+ ptfFlags = PTF_ZERODATA | PTF_LEAF;
+ }
+ zeroPage(pRoot, ptfFlags);
+ sqlite3PagerUnref(pRoot->pDbPage);
+ assert( (pBt->openFlags & BTREE_SINGLE)==0 || pgnoRoot==2 );
+ *piTable = (int)pgnoRoot;
+ return SQLITE_OK;
+}
+SQLITE_PRIVATE int sqlite3BtreeCreateTable(Btree *p, int *piTable, int flags){
+ int rc;
+ sqlite3BtreeEnter(p);
+ rc = btreeCreateTable(p, piTable, flags);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** Erase the given database page and all its children. Return
+** the page to the freelist.
+*/
+static int clearDatabasePage(
+ BtShared *pBt, /* The BTree that contains the table */
+ Pgno pgno, /* Page number to clear */
+ int freePageFlag, /* Deallocate page if true */
+ int *pnChange /* Add number of Cells freed to this counter */
+){
+ MemPage *pPage;
+ int rc;
+ unsigned char *pCell;
+ int i;
+ int hdr;
+ u16 szCell;
+
+ assert( sqlite3_mutex_held(pBt->mutex) );
+ if( pgno>btreePagecount(pBt) ){
+ return SQLITE_CORRUPT_BKPT;
+ }
+ rc = getAndInitPage(pBt, pgno, &pPage, 0, 0);
+ if( rc ) return rc;
+ if( pPage->bBusy ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto cleardatabasepage_out;
+ }
+ pPage->bBusy = 1;
+ hdr = pPage->hdrOffset;
+ for(i=0; i<pPage->nCell; i++){
+ pCell = findCell(pPage, i);
+ if( !pPage->leaf ){
+ rc = clearDatabasePage(pBt, get4byte(pCell), 1, pnChange);
+ if( rc ) goto cleardatabasepage_out;
+ }
+ rc = clearCell(pPage, pCell, &szCell);
+ if( rc ) goto cleardatabasepage_out;
+ }
+ if( !pPage->leaf ){
+ rc = clearDatabasePage(pBt, get4byte(&pPage->aData[hdr+8]), 1, pnChange);
+ if( rc ) goto cleardatabasepage_out;
+ }else if( pnChange ){
+ assert( pPage->intKey || CORRUPT_DB );
+ testcase( !pPage->intKey );
+ *pnChange += pPage->nCell;
+ }
+ if( freePageFlag ){
+ freePage(pPage, &rc);
+ }else if( (rc = sqlite3PagerWrite(pPage->pDbPage))==0 ){
+ zeroPage(pPage, pPage->aData[hdr] | PTF_LEAF);
+ }
+
+cleardatabasepage_out:
+ pPage->bBusy = 0;
+ releasePage(pPage);
+ return rc;
+}
+
+/*
+** Delete all information from a single table in the database. iTable is
+** the page number of the root of the table. After this routine returns,
+** the root page is empty, but still exists.
+**
+** This routine will fail with SQLITE_LOCKED if there are any open
+** read cursors on the table. Open write cursors are moved to the
+** root of the table.
+**
+** If pnChange is not NULL, then table iTable must be an intkey table. The
+** integer value pointed to by pnChange is incremented by the number of
+** entries in the table.
+*/
+SQLITE_PRIVATE int sqlite3BtreeClearTable(Btree *p, int iTable, int *pnChange){
+ int rc;
+ BtShared *pBt = p->pBt;
+ sqlite3BtreeEnter(p);
+ assert( p->inTrans==TRANS_WRITE );
+
+ rc = saveAllCursors(pBt, (Pgno)iTable, 0);
+
+ if( SQLITE_OK==rc ){
+ /* Invalidate all incrblob cursors open on table iTable (assuming iTable
+ ** is the root of a table b-tree - if it is not, the following call is
+ ** a no-op). */
+ invalidateIncrblobCursors(p, 0, 1);
+ rc = clearDatabasePage(pBt, (Pgno)iTable, 0, pnChange);
+ }
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+/*
+** Delete all information from the single table that pCur is open on.
+**
+** This routine only work for pCur on an ephemeral table.
+*/
+SQLITE_PRIVATE int sqlite3BtreeClearTableOfCursor(BtCursor *pCur){
+ return sqlite3BtreeClearTable(pCur->pBtree, pCur->pgnoRoot, 0);
+}
+
+/*
+** Erase all information in a table and add the root of the table to
+** the freelist. Except, the root of the principle table (the one on
+** page 1) is never added to the freelist.
+**
+** This routine will fail with SQLITE_LOCKED if there are any open
+** cursors on the table.
+**
+** If AUTOVACUUM is enabled and the page at iTable is not the last
+** root page in the database file, then the last root page
+** in the database file is moved into the slot formerly occupied by
+** iTable and that last slot formerly occupied by the last root page
+** is added to the freelist instead of iTable. In this say, all
+** root pages are kept at the beginning of the database file, which
+** is necessary for AUTOVACUUM to work right. *piMoved is set to the
+** page number that used to be the last root page in the file before
+** the move. If no page gets moved, *piMoved is set to 0.
+** The last root page is recorded in meta[3] and the value of
+** meta[3] is updated by this procedure.
+*/
+static int btreeDropTable(Btree *p, Pgno iTable, int *piMoved){
+ int rc;
+ MemPage *pPage = 0;
+ BtShared *pBt = p->pBt;
+
+ assert( sqlite3BtreeHoldsMutex(p) );
+ assert( p->inTrans==TRANS_WRITE );
+
+ /* It is illegal to drop a table if any cursors are open on the
+ ** database. This is because in auto-vacuum mode the backend may
+ ** need to move another root-page to fill a gap left by the deleted
+ ** root page. If an open cursor was using this page a problem would
+ ** occur.
+ **
+ ** This error is caught long before control reaches this point.
+ */
+ if( NEVER(pBt->pCursor) ){
+ sqlite3ConnectionBlocked(p->db, pBt->pCursor->pBtree->db);
+ return SQLITE_LOCKED_SHAREDCACHE;
+ }
+
+ rc = btreeGetPage(pBt, (Pgno)iTable, &pPage, 0);
+ if( rc ) return rc;
+ rc = sqlite3BtreeClearTable(p, iTable, 0);
+ if( rc ){
+ releasePage(pPage);
+ return rc;
+ }
+
+ *piMoved = 0;
+
+ if( iTable>1 ){
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ freePage(pPage, &rc);
+ releasePage(pPage);
+#else
+ if( pBt->autoVacuum ){
+ Pgno maxRootPgno;
+ sqlite3BtreeGetMeta(p, BTREE_LARGEST_ROOT_PAGE, &maxRootPgno);
+
+ if( iTable==maxRootPgno ){
+ /* If the table being dropped is the table with the largest root-page
+ ** number in the database, put the root page on the free list.
+ */
+ freePage(pPage, &rc);
+ releasePage(pPage);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }else{
+ /* The table being dropped does not have the largest root-page
+ ** number in the database. So move the page that does into the
+ ** gap left by the deleted root-page.
+ */
+ MemPage *pMove;
+ releasePage(pPage);
+ rc = btreeGetPage(pBt, maxRootPgno, &pMove, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ rc = relocatePage(pBt, pMove, PTRMAP_ROOTPAGE, 0, iTable, 0);
+ releasePage(pMove);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ pMove = 0;
+ rc = btreeGetPage(pBt, maxRootPgno, &pMove, 0);
+ freePage(pMove, &rc);
+ releasePage(pMove);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ *piMoved = maxRootPgno;
+ }
+
+ /* Set the new 'max-root-page' value in the database header. This
+ ** is the old value less one, less one more if that happens to
+ ** be a root-page number, less one again if that is the
+ ** PENDING_BYTE_PAGE.
+ */
+ maxRootPgno--;
+ while( maxRootPgno==PENDING_BYTE_PAGE(pBt)
+ || PTRMAP_ISPAGE(pBt, maxRootPgno) ){
+ maxRootPgno--;
+ }
+ assert( maxRootPgno!=PENDING_BYTE_PAGE(pBt) );
+
+ rc = sqlite3BtreeUpdateMeta(p, 4, maxRootPgno);
+ }else{
+ freePage(pPage, &rc);
+ releasePage(pPage);
+ }
+#endif
+ }else{
+ /* If sqlite3BtreeDropTable was called on page 1.
+ ** This really never should happen except in a corrupt
+ ** database.
+ */
+ zeroPage(pPage, PTF_INTKEY|PTF_LEAF );
+ releasePage(pPage);
+ }
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3BtreeDropTable(Btree *p, int iTable, int *piMoved){
+ int rc;
+ sqlite3BtreeEnter(p);
+ rc = btreeDropTable(p, iTable, piMoved);
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+
+/*
+** This function may only be called if the b-tree connection already
+** has a read or write transaction open on the database.
+**
+** Read the meta-information out of a database file. Meta[0]
+** is the number of free pages currently in the database. Meta[1]
+** through meta[15] are available for use by higher layers. Meta[0]
+** is read-only, the others are read/write.
+**
+** The schema layer numbers meta values differently. At the schema
+** layer (and the SetCookie and ReadCookie opcodes) the number of
+** free pages is not visible. So Cookie[0] is the same as Meta[1].
+**
+** This routine treats Meta[BTREE_DATA_VERSION] as a special case. Instead
+** of reading the value out of the header, it instead loads the "DataVersion"
+** from the pager. The BTREE_DATA_VERSION value is not actually stored in the
+** database file. It is a number computed by the pager. But its access
+** pattern is the same as header meta values, and so it is convenient to
+** read it from this routine.
+*/
+SQLITE_PRIVATE void sqlite3BtreeGetMeta(Btree *p, int idx, u32 *pMeta){
+ BtShared *pBt = p->pBt;
+
+ sqlite3BtreeEnter(p);
+ assert( p->inTrans>TRANS_NONE );
+ assert( SQLITE_OK==querySharedCacheTableLock(p, MASTER_ROOT, READ_LOCK) );
+ assert( pBt->pPage1 );
+ assert( idx>=0 && idx<=15 );
+
+ if( idx==BTREE_DATA_VERSION ){
+ *pMeta = sqlite3PagerDataVersion(pBt->pPager) + p->iDataVersion;
+ }else{
+ *pMeta = get4byte(&pBt->pPage1->aData[36 + idx*4]);
+ }
+
+ /* If auto-vacuum is disabled in this build and this is an auto-vacuum
+ ** database, mark the database as read-only. */
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ if( idx==BTREE_LARGEST_ROOT_PAGE && *pMeta>0 ){
+ pBt->btsFlags |= BTS_READ_ONLY;
+ }
+#endif
+
+ sqlite3BtreeLeave(p);
+}
+
+/*
+** Write meta-information back into the database. Meta[0] is
+** read-only and may not be written.
+*/
+SQLITE_PRIVATE int sqlite3BtreeUpdateMeta(Btree *p, int idx, u32 iMeta){
+ BtShared *pBt = p->pBt;
+ unsigned char *pP1;
+ int rc;
+ assert( idx>=1 && idx<=15 );
+ sqlite3BtreeEnter(p);
+ assert( p->inTrans==TRANS_WRITE );
+ assert( pBt->pPage1!=0 );
+ pP1 = pBt->pPage1->aData;
+ rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
+ if( rc==SQLITE_OK ){
+ put4byte(&pP1[36 + idx*4], iMeta);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( idx==BTREE_INCR_VACUUM ){
+ assert( pBt->autoVacuum || iMeta==0 );
+ assert( iMeta==0 || iMeta==1 );
+ pBt->incrVacuum = (u8)iMeta;
+ }
+#endif
+ }
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+#ifndef SQLITE_OMIT_BTREECOUNT
+/*
+** The first argument, pCur, is a cursor opened on some b-tree. Count the
+** number of entries in the b-tree and write the result to *pnEntry.
+**
+** SQLITE_OK is returned if the operation is successfully executed.
+** Otherwise, if an error is encountered (i.e. an IO error or database
+** corruption) an SQLite error code is returned.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCount(BtCursor *pCur, i64 *pnEntry){
+ i64 nEntry = 0; /* Value to return in *pnEntry */
+ int rc; /* Return code */
+
+ if( pCur->pgnoRoot==0 ){
+ *pnEntry = 0;
+ return SQLITE_OK;
+ }
+ rc = moveToRoot(pCur);
+
+ /* Unless an error occurs, the following loop runs one iteration for each
+ ** page in the B-Tree structure (not including overflow pages).
+ */
+ while( rc==SQLITE_OK ){
+ int iIdx; /* Index of child node in parent */
+ MemPage *pPage; /* Current page of the b-tree */
+
+ /* If this is a leaf page or the tree is not an int-key tree, then
+ ** this page contains countable entries. Increment the entry counter
+ ** accordingly.
+ */
+ pPage = pCur->apPage[pCur->iPage];
+ if( pPage->leaf || !pPage->intKey ){
+ nEntry += pPage->nCell;
+ }
+
+ /* pPage is a leaf node. This loop navigates the cursor so that it
+ ** points to the first interior cell that it points to the parent of
+ ** the next page in the tree that has not yet been visited. The
+ ** pCur->aiIdx[pCur->iPage] value is set to the index of the parent cell
+ ** of the page, or to the number of cells in the page if the next page
+ ** to visit is the right-child of its parent.
+ **
+ ** If all pages in the tree have been visited, return SQLITE_OK to the
+ ** caller.
+ */
+ if( pPage->leaf ){
+ do {
+ if( pCur->iPage==0 ){
+ /* All pages of the b-tree have been visited. Return successfully. */
+ *pnEntry = nEntry;
+ return moveToRoot(pCur);
+ }
+ moveToParent(pCur);
+ }while ( pCur->aiIdx[pCur->iPage]>=pCur->apPage[pCur->iPage]->nCell );
+
+ pCur->aiIdx[pCur->iPage]++;
+ pPage = pCur->apPage[pCur->iPage];
+ }
+
+ /* Descend to the child node of the cell that the cursor currently
+ ** points at. This is the right-child if (iIdx==pPage->nCell).
+ */
+ iIdx = pCur->aiIdx[pCur->iPage];
+ if( iIdx==pPage->nCell ){
+ rc = moveToChild(pCur, get4byte(&pPage->aData[pPage->hdrOffset+8]));
+ }else{
+ rc = moveToChild(pCur, get4byte(findCell(pPage, iIdx)));
+ }
+ }
+
+ /* An error has occurred. Return an error code. */
+ return rc;
+}
+#endif
+
+/*
+** Return the pager associated with a BTree. This routine is used for
+** testing and debugging only.
+*/
+SQLITE_PRIVATE Pager *sqlite3BtreePager(Btree *p){
+ return p->pBt->pPager;
+}
+
+#ifndef SQLITE_OMIT_INTEGRITY_CHECK
+/*
+** Append a message to the error message string.
+*/
+static void checkAppendMsg(
+ IntegrityCk *pCheck,
+ const char *zFormat,
+ ...
+){
+ va_list ap;
+ if( !pCheck->mxErr ) return;
+ pCheck->mxErr--;
+ pCheck->nErr++;
+ va_start(ap, zFormat);
+ if( pCheck->errMsg.nChar ){
+ sqlite3StrAccumAppend(&pCheck->errMsg, "\n", 1);
+ }
+ if( pCheck->zPfx ){
+ sqlite3XPrintf(&pCheck->errMsg, 0, pCheck->zPfx, pCheck->v1, pCheck->v2);
+ }
+ sqlite3VXPrintf(&pCheck->errMsg, 1, zFormat, ap);
+ va_end(ap);
+ if( pCheck->errMsg.accError==STRACCUM_NOMEM ){
+ pCheck->mallocFailed = 1;
+ }
+}
+#endif /* SQLITE_OMIT_INTEGRITY_CHECK */
+
+#ifndef SQLITE_OMIT_INTEGRITY_CHECK
+
+/*
+** Return non-zero if the bit in the IntegrityCk.aPgRef[] array that
+** corresponds to page iPg is already set.
+*/
+static int getPageReferenced(IntegrityCk *pCheck, Pgno iPg){
+ assert( iPg<=pCheck->nPage && sizeof(pCheck->aPgRef[0])==1 );
+ return (pCheck->aPgRef[iPg/8] & (1 << (iPg & 0x07)));
+}
+
+/*
+** Set the bit in the IntegrityCk.aPgRef[] array that corresponds to page iPg.
+*/
+static void setPageReferenced(IntegrityCk *pCheck, Pgno iPg){
+ assert( iPg<=pCheck->nPage && sizeof(pCheck->aPgRef[0])==1 );
+ pCheck->aPgRef[iPg/8] |= (1 << (iPg & 0x07));
+}
+
+
+/*
+** Add 1 to the reference count for page iPage. If this is the second
+** reference to the page, add an error message to pCheck->zErrMsg.
+** Return 1 if there are 2 or more references to the page and 0 if
+** if this is the first reference to the page.
+**
+** Also check that the page number is in bounds.
+*/
+static int checkRef(IntegrityCk *pCheck, Pgno iPage){
+ if( iPage==0 ) return 1;
+ if( iPage>pCheck->nPage ){
+ checkAppendMsg(pCheck, "invalid page number %d", iPage);
+ return 1;
+ }
+ if( getPageReferenced(pCheck, iPage) ){
+ checkAppendMsg(pCheck, "2nd reference to page %d", iPage);
+ return 1;
+ }
+ setPageReferenced(pCheck, iPage);
+ return 0;
+}
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+/*
+** Check that the entry in the pointer-map for page iChild maps to
+** page iParent, pointer type ptrType. If not, append an error message
+** to pCheck.
+*/
+static void checkPtrmap(
+ IntegrityCk *pCheck, /* Integrity check context */
+ Pgno iChild, /* Child page number */
+ u8 eType, /* Expected pointer map type */
+ Pgno iParent /* Expected pointer map parent page number */
+){
+ int rc;
+ u8 ePtrmapType;
+ Pgno iPtrmapParent;
+
+ rc = ptrmapGet(pCheck->pBt, iChild, &ePtrmapType, &iPtrmapParent);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ) pCheck->mallocFailed = 1;
+ checkAppendMsg(pCheck, "Failed to read ptrmap key=%d", iChild);
+ return;
+ }
+
+ if( ePtrmapType!=eType || iPtrmapParent!=iParent ){
+ checkAppendMsg(pCheck,
+ "Bad ptr map entry key=%d expected=(%d,%d) got=(%d,%d)",
+ iChild, eType, iParent, ePtrmapType, iPtrmapParent);
+ }
+}
+#endif
+
+/*
+** Check the integrity of the freelist or of an overflow page list.
+** Verify that the number of pages on the list is N.
+*/
+static void checkList(
+ IntegrityCk *pCheck, /* Integrity checking context */
+ int isFreeList, /* True for a freelist. False for overflow page list */
+ int iPage, /* Page number for first page in the list */
+ int N /* Expected number of pages in the list */
+){
+ int i;
+ int expected = N;
+ int iFirst = iPage;
+ while( N-- > 0 && pCheck->mxErr ){
+ DbPage *pOvflPage;
+ unsigned char *pOvflData;
+ if( iPage<1 ){
+ checkAppendMsg(pCheck,
+ "%d of %d pages missing from overflow list starting at %d",
+ N+1, expected, iFirst);
+ break;
+ }
+ if( checkRef(pCheck, iPage) ) break;
+ if( sqlite3PagerGet(pCheck->pPager, (Pgno)iPage, &pOvflPage, 0) ){
+ checkAppendMsg(pCheck, "failed to get page %d", iPage);
+ break;
+ }
+ pOvflData = (unsigned char *)sqlite3PagerGetData(pOvflPage);
+ if( isFreeList ){
+ int n = get4byte(&pOvflData[4]);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pCheck->pBt->autoVacuum ){
+ checkPtrmap(pCheck, iPage, PTRMAP_FREEPAGE, 0);
+ }
+#endif
+ if( n>(int)pCheck->pBt->usableSize/4-2 ){
+ checkAppendMsg(pCheck,
+ "freelist leaf count too big on page %d", iPage);
+ N--;
+ }else{
+ for(i=0; i<n; i++){
+ Pgno iFreePage = get4byte(&pOvflData[8+i*4]);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pCheck->pBt->autoVacuum ){
+ checkPtrmap(pCheck, iFreePage, PTRMAP_FREEPAGE, 0);
+ }
+#endif
+ checkRef(pCheck, iFreePage);
+ }
+ N -= n;
+ }
+ }
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ else{
+ /* If this database supports auto-vacuum and iPage is not the last
+ ** page in this overflow list, check that the pointer-map entry for
+ ** the following page matches iPage.
+ */
+ if( pCheck->pBt->autoVacuum && N>0 ){
+ i = get4byte(pOvflData);
+ checkPtrmap(pCheck, i, PTRMAP_OVERFLOW2, iPage);
+ }
+ }
+#endif
+ iPage = get4byte(pOvflData);
+ sqlite3PagerUnref(pOvflPage);
+
+ if( isFreeList && N<(iPage!=0) ){
+ checkAppendMsg(pCheck, "free-page count in header is too small");
+ }
+ }
+}
+#endif /* SQLITE_OMIT_INTEGRITY_CHECK */
+
+/*
+** An implementation of a min-heap.
+**
+** aHeap[0] is the number of elements on the heap. aHeap[1] is the
+** root element. The daughter nodes of aHeap[N] are aHeap[N*2]
+** and aHeap[N*2+1].
+**
+** The heap property is this: Every node is less than or equal to both
+** of its daughter nodes. A consequence of the heap property is that the
+** root node aHeap[1] is always the minimum value currently in the heap.
+**
+** The btreeHeapInsert() routine inserts an unsigned 32-bit number onto
+** the heap, preserving the heap property. The btreeHeapPull() routine
+** removes the root element from the heap (the minimum value in the heap)
+** and then moves other nodes around as necessary to preserve the heap
+** property.
+**
+** This heap is used for cell overlap and coverage testing. Each u32
+** entry represents the span of a cell or freeblock on a btree page.
+** The upper 16 bits are the index of the first byte of a range and the
+** lower 16 bits are the index of the last byte of that range.
+*/
+static void btreeHeapInsert(u32 *aHeap, u32 x){
+ u32 j, i = ++aHeap[0];
+ aHeap[i] = x;
+ while( (j = i/2)>0 && aHeap[j]>aHeap[i] ){
+ x = aHeap[j];
+ aHeap[j] = aHeap[i];
+ aHeap[i] = x;
+ i = j;
+ }
+}
+static int btreeHeapPull(u32 *aHeap, u32 *pOut){
+ u32 j, i, x;
+ if( (x = aHeap[0])==0 ) return 0;
+ *pOut = aHeap[1];
+ aHeap[1] = aHeap[x];
+ aHeap[x] = 0xffffffff;
+ aHeap[0]--;
+ i = 1;
+ while( (j = i*2)<=aHeap[0] ){
+ if( aHeap[j]>aHeap[j+1] ) j++;
+ if( aHeap[i]<aHeap[j] ) break;
+ x = aHeap[i];
+ aHeap[i] = aHeap[j];
+ aHeap[j] = x;
+ i = j;
+ }
+ return 1;
+}
+
+#ifndef SQLITE_OMIT_INTEGRITY_CHECK
+/*
+** Do various sanity checks on a single page of a tree. Return
+** the tree depth. Root pages return 0. Parents of root pages
+** return 1, and so forth.
+**
+** These checks are done:
+**
+** 1. Make sure that cells and freeblocks do not overlap
+** but combine to completely cover the page.
+** 2. Make sure integer cell keys are in order.
+** 3. Check the integrity of overflow pages.
+** 4. Recursively call checkTreePage on all children.
+** 5. Verify that the depth of all children is the same.
+*/
+static int checkTreePage(
+ IntegrityCk *pCheck, /* Context for the sanity check */
+ int iPage, /* Page number of the page to check */
+ i64 *piMinKey, /* Write minimum integer primary key here */
+ i64 maxKey /* Error if integer primary key greater than this */
+){
+ MemPage *pPage = 0; /* The page being analyzed */
+ int i; /* Loop counter */
+ int rc; /* Result code from subroutine call */
+ int depth = -1, d2; /* Depth of a subtree */
+ int pgno; /* Page number */
+ int nFrag; /* Number of fragmented bytes on the page */
+ int hdr; /* Offset to the page header */
+ int cellStart; /* Offset to the start of the cell pointer array */
+ int nCell; /* Number of cells */
+ int doCoverageCheck = 1; /* True if cell coverage checking should be done */
+ int keyCanBeEqual = 1; /* True if IPK can be equal to maxKey
+ ** False if IPK must be strictly less than maxKey */
+ u8 *data; /* Page content */
+ u8 *pCell; /* Cell content */
+ u8 *pCellIdx; /* Next element of the cell pointer array */
+ BtShared *pBt; /* The BtShared object that owns pPage */
+ u32 pc; /* Address of a cell */
+ u32 usableSize; /* Usable size of the page */
+ u32 contentOffset; /* Offset to the start of the cell content area */
+ u32 *heap = 0; /* Min-heap used for checking cell coverage */
+ u32 x, prev = 0; /* Next and previous entry on the min-heap */
+ const char *saved_zPfx = pCheck->zPfx;
+ int saved_v1 = pCheck->v1;
+ int saved_v2 = pCheck->v2;
+ u8 savedIsInit = 0;
+
+ /* Check that the page exists
+ */
+ pBt = pCheck->pBt;
+ usableSize = pBt->usableSize;
+ if( iPage==0 ) return 0;
+ if( checkRef(pCheck, iPage) ) return 0;
+ pCheck->zPfx = "Page %d: ";
+ pCheck->v1 = iPage;
+ if( (rc = btreeGetPage(pBt, (Pgno)iPage, &pPage, 0))!=0 ){
+ checkAppendMsg(pCheck,
+ "unable to get the page. error code=%d", rc);
+ goto end_of_check;
+ }
+
+ /* Clear MemPage.isInit to make sure the corruption detection code in
+ ** btreeInitPage() is executed. */
+ savedIsInit = pPage->isInit;
+ pPage->isInit = 0;
+ if( (rc = btreeInitPage(pPage))!=0 ){
+ assert( rc==SQLITE_CORRUPT ); /* The only possible error from InitPage */
+ checkAppendMsg(pCheck,
+ "btreeInitPage() returns error code %d", rc);
+ goto end_of_check;
+ }
+ data = pPage->aData;
+ hdr = pPage->hdrOffset;
+
+ /* Set up for cell analysis */
+ pCheck->zPfx = "On tree page %d cell %d: ";
+ contentOffset = get2byteNotZero(&data[hdr+5]);
+ assert( contentOffset<=usableSize ); /* Enforced by btreeInitPage() */
+
+ /* EVIDENCE-OF: R-37002-32774 The two-byte integer at offset 3 gives the
+ ** number of cells on the page. */
+ nCell = get2byte(&data[hdr+3]);
+ assert( pPage->nCell==nCell );
+
+ /* EVIDENCE-OF: R-23882-45353 The cell pointer array of a b-tree page
+ ** immediately follows the b-tree page header. */
+ cellStart = hdr + 12 - 4*pPage->leaf;
+ assert( pPage->aCellIdx==&data[cellStart] );
+ pCellIdx = &data[cellStart + 2*(nCell-1)];
+
+ if( !pPage->leaf ){
+ /* Analyze the right-child page of internal pages */
+ pgno = get4byte(&data[hdr+8]);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pBt->autoVacuum ){
+ pCheck->zPfx = "On page %d at right child: ";
+ checkPtrmap(pCheck, pgno, PTRMAP_BTREE, iPage);
+ }
+#endif
+ depth = checkTreePage(pCheck, pgno, &maxKey, maxKey);
+ keyCanBeEqual = 0;
+ }else{
+ /* For leaf pages, the coverage check will occur in the same loop
+ ** as the other cell checks, so initialize the heap. */
+ heap = pCheck->heap;
+ heap[0] = 0;
+ }
+
+ /* EVIDENCE-OF: R-02776-14802 The cell pointer array consists of K 2-byte
+ ** integer offsets to the cell contents. */
+ for(i=nCell-1; i>=0 && pCheck->mxErr; i--){
+ CellInfo info;
+
+ /* Check cell size */
+ pCheck->v2 = i;
+ assert( pCellIdx==&data[cellStart + i*2] );
+ pc = get2byteAligned(pCellIdx);
+ pCellIdx -= 2;
+ if( pc<contentOffset || pc>usableSize-4 ){
+ checkAppendMsg(pCheck, "Offset %d out of range %d..%d",
+ pc, contentOffset, usableSize-4);
+ doCoverageCheck = 0;
+ continue;
+ }
+ pCell = &data[pc];
+ pPage->xParseCell(pPage, pCell, &info);
+ if( pc+info.nSize>usableSize ){
+ checkAppendMsg(pCheck, "Extends off end of page");
+ doCoverageCheck = 0;
+ continue;
+ }
+
+ /* Check for integer primary key out of range */
+ if( pPage->intKey ){
+ if( keyCanBeEqual ? (info.nKey > maxKey) : (info.nKey >= maxKey) ){
+ checkAppendMsg(pCheck, "Rowid %lld out of order", info.nKey);
+ }
+ maxKey = info.nKey;
+ }
+
+ /* Check the content overflow list */
+ if( info.nPayload>info.nLocal ){
+ int nPage; /* Number of pages on the overflow chain */
+ Pgno pgnoOvfl; /* First page of the overflow chain */
+ assert( pc + info.nSize - 4 <= usableSize );
+ nPage = (info.nPayload - info.nLocal + usableSize - 5)/(usableSize - 4);
+ pgnoOvfl = get4byte(&pCell[info.nSize - 4]);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pBt->autoVacuum ){
+ checkPtrmap(pCheck, pgnoOvfl, PTRMAP_OVERFLOW1, iPage);
+ }
+#endif
+ checkList(pCheck, 0, pgnoOvfl, nPage);
+ }
+
+ if( !pPage->leaf ){
+ /* Check sanity of left child page for internal pages */
+ pgno = get4byte(pCell);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pBt->autoVacuum ){
+ checkPtrmap(pCheck, pgno, PTRMAP_BTREE, iPage);
+ }
+#endif
+ d2 = checkTreePage(pCheck, pgno, &maxKey, maxKey);
+ keyCanBeEqual = 0;
+ if( d2!=depth ){
+ checkAppendMsg(pCheck, "Child page depth differs");
+ depth = d2;
+ }
+ }else{
+ /* Populate the coverage-checking heap for leaf pages */
+ btreeHeapInsert(heap, (pc<<16)|(pc+info.nSize-1));
+ }
+ }
+ *piMinKey = maxKey;
+
+ /* Check for complete coverage of the page
+ */
+ pCheck->zPfx = 0;
+ if( doCoverageCheck && pCheck->mxErr>0 ){
+ /* For leaf pages, the min-heap has already been initialized and the
+ ** cells have already been inserted. But for internal pages, that has
+ ** not yet been done, so do it now */
+ if( !pPage->leaf ){
+ heap = pCheck->heap;
+ heap[0] = 0;
+ for(i=nCell-1; i>=0; i--){
+ u32 size;
+ pc = get2byteAligned(&data[cellStart+i*2]);
+ size = pPage->xCellSize(pPage, &data[pc]);
+ btreeHeapInsert(heap, (pc<<16)|(pc+size-1));
+ }
+ }
+ /* Add the freeblocks to the min-heap
+ **
+ ** EVIDENCE-OF: R-20690-50594 The second field of the b-tree page header
+ ** is the offset of the first freeblock, or zero if there are no
+ ** freeblocks on the page.
+ */
+ i = get2byte(&data[hdr+1]);
+ while( i>0 ){
+ int size, j;
+ assert( (u32)i<=usableSize-4 ); /* Enforced by btreeInitPage() */
+ size = get2byte(&data[i+2]);
+ assert( (u32)(i+size)<=usableSize ); /* Enforced by btreeInitPage() */
+ btreeHeapInsert(heap, (((u32)i)<<16)|(i+size-1));
+ /* EVIDENCE-OF: R-58208-19414 The first 2 bytes of a freeblock are a
+ ** big-endian integer which is the offset in the b-tree page of the next
+ ** freeblock in the chain, or zero if the freeblock is the last on the
+ ** chain. */
+ j = get2byte(&data[i]);
+ /* EVIDENCE-OF: R-06866-39125 Freeblocks are always connected in order of
+ ** increasing offset. */
+ assert( j==0 || j>i+size ); /* Enforced by btreeInitPage() */
+ assert( (u32)j<=usableSize-4 ); /* Enforced by btreeInitPage() */
+ i = j;
+ }
+ /* Analyze the min-heap looking for overlap between cells and/or
+ ** freeblocks, and counting the number of untracked bytes in nFrag.
+ **
+ ** Each min-heap entry is of the form: (start_address<<16)|end_address.
+ ** There is an implied first entry the covers the page header, the cell
+ ** pointer index, and the gap between the cell pointer index and the start
+ ** of cell content.
+ **
+ ** The loop below pulls entries from the min-heap in order and compares
+ ** the start_address against the previous end_address. If there is an
+ ** overlap, that means bytes are used multiple times. If there is a gap,
+ ** that gap is added to the fragmentation count.
+ */
+ nFrag = 0;
+ prev = contentOffset - 1; /* Implied first min-heap entry */
+ while( btreeHeapPull(heap,&x) ){
+ if( (prev&0xffff)>=(x>>16) ){
+ checkAppendMsg(pCheck,
+ "Multiple uses for byte %u of page %d", x>>16, iPage);
+ break;
+ }else{
+ nFrag += (x>>16) - (prev&0xffff) - 1;
+ prev = x;
+ }
+ }
+ nFrag += usableSize - (prev&0xffff) - 1;
+ /* EVIDENCE-OF: R-43263-13491 The total number of bytes in all fragments
+ ** is stored in the fifth field of the b-tree page header.
+ ** EVIDENCE-OF: R-07161-27322 The one-byte integer at offset 7 gives the
+ ** number of fragmented free bytes within the cell content area.
+ */
+ if( heap[0]==0 && nFrag!=data[hdr+7] ){
+ checkAppendMsg(pCheck,
+ "Fragmentation of %d bytes reported as %d on page %d",
+ nFrag, data[hdr+7], iPage);
+ }
+ }
+
+end_of_check:
+ if( !doCoverageCheck ) pPage->isInit = savedIsInit;
+ releasePage(pPage);
+ pCheck->zPfx = saved_zPfx;
+ pCheck->v1 = saved_v1;
+ pCheck->v2 = saved_v2;
+ return depth+1;
+}
+#endif /* SQLITE_OMIT_INTEGRITY_CHECK */
+
+#ifndef SQLITE_OMIT_INTEGRITY_CHECK
+/*
+** This routine does a complete check of the given BTree file. aRoot[] is
+** an array of pages numbers were each page number is the root page of
+** a table. nRoot is the number of entries in aRoot.
+**
+** A read-only or read-write transaction must be opened before calling
+** this function.
+**
+** Write the number of error seen in *pnErr. Except for some memory
+** allocation errors, an error message held in memory obtained from
+** malloc is returned if *pnErr is non-zero. If *pnErr==0 then NULL is
+** returned. If a memory allocation error occurs, NULL is returned.
+*/
+SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
+ Btree *p, /* The btree to be checked */
+ int *aRoot, /* An array of root pages numbers for individual trees */
+ int nRoot, /* Number of entries in aRoot[] */
+ int mxErr, /* Stop reporting errors after this many */
+ int *pnErr /* Write number of errors seen to this variable */
+){
+ Pgno i;
+ IntegrityCk sCheck;
+ BtShared *pBt = p->pBt;
+ int savedDbFlags = pBt->db->flags;
+ char zErr[100];
+ VVA_ONLY( int nRef );
+
+ sqlite3BtreeEnter(p);
+ assert( p->inTrans>TRANS_NONE && pBt->inTransaction>TRANS_NONE );
+ assert( (nRef = sqlite3PagerRefcount(pBt->pPager))>=0 );
+ sCheck.pBt = pBt;
+ sCheck.pPager = pBt->pPager;
+ sCheck.nPage = btreePagecount(sCheck.pBt);
+ sCheck.mxErr = mxErr;
+ sCheck.nErr = 0;
+ sCheck.mallocFailed = 0;
+ sCheck.zPfx = 0;
+ sCheck.v1 = 0;
+ sCheck.v2 = 0;
+ sCheck.aPgRef = 0;
+ sCheck.heap = 0;
+ sqlite3StrAccumInit(&sCheck.errMsg, 0, zErr, sizeof(zErr), SQLITE_MAX_LENGTH);
+ if( sCheck.nPage==0 ){
+ goto integrity_ck_cleanup;
+ }
+
+ sCheck.aPgRef = sqlite3MallocZero((sCheck.nPage / 8)+ 1);
+ if( !sCheck.aPgRef ){
+ sCheck.mallocFailed = 1;
+ goto integrity_ck_cleanup;
+ }
+ sCheck.heap = (u32*)sqlite3PageMalloc( pBt->pageSize );
+ if( sCheck.heap==0 ){
+ sCheck.mallocFailed = 1;
+ goto integrity_ck_cleanup;
+ }
+
+ i = PENDING_BYTE_PAGE(pBt);
+ if( i<=sCheck.nPage ) setPageReferenced(&sCheck, i);
+
+ /* Check the integrity of the freelist
+ */
+ sCheck.zPfx = "Main freelist: ";
+ checkList(&sCheck, 1, get4byte(&pBt->pPage1->aData[32]),
+ get4byte(&pBt->pPage1->aData[36]));
+ sCheck.zPfx = 0;
+
+ /* Check all the tables.
+ */
+ testcase( pBt->db->flags & SQLITE_CellSizeCk );
+ pBt->db->flags &= ~SQLITE_CellSizeCk;
+ for(i=0; (int)i<nRoot && sCheck.mxErr; i++){
+ i64 notUsed;
+ if( aRoot[i]==0 ) continue;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( pBt->autoVacuum && aRoot[i]>1 ){
+ checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0);
+ }
+#endif
+ checkTreePage(&sCheck, aRoot[i], &notUsed, LARGEST_INT64);
+ }
+ pBt->db->flags = savedDbFlags;
+
+ /* Make sure every page in the file is referenced
+ */
+ for(i=1; i<=sCheck.nPage && sCheck.mxErr; i++){
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ if( getPageReferenced(&sCheck, i)==0 ){
+ checkAppendMsg(&sCheck, "Page %d is never used", i);
+ }
+#else
+ /* If the database supports auto-vacuum, make sure no tables contain
+ ** references to pointer-map pages.
+ */
+ if( getPageReferenced(&sCheck, i)==0 &&
+ (PTRMAP_PAGENO(pBt, i)!=i || !pBt->autoVacuum) ){
+ checkAppendMsg(&sCheck, "Page %d is never used", i);
+ }
+ if( getPageReferenced(&sCheck, i)!=0 &&
+ (PTRMAP_PAGENO(pBt, i)==i && pBt->autoVacuum) ){
+ checkAppendMsg(&sCheck, "Pointer map page %d is referenced", i);
+ }
+#endif
+ }
+
+ /* Clean up and report errors.
+ */
+integrity_ck_cleanup:
+ sqlite3PageFree(sCheck.heap);
+ sqlite3_free(sCheck.aPgRef);
+ if( sCheck.mallocFailed ){
+ sqlite3StrAccumReset(&sCheck.errMsg);
+ sCheck.nErr++;
+ }
+ *pnErr = sCheck.nErr;
+ if( sCheck.nErr==0 ) sqlite3StrAccumReset(&sCheck.errMsg);
+ /* Make sure this analysis did not leave any unref() pages. */
+ assert( nRef==sqlite3PagerRefcount(pBt->pPager) );
+ sqlite3BtreeLeave(p);
+ return sqlite3StrAccumFinish(&sCheck.errMsg);
+}
+#endif /* SQLITE_OMIT_INTEGRITY_CHECK */
+
+/*
+** Return the full pathname of the underlying database file. Return
+** an empty string if the database is in-memory or a TEMP database.
+**
+** The pager filename is invariant as long as the pager is
+** open so it is safe to access without the BtShared mutex.
+*/
+SQLITE_PRIVATE const char *sqlite3BtreeGetFilename(Btree *p){
+ assert( p->pBt->pPager!=0 );
+ return sqlite3PagerFilename(p->pBt->pPager, 1);
+}
+
+/*
+** Return the pathname of the journal file for this database. The return
+** value of this routine is the same regardless of whether the journal file
+** has been created or not.
+**
+** The pager journal filename is invariant as long as the pager is
+** open so it is safe to access without the BtShared mutex.
+*/
+SQLITE_PRIVATE const char *sqlite3BtreeGetJournalname(Btree *p){
+ assert( p->pBt->pPager!=0 );
+ return sqlite3PagerJournalname(p->pBt->pPager);
+}
+
+/*
+** Return non-zero if a transaction is active.
+*/
+SQLITE_PRIVATE int sqlite3BtreeIsInTrans(Btree *p){
+ assert( p==0 || sqlite3_mutex_held(p->db->mutex) );
+ return (p && (p->inTrans==TRANS_WRITE));
+}
+
+#ifndef SQLITE_OMIT_WAL
+/*
+** Run a checkpoint on the Btree passed as the first argument.
+**
+** Return SQLITE_LOCKED if this or any other connection has an open
+** transaction on the shared-cache the argument Btree is connected to.
+**
+** Parameter eMode is one of SQLITE_CHECKPOINT_PASSIVE, FULL or RESTART.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCheckpoint(Btree *p, int eMode, int *pnLog, int *pnCkpt){
+ int rc = SQLITE_OK;
+ if( p ){
+ BtShared *pBt = p->pBt;
+ sqlite3BtreeEnter(p);
+ if( pBt->inTransaction!=TRANS_NONE ){
+ rc = SQLITE_LOCKED;
+ }else{
+ rc = sqlite3PagerCheckpoint(pBt->pPager, eMode, pnLog, pnCkpt);
+ }
+ sqlite3BtreeLeave(p);
+ }
+ return rc;
+}
+#endif
+
+/*
+** Return non-zero if a read (or write) transaction is active.
+*/
+SQLITE_PRIVATE int sqlite3BtreeIsInReadTrans(Btree *p){
+ assert( p );
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ return p->inTrans!=TRANS_NONE;
+}
+
+SQLITE_PRIVATE int sqlite3BtreeIsInBackup(Btree *p){
+ assert( p );
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ return p->nBackup!=0;
+}
+
+/*
+** This function returns a pointer to a blob of memory associated with
+** a single shared-btree. The memory is used by client code for its own
+** purposes (for example, to store a high-level schema associated with
+** the shared-btree). The btree layer manages reference counting issues.
+**
+** The first time this is called on a shared-btree, nBytes bytes of memory
+** are allocated, zeroed, and returned to the caller. For each subsequent
+** call the nBytes parameter is ignored and a pointer to the same blob
+** of memory returned.
+**
+** If the nBytes parameter is 0 and the blob of memory has not yet been
+** allocated, a null pointer is returned. If the blob has already been
+** allocated, it is returned as normal.
+**
+** Just before the shared-btree is closed, the function passed as the
+** xFree argument when the memory allocation was made is invoked on the
+** blob of allocated memory. The xFree function should not call sqlite3_free()
+** on the memory, the btree layer does that.
+*/
+SQLITE_PRIVATE void *sqlite3BtreeSchema(Btree *p, int nBytes, void(*xFree)(void *)){
+ BtShared *pBt = p->pBt;
+ sqlite3BtreeEnter(p);
+ if( !pBt->pSchema && nBytes ){
+ pBt->pSchema = sqlite3DbMallocZero(0, nBytes);
+ pBt->xFreeSchema = xFree;
+ }
+ sqlite3BtreeLeave(p);
+ return pBt->pSchema;
+}
+
+/*
+** Return SQLITE_LOCKED_SHAREDCACHE if another user of the same shared
+** btree as the argument handle holds an exclusive lock on the
+** sqlite_master table. Otherwise SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSchemaLocked(Btree *p){
+ int rc;
+ assert( sqlite3_mutex_held(p->db->mutex) );
+ sqlite3BtreeEnter(p);
+ rc = querySharedCacheTableLock(p, MASTER_ROOT, READ_LOCK);
+ assert( rc==SQLITE_OK || rc==SQLITE_LOCKED_SHAREDCACHE );
+ sqlite3BtreeLeave(p);
+ return rc;
+}
+
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/*
+** Obtain a lock on the table whose root page is iTab. The
+** lock is a write lock if isWritelock is true or a read lock
+** if it is false.
+*/
+SQLITE_PRIVATE int sqlite3BtreeLockTable(Btree *p, int iTab, u8 isWriteLock){
+ int rc = SQLITE_OK;
+ assert( p->inTrans!=TRANS_NONE );
+ if( p->sharable ){
+ u8 lockType = READ_LOCK + isWriteLock;
+ assert( READ_LOCK+1==WRITE_LOCK );
+ assert( isWriteLock==0 || isWriteLock==1 );
+
+ sqlite3BtreeEnter(p);
+ rc = querySharedCacheTableLock(p, iTab, lockType);
+ if( rc==SQLITE_OK ){
+ rc = setSharedCacheTableLock(p, iTab, lockType);
+ }
+ sqlite3BtreeLeave(p);
+ }
+ return rc;
+}
+#endif
+
+#ifndef SQLITE_OMIT_INCRBLOB
+/*
+** Argument pCsr must be a cursor opened for writing on an
+** INTKEY table currently pointing at a valid table entry.
+** This function modifies the data stored as part of that entry.
+**
+** Only the data content may only be modified, it is not possible to
+** change the length of the data stored. If this function is called with
+** parameters that attempt to write past the end of the existing data,
+** no modifications are made and SQLITE_CORRUPT is returned.
+*/
+SQLITE_PRIVATE int sqlite3BtreePutData(BtCursor *pCsr, u32 offset, u32 amt, void *z){
+ int rc;
+ assert( cursorHoldsMutex(pCsr) );
+ assert( sqlite3_mutex_held(pCsr->pBtree->db->mutex) );
+ assert( pCsr->curFlags & BTCF_Incrblob );
+
+ rc = restoreCursorPosition(pCsr);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ assert( pCsr->eState!=CURSOR_REQUIRESEEK );
+ if( pCsr->eState!=CURSOR_VALID ){
+ return SQLITE_ABORT;
+ }
+
+ /* Save the positions of all other cursors open on this table. This is
+ ** required in case any of them are holding references to an xFetch
+ ** version of the b-tree page modified by the accessPayload call below.
+ **
+ ** Note that pCsr must be open on a INTKEY table and saveCursorPosition()
+ ** and hence saveAllCursors() cannot fail on a BTREE_INTKEY table, hence
+ ** saveAllCursors can only return SQLITE_OK.
+ */
+ VVA_ONLY(rc =) saveAllCursors(pCsr->pBt, pCsr->pgnoRoot, pCsr);
+ assert( rc==SQLITE_OK );
+
+ /* Check some assumptions:
+ ** (a) the cursor is open for writing,
+ ** (b) there is a read/write transaction open,
+ ** (c) the connection holds a write-lock on the table (if required),
+ ** (d) there are no conflicting read-locks, and
+ ** (e) the cursor points at a valid row of an intKey table.
+ */
+ if( (pCsr->curFlags & BTCF_WriteFlag)==0 ){
+ return SQLITE_READONLY;
+ }
+ assert( (pCsr->pBt->btsFlags & BTS_READ_ONLY)==0
+ && pCsr->pBt->inTransaction==TRANS_WRITE );
+ assert( hasSharedCacheTableLock(pCsr->pBtree, pCsr->pgnoRoot, 0, 2) );
+ assert( !hasReadConflicts(pCsr->pBtree, pCsr->pgnoRoot) );
+ assert( pCsr->apPage[pCsr->iPage]->intKey );
+
+ return accessPayload(pCsr, offset, amt, (unsigned char *)z, 1);
+}
+
+/*
+** Mark this cursor as an incremental blob cursor.
+*/
+SQLITE_PRIVATE void sqlite3BtreeIncrblobCursor(BtCursor *pCur){
+ pCur->curFlags |= BTCF_Incrblob;
+ pCur->pBtree->hasIncrblobCur = 1;
+}
+#endif
+
+/*
+** Set both the "read version" (single byte at byte offset 18) and
+** "write version" (single byte at byte offset 19) fields in the database
+** header to iVersion.
+*/
+SQLITE_PRIVATE int sqlite3BtreeSetVersion(Btree *pBtree, int iVersion){
+ BtShared *pBt = pBtree->pBt;
+ int rc; /* Return code */
+
+ assert( iVersion==1 || iVersion==2 );
+
+ /* If setting the version fields to 1, do not automatically open the
+ ** WAL connection, even if the version fields are currently set to 2.
+ */
+ pBt->btsFlags &= ~BTS_NO_WAL;
+ if( iVersion==1 ) pBt->btsFlags |= BTS_NO_WAL;
+
+ rc = sqlite3BtreeBeginTrans(pBtree, 0);
+ if( rc==SQLITE_OK ){
+ u8 *aData = pBt->pPage1->aData;
+ if( aData[18]!=(u8)iVersion || aData[19]!=(u8)iVersion ){
+ rc = sqlite3BtreeBeginTrans(pBtree, 2);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
+ if( rc==SQLITE_OK ){
+ aData[18] = (u8)iVersion;
+ aData[19] = (u8)iVersion;
+ }
+ }
+ }
+ }
+
+ pBt->btsFlags &= ~BTS_NO_WAL;
+ return rc;
+}
+
+/*
+** Return true if the cursor has a hint specified. This routine is
+** only used from within assert() statements
+*/
+SQLITE_PRIVATE int sqlite3BtreeCursorHasHint(BtCursor *pCsr, unsigned int mask){
+ return (pCsr->hints & mask)!=0;
+}
+
+/*
+** Return true if the given Btree is read-only.
+*/
+SQLITE_PRIVATE int sqlite3BtreeIsReadonly(Btree *p){
+ return (p->pBt->btsFlags & BTS_READ_ONLY)!=0;
+}
+
+/*
+** Return the size of the header added to each page by this module.
+*/
+SQLITE_PRIVATE int sqlite3HeaderSizeBtree(void){ return ROUND8(sizeof(MemPage)); }
+
+/************** End of btree.c ***********************************************/
+/************** Begin file backup.c ******************************************/
+/*
+** 2009 January 28
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the implementation of the sqlite3_backup_XXX()
+** API functions and the related features.
+*/
+/* #include "sqliteInt.h" */
+/* #include "btreeInt.h" */
+
+/*
+** Structure allocated for each backup operation.
+*/
+struct sqlite3_backup {
+ sqlite3* pDestDb; /* Destination database handle */
+ Btree *pDest; /* Destination b-tree file */
+ u32 iDestSchema; /* Original schema cookie in destination */
+ int bDestLocked; /* True once a write-transaction is open on pDest */
+
+ Pgno iNext; /* Page number of the next source page to copy */
+ sqlite3* pSrcDb; /* Source database handle */
+ Btree *pSrc; /* Source b-tree file */
+
+ int rc; /* Backup process error code */
+
+ /* These two variables are set by every call to backup_step(). They are
+ ** read by calls to backup_remaining() and backup_pagecount().
+ */
+ Pgno nRemaining; /* Number of pages left to copy */
+ Pgno nPagecount; /* Total number of pages to copy */
+
+ int isAttached; /* True once backup has been registered with pager */
+ sqlite3_backup *pNext; /* Next backup associated with source pager */
+};
+
+/*
+** THREAD SAFETY NOTES:
+**
+** Once it has been created using backup_init(), a single sqlite3_backup
+** structure may be accessed via two groups of thread-safe entry points:
+**
+** * Via the sqlite3_backup_XXX() API function backup_step() and
+** backup_finish(). Both these functions obtain the source database
+** handle mutex and the mutex associated with the source BtShared
+** structure, in that order.
+**
+** * Via the BackupUpdate() and BackupRestart() functions, which are
+** invoked by the pager layer to report various state changes in
+** the page cache associated with the source database. The mutex
+** associated with the source database BtShared structure will always
+** be held when either of these functions are invoked.
+**
+** The other sqlite3_backup_XXX() API functions, backup_remaining() and
+** backup_pagecount() are not thread-safe functions. If they are called
+** while some other thread is calling backup_step() or backup_finish(),
+** the values returned may be invalid. There is no way for a call to
+** BackupUpdate() or BackupRestart() to interfere with backup_remaining()
+** or backup_pagecount().
+**
+** Depending on the SQLite configuration, the database handles and/or
+** the Btree objects may have their own mutexes that require locking.
+** Non-sharable Btrees (in-memory databases for example), do not have
+** associated mutexes.
+*/
+
+/*
+** Return a pointer corresponding to database zDb (i.e. "main", "temp")
+** in connection handle pDb. If such a database cannot be found, return
+** a NULL pointer and write an error message to pErrorDb.
+**
+** If the "temp" database is requested, it may need to be opened by this
+** function. If an error occurs while doing so, return 0 and write an
+** error message to pErrorDb.
+*/
+static Btree *findBtree(sqlite3 *pErrorDb, sqlite3 *pDb, const char *zDb){
+ int i = sqlite3FindDbName(pDb, zDb);
+
+ if( i==1 ){
+ Parse *pParse;
+ int rc = 0;
+ pParse = sqlite3StackAllocZero(pErrorDb, sizeof(*pParse));
+ if( pParse==0 ){
+ sqlite3ErrorWithMsg(pErrorDb, SQLITE_NOMEM, "out of memory");
+ rc = SQLITE_NOMEM;
+ }else{
+ pParse->db = pDb;
+ if( sqlite3OpenTempDatabase(pParse) ){
+ sqlite3ErrorWithMsg(pErrorDb, pParse->rc, "%s", pParse->zErrMsg);
+ rc = SQLITE_ERROR;
+ }
+ sqlite3DbFree(pErrorDb, pParse->zErrMsg);
+ sqlite3ParserReset(pParse);
+ sqlite3StackFree(pErrorDb, pParse);
+ }
+ if( rc ){
+ return 0;
+ }
+ }
+
+ if( i<0 ){
+ sqlite3ErrorWithMsg(pErrorDb, SQLITE_ERROR, "unknown database %s", zDb);
+ return 0;
+ }
+
+ return pDb->aDb[i].pBt;
+}
+
+/*
+** Attempt to set the page size of the destination to match the page size
+** of the source.
+*/
+static int setDestPgsz(sqlite3_backup *p){
+ int rc;
+ rc = sqlite3BtreeSetPageSize(p->pDest,sqlite3BtreeGetPageSize(p->pSrc),-1,0);
+ return rc;
+}
+
+/*
+** Check that there is no open read-transaction on the b-tree passed as the
+** second argument. If there is not, return SQLITE_OK. Otherwise, if there
+** is an open read-transaction, return SQLITE_ERROR and leave an error
+** message in database handle db.
+*/
+static int checkReadTransaction(sqlite3 *db, Btree *p){
+ if( sqlite3BtreeIsInReadTrans(p) ){
+ sqlite3ErrorWithMsg(db, SQLITE_ERROR, "destination database is in use");
+ return SQLITE_ERROR;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Create an sqlite3_backup process to copy the contents of zSrcDb from
+** connection handle pSrcDb to zDestDb in pDestDb. If successful, return
+** a pointer to the new sqlite3_backup object.
+**
+** If an error occurs, NULL is returned and an error code and error message
+** stored in database handle pDestDb.
+*/
+SQLITE_API sqlite3_backup *SQLITE_STDCALL sqlite3_backup_init(
+ sqlite3* pDestDb, /* Database to write to */
+ const char *zDestDb, /* Name of database within pDestDb */
+ sqlite3* pSrcDb, /* Database connection to read from */
+ const char *zSrcDb /* Name of database within pSrcDb */
+){
+ sqlite3_backup *p; /* Value to return */
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(pSrcDb)||!sqlite3SafetyCheckOk(pDestDb) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+
+ /* Lock the source database handle. The destination database
+ ** handle is not locked in this routine, but it is locked in
+ ** sqlite3_backup_step(). The user is required to ensure that no
+ ** other thread accesses the destination handle for the duration
+ ** of the backup operation. Any attempt to use the destination
+ ** database connection while a backup is in progress may cause
+ ** a malfunction or a deadlock.
+ */
+ sqlite3_mutex_enter(pSrcDb->mutex);
+ sqlite3_mutex_enter(pDestDb->mutex);
+
+ if( pSrcDb==pDestDb ){
+ sqlite3ErrorWithMsg(
+ pDestDb, SQLITE_ERROR, "source and destination must be distinct"
+ );
+ p = 0;
+ }else {
+ /* Allocate space for a new sqlite3_backup object...
+ ** EVIDENCE-OF: R-64852-21591 The sqlite3_backup object is created by a
+ ** call to sqlite3_backup_init() and is destroyed by a call to
+ ** sqlite3_backup_finish(). */
+ p = (sqlite3_backup *)sqlite3MallocZero(sizeof(sqlite3_backup));
+ if( !p ){
+ sqlite3Error(pDestDb, SQLITE_NOMEM);
+ }
+ }
+
+ /* If the allocation succeeded, populate the new object. */
+ if( p ){
+ p->pSrc = findBtree(pDestDb, pSrcDb, zSrcDb);
+ p->pDest = findBtree(pDestDb, pDestDb, zDestDb);
+ p->pDestDb = pDestDb;
+ p->pSrcDb = pSrcDb;
+ p->iNext = 1;
+ p->isAttached = 0;
+
+ if( 0==p->pSrc || 0==p->pDest
+ || setDestPgsz(p)==SQLITE_NOMEM
+ || checkReadTransaction(pDestDb, p->pDest)!=SQLITE_OK
+ ){
+ /* One (or both) of the named databases did not exist or an OOM
+ ** error was hit. Or there is a transaction open on the destination
+ ** database. The error has already been written into the pDestDb
+ ** handle. All that is left to do here is free the sqlite3_backup
+ ** structure. */
+ sqlite3_free(p);
+ p = 0;
+ }
+ }
+ if( p ){
+ p->pSrc->nBackup++;
+ }
+
+ sqlite3_mutex_leave(pDestDb->mutex);
+ sqlite3_mutex_leave(pSrcDb->mutex);
+ return p;
+}
+
+/*
+** Argument rc is an SQLite error code. Return true if this error is
+** considered fatal if encountered during a backup operation. All errors
+** are considered fatal except for SQLITE_BUSY and SQLITE_LOCKED.
+*/
+static int isFatalError(int rc){
+ return (rc!=SQLITE_OK && rc!=SQLITE_BUSY && ALWAYS(rc!=SQLITE_LOCKED));
+}
+
+/*
+** Parameter zSrcData points to a buffer containing the data for
+** page iSrcPg from the source database. Copy this data into the
+** destination database.
+*/
+static int backupOnePage(
+ sqlite3_backup *p, /* Backup handle */
+ Pgno iSrcPg, /* Source database page to backup */
+ const u8 *zSrcData, /* Source database page data */
+ int bUpdate /* True for an update, false otherwise */
+){
+ Pager * const pDestPager = sqlite3BtreePager(p->pDest);
+ const int nSrcPgsz = sqlite3BtreeGetPageSize(p->pSrc);
+ int nDestPgsz = sqlite3BtreeGetPageSize(p->pDest);
+ const int nCopy = MIN(nSrcPgsz, nDestPgsz);
+ const i64 iEnd = (i64)iSrcPg*(i64)nSrcPgsz;
+#ifdef SQLITE_HAS_CODEC
+ /* Use BtreeGetReserveNoMutex() for the source b-tree, as although it is
+ ** guaranteed that the shared-mutex is held by this thread, handle
+ ** p->pSrc may not actually be the owner. */
+ int nSrcReserve = sqlite3BtreeGetReserveNoMutex(p->pSrc);
+ int nDestReserve = sqlite3BtreeGetOptimalReserve(p->pDest);
+#endif
+ int rc = SQLITE_OK;
+ i64 iOff;
+
+ assert( sqlite3BtreeGetReserveNoMutex(p->pSrc)>=0 );
+ assert( p->bDestLocked );
+ assert( !isFatalError(p->rc) );
+ assert( iSrcPg!=PENDING_BYTE_PAGE(p->pSrc->pBt) );
+ assert( zSrcData );
+
+ /* Catch the case where the destination is an in-memory database and the
+ ** page sizes of the source and destination differ.
+ */
+ if( nSrcPgsz!=nDestPgsz && sqlite3PagerIsMemdb(pDestPager) ){
+ rc = SQLITE_READONLY;
+ }
+
+#ifdef SQLITE_HAS_CODEC
+ /* Backup is not possible if the page size of the destination is changing
+ ** and a codec is in use.
+ */
+ if( nSrcPgsz!=nDestPgsz && sqlite3PagerGetCodec(pDestPager)!=0 ){
+ rc = SQLITE_READONLY;
+ }
+
+ /* Backup is not possible if the number of bytes of reserve space differ
+ ** between source and destination. If there is a difference, try to
+ ** fix the destination to agree with the source. If that is not possible,
+ ** then the backup cannot proceed.
+ */
+ if( nSrcReserve!=nDestReserve ){
+ u32 newPgsz = nSrcPgsz;
+ rc = sqlite3PagerSetPagesize(pDestPager, &newPgsz, nSrcReserve);
+ if( rc==SQLITE_OK && newPgsz!=nSrcPgsz ) rc = SQLITE_READONLY;
+ }
+#endif
+
+ /* This loop runs once for each destination page spanned by the source
+ ** page. For each iteration, variable iOff is set to the byte offset
+ ** of the destination page.
+ */
+ for(iOff=iEnd-(i64)nSrcPgsz; rc==SQLITE_OK && iOff<iEnd; iOff+=nDestPgsz){
+ DbPage *pDestPg = 0;
+ Pgno iDest = (Pgno)(iOff/nDestPgsz)+1;
+ if( iDest==PENDING_BYTE_PAGE(p->pDest->pBt) ) continue;
+ if( SQLITE_OK==(rc = sqlite3PagerGet(pDestPager, iDest, &pDestPg, 0))
+ && SQLITE_OK==(rc = sqlite3PagerWrite(pDestPg))
+ ){
+ const u8 *zIn = &zSrcData[iOff%nSrcPgsz];
+ u8 *zDestData = sqlite3PagerGetData(pDestPg);
+ u8 *zOut = &zDestData[iOff%nDestPgsz];
+
+ /* Copy the data from the source page into the destination page.
+ ** Then clear the Btree layer MemPage.isInit flag. Both this module
+ ** and the pager code use this trick (clearing the first byte
+ ** of the page 'extra' space to invalidate the Btree layers
+ ** cached parse of the page). MemPage.isInit is marked
+ ** "MUST BE FIRST" for this purpose.
+ */
+ memcpy(zOut, zIn, nCopy);
+ ((u8 *)sqlite3PagerGetExtra(pDestPg))[0] = 0;
+ if( iOff==0 && bUpdate==0 ){
+ sqlite3Put4byte(&zOut[28], sqlite3BtreeLastPage(p->pSrc));
+ }
+ }
+ sqlite3PagerUnref(pDestPg);
+ }
+
+ return rc;
+}
+
+/*
+** If pFile is currently larger than iSize bytes, then truncate it to
+** exactly iSize bytes. If pFile is not larger than iSize bytes, then
+** this function is a no-op.
+**
+** Return SQLITE_OK if everything is successful, or an SQLite error
+** code if an error occurs.
+*/
+static int backupTruncateFile(sqlite3_file *pFile, i64 iSize){
+ i64 iCurrent;
+ int rc = sqlite3OsFileSize(pFile, &iCurrent);
+ if( rc==SQLITE_OK && iCurrent>iSize ){
+ rc = sqlite3OsTruncate(pFile, iSize);
+ }
+ return rc;
+}
+
+/*
+** Register this backup object with the associated source pager for
+** callbacks when pages are changed or the cache invalidated.
+*/
+static void attachBackupObject(sqlite3_backup *p){
+ sqlite3_backup **pp;
+ assert( sqlite3BtreeHoldsMutex(p->pSrc) );
+ pp = sqlite3PagerBackupPtr(sqlite3BtreePager(p->pSrc));
+ p->pNext = *pp;
+ *pp = p;
+ p->isAttached = 1;
+}
+
+/*
+** Copy nPage pages from the source b-tree to the destination.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_step(sqlite3_backup *p, int nPage){
+ int rc;
+ int destMode; /* Destination journal mode */
+ int pgszSrc = 0; /* Source page size */
+ int pgszDest = 0; /* Destination page size */
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( p==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(p->pSrcDb->mutex);
+ sqlite3BtreeEnter(p->pSrc);
+ if( p->pDestDb ){
+ sqlite3_mutex_enter(p->pDestDb->mutex);
+ }
+
+ rc = p->rc;
+ if( !isFatalError(rc) ){
+ Pager * const pSrcPager = sqlite3BtreePager(p->pSrc); /* Source pager */
+ Pager * const pDestPager = sqlite3BtreePager(p->pDest); /* Dest pager */
+ int ii; /* Iterator variable */
+ int nSrcPage = -1; /* Size of source db in pages */
+ int bCloseTrans = 0; /* True if src db requires unlocking */
+
+ /* If the source pager is currently in a write-transaction, return
+ ** SQLITE_BUSY immediately.
+ */
+ if( p->pDestDb && p->pSrc->pBt->inTransaction==TRANS_WRITE ){
+ rc = SQLITE_BUSY;
+ }else{
+ rc = SQLITE_OK;
+ }
+
+ /* Lock the destination database, if it is not locked already. */
+ if( SQLITE_OK==rc && p->bDestLocked==0
+ && SQLITE_OK==(rc = sqlite3BtreeBeginTrans(p->pDest, 2))
+ ){
+ p->bDestLocked = 1;
+ sqlite3BtreeGetMeta(p->pDest, BTREE_SCHEMA_VERSION, &p->iDestSchema);
+ }
+
+ /* If there is no open read-transaction on the source database, open
+ ** one now. If a transaction is opened here, then it will be closed
+ ** before this function exits.
+ */
+ if( rc==SQLITE_OK && 0==sqlite3BtreeIsInReadTrans(p->pSrc) ){
+ rc = sqlite3BtreeBeginTrans(p->pSrc, 0);
+ bCloseTrans = 1;
+ }
+
+ /* Do not allow backup if the destination database is in WAL mode
+ ** and the page sizes are different between source and destination */
+ pgszSrc = sqlite3BtreeGetPageSize(p->pSrc);
+ pgszDest = sqlite3BtreeGetPageSize(p->pDest);
+ destMode = sqlite3PagerGetJournalMode(sqlite3BtreePager(p->pDest));
+ if( SQLITE_OK==rc && destMode==PAGER_JOURNALMODE_WAL && pgszSrc!=pgszDest ){
+ rc = SQLITE_READONLY;
+ }
+
+ /* Now that there is a read-lock on the source database, query the
+ ** source pager for the number of pages in the database.
+ */
+ nSrcPage = (int)sqlite3BtreeLastPage(p->pSrc);
+ assert( nSrcPage>=0 );
+ for(ii=0; (nPage<0 || ii<nPage) && p->iNext<=(Pgno)nSrcPage && !rc; ii++){
+ const Pgno iSrcPg = p->iNext; /* Source page number */
+ if( iSrcPg!=PENDING_BYTE_PAGE(p->pSrc->pBt) ){
+ DbPage *pSrcPg; /* Source page object */
+ rc = sqlite3PagerGet(pSrcPager, iSrcPg, &pSrcPg,PAGER_GET_READONLY);
+ if( rc==SQLITE_OK ){
+ rc = backupOnePage(p, iSrcPg, sqlite3PagerGetData(pSrcPg), 0);
+ sqlite3PagerUnref(pSrcPg);
+ }
+ }
+ p->iNext++;
+ }
+ if( rc==SQLITE_OK ){
+ p->nPagecount = nSrcPage;
+ p->nRemaining = nSrcPage+1-p->iNext;
+ if( p->iNext>(Pgno)nSrcPage ){
+ rc = SQLITE_DONE;
+ }else if( !p->isAttached ){
+ attachBackupObject(p);
+ }
+ }
+
+ /* Update the schema version field in the destination database. This
+ ** is to make sure that the schema-version really does change in
+ ** the case where the source and destination databases have the
+ ** same schema version.
+ */
+ if( rc==SQLITE_DONE ){
+ if( nSrcPage==0 ){
+ rc = sqlite3BtreeNewDb(p->pDest);
+ nSrcPage = 1;
+ }
+ if( rc==SQLITE_OK || rc==SQLITE_DONE ){
+ rc = sqlite3BtreeUpdateMeta(p->pDest,1,p->iDestSchema+1);
+ }
+ if( rc==SQLITE_OK ){
+ if( p->pDestDb ){
+ sqlite3ResetAllSchemasOfConnection(p->pDestDb);
+ }
+ if( destMode==PAGER_JOURNALMODE_WAL ){
+ rc = sqlite3BtreeSetVersion(p->pDest, 2);
+ }
+ }
+ if( rc==SQLITE_OK ){
+ int nDestTruncate;
+ /* Set nDestTruncate to the final number of pages in the destination
+ ** database. The complication here is that the destination page
+ ** size may be different to the source page size.
+ **
+ ** If the source page size is smaller than the destination page size,
+ ** round up. In this case the call to sqlite3OsTruncate() below will
+ ** fix the size of the file. However it is important to call
+ ** sqlite3PagerTruncateImage() here so that any pages in the
+ ** destination file that lie beyond the nDestTruncate page mark are
+ ** journalled by PagerCommitPhaseOne() before they are destroyed
+ ** by the file truncation.
+ */
+ assert( pgszSrc==sqlite3BtreeGetPageSize(p->pSrc) );
+ assert( pgszDest==sqlite3BtreeGetPageSize(p->pDest) );
+ if( pgszSrc<pgszDest ){
+ int ratio = pgszDest/pgszSrc;
+ nDestTruncate = (nSrcPage+ratio-1)/ratio;
+ if( nDestTruncate==(int)PENDING_BYTE_PAGE(p->pDest->pBt) ){
+ nDestTruncate--;
+ }
+ }else{
+ nDestTruncate = nSrcPage * (pgszSrc/pgszDest);
+ }
+ assert( nDestTruncate>0 );
+
+ if( pgszSrc<pgszDest ){
+ /* If the source page-size is smaller than the destination page-size,
+ ** two extra things may need to happen:
+ **
+ ** * The destination may need to be truncated, and
+ **
+ ** * Data stored on the pages immediately following the
+ ** pending-byte page in the source database may need to be
+ ** copied into the destination database.
+ */
+ const i64 iSize = (i64)pgszSrc * (i64)nSrcPage;
+ sqlite3_file * const pFile = sqlite3PagerFile(pDestPager);
+ Pgno iPg;
+ int nDstPage;
+ i64 iOff;
+ i64 iEnd;
+
+ assert( pFile );
+ assert( nDestTruncate==0
+ || (i64)nDestTruncate*(i64)pgszDest >= iSize || (
+ nDestTruncate==(int)(PENDING_BYTE_PAGE(p->pDest->pBt)-1)
+ && iSize>=PENDING_BYTE && iSize<=PENDING_BYTE+pgszDest
+ ));
+
+ /* This block ensures that all data required to recreate the original
+ ** database has been stored in the journal for pDestPager and the
+ ** journal synced to disk. So at this point we may safely modify
+ ** the database file in any way, knowing that if a power failure
+ ** occurs, the original database will be reconstructed from the
+ ** journal file. */
+ sqlite3PagerPagecount(pDestPager, &nDstPage);
+ for(iPg=nDestTruncate; rc==SQLITE_OK && iPg<=(Pgno)nDstPage; iPg++){
+ if( iPg!=PENDING_BYTE_PAGE(p->pDest->pBt) ){
+ DbPage *pPg;
+ rc = sqlite3PagerGet(pDestPager, iPg, &pPg, 0);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerWrite(pPg);
+ sqlite3PagerUnref(pPg);
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerCommitPhaseOne(pDestPager, 0, 1);
+ }
+
+ /* Write the extra pages and truncate the database file as required */
+ iEnd = MIN(PENDING_BYTE + pgszDest, iSize);
+ for(
+ iOff=PENDING_BYTE+pgszSrc;
+ rc==SQLITE_OK && iOff<iEnd;
+ iOff+=pgszSrc
+ ){
+ PgHdr *pSrcPg = 0;
+ const Pgno iSrcPg = (Pgno)((iOff/pgszSrc)+1);
+ rc = sqlite3PagerGet(pSrcPager, iSrcPg, &pSrcPg, 0);
+ if( rc==SQLITE_OK ){
+ u8 *zData = sqlite3PagerGetData(pSrcPg);
+ rc = sqlite3OsWrite(pFile, zData, pgszSrc, iOff);
+ }
+ sqlite3PagerUnref(pSrcPg);
+ }
+ if( rc==SQLITE_OK ){
+ rc = backupTruncateFile(pFile, iSize);
+ }
+
+ /* Sync the database file to disk. */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerSync(pDestPager, 0);
+ }
+ }else{
+ sqlite3PagerTruncateImage(pDestPager, nDestTruncate);
+ rc = sqlite3PagerCommitPhaseOne(pDestPager, 0, 0);
+ }
+
+ /* Finish committing the transaction to the destination database. */
+ if( SQLITE_OK==rc
+ && SQLITE_OK==(rc = sqlite3BtreeCommitPhaseTwo(p->pDest, 0))
+ ){
+ rc = SQLITE_DONE;
+ }
+ }
+ }
+
+ /* If bCloseTrans is true, then this function opened a read transaction
+ ** on the source database. Close the read transaction here. There is
+ ** no need to check the return values of the btree methods here, as
+ ** "committing" a read-only transaction cannot fail.
+ */
+ if( bCloseTrans ){
+ TESTONLY( int rc2 );
+ TESTONLY( rc2 = ) sqlite3BtreeCommitPhaseOne(p->pSrc, 0);
+ TESTONLY( rc2 |= ) sqlite3BtreeCommitPhaseTwo(p->pSrc, 0);
+ assert( rc2==SQLITE_OK );
+ }
+
+ if( rc==SQLITE_IOERR_NOMEM ){
+ rc = SQLITE_NOMEM;
+ }
+ p->rc = rc;
+ }
+ if( p->pDestDb ){
+ sqlite3_mutex_leave(p->pDestDb->mutex);
+ }
+ sqlite3BtreeLeave(p->pSrc);
+ sqlite3_mutex_leave(p->pSrcDb->mutex);
+ return rc;
+}
+
+/*
+** Release all resources associated with an sqlite3_backup* handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_finish(sqlite3_backup *p){
+ sqlite3_backup **pp; /* Ptr to head of pagers backup list */
+ sqlite3 *pSrcDb; /* Source database connection */
+ int rc; /* Value to return */
+
+ /* Enter the mutexes */
+ if( p==0 ) return SQLITE_OK;
+ pSrcDb = p->pSrcDb;
+ sqlite3_mutex_enter(pSrcDb->mutex);
+ sqlite3BtreeEnter(p->pSrc);
+ if( p->pDestDb ){
+ sqlite3_mutex_enter(p->pDestDb->mutex);
+ }
+
+ /* Detach this backup from the source pager. */
+ if( p->pDestDb ){
+ p->pSrc->nBackup--;
+ }
+ if( p->isAttached ){
+ pp = sqlite3PagerBackupPtr(sqlite3BtreePager(p->pSrc));
+ while( *pp!=p ){
+ pp = &(*pp)->pNext;
+ }
+ *pp = p->pNext;
+ }
+
+ /* If a transaction is still open on the Btree, roll it back. */
+ sqlite3BtreeRollback(p->pDest, SQLITE_OK, 0);
+
+ /* Set the error code of the destination database handle. */
+ rc = (p->rc==SQLITE_DONE) ? SQLITE_OK : p->rc;
+ if( p->pDestDb ){
+ sqlite3Error(p->pDestDb, rc);
+
+ /* Exit the mutexes and free the backup context structure. */
+ sqlite3LeaveMutexAndCloseZombie(p->pDestDb);
+ }
+ sqlite3BtreeLeave(p->pSrc);
+ if( p->pDestDb ){
+ /* EVIDENCE-OF: R-64852-21591 The sqlite3_backup object is created by a
+ ** call to sqlite3_backup_init() and is destroyed by a call to
+ ** sqlite3_backup_finish(). */
+ sqlite3_free(p);
+ }
+ sqlite3LeaveMutexAndCloseZombie(pSrcDb);
+ return rc;
+}
+
+/*
+** Return the number of pages still to be backed up as of the most recent
+** call to sqlite3_backup_step().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_remaining(sqlite3_backup *p){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( p==0 ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return p->nRemaining;
+}
+
+/*
+** Return the total number of pages in the source database as of the most
+** recent call to sqlite3_backup_step().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_pagecount(sqlite3_backup *p){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( p==0 ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return p->nPagecount;
+}
+
+/*
+** This function is called after the contents of page iPage of the
+** source database have been modified. If page iPage has already been
+** copied into the destination database, then the data written to the
+** destination is now invalidated. The destination copy of iPage needs
+** to be updated with the new data before the backup operation is
+** complete.
+**
+** It is assumed that the mutex associated with the BtShared object
+** corresponding to the source database is held when this function is
+** called.
+*/
+static SQLITE_NOINLINE void backupUpdate(
+ sqlite3_backup *p,
+ Pgno iPage,
+ const u8 *aData
+){
+ assert( p!=0 );
+ do{
+ assert( sqlite3_mutex_held(p->pSrc->pBt->mutex) );
+ if( !isFatalError(p->rc) && iPage<p->iNext ){
+ /* The backup process p has already copied page iPage. But now it
+ ** has been modified by a transaction on the source pager. Copy
+ ** the new data into the backup.
+ */
+ int rc;
+ assert( p->pDestDb );
+ sqlite3_mutex_enter(p->pDestDb->mutex);
+ rc = backupOnePage(p, iPage, aData, 1);
+ sqlite3_mutex_leave(p->pDestDb->mutex);
+ assert( rc!=SQLITE_BUSY && rc!=SQLITE_LOCKED );
+ if( rc!=SQLITE_OK ){
+ p->rc = rc;
+ }
+ }
+ }while( (p = p->pNext)!=0 );
+}
+SQLITE_PRIVATE void sqlite3BackupUpdate(sqlite3_backup *pBackup, Pgno iPage, const u8 *aData){
+ if( pBackup ) backupUpdate(pBackup, iPage, aData);
+}
+
+/*
+** Restart the backup process. This is called when the pager layer
+** detects that the database has been modified by an external database
+** connection. In this case there is no way of knowing which of the
+** pages that have been copied into the destination database are still
+** valid and which are not, so the entire process needs to be restarted.
+**
+** It is assumed that the mutex associated with the BtShared object
+** corresponding to the source database is held when this function is
+** called.
+*/
+SQLITE_PRIVATE void sqlite3BackupRestart(sqlite3_backup *pBackup){
+ sqlite3_backup *p; /* Iterator variable */
+ for(p=pBackup; p; p=p->pNext){
+ assert( sqlite3_mutex_held(p->pSrc->pBt->mutex) );
+ p->iNext = 1;
+ }
+}
+
+#ifndef SQLITE_OMIT_VACUUM
+/*
+** Copy the complete content of pBtFrom into pBtTo. A transaction
+** must be active for both files.
+**
+** The size of file pTo may be reduced by this operation. If anything
+** goes wrong, the transaction on pTo is rolled back. If successful, the
+** transaction is committed before returning.
+*/
+SQLITE_PRIVATE int sqlite3BtreeCopyFile(Btree *pTo, Btree *pFrom){
+ int rc;
+ sqlite3_file *pFd; /* File descriptor for database pTo */
+ sqlite3_backup b;
+ sqlite3BtreeEnter(pTo);
+ sqlite3BtreeEnter(pFrom);
+
+ assert( sqlite3BtreeIsInTrans(pTo) );
+ pFd = sqlite3PagerFile(sqlite3BtreePager(pTo));
+ if( pFd->pMethods ){
+ i64 nByte = sqlite3BtreeGetPageSize(pFrom)*(i64)sqlite3BtreeLastPage(pFrom);
+ rc = sqlite3OsFileControl(pFd, SQLITE_FCNTL_OVERWRITE, &nByte);
+ if( rc==SQLITE_NOTFOUND ) rc = SQLITE_OK;
+ if( rc ) goto copy_finished;
+ }
+
+ /* Set up an sqlite3_backup object. sqlite3_backup.pDestDb must be set
+ ** to 0. This is used by the implementations of sqlite3_backup_step()
+ ** and sqlite3_backup_finish() to detect that they are being called
+ ** from this function, not directly by the user.
+ */
+ memset(&b, 0, sizeof(b));
+ b.pSrcDb = pFrom->db;
+ b.pSrc = pFrom;
+ b.pDest = pTo;
+ b.iNext = 1;
+
+#ifdef SQLITE_HAS_CODEC
+ sqlite3PagerAlignReserve(sqlite3BtreePager(pTo), sqlite3BtreePager(pFrom));
+#endif
+
+ /* 0x7FFFFFFF is the hard limit for the number of pages in a database
+ ** file. By passing this as the number of pages to copy to
+ ** sqlite3_backup_step(), we can guarantee that the copy finishes
+ ** within a single call (unless an error occurs). The assert() statement
+ ** checks this assumption - (p->rc) should be set to either SQLITE_DONE
+ ** or an error code.
+ */
+ sqlite3_backup_step(&b, 0x7FFFFFFF);
+ assert( b.rc!=SQLITE_OK );
+ rc = sqlite3_backup_finish(&b);
+ if( rc==SQLITE_OK ){
+ pTo->pBt->btsFlags &= ~BTS_PAGESIZE_FIXED;
+ }else{
+ sqlite3PagerClearCache(sqlite3BtreePager(b.pDest));
+ }
+
+ assert( sqlite3BtreeIsInTrans(pTo)==0 );
+copy_finished:
+ sqlite3BtreeLeave(pFrom);
+ sqlite3BtreeLeave(pTo);
+ return rc;
+}
+#endif /* SQLITE_OMIT_VACUUM */
+
+/************** End of backup.c **********************************************/
+/************** Begin file vdbemem.c *****************************************/
+/*
+** 2004 May 26
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code use to manipulate "Mem" structure. A "Mem"
+** stores a single value in the VDBE. Mem is an opaque structure visible
+** only within the VDBE. Interface routines refer to a Mem using the
+** name sqlite_value
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+#ifdef SQLITE_DEBUG
+/*
+** Check invariants on a Mem object.
+**
+** This routine is intended for use inside of assert() statements, like
+** this: assert( sqlite3VdbeCheckMemInvariants(pMem) );
+*/
+SQLITE_PRIVATE int sqlite3VdbeCheckMemInvariants(Mem *p){
+ /* If MEM_Dyn is set then Mem.xDel!=0.
+ ** Mem.xDel is might not be initialized if MEM_Dyn is clear.
+ */
+ assert( (p->flags & MEM_Dyn)==0 || p->xDel!=0 );
+
+ /* MEM_Dyn may only be set if Mem.szMalloc==0. In this way we
+ ** ensure that if Mem.szMalloc>0 then it is safe to do
+ ** Mem.z = Mem.zMalloc without having to check Mem.flags&MEM_Dyn.
+ ** That saves a few cycles in inner loops. */
+ assert( (p->flags & MEM_Dyn)==0 || p->szMalloc==0 );
+
+ /* Cannot be both MEM_Int and MEM_Real at the same time */
+ assert( (p->flags & (MEM_Int|MEM_Real))!=(MEM_Int|MEM_Real) );
+
+ /* The szMalloc field holds the correct memory allocation size */
+ assert( p->szMalloc==0
+ || p->szMalloc==sqlite3DbMallocSize(p->db,p->zMalloc) );
+
+ /* If p holds a string or blob, the Mem.z must point to exactly
+ ** one of the following:
+ **
+ ** (1) Memory in Mem.zMalloc and managed by the Mem object
+ ** (2) Memory to be freed using Mem.xDel
+ ** (3) An ephemeral string or blob
+ ** (4) A static string or blob
+ */
+ if( (p->flags & (MEM_Str|MEM_Blob)) && p->n>0 ){
+ assert(
+ ((p->szMalloc>0 && p->z==p->zMalloc)? 1 : 0) +
+ ((p->flags&MEM_Dyn)!=0 ? 1 : 0) +
+ ((p->flags&MEM_Ephem)!=0 ? 1 : 0) +
+ ((p->flags&MEM_Static)!=0 ? 1 : 0) == 1
+ );
+ }
+ return 1;
+}
+#endif
+
+
+/*
+** If pMem is an object with a valid string representation, this routine
+** ensures the internal encoding for the string representation is
+** 'desiredEnc', one of SQLITE_UTF8, SQLITE_UTF16LE or SQLITE_UTF16BE.
+**
+** If pMem is not a string object, or the encoding of the string
+** representation is already stored using the requested encoding, then this
+** routine is a no-op.
+**
+** SQLITE_OK is returned if the conversion is successful (or not required).
+** SQLITE_NOMEM may be returned if a malloc() fails during conversion
+** between formats.
+*/
+SQLITE_PRIVATE int sqlite3VdbeChangeEncoding(Mem *pMem, int desiredEnc){
+#ifndef SQLITE_OMIT_UTF16
+ int rc;
+#endif
+ assert( (pMem->flags&MEM_RowSet)==0 );
+ assert( desiredEnc==SQLITE_UTF8 || desiredEnc==SQLITE_UTF16LE
+ || desiredEnc==SQLITE_UTF16BE );
+ if( !(pMem->flags&MEM_Str) || pMem->enc==desiredEnc ){
+ return SQLITE_OK;
+ }
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+#ifdef SQLITE_OMIT_UTF16
+ return SQLITE_ERROR;
+#else
+
+ /* MemTranslate() may return SQLITE_OK or SQLITE_NOMEM. If NOMEM is returned,
+ ** then the encoding of the value may not have changed.
+ */
+ rc = sqlite3VdbeMemTranslate(pMem, (u8)desiredEnc);
+ assert(rc==SQLITE_OK || rc==SQLITE_NOMEM);
+ assert(rc==SQLITE_OK || pMem->enc!=desiredEnc);
+ assert(rc==SQLITE_NOMEM || pMem->enc==desiredEnc);
+ return rc;
+#endif
+}
+
+/*
+** Make sure pMem->z points to a writable allocation of at least
+** min(n,32) bytes.
+**
+** If the bPreserve argument is true, then copy of the content of
+** pMem->z into the new allocation. pMem must be either a string or
+** blob if bPreserve is true. If bPreserve is false, any prior content
+** in pMem->z is discarded.
+*/
+SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3VdbeMemGrow(Mem *pMem, int n, int bPreserve){
+ assert( sqlite3VdbeCheckMemInvariants(pMem) );
+ assert( (pMem->flags&MEM_RowSet)==0 );
+
+ /* If the bPreserve flag is set to true, then the memory cell must already
+ ** contain a valid string or blob value. */
+ assert( bPreserve==0 || pMem->flags&(MEM_Blob|MEM_Str) );
+ testcase( bPreserve && pMem->z==0 );
+
+ assert( pMem->szMalloc==0
+ || pMem->szMalloc==sqlite3DbMallocSize(pMem->db, pMem->zMalloc) );
+ if( pMem->szMalloc<n ){
+ if( n<32 ) n = 32;
+ if( bPreserve && pMem->szMalloc>0 && pMem->z==pMem->zMalloc ){
+ pMem->z = pMem->zMalloc = sqlite3DbReallocOrFree(pMem->db, pMem->z, n);
+ bPreserve = 0;
+ }else{
+ if( pMem->szMalloc>0 ) sqlite3DbFree(pMem->db, pMem->zMalloc);
+ pMem->zMalloc = sqlite3DbMallocRaw(pMem->db, n);
+ }
+ if( pMem->zMalloc==0 ){
+ sqlite3VdbeMemSetNull(pMem);
+ pMem->z = 0;
+ pMem->szMalloc = 0;
+ return SQLITE_NOMEM;
+ }else{
+ pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->zMalloc);
+ }
+ }
+
+ if( bPreserve && pMem->z && pMem->z!=pMem->zMalloc ){
+ memcpy(pMem->zMalloc, pMem->z, pMem->n);
+ }
+ if( (pMem->flags&MEM_Dyn)!=0 ){
+ assert( pMem->xDel!=0 && pMem->xDel!=SQLITE_DYNAMIC );
+ pMem->xDel((void *)(pMem->z));
+ }
+
+ pMem->z = pMem->zMalloc;
+ pMem->flags &= ~(MEM_Dyn|MEM_Ephem|MEM_Static);
+ return SQLITE_OK;
+}
+
+/*
+** Change the pMem->zMalloc allocation to be at least szNew bytes.
+** If pMem->zMalloc already meets or exceeds the requested size, this
+** routine is a no-op.
+**
+** Any prior string or blob content in the pMem object may be discarded.
+** The pMem->xDel destructor is called, if it exists. Though MEM_Str
+** and MEM_Blob values may be discarded, MEM_Int, MEM_Real, and MEM_Null
+** values are preserved.
+**
+** Return SQLITE_OK on success or an error code (probably SQLITE_NOMEM)
+** if unable to complete the resizing.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemClearAndResize(Mem *pMem, int szNew){
+ assert( szNew>0 );
+ assert( (pMem->flags & MEM_Dyn)==0 || pMem->szMalloc==0 );
+ if( pMem->szMalloc<szNew ){
+ return sqlite3VdbeMemGrow(pMem, szNew, 0);
+ }
+ assert( (pMem->flags & MEM_Dyn)==0 );
+ pMem->z = pMem->zMalloc;
+ pMem->flags &= (MEM_Null|MEM_Int|MEM_Real);
+ return SQLITE_OK;
+}
+
+/*
+** Change pMem so that its MEM_Str or MEM_Blob value is stored in
+** MEM.zMalloc, where it can be safely written.
+**
+** Return SQLITE_OK on success or SQLITE_NOMEM if malloc fails.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemMakeWriteable(Mem *pMem){
+ int f;
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( (pMem->flags&MEM_RowSet)==0 );
+ ExpandBlob(pMem);
+ f = pMem->flags;
+ if( (f&(MEM_Str|MEM_Blob)) && (pMem->szMalloc==0 || pMem->z!=pMem->zMalloc) ){
+ if( sqlite3VdbeMemGrow(pMem, pMem->n + 2, 1) ){
+ return SQLITE_NOMEM;
+ }
+ pMem->z[pMem->n] = 0;
+ pMem->z[pMem->n+1] = 0;
+ pMem->flags |= MEM_Term;
+ }
+ pMem->flags &= ~MEM_Ephem;
+#ifdef SQLITE_DEBUG
+ pMem->pScopyFrom = 0;
+#endif
+
+ return SQLITE_OK;
+}
+
+/*
+** If the given Mem* has a zero-filled tail, turn it into an ordinary
+** blob stored in dynamically allocated space.
+*/
+#ifndef SQLITE_OMIT_INCRBLOB
+SQLITE_PRIVATE int sqlite3VdbeMemExpandBlob(Mem *pMem){
+ if( pMem->flags & MEM_Zero ){
+ int nByte;
+ assert( pMem->flags&MEM_Blob );
+ assert( (pMem->flags&MEM_RowSet)==0 );
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+
+ /* Set nByte to the number of bytes required to store the expanded blob. */
+ nByte = pMem->n + pMem->u.nZero;
+ if( nByte<=0 ){
+ nByte = 1;
+ }
+ if( sqlite3VdbeMemGrow(pMem, nByte, 1) ){
+ return SQLITE_NOMEM;
+ }
+
+ memset(&pMem->z[pMem->n], 0, pMem->u.nZero);
+ pMem->n += pMem->u.nZero;
+ pMem->flags &= ~(MEM_Zero|MEM_Term);
+ }
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** It is already known that pMem contains an unterminated string.
+** Add the zero terminator.
+*/
+static SQLITE_NOINLINE int vdbeMemAddTerminator(Mem *pMem){
+ if( sqlite3VdbeMemGrow(pMem, pMem->n+2, 1) ){
+ return SQLITE_NOMEM;
+ }
+ pMem->z[pMem->n] = 0;
+ pMem->z[pMem->n+1] = 0;
+ pMem->flags |= MEM_Term;
+ return SQLITE_OK;
+}
+
+/*
+** Make sure the given Mem is \u0000 terminated.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemNulTerminate(Mem *pMem){
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ testcase( (pMem->flags & (MEM_Term|MEM_Str))==(MEM_Term|MEM_Str) );
+ testcase( (pMem->flags & (MEM_Term|MEM_Str))==0 );
+ if( (pMem->flags & (MEM_Term|MEM_Str))!=MEM_Str ){
+ return SQLITE_OK; /* Nothing to do */
+ }else{
+ return vdbeMemAddTerminator(pMem);
+ }
+}
+
+/*
+** Add MEM_Str to the set of representations for the given Mem. Numbers
+** are converted using sqlite3_snprintf(). Converting a BLOB to a string
+** is a no-op.
+**
+** Existing representations MEM_Int and MEM_Real are invalidated if
+** bForce is true but are retained if bForce is false.
+**
+** A MEM_Null value will never be passed to this function. This function is
+** used for converting values to text for returning to the user (i.e. via
+** sqlite3_value_text()), or for ensuring that values to be used as btree
+** keys are strings. In the former case a NULL pointer is returned the
+** user and the latter is an internal programming error.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemStringify(Mem *pMem, u8 enc, u8 bForce){
+ int fg = pMem->flags;
+ const int nByte = 32;
+
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( !(fg&MEM_Zero) );
+ assert( !(fg&(MEM_Str|MEM_Blob)) );
+ assert( fg&(MEM_Int|MEM_Real) );
+ assert( (pMem->flags&MEM_RowSet)==0 );
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+
+
+ if( sqlite3VdbeMemClearAndResize(pMem, nByte) ){
+ return SQLITE_NOMEM;
+ }
+
+ /* For a Real or Integer, use sqlite3_snprintf() to produce the UTF-8
+ ** string representation of the value. Then, if the required encoding
+ ** is UTF-16le or UTF-16be do a translation.
+ **
+ ** FIX ME: It would be better if sqlite3_snprintf() could do UTF-16.
+ */
+ if( fg & MEM_Int ){
+ sqlite3_snprintf(nByte, pMem->z, "%lld", pMem->u.i);
+ }else{
+ assert( fg & MEM_Real );
+ sqlite3_snprintf(nByte, pMem->z, "%!.15g", pMem->u.r);
+ }
+ pMem->n = sqlite3Strlen30(pMem->z);
+ pMem->enc = SQLITE_UTF8;
+ pMem->flags |= MEM_Str|MEM_Term;
+ if( bForce ) pMem->flags &= ~(MEM_Int|MEM_Real);
+ sqlite3VdbeChangeEncoding(pMem, enc);
+ return SQLITE_OK;
+}
+
+/*
+** Memory cell pMem contains the context of an aggregate function.
+** This routine calls the finalize method for that function. The
+** result of the aggregate is stored back into pMem.
+**
+** Return SQLITE_ERROR if the finalizer reports an error. SQLITE_OK
+** otherwise.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemFinalize(Mem *pMem, FuncDef *pFunc){
+ int rc = SQLITE_OK;
+ if( ALWAYS(pFunc && pFunc->xFinalize) ){
+ sqlite3_context ctx;
+ Mem t;
+ assert( (pMem->flags & MEM_Null)!=0 || pFunc==pMem->u.pDef );
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ memset(&ctx, 0, sizeof(ctx));
+ memset(&t, 0, sizeof(t));
+ t.flags = MEM_Null;
+ t.db = pMem->db;
+ ctx.pOut = &t;
+ ctx.pMem = pMem;
+ ctx.pFunc = pFunc;
+ pFunc->xFinalize(&ctx); /* IMP: R-24505-23230 */
+ assert( (pMem->flags & MEM_Dyn)==0 );
+ if( pMem->szMalloc>0 ) sqlite3DbFree(pMem->db, pMem->zMalloc);
+ memcpy(pMem, &t, sizeof(t));
+ rc = ctx.isError;
+ }
+ return rc;
+}
+
+/*
+** If the memory cell contains a value that must be freed by
+** invoking the external callback in Mem.xDel, then this routine
+** will free that value. It also sets Mem.flags to MEM_Null.
+**
+** This is a helper routine for sqlite3VdbeMemSetNull() and
+** for sqlite3VdbeMemRelease(). Use those other routines as the
+** entry point for releasing Mem resources.
+*/
+static SQLITE_NOINLINE void vdbeMemClearExternAndSetNull(Mem *p){
+ assert( p->db==0 || sqlite3_mutex_held(p->db->mutex) );
+ assert( VdbeMemDynamic(p) );
+ if( p->flags&MEM_Agg ){
+ sqlite3VdbeMemFinalize(p, p->u.pDef);
+ assert( (p->flags & MEM_Agg)==0 );
+ testcase( p->flags & MEM_Dyn );
+ }
+ if( p->flags&MEM_Dyn ){
+ assert( (p->flags&MEM_RowSet)==0 );
+ assert( p->xDel!=SQLITE_DYNAMIC && p->xDel!=0 );
+ p->xDel((void *)p->z);
+ }else if( p->flags&MEM_RowSet ){
+ sqlite3RowSetClear(p->u.pRowSet);
+ }else if( p->flags&MEM_Frame ){
+ VdbeFrame *pFrame = p->u.pFrame;
+ pFrame->pParent = pFrame->v->pDelFrame;
+ pFrame->v->pDelFrame = pFrame;
+ }
+ p->flags = MEM_Null;
+}
+
+/*
+** Release memory held by the Mem p, both external memory cleared
+** by p->xDel and memory in p->zMalloc.
+**
+** This is a helper routine invoked by sqlite3VdbeMemRelease() in
+** the unusual case where there really is memory in p that needs
+** to be freed.
+*/
+static SQLITE_NOINLINE void vdbeMemClear(Mem *p){
+ if( VdbeMemDynamic(p) ){
+ vdbeMemClearExternAndSetNull(p);
+ }
+ if( p->szMalloc ){
+ sqlite3DbFree(p->db, p->zMalloc);
+ p->szMalloc = 0;
+ }
+ p->z = 0;
+}
+
+/*
+** Release any memory resources held by the Mem. Both the memory that is
+** free by Mem.xDel and the Mem.zMalloc allocation are freed.
+**
+** Use this routine prior to clean up prior to abandoning a Mem, or to
+** reset a Mem back to its minimum memory utilization.
+**
+** Use sqlite3VdbeMemSetNull() to release just the Mem.xDel space
+** prior to inserting new content into the Mem.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemRelease(Mem *p){
+ assert( sqlite3VdbeCheckMemInvariants(p) );
+ if( VdbeMemDynamic(p) || p->szMalloc ){
+ vdbeMemClear(p);
+ }
+}
+
+/*
+** Convert a 64-bit IEEE double into a 64-bit signed integer.
+** If the double is out of range of a 64-bit signed integer then
+** return the closest available 64-bit signed integer.
+*/
+static i64 doubleToInt64(double r){
+#ifdef SQLITE_OMIT_FLOATING_POINT
+ /* When floating-point is omitted, double and int64 are the same thing */
+ return r;
+#else
+ /*
+ ** Many compilers we encounter do not define constants for the
+ ** minimum and maximum 64-bit integers, or they define them
+ ** inconsistently. And many do not understand the "LL" notation.
+ ** So we define our own static constants here using nothing
+ ** larger than a 32-bit integer constant.
+ */
+ static const i64 maxInt = LARGEST_INT64;
+ static const i64 minInt = SMALLEST_INT64;
+
+ if( r<=(double)minInt ){
+ return minInt;
+ }else if( r>=(double)maxInt ){
+ return maxInt;
+ }else{
+ return (i64)r;
+ }
+#endif
+}
+
+/*
+** Return some kind of integer value which is the best we can do
+** at representing the value that *pMem describes as an integer.
+** If pMem is an integer, then the value is exact. If pMem is
+** a floating-point then the value returned is the integer part.
+** If pMem is a string or blob, then we make an attempt to convert
+** it into an integer and return that. If pMem represents an
+** an SQL-NULL value, return 0.
+**
+** If pMem represents a string value, its encoding might be changed.
+*/
+SQLITE_PRIVATE i64 sqlite3VdbeIntValue(Mem *pMem){
+ int flags;
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+ flags = pMem->flags;
+ if( flags & MEM_Int ){
+ return pMem->u.i;
+ }else if( flags & MEM_Real ){
+ return doubleToInt64(pMem->u.r);
+ }else if( flags & (MEM_Str|MEM_Blob) ){
+ i64 value = 0;
+ assert( pMem->z || pMem->n==0 );
+ sqlite3Atoi64(pMem->z, &value, pMem->n, pMem->enc);
+ return value;
+ }else{
+ return 0;
+ }
+}
+
+/*
+** Return the best representation of pMem that we can get into a
+** double. If pMem is already a double or an integer, return its
+** value. If it is a string or blob, try to convert it to a double.
+** If it is a NULL, return 0.0.
+*/
+SQLITE_PRIVATE double sqlite3VdbeRealValue(Mem *pMem){
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+ if( pMem->flags & MEM_Real ){
+ return pMem->u.r;
+ }else if( pMem->flags & MEM_Int ){
+ return (double)pMem->u.i;
+ }else if( pMem->flags & (MEM_Str|MEM_Blob) ){
+ /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
+ double val = (double)0;
+ sqlite3AtoF(pMem->z, &val, pMem->n, pMem->enc);
+ return val;
+ }else{
+ /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
+ return (double)0;
+ }
+}
+
+/*
+** The MEM structure is already a MEM_Real. Try to also make it a
+** MEM_Int if we can.
+*/
+SQLITE_PRIVATE void sqlite3VdbeIntegerAffinity(Mem *pMem){
+ i64 ix;
+ assert( pMem->flags & MEM_Real );
+ assert( (pMem->flags & MEM_RowSet)==0 );
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+
+ ix = doubleToInt64(pMem->u.r);
+
+ /* Only mark the value as an integer if
+ **
+ ** (1) the round-trip conversion real->int->real is a no-op, and
+ ** (2) The integer is neither the largest nor the smallest
+ ** possible integer (ticket #3922)
+ **
+ ** The second and third terms in the following conditional enforces
+ ** the second condition under the assumption that addition overflow causes
+ ** values to wrap around.
+ */
+ if( pMem->u.r==ix && ix>SMALLEST_INT64 && ix<LARGEST_INT64 ){
+ pMem->u.i = ix;
+ MemSetTypeFlag(pMem, MEM_Int);
+ }
+}
+
+/*
+** Convert pMem to type integer. Invalidate any prior representations.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemIntegerify(Mem *pMem){
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( (pMem->flags & MEM_RowSet)==0 );
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+
+ pMem->u.i = sqlite3VdbeIntValue(pMem);
+ MemSetTypeFlag(pMem, MEM_Int);
+ return SQLITE_OK;
+}
+
+/*
+** Convert pMem so that it is of type MEM_Real.
+** Invalidate any prior representations.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemRealify(Mem *pMem){
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+
+ pMem->u.r = sqlite3VdbeRealValue(pMem);
+ MemSetTypeFlag(pMem, MEM_Real);
+ return SQLITE_OK;
+}
+
+/*
+** Convert pMem so that it has types MEM_Real or MEM_Int or both.
+** Invalidate any prior representations.
+**
+** Every effort is made to force the conversion, even if the input
+** is a string that does not look completely like a number. Convert
+** as much of the string as we can and ignore the rest.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemNumerify(Mem *pMem){
+ if( (pMem->flags & (MEM_Int|MEM_Real|MEM_Null))==0 ){
+ assert( (pMem->flags & (MEM_Blob|MEM_Str))!=0 );
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ if( 0==sqlite3Atoi64(pMem->z, &pMem->u.i, pMem->n, pMem->enc) ){
+ MemSetTypeFlag(pMem, MEM_Int);
+ }else{
+ pMem->u.r = sqlite3VdbeRealValue(pMem);
+ MemSetTypeFlag(pMem, MEM_Real);
+ sqlite3VdbeIntegerAffinity(pMem);
+ }
+ }
+ assert( (pMem->flags & (MEM_Int|MEM_Real|MEM_Null))!=0 );
+ pMem->flags &= ~(MEM_Str|MEM_Blob);
+ return SQLITE_OK;
+}
+
+/*
+** Cast the datatype of the value in pMem according to the affinity
+** "aff". Casting is different from applying affinity in that a cast
+** is forced. In other words, the value is converted into the desired
+** affinity even if that results in loss of data. This routine is
+** used (for example) to implement the SQL "cast()" operator.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemCast(Mem *pMem, u8 aff, u8 encoding){
+ if( pMem->flags & MEM_Null ) return;
+ switch( aff ){
+ case SQLITE_AFF_BLOB: { /* Really a cast to BLOB */
+ if( (pMem->flags & MEM_Blob)==0 ){
+ sqlite3ValueApplyAffinity(pMem, SQLITE_AFF_TEXT, encoding);
+ assert( pMem->flags & MEM_Str || pMem->db->mallocFailed );
+ MemSetTypeFlag(pMem, MEM_Blob);
+ }else{
+ pMem->flags &= ~(MEM_TypeMask&~MEM_Blob);
+ }
+ break;
+ }
+ case SQLITE_AFF_NUMERIC: {
+ sqlite3VdbeMemNumerify(pMem);
+ break;
+ }
+ case SQLITE_AFF_INTEGER: {
+ sqlite3VdbeMemIntegerify(pMem);
+ break;
+ }
+ case SQLITE_AFF_REAL: {
+ sqlite3VdbeMemRealify(pMem);
+ break;
+ }
+ default: {
+ assert( aff==SQLITE_AFF_TEXT );
+ assert( MEM_Str==(MEM_Blob>>3) );
+ pMem->flags |= (pMem->flags&MEM_Blob)>>3;
+ sqlite3ValueApplyAffinity(pMem, SQLITE_AFF_TEXT, encoding);
+ assert( pMem->flags & MEM_Str || pMem->db->mallocFailed );
+ pMem->flags &= ~(MEM_Int|MEM_Real|MEM_Blob|MEM_Zero);
+ break;
+ }
+ }
+}
+
+/*
+** Initialize bulk memory to be a consistent Mem object.
+**
+** The minimum amount of initialization feasible is performed.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemInit(Mem *pMem, sqlite3 *db, u16 flags){
+ assert( (flags & ~MEM_TypeMask)==0 );
+ pMem->flags = flags;
+ pMem->db = db;
+ pMem->szMalloc = 0;
+}
+
+
+/*
+** Delete any previous value and set the value stored in *pMem to NULL.
+**
+** This routine calls the Mem.xDel destructor to dispose of values that
+** require the destructor. But it preserves the Mem.zMalloc memory allocation.
+** To free all resources, use sqlite3VdbeMemRelease(), which both calls this
+** routine to invoke the destructor and deallocates Mem.zMalloc.
+**
+** Use this routine to reset the Mem prior to insert a new value.
+**
+** Use sqlite3VdbeMemRelease() to complete erase the Mem prior to abandoning it.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemSetNull(Mem *pMem){
+ if( VdbeMemDynamic(pMem) ){
+ vdbeMemClearExternAndSetNull(pMem);
+ }else{
+ pMem->flags = MEM_Null;
+ }
+}
+SQLITE_PRIVATE void sqlite3ValueSetNull(sqlite3_value *p){
+ sqlite3VdbeMemSetNull((Mem*)p);
+}
+
+/*
+** Delete any previous value and set the value to be a BLOB of length
+** n containing all zeros.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemSetZeroBlob(Mem *pMem, int n){
+ sqlite3VdbeMemRelease(pMem);
+ pMem->flags = MEM_Blob|MEM_Zero;
+ pMem->n = 0;
+ if( n<0 ) n = 0;
+ pMem->u.nZero = n;
+ pMem->enc = SQLITE_UTF8;
+ pMem->z = 0;
+}
+
+/*
+** The pMem is known to contain content that needs to be destroyed prior
+** to a value change. So invoke the destructor, then set the value to
+** a 64-bit integer.
+*/
+static SQLITE_NOINLINE void vdbeReleaseAndSetInt64(Mem *pMem, i64 val){
+ sqlite3VdbeMemSetNull(pMem);
+ pMem->u.i = val;
+ pMem->flags = MEM_Int;
+}
+
+/*
+** Delete any previous value and set the value stored in *pMem to val,
+** manifest type INTEGER.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem *pMem, i64 val){
+ if( VdbeMemDynamic(pMem) ){
+ vdbeReleaseAndSetInt64(pMem, val);
+ }else{
+ pMem->u.i = val;
+ pMem->flags = MEM_Int;
+ }
+}
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/*
+** Delete any previous value and set the value stored in *pMem to val,
+** manifest type REAL.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemSetDouble(Mem *pMem, double val){
+ sqlite3VdbeMemSetNull(pMem);
+ if( !sqlite3IsNaN(val) ){
+ pMem->u.r = val;
+ pMem->flags = MEM_Real;
+ }
+}
+#endif
+
+/*
+** Delete any previous value and set the value of pMem to be an
+** empty boolean index.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemSetRowSet(Mem *pMem){
+ sqlite3 *db = pMem->db;
+ assert( db!=0 );
+ assert( (pMem->flags & MEM_RowSet)==0 );
+ sqlite3VdbeMemRelease(pMem);
+ pMem->zMalloc = sqlite3DbMallocRaw(db, 64);
+ if( db->mallocFailed ){
+ pMem->flags = MEM_Null;
+ pMem->szMalloc = 0;
+ }else{
+ assert( pMem->zMalloc );
+ pMem->szMalloc = sqlite3DbMallocSize(db, pMem->zMalloc);
+ pMem->u.pRowSet = sqlite3RowSetInit(db, pMem->zMalloc, pMem->szMalloc);
+ assert( pMem->u.pRowSet!=0 );
+ pMem->flags = MEM_RowSet;
+ }
+}
+
+/*
+** Return true if the Mem object contains a TEXT or BLOB that is
+** too large - whose size exceeds SQLITE_MAX_LENGTH.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemTooBig(Mem *p){
+ assert( p->db!=0 );
+ if( p->flags & (MEM_Str|MEM_Blob) ){
+ int n = p->n;
+ if( p->flags & MEM_Zero ){
+ n += p->u.nZero;
+ }
+ return n>p->db->aLimit[SQLITE_LIMIT_LENGTH];
+ }
+ return 0;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** This routine prepares a memory cell for modification by breaking
+** its link to a shallow copy and by marking any current shallow
+** copies of this cell as invalid.
+**
+** This is used for testing and debugging only - to make sure shallow
+** copies are not misused.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemAboutToChange(Vdbe *pVdbe, Mem *pMem){
+ int i;
+ Mem *pX;
+ for(i=1, pX=&pVdbe->aMem[1]; i<=pVdbe->nMem; i++, pX++){
+ if( pX->pScopyFrom==pMem ){
+ pX->flags |= MEM_Undefined;
+ pX->pScopyFrom = 0;
+ }
+ }
+ pMem->pScopyFrom = 0;
+}
+#endif /* SQLITE_DEBUG */
+
+
+/*
+** Make an shallow copy of pFrom into pTo. Prior contents of
+** pTo are freed. The pFrom->z field is not duplicated. If
+** pFrom->z is used, then pTo->z points to the same thing as pFrom->z
+** and flags gets srcType (either MEM_Ephem or MEM_Static).
+*/
+static SQLITE_NOINLINE void vdbeClrCopy(Mem *pTo, const Mem *pFrom, int eType){
+ vdbeMemClearExternAndSetNull(pTo);
+ assert( !VdbeMemDynamic(pTo) );
+ sqlite3VdbeMemShallowCopy(pTo, pFrom, eType);
+}
+SQLITE_PRIVATE void sqlite3VdbeMemShallowCopy(Mem *pTo, const Mem *pFrom, int srcType){
+ assert( (pFrom->flags & MEM_RowSet)==0 );
+ assert( pTo->db==pFrom->db );
+ if( VdbeMemDynamic(pTo) ){ vdbeClrCopy(pTo,pFrom,srcType); return; }
+ memcpy(pTo, pFrom, MEMCELLSIZE);
+ if( (pFrom->flags&MEM_Static)==0 ){
+ pTo->flags &= ~(MEM_Dyn|MEM_Static|MEM_Ephem);
+ assert( srcType==MEM_Ephem || srcType==MEM_Static );
+ pTo->flags |= srcType;
+ }
+}
+
+/*
+** Make a full copy of pFrom into pTo. Prior contents of pTo are
+** freed before the copy is made.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemCopy(Mem *pTo, const Mem *pFrom){
+ int rc = SQLITE_OK;
+
+ /* The pFrom==0 case in the following assert() is when an sqlite3_value
+ ** from sqlite3_value_dup() is used as the argument
+ ** to sqlite3_result_value(). */
+ assert( pTo->db==pFrom->db || pFrom->db==0 );
+ assert( (pFrom->flags & MEM_RowSet)==0 );
+ if( VdbeMemDynamic(pTo) ) vdbeMemClearExternAndSetNull(pTo);
+ memcpy(pTo, pFrom, MEMCELLSIZE);
+ pTo->flags &= ~MEM_Dyn;
+ if( pTo->flags&(MEM_Str|MEM_Blob) ){
+ if( 0==(pFrom->flags&MEM_Static) ){
+ pTo->flags |= MEM_Ephem;
+ rc = sqlite3VdbeMemMakeWriteable(pTo);
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Transfer the contents of pFrom to pTo. Any existing value in pTo is
+** freed. If pFrom contains ephemeral data, a copy is made.
+**
+** pFrom contains an SQL NULL when this routine returns.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemMove(Mem *pTo, Mem *pFrom){
+ assert( pFrom->db==0 || sqlite3_mutex_held(pFrom->db->mutex) );
+ assert( pTo->db==0 || sqlite3_mutex_held(pTo->db->mutex) );
+ assert( pFrom->db==0 || pTo->db==0 || pFrom->db==pTo->db );
+
+ sqlite3VdbeMemRelease(pTo);
+ memcpy(pTo, pFrom, sizeof(Mem));
+ pFrom->flags = MEM_Null;
+ pFrom->szMalloc = 0;
+}
+
+/*
+** Change the value of a Mem to be a string or a BLOB.
+**
+** The memory management strategy depends on the value of the xDel
+** parameter. If the value passed is SQLITE_TRANSIENT, then the
+** string is copied into a (possibly existing) buffer managed by the
+** Mem structure. Otherwise, any existing buffer is freed and the
+** pointer copied.
+**
+** If the string is too large (if it exceeds the SQLITE_LIMIT_LENGTH
+** size limit) then no memory allocation occurs. If the string can be
+** stored without allocating memory, then it is. If a memory allocation
+** is required to store the string, then value of pMem is unchanged. In
+** either case, SQLITE_TOOBIG is returned.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMemSetStr(
+ Mem *pMem, /* Memory cell to set to string value */
+ const char *z, /* String pointer */
+ int n, /* Bytes in string, or negative */
+ u8 enc, /* Encoding of z. 0 for BLOBs */
+ void (*xDel)(void*) /* Destructor function */
+){
+ int nByte = n; /* New value for pMem->n */
+ int iLimit; /* Maximum allowed string or blob size */
+ u16 flags = 0; /* New value for pMem->flags */
+
+ assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
+ assert( (pMem->flags & MEM_RowSet)==0 );
+
+ /* If z is a NULL pointer, set pMem to contain an SQL NULL. */
+ if( !z ){
+ sqlite3VdbeMemSetNull(pMem);
+ return SQLITE_OK;
+ }
+
+ if( pMem->db ){
+ iLimit = pMem->db->aLimit[SQLITE_LIMIT_LENGTH];
+ }else{
+ iLimit = SQLITE_MAX_LENGTH;
+ }
+ flags = (enc==0?MEM_Blob:MEM_Str);
+ if( nByte<0 ){
+ assert( enc!=0 );
+ if( enc==SQLITE_UTF8 ){
+ nByte = sqlite3Strlen30(z);
+ if( nByte>iLimit ) nByte = iLimit+1;
+ }else{
+ for(nByte=0; nByte<=iLimit && (z[nByte] | z[nByte+1]); nByte+=2){}
+ }
+ flags |= MEM_Term;
+ }
+
+ /* The following block sets the new values of Mem.z and Mem.xDel. It
+ ** also sets a flag in local variable "flags" to indicate the memory
+ ** management (one of MEM_Dyn or MEM_Static).
+ */
+ if( xDel==SQLITE_TRANSIENT ){
+ int nAlloc = nByte;
+ if( flags&MEM_Term ){
+ nAlloc += (enc==SQLITE_UTF8?1:2);
+ }
+ if( nByte>iLimit ){
+ return SQLITE_TOOBIG;
+ }
+ testcase( nAlloc==0 );
+ testcase( nAlloc==31 );
+ testcase( nAlloc==32 );
+ if( sqlite3VdbeMemClearAndResize(pMem, MAX(nAlloc,32)) ){
+ return SQLITE_NOMEM;
+ }
+ memcpy(pMem->z, z, nAlloc);
+ }else if( xDel==SQLITE_DYNAMIC ){
+ sqlite3VdbeMemRelease(pMem);
+ pMem->zMalloc = pMem->z = (char *)z;
+ pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->zMalloc);
+ }else{
+ sqlite3VdbeMemRelease(pMem);
+ pMem->z = (char *)z;
+ pMem->xDel = xDel;
+ flags |= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
+ }
+
+ pMem->n = nByte;
+ pMem->flags = flags;
+ pMem->enc = (enc==0 ? SQLITE_UTF8 : enc);
+
+#ifndef SQLITE_OMIT_UTF16
+ if( pMem->enc!=SQLITE_UTF8 && sqlite3VdbeMemHandleBom(pMem) ){
+ return SQLITE_NOMEM;
+ }
+#endif
+
+ if( nByte>iLimit ){
+ return SQLITE_TOOBIG;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Move data out of a btree key or data field and into a Mem structure.
+** The data or key is taken from the entry that pCur is currently pointing
+** to. offset and amt determine what portion of the data or key to retrieve.
+** key is true to get the key or false to get data. The result is written
+** into the pMem element.
+**
+** The pMem object must have been initialized. This routine will use
+** pMem->zMalloc to hold the content from the btree, if possible. New
+** pMem->zMalloc space will be allocated if necessary. The calling routine
+** is responsible for making sure that the pMem object is eventually
+** destroyed.
+**
+** If this routine fails for any reason (malloc returns NULL or unable
+** to read from the disk) then the pMem is left in an inconsistent state.
+*/
+static SQLITE_NOINLINE int vdbeMemFromBtreeResize(
+ BtCursor *pCur, /* Cursor pointing at record to retrieve. */
+ u32 offset, /* Offset from the start of data to return bytes from. */
+ u32 amt, /* Number of bytes to return. */
+ int key, /* If true, retrieve from the btree key, not data. */
+ Mem *pMem /* OUT: Return data in this Mem structure. */
+){
+ int rc;
+ pMem->flags = MEM_Null;
+ if( SQLITE_OK==(rc = sqlite3VdbeMemClearAndResize(pMem, amt+2)) ){
+ if( key ){
+ rc = sqlite3BtreeKey(pCur, offset, amt, pMem->z);
+ }else{
+ rc = sqlite3BtreeData(pCur, offset, amt, pMem->z);
+ }
+ if( rc==SQLITE_OK ){
+ pMem->z[amt] = 0;
+ pMem->z[amt+1] = 0;
+ pMem->flags = MEM_Blob|MEM_Term;
+ pMem->n = (int)amt;
+ }else{
+ sqlite3VdbeMemRelease(pMem);
+ }
+ }
+ return rc;
+}
+SQLITE_PRIVATE int sqlite3VdbeMemFromBtree(
+ BtCursor *pCur, /* Cursor pointing at record to retrieve. */
+ u32 offset, /* Offset from the start of data to return bytes from. */
+ u32 amt, /* Number of bytes to return. */
+ int key, /* If true, retrieve from the btree key, not data. */
+ Mem *pMem /* OUT: Return data in this Mem structure. */
+){
+ char *zData; /* Data from the btree layer */
+ u32 available = 0; /* Number of bytes available on the local btree page */
+ int rc = SQLITE_OK; /* Return code */
+
+ assert( sqlite3BtreeCursorIsValid(pCur) );
+ assert( !VdbeMemDynamic(pMem) );
+
+ /* Note: the calls to BtreeKeyFetch() and DataFetch() below assert()
+ ** that both the BtShared and database handle mutexes are held. */
+ assert( (pMem->flags & MEM_RowSet)==0 );
+ if( key ){
+ zData = (char *)sqlite3BtreeKeyFetch(pCur, &available);
+ }else{
+ zData = (char *)sqlite3BtreeDataFetch(pCur, &available);
+ }
+ assert( zData!=0 );
+
+ if( offset+amt<=available ){
+ pMem->z = &zData[offset];
+ pMem->flags = MEM_Blob|MEM_Ephem;
+ pMem->n = (int)amt;
+ }else{
+ rc = vdbeMemFromBtreeResize(pCur, offset, amt, key, pMem);
+ }
+
+ return rc;
+}
+
+/*
+** The pVal argument is known to be a value other than NULL.
+** Convert it into a string with encoding enc and return a pointer
+** to a zero-terminated version of that string.
+*/
+static SQLITE_NOINLINE const void *valueToText(sqlite3_value* pVal, u8 enc){
+ assert( pVal!=0 );
+ assert( pVal->db==0 || sqlite3_mutex_held(pVal->db->mutex) );
+ assert( (enc&3)==(enc&~SQLITE_UTF16_ALIGNED) );
+ assert( (pVal->flags & MEM_RowSet)==0 );
+ assert( (pVal->flags & (MEM_Null))==0 );
+ if( pVal->flags & (MEM_Blob|MEM_Str) ){
+ pVal->flags |= MEM_Str;
+ if( pVal->flags & MEM_Zero ){
+ sqlite3VdbeMemExpandBlob(pVal);
+ }
+ if( pVal->enc != (enc & ~SQLITE_UTF16_ALIGNED) ){
+ sqlite3VdbeChangeEncoding(pVal, enc & ~SQLITE_UTF16_ALIGNED);
+ }
+ if( (enc & SQLITE_UTF16_ALIGNED)!=0 && 1==(1&SQLITE_PTR_TO_INT(pVal->z)) ){
+ assert( (pVal->flags & (MEM_Ephem|MEM_Static))!=0 );
+ if( sqlite3VdbeMemMakeWriteable(pVal)!=SQLITE_OK ){
+ return 0;
+ }
+ }
+ sqlite3VdbeMemNulTerminate(pVal); /* IMP: R-31275-44060 */
+ }else{
+ sqlite3VdbeMemStringify(pVal, enc, 0);
+ assert( 0==(1&SQLITE_PTR_TO_INT(pVal->z)) );
+ }
+ assert(pVal->enc==(enc & ~SQLITE_UTF16_ALIGNED) || pVal->db==0
+ || pVal->db->mallocFailed );
+ if( pVal->enc==(enc & ~SQLITE_UTF16_ALIGNED) ){
+ return pVal->z;
+ }else{
+ return 0;
+ }
+}
+
+/* This function is only available internally, it is not part of the
+** external API. It works in a similar way to sqlite3_value_text(),
+** except the data returned is in the encoding specified by the second
+** parameter, which must be one of SQLITE_UTF16BE, SQLITE_UTF16LE or
+** SQLITE_UTF8.
+**
+** (2006-02-16:) The enc value can be or-ed with SQLITE_UTF16_ALIGNED.
+** If that is the case, then the result must be aligned on an even byte
+** boundary.
+*/
+SQLITE_PRIVATE const void *sqlite3ValueText(sqlite3_value* pVal, u8 enc){
+ if( !pVal ) return 0;
+ assert( pVal->db==0 || sqlite3_mutex_held(pVal->db->mutex) );
+ assert( (enc&3)==(enc&~SQLITE_UTF16_ALIGNED) );
+ assert( (pVal->flags & MEM_RowSet)==0 );
+ if( (pVal->flags&(MEM_Str|MEM_Term))==(MEM_Str|MEM_Term) && pVal->enc==enc ){
+ return pVal->z;
+ }
+ if( pVal->flags&MEM_Null ){
+ return 0;
+ }
+ return valueToText(pVal, enc);
+}
+
+/*
+** Create a new sqlite3_value object.
+*/
+SQLITE_PRIVATE sqlite3_value *sqlite3ValueNew(sqlite3 *db){
+ Mem *p = sqlite3DbMallocZero(db, sizeof(*p));
+ if( p ){
+ p->flags = MEM_Null;
+ p->db = db;
+ }
+ return p;
+}
+
+/*
+** Context object passed by sqlite3Stat4ProbeSetValue() through to
+** valueNew(). See comments above valueNew() for details.
+*/
+struct ValueNewStat4Ctx {
+ Parse *pParse;
+ Index *pIdx;
+ UnpackedRecord **ppRec;
+ int iVal;
+};
+
+/*
+** Allocate and return a pointer to a new sqlite3_value object. If
+** the second argument to this function is NULL, the object is allocated
+** by calling sqlite3ValueNew().
+**
+** Otherwise, if the second argument is non-zero, then this function is
+** being called indirectly by sqlite3Stat4ProbeSetValue(). If it has not
+** already been allocated, allocate the UnpackedRecord structure that
+** that function will return to its caller here. Then return a pointer to
+** an sqlite3_value within the UnpackedRecord.a[] array.
+*/
+static sqlite3_value *valueNew(sqlite3 *db, struct ValueNewStat4Ctx *p){
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( p ){
+ UnpackedRecord *pRec = p->ppRec[0];
+
+ if( pRec==0 ){
+ Index *pIdx = p->pIdx; /* Index being probed */
+ int nByte; /* Bytes of space to allocate */
+ int i; /* Counter variable */
+ int nCol = pIdx->nColumn; /* Number of index columns including rowid */
+
+ nByte = sizeof(Mem) * nCol + ROUND8(sizeof(UnpackedRecord));
+ pRec = (UnpackedRecord*)sqlite3DbMallocZero(db, nByte);
+ if( pRec ){
+ pRec->pKeyInfo = sqlite3KeyInfoOfIndex(p->pParse, pIdx);
+ if( pRec->pKeyInfo ){
+ assert( pRec->pKeyInfo->nField+pRec->pKeyInfo->nXField==nCol );
+ assert( pRec->pKeyInfo->enc==ENC(db) );
+ pRec->aMem = (Mem *)((u8*)pRec + ROUND8(sizeof(UnpackedRecord)));
+ for(i=0; i<nCol; i++){
+ pRec->aMem[i].flags = MEM_Null;
+ pRec->aMem[i].db = db;
+ }
+ }else{
+ sqlite3DbFree(db, pRec);
+ pRec = 0;
+ }
+ }
+ if( pRec==0 ) return 0;
+ p->ppRec[0] = pRec;
+ }
+
+ pRec->nField = p->iVal+1;
+ return &pRec->aMem[p->iVal];
+ }
+#else
+ UNUSED_PARAMETER(p);
+#endif /* defined(SQLITE_ENABLE_STAT3_OR_STAT4) */
+ return sqlite3ValueNew(db);
+}
+
+/*
+** The expression object indicated by the second argument is guaranteed
+** to be a scalar SQL function. If
+**
+** * all function arguments are SQL literals,
+** * one of the SQLITE_FUNC_CONSTANT or _SLOCHNG function flags is set, and
+** * the SQLITE_FUNC_NEEDCOLL function flag is not set,
+**
+** then this routine attempts to invoke the SQL function. Assuming no
+** error occurs, output parameter (*ppVal) is set to point to a value
+** object containing the result before returning SQLITE_OK.
+**
+** Affinity aff is applied to the result of the function before returning.
+** If the result is a text value, the sqlite3_value object uses encoding
+** enc.
+**
+** If the conditions above are not met, this function returns SQLITE_OK
+** and sets (*ppVal) to NULL. Or, if an error occurs, (*ppVal) is set to
+** NULL and an SQLite error code returned.
+*/
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+static int valueFromFunction(
+ sqlite3 *db, /* The database connection */
+ Expr *p, /* The expression to evaluate */
+ u8 enc, /* Encoding to use */
+ u8 aff, /* Affinity to use */
+ sqlite3_value **ppVal, /* Write the new value here */
+ struct ValueNewStat4Ctx *pCtx /* Second argument for valueNew() */
+){
+ sqlite3_context ctx; /* Context object for function invocation */
+ sqlite3_value **apVal = 0; /* Function arguments */
+ int nVal = 0; /* Size of apVal[] array */
+ FuncDef *pFunc = 0; /* Function definition */
+ sqlite3_value *pVal = 0; /* New value */
+ int rc = SQLITE_OK; /* Return code */
+ int nName; /* Size of function name in bytes */
+ ExprList *pList = 0; /* Function arguments */
+ int i; /* Iterator variable */
+
+ assert( pCtx!=0 );
+ assert( (p->flags & EP_TokenOnly)==0 );
+ pList = p->x.pList;
+ if( pList ) nVal = pList->nExpr;
+ nName = sqlite3Strlen30(p->u.zToken);
+ pFunc = sqlite3FindFunction(db, p->u.zToken, nName, nVal, enc, 0);
+ assert( pFunc );
+ if( (pFunc->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG))==0
+ || (pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL)
+ ){
+ return SQLITE_OK;
+ }
+
+ if( pList ){
+ apVal = (sqlite3_value**)sqlite3DbMallocZero(db, sizeof(apVal[0]) * nVal);
+ if( apVal==0 ){
+ rc = SQLITE_NOMEM;
+ goto value_from_function_out;
+ }
+ for(i=0; i<nVal; i++){
+ rc = sqlite3ValueFromExpr(db, pList->a[i].pExpr, enc, aff, &apVal[i]);
+ if( apVal[i]==0 || rc!=SQLITE_OK ) goto value_from_function_out;
+ }
+ }
+
+ pVal = valueNew(db, pCtx);
+ if( pVal==0 ){
+ rc = SQLITE_NOMEM;
+ goto value_from_function_out;
+ }
+
+ assert( pCtx->pParse->rc==SQLITE_OK );
+ memset(&ctx, 0, sizeof(ctx));
+ ctx.pOut = pVal;
+ ctx.pFunc = pFunc;
+ pFunc->xFunc(&ctx, nVal, apVal);
+ if( ctx.isError ){
+ rc = ctx.isError;
+ sqlite3ErrorMsg(pCtx->pParse, "%s", sqlite3_value_text(pVal));
+ }else{
+ sqlite3ValueApplyAffinity(pVal, aff, SQLITE_UTF8);
+ assert( rc==SQLITE_OK );
+ rc = sqlite3VdbeChangeEncoding(pVal, enc);
+ if( rc==SQLITE_OK && sqlite3VdbeMemTooBig(pVal) ){
+ rc = SQLITE_TOOBIG;
+ pCtx->pParse->nErr++;
+ }
+ }
+ pCtx->pParse->rc = rc;
+
+ value_from_function_out:
+ if( rc!=SQLITE_OK ){
+ pVal = 0;
+ }
+ if( apVal ){
+ for(i=0; i<nVal; i++){
+ sqlite3ValueFree(apVal[i]);
+ }
+ sqlite3DbFree(db, apVal);
+ }
+
+ *ppVal = pVal;
+ return rc;
+}
+#else
+# define valueFromFunction(a,b,c,d,e,f) SQLITE_OK
+#endif /* defined(SQLITE_ENABLE_STAT3_OR_STAT4) */
+
+/*
+** Extract a value from the supplied expression in the manner described
+** above sqlite3ValueFromExpr(). Allocate the sqlite3_value object
+** using valueNew().
+**
+** If pCtx is NULL and an error occurs after the sqlite3_value object
+** has been allocated, it is freed before returning. Or, if pCtx is not
+** NULL, it is assumed that the caller will free any allocated object
+** in all cases.
+*/
+static int valueFromExpr(
+ sqlite3 *db, /* The database connection */
+ Expr *pExpr, /* The expression to evaluate */
+ u8 enc, /* Encoding to use */
+ u8 affinity, /* Affinity to use */
+ sqlite3_value **ppVal, /* Write the new value here */
+ struct ValueNewStat4Ctx *pCtx /* Second argument for valueNew() */
+){
+ int op;
+ char *zVal = 0;
+ sqlite3_value *pVal = 0;
+ int negInt = 1;
+ const char *zNeg = "";
+ int rc = SQLITE_OK;
+
+ if( !pExpr ){
+ *ppVal = 0;
+ return SQLITE_OK;
+ }
+ while( (op = pExpr->op)==TK_UPLUS ) pExpr = pExpr->pLeft;
+ if( NEVER(op==TK_REGISTER) ) op = pExpr->op2;
+
+ /* Compressed expressions only appear when parsing the DEFAULT clause
+ ** on a table column definition, and hence only when pCtx==0. This
+ ** check ensures that an EP_TokenOnly expression is never passed down
+ ** into valueFromFunction(). */
+ assert( (pExpr->flags & EP_TokenOnly)==0 || pCtx==0 );
+
+ if( op==TK_CAST ){
+ u8 aff = sqlite3AffinityType(pExpr->u.zToken,0);
+ rc = valueFromExpr(db, pExpr->pLeft, enc, aff, ppVal, pCtx);
+ testcase( rc!=SQLITE_OK );
+ if( *ppVal ){
+ sqlite3VdbeMemCast(*ppVal, aff, SQLITE_UTF8);
+ sqlite3ValueApplyAffinity(*ppVal, affinity, SQLITE_UTF8);
+ }
+ return rc;
+ }
+
+ /* Handle negative integers in a single step. This is needed in the
+ ** case when the value is -9223372036854775808.
+ */
+ if( op==TK_UMINUS
+ && (pExpr->pLeft->op==TK_INTEGER || pExpr->pLeft->op==TK_FLOAT) ){
+ pExpr = pExpr->pLeft;
+ op = pExpr->op;
+ negInt = -1;
+ zNeg = "-";
+ }
+
+ if( op==TK_STRING || op==TK_FLOAT || op==TK_INTEGER ){
+ pVal = valueNew(db, pCtx);
+ if( pVal==0 ) goto no_mem;
+ if( ExprHasProperty(pExpr, EP_IntValue) ){
+ sqlite3VdbeMemSetInt64(pVal, (i64)pExpr->u.iValue*negInt);
+ }else{
+ zVal = sqlite3MPrintf(db, "%s%s", zNeg, pExpr->u.zToken);
+ if( zVal==0 ) goto no_mem;
+ sqlite3ValueSetStr(pVal, -1, zVal, SQLITE_UTF8, SQLITE_DYNAMIC);
+ }
+ if( (op==TK_INTEGER || op==TK_FLOAT ) && affinity==SQLITE_AFF_BLOB ){
+ sqlite3ValueApplyAffinity(pVal, SQLITE_AFF_NUMERIC, SQLITE_UTF8);
+ }else{
+ sqlite3ValueApplyAffinity(pVal, affinity, SQLITE_UTF8);
+ }
+ if( pVal->flags & (MEM_Int|MEM_Real) ) pVal->flags &= ~MEM_Str;
+ if( enc!=SQLITE_UTF8 ){
+ rc = sqlite3VdbeChangeEncoding(pVal, enc);
+ }
+ }else if( op==TK_UMINUS ) {
+ /* This branch happens for multiple negative signs. Ex: -(-5) */
+ if( SQLITE_OK==sqlite3ValueFromExpr(db,pExpr->pLeft,enc,affinity,&pVal)
+ && pVal!=0
+ ){
+ sqlite3VdbeMemNumerify(pVal);
+ if( pVal->flags & MEM_Real ){
+ pVal->u.r = -pVal->u.r;
+ }else if( pVal->u.i==SMALLEST_INT64 ){
+ pVal->u.r = -(double)SMALLEST_INT64;
+ MemSetTypeFlag(pVal, MEM_Real);
+ }else{
+ pVal->u.i = -pVal->u.i;
+ }
+ sqlite3ValueApplyAffinity(pVal, affinity, enc);
+ }
+ }else if( op==TK_NULL ){
+ pVal = valueNew(db, pCtx);
+ if( pVal==0 ) goto no_mem;
+ }
+#ifndef SQLITE_OMIT_BLOB_LITERAL
+ else if( op==TK_BLOB ){
+ int nVal;
+ assert( pExpr->u.zToken[0]=='x' || pExpr->u.zToken[0]=='X' );
+ assert( pExpr->u.zToken[1]=='\'' );
+ pVal = valueNew(db, pCtx);
+ if( !pVal ) goto no_mem;
+ zVal = &pExpr->u.zToken[2];
+ nVal = sqlite3Strlen30(zVal)-1;
+ assert( zVal[nVal]=='\'' );
+ sqlite3VdbeMemSetStr(pVal, sqlite3HexToBlob(db, zVal, nVal), nVal/2,
+ 0, SQLITE_DYNAMIC);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ else if( op==TK_FUNCTION && pCtx!=0 ){
+ rc = valueFromFunction(db, pExpr, enc, affinity, &pVal, pCtx);
+ }
+#endif
+
+ *ppVal = pVal;
+ return rc;
+
+no_mem:
+ db->mallocFailed = 1;
+ sqlite3DbFree(db, zVal);
+ assert( *ppVal==0 );
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( pCtx==0 ) sqlite3ValueFree(pVal);
+#else
+ assert( pCtx==0 ); sqlite3ValueFree(pVal);
+#endif
+ return SQLITE_NOMEM;
+}
+
+/*
+** Create a new sqlite3_value object, containing the value of pExpr.
+**
+** This only works for very simple expressions that consist of one constant
+** token (i.e. "5", "5.1", "'a string'"). If the expression can
+** be converted directly into a value, then the value is allocated and
+** a pointer written to *ppVal. The caller is responsible for deallocating
+** the value by passing it to sqlite3ValueFree() later on. If the expression
+** cannot be converted to a value, then *ppVal is set to NULL.
+*/
+SQLITE_PRIVATE int sqlite3ValueFromExpr(
+ sqlite3 *db, /* The database connection */
+ Expr *pExpr, /* The expression to evaluate */
+ u8 enc, /* Encoding to use */
+ u8 affinity, /* Affinity to use */
+ sqlite3_value **ppVal /* Write the new value here */
+){
+ return valueFromExpr(db, pExpr, enc, affinity, ppVal, 0);
+}
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** The implementation of the sqlite_record() function. This function accepts
+** a single argument of any type. The return value is a formatted database
+** record (a blob) containing the argument value.
+**
+** This is used to convert the value stored in the 'sample' column of the
+** sqlite_stat3 table to the record format SQLite uses internally.
+*/
+static void recordFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const int file_format = 1;
+ u32 iSerial; /* Serial type */
+ int nSerial; /* Bytes of space for iSerial as varint */
+ u32 nVal; /* Bytes of space required for argv[0] */
+ int nRet;
+ sqlite3 *db;
+ u8 *aRet;
+
+ UNUSED_PARAMETER( argc );
+ iSerial = sqlite3VdbeSerialType(argv[0], file_format, &nVal);
+ nSerial = sqlite3VarintLen(iSerial);
+ db = sqlite3_context_db_handle(context);
+
+ nRet = 1 + nSerial + nVal;
+ aRet = sqlite3DbMallocRaw(db, nRet);
+ if( aRet==0 ){
+ sqlite3_result_error_nomem(context);
+ }else{
+ aRet[0] = nSerial+1;
+ putVarint32(&aRet[1], iSerial);
+ sqlite3VdbeSerialPut(&aRet[1+nSerial], argv[0], iSerial);
+ sqlite3_result_blob(context, aRet, nRet, SQLITE_TRANSIENT);
+ sqlite3DbFree(db, aRet);
+ }
+}
+
+/*
+** Register built-in functions used to help read ANALYZE data.
+*/
+SQLITE_PRIVATE void sqlite3AnalyzeFunctions(void){
+ static SQLITE_WSD FuncDef aAnalyzeTableFuncs[] = {
+ FUNCTION(sqlite_record, 1, 0, 0, recordFunc),
+ };
+ int i;
+ FuncDefHash *pHash = &GLOBAL(FuncDefHash, sqlite3GlobalFunctions);
+ FuncDef *aFunc = (FuncDef*)&GLOBAL(FuncDef, aAnalyzeTableFuncs);
+ for(i=0; i<ArraySize(aAnalyzeTableFuncs); i++){
+ sqlite3FuncDefInsert(pHash, &aFunc[i]);
+ }
+}
+
+/*
+** Attempt to extract a value from pExpr and use it to construct *ppVal.
+**
+** If pAlloc is not NULL, then an UnpackedRecord object is created for
+** pAlloc if one does not exist and the new value is added to the
+** UnpackedRecord object.
+**
+** A value is extracted in the following cases:
+**
+** * (pExpr==0). In this case the value is assumed to be an SQL NULL,
+**
+** * The expression is a bound variable, and this is a reprepare, or
+**
+** * The expression is a literal value.
+**
+** On success, *ppVal is made to point to the extracted value. The caller
+** is responsible for ensuring that the value is eventually freed.
+*/
+static int stat4ValueFromExpr(
+ Parse *pParse, /* Parse context */
+ Expr *pExpr, /* The expression to extract a value from */
+ u8 affinity, /* Affinity to use */
+ struct ValueNewStat4Ctx *pAlloc,/* How to allocate space. Or NULL */
+ sqlite3_value **ppVal /* OUT: New value object (or NULL) */
+){
+ int rc = SQLITE_OK;
+ sqlite3_value *pVal = 0;
+ sqlite3 *db = pParse->db;
+
+ /* Skip over any TK_COLLATE nodes */
+ pExpr = sqlite3ExprSkipCollate(pExpr);
+
+ if( !pExpr ){
+ pVal = valueNew(db, pAlloc);
+ if( pVal ){
+ sqlite3VdbeMemSetNull((Mem*)pVal);
+ }
+ }else if( pExpr->op==TK_VARIABLE
+ || NEVER(pExpr->op==TK_REGISTER && pExpr->op2==TK_VARIABLE)
+ ){
+ Vdbe *v;
+ int iBindVar = pExpr->iColumn;
+ sqlite3VdbeSetVarmask(pParse->pVdbe, iBindVar);
+ if( (v = pParse->pReprepare)!=0 ){
+ pVal = valueNew(db, pAlloc);
+ if( pVal ){
+ rc = sqlite3VdbeMemCopy((Mem*)pVal, &v->aVar[iBindVar-1]);
+ if( rc==SQLITE_OK ){
+ sqlite3ValueApplyAffinity(pVal, affinity, ENC(db));
+ }
+ pVal->db = pParse->db;
+ }
+ }
+ }else{
+ rc = valueFromExpr(db, pExpr, ENC(db), affinity, &pVal, pAlloc);
+ }
+
+ assert( pVal==0 || pVal->db==db );
+ *ppVal = pVal;
+ return rc;
+}
+
+/*
+** This function is used to allocate and populate UnpackedRecord
+** structures intended to be compared against sample index keys stored
+** in the sqlite_stat4 table.
+**
+** A single call to this function attempts to populates field iVal (leftmost
+** is 0 etc.) of the unpacked record with a value extracted from expression
+** pExpr. Extraction of values is possible if:
+**
+** * (pExpr==0). In this case the value is assumed to be an SQL NULL,
+**
+** * The expression is a bound variable, and this is a reprepare, or
+**
+** * The sqlite3ValueFromExpr() function is able to extract a value
+** from the expression (i.e. the expression is a literal value).
+**
+** If a value can be extracted, the affinity passed as the 5th argument
+** is applied to it before it is copied into the UnpackedRecord. Output
+** parameter *pbOk is set to true if a value is extracted, or false
+** otherwise.
+**
+** When this function is called, *ppRec must either point to an object
+** allocated by an earlier call to this function, or must be NULL. If it
+** is NULL and a value can be successfully extracted, a new UnpackedRecord
+** is allocated (and *ppRec set to point to it) before returning.
+**
+** Unless an error is encountered, SQLITE_OK is returned. It is not an
+** error if a value cannot be extracted from pExpr. If an error does
+** occur, an SQLite error code is returned.
+*/
+SQLITE_PRIVATE int sqlite3Stat4ProbeSetValue(
+ Parse *pParse, /* Parse context */
+ Index *pIdx, /* Index being probed */
+ UnpackedRecord **ppRec, /* IN/OUT: Probe record */
+ Expr *pExpr, /* The expression to extract a value from */
+ u8 affinity, /* Affinity to use */
+ int iVal, /* Array element to populate */
+ int *pbOk /* OUT: True if value was extracted */
+){
+ int rc;
+ sqlite3_value *pVal = 0;
+ struct ValueNewStat4Ctx alloc;
+
+ alloc.pParse = pParse;
+ alloc.pIdx = pIdx;
+ alloc.ppRec = ppRec;
+ alloc.iVal = iVal;
+
+ rc = stat4ValueFromExpr(pParse, pExpr, affinity, &alloc, &pVal);
+ assert( pVal==0 || pVal->db==pParse->db );
+ *pbOk = (pVal!=0);
+ return rc;
+}
+
+/*
+** Attempt to extract a value from expression pExpr using the methods
+** as described for sqlite3Stat4ProbeSetValue() above.
+**
+** If successful, set *ppVal to point to a new value object and return
+** SQLITE_OK. If no value can be extracted, but no other error occurs
+** (e.g. OOM), return SQLITE_OK and set *ppVal to NULL. Or, if an error
+** does occur, return an SQLite error code. The final value of *ppVal
+** is undefined in this case.
+*/
+SQLITE_PRIVATE int sqlite3Stat4ValueFromExpr(
+ Parse *pParse, /* Parse context */
+ Expr *pExpr, /* The expression to extract a value from */
+ u8 affinity, /* Affinity to use */
+ sqlite3_value **ppVal /* OUT: New value object (or NULL) */
+){
+ return stat4ValueFromExpr(pParse, pExpr, affinity, 0, ppVal);
+}
+
+/*
+** Extract the iCol-th column from the nRec-byte record in pRec. Write
+** the column value into *ppVal. If *ppVal is initially NULL then a new
+** sqlite3_value object is allocated.
+**
+** If *ppVal is initially NULL then the caller is responsible for
+** ensuring that the value written into *ppVal is eventually freed.
+*/
+SQLITE_PRIVATE int sqlite3Stat4Column(
+ sqlite3 *db, /* Database handle */
+ const void *pRec, /* Pointer to buffer containing record */
+ int nRec, /* Size of buffer pRec in bytes */
+ int iCol, /* Column to extract */
+ sqlite3_value **ppVal /* OUT: Extracted value */
+){
+ u32 t; /* a column type code */
+ int nHdr; /* Size of the header in the record */
+ int iHdr; /* Next unread header byte */
+ int iField; /* Next unread data byte */
+ int szField; /* Size of the current data field */
+ int i; /* Column index */
+ u8 *a = (u8*)pRec; /* Typecast byte array */
+ Mem *pMem = *ppVal; /* Write result into this Mem object */
+
+ assert( iCol>0 );
+ iHdr = getVarint32(a, nHdr);
+ if( nHdr>nRec || iHdr>=nHdr ) return SQLITE_CORRUPT_BKPT;
+ iField = nHdr;
+ for(i=0; i<=iCol; i++){
+ iHdr += getVarint32(&a[iHdr], t);
+ testcase( iHdr==nHdr );
+ testcase( iHdr==nHdr+1 );
+ if( iHdr>nHdr ) return SQLITE_CORRUPT_BKPT;
+ szField = sqlite3VdbeSerialTypeLen(t);
+ iField += szField;
+ }
+ testcase( iField==nRec );
+ testcase( iField==nRec+1 );
+ if( iField>nRec ) return SQLITE_CORRUPT_BKPT;
+ if( pMem==0 ){
+ pMem = *ppVal = sqlite3ValueNew(db);
+ if( pMem==0 ) return SQLITE_NOMEM;
+ }
+ sqlite3VdbeSerialGet(&a[iField-szField], t, pMem);
+ pMem->enc = ENC(db);
+ return SQLITE_OK;
+}
+
+/*
+** Unless it is NULL, the argument must be an UnpackedRecord object returned
+** by an earlier call to sqlite3Stat4ProbeSetValue(). This call deletes
+** the object.
+*/
+SQLITE_PRIVATE void sqlite3Stat4ProbeFree(UnpackedRecord *pRec){
+ if( pRec ){
+ int i;
+ int nCol = pRec->pKeyInfo->nField+pRec->pKeyInfo->nXField;
+ Mem *aMem = pRec->aMem;
+ sqlite3 *db = aMem[0].db;
+ for(i=0; i<nCol; i++){
+ sqlite3VdbeMemRelease(&aMem[i]);
+ }
+ sqlite3KeyInfoUnref(pRec->pKeyInfo);
+ sqlite3DbFree(db, pRec);
+ }
+}
+#endif /* ifdef SQLITE_ENABLE_STAT4 */
+
+/*
+** Change the string value of an sqlite3_value object
+*/
+SQLITE_PRIVATE void sqlite3ValueSetStr(
+ sqlite3_value *v, /* Value to be set */
+ int n, /* Length of string z */
+ const void *z, /* Text of the new string */
+ u8 enc, /* Encoding to use */
+ void (*xDel)(void*) /* Destructor for the string */
+){
+ if( v ) sqlite3VdbeMemSetStr((Mem *)v, z, n, enc, xDel);
+}
+
+/*
+** Free an sqlite3_value object
+*/
+SQLITE_PRIVATE void sqlite3ValueFree(sqlite3_value *v){
+ if( !v ) return;
+ sqlite3VdbeMemRelease((Mem *)v);
+ sqlite3DbFree(((Mem*)v)->db, v);
+}
+
+/*
+** The sqlite3ValueBytes() routine returns the number of bytes in the
+** sqlite3_value object assuming that it uses the encoding "enc".
+** The valueBytes() routine is a helper function.
+*/
+static SQLITE_NOINLINE int valueBytes(sqlite3_value *pVal, u8 enc){
+ return valueToText(pVal, enc)!=0 ? pVal->n : 0;
+}
+SQLITE_PRIVATE int sqlite3ValueBytes(sqlite3_value *pVal, u8 enc){
+ Mem *p = (Mem*)pVal;
+ assert( (p->flags & MEM_Null)==0 || (p->flags & (MEM_Str|MEM_Blob))==0 );
+ if( (p->flags & MEM_Str)!=0 && pVal->enc==enc ){
+ return p->n;
+ }
+ if( (p->flags & MEM_Blob)!=0 ){
+ if( p->flags & MEM_Zero ){
+ return p->n + p->u.nZero;
+ }else{
+ return p->n;
+ }
+ }
+ if( p->flags & MEM_Null ) return 0;
+ return valueBytes(pVal, enc);
+}
+
+/************** End of vdbemem.c *********************************************/
+/************** Begin file vdbeaux.c *****************************************/
+/*
+** 2003 September 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used for creating, destroying, and populating
+** a VDBE (or an "sqlite3_stmt" as it is known to the outside world.)
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+/*
+** Create a new virtual database engine.
+*/
+SQLITE_PRIVATE Vdbe *sqlite3VdbeCreate(Parse *pParse){
+ sqlite3 *db = pParse->db;
+ Vdbe *p;
+ p = sqlite3DbMallocZero(db, sizeof(Vdbe) );
+ if( p==0 ) return 0;
+ p->db = db;
+ if( db->pVdbe ){
+ db->pVdbe->pPrev = p;
+ }
+ p->pNext = db->pVdbe;
+ p->pPrev = 0;
+ db->pVdbe = p;
+ p->magic = VDBE_MAGIC_INIT;
+ p->pParse = pParse;
+ assert( pParse->aLabel==0 );
+ assert( pParse->nLabel==0 );
+ assert( pParse->nOpAlloc==0 );
+ assert( pParse->szOpAlloc==0 );
+ return p;
+}
+
+/*
+** Change the error string stored in Vdbe.zErrMsg
+*/
+SQLITE_PRIVATE void sqlite3VdbeError(Vdbe *p, const char *zFormat, ...){
+ va_list ap;
+ sqlite3DbFree(p->db, p->zErrMsg);
+ va_start(ap, zFormat);
+ p->zErrMsg = sqlite3VMPrintf(p->db, zFormat, ap);
+ va_end(ap);
+}
+
+/*
+** Remember the SQL string for a prepared statement.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSetSql(Vdbe *p, const char *z, int n, int isPrepareV2){
+ assert( isPrepareV2==1 || isPrepareV2==0 );
+ if( p==0 ) return;
+#if defined(SQLITE_OMIT_TRACE) && !defined(SQLITE_ENABLE_SQLLOG)
+ if( !isPrepareV2 ) return;
+#endif
+ assert( p->zSql==0 );
+ p->zSql = sqlite3DbStrNDup(p->db, z, n);
+ p->isPrepareV2 = (u8)isPrepareV2;
+}
+
+/*
+** Return the SQL associated with a prepared statement
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_sql(sqlite3_stmt *pStmt){
+ Vdbe *p = (Vdbe *)pStmt;
+ return p ? p->zSql : 0;
+}
+
+/*
+** Swap all content between two VDBE structures.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSwap(Vdbe *pA, Vdbe *pB){
+ Vdbe tmp, *pTmp;
+ char *zTmp;
+ tmp = *pA;
+ *pA = *pB;
+ *pB = tmp;
+ pTmp = pA->pNext;
+ pA->pNext = pB->pNext;
+ pB->pNext = pTmp;
+ pTmp = pA->pPrev;
+ pA->pPrev = pB->pPrev;
+ pB->pPrev = pTmp;
+ zTmp = pA->zSql;
+ pA->zSql = pB->zSql;
+ pB->zSql = zTmp;
+ pB->isPrepareV2 = pA->isPrepareV2;
+}
+
+/*
+** Resize the Vdbe.aOp array so that it is at least nOp elements larger
+** than its current size. nOp is guaranteed to be less than or equal
+** to 1024/sizeof(Op).
+**
+** If an out-of-memory error occurs while resizing the array, return
+** SQLITE_NOMEM. In this case Vdbe.aOp and Parse.nOpAlloc remain
+** unchanged (this is so that any opcodes already allocated can be
+** correctly deallocated along with the rest of the Vdbe).
+*/
+static int growOpArray(Vdbe *v, int nOp){
+ VdbeOp *pNew;
+ Parse *p = v->pParse;
+
+ /* The SQLITE_TEST_REALLOC_STRESS compile-time option is designed to force
+ ** more frequent reallocs and hence provide more opportunities for
+ ** simulated OOM faults. SQLITE_TEST_REALLOC_STRESS is generally used
+ ** during testing only. With SQLITE_TEST_REALLOC_STRESS grow the op array
+ ** by the minimum* amount required until the size reaches 512. Normal
+ ** operation (without SQLITE_TEST_REALLOC_STRESS) is to double the current
+ ** size of the op array or add 1KB of space, whichever is smaller. */
+#ifdef SQLITE_TEST_REALLOC_STRESS
+ int nNew = (p->nOpAlloc>=512 ? p->nOpAlloc*2 : p->nOpAlloc+nOp);
+#else
+ int nNew = (p->nOpAlloc ? p->nOpAlloc*2 : (int)(1024/sizeof(Op)));
+ UNUSED_PARAMETER(nOp);
+#endif
+
+ assert( nOp<=(1024/sizeof(Op)) );
+ assert( nNew>=(p->nOpAlloc+nOp) );
+ pNew = sqlite3DbRealloc(p->db, v->aOp, nNew*sizeof(Op));
+ if( pNew ){
+ p->szOpAlloc = sqlite3DbMallocSize(p->db, pNew);
+ p->nOpAlloc = p->szOpAlloc/sizeof(Op);
+ v->aOp = pNew;
+ }
+ return (pNew ? SQLITE_OK : SQLITE_NOMEM);
+}
+
+#ifdef SQLITE_DEBUG
+/* This routine is just a convenient place to set a breakpoint that will
+** fire after each opcode is inserted and displayed using
+** "PRAGMA vdbe_addoptrace=on".
+*/
+static void test_addop_breakpoint(void){
+ static int n = 0;
+ n++;
+}
+#endif
+
+/*
+** Add a new instruction to the list of instructions current in the
+** VDBE. Return the address of the new instruction.
+**
+** Parameters:
+**
+** p Pointer to the VDBE
+**
+** op The opcode for this instruction
+**
+** p1, p2, p3 Operands
+**
+** Use the sqlite3VdbeResolveLabel() function to fix an address and
+** the sqlite3VdbeChangeP4() function to change the value of the P4
+** operand.
+*/
+static SQLITE_NOINLINE int growOp3(Vdbe *p, int op, int p1, int p2, int p3){
+ assert( p->pParse->nOpAlloc<=p->nOp );
+ if( growOpArray(p, 1) ) return 1;
+ assert( p->pParse->nOpAlloc>p->nOp );
+ return sqlite3VdbeAddOp3(p, op, p1, p2, p3);
+}
+SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe *p, int op, int p1, int p2, int p3){
+ int i;
+ VdbeOp *pOp;
+
+ i = p->nOp;
+ assert( p->magic==VDBE_MAGIC_INIT );
+ assert( op>0 && op<0xff );
+ if( p->pParse->nOpAlloc<=i ){
+ return growOp3(p, op, p1, p2, p3);
+ }
+ p->nOp++;
+ pOp = &p->aOp[i];
+ pOp->opcode = (u8)op;
+ pOp->p5 = 0;
+ pOp->p1 = p1;
+ pOp->p2 = p2;
+ pOp->p3 = p3;
+ pOp->p4.p = 0;
+ pOp->p4type = P4_NOTUSED;
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ pOp->zComment = 0;
+#endif
+#ifdef SQLITE_DEBUG
+ if( p->db->flags & SQLITE_VdbeAddopTrace ){
+ int jj, kk;
+ Parse *pParse = p->pParse;
+ for(jj=kk=0; jj<SQLITE_N_COLCACHE; jj++){
+ struct yColCache *x = pParse->aColCache + jj;
+ if( x->iLevel>pParse->iCacheLevel || x->iReg==0 ) continue;
+ printf(" r[%d]={%d:%d}", x->iReg, x->iTable, x->iColumn);
+ kk++;
+ }
+ if( kk ) printf("\n");
+ sqlite3VdbePrintOp(0, i, &p->aOp[i]);
+ test_addop_breakpoint();
+ }
+#endif
+#ifdef VDBE_PROFILE
+ pOp->cycles = 0;
+ pOp->cnt = 0;
+#endif
+#ifdef SQLITE_VDBE_COVERAGE
+ pOp->iSrcLine = 0;
+#endif
+ return i;
+}
+SQLITE_PRIVATE int sqlite3VdbeAddOp0(Vdbe *p, int op){
+ return sqlite3VdbeAddOp3(p, op, 0, 0, 0);
+}
+SQLITE_PRIVATE int sqlite3VdbeAddOp1(Vdbe *p, int op, int p1){
+ return sqlite3VdbeAddOp3(p, op, p1, 0, 0);
+}
+SQLITE_PRIVATE int sqlite3VdbeAddOp2(Vdbe *p, int op, int p1, int p2){
+ return sqlite3VdbeAddOp3(p, op, p1, p2, 0);
+}
+
+/* Generate code for an unconditional jump to instruction iDest
+*/
+SQLITE_PRIVATE int sqlite3VdbeGoto(Vdbe *p, int iDest){
+ return sqlite3VdbeAddOp3(p, OP_Goto, 0, iDest, 0);
+}
+
+/* Generate code to cause the string zStr to be loaded into
+** register iDest
+*/
+SQLITE_PRIVATE int sqlite3VdbeLoadString(Vdbe *p, int iDest, const char *zStr){
+ return sqlite3VdbeAddOp4(p, OP_String8, 0, iDest, 0, zStr, 0);
+}
+
+/*
+** Generate code that initializes multiple registers to string or integer
+** constants. The registers begin with iDest and increase consecutively.
+** One register is initialized for each characgter in zTypes[]. For each
+** "s" character in zTypes[], the register is a string if the argument is
+** not NULL, or OP_Null if the value is a null pointer. For each "i" character
+** in zTypes[], the register is initialized to an integer.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMultiLoad(Vdbe *p, int iDest, const char *zTypes, ...){
+ va_list ap;
+ int i;
+ char c;
+ va_start(ap, zTypes);
+ for(i=0; (c = zTypes[i])!=0; i++){
+ if( c=='s' ){
+ const char *z = va_arg(ap, const char*);
+ int addr = sqlite3VdbeAddOp2(p, z==0 ? OP_Null : OP_String8, 0, iDest++);
+ if( z ) sqlite3VdbeChangeP4(p, addr, z, 0);
+ }else{
+ assert( c=='i' );
+ sqlite3VdbeAddOp2(p, OP_Integer, va_arg(ap, int), iDest++);
+ }
+ }
+ va_end(ap);
+}
+
+/*
+** Add an opcode that includes the p4 value as a pointer.
+*/
+SQLITE_PRIVATE int sqlite3VdbeAddOp4(
+ Vdbe *p, /* Add the opcode to this VM */
+ int op, /* The new opcode */
+ int p1, /* The P1 operand */
+ int p2, /* The P2 operand */
+ int p3, /* The P3 operand */
+ const char *zP4, /* The P4 operand */
+ int p4type /* P4 operand type */
+){
+ int addr = sqlite3VdbeAddOp3(p, op, p1, p2, p3);
+ sqlite3VdbeChangeP4(p, addr, zP4, p4type);
+ return addr;
+}
+
+/*
+** Add an opcode that includes the p4 value with a P4_INT64 or
+** P4_REAL type.
+*/
+SQLITE_PRIVATE int sqlite3VdbeAddOp4Dup8(
+ Vdbe *p, /* Add the opcode to this VM */
+ int op, /* The new opcode */
+ int p1, /* The P1 operand */
+ int p2, /* The P2 operand */
+ int p3, /* The P3 operand */
+ const u8 *zP4, /* The P4 operand */
+ int p4type /* P4 operand type */
+){
+ char *p4copy = sqlite3DbMallocRaw(sqlite3VdbeDb(p), 8);
+ if( p4copy ) memcpy(p4copy, zP4, 8);
+ return sqlite3VdbeAddOp4(p, op, p1, p2, p3, p4copy, p4type);
+}
+
+/*
+** Add an OP_ParseSchema opcode. This routine is broken out from
+** sqlite3VdbeAddOp4() since it needs to also needs to mark all btrees
+** as having been used.
+**
+** The zWhere string must have been obtained from sqlite3_malloc().
+** This routine will take ownership of the allocated memory.
+*/
+SQLITE_PRIVATE void sqlite3VdbeAddParseSchemaOp(Vdbe *p, int iDb, char *zWhere){
+ int j;
+ int addr = sqlite3VdbeAddOp3(p, OP_ParseSchema, iDb, 0, 0);
+ sqlite3VdbeChangeP4(p, addr, zWhere, P4_DYNAMIC);
+ for(j=0; j<p->db->nDb; j++) sqlite3VdbeUsesBtree(p, j);
+}
+
+/*
+** Add an opcode that includes the p4 value as an integer.
+*/
+SQLITE_PRIVATE int sqlite3VdbeAddOp4Int(
+ Vdbe *p, /* Add the opcode to this VM */
+ int op, /* The new opcode */
+ int p1, /* The P1 operand */
+ int p2, /* The P2 operand */
+ int p3, /* The P3 operand */
+ int p4 /* The P4 operand as an integer */
+){
+ int addr = sqlite3VdbeAddOp3(p, op, p1, p2, p3);
+ sqlite3VdbeChangeP4(p, addr, SQLITE_INT_TO_PTR(p4), P4_INT32);
+ return addr;
+}
+
+/*
+** Create a new symbolic label for an instruction that has yet to be
+** coded. The symbolic label is really just a negative number. The
+** label can be used as the P2 value of an operation. Later, when
+** the label is resolved to a specific address, the VDBE will scan
+** through its operation list and change all values of P2 which match
+** the label into the resolved address.
+**
+** The VDBE knows that a P2 value is a label because labels are
+** always negative and P2 values are suppose to be non-negative.
+** Hence, a negative P2 value is a label that has yet to be resolved.
+**
+** Zero is returned if a malloc() fails.
+*/
+SQLITE_PRIVATE int sqlite3VdbeMakeLabel(Vdbe *v){
+ Parse *p = v->pParse;
+ int i = p->nLabel++;
+ assert( v->magic==VDBE_MAGIC_INIT );
+ if( (i & (i-1))==0 ){
+ p->aLabel = sqlite3DbReallocOrFree(p->db, p->aLabel,
+ (i*2+1)*sizeof(p->aLabel[0]));
+ }
+ if( p->aLabel ){
+ p->aLabel[i] = -1;
+ }
+ return ADDR(i);
+}
+
+/*
+** Resolve label "x" to be the address of the next instruction to
+** be inserted. The parameter "x" must have been obtained from
+** a prior call to sqlite3VdbeMakeLabel().
+*/
+SQLITE_PRIVATE void sqlite3VdbeResolveLabel(Vdbe *v, int x){
+ Parse *p = v->pParse;
+ int j = ADDR(x);
+ assert( v->magic==VDBE_MAGIC_INIT );
+ assert( j<p->nLabel );
+ assert( j>=0 );
+ if( p->aLabel ){
+ p->aLabel[j] = v->nOp;
+ }
+ p->iFixedOp = v->nOp - 1;
+}
+
+/*
+** Mark the VDBE as one that can only be run one time.
+*/
+SQLITE_PRIVATE void sqlite3VdbeRunOnlyOnce(Vdbe *p){
+ p->runOnlyOnce = 1;
+}
+
+#ifdef SQLITE_DEBUG /* sqlite3AssertMayAbort() logic */
+
+/*
+** The following type and function are used to iterate through all opcodes
+** in a Vdbe main program and each of the sub-programs (triggers) it may
+** invoke directly or indirectly. It should be used as follows:
+**
+** Op *pOp;
+** VdbeOpIter sIter;
+**
+** memset(&sIter, 0, sizeof(sIter));
+** sIter.v = v; // v is of type Vdbe*
+** while( (pOp = opIterNext(&sIter)) ){
+** // Do something with pOp
+** }
+** sqlite3DbFree(v->db, sIter.apSub);
+**
+*/
+typedef struct VdbeOpIter VdbeOpIter;
+struct VdbeOpIter {
+ Vdbe *v; /* Vdbe to iterate through the opcodes of */
+ SubProgram **apSub; /* Array of subprograms */
+ int nSub; /* Number of entries in apSub */
+ int iAddr; /* Address of next instruction to return */
+ int iSub; /* 0 = main program, 1 = first sub-program etc. */
+};
+static Op *opIterNext(VdbeOpIter *p){
+ Vdbe *v = p->v;
+ Op *pRet = 0;
+ Op *aOp;
+ int nOp;
+
+ if( p->iSub<=p->nSub ){
+
+ if( p->iSub==0 ){
+ aOp = v->aOp;
+ nOp = v->nOp;
+ }else{
+ aOp = p->apSub[p->iSub-1]->aOp;
+ nOp = p->apSub[p->iSub-1]->nOp;
+ }
+ assert( p->iAddr<nOp );
+
+ pRet = &aOp[p->iAddr];
+ p->iAddr++;
+ if( p->iAddr==nOp ){
+ p->iSub++;
+ p->iAddr = 0;
+ }
+
+ if( pRet->p4type==P4_SUBPROGRAM ){
+ int nByte = (p->nSub+1)*sizeof(SubProgram*);
+ int j;
+ for(j=0; j<p->nSub; j++){
+ if( p->apSub[j]==pRet->p4.pProgram ) break;
+ }
+ if( j==p->nSub ){
+ p->apSub = sqlite3DbReallocOrFree(v->db, p->apSub, nByte);
+ if( !p->apSub ){
+ pRet = 0;
+ }else{
+ p->apSub[p->nSub++] = pRet->p4.pProgram;
+ }
+ }
+ }
+ }
+
+ return pRet;
+}
+
+/*
+** Check if the program stored in the VM associated with pParse may
+** throw an ABORT exception (causing the statement, but not entire transaction
+** to be rolled back). This condition is true if the main program or any
+** sub-programs contains any of the following:
+**
+** * OP_Halt with P1=SQLITE_CONSTRAINT and P2=OE_Abort.
+** * OP_HaltIfNull with P1=SQLITE_CONSTRAINT and P2=OE_Abort.
+** * OP_Destroy
+** * OP_VUpdate
+** * OP_VRename
+** * OP_FkCounter with P2==0 (immediate foreign key constraint)
+** * OP_CreateTable and OP_InitCoroutine (for CREATE TABLE AS SELECT ...)
+**
+** Then check that the value of Parse.mayAbort is true if an
+** ABORT may be thrown, or false otherwise. Return true if it does
+** match, or false otherwise. This function is intended to be used as
+** part of an assert statement in the compiler. Similar to:
+**
+** assert( sqlite3VdbeAssertMayAbort(pParse->pVdbe, pParse->mayAbort) );
+*/
+SQLITE_PRIVATE int sqlite3VdbeAssertMayAbort(Vdbe *v, int mayAbort){
+ int hasAbort = 0;
+ int hasFkCounter = 0;
+ int hasCreateTable = 0;
+ int hasInitCoroutine = 0;
+ Op *pOp;
+ VdbeOpIter sIter;
+ memset(&sIter, 0, sizeof(sIter));
+ sIter.v = v;
+
+ while( (pOp = opIterNext(&sIter))!=0 ){
+ int opcode = pOp->opcode;
+ if( opcode==OP_Destroy || opcode==OP_VUpdate || opcode==OP_VRename
+ || ((opcode==OP_Halt || opcode==OP_HaltIfNull)
+ && ((pOp->p1&0xff)==SQLITE_CONSTRAINT && pOp->p2==OE_Abort))
+ ){
+ hasAbort = 1;
+ break;
+ }
+ if( opcode==OP_CreateTable ) hasCreateTable = 1;
+ if( opcode==OP_InitCoroutine ) hasInitCoroutine = 1;
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ if( opcode==OP_FkCounter && pOp->p1==0 && pOp->p2==1 ){
+ hasFkCounter = 1;
+ }
+#endif
+ }
+ sqlite3DbFree(v->db, sIter.apSub);
+
+ /* Return true if hasAbort==mayAbort. Or if a malloc failure occurred.
+ ** If malloc failed, then the while() loop above may not have iterated
+ ** through all opcodes and hasAbort may be set incorrectly. Return
+ ** true for this case to prevent the assert() in the callers frame
+ ** from failing. */
+ return ( v->db->mallocFailed || hasAbort==mayAbort || hasFkCounter
+ || (hasCreateTable && hasInitCoroutine) );
+}
+#endif /* SQLITE_DEBUG - the sqlite3AssertMayAbort() function */
+
+/*
+** This routine is called after all opcodes have been inserted. It loops
+** through all the opcodes and fixes up some details.
+**
+** (1) For each jump instruction with a negative P2 value (a label)
+** resolve the P2 value to an actual address.
+**
+** (2) Compute the maximum number of arguments used by any SQL function
+** and store that value in *pMaxFuncArgs.
+**
+** (3) Update the Vdbe.readOnly and Vdbe.bIsReader flags to accurately
+** indicate what the prepared statement actually does.
+**
+** (4) Initialize the p4.xAdvance pointer on opcodes that use it.
+**
+** (5) Reclaim the memory allocated for storing labels.
+*/
+static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
+ int i;
+ int nMaxArgs = *pMaxFuncArgs;
+ Op *pOp;
+ Parse *pParse = p->pParse;
+ int *aLabel = pParse->aLabel;
+ p->readOnly = 1;
+ p->bIsReader = 0;
+ for(pOp=p->aOp, i=p->nOp-1; i>=0; i--, pOp++){
+ u8 opcode = pOp->opcode;
+
+ /* NOTE: Be sure to update mkopcodeh.awk when adding or removing
+ ** cases from this switch! */
+ switch( opcode ){
+ case OP_Transaction: {
+ if( pOp->p2!=0 ) p->readOnly = 0;
+ /* fall thru */
+ }
+ case OP_AutoCommit:
+ case OP_Savepoint: {
+ p->bIsReader = 1;
+ break;
+ }
+#ifndef SQLITE_OMIT_WAL
+ case OP_Checkpoint:
+#endif
+ case OP_Vacuum:
+ case OP_JournalMode: {
+ p->readOnly = 0;
+ p->bIsReader = 1;
+ break;
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ case OP_VUpdate: {
+ if( pOp->p2>nMaxArgs ) nMaxArgs = pOp->p2;
+ break;
+ }
+ case OP_VFilter: {
+ int n;
+ assert( p->nOp - i >= 3 );
+ assert( pOp[-1].opcode==OP_Integer );
+ n = pOp[-1].p1;
+ if( n>nMaxArgs ) nMaxArgs = n;
+ break;
+ }
+#endif
+ case OP_Next:
+ case OP_NextIfOpen:
+ case OP_SorterNext: {
+ pOp->p4.xAdvance = sqlite3BtreeNext;
+ pOp->p4type = P4_ADVANCE;
+ break;
+ }
+ case OP_Prev:
+ case OP_PrevIfOpen: {
+ pOp->p4.xAdvance = sqlite3BtreePrevious;
+ pOp->p4type = P4_ADVANCE;
+ break;
+ }
+ }
+
+ pOp->opflags = sqlite3OpcodeProperty[opcode];
+ if( (pOp->opflags & OPFLG_JUMP)!=0 && pOp->p2<0 ){
+ assert( ADDR(pOp->p2)<pParse->nLabel );
+ pOp->p2 = aLabel[ADDR(pOp->p2)];
+ }
+ }
+ sqlite3DbFree(p->db, pParse->aLabel);
+ pParse->aLabel = 0;
+ pParse->nLabel = 0;
+ *pMaxFuncArgs = nMaxArgs;
+ assert( p->bIsReader!=0 || DbMaskAllZero(p->btreeMask) );
+}
+
+/*
+** Return the address of the next instruction to be inserted.
+*/
+SQLITE_PRIVATE int sqlite3VdbeCurrentAddr(Vdbe *p){
+ assert( p->magic==VDBE_MAGIC_INIT );
+ return p->nOp;
+}
+
+/*
+** This function returns a pointer to the array of opcodes associated with
+** the Vdbe passed as the first argument. It is the callers responsibility
+** to arrange for the returned array to be eventually freed using the
+** vdbeFreeOpArray() function.
+**
+** Before returning, *pnOp is set to the number of entries in the returned
+** array. Also, *pnMaxArg is set to the larger of its current value and
+** the number of entries in the Vdbe.apArg[] array required to execute the
+** returned program.
+*/
+SQLITE_PRIVATE VdbeOp *sqlite3VdbeTakeOpArray(Vdbe *p, int *pnOp, int *pnMaxArg){
+ VdbeOp *aOp = p->aOp;
+ assert( aOp && !p->db->mallocFailed );
+
+ /* Check that sqlite3VdbeUsesBtree() was not called on this VM */
+ assert( DbMaskAllZero(p->btreeMask) );
+
+ resolveP2Values(p, pnMaxArg);
+ *pnOp = p->nOp;
+ p->aOp = 0;
+ return aOp;
+}
+
+/*
+** Add a whole list of operations to the operation stack. Return the
+** address of the first operation added.
+*/
+SQLITE_PRIVATE int sqlite3VdbeAddOpList(Vdbe *p, int nOp, VdbeOpList const *aOp, int iLineno){
+ int addr, i;
+ VdbeOp *pOut;
+ assert( nOp>0 );
+ assert( p->magic==VDBE_MAGIC_INIT );
+ if( p->nOp + nOp > p->pParse->nOpAlloc && growOpArray(p, nOp) ){
+ return 0;
+ }
+ addr = p->nOp;
+ pOut = &p->aOp[addr];
+ for(i=0; i<nOp; i++, aOp++, pOut++){
+ pOut->opcode = aOp->opcode;
+ pOut->p1 = aOp->p1;
+ pOut->p2 = aOp->p2;
+ assert( aOp->p2>=0 );
+ pOut->p3 = aOp->p3;
+ pOut->p4type = P4_NOTUSED;
+ pOut->p4.p = 0;
+ pOut->p5 = 0;
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ pOut->zComment = 0;
+#endif
+#ifdef SQLITE_VDBE_COVERAGE
+ pOut->iSrcLine = iLineno+i;
+#else
+ (void)iLineno;
+#endif
+#ifdef SQLITE_DEBUG
+ if( p->db->flags & SQLITE_VdbeAddopTrace ){
+ sqlite3VdbePrintOp(0, i+addr, &p->aOp[i+addr]);
+ }
+#endif
+ }
+ p->nOp += nOp;
+ return addr;
+}
+
+#if defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+/*
+** Add an entry to the array of counters managed by sqlite3_stmt_scanstatus().
+*/
+SQLITE_PRIVATE void sqlite3VdbeScanStatus(
+ Vdbe *p, /* VM to add scanstatus() to */
+ int addrExplain, /* Address of OP_Explain (or 0) */
+ int addrLoop, /* Address of loop counter */
+ int addrVisit, /* Address of rows visited counter */
+ LogEst nEst, /* Estimated number of output rows */
+ const char *zName /* Name of table or index being scanned */
+){
+ int nByte = (p->nScan+1) * sizeof(ScanStatus);
+ ScanStatus *aNew;
+ aNew = (ScanStatus*)sqlite3DbRealloc(p->db, p->aScan, nByte);
+ if( aNew ){
+ ScanStatus *pNew = &aNew[p->nScan++];
+ pNew->addrExplain = addrExplain;
+ pNew->addrLoop = addrLoop;
+ pNew->addrVisit = addrVisit;
+ pNew->nEst = nEst;
+ pNew->zName = sqlite3DbStrDup(p->db, zName);
+ p->aScan = aNew;
+ }
+}
+#endif
+
+
+/*
+** Change the value of the opcode, or P1, P2, P3, or P5 operands
+** for a specific instruction.
+*/
+SQLITE_PRIVATE void sqlite3VdbeChangeOpcode(Vdbe *p, u32 addr, u8 iNewOpcode){
+ sqlite3VdbeGetOp(p,addr)->opcode = iNewOpcode;
+}
+SQLITE_PRIVATE void sqlite3VdbeChangeP1(Vdbe *p, u32 addr, int val){
+ sqlite3VdbeGetOp(p,addr)->p1 = val;
+}
+SQLITE_PRIVATE void sqlite3VdbeChangeP2(Vdbe *p, u32 addr, int val){
+ sqlite3VdbeGetOp(p,addr)->p2 = val;
+}
+SQLITE_PRIVATE void sqlite3VdbeChangeP3(Vdbe *p, u32 addr, int val){
+ sqlite3VdbeGetOp(p,addr)->p3 = val;
+}
+SQLITE_PRIVATE void sqlite3VdbeChangeP5(Vdbe *p, u8 p5){
+ sqlite3VdbeGetOp(p,-1)->p5 = p5;
+}
+
+/*
+** Change the P2 operand of instruction addr so that it points to
+** the address of the next instruction to be coded.
+*/
+SQLITE_PRIVATE void sqlite3VdbeJumpHere(Vdbe *p, int addr){
+ p->pParse->iFixedOp = p->nOp - 1;
+ sqlite3VdbeChangeP2(p, addr, p->nOp);
+}
+
+
+/*
+** If the input FuncDef structure is ephemeral, then free it. If
+** the FuncDef is not ephermal, then do nothing.
+*/
+static void freeEphemeralFunction(sqlite3 *db, FuncDef *pDef){
+ if( ALWAYS(pDef) && (pDef->funcFlags & SQLITE_FUNC_EPHEM)!=0 ){
+ sqlite3DbFree(db, pDef);
+ }
+}
+
+static void vdbeFreeOpArray(sqlite3 *, Op *, int);
+
+/*
+** Delete a P4 value if necessary.
+*/
+static void freeP4(sqlite3 *db, int p4type, void *p4){
+ if( p4 ){
+ assert( db );
+ switch( p4type ){
+ case P4_FUNCCTX: {
+ freeEphemeralFunction(db, ((sqlite3_context*)p4)->pFunc);
+ /* Fall through into the next case */
+ }
+ case P4_REAL:
+ case P4_INT64:
+ case P4_DYNAMIC:
+ case P4_INTARRAY: {
+ sqlite3DbFree(db, p4);
+ break;
+ }
+ case P4_KEYINFO: {
+ if( db->pnBytesFreed==0 ) sqlite3KeyInfoUnref((KeyInfo*)p4);
+ break;
+ }
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+ case P4_EXPR: {
+ sqlite3ExprDelete(db, (Expr*)p4);
+ break;
+ }
+#endif
+ case P4_MPRINTF: {
+ if( db->pnBytesFreed==0 ) sqlite3_free(p4);
+ break;
+ }
+ case P4_FUNCDEF: {
+ freeEphemeralFunction(db, (FuncDef*)p4);
+ break;
+ }
+ case P4_MEM: {
+ if( db->pnBytesFreed==0 ){
+ sqlite3ValueFree((sqlite3_value*)p4);
+ }else{
+ Mem *p = (Mem*)p4;
+ if( p->szMalloc ) sqlite3DbFree(db, p->zMalloc);
+ sqlite3DbFree(db, p);
+ }
+ break;
+ }
+ case P4_VTAB : {
+ if( db->pnBytesFreed==0 ) sqlite3VtabUnlock((VTable *)p4);
+ break;
+ }
+ }
+ }
+}
+
+/*
+** Free the space allocated for aOp and any p4 values allocated for the
+** opcodes contained within. If aOp is not NULL it is assumed to contain
+** nOp entries.
+*/
+static void vdbeFreeOpArray(sqlite3 *db, Op *aOp, int nOp){
+ if( aOp ){
+ Op *pOp;
+ for(pOp=aOp; pOp<&aOp[nOp]; pOp++){
+ freeP4(db, pOp->p4type, pOp->p4.p);
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ sqlite3DbFree(db, pOp->zComment);
+#endif
+ }
+ }
+ sqlite3DbFree(db, aOp);
+}
+
+/*
+** Link the SubProgram object passed as the second argument into the linked
+** list at Vdbe.pSubProgram. This list is used to delete all sub-program
+** objects when the VM is no longer required.
+*/
+SQLITE_PRIVATE void sqlite3VdbeLinkSubProgram(Vdbe *pVdbe, SubProgram *p){
+ p->pNext = pVdbe->pProgram;
+ pVdbe->pProgram = p;
+}
+
+/*
+** Change the opcode at addr into OP_Noop
+*/
+SQLITE_PRIVATE void sqlite3VdbeChangeToNoop(Vdbe *p, int addr){
+ if( addr<p->nOp ){
+ VdbeOp *pOp = &p->aOp[addr];
+ sqlite3 *db = p->db;
+ freeP4(db, pOp->p4type, pOp->p4.p);
+ memset(pOp, 0, sizeof(pOp[0]));
+ pOp->opcode = OP_Noop;
+ }
+}
+
+/*
+** If the last opcode is "op" and it is not a jump destination,
+** then remove it. Return true if and only if an opcode was removed.
+*/
+SQLITE_PRIVATE int sqlite3VdbeDeletePriorOpcode(Vdbe *p, u8 op){
+ if( (p->nOp-1)>(p->pParse->iFixedOp) && p->aOp[p->nOp-1].opcode==op ){
+ sqlite3VdbeChangeToNoop(p, p->nOp-1);
+ return 1;
+ }else{
+ return 0;
+ }
+}
+
+/*
+** Change the value of the P4 operand for a specific instruction.
+** This routine is useful when a large program is loaded from a
+** static array using sqlite3VdbeAddOpList but we want to make a
+** few minor changes to the program.
+**
+** If n>=0 then the P4 operand is dynamic, meaning that a copy of
+** the string is made into memory obtained from sqlite3_malloc().
+** A value of n==0 means copy bytes of zP4 up to and including the
+** first null byte. If n>0 then copy n+1 bytes of zP4.
+**
+** Other values of n (P4_STATIC, P4_COLLSEQ etc.) indicate that zP4 points
+** to a string or structure that is guaranteed to exist for the lifetime of
+** the Vdbe. In these cases we can just copy the pointer.
+**
+** If addr<0 then change P4 on the most recently inserted instruction.
+*/
+SQLITE_PRIVATE void sqlite3VdbeChangeP4(Vdbe *p, int addr, const char *zP4, int n){
+ Op *pOp;
+ sqlite3 *db;
+ assert( p!=0 );
+ db = p->db;
+ assert( p->magic==VDBE_MAGIC_INIT );
+ if( p->aOp==0 || db->mallocFailed ){
+ if( n!=P4_VTAB ){
+ freeP4(db, n, (void*)*(char**)&zP4);
+ }
+ return;
+ }
+ assert( p->nOp>0 );
+ assert( addr<p->nOp );
+ if( addr<0 ){
+ addr = p->nOp - 1;
+ }
+ pOp = &p->aOp[addr];
+ assert( pOp->p4type==P4_NOTUSED
+ || pOp->p4type==P4_INT32
+ || pOp->p4type==P4_KEYINFO );
+ freeP4(db, pOp->p4type, pOp->p4.p);
+ pOp->p4.p = 0;
+ if( n==P4_INT32 ){
+ /* Note: this cast is safe, because the origin data point was an int
+ ** that was cast to a (const char *). */
+ pOp->p4.i = SQLITE_PTR_TO_INT(zP4);
+ pOp->p4type = P4_INT32;
+ }else if( zP4==0 ){
+ pOp->p4.p = 0;
+ pOp->p4type = P4_NOTUSED;
+ }else if( n==P4_KEYINFO ){
+ pOp->p4.p = (void*)zP4;
+ pOp->p4type = P4_KEYINFO;
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+ }else if( n==P4_EXPR ){
+ /* Responsibility for deleting the Expr tree is handed over to the
+ ** VDBE by this operation. The caller should have already invoked
+ ** sqlite3ExprDup() or whatever other routine is needed to make a
+ ** private copy of the tree. */
+ pOp->p4.pExpr = (Expr*)zP4;
+ pOp->p4type = P4_EXPR;
+#endif
+ }else if( n==P4_VTAB ){
+ pOp->p4.p = (void*)zP4;
+ pOp->p4type = P4_VTAB;
+ sqlite3VtabLock((VTable *)zP4);
+ assert( ((VTable *)zP4)->db==p->db );
+ }else if( n<0 ){
+ pOp->p4.p = (void*)zP4;
+ pOp->p4type = (signed char)n;
+ }else{
+ if( n==0 ) n = sqlite3Strlen30(zP4);
+ pOp->p4.z = sqlite3DbStrNDup(p->db, zP4, n);
+ pOp->p4type = P4_DYNAMIC;
+ }
+}
+
+/*
+** Set the P4 on the most recently added opcode to the KeyInfo for the
+** index given.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSetP4KeyInfo(Parse *pParse, Index *pIdx){
+ Vdbe *v = pParse->pVdbe;
+ assert( v!=0 );
+ assert( pIdx!=0 );
+ sqlite3VdbeChangeP4(v, -1, (char*)sqlite3KeyInfoOfIndex(pParse, pIdx),
+ P4_KEYINFO);
+}
+
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+/*
+** Change the comment on the most recently coded instruction. Or
+** insert a No-op and add the comment to that new instruction. This
+** makes the code easier to read during debugging. None of this happens
+** in a production build.
+*/
+static void vdbeVComment(Vdbe *p, const char *zFormat, va_list ap){
+ assert( p->nOp>0 || p->aOp==0 );
+ assert( p->aOp==0 || p->aOp[p->nOp-1].zComment==0 || p->db->mallocFailed );
+ if( p->nOp ){
+ assert( p->aOp );
+ sqlite3DbFree(p->db, p->aOp[p->nOp-1].zComment);
+ p->aOp[p->nOp-1].zComment = sqlite3VMPrintf(p->db, zFormat, ap);
+ }
+}
+SQLITE_PRIVATE void sqlite3VdbeComment(Vdbe *p, const char *zFormat, ...){
+ va_list ap;
+ if( p ){
+ va_start(ap, zFormat);
+ vdbeVComment(p, zFormat, ap);
+ va_end(ap);
+ }
+}
+SQLITE_PRIVATE void sqlite3VdbeNoopComment(Vdbe *p, const char *zFormat, ...){
+ va_list ap;
+ if( p ){
+ sqlite3VdbeAddOp0(p, OP_Noop);
+ va_start(ap, zFormat);
+ vdbeVComment(p, zFormat, ap);
+ va_end(ap);
+ }
+}
+#endif /* NDEBUG */
+
+#ifdef SQLITE_VDBE_COVERAGE
+/*
+** Set the value if the iSrcLine field for the previously coded instruction.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSetLineNumber(Vdbe *v, int iLine){
+ sqlite3VdbeGetOp(v,-1)->iSrcLine = iLine;
+}
+#endif /* SQLITE_VDBE_COVERAGE */
+
+/*
+** Return the opcode for a given address. If the address is -1, then
+** return the most recently inserted opcode.
+**
+** If a memory allocation error has occurred prior to the calling of this
+** routine, then a pointer to a dummy VdbeOp will be returned. That opcode
+** is readable but not writable, though it is cast to a writable value.
+** The return of a dummy opcode allows the call to continue functioning
+** after an OOM fault without having to check to see if the return from
+** this routine is a valid pointer. But because the dummy.opcode is 0,
+** dummy will never be written to. This is verified by code inspection and
+** by running with Valgrind.
+*/
+SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetOp(Vdbe *p, int addr){
+ /* C89 specifies that the constant "dummy" will be initialized to all
+ ** zeros, which is correct. MSVC generates a warning, nevertheless. */
+ static VdbeOp dummy; /* Ignore the MSVC warning about no initializer */
+ assert( p->magic==VDBE_MAGIC_INIT );
+ if( addr<0 ){
+ addr = p->nOp - 1;
+ }
+ assert( (addr>=0 && addr<p->nOp) || p->db->mallocFailed );
+ if( p->db->mallocFailed ){
+ return (VdbeOp*)&dummy;
+ }else{
+ return &p->aOp[addr];
+ }
+}
+
+#if defined(SQLITE_ENABLE_EXPLAIN_COMMENTS)
+/*
+** Return an integer value for one of the parameters to the opcode pOp
+** determined by character c.
+*/
+static int translateP(char c, const Op *pOp){
+ if( c=='1' ) return pOp->p1;
+ if( c=='2' ) return pOp->p2;
+ if( c=='3' ) return pOp->p3;
+ if( c=='4' ) return pOp->p4.i;
+ return pOp->p5;
+}
+
+/*
+** Compute a string for the "comment" field of a VDBE opcode listing.
+**
+** The Synopsis: field in comments in the vdbe.c source file gets converted
+** to an extra string that is appended to the sqlite3OpcodeName(). In the
+** absence of other comments, this synopsis becomes the comment on the opcode.
+** Some translation occurs:
+**
+** "PX" -> "r[X]"
+** "PX@PY" -> "r[X..X+Y-1]" or "r[x]" if y is 0 or 1
+** "PX@PY+1" -> "r[X..X+Y]" or "r[x]" if y is 0
+** "PY..PY" -> "r[X..Y]" or "r[x]" if y<=x
+*/
+static int displayComment(
+ const Op *pOp, /* The opcode to be commented */
+ const char *zP4, /* Previously obtained value for P4 */
+ char *zTemp, /* Write result here */
+ int nTemp /* Space available in zTemp[] */
+){
+ const char *zOpName;
+ const char *zSynopsis;
+ int nOpName;
+ int ii, jj;
+ zOpName = sqlite3OpcodeName(pOp->opcode);
+ nOpName = sqlite3Strlen30(zOpName);
+ if( zOpName[nOpName+1] ){
+ int seenCom = 0;
+ char c;
+ zSynopsis = zOpName += nOpName + 1;
+ for(ii=jj=0; jj<nTemp-1 && (c = zSynopsis[ii])!=0; ii++){
+ if( c=='P' ){
+ c = zSynopsis[++ii];
+ if( c=='4' ){
+ sqlite3_snprintf(nTemp-jj, zTemp+jj, "%s", zP4);
+ }else if( c=='X' ){
+ sqlite3_snprintf(nTemp-jj, zTemp+jj, "%s", pOp->zComment);
+ seenCom = 1;
+ }else{
+ int v1 = translateP(c, pOp);
+ int v2;
+ sqlite3_snprintf(nTemp-jj, zTemp+jj, "%d", v1);
+ if( strncmp(zSynopsis+ii+1, "@P", 2)==0 ){
+ ii += 3;
+ jj += sqlite3Strlen30(zTemp+jj);
+ v2 = translateP(zSynopsis[ii], pOp);
+ if( strncmp(zSynopsis+ii+1,"+1",2)==0 ){
+ ii += 2;
+ v2++;
+ }
+ if( v2>1 ){
+ sqlite3_snprintf(nTemp-jj, zTemp+jj, "..%d", v1+v2-1);
+ }
+ }else if( strncmp(zSynopsis+ii+1, "..P3", 4)==0 && pOp->p3==0 ){
+ ii += 4;
+ }
+ }
+ jj += sqlite3Strlen30(zTemp+jj);
+ }else{
+ zTemp[jj++] = c;
+ }
+ }
+ if( !seenCom && jj<nTemp-5 && pOp->zComment ){
+ sqlite3_snprintf(nTemp-jj, zTemp+jj, "; %s", pOp->zComment);
+ jj += sqlite3Strlen30(zTemp+jj);
+ }
+ if( jj<nTemp ) zTemp[jj] = 0;
+ }else if( pOp->zComment ){
+ sqlite3_snprintf(nTemp, zTemp, "%s", pOp->zComment);
+ jj = sqlite3Strlen30(zTemp);
+ }else{
+ zTemp[0] = 0;
+ jj = 0;
+ }
+ return jj;
+}
+#endif /* SQLITE_DEBUG */
+
+#if VDBE_DISPLAY_P4 && defined(SQLITE_ENABLE_CURSOR_HINTS)
+/*
+** Translate the P4.pExpr value for an OP_CursorHint opcode into text
+** that can be displayed in the P4 column of EXPLAIN output.
+*/
+static int displayP4Expr(int nTemp, char *zTemp, Expr *pExpr){
+ const char *zOp = 0;
+ int n;
+ switch( pExpr->op ){
+ case TK_STRING:
+ sqlite3_snprintf(nTemp, zTemp, "%Q", pExpr->u.zToken);
+ break;
+ case TK_INTEGER:
+ sqlite3_snprintf(nTemp, zTemp, "%d", pExpr->u.iValue);
+ break;
+ case TK_NULL:
+ sqlite3_snprintf(nTemp, zTemp, "NULL");
+ break;
+ case TK_REGISTER: {
+ sqlite3_snprintf(nTemp, zTemp, "r[%d]", pExpr->iTable);
+ break;
+ }
+ case TK_COLUMN: {
+ if( pExpr->iColumn<0 ){
+ sqlite3_snprintf(nTemp, zTemp, "rowid");
+ }else{
+ sqlite3_snprintf(nTemp, zTemp, "c%d", (int)pExpr->iColumn);
+ }
+ break;
+ }
+ case TK_LT: zOp = "LT"; break;
+ case TK_LE: zOp = "LE"; break;
+ case TK_GT: zOp = "GT"; break;
+ case TK_GE: zOp = "GE"; break;
+ case TK_NE: zOp = "NE"; break;
+ case TK_EQ: zOp = "EQ"; break;
+ case TK_IS: zOp = "IS"; break;
+ case TK_ISNOT: zOp = "ISNOT"; break;
+ case TK_AND: zOp = "AND"; break;
+ case TK_OR: zOp = "OR"; break;
+ case TK_PLUS: zOp = "ADD"; break;
+ case TK_STAR: zOp = "MUL"; break;
+ case TK_MINUS: zOp = "SUB"; break;
+ case TK_REM: zOp = "REM"; break;
+ case TK_BITAND: zOp = "BITAND"; break;
+ case TK_BITOR: zOp = "BITOR"; break;
+ case TK_SLASH: zOp = "DIV"; break;
+ case TK_LSHIFT: zOp = "LSHIFT"; break;
+ case TK_RSHIFT: zOp = "RSHIFT"; break;
+ case TK_CONCAT: zOp = "CONCAT"; break;
+ case TK_UMINUS: zOp = "MINUS"; break;
+ case TK_UPLUS: zOp = "PLUS"; break;
+ case TK_BITNOT: zOp = "BITNOT"; break;
+ case TK_NOT: zOp = "NOT"; break;
+ case TK_ISNULL: zOp = "ISNULL"; break;
+ case TK_NOTNULL: zOp = "NOTNULL"; break;
+
+ default:
+ sqlite3_snprintf(nTemp, zTemp, "%s", "expr");
+ break;
+ }
+
+ if( zOp ){
+ sqlite3_snprintf(nTemp, zTemp, "%s(", zOp);
+ n = sqlite3Strlen30(zTemp);
+ n += displayP4Expr(nTemp-n, zTemp+n, pExpr->pLeft);
+ if( n<nTemp-1 && pExpr->pRight ){
+ zTemp[n++] = ',';
+ n += displayP4Expr(nTemp-n, zTemp+n, pExpr->pRight);
+ }
+ sqlite3_snprintf(nTemp-n, zTemp+n, ")");
+ }
+ return sqlite3Strlen30(zTemp);
+}
+#endif /* VDBE_DISPLAY_P4 && defined(SQLITE_ENABLE_CURSOR_HINTS) */
+
+
+#if VDBE_DISPLAY_P4
+/*
+** Compute a string that describes the P4 parameter for an opcode.
+** Use zTemp for any required temporary buffer space.
+*/
+static char *displayP4(Op *pOp, char *zTemp, int nTemp){
+ char *zP4 = zTemp;
+ assert( nTemp>=20 );
+ switch( pOp->p4type ){
+ case P4_KEYINFO: {
+ int i, j;
+ KeyInfo *pKeyInfo = pOp->p4.pKeyInfo;
+ assert( pKeyInfo->aSortOrder!=0 );
+ sqlite3_snprintf(nTemp, zTemp, "k(%d", pKeyInfo->nField);
+ i = sqlite3Strlen30(zTemp);
+ for(j=0; j<pKeyInfo->nField; j++){
+ CollSeq *pColl = pKeyInfo->aColl[j];
+ const char *zColl = pColl ? pColl->zName : "nil";
+ int n = sqlite3Strlen30(zColl);
+ if( n==6 && memcmp(zColl,"BINARY",6)==0 ){
+ zColl = "B";
+ n = 1;
+ }
+ if( i+n>nTemp-7 ){
+ memcpy(&zTemp[i],",...",4);
+ i += 4;
+ break;
+ }
+ zTemp[i++] = ',';
+ if( pKeyInfo->aSortOrder[j] ){
+ zTemp[i++] = '-';
+ }
+ memcpy(&zTemp[i], zColl, n+1);
+ i += n;
+ }
+ zTemp[i++] = ')';
+ zTemp[i] = 0;
+ assert( i<nTemp );
+ break;
+ }
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+ case P4_EXPR: {
+ displayP4Expr(nTemp, zTemp, pOp->p4.pExpr);
+ break;
+ }
+#endif
+ case P4_COLLSEQ: {
+ CollSeq *pColl = pOp->p4.pColl;
+ sqlite3_snprintf(nTemp, zTemp, "(%.20s)", pColl->zName);
+ break;
+ }
+ case P4_FUNCDEF: {
+ FuncDef *pDef = pOp->p4.pFunc;
+ sqlite3_snprintf(nTemp, zTemp, "%s(%d)", pDef->zName, pDef->nArg);
+ break;
+ }
+#ifdef SQLITE_DEBUG
+ case P4_FUNCCTX: {
+ FuncDef *pDef = pOp->p4.pCtx->pFunc;
+ sqlite3_snprintf(nTemp, zTemp, "%s(%d)", pDef->zName, pDef->nArg);
+ break;
+ }
+#endif
+ case P4_INT64: {
+ sqlite3_snprintf(nTemp, zTemp, "%lld", *pOp->p4.pI64);
+ break;
+ }
+ case P4_INT32: {
+ sqlite3_snprintf(nTemp, zTemp, "%d", pOp->p4.i);
+ break;
+ }
+ case P4_REAL: {
+ sqlite3_snprintf(nTemp, zTemp, "%.16g", *pOp->p4.pReal);
+ break;
+ }
+ case P4_MEM: {
+ Mem *pMem = pOp->p4.pMem;
+ if( pMem->flags & MEM_Str ){
+ zP4 = pMem->z;
+ }else if( pMem->flags & MEM_Int ){
+ sqlite3_snprintf(nTemp, zTemp, "%lld", pMem->u.i);
+ }else if( pMem->flags & MEM_Real ){
+ sqlite3_snprintf(nTemp, zTemp, "%.16g", pMem->u.r);
+ }else if( pMem->flags & MEM_Null ){
+ sqlite3_snprintf(nTemp, zTemp, "NULL");
+ }else{
+ assert( pMem->flags & MEM_Blob );
+ zP4 = "(blob)";
+ }
+ break;
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ case P4_VTAB: {
+ sqlite3_vtab *pVtab = pOp->p4.pVtab->pVtab;
+ sqlite3_snprintf(nTemp, zTemp, "vtab:%p", pVtab);
+ break;
+ }
+#endif
+ case P4_INTARRAY: {
+ sqlite3_snprintf(nTemp, zTemp, "intarray");
+ break;
+ }
+ case P4_SUBPROGRAM: {
+ sqlite3_snprintf(nTemp, zTemp, "program");
+ break;
+ }
+ case P4_ADVANCE: {
+ zTemp[0] = 0;
+ break;
+ }
+ default: {
+ zP4 = pOp->p4.z;
+ if( zP4==0 ){
+ zP4 = zTemp;
+ zTemp[0] = 0;
+ }
+ }
+ }
+ assert( zP4!=0 );
+ return zP4;
+}
+#endif /* VDBE_DISPLAY_P4 */
+
+/*
+** Declare to the Vdbe that the BTree object at db->aDb[i] is used.
+**
+** The prepared statements need to know in advance the complete set of
+** attached databases that will be use. A mask of these databases
+** is maintained in p->btreeMask. The p->lockMask value is the subset of
+** p->btreeMask of databases that will require a lock.
+*/
+SQLITE_PRIVATE void sqlite3VdbeUsesBtree(Vdbe *p, int i){
+ assert( i>=0 && i<p->db->nDb && i<(int)sizeof(yDbMask)*8 );
+ assert( i<(int)sizeof(p->btreeMask)*8 );
+ DbMaskSet(p->btreeMask, i);
+ if( i!=1 && sqlite3BtreeSharable(p->db->aDb[i].pBt) ){
+ DbMaskSet(p->lockMask, i);
+ }
+}
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && SQLITE_THREADSAFE>0
+/*
+** If SQLite is compiled to support shared-cache mode and to be threadsafe,
+** this routine obtains the mutex associated with each BtShared structure
+** that may be accessed by the VM passed as an argument. In doing so it also
+** sets the BtShared.db member of each of the BtShared structures, ensuring
+** that the correct busy-handler callback is invoked if required.
+**
+** If SQLite is not threadsafe but does support shared-cache mode, then
+** sqlite3BtreeEnter() is invoked to set the BtShared.db variables
+** of all of BtShared structures accessible via the database handle
+** associated with the VM.
+**
+** If SQLite is not threadsafe and does not support shared-cache mode, this
+** function is a no-op.
+**
+** The p->btreeMask field is a bitmask of all btrees that the prepared
+** statement p will ever use. Let N be the number of bits in p->btreeMask
+** corresponding to btrees that use shared cache. Then the runtime of
+** this routine is N*N. But as N is rarely more than 1, this should not
+** be a problem.
+*/
+SQLITE_PRIVATE void sqlite3VdbeEnter(Vdbe *p){
+ int i;
+ sqlite3 *db;
+ Db *aDb;
+ int nDb;
+ if( DbMaskAllZero(p->lockMask) ) return; /* The common case */
+ db = p->db;
+ aDb = db->aDb;
+ nDb = db->nDb;
+ for(i=0; i<nDb; i++){
+ if( i!=1 && DbMaskTest(p->lockMask,i) && ALWAYS(aDb[i].pBt!=0) ){
+ sqlite3BtreeEnter(aDb[i].pBt);
+ }
+ }
+}
+#endif
+
+#if !defined(SQLITE_OMIT_SHARED_CACHE) && SQLITE_THREADSAFE>0
+/*
+** Unlock all of the btrees previously locked by a call to sqlite3VdbeEnter().
+*/
+static SQLITE_NOINLINE void vdbeLeave(Vdbe *p){
+ int i;
+ sqlite3 *db;
+ Db *aDb;
+ int nDb;
+ db = p->db;
+ aDb = db->aDb;
+ nDb = db->nDb;
+ for(i=0; i<nDb; i++){
+ if( i!=1 && DbMaskTest(p->lockMask,i) && ALWAYS(aDb[i].pBt!=0) ){
+ sqlite3BtreeLeave(aDb[i].pBt);
+ }
+ }
+}
+SQLITE_PRIVATE void sqlite3VdbeLeave(Vdbe *p){
+ if( DbMaskAllZero(p->lockMask) ) return; /* The common case */
+ vdbeLeave(p);
+}
+#endif
+
+#if defined(VDBE_PROFILE) || defined(SQLITE_DEBUG)
+/*
+** Print a single opcode. This routine is used for debugging only.
+*/
+SQLITE_PRIVATE void sqlite3VdbePrintOp(FILE *pOut, int pc, Op *pOp){
+ char *zP4;
+ char zPtr[50];
+ char zCom[100];
+ static const char *zFormat1 = "%4d %-13s %4d %4d %4d %-13s %.2X %s\n";
+ if( pOut==0 ) pOut = stdout;
+ zP4 = displayP4(pOp, zPtr, sizeof(zPtr));
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ displayComment(pOp, zP4, zCom, sizeof(zCom));
+#else
+ zCom[0] = 0;
+#endif
+ /* NB: The sqlite3OpcodeName() function is implemented by code created
+ ** by the mkopcodeh.awk and mkopcodec.awk scripts which extract the
+ ** information from the vdbe.c source text */
+ fprintf(pOut, zFormat1, pc,
+ sqlite3OpcodeName(pOp->opcode), pOp->p1, pOp->p2, pOp->p3, zP4, pOp->p5,
+ zCom
+ );
+ fflush(pOut);
+}
+#endif
+
+/*
+** Release an array of N Mem elements
+*/
+static void releaseMemArray(Mem *p, int N){
+ if( p && N ){
+ Mem *pEnd = &p[N];
+ sqlite3 *db = p->db;
+ u8 malloc_failed = db->mallocFailed;
+ if( db->pnBytesFreed ){
+ do{
+ if( p->szMalloc ) sqlite3DbFree(db, p->zMalloc);
+ }while( (++p)<pEnd );
+ return;
+ }
+ do{
+ assert( (&p[1])==pEnd || p[0].db==p[1].db );
+ assert( sqlite3VdbeCheckMemInvariants(p) );
+
+ /* This block is really an inlined version of sqlite3VdbeMemRelease()
+ ** that takes advantage of the fact that the memory cell value is
+ ** being set to NULL after releasing any dynamic resources.
+ **
+ ** The justification for duplicating code is that according to
+ ** callgrind, this causes a certain test case to hit the CPU 4.7
+ ** percent less (x86 linux, gcc version 4.1.2, -O6) than if
+ ** sqlite3MemRelease() were called from here. With -O2, this jumps
+ ** to 6.6 percent. The test case is inserting 1000 rows into a table
+ ** with no indexes using a single prepared INSERT statement, bind()
+ ** and reset(). Inserts are grouped into a transaction.
+ */
+ testcase( p->flags & MEM_Agg );
+ testcase( p->flags & MEM_Dyn );
+ testcase( p->flags & MEM_Frame );
+ testcase( p->flags & MEM_RowSet );
+ if( p->flags&(MEM_Agg|MEM_Dyn|MEM_Frame|MEM_RowSet) ){
+ sqlite3VdbeMemRelease(p);
+ }else if( p->szMalloc ){
+ sqlite3DbFree(db, p->zMalloc);
+ p->szMalloc = 0;
+ }
+
+ p->flags = MEM_Undefined;
+ }while( (++p)<pEnd );
+ db->mallocFailed = malloc_failed;
+ }
+}
+
+/*
+** Delete a VdbeFrame object and its contents. VdbeFrame objects are
+** allocated by the OP_Program opcode in sqlite3VdbeExec().
+*/
+SQLITE_PRIVATE void sqlite3VdbeFrameDelete(VdbeFrame *p){
+ int i;
+ Mem *aMem = VdbeFrameMem(p);
+ VdbeCursor **apCsr = (VdbeCursor **)&aMem[p->nChildMem];
+ for(i=0; i<p->nChildCsr; i++){
+ sqlite3VdbeFreeCursor(p->v, apCsr[i]);
+ }
+ releaseMemArray(aMem, p->nChildMem);
+ sqlite3DbFree(p->v->db, p);
+}
+
+#ifndef SQLITE_OMIT_EXPLAIN
+/*
+** Give a listing of the program in the virtual machine.
+**
+** The interface is the same as sqlite3VdbeExec(). But instead of
+** running the code, it invokes the callback once for each instruction.
+** This feature is used to implement "EXPLAIN".
+**
+** When p->explain==1, each instruction is listed. When
+** p->explain==2, only OP_Explain instructions are listed and these
+** are shown in a different format. p->explain==2 is used to implement
+** EXPLAIN QUERY PLAN.
+**
+** When p->explain==1, first the main program is listed, then each of
+** the trigger subprograms are listed one by one.
+*/
+SQLITE_PRIVATE int sqlite3VdbeList(
+ Vdbe *p /* The VDBE */
+){
+ int nRow; /* Stop when row count reaches this */
+ int nSub = 0; /* Number of sub-vdbes seen so far */
+ SubProgram **apSub = 0; /* Array of sub-vdbes */
+ Mem *pSub = 0; /* Memory cell hold array of subprogs */
+ sqlite3 *db = p->db; /* The database connection */
+ int i; /* Loop counter */
+ int rc = SQLITE_OK; /* Return code */
+ Mem *pMem = &p->aMem[1]; /* First Mem of result set */
+
+ assert( p->explain );
+ assert( p->magic==VDBE_MAGIC_RUN );
+ assert( p->rc==SQLITE_OK || p->rc==SQLITE_BUSY || p->rc==SQLITE_NOMEM );
+
+ /* Even though this opcode does not use dynamic strings for
+ ** the result, result columns may become dynamic if the user calls
+ ** sqlite3_column_text16(), causing a translation to UTF-16 encoding.
+ */
+ releaseMemArray(pMem, 8);
+ p->pResultSet = 0;
+
+ if( p->rc==SQLITE_NOMEM ){
+ /* This happens if a malloc() inside a call to sqlite3_column_text() or
+ ** sqlite3_column_text16() failed. */
+ db->mallocFailed = 1;
+ return SQLITE_ERROR;
+ }
+
+ /* When the number of output rows reaches nRow, that means the
+ ** listing has finished and sqlite3_step() should return SQLITE_DONE.
+ ** nRow is the sum of the number of rows in the main program, plus
+ ** the sum of the number of rows in all trigger subprograms encountered
+ ** so far. The nRow value will increase as new trigger subprograms are
+ ** encountered, but p->pc will eventually catch up to nRow.
+ */
+ nRow = p->nOp;
+ if( p->explain==1 ){
+ /* The first 8 memory cells are used for the result set. So we will
+ ** commandeer the 9th cell to use as storage for an array of pointers
+ ** to trigger subprograms. The VDBE is guaranteed to have at least 9
+ ** cells. */
+ assert( p->nMem>9 );
+ pSub = &p->aMem[9];
+ if( pSub->flags&MEM_Blob ){
+ /* On the first call to sqlite3_step(), pSub will hold a NULL. It is
+ ** initialized to a BLOB by the P4_SUBPROGRAM processing logic below */
+ nSub = pSub->n/sizeof(Vdbe*);
+ apSub = (SubProgram **)pSub->z;
+ }
+ for(i=0; i<nSub; i++){
+ nRow += apSub[i]->nOp;
+ }
+ }
+
+ do{
+ i = p->pc++;
+ }while( i<nRow && p->explain==2 && p->aOp[i].opcode!=OP_Explain );
+ if( i>=nRow ){
+ p->rc = SQLITE_OK;
+ rc = SQLITE_DONE;
+ }else if( db->u1.isInterrupted ){
+ p->rc = SQLITE_INTERRUPT;
+ rc = SQLITE_ERROR;
+ sqlite3VdbeError(p, sqlite3ErrStr(p->rc));
+ }else{
+ char *zP4;
+ Op *pOp;
+ if( i<p->nOp ){
+ /* The output line number is small enough that we are still in the
+ ** main program. */
+ pOp = &p->aOp[i];
+ }else{
+ /* We are currently listing subprograms. Figure out which one and
+ ** pick up the appropriate opcode. */
+ int j;
+ i -= p->nOp;
+ for(j=0; i>=apSub[j]->nOp; j++){
+ i -= apSub[j]->nOp;
+ }
+ pOp = &apSub[j]->aOp[i];
+ }
+ if( p->explain==1 ){
+ pMem->flags = MEM_Int;
+ pMem->u.i = i; /* Program counter */
+ pMem++;
+
+ pMem->flags = MEM_Static|MEM_Str|MEM_Term;
+ pMem->z = (char*)sqlite3OpcodeName(pOp->opcode); /* Opcode */
+ assert( pMem->z!=0 );
+ pMem->n = sqlite3Strlen30(pMem->z);
+ pMem->enc = SQLITE_UTF8;
+ pMem++;
+
+ /* When an OP_Program opcode is encounter (the only opcode that has
+ ** a P4_SUBPROGRAM argument), expand the size of the array of subprograms
+ ** kept in p->aMem[9].z to hold the new program - assuming this subprogram
+ ** has not already been seen.
+ */
+ if( pOp->p4type==P4_SUBPROGRAM ){
+ int nByte = (nSub+1)*sizeof(SubProgram*);
+ int j;
+ for(j=0; j<nSub; j++){
+ if( apSub[j]==pOp->p4.pProgram ) break;
+ }
+ if( j==nSub && SQLITE_OK==sqlite3VdbeMemGrow(pSub, nByte, nSub!=0) ){
+ apSub = (SubProgram **)pSub->z;
+ apSub[nSub++] = pOp->p4.pProgram;
+ pSub->flags |= MEM_Blob;
+ pSub->n = nSub*sizeof(SubProgram*);
+ }
+ }
+ }
+
+ pMem->flags = MEM_Int;
+ pMem->u.i = pOp->p1; /* P1 */
+ pMem++;
+
+ pMem->flags = MEM_Int;
+ pMem->u.i = pOp->p2; /* P2 */
+ pMem++;
+
+ pMem->flags = MEM_Int;
+ pMem->u.i = pOp->p3; /* P3 */
+ pMem++;
+
+ if( sqlite3VdbeMemClearAndResize(pMem, 100) ){ /* P4 */
+ assert( p->db->mallocFailed );
+ return SQLITE_ERROR;
+ }
+ pMem->flags = MEM_Str|MEM_Term;
+ zP4 = displayP4(pOp, pMem->z, pMem->szMalloc);
+ if( zP4!=pMem->z ){
+ sqlite3VdbeMemSetStr(pMem, zP4, -1, SQLITE_UTF8, 0);
+ }else{
+ assert( pMem->z!=0 );
+ pMem->n = sqlite3Strlen30(pMem->z);
+ pMem->enc = SQLITE_UTF8;
+ }
+ pMem++;
+
+ if( p->explain==1 ){
+ if( sqlite3VdbeMemClearAndResize(pMem, 4) ){
+ assert( p->db->mallocFailed );
+ return SQLITE_ERROR;
+ }
+ pMem->flags = MEM_Str|MEM_Term;
+ pMem->n = 2;
+ sqlite3_snprintf(3, pMem->z, "%.2x", pOp->p5); /* P5 */
+ pMem->enc = SQLITE_UTF8;
+ pMem++;
+
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ if( sqlite3VdbeMemClearAndResize(pMem, 500) ){
+ assert( p->db->mallocFailed );
+ return SQLITE_ERROR;
+ }
+ pMem->flags = MEM_Str|MEM_Term;
+ pMem->n = displayComment(pOp, zP4, pMem->z, 500);
+ pMem->enc = SQLITE_UTF8;
+#else
+ pMem->flags = MEM_Null; /* Comment */
+#endif
+ }
+
+ p->nResColumn = 8 - 4*(p->explain-1);
+ p->pResultSet = &p->aMem[1];
+ p->rc = SQLITE_OK;
+ rc = SQLITE_ROW;
+ }
+ return rc;
+}
+#endif /* SQLITE_OMIT_EXPLAIN */
+
+#ifdef SQLITE_DEBUG
+/*
+** Print the SQL that was used to generate a VDBE program.
+*/
+SQLITE_PRIVATE void sqlite3VdbePrintSql(Vdbe *p){
+ const char *z = 0;
+ if( p->zSql ){
+ z = p->zSql;
+ }else if( p->nOp>=1 ){
+ const VdbeOp *pOp = &p->aOp[0];
+ if( pOp->opcode==OP_Init && pOp->p4.z!=0 ){
+ z = pOp->p4.z;
+ while( sqlite3Isspace(*z) ) z++;
+ }
+ }
+ if( z ) printf("SQL: [%s]\n", z);
+}
+#endif
+
+#if !defined(SQLITE_OMIT_TRACE) && defined(SQLITE_ENABLE_IOTRACE)
+/*
+** Print an IOTRACE message showing SQL content.
+*/
+SQLITE_PRIVATE void sqlite3VdbeIOTraceSql(Vdbe *p){
+ int nOp = p->nOp;
+ VdbeOp *pOp;
+ if( sqlite3IoTrace==0 ) return;
+ if( nOp<1 ) return;
+ pOp = &p->aOp[0];
+ if( pOp->opcode==OP_Init && pOp->p4.z!=0 ){
+ int i, j;
+ char z[1000];
+ sqlite3_snprintf(sizeof(z), z, "%s", pOp->p4.z);
+ for(i=0; sqlite3Isspace(z[i]); i++){}
+ for(j=0; z[i]; i++){
+ if( sqlite3Isspace(z[i]) ){
+ if( z[i-1]!=' ' ){
+ z[j++] = ' ';
+ }
+ }else{
+ z[j++] = z[i];
+ }
+ }
+ z[j] = 0;
+ sqlite3IoTrace("SQL %s\n", z);
+ }
+}
+#endif /* !SQLITE_OMIT_TRACE && SQLITE_ENABLE_IOTRACE */
+
+/*
+** Allocate space from a fixed size buffer and return a pointer to
+** that space. If insufficient space is available, return NULL.
+**
+** The pBuf parameter is the initial value of a pointer which will
+** receive the new memory. pBuf is normally NULL. If pBuf is not
+** NULL, it means that memory space has already been allocated and that
+** this routine should not allocate any new memory. When pBuf is not
+** NULL simply return pBuf. Only allocate new memory space when pBuf
+** is NULL.
+**
+** nByte is the number of bytes of space needed.
+**
+** pFrom points to *pnFrom bytes of available space. New space is allocated
+** from the end of the pFrom buffer and *pnFrom is decremented.
+**
+** *pnNeeded is a counter of the number of bytes of space that have failed
+** to allocate. If there is insufficient space in pFrom to satisfy the
+** request, then increment *pnNeeded by the amount of the request.
+*/
+static void *allocSpace(
+ void *pBuf, /* Where return pointer will be stored */
+ int nByte, /* Number of bytes to allocate */
+ u8 *pFrom, /* Memory available for allocation */
+ int *pnFrom, /* IN/OUT: Space available at pFrom */
+ int *pnNeeded /* If allocation cannot be made, increment *pnByte */
+){
+ assert( EIGHT_BYTE_ALIGNMENT(pFrom) );
+ if( pBuf==0 ){
+ nByte = ROUND8(nByte);
+ if( nByte <= *pnFrom ){
+ *pnFrom -= nByte;
+ pBuf = &pFrom[*pnFrom];
+ }else{
+ *pnNeeded += nByte;
+ }
+ }
+ assert( EIGHT_BYTE_ALIGNMENT(pBuf) );
+ return pBuf;
+}
+
+/*
+** Rewind the VDBE back to the beginning in preparation for
+** running it.
+*/
+SQLITE_PRIVATE void sqlite3VdbeRewind(Vdbe *p){
+#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
+ int i;
+#endif
+ assert( p!=0 );
+ assert( p->magic==VDBE_MAGIC_INIT );
+
+ /* There should be at least one opcode.
+ */
+ assert( p->nOp>0 );
+
+ /* Set the magic to VDBE_MAGIC_RUN sooner rather than later. */
+ p->magic = VDBE_MAGIC_RUN;
+
+#ifdef SQLITE_DEBUG
+ for(i=1; i<p->nMem; i++){
+ assert( p->aMem[i].db==p->db );
+ }
+#endif
+ p->pc = -1;
+ p->rc = SQLITE_OK;
+ p->errorAction = OE_Abort;
+ p->magic = VDBE_MAGIC_RUN;
+ p->nChange = 0;
+ p->cacheCtr = 1;
+ p->minWriteFileFormat = 255;
+ p->iStatement = 0;
+ p->nFkConstraint = 0;
+#ifdef VDBE_PROFILE
+ for(i=0; i<p->nOp; i++){
+ p->aOp[i].cnt = 0;
+ p->aOp[i].cycles = 0;
+ }
+#endif
+}
+
+/*
+** Prepare a virtual machine for execution for the first time after
+** creating the virtual machine. This involves things such
+** as allocating registers and initializing the program counter.
+** After the VDBE has be prepped, it can be executed by one or more
+** calls to sqlite3VdbeExec().
+**
+** This function may be called exactly once on each virtual machine.
+** After this routine is called the VM has been "packaged" and is ready
+** to run. After this routine is called, further calls to
+** sqlite3VdbeAddOp() functions are prohibited. This routine disconnects
+** the Vdbe from the Parse object that helped generate it so that the
+** the Vdbe becomes an independent entity and the Parse object can be
+** destroyed.
+**
+** Use the sqlite3VdbeRewind() procedure to restore a virtual machine back
+** to its initial state after it has been run.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMakeReady(
+ Vdbe *p, /* The VDBE */
+ Parse *pParse /* Parsing context */
+){
+ sqlite3 *db; /* The database connection */
+ int nVar; /* Number of parameters */
+ int nMem; /* Number of VM memory registers */
+ int nCursor; /* Number of cursors required */
+ int nArg; /* Number of arguments in subprograms */
+ int nOnce; /* Number of OP_Once instructions */
+ int n; /* Loop counter */
+ int nFree; /* Available free space */
+ u8 *zCsr; /* Memory available for allocation */
+ int nByte; /* How much extra memory is needed */
+
+ assert( p!=0 );
+ assert( p->nOp>0 );
+ assert( pParse!=0 );
+ assert( p->magic==VDBE_MAGIC_INIT );
+ assert( pParse==p->pParse );
+ db = p->db;
+ assert( db->mallocFailed==0 );
+ nVar = pParse->nVar;
+ nMem = pParse->nMem;
+ nCursor = pParse->nTab;
+ nArg = pParse->nMaxArg;
+ nOnce = pParse->nOnce;
+ if( nOnce==0 ) nOnce = 1; /* Ensure at least one byte in p->aOnceFlag[] */
+
+ /* For each cursor required, also allocate a memory cell. Memory
+ ** cells (nMem+1-nCursor)..nMem, inclusive, will never be used by
+ ** the vdbe program. Instead they are used to allocate space for
+ ** VdbeCursor/BtCursor structures. The blob of memory associated with
+ ** cursor 0 is stored in memory cell nMem. Memory cell (nMem-1)
+ ** stores the blob of memory associated with cursor 1, etc.
+ **
+ ** See also: allocateCursor().
+ */
+ nMem += nCursor;
+
+ /* zCsr will initially point to nFree bytes of unused space at the
+ ** end of the opcode array, p->aOp. The computation of nFree is
+ ** conservative - it might be smaller than the true number of free
+ ** bytes, but never larger. nFree must be a multiple of 8 - it is
+ ** rounded down if is not.
+ */
+ n = ROUND8(sizeof(Op)*p->nOp); /* Bytes of opcode space used */
+ zCsr = &((u8*)p->aOp)[n]; /* Unused opcode space */
+ assert( EIGHT_BYTE_ALIGNMENT(zCsr) );
+ nFree = ROUNDDOWN8(pParse->szOpAlloc - n); /* Bytes of unused space */
+ assert( nFree>=0 );
+ if( nFree>0 ){
+ memset(zCsr, 0, nFree);
+ assert( EIGHT_BYTE_ALIGNMENT(&zCsr[nFree]) );
+ }
+
+ resolveP2Values(p, &nArg);
+ p->usesStmtJournal = (u8)(pParse->isMultiWrite && pParse->mayAbort);
+ if( pParse->explain && nMem<10 ){
+ nMem = 10;
+ }
+ p->expired = 0;
+
+ /* Memory for registers, parameters, cursor, etc, is allocated in two
+ ** passes. On the first pass, we try to reuse unused space at the
+ ** end of the opcode array. If we are unable to satisfy all memory
+ ** requirements by reusing the opcode array tail, then the second
+ ** pass will fill in the rest using a fresh allocation.
+ **
+ ** This two-pass approach that reuses as much memory as possible from
+ ** the leftover space at the end of the opcode array can significantly
+ ** reduce the amount of memory held by a prepared statement.
+ */
+ do {
+ nByte = 0;
+ p->aMem = allocSpace(p->aMem, nMem*sizeof(Mem), zCsr, &nFree, &nByte);
+ p->aVar = allocSpace(p->aVar, nVar*sizeof(Mem), zCsr, &nFree, &nByte);
+ p->apArg = allocSpace(p->apArg, nArg*sizeof(Mem*), zCsr, &nFree, &nByte);
+ p->azVar = allocSpace(p->azVar, nVar*sizeof(char*), zCsr, &nFree, &nByte);
+ p->apCsr = allocSpace(p->apCsr, nCursor*sizeof(VdbeCursor*),
+ zCsr, &nFree, &nByte);
+ p->aOnceFlag = allocSpace(p->aOnceFlag, nOnce, zCsr, &nFree, &nByte);
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ p->anExec = allocSpace(p->anExec, p->nOp*sizeof(i64), zCsr, &nFree, &nByte);
+#endif
+ if( nByte ){
+ p->pFree = sqlite3DbMallocZero(db, nByte);
+ }
+ zCsr = p->pFree;
+ nFree = nByte;
+ }while( nByte && !db->mallocFailed );
+
+ p->nCursor = nCursor;
+ p->nOnceFlag = nOnce;
+ if( p->aVar ){
+ p->nVar = (ynVar)nVar;
+ for(n=0; n<nVar; n++){
+ p->aVar[n].flags = MEM_Null;
+ p->aVar[n].db = db;
+ }
+ }
+ if( p->azVar && pParse->nzVar>0 ){
+ p->nzVar = pParse->nzVar;
+ memcpy(p->azVar, pParse->azVar, p->nzVar*sizeof(p->azVar[0]));
+ memset(pParse->azVar, 0, pParse->nzVar*sizeof(pParse->azVar[0]));
+ }
+ if( p->aMem ){
+ p->aMem--; /* aMem[] goes from 1..nMem */
+ p->nMem = nMem; /* not from 0..nMem-1 */
+ for(n=1; n<=nMem; n++){
+ p->aMem[n].flags = MEM_Undefined;
+ p->aMem[n].db = db;
+ }
+ }
+ p->explain = pParse->explain;
+ sqlite3VdbeRewind(p);
+}
+
+/*
+** Close a VDBE cursor and release all the resources that cursor
+** happens to hold.
+*/
+SQLITE_PRIVATE void sqlite3VdbeFreeCursor(Vdbe *p, VdbeCursor *pCx){
+ if( pCx==0 ){
+ return;
+ }
+ assert( pCx->pBt==0 || pCx->eCurType==CURTYPE_BTREE );
+ switch( pCx->eCurType ){
+ case CURTYPE_SORTER: {
+ sqlite3VdbeSorterClose(p->db, pCx);
+ break;
+ }
+ case CURTYPE_BTREE: {
+ if( pCx->pBt ){
+ sqlite3BtreeClose(pCx->pBt);
+ /* The pCx->pCursor will be close automatically, if it exists, by
+ ** the call above. */
+ }else{
+ assert( pCx->uc.pCursor!=0 );
+ sqlite3BtreeCloseCursor(pCx->uc.pCursor);
+ }
+ break;
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ case CURTYPE_VTAB: {
+ sqlite3_vtab_cursor *pVCur = pCx->uc.pVCur;
+ const sqlite3_module *pModule = pVCur->pVtab->pModule;
+ assert( pVCur->pVtab->nRef>0 );
+ pVCur->pVtab->nRef--;
+ pModule->xClose(pVCur);
+ break;
+ }
+#endif
+ }
+}
+
+/*
+** Close all cursors in the current frame.
+*/
+static void closeCursorsInFrame(Vdbe *p){
+ if( p->apCsr ){
+ int i;
+ for(i=0; i<p->nCursor; i++){
+ VdbeCursor *pC = p->apCsr[i];
+ if( pC ){
+ sqlite3VdbeFreeCursor(p, pC);
+ p->apCsr[i] = 0;
+ }
+ }
+ }
+}
+
+/*
+** Copy the values stored in the VdbeFrame structure to its Vdbe. This
+** is used, for example, when a trigger sub-program is halted to restore
+** control to the main program.
+*/
+SQLITE_PRIVATE int sqlite3VdbeFrameRestore(VdbeFrame *pFrame){
+ Vdbe *v = pFrame->v;
+ closeCursorsInFrame(v);
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ v->anExec = pFrame->anExec;
+#endif
+ v->aOnceFlag = pFrame->aOnceFlag;
+ v->nOnceFlag = pFrame->nOnceFlag;
+ v->aOp = pFrame->aOp;
+ v->nOp = pFrame->nOp;
+ v->aMem = pFrame->aMem;
+ v->nMem = pFrame->nMem;
+ v->apCsr = pFrame->apCsr;
+ v->nCursor = pFrame->nCursor;
+ v->db->lastRowid = pFrame->lastRowid;
+ v->nChange = pFrame->nChange;
+ v->db->nChange = pFrame->nDbChange;
+ return pFrame->pc;
+}
+
+/*
+** Close all cursors.
+**
+** Also release any dynamic memory held by the VM in the Vdbe.aMem memory
+** cell array. This is necessary as the memory cell array may contain
+** pointers to VdbeFrame objects, which may in turn contain pointers to
+** open cursors.
+*/
+static void closeAllCursors(Vdbe *p){
+ if( p->pFrame ){
+ VdbeFrame *pFrame;
+ for(pFrame=p->pFrame; pFrame->pParent; pFrame=pFrame->pParent);
+ sqlite3VdbeFrameRestore(pFrame);
+ p->pFrame = 0;
+ p->nFrame = 0;
+ }
+ assert( p->nFrame==0 );
+ closeCursorsInFrame(p);
+ if( p->aMem ){
+ releaseMemArray(&p->aMem[1], p->nMem);
+ }
+ while( p->pDelFrame ){
+ VdbeFrame *pDel = p->pDelFrame;
+ p->pDelFrame = pDel->pParent;
+ sqlite3VdbeFrameDelete(pDel);
+ }
+
+ /* Delete any auxdata allocations made by the VM */
+ if( p->pAuxData ) sqlite3VdbeDeleteAuxData(p, -1, 0);
+ assert( p->pAuxData==0 );
+}
+
+/*
+** Clean up the VM after a single run.
+*/
+static void Cleanup(Vdbe *p){
+ sqlite3 *db = p->db;
+
+#ifdef SQLITE_DEBUG
+ /* Execute assert() statements to ensure that the Vdbe.apCsr[] and
+ ** Vdbe.aMem[] arrays have already been cleaned up. */
+ int i;
+ if( p->apCsr ) for(i=0; i<p->nCursor; i++) assert( p->apCsr[i]==0 );
+ if( p->aMem ){
+ for(i=1; i<=p->nMem; i++) assert( p->aMem[i].flags==MEM_Undefined );
+ }
+#endif
+
+ sqlite3DbFree(db, p->zErrMsg);
+ p->zErrMsg = 0;
+ p->pResultSet = 0;
+}
+
+/*
+** Set the number of result columns that will be returned by this SQL
+** statement. This is now set at compile time, rather than during
+** execution of the vdbe program so that sqlite3_column_count() can
+** be called on an SQL statement before sqlite3_step().
+*/
+SQLITE_PRIVATE void sqlite3VdbeSetNumCols(Vdbe *p, int nResColumn){
+ Mem *pColName;
+ int n;
+ sqlite3 *db = p->db;
+
+ releaseMemArray(p->aColName, p->nResColumn*COLNAME_N);
+ sqlite3DbFree(db, p->aColName);
+ n = nResColumn*COLNAME_N;
+ p->nResColumn = (u16)nResColumn;
+ p->aColName = pColName = (Mem*)sqlite3DbMallocZero(db, sizeof(Mem)*n );
+ if( p->aColName==0 ) return;
+ while( n-- > 0 ){
+ pColName->flags = MEM_Null;
+ pColName->db = p->db;
+ pColName++;
+ }
+}
+
+/*
+** Set the name of the idx'th column to be returned by the SQL statement.
+** zName must be a pointer to a nul terminated string.
+**
+** This call must be made after a call to sqlite3VdbeSetNumCols().
+**
+** The final parameter, xDel, must be one of SQLITE_DYNAMIC, SQLITE_STATIC
+** or SQLITE_TRANSIENT. If it is SQLITE_DYNAMIC, then the buffer pointed
+** to by zName will be freed by sqlite3DbFree() when the vdbe is destroyed.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSetColName(
+ Vdbe *p, /* Vdbe being configured */
+ int idx, /* Index of column zName applies to */
+ int var, /* One of the COLNAME_* constants */
+ const char *zName, /* Pointer to buffer containing name */
+ void (*xDel)(void*) /* Memory management strategy for zName */
+){
+ int rc;
+ Mem *pColName;
+ assert( idx<p->nResColumn );
+ assert( var<COLNAME_N );
+ if( p->db->mallocFailed ){
+ assert( !zName || xDel!=SQLITE_DYNAMIC );
+ return SQLITE_NOMEM;
+ }
+ assert( p->aColName!=0 );
+ pColName = &(p->aColName[idx+var*p->nResColumn]);
+ rc = sqlite3VdbeMemSetStr(pColName, zName, -1, SQLITE_UTF8, xDel);
+ assert( rc!=0 || !zName || (pColName->flags&MEM_Term)!=0 );
+ return rc;
+}
+
+/*
+** A read or write transaction may or may not be active on database handle
+** db. If a transaction is active, commit it. If there is a
+** write-transaction spanning more than one database file, this routine
+** takes care of the master journal trickery.
+*/
+static int vdbeCommit(sqlite3 *db, Vdbe *p){
+ int i;
+ int nTrans = 0; /* Number of databases with an active write-transaction */
+ int rc = SQLITE_OK;
+ int needXcommit = 0;
+
+#ifdef SQLITE_OMIT_VIRTUALTABLE
+ /* With this option, sqlite3VtabSync() is defined to be simply
+ ** SQLITE_OK so p is not used.
+ */
+ UNUSED_PARAMETER(p);
+#endif
+
+ /* Before doing anything else, call the xSync() callback for any
+ ** virtual module tables written in this transaction. This has to
+ ** be done before determining whether a master journal file is
+ ** required, as an xSync() callback may add an attached database
+ ** to the transaction.
+ */
+ rc = sqlite3VtabSync(db, p);
+
+ /* This loop determines (a) if the commit hook should be invoked and
+ ** (b) how many database files have open write transactions, not
+ ** including the temp database. (b) is important because if more than
+ ** one database file has an open write transaction, a master journal
+ ** file is required for an atomic commit.
+ */
+ for(i=0; rc==SQLITE_OK && i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( sqlite3BtreeIsInTrans(pBt) ){
+ needXcommit = 1;
+ if( i!=1 ) nTrans++;
+ sqlite3BtreeEnter(pBt);
+ rc = sqlite3PagerExclusiveLock(sqlite3BtreePager(pBt));
+ sqlite3BtreeLeave(pBt);
+ }
+ }
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* If there are any write-transactions at all, invoke the commit hook */
+ if( needXcommit && db->xCommitCallback ){
+ rc = db->xCommitCallback(db->pCommitArg);
+ if( rc ){
+ return SQLITE_CONSTRAINT_COMMITHOOK;
+ }
+ }
+
+ /* The simple case - no more than one database file (not counting the
+ ** TEMP database) has a transaction active. There is no need for the
+ ** master-journal.
+ **
+ ** If the return value of sqlite3BtreeGetFilename() is a zero length
+ ** string, it means the main database is :memory: or a temp file. In
+ ** that case we do not support atomic multi-file commits, so use the
+ ** simple case then too.
+ */
+ if( 0==sqlite3Strlen30(sqlite3BtreeGetFilename(db->aDb[0].pBt))
+ || nTrans<=1
+ ){
+ for(i=0; rc==SQLITE_OK && i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ rc = sqlite3BtreeCommitPhaseOne(pBt, 0);
+ }
+ }
+
+ /* Do the commit only if all databases successfully complete phase 1.
+ ** If one of the BtreeCommitPhaseOne() calls fails, this indicates an
+ ** IO error while deleting or truncating a journal file. It is unlikely,
+ ** but could happen. In this case abandon processing and return the error.
+ */
+ for(i=0; rc==SQLITE_OK && i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ rc = sqlite3BtreeCommitPhaseTwo(pBt, 0);
+ }
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3VtabCommit(db);
+ }
+ }
+
+ /* The complex case - There is a multi-file write-transaction active.
+ ** This requires a master journal file to ensure the transaction is
+ ** committed atomically.
+ */
+#ifndef SQLITE_OMIT_DISKIO
+ else{
+ sqlite3_vfs *pVfs = db->pVfs;
+ int needSync = 0;
+ char *zMaster = 0; /* File-name for the master journal */
+ char const *zMainFile = sqlite3BtreeGetFilename(db->aDb[0].pBt);
+ sqlite3_file *pMaster = 0;
+ i64 offset = 0;
+ int res;
+ int retryCount = 0;
+ int nMainFile;
+
+ /* Select a master journal file name */
+ nMainFile = sqlite3Strlen30(zMainFile);
+ zMaster = sqlite3MPrintf(db, "%s-mjXXXXXX9XXz", zMainFile);
+ if( zMaster==0 ) return SQLITE_NOMEM;
+ do {
+ u32 iRandom;
+ if( retryCount ){
+ if( retryCount>100 ){
+ sqlite3_log(SQLITE_FULL, "MJ delete: %s", zMaster);
+ sqlite3OsDelete(pVfs, zMaster, 0);
+ break;
+ }else if( retryCount==1 ){
+ sqlite3_log(SQLITE_FULL, "MJ collide: %s", zMaster);
+ }
+ }
+ retryCount++;
+ sqlite3_randomness(sizeof(iRandom), &iRandom);
+ sqlite3_snprintf(13, &zMaster[nMainFile], "-mj%06X9%02X",
+ (iRandom>>8)&0xffffff, iRandom&0xff);
+ /* The antipenultimate character of the master journal name must
+ ** be "9" to avoid name collisions when using 8+3 filenames. */
+ assert( zMaster[sqlite3Strlen30(zMaster)-3]=='9' );
+ sqlite3FileSuffix3(zMainFile, zMaster);
+ rc = sqlite3OsAccess(pVfs, zMaster, SQLITE_ACCESS_EXISTS, &res);
+ }while( rc==SQLITE_OK && res );
+ if( rc==SQLITE_OK ){
+ /* Open the master journal. */
+ rc = sqlite3OsOpenMalloc(pVfs, zMaster, &pMaster,
+ SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE|
+ SQLITE_OPEN_EXCLUSIVE|SQLITE_OPEN_MASTER_JOURNAL, 0
+ );
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3DbFree(db, zMaster);
+ return rc;
+ }
+
+ /* Write the name of each database file in the transaction into the new
+ ** master journal file. If an error occurs at this point close
+ ** and delete the master journal file. All the individual journal files
+ ** still have 'null' as the master journal pointer, so they will roll
+ ** back independently if a failure occurs.
+ */
+ for(i=0; i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( sqlite3BtreeIsInTrans(pBt) ){
+ char const *zFile = sqlite3BtreeGetJournalname(pBt);
+ if( zFile==0 ){
+ continue; /* Ignore TEMP and :memory: databases */
+ }
+ assert( zFile[0]!=0 );
+ if( !needSync && !sqlite3BtreeSyncDisabled(pBt) ){
+ needSync = 1;
+ }
+ rc = sqlite3OsWrite(pMaster, zFile, sqlite3Strlen30(zFile)+1, offset);
+ offset += sqlite3Strlen30(zFile)+1;
+ if( rc!=SQLITE_OK ){
+ sqlite3OsCloseFree(pMaster);
+ sqlite3OsDelete(pVfs, zMaster, 0);
+ sqlite3DbFree(db, zMaster);
+ return rc;
+ }
+ }
+ }
+
+ /* Sync the master journal file. If the IOCAP_SEQUENTIAL device
+ ** flag is set this is not required.
+ */
+ if( needSync
+ && 0==(sqlite3OsDeviceCharacteristics(pMaster)&SQLITE_IOCAP_SEQUENTIAL)
+ && SQLITE_OK!=(rc = sqlite3OsSync(pMaster, SQLITE_SYNC_NORMAL))
+ ){
+ sqlite3OsCloseFree(pMaster);
+ sqlite3OsDelete(pVfs, zMaster, 0);
+ sqlite3DbFree(db, zMaster);
+ return rc;
+ }
+
+ /* Sync all the db files involved in the transaction. The same call
+ ** sets the master journal pointer in each individual journal. If
+ ** an error occurs here, do not delete the master journal file.
+ **
+ ** If the error occurs during the first call to
+ ** sqlite3BtreeCommitPhaseOne(), then there is a chance that the
+ ** master journal file will be orphaned. But we cannot delete it,
+ ** in case the master journal file name was written into the journal
+ ** file before the failure occurred.
+ */
+ for(i=0; rc==SQLITE_OK && i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ rc = sqlite3BtreeCommitPhaseOne(pBt, zMaster);
+ }
+ }
+ sqlite3OsCloseFree(pMaster);
+ assert( rc!=SQLITE_BUSY );
+ if( rc!=SQLITE_OK ){
+ sqlite3DbFree(db, zMaster);
+ return rc;
+ }
+
+ /* Delete the master journal file. This commits the transaction. After
+ ** doing this the directory is synced again before any individual
+ ** transaction files are deleted.
+ */
+ rc = sqlite3OsDelete(pVfs, zMaster, needSync);
+ sqlite3DbFree(db, zMaster);
+ zMaster = 0;
+ if( rc ){
+ return rc;
+ }
+
+ /* All files and directories have already been synced, so the following
+ ** calls to sqlite3BtreeCommitPhaseTwo() are only closing files and
+ ** deleting or truncating journals. If something goes wrong while
+ ** this is happening we don't really care. The integrity of the
+ ** transaction is already guaranteed, but some stray 'cold' journals
+ ** may be lying around. Returning an error code won't help matters.
+ */
+ disable_simulated_io_errors();
+ sqlite3BeginBenignMalloc();
+ for(i=0; i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ sqlite3BtreeCommitPhaseTwo(pBt, 1);
+ }
+ }
+ sqlite3EndBenignMalloc();
+ enable_simulated_io_errors();
+
+ sqlite3VtabCommit(db);
+ }
+#endif
+
+ return rc;
+}
+
+/*
+** This routine checks that the sqlite3.nVdbeActive count variable
+** matches the number of vdbe's in the list sqlite3.pVdbe that are
+** currently active. An assertion fails if the two counts do not match.
+** This is an internal self-check only - it is not an essential processing
+** step.
+**
+** This is a no-op if NDEBUG is defined.
+*/
+#ifndef NDEBUG
+static void checkActiveVdbeCnt(sqlite3 *db){
+ Vdbe *p;
+ int cnt = 0;
+ int nWrite = 0;
+ int nRead = 0;
+ p = db->pVdbe;
+ while( p ){
+ if( sqlite3_stmt_busy((sqlite3_stmt*)p) ){
+ cnt++;
+ if( p->readOnly==0 ) nWrite++;
+ if( p->bIsReader ) nRead++;
+ }
+ p = p->pNext;
+ }
+ assert( cnt==db->nVdbeActive );
+ assert( nWrite==db->nVdbeWrite );
+ assert( nRead==db->nVdbeRead );
+}
+#else
+#define checkActiveVdbeCnt(x)
+#endif
+
+/*
+** If the Vdbe passed as the first argument opened a statement-transaction,
+** close it now. Argument eOp must be either SAVEPOINT_ROLLBACK or
+** SAVEPOINT_RELEASE. If it is SAVEPOINT_ROLLBACK, then the statement
+** transaction is rolled back. If eOp is SAVEPOINT_RELEASE, then the
+** statement transaction is committed.
+**
+** If an IO error occurs, an SQLITE_IOERR_XXX error code is returned.
+** Otherwise SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3VdbeCloseStatement(Vdbe *p, int eOp){
+ sqlite3 *const db = p->db;
+ int rc = SQLITE_OK;
+
+ /* If p->iStatement is greater than zero, then this Vdbe opened a
+ ** statement transaction that should be closed here. The only exception
+ ** is that an IO error may have occurred, causing an emergency rollback.
+ ** In this case (db->nStatement==0), and there is nothing to do.
+ */
+ if( db->nStatement && p->iStatement ){
+ int i;
+ const int iSavepoint = p->iStatement-1;
+
+ assert( eOp==SAVEPOINT_ROLLBACK || eOp==SAVEPOINT_RELEASE);
+ assert( db->nStatement>0 );
+ assert( p->iStatement==(db->nStatement+db->nSavepoint) );
+
+ for(i=0; i<db->nDb; i++){
+ int rc2 = SQLITE_OK;
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ if( eOp==SAVEPOINT_ROLLBACK ){
+ rc2 = sqlite3BtreeSavepoint(pBt, SAVEPOINT_ROLLBACK, iSavepoint);
+ }
+ if( rc2==SQLITE_OK ){
+ rc2 = sqlite3BtreeSavepoint(pBt, SAVEPOINT_RELEASE, iSavepoint);
+ }
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ }
+ }
+ db->nStatement--;
+ p->iStatement = 0;
+
+ if( rc==SQLITE_OK ){
+ if( eOp==SAVEPOINT_ROLLBACK ){
+ rc = sqlite3VtabSavepoint(db, SAVEPOINT_ROLLBACK, iSavepoint);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3VtabSavepoint(db, SAVEPOINT_RELEASE, iSavepoint);
+ }
+ }
+
+ /* If the statement transaction is being rolled back, also restore the
+ ** database handles deferred constraint counter to the value it had when
+ ** the statement transaction was opened. */
+ if( eOp==SAVEPOINT_ROLLBACK ){
+ db->nDeferredCons = p->nStmtDefCons;
+ db->nDeferredImmCons = p->nStmtDefImmCons;
+ }
+ }
+ return rc;
+}
+
+/*
+** This function is called when a transaction opened by the database
+** handle associated with the VM passed as an argument is about to be
+** committed. If there are outstanding deferred foreign key constraint
+** violations, return SQLITE_ERROR. Otherwise, SQLITE_OK.
+**
+** If there are outstanding FK violations and this function returns
+** SQLITE_ERROR, set the result of the VM to SQLITE_CONSTRAINT_FOREIGNKEY
+** and write an error message to it. Then return SQLITE_ERROR.
+*/
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+SQLITE_PRIVATE int sqlite3VdbeCheckFk(Vdbe *p, int deferred){
+ sqlite3 *db = p->db;
+ if( (deferred && (db->nDeferredCons+db->nDeferredImmCons)>0)
+ || (!deferred && p->nFkConstraint>0)
+ ){
+ p->rc = SQLITE_CONSTRAINT_FOREIGNKEY;
+ p->errorAction = OE_Abort;
+ sqlite3VdbeError(p, "FOREIGN KEY constraint failed");
+ return SQLITE_ERROR;
+ }
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** This routine is called the when a VDBE tries to halt. If the VDBE
+** has made changes and is in autocommit mode, then commit those
+** changes. If a rollback is needed, then do the rollback.
+**
+** This routine is the only way to move the state of a VM from
+** SQLITE_MAGIC_RUN to SQLITE_MAGIC_HALT. It is harmless to
+** call this on a VM that is in the SQLITE_MAGIC_HALT state.
+**
+** Return an error code. If the commit could not complete because of
+** lock contention, return SQLITE_BUSY. If SQLITE_BUSY is returned, it
+** means the close did not happen and needs to be repeated.
+*/
+SQLITE_PRIVATE int sqlite3VdbeHalt(Vdbe *p){
+ int rc; /* Used to store transient return codes */
+ sqlite3 *db = p->db;
+
+ /* This function contains the logic that determines if a statement or
+ ** transaction will be committed or rolled back as a result of the
+ ** execution of this virtual machine.
+ **
+ ** If any of the following errors occur:
+ **
+ ** SQLITE_NOMEM
+ ** SQLITE_IOERR
+ ** SQLITE_FULL
+ ** SQLITE_INTERRUPT
+ **
+ ** Then the internal cache might have been left in an inconsistent
+ ** state. We need to rollback the statement transaction, if there is
+ ** one, or the complete transaction if there is no statement transaction.
+ */
+
+ if( p->db->mallocFailed ){
+ p->rc = SQLITE_NOMEM;
+ }
+ if( p->aOnceFlag ) memset(p->aOnceFlag, 0, p->nOnceFlag);
+ closeAllCursors(p);
+ if( p->magic!=VDBE_MAGIC_RUN ){
+ return SQLITE_OK;
+ }
+ checkActiveVdbeCnt(db);
+
+ /* No commit or rollback needed if the program never started or if the
+ ** SQL statement does not read or write a database file. */
+ if( p->pc>=0 && p->bIsReader ){
+ int mrc; /* Primary error code from p->rc */
+ int eStatementOp = 0;
+ int isSpecialError; /* Set to true if a 'special' error */
+
+ /* Lock all btrees used by the statement */
+ sqlite3VdbeEnter(p);
+
+ /* Check for one of the special errors */
+ mrc = p->rc & 0xff;
+ isSpecialError = mrc==SQLITE_NOMEM || mrc==SQLITE_IOERR
+ || mrc==SQLITE_INTERRUPT || mrc==SQLITE_FULL;
+ if( isSpecialError ){
+ /* If the query was read-only and the error code is SQLITE_INTERRUPT,
+ ** no rollback is necessary. Otherwise, at least a savepoint
+ ** transaction must be rolled back to restore the database to a
+ ** consistent state.
+ **
+ ** Even if the statement is read-only, it is important to perform
+ ** a statement or transaction rollback operation. If the error
+ ** occurred while writing to the journal, sub-journal or database
+ ** file as part of an effort to free up cache space (see function
+ ** pagerStress() in pager.c), the rollback is required to restore
+ ** the pager to a consistent state.
+ */
+ if( !p->readOnly || mrc!=SQLITE_INTERRUPT ){
+ if( (mrc==SQLITE_NOMEM || mrc==SQLITE_FULL) && p->usesStmtJournal ){
+ eStatementOp = SAVEPOINT_ROLLBACK;
+ }else{
+ /* We are forced to roll back the active transaction. Before doing
+ ** so, abort any other statements this handle currently has active.
+ */
+ sqlite3RollbackAll(db, SQLITE_ABORT_ROLLBACK);
+ sqlite3CloseSavepoints(db);
+ db->autoCommit = 1;
+ p->nChange = 0;
+ }
+ }
+ }
+
+ /* Check for immediate foreign key violations. */
+ if( p->rc==SQLITE_OK ){
+ sqlite3VdbeCheckFk(p, 0);
+ }
+
+ /* If the auto-commit flag is set and this is the only active writer
+ ** VM, then we do either a commit or rollback of the current transaction.
+ **
+ ** Note: This block also runs if one of the special errors handled
+ ** above has occurred.
+ */
+ if( !sqlite3VtabInSync(db)
+ && db->autoCommit
+ && db->nVdbeWrite==(p->readOnly==0)
+ ){
+ if( p->rc==SQLITE_OK || (p->errorAction==OE_Fail && !isSpecialError) ){
+ rc = sqlite3VdbeCheckFk(p, 1);
+ if( rc!=SQLITE_OK ){
+ if( NEVER(p->readOnly) ){
+ sqlite3VdbeLeave(p);
+ return SQLITE_ERROR;
+ }
+ rc = SQLITE_CONSTRAINT_FOREIGNKEY;
+ }else{
+ /* The auto-commit flag is true, the vdbe program was successful
+ ** or hit an 'OR FAIL' constraint and there are no deferred foreign
+ ** key constraints to hold up the transaction. This means a commit
+ ** is required. */
+ rc = vdbeCommit(db, p);
+ }
+ if( rc==SQLITE_BUSY && p->readOnly ){
+ sqlite3VdbeLeave(p);
+ return SQLITE_BUSY;
+ }else if( rc!=SQLITE_OK ){
+ p->rc = rc;
+ sqlite3RollbackAll(db, SQLITE_OK);
+ p->nChange = 0;
+ }else{
+ db->nDeferredCons = 0;
+ db->nDeferredImmCons = 0;
+ db->flags &= ~SQLITE_DeferFKs;
+ sqlite3CommitInternalChanges(db);
+ }
+ }else{
+ sqlite3RollbackAll(db, SQLITE_OK);
+ p->nChange = 0;
+ }
+ db->nStatement = 0;
+ }else if( eStatementOp==0 ){
+ if( p->rc==SQLITE_OK || p->errorAction==OE_Fail ){
+ eStatementOp = SAVEPOINT_RELEASE;
+ }else if( p->errorAction==OE_Abort ){
+ eStatementOp = SAVEPOINT_ROLLBACK;
+ }else{
+ sqlite3RollbackAll(db, SQLITE_ABORT_ROLLBACK);
+ sqlite3CloseSavepoints(db);
+ db->autoCommit = 1;
+ p->nChange = 0;
+ }
+ }
+
+ /* If eStatementOp is non-zero, then a statement transaction needs to
+ ** be committed or rolled back. Call sqlite3VdbeCloseStatement() to
+ ** do so. If this operation returns an error, and the current statement
+ ** error code is SQLITE_OK or SQLITE_CONSTRAINT, then promote the
+ ** current statement error code.
+ */
+ if( eStatementOp ){
+ rc = sqlite3VdbeCloseStatement(p, eStatementOp);
+ if( rc ){
+ if( p->rc==SQLITE_OK || (p->rc&0xff)==SQLITE_CONSTRAINT ){
+ p->rc = rc;
+ sqlite3DbFree(db, p->zErrMsg);
+ p->zErrMsg = 0;
+ }
+ sqlite3RollbackAll(db, SQLITE_ABORT_ROLLBACK);
+ sqlite3CloseSavepoints(db);
+ db->autoCommit = 1;
+ p->nChange = 0;
+ }
+ }
+
+ /* If this was an INSERT, UPDATE or DELETE and no statement transaction
+ ** has been rolled back, update the database connection change-counter.
+ */
+ if( p->changeCntOn ){
+ if( eStatementOp!=SAVEPOINT_ROLLBACK ){
+ sqlite3VdbeSetChanges(db, p->nChange);
+ }else{
+ sqlite3VdbeSetChanges(db, 0);
+ }
+ p->nChange = 0;
+ }
+
+ /* Release the locks */
+ sqlite3VdbeLeave(p);
+ }
+
+ /* We have successfully halted and closed the VM. Record this fact. */
+ if( p->pc>=0 ){
+ db->nVdbeActive--;
+ if( !p->readOnly ) db->nVdbeWrite--;
+ if( p->bIsReader ) db->nVdbeRead--;
+ assert( db->nVdbeActive>=db->nVdbeRead );
+ assert( db->nVdbeRead>=db->nVdbeWrite );
+ assert( db->nVdbeWrite>=0 );
+ }
+ p->magic = VDBE_MAGIC_HALT;
+ checkActiveVdbeCnt(db);
+ if( p->db->mallocFailed ){
+ p->rc = SQLITE_NOMEM;
+ }
+
+ /* If the auto-commit flag is set to true, then any locks that were held
+ ** by connection db have now been released. Call sqlite3ConnectionUnlocked()
+ ** to invoke any required unlock-notify callbacks.
+ */
+ if( db->autoCommit ){
+ sqlite3ConnectionUnlocked(db);
+ }
+
+ assert( db->nVdbeActive>0 || db->autoCommit==0 || db->nStatement==0 );
+ return (p->rc==SQLITE_BUSY ? SQLITE_BUSY : SQLITE_OK);
+}
+
+
+/*
+** Each VDBE holds the result of the most recent sqlite3_step() call
+** in p->rc. This routine sets that result back to SQLITE_OK.
+*/
+SQLITE_PRIVATE void sqlite3VdbeResetStepResult(Vdbe *p){
+ p->rc = SQLITE_OK;
+}
+
+/*
+** Copy the error code and error message belonging to the VDBE passed
+** as the first argument to its database handle (so that they will be
+** returned by calls to sqlite3_errcode() and sqlite3_errmsg()).
+**
+** This function does not clear the VDBE error code or message, just
+** copies them to the database handle.
+*/
+SQLITE_PRIVATE int sqlite3VdbeTransferError(Vdbe *p){
+ sqlite3 *db = p->db;
+ int rc = p->rc;
+ if( p->zErrMsg ){
+ u8 mallocFailed = db->mallocFailed;
+ sqlite3BeginBenignMalloc();
+ if( db->pErr==0 ) db->pErr = sqlite3ValueNew(db);
+ sqlite3ValueSetStr(db->pErr, -1, p->zErrMsg, SQLITE_UTF8, SQLITE_TRANSIENT);
+ sqlite3EndBenignMalloc();
+ db->mallocFailed = mallocFailed;
+ db->errCode = rc;
+ }else{
+ sqlite3Error(db, rc);
+ }
+ return rc;
+}
+
+#ifdef SQLITE_ENABLE_SQLLOG
+/*
+** If an SQLITE_CONFIG_SQLLOG hook is registered and the VM has been run,
+** invoke it.
+*/
+static void vdbeInvokeSqllog(Vdbe *v){
+ if( sqlite3GlobalConfig.xSqllog && v->rc==SQLITE_OK && v->zSql && v->pc>=0 ){
+ char *zExpanded = sqlite3VdbeExpandSql(v, v->zSql);
+ assert( v->db->init.busy==0 );
+ if( zExpanded ){
+ sqlite3GlobalConfig.xSqllog(
+ sqlite3GlobalConfig.pSqllogArg, v->db, zExpanded, 1
+ );
+ sqlite3DbFree(v->db, zExpanded);
+ }
+ }
+}
+#else
+# define vdbeInvokeSqllog(x)
+#endif
+
+/*
+** Clean up a VDBE after execution but do not delete the VDBE just yet.
+** Write any error messages into *pzErrMsg. Return the result code.
+**
+** After this routine is run, the VDBE should be ready to be executed
+** again.
+**
+** To look at it another way, this routine resets the state of the
+** virtual machine from VDBE_MAGIC_RUN or VDBE_MAGIC_HALT back to
+** VDBE_MAGIC_INIT.
+*/
+SQLITE_PRIVATE int sqlite3VdbeReset(Vdbe *p){
+ sqlite3 *db;
+ db = p->db;
+
+ /* If the VM did not run to completion or if it encountered an
+ ** error, then it might not have been halted properly. So halt
+ ** it now.
+ */
+ sqlite3VdbeHalt(p);
+
+ /* If the VDBE has be run even partially, then transfer the error code
+ ** and error message from the VDBE into the main database structure. But
+ ** if the VDBE has just been set to run but has not actually executed any
+ ** instructions yet, leave the main database error information unchanged.
+ */
+ if( p->pc>=0 ){
+ vdbeInvokeSqllog(p);
+ sqlite3VdbeTransferError(p);
+ sqlite3DbFree(db, p->zErrMsg);
+ p->zErrMsg = 0;
+ if( p->runOnlyOnce ) p->expired = 1;
+ }else if( p->rc && p->expired ){
+ /* The expired flag was set on the VDBE before the first call
+ ** to sqlite3_step(). For consistency (since sqlite3_step() was
+ ** called), set the database error in this case as well.
+ */
+ sqlite3ErrorWithMsg(db, p->rc, p->zErrMsg ? "%s" : 0, p->zErrMsg);
+ sqlite3DbFree(db, p->zErrMsg);
+ p->zErrMsg = 0;
+ }
+
+ /* Reclaim all memory used by the VDBE
+ */
+ Cleanup(p);
+
+ /* Save profiling information from this VDBE run.
+ */
+#ifdef VDBE_PROFILE
+ {
+ FILE *out = fopen("vdbe_profile.out", "a");
+ if( out ){
+ int i;
+ fprintf(out, "---- ");
+ for(i=0; i<p->nOp; i++){
+ fprintf(out, "%02x", p->aOp[i].opcode);
+ }
+ fprintf(out, "\n");
+ if( p->zSql ){
+ char c, pc = 0;
+ fprintf(out, "-- ");
+ for(i=0; (c = p->zSql[i])!=0; i++){
+ if( pc=='\n' ) fprintf(out, "-- ");
+ putc(c, out);
+ pc = c;
+ }
+ if( pc!='\n' ) fprintf(out, "\n");
+ }
+ for(i=0; i<p->nOp; i++){
+ char zHdr[100];
+ sqlite3_snprintf(sizeof(zHdr), zHdr, "%6u %12llu %8llu ",
+ p->aOp[i].cnt,
+ p->aOp[i].cycles,
+ p->aOp[i].cnt>0 ? p->aOp[i].cycles/p->aOp[i].cnt : 0
+ );
+ fprintf(out, "%s", zHdr);
+ sqlite3VdbePrintOp(out, i, &p->aOp[i]);
+ }
+ fclose(out);
+ }
+ }
+#endif
+ p->iCurrentTime = 0;
+ p->magic = VDBE_MAGIC_INIT;
+ return p->rc & db->errMask;
+}
+
+/*
+** Clean up and delete a VDBE after execution. Return an integer which is
+** the result code. Write any error message text into *pzErrMsg.
+*/
+SQLITE_PRIVATE int sqlite3VdbeFinalize(Vdbe *p){
+ int rc = SQLITE_OK;
+ if( p->magic==VDBE_MAGIC_RUN || p->magic==VDBE_MAGIC_HALT ){
+ rc = sqlite3VdbeReset(p);
+ assert( (rc & p->db->errMask)==rc );
+ }
+ sqlite3VdbeDelete(p);
+ return rc;
+}
+
+/*
+** If parameter iOp is less than zero, then invoke the destructor for
+** all auxiliary data pointers currently cached by the VM passed as
+** the first argument.
+**
+** Or, if iOp is greater than or equal to zero, then the destructor is
+** only invoked for those auxiliary data pointers created by the user
+** function invoked by the OP_Function opcode at instruction iOp of
+** VM pVdbe, and only then if:
+**
+** * the associated function parameter is the 32nd or later (counting
+** from left to right), or
+**
+** * the corresponding bit in argument mask is clear (where the first
+** function parameter corresponds to bit 0 etc.).
+*/
+SQLITE_PRIVATE void sqlite3VdbeDeleteAuxData(Vdbe *pVdbe, int iOp, int mask){
+ AuxData **pp = &pVdbe->pAuxData;
+ while( *pp ){
+ AuxData *pAux = *pp;
+ if( (iOp<0)
+ || (pAux->iOp==iOp && (pAux->iArg>31 || !(mask & MASKBIT32(pAux->iArg))))
+ ){
+ testcase( pAux->iArg==31 );
+ if( pAux->xDelete ){
+ pAux->xDelete(pAux->pAux);
+ }
+ *pp = pAux->pNext;
+ sqlite3DbFree(pVdbe->db, pAux);
+ }else{
+ pp= &pAux->pNext;
+ }
+ }
+}
+
+/*
+** Free all memory associated with the Vdbe passed as the second argument,
+** except for object itself, which is preserved.
+**
+** The difference between this function and sqlite3VdbeDelete() is that
+** VdbeDelete() also unlinks the Vdbe from the list of VMs associated with
+** the database connection and frees the object itself.
+*/
+SQLITE_PRIVATE void sqlite3VdbeClearObject(sqlite3 *db, Vdbe *p){
+ SubProgram *pSub, *pNext;
+ int i;
+ assert( p->db==0 || p->db==db );
+ releaseMemArray(p->aVar, p->nVar);
+ releaseMemArray(p->aColName, p->nResColumn*COLNAME_N);
+ for(pSub=p->pProgram; pSub; pSub=pNext){
+ pNext = pSub->pNext;
+ vdbeFreeOpArray(db, pSub->aOp, pSub->nOp);
+ sqlite3DbFree(db, pSub);
+ }
+ for(i=p->nzVar-1; i>=0; i--) sqlite3DbFree(db, p->azVar[i]);
+ vdbeFreeOpArray(db, p->aOp, p->nOp);
+ sqlite3DbFree(db, p->aColName);
+ sqlite3DbFree(db, p->zSql);
+ sqlite3DbFree(db, p->pFree);
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ for(i=0; i<p->nScan; i++){
+ sqlite3DbFree(db, p->aScan[i].zName);
+ }
+ sqlite3DbFree(db, p->aScan);
+#endif
+}
+
+/*
+** Delete an entire VDBE.
+*/
+SQLITE_PRIVATE void sqlite3VdbeDelete(Vdbe *p){
+ sqlite3 *db;
+
+ if( NEVER(p==0) ) return;
+ db = p->db;
+ assert( sqlite3_mutex_held(db->mutex) );
+ sqlite3VdbeClearObject(db, p);
+ if( p->pPrev ){
+ p->pPrev->pNext = p->pNext;
+ }else{
+ assert( db->pVdbe==p );
+ db->pVdbe = p->pNext;
+ }
+ if( p->pNext ){
+ p->pNext->pPrev = p->pPrev;
+ }
+ p->magic = VDBE_MAGIC_DEAD;
+ p->db = 0;
+ sqlite3DbFree(db, p);
+}
+
+/*
+** The cursor "p" has a pending seek operation that has not yet been
+** carried out. Seek the cursor now. If an error occurs, return
+** the appropriate error code.
+*/
+static int SQLITE_NOINLINE handleDeferredMoveto(VdbeCursor *p){
+ int res, rc;
+#ifdef SQLITE_TEST
+ extern int sqlite3_search_count;
+#endif
+ assert( p->deferredMoveto );
+ assert( p->isTable );
+ assert( p->eCurType==CURTYPE_BTREE );
+ rc = sqlite3BtreeMovetoUnpacked(p->uc.pCursor, 0, p->movetoTarget, 0, &res);
+ if( rc ) return rc;
+ if( res!=0 ) return SQLITE_CORRUPT_BKPT;
+#ifdef SQLITE_TEST
+ sqlite3_search_count++;
+#endif
+ p->deferredMoveto = 0;
+ p->cacheStatus = CACHE_STALE;
+ return SQLITE_OK;
+}
+
+/*
+** Something has moved cursor "p" out of place. Maybe the row it was
+** pointed to was deleted out from under it. Or maybe the btree was
+** rebalanced. Whatever the cause, try to restore "p" to the place it
+** is supposed to be pointing. If the row was deleted out from under the
+** cursor, set the cursor to point to a NULL row.
+*/
+static int SQLITE_NOINLINE handleMovedCursor(VdbeCursor *p){
+ int isDifferentRow, rc;
+ assert( p->eCurType==CURTYPE_BTREE );
+ assert( p->uc.pCursor!=0 );
+ assert( sqlite3BtreeCursorHasMoved(p->uc.pCursor) );
+ rc = sqlite3BtreeCursorRestore(p->uc.pCursor, &isDifferentRow);
+ p->cacheStatus = CACHE_STALE;
+ if( isDifferentRow ) p->nullRow = 1;
+ return rc;
+}
+
+/*
+** Check to ensure that the cursor is valid. Restore the cursor
+** if need be. Return any I/O error from the restore operation.
+*/
+SQLITE_PRIVATE int sqlite3VdbeCursorRestore(VdbeCursor *p){
+ assert( p->eCurType==CURTYPE_BTREE );
+ if( sqlite3BtreeCursorHasMoved(p->uc.pCursor) ){
+ return handleMovedCursor(p);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Make sure the cursor p is ready to read or write the row to which it
+** was last positioned. Return an error code if an OOM fault or I/O error
+** prevents us from positioning the cursor to its correct position.
+**
+** If a MoveTo operation is pending on the given cursor, then do that
+** MoveTo now. If no move is pending, check to see if the row has been
+** deleted out from under the cursor and if it has, mark the row as
+** a NULL row.
+**
+** If the cursor is already pointing to the correct row and that row has
+** not been deleted out from under the cursor, then this routine is a no-op.
+*/
+SQLITE_PRIVATE int sqlite3VdbeCursorMoveto(VdbeCursor *p){
+ if( p->eCurType==CURTYPE_BTREE ){
+ if( p->deferredMoveto ){
+ return handleDeferredMoveto(p);
+ }
+ if( sqlite3BtreeCursorHasMoved(p->uc.pCursor) ){
+ return handleMovedCursor(p);
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** The following functions:
+**
+** sqlite3VdbeSerialType()
+** sqlite3VdbeSerialTypeLen()
+** sqlite3VdbeSerialLen()
+** sqlite3VdbeSerialPut()
+** sqlite3VdbeSerialGet()
+**
+** encapsulate the code that serializes values for storage in SQLite
+** data and index records. Each serialized value consists of a
+** 'serial-type' and a blob of data. The serial type is an 8-byte unsigned
+** integer, stored as a varint.
+**
+** In an SQLite index record, the serial type is stored directly before
+** the blob of data that it corresponds to. In a table record, all serial
+** types are stored at the start of the record, and the blobs of data at
+** the end. Hence these functions allow the caller to handle the
+** serial-type and data blob separately.
+**
+** The following table describes the various storage classes for data:
+**
+** serial type bytes of data type
+** -------------- --------------- ---------------
+** 0 0 NULL
+** 1 1 signed integer
+** 2 2 signed integer
+** 3 3 signed integer
+** 4 4 signed integer
+** 5 6 signed integer
+** 6 8 signed integer
+** 7 8 IEEE float
+** 8 0 Integer constant 0
+** 9 0 Integer constant 1
+** 10,11 reserved for expansion
+** N>=12 and even (N-12)/2 BLOB
+** N>=13 and odd (N-13)/2 text
+**
+** The 8 and 9 types were added in 3.3.0, file format 4. Prior versions
+** of SQLite will not understand those serial types.
+*/
+
+/*
+** Return the serial-type for the value stored in pMem.
+*/
+SQLITE_PRIVATE u32 sqlite3VdbeSerialType(Mem *pMem, int file_format, u32 *pLen){
+ int flags = pMem->flags;
+ u32 n;
+
+ assert( pLen!=0 );
+ if( flags&MEM_Null ){
+ *pLen = 0;
+ return 0;
+ }
+ if( flags&MEM_Int ){
+ /* Figure out whether to use 1, 2, 4, 6 or 8 bytes. */
+# define MAX_6BYTE ((((i64)0x00008000)<<32)-1)
+ i64 i = pMem->u.i;
+ u64 u;
+ if( i<0 ){
+ u = ~i;
+ }else{
+ u = i;
+ }
+ if( u<=127 ){
+ if( (i&1)==i && file_format>=4 ){
+ *pLen = 0;
+ return 8+(u32)u;
+ }else{
+ *pLen = 1;
+ return 1;
+ }
+ }
+ if( u<=32767 ){ *pLen = 2; return 2; }
+ if( u<=8388607 ){ *pLen = 3; return 3; }
+ if( u<=2147483647 ){ *pLen = 4; return 4; }
+ if( u<=MAX_6BYTE ){ *pLen = 6; return 5; }
+ *pLen = 8;
+ return 6;
+ }
+ if( flags&MEM_Real ){
+ *pLen = 8;
+ return 7;
+ }
+ assert( pMem->db->mallocFailed || flags&(MEM_Str|MEM_Blob) );
+ assert( pMem->n>=0 );
+ n = (u32)pMem->n;
+ if( flags & MEM_Zero ){
+ n += pMem->u.nZero;
+ }
+ *pLen = n;
+ return ((n*2) + 12 + ((flags&MEM_Str)!=0));
+}
+
+/*
+** The sizes for serial types less than 128
+*/
+static const u8 sqlite3SmallTypeSizes[] = {
+ /* 0 1 2 3 4 5 6 7 8 9 */
+/* 0 */ 0, 1, 2, 3, 4, 6, 8, 8, 0, 0,
+/* 10 */ 0, 0, 0, 0, 1, 1, 2, 2, 3, 3,
+/* 20 */ 4, 4, 5, 5, 6, 6, 7, 7, 8, 8,
+/* 30 */ 9, 9, 10, 10, 11, 11, 12, 12, 13, 13,
+/* 40 */ 14, 14, 15, 15, 16, 16, 17, 17, 18, 18,
+/* 50 */ 19, 19, 20, 20, 21, 21, 22, 22, 23, 23,
+/* 60 */ 24, 24, 25, 25, 26, 26, 27, 27, 28, 28,
+/* 70 */ 29, 29, 30, 30, 31, 31, 32, 32, 33, 33,
+/* 80 */ 34, 34, 35, 35, 36, 36, 37, 37, 38, 38,
+/* 90 */ 39, 39, 40, 40, 41, 41, 42, 42, 43, 43,
+/* 100 */ 44, 44, 45, 45, 46, 46, 47, 47, 48, 48,
+/* 110 */ 49, 49, 50, 50, 51, 51, 52, 52, 53, 53,
+/* 120 */ 54, 54, 55, 55, 56, 56, 57, 57
+};
+
+/*
+** Return the length of the data corresponding to the supplied serial-type.
+*/
+SQLITE_PRIVATE u32 sqlite3VdbeSerialTypeLen(u32 serial_type){
+ if( serial_type>=128 ){
+ return (serial_type-12)/2;
+ }else{
+ assert( serial_type<12
+ || sqlite3SmallTypeSizes[serial_type]==(serial_type - 12)/2 );
+ return sqlite3SmallTypeSizes[serial_type];
+ }
+}
+SQLITE_PRIVATE u8 sqlite3VdbeOneByteSerialTypeLen(u8 serial_type){
+ assert( serial_type<128 );
+ return sqlite3SmallTypeSizes[serial_type];
+}
+
+/*
+** If we are on an architecture with mixed-endian floating
+** points (ex: ARM7) then swap the lower 4 bytes with the
+** upper 4 bytes. Return the result.
+**
+** For most architectures, this is a no-op.
+**
+** (later): It is reported to me that the mixed-endian problem
+** on ARM7 is an issue with GCC, not with the ARM7 chip. It seems
+** that early versions of GCC stored the two words of a 64-bit
+** float in the wrong order. And that error has been propagated
+** ever since. The blame is not necessarily with GCC, though.
+** GCC might have just copying the problem from a prior compiler.
+** I am also told that newer versions of GCC that follow a different
+** ABI get the byte order right.
+**
+** Developers using SQLite on an ARM7 should compile and run their
+** application using -DSQLITE_DEBUG=1 at least once. With DEBUG
+** enabled, some asserts below will ensure that the byte order of
+** floating point values is correct.
+**
+** (2007-08-30) Frank van Vugt has studied this problem closely
+** and has send his findings to the SQLite developers. Frank
+** writes that some Linux kernels offer floating point hardware
+** emulation that uses only 32-bit mantissas instead of a full
+** 48-bits as required by the IEEE standard. (This is the
+** CONFIG_FPE_FASTFPE option.) On such systems, floating point
+** byte swapping becomes very complicated. To avoid problems,
+** the necessary byte swapping is carried out using a 64-bit integer
+** rather than a 64-bit float. Frank assures us that the code here
+** works for him. We, the developers, have no way to independently
+** verify this, but Frank seems to know what he is talking about
+** so we trust him.
+*/
+#ifdef SQLITE_MIXED_ENDIAN_64BIT_FLOAT
+static u64 floatSwap(u64 in){
+ union {
+ u64 r;
+ u32 i[2];
+ } u;
+ u32 t;
+
+ u.r = in;
+ t = u.i[0];
+ u.i[0] = u.i[1];
+ u.i[1] = t;
+ return u.r;
+}
+# define swapMixedEndianFloat(X) X = floatSwap(X)
+#else
+# define swapMixedEndianFloat(X)
+#endif
+
+/*
+** Write the serialized data blob for the value stored in pMem into
+** buf. It is assumed that the caller has allocated sufficient space.
+** Return the number of bytes written.
+**
+** nBuf is the amount of space left in buf[]. The caller is responsible
+** for allocating enough space to buf[] to hold the entire field, exclusive
+** of the pMem->u.nZero bytes for a MEM_Zero value.
+**
+** Return the number of bytes actually written into buf[]. The number
+** of bytes in the zero-filled tail is included in the return value only
+** if those bytes were zeroed in buf[].
+*/
+SQLITE_PRIVATE u32 sqlite3VdbeSerialPut(u8 *buf, Mem *pMem, u32 serial_type){
+ u32 len;
+
+ /* Integer and Real */
+ if( serial_type<=7 && serial_type>0 ){
+ u64 v;
+ u32 i;
+ if( serial_type==7 ){
+ assert( sizeof(v)==sizeof(pMem->u.r) );
+ memcpy(&v, &pMem->u.r, sizeof(v));
+ swapMixedEndianFloat(v);
+ }else{
+ v = pMem->u.i;
+ }
+ len = i = sqlite3SmallTypeSizes[serial_type];
+ assert( i>0 );
+ do{
+ buf[--i] = (u8)(v&0xFF);
+ v >>= 8;
+ }while( i );
+ return len;
+ }
+
+ /* String or blob */
+ if( serial_type>=12 ){
+ assert( pMem->n + ((pMem->flags & MEM_Zero)?pMem->u.nZero:0)
+ == (int)sqlite3VdbeSerialTypeLen(serial_type) );
+ len = pMem->n;
+ if( len>0 ) memcpy(buf, pMem->z, len);
+ return len;
+ }
+
+ /* NULL or constants 0 or 1 */
+ return 0;
+}
+
+/* Input "x" is a sequence of unsigned characters that represent a
+** big-endian integer. Return the equivalent native integer
+*/
+#define ONE_BYTE_INT(x) ((i8)(x)[0])
+#define TWO_BYTE_INT(x) (256*(i8)((x)[0])|(x)[1])
+#define THREE_BYTE_INT(x) (65536*(i8)((x)[0])|((x)[1]<<8)|(x)[2])
+#define FOUR_BYTE_UINT(x) (((u32)(x)[0]<<24)|((x)[1]<<16)|((x)[2]<<8)|(x)[3])
+#define FOUR_BYTE_INT(x) (16777216*(i8)((x)[0])|((x)[1]<<16)|((x)[2]<<8)|(x)[3])
+
+/*
+** Deserialize the data blob pointed to by buf as serial type serial_type
+** and store the result in pMem. Return the number of bytes read.
+**
+** This function is implemented as two separate routines for performance.
+** The few cases that require local variables are broken out into a separate
+** routine so that in most cases the overhead of moving the stack pointer
+** is avoided.
+*/
+static u32 SQLITE_NOINLINE serialGet(
+ const unsigned char *buf, /* Buffer to deserialize from */
+ u32 serial_type, /* Serial type to deserialize */
+ Mem *pMem /* Memory cell to write value into */
+){
+ u64 x = FOUR_BYTE_UINT(buf);
+ u32 y = FOUR_BYTE_UINT(buf+4);
+ x = (x<<32) + y;
+ if( serial_type==6 ){
+ /* EVIDENCE-OF: R-29851-52272 Value is a big-endian 64-bit
+ ** twos-complement integer. */
+ pMem->u.i = *(i64*)&x;
+ pMem->flags = MEM_Int;
+ testcase( pMem->u.i<0 );
+ }else{
+ /* EVIDENCE-OF: R-57343-49114 Value is a big-endian IEEE 754-2008 64-bit
+ ** floating point number. */
+#if !defined(NDEBUG) && !defined(SQLITE_OMIT_FLOATING_POINT)
+ /* Verify that integers and floating point values use the same
+ ** byte order. Or, that if SQLITE_MIXED_ENDIAN_64BIT_FLOAT is
+ ** defined that 64-bit floating point values really are mixed
+ ** endian.
+ */
+ static const u64 t1 = ((u64)0x3ff00000)<<32;
+ static const double r1 = 1.0;
+ u64 t2 = t1;
+ swapMixedEndianFloat(t2);
+ assert( sizeof(r1)==sizeof(t2) && memcmp(&r1, &t2, sizeof(r1))==0 );
+#endif
+ assert( sizeof(x)==8 && sizeof(pMem->u.r)==8 );
+ swapMixedEndianFloat(x);
+ memcpy(&pMem->u.r, &x, sizeof(x));
+ pMem->flags = sqlite3IsNaN(pMem->u.r) ? MEM_Null : MEM_Real;
+ }
+ return 8;
+}
+SQLITE_PRIVATE u32 sqlite3VdbeSerialGet(
+ const unsigned char *buf, /* Buffer to deserialize from */
+ u32 serial_type, /* Serial type to deserialize */
+ Mem *pMem /* Memory cell to write value into */
+){
+ switch( serial_type ){
+ case 10: /* Reserved for future use */
+ case 11: /* Reserved for future use */
+ case 0: { /* Null */
+ /* EVIDENCE-OF: R-24078-09375 Value is a NULL. */
+ pMem->flags = MEM_Null;
+ break;
+ }
+ case 1: {
+ /* EVIDENCE-OF: R-44885-25196 Value is an 8-bit twos-complement
+ ** integer. */
+ pMem->u.i = ONE_BYTE_INT(buf);
+ pMem->flags = MEM_Int;
+ testcase( pMem->u.i<0 );
+ return 1;
+ }
+ case 2: { /* 2-byte signed integer */
+ /* EVIDENCE-OF: R-49794-35026 Value is a big-endian 16-bit
+ ** twos-complement integer. */
+ pMem->u.i = TWO_BYTE_INT(buf);
+ pMem->flags = MEM_Int;
+ testcase( pMem->u.i<0 );
+ return 2;
+ }
+ case 3: { /* 3-byte signed integer */
+ /* EVIDENCE-OF: R-37839-54301 Value is a big-endian 24-bit
+ ** twos-complement integer. */
+ pMem->u.i = THREE_BYTE_INT(buf);
+ pMem->flags = MEM_Int;
+ testcase( pMem->u.i<0 );
+ return 3;
+ }
+ case 4: { /* 4-byte signed integer */
+ /* EVIDENCE-OF: R-01849-26079 Value is a big-endian 32-bit
+ ** twos-complement integer. */
+ pMem->u.i = FOUR_BYTE_INT(buf);
+#ifdef __HP_cc
+ /* Work around a sign-extension bug in the HP compiler for HP/UX */
+ if( buf[0]&0x80 ) pMem->u.i |= 0xffffffff80000000LL;
+#endif
+ pMem->flags = MEM_Int;
+ testcase( pMem->u.i<0 );
+ return 4;
+ }
+ case 5: { /* 6-byte signed integer */
+ /* EVIDENCE-OF: R-50385-09674 Value is a big-endian 48-bit
+ ** twos-complement integer. */
+ pMem->u.i = FOUR_BYTE_UINT(buf+2) + (((i64)1)<<32)*TWO_BYTE_INT(buf);
+ pMem->flags = MEM_Int;
+ testcase( pMem->u.i<0 );
+ return 6;
+ }
+ case 6: /* 8-byte signed integer */
+ case 7: { /* IEEE floating point */
+ /* These use local variables, so do them in a separate routine
+ ** to avoid having to move the frame pointer in the common case */
+ return serialGet(buf,serial_type,pMem);
+ }
+ case 8: /* Integer 0 */
+ case 9: { /* Integer 1 */
+ /* EVIDENCE-OF: R-12976-22893 Value is the integer 0. */
+ /* EVIDENCE-OF: R-18143-12121 Value is the integer 1. */
+ pMem->u.i = serial_type-8;
+ pMem->flags = MEM_Int;
+ return 0;
+ }
+ default: {
+ /* EVIDENCE-OF: R-14606-31564 Value is a BLOB that is (N-12)/2 bytes in
+ ** length.
+ ** EVIDENCE-OF: R-28401-00140 Value is a string in the text encoding and
+ ** (N-13)/2 bytes in length. */
+ static const u16 aFlag[] = { MEM_Blob|MEM_Ephem, MEM_Str|MEM_Ephem };
+ pMem->z = (char *)buf;
+ pMem->n = (serial_type-12)/2;
+ pMem->flags = aFlag[serial_type&1];
+ return pMem->n;
+ }
+ }
+ return 0;
+}
+/*
+** This routine is used to allocate sufficient space for an UnpackedRecord
+** structure large enough to be used with sqlite3VdbeRecordUnpack() if
+** the first argument is a pointer to KeyInfo structure pKeyInfo.
+**
+** The space is either allocated using sqlite3DbMallocRaw() or from within
+** the unaligned buffer passed via the second and third arguments (presumably
+** stack space). If the former, then *ppFree is set to a pointer that should
+** be eventually freed by the caller using sqlite3DbFree(). Or, if the
+** allocation comes from the pSpace/szSpace buffer, *ppFree is set to NULL
+** before returning.
+**
+** If an OOM error occurs, NULL is returned.
+*/
+SQLITE_PRIVATE UnpackedRecord *sqlite3VdbeAllocUnpackedRecord(
+ KeyInfo *pKeyInfo, /* Description of the record */
+ char *pSpace, /* Unaligned space available */
+ int szSpace, /* Size of pSpace[] in bytes */
+ char **ppFree /* OUT: Caller should free this pointer */
+){
+ UnpackedRecord *p; /* Unpacked record to return */
+ int nOff; /* Increment pSpace by nOff to align it */
+ int nByte; /* Number of bytes required for *p */
+
+ /* We want to shift the pointer pSpace up such that it is 8-byte aligned.
+ ** Thus, we need to calculate a value, nOff, between 0 and 7, to shift
+ ** it by. If pSpace is already 8-byte aligned, nOff should be zero.
+ */
+ nOff = (8 - (SQLITE_PTR_TO_INT(pSpace) & 7)) & 7;
+ nByte = ROUND8(sizeof(UnpackedRecord)) + sizeof(Mem)*(pKeyInfo->nField+1);
+ if( nByte>szSpace+nOff ){
+ p = (UnpackedRecord *)sqlite3DbMallocRaw(pKeyInfo->db, nByte);
+ *ppFree = (char *)p;
+ if( !p ) return 0;
+ }else{
+ p = (UnpackedRecord*)&pSpace[nOff];
+ *ppFree = 0;
+ }
+
+ p->aMem = (Mem*)&((char*)p)[ROUND8(sizeof(UnpackedRecord))];
+ assert( pKeyInfo->aSortOrder!=0 );
+ p->pKeyInfo = pKeyInfo;
+ p->nField = pKeyInfo->nField + 1;
+ return p;
+}
+
+/*
+** Given the nKey-byte encoding of a record in pKey[], populate the
+** UnpackedRecord structure indicated by the fourth argument with the
+** contents of the decoded record.
+*/
+SQLITE_PRIVATE void sqlite3VdbeRecordUnpack(
+ KeyInfo *pKeyInfo, /* Information about the record format */
+ int nKey, /* Size of the binary record */
+ const void *pKey, /* The binary record */
+ UnpackedRecord *p /* Populate this structure before returning. */
+){
+ const unsigned char *aKey = (const unsigned char *)pKey;
+ int d;
+ u32 idx; /* Offset in aKey[] to read from */
+ u16 u; /* Unsigned loop counter */
+ u32 szHdr;
+ Mem *pMem = p->aMem;
+
+ p->default_rc = 0;
+ assert( EIGHT_BYTE_ALIGNMENT(pMem) );
+ idx = getVarint32(aKey, szHdr);
+ d = szHdr;
+ u = 0;
+ while( idx<szHdr && d<=nKey ){
+ u32 serial_type;
+
+ idx += getVarint32(&aKey[idx], serial_type);
+ pMem->enc = pKeyInfo->enc;
+ pMem->db = pKeyInfo->db;
+ /* pMem->flags = 0; // sqlite3VdbeSerialGet() will set this for us */
+ pMem->szMalloc = 0;
+ d += sqlite3VdbeSerialGet(&aKey[d], serial_type, pMem);
+ pMem++;
+ if( (++u)>=p->nField ) break;
+ }
+ assert( u<=pKeyInfo->nField + 1 );
+ p->nField = u;
+}
+
+#if SQLITE_DEBUG
+/*
+** This function compares two index or table record keys in the same way
+** as the sqlite3VdbeRecordCompare() routine. Unlike VdbeRecordCompare(),
+** this function deserializes and compares values using the
+** sqlite3VdbeSerialGet() and sqlite3MemCompare() functions. It is used
+** in assert() statements to ensure that the optimized code in
+** sqlite3VdbeRecordCompare() returns results with these two primitives.
+**
+** Return true if the result of comparison is equivalent to desiredResult.
+** Return false if there is a disagreement.
+*/
+static int vdbeRecordCompareDebug(
+ int nKey1, const void *pKey1, /* Left key */
+ const UnpackedRecord *pPKey2, /* Right key */
+ int desiredResult /* Correct answer */
+){
+ u32 d1; /* Offset into aKey[] of next data element */
+ u32 idx1; /* Offset into aKey[] of next header element */
+ u32 szHdr1; /* Number of bytes in header */
+ int i = 0;
+ int rc = 0;
+ const unsigned char *aKey1 = (const unsigned char *)pKey1;
+ KeyInfo *pKeyInfo;
+ Mem mem1;
+
+ pKeyInfo = pPKey2->pKeyInfo;
+ if( pKeyInfo->db==0 ) return 1;
+ mem1.enc = pKeyInfo->enc;
+ mem1.db = pKeyInfo->db;
+ /* mem1.flags = 0; // Will be initialized by sqlite3VdbeSerialGet() */
+ VVA_ONLY( mem1.szMalloc = 0; ) /* Only needed by assert() statements */
+
+ /* Compilers may complain that mem1.u.i is potentially uninitialized.
+ ** We could initialize it, as shown here, to silence those complaints.
+ ** But in fact, mem1.u.i will never actually be used uninitialized, and doing
+ ** the unnecessary initialization has a measurable negative performance
+ ** impact, since this routine is a very high runner. And so, we choose
+ ** to ignore the compiler warnings and leave this variable uninitialized.
+ */
+ /* mem1.u.i = 0; // not needed, here to silence compiler warning */
+
+ idx1 = getVarint32(aKey1, szHdr1);
+ if( szHdr1>98307 ) return SQLITE_CORRUPT;
+ d1 = szHdr1;
+ assert( pKeyInfo->nField+pKeyInfo->nXField>=pPKey2->nField || CORRUPT_DB );
+ assert( pKeyInfo->aSortOrder!=0 );
+ assert( pKeyInfo->nField>0 );
+ assert( idx1<=szHdr1 || CORRUPT_DB );
+ do{
+ u32 serial_type1;
+
+ /* Read the serial types for the next element in each key. */
+ idx1 += getVarint32( aKey1+idx1, serial_type1 );
+
+ /* Verify that there is enough key space remaining to avoid
+ ** a buffer overread. The "d1+serial_type1+2" subexpression will
+ ** always be greater than or equal to the amount of required key space.
+ ** Use that approximation to avoid the more expensive call to
+ ** sqlite3VdbeSerialTypeLen() in the common case.
+ */
+ if( d1+serial_type1+2>(u32)nKey1
+ && d1+sqlite3VdbeSerialTypeLen(serial_type1)>(u32)nKey1
+ ){
+ break;
+ }
+
+ /* Extract the values to be compared.
+ */
+ d1 += sqlite3VdbeSerialGet(&aKey1[d1], serial_type1, &mem1);
+
+ /* Do the comparison
+ */
+ rc = sqlite3MemCompare(&mem1, &pPKey2->aMem[i], pKeyInfo->aColl[i]);
+ if( rc!=0 ){
+ assert( mem1.szMalloc==0 ); /* See comment below */
+ if( pKeyInfo->aSortOrder[i] ){
+ rc = -rc; /* Invert the result for DESC sort order. */
+ }
+ goto debugCompareEnd;
+ }
+ i++;
+ }while( idx1<szHdr1 && i<pPKey2->nField );
+
+ /* No memory allocation is ever used on mem1. Prove this using
+ ** the following assert(). If the assert() fails, it indicates a
+ ** memory leak and a need to call sqlite3VdbeMemRelease(&mem1).
+ */
+ assert( mem1.szMalloc==0 );
+
+ /* rc==0 here means that one of the keys ran out of fields and
+ ** all the fields up to that point were equal. Return the default_rc
+ ** value. */
+ rc = pPKey2->default_rc;
+
+debugCompareEnd:
+ if( desiredResult==0 && rc==0 ) return 1;
+ if( desiredResult<0 && rc<0 ) return 1;
+ if( desiredResult>0 && rc>0 ) return 1;
+ if( CORRUPT_DB ) return 1;
+ if( pKeyInfo->db->mallocFailed ) return 1;
+ return 0;
+}
+#endif
+
+#if SQLITE_DEBUG
+/*
+** Count the number of fields (a.k.a. columns) in the record given by
+** pKey,nKey. The verify that this count is less than or equal to the
+** limit given by pKeyInfo->nField + pKeyInfo->nXField.
+**
+** If this constraint is not satisfied, it means that the high-speed
+** vdbeRecordCompareInt() and vdbeRecordCompareString() routines will
+** not work correctly. If this assert() ever fires, it probably means
+** that the KeyInfo.nField or KeyInfo.nXField values were computed
+** incorrectly.
+*/
+static void vdbeAssertFieldCountWithinLimits(
+ int nKey, const void *pKey, /* The record to verify */
+ const KeyInfo *pKeyInfo /* Compare size with this KeyInfo */
+){
+ int nField = 0;
+ u32 szHdr;
+ u32 idx;
+ u32 notUsed;
+ const unsigned char *aKey = (const unsigned char*)pKey;
+
+ if( CORRUPT_DB ) return;
+ idx = getVarint32(aKey, szHdr);
+ assert( nKey>=0 );
+ assert( szHdr<=(u32)nKey );
+ while( idx<szHdr ){
+ idx += getVarint32(aKey+idx, notUsed);
+ nField++;
+ }
+ assert( nField <= pKeyInfo->nField+pKeyInfo->nXField );
+}
+#else
+# define vdbeAssertFieldCountWithinLimits(A,B,C)
+#endif
+
+/*
+** Both *pMem1 and *pMem2 contain string values. Compare the two values
+** using the collation sequence pColl. As usual, return a negative , zero
+** or positive value if *pMem1 is less than, equal to or greater than
+** *pMem2, respectively. Similar in spirit to "rc = (*pMem1) - (*pMem2);".
+*/
+static int vdbeCompareMemString(
+ const Mem *pMem1,
+ const Mem *pMem2,
+ const CollSeq *pColl,
+ u8 *prcErr /* If an OOM occurs, set to SQLITE_NOMEM */
+){
+ if( pMem1->enc==pColl->enc ){
+ /* The strings are already in the correct encoding. Call the
+ ** comparison function directly */
+ return pColl->xCmp(pColl->pUser,pMem1->n,pMem1->z,pMem2->n,pMem2->z);
+ }else{
+ int rc;
+ const void *v1, *v2;
+ int n1, n2;
+ Mem c1;
+ Mem c2;
+ sqlite3VdbeMemInit(&c1, pMem1->db, MEM_Null);
+ sqlite3VdbeMemInit(&c2, pMem1->db, MEM_Null);
+ sqlite3VdbeMemShallowCopy(&c1, pMem1, MEM_Ephem);
+ sqlite3VdbeMemShallowCopy(&c2, pMem2, MEM_Ephem);
+ v1 = sqlite3ValueText((sqlite3_value*)&c1, pColl->enc);
+ n1 = v1==0 ? 0 : c1.n;
+ v2 = sqlite3ValueText((sqlite3_value*)&c2, pColl->enc);
+ n2 = v2==0 ? 0 : c2.n;
+ rc = pColl->xCmp(pColl->pUser, n1, v1, n2, v2);
+ sqlite3VdbeMemRelease(&c1);
+ sqlite3VdbeMemRelease(&c2);
+ if( (v1==0 || v2==0) && prcErr ) *prcErr = SQLITE_NOMEM;
+ return rc;
+ }
+}
+
+/*
+** Compare two blobs. Return negative, zero, or positive if the first
+** is less than, equal to, or greater than the second, respectively.
+** If one blob is a prefix of the other, then the shorter is the lessor.
+*/
+static SQLITE_NOINLINE int sqlite3BlobCompare(const Mem *pB1, const Mem *pB2){
+ int c = memcmp(pB1->z, pB2->z, pB1->n>pB2->n ? pB2->n : pB1->n);
+ if( c ) return c;
+ return pB1->n - pB2->n;
+}
+
+/*
+** Do a comparison between a 64-bit signed integer and a 64-bit floating-point
+** number. Return negative, zero, or positive if the first (i64) is less than,
+** equal to, or greater than the second (double).
+*/
+static int sqlite3IntFloatCompare(i64 i, double r){
+ if( sizeof(LONGDOUBLE_TYPE)>8 ){
+ LONGDOUBLE_TYPE x = (LONGDOUBLE_TYPE)i;
+ if( x<r ) return -1;
+ if( x>r ) return +1;
+ return 0;
+ }else{
+ i64 y;
+ double s;
+ if( r<-9223372036854775808.0 ) return +1;
+ if( r>9223372036854775807.0 ) return -1;
+ y = (i64)r;
+ if( i<y ) return -1;
+ if( i>y ){
+ if( y==SMALLEST_INT64 && r>0.0 ) return -1;
+ return +1;
+ }
+ s = (double)i;
+ if( s<r ) return -1;
+ if( s>r ) return +1;
+ return 0;
+ }
+}
+
+/*
+** Compare the values contained by the two memory cells, returning
+** negative, zero or positive if pMem1 is less than, equal to, or greater
+** than pMem2. Sorting order is NULL's first, followed by numbers (integers
+** and reals) sorted numerically, followed by text ordered by the collating
+** sequence pColl and finally blob's ordered by memcmp().
+**
+** Two NULL values are considered equal by this function.
+*/
+SQLITE_PRIVATE int sqlite3MemCompare(const Mem *pMem1, const Mem *pMem2, const CollSeq *pColl){
+ int f1, f2;
+ int combined_flags;
+
+ f1 = pMem1->flags;
+ f2 = pMem2->flags;
+ combined_flags = f1|f2;
+ assert( (combined_flags & MEM_RowSet)==0 );
+
+ /* If one value is NULL, it is less than the other. If both values
+ ** are NULL, return 0.
+ */
+ if( combined_flags&MEM_Null ){
+ return (f2&MEM_Null) - (f1&MEM_Null);
+ }
+
+ /* At least one of the two values is a number
+ */
+ if( combined_flags&(MEM_Int|MEM_Real) ){
+ if( (f1 & f2 & MEM_Int)!=0 ){
+ if( pMem1->u.i < pMem2->u.i ) return -1;
+ if( pMem1->u.i > pMem2->u.i ) return +1;
+ return 0;
+ }
+ if( (f1 & f2 & MEM_Real)!=0 ){
+ if( pMem1->u.r < pMem2->u.r ) return -1;
+ if( pMem1->u.r > pMem2->u.r ) return +1;
+ return 0;
+ }
+ if( (f1&MEM_Int)!=0 ){
+ if( (f2&MEM_Real)!=0 ){
+ return sqlite3IntFloatCompare(pMem1->u.i, pMem2->u.r);
+ }else{
+ return -1;
+ }
+ }
+ if( (f1&MEM_Real)!=0 ){
+ if( (f2&MEM_Int)!=0 ){
+ return -sqlite3IntFloatCompare(pMem2->u.i, pMem1->u.r);
+ }else{
+ return -1;
+ }
+ }
+ return +1;
+ }
+
+ /* If one value is a string and the other is a blob, the string is less.
+ ** If both are strings, compare using the collating functions.
+ */
+ if( combined_flags&MEM_Str ){
+ if( (f1 & MEM_Str)==0 ){
+ return 1;
+ }
+ if( (f2 & MEM_Str)==0 ){
+ return -1;
+ }
+
+ assert( pMem1->enc==pMem2->enc || pMem1->db->mallocFailed );
+ assert( pMem1->enc==SQLITE_UTF8 ||
+ pMem1->enc==SQLITE_UTF16LE || pMem1->enc==SQLITE_UTF16BE );
+
+ /* The collation sequence must be defined at this point, even if
+ ** the user deletes the collation sequence after the vdbe program is
+ ** compiled (this was not always the case).
+ */
+ assert( !pColl || pColl->xCmp );
+
+ if( pColl ){
+ return vdbeCompareMemString(pMem1, pMem2, pColl, 0);
+ }
+ /* If a NULL pointer was passed as the collate function, fall through
+ ** to the blob case and use memcmp(). */
+ }
+
+ /* Both values must be blobs. Compare using memcmp(). */
+ return sqlite3BlobCompare(pMem1, pMem2);
+}
+
+
+/*
+** The first argument passed to this function is a serial-type that
+** corresponds to an integer - all values between 1 and 9 inclusive
+** except 7. The second points to a buffer containing an integer value
+** serialized according to serial_type. This function deserializes
+** and returns the value.
+*/
+static i64 vdbeRecordDecodeInt(u32 serial_type, const u8 *aKey){
+ u32 y;
+ assert( CORRUPT_DB || (serial_type>=1 && serial_type<=9 && serial_type!=7) );
+ switch( serial_type ){
+ case 0:
+ case 1:
+ testcase( aKey[0]&0x80 );
+ return ONE_BYTE_INT(aKey);
+ case 2:
+ testcase( aKey[0]&0x80 );
+ return TWO_BYTE_INT(aKey);
+ case 3:
+ testcase( aKey[0]&0x80 );
+ return THREE_BYTE_INT(aKey);
+ case 4: {
+ testcase( aKey[0]&0x80 );
+ y = FOUR_BYTE_UINT(aKey);
+ return (i64)*(int*)&y;
+ }
+ case 5: {
+ testcase( aKey[0]&0x80 );
+ return FOUR_BYTE_UINT(aKey+2) + (((i64)1)<<32)*TWO_BYTE_INT(aKey);
+ }
+ case 6: {
+ u64 x = FOUR_BYTE_UINT(aKey);
+ testcase( aKey[0]&0x80 );
+ x = (x<<32) | FOUR_BYTE_UINT(aKey+4);
+ return (i64)*(i64*)&x;
+ }
+ }
+
+ return (serial_type - 8);
+}
+
+/*
+** This function compares the two table rows or index records
+** specified by {nKey1, pKey1} and pPKey2. It returns a negative, zero
+** or positive integer if key1 is less than, equal to or
+** greater than key2. The {nKey1, pKey1} key must be a blob
+** created by the OP_MakeRecord opcode of the VDBE. The pPKey2
+** key must be a parsed key such as obtained from
+** sqlite3VdbeParseRecord.
+**
+** If argument bSkip is non-zero, it is assumed that the caller has already
+** determined that the first fields of the keys are equal.
+**
+** Key1 and Key2 do not have to contain the same number of fields. If all
+** fields that appear in both keys are equal, then pPKey2->default_rc is
+** returned.
+**
+** If database corruption is discovered, set pPKey2->errCode to
+** SQLITE_CORRUPT and return 0. If an OOM error is encountered,
+** pPKey2->errCode is set to SQLITE_NOMEM and, if it is not NULL, the
+** malloc-failed flag set on database handle (pPKey2->pKeyInfo->db).
+*/
+SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
+ int nKey1, const void *pKey1, /* Left key */
+ UnpackedRecord *pPKey2, /* Right key */
+ int bSkip /* If true, skip the first field */
+){
+ u32 d1; /* Offset into aKey[] of next data element */
+ int i; /* Index of next field to compare */
+ u32 szHdr1; /* Size of record header in bytes */
+ u32 idx1; /* Offset of first type in header */
+ int rc = 0; /* Return value */
+ Mem *pRhs = pPKey2->aMem; /* Next field of pPKey2 to compare */
+ KeyInfo *pKeyInfo = pPKey2->pKeyInfo;
+ const unsigned char *aKey1 = (const unsigned char *)pKey1;
+ Mem mem1;
+
+ /* If bSkip is true, then the caller has already determined that the first
+ ** two elements in the keys are equal. Fix the various stack variables so
+ ** that this routine begins comparing at the second field. */
+ if( bSkip ){
+ u32 s1;
+ idx1 = 1 + getVarint32(&aKey1[1], s1);
+ szHdr1 = aKey1[0];
+ d1 = szHdr1 + sqlite3VdbeSerialTypeLen(s1);
+ i = 1;
+ pRhs++;
+ }else{
+ idx1 = getVarint32(aKey1, szHdr1);
+ d1 = szHdr1;
+ if( d1>(unsigned)nKey1 ){
+ pPKey2->errCode = (u8)SQLITE_CORRUPT_BKPT;
+ return 0; /* Corruption */
+ }
+ i = 0;
+ }
+
+ VVA_ONLY( mem1.szMalloc = 0; ) /* Only needed by assert() statements */
+ assert( pPKey2->pKeyInfo->nField+pPKey2->pKeyInfo->nXField>=pPKey2->nField
+ || CORRUPT_DB );
+ assert( pPKey2->pKeyInfo->aSortOrder!=0 );
+ assert( pPKey2->pKeyInfo->nField>0 );
+ assert( idx1<=szHdr1 || CORRUPT_DB );
+ do{
+ u32 serial_type;
+
+ /* RHS is an integer */
+ if( pRhs->flags & MEM_Int ){
+ serial_type = aKey1[idx1];
+ testcase( serial_type==12 );
+ if( serial_type>=10 ){
+ rc = +1;
+ }else if( serial_type==0 ){
+ rc = -1;
+ }else if( serial_type==7 ){
+ sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
+ rc = -sqlite3IntFloatCompare(pRhs->u.i, mem1.u.r);
+ }else{
+ i64 lhs = vdbeRecordDecodeInt(serial_type, &aKey1[d1]);
+ i64 rhs = pRhs->u.i;
+ if( lhs<rhs ){
+ rc = -1;
+ }else if( lhs>rhs ){
+ rc = +1;
+ }
+ }
+ }
+
+ /* RHS is real */
+ else if( pRhs->flags & MEM_Real ){
+ serial_type = aKey1[idx1];
+ if( serial_type>=10 ){
+ /* Serial types 12 or greater are strings and blobs (greater than
+ ** numbers). Types 10 and 11 are currently "reserved for future
+ ** use", so it doesn't really matter what the results of comparing
+ ** them to numberic values are. */
+ rc = +1;
+ }else if( serial_type==0 ){
+ rc = -1;
+ }else{
+ sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
+ if( serial_type==7 ){
+ if( mem1.u.r<pRhs->u.r ){
+ rc = -1;
+ }else if( mem1.u.r>pRhs->u.r ){
+ rc = +1;
+ }
+ }else{
+ rc = sqlite3IntFloatCompare(mem1.u.i, pRhs->u.r);
+ }
+ }
+ }
+
+ /* RHS is a string */
+ else if( pRhs->flags & MEM_Str ){
+ getVarint32(&aKey1[idx1], serial_type);
+ testcase( serial_type==12 );
+ if( serial_type<12 ){
+ rc = -1;
+ }else if( !(serial_type & 0x01) ){
+ rc = +1;
+ }else{
+ mem1.n = (serial_type - 12) / 2;
+ testcase( (d1+mem1.n)==(unsigned)nKey1 );
+ testcase( (d1+mem1.n+1)==(unsigned)nKey1 );
+ if( (d1+mem1.n) > (unsigned)nKey1 ){
+ pPKey2->errCode = (u8)SQLITE_CORRUPT_BKPT;
+ return 0; /* Corruption */
+ }else if( pKeyInfo->aColl[i] ){
+ mem1.enc = pKeyInfo->enc;
+ mem1.db = pKeyInfo->db;
+ mem1.flags = MEM_Str;
+ mem1.z = (char*)&aKey1[d1];
+ rc = vdbeCompareMemString(
+ &mem1, pRhs, pKeyInfo->aColl[i], &pPKey2->errCode
+ );
+ }else{
+ int nCmp = MIN(mem1.n, pRhs->n);
+ rc = memcmp(&aKey1[d1], pRhs->z, nCmp);
+ if( rc==0 ) rc = mem1.n - pRhs->n;
+ }
+ }
+ }
+
+ /* RHS is a blob */
+ else if( pRhs->flags & MEM_Blob ){
+ getVarint32(&aKey1[idx1], serial_type);
+ testcase( serial_type==12 );
+ if( serial_type<12 || (serial_type & 0x01) ){
+ rc = -1;
+ }else{
+ int nStr = (serial_type - 12) / 2;
+ testcase( (d1+nStr)==(unsigned)nKey1 );
+ testcase( (d1+nStr+1)==(unsigned)nKey1 );
+ if( (d1+nStr) > (unsigned)nKey1 ){
+ pPKey2->errCode = (u8)SQLITE_CORRUPT_BKPT;
+ return 0; /* Corruption */
+ }else{
+ int nCmp = MIN(nStr, pRhs->n);
+ rc = memcmp(&aKey1[d1], pRhs->z, nCmp);
+ if( rc==0 ) rc = nStr - pRhs->n;
+ }
+ }
+ }
+
+ /* RHS is null */
+ else{
+ serial_type = aKey1[idx1];
+ rc = (serial_type!=0);
+ }
+
+ if( rc!=0 ){
+ if( pKeyInfo->aSortOrder[i] ){
+ rc = -rc;
+ }
+ assert( vdbeRecordCompareDebug(nKey1, pKey1, pPKey2, rc) );
+ assert( mem1.szMalloc==0 ); /* See comment below */
+ return rc;
+ }
+
+ i++;
+ pRhs++;
+ d1 += sqlite3VdbeSerialTypeLen(serial_type);
+ idx1 += sqlite3VarintLen(serial_type);
+ }while( idx1<(unsigned)szHdr1 && i<pPKey2->nField && d1<=(unsigned)nKey1 );
+
+ /* No memory allocation is ever used on mem1. Prove this using
+ ** the following assert(). If the assert() fails, it indicates a
+ ** memory leak and a need to call sqlite3VdbeMemRelease(&mem1). */
+ assert( mem1.szMalloc==0 );
+
+ /* rc==0 here means that one or both of the keys ran out of fields and
+ ** all the fields up to that point were equal. Return the default_rc
+ ** value. */
+ assert( CORRUPT_DB
+ || vdbeRecordCompareDebug(nKey1, pKey1, pPKey2, pPKey2->default_rc)
+ || pKeyInfo->db->mallocFailed
+ );
+ pPKey2->eqSeen = 1;
+ return pPKey2->default_rc;
+}
+SQLITE_PRIVATE int sqlite3VdbeRecordCompare(
+ int nKey1, const void *pKey1, /* Left key */
+ UnpackedRecord *pPKey2 /* Right key */
+){
+ return sqlite3VdbeRecordCompareWithSkip(nKey1, pKey1, pPKey2, 0);
+}
+
+
+/*
+** This function is an optimized version of sqlite3VdbeRecordCompare()
+** that (a) the first field of pPKey2 is an integer, and (b) the
+** size-of-header varint at the start of (pKey1/nKey1) fits in a single
+** byte (i.e. is less than 128).
+**
+** To avoid concerns about buffer overreads, this routine is only used
+** on schemas where the maximum valid header size is 63 bytes or less.
+*/
+static int vdbeRecordCompareInt(
+ int nKey1, const void *pKey1, /* Left key */
+ UnpackedRecord *pPKey2 /* Right key */
+){
+ const u8 *aKey = &((const u8*)pKey1)[*(const u8*)pKey1 & 0x3F];
+ int serial_type = ((const u8*)pKey1)[1];
+ int res;
+ u32 y;
+ u64 x;
+ i64 v = pPKey2->aMem[0].u.i;
+ i64 lhs;
+
+ vdbeAssertFieldCountWithinLimits(nKey1, pKey1, pPKey2->pKeyInfo);
+ assert( (*(u8*)pKey1)<=0x3F || CORRUPT_DB );
+ switch( serial_type ){
+ case 1: { /* 1-byte signed integer */
+ lhs = ONE_BYTE_INT(aKey);
+ testcase( lhs<0 );
+ break;
+ }
+ case 2: { /* 2-byte signed integer */
+ lhs = TWO_BYTE_INT(aKey);
+ testcase( lhs<0 );
+ break;
+ }
+ case 3: { /* 3-byte signed integer */
+ lhs = THREE_BYTE_INT(aKey);
+ testcase( lhs<0 );
+ break;
+ }
+ case 4: { /* 4-byte signed integer */
+ y = FOUR_BYTE_UINT(aKey);
+ lhs = (i64)*(int*)&y;
+ testcase( lhs<0 );
+ break;
+ }
+ case 5: { /* 6-byte signed integer */
+ lhs = FOUR_BYTE_UINT(aKey+2) + (((i64)1)<<32)*TWO_BYTE_INT(aKey);
+ testcase( lhs<0 );
+ break;
+ }
+ case 6: { /* 8-byte signed integer */
+ x = FOUR_BYTE_UINT(aKey);
+ x = (x<<32) | FOUR_BYTE_UINT(aKey+4);
+ lhs = *(i64*)&x;
+ testcase( lhs<0 );
+ break;
+ }
+ case 8:
+ lhs = 0;
+ break;
+ case 9:
+ lhs = 1;
+ break;
+
+ /* This case could be removed without changing the results of running
+ ** this code. Including it causes gcc to generate a faster switch
+ ** statement (since the range of switch targets now starts at zero and
+ ** is contiguous) but does not cause any duplicate code to be generated
+ ** (as gcc is clever enough to combine the two like cases). Other
+ ** compilers might be similar. */
+ case 0: case 7:
+ return sqlite3VdbeRecordCompare(nKey1, pKey1, pPKey2);
+
+ default:
+ return sqlite3VdbeRecordCompare(nKey1, pKey1, pPKey2);
+ }
+
+ if( v>lhs ){
+ res = pPKey2->r1;
+ }else if( v<lhs ){
+ res = pPKey2->r2;
+ }else if( pPKey2->nField>1 ){
+ /* The first fields of the two keys are equal. Compare the trailing
+ ** fields. */
+ res = sqlite3VdbeRecordCompareWithSkip(nKey1, pKey1, pPKey2, 1);
+ }else{
+ /* The first fields of the two keys are equal and there are no trailing
+ ** fields. Return pPKey2->default_rc in this case. */
+ res = pPKey2->default_rc;
+ pPKey2->eqSeen = 1;
+ }
+
+ assert( vdbeRecordCompareDebug(nKey1, pKey1, pPKey2, res) );
+ return res;
+}
+
+/*
+** This function is an optimized version of sqlite3VdbeRecordCompare()
+** that (a) the first field of pPKey2 is a string, that (b) the first field
+** uses the collation sequence BINARY and (c) that the size-of-header varint
+** at the start of (pKey1/nKey1) fits in a single byte.
+*/
+static int vdbeRecordCompareString(
+ int nKey1, const void *pKey1, /* Left key */
+ UnpackedRecord *pPKey2 /* Right key */
+){
+ const u8 *aKey1 = (const u8*)pKey1;
+ int serial_type;
+ int res;
+
+ assert( pPKey2->aMem[0].flags & MEM_Str );
+ vdbeAssertFieldCountWithinLimits(nKey1, pKey1, pPKey2->pKeyInfo);
+ getVarint32(&aKey1[1], serial_type);
+ if( serial_type<12 ){
+ res = pPKey2->r1; /* (pKey1/nKey1) is a number or a null */
+ }else if( !(serial_type & 0x01) ){
+ res = pPKey2->r2; /* (pKey1/nKey1) is a blob */
+ }else{
+ int nCmp;
+ int nStr;
+ int szHdr = aKey1[0];
+
+ nStr = (serial_type-12) / 2;
+ if( (szHdr + nStr) > nKey1 ){
+ pPKey2->errCode = (u8)SQLITE_CORRUPT_BKPT;
+ return 0; /* Corruption */
+ }
+ nCmp = MIN( pPKey2->aMem[0].n, nStr );
+ res = memcmp(&aKey1[szHdr], pPKey2->aMem[0].z, nCmp);
+
+ if( res==0 ){
+ res = nStr - pPKey2->aMem[0].n;
+ if( res==0 ){
+ if( pPKey2->nField>1 ){
+ res = sqlite3VdbeRecordCompareWithSkip(nKey1, pKey1, pPKey2, 1);
+ }else{
+ res = pPKey2->default_rc;
+ pPKey2->eqSeen = 1;
+ }
+ }else if( res>0 ){
+ res = pPKey2->r2;
+ }else{
+ res = pPKey2->r1;
+ }
+ }else if( res>0 ){
+ res = pPKey2->r2;
+ }else{
+ res = pPKey2->r1;
+ }
+ }
+
+ assert( vdbeRecordCompareDebug(nKey1, pKey1, pPKey2, res)
+ || CORRUPT_DB
+ || pPKey2->pKeyInfo->db->mallocFailed
+ );
+ return res;
+}
+
+/*
+** Return a pointer to an sqlite3VdbeRecordCompare() compatible function
+** suitable for comparing serialized records to the unpacked record passed
+** as the only argument.
+*/
+SQLITE_PRIVATE RecordCompare sqlite3VdbeFindCompare(UnpackedRecord *p){
+ /* varintRecordCompareInt() and varintRecordCompareString() both assume
+ ** that the size-of-header varint that occurs at the start of each record
+ ** fits in a single byte (i.e. is 127 or less). varintRecordCompareInt()
+ ** also assumes that it is safe to overread a buffer by at least the
+ ** maximum possible legal header size plus 8 bytes. Because there is
+ ** guaranteed to be at least 74 (but not 136) bytes of padding following each
+ ** buffer passed to varintRecordCompareInt() this makes it convenient to
+ ** limit the size of the header to 64 bytes in cases where the first field
+ ** is an integer.
+ **
+ ** The easiest way to enforce this limit is to consider only records with
+ ** 13 fields or less. If the first field is an integer, the maximum legal
+ ** header size is (12*5 + 1 + 1) bytes. */
+ if( (p->pKeyInfo->nField + p->pKeyInfo->nXField)<=13 ){
+ int flags = p->aMem[0].flags;
+ if( p->pKeyInfo->aSortOrder[0] ){
+ p->r1 = 1;
+ p->r2 = -1;
+ }else{
+ p->r1 = -1;
+ p->r2 = 1;
+ }
+ if( (flags & MEM_Int) ){
+ return vdbeRecordCompareInt;
+ }
+ testcase( flags & MEM_Real );
+ testcase( flags & MEM_Null );
+ testcase( flags & MEM_Blob );
+ if( (flags & (MEM_Real|MEM_Null|MEM_Blob))==0 && p->pKeyInfo->aColl[0]==0 ){
+ assert( flags & MEM_Str );
+ return vdbeRecordCompareString;
+ }
+ }
+
+ return sqlite3VdbeRecordCompare;
+}
+
+/*
+** pCur points at an index entry created using the OP_MakeRecord opcode.
+** Read the rowid (the last field in the record) and store it in *rowid.
+** Return SQLITE_OK if everything works, or an error code otherwise.
+**
+** pCur might be pointing to text obtained from a corrupt database file.
+** So the content cannot be trusted. Do appropriate checks on the content.
+*/
+SQLITE_PRIVATE int sqlite3VdbeIdxRowid(sqlite3 *db, BtCursor *pCur, i64 *rowid){
+ i64 nCellKey = 0;
+ int rc;
+ u32 szHdr; /* Size of the header */
+ u32 typeRowid; /* Serial type of the rowid */
+ u32 lenRowid; /* Size of the rowid */
+ Mem m, v;
+
+ /* Get the size of the index entry. Only indices entries of less
+ ** than 2GiB are support - anything large must be database corruption.
+ ** Any corruption is detected in sqlite3BtreeParseCellPtr(), though, so
+ ** this code can safely assume that nCellKey is 32-bits
+ */
+ assert( sqlite3BtreeCursorIsValid(pCur) );
+ VVA_ONLY(rc =) sqlite3BtreeKeySize(pCur, &nCellKey);
+ assert( rc==SQLITE_OK ); /* pCur is always valid so KeySize cannot fail */
+ assert( (nCellKey & SQLITE_MAX_U32)==(u64)nCellKey );
+
+ /* Read in the complete content of the index entry */
+ sqlite3VdbeMemInit(&m, db, 0);
+ rc = sqlite3VdbeMemFromBtree(pCur, 0, (u32)nCellKey, 1, &m);
+ if( rc ){
+ return rc;
+ }
+
+ /* The index entry must begin with a header size */
+ (void)getVarint32((u8*)m.z, szHdr);
+ testcase( szHdr==3 );
+ testcase( szHdr==m.n );
+ if( unlikely(szHdr<3 || (int)szHdr>m.n) ){
+ goto idx_rowid_corruption;
+ }
+
+ /* The last field of the index should be an integer - the ROWID.
+ ** Verify that the last entry really is an integer. */
+ (void)getVarint32((u8*)&m.z[szHdr-1], typeRowid);
+ testcase( typeRowid==1 );
+ testcase( typeRowid==2 );
+ testcase( typeRowid==3 );
+ testcase( typeRowid==4 );
+ testcase( typeRowid==5 );
+ testcase( typeRowid==6 );
+ testcase( typeRowid==8 );
+ testcase( typeRowid==9 );
+ if( unlikely(typeRowid<1 || typeRowid>9 || typeRowid==7) ){
+ goto idx_rowid_corruption;
+ }
+ lenRowid = sqlite3SmallTypeSizes[typeRowid];
+ testcase( (u32)m.n==szHdr+lenRowid );
+ if( unlikely((u32)m.n<szHdr+lenRowid) ){
+ goto idx_rowid_corruption;
+ }
+
+ /* Fetch the integer off the end of the index record */
+ sqlite3VdbeSerialGet((u8*)&m.z[m.n-lenRowid], typeRowid, &v);
+ *rowid = v.u.i;
+ sqlite3VdbeMemRelease(&m);
+ return SQLITE_OK;
+
+ /* Jump here if database corruption is detected after m has been
+ ** allocated. Free the m object and return SQLITE_CORRUPT. */
+idx_rowid_corruption:
+ testcase( m.szMalloc!=0 );
+ sqlite3VdbeMemRelease(&m);
+ return SQLITE_CORRUPT_BKPT;
+}
+
+/*
+** Compare the key of the index entry that cursor pC is pointing to against
+** the key string in pUnpacked. Write into *pRes a number
+** that is negative, zero, or positive if pC is less than, equal to,
+** or greater than pUnpacked. Return SQLITE_OK on success.
+**
+** pUnpacked is either created without a rowid or is truncated so that it
+** omits the rowid at the end. The rowid at the end of the index entry
+** is ignored as well. Hence, this routine only compares the prefixes
+** of the keys prior to the final rowid, not the entire key.
+*/
+SQLITE_PRIVATE int sqlite3VdbeIdxKeyCompare(
+ sqlite3 *db, /* Database connection */
+ VdbeCursor *pC, /* The cursor to compare against */
+ UnpackedRecord *pUnpacked, /* Unpacked version of key */
+ int *res /* Write the comparison result here */
+){
+ i64 nCellKey = 0;
+ int rc;
+ BtCursor *pCur;
+ Mem m;
+
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pCur = pC->uc.pCursor;
+ assert( sqlite3BtreeCursorIsValid(pCur) );
+ VVA_ONLY(rc =) sqlite3BtreeKeySize(pCur, &nCellKey);
+ assert( rc==SQLITE_OK ); /* pCur is always valid so KeySize cannot fail */
+ /* nCellKey will always be between 0 and 0xffffffff because of the way
+ ** that btreeParseCellPtr() and sqlite3GetVarint32() are implemented */
+ if( nCellKey<=0 || nCellKey>0x7fffffff ){
+ *res = 0;
+ return SQLITE_CORRUPT_BKPT;
+ }
+ sqlite3VdbeMemInit(&m, db, 0);
+ rc = sqlite3VdbeMemFromBtree(pCur, 0, (u32)nCellKey, 1, &m);
+ if( rc ){
+ return rc;
+ }
+ *res = sqlite3VdbeRecordCompare(m.n, m.z, pUnpacked);
+ sqlite3VdbeMemRelease(&m);
+ return SQLITE_OK;
+}
+
+/*
+** This routine sets the value to be returned by subsequent calls to
+** sqlite3_changes() on the database handle 'db'.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSetChanges(sqlite3 *db, int nChange){
+ assert( sqlite3_mutex_held(db->mutex) );
+ db->nChange = nChange;
+ db->nTotalChange += nChange;
+}
+
+/*
+** Set a flag in the vdbe to update the change counter when it is finalised
+** or reset.
+*/
+SQLITE_PRIVATE void sqlite3VdbeCountChanges(Vdbe *v){
+ v->changeCntOn = 1;
+}
+
+/*
+** Mark every prepared statement associated with a database connection
+** as expired.
+**
+** An expired statement means that recompilation of the statement is
+** recommend. Statements expire when things happen that make their
+** programs obsolete. Removing user-defined functions or collating
+** sequences, or changing an authorization function are the types of
+** things that make prepared statements obsolete.
+*/
+SQLITE_PRIVATE void sqlite3ExpirePreparedStatements(sqlite3 *db){
+ Vdbe *p;
+ for(p = db->pVdbe; p; p=p->pNext){
+ p->expired = 1;
+ }
+}
+
+/*
+** Return the database associated with the Vdbe.
+*/
+SQLITE_PRIVATE sqlite3 *sqlite3VdbeDb(Vdbe *v){
+ return v->db;
+}
+
+/*
+** Return a pointer to an sqlite3_value structure containing the value bound
+** parameter iVar of VM v. Except, if the value is an SQL NULL, return
+** 0 instead. Unless it is NULL, apply affinity aff (one of the SQLITE_AFF_*
+** constants) to the value before returning it.
+**
+** The returned value must be freed by the caller using sqlite3ValueFree().
+*/
+SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetBoundValue(Vdbe *v, int iVar, u8 aff){
+ assert( iVar>0 );
+ if( v ){
+ Mem *pMem = &v->aVar[iVar-1];
+ if( 0==(pMem->flags & MEM_Null) ){
+ sqlite3_value *pRet = sqlite3ValueNew(v->db);
+ if( pRet ){
+ sqlite3VdbeMemCopy((Mem *)pRet, pMem);
+ sqlite3ValueApplyAffinity(pRet, aff, SQLITE_UTF8);
+ }
+ return pRet;
+ }
+ }
+ return 0;
+}
+
+/*
+** Configure SQL variable iVar so that binding a new value to it signals
+** to sqlite3_reoptimize() that re-preparing the statement may result
+** in a better query plan.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSetVarmask(Vdbe *v, int iVar){
+ assert( iVar>0 );
+ if( iVar>32 ){
+ v->expmask = 0xffffffff;
+ }else{
+ v->expmask |= ((u32)1 << (iVar-1));
+ }
+}
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Transfer error message text from an sqlite3_vtab.zErrMsg (text stored
+** in memory obtained from sqlite3_malloc) into a Vdbe.zErrMsg (text stored
+** in memory obtained from sqlite3DbMalloc).
+*/
+SQLITE_PRIVATE void sqlite3VtabImportErrmsg(Vdbe *p, sqlite3_vtab *pVtab){
+ sqlite3 *db = p->db;
+ sqlite3DbFree(db, p->zErrMsg);
+ p->zErrMsg = sqlite3DbStrDup(db, pVtab->zErrMsg);
+ sqlite3_free(pVtab->zErrMsg);
+ pVtab->zErrMsg = 0;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/************** End of vdbeaux.c *********************************************/
+/************** Begin file vdbeapi.c *****************************************/
+/*
+** 2004 May 26
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code use to implement APIs that are part of the
+** VDBE.
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+#ifndef SQLITE_OMIT_DEPRECATED
+/*
+** Return TRUE (non-zero) of the statement supplied as an argument needs
+** to be recompiled. A statement needs to be recompiled whenever the
+** execution environment changes in a way that would alter the program
+** that sqlite3_prepare() generates. For example, if new functions or
+** collating sequences are registered or if an authorizer function is
+** added or changed.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_expired(sqlite3_stmt *pStmt){
+ Vdbe *p = (Vdbe*)pStmt;
+ return p==0 || p->expired;
+}
+#endif
+
+/*
+** Check on a Vdbe to make sure it has not been finalized. Log
+** an error and return true if it has been finalized (or is otherwise
+** invalid). Return false if it is ok.
+*/
+static int vdbeSafety(Vdbe *p){
+ if( p->db==0 ){
+ sqlite3_log(SQLITE_MISUSE, "API called with finalized prepared statement");
+ return 1;
+ }else{
+ return 0;
+ }
+}
+static int vdbeSafetyNotNull(Vdbe *p){
+ if( p==0 ){
+ sqlite3_log(SQLITE_MISUSE, "API called with NULL prepared statement");
+ return 1;
+ }else{
+ return vdbeSafety(p);
+ }
+}
+
+#ifndef SQLITE_OMIT_TRACE
+/*
+** Invoke the profile callback. This routine is only called if we already
+** know that the profile callback is defined and needs to be invoked.
+*/
+static SQLITE_NOINLINE void invokeProfileCallback(sqlite3 *db, Vdbe *p){
+ sqlite3_int64 iNow;
+ assert( p->startTime>0 );
+ assert( db->xProfile!=0 );
+ assert( db->init.busy==0 );
+ assert( p->zSql!=0 );
+ sqlite3OsCurrentTimeInt64(db->pVfs, &iNow);
+ db->xProfile(db->pProfileArg, p->zSql, (iNow - p->startTime)*1000000);
+ p->startTime = 0;
+}
+/*
+** The checkProfileCallback(DB,P) macro checks to see if a profile callback
+** is needed, and it invokes the callback if it is needed.
+*/
+# define checkProfileCallback(DB,P) \
+ if( ((P)->startTime)>0 ){ invokeProfileCallback(DB,P); }
+#else
+# define checkProfileCallback(DB,P) /*no-op*/
+#endif
+
+/*
+** The following routine destroys a virtual machine that is created by
+** the sqlite3_compile() routine. The integer returned is an SQLITE_
+** success/failure code that describes the result of executing the virtual
+** machine.
+**
+** This routine sets the error code and string returned by
+** sqlite3_errcode(), sqlite3_errmsg() and sqlite3_errmsg16().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_finalize(sqlite3_stmt *pStmt){
+ int rc;
+ if( pStmt==0 ){
+ /* IMPLEMENTATION-OF: R-57228-12904 Invoking sqlite3_finalize() on a NULL
+ ** pointer is a harmless no-op. */
+ rc = SQLITE_OK;
+ }else{
+ Vdbe *v = (Vdbe*)pStmt;
+ sqlite3 *db = v->db;
+ if( vdbeSafety(v) ) return SQLITE_MISUSE_BKPT;
+ sqlite3_mutex_enter(db->mutex);
+ checkProfileCallback(db, v);
+ rc = sqlite3VdbeFinalize(v);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3LeaveMutexAndCloseZombie(db);
+ }
+ return rc;
+}
+
+/*
+** Terminate the current execution of an SQL statement and reset it
+** back to its starting state so that it can be reused. A success code from
+** the prior execution is returned.
+**
+** This routine sets the error code and string returned by
+** sqlite3_errcode(), sqlite3_errmsg() and sqlite3_errmsg16().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_reset(sqlite3_stmt *pStmt){
+ int rc;
+ if( pStmt==0 ){
+ rc = SQLITE_OK;
+ }else{
+ Vdbe *v = (Vdbe*)pStmt;
+ sqlite3 *db = v->db;
+ sqlite3_mutex_enter(db->mutex);
+ checkProfileCallback(db, v);
+ rc = sqlite3VdbeReset(v);
+ sqlite3VdbeRewind(v);
+ assert( (rc & (db->errMask))==rc );
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ }
+ return rc;
+}
+
+/*
+** Set all the parameters in the compiled SQL statement to NULL.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_clear_bindings(sqlite3_stmt *pStmt){
+ int i;
+ int rc = SQLITE_OK;
+ Vdbe *p = (Vdbe*)pStmt;
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex = ((Vdbe*)pStmt)->db->mutex;
+#endif
+ sqlite3_mutex_enter(mutex);
+ for(i=0; i<p->nVar; i++){
+ sqlite3VdbeMemRelease(&p->aVar[i]);
+ p->aVar[i].flags = MEM_Null;
+ }
+ if( p->isPrepareV2 && p->expmask ){
+ p->expired = 1;
+ }
+ sqlite3_mutex_leave(mutex);
+ return rc;
+}
+
+
+/**************************** sqlite3_value_ *******************************
+** The following routines extract information from a Mem or sqlite3_value
+** structure.
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_blob(sqlite3_value *pVal){
+ Mem *p = (Mem*)pVal;
+ if( p->flags & (MEM_Blob|MEM_Str) ){
+ if( sqlite3VdbeMemExpandBlob(p)!=SQLITE_OK ){
+ assert( p->flags==MEM_Null && p->z==0 );
+ return 0;
+ }
+ p->flags |= MEM_Blob;
+ return p->n ? p->z : 0;
+ }else{
+ return sqlite3_value_text(pVal);
+ }
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_value_bytes(sqlite3_value *pVal){
+ return sqlite3ValueBytes(pVal, SQLITE_UTF8);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_value_bytes16(sqlite3_value *pVal){
+ return sqlite3ValueBytes(pVal, SQLITE_UTF16NATIVE);
+}
+SQLITE_API double SQLITE_STDCALL sqlite3_value_double(sqlite3_value *pVal){
+ return sqlite3VdbeRealValue((Mem*)pVal);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_value_int(sqlite3_value *pVal){
+ return (int)sqlite3VdbeIntValue((Mem*)pVal);
+}
+SQLITE_API sqlite_int64 SQLITE_STDCALL sqlite3_value_int64(sqlite3_value *pVal){
+ return sqlite3VdbeIntValue((Mem*)pVal);
+}
+SQLITE_API unsigned int SQLITE_STDCALL sqlite3_value_subtype(sqlite3_value *pVal){
+ return ((Mem*)pVal)->eSubtype;
+}
+SQLITE_API const unsigned char *SQLITE_STDCALL sqlite3_value_text(sqlite3_value *pVal){
+ return (const unsigned char *)sqlite3ValueText(pVal, SQLITE_UTF8);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16(sqlite3_value* pVal){
+ return sqlite3ValueText(pVal, SQLITE_UTF16NATIVE);
+}
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16be(sqlite3_value *pVal){
+ return sqlite3ValueText(pVal, SQLITE_UTF16BE);
+}
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16le(sqlite3_value *pVal){
+ return sqlite3ValueText(pVal, SQLITE_UTF16LE);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+/* EVIDENCE-OF: R-12793-43283 Every value in SQLite has one of five
+** fundamental datatypes: 64-bit signed integer 64-bit IEEE floating
+** point number string BLOB NULL
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_value_type(sqlite3_value* pVal){
+ static const u8 aType[] = {
+ SQLITE_BLOB, /* 0x00 */
+ SQLITE_NULL, /* 0x01 */
+ SQLITE_TEXT, /* 0x02 */
+ SQLITE_NULL, /* 0x03 */
+ SQLITE_INTEGER, /* 0x04 */
+ SQLITE_NULL, /* 0x05 */
+ SQLITE_INTEGER, /* 0x06 */
+ SQLITE_NULL, /* 0x07 */
+ SQLITE_FLOAT, /* 0x08 */
+ SQLITE_NULL, /* 0x09 */
+ SQLITE_FLOAT, /* 0x0a */
+ SQLITE_NULL, /* 0x0b */
+ SQLITE_INTEGER, /* 0x0c */
+ SQLITE_NULL, /* 0x0d */
+ SQLITE_INTEGER, /* 0x0e */
+ SQLITE_NULL, /* 0x0f */
+ SQLITE_BLOB, /* 0x10 */
+ SQLITE_NULL, /* 0x11 */
+ SQLITE_TEXT, /* 0x12 */
+ SQLITE_NULL, /* 0x13 */
+ SQLITE_INTEGER, /* 0x14 */
+ SQLITE_NULL, /* 0x15 */
+ SQLITE_INTEGER, /* 0x16 */
+ SQLITE_NULL, /* 0x17 */
+ SQLITE_FLOAT, /* 0x18 */
+ SQLITE_NULL, /* 0x19 */
+ SQLITE_FLOAT, /* 0x1a */
+ SQLITE_NULL, /* 0x1b */
+ SQLITE_INTEGER, /* 0x1c */
+ SQLITE_NULL, /* 0x1d */
+ SQLITE_INTEGER, /* 0x1e */
+ SQLITE_NULL, /* 0x1f */
+ };
+ return aType[pVal->flags&MEM_AffMask];
+}
+
+/* Make a copy of an sqlite3_value object
+*/
+SQLITE_API sqlite3_value *SQLITE_STDCALL sqlite3_value_dup(const sqlite3_value *pOrig){
+ sqlite3_value *pNew;
+ if( pOrig==0 ) return 0;
+ pNew = sqlite3_malloc( sizeof(*pNew) );
+ if( pNew==0 ) return 0;
+ memset(pNew, 0, sizeof(*pNew));
+ memcpy(pNew, pOrig, MEMCELLSIZE);
+ pNew->flags &= ~MEM_Dyn;
+ pNew->db = 0;
+ if( pNew->flags&(MEM_Str|MEM_Blob) ){
+ pNew->flags &= ~(MEM_Static|MEM_Dyn);
+ pNew->flags |= MEM_Ephem;
+ if( sqlite3VdbeMemMakeWriteable(pNew)!=SQLITE_OK ){
+ sqlite3ValueFree(pNew);
+ pNew = 0;
+ }
+ }
+ return pNew;
+}
+
+/* Destroy an sqlite3_value object previously obtained from
+** sqlite3_value_dup().
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_value_free(sqlite3_value *pOld){
+ sqlite3ValueFree(pOld);
+}
+
+
+/**************************** sqlite3_result_ *******************************
+** The following routines are used by user-defined functions to specify
+** the function result.
+**
+** The setStrOrError() function calls sqlite3VdbeMemSetStr() to store the
+** result as a string or blob but if the string or blob is too large, it
+** then sets the error code to SQLITE_TOOBIG
+**
+** The invokeValueDestructor(P,X) routine invokes destructor function X()
+** on value P is not going to be used and need to be destroyed.
+*/
+static void setResultStrOrError(
+ sqlite3_context *pCtx, /* Function context */
+ const char *z, /* String pointer */
+ int n, /* Bytes in string, or negative */
+ u8 enc, /* Encoding of z. 0 for BLOBs */
+ void (*xDel)(void*) /* Destructor function */
+){
+ if( sqlite3VdbeMemSetStr(pCtx->pOut, z, n, enc, xDel)==SQLITE_TOOBIG ){
+ sqlite3_result_error_toobig(pCtx);
+ }
+}
+static int invokeValueDestructor(
+ const void *p, /* Value to destroy */
+ void (*xDel)(void*), /* The destructor */
+ sqlite3_context *pCtx /* Set a SQLITE_TOOBIG error if no NULL */
+){
+ assert( xDel!=SQLITE_DYNAMIC );
+ if( xDel==0 ){
+ /* noop */
+ }else if( xDel==SQLITE_TRANSIENT ){
+ /* noop */
+ }else{
+ xDel((void*)p);
+ }
+ if( pCtx ) sqlite3_result_error_toobig(pCtx);
+ return SQLITE_TOOBIG;
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_blob(
+ sqlite3_context *pCtx,
+ const void *z,
+ int n,
+ void (*xDel)(void *)
+){
+ assert( n>=0 );
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ setResultStrOrError(pCtx, z, n, 0, xDel);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_blob64(
+ sqlite3_context *pCtx,
+ const void *z,
+ sqlite3_uint64 n,
+ void (*xDel)(void *)
+){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ assert( xDel!=SQLITE_DYNAMIC );
+ if( n>0x7fffffff ){
+ (void)invokeValueDestructor(z, xDel, pCtx);
+ }else{
+ setResultStrOrError(pCtx, z, (int)n, 0, xDel);
+ }
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_double(sqlite3_context *pCtx, double rVal){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemSetDouble(pCtx->pOut, rVal);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error(sqlite3_context *pCtx, const char *z, int n){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ pCtx->isError = SQLITE_ERROR;
+ pCtx->fErrorOrAux = 1;
+ sqlite3VdbeMemSetStr(pCtx->pOut, z, n, SQLITE_UTF8, SQLITE_TRANSIENT);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error16(sqlite3_context *pCtx, const void *z, int n){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ pCtx->isError = SQLITE_ERROR;
+ pCtx->fErrorOrAux = 1;
+ sqlite3VdbeMemSetStr(pCtx->pOut, z, n, SQLITE_UTF16NATIVE, SQLITE_TRANSIENT);
+}
+#endif
+SQLITE_API void SQLITE_STDCALL sqlite3_result_int(sqlite3_context *pCtx, int iVal){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemSetInt64(pCtx->pOut, (i64)iVal);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_int64(sqlite3_context *pCtx, i64 iVal){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemSetInt64(pCtx->pOut, iVal);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_null(sqlite3_context *pCtx){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemSetNull(pCtx->pOut);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_subtype(sqlite3_context *pCtx, unsigned int eSubtype){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ pCtx->pOut->eSubtype = eSubtype & 0xff;
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text(
+ sqlite3_context *pCtx,
+ const char *z,
+ int n,
+ void (*xDel)(void *)
+){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ setResultStrOrError(pCtx, z, n, SQLITE_UTF8, xDel);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text64(
+ sqlite3_context *pCtx,
+ const char *z,
+ sqlite3_uint64 n,
+ void (*xDel)(void *),
+ unsigned char enc
+){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ assert( xDel!=SQLITE_DYNAMIC );
+ if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
+ if( n>0x7fffffff ){
+ (void)invokeValueDestructor(z, xDel, pCtx);
+ }else{
+ setResultStrOrError(pCtx, z, (int)n, enc, xDel);
+ }
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16(
+ sqlite3_context *pCtx,
+ const void *z,
+ int n,
+ void (*xDel)(void *)
+){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ setResultStrOrError(pCtx, z, n, SQLITE_UTF16NATIVE, xDel);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16be(
+ sqlite3_context *pCtx,
+ const void *z,
+ int n,
+ void (*xDel)(void *)
+){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ setResultStrOrError(pCtx, z, n, SQLITE_UTF16BE, xDel);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16le(
+ sqlite3_context *pCtx,
+ const void *z,
+ int n,
+ void (*xDel)(void *)
+){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ setResultStrOrError(pCtx, z, n, SQLITE_UTF16LE, xDel);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+SQLITE_API void SQLITE_STDCALL sqlite3_result_value(sqlite3_context *pCtx, sqlite3_value *pValue){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemCopy(pCtx->pOut, pValue);
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_zeroblob(sqlite3_context *pCtx, int n){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemSetZeroBlob(pCtx->pOut, n);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_result_zeroblob64(sqlite3_context *pCtx, u64 n){
+ Mem *pOut = pCtx->pOut;
+ assert( sqlite3_mutex_held(pOut->db->mutex) );
+ if( n>(u64)pOut->db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ return SQLITE_TOOBIG;
+ }
+ sqlite3VdbeMemSetZeroBlob(pCtx->pOut, (int)n);
+ return SQLITE_OK;
+}
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_code(sqlite3_context *pCtx, int errCode){
+ pCtx->isError = errCode;
+ pCtx->fErrorOrAux = 1;
+#ifdef SQLITE_DEBUG
+ if( pCtx->pVdbe ) pCtx->pVdbe->rcApp = errCode;
+#endif
+ if( pCtx->pOut->flags & MEM_Null ){
+ sqlite3VdbeMemSetStr(pCtx->pOut, sqlite3ErrStr(errCode), -1,
+ SQLITE_UTF8, SQLITE_STATIC);
+ }
+}
+
+/* Force an SQLITE_TOOBIG error. */
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_toobig(sqlite3_context *pCtx){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ pCtx->isError = SQLITE_TOOBIG;
+ pCtx->fErrorOrAux = 1;
+ sqlite3VdbeMemSetStr(pCtx->pOut, "string or blob too big", -1,
+ SQLITE_UTF8, SQLITE_STATIC);
+}
+
+/* An SQLITE_NOMEM error. */
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_nomem(sqlite3_context *pCtx){
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ sqlite3VdbeMemSetNull(pCtx->pOut);
+ pCtx->isError = SQLITE_NOMEM;
+ pCtx->fErrorOrAux = 1;
+ pCtx->pOut->db->mallocFailed = 1;
+}
+
+/*
+** This function is called after a transaction has been committed. It
+** invokes callbacks registered with sqlite3_wal_hook() as required.
+*/
+static int doWalCallbacks(sqlite3 *db){
+ int rc = SQLITE_OK;
+#ifndef SQLITE_OMIT_WAL
+ int i;
+ for(i=0; i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ int nEntry;
+ sqlite3BtreeEnter(pBt);
+ nEntry = sqlite3PagerWalCallback(sqlite3BtreePager(pBt));
+ sqlite3BtreeLeave(pBt);
+ if( db->xWalCallback && nEntry>0 && rc==SQLITE_OK ){
+ rc = db->xWalCallback(db->pWalArg, db, db->aDb[i].zName, nEntry);
+ }
+ }
+ }
+#endif
+ return rc;
+}
+
+
+/*
+** Execute the statement pStmt, either until a row of data is ready, the
+** statement is completely executed or an error occurs.
+**
+** This routine implements the bulk of the logic behind the sqlite_step()
+** API. The only thing omitted is the automatic recompile if a
+** schema change has occurred. That detail is handled by the
+** outer sqlite3_step() wrapper procedure.
+*/
+static int sqlite3Step(Vdbe *p){
+ sqlite3 *db;
+ int rc;
+
+ assert(p);
+ if( p->magic!=VDBE_MAGIC_RUN ){
+ /* We used to require that sqlite3_reset() be called before retrying
+ ** sqlite3_step() after any error or after SQLITE_DONE. But beginning
+ ** with version 3.7.0, we changed this so that sqlite3_reset() would
+ ** be called automatically instead of throwing the SQLITE_MISUSE error.
+ ** This "automatic-reset" change is not technically an incompatibility,
+ ** since any application that receives an SQLITE_MISUSE is broken by
+ ** definition.
+ **
+ ** Nevertheless, some published applications that were originally written
+ ** for version 3.6.23 or earlier do in fact depend on SQLITE_MISUSE
+ ** returns, and those were broken by the automatic-reset change. As a
+ ** a work-around, the SQLITE_OMIT_AUTORESET compile-time restores the
+ ** legacy behavior of returning SQLITE_MISUSE for cases where the
+ ** previous sqlite3_step() returned something other than a SQLITE_LOCKED
+ ** or SQLITE_BUSY error.
+ */
+#ifdef SQLITE_OMIT_AUTORESET
+ if( (rc = p->rc&0xff)==SQLITE_BUSY || rc==SQLITE_LOCKED ){
+ sqlite3_reset((sqlite3_stmt*)p);
+ }else{
+ return SQLITE_MISUSE_BKPT;
+ }
+#else
+ sqlite3_reset((sqlite3_stmt*)p);
+#endif
+ }
+
+ /* Check that malloc() has not failed. If it has, return early. */
+ db = p->db;
+ if( db->mallocFailed ){
+ p->rc = SQLITE_NOMEM;
+ return SQLITE_NOMEM;
+ }
+
+ if( p->pc<=0 && p->expired ){
+ p->rc = SQLITE_SCHEMA;
+ rc = SQLITE_ERROR;
+ goto end_of_step;
+ }
+ if( p->pc<0 ){
+ /* If there are no other statements currently running, then
+ ** reset the interrupt flag. This prevents a call to sqlite3_interrupt
+ ** from interrupting a statement that has not yet started.
+ */
+ if( db->nVdbeActive==0 ){
+ db->u1.isInterrupted = 0;
+ }
+
+ assert( db->nVdbeWrite>0 || db->autoCommit==0
+ || (db->nDeferredCons==0 && db->nDeferredImmCons==0)
+ );
+
+#ifndef SQLITE_OMIT_TRACE
+ if( db->xProfile && !db->init.busy && p->zSql ){
+ sqlite3OsCurrentTimeInt64(db->pVfs, &p->startTime);
+ }else{
+ assert( p->startTime==0 );
+ }
+#endif
+
+ db->nVdbeActive++;
+ if( p->readOnly==0 ) db->nVdbeWrite++;
+ if( p->bIsReader ) db->nVdbeRead++;
+ p->pc = 0;
+ }
+#ifdef SQLITE_DEBUG
+ p->rcApp = SQLITE_OK;
+#endif
+#ifndef SQLITE_OMIT_EXPLAIN
+ if( p->explain ){
+ rc = sqlite3VdbeList(p);
+ }else
+#endif /* SQLITE_OMIT_EXPLAIN */
+ {
+ db->nVdbeExec++;
+ rc = sqlite3VdbeExec(p);
+ db->nVdbeExec--;
+ }
+
+#ifndef SQLITE_OMIT_TRACE
+ /* If the statement completed successfully, invoke the profile callback */
+ if( rc!=SQLITE_ROW ) checkProfileCallback(db, p);
+#endif
+
+ if( rc==SQLITE_DONE ){
+ assert( p->rc==SQLITE_OK );
+ p->rc = doWalCallbacks(db);
+ if( p->rc!=SQLITE_OK ){
+ rc = SQLITE_ERROR;
+ }
+ }
+
+ db->errCode = rc;
+ if( SQLITE_NOMEM==sqlite3ApiExit(p->db, p->rc) ){
+ p->rc = SQLITE_NOMEM;
+ }
+end_of_step:
+ /* At this point local variable rc holds the value that should be
+ ** returned if this statement was compiled using the legacy
+ ** sqlite3_prepare() interface. According to the docs, this can only
+ ** be one of the values in the first assert() below. Variable p->rc
+ ** contains the value that would be returned if sqlite3_finalize()
+ ** were called on statement p.
+ */
+ assert( rc==SQLITE_ROW || rc==SQLITE_DONE || rc==SQLITE_ERROR
+ || (rc&0xff)==SQLITE_BUSY || rc==SQLITE_MISUSE
+ );
+ assert( (p->rc!=SQLITE_ROW && p->rc!=SQLITE_DONE) || p->rc==p->rcApp );
+ if( p->isPrepareV2 && rc!=SQLITE_ROW && rc!=SQLITE_DONE ){
+ /* If this statement was prepared using sqlite3_prepare_v2(), and an
+ ** error has occurred, then return the error code in p->rc to the
+ ** caller. Set the error code in the database handle to the same value.
+ */
+ rc = sqlite3VdbeTransferError(p);
+ }
+ return (rc&db->errMask);
+}
+
+/*
+** This is the top-level implementation of sqlite3_step(). Call
+** sqlite3Step() to do most of the work. If a schema error occurs,
+** call sqlite3Reprepare() and try again.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_step(sqlite3_stmt *pStmt){
+ int rc = SQLITE_OK; /* Result from sqlite3Step() */
+ int rc2 = SQLITE_OK; /* Result from sqlite3Reprepare() */
+ Vdbe *v = (Vdbe*)pStmt; /* the prepared statement */
+ int cnt = 0; /* Counter to prevent infinite loop of reprepares */
+ sqlite3 *db; /* The database connection */
+
+ if( vdbeSafetyNotNull(v) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ db = v->db;
+ sqlite3_mutex_enter(db->mutex);
+ v->doingRerun = 0;
+ while( (rc = sqlite3Step(v))==SQLITE_SCHEMA
+ && cnt++ < SQLITE_MAX_SCHEMA_RETRY ){
+ int savedPc = v->pc;
+ rc2 = rc = sqlite3Reprepare(v);
+ if( rc!=SQLITE_OK) break;
+ sqlite3_reset(pStmt);
+ if( savedPc>=0 ) v->doingRerun = 1;
+ assert( v->expired==0 );
+ }
+ if( rc2!=SQLITE_OK ){
+ /* This case occurs after failing to recompile an sql statement.
+ ** The error message from the SQL compiler has already been loaded
+ ** into the database handle. This block copies the error message
+ ** from the database handle into the statement and sets the statement
+ ** program counter to 0 to ensure that when the statement is
+ ** finalized or reset the parser error message is available via
+ ** sqlite3_errmsg() and sqlite3_errcode().
+ */
+ const char *zErr = (const char *)sqlite3_value_text(db->pErr);
+ sqlite3DbFree(db, v->zErrMsg);
+ if( !db->mallocFailed ){
+ v->zErrMsg = sqlite3DbStrDup(db, zErr);
+ v->rc = rc2;
+ } else {
+ v->zErrMsg = 0;
+ v->rc = rc = SQLITE_NOMEM;
+ }
+ }
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+
+/*
+** Extract the user data from a sqlite3_context structure and return a
+** pointer to it.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_user_data(sqlite3_context *p){
+ assert( p && p->pFunc );
+ return p->pFunc->pUserData;
+}
+
+/*
+** Extract the user data from a sqlite3_context structure and return a
+** pointer to it.
+**
+** IMPLEMENTATION-OF: R-46798-50301 The sqlite3_context_db_handle() interface
+** returns a copy of the pointer to the database connection (the 1st
+** parameter) of the sqlite3_create_function() and
+** sqlite3_create_function16() routines that originally registered the
+** application defined function.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3_context_db_handle(sqlite3_context *p){
+ assert( p && p->pOut );
+ return p->pOut->db;
+}
+
+/*
+** Return the current time for a statement. If the current time
+** is requested more than once within the same run of a single prepared
+** statement, the exact same time is returned for each invocation regardless
+** of the amount of time that elapses between invocations. In other words,
+** the time returned is always the time of the first call.
+*/
+SQLITE_PRIVATE sqlite3_int64 sqlite3StmtCurrentTime(sqlite3_context *p){
+ int rc;
+#ifndef SQLITE_ENABLE_STAT3_OR_STAT4
+ sqlite3_int64 *piTime = &p->pVdbe->iCurrentTime;
+ assert( p->pVdbe!=0 );
+#else
+ sqlite3_int64 iTime = 0;
+ sqlite3_int64 *piTime = p->pVdbe!=0 ? &p->pVdbe->iCurrentTime : &iTime;
+#endif
+ if( *piTime==0 ){
+ rc = sqlite3OsCurrentTimeInt64(p->pOut->db->pVfs, piTime);
+ if( rc ) *piTime = 0;
+ }
+ return *piTime;
+}
+
+/*
+** The following is the implementation of an SQL function that always
+** fails with an error message stating that the function is used in the
+** wrong context. The sqlite3_overload_function() API might construct
+** SQL function that use this routine so that the functions will exist
+** for name resolution but are actually overloaded by the xFindFunction
+** method of virtual tables.
+*/
+SQLITE_PRIVATE void sqlite3InvalidFunction(
+ sqlite3_context *context, /* The function calling context */
+ int NotUsed, /* Number of arguments to the function */
+ sqlite3_value **NotUsed2 /* Value of each argument */
+){
+ const char *zName = context->pFunc->zName;
+ char *zErr;
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ zErr = sqlite3_mprintf(
+ "unable to use function %s in the requested context", zName);
+ sqlite3_result_error(context, zErr, -1);
+ sqlite3_free(zErr);
+}
+
+/*
+** Create a new aggregate context for p and return a pointer to
+** its pMem->z element.
+*/
+static SQLITE_NOINLINE void *createAggContext(sqlite3_context *p, int nByte){
+ Mem *pMem = p->pMem;
+ assert( (pMem->flags & MEM_Agg)==0 );
+ if( nByte<=0 ){
+ sqlite3VdbeMemSetNull(pMem);
+ pMem->z = 0;
+ }else{
+ sqlite3VdbeMemClearAndResize(pMem, nByte);
+ pMem->flags = MEM_Agg;
+ pMem->u.pDef = p->pFunc;
+ if( pMem->z ){
+ memset(pMem->z, 0, nByte);
+ }
+ }
+ return (void*)pMem->z;
+}
+
+/*
+** Allocate or return the aggregate context for a user function. A new
+** context is allocated on the first call. Subsequent calls return the
+** same context that was returned on prior calls.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_aggregate_context(sqlite3_context *p, int nByte){
+ assert( p && p->pFunc && p->pFunc->xStep );
+ assert( sqlite3_mutex_held(p->pOut->db->mutex) );
+ testcase( nByte<0 );
+ if( (p->pMem->flags & MEM_Agg)==0 ){
+ return createAggContext(p, nByte);
+ }else{
+ return (void*)p->pMem->z;
+ }
+}
+
+/*
+** Return the auxiliary data pointer, if any, for the iArg'th argument to
+** the user-function defined by pCtx.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_get_auxdata(sqlite3_context *pCtx, int iArg){
+ AuxData *pAuxData;
+
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+#if SQLITE_ENABLE_STAT3_OR_STAT4
+ if( pCtx->pVdbe==0 ) return 0;
+#else
+ assert( pCtx->pVdbe!=0 );
+#endif
+ for(pAuxData=pCtx->pVdbe->pAuxData; pAuxData; pAuxData=pAuxData->pNext){
+ if( pAuxData->iOp==pCtx->iOp && pAuxData->iArg==iArg ) break;
+ }
+
+ return (pAuxData ? pAuxData->pAux : 0);
+}
+
+/*
+** Set the auxiliary data pointer and delete function, for the iArg'th
+** argument to the user-function defined by pCtx. Any previous value is
+** deleted by calling the delete function specified when it was set.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_set_auxdata(
+ sqlite3_context *pCtx,
+ int iArg,
+ void *pAux,
+ void (*xDelete)(void*)
+){
+ AuxData *pAuxData;
+ Vdbe *pVdbe = pCtx->pVdbe;
+
+ assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
+ if( iArg<0 ) goto failed;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( pVdbe==0 ) goto failed;
+#else
+ assert( pVdbe!=0 );
+#endif
+
+ for(pAuxData=pVdbe->pAuxData; pAuxData; pAuxData=pAuxData->pNext){
+ if( pAuxData->iOp==pCtx->iOp && pAuxData->iArg==iArg ) break;
+ }
+ if( pAuxData==0 ){
+ pAuxData = sqlite3DbMallocZero(pVdbe->db, sizeof(AuxData));
+ if( !pAuxData ) goto failed;
+ pAuxData->iOp = pCtx->iOp;
+ pAuxData->iArg = iArg;
+ pAuxData->pNext = pVdbe->pAuxData;
+ pVdbe->pAuxData = pAuxData;
+ if( pCtx->fErrorOrAux==0 ){
+ pCtx->isError = 0;
+ pCtx->fErrorOrAux = 1;
+ }
+ }else if( pAuxData->xDelete ){
+ pAuxData->xDelete(pAuxData->pAux);
+ }
+
+ pAuxData->pAux = pAux;
+ pAuxData->xDelete = xDelete;
+ return;
+
+failed:
+ if( xDelete ){
+ xDelete(pAux);
+ }
+}
+
+#ifndef SQLITE_OMIT_DEPRECATED
+/*
+** Return the number of times the Step function of an aggregate has been
+** called.
+**
+** This function is deprecated. Do not use it for new code. It is
+** provide only to avoid breaking legacy code. New aggregate function
+** implementations should keep their own counts within their aggregate
+** context.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_aggregate_count(sqlite3_context *p){
+ assert( p && p->pMem && p->pFunc && p->pFunc->xStep );
+ return p->pMem->n;
+}
+#endif
+
+/*
+** Return the number of columns in the result set for the statement pStmt.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_column_count(sqlite3_stmt *pStmt){
+ Vdbe *pVm = (Vdbe *)pStmt;
+ return pVm ? pVm->nResColumn : 0;
+}
+
+/*
+** Return the number of values available from the current row of the
+** currently executing statement pStmt.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_data_count(sqlite3_stmt *pStmt){
+ Vdbe *pVm = (Vdbe *)pStmt;
+ if( pVm==0 || pVm->pResultSet==0 ) return 0;
+ return pVm->nResColumn;
+}
+
+/*
+** Return a pointer to static memory containing an SQL NULL value.
+*/
+static const Mem *columnNullValue(void){
+ /* Even though the Mem structure contains an element
+ ** of type i64, on certain architectures (x86) with certain compiler
+ ** switches (-Os), gcc may align this Mem object on a 4-byte boundary
+ ** instead of an 8-byte one. This all works fine, except that when
+ ** running with SQLITE_DEBUG defined the SQLite code sometimes assert()s
+ ** that a Mem structure is located on an 8-byte boundary. To prevent
+ ** these assert()s from failing, when building with SQLITE_DEBUG defined
+ ** using gcc, we force nullMem to be 8-byte aligned using the magical
+ ** __attribute__((aligned(8))) macro. */
+ static const Mem nullMem
+#if defined(SQLITE_DEBUG) && defined(__GNUC__)
+ __attribute__((aligned(8)))
+#endif
+ = {
+ /* .u = */ {0},
+ /* .flags = */ (u16)MEM_Null,
+ /* .enc = */ (u8)0,
+ /* .eSubtype = */ (u8)0,
+ /* .n = */ (int)0,
+ /* .z = */ (char*)0,
+ /* .zMalloc = */ (char*)0,
+ /* .szMalloc = */ (int)0,
+ /* .uTemp = */ (u32)0,
+ /* .db = */ (sqlite3*)0,
+ /* .xDel = */ (void(*)(void*))0,
+#ifdef SQLITE_DEBUG
+ /* .pScopyFrom = */ (Mem*)0,
+ /* .pFiller = */ (void*)0,
+#endif
+ };
+ return &nullMem;
+}
+
+/*
+** Check to see if column iCol of the given statement is valid. If
+** it is, return a pointer to the Mem for the value of that column.
+** If iCol is not valid, return a pointer to a Mem which has a value
+** of NULL.
+*/
+static Mem *columnMem(sqlite3_stmt *pStmt, int i){
+ Vdbe *pVm;
+ Mem *pOut;
+
+ pVm = (Vdbe *)pStmt;
+ if( pVm && pVm->pResultSet!=0 && i<pVm->nResColumn && i>=0 ){
+ sqlite3_mutex_enter(pVm->db->mutex);
+ pOut = &pVm->pResultSet[i];
+ }else{
+ if( pVm && ALWAYS(pVm->db) ){
+ sqlite3_mutex_enter(pVm->db->mutex);
+ sqlite3Error(pVm->db, SQLITE_RANGE);
+ }
+ pOut = (Mem*)columnNullValue();
+ }
+ return pOut;
+}
+
+/*
+** This function is called after invoking an sqlite3_value_XXX function on a
+** column value (i.e. a value returned by evaluating an SQL expression in the
+** select list of a SELECT statement) that may cause a malloc() failure. If
+** malloc() has failed, the threads mallocFailed flag is cleared and the result
+** code of statement pStmt set to SQLITE_NOMEM.
+**
+** Specifically, this is called from within:
+**
+** sqlite3_column_int()
+** sqlite3_column_int64()
+** sqlite3_column_text()
+** sqlite3_column_text16()
+** sqlite3_column_real()
+** sqlite3_column_bytes()
+** sqlite3_column_bytes16()
+** sqiite3_column_blob()
+*/
+static void columnMallocFailure(sqlite3_stmt *pStmt)
+{
+ /* If malloc() failed during an encoding conversion within an
+ ** sqlite3_column_XXX API, then set the return code of the statement to
+ ** SQLITE_NOMEM. The next call to _step() (if any) will return SQLITE_ERROR
+ ** and _finalize() will return NOMEM.
+ */
+ Vdbe *p = (Vdbe *)pStmt;
+ if( p ){
+ p->rc = sqlite3ApiExit(p->db, p->rc);
+ sqlite3_mutex_leave(p->db->mutex);
+ }
+}
+
+/**************************** sqlite3_column_ *******************************
+** The following routines are used to access elements of the current row
+** in the result set.
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_blob(sqlite3_stmt *pStmt, int i){
+ const void *val;
+ val = sqlite3_value_blob( columnMem(pStmt,i) );
+ /* Even though there is no encoding conversion, value_blob() might
+ ** need to call malloc() to expand the result of a zeroblob()
+ ** expression.
+ */
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_column_bytes(sqlite3_stmt *pStmt, int i){
+ int val = sqlite3_value_bytes( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_column_bytes16(sqlite3_stmt *pStmt, int i){
+ int val = sqlite3_value_bytes16( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API double SQLITE_STDCALL sqlite3_column_double(sqlite3_stmt *pStmt, int i){
+ double val = sqlite3_value_double( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_column_int(sqlite3_stmt *pStmt, int i){
+ int val = sqlite3_value_int( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API sqlite_int64 SQLITE_STDCALL sqlite3_column_int64(sqlite3_stmt *pStmt, int i){
+ sqlite_int64 val = sqlite3_value_int64( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API const unsigned char *SQLITE_STDCALL sqlite3_column_text(sqlite3_stmt *pStmt, int i){
+ const unsigned char *val = sqlite3_value_text( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+SQLITE_API sqlite3_value *SQLITE_STDCALL sqlite3_column_value(sqlite3_stmt *pStmt, int i){
+ Mem *pOut = columnMem(pStmt, i);
+ if( pOut->flags&MEM_Static ){
+ pOut->flags &= ~MEM_Static;
+ pOut->flags |= MEM_Ephem;
+ }
+ columnMallocFailure(pStmt);
+ return (sqlite3_value *)pOut;
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_text16(sqlite3_stmt *pStmt, int i){
+ const void *val = sqlite3_value_text16( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return val;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+SQLITE_API int SQLITE_STDCALL sqlite3_column_type(sqlite3_stmt *pStmt, int i){
+ int iType = sqlite3_value_type( columnMem(pStmt,i) );
+ columnMallocFailure(pStmt);
+ return iType;
+}
+
+/*
+** Convert the N-th element of pStmt->pColName[] into a string using
+** xFunc() then return that string. If N is out of range, return 0.
+**
+** There are up to 5 names for each column. useType determines which
+** name is returned. Here are the names:
+**
+** 0 The column name as it should be displayed for output
+** 1 The datatype name for the column
+** 2 The name of the database that the column derives from
+** 3 The name of the table that the column derives from
+** 4 The name of the table column that the result column derives from
+**
+** If the result is not a simple column reference (if it is an expression
+** or a constant) then useTypes 2, 3, and 4 return NULL.
+*/
+static const void *columnName(
+ sqlite3_stmt *pStmt,
+ int N,
+ const void *(*xFunc)(Mem*),
+ int useType
+){
+ const void *ret;
+ Vdbe *p;
+ int n;
+ sqlite3 *db;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( pStmt==0 ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ ret = 0;
+ p = (Vdbe *)pStmt;
+ db = p->db;
+ assert( db!=0 );
+ n = sqlite3_column_count(pStmt);
+ if( N<n && N>=0 ){
+ N += useType*n;
+ sqlite3_mutex_enter(db->mutex);
+ assert( db->mallocFailed==0 );
+ ret = xFunc(&p->aColName[N]);
+ /* A malloc may have failed inside of the xFunc() call. If this
+ ** is the case, clear the mallocFailed flag and return NULL.
+ */
+ if( db->mallocFailed ){
+ db->mallocFailed = 0;
+ ret = 0;
+ }
+ sqlite3_mutex_leave(db->mutex);
+ }
+ return ret;
+}
+
+/*
+** Return the name of the Nth column of the result set returned by SQL
+** statement pStmt.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_name(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text, COLNAME_NAME);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_name16(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text16, COLNAME_NAME);
+}
+#endif
+
+/*
+** Constraint: If you have ENABLE_COLUMN_METADATA then you must
+** not define OMIT_DECLTYPE.
+*/
+#if defined(SQLITE_OMIT_DECLTYPE) && defined(SQLITE_ENABLE_COLUMN_METADATA)
+# error "Must not define both SQLITE_OMIT_DECLTYPE \
+ and SQLITE_ENABLE_COLUMN_METADATA"
+#endif
+
+#ifndef SQLITE_OMIT_DECLTYPE
+/*
+** Return the column declaration type (if applicable) of the 'i'th column
+** of the result set of SQL statement pStmt.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_decltype(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text, COLNAME_DECLTYPE);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_decltype16(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text16, COLNAME_DECLTYPE);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+#endif /* SQLITE_OMIT_DECLTYPE */
+
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+/*
+** Return the name of the database from which a result column derives.
+** NULL is returned if the result column is an expression or constant or
+** anything else which is not an unambiguous reference to a database column.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_database_name(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text, COLNAME_DATABASE);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_database_name16(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text16, COLNAME_DATABASE);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+/*
+** Return the name of the table from which a result column derives.
+** NULL is returned if the result column is an expression or constant or
+** anything else which is not an unambiguous reference to a database column.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_table_name(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text, COLNAME_TABLE);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_table_name16(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text16, COLNAME_TABLE);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+/*
+** Return the name of the table column from which a result column derives.
+** NULL is returned if the result column is an expression or constant or
+** anything else which is not an unambiguous reference to a database column.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_origin_name(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text, COLNAME_COLUMN);
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_origin_name16(sqlite3_stmt *pStmt, int N){
+ return columnName(
+ pStmt, N, (const void*(*)(Mem*))sqlite3_value_text16, COLNAME_COLUMN);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+#endif /* SQLITE_ENABLE_COLUMN_METADATA */
+
+
+/******************************* sqlite3_bind_ ***************************
+**
+** Routines used to attach values to wildcards in a compiled SQL statement.
+*/
+/*
+** Unbind the value bound to variable i in virtual machine p. This is the
+** the same as binding a NULL value to the column. If the "i" parameter is
+** out of range, then SQLITE_RANGE is returned. Othewise SQLITE_OK.
+**
+** A successful evaluation of this routine acquires the mutex on p.
+** the mutex is released if any kind of error occurs.
+**
+** The error code stored in database p->db is overwritten with the return
+** value in any case.
+*/
+static int vdbeUnbind(Vdbe *p, int i){
+ Mem *pVar;
+ if( vdbeSafetyNotNull(p) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ sqlite3_mutex_enter(p->db->mutex);
+ if( p->magic!=VDBE_MAGIC_RUN || p->pc>=0 ){
+ sqlite3Error(p->db, SQLITE_MISUSE);
+ sqlite3_mutex_leave(p->db->mutex);
+ sqlite3_log(SQLITE_MISUSE,
+ "bind on a busy prepared statement: [%s]", p->zSql);
+ return SQLITE_MISUSE_BKPT;
+ }
+ if( i<1 || i>p->nVar ){
+ sqlite3Error(p->db, SQLITE_RANGE);
+ sqlite3_mutex_leave(p->db->mutex);
+ return SQLITE_RANGE;
+ }
+ i--;
+ pVar = &p->aVar[i];
+ sqlite3VdbeMemRelease(pVar);
+ pVar->flags = MEM_Null;
+ sqlite3Error(p->db, SQLITE_OK);
+
+ /* If the bit corresponding to this variable in Vdbe.expmask is set, then
+ ** binding a new value to this variable invalidates the current query plan.
+ **
+ ** IMPLEMENTATION-OF: R-48440-37595 If the specific value bound to host
+ ** parameter in the WHERE clause might influence the choice of query plan
+ ** for a statement, then the statement will be automatically recompiled,
+ ** as if there had been a schema change, on the first sqlite3_step() call
+ ** following any change to the bindings of that parameter.
+ */
+ if( p->isPrepareV2 &&
+ ((i<32 && p->expmask & ((u32)1 << i)) || p->expmask==0xffffffff)
+ ){
+ p->expired = 1;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Bind a text or BLOB value.
+*/
+static int bindText(
+ sqlite3_stmt *pStmt, /* The statement to bind against */
+ int i, /* Index of the parameter to bind */
+ const void *zData, /* Pointer to the data to be bound */
+ int nData, /* Number of bytes of data to be bound */
+ void (*xDel)(void*), /* Destructor for the data */
+ u8 encoding /* Encoding for the data */
+){
+ Vdbe *p = (Vdbe *)pStmt;
+ Mem *pVar;
+ int rc;
+
+ rc = vdbeUnbind(p, i);
+ if( rc==SQLITE_OK ){
+ if( zData!=0 ){
+ pVar = &p->aVar[i-1];
+ rc = sqlite3VdbeMemSetStr(pVar, zData, nData, encoding, xDel);
+ if( rc==SQLITE_OK && encoding!=0 ){
+ rc = sqlite3VdbeChangeEncoding(pVar, ENC(p->db));
+ }
+ sqlite3Error(p->db, rc);
+ rc = sqlite3ApiExit(p->db, rc);
+ }
+ sqlite3_mutex_leave(p->db->mutex);
+ }else if( xDel!=SQLITE_STATIC && xDel!=SQLITE_TRANSIENT ){
+ xDel((void*)zData);
+ }
+ return rc;
+}
+
+
+/*
+** Bind a blob value to an SQL statement variable.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_blob(
+ sqlite3_stmt *pStmt,
+ int i,
+ const void *zData,
+ int nData,
+ void (*xDel)(void*)
+){
+ return bindText(pStmt, i, zData, nData, xDel, 0);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_blob64(
+ sqlite3_stmt *pStmt,
+ int i,
+ const void *zData,
+ sqlite3_uint64 nData,
+ void (*xDel)(void*)
+){
+ assert( xDel!=SQLITE_DYNAMIC );
+ if( nData>0x7fffffff ){
+ return invokeValueDestructor(zData, xDel, 0);
+ }else{
+ return bindText(pStmt, i, zData, (int)nData, xDel, 0);
+ }
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_double(sqlite3_stmt *pStmt, int i, double rValue){
+ int rc;
+ Vdbe *p = (Vdbe *)pStmt;
+ rc = vdbeUnbind(p, i);
+ if( rc==SQLITE_OK ){
+ sqlite3VdbeMemSetDouble(&p->aVar[i-1], rValue);
+ sqlite3_mutex_leave(p->db->mutex);
+ }
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_int(sqlite3_stmt *p, int i, int iValue){
+ return sqlite3_bind_int64(p, i, (i64)iValue);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_int64(sqlite3_stmt *pStmt, int i, sqlite_int64 iValue){
+ int rc;
+ Vdbe *p = (Vdbe *)pStmt;
+ rc = vdbeUnbind(p, i);
+ if( rc==SQLITE_OK ){
+ sqlite3VdbeMemSetInt64(&p->aVar[i-1], iValue);
+ sqlite3_mutex_leave(p->db->mutex);
+ }
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_null(sqlite3_stmt *pStmt, int i){
+ int rc;
+ Vdbe *p = (Vdbe*)pStmt;
+ rc = vdbeUnbind(p, i);
+ if( rc==SQLITE_OK ){
+ sqlite3_mutex_leave(p->db->mutex);
+ }
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text(
+ sqlite3_stmt *pStmt,
+ int i,
+ const char *zData,
+ int nData,
+ void (*xDel)(void*)
+){
+ return bindText(pStmt, i, zData, nData, xDel, SQLITE_UTF8);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text64(
+ sqlite3_stmt *pStmt,
+ int i,
+ const char *zData,
+ sqlite3_uint64 nData,
+ void (*xDel)(void*),
+ unsigned char enc
+){
+ assert( xDel!=SQLITE_DYNAMIC );
+ if( nData>0x7fffffff ){
+ return invokeValueDestructor(zData, xDel, 0);
+ }else{
+ if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
+ return bindText(pStmt, i, zData, (int)nData, xDel, enc);
+ }
+}
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text16(
+ sqlite3_stmt *pStmt,
+ int i,
+ const void *zData,
+ int nData,
+ void (*xDel)(void*)
+){
+ return bindText(pStmt, i, zData, nData, xDel, SQLITE_UTF16NATIVE);
+}
+#endif /* SQLITE_OMIT_UTF16 */
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_value(sqlite3_stmt *pStmt, int i, const sqlite3_value *pValue){
+ int rc;
+ switch( sqlite3_value_type((sqlite3_value*)pValue) ){
+ case SQLITE_INTEGER: {
+ rc = sqlite3_bind_int64(pStmt, i, pValue->u.i);
+ break;
+ }
+ case SQLITE_FLOAT: {
+ rc = sqlite3_bind_double(pStmt, i, pValue->u.r);
+ break;
+ }
+ case SQLITE_BLOB: {
+ if( pValue->flags & MEM_Zero ){
+ rc = sqlite3_bind_zeroblob(pStmt, i, pValue->u.nZero);
+ }else{
+ rc = sqlite3_bind_blob(pStmt, i, pValue->z, pValue->n,SQLITE_TRANSIENT);
+ }
+ break;
+ }
+ case SQLITE_TEXT: {
+ rc = bindText(pStmt,i, pValue->z, pValue->n, SQLITE_TRANSIENT,
+ pValue->enc);
+ break;
+ }
+ default: {
+ rc = sqlite3_bind_null(pStmt, i);
+ break;
+ }
+ }
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_zeroblob(sqlite3_stmt *pStmt, int i, int n){
+ int rc;
+ Vdbe *p = (Vdbe *)pStmt;
+ rc = vdbeUnbind(p, i);
+ if( rc==SQLITE_OK ){
+ sqlite3VdbeMemSetZeroBlob(&p->aVar[i-1], n);
+ sqlite3_mutex_leave(p->db->mutex);
+ }
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_zeroblob64(sqlite3_stmt *pStmt, int i, sqlite3_uint64 n){
+ int rc;
+ Vdbe *p = (Vdbe *)pStmt;
+ sqlite3_mutex_enter(p->db->mutex);
+ if( n>(u64)p->db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ rc = SQLITE_TOOBIG;
+ }else{
+ assert( (n & 0x7FFFFFFF)==n );
+ rc = sqlite3_bind_zeroblob(pStmt, i, n);
+ }
+ rc = sqlite3ApiExit(p->db, rc);
+ sqlite3_mutex_leave(p->db->mutex);
+ return rc;
+}
+
+/*
+** Return the number of wildcards that can be potentially bound to.
+** This routine is added to support DBD::SQLite.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_parameter_count(sqlite3_stmt *pStmt){
+ Vdbe *p = (Vdbe*)pStmt;
+ return p ? p->nVar : 0;
+}
+
+/*
+** Return the name of a wildcard parameter. Return NULL if the index
+** is out of range or if the wildcard is unnamed.
+**
+** The result is always UTF-8.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_bind_parameter_name(sqlite3_stmt *pStmt, int i){
+ Vdbe *p = (Vdbe*)pStmt;
+ if( p==0 || i<1 || i>p->nzVar ){
+ return 0;
+ }
+ return p->azVar[i-1];
+}
+
+/*
+** Given a wildcard parameter name, return the index of the variable
+** with that name. If there is no variable with the given name,
+** return 0.
+*/
+SQLITE_PRIVATE int sqlite3VdbeParameterIndex(Vdbe *p, const char *zName, int nName){
+ int i;
+ if( p==0 ){
+ return 0;
+ }
+ if( zName ){
+ for(i=0; i<p->nzVar; i++){
+ const char *z = p->azVar[i];
+ if( z && strncmp(z,zName,nName)==0 && z[nName]==0 ){
+ return i+1;
+ }
+ }
+ }
+ return 0;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_parameter_index(sqlite3_stmt *pStmt, const char *zName){
+ return sqlite3VdbeParameterIndex((Vdbe*)pStmt, zName, sqlite3Strlen30(zName));
+}
+
+/*
+** Transfer all bindings from the first statement over to the second.
+*/
+SQLITE_PRIVATE int sqlite3TransferBindings(sqlite3_stmt *pFromStmt, sqlite3_stmt *pToStmt){
+ Vdbe *pFrom = (Vdbe*)pFromStmt;
+ Vdbe *pTo = (Vdbe*)pToStmt;
+ int i;
+ assert( pTo->db==pFrom->db );
+ assert( pTo->nVar==pFrom->nVar );
+ sqlite3_mutex_enter(pTo->db->mutex);
+ for(i=0; i<pFrom->nVar; i++){
+ sqlite3VdbeMemMove(&pTo->aVar[i], &pFrom->aVar[i]);
+ }
+ sqlite3_mutex_leave(pTo->db->mutex);
+ return SQLITE_OK;
+}
+
+#ifndef SQLITE_OMIT_DEPRECATED
+/*
+** Deprecated external interface. Internal/core SQLite code
+** should call sqlite3TransferBindings.
+**
+** It is misuse to call this routine with statements from different
+** database connections. But as this is a deprecated interface, we
+** will not bother to check for that condition.
+**
+** If the two statements contain a different number of bindings, then
+** an SQLITE_ERROR is returned. Nothing else can go wrong, so otherwise
+** SQLITE_OK is returned.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_transfer_bindings(sqlite3_stmt *pFromStmt, sqlite3_stmt *pToStmt){
+ Vdbe *pFrom = (Vdbe*)pFromStmt;
+ Vdbe *pTo = (Vdbe*)pToStmt;
+ if( pFrom->nVar!=pTo->nVar ){
+ return SQLITE_ERROR;
+ }
+ if( pTo->isPrepareV2 && pTo->expmask ){
+ pTo->expired = 1;
+ }
+ if( pFrom->isPrepareV2 && pFrom->expmask ){
+ pFrom->expired = 1;
+ }
+ return sqlite3TransferBindings(pFromStmt, pToStmt);
+}
+#endif
+
+/*
+** Return the sqlite3* database handle to which the prepared statement given
+** in the argument belongs. This is the same database handle that was
+** the first argument to the sqlite3_prepare() that was used to create
+** the statement in the first place.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3_db_handle(sqlite3_stmt *pStmt){
+ return pStmt ? ((Vdbe*)pStmt)->db : 0;
+}
+
+/*
+** Return true if the prepared statement is guaranteed to not modify the
+** database.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_readonly(sqlite3_stmt *pStmt){
+ return pStmt ? ((Vdbe*)pStmt)->readOnly : 1;
+}
+
+/*
+** Return true if the prepared statement is in need of being reset.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_busy(sqlite3_stmt *pStmt){
+ Vdbe *v = (Vdbe*)pStmt;
+ return v!=0 && v->pc>=0 && v->magic==VDBE_MAGIC_RUN;
+}
+
+/*
+** Return a pointer to the next prepared statement after pStmt associated
+** with database connection pDb. If pStmt is NULL, return the first
+** prepared statement for the database connection. Return NULL if there
+** are no more.
+*/
+SQLITE_API sqlite3_stmt *SQLITE_STDCALL sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt){
+ sqlite3_stmt *pNext;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(pDb) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(pDb->mutex);
+ if( pStmt==0 ){
+ pNext = (sqlite3_stmt*)pDb->pVdbe;
+ }else{
+ pNext = (sqlite3_stmt*)((Vdbe*)pStmt)->pNext;
+ }
+ sqlite3_mutex_leave(pDb->mutex);
+ return pNext;
+}
+
+/*
+** Return the value of a status counter for a prepared statement
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_status(sqlite3_stmt *pStmt, int op, int resetFlag){
+ Vdbe *pVdbe = (Vdbe*)pStmt;
+ u32 v;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !pStmt ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ v = pVdbe->aCounter[op];
+ if( resetFlag ) pVdbe->aCounter[op] = 0;
+ return (int)v;
+}
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+/*
+** Return status data for a single loop within query pStmt.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_scanstatus(
+ sqlite3_stmt *pStmt, /* Prepared statement being queried */
+ int idx, /* Index of loop to report on */
+ int iScanStatusOp, /* Which metric to return */
+ void *pOut /* OUT: Write the answer here */
+){
+ Vdbe *p = (Vdbe*)pStmt;
+ ScanStatus *pScan;
+ if( idx<0 || idx>=p->nScan ) return 1;
+ pScan = &p->aScan[idx];
+ switch( iScanStatusOp ){
+ case SQLITE_SCANSTAT_NLOOP: {
+ *(sqlite3_int64*)pOut = p->anExec[pScan->addrLoop];
+ break;
+ }
+ case SQLITE_SCANSTAT_NVISIT: {
+ *(sqlite3_int64*)pOut = p->anExec[pScan->addrVisit];
+ break;
+ }
+ case SQLITE_SCANSTAT_EST: {
+ double r = 1.0;
+ LogEst x = pScan->nEst;
+ while( x<100 ){
+ x += 10;
+ r *= 0.5;
+ }
+ *(double*)pOut = r*sqlite3LogEstToInt(x);
+ break;
+ }
+ case SQLITE_SCANSTAT_NAME: {
+ *(const char**)pOut = pScan->zName;
+ break;
+ }
+ case SQLITE_SCANSTAT_EXPLAIN: {
+ if( pScan->addrExplain ){
+ *(const char**)pOut = p->aOp[ pScan->addrExplain ].p4.z;
+ }else{
+ *(const char**)pOut = 0;
+ }
+ break;
+ }
+ case SQLITE_SCANSTAT_SELECTID: {
+ if( pScan->addrExplain ){
+ *(int*)pOut = p->aOp[ pScan->addrExplain ].p1;
+ }else{
+ *(int*)pOut = -1;
+ }
+ break;
+ }
+ default: {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** Zero all counters associated with the sqlite3_stmt_scanstatus() data.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_stmt_scanstatus_reset(sqlite3_stmt *pStmt){
+ Vdbe *p = (Vdbe*)pStmt;
+ memset(p->anExec, 0, p->nOp * sizeof(i64));
+}
+#endif /* SQLITE_ENABLE_STMT_SCANSTATUS */
+
+/************** End of vdbeapi.c *********************************************/
+/************** Begin file vdbetrace.c ***************************************/
+/*
+** 2009 November 25
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code used to insert the values of host parameters
+** (aka "wildcards") into the SQL text output by sqlite3_trace().
+**
+** The Vdbe parse-tree explainer is also found here.
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+#ifndef SQLITE_OMIT_TRACE
+
+/*
+** zSql is a zero-terminated string of UTF-8 SQL text. Return the number of
+** bytes in this text up to but excluding the first character in
+** a host parameter. If the text contains no host parameters, return
+** the total number of bytes in the text.
+*/
+static int findNextHostParameter(const char *zSql, int *pnToken){
+ int tokenType;
+ int nTotal = 0;
+ int n;
+
+ *pnToken = 0;
+ while( zSql[0] ){
+ n = sqlite3GetToken((u8*)zSql, &tokenType);
+ assert( n>0 && tokenType!=TK_ILLEGAL );
+ if( tokenType==TK_VARIABLE ){
+ *pnToken = n;
+ break;
+ }
+ nTotal += n;
+ zSql += n;
+ }
+ return nTotal;
+}
+
+/*
+** This function returns a pointer to a nul-terminated string in memory
+** obtained from sqlite3DbMalloc(). If sqlite3.nVdbeExec is 1, then the
+** string contains a copy of zRawSql but with host parameters expanded to
+** their current bindings. Or, if sqlite3.nVdbeExec is greater than 1,
+** then the returned string holds a copy of zRawSql with "-- " prepended
+** to each line of text.
+**
+** If the SQLITE_TRACE_SIZE_LIMIT macro is defined to an integer, then
+** then long strings and blobs are truncated to that many bytes. This
+** can be used to prevent unreasonably large trace strings when dealing
+** with large (multi-megabyte) strings and blobs.
+**
+** The calling function is responsible for making sure the memory returned
+** is eventually freed.
+**
+** ALGORITHM: Scan the input string looking for host parameters in any of
+** these forms: ?, ?N, $A, @A, :A. Take care to avoid text within
+** string literals, quoted identifier names, and comments. For text forms,
+** the host parameter index is found by scanning the prepared
+** statement for the corresponding OP_Variable opcode. Once the host
+** parameter index is known, locate the value in p->aVar[]. Then render
+** the value as a literal in place of the host parameter name.
+*/
+SQLITE_PRIVATE char *sqlite3VdbeExpandSql(
+ Vdbe *p, /* The prepared statement being evaluated */
+ const char *zRawSql /* Raw text of the SQL statement */
+){
+ sqlite3 *db; /* The database connection */
+ int idx = 0; /* Index of a host parameter */
+ int nextIndex = 1; /* Index of next ? host parameter */
+ int n; /* Length of a token prefix */
+ int nToken; /* Length of the parameter token */
+ int i; /* Loop counter */
+ Mem *pVar; /* Value of a host parameter */
+ StrAccum out; /* Accumulate the output here */
+ char zBase[100]; /* Initial working space */
+
+ db = p->db;
+ sqlite3StrAccumInit(&out, db, zBase, sizeof(zBase),
+ db->aLimit[SQLITE_LIMIT_LENGTH]);
+ if( db->nVdbeExec>1 ){
+ while( *zRawSql ){
+ const char *zStart = zRawSql;
+ while( *(zRawSql++)!='\n' && *zRawSql );
+ sqlite3StrAccumAppend(&out, "-- ", 3);
+ assert( (zRawSql - zStart) > 0 );
+ sqlite3StrAccumAppend(&out, zStart, (int)(zRawSql-zStart));
+ }
+ }else if( p->nVar==0 ){
+ sqlite3StrAccumAppend(&out, zRawSql, sqlite3Strlen30(zRawSql));
+ }else{
+ while( zRawSql[0] ){
+ n = findNextHostParameter(zRawSql, &nToken);
+ assert( n>0 );
+ sqlite3StrAccumAppend(&out, zRawSql, n);
+ zRawSql += n;
+ assert( zRawSql[0] || nToken==0 );
+ if( nToken==0 ) break;
+ if( zRawSql[0]=='?' ){
+ if( nToken>1 ){
+ assert( sqlite3Isdigit(zRawSql[1]) );
+ sqlite3GetInt32(&zRawSql[1], &idx);
+ }else{
+ idx = nextIndex;
+ }
+ }else{
+ assert( zRawSql[0]==':' || zRawSql[0]=='$' ||
+ zRawSql[0]=='@' || zRawSql[0]=='#' );
+ testcase( zRawSql[0]==':' );
+ testcase( zRawSql[0]=='$' );
+ testcase( zRawSql[0]=='@' );
+ testcase( zRawSql[0]=='#' );
+ idx = sqlite3VdbeParameterIndex(p, zRawSql, nToken);
+ assert( idx>0 );
+ }
+ zRawSql += nToken;
+ nextIndex = idx + 1;
+ assert( idx>0 && idx<=p->nVar );
+ pVar = &p->aVar[idx-1];
+ if( pVar->flags & MEM_Null ){
+ sqlite3StrAccumAppend(&out, "NULL", 4);
+ }else if( pVar->flags & MEM_Int ){
+ sqlite3XPrintf(&out, 0, "%lld", pVar->u.i);
+ }else if( pVar->flags & MEM_Real ){
+ sqlite3XPrintf(&out, 0, "%!.15g", pVar->u.r);
+ }else if( pVar->flags & MEM_Str ){
+ int nOut; /* Number of bytes of the string text to include in output */
+#ifndef SQLITE_OMIT_UTF16
+ u8 enc = ENC(db);
+ Mem utf8;
+ if( enc!=SQLITE_UTF8 ){
+ memset(&utf8, 0, sizeof(utf8));
+ utf8.db = db;
+ sqlite3VdbeMemSetStr(&utf8, pVar->z, pVar->n, enc, SQLITE_STATIC);
+ sqlite3VdbeChangeEncoding(&utf8, SQLITE_UTF8);
+ pVar = &utf8;
+ }
+#endif
+ nOut = pVar->n;
+#ifdef SQLITE_TRACE_SIZE_LIMIT
+ if( nOut>SQLITE_TRACE_SIZE_LIMIT ){
+ nOut = SQLITE_TRACE_SIZE_LIMIT;
+ while( nOut<pVar->n && (pVar->z[nOut]&0xc0)==0x80 ){ nOut++; }
+ }
+#endif
+ sqlite3XPrintf(&out, 0, "'%.*q'", nOut, pVar->z);
+#ifdef SQLITE_TRACE_SIZE_LIMIT
+ if( nOut<pVar->n ){
+ sqlite3XPrintf(&out, 0, "/*+%d bytes*/", pVar->n-nOut);
+ }
+#endif
+#ifndef SQLITE_OMIT_UTF16
+ if( enc!=SQLITE_UTF8 ) sqlite3VdbeMemRelease(&utf8);
+#endif
+ }else if( pVar->flags & MEM_Zero ){
+ sqlite3XPrintf(&out, 0, "zeroblob(%d)", pVar->u.nZero);
+ }else{
+ int nOut; /* Number of bytes of the blob to include in output */
+ assert( pVar->flags & MEM_Blob );
+ sqlite3StrAccumAppend(&out, "x'", 2);
+ nOut = pVar->n;
+#ifdef SQLITE_TRACE_SIZE_LIMIT
+ if( nOut>SQLITE_TRACE_SIZE_LIMIT ) nOut = SQLITE_TRACE_SIZE_LIMIT;
+#endif
+ for(i=0; i<nOut; i++){
+ sqlite3XPrintf(&out, 0, "%02x", pVar->z[i]&0xff);
+ }
+ sqlite3StrAccumAppend(&out, "'", 1);
+#ifdef SQLITE_TRACE_SIZE_LIMIT
+ if( nOut<pVar->n ){
+ sqlite3XPrintf(&out, 0, "/*+%d bytes*/", pVar->n-nOut);
+ }
+#endif
+ }
+ }
+ }
+ return sqlite3StrAccumFinish(&out);
+}
+
+#endif /* #ifndef SQLITE_OMIT_TRACE */
+
+/************** End of vdbetrace.c *******************************************/
+/************** Begin file vdbe.c ********************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** The code in this file implements the function that runs the
+** bytecode of a prepared statement.
+**
+** Various scripts scan this source file in order to generate HTML
+** documentation, headers files, or other derived files. The formatting
+** of the code in this file is, therefore, important. See other comments
+** in this file for details. If in doubt, do not deviate from existing
+** commenting and indentation practices when changing or adding code.
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+/*
+** Invoke this macro on memory cells just prior to changing the
+** value of the cell. This macro verifies that shallow copies are
+** not misused. A shallow copy of a string or blob just copies a
+** pointer to the string or blob, not the content. If the original
+** is changed while the copy is still in use, the string or blob might
+** be changed out from under the copy. This macro verifies that nothing
+** like that ever happens.
+*/
+#ifdef SQLITE_DEBUG
+# define memAboutToChange(P,M) sqlite3VdbeMemAboutToChange(P,M)
+#else
+# define memAboutToChange(P,M)
+#endif
+
+/*
+** The following global variable is incremented every time a cursor
+** moves, either by the OP_SeekXX, OP_Next, or OP_Prev opcodes. The test
+** procedures use this information to make sure that indices are
+** working correctly. This variable has no function other than to
+** help verify the correct operation of the library.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_search_count = 0;
+#endif
+
+/*
+** When this global variable is positive, it gets decremented once before
+** each instruction in the VDBE. When it reaches zero, the u1.isInterrupted
+** field of the sqlite3 structure is set in order to simulate an interrupt.
+**
+** This facility is used for testing purposes only. It does not function
+** in an ordinary build.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_interrupt_count = 0;
+#endif
+
+/*
+** The next global variable is incremented each type the OP_Sort opcode
+** is executed. The test procedures use this information to make sure that
+** sorting is occurring or not occurring at appropriate times. This variable
+** has no function other than to help verify the correct operation of the
+** library.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_sort_count = 0;
+#endif
+
+/*
+** The next global variable records the size of the largest MEM_Blob
+** or MEM_Str that has been used by a VDBE opcode. The test procedures
+** use this information to make sure that the zero-blob functionality
+** is working correctly. This variable has no function other than to
+** help verify the correct operation of the library.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_max_blobsize = 0;
+static void updateMaxBlobsize(Mem *p){
+ if( (p->flags & (MEM_Str|MEM_Blob))!=0 && p->n>sqlite3_max_blobsize ){
+ sqlite3_max_blobsize = p->n;
+ }
+}
+#endif
+
+/*
+** The next global variable is incremented each time the OP_Found opcode
+** is executed. This is used to test whether or not the foreign key
+** operation implemented using OP_FkIsZero is working. This variable
+** has no function other than to help verify the correct operation of the
+** library.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_found_count = 0;
+#endif
+
+/*
+** Test a register to see if it exceeds the current maximum blob size.
+** If it does, record the new maximum blob size.
+*/
+#if defined(SQLITE_TEST) && !defined(SQLITE_OMIT_BUILTIN_TEST)
+# define UPDATE_MAX_BLOBSIZE(P) updateMaxBlobsize(P)
+#else
+# define UPDATE_MAX_BLOBSIZE(P)
+#endif
+
+/*
+** Invoke the VDBE coverage callback, if that callback is defined. This
+** feature is used for test suite validation only and does not appear an
+** production builds.
+**
+** M is an integer, 2 or 3, that indices how many different ways the
+** branch can go. It is usually 2. "I" is the direction the branch
+** goes. 0 means falls through. 1 means branch is taken. 2 means the
+** second alternative branch is taken.
+**
+** iSrcLine is the source code line (from the __LINE__ macro) that
+** generated the VDBE instruction. This instrumentation assumes that all
+** source code is in a single file (the amalgamation). Special values 1
+** and 2 for the iSrcLine parameter mean that this particular branch is
+** always taken or never taken, respectively.
+*/
+#if !defined(SQLITE_VDBE_COVERAGE)
+# define VdbeBranchTaken(I,M)
+#else
+# define VdbeBranchTaken(I,M) vdbeTakeBranch(pOp->iSrcLine,I,M)
+ static void vdbeTakeBranch(int iSrcLine, u8 I, u8 M){
+ if( iSrcLine<=2 && ALWAYS(iSrcLine>0) ){
+ M = iSrcLine;
+ /* Assert the truth of VdbeCoverageAlwaysTaken() and
+ ** VdbeCoverageNeverTaken() */
+ assert( (M & I)==I );
+ }else{
+ if( sqlite3GlobalConfig.xVdbeBranch==0 ) return; /*NO_TEST*/
+ sqlite3GlobalConfig.xVdbeBranch(sqlite3GlobalConfig.pVdbeBranchArg,
+ iSrcLine,I,M);
+ }
+ }
+#endif
+
+/*
+** Convert the given register into a string if it isn't one
+** already. Return non-zero if a malloc() fails.
+*/
+#define Stringify(P, enc) \
+ if(((P)->flags&(MEM_Str|MEM_Blob))==0 && sqlite3VdbeMemStringify(P,enc,0)) \
+ { goto no_mem; }
+
+/*
+** An ephemeral string value (signified by the MEM_Ephem flag) contains
+** a pointer to a dynamically allocated string where some other entity
+** is responsible for deallocating that string. Because the register
+** does not control the string, it might be deleted without the register
+** knowing it.
+**
+** This routine converts an ephemeral string into a dynamically allocated
+** string that the register itself controls. In other words, it
+** converts an MEM_Ephem string into a string with P.z==P.zMalloc.
+*/
+#define Deephemeralize(P) \
+ if( ((P)->flags&MEM_Ephem)!=0 \
+ && sqlite3VdbeMemMakeWriteable(P) ){ goto no_mem;}
+
+/* Return true if the cursor was opened using the OP_OpenSorter opcode. */
+#define isSorter(x) ((x)->eCurType==CURTYPE_SORTER)
+
+/*
+** Allocate VdbeCursor number iCur. Return a pointer to it. Return NULL
+** if we run out of memory.
+*/
+static VdbeCursor *allocateCursor(
+ Vdbe *p, /* The virtual machine */
+ int iCur, /* Index of the new VdbeCursor */
+ int nField, /* Number of fields in the table or index */
+ int iDb, /* Database the cursor belongs to, or -1 */
+ u8 eCurType /* Type of the new cursor */
+){
+ /* Find the memory cell that will be used to store the blob of memory
+ ** required for this VdbeCursor structure. It is convenient to use a
+ ** vdbe memory cell to manage the memory allocation required for a
+ ** VdbeCursor structure for the following reasons:
+ **
+ ** * Sometimes cursor numbers are used for a couple of different
+ ** purposes in a vdbe program. The different uses might require
+ ** different sized allocations. Memory cells provide growable
+ ** allocations.
+ **
+ ** * When using ENABLE_MEMORY_MANAGEMENT, memory cell buffers can
+ ** be freed lazily via the sqlite3_release_memory() API. This
+ ** minimizes the number of malloc calls made by the system.
+ **
+ ** Memory cells for cursors are allocated at the top of the address
+ ** space. Memory cell (p->nMem) corresponds to cursor 0. Space for
+ ** cursor 1 is managed by memory cell (p->nMem-1), etc.
+ */
+ Mem *pMem = &p->aMem[p->nMem-iCur];
+
+ int nByte;
+ VdbeCursor *pCx = 0;
+ nByte =
+ ROUND8(sizeof(VdbeCursor)) + 2*sizeof(u32)*nField +
+ (eCurType==CURTYPE_BTREE?sqlite3BtreeCursorSize():0);
+
+ assert( iCur<p->nCursor );
+ if( p->apCsr[iCur] ){
+ sqlite3VdbeFreeCursor(p, p->apCsr[iCur]);
+ p->apCsr[iCur] = 0;
+ }
+ if( SQLITE_OK==sqlite3VdbeMemClearAndResize(pMem, nByte) ){
+ p->apCsr[iCur] = pCx = (VdbeCursor*)pMem->z;
+ memset(pCx, 0, sizeof(VdbeCursor));
+ pCx->eCurType = eCurType;
+ pCx->iDb = iDb;
+ pCx->nField = nField;
+ pCx->aOffset = &pCx->aType[nField];
+ if( eCurType==CURTYPE_BTREE ){
+ pCx->uc.pCursor = (BtCursor*)
+ &pMem->z[ROUND8(sizeof(VdbeCursor))+2*sizeof(u32)*nField];
+ sqlite3BtreeCursorZero(pCx->uc.pCursor);
+ }
+ }
+ return pCx;
+}
+
+/*
+** Try to convert a value into a numeric representation if we can
+** do so without loss of information. In other words, if the string
+** looks like a number, convert it into a number. If it does not
+** look like a number, leave it alone.
+**
+** If the bTryForInt flag is true, then extra effort is made to give
+** an integer representation. Strings that look like floating point
+** values but which have no fractional component (example: '48.00')
+** will have a MEM_Int representation when bTryForInt is true.
+**
+** If bTryForInt is false, then if the input string contains a decimal
+** point or exponential notation, the result is only MEM_Real, even
+** if there is an exact integer representation of the quantity.
+*/
+static void applyNumericAffinity(Mem *pRec, int bTryForInt){
+ double rValue;
+ i64 iValue;
+ u8 enc = pRec->enc;
+ assert( (pRec->flags & (MEM_Str|MEM_Int|MEM_Real))==MEM_Str );
+ if( sqlite3AtoF(pRec->z, &rValue, pRec->n, enc)==0 ) return;
+ if( 0==sqlite3Atoi64(pRec->z, &iValue, pRec->n, enc) ){
+ pRec->u.i = iValue;
+ pRec->flags |= MEM_Int;
+ }else{
+ pRec->u.r = rValue;
+ pRec->flags |= MEM_Real;
+ if( bTryForInt ) sqlite3VdbeIntegerAffinity(pRec);
+ }
+}
+
+/*
+** Processing is determine by the affinity parameter:
+**
+** SQLITE_AFF_INTEGER:
+** SQLITE_AFF_REAL:
+** SQLITE_AFF_NUMERIC:
+** Try to convert pRec to an integer representation or a
+** floating-point representation if an integer representation
+** is not possible. Note that the integer representation is
+** always preferred, even if the affinity is REAL, because
+** an integer representation is more space efficient on disk.
+**
+** SQLITE_AFF_TEXT:
+** Convert pRec to a text representation.
+**
+** SQLITE_AFF_BLOB:
+** No-op. pRec is unchanged.
+*/
+static void applyAffinity(
+ Mem *pRec, /* The value to apply affinity to */
+ char affinity, /* The affinity to be applied */
+ u8 enc /* Use this text encoding */
+){
+ if( affinity>=SQLITE_AFF_NUMERIC ){
+ assert( affinity==SQLITE_AFF_INTEGER || affinity==SQLITE_AFF_REAL
+ || affinity==SQLITE_AFF_NUMERIC );
+ if( (pRec->flags & MEM_Int)==0 ){
+ if( (pRec->flags & MEM_Real)==0 ){
+ if( pRec->flags & MEM_Str ) applyNumericAffinity(pRec,1);
+ }else{
+ sqlite3VdbeIntegerAffinity(pRec);
+ }
+ }
+ }else if( affinity==SQLITE_AFF_TEXT ){
+ /* Only attempt the conversion to TEXT if there is an integer or real
+ ** representation (blob and NULL do not get converted) but no string
+ ** representation.
+ */
+ if( 0==(pRec->flags&MEM_Str) && (pRec->flags&(MEM_Real|MEM_Int)) ){
+ sqlite3VdbeMemStringify(pRec, enc, 1);
+ }
+ pRec->flags &= ~(MEM_Real|MEM_Int);
+ }
+}
+
+/*
+** Try to convert the type of a function argument or a result column
+** into a numeric representation. Use either INTEGER or REAL whichever
+** is appropriate. But only do the conversion if it is possible without
+** loss of information and return the revised type of the argument.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_value_numeric_type(sqlite3_value *pVal){
+ int eType = sqlite3_value_type(pVal);
+ if( eType==SQLITE_TEXT ){
+ Mem *pMem = (Mem*)pVal;
+ applyNumericAffinity(pMem, 0);
+ eType = sqlite3_value_type(pVal);
+ }
+ return eType;
+}
+
+/*
+** Exported version of applyAffinity(). This one works on sqlite3_value*,
+** not the internal Mem* type.
+*/
+SQLITE_PRIVATE void sqlite3ValueApplyAffinity(
+ sqlite3_value *pVal,
+ u8 affinity,
+ u8 enc
+){
+ applyAffinity((Mem *)pVal, affinity, enc);
+}
+
+/*
+** pMem currently only holds a string type (or maybe a BLOB that we can
+** interpret as a string if we want to). Compute its corresponding
+** numeric type, if has one. Set the pMem->u.r and pMem->u.i fields
+** accordingly.
+*/
+static u16 SQLITE_NOINLINE computeNumericType(Mem *pMem){
+ assert( (pMem->flags & (MEM_Int|MEM_Real))==0 );
+ assert( (pMem->flags & (MEM_Str|MEM_Blob))!=0 );
+ if( sqlite3AtoF(pMem->z, &pMem->u.r, pMem->n, pMem->enc)==0 ){
+ return 0;
+ }
+ if( sqlite3Atoi64(pMem->z, &pMem->u.i, pMem->n, pMem->enc)==SQLITE_OK ){
+ return MEM_Int;
+ }
+ return MEM_Real;
+}
+
+/*
+** Return the numeric type for pMem, either MEM_Int or MEM_Real or both or
+** none.
+**
+** Unlike applyNumericAffinity(), this routine does not modify pMem->flags.
+** But it does set pMem->u.r and pMem->u.i appropriately.
+*/
+static u16 numericType(Mem *pMem){
+ if( pMem->flags & (MEM_Int|MEM_Real) ){
+ return pMem->flags & (MEM_Int|MEM_Real);
+ }
+ if( pMem->flags & (MEM_Str|MEM_Blob) ){
+ return computeNumericType(pMem);
+ }
+ return 0;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** Write a nice string representation of the contents of cell pMem
+** into buffer zBuf, length nBuf.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemPrettyPrint(Mem *pMem, char *zBuf){
+ char *zCsr = zBuf;
+ int f = pMem->flags;
+
+ static const char *const encnames[] = {"(X)", "(8)", "(16LE)", "(16BE)"};
+
+ if( f&MEM_Blob ){
+ int i;
+ char c;
+ if( f & MEM_Dyn ){
+ c = 'z';
+ assert( (f & (MEM_Static|MEM_Ephem))==0 );
+ }else if( f & MEM_Static ){
+ c = 't';
+ assert( (f & (MEM_Dyn|MEM_Ephem))==0 );
+ }else if( f & MEM_Ephem ){
+ c = 'e';
+ assert( (f & (MEM_Static|MEM_Dyn))==0 );
+ }else{
+ c = 's';
+ }
+
+ sqlite3_snprintf(100, zCsr, "%c", c);
+ zCsr += sqlite3Strlen30(zCsr);
+ sqlite3_snprintf(100, zCsr, "%d[", pMem->n);
+ zCsr += sqlite3Strlen30(zCsr);
+ for(i=0; i<16 && i<pMem->n; i++){
+ sqlite3_snprintf(100, zCsr, "%02X", ((int)pMem->z[i] & 0xFF));
+ zCsr += sqlite3Strlen30(zCsr);
+ }
+ for(i=0; i<16 && i<pMem->n; i++){
+ char z = pMem->z[i];
+ if( z<32 || z>126 ) *zCsr++ = '.';
+ else *zCsr++ = z;
+ }
+
+ sqlite3_snprintf(100, zCsr, "]%s", encnames[pMem->enc]);
+ zCsr += sqlite3Strlen30(zCsr);
+ if( f & MEM_Zero ){
+ sqlite3_snprintf(100, zCsr,"+%dz",pMem->u.nZero);
+ zCsr += sqlite3Strlen30(zCsr);
+ }
+ *zCsr = '\0';
+ }else if( f & MEM_Str ){
+ int j, k;
+ zBuf[0] = ' ';
+ if( f & MEM_Dyn ){
+ zBuf[1] = 'z';
+ assert( (f & (MEM_Static|MEM_Ephem))==0 );
+ }else if( f & MEM_Static ){
+ zBuf[1] = 't';
+ assert( (f & (MEM_Dyn|MEM_Ephem))==0 );
+ }else if( f & MEM_Ephem ){
+ zBuf[1] = 'e';
+ assert( (f & (MEM_Static|MEM_Dyn))==0 );
+ }else{
+ zBuf[1] = 's';
+ }
+ k = 2;
+ sqlite3_snprintf(100, &zBuf[k], "%d", pMem->n);
+ k += sqlite3Strlen30(&zBuf[k]);
+ zBuf[k++] = '[';
+ for(j=0; j<15 && j<pMem->n; j++){
+ u8 c = pMem->z[j];
+ if( c>=0x20 && c<0x7f ){
+ zBuf[k++] = c;
+ }else{
+ zBuf[k++] = '.';
+ }
+ }
+ zBuf[k++] = ']';
+ sqlite3_snprintf(100,&zBuf[k], encnames[pMem->enc]);
+ k += sqlite3Strlen30(&zBuf[k]);
+ zBuf[k++] = 0;
+ }
+}
+#endif
+
+#ifdef SQLITE_DEBUG
+/*
+** Print the value of a register for tracing purposes:
+*/
+static void memTracePrint(Mem *p){
+ if( p->flags & MEM_Undefined ){
+ printf(" undefined");
+ }else if( p->flags & MEM_Null ){
+ printf(" NULL");
+ }else if( (p->flags & (MEM_Int|MEM_Str))==(MEM_Int|MEM_Str) ){
+ printf(" si:%lld", p->u.i);
+ }else if( p->flags & MEM_Int ){
+ printf(" i:%lld", p->u.i);
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ }else if( p->flags & MEM_Real ){
+ printf(" r:%g", p->u.r);
+#endif
+ }else if( p->flags & MEM_RowSet ){
+ printf(" (rowset)");
+ }else{
+ char zBuf[200];
+ sqlite3VdbeMemPrettyPrint(p, zBuf);
+ printf(" %s", zBuf);
+ }
+}
+static void registerTrace(int iReg, Mem *p){
+ printf("REG[%d] = ", iReg);
+ memTracePrint(p);
+ printf("\n");
+}
+#endif
+
+#ifdef SQLITE_DEBUG
+# define REGISTER_TRACE(R,M) if(db->flags&SQLITE_VdbeTrace)registerTrace(R,M)
+#else
+# define REGISTER_TRACE(R,M)
+#endif
+
+
+#ifdef VDBE_PROFILE
+
+/*
+** hwtime.h contains inline assembler code for implementing
+** high-performance timing routines.
+*/
+/************** Include hwtime.h in the middle of vdbe.c *********************/
+/************** Begin file hwtime.h ******************************************/
+/*
+** 2008 May 27
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains inline asm code for retrieving "high-performance"
+** counters for x86 class CPUs.
+*/
+#ifndef _HWTIME_H_
+#define _HWTIME_H_
+
+/*
+** The following routine only works on pentium-class (or newer) processors.
+** It uses the RDTSC opcode to read the cycle count value out of the
+** processor and returns that value. This can be used for high-res
+** profiling.
+*/
+#if (defined(__GNUC__) || defined(_MSC_VER)) && \
+ (defined(i386) || defined(__i386__) || defined(_M_IX86))
+
+ #if defined(__GNUC__)
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned int lo, hi;
+ __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
+ return (sqlite_uint64)hi << 32 | lo;
+ }
+
+ #elif defined(_MSC_VER)
+
+ __declspec(naked) __inline sqlite_uint64 __cdecl sqlite3Hwtime(void){
+ __asm {
+ rdtsc
+ ret ; return value at EDX:EAX
+ }
+ }
+
+ #endif
+
+#elif (defined(__GNUC__) && defined(__x86_64__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long val;
+ __asm__ __volatile__ ("rdtsc" : "=A" (val));
+ return val;
+ }
+
+#elif (defined(__GNUC__) && defined(__ppc__))
+
+ __inline__ sqlite_uint64 sqlite3Hwtime(void){
+ unsigned long long retval;
+ unsigned long junk;
+ __asm__ __volatile__ ("\n\
+ 1: mftbu %1\n\
+ mftb %L0\n\
+ mftbu %0\n\
+ cmpw %0,%1\n\
+ bne 1b"
+ : "=r" (retval), "=r" (junk));
+ return retval;
+ }
+
+#else
+
+ #error Need implementation of sqlite3Hwtime() for your platform.
+
+ /*
+ ** To compile without implementing sqlite3Hwtime() for your platform,
+ ** you can remove the above #error and use the following
+ ** stub function. You will lose timing support for many
+ ** of the debugging and testing utilities, but it should at
+ ** least compile and run.
+ */
+SQLITE_PRIVATE sqlite_uint64 sqlite3Hwtime(void){ return ((sqlite_uint64)0); }
+
+#endif
+
+#endif /* !defined(_HWTIME_H_) */
+
+/************** End of hwtime.h **********************************************/
+/************** Continuing where we left off in vdbe.c ***********************/
+
+#endif
+
+#ifndef NDEBUG
+/*
+** This function is only called from within an assert() expression. It
+** checks that the sqlite3.nTransaction variable is correctly set to
+** the number of non-transaction savepoints currently in the
+** linked list starting at sqlite3.pSavepoint.
+**
+** Usage:
+**
+** assert( checkSavepointCount(db) );
+*/
+static int checkSavepointCount(sqlite3 *db){
+ int n = 0;
+ Savepoint *p;
+ for(p=db->pSavepoint; p; p=p->pNext) n++;
+ assert( n==(db->nSavepoint + db->isTransactionSavepoint) );
+ return 1;
+}
+#endif
+
+/*
+** Return the register of pOp->p2 after first preparing it to be
+** overwritten with an integer value.
+*/
+static SQLITE_NOINLINE Mem *out2PrereleaseWithClear(Mem *pOut){
+ sqlite3VdbeMemSetNull(pOut);
+ pOut->flags = MEM_Int;
+ return pOut;
+}
+static Mem *out2Prerelease(Vdbe *p, VdbeOp *pOp){
+ Mem *pOut;
+ assert( pOp->p2>0 );
+ assert( pOp->p2<=(p->nMem-p->nCursor) );
+ pOut = &p->aMem[pOp->p2];
+ memAboutToChange(p, pOut);
+ if( VdbeMemDynamic(pOut) ){
+ return out2PrereleaseWithClear(pOut);
+ }else{
+ pOut->flags = MEM_Int;
+ return pOut;
+ }
+}
+
+
+/*
+** Execute as much of a VDBE program as we can.
+** This is the core of sqlite3_step().
+*/
+SQLITE_PRIVATE int sqlite3VdbeExec(
+ Vdbe *p /* The VDBE */
+){
+ Op *aOp = p->aOp; /* Copy of p->aOp */
+ Op *pOp = aOp; /* Current operation */
+#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
+ Op *pOrigOp; /* Value of pOp at the top of the loop */
+#endif
+ int rc = SQLITE_OK; /* Value to return */
+ sqlite3 *db = p->db; /* The database */
+ u8 resetSchemaOnFault = 0; /* Reset schema after an error if positive */
+ u8 encoding = ENC(db); /* The database encoding */
+ int iCompare = 0; /* Result of last OP_Compare operation */
+ unsigned nVmStep = 0; /* Number of virtual machine steps */
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+ unsigned nProgressLimit = 0;/* Invoke xProgress() when nVmStep reaches this */
+#endif
+ Mem *aMem = p->aMem; /* Copy of p->aMem */
+ Mem *pIn1 = 0; /* 1st input operand */
+ Mem *pIn2 = 0; /* 2nd input operand */
+ Mem *pIn3 = 0; /* 3rd input operand */
+ Mem *pOut = 0; /* Output operand */
+ int *aPermute = 0; /* Permutation of columns for OP_Compare */
+ i64 lastRowid = db->lastRowid; /* Saved value of the last insert ROWID */
+#ifdef VDBE_PROFILE
+ u64 start; /* CPU clock count at start of opcode */
+#endif
+ /*** INSERT STACK UNION HERE ***/
+
+ assert( p->magic==VDBE_MAGIC_RUN ); /* sqlite3_step() verifies this */
+ sqlite3VdbeEnter(p);
+ if( p->rc==SQLITE_NOMEM ){
+ /* This happens if a malloc() inside a call to sqlite3_column_text() or
+ ** sqlite3_column_text16() failed. */
+ goto no_mem;
+ }
+ assert( p->rc==SQLITE_OK || (p->rc&0xff)==SQLITE_BUSY );
+ assert( p->bIsReader || p->readOnly!=0 );
+ p->rc = SQLITE_OK;
+ p->iCurrentTime = 0;
+ assert( p->explain==0 );
+ p->pResultSet = 0;
+ db->busyHandler.nBusy = 0;
+ if( db->u1.isInterrupted ) goto abort_due_to_interrupt;
+ sqlite3VdbeIOTraceSql(p);
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+ if( db->xProgress ){
+ u32 iPrior = p->aCounter[SQLITE_STMTSTATUS_VM_STEP];
+ assert( 0 < db->nProgressOps );
+ nProgressLimit = db->nProgressOps - (iPrior % db->nProgressOps);
+ }
+#endif
+#ifdef SQLITE_DEBUG
+ sqlite3BeginBenignMalloc();
+ if( p->pc==0
+ && (p->db->flags & (SQLITE_VdbeListing|SQLITE_VdbeEQP|SQLITE_VdbeTrace))!=0
+ ){
+ int i;
+ int once = 1;
+ sqlite3VdbePrintSql(p);
+ if( p->db->flags & SQLITE_VdbeListing ){
+ printf("VDBE Program Listing:\n");
+ for(i=0; i<p->nOp; i++){
+ sqlite3VdbePrintOp(stdout, i, &aOp[i]);
+ }
+ }
+ if( p->db->flags & SQLITE_VdbeEQP ){
+ for(i=0; i<p->nOp; i++){
+ if( aOp[i].opcode==OP_Explain ){
+ if( once ) printf("VDBE Query Plan:\n");
+ printf("%s\n", aOp[i].p4.z);
+ once = 0;
+ }
+ }
+ }
+ if( p->db->flags & SQLITE_VdbeTrace ) printf("VDBE Trace:\n");
+ }
+ sqlite3EndBenignMalloc();
+#endif
+ for(pOp=&aOp[p->pc]; rc==SQLITE_OK; pOp++){
+ assert( pOp>=aOp && pOp<&aOp[p->nOp]);
+ if( db->mallocFailed ) goto no_mem;
+#ifdef VDBE_PROFILE
+ start = sqlite3Hwtime();
+#endif
+ nVmStep++;
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ if( p->anExec ) p->anExec[(int)(pOp-aOp)]++;
+#endif
+
+ /* Only allow tracing if SQLITE_DEBUG is defined.
+ */
+#ifdef SQLITE_DEBUG
+ if( db->flags & SQLITE_VdbeTrace ){
+ sqlite3VdbePrintOp(stdout, (int)(pOp - aOp), pOp);
+ }
+#endif
+
+
+ /* Check to see if we need to simulate an interrupt. This only happens
+ ** if we have a special test build.
+ */
+#ifdef SQLITE_TEST
+ if( sqlite3_interrupt_count>0 ){
+ sqlite3_interrupt_count--;
+ if( sqlite3_interrupt_count==0 ){
+ sqlite3_interrupt(db);
+ }
+ }
+#endif
+
+ /* Sanity checking on other operands */
+#ifdef SQLITE_DEBUG
+ assert( pOp->opflags==sqlite3OpcodeProperty[pOp->opcode] );
+ if( (pOp->opflags & OPFLG_IN1)!=0 ){
+ assert( pOp->p1>0 );
+ assert( pOp->p1<=(p->nMem-p->nCursor) );
+ assert( memIsValid(&aMem[pOp->p1]) );
+ assert( sqlite3VdbeCheckMemInvariants(&aMem[pOp->p1]) );
+ REGISTER_TRACE(pOp->p1, &aMem[pOp->p1]);
+ }
+ if( (pOp->opflags & OPFLG_IN2)!=0 ){
+ assert( pOp->p2>0 );
+ assert( pOp->p2<=(p->nMem-p->nCursor) );
+ assert( memIsValid(&aMem[pOp->p2]) );
+ assert( sqlite3VdbeCheckMemInvariants(&aMem[pOp->p2]) );
+ REGISTER_TRACE(pOp->p2, &aMem[pOp->p2]);
+ }
+ if( (pOp->opflags & OPFLG_IN3)!=0 ){
+ assert( pOp->p3>0 );
+ assert( pOp->p3<=(p->nMem-p->nCursor) );
+ assert( memIsValid(&aMem[pOp->p3]) );
+ assert( sqlite3VdbeCheckMemInvariants(&aMem[pOp->p3]) );
+ REGISTER_TRACE(pOp->p3, &aMem[pOp->p3]);
+ }
+ if( (pOp->opflags & OPFLG_OUT2)!=0 ){
+ assert( pOp->p2>0 );
+ assert( pOp->p2<=(p->nMem-p->nCursor) );
+ memAboutToChange(p, &aMem[pOp->p2]);
+ }
+ if( (pOp->opflags & OPFLG_OUT3)!=0 ){
+ assert( pOp->p3>0 );
+ assert( pOp->p3<=(p->nMem-p->nCursor) );
+ memAboutToChange(p, &aMem[pOp->p3]);
+ }
+#endif
+#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
+ pOrigOp = pOp;
+#endif
+
+ switch( pOp->opcode ){
+
+/*****************************************************************************
+** What follows is a massive switch statement where each case implements a
+** separate instruction in the virtual machine. If we follow the usual
+** indentation conventions, each case should be indented by 6 spaces. But
+** that is a lot of wasted space on the left margin. So the code within
+** the switch statement will break with convention and be flush-left. Another
+** big comment (similar to this one) will mark the point in the code where
+** we transition back to normal indentation.
+**
+** The formatting of each case is important. The makefile for SQLite
+** generates two C files "opcodes.h" and "opcodes.c" by scanning this
+** file looking for lines that begin with "case OP_". The opcodes.h files
+** will be filled with #defines that give unique integer values to each
+** opcode and the opcodes.c file is filled with an array of strings where
+** each string is the symbolic name for the corresponding opcode. If the
+** case statement is followed by a comment of the form "/# same as ... #/"
+** that comment is used to determine the particular value of the opcode.
+**
+** Other keywords in the comment that follows each case are used to
+** construct the OPFLG_INITIALIZER value that initializes opcodeProperty[].
+** Keywords include: in1, in2, in3, out2, out3. See
+** the mkopcodeh.awk script for additional information.
+**
+** Documentation about VDBE opcodes is generated by scanning this file
+** for lines of that contain "Opcode:". That line and all subsequent
+** comment lines are used in the generation of the opcode.html documentation
+** file.
+**
+** SUMMARY:
+**
+** Formatting is important to scripts that scan this file.
+** Do not deviate from the formatting style currently in use.
+**
+*****************************************************************************/
+
+/* Opcode: Goto * P2 * * *
+**
+** An unconditional jump to address P2.
+** The next instruction executed will be
+** the one at index P2 from the beginning of
+** the program.
+**
+** The P1 parameter is not actually used by this opcode. However, it
+** is sometimes set to 1 instead of 0 as a hint to the command-line shell
+** that this Goto is the bottom of a loop and that the lines from P2 down
+** to the current line should be indented for EXPLAIN output.
+*/
+case OP_Goto: { /* jump */
+jump_to_p2_and_check_for_interrupt:
+ pOp = &aOp[pOp->p2 - 1];
+
+ /* Opcodes that are used as the bottom of a loop (OP_Next, OP_Prev,
+ ** OP_VNext, OP_RowSetNext, or OP_SorterNext) all jump here upon
+ ** completion. Check to see if sqlite3_interrupt() has been called
+ ** or if the progress callback needs to be invoked.
+ **
+ ** This code uses unstructured "goto" statements and does not look clean.
+ ** But that is not due to sloppy coding habits. The code is written this
+ ** way for performance, to avoid having to run the interrupt and progress
+ ** checks on every opcode. This helps sqlite3_step() to run about 1.5%
+ ** faster according to "valgrind --tool=cachegrind" */
+check_for_interrupt:
+ if( db->u1.isInterrupted ) goto abort_due_to_interrupt;
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+ /* Call the progress callback if it is configured and the required number
+ ** of VDBE ops have been executed (either since this invocation of
+ ** sqlite3VdbeExec() or since last time the progress callback was called).
+ ** If the progress callback returns non-zero, exit the virtual machine with
+ ** a return code SQLITE_ABORT.
+ */
+ if( db->xProgress!=0 && nVmStep>=nProgressLimit ){
+ assert( db->nProgressOps!=0 );
+ nProgressLimit = nVmStep + db->nProgressOps - (nVmStep%db->nProgressOps);
+ if( db->xProgress(db->pProgressArg) ){
+ rc = SQLITE_INTERRUPT;
+ goto vdbe_error_halt;
+ }
+ }
+#endif
+
+ break;
+}
+
+/* Opcode: Gosub P1 P2 * * *
+**
+** Write the current address onto register P1
+** and then jump to address P2.
+*/
+case OP_Gosub: { /* jump */
+ assert( pOp->p1>0 && pOp->p1<=(p->nMem-p->nCursor) );
+ pIn1 = &aMem[pOp->p1];
+ assert( VdbeMemDynamic(pIn1)==0 );
+ memAboutToChange(p, pIn1);
+ pIn1->flags = MEM_Int;
+ pIn1->u.i = (int)(pOp-aOp);
+ REGISTER_TRACE(pOp->p1, pIn1);
+
+ /* Most jump operations do a goto to this spot in order to update
+ ** the pOp pointer. */
+jump_to_p2:
+ pOp = &aOp[pOp->p2 - 1];
+ break;
+}
+
+/* Opcode: Return P1 * * * *
+**
+** Jump to the next instruction after the address in register P1. After
+** the jump, register P1 becomes undefined.
+*/
+case OP_Return: { /* in1 */
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags==MEM_Int );
+ pOp = &aOp[pIn1->u.i];
+ pIn1->flags = MEM_Undefined;
+ break;
+}
+
+/* Opcode: InitCoroutine P1 P2 P3 * *
+**
+** Set up register P1 so that it will Yield to the coroutine
+** located at address P3.
+**
+** If P2!=0 then the coroutine implementation immediately follows
+** this opcode. So jump over the coroutine implementation to
+** address P2.
+**
+** See also: EndCoroutine
+*/
+case OP_InitCoroutine: { /* jump */
+ assert( pOp->p1>0 && pOp->p1<=(p->nMem-p->nCursor) );
+ assert( pOp->p2>=0 && pOp->p2<p->nOp );
+ assert( pOp->p3>=0 && pOp->p3<p->nOp );
+ pOut = &aMem[pOp->p1];
+ assert( !VdbeMemDynamic(pOut) );
+ pOut->u.i = pOp->p3 - 1;
+ pOut->flags = MEM_Int;
+ if( pOp->p2 ) goto jump_to_p2;
+ break;
+}
+
+/* Opcode: EndCoroutine P1 * * * *
+**
+** The instruction at the address in register P1 is a Yield.
+** Jump to the P2 parameter of that Yield.
+** After the jump, register P1 becomes undefined.
+**
+** See also: InitCoroutine
+*/
+case OP_EndCoroutine: { /* in1 */
+ VdbeOp *pCaller;
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags==MEM_Int );
+ assert( pIn1->u.i>=0 && pIn1->u.i<p->nOp );
+ pCaller = &aOp[pIn1->u.i];
+ assert( pCaller->opcode==OP_Yield );
+ assert( pCaller->p2>=0 && pCaller->p2<p->nOp );
+ pOp = &aOp[pCaller->p2 - 1];
+ pIn1->flags = MEM_Undefined;
+ break;
+}
+
+/* Opcode: Yield P1 P2 * * *
+**
+** Swap the program counter with the value in register P1. This
+** has the effect of yielding to a coroutine.
+**
+** If the coroutine that is launched by this instruction ends with
+** Yield or Return then continue to the next instruction. But if
+** the coroutine launched by this instruction ends with
+** EndCoroutine, then jump to P2 rather than continuing with the
+** next instruction.
+**
+** See also: InitCoroutine
+*/
+case OP_Yield: { /* in1, jump */
+ int pcDest;
+ pIn1 = &aMem[pOp->p1];
+ assert( VdbeMemDynamic(pIn1)==0 );
+ pIn1->flags = MEM_Int;
+ pcDest = (int)pIn1->u.i;
+ pIn1->u.i = (int)(pOp - aOp);
+ REGISTER_TRACE(pOp->p1, pIn1);
+ pOp = &aOp[pcDest];
+ break;
+}
+
+/* Opcode: HaltIfNull P1 P2 P3 P4 P5
+** Synopsis: if r[P3]=null halt
+**
+** Check the value in register P3. If it is NULL then Halt using
+** parameter P1, P2, and P4 as if this were a Halt instruction. If the
+** value in register P3 is not NULL, then this routine is a no-op.
+** The P5 parameter should be 1.
+*/
+case OP_HaltIfNull: { /* in3 */
+ pIn3 = &aMem[pOp->p3];
+ if( (pIn3->flags & MEM_Null)==0 ) break;
+ /* Fall through into OP_Halt */
+}
+
+/* Opcode: Halt P1 P2 * P4 P5
+**
+** Exit immediately. All open cursors, etc are closed
+** automatically.
+**
+** P1 is the result code returned by sqlite3_exec(), sqlite3_reset(),
+** or sqlite3_finalize(). For a normal halt, this should be SQLITE_OK (0).
+** For errors, it can be some other value. If P1!=0 then P2 will determine
+** whether or not to rollback the current transaction. Do not rollback
+** if P2==OE_Fail. Do the rollback if P2==OE_Rollback. If P2==OE_Abort,
+** then back out all changes that have occurred during this execution of the
+** VDBE, but do not rollback the transaction.
+**
+** If P4 is not null then it is an error message string.
+**
+** P5 is a value between 0 and 4, inclusive, that modifies the P4 string.
+**
+** 0: (no change)
+** 1: NOT NULL contraint failed: P4
+** 2: UNIQUE constraint failed: P4
+** 3: CHECK constraint failed: P4
+** 4: FOREIGN KEY constraint failed: P4
+**
+** If P5 is not zero and P4 is NULL, then everything after the ":" is
+** omitted.
+**
+** There is an implied "Halt 0 0 0" instruction inserted at the very end of
+** every program. So a jump past the last instruction of the program
+** is the same as executing Halt.
+*/
+case OP_Halt: {
+ const char *zType;
+ const char *zLogFmt;
+ VdbeFrame *pFrame;
+ int pcx;
+
+ pcx = (int)(pOp - aOp);
+ if( pOp->p1==SQLITE_OK && p->pFrame ){
+ /* Halt the sub-program. Return control to the parent frame. */
+ pFrame = p->pFrame;
+ p->pFrame = pFrame->pParent;
+ p->nFrame--;
+ sqlite3VdbeSetChanges(db, p->nChange);
+ pcx = sqlite3VdbeFrameRestore(pFrame);
+ lastRowid = db->lastRowid;
+ if( pOp->p2==OE_Ignore ){
+ /* Instruction pcx is the OP_Program that invoked the sub-program
+ ** currently being halted. If the p2 instruction of this OP_Halt
+ ** instruction is set to OE_Ignore, then the sub-program is throwing
+ ** an IGNORE exception. In this case jump to the address specified
+ ** as the p2 of the calling OP_Program. */
+ pcx = p->aOp[pcx].p2-1;
+ }
+ aOp = p->aOp;
+ aMem = p->aMem;
+ pOp = &aOp[pcx];
+ break;
+ }
+ p->rc = pOp->p1;
+ p->errorAction = (u8)pOp->p2;
+ p->pc = pcx;
+ if( p->rc ){
+ if( pOp->p5 ){
+ static const char * const azType[] = { "NOT NULL", "UNIQUE", "CHECK",
+ "FOREIGN KEY" };
+ assert( pOp->p5>=1 && pOp->p5<=4 );
+ testcase( pOp->p5==1 );
+ testcase( pOp->p5==2 );
+ testcase( pOp->p5==3 );
+ testcase( pOp->p5==4 );
+ zType = azType[pOp->p5-1];
+ }else{
+ zType = 0;
+ }
+ assert( zType!=0 || pOp->p4.z!=0 );
+ zLogFmt = "abort at %d in [%s]: %s";
+ if( zType && pOp->p4.z ){
+ sqlite3VdbeError(p, "%s constraint failed: %s", zType, pOp->p4.z);
+ }else if( pOp->p4.z ){
+ sqlite3VdbeError(p, "%s", pOp->p4.z);
+ }else{
+ sqlite3VdbeError(p, "%s constraint failed", zType);
+ }
+ sqlite3_log(pOp->p1, zLogFmt, pcx, p->zSql, p->zErrMsg);
+ }
+ rc = sqlite3VdbeHalt(p);
+ assert( rc==SQLITE_BUSY || rc==SQLITE_OK || rc==SQLITE_ERROR );
+ if( rc==SQLITE_BUSY ){
+ p->rc = rc = SQLITE_BUSY;
+ }else{
+ assert( rc==SQLITE_OK || (p->rc&0xff)==SQLITE_CONSTRAINT );
+ assert( rc==SQLITE_OK || db->nDeferredCons>0 || db->nDeferredImmCons>0 );
+ rc = p->rc ? SQLITE_ERROR : SQLITE_DONE;
+ }
+ goto vdbe_return;
+}
+
+/* Opcode: Integer P1 P2 * * *
+** Synopsis: r[P2]=P1
+**
+** The 32-bit integer value P1 is written into register P2.
+*/
+case OP_Integer: { /* out2 */
+ pOut = out2Prerelease(p, pOp);
+ pOut->u.i = pOp->p1;
+ break;
+}
+
+/* Opcode: Int64 * P2 * P4 *
+** Synopsis: r[P2]=P4
+**
+** P4 is a pointer to a 64-bit integer value.
+** Write that value into register P2.
+*/
+case OP_Int64: { /* out2 */
+ pOut = out2Prerelease(p, pOp);
+ assert( pOp->p4.pI64!=0 );
+ pOut->u.i = *pOp->p4.pI64;
+ break;
+}
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/* Opcode: Real * P2 * P4 *
+** Synopsis: r[P2]=P4
+**
+** P4 is a pointer to a 64-bit floating point value.
+** Write that value into register P2.
+*/
+case OP_Real: { /* same as TK_FLOAT, out2 */
+ pOut = out2Prerelease(p, pOp);
+ pOut->flags = MEM_Real;
+ assert( !sqlite3IsNaN(*pOp->p4.pReal) );
+ pOut->u.r = *pOp->p4.pReal;
+ break;
+}
+#endif
+
+/* Opcode: String8 * P2 * P4 *
+** Synopsis: r[P2]='P4'
+**
+** P4 points to a nul terminated UTF-8 string. This opcode is transformed
+** into a String opcode before it is executed for the first time. During
+** this transformation, the length of string P4 is computed and stored
+** as the P1 parameter.
+*/
+case OP_String8: { /* same as TK_STRING, out2 */
+ assert( pOp->p4.z!=0 );
+ pOut = out2Prerelease(p, pOp);
+ pOp->opcode = OP_String;
+ pOp->p1 = sqlite3Strlen30(pOp->p4.z);
+
+#ifndef SQLITE_OMIT_UTF16
+ if( encoding!=SQLITE_UTF8 ){
+ rc = sqlite3VdbeMemSetStr(pOut, pOp->p4.z, -1, SQLITE_UTF8, SQLITE_STATIC);
+ if( rc==SQLITE_TOOBIG ) goto too_big;
+ if( SQLITE_OK!=sqlite3VdbeChangeEncoding(pOut, encoding) ) goto no_mem;
+ assert( pOut->szMalloc>0 && pOut->zMalloc==pOut->z );
+ assert( VdbeMemDynamic(pOut)==0 );
+ pOut->szMalloc = 0;
+ pOut->flags |= MEM_Static;
+ if( pOp->p4type==P4_DYNAMIC ){
+ sqlite3DbFree(db, pOp->p4.z);
+ }
+ pOp->p4type = P4_DYNAMIC;
+ pOp->p4.z = pOut->z;
+ pOp->p1 = pOut->n;
+ }
+#endif
+ if( pOp->p1>db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ goto too_big;
+ }
+ /* Fall through to the next case, OP_String */
+}
+
+/* Opcode: String P1 P2 P3 P4 P5
+** Synopsis: r[P2]='P4' (len=P1)
+**
+** The string value P4 of length P1 (bytes) is stored in register P2.
+**
+** If P5!=0 and the content of register P3 is greater than zero, then
+** the datatype of the register P2 is converted to BLOB. The content is
+** the same sequence of bytes, it is merely interpreted as a BLOB instead
+** of a string, as if it had been CAST.
+*/
+case OP_String: { /* out2 */
+ assert( pOp->p4.z!=0 );
+ pOut = out2Prerelease(p, pOp);
+ pOut->flags = MEM_Str|MEM_Static|MEM_Term;
+ pOut->z = pOp->p4.z;
+ pOut->n = pOp->p1;
+ pOut->enc = encoding;
+ UPDATE_MAX_BLOBSIZE(pOut);
+#ifndef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ if( pOp->p5 ){
+ assert( pOp->p3>0 );
+ assert( pOp->p3<=(p->nMem-p->nCursor) );
+ pIn3 = &aMem[pOp->p3];
+ assert( pIn3->flags & MEM_Int );
+ if( pIn3->u.i ) pOut->flags = MEM_Blob|MEM_Static|MEM_Term;
+ }
+#endif
+ break;
+}
+
+/* Opcode: Null P1 P2 P3 * *
+** Synopsis: r[P2..P3]=NULL
+**
+** Write a NULL into registers P2. If P3 greater than P2, then also write
+** NULL into register P3 and every register in between P2 and P3. If P3
+** is less than P2 (typically P3 is zero) then only register P2 is
+** set to NULL.
+**
+** If the P1 value is non-zero, then also set the MEM_Cleared flag so that
+** NULL values will not compare equal even if SQLITE_NULLEQ is set on
+** OP_Ne or OP_Eq.
+*/
+case OP_Null: { /* out2 */
+ int cnt;
+ u16 nullFlag;
+ pOut = out2Prerelease(p, pOp);
+ cnt = pOp->p3-pOp->p2;
+ assert( pOp->p3<=(p->nMem-p->nCursor) );
+ pOut->flags = nullFlag = pOp->p1 ? (MEM_Null|MEM_Cleared) : MEM_Null;
+ while( cnt>0 ){
+ pOut++;
+ memAboutToChange(p, pOut);
+ sqlite3VdbeMemSetNull(pOut);
+ pOut->flags = nullFlag;
+ cnt--;
+ }
+ break;
+}
+
+/* Opcode: SoftNull P1 * * * *
+** Synopsis: r[P1]=NULL
+**
+** Set register P1 to have the value NULL as seen by the OP_MakeRecord
+** instruction, but do not free any string or blob memory associated with
+** the register, so that if the value was a string or blob that was
+** previously copied using OP_SCopy, the copies will continue to be valid.
+*/
+case OP_SoftNull: {
+ assert( pOp->p1>0 && pOp->p1<=(p->nMem-p->nCursor) );
+ pOut = &aMem[pOp->p1];
+ pOut->flags = (pOut->flags|MEM_Null)&~MEM_Undefined;
+ break;
+}
+
+/* Opcode: Blob P1 P2 * P4 *
+** Synopsis: r[P2]=P4 (len=P1)
+**
+** P4 points to a blob of data P1 bytes long. Store this
+** blob in register P2.
+*/
+case OP_Blob: { /* out2 */
+ assert( pOp->p1 <= SQLITE_MAX_LENGTH );
+ pOut = out2Prerelease(p, pOp);
+ sqlite3VdbeMemSetStr(pOut, pOp->p4.z, pOp->p1, 0, 0);
+ pOut->enc = encoding;
+ UPDATE_MAX_BLOBSIZE(pOut);
+ break;
+}
+
+/* Opcode: Variable P1 P2 * P4 *
+** Synopsis: r[P2]=parameter(P1,P4)
+**
+** Transfer the values of bound parameter P1 into register P2
+**
+** If the parameter is named, then its name appears in P4.
+** The P4 value is used by sqlite3_bind_parameter_name().
+*/
+case OP_Variable: { /* out2 */
+ Mem *pVar; /* Value being transferred */
+
+ assert( pOp->p1>0 && pOp->p1<=p->nVar );
+ assert( pOp->p4.z==0 || pOp->p4.z==p->azVar[pOp->p1-1] );
+ pVar = &p->aVar[pOp->p1 - 1];
+ if( sqlite3VdbeMemTooBig(pVar) ){
+ goto too_big;
+ }
+ pOut = out2Prerelease(p, pOp);
+ sqlite3VdbeMemShallowCopy(pOut, pVar, MEM_Static);
+ UPDATE_MAX_BLOBSIZE(pOut);
+ break;
+}
+
+/* Opcode: Move P1 P2 P3 * *
+** Synopsis: r[P2@P3]=r[P1@P3]
+**
+** Move the P3 values in register P1..P1+P3-1 over into
+** registers P2..P2+P3-1. Registers P1..P1+P3-1 are
+** left holding a NULL. It is an error for register ranges
+** P1..P1+P3-1 and P2..P2+P3-1 to overlap. It is an error
+** for P3 to be less than 1.
+*/
+case OP_Move: {
+ int n; /* Number of registers left to copy */
+ int p1; /* Register to copy from */
+ int p2; /* Register to copy to */
+
+ n = pOp->p3;
+ p1 = pOp->p1;
+ p2 = pOp->p2;
+ assert( n>0 && p1>0 && p2>0 );
+ assert( p1+n<=p2 || p2+n<=p1 );
+
+ pIn1 = &aMem[p1];
+ pOut = &aMem[p2];
+ do{
+ assert( pOut<=&aMem[(p->nMem-p->nCursor)] );
+ assert( pIn1<=&aMem[(p->nMem-p->nCursor)] );
+ assert( memIsValid(pIn1) );
+ memAboutToChange(p, pOut);
+ sqlite3VdbeMemMove(pOut, pIn1);
+#ifdef SQLITE_DEBUG
+ if( pOut->pScopyFrom>=&aMem[p1] && pOut->pScopyFrom<pOut ){
+ pOut->pScopyFrom += pOp->p2 - p1;
+ }
+#endif
+ Deephemeralize(pOut);
+ REGISTER_TRACE(p2++, pOut);
+ pIn1++;
+ pOut++;
+ }while( --n );
+ break;
+}
+
+/* Opcode: Copy P1 P2 P3 * *
+** Synopsis: r[P2@P3+1]=r[P1@P3+1]
+**
+** Make a copy of registers P1..P1+P3 into registers P2..P2+P3.
+**
+** This instruction makes a deep copy of the value. A duplicate
+** is made of any string or blob constant. See also OP_SCopy.
+*/
+case OP_Copy: {
+ int n;
+
+ n = pOp->p3;
+ pIn1 = &aMem[pOp->p1];
+ pOut = &aMem[pOp->p2];
+ assert( pOut!=pIn1 );
+ while( 1 ){
+ sqlite3VdbeMemShallowCopy(pOut, pIn1, MEM_Ephem);
+ Deephemeralize(pOut);
+#ifdef SQLITE_DEBUG
+ pOut->pScopyFrom = 0;
+#endif
+ REGISTER_TRACE(pOp->p2+pOp->p3-n, pOut);
+ if( (n--)==0 ) break;
+ pOut++;
+ pIn1++;
+ }
+ break;
+}
+
+/* Opcode: SCopy P1 P2 * * *
+** Synopsis: r[P2]=r[P1]
+**
+** Make a shallow copy of register P1 into register P2.
+**
+** This instruction makes a shallow copy of the value. If the value
+** is a string or blob, then the copy is only a pointer to the
+** original and hence if the original changes so will the copy.
+** Worse, if the original is deallocated, the copy becomes invalid.
+** Thus the program must guarantee that the original will not change
+** during the lifetime of the copy. Use OP_Copy to make a complete
+** copy.
+*/
+case OP_SCopy: { /* out2 */
+ pIn1 = &aMem[pOp->p1];
+ pOut = &aMem[pOp->p2];
+ assert( pOut!=pIn1 );
+ sqlite3VdbeMemShallowCopy(pOut, pIn1, MEM_Ephem);
+#ifdef SQLITE_DEBUG
+ if( pOut->pScopyFrom==0 ) pOut->pScopyFrom = pIn1;
+#endif
+ break;
+}
+
+/* Opcode: IntCopy P1 P2 * * *
+** Synopsis: r[P2]=r[P1]
+**
+** Transfer the integer value held in register P1 into register P2.
+**
+** This is an optimized version of SCopy that works only for integer
+** values.
+*/
+case OP_IntCopy: { /* out2 */
+ pIn1 = &aMem[pOp->p1];
+ assert( (pIn1->flags & MEM_Int)!=0 );
+ pOut = &aMem[pOp->p2];
+ sqlite3VdbeMemSetInt64(pOut, pIn1->u.i);
+ break;
+}
+
+/* Opcode: ResultRow P1 P2 * * *
+** Synopsis: output=r[P1@P2]
+**
+** The registers P1 through P1+P2-1 contain a single row of
+** results. This opcode causes the sqlite3_step() call to terminate
+** with an SQLITE_ROW return code and it sets up the sqlite3_stmt
+** structure to provide access to the r(P1)..r(P1+P2-1) values as
+** the result row.
+*/
+case OP_ResultRow: {
+ Mem *pMem;
+ int i;
+ assert( p->nResColumn==pOp->p2 );
+ assert( pOp->p1>0 );
+ assert( pOp->p1+pOp->p2<=(p->nMem-p->nCursor)+1 );
+
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+ /* Run the progress counter just before returning.
+ */
+ if( db->xProgress!=0
+ && nVmStep>=nProgressLimit
+ && db->xProgress(db->pProgressArg)!=0
+ ){
+ rc = SQLITE_INTERRUPT;
+ goto vdbe_error_halt;
+ }
+#endif
+
+ /* If this statement has violated immediate foreign key constraints, do
+ ** not return the number of rows modified. And do not RELEASE the statement
+ ** transaction. It needs to be rolled back. */
+ if( SQLITE_OK!=(rc = sqlite3VdbeCheckFk(p, 0)) ){
+ assert( db->flags&SQLITE_CountRows );
+ assert( p->usesStmtJournal );
+ break;
+ }
+
+ /* If the SQLITE_CountRows flag is set in sqlite3.flags mask, then
+ ** DML statements invoke this opcode to return the number of rows
+ ** modified to the user. This is the only way that a VM that
+ ** opens a statement transaction may invoke this opcode.
+ **
+ ** In case this is such a statement, close any statement transaction
+ ** opened by this VM before returning control to the user. This is to
+ ** ensure that statement-transactions are always nested, not overlapping.
+ ** If the open statement-transaction is not closed here, then the user
+ ** may step another VM that opens its own statement transaction. This
+ ** may lead to overlapping statement transactions.
+ **
+ ** The statement transaction is never a top-level transaction. Hence
+ ** the RELEASE call below can never fail.
+ */
+ assert( p->iStatement==0 || db->flags&SQLITE_CountRows );
+ rc = sqlite3VdbeCloseStatement(p, SAVEPOINT_RELEASE);
+ if( NEVER(rc!=SQLITE_OK) ){
+ break;
+ }
+
+ /* Invalidate all ephemeral cursor row caches */
+ p->cacheCtr = (p->cacheCtr + 2)|1;
+
+ /* Make sure the results of the current row are \000 terminated
+ ** and have an assigned type. The results are de-ephemeralized as
+ ** a side effect.
+ */
+ pMem = p->pResultSet = &aMem[pOp->p1];
+ for(i=0; i<pOp->p2; i++){
+ assert( memIsValid(&pMem[i]) );
+ Deephemeralize(&pMem[i]);
+ assert( (pMem[i].flags & MEM_Ephem)==0
+ || (pMem[i].flags & (MEM_Str|MEM_Blob))==0 );
+ sqlite3VdbeMemNulTerminate(&pMem[i]);
+ REGISTER_TRACE(pOp->p1+i, &pMem[i]);
+ }
+ if( db->mallocFailed ) goto no_mem;
+
+ /* Return SQLITE_ROW
+ */
+ p->pc = (int)(pOp - aOp) + 1;
+ rc = SQLITE_ROW;
+ goto vdbe_return;
+}
+
+/* Opcode: Concat P1 P2 P3 * *
+** Synopsis: r[P3]=r[P2]+r[P1]
+**
+** Add the text in register P1 onto the end of the text in
+** register P2 and store the result in register P3.
+** If either the P1 or P2 text are NULL then store NULL in P3.
+**
+** P3 = P2 || P1
+**
+** It is illegal for P1 and P3 to be the same register. Sometimes,
+** if P3 is the same register as P2, the implementation is able
+** to avoid a memcpy().
+*/
+case OP_Concat: { /* same as TK_CONCAT, in1, in2, out3 */
+ i64 nByte;
+
+ pIn1 = &aMem[pOp->p1];
+ pIn2 = &aMem[pOp->p2];
+ pOut = &aMem[pOp->p3];
+ assert( pIn1!=pOut );
+ if( (pIn1->flags | pIn2->flags) & MEM_Null ){
+ sqlite3VdbeMemSetNull(pOut);
+ break;
+ }
+ if( ExpandBlob(pIn1) || ExpandBlob(pIn2) ) goto no_mem;
+ Stringify(pIn1, encoding);
+ Stringify(pIn2, encoding);
+ nByte = pIn1->n + pIn2->n;
+ if( nByte>db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ goto too_big;
+ }
+ if( sqlite3VdbeMemGrow(pOut, (int)nByte+2, pOut==pIn2) ){
+ goto no_mem;
+ }
+ MemSetTypeFlag(pOut, MEM_Str);
+ if( pOut!=pIn2 ){
+ memcpy(pOut->z, pIn2->z, pIn2->n);
+ }
+ memcpy(&pOut->z[pIn2->n], pIn1->z, pIn1->n);
+ pOut->z[nByte]=0;
+ pOut->z[nByte+1] = 0;
+ pOut->flags |= MEM_Term;
+ pOut->n = (int)nByte;
+ pOut->enc = encoding;
+ UPDATE_MAX_BLOBSIZE(pOut);
+ break;
+}
+
+/* Opcode: Add P1 P2 P3 * *
+** Synopsis: r[P3]=r[P1]+r[P2]
+**
+** Add the value in register P1 to the value in register P2
+** and store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+/* Opcode: Multiply P1 P2 P3 * *
+** Synopsis: r[P3]=r[P1]*r[P2]
+**
+**
+** Multiply the value in register P1 by the value in register P2
+** and store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+/* Opcode: Subtract P1 P2 P3 * *
+** Synopsis: r[P3]=r[P2]-r[P1]
+**
+** Subtract the value in register P1 from the value in register P2
+** and store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+/* Opcode: Divide P1 P2 P3 * *
+** Synopsis: r[P3]=r[P2]/r[P1]
+**
+** Divide the value in register P1 by the value in register P2
+** and store the result in register P3 (P3=P2/P1). If the value in
+** register P1 is zero, then the result is NULL. If either input is
+** NULL, the result is NULL.
+*/
+/* Opcode: Remainder P1 P2 P3 * *
+** Synopsis: r[P3]=r[P2]%r[P1]
+**
+** Compute the remainder after integer register P2 is divided by
+** register P1 and store the result in register P3.
+** If the value in register P1 is zero the result is NULL.
+** If either operand is NULL, the result is NULL.
+*/
+case OP_Add: /* same as TK_PLUS, in1, in2, out3 */
+case OP_Subtract: /* same as TK_MINUS, in1, in2, out3 */
+case OP_Multiply: /* same as TK_STAR, in1, in2, out3 */
+case OP_Divide: /* same as TK_SLASH, in1, in2, out3 */
+case OP_Remainder: { /* same as TK_REM, in1, in2, out3 */
+ char bIntint; /* Started out as two integer operands */
+ u16 flags; /* Combined MEM_* flags from both inputs */
+ u16 type1; /* Numeric type of left operand */
+ u16 type2; /* Numeric type of right operand */
+ i64 iA; /* Integer value of left operand */
+ i64 iB; /* Integer value of right operand */
+ double rA; /* Real value of left operand */
+ double rB; /* Real value of right operand */
+
+ pIn1 = &aMem[pOp->p1];
+ type1 = numericType(pIn1);
+ pIn2 = &aMem[pOp->p2];
+ type2 = numericType(pIn2);
+ pOut = &aMem[pOp->p3];
+ flags = pIn1->flags | pIn2->flags;
+ if( (flags & MEM_Null)!=0 ) goto arithmetic_result_is_null;
+ if( (type1 & type2 & MEM_Int)!=0 ){
+ iA = pIn1->u.i;
+ iB = pIn2->u.i;
+ bIntint = 1;
+ switch( pOp->opcode ){
+ case OP_Add: if( sqlite3AddInt64(&iB,iA) ) goto fp_math; break;
+ case OP_Subtract: if( sqlite3SubInt64(&iB,iA) ) goto fp_math; break;
+ case OP_Multiply: if( sqlite3MulInt64(&iB,iA) ) goto fp_math; break;
+ case OP_Divide: {
+ if( iA==0 ) goto arithmetic_result_is_null;
+ if( iA==-1 && iB==SMALLEST_INT64 ) goto fp_math;
+ iB /= iA;
+ break;
+ }
+ default: {
+ if( iA==0 ) goto arithmetic_result_is_null;
+ if( iA==-1 ) iA = 1;
+ iB %= iA;
+ break;
+ }
+ }
+ pOut->u.i = iB;
+ MemSetTypeFlag(pOut, MEM_Int);
+ }else{
+ bIntint = 0;
+fp_math:
+ rA = sqlite3VdbeRealValue(pIn1);
+ rB = sqlite3VdbeRealValue(pIn2);
+ switch( pOp->opcode ){
+ case OP_Add: rB += rA; break;
+ case OP_Subtract: rB -= rA; break;
+ case OP_Multiply: rB *= rA; break;
+ case OP_Divide: {
+ /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
+ if( rA==(double)0 ) goto arithmetic_result_is_null;
+ rB /= rA;
+ break;
+ }
+ default: {
+ iA = (i64)rA;
+ iB = (i64)rB;
+ if( iA==0 ) goto arithmetic_result_is_null;
+ if( iA==-1 ) iA = 1;
+ rB = (double)(iB % iA);
+ break;
+ }
+ }
+#ifdef SQLITE_OMIT_FLOATING_POINT
+ pOut->u.i = rB;
+ MemSetTypeFlag(pOut, MEM_Int);
+#else
+ if( sqlite3IsNaN(rB) ){
+ goto arithmetic_result_is_null;
+ }
+ pOut->u.r = rB;
+ MemSetTypeFlag(pOut, MEM_Real);
+ if( ((type1|type2)&MEM_Real)==0 && !bIntint ){
+ sqlite3VdbeIntegerAffinity(pOut);
+ }
+#endif
+ }
+ break;
+
+arithmetic_result_is_null:
+ sqlite3VdbeMemSetNull(pOut);
+ break;
+}
+
+/* Opcode: CollSeq P1 * * P4
+**
+** P4 is a pointer to a CollSeq struct. If the next call to a user function
+** or aggregate calls sqlite3GetFuncCollSeq(), this collation sequence will
+** be returned. This is used by the built-in min(), max() and nullif()
+** functions.
+**
+** If P1 is not zero, then it is a register that a subsequent min() or
+** max() aggregate will set to 1 if the current row is not the minimum or
+** maximum. The P1 register is initialized to 0 by this instruction.
+**
+** The interface used by the implementation of the aforementioned functions
+** to retrieve the collation sequence set by this opcode is not available
+** publicly. Only built-in functions have access to this feature.
+*/
+case OP_CollSeq: {
+ assert( pOp->p4type==P4_COLLSEQ );
+ if( pOp->p1 ){
+ sqlite3VdbeMemSetInt64(&aMem[pOp->p1], 0);
+ }
+ break;
+}
+
+/* Opcode: Function0 P1 P2 P3 P4 P5
+** Synopsis: r[P3]=func(r[P2@P5])
+**
+** Invoke a user function (P4 is a pointer to a FuncDef object that
+** defines the function) with P5 arguments taken from register P2 and
+** successors. The result of the function is stored in register P3.
+** Register P3 must not be one of the function inputs.
+**
+** P1 is a 32-bit bitmask indicating whether or not each argument to the
+** function was determined to be constant at compile time. If the first
+** argument was constant then bit 0 of P1 is set. This is used to determine
+** whether meta data associated with a user function argument using the
+** sqlite3_set_auxdata() API may be safely retained until the next
+** invocation of this opcode.
+**
+** See also: Function, AggStep, AggFinal
+*/
+/* Opcode: Function P1 P2 P3 P4 P5
+** Synopsis: r[P3]=func(r[P2@P5])
+**
+** Invoke a user function (P4 is a pointer to an sqlite3_context object that
+** contains a pointer to the function to be run) with P5 arguments taken
+** from register P2 and successors. The result of the function is stored
+** in register P3. Register P3 must not be one of the function inputs.
+**
+** P1 is a 32-bit bitmask indicating whether or not each argument to the
+** function was determined to be constant at compile time. If the first
+** argument was constant then bit 0 of P1 is set. This is used to determine
+** whether meta data associated with a user function argument using the
+** sqlite3_set_auxdata() API may be safely retained until the next
+** invocation of this opcode.
+**
+** SQL functions are initially coded as OP_Function0 with P4 pointing
+** to a FuncDef object. But on first evaluation, the P4 operand is
+** automatically converted into an sqlite3_context object and the operation
+** changed to this OP_Function opcode. In this way, the initialization of
+** the sqlite3_context object occurs only once, rather than once for each
+** evaluation of the function.
+**
+** See also: Function0, AggStep, AggFinal
+*/
+case OP_Function0: {
+ int n;
+ sqlite3_context *pCtx;
+
+ assert( pOp->p4type==P4_FUNCDEF );
+ n = pOp->p5;
+ assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
+ assert( n==0 || (pOp->p2>0 && pOp->p2+n<=(p->nMem-p->nCursor)+1) );
+ assert( pOp->p3<pOp->p2 || pOp->p3>=pOp->p2+n );
+ pCtx = sqlite3DbMallocRaw(db, sizeof(*pCtx) + (n-1)*sizeof(sqlite3_value*));
+ if( pCtx==0 ) goto no_mem;
+ pCtx->pOut = 0;
+ pCtx->pFunc = pOp->p4.pFunc;
+ pCtx->iOp = (int)(pOp - aOp);
+ pCtx->pVdbe = p;
+ pCtx->argc = n;
+ pOp->p4type = P4_FUNCCTX;
+ pOp->p4.pCtx = pCtx;
+ pOp->opcode = OP_Function;
+ /* Fall through into OP_Function */
+}
+case OP_Function: {
+ int i;
+ sqlite3_context *pCtx;
+
+ assert( pOp->p4type==P4_FUNCCTX );
+ pCtx = pOp->p4.pCtx;
+
+ /* If this function is inside of a trigger, the register array in aMem[]
+ ** might change from one evaluation to the next. The next block of code
+ ** checks to see if the register array has changed, and if so it
+ ** reinitializes the relavant parts of the sqlite3_context object */
+ pOut = &aMem[pOp->p3];
+ if( pCtx->pOut != pOut ){
+ pCtx->pOut = pOut;
+ for(i=pCtx->argc-1; i>=0; i--) pCtx->argv[i] = &aMem[pOp->p2+i];
+ }
+
+ memAboutToChange(p, pCtx->pOut);
+#ifdef SQLITE_DEBUG
+ for(i=0; i<pCtx->argc; i++){
+ assert( memIsValid(pCtx->argv[i]) );
+ REGISTER_TRACE(pOp->p2+i, pCtx->argv[i]);
+ }
+#endif
+ MemSetTypeFlag(pCtx->pOut, MEM_Null);
+ pCtx->fErrorOrAux = 0;
+ db->lastRowid = lastRowid;
+ (*pCtx->pFunc->xFunc)(pCtx, pCtx->argc, pCtx->argv); /* IMP: R-24505-23230 */
+ lastRowid = db->lastRowid; /* Remember rowid changes made by xFunc */
+
+ /* If the function returned an error, throw an exception */
+ if( pCtx->fErrorOrAux ){
+ if( pCtx->isError ){
+ sqlite3VdbeError(p, "%s", sqlite3_value_text(pCtx->pOut));
+ rc = pCtx->isError;
+ }
+ sqlite3VdbeDeleteAuxData(p, pCtx->iOp, pOp->p1);
+ }
+
+ /* Copy the result of the function into register P3 */
+ if( pOut->flags & (MEM_Str|MEM_Blob) ){
+ sqlite3VdbeChangeEncoding(pCtx->pOut, encoding);
+ if( sqlite3VdbeMemTooBig(pCtx->pOut) ) goto too_big;
+ }
+
+ REGISTER_TRACE(pOp->p3, pCtx->pOut);
+ UPDATE_MAX_BLOBSIZE(pCtx->pOut);
+ break;
+}
+
+/* Opcode: BitAnd P1 P2 P3 * *
+** Synopsis: r[P3]=r[P1]&r[P2]
+**
+** Take the bit-wise AND of the values in register P1 and P2 and
+** store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+/* Opcode: BitOr P1 P2 P3 * *
+** Synopsis: r[P3]=r[P1]|r[P2]
+**
+** Take the bit-wise OR of the values in register P1 and P2 and
+** store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+/* Opcode: ShiftLeft P1 P2 P3 * *
+** Synopsis: r[P3]=r[P2]<<r[P1]
+**
+** Shift the integer value in register P2 to the left by the
+** number of bits specified by the integer in register P1.
+** Store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+/* Opcode: ShiftRight P1 P2 P3 * *
+** Synopsis: r[P3]=r[P2]>>r[P1]
+**
+** Shift the integer value in register P2 to the right by the
+** number of bits specified by the integer in register P1.
+** Store the result in register P3.
+** If either input is NULL, the result is NULL.
+*/
+case OP_BitAnd: /* same as TK_BITAND, in1, in2, out3 */
+case OP_BitOr: /* same as TK_BITOR, in1, in2, out3 */
+case OP_ShiftLeft: /* same as TK_LSHIFT, in1, in2, out3 */
+case OP_ShiftRight: { /* same as TK_RSHIFT, in1, in2, out3 */
+ i64 iA;
+ u64 uA;
+ i64 iB;
+ u8 op;
+
+ pIn1 = &aMem[pOp->p1];
+ pIn2 = &aMem[pOp->p2];
+ pOut = &aMem[pOp->p3];
+ if( (pIn1->flags | pIn2->flags) & MEM_Null ){
+ sqlite3VdbeMemSetNull(pOut);
+ break;
+ }
+ iA = sqlite3VdbeIntValue(pIn2);
+ iB = sqlite3VdbeIntValue(pIn1);
+ op = pOp->opcode;
+ if( op==OP_BitAnd ){
+ iA &= iB;
+ }else if( op==OP_BitOr ){
+ iA |= iB;
+ }else if( iB!=0 ){
+ assert( op==OP_ShiftRight || op==OP_ShiftLeft );
+
+ /* If shifting by a negative amount, shift in the other direction */
+ if( iB<0 ){
+ assert( OP_ShiftRight==OP_ShiftLeft+1 );
+ op = 2*OP_ShiftLeft + 1 - op;
+ iB = iB>(-64) ? -iB : 64;
+ }
+
+ if( iB>=64 ){
+ iA = (iA>=0 || op==OP_ShiftLeft) ? 0 : -1;
+ }else{
+ memcpy(&uA, &iA, sizeof(uA));
+ if( op==OP_ShiftLeft ){
+ uA <<= iB;
+ }else{
+ uA >>= iB;
+ /* Sign-extend on a right shift of a negative number */
+ if( iA<0 ) uA |= ((((u64)0xffffffff)<<32)|0xffffffff) << (64-iB);
+ }
+ memcpy(&iA, &uA, sizeof(iA));
+ }
+ }
+ pOut->u.i = iA;
+ MemSetTypeFlag(pOut, MEM_Int);
+ break;
+}
+
+/* Opcode: AddImm P1 P2 * * *
+** Synopsis: r[P1]=r[P1]+P2
+**
+** Add the constant P2 to the value in register P1.
+** The result is always an integer.
+**
+** To force any register to be an integer, just add 0.
+*/
+case OP_AddImm: { /* in1 */
+ pIn1 = &aMem[pOp->p1];
+ memAboutToChange(p, pIn1);
+ sqlite3VdbeMemIntegerify(pIn1);
+ pIn1->u.i += pOp->p2;
+ break;
+}
+
+/* Opcode: MustBeInt P1 P2 * * *
+**
+** Force the value in register P1 to be an integer. If the value
+** in P1 is not an integer and cannot be converted into an integer
+** without data loss, then jump immediately to P2, or if P2==0
+** raise an SQLITE_MISMATCH exception.
+*/
+case OP_MustBeInt: { /* jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ if( (pIn1->flags & MEM_Int)==0 ){
+ applyAffinity(pIn1, SQLITE_AFF_NUMERIC, encoding);
+ VdbeBranchTaken((pIn1->flags&MEM_Int)==0, 2);
+ if( (pIn1->flags & MEM_Int)==0 ){
+ if( pOp->p2==0 ){
+ rc = SQLITE_MISMATCH;
+ goto abort_due_to_error;
+ }else{
+ goto jump_to_p2;
+ }
+ }
+ }
+ MemSetTypeFlag(pIn1, MEM_Int);
+ break;
+}
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/* Opcode: RealAffinity P1 * * * *
+**
+** If register P1 holds an integer convert it to a real value.
+**
+** This opcode is used when extracting information from a column that
+** has REAL affinity. Such column values may still be stored as
+** integers, for space efficiency, but after extraction we want them
+** to have only a real value.
+*/
+case OP_RealAffinity: { /* in1 */
+ pIn1 = &aMem[pOp->p1];
+ if( pIn1->flags & MEM_Int ){
+ sqlite3VdbeMemRealify(pIn1);
+ }
+ break;
+}
+#endif
+
+#ifndef SQLITE_OMIT_CAST
+/* Opcode: Cast P1 P2 * * *
+** Synopsis: affinity(r[P1])
+**
+** Force the value in register P1 to be the type defined by P2.
+**
+** <ul>
+** <li value="97"> TEXT
+** <li value="98"> BLOB
+** <li value="99"> NUMERIC
+** <li value="100"> INTEGER
+** <li value="101"> REAL
+** </ul>
+**
+** A NULL value is not changed by this routine. It remains NULL.
+*/
+case OP_Cast: { /* in1 */
+ assert( pOp->p2>=SQLITE_AFF_BLOB && pOp->p2<=SQLITE_AFF_REAL );
+ testcase( pOp->p2==SQLITE_AFF_TEXT );
+ testcase( pOp->p2==SQLITE_AFF_BLOB );
+ testcase( pOp->p2==SQLITE_AFF_NUMERIC );
+ testcase( pOp->p2==SQLITE_AFF_INTEGER );
+ testcase( pOp->p2==SQLITE_AFF_REAL );
+ pIn1 = &aMem[pOp->p1];
+ memAboutToChange(p, pIn1);
+ rc = ExpandBlob(pIn1);
+ sqlite3VdbeMemCast(pIn1, pOp->p2, encoding);
+ UPDATE_MAX_BLOBSIZE(pIn1);
+ break;
+}
+#endif /* SQLITE_OMIT_CAST */
+
+/* Opcode: Lt P1 P2 P3 P4 P5
+** Synopsis: if r[P1]<r[P3] goto P2
+**
+** Compare the values in register P1 and P3. If reg(P3)<reg(P1) then
+** jump to address P2.
+**
+** If the SQLITE_JUMPIFNULL bit of P5 is set and either reg(P1) or
+** reg(P3) is NULL then take the jump. If the SQLITE_JUMPIFNULL
+** bit is clear then fall through if either operand is NULL.
+**
+** The SQLITE_AFF_MASK portion of P5 must be an affinity character -
+** SQLITE_AFF_TEXT, SQLITE_AFF_INTEGER, and so forth. An attempt is made
+** to coerce both inputs according to this affinity before the
+** comparison is made. If the SQLITE_AFF_MASK is 0x00, then numeric
+** affinity is used. Note that the affinity conversions are stored
+** back into the input registers P1 and P3. So this opcode can cause
+** persistent changes to registers P1 and P3.
+**
+** Once any conversions have taken place, and neither value is NULL,
+** the values are compared. If both values are blobs then memcmp() is
+** used to determine the results of the comparison. If both values
+** are text, then the appropriate collating function specified in
+** P4 is used to do the comparison. If P4 is not specified then
+** memcmp() is used to compare text string. If both values are
+** numeric, then a numeric comparison is used. If the two values
+** are of different types, then numbers are considered less than
+** strings and strings are considered less than blobs.
+**
+** If the SQLITE_STOREP2 bit of P5 is set, then do not jump. Instead,
+** store a boolean result (either 0, or 1, or NULL) in register P2.
+**
+** If the SQLITE_NULLEQ bit is set in P5, then NULL values are considered
+** equal to one another, provided that they do not have their MEM_Cleared
+** bit set.
+*/
+/* Opcode: Ne P1 P2 P3 P4 P5
+** Synopsis: if r[P1]!=r[P3] goto P2
+**
+** This works just like the Lt opcode except that the jump is taken if
+** the operands in registers P1 and P3 are not equal. See the Lt opcode for
+** additional information.
+**
+** If SQLITE_NULLEQ is set in P5 then the result of comparison is always either
+** true or false and is never NULL. If both operands are NULL then the result
+** of comparison is false. If either operand is NULL then the result is true.
+** If neither operand is NULL the result is the same as it would be if
+** the SQLITE_NULLEQ flag were omitted from P5.
+*/
+/* Opcode: Eq P1 P2 P3 P4 P5
+** Synopsis: if r[P1]==r[P3] goto P2
+**
+** This works just like the Lt opcode except that the jump is taken if
+** the operands in registers P1 and P3 are equal.
+** See the Lt opcode for additional information.
+**
+** If SQLITE_NULLEQ is set in P5 then the result of comparison is always either
+** true or false and is never NULL. If both operands are NULL then the result
+** of comparison is true. If either operand is NULL then the result is false.
+** If neither operand is NULL the result is the same as it would be if
+** the SQLITE_NULLEQ flag were omitted from P5.
+*/
+/* Opcode: Le P1 P2 P3 P4 P5
+** Synopsis: if r[P1]<=r[P3] goto P2
+**
+** This works just like the Lt opcode except that the jump is taken if
+** the content of register P3 is less than or equal to the content of
+** register P1. See the Lt opcode for additional information.
+*/
+/* Opcode: Gt P1 P2 P3 P4 P5
+** Synopsis: if r[P1]>r[P3] goto P2
+**
+** This works just like the Lt opcode except that the jump is taken if
+** the content of register P3 is greater than the content of
+** register P1. See the Lt opcode for additional information.
+*/
+/* Opcode: Ge P1 P2 P3 P4 P5
+** Synopsis: if r[P1]>=r[P3] goto P2
+**
+** This works just like the Lt opcode except that the jump is taken if
+** the content of register P3 is greater than or equal to the content of
+** register P1. See the Lt opcode for additional information.
+*/
+case OP_Eq: /* same as TK_EQ, jump, in1, in3 */
+case OP_Ne: /* same as TK_NE, jump, in1, in3 */
+case OP_Lt: /* same as TK_LT, jump, in1, in3 */
+case OP_Le: /* same as TK_LE, jump, in1, in3 */
+case OP_Gt: /* same as TK_GT, jump, in1, in3 */
+case OP_Ge: { /* same as TK_GE, jump, in1, in3 */
+ int res; /* Result of the comparison of pIn1 against pIn3 */
+ char affinity; /* Affinity to use for comparison */
+ u16 flags1; /* Copy of initial value of pIn1->flags */
+ u16 flags3; /* Copy of initial value of pIn3->flags */
+
+ pIn1 = &aMem[pOp->p1];
+ pIn3 = &aMem[pOp->p3];
+ flags1 = pIn1->flags;
+ flags3 = pIn3->flags;
+ if( (flags1 | flags3)&MEM_Null ){
+ /* One or both operands are NULL */
+ if( pOp->p5 & SQLITE_NULLEQ ){
+ /* If SQLITE_NULLEQ is set (which will only happen if the operator is
+ ** OP_Eq or OP_Ne) then take the jump or not depending on whether
+ ** or not both operands are null.
+ */
+ assert( pOp->opcode==OP_Eq || pOp->opcode==OP_Ne );
+ assert( (flags1 & MEM_Cleared)==0 );
+ assert( (pOp->p5 & SQLITE_JUMPIFNULL)==0 );
+ if( (flags1&MEM_Null)!=0
+ && (flags3&MEM_Null)!=0
+ && (flags3&MEM_Cleared)==0
+ ){
+ res = 0; /* Results are equal */
+ }else{
+ res = 1; /* Results are not equal */
+ }
+ }else{
+ /* SQLITE_NULLEQ is clear and at least one operand is NULL,
+ ** then the result is always NULL.
+ ** The jump is taken if the SQLITE_JUMPIFNULL bit is set.
+ */
+ if( pOp->p5 & SQLITE_STOREP2 ){
+ pOut = &aMem[pOp->p2];
+ memAboutToChange(p, pOut);
+ MemSetTypeFlag(pOut, MEM_Null);
+ REGISTER_TRACE(pOp->p2, pOut);
+ }else{
+ VdbeBranchTaken(2,3);
+ if( pOp->p5 & SQLITE_JUMPIFNULL ){
+ goto jump_to_p2;
+ }
+ }
+ break;
+ }
+ }else{
+ /* Neither operand is NULL. Do a comparison. */
+ affinity = pOp->p5 & SQLITE_AFF_MASK;
+ if( affinity>=SQLITE_AFF_NUMERIC ){
+ if( (flags1 & (MEM_Int|MEM_Real|MEM_Str))==MEM_Str ){
+ applyNumericAffinity(pIn1,0);
+ }
+ if( (flags3 & (MEM_Int|MEM_Real|MEM_Str))==MEM_Str ){
+ applyNumericAffinity(pIn3,0);
+ }
+ }else if( affinity==SQLITE_AFF_TEXT ){
+ if( (flags1 & MEM_Str)==0 && (flags1 & (MEM_Int|MEM_Real))!=0 ){
+ testcase( pIn1->flags & MEM_Int );
+ testcase( pIn1->flags & MEM_Real );
+ sqlite3VdbeMemStringify(pIn1, encoding, 1);
+ testcase( (flags1&MEM_Dyn) != (pIn1->flags&MEM_Dyn) );
+ flags1 = (pIn1->flags & ~MEM_TypeMask) | (flags1 & MEM_TypeMask);
+ }
+ if( (flags3 & MEM_Str)==0 && (flags3 & (MEM_Int|MEM_Real))!=0 ){
+ testcase( pIn3->flags & MEM_Int );
+ testcase( pIn3->flags & MEM_Real );
+ sqlite3VdbeMemStringify(pIn3, encoding, 1);
+ testcase( (flags3&MEM_Dyn) != (pIn3->flags&MEM_Dyn) );
+ flags3 = (pIn3->flags & ~MEM_TypeMask) | (flags3 & MEM_TypeMask);
+ }
+ }
+ assert( pOp->p4type==P4_COLLSEQ || pOp->p4.pColl==0 );
+ if( flags1 & MEM_Zero ){
+ sqlite3VdbeMemExpandBlob(pIn1);
+ flags1 &= ~MEM_Zero;
+ }
+ if( flags3 & MEM_Zero ){
+ sqlite3VdbeMemExpandBlob(pIn3);
+ flags3 &= ~MEM_Zero;
+ }
+ res = sqlite3MemCompare(pIn3, pIn1, pOp->p4.pColl);
+ }
+ switch( pOp->opcode ){
+ case OP_Eq: res = res==0; break;
+ case OP_Ne: res = res!=0; break;
+ case OP_Lt: res = res<0; break;
+ case OP_Le: res = res<=0; break;
+ case OP_Gt: res = res>0; break;
+ default: res = res>=0; break;
+ }
+
+ /* Undo any changes made by applyAffinity() to the input registers. */
+ assert( (pIn1->flags & MEM_Dyn) == (flags1 & MEM_Dyn) );
+ pIn1->flags = flags1;
+ assert( (pIn3->flags & MEM_Dyn) == (flags3 & MEM_Dyn) );
+ pIn3->flags = flags3;
+
+ if( pOp->p5 & SQLITE_STOREP2 ){
+ pOut = &aMem[pOp->p2];
+ memAboutToChange(p, pOut);
+ MemSetTypeFlag(pOut, MEM_Int);
+ pOut->u.i = res;
+ REGISTER_TRACE(pOp->p2, pOut);
+ }else{
+ VdbeBranchTaken(res!=0, (pOp->p5 & SQLITE_NULLEQ)?2:3);
+ if( res ){
+ goto jump_to_p2;
+ }
+ }
+ break;
+}
+
+/* Opcode: Permutation * * * P4 *
+**
+** Set the permutation used by the OP_Compare operator to be the array
+** of integers in P4.
+**
+** The permutation is only valid until the next OP_Compare that has
+** the OPFLAG_PERMUTE bit set in P5. Typically the OP_Permutation should
+** occur immediately prior to the OP_Compare.
+*/
+case OP_Permutation: {
+ assert( pOp->p4type==P4_INTARRAY );
+ assert( pOp->p4.ai );
+ aPermute = pOp->p4.ai;
+ break;
+}
+
+/* Opcode: Compare P1 P2 P3 P4 P5
+** Synopsis: r[P1@P3] <-> r[P2@P3]
+**
+** Compare two vectors of registers in reg(P1)..reg(P1+P3-1) (call this
+** vector "A") and in reg(P2)..reg(P2+P3-1) ("B"). Save the result of
+** the comparison for use by the next OP_Jump instruct.
+**
+** If P5 has the OPFLAG_PERMUTE bit set, then the order of comparison is
+** determined by the most recent OP_Permutation operator. If the
+** OPFLAG_PERMUTE bit is clear, then register are compared in sequential
+** order.
+**
+** P4 is a KeyInfo structure that defines collating sequences and sort
+** orders for the comparison. The permutation applies to registers
+** only. The KeyInfo elements are used sequentially.
+**
+** The comparison is a sort comparison, so NULLs compare equal,
+** NULLs are less than numbers, numbers are less than strings,
+** and strings are less than blobs.
+*/
+case OP_Compare: {
+ int n;
+ int i;
+ int p1;
+ int p2;
+ const KeyInfo *pKeyInfo;
+ int idx;
+ CollSeq *pColl; /* Collating sequence to use on this term */
+ int bRev; /* True for DESCENDING sort order */
+
+ if( (pOp->p5 & OPFLAG_PERMUTE)==0 ) aPermute = 0;
+ n = pOp->p3;
+ pKeyInfo = pOp->p4.pKeyInfo;
+ assert( n>0 );
+ assert( pKeyInfo!=0 );
+ p1 = pOp->p1;
+ p2 = pOp->p2;
+#if SQLITE_DEBUG
+ if( aPermute ){
+ int k, mx = 0;
+ for(k=0; k<n; k++) if( aPermute[k]>mx ) mx = aPermute[k];
+ assert( p1>0 && p1+mx<=(p->nMem-p->nCursor)+1 );
+ assert( p2>0 && p2+mx<=(p->nMem-p->nCursor)+1 );
+ }else{
+ assert( p1>0 && p1+n<=(p->nMem-p->nCursor)+1 );
+ assert( p2>0 && p2+n<=(p->nMem-p->nCursor)+1 );
+ }
+#endif /* SQLITE_DEBUG */
+ for(i=0; i<n; i++){
+ idx = aPermute ? aPermute[i] : i;
+ assert( memIsValid(&aMem[p1+idx]) );
+ assert( memIsValid(&aMem[p2+idx]) );
+ REGISTER_TRACE(p1+idx, &aMem[p1+idx]);
+ REGISTER_TRACE(p2+idx, &aMem[p2+idx]);
+ assert( i<pKeyInfo->nField );
+ pColl = pKeyInfo->aColl[i];
+ bRev = pKeyInfo->aSortOrder[i];
+ iCompare = sqlite3MemCompare(&aMem[p1+idx], &aMem[p2+idx], pColl);
+ if( iCompare ){
+ if( bRev ) iCompare = -iCompare;
+ break;
+ }
+ }
+ aPermute = 0;
+ break;
+}
+
+/* Opcode: Jump P1 P2 P3 * *
+**
+** Jump to the instruction at address P1, P2, or P3 depending on whether
+** in the most recent OP_Compare instruction the P1 vector was less than
+** equal to, or greater than the P2 vector, respectively.
+*/
+case OP_Jump: { /* jump */
+ if( iCompare<0 ){
+ VdbeBranchTaken(0,3); pOp = &aOp[pOp->p1 - 1];
+ }else if( iCompare==0 ){
+ VdbeBranchTaken(1,3); pOp = &aOp[pOp->p2 - 1];
+ }else{
+ VdbeBranchTaken(2,3); pOp = &aOp[pOp->p3 - 1];
+ }
+ break;
+}
+
+/* Opcode: And P1 P2 P3 * *
+** Synopsis: r[P3]=(r[P1] && r[P2])
+**
+** Take the logical AND of the values in registers P1 and P2 and
+** write the result into register P3.
+**
+** If either P1 or P2 is 0 (false) then the result is 0 even if
+** the other input is NULL. A NULL and true or two NULLs give
+** a NULL output.
+*/
+/* Opcode: Or P1 P2 P3 * *
+** Synopsis: r[P3]=(r[P1] || r[P2])
+**
+** Take the logical OR of the values in register P1 and P2 and
+** store the answer in register P3.
+**
+** If either P1 or P2 is nonzero (true) then the result is 1 (true)
+** even if the other input is NULL. A NULL and false or two NULLs
+** give a NULL output.
+*/
+case OP_And: /* same as TK_AND, in1, in2, out3 */
+case OP_Or: { /* same as TK_OR, in1, in2, out3 */
+ int v1; /* Left operand: 0==FALSE, 1==TRUE, 2==UNKNOWN or NULL */
+ int v2; /* Right operand: 0==FALSE, 1==TRUE, 2==UNKNOWN or NULL */
+
+ pIn1 = &aMem[pOp->p1];
+ if( pIn1->flags & MEM_Null ){
+ v1 = 2;
+ }else{
+ v1 = sqlite3VdbeIntValue(pIn1)!=0;
+ }
+ pIn2 = &aMem[pOp->p2];
+ if( pIn2->flags & MEM_Null ){
+ v2 = 2;
+ }else{
+ v2 = sqlite3VdbeIntValue(pIn2)!=0;
+ }
+ if( pOp->opcode==OP_And ){
+ static const unsigned char and_logic[] = { 0, 0, 0, 0, 1, 2, 0, 2, 2 };
+ v1 = and_logic[v1*3+v2];
+ }else{
+ static const unsigned char or_logic[] = { 0, 1, 2, 1, 1, 1, 2, 1, 2 };
+ v1 = or_logic[v1*3+v2];
+ }
+ pOut = &aMem[pOp->p3];
+ if( v1==2 ){
+ MemSetTypeFlag(pOut, MEM_Null);
+ }else{
+ pOut->u.i = v1;
+ MemSetTypeFlag(pOut, MEM_Int);
+ }
+ break;
+}
+
+/* Opcode: Not P1 P2 * * *
+** Synopsis: r[P2]= !r[P1]
+**
+** Interpret the value in register P1 as a boolean value. Store the
+** boolean complement in register P2. If the value in register P1 is
+** NULL, then a NULL is stored in P2.
+*/
+case OP_Not: { /* same as TK_NOT, in1, out2 */
+ pIn1 = &aMem[pOp->p1];
+ pOut = &aMem[pOp->p2];
+ sqlite3VdbeMemSetNull(pOut);
+ if( (pIn1->flags & MEM_Null)==0 ){
+ pOut->flags = MEM_Int;
+ pOut->u.i = !sqlite3VdbeIntValue(pIn1);
+ }
+ break;
+}
+
+/* Opcode: BitNot P1 P2 * * *
+** Synopsis: r[P1]= ~r[P1]
+**
+** Interpret the content of register P1 as an integer. Store the
+** ones-complement of the P1 value into register P2. If P1 holds
+** a NULL then store a NULL in P2.
+*/
+case OP_BitNot: { /* same as TK_BITNOT, in1, out2 */
+ pIn1 = &aMem[pOp->p1];
+ pOut = &aMem[pOp->p2];
+ sqlite3VdbeMemSetNull(pOut);
+ if( (pIn1->flags & MEM_Null)==0 ){
+ pOut->flags = MEM_Int;
+ pOut->u.i = ~sqlite3VdbeIntValue(pIn1);
+ }
+ break;
+}
+
+/* Opcode: Once P1 P2 * * *
+**
+** Check the "once" flag number P1. If it is set, jump to instruction P2.
+** Otherwise, set the flag and fall through to the next instruction.
+** In other words, this opcode causes all following opcodes up through P2
+** (but not including P2) to run just once and to be skipped on subsequent
+** times through the loop.
+**
+** All "once" flags are initially cleared whenever a prepared statement
+** first begins to run.
+*/
+case OP_Once: { /* jump */
+ assert( pOp->p1<p->nOnceFlag );
+ VdbeBranchTaken(p->aOnceFlag[pOp->p1]!=0, 2);
+ if( p->aOnceFlag[pOp->p1] ){
+ goto jump_to_p2;
+ }else{
+ p->aOnceFlag[pOp->p1] = 1;
+ }
+ break;
+}
+
+/* Opcode: If P1 P2 P3 * *
+**
+** Jump to P2 if the value in register P1 is true. The value
+** is considered true if it is numeric and non-zero. If the value
+** in P1 is NULL then take the jump if and only if P3 is non-zero.
+*/
+/* Opcode: IfNot P1 P2 P3 * *
+**
+** Jump to P2 if the value in register P1 is False. The value
+** is considered false if it has a numeric value of zero. If the value
+** in P1 is NULL then take the jump if and only if P3 is non-zero.
+*/
+case OP_If: /* jump, in1 */
+case OP_IfNot: { /* jump, in1 */
+ int c;
+ pIn1 = &aMem[pOp->p1];
+ if( pIn1->flags & MEM_Null ){
+ c = pOp->p3;
+ }else{
+#ifdef SQLITE_OMIT_FLOATING_POINT
+ c = sqlite3VdbeIntValue(pIn1)!=0;
+#else
+ c = sqlite3VdbeRealValue(pIn1)!=0.0;
+#endif
+ if( pOp->opcode==OP_IfNot ) c = !c;
+ }
+ VdbeBranchTaken(c!=0, 2);
+ if( c ){
+ goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: IsNull P1 P2 * * *
+** Synopsis: if r[P1]==NULL goto P2
+**
+** Jump to P2 if the value in register P1 is NULL.
+*/
+case OP_IsNull: { /* same as TK_ISNULL, jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ VdbeBranchTaken( (pIn1->flags & MEM_Null)!=0, 2);
+ if( (pIn1->flags & MEM_Null)!=0 ){
+ goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: NotNull P1 P2 * * *
+** Synopsis: if r[P1]!=NULL goto P2
+**
+** Jump to P2 if the value in register P1 is not NULL.
+*/
+case OP_NotNull: { /* same as TK_NOTNULL, jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ VdbeBranchTaken( (pIn1->flags & MEM_Null)==0, 2);
+ if( (pIn1->flags & MEM_Null)==0 ){
+ goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: Column P1 P2 P3 P4 P5
+** Synopsis: r[P3]=PX
+**
+** Interpret the data that cursor P1 points to as a structure built using
+** the MakeRecord instruction. (See the MakeRecord opcode for additional
+** information about the format of the data.) Extract the P2-th column
+** from this record. If there are less that (P2+1)
+** values in the record, extract a NULL.
+**
+** The value extracted is stored in register P3.
+**
+** If the column contains fewer than P2 fields, then extract a NULL. Or,
+** if the P4 argument is a P4_MEM use the value of the P4 argument as
+** the result.
+**
+** If the OPFLAG_CLEARCACHE bit is set on P5 and P1 is a pseudo-table cursor,
+** then the cache of the cursor is reset prior to extracting the column.
+** The first OP_Column against a pseudo-table after the value of the content
+** register has changed should have this bit set.
+**
+** If the OPFLAG_LENGTHARG and OPFLAG_TYPEOFARG bits are set on P5 when
+** the result is guaranteed to only be used as the argument of a length()
+** or typeof() function, respectively. The loading of large blobs can be
+** skipped for length() and all content loading can be skipped for typeof().
+*/
+case OP_Column: {
+ i64 payloadSize64; /* Number of bytes in the record */
+ int p2; /* column number to retrieve */
+ VdbeCursor *pC; /* The VDBE cursor */
+ BtCursor *pCrsr; /* The BTree cursor */
+ u32 *aOffset; /* aOffset[i] is offset to start of data for i-th column */
+ int len; /* The length of the serialized data for the column */
+ int i; /* Loop counter */
+ Mem *pDest; /* Where to write the extracted value */
+ Mem sMem; /* For storing the record being decoded */
+ const u8 *zData; /* Part of the record being decoded */
+ const u8 *zHdr; /* Next unparsed byte of the header */
+ const u8 *zEndHdr; /* Pointer to first byte after the header */
+ u32 offset; /* Offset into the data */
+ u64 offset64; /* 64-bit offset */
+ u32 avail; /* Number of bytes of available data */
+ u32 t; /* A type code from the record header */
+ u16 fx; /* pDest->flags value */
+ Mem *pReg; /* PseudoTable input register */
+
+ p2 = pOp->p2;
+ assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
+ pDest = &aMem[pOp->p3];
+ memAboutToChange(p, pDest);
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( p2<pC->nField );
+ aOffset = pC->aOffset;
+ assert( pC->eCurType!=CURTYPE_VTAB );
+ assert( pC->eCurType!=CURTYPE_PSEUDO || pC->nullRow );
+ assert( pC->eCurType!=CURTYPE_SORTER );
+ pCrsr = pC->uc.pCursor;
+
+ /* If the cursor cache is stale, bring it up-to-date */
+ rc = sqlite3VdbeCursorMoveto(pC);
+ if( rc ) goto abort_due_to_error;
+ if( pC->cacheStatus!=p->cacheCtr ){
+ if( pC->nullRow ){
+ if( pC->eCurType==CURTYPE_PSEUDO ){
+ assert( pC->uc.pseudoTableReg>0 );
+ pReg = &aMem[pC->uc.pseudoTableReg];
+ assert( pReg->flags & MEM_Blob );
+ assert( memIsValid(pReg) );
+ pC->payloadSize = pC->szRow = avail = pReg->n;
+ pC->aRow = (u8*)pReg->z;
+ }else{
+ sqlite3VdbeMemSetNull(pDest);
+ goto op_column_out;
+ }
+ }else{
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pCrsr );
+ if( pC->isTable==0 ){
+ assert( sqlite3BtreeCursorIsValid(pCrsr) );
+ VVA_ONLY(rc =) sqlite3BtreeKeySize(pCrsr, &payloadSize64);
+ assert( rc==SQLITE_OK ); /* True because of CursorMoveto() call above */
+ /* sqlite3BtreeParseCellPtr() uses getVarint32() to extract the
+ ** payload size, so it is impossible for payloadSize64 to be
+ ** larger than 32 bits. */
+ assert( (payloadSize64 & SQLITE_MAX_U32)==(u64)payloadSize64 );
+ pC->aRow = sqlite3BtreeKeyFetch(pCrsr, &avail);
+ pC->payloadSize = (u32)payloadSize64;
+ }else{
+ assert( sqlite3BtreeCursorIsValid(pCrsr) );
+ VVA_ONLY(rc =) sqlite3BtreeDataSize(pCrsr, &pC->payloadSize);
+ assert( rc==SQLITE_OK ); /* DataSize() cannot fail */
+ pC->aRow = sqlite3BtreeDataFetch(pCrsr, &avail);
+ }
+ assert( avail<=65536 ); /* Maximum page size is 64KiB */
+ if( pC->payloadSize <= (u32)avail ){
+ pC->szRow = pC->payloadSize;
+ }else if( pC->payloadSize > (u32)db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ goto too_big;
+ }else{
+ pC->szRow = avail;
+ }
+ }
+ pC->cacheStatus = p->cacheCtr;
+ pC->iHdrOffset = getVarint32(pC->aRow, offset);
+ pC->nHdrParsed = 0;
+ aOffset[0] = offset;
+
+
+ if( avail<offset ){
+ /* pC->aRow does not have to hold the entire row, but it does at least
+ ** need to cover the header of the record. If pC->aRow does not contain
+ ** the complete header, then set it to zero, forcing the header to be
+ ** dynamically allocated. */
+ pC->aRow = 0;
+ pC->szRow = 0;
+
+ /* Make sure a corrupt database has not given us an oversize header.
+ ** Do this now to avoid an oversize memory allocation.
+ **
+ ** Type entries can be between 1 and 5 bytes each. But 4 and 5 byte
+ ** types use so much data space that there can only be 4096 and 32 of
+ ** them, respectively. So the maximum header length results from a
+ ** 3-byte type for each of the maximum of 32768 columns plus three
+ ** extra bytes for the header length itself. 32768*3 + 3 = 98307.
+ */
+ if( offset > 98307 || offset > pC->payloadSize ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto op_column_error;
+ }
+ }
+
+ /* The following goto is an optimization. It can be omitted and
+ ** everything will still work. But OP_Column is measurably faster
+ ** by skipping the subsequent conditional, which is always true.
+ */
+ assert( pC->nHdrParsed<=p2 ); /* Conditional skipped */
+ goto op_column_read_header;
+ }
+
+ /* Make sure at least the first p2+1 entries of the header have been
+ ** parsed and valid information is in aOffset[] and pC->aType[].
+ */
+ if( pC->nHdrParsed<=p2 ){
+ /* If there is more header available for parsing in the record, try
+ ** to extract additional fields up through the p2+1-th field
+ */
+ op_column_read_header:
+ if( pC->iHdrOffset<aOffset[0] ){
+ /* Make sure zData points to enough of the record to cover the header. */
+ if( pC->aRow==0 ){
+ memset(&sMem, 0, sizeof(sMem));
+ rc = sqlite3VdbeMemFromBtree(pCrsr, 0, aOffset[0], !pC->isTable, &sMem);
+ if( rc!=SQLITE_OK ) goto op_column_error;
+ zData = (u8*)sMem.z;
+ }else{
+ zData = pC->aRow;
+ }
+
+ /* Fill in pC->aType[i] and aOffset[i] values through the p2-th field. */
+ i = pC->nHdrParsed;
+ offset64 = aOffset[i];
+ zHdr = zData + pC->iHdrOffset;
+ zEndHdr = zData + aOffset[0];
+ assert( i<=p2 && zHdr<zEndHdr );
+ do{
+ if( (t = zHdr[0])<0x80 ){
+ zHdr++;
+ offset64 += sqlite3VdbeOneByteSerialTypeLen(t);
+ }else{
+ zHdr += sqlite3GetVarint32(zHdr, &t);
+ offset64 += sqlite3VdbeSerialTypeLen(t);
+ }
+ pC->aType[i++] = t;
+ aOffset[i] = (u32)(offset64 & 0xffffffff);
+ }while( i<=p2 && zHdr<zEndHdr );
+ pC->nHdrParsed = i;
+ pC->iHdrOffset = (u32)(zHdr - zData);
+ if( pC->aRow==0 ) sqlite3VdbeMemRelease(&sMem);
+
+ /* The record is corrupt if any of the following are true:
+ ** (1) the bytes of the header extend past the declared header size
+ ** (2) the entire header was used but not all data was used
+ ** (3) the end of the data extends beyond the end of the record.
+ */
+ if( (zHdr>=zEndHdr && (zHdr>zEndHdr || offset64!=pC->payloadSize))
+ || (offset64 > pC->payloadSize)
+ ){
+ rc = SQLITE_CORRUPT_BKPT;
+ goto op_column_error;
+ }
+ }else{
+ t = 0;
+ }
+
+ /* If after trying to extract new entries from the header, nHdrParsed is
+ ** still not up to p2, that means that the record has fewer than p2
+ ** columns. So the result will be either the default value or a NULL.
+ */
+ if( pC->nHdrParsed<=p2 ){
+ if( pOp->p4type==P4_MEM ){
+ sqlite3VdbeMemShallowCopy(pDest, pOp->p4.pMem, MEM_Static);
+ }else{
+ sqlite3VdbeMemSetNull(pDest);
+ }
+ goto op_column_out;
+ }
+ }else{
+ t = pC->aType[p2];
+ }
+
+ /* Extract the content for the p2+1-th column. Control can only
+ ** reach this point if aOffset[p2], aOffset[p2+1], and pC->aType[p2] are
+ ** all valid.
+ */
+ assert( p2<pC->nHdrParsed );
+ assert( rc==SQLITE_OK );
+ assert( sqlite3VdbeCheckMemInvariants(pDest) );
+ if( VdbeMemDynamic(pDest) ) sqlite3VdbeMemSetNull(pDest);
+ assert( t==pC->aType[p2] );
+ if( pC->szRow>=aOffset[p2+1] ){
+ /* This is the common case where the desired content fits on the original
+ ** page - where the content is not on an overflow page */
+ sqlite3VdbeSerialGet(pC->aRow+aOffset[p2], t, pDest);
+ }else{
+ /* This branch happens only when content is on overflow pages */
+ if( ((pOp->p5 & (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG))!=0
+ && ((t>=12 && (t&1)==0) || (pOp->p5 & OPFLAG_TYPEOFARG)!=0))
+ || (len = sqlite3VdbeSerialTypeLen(t))==0
+ ){
+ /* Content is irrelevant for
+ ** 1. the typeof() function,
+ ** 2. the length(X) function if X is a blob, and
+ ** 3. if the content length is zero.
+ ** So we might as well use bogus content rather than reading
+ ** content from disk. NULL will work for the value for strings
+ ** and blobs and whatever is in the payloadSize64 variable
+ ** will work for everything else. */
+ sqlite3VdbeSerialGet(t<=13 ? (u8*)&payloadSize64 : 0, t, pDest);
+ }else{
+ rc = sqlite3VdbeMemFromBtree(pCrsr, aOffset[p2], len, !pC->isTable,
+ pDest);
+ if( rc!=SQLITE_OK ){
+ goto op_column_error;
+ }
+ sqlite3VdbeSerialGet((const u8*)pDest->z, t, pDest);
+ pDest->flags &= ~MEM_Ephem;
+ }
+ }
+ pDest->enc = encoding;
+
+op_column_out:
+ /* If the column value is an ephemeral string, go ahead and persist
+ ** that string in case the cursor moves before the column value is
+ ** used. The following code does the equivalent of Deephemeralize()
+ ** but does it faster. */
+ if( (pDest->flags & MEM_Ephem)!=0 && pDest->z ){
+ fx = pDest->flags & (MEM_Str|MEM_Blob);
+ assert( fx!=0 );
+ zData = (const u8*)pDest->z;
+ len = pDest->n;
+ if( sqlite3VdbeMemClearAndResize(pDest, len+2) ) goto no_mem;
+ memcpy(pDest->z, zData, len);
+ pDest->z[len] = 0;
+ pDest->z[len+1] = 0;
+ pDest->flags = fx|MEM_Term;
+ }
+op_column_error:
+ UPDATE_MAX_BLOBSIZE(pDest);
+ REGISTER_TRACE(pOp->p3, pDest);
+ break;
+}
+
+/* Opcode: Affinity P1 P2 * P4 *
+** Synopsis: affinity(r[P1@P2])
+**
+** Apply affinities to a range of P2 registers starting with P1.
+**
+** P4 is a string that is P2 characters long. The nth character of the
+** string indicates the column affinity that should be used for the nth
+** memory cell in the range.
+*/
+case OP_Affinity: {
+ const char *zAffinity; /* The affinity to be applied */
+ char cAff; /* A single character of affinity */
+
+ zAffinity = pOp->p4.z;
+ assert( zAffinity!=0 );
+ assert( zAffinity[pOp->p2]==0 );
+ pIn1 = &aMem[pOp->p1];
+ while( (cAff = *(zAffinity++))!=0 ){
+ assert( pIn1 <= &p->aMem[(p->nMem-p->nCursor)] );
+ assert( memIsValid(pIn1) );
+ applyAffinity(pIn1, cAff, encoding);
+ pIn1++;
+ }
+ break;
+}
+
+/* Opcode: MakeRecord P1 P2 P3 P4 *
+** Synopsis: r[P3]=mkrec(r[P1@P2])
+**
+** Convert P2 registers beginning with P1 into the [record format]
+** use as a data record in a database table or as a key
+** in an index. The OP_Column opcode can decode the record later.
+**
+** P4 may be a string that is P2 characters long. The nth character of the
+** string indicates the column affinity that should be used for the nth
+** field of the index key.
+**
+** The mapping from character to affinity is given by the SQLITE_AFF_
+** macros defined in sqliteInt.h.
+**
+** If P4 is NULL then all index fields have the affinity BLOB.
+*/
+case OP_MakeRecord: {
+ u8 *zNewRecord; /* A buffer to hold the data for the new record */
+ Mem *pRec; /* The new record */
+ u64 nData; /* Number of bytes of data space */
+ int nHdr; /* Number of bytes of header space */
+ i64 nByte; /* Data space required for this record */
+ i64 nZero; /* Number of zero bytes at the end of the record */
+ int nVarint; /* Number of bytes in a varint */
+ u32 serial_type; /* Type field */
+ Mem *pData0; /* First field to be combined into the record */
+ Mem *pLast; /* Last field of the record */
+ int nField; /* Number of fields in the record */
+ char *zAffinity; /* The affinity string for the record */
+ int file_format; /* File format to use for encoding */
+ int i; /* Space used in zNewRecord[] header */
+ int j; /* Space used in zNewRecord[] content */
+ u32 len; /* Length of a field */
+
+ /* Assuming the record contains N fields, the record format looks
+ ** like this:
+ **
+ ** ------------------------------------------------------------------------
+ ** | hdr-size | type 0 | type 1 | ... | type N-1 | data0 | ... | data N-1 |
+ ** ------------------------------------------------------------------------
+ **
+ ** Data(0) is taken from register P1. Data(1) comes from register P1+1
+ ** and so forth.
+ **
+ ** Each type field is a varint representing the serial type of the
+ ** corresponding data element (see sqlite3VdbeSerialType()). The
+ ** hdr-size field is also a varint which is the offset from the beginning
+ ** of the record to data0.
+ */
+ nData = 0; /* Number of bytes of data space */
+ nHdr = 0; /* Number of bytes of header space */
+ nZero = 0; /* Number of zero bytes at the end of the record */
+ nField = pOp->p1;
+ zAffinity = pOp->p4.z;
+ assert( nField>0 && pOp->p2>0 && pOp->p2+nField<=(p->nMem-p->nCursor)+1 );
+ pData0 = &aMem[nField];
+ nField = pOp->p2;
+ pLast = &pData0[nField-1];
+ file_format = p->minWriteFileFormat;
+
+ /* Identify the output register */
+ assert( pOp->p3<pOp->p1 || pOp->p3>=pOp->p1+pOp->p2 );
+ pOut = &aMem[pOp->p3];
+ memAboutToChange(p, pOut);
+
+ /* Apply the requested affinity to all inputs
+ */
+ assert( pData0<=pLast );
+ if( zAffinity ){
+ pRec = pData0;
+ do{
+ applyAffinity(pRec++, *(zAffinity++), encoding);
+ assert( zAffinity[0]==0 || pRec<=pLast );
+ }while( zAffinity[0] );
+ }
+
+ /* Loop through the elements that will make up the record to figure
+ ** out how much space is required for the new record.
+ */
+ pRec = pLast;
+ do{
+ assert( memIsValid(pRec) );
+ pRec->uTemp = serial_type = sqlite3VdbeSerialType(pRec, file_format, &len);
+ if( pRec->flags & MEM_Zero ){
+ if( nData ){
+ if( sqlite3VdbeMemExpandBlob(pRec) ) goto no_mem;
+ }else{
+ nZero += pRec->u.nZero;
+ len -= pRec->u.nZero;
+ }
+ }
+ nData += len;
+ testcase( serial_type==127 );
+ testcase( serial_type==128 );
+ nHdr += serial_type<=127 ? 1 : sqlite3VarintLen(serial_type);
+ }while( (--pRec)>=pData0 );
+
+ /* EVIDENCE-OF: R-22564-11647 The header begins with a single varint
+ ** which determines the total number of bytes in the header. The varint
+ ** value is the size of the header in bytes including the size varint
+ ** itself. */
+ testcase( nHdr==126 );
+ testcase( nHdr==127 );
+ if( nHdr<=126 ){
+ /* The common case */
+ nHdr += 1;
+ }else{
+ /* Rare case of a really large header */
+ nVarint = sqlite3VarintLen(nHdr);
+ nHdr += nVarint;
+ if( nVarint<sqlite3VarintLen(nHdr) ) nHdr++;
+ }
+ nByte = nHdr+nData;
+ if( nByte+nZero>db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ goto too_big;
+ }
+
+ /* Make sure the output register has a buffer large enough to store
+ ** the new record. The output register (pOp->p3) is not allowed to
+ ** be one of the input registers (because the following call to
+ ** sqlite3VdbeMemClearAndResize() could clobber the value before it is used).
+ */
+ if( sqlite3VdbeMemClearAndResize(pOut, (int)nByte) ){
+ goto no_mem;
+ }
+ zNewRecord = (u8 *)pOut->z;
+
+ /* Write the record */
+ i = putVarint32(zNewRecord, nHdr);
+ j = nHdr;
+ assert( pData0<=pLast );
+ pRec = pData0;
+ do{
+ serial_type = pRec->uTemp;
+ /* EVIDENCE-OF: R-06529-47362 Following the size varint are one or more
+ ** additional varints, one per column. */
+ i += putVarint32(&zNewRecord[i], serial_type); /* serial type */
+ /* EVIDENCE-OF: R-64536-51728 The values for each column in the record
+ ** immediately follow the header. */
+ j += sqlite3VdbeSerialPut(&zNewRecord[j], pRec, serial_type); /* content */
+ }while( (++pRec)<=pLast );
+ assert( i==nHdr );
+ assert( j==nByte );
+
+ assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
+ pOut->n = (int)nByte;
+ pOut->flags = MEM_Blob;
+ if( nZero ){
+ pOut->u.nZero = nZero;
+ pOut->flags |= MEM_Zero;
+ }
+ pOut->enc = SQLITE_UTF8; /* In case the blob is ever converted to text */
+ REGISTER_TRACE(pOp->p3, pOut);
+ UPDATE_MAX_BLOBSIZE(pOut);
+ break;
+}
+
+/* Opcode: Count P1 P2 * * *
+** Synopsis: r[P2]=count()
+**
+** Store the number of entries (an integer value) in the table or index
+** opened by cursor P1 in register P2
+*/
+#ifndef SQLITE_OMIT_BTREECOUNT
+case OP_Count: { /* out2 */
+ i64 nEntry;
+ BtCursor *pCrsr;
+
+ assert( p->apCsr[pOp->p1]->eCurType==CURTYPE_BTREE );
+ pCrsr = p->apCsr[pOp->p1]->uc.pCursor;
+ assert( pCrsr );
+ nEntry = 0; /* Not needed. Only used to silence a warning. */
+ rc = sqlite3BtreeCount(pCrsr, &nEntry);
+ pOut = out2Prerelease(p, pOp);
+ pOut->u.i = nEntry;
+ break;
+}
+#endif
+
+/* Opcode: Savepoint P1 * * P4 *
+**
+** Open, release or rollback the savepoint named by parameter P4, depending
+** on the value of P1. To open a new savepoint, P1==0. To release (commit) an
+** existing savepoint, P1==1, or to rollback an existing savepoint P1==2.
+*/
+case OP_Savepoint: {
+ int p1; /* Value of P1 operand */
+ char *zName; /* Name of savepoint */
+ int nName;
+ Savepoint *pNew;
+ Savepoint *pSavepoint;
+ Savepoint *pTmp;
+ int iSavepoint;
+ int ii;
+
+ p1 = pOp->p1;
+ zName = pOp->p4.z;
+
+ /* Assert that the p1 parameter is valid. Also that if there is no open
+ ** transaction, then there cannot be any savepoints.
+ */
+ assert( db->pSavepoint==0 || db->autoCommit==0 );
+ assert( p1==SAVEPOINT_BEGIN||p1==SAVEPOINT_RELEASE||p1==SAVEPOINT_ROLLBACK );
+ assert( db->pSavepoint || db->isTransactionSavepoint==0 );
+ assert( checkSavepointCount(db) );
+ assert( p->bIsReader );
+
+ if( p1==SAVEPOINT_BEGIN ){
+ if( db->nVdbeWrite>0 ){
+ /* A new savepoint cannot be created if there are active write
+ ** statements (i.e. open read/write incremental blob handles).
+ */
+ sqlite3VdbeError(p, "cannot open savepoint - SQL statements in progress");
+ rc = SQLITE_BUSY;
+ }else{
+ nName = sqlite3Strlen30(zName);
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ /* This call is Ok even if this savepoint is actually a transaction
+ ** savepoint (and therefore should not prompt xSavepoint()) callbacks.
+ ** If this is a transaction savepoint being opened, it is guaranteed
+ ** that the db->aVTrans[] array is empty. */
+ assert( db->autoCommit==0 || db->nVTrans==0 );
+ rc = sqlite3VtabSavepoint(db, SAVEPOINT_BEGIN,
+ db->nStatement+db->nSavepoint);
+ if( rc!=SQLITE_OK ) goto abort_due_to_error;
+#endif
+
+ /* Create a new savepoint structure. */
+ pNew = sqlite3DbMallocRaw(db, sizeof(Savepoint)+nName+1);
+ if( pNew ){
+ pNew->zName = (char *)&pNew[1];
+ memcpy(pNew->zName, zName, nName+1);
+
+ /* If there is no open transaction, then mark this as a special
+ ** "transaction savepoint". */
+ if( db->autoCommit ){
+ db->autoCommit = 0;
+ db->isTransactionSavepoint = 1;
+ }else{
+ db->nSavepoint++;
+ }
+
+ /* Link the new savepoint into the database handle's list. */
+ pNew->pNext = db->pSavepoint;
+ db->pSavepoint = pNew;
+ pNew->nDeferredCons = db->nDeferredCons;
+ pNew->nDeferredImmCons = db->nDeferredImmCons;
+ }
+ }
+ }else{
+ iSavepoint = 0;
+
+ /* Find the named savepoint. If there is no such savepoint, then an
+ ** an error is returned to the user. */
+ for(
+ pSavepoint = db->pSavepoint;
+ pSavepoint && sqlite3StrICmp(pSavepoint->zName, zName);
+ pSavepoint = pSavepoint->pNext
+ ){
+ iSavepoint++;
+ }
+ if( !pSavepoint ){
+ sqlite3VdbeError(p, "no such savepoint: %s", zName);
+ rc = SQLITE_ERROR;
+ }else if( db->nVdbeWrite>0 && p1==SAVEPOINT_RELEASE ){
+ /* It is not possible to release (commit) a savepoint if there are
+ ** active write statements.
+ */
+ sqlite3VdbeError(p, "cannot release savepoint - "
+ "SQL statements in progress");
+ rc = SQLITE_BUSY;
+ }else{
+
+ /* Determine whether or not this is a transaction savepoint. If so,
+ ** and this is a RELEASE command, then the current transaction
+ ** is committed.
+ */
+ int isTransaction = pSavepoint->pNext==0 && db->isTransactionSavepoint;
+ if( isTransaction && p1==SAVEPOINT_RELEASE ){
+ if( (rc = sqlite3VdbeCheckFk(p, 1))!=SQLITE_OK ){
+ goto vdbe_return;
+ }
+ db->autoCommit = 1;
+ if( sqlite3VdbeHalt(p)==SQLITE_BUSY ){
+ p->pc = (int)(pOp - aOp);
+ db->autoCommit = 0;
+ p->rc = rc = SQLITE_BUSY;
+ goto vdbe_return;
+ }
+ db->isTransactionSavepoint = 0;
+ rc = p->rc;
+ }else{
+ int isSchemaChange;
+ iSavepoint = db->nSavepoint - iSavepoint - 1;
+ if( p1==SAVEPOINT_ROLLBACK ){
+ isSchemaChange = (db->flags & SQLITE_InternChanges)!=0;
+ for(ii=0; ii<db->nDb; ii++){
+ rc = sqlite3BtreeTripAllCursors(db->aDb[ii].pBt,
+ SQLITE_ABORT_ROLLBACK,
+ isSchemaChange==0);
+ if( rc!=SQLITE_OK ) goto abort_due_to_error;
+ }
+ }else{
+ isSchemaChange = 0;
+ }
+ for(ii=0; ii<db->nDb; ii++){
+ rc = sqlite3BtreeSavepoint(db->aDb[ii].pBt, p1, iSavepoint);
+ if( rc!=SQLITE_OK ){
+ goto abort_due_to_error;
+ }
+ }
+ if( isSchemaChange ){
+ sqlite3ExpirePreparedStatements(db);
+ sqlite3ResetAllSchemasOfConnection(db);
+ db->flags = (db->flags | SQLITE_InternChanges);
+ }
+ }
+
+ /* Regardless of whether this is a RELEASE or ROLLBACK, destroy all
+ ** savepoints nested inside of the savepoint being operated on. */
+ while( db->pSavepoint!=pSavepoint ){
+ pTmp = db->pSavepoint;
+ db->pSavepoint = pTmp->pNext;
+ sqlite3DbFree(db, pTmp);
+ db->nSavepoint--;
+ }
+
+ /* If it is a RELEASE, then destroy the savepoint being operated on
+ ** too. If it is a ROLLBACK TO, then set the number of deferred
+ ** constraint violations present in the database to the value stored
+ ** when the savepoint was created. */
+ if( p1==SAVEPOINT_RELEASE ){
+ assert( pSavepoint==db->pSavepoint );
+ db->pSavepoint = pSavepoint->pNext;
+ sqlite3DbFree(db, pSavepoint);
+ if( !isTransaction ){
+ db->nSavepoint--;
+ }
+ }else{
+ db->nDeferredCons = pSavepoint->nDeferredCons;
+ db->nDeferredImmCons = pSavepoint->nDeferredImmCons;
+ }
+
+ if( !isTransaction || p1==SAVEPOINT_ROLLBACK ){
+ rc = sqlite3VtabSavepoint(db, p1, iSavepoint);
+ if( rc!=SQLITE_OK ) goto abort_due_to_error;
+ }
+ }
+ }
+
+ break;
+}
+
+/* Opcode: AutoCommit P1 P2 * * *
+**
+** Set the database auto-commit flag to P1 (1 or 0). If P2 is true, roll
+** back any currently active btree transactions. If there are any active
+** VMs (apart from this one), then a ROLLBACK fails. A COMMIT fails if
+** there are active writing VMs or active VMs that use shared cache.
+**
+** This instruction causes the VM to halt.
+*/
+case OP_AutoCommit: {
+ int desiredAutoCommit;
+ int iRollback;
+ int turnOnAC;
+
+ desiredAutoCommit = pOp->p1;
+ iRollback = pOp->p2;
+ turnOnAC = desiredAutoCommit && !db->autoCommit;
+ assert( desiredAutoCommit==1 || desiredAutoCommit==0 );
+ assert( desiredAutoCommit==1 || iRollback==0 );
+ assert( db->nVdbeActive>0 ); /* At least this one VM is active */
+ assert( p->bIsReader );
+
+ if( turnOnAC && !iRollback && db->nVdbeWrite>0 ){
+ /* If this instruction implements a COMMIT and other VMs are writing
+ ** return an error indicating that the other VMs must complete first.
+ */
+ sqlite3VdbeError(p, "cannot commit transaction - "
+ "SQL statements in progress");
+ rc = SQLITE_BUSY;
+ }else if( desiredAutoCommit!=db->autoCommit ){
+ if( iRollback ){
+ assert( desiredAutoCommit==1 );
+ sqlite3RollbackAll(db, SQLITE_ABORT_ROLLBACK);
+ db->autoCommit = 1;
+ }else if( (rc = sqlite3VdbeCheckFk(p, 1))!=SQLITE_OK ){
+ goto vdbe_return;
+ }else{
+ db->autoCommit = (u8)desiredAutoCommit;
+ }
+ if( sqlite3VdbeHalt(p)==SQLITE_BUSY ){
+ p->pc = (int)(pOp - aOp);
+ db->autoCommit = (u8)(1-desiredAutoCommit);
+ p->rc = rc = SQLITE_BUSY;
+ goto vdbe_return;
+ }
+ assert( db->nStatement==0 );
+ sqlite3CloseSavepoints(db);
+ if( p->rc==SQLITE_OK ){
+ rc = SQLITE_DONE;
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ goto vdbe_return;
+ }else{
+ sqlite3VdbeError(p,
+ (!desiredAutoCommit)?"cannot start a transaction within a transaction":(
+ (iRollback)?"cannot rollback - no transaction is active":
+ "cannot commit - no transaction is active"));
+
+ rc = SQLITE_ERROR;
+ }
+ break;
+}
+
+/* Opcode: Transaction P1 P2 P3 P4 P5
+**
+** Begin a transaction on database P1 if a transaction is not already
+** active.
+** If P2 is non-zero, then a write-transaction is started, or if a
+** read-transaction is already active, it is upgraded to a write-transaction.
+** If P2 is zero, then a read-transaction is started.
+**
+** P1 is the index of the database file on which the transaction is
+** started. Index 0 is the main database file and index 1 is the
+** file used for temporary tables. Indices of 2 or more are used for
+** attached databases.
+**
+** If a write-transaction is started and the Vdbe.usesStmtJournal flag is
+** true (this flag is set if the Vdbe may modify more than one row and may
+** throw an ABORT exception), a statement transaction may also be opened.
+** More specifically, a statement transaction is opened iff the database
+** connection is currently not in autocommit mode, or if there are other
+** active statements. A statement transaction allows the changes made by this
+** VDBE to be rolled back after an error without having to roll back the
+** entire transaction. If no error is encountered, the statement transaction
+** will automatically commit when the VDBE halts.
+**
+** If P5!=0 then this opcode also checks the schema cookie against P3
+** and the schema generation counter against P4.
+** The cookie changes its value whenever the database schema changes.
+** This operation is used to detect when that the cookie has changed
+** and that the current process needs to reread the schema. If the schema
+** cookie in P3 differs from the schema cookie in the database header or
+** if the schema generation counter in P4 differs from the current
+** generation counter, then an SQLITE_SCHEMA error is raised and execution
+** halts. The sqlite3_step() wrapper function might then reprepare the
+** statement and rerun it from the beginning.
+*/
+case OP_Transaction: {
+ Btree *pBt;
+ int iMeta;
+ int iGen;
+
+ assert( p->bIsReader );
+ assert( p->readOnly==0 || pOp->p2==0 );
+ assert( pOp->p1>=0 && pOp->p1<db->nDb );
+ assert( DbMaskTest(p->btreeMask, pOp->p1) );
+ if( pOp->p2 && (db->flags & SQLITE_QueryOnly)!=0 ){
+ rc = SQLITE_READONLY;
+ goto abort_due_to_error;
+ }
+ pBt = db->aDb[pOp->p1].pBt;
+
+ if( pBt ){
+ rc = sqlite3BtreeBeginTrans(pBt, pOp->p2);
+ testcase( rc==SQLITE_BUSY_SNAPSHOT );
+ testcase( rc==SQLITE_BUSY_RECOVERY );
+ if( (rc&0xff)==SQLITE_BUSY ){
+ p->pc = (int)(pOp - aOp);
+ p->rc = rc;
+ goto vdbe_return;
+ }
+ if( rc!=SQLITE_OK ){
+ goto abort_due_to_error;
+ }
+
+ if( pOp->p2 && p->usesStmtJournal
+ && (db->autoCommit==0 || db->nVdbeRead>1)
+ ){
+ assert( sqlite3BtreeIsInTrans(pBt) );
+ if( p->iStatement==0 ){
+ assert( db->nStatement>=0 && db->nSavepoint>=0 );
+ db->nStatement++;
+ p->iStatement = db->nSavepoint + db->nStatement;
+ }
+
+ rc = sqlite3VtabSavepoint(db, SAVEPOINT_BEGIN, p->iStatement-1);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3BtreeBeginStmt(pBt, p->iStatement);
+ }
+
+ /* Store the current value of the database handles deferred constraint
+ ** counter. If the statement transaction needs to be rolled back,
+ ** the value of this counter needs to be restored too. */
+ p->nStmtDefCons = db->nDeferredCons;
+ p->nStmtDefImmCons = db->nDeferredImmCons;
+ }
+
+ /* Gather the schema version number for checking:
+ ** IMPLEMENTATION-OF: R-32195-19465 The schema version is used by SQLite
+ ** each time a query is executed to ensure that the internal cache of the
+ ** schema used when compiling the SQL query matches the schema of the
+ ** database against which the compiled query is actually executed.
+ */
+ sqlite3BtreeGetMeta(pBt, BTREE_SCHEMA_VERSION, (u32 *)&iMeta);
+ iGen = db->aDb[pOp->p1].pSchema->iGeneration;
+ }else{
+ iGen = iMeta = 0;
+ }
+ assert( pOp->p5==0 || pOp->p4type==P4_INT32 );
+ if( pOp->p5 && (iMeta!=pOp->p3 || iGen!=pOp->p4.i) ){
+ sqlite3DbFree(db, p->zErrMsg);
+ p->zErrMsg = sqlite3DbStrDup(db, "database schema has changed");
+ /* If the schema-cookie from the database file matches the cookie
+ ** stored with the in-memory representation of the schema, do
+ ** not reload the schema from the database file.
+ **
+ ** If virtual-tables are in use, this is not just an optimization.
+ ** Often, v-tables store their data in other SQLite tables, which
+ ** are queried from within xNext() and other v-table methods using
+ ** prepared queries. If such a query is out-of-date, we do not want to
+ ** discard the database schema, as the user code implementing the
+ ** v-table would have to be ready for the sqlite3_vtab structure itself
+ ** to be invalidated whenever sqlite3_step() is called from within
+ ** a v-table method.
+ */
+ if( db->aDb[pOp->p1].pSchema->schema_cookie!=iMeta ){
+ sqlite3ResetOneSchema(db, pOp->p1);
+ }
+ p->expired = 1;
+ rc = SQLITE_SCHEMA;
+ }
+ break;
+}
+
+/* Opcode: ReadCookie P1 P2 P3 * *
+**
+** Read cookie number P3 from database P1 and write it into register P2.
+** P3==1 is the schema version. P3==2 is the database format.
+** P3==3 is the recommended pager cache size, and so forth. P1==0 is
+** the main database file and P1==1 is the database file used to store
+** temporary tables.
+**
+** There must be a read-lock on the database (either a transaction
+** must be started or there must be an open cursor) before
+** executing this instruction.
+*/
+case OP_ReadCookie: { /* out2 */
+ int iMeta;
+ int iDb;
+ int iCookie;
+
+ assert( p->bIsReader );
+ iDb = pOp->p1;
+ iCookie = pOp->p3;
+ assert( pOp->p3<SQLITE_N_BTREE_META );
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( db->aDb[iDb].pBt!=0 );
+ assert( DbMaskTest(p->btreeMask, iDb) );
+
+ sqlite3BtreeGetMeta(db->aDb[iDb].pBt, iCookie, (u32 *)&iMeta);
+ pOut = out2Prerelease(p, pOp);
+ pOut->u.i = iMeta;
+ break;
+}
+
+/* Opcode: SetCookie P1 P2 P3 * *
+**
+** Write the content of register P3 (interpreted as an integer)
+** into cookie number P2 of database P1. P2==1 is the schema version.
+** P2==2 is the database format. P2==3 is the recommended pager cache
+** size, and so forth. P1==0 is the main database file and P1==1 is the
+** database file used to store temporary tables.
+**
+** A transaction must be started before executing this opcode.
+*/
+case OP_SetCookie: { /* in3 */
+ Db *pDb;
+ assert( pOp->p2<SQLITE_N_BTREE_META );
+ assert( pOp->p1>=0 && pOp->p1<db->nDb );
+ assert( DbMaskTest(p->btreeMask, pOp->p1) );
+ assert( p->readOnly==0 );
+ pDb = &db->aDb[pOp->p1];
+ assert( pDb->pBt!=0 );
+ assert( sqlite3SchemaMutexHeld(db, pOp->p1, 0) );
+ pIn3 = &aMem[pOp->p3];
+ sqlite3VdbeMemIntegerify(pIn3);
+ /* See note about index shifting on OP_ReadCookie */
+ rc = sqlite3BtreeUpdateMeta(pDb->pBt, pOp->p2, (int)pIn3->u.i);
+ if( pOp->p2==BTREE_SCHEMA_VERSION ){
+ /* When the schema cookie changes, record the new cookie internally */
+ pDb->pSchema->schema_cookie = (int)pIn3->u.i;
+ db->flags |= SQLITE_InternChanges;
+ }else if( pOp->p2==BTREE_FILE_FORMAT ){
+ /* Record changes in the file format */
+ pDb->pSchema->file_format = (u8)pIn3->u.i;
+ }
+ if( pOp->p1==1 ){
+ /* Invalidate all prepared statements whenever the TEMP database
+ ** schema is changed. Ticket #1644 */
+ sqlite3ExpirePreparedStatements(db);
+ p->expired = 0;
+ }
+ break;
+}
+
+/* Opcode: OpenRead P1 P2 P3 P4 P5
+** Synopsis: root=P2 iDb=P3
+**
+** Open a read-only cursor for the database table whose root page is
+** P2 in a database file. The database file is determined by P3.
+** P3==0 means the main database, P3==1 means the database used for
+** temporary tables, and P3>1 means used the corresponding attached
+** database. Give the new cursor an identifier of P1. The P1
+** values need not be contiguous but all P1 values should be small integers.
+** It is an error for P1 to be negative.
+**
+** If P5!=0 then use the content of register P2 as the root page, not
+** the value of P2 itself.
+**
+** There will be a read lock on the database whenever there is an
+** open cursor. If the database was unlocked prior to this instruction
+** then a read lock is acquired as part of this instruction. A read
+** lock allows other processes to read the database but prohibits
+** any other process from modifying the database. The read lock is
+** released when all cursors are closed. If this instruction attempts
+** to get a read lock but fails, the script terminates with an
+** SQLITE_BUSY error code.
+**
+** The P4 value may be either an integer (P4_INT32) or a pointer to
+** a KeyInfo structure (P4_KEYINFO). If it is a pointer to a KeyInfo
+** structure, then said structure defines the content and collating
+** sequence of the index being opened. Otherwise, if P4 is an integer
+** value, it is set to the number of columns in the table.
+**
+** See also: OpenWrite, ReopenIdx
+*/
+/* Opcode: ReopenIdx P1 P2 P3 P4 P5
+** Synopsis: root=P2 iDb=P3
+**
+** The ReopenIdx opcode works exactly like ReadOpen except that it first
+** checks to see if the cursor on P1 is already open with a root page
+** number of P2 and if it is this opcode becomes a no-op. In other words,
+** if the cursor is already open, do not reopen it.
+**
+** The ReopenIdx opcode may only be used with P5==0 and with P4 being
+** a P4_KEYINFO object. Furthermore, the P3 value must be the same as
+** every other ReopenIdx or OpenRead for the same cursor number.
+**
+** See the OpenRead opcode documentation for additional information.
+*/
+/* Opcode: OpenWrite P1 P2 P3 P4 P5
+** Synopsis: root=P2 iDb=P3
+**
+** Open a read/write cursor named P1 on the table or index whose root
+** page is P2. Or if P5!=0 use the content of register P2 to find the
+** root page.
+**
+** The P4 value may be either an integer (P4_INT32) or a pointer to
+** a KeyInfo structure (P4_KEYINFO). If it is a pointer to a KeyInfo
+** structure, then said structure defines the content and collating
+** sequence of the index being opened. Otherwise, if P4 is an integer
+** value, it is set to the number of columns in the table, or to the
+** largest index of any column of the table that is actually used.
+**
+** This instruction works just like OpenRead except that it opens the cursor
+** in read/write mode. For a given table, there can be one or more read-only
+** cursors or a single read/write cursor but not both.
+**
+** See also OpenRead.
+*/
+case OP_ReopenIdx: {
+ int nField;
+ KeyInfo *pKeyInfo;
+ int p2;
+ int iDb;
+ int wrFlag;
+ Btree *pX;
+ VdbeCursor *pCur;
+ Db *pDb;
+
+ assert( pOp->p5==0 || pOp->p5==OPFLAG_SEEKEQ );
+ assert( pOp->p4type==P4_KEYINFO );
+ pCur = p->apCsr[pOp->p1];
+ if( pCur && pCur->pgnoRoot==(u32)pOp->p2 ){
+ assert( pCur->iDb==pOp->p3 ); /* Guaranteed by the code generator */
+ goto open_cursor_set_hints;
+ }
+ /* If the cursor is not currently open or is open on a different
+ ** index, then fall through into OP_OpenRead to force a reopen */
+case OP_OpenRead:
+case OP_OpenWrite:
+
+ assert( pOp->opcode==OP_OpenWrite || pOp->p5==0 || pOp->p5==OPFLAG_SEEKEQ );
+ assert( p->bIsReader );
+ assert( pOp->opcode==OP_OpenRead || pOp->opcode==OP_ReopenIdx
+ || p->readOnly==0 );
+
+ if( p->expired ){
+ rc = SQLITE_ABORT_ROLLBACK;
+ break;
+ }
+
+ nField = 0;
+ pKeyInfo = 0;
+ p2 = pOp->p2;
+ iDb = pOp->p3;
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( DbMaskTest(p->btreeMask, iDb) );
+ pDb = &db->aDb[iDb];
+ pX = pDb->pBt;
+ assert( pX!=0 );
+ if( pOp->opcode==OP_OpenWrite ){
+ assert( OPFLAG_FORDELETE==BTREE_FORDELETE );
+ wrFlag = BTREE_WRCSR | (pOp->p5 & OPFLAG_FORDELETE);
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( pDb->pSchema->file_format < p->minWriteFileFormat ){
+ p->minWriteFileFormat = pDb->pSchema->file_format;
+ }
+ }else{
+ wrFlag = 0;
+ }
+ if( pOp->p5 & OPFLAG_P2ISREG ){
+ assert( p2>0 );
+ assert( p2<=(p->nMem-p->nCursor) );
+ pIn2 = &aMem[p2];
+ assert( memIsValid(pIn2) );
+ assert( (pIn2->flags & MEM_Int)!=0 );
+ sqlite3VdbeMemIntegerify(pIn2);
+ p2 = (int)pIn2->u.i;
+ /* The p2 value always comes from a prior OP_CreateTable opcode and
+ ** that opcode will always set the p2 value to 2 or more or else fail.
+ ** If there were a failure, the prepared statement would have halted
+ ** before reaching this instruction. */
+ if( NEVER(p2<2) ) {
+ rc = SQLITE_CORRUPT_BKPT;
+ goto abort_due_to_error;
+ }
+ }
+ if( pOp->p4type==P4_KEYINFO ){
+ pKeyInfo = pOp->p4.pKeyInfo;
+ assert( pKeyInfo->enc==ENC(db) );
+ assert( pKeyInfo->db==db );
+ nField = pKeyInfo->nField+pKeyInfo->nXField;
+ }else if( pOp->p4type==P4_INT32 ){
+ nField = pOp->p4.i;
+ }
+ assert( pOp->p1>=0 );
+ assert( nField>=0 );
+ testcase( nField==0 ); /* Table with INTEGER PRIMARY KEY and nothing else */
+ pCur = allocateCursor(p, pOp->p1, nField, iDb, CURTYPE_BTREE);
+ if( pCur==0 ) goto no_mem;
+ pCur->nullRow = 1;
+ pCur->isOrdered = 1;
+ pCur->pgnoRoot = p2;
+ rc = sqlite3BtreeCursor(pX, p2, wrFlag, pKeyInfo, pCur->uc.pCursor);
+ pCur->pKeyInfo = pKeyInfo;
+ /* Set the VdbeCursor.isTable variable. Previous versions of
+ ** SQLite used to check if the root-page flags were sane at this point
+ ** and report database corruption if they were not, but this check has
+ ** since moved into the btree layer. */
+ pCur->isTable = pOp->p4type!=P4_KEYINFO;
+
+open_cursor_set_hints:
+ assert( OPFLAG_BULKCSR==BTREE_BULKLOAD );
+ assert( OPFLAG_SEEKEQ==BTREE_SEEK_EQ );
+ testcase( pOp->p5 & OPFLAG_BULKCSR );
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+ testcase( pOp->p2 & OPFLAG_SEEKEQ );
+#endif
+ sqlite3BtreeCursorHintFlags(pCur->uc.pCursor,
+ (pOp->p5 & (OPFLAG_BULKCSR|OPFLAG_SEEKEQ)));
+ break;
+}
+
+/* Opcode: OpenEphemeral P1 P2 * P4 P5
+** Synopsis: nColumn=P2
+**
+** Open a new cursor P1 to a transient table.
+** The cursor is always opened read/write even if
+** the main database is read-only. The ephemeral
+** table is deleted automatically when the cursor is closed.
+**
+** P2 is the number of columns in the ephemeral table.
+** The cursor points to a BTree table if P4==0 and to a BTree index
+** if P4 is not 0. If P4 is not NULL, it points to a KeyInfo structure
+** that defines the format of keys in the index.
+**
+** The P5 parameter can be a mask of the BTREE_* flags defined
+** in btree.h. These flags control aspects of the operation of
+** the btree. The BTREE_OMIT_JOURNAL and BTREE_SINGLE flags are
+** added automatically.
+*/
+/* Opcode: OpenAutoindex P1 P2 * P4 *
+** Synopsis: nColumn=P2
+**
+** This opcode works the same as OP_OpenEphemeral. It has a
+** different name to distinguish its use. Tables created using
+** by this opcode will be used for automatically created transient
+** indices in joins.
+*/
+case OP_OpenAutoindex:
+case OP_OpenEphemeral: {
+ VdbeCursor *pCx;
+ KeyInfo *pKeyInfo;
+
+ static const int vfsFlags =
+ SQLITE_OPEN_READWRITE |
+ SQLITE_OPEN_CREATE |
+ SQLITE_OPEN_EXCLUSIVE |
+ SQLITE_OPEN_DELETEONCLOSE |
+ SQLITE_OPEN_TRANSIENT_DB;
+ assert( pOp->p1>=0 );
+ assert( pOp->p2>=0 );
+ pCx = allocateCursor(p, pOp->p1, pOp->p2, -1, CURTYPE_BTREE);
+ if( pCx==0 ) goto no_mem;
+ pCx->nullRow = 1;
+ pCx->isEphemeral = 1;
+ rc = sqlite3BtreeOpen(db->pVfs, 0, db, &pCx->pBt,
+ BTREE_OMIT_JOURNAL | BTREE_SINGLE | pOp->p5, vfsFlags);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3BtreeBeginTrans(pCx->pBt, 1);
+ }
+ if( rc==SQLITE_OK ){
+ /* If a transient index is required, create it by calling
+ ** sqlite3BtreeCreateTable() with the BTREE_BLOBKEY flag before
+ ** opening it. If a transient table is required, just use the
+ ** automatically created table with root-page 1 (an BLOB_INTKEY table).
+ */
+ if( (pKeyInfo = pOp->p4.pKeyInfo)!=0 ){
+ int pgno;
+ assert( pOp->p4type==P4_KEYINFO );
+ rc = sqlite3BtreeCreateTable(pCx->pBt, &pgno, BTREE_BLOBKEY | pOp->p5);
+ if( rc==SQLITE_OK ){
+ assert( pgno==MASTER_ROOT+1 );
+ assert( pKeyInfo->db==db );
+ assert( pKeyInfo->enc==ENC(db) );
+ pCx->pKeyInfo = pKeyInfo;
+ rc = sqlite3BtreeCursor(pCx->pBt, pgno, BTREE_WRCSR,
+ pKeyInfo, pCx->uc.pCursor);
+ }
+ pCx->isTable = 0;
+ }else{
+ rc = sqlite3BtreeCursor(pCx->pBt, MASTER_ROOT, BTREE_WRCSR,
+ 0, pCx->uc.pCursor);
+ pCx->isTable = 1;
+ }
+ }
+ pCx->isOrdered = (pOp->p5!=BTREE_UNORDERED);
+ break;
+}
+
+/* Opcode: SorterOpen P1 P2 P3 P4 *
+**
+** This opcode works like OP_OpenEphemeral except that it opens
+** a transient index that is specifically designed to sort large
+** tables using an external merge-sort algorithm.
+**
+** If argument P3 is non-zero, then it indicates that the sorter may
+** assume that a stable sort considering the first P3 fields of each
+** key is sufficient to produce the required results.
+*/
+case OP_SorterOpen: {
+ VdbeCursor *pCx;
+
+ assert( pOp->p1>=0 );
+ assert( pOp->p2>=0 );
+ pCx = allocateCursor(p, pOp->p1, pOp->p2, -1, CURTYPE_SORTER);
+ if( pCx==0 ) goto no_mem;
+ pCx->pKeyInfo = pOp->p4.pKeyInfo;
+ assert( pCx->pKeyInfo->db==db );
+ assert( pCx->pKeyInfo->enc==ENC(db) );
+ rc = sqlite3VdbeSorterInit(db, pOp->p3, pCx);
+ break;
+}
+
+/* Opcode: SequenceTest P1 P2 * * *
+** Synopsis: if( cursor[P1].ctr++ ) pc = P2
+**
+** P1 is a sorter cursor. If the sequence counter is currently zero, jump
+** to P2. Regardless of whether or not the jump is taken, increment the
+** the sequence value.
+*/
+case OP_SequenceTest: {
+ VdbeCursor *pC;
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( isSorter(pC) );
+ if( (pC->seqCount++)==0 ){
+ goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: OpenPseudo P1 P2 P3 * *
+** Synopsis: P3 columns in r[P2]
+**
+** Open a new cursor that points to a fake table that contains a single
+** row of data. The content of that one row is the content of memory
+** register P2. In other words, cursor P1 becomes an alias for the
+** MEM_Blob content contained in register P2.
+**
+** A pseudo-table created by this opcode is used to hold a single
+** row output from the sorter so that the row can be decomposed into
+** individual columns using the OP_Column opcode. The OP_Column opcode
+** is the only cursor opcode that works with a pseudo-table.
+**
+** P3 is the number of fields in the records that will be stored by
+** the pseudo-table.
+*/
+case OP_OpenPseudo: {
+ VdbeCursor *pCx;
+
+ assert( pOp->p1>=0 );
+ assert( pOp->p3>=0 );
+ pCx = allocateCursor(p, pOp->p1, pOp->p3, -1, CURTYPE_PSEUDO);
+ if( pCx==0 ) goto no_mem;
+ pCx->nullRow = 1;
+ pCx->uc.pseudoTableReg = pOp->p2;
+ pCx->isTable = 1;
+ assert( pOp->p5==0 );
+ break;
+}
+
+/* Opcode: Close P1 * * * *
+**
+** Close a cursor previously opened as P1. If P1 is not
+** currently open, this instruction is a no-op.
+*/
+case OP_Close: {
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ sqlite3VdbeFreeCursor(p, p->apCsr[pOp->p1]);
+ p->apCsr[pOp->p1] = 0;
+ break;
+}
+
+#ifdef SQLITE_ENABLE_COLUMN_USED_MASK
+/* Opcode: ColumnsUsed P1 * * P4 *
+**
+** This opcode (which only exists if SQLite was compiled with
+** SQLITE_ENABLE_COLUMN_USED_MASK) identifies which columns of the
+** table or index for cursor P1 are used. P4 is a 64-bit integer
+** (P4_INT64) in which the first 63 bits are one for each of the
+** first 63 columns of the table or index that are actually used
+** by the cursor. The high-order bit is set if any column after
+** the 64th is used.
+*/
+case OP_ColumnsUsed: {
+ VdbeCursor *pC;
+ pC = p->apCsr[pOp->p1];
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pC->maskUsed = *(u64*)pOp->p4.pI64;
+ break;
+}
+#endif
+
+/* Opcode: SeekGE P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If cursor P1 refers to an SQL table (B-Tree that uses integer keys),
+** use the value in register P3 as the key. If cursor P1 refers
+** to an SQL index, then P3 is the first in an array of P4 registers
+** that are used as an unpacked index key.
+**
+** Reposition cursor P1 so that it points to the smallest entry that
+** is greater than or equal to the key value. If there are no records
+** greater than or equal to the key and P2 is not zero, then jump to P2.
+**
+** If the cursor P1 was opened using the OPFLAG_SEEKEQ flag, then this
+** opcode will always land on a record that equally equals the key, or
+** else jump immediately to P2. When the cursor is OPFLAG_SEEKEQ, this
+** opcode must be followed by an IdxLE opcode with the same arguments.
+** The IdxLE opcode will be skipped if this opcode succeeds, but the
+** IdxLE opcode will be used on subsequent loop iterations.
+**
+** This opcode leaves the cursor configured to move in forward order,
+** from the beginning toward the end. In other words, the cursor is
+** configured to use Next, not Prev.
+**
+** See also: Found, NotFound, SeekLt, SeekGt, SeekLe
+*/
+/* Opcode: SeekGT P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If cursor P1 refers to an SQL table (B-Tree that uses integer keys),
+** use the value in register P3 as a key. If cursor P1 refers
+** to an SQL index, then P3 is the first in an array of P4 registers
+** that are used as an unpacked index key.
+**
+** Reposition cursor P1 so that it points to the smallest entry that
+** is greater than the key value. If there are no records greater than
+** the key and P2 is not zero, then jump to P2.
+**
+** This opcode leaves the cursor configured to move in forward order,
+** from the beginning toward the end. In other words, the cursor is
+** configured to use Next, not Prev.
+**
+** See also: Found, NotFound, SeekLt, SeekGe, SeekLe
+*/
+/* Opcode: SeekLT P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If cursor P1 refers to an SQL table (B-Tree that uses integer keys),
+** use the value in register P3 as a key. If cursor P1 refers
+** to an SQL index, then P3 is the first in an array of P4 registers
+** that are used as an unpacked index key.
+**
+** Reposition cursor P1 so that it points to the largest entry that
+** is less than the key value. If there are no records less than
+** the key and P2 is not zero, then jump to P2.
+**
+** This opcode leaves the cursor configured to move in reverse order,
+** from the end toward the beginning. In other words, the cursor is
+** configured to use Prev, not Next.
+**
+** See also: Found, NotFound, SeekGt, SeekGe, SeekLe
+*/
+/* Opcode: SeekLE P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If cursor P1 refers to an SQL table (B-Tree that uses integer keys),
+** use the value in register P3 as a key. If cursor P1 refers
+** to an SQL index, then P3 is the first in an array of P4 registers
+** that are used as an unpacked index key.
+**
+** Reposition cursor P1 so that it points to the largest entry that
+** is less than or equal to the key value. If there are no records
+** less than or equal to the key and P2 is not zero, then jump to P2.
+**
+** This opcode leaves the cursor configured to move in reverse order,
+** from the end toward the beginning. In other words, the cursor is
+** configured to use Prev, not Next.
+**
+** If the cursor P1 was opened using the OPFLAG_SEEKEQ flag, then this
+** opcode will always land on a record that equally equals the key, or
+** else jump immediately to P2. When the cursor is OPFLAG_SEEKEQ, this
+** opcode must be followed by an IdxGE opcode with the same arguments.
+** The IdxGE opcode will be skipped if this opcode succeeds, but the
+** IdxGE opcode will be used on subsequent loop iterations.
+**
+** See also: Found, NotFound, SeekGt, SeekGe, SeekLt
+*/
+case OP_SeekLT: /* jump, in3 */
+case OP_SeekLE: /* jump, in3 */
+case OP_SeekGE: /* jump, in3 */
+case OP_SeekGT: { /* jump, in3 */
+ int res; /* Comparison result */
+ int oc; /* Opcode */
+ VdbeCursor *pC; /* The cursor to seek */
+ UnpackedRecord r; /* The key to seek for */
+ int nField; /* Number of columns or fields in the key */
+ i64 iKey; /* The rowid we are to seek to */
+ int eqOnly; /* Only interested in == results */
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ assert( pOp->p2!=0 );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( OP_SeekLE == OP_SeekLT+1 );
+ assert( OP_SeekGE == OP_SeekLT+2 );
+ assert( OP_SeekGT == OP_SeekLT+3 );
+ assert( pC->isOrdered );
+ assert( pC->uc.pCursor!=0 );
+ oc = pOp->opcode;
+ eqOnly = 0;
+ pC->nullRow = 0;
+#ifdef SQLITE_DEBUG
+ pC->seekOp = pOp->opcode;
+#endif
+
+ if( pC->isTable ){
+ /* The BTREE_SEEK_EQ flag is only set on index cursors */
+ assert( sqlite3BtreeCursorHasHint(pC->uc.pCursor, BTREE_SEEK_EQ)==0 );
+
+ /* The input value in P3 might be of any type: integer, real, string,
+ ** blob, or NULL. But it needs to be an integer before we can do
+ ** the seek, so convert it. */
+ pIn3 = &aMem[pOp->p3];
+ if( (pIn3->flags & (MEM_Int|MEM_Real|MEM_Str))==MEM_Str ){
+ applyNumericAffinity(pIn3, 0);
+ }
+ iKey = sqlite3VdbeIntValue(pIn3);
+
+ /* If the P3 value could not be converted into an integer without
+ ** loss of information, then special processing is required... */
+ if( (pIn3->flags & MEM_Int)==0 ){
+ if( (pIn3->flags & MEM_Real)==0 ){
+ /* If the P3 value cannot be converted into any kind of a number,
+ ** then the seek is not possible, so jump to P2 */
+ VdbeBranchTaken(1,2); goto jump_to_p2;
+ break;
+ }
+
+ /* If the approximation iKey is larger than the actual real search
+ ** term, substitute >= for > and < for <=. e.g. if the search term
+ ** is 4.9 and the integer approximation 5:
+ **
+ ** (x > 4.9) -> (x >= 5)
+ ** (x <= 4.9) -> (x < 5)
+ */
+ if( pIn3->u.r<(double)iKey ){
+ assert( OP_SeekGE==(OP_SeekGT-1) );
+ assert( OP_SeekLT==(OP_SeekLE-1) );
+ assert( (OP_SeekLE & 0x0001)==(OP_SeekGT & 0x0001) );
+ if( (oc & 0x0001)==(OP_SeekGT & 0x0001) ) oc--;
+ }
+
+ /* If the approximation iKey is smaller than the actual real search
+ ** term, substitute <= for < and > for >=. */
+ else if( pIn3->u.r>(double)iKey ){
+ assert( OP_SeekLE==(OP_SeekLT+1) );
+ assert( OP_SeekGT==(OP_SeekGE+1) );
+ assert( (OP_SeekLT & 0x0001)==(OP_SeekGE & 0x0001) );
+ if( (oc & 0x0001)==(OP_SeekLT & 0x0001) ) oc++;
+ }
+ }
+ rc = sqlite3BtreeMovetoUnpacked(pC->uc.pCursor, 0, (u64)iKey, 0, &res);
+ pC->movetoTarget = iKey; /* Used by OP_Delete */
+ if( rc!=SQLITE_OK ){
+ goto abort_due_to_error;
+ }
+ }else{
+ /* For a cursor with the BTREE_SEEK_EQ hint, only the OP_SeekGE and
+ ** OP_SeekLE opcodes are allowed, and these must be immediately followed
+ ** by an OP_IdxGT or OP_IdxLT opcode, respectively, with the same key.
+ */
+ if( sqlite3BtreeCursorHasHint(pC->uc.pCursor, BTREE_SEEK_EQ) ){
+ eqOnly = 1;
+ assert( pOp->opcode==OP_SeekGE || pOp->opcode==OP_SeekLE );
+ assert( pOp[1].opcode==OP_IdxLT || pOp[1].opcode==OP_IdxGT );
+ assert( pOp[1].p1==pOp[0].p1 );
+ assert( pOp[1].p2==pOp[0].p2 );
+ assert( pOp[1].p3==pOp[0].p3 );
+ assert( pOp[1].p4.i==pOp[0].p4.i );
+ }
+
+ nField = pOp->p4.i;
+ assert( pOp->p4type==P4_INT32 );
+ assert( nField>0 );
+ r.pKeyInfo = pC->pKeyInfo;
+ r.nField = (u16)nField;
+
+ /* The next line of code computes as follows, only faster:
+ ** if( oc==OP_SeekGT || oc==OP_SeekLE ){
+ ** r.default_rc = -1;
+ ** }else{
+ ** r.default_rc = +1;
+ ** }
+ */
+ r.default_rc = ((1 & (oc - OP_SeekLT)) ? -1 : +1);
+ assert( oc!=OP_SeekGT || r.default_rc==-1 );
+ assert( oc!=OP_SeekLE || r.default_rc==-1 );
+ assert( oc!=OP_SeekGE || r.default_rc==+1 );
+ assert( oc!=OP_SeekLT || r.default_rc==+1 );
+
+ r.aMem = &aMem[pOp->p3];
+#ifdef SQLITE_DEBUG
+ { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
+#endif
+ ExpandBlob(r.aMem);
+ r.eqSeen = 0;
+ rc = sqlite3BtreeMovetoUnpacked(pC->uc.pCursor, &r, 0, 0, &res);
+ if( rc!=SQLITE_OK ){
+ goto abort_due_to_error;
+ }
+ if( eqOnly && r.eqSeen==0 ){
+ assert( res!=0 );
+ goto seek_not_found;
+ }
+ }
+ pC->deferredMoveto = 0;
+ pC->cacheStatus = CACHE_STALE;
+#ifdef SQLITE_TEST
+ sqlite3_search_count++;
+#endif
+ if( oc>=OP_SeekGE ){ assert( oc==OP_SeekGE || oc==OP_SeekGT );
+ if( res<0 || (res==0 && oc==OP_SeekGT) ){
+ res = 0;
+ rc = sqlite3BtreeNext(pC->uc.pCursor, &res);
+ if( rc!=SQLITE_OK ) goto abort_due_to_error;
+ }else{
+ res = 0;
+ }
+ }else{
+ assert( oc==OP_SeekLT || oc==OP_SeekLE );
+ if( res>0 || (res==0 && oc==OP_SeekLT) ){
+ res = 0;
+ rc = sqlite3BtreePrevious(pC->uc.pCursor, &res);
+ if( rc!=SQLITE_OK ) goto abort_due_to_error;
+ }else{
+ /* res might be negative because the table is empty. Check to
+ ** see if this is the case.
+ */
+ res = sqlite3BtreeEof(pC->uc.pCursor);
+ }
+ }
+seek_not_found:
+ assert( pOp->p2>0 );
+ VdbeBranchTaken(res!=0,2);
+ if( res ){
+ goto jump_to_p2;
+ }else if( eqOnly ){
+ assert( pOp[1].opcode==OP_IdxLT || pOp[1].opcode==OP_IdxGT );
+ pOp++; /* Skip the OP_IdxLt or OP_IdxGT that follows */
+ }
+ break;
+}
+
+/* Opcode: Seek P1 P2 * * *
+** Synopsis: intkey=r[P2]
+**
+** P1 is an open table cursor and P2 is a rowid integer. Arrange
+** for P1 to move so that it points to the rowid given by P2.
+**
+** This is actually a deferred seek. Nothing actually happens until
+** the cursor is used to read a record. That way, if no reads
+** occur, no unnecessary I/O happens.
+*/
+case OP_Seek: { /* in2 */
+ VdbeCursor *pC;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0 );
+ assert( pC->isTable );
+ pC->nullRow = 0;
+ pIn2 = &aMem[pOp->p2];
+ pC->movetoTarget = sqlite3VdbeIntValue(pIn2);
+ pC->deferredMoveto = 1;
+ break;
+}
+
+
+/* Opcode: Found P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If P4==0 then register P3 holds a blob constructed by MakeRecord. If
+** P4>0 then register P3 is the first of P4 registers that form an unpacked
+** record.
+**
+** Cursor P1 is on an index btree. If the record identified by P3 and P4
+** is a prefix of any entry in P1 then a jump is made to P2 and
+** P1 is left pointing at the matching entry.
+**
+** This operation leaves the cursor in a state where it can be
+** advanced in the forward direction. The Next instruction will work,
+** but not the Prev instruction.
+**
+** See also: NotFound, NoConflict, NotExists. SeekGe
+*/
+/* Opcode: NotFound P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If P4==0 then register P3 holds a blob constructed by MakeRecord. If
+** P4>0 then register P3 is the first of P4 registers that form an unpacked
+** record.
+**
+** Cursor P1 is on an index btree. If the record identified by P3 and P4
+** is not the prefix of any entry in P1 then a jump is made to P2. If P1
+** does contain an entry whose prefix matches the P3/P4 record then control
+** falls through to the next instruction and P1 is left pointing at the
+** matching entry.
+**
+** This operation leaves the cursor in a state where it cannot be
+** advanced in either direction. In other words, the Next and Prev
+** opcodes do not work after this operation.
+**
+** See also: Found, NotExists, NoConflict
+*/
+/* Opcode: NoConflict P1 P2 P3 P4 *
+** Synopsis: key=r[P3@P4]
+**
+** If P4==0 then register P3 holds a blob constructed by MakeRecord. If
+** P4>0 then register P3 is the first of P4 registers that form an unpacked
+** record.
+**
+** Cursor P1 is on an index btree. If the record identified by P3 and P4
+** contains any NULL value, jump immediately to P2. If all terms of the
+** record are not-NULL then a check is done to determine if any row in the
+** P1 index btree has a matching key prefix. If there are no matches, jump
+** immediately to P2. If there is a match, fall through and leave the P1
+** cursor pointing to the matching row.
+**
+** This opcode is similar to OP_NotFound with the exceptions that the
+** branch is always taken if any part of the search key input is NULL.
+**
+** This operation leaves the cursor in a state where it cannot be
+** advanced in either direction. In other words, the Next and Prev
+** opcodes do not work after this operation.
+**
+** See also: NotFound, Found, NotExists
+*/
+case OP_NoConflict: /* jump, in3 */
+case OP_NotFound: /* jump, in3 */
+case OP_Found: { /* jump, in3 */
+ int alreadyExists;
+ int takeJump;
+ int ii;
+ VdbeCursor *pC;
+ int res;
+ char *pFree;
+ UnpackedRecord *pIdxKey;
+ UnpackedRecord r;
+ char aTempRec[ROUND8(sizeof(UnpackedRecord)) + sizeof(Mem)*4 + 7];
+
+#ifdef SQLITE_TEST
+ if( pOp->opcode!=OP_NoConflict ) sqlite3_found_count++;
+#endif
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ assert( pOp->p4type==P4_INT32 );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+#ifdef SQLITE_DEBUG
+ pC->seekOp = pOp->opcode;
+#endif
+ pIn3 = &aMem[pOp->p3];
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0 );
+ assert( pC->isTable==0 );
+ pFree = 0;
+ if( pOp->p4.i>0 ){
+ r.pKeyInfo = pC->pKeyInfo;
+ r.nField = (u16)pOp->p4.i;
+ r.aMem = pIn3;
+ for(ii=0; ii<r.nField; ii++){
+ assert( memIsValid(&r.aMem[ii]) );
+ ExpandBlob(&r.aMem[ii]);
+#ifdef SQLITE_DEBUG
+ if( ii ) REGISTER_TRACE(pOp->p3+ii, &r.aMem[ii]);
+#endif
+ }
+ pIdxKey = &r;
+ }else{
+ pIdxKey = sqlite3VdbeAllocUnpackedRecord(
+ pC->pKeyInfo, aTempRec, sizeof(aTempRec), &pFree
+ );
+ if( pIdxKey==0 ) goto no_mem;
+ assert( pIn3->flags & MEM_Blob );
+ ExpandBlob(pIn3);
+ sqlite3VdbeRecordUnpack(pC->pKeyInfo, pIn3->n, pIn3->z, pIdxKey);
+ }
+ pIdxKey->default_rc = 0;
+ takeJump = 0;
+ if( pOp->opcode==OP_NoConflict ){
+ /* For the OP_NoConflict opcode, take the jump if any of the
+ ** input fields are NULL, since any key with a NULL will not
+ ** conflict */
+ for(ii=0; ii<pIdxKey->nField; ii++){
+ if( pIdxKey->aMem[ii].flags & MEM_Null ){
+ takeJump = 1;
+ break;
+ }
+ }
+ }
+ rc = sqlite3BtreeMovetoUnpacked(pC->uc.pCursor, pIdxKey, 0, 0, &res);
+ sqlite3DbFree(db, pFree);
+ if( rc!=SQLITE_OK ){
+ break;
+ }
+ pC->seekResult = res;
+ alreadyExists = (res==0);
+ pC->nullRow = 1-alreadyExists;
+ pC->deferredMoveto = 0;
+ pC->cacheStatus = CACHE_STALE;
+ if( pOp->opcode==OP_Found ){
+ VdbeBranchTaken(alreadyExists!=0,2);
+ if( alreadyExists ) goto jump_to_p2;
+ }else{
+ VdbeBranchTaken(takeJump||alreadyExists==0,2);
+ if( takeJump || !alreadyExists ) goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: NotExists P1 P2 P3 * *
+** Synopsis: intkey=r[P3]
+**
+** P1 is the index of a cursor open on an SQL table btree (with integer
+** keys). P3 is an integer rowid. If P1 does not contain a record with
+** rowid P3 then jump immediately to P2. Or, if P2 is 0, raise an
+** SQLITE_CORRUPT error. If P1 does contain a record with rowid P3 then
+** leave the cursor pointing at that record and fall through to the next
+** instruction.
+**
+** The OP_NotFound opcode performs the same operation on index btrees
+** (with arbitrary multi-value keys).
+**
+** This opcode leaves the cursor in a state where it cannot be advanced
+** in either direction. In other words, the Next and Prev opcodes will
+** not work following this opcode.
+**
+** See also: Found, NotFound, NoConflict
+*/
+case OP_NotExists: { /* jump, in3 */
+ VdbeCursor *pC;
+ BtCursor *pCrsr;
+ int res;
+ u64 iKey;
+
+ pIn3 = &aMem[pOp->p3];
+ assert( pIn3->flags & MEM_Int );
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+#ifdef SQLITE_DEBUG
+ pC->seekOp = 0;
+#endif
+ assert( pC->isTable );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pCrsr = pC->uc.pCursor;
+ assert( pCrsr!=0 );
+ res = 0;
+ iKey = pIn3->u.i;
+ rc = sqlite3BtreeMovetoUnpacked(pCrsr, 0, iKey, 0, &res);
+ assert( rc==SQLITE_OK || res==0 );
+ pC->movetoTarget = iKey; /* Used by OP_Delete */
+ pC->nullRow = 0;
+ pC->cacheStatus = CACHE_STALE;
+ pC->deferredMoveto = 0;
+ VdbeBranchTaken(res!=0,2);
+ pC->seekResult = res;
+ if( res!=0 ){
+ assert( rc==SQLITE_OK );
+ if( pOp->p2==0 ){
+ rc = SQLITE_CORRUPT_BKPT;
+ }else{
+ goto jump_to_p2;
+ }
+ }
+ break;
+}
+
+/* Opcode: Sequence P1 P2 * * *
+** Synopsis: r[P2]=cursor[P1].ctr++
+**
+** Find the next available sequence number for cursor P1.
+** Write the sequence number into register P2.
+** The sequence number on the cursor is incremented after this
+** instruction.
+*/
+case OP_Sequence: { /* out2 */
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ assert( p->apCsr[pOp->p1]!=0 );
+ assert( p->apCsr[pOp->p1]->eCurType!=CURTYPE_VTAB );
+ pOut = out2Prerelease(p, pOp);
+ pOut->u.i = p->apCsr[pOp->p1]->seqCount++;
+ break;
+}
+
+
+/* Opcode: NewRowid P1 P2 P3 * *
+** Synopsis: r[P2]=rowid
+**
+** Get a new integer record number (a.k.a "rowid") used as the key to a table.
+** The record number is not previously used as a key in the database
+** table that cursor P1 points to. The new record number is written
+** written to register P2.
+**
+** If P3>0 then P3 is a register in the root frame of this VDBE that holds
+** the largest previously generated record number. No new record numbers are
+** allowed to be less than this value. When this value reaches its maximum,
+** an SQLITE_FULL error is generated. The P3 register is updated with the '
+** generated record number. This P3 mechanism is used to help implement the
+** AUTOINCREMENT feature.
+*/
+case OP_NewRowid: { /* out2 */
+ i64 v; /* The new rowid */
+ VdbeCursor *pC; /* Cursor of table to get the new rowid */
+ int res; /* Result of an sqlite3BtreeLast() */
+ int cnt; /* Counter to limit the number of searches */
+ Mem *pMem; /* Register holding largest rowid for AUTOINCREMENT */
+ VdbeFrame *pFrame; /* Root frame of VDBE */
+
+ v = 0;
+ res = 0;
+ pOut = out2Prerelease(p, pOp);
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0 );
+ {
+ /* The next rowid or record number (different terms for the same
+ ** thing) is obtained in a two-step algorithm.
+ **
+ ** First we attempt to find the largest existing rowid and add one
+ ** to that. But if the largest existing rowid is already the maximum
+ ** positive integer, we have to fall through to the second
+ ** probabilistic algorithm
+ **
+ ** The second algorithm is to select a rowid at random and see if
+ ** it already exists in the table. If it does not exist, we have
+ ** succeeded. If the random rowid does exist, we select a new one
+ ** and try again, up to 100 times.
+ */
+ assert( pC->isTable );
+
+#ifdef SQLITE_32BIT_ROWID
+# define MAX_ROWID 0x7fffffff
+#else
+ /* Some compilers complain about constants of the form 0x7fffffffffffffff.
+ ** Others complain about 0x7ffffffffffffffffLL. The following macro seems
+ ** to provide the constant while making all compilers happy.
+ */
+# define MAX_ROWID (i64)( (((u64)0x7fffffff)<<32) | (u64)0xffffffff )
+#endif
+
+ if( !pC->useRandomRowid ){
+ rc = sqlite3BtreeLast(pC->uc.pCursor, &res);
+ if( rc!=SQLITE_OK ){
+ goto abort_due_to_error;
+ }
+ if( res ){
+ v = 1; /* IMP: R-61914-48074 */
+ }else{
+ assert( sqlite3BtreeCursorIsValid(pC->uc.pCursor) );
+ rc = sqlite3BtreeKeySize(pC->uc.pCursor, &v);
+ assert( rc==SQLITE_OK ); /* Cannot fail following BtreeLast() */
+ if( v>=MAX_ROWID ){
+ pC->useRandomRowid = 1;
+ }else{
+ v++; /* IMP: R-29538-34987 */
+ }
+ }
+ }
+
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+ if( pOp->p3 ){
+ /* Assert that P3 is a valid memory cell. */
+ assert( pOp->p3>0 );
+ if( p->pFrame ){
+ for(pFrame=p->pFrame; pFrame->pParent; pFrame=pFrame->pParent);
+ /* Assert that P3 is a valid memory cell. */
+ assert( pOp->p3<=pFrame->nMem );
+ pMem = &pFrame->aMem[pOp->p3];
+ }else{
+ /* Assert that P3 is a valid memory cell. */
+ assert( pOp->p3<=(p->nMem-p->nCursor) );
+ pMem = &aMem[pOp->p3];
+ memAboutToChange(p, pMem);
+ }
+ assert( memIsValid(pMem) );
+
+ REGISTER_TRACE(pOp->p3, pMem);
+ sqlite3VdbeMemIntegerify(pMem);
+ assert( (pMem->flags & MEM_Int)!=0 ); /* mem(P3) holds an integer */
+ if( pMem->u.i==MAX_ROWID || pC->useRandomRowid ){
+ rc = SQLITE_FULL; /* IMP: R-12275-61338 */
+ goto abort_due_to_error;
+ }
+ if( v<pMem->u.i+1 ){
+ v = pMem->u.i + 1;
+ }
+ pMem->u.i = v;
+ }
+#endif
+ if( pC->useRandomRowid ){
+ /* IMPLEMENTATION-OF: R-07677-41881 If the largest ROWID is equal to the
+ ** largest possible integer (9223372036854775807) then the database
+ ** engine starts picking positive candidate ROWIDs at random until
+ ** it finds one that is not previously used. */
+ assert( pOp->p3==0 ); /* We cannot be in random rowid mode if this is
+ ** an AUTOINCREMENT table. */
+ cnt = 0;
+ do{
+ sqlite3_randomness(sizeof(v), &v);
+ v &= (MAX_ROWID>>1); v++; /* Ensure that v is greater than zero */
+ }while( ((rc = sqlite3BtreeMovetoUnpacked(pC->uc.pCursor, 0, (u64)v,
+ 0, &res))==SQLITE_OK)
+ && (res==0)
+ && (++cnt<100));
+ if( rc==SQLITE_OK && res==0 ){
+ rc = SQLITE_FULL; /* IMP: R-38219-53002 */
+ goto abort_due_to_error;
+ }
+ assert( v>0 ); /* EV: R-40812-03570 */
+ }
+ pC->deferredMoveto = 0;
+ pC->cacheStatus = CACHE_STALE;
+ }
+ pOut->u.i = v;
+ break;
+}
+
+/* Opcode: Insert P1 P2 P3 P4 P5
+** Synopsis: intkey=r[P3] data=r[P2]
+**
+** Write an entry into the table of cursor P1. A new entry is
+** created if it doesn't already exist or the data for an existing
+** entry is overwritten. The data is the value MEM_Blob stored in register
+** number P2. The key is stored in register P3. The key must
+** be a MEM_Int.
+**
+** If the OPFLAG_NCHANGE flag of P5 is set, then the row change count is
+** incremented (otherwise not). If the OPFLAG_LASTROWID flag of P5 is set,
+** then rowid is stored for subsequent return by the
+** sqlite3_last_insert_rowid() function (otherwise it is unmodified).
+**
+** If the OPFLAG_USESEEKRESULT flag of P5 is set and if the result of
+** the last seek operation (OP_NotExists) was a success, then this
+** operation will not attempt to find the appropriate row before doing
+** the insert but will instead overwrite the row that the cursor is
+** currently pointing to. Presumably, the prior OP_NotExists opcode
+** has already positioned the cursor correctly. This is an optimization
+** that boosts performance by avoiding redundant seeks.
+**
+** If the OPFLAG_ISUPDATE flag is set, then this opcode is part of an
+** UPDATE operation. Otherwise (if the flag is clear) then this opcode
+** is part of an INSERT operation. The difference is only important to
+** the update hook.
+**
+** Parameter P4 may point to a string containing the table-name, or
+** may be NULL. If it is not NULL, then the update-hook
+** (sqlite3.xUpdateCallback) is invoked following a successful insert.
+**
+** (WARNING/TODO: If P1 is a pseudo-cursor and P2 is dynamically
+** allocated, then ownership of P2 is transferred to the pseudo-cursor
+** and register P2 becomes ephemeral. If the cursor is changed, the
+** value of register P2 will then change. Make sure this does not
+** cause any problems.)
+**
+** This instruction only works on tables. The equivalent instruction
+** for indices is OP_IdxInsert.
+*/
+/* Opcode: InsertInt P1 P2 P3 P4 P5
+** Synopsis: intkey=P3 data=r[P2]
+**
+** This works exactly like OP_Insert except that the key is the
+** integer value P3, not the value of the integer stored in register P3.
+*/
+case OP_Insert:
+case OP_InsertInt: {
+ Mem *pData; /* MEM cell holding data for the record to be inserted */
+ Mem *pKey; /* MEM cell holding key for the record */
+ i64 iKey; /* The integer ROWID or key for the record to be inserted */
+ VdbeCursor *pC; /* Cursor to table into which insert is written */
+ int nZero; /* Number of zero-bytes to append */
+ int seekResult; /* Result of prior seek or 0 if no USESEEKRESULT flag */
+ const char *zDb; /* database name - used by the update hook */
+ const char *zTbl; /* Table name - used by the opdate hook */
+ int op; /* Opcode for update hook: SQLITE_UPDATE or SQLITE_INSERT */
+
+ pData = &aMem[pOp->p2];
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ assert( memIsValid(pData) );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0 );
+ assert( pC->isTable );
+ REGISTER_TRACE(pOp->p2, pData);
+
+ if( pOp->opcode==OP_Insert ){
+ pKey = &aMem[pOp->p3];
+ assert( pKey->flags & MEM_Int );
+ assert( memIsValid(pKey) );
+ REGISTER_TRACE(pOp->p3, pKey);
+ iKey = pKey->u.i;
+ }else{
+ assert( pOp->opcode==OP_InsertInt );
+ iKey = pOp->p3;
+ }
+
+ if( pOp->p5 & OPFLAG_NCHANGE ) p->nChange++;
+ if( pOp->p5 & OPFLAG_LASTROWID ) db->lastRowid = lastRowid = iKey;
+ if( pData->flags & MEM_Null ){
+ pData->z = 0;
+ pData->n = 0;
+ }else{
+ assert( pData->flags & (MEM_Blob|MEM_Str) );
+ }
+ seekResult = ((pOp->p5 & OPFLAG_USESEEKRESULT) ? pC->seekResult : 0);
+ if( pData->flags & MEM_Zero ){
+ nZero = pData->u.nZero;
+ }else{
+ nZero = 0;
+ }
+ rc = sqlite3BtreeInsert(pC->uc.pCursor, 0, iKey,
+ pData->z, pData->n, nZero,
+ (pOp->p5 & OPFLAG_APPEND)!=0, seekResult
+ );
+ pC->deferredMoveto = 0;
+ pC->cacheStatus = CACHE_STALE;
+
+ /* Invoke the update-hook if required. */
+ if( rc==SQLITE_OK && db->xUpdateCallback && pOp->p4.z ){
+ zDb = db->aDb[pC->iDb].zName;
+ zTbl = pOp->p4.z;
+ op = ((pOp->p5 & OPFLAG_ISUPDATE) ? SQLITE_UPDATE : SQLITE_INSERT);
+ assert( pC->isTable );
+ db->xUpdateCallback(db->pUpdateArg, op, zDb, zTbl, iKey);
+ assert( pC->iDb>=0 );
+ }
+ break;
+}
+
+/* Opcode: Delete P1 P2 * P4 P5
+**
+** Delete the record at which the P1 cursor is currently pointing.
+**
+** If the P5 parameter is non-zero, the cursor will be left pointing at
+** either the next or the previous record in the table. If it is left
+** pointing at the next record, then the next Next instruction will be a
+** no-op. As a result, in this case it is OK to delete a record from within a
+** Next loop. If P5 is zero, then the cursor is left in an undefined state.
+**
+** If the OPFLAG_NCHANGE flag of P2 is set, then the row change count is
+** incremented (otherwise not).
+**
+** P1 must not be pseudo-table. It has to be a real table with
+** multiple rows.
+**
+** If P4 is not NULL, then it is the name of the table that P1 is
+** pointing to. The update hook will be invoked, if it exists.
+** If P4 is not NULL then the P1 cursor must have been positioned
+** using OP_NotFound prior to invoking this opcode.
+*/
+case OP_Delete: {
+ VdbeCursor *pC;
+ u8 hasUpdateCallback;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0 );
+ assert( pC->deferredMoveto==0 );
+
+ hasUpdateCallback = db->xUpdateCallback && pOp->p4.z && pC->isTable;
+ if( pOp->p5 && hasUpdateCallback ){
+ sqlite3BtreeKeySize(pC->uc.pCursor, &pC->movetoTarget);
+ }
+
+#ifdef SQLITE_DEBUG
+ /* The seek operation that positioned the cursor prior to OP_Delete will
+ ** have also set the pC->movetoTarget field to the rowid of the row that
+ ** is being deleted */
+ if( pOp->p4.z && pC->isTable && pOp->p5==0 ){
+ i64 iKey = 0;
+ sqlite3BtreeKeySize(pC->uc.pCursor, &iKey);
+ assert( pC->movetoTarget==iKey );
+ }
+#endif
+
+ rc = sqlite3BtreeDelete(pC->uc.pCursor, pOp->p5);
+ pC->cacheStatus = CACHE_STALE;
+
+ /* Invoke the update-hook if required. */
+ if( rc==SQLITE_OK && hasUpdateCallback ){
+ db->xUpdateCallback(db->pUpdateArg, SQLITE_DELETE,
+ db->aDb[pC->iDb].zName, pOp->p4.z, pC->movetoTarget);
+ assert( pC->iDb>=0 );
+ }
+ if( pOp->p2 & OPFLAG_NCHANGE ) p->nChange++;
+ break;
+}
+/* Opcode: ResetCount * * * * *
+**
+** The value of the change counter is copied to the database handle
+** change counter (returned by subsequent calls to sqlite3_changes()).
+** Then the VMs internal change counter resets to 0.
+** This is used by trigger programs.
+*/
+case OP_ResetCount: {
+ sqlite3VdbeSetChanges(db, p->nChange);
+ p->nChange = 0;
+ break;
+}
+
+/* Opcode: SorterCompare P1 P2 P3 P4
+** Synopsis: if key(P1)!=trim(r[P3],P4) goto P2
+**
+** P1 is a sorter cursor. This instruction compares a prefix of the
+** record blob in register P3 against a prefix of the entry that
+** the sorter cursor currently points to. Only the first P4 fields
+** of r[P3] and the sorter record are compared.
+**
+** If either P3 or the sorter contains a NULL in one of their significant
+** fields (not counting the P4 fields at the end which are ignored) then
+** the comparison is assumed to be equal.
+**
+** Fall through to next instruction if the two records compare equal to
+** each other. Jump to P2 if they are different.
+*/
+case OP_SorterCompare: {
+ VdbeCursor *pC;
+ int res;
+ int nKeyCol;
+
+ pC = p->apCsr[pOp->p1];
+ assert( isSorter(pC) );
+ assert( pOp->p4type==P4_INT32 );
+ pIn3 = &aMem[pOp->p3];
+ nKeyCol = pOp->p4.i;
+ res = 0;
+ rc = sqlite3VdbeSorterCompare(pC, pIn3, nKeyCol, &res);
+ VdbeBranchTaken(res!=0,2);
+ if( res ) goto jump_to_p2;
+ break;
+};
+
+/* Opcode: SorterData P1 P2 P3 * *
+** Synopsis: r[P2]=data
+**
+** Write into register P2 the current sorter data for sorter cursor P1.
+** Then clear the column header cache on cursor P3.
+**
+** This opcode is normally use to move a record out of the sorter and into
+** a register that is the source for a pseudo-table cursor created using
+** OpenPseudo. That pseudo-table cursor is the one that is identified by
+** parameter P3. Clearing the P3 column cache as part of this opcode saves
+** us from having to issue a separate NullRow instruction to clear that cache.
+*/
+case OP_SorterData: {
+ VdbeCursor *pC;
+
+ pOut = &aMem[pOp->p2];
+ pC = p->apCsr[pOp->p1];
+ assert( isSorter(pC) );
+ rc = sqlite3VdbeSorterRowkey(pC, pOut);
+ assert( rc!=SQLITE_OK || (pOut->flags & MEM_Blob) );
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ p->apCsr[pOp->p3]->cacheStatus = CACHE_STALE;
+ break;
+}
+
+/* Opcode: RowData P1 P2 * * *
+** Synopsis: r[P2]=data
+**
+** Write into register P2 the complete row data for cursor P1.
+** There is no interpretation of the data.
+** It is just copied onto the P2 register exactly as
+** it is found in the database file.
+**
+** If the P1 cursor must be pointing to a valid row (not a NULL row)
+** of a real table, not a pseudo-table.
+*/
+/* Opcode: RowKey P1 P2 * * *
+** Synopsis: r[P2]=key
+**
+** Write into register P2 the complete row key for cursor P1.
+** There is no interpretation of the data.
+** The key is copied onto the P2 register exactly as
+** it is found in the database file.
+**
+** If the P1 cursor must be pointing to a valid row (not a NULL row)
+** of a real table, not a pseudo-table.
+*/
+case OP_RowKey:
+case OP_RowData: {
+ VdbeCursor *pC;
+ BtCursor *pCrsr;
+ u32 n;
+ i64 n64;
+
+ pOut = &aMem[pOp->p2];
+ memAboutToChange(p, pOut);
+
+ /* Note that RowKey and RowData are really exactly the same instruction */
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( isSorter(pC)==0 );
+ assert( pC->isTable || pOp->opcode!=OP_RowData );
+ assert( pC->isTable==0 || pOp->opcode==OP_RowData );
+ assert( pC->nullRow==0 );
+ assert( pC->uc.pCursor!=0 );
+ pCrsr = pC->uc.pCursor;
+
+ /* The OP_RowKey and OP_RowData opcodes always follow OP_NotExists or
+ ** OP_Rewind/Op_Next with no intervening instructions that might invalidate
+ ** the cursor. If this where not the case, on of the following assert()s
+ ** would fail. Should this ever change (because of changes in the code
+ ** generator) then the fix would be to insert a call to
+ ** sqlite3VdbeCursorMoveto().
+ */
+ assert( pC->deferredMoveto==0 );
+ assert( sqlite3BtreeCursorIsValid(pCrsr) );
+#if 0 /* Not required due to the previous to assert() statements */
+ rc = sqlite3VdbeCursorMoveto(pC);
+ if( rc!=SQLITE_OK ) goto abort_due_to_error;
+#endif
+
+ if( pC->isTable==0 ){
+ assert( !pC->isTable );
+ VVA_ONLY(rc =) sqlite3BtreeKeySize(pCrsr, &n64);
+ assert( rc==SQLITE_OK ); /* True because of CursorMoveto() call above */
+ if( n64>db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ goto too_big;
+ }
+ n = (u32)n64;
+ }else{
+ VVA_ONLY(rc =) sqlite3BtreeDataSize(pCrsr, &n);
+ assert( rc==SQLITE_OK ); /* DataSize() cannot fail */
+ if( n>(u32)db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ goto too_big;
+ }
+ }
+ testcase( n==0 );
+ if( sqlite3VdbeMemClearAndResize(pOut, MAX(n,32)) ){
+ goto no_mem;
+ }
+ pOut->n = n;
+ MemSetTypeFlag(pOut, MEM_Blob);
+ if( pC->isTable==0 ){
+ rc = sqlite3BtreeKey(pCrsr, 0, n, pOut->z);
+ }else{
+ rc = sqlite3BtreeData(pCrsr, 0, n, pOut->z);
+ }
+ pOut->enc = SQLITE_UTF8; /* In case the blob is ever cast to text */
+ UPDATE_MAX_BLOBSIZE(pOut);
+ REGISTER_TRACE(pOp->p2, pOut);
+ break;
+}
+
+/* Opcode: Rowid P1 P2 * * *
+** Synopsis: r[P2]=rowid
+**
+** Store in register P2 an integer which is the key of the table entry that
+** P1 is currently point to.
+**
+** P1 can be either an ordinary table or a virtual table. There used to
+** be a separate OP_VRowid opcode for use with virtual tables, but this
+** one opcode now works for both table types.
+*/
+case OP_Rowid: { /* out2 */
+ VdbeCursor *pC;
+ i64 v;
+ sqlite3_vtab *pVtab;
+ const sqlite3_module *pModule;
+
+ pOut = out2Prerelease(p, pOp);
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType!=CURTYPE_PSEUDO || pC->nullRow );
+ if( pC->nullRow ){
+ pOut->flags = MEM_Null;
+ break;
+ }else if( pC->deferredMoveto ){
+ v = pC->movetoTarget;
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ }else if( pC->eCurType==CURTYPE_VTAB ){
+ assert( pC->uc.pVCur!=0 );
+ pVtab = pC->uc.pVCur->pVtab;
+ pModule = pVtab->pModule;
+ assert( pModule->xRowid );
+ rc = pModule->xRowid(pC->uc.pVCur, &v);
+ sqlite3VtabImportErrmsg(p, pVtab);
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+ }else{
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0 );
+ rc = sqlite3VdbeCursorRestore(pC);
+ if( rc ) goto abort_due_to_error;
+ if( pC->nullRow ){
+ pOut->flags = MEM_Null;
+ break;
+ }
+ rc = sqlite3BtreeKeySize(pC->uc.pCursor, &v);
+ assert( rc==SQLITE_OK ); /* Always so because of CursorRestore() above */
+ }
+ pOut->u.i = v;
+ break;
+}
+
+/* Opcode: NullRow P1 * * * *
+**
+** Move the cursor P1 to a null row. Any OP_Column operations
+** that occur while the cursor is on the null row will always
+** write a NULL.
+*/
+case OP_NullRow: {
+ VdbeCursor *pC;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ pC->nullRow = 1;
+ pC->cacheStatus = CACHE_STALE;
+ if( pC->eCurType==CURTYPE_BTREE ){
+ assert( pC->uc.pCursor!=0 );
+ sqlite3BtreeClearCursor(pC->uc.pCursor);
+ }
+ break;
+}
+
+/* Opcode: Last P1 P2 P3 * *
+**
+** The next use of the Rowid or Column or Prev instruction for P1
+** will refer to the last entry in the database table or index.
+** If the table or index is empty and P2>0, then jump immediately to P2.
+** If P2 is 0 or if the table or index is not empty, fall through
+** to the following instruction.
+**
+** This opcode leaves the cursor configured to move in reverse order,
+** from the end toward the beginning. In other words, the cursor is
+** configured to use Prev, not Next.
+*/
+case OP_Last: { /* jump */
+ VdbeCursor *pC;
+ BtCursor *pCrsr;
+ int res;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pCrsr = pC->uc.pCursor;
+ res = 0;
+ assert( pCrsr!=0 );
+ rc = sqlite3BtreeLast(pCrsr, &res);
+ pC->nullRow = (u8)res;
+ pC->deferredMoveto = 0;
+ pC->cacheStatus = CACHE_STALE;
+ pC->seekResult = pOp->p3;
+#ifdef SQLITE_DEBUG
+ pC->seekOp = OP_Last;
+#endif
+ if( pOp->p2>0 ){
+ VdbeBranchTaken(res!=0,2);
+ if( res ) goto jump_to_p2;
+ }
+ break;
+}
+
+
+/* Opcode: Sort P1 P2 * * *
+**
+** This opcode does exactly the same thing as OP_Rewind except that
+** it increments an undocumented global variable used for testing.
+**
+** Sorting is accomplished by writing records into a sorting index,
+** then rewinding that index and playing it back from beginning to
+** end. We use the OP_Sort opcode instead of OP_Rewind to do the
+** rewinding so that the global variable will be incremented and
+** regression tests can determine whether or not the optimizer is
+** correctly optimizing out sorts.
+*/
+case OP_SorterSort: /* jump */
+case OP_Sort: { /* jump */
+#ifdef SQLITE_TEST
+ sqlite3_sort_count++;
+ sqlite3_search_count--;
+#endif
+ p->aCounter[SQLITE_STMTSTATUS_SORT]++;
+ /* Fall through into OP_Rewind */
+}
+/* Opcode: Rewind P1 P2 * * *
+**
+** The next use of the Rowid or Column or Next instruction for P1
+** will refer to the first entry in the database table or index.
+** If the table or index is empty, jump immediately to P2.
+** If the table or index is not empty, fall through to the following
+** instruction.
+**
+** This opcode leaves the cursor configured to move in forward order,
+** from the beginning toward the end. In other words, the cursor is
+** configured to use Next, not Prev.
+*/
+case OP_Rewind: { /* jump */
+ VdbeCursor *pC;
+ BtCursor *pCrsr;
+ int res;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( isSorter(pC)==(pOp->opcode==OP_SorterSort) );
+ res = 1;
+#ifdef SQLITE_DEBUG
+ pC->seekOp = OP_Rewind;
+#endif
+ if( isSorter(pC) ){
+ rc = sqlite3VdbeSorterRewind(pC, &res);
+ }else{
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pCrsr = pC->uc.pCursor;
+ assert( pCrsr );
+ rc = sqlite3BtreeFirst(pCrsr, &res);
+ pC->deferredMoveto = 0;
+ pC->cacheStatus = CACHE_STALE;
+ }
+ pC->nullRow = (u8)res;
+ assert( pOp->p2>0 && pOp->p2<p->nOp );
+ VdbeBranchTaken(res!=0,2);
+ if( res ) goto jump_to_p2;
+ break;
+}
+
+/* Opcode: Next P1 P2 P3 P4 P5
+**
+** Advance cursor P1 so that it points to the next key/data pair in its
+** table or index. If there are no more key/value pairs then fall through
+** to the following instruction. But if the cursor advance was successful,
+** jump immediately to P2.
+**
+** The Next opcode is only valid following an SeekGT, SeekGE, or
+** OP_Rewind opcode used to position the cursor. Next is not allowed
+** to follow SeekLT, SeekLE, or OP_Last.
+**
+** The P1 cursor must be for a real table, not a pseudo-table. P1 must have
+** been opened prior to this opcode or the program will segfault.
+**
+** The P3 value is a hint to the btree implementation. If P3==1, that
+** means P1 is an SQL index and that this instruction could have been
+** omitted if that index had been unique. P3 is usually 0. P3 is
+** always either 0 or 1.
+**
+** P4 is always of type P4_ADVANCE. The function pointer points to
+** sqlite3BtreeNext().
+**
+** If P5 is positive and the jump is taken, then event counter
+** number P5-1 in the prepared statement is incremented.
+**
+** See also: Prev, NextIfOpen
+*/
+/* Opcode: NextIfOpen P1 P2 P3 P4 P5
+**
+** This opcode works just like Next except that if cursor P1 is not
+** open it behaves a no-op.
+*/
+/* Opcode: Prev P1 P2 P3 P4 P5
+**
+** Back up cursor P1 so that it points to the previous key/data pair in its
+** table or index. If there is no previous key/value pairs then fall through
+** to the following instruction. But if the cursor backup was successful,
+** jump immediately to P2.
+**
+**
+** The Prev opcode is only valid following an SeekLT, SeekLE, or
+** OP_Last opcode used to position the cursor. Prev is not allowed
+** to follow SeekGT, SeekGE, or OP_Rewind.
+**
+** The P1 cursor must be for a real table, not a pseudo-table. If P1 is
+** not open then the behavior is undefined.
+**
+** The P3 value is a hint to the btree implementation. If P3==1, that
+** means P1 is an SQL index and that this instruction could have been
+** omitted if that index had been unique. P3 is usually 0. P3 is
+** always either 0 or 1.
+**
+** P4 is always of type P4_ADVANCE. The function pointer points to
+** sqlite3BtreePrevious().
+**
+** If P5 is positive and the jump is taken, then event counter
+** number P5-1 in the prepared statement is incremented.
+*/
+/* Opcode: PrevIfOpen P1 P2 P3 P4 P5
+**
+** This opcode works just like Prev except that if cursor P1 is not
+** open it behaves a no-op.
+*/
+case OP_SorterNext: { /* jump */
+ VdbeCursor *pC;
+ int res;
+
+ pC = p->apCsr[pOp->p1];
+ assert( isSorter(pC) );
+ res = 0;
+ rc = sqlite3VdbeSorterNext(db, pC, &res);
+ goto next_tail;
+case OP_PrevIfOpen: /* jump */
+case OP_NextIfOpen: /* jump */
+ if( p->apCsr[pOp->p1]==0 ) break;
+ /* Fall through */
+case OP_Prev: /* jump */
+case OP_Next: /* jump */
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ assert( pOp->p5<ArraySize(p->aCounter) );
+ pC = p->apCsr[pOp->p1];
+ res = pOp->p3;
+ assert( pC!=0 );
+ assert( pC->deferredMoveto==0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( res==0 || (res==1 && pC->isTable==0) );
+ testcase( res==1 );
+ assert( pOp->opcode!=OP_Next || pOp->p4.xAdvance==sqlite3BtreeNext );
+ assert( pOp->opcode!=OP_Prev || pOp->p4.xAdvance==sqlite3BtreePrevious );
+ assert( pOp->opcode!=OP_NextIfOpen || pOp->p4.xAdvance==sqlite3BtreeNext );
+ assert( pOp->opcode!=OP_PrevIfOpen || pOp->p4.xAdvance==sqlite3BtreePrevious);
+
+ /* The Next opcode is only used after SeekGT, SeekGE, and Rewind.
+ ** The Prev opcode is only used after SeekLT, SeekLE, and Last. */
+ assert( pOp->opcode!=OP_Next || pOp->opcode!=OP_NextIfOpen
+ || pC->seekOp==OP_SeekGT || pC->seekOp==OP_SeekGE
+ || pC->seekOp==OP_Rewind || pC->seekOp==OP_Found);
+ assert( pOp->opcode!=OP_Prev || pOp->opcode!=OP_PrevIfOpen
+ || pC->seekOp==OP_SeekLT || pC->seekOp==OP_SeekLE
+ || pC->seekOp==OP_Last );
+
+ rc = pOp->p4.xAdvance(pC->uc.pCursor, &res);
+next_tail:
+ pC->cacheStatus = CACHE_STALE;
+ VdbeBranchTaken(res==0,2);
+ if( res==0 ){
+ pC->nullRow = 0;
+ p->aCounter[pOp->p5]++;
+#ifdef SQLITE_TEST
+ sqlite3_search_count++;
+#endif
+ goto jump_to_p2_and_check_for_interrupt;
+ }else{
+ pC->nullRow = 1;
+ }
+ goto check_for_interrupt;
+}
+
+/* Opcode: IdxInsert P1 P2 P3 * P5
+** Synopsis: key=r[P2]
+**
+** Register P2 holds an SQL index key made using the
+** MakeRecord instructions. This opcode writes that key
+** into the index P1. Data for the entry is nil.
+**
+** P3 is a flag that provides a hint to the b-tree layer that this
+** insert is likely to be an append.
+**
+** If P5 has the OPFLAG_NCHANGE bit set, then the change counter is
+** incremented by this instruction. If the OPFLAG_NCHANGE bit is clear,
+** then the change counter is unchanged.
+**
+** If P5 has the OPFLAG_USESEEKRESULT bit set, then the cursor must have
+** just done a seek to the spot where the new entry is to be inserted.
+** This flag avoids doing an extra seek.
+**
+** This instruction only works for indices. The equivalent instruction
+** for tables is OP_Insert.
+*/
+case OP_SorterInsert: /* in2 */
+case OP_IdxInsert: { /* in2 */
+ VdbeCursor *pC;
+ int nKey;
+ const char *zKey;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( isSorter(pC)==(pOp->opcode==OP_SorterInsert) );
+ pIn2 = &aMem[pOp->p2];
+ assert( pIn2->flags & MEM_Blob );
+ if( pOp->p5 & OPFLAG_NCHANGE ) p->nChange++;
+ assert( pC->eCurType==CURTYPE_BTREE || pOp->opcode==OP_SorterInsert );
+ assert( pC->isTable==0 );
+ rc = ExpandBlob(pIn2);
+ if( rc==SQLITE_OK ){
+ if( pOp->opcode==OP_SorterInsert ){
+ rc = sqlite3VdbeSorterWrite(pC, pIn2);
+ }else{
+ nKey = pIn2->n;
+ zKey = pIn2->z;
+ rc = sqlite3BtreeInsert(pC->uc.pCursor, zKey, nKey, "", 0, 0, pOp->p3,
+ ((pOp->p5 & OPFLAG_USESEEKRESULT) ? pC->seekResult : 0)
+ );
+ assert( pC->deferredMoveto==0 );
+ pC->cacheStatus = CACHE_STALE;
+ }
+ }
+ break;
+}
+
+/* Opcode: IdxDelete P1 P2 P3 * *
+** Synopsis: key=r[P2@P3]
+**
+** The content of P3 registers starting at register P2 form
+** an unpacked index key. This opcode removes that entry from the
+** index opened by cursor P1.
+*/
+case OP_IdxDelete: {
+ VdbeCursor *pC;
+ BtCursor *pCrsr;
+ int res;
+ UnpackedRecord r;
+
+ assert( pOp->p3>0 );
+ assert( pOp->p2>0 && pOp->p2+pOp->p3<=(p->nMem-p->nCursor)+1 );
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pCrsr = pC->uc.pCursor;
+ assert( pCrsr!=0 );
+ assert( pOp->p5==0 );
+ r.pKeyInfo = pC->pKeyInfo;
+ r.nField = (u16)pOp->p3;
+ r.default_rc = 0;
+ r.aMem = &aMem[pOp->p2];
+#ifdef SQLITE_DEBUG
+ { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
+#endif
+ rc = sqlite3BtreeMovetoUnpacked(pCrsr, &r, 0, 0, &res);
+ if( rc==SQLITE_OK && res==0 ){
+ rc = sqlite3BtreeDelete(pCrsr, 0);
+ }
+ assert( pC->deferredMoveto==0 );
+ pC->cacheStatus = CACHE_STALE;
+ break;
+}
+
+/* Opcode: IdxRowid P1 P2 * * *
+** Synopsis: r[P2]=rowid
+**
+** Write into register P2 an integer which is the last entry in the record at
+** the end of the index key pointed to by cursor P1. This integer should be
+** the rowid of the table entry to which this index entry points.
+**
+** See also: Rowid, MakeRecord.
+*/
+case OP_IdxRowid: { /* out2 */
+ BtCursor *pCrsr;
+ VdbeCursor *pC;
+ i64 rowid;
+
+ pOut = out2Prerelease(p, pOp);
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ pCrsr = pC->uc.pCursor;
+ assert( pCrsr!=0 );
+ pOut->flags = MEM_Null;
+ assert( pC->isTable==0 );
+ assert( pC->deferredMoveto==0 );
+
+ /* sqlite3VbeCursorRestore() can only fail if the record has been deleted
+ ** out from under the cursor. That will never happend for an IdxRowid
+ ** opcode, hence the NEVER() arround the check of the return value.
+ */
+ rc = sqlite3VdbeCursorRestore(pC);
+ if( NEVER(rc!=SQLITE_OK) ) goto abort_due_to_error;
+
+ if( !pC->nullRow ){
+ rowid = 0; /* Not needed. Only used to silence a warning. */
+ rc = sqlite3VdbeIdxRowid(db, pCrsr, &rowid);
+ if( rc!=SQLITE_OK ){
+ goto abort_due_to_error;
+ }
+ pOut->u.i = rowid;
+ pOut->flags = MEM_Int;
+ }
+ break;
+}
+
+/* Opcode: IdxGE P1 P2 P3 P4 P5
+** Synopsis: key=r[P3@P4]
+**
+** The P4 register values beginning with P3 form an unpacked index
+** key that omits the PRIMARY KEY. Compare this key value against the index
+** that P1 is currently pointing to, ignoring the PRIMARY KEY or ROWID
+** fields at the end.
+**
+** If the P1 index entry is greater than or equal to the key value
+** then jump to P2. Otherwise fall through to the next instruction.
+*/
+/* Opcode: IdxGT P1 P2 P3 P4 P5
+** Synopsis: key=r[P3@P4]
+**
+** The P4 register values beginning with P3 form an unpacked index
+** key that omits the PRIMARY KEY. Compare this key value against the index
+** that P1 is currently pointing to, ignoring the PRIMARY KEY or ROWID
+** fields at the end.
+**
+** If the P1 index entry is greater than the key value
+** then jump to P2. Otherwise fall through to the next instruction.
+*/
+/* Opcode: IdxLT P1 P2 P3 P4 P5
+** Synopsis: key=r[P3@P4]
+**
+** The P4 register values beginning with P3 form an unpacked index
+** key that omits the PRIMARY KEY or ROWID. Compare this key value against
+** the index that P1 is currently pointing to, ignoring the PRIMARY KEY or
+** ROWID on the P1 index.
+**
+** If the P1 index entry is less than the key value then jump to P2.
+** Otherwise fall through to the next instruction.
+*/
+/* Opcode: IdxLE P1 P2 P3 P4 P5
+** Synopsis: key=r[P3@P4]
+**
+** The P4 register values beginning with P3 form an unpacked index
+** key that omits the PRIMARY KEY or ROWID. Compare this key value against
+** the index that P1 is currently pointing to, ignoring the PRIMARY KEY or
+** ROWID on the P1 index.
+**
+** If the P1 index entry is less than or equal to the key value then jump
+** to P2. Otherwise fall through to the next instruction.
+*/
+case OP_IdxLE: /* jump */
+case OP_IdxGT: /* jump */
+case OP_IdxLT: /* jump */
+case OP_IdxGE: { /* jump */
+ VdbeCursor *pC;
+ int res;
+ UnpackedRecord r;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ assert( pC->isOrdered );
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->uc.pCursor!=0);
+ assert( pC->deferredMoveto==0 );
+ assert( pOp->p5==0 || pOp->p5==1 );
+ assert( pOp->p4type==P4_INT32 );
+ r.pKeyInfo = pC->pKeyInfo;
+ r.nField = (u16)pOp->p4.i;
+ if( pOp->opcode<OP_IdxLT ){
+ assert( pOp->opcode==OP_IdxLE || pOp->opcode==OP_IdxGT );
+ r.default_rc = -1;
+ }else{
+ assert( pOp->opcode==OP_IdxGE || pOp->opcode==OP_IdxLT );
+ r.default_rc = 0;
+ }
+ r.aMem = &aMem[pOp->p3];
+#ifdef SQLITE_DEBUG
+ { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
+#endif
+ res = 0; /* Not needed. Only used to silence a warning. */
+ rc = sqlite3VdbeIdxKeyCompare(db, pC, &r, &res);
+ assert( (OP_IdxLE&1)==(OP_IdxLT&1) && (OP_IdxGE&1)==(OP_IdxGT&1) );
+ if( (pOp->opcode&1)==(OP_IdxLT&1) ){
+ assert( pOp->opcode==OP_IdxLE || pOp->opcode==OP_IdxLT );
+ res = -res;
+ }else{
+ assert( pOp->opcode==OP_IdxGE || pOp->opcode==OP_IdxGT );
+ res++;
+ }
+ VdbeBranchTaken(res>0,2);
+ if( res>0 ) goto jump_to_p2;
+ break;
+}
+
+/* Opcode: Destroy P1 P2 P3 * *
+**
+** Delete an entire database table or index whose root page in the database
+** file is given by P1.
+**
+** The table being destroyed is in the main database file if P3==0. If
+** P3==1 then the table to be clear is in the auxiliary database file
+** that is used to store tables create using CREATE TEMPORARY TABLE.
+**
+** If AUTOVACUUM is enabled then it is possible that another root page
+** might be moved into the newly deleted root page in order to keep all
+** root pages contiguous at the beginning of the database. The former
+** value of the root page that moved - its value before the move occurred -
+** is stored in register P2. If no page
+** movement was required (because the table being dropped was already
+** the last one in the database) then a zero is stored in register P2.
+** If AUTOVACUUM is disabled then a zero is stored in register P2.
+**
+** See also: Clear
+*/
+case OP_Destroy: { /* out2 */
+ int iMoved;
+ int iDb;
+
+ assert( p->readOnly==0 );
+ pOut = out2Prerelease(p, pOp);
+ pOut->flags = MEM_Null;
+ if( db->nVdbeRead > db->nVDestroy+1 ){
+ rc = SQLITE_LOCKED;
+ p->errorAction = OE_Abort;
+ }else{
+ iDb = pOp->p3;
+ assert( DbMaskTest(p->btreeMask, iDb) );
+ iMoved = 0; /* Not needed. Only to silence a warning. */
+ rc = sqlite3BtreeDropTable(db->aDb[iDb].pBt, pOp->p1, &iMoved);
+ pOut->flags = MEM_Int;
+ pOut->u.i = iMoved;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ if( rc==SQLITE_OK && iMoved!=0 ){
+ sqlite3RootPageMoved(db, iDb, iMoved, pOp->p1);
+ /* All OP_Destroy operations occur on the same btree */
+ assert( resetSchemaOnFault==0 || resetSchemaOnFault==iDb+1 );
+ resetSchemaOnFault = iDb+1;
+ }
+#endif
+ }
+ break;
+}
+
+/* Opcode: Clear P1 P2 P3
+**
+** Delete all contents of the database table or index whose root page
+** in the database file is given by P1. But, unlike Destroy, do not
+** remove the table or index from the database file.
+**
+** The table being clear is in the main database file if P2==0. If
+** P2==1 then the table to be clear is in the auxiliary database file
+** that is used to store tables create using CREATE TEMPORARY TABLE.
+**
+** If the P3 value is non-zero, then the table referred to must be an
+** intkey table (an SQL table, not an index). In this case the row change
+** count is incremented by the number of rows in the table being cleared.
+** If P3 is greater than zero, then the value stored in register P3 is
+** also incremented by the number of rows in the table being cleared.
+**
+** See also: Destroy
+*/
+case OP_Clear: {
+ int nChange;
+
+ nChange = 0;
+ assert( p->readOnly==0 );
+ assert( DbMaskTest(p->btreeMask, pOp->p2) );
+ rc = sqlite3BtreeClearTable(
+ db->aDb[pOp->p2].pBt, pOp->p1, (pOp->p3 ? &nChange : 0)
+ );
+ if( pOp->p3 ){
+ p->nChange += nChange;
+ if( pOp->p3>0 ){
+ assert( memIsValid(&aMem[pOp->p3]) );
+ memAboutToChange(p, &aMem[pOp->p3]);
+ aMem[pOp->p3].u.i += nChange;
+ }
+ }
+ break;
+}
+
+/* Opcode: ResetSorter P1 * * * *
+**
+** Delete all contents from the ephemeral table or sorter
+** that is open on cursor P1.
+**
+** This opcode only works for cursors used for sorting and
+** opened with OP_OpenEphemeral or OP_SorterOpen.
+*/
+case OP_ResetSorter: {
+ VdbeCursor *pC;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ pC = p->apCsr[pOp->p1];
+ assert( pC!=0 );
+ if( isSorter(pC) ){
+ sqlite3VdbeSorterReset(db, pC->uc.pSorter);
+ }else{
+ assert( pC->eCurType==CURTYPE_BTREE );
+ assert( pC->isEphemeral );
+ rc = sqlite3BtreeClearTableOfCursor(pC->uc.pCursor);
+ }
+ break;
+}
+
+/* Opcode: CreateTable P1 P2 * * *
+** Synopsis: r[P2]=root iDb=P1
+**
+** Allocate a new table in the main database file if P1==0 or in the
+** auxiliary database file if P1==1 or in an attached database if
+** P1>1. Write the root page number of the new table into
+** register P2
+**
+** The difference between a table and an index is this: A table must
+** have a 4-byte integer key and can have arbitrary data. An index
+** has an arbitrary key but no data.
+**
+** See also: CreateIndex
+*/
+/* Opcode: CreateIndex P1 P2 * * *
+** Synopsis: r[P2]=root iDb=P1
+**
+** Allocate a new index in the main database file if P1==0 or in the
+** auxiliary database file if P1==1 or in an attached database if
+** P1>1. Write the root page number of the new table into
+** register P2.
+**
+** See documentation on OP_CreateTable for additional information.
+*/
+case OP_CreateIndex: /* out2 */
+case OP_CreateTable: { /* out2 */
+ int pgno;
+ int flags;
+ Db *pDb;
+
+ pOut = out2Prerelease(p, pOp);
+ pgno = 0;
+ assert( pOp->p1>=0 && pOp->p1<db->nDb );
+ assert( DbMaskTest(p->btreeMask, pOp->p1) );
+ assert( p->readOnly==0 );
+ pDb = &db->aDb[pOp->p1];
+ assert( pDb->pBt!=0 );
+ if( pOp->opcode==OP_CreateTable ){
+ /* flags = BTREE_INTKEY; */
+ flags = BTREE_INTKEY;
+ }else{
+ flags = BTREE_BLOBKEY;
+ }
+ rc = sqlite3BtreeCreateTable(pDb->pBt, &pgno, flags);
+ pOut->u.i = pgno;
+ break;
+}
+
+/* Opcode: ParseSchema P1 * * P4 *
+**
+** Read and parse all entries from the SQLITE_MASTER table of database P1
+** that match the WHERE clause P4.
+**
+** This opcode invokes the parser to create a new virtual machine,
+** then runs the new virtual machine. It is thus a re-entrant opcode.
+*/
+case OP_ParseSchema: {
+ int iDb;
+ const char *zMaster;
+ char *zSql;
+ InitData initData;
+
+ /* Any prepared statement that invokes this opcode will hold mutexes
+ ** on every btree. This is a prerequisite for invoking
+ ** sqlite3InitCallback().
+ */
+#ifdef SQLITE_DEBUG
+ for(iDb=0; iDb<db->nDb; iDb++){
+ assert( iDb==1 || sqlite3BtreeHoldsMutex(db->aDb[iDb].pBt) );
+ }
+#endif
+
+ iDb = pOp->p1;
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( DbHasProperty(db, iDb, DB_SchemaLoaded) );
+ /* Used to be a conditional */ {
+ zMaster = SCHEMA_TABLE(iDb);
+ initData.db = db;
+ initData.iDb = pOp->p1;
+ initData.pzErrMsg = &p->zErrMsg;
+ zSql = sqlite3MPrintf(db,
+ "SELECT name, rootpage, sql FROM '%q'.%s WHERE %s ORDER BY rowid",
+ db->aDb[iDb].zName, zMaster, pOp->p4.z);
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ assert( db->init.busy==0 );
+ db->init.busy = 1;
+ initData.rc = SQLITE_OK;
+ assert( !db->mallocFailed );
+ rc = sqlite3_exec(db, zSql, sqlite3InitCallback, &initData, 0);
+ if( rc==SQLITE_OK ) rc = initData.rc;
+ sqlite3DbFree(db, zSql);
+ db->init.busy = 0;
+ }
+ }
+ if( rc ) sqlite3ResetAllSchemasOfConnection(db);
+ if( rc==SQLITE_NOMEM ){
+ goto no_mem;
+ }
+ break;
+}
+
+#if !defined(SQLITE_OMIT_ANALYZE)
+/* Opcode: LoadAnalysis P1 * * * *
+**
+** Read the sqlite_stat1 table for database P1 and load the content
+** of that table into the internal index hash table. This will cause
+** the analysis to be used when preparing all subsequent queries.
+*/
+case OP_LoadAnalysis: {
+ assert( pOp->p1>=0 && pOp->p1<db->nDb );
+ rc = sqlite3AnalysisLoad(db, pOp->p1);
+ break;
+}
+#endif /* !defined(SQLITE_OMIT_ANALYZE) */
+
+/* Opcode: DropTable P1 * * P4 *
+**
+** Remove the internal (in-memory) data structures that describe
+** the table named P4 in database P1. This is called after a table
+** is dropped from disk (using the Destroy opcode) in order to keep
+** the internal representation of the
+** schema consistent with what is on disk.
+*/
+case OP_DropTable: {
+ sqlite3UnlinkAndDeleteTable(db, pOp->p1, pOp->p4.z);
+ break;
+}
+
+/* Opcode: DropIndex P1 * * P4 *
+**
+** Remove the internal (in-memory) data structures that describe
+** the index named P4 in database P1. This is called after an index
+** is dropped from disk (using the Destroy opcode)
+** in order to keep the internal representation of the
+** schema consistent with what is on disk.
+*/
+case OP_DropIndex: {
+ sqlite3UnlinkAndDeleteIndex(db, pOp->p1, pOp->p4.z);
+ break;
+}
+
+/* Opcode: DropTrigger P1 * * P4 *
+**
+** Remove the internal (in-memory) data structures that describe
+** the trigger named P4 in database P1. This is called after a trigger
+** is dropped from disk (using the Destroy opcode) in order to keep
+** the internal representation of the
+** schema consistent with what is on disk.
+*/
+case OP_DropTrigger: {
+ sqlite3UnlinkAndDeleteTrigger(db, pOp->p1, pOp->p4.z);
+ break;
+}
+
+
+#ifndef SQLITE_OMIT_INTEGRITY_CHECK
+/* Opcode: IntegrityCk P1 P2 P3 * P5
+**
+** Do an analysis of the currently open database. Store in
+** register P1 the text of an error message describing any problems.
+** If no problems are found, store a NULL in register P1.
+**
+** The register P3 contains the maximum number of allowed errors.
+** At most reg(P3) errors will be reported.
+** In other words, the analysis stops as soon as reg(P1) errors are
+** seen. Reg(P1) is updated with the number of errors remaining.
+**
+** The root page numbers of all tables in the database are integer
+** stored in reg(P1), reg(P1+1), reg(P1+2), .... There are P2 tables
+** total.
+**
+** If P5 is not zero, the check is done on the auxiliary database
+** file, not the main database file.
+**
+** This opcode is used to implement the integrity_check pragma.
+*/
+case OP_IntegrityCk: {
+ int nRoot; /* Number of tables to check. (Number of root pages.) */
+ int *aRoot; /* Array of rootpage numbers for tables to be checked */
+ int j; /* Loop counter */
+ int nErr; /* Number of errors reported */
+ char *z; /* Text of the error report */
+ Mem *pnErr; /* Register keeping track of errors remaining */
+
+ assert( p->bIsReader );
+ nRoot = pOp->p2;
+ assert( nRoot>0 );
+ aRoot = sqlite3DbMallocRaw(db, sizeof(int)*(nRoot+1) );
+ if( aRoot==0 ) goto no_mem;
+ assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
+ pnErr = &aMem[pOp->p3];
+ assert( (pnErr->flags & MEM_Int)!=0 );
+ assert( (pnErr->flags & (MEM_Str|MEM_Blob))==0 );
+ pIn1 = &aMem[pOp->p1];
+ for(j=0; j<nRoot; j++){
+ aRoot[j] = (int)sqlite3VdbeIntValue(&pIn1[j]);
+ }
+ aRoot[j] = 0;
+ assert( pOp->p5<db->nDb );
+ assert( DbMaskTest(p->btreeMask, pOp->p5) );
+ z = sqlite3BtreeIntegrityCheck(db->aDb[pOp->p5].pBt, aRoot, nRoot,
+ (int)pnErr->u.i, &nErr);
+ sqlite3DbFree(db, aRoot);
+ pnErr->u.i -= nErr;
+ sqlite3VdbeMemSetNull(pIn1);
+ if( nErr==0 ){
+ assert( z==0 );
+ }else if( z==0 ){
+ goto no_mem;
+ }else{
+ sqlite3VdbeMemSetStr(pIn1, z, -1, SQLITE_UTF8, sqlite3_free);
+ }
+ UPDATE_MAX_BLOBSIZE(pIn1);
+ sqlite3VdbeChangeEncoding(pIn1, encoding);
+ break;
+}
+#endif /* SQLITE_OMIT_INTEGRITY_CHECK */
+
+/* Opcode: RowSetAdd P1 P2 * * *
+** Synopsis: rowset(P1)=r[P2]
+**
+** Insert the integer value held by register P2 into a boolean index
+** held in register P1.
+**
+** An assertion fails if P2 is not an integer.
+*/
+case OP_RowSetAdd: { /* in1, in2 */
+ pIn1 = &aMem[pOp->p1];
+ pIn2 = &aMem[pOp->p2];
+ assert( (pIn2->flags & MEM_Int)!=0 );
+ if( (pIn1->flags & MEM_RowSet)==0 ){
+ sqlite3VdbeMemSetRowSet(pIn1);
+ if( (pIn1->flags & MEM_RowSet)==0 ) goto no_mem;
+ }
+ sqlite3RowSetInsert(pIn1->u.pRowSet, pIn2->u.i);
+ break;
+}
+
+/* Opcode: RowSetRead P1 P2 P3 * *
+** Synopsis: r[P3]=rowset(P1)
+**
+** Extract the smallest value from boolean index P1 and put that value into
+** register P3. Or, if boolean index P1 is initially empty, leave P3
+** unchanged and jump to instruction P2.
+*/
+case OP_RowSetRead: { /* jump, in1, out3 */
+ i64 val;
+
+ pIn1 = &aMem[pOp->p1];
+ if( (pIn1->flags & MEM_RowSet)==0
+ || sqlite3RowSetNext(pIn1->u.pRowSet, &val)==0
+ ){
+ /* The boolean index is empty */
+ sqlite3VdbeMemSetNull(pIn1);
+ VdbeBranchTaken(1,2);
+ goto jump_to_p2_and_check_for_interrupt;
+ }else{
+ /* A value was pulled from the index */
+ VdbeBranchTaken(0,2);
+ sqlite3VdbeMemSetInt64(&aMem[pOp->p3], val);
+ }
+ goto check_for_interrupt;
+}
+
+/* Opcode: RowSetTest P1 P2 P3 P4
+** Synopsis: if r[P3] in rowset(P1) goto P2
+**
+** Register P3 is assumed to hold a 64-bit integer value. If register P1
+** contains a RowSet object and that RowSet object contains
+** the value held in P3, jump to register P2. Otherwise, insert the
+** integer in P3 into the RowSet and continue on to the
+** next opcode.
+**
+** The RowSet object is optimized for the case where successive sets
+** of integers, where each set contains no duplicates. Each set
+** of values is identified by a unique P4 value. The first set
+** must have P4==0, the final set P4=-1. P4 must be either -1 or
+** non-negative. For non-negative values of P4 only the lower 4
+** bits are significant.
+**
+** This allows optimizations: (a) when P4==0 there is no need to test
+** the rowset object for P3, as it is guaranteed not to contain it,
+** (b) when P4==-1 there is no need to insert the value, as it will
+** never be tested for, and (c) when a value that is part of set X is
+** inserted, there is no need to search to see if the same value was
+** previously inserted as part of set X (only if it was previously
+** inserted as part of some other set).
+*/
+case OP_RowSetTest: { /* jump, in1, in3 */
+ int iSet;
+ int exists;
+
+ pIn1 = &aMem[pOp->p1];
+ pIn3 = &aMem[pOp->p3];
+ iSet = pOp->p4.i;
+ assert( pIn3->flags&MEM_Int );
+
+ /* If there is anything other than a rowset object in memory cell P1,
+ ** delete it now and initialize P1 with an empty rowset
+ */
+ if( (pIn1->flags & MEM_RowSet)==0 ){
+ sqlite3VdbeMemSetRowSet(pIn1);
+ if( (pIn1->flags & MEM_RowSet)==0 ) goto no_mem;
+ }
+
+ assert( pOp->p4type==P4_INT32 );
+ assert( iSet==-1 || iSet>=0 );
+ if( iSet ){
+ exists = sqlite3RowSetTest(pIn1->u.pRowSet, iSet, pIn3->u.i);
+ VdbeBranchTaken(exists!=0,2);
+ if( exists ) goto jump_to_p2;
+ }
+ if( iSet>=0 ){
+ sqlite3RowSetInsert(pIn1->u.pRowSet, pIn3->u.i);
+ }
+ break;
+}
+
+
+#ifndef SQLITE_OMIT_TRIGGER
+
+/* Opcode: Program P1 P2 P3 P4 P5
+**
+** Execute the trigger program passed as P4 (type P4_SUBPROGRAM).
+**
+** P1 contains the address of the memory cell that contains the first memory
+** cell in an array of values used as arguments to the sub-program. P2
+** contains the address to jump to if the sub-program throws an IGNORE
+** exception using the RAISE() function. Register P3 contains the address
+** of a memory cell in this (the parent) VM that is used to allocate the
+** memory required by the sub-vdbe at runtime.
+**
+** P4 is a pointer to the VM containing the trigger program.
+**
+** If P5 is non-zero, then recursive program invocation is enabled.
+*/
+case OP_Program: { /* jump */
+ int nMem; /* Number of memory registers for sub-program */
+ int nByte; /* Bytes of runtime space required for sub-program */
+ Mem *pRt; /* Register to allocate runtime space */
+ Mem *pMem; /* Used to iterate through memory cells */
+ Mem *pEnd; /* Last memory cell in new array */
+ VdbeFrame *pFrame; /* New vdbe frame to execute in */
+ SubProgram *pProgram; /* Sub-program to execute */
+ void *t; /* Token identifying trigger */
+
+ pProgram = pOp->p4.pProgram;
+ pRt = &aMem[pOp->p3];
+ assert( pProgram->nOp>0 );
+
+ /* If the p5 flag is clear, then recursive invocation of triggers is
+ ** disabled for backwards compatibility (p5 is set if this sub-program
+ ** is really a trigger, not a foreign key action, and the flag set
+ ** and cleared by the "PRAGMA recursive_triggers" command is clear).
+ **
+ ** It is recursive invocation of triggers, at the SQL level, that is
+ ** disabled. In some cases a single trigger may generate more than one
+ ** SubProgram (if the trigger may be executed with more than one different
+ ** ON CONFLICT algorithm). SubProgram structures associated with a
+ ** single trigger all have the same value for the SubProgram.token
+ ** variable. */
+ if( pOp->p5 ){
+ t = pProgram->token;
+ for(pFrame=p->pFrame; pFrame && pFrame->token!=t; pFrame=pFrame->pParent);
+ if( pFrame ) break;
+ }
+
+ if( p->nFrame>=db->aLimit[SQLITE_LIMIT_TRIGGER_DEPTH] ){
+ rc = SQLITE_ERROR;
+ sqlite3VdbeError(p, "too many levels of trigger recursion");
+ break;
+ }
+
+ /* Register pRt is used to store the memory required to save the state
+ ** of the current program, and the memory required at runtime to execute
+ ** the trigger program. If this trigger has been fired before, then pRt
+ ** is already allocated. Otherwise, it must be initialized. */
+ if( (pRt->flags&MEM_Frame)==0 ){
+ /* SubProgram.nMem is set to the number of memory cells used by the
+ ** program stored in SubProgram.aOp. As well as these, one memory
+ ** cell is required for each cursor used by the program. Set local
+ ** variable nMem (and later, VdbeFrame.nChildMem) to this value.
+ */
+ nMem = pProgram->nMem + pProgram->nCsr;
+ nByte = ROUND8(sizeof(VdbeFrame))
+ + nMem * sizeof(Mem)
+ + pProgram->nCsr * sizeof(VdbeCursor *)
+ + pProgram->nOnce * sizeof(u8);
+ pFrame = sqlite3DbMallocZero(db, nByte);
+ if( !pFrame ){
+ goto no_mem;
+ }
+ sqlite3VdbeMemRelease(pRt);
+ pRt->flags = MEM_Frame;
+ pRt->u.pFrame = pFrame;
+
+ pFrame->v = p;
+ pFrame->nChildMem = nMem;
+ pFrame->nChildCsr = pProgram->nCsr;
+ pFrame->pc = (int)(pOp - aOp);
+ pFrame->aMem = p->aMem;
+ pFrame->nMem = p->nMem;
+ pFrame->apCsr = p->apCsr;
+ pFrame->nCursor = p->nCursor;
+ pFrame->aOp = p->aOp;
+ pFrame->nOp = p->nOp;
+ pFrame->token = pProgram->token;
+ pFrame->aOnceFlag = p->aOnceFlag;
+ pFrame->nOnceFlag = p->nOnceFlag;
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ pFrame->anExec = p->anExec;
+#endif
+
+ pEnd = &VdbeFrameMem(pFrame)[pFrame->nChildMem];
+ for(pMem=VdbeFrameMem(pFrame); pMem!=pEnd; pMem++){
+ pMem->flags = MEM_Undefined;
+ pMem->db = db;
+ }
+ }else{
+ pFrame = pRt->u.pFrame;
+ assert( pProgram->nMem+pProgram->nCsr==pFrame->nChildMem );
+ assert( pProgram->nCsr==pFrame->nChildCsr );
+ assert( (int)(pOp - aOp)==pFrame->pc );
+ }
+
+ p->nFrame++;
+ pFrame->pParent = p->pFrame;
+ pFrame->lastRowid = lastRowid;
+ pFrame->nChange = p->nChange;
+ pFrame->nDbChange = p->db->nChange;
+ p->nChange = 0;
+ p->pFrame = pFrame;
+ p->aMem = aMem = &VdbeFrameMem(pFrame)[-1];
+ p->nMem = pFrame->nChildMem;
+ p->nCursor = (u16)pFrame->nChildCsr;
+ p->apCsr = (VdbeCursor **)&aMem[p->nMem+1];
+ p->aOp = aOp = pProgram->aOp;
+ p->nOp = pProgram->nOp;
+ p->aOnceFlag = (u8 *)&p->apCsr[p->nCursor];
+ p->nOnceFlag = pProgram->nOnce;
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ p->anExec = 0;
+#endif
+ pOp = &aOp[-1];
+ memset(p->aOnceFlag, 0, p->nOnceFlag);
+
+ break;
+}
+
+/* Opcode: Param P1 P2 * * *
+**
+** This opcode is only ever present in sub-programs called via the
+** OP_Program instruction. Copy a value currently stored in a memory
+** cell of the calling (parent) frame to cell P2 in the current frames
+** address space. This is used by trigger programs to access the new.*
+** and old.* values.
+**
+** The address of the cell in the parent frame is determined by adding
+** the value of the P1 argument to the value of the P1 argument to the
+** calling OP_Program instruction.
+*/
+case OP_Param: { /* out2 */
+ VdbeFrame *pFrame;
+ Mem *pIn;
+ pOut = out2Prerelease(p, pOp);
+ pFrame = p->pFrame;
+ pIn = &pFrame->aMem[pOp->p1 + pFrame->aOp[pFrame->pc].p1];
+ sqlite3VdbeMemShallowCopy(pOut, pIn, MEM_Ephem);
+ break;
+}
+
+#endif /* #ifndef SQLITE_OMIT_TRIGGER */
+
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+/* Opcode: FkCounter P1 P2 * * *
+** Synopsis: fkctr[P1]+=P2
+**
+** Increment a "constraint counter" by P2 (P2 may be negative or positive).
+** If P1 is non-zero, the database constraint counter is incremented
+** (deferred foreign key constraints). Otherwise, if P1 is zero, the
+** statement counter is incremented (immediate foreign key constraints).
+*/
+case OP_FkCounter: {
+ if( db->flags & SQLITE_DeferFKs ){
+ db->nDeferredImmCons += pOp->p2;
+ }else if( pOp->p1 ){
+ db->nDeferredCons += pOp->p2;
+ }else{
+ p->nFkConstraint += pOp->p2;
+ }
+ break;
+}
+
+/* Opcode: FkIfZero P1 P2 * * *
+** Synopsis: if fkctr[P1]==0 goto P2
+**
+** This opcode tests if a foreign key constraint-counter is currently zero.
+** If so, jump to instruction P2. Otherwise, fall through to the next
+** instruction.
+**
+** If P1 is non-zero, then the jump is taken if the database constraint-counter
+** is zero (the one that counts deferred constraint violations). If P1 is
+** zero, the jump is taken if the statement constraint-counter is zero
+** (immediate foreign key constraint violations).
+*/
+case OP_FkIfZero: { /* jump */
+ if( pOp->p1 ){
+ VdbeBranchTaken(db->nDeferredCons==0 && db->nDeferredImmCons==0, 2);
+ if( db->nDeferredCons==0 && db->nDeferredImmCons==0 ) goto jump_to_p2;
+ }else{
+ VdbeBranchTaken(p->nFkConstraint==0 && db->nDeferredImmCons==0, 2);
+ if( p->nFkConstraint==0 && db->nDeferredImmCons==0 ) goto jump_to_p2;
+ }
+ break;
+}
+#endif /* #ifndef SQLITE_OMIT_FOREIGN_KEY */
+
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+/* Opcode: MemMax P1 P2 * * *
+** Synopsis: r[P1]=max(r[P1],r[P2])
+**
+** P1 is a register in the root frame of this VM (the root frame is
+** different from the current frame if this instruction is being executed
+** within a sub-program). Set the value of register P1 to the maximum of
+** its current value and the value in register P2.
+**
+** This instruction throws an error if the memory cell is not initially
+** an integer.
+*/
+case OP_MemMax: { /* in2 */
+ VdbeFrame *pFrame;
+ if( p->pFrame ){
+ for(pFrame=p->pFrame; pFrame->pParent; pFrame=pFrame->pParent);
+ pIn1 = &pFrame->aMem[pOp->p1];
+ }else{
+ pIn1 = &aMem[pOp->p1];
+ }
+ assert( memIsValid(pIn1) );
+ sqlite3VdbeMemIntegerify(pIn1);
+ pIn2 = &aMem[pOp->p2];
+ sqlite3VdbeMemIntegerify(pIn2);
+ if( pIn1->u.i<pIn2->u.i){
+ pIn1->u.i = pIn2->u.i;
+ }
+ break;
+}
+#endif /* SQLITE_OMIT_AUTOINCREMENT */
+
+/* Opcode: IfPos P1 P2 P3 * *
+** Synopsis: if r[P1]>0 then r[P1]-=P3, goto P2
+**
+** Register P1 must contain an integer.
+** If the value of register P1 is 1 or greater, subtract P3 from the
+** value in P1 and jump to P2.
+**
+** If the initial value of register P1 is less than 1, then the
+** value is unchanged and control passes through to the next instruction.
+*/
+case OP_IfPos: { /* jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags&MEM_Int );
+ VdbeBranchTaken( pIn1->u.i>0, 2);
+ if( pIn1->u.i>0 ){
+ pIn1->u.i -= pOp->p3;
+ goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: SetIfNotPos P1 P2 P3 * *
+** Synopsis: if r[P1]<=0 then r[P2]=P3
+**
+** Register P1 must contain an integer.
+** If the value of register P1 is not positive (if it is less than 1) then
+** set the value of register P2 to be the integer P3.
+*/
+case OP_SetIfNotPos: { /* in1, in2 */
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags&MEM_Int );
+ if( pIn1->u.i<=0 ){
+ pOut = out2Prerelease(p, pOp);
+ pOut->u.i = pOp->p3;
+ }
+ break;
+}
+
+/* Opcode: IfNotZero P1 P2 P3 * *
+** Synopsis: if r[P1]!=0 then r[P1]-=P3, goto P2
+**
+** Register P1 must contain an integer. If the content of register P1 is
+** initially nonzero, then subtract P3 from the value in register P1 and
+** jump to P2. If register P1 is initially zero, leave it unchanged
+** and fall through.
+*/
+case OP_IfNotZero: { /* jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags&MEM_Int );
+ VdbeBranchTaken(pIn1->u.i<0, 2);
+ if( pIn1->u.i ){
+ pIn1->u.i -= pOp->p3;
+ goto jump_to_p2;
+ }
+ break;
+}
+
+/* Opcode: DecrJumpZero P1 P2 * * *
+** Synopsis: if (--r[P1])==0 goto P2
+**
+** Register P1 must hold an integer. Decrement the value in register P1
+** then jump to P2 if the new value is exactly zero.
+*/
+case OP_DecrJumpZero: { /* jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags&MEM_Int );
+ pIn1->u.i--;
+ VdbeBranchTaken(pIn1->u.i==0, 2);
+ if( pIn1->u.i==0 ) goto jump_to_p2;
+ break;
+}
+
+
+/* Opcode: JumpZeroIncr P1 P2 * * *
+** Synopsis: if (r[P1]++)==0 ) goto P2
+**
+** The register P1 must contain an integer. If register P1 is initially
+** zero, then jump to P2. Increment register P1 regardless of whether or
+** not the jump is taken.
+*/
+case OP_JumpZeroIncr: { /* jump, in1 */
+ pIn1 = &aMem[pOp->p1];
+ assert( pIn1->flags&MEM_Int );
+ VdbeBranchTaken(pIn1->u.i==0, 2);
+ if( (pIn1->u.i++)==0 ) goto jump_to_p2;
+ break;
+}
+
+/* Opcode: AggStep0 * P2 P3 P4 P5
+** Synopsis: accum=r[P3] step(r[P2@P5])
+**
+** Execute the step function for an aggregate. The
+** function has P5 arguments. P4 is a pointer to the FuncDef
+** structure that specifies the function. Register P3 is the
+** accumulator.
+**
+** The P5 arguments are taken from register P2 and its
+** successors.
+*/
+/* Opcode: AggStep * P2 P3 P4 P5
+** Synopsis: accum=r[P3] step(r[P2@P5])
+**
+** Execute the step function for an aggregate. The
+** function has P5 arguments. P4 is a pointer to an sqlite3_context
+** object that is used to run the function. Register P3 is
+** as the accumulator.
+**
+** The P5 arguments are taken from register P2 and its
+** successors.
+**
+** This opcode is initially coded as OP_AggStep0. On first evaluation,
+** the FuncDef stored in P4 is converted into an sqlite3_context and
+** the opcode is changed. In this way, the initialization of the
+** sqlite3_context only happens once, instead of on each call to the
+** step function.
+*/
+case OP_AggStep0: {
+ int n;
+ sqlite3_context *pCtx;
+
+ assert( pOp->p4type==P4_FUNCDEF );
+ n = pOp->p5;
+ assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
+ assert( n==0 || (pOp->p2>0 && pOp->p2+n<=(p->nMem-p->nCursor)+1) );
+ assert( pOp->p3<pOp->p2 || pOp->p3>=pOp->p2+n );
+ pCtx = sqlite3DbMallocRaw(db, sizeof(*pCtx) + (n-1)*sizeof(sqlite3_value*));
+ if( pCtx==0 ) goto no_mem;
+ pCtx->pMem = 0;
+ pCtx->pFunc = pOp->p4.pFunc;
+ pCtx->iOp = (int)(pOp - aOp);
+ pCtx->pVdbe = p;
+ pCtx->argc = n;
+ pOp->p4type = P4_FUNCCTX;
+ pOp->p4.pCtx = pCtx;
+ pOp->opcode = OP_AggStep;
+ /* Fall through into OP_AggStep */
+}
+case OP_AggStep: {
+ int i;
+ sqlite3_context *pCtx;
+ Mem *pMem;
+ Mem t;
+
+ assert( pOp->p4type==P4_FUNCCTX );
+ pCtx = pOp->p4.pCtx;
+ pMem = &aMem[pOp->p3];
+
+ /* If this function is inside of a trigger, the register array in aMem[]
+ ** might change from one evaluation to the next. The next block of code
+ ** checks to see if the register array has changed, and if so it
+ ** reinitializes the relavant parts of the sqlite3_context object */
+ if( pCtx->pMem != pMem ){
+ pCtx->pMem = pMem;
+ for(i=pCtx->argc-1; i>=0; i--) pCtx->argv[i] = &aMem[pOp->p2+i];
+ }
+
+#ifdef SQLITE_DEBUG
+ for(i=0; i<pCtx->argc; i++){
+ assert( memIsValid(pCtx->argv[i]) );
+ REGISTER_TRACE(pOp->p2+i, pCtx->argv[i]);
+ }
+#endif
+
+ pMem->n++;
+ sqlite3VdbeMemInit(&t, db, MEM_Null);
+ pCtx->pOut = &t;
+ pCtx->fErrorOrAux = 0;
+ pCtx->skipFlag = 0;
+ (pCtx->pFunc->xStep)(pCtx,pCtx->argc,pCtx->argv); /* IMP: R-24505-23230 */
+ if( pCtx->fErrorOrAux ){
+ if( pCtx->isError ){
+ sqlite3VdbeError(p, "%s", sqlite3_value_text(&t));
+ rc = pCtx->isError;
+ }
+ sqlite3VdbeMemRelease(&t);
+ }else{
+ assert( t.flags==MEM_Null );
+ }
+ if( pCtx->skipFlag ){
+ assert( pOp[-1].opcode==OP_CollSeq );
+ i = pOp[-1].p1;
+ if( i ) sqlite3VdbeMemSetInt64(&aMem[i], 1);
+ }
+ break;
+}
+
+/* Opcode: AggFinal P1 P2 * P4 *
+** Synopsis: accum=r[P1] N=P2
+**
+** Execute the finalizer function for an aggregate. P1 is
+** the memory location that is the accumulator for the aggregate.
+**
+** P2 is the number of arguments that the step function takes and
+** P4 is a pointer to the FuncDef for this function. The P2
+** argument is not used by this opcode. It is only there to disambiguate
+** functions that can take varying numbers of arguments. The
+** P4 argument is only needed for the degenerate case where
+** the step function was not previously called.
+*/
+case OP_AggFinal: {
+ Mem *pMem;
+ assert( pOp->p1>0 && pOp->p1<=(p->nMem-p->nCursor) );
+ pMem = &aMem[pOp->p1];
+ assert( (pMem->flags & ~(MEM_Null|MEM_Agg))==0 );
+ rc = sqlite3VdbeMemFinalize(pMem, pOp->p4.pFunc);
+ if( rc ){
+ sqlite3VdbeError(p, "%s", sqlite3_value_text(pMem));
+ }
+ sqlite3VdbeChangeEncoding(pMem, encoding);
+ UPDATE_MAX_BLOBSIZE(pMem);
+ if( sqlite3VdbeMemTooBig(pMem) ){
+ goto too_big;
+ }
+ break;
+}
+
+#ifndef SQLITE_OMIT_WAL
+/* Opcode: Checkpoint P1 P2 P3 * *
+**
+** Checkpoint database P1. This is a no-op if P1 is not currently in
+** WAL mode. Parameter P2 is one of SQLITE_CHECKPOINT_PASSIVE, FULL,
+** RESTART, or TRUNCATE. Write 1 or 0 into mem[P3] if the checkpoint returns
+** SQLITE_BUSY or not, respectively. Write the number of pages in the
+** WAL after the checkpoint into mem[P3+1] and the number of pages
+** in the WAL that have been checkpointed after the checkpoint
+** completes into mem[P3+2]. However on an error, mem[P3+1] and
+** mem[P3+2] are initialized to -1.
+*/
+case OP_Checkpoint: {
+ int i; /* Loop counter */
+ int aRes[3]; /* Results */
+ Mem *pMem; /* Write results here */
+
+ assert( p->readOnly==0 );
+ aRes[0] = 0;
+ aRes[1] = aRes[2] = -1;
+ assert( pOp->p2==SQLITE_CHECKPOINT_PASSIVE
+ || pOp->p2==SQLITE_CHECKPOINT_FULL
+ || pOp->p2==SQLITE_CHECKPOINT_RESTART
+ || pOp->p2==SQLITE_CHECKPOINT_TRUNCATE
+ );
+ rc = sqlite3Checkpoint(db, pOp->p1, pOp->p2, &aRes[1], &aRes[2]);
+ if( rc==SQLITE_BUSY ){
+ rc = SQLITE_OK;
+ aRes[0] = 1;
+ }
+ for(i=0, pMem = &aMem[pOp->p3]; i<3; i++, pMem++){
+ sqlite3VdbeMemSetInt64(pMem, (i64)aRes[i]);
+ }
+ break;
+};
+#endif
+
+#ifndef SQLITE_OMIT_PRAGMA
+/* Opcode: JournalMode P1 P2 P3 * *
+**
+** Change the journal mode of database P1 to P3. P3 must be one of the
+** PAGER_JOURNALMODE_XXX values. If changing between the various rollback
+** modes (delete, truncate, persist, off and memory), this is a simple
+** operation. No IO is required.
+**
+** If changing into or out of WAL mode the procedure is more complicated.
+**
+** Write a string containing the final journal-mode to register P2.
+*/
+case OP_JournalMode: { /* out2 */
+ Btree *pBt; /* Btree to change journal mode of */
+ Pager *pPager; /* Pager associated with pBt */
+ int eNew; /* New journal mode */
+ int eOld; /* The old journal mode */
+#ifndef SQLITE_OMIT_WAL
+ const char *zFilename; /* Name of database file for pPager */
+#endif
+
+ pOut = out2Prerelease(p, pOp);
+ eNew = pOp->p3;
+ assert( eNew==PAGER_JOURNALMODE_DELETE
+ || eNew==PAGER_JOURNALMODE_TRUNCATE
+ || eNew==PAGER_JOURNALMODE_PERSIST
+ || eNew==PAGER_JOURNALMODE_OFF
+ || eNew==PAGER_JOURNALMODE_MEMORY
+ || eNew==PAGER_JOURNALMODE_WAL
+ || eNew==PAGER_JOURNALMODE_QUERY
+ );
+ assert( pOp->p1>=0 && pOp->p1<db->nDb );
+ assert( p->readOnly==0 );
+
+ pBt = db->aDb[pOp->p1].pBt;
+ pPager = sqlite3BtreePager(pBt);
+ eOld = sqlite3PagerGetJournalMode(pPager);
+ if( eNew==PAGER_JOURNALMODE_QUERY ) eNew = eOld;
+ if( !sqlite3PagerOkToChangeJournalMode(pPager) ) eNew = eOld;
+
+#ifndef SQLITE_OMIT_WAL
+ zFilename = sqlite3PagerFilename(pPager, 1);
+
+ /* Do not allow a transition to journal_mode=WAL for a database
+ ** in temporary storage or if the VFS does not support shared memory
+ */
+ if( eNew==PAGER_JOURNALMODE_WAL
+ && (sqlite3Strlen30(zFilename)==0 /* Temp file */
+ || !sqlite3PagerWalSupported(pPager)) /* No shared-memory support */
+ ){
+ eNew = eOld;
+ }
+
+ if( (eNew!=eOld)
+ && (eOld==PAGER_JOURNALMODE_WAL || eNew==PAGER_JOURNALMODE_WAL)
+ ){
+ if( !db->autoCommit || db->nVdbeRead>1 ){
+ rc = SQLITE_ERROR;
+ sqlite3VdbeError(p,
+ "cannot change %s wal mode from within a transaction",
+ (eNew==PAGER_JOURNALMODE_WAL ? "into" : "out of")
+ );
+ break;
+ }else{
+
+ if( eOld==PAGER_JOURNALMODE_WAL ){
+ /* If leaving WAL mode, close the log file. If successful, the call
+ ** to PagerCloseWal() checkpoints and deletes the write-ahead-log
+ ** file. An EXCLUSIVE lock may still be held on the database file
+ ** after a successful return.
+ */
+ rc = sqlite3PagerCloseWal(pPager);
+ if( rc==SQLITE_OK ){
+ sqlite3PagerSetJournalMode(pPager, eNew);
+ }
+ }else if( eOld==PAGER_JOURNALMODE_MEMORY ){
+ /* Cannot transition directly from MEMORY to WAL. Use mode OFF
+ ** as an intermediate */
+ sqlite3PagerSetJournalMode(pPager, PAGER_JOURNALMODE_OFF);
+ }
+
+ /* Open a transaction on the database file. Regardless of the journal
+ ** mode, this transaction always uses a rollback journal.
+ */
+ assert( sqlite3BtreeIsInTrans(pBt)==0 );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3BtreeSetVersion(pBt, (eNew==PAGER_JOURNALMODE_WAL ? 2 : 1));
+ }
+ }
+ }
+#endif /* ifndef SQLITE_OMIT_WAL */
+
+ if( rc ){
+ eNew = eOld;
+ }
+ eNew = sqlite3PagerSetJournalMode(pPager, eNew);
+
+ pOut->flags = MEM_Str|MEM_Static|MEM_Term;
+ pOut->z = (char *)sqlite3JournalModename(eNew);
+ pOut->n = sqlite3Strlen30(pOut->z);
+ pOut->enc = SQLITE_UTF8;
+ sqlite3VdbeChangeEncoding(pOut, encoding);
+ break;
+};
+#endif /* SQLITE_OMIT_PRAGMA */
+
+#if !defined(SQLITE_OMIT_VACUUM) && !defined(SQLITE_OMIT_ATTACH)
+/* Opcode: Vacuum * * * * *
+**
+** Vacuum the entire database. This opcode will cause other virtual
+** machines to be created and run. It may not be called from within
+** a transaction.
+*/
+case OP_Vacuum: {
+ assert( p->readOnly==0 );
+ rc = sqlite3RunVacuum(&p->zErrMsg, db);
+ break;
+}
+#endif
+
+#if !defined(SQLITE_OMIT_AUTOVACUUM)
+/* Opcode: IncrVacuum P1 P2 * * *
+**
+** Perform a single step of the incremental vacuum procedure on
+** the P1 database. If the vacuum has finished, jump to instruction
+** P2. Otherwise, fall through to the next instruction.
+*/
+case OP_IncrVacuum: { /* jump */
+ Btree *pBt;
+
+ assert( pOp->p1>=0 && pOp->p1<db->nDb );
+ assert( DbMaskTest(p->btreeMask, pOp->p1) );
+ assert( p->readOnly==0 );
+ pBt = db->aDb[pOp->p1].pBt;
+ rc = sqlite3BtreeIncrVacuum(pBt);
+ VdbeBranchTaken(rc==SQLITE_DONE,2);
+ if( rc==SQLITE_DONE ){
+ rc = SQLITE_OK;
+ goto jump_to_p2;
+ }
+ break;
+}
+#endif
+
+/* Opcode: Expire P1 * * * *
+**
+** Cause precompiled statements to expire. When an expired statement
+** is executed using sqlite3_step() it will either automatically
+** reprepare itself (if it was originally created using sqlite3_prepare_v2())
+** or it will fail with SQLITE_SCHEMA.
+**
+** If P1 is 0, then all SQL statements become expired. If P1 is non-zero,
+** then only the currently executing statement is expired.
+*/
+case OP_Expire: {
+ if( !pOp->p1 ){
+ sqlite3ExpirePreparedStatements(db);
+ }else{
+ p->expired = 1;
+ }
+ break;
+}
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/* Opcode: TableLock P1 P2 P3 P4 *
+** Synopsis: iDb=P1 root=P2 write=P3
+**
+** Obtain a lock on a particular table. This instruction is only used when
+** the shared-cache feature is enabled.
+**
+** P1 is the index of the database in sqlite3.aDb[] of the database
+** on which the lock is acquired. A readlock is obtained if P3==0 or
+** a write lock if P3==1.
+**
+** P2 contains the root-page of the table to lock.
+**
+** P4 contains a pointer to the name of the table being locked. This is only
+** used to generate an error message if the lock cannot be obtained.
+*/
+case OP_TableLock: {
+ u8 isWriteLock = (u8)pOp->p3;
+ if( isWriteLock || 0==(db->flags&SQLITE_ReadUncommitted) ){
+ int p1 = pOp->p1;
+ assert( p1>=0 && p1<db->nDb );
+ assert( DbMaskTest(p->btreeMask, p1) );
+ assert( isWriteLock==0 || isWriteLock==1 );
+ rc = sqlite3BtreeLockTable(db->aDb[p1].pBt, pOp->p2, isWriteLock);
+ if( (rc&0xFF)==SQLITE_LOCKED ){
+ const char *z = pOp->p4.z;
+ sqlite3VdbeError(p, "database table is locked: %s", z);
+ }
+ }
+ break;
+}
+#endif /* SQLITE_OMIT_SHARED_CACHE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VBegin * * * P4 *
+**
+** P4 may be a pointer to an sqlite3_vtab structure. If so, call the
+** xBegin method for that table.
+**
+** Also, whether or not P4 is set, check that this is not being called from
+** within a callback to a virtual table xSync() method. If it is, the error
+** code will be set to SQLITE_LOCKED.
+*/
+case OP_VBegin: {
+ VTable *pVTab;
+ pVTab = pOp->p4.pVtab;
+ rc = sqlite3VtabBegin(db, pVTab);
+ if( pVTab ) sqlite3VtabImportErrmsg(p, pVTab->pVtab);
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VCreate P1 P2 * * *
+**
+** P2 is a register that holds the name of a virtual table in database
+** P1. Call the xCreate method for that table.
+*/
+case OP_VCreate: {
+ Mem sMem; /* For storing the record being decoded */
+ const char *zTab; /* Name of the virtual table */
+
+ memset(&sMem, 0, sizeof(sMem));
+ sMem.db = db;
+ /* Because P2 is always a static string, it is impossible for the
+ ** sqlite3VdbeMemCopy() to fail */
+ assert( (aMem[pOp->p2].flags & MEM_Str)!=0 );
+ assert( (aMem[pOp->p2].flags & MEM_Static)!=0 );
+ rc = sqlite3VdbeMemCopy(&sMem, &aMem[pOp->p2]);
+ assert( rc==SQLITE_OK );
+ zTab = (const char*)sqlite3_value_text(&sMem);
+ assert( zTab || db->mallocFailed );
+ if( zTab ){
+ rc = sqlite3VtabCallCreate(db, pOp->p1, zTab, &p->zErrMsg);
+ }
+ sqlite3VdbeMemRelease(&sMem);
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VDestroy P1 * * P4 *
+**
+** P4 is the name of a virtual table in database P1. Call the xDestroy method
+** of that table.
+*/
+case OP_VDestroy: {
+ db->nVDestroy++;
+ rc = sqlite3VtabCallDestroy(db, pOp->p1, pOp->p4.z);
+ db->nVDestroy--;
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VOpen P1 * * P4 *
+**
+** P4 is a pointer to a virtual table object, an sqlite3_vtab structure.
+** P1 is a cursor number. This opcode opens a cursor to the virtual
+** table and stores that cursor in P1.
+*/
+case OP_VOpen: {
+ VdbeCursor *pCur;
+ sqlite3_vtab_cursor *pVCur;
+ sqlite3_vtab *pVtab;
+ const sqlite3_module *pModule;
+
+ assert( p->bIsReader );
+ pCur = 0;
+ pVCur = 0;
+ pVtab = pOp->p4.pVtab->pVtab;
+ if( pVtab==0 || NEVER(pVtab->pModule==0) ){
+ rc = SQLITE_LOCKED;
+ break;
+ }
+ pModule = pVtab->pModule;
+ rc = pModule->xOpen(pVtab, &pVCur);
+ sqlite3VtabImportErrmsg(p, pVtab);
+ if( SQLITE_OK==rc ){
+ /* Initialize sqlite3_vtab_cursor base class */
+ pVCur->pVtab = pVtab;
+
+ /* Initialize vdbe cursor object */
+ pCur = allocateCursor(p, pOp->p1, 0, -1, CURTYPE_VTAB);
+ if( pCur ){
+ pCur->uc.pVCur = pVCur;
+ pVtab->nRef++;
+ }else{
+ assert( db->mallocFailed );
+ pModule->xClose(pVCur);
+ goto no_mem;
+ }
+ }
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VFilter P1 P2 P3 P4 *
+** Synopsis: iplan=r[P3] zplan='P4'
+**
+** P1 is a cursor opened using VOpen. P2 is an address to jump to if
+** the filtered result set is empty.
+**
+** P4 is either NULL or a string that was generated by the xBestIndex
+** method of the module. The interpretation of the P4 string is left
+** to the module implementation.
+**
+** This opcode invokes the xFilter method on the virtual table specified
+** by P1. The integer query plan parameter to xFilter is stored in register
+** P3. Register P3+1 stores the argc parameter to be passed to the
+** xFilter method. Registers P3+2..P3+1+argc are the argc
+** additional parameters which are passed to
+** xFilter as argv. Register P3+2 becomes argv[0] when passed to xFilter.
+**
+** A jump is made to P2 if the result set after filtering would be empty.
+*/
+case OP_VFilter: { /* jump */
+ int nArg;
+ int iQuery;
+ const sqlite3_module *pModule;
+ Mem *pQuery;
+ Mem *pArgc;
+ sqlite3_vtab_cursor *pVCur;
+ sqlite3_vtab *pVtab;
+ VdbeCursor *pCur;
+ int res;
+ int i;
+ Mem **apArg;
+
+ pQuery = &aMem[pOp->p3];
+ pArgc = &pQuery[1];
+ pCur = p->apCsr[pOp->p1];
+ assert( memIsValid(pQuery) );
+ REGISTER_TRACE(pOp->p3, pQuery);
+ assert( pCur->eCurType==CURTYPE_VTAB );
+ pVCur = pCur->uc.pVCur;
+ pVtab = pVCur->pVtab;
+ pModule = pVtab->pModule;
+
+ /* Grab the index number and argc parameters */
+ assert( (pQuery->flags&MEM_Int)!=0 && pArgc->flags==MEM_Int );
+ nArg = (int)pArgc->u.i;
+ iQuery = (int)pQuery->u.i;
+
+ /* Invoke the xFilter method */
+ res = 0;
+ apArg = p->apArg;
+ for(i = 0; i<nArg; i++){
+ apArg[i] = &pArgc[i+1];
+ }
+ rc = pModule->xFilter(pVCur, iQuery, pOp->p4.z, nArg, apArg);
+ sqlite3VtabImportErrmsg(p, pVtab);
+ if( rc==SQLITE_OK ){
+ res = pModule->xEof(pVCur);
+ }
+ pCur->nullRow = 0;
+ VdbeBranchTaken(res!=0,2);
+ if( res ) goto jump_to_p2;
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VColumn P1 P2 P3 * *
+** Synopsis: r[P3]=vcolumn(P2)
+**
+** Store the value of the P2-th column of
+** the row of the virtual-table that the
+** P1 cursor is pointing to into register P3.
+*/
+case OP_VColumn: {
+ sqlite3_vtab *pVtab;
+ const sqlite3_module *pModule;
+ Mem *pDest;
+ sqlite3_context sContext;
+
+ VdbeCursor *pCur = p->apCsr[pOp->p1];
+ assert( pCur->eCurType==CURTYPE_VTAB );
+ assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
+ pDest = &aMem[pOp->p3];
+ memAboutToChange(p, pDest);
+ if( pCur->nullRow ){
+ sqlite3VdbeMemSetNull(pDest);
+ break;
+ }
+ pVtab = pCur->uc.pVCur->pVtab;
+ pModule = pVtab->pModule;
+ assert( pModule->xColumn );
+ memset(&sContext, 0, sizeof(sContext));
+ sContext.pOut = pDest;
+ MemSetTypeFlag(pDest, MEM_Null);
+ rc = pModule->xColumn(pCur->uc.pVCur, &sContext, pOp->p2);
+ sqlite3VtabImportErrmsg(p, pVtab);
+ if( sContext.isError ){
+ rc = sContext.isError;
+ }
+ sqlite3VdbeChangeEncoding(pDest, encoding);
+ REGISTER_TRACE(pOp->p3, pDest);
+ UPDATE_MAX_BLOBSIZE(pDest);
+
+ if( sqlite3VdbeMemTooBig(pDest) ){
+ goto too_big;
+ }
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VNext P1 P2 * * *
+**
+** Advance virtual table P1 to the next row in its result set and
+** jump to instruction P2. Or, if the virtual table has reached
+** the end of its result set, then fall through to the next instruction.
+*/
+case OP_VNext: { /* jump */
+ sqlite3_vtab *pVtab;
+ const sqlite3_module *pModule;
+ int res;
+ VdbeCursor *pCur;
+
+ res = 0;
+ pCur = p->apCsr[pOp->p1];
+ assert( pCur->eCurType==CURTYPE_VTAB );
+ if( pCur->nullRow ){
+ break;
+ }
+ pVtab = pCur->uc.pVCur->pVtab;
+ pModule = pVtab->pModule;
+ assert( pModule->xNext );
+
+ /* Invoke the xNext() method of the module. There is no way for the
+ ** underlying implementation to return an error if one occurs during
+ ** xNext(). Instead, if an error occurs, true is returned (indicating that
+ ** data is available) and the error code returned when xColumn or
+ ** some other method is next invoked on the save virtual table cursor.
+ */
+ rc = pModule->xNext(pCur->uc.pVCur);
+ sqlite3VtabImportErrmsg(p, pVtab);
+ if( rc==SQLITE_OK ){
+ res = pModule->xEof(pCur->uc.pVCur);
+ }
+ VdbeBranchTaken(!res,2);
+ if( !res ){
+ /* If there is data, jump to P2 */
+ goto jump_to_p2_and_check_for_interrupt;
+ }
+ goto check_for_interrupt;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VRename P1 * * P4 *
+**
+** P4 is a pointer to a virtual table object, an sqlite3_vtab structure.
+** This opcode invokes the corresponding xRename method. The value
+** in register P1 is passed as the zName argument to the xRename method.
+*/
+case OP_VRename: {
+ sqlite3_vtab *pVtab;
+ Mem *pName;
+
+ pVtab = pOp->p4.pVtab->pVtab;
+ pName = &aMem[pOp->p1];
+ assert( pVtab->pModule->xRename );
+ assert( memIsValid(pName) );
+ assert( p->readOnly==0 );
+ REGISTER_TRACE(pOp->p1, pName);
+ assert( pName->flags & MEM_Str );
+ testcase( pName->enc==SQLITE_UTF8 );
+ testcase( pName->enc==SQLITE_UTF16BE );
+ testcase( pName->enc==SQLITE_UTF16LE );
+ rc = sqlite3VdbeChangeEncoding(pName, SQLITE_UTF8);
+ if( rc==SQLITE_OK ){
+ rc = pVtab->pModule->xRename(pVtab, pName->z);
+ sqlite3VtabImportErrmsg(p, pVtab);
+ p->expired = 0;
+ }
+ break;
+}
+#endif
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VUpdate P1 P2 P3 P4 P5
+** Synopsis: data=r[P3@P2]
+**
+** P4 is a pointer to a virtual table object, an sqlite3_vtab structure.
+** This opcode invokes the corresponding xUpdate method. P2 values
+** are contiguous memory cells starting at P3 to pass to the xUpdate
+** invocation. The value in register (P3+P2-1) corresponds to the
+** p2th element of the argv array passed to xUpdate.
+**
+** The xUpdate method will do a DELETE or an INSERT or both.
+** The argv[0] element (which corresponds to memory cell P3)
+** is the rowid of a row to delete. If argv[0] is NULL then no
+** deletion occurs. The argv[1] element is the rowid of the new
+** row. This can be NULL to have the virtual table select the new
+** rowid for itself. The subsequent elements in the array are
+** the values of columns in the new row.
+**
+** If P2==1 then no insert is performed. argv[0] is the rowid of
+** a row to delete.
+**
+** P1 is a boolean flag. If it is set to true and the xUpdate call
+** is successful, then the value returned by sqlite3_last_insert_rowid()
+** is set to the value of the rowid for the row just inserted.
+**
+** P5 is the error actions (OE_Replace, OE_Fail, OE_Ignore, etc) to
+** apply in the case of a constraint failure on an insert or update.
+*/
+case OP_VUpdate: {
+ sqlite3_vtab *pVtab;
+ const sqlite3_module *pModule;
+ int nArg;
+ int i;
+ sqlite_int64 rowid;
+ Mem **apArg;
+ Mem *pX;
+
+ assert( pOp->p2==1 || pOp->p5==OE_Fail || pOp->p5==OE_Rollback
+ || pOp->p5==OE_Abort || pOp->p5==OE_Ignore || pOp->p5==OE_Replace
+ );
+ assert( p->readOnly==0 );
+ pVtab = pOp->p4.pVtab->pVtab;
+ if( pVtab==0 || NEVER(pVtab->pModule==0) ){
+ rc = SQLITE_LOCKED;
+ break;
+ }
+ pModule = pVtab->pModule;
+ nArg = pOp->p2;
+ assert( pOp->p4type==P4_VTAB );
+ if( ALWAYS(pModule->xUpdate) ){
+ u8 vtabOnConflict = db->vtabOnConflict;
+ apArg = p->apArg;
+ pX = &aMem[pOp->p3];
+ for(i=0; i<nArg; i++){
+ assert( memIsValid(pX) );
+ memAboutToChange(p, pX);
+ apArg[i] = pX;
+ pX++;
+ }
+ db->vtabOnConflict = pOp->p5;
+ rc = pModule->xUpdate(pVtab, nArg, apArg, &rowid);
+ db->vtabOnConflict = vtabOnConflict;
+ sqlite3VtabImportErrmsg(p, pVtab);
+ if( rc==SQLITE_OK && pOp->p1 ){
+ assert( nArg>1 && apArg[0] && (apArg[0]->flags&MEM_Null) );
+ db->lastRowid = lastRowid = rowid;
+ }
+ if( (rc&0xff)==SQLITE_CONSTRAINT && pOp->p4.pVtab->bConstraint ){
+ if( pOp->p5==OE_Ignore ){
+ rc = SQLITE_OK;
+ }else{
+ p->errorAction = ((pOp->p5==OE_Replace) ? OE_Abort : pOp->p5);
+ }
+ }else{
+ p->nChange++;
+ }
+ }
+ break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+/* Opcode: Pagecount P1 P2 * * *
+**
+** Write the current number of pages in database P1 to memory cell P2.
+*/
+case OP_Pagecount: { /* out2 */
+ pOut = out2Prerelease(p, pOp);
+ pOut->u.i = sqlite3BtreeLastPage(db->aDb[pOp->p1].pBt);
+ break;
+}
+#endif
+
+
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+/* Opcode: MaxPgcnt P1 P2 P3 * *
+**
+** Try to set the maximum page count for database P1 to the value in P3.
+** Do not let the maximum page count fall below the current page count and
+** do not change the maximum page count value if P3==0.
+**
+** Store the maximum page count after the change in register P2.
+*/
+case OP_MaxPgcnt: { /* out2 */
+ unsigned int newMax;
+ Btree *pBt;
+
+ pOut = out2Prerelease(p, pOp);
+ pBt = db->aDb[pOp->p1].pBt;
+ newMax = 0;
+ if( pOp->p3 ){
+ newMax = sqlite3BtreeLastPage(pBt);
+ if( newMax < (unsigned)pOp->p3 ) newMax = (unsigned)pOp->p3;
+ }
+ pOut->u.i = sqlite3BtreeMaxPageCount(pBt, newMax);
+ break;
+}
+#endif
+
+
+/* Opcode: Init * P2 * P4 *
+** Synopsis: Start at P2
+**
+** Programs contain a single instance of this opcode as the very first
+** opcode.
+**
+** If tracing is enabled (by the sqlite3_trace()) interface, then
+** the UTF-8 string contained in P4 is emitted on the trace callback.
+** Or if P4 is blank, use the string returned by sqlite3_sql().
+**
+** If P2 is not zero, jump to instruction P2.
+*/
+case OP_Init: { /* jump */
+ char *zTrace;
+ char *z;
+
+#ifndef SQLITE_OMIT_TRACE
+ if( db->xTrace
+ && !p->doingRerun
+ && (zTrace = (pOp->p4.z ? pOp->p4.z : p->zSql))!=0
+ ){
+ z = sqlite3VdbeExpandSql(p, zTrace);
+ db->xTrace(db->pTraceArg, z);
+ sqlite3DbFree(db, z);
+ }
+#ifdef SQLITE_USE_FCNTL_TRACE
+ zTrace = (pOp->p4.z ? pOp->p4.z : p->zSql);
+ if( zTrace ){
+ int i;
+ for(i=0; i<db->nDb; i++){
+ if( DbMaskTest(p->btreeMask, i)==0 ) continue;
+ sqlite3_file_control(db, db->aDb[i].zName, SQLITE_FCNTL_TRACE, zTrace);
+ }
+ }
+#endif /* SQLITE_USE_FCNTL_TRACE */
+#ifdef SQLITE_DEBUG
+ if( (db->flags & SQLITE_SqlTrace)!=0
+ && (zTrace = (pOp->p4.z ? pOp->p4.z : p->zSql))!=0
+ ){
+ sqlite3DebugPrintf("SQL-trace: %s\n", zTrace);
+ }
+#endif /* SQLITE_DEBUG */
+#endif /* SQLITE_OMIT_TRACE */
+ if( pOp->p2 ) goto jump_to_p2;
+ break;
+}
+
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+/* Opcode: CursorHint P1 * * P4 *
+**
+** Provide a hint to cursor P1 that it only needs to return rows that
+** satisfy the Expr in P4. TK_REGISTER terms in the P4 expression refer
+** to values currently held in registers. TK_COLUMN terms in the P4
+** expression refer to columns in the b-tree to which cursor P1 is pointing.
+*/
+case OP_CursorHint: {
+ VdbeCursor *pC;
+
+ assert( pOp->p1>=0 && pOp->p1<p->nCursor );
+ assert( pOp->p4type==P4_EXPR );
+ pC = p->apCsr[pOp->p1];
+ if( pC ){
+ assert( pC->eCurType==CURTYPE_BTREE );
+ sqlite3BtreeCursorHint(pC->uc.pCursor, BTREE_HINT_RANGE,
+ pOp->p4.pExpr, aMem);
+ }
+ break;
+}
+#endif /* SQLITE_ENABLE_CURSOR_HINTS */
+
+/* Opcode: Noop * * * * *
+**
+** Do nothing. This instruction is often useful as a jump
+** destination.
+*/
+/*
+** The magic Explain opcode are only inserted when explain==2 (which
+** is to say when the EXPLAIN QUERY PLAN syntax is used.)
+** This opcode records information from the optimizer. It is the
+** the same as a no-op. This opcodesnever appears in a real VM program.
+*/
+default: { /* This is really OP_Noop and OP_Explain */
+ assert( pOp->opcode==OP_Noop || pOp->opcode==OP_Explain );
+ break;
+}
+
+/*****************************************************************************
+** The cases of the switch statement above this line should all be indented
+** by 6 spaces. But the left-most 6 spaces have been removed to improve the
+** readability. From this point on down, the normal indentation rules are
+** restored.
+*****************************************************************************/
+ }
+
+#ifdef VDBE_PROFILE
+ {
+ u64 endTime = sqlite3Hwtime();
+ if( endTime>start ) pOrigOp->cycles += endTime - start;
+ pOrigOp->cnt++;
+ }
+#endif
+
+ /* The following code adds nothing to the actual functionality
+ ** of the program. It is only here for testing and debugging.
+ ** On the other hand, it does burn CPU cycles every time through
+ ** the evaluator loop. So we can leave it out when NDEBUG is defined.
+ */
+#ifndef NDEBUG
+ assert( pOp>=&aOp[-1] && pOp<&aOp[p->nOp-1] );
+
+#ifdef SQLITE_DEBUG
+ if( db->flags & SQLITE_VdbeTrace ){
+ if( rc!=0 ) printf("rc=%d\n",rc);
+ if( pOrigOp->opflags & (OPFLG_OUT2) ){
+ registerTrace(pOrigOp->p2, &aMem[pOrigOp->p2]);
+ }
+ if( pOrigOp->opflags & OPFLG_OUT3 ){
+ registerTrace(pOrigOp->p3, &aMem[pOrigOp->p3]);
+ }
+ }
+#endif /* SQLITE_DEBUG */
+#endif /* NDEBUG */
+ } /* The end of the for(;;) loop the loops through opcodes */
+
+ /* If we reach this point, it means that execution is finished with
+ ** an error of some kind.
+ */
+vdbe_error_halt:
+ assert( rc );
+ p->rc = rc;
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(rc, "statement aborts at %d: [%s] %s",
+ (int)(pOp - aOp), p->zSql, p->zErrMsg);
+ sqlite3VdbeHalt(p);
+ if( rc==SQLITE_IOERR_NOMEM ) db->mallocFailed = 1;
+ rc = SQLITE_ERROR;
+ if( resetSchemaOnFault>0 ){
+ sqlite3ResetOneSchema(db, resetSchemaOnFault-1);
+ }
+
+ /* This is the only way out of this procedure. We have to
+ ** release the mutexes on btrees that were acquired at the
+ ** top. */
+vdbe_return:
+ db->lastRowid = lastRowid;
+ testcase( nVmStep>0 );
+ p->aCounter[SQLITE_STMTSTATUS_VM_STEP] += (int)nVmStep;
+ sqlite3VdbeLeave(p);
+ return rc;
+
+ /* Jump to here if a string or blob larger than SQLITE_MAX_LENGTH
+ ** is encountered.
+ */
+too_big:
+ sqlite3VdbeError(p, "string or blob too big");
+ rc = SQLITE_TOOBIG;
+ goto vdbe_error_halt;
+
+ /* Jump to here if a malloc() fails.
+ */
+no_mem:
+ db->mallocFailed = 1;
+ sqlite3VdbeError(p, "out of memory");
+ rc = SQLITE_NOMEM;
+ goto vdbe_error_halt;
+
+ /* Jump to here for any other kind of fatal error. The "rc" variable
+ ** should hold the error number.
+ */
+abort_due_to_error:
+ assert( p->zErrMsg==0 );
+ if( db->mallocFailed ) rc = SQLITE_NOMEM;
+ if( rc!=SQLITE_IOERR_NOMEM ){
+ sqlite3VdbeError(p, "%s", sqlite3ErrStr(rc));
+ }
+ goto vdbe_error_halt;
+
+ /* Jump to here if the sqlite3_interrupt() API sets the interrupt
+ ** flag.
+ */
+abort_due_to_interrupt:
+ assert( db->u1.isInterrupted );
+ rc = SQLITE_INTERRUPT;
+ p->rc = rc;
+ sqlite3VdbeError(p, "%s", sqlite3ErrStr(rc));
+ goto vdbe_error_halt;
+}
+
+
+/************** End of vdbe.c ************************************************/
+/************** Begin file vdbeblob.c ****************************************/
+/*
+** 2007 May 1
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code used to implement incremental BLOB I/O.
+*/
+
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+#ifndef SQLITE_OMIT_INCRBLOB
+
+/*
+** Valid sqlite3_blob* handles point to Incrblob structures.
+*/
+typedef struct Incrblob Incrblob;
+struct Incrblob {
+ int flags; /* Copy of "flags" passed to sqlite3_blob_open() */
+ int nByte; /* Size of open blob, in bytes */
+ int iOffset; /* Byte offset of blob in cursor data */
+ int iCol; /* Table column this handle is open on */
+ BtCursor *pCsr; /* Cursor pointing at blob row */
+ sqlite3_stmt *pStmt; /* Statement holding cursor open */
+ sqlite3 *db; /* The associated database */
+};
+
+
+/*
+** This function is used by both blob_open() and blob_reopen(). It seeks
+** the b-tree cursor associated with blob handle p to point to row iRow.
+** If successful, SQLITE_OK is returned and subsequent calls to
+** sqlite3_blob_read() or sqlite3_blob_write() access the specified row.
+**
+** If an error occurs, or if the specified row does not exist or does not
+** contain a value of type TEXT or BLOB in the column nominated when the
+** blob handle was opened, then an error code is returned and *pzErr may
+** be set to point to a buffer containing an error message. It is the
+** responsibility of the caller to free the error message buffer using
+** sqlite3DbFree().
+**
+** If an error does occur, then the b-tree cursor is closed. All subsequent
+** calls to sqlite3_blob_read(), blob_write() or blob_reopen() will
+** immediately return SQLITE_ABORT.
+*/
+static int blobSeekToRow(Incrblob *p, sqlite3_int64 iRow, char **pzErr){
+ int rc; /* Error code */
+ char *zErr = 0; /* Error message */
+ Vdbe *v = (Vdbe *)p->pStmt;
+
+ /* Set the value of the SQL statements only variable to integer iRow.
+ ** This is done directly instead of using sqlite3_bind_int64() to avoid
+ ** triggering asserts related to mutexes.
+ */
+ assert( v->aVar[0].flags&MEM_Int );
+ v->aVar[0].u.i = iRow;
+
+ rc = sqlite3_step(p->pStmt);
+ if( rc==SQLITE_ROW ){
+ VdbeCursor *pC = v->apCsr[0];
+ u32 type = pC->aType[p->iCol];
+ if( type<12 ){
+ zErr = sqlite3MPrintf(p->db, "cannot open value of type %s",
+ type==0?"null": type==7?"real": "integer"
+ );
+ rc = SQLITE_ERROR;
+ sqlite3_finalize(p->pStmt);
+ p->pStmt = 0;
+ }else{
+ p->iOffset = pC->aType[p->iCol + pC->nField];
+ p->nByte = sqlite3VdbeSerialTypeLen(type);
+ p->pCsr = pC->uc.pCursor;
+ sqlite3BtreeIncrblobCursor(p->pCsr);
+ }
+ }
+
+ if( rc==SQLITE_ROW ){
+ rc = SQLITE_OK;
+ }else if( p->pStmt ){
+ rc = sqlite3_finalize(p->pStmt);
+ p->pStmt = 0;
+ if( rc==SQLITE_OK ){
+ zErr = sqlite3MPrintf(p->db, "no such rowid: %lld", iRow);
+ rc = SQLITE_ERROR;
+ }else{
+ zErr = sqlite3MPrintf(p->db, "%s", sqlite3_errmsg(p->db));
+ }
+ }
+
+ assert( rc!=SQLITE_OK || zErr==0 );
+ assert( rc!=SQLITE_ROW && rc!=SQLITE_DONE );
+
+ *pzErr = zErr;
+ return rc;
+}
+
+/*
+** Open a blob handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_open(
+ sqlite3* db, /* The database connection */
+ const char *zDb, /* The attached database containing the blob */
+ const char *zTable, /* The table containing the blob */
+ const char *zColumn, /* The column containing the blob */
+ sqlite_int64 iRow, /* The row containing the glob */
+ int flags, /* True -> read/write access, false -> read-only */
+ sqlite3_blob **ppBlob /* Handle for accessing the blob returned here */
+){
+ int nAttempt = 0;
+ int iCol; /* Index of zColumn in row-record */
+
+ /* This VDBE program seeks a btree cursor to the identified
+ ** db/table/row entry. The reason for using a vdbe program instead
+ ** of writing code to use the b-tree layer directly is that the
+ ** vdbe program will take advantage of the various transaction,
+ ** locking and error handling infrastructure built into the vdbe.
+ **
+ ** After seeking the cursor, the vdbe executes an OP_ResultRow.
+ ** Code external to the Vdbe then "borrows" the b-tree cursor and
+ ** uses it to implement the blob_read(), blob_write() and
+ ** blob_bytes() functions.
+ **
+ ** The sqlite3_blob_close() function finalizes the vdbe program,
+ ** which closes the b-tree cursor and (possibly) commits the
+ ** transaction.
+ */
+ static const int iLn = VDBE_OFFSET_LINENO(4);
+ static const VdbeOpList openBlob[] = {
+ /* {OP_Transaction, 0, 0, 0}, // 0: Inserted separately */
+ {OP_TableLock, 0, 0, 0}, /* 1: Acquire a read or write lock */
+ /* One of the following two instructions is replaced by an OP_Noop. */
+ {OP_OpenRead, 0, 0, 0}, /* 2: Open cursor 0 for reading */
+ {OP_OpenWrite, 0, 0, 0}, /* 3: Open cursor 0 for read/write */
+ {OP_Variable, 1, 1, 1}, /* 4: Push the rowid to the stack */
+ {OP_NotExists, 0, 10, 1}, /* 5: Seek the cursor */
+ {OP_Column, 0, 0, 1}, /* 6 */
+ {OP_ResultRow, 1, 0, 0}, /* 7 */
+ {OP_Goto, 0, 4, 0}, /* 8 */
+ {OP_Close, 0, 0, 0}, /* 9 */
+ {OP_Halt, 0, 0, 0}, /* 10 */
+ };
+
+ int rc = SQLITE_OK;
+ char *zErr = 0;
+ Table *pTab;
+ Parse *pParse = 0;
+ Incrblob *pBlob = 0;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( ppBlob==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ *ppBlob = 0;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zTable==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ flags = !!flags; /* flags = (flags ? 1 : 0); */
+
+ sqlite3_mutex_enter(db->mutex);
+
+ pBlob = (Incrblob *)sqlite3DbMallocZero(db, sizeof(Incrblob));
+ if( !pBlob ) goto blob_open_out;
+ pParse = sqlite3StackAllocRaw(db, sizeof(*pParse));
+ if( !pParse ) goto blob_open_out;
+
+ do {
+ memset(pParse, 0, sizeof(Parse));
+ pParse->db = db;
+ sqlite3DbFree(db, zErr);
+ zErr = 0;
+
+ sqlite3BtreeEnterAll(db);
+ pTab = sqlite3LocateTable(pParse, 0, zTable, zDb);
+ if( pTab && IsVirtual(pTab) ){
+ pTab = 0;
+ sqlite3ErrorMsg(pParse, "cannot open virtual table: %s", zTable);
+ }
+ if( pTab && !HasRowid(pTab) ){
+ pTab = 0;
+ sqlite3ErrorMsg(pParse, "cannot open table without rowid: %s", zTable);
+ }
+#ifndef SQLITE_OMIT_VIEW
+ if( pTab && pTab->pSelect ){
+ pTab = 0;
+ sqlite3ErrorMsg(pParse, "cannot open view: %s", zTable);
+ }
+#endif
+ if( !pTab ){
+ if( pParse->zErrMsg ){
+ sqlite3DbFree(db, zErr);
+ zErr = pParse->zErrMsg;
+ pParse->zErrMsg = 0;
+ }
+ rc = SQLITE_ERROR;
+ sqlite3BtreeLeaveAll(db);
+ goto blob_open_out;
+ }
+
+ /* Now search pTab for the exact column. */
+ for(iCol=0; iCol<pTab->nCol; iCol++) {
+ if( sqlite3StrICmp(pTab->aCol[iCol].zName, zColumn)==0 ){
+ break;
+ }
+ }
+ if( iCol==pTab->nCol ){
+ sqlite3DbFree(db, zErr);
+ zErr = sqlite3MPrintf(db, "no such column: \"%s\"", zColumn);
+ rc = SQLITE_ERROR;
+ sqlite3BtreeLeaveAll(db);
+ goto blob_open_out;
+ }
+
+ /* If the value is being opened for writing, check that the
+ ** column is not indexed, and that it is not part of a foreign key.
+ ** It is against the rules to open a column to which either of these
+ ** descriptions applies for writing. */
+ if( flags ){
+ const char *zFault = 0;
+ Index *pIdx;
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ if( db->flags&SQLITE_ForeignKeys ){
+ /* Check that the column is not part of an FK child key definition. It
+ ** is not necessary to check if it is part of a parent key, as parent
+ ** key columns must be indexed. The check below will pick up this
+ ** case. */
+ FKey *pFKey;
+ for(pFKey=pTab->pFKey; pFKey; pFKey=pFKey->pNextFrom){
+ int j;
+ for(j=0; j<pFKey->nCol; j++){
+ if( pFKey->aCol[j].iFrom==iCol ){
+ zFault = "foreign key";
+ }
+ }
+ }
+ }
+#endif
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ int j;
+ for(j=0; j<pIdx->nKeyCol; j++){
+ /* FIXME: Be smarter about indexes that use expressions */
+ if( pIdx->aiColumn[j]==iCol || pIdx->aiColumn[j]==XN_EXPR ){
+ zFault = "indexed";
+ }
+ }
+ }
+ if( zFault ){
+ sqlite3DbFree(db, zErr);
+ zErr = sqlite3MPrintf(db, "cannot open %s column for writing", zFault);
+ rc = SQLITE_ERROR;
+ sqlite3BtreeLeaveAll(db);
+ goto blob_open_out;
+ }
+ }
+
+ pBlob->pStmt = (sqlite3_stmt *)sqlite3VdbeCreate(pParse);
+ assert( pBlob->pStmt || db->mallocFailed );
+ if( pBlob->pStmt ){
+ Vdbe *v = (Vdbe *)pBlob->pStmt;
+ int iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+
+
+ sqlite3VdbeAddOp4Int(v, OP_Transaction, iDb, flags,
+ pTab->pSchema->schema_cookie,
+ pTab->pSchema->iGeneration);
+ sqlite3VdbeChangeP5(v, 1);
+ sqlite3VdbeAddOpList(v, ArraySize(openBlob), openBlob, iLn);
+
+ /* Make sure a mutex is held on the table to be accessed */
+ sqlite3VdbeUsesBtree(v, iDb);
+
+ /* Configure the OP_TableLock instruction */
+#ifdef SQLITE_OMIT_SHARED_CACHE
+ sqlite3VdbeChangeToNoop(v, 1);
+#else
+ sqlite3VdbeChangeP1(v, 1, iDb);
+ sqlite3VdbeChangeP2(v, 1, pTab->tnum);
+ sqlite3VdbeChangeP3(v, 1, flags);
+ sqlite3VdbeChangeP4(v, 1, pTab->zName, P4_TRANSIENT);
+#endif
+
+ /* Remove either the OP_OpenWrite or OpenRead. Set the P2
+ ** parameter of the other to pTab->tnum. */
+ sqlite3VdbeChangeToNoop(v, 3 - flags);
+ sqlite3VdbeChangeP2(v, 2 + flags, pTab->tnum);
+ sqlite3VdbeChangeP3(v, 2 + flags, iDb);
+
+ /* Configure the number of columns. Configure the cursor to
+ ** think that the table has one more column than it really
+ ** does. An OP_Column to retrieve this imaginary column will
+ ** always return an SQL NULL. This is useful because it means
+ ** we can invoke OP_Column to fill in the vdbe cursors type
+ ** and offset cache without causing any IO.
+ */
+ sqlite3VdbeChangeP4(v, 2+flags, SQLITE_INT_TO_PTR(pTab->nCol+1),P4_INT32);
+ sqlite3VdbeChangeP2(v, 6, pTab->nCol);
+ if( !db->mallocFailed ){
+ pParse->nVar = 1;
+ pParse->nMem = 1;
+ pParse->nTab = 1;
+ sqlite3VdbeMakeReady(v, pParse);
+ }
+ }
+
+ pBlob->flags = flags;
+ pBlob->iCol = iCol;
+ pBlob->db = db;
+ sqlite3BtreeLeaveAll(db);
+ if( db->mallocFailed ){
+ goto blob_open_out;
+ }
+ sqlite3_bind_int64(pBlob->pStmt, 1, iRow);
+ rc = blobSeekToRow(pBlob, iRow, &zErr);
+ } while( (++nAttempt)<SQLITE_MAX_SCHEMA_RETRY && rc==SQLITE_SCHEMA );
+
+blob_open_out:
+ if( rc==SQLITE_OK && db->mallocFailed==0 ){
+ *ppBlob = (sqlite3_blob *)pBlob;
+ }else{
+ if( pBlob && pBlob->pStmt ) sqlite3VdbeFinalize((Vdbe *)pBlob->pStmt);
+ sqlite3DbFree(db, pBlob);
+ }
+ sqlite3ErrorWithMsg(db, rc, (zErr ? "%s" : 0), zErr);
+ sqlite3DbFree(db, zErr);
+ sqlite3ParserReset(pParse);
+ sqlite3StackFree(db, pParse);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** Close a blob handle that was previously created using
+** sqlite3_blob_open().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_close(sqlite3_blob *pBlob){
+ Incrblob *p = (Incrblob *)pBlob;
+ int rc;
+ sqlite3 *db;
+
+ if( p ){
+ db = p->db;
+ sqlite3_mutex_enter(db->mutex);
+ rc = sqlite3_finalize(p->pStmt);
+ sqlite3DbFree(db, p);
+ sqlite3_mutex_leave(db->mutex);
+ }else{
+ rc = SQLITE_OK;
+ }
+ return rc;
+}
+
+/*
+** Perform a read or write operation on a blob
+*/
+static int blobReadWrite(
+ sqlite3_blob *pBlob,
+ void *z,
+ int n,
+ int iOffset,
+ int (*xCall)(BtCursor*, u32, u32, void*)
+){
+ int rc;
+ Incrblob *p = (Incrblob *)pBlob;
+ Vdbe *v;
+ sqlite3 *db;
+
+ if( p==0 ) return SQLITE_MISUSE_BKPT;
+ db = p->db;
+ sqlite3_mutex_enter(db->mutex);
+ v = (Vdbe*)p->pStmt;
+
+ if( n<0 || iOffset<0 || ((sqlite3_int64)iOffset+n)>p->nByte ){
+ /* Request is out of range. Return a transient error. */
+ rc = SQLITE_ERROR;
+ }else if( v==0 ){
+ /* If there is no statement handle, then the blob-handle has
+ ** already been invalidated. Return SQLITE_ABORT in this case.
+ */
+ rc = SQLITE_ABORT;
+ }else{
+ /* Call either BtreeData() or BtreePutData(). If SQLITE_ABORT is
+ ** returned, clean-up the statement handle.
+ */
+ assert( db == v->db );
+ sqlite3BtreeEnterCursor(p->pCsr);
+ rc = xCall(p->pCsr, iOffset+p->iOffset, n, z);
+ sqlite3BtreeLeaveCursor(p->pCsr);
+ if( rc==SQLITE_ABORT ){
+ sqlite3VdbeFinalize(v);
+ p->pStmt = 0;
+ }else{
+ v->rc = rc;
+ }
+ }
+ sqlite3Error(db, rc);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** Read data from a blob handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_read(sqlite3_blob *pBlob, void *z, int n, int iOffset){
+ return blobReadWrite(pBlob, z, n, iOffset, sqlite3BtreeData);
+}
+
+/*
+** Write data to a blob handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_write(sqlite3_blob *pBlob, const void *z, int n, int iOffset){
+ return blobReadWrite(pBlob, (void *)z, n, iOffset, sqlite3BtreePutData);
+}
+
+/*
+** Query a blob handle for the size of the data.
+**
+** The Incrblob.nByte field is fixed for the lifetime of the Incrblob
+** so no mutex is required for access.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_bytes(sqlite3_blob *pBlob){
+ Incrblob *p = (Incrblob *)pBlob;
+ return (p && p->pStmt) ? p->nByte : 0;
+}
+
+/*
+** Move an existing blob handle to point to a different row of the same
+** database table.
+**
+** If an error occurs, or if the specified row does not exist or does not
+** contain a blob or text value, then an error code is returned and the
+** database handle error code and message set. If this happens, then all
+** subsequent calls to sqlite3_blob_xxx() functions (except blob_close())
+** immediately return SQLITE_ABORT.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_reopen(sqlite3_blob *pBlob, sqlite3_int64 iRow){
+ int rc;
+ Incrblob *p = (Incrblob *)pBlob;
+ sqlite3 *db;
+
+ if( p==0 ) return SQLITE_MISUSE_BKPT;
+ db = p->db;
+ sqlite3_mutex_enter(db->mutex);
+
+ if( p->pStmt==0 ){
+ /* If there is no statement handle, then the blob-handle has
+ ** already been invalidated. Return SQLITE_ABORT in this case.
+ */
+ rc = SQLITE_ABORT;
+ }else{
+ char *zErr;
+ rc = blobSeekToRow(p, iRow, &zErr);
+ if( rc!=SQLITE_OK ){
+ sqlite3ErrorWithMsg(db, rc, (zErr ? "%s" : 0), zErr);
+ sqlite3DbFree(db, zErr);
+ }
+ assert( rc!=SQLITE_SCHEMA );
+ }
+
+ rc = sqlite3ApiExit(db, rc);
+ assert( rc==SQLITE_OK || p->pStmt==0 );
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+#endif /* #ifndef SQLITE_OMIT_INCRBLOB */
+
+/************** End of vdbeblob.c ********************************************/
+/************** Begin file vdbesort.c ****************************************/
+/*
+** 2011-07-09
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code for the VdbeSorter object, used in concert with
+** a VdbeCursor to sort large numbers of keys for CREATE INDEX statements
+** or by SELECT statements with ORDER BY clauses that cannot be satisfied
+** using indexes and without LIMIT clauses.
+**
+** The VdbeSorter object implements a multi-threaded external merge sort
+** algorithm that is efficient even if the number of elements being sorted
+** exceeds the available memory.
+**
+** Here is the (internal, non-API) interface between this module and the
+** rest of the SQLite system:
+**
+** sqlite3VdbeSorterInit() Create a new VdbeSorter object.
+**
+** sqlite3VdbeSorterWrite() Add a single new row to the VdbeSorter
+** object. The row is a binary blob in the
+** OP_MakeRecord format that contains both
+** the ORDER BY key columns and result columns
+** in the case of a SELECT w/ ORDER BY, or
+** the complete record for an index entry
+** in the case of a CREATE INDEX.
+**
+** sqlite3VdbeSorterRewind() Sort all content previously added.
+** Position the read cursor on the
+** first sorted element.
+**
+** sqlite3VdbeSorterNext() Advance the read cursor to the next sorted
+** element.
+**
+** sqlite3VdbeSorterRowkey() Return the complete binary blob for the
+** row currently under the read cursor.
+**
+** sqlite3VdbeSorterCompare() Compare the binary blob for the row
+** currently under the read cursor against
+** another binary blob X and report if
+** X is strictly less than the read cursor.
+** Used to enforce uniqueness in a
+** CREATE UNIQUE INDEX statement.
+**
+** sqlite3VdbeSorterClose() Close the VdbeSorter object and reclaim
+** all resources.
+**
+** sqlite3VdbeSorterReset() Refurbish the VdbeSorter for reuse. This
+** is like Close() followed by Init() only
+** much faster.
+**
+** The interfaces above must be called in a particular order. Write() can
+** only occur in between Init()/Reset() and Rewind(). Next(), Rowkey(), and
+** Compare() can only occur in between Rewind() and Close()/Reset(). i.e.
+**
+** Init()
+** for each record: Write()
+** Rewind()
+** Rowkey()/Compare()
+** Next()
+** Close()
+**
+** Algorithm:
+**
+** Records passed to the sorter via calls to Write() are initially held
+** unsorted in main memory. Assuming the amount of memory used never exceeds
+** a threshold, when Rewind() is called the set of records is sorted using
+** an in-memory merge sort. In this case, no temporary files are required
+** and subsequent calls to Rowkey(), Next() and Compare() read records
+** directly from main memory.
+**
+** If the amount of space used to store records in main memory exceeds the
+** threshold, then the set of records currently in memory are sorted and
+** written to a temporary file in "Packed Memory Array" (PMA) format.
+** A PMA created at this point is known as a "level-0 PMA". Higher levels
+** of PMAs may be created by merging existing PMAs together - for example
+** merging two or more level-0 PMAs together creates a level-1 PMA.
+**
+** The threshold for the amount of main memory to use before flushing
+** records to a PMA is roughly the same as the limit configured for the
+** page-cache of the main database. Specifically, the threshold is set to
+** the value returned by "PRAGMA main.page_size" multipled by
+** that returned by "PRAGMA main.cache_size", in bytes.
+**
+** If the sorter is running in single-threaded mode, then all PMAs generated
+** are appended to a single temporary file. Or, if the sorter is running in
+** multi-threaded mode then up to (N+1) temporary files may be opened, where
+** N is the configured number of worker threads. In this case, instead of
+** sorting the records and writing the PMA to a temporary file itself, the
+** calling thread usually launches a worker thread to do so. Except, if
+** there are already N worker threads running, the main thread does the work
+** itself.
+**
+** The sorter is running in multi-threaded mode if (a) the library was built
+** with pre-processor symbol SQLITE_MAX_WORKER_THREADS set to a value greater
+** than zero, and (b) worker threads have been enabled at runtime by calling
+** "PRAGMA threads=N" with some value of N greater than 0.
+**
+** When Rewind() is called, any data remaining in memory is flushed to a
+** final PMA. So at this point the data is stored in some number of sorted
+** PMAs within temporary files on disk.
+**
+** If there are fewer than SORTER_MAX_MERGE_COUNT PMAs in total and the
+** sorter is running in single-threaded mode, then these PMAs are merged
+** incrementally as keys are retreived from the sorter by the VDBE. The
+** MergeEngine object, described in further detail below, performs this
+** merge.
+**
+** Or, if running in multi-threaded mode, then a background thread is
+** launched to merge the existing PMAs. Once the background thread has
+** merged T bytes of data into a single sorted PMA, the main thread
+** begins reading keys from that PMA while the background thread proceeds
+** with merging the next T bytes of data. And so on.
+**
+** Parameter T is set to half the value of the memory threshold used
+** by Write() above to determine when to create a new PMA.
+**
+** If there are more than SORTER_MAX_MERGE_COUNT PMAs in total when
+** Rewind() is called, then a hierarchy of incremental-merges is used.
+** First, T bytes of data from the first SORTER_MAX_MERGE_COUNT PMAs on
+** disk are merged together. Then T bytes of data from the second set, and
+** so on, such that no operation ever merges more than SORTER_MAX_MERGE_COUNT
+** PMAs at a time. This done is to improve locality.
+**
+** If running in multi-threaded mode and there are more than
+** SORTER_MAX_MERGE_COUNT PMAs on disk when Rewind() is called, then more
+** than one background thread may be created. Specifically, there may be
+** one background thread for each temporary file on disk, and one background
+** thread to merge the output of each of the others to a single PMA for
+** the main thread to read from.
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+/*
+** If SQLITE_DEBUG_SORTER_THREADS is defined, this module outputs various
+** messages to stderr that may be helpful in understanding the performance
+** characteristics of the sorter in multi-threaded mode.
+*/
+#if 0
+# define SQLITE_DEBUG_SORTER_THREADS 1
+#endif
+
+/*
+** Hard-coded maximum amount of data to accumulate in memory before flushing
+** to a level 0 PMA. The purpose of this limit is to prevent various integer
+** overflows. 512MiB.
+*/
+#define SQLITE_MAX_PMASZ (1<<29)
+
+/*
+** Private objects used by the sorter
+*/
+typedef struct MergeEngine MergeEngine; /* Merge PMAs together */
+typedef struct PmaReader PmaReader; /* Incrementally read one PMA */
+typedef struct PmaWriter PmaWriter; /* Incrementally write one PMA */
+typedef struct SorterRecord SorterRecord; /* A record being sorted */
+typedef struct SortSubtask SortSubtask; /* A sub-task in the sort process */
+typedef struct SorterFile SorterFile; /* Temporary file object wrapper */
+typedef struct SorterList SorterList; /* In-memory list of records */
+typedef struct IncrMerger IncrMerger; /* Read & merge multiple PMAs */
+
+/*
+** A container for a temp file handle and the current amount of data
+** stored in the file.
+*/
+struct SorterFile {
+ sqlite3_file *pFd; /* File handle */
+ i64 iEof; /* Bytes of data stored in pFd */
+};
+
+/*
+** An in-memory list of objects to be sorted.
+**
+** If aMemory==0 then each object is allocated separately and the objects
+** are connected using SorterRecord.u.pNext. If aMemory!=0 then all objects
+** are stored in the aMemory[] bulk memory, one right after the other, and
+** are connected using SorterRecord.u.iNext.
+*/
+struct SorterList {
+ SorterRecord *pList; /* Linked list of records */
+ u8 *aMemory; /* If non-NULL, bulk memory to hold pList */
+ int szPMA; /* Size of pList as PMA in bytes */
+};
+
+/*
+** The MergeEngine object is used to combine two or more smaller PMAs into
+** one big PMA using a merge operation. Separate PMAs all need to be
+** combined into one big PMA in order to be able to step through the sorted
+** records in order.
+**
+** The aReadr[] array contains a PmaReader object for each of the PMAs being
+** merged. An aReadr[] object either points to a valid key or else is at EOF.
+** ("EOF" means "End Of File". When aReadr[] is at EOF there is no more data.)
+** For the purposes of the paragraphs below, we assume that the array is
+** actually N elements in size, where N is the smallest power of 2 greater
+** to or equal to the number of PMAs being merged. The extra aReadr[] elements
+** are treated as if they are empty (always at EOF).
+**
+** The aTree[] array is also N elements in size. The value of N is stored in
+** the MergeEngine.nTree variable.
+**
+** The final (N/2) elements of aTree[] contain the results of comparing
+** pairs of PMA keys together. Element i contains the result of
+** comparing aReadr[2*i-N] and aReadr[2*i-N+1]. Whichever key is smaller, the
+** aTree element is set to the index of it.
+**
+** For the purposes of this comparison, EOF is considered greater than any
+** other key value. If the keys are equal (only possible with two EOF
+** values), it doesn't matter which index is stored.
+**
+** The (N/4) elements of aTree[] that precede the final (N/2) described
+** above contains the index of the smallest of each block of 4 PmaReaders
+** And so on. So that aTree[1] contains the index of the PmaReader that
+** currently points to the smallest key value. aTree[0] is unused.
+**
+** Example:
+**
+** aReadr[0] -> Banana
+** aReadr[1] -> Feijoa
+** aReadr[2] -> Elderberry
+** aReadr[3] -> Currant
+** aReadr[4] -> Grapefruit
+** aReadr[5] -> Apple
+** aReadr[6] -> Durian
+** aReadr[7] -> EOF
+**
+** aTree[] = { X, 5 0, 5 0, 3, 5, 6 }
+**
+** The current element is "Apple" (the value of the key indicated by
+** PmaReader 5). When the Next() operation is invoked, PmaReader 5 will
+** be advanced to the next key in its segment. Say the next key is
+** "Eggplant":
+**
+** aReadr[5] -> Eggplant
+**
+** The contents of aTree[] are updated first by comparing the new PmaReader
+** 5 key to the current key of PmaReader 4 (still "Grapefruit"). The PmaReader
+** 5 value is still smaller, so aTree[6] is set to 5. And so on up the tree.
+** The value of PmaReader 6 - "Durian" - is now smaller than that of PmaReader
+** 5, so aTree[3] is set to 6. Key 0 is smaller than key 6 (Banana<Durian),
+** so the value written into element 1 of the array is 0. As follows:
+**
+** aTree[] = { X, 0 0, 6 0, 3, 5, 6 }
+**
+** In other words, each time we advance to the next sorter element, log2(N)
+** key comparison operations are required, where N is the number of segments
+** being merged (rounded up to the next power of 2).
+*/
+struct MergeEngine {
+ int nTree; /* Used size of aTree/aReadr (power of 2) */
+ SortSubtask *pTask; /* Used by this thread only */
+ int *aTree; /* Current state of incremental merge */
+ PmaReader *aReadr; /* Array of PmaReaders to merge data from */
+};
+
+/*
+** This object represents a single thread of control in a sort operation.
+** Exactly VdbeSorter.nTask instances of this object are allocated
+** as part of each VdbeSorter object. Instances are never allocated any
+** other way. VdbeSorter.nTask is set to the number of worker threads allowed
+** (see SQLITE_CONFIG_WORKER_THREADS) plus one (the main thread). Thus for
+** single-threaded operation, there is exactly one instance of this object
+** and for multi-threaded operation there are two or more instances.
+**
+** Essentially, this structure contains all those fields of the VdbeSorter
+** structure for which each thread requires a separate instance. For example,
+** each thread requries its own UnpackedRecord object to unpack records in
+** as part of comparison operations.
+**
+** Before a background thread is launched, variable bDone is set to 0. Then,
+** right before it exits, the thread itself sets bDone to 1. This is used for
+** two purposes:
+**
+** 1. When flushing the contents of memory to a level-0 PMA on disk, to
+** attempt to select a SortSubtask for which there is not already an
+** active background thread (since doing so causes the main thread
+** to block until it finishes).
+**
+** 2. If SQLITE_DEBUG_SORTER_THREADS is defined, to determine if a call
+** to sqlite3ThreadJoin() is likely to block. Cases that are likely to
+** block provoke debugging output.
+**
+** In both cases, the effects of the main thread seeing (bDone==0) even
+** after the thread has finished are not dire. So we don't worry about
+** memory barriers and such here.
+*/
+typedef int (*SorterCompare)(SortSubtask*,int*,const void*,int,const void*,int);
+struct SortSubtask {
+ SQLiteThread *pThread; /* Background thread, if any */
+ int bDone; /* Set if thread is finished but not joined */
+ VdbeSorter *pSorter; /* Sorter that owns this sub-task */
+ UnpackedRecord *pUnpacked; /* Space to unpack a record */
+ SorterList list; /* List for thread to write to a PMA */
+ int nPMA; /* Number of PMAs currently in file */
+ SorterCompare xCompare; /* Compare function to use */
+ SorterFile file; /* Temp file for level-0 PMAs */
+ SorterFile file2; /* Space for other PMAs */
+};
+
+
+/*
+** Main sorter structure. A single instance of this is allocated for each
+** sorter cursor created by the VDBE.
+**
+** mxKeysize:
+** As records are added to the sorter by calls to sqlite3VdbeSorterWrite(),
+** this variable is updated so as to be set to the size on disk of the
+** largest record in the sorter.
+*/
+struct VdbeSorter {
+ int mnPmaSize; /* Minimum PMA size, in bytes */
+ int mxPmaSize; /* Maximum PMA size, in bytes. 0==no limit */
+ int mxKeysize; /* Largest serialized key seen so far */
+ int pgsz; /* Main database page size */
+ PmaReader *pReader; /* Readr data from here after Rewind() */
+ MergeEngine *pMerger; /* Or here, if bUseThreads==0 */
+ sqlite3 *db; /* Database connection */
+ KeyInfo *pKeyInfo; /* How to compare records */
+ UnpackedRecord *pUnpacked; /* Used by VdbeSorterCompare() */
+ SorterList list; /* List of in-memory records */
+ int iMemory; /* Offset of free space in list.aMemory */
+ int nMemory; /* Size of list.aMemory allocation in bytes */
+ u8 bUsePMA; /* True if one or more PMAs created */
+ u8 bUseThreads; /* True to use background threads */
+ u8 iPrev; /* Previous thread used to flush PMA */
+ u8 nTask; /* Size of aTask[] array */
+ u8 typeMask;
+ SortSubtask aTask[1]; /* One or more subtasks */
+};
+
+#define SORTER_TYPE_INTEGER 0x01
+#define SORTER_TYPE_TEXT 0x02
+
+/*
+** An instance of the following object is used to read records out of a
+** PMA, in sorted order. The next key to be read is cached in nKey/aKey.
+** aKey might point into aMap or into aBuffer. If neither of those locations
+** contain a contiguous representation of the key, then aAlloc is allocated
+** and the key is copied into aAlloc and aKey is made to poitn to aAlloc.
+**
+** pFd==0 at EOF.
+*/
+struct PmaReader {
+ i64 iReadOff; /* Current read offset */
+ i64 iEof; /* 1 byte past EOF for this PmaReader */
+ int nAlloc; /* Bytes of space at aAlloc */
+ int nKey; /* Number of bytes in key */
+ sqlite3_file *pFd; /* File handle we are reading from */
+ u8 *aAlloc; /* Space for aKey if aBuffer and pMap wont work */
+ u8 *aKey; /* Pointer to current key */
+ u8 *aBuffer; /* Current read buffer */
+ int nBuffer; /* Size of read buffer in bytes */
+ u8 *aMap; /* Pointer to mapping of entire file */
+ IncrMerger *pIncr; /* Incremental merger */
+};
+
+/*
+** Normally, a PmaReader object iterates through an existing PMA stored
+** within a temp file. However, if the PmaReader.pIncr variable points to
+** an object of the following type, it may be used to iterate/merge through
+** multiple PMAs simultaneously.
+**
+** There are two types of IncrMerger object - single (bUseThread==0) and
+** multi-threaded (bUseThread==1).
+**
+** A multi-threaded IncrMerger object uses two temporary files - aFile[0]
+** and aFile[1]. Neither file is allowed to grow to more than mxSz bytes in
+** size. When the IncrMerger is initialized, it reads enough data from
+** pMerger to populate aFile[0]. It then sets variables within the
+** corresponding PmaReader object to read from that file and kicks off
+** a background thread to populate aFile[1] with the next mxSz bytes of
+** sorted record data from pMerger.
+**
+** When the PmaReader reaches the end of aFile[0], it blocks until the
+** background thread has finished populating aFile[1]. It then exchanges
+** the contents of the aFile[0] and aFile[1] variables within this structure,
+** sets the PmaReader fields to read from the new aFile[0] and kicks off
+** another background thread to populate the new aFile[1]. And so on, until
+** the contents of pMerger are exhausted.
+**
+** A single-threaded IncrMerger does not open any temporary files of its
+** own. Instead, it has exclusive access to mxSz bytes of space beginning
+** at offset iStartOff of file pTask->file2. And instead of using a
+** background thread to prepare data for the PmaReader, with a single
+** threaded IncrMerger the allocate part of pTask->file2 is "refilled" with
+** keys from pMerger by the calling thread whenever the PmaReader runs out
+** of data.
+*/
+struct IncrMerger {
+ SortSubtask *pTask; /* Task that owns this merger */
+ MergeEngine *pMerger; /* Merge engine thread reads data from */
+ i64 iStartOff; /* Offset to start writing file at */
+ int mxSz; /* Maximum bytes of data to store */
+ int bEof; /* Set to true when merge is finished */
+ int bUseThread; /* True to use a bg thread for this object */
+ SorterFile aFile[2]; /* aFile[0] for reading, [1] for writing */
+};
+
+/*
+** An instance of this object is used for writing a PMA.
+**
+** The PMA is written one record at a time. Each record is of an arbitrary
+** size. But I/O is more efficient if it occurs in page-sized blocks where
+** each block is aligned on a page boundary. This object caches writes to
+** the PMA so that aligned, page-size blocks are written.
+*/
+struct PmaWriter {
+ int eFWErr; /* Non-zero if in an error state */
+ u8 *aBuffer; /* Pointer to write buffer */
+ int nBuffer; /* Size of write buffer in bytes */
+ int iBufStart; /* First byte of buffer to write */
+ int iBufEnd; /* Last byte of buffer to write */
+ i64 iWriteOff; /* Offset of start of buffer in file */
+ sqlite3_file *pFd; /* File handle to write to */
+};
+
+/*
+** This object is the header on a single record while that record is being
+** held in memory and prior to being written out as part of a PMA.
+**
+** How the linked list is connected depends on how memory is being managed
+** by this module. If using a separate allocation for each in-memory record
+** (VdbeSorter.list.aMemory==0), then the list is always connected using the
+** SorterRecord.u.pNext pointers.
+**
+** Or, if using the single large allocation method (VdbeSorter.list.aMemory!=0),
+** then while records are being accumulated the list is linked using the
+** SorterRecord.u.iNext offset. This is because the aMemory[] array may
+** be sqlite3Realloc()ed while records are being accumulated. Once the VM
+** has finished passing records to the sorter, or when the in-memory buffer
+** is full, the list is sorted. As part of the sorting process, it is
+** converted to use the SorterRecord.u.pNext pointers. See function
+** vdbeSorterSort() for details.
+*/
+struct SorterRecord {
+ int nVal; /* Size of the record in bytes */
+ union {
+ SorterRecord *pNext; /* Pointer to next record in list */
+ int iNext; /* Offset within aMemory of next record */
+ } u;
+ /* The data for the record immediately follows this header */
+};
+
+/* Return a pointer to the buffer containing the record data for SorterRecord
+** object p. Should be used as if:
+**
+** void *SRVAL(SorterRecord *p) { return (void*)&p[1]; }
+*/
+#define SRVAL(p) ((void*)((SorterRecord*)(p) + 1))
+
+
+/* Maximum number of PMAs that a single MergeEngine can merge */
+#define SORTER_MAX_MERGE_COUNT 16
+
+static int vdbeIncrSwap(IncrMerger*);
+static void vdbeIncrFree(IncrMerger *);
+
+/*
+** Free all memory belonging to the PmaReader object passed as the
+** argument. All structure fields are set to zero before returning.
+*/
+static void vdbePmaReaderClear(PmaReader *pReadr){
+ sqlite3_free(pReadr->aAlloc);
+ sqlite3_free(pReadr->aBuffer);
+ if( pReadr->aMap ) sqlite3OsUnfetch(pReadr->pFd, 0, pReadr->aMap);
+ vdbeIncrFree(pReadr->pIncr);
+ memset(pReadr, 0, sizeof(PmaReader));
+}
+
+/*
+** Read the next nByte bytes of data from the PMA p.
+** If successful, set *ppOut to point to a buffer containing the data
+** and return SQLITE_OK. Otherwise, if an error occurs, return an SQLite
+** error code.
+**
+** The buffer returned in *ppOut is only valid until the
+** next call to this function.
+*/
+static int vdbePmaReadBlob(
+ PmaReader *p, /* PmaReader from which to take the blob */
+ int nByte, /* Bytes of data to read */
+ u8 **ppOut /* OUT: Pointer to buffer containing data */
+){
+ int iBuf; /* Offset within buffer to read from */
+ int nAvail; /* Bytes of data available in buffer */
+
+ if( p->aMap ){
+ *ppOut = &p->aMap[p->iReadOff];
+ p->iReadOff += nByte;
+ return SQLITE_OK;
+ }
+
+ assert( p->aBuffer );
+
+ /* If there is no more data to be read from the buffer, read the next
+ ** p->nBuffer bytes of data from the file into it. Or, if there are less
+ ** than p->nBuffer bytes remaining in the PMA, read all remaining data. */
+ iBuf = p->iReadOff % p->nBuffer;
+ if( iBuf==0 ){
+ int nRead; /* Bytes to read from disk */
+ int rc; /* sqlite3OsRead() return code */
+
+ /* Determine how many bytes of data to read. */
+ if( (p->iEof - p->iReadOff) > (i64)p->nBuffer ){
+ nRead = p->nBuffer;
+ }else{
+ nRead = (int)(p->iEof - p->iReadOff);
+ }
+ assert( nRead>0 );
+
+ /* Readr data from the file. Return early if an error occurs. */
+ rc = sqlite3OsRead(p->pFd, p->aBuffer, nRead, p->iReadOff);
+ assert( rc!=SQLITE_IOERR_SHORT_READ );
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ nAvail = p->nBuffer - iBuf;
+
+ if( nByte<=nAvail ){
+ /* The requested data is available in the in-memory buffer. In this
+ ** case there is no need to make a copy of the data, just return a
+ ** pointer into the buffer to the caller. */
+ *ppOut = &p->aBuffer[iBuf];
+ p->iReadOff += nByte;
+ }else{
+ /* The requested data is not all available in the in-memory buffer.
+ ** In this case, allocate space at p->aAlloc[] to copy the requested
+ ** range into. Then return a copy of pointer p->aAlloc to the caller. */
+ int nRem; /* Bytes remaining to copy */
+
+ /* Extend the p->aAlloc[] allocation if required. */
+ if( p->nAlloc<nByte ){
+ u8 *aNew;
+ int nNew = MAX(128, p->nAlloc*2);
+ while( nByte>nNew ) nNew = nNew*2;
+ aNew = sqlite3Realloc(p->aAlloc, nNew);
+ if( !aNew ) return SQLITE_NOMEM;
+ p->nAlloc = nNew;
+ p->aAlloc = aNew;
+ }
+
+ /* Copy as much data as is available in the buffer into the start of
+ ** p->aAlloc[]. */
+ memcpy(p->aAlloc, &p->aBuffer[iBuf], nAvail);
+ p->iReadOff += nAvail;
+ nRem = nByte - nAvail;
+
+ /* The following loop copies up to p->nBuffer bytes per iteration into
+ ** the p->aAlloc[] buffer. */
+ while( nRem>0 ){
+ int rc; /* vdbePmaReadBlob() return code */
+ int nCopy; /* Number of bytes to copy */
+ u8 *aNext; /* Pointer to buffer to copy data from */
+
+ nCopy = nRem;
+ if( nRem>p->nBuffer ) nCopy = p->nBuffer;
+ rc = vdbePmaReadBlob(p, nCopy, &aNext);
+ if( rc!=SQLITE_OK ) return rc;
+ assert( aNext!=p->aAlloc );
+ memcpy(&p->aAlloc[nByte - nRem], aNext, nCopy);
+ nRem -= nCopy;
+ }
+
+ *ppOut = p->aAlloc;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Read a varint from the stream of data accessed by p. Set *pnOut to
+** the value read.
+*/
+static int vdbePmaReadVarint(PmaReader *p, u64 *pnOut){
+ int iBuf;
+
+ if( p->aMap ){
+ p->iReadOff += sqlite3GetVarint(&p->aMap[p->iReadOff], pnOut);
+ }else{
+ iBuf = p->iReadOff % p->nBuffer;
+ if( iBuf && (p->nBuffer-iBuf)>=9 ){
+ p->iReadOff += sqlite3GetVarint(&p->aBuffer[iBuf], pnOut);
+ }else{
+ u8 aVarint[16], *a;
+ int i = 0, rc;
+ do{
+ rc = vdbePmaReadBlob(p, 1, &a);
+ if( rc ) return rc;
+ aVarint[(i++)&0xf] = a[0];
+ }while( (a[0]&0x80)!=0 );
+ sqlite3GetVarint(aVarint, pnOut);
+ }
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Attempt to memory map file pFile. If successful, set *pp to point to the
+** new mapping and return SQLITE_OK. If the mapping is not attempted
+** (because the file is too large or the VFS layer is configured not to use
+** mmap), return SQLITE_OK and set *pp to NULL.
+**
+** Or, if an error occurs, return an SQLite error code. The final value of
+** *pp is undefined in this case.
+*/
+static int vdbeSorterMapFile(SortSubtask *pTask, SorterFile *pFile, u8 **pp){
+ int rc = SQLITE_OK;
+ if( pFile->iEof<=(i64)(pTask->pSorter->db->nMaxSorterMmap) ){
+ sqlite3_file *pFd = pFile->pFd;
+ if( pFd->pMethods->iVersion>=3 ){
+ rc = sqlite3OsFetch(pFd, 0, (int)pFile->iEof, (void**)pp);
+ testcase( rc!=SQLITE_OK );
+ }
+ }
+ return rc;
+}
+
+/*
+** Attach PmaReader pReadr to file pFile (if it is not already attached to
+** that file) and seek it to offset iOff within the file. Return SQLITE_OK
+** if successful, or an SQLite error code if an error occurs.
+*/
+static int vdbePmaReaderSeek(
+ SortSubtask *pTask, /* Task context */
+ PmaReader *pReadr, /* Reader whose cursor is to be moved */
+ SorterFile *pFile, /* Sorter file to read from */
+ i64 iOff /* Offset in pFile */
+){
+ int rc = SQLITE_OK;
+
+ assert( pReadr->pIncr==0 || pReadr->pIncr->bEof==0 );
+
+ if( sqlite3FaultSim(201) ) return SQLITE_IOERR_READ;
+ if( pReadr->aMap ){
+ sqlite3OsUnfetch(pReadr->pFd, 0, pReadr->aMap);
+ pReadr->aMap = 0;
+ }
+ pReadr->iReadOff = iOff;
+ pReadr->iEof = pFile->iEof;
+ pReadr->pFd = pFile->pFd;
+
+ rc = vdbeSorterMapFile(pTask, pFile, &pReadr->aMap);
+ if( rc==SQLITE_OK && pReadr->aMap==0 ){
+ int pgsz = pTask->pSorter->pgsz;
+ int iBuf = pReadr->iReadOff % pgsz;
+ if( pReadr->aBuffer==0 ){
+ pReadr->aBuffer = (u8*)sqlite3Malloc(pgsz);
+ if( pReadr->aBuffer==0 ) rc = SQLITE_NOMEM;
+ pReadr->nBuffer = pgsz;
+ }
+ if( rc==SQLITE_OK && iBuf ){
+ int nRead = pgsz - iBuf;
+ if( (pReadr->iReadOff + nRead) > pReadr->iEof ){
+ nRead = (int)(pReadr->iEof - pReadr->iReadOff);
+ }
+ rc = sqlite3OsRead(
+ pReadr->pFd, &pReadr->aBuffer[iBuf], nRead, pReadr->iReadOff
+ );
+ testcase( rc!=SQLITE_OK );
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Advance PmaReader pReadr to the next key in its PMA. Return SQLITE_OK if
+** no error occurs, or an SQLite error code if one does.
+*/
+static int vdbePmaReaderNext(PmaReader *pReadr){
+ int rc = SQLITE_OK; /* Return Code */
+ u64 nRec = 0; /* Size of record in bytes */
+
+
+ if( pReadr->iReadOff>=pReadr->iEof ){
+ IncrMerger *pIncr = pReadr->pIncr;
+ int bEof = 1;
+ if( pIncr ){
+ rc = vdbeIncrSwap(pIncr);
+ if( rc==SQLITE_OK && pIncr->bEof==0 ){
+ rc = vdbePmaReaderSeek(
+ pIncr->pTask, pReadr, &pIncr->aFile[0], pIncr->iStartOff
+ );
+ bEof = 0;
+ }
+ }
+
+ if( bEof ){
+ /* This is an EOF condition */
+ vdbePmaReaderClear(pReadr);
+ testcase( rc!=SQLITE_OK );
+ return rc;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = vdbePmaReadVarint(pReadr, &nRec);
+ }
+ if( rc==SQLITE_OK ){
+ pReadr->nKey = (int)nRec;
+ rc = vdbePmaReadBlob(pReadr, (int)nRec, &pReadr->aKey);
+ testcase( rc!=SQLITE_OK );
+ }
+
+ return rc;
+}
+
+/*
+** Initialize PmaReader pReadr to scan through the PMA stored in file pFile
+** starting at offset iStart and ending at offset iEof-1. This function
+** leaves the PmaReader pointing to the first key in the PMA (or EOF if the
+** PMA is empty).
+**
+** If the pnByte parameter is NULL, then it is assumed that the file
+** contains a single PMA, and that that PMA omits the initial length varint.
+*/
+static int vdbePmaReaderInit(
+ SortSubtask *pTask, /* Task context */
+ SorterFile *pFile, /* Sorter file to read from */
+ i64 iStart, /* Start offset in pFile */
+ PmaReader *pReadr, /* PmaReader to populate */
+ i64 *pnByte /* IN/OUT: Increment this value by PMA size */
+){
+ int rc;
+
+ assert( pFile->iEof>iStart );
+ assert( pReadr->aAlloc==0 && pReadr->nAlloc==0 );
+ assert( pReadr->aBuffer==0 );
+ assert( pReadr->aMap==0 );
+
+ rc = vdbePmaReaderSeek(pTask, pReadr, pFile, iStart);
+ if( rc==SQLITE_OK ){
+ u64 nByte; /* Size of PMA in bytes */
+ rc = vdbePmaReadVarint(pReadr, &nByte);
+ pReadr->iEof = pReadr->iReadOff + nByte;
+ *pnByte += nByte;
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = vdbePmaReaderNext(pReadr);
+ }
+ return rc;
+}
+
+/*
+** A version of vdbeSorterCompare() that assumes that it has already been
+** determined that the first field of key1 is equal to the first field of
+** key2.
+*/
+static int vdbeSorterCompareTail(
+ SortSubtask *pTask, /* Subtask context (for pKeyInfo) */
+ int *pbKey2Cached, /* True if pTask->pUnpacked is pKey2 */
+ const void *pKey1, int nKey1, /* Left side of comparison */
+ const void *pKey2, int nKey2 /* Right side of comparison */
+){
+ UnpackedRecord *r2 = pTask->pUnpacked;
+ if( *pbKey2Cached==0 ){
+ sqlite3VdbeRecordUnpack(pTask->pSorter->pKeyInfo, nKey2, pKey2, r2);
+ *pbKey2Cached = 1;
+ }
+ return sqlite3VdbeRecordCompareWithSkip(nKey1, pKey1, r2, 1);
+}
+
+/*
+** Compare key1 (buffer pKey1, size nKey1 bytes) with key2 (buffer pKey2,
+** size nKey2 bytes). Use (pTask->pKeyInfo) for the collation sequences
+** used by the comparison. Return the result of the comparison.
+**
+** If IN/OUT parameter *pbKey2Cached is true when this function is called,
+** it is assumed that (pTask->pUnpacked) contains the unpacked version
+** of key2. If it is false, (pTask->pUnpacked) is populated with the unpacked
+** version of key2 and *pbKey2Cached set to true before returning.
+**
+** If an OOM error is encountered, (pTask->pUnpacked->error_rc) is set
+** to SQLITE_NOMEM.
+*/
+static int vdbeSorterCompare(
+ SortSubtask *pTask, /* Subtask context (for pKeyInfo) */
+ int *pbKey2Cached, /* True if pTask->pUnpacked is pKey2 */
+ const void *pKey1, int nKey1, /* Left side of comparison */
+ const void *pKey2, int nKey2 /* Right side of comparison */
+){
+ UnpackedRecord *r2 = pTask->pUnpacked;
+ if( !*pbKey2Cached ){
+ sqlite3VdbeRecordUnpack(pTask->pSorter->pKeyInfo, nKey2, pKey2, r2);
+ *pbKey2Cached = 1;
+ }
+ return sqlite3VdbeRecordCompare(nKey1, pKey1, r2);
+}
+
+/*
+** A specially optimized version of vdbeSorterCompare() that assumes that
+** the first field of each key is a TEXT value and that the collation
+** sequence to compare them with is BINARY.
+*/
+static int vdbeSorterCompareText(
+ SortSubtask *pTask, /* Subtask context (for pKeyInfo) */
+ int *pbKey2Cached, /* True if pTask->pUnpacked is pKey2 */
+ const void *pKey1, int nKey1, /* Left side of comparison */
+ const void *pKey2, int nKey2 /* Right side of comparison */
+){
+ const u8 * const p1 = (const u8 * const)pKey1;
+ const u8 * const p2 = (const u8 * const)pKey2;
+ const u8 * const v1 = &p1[ p1[0] ]; /* Pointer to value 1 */
+ const u8 * const v2 = &p2[ p2[0] ]; /* Pointer to value 2 */
+
+ int n1;
+ int n2;
+ int res;
+
+ getVarint32(&p1[1], n1); n1 = (n1 - 13) / 2;
+ getVarint32(&p2[1], n2); n2 = (n2 - 13) / 2;
+ res = memcmp(v1, v2, MIN(n1, n2));
+ if( res==0 ){
+ res = n1 - n2;
+ }
+
+ if( res==0 ){
+ if( pTask->pSorter->pKeyInfo->nField>1 ){
+ res = vdbeSorterCompareTail(
+ pTask, pbKey2Cached, pKey1, nKey1, pKey2, nKey2
+ );
+ }
+ }else{
+ if( pTask->pSorter->pKeyInfo->aSortOrder[0] ){
+ res = res * -1;
+ }
+ }
+
+ return res;
+}
+
+/*
+** A specially optimized version of vdbeSorterCompare() that assumes that
+** the first field of each key is an INTEGER value.
+*/
+static int vdbeSorterCompareInt(
+ SortSubtask *pTask, /* Subtask context (for pKeyInfo) */
+ int *pbKey2Cached, /* True if pTask->pUnpacked is pKey2 */
+ const void *pKey1, int nKey1, /* Left side of comparison */
+ const void *pKey2, int nKey2 /* Right side of comparison */
+){
+ const u8 * const p1 = (const u8 * const)pKey1;
+ const u8 * const p2 = (const u8 * const)pKey2;
+ const int s1 = p1[1]; /* Left hand serial type */
+ const int s2 = p2[1]; /* Right hand serial type */
+ const u8 * const v1 = &p1[ p1[0] ]; /* Pointer to value 1 */
+ const u8 * const v2 = &p2[ p2[0] ]; /* Pointer to value 2 */
+ int res; /* Return value */
+
+ assert( (s1>0 && s1<7) || s1==8 || s1==9 );
+ assert( (s2>0 && s2<7) || s2==8 || s2==9 );
+
+ if( s1>7 && s2>7 ){
+ res = s1 - s2;
+ }else{
+ if( s1==s2 ){
+ if( (*v1 ^ *v2) & 0x80 ){
+ /* The two values have different signs */
+ res = (*v1 & 0x80) ? -1 : +1;
+ }else{
+ /* The two values have the same sign. Compare using memcmp(). */
+ static const u8 aLen[] = {0, 1, 2, 3, 4, 6, 8 };
+ int i;
+ res = 0;
+ for(i=0; i<aLen[s1]; i++){
+ if( (res = v1[i] - v2[i]) ) break;
+ }
+ }
+ }else{
+ if( s2>7 ){
+ res = +1;
+ }else if( s1>7 ){
+ res = -1;
+ }else{
+ res = s1 - s2;
+ }
+ assert( res!=0 );
+
+ if( res>0 ){
+ if( *v1 & 0x80 ) res = -1;
+ }else{
+ if( *v2 & 0x80 ) res = +1;
+ }
+ }
+ }
+
+ if( res==0 ){
+ if( pTask->pSorter->pKeyInfo->nField>1 ){
+ res = vdbeSorterCompareTail(
+ pTask, pbKey2Cached, pKey1, nKey1, pKey2, nKey2
+ );
+ }
+ }else if( pTask->pSorter->pKeyInfo->aSortOrder[0] ){
+ res = res * -1;
+ }
+
+ return res;
+}
+
+/*
+** Initialize the temporary index cursor just opened as a sorter cursor.
+**
+** Usually, the sorter module uses the value of (pCsr->pKeyInfo->nField)
+** to determine the number of fields that should be compared from the
+** records being sorted. However, if the value passed as argument nField
+** is non-zero and the sorter is able to guarantee a stable sort, nField
+** is used instead. This is used when sorting records for a CREATE INDEX
+** statement. In this case, keys are always delivered to the sorter in
+** order of the primary key, which happens to be make up the final part
+** of the records being sorted. So if the sort is stable, there is never
+** any reason to compare PK fields and they can be ignored for a small
+** performance boost.
+**
+** The sorter can guarantee a stable sort when running in single-threaded
+** mode, but not in multi-threaded mode.
+**
+** SQLITE_OK is returned if successful, or an SQLite error code otherwise.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSorterInit(
+ sqlite3 *db, /* Database connection (for malloc()) */
+ int nField, /* Number of key fields in each record */
+ VdbeCursor *pCsr /* Cursor that holds the new sorter */
+){
+ int pgsz; /* Page size of main database */
+ int i; /* Used to iterate through aTask[] */
+ int mxCache; /* Cache size */
+ VdbeSorter *pSorter; /* The new sorter */
+ KeyInfo *pKeyInfo; /* Copy of pCsr->pKeyInfo with db==0 */
+ int szKeyInfo; /* Size of pCsr->pKeyInfo in bytes */
+ int sz; /* Size of pSorter in bytes */
+ int rc = SQLITE_OK;
+#if SQLITE_MAX_WORKER_THREADS==0
+# define nWorker 0
+#else
+ int nWorker;
+#endif
+
+ /* Initialize the upper limit on the number of worker threads */
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( sqlite3TempInMemory(db) || sqlite3GlobalConfig.bCoreMutex==0 ){
+ nWorker = 0;
+ }else{
+ nWorker = db->aLimit[SQLITE_LIMIT_WORKER_THREADS];
+ }
+#endif
+
+ /* Do not allow the total number of threads (main thread + all workers)
+ ** to exceed the maximum merge count */
+#if SQLITE_MAX_WORKER_THREADS>=SORTER_MAX_MERGE_COUNT
+ if( nWorker>=SORTER_MAX_MERGE_COUNT ){
+ nWorker = SORTER_MAX_MERGE_COUNT-1;
+ }
+#endif
+
+ assert( pCsr->pKeyInfo && pCsr->pBt==0 );
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ szKeyInfo = sizeof(KeyInfo) + (pCsr->pKeyInfo->nField-1)*sizeof(CollSeq*);
+ sz = sizeof(VdbeSorter) + nWorker * sizeof(SortSubtask);
+
+ pSorter = (VdbeSorter*)sqlite3DbMallocZero(db, sz + szKeyInfo);
+ pCsr->uc.pSorter = pSorter;
+ if( pSorter==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ pSorter->pKeyInfo = pKeyInfo = (KeyInfo*)((u8*)pSorter + sz);
+ memcpy(pKeyInfo, pCsr->pKeyInfo, szKeyInfo);
+ pKeyInfo->db = 0;
+ if( nField && nWorker==0 ){
+ pKeyInfo->nXField += (pKeyInfo->nField - nField);
+ pKeyInfo->nField = nField;
+ }
+ pSorter->pgsz = pgsz = sqlite3BtreeGetPageSize(db->aDb[0].pBt);
+ pSorter->nTask = nWorker + 1;
+ pSorter->iPrev = (u8)(nWorker - 1);
+ pSorter->bUseThreads = (pSorter->nTask>1);
+ pSorter->db = db;
+ for(i=0; i<pSorter->nTask; i++){
+ SortSubtask *pTask = &pSorter->aTask[i];
+ pTask->pSorter = pSorter;
+ }
+
+ if( !sqlite3TempInMemory(db) ){
+ u32 szPma = sqlite3GlobalConfig.szPma;
+ pSorter->mnPmaSize = szPma * pgsz;
+ mxCache = db->aDb[0].pSchema->cache_size;
+ if( mxCache<(int)szPma ) mxCache = (int)szPma;
+ pSorter->mxPmaSize = MIN((i64)mxCache*pgsz, SQLITE_MAX_PMASZ);
+
+ /* EVIDENCE-OF: R-26747-61719 When the application provides any amount of
+ ** scratch memory using SQLITE_CONFIG_SCRATCH, SQLite avoids unnecessary
+ ** large heap allocations.
+ */
+ if( sqlite3GlobalConfig.pScratch==0 ){
+ assert( pSorter->iMemory==0 );
+ pSorter->nMemory = pgsz;
+ pSorter->list.aMemory = (u8*)sqlite3Malloc(pgsz);
+ if( !pSorter->list.aMemory ) rc = SQLITE_NOMEM;
+ }
+ }
+
+ if( (pKeyInfo->nField+pKeyInfo->nXField)<13
+ && (pKeyInfo->aColl[0]==0 || pKeyInfo->aColl[0]==db->pDfltColl)
+ ){
+ pSorter->typeMask = SORTER_TYPE_INTEGER | SORTER_TYPE_TEXT;
+ }
+ }
+
+ return rc;
+}
+#undef nWorker /* Defined at the top of this function */
+
+/*
+** Free the list of sorted records starting at pRecord.
+*/
+static void vdbeSorterRecordFree(sqlite3 *db, SorterRecord *pRecord){
+ SorterRecord *p;
+ SorterRecord *pNext;
+ for(p=pRecord; p; p=pNext){
+ pNext = p->u.pNext;
+ sqlite3DbFree(db, p);
+ }
+}
+
+/*
+** Free all resources owned by the object indicated by argument pTask. All
+** fields of *pTask are zeroed before returning.
+*/
+static void vdbeSortSubtaskCleanup(sqlite3 *db, SortSubtask *pTask){
+ sqlite3DbFree(db, pTask->pUnpacked);
+#if SQLITE_MAX_WORKER_THREADS>0
+ /* pTask->list.aMemory can only be non-zero if it was handed memory
+ ** from the main thread. That only occurs SQLITE_MAX_WORKER_THREADS>0 */
+ if( pTask->list.aMemory ){
+ sqlite3_free(pTask->list.aMemory);
+ }else
+#endif
+ {
+ assert( pTask->list.aMemory==0 );
+ vdbeSorterRecordFree(0, pTask->list.pList);
+ }
+ if( pTask->file.pFd ){
+ sqlite3OsCloseFree(pTask->file.pFd);
+ }
+ if( pTask->file2.pFd ){
+ sqlite3OsCloseFree(pTask->file2.pFd);
+ }
+ memset(pTask, 0, sizeof(SortSubtask));
+}
+
+#ifdef SQLITE_DEBUG_SORTER_THREADS
+static void vdbeSorterWorkDebug(SortSubtask *pTask, const char *zEvent){
+ i64 t;
+ int iTask = (pTask - pTask->pSorter->aTask);
+ sqlite3OsCurrentTimeInt64(pTask->pSorter->db->pVfs, &t);
+ fprintf(stderr, "%lld:%d %s\n", t, iTask, zEvent);
+}
+static void vdbeSorterRewindDebug(const char *zEvent){
+ i64 t;
+ sqlite3OsCurrentTimeInt64(sqlite3_vfs_find(0), &t);
+ fprintf(stderr, "%lld:X %s\n", t, zEvent);
+}
+static void vdbeSorterPopulateDebug(
+ SortSubtask *pTask,
+ const char *zEvent
+){
+ i64 t;
+ int iTask = (pTask - pTask->pSorter->aTask);
+ sqlite3OsCurrentTimeInt64(pTask->pSorter->db->pVfs, &t);
+ fprintf(stderr, "%lld:bg%d %s\n", t, iTask, zEvent);
+}
+static void vdbeSorterBlockDebug(
+ SortSubtask *pTask,
+ int bBlocked,
+ const char *zEvent
+){
+ if( bBlocked ){
+ i64 t;
+ sqlite3OsCurrentTimeInt64(pTask->pSorter->db->pVfs, &t);
+ fprintf(stderr, "%lld:main %s\n", t, zEvent);
+ }
+}
+#else
+# define vdbeSorterWorkDebug(x,y)
+# define vdbeSorterRewindDebug(y)
+# define vdbeSorterPopulateDebug(x,y)
+# define vdbeSorterBlockDebug(x,y,z)
+#endif
+
+#if SQLITE_MAX_WORKER_THREADS>0
+/*
+** Join thread pTask->thread.
+*/
+static int vdbeSorterJoinThread(SortSubtask *pTask){
+ int rc = SQLITE_OK;
+ if( pTask->pThread ){
+#ifdef SQLITE_DEBUG_SORTER_THREADS
+ int bDone = pTask->bDone;
+#endif
+ void *pRet = SQLITE_INT_TO_PTR(SQLITE_ERROR);
+ vdbeSorterBlockDebug(pTask, !bDone, "enter");
+ (void)sqlite3ThreadJoin(pTask->pThread, &pRet);
+ vdbeSorterBlockDebug(pTask, !bDone, "exit");
+ rc = SQLITE_PTR_TO_INT(pRet);
+ assert( pTask->bDone==1 );
+ pTask->bDone = 0;
+ pTask->pThread = 0;
+ }
+ return rc;
+}
+
+/*
+** Launch a background thread to run xTask(pIn).
+*/
+static int vdbeSorterCreateThread(
+ SortSubtask *pTask, /* Thread will use this task object */
+ void *(*xTask)(void*), /* Routine to run in a separate thread */
+ void *pIn /* Argument passed into xTask() */
+){
+ assert( pTask->pThread==0 && pTask->bDone==0 );
+ return sqlite3ThreadCreate(&pTask->pThread, xTask, pIn);
+}
+
+/*
+** Join all outstanding threads launched by SorterWrite() to create
+** level-0 PMAs.
+*/
+static int vdbeSorterJoinAll(VdbeSorter *pSorter, int rcin){
+ int rc = rcin;
+ int i;
+
+ /* This function is always called by the main user thread.
+ **
+ ** If this function is being called after SorterRewind() has been called,
+ ** it is possible that thread pSorter->aTask[pSorter->nTask-1].pThread
+ ** is currently attempt to join one of the other threads. To avoid a race
+ ** condition where this thread also attempts to join the same object, join
+ ** thread pSorter->aTask[pSorter->nTask-1].pThread first. */
+ for(i=pSorter->nTask-1; i>=0; i--){
+ SortSubtask *pTask = &pSorter->aTask[i];
+ int rc2 = vdbeSorterJoinThread(pTask);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+ return rc;
+}
+#else
+# define vdbeSorterJoinAll(x,rcin) (rcin)
+# define vdbeSorterJoinThread(pTask) SQLITE_OK
+#endif
+
+/*
+** Allocate a new MergeEngine object capable of handling up to
+** nReader PmaReader inputs.
+**
+** nReader is automatically rounded up to the next power of two.
+** nReader may not exceed SORTER_MAX_MERGE_COUNT even after rounding up.
+*/
+static MergeEngine *vdbeMergeEngineNew(int nReader){
+ int N = 2; /* Smallest power of two >= nReader */
+ int nByte; /* Total bytes of space to allocate */
+ MergeEngine *pNew; /* Pointer to allocated object to return */
+
+ assert( nReader<=SORTER_MAX_MERGE_COUNT );
+
+ while( N<nReader ) N += N;
+ nByte = sizeof(MergeEngine) + N * (sizeof(int) + sizeof(PmaReader));
+
+ pNew = sqlite3FaultSim(100) ? 0 : (MergeEngine*)sqlite3MallocZero(nByte);
+ if( pNew ){
+ pNew->nTree = N;
+ pNew->pTask = 0;
+ pNew->aReadr = (PmaReader*)&pNew[1];
+ pNew->aTree = (int*)&pNew->aReadr[N];
+ }
+ return pNew;
+}
+
+/*
+** Free the MergeEngine object passed as the only argument.
+*/
+static void vdbeMergeEngineFree(MergeEngine *pMerger){
+ int i;
+ if( pMerger ){
+ for(i=0; i<pMerger->nTree; i++){
+ vdbePmaReaderClear(&pMerger->aReadr[i]);
+ }
+ }
+ sqlite3_free(pMerger);
+}
+
+/*
+** Free all resources associated with the IncrMerger object indicated by
+** the first argument.
+*/
+static void vdbeIncrFree(IncrMerger *pIncr){
+ if( pIncr ){
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pIncr->bUseThread ){
+ vdbeSorterJoinThread(pIncr->pTask);
+ if( pIncr->aFile[0].pFd ) sqlite3OsCloseFree(pIncr->aFile[0].pFd);
+ if( pIncr->aFile[1].pFd ) sqlite3OsCloseFree(pIncr->aFile[1].pFd);
+ }
+#endif
+ vdbeMergeEngineFree(pIncr->pMerger);
+ sqlite3_free(pIncr);
+ }
+}
+
+/*
+** Reset a sorting cursor back to its original empty state.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSorterReset(sqlite3 *db, VdbeSorter *pSorter){
+ int i;
+ (void)vdbeSorterJoinAll(pSorter, SQLITE_OK);
+ assert( pSorter->bUseThreads || pSorter->pReader==0 );
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pSorter->pReader ){
+ vdbePmaReaderClear(pSorter->pReader);
+ sqlite3DbFree(db, pSorter->pReader);
+ pSorter->pReader = 0;
+ }
+#endif
+ vdbeMergeEngineFree(pSorter->pMerger);
+ pSorter->pMerger = 0;
+ for(i=0; i<pSorter->nTask; i++){
+ SortSubtask *pTask = &pSorter->aTask[i];
+ vdbeSortSubtaskCleanup(db, pTask);
+ pTask->pSorter = pSorter;
+ }
+ if( pSorter->list.aMemory==0 ){
+ vdbeSorterRecordFree(0, pSorter->list.pList);
+ }
+ pSorter->list.pList = 0;
+ pSorter->list.szPMA = 0;
+ pSorter->bUsePMA = 0;
+ pSorter->iMemory = 0;
+ pSorter->mxKeysize = 0;
+ sqlite3DbFree(db, pSorter->pUnpacked);
+ pSorter->pUnpacked = 0;
+}
+
+/*
+** Free any cursor components allocated by sqlite3VdbeSorterXXX routines.
+*/
+SQLITE_PRIVATE void sqlite3VdbeSorterClose(sqlite3 *db, VdbeCursor *pCsr){
+ VdbeSorter *pSorter;
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ pSorter = pCsr->uc.pSorter;
+ if( pSorter ){
+ sqlite3VdbeSorterReset(db, pSorter);
+ sqlite3_free(pSorter->list.aMemory);
+ sqlite3DbFree(db, pSorter);
+ pCsr->uc.pSorter = 0;
+ }
+}
+
+#if SQLITE_MAX_MMAP_SIZE>0
+/*
+** The first argument is a file-handle open on a temporary file. The file
+** is guaranteed to be nByte bytes or smaller in size. This function
+** attempts to extend the file to nByte bytes in size and to ensure that
+** the VFS has memory mapped it.
+**
+** Whether or not the file does end up memory mapped of course depends on
+** the specific VFS implementation.
+*/
+static void vdbeSorterExtendFile(sqlite3 *db, sqlite3_file *pFd, i64 nByte){
+ if( nByte<=(i64)(db->nMaxSorterMmap) && pFd->pMethods->iVersion>=3 ){
+ void *p = 0;
+ int chunksize = 4*1024;
+ sqlite3OsFileControlHint(pFd, SQLITE_FCNTL_CHUNK_SIZE, &chunksize);
+ sqlite3OsFileControlHint(pFd, SQLITE_FCNTL_SIZE_HINT, &nByte);
+ sqlite3OsFetch(pFd, 0, (int)nByte, &p);
+ sqlite3OsUnfetch(pFd, 0, p);
+ }
+}
+#else
+# define vdbeSorterExtendFile(x,y,z)
+#endif
+
+/*
+** Allocate space for a file-handle and open a temporary file. If successful,
+** set *ppFd to point to the malloc'd file-handle and return SQLITE_OK.
+** Otherwise, set *ppFd to 0 and return an SQLite error code.
+*/
+static int vdbeSorterOpenTempFile(
+ sqlite3 *db, /* Database handle doing sort */
+ i64 nExtend, /* Attempt to extend file to this size */
+ sqlite3_file **ppFd
+){
+ int rc;
+ if( sqlite3FaultSim(202) ) return SQLITE_IOERR_ACCESS;
+ rc = sqlite3OsOpenMalloc(db->pVfs, 0, ppFd,
+ SQLITE_OPEN_TEMP_JOURNAL |
+ SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE |
+ SQLITE_OPEN_EXCLUSIVE | SQLITE_OPEN_DELETEONCLOSE, &rc
+ );
+ if( rc==SQLITE_OK ){
+ i64 max = SQLITE_MAX_MMAP_SIZE;
+ sqlite3OsFileControlHint(*ppFd, SQLITE_FCNTL_MMAP_SIZE, (void*)&max);
+ if( nExtend>0 ){
+ vdbeSorterExtendFile(db, *ppFd, nExtend);
+ }
+ }
+ return rc;
+}
+
+/*
+** If it has not already been allocated, allocate the UnpackedRecord
+** structure at pTask->pUnpacked. Return SQLITE_OK if successful (or
+** if no allocation was required), or SQLITE_NOMEM otherwise.
+*/
+static int vdbeSortAllocUnpacked(SortSubtask *pTask){
+ if( pTask->pUnpacked==0 ){
+ char *pFree;
+ pTask->pUnpacked = sqlite3VdbeAllocUnpackedRecord(
+ pTask->pSorter->pKeyInfo, 0, 0, &pFree
+ );
+ assert( pTask->pUnpacked==(UnpackedRecord*)pFree );
+ if( pFree==0 ) return SQLITE_NOMEM;
+ pTask->pUnpacked->nField = pTask->pSorter->pKeyInfo->nField;
+ pTask->pUnpacked->errCode = 0;
+ }
+ return SQLITE_OK;
+}
+
+
+/*
+** Merge the two sorted lists p1 and p2 into a single list.
+** Set *ppOut to the head of the new list.
+*/
+static void vdbeSorterMerge(
+ SortSubtask *pTask, /* Calling thread context */
+ SorterRecord *p1, /* First list to merge */
+ SorterRecord *p2, /* Second list to merge */
+ SorterRecord **ppOut /* OUT: Head of merged list */
+){
+ SorterRecord *pFinal = 0;
+ SorterRecord **pp = &pFinal;
+ int bCached = 0;
+
+ while( p1 && p2 ){
+ int res;
+ res = pTask->xCompare(
+ pTask, &bCached, SRVAL(p1), p1->nVal, SRVAL(p2), p2->nVal
+ );
+
+ if( res<=0 ){
+ *pp = p1;
+ pp = &p1->u.pNext;
+ p1 = p1->u.pNext;
+ }else{
+ *pp = p2;
+ pp = &p2->u.pNext;
+ p2 = p2->u.pNext;
+ bCached = 0;
+ }
+ }
+ *pp = p1 ? p1 : p2;
+ *ppOut = pFinal;
+}
+
+/*
+** Return the SorterCompare function to compare values collected by the
+** sorter object passed as the only argument.
+*/
+static SorterCompare vdbeSorterGetCompare(VdbeSorter *p){
+ if( p->typeMask==SORTER_TYPE_INTEGER ){
+ return vdbeSorterCompareInt;
+ }else if( p->typeMask==SORTER_TYPE_TEXT ){
+ return vdbeSorterCompareText;
+ }
+ return vdbeSorterCompare;
+}
+
+/*
+** Sort the linked list of records headed at pTask->pList. Return
+** SQLITE_OK if successful, or an SQLite error code (i.e. SQLITE_NOMEM) if
+** an error occurs.
+*/
+static int vdbeSorterSort(SortSubtask *pTask, SorterList *pList){
+ int i;
+ SorterRecord **aSlot;
+ SorterRecord *p;
+ int rc;
+
+ rc = vdbeSortAllocUnpacked(pTask);
+ if( rc!=SQLITE_OK ) return rc;
+
+ p = pList->pList;
+ pTask->xCompare = vdbeSorterGetCompare(pTask->pSorter);
+
+ aSlot = (SorterRecord **)sqlite3MallocZero(64 * sizeof(SorterRecord *));
+ if( !aSlot ){
+ return SQLITE_NOMEM;
+ }
+
+ while( p ){
+ SorterRecord *pNext;
+ if( pList->aMemory ){
+ if( (u8*)p==pList->aMemory ){
+ pNext = 0;
+ }else{
+ assert( p->u.iNext<sqlite3MallocSize(pList->aMemory) );
+ pNext = (SorterRecord*)&pList->aMemory[p->u.iNext];
+ }
+ }else{
+ pNext = p->u.pNext;
+ }
+
+ p->u.pNext = 0;
+ for(i=0; aSlot[i]; i++){
+ vdbeSorterMerge(pTask, p, aSlot[i], &p);
+ aSlot[i] = 0;
+ }
+ aSlot[i] = p;
+ p = pNext;
+ }
+
+ p = 0;
+ for(i=0; i<64; i++){
+ vdbeSorterMerge(pTask, p, aSlot[i], &p);
+ }
+ pList->pList = p;
+
+ sqlite3_free(aSlot);
+ assert( pTask->pUnpacked->errCode==SQLITE_OK
+ || pTask->pUnpacked->errCode==SQLITE_NOMEM
+ );
+ return pTask->pUnpacked->errCode;
+}
+
+/*
+** Initialize a PMA-writer object.
+*/
+static void vdbePmaWriterInit(
+ sqlite3_file *pFd, /* File handle to write to */
+ PmaWriter *p, /* Object to populate */
+ int nBuf, /* Buffer size */
+ i64 iStart /* Offset of pFd to begin writing at */
+){
+ memset(p, 0, sizeof(PmaWriter));
+ p->aBuffer = (u8*)sqlite3Malloc(nBuf);
+ if( !p->aBuffer ){
+ p->eFWErr = SQLITE_NOMEM;
+ }else{
+ p->iBufEnd = p->iBufStart = (iStart % nBuf);
+ p->iWriteOff = iStart - p->iBufStart;
+ p->nBuffer = nBuf;
+ p->pFd = pFd;
+ }
+}
+
+/*
+** Write nData bytes of data to the PMA. Return SQLITE_OK
+** if successful, or an SQLite error code if an error occurs.
+*/
+static void vdbePmaWriteBlob(PmaWriter *p, u8 *pData, int nData){
+ int nRem = nData;
+ while( nRem>0 && p->eFWErr==0 ){
+ int nCopy = nRem;
+ if( nCopy>(p->nBuffer - p->iBufEnd) ){
+ nCopy = p->nBuffer - p->iBufEnd;
+ }
+
+ memcpy(&p->aBuffer[p->iBufEnd], &pData[nData-nRem], nCopy);
+ p->iBufEnd += nCopy;
+ if( p->iBufEnd==p->nBuffer ){
+ p->eFWErr = sqlite3OsWrite(p->pFd,
+ &p->aBuffer[p->iBufStart], p->iBufEnd - p->iBufStart,
+ p->iWriteOff + p->iBufStart
+ );
+ p->iBufStart = p->iBufEnd = 0;
+ p->iWriteOff += p->nBuffer;
+ }
+ assert( p->iBufEnd<p->nBuffer );
+
+ nRem -= nCopy;
+ }
+}
+
+/*
+** Flush any buffered data to disk and clean up the PMA-writer object.
+** The results of using the PMA-writer after this call are undefined.
+** Return SQLITE_OK if flushing the buffered data succeeds or is not
+** required. Otherwise, return an SQLite error code.
+**
+** Before returning, set *piEof to the offset immediately following the
+** last byte written to the file.
+*/
+static int vdbePmaWriterFinish(PmaWriter *p, i64 *piEof){
+ int rc;
+ if( p->eFWErr==0 && ALWAYS(p->aBuffer) && p->iBufEnd>p->iBufStart ){
+ p->eFWErr = sqlite3OsWrite(p->pFd,
+ &p->aBuffer[p->iBufStart], p->iBufEnd - p->iBufStart,
+ p->iWriteOff + p->iBufStart
+ );
+ }
+ *piEof = (p->iWriteOff + p->iBufEnd);
+ sqlite3_free(p->aBuffer);
+ rc = p->eFWErr;
+ memset(p, 0, sizeof(PmaWriter));
+ return rc;
+}
+
+/*
+** Write value iVal encoded as a varint to the PMA. Return
+** SQLITE_OK if successful, or an SQLite error code if an error occurs.
+*/
+static void vdbePmaWriteVarint(PmaWriter *p, u64 iVal){
+ int nByte;
+ u8 aByte[10];
+ nByte = sqlite3PutVarint(aByte, iVal);
+ vdbePmaWriteBlob(p, aByte, nByte);
+}
+
+/*
+** Write the current contents of in-memory linked-list pList to a level-0
+** PMA in the temp file belonging to sub-task pTask. Return SQLITE_OK if
+** successful, or an SQLite error code otherwise.
+**
+** The format of a PMA is:
+**
+** * A varint. This varint contains the total number of bytes of content
+** in the PMA (not including the varint itself).
+**
+** * One or more records packed end-to-end in order of ascending keys.
+** Each record consists of a varint followed by a blob of data (the
+** key). The varint is the number of bytes in the blob of data.
+*/
+static int vdbeSorterListToPMA(SortSubtask *pTask, SorterList *pList){
+ sqlite3 *db = pTask->pSorter->db;
+ int rc = SQLITE_OK; /* Return code */
+ PmaWriter writer; /* Object used to write to the file */
+
+#ifdef SQLITE_DEBUG
+ /* Set iSz to the expected size of file pTask->file after writing the PMA.
+ ** This is used by an assert() statement at the end of this function. */
+ i64 iSz = pList->szPMA + sqlite3VarintLen(pList->szPMA) + pTask->file.iEof;
+#endif
+
+ vdbeSorterWorkDebug(pTask, "enter");
+ memset(&writer, 0, sizeof(PmaWriter));
+ assert( pList->szPMA>0 );
+
+ /* If the first temporary PMA file has not been opened, open it now. */
+ if( pTask->file.pFd==0 ){
+ rc = vdbeSorterOpenTempFile(db, 0, &pTask->file.pFd);
+ assert( rc!=SQLITE_OK || pTask->file.pFd );
+ assert( pTask->file.iEof==0 );
+ assert( pTask->nPMA==0 );
+ }
+
+ /* Try to get the file to memory map */
+ if( rc==SQLITE_OK ){
+ vdbeSorterExtendFile(db, pTask->file.pFd, pTask->file.iEof+pList->szPMA+9);
+ }
+
+ /* Sort the list */
+ if( rc==SQLITE_OK ){
+ rc = vdbeSorterSort(pTask, pList);
+ }
+
+ if( rc==SQLITE_OK ){
+ SorterRecord *p;
+ SorterRecord *pNext = 0;
+
+ vdbePmaWriterInit(pTask->file.pFd, &writer, pTask->pSorter->pgsz,
+ pTask->file.iEof);
+ pTask->nPMA++;
+ vdbePmaWriteVarint(&writer, pList->szPMA);
+ for(p=pList->pList; p; p=pNext){
+ pNext = p->u.pNext;
+ vdbePmaWriteVarint(&writer, p->nVal);
+ vdbePmaWriteBlob(&writer, SRVAL(p), p->nVal);
+ if( pList->aMemory==0 ) sqlite3_free(p);
+ }
+ pList->pList = p;
+ rc = vdbePmaWriterFinish(&writer, &pTask->file.iEof);
+ }
+
+ vdbeSorterWorkDebug(pTask, "exit");
+ assert( rc!=SQLITE_OK || pList->pList==0 );
+ assert( rc!=SQLITE_OK || pTask->file.iEof==iSz );
+ return rc;
+}
+
+/*
+** Advance the MergeEngine to its next entry.
+** Set *pbEof to true there is no next entry because
+** the MergeEngine has reached the end of all its inputs.
+**
+** Return SQLITE_OK if successful or an error code if an error occurs.
+*/
+static int vdbeMergeEngineStep(
+ MergeEngine *pMerger, /* The merge engine to advance to the next row */
+ int *pbEof /* Set TRUE at EOF. Set false for more content */
+){
+ int rc;
+ int iPrev = pMerger->aTree[1];/* Index of PmaReader to advance */
+ SortSubtask *pTask = pMerger->pTask;
+
+ /* Advance the current PmaReader */
+ rc = vdbePmaReaderNext(&pMerger->aReadr[iPrev]);
+
+ /* Update contents of aTree[] */
+ if( rc==SQLITE_OK ){
+ int i; /* Index of aTree[] to recalculate */
+ PmaReader *pReadr1; /* First PmaReader to compare */
+ PmaReader *pReadr2; /* Second PmaReader to compare */
+ int bCached = 0;
+
+ /* Find the first two PmaReaders to compare. The one that was just
+ ** advanced (iPrev) and the one next to it in the array. */
+ pReadr1 = &pMerger->aReadr[(iPrev & 0xFFFE)];
+ pReadr2 = &pMerger->aReadr[(iPrev | 0x0001)];
+
+ for(i=(pMerger->nTree+iPrev)/2; i>0; i=i/2){
+ /* Compare pReadr1 and pReadr2. Store the result in variable iRes. */
+ int iRes;
+ if( pReadr1->pFd==0 ){
+ iRes = +1;
+ }else if( pReadr2->pFd==0 ){
+ iRes = -1;
+ }else{
+ iRes = pTask->xCompare(pTask, &bCached,
+ pReadr1->aKey, pReadr1->nKey, pReadr2->aKey, pReadr2->nKey
+ );
+ }
+
+ /* If pReadr1 contained the smaller value, set aTree[i] to its index.
+ ** Then set pReadr2 to the next PmaReader to compare to pReadr1. In this
+ ** case there is no cache of pReadr2 in pTask->pUnpacked, so set
+ ** pKey2 to point to the record belonging to pReadr2.
+ **
+ ** Alternatively, if pReadr2 contains the smaller of the two values,
+ ** set aTree[i] to its index and update pReadr1. If vdbeSorterCompare()
+ ** was actually called above, then pTask->pUnpacked now contains
+ ** a value equivalent to pReadr2. So set pKey2 to NULL to prevent
+ ** vdbeSorterCompare() from decoding pReadr2 again.
+ **
+ ** If the two values were equal, then the value from the oldest
+ ** PMA should be considered smaller. The VdbeSorter.aReadr[] array
+ ** is sorted from oldest to newest, so pReadr1 contains older values
+ ** than pReadr2 iff (pReadr1<pReadr2). */
+ if( iRes<0 || (iRes==0 && pReadr1<pReadr2) ){
+ pMerger->aTree[i] = (int)(pReadr1 - pMerger->aReadr);
+ pReadr2 = &pMerger->aReadr[ pMerger->aTree[i ^ 0x0001] ];
+ bCached = 0;
+ }else{
+ if( pReadr1->pFd ) bCached = 0;
+ pMerger->aTree[i] = (int)(pReadr2 - pMerger->aReadr);
+ pReadr1 = &pMerger->aReadr[ pMerger->aTree[i ^ 0x0001] ];
+ }
+ }
+ *pbEof = (pMerger->aReadr[pMerger->aTree[1]].pFd==0);
+ }
+
+ return (rc==SQLITE_OK ? pTask->pUnpacked->errCode : rc);
+}
+
+#if SQLITE_MAX_WORKER_THREADS>0
+/*
+** The main routine for background threads that write level-0 PMAs.
+*/
+static void *vdbeSorterFlushThread(void *pCtx){
+ SortSubtask *pTask = (SortSubtask*)pCtx;
+ int rc; /* Return code */
+ assert( pTask->bDone==0 );
+ rc = vdbeSorterListToPMA(pTask, &pTask->list);
+ pTask->bDone = 1;
+ return SQLITE_INT_TO_PTR(rc);
+}
+#endif /* SQLITE_MAX_WORKER_THREADS>0 */
+
+/*
+** Flush the current contents of VdbeSorter.list to a new PMA, possibly
+** using a background thread.
+*/
+static int vdbeSorterFlushPMA(VdbeSorter *pSorter){
+#if SQLITE_MAX_WORKER_THREADS==0
+ pSorter->bUsePMA = 1;
+ return vdbeSorterListToPMA(&pSorter->aTask[0], &pSorter->list);
+#else
+ int rc = SQLITE_OK;
+ int i;
+ SortSubtask *pTask = 0; /* Thread context used to create new PMA */
+ int nWorker = (pSorter->nTask-1);
+
+ /* Set the flag to indicate that at least one PMA has been written.
+ ** Or will be, anyhow. */
+ pSorter->bUsePMA = 1;
+
+ /* Select a sub-task to sort and flush the current list of in-memory
+ ** records to disk. If the sorter is running in multi-threaded mode,
+ ** round-robin between the first (pSorter->nTask-1) tasks. Except, if
+ ** the background thread from a sub-tasks previous turn is still running,
+ ** skip it. If the first (pSorter->nTask-1) sub-tasks are all still busy,
+ ** fall back to using the final sub-task. The first (pSorter->nTask-1)
+ ** sub-tasks are prefered as they use background threads - the final
+ ** sub-task uses the main thread. */
+ for(i=0; i<nWorker; i++){
+ int iTest = (pSorter->iPrev + i + 1) % nWorker;
+ pTask = &pSorter->aTask[iTest];
+ if( pTask->bDone ){
+ rc = vdbeSorterJoinThread(pTask);
+ }
+ if( rc!=SQLITE_OK || pTask->pThread==0 ) break;
+ }
+
+ if( rc==SQLITE_OK ){
+ if( i==nWorker ){
+ /* Use the foreground thread for this operation */
+ rc = vdbeSorterListToPMA(&pSorter->aTask[nWorker], &pSorter->list);
+ }else{
+ /* Launch a background thread for this operation */
+ u8 *aMem = pTask->list.aMemory;
+ void *pCtx = (void*)pTask;
+
+ assert( pTask->pThread==0 && pTask->bDone==0 );
+ assert( pTask->list.pList==0 );
+ assert( pTask->list.aMemory==0 || pSorter->list.aMemory!=0 );
+
+ pSorter->iPrev = (u8)(pTask - pSorter->aTask);
+ pTask->list = pSorter->list;
+ pSorter->list.pList = 0;
+ pSorter->list.szPMA = 0;
+ if( aMem ){
+ pSorter->list.aMemory = aMem;
+ pSorter->nMemory = sqlite3MallocSize(aMem);
+ }else if( pSorter->list.aMemory ){
+ pSorter->list.aMemory = sqlite3Malloc(pSorter->nMemory);
+ if( !pSorter->list.aMemory ) return SQLITE_NOMEM;
+ }
+
+ rc = vdbeSorterCreateThread(pTask, vdbeSorterFlushThread, pCtx);
+ }
+ }
+
+ return rc;
+#endif /* SQLITE_MAX_WORKER_THREADS!=0 */
+}
+
+/*
+** Add a record to the sorter.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSorterWrite(
+ const VdbeCursor *pCsr, /* Sorter cursor */
+ Mem *pVal /* Memory cell containing record */
+){
+ VdbeSorter *pSorter;
+ int rc = SQLITE_OK; /* Return Code */
+ SorterRecord *pNew; /* New list element */
+ int bFlush; /* True to flush contents of memory to PMA */
+ int nReq; /* Bytes of memory required */
+ int nPMA; /* Bytes of PMA space required */
+ int t; /* serial type of first record field */
+
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ pSorter = pCsr->uc.pSorter;
+ getVarint32((const u8*)&pVal->z[1], t);
+ if( t>0 && t<10 && t!=7 ){
+ pSorter->typeMask &= SORTER_TYPE_INTEGER;
+ }else if( t>10 && (t & 0x01) ){
+ pSorter->typeMask &= SORTER_TYPE_TEXT;
+ }else{
+ pSorter->typeMask = 0;
+ }
+
+ assert( pSorter );
+
+ /* Figure out whether or not the current contents of memory should be
+ ** flushed to a PMA before continuing. If so, do so.
+ **
+ ** If using the single large allocation mode (pSorter->aMemory!=0), then
+ ** flush the contents of memory to a new PMA if (a) at least one value is
+ ** already in memory and (b) the new value will not fit in memory.
+ **
+ ** Or, if using separate allocations for each record, flush the contents
+ ** of memory to a PMA if either of the following are true:
+ **
+ ** * The total memory allocated for the in-memory list is greater
+ ** than (page-size * cache-size), or
+ **
+ ** * The total memory allocated for the in-memory list is greater
+ ** than (page-size * 10) and sqlite3HeapNearlyFull() returns true.
+ */
+ nReq = pVal->n + sizeof(SorterRecord);
+ nPMA = pVal->n + sqlite3VarintLen(pVal->n);
+ if( pSorter->mxPmaSize ){
+ if( pSorter->list.aMemory ){
+ bFlush = pSorter->iMemory && (pSorter->iMemory+nReq) > pSorter->mxPmaSize;
+ }else{
+ bFlush = (
+ (pSorter->list.szPMA > pSorter->mxPmaSize)
+ || (pSorter->list.szPMA > pSorter->mnPmaSize && sqlite3HeapNearlyFull())
+ );
+ }
+ if( bFlush ){
+ rc = vdbeSorterFlushPMA(pSorter);
+ pSorter->list.szPMA = 0;
+ pSorter->iMemory = 0;
+ assert( rc!=SQLITE_OK || pSorter->list.pList==0 );
+ }
+ }
+
+ pSorter->list.szPMA += nPMA;
+ if( nPMA>pSorter->mxKeysize ){
+ pSorter->mxKeysize = nPMA;
+ }
+
+ if( pSorter->list.aMemory ){
+ int nMin = pSorter->iMemory + nReq;
+
+ if( nMin>pSorter->nMemory ){
+ u8 *aNew;
+ int nNew = pSorter->nMemory * 2;
+ while( nNew < nMin ) nNew = nNew*2;
+ if( nNew > pSorter->mxPmaSize ) nNew = pSorter->mxPmaSize;
+ if( nNew < nMin ) nNew = nMin;
+
+ aNew = sqlite3Realloc(pSorter->list.aMemory, nNew);
+ if( !aNew ) return SQLITE_NOMEM;
+ pSorter->list.pList = (SorterRecord*)(
+ aNew + ((u8*)pSorter->list.pList - pSorter->list.aMemory)
+ );
+ pSorter->list.aMemory = aNew;
+ pSorter->nMemory = nNew;
+ }
+
+ pNew = (SorterRecord*)&pSorter->list.aMemory[pSorter->iMemory];
+ pSorter->iMemory += ROUND8(nReq);
+ pNew->u.iNext = (int)((u8*)(pSorter->list.pList) - pSorter->list.aMemory);
+ }else{
+ pNew = (SorterRecord *)sqlite3Malloc(nReq);
+ if( pNew==0 ){
+ return SQLITE_NOMEM;
+ }
+ pNew->u.pNext = pSorter->list.pList;
+ }
+
+ memcpy(SRVAL(pNew), pVal->z, pVal->n);
+ pNew->nVal = pVal->n;
+ pSorter->list.pList = pNew;
+
+ return rc;
+}
+
+/*
+** Read keys from pIncr->pMerger and populate pIncr->aFile[1]. The format
+** of the data stored in aFile[1] is the same as that used by regular PMAs,
+** except that the number-of-bytes varint is omitted from the start.
+*/
+static int vdbeIncrPopulate(IncrMerger *pIncr){
+ int rc = SQLITE_OK;
+ int rc2;
+ i64 iStart = pIncr->iStartOff;
+ SorterFile *pOut = &pIncr->aFile[1];
+ SortSubtask *pTask = pIncr->pTask;
+ MergeEngine *pMerger = pIncr->pMerger;
+ PmaWriter writer;
+ assert( pIncr->bEof==0 );
+
+ vdbeSorterPopulateDebug(pTask, "enter");
+
+ vdbePmaWriterInit(pOut->pFd, &writer, pTask->pSorter->pgsz, iStart);
+ while( rc==SQLITE_OK ){
+ int dummy;
+ PmaReader *pReader = &pMerger->aReadr[ pMerger->aTree[1] ];
+ int nKey = pReader->nKey;
+ i64 iEof = writer.iWriteOff + writer.iBufEnd;
+
+ /* Check if the output file is full or if the input has been exhausted.
+ ** In either case exit the loop. */
+ if( pReader->pFd==0 ) break;
+ if( (iEof + nKey + sqlite3VarintLen(nKey))>(iStart + pIncr->mxSz) ) break;
+
+ /* Write the next key to the output. */
+ vdbePmaWriteVarint(&writer, nKey);
+ vdbePmaWriteBlob(&writer, pReader->aKey, nKey);
+ assert( pIncr->pMerger->pTask==pTask );
+ rc = vdbeMergeEngineStep(pIncr->pMerger, &dummy);
+ }
+
+ rc2 = vdbePmaWriterFinish(&writer, &pOut->iEof);
+ if( rc==SQLITE_OK ) rc = rc2;
+ vdbeSorterPopulateDebug(pTask, "exit");
+ return rc;
+}
+
+#if SQLITE_MAX_WORKER_THREADS>0
+/*
+** The main routine for background threads that populate aFile[1] of
+** multi-threaded IncrMerger objects.
+*/
+static void *vdbeIncrPopulateThread(void *pCtx){
+ IncrMerger *pIncr = (IncrMerger*)pCtx;
+ void *pRet = SQLITE_INT_TO_PTR( vdbeIncrPopulate(pIncr) );
+ pIncr->pTask->bDone = 1;
+ return pRet;
+}
+
+/*
+** Launch a background thread to populate aFile[1] of pIncr.
+*/
+static int vdbeIncrBgPopulate(IncrMerger *pIncr){
+ void *p = (void*)pIncr;
+ assert( pIncr->bUseThread );
+ return vdbeSorterCreateThread(pIncr->pTask, vdbeIncrPopulateThread, p);
+}
+#endif
+
+/*
+** This function is called when the PmaReader corresponding to pIncr has
+** finished reading the contents of aFile[0]. Its purpose is to "refill"
+** aFile[0] such that the PmaReader should start rereading it from the
+** beginning.
+**
+** For single-threaded objects, this is accomplished by literally reading
+** keys from pIncr->pMerger and repopulating aFile[0].
+**
+** For multi-threaded objects, all that is required is to wait until the
+** background thread is finished (if it is not already) and then swap
+** aFile[0] and aFile[1] in place. If the contents of pMerger have not
+** been exhausted, this function also launches a new background thread
+** to populate the new aFile[1].
+**
+** SQLITE_OK is returned on success, or an SQLite error code otherwise.
+*/
+static int vdbeIncrSwap(IncrMerger *pIncr){
+ int rc = SQLITE_OK;
+
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pIncr->bUseThread ){
+ rc = vdbeSorterJoinThread(pIncr->pTask);
+
+ if( rc==SQLITE_OK ){
+ SorterFile f0 = pIncr->aFile[0];
+ pIncr->aFile[0] = pIncr->aFile[1];
+ pIncr->aFile[1] = f0;
+ }
+
+ if( rc==SQLITE_OK ){
+ if( pIncr->aFile[0].iEof==pIncr->iStartOff ){
+ pIncr->bEof = 1;
+ }else{
+ rc = vdbeIncrBgPopulate(pIncr);
+ }
+ }
+ }else
+#endif
+ {
+ rc = vdbeIncrPopulate(pIncr);
+ pIncr->aFile[0] = pIncr->aFile[1];
+ if( pIncr->aFile[0].iEof==pIncr->iStartOff ){
+ pIncr->bEof = 1;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Allocate and return a new IncrMerger object to read data from pMerger.
+**
+** If an OOM condition is encountered, return NULL. In this case free the
+** pMerger argument before returning.
+*/
+static int vdbeIncrMergerNew(
+ SortSubtask *pTask, /* The thread that will be using the new IncrMerger */
+ MergeEngine *pMerger, /* The MergeEngine that the IncrMerger will control */
+ IncrMerger **ppOut /* Write the new IncrMerger here */
+){
+ int rc = SQLITE_OK;
+ IncrMerger *pIncr = *ppOut = (IncrMerger*)
+ (sqlite3FaultSim(100) ? 0 : sqlite3MallocZero(sizeof(*pIncr)));
+ if( pIncr ){
+ pIncr->pMerger = pMerger;
+ pIncr->pTask = pTask;
+ pIncr->mxSz = MAX(pTask->pSorter->mxKeysize+9,pTask->pSorter->mxPmaSize/2);
+ pTask->file2.iEof += pIncr->mxSz;
+ }else{
+ vdbeMergeEngineFree(pMerger);
+ rc = SQLITE_NOMEM;
+ }
+ return rc;
+}
+
+#if SQLITE_MAX_WORKER_THREADS>0
+/*
+** Set the "use-threads" flag on object pIncr.
+*/
+static void vdbeIncrMergerSetThreads(IncrMerger *pIncr){
+ pIncr->bUseThread = 1;
+ pIncr->pTask->file2.iEof -= pIncr->mxSz;
+}
+#endif /* SQLITE_MAX_WORKER_THREADS>0 */
+
+
+
+/*
+** Recompute pMerger->aTree[iOut] by comparing the next keys on the
+** two PmaReaders that feed that entry. Neither of the PmaReaders
+** are advanced. This routine merely does the comparison.
+*/
+static void vdbeMergeEngineCompare(
+ MergeEngine *pMerger, /* Merge engine containing PmaReaders to compare */
+ int iOut /* Store the result in pMerger->aTree[iOut] */
+){
+ int i1;
+ int i2;
+ int iRes;
+ PmaReader *p1;
+ PmaReader *p2;
+
+ assert( iOut<pMerger->nTree && iOut>0 );
+
+ if( iOut>=(pMerger->nTree/2) ){
+ i1 = (iOut - pMerger->nTree/2) * 2;
+ i2 = i1 + 1;
+ }else{
+ i1 = pMerger->aTree[iOut*2];
+ i2 = pMerger->aTree[iOut*2+1];
+ }
+
+ p1 = &pMerger->aReadr[i1];
+ p2 = &pMerger->aReadr[i2];
+
+ if( p1->pFd==0 ){
+ iRes = i2;
+ }else if( p2->pFd==0 ){
+ iRes = i1;
+ }else{
+ SortSubtask *pTask = pMerger->pTask;
+ int bCached = 0;
+ int res;
+ assert( pTask->pUnpacked!=0 ); /* from vdbeSortSubtaskMain() */
+ res = pTask->xCompare(
+ pTask, &bCached, p1->aKey, p1->nKey, p2->aKey, p2->nKey
+ );
+ if( res<=0 ){
+ iRes = i1;
+ }else{
+ iRes = i2;
+ }
+ }
+
+ pMerger->aTree[iOut] = iRes;
+}
+
+/*
+** Allowed values for the eMode parameter to vdbeMergeEngineInit()
+** and vdbePmaReaderIncrMergeInit().
+**
+** Only INCRINIT_NORMAL is valid in single-threaded builds (when
+** SQLITE_MAX_WORKER_THREADS==0). The other values are only used
+** when there exists one or more separate worker threads.
+*/
+#define INCRINIT_NORMAL 0
+#define INCRINIT_TASK 1
+#define INCRINIT_ROOT 2
+
+/*
+** Forward reference required as the vdbeIncrMergeInit() and
+** vdbePmaReaderIncrInit() routines are called mutually recursively when
+** building a merge tree.
+*/
+static int vdbePmaReaderIncrInit(PmaReader *pReadr, int eMode);
+
+/*
+** Initialize the MergeEngine object passed as the second argument. Once this
+** function returns, the first key of merged data may be read from the
+** MergeEngine object in the usual fashion.
+**
+** If argument eMode is INCRINIT_ROOT, then it is assumed that any IncrMerge
+** objects attached to the PmaReader objects that the merger reads from have
+** already been populated, but that they have not yet populated aFile[0] and
+** set the PmaReader objects up to read from it. In this case all that is
+** required is to call vdbePmaReaderNext() on each PmaReader to point it at
+** its first key.
+**
+** Otherwise, if eMode is any value other than INCRINIT_ROOT, then use
+** vdbePmaReaderIncrMergeInit() to initialize each PmaReader that feeds data
+** to pMerger.
+**
+** SQLITE_OK is returned if successful, or an SQLite error code otherwise.
+*/
+static int vdbeMergeEngineInit(
+ SortSubtask *pTask, /* Thread that will run pMerger */
+ MergeEngine *pMerger, /* MergeEngine to initialize */
+ int eMode /* One of the INCRINIT_XXX constants */
+){
+ int rc = SQLITE_OK; /* Return code */
+ int i; /* For looping over PmaReader objects */
+ int nTree = pMerger->nTree;
+
+ /* eMode is always INCRINIT_NORMAL in single-threaded mode */
+ assert( SQLITE_MAX_WORKER_THREADS>0 || eMode==INCRINIT_NORMAL );
+
+ /* Verify that the MergeEngine is assigned to a single thread */
+ assert( pMerger->pTask==0 );
+ pMerger->pTask = pTask;
+
+ for(i=0; i<nTree; i++){
+ if( SQLITE_MAX_WORKER_THREADS>0 && eMode==INCRINIT_ROOT ){
+ /* PmaReaders should be normally initialized in order, as if they are
+ ** reading from the same temp file this makes for more linear file IO.
+ ** However, in the INCRINIT_ROOT case, if PmaReader aReadr[nTask-1] is
+ ** in use it will block the vdbePmaReaderNext() call while it uses
+ ** the main thread to fill its buffer. So calling PmaReaderNext()
+ ** on this PmaReader before any of the multi-threaded PmaReaders takes
+ ** better advantage of multi-processor hardware. */
+ rc = vdbePmaReaderNext(&pMerger->aReadr[nTree-i-1]);
+ }else{
+ rc = vdbePmaReaderIncrInit(&pMerger->aReadr[i], INCRINIT_NORMAL);
+ }
+ if( rc!=SQLITE_OK ) return rc;
+ }
+
+ for(i=pMerger->nTree-1; i>0; i--){
+ vdbeMergeEngineCompare(pMerger, i);
+ }
+ return pTask->pUnpacked->errCode;
+}
+
+/*
+** The PmaReader passed as the first argument is guaranteed to be an
+** incremental-reader (pReadr->pIncr!=0). This function serves to open
+** and/or initialize the temp file related fields of the IncrMerge
+** object at (pReadr->pIncr).
+**
+** If argument eMode is set to INCRINIT_NORMAL, then all PmaReaders
+** in the sub-tree headed by pReadr are also initialized. Data is then
+** loaded into the buffers belonging to pReadr and it is set to point to
+** the first key in its range.
+**
+** If argument eMode is set to INCRINIT_TASK, then pReadr is guaranteed
+** to be a multi-threaded PmaReader and this function is being called in a
+** background thread. In this case all PmaReaders in the sub-tree are
+** initialized as for INCRINIT_NORMAL and the aFile[1] buffer belonging to
+** pReadr is populated. However, pReadr itself is not set up to point
+** to its first key. A call to vdbePmaReaderNext() is still required to do
+** that.
+**
+** The reason this function does not call vdbePmaReaderNext() immediately
+** in the INCRINIT_TASK case is that vdbePmaReaderNext() assumes that it has
+** to block on thread (pTask->thread) before accessing aFile[1]. But, since
+** this entire function is being run by thread (pTask->thread), that will
+** lead to the current background thread attempting to join itself.
+**
+** Finally, if argument eMode is set to INCRINIT_ROOT, it may be assumed
+** that pReadr->pIncr is a multi-threaded IncrMerge objects, and that all
+** child-trees have already been initialized using IncrInit(INCRINIT_TASK).
+** In this case vdbePmaReaderNext() is called on all child PmaReaders and
+** the current PmaReader set to point to the first key in its range.
+**
+** SQLITE_OK is returned if successful, or an SQLite error code otherwise.
+*/
+static int vdbePmaReaderIncrMergeInit(PmaReader *pReadr, int eMode){
+ int rc = SQLITE_OK;
+ IncrMerger *pIncr = pReadr->pIncr;
+ SortSubtask *pTask = pIncr->pTask;
+ sqlite3 *db = pTask->pSorter->db;
+
+ /* eMode is always INCRINIT_NORMAL in single-threaded mode */
+ assert( SQLITE_MAX_WORKER_THREADS>0 || eMode==INCRINIT_NORMAL );
+
+ rc = vdbeMergeEngineInit(pTask, pIncr->pMerger, eMode);
+
+ /* Set up the required files for pIncr. A multi-theaded IncrMerge object
+ ** requires two temp files to itself, whereas a single-threaded object
+ ** only requires a region of pTask->file2. */
+ if( rc==SQLITE_OK ){
+ int mxSz = pIncr->mxSz;
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pIncr->bUseThread ){
+ rc = vdbeSorterOpenTempFile(db, mxSz, &pIncr->aFile[0].pFd);
+ if( rc==SQLITE_OK ){
+ rc = vdbeSorterOpenTempFile(db, mxSz, &pIncr->aFile[1].pFd);
+ }
+ }else
+#endif
+ /*if( !pIncr->bUseThread )*/{
+ if( pTask->file2.pFd==0 ){
+ assert( pTask->file2.iEof>0 );
+ rc = vdbeSorterOpenTempFile(db, pTask->file2.iEof, &pTask->file2.pFd);
+ pTask->file2.iEof = 0;
+ }
+ if( rc==SQLITE_OK ){
+ pIncr->aFile[1].pFd = pTask->file2.pFd;
+ pIncr->iStartOff = pTask->file2.iEof;
+ pTask->file2.iEof += mxSz;
+ }
+ }
+ }
+
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( rc==SQLITE_OK && pIncr->bUseThread ){
+ /* Use the current thread to populate aFile[1], even though this
+ ** PmaReader is multi-threaded. If this is an INCRINIT_TASK object,
+ ** then this function is already running in background thread
+ ** pIncr->pTask->thread.
+ **
+ ** If this is the INCRINIT_ROOT object, then it is running in the
+ ** main VDBE thread. But that is Ok, as that thread cannot return
+ ** control to the VDBE or proceed with anything useful until the
+ ** first results are ready from this merger object anyway.
+ */
+ assert( eMode==INCRINIT_ROOT || eMode==INCRINIT_TASK );
+ rc = vdbeIncrPopulate(pIncr);
+ }
+#endif
+
+ if( rc==SQLITE_OK && (SQLITE_MAX_WORKER_THREADS==0 || eMode!=INCRINIT_TASK) ){
+ rc = vdbePmaReaderNext(pReadr);
+ }
+
+ return rc;
+}
+
+#if SQLITE_MAX_WORKER_THREADS>0
+/*
+** The main routine for vdbePmaReaderIncrMergeInit() operations run in
+** background threads.
+*/
+static void *vdbePmaReaderBgIncrInit(void *pCtx){
+ PmaReader *pReader = (PmaReader*)pCtx;
+ void *pRet = SQLITE_INT_TO_PTR(
+ vdbePmaReaderIncrMergeInit(pReader,INCRINIT_TASK)
+ );
+ pReader->pIncr->pTask->bDone = 1;
+ return pRet;
+}
+#endif
+
+/*
+** If the PmaReader passed as the first argument is not an incremental-reader
+** (if pReadr->pIncr==0), then this function is a no-op. Otherwise, it invokes
+** the vdbePmaReaderIncrMergeInit() function with the parameters passed to
+** this routine to initialize the incremental merge.
+**
+** If the IncrMerger object is multi-threaded (IncrMerger.bUseThread==1),
+** then a background thread is launched to call vdbePmaReaderIncrMergeInit().
+** Or, if the IncrMerger is single threaded, the same function is called
+** using the current thread.
+*/
+static int vdbePmaReaderIncrInit(PmaReader *pReadr, int eMode){
+ IncrMerger *pIncr = pReadr->pIncr; /* Incremental merger */
+ int rc = SQLITE_OK; /* Return code */
+ if( pIncr ){
+#if SQLITE_MAX_WORKER_THREADS>0
+ assert( pIncr->bUseThread==0 || eMode==INCRINIT_TASK );
+ if( pIncr->bUseThread ){
+ void *pCtx = (void*)pReadr;
+ rc = vdbeSorterCreateThread(pIncr->pTask, vdbePmaReaderBgIncrInit, pCtx);
+ }else
+#endif
+ {
+ rc = vdbePmaReaderIncrMergeInit(pReadr, eMode);
+ }
+ }
+ return rc;
+}
+
+/*
+** Allocate a new MergeEngine object to merge the contents of nPMA level-0
+** PMAs from pTask->file. If no error occurs, set *ppOut to point to
+** the new object and return SQLITE_OK. Or, if an error does occur, set *ppOut
+** to NULL and return an SQLite error code.
+**
+** When this function is called, *piOffset is set to the offset of the
+** first PMA to read from pTask->file. Assuming no error occurs, it is
+** set to the offset immediately following the last byte of the last
+** PMA before returning. If an error does occur, then the final value of
+** *piOffset is undefined.
+*/
+static int vdbeMergeEngineLevel0(
+ SortSubtask *pTask, /* Sorter task to read from */
+ int nPMA, /* Number of PMAs to read */
+ i64 *piOffset, /* IN/OUT: Readr offset in pTask->file */
+ MergeEngine **ppOut /* OUT: New merge-engine */
+){
+ MergeEngine *pNew; /* Merge engine to return */
+ i64 iOff = *piOffset;
+ int i;
+ int rc = SQLITE_OK;
+
+ *ppOut = pNew = vdbeMergeEngineNew(nPMA);
+ if( pNew==0 ) rc = SQLITE_NOMEM;
+
+ for(i=0; i<nPMA && rc==SQLITE_OK; i++){
+ i64 nDummy;
+ PmaReader *pReadr = &pNew->aReadr[i];
+ rc = vdbePmaReaderInit(pTask, &pTask->file, iOff, pReadr, &nDummy);
+ iOff = pReadr->iEof;
+ }
+
+ if( rc!=SQLITE_OK ){
+ vdbeMergeEngineFree(pNew);
+ *ppOut = 0;
+ }
+ *piOffset = iOff;
+ return rc;
+}
+
+/*
+** Return the depth of a tree comprising nPMA PMAs, assuming a fanout of
+** SORTER_MAX_MERGE_COUNT. The returned value does not include leaf nodes.
+**
+** i.e.
+**
+** nPMA<=16 -> TreeDepth() == 0
+** nPMA<=256 -> TreeDepth() == 1
+** nPMA<=65536 -> TreeDepth() == 2
+*/
+static int vdbeSorterTreeDepth(int nPMA){
+ int nDepth = 0;
+ i64 nDiv = SORTER_MAX_MERGE_COUNT;
+ while( nDiv < (i64)nPMA ){
+ nDiv = nDiv * SORTER_MAX_MERGE_COUNT;
+ nDepth++;
+ }
+ return nDepth;
+}
+
+/*
+** pRoot is the root of an incremental merge-tree with depth nDepth (according
+** to vdbeSorterTreeDepth()). pLeaf is the iSeq'th leaf to be added to the
+** tree, counting from zero. This function adds pLeaf to the tree.
+**
+** If successful, SQLITE_OK is returned. If an error occurs, an SQLite error
+** code is returned and pLeaf is freed.
+*/
+static int vdbeSorterAddToTree(
+ SortSubtask *pTask, /* Task context */
+ int nDepth, /* Depth of tree according to TreeDepth() */
+ int iSeq, /* Sequence number of leaf within tree */
+ MergeEngine *pRoot, /* Root of tree */
+ MergeEngine *pLeaf /* Leaf to add to tree */
+){
+ int rc = SQLITE_OK;
+ int nDiv = 1;
+ int i;
+ MergeEngine *p = pRoot;
+ IncrMerger *pIncr;
+
+ rc = vdbeIncrMergerNew(pTask, pLeaf, &pIncr);
+
+ for(i=1; i<nDepth; i++){
+ nDiv = nDiv * SORTER_MAX_MERGE_COUNT;
+ }
+
+ for(i=1; i<nDepth && rc==SQLITE_OK; i++){
+ int iIter = (iSeq / nDiv) % SORTER_MAX_MERGE_COUNT;
+ PmaReader *pReadr = &p->aReadr[iIter];
+
+ if( pReadr->pIncr==0 ){
+ MergeEngine *pNew = vdbeMergeEngineNew(SORTER_MAX_MERGE_COUNT);
+ if( pNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = vdbeIncrMergerNew(pTask, pNew, &pReadr->pIncr);
+ }
+ }
+ if( rc==SQLITE_OK ){
+ p = pReadr->pIncr->pMerger;
+ nDiv = nDiv / SORTER_MAX_MERGE_COUNT;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ p->aReadr[iSeq % SORTER_MAX_MERGE_COUNT].pIncr = pIncr;
+ }else{
+ vdbeIncrFree(pIncr);
+ }
+ return rc;
+}
+
+/*
+** This function is called as part of a SorterRewind() operation on a sorter
+** that has already written two or more level-0 PMAs to one or more temp
+** files. It builds a tree of MergeEngine/IncrMerger/PmaReader objects that
+** can be used to incrementally merge all PMAs on disk.
+**
+** If successful, SQLITE_OK is returned and *ppOut set to point to the
+** MergeEngine object at the root of the tree before returning. Or, if an
+** error occurs, an SQLite error code is returned and the final value
+** of *ppOut is undefined.
+*/
+static int vdbeSorterMergeTreeBuild(
+ VdbeSorter *pSorter, /* The VDBE cursor that implements the sort */
+ MergeEngine **ppOut /* Write the MergeEngine here */
+){
+ MergeEngine *pMain = 0;
+ int rc = SQLITE_OK;
+ int iTask;
+
+#if SQLITE_MAX_WORKER_THREADS>0
+ /* If the sorter uses more than one task, then create the top-level
+ ** MergeEngine here. This MergeEngine will read data from exactly
+ ** one PmaReader per sub-task. */
+ assert( pSorter->bUseThreads || pSorter->nTask==1 );
+ if( pSorter->nTask>1 ){
+ pMain = vdbeMergeEngineNew(pSorter->nTask);
+ if( pMain==0 ) rc = SQLITE_NOMEM;
+ }
+#endif
+
+ for(iTask=0; rc==SQLITE_OK && iTask<pSorter->nTask; iTask++){
+ SortSubtask *pTask = &pSorter->aTask[iTask];
+ assert( pTask->nPMA>0 || SQLITE_MAX_WORKER_THREADS>0 );
+ if( SQLITE_MAX_WORKER_THREADS==0 || pTask->nPMA ){
+ MergeEngine *pRoot = 0; /* Root node of tree for this task */
+ int nDepth = vdbeSorterTreeDepth(pTask->nPMA);
+ i64 iReadOff = 0;
+
+ if( pTask->nPMA<=SORTER_MAX_MERGE_COUNT ){
+ rc = vdbeMergeEngineLevel0(pTask, pTask->nPMA, &iReadOff, &pRoot);
+ }else{
+ int i;
+ int iSeq = 0;
+ pRoot = vdbeMergeEngineNew(SORTER_MAX_MERGE_COUNT);
+ if( pRoot==0 ) rc = SQLITE_NOMEM;
+ for(i=0; i<pTask->nPMA && rc==SQLITE_OK; i += SORTER_MAX_MERGE_COUNT){
+ MergeEngine *pMerger = 0; /* New level-0 PMA merger */
+ int nReader; /* Number of level-0 PMAs to merge */
+
+ nReader = MIN(pTask->nPMA - i, SORTER_MAX_MERGE_COUNT);
+ rc = vdbeMergeEngineLevel0(pTask, nReader, &iReadOff, &pMerger);
+ if( rc==SQLITE_OK ){
+ rc = vdbeSorterAddToTree(pTask, nDepth, iSeq++, pRoot, pMerger);
+ }
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pMain!=0 ){
+ rc = vdbeIncrMergerNew(pTask, pRoot, &pMain->aReadr[iTask].pIncr);
+ }else
+#endif
+ {
+ assert( pMain==0 );
+ pMain = pRoot;
+ }
+ }else{
+ vdbeMergeEngineFree(pRoot);
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ vdbeMergeEngineFree(pMain);
+ pMain = 0;
+ }
+ *ppOut = pMain;
+ return rc;
+}
+
+/*
+** This function is called as part of an sqlite3VdbeSorterRewind() operation
+** on a sorter that has written two or more PMAs to temporary files. It sets
+** up either VdbeSorter.pMerger (for single threaded sorters) or pReader
+** (for multi-threaded sorters) so that it can be used to iterate through
+** all records stored in the sorter.
+**
+** SQLITE_OK is returned if successful, or an SQLite error code otherwise.
+*/
+static int vdbeSorterSetupMerge(VdbeSorter *pSorter){
+ int rc; /* Return code */
+ SortSubtask *pTask0 = &pSorter->aTask[0];
+ MergeEngine *pMain = 0;
+#if SQLITE_MAX_WORKER_THREADS
+ sqlite3 *db = pTask0->pSorter->db;
+ int i;
+ SorterCompare xCompare = vdbeSorterGetCompare(pSorter);
+ for(i=0; i<pSorter->nTask; i++){
+ pSorter->aTask[i].xCompare = xCompare;
+ }
+#endif
+
+ rc = vdbeSorterMergeTreeBuild(pSorter, &pMain);
+ if( rc==SQLITE_OK ){
+#if SQLITE_MAX_WORKER_THREADS
+ assert( pSorter->bUseThreads==0 || pSorter->nTask>1 );
+ if( pSorter->bUseThreads ){
+ int iTask;
+ PmaReader *pReadr = 0;
+ SortSubtask *pLast = &pSorter->aTask[pSorter->nTask-1];
+ rc = vdbeSortAllocUnpacked(pLast);
+ if( rc==SQLITE_OK ){
+ pReadr = (PmaReader*)sqlite3DbMallocZero(db, sizeof(PmaReader));
+ pSorter->pReader = pReadr;
+ if( pReadr==0 ) rc = SQLITE_NOMEM;
+ }
+ if( rc==SQLITE_OK ){
+ rc = vdbeIncrMergerNew(pLast, pMain, &pReadr->pIncr);
+ if( rc==SQLITE_OK ){
+ vdbeIncrMergerSetThreads(pReadr->pIncr);
+ for(iTask=0; iTask<(pSorter->nTask-1); iTask++){
+ IncrMerger *pIncr;
+ if( (pIncr = pMain->aReadr[iTask].pIncr) ){
+ vdbeIncrMergerSetThreads(pIncr);
+ assert( pIncr->pTask!=pLast );
+ }
+ }
+ for(iTask=0; rc==SQLITE_OK && iTask<pSorter->nTask; iTask++){
+ /* Check that:
+ **
+ ** a) The incremental merge object is configured to use the
+ ** right task, and
+ ** b) If it is using task (nTask-1), it is configured to run
+ ** in single-threaded mode. This is important, as the
+ ** root merge (INCRINIT_ROOT) will be using the same task
+ ** object.
+ */
+ PmaReader *p = &pMain->aReadr[iTask];
+ assert( p->pIncr==0 || (
+ (p->pIncr->pTask==&pSorter->aTask[iTask]) /* a */
+ && (iTask!=pSorter->nTask-1 || p->pIncr->bUseThread==0) /* b */
+ ));
+ rc = vdbePmaReaderIncrInit(p, INCRINIT_TASK);
+ }
+ }
+ pMain = 0;
+ }
+ if( rc==SQLITE_OK ){
+ rc = vdbePmaReaderIncrMergeInit(pReadr, INCRINIT_ROOT);
+ }
+ }else
+#endif
+ {
+ rc = vdbeMergeEngineInit(pTask0, pMain, INCRINIT_NORMAL);
+ pSorter->pMerger = pMain;
+ pMain = 0;
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ vdbeMergeEngineFree(pMain);
+ }
+ return rc;
+}
+
+
+/*
+** Once the sorter has been populated by calls to sqlite3VdbeSorterWrite,
+** this function is called to prepare for iterating through the records
+** in sorted order.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSorterRewind(const VdbeCursor *pCsr, int *pbEof){
+ VdbeSorter *pSorter;
+ int rc = SQLITE_OK; /* Return code */
+
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ pSorter = pCsr->uc.pSorter;
+ assert( pSorter );
+
+ /* If no data has been written to disk, then do not do so now. Instead,
+ ** sort the VdbeSorter.pRecord list. The vdbe layer will read data directly
+ ** from the in-memory list. */
+ if( pSorter->bUsePMA==0 ){
+ if( pSorter->list.pList ){
+ *pbEof = 0;
+ rc = vdbeSorterSort(&pSorter->aTask[0], &pSorter->list);
+ }else{
+ *pbEof = 1;
+ }
+ return rc;
+ }
+
+ /* Write the current in-memory list to a PMA. When the VdbeSorterWrite()
+ ** function flushes the contents of memory to disk, it immediately always
+ ** creates a new list consisting of a single key immediately afterwards.
+ ** So the list is never empty at this point. */
+ assert( pSorter->list.pList );
+ rc = vdbeSorterFlushPMA(pSorter);
+
+ /* Join all threads */
+ rc = vdbeSorterJoinAll(pSorter, rc);
+
+ vdbeSorterRewindDebug("rewind");
+
+ /* Assuming no errors have occurred, set up a merger structure to
+ ** incrementally read and merge all remaining PMAs. */
+ assert( pSorter->pReader==0 );
+ if( rc==SQLITE_OK ){
+ rc = vdbeSorterSetupMerge(pSorter);
+ *pbEof = 0;
+ }
+
+ vdbeSorterRewindDebug("rewinddone");
+ return rc;
+}
+
+/*
+** Advance to the next element in the sorter.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSorterNext(sqlite3 *db, const VdbeCursor *pCsr, int *pbEof){
+ VdbeSorter *pSorter;
+ int rc; /* Return code */
+
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ pSorter = pCsr->uc.pSorter;
+ assert( pSorter->bUsePMA || (pSorter->pReader==0 && pSorter->pMerger==0) );
+ if( pSorter->bUsePMA ){
+ assert( pSorter->pReader==0 || pSorter->pMerger==0 );
+ assert( pSorter->bUseThreads==0 || pSorter->pReader );
+ assert( pSorter->bUseThreads==1 || pSorter->pMerger );
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pSorter->bUseThreads ){
+ rc = vdbePmaReaderNext(pSorter->pReader);
+ *pbEof = (pSorter->pReader->pFd==0);
+ }else
+#endif
+ /*if( !pSorter->bUseThreads )*/ {
+ assert( pSorter->pMerger!=0 );
+ assert( pSorter->pMerger->pTask==(&pSorter->aTask[0]) );
+ rc = vdbeMergeEngineStep(pSorter->pMerger, pbEof);
+ }
+ }else{
+ SorterRecord *pFree = pSorter->list.pList;
+ pSorter->list.pList = pFree->u.pNext;
+ pFree->u.pNext = 0;
+ if( pSorter->list.aMemory==0 ) vdbeSorterRecordFree(db, pFree);
+ *pbEof = !pSorter->list.pList;
+ rc = SQLITE_OK;
+ }
+ return rc;
+}
+
+/*
+** Return a pointer to a buffer owned by the sorter that contains the
+** current key.
+*/
+static void *vdbeSorterRowkey(
+ const VdbeSorter *pSorter, /* Sorter object */
+ int *pnKey /* OUT: Size of current key in bytes */
+){
+ void *pKey;
+ if( pSorter->bUsePMA ){
+ PmaReader *pReader;
+#if SQLITE_MAX_WORKER_THREADS>0
+ if( pSorter->bUseThreads ){
+ pReader = pSorter->pReader;
+ }else
+#endif
+ /*if( !pSorter->bUseThreads )*/{
+ pReader = &pSorter->pMerger->aReadr[pSorter->pMerger->aTree[1]];
+ }
+ *pnKey = pReader->nKey;
+ pKey = pReader->aKey;
+ }else{
+ *pnKey = pSorter->list.pList->nVal;
+ pKey = SRVAL(pSorter->list.pList);
+ }
+ return pKey;
+}
+
+/*
+** Copy the current sorter key into the memory cell pOut.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSorterRowkey(const VdbeCursor *pCsr, Mem *pOut){
+ VdbeSorter *pSorter;
+ void *pKey; int nKey; /* Sorter key to copy into pOut */
+
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ pSorter = pCsr->uc.pSorter;
+ pKey = vdbeSorterRowkey(pSorter, &nKey);
+ if( sqlite3VdbeMemClearAndResize(pOut, nKey) ){
+ return SQLITE_NOMEM;
+ }
+ pOut->n = nKey;
+ MemSetTypeFlag(pOut, MEM_Blob);
+ memcpy(pOut->z, pKey, nKey);
+
+ return SQLITE_OK;
+}
+
+/*
+** Compare the key in memory cell pVal with the key that the sorter cursor
+** passed as the first argument currently points to. For the purposes of
+** the comparison, ignore the rowid field at the end of each record.
+**
+** If the sorter cursor key contains any NULL values, consider it to be
+** less than pVal. Even if pVal also contains NULL values.
+**
+** If an error occurs, return an SQLite error code (i.e. SQLITE_NOMEM).
+** Otherwise, set *pRes to a negative, zero or positive value if the
+** key in pVal is smaller than, equal to or larger than the current sorter
+** key.
+**
+** This routine forms the core of the OP_SorterCompare opcode, which in
+** turn is used to verify uniqueness when constructing a UNIQUE INDEX.
+*/
+SQLITE_PRIVATE int sqlite3VdbeSorterCompare(
+ const VdbeCursor *pCsr, /* Sorter cursor */
+ Mem *pVal, /* Value to compare to current sorter key */
+ int nKeyCol, /* Compare this many columns */
+ int *pRes /* OUT: Result of comparison */
+){
+ VdbeSorter *pSorter;
+ UnpackedRecord *r2;
+ KeyInfo *pKeyInfo;
+ int i;
+ void *pKey; int nKey; /* Sorter key to compare pVal with */
+
+ assert( pCsr->eCurType==CURTYPE_SORTER );
+ pSorter = pCsr->uc.pSorter;
+ r2 = pSorter->pUnpacked;
+ pKeyInfo = pCsr->pKeyInfo;
+ if( r2==0 ){
+ char *p;
+ r2 = pSorter->pUnpacked = sqlite3VdbeAllocUnpackedRecord(pKeyInfo,0,0,&p);
+ assert( pSorter->pUnpacked==(UnpackedRecord*)p );
+ if( r2==0 ) return SQLITE_NOMEM;
+ r2->nField = nKeyCol;
+ }
+ assert( r2->nField==nKeyCol );
+
+ pKey = vdbeSorterRowkey(pSorter, &nKey);
+ sqlite3VdbeRecordUnpack(pKeyInfo, nKey, pKey, r2);
+ for(i=0; i<nKeyCol; i++){
+ if( r2->aMem[i].flags & MEM_Null ){
+ *pRes = -1;
+ return SQLITE_OK;
+ }
+ }
+
+ *pRes = sqlite3VdbeRecordCompare(pVal->n, pVal->z, r2);
+ return SQLITE_OK;
+}
+
+/************** End of vdbesort.c ********************************************/
+/************** Begin file journal.c *****************************************/
+/*
+** 2007 August 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file implements a special kind of sqlite3_file object used
+** by SQLite to create journal files if the atomic-write optimization
+** is enabled.
+**
+** The distinctive characteristic of this sqlite3_file is that the
+** actual on disk file is created lazily. When the file is created,
+** the caller specifies a buffer size for an in-memory buffer to
+** be used to service read() and write() requests. The actual file
+** on disk is not created or populated until either:
+**
+** 1) The in-memory representation grows too large for the allocated
+** buffer, or
+** 2) The sqlite3JournalCreate() function is called.
+*/
+#ifdef SQLITE_ENABLE_ATOMIC_WRITE
+/* #include "sqliteInt.h" */
+
+
+/*
+** A JournalFile object is a subclass of sqlite3_file used by
+** as an open file handle for journal files.
+*/
+struct JournalFile {
+ sqlite3_io_methods *pMethod; /* I/O methods on journal files */
+ int nBuf; /* Size of zBuf[] in bytes */
+ char *zBuf; /* Space to buffer journal writes */
+ int iSize; /* Amount of zBuf[] currently used */
+ int flags; /* xOpen flags */
+ sqlite3_vfs *pVfs; /* The "real" underlying VFS */
+ sqlite3_file *pReal; /* The "real" underlying file descriptor */
+ const char *zJournal; /* Name of the journal file */
+};
+typedef struct JournalFile JournalFile;
+
+/*
+** If it does not already exists, create and populate the on-disk file
+** for JournalFile p.
+*/
+static int createFile(JournalFile *p){
+ int rc = SQLITE_OK;
+ if( !p->pReal ){
+ sqlite3_file *pReal = (sqlite3_file *)&p[1];
+ rc = sqlite3OsOpen(p->pVfs, p->zJournal, pReal, p->flags, 0);
+ if( rc==SQLITE_OK ){
+ p->pReal = pReal;
+ if( p->iSize>0 ){
+ assert(p->iSize<=p->nBuf);
+ rc = sqlite3OsWrite(p->pReal, p->zBuf, p->iSize, 0);
+ }
+ if( rc!=SQLITE_OK ){
+ /* If an error occurred while writing to the file, close it before
+ ** returning. This way, SQLite uses the in-memory journal data to
+ ** roll back changes made to the internal page-cache before this
+ ** function was called. */
+ sqlite3OsClose(pReal);
+ p->pReal = 0;
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Close the file.
+*/
+static int jrnlClose(sqlite3_file *pJfd){
+ JournalFile *p = (JournalFile *)pJfd;
+ if( p->pReal ){
+ sqlite3OsClose(p->pReal);
+ }
+ sqlite3_free(p->zBuf);
+ return SQLITE_OK;
+}
+
+/*
+** Read data from the file.
+*/
+static int jrnlRead(
+ sqlite3_file *pJfd, /* The journal file from which to read */
+ void *zBuf, /* Put the results here */
+ int iAmt, /* Number of bytes to read */
+ sqlite_int64 iOfst /* Begin reading at this offset */
+){
+ int rc = SQLITE_OK;
+ JournalFile *p = (JournalFile *)pJfd;
+ if( p->pReal ){
+ rc = sqlite3OsRead(p->pReal, zBuf, iAmt, iOfst);
+ }else if( (iAmt+iOfst)>p->iSize ){
+ rc = SQLITE_IOERR_SHORT_READ;
+ }else{
+ memcpy(zBuf, &p->zBuf[iOfst], iAmt);
+ }
+ return rc;
+}
+
+/*
+** Write data to the file.
+*/
+static int jrnlWrite(
+ sqlite3_file *pJfd, /* The journal file into which to write */
+ const void *zBuf, /* Take data to be written from here */
+ int iAmt, /* Number of bytes to write */
+ sqlite_int64 iOfst /* Begin writing at this offset into the file */
+){
+ int rc = SQLITE_OK;
+ JournalFile *p = (JournalFile *)pJfd;
+ if( !p->pReal && (iOfst+iAmt)>p->nBuf ){
+ rc = createFile(p);
+ }
+ if( rc==SQLITE_OK ){
+ if( p->pReal ){
+ rc = sqlite3OsWrite(p->pReal, zBuf, iAmt, iOfst);
+ }else{
+ memcpy(&p->zBuf[iOfst], zBuf, iAmt);
+ if( p->iSize<(iOfst+iAmt) ){
+ p->iSize = (iOfst+iAmt);
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Truncate the file.
+*/
+static int jrnlTruncate(sqlite3_file *pJfd, sqlite_int64 size){
+ int rc = SQLITE_OK;
+ JournalFile *p = (JournalFile *)pJfd;
+ if( p->pReal ){
+ rc = sqlite3OsTruncate(p->pReal, size);
+ }else if( size<p->iSize ){
+ p->iSize = size;
+ }
+ return rc;
+}
+
+/*
+** Sync the file.
+*/
+static int jrnlSync(sqlite3_file *pJfd, int flags){
+ int rc;
+ JournalFile *p = (JournalFile *)pJfd;
+ if( p->pReal ){
+ rc = sqlite3OsSync(p->pReal, flags);
+ }else{
+ rc = SQLITE_OK;
+ }
+ return rc;
+}
+
+/*
+** Query the size of the file in bytes.
+*/
+static int jrnlFileSize(sqlite3_file *pJfd, sqlite_int64 *pSize){
+ int rc = SQLITE_OK;
+ JournalFile *p = (JournalFile *)pJfd;
+ if( p->pReal ){
+ rc = sqlite3OsFileSize(p->pReal, pSize);
+ }else{
+ *pSize = (sqlite_int64) p->iSize;
+ }
+ return rc;
+}
+
+/*
+** Table of methods for JournalFile sqlite3_file object.
+*/
+static struct sqlite3_io_methods JournalFileMethods = {
+ 1, /* iVersion */
+ jrnlClose, /* xClose */
+ jrnlRead, /* xRead */
+ jrnlWrite, /* xWrite */
+ jrnlTruncate, /* xTruncate */
+ jrnlSync, /* xSync */
+ jrnlFileSize, /* xFileSize */
+ 0, /* xLock */
+ 0, /* xUnlock */
+ 0, /* xCheckReservedLock */
+ 0, /* xFileControl */
+ 0, /* xSectorSize */
+ 0, /* xDeviceCharacteristics */
+ 0, /* xShmMap */
+ 0, /* xShmLock */
+ 0, /* xShmBarrier */
+ 0 /* xShmUnmap */
+};
+
+/*
+** Open a journal file.
+*/
+SQLITE_PRIVATE int sqlite3JournalOpen(
+ sqlite3_vfs *pVfs, /* The VFS to use for actual file I/O */
+ const char *zName, /* Name of the journal file */
+ sqlite3_file *pJfd, /* Preallocated, blank file handle */
+ int flags, /* Opening flags */
+ int nBuf /* Bytes buffered before opening the file */
+){
+ JournalFile *p = (JournalFile *)pJfd;
+ memset(p, 0, sqlite3JournalSize(pVfs));
+ if( nBuf>0 ){
+ p->zBuf = sqlite3MallocZero(nBuf);
+ if( !p->zBuf ){
+ return SQLITE_NOMEM;
+ }
+ }else{
+ return sqlite3OsOpen(pVfs, zName, pJfd, flags, 0);
+ }
+ p->pMethod = &JournalFileMethods;
+ p->nBuf = nBuf;
+ p->flags = flags;
+ p->zJournal = zName;
+ p->pVfs = pVfs;
+ return SQLITE_OK;
+}
+
+/*
+** If the argument p points to a JournalFile structure, and the underlying
+** file has not yet been created, create it now.
+*/
+SQLITE_PRIVATE int sqlite3JournalCreate(sqlite3_file *p){
+ if( p->pMethods!=&JournalFileMethods ){
+ return SQLITE_OK;
+ }
+ return createFile((JournalFile *)p);
+}
+
+/*
+** The file-handle passed as the only argument is guaranteed to be an open
+** file. It may or may not be of class JournalFile. If the file is a
+** JournalFile, and the underlying file on disk has not yet been opened,
+** return 0. Otherwise, return 1.
+*/
+SQLITE_PRIVATE int sqlite3JournalExists(sqlite3_file *p){
+ return (p->pMethods!=&JournalFileMethods || ((JournalFile *)p)->pReal!=0);
+}
+
+/*
+** Return the number of bytes required to store a JournalFile that uses vfs
+** pVfs to create the underlying on-disk files.
+*/
+SQLITE_PRIVATE int sqlite3JournalSize(sqlite3_vfs *pVfs){
+ return (pVfs->szOsFile+sizeof(JournalFile));
+}
+#endif
+
+/************** End of journal.c *********************************************/
+/************** Begin file memjournal.c **************************************/
+/*
+** 2008 October 7
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains code use to implement an in-memory rollback journal.
+** The in-memory rollback journal is used to journal transactions for
+** ":memory:" databases and when the journal_mode=MEMORY pragma is used.
+*/
+/* #include "sqliteInt.h" */
+
+/* Forward references to internal structures */
+typedef struct MemJournal MemJournal;
+typedef struct FilePoint FilePoint;
+typedef struct FileChunk FileChunk;
+
+/* Space to hold the rollback journal is allocated in increments of
+** this many bytes.
+**
+** The size chosen is a little less than a power of two. That way,
+** the FileChunk object will have a size that almost exactly fills
+** a power-of-two allocation. This minimizes wasted space in power-of-two
+** memory allocators.
+*/
+#define JOURNAL_CHUNKSIZE ((int)(1024-sizeof(FileChunk*)))
+
+/*
+** The rollback journal is composed of a linked list of these structures.
+*/
+struct FileChunk {
+ FileChunk *pNext; /* Next chunk in the journal */
+ u8 zChunk[JOURNAL_CHUNKSIZE]; /* Content of this chunk */
+};
+
+/*
+** An instance of this object serves as a cursor into the rollback journal.
+** The cursor can be either for reading or writing.
+*/
+struct FilePoint {
+ sqlite3_int64 iOffset; /* Offset from the beginning of the file */
+ FileChunk *pChunk; /* Specific chunk into which cursor points */
+};
+
+/*
+** This subclass is a subclass of sqlite3_file. Each open memory-journal
+** is an instance of this class.
+*/
+struct MemJournal {
+ sqlite3_io_methods *pMethod; /* Parent class. MUST BE FIRST */
+ FileChunk *pFirst; /* Head of in-memory chunk-list */
+ FilePoint endpoint; /* Pointer to the end of the file */
+ FilePoint readpoint; /* Pointer to the end of the last xRead() */
+};
+
+/*
+** Read data from the in-memory journal file. This is the implementation
+** of the sqlite3_vfs.xRead method.
+*/
+static int memjrnlRead(
+ sqlite3_file *pJfd, /* The journal file from which to read */
+ void *zBuf, /* Put the results here */
+ int iAmt, /* Number of bytes to read */
+ sqlite_int64 iOfst /* Begin reading at this offset */
+){
+ MemJournal *p = (MemJournal *)pJfd;
+ u8 *zOut = zBuf;
+ int nRead = iAmt;
+ int iChunkOffset;
+ FileChunk *pChunk;
+
+ /* SQLite never tries to read past the end of a rollback journal file */
+ assert( iOfst+iAmt<=p->endpoint.iOffset );
+
+ if( p->readpoint.iOffset!=iOfst || iOfst==0 ){
+ sqlite3_int64 iOff = 0;
+ for(pChunk=p->pFirst;
+ ALWAYS(pChunk) && (iOff+JOURNAL_CHUNKSIZE)<=iOfst;
+ pChunk=pChunk->pNext
+ ){
+ iOff += JOURNAL_CHUNKSIZE;
+ }
+ }else{
+ pChunk = p->readpoint.pChunk;
+ }
+
+ iChunkOffset = (int)(iOfst%JOURNAL_CHUNKSIZE);
+ do {
+ int iSpace = JOURNAL_CHUNKSIZE - iChunkOffset;
+ int nCopy = MIN(nRead, (JOURNAL_CHUNKSIZE - iChunkOffset));
+ memcpy(zOut, &pChunk->zChunk[iChunkOffset], nCopy);
+ zOut += nCopy;
+ nRead -= iSpace;
+ iChunkOffset = 0;
+ } while( nRead>=0 && (pChunk=pChunk->pNext)!=0 && nRead>0 );
+ p->readpoint.iOffset = iOfst+iAmt;
+ p->readpoint.pChunk = pChunk;
+
+ return SQLITE_OK;
+}
+
+/*
+** Write data to the file.
+*/
+static int memjrnlWrite(
+ sqlite3_file *pJfd, /* The journal file into which to write */
+ const void *zBuf, /* Take data to be written from here */
+ int iAmt, /* Number of bytes to write */
+ sqlite_int64 iOfst /* Begin writing at this offset into the file */
+){
+ MemJournal *p = (MemJournal *)pJfd;
+ int nWrite = iAmt;
+ u8 *zWrite = (u8 *)zBuf;
+
+ /* An in-memory journal file should only ever be appended to. Random
+ ** access writes are not required by sqlite.
+ */
+ assert( iOfst==p->endpoint.iOffset );
+ UNUSED_PARAMETER(iOfst);
+
+ while( nWrite>0 ){
+ FileChunk *pChunk = p->endpoint.pChunk;
+ int iChunkOffset = (int)(p->endpoint.iOffset%JOURNAL_CHUNKSIZE);
+ int iSpace = MIN(nWrite, JOURNAL_CHUNKSIZE - iChunkOffset);
+
+ if( iChunkOffset==0 ){
+ /* New chunk is required to extend the file. */
+ FileChunk *pNew = sqlite3_malloc(sizeof(FileChunk));
+ if( !pNew ){
+ return SQLITE_IOERR_NOMEM;
+ }
+ pNew->pNext = 0;
+ if( pChunk ){
+ assert( p->pFirst );
+ pChunk->pNext = pNew;
+ }else{
+ assert( !p->pFirst );
+ p->pFirst = pNew;
+ }
+ p->endpoint.pChunk = pNew;
+ }
+
+ memcpy(&p->endpoint.pChunk->zChunk[iChunkOffset], zWrite, iSpace);
+ zWrite += iSpace;
+ nWrite -= iSpace;
+ p->endpoint.iOffset += iSpace;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Truncate the file.
+*/
+static int memjrnlTruncate(sqlite3_file *pJfd, sqlite_int64 size){
+ MemJournal *p = (MemJournal *)pJfd;
+ FileChunk *pChunk;
+ assert(size==0);
+ UNUSED_PARAMETER(size);
+ pChunk = p->pFirst;
+ while( pChunk ){
+ FileChunk *pTmp = pChunk;
+ pChunk = pChunk->pNext;
+ sqlite3_free(pTmp);
+ }
+ sqlite3MemJournalOpen(pJfd);
+ return SQLITE_OK;
+}
+
+/*
+** Close the file.
+*/
+static int memjrnlClose(sqlite3_file *pJfd){
+ memjrnlTruncate(pJfd, 0);
+ return SQLITE_OK;
+}
+
+
+/*
+** Sync the file.
+**
+** Syncing an in-memory journal is a no-op. And, in fact, this routine
+** is never called in a working implementation. This implementation
+** exists purely as a contingency, in case some malfunction in some other
+** part of SQLite causes Sync to be called by mistake.
+*/
+static int memjrnlSync(sqlite3_file *NotUsed, int NotUsed2){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ return SQLITE_OK;
+}
+
+/*
+** Query the size of the file in bytes.
+*/
+static int memjrnlFileSize(sqlite3_file *pJfd, sqlite_int64 *pSize){
+ MemJournal *p = (MemJournal *)pJfd;
+ *pSize = (sqlite_int64) p->endpoint.iOffset;
+ return SQLITE_OK;
+}
+
+/*
+** Table of methods for MemJournal sqlite3_file object.
+*/
+static const struct sqlite3_io_methods MemJournalMethods = {
+ 1, /* iVersion */
+ memjrnlClose, /* xClose */
+ memjrnlRead, /* xRead */
+ memjrnlWrite, /* xWrite */
+ memjrnlTruncate, /* xTruncate */
+ memjrnlSync, /* xSync */
+ memjrnlFileSize, /* xFileSize */
+ 0, /* xLock */
+ 0, /* xUnlock */
+ 0, /* xCheckReservedLock */
+ 0, /* xFileControl */
+ 0, /* xSectorSize */
+ 0, /* xDeviceCharacteristics */
+ 0, /* xShmMap */
+ 0, /* xShmLock */
+ 0, /* xShmBarrier */
+ 0, /* xShmUnmap */
+ 0, /* xFetch */
+ 0 /* xUnfetch */
+};
+
+/*
+** Open a journal file.
+*/
+SQLITE_PRIVATE void sqlite3MemJournalOpen(sqlite3_file *pJfd){
+ MemJournal *p = (MemJournal *)pJfd;
+ assert( EIGHT_BYTE_ALIGNMENT(p) );
+ memset(p, 0, sqlite3MemJournalSize());
+ p->pMethod = (sqlite3_io_methods*)&MemJournalMethods;
+}
+
+/*
+** Return true if the file-handle passed as an argument is
+** an in-memory journal
+*/
+SQLITE_PRIVATE int sqlite3IsMemJournal(sqlite3_file *pJfd){
+ return pJfd->pMethods==&MemJournalMethods;
+}
+
+/*
+** Return the number of bytes required to store a MemJournal file descriptor.
+*/
+SQLITE_PRIVATE int sqlite3MemJournalSize(void){
+ return sizeof(MemJournal);
+}
+
+/************** End of memjournal.c ******************************************/
+/************** Begin file walker.c ******************************************/
+/*
+** 2008 August 16
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains routines used for walking the parser tree for
+** an SQL statement.
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdlib.h> */
+/* #include <string.h> */
+
+
+/*
+** Walk an expression tree. Invoke the callback once for each node
+** of the expression, while descending. (In other words, the callback
+** is invoked before visiting children.)
+**
+** The return value from the callback should be one of the WRC_*
+** constants to specify how to proceed with the walk.
+**
+** WRC_Continue Continue descending down the tree.
+**
+** WRC_Prune Do not descend into child nodes. But allow
+** the walk to continue with sibling nodes.
+**
+** WRC_Abort Do no more callbacks. Unwind the stack and
+** return the top-level walk call.
+**
+** The return value from this routine is WRC_Abort to abandon the tree walk
+** and WRC_Continue to continue.
+*/
+SQLITE_PRIVATE int sqlite3WalkExpr(Walker *pWalker, Expr *pExpr){
+ int rc;
+ if( pExpr==0 ) return WRC_Continue;
+ testcase( ExprHasProperty(pExpr, EP_TokenOnly) );
+ testcase( ExprHasProperty(pExpr, EP_Reduced) );
+ rc = pWalker->xExprCallback(pWalker, pExpr);
+ if( rc==WRC_Continue
+ && !ExprHasProperty(pExpr,EP_TokenOnly) ){
+ if( sqlite3WalkExpr(pWalker, pExpr->pLeft) ) return WRC_Abort;
+ if( sqlite3WalkExpr(pWalker, pExpr->pRight) ) return WRC_Abort;
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ if( sqlite3WalkSelect(pWalker, pExpr->x.pSelect) ) return WRC_Abort;
+ }else{
+ if( sqlite3WalkExprList(pWalker, pExpr->x.pList) ) return WRC_Abort;
+ }
+ }
+ return rc & WRC_Abort;
+}
+
+/*
+** Call sqlite3WalkExpr() for every expression in list p or until
+** an abort request is seen.
+*/
+SQLITE_PRIVATE int sqlite3WalkExprList(Walker *pWalker, ExprList *p){
+ int i;
+ struct ExprList_item *pItem;
+ if( p ){
+ for(i=p->nExpr, pItem=p->a; i>0; i--, pItem++){
+ if( sqlite3WalkExpr(pWalker, pItem->pExpr) ) return WRC_Abort;
+ }
+ }
+ return WRC_Continue;
+}
+
+/*
+** Walk all expressions associated with SELECT statement p. Do
+** not invoke the SELECT callback on p, but do (of course) invoke
+** any expr callbacks and SELECT callbacks that come from subqueries.
+** Return WRC_Abort or WRC_Continue.
+*/
+SQLITE_PRIVATE int sqlite3WalkSelectExpr(Walker *pWalker, Select *p){
+ if( sqlite3WalkExprList(pWalker, p->pEList) ) return WRC_Abort;
+ if( sqlite3WalkExpr(pWalker, p->pWhere) ) return WRC_Abort;
+ if( sqlite3WalkExprList(pWalker, p->pGroupBy) ) return WRC_Abort;
+ if( sqlite3WalkExpr(pWalker, p->pHaving) ) return WRC_Abort;
+ if( sqlite3WalkExprList(pWalker, p->pOrderBy) ) return WRC_Abort;
+ if( sqlite3WalkExpr(pWalker, p->pLimit) ) return WRC_Abort;
+ if( sqlite3WalkExpr(pWalker, p->pOffset) ) return WRC_Abort;
+ return WRC_Continue;
+}
+
+/*
+** Walk the parse trees associated with all subqueries in the
+** FROM clause of SELECT statement p. Do not invoke the select
+** callback on p, but do invoke it on each FROM clause subquery
+** and on any subqueries further down in the tree. Return
+** WRC_Abort or WRC_Continue;
+*/
+SQLITE_PRIVATE int sqlite3WalkSelectFrom(Walker *pWalker, Select *p){
+ SrcList *pSrc;
+ int i;
+ struct SrcList_item *pItem;
+
+ pSrc = p->pSrc;
+ if( ALWAYS(pSrc) ){
+ for(i=pSrc->nSrc, pItem=pSrc->a; i>0; i--, pItem++){
+ if( sqlite3WalkSelect(pWalker, pItem->pSelect) ){
+ return WRC_Abort;
+ }
+ if( pItem->fg.isTabFunc
+ && sqlite3WalkExprList(pWalker, pItem->u1.pFuncArg)
+ ){
+ return WRC_Abort;
+ }
+ }
+ }
+ return WRC_Continue;
+}
+
+/*
+** Call sqlite3WalkExpr() for every expression in Select statement p.
+** Invoke sqlite3WalkSelect() for subqueries in the FROM clause and
+** on the compound select chain, p->pPrior.
+**
+** If it is not NULL, the xSelectCallback() callback is invoked before
+** the walk of the expressions and FROM clause. The xSelectCallback2()
+** method, if it is not NULL, is invoked following the walk of the
+** expressions and FROM clause.
+**
+** Return WRC_Continue under normal conditions. Return WRC_Abort if
+** there is an abort request.
+**
+** If the Walker does not have an xSelectCallback() then this routine
+** is a no-op returning WRC_Continue.
+*/
+SQLITE_PRIVATE int sqlite3WalkSelect(Walker *pWalker, Select *p){
+ int rc;
+ if( p==0 || (pWalker->xSelectCallback==0 && pWalker->xSelectCallback2==0) ){
+ return WRC_Continue;
+ }
+ rc = WRC_Continue;
+ pWalker->walkerDepth++;
+ while( p ){
+ if( pWalker->xSelectCallback ){
+ rc = pWalker->xSelectCallback(pWalker, p);
+ if( rc ) break;
+ }
+ if( sqlite3WalkSelectExpr(pWalker, p)
+ || sqlite3WalkSelectFrom(pWalker, p)
+ ){
+ pWalker->walkerDepth--;
+ return WRC_Abort;
+ }
+ if( pWalker->xSelectCallback2 ){
+ pWalker->xSelectCallback2(pWalker, p);
+ }
+ p = p->pPrior;
+ }
+ pWalker->walkerDepth--;
+ return rc & WRC_Abort;
+}
+
+/************** End of walker.c **********************************************/
+/************** Begin file resolve.c *****************************************/
+/*
+** 2008 August 18
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains routines used for walking the parser tree and
+** resolve all identifiers by associating them with a particular
+** table and column.
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdlib.h> */
+/* #include <string.h> */
+
+/*
+** Walk the expression tree pExpr and increase the aggregate function
+** depth (the Expr.op2 field) by N on every TK_AGG_FUNCTION node.
+** This needs to occur when copying a TK_AGG_FUNCTION node from an
+** outer query into an inner subquery.
+**
+** incrAggFunctionDepth(pExpr,n) is the main routine. incrAggDepth(..)
+** is a helper function - a callback for the tree walker.
+*/
+static int incrAggDepth(Walker *pWalker, Expr *pExpr){
+ if( pExpr->op==TK_AGG_FUNCTION ) pExpr->op2 += pWalker->u.n;
+ return WRC_Continue;
+}
+static void incrAggFunctionDepth(Expr *pExpr, int N){
+ if( N>0 ){
+ Walker w;
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = incrAggDepth;
+ w.u.n = N;
+ sqlite3WalkExpr(&w, pExpr);
+ }
+}
+
+/*
+** Turn the pExpr expression into an alias for the iCol-th column of the
+** result set in pEList.
+**
+** If the reference is followed by a COLLATE operator, then make sure
+** the COLLATE operator is preserved. For example:
+**
+** SELECT a+b, c+d FROM t1 ORDER BY 1 COLLATE nocase;
+**
+** Should be transformed into:
+**
+** SELECT a+b, c+d FROM t1 ORDER BY (a+b) COLLATE nocase;
+**
+** The nSubquery parameter specifies how many levels of subquery the
+** alias is removed from the original expression. The usual value is
+** zero but it might be more if the alias is contained within a subquery
+** of the original expression. The Expr.op2 field of TK_AGG_FUNCTION
+** structures must be increased by the nSubquery amount.
+*/
+static void resolveAlias(
+ Parse *pParse, /* Parsing context */
+ ExprList *pEList, /* A result set */
+ int iCol, /* A column in the result set. 0..pEList->nExpr-1 */
+ Expr *pExpr, /* Transform this into an alias to the result set */
+ const char *zType, /* "GROUP" or "ORDER" or "" */
+ int nSubquery /* Number of subqueries that the label is moving */
+){
+ Expr *pOrig; /* The iCol-th column of the result set */
+ Expr *pDup; /* Copy of pOrig */
+ sqlite3 *db; /* The database connection */
+
+ assert( iCol>=0 && iCol<pEList->nExpr );
+ pOrig = pEList->a[iCol].pExpr;
+ assert( pOrig!=0 );
+ db = pParse->db;
+ pDup = sqlite3ExprDup(db, pOrig, 0);
+ if( pDup==0 ) return;
+ if( zType[0]!='G' ) incrAggFunctionDepth(pDup, nSubquery);
+ if( pExpr->op==TK_COLLATE ){
+ pDup = sqlite3ExprAddCollateString(pParse, pDup, pExpr->u.zToken);
+ }
+ ExprSetProperty(pDup, EP_Alias);
+
+ /* Before calling sqlite3ExprDelete(), set the EP_Static flag. This
+ ** prevents ExprDelete() from deleting the Expr structure itself,
+ ** allowing it to be repopulated by the memcpy() on the following line.
+ ** The pExpr->u.zToken might point into memory that will be freed by the
+ ** sqlite3DbFree(db, pDup) on the last line of this block, so be sure to
+ ** make a copy of the token before doing the sqlite3DbFree().
+ */
+ ExprSetProperty(pExpr, EP_Static);
+ sqlite3ExprDelete(db, pExpr);
+ memcpy(pExpr, pDup, sizeof(*pExpr));
+ if( !ExprHasProperty(pExpr, EP_IntValue) && pExpr->u.zToken!=0 ){
+ assert( (pExpr->flags & (EP_Reduced|EP_TokenOnly))==0 );
+ pExpr->u.zToken = sqlite3DbStrDup(db, pExpr->u.zToken);
+ pExpr->flags |= EP_MemToken;
+ }
+ sqlite3DbFree(db, pDup);
+}
+
+
+/*
+** Return TRUE if the name zCol occurs anywhere in the USING clause.
+**
+** Return FALSE if the USING clause is NULL or if it does not contain
+** zCol.
+*/
+static int nameInUsingClause(IdList *pUsing, const char *zCol){
+ if( pUsing ){
+ int k;
+ for(k=0; k<pUsing->nId; k++){
+ if( sqlite3StrICmp(pUsing->a[k].zName, zCol)==0 ) return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** Subqueries stores the original database, table and column names for their
+** result sets in ExprList.a[].zSpan, in the form "DATABASE.TABLE.COLUMN".
+** Check to see if the zSpan given to this routine matches the zDb, zTab,
+** and zCol. If any of zDb, zTab, and zCol are NULL then those fields will
+** match anything.
+*/
+SQLITE_PRIVATE int sqlite3MatchSpanName(
+ const char *zSpan,
+ const char *zCol,
+ const char *zTab,
+ const char *zDb
+){
+ int n;
+ for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){}
+ if( zDb && (sqlite3StrNICmp(zSpan, zDb, n)!=0 || zDb[n]!=0) ){
+ return 0;
+ }
+ zSpan += n+1;
+ for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){}
+ if( zTab && (sqlite3StrNICmp(zSpan, zTab, n)!=0 || zTab[n]!=0) ){
+ return 0;
+ }
+ zSpan += n+1;
+ if( zCol && sqlite3StrICmp(zSpan, zCol)!=0 ){
+ return 0;
+ }
+ return 1;
+}
+
+/*
+** Given the name of a column of the form X.Y.Z or Y.Z or just Z, look up
+** that name in the set of source tables in pSrcList and make the pExpr
+** expression node refer back to that source column. The following changes
+** are made to pExpr:
+**
+** pExpr->iDb Set the index in db->aDb[] of the database X
+** (even if X is implied).
+** pExpr->iTable Set to the cursor number for the table obtained
+** from pSrcList.
+** pExpr->pTab Points to the Table structure of X.Y (even if
+** X and/or Y are implied.)
+** pExpr->iColumn Set to the column number within the table.
+** pExpr->op Set to TK_COLUMN.
+** pExpr->pLeft Any expression this points to is deleted
+** pExpr->pRight Any expression this points to is deleted.
+**
+** The zDb variable is the name of the database (the "X"). This value may be
+** NULL meaning that name is of the form Y.Z or Z. Any available database
+** can be used. The zTable variable is the name of the table (the "Y"). This
+** value can be NULL if zDb is also NULL. If zTable is NULL it
+** means that the form of the name is Z and that columns from any table
+** can be used.
+**
+** If the name cannot be resolved unambiguously, leave an error message
+** in pParse and return WRC_Abort. Return WRC_Prune on success.
+*/
+static int lookupName(
+ Parse *pParse, /* The parsing context */
+ const char *zDb, /* Name of the database containing table, or NULL */
+ const char *zTab, /* Name of table containing column, or NULL */
+ const char *zCol, /* Name of the column. */
+ NameContext *pNC, /* The name context used to resolve the name */
+ Expr *pExpr /* Make this EXPR node point to the selected column */
+){
+ int i, j; /* Loop counters */
+ int cnt = 0; /* Number of matching column names */
+ int cntTab = 0; /* Number of matching table names */
+ int nSubquery = 0; /* How many levels of subquery */
+ sqlite3 *db = pParse->db; /* The database connection */
+ struct SrcList_item *pItem; /* Use for looping over pSrcList items */
+ struct SrcList_item *pMatch = 0; /* The matching pSrcList item */
+ NameContext *pTopNC = pNC; /* First namecontext in the list */
+ Schema *pSchema = 0; /* Schema of the expression */
+ int isTrigger = 0; /* True if resolved to a trigger column */
+ Table *pTab = 0; /* Table hold the row */
+ Column *pCol; /* A column of pTab */
+
+ assert( pNC ); /* the name context cannot be NULL. */
+ assert( zCol ); /* The Z in X.Y.Z cannot be NULL */
+ assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) );
+
+ /* Initialize the node to no-match */
+ pExpr->iTable = -1;
+ pExpr->pTab = 0;
+ ExprSetVVAProperty(pExpr, EP_NoReduce);
+
+ /* Translate the schema name in zDb into a pointer to the corresponding
+ ** schema. If not found, pSchema will remain NULL and nothing will match
+ ** resulting in an appropriate error message toward the end of this routine
+ */
+ if( zDb ){
+ testcase( pNC->ncFlags & NC_PartIdx );
+ testcase( pNC->ncFlags & NC_IsCheck );
+ if( (pNC->ncFlags & (NC_PartIdx|NC_IsCheck))!=0 ){
+ /* Silently ignore database qualifiers inside CHECK constraints and
+ ** partial indices. Do not raise errors because that might break
+ ** legacy and because it does not hurt anything to just ignore the
+ ** database name. */
+ zDb = 0;
+ }else{
+ for(i=0; i<db->nDb; i++){
+ assert( db->aDb[i].zName );
+ if( sqlite3StrICmp(db->aDb[i].zName,zDb)==0 ){
+ pSchema = db->aDb[i].pSchema;
+ break;
+ }
+ }
+ }
+ }
+
+ /* Start at the inner-most context and move outward until a match is found */
+ while( pNC && cnt==0 ){
+ ExprList *pEList;
+ SrcList *pSrcList = pNC->pSrcList;
+
+ if( pSrcList ){
+ for(i=0, pItem=pSrcList->a; i<pSrcList->nSrc; i++, pItem++){
+ pTab = pItem->pTab;
+ assert( pTab!=0 && pTab->zName!=0 );
+ assert( pTab->nCol>0 );
+ if( pItem->pSelect && (pItem->pSelect->selFlags & SF_NestedFrom)!=0 ){
+ int hit = 0;
+ pEList = pItem->pSelect->pEList;
+ for(j=0; j<pEList->nExpr; j++){
+ if( sqlite3MatchSpanName(pEList->a[j].zSpan, zCol, zTab, zDb) ){
+ cnt++;
+ cntTab = 2;
+ pMatch = pItem;
+ pExpr->iColumn = j;
+ hit = 1;
+ }
+ }
+ if( hit || zTab==0 ) continue;
+ }
+ if( zDb && pTab->pSchema!=pSchema ){
+ continue;
+ }
+ if( zTab ){
+ const char *zTabName = pItem->zAlias ? pItem->zAlias : pTab->zName;
+ assert( zTabName!=0 );
+ if( sqlite3StrICmp(zTabName, zTab)!=0 ){
+ continue;
+ }
+ }
+ if( 0==(cntTab++) ){
+ pMatch = pItem;
+ }
+ for(j=0, pCol=pTab->aCol; j<pTab->nCol; j++, pCol++){
+ if( sqlite3StrICmp(pCol->zName, zCol)==0 ){
+ /* If there has been exactly one prior match and this match
+ ** is for the right-hand table of a NATURAL JOIN or is in a
+ ** USING clause, then skip this match.
+ */
+ if( cnt==1 ){
+ if( pItem->fg.jointype & JT_NATURAL ) continue;
+ if( nameInUsingClause(pItem->pUsing, zCol) ) continue;
+ }
+ cnt++;
+ pMatch = pItem;
+ /* Substitute the rowid (column -1) for the INTEGER PRIMARY KEY */
+ pExpr->iColumn = j==pTab->iPKey ? -1 : (i16)j;
+ break;
+ }
+ }
+ }
+ if( pMatch ){
+ pExpr->iTable = pMatch->iCursor;
+ pExpr->pTab = pMatch->pTab;
+ /* RIGHT JOIN not (yet) supported */
+ assert( (pMatch->fg.jointype & JT_RIGHT)==0 );
+ if( (pMatch->fg.jointype & JT_LEFT)!=0 ){
+ ExprSetProperty(pExpr, EP_CanBeNull);
+ }
+ pSchema = pExpr->pTab->pSchema;
+ }
+ } /* if( pSrcList ) */
+
+#ifndef SQLITE_OMIT_TRIGGER
+ /* If we have not already resolved the name, then maybe
+ ** it is a new.* or old.* trigger argument reference
+ */
+ if( zDb==0 && zTab!=0 && cntTab==0 && pParse->pTriggerTab!=0 ){
+ int op = pParse->eTriggerOp;
+ assert( op==TK_DELETE || op==TK_UPDATE || op==TK_INSERT );
+ if( op!=TK_DELETE && sqlite3StrICmp("new",zTab) == 0 ){
+ pExpr->iTable = 1;
+ pTab = pParse->pTriggerTab;
+ }else if( op!=TK_INSERT && sqlite3StrICmp("old",zTab)==0 ){
+ pExpr->iTable = 0;
+ pTab = pParse->pTriggerTab;
+ }else{
+ pTab = 0;
+ }
+
+ if( pTab ){
+ int iCol;
+ pSchema = pTab->pSchema;
+ cntTab++;
+ for(iCol=0, pCol=pTab->aCol; iCol<pTab->nCol; iCol++, pCol++){
+ if( sqlite3StrICmp(pCol->zName, zCol)==0 ){
+ if( iCol==pTab->iPKey ){
+ iCol = -1;
+ }
+ break;
+ }
+ }
+ if( iCol>=pTab->nCol && sqlite3IsRowid(zCol) && VisibleRowid(pTab) ){
+ /* IMP: R-51414-32910 */
+ iCol = -1;
+ }
+ if( iCol<pTab->nCol ){
+ cnt++;
+ if( iCol<0 ){
+ pExpr->affinity = SQLITE_AFF_INTEGER;
+ }else if( pExpr->iTable==0 ){
+ testcase( iCol==31 );
+ testcase( iCol==32 );
+ pParse->oldmask |= (iCol>=32 ? 0xffffffff : (((u32)1)<<iCol));
+ }else{
+ testcase( iCol==31 );
+ testcase( iCol==32 );
+ pParse->newmask |= (iCol>=32 ? 0xffffffff : (((u32)1)<<iCol));
+ }
+ pExpr->iColumn = (i16)iCol;
+ pExpr->pTab = pTab;
+ isTrigger = 1;
+ }
+ }
+ }
+#endif /* !defined(SQLITE_OMIT_TRIGGER) */
+
+ /*
+ ** Perhaps the name is a reference to the ROWID
+ */
+ if( cnt==0
+ && cntTab==1
+ && pMatch
+ && (pNC->ncFlags & NC_IdxExpr)==0
+ && sqlite3IsRowid(zCol)
+ && VisibleRowid(pMatch->pTab)
+ ){
+ cnt = 1;
+ pExpr->iColumn = -1;
+ pExpr->affinity = SQLITE_AFF_INTEGER;
+ }
+
+ /*
+ ** If the input is of the form Z (not Y.Z or X.Y.Z) then the name Z
+ ** might refer to an result-set alias. This happens, for example, when
+ ** we are resolving names in the WHERE clause of the following command:
+ **
+ ** SELECT a+b AS x FROM table WHERE x<10;
+ **
+ ** In cases like this, replace pExpr with a copy of the expression that
+ ** forms the result set entry ("a+b" in the example) and return immediately.
+ ** Note that the expression in the result set should have already been
+ ** resolved by the time the WHERE clause is resolved.
+ **
+ ** The ability to use an output result-set column in the WHERE, GROUP BY,
+ ** or HAVING clauses, or as part of a larger expression in the ORDER BY
+ ** clause is not standard SQL. This is a (goofy) SQLite extension, that
+ ** is supported for backwards compatibility only. Hence, we issue a warning
+ ** on sqlite3_log() whenever the capability is used.
+ */
+ if( (pEList = pNC->pEList)!=0
+ && zTab==0
+ && cnt==0
+ ){
+ for(j=0; j<pEList->nExpr; j++){
+ char *zAs = pEList->a[j].zName;
+ if( zAs!=0 && sqlite3StrICmp(zAs, zCol)==0 ){
+ Expr *pOrig;
+ assert( pExpr->pLeft==0 && pExpr->pRight==0 );
+ assert( pExpr->x.pList==0 );
+ assert( pExpr->x.pSelect==0 );
+ pOrig = pEList->a[j].pExpr;
+ if( (pNC->ncFlags&NC_AllowAgg)==0 && ExprHasProperty(pOrig, EP_Agg) ){
+ sqlite3ErrorMsg(pParse, "misuse of aliased aggregate %s", zAs);
+ return WRC_Abort;
+ }
+ resolveAlias(pParse, pEList, j, pExpr, "", nSubquery);
+ cnt = 1;
+ pMatch = 0;
+ assert( zTab==0 && zDb==0 );
+ goto lookupname_end;
+ }
+ }
+ }
+
+ /* Advance to the next name context. The loop will exit when either
+ ** we have a match (cnt>0) or when we run out of name contexts.
+ */
+ if( cnt==0 ){
+ pNC = pNC->pNext;
+ nSubquery++;
+ }
+ }
+
+ /*
+ ** If X and Y are NULL (in other words if only the column name Z is
+ ** supplied) and the value of Z is enclosed in double-quotes, then
+ ** Z is a string literal if it doesn't match any column names. In that
+ ** case, we need to return right away and not make any changes to
+ ** pExpr.
+ **
+ ** Because no reference was made to outer contexts, the pNC->nRef
+ ** fields are not changed in any context.
+ */
+ if( cnt==0 && zTab==0 && ExprHasProperty(pExpr,EP_DblQuoted) ){
+ pExpr->op = TK_STRING;
+ pExpr->pTab = 0;
+ return WRC_Prune;
+ }
+
+ /*
+ ** cnt==0 means there was not match. cnt>1 means there were two or
+ ** more matches. Either way, we have an error.
+ */
+ if( cnt!=1 ){
+ const char *zErr;
+ zErr = cnt==0 ? "no such column" : "ambiguous column name";
+ if( zDb ){
+ sqlite3ErrorMsg(pParse, "%s: %s.%s.%s", zErr, zDb, zTab, zCol);
+ }else if( zTab ){
+ sqlite3ErrorMsg(pParse, "%s: %s.%s", zErr, zTab, zCol);
+ }else{
+ sqlite3ErrorMsg(pParse, "%s: %s", zErr, zCol);
+ }
+ pParse->checkSchema = 1;
+ pTopNC->nErr++;
+ }
+
+ /* If a column from a table in pSrcList is referenced, then record
+ ** this fact in the pSrcList.a[].colUsed bitmask. Column 0 causes
+ ** bit 0 to be set. Column 1 sets bit 1. And so forth. If the
+ ** column number is greater than the number of bits in the bitmask
+ ** then set the high-order bit of the bitmask.
+ */
+ if( pExpr->iColumn>=0 && pMatch!=0 ){
+ int n = pExpr->iColumn;
+ testcase( n==BMS-1 );
+ if( n>=BMS ){
+ n = BMS-1;
+ }
+ assert( pMatch->iCursor==pExpr->iTable );
+ pMatch->colUsed |= ((Bitmask)1)<<n;
+ }
+
+ /* Clean up and return
+ */
+ sqlite3ExprDelete(db, pExpr->pLeft);
+ pExpr->pLeft = 0;
+ sqlite3ExprDelete(db, pExpr->pRight);
+ pExpr->pRight = 0;
+ pExpr->op = (isTrigger ? TK_TRIGGER : TK_COLUMN);
+lookupname_end:
+ if( cnt==1 ){
+ assert( pNC!=0 );
+ if( !ExprHasProperty(pExpr, EP_Alias) ){
+ sqlite3AuthRead(pParse, pExpr, pSchema, pNC->pSrcList);
+ }
+ /* Increment the nRef value on all name contexts from TopNC up to
+ ** the point where the name matched. */
+ for(;;){
+ assert( pTopNC!=0 );
+ pTopNC->nRef++;
+ if( pTopNC==pNC ) break;
+ pTopNC = pTopNC->pNext;
+ }
+ return WRC_Prune;
+ } else {
+ return WRC_Abort;
+ }
+}
+
+/*
+** Allocate and return a pointer to an expression to load the column iCol
+** from datasource iSrc in SrcList pSrc.
+*/
+SQLITE_PRIVATE Expr *sqlite3CreateColumnExpr(sqlite3 *db, SrcList *pSrc, int iSrc, int iCol){
+ Expr *p = sqlite3ExprAlloc(db, TK_COLUMN, 0, 0);
+ if( p ){
+ struct SrcList_item *pItem = &pSrc->a[iSrc];
+ p->pTab = pItem->pTab;
+ p->iTable = pItem->iCursor;
+ if( p->pTab->iPKey==iCol ){
+ p->iColumn = -1;
+ }else{
+ p->iColumn = (ynVar)iCol;
+ testcase( iCol==BMS );
+ testcase( iCol==BMS-1 );
+ pItem->colUsed |= ((Bitmask)1)<<(iCol>=BMS ? BMS-1 : iCol);
+ }
+ ExprSetProperty(p, EP_Resolved);
+ }
+ return p;
+}
+
+/*
+** Report an error that an expression is not valid for some set of
+** pNC->ncFlags values determined by validMask.
+*/
+static void notValid(
+ Parse *pParse, /* Leave error message here */
+ NameContext *pNC, /* The name context */
+ const char *zMsg, /* Type of error */
+ int validMask /* Set of contexts for which prohibited */
+){
+ assert( (validMask&~(NC_IsCheck|NC_PartIdx|NC_IdxExpr))==0 );
+ if( (pNC->ncFlags & validMask)!=0 ){
+ const char *zIn = "partial index WHERE clauses";
+ if( pNC->ncFlags & NC_IdxExpr ) zIn = "index expressions";
+#ifndef SQLITE_OMIT_CHECK
+ else if( pNC->ncFlags & NC_IsCheck ) zIn = "CHECK constraints";
+#endif
+ sqlite3ErrorMsg(pParse, "%s prohibited in %s", zMsg, zIn);
+ }
+}
+
+/*
+** Expression p should encode a floating point value between 1.0 and 0.0.
+** Return 1024 times this value. Or return -1 if p is not a floating point
+** value between 1.0 and 0.0.
+*/
+static int exprProbability(Expr *p){
+ double r = -1.0;
+ if( p->op!=TK_FLOAT ) return -1;
+ sqlite3AtoF(p->u.zToken, &r, sqlite3Strlen30(p->u.zToken), SQLITE_UTF8);
+ assert( r>=0.0 );
+ if( r>1.0 ) return -1;
+ return (int)(r*134217728.0);
+}
+
+/*
+** This routine is callback for sqlite3WalkExpr().
+**
+** Resolve symbolic names into TK_COLUMN operators for the current
+** node in the expression tree. Return 0 to continue the search down
+** the tree or 2 to abort the tree walk.
+**
+** This routine also does error checking and name resolution for
+** function names. The operator for aggregate functions is changed
+** to TK_AGG_FUNCTION.
+*/
+static int resolveExprStep(Walker *pWalker, Expr *pExpr){
+ NameContext *pNC;
+ Parse *pParse;
+
+ pNC = pWalker->u.pNC;
+ assert( pNC!=0 );
+ pParse = pNC->pParse;
+ assert( pParse==pWalker->pParse );
+
+ if( ExprHasProperty(pExpr, EP_Resolved) ) return WRC_Prune;
+ ExprSetProperty(pExpr, EP_Resolved);
+#ifndef NDEBUG
+ if( pNC->pSrcList && pNC->pSrcList->nAlloc>0 ){
+ SrcList *pSrcList = pNC->pSrcList;
+ int i;
+ for(i=0; i<pNC->pSrcList->nSrc; i++){
+ assert( pSrcList->a[i].iCursor>=0 && pSrcList->a[i].iCursor<pParse->nTab);
+ }
+ }
+#endif
+ switch( pExpr->op ){
+
+#if defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY)
+ /* The special operator TK_ROW means use the rowid for the first
+ ** column in the FROM clause. This is used by the LIMIT and ORDER BY
+ ** clause processing on UPDATE and DELETE statements.
+ */
+ case TK_ROW: {
+ SrcList *pSrcList = pNC->pSrcList;
+ struct SrcList_item *pItem;
+ assert( pSrcList && pSrcList->nSrc==1 );
+ pItem = pSrcList->a;
+ pExpr->op = TK_COLUMN;
+ pExpr->pTab = pItem->pTab;
+ pExpr->iTable = pItem->iCursor;
+ pExpr->iColumn = -1;
+ pExpr->affinity = SQLITE_AFF_INTEGER;
+ break;
+ }
+#endif /* defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT)
+ && !defined(SQLITE_OMIT_SUBQUERY) */
+
+ /* A lone identifier is the name of a column.
+ */
+ case TK_ID: {
+ return lookupName(pParse, 0, 0, pExpr->u.zToken, pNC, pExpr);
+ }
+
+ /* A table name and column name: ID.ID
+ ** Or a database, table and column: ID.ID.ID
+ */
+ case TK_DOT: {
+ const char *zColumn;
+ const char *zTable;
+ const char *zDb;
+ Expr *pRight;
+
+ /* if( pSrcList==0 ) break; */
+ notValid(pParse, pNC, "the \".\" operator", NC_IdxExpr);
+ /*notValid(pParse, pNC, "the \".\" operator", NC_PartIdx|NC_IsCheck, 1);*/
+ pRight = pExpr->pRight;
+ if( pRight->op==TK_ID ){
+ zDb = 0;
+ zTable = pExpr->pLeft->u.zToken;
+ zColumn = pRight->u.zToken;
+ }else{
+ assert( pRight->op==TK_DOT );
+ zDb = pExpr->pLeft->u.zToken;
+ zTable = pRight->pLeft->u.zToken;
+ zColumn = pRight->pRight->u.zToken;
+ }
+ return lookupName(pParse, zDb, zTable, zColumn, pNC, pExpr);
+ }
+
+ /* Resolve function names
+ */
+ case TK_FUNCTION: {
+ ExprList *pList = pExpr->x.pList; /* The argument list */
+ int n = pList ? pList->nExpr : 0; /* Number of arguments */
+ int no_such_func = 0; /* True if no such function exists */
+ int wrong_num_args = 0; /* True if wrong number of arguments */
+ int is_agg = 0; /* True if is an aggregate function */
+ int auth; /* Authorization to use the function */
+ int nId; /* Number of characters in function name */
+ const char *zId; /* The function name. */
+ FuncDef *pDef; /* Information about the function */
+ u8 enc = ENC(pParse->db); /* The database encoding */
+
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ notValid(pParse, pNC, "functions", NC_PartIdx);
+ zId = pExpr->u.zToken;
+ nId = sqlite3Strlen30(zId);
+ pDef = sqlite3FindFunction(pParse->db, zId, nId, n, enc, 0);
+ if( pDef==0 ){
+ pDef = sqlite3FindFunction(pParse->db, zId, nId, -2, enc, 0);
+ if( pDef==0 ){
+ no_such_func = 1;
+ }else{
+ wrong_num_args = 1;
+ }
+ }else{
+ is_agg = pDef->xFunc==0;
+ if( pDef->funcFlags & SQLITE_FUNC_UNLIKELY ){
+ ExprSetProperty(pExpr, EP_Unlikely|EP_Skip);
+ if( n==2 ){
+ pExpr->iTable = exprProbability(pList->a[1].pExpr);
+ if( pExpr->iTable<0 ){
+ sqlite3ErrorMsg(pParse,
+ "second argument to likelihood() must be a "
+ "constant between 0.0 and 1.0");
+ pNC->nErr++;
+ }
+ }else{
+ /* EVIDENCE-OF: R-61304-29449 The unlikely(X) function is
+ ** equivalent to likelihood(X, 0.0625).
+ ** EVIDENCE-OF: R-01283-11636 The unlikely(X) function is
+ ** short-hand for likelihood(X,0.0625).
+ ** EVIDENCE-OF: R-36850-34127 The likely(X) function is short-hand
+ ** for likelihood(X,0.9375).
+ ** EVIDENCE-OF: R-53436-40973 The likely(X) function is equivalent
+ ** to likelihood(X,0.9375). */
+ /* TUNING: unlikely() probability is 0.0625. likely() is 0.9375 */
+ pExpr->iTable = pDef->zName[0]=='u' ? 8388608 : 125829120;
+ }
+ }
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ auth = sqlite3AuthCheck(pParse, SQLITE_FUNCTION, 0, pDef->zName, 0);
+ if( auth!=SQLITE_OK ){
+ if( auth==SQLITE_DENY ){
+ sqlite3ErrorMsg(pParse, "not authorized to use function: %s",
+ pDef->zName);
+ pNC->nErr++;
+ }
+ pExpr->op = TK_NULL;
+ return WRC_Prune;
+ }
+#endif
+ if( pDef->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG) ){
+ /* For the purposes of the EP_ConstFunc flag, date and time
+ ** functions and other functions that change slowly are considered
+ ** constant because they are constant for the duration of one query */
+ ExprSetProperty(pExpr,EP_ConstFunc);
+ }
+ if( (pDef->funcFlags & SQLITE_FUNC_CONSTANT)==0 ){
+ /* Date/time functions that use 'now', and other functions like
+ ** sqlite_version() that might change over time cannot be used
+ ** in an index. */
+ notValid(pParse, pNC, "non-deterministic functions", NC_IdxExpr);
+ }
+ }
+ if( is_agg && (pNC->ncFlags & NC_AllowAgg)==0 ){
+ sqlite3ErrorMsg(pParse, "misuse of aggregate function %.*s()", nId,zId);
+ pNC->nErr++;
+ is_agg = 0;
+ }else if( no_such_func && pParse->db->init.busy==0 ){
+ sqlite3ErrorMsg(pParse, "no such function: %.*s", nId, zId);
+ pNC->nErr++;
+ }else if( wrong_num_args ){
+ sqlite3ErrorMsg(pParse,"wrong number of arguments to function %.*s()",
+ nId, zId);
+ pNC->nErr++;
+ }
+ if( is_agg ) pNC->ncFlags &= ~NC_AllowAgg;
+ sqlite3WalkExprList(pWalker, pList);
+ if( is_agg ){
+ NameContext *pNC2 = pNC;
+ pExpr->op = TK_AGG_FUNCTION;
+ pExpr->op2 = 0;
+ while( pNC2 && !sqlite3FunctionUsesThisSrc(pExpr, pNC2->pSrcList) ){
+ pExpr->op2++;
+ pNC2 = pNC2->pNext;
+ }
+ assert( pDef!=0 );
+ if( pNC2 ){
+ assert( SQLITE_FUNC_MINMAX==NC_MinMaxAgg );
+ testcase( (pDef->funcFlags & SQLITE_FUNC_MINMAX)!=0 );
+ pNC2->ncFlags |= NC_HasAgg | (pDef->funcFlags & SQLITE_FUNC_MINMAX);
+
+ }
+ pNC->ncFlags |= NC_AllowAgg;
+ }
+ /* FIX ME: Compute pExpr->affinity based on the expected return
+ ** type of the function
+ */
+ return WRC_Prune;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case TK_SELECT:
+ case TK_EXISTS: testcase( pExpr->op==TK_EXISTS );
+#endif
+ case TK_IN: {
+ testcase( pExpr->op==TK_IN );
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ int nRef = pNC->nRef;
+ notValid(pParse, pNC, "subqueries", NC_IsCheck|NC_PartIdx|NC_IdxExpr);
+ sqlite3WalkSelect(pWalker, pExpr->x.pSelect);
+ assert( pNC->nRef>=nRef );
+ if( nRef!=pNC->nRef ){
+ ExprSetProperty(pExpr, EP_VarSelect);
+ }
+ }
+ break;
+ }
+ case TK_VARIABLE: {
+ notValid(pParse, pNC, "parameters", NC_IsCheck|NC_PartIdx|NC_IdxExpr);
+ break;
+ }
+ }
+ return (pParse->nErr || pParse->db->mallocFailed) ? WRC_Abort : WRC_Continue;
+}
+
+/*
+** pEList is a list of expressions which are really the result set of the
+** a SELECT statement. pE is a term in an ORDER BY or GROUP BY clause.
+** This routine checks to see if pE is a simple identifier which corresponds
+** to the AS-name of one of the terms of the expression list. If it is,
+** this routine return an integer between 1 and N where N is the number of
+** elements in pEList, corresponding to the matching entry. If there is
+** no match, or if pE is not a simple identifier, then this routine
+** return 0.
+**
+** pEList has been resolved. pE has not.
+*/
+static int resolveAsName(
+ Parse *pParse, /* Parsing context for error messages */
+ ExprList *pEList, /* List of expressions to scan */
+ Expr *pE /* Expression we are trying to match */
+){
+ int i; /* Loop counter */
+
+ UNUSED_PARAMETER(pParse);
+
+ if( pE->op==TK_ID ){
+ char *zCol = pE->u.zToken;
+ for(i=0; i<pEList->nExpr; i++){
+ char *zAs = pEList->a[i].zName;
+ if( zAs!=0 && sqlite3StrICmp(zAs, zCol)==0 ){
+ return i+1;
+ }
+ }
+ }
+ return 0;
+}
+
+/*
+** pE is a pointer to an expression which is a single term in the
+** ORDER BY of a compound SELECT. The expression has not been
+** name resolved.
+**
+** At the point this routine is called, we already know that the
+** ORDER BY term is not an integer index into the result set. That
+** case is handled by the calling routine.
+**
+** Attempt to match pE against result set columns in the left-most
+** SELECT statement. Return the index i of the matching column,
+** as an indication to the caller that it should sort by the i-th column.
+** The left-most column is 1. In other words, the value returned is the
+** same integer value that would be used in the SQL statement to indicate
+** the column.
+**
+** If there is no match, return 0. Return -1 if an error occurs.
+*/
+static int resolveOrderByTermToExprList(
+ Parse *pParse, /* Parsing context for error messages */
+ Select *pSelect, /* The SELECT statement with the ORDER BY clause */
+ Expr *pE /* The specific ORDER BY term */
+){
+ int i; /* Loop counter */
+ ExprList *pEList; /* The columns of the result set */
+ NameContext nc; /* Name context for resolving pE */
+ sqlite3 *db; /* Database connection */
+ int rc; /* Return code from subprocedures */
+ u8 savedSuppErr; /* Saved value of db->suppressErr */
+
+ assert( sqlite3ExprIsInteger(pE, &i)==0 );
+ pEList = pSelect->pEList;
+
+ /* Resolve all names in the ORDER BY term expression
+ */
+ memset(&nc, 0, sizeof(nc));
+ nc.pParse = pParse;
+ nc.pSrcList = pSelect->pSrc;
+ nc.pEList = pEList;
+ nc.ncFlags = NC_AllowAgg;
+ nc.nErr = 0;
+ db = pParse->db;
+ savedSuppErr = db->suppressErr;
+ db->suppressErr = 1;
+ rc = sqlite3ResolveExprNames(&nc, pE);
+ db->suppressErr = savedSuppErr;
+ if( rc ) return 0;
+
+ /* Try to match the ORDER BY expression against an expression
+ ** in the result set. Return an 1-based index of the matching
+ ** result-set entry.
+ */
+ for(i=0; i<pEList->nExpr; i++){
+ if( sqlite3ExprCompare(pEList->a[i].pExpr, pE, -1)<2 ){
+ return i+1;
+ }
+ }
+
+ /* If no match, return 0. */
+ return 0;
+}
+
+/*
+** Generate an ORDER BY or GROUP BY term out-of-range error.
+*/
+static void resolveOutOfRangeError(
+ Parse *pParse, /* The error context into which to write the error */
+ const char *zType, /* "ORDER" or "GROUP" */
+ int i, /* The index (1-based) of the term out of range */
+ int mx /* Largest permissible value of i */
+){
+ sqlite3ErrorMsg(pParse,
+ "%r %s BY term out of range - should be "
+ "between 1 and %d", i, zType, mx);
+}
+
+/*
+** Analyze the ORDER BY clause in a compound SELECT statement. Modify
+** each term of the ORDER BY clause is a constant integer between 1
+** and N where N is the number of columns in the compound SELECT.
+**
+** ORDER BY terms that are already an integer between 1 and N are
+** unmodified. ORDER BY terms that are integers outside the range of
+** 1 through N generate an error. ORDER BY terms that are expressions
+** are matched against result set expressions of compound SELECT
+** beginning with the left-most SELECT and working toward the right.
+** At the first match, the ORDER BY expression is transformed into
+** the integer column number.
+**
+** Return the number of errors seen.
+*/
+static int resolveCompoundOrderBy(
+ Parse *pParse, /* Parsing context. Leave error messages here */
+ Select *pSelect /* The SELECT statement containing the ORDER BY */
+){
+ int i;
+ ExprList *pOrderBy;
+ ExprList *pEList;
+ sqlite3 *db;
+ int moreToDo = 1;
+
+ pOrderBy = pSelect->pOrderBy;
+ if( pOrderBy==0 ) return 0;
+ db = pParse->db;
+#if SQLITE_MAX_COLUMN
+ if( pOrderBy->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){
+ sqlite3ErrorMsg(pParse, "too many terms in ORDER BY clause");
+ return 1;
+ }
+#endif
+ for(i=0; i<pOrderBy->nExpr; i++){
+ pOrderBy->a[i].done = 0;
+ }
+ pSelect->pNext = 0;
+ while( pSelect->pPrior ){
+ pSelect->pPrior->pNext = pSelect;
+ pSelect = pSelect->pPrior;
+ }
+ while( pSelect && moreToDo ){
+ struct ExprList_item *pItem;
+ moreToDo = 0;
+ pEList = pSelect->pEList;
+ assert( pEList!=0 );
+ for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){
+ int iCol = -1;
+ Expr *pE, *pDup;
+ if( pItem->done ) continue;
+ pE = sqlite3ExprSkipCollate(pItem->pExpr);
+ if( sqlite3ExprIsInteger(pE, &iCol) ){
+ if( iCol<=0 || iCol>pEList->nExpr ){
+ resolveOutOfRangeError(pParse, "ORDER", i+1, pEList->nExpr);
+ return 1;
+ }
+ }else{
+ iCol = resolveAsName(pParse, pEList, pE);
+ if( iCol==0 ){
+ pDup = sqlite3ExprDup(db, pE, 0);
+ if( !db->mallocFailed ){
+ assert(pDup);
+ iCol = resolveOrderByTermToExprList(pParse, pSelect, pDup);
+ }
+ sqlite3ExprDelete(db, pDup);
+ }
+ }
+ if( iCol>0 ){
+ /* Convert the ORDER BY term into an integer column number iCol,
+ ** taking care to preserve the COLLATE clause if it exists */
+ Expr *pNew = sqlite3Expr(db, TK_INTEGER, 0);
+ if( pNew==0 ) return 1;
+ pNew->flags |= EP_IntValue;
+ pNew->u.iValue = iCol;
+ if( pItem->pExpr==pE ){
+ pItem->pExpr = pNew;
+ }else{
+ Expr *pParent = pItem->pExpr;
+ assert( pParent->op==TK_COLLATE );
+ while( pParent->pLeft->op==TK_COLLATE ) pParent = pParent->pLeft;
+ assert( pParent->pLeft==pE );
+ pParent->pLeft = pNew;
+ }
+ sqlite3ExprDelete(db, pE);
+ pItem->u.x.iOrderByCol = (u16)iCol;
+ pItem->done = 1;
+ }else{
+ moreToDo = 1;
+ }
+ }
+ pSelect = pSelect->pNext;
+ }
+ for(i=0; i<pOrderBy->nExpr; i++){
+ if( pOrderBy->a[i].done==0 ){
+ sqlite3ErrorMsg(pParse, "%r ORDER BY term does not match any "
+ "column in the result set", i+1);
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** Check every term in the ORDER BY or GROUP BY clause pOrderBy of
+** the SELECT statement pSelect. If any term is reference to a
+** result set expression (as determined by the ExprList.a.u.x.iOrderByCol
+** field) then convert that term into a copy of the corresponding result set
+** column.
+**
+** If any errors are detected, add an error message to pParse and
+** return non-zero. Return zero if no errors are seen.
+*/
+SQLITE_PRIVATE int sqlite3ResolveOrderGroupBy(
+ Parse *pParse, /* Parsing context. Leave error messages here */
+ Select *pSelect, /* The SELECT statement containing the clause */
+ ExprList *pOrderBy, /* The ORDER BY or GROUP BY clause to be processed */
+ const char *zType /* "ORDER" or "GROUP" */
+){
+ int i;
+ sqlite3 *db = pParse->db;
+ ExprList *pEList;
+ struct ExprList_item *pItem;
+
+ if( pOrderBy==0 || pParse->db->mallocFailed ) return 0;
+#if SQLITE_MAX_COLUMN
+ if( pOrderBy->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){
+ sqlite3ErrorMsg(pParse, "too many terms in %s BY clause", zType);
+ return 1;
+ }
+#endif
+ pEList = pSelect->pEList;
+ assert( pEList!=0 ); /* sqlite3SelectNew() guarantees this */
+ for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){
+ if( pItem->u.x.iOrderByCol ){
+ if( pItem->u.x.iOrderByCol>pEList->nExpr ){
+ resolveOutOfRangeError(pParse, zType, i+1, pEList->nExpr);
+ return 1;
+ }
+ resolveAlias(pParse, pEList, pItem->u.x.iOrderByCol-1, pItem->pExpr,
+ zType,0);
+ }
+ }
+ return 0;
+}
+
+/*
+** pOrderBy is an ORDER BY or GROUP BY clause in SELECT statement pSelect.
+** The Name context of the SELECT statement is pNC. zType is either
+** "ORDER" or "GROUP" depending on which type of clause pOrderBy is.
+**
+** This routine resolves each term of the clause into an expression.
+** If the order-by term is an integer I between 1 and N (where N is the
+** number of columns in the result set of the SELECT) then the expression
+** in the resolution is a copy of the I-th result-set expression. If
+** the order-by term is an identifier that corresponds to the AS-name of
+** a result-set expression, then the term resolves to a copy of the
+** result-set expression. Otherwise, the expression is resolved in
+** the usual way - using sqlite3ResolveExprNames().
+**
+** This routine returns the number of errors. If errors occur, then
+** an appropriate error message might be left in pParse. (OOM errors
+** excepted.)
+*/
+static int resolveOrderGroupBy(
+ NameContext *pNC, /* The name context of the SELECT statement */
+ Select *pSelect, /* The SELECT statement holding pOrderBy */
+ ExprList *pOrderBy, /* An ORDER BY or GROUP BY clause to resolve */
+ const char *zType /* Either "ORDER" or "GROUP", as appropriate */
+){
+ int i, j; /* Loop counters */
+ int iCol; /* Column number */
+ struct ExprList_item *pItem; /* A term of the ORDER BY clause */
+ Parse *pParse; /* Parsing context */
+ int nResult; /* Number of terms in the result set */
+
+ if( pOrderBy==0 ) return 0;
+ nResult = pSelect->pEList->nExpr;
+ pParse = pNC->pParse;
+ for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){
+ Expr *pE = pItem->pExpr;
+ Expr *pE2 = sqlite3ExprSkipCollate(pE);
+ if( zType[0]!='G' ){
+ iCol = resolveAsName(pParse, pSelect->pEList, pE2);
+ if( iCol>0 ){
+ /* If an AS-name match is found, mark this ORDER BY column as being
+ ** a copy of the iCol-th result-set column. The subsequent call to
+ ** sqlite3ResolveOrderGroupBy() will convert the expression to a
+ ** copy of the iCol-th result-set expression. */
+ pItem->u.x.iOrderByCol = (u16)iCol;
+ continue;
+ }
+ }
+ if( sqlite3ExprIsInteger(pE2, &iCol) ){
+ /* The ORDER BY term is an integer constant. Again, set the column
+ ** number so that sqlite3ResolveOrderGroupBy() will convert the
+ ** order-by term to a copy of the result-set expression */
+ if( iCol<1 || iCol>0xffff ){
+ resolveOutOfRangeError(pParse, zType, i+1, nResult);
+ return 1;
+ }
+ pItem->u.x.iOrderByCol = (u16)iCol;
+ continue;
+ }
+
+ /* Otherwise, treat the ORDER BY term as an ordinary expression */
+ pItem->u.x.iOrderByCol = 0;
+ if( sqlite3ResolveExprNames(pNC, pE) ){
+ return 1;
+ }
+ for(j=0; j<pSelect->pEList->nExpr; j++){
+ if( sqlite3ExprCompare(pE, pSelect->pEList->a[j].pExpr, -1)==0 ){
+ pItem->u.x.iOrderByCol = j+1;
+ }
+ }
+ }
+ return sqlite3ResolveOrderGroupBy(pParse, pSelect, pOrderBy, zType);
+}
+
+/*
+** Resolve names in the SELECT statement p and all of its descendants.
+*/
+static int resolveSelectStep(Walker *pWalker, Select *p){
+ NameContext *pOuterNC; /* Context that contains this SELECT */
+ NameContext sNC; /* Name context of this SELECT */
+ int isCompound; /* True if p is a compound select */
+ int nCompound; /* Number of compound terms processed so far */
+ Parse *pParse; /* Parsing context */
+ int i; /* Loop counter */
+ ExprList *pGroupBy; /* The GROUP BY clause */
+ Select *pLeftmost; /* Left-most of SELECT of a compound */
+ sqlite3 *db; /* Database connection */
+
+
+ assert( p!=0 );
+ if( p->selFlags & SF_Resolved ){
+ return WRC_Prune;
+ }
+ pOuterNC = pWalker->u.pNC;
+ pParse = pWalker->pParse;
+ db = pParse->db;
+
+ /* Normally sqlite3SelectExpand() will be called first and will have
+ ** already expanded this SELECT. However, if this is a subquery within
+ ** an expression, sqlite3ResolveExprNames() will be called without a
+ ** prior call to sqlite3SelectExpand(). When that happens, let
+ ** sqlite3SelectPrep() do all of the processing for this SELECT.
+ ** sqlite3SelectPrep() will invoke both sqlite3SelectExpand() and
+ ** this routine in the correct order.
+ */
+ if( (p->selFlags & SF_Expanded)==0 ){
+ sqlite3SelectPrep(pParse, p, pOuterNC);
+ return (pParse->nErr || db->mallocFailed) ? WRC_Abort : WRC_Prune;
+ }
+
+ isCompound = p->pPrior!=0;
+ nCompound = 0;
+ pLeftmost = p;
+ while( p ){
+ assert( (p->selFlags & SF_Expanded)!=0 );
+ assert( (p->selFlags & SF_Resolved)==0 );
+ p->selFlags |= SF_Resolved;
+
+ /* Resolve the expressions in the LIMIT and OFFSET clauses. These
+ ** are not allowed to refer to any names, so pass an empty NameContext.
+ */
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pParse = pParse;
+ if( sqlite3ResolveExprNames(&sNC, p->pLimit) ||
+ sqlite3ResolveExprNames(&sNC, p->pOffset) ){
+ return WRC_Abort;
+ }
+
+ /* If the SF_Converted flags is set, then this Select object was
+ ** was created by the convertCompoundSelectToSubquery() function.
+ ** In this case the ORDER BY clause (p->pOrderBy) should be resolved
+ ** as if it were part of the sub-query, not the parent. This block
+ ** moves the pOrderBy down to the sub-query. It will be moved back
+ ** after the names have been resolved. */
+ if( p->selFlags & SF_Converted ){
+ Select *pSub = p->pSrc->a[0].pSelect;
+ assert( p->pSrc->nSrc==1 && p->pOrderBy );
+ assert( pSub->pPrior && pSub->pOrderBy==0 );
+ pSub->pOrderBy = p->pOrderBy;
+ p->pOrderBy = 0;
+ }
+
+ /* Recursively resolve names in all subqueries
+ */
+ for(i=0; i<p->pSrc->nSrc; i++){
+ struct SrcList_item *pItem = &p->pSrc->a[i];
+ if( pItem->pSelect ){
+ NameContext *pNC; /* Used to iterate name contexts */
+ int nRef = 0; /* Refcount for pOuterNC and outer contexts */
+ const char *zSavedContext = pParse->zAuthContext;
+
+ /* Count the total number of references to pOuterNC and all of its
+ ** parent contexts. After resolving references to expressions in
+ ** pItem->pSelect, check if this value has changed. If so, then
+ ** SELECT statement pItem->pSelect must be correlated. Set the
+ ** pItem->fg.isCorrelated flag if this is the case. */
+ for(pNC=pOuterNC; pNC; pNC=pNC->pNext) nRef += pNC->nRef;
+
+ if( pItem->zName ) pParse->zAuthContext = pItem->zName;
+ sqlite3ResolveSelectNames(pParse, pItem->pSelect, pOuterNC);
+ pParse->zAuthContext = zSavedContext;
+ if( pParse->nErr || db->mallocFailed ) return WRC_Abort;
+
+ for(pNC=pOuterNC; pNC; pNC=pNC->pNext) nRef -= pNC->nRef;
+ assert( pItem->fg.isCorrelated==0 && nRef<=0 );
+ pItem->fg.isCorrelated = (nRef!=0);
+ }
+ }
+
+ /* Set up the local name-context to pass to sqlite3ResolveExprNames() to
+ ** resolve the result-set expression list.
+ */
+ sNC.ncFlags = NC_AllowAgg;
+ sNC.pSrcList = p->pSrc;
+ sNC.pNext = pOuterNC;
+
+ /* Resolve names in the result set. */
+ if( sqlite3ResolveExprListNames(&sNC, p->pEList) ) return WRC_Abort;
+
+ /* If there are no aggregate functions in the result-set, and no GROUP BY
+ ** expression, do not allow aggregates in any of the other expressions.
+ */
+ assert( (p->selFlags & SF_Aggregate)==0 );
+ pGroupBy = p->pGroupBy;
+ if( pGroupBy || (sNC.ncFlags & NC_HasAgg)!=0 ){
+ assert( NC_MinMaxAgg==SF_MinMaxAgg );
+ p->selFlags |= SF_Aggregate | (sNC.ncFlags&NC_MinMaxAgg);
+ }else{
+ sNC.ncFlags &= ~NC_AllowAgg;
+ }
+
+ /* If a HAVING clause is present, then there must be a GROUP BY clause.
+ */
+ if( p->pHaving && !pGroupBy ){
+ sqlite3ErrorMsg(pParse, "a GROUP BY clause is required before HAVING");
+ return WRC_Abort;
+ }
+
+ /* Add the output column list to the name-context before parsing the
+ ** other expressions in the SELECT statement. This is so that
+ ** expressions in the WHERE clause (etc.) can refer to expressions by
+ ** aliases in the result set.
+ **
+ ** Minor point: If this is the case, then the expression will be
+ ** re-evaluated for each reference to it.
+ */
+ sNC.pEList = p->pEList;
+ if( sqlite3ResolveExprNames(&sNC, p->pHaving) ) return WRC_Abort;
+ if( sqlite3ResolveExprNames(&sNC, p->pWhere) ) return WRC_Abort;
+
+ /* Resolve names in table-valued-function arguments */
+ for(i=0; i<p->pSrc->nSrc; i++){
+ struct SrcList_item *pItem = &p->pSrc->a[i];
+ if( pItem->fg.isTabFunc
+ && sqlite3ResolveExprListNames(&sNC, pItem->u1.pFuncArg)
+ ){
+ return WRC_Abort;
+ }
+ }
+
+ /* The ORDER BY and GROUP BY clauses may not refer to terms in
+ ** outer queries
+ */
+ sNC.pNext = 0;
+ sNC.ncFlags |= NC_AllowAgg;
+
+ /* If this is a converted compound query, move the ORDER BY clause from
+ ** the sub-query back to the parent query. At this point each term
+ ** within the ORDER BY clause has been transformed to an integer value.
+ ** These integers will be replaced by copies of the corresponding result
+ ** set expressions by the call to resolveOrderGroupBy() below. */
+ if( p->selFlags & SF_Converted ){
+ Select *pSub = p->pSrc->a[0].pSelect;
+ p->pOrderBy = pSub->pOrderBy;
+ pSub->pOrderBy = 0;
+ }
+
+ /* Process the ORDER BY clause for singleton SELECT statements.
+ ** The ORDER BY clause for compounds SELECT statements is handled
+ ** below, after all of the result-sets for all of the elements of
+ ** the compound have been resolved.
+ **
+ ** If there is an ORDER BY clause on a term of a compound-select other
+ ** than the right-most term, then that is a syntax error. But the error
+ ** is not detected until much later, and so we need to go ahead and
+ ** resolve those symbols on the incorrect ORDER BY for consistency.
+ */
+ if( isCompound<=nCompound /* Defer right-most ORDER BY of a compound */
+ && resolveOrderGroupBy(&sNC, p, p->pOrderBy, "ORDER")
+ ){
+ return WRC_Abort;
+ }
+ if( db->mallocFailed ){
+ return WRC_Abort;
+ }
+
+ /* Resolve the GROUP BY clause. At the same time, make sure
+ ** the GROUP BY clause does not contain aggregate functions.
+ */
+ if( pGroupBy ){
+ struct ExprList_item *pItem;
+
+ if( resolveOrderGroupBy(&sNC, p, pGroupBy, "GROUP") || db->mallocFailed ){
+ return WRC_Abort;
+ }
+ for(i=0, pItem=pGroupBy->a; i<pGroupBy->nExpr; i++, pItem++){
+ if( ExprHasProperty(pItem->pExpr, EP_Agg) ){
+ sqlite3ErrorMsg(pParse, "aggregate functions are not allowed in "
+ "the GROUP BY clause");
+ return WRC_Abort;
+ }
+ }
+ }
+
+ /* If this is part of a compound SELECT, check that it has the right
+ ** number of expressions in the select list. */
+ if( p->pNext && p->pEList->nExpr!=p->pNext->pEList->nExpr ){
+ sqlite3SelectWrongNumTermsError(pParse, p->pNext);
+ return WRC_Abort;
+ }
+
+ /* Advance to the next term of the compound
+ */
+ p = p->pPrior;
+ nCompound++;
+ }
+
+ /* Resolve the ORDER BY on a compound SELECT after all terms of
+ ** the compound have been resolved.
+ */
+ if( isCompound && resolveCompoundOrderBy(pParse, pLeftmost) ){
+ return WRC_Abort;
+ }
+
+ return WRC_Prune;
+}
+
+/*
+** This routine walks an expression tree and resolves references to
+** table columns and result-set columns. At the same time, do error
+** checking on function usage and set a flag if any aggregate functions
+** are seen.
+**
+** To resolve table columns references we look for nodes (or subtrees) of the
+** form X.Y.Z or Y.Z or just Z where
+**
+** X: The name of a database. Ex: "main" or "temp" or
+** the symbolic name assigned to an ATTACH-ed database.
+**
+** Y: The name of a table in a FROM clause. Or in a trigger
+** one of the special names "old" or "new".
+**
+** Z: The name of a column in table Y.
+**
+** The node at the root of the subtree is modified as follows:
+**
+** Expr.op Changed to TK_COLUMN
+** Expr.pTab Points to the Table object for X.Y
+** Expr.iColumn The column index in X.Y. -1 for the rowid.
+** Expr.iTable The VDBE cursor number for X.Y
+**
+**
+** To resolve result-set references, look for expression nodes of the
+** form Z (with no X and Y prefix) where the Z matches the right-hand
+** size of an AS clause in the result-set of a SELECT. The Z expression
+** is replaced by a copy of the left-hand side of the result-set expression.
+** Table-name and function resolution occurs on the substituted expression
+** tree. For example, in:
+**
+** SELECT a+b AS x, c+d AS y FROM t1 ORDER BY x;
+**
+** The "x" term of the order by is replaced by "a+b" to render:
+**
+** SELECT a+b AS x, c+d AS y FROM t1 ORDER BY a+b;
+**
+** Function calls are checked to make sure that the function is
+** defined and that the correct number of arguments are specified.
+** If the function is an aggregate function, then the NC_HasAgg flag is
+** set and the opcode is changed from TK_FUNCTION to TK_AGG_FUNCTION.
+** If an expression contains aggregate functions then the EP_Agg
+** property on the expression is set.
+**
+** An error message is left in pParse if anything is amiss. The number
+** if errors is returned.
+*/
+SQLITE_PRIVATE int sqlite3ResolveExprNames(
+ NameContext *pNC, /* Namespace to resolve expressions in. */
+ Expr *pExpr /* The expression to be analyzed. */
+){
+ u16 savedHasAgg;
+ Walker w;
+
+ if( pExpr==0 ) return 0;
+#if SQLITE_MAX_EXPR_DEPTH>0
+ {
+ Parse *pParse = pNC->pParse;
+ if( sqlite3ExprCheckHeight(pParse, pExpr->nHeight+pNC->pParse->nHeight) ){
+ return 1;
+ }
+ pParse->nHeight += pExpr->nHeight;
+ }
+#endif
+ savedHasAgg = pNC->ncFlags & (NC_HasAgg|NC_MinMaxAgg);
+ pNC->ncFlags &= ~(NC_HasAgg|NC_MinMaxAgg);
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = resolveExprStep;
+ w.xSelectCallback = resolveSelectStep;
+ w.pParse = pNC->pParse;
+ w.u.pNC = pNC;
+ sqlite3WalkExpr(&w, pExpr);
+#if SQLITE_MAX_EXPR_DEPTH>0
+ pNC->pParse->nHeight -= pExpr->nHeight;
+#endif
+ if( pNC->nErr>0 || w.pParse->nErr>0 ){
+ ExprSetProperty(pExpr, EP_Error);
+ }
+ if( pNC->ncFlags & NC_HasAgg ){
+ ExprSetProperty(pExpr, EP_Agg);
+ }
+ pNC->ncFlags |= savedHasAgg;
+ return ExprHasProperty(pExpr, EP_Error);
+}
+
+/*
+** Resolve all names for all expression in an expression list. This is
+** just like sqlite3ResolveExprNames() except that it works for an expression
+** list rather than a single expression.
+*/
+SQLITE_PRIVATE int sqlite3ResolveExprListNames(
+ NameContext *pNC, /* Namespace to resolve expressions in. */
+ ExprList *pList /* The expression list to be analyzed. */
+){
+ int i;
+ if( pList ){
+ for(i=0; i<pList->nExpr; i++){
+ if( sqlite3ResolveExprNames(pNC, pList->a[i].pExpr) ) return WRC_Abort;
+ }
+ }
+ return WRC_Continue;
+}
+
+/*
+** Resolve all names in all expressions of a SELECT and in all
+** decendents of the SELECT, including compounds off of p->pPrior,
+** subqueries in expressions, and subqueries used as FROM clause
+** terms.
+**
+** See sqlite3ResolveExprNames() for a description of the kinds of
+** transformations that occur.
+**
+** All SELECT statements should have been expanded using
+** sqlite3SelectExpand() prior to invoking this routine.
+*/
+SQLITE_PRIVATE void sqlite3ResolveSelectNames(
+ Parse *pParse, /* The parser context */
+ Select *p, /* The SELECT statement being coded. */
+ NameContext *pOuterNC /* Name context for parent SELECT statement */
+){
+ Walker w;
+
+ assert( p!=0 );
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = resolveExprStep;
+ w.xSelectCallback = resolveSelectStep;
+ w.pParse = pParse;
+ w.u.pNC = pOuterNC;
+ sqlite3WalkSelect(&w, p);
+}
+
+/*
+** Resolve names in expressions that can only reference a single table:
+**
+** * CHECK constraints
+** * WHERE clauses on partial indices
+**
+** The Expr.iTable value for Expr.op==TK_COLUMN nodes of the expression
+** is set to -1 and the Expr.iColumn value is set to the column number.
+**
+** Any errors cause an error message to be set in pParse.
+*/
+SQLITE_PRIVATE void sqlite3ResolveSelfReference(
+ Parse *pParse, /* Parsing context */
+ Table *pTab, /* The table being referenced */
+ int type, /* NC_IsCheck or NC_PartIdx or NC_IdxExpr */
+ Expr *pExpr, /* Expression to resolve. May be NULL. */
+ ExprList *pList /* Expression list to resolve. May be NUL. */
+){
+ SrcList sSrc; /* Fake SrcList for pParse->pNewTable */
+ NameContext sNC; /* Name context for pParse->pNewTable */
+
+ assert( type==NC_IsCheck || type==NC_PartIdx || type==NC_IdxExpr );
+ memset(&sNC, 0, sizeof(sNC));
+ memset(&sSrc, 0, sizeof(sSrc));
+ sSrc.nSrc = 1;
+ sSrc.a[0].zName = pTab->zName;
+ sSrc.a[0].pTab = pTab;
+ sSrc.a[0].iCursor = -1;
+ sNC.pParse = pParse;
+ sNC.pSrcList = &sSrc;
+ sNC.ncFlags = type;
+ if( sqlite3ResolveExprNames(&sNC, pExpr) ) return;
+ if( pList ) sqlite3ResolveExprListNames(&sNC, pList);
+}
+
+/************** End of resolve.c *********************************************/
+/************** Begin file expr.c ********************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains routines used for analyzing expressions and
+** for generating VDBE code that evaluates expressions in SQLite.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** Return the 'affinity' of the expression pExpr if any.
+**
+** If pExpr is a column, a reference to a column via an 'AS' alias,
+** or a sub-select with a column as the return value, then the
+** affinity of that column is returned. Otherwise, 0x00 is returned,
+** indicating no affinity for the expression.
+**
+** i.e. the WHERE clause expressions in the following statements all
+** have an affinity:
+**
+** CREATE TABLE t1(a);
+** SELECT * FROM t1 WHERE a;
+** SELECT a AS b FROM t1 WHERE b;
+** SELECT * FROM t1 WHERE (select a from t1);
+*/
+SQLITE_PRIVATE char sqlite3ExprAffinity(Expr *pExpr){
+ int op;
+ pExpr = sqlite3ExprSkipCollate(pExpr);
+ if( pExpr->flags & EP_Generic ) return 0;
+ op = pExpr->op;
+ if( op==TK_SELECT ){
+ assert( pExpr->flags&EP_xIsSelect );
+ return sqlite3ExprAffinity(pExpr->x.pSelect->pEList->a[0].pExpr);
+ }
+#ifndef SQLITE_OMIT_CAST
+ if( op==TK_CAST ){
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ return sqlite3AffinityType(pExpr->u.zToken, 0);
+ }
+#endif
+ if( (op==TK_AGG_COLUMN || op==TK_COLUMN || op==TK_REGISTER)
+ && pExpr->pTab!=0
+ ){
+ /* op==TK_REGISTER && pExpr->pTab!=0 happens when pExpr was originally
+ ** a TK_COLUMN but was previously evaluated and cached in a register */
+ int j = pExpr->iColumn;
+ if( j<0 ) return SQLITE_AFF_INTEGER;
+ assert( pExpr->pTab && j<pExpr->pTab->nCol );
+ return pExpr->pTab->aCol[j].affinity;
+ }
+ return pExpr->affinity;
+}
+
+/*
+** Set the collating sequence for expression pExpr to be the collating
+** sequence named by pToken. Return a pointer to a new Expr node that
+** implements the COLLATE operator.
+**
+** If a memory allocation error occurs, that fact is recorded in pParse->db
+** and the pExpr parameter is returned unchanged.
+*/
+SQLITE_PRIVATE Expr *sqlite3ExprAddCollateToken(
+ Parse *pParse, /* Parsing context */
+ Expr *pExpr, /* Add the "COLLATE" clause to this expression */
+ const Token *pCollName, /* Name of collating sequence */
+ int dequote /* True to dequote pCollName */
+){
+ if( pCollName->n>0 ){
+ Expr *pNew = sqlite3ExprAlloc(pParse->db, TK_COLLATE, pCollName, dequote);
+ if( pNew ){
+ pNew->pLeft = pExpr;
+ pNew->flags |= EP_Collate|EP_Skip;
+ pExpr = pNew;
+ }
+ }
+ return pExpr;
+}
+SQLITE_PRIVATE Expr *sqlite3ExprAddCollateString(Parse *pParse, Expr *pExpr, const char *zC){
+ Token s;
+ assert( zC!=0 );
+ s.z = zC;
+ s.n = sqlite3Strlen30(s.z);
+ return sqlite3ExprAddCollateToken(pParse, pExpr, &s, 0);
+}
+
+/*
+** Skip over any TK_COLLATE operators and any unlikely()
+** or likelihood() function at the root of an expression.
+*/
+SQLITE_PRIVATE Expr *sqlite3ExprSkipCollate(Expr *pExpr){
+ while( pExpr && ExprHasProperty(pExpr, EP_Skip) ){
+ if( ExprHasProperty(pExpr, EP_Unlikely) ){
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ assert( pExpr->x.pList->nExpr>0 );
+ assert( pExpr->op==TK_FUNCTION );
+ pExpr = pExpr->x.pList->a[0].pExpr;
+ }else{
+ assert( pExpr->op==TK_COLLATE );
+ pExpr = pExpr->pLeft;
+ }
+ }
+ return pExpr;
+}
+
+/*
+** Return the collation sequence for the expression pExpr. If
+** there is no defined collating sequence, return NULL.
+**
+** The collating sequence might be determined by a COLLATE operator
+** or by the presence of a column with a defined collating sequence.
+** COLLATE operators take first precedence. Left operands take
+** precedence over right operands.
+*/
+SQLITE_PRIVATE CollSeq *sqlite3ExprCollSeq(Parse *pParse, Expr *pExpr){
+ sqlite3 *db = pParse->db;
+ CollSeq *pColl = 0;
+ Expr *p = pExpr;
+ while( p ){
+ int op = p->op;
+ if( p->flags & EP_Generic ) break;
+ if( op==TK_CAST || op==TK_UPLUS ){
+ p = p->pLeft;
+ continue;
+ }
+ if( op==TK_COLLATE || (op==TK_REGISTER && p->op2==TK_COLLATE) ){
+ pColl = sqlite3GetCollSeq(pParse, ENC(db), 0, p->u.zToken);
+ break;
+ }
+ if( (op==TK_AGG_COLUMN || op==TK_COLUMN
+ || op==TK_REGISTER || op==TK_TRIGGER)
+ && p->pTab!=0
+ ){
+ /* op==TK_REGISTER && p->pTab!=0 happens when pExpr was originally
+ ** a TK_COLUMN but was previously evaluated and cached in a register */
+ int j = p->iColumn;
+ if( j>=0 ){
+ const char *zColl = p->pTab->aCol[j].zColl;
+ pColl = sqlite3FindCollSeq(db, ENC(db), zColl, 0);
+ }
+ break;
+ }
+ if( p->flags & EP_Collate ){
+ if( p->pLeft && (p->pLeft->flags & EP_Collate)!=0 ){
+ p = p->pLeft;
+ }else{
+ Expr *pNext = p->pRight;
+ /* The Expr.x union is never used at the same time as Expr.pRight */
+ assert( p->x.pList==0 || p->pRight==0 );
+ /* p->flags holds EP_Collate and p->pLeft->flags does not. And
+ ** p->x.pSelect cannot. So if p->x.pLeft exists, it must hold at
+ ** least one EP_Collate. Thus the following two ALWAYS. */
+ if( p->x.pList!=0 && ALWAYS(!ExprHasProperty(p, EP_xIsSelect)) ){
+ int i;
+ for(i=0; ALWAYS(i<p->x.pList->nExpr); i++){
+ if( ExprHasProperty(p->x.pList->a[i].pExpr, EP_Collate) ){
+ pNext = p->x.pList->a[i].pExpr;
+ break;
+ }
+ }
+ }
+ p = pNext;
+ }
+ }else{
+ break;
+ }
+ }
+ if( sqlite3CheckCollSeq(pParse, pColl) ){
+ pColl = 0;
+ }
+ return pColl;
+}
+
+/*
+** pExpr is an operand of a comparison operator. aff2 is the
+** type affinity of the other operand. This routine returns the
+** type affinity that should be used for the comparison operator.
+*/
+SQLITE_PRIVATE char sqlite3CompareAffinity(Expr *pExpr, char aff2){
+ char aff1 = sqlite3ExprAffinity(pExpr);
+ if( aff1 && aff2 ){
+ /* Both sides of the comparison are columns. If one has numeric
+ ** affinity, use that. Otherwise use no affinity.
+ */
+ if( sqlite3IsNumericAffinity(aff1) || sqlite3IsNumericAffinity(aff2) ){
+ return SQLITE_AFF_NUMERIC;
+ }else{
+ return SQLITE_AFF_BLOB;
+ }
+ }else if( !aff1 && !aff2 ){
+ /* Neither side of the comparison is a column. Compare the
+ ** results directly.
+ */
+ return SQLITE_AFF_BLOB;
+ }else{
+ /* One side is a column, the other is not. Use the columns affinity. */
+ assert( aff1==0 || aff2==0 );
+ return (aff1 + aff2);
+ }
+}
+
+/*
+** pExpr is a comparison operator. Return the type affinity that should
+** be applied to both operands prior to doing the comparison.
+*/
+static char comparisonAffinity(Expr *pExpr){
+ char aff;
+ assert( pExpr->op==TK_EQ || pExpr->op==TK_IN || pExpr->op==TK_LT ||
+ pExpr->op==TK_GT || pExpr->op==TK_GE || pExpr->op==TK_LE ||
+ pExpr->op==TK_NE || pExpr->op==TK_IS || pExpr->op==TK_ISNOT );
+ assert( pExpr->pLeft );
+ aff = sqlite3ExprAffinity(pExpr->pLeft);
+ if( pExpr->pRight ){
+ aff = sqlite3CompareAffinity(pExpr->pRight, aff);
+ }else if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ aff = sqlite3CompareAffinity(pExpr->x.pSelect->pEList->a[0].pExpr, aff);
+ }else if( !aff ){
+ aff = SQLITE_AFF_BLOB;
+ }
+ return aff;
+}
+
+/*
+** pExpr is a comparison expression, eg. '=', '<', IN(...) etc.
+** idx_affinity is the affinity of an indexed column. Return true
+** if the index with affinity idx_affinity may be used to implement
+** the comparison in pExpr.
+*/
+SQLITE_PRIVATE int sqlite3IndexAffinityOk(Expr *pExpr, char idx_affinity){
+ char aff = comparisonAffinity(pExpr);
+ switch( aff ){
+ case SQLITE_AFF_BLOB:
+ return 1;
+ case SQLITE_AFF_TEXT:
+ return idx_affinity==SQLITE_AFF_TEXT;
+ default:
+ return sqlite3IsNumericAffinity(idx_affinity);
+ }
+}
+
+/*
+** Return the P5 value that should be used for a binary comparison
+** opcode (OP_Eq, OP_Ge etc.) used to compare pExpr1 and pExpr2.
+*/
+static u8 binaryCompareP5(Expr *pExpr1, Expr *pExpr2, int jumpIfNull){
+ u8 aff = (char)sqlite3ExprAffinity(pExpr2);
+ aff = (u8)sqlite3CompareAffinity(pExpr1, aff) | (u8)jumpIfNull;
+ return aff;
+}
+
+/*
+** Return a pointer to the collation sequence that should be used by
+** a binary comparison operator comparing pLeft and pRight.
+**
+** If the left hand expression has a collating sequence type, then it is
+** used. Otherwise the collation sequence for the right hand expression
+** is used, or the default (BINARY) if neither expression has a collating
+** type.
+**
+** Argument pRight (but not pLeft) may be a null pointer. In this case,
+** it is not considered.
+*/
+SQLITE_PRIVATE CollSeq *sqlite3BinaryCompareCollSeq(
+ Parse *pParse,
+ Expr *pLeft,
+ Expr *pRight
+){
+ CollSeq *pColl;
+ assert( pLeft );
+ if( pLeft->flags & EP_Collate ){
+ pColl = sqlite3ExprCollSeq(pParse, pLeft);
+ }else if( pRight && (pRight->flags & EP_Collate)!=0 ){
+ pColl = sqlite3ExprCollSeq(pParse, pRight);
+ }else{
+ pColl = sqlite3ExprCollSeq(pParse, pLeft);
+ if( !pColl ){
+ pColl = sqlite3ExprCollSeq(pParse, pRight);
+ }
+ }
+ return pColl;
+}
+
+/*
+** Generate code for a comparison operator.
+*/
+static int codeCompare(
+ Parse *pParse, /* The parsing (and code generating) context */
+ Expr *pLeft, /* The left operand */
+ Expr *pRight, /* The right operand */
+ int opcode, /* The comparison opcode */
+ int in1, int in2, /* Register holding operands */
+ int dest, /* Jump here if true. */
+ int jumpIfNull /* If true, jump if either operand is NULL */
+){
+ int p5;
+ int addr;
+ CollSeq *p4;
+
+ p4 = sqlite3BinaryCompareCollSeq(pParse, pLeft, pRight);
+ p5 = binaryCompareP5(pLeft, pRight, jumpIfNull);
+ addr = sqlite3VdbeAddOp4(pParse->pVdbe, opcode, in2, dest, in1,
+ (void*)p4, P4_COLLSEQ);
+ sqlite3VdbeChangeP5(pParse->pVdbe, (u8)p5);
+ return addr;
+}
+
+#if SQLITE_MAX_EXPR_DEPTH>0
+/*
+** Check that argument nHeight is less than or equal to the maximum
+** expression depth allowed. If it is not, leave an error message in
+** pParse.
+*/
+SQLITE_PRIVATE int sqlite3ExprCheckHeight(Parse *pParse, int nHeight){
+ int rc = SQLITE_OK;
+ int mxHeight = pParse->db->aLimit[SQLITE_LIMIT_EXPR_DEPTH];
+ if( nHeight>mxHeight ){
+ sqlite3ErrorMsg(pParse,
+ "Expression tree is too large (maximum depth %d)", mxHeight
+ );
+ rc = SQLITE_ERROR;
+ }
+ return rc;
+}
+
+/* The following three functions, heightOfExpr(), heightOfExprList()
+** and heightOfSelect(), are used to determine the maximum height
+** of any expression tree referenced by the structure passed as the
+** first argument.
+**
+** If this maximum height is greater than the current value pointed
+** to by pnHeight, the second parameter, then set *pnHeight to that
+** value.
+*/
+static void heightOfExpr(Expr *p, int *pnHeight){
+ if( p ){
+ if( p->nHeight>*pnHeight ){
+ *pnHeight = p->nHeight;
+ }
+ }
+}
+static void heightOfExprList(ExprList *p, int *pnHeight){
+ if( p ){
+ int i;
+ for(i=0; i<p->nExpr; i++){
+ heightOfExpr(p->a[i].pExpr, pnHeight);
+ }
+ }
+}
+static void heightOfSelect(Select *p, int *pnHeight){
+ if( p ){
+ heightOfExpr(p->pWhere, pnHeight);
+ heightOfExpr(p->pHaving, pnHeight);
+ heightOfExpr(p->pLimit, pnHeight);
+ heightOfExpr(p->pOffset, pnHeight);
+ heightOfExprList(p->pEList, pnHeight);
+ heightOfExprList(p->pGroupBy, pnHeight);
+ heightOfExprList(p->pOrderBy, pnHeight);
+ heightOfSelect(p->pPrior, pnHeight);
+ }
+}
+
+/*
+** Set the Expr.nHeight variable in the structure passed as an
+** argument. An expression with no children, Expr.pList or
+** Expr.pSelect member has a height of 1. Any other expression
+** has a height equal to the maximum height of any other
+** referenced Expr plus one.
+**
+** Also propagate EP_Propagate flags up from Expr.x.pList to Expr.flags,
+** if appropriate.
+*/
+static void exprSetHeight(Expr *p){
+ int nHeight = 0;
+ heightOfExpr(p->pLeft, &nHeight);
+ heightOfExpr(p->pRight, &nHeight);
+ if( ExprHasProperty(p, EP_xIsSelect) ){
+ heightOfSelect(p->x.pSelect, &nHeight);
+ }else if( p->x.pList ){
+ heightOfExprList(p->x.pList, &nHeight);
+ p->flags |= EP_Propagate & sqlite3ExprListFlags(p->x.pList);
+ }
+ p->nHeight = nHeight + 1;
+}
+
+/*
+** Set the Expr.nHeight variable using the exprSetHeight() function. If
+** the height is greater than the maximum allowed expression depth,
+** leave an error in pParse.
+**
+** Also propagate all EP_Propagate flags from the Expr.x.pList into
+** Expr.flags.
+*/
+SQLITE_PRIVATE void sqlite3ExprSetHeightAndFlags(Parse *pParse, Expr *p){
+ if( pParse->nErr ) return;
+ exprSetHeight(p);
+ sqlite3ExprCheckHeight(pParse, p->nHeight);
+}
+
+/*
+** Return the maximum height of any expression tree referenced
+** by the select statement passed as an argument.
+*/
+SQLITE_PRIVATE int sqlite3SelectExprHeight(Select *p){
+ int nHeight = 0;
+ heightOfSelect(p, &nHeight);
+ return nHeight;
+}
+#else /* ABOVE: Height enforcement enabled. BELOW: Height enforcement off */
+/*
+** Propagate all EP_Propagate flags from the Expr.x.pList into
+** Expr.flags.
+*/
+SQLITE_PRIVATE void sqlite3ExprSetHeightAndFlags(Parse *pParse, Expr *p){
+ if( p && p->x.pList && !ExprHasProperty(p, EP_xIsSelect) ){
+ p->flags |= EP_Propagate & sqlite3ExprListFlags(p->x.pList);
+ }
+}
+#define exprSetHeight(y)
+#endif /* SQLITE_MAX_EXPR_DEPTH>0 */
+
+/*
+** This routine is the core allocator for Expr nodes.
+**
+** Construct a new expression node and return a pointer to it. Memory
+** for this node and for the pToken argument is a single allocation
+** obtained from sqlite3DbMalloc(). The calling function
+** is responsible for making sure the node eventually gets freed.
+**
+** If dequote is true, then the token (if it exists) is dequoted.
+** If dequote is false, no dequoting is performed. The deQuote
+** parameter is ignored if pToken is NULL or if the token does not
+** appear to be quoted. If the quotes were of the form "..." (double-quotes)
+** then the EP_DblQuoted flag is set on the expression node.
+**
+** Special case: If op==TK_INTEGER and pToken points to a string that
+** can be translated into a 32-bit integer, then the token is not
+** stored in u.zToken. Instead, the integer values is written
+** into u.iValue and the EP_IntValue flag is set. No extra storage
+** is allocated to hold the integer text and the dequote flag is ignored.
+*/
+SQLITE_PRIVATE Expr *sqlite3ExprAlloc(
+ sqlite3 *db, /* Handle for sqlite3DbMallocZero() (may be null) */
+ int op, /* Expression opcode */
+ const Token *pToken, /* Token argument. Might be NULL */
+ int dequote /* True to dequote */
+){
+ Expr *pNew;
+ int nExtra = 0;
+ int iValue = 0;
+
+ if( pToken ){
+ if( op!=TK_INTEGER || pToken->z==0
+ || sqlite3GetInt32(pToken->z, &iValue)==0 ){
+ nExtra = pToken->n+1;
+ assert( iValue>=0 );
+ }
+ }
+ pNew = sqlite3DbMallocZero(db, sizeof(Expr)+nExtra);
+ if( pNew ){
+ pNew->op = (u8)op;
+ pNew->iAgg = -1;
+ if( pToken ){
+ if( nExtra==0 ){
+ pNew->flags |= EP_IntValue;
+ pNew->u.iValue = iValue;
+ }else{
+ int c;
+ pNew->u.zToken = (char*)&pNew[1];
+ assert( pToken->z!=0 || pToken->n==0 );
+ if( pToken->n ) memcpy(pNew->u.zToken, pToken->z, pToken->n);
+ pNew->u.zToken[pToken->n] = 0;
+ if( dequote && nExtra>=3
+ && ((c = pToken->z[0])=='\'' || c=='"' || c=='[' || c=='`') ){
+ sqlite3Dequote(pNew->u.zToken);
+ if( c=='"' ) pNew->flags |= EP_DblQuoted;
+ }
+ }
+ }
+#if SQLITE_MAX_EXPR_DEPTH>0
+ pNew->nHeight = 1;
+#endif
+ }
+ return pNew;
+}
+
+/*
+** Allocate a new expression node from a zero-terminated token that has
+** already been dequoted.
+*/
+SQLITE_PRIVATE Expr *sqlite3Expr(
+ sqlite3 *db, /* Handle for sqlite3DbMallocZero() (may be null) */
+ int op, /* Expression opcode */
+ const char *zToken /* Token argument. Might be NULL */
+){
+ Token x;
+ x.z = zToken;
+ x.n = zToken ? sqlite3Strlen30(zToken) : 0;
+ return sqlite3ExprAlloc(db, op, &x, 0);
+}
+
+/*
+** Attach subtrees pLeft and pRight to the Expr node pRoot.
+**
+** If pRoot==NULL that means that a memory allocation error has occurred.
+** In that case, delete the subtrees pLeft and pRight.
+*/
+SQLITE_PRIVATE void sqlite3ExprAttachSubtrees(
+ sqlite3 *db,
+ Expr *pRoot,
+ Expr *pLeft,
+ Expr *pRight
+){
+ if( pRoot==0 ){
+ assert( db->mallocFailed );
+ sqlite3ExprDelete(db, pLeft);
+ sqlite3ExprDelete(db, pRight);
+ }else{
+ if( pRight ){
+ pRoot->pRight = pRight;
+ pRoot->flags |= EP_Propagate & pRight->flags;
+ }
+ if( pLeft ){
+ pRoot->pLeft = pLeft;
+ pRoot->flags |= EP_Propagate & pLeft->flags;
+ }
+ exprSetHeight(pRoot);
+ }
+}
+
+/*
+** Allocate an Expr node which joins as many as two subtrees.
+**
+** One or both of the subtrees can be NULL. Return a pointer to the new
+** Expr node. Or, if an OOM error occurs, set pParse->db->mallocFailed,
+** free the subtrees and return NULL.
+*/
+SQLITE_PRIVATE Expr *sqlite3PExpr(
+ Parse *pParse, /* Parsing context */
+ int op, /* Expression opcode */
+ Expr *pLeft, /* Left operand */
+ Expr *pRight, /* Right operand */
+ const Token *pToken /* Argument token */
+){
+ Expr *p;
+ if( op==TK_AND && pParse->nErr==0 ){
+ /* Take advantage of short-circuit false optimization for AND */
+ p = sqlite3ExprAnd(pParse->db, pLeft, pRight);
+ }else{
+ p = sqlite3ExprAlloc(pParse->db, op & TKFLG_MASK, pToken, 1);
+ sqlite3ExprAttachSubtrees(pParse->db, p, pLeft, pRight);
+ }
+ if( p ) {
+ sqlite3ExprCheckHeight(pParse, p->nHeight);
+ }
+ return p;
+}
+
+/*
+** If the expression is always either TRUE or FALSE (respectively),
+** then return 1. If one cannot determine the truth value of the
+** expression at compile-time return 0.
+**
+** This is an optimization. If is OK to return 0 here even if
+** the expression really is always false or false (a false negative).
+** But it is a bug to return 1 if the expression might have different
+** boolean values in different circumstances (a false positive.)
+**
+** Note that if the expression is part of conditional for a
+** LEFT JOIN, then we cannot determine at compile-time whether or not
+** is it true or false, so always return 0.
+*/
+static int exprAlwaysTrue(Expr *p){
+ int v = 0;
+ if( ExprHasProperty(p, EP_FromJoin) ) return 0;
+ if( !sqlite3ExprIsInteger(p, &v) ) return 0;
+ return v!=0;
+}
+static int exprAlwaysFalse(Expr *p){
+ int v = 0;
+ if( ExprHasProperty(p, EP_FromJoin) ) return 0;
+ if( !sqlite3ExprIsInteger(p, &v) ) return 0;
+ return v==0;
+}
+
+/*
+** Join two expressions using an AND operator. If either expression is
+** NULL, then just return the other expression.
+**
+** If one side or the other of the AND is known to be false, then instead
+** of returning an AND expression, just return a constant expression with
+** a value of false.
+*/
+SQLITE_PRIVATE Expr *sqlite3ExprAnd(sqlite3 *db, Expr *pLeft, Expr *pRight){
+ if( pLeft==0 ){
+ return pRight;
+ }else if( pRight==0 ){
+ return pLeft;
+ }else if( exprAlwaysFalse(pLeft) || exprAlwaysFalse(pRight) ){
+ sqlite3ExprDelete(db, pLeft);
+ sqlite3ExprDelete(db, pRight);
+ return sqlite3ExprAlloc(db, TK_INTEGER, &sqlite3IntTokens[0], 0);
+ }else{
+ Expr *pNew = sqlite3ExprAlloc(db, TK_AND, 0, 0);
+ sqlite3ExprAttachSubtrees(db, pNew, pLeft, pRight);
+ return pNew;
+ }
+}
+
+/*
+** Construct a new expression node for a function with multiple
+** arguments.
+*/
+SQLITE_PRIVATE Expr *sqlite3ExprFunction(Parse *pParse, ExprList *pList, Token *pToken){
+ Expr *pNew;
+ sqlite3 *db = pParse->db;
+ assert( pToken );
+ pNew = sqlite3ExprAlloc(db, TK_FUNCTION, pToken, 1);
+ if( pNew==0 ){
+ sqlite3ExprListDelete(db, pList); /* Avoid memory leak when malloc fails */
+ return 0;
+ }
+ pNew->x.pList = pList;
+ assert( !ExprHasProperty(pNew, EP_xIsSelect) );
+ sqlite3ExprSetHeightAndFlags(pParse, pNew);
+ return pNew;
+}
+
+/*
+** Assign a variable number to an expression that encodes a wildcard
+** in the original SQL statement.
+**
+** Wildcards consisting of a single "?" are assigned the next sequential
+** variable number.
+**
+** Wildcards of the form "?nnn" are assigned the number "nnn". We make
+** sure "nnn" is not too be to avoid a denial of service attack when
+** the SQL statement comes from an external source.
+**
+** Wildcards of the form ":aaa", "@aaa", or "$aaa" are assigned the same number
+** as the previous instance of the same wildcard. Or if this is the first
+** instance of the wildcard, the next sequential variable number is
+** assigned.
+*/
+SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr){
+ sqlite3 *db = pParse->db;
+ const char *z;
+
+ if( pExpr==0 ) return;
+ assert( !ExprHasProperty(pExpr, EP_IntValue|EP_Reduced|EP_TokenOnly) );
+ z = pExpr->u.zToken;
+ assert( z!=0 );
+ assert( z[0]!=0 );
+ if( z[1]==0 ){
+ /* Wildcard of the form "?". Assign the next variable number */
+ assert( z[0]=='?' );
+ pExpr->iColumn = (ynVar)(++pParse->nVar);
+ }else{
+ ynVar x = 0;
+ u32 n = sqlite3Strlen30(z);
+ if( z[0]=='?' ){
+ /* Wildcard of the form "?nnn". Convert "nnn" to an integer and
+ ** use it as the variable number */
+ i64 i;
+ int bOk = 0==sqlite3Atoi64(&z[1], &i, n-1, SQLITE_UTF8);
+ pExpr->iColumn = x = (ynVar)i;
+ testcase( i==0 );
+ testcase( i==1 );
+ testcase( i==db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER]-1 );
+ testcase( i==db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER] );
+ if( bOk==0 || i<1 || i>db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER] ){
+ sqlite3ErrorMsg(pParse, "variable number must be between ?1 and ?%d",
+ db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER]);
+ x = 0;
+ }
+ if( i>pParse->nVar ){
+ pParse->nVar = (int)i;
+ }
+ }else{
+ /* Wildcards like ":aaa", "$aaa" or "@aaa". Reuse the same variable
+ ** number as the prior appearance of the same name, or if the name
+ ** has never appeared before, reuse the same variable number
+ */
+ ynVar i;
+ for(i=0; i<pParse->nzVar; i++){
+ if( pParse->azVar[i] && strcmp(pParse->azVar[i],z)==0 ){
+ pExpr->iColumn = x = (ynVar)i+1;
+ break;
+ }
+ }
+ if( x==0 ) x = pExpr->iColumn = (ynVar)(++pParse->nVar);
+ }
+ if( x>0 ){
+ if( x>pParse->nzVar ){
+ char **a;
+ a = sqlite3DbRealloc(db, pParse->azVar, x*sizeof(a[0]));
+ if( a==0 ) return; /* Error reported through db->mallocFailed */
+ pParse->azVar = a;
+ memset(&a[pParse->nzVar], 0, (x-pParse->nzVar)*sizeof(a[0]));
+ pParse->nzVar = x;
+ }
+ if( z[0]!='?' || pParse->azVar[x-1]==0 ){
+ sqlite3DbFree(db, pParse->azVar[x-1]);
+ pParse->azVar[x-1] = sqlite3DbStrNDup(db, z, n);
+ }
+ }
+ }
+ if( !pParse->nErr && pParse->nVar>db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER] ){
+ sqlite3ErrorMsg(pParse, "too many SQL variables");
+ }
+}
+
+/*
+** Recursively delete an expression tree.
+*/
+SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3 *db, Expr *p){
+ if( p==0 ) return;
+ /* Sanity check: Assert that the IntValue is non-negative if it exists */
+ assert( !ExprHasProperty(p, EP_IntValue) || p->u.iValue>=0 );
+ if( !ExprHasProperty(p, EP_TokenOnly) ){
+ /* The Expr.x union is never used at the same time as Expr.pRight */
+ assert( p->x.pList==0 || p->pRight==0 );
+ sqlite3ExprDelete(db, p->pLeft);
+ sqlite3ExprDelete(db, p->pRight);
+ if( ExprHasProperty(p, EP_MemToken) ) sqlite3DbFree(db, p->u.zToken);
+ if( ExprHasProperty(p, EP_xIsSelect) ){
+ sqlite3SelectDelete(db, p->x.pSelect);
+ }else{
+ sqlite3ExprListDelete(db, p->x.pList);
+ }
+ }
+ if( !ExprHasProperty(p, EP_Static) ){
+ sqlite3DbFree(db, p);
+ }
+}
+
+/*
+** Return the number of bytes allocated for the expression structure
+** passed as the first argument. This is always one of EXPR_FULLSIZE,
+** EXPR_REDUCEDSIZE or EXPR_TOKENONLYSIZE.
+*/
+static int exprStructSize(Expr *p){
+ if( ExprHasProperty(p, EP_TokenOnly) ) return EXPR_TOKENONLYSIZE;
+ if( ExprHasProperty(p, EP_Reduced) ) return EXPR_REDUCEDSIZE;
+ return EXPR_FULLSIZE;
+}
+
+/*
+** The dupedExpr*Size() routines each return the number of bytes required
+** to store a copy of an expression or expression tree. They differ in
+** how much of the tree is measured.
+**
+** dupedExprStructSize() Size of only the Expr structure
+** dupedExprNodeSize() Size of Expr + space for token
+** dupedExprSize() Expr + token + subtree components
+**
+***************************************************************************
+**
+** The dupedExprStructSize() function returns two values OR-ed together:
+** (1) the space required for a copy of the Expr structure only and
+** (2) the EP_xxx flags that indicate what the structure size should be.
+** The return values is always one of:
+**
+** EXPR_FULLSIZE
+** EXPR_REDUCEDSIZE | EP_Reduced
+** EXPR_TOKENONLYSIZE | EP_TokenOnly
+**
+** The size of the structure can be found by masking the return value
+** of this routine with 0xfff. The flags can be found by masking the
+** return value with EP_Reduced|EP_TokenOnly.
+**
+** Note that with flags==EXPRDUP_REDUCE, this routines works on full-size
+** (unreduced) Expr objects as they or originally constructed by the parser.
+** During expression analysis, extra information is computed and moved into
+** later parts of teh Expr object and that extra information might get chopped
+** off if the expression is reduced. Note also that it does not work to
+** make an EXPRDUP_REDUCE copy of a reduced expression. It is only legal
+** to reduce a pristine expression tree from the parser. The implementation
+** of dupedExprStructSize() contain multiple assert() statements that attempt
+** to enforce this constraint.
+*/
+static int dupedExprStructSize(Expr *p, int flags){
+ int nSize;
+ assert( flags==EXPRDUP_REDUCE || flags==0 ); /* Only one flag value allowed */
+ assert( EXPR_FULLSIZE<=0xfff );
+ assert( (0xfff & (EP_Reduced|EP_TokenOnly))==0 );
+ if( 0==(flags&EXPRDUP_REDUCE) ){
+ nSize = EXPR_FULLSIZE;
+ }else{
+ assert( !ExprHasProperty(p, EP_TokenOnly|EP_Reduced) );
+ assert( !ExprHasProperty(p, EP_FromJoin) );
+ assert( !ExprHasProperty(p, EP_MemToken) );
+ assert( !ExprHasProperty(p, EP_NoReduce) );
+ if( p->pLeft || p->x.pList ){
+ nSize = EXPR_REDUCEDSIZE | EP_Reduced;
+ }else{
+ assert( p->pRight==0 );
+ nSize = EXPR_TOKENONLYSIZE | EP_TokenOnly;
+ }
+ }
+ return nSize;
+}
+
+/*
+** This function returns the space in bytes required to store the copy
+** of the Expr structure and a copy of the Expr.u.zToken string (if that
+** string is defined.)
+*/
+static int dupedExprNodeSize(Expr *p, int flags){
+ int nByte = dupedExprStructSize(p, flags) & 0xfff;
+ if( !ExprHasProperty(p, EP_IntValue) && p->u.zToken ){
+ nByte += sqlite3Strlen30(p->u.zToken)+1;
+ }
+ return ROUND8(nByte);
+}
+
+/*
+** Return the number of bytes required to create a duplicate of the
+** expression passed as the first argument. The second argument is a
+** mask containing EXPRDUP_XXX flags.
+**
+** The value returned includes space to create a copy of the Expr struct
+** itself and the buffer referred to by Expr.u.zToken, if any.
+**
+** If the EXPRDUP_REDUCE flag is set, then the return value includes
+** space to duplicate all Expr nodes in the tree formed by Expr.pLeft
+** and Expr.pRight variables (but not for any structures pointed to or
+** descended from the Expr.x.pList or Expr.x.pSelect variables).
+*/
+static int dupedExprSize(Expr *p, int flags){
+ int nByte = 0;
+ if( p ){
+ nByte = dupedExprNodeSize(p, flags);
+ if( flags&EXPRDUP_REDUCE ){
+ nByte += dupedExprSize(p->pLeft, flags) + dupedExprSize(p->pRight, flags);
+ }
+ }
+ return nByte;
+}
+
+/*
+** This function is similar to sqlite3ExprDup(), except that if pzBuffer
+** is not NULL then *pzBuffer is assumed to point to a buffer large enough
+** to store the copy of expression p, the copies of p->u.zToken
+** (if applicable), and the copies of the p->pLeft and p->pRight expressions,
+** if any. Before returning, *pzBuffer is set to the first byte past the
+** portion of the buffer copied into by this function.
+*/
+static Expr *exprDup(sqlite3 *db, Expr *p, int flags, u8 **pzBuffer){
+ Expr *pNew = 0; /* Value to return */
+ assert( flags==0 || flags==EXPRDUP_REDUCE );
+ if( p ){
+ const int isReduced = (flags&EXPRDUP_REDUCE);
+ u8 *zAlloc;
+ u32 staticFlag = 0;
+
+ assert( pzBuffer==0 || isReduced );
+
+ /* Figure out where to write the new Expr structure. */
+ if( pzBuffer ){
+ zAlloc = *pzBuffer;
+ staticFlag = EP_Static;
+ }else{
+ zAlloc = sqlite3DbMallocRaw(db, dupedExprSize(p, flags));
+ }
+ pNew = (Expr *)zAlloc;
+
+ if( pNew ){
+ /* Set nNewSize to the size allocated for the structure pointed to
+ ** by pNew. This is either EXPR_FULLSIZE, EXPR_REDUCEDSIZE or
+ ** EXPR_TOKENONLYSIZE. nToken is set to the number of bytes consumed
+ ** by the copy of the p->u.zToken string (if any).
+ */
+ const unsigned nStructSize = dupedExprStructSize(p, flags);
+ const int nNewSize = nStructSize & 0xfff;
+ int nToken;
+ if( !ExprHasProperty(p, EP_IntValue) && p->u.zToken ){
+ nToken = sqlite3Strlen30(p->u.zToken) + 1;
+ }else{
+ nToken = 0;
+ }
+ if( isReduced ){
+ assert( ExprHasProperty(p, EP_Reduced)==0 );
+ memcpy(zAlloc, p, nNewSize);
+ }else{
+ u32 nSize = (u32)exprStructSize(p);
+ memcpy(zAlloc, p, nSize);
+ if( nSize<EXPR_FULLSIZE ){
+ memset(&zAlloc[nSize], 0, EXPR_FULLSIZE-nSize);
+ }
+ }
+
+ /* Set the EP_Reduced, EP_TokenOnly, and EP_Static flags appropriately. */
+ pNew->flags &= ~(EP_Reduced|EP_TokenOnly|EP_Static|EP_MemToken);
+ pNew->flags |= nStructSize & (EP_Reduced|EP_TokenOnly);
+ pNew->flags |= staticFlag;
+
+ /* Copy the p->u.zToken string, if any. */
+ if( nToken ){
+ char *zToken = pNew->u.zToken = (char*)&zAlloc[nNewSize];
+ memcpy(zToken, p->u.zToken, nToken);
+ }
+
+ if( 0==((p->flags|pNew->flags) & EP_TokenOnly) ){
+ /* Fill in the pNew->x.pSelect or pNew->x.pList member. */
+ if( ExprHasProperty(p, EP_xIsSelect) ){
+ pNew->x.pSelect = sqlite3SelectDup(db, p->x.pSelect, isReduced);
+ }else{
+ pNew->x.pList = sqlite3ExprListDup(db, p->x.pList, isReduced);
+ }
+ }
+
+ /* Fill in pNew->pLeft and pNew->pRight. */
+ if( ExprHasProperty(pNew, EP_Reduced|EP_TokenOnly) ){
+ zAlloc += dupedExprNodeSize(p, flags);
+ if( ExprHasProperty(pNew, EP_Reduced) ){
+ pNew->pLeft = exprDup(db, p->pLeft, EXPRDUP_REDUCE, &zAlloc);
+ pNew->pRight = exprDup(db, p->pRight, EXPRDUP_REDUCE, &zAlloc);
+ }
+ if( pzBuffer ){
+ *pzBuffer = zAlloc;
+ }
+ }else{
+ if( !ExprHasProperty(p, EP_TokenOnly) ){
+ pNew->pLeft = sqlite3ExprDup(db, p->pLeft, 0);
+ pNew->pRight = sqlite3ExprDup(db, p->pRight, 0);
+ }
+ }
+
+ }
+ }
+ return pNew;
+}
+
+/*
+** Create and return a deep copy of the object passed as the second
+** argument. If an OOM condition is encountered, NULL is returned
+** and the db->mallocFailed flag set.
+*/
+#ifndef SQLITE_OMIT_CTE
+static With *withDup(sqlite3 *db, With *p){
+ With *pRet = 0;
+ if( p ){
+ int nByte = sizeof(*p) + sizeof(p->a[0]) * (p->nCte-1);
+ pRet = sqlite3DbMallocZero(db, nByte);
+ if( pRet ){
+ int i;
+ pRet->nCte = p->nCte;
+ for(i=0; i<p->nCte; i++){
+ pRet->a[i].pSelect = sqlite3SelectDup(db, p->a[i].pSelect, 0);
+ pRet->a[i].pCols = sqlite3ExprListDup(db, p->a[i].pCols, 0);
+ pRet->a[i].zName = sqlite3DbStrDup(db, p->a[i].zName);
+ }
+ }
+ }
+ return pRet;
+}
+#else
+# define withDup(x,y) 0
+#endif
+
+/*
+** The following group of routines make deep copies of expressions,
+** expression lists, ID lists, and select statements. The copies can
+** be deleted (by being passed to their respective ...Delete() routines)
+** without effecting the originals.
+**
+** The expression list, ID, and source lists return by sqlite3ExprListDup(),
+** sqlite3IdListDup(), and sqlite3SrcListDup() can not be further expanded
+** by subsequent calls to sqlite*ListAppend() routines.
+**
+** Any tables that the SrcList might point to are not duplicated.
+**
+** The flags parameter contains a combination of the EXPRDUP_XXX flags.
+** If the EXPRDUP_REDUCE flag is set, then the structure returned is a
+** truncated version of the usual Expr structure that will be stored as
+** part of the in-memory representation of the database schema.
+*/
+SQLITE_PRIVATE Expr *sqlite3ExprDup(sqlite3 *db, Expr *p, int flags){
+ assert( flags==0 || flags==EXPRDUP_REDUCE );
+ return exprDup(db, p, flags, 0);
+}
+SQLITE_PRIVATE ExprList *sqlite3ExprListDup(sqlite3 *db, ExprList *p, int flags){
+ ExprList *pNew;
+ struct ExprList_item *pItem, *pOldItem;
+ int i;
+ if( p==0 ) return 0;
+ pNew = sqlite3DbMallocRaw(db, sizeof(*pNew) );
+ if( pNew==0 ) return 0;
+ pNew->nExpr = i = p->nExpr;
+ if( (flags & EXPRDUP_REDUCE)==0 ) for(i=1; i<p->nExpr; i+=i){}
+ pNew->a = pItem = sqlite3DbMallocRaw(db, i*sizeof(p->a[0]) );
+ if( pItem==0 ){
+ sqlite3DbFree(db, pNew);
+ return 0;
+ }
+ pOldItem = p->a;
+ for(i=0; i<p->nExpr; i++, pItem++, pOldItem++){
+ Expr *pOldExpr = pOldItem->pExpr;
+ pItem->pExpr = sqlite3ExprDup(db, pOldExpr, flags);
+ pItem->zName = sqlite3DbStrDup(db, pOldItem->zName);
+ pItem->zSpan = sqlite3DbStrDup(db, pOldItem->zSpan);
+ pItem->sortOrder = pOldItem->sortOrder;
+ pItem->done = 0;
+ pItem->bSpanIsTab = pOldItem->bSpanIsTab;
+ pItem->u = pOldItem->u;
+ }
+ return pNew;
+}
+
+/*
+** If cursors, triggers, views and subqueries are all omitted from
+** the build, then none of the following routines, except for
+** sqlite3SelectDup(), can be called. sqlite3SelectDup() is sometimes
+** called with a NULL argument.
+*/
+#if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_TRIGGER) \
+ || !defined(SQLITE_OMIT_SUBQUERY)
+SQLITE_PRIVATE SrcList *sqlite3SrcListDup(sqlite3 *db, SrcList *p, int flags){
+ SrcList *pNew;
+ int i;
+ int nByte;
+ if( p==0 ) return 0;
+ nByte = sizeof(*p) + (p->nSrc>0 ? sizeof(p->a[0]) * (p->nSrc-1) : 0);
+ pNew = sqlite3DbMallocRaw(db, nByte );
+ if( pNew==0 ) return 0;
+ pNew->nSrc = pNew->nAlloc = p->nSrc;
+ for(i=0; i<p->nSrc; i++){
+ struct SrcList_item *pNewItem = &pNew->a[i];
+ struct SrcList_item *pOldItem = &p->a[i];
+ Table *pTab;
+ pNewItem->pSchema = pOldItem->pSchema;
+ pNewItem->zDatabase = sqlite3DbStrDup(db, pOldItem->zDatabase);
+ pNewItem->zName = sqlite3DbStrDup(db, pOldItem->zName);
+ pNewItem->zAlias = sqlite3DbStrDup(db, pOldItem->zAlias);
+ pNewItem->fg = pOldItem->fg;
+ pNewItem->iCursor = pOldItem->iCursor;
+ pNewItem->addrFillSub = pOldItem->addrFillSub;
+ pNewItem->regReturn = pOldItem->regReturn;
+ if( pNewItem->fg.isIndexedBy ){
+ pNewItem->u1.zIndexedBy = sqlite3DbStrDup(db, pOldItem->u1.zIndexedBy);
+ }
+ pNewItem->pIBIndex = pOldItem->pIBIndex;
+ if( pNewItem->fg.isTabFunc ){
+ pNewItem->u1.pFuncArg =
+ sqlite3ExprListDup(db, pOldItem->u1.pFuncArg, flags);
+ }
+ pTab = pNewItem->pTab = pOldItem->pTab;
+ if( pTab ){
+ pTab->nRef++;
+ }
+ pNewItem->pSelect = sqlite3SelectDup(db, pOldItem->pSelect, flags);
+ pNewItem->pOn = sqlite3ExprDup(db, pOldItem->pOn, flags);
+ pNewItem->pUsing = sqlite3IdListDup(db, pOldItem->pUsing);
+ pNewItem->colUsed = pOldItem->colUsed;
+ }
+ return pNew;
+}
+SQLITE_PRIVATE IdList *sqlite3IdListDup(sqlite3 *db, IdList *p){
+ IdList *pNew;
+ int i;
+ if( p==0 ) return 0;
+ pNew = sqlite3DbMallocRaw(db, sizeof(*pNew) );
+ if( pNew==0 ) return 0;
+ pNew->nId = p->nId;
+ pNew->a = sqlite3DbMallocRaw(db, p->nId*sizeof(p->a[0]) );
+ if( pNew->a==0 ){
+ sqlite3DbFree(db, pNew);
+ return 0;
+ }
+ /* Note that because the size of the allocation for p->a[] is not
+ ** necessarily a power of two, sqlite3IdListAppend() may not be called
+ ** on the duplicate created by this function. */
+ for(i=0; i<p->nId; i++){
+ struct IdList_item *pNewItem = &pNew->a[i];
+ struct IdList_item *pOldItem = &p->a[i];
+ pNewItem->zName = sqlite3DbStrDup(db, pOldItem->zName);
+ pNewItem->idx = pOldItem->idx;
+ }
+ return pNew;
+}
+SQLITE_PRIVATE Select *sqlite3SelectDup(sqlite3 *db, Select *p, int flags){
+ Select *pNew, *pPrior;
+ if( p==0 ) return 0;
+ pNew = sqlite3DbMallocRaw(db, sizeof(*p) );
+ if( pNew==0 ) return 0;
+ pNew->pEList = sqlite3ExprListDup(db, p->pEList, flags);
+ pNew->pSrc = sqlite3SrcListDup(db, p->pSrc, flags);
+ pNew->pWhere = sqlite3ExprDup(db, p->pWhere, flags);
+ pNew->pGroupBy = sqlite3ExprListDup(db, p->pGroupBy, flags);
+ pNew->pHaving = sqlite3ExprDup(db, p->pHaving, flags);
+ pNew->pOrderBy = sqlite3ExprListDup(db, p->pOrderBy, flags);
+ pNew->op = p->op;
+ pNew->pPrior = pPrior = sqlite3SelectDup(db, p->pPrior, flags);
+ if( pPrior ) pPrior->pNext = pNew;
+ pNew->pNext = 0;
+ pNew->pLimit = sqlite3ExprDup(db, p->pLimit, flags);
+ pNew->pOffset = sqlite3ExprDup(db, p->pOffset, flags);
+ pNew->iLimit = 0;
+ pNew->iOffset = 0;
+ pNew->selFlags = p->selFlags & ~SF_UsesEphemeral;
+ pNew->addrOpenEphm[0] = -1;
+ pNew->addrOpenEphm[1] = -1;
+ pNew->nSelectRow = p->nSelectRow;
+ pNew->pWith = withDup(db, p->pWith);
+ sqlite3SelectSetName(pNew, p->zSelName);
+ return pNew;
+}
+#else
+SQLITE_PRIVATE Select *sqlite3SelectDup(sqlite3 *db, Select *p, int flags){
+ assert( p==0 );
+ return 0;
+}
+#endif
+
+
+/*
+** Add a new element to the end of an expression list. If pList is
+** initially NULL, then create a new expression list.
+**
+** If a memory allocation error occurs, the entire list is freed and
+** NULL is returned. If non-NULL is returned, then it is guaranteed
+** that the new entry was successfully appended.
+*/
+SQLITE_PRIVATE ExprList *sqlite3ExprListAppend(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* List to which to append. Might be NULL */
+ Expr *pExpr /* Expression to be appended. Might be NULL */
+){
+ sqlite3 *db = pParse->db;
+ if( pList==0 ){
+ pList = sqlite3DbMallocZero(db, sizeof(ExprList) );
+ if( pList==0 ){
+ goto no_mem;
+ }
+ pList->a = sqlite3DbMallocRaw(db, sizeof(pList->a[0]));
+ if( pList->a==0 ) goto no_mem;
+ }else if( (pList->nExpr & (pList->nExpr-1))==0 ){
+ struct ExprList_item *a;
+ assert( pList->nExpr>0 );
+ a = sqlite3DbRealloc(db, pList->a, pList->nExpr*2*sizeof(pList->a[0]));
+ if( a==0 ){
+ goto no_mem;
+ }
+ pList->a = a;
+ }
+ assert( pList->a!=0 );
+ if( 1 ){
+ struct ExprList_item *pItem = &pList->a[pList->nExpr++];
+ memset(pItem, 0, sizeof(*pItem));
+ pItem->pExpr = pExpr;
+ }
+ return pList;
+
+no_mem:
+ /* Avoid leaking memory if malloc has failed. */
+ sqlite3ExprDelete(db, pExpr);
+ sqlite3ExprListDelete(db, pList);
+ return 0;
+}
+
+/*
+** Set the sort order for the last element on the given ExprList.
+*/
+SQLITE_PRIVATE void sqlite3ExprListSetSortOrder(ExprList *p, int iSortOrder){
+ if( p==0 ) return;
+ assert( SQLITE_SO_UNDEFINED<0 && SQLITE_SO_ASC>=0 && SQLITE_SO_DESC>0 );
+ assert( p->nExpr>0 );
+ if( iSortOrder<0 ){
+ assert( p->a[p->nExpr-1].sortOrder==SQLITE_SO_ASC );
+ return;
+ }
+ p->a[p->nExpr-1].sortOrder = (u8)iSortOrder;
+}
+
+/*
+** Set the ExprList.a[].zName element of the most recently added item
+** on the expression list.
+**
+** pList might be NULL following an OOM error. But pName should never be
+** NULL. If a memory allocation fails, the pParse->db->mallocFailed flag
+** is set.
+*/
+SQLITE_PRIVATE void sqlite3ExprListSetName(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* List to which to add the span. */
+ Token *pName, /* Name to be added */
+ int dequote /* True to cause the name to be dequoted */
+){
+ assert( pList!=0 || pParse->db->mallocFailed!=0 );
+ if( pList ){
+ struct ExprList_item *pItem;
+ assert( pList->nExpr>0 );
+ pItem = &pList->a[pList->nExpr-1];
+ assert( pItem->zName==0 );
+ pItem->zName = sqlite3DbStrNDup(pParse->db, pName->z, pName->n);
+ if( dequote && pItem->zName ) sqlite3Dequote(pItem->zName);
+ }
+}
+
+/*
+** Set the ExprList.a[].zSpan element of the most recently added item
+** on the expression list.
+**
+** pList might be NULL following an OOM error. But pSpan should never be
+** NULL. If a memory allocation fails, the pParse->db->mallocFailed flag
+** is set.
+*/
+SQLITE_PRIVATE void sqlite3ExprListSetSpan(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* List to which to add the span. */
+ ExprSpan *pSpan /* The span to be added */
+){
+ sqlite3 *db = pParse->db;
+ assert( pList!=0 || db->mallocFailed!=0 );
+ if( pList ){
+ struct ExprList_item *pItem = &pList->a[pList->nExpr-1];
+ assert( pList->nExpr>0 );
+ assert( db->mallocFailed || pItem->pExpr==pSpan->pExpr );
+ sqlite3DbFree(db, pItem->zSpan);
+ pItem->zSpan = sqlite3DbStrNDup(db, (char*)pSpan->zStart,
+ (int)(pSpan->zEnd - pSpan->zStart));
+ }
+}
+
+/*
+** If the expression list pEList contains more than iLimit elements,
+** leave an error message in pParse.
+*/
+SQLITE_PRIVATE void sqlite3ExprListCheckLength(
+ Parse *pParse,
+ ExprList *pEList,
+ const char *zObject
+){
+ int mx = pParse->db->aLimit[SQLITE_LIMIT_COLUMN];
+ testcase( pEList && pEList->nExpr==mx );
+ testcase( pEList && pEList->nExpr==mx+1 );
+ if( pEList && pEList->nExpr>mx ){
+ sqlite3ErrorMsg(pParse, "too many columns in %s", zObject);
+ }
+}
+
+/*
+** Delete an entire expression list.
+*/
+SQLITE_PRIVATE void sqlite3ExprListDelete(sqlite3 *db, ExprList *pList){
+ int i;
+ struct ExprList_item *pItem;
+ if( pList==0 ) return;
+ assert( pList->a!=0 || pList->nExpr==0 );
+ for(pItem=pList->a, i=0; i<pList->nExpr; i++, pItem++){
+ sqlite3ExprDelete(db, pItem->pExpr);
+ sqlite3DbFree(db, pItem->zName);
+ sqlite3DbFree(db, pItem->zSpan);
+ }
+ sqlite3DbFree(db, pList->a);
+ sqlite3DbFree(db, pList);
+}
+
+/*
+** Return the bitwise-OR of all Expr.flags fields in the given
+** ExprList.
+*/
+SQLITE_PRIVATE u32 sqlite3ExprListFlags(const ExprList *pList){
+ int i;
+ u32 m = 0;
+ if( pList ){
+ for(i=0; i<pList->nExpr; i++){
+ Expr *pExpr = pList->a[i].pExpr;
+ if( ALWAYS(pExpr) ) m |= pExpr->flags;
+ }
+ }
+ return m;
+}
+
+/*
+** These routines are Walker callbacks used to check expressions to
+** see if they are "constant" for some definition of constant. The
+** Walker.eCode value determines the type of "constant" we are looking
+** for.
+**
+** These callback routines are used to implement the following:
+**
+** sqlite3ExprIsConstant() pWalker->eCode==1
+** sqlite3ExprIsConstantNotJoin() pWalker->eCode==2
+** sqlite3ExprIsTableConstant() pWalker->eCode==3
+** sqlite3ExprIsConstantOrFunction() pWalker->eCode==4 or 5
+**
+** In all cases, the callbacks set Walker.eCode=0 and abort if the expression
+** is found to not be a constant.
+**
+** The sqlite3ExprIsConstantOrFunction() is used for evaluating expressions
+** in a CREATE TABLE statement. The Walker.eCode value is 5 when parsing
+** an existing schema and 4 when processing a new statement. A bound
+** parameter raises an error for new statements, but is silently converted
+** to NULL for existing schemas. This allows sqlite_master tables that
+** contain a bound parameter because they were generated by older versions
+** of SQLite to be parsed by newer versions of SQLite without raising a
+** malformed schema error.
+*/
+static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
+
+ /* If pWalker->eCode is 2 then any term of the expression that comes from
+ ** the ON or USING clauses of a left join disqualifies the expression
+ ** from being considered constant. */
+ if( pWalker->eCode==2 && ExprHasProperty(pExpr, EP_FromJoin) ){
+ pWalker->eCode = 0;
+ return WRC_Abort;
+ }
+
+ switch( pExpr->op ){
+ /* Consider functions to be constant if all their arguments are constant
+ ** and either pWalker->eCode==4 or 5 or the function has the
+ ** SQLITE_FUNC_CONST flag. */
+ case TK_FUNCTION:
+ if( pWalker->eCode>=4 || ExprHasProperty(pExpr,EP_ConstFunc) ){
+ return WRC_Continue;
+ }else{
+ pWalker->eCode = 0;
+ return WRC_Abort;
+ }
+ case TK_ID:
+ case TK_COLUMN:
+ case TK_AGG_FUNCTION:
+ case TK_AGG_COLUMN:
+ testcase( pExpr->op==TK_ID );
+ testcase( pExpr->op==TK_COLUMN );
+ testcase( pExpr->op==TK_AGG_FUNCTION );
+ testcase( pExpr->op==TK_AGG_COLUMN );
+ if( pWalker->eCode==3 && pExpr->iTable==pWalker->u.iCur ){
+ return WRC_Continue;
+ }else{
+ pWalker->eCode = 0;
+ return WRC_Abort;
+ }
+ case TK_VARIABLE:
+ if( pWalker->eCode==5 ){
+ /* Silently convert bound parameters that appear inside of CREATE
+ ** statements into a NULL when parsing the CREATE statement text out
+ ** of the sqlite_master table */
+ pExpr->op = TK_NULL;
+ }else if( pWalker->eCode==4 ){
+ /* A bound parameter in a CREATE statement that originates from
+ ** sqlite3_prepare() causes an error */
+ pWalker->eCode = 0;
+ return WRC_Abort;
+ }
+ /* Fall through */
+ default:
+ testcase( pExpr->op==TK_SELECT ); /* selectNodeIsConstant will disallow */
+ testcase( pExpr->op==TK_EXISTS ); /* selectNodeIsConstant will disallow */
+ return WRC_Continue;
+ }
+}
+static int selectNodeIsConstant(Walker *pWalker, Select *NotUsed){
+ UNUSED_PARAMETER(NotUsed);
+ pWalker->eCode = 0;
+ return WRC_Abort;
+}
+static int exprIsConst(Expr *p, int initFlag, int iCur){
+ Walker w;
+ memset(&w, 0, sizeof(w));
+ w.eCode = initFlag;
+ w.xExprCallback = exprNodeIsConstant;
+ w.xSelectCallback = selectNodeIsConstant;
+ w.u.iCur = iCur;
+ sqlite3WalkExpr(&w, p);
+ return w.eCode;
+}
+
+/*
+** Walk an expression tree. Return non-zero if the expression is constant
+** and 0 if it involves variables or function calls.
+**
+** For the purposes of this function, a double-quoted string (ex: "abc")
+** is considered a variable but a single-quoted string (ex: 'abc') is
+** a constant.
+*/
+SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr *p){
+ return exprIsConst(p, 1, 0);
+}
+
+/*
+** Walk an expression tree. Return non-zero if the expression is constant
+** that does no originate from the ON or USING clauses of a join.
+** Return 0 if it involves variables or function calls or terms from
+** an ON or USING clause.
+*/
+SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr *p){
+ return exprIsConst(p, 2, 0);
+}
+
+/*
+** Walk an expression tree. Return non-zero if the expression is constant
+** for any single row of the table with cursor iCur. In other words, the
+** expression must not refer to any non-deterministic function nor any
+** table other than iCur.
+*/
+SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
+ return exprIsConst(p, 3, iCur);
+}
+
+/*
+** Walk an expression tree. Return non-zero if the expression is constant
+** or a function call with constant arguments. Return and 0 if there
+** are any variables.
+**
+** For the purposes of this function, a double-quoted string (ex: "abc")
+** is considered a variable but a single-quoted string (ex: 'abc') is
+** a constant.
+*/
+SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr *p, u8 isInit){
+ assert( isInit==0 || isInit==1 );
+ return exprIsConst(p, 4+isInit, 0);
+}
+
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+/*
+** Walk an expression tree. Return 1 if the expression contains a
+** subquery of some kind. Return 0 if there are no subqueries.
+*/
+SQLITE_PRIVATE int sqlite3ExprContainsSubquery(Expr *p){
+ Walker w;
+ memset(&w, 0, sizeof(w));
+ w.eCode = 1;
+ w.xExprCallback = sqlite3ExprWalkNoop;
+ w.xSelectCallback = selectNodeIsConstant;
+ sqlite3WalkExpr(&w, p);
+ return w.eCode==0;
+}
+#endif
+
+/*
+** If the expression p codes a constant integer that is small enough
+** to fit in a 32-bit integer, return 1 and put the value of the integer
+** in *pValue. If the expression is not an integer or if it is too big
+** to fit in a signed 32-bit integer, return 0 and leave *pValue unchanged.
+*/
+SQLITE_PRIVATE int sqlite3ExprIsInteger(Expr *p, int *pValue){
+ int rc = 0;
+
+ /* If an expression is an integer literal that fits in a signed 32-bit
+ ** integer, then the EP_IntValue flag will have already been set */
+ assert( p->op!=TK_INTEGER || (p->flags & EP_IntValue)!=0
+ || sqlite3GetInt32(p->u.zToken, &rc)==0 );
+
+ if( p->flags & EP_IntValue ){
+ *pValue = p->u.iValue;
+ return 1;
+ }
+ switch( p->op ){
+ case TK_UPLUS: {
+ rc = sqlite3ExprIsInteger(p->pLeft, pValue);
+ break;
+ }
+ case TK_UMINUS: {
+ int v;
+ if( sqlite3ExprIsInteger(p->pLeft, &v) ){
+ assert( v!=(-2147483647-1) );
+ *pValue = -v;
+ rc = 1;
+ }
+ break;
+ }
+ default: break;
+ }
+ return rc;
+}
+
+/*
+** Return FALSE if there is no chance that the expression can be NULL.
+**
+** If the expression might be NULL or if the expression is too complex
+** to tell return TRUE.
+**
+** This routine is used as an optimization, to skip OP_IsNull opcodes
+** when we know that a value cannot be NULL. Hence, a false positive
+** (returning TRUE when in fact the expression can never be NULL) might
+** be a small performance hit but is otherwise harmless. On the other
+** hand, a false negative (returning FALSE when the result could be NULL)
+** will likely result in an incorrect answer. So when in doubt, return
+** TRUE.
+*/
+SQLITE_PRIVATE int sqlite3ExprCanBeNull(const Expr *p){
+ u8 op;
+ while( p->op==TK_UPLUS || p->op==TK_UMINUS ){ p = p->pLeft; }
+ op = p->op;
+ if( op==TK_REGISTER ) op = p->op2;
+ switch( op ){
+ case TK_INTEGER:
+ case TK_STRING:
+ case TK_FLOAT:
+ case TK_BLOB:
+ return 0;
+ case TK_COLUMN:
+ assert( p->pTab!=0 );
+ return ExprHasProperty(p, EP_CanBeNull) ||
+ (p->iColumn>=0 && p->pTab->aCol[p->iColumn].notNull==0);
+ default:
+ return 1;
+ }
+}
+
+/*
+** Return TRUE if the given expression is a constant which would be
+** unchanged by OP_Affinity with the affinity given in the second
+** argument.
+**
+** This routine is used to determine if the OP_Affinity operation
+** can be omitted. When in doubt return FALSE. A false negative
+** is harmless. A false positive, however, can result in the wrong
+** answer.
+*/
+SQLITE_PRIVATE int sqlite3ExprNeedsNoAffinityChange(const Expr *p, char aff){
+ u8 op;
+ if( aff==SQLITE_AFF_BLOB ) return 1;
+ while( p->op==TK_UPLUS || p->op==TK_UMINUS ){ p = p->pLeft; }
+ op = p->op;
+ if( op==TK_REGISTER ) op = p->op2;
+ switch( op ){
+ case TK_INTEGER: {
+ return aff==SQLITE_AFF_INTEGER || aff==SQLITE_AFF_NUMERIC;
+ }
+ case TK_FLOAT: {
+ return aff==SQLITE_AFF_REAL || aff==SQLITE_AFF_NUMERIC;
+ }
+ case TK_STRING: {
+ return aff==SQLITE_AFF_TEXT;
+ }
+ case TK_BLOB: {
+ return 1;
+ }
+ case TK_COLUMN: {
+ assert( p->iTable>=0 ); /* p cannot be part of a CHECK constraint */
+ return p->iColumn<0
+ && (aff==SQLITE_AFF_INTEGER || aff==SQLITE_AFF_NUMERIC);
+ }
+ default: {
+ return 0;
+ }
+ }
+}
+
+/*
+** Return TRUE if the given string is a row-id column name.
+*/
+SQLITE_PRIVATE int sqlite3IsRowid(const char *z){
+ if( sqlite3StrICmp(z, "_ROWID_")==0 ) return 1;
+ if( sqlite3StrICmp(z, "ROWID")==0 ) return 1;
+ if( sqlite3StrICmp(z, "OID")==0 ) return 1;
+ return 0;
+}
+
+/*
+** Return true if we are able to the IN operator optimization on a
+** query of the form
+**
+** x IN (SELECT ...)
+**
+** Where the SELECT... clause is as specified by the parameter to this
+** routine.
+**
+** The Select object passed in has already been preprocessed and no
+** errors have been found.
+*/
+#ifndef SQLITE_OMIT_SUBQUERY
+static int isCandidateForInOpt(Select *p){
+ SrcList *pSrc;
+ ExprList *pEList;
+ Table *pTab;
+ if( p==0 ) return 0; /* right-hand side of IN is SELECT */
+ if( p->pPrior ) return 0; /* Not a compound SELECT */
+ if( p->selFlags & (SF_Distinct|SF_Aggregate) ){
+ testcase( (p->selFlags & (SF_Distinct|SF_Aggregate))==SF_Distinct );
+ testcase( (p->selFlags & (SF_Distinct|SF_Aggregate))==SF_Aggregate );
+ return 0; /* No DISTINCT keyword and no aggregate functions */
+ }
+ assert( p->pGroupBy==0 ); /* Has no GROUP BY clause */
+ if( p->pLimit ) return 0; /* Has no LIMIT clause */
+ assert( p->pOffset==0 ); /* No LIMIT means no OFFSET */
+ if( p->pWhere ) return 0; /* Has no WHERE clause */
+ pSrc = p->pSrc;
+ assert( pSrc!=0 );
+ if( pSrc->nSrc!=1 ) return 0; /* Single term in FROM clause */
+ if( pSrc->a[0].pSelect ) return 0; /* FROM is not a subquery or view */
+ pTab = pSrc->a[0].pTab;
+ if( NEVER(pTab==0) ) return 0;
+ assert( pTab->pSelect==0 ); /* FROM clause is not a view */
+ if( IsVirtual(pTab) ) return 0; /* FROM clause not a virtual table */
+ pEList = p->pEList;
+ if( pEList->nExpr!=1 ) return 0; /* One column in the result set */
+ if( pEList->a[0].pExpr->op!=TK_COLUMN ) return 0; /* Result is a column */
+ return 1;
+}
+#endif /* SQLITE_OMIT_SUBQUERY */
+
+/*
+** Code an OP_Once instruction and allocate space for its flag. Return the
+** address of the new instruction.
+*/
+SQLITE_PRIVATE int sqlite3CodeOnce(Parse *pParse){
+ Vdbe *v = sqlite3GetVdbe(pParse); /* Virtual machine being coded */
+ return sqlite3VdbeAddOp1(v, OP_Once, pParse->nOnce++);
+}
+
+/*
+** Generate code that checks the left-most column of index table iCur to see if
+** it contains any NULL entries. Cause the register at regHasNull to be set
+** to a non-NULL value if iCur contains no NULLs. Cause register regHasNull
+** to be set to NULL if iCur contains one or more NULL values.
+*/
+static void sqlite3SetHasNullFlag(Vdbe *v, int iCur, int regHasNull){
+ int addr1;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, regHasNull);
+ addr1 = sqlite3VdbeAddOp1(v, OP_Rewind, iCur); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_Column, iCur, 0, regHasNull);
+ sqlite3VdbeChangeP5(v, OPFLAG_TYPEOFARG);
+ VdbeComment((v, "first_entry_in(%d)", iCur));
+ sqlite3VdbeJumpHere(v, addr1);
+}
+
+
+#ifndef SQLITE_OMIT_SUBQUERY
+/*
+** The argument is an IN operator with a list (not a subquery) on the
+** right-hand side. Return TRUE if that list is constant.
+*/
+static int sqlite3InRhsIsConstant(Expr *pIn){
+ Expr *pLHS;
+ int res;
+ assert( !ExprHasProperty(pIn, EP_xIsSelect) );
+ pLHS = pIn->pLeft;
+ pIn->pLeft = 0;
+ res = sqlite3ExprIsConstant(pIn);
+ pIn->pLeft = pLHS;
+ return res;
+}
+#endif
+
+/*
+** This function is used by the implementation of the IN (...) operator.
+** The pX parameter is the expression on the RHS of the IN operator, which
+** might be either a list of expressions or a subquery.
+**
+** The job of this routine is to find or create a b-tree object that can
+** be used either to test for membership in the RHS set or to iterate through
+** all members of the RHS set, skipping duplicates.
+**
+** A cursor is opened on the b-tree object that is the RHS of the IN operator
+** and pX->iTable is set to the index of that cursor.
+**
+** The returned value of this function indicates the b-tree type, as follows:
+**
+** IN_INDEX_ROWID - The cursor was opened on a database table.
+** IN_INDEX_INDEX_ASC - The cursor was opened on an ascending index.
+** IN_INDEX_INDEX_DESC - The cursor was opened on a descending index.
+** IN_INDEX_EPH - The cursor was opened on a specially created and
+** populated epheremal table.
+** IN_INDEX_NOOP - No cursor was allocated. The IN operator must be
+** implemented as a sequence of comparisons.
+**
+** An existing b-tree might be used if the RHS expression pX is a simple
+** subquery such as:
+**
+** SELECT <column> FROM <table>
+**
+** If the RHS of the IN operator is a list or a more complex subquery, then
+** an ephemeral table might need to be generated from the RHS and then
+** pX->iTable made to point to the ephemeral table instead of an
+** existing table.
+**
+** The inFlags parameter must contain exactly one of the bits
+** IN_INDEX_MEMBERSHIP or IN_INDEX_LOOP. If inFlags contains
+** IN_INDEX_MEMBERSHIP, then the generated table will be used for a
+** fast membership test. When the IN_INDEX_LOOP bit is set, the
+** IN index will be used to loop over all values of the RHS of the
+** IN operator.
+**
+** When IN_INDEX_LOOP is used (and the b-tree will be used to iterate
+** through the set members) then the b-tree must not contain duplicates.
+** An epheremal table must be used unless the selected <column> is guaranteed
+** to be unique - either because it is an INTEGER PRIMARY KEY or it
+** has a UNIQUE constraint or UNIQUE index.
+**
+** When IN_INDEX_MEMBERSHIP is used (and the b-tree will be used
+** for fast set membership tests) then an epheremal table must
+** be used unless <column> is an INTEGER PRIMARY KEY or an index can
+** be found with <column> as its left-most column.
+**
+** If the IN_INDEX_NOOP_OK and IN_INDEX_MEMBERSHIP are both set and
+** if the RHS of the IN operator is a list (not a subquery) then this
+** routine might decide that creating an ephemeral b-tree for membership
+** testing is too expensive and return IN_INDEX_NOOP. In that case, the
+** calling routine should implement the IN operator using a sequence
+** of Eq or Ne comparison operations.
+**
+** When the b-tree is being used for membership tests, the calling function
+** might need to know whether or not the RHS side of the IN operator
+** contains a NULL. If prRhsHasNull is not a NULL pointer and
+** if there is any chance that the (...) might contain a NULL value at
+** runtime, then a register is allocated and the register number written
+** to *prRhsHasNull. If there is no chance that the (...) contains a
+** NULL value, then *prRhsHasNull is left unchanged.
+**
+** If a register is allocated and its location stored in *prRhsHasNull, then
+** the value in that register will be NULL if the b-tree contains one or more
+** NULL values, and it will be some non-NULL value if the b-tree contains no
+** NULL values.
+*/
+#ifndef SQLITE_OMIT_SUBQUERY
+SQLITE_PRIVATE int sqlite3FindInIndex(Parse *pParse, Expr *pX, u32 inFlags, int *prRhsHasNull){
+ Select *p; /* SELECT to the right of IN operator */
+ int eType = 0; /* Type of RHS table. IN_INDEX_* */
+ int iTab = pParse->nTab++; /* Cursor of the RHS table */
+ int mustBeUnique; /* True if RHS must be unique */
+ Vdbe *v = sqlite3GetVdbe(pParse); /* Virtual machine being coded */
+
+ assert( pX->op==TK_IN );
+ mustBeUnique = (inFlags & IN_INDEX_LOOP)!=0;
+
+ /* Check to see if an existing table or index can be used to
+ ** satisfy the query. This is preferable to generating a new
+ ** ephemeral table.
+ */
+ p = (ExprHasProperty(pX, EP_xIsSelect) ? pX->x.pSelect : 0);
+ if( pParse->nErr==0 && isCandidateForInOpt(p) ){
+ sqlite3 *db = pParse->db; /* Database connection */
+ Table *pTab; /* Table <table>. */
+ Expr *pExpr; /* Expression <column> */
+ i16 iCol; /* Index of column <column> */
+ i16 iDb; /* Database idx for pTab */
+
+ assert( p ); /* Because of isCandidateForInOpt(p) */
+ assert( p->pEList!=0 ); /* Because of isCandidateForInOpt(p) */
+ assert( p->pEList->a[0].pExpr!=0 ); /* Because of isCandidateForInOpt(p) */
+ assert( p->pSrc!=0 ); /* Because of isCandidateForInOpt(p) */
+ pTab = p->pSrc->a[0].pTab;
+ pExpr = p->pEList->a[0].pExpr;
+ iCol = (i16)pExpr->iColumn;
+
+ /* Code an OP_Transaction and OP_TableLock for <table>. */
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ sqlite3CodeVerifySchema(pParse, iDb);
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 0, pTab->zName);
+
+ /* This function is only called from two places. In both cases the vdbe
+ ** has already been allocated. So assume sqlite3GetVdbe() is always
+ ** successful here.
+ */
+ assert(v);
+ if( iCol<0 ){
+ int iAddr = sqlite3CodeOnce(pParse);
+ VdbeCoverage(v);
+
+ sqlite3OpenTable(pParse, iTab, iDb, pTab, OP_OpenRead);
+ eType = IN_INDEX_ROWID;
+
+ sqlite3VdbeJumpHere(v, iAddr);
+ }else{
+ Index *pIdx; /* Iterator variable */
+
+ /* The collation sequence used by the comparison. If an index is to
+ ** be used in place of a temp-table, it must be ordered according
+ ** to this collation sequence. */
+ CollSeq *pReq = sqlite3BinaryCompareCollSeq(pParse, pX->pLeft, pExpr);
+
+ /* Check that the affinity that will be used to perform the
+ ** comparison is the same as the affinity of the column. If
+ ** it is not, it is not possible to use any index.
+ */
+ int affinity_ok = sqlite3IndexAffinityOk(pX, pTab->aCol[iCol].affinity);
+
+ for(pIdx=pTab->pIndex; pIdx && eType==0 && affinity_ok; pIdx=pIdx->pNext){
+ if( (pIdx->aiColumn[0]==iCol)
+ && sqlite3FindCollSeq(db, ENC(db), pIdx->azColl[0], 0)==pReq
+ && (!mustBeUnique || (pIdx->nKeyCol==1 && IsUniqueIndex(pIdx)))
+ ){
+ int iAddr = sqlite3CodeOnce(pParse); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_OpenRead, iTab, pIdx->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
+ VdbeComment((v, "%s", pIdx->zName));
+ assert( IN_INDEX_INDEX_DESC == IN_INDEX_INDEX_ASC+1 );
+ eType = IN_INDEX_INDEX_ASC + pIdx->aSortOrder[0];
+
+ if( prRhsHasNull && !pTab->aCol[iCol].notNull ){
+ *prRhsHasNull = ++pParse->nMem;
+ sqlite3SetHasNullFlag(v, iTab, *prRhsHasNull);
+ }
+ sqlite3VdbeJumpHere(v, iAddr);
+ }
+ }
+ }
+ }
+
+ /* If no preexisting index is available for the IN clause
+ ** and IN_INDEX_NOOP is an allowed reply
+ ** and the RHS of the IN operator is a list, not a subquery
+ ** and the RHS is not contant or has two or fewer terms,
+ ** then it is not worth creating an ephemeral table to evaluate
+ ** the IN operator so return IN_INDEX_NOOP.
+ */
+ if( eType==0
+ && (inFlags & IN_INDEX_NOOP_OK)
+ && !ExprHasProperty(pX, EP_xIsSelect)
+ && (!sqlite3InRhsIsConstant(pX) || pX->x.pList->nExpr<=2)
+ ){
+ eType = IN_INDEX_NOOP;
+ }
+
+
+ if( eType==0 ){
+ /* Could not find an existing table or index to use as the RHS b-tree.
+ ** We will have to generate an ephemeral table to do the job.
+ */
+ u32 savedNQueryLoop = pParse->nQueryLoop;
+ int rMayHaveNull = 0;
+ eType = IN_INDEX_EPH;
+ if( inFlags & IN_INDEX_LOOP ){
+ pParse->nQueryLoop = 0;
+ if( pX->pLeft->iColumn<0 && !ExprHasProperty(pX, EP_xIsSelect) ){
+ eType = IN_INDEX_ROWID;
+ }
+ }else if( prRhsHasNull ){
+ *prRhsHasNull = rMayHaveNull = ++pParse->nMem;
+ }
+ sqlite3CodeSubselect(pParse, pX, rMayHaveNull, eType==IN_INDEX_ROWID);
+ pParse->nQueryLoop = savedNQueryLoop;
+ }else{
+ pX->iTable = iTab;
+ }
+ return eType;
+}
+#endif
+
+/*
+** Generate code for scalar subqueries used as a subquery expression, EXISTS,
+** or IN operators. Examples:
+**
+** (SELECT a FROM b) -- subquery
+** EXISTS (SELECT a FROM b) -- EXISTS subquery
+** x IN (4,5,11) -- IN operator with list on right-hand side
+** x IN (SELECT a FROM b) -- IN operator with subquery on the right
+**
+** The pExpr parameter describes the expression that contains the IN
+** operator or subquery.
+**
+** If parameter isRowid is non-zero, then expression pExpr is guaranteed
+** to be of the form "<rowid> IN (?, ?, ?)", where <rowid> is a reference
+** to some integer key column of a table B-Tree. In this case, use an
+** intkey B-Tree to store the set of IN(...) values instead of the usual
+** (slower) variable length keys B-Tree.
+**
+** If rMayHaveNull is non-zero, that means that the operation is an IN
+** (not a SELECT or EXISTS) and that the RHS might contains NULLs.
+** All this routine does is initialize the register given by rMayHaveNull
+** to NULL. Calling routines will take care of changing this register
+** value to non-NULL if the RHS is NULL-free.
+**
+** For a SELECT or EXISTS operator, return the register that holds the
+** result. For IN operators or if an error occurs, the return value is 0.
+*/
+#ifndef SQLITE_OMIT_SUBQUERY
+SQLITE_PRIVATE int sqlite3CodeSubselect(
+ Parse *pParse, /* Parsing context */
+ Expr *pExpr, /* The IN, SELECT, or EXISTS operator */
+ int rHasNullFlag, /* Register that records whether NULLs exist in RHS */
+ int isRowid /* If true, LHS of IN operator is a rowid */
+){
+ int jmpIfDynamic = -1; /* One-time test address */
+ int rReg = 0; /* Register storing resulting */
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ if( NEVER(v==0) ) return 0;
+ sqlite3ExprCachePush(pParse);
+
+ /* This code must be run in its entirety every time it is encountered
+ ** if any of the following is true:
+ **
+ ** * The right-hand side is a correlated subquery
+ ** * The right-hand side is an expression list containing variables
+ ** * We are inside a trigger
+ **
+ ** If all of the above are false, then we can run this code just once
+ ** save the results, and reuse the same result on subsequent invocations.
+ */
+ if( !ExprHasProperty(pExpr, EP_VarSelect) ){
+ jmpIfDynamic = sqlite3CodeOnce(pParse); VdbeCoverage(v);
+ }
+
+#ifndef SQLITE_OMIT_EXPLAIN
+ if( pParse->explain==2 ){
+ char *zMsg = sqlite3MPrintf(pParse->db, "EXECUTE %s%s SUBQUERY %d",
+ jmpIfDynamic>=0?"":"CORRELATED ",
+ pExpr->op==TK_IN?"LIST":"SCALAR",
+ pParse->iNextSelectId
+ );
+ sqlite3VdbeAddOp4(v, OP_Explain, pParse->iSelectId, 0, 0, zMsg, P4_DYNAMIC);
+ }
+#endif
+
+ switch( pExpr->op ){
+ case TK_IN: {
+ char affinity; /* Affinity of the LHS of the IN */
+ int addr; /* Address of OP_OpenEphemeral instruction */
+ Expr *pLeft = pExpr->pLeft; /* the LHS of the IN operator */
+ KeyInfo *pKeyInfo = 0; /* Key information */
+
+ affinity = sqlite3ExprAffinity(pLeft);
+
+ /* Whether this is an 'x IN(SELECT...)' or an 'x IN(<exprlist>)'
+ ** expression it is handled the same way. An ephemeral table is
+ ** filled with single-field index keys representing the results
+ ** from the SELECT or the <exprlist>.
+ **
+ ** If the 'x' expression is a column value, or the SELECT...
+ ** statement returns a column value, then the affinity of that
+ ** column is used to build the index keys. If both 'x' and the
+ ** SELECT... statement are columns, then numeric affinity is used
+ ** if either column has NUMERIC or INTEGER affinity. If neither
+ ** 'x' nor the SELECT... statement are columns, then numeric affinity
+ ** is used.
+ */
+ pExpr->iTable = pParse->nTab++;
+ addr = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, pExpr->iTable, !isRowid);
+ pKeyInfo = isRowid ? 0 : sqlite3KeyInfoAlloc(pParse->db, 1, 1);
+
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ /* Case 1: expr IN (SELECT ...)
+ **
+ ** Generate code to write the results of the select into the temporary
+ ** table allocated and opened above.
+ */
+ Select *pSelect = pExpr->x.pSelect;
+ SelectDest dest;
+ ExprList *pEList;
+
+ assert( !isRowid );
+ sqlite3SelectDestInit(&dest, SRT_Set, pExpr->iTable);
+ dest.affSdst = (u8)affinity;
+ assert( (pExpr->iTable&0x0000FFFF)==pExpr->iTable );
+ pSelect->iLimit = 0;
+ testcase( pSelect->selFlags & SF_Distinct );
+ testcase( pKeyInfo==0 ); /* Caused by OOM in sqlite3KeyInfoAlloc() */
+ if( sqlite3Select(pParse, pSelect, &dest) ){
+ sqlite3KeyInfoUnref(pKeyInfo);
+ return 0;
+ }
+ pEList = pSelect->pEList;
+ assert( pKeyInfo!=0 ); /* OOM will cause exit after sqlite3Select() */
+ assert( pEList!=0 );
+ assert( pEList->nExpr>0 );
+ assert( sqlite3KeyInfoIsWriteable(pKeyInfo) );
+ pKeyInfo->aColl[0] = sqlite3BinaryCompareCollSeq(pParse, pExpr->pLeft,
+ pEList->a[0].pExpr);
+ }else if( ALWAYS(pExpr->x.pList!=0) ){
+ /* Case 2: expr IN (exprlist)
+ **
+ ** For each expression, build an index key from the evaluation and
+ ** store it in the temporary table. If <expr> is a column, then use
+ ** that columns affinity when building index keys. If <expr> is not
+ ** a column, use numeric affinity.
+ */
+ int i;
+ ExprList *pList = pExpr->x.pList;
+ struct ExprList_item *pItem;
+ int r1, r2, r3;
+
+ if( !affinity ){
+ affinity = SQLITE_AFF_BLOB;
+ }
+ if( pKeyInfo ){
+ assert( sqlite3KeyInfoIsWriteable(pKeyInfo) );
+ pKeyInfo->aColl[0] = sqlite3ExprCollSeq(pParse, pExpr->pLeft);
+ }
+
+ /* Loop through each expression in <exprlist>. */
+ r1 = sqlite3GetTempReg(pParse);
+ r2 = sqlite3GetTempReg(pParse);
+ if( isRowid ) sqlite3VdbeAddOp2(v, OP_Null, 0, r2);
+ for(i=pList->nExpr, pItem=pList->a; i>0; i--, pItem++){
+ Expr *pE2 = pItem->pExpr;
+ int iValToIns;
+
+ /* If the expression is not constant then we will need to
+ ** disable the test that was generated above that makes sure
+ ** this code only executes once. Because for a non-constant
+ ** expression we need to rerun this code each time.
+ */
+ if( jmpIfDynamic>=0 && !sqlite3ExprIsConstant(pE2) ){
+ sqlite3VdbeChangeToNoop(v, jmpIfDynamic);
+ jmpIfDynamic = -1;
+ }
+
+ /* Evaluate the expression and insert it into the temp table */
+ if( isRowid && sqlite3ExprIsInteger(pE2, &iValToIns) ){
+ sqlite3VdbeAddOp3(v, OP_InsertInt, pExpr->iTable, r2, iValToIns);
+ }else{
+ r3 = sqlite3ExprCodeTarget(pParse, pE2, r1);
+ if( isRowid ){
+ sqlite3VdbeAddOp2(v, OP_MustBeInt, r3,
+ sqlite3VdbeCurrentAddr(v)+2);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_Insert, pExpr->iTable, r2, r3);
+ }else{
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, r3, 1, r2, &affinity, 1);
+ sqlite3ExprCacheAffinityChange(pParse, r3, 1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, pExpr->iTable, r2);
+ }
+ }
+ }
+ sqlite3ReleaseTempReg(pParse, r1);
+ sqlite3ReleaseTempReg(pParse, r2);
+ }
+ if( pKeyInfo ){
+ sqlite3VdbeChangeP4(v, addr, (void *)pKeyInfo, P4_KEYINFO);
+ }
+ break;
+ }
+
+ case TK_EXISTS:
+ case TK_SELECT:
+ default: {
+ /* If this has to be a scalar SELECT. Generate code to put the
+ ** value of this select in a memory cell and record the number
+ ** of the memory cell in iColumn. If this is an EXISTS, write
+ ** an integer 0 (not exists) or 1 (exists) into a memory cell
+ ** and record that memory cell in iColumn.
+ */
+ Select *pSel; /* SELECT statement to encode */
+ SelectDest dest; /* How to deal with SELECt result */
+
+ testcase( pExpr->op==TK_EXISTS );
+ testcase( pExpr->op==TK_SELECT );
+ assert( pExpr->op==TK_EXISTS || pExpr->op==TK_SELECT );
+
+ assert( ExprHasProperty(pExpr, EP_xIsSelect) );
+ pSel = pExpr->x.pSelect;
+ sqlite3SelectDestInit(&dest, 0, ++pParse->nMem);
+ if( pExpr->op==TK_SELECT ){
+ dest.eDest = SRT_Mem;
+ dest.iSdst = dest.iSDParm;
+ sqlite3VdbeAddOp2(v, OP_Null, 0, dest.iSDParm);
+ VdbeComment((v, "Init subquery result"));
+ }else{
+ dest.eDest = SRT_Exists;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, dest.iSDParm);
+ VdbeComment((v, "Init EXISTS result"));
+ }
+ sqlite3ExprDelete(pParse->db, pSel->pLimit);
+ pSel->pLimit = sqlite3PExpr(pParse, TK_INTEGER, 0, 0,
+ &sqlite3IntTokens[1]);
+ pSel->iLimit = 0;
+ pSel->selFlags &= ~SF_MultiValue;
+ if( sqlite3Select(pParse, pSel, &dest) ){
+ return 0;
+ }
+ rReg = dest.iSDParm;
+ ExprSetVVAProperty(pExpr, EP_NoReduce);
+ break;
+ }
+ }
+
+ if( rHasNullFlag ){
+ sqlite3SetHasNullFlag(v, pExpr->iTable, rHasNullFlag);
+ }
+
+ if( jmpIfDynamic>=0 ){
+ sqlite3VdbeJumpHere(v, jmpIfDynamic);
+ }
+ sqlite3ExprCachePop(pParse);
+
+ return rReg;
+}
+#endif /* SQLITE_OMIT_SUBQUERY */
+
+#ifndef SQLITE_OMIT_SUBQUERY
+/*
+** Generate code for an IN expression.
+**
+** x IN (SELECT ...)
+** x IN (value, value, ...)
+**
+** The left-hand side (LHS) is a scalar expression. The right-hand side (RHS)
+** is an array of zero or more values. The expression is true if the LHS is
+** contained within the RHS. The value of the expression is unknown (NULL)
+** if the LHS is NULL or if the LHS is not contained within the RHS and the
+** RHS contains one or more NULL values.
+**
+** This routine generates code that jumps to destIfFalse if the LHS is not
+** contained within the RHS. If due to NULLs we cannot determine if the LHS
+** is contained in the RHS then jump to destIfNull. If the LHS is contained
+** within the RHS then fall through.
+*/
+static void sqlite3ExprCodeIN(
+ Parse *pParse, /* Parsing and code generating context */
+ Expr *pExpr, /* The IN expression */
+ int destIfFalse, /* Jump here if LHS is not contained in the RHS */
+ int destIfNull /* Jump here if the results are unknown due to NULLs */
+){
+ int rRhsHasNull = 0; /* Register that is true if RHS contains NULL values */
+ char affinity; /* Comparison affinity to use */
+ int eType; /* Type of the RHS */
+ int r1; /* Temporary use register */
+ Vdbe *v; /* Statement under construction */
+
+ /* Compute the RHS. After this step, the table with cursor
+ ** pExpr->iTable will contains the values that make up the RHS.
+ */
+ v = pParse->pVdbe;
+ assert( v!=0 ); /* OOM detected prior to this routine */
+ VdbeNoopComment((v, "begin IN expr"));
+ eType = sqlite3FindInIndex(pParse, pExpr,
+ IN_INDEX_MEMBERSHIP | IN_INDEX_NOOP_OK,
+ destIfFalse==destIfNull ? 0 : &rRhsHasNull);
+
+ /* Figure out the affinity to use to create a key from the results
+ ** of the expression. affinityStr stores a static string suitable for
+ ** P4 of OP_MakeRecord.
+ */
+ affinity = comparisonAffinity(pExpr);
+
+ /* Code the LHS, the <expr> from "<expr> IN (...)".
+ */
+ sqlite3ExprCachePush(pParse);
+ r1 = sqlite3GetTempReg(pParse);
+ sqlite3ExprCode(pParse, pExpr->pLeft, r1);
+
+ /* If sqlite3FindInIndex() did not find or create an index that is
+ ** suitable for evaluating the IN operator, then evaluate using a
+ ** sequence of comparisons.
+ */
+ if( eType==IN_INDEX_NOOP ){
+ ExprList *pList = pExpr->x.pList;
+ CollSeq *pColl = sqlite3ExprCollSeq(pParse, pExpr->pLeft);
+ int labelOk = sqlite3VdbeMakeLabel(v);
+ int r2, regToFree;
+ int regCkNull = 0;
+ int ii;
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ if( destIfNull!=destIfFalse ){
+ regCkNull = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_BitAnd, r1, r1, regCkNull);
+ }
+ for(ii=0; ii<pList->nExpr; ii++){
+ r2 = sqlite3ExprCodeTemp(pParse, pList->a[ii].pExpr, &regToFree);
+ if( regCkNull && sqlite3ExprCanBeNull(pList->a[ii].pExpr) ){
+ sqlite3VdbeAddOp3(v, OP_BitAnd, regCkNull, r2, regCkNull);
+ }
+ if( ii<pList->nExpr-1 || destIfNull!=destIfFalse ){
+ sqlite3VdbeAddOp4(v, OP_Eq, r1, labelOk, r2,
+ (void*)pColl, P4_COLLSEQ);
+ VdbeCoverageIf(v, ii<pList->nExpr-1);
+ VdbeCoverageIf(v, ii==pList->nExpr-1);
+ sqlite3VdbeChangeP5(v, affinity);
+ }else{
+ assert( destIfNull==destIfFalse );
+ sqlite3VdbeAddOp4(v, OP_Ne, r1, destIfFalse, r2,
+ (void*)pColl, P4_COLLSEQ); VdbeCoverage(v);
+ sqlite3VdbeChangeP5(v, affinity | SQLITE_JUMPIFNULL);
+ }
+ sqlite3ReleaseTempReg(pParse, regToFree);
+ }
+ if( regCkNull ){
+ sqlite3VdbeAddOp2(v, OP_IsNull, regCkNull, destIfNull); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, destIfFalse);
+ }
+ sqlite3VdbeResolveLabel(v, labelOk);
+ sqlite3ReleaseTempReg(pParse, regCkNull);
+ }else{
+
+ /* If the LHS is NULL, then the result is either false or NULL depending
+ ** on whether the RHS is empty or not, respectively.
+ */
+ if( sqlite3ExprCanBeNull(pExpr->pLeft) ){
+ if( destIfNull==destIfFalse ){
+ /* Shortcut for the common case where the false and NULL outcomes are
+ ** the same. */
+ sqlite3VdbeAddOp2(v, OP_IsNull, r1, destIfNull); VdbeCoverage(v);
+ }else{
+ int addr1 = sqlite3VdbeAddOp1(v, OP_NotNull, r1); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Rewind, pExpr->iTable, destIfFalse);
+ VdbeCoverage(v);
+ sqlite3VdbeGoto(v, destIfNull);
+ sqlite3VdbeJumpHere(v, addr1);
+ }
+ }
+
+ if( eType==IN_INDEX_ROWID ){
+ /* In this case, the RHS is the ROWID of table b-tree
+ */
+ sqlite3VdbeAddOp2(v, OP_MustBeInt, r1, destIfFalse); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_NotExists, pExpr->iTable, destIfFalse, r1);
+ VdbeCoverage(v);
+ }else{
+ /* In this case, the RHS is an index b-tree.
+ */
+ sqlite3VdbeAddOp4(v, OP_Affinity, r1, 1, 0, &affinity, 1);
+
+ /* If the set membership test fails, then the result of the
+ ** "x IN (...)" expression must be either 0 or NULL. If the set
+ ** contains no NULL values, then the result is 0. If the set
+ ** contains one or more NULL values, then the result of the
+ ** expression is also NULL.
+ */
+ assert( destIfFalse!=destIfNull || rRhsHasNull==0 );
+ if( rRhsHasNull==0 ){
+ /* This branch runs if it is known at compile time that the RHS
+ ** cannot contain NULL values. This happens as the result
+ ** of a "NOT NULL" constraint in the database schema.
+ **
+ ** Also run this branch if NULL is equivalent to FALSE
+ ** for this particular IN operator.
+ */
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, pExpr->iTable, destIfFalse, r1, 1);
+ VdbeCoverage(v);
+ }else{
+ /* In this branch, the RHS of the IN might contain a NULL and
+ ** the presence of a NULL on the RHS makes a difference in the
+ ** outcome.
+ */
+ int addr1;
+
+ /* First check to see if the LHS is contained in the RHS. If so,
+ ** then the answer is TRUE the presence of NULLs in the RHS does
+ ** not matter. If the LHS is not contained in the RHS, then the
+ ** answer is NULL if the RHS contains NULLs and the answer is
+ ** FALSE if the RHS is NULL-free.
+ */
+ addr1 = sqlite3VdbeAddOp4Int(v, OP_Found, pExpr->iTable, 0, r1, 1);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_IsNull, rRhsHasNull, destIfNull);
+ VdbeCoverage(v);
+ sqlite3VdbeGoto(v, destIfFalse);
+ sqlite3VdbeJumpHere(v, addr1);
+ }
+ }
+ }
+ sqlite3ReleaseTempReg(pParse, r1);
+ sqlite3ExprCachePop(pParse);
+ VdbeComment((v, "end IN expr"));
+}
+#endif /* SQLITE_OMIT_SUBQUERY */
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/*
+** Generate an instruction that will put the floating point
+** value described by z[0..n-1] into register iMem.
+**
+** The z[] string will probably not be zero-terminated. But the
+** z[n] character is guaranteed to be something that does not look
+** like the continuation of the number.
+*/
+static void codeReal(Vdbe *v, const char *z, int negateFlag, int iMem){
+ if( ALWAYS(z!=0) ){
+ double value;
+ sqlite3AtoF(z, &value, sqlite3Strlen30(z), SQLITE_UTF8);
+ assert( !sqlite3IsNaN(value) ); /* The new AtoF never returns NaN */
+ if( negateFlag ) value = -value;
+ sqlite3VdbeAddOp4Dup8(v, OP_Real, 0, iMem, 0, (u8*)&value, P4_REAL);
+ }
+}
+#endif
+
+
+/*
+** Generate an instruction that will put the integer describe by
+** text z[0..n-1] into register iMem.
+**
+** Expr.u.zToken is always UTF8 and zero-terminated.
+*/
+static void codeInteger(Parse *pParse, Expr *pExpr, int negFlag, int iMem){
+ Vdbe *v = pParse->pVdbe;
+ if( pExpr->flags & EP_IntValue ){
+ int i = pExpr->u.iValue;
+ assert( i>=0 );
+ if( negFlag ) i = -i;
+ sqlite3VdbeAddOp2(v, OP_Integer, i, iMem);
+ }else{
+ int c;
+ i64 value;
+ const char *z = pExpr->u.zToken;
+ assert( z!=0 );
+ c = sqlite3DecOrHexToI64(z, &value);
+ if( c==0 || (c==2 && negFlag) ){
+ if( negFlag ){ value = c==2 ? SMALLEST_INT64 : -value; }
+ sqlite3VdbeAddOp4Dup8(v, OP_Int64, 0, iMem, 0, (u8*)&value, P4_INT64);
+ }else{
+#ifdef SQLITE_OMIT_FLOATING_POINT
+ sqlite3ErrorMsg(pParse, "oversized integer: %s%s", negFlag ? "-" : "", z);
+#else
+#ifndef SQLITE_OMIT_HEX_INTEGER
+ if( sqlite3_strnicmp(z,"0x",2)==0 ){
+ sqlite3ErrorMsg(pParse, "hex literal too big: %s", z);
+ }else
+#endif
+ {
+ codeReal(v, z, negFlag, iMem);
+ }
+#endif
+ }
+ }
+}
+
+/*
+** Clear a cache entry.
+*/
+static void cacheEntryClear(Parse *pParse, struct yColCache *p){
+ if( p->tempReg ){
+ if( pParse->nTempReg<ArraySize(pParse->aTempReg) ){
+ pParse->aTempReg[pParse->nTempReg++] = p->iReg;
+ }
+ p->tempReg = 0;
+ }
+}
+
+
+/*
+** Record in the column cache that a particular column from a
+** particular table is stored in a particular register.
+*/
+SQLITE_PRIVATE void sqlite3ExprCacheStore(Parse *pParse, int iTab, int iCol, int iReg){
+ int i;
+ int minLru;
+ int idxLru;
+ struct yColCache *p;
+
+ /* Unless an error has occurred, register numbers are always positive. */
+ assert( iReg>0 || pParse->nErr || pParse->db->mallocFailed );
+ assert( iCol>=-1 && iCol<32768 ); /* Finite column numbers */
+
+ /* The SQLITE_ColumnCache flag disables the column cache. This is used
+ ** for testing only - to verify that SQLite always gets the same answer
+ ** with and without the column cache.
+ */
+ if( OptimizationDisabled(pParse->db, SQLITE_ColumnCache) ) return;
+
+ /* First replace any existing entry.
+ **
+ ** Actually, the way the column cache is currently used, we are guaranteed
+ ** that the object will never already be in cache. Verify this guarantee.
+ */
+#ifndef NDEBUG
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ assert( p->iReg==0 || p->iTable!=iTab || p->iColumn!=iCol );
+ }
+#endif
+
+ /* Find an empty slot and replace it */
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->iReg==0 ){
+ p->iLevel = pParse->iCacheLevel;
+ p->iTable = iTab;
+ p->iColumn = iCol;
+ p->iReg = iReg;
+ p->tempReg = 0;
+ p->lru = pParse->iCacheCnt++;
+ return;
+ }
+ }
+
+ /* Replace the last recently used */
+ minLru = 0x7fffffff;
+ idxLru = -1;
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->lru<minLru ){
+ idxLru = i;
+ minLru = p->lru;
+ }
+ }
+ if( ALWAYS(idxLru>=0) ){
+ p = &pParse->aColCache[idxLru];
+ p->iLevel = pParse->iCacheLevel;
+ p->iTable = iTab;
+ p->iColumn = iCol;
+ p->iReg = iReg;
+ p->tempReg = 0;
+ p->lru = pParse->iCacheCnt++;
+ return;
+ }
+}
+
+/*
+** Indicate that registers between iReg..iReg+nReg-1 are being overwritten.
+** Purge the range of registers from the column cache.
+*/
+SQLITE_PRIVATE void sqlite3ExprCacheRemove(Parse *pParse, int iReg, int nReg){
+ int i;
+ int iLast = iReg + nReg - 1;
+ struct yColCache *p;
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ int r = p->iReg;
+ if( r>=iReg && r<=iLast ){
+ cacheEntryClear(pParse, p);
+ p->iReg = 0;
+ }
+ }
+}
+
+/*
+** Remember the current column cache context. Any new entries added
+** added to the column cache after this call are removed when the
+** corresponding pop occurs.
+*/
+SQLITE_PRIVATE void sqlite3ExprCachePush(Parse *pParse){
+ pParse->iCacheLevel++;
+#ifdef SQLITE_DEBUG
+ if( pParse->db->flags & SQLITE_VdbeAddopTrace ){
+ printf("PUSH to %d\n", pParse->iCacheLevel);
+ }
+#endif
+}
+
+/*
+** Remove from the column cache any entries that were added since the
+** the previous sqlite3ExprCachePush operation. In other words, restore
+** the cache to the state it was in prior the most recent Push.
+*/
+SQLITE_PRIVATE void sqlite3ExprCachePop(Parse *pParse){
+ int i;
+ struct yColCache *p;
+ assert( pParse->iCacheLevel>=1 );
+ pParse->iCacheLevel--;
+#ifdef SQLITE_DEBUG
+ if( pParse->db->flags & SQLITE_VdbeAddopTrace ){
+ printf("POP to %d\n", pParse->iCacheLevel);
+ }
+#endif
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->iReg && p->iLevel>pParse->iCacheLevel ){
+ cacheEntryClear(pParse, p);
+ p->iReg = 0;
+ }
+ }
+}
+
+/*
+** When a cached column is reused, make sure that its register is
+** no longer available as a temp register. ticket #3879: that same
+** register might be in the cache in multiple places, so be sure to
+** get them all.
+*/
+static void sqlite3ExprCachePinRegister(Parse *pParse, int iReg){
+ int i;
+ struct yColCache *p;
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->iReg==iReg ){
+ p->tempReg = 0;
+ }
+ }
+}
+
+/* Generate code that will load into register regOut a value that is
+** appropriate for the iIdxCol-th column of index pIdx.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeLoadIndexColumn(
+ Parse *pParse, /* The parsing context */
+ Index *pIdx, /* The index whose column is to be loaded */
+ int iTabCur, /* Cursor pointing to a table row */
+ int iIdxCol, /* The column of the index to be loaded */
+ int regOut /* Store the index column value in this register */
+){
+ i16 iTabCol = pIdx->aiColumn[iIdxCol];
+ if( iTabCol==XN_EXPR ){
+ assert( pIdx->aColExpr );
+ assert( pIdx->aColExpr->nExpr>iIdxCol );
+ pParse->iSelfTab = iTabCur;
+ sqlite3ExprCodeCopy(pParse, pIdx->aColExpr->a[iIdxCol].pExpr, regOut);
+ }else{
+ sqlite3ExprCodeGetColumnOfTable(pParse->pVdbe, pIdx->pTable, iTabCur,
+ iTabCol, regOut);
+ }
+}
+
+/*
+** Generate code to extract the value of the iCol-th column of a table.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeGetColumnOfTable(
+ Vdbe *v, /* The VDBE under construction */
+ Table *pTab, /* The table containing the value */
+ int iTabCur, /* The table cursor. Or the PK cursor for WITHOUT ROWID */
+ int iCol, /* Index of the column to extract */
+ int regOut /* Extract the value into this register */
+){
+ if( iCol<0 || iCol==pTab->iPKey ){
+ sqlite3VdbeAddOp2(v, OP_Rowid, iTabCur, regOut);
+ }else{
+ int op = IsVirtual(pTab) ? OP_VColumn : OP_Column;
+ int x = iCol;
+ if( !HasRowid(pTab) ){
+ x = sqlite3ColumnOfIndex(sqlite3PrimaryKeyIndex(pTab), iCol);
+ }
+ sqlite3VdbeAddOp3(v, op, iTabCur, x, regOut);
+ }
+ if( iCol>=0 ){
+ sqlite3ColumnDefault(v, pTab, iCol, regOut);
+ }
+}
+
+/*
+** Generate code that will extract the iColumn-th column from
+** table pTab and store the column value in a register.
+**
+** An effort is made to store the column value in register iReg. This
+** is not garanteeed for GetColumn() - the result can be stored in
+** any register. But the result is guaranteed to land in register iReg
+** for GetColumnToReg().
+**
+** There must be an open cursor to pTab in iTable when this routine
+** is called. If iColumn<0 then code is generated that extracts the rowid.
+*/
+SQLITE_PRIVATE int sqlite3ExprCodeGetColumn(
+ Parse *pParse, /* Parsing and code generating context */
+ Table *pTab, /* Description of the table we are reading from */
+ int iColumn, /* Index of the table column */
+ int iTable, /* The cursor pointing to the table */
+ int iReg, /* Store results here */
+ u8 p5 /* P5 value for OP_Column + FLAGS */
+){
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ struct yColCache *p;
+
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->iReg>0 && p->iTable==iTable && p->iColumn==iColumn ){
+ p->lru = pParse->iCacheCnt++;
+ sqlite3ExprCachePinRegister(pParse, p->iReg);
+ return p->iReg;
+ }
+ }
+ assert( v!=0 );
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iTable, iColumn, iReg);
+ if( p5 ){
+ sqlite3VdbeChangeP5(v, p5);
+ }else{
+ sqlite3ExprCacheStore(pParse, iTable, iColumn, iReg);
+ }
+ return iReg;
+}
+SQLITE_PRIVATE void sqlite3ExprCodeGetColumnToReg(
+ Parse *pParse, /* Parsing and code generating context */
+ Table *pTab, /* Description of the table we are reading from */
+ int iColumn, /* Index of the table column */
+ int iTable, /* The cursor pointing to the table */
+ int iReg /* Store results here */
+){
+ int r1 = sqlite3ExprCodeGetColumn(pParse, pTab, iColumn, iTable, iReg, 0);
+ if( r1!=iReg ) sqlite3VdbeAddOp2(pParse->pVdbe, OP_SCopy, r1, iReg);
+}
+
+
+/*
+** Clear all column cache entries.
+*/
+SQLITE_PRIVATE void sqlite3ExprCacheClear(Parse *pParse){
+ int i;
+ struct yColCache *p;
+
+#if SQLITE_DEBUG
+ if( pParse->db->flags & SQLITE_VdbeAddopTrace ){
+ printf("CLEAR\n");
+ }
+#endif
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->iReg ){
+ cacheEntryClear(pParse, p);
+ p->iReg = 0;
+ }
+ }
+}
+
+/*
+** Record the fact that an affinity change has occurred on iCount
+** registers starting with iStart.
+*/
+SQLITE_PRIVATE void sqlite3ExprCacheAffinityChange(Parse *pParse, int iStart, int iCount){
+ sqlite3ExprCacheRemove(pParse, iStart, iCount);
+}
+
+/*
+** Generate code to move content from registers iFrom...iFrom+nReg-1
+** over to iTo..iTo+nReg-1. Keep the column cache up-to-date.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeMove(Parse *pParse, int iFrom, int iTo, int nReg){
+ assert( iFrom>=iTo+nReg || iFrom+nReg<=iTo );
+ sqlite3VdbeAddOp3(pParse->pVdbe, OP_Move, iFrom, iTo, nReg);
+ sqlite3ExprCacheRemove(pParse, iFrom, nReg);
+}
+
+#if defined(SQLITE_DEBUG) || defined(SQLITE_COVERAGE_TEST)
+/*
+** Return true if any register in the range iFrom..iTo (inclusive)
+** is used as part of the column cache.
+**
+** This routine is used within assert() and testcase() macros only
+** and does not appear in a normal build.
+*/
+static int usedAsColumnCache(Parse *pParse, int iFrom, int iTo){
+ int i;
+ struct yColCache *p;
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ int r = p->iReg;
+ if( r>=iFrom && r<=iTo ) return 1; /*NO_TEST*/
+ }
+ return 0;
+}
+#endif /* SQLITE_DEBUG || SQLITE_COVERAGE_TEST */
+
+/*
+** Convert an expression node to a TK_REGISTER
+*/
+static void exprToRegister(Expr *p, int iReg){
+ p->op2 = p->op;
+ p->op = TK_REGISTER;
+ p->iTable = iReg;
+ ExprClearProperty(p, EP_Skip);
+}
+
+/*
+** Generate code into the current Vdbe to evaluate the given
+** expression. Attempt to store the results in register "target".
+** Return the register where results are stored.
+**
+** With this routine, there is no guarantee that results will
+** be stored in target. The result might be stored in some other
+** register if it is convenient to do so. The calling function
+** must check the return code and move the results to the desired
+** register.
+*/
+SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target){
+ Vdbe *v = pParse->pVdbe; /* The VM under construction */
+ int op; /* The opcode being coded */
+ int inReg = target; /* Results stored in register inReg */
+ int regFree1 = 0; /* If non-zero free this temporary register */
+ int regFree2 = 0; /* If non-zero free this temporary register */
+ int r1, r2, r3, r4; /* Various register numbers */
+ sqlite3 *db = pParse->db; /* The database connection */
+ Expr tempX; /* Temporary expression node */
+
+ assert( target>0 && target<=pParse->nMem );
+ if( v==0 ){
+ assert( pParse->db->mallocFailed );
+ return 0;
+ }
+
+ if( pExpr==0 ){
+ op = TK_NULL;
+ }else{
+ op = pExpr->op;
+ }
+ switch( op ){
+ case TK_AGG_COLUMN: {
+ AggInfo *pAggInfo = pExpr->pAggInfo;
+ struct AggInfo_col *pCol = &pAggInfo->aCol[pExpr->iAgg];
+ if( !pAggInfo->directMode ){
+ assert( pCol->iMem>0 );
+ inReg = pCol->iMem;
+ break;
+ }else if( pAggInfo->useSortingIdx ){
+ sqlite3VdbeAddOp3(v, OP_Column, pAggInfo->sortingIdxPTab,
+ pCol->iSorterColumn, target);
+ break;
+ }
+ /* Otherwise, fall thru into the TK_COLUMN case */
+ }
+ case TK_COLUMN: {
+ int iTab = pExpr->iTable;
+ if( iTab<0 ){
+ if( pParse->ckBase>0 ){
+ /* Generating CHECK constraints or inserting into partial index */
+ inReg = pExpr->iColumn + pParse->ckBase;
+ break;
+ }else{
+ /* Coding an expression that is part of an index where column names
+ ** in the index refer to the table to which the index belongs */
+ iTab = pParse->iSelfTab;
+ }
+ }
+ inReg = sqlite3ExprCodeGetColumn(pParse, pExpr->pTab,
+ pExpr->iColumn, iTab, target,
+ pExpr->op2);
+ break;
+ }
+ case TK_INTEGER: {
+ codeInteger(pParse, pExpr, 0, target);
+ break;
+ }
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ case TK_FLOAT: {
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ codeReal(v, pExpr->u.zToken, 0, target);
+ break;
+ }
+#endif
+ case TK_STRING: {
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ sqlite3VdbeLoadString(v, target, pExpr->u.zToken);
+ break;
+ }
+ case TK_NULL: {
+ sqlite3VdbeAddOp2(v, OP_Null, 0, target);
+ break;
+ }
+#ifndef SQLITE_OMIT_BLOB_LITERAL
+ case TK_BLOB: {
+ int n;
+ const char *z;
+ char *zBlob;
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ assert( pExpr->u.zToken[0]=='x' || pExpr->u.zToken[0]=='X' );
+ assert( pExpr->u.zToken[1]=='\'' );
+ z = &pExpr->u.zToken[2];
+ n = sqlite3Strlen30(z) - 1;
+ assert( z[n]=='\'' );
+ zBlob = sqlite3HexToBlob(sqlite3VdbeDb(v), z, n);
+ sqlite3VdbeAddOp4(v, OP_Blob, n/2, target, 0, zBlob, P4_DYNAMIC);
+ break;
+ }
+#endif
+ case TK_VARIABLE: {
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ assert( pExpr->u.zToken!=0 );
+ assert( pExpr->u.zToken[0]!=0 );
+ sqlite3VdbeAddOp2(v, OP_Variable, pExpr->iColumn, target);
+ if( pExpr->u.zToken[1]!=0 ){
+ assert( pExpr->u.zToken[0]=='?'
+ || strcmp(pExpr->u.zToken, pParse->azVar[pExpr->iColumn-1])==0 );
+ sqlite3VdbeChangeP4(v, -1, pParse->azVar[pExpr->iColumn-1], P4_STATIC);
+ }
+ break;
+ }
+ case TK_REGISTER: {
+ inReg = pExpr->iTable;
+ break;
+ }
+#ifndef SQLITE_OMIT_CAST
+ case TK_CAST: {
+ /* Expressions of the form: CAST(pLeft AS token) */
+ inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
+ if( inReg!=target ){
+ sqlite3VdbeAddOp2(v, OP_SCopy, inReg, target);
+ inReg = target;
+ }
+ sqlite3VdbeAddOp2(v, OP_Cast, target,
+ sqlite3AffinityType(pExpr->u.zToken, 0));
+ testcase( usedAsColumnCache(pParse, inReg, inReg) );
+ sqlite3ExprCacheAffinityChange(pParse, inReg, 1);
+ break;
+ }
+#endif /* SQLITE_OMIT_CAST */
+ case TK_LT:
+ case TK_LE:
+ case TK_GT:
+ case TK_GE:
+ case TK_NE:
+ case TK_EQ: {
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ codeCompare(pParse, pExpr->pLeft, pExpr->pRight, op,
+ r1, r2, inReg, SQLITE_STOREP2);
+ assert(TK_LT==OP_Lt); testcase(op==OP_Lt); VdbeCoverageIf(v,op==OP_Lt);
+ assert(TK_LE==OP_Le); testcase(op==OP_Le); VdbeCoverageIf(v,op==OP_Le);
+ assert(TK_GT==OP_Gt); testcase(op==OP_Gt); VdbeCoverageIf(v,op==OP_Gt);
+ assert(TK_GE==OP_Ge); testcase(op==OP_Ge); VdbeCoverageIf(v,op==OP_Ge);
+ assert(TK_EQ==OP_Eq); testcase(op==OP_Eq); VdbeCoverageIf(v,op==OP_Eq);
+ assert(TK_NE==OP_Ne); testcase(op==OP_Ne); VdbeCoverageIf(v,op==OP_Ne);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_IS:
+ case TK_ISNOT: {
+ testcase( op==TK_IS );
+ testcase( op==TK_ISNOT );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ op = (op==TK_IS) ? TK_EQ : TK_NE;
+ codeCompare(pParse, pExpr->pLeft, pExpr->pRight, op,
+ r1, r2, inReg, SQLITE_STOREP2 | SQLITE_NULLEQ);
+ VdbeCoverageIf(v, op==TK_EQ);
+ VdbeCoverageIf(v, op==TK_NE);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_AND:
+ case TK_OR:
+ case TK_PLUS:
+ case TK_STAR:
+ case TK_MINUS:
+ case TK_REM:
+ case TK_BITAND:
+ case TK_BITOR:
+ case TK_SLASH:
+ case TK_LSHIFT:
+ case TK_RSHIFT:
+ case TK_CONCAT: {
+ assert( TK_AND==OP_And ); testcase( op==TK_AND );
+ assert( TK_OR==OP_Or ); testcase( op==TK_OR );
+ assert( TK_PLUS==OP_Add ); testcase( op==TK_PLUS );
+ assert( TK_MINUS==OP_Subtract ); testcase( op==TK_MINUS );
+ assert( TK_REM==OP_Remainder ); testcase( op==TK_REM );
+ assert( TK_BITAND==OP_BitAnd ); testcase( op==TK_BITAND );
+ assert( TK_BITOR==OP_BitOr ); testcase( op==TK_BITOR );
+ assert( TK_SLASH==OP_Divide ); testcase( op==TK_SLASH );
+ assert( TK_LSHIFT==OP_ShiftLeft ); testcase( op==TK_LSHIFT );
+ assert( TK_RSHIFT==OP_ShiftRight ); testcase( op==TK_RSHIFT );
+ assert( TK_CONCAT==OP_Concat ); testcase( op==TK_CONCAT );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ sqlite3VdbeAddOp3(v, op, r2, r1, target);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_UMINUS: {
+ Expr *pLeft = pExpr->pLeft;
+ assert( pLeft );
+ if( pLeft->op==TK_INTEGER ){
+ codeInteger(pParse, pLeft, 1, target);
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ }else if( pLeft->op==TK_FLOAT ){
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ codeReal(v, pLeft->u.zToken, 1, target);
+#endif
+ }else{
+ tempX.op = TK_INTEGER;
+ tempX.flags = EP_IntValue|EP_TokenOnly;
+ tempX.u.iValue = 0;
+ r1 = sqlite3ExprCodeTemp(pParse, &tempX, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree2);
+ sqlite3VdbeAddOp3(v, OP_Subtract, r2, r1, target);
+ testcase( regFree2==0 );
+ }
+ inReg = target;
+ break;
+ }
+ case TK_BITNOT:
+ case TK_NOT: {
+ assert( TK_BITNOT==OP_BitNot ); testcase( op==TK_BITNOT );
+ assert( TK_NOT==OP_Not ); testcase( op==TK_NOT );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ testcase( regFree1==0 );
+ inReg = target;
+ sqlite3VdbeAddOp2(v, op, r1, inReg);
+ break;
+ }
+ case TK_ISNULL:
+ case TK_NOTNULL: {
+ int addr;
+ assert( TK_ISNULL==OP_IsNull ); testcase( op==TK_ISNULL );
+ assert( TK_NOTNULL==OP_NotNull ); testcase( op==TK_NOTNULL );
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, target);
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ testcase( regFree1==0 );
+ addr = sqlite3VdbeAddOp1(v, op, r1);
+ VdbeCoverageIf(v, op==TK_ISNULL);
+ VdbeCoverageIf(v, op==TK_NOTNULL);
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, target);
+ sqlite3VdbeJumpHere(v, addr);
+ break;
+ }
+ case TK_AGG_FUNCTION: {
+ AggInfo *pInfo = pExpr->pAggInfo;
+ if( pInfo==0 ){
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ sqlite3ErrorMsg(pParse, "misuse of aggregate: %s()", pExpr->u.zToken);
+ }else{
+ inReg = pInfo->aFunc[pExpr->iAgg].iMem;
+ }
+ break;
+ }
+ case TK_FUNCTION: {
+ ExprList *pFarg; /* List of function arguments */
+ int nFarg; /* Number of function arguments */
+ FuncDef *pDef; /* The function definition object */
+ int nId; /* Length of the function name in bytes */
+ const char *zId; /* The function name */
+ u32 constMask = 0; /* Mask of function arguments that are constant */
+ int i; /* Loop counter */
+ u8 enc = ENC(db); /* The text encoding used by this database */
+ CollSeq *pColl = 0; /* A collating sequence */
+
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ if( ExprHasProperty(pExpr, EP_TokenOnly) ){
+ pFarg = 0;
+ }else{
+ pFarg = pExpr->x.pList;
+ }
+ nFarg = pFarg ? pFarg->nExpr : 0;
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ zId = pExpr->u.zToken;
+ nId = sqlite3Strlen30(zId);
+ pDef = sqlite3FindFunction(db, zId, nId, nFarg, enc, 0);
+ if( pDef==0 || pDef->xFunc==0 ){
+ sqlite3ErrorMsg(pParse, "unknown function: %.*s()", nId, zId);
+ break;
+ }
+
+ /* Attempt a direct implementation of the built-in COALESCE() and
+ ** IFNULL() functions. This avoids unnecessary evaluation of
+ ** arguments past the first non-NULL argument.
+ */
+ if( pDef->funcFlags & SQLITE_FUNC_COALESCE ){
+ int endCoalesce = sqlite3VdbeMakeLabel(v);
+ assert( nFarg>=2 );
+ sqlite3ExprCode(pParse, pFarg->a[0].pExpr, target);
+ for(i=1; i<nFarg; i++){
+ sqlite3VdbeAddOp2(v, OP_NotNull, target, endCoalesce);
+ VdbeCoverage(v);
+ sqlite3ExprCacheRemove(pParse, target, 1);
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprCode(pParse, pFarg->a[i].pExpr, target);
+ sqlite3ExprCachePop(pParse);
+ }
+ sqlite3VdbeResolveLabel(v, endCoalesce);
+ break;
+ }
+
+ /* The UNLIKELY() function is a no-op. The result is the value
+ ** of the first argument.
+ */
+ if( pDef->funcFlags & SQLITE_FUNC_UNLIKELY ){
+ assert( nFarg>=1 );
+ inReg = sqlite3ExprCodeTarget(pParse, pFarg->a[0].pExpr, target);
+ break;
+ }
+
+ for(i=0; i<nFarg; i++){
+ if( i<32 && sqlite3ExprIsConstant(pFarg->a[i].pExpr) ){
+ testcase( i==31 );
+ constMask |= MASKBIT32(i);
+ }
+ if( (pDef->funcFlags & SQLITE_FUNC_NEEDCOLL)!=0 && !pColl ){
+ pColl = sqlite3ExprCollSeq(pParse, pFarg->a[i].pExpr);
+ }
+ }
+ if( pFarg ){
+ if( constMask ){
+ r1 = pParse->nMem+1;
+ pParse->nMem += nFarg;
+ }else{
+ r1 = sqlite3GetTempRange(pParse, nFarg);
+ }
+
+ /* For length() and typeof() functions with a column argument,
+ ** set the P5 parameter to the OP_Column opcode to OPFLAG_LENGTHARG
+ ** or OPFLAG_TYPEOFARG respectively, to avoid unnecessary data
+ ** loading.
+ */
+ if( (pDef->funcFlags & (SQLITE_FUNC_LENGTH|SQLITE_FUNC_TYPEOF))!=0 ){
+ u8 exprOp;
+ assert( nFarg==1 );
+ assert( pFarg->a[0].pExpr!=0 );
+ exprOp = pFarg->a[0].pExpr->op;
+ if( exprOp==TK_COLUMN || exprOp==TK_AGG_COLUMN ){
+ assert( SQLITE_FUNC_LENGTH==OPFLAG_LENGTHARG );
+ assert( SQLITE_FUNC_TYPEOF==OPFLAG_TYPEOFARG );
+ testcase( pDef->funcFlags & OPFLAG_LENGTHARG );
+ pFarg->a[0].pExpr->op2 =
+ pDef->funcFlags & (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG);
+ }
+ }
+
+ sqlite3ExprCachePush(pParse); /* Ticket 2ea2425d34be */
+ sqlite3ExprCodeExprList(pParse, pFarg, r1, 0,
+ SQLITE_ECEL_DUP|SQLITE_ECEL_FACTOR);
+ sqlite3ExprCachePop(pParse); /* Ticket 2ea2425d34be */
+ }else{
+ r1 = 0;
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ /* Possibly overload the function if the first argument is
+ ** a virtual table column.
+ **
+ ** For infix functions (LIKE, GLOB, REGEXP, and MATCH) use the
+ ** second argument, not the first, as the argument to test to
+ ** see if it is a column in a virtual table. This is done because
+ ** the left operand of infix functions (the operand we want to
+ ** control overloading) ends up as the second argument to the
+ ** function. The expression "A glob B" is equivalent to
+ ** "glob(B,A). We want to use the A in "A glob B" to test
+ ** for function overloading. But we use the B term in "glob(B,A)".
+ */
+ if( nFarg>=2 && (pExpr->flags & EP_InfixFunc) ){
+ pDef = sqlite3VtabOverloadFunction(db, pDef, nFarg, pFarg->a[1].pExpr);
+ }else if( nFarg>0 ){
+ pDef = sqlite3VtabOverloadFunction(db, pDef, nFarg, pFarg->a[0].pExpr);
+ }
+#endif
+ if( pDef->funcFlags & SQLITE_FUNC_NEEDCOLL ){
+ if( !pColl ) pColl = db->pDfltColl;
+ sqlite3VdbeAddOp4(v, OP_CollSeq, 0, 0, 0, (char *)pColl, P4_COLLSEQ);
+ }
+ sqlite3VdbeAddOp4(v, OP_Function0, constMask, r1, target,
+ (char*)pDef, P4_FUNCDEF);
+ sqlite3VdbeChangeP5(v, (u8)nFarg);
+ if( nFarg && constMask==0 ){
+ sqlite3ReleaseTempRange(pParse, r1, nFarg);
+ }
+ break;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case TK_EXISTS:
+ case TK_SELECT: {
+ testcase( op==TK_EXISTS );
+ testcase( op==TK_SELECT );
+ inReg = sqlite3CodeSubselect(pParse, pExpr, 0, 0);
+ break;
+ }
+ case TK_IN: {
+ int destIfFalse = sqlite3VdbeMakeLabel(v);
+ int destIfNull = sqlite3VdbeMakeLabel(v);
+ sqlite3VdbeAddOp2(v, OP_Null, 0, target);
+ sqlite3ExprCodeIN(pParse, pExpr, destIfFalse, destIfNull);
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, target);
+ sqlite3VdbeResolveLabel(v, destIfFalse);
+ sqlite3VdbeAddOp2(v, OP_AddImm, target, 0);
+ sqlite3VdbeResolveLabel(v, destIfNull);
+ break;
+ }
+#endif /* SQLITE_OMIT_SUBQUERY */
+
+
+ /*
+ ** x BETWEEN y AND z
+ **
+ ** This is equivalent to
+ **
+ ** x>=y AND x<=z
+ **
+ ** X is stored in pExpr->pLeft.
+ ** Y is stored in pExpr->pList->a[0].pExpr.
+ ** Z is stored in pExpr->pList->a[1].pExpr.
+ */
+ case TK_BETWEEN: {
+ Expr *pLeft = pExpr->pLeft;
+ struct ExprList_item *pLItem = pExpr->x.pList->a;
+ Expr *pRight = pLItem->pExpr;
+
+ r1 = sqlite3ExprCodeTemp(pParse, pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pRight, &regFree2);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ r3 = sqlite3GetTempReg(pParse);
+ r4 = sqlite3GetTempReg(pParse);
+ codeCompare(pParse, pLeft, pRight, OP_Ge,
+ r1, r2, r3, SQLITE_STOREP2); VdbeCoverage(v);
+ pLItem++;
+ pRight = pLItem->pExpr;
+ sqlite3ReleaseTempReg(pParse, regFree2);
+ r2 = sqlite3ExprCodeTemp(pParse, pRight, &regFree2);
+ testcase( regFree2==0 );
+ codeCompare(pParse, pLeft, pRight, OP_Le, r1, r2, r4, SQLITE_STOREP2);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_And, r3, r4, target);
+ sqlite3ReleaseTempReg(pParse, r3);
+ sqlite3ReleaseTempReg(pParse, r4);
+ break;
+ }
+ case TK_COLLATE:
+ case TK_UPLUS: {
+ inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
+ break;
+ }
+
+ case TK_TRIGGER: {
+ /* If the opcode is TK_TRIGGER, then the expression is a reference
+ ** to a column in the new.* or old.* pseudo-tables available to
+ ** trigger programs. In this case Expr.iTable is set to 1 for the
+ ** new.* pseudo-table, or 0 for the old.* pseudo-table. Expr.iColumn
+ ** is set to the column of the pseudo-table to read, or to -1 to
+ ** read the rowid field.
+ **
+ ** The expression is implemented using an OP_Param opcode. The p1
+ ** parameter is set to 0 for an old.rowid reference, or to (i+1)
+ ** to reference another column of the old.* pseudo-table, where
+ ** i is the index of the column. For a new.rowid reference, p1 is
+ ** set to (n+1), where n is the number of columns in each pseudo-table.
+ ** For a reference to any other column in the new.* pseudo-table, p1
+ ** is set to (n+2+i), where n and i are as defined previously. For
+ ** example, if the table on which triggers are being fired is
+ ** declared as:
+ **
+ ** CREATE TABLE t1(a, b);
+ **
+ ** Then p1 is interpreted as follows:
+ **
+ ** p1==0 -> old.rowid p1==3 -> new.rowid
+ ** p1==1 -> old.a p1==4 -> new.a
+ ** p1==2 -> old.b p1==5 -> new.b
+ */
+ Table *pTab = pExpr->pTab;
+ int p1 = pExpr->iTable * (pTab->nCol+1) + 1 + pExpr->iColumn;
+
+ assert( pExpr->iTable==0 || pExpr->iTable==1 );
+ assert( pExpr->iColumn>=-1 && pExpr->iColumn<pTab->nCol );
+ assert( pTab->iPKey<0 || pExpr->iColumn!=pTab->iPKey );
+ assert( p1>=0 && p1<(pTab->nCol*2+2) );
+
+ sqlite3VdbeAddOp2(v, OP_Param, p1, target);
+ VdbeComment((v, "%s.%s -> $%d",
+ (pExpr->iTable ? "new" : "old"),
+ (pExpr->iColumn<0 ? "rowid" : pExpr->pTab->aCol[pExpr->iColumn].zName),
+ target
+ ));
+
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ /* If the column has REAL affinity, it may currently be stored as an
+ ** integer. Use OP_RealAffinity to make sure it is really real.
+ **
+ ** EVIDENCE-OF: R-60985-57662 SQLite will convert the value back to
+ ** floating point when extracting it from the record. */
+ if( pExpr->iColumn>=0
+ && pTab->aCol[pExpr->iColumn].affinity==SQLITE_AFF_REAL
+ ){
+ sqlite3VdbeAddOp1(v, OP_RealAffinity, target);
+ }
+#endif
+ break;
+ }
+
+
+ /*
+ ** Form A:
+ ** CASE x WHEN e1 THEN r1 WHEN e2 THEN r2 ... WHEN eN THEN rN ELSE y END
+ **
+ ** Form B:
+ ** CASE WHEN e1 THEN r1 WHEN e2 THEN r2 ... WHEN eN THEN rN ELSE y END
+ **
+ ** Form A is can be transformed into the equivalent form B as follows:
+ ** CASE WHEN x=e1 THEN r1 WHEN x=e2 THEN r2 ...
+ ** WHEN x=eN THEN rN ELSE y END
+ **
+ ** X (if it exists) is in pExpr->pLeft.
+ ** Y is in the last element of pExpr->x.pList if pExpr->x.pList->nExpr is
+ ** odd. The Y is also optional. If the number of elements in x.pList
+ ** is even, then Y is omitted and the "otherwise" result is NULL.
+ ** Ei is in pExpr->pList->a[i*2] and Ri is pExpr->pList->a[i*2+1].
+ **
+ ** The result of the expression is the Ri for the first matching Ei,
+ ** or if there is no matching Ei, the ELSE term Y, or if there is
+ ** no ELSE term, NULL.
+ */
+ default: assert( op==TK_CASE ); {
+ int endLabel; /* GOTO label for end of CASE stmt */
+ int nextCase; /* GOTO label for next WHEN clause */
+ int nExpr; /* 2x number of WHEN terms */
+ int i; /* Loop counter */
+ ExprList *pEList; /* List of WHEN terms */
+ struct ExprList_item *aListelem; /* Array of WHEN terms */
+ Expr opCompare; /* The X==Ei expression */
+ Expr *pX; /* The X expression */
+ Expr *pTest = 0; /* X==Ei (form A) or just Ei (form B) */
+ VVA_ONLY( int iCacheLevel = pParse->iCacheLevel; )
+
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) && pExpr->x.pList );
+ assert(pExpr->x.pList->nExpr > 0);
+ pEList = pExpr->x.pList;
+ aListelem = pEList->a;
+ nExpr = pEList->nExpr;
+ endLabel = sqlite3VdbeMakeLabel(v);
+ if( (pX = pExpr->pLeft)!=0 ){
+ tempX = *pX;
+ testcase( pX->op==TK_COLUMN );
+ exprToRegister(&tempX, sqlite3ExprCodeTemp(pParse, pX, &regFree1));
+ testcase( regFree1==0 );
+ opCompare.op = TK_EQ;
+ opCompare.pLeft = &tempX;
+ pTest = &opCompare;
+ /* Ticket b351d95f9cd5ef17e9d9dbae18f5ca8611190001:
+ ** The value in regFree1 might get SCopy-ed into the file result.
+ ** So make sure that the regFree1 register is not reused for other
+ ** purposes and possibly overwritten. */
+ regFree1 = 0;
+ }
+ for(i=0; i<nExpr-1; i=i+2){
+ sqlite3ExprCachePush(pParse);
+ if( pX ){
+ assert( pTest!=0 );
+ opCompare.pRight = aListelem[i].pExpr;
+ }else{
+ pTest = aListelem[i].pExpr;
+ }
+ nextCase = sqlite3VdbeMakeLabel(v);
+ testcase( pTest->op==TK_COLUMN );
+ sqlite3ExprIfFalse(pParse, pTest, nextCase, SQLITE_JUMPIFNULL);
+ testcase( aListelem[i+1].pExpr->op==TK_COLUMN );
+ sqlite3ExprCode(pParse, aListelem[i+1].pExpr, target);
+ sqlite3VdbeGoto(v, endLabel);
+ sqlite3ExprCachePop(pParse);
+ sqlite3VdbeResolveLabel(v, nextCase);
+ }
+ if( (nExpr&1)!=0 ){
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprCode(pParse, pEList->a[nExpr-1].pExpr, target);
+ sqlite3ExprCachePop(pParse);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Null, 0, target);
+ }
+ assert( db->mallocFailed || pParse->nErr>0
+ || pParse->iCacheLevel==iCacheLevel );
+ sqlite3VdbeResolveLabel(v, endLabel);
+ break;
+ }
+#ifndef SQLITE_OMIT_TRIGGER
+ case TK_RAISE: {
+ assert( pExpr->affinity==OE_Rollback
+ || pExpr->affinity==OE_Abort
+ || pExpr->affinity==OE_Fail
+ || pExpr->affinity==OE_Ignore
+ );
+ if( !pParse->pTriggerTab ){
+ sqlite3ErrorMsg(pParse,
+ "RAISE() may only be used within a trigger-program");
+ return 0;
+ }
+ if( pExpr->affinity==OE_Abort ){
+ sqlite3MayAbort(pParse);
+ }
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ if( pExpr->affinity==OE_Ignore ){
+ sqlite3VdbeAddOp4(
+ v, OP_Halt, SQLITE_OK, OE_Ignore, 0, pExpr->u.zToken,0);
+ VdbeCoverage(v);
+ }else{
+ sqlite3HaltConstraint(pParse, SQLITE_CONSTRAINT_TRIGGER,
+ pExpr->affinity, pExpr->u.zToken, 0, 0);
+ }
+
+ break;
+ }
+#endif
+ }
+ sqlite3ReleaseTempReg(pParse, regFree1);
+ sqlite3ReleaseTempReg(pParse, regFree2);
+ return inReg;
+}
+
+/*
+** Factor out the code of the given expression to initialization time.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeAtInit(
+ Parse *pParse, /* Parsing context */
+ Expr *pExpr, /* The expression to code when the VDBE initializes */
+ int regDest, /* Store the value in this register */
+ u8 reusable /* True if this expression is reusable */
+){
+ ExprList *p;
+ assert( ConstFactorOk(pParse) );
+ p = pParse->pConstExpr;
+ pExpr = sqlite3ExprDup(pParse->db, pExpr, 0);
+ p = sqlite3ExprListAppend(pParse, p, pExpr);
+ if( p ){
+ struct ExprList_item *pItem = &p->a[p->nExpr-1];
+ pItem->u.iConstExprReg = regDest;
+ pItem->reusable = reusable;
+ }
+ pParse->pConstExpr = p;
+}
+
+/*
+** Generate code to evaluate an expression and store the results
+** into a register. Return the register number where the results
+** are stored.
+**
+** If the register is a temporary register that can be deallocated,
+** then write its number into *pReg. If the result register is not
+** a temporary, then set *pReg to zero.
+**
+** If pExpr is a constant, then this routine might generate this
+** code to fill the register in the initialization section of the
+** VDBE program, in order to factor it out of the evaluation loop.
+*/
+SQLITE_PRIVATE int sqlite3ExprCodeTemp(Parse *pParse, Expr *pExpr, int *pReg){
+ int r2;
+ pExpr = sqlite3ExprSkipCollate(pExpr);
+ if( ConstFactorOk(pParse)
+ && pExpr->op!=TK_REGISTER
+ && sqlite3ExprIsConstantNotJoin(pExpr)
+ ){
+ ExprList *p = pParse->pConstExpr;
+ int i;
+ *pReg = 0;
+ if( p ){
+ struct ExprList_item *pItem;
+ for(pItem=p->a, i=p->nExpr; i>0; pItem++, i--){
+ if( pItem->reusable && sqlite3ExprCompare(pItem->pExpr,pExpr,-1)==0 ){
+ return pItem->u.iConstExprReg;
+ }
+ }
+ }
+ r2 = ++pParse->nMem;
+ sqlite3ExprCodeAtInit(pParse, pExpr, r2, 1);
+ }else{
+ int r1 = sqlite3GetTempReg(pParse);
+ r2 = sqlite3ExprCodeTarget(pParse, pExpr, r1);
+ if( r2==r1 ){
+ *pReg = r1;
+ }else{
+ sqlite3ReleaseTempReg(pParse, r1);
+ *pReg = 0;
+ }
+ }
+ return r2;
+}
+
+/*
+** Generate code that will evaluate expression pExpr and store the
+** results in register target. The results are guaranteed to appear
+** in register target.
+*/
+SQLITE_PRIVATE void sqlite3ExprCode(Parse *pParse, Expr *pExpr, int target){
+ int inReg;
+
+ assert( target>0 && target<=pParse->nMem );
+ if( pExpr && pExpr->op==TK_REGISTER ){
+ sqlite3VdbeAddOp2(pParse->pVdbe, OP_Copy, pExpr->iTable, target);
+ }else{
+ inReg = sqlite3ExprCodeTarget(pParse, pExpr, target);
+ assert( pParse->pVdbe!=0 || pParse->db->mallocFailed );
+ if( inReg!=target && pParse->pVdbe ){
+ sqlite3VdbeAddOp2(pParse->pVdbe, OP_SCopy, inReg, target);
+ }
+ }
+}
+
+/*
+** Make a transient copy of expression pExpr and then code it using
+** sqlite3ExprCode(). This routine works just like sqlite3ExprCode()
+** except that the input expression is guaranteed to be unchanged.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeCopy(Parse *pParse, Expr *pExpr, int target){
+ sqlite3 *db = pParse->db;
+ pExpr = sqlite3ExprDup(db, pExpr, 0);
+ if( !db->mallocFailed ) sqlite3ExprCode(pParse, pExpr, target);
+ sqlite3ExprDelete(db, pExpr);
+}
+
+/*
+** Generate code that will evaluate expression pExpr and store the
+** results in register target. The results are guaranteed to appear
+** in register target. If the expression is constant, then this routine
+** might choose to code the expression at initialization time.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeFactorable(Parse *pParse, Expr *pExpr, int target){
+ if( pParse->okConstFactor && sqlite3ExprIsConstant(pExpr) ){
+ sqlite3ExprCodeAtInit(pParse, pExpr, target, 0);
+ }else{
+ sqlite3ExprCode(pParse, pExpr, target);
+ }
+}
+
+/*
+** Generate code that evaluates the given expression and puts the result
+** in register target.
+**
+** Also make a copy of the expression results into another "cache" register
+** and modify the expression so that the next time it is evaluated,
+** the result is a copy of the cache register.
+**
+** This routine is used for expressions that are used multiple
+** times. They are evaluated once and the results of the expression
+** are reused.
+*/
+SQLITE_PRIVATE void sqlite3ExprCodeAndCache(Parse *pParse, Expr *pExpr, int target){
+ Vdbe *v = pParse->pVdbe;
+ int iMem;
+
+ assert( target>0 );
+ assert( pExpr->op!=TK_REGISTER );
+ sqlite3ExprCode(pParse, pExpr, target);
+ iMem = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Copy, target, iMem);
+ exprToRegister(pExpr, iMem);
+}
+
+/*
+** Generate code that pushes the value of every element of the given
+** expression list into a sequence of registers beginning at target.
+**
+** Return the number of elements evaluated.
+**
+** The SQLITE_ECEL_DUP flag prevents the arguments from being
+** filled using OP_SCopy. OP_Copy must be used instead.
+**
+** The SQLITE_ECEL_FACTOR argument allows constant arguments to be
+** factored out into initialization code.
+**
+** The SQLITE_ECEL_REF flag means that expressions in the list with
+** ExprList.a[].u.x.iOrderByCol>0 have already been evaluated and stored
+** in registers at srcReg, and so the value can be copied from there.
+*/
+SQLITE_PRIVATE int sqlite3ExprCodeExprList(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* The expression list to be coded */
+ int target, /* Where to write results */
+ int srcReg, /* Source registers if SQLITE_ECEL_REF */
+ u8 flags /* SQLITE_ECEL_* flags */
+){
+ struct ExprList_item *pItem;
+ int i, j, n;
+ u8 copyOp = (flags & SQLITE_ECEL_DUP) ? OP_Copy : OP_SCopy;
+ Vdbe *v = pParse->pVdbe;
+ assert( pList!=0 );
+ assert( target>0 );
+ assert( pParse->pVdbe!=0 ); /* Never gets this far otherwise */
+ n = pList->nExpr;
+ if( !ConstFactorOk(pParse) ) flags &= ~SQLITE_ECEL_FACTOR;
+ for(pItem=pList->a, i=0; i<n; i++, pItem++){
+ Expr *pExpr = pItem->pExpr;
+ if( (flags & SQLITE_ECEL_REF)!=0 && (j = pList->a[i].u.x.iOrderByCol)>0 ){
+ sqlite3VdbeAddOp2(v, copyOp, j+srcReg-1, target+i);
+ }else if( (flags & SQLITE_ECEL_FACTOR)!=0 && sqlite3ExprIsConstant(pExpr) ){
+ sqlite3ExprCodeAtInit(pParse, pExpr, target+i, 0);
+ }else{
+ int inReg = sqlite3ExprCodeTarget(pParse, pExpr, target+i);
+ if( inReg!=target+i ){
+ VdbeOp *pOp;
+ if( copyOp==OP_Copy
+ && (pOp=sqlite3VdbeGetOp(v, -1))->opcode==OP_Copy
+ && pOp->p1+pOp->p3+1==inReg
+ && pOp->p2+pOp->p3+1==target+i
+ ){
+ pOp->p3++;
+ }else{
+ sqlite3VdbeAddOp2(v, copyOp, inReg, target+i);
+ }
+ }
+ }
+ }
+ return n;
+}
+
+/*
+** Generate code for a BETWEEN operator.
+**
+** x BETWEEN y AND z
+**
+** The above is equivalent to
+**
+** x>=y AND x<=z
+**
+** Code it as such, taking care to do the common subexpression
+** elimination of x.
+*/
+static void exprCodeBetween(
+ Parse *pParse, /* Parsing and code generating context */
+ Expr *pExpr, /* The BETWEEN expression */
+ int dest, /* Jump here if the jump is taken */
+ int jumpIfTrue, /* Take the jump if the BETWEEN is true */
+ int jumpIfNull /* Take the jump if the BETWEEN is NULL */
+){
+ Expr exprAnd; /* The AND operator in x>=y AND x<=z */
+ Expr compLeft; /* The x>=y term */
+ Expr compRight; /* The x<=z term */
+ Expr exprX; /* The x subexpression */
+ int regFree1 = 0; /* Temporary use register */
+
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ exprX = *pExpr->pLeft;
+ exprAnd.op = TK_AND;
+ exprAnd.pLeft = &compLeft;
+ exprAnd.pRight = &compRight;
+ compLeft.op = TK_GE;
+ compLeft.pLeft = &exprX;
+ compLeft.pRight = pExpr->x.pList->a[0].pExpr;
+ compRight.op = TK_LE;
+ compRight.pLeft = &exprX;
+ compRight.pRight = pExpr->x.pList->a[1].pExpr;
+ exprToRegister(&exprX, sqlite3ExprCodeTemp(pParse, &exprX, &regFree1));
+ if( jumpIfTrue ){
+ sqlite3ExprIfTrue(pParse, &exprAnd, dest, jumpIfNull);
+ }else{
+ sqlite3ExprIfFalse(pParse, &exprAnd, dest, jumpIfNull);
+ }
+ sqlite3ReleaseTempReg(pParse, regFree1);
+
+ /* Ensure adequate test coverage */
+ testcase( jumpIfTrue==0 && jumpIfNull==0 && regFree1==0 );
+ testcase( jumpIfTrue==0 && jumpIfNull==0 && regFree1!=0 );
+ testcase( jumpIfTrue==0 && jumpIfNull!=0 && regFree1==0 );
+ testcase( jumpIfTrue==0 && jumpIfNull!=0 && regFree1!=0 );
+ testcase( jumpIfTrue!=0 && jumpIfNull==0 && regFree1==0 );
+ testcase( jumpIfTrue!=0 && jumpIfNull==0 && regFree1!=0 );
+ testcase( jumpIfTrue!=0 && jumpIfNull!=0 && regFree1==0 );
+ testcase( jumpIfTrue!=0 && jumpIfNull!=0 && regFree1!=0 );
+}
+
+/*
+** Generate code for a boolean expression such that a jump is made
+** to the label "dest" if the expression is true but execution
+** continues straight thru if the expression is false.
+**
+** If the expression evaluates to NULL (neither true nor false), then
+** take the jump if the jumpIfNull flag is SQLITE_JUMPIFNULL.
+**
+** This code depends on the fact that certain token values (ex: TK_EQ)
+** are the same as opcode values (ex: OP_Eq) that implement the corresponding
+** operation. Special comments in vdbe.c and the mkopcodeh.awk script in
+** the make process cause these values to align. Assert()s in the code
+** below verify that the numbers are aligned correctly.
+*/
+SQLITE_PRIVATE void sqlite3ExprIfTrue(Parse *pParse, Expr *pExpr, int dest, int jumpIfNull){
+ Vdbe *v = pParse->pVdbe;
+ int op = 0;
+ int regFree1 = 0;
+ int regFree2 = 0;
+ int r1, r2;
+
+ assert( jumpIfNull==SQLITE_JUMPIFNULL || jumpIfNull==0 );
+ if( NEVER(v==0) ) return; /* Existence of VDBE checked by caller */
+ if( NEVER(pExpr==0) ) return; /* No way this can happen */
+ op = pExpr->op;
+ switch( op ){
+ case TK_AND: {
+ int d2 = sqlite3VdbeMakeLabel(v);
+ testcase( jumpIfNull==0 );
+ sqlite3ExprIfFalse(pParse, pExpr->pLeft, d2,jumpIfNull^SQLITE_JUMPIFNULL);
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprIfTrue(pParse, pExpr->pRight, dest, jumpIfNull);
+ sqlite3VdbeResolveLabel(v, d2);
+ sqlite3ExprCachePop(pParse);
+ break;
+ }
+ case TK_OR: {
+ testcase( jumpIfNull==0 );
+ sqlite3ExprIfTrue(pParse, pExpr->pLeft, dest, jumpIfNull);
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprIfTrue(pParse, pExpr->pRight, dest, jumpIfNull);
+ sqlite3ExprCachePop(pParse);
+ break;
+ }
+ case TK_NOT: {
+ testcase( jumpIfNull==0 );
+ sqlite3ExprIfFalse(pParse, pExpr->pLeft, dest, jumpIfNull);
+ break;
+ }
+ case TK_LT:
+ case TK_LE:
+ case TK_GT:
+ case TK_GE:
+ case TK_NE:
+ case TK_EQ: {
+ testcase( jumpIfNull==0 );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ codeCompare(pParse, pExpr->pLeft, pExpr->pRight, op,
+ r1, r2, dest, jumpIfNull);
+ assert(TK_LT==OP_Lt); testcase(op==OP_Lt); VdbeCoverageIf(v,op==OP_Lt);
+ assert(TK_LE==OP_Le); testcase(op==OP_Le); VdbeCoverageIf(v,op==OP_Le);
+ assert(TK_GT==OP_Gt); testcase(op==OP_Gt); VdbeCoverageIf(v,op==OP_Gt);
+ assert(TK_GE==OP_Ge); testcase(op==OP_Ge); VdbeCoverageIf(v,op==OP_Ge);
+ assert(TK_EQ==OP_Eq); testcase(op==OP_Eq); VdbeCoverageIf(v,op==OP_Eq);
+ assert(TK_NE==OP_Ne); testcase(op==OP_Ne); VdbeCoverageIf(v,op==OP_Ne);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_IS:
+ case TK_ISNOT: {
+ testcase( op==TK_IS );
+ testcase( op==TK_ISNOT );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ op = (op==TK_IS) ? TK_EQ : TK_NE;
+ codeCompare(pParse, pExpr->pLeft, pExpr->pRight, op,
+ r1, r2, dest, SQLITE_NULLEQ);
+ VdbeCoverageIf(v, op==TK_EQ);
+ VdbeCoverageIf(v, op==TK_NE);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_ISNULL:
+ case TK_NOTNULL: {
+ assert( TK_ISNULL==OP_IsNull ); testcase( op==TK_ISNULL );
+ assert( TK_NOTNULL==OP_NotNull ); testcase( op==TK_NOTNULL );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ sqlite3VdbeAddOp2(v, op, r1, dest);
+ VdbeCoverageIf(v, op==TK_ISNULL);
+ VdbeCoverageIf(v, op==TK_NOTNULL);
+ testcase( regFree1==0 );
+ break;
+ }
+ case TK_BETWEEN: {
+ testcase( jumpIfNull==0 );
+ exprCodeBetween(pParse, pExpr, dest, 1, jumpIfNull);
+ break;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case TK_IN: {
+ int destIfFalse = sqlite3VdbeMakeLabel(v);
+ int destIfNull = jumpIfNull ? dest : destIfFalse;
+ sqlite3ExprCodeIN(pParse, pExpr, destIfFalse, destIfNull);
+ sqlite3VdbeGoto(v, dest);
+ sqlite3VdbeResolveLabel(v, destIfFalse);
+ break;
+ }
+#endif
+ default: {
+ if( exprAlwaysTrue(pExpr) ){
+ sqlite3VdbeGoto(v, dest);
+ }else if( exprAlwaysFalse(pExpr) ){
+ /* No-op */
+ }else{
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr, &regFree1);
+ sqlite3VdbeAddOp3(v, OP_If, r1, dest, jumpIfNull!=0);
+ VdbeCoverage(v);
+ testcase( regFree1==0 );
+ testcase( jumpIfNull==0 );
+ }
+ break;
+ }
+ }
+ sqlite3ReleaseTempReg(pParse, regFree1);
+ sqlite3ReleaseTempReg(pParse, regFree2);
+}
+
+/*
+** Generate code for a boolean expression such that a jump is made
+** to the label "dest" if the expression is false but execution
+** continues straight thru if the expression is true.
+**
+** If the expression evaluates to NULL (neither true nor false) then
+** jump if jumpIfNull is SQLITE_JUMPIFNULL or fall through if jumpIfNull
+** is 0.
+*/
+SQLITE_PRIVATE void sqlite3ExprIfFalse(Parse *pParse, Expr *pExpr, int dest, int jumpIfNull){
+ Vdbe *v = pParse->pVdbe;
+ int op = 0;
+ int regFree1 = 0;
+ int regFree2 = 0;
+ int r1, r2;
+
+ assert( jumpIfNull==SQLITE_JUMPIFNULL || jumpIfNull==0 );
+ if( NEVER(v==0) ) return; /* Existence of VDBE checked by caller */
+ if( pExpr==0 ) return;
+
+ /* The value of pExpr->op and op are related as follows:
+ **
+ ** pExpr->op op
+ ** --------- ----------
+ ** TK_ISNULL OP_NotNull
+ ** TK_NOTNULL OP_IsNull
+ ** TK_NE OP_Eq
+ ** TK_EQ OP_Ne
+ ** TK_GT OP_Le
+ ** TK_LE OP_Gt
+ ** TK_GE OP_Lt
+ ** TK_LT OP_Ge
+ **
+ ** For other values of pExpr->op, op is undefined and unused.
+ ** The value of TK_ and OP_ constants are arranged such that we
+ ** can compute the mapping above using the following expression.
+ ** Assert()s verify that the computation is correct.
+ */
+ op = ((pExpr->op+(TK_ISNULL&1))^1)-(TK_ISNULL&1);
+
+ /* Verify correct alignment of TK_ and OP_ constants
+ */
+ assert( pExpr->op!=TK_ISNULL || op==OP_NotNull );
+ assert( pExpr->op!=TK_NOTNULL || op==OP_IsNull );
+ assert( pExpr->op!=TK_NE || op==OP_Eq );
+ assert( pExpr->op!=TK_EQ || op==OP_Ne );
+ assert( pExpr->op!=TK_LT || op==OP_Ge );
+ assert( pExpr->op!=TK_LE || op==OP_Gt );
+ assert( pExpr->op!=TK_GT || op==OP_Le );
+ assert( pExpr->op!=TK_GE || op==OP_Lt );
+
+ switch( pExpr->op ){
+ case TK_AND: {
+ testcase( jumpIfNull==0 );
+ sqlite3ExprIfFalse(pParse, pExpr->pLeft, dest, jumpIfNull);
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprIfFalse(pParse, pExpr->pRight, dest, jumpIfNull);
+ sqlite3ExprCachePop(pParse);
+ break;
+ }
+ case TK_OR: {
+ int d2 = sqlite3VdbeMakeLabel(v);
+ testcase( jumpIfNull==0 );
+ sqlite3ExprIfTrue(pParse, pExpr->pLeft, d2, jumpIfNull^SQLITE_JUMPIFNULL);
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprIfFalse(pParse, pExpr->pRight, dest, jumpIfNull);
+ sqlite3VdbeResolveLabel(v, d2);
+ sqlite3ExprCachePop(pParse);
+ break;
+ }
+ case TK_NOT: {
+ testcase( jumpIfNull==0 );
+ sqlite3ExprIfTrue(pParse, pExpr->pLeft, dest, jumpIfNull);
+ break;
+ }
+ case TK_LT:
+ case TK_LE:
+ case TK_GT:
+ case TK_GE:
+ case TK_NE:
+ case TK_EQ: {
+ testcase( jumpIfNull==0 );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ codeCompare(pParse, pExpr->pLeft, pExpr->pRight, op,
+ r1, r2, dest, jumpIfNull);
+ assert(TK_LT==OP_Lt); testcase(op==OP_Lt); VdbeCoverageIf(v,op==OP_Lt);
+ assert(TK_LE==OP_Le); testcase(op==OP_Le); VdbeCoverageIf(v,op==OP_Le);
+ assert(TK_GT==OP_Gt); testcase(op==OP_Gt); VdbeCoverageIf(v,op==OP_Gt);
+ assert(TK_GE==OP_Ge); testcase(op==OP_Ge); VdbeCoverageIf(v,op==OP_Ge);
+ assert(TK_EQ==OP_Eq); testcase(op==OP_Eq); VdbeCoverageIf(v,op==OP_Eq);
+ assert(TK_NE==OP_Ne); testcase(op==OP_Ne); VdbeCoverageIf(v,op==OP_Ne);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_IS:
+ case TK_ISNOT: {
+ testcase( pExpr->op==TK_IS );
+ testcase( pExpr->op==TK_ISNOT );
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ r2 = sqlite3ExprCodeTemp(pParse, pExpr->pRight, &regFree2);
+ op = (pExpr->op==TK_IS) ? TK_NE : TK_EQ;
+ codeCompare(pParse, pExpr->pLeft, pExpr->pRight, op,
+ r1, r2, dest, SQLITE_NULLEQ);
+ VdbeCoverageIf(v, op==TK_EQ);
+ VdbeCoverageIf(v, op==TK_NE);
+ testcase( regFree1==0 );
+ testcase( regFree2==0 );
+ break;
+ }
+ case TK_ISNULL:
+ case TK_NOTNULL: {
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, &regFree1);
+ sqlite3VdbeAddOp2(v, op, r1, dest);
+ testcase( op==TK_ISNULL ); VdbeCoverageIf(v, op==TK_ISNULL);
+ testcase( op==TK_NOTNULL ); VdbeCoverageIf(v, op==TK_NOTNULL);
+ testcase( regFree1==0 );
+ break;
+ }
+ case TK_BETWEEN: {
+ testcase( jumpIfNull==0 );
+ exprCodeBetween(pParse, pExpr, dest, 0, jumpIfNull);
+ break;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case TK_IN: {
+ if( jumpIfNull ){
+ sqlite3ExprCodeIN(pParse, pExpr, dest, dest);
+ }else{
+ int destIfNull = sqlite3VdbeMakeLabel(v);
+ sqlite3ExprCodeIN(pParse, pExpr, dest, destIfNull);
+ sqlite3VdbeResolveLabel(v, destIfNull);
+ }
+ break;
+ }
+#endif
+ default: {
+ if( exprAlwaysFalse(pExpr) ){
+ sqlite3VdbeGoto(v, dest);
+ }else if( exprAlwaysTrue(pExpr) ){
+ /* no-op */
+ }else{
+ r1 = sqlite3ExprCodeTemp(pParse, pExpr, &regFree1);
+ sqlite3VdbeAddOp3(v, OP_IfNot, r1, dest, jumpIfNull!=0);
+ VdbeCoverage(v);
+ testcase( regFree1==0 );
+ testcase( jumpIfNull==0 );
+ }
+ break;
+ }
+ }
+ sqlite3ReleaseTempReg(pParse, regFree1);
+ sqlite3ReleaseTempReg(pParse, regFree2);
+}
+
+/*
+** Like sqlite3ExprIfFalse() except that a copy is made of pExpr before
+** code generation, and that copy is deleted after code generation. This
+** ensures that the original pExpr is unchanged.
+*/
+SQLITE_PRIVATE void sqlite3ExprIfFalseDup(Parse *pParse, Expr *pExpr, int dest,int jumpIfNull){
+ sqlite3 *db = pParse->db;
+ Expr *pCopy = sqlite3ExprDup(db, pExpr, 0);
+ if( db->mallocFailed==0 ){
+ sqlite3ExprIfFalse(pParse, pCopy, dest, jumpIfNull);
+ }
+ sqlite3ExprDelete(db, pCopy);
+}
+
+
+/*
+** Do a deep comparison of two expression trees. Return 0 if the two
+** expressions are completely identical. Return 1 if they differ only
+** by a COLLATE operator at the top level. Return 2 if there are differences
+** other than the top-level COLLATE operator.
+**
+** If any subelement of pB has Expr.iTable==(-1) then it is allowed
+** to compare equal to an equivalent element in pA with Expr.iTable==iTab.
+**
+** The pA side might be using TK_REGISTER. If that is the case and pB is
+** not using TK_REGISTER but is otherwise equivalent, then still return 0.
+**
+** Sometimes this routine will return 2 even if the two expressions
+** really are equivalent. If we cannot prove that the expressions are
+** identical, we return 2 just to be safe. So if this routine
+** returns 2, then you do not really know for certain if the two
+** expressions are the same. But if you get a 0 or 1 return, then you
+** can be sure the expressions are the same. In the places where
+** this routine is used, it does not hurt to get an extra 2 - that
+** just might result in some slightly slower code. But returning
+** an incorrect 0 or 1 could lead to a malfunction.
+*/
+SQLITE_PRIVATE int sqlite3ExprCompare(Expr *pA, Expr *pB, int iTab){
+ u32 combinedFlags;
+ if( pA==0 || pB==0 ){
+ return pB==pA ? 0 : 2;
+ }
+ combinedFlags = pA->flags | pB->flags;
+ if( combinedFlags & EP_IntValue ){
+ if( (pA->flags&pB->flags&EP_IntValue)!=0 && pA->u.iValue==pB->u.iValue ){
+ return 0;
+ }
+ return 2;
+ }
+ if( pA->op!=pB->op ){
+ if( pA->op==TK_COLLATE && sqlite3ExprCompare(pA->pLeft, pB, iTab)<2 ){
+ return 1;
+ }
+ if( pB->op==TK_COLLATE && sqlite3ExprCompare(pA, pB->pLeft, iTab)<2 ){
+ return 1;
+ }
+ return 2;
+ }
+ if( pA->op!=TK_COLUMN && pA->op!=TK_AGG_COLUMN && pA->u.zToken ){
+ if( pA->op==TK_FUNCTION ){
+ if( sqlite3StrICmp(pA->u.zToken,pB->u.zToken)!=0 ) return 2;
+ }else if( strcmp(pA->u.zToken,pB->u.zToken)!=0 ){
+ return pA->op==TK_COLLATE ? 1 : 2;
+ }
+ }
+ if( (pA->flags & EP_Distinct)!=(pB->flags & EP_Distinct) ) return 2;
+ if( ALWAYS((combinedFlags & EP_TokenOnly)==0) ){
+ if( combinedFlags & EP_xIsSelect ) return 2;
+ if( sqlite3ExprCompare(pA->pLeft, pB->pLeft, iTab) ) return 2;
+ if( sqlite3ExprCompare(pA->pRight, pB->pRight, iTab) ) return 2;
+ if( sqlite3ExprListCompare(pA->x.pList, pB->x.pList, iTab) ) return 2;
+ if( ALWAYS((combinedFlags & EP_Reduced)==0) && pA->op!=TK_STRING ){
+ if( pA->iColumn!=pB->iColumn ) return 2;
+ if( pA->iTable!=pB->iTable
+ && (pA->iTable!=iTab || NEVER(pB->iTable>=0)) ) return 2;
+ }
+ }
+ return 0;
+}
+
+/*
+** Compare two ExprList objects. Return 0 if they are identical and
+** non-zero if they differ in any way.
+**
+** If any subelement of pB has Expr.iTable==(-1) then it is allowed
+** to compare equal to an equivalent element in pA with Expr.iTable==iTab.
+**
+** This routine might return non-zero for equivalent ExprLists. The
+** only consequence will be disabled optimizations. But this routine
+** must never return 0 if the two ExprList objects are different, or
+** a malfunction will result.
+**
+** Two NULL pointers are considered to be the same. But a NULL pointer
+** always differs from a non-NULL pointer.
+*/
+SQLITE_PRIVATE int sqlite3ExprListCompare(ExprList *pA, ExprList *pB, int iTab){
+ int i;
+ if( pA==0 && pB==0 ) return 0;
+ if( pA==0 || pB==0 ) return 1;
+ if( pA->nExpr!=pB->nExpr ) return 1;
+ for(i=0; i<pA->nExpr; i++){
+ Expr *pExprA = pA->a[i].pExpr;
+ Expr *pExprB = pB->a[i].pExpr;
+ if( pA->a[i].sortOrder!=pB->a[i].sortOrder ) return 1;
+ if( sqlite3ExprCompare(pExprA, pExprB, iTab) ) return 1;
+ }
+ return 0;
+}
+
+/*
+** Return true if we can prove the pE2 will always be true if pE1 is
+** true. Return false if we cannot complete the proof or if pE2 might
+** be false. Examples:
+**
+** pE1: x==5 pE2: x==5 Result: true
+** pE1: x>0 pE2: x==5 Result: false
+** pE1: x=21 pE2: x=21 OR y=43 Result: true
+** pE1: x!=123 pE2: x IS NOT NULL Result: true
+** pE1: x!=?1 pE2: x IS NOT NULL Result: true
+** pE1: x IS NULL pE2: x IS NOT NULL Result: false
+** pE1: x IS ?2 pE2: x IS NOT NULL Reuslt: false
+**
+** When comparing TK_COLUMN nodes between pE1 and pE2, if pE2 has
+** Expr.iTable<0 then assume a table number given by iTab.
+**
+** When in doubt, return false. Returning true might give a performance
+** improvement. Returning false might cause a performance reduction, but
+** it will always give the correct answer and is hence always safe.
+*/
+SQLITE_PRIVATE int sqlite3ExprImpliesExpr(Expr *pE1, Expr *pE2, int iTab){
+ if( sqlite3ExprCompare(pE1, pE2, iTab)==0 ){
+ return 1;
+ }
+ if( pE2->op==TK_OR
+ && (sqlite3ExprImpliesExpr(pE1, pE2->pLeft, iTab)
+ || sqlite3ExprImpliesExpr(pE1, pE2->pRight, iTab) )
+ ){
+ return 1;
+ }
+ if( pE2->op==TK_NOTNULL
+ && sqlite3ExprCompare(pE1->pLeft, pE2->pLeft, iTab)==0
+ && (pE1->op!=TK_ISNULL && pE1->op!=TK_IS)
+ ){
+ return 1;
+ }
+ return 0;
+}
+
+/*
+** An instance of the following structure is used by the tree walker
+** to count references to table columns in the arguments of an
+** aggregate function, in order to implement the
+** sqlite3FunctionThisSrc() routine.
+*/
+struct SrcCount {
+ SrcList *pSrc; /* One particular FROM clause in a nested query */
+ int nThis; /* Number of references to columns in pSrcList */
+ int nOther; /* Number of references to columns in other FROM clauses */
+};
+
+/*
+** Count the number of references to columns.
+*/
+static int exprSrcCount(Walker *pWalker, Expr *pExpr){
+ /* The NEVER() on the second term is because sqlite3FunctionUsesThisSrc()
+ ** is always called before sqlite3ExprAnalyzeAggregates() and so the
+ ** TK_COLUMNs have not yet been converted into TK_AGG_COLUMN. If
+ ** sqlite3FunctionUsesThisSrc() is used differently in the future, the
+ ** NEVER() will need to be removed. */
+ if( pExpr->op==TK_COLUMN || NEVER(pExpr->op==TK_AGG_COLUMN) ){
+ int i;
+ struct SrcCount *p = pWalker->u.pSrcCount;
+ SrcList *pSrc = p->pSrc;
+ int nSrc = pSrc ? pSrc->nSrc : 0;
+ for(i=0; i<nSrc; i++){
+ if( pExpr->iTable==pSrc->a[i].iCursor ) break;
+ }
+ if( i<nSrc ){
+ p->nThis++;
+ }else{
+ p->nOther++;
+ }
+ }
+ return WRC_Continue;
+}
+
+/*
+** Determine if any of the arguments to the pExpr Function reference
+** pSrcList. Return true if they do. Also return true if the function
+** has no arguments or has only constant arguments. Return false if pExpr
+** references columns but not columns of tables found in pSrcList.
+*/
+SQLITE_PRIVATE int sqlite3FunctionUsesThisSrc(Expr *pExpr, SrcList *pSrcList){
+ Walker w;
+ struct SrcCount cnt;
+ assert( pExpr->op==TK_AGG_FUNCTION );
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = exprSrcCount;
+ w.u.pSrcCount = &cnt;
+ cnt.pSrc = pSrcList;
+ cnt.nThis = 0;
+ cnt.nOther = 0;
+ sqlite3WalkExprList(&w, pExpr->x.pList);
+ return cnt.nThis>0 || cnt.nOther==0;
+}
+
+/*
+** Add a new element to the pAggInfo->aCol[] array. Return the index of
+** the new element. Return a negative number if malloc fails.
+*/
+static int addAggInfoColumn(sqlite3 *db, AggInfo *pInfo){
+ int i;
+ pInfo->aCol = sqlite3ArrayAllocate(
+ db,
+ pInfo->aCol,
+ sizeof(pInfo->aCol[0]),
+ &pInfo->nColumn,
+ &i
+ );
+ return i;
+}
+
+/*
+** Add a new element to the pAggInfo->aFunc[] array. Return the index of
+** the new element. Return a negative number if malloc fails.
+*/
+static int addAggInfoFunc(sqlite3 *db, AggInfo *pInfo){
+ int i;
+ pInfo->aFunc = sqlite3ArrayAllocate(
+ db,
+ pInfo->aFunc,
+ sizeof(pInfo->aFunc[0]),
+ &pInfo->nFunc,
+ &i
+ );
+ return i;
+}
+
+/*
+** This is the xExprCallback for a tree walker. It is used to
+** implement sqlite3ExprAnalyzeAggregates(). See sqlite3ExprAnalyzeAggregates
+** for additional information.
+*/
+static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
+ int i;
+ NameContext *pNC = pWalker->u.pNC;
+ Parse *pParse = pNC->pParse;
+ SrcList *pSrcList = pNC->pSrcList;
+ AggInfo *pAggInfo = pNC->pAggInfo;
+
+ switch( pExpr->op ){
+ case TK_AGG_COLUMN:
+ case TK_COLUMN: {
+ testcase( pExpr->op==TK_AGG_COLUMN );
+ testcase( pExpr->op==TK_COLUMN );
+ /* Check to see if the column is in one of the tables in the FROM
+ ** clause of the aggregate query */
+ if( ALWAYS(pSrcList!=0) ){
+ struct SrcList_item *pItem = pSrcList->a;
+ for(i=0; i<pSrcList->nSrc; i++, pItem++){
+ struct AggInfo_col *pCol;
+ assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) );
+ if( pExpr->iTable==pItem->iCursor ){
+ /* If we reach this point, it means that pExpr refers to a table
+ ** that is in the FROM clause of the aggregate query.
+ **
+ ** Make an entry for the column in pAggInfo->aCol[] if there
+ ** is not an entry there already.
+ */
+ int k;
+ pCol = pAggInfo->aCol;
+ for(k=0; k<pAggInfo->nColumn; k++, pCol++){
+ if( pCol->iTable==pExpr->iTable &&
+ pCol->iColumn==pExpr->iColumn ){
+ break;
+ }
+ }
+ if( (k>=pAggInfo->nColumn)
+ && (k = addAggInfoColumn(pParse->db, pAggInfo))>=0
+ ){
+ pCol = &pAggInfo->aCol[k];
+ pCol->pTab = pExpr->pTab;
+ pCol->iTable = pExpr->iTable;
+ pCol->iColumn = pExpr->iColumn;
+ pCol->iMem = ++pParse->nMem;
+ pCol->iSorterColumn = -1;
+ pCol->pExpr = pExpr;
+ if( pAggInfo->pGroupBy ){
+ int j, n;
+ ExprList *pGB = pAggInfo->pGroupBy;
+ struct ExprList_item *pTerm = pGB->a;
+ n = pGB->nExpr;
+ for(j=0; j<n; j++, pTerm++){
+ Expr *pE = pTerm->pExpr;
+ if( pE->op==TK_COLUMN && pE->iTable==pExpr->iTable &&
+ pE->iColumn==pExpr->iColumn ){
+ pCol->iSorterColumn = j;
+ break;
+ }
+ }
+ }
+ if( pCol->iSorterColumn<0 ){
+ pCol->iSorterColumn = pAggInfo->nSortingColumn++;
+ }
+ }
+ /* There is now an entry for pExpr in pAggInfo->aCol[] (either
+ ** because it was there before or because we just created it).
+ ** Convert the pExpr to be a TK_AGG_COLUMN referring to that
+ ** pAggInfo->aCol[] entry.
+ */
+ ExprSetVVAProperty(pExpr, EP_NoReduce);
+ pExpr->pAggInfo = pAggInfo;
+ pExpr->op = TK_AGG_COLUMN;
+ pExpr->iAgg = (i16)k;
+ break;
+ } /* endif pExpr->iTable==pItem->iCursor */
+ } /* end loop over pSrcList */
+ }
+ return WRC_Prune;
+ }
+ case TK_AGG_FUNCTION: {
+ if( (pNC->ncFlags & NC_InAggFunc)==0
+ && pWalker->walkerDepth==pExpr->op2
+ ){
+ /* Check to see if pExpr is a duplicate of another aggregate
+ ** function that is already in the pAggInfo structure
+ */
+ struct AggInfo_func *pItem = pAggInfo->aFunc;
+ for(i=0; i<pAggInfo->nFunc; i++, pItem++){
+ if( sqlite3ExprCompare(pItem->pExpr, pExpr, -1)==0 ){
+ break;
+ }
+ }
+ if( i>=pAggInfo->nFunc ){
+ /* pExpr is original. Make a new entry in pAggInfo->aFunc[]
+ */
+ u8 enc = ENC(pParse->db);
+ i = addAggInfoFunc(pParse->db, pAggInfo);
+ if( i>=0 ){
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ pItem = &pAggInfo->aFunc[i];
+ pItem->pExpr = pExpr;
+ pItem->iMem = ++pParse->nMem;
+ assert( !ExprHasProperty(pExpr, EP_IntValue) );
+ pItem->pFunc = sqlite3FindFunction(pParse->db,
+ pExpr->u.zToken, sqlite3Strlen30(pExpr->u.zToken),
+ pExpr->x.pList ? pExpr->x.pList->nExpr : 0, enc, 0);
+ if( pExpr->flags & EP_Distinct ){
+ pItem->iDistinct = pParse->nTab++;
+ }else{
+ pItem->iDistinct = -1;
+ }
+ }
+ }
+ /* Make pExpr point to the appropriate pAggInfo->aFunc[] entry
+ */
+ assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) );
+ ExprSetVVAProperty(pExpr, EP_NoReduce);
+ pExpr->iAgg = (i16)i;
+ pExpr->pAggInfo = pAggInfo;
+ return WRC_Prune;
+ }else{
+ return WRC_Continue;
+ }
+ }
+ }
+ return WRC_Continue;
+}
+static int analyzeAggregatesInSelect(Walker *pWalker, Select *pSelect){
+ UNUSED_PARAMETER(pWalker);
+ UNUSED_PARAMETER(pSelect);
+ return WRC_Continue;
+}
+
+/*
+** Analyze the pExpr expression looking for aggregate functions and
+** for variables that need to be added to AggInfo object that pNC->pAggInfo
+** points to. Additional entries are made on the AggInfo object as
+** necessary.
+**
+** This routine should only be called after the expression has been
+** analyzed by sqlite3ResolveExprNames().
+*/
+SQLITE_PRIVATE void sqlite3ExprAnalyzeAggregates(NameContext *pNC, Expr *pExpr){
+ Walker w;
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = analyzeAggregate;
+ w.xSelectCallback = analyzeAggregatesInSelect;
+ w.u.pNC = pNC;
+ assert( pNC->pSrcList!=0 );
+ sqlite3WalkExpr(&w, pExpr);
+}
+
+/*
+** Call sqlite3ExprAnalyzeAggregates() for every expression in an
+** expression list. Return the number of errors.
+**
+** If an error is found, the analysis is cut short.
+*/
+SQLITE_PRIVATE void sqlite3ExprAnalyzeAggList(NameContext *pNC, ExprList *pList){
+ struct ExprList_item *pItem;
+ int i;
+ if( pList ){
+ for(pItem=pList->a, i=0; i<pList->nExpr; i++, pItem++){
+ sqlite3ExprAnalyzeAggregates(pNC, pItem->pExpr);
+ }
+ }
+}
+
+/*
+** Allocate a single new register for use to hold some intermediate result.
+*/
+SQLITE_PRIVATE int sqlite3GetTempReg(Parse *pParse){
+ if( pParse->nTempReg==0 ){
+ return ++pParse->nMem;
+ }
+ return pParse->aTempReg[--pParse->nTempReg];
+}
+
+/*
+** Deallocate a register, making available for reuse for some other
+** purpose.
+**
+** If a register is currently being used by the column cache, then
+** the deallocation is deferred until the column cache line that uses
+** the register becomes stale.
+*/
+SQLITE_PRIVATE void sqlite3ReleaseTempReg(Parse *pParse, int iReg){
+ if( iReg && pParse->nTempReg<ArraySize(pParse->aTempReg) ){
+ int i;
+ struct yColCache *p;
+ for(i=0, p=pParse->aColCache; i<SQLITE_N_COLCACHE; i++, p++){
+ if( p->iReg==iReg ){
+ p->tempReg = 1;
+ return;
+ }
+ }
+ pParse->aTempReg[pParse->nTempReg++] = iReg;
+ }
+}
+
+/*
+** Allocate or deallocate a block of nReg consecutive registers
+*/
+SQLITE_PRIVATE int sqlite3GetTempRange(Parse *pParse, int nReg){
+ int i, n;
+ i = pParse->iRangeReg;
+ n = pParse->nRangeReg;
+ if( nReg<=n ){
+ assert( !usedAsColumnCache(pParse, i, i+n-1) );
+ pParse->iRangeReg += nReg;
+ pParse->nRangeReg -= nReg;
+ }else{
+ i = pParse->nMem+1;
+ pParse->nMem += nReg;
+ }
+ return i;
+}
+SQLITE_PRIVATE void sqlite3ReleaseTempRange(Parse *pParse, int iReg, int nReg){
+ sqlite3ExprCacheRemove(pParse, iReg, nReg);
+ if( nReg>pParse->nRangeReg ){
+ pParse->nRangeReg = nReg;
+ pParse->iRangeReg = iReg;
+ }
+}
+
+/*
+** Mark all temporary registers as being unavailable for reuse.
+*/
+SQLITE_PRIVATE void sqlite3ClearTempRegCache(Parse *pParse){
+ pParse->nTempReg = 0;
+ pParse->nRangeReg = 0;
+}
+
+/************** End of expr.c ************************************************/
+/************** Begin file alter.c *******************************************/
+/*
+** 2005 February 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains C code routines that used to generate VDBE code
+** that implements the ALTER TABLE command.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** The code in this file only exists if we are not omitting the
+** ALTER TABLE logic from the build.
+*/
+#ifndef SQLITE_OMIT_ALTERTABLE
+
+
+/*
+** This function is used by SQL generated to implement the
+** ALTER TABLE command. The first argument is the text of a CREATE TABLE or
+** CREATE INDEX command. The second is a table name. The table name in
+** the CREATE TABLE or CREATE INDEX statement is replaced with the third
+** argument and the result returned. Examples:
+**
+** sqlite_rename_table('CREATE TABLE abc(a, b, c)', 'def')
+** -> 'CREATE TABLE def(a, b, c)'
+**
+** sqlite_rename_table('CREATE INDEX i ON abc(a)', 'def')
+** -> 'CREATE INDEX i ON def(a, b, c)'
+*/
+static void renameTableFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ unsigned char const *zSql = sqlite3_value_text(argv[0]);
+ unsigned char const *zTableName = sqlite3_value_text(argv[1]);
+
+ int token;
+ Token tname;
+ unsigned char const *zCsr = zSql;
+ int len = 0;
+ char *zRet;
+
+ sqlite3 *db = sqlite3_context_db_handle(context);
+
+ UNUSED_PARAMETER(NotUsed);
+
+ /* The principle used to locate the table name in the CREATE TABLE
+ ** statement is that the table name is the first non-space token that
+ ** is immediately followed by a TK_LP or TK_USING token.
+ */
+ if( zSql ){
+ do {
+ if( !*zCsr ){
+ /* Ran out of input before finding an opening bracket. Return NULL. */
+ return;
+ }
+
+ /* Store the token that zCsr points to in tname. */
+ tname.z = (char*)zCsr;
+ tname.n = len;
+
+ /* Advance zCsr to the next token. Store that token type in 'token',
+ ** and its length in 'len' (to be used next iteration of this loop).
+ */
+ do {
+ zCsr += len;
+ len = sqlite3GetToken(zCsr, &token);
+ } while( token==TK_SPACE );
+ assert( len>0 );
+ } while( token!=TK_LP && token!=TK_USING );
+
+ zRet = sqlite3MPrintf(db, "%.*s\"%w\"%s", (int)(((u8*)tname.z) - zSql),
+ zSql, zTableName, tname.z+tname.n);
+ sqlite3_result_text(context, zRet, -1, SQLITE_DYNAMIC);
+ }
+}
+
+/*
+** This C function implements an SQL user function that is used by SQL code
+** generated by the ALTER TABLE ... RENAME command to modify the definition
+** of any foreign key constraints that use the table being renamed as the
+** parent table. It is passed three arguments:
+**
+** 1) The complete text of the CREATE TABLE statement being modified,
+** 2) The old name of the table being renamed, and
+** 3) The new name of the table being renamed.
+**
+** It returns the new CREATE TABLE statement. For example:
+**
+** sqlite_rename_parent('CREATE TABLE t1(a REFERENCES t2)', 't2', 't3')
+** -> 'CREATE TABLE t1(a REFERENCES t3)'
+*/
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+static void renameParentFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ char *zOutput = 0;
+ char *zResult;
+ unsigned char const *zInput = sqlite3_value_text(argv[0]);
+ unsigned char const *zOld = sqlite3_value_text(argv[1]);
+ unsigned char const *zNew = sqlite3_value_text(argv[2]);
+
+ unsigned const char *z; /* Pointer to token */
+ int n; /* Length of token z */
+ int token; /* Type of token */
+
+ UNUSED_PARAMETER(NotUsed);
+ if( zInput==0 || zOld==0 ) return;
+ for(z=zInput; *z; z=z+n){
+ n = sqlite3GetToken(z, &token);
+ if( token==TK_REFERENCES ){
+ char *zParent;
+ do {
+ z += n;
+ n = sqlite3GetToken(z, &token);
+ }while( token==TK_SPACE );
+
+ if( token==TK_ILLEGAL ) break;
+ zParent = sqlite3DbStrNDup(db, (const char *)z, n);
+ if( zParent==0 ) break;
+ sqlite3Dequote(zParent);
+ if( 0==sqlite3StrICmp((const char *)zOld, zParent) ){
+ char *zOut = sqlite3MPrintf(db, "%s%.*s\"%w\"",
+ (zOutput?zOutput:""), (int)(z-zInput), zInput, (const char *)zNew
+ );
+ sqlite3DbFree(db, zOutput);
+ zOutput = zOut;
+ zInput = &z[n];
+ }
+ sqlite3DbFree(db, zParent);
+ }
+ }
+
+ zResult = sqlite3MPrintf(db, "%s%s", (zOutput?zOutput:""), zInput),
+ sqlite3_result_text(context, zResult, -1, SQLITE_DYNAMIC);
+ sqlite3DbFree(db, zOutput);
+}
+#endif
+
+#ifndef SQLITE_OMIT_TRIGGER
+/* This function is used by SQL generated to implement the
+** ALTER TABLE command. The first argument is the text of a CREATE TRIGGER
+** statement. The second is a table name. The table name in the CREATE
+** TRIGGER statement is replaced with the third argument and the result
+** returned. This is analagous to renameTableFunc() above, except for CREATE
+** TRIGGER, not CREATE INDEX and CREATE TABLE.
+*/
+static void renameTriggerFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ unsigned char const *zSql = sqlite3_value_text(argv[0]);
+ unsigned char const *zTableName = sqlite3_value_text(argv[1]);
+
+ int token;
+ Token tname;
+ int dist = 3;
+ unsigned char const *zCsr = zSql;
+ int len = 0;
+ char *zRet;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+
+ UNUSED_PARAMETER(NotUsed);
+
+ /* The principle used to locate the table name in the CREATE TRIGGER
+ ** statement is that the table name is the first token that is immediately
+ ** preceded by either TK_ON or TK_DOT and immediately followed by one
+ ** of TK_WHEN, TK_BEGIN or TK_FOR.
+ */
+ if( zSql ){
+ do {
+
+ if( !*zCsr ){
+ /* Ran out of input before finding the table name. Return NULL. */
+ return;
+ }
+
+ /* Store the token that zCsr points to in tname. */
+ tname.z = (char*)zCsr;
+ tname.n = len;
+
+ /* Advance zCsr to the next token. Store that token type in 'token',
+ ** and its length in 'len' (to be used next iteration of this loop).
+ */
+ do {
+ zCsr += len;
+ len = sqlite3GetToken(zCsr, &token);
+ }while( token==TK_SPACE );
+ assert( len>0 );
+
+ /* Variable 'dist' stores the number of tokens read since the most
+ ** recent TK_DOT or TK_ON. This means that when a WHEN, FOR or BEGIN
+ ** token is read and 'dist' equals 2, the condition stated above
+ ** to be met.
+ **
+ ** Note that ON cannot be a database, table or column name, so
+ ** there is no need to worry about syntax like
+ ** "CREATE TRIGGER ... ON ON.ON BEGIN ..." etc.
+ */
+ dist++;
+ if( token==TK_DOT || token==TK_ON ){
+ dist = 0;
+ }
+ } while( dist!=2 || (token!=TK_WHEN && token!=TK_FOR && token!=TK_BEGIN) );
+
+ /* Variable tname now contains the token that is the old table-name
+ ** in the CREATE TRIGGER statement.
+ */
+ zRet = sqlite3MPrintf(db, "%.*s\"%w\"%s", (int)(((u8*)tname.z) - zSql),
+ zSql, zTableName, tname.z+tname.n);
+ sqlite3_result_text(context, zRet, -1, SQLITE_DYNAMIC);
+ }
+}
+#endif /* !SQLITE_OMIT_TRIGGER */
+
+/*
+** Register built-in functions used to help implement ALTER TABLE
+*/
+SQLITE_PRIVATE void sqlite3AlterFunctions(void){
+ static SQLITE_WSD FuncDef aAlterTableFuncs[] = {
+ FUNCTION(sqlite_rename_table, 2, 0, 0, renameTableFunc),
+#ifndef SQLITE_OMIT_TRIGGER
+ FUNCTION(sqlite_rename_trigger, 2, 0, 0, renameTriggerFunc),
+#endif
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ FUNCTION(sqlite_rename_parent, 3, 0, 0, renameParentFunc),
+#endif
+ };
+ int i;
+ FuncDefHash *pHash = &GLOBAL(FuncDefHash, sqlite3GlobalFunctions);
+ FuncDef *aFunc = (FuncDef*)&GLOBAL(FuncDef, aAlterTableFuncs);
+
+ for(i=0; i<ArraySize(aAlterTableFuncs); i++){
+ sqlite3FuncDefInsert(pHash, &aFunc[i]);
+ }
+}
+
+/*
+** This function is used to create the text of expressions of the form:
+**
+** name=<constant1> OR name=<constant2> OR ...
+**
+** If argument zWhere is NULL, then a pointer string containing the text
+** "name=<constant>" is returned, where <constant> is the quoted version
+** of the string passed as argument zConstant. The returned buffer is
+** allocated using sqlite3DbMalloc(). It is the responsibility of the
+** caller to ensure that it is eventually freed.
+**
+** If argument zWhere is not NULL, then the string returned is
+** "<where> OR name=<constant>", where <where> is the contents of zWhere.
+** In this case zWhere is passed to sqlite3DbFree() before returning.
+**
+*/
+static char *whereOrName(sqlite3 *db, char *zWhere, char *zConstant){
+ char *zNew;
+ if( !zWhere ){
+ zNew = sqlite3MPrintf(db, "name=%Q", zConstant);
+ }else{
+ zNew = sqlite3MPrintf(db, "%s OR name=%Q", zWhere, zConstant);
+ sqlite3DbFree(db, zWhere);
+ }
+ return zNew;
+}
+
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+/*
+** Generate the text of a WHERE expression which can be used to select all
+** tables that have foreign key constraints that refer to table pTab (i.e.
+** constraints for which pTab is the parent table) from the sqlite_master
+** table.
+*/
+static char *whereForeignKeys(Parse *pParse, Table *pTab){
+ FKey *p;
+ char *zWhere = 0;
+ for(p=sqlite3FkReferences(pTab); p; p=p->pNextTo){
+ zWhere = whereOrName(pParse->db, zWhere, p->pFrom->zName);
+ }
+ return zWhere;
+}
+#endif
+
+/*
+** Generate the text of a WHERE expression which can be used to select all
+** temporary triggers on table pTab from the sqlite_temp_master table. If
+** table pTab has no temporary triggers, or is itself stored in the
+** temporary database, NULL is returned.
+*/
+static char *whereTempTriggers(Parse *pParse, Table *pTab){
+ Trigger *pTrig;
+ char *zWhere = 0;
+ const Schema *pTempSchema = pParse->db->aDb[1].pSchema; /* Temp db schema */
+
+ /* If the table is not located in the temp-db (in which case NULL is
+ ** returned, loop through the tables list of triggers. For each trigger
+ ** that is not part of the temp-db schema, add a clause to the WHERE
+ ** expression being built up in zWhere.
+ */
+ if( pTab->pSchema!=pTempSchema ){
+ sqlite3 *db = pParse->db;
+ for(pTrig=sqlite3TriggerList(pParse, pTab); pTrig; pTrig=pTrig->pNext){
+ if( pTrig->pSchema==pTempSchema ){
+ zWhere = whereOrName(db, zWhere, pTrig->zName);
+ }
+ }
+ }
+ if( zWhere ){
+ char *zNew = sqlite3MPrintf(pParse->db, "type='trigger' AND (%s)", zWhere);
+ sqlite3DbFree(pParse->db, zWhere);
+ zWhere = zNew;
+ }
+ return zWhere;
+}
+
+/*
+** Generate code to drop and reload the internal representation of table
+** pTab from the database, including triggers and temporary triggers.
+** Argument zName is the name of the table in the database schema at
+** the time the generated code is executed. This can be different from
+** pTab->zName if this function is being called to code part of an
+** "ALTER TABLE RENAME TO" statement.
+*/
+static void reloadTableSchema(Parse *pParse, Table *pTab, const char *zName){
+ Vdbe *v;
+ char *zWhere;
+ int iDb; /* Index of database containing pTab */
+#ifndef SQLITE_OMIT_TRIGGER
+ Trigger *pTrig;
+#endif
+
+ v = sqlite3GetVdbe(pParse);
+ if( NEVER(v==0) ) return;
+ assert( sqlite3BtreeHoldsAllMutexes(pParse->db) );
+ iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ assert( iDb>=0 );
+
+#ifndef SQLITE_OMIT_TRIGGER
+ /* Drop any table triggers from the internal schema. */
+ for(pTrig=sqlite3TriggerList(pParse, pTab); pTrig; pTrig=pTrig->pNext){
+ int iTrigDb = sqlite3SchemaToIndex(pParse->db, pTrig->pSchema);
+ assert( iTrigDb==iDb || iTrigDb==1 );
+ sqlite3VdbeAddOp4(v, OP_DropTrigger, iTrigDb, 0, 0, pTrig->zName, 0);
+ }
+#endif
+
+ /* Drop the table and index from the internal schema. */
+ sqlite3VdbeAddOp4(v, OP_DropTable, iDb, 0, 0, pTab->zName, 0);
+
+ /* Reload the table, index and permanent trigger schemas. */
+ zWhere = sqlite3MPrintf(pParse->db, "tbl_name=%Q", zName);
+ if( !zWhere ) return;
+ sqlite3VdbeAddParseSchemaOp(v, iDb, zWhere);
+
+#ifndef SQLITE_OMIT_TRIGGER
+ /* Now, if the table is not stored in the temp database, reload any temp
+ ** triggers. Don't use IN(...) in case SQLITE_OMIT_SUBQUERY is defined.
+ */
+ if( (zWhere=whereTempTriggers(pParse, pTab))!=0 ){
+ sqlite3VdbeAddParseSchemaOp(v, 1, zWhere);
+ }
+#endif
+}
+
+/*
+** Parameter zName is the name of a table that is about to be altered
+** (either with ALTER TABLE ... RENAME TO or ALTER TABLE ... ADD COLUMN).
+** If the table is a system table, this function leaves an error message
+** in pParse->zErr (system tables may not be altered) and returns non-zero.
+**
+** Or, if zName is not a system table, zero is returned.
+*/
+static int isSystemTable(Parse *pParse, const char *zName){
+ if( sqlite3Strlen30(zName)>6 && 0==sqlite3StrNICmp(zName, "sqlite_", 7) ){
+ sqlite3ErrorMsg(pParse, "table %s may not be altered", zName);
+ return 1;
+ }
+ return 0;
+}
+
+/*
+** Generate code to implement the "ALTER TABLE xxx RENAME TO yyy"
+** command.
+*/
+SQLITE_PRIVATE void sqlite3AlterRenameTable(
+ Parse *pParse, /* Parser context. */
+ SrcList *pSrc, /* The table to rename. */
+ Token *pName /* The new table name. */
+){
+ int iDb; /* Database that contains the table */
+ char *zDb; /* Name of database iDb */
+ Table *pTab; /* Table being renamed */
+ char *zName = 0; /* NULL-terminated version of pName */
+ sqlite3 *db = pParse->db; /* Database connection */
+ int nTabName; /* Number of UTF-8 characters in zTabName */
+ const char *zTabName; /* Original name of the table */
+ Vdbe *v;
+#ifndef SQLITE_OMIT_TRIGGER
+ char *zWhere = 0; /* Where clause to locate temp triggers */
+#endif
+ VTable *pVTab = 0; /* Non-zero if this is a v-tab with an xRename() */
+ int savedDbFlags; /* Saved value of db->flags */
+
+ savedDbFlags = db->flags;
+ if( NEVER(db->mallocFailed) ) goto exit_rename_table;
+ assert( pSrc->nSrc==1 );
+ assert( sqlite3BtreeHoldsAllMutexes(pParse->db) );
+
+ pTab = sqlite3LocateTableItem(pParse, 0, &pSrc->a[0]);
+ if( !pTab ) goto exit_rename_table;
+ iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ zDb = db->aDb[iDb].zName;
+ db->flags |= SQLITE_PreferBuiltin;
+
+ /* Get a NULL terminated version of the new table name. */
+ zName = sqlite3NameFromToken(db, pName);
+ if( !zName ) goto exit_rename_table;
+
+ /* Check that a table or index named 'zName' does not already exist
+ ** in database iDb. If so, this is an error.
+ */
+ if( sqlite3FindTable(db, zName, zDb) || sqlite3FindIndex(db, zName, zDb) ){
+ sqlite3ErrorMsg(pParse,
+ "there is already another table or index with this name: %s", zName);
+ goto exit_rename_table;
+ }
+
+ /* Make sure it is not a system table being altered, or a reserved name
+ ** that the table is being renamed to.
+ */
+ if( SQLITE_OK!=isSystemTable(pParse, pTab->zName) ){
+ goto exit_rename_table;
+ }
+ if( SQLITE_OK!=sqlite3CheckObjectName(pParse, zName) ){ goto
+ exit_rename_table;
+ }
+
+#ifndef SQLITE_OMIT_VIEW
+ if( pTab->pSelect ){
+ sqlite3ErrorMsg(pParse, "view %s may not be altered", pTab->zName);
+ goto exit_rename_table;
+ }
+#endif
+
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ /* Invoke the authorization callback. */
+ if( sqlite3AuthCheck(pParse, SQLITE_ALTER_TABLE, zDb, pTab->zName, 0) ){
+ goto exit_rename_table;
+ }
+#endif
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( sqlite3ViewGetColumnNames(pParse, pTab) ){
+ goto exit_rename_table;
+ }
+ if( IsVirtual(pTab) ){
+ pVTab = sqlite3GetVTable(db, pTab);
+ if( pVTab->pVtab->pModule->xRename==0 ){
+ pVTab = 0;
+ }
+ }
+#endif
+
+ /* Begin a transaction for database iDb.
+ ** Then modify the schema cookie (since the ALTER TABLE modifies the
+ ** schema). Open a statement transaction if the table is a virtual
+ ** table.
+ */
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ){
+ goto exit_rename_table;
+ }
+ sqlite3BeginWriteOperation(pParse, pVTab!=0, iDb);
+ sqlite3ChangeCookie(pParse, iDb);
+
+ /* If this is a virtual table, invoke the xRename() function if
+ ** one is defined. The xRename() callback will modify the names
+ ** of any resources used by the v-table implementation (including other
+ ** SQLite tables) that are identified by the name of the virtual table.
+ */
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( pVTab ){
+ int i = ++pParse->nMem;
+ sqlite3VdbeLoadString(v, i, zName);
+ sqlite3VdbeAddOp4(v, OP_VRename, i, 0, 0,(const char*)pVTab, P4_VTAB);
+ sqlite3MayAbort(pParse);
+ }
+#endif
+
+ /* figure out how many UTF-8 characters are in zName */
+ zTabName = pTab->zName;
+ nTabName = sqlite3Utf8CharLen(zTabName, -1);
+
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+ if( db->flags&SQLITE_ForeignKeys ){
+ /* If foreign-key support is enabled, rewrite the CREATE TABLE
+ ** statements corresponding to all child tables of foreign key constraints
+ ** for which the renamed table is the parent table. */
+ if( (zWhere=whereForeignKeys(pParse, pTab))!=0 ){
+ sqlite3NestedParse(pParse,
+ "UPDATE \"%w\".%s SET "
+ "sql = sqlite_rename_parent(sql, %Q, %Q) "
+ "WHERE %s;", zDb, SCHEMA_TABLE(iDb), zTabName, zName, zWhere);
+ sqlite3DbFree(db, zWhere);
+ }
+ }
+#endif
+
+ /* Modify the sqlite_master table to use the new table name. */
+ sqlite3NestedParse(pParse,
+ "UPDATE %Q.%s SET "
+#ifdef SQLITE_OMIT_TRIGGER
+ "sql = sqlite_rename_table(sql, %Q), "
+#else
+ "sql = CASE "
+ "WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)"
+ "ELSE sqlite_rename_table(sql, %Q) END, "
+#endif
+ "tbl_name = %Q, "
+ "name = CASE "
+ "WHEN type='table' THEN %Q "
+ "WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN "
+ "'sqlite_autoindex_' || %Q || substr(name,%d+18) "
+ "ELSE name END "
+ "WHERE tbl_name=%Q COLLATE nocase AND "
+ "(type='table' OR type='index' OR type='trigger');",
+ zDb, SCHEMA_TABLE(iDb), zName, zName, zName,
+#ifndef SQLITE_OMIT_TRIGGER
+ zName,
+#endif
+ zName, nTabName, zTabName
+ );
+
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+ /* If the sqlite_sequence table exists in this database, then update
+ ** it with the new table name.
+ */
+ if( sqlite3FindTable(db, "sqlite_sequence", zDb) ){
+ sqlite3NestedParse(pParse,
+ "UPDATE \"%w\".sqlite_sequence set name = %Q WHERE name = %Q",
+ zDb, zName, pTab->zName);
+ }
+#endif
+
+#ifndef SQLITE_OMIT_TRIGGER
+ /* If there are TEMP triggers on this table, modify the sqlite_temp_master
+ ** table. Don't do this if the table being ALTERed is itself located in
+ ** the temp database.
+ */
+ if( (zWhere=whereTempTriggers(pParse, pTab))!=0 ){
+ sqlite3NestedParse(pParse,
+ "UPDATE sqlite_temp_master SET "
+ "sql = sqlite_rename_trigger(sql, %Q), "
+ "tbl_name = %Q "
+ "WHERE %s;", zName, zName, zWhere);
+ sqlite3DbFree(db, zWhere);
+ }
+#endif
+
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+ if( db->flags&SQLITE_ForeignKeys ){
+ FKey *p;
+ for(p=sqlite3FkReferences(pTab); p; p=p->pNextTo){
+ Table *pFrom = p->pFrom;
+ if( pFrom!=pTab ){
+ reloadTableSchema(pParse, p->pFrom, pFrom->zName);
+ }
+ }
+ }
+#endif
+
+ /* Drop and reload the internal table schema. */
+ reloadTableSchema(pParse, pTab, zName);
+
+exit_rename_table:
+ sqlite3SrcListDelete(db, pSrc);
+ sqlite3DbFree(db, zName);
+ db->flags = savedDbFlags;
+}
+
+
+/*
+** Generate code to make sure the file format number is at least minFormat.
+** The generated code will increase the file format number if necessary.
+*/
+SQLITE_PRIVATE void sqlite3MinimumFileFormat(Parse *pParse, int iDb, int minFormat){
+ Vdbe *v;
+ v = sqlite3GetVdbe(pParse);
+ /* The VDBE should have been allocated before this routine is called.
+ ** If that allocation failed, we would have quit before reaching this
+ ** point */
+ if( ALWAYS(v) ){
+ int r1 = sqlite3GetTempReg(pParse);
+ int r2 = sqlite3GetTempReg(pParse);
+ int addr1;
+ sqlite3VdbeAddOp3(v, OP_ReadCookie, iDb, r1, BTREE_FILE_FORMAT);
+ sqlite3VdbeUsesBtree(v, iDb);
+ sqlite3VdbeAddOp2(v, OP_Integer, minFormat, r2);
+ addr1 = sqlite3VdbeAddOp3(v, OP_Ge, r2, 0, r1);
+ sqlite3VdbeChangeP5(v, SQLITE_NOTNULL); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_SetCookie, iDb, BTREE_FILE_FORMAT, r2);
+ sqlite3VdbeJumpHere(v, addr1);
+ sqlite3ReleaseTempReg(pParse, r1);
+ sqlite3ReleaseTempReg(pParse, r2);
+ }
+}
+
+/*
+** This function is called after an "ALTER TABLE ... ADD" statement
+** has been parsed. Argument pColDef contains the text of the new
+** column definition.
+**
+** The Table structure pParse->pNewTable was extended to include
+** the new column during parsing.
+*/
+SQLITE_PRIVATE void sqlite3AlterFinishAddColumn(Parse *pParse, Token *pColDef){
+ Table *pNew; /* Copy of pParse->pNewTable */
+ Table *pTab; /* Table being altered */
+ int iDb; /* Database number */
+ const char *zDb; /* Database name */
+ const char *zTab; /* Table name */
+ char *zCol; /* Null-terminated column definition */
+ Column *pCol; /* The new column */
+ Expr *pDflt; /* Default value for the new column */
+ sqlite3 *db; /* The database connection; */
+
+ db = pParse->db;
+ if( pParse->nErr || db->mallocFailed ) return;
+ pNew = pParse->pNewTable;
+ assert( pNew );
+
+ assert( sqlite3BtreeHoldsAllMutexes(db) );
+ iDb = sqlite3SchemaToIndex(db, pNew->pSchema);
+ zDb = db->aDb[iDb].zName;
+ zTab = &pNew->zName[16]; /* Skip the "sqlite_altertab_" prefix on the name */
+ pCol = &pNew->aCol[pNew->nCol-1];
+ pDflt = pCol->pDflt;
+ pTab = sqlite3FindTable(db, zTab, zDb);
+ assert( pTab );
+
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ /* Invoke the authorization callback. */
+ if( sqlite3AuthCheck(pParse, SQLITE_ALTER_TABLE, zDb, pTab->zName, 0) ){
+ return;
+ }
+#endif
+
+ /* If the default value for the new column was specified with a
+ ** literal NULL, then set pDflt to 0. This simplifies checking
+ ** for an SQL NULL default below.
+ */
+ if( pDflt && pDflt->op==TK_NULL ){
+ pDflt = 0;
+ }
+
+ /* Check that the new column is not specified as PRIMARY KEY or UNIQUE.
+ ** If there is a NOT NULL constraint, then the default value for the
+ ** column must not be NULL.
+ */
+ if( pCol->colFlags & COLFLAG_PRIMKEY ){
+ sqlite3ErrorMsg(pParse, "Cannot add a PRIMARY KEY column");
+ return;
+ }
+ if( pNew->pIndex ){
+ sqlite3ErrorMsg(pParse, "Cannot add a UNIQUE column");
+ return;
+ }
+ if( (db->flags&SQLITE_ForeignKeys) && pNew->pFKey && pDflt ){
+ sqlite3ErrorMsg(pParse,
+ "Cannot add a REFERENCES column with non-NULL default value");
+ return;
+ }
+ if( pCol->notNull && !pDflt ){
+ sqlite3ErrorMsg(pParse,
+ "Cannot add a NOT NULL column with default value NULL");
+ return;
+ }
+
+ /* Ensure the default expression is something that sqlite3ValueFromExpr()
+ ** can handle (i.e. not CURRENT_TIME etc.)
+ */
+ if( pDflt ){
+ sqlite3_value *pVal = 0;
+ int rc;
+ rc = sqlite3ValueFromExpr(db, pDflt, SQLITE_UTF8, SQLITE_AFF_BLOB, &pVal);
+ assert( rc==SQLITE_OK || rc==SQLITE_NOMEM );
+ if( rc!=SQLITE_OK ){
+ db->mallocFailed = 1;
+ return;
+ }
+ if( !pVal ){
+ sqlite3ErrorMsg(pParse, "Cannot add a column with non-constant default");
+ return;
+ }
+ sqlite3ValueFree(pVal);
+ }
+
+ /* Modify the CREATE TABLE statement. */
+ zCol = sqlite3DbStrNDup(db, (char*)pColDef->z, pColDef->n);
+ if( zCol ){
+ char *zEnd = &zCol[pColDef->n-1];
+ int savedDbFlags = db->flags;
+ while( zEnd>zCol && (*zEnd==';' || sqlite3Isspace(*zEnd)) ){
+ *zEnd-- = '\0';
+ }
+ db->flags |= SQLITE_PreferBuiltin;
+ sqlite3NestedParse(pParse,
+ "UPDATE \"%w\".%s SET "
+ "sql = substr(sql,1,%d) || ', ' || %Q || substr(sql,%d) "
+ "WHERE type = 'table' AND name = %Q",
+ zDb, SCHEMA_TABLE(iDb), pNew->addColOffset, zCol, pNew->addColOffset+1,
+ zTab
+ );
+ sqlite3DbFree(db, zCol);
+ db->flags = savedDbFlags;
+ }
+
+ /* If the default value of the new column is NULL, then set the file
+ ** format to 2. If the default value of the new column is not NULL,
+ ** the file format becomes 3.
+ */
+ sqlite3MinimumFileFormat(pParse, iDb, pDflt ? 3 : 2);
+
+ /* Reload the schema of the modified table. */
+ reloadTableSchema(pParse, pTab, pTab->zName);
+}
+
+/*
+** This function is called by the parser after the table-name in
+** an "ALTER TABLE <table-name> ADD" statement is parsed. Argument
+** pSrc is the full-name of the table being altered.
+**
+** This routine makes a (partial) copy of the Table structure
+** for the table being altered and sets Parse.pNewTable to point
+** to it. Routines called by the parser as the column definition
+** is parsed (i.e. sqlite3AddColumn()) add the new Column data to
+** the copy. The copy of the Table structure is deleted by tokenize.c
+** after parsing is finished.
+**
+** Routine sqlite3AlterFinishAddColumn() will be called to complete
+** coding the "ALTER TABLE ... ADD" statement.
+*/
+SQLITE_PRIVATE void sqlite3AlterBeginAddColumn(Parse *pParse, SrcList *pSrc){
+ Table *pNew;
+ Table *pTab;
+ Vdbe *v;
+ int iDb;
+ int i;
+ int nAlloc;
+ sqlite3 *db = pParse->db;
+
+ /* Look up the table being altered. */
+ assert( pParse->pNewTable==0 );
+ assert( sqlite3BtreeHoldsAllMutexes(db) );
+ if( db->mallocFailed ) goto exit_begin_add_column;
+ pTab = sqlite3LocateTableItem(pParse, 0, &pSrc->a[0]);
+ if( !pTab ) goto exit_begin_add_column;
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( IsVirtual(pTab) ){
+ sqlite3ErrorMsg(pParse, "virtual tables may not be altered");
+ goto exit_begin_add_column;
+ }
+#endif
+
+ /* Make sure this is not an attempt to ALTER a view. */
+ if( pTab->pSelect ){
+ sqlite3ErrorMsg(pParse, "Cannot add a column to a view");
+ goto exit_begin_add_column;
+ }
+ if( SQLITE_OK!=isSystemTable(pParse, pTab->zName) ){
+ goto exit_begin_add_column;
+ }
+
+ assert( pTab->addColOffset>0 );
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+
+ /* Put a copy of the Table struct in Parse.pNewTable for the
+ ** sqlite3AddColumn() function and friends to modify. But modify
+ ** the name by adding an "sqlite_altertab_" prefix. By adding this
+ ** prefix, we insure that the name will not collide with an existing
+ ** table because user table are not allowed to have the "sqlite_"
+ ** prefix on their name.
+ */
+ pNew = (Table*)sqlite3DbMallocZero(db, sizeof(Table));
+ if( !pNew ) goto exit_begin_add_column;
+ pParse->pNewTable = pNew;
+ pNew->nRef = 1;
+ pNew->nCol = pTab->nCol;
+ assert( pNew->nCol>0 );
+ nAlloc = (((pNew->nCol-1)/8)*8)+8;
+ assert( nAlloc>=pNew->nCol && nAlloc%8==0 && nAlloc-pNew->nCol<8 );
+ pNew->aCol = (Column*)sqlite3DbMallocZero(db, sizeof(Column)*nAlloc);
+ pNew->zName = sqlite3MPrintf(db, "sqlite_altertab_%s", pTab->zName);
+ if( !pNew->aCol || !pNew->zName ){
+ db->mallocFailed = 1;
+ goto exit_begin_add_column;
+ }
+ memcpy(pNew->aCol, pTab->aCol, sizeof(Column)*pNew->nCol);
+ for(i=0; i<pNew->nCol; i++){
+ Column *pCol = &pNew->aCol[i];
+ pCol->zName = sqlite3DbStrDup(db, pCol->zName);
+ pCol->zColl = 0;
+ pCol->zType = 0;
+ pCol->pDflt = 0;
+ pCol->zDflt = 0;
+ }
+ pNew->pSchema = db->aDb[iDb].pSchema;
+ pNew->addColOffset = pTab->addColOffset;
+ pNew->nRef = 1;
+
+ /* Begin a transaction and increment the schema cookie. */
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ v = sqlite3GetVdbe(pParse);
+ if( !v ) goto exit_begin_add_column;
+ sqlite3ChangeCookie(pParse, iDb);
+
+exit_begin_add_column:
+ sqlite3SrcListDelete(db, pSrc);
+ return;
+}
+#endif /* SQLITE_ALTER_TABLE */
+
+/************** End of alter.c ***********************************************/
+/************** Begin file analyze.c *****************************************/
+/*
+** 2005-07-08
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code associated with the ANALYZE command.
+**
+** The ANALYZE command gather statistics about the content of tables
+** and indices. These statistics are made available to the query planner
+** to help it make better decisions about how to perform queries.
+**
+** The following system tables are or have been supported:
+**
+** CREATE TABLE sqlite_stat1(tbl, idx, stat);
+** CREATE TABLE sqlite_stat2(tbl, idx, sampleno, sample);
+** CREATE TABLE sqlite_stat3(tbl, idx, nEq, nLt, nDLt, sample);
+** CREATE TABLE sqlite_stat4(tbl, idx, nEq, nLt, nDLt, sample);
+**
+** Additional tables might be added in future releases of SQLite.
+** The sqlite_stat2 table is not created or used unless the SQLite version
+** is between 3.6.18 and 3.7.8, inclusive, and unless SQLite is compiled
+** with SQLITE_ENABLE_STAT2. The sqlite_stat2 table is deprecated.
+** The sqlite_stat2 table is superseded by sqlite_stat3, which is only
+** created and used by SQLite versions 3.7.9 and later and with
+** SQLITE_ENABLE_STAT3 defined. The functionality of sqlite_stat3
+** is a superset of sqlite_stat2. The sqlite_stat4 is an enhanced
+** version of sqlite_stat3 and is only available when compiled with
+** SQLITE_ENABLE_STAT4 and in SQLite versions 3.8.1 and later. It is
+** not possible to enable both STAT3 and STAT4 at the same time. If they
+** are both enabled, then STAT4 takes precedence.
+**
+** For most applications, sqlite_stat1 provides all the statistics required
+** for the query planner to make good choices.
+**
+** Format of sqlite_stat1:
+**
+** There is normally one row per index, with the index identified by the
+** name in the idx column. The tbl column is the name of the table to
+** which the index belongs. In each such row, the stat column will be
+** a string consisting of a list of integers. The first integer in this
+** list is the number of rows in the index. (This is the same as the
+** number of rows in the table, except for partial indices.) The second
+** integer is the average number of rows in the index that have the same
+** value in the first column of the index. The third integer is the average
+** number of rows in the index that have the same value for the first two
+** columns. The N-th integer (for N>1) is the average number of rows in
+** the index which have the same value for the first N-1 columns. For
+** a K-column index, there will be K+1 integers in the stat column. If
+** the index is unique, then the last integer will be 1.
+**
+** The list of integers in the stat column can optionally be followed
+** by the keyword "unordered". The "unordered" keyword, if it is present,
+** must be separated from the last integer by a single space. If the
+** "unordered" keyword is present, then the query planner assumes that
+** the index is unordered and will not use the index for a range query.
+**
+** If the sqlite_stat1.idx column is NULL, then the sqlite_stat1.stat
+** column contains a single integer which is the (estimated) number of
+** rows in the table identified by sqlite_stat1.tbl.
+**
+** Format of sqlite_stat2:
+**
+** The sqlite_stat2 is only created and is only used if SQLite is compiled
+** with SQLITE_ENABLE_STAT2 and if the SQLite version number is between
+** 3.6.18 and 3.7.8. The "stat2" table contains additional information
+** about the distribution of keys within an index. The index is identified by
+** the "idx" column and the "tbl" column is the name of the table to which
+** the index belongs. There are usually 10 rows in the sqlite_stat2
+** table for each index.
+**
+** The sqlite_stat2 entries for an index that have sampleno between 0 and 9
+** inclusive are samples of the left-most key value in the index taken at
+** evenly spaced points along the index. Let the number of samples be S
+** (10 in the standard build) and let C be the number of rows in the index.
+** Then the sampled rows are given by:
+**
+** rownumber = (i*C*2 + C)/(S*2)
+**
+** For i between 0 and S-1. Conceptually, the index space is divided into
+** S uniform buckets and the samples are the middle row from each bucket.
+**
+** The format for sqlite_stat2 is recorded here for legacy reference. This
+** version of SQLite does not support sqlite_stat2. It neither reads nor
+** writes the sqlite_stat2 table. This version of SQLite only supports
+** sqlite_stat3.
+**
+** Format for sqlite_stat3:
+**
+** The sqlite_stat3 format is a subset of sqlite_stat4. Hence, the
+** sqlite_stat4 format will be described first. Further information
+** about sqlite_stat3 follows the sqlite_stat4 description.
+**
+** Format for sqlite_stat4:
+**
+** As with sqlite_stat2, the sqlite_stat4 table contains histogram data
+** to aid the query planner in choosing good indices based on the values
+** that indexed columns are compared against in the WHERE clauses of
+** queries.
+**
+** The sqlite_stat4 table contains multiple entries for each index.
+** The idx column names the index and the tbl column is the table of the
+** index. If the idx and tbl columns are the same, then the sample is
+** of the INTEGER PRIMARY KEY. The sample column is a blob which is the
+** binary encoding of a key from the index. The nEq column is a
+** list of integers. The first integer is the approximate number
+** of entries in the index whose left-most column exactly matches
+** the left-most column of the sample. The second integer in nEq
+** is the approximate number of entries in the index where the
+** first two columns match the first two columns of the sample.
+** And so forth. nLt is another list of integers that show the approximate
+** number of entries that are strictly less than the sample. The first
+** integer in nLt contains the number of entries in the index where the
+** left-most column is less than the left-most column of the sample.
+** The K-th integer in the nLt entry is the number of index entries
+** where the first K columns are less than the first K columns of the
+** sample. The nDLt column is like nLt except that it contains the
+** number of distinct entries in the index that are less than the
+** sample.
+**
+** There can be an arbitrary number of sqlite_stat4 entries per index.
+** The ANALYZE command will typically generate sqlite_stat4 tables
+** that contain between 10 and 40 samples which are distributed across
+** the key space, though not uniformly, and which include samples with
+** large nEq values.
+**
+** Format for sqlite_stat3 redux:
+**
+** The sqlite_stat3 table is like sqlite_stat4 except that it only
+** looks at the left-most column of the index. The sqlite_stat3.sample
+** column contains the actual value of the left-most column instead
+** of a blob encoding of the complete index key as is found in
+** sqlite_stat4.sample. The nEq, nLt, and nDLt entries of sqlite_stat3
+** all contain just a single integer which is the same as the first
+** integer in the equivalent columns in sqlite_stat4.
+*/
+#ifndef SQLITE_OMIT_ANALYZE
+/* #include "sqliteInt.h" */
+
+#if defined(SQLITE_ENABLE_STAT4)
+# define IsStat4 1
+# define IsStat3 0
+#elif defined(SQLITE_ENABLE_STAT3)
+# define IsStat4 0
+# define IsStat3 1
+#else
+# define IsStat4 0
+# define IsStat3 0
+# undef SQLITE_STAT4_SAMPLES
+# define SQLITE_STAT4_SAMPLES 1
+#endif
+#define IsStat34 (IsStat3+IsStat4) /* 1 for STAT3 or STAT4. 0 otherwise */
+
+/*
+** This routine generates code that opens the sqlite_statN tables.
+** The sqlite_stat1 table is always relevant. sqlite_stat2 is now
+** obsolete. sqlite_stat3 and sqlite_stat4 are only opened when
+** appropriate compile-time options are provided.
+**
+** If the sqlite_statN tables do not previously exist, it is created.
+**
+** Argument zWhere may be a pointer to a buffer containing a table name,
+** or it may be a NULL pointer. If it is not NULL, then all entries in
+** the sqlite_statN tables associated with the named table are deleted.
+** If zWhere==0, then code is generated to delete all stat table entries.
+*/
+static void openStatTable(
+ Parse *pParse, /* Parsing context */
+ int iDb, /* The database we are looking in */
+ int iStatCur, /* Open the sqlite_stat1 table on this cursor */
+ const char *zWhere, /* Delete entries for this table or index */
+ const char *zWhereType /* Either "tbl" or "idx" */
+){
+ static const struct {
+ const char *zName;
+ const char *zCols;
+ } aTable[] = {
+ { "sqlite_stat1", "tbl,idx,stat" },
+#if defined(SQLITE_ENABLE_STAT4)
+ { "sqlite_stat4", "tbl,idx,neq,nlt,ndlt,sample" },
+ { "sqlite_stat3", 0 },
+#elif defined(SQLITE_ENABLE_STAT3)
+ { "sqlite_stat3", "tbl,idx,neq,nlt,ndlt,sample" },
+ { "sqlite_stat4", 0 },
+#else
+ { "sqlite_stat3", 0 },
+ { "sqlite_stat4", 0 },
+#endif
+ };
+ int i;
+ sqlite3 *db = pParse->db;
+ Db *pDb;
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ int aRoot[ArraySize(aTable)];
+ u8 aCreateTbl[ArraySize(aTable)];
+
+ if( v==0 ) return;
+ assert( sqlite3BtreeHoldsAllMutexes(db) );
+ assert( sqlite3VdbeDb(v)==db );
+ pDb = &db->aDb[iDb];
+
+ /* Create new statistic tables if they do not exist, or clear them
+ ** if they do already exist.
+ */
+ for(i=0; i<ArraySize(aTable); i++){
+ const char *zTab = aTable[i].zName;
+ Table *pStat;
+ if( (pStat = sqlite3FindTable(db, zTab, pDb->zName))==0 ){
+ if( aTable[i].zCols ){
+ /* The sqlite_statN table does not exist. Create it. Note that a
+ ** side-effect of the CREATE TABLE statement is to leave the rootpage
+ ** of the new table in register pParse->regRoot. This is important
+ ** because the OpenWrite opcode below will be needing it. */
+ sqlite3NestedParse(pParse,
+ "CREATE TABLE %Q.%s(%s)", pDb->zName, zTab, aTable[i].zCols
+ );
+ aRoot[i] = pParse->regRoot;
+ aCreateTbl[i] = OPFLAG_P2ISREG;
+ }
+ }else{
+ /* The table already exists. If zWhere is not NULL, delete all entries
+ ** associated with the table zWhere. If zWhere is NULL, delete the
+ ** entire contents of the table. */
+ aRoot[i] = pStat->tnum;
+ aCreateTbl[i] = 0;
+ sqlite3TableLock(pParse, iDb, aRoot[i], 1, zTab);
+ if( zWhere ){
+ sqlite3NestedParse(pParse,
+ "DELETE FROM %Q.%s WHERE %s=%Q",
+ pDb->zName, zTab, zWhereType, zWhere
+ );
+ }else{
+ /* The sqlite_stat[134] table already exists. Delete all rows. */
+ sqlite3VdbeAddOp2(v, OP_Clear, aRoot[i], iDb);
+ }
+ }
+ }
+
+ /* Open the sqlite_stat[134] tables for writing. */
+ for(i=0; aTable[i].zCols; i++){
+ assert( i<ArraySize(aTable) );
+ sqlite3VdbeAddOp4Int(v, OP_OpenWrite, iStatCur+i, aRoot[i], iDb, 3);
+ sqlite3VdbeChangeP5(v, aCreateTbl[i]);
+ VdbeComment((v, aTable[i].zName));
+ }
+}
+
+/*
+** Recommended number of samples for sqlite_stat4
+*/
+#ifndef SQLITE_STAT4_SAMPLES
+# define SQLITE_STAT4_SAMPLES 24
+#endif
+
+/*
+** Three SQL functions - stat_init(), stat_push(), and stat_get() -
+** share an instance of the following structure to hold their state
+** information.
+*/
+typedef struct Stat4Accum Stat4Accum;
+typedef struct Stat4Sample Stat4Sample;
+struct Stat4Sample {
+ tRowcnt *anEq; /* sqlite_stat4.nEq */
+ tRowcnt *anDLt; /* sqlite_stat4.nDLt */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ tRowcnt *anLt; /* sqlite_stat4.nLt */
+ union {
+ i64 iRowid; /* Rowid in main table of the key */
+ u8 *aRowid; /* Key for WITHOUT ROWID tables */
+ } u;
+ u32 nRowid; /* Sizeof aRowid[] */
+ u8 isPSample; /* True if a periodic sample */
+ int iCol; /* If !isPSample, the reason for inclusion */
+ u32 iHash; /* Tiebreaker hash */
+#endif
+};
+struct Stat4Accum {
+ tRowcnt nRow; /* Number of rows in the entire table */
+ tRowcnt nPSample; /* How often to do a periodic sample */
+ int nCol; /* Number of columns in index + pk/rowid */
+ int nKeyCol; /* Number of index columns w/o the pk/rowid */
+ int mxSample; /* Maximum number of samples to accumulate */
+ Stat4Sample current; /* Current row as a Stat4Sample */
+ u32 iPrn; /* Pseudo-random number used for sampling */
+ Stat4Sample *aBest; /* Array of nCol best samples */
+ int iMin; /* Index in a[] of entry with minimum score */
+ int nSample; /* Current number of samples */
+ int iGet; /* Index of current sample accessed by stat_get() */
+ Stat4Sample *a; /* Array of mxSample Stat4Sample objects */
+ sqlite3 *db; /* Database connection, for malloc() */
+};
+
+/* Reclaim memory used by a Stat4Sample
+*/
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+static void sampleClear(sqlite3 *db, Stat4Sample *p){
+ assert( db!=0 );
+ if( p->nRowid ){
+ sqlite3DbFree(db, p->u.aRowid);
+ p->nRowid = 0;
+ }
+}
+#endif
+
+/* Initialize the BLOB value of a ROWID
+*/
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+static void sampleSetRowid(sqlite3 *db, Stat4Sample *p, int n, const u8 *pData){
+ assert( db!=0 );
+ if( p->nRowid ) sqlite3DbFree(db, p->u.aRowid);
+ p->u.aRowid = sqlite3DbMallocRaw(db, n);
+ if( p->u.aRowid ){
+ p->nRowid = n;
+ memcpy(p->u.aRowid, pData, n);
+ }else{
+ p->nRowid = 0;
+ }
+}
+#endif
+
+/* Initialize the INTEGER value of a ROWID.
+*/
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+static void sampleSetRowidInt64(sqlite3 *db, Stat4Sample *p, i64 iRowid){
+ assert( db!=0 );
+ if( p->nRowid ) sqlite3DbFree(db, p->u.aRowid);
+ p->nRowid = 0;
+ p->u.iRowid = iRowid;
+}
+#endif
+
+
+/*
+** Copy the contents of object (*pFrom) into (*pTo).
+*/
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+static void sampleCopy(Stat4Accum *p, Stat4Sample *pTo, Stat4Sample *pFrom){
+ pTo->isPSample = pFrom->isPSample;
+ pTo->iCol = pFrom->iCol;
+ pTo->iHash = pFrom->iHash;
+ memcpy(pTo->anEq, pFrom->anEq, sizeof(tRowcnt)*p->nCol);
+ memcpy(pTo->anLt, pFrom->anLt, sizeof(tRowcnt)*p->nCol);
+ memcpy(pTo->anDLt, pFrom->anDLt, sizeof(tRowcnt)*p->nCol);
+ if( pFrom->nRowid ){
+ sampleSetRowid(p->db, pTo, pFrom->nRowid, pFrom->u.aRowid);
+ }else{
+ sampleSetRowidInt64(p->db, pTo, pFrom->u.iRowid);
+ }
+}
+#endif
+
+/*
+** Reclaim all memory of a Stat4Accum structure.
+*/
+static void stat4Destructor(void *pOld){
+ Stat4Accum *p = (Stat4Accum*)pOld;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ int i;
+ for(i=0; i<p->nCol; i++) sampleClear(p->db, p->aBest+i);
+ for(i=0; i<p->mxSample; i++) sampleClear(p->db, p->a+i);
+ sampleClear(p->db, &p->current);
+#endif
+ sqlite3DbFree(p->db, p);
+}
+
+/*
+** Implementation of the stat_init(N,K,C) SQL function. The three parameters
+** are:
+** N: The number of columns in the index including the rowid/pk (note 1)
+** K: The number of columns in the index excluding the rowid/pk.
+** C: The number of rows in the index (note 2)
+**
+** Note 1: In the special case of the covering index that implements a
+** WITHOUT ROWID table, N is the number of PRIMARY KEY columns, not the
+** total number of columns in the table.
+**
+** Note 2: C is only used for STAT3 and STAT4.
+**
+** For indexes on ordinary rowid tables, N==K+1. But for indexes on
+** WITHOUT ROWID tables, N=K+P where P is the number of columns in the
+** PRIMARY KEY of the table. The covering index that implements the
+** original WITHOUT ROWID table as N==K as a special case.
+**
+** This routine allocates the Stat4Accum object in heap memory. The return
+** value is a pointer to the Stat4Accum object. The datatype of the
+** return value is BLOB, but it is really just a pointer to the Stat4Accum
+** object.
+*/
+static void statInit(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ Stat4Accum *p;
+ int nCol; /* Number of columns in index being sampled */
+ int nKeyCol; /* Number of key columns */
+ int nColUp; /* nCol rounded up for alignment */
+ int n; /* Bytes of space to allocate */
+ sqlite3 *db; /* Database connection */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ int mxSample = SQLITE_STAT4_SAMPLES;
+#endif
+
+ /* Decode the three function arguments */
+ UNUSED_PARAMETER(argc);
+ nCol = sqlite3_value_int(argv[0]);
+ assert( nCol>0 );
+ nColUp = sizeof(tRowcnt)<8 ? (nCol+1)&~1 : nCol;
+ nKeyCol = sqlite3_value_int(argv[1]);
+ assert( nKeyCol<=nCol );
+ assert( nKeyCol>0 );
+
+ /* Allocate the space required for the Stat4Accum object */
+ n = sizeof(*p)
+ + sizeof(tRowcnt)*nColUp /* Stat4Accum.anEq */
+ + sizeof(tRowcnt)*nColUp /* Stat4Accum.anDLt */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ + sizeof(tRowcnt)*nColUp /* Stat4Accum.anLt */
+ + sizeof(Stat4Sample)*(nCol+mxSample) /* Stat4Accum.aBest[], a[] */
+ + sizeof(tRowcnt)*3*nColUp*(nCol+mxSample)
+#endif
+ ;
+ db = sqlite3_context_db_handle(context);
+ p = sqlite3DbMallocZero(db, n);
+ if( p==0 ){
+ sqlite3_result_error_nomem(context);
+ return;
+ }
+
+ p->db = db;
+ p->nRow = 0;
+ p->nCol = nCol;
+ p->nKeyCol = nKeyCol;
+ p->current.anDLt = (tRowcnt*)&p[1];
+ p->current.anEq = &p->current.anDLt[nColUp];
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ {
+ u8 *pSpace; /* Allocated space not yet assigned */
+ int i; /* Used to iterate through p->aSample[] */
+
+ p->iGet = -1;
+ p->mxSample = mxSample;
+ p->nPSample = (tRowcnt)(sqlite3_value_int64(argv[2])/(mxSample/3+1) + 1);
+ p->current.anLt = &p->current.anEq[nColUp];
+ p->iPrn = 0x689e962d*(u32)nCol ^ 0xd0944565*(u32)sqlite3_value_int(argv[2]);
+
+ /* Set up the Stat4Accum.a[] and aBest[] arrays */
+ p->a = (struct Stat4Sample*)&p->current.anLt[nColUp];
+ p->aBest = &p->a[mxSample];
+ pSpace = (u8*)(&p->a[mxSample+nCol]);
+ for(i=0; i<(mxSample+nCol); i++){
+ p->a[i].anEq = (tRowcnt *)pSpace; pSpace += (sizeof(tRowcnt) * nColUp);
+ p->a[i].anLt = (tRowcnt *)pSpace; pSpace += (sizeof(tRowcnt) * nColUp);
+ p->a[i].anDLt = (tRowcnt *)pSpace; pSpace += (sizeof(tRowcnt) * nColUp);
+ }
+ assert( (pSpace - (u8*)p)==n );
+
+ for(i=0; i<nCol; i++){
+ p->aBest[i].iCol = i;
+ }
+ }
+#endif
+
+ /* Return a pointer to the allocated object to the caller. Note that
+ ** only the pointer (the 2nd parameter) matters. The size of the object
+ ** (given by the 3rd parameter) is never used and can be any positive
+ ** value. */
+ sqlite3_result_blob(context, p, sizeof(*p), stat4Destructor);
+}
+static const FuncDef statInitFuncdef = {
+ 2+IsStat34, /* nArg */
+ SQLITE_UTF8, /* funcFlags */
+ 0, /* pUserData */
+ 0, /* pNext */
+ statInit, /* xFunc */
+ 0, /* xStep */
+ 0, /* xFinalize */
+ "stat_init", /* zName */
+ 0, /* pHash */
+ 0 /* pDestructor */
+};
+
+#ifdef SQLITE_ENABLE_STAT4
+/*
+** pNew and pOld are both candidate non-periodic samples selected for
+** the same column (pNew->iCol==pOld->iCol). Ignoring this column and
+** considering only any trailing columns and the sample hash value, this
+** function returns true if sample pNew is to be preferred over pOld.
+** In other words, if we assume that the cardinalities of the selected
+** column for pNew and pOld are equal, is pNew to be preferred over pOld.
+**
+** This function assumes that for each argument sample, the contents of
+** the anEq[] array from pSample->anEq[pSample->iCol+1] onwards are valid.
+*/
+static int sampleIsBetterPost(
+ Stat4Accum *pAccum,
+ Stat4Sample *pNew,
+ Stat4Sample *pOld
+){
+ int nCol = pAccum->nCol;
+ int i;
+ assert( pNew->iCol==pOld->iCol );
+ for(i=pNew->iCol+1; i<nCol; i++){
+ if( pNew->anEq[i]>pOld->anEq[i] ) return 1;
+ if( pNew->anEq[i]<pOld->anEq[i] ) return 0;
+ }
+ if( pNew->iHash>pOld->iHash ) return 1;
+ return 0;
+}
+#endif
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** Return true if pNew is to be preferred over pOld.
+**
+** This function assumes that for each argument sample, the contents of
+** the anEq[] array from pSample->anEq[pSample->iCol] onwards are valid.
+*/
+static int sampleIsBetter(
+ Stat4Accum *pAccum,
+ Stat4Sample *pNew,
+ Stat4Sample *pOld
+){
+ tRowcnt nEqNew = pNew->anEq[pNew->iCol];
+ tRowcnt nEqOld = pOld->anEq[pOld->iCol];
+
+ assert( pOld->isPSample==0 && pNew->isPSample==0 );
+ assert( IsStat4 || (pNew->iCol==0 && pOld->iCol==0) );
+
+ if( (nEqNew>nEqOld) ) return 1;
+#ifdef SQLITE_ENABLE_STAT4
+ if( nEqNew==nEqOld ){
+ if( pNew->iCol<pOld->iCol ) return 1;
+ return (pNew->iCol==pOld->iCol && sampleIsBetterPost(pAccum, pNew, pOld));
+ }
+ return 0;
+#else
+ return (nEqNew==nEqOld && pNew->iHash>pOld->iHash);
+#endif
+}
+
+/*
+** Copy the contents of sample *pNew into the p->a[] array. If necessary,
+** remove the least desirable sample from p->a[] to make room.
+*/
+static void sampleInsert(Stat4Accum *p, Stat4Sample *pNew, int nEqZero){
+ Stat4Sample *pSample = 0;
+ int i;
+
+ assert( IsStat4 || nEqZero==0 );
+
+#ifdef SQLITE_ENABLE_STAT4
+ if( pNew->isPSample==0 ){
+ Stat4Sample *pUpgrade = 0;
+ assert( pNew->anEq[pNew->iCol]>0 );
+
+ /* This sample is being added because the prefix that ends in column
+ ** iCol occurs many times in the table. However, if we have already
+ ** added a sample that shares this prefix, there is no need to add
+ ** this one. Instead, upgrade the priority of the highest priority
+ ** existing sample that shares this prefix. */
+ for(i=p->nSample-1; i>=0; i--){
+ Stat4Sample *pOld = &p->a[i];
+ if( pOld->anEq[pNew->iCol]==0 ){
+ if( pOld->isPSample ) return;
+ assert( pOld->iCol>pNew->iCol );
+ assert( sampleIsBetter(p, pNew, pOld) );
+ if( pUpgrade==0 || sampleIsBetter(p, pOld, pUpgrade) ){
+ pUpgrade = pOld;
+ }
+ }
+ }
+ if( pUpgrade ){
+ pUpgrade->iCol = pNew->iCol;
+ pUpgrade->anEq[pUpgrade->iCol] = pNew->anEq[pUpgrade->iCol];
+ goto find_new_min;
+ }
+ }
+#endif
+
+ /* If necessary, remove sample iMin to make room for the new sample. */
+ if( p->nSample>=p->mxSample ){
+ Stat4Sample *pMin = &p->a[p->iMin];
+ tRowcnt *anEq = pMin->anEq;
+ tRowcnt *anLt = pMin->anLt;
+ tRowcnt *anDLt = pMin->anDLt;
+ sampleClear(p->db, pMin);
+ memmove(pMin, &pMin[1], sizeof(p->a[0])*(p->nSample-p->iMin-1));
+ pSample = &p->a[p->nSample-1];
+ pSample->nRowid = 0;
+ pSample->anEq = anEq;
+ pSample->anDLt = anDLt;
+ pSample->anLt = anLt;
+ p->nSample = p->mxSample-1;
+ }
+
+ /* The "rows less-than" for the rowid column must be greater than that
+ ** for the last sample in the p->a[] array. Otherwise, the samples would
+ ** be out of order. */
+#ifdef SQLITE_ENABLE_STAT4
+ assert( p->nSample==0
+ || pNew->anLt[p->nCol-1] > p->a[p->nSample-1].anLt[p->nCol-1] );
+#endif
+
+ /* Insert the new sample */
+ pSample = &p->a[p->nSample];
+ sampleCopy(p, pSample, pNew);
+ p->nSample++;
+
+ /* Zero the first nEqZero entries in the anEq[] array. */
+ memset(pSample->anEq, 0, sizeof(tRowcnt)*nEqZero);
+
+#ifdef SQLITE_ENABLE_STAT4
+ find_new_min:
+#endif
+ if( p->nSample>=p->mxSample ){
+ int iMin = -1;
+ for(i=0; i<p->mxSample; i++){
+ if( p->a[i].isPSample ) continue;
+ if( iMin<0 || sampleIsBetter(p, &p->a[iMin], &p->a[i]) ){
+ iMin = i;
+ }
+ }
+ assert( iMin>=0 );
+ p->iMin = iMin;
+ }
+}
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+/*
+** Field iChng of the index being scanned has changed. So at this point
+** p->current contains a sample that reflects the previous row of the
+** index. The value of anEq[iChng] and subsequent anEq[] elements are
+** correct at this point.
+*/
+static void samplePushPrevious(Stat4Accum *p, int iChng){
+#ifdef SQLITE_ENABLE_STAT4
+ int i;
+
+ /* Check if any samples from the aBest[] array should be pushed
+ ** into IndexSample.a[] at this point. */
+ for(i=(p->nCol-2); i>=iChng; i--){
+ Stat4Sample *pBest = &p->aBest[i];
+ pBest->anEq[i] = p->current.anEq[i];
+ if( p->nSample<p->mxSample || sampleIsBetter(p, pBest, &p->a[p->iMin]) ){
+ sampleInsert(p, pBest, i);
+ }
+ }
+
+ /* Update the anEq[] fields of any samples already collected. */
+ for(i=p->nSample-1; i>=0; i--){
+ int j;
+ for(j=iChng; j<p->nCol; j++){
+ if( p->a[i].anEq[j]==0 ) p->a[i].anEq[j] = p->current.anEq[j];
+ }
+ }
+#endif
+
+#if defined(SQLITE_ENABLE_STAT3) && !defined(SQLITE_ENABLE_STAT4)
+ if( iChng==0 ){
+ tRowcnt nLt = p->current.anLt[0];
+ tRowcnt nEq = p->current.anEq[0];
+
+ /* Check if this is to be a periodic sample. If so, add it. */
+ if( (nLt/p->nPSample)!=(nLt+nEq)/p->nPSample ){
+ p->current.isPSample = 1;
+ sampleInsert(p, &p->current, 0);
+ p->current.isPSample = 0;
+ }else
+
+ /* Or if it is a non-periodic sample. Add it in this case too. */
+ if( p->nSample<p->mxSample
+ || sampleIsBetter(p, &p->current, &p->a[p->iMin])
+ ){
+ sampleInsert(p, &p->current, 0);
+ }
+ }
+#endif
+
+#ifndef SQLITE_ENABLE_STAT3_OR_STAT4
+ UNUSED_PARAMETER( p );
+ UNUSED_PARAMETER( iChng );
+#endif
+}
+
+/*
+** Implementation of the stat_push SQL function: stat_push(P,C,R)
+** Arguments:
+**
+** P Pointer to the Stat4Accum object created by stat_init()
+** C Index of left-most column to differ from previous row
+** R Rowid for the current row. Might be a key record for
+** WITHOUT ROWID tables.
+**
+** This SQL function always returns NULL. It's purpose it to accumulate
+** statistical data and/or samples in the Stat4Accum object about the
+** index being analyzed. The stat_get() SQL function will later be used to
+** extract relevant information for constructing the sqlite_statN tables.
+**
+** The R parameter is only used for STAT3 and STAT4
+*/
+static void statPush(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int i;
+
+ /* The three function arguments */
+ Stat4Accum *p = (Stat4Accum*)sqlite3_value_blob(argv[0]);
+ int iChng = sqlite3_value_int(argv[1]);
+
+ UNUSED_PARAMETER( argc );
+ UNUSED_PARAMETER( context );
+ assert( p->nCol>0 );
+ assert( iChng<p->nCol );
+
+ if( p->nRow==0 ){
+ /* This is the first call to this function. Do initialization. */
+ for(i=0; i<p->nCol; i++) p->current.anEq[i] = 1;
+ }else{
+ /* Second and subsequent calls get processed here */
+ samplePushPrevious(p, iChng);
+
+ /* Update anDLt[], anLt[] and anEq[] to reflect the values that apply
+ ** to the current row of the index. */
+ for(i=0; i<iChng; i++){
+ p->current.anEq[i]++;
+ }
+ for(i=iChng; i<p->nCol; i++){
+ p->current.anDLt[i]++;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ p->current.anLt[i] += p->current.anEq[i];
+#endif
+ p->current.anEq[i] = 1;
+ }
+ }
+ p->nRow++;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( sqlite3_value_type(argv[2])==SQLITE_INTEGER ){
+ sampleSetRowidInt64(p->db, &p->current, sqlite3_value_int64(argv[2]));
+ }else{
+ sampleSetRowid(p->db, &p->current, sqlite3_value_bytes(argv[2]),
+ sqlite3_value_blob(argv[2]));
+ }
+ p->current.iHash = p->iPrn = p->iPrn*1103515245 + 12345;
+#endif
+
+#ifdef SQLITE_ENABLE_STAT4
+ {
+ tRowcnt nLt = p->current.anLt[p->nCol-1];
+
+ /* Check if this is to be a periodic sample. If so, add it. */
+ if( (nLt/p->nPSample)!=(nLt+1)/p->nPSample ){
+ p->current.isPSample = 1;
+ p->current.iCol = 0;
+ sampleInsert(p, &p->current, p->nCol-1);
+ p->current.isPSample = 0;
+ }
+
+ /* Update the aBest[] array. */
+ for(i=0; i<(p->nCol-1); i++){
+ p->current.iCol = i;
+ if( i>=iChng || sampleIsBetterPost(p, &p->current, &p->aBest[i]) ){
+ sampleCopy(p, &p->aBest[i], &p->current);
+ }
+ }
+ }
+#endif
+}
+static const FuncDef statPushFuncdef = {
+ 2+IsStat34, /* nArg */
+ SQLITE_UTF8, /* funcFlags */
+ 0, /* pUserData */
+ 0, /* pNext */
+ statPush, /* xFunc */
+ 0, /* xStep */
+ 0, /* xFinalize */
+ "stat_push", /* zName */
+ 0, /* pHash */
+ 0 /* pDestructor */
+};
+
+#define STAT_GET_STAT1 0 /* "stat" column of stat1 table */
+#define STAT_GET_ROWID 1 /* "rowid" column of stat[34] entry */
+#define STAT_GET_NEQ 2 /* "neq" column of stat[34] entry */
+#define STAT_GET_NLT 3 /* "nlt" column of stat[34] entry */
+#define STAT_GET_NDLT 4 /* "ndlt" column of stat[34] entry */
+
+/*
+** Implementation of the stat_get(P,J) SQL function. This routine is
+** used to query statistical information that has been gathered into
+** the Stat4Accum object by prior calls to stat_push(). The P parameter
+** has type BLOB but it is really just a pointer to the Stat4Accum object.
+** The content to returned is determined by the parameter J
+** which is one of the STAT_GET_xxxx values defined above.
+**
+** If neither STAT3 nor STAT4 are enabled, then J is always
+** STAT_GET_STAT1 and is hence omitted and this routine becomes
+** a one-parameter function, stat_get(P), that always returns the
+** stat1 table entry information.
+*/
+static void statGet(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ Stat4Accum *p = (Stat4Accum*)sqlite3_value_blob(argv[0]);
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ /* STAT3 and STAT4 have a parameter on this routine. */
+ int eCall = sqlite3_value_int(argv[1]);
+ assert( argc==2 );
+ assert( eCall==STAT_GET_STAT1 || eCall==STAT_GET_NEQ
+ || eCall==STAT_GET_ROWID || eCall==STAT_GET_NLT
+ || eCall==STAT_GET_NDLT
+ );
+ if( eCall==STAT_GET_STAT1 )
+#else
+ assert( argc==1 );
+#endif
+ {
+ /* Return the value to store in the "stat" column of the sqlite_stat1
+ ** table for this index.
+ **
+ ** The value is a string composed of a list of integers describing
+ ** the index. The first integer in the list is the total number of
+ ** entries in the index. There is one additional integer in the list
+ ** for each indexed column. This additional integer is an estimate of
+ ** the number of rows matched by a stabbing query on the index using
+ ** a key with the corresponding number of fields. In other words,
+ ** if the index is on columns (a,b) and the sqlite_stat1 value is
+ ** "100 10 2", then SQLite estimates that:
+ **
+ ** * the index contains 100 rows,
+ ** * "WHERE a=?" matches 10 rows, and
+ ** * "WHERE a=? AND b=?" matches 2 rows.
+ **
+ ** If D is the count of distinct values and K is the total number of
+ ** rows, then each estimate is computed as:
+ **
+ ** I = (K+D-1)/D
+ */
+ char *z;
+ int i;
+
+ char *zRet = sqlite3MallocZero( (p->nKeyCol+1)*25 );
+ if( zRet==0 ){
+ sqlite3_result_error_nomem(context);
+ return;
+ }
+
+ sqlite3_snprintf(24, zRet, "%llu", (u64)p->nRow);
+ z = zRet + sqlite3Strlen30(zRet);
+ for(i=0; i<p->nKeyCol; i++){
+ u64 nDistinct = p->current.anDLt[i] + 1;
+ u64 iVal = (p->nRow + nDistinct - 1) / nDistinct;
+ sqlite3_snprintf(24, z, " %llu", iVal);
+ z += sqlite3Strlen30(z);
+ assert( p->current.anEq[i] );
+ }
+ assert( z[0]=='\0' && z>zRet );
+
+ sqlite3_result_text(context, zRet, -1, sqlite3_free);
+ }
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ else if( eCall==STAT_GET_ROWID ){
+ if( p->iGet<0 ){
+ samplePushPrevious(p, 0);
+ p->iGet = 0;
+ }
+ if( p->iGet<p->nSample ){
+ Stat4Sample *pS = p->a + p->iGet;
+ if( pS->nRowid==0 ){
+ sqlite3_result_int64(context, pS->u.iRowid);
+ }else{
+ sqlite3_result_blob(context, pS->u.aRowid, pS->nRowid,
+ SQLITE_TRANSIENT);
+ }
+ }
+ }else{
+ tRowcnt *aCnt = 0;
+
+ assert( p->iGet<p->nSample );
+ switch( eCall ){
+ case STAT_GET_NEQ: aCnt = p->a[p->iGet].anEq; break;
+ case STAT_GET_NLT: aCnt = p->a[p->iGet].anLt; break;
+ default: {
+ aCnt = p->a[p->iGet].anDLt;
+ p->iGet++;
+ break;
+ }
+ }
+
+ if( IsStat3 ){
+ sqlite3_result_int64(context, (i64)aCnt[0]);
+ }else{
+ char *zRet = sqlite3MallocZero(p->nCol * 25);
+ if( zRet==0 ){
+ sqlite3_result_error_nomem(context);
+ }else{
+ int i;
+ char *z = zRet;
+ for(i=0; i<p->nCol; i++){
+ sqlite3_snprintf(24, z, "%llu ", (u64)aCnt[i]);
+ z += sqlite3Strlen30(z);
+ }
+ assert( z[0]=='\0' && z>zRet );
+ z[-1] = '\0';
+ sqlite3_result_text(context, zRet, -1, sqlite3_free);
+ }
+ }
+ }
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+#ifndef SQLITE_DEBUG
+ UNUSED_PARAMETER( argc );
+#endif
+}
+static const FuncDef statGetFuncdef = {
+ 1+IsStat34, /* nArg */
+ SQLITE_UTF8, /* funcFlags */
+ 0, /* pUserData */
+ 0, /* pNext */
+ statGet, /* xFunc */
+ 0, /* xStep */
+ 0, /* xFinalize */
+ "stat_get", /* zName */
+ 0, /* pHash */
+ 0 /* pDestructor */
+};
+
+static void callStatGet(Vdbe *v, int regStat4, int iParam, int regOut){
+ assert( regOut!=regStat4 && regOut!=regStat4+1 );
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ sqlite3VdbeAddOp2(v, OP_Integer, iParam, regStat4+1);
+#elif SQLITE_DEBUG
+ assert( iParam==STAT_GET_STAT1 );
+#else
+ UNUSED_PARAMETER( iParam );
+#endif
+ sqlite3VdbeAddOp3(v, OP_Function0, 0, regStat4, regOut);
+ sqlite3VdbeChangeP4(v, -1, (char*)&statGetFuncdef, P4_FUNCDEF);
+ sqlite3VdbeChangeP5(v, 1 + IsStat34);
+}
+
+/*
+** Generate code to do an analysis of all indices associated with
+** a single table.
+*/
+static void analyzeOneTable(
+ Parse *pParse, /* Parser context */
+ Table *pTab, /* Table whose indices are to be analyzed */
+ Index *pOnlyIdx, /* If not NULL, only analyze this one index */
+ int iStatCur, /* Index of VdbeCursor that writes the sqlite_stat1 table */
+ int iMem, /* Available memory locations begin here */
+ int iTab /* Next available cursor */
+){
+ sqlite3 *db = pParse->db; /* Database handle */
+ Index *pIdx; /* An index to being analyzed */
+ int iIdxCur; /* Cursor open on index being analyzed */
+ int iTabCur; /* Table cursor */
+ Vdbe *v; /* The virtual machine being built up */
+ int i; /* Loop counter */
+ int jZeroRows = -1; /* Jump from here if number of rows is zero */
+ int iDb; /* Index of database containing pTab */
+ u8 needTableCnt = 1; /* True to count the table */
+ int regNewRowid = iMem++; /* Rowid for the inserted record */
+ int regStat4 = iMem++; /* Register to hold Stat4Accum object */
+ int regChng = iMem++; /* Index of changed index field */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ int regRowid = iMem++; /* Rowid argument passed to stat_push() */
+#endif
+ int regTemp = iMem++; /* Temporary use register */
+ int regTabname = iMem++; /* Register containing table name */
+ int regIdxname = iMem++; /* Register containing index name */
+ int regStat1 = iMem++; /* Value for the stat column of sqlite_stat1 */
+ int regPrev = iMem; /* MUST BE LAST (see below) */
+
+ pParse->nMem = MAX(pParse->nMem, iMem);
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 || NEVER(pTab==0) ){
+ return;
+ }
+ if( pTab->tnum==0 ){
+ /* Do not gather statistics on views or virtual tables */
+ return;
+ }
+ if( sqlite3_strlike("sqlite_%", pTab->zName, 0)==0 ){
+ /* Do not gather statistics on system tables */
+ return;
+ }
+ assert( sqlite3BtreeHoldsAllMutexes(db) );
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ assert( iDb>=0 );
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ if( sqlite3AuthCheck(pParse, SQLITE_ANALYZE, pTab->zName, 0,
+ db->aDb[iDb].zName ) ){
+ return;
+ }
+#endif
+
+ /* Establish a read-lock on the table at the shared-cache level.
+ ** Open a read-only cursor on the table. Also allocate a cursor number
+ ** to use for scanning indexes (iIdxCur). No index cursor is opened at
+ ** this time though. */
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 0, pTab->zName);
+ iTabCur = iTab++;
+ iIdxCur = iTab++;
+ pParse->nTab = MAX(pParse->nTab, iTab);
+ sqlite3OpenTable(pParse, iTabCur, iDb, pTab, OP_OpenRead);
+ sqlite3VdbeLoadString(v, regTabname, pTab->zName);
+
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ int nCol; /* Number of columns in pIdx. "N" */
+ int addrRewind; /* Address of "OP_Rewind iIdxCur" */
+ int addrNextRow; /* Address of "next_row:" */
+ const char *zIdxName; /* Name of the index */
+ int nColTest; /* Number of columns to test for changes */
+
+ if( pOnlyIdx && pOnlyIdx!=pIdx ) continue;
+ if( pIdx->pPartIdxWhere==0 ) needTableCnt = 0;
+ if( !HasRowid(pTab) && IsPrimaryKeyIndex(pIdx) ){
+ nCol = pIdx->nKeyCol;
+ zIdxName = pTab->zName;
+ nColTest = nCol - 1;
+ }else{
+ nCol = pIdx->nColumn;
+ zIdxName = pIdx->zName;
+ nColTest = pIdx->uniqNotNull ? pIdx->nKeyCol-1 : nCol-1;
+ }
+
+ /* Populate the register containing the index name. */
+ sqlite3VdbeLoadString(v, regIdxname, zIdxName);
+ VdbeComment((v, "Analysis for %s.%s", pTab->zName, zIdxName));
+
+ /*
+ ** Pseudo-code for loop that calls stat_push():
+ **
+ ** Rewind csr
+ ** if eof(csr) goto end_of_scan;
+ ** regChng = 0
+ ** goto chng_addr_0;
+ **
+ ** next_row:
+ ** regChng = 0
+ ** if( idx(0) != regPrev(0) ) goto chng_addr_0
+ ** regChng = 1
+ ** if( idx(1) != regPrev(1) ) goto chng_addr_1
+ ** ...
+ ** regChng = N
+ ** goto chng_addr_N
+ **
+ ** chng_addr_0:
+ ** regPrev(0) = idx(0)
+ ** chng_addr_1:
+ ** regPrev(1) = idx(1)
+ ** ...
+ **
+ ** endDistinctTest:
+ ** regRowid = idx(rowid)
+ ** stat_push(P, regChng, regRowid)
+ ** Next csr
+ ** if !eof(csr) goto next_row;
+ **
+ ** end_of_scan:
+ */
+
+ /* Make sure there are enough memory cells allocated to accommodate
+ ** the regPrev array and a trailing rowid (the rowid slot is required
+ ** when building a record to insert into the sample column of
+ ** the sqlite_stat4 table. */
+ pParse->nMem = MAX(pParse->nMem, regPrev+nColTest);
+
+ /* Open a read-only cursor on the index being analyzed. */
+ assert( iDb==sqlite3SchemaToIndex(db, pIdx->pSchema) );
+ sqlite3VdbeAddOp3(v, OP_OpenRead, iIdxCur, pIdx->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
+ VdbeComment((v, "%s", pIdx->zName));
+
+ /* Invoke the stat_init() function. The arguments are:
+ **
+ ** (1) the number of columns in the index including the rowid
+ ** (or for a WITHOUT ROWID table, the number of PK columns),
+ ** (2) the number of columns in the key without the rowid/pk
+ ** (3) the number of rows in the index,
+ **
+ **
+ ** The third argument is only used for STAT3 and STAT4
+ */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ sqlite3VdbeAddOp2(v, OP_Count, iIdxCur, regStat4+3);
+#endif
+ sqlite3VdbeAddOp2(v, OP_Integer, nCol, regStat4+1);
+ sqlite3VdbeAddOp2(v, OP_Integer, pIdx->nKeyCol, regStat4+2);
+ sqlite3VdbeAddOp3(v, OP_Function0, 0, regStat4+1, regStat4);
+ sqlite3VdbeChangeP4(v, -1, (char*)&statInitFuncdef, P4_FUNCDEF);
+ sqlite3VdbeChangeP5(v, 2+IsStat34);
+
+ /* Implementation of the following:
+ **
+ ** Rewind csr
+ ** if eof(csr) goto end_of_scan;
+ ** regChng = 0
+ ** goto next_push_0;
+ **
+ */
+ addrRewind = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, regChng);
+ addrNextRow = sqlite3VdbeCurrentAddr(v);
+
+ if( nColTest>0 ){
+ int endDistinctTest = sqlite3VdbeMakeLabel(v);
+ int *aGotoChng; /* Array of jump instruction addresses */
+ aGotoChng = sqlite3DbMallocRaw(db, sizeof(int)*nColTest);
+ if( aGotoChng==0 ) continue;
+
+ /*
+ ** next_row:
+ ** regChng = 0
+ ** if( idx(0) != regPrev(0) ) goto chng_addr_0
+ ** regChng = 1
+ ** if( idx(1) != regPrev(1) ) goto chng_addr_1
+ ** ...
+ ** regChng = N
+ ** goto endDistinctTest
+ */
+ sqlite3VdbeAddOp0(v, OP_Goto);
+ addrNextRow = sqlite3VdbeCurrentAddr(v);
+ if( nColTest==1 && pIdx->nKeyCol==1 && IsUniqueIndex(pIdx) ){
+ /* For a single-column UNIQUE index, once we have found a non-NULL
+ ** row, we know that all the rest will be distinct, so skip
+ ** subsequent distinctness tests. */
+ sqlite3VdbeAddOp2(v, OP_NotNull, regPrev, endDistinctTest);
+ VdbeCoverage(v);
+ }
+ for(i=0; i<nColTest; i++){
+ char *pColl = (char*)sqlite3LocateCollSeq(pParse, pIdx->azColl[i]);
+ sqlite3VdbeAddOp2(v, OP_Integer, i, regChng);
+ sqlite3VdbeAddOp3(v, OP_Column, iIdxCur, i, regTemp);
+ aGotoChng[i] =
+ sqlite3VdbeAddOp4(v, OP_Ne, regTemp, 0, regPrev+i, pColl, P4_COLLSEQ);
+ sqlite3VdbeChangeP5(v, SQLITE_NULLEQ);
+ VdbeCoverage(v);
+ }
+ sqlite3VdbeAddOp2(v, OP_Integer, nColTest, regChng);
+ sqlite3VdbeGoto(v, endDistinctTest);
+
+
+ /*
+ ** chng_addr_0:
+ ** regPrev(0) = idx(0)
+ ** chng_addr_1:
+ ** regPrev(1) = idx(1)
+ ** ...
+ */
+ sqlite3VdbeJumpHere(v, addrNextRow-1);
+ for(i=0; i<nColTest; i++){
+ sqlite3VdbeJumpHere(v, aGotoChng[i]);
+ sqlite3VdbeAddOp3(v, OP_Column, iIdxCur, i, regPrev+i);
+ }
+ sqlite3VdbeResolveLabel(v, endDistinctTest);
+ sqlite3DbFree(db, aGotoChng);
+ }
+
+ /*
+ ** chng_addr_N:
+ ** regRowid = idx(rowid) // STAT34 only
+ ** stat_push(P, regChng, regRowid) // 3rd parameter STAT34 only
+ ** Next csr
+ ** if !eof(csr) goto next_row;
+ */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ assert( regRowid==(regStat4+2) );
+ if( HasRowid(pTab) ){
+ sqlite3VdbeAddOp2(v, OP_IdxRowid, iIdxCur, regRowid);
+ }else{
+ Index *pPk = sqlite3PrimaryKeyIndex(pIdx->pTable);
+ int j, k, regKey;
+ regKey = sqlite3GetTempRange(pParse, pPk->nKeyCol);
+ for(j=0; j<pPk->nKeyCol; j++){
+ k = sqlite3ColumnOfIndex(pIdx, pPk->aiColumn[j]);
+ assert( k>=0 && k<pTab->nCol );
+ sqlite3VdbeAddOp3(v, OP_Column, iIdxCur, k, regKey+j);
+ VdbeComment((v, "%s", pTab->aCol[pPk->aiColumn[j]].zName));
+ }
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regKey, pPk->nKeyCol, regRowid);
+ sqlite3ReleaseTempRange(pParse, regKey, pPk->nKeyCol);
+ }
+#endif
+ assert( regChng==(regStat4+1) );
+ sqlite3VdbeAddOp3(v, OP_Function0, 1, regStat4, regTemp);
+ sqlite3VdbeChangeP4(v, -1, (char*)&statPushFuncdef, P4_FUNCDEF);
+ sqlite3VdbeChangeP5(v, 2+IsStat34);
+ sqlite3VdbeAddOp2(v, OP_Next, iIdxCur, addrNextRow); VdbeCoverage(v);
+
+ /* Add the entry to the stat1 table. */
+ callStatGet(v, regStat4, STAT_GET_STAT1, regStat1);
+ assert( "BBB"[0]==SQLITE_AFF_TEXT );
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, regTabname, 3, regTemp, "BBB", 0);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, iStatCur, regNewRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, iStatCur, regTemp, regNewRowid);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+
+ /* Add the entries to the stat3 or stat4 table. */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ {
+ int regEq = regStat1;
+ int regLt = regStat1+1;
+ int regDLt = regStat1+2;
+ int regSample = regStat1+3;
+ int regCol = regStat1+4;
+ int regSampleRowid = regCol + nCol;
+ int addrNext;
+ int addrIsNull;
+ u8 seekOp = HasRowid(pTab) ? OP_NotExists : OP_NotFound;
+
+ pParse->nMem = MAX(pParse->nMem, regCol+nCol);
+
+ addrNext = sqlite3VdbeCurrentAddr(v);
+ callStatGet(v, regStat4, STAT_GET_ROWID, regSampleRowid);
+ addrIsNull = sqlite3VdbeAddOp1(v, OP_IsNull, regSampleRowid);
+ VdbeCoverage(v);
+ callStatGet(v, regStat4, STAT_GET_NEQ, regEq);
+ callStatGet(v, regStat4, STAT_GET_NLT, regLt);
+ callStatGet(v, regStat4, STAT_GET_NDLT, regDLt);
+ sqlite3VdbeAddOp4Int(v, seekOp, iTabCur, addrNext, regSampleRowid, 0);
+ /* We know that the regSampleRowid row exists because it was read by
+ ** the previous loop. Thus the not-found jump of seekOp will never
+ ** be taken */
+ VdbeCoverageNeverTaken(v);
+#ifdef SQLITE_ENABLE_STAT3
+ sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iTabCur, 0, regSample);
+#else
+ for(i=0; i<nCol; i++){
+ sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iTabCur, i, regCol+i);
+ }
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regCol, nCol, regSample);
+#endif
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regTabname, 6, regTemp);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, iStatCur+1, regNewRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, iStatCur+1, regTemp, regNewRowid);
+ sqlite3VdbeAddOp2(v, OP_Goto, 1, addrNext); /* P1==1 for end-of-loop */
+ sqlite3VdbeJumpHere(v, addrIsNull);
+ }
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+ /* End of analysis */
+ sqlite3VdbeJumpHere(v, addrRewind);
+ }
+
+
+ /* Create a single sqlite_stat1 entry containing NULL as the index
+ ** name and the row count as the content.
+ */
+ if( pOnlyIdx==0 && needTableCnt ){
+ VdbeComment((v, "%s", pTab->zName));
+ sqlite3VdbeAddOp2(v, OP_Count, iTabCur, regStat1);
+ jZeroRows = sqlite3VdbeAddOp1(v, OP_IfNot, regStat1); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regIdxname);
+ assert( "BBB"[0]==SQLITE_AFF_TEXT );
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, regTabname, 3, regTemp, "BBB", 0);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, iStatCur, regNewRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, iStatCur, regTemp, regNewRowid);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+ sqlite3VdbeJumpHere(v, jZeroRows);
+ }
+}
+
+
+/*
+** Generate code that will cause the most recent index analysis to
+** be loaded into internal hash tables where is can be used.
+*/
+static void loadAnalysis(Parse *pParse, int iDb){
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ if( v ){
+ sqlite3VdbeAddOp1(v, OP_LoadAnalysis, iDb);
+ }
+}
+
+/*
+** Generate code that will do an analysis of an entire database
+*/
+static void analyzeDatabase(Parse *pParse, int iDb){
+ sqlite3 *db = pParse->db;
+ Schema *pSchema = db->aDb[iDb].pSchema; /* Schema of database iDb */
+ HashElem *k;
+ int iStatCur;
+ int iMem;
+ int iTab;
+
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ iStatCur = pParse->nTab;
+ pParse->nTab += 3;
+ openStatTable(pParse, iDb, iStatCur, 0, 0);
+ iMem = pParse->nMem+1;
+ iTab = pParse->nTab;
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ for(k=sqliteHashFirst(&pSchema->tblHash); k; k=sqliteHashNext(k)){
+ Table *pTab = (Table*)sqliteHashData(k);
+ analyzeOneTable(pParse, pTab, 0, iStatCur, iMem, iTab);
+ }
+ loadAnalysis(pParse, iDb);
+}
+
+/*
+** Generate code that will do an analysis of a single table in
+** a database. If pOnlyIdx is not NULL then it is a single index
+** in pTab that should be analyzed.
+*/
+static void analyzeTable(Parse *pParse, Table *pTab, Index *pOnlyIdx){
+ int iDb;
+ int iStatCur;
+
+ assert( pTab!=0 );
+ assert( sqlite3BtreeHoldsAllMutexes(pParse->db) );
+ iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ iStatCur = pParse->nTab;
+ pParse->nTab += 3;
+ if( pOnlyIdx ){
+ openStatTable(pParse, iDb, iStatCur, pOnlyIdx->zName, "idx");
+ }else{
+ openStatTable(pParse, iDb, iStatCur, pTab->zName, "tbl");
+ }
+ analyzeOneTable(pParse, pTab, pOnlyIdx, iStatCur,pParse->nMem+1,pParse->nTab);
+ loadAnalysis(pParse, iDb);
+}
+
+/*
+** Generate code for the ANALYZE command. The parser calls this routine
+** when it recognizes an ANALYZE command.
+**
+** ANALYZE -- 1
+** ANALYZE <database> -- 2
+** ANALYZE ?<database>.?<tablename> -- 3
+**
+** Form 1 causes all indices in all attached databases to be analyzed.
+** Form 2 analyzes all indices the single database named.
+** Form 3 analyzes all indices associated with the named table.
+*/
+SQLITE_PRIVATE void sqlite3Analyze(Parse *pParse, Token *pName1, Token *pName2){
+ sqlite3 *db = pParse->db;
+ int iDb;
+ int i;
+ char *z, *zDb;
+ Table *pTab;
+ Index *pIdx;
+ Token *pTableName;
+ Vdbe *v;
+
+ /* Read the database schema. If an error occurs, leave an error message
+ ** and code in pParse and return NULL. */
+ assert( sqlite3BtreeHoldsAllMutexes(pParse->db) );
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ return;
+ }
+
+ assert( pName2!=0 || pName1==0 );
+ if( pName1==0 ){
+ /* Form 1: Analyze everything */
+ for(i=0; i<db->nDb; i++){
+ if( i==1 ) continue; /* Do not analyze the TEMP database */
+ analyzeDatabase(pParse, i);
+ }
+ }else if( pName2->n==0 ){
+ /* Form 2: Analyze the database or table named */
+ iDb = sqlite3FindDb(db, pName1);
+ if( iDb>=0 ){
+ analyzeDatabase(pParse, iDb);
+ }else{
+ z = sqlite3NameFromToken(db, pName1);
+ if( z ){
+ if( (pIdx = sqlite3FindIndex(db, z, 0))!=0 ){
+ analyzeTable(pParse, pIdx->pTable, pIdx);
+ }else if( (pTab = sqlite3LocateTable(pParse, 0, z, 0))!=0 ){
+ analyzeTable(pParse, pTab, 0);
+ }
+ sqlite3DbFree(db, z);
+ }
+ }
+ }else{
+ /* Form 3: Analyze the fully qualified table name */
+ iDb = sqlite3TwoPartName(pParse, pName1, pName2, &pTableName);
+ if( iDb>=0 ){
+ zDb = db->aDb[iDb].zName;
+ z = sqlite3NameFromToken(db, pTableName);
+ if( z ){
+ if( (pIdx = sqlite3FindIndex(db, z, zDb))!=0 ){
+ analyzeTable(pParse, pIdx->pTable, pIdx);
+ }else if( (pTab = sqlite3LocateTable(pParse, 0, z, zDb))!=0 ){
+ analyzeTable(pParse, pTab, 0);
+ }
+ sqlite3DbFree(db, z);
+ }
+ }
+ }
+ v = sqlite3GetVdbe(pParse);
+ if( v ) sqlite3VdbeAddOp0(v, OP_Expire);
+}
+
+/*
+** Used to pass information from the analyzer reader through to the
+** callback routine.
+*/
+typedef struct analysisInfo analysisInfo;
+struct analysisInfo {
+ sqlite3 *db;
+ const char *zDatabase;
+};
+
+/*
+** The first argument points to a nul-terminated string containing a
+** list of space separated integers. Read the first nOut of these into
+** the array aOut[].
+*/
+static void decodeIntArray(
+ char *zIntArray, /* String containing int array to decode */
+ int nOut, /* Number of slots in aOut[] */
+ tRowcnt *aOut, /* Store integers here */
+ LogEst *aLog, /* Or, if aOut==0, here */
+ Index *pIndex /* Handle extra flags for this index, if not NULL */
+){
+ char *z = zIntArray;
+ int c;
+ int i;
+ tRowcnt v;
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( z==0 ) z = "";
+#else
+ assert( z!=0 );
+#endif
+ for(i=0; *z && i<nOut; i++){
+ v = 0;
+ while( (c=z[0])>='0' && c<='9' ){
+ v = v*10 + c - '0';
+ z++;
+ }
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( aOut ) aOut[i] = v;
+ if( aLog ) aLog[i] = sqlite3LogEst(v);
+#else
+ assert( aOut==0 );
+ UNUSED_PARAMETER(aOut);
+ assert( aLog!=0 );
+ aLog[i] = sqlite3LogEst(v);
+#endif
+ if( *z==' ' ) z++;
+ }
+#ifndef SQLITE_ENABLE_STAT3_OR_STAT4
+ assert( pIndex!=0 ); {
+#else
+ if( pIndex ){
+#endif
+ pIndex->bUnordered = 0;
+ pIndex->noSkipScan = 0;
+ while( z[0] ){
+ if( sqlite3_strglob("unordered*", z)==0 ){
+ pIndex->bUnordered = 1;
+ }else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){
+ pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3));
+ }else if( sqlite3_strglob("noskipscan*", z)==0 ){
+ pIndex->noSkipScan = 1;
+ }
+#ifdef SQLITE_ENABLE_COSTMULT
+ else if( sqlite3_strglob("costmult=[0-9]*",z)==0 ){
+ pIndex->pTable->costMult = sqlite3LogEst(sqlite3Atoi(z+9));
+ }
+#endif
+ while( z[0]!=0 && z[0]!=' ' ) z++;
+ while( z[0]==' ' ) z++;
+ }
+ }
+}
+
+/*
+** This callback is invoked once for each index when reading the
+** sqlite_stat1 table.
+**
+** argv[0] = name of the table
+** argv[1] = name of the index (might be NULL)
+** argv[2] = results of analysis - on integer for each column
+**
+** Entries for which argv[1]==NULL simply record the number of rows in
+** the table.
+*/
+static int analysisLoader(void *pData, int argc, char **argv, char **NotUsed){
+ analysisInfo *pInfo = (analysisInfo*)pData;
+ Index *pIndex;
+ Table *pTable;
+ const char *z;
+
+ assert( argc==3 );
+ UNUSED_PARAMETER2(NotUsed, argc);
+
+ if( argv==0 || argv[0]==0 || argv[2]==0 ){
+ return 0;
+ }
+ pTable = sqlite3FindTable(pInfo->db, argv[0], pInfo->zDatabase);
+ if( pTable==0 ){
+ return 0;
+ }
+ if( argv[1]==0 ){
+ pIndex = 0;
+ }else if( sqlite3_stricmp(argv[0],argv[1])==0 ){
+ pIndex = sqlite3PrimaryKeyIndex(pTable);
+ }else{
+ pIndex = sqlite3FindIndex(pInfo->db, argv[1], pInfo->zDatabase);
+ }
+ z = argv[2];
+
+ if( pIndex ){
+ tRowcnt *aiRowEst = 0;
+ int nCol = pIndex->nKeyCol+1;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ /* Index.aiRowEst may already be set here if there are duplicate
+ ** sqlite_stat1 entries for this index. In that case just clobber
+ ** the old data with the new instead of allocating a new array. */
+ if( pIndex->aiRowEst==0 ){
+ pIndex->aiRowEst = (tRowcnt*)sqlite3MallocZero(sizeof(tRowcnt) * nCol);
+ if( pIndex->aiRowEst==0 ) pInfo->db->mallocFailed = 1;
+ }
+ aiRowEst = pIndex->aiRowEst;
+#endif
+ pIndex->bUnordered = 0;
+ decodeIntArray((char*)z, nCol, aiRowEst, pIndex->aiRowLogEst, pIndex);
+ if( pIndex->pPartIdxWhere==0 ) pTable->nRowLogEst = pIndex->aiRowLogEst[0];
+ }else{
+ Index fakeIdx;
+ fakeIdx.szIdxRow = pTable->szTabRow;
+#ifdef SQLITE_ENABLE_COSTMULT
+ fakeIdx.pTable = pTable;
+#endif
+ decodeIntArray((char*)z, 1, 0, &pTable->nRowLogEst, &fakeIdx);
+ pTable->szTabRow = fakeIdx.szIdxRow;
+ }
+
+ return 0;
+}
+
+/*
+** If the Index.aSample variable is not NULL, delete the aSample[] array
+** and its contents.
+*/
+SQLITE_PRIVATE void sqlite3DeleteIndexSamples(sqlite3 *db, Index *pIdx){
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( pIdx->aSample ){
+ int j;
+ for(j=0; j<pIdx->nSample; j++){
+ IndexSample *p = &pIdx->aSample[j];
+ sqlite3DbFree(db, p->p);
+ }
+ sqlite3DbFree(db, pIdx->aSample);
+ }
+ if( db && db->pnBytesFreed==0 ){
+ pIdx->nSample = 0;
+ pIdx->aSample = 0;
+ }
+#else
+ UNUSED_PARAMETER(db);
+ UNUSED_PARAMETER(pIdx);
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+}
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** Populate the pIdx->aAvgEq[] array based on the samples currently
+** stored in pIdx->aSample[].
+*/
+static void initAvgEq(Index *pIdx){
+ if( pIdx ){
+ IndexSample *aSample = pIdx->aSample;
+ IndexSample *pFinal = &aSample[pIdx->nSample-1];
+ int iCol;
+ int nCol = 1;
+ if( pIdx->nSampleCol>1 ){
+ /* If this is stat4 data, then calculate aAvgEq[] values for all
+ ** sample columns except the last. The last is always set to 1, as
+ ** once the trailing PK fields are considered all index keys are
+ ** unique. */
+ nCol = pIdx->nSampleCol-1;
+ pIdx->aAvgEq[nCol] = 1;
+ }
+ for(iCol=0; iCol<nCol; iCol++){
+ int nSample = pIdx->nSample;
+ int i; /* Used to iterate through samples */
+ tRowcnt sumEq = 0; /* Sum of the nEq values */
+ tRowcnt avgEq = 0;
+ tRowcnt nRow; /* Number of rows in index */
+ i64 nSum100 = 0; /* Number of terms contributing to sumEq */
+ i64 nDist100; /* Number of distinct values in index */
+
+ if( !pIdx->aiRowEst || iCol>=pIdx->nKeyCol || pIdx->aiRowEst[iCol+1]==0 ){
+ nRow = pFinal->anLt[iCol];
+ nDist100 = (i64)100 * pFinal->anDLt[iCol];
+ nSample--;
+ }else{
+ nRow = pIdx->aiRowEst[0];
+ nDist100 = ((i64)100 * pIdx->aiRowEst[0]) / pIdx->aiRowEst[iCol+1];
+ }
+ pIdx->nRowEst0 = nRow;
+
+ /* Set nSum to the number of distinct (iCol+1) field prefixes that
+ ** occur in the stat4 table for this index. Set sumEq to the sum of
+ ** the nEq values for column iCol for the same set (adding the value
+ ** only once where there exist duplicate prefixes). */
+ for(i=0; i<nSample; i++){
+ if( i==(pIdx->nSample-1)
+ || aSample[i].anDLt[iCol]!=aSample[i+1].anDLt[iCol]
+ ){
+ sumEq += aSample[i].anEq[iCol];
+ nSum100 += 100;
+ }
+ }
+
+ if( nDist100>nSum100 ){
+ avgEq = ((i64)100 * (nRow - sumEq))/(nDist100 - nSum100);
+ }
+ if( avgEq==0 ) avgEq = 1;
+ pIdx->aAvgEq[iCol] = avgEq;
+ }
+ }
+}
+
+/*
+** Look up an index by name. Or, if the name of a WITHOUT ROWID table
+** is supplied instead, find the PRIMARY KEY index for that table.
+*/
+static Index *findIndexOrPrimaryKey(
+ sqlite3 *db,
+ const char *zName,
+ const char *zDb
+){
+ Index *pIdx = sqlite3FindIndex(db, zName, zDb);
+ if( pIdx==0 ){
+ Table *pTab = sqlite3FindTable(db, zName, zDb);
+ if( pTab && !HasRowid(pTab) ) pIdx = sqlite3PrimaryKeyIndex(pTab);
+ }
+ return pIdx;
+}
+
+/*
+** Load the content from either the sqlite_stat4 or sqlite_stat3 table
+** into the relevant Index.aSample[] arrays.
+**
+** Arguments zSql1 and zSql2 must point to SQL statements that return
+** data equivalent to the following (statements are different for stat3,
+** see the caller of this function for details):
+**
+** zSql1: SELECT idx,count(*) FROM %Q.sqlite_stat4 GROUP BY idx
+** zSql2: SELECT idx,neq,nlt,ndlt,sample FROM %Q.sqlite_stat4
+**
+** where %Q is replaced with the database name before the SQL is executed.
+*/
+static int loadStatTbl(
+ sqlite3 *db, /* Database handle */
+ int bStat3, /* Assume single column records only */
+ const char *zSql1, /* SQL statement 1 (see above) */
+ const char *zSql2, /* SQL statement 2 (see above) */
+ const char *zDb /* Database name (e.g. "main") */
+){
+ int rc; /* Result codes from subroutines */
+ sqlite3_stmt *pStmt = 0; /* An SQL statement being run */
+ char *zSql; /* Text of the SQL statement */
+ Index *pPrevIdx = 0; /* Previous index in the loop */
+ IndexSample *pSample; /* A slot in pIdx->aSample[] */
+
+ assert( db->lookaside.bEnabled==0 );
+ zSql = sqlite3MPrintf(db, zSql1, zDb);
+ if( !zSql ){
+ return SQLITE_NOMEM;
+ }
+ rc = sqlite3_prepare(db, zSql, -1, &pStmt, 0);
+ sqlite3DbFree(db, zSql);
+ if( rc ) return rc;
+
+ while( sqlite3_step(pStmt)==SQLITE_ROW ){
+ int nIdxCol = 1; /* Number of columns in stat4 records */
+
+ char *zIndex; /* Index name */
+ Index *pIdx; /* Pointer to the index object */
+ int nSample; /* Number of samples */
+ int nByte; /* Bytes of space required */
+ int i; /* Bytes of space required */
+ tRowcnt *pSpace;
+
+ zIndex = (char *)sqlite3_column_text(pStmt, 0);
+ if( zIndex==0 ) continue;
+ nSample = sqlite3_column_int(pStmt, 1);
+ pIdx = findIndexOrPrimaryKey(db, zIndex, zDb);
+ assert( pIdx==0 || bStat3 || pIdx->nSample==0 );
+ /* Index.nSample is non-zero at this point if data has already been
+ ** loaded from the stat4 table. In this case ignore stat3 data. */
+ if( pIdx==0 || pIdx->nSample ) continue;
+ if( bStat3==0 ){
+ assert( !HasRowid(pIdx->pTable) || pIdx->nColumn==pIdx->nKeyCol+1 );
+ if( !HasRowid(pIdx->pTable) && IsPrimaryKeyIndex(pIdx) ){
+ nIdxCol = pIdx->nKeyCol;
+ }else{
+ nIdxCol = pIdx->nColumn;
+ }
+ }
+ pIdx->nSampleCol = nIdxCol;
+ nByte = sizeof(IndexSample) * nSample;
+ nByte += sizeof(tRowcnt) * nIdxCol * 3 * nSample;
+ nByte += nIdxCol * sizeof(tRowcnt); /* Space for Index.aAvgEq[] */
+
+ pIdx->aSample = sqlite3DbMallocZero(db, nByte);
+ if( pIdx->aSample==0 ){
+ sqlite3_finalize(pStmt);
+ return SQLITE_NOMEM;
+ }
+ pSpace = (tRowcnt*)&pIdx->aSample[nSample];
+ pIdx->aAvgEq = pSpace; pSpace += nIdxCol;
+ for(i=0; i<nSample; i++){
+ pIdx->aSample[i].anEq = pSpace; pSpace += nIdxCol;
+ pIdx->aSample[i].anLt = pSpace; pSpace += nIdxCol;
+ pIdx->aSample[i].anDLt = pSpace; pSpace += nIdxCol;
+ }
+ assert( ((u8*)pSpace)-nByte==(u8*)(pIdx->aSample) );
+ }
+ rc = sqlite3_finalize(pStmt);
+ if( rc ) return rc;
+
+ zSql = sqlite3MPrintf(db, zSql2, zDb);
+ if( !zSql ){
+ return SQLITE_NOMEM;
+ }
+ rc = sqlite3_prepare(db, zSql, -1, &pStmt, 0);
+ sqlite3DbFree(db, zSql);
+ if( rc ) return rc;
+
+ while( sqlite3_step(pStmt)==SQLITE_ROW ){
+ char *zIndex; /* Index name */
+ Index *pIdx; /* Pointer to the index object */
+ int nCol = 1; /* Number of columns in index */
+
+ zIndex = (char *)sqlite3_column_text(pStmt, 0);
+ if( zIndex==0 ) continue;
+ pIdx = findIndexOrPrimaryKey(db, zIndex, zDb);
+ if( pIdx==0 ) continue;
+ /* This next condition is true if data has already been loaded from
+ ** the sqlite_stat4 table. In this case ignore stat3 data. */
+ nCol = pIdx->nSampleCol;
+ if( bStat3 && nCol>1 ) continue;
+ if( pIdx!=pPrevIdx ){
+ initAvgEq(pPrevIdx);
+ pPrevIdx = pIdx;
+ }
+ pSample = &pIdx->aSample[pIdx->nSample];
+ decodeIntArray((char*)sqlite3_column_text(pStmt,1),nCol,pSample->anEq,0,0);
+ decodeIntArray((char*)sqlite3_column_text(pStmt,2),nCol,pSample->anLt,0,0);
+ decodeIntArray((char*)sqlite3_column_text(pStmt,3),nCol,pSample->anDLt,0,0);
+
+ /* Take a copy of the sample. Add two 0x00 bytes the end of the buffer.
+ ** This is in case the sample record is corrupted. In that case, the
+ ** sqlite3VdbeRecordCompare() may read up to two varints past the
+ ** end of the allocated buffer before it realizes it is dealing with
+ ** a corrupt record. Adding the two 0x00 bytes prevents this from causing
+ ** a buffer overread. */
+ pSample->n = sqlite3_column_bytes(pStmt, 4);
+ pSample->p = sqlite3DbMallocZero(db, pSample->n + 2);
+ if( pSample->p==0 ){
+ sqlite3_finalize(pStmt);
+ return SQLITE_NOMEM;
+ }
+ memcpy(pSample->p, sqlite3_column_blob(pStmt, 4), pSample->n);
+ pIdx->nSample++;
+ }
+ rc = sqlite3_finalize(pStmt);
+ if( rc==SQLITE_OK ) initAvgEq(pPrevIdx);
+ return rc;
+}
+
+/*
+** Load content from the sqlite_stat4 and sqlite_stat3 tables into
+** the Index.aSample[] arrays of all indices.
+*/
+static int loadStat4(sqlite3 *db, const char *zDb){
+ int rc = SQLITE_OK; /* Result codes from subroutines */
+
+ assert( db->lookaside.bEnabled==0 );
+ if( sqlite3FindTable(db, "sqlite_stat4", zDb) ){
+ rc = loadStatTbl(db, 0,
+ "SELECT idx,count(*) FROM %Q.sqlite_stat4 GROUP BY idx",
+ "SELECT idx,neq,nlt,ndlt,sample FROM %Q.sqlite_stat4",
+ zDb
+ );
+ }
+
+ if( rc==SQLITE_OK && sqlite3FindTable(db, "sqlite_stat3", zDb) ){
+ rc = loadStatTbl(db, 1,
+ "SELECT idx,count(*) FROM %Q.sqlite_stat3 GROUP BY idx",
+ "SELECT idx,neq,nlt,ndlt,sqlite_record(sample) FROM %Q.sqlite_stat3",
+ zDb
+ );
+ }
+
+ return rc;
+}
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+/*
+** Load the content of the sqlite_stat1 and sqlite_stat3/4 tables. The
+** contents of sqlite_stat1 are used to populate the Index.aiRowEst[]
+** arrays. The contents of sqlite_stat3/4 are used to populate the
+** Index.aSample[] arrays.
+**
+** If the sqlite_stat1 table is not present in the database, SQLITE_ERROR
+** is returned. In this case, even if SQLITE_ENABLE_STAT3/4 was defined
+** during compilation and the sqlite_stat3/4 table is present, no data is
+** read from it.
+**
+** If SQLITE_ENABLE_STAT3/4 was defined during compilation and the
+** sqlite_stat4 table is not present in the database, SQLITE_ERROR is
+** returned. However, in this case, data is read from the sqlite_stat1
+** table (if it is present) before returning.
+**
+** If an OOM error occurs, this function always sets db->mallocFailed.
+** This means if the caller does not care about other errors, the return
+** code may be ignored.
+*/
+SQLITE_PRIVATE int sqlite3AnalysisLoad(sqlite3 *db, int iDb){
+ analysisInfo sInfo;
+ HashElem *i;
+ char *zSql;
+ int rc;
+
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( db->aDb[iDb].pBt!=0 );
+
+ /* Clear any prior statistics */
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ for(i=sqliteHashFirst(&db->aDb[iDb].pSchema->idxHash);i;i=sqliteHashNext(i)){
+ Index *pIdx = sqliteHashData(i);
+ sqlite3DefaultRowEst(pIdx);
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ sqlite3DeleteIndexSamples(db, pIdx);
+ pIdx->aSample = 0;
+#endif
+ }
+
+ /* Check to make sure the sqlite_stat1 table exists */
+ sInfo.db = db;
+ sInfo.zDatabase = db->aDb[iDb].zName;
+ if( sqlite3FindTable(db, "sqlite_stat1", sInfo.zDatabase)==0 ){
+ return SQLITE_ERROR;
+ }
+
+ /* Load new statistics out of the sqlite_stat1 table */
+ zSql = sqlite3MPrintf(db,
+ "SELECT tbl,idx,stat FROM %Q.sqlite_stat1", sInfo.zDatabase);
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_exec(db, zSql, analysisLoader, &sInfo, 0);
+ sqlite3DbFree(db, zSql);
+ }
+
+
+ /* Load the statistics from the sqlite_stat4 table. */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ if( rc==SQLITE_OK && OptimizationEnabled(db, SQLITE_Stat34) ){
+ int lookasideEnabled = db->lookaside.bEnabled;
+ db->lookaside.bEnabled = 0;
+ rc = loadStat4(db, sInfo.zDatabase);
+ db->lookaside.bEnabled = lookasideEnabled;
+ }
+ for(i=sqliteHashFirst(&db->aDb[iDb].pSchema->idxHash);i;i=sqliteHashNext(i)){
+ Index *pIdx = sqliteHashData(i);
+ sqlite3_free(pIdx->aiRowEst);
+ pIdx->aiRowEst = 0;
+ }
+#endif
+
+ if( rc==SQLITE_NOMEM ){
+ db->mallocFailed = 1;
+ }
+ return rc;
+}
+
+
+#endif /* SQLITE_OMIT_ANALYZE */
+
+/************** End of analyze.c *********************************************/
+/************** Begin file attach.c ******************************************/
+/*
+** 2003 April 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used to implement the ATTACH and DETACH commands.
+*/
+/* #include "sqliteInt.h" */
+
+#ifndef SQLITE_OMIT_ATTACH
+/*
+** Resolve an expression that was part of an ATTACH or DETACH statement. This
+** is slightly different from resolving a normal SQL expression, because simple
+** identifiers are treated as strings, not possible column names or aliases.
+**
+** i.e. if the parser sees:
+**
+** ATTACH DATABASE abc AS def
+**
+** it treats the two expressions as literal strings 'abc' and 'def' instead of
+** looking for columns of the same name.
+**
+** This only applies to the root node of pExpr, so the statement:
+**
+** ATTACH DATABASE abc||def AS 'db2'
+**
+** will fail because neither abc or def can be resolved.
+*/
+static int resolveAttachExpr(NameContext *pName, Expr *pExpr)
+{
+ int rc = SQLITE_OK;
+ if( pExpr ){
+ if( pExpr->op!=TK_ID ){
+ rc = sqlite3ResolveExprNames(pName, pExpr);
+ }else{
+ pExpr->op = TK_STRING;
+ }
+ }
+ return rc;
+}
+
+/*
+** An SQL user-function registered to do the work of an ATTACH statement. The
+** three arguments to the function come directly from an attach statement:
+**
+** ATTACH DATABASE x AS y KEY z
+**
+** SELECT sqlite_attach(x, y, z)
+**
+** If the optional "KEY z" syntax is omitted, an SQL NULL is passed as the
+** third argument.
+*/
+static void attachFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ int i;
+ int rc = 0;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ const char *zName;
+ const char *zFile;
+ char *zPath = 0;
+ char *zErr = 0;
+ unsigned int flags;
+ Db *aNew;
+ char *zErrDyn = 0;
+ sqlite3_vfs *pVfs;
+
+ UNUSED_PARAMETER(NotUsed);
+
+ zFile = (const char *)sqlite3_value_text(argv[0]);
+ zName = (const char *)sqlite3_value_text(argv[1]);
+ if( zFile==0 ) zFile = "";
+ if( zName==0 ) zName = "";
+
+ /* Check for the following errors:
+ **
+ ** * Too many attached databases,
+ ** * Transaction currently open
+ ** * Specified database name already being used.
+ */
+ if( db->nDb>=db->aLimit[SQLITE_LIMIT_ATTACHED]+2 ){
+ zErrDyn = sqlite3MPrintf(db, "too many attached databases - max %d",
+ db->aLimit[SQLITE_LIMIT_ATTACHED]
+ );
+ goto attach_error;
+ }
+ if( !db->autoCommit ){
+ zErrDyn = sqlite3MPrintf(db, "cannot ATTACH database within transaction");
+ goto attach_error;
+ }
+ for(i=0; i<db->nDb; i++){
+ char *z = db->aDb[i].zName;
+ assert( z && zName );
+ if( sqlite3StrICmp(z, zName)==0 ){
+ zErrDyn = sqlite3MPrintf(db, "database %s is already in use", zName);
+ goto attach_error;
+ }
+ }
+
+ /* Allocate the new entry in the db->aDb[] array and initialize the schema
+ ** hash tables.
+ */
+ if( db->aDb==db->aDbStatic ){
+ aNew = sqlite3DbMallocRaw(db, sizeof(db->aDb[0])*3 );
+ if( aNew==0 ) return;
+ memcpy(aNew, db->aDb, sizeof(db->aDb[0])*2);
+ }else{
+ aNew = sqlite3DbRealloc(db, db->aDb, sizeof(db->aDb[0])*(db->nDb+1) );
+ if( aNew==0 ) return;
+ }
+ db->aDb = aNew;
+ aNew = &db->aDb[db->nDb];
+ memset(aNew, 0, sizeof(*aNew));
+
+ /* Open the database file. If the btree is successfully opened, use
+ ** it to obtain the database schema. At this point the schema may
+ ** or may not be initialized.
+ */
+ flags = db->openFlags;
+ rc = sqlite3ParseUri(db->pVfs->zName, zFile, &flags, &pVfs, &zPath, &zErr);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_NOMEM ) db->mallocFailed = 1;
+ sqlite3_result_error(context, zErr, -1);
+ sqlite3_free(zErr);
+ return;
+ }
+ assert( pVfs );
+ flags |= SQLITE_OPEN_MAIN_DB;
+ rc = sqlite3BtreeOpen(pVfs, zPath, db, &aNew->pBt, 0, flags);
+ sqlite3_free( zPath );
+ db->nDb++;
+ if( rc==SQLITE_CONSTRAINT ){
+ rc = SQLITE_ERROR;
+ zErrDyn = sqlite3MPrintf(db, "database is already attached");
+ }else if( rc==SQLITE_OK ){
+ Pager *pPager;
+ aNew->pSchema = sqlite3SchemaGet(db, aNew->pBt);
+ if( !aNew->pSchema ){
+ rc = SQLITE_NOMEM;
+ }else if( aNew->pSchema->file_format && aNew->pSchema->enc!=ENC(db) ){
+ zErrDyn = sqlite3MPrintf(db,
+ "attached databases must use the same text encoding as main database");
+ rc = SQLITE_ERROR;
+ }
+ sqlite3BtreeEnter(aNew->pBt);
+ pPager = sqlite3BtreePager(aNew->pBt);
+ sqlite3PagerLockingMode(pPager, db->dfltLockMode);
+ sqlite3BtreeSecureDelete(aNew->pBt,
+ sqlite3BtreeSecureDelete(db->aDb[0].pBt,-1) );
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+ sqlite3BtreeSetPagerFlags(aNew->pBt, 3 | (db->flags & PAGER_FLAGS_MASK));
+#endif
+ sqlite3BtreeLeave(aNew->pBt);
+ }
+ aNew->safety_level = 3;
+ aNew->zName = sqlite3DbStrDup(db, zName);
+ if( rc==SQLITE_OK && aNew->zName==0 ){
+ rc = SQLITE_NOMEM;
+ }
+
+
+#ifdef SQLITE_HAS_CODEC
+ if( rc==SQLITE_OK ){
+ extern int sqlite3CodecAttach(sqlite3*, int, const void*, int);
+ extern void sqlite3CodecGetKey(sqlite3*, int, void**, int*);
+ int nKey;
+ char *zKey;
+ int t = sqlite3_value_type(argv[2]);
+ switch( t ){
+ case SQLITE_INTEGER:
+ case SQLITE_FLOAT:
+ zErrDyn = sqlite3DbStrDup(db, "Invalid key value");
+ rc = SQLITE_ERROR;
+ break;
+
+ case SQLITE_TEXT:
+ case SQLITE_BLOB:
+ nKey = sqlite3_value_bytes(argv[2]);
+ zKey = (char *)sqlite3_value_blob(argv[2]);
+ rc = sqlite3CodecAttach(db, db->nDb-1, zKey, nKey);
+ break;
+
+ case SQLITE_NULL:
+ /* No key specified. Use the key from the main database */
+ sqlite3CodecGetKey(db, 0, (void**)&zKey, &nKey);
+ if( nKey>0 || sqlite3BtreeGetOptimalReserve(db->aDb[0].pBt)>0 ){
+ rc = sqlite3CodecAttach(db, db->nDb-1, zKey, nKey);
+ }
+ break;
+ }
+ }
+#endif
+
+ /* If the file was opened successfully, read the schema for the new database.
+ ** If this fails, or if opening the file failed, then close the file and
+ ** remove the entry from the db->aDb[] array. i.e. put everything back the way
+ ** we found it.
+ */
+ if( rc==SQLITE_OK ){
+ sqlite3BtreeEnterAll(db);
+ rc = sqlite3Init(db, &zErrDyn);
+ sqlite3BtreeLeaveAll(db);
+ }
+#ifdef SQLITE_USER_AUTHENTICATION
+ if( rc==SQLITE_OK ){
+ u8 newAuth = 0;
+ rc = sqlite3UserAuthCheckLogin(db, zName, &newAuth);
+ if( newAuth<db->auth.authLevel ){
+ rc = SQLITE_AUTH_USER;
+ }
+ }
+#endif
+ if( rc ){
+ int iDb = db->nDb - 1;
+ assert( iDb>=2 );
+ if( db->aDb[iDb].pBt ){
+ sqlite3BtreeClose(db->aDb[iDb].pBt);
+ db->aDb[iDb].pBt = 0;
+ db->aDb[iDb].pSchema = 0;
+ }
+ sqlite3ResetAllSchemasOfConnection(db);
+ db->nDb = iDb;
+ if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ){
+ db->mallocFailed = 1;
+ sqlite3DbFree(db, zErrDyn);
+ zErrDyn = sqlite3MPrintf(db, "out of memory");
+ }else if( zErrDyn==0 ){
+ zErrDyn = sqlite3MPrintf(db, "unable to open database: %s", zFile);
+ }
+ goto attach_error;
+ }
+
+ return;
+
+attach_error:
+ /* Return an error if we get here */
+ if( zErrDyn ){
+ sqlite3_result_error(context, zErrDyn, -1);
+ sqlite3DbFree(db, zErrDyn);
+ }
+ if( rc ) sqlite3_result_error_code(context, rc);
+}
+
+/*
+** An SQL user-function registered to do the work of an DETACH statement. The
+** three arguments to the function come directly from a detach statement:
+**
+** DETACH DATABASE x
+**
+** SELECT sqlite_detach(x)
+*/
+static void detachFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ const char *zName = (const char *)sqlite3_value_text(argv[0]);
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ int i;
+ Db *pDb = 0;
+ char zErr[128];
+
+ UNUSED_PARAMETER(NotUsed);
+
+ if( zName==0 ) zName = "";
+ for(i=0; i<db->nDb; i++){
+ pDb = &db->aDb[i];
+ if( pDb->pBt==0 ) continue;
+ if( sqlite3StrICmp(pDb->zName, zName)==0 ) break;
+ }
+
+ if( i>=db->nDb ){
+ sqlite3_snprintf(sizeof(zErr),zErr, "no such database: %s", zName);
+ goto detach_error;
+ }
+ if( i<2 ){
+ sqlite3_snprintf(sizeof(zErr),zErr, "cannot detach database %s", zName);
+ goto detach_error;
+ }
+ if( !db->autoCommit ){
+ sqlite3_snprintf(sizeof(zErr), zErr,
+ "cannot DETACH database within transaction");
+ goto detach_error;
+ }
+ if( sqlite3BtreeIsInReadTrans(pDb->pBt) || sqlite3BtreeIsInBackup(pDb->pBt) ){
+ sqlite3_snprintf(sizeof(zErr),zErr, "database %s is locked", zName);
+ goto detach_error;
+ }
+
+ sqlite3BtreeClose(pDb->pBt);
+ pDb->pBt = 0;
+ pDb->pSchema = 0;
+ sqlite3CollapseDatabaseArray(db);
+ return;
+
+detach_error:
+ sqlite3_result_error(context, zErr, -1);
+}
+
+/*
+** This procedure generates VDBE code for a single invocation of either the
+** sqlite_detach() or sqlite_attach() SQL user functions.
+*/
+static void codeAttach(
+ Parse *pParse, /* The parser context */
+ int type, /* Either SQLITE_ATTACH or SQLITE_DETACH */
+ FuncDef const *pFunc,/* FuncDef wrapper for detachFunc() or attachFunc() */
+ Expr *pAuthArg, /* Expression to pass to authorization callback */
+ Expr *pFilename, /* Name of database file */
+ Expr *pDbname, /* Name of the database to use internally */
+ Expr *pKey /* Database key for encryption extension */
+){
+ int rc;
+ NameContext sName;
+ Vdbe *v;
+ sqlite3* db = pParse->db;
+ int regArgs;
+
+ memset(&sName, 0, sizeof(NameContext));
+ sName.pParse = pParse;
+
+ if(
+ SQLITE_OK!=(rc = resolveAttachExpr(&sName, pFilename)) ||
+ SQLITE_OK!=(rc = resolveAttachExpr(&sName, pDbname)) ||
+ SQLITE_OK!=(rc = resolveAttachExpr(&sName, pKey))
+ ){
+ goto attach_end;
+ }
+
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ if( pAuthArg ){
+ char *zAuthArg;
+ if( pAuthArg->op==TK_STRING ){
+ zAuthArg = pAuthArg->u.zToken;
+ }else{
+ zAuthArg = 0;
+ }
+ rc = sqlite3AuthCheck(pParse, type, zAuthArg, 0, 0);
+ if(rc!=SQLITE_OK ){
+ goto attach_end;
+ }
+ }
+#endif /* SQLITE_OMIT_AUTHORIZATION */
+
+
+ v = sqlite3GetVdbe(pParse);
+ regArgs = sqlite3GetTempRange(pParse, 4);
+ sqlite3ExprCode(pParse, pFilename, regArgs);
+ sqlite3ExprCode(pParse, pDbname, regArgs+1);
+ sqlite3ExprCode(pParse, pKey, regArgs+2);
+
+ assert( v || db->mallocFailed );
+ if( v ){
+ sqlite3VdbeAddOp3(v, OP_Function0, 0, regArgs+3-pFunc->nArg, regArgs+3);
+ assert( pFunc->nArg==-1 || (pFunc->nArg&0xff)==pFunc->nArg );
+ sqlite3VdbeChangeP5(v, (u8)(pFunc->nArg));
+ sqlite3VdbeChangeP4(v, -1, (char *)pFunc, P4_FUNCDEF);
+
+ /* Code an OP_Expire. For an ATTACH statement, set P1 to true (expire this
+ ** statement only). For DETACH, set it to false (expire all existing
+ ** statements).
+ */
+ sqlite3VdbeAddOp1(v, OP_Expire, (type==SQLITE_ATTACH));
+ }
+
+attach_end:
+ sqlite3ExprDelete(db, pFilename);
+ sqlite3ExprDelete(db, pDbname);
+ sqlite3ExprDelete(db, pKey);
+}
+
+/*
+** Called by the parser to compile a DETACH statement.
+**
+** DETACH pDbname
+*/
+SQLITE_PRIVATE void sqlite3Detach(Parse *pParse, Expr *pDbname){
+ static const FuncDef detach_func = {
+ 1, /* nArg */
+ SQLITE_UTF8, /* funcFlags */
+ 0, /* pUserData */
+ 0, /* pNext */
+ detachFunc, /* xFunc */
+ 0, /* xStep */
+ 0, /* xFinalize */
+ "sqlite_detach", /* zName */
+ 0, /* pHash */
+ 0 /* pDestructor */
+ };
+ codeAttach(pParse, SQLITE_DETACH, &detach_func, pDbname, 0, 0, pDbname);
+}
+
+/*
+** Called by the parser to compile an ATTACH statement.
+**
+** ATTACH p AS pDbname KEY pKey
+*/
+SQLITE_PRIVATE void sqlite3Attach(Parse *pParse, Expr *p, Expr *pDbname, Expr *pKey){
+ static const FuncDef attach_func = {
+ 3, /* nArg */
+ SQLITE_UTF8, /* funcFlags */
+ 0, /* pUserData */
+ 0, /* pNext */
+ attachFunc, /* xFunc */
+ 0, /* xStep */
+ 0, /* xFinalize */
+ "sqlite_attach", /* zName */
+ 0, /* pHash */
+ 0 /* pDestructor */
+ };
+ codeAttach(pParse, SQLITE_ATTACH, &attach_func, p, p, pDbname, pKey);
+}
+#endif /* SQLITE_OMIT_ATTACH */
+
+/*
+** Initialize a DbFixer structure. This routine must be called prior
+** to passing the structure to one of the sqliteFixAAAA() routines below.
+*/
+SQLITE_PRIVATE void sqlite3FixInit(
+ DbFixer *pFix, /* The fixer to be initialized */
+ Parse *pParse, /* Error messages will be written here */
+ int iDb, /* This is the database that must be used */
+ const char *zType, /* "view", "trigger", or "index" */
+ const Token *pName /* Name of the view, trigger, or index */
+){
+ sqlite3 *db;
+
+ db = pParse->db;
+ assert( db->nDb>iDb );
+ pFix->pParse = pParse;
+ pFix->zDb = db->aDb[iDb].zName;
+ pFix->pSchema = db->aDb[iDb].pSchema;
+ pFix->zType = zType;
+ pFix->pName = pName;
+ pFix->bVarOnly = (iDb==1);
+}
+
+/*
+** The following set of routines walk through the parse tree and assign
+** a specific database to all table references where the database name
+** was left unspecified in the original SQL statement. The pFix structure
+** must have been initialized by a prior call to sqlite3FixInit().
+**
+** These routines are used to make sure that an index, trigger, or
+** view in one database does not refer to objects in a different database.
+** (Exception: indices, triggers, and views in the TEMP database are
+** allowed to refer to anything.) If a reference is explicitly made
+** to an object in a different database, an error message is added to
+** pParse->zErrMsg and these routines return non-zero. If everything
+** checks out, these routines return 0.
+*/
+SQLITE_PRIVATE int sqlite3FixSrcList(
+ DbFixer *pFix, /* Context of the fixation */
+ SrcList *pList /* The Source list to check and modify */
+){
+ int i;
+ const char *zDb;
+ struct SrcList_item *pItem;
+
+ if( NEVER(pList==0) ) return 0;
+ zDb = pFix->zDb;
+ for(i=0, pItem=pList->a; i<pList->nSrc; i++, pItem++){
+ if( pFix->bVarOnly==0 ){
+ if( pItem->zDatabase && sqlite3StrICmp(pItem->zDatabase, zDb) ){
+ sqlite3ErrorMsg(pFix->pParse,
+ "%s %T cannot reference objects in database %s",
+ pFix->zType, pFix->pName, pItem->zDatabase);
+ return 1;
+ }
+ sqlite3DbFree(pFix->pParse->db, pItem->zDatabase);
+ pItem->zDatabase = 0;
+ pItem->pSchema = pFix->pSchema;
+ }
+#if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_TRIGGER)
+ if( sqlite3FixSelect(pFix, pItem->pSelect) ) return 1;
+ if( sqlite3FixExpr(pFix, pItem->pOn) ) return 1;
+#endif
+ }
+ return 0;
+}
+#if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_TRIGGER)
+SQLITE_PRIVATE int sqlite3FixSelect(
+ DbFixer *pFix, /* Context of the fixation */
+ Select *pSelect /* The SELECT statement to be fixed to one database */
+){
+ while( pSelect ){
+ if( sqlite3FixExprList(pFix, pSelect->pEList) ){
+ return 1;
+ }
+ if( sqlite3FixSrcList(pFix, pSelect->pSrc) ){
+ return 1;
+ }
+ if( sqlite3FixExpr(pFix, pSelect->pWhere) ){
+ return 1;
+ }
+ if( sqlite3FixExprList(pFix, pSelect->pGroupBy) ){
+ return 1;
+ }
+ if( sqlite3FixExpr(pFix, pSelect->pHaving) ){
+ return 1;
+ }
+ if( sqlite3FixExprList(pFix, pSelect->pOrderBy) ){
+ return 1;
+ }
+ if( sqlite3FixExpr(pFix, pSelect->pLimit) ){
+ return 1;
+ }
+ if( sqlite3FixExpr(pFix, pSelect->pOffset) ){
+ return 1;
+ }
+ pSelect = pSelect->pPrior;
+ }
+ return 0;
+}
+SQLITE_PRIVATE int sqlite3FixExpr(
+ DbFixer *pFix, /* Context of the fixation */
+ Expr *pExpr /* The expression to be fixed to one database */
+){
+ while( pExpr ){
+ if( pExpr->op==TK_VARIABLE ){
+ if( pFix->pParse->db->init.busy ){
+ pExpr->op = TK_NULL;
+ }else{
+ sqlite3ErrorMsg(pFix->pParse, "%s cannot use variables", pFix->zType);
+ return 1;
+ }
+ }
+ if( ExprHasProperty(pExpr, EP_TokenOnly) ) break;
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ if( sqlite3FixSelect(pFix, pExpr->x.pSelect) ) return 1;
+ }else{
+ if( sqlite3FixExprList(pFix, pExpr->x.pList) ) return 1;
+ }
+ if( sqlite3FixExpr(pFix, pExpr->pRight) ){
+ return 1;
+ }
+ pExpr = pExpr->pLeft;
+ }
+ return 0;
+}
+SQLITE_PRIVATE int sqlite3FixExprList(
+ DbFixer *pFix, /* Context of the fixation */
+ ExprList *pList /* The expression to be fixed to one database */
+){
+ int i;
+ struct ExprList_item *pItem;
+ if( pList==0 ) return 0;
+ for(i=0, pItem=pList->a; i<pList->nExpr; i++, pItem++){
+ if( sqlite3FixExpr(pFix, pItem->pExpr) ){
+ return 1;
+ }
+ }
+ return 0;
+}
+#endif
+
+#ifndef SQLITE_OMIT_TRIGGER
+SQLITE_PRIVATE int sqlite3FixTriggerStep(
+ DbFixer *pFix, /* Context of the fixation */
+ TriggerStep *pStep /* The trigger step be fixed to one database */
+){
+ while( pStep ){
+ if( sqlite3FixSelect(pFix, pStep->pSelect) ){
+ return 1;
+ }
+ if( sqlite3FixExpr(pFix, pStep->pWhere) ){
+ return 1;
+ }
+ if( sqlite3FixExprList(pFix, pStep->pExprList) ){
+ return 1;
+ }
+ pStep = pStep->pNext;
+ }
+ return 0;
+}
+#endif
+
+/************** End of attach.c **********************************************/
+/************** Begin file auth.c ********************************************/
+/*
+** 2003 January 11
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used to implement the sqlite3_set_authorizer()
+** API. This facility is an optional feature of the library. Embedded
+** systems that do not need this facility may omit it by recompiling
+** the library with -DSQLITE_OMIT_AUTHORIZATION=1
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** All of the code in this file may be omitted by defining a single
+** macro.
+*/
+#ifndef SQLITE_OMIT_AUTHORIZATION
+
+/*
+** Set or clear the access authorization function.
+**
+** The access authorization function is be called during the compilation
+** phase to verify that the user has read and/or write access permission on
+** various fields of the database. The first argument to the auth function
+** is a copy of the 3rd argument to this routine. The second argument
+** to the auth function is one of these constants:
+**
+** SQLITE_CREATE_INDEX
+** SQLITE_CREATE_TABLE
+** SQLITE_CREATE_TEMP_INDEX
+** SQLITE_CREATE_TEMP_TABLE
+** SQLITE_CREATE_TEMP_TRIGGER
+** SQLITE_CREATE_TEMP_VIEW
+** SQLITE_CREATE_TRIGGER
+** SQLITE_CREATE_VIEW
+** SQLITE_DELETE
+** SQLITE_DROP_INDEX
+** SQLITE_DROP_TABLE
+** SQLITE_DROP_TEMP_INDEX
+** SQLITE_DROP_TEMP_TABLE
+** SQLITE_DROP_TEMP_TRIGGER
+** SQLITE_DROP_TEMP_VIEW
+** SQLITE_DROP_TRIGGER
+** SQLITE_DROP_VIEW
+** SQLITE_INSERT
+** SQLITE_PRAGMA
+** SQLITE_READ
+** SQLITE_SELECT
+** SQLITE_TRANSACTION
+** SQLITE_UPDATE
+**
+** The third and fourth arguments to the auth function are the name of
+** the table and the column that are being accessed. The auth function
+** should return either SQLITE_OK, SQLITE_DENY, or SQLITE_IGNORE. If
+** SQLITE_OK is returned, it means that access is allowed. SQLITE_DENY
+** means that the SQL statement will never-run - the sqlite3_exec() call
+** will return with an error. SQLITE_IGNORE means that the SQL statement
+** should run but attempts to read the specified column will return NULL
+** and attempts to write the column will be ignored.
+**
+** Setting the auth function to NULL disables this hook. The default
+** setting of the auth function is NULL.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_set_authorizer(
+ sqlite3 *db,
+ int (*xAuth)(void*,int,const char*,const char*,const char*,const char*),
+ void *pArg
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ db->xAuth = (sqlite3_xauth)xAuth;
+ db->pAuthArg = pArg;
+ sqlite3ExpirePreparedStatements(db);
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+
+/*
+** Write an error message into pParse->zErrMsg that explains that the
+** user-supplied authorization function returned an illegal value.
+*/
+static void sqliteAuthBadReturnCode(Parse *pParse){
+ sqlite3ErrorMsg(pParse, "authorizer malfunction");
+ pParse->rc = SQLITE_ERROR;
+}
+
+/*
+** Invoke the authorization callback for permission to read column zCol from
+** table zTab in database zDb. This function assumes that an authorization
+** callback has been registered (i.e. that sqlite3.xAuth is not NULL).
+**
+** If SQLITE_IGNORE is returned and pExpr is not NULL, then pExpr is changed
+** to an SQL NULL expression. Otherwise, if pExpr is NULL, then SQLITE_IGNORE
+** is treated as SQLITE_DENY. In this case an error is left in pParse.
+*/
+SQLITE_PRIVATE int sqlite3AuthReadCol(
+ Parse *pParse, /* The parser context */
+ const char *zTab, /* Table name */
+ const char *zCol, /* Column name */
+ int iDb /* Index of containing database. */
+){
+ sqlite3 *db = pParse->db; /* Database handle */
+ char *zDb = db->aDb[iDb].zName; /* Name of attached database */
+ int rc; /* Auth callback return code */
+
+ rc = db->xAuth(db->pAuthArg, SQLITE_READ, zTab,zCol,zDb,pParse->zAuthContext
+#ifdef SQLITE_USER_AUTHENTICATION
+ ,db->auth.zAuthUser
+#endif
+ );
+ if( rc==SQLITE_DENY ){
+ if( db->nDb>2 || iDb!=0 ){
+ sqlite3ErrorMsg(pParse, "access to %s.%s.%s is prohibited",zDb,zTab,zCol);
+ }else{
+ sqlite3ErrorMsg(pParse, "access to %s.%s is prohibited", zTab, zCol);
+ }
+ pParse->rc = SQLITE_AUTH;
+ }else if( rc!=SQLITE_IGNORE && rc!=SQLITE_OK ){
+ sqliteAuthBadReturnCode(pParse);
+ }
+ return rc;
+}
+
+/*
+** The pExpr should be a TK_COLUMN expression. The table referred to
+** is in pTabList or else it is the NEW or OLD table of a trigger.
+** Check to see if it is OK to read this particular column.
+**
+** If the auth function returns SQLITE_IGNORE, change the TK_COLUMN
+** instruction into a TK_NULL. If the auth function returns SQLITE_DENY,
+** then generate an error.
+*/
+SQLITE_PRIVATE void sqlite3AuthRead(
+ Parse *pParse, /* The parser context */
+ Expr *pExpr, /* The expression to check authorization on */
+ Schema *pSchema, /* The schema of the expression */
+ SrcList *pTabList /* All table that pExpr might refer to */
+){
+ sqlite3 *db = pParse->db;
+ Table *pTab = 0; /* The table being read */
+ const char *zCol; /* Name of the column of the table */
+ int iSrc; /* Index in pTabList->a[] of table being read */
+ int iDb; /* The index of the database the expression refers to */
+ int iCol; /* Index of column in table */
+
+ if( db->xAuth==0 ) return;
+ iDb = sqlite3SchemaToIndex(pParse->db, pSchema);
+ if( iDb<0 ){
+ /* An attempt to read a column out of a subquery or other
+ ** temporary table. */
+ return;
+ }
+
+ assert( pExpr->op==TK_COLUMN || pExpr->op==TK_TRIGGER );
+ if( pExpr->op==TK_TRIGGER ){
+ pTab = pParse->pTriggerTab;
+ }else{
+ assert( pTabList );
+ for(iSrc=0; ALWAYS(iSrc<pTabList->nSrc); iSrc++){
+ if( pExpr->iTable==pTabList->a[iSrc].iCursor ){
+ pTab = pTabList->a[iSrc].pTab;
+ break;
+ }
+ }
+ }
+ iCol = pExpr->iColumn;
+ if( NEVER(pTab==0) ) return;
+
+ if( iCol>=0 ){
+ assert( iCol<pTab->nCol );
+ zCol = pTab->aCol[iCol].zName;
+ }else if( pTab->iPKey>=0 ){
+ assert( pTab->iPKey<pTab->nCol );
+ zCol = pTab->aCol[pTab->iPKey].zName;
+ }else{
+ zCol = "ROWID";
+ }
+ assert( iDb>=0 && iDb<db->nDb );
+ if( SQLITE_IGNORE==sqlite3AuthReadCol(pParse, pTab->zName, zCol, iDb) ){
+ pExpr->op = TK_NULL;
+ }
+}
+
+/*
+** Do an authorization check using the code and arguments given. Return
+** either SQLITE_OK (zero) or SQLITE_IGNORE or SQLITE_DENY. If SQLITE_DENY
+** is returned, then the error count and error message in pParse are
+** modified appropriately.
+*/
+SQLITE_PRIVATE int sqlite3AuthCheck(
+ Parse *pParse,
+ int code,
+ const char *zArg1,
+ const char *zArg2,
+ const char *zArg3
+){
+ sqlite3 *db = pParse->db;
+ int rc;
+
+ /* Don't do any authorization checks if the database is initialising
+ ** or if the parser is being invoked from within sqlite3_declare_vtab.
+ */
+ if( db->init.busy || IN_DECLARE_VTAB ){
+ return SQLITE_OK;
+ }
+
+ if( db->xAuth==0 ){
+ return SQLITE_OK;
+ }
+ rc = db->xAuth(db->pAuthArg, code, zArg1, zArg2, zArg3, pParse->zAuthContext
+#ifdef SQLITE_USER_AUTHENTICATION
+ ,db->auth.zAuthUser
+#endif
+ );
+ if( rc==SQLITE_DENY ){
+ sqlite3ErrorMsg(pParse, "not authorized");
+ pParse->rc = SQLITE_AUTH;
+ }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){
+ rc = SQLITE_DENY;
+ sqliteAuthBadReturnCode(pParse);
+ }
+ return rc;
+}
+
+/*
+** Push an authorization context. After this routine is called, the
+** zArg3 argument to authorization callbacks will be zContext until
+** popped. Or if pParse==0, this routine is a no-op.
+*/
+SQLITE_PRIVATE void sqlite3AuthContextPush(
+ Parse *pParse,
+ AuthContext *pContext,
+ const char *zContext
+){
+ assert( pParse );
+ pContext->pParse = pParse;
+ pContext->zAuthContext = pParse->zAuthContext;
+ pParse->zAuthContext = zContext;
+}
+
+/*
+** Pop an authorization context that was previously pushed
+** by sqlite3AuthContextPush
+*/
+SQLITE_PRIVATE void sqlite3AuthContextPop(AuthContext *pContext){
+ if( pContext->pParse ){
+ pContext->pParse->zAuthContext = pContext->zAuthContext;
+ pContext->pParse = 0;
+ }
+}
+
+#endif /* SQLITE_OMIT_AUTHORIZATION */
+
+/************** End of auth.c ************************************************/
+/************** Begin file build.c *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains C code routines that are called by the SQLite parser
+** when syntax rules are reduced. The routines in this file handle the
+** following kinds of SQL syntax:
+**
+** CREATE TABLE
+** DROP TABLE
+** CREATE INDEX
+** DROP INDEX
+** creating ID lists
+** BEGIN TRANSACTION
+** COMMIT
+** ROLLBACK
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** This routine is called when a new SQL statement is beginning to
+** be parsed. Initialize the pParse structure as needed.
+*/
+SQLITE_PRIVATE void sqlite3BeginParse(Parse *pParse, int explainFlag){
+ pParse->explain = (u8)explainFlag;
+ pParse->nVar = 0;
+}
+
+#ifndef SQLITE_OMIT_SHARED_CACHE
+/*
+** The TableLock structure is only used by the sqlite3TableLock() and
+** codeTableLocks() functions.
+*/
+struct TableLock {
+ int iDb; /* The database containing the table to be locked */
+ int iTab; /* The root page of the table to be locked */
+ u8 isWriteLock; /* True for write lock. False for a read lock */
+ const char *zName; /* Name of the table */
+};
+
+/*
+** Record the fact that we want to lock a table at run-time.
+**
+** The table to be locked has root page iTab and is found in database iDb.
+** A read or a write lock can be taken depending on isWritelock.
+**
+** This routine just records the fact that the lock is desired. The
+** code to make the lock occur is generated by a later call to
+** codeTableLocks() which occurs during sqlite3FinishCoding().
+*/
+SQLITE_PRIVATE void sqlite3TableLock(
+ Parse *pParse, /* Parsing context */
+ int iDb, /* Index of the database containing the table to lock */
+ int iTab, /* Root page number of the table to be locked */
+ u8 isWriteLock, /* True for a write lock */
+ const char *zName /* Name of the table to be locked */
+){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ int i;
+ int nBytes;
+ TableLock *p;
+ assert( iDb>=0 );
+
+ for(i=0; i<pToplevel->nTableLock; i++){
+ p = &pToplevel->aTableLock[i];
+ if( p->iDb==iDb && p->iTab==iTab ){
+ p->isWriteLock = (p->isWriteLock || isWriteLock);
+ return;
+ }
+ }
+
+ nBytes = sizeof(TableLock) * (pToplevel->nTableLock+1);
+ pToplevel->aTableLock =
+ sqlite3DbReallocOrFree(pToplevel->db, pToplevel->aTableLock, nBytes);
+ if( pToplevel->aTableLock ){
+ p = &pToplevel->aTableLock[pToplevel->nTableLock++];
+ p->iDb = iDb;
+ p->iTab = iTab;
+ p->isWriteLock = isWriteLock;
+ p->zName = zName;
+ }else{
+ pToplevel->nTableLock = 0;
+ pToplevel->db->mallocFailed = 1;
+ }
+}
+
+/*
+** Code an OP_TableLock instruction for each table locked by the
+** statement (configured by calls to sqlite3TableLock()).
+*/
+static void codeTableLocks(Parse *pParse){
+ int i;
+ Vdbe *pVdbe;
+
+ pVdbe = sqlite3GetVdbe(pParse);
+ assert( pVdbe!=0 ); /* sqlite3GetVdbe cannot fail: VDBE already allocated */
+
+ for(i=0; i<pParse->nTableLock; i++){
+ TableLock *p = &pParse->aTableLock[i];
+ int p1 = p->iDb;
+ sqlite3VdbeAddOp4(pVdbe, OP_TableLock, p1, p->iTab, p->isWriteLock,
+ p->zName, P4_STATIC);
+ }
+}
+#else
+ #define codeTableLocks(x)
+#endif
+
+/*
+** Return TRUE if the given yDbMask object is empty - if it contains no
+** 1 bits. This routine is used by the DbMaskAllZero() and DbMaskNotZero()
+** macros when SQLITE_MAX_ATTACHED is greater than 30.
+*/
+#if SQLITE_MAX_ATTACHED>30
+SQLITE_PRIVATE int sqlite3DbMaskAllZero(yDbMask m){
+ int i;
+ for(i=0; i<sizeof(yDbMask); i++) if( m[i] ) return 0;
+ return 1;
+}
+#endif
+
+/*
+** This routine is called after a single SQL statement has been
+** parsed and a VDBE program to execute that statement has been
+** prepared. This routine puts the finishing touches on the
+** VDBE program and resets the pParse structure for the next
+** parse.
+**
+** Note that if an error occurred, it might be the case that
+** no VDBE code was generated.
+*/
+SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
+ sqlite3 *db;
+ Vdbe *v;
+
+ assert( pParse->pToplevel==0 );
+ db = pParse->db;
+ if( pParse->nested ) return;
+ if( db->mallocFailed || pParse->nErr ){
+ if( pParse->rc==SQLITE_OK ) pParse->rc = SQLITE_ERROR;
+ return;
+ }
+
+ /* Begin by generating some termination code at the end of the
+ ** vdbe program
+ */
+ v = sqlite3GetVdbe(pParse);
+ assert( !pParse->isMultiWrite
+ || sqlite3VdbeAssertMayAbort(v, pParse->mayAbort));
+ if( v ){
+ while( sqlite3VdbeDeletePriorOpcode(v, OP_Close) ){}
+ sqlite3VdbeAddOp0(v, OP_Halt);
+
+#if SQLITE_USER_AUTHENTICATION
+ if( pParse->nTableLock>0 && db->init.busy==0 ){
+ sqlite3UserAuthInit(db);
+ if( db->auth.authLevel<UAUTH_User ){
+ pParse->rc = SQLITE_AUTH_USER;
+ sqlite3ErrorMsg(pParse, "user not authenticated");
+ return;
+ }
+ }
+#endif
+
+ /* The cookie mask contains one bit for each database file open.
+ ** (Bit 0 is for main, bit 1 is for temp, and so forth.) Bits are
+ ** set for each database that is used. Generate code to start a
+ ** transaction on each used database and to verify the schema cookie
+ ** on each used database.
+ */
+ if( db->mallocFailed==0
+ && (DbMaskNonZero(pParse->cookieMask) || pParse->pConstExpr)
+ ){
+ int iDb, i;
+ assert( sqlite3VdbeGetOp(v, 0)->opcode==OP_Init );
+ sqlite3VdbeJumpHere(v, 0);
+ for(iDb=0; iDb<db->nDb; iDb++){
+ if( DbMaskTest(pParse->cookieMask, iDb)==0 ) continue;
+ sqlite3VdbeUsesBtree(v, iDb);
+ sqlite3VdbeAddOp4Int(v,
+ OP_Transaction, /* Opcode */
+ iDb, /* P1 */
+ DbMaskTest(pParse->writeMask,iDb), /* P2 */
+ pParse->cookieValue[iDb], /* P3 */
+ db->aDb[iDb].pSchema->iGeneration /* P4 */
+ );
+ if( db->init.busy==0 ) sqlite3VdbeChangeP5(v, 1);
+ VdbeComment((v,
+ "usesStmtJournal=%d", pParse->mayAbort && pParse->isMultiWrite));
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ for(i=0; i<pParse->nVtabLock; i++){
+ char *vtab = (char *)sqlite3GetVTable(db, pParse->apVtabLock[i]);
+ sqlite3VdbeAddOp4(v, OP_VBegin, 0, 0, 0, vtab, P4_VTAB);
+ }
+ pParse->nVtabLock = 0;
+#endif
+
+ /* Once all the cookies have been verified and transactions opened,
+ ** obtain the required table-locks. This is a no-op unless the
+ ** shared-cache feature is enabled.
+ */
+ codeTableLocks(pParse);
+
+ /* Initialize any AUTOINCREMENT data structures required.
+ */
+ sqlite3AutoincrementBegin(pParse);
+
+ /* Code constant expressions that where factored out of inner loops */
+ if( pParse->pConstExpr ){
+ ExprList *pEL = pParse->pConstExpr;
+ pParse->okConstFactor = 0;
+ for(i=0; i<pEL->nExpr; i++){
+ sqlite3ExprCode(pParse, pEL->a[i].pExpr, pEL->a[i].u.iConstExprReg);
+ }
+ }
+
+ /* Finally, jump back to the beginning of the executable code. */
+ sqlite3VdbeGoto(v, 1);
+ }
+ }
+
+
+ /* Get the VDBE program ready for execution
+ */
+ if( v && pParse->nErr==0 && !db->mallocFailed ){
+ assert( pParse->iCacheLevel==0 ); /* Disables and re-enables match */
+ /* A minimum of one cursor is required if autoincrement is used
+ * See ticket [a696379c1f08866] */
+ if( pParse->pAinc!=0 && pParse->nTab==0 ) pParse->nTab = 1;
+ sqlite3VdbeMakeReady(v, pParse);
+ pParse->rc = SQLITE_DONE;
+ pParse->colNamesSet = 0;
+ }else{
+ pParse->rc = SQLITE_ERROR;
+ }
+ pParse->nTab = 0;
+ pParse->nMem = 0;
+ pParse->nSet = 0;
+ pParse->nVar = 0;
+ DbMaskZero(pParse->cookieMask);
+}
+
+/*
+** Run the parser and code generator recursively in order to generate
+** code for the SQL statement given onto the end of the pParse context
+** currently under construction. When the parser is run recursively
+** this way, the final OP_Halt is not appended and other initialization
+** and finalization steps are omitted because those are handling by the
+** outermost parser.
+**
+** Not everything is nestable. This facility is designed to permit
+** INSERT, UPDATE, and DELETE operations against SQLITE_MASTER. Use
+** care if you decide to try to use this routine for some other purposes.
+*/
+SQLITE_PRIVATE void sqlite3NestedParse(Parse *pParse, const char *zFormat, ...){
+ va_list ap;
+ char *zSql;
+ char *zErrMsg = 0;
+ sqlite3 *db = pParse->db;
+# define SAVE_SZ (sizeof(Parse) - offsetof(Parse,nVar))
+ char saveBuf[SAVE_SZ];
+
+ if( pParse->nErr ) return;
+ assert( pParse->nested<10 ); /* Nesting should only be of limited depth */
+ va_start(ap, zFormat);
+ zSql = sqlite3VMPrintf(db, zFormat, ap);
+ va_end(ap);
+ if( zSql==0 ){
+ return; /* A malloc must have failed */
+ }
+ pParse->nested++;
+ memcpy(saveBuf, &pParse->nVar, SAVE_SZ);
+ memset(&pParse->nVar, 0, SAVE_SZ);
+ sqlite3RunParser(pParse, zSql, &zErrMsg);
+ sqlite3DbFree(db, zErrMsg);
+ sqlite3DbFree(db, zSql);
+ memcpy(&pParse->nVar, saveBuf, SAVE_SZ);
+ pParse->nested--;
+}
+
+#if SQLITE_USER_AUTHENTICATION
+/*
+** Return TRUE if zTable is the name of the system table that stores the
+** list of users and their access credentials.
+*/
+SQLITE_PRIVATE int sqlite3UserAuthTable(const char *zTable){
+ return sqlite3_stricmp(zTable, "sqlite_user")==0;
+}
+#endif
+
+/*
+** Locate the in-memory structure that describes a particular database
+** table given the name of that table and (optionally) the name of the
+** database containing the table. Return NULL if not found.
+**
+** If zDatabase is 0, all databases are searched for the table and the
+** first matching table is returned. (No checking for duplicate table
+** names is done.) The search order is TEMP first, then MAIN, then any
+** auxiliary databases added using the ATTACH command.
+**
+** See also sqlite3LocateTable().
+*/
+SQLITE_PRIVATE Table *sqlite3FindTable(sqlite3 *db, const char *zName, const char *zDatabase){
+ Table *p = 0;
+ int i;
+
+ /* All mutexes are required for schema access. Make sure we hold them. */
+ assert( zDatabase!=0 || sqlite3BtreeHoldsAllMutexes(db) );
+#if SQLITE_USER_AUTHENTICATION
+ /* Only the admin user is allowed to know that the sqlite_user table
+ ** exists */
+ if( db->auth.authLevel<UAUTH_Admin && sqlite3UserAuthTable(zName)!=0 ){
+ return 0;
+ }
+#endif
+ for(i=OMIT_TEMPDB; i<db->nDb; i++){
+ int j = (i<2) ? i^1 : i; /* Search TEMP before MAIN */
+ if( zDatabase!=0 && sqlite3StrICmp(zDatabase, db->aDb[j].zName) ) continue;
+ assert( sqlite3SchemaMutexHeld(db, j, 0) );
+ p = sqlite3HashFind(&db->aDb[j].pSchema->tblHash, zName);
+ if( p ) break;
+ }
+ return p;
+}
+
+/*
+** Locate the in-memory structure that describes a particular database
+** table given the name of that table and (optionally) the name of the
+** database containing the table. Return NULL if not found. Also leave an
+** error message in pParse->zErrMsg.
+**
+** The difference between this routine and sqlite3FindTable() is that this
+** routine leaves an error message in pParse->zErrMsg where
+** sqlite3FindTable() does not.
+*/
+SQLITE_PRIVATE Table *sqlite3LocateTable(
+ Parse *pParse, /* context in which to report errors */
+ int isView, /* True if looking for a VIEW rather than a TABLE */
+ const char *zName, /* Name of the table we are looking for */
+ const char *zDbase /* Name of the database. Might be NULL */
+){
+ Table *p;
+
+ /* Read the database schema. If an error occurs, leave an error message
+ ** and code in pParse and return NULL. */
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ return 0;
+ }
+
+ p = sqlite3FindTable(pParse->db, zName, zDbase);
+ if( p==0 ){
+ const char *zMsg = isView ? "no such view" : "no such table";
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( sqlite3FindDbName(pParse->db, zDbase)<1 ){
+ /* If zName is the not the name of a table in the schema created using
+ ** CREATE, then check to see if it is the name of an virtual table that
+ ** can be an eponymous virtual table. */
+ Module *pMod = (Module*)sqlite3HashFind(&pParse->db->aModule, zName);
+ if( pMod && sqlite3VtabEponymousTableInit(pParse, pMod) ){
+ return pMod->pEpoTab;
+ }
+ }
+#endif
+ if( zDbase ){
+ sqlite3ErrorMsg(pParse, "%s: %s.%s", zMsg, zDbase, zName);
+ }else{
+ sqlite3ErrorMsg(pParse, "%s: %s", zMsg, zName);
+ }
+ pParse->checkSchema = 1;
+ }
+
+ return p;
+}
+
+/*
+** Locate the table identified by *p.
+**
+** This is a wrapper around sqlite3LocateTable(). The difference between
+** sqlite3LocateTable() and this function is that this function restricts
+** the search to schema (p->pSchema) if it is not NULL. p->pSchema may be
+** non-NULL if it is part of a view or trigger program definition. See
+** sqlite3FixSrcList() for details.
+*/
+SQLITE_PRIVATE Table *sqlite3LocateTableItem(
+ Parse *pParse,
+ int isView,
+ struct SrcList_item *p
+){
+ const char *zDb;
+ assert( p->pSchema==0 || p->zDatabase==0 );
+ if( p->pSchema ){
+ int iDb = sqlite3SchemaToIndex(pParse->db, p->pSchema);
+ zDb = pParse->db->aDb[iDb].zName;
+ }else{
+ zDb = p->zDatabase;
+ }
+ return sqlite3LocateTable(pParse, isView, p->zName, zDb);
+}
+
+/*
+** Locate the in-memory structure that describes
+** a particular index given the name of that index
+** and the name of the database that contains the index.
+** Return NULL if not found.
+**
+** If zDatabase is 0, all databases are searched for the
+** table and the first matching index is returned. (No checking
+** for duplicate index names is done.) The search order is
+** TEMP first, then MAIN, then any auxiliary databases added
+** using the ATTACH command.
+*/
+SQLITE_PRIVATE Index *sqlite3FindIndex(sqlite3 *db, const char *zName, const char *zDb){
+ Index *p = 0;
+ int i;
+ /* All mutexes are required for schema access. Make sure we hold them. */
+ assert( zDb!=0 || sqlite3BtreeHoldsAllMutexes(db) );
+ for(i=OMIT_TEMPDB; i<db->nDb; i++){
+ int j = (i<2) ? i^1 : i; /* Search TEMP before MAIN */
+ Schema *pSchema = db->aDb[j].pSchema;
+ assert( pSchema );
+ if( zDb && sqlite3StrICmp(zDb, db->aDb[j].zName) ) continue;
+ assert( sqlite3SchemaMutexHeld(db, j, 0) );
+ p = sqlite3HashFind(&pSchema->idxHash, zName);
+ if( p ) break;
+ }
+ return p;
+}
+
+/*
+** Reclaim the memory used by an index
+*/
+static void freeIndex(sqlite3 *db, Index *p){
+#ifndef SQLITE_OMIT_ANALYZE
+ sqlite3DeleteIndexSamples(db, p);
+#endif
+ sqlite3ExprDelete(db, p->pPartIdxWhere);
+ sqlite3ExprListDelete(db, p->aColExpr);
+ sqlite3DbFree(db, p->zColAff);
+ if( p->isResized ) sqlite3DbFree(db, (void *)p->azColl);
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ sqlite3_free(p->aiRowEst);
+#endif
+ sqlite3DbFree(db, p);
+}
+
+/*
+** For the index called zIdxName which is found in the database iDb,
+** unlike that index from its Table then remove the index from
+** the index hash table and free all memory structures associated
+** with the index.
+*/
+SQLITE_PRIVATE void sqlite3UnlinkAndDeleteIndex(sqlite3 *db, int iDb, const char *zIdxName){
+ Index *pIndex;
+ Hash *pHash;
+
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pHash = &db->aDb[iDb].pSchema->idxHash;
+ pIndex = sqlite3HashInsert(pHash, zIdxName, 0);
+ if( ALWAYS(pIndex) ){
+ if( pIndex->pTable->pIndex==pIndex ){
+ pIndex->pTable->pIndex = pIndex->pNext;
+ }else{
+ Index *p;
+ /* Justification of ALWAYS(); The index must be on the list of
+ ** indices. */
+ p = pIndex->pTable->pIndex;
+ while( ALWAYS(p) && p->pNext!=pIndex ){ p = p->pNext; }
+ if( ALWAYS(p && p->pNext==pIndex) ){
+ p->pNext = pIndex->pNext;
+ }
+ }
+ freeIndex(db, pIndex);
+ }
+ db->flags |= SQLITE_InternChanges;
+}
+
+/*
+** Look through the list of open database files in db->aDb[] and if
+** any have been closed, remove them from the list. Reallocate the
+** db->aDb[] structure to a smaller size, if possible.
+**
+** Entry 0 (the "main" database) and entry 1 (the "temp" database)
+** are never candidates for being collapsed.
+*/
+SQLITE_PRIVATE void sqlite3CollapseDatabaseArray(sqlite3 *db){
+ int i, j;
+ for(i=j=2; i<db->nDb; i++){
+ struct Db *pDb = &db->aDb[i];
+ if( pDb->pBt==0 ){
+ sqlite3DbFree(db, pDb->zName);
+ pDb->zName = 0;
+ continue;
+ }
+ if( j<i ){
+ db->aDb[j] = db->aDb[i];
+ }
+ j++;
+ }
+ memset(&db->aDb[j], 0, (db->nDb-j)*sizeof(db->aDb[j]));
+ db->nDb = j;
+ if( db->nDb<=2 && db->aDb!=db->aDbStatic ){
+ memcpy(db->aDbStatic, db->aDb, 2*sizeof(db->aDb[0]));
+ sqlite3DbFree(db, db->aDb);
+ db->aDb = db->aDbStatic;
+ }
+}
+
+/*
+** Reset the schema for the database at index iDb. Also reset the
+** TEMP schema.
+*/
+SQLITE_PRIVATE void sqlite3ResetOneSchema(sqlite3 *db, int iDb){
+ Db *pDb;
+ assert( iDb<db->nDb );
+
+ /* Case 1: Reset the single schema identified by iDb */
+ pDb = &db->aDb[iDb];
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ assert( pDb->pSchema!=0 );
+ sqlite3SchemaClear(pDb->pSchema);
+
+ /* If any database other than TEMP is reset, then also reset TEMP
+ ** since TEMP might be holding triggers that reference tables in the
+ ** other database.
+ */
+ if( iDb!=1 ){
+ pDb = &db->aDb[1];
+ assert( pDb->pSchema!=0 );
+ sqlite3SchemaClear(pDb->pSchema);
+ }
+ return;
+}
+
+/*
+** Erase all schema information from all attached databases (including
+** "main" and "temp") for a single database connection.
+*/
+SQLITE_PRIVATE void sqlite3ResetAllSchemasOfConnection(sqlite3 *db){
+ int i;
+ sqlite3BtreeEnterAll(db);
+ for(i=0; i<db->nDb; i++){
+ Db *pDb = &db->aDb[i];
+ if( pDb->pSchema ){
+ sqlite3SchemaClear(pDb->pSchema);
+ }
+ }
+ db->flags &= ~SQLITE_InternChanges;
+ sqlite3VtabUnlockList(db);
+ sqlite3BtreeLeaveAll(db);
+ sqlite3CollapseDatabaseArray(db);
+}
+
+/*
+** This routine is called when a commit occurs.
+*/
+SQLITE_PRIVATE void sqlite3CommitInternalChanges(sqlite3 *db){
+ db->flags &= ~SQLITE_InternChanges;
+}
+
+/*
+** Delete memory allocated for the column names of a table or view (the
+** Table.aCol[] array).
+*/
+SQLITE_PRIVATE void sqlite3DeleteColumnNames(sqlite3 *db, Table *pTable){
+ int i;
+ Column *pCol;
+ assert( pTable!=0 );
+ if( (pCol = pTable->aCol)!=0 ){
+ for(i=0; i<pTable->nCol; i++, pCol++){
+ sqlite3DbFree(db, pCol->zName);
+ sqlite3ExprDelete(db, pCol->pDflt);
+ sqlite3DbFree(db, pCol->zDflt);
+ sqlite3DbFree(db, pCol->zType);
+ sqlite3DbFree(db, pCol->zColl);
+ }
+ sqlite3DbFree(db, pTable->aCol);
+ }
+}
+
+/*
+** Remove the memory data structures associated with the given
+** Table. No changes are made to disk by this routine.
+**
+** This routine just deletes the data structure. It does not unlink
+** the table data structure from the hash table. But it does destroy
+** memory structures of the indices and foreign keys associated with
+** the table.
+**
+** The db parameter is optional. It is needed if the Table object
+** contains lookaside memory. (Table objects in the schema do not use
+** lookaside memory, but some ephemeral Table objects do.) Or the
+** db parameter can be used with db->pnBytesFreed to measure the memory
+** used by the Table object.
+*/
+SQLITE_PRIVATE void sqlite3DeleteTable(sqlite3 *db, Table *pTable){
+ Index *pIndex, *pNext;
+ TESTONLY( int nLookaside; ) /* Used to verify lookaside not used for schema */
+
+ assert( !pTable || pTable->nRef>0 );
+
+ /* Do not delete the table until the reference count reaches zero. */
+ if( !pTable ) return;
+ if( ((!db || db->pnBytesFreed==0) && (--pTable->nRef)>0) ) return;
+
+ /* Record the number of outstanding lookaside allocations in schema Tables
+ ** prior to doing any free() operations. Since schema Tables do not use
+ ** lookaside, this number should not change. */
+ TESTONLY( nLookaside = (db && (pTable->tabFlags & TF_Ephemeral)==0) ?
+ db->lookaside.nOut : 0 );
+
+ /* Delete all indices associated with this table. */
+ for(pIndex = pTable->pIndex; pIndex; pIndex=pNext){
+ pNext = pIndex->pNext;
+ assert( pIndex->pSchema==pTable->pSchema );
+ if( !db || db->pnBytesFreed==0 ){
+ char *zName = pIndex->zName;
+ TESTONLY ( Index *pOld = ) sqlite3HashInsert(
+ &pIndex->pSchema->idxHash, zName, 0
+ );
+ assert( db==0 || sqlite3SchemaMutexHeld(db, 0, pIndex->pSchema) );
+ assert( pOld==pIndex || pOld==0 );
+ }
+ freeIndex(db, pIndex);
+ }
+
+ /* Delete any foreign keys attached to this table. */
+ sqlite3FkDelete(db, pTable);
+
+ /* Delete the Table structure itself.
+ */
+ sqlite3DeleteColumnNames(db, pTable);
+ sqlite3DbFree(db, pTable->zName);
+ sqlite3DbFree(db, pTable->zColAff);
+ sqlite3SelectDelete(db, pTable->pSelect);
+ sqlite3ExprListDelete(db, pTable->pCheck);
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ sqlite3VtabClear(db, pTable);
+#endif
+ sqlite3DbFree(db, pTable);
+
+ /* Verify that no lookaside memory was used by schema tables */
+ assert( nLookaside==0 || nLookaside==db->lookaside.nOut );
+}
+
+/*
+** Unlink the given table from the hash tables and the delete the
+** table structure with all its indices and foreign keys.
+*/
+SQLITE_PRIVATE void sqlite3UnlinkAndDeleteTable(sqlite3 *db, int iDb, const char *zTabName){
+ Table *p;
+ Db *pDb;
+
+ assert( db!=0 );
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( zTabName );
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ testcase( zTabName[0]==0 ); /* Zero-length table names are allowed */
+ pDb = &db->aDb[iDb];
+ p = sqlite3HashInsert(&pDb->pSchema->tblHash, zTabName, 0);
+ sqlite3DeleteTable(db, p);
+ db->flags |= SQLITE_InternChanges;
+}
+
+/*
+** Given a token, return a string that consists of the text of that
+** token. Space to hold the returned string
+** is obtained from sqliteMalloc() and must be freed by the calling
+** function.
+**
+** Any quotation marks (ex: "name", 'name', [name], or `name`) that
+** surround the body of the token are removed.
+**
+** Tokens are often just pointers into the original SQL text and so
+** are not \000 terminated and are not persistent. The returned string
+** is \000 terminated and is persistent.
+*/
+SQLITE_PRIVATE char *sqlite3NameFromToken(sqlite3 *db, Token *pName){
+ char *zName;
+ if( pName ){
+ zName = sqlite3DbStrNDup(db, (char*)pName->z, pName->n);
+ sqlite3Dequote(zName);
+ }else{
+ zName = 0;
+ }
+ return zName;
+}
+
+/*
+** Open the sqlite_master table stored in database number iDb for
+** writing. The table is opened using cursor 0.
+*/
+SQLITE_PRIVATE void sqlite3OpenMasterTable(Parse *p, int iDb){
+ Vdbe *v = sqlite3GetVdbe(p);
+ sqlite3TableLock(p, iDb, MASTER_ROOT, 1, SCHEMA_TABLE(iDb));
+ sqlite3VdbeAddOp4Int(v, OP_OpenWrite, 0, MASTER_ROOT, iDb, 5);
+ if( p->nTab==0 ){
+ p->nTab = 1;
+ }
+}
+
+/*
+** Parameter zName points to a nul-terminated buffer containing the name
+** of a database ("main", "temp" or the name of an attached db). This
+** function returns the index of the named database in db->aDb[], or
+** -1 if the named db cannot be found.
+*/
+SQLITE_PRIVATE int sqlite3FindDbName(sqlite3 *db, const char *zName){
+ int i = -1; /* Database number */
+ if( zName ){
+ Db *pDb;
+ int n = sqlite3Strlen30(zName);
+ for(i=(db->nDb-1), pDb=&db->aDb[i]; i>=0; i--, pDb--){
+ if( (!OMIT_TEMPDB || i!=1 ) && n==sqlite3Strlen30(pDb->zName) &&
+ 0==sqlite3StrICmp(pDb->zName, zName) ){
+ break;
+ }
+ }
+ }
+ return i;
+}
+
+/*
+** The token *pName contains the name of a database (either "main" or
+** "temp" or the name of an attached db). This routine returns the
+** index of the named database in db->aDb[], or -1 if the named db
+** does not exist.
+*/
+SQLITE_PRIVATE int sqlite3FindDb(sqlite3 *db, Token *pName){
+ int i; /* Database number */
+ char *zName; /* Name we are searching for */
+ zName = sqlite3NameFromToken(db, pName);
+ i = sqlite3FindDbName(db, zName);
+ sqlite3DbFree(db, zName);
+ return i;
+}
+
+/* The table or view or trigger name is passed to this routine via tokens
+** pName1 and pName2. If the table name was fully qualified, for example:
+**
+** CREATE TABLE xxx.yyy (...);
+**
+** Then pName1 is set to "xxx" and pName2 "yyy". On the other hand if
+** the table name is not fully qualified, i.e.:
+**
+** CREATE TABLE yyy(...);
+**
+** Then pName1 is set to "yyy" and pName2 is "".
+**
+** This routine sets the *ppUnqual pointer to point at the token (pName1 or
+** pName2) that stores the unqualified table name. The index of the
+** database "xxx" is returned.
+*/
+SQLITE_PRIVATE int sqlite3TwoPartName(
+ Parse *pParse, /* Parsing and code generating context */
+ Token *pName1, /* The "xxx" in the name "xxx.yyy" or "xxx" */
+ Token *pName2, /* The "yyy" in the name "xxx.yyy" */
+ Token **pUnqual /* Write the unqualified object name here */
+){
+ int iDb; /* Database holding the object */
+ sqlite3 *db = pParse->db;
+
+ if( ALWAYS(pName2!=0) && pName2->n>0 ){
+ if( db->init.busy ) {
+ sqlite3ErrorMsg(pParse, "corrupt database");
+ return -1;
+ }
+ *pUnqual = pName2;
+ iDb = sqlite3FindDb(db, pName1);
+ if( iDb<0 ){
+ sqlite3ErrorMsg(pParse, "unknown database %T", pName1);
+ return -1;
+ }
+ }else{
+ assert( db->init.iDb==0 || db->init.busy );
+ iDb = db->init.iDb;
+ *pUnqual = pName1;
+ }
+ return iDb;
+}
+
+/*
+** This routine is used to check if the UTF-8 string zName is a legal
+** unqualified name for a new schema object (table, index, view or
+** trigger). All names are legal except those that begin with the string
+** "sqlite_" (in upper, lower or mixed case). This portion of the namespace
+** is reserved for internal use.
+*/
+SQLITE_PRIVATE int sqlite3CheckObjectName(Parse *pParse, const char *zName){
+ if( !pParse->db->init.busy && pParse->nested==0
+ && (pParse->db->flags & SQLITE_WriteSchema)==0
+ && 0==sqlite3StrNICmp(zName, "sqlite_", 7) ){
+ sqlite3ErrorMsg(pParse, "object name reserved for internal use: %s", zName);
+ return SQLITE_ERROR;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Return the PRIMARY KEY index of a table
+*/
+SQLITE_PRIVATE Index *sqlite3PrimaryKeyIndex(Table *pTab){
+ Index *p;
+ for(p=pTab->pIndex; p && !IsPrimaryKeyIndex(p); p=p->pNext){}
+ return p;
+}
+
+/*
+** Return the column of index pIdx that corresponds to table
+** column iCol. Return -1 if not found.
+*/
+SQLITE_PRIVATE i16 sqlite3ColumnOfIndex(Index *pIdx, i16 iCol){
+ int i;
+ for(i=0; i<pIdx->nColumn; i++){
+ if( iCol==pIdx->aiColumn[i] ) return i;
+ }
+ return -1;
+}
+
+/*
+** Begin constructing a new table representation in memory. This is
+** the first of several action routines that get called in response
+** to a CREATE TABLE statement. In particular, this routine is called
+** after seeing tokens "CREATE" and "TABLE" and the table name. The isTemp
+** flag is true if the table should be stored in the auxiliary database
+** file instead of in the main database file. This is normally the case
+** when the "TEMP" or "TEMPORARY" keyword occurs in between
+** CREATE and TABLE.
+**
+** The new table record is initialized and put in pParse->pNewTable.
+** As more of the CREATE TABLE statement is parsed, additional action
+** routines will be called to add more information to this record.
+** At the end of the CREATE TABLE statement, the sqlite3EndTable() routine
+** is called to complete the construction of the new table record.
+*/
+SQLITE_PRIVATE void sqlite3StartTable(
+ Parse *pParse, /* Parser context */
+ Token *pName1, /* First part of the name of the table or view */
+ Token *pName2, /* Second part of the name of the table or view */
+ int isTemp, /* True if this is a TEMP table */
+ int isView, /* True if this is a VIEW */
+ int isVirtual, /* True if this is a VIRTUAL table */
+ int noErr /* Do nothing if table already exists */
+){
+ Table *pTable;
+ char *zName = 0; /* The name of the new table */
+ sqlite3 *db = pParse->db;
+ Vdbe *v;
+ int iDb; /* Database number to create the table in */
+ Token *pName; /* Unqualified name of the table to create */
+
+ /* The table or view name to create is passed to this routine via tokens
+ ** pName1 and pName2. If the table name was fully qualified, for example:
+ **
+ ** CREATE TABLE xxx.yyy (...);
+ **
+ ** Then pName1 is set to "xxx" and pName2 "yyy". On the other hand if
+ ** the table name is not fully qualified, i.e.:
+ **
+ ** CREATE TABLE yyy(...);
+ **
+ ** Then pName1 is set to "yyy" and pName2 is "".
+ **
+ ** The call below sets the pName pointer to point at the token (pName1 or
+ ** pName2) that stores the unqualified table name. The variable iDb is
+ ** set to the index of the database that the table or view is to be
+ ** created in.
+ */
+ iDb = sqlite3TwoPartName(pParse, pName1, pName2, &pName);
+ if( iDb<0 ) return;
+ if( !OMIT_TEMPDB && isTemp && pName2->n>0 && iDb!=1 ){
+ /* If creating a temp table, the name may not be qualified. Unless
+ ** the database name is "temp" anyway. */
+ sqlite3ErrorMsg(pParse, "temporary table name must be unqualified");
+ return;
+ }
+ if( !OMIT_TEMPDB && isTemp ) iDb = 1;
+
+ pParse->sNameToken = *pName;
+ zName = sqlite3NameFromToken(db, pName);
+ if( zName==0 ) return;
+ if( SQLITE_OK!=sqlite3CheckObjectName(pParse, zName) ){
+ goto begin_table_error;
+ }
+ if( db->init.iDb==1 ) isTemp = 1;
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ assert( (isTemp & 1)==isTemp );
+ {
+ int code;
+ char *zDb = db->aDb[iDb].zName;
+ if( sqlite3AuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(isTemp), 0, zDb) ){
+ goto begin_table_error;
+ }
+ if( isView ){
+ if( !OMIT_TEMPDB && isTemp ){
+ code = SQLITE_CREATE_TEMP_VIEW;
+ }else{
+ code = SQLITE_CREATE_VIEW;
+ }
+ }else{
+ if( !OMIT_TEMPDB && isTemp ){
+ code = SQLITE_CREATE_TEMP_TABLE;
+ }else{
+ code = SQLITE_CREATE_TABLE;
+ }
+ }
+ if( !isVirtual && sqlite3AuthCheck(pParse, code, zName, 0, zDb) ){
+ goto begin_table_error;
+ }
+ }
+#endif
+
+ /* Make sure the new table name does not collide with an existing
+ ** index or table name in the same database. Issue an error message if
+ ** it does. The exception is if the statement being parsed was passed
+ ** to an sqlite3_declare_vtab() call. In that case only the column names
+ ** and types will be used, so there is no need to test for namespace
+ ** collisions.
+ */
+ if( !IN_DECLARE_VTAB ){
+ char *zDb = db->aDb[iDb].zName;
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ goto begin_table_error;
+ }
+ pTable = sqlite3FindTable(db, zName, zDb);
+ if( pTable ){
+ if( !noErr ){
+ sqlite3ErrorMsg(pParse, "table %T already exists", pName);
+ }else{
+ assert( !db->init.busy || CORRUPT_DB );
+ sqlite3CodeVerifySchema(pParse, iDb);
+ }
+ goto begin_table_error;
+ }
+ if( sqlite3FindIndex(db, zName, zDb)!=0 ){
+ sqlite3ErrorMsg(pParse, "there is already an index named %s", zName);
+ goto begin_table_error;
+ }
+ }
+
+ pTable = sqlite3DbMallocZero(db, sizeof(Table));
+ if( pTable==0 ){
+ db->mallocFailed = 1;
+ pParse->rc = SQLITE_NOMEM;
+ pParse->nErr++;
+ goto begin_table_error;
+ }
+ pTable->zName = zName;
+ pTable->iPKey = -1;
+ pTable->pSchema = db->aDb[iDb].pSchema;
+ pTable->nRef = 1;
+ pTable->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
+ assert( pParse->pNewTable==0 );
+ pParse->pNewTable = pTable;
+
+ /* If this is the magic sqlite_sequence table used by autoincrement,
+ ** then record a pointer to this table in the main database structure
+ ** so that INSERT can find the table easily.
+ */
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+ if( !pParse->nested && strcmp(zName, "sqlite_sequence")==0 ){
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pTable->pSchema->pSeqTab = pTable;
+ }
+#endif
+
+ /* Begin generating the code that will insert the table record into
+ ** the SQLITE_MASTER table. Note in particular that we must go ahead
+ ** and allocate the record number for the table entry now. Before any
+ ** PRIMARY KEY or UNIQUE keywords are parsed. Those keywords will cause
+ ** indices to be created and the table record must come before the
+ ** indices. Hence, the record number for the table must be allocated
+ ** now.
+ */
+ if( !db->init.busy && (v = sqlite3GetVdbe(pParse))!=0 ){
+ int addr1;
+ int fileFormat;
+ int reg1, reg2, reg3;
+ /* nullRow[] is an OP_Record encoding of a row containing 5 NULLs */
+ static const char nullRow[] = { 6, 0, 0, 0, 0, 0 };
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( isVirtual ){
+ sqlite3VdbeAddOp0(v, OP_VBegin);
+ }
+#endif
+
+ /* If the file format and encoding in the database have not been set,
+ ** set them now.
+ */
+ reg1 = pParse->regRowid = ++pParse->nMem;
+ reg2 = pParse->regRoot = ++pParse->nMem;
+ reg3 = ++pParse->nMem;
+ sqlite3VdbeAddOp3(v, OP_ReadCookie, iDb, reg3, BTREE_FILE_FORMAT);
+ sqlite3VdbeUsesBtree(v, iDb);
+ addr1 = sqlite3VdbeAddOp1(v, OP_If, reg3); VdbeCoverage(v);
+ fileFormat = (db->flags & SQLITE_LegacyFileFmt)!=0 ?
+ 1 : SQLITE_MAX_FILE_FORMAT;
+ sqlite3VdbeAddOp2(v, OP_Integer, fileFormat, reg3);
+ sqlite3VdbeAddOp3(v, OP_SetCookie, iDb, BTREE_FILE_FORMAT, reg3);
+ sqlite3VdbeAddOp2(v, OP_Integer, ENC(db), reg3);
+ sqlite3VdbeAddOp3(v, OP_SetCookie, iDb, BTREE_TEXT_ENCODING, reg3);
+ sqlite3VdbeJumpHere(v, addr1);
+
+ /* This just creates a place-holder record in the sqlite_master table.
+ ** The record created does not contain anything yet. It will be replaced
+ ** by the real entry in code generated at sqlite3EndTable().
+ **
+ ** The rowid for the new entry is left in register pParse->regRowid.
+ ** The root page number of the new table is left in reg pParse->regRoot.
+ ** The rowid and root page number values are needed by the code that
+ ** sqlite3EndTable will generate.
+ */
+#if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE)
+ if( isView || isVirtual ){
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, reg2);
+ }else
+#endif
+ {
+ pParse->addrCrTab = sqlite3VdbeAddOp2(v, OP_CreateTable, iDb, reg2);
+ }
+ sqlite3OpenMasterTable(pParse, iDb);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, 0, reg1);
+ sqlite3VdbeAddOp4(v, OP_Blob, 6, reg3, 0, nullRow, P4_STATIC);
+ sqlite3VdbeAddOp3(v, OP_Insert, 0, reg3, reg1);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+ sqlite3VdbeAddOp0(v, OP_Close);
+ }
+
+ /* Normal (non-error) return. */
+ return;
+
+ /* If an error occurs, we jump here */
+begin_table_error:
+ sqlite3DbFree(db, zName);
+ return;
+}
+
+/* Set properties of a table column based on the (magical)
+** name of the column.
+*/
+#if SQLITE_ENABLE_HIDDEN_COLUMNS
+SQLITE_PRIVATE void sqlite3ColumnPropertiesFromName(Table *pTab, Column *pCol){
+ if( sqlite3_strnicmp(pCol->zName, "__hidden__", 10)==0 ){
+ pCol->colFlags |= COLFLAG_HIDDEN;
+ }else if( pTab && pCol!=pTab->aCol && (pCol[-1].colFlags & COLFLAG_HIDDEN) ){
+ pTab->tabFlags |= TF_OOOHidden;
+ }
+}
+#endif
+
+
+/*
+** Add a new column to the table currently being constructed.
+**
+** The parser calls this routine once for each column declaration
+** in a CREATE TABLE statement. sqlite3StartTable() gets called
+** first to get things going. Then this routine is called for each
+** column.
+*/
+SQLITE_PRIVATE void sqlite3AddColumn(Parse *pParse, Token *pName){
+ Table *p;
+ int i;
+ char *z;
+ Column *pCol;
+ sqlite3 *db = pParse->db;
+ if( (p = pParse->pNewTable)==0 ) return;
+#if SQLITE_MAX_COLUMN
+ if( p->nCol+1>db->aLimit[SQLITE_LIMIT_COLUMN] ){
+ sqlite3ErrorMsg(pParse, "too many columns on %s", p->zName);
+ return;
+ }
+#endif
+ z = sqlite3NameFromToken(db, pName);
+ if( z==0 ) return;
+ for(i=0; i<p->nCol; i++){
+ if( sqlite3_stricmp(z, p->aCol[i].zName)==0 ){
+ sqlite3ErrorMsg(pParse, "duplicate column name: %s", z);
+ sqlite3DbFree(db, z);
+ return;
+ }
+ }
+ if( (p->nCol & 0x7)==0 ){
+ Column *aNew;
+ aNew = sqlite3DbRealloc(db,p->aCol,(p->nCol+8)*sizeof(p->aCol[0]));
+ if( aNew==0 ){
+ sqlite3DbFree(db, z);
+ return;
+ }
+ p->aCol = aNew;
+ }
+ pCol = &p->aCol[p->nCol];
+ memset(pCol, 0, sizeof(p->aCol[0]));
+ pCol->zName = z;
+ sqlite3ColumnPropertiesFromName(p, pCol);
+
+ /* If there is no type specified, columns have the default affinity
+ ** 'BLOB'. If there is a type specified, then sqlite3AddColumnType() will
+ ** be called next to set pCol->affinity correctly.
+ */
+ pCol->affinity = SQLITE_AFF_BLOB;
+ pCol->szEst = 1;
+ p->nCol++;
+}
+
+/*
+** This routine is called by the parser while in the middle of
+** parsing a CREATE TABLE statement. A "NOT NULL" constraint has
+** been seen on a column. This routine sets the notNull flag on
+** the column currently under construction.
+*/
+SQLITE_PRIVATE void sqlite3AddNotNull(Parse *pParse, int onError){
+ Table *p;
+ p = pParse->pNewTable;
+ if( p==0 || NEVER(p->nCol<1) ) return;
+ p->aCol[p->nCol-1].notNull = (u8)onError;
+}
+
+/*
+** Scan the column type name zType (length nType) and return the
+** associated affinity type.
+**
+** This routine does a case-independent search of zType for the
+** substrings in the following table. If one of the substrings is
+** found, the corresponding affinity is returned. If zType contains
+** more than one of the substrings, entries toward the top of
+** the table take priority. For example, if zType is 'BLOBINT',
+** SQLITE_AFF_INTEGER is returned.
+**
+** Substring | Affinity
+** --------------------------------
+** 'INT' | SQLITE_AFF_INTEGER
+** 'CHAR' | SQLITE_AFF_TEXT
+** 'CLOB' | SQLITE_AFF_TEXT
+** 'TEXT' | SQLITE_AFF_TEXT
+** 'BLOB' | SQLITE_AFF_BLOB
+** 'REAL' | SQLITE_AFF_REAL
+** 'FLOA' | SQLITE_AFF_REAL
+** 'DOUB' | SQLITE_AFF_REAL
+**
+** If none of the substrings in the above table are found,
+** SQLITE_AFF_NUMERIC is returned.
+*/
+SQLITE_PRIVATE char sqlite3AffinityType(const char *zIn, u8 *pszEst){
+ u32 h = 0;
+ char aff = SQLITE_AFF_NUMERIC;
+ const char *zChar = 0;
+
+ if( zIn==0 ) return aff;
+ while( zIn[0] ){
+ h = (h<<8) + sqlite3UpperToLower[(*zIn)&0xff];
+ zIn++;
+ if( h==(('c'<<24)+('h'<<16)+('a'<<8)+'r') ){ /* CHAR */
+ aff = SQLITE_AFF_TEXT;
+ zChar = zIn;
+ }else if( h==(('c'<<24)+('l'<<16)+('o'<<8)+'b') ){ /* CLOB */
+ aff = SQLITE_AFF_TEXT;
+ }else if( h==(('t'<<24)+('e'<<16)+('x'<<8)+'t') ){ /* TEXT */
+ aff = SQLITE_AFF_TEXT;
+ }else if( h==(('b'<<24)+('l'<<16)+('o'<<8)+'b') /* BLOB */
+ && (aff==SQLITE_AFF_NUMERIC || aff==SQLITE_AFF_REAL) ){
+ aff = SQLITE_AFF_BLOB;
+ if( zIn[0]=='(' ) zChar = zIn;
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ }else if( h==(('r'<<24)+('e'<<16)+('a'<<8)+'l') /* REAL */
+ && aff==SQLITE_AFF_NUMERIC ){
+ aff = SQLITE_AFF_REAL;
+ }else if( h==(('f'<<24)+('l'<<16)+('o'<<8)+'a') /* FLOA */
+ && aff==SQLITE_AFF_NUMERIC ){
+ aff = SQLITE_AFF_REAL;
+ }else if( h==(('d'<<24)+('o'<<16)+('u'<<8)+'b') /* DOUB */
+ && aff==SQLITE_AFF_NUMERIC ){
+ aff = SQLITE_AFF_REAL;
+#endif
+ }else if( (h&0x00FFFFFF)==(('i'<<16)+('n'<<8)+'t') ){ /* INT */
+ aff = SQLITE_AFF_INTEGER;
+ break;
+ }
+ }
+
+ /* If pszEst is not NULL, store an estimate of the field size. The
+ ** estimate is scaled so that the size of an integer is 1. */
+ if( pszEst ){
+ *pszEst = 1; /* default size is approx 4 bytes */
+ if( aff<SQLITE_AFF_NUMERIC ){
+ if( zChar ){
+ while( zChar[0] ){
+ if( sqlite3Isdigit(zChar[0]) ){
+ int v = 0;
+ sqlite3GetInt32(zChar, &v);
+ v = v/4 + 1;
+ if( v>255 ) v = 255;
+ *pszEst = v; /* BLOB(k), VARCHAR(k), CHAR(k) -> r=(k/4+1) */
+ break;
+ }
+ zChar++;
+ }
+ }else{
+ *pszEst = 5; /* BLOB, TEXT, CLOB -> r=5 (approx 20 bytes)*/
+ }
+ }
+ }
+ return aff;
+}
+
+/*
+** This routine is called by the parser while in the middle of
+** parsing a CREATE TABLE statement. The pFirst token is the first
+** token in the sequence of tokens that describe the type of the
+** column currently under construction. pLast is the last token
+** in the sequence. Use this information to construct a string
+** that contains the typename of the column and store that string
+** in zType.
+*/
+SQLITE_PRIVATE void sqlite3AddColumnType(Parse *pParse, Token *pType){
+ Table *p;
+ Column *pCol;
+
+ p = pParse->pNewTable;
+ if( p==0 || NEVER(p->nCol<1) ) return;
+ pCol = &p->aCol[p->nCol-1];
+ assert( pCol->zType==0 || CORRUPT_DB );
+ sqlite3DbFree(pParse->db, pCol->zType);
+ pCol->zType = sqlite3NameFromToken(pParse->db, pType);
+ pCol->affinity = sqlite3AffinityType(pCol->zType, &pCol->szEst);
+}
+
+/*
+** The expression is the default value for the most recently added column
+** of the table currently under construction.
+**
+** Default value expressions must be constant. Raise an exception if this
+** is not the case.
+**
+** This routine is called by the parser while in the middle of
+** parsing a CREATE TABLE statement.
+*/
+SQLITE_PRIVATE void sqlite3AddDefaultValue(Parse *pParse, ExprSpan *pSpan){
+ Table *p;
+ Column *pCol;
+ sqlite3 *db = pParse->db;
+ p = pParse->pNewTable;
+ if( p!=0 ){
+ pCol = &(p->aCol[p->nCol-1]);
+ if( !sqlite3ExprIsConstantOrFunction(pSpan->pExpr, db->init.busy) ){
+ sqlite3ErrorMsg(pParse, "default value of column [%s] is not constant",
+ pCol->zName);
+ }else{
+ /* A copy of pExpr is used instead of the original, as pExpr contains
+ ** tokens that point to volatile memory. The 'span' of the expression
+ ** is required by pragma table_info.
+ */
+ sqlite3ExprDelete(db, pCol->pDflt);
+ pCol->pDflt = sqlite3ExprDup(db, pSpan->pExpr, EXPRDUP_REDUCE);
+ sqlite3DbFree(db, pCol->zDflt);
+ pCol->zDflt = sqlite3DbStrNDup(db, (char*)pSpan->zStart,
+ (int)(pSpan->zEnd - pSpan->zStart));
+ }
+ }
+ sqlite3ExprDelete(db, pSpan->pExpr);
+}
+
+/*
+** Backwards Compatibility Hack:
+**
+** Historical versions of SQLite accepted strings as column names in
+** indexes and PRIMARY KEY constraints and in UNIQUE constraints. Example:
+**
+** CREATE TABLE xyz(a,b,c,d,e,PRIMARY KEY('a'),UNIQUE('b','c' COLLATE trim)
+** CREATE INDEX abc ON xyz('c','d' DESC,'e' COLLATE nocase DESC);
+**
+** This is goofy. But to preserve backwards compatibility we continue to
+** accept it. This routine does the necessary conversion. It converts
+** the expression given in its argument from a TK_STRING into a TK_ID
+** if the expression is just a TK_STRING with an optional COLLATE clause.
+** If the epxression is anything other than TK_STRING, the expression is
+** unchanged.
+*/
+static void sqlite3StringToId(Expr *p){
+ if( p->op==TK_STRING ){
+ p->op = TK_ID;
+ }else if( p->op==TK_COLLATE && p->pLeft->op==TK_STRING ){
+ p->pLeft->op = TK_ID;
+ }
+}
+
+/*
+** Designate the PRIMARY KEY for the table. pList is a list of names
+** of columns that form the primary key. If pList is NULL, then the
+** most recently added column of the table is the primary key.
+**
+** A table can have at most one primary key. If the table already has
+** a primary key (and this is the second primary key) then create an
+** error.
+**
+** If the PRIMARY KEY is on a single column whose datatype is INTEGER,
+** then we will try to use that column as the rowid. Set the Table.iPKey
+** field of the table under construction to be the index of the
+** INTEGER PRIMARY KEY column. Table.iPKey is set to -1 if there is
+** no INTEGER PRIMARY KEY.
+**
+** If the key is not an INTEGER PRIMARY KEY, then create a unique
+** index for the key. No index is created for INTEGER PRIMARY KEYs.
+*/
+SQLITE_PRIVATE void sqlite3AddPrimaryKey(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* List of field names to be indexed */
+ int onError, /* What to do with a uniqueness conflict */
+ int autoInc, /* True if the AUTOINCREMENT keyword is present */
+ int sortOrder /* SQLITE_SO_ASC or SQLITE_SO_DESC */
+){
+ Table *pTab = pParse->pNewTable;
+ char *zType = 0;
+ int iCol = -1, i;
+ int nTerm;
+ if( pTab==0 || IN_DECLARE_VTAB ) goto primary_key_exit;
+ if( pTab->tabFlags & TF_HasPrimaryKey ){
+ sqlite3ErrorMsg(pParse,
+ "table \"%s\" has more than one primary key", pTab->zName);
+ goto primary_key_exit;
+ }
+ pTab->tabFlags |= TF_HasPrimaryKey;
+ if( pList==0 ){
+ iCol = pTab->nCol - 1;
+ pTab->aCol[iCol].colFlags |= COLFLAG_PRIMKEY;
+ zType = pTab->aCol[iCol].zType;
+ nTerm = 1;
+ }else{
+ nTerm = pList->nExpr;
+ for(i=0; i<nTerm; i++){
+ Expr *pCExpr = sqlite3ExprSkipCollate(pList->a[i].pExpr);
+ assert( pCExpr!=0 );
+ sqlite3StringToId(pCExpr);
+ if( pCExpr->op==TK_ID ){
+ const char *zCName = pCExpr->u.zToken;
+ for(iCol=0; iCol<pTab->nCol; iCol++){
+ if( sqlite3StrICmp(zCName, pTab->aCol[iCol].zName)==0 ){
+ pTab->aCol[iCol].colFlags |= COLFLAG_PRIMKEY;
+ zType = pTab->aCol[iCol].zType;
+ break;
+ }
+ }
+ }
+ }
+ }
+ if( nTerm==1
+ && zType && sqlite3StrICmp(zType, "INTEGER")==0
+ && sortOrder!=SQLITE_SO_DESC
+ ){
+ pTab->iPKey = iCol;
+ pTab->keyConf = (u8)onError;
+ assert( autoInc==0 || autoInc==1 );
+ pTab->tabFlags |= autoInc*TF_Autoincrement;
+ if( pList ) pParse->iPkSortOrder = pList->a[0].sortOrder;
+ }else if( autoInc ){
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+ sqlite3ErrorMsg(pParse, "AUTOINCREMENT is only allowed on an "
+ "INTEGER PRIMARY KEY");
+#endif
+ }else{
+ Index *p;
+ p = sqlite3CreateIndex(pParse, 0, 0, 0, pList, onError, 0,
+ 0, sortOrder, 0);
+ if( p ){
+ p->idxType = SQLITE_IDXTYPE_PRIMARYKEY;
+ }
+ pList = 0;
+ }
+
+primary_key_exit:
+ sqlite3ExprListDelete(pParse->db, pList);
+ return;
+}
+
+/*
+** Add a new CHECK constraint to the table currently under construction.
+*/
+SQLITE_PRIVATE void sqlite3AddCheckConstraint(
+ Parse *pParse, /* Parsing context */
+ Expr *pCheckExpr /* The check expression */
+){
+#ifndef SQLITE_OMIT_CHECK
+ Table *pTab = pParse->pNewTable;
+ sqlite3 *db = pParse->db;
+ if( pTab && !IN_DECLARE_VTAB
+ && !sqlite3BtreeIsReadonly(db->aDb[db->init.iDb].pBt)
+ ){
+ pTab->pCheck = sqlite3ExprListAppend(pParse, pTab->pCheck, pCheckExpr);
+ if( pParse->constraintName.n ){
+ sqlite3ExprListSetName(pParse, pTab->pCheck, &pParse->constraintName, 1);
+ }
+ }else
+#endif
+ {
+ sqlite3ExprDelete(pParse->db, pCheckExpr);
+ }
+}
+
+/*
+** Set the collation function of the most recently parsed table column
+** to the CollSeq given.
+*/
+SQLITE_PRIVATE void sqlite3AddCollateType(Parse *pParse, Token *pToken){
+ Table *p;
+ int i;
+ char *zColl; /* Dequoted name of collation sequence */
+ sqlite3 *db;
+
+ if( (p = pParse->pNewTable)==0 ) return;
+ i = p->nCol-1;
+ db = pParse->db;
+ zColl = sqlite3NameFromToken(db, pToken);
+ if( !zColl ) return;
+
+ if( sqlite3LocateCollSeq(pParse, zColl) ){
+ Index *pIdx;
+ sqlite3DbFree(db, p->aCol[i].zColl);
+ p->aCol[i].zColl = zColl;
+
+ /* If the column is declared as "<name> PRIMARY KEY COLLATE <type>",
+ ** then an index may have been created on this column before the
+ ** collation type was added. Correct this if it is the case.
+ */
+ for(pIdx=p->pIndex; pIdx; pIdx=pIdx->pNext){
+ assert( pIdx->nKeyCol==1 );
+ if( pIdx->aiColumn[0]==i ){
+ pIdx->azColl[0] = p->aCol[i].zColl;
+ }
+ }
+ }else{
+ sqlite3DbFree(db, zColl);
+ }
+}
+
+/*
+** This function returns the collation sequence for database native text
+** encoding identified by the string zName, length nName.
+**
+** If the requested collation sequence is not available, or not available
+** in the database native encoding, the collation factory is invoked to
+** request it. If the collation factory does not supply such a sequence,
+** and the sequence is available in another text encoding, then that is
+** returned instead.
+**
+** If no versions of the requested collations sequence are available, or
+** another error occurs, NULL is returned and an error message written into
+** pParse.
+**
+** This routine is a wrapper around sqlite3FindCollSeq(). This routine
+** invokes the collation factory if the named collation cannot be found
+** and generates an error message.
+**
+** See also: sqlite3FindCollSeq(), sqlite3GetCollSeq()
+*/
+SQLITE_PRIVATE CollSeq *sqlite3LocateCollSeq(Parse *pParse, const char *zName){
+ sqlite3 *db = pParse->db;
+ u8 enc = ENC(db);
+ u8 initbusy = db->init.busy;
+ CollSeq *pColl;
+
+ pColl = sqlite3FindCollSeq(db, enc, zName, initbusy);
+ if( !initbusy && (!pColl || !pColl->xCmp) ){
+ pColl = sqlite3GetCollSeq(pParse, enc, pColl, zName);
+ }
+
+ return pColl;
+}
+
+
+/*
+** Generate code that will increment the schema cookie.
+**
+** The schema cookie is used to determine when the schema for the
+** database changes. After each schema change, the cookie value
+** changes. When a process first reads the schema it records the
+** cookie. Thereafter, whenever it goes to access the database,
+** it checks the cookie to make sure the schema has not changed
+** since it was last read.
+**
+** This plan is not completely bullet-proof. It is possible for
+** the schema to change multiple times and for the cookie to be
+** set back to prior value. But schema changes are infrequent
+** and the probability of hitting the same cookie value is only
+** 1 chance in 2^32. So we're safe enough.
+*/
+SQLITE_PRIVATE void sqlite3ChangeCookie(Parse *pParse, int iDb){
+ int r1 = sqlite3GetTempReg(pParse);
+ sqlite3 *db = pParse->db;
+ Vdbe *v = pParse->pVdbe;
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ sqlite3VdbeAddOp2(v, OP_Integer, db->aDb[iDb].pSchema->schema_cookie+1, r1);
+ sqlite3VdbeAddOp3(v, OP_SetCookie, iDb, BTREE_SCHEMA_VERSION, r1);
+ sqlite3ReleaseTempReg(pParse, r1);
+}
+
+/*
+** Measure the number of characters needed to output the given
+** identifier. The number returned includes any quotes used
+** but does not include the null terminator.
+**
+** The estimate is conservative. It might be larger that what is
+** really needed.
+*/
+static int identLength(const char *z){
+ int n;
+ for(n=0; *z; n++, z++){
+ if( *z=='"' ){ n++; }
+ }
+ return n + 2;
+}
+
+/*
+** The first parameter is a pointer to an output buffer. The second
+** parameter is a pointer to an integer that contains the offset at
+** which to write into the output buffer. This function copies the
+** nul-terminated string pointed to by the third parameter, zSignedIdent,
+** to the specified offset in the buffer and updates *pIdx to refer
+** to the first byte after the last byte written before returning.
+**
+** If the string zSignedIdent consists entirely of alpha-numeric
+** characters, does not begin with a digit and is not an SQL keyword,
+** then it is copied to the output buffer exactly as it is. Otherwise,
+** it is quoted using double-quotes.
+*/
+static void identPut(char *z, int *pIdx, char *zSignedIdent){
+ unsigned char *zIdent = (unsigned char*)zSignedIdent;
+ int i, j, needQuote;
+ i = *pIdx;
+
+ for(j=0; zIdent[j]; j++){
+ if( !sqlite3Isalnum(zIdent[j]) && zIdent[j]!='_' ) break;
+ }
+ needQuote = sqlite3Isdigit(zIdent[0])
+ || sqlite3KeywordCode(zIdent, j)!=TK_ID
+ || zIdent[j]!=0
+ || j==0;
+
+ if( needQuote ) z[i++] = '"';
+ for(j=0; zIdent[j]; j++){
+ z[i++] = zIdent[j];
+ if( zIdent[j]=='"' ) z[i++] = '"';
+ }
+ if( needQuote ) z[i++] = '"';
+ z[i] = 0;
+ *pIdx = i;
+}
+
+/*
+** Generate a CREATE TABLE statement appropriate for the given
+** table. Memory to hold the text of the statement is obtained
+** from sqliteMalloc() and must be freed by the calling function.
+*/
+static char *createTableStmt(sqlite3 *db, Table *p){
+ int i, k, n;
+ char *zStmt;
+ char *zSep, *zSep2, *zEnd;
+ Column *pCol;
+ n = 0;
+ for(pCol = p->aCol, i=0; i<p->nCol; i++, pCol++){
+ n += identLength(pCol->zName) + 5;
+ }
+ n += identLength(p->zName);
+ if( n<50 ){
+ zSep = "";
+ zSep2 = ",";
+ zEnd = ")";
+ }else{
+ zSep = "\n ";
+ zSep2 = ",\n ";
+ zEnd = "\n)";
+ }
+ n += 35 + 6*p->nCol;
+ zStmt = sqlite3DbMallocRaw(0, n);
+ if( zStmt==0 ){
+ db->mallocFailed = 1;
+ return 0;
+ }
+ sqlite3_snprintf(n, zStmt, "CREATE TABLE ");
+ k = sqlite3Strlen30(zStmt);
+ identPut(zStmt, &k, p->zName);
+ zStmt[k++] = '(';
+ for(pCol=p->aCol, i=0; i<p->nCol; i++, pCol++){
+ static const char * const azType[] = {
+ /* SQLITE_AFF_BLOB */ "",
+ /* SQLITE_AFF_TEXT */ " TEXT",
+ /* SQLITE_AFF_NUMERIC */ " NUM",
+ /* SQLITE_AFF_INTEGER */ " INT",
+ /* SQLITE_AFF_REAL */ " REAL"
+ };
+ int len;
+ const char *zType;
+
+ sqlite3_snprintf(n-k, &zStmt[k], zSep);
+ k += sqlite3Strlen30(&zStmt[k]);
+ zSep = zSep2;
+ identPut(zStmt, &k, pCol->zName);
+ assert( pCol->affinity-SQLITE_AFF_BLOB >= 0 );
+ assert( pCol->affinity-SQLITE_AFF_BLOB < ArraySize(azType) );
+ testcase( pCol->affinity==SQLITE_AFF_BLOB );
+ testcase( pCol->affinity==SQLITE_AFF_TEXT );
+ testcase( pCol->affinity==SQLITE_AFF_NUMERIC );
+ testcase( pCol->affinity==SQLITE_AFF_INTEGER );
+ testcase( pCol->affinity==SQLITE_AFF_REAL );
+
+ zType = azType[pCol->affinity - SQLITE_AFF_BLOB];
+ len = sqlite3Strlen30(zType);
+ assert( pCol->affinity==SQLITE_AFF_BLOB
+ || pCol->affinity==sqlite3AffinityType(zType, 0) );
+ memcpy(&zStmt[k], zType, len);
+ k += len;
+ assert( k<=n );
+ }
+ sqlite3_snprintf(n-k, &zStmt[k], "%s", zEnd);
+ return zStmt;
+}
+
+/*
+** Resize an Index object to hold N columns total. Return SQLITE_OK
+** on success and SQLITE_NOMEM on an OOM error.
+*/
+static int resizeIndexObject(sqlite3 *db, Index *pIdx, int N){
+ char *zExtra;
+ int nByte;
+ if( pIdx->nColumn>=N ) return SQLITE_OK;
+ assert( pIdx->isResized==0 );
+ nByte = (sizeof(char*) + sizeof(i16) + 1)*N;
+ zExtra = sqlite3DbMallocZero(db, nByte);
+ if( zExtra==0 ) return SQLITE_NOMEM;
+ memcpy(zExtra, pIdx->azColl, sizeof(char*)*pIdx->nColumn);
+ pIdx->azColl = (const char**)zExtra;
+ zExtra += sizeof(char*)*N;
+ memcpy(zExtra, pIdx->aiColumn, sizeof(i16)*pIdx->nColumn);
+ pIdx->aiColumn = (i16*)zExtra;
+ zExtra += sizeof(i16)*N;
+ memcpy(zExtra, pIdx->aSortOrder, pIdx->nColumn);
+ pIdx->aSortOrder = (u8*)zExtra;
+ pIdx->nColumn = N;
+ pIdx->isResized = 1;
+ return SQLITE_OK;
+}
+
+/*
+** Estimate the total row width for a table.
+*/
+static void estimateTableWidth(Table *pTab){
+ unsigned wTable = 0;
+ const Column *pTabCol;
+ int i;
+ for(i=pTab->nCol, pTabCol=pTab->aCol; i>0; i--, pTabCol++){
+ wTable += pTabCol->szEst;
+ }
+ if( pTab->iPKey<0 ) wTable++;
+ pTab->szTabRow = sqlite3LogEst(wTable*4);
+}
+
+/*
+** Estimate the average size of a row for an index.
+*/
+static void estimateIndexWidth(Index *pIdx){
+ unsigned wIndex = 0;
+ int i;
+ const Column *aCol = pIdx->pTable->aCol;
+ for(i=0; i<pIdx->nColumn; i++){
+ i16 x = pIdx->aiColumn[i];
+ assert( x<pIdx->pTable->nCol );
+ wIndex += x<0 ? 1 : aCol[pIdx->aiColumn[i]].szEst;
+ }
+ pIdx->szIdxRow = sqlite3LogEst(wIndex*4);
+}
+
+/* Return true if value x is found any of the first nCol entries of aiCol[]
+*/
+static int hasColumn(const i16 *aiCol, int nCol, int x){
+ while( nCol-- > 0 ) if( x==*(aiCol++) ) return 1;
+ return 0;
+}
+
+/*
+** This routine runs at the end of parsing a CREATE TABLE statement that
+** has a WITHOUT ROWID clause. The job of this routine is to convert both
+** internal schema data structures and the generated VDBE code so that they
+** are appropriate for a WITHOUT ROWID table instead of a rowid table.
+** Changes include:
+**
+** (1) Convert the OP_CreateTable into an OP_CreateIndex. There is
+** no rowid btree for a WITHOUT ROWID. Instead, the canonical
+** data storage is a covering index btree.
+** (2) Bypass the creation of the sqlite_master table entry
+** for the PRIMARY KEY as the primary key index is now
+** identified by the sqlite_master table entry of the table itself.
+** (3) Set the Index.tnum of the PRIMARY KEY Index object in the
+** schema to the rootpage from the main table.
+** (4) Set all columns of the PRIMARY KEY schema object to be NOT NULL.
+** (5) Add all table columns to the PRIMARY KEY Index object
+** so that the PRIMARY KEY is a covering index. The surplus
+** columns are part of KeyInfo.nXField and are not used for
+** sorting or lookup or uniqueness checks.
+** (6) Replace the rowid tail on all automatically generated UNIQUE
+** indices with the PRIMARY KEY columns.
+*/
+static void convertToWithoutRowidTable(Parse *pParse, Table *pTab){
+ Index *pIdx;
+ Index *pPk;
+ int nPk;
+ int i, j;
+ sqlite3 *db = pParse->db;
+ Vdbe *v = pParse->pVdbe;
+
+ /* Convert the OP_CreateTable opcode that would normally create the
+ ** root-page for the table into an OP_CreateIndex opcode. The index
+ ** created will become the PRIMARY KEY index.
+ */
+ if( pParse->addrCrTab ){
+ assert( v );
+ sqlite3VdbeChangeOpcode(v, pParse->addrCrTab, OP_CreateIndex);
+ }
+
+ /* Locate the PRIMARY KEY index. Or, if this table was originally
+ ** an INTEGER PRIMARY KEY table, create a new PRIMARY KEY index.
+ */
+ if( pTab->iPKey>=0 ){
+ ExprList *pList;
+ Token ipkToken;
+ ipkToken.z = pTab->aCol[pTab->iPKey].zName;
+ ipkToken.n = sqlite3Strlen30(ipkToken.z);
+ pList = sqlite3ExprListAppend(pParse, 0,
+ sqlite3ExprAlloc(db, TK_ID, &ipkToken, 0));
+ if( pList==0 ) return;
+ pList->a[0].sortOrder = pParse->iPkSortOrder;
+ assert( pParse->pNewTable==pTab );
+ pPk = sqlite3CreateIndex(pParse, 0, 0, 0, pList, pTab->keyConf, 0, 0, 0, 0);
+ if( pPk==0 ) return;
+ pPk->idxType = SQLITE_IDXTYPE_PRIMARYKEY;
+ pTab->iPKey = -1;
+ }else{
+ pPk = sqlite3PrimaryKeyIndex(pTab);
+
+ /* Bypass the creation of the PRIMARY KEY btree and the sqlite_master
+ ** table entry. This is only required if currently generating VDBE
+ ** code for a CREATE TABLE (not when parsing one as part of reading
+ ** a database schema). */
+ if( v ){
+ assert( db->init.busy==0 );
+ sqlite3VdbeChangeOpcode(v, pPk->tnum, OP_Goto);
+ }
+
+ /*
+ ** Remove all redundant columns from the PRIMARY KEY. For example, change
+ ** "PRIMARY KEY(a,b,a,b,c,b,c,d)" into just "PRIMARY KEY(a,b,c,d)". Later
+ ** code assumes the PRIMARY KEY contains no repeated columns.
+ */
+ for(i=j=1; i<pPk->nKeyCol; i++){
+ if( hasColumn(pPk->aiColumn, j, pPk->aiColumn[i]) ){
+ pPk->nColumn--;
+ }else{
+ pPk->aiColumn[j++] = pPk->aiColumn[i];
+ }
+ }
+ pPk->nKeyCol = j;
+ }
+ pPk->isCovering = 1;
+ assert( pPk!=0 );
+ nPk = pPk->nKeyCol;
+
+ /* Make sure every column of the PRIMARY KEY is NOT NULL. (Except,
+ ** do not enforce this for imposter tables.) */
+ if( !db->init.imposterTable ){
+ for(i=0; i<nPk; i++){
+ pTab->aCol[pPk->aiColumn[i]].notNull = OE_Abort;
+ }
+ pPk->uniqNotNull = 1;
+ }
+
+ /* The root page of the PRIMARY KEY is the table root page */
+ pPk->tnum = pTab->tnum;
+
+ /* Update the in-memory representation of all UNIQUE indices by converting
+ ** the final rowid column into one or more columns of the PRIMARY KEY.
+ */
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ int n;
+ if( IsPrimaryKeyIndex(pIdx) ) continue;
+ for(i=n=0; i<nPk; i++){
+ if( !hasColumn(pIdx->aiColumn, pIdx->nKeyCol, pPk->aiColumn[i]) ) n++;
+ }
+ if( n==0 ){
+ /* This index is a superset of the primary key */
+ pIdx->nColumn = pIdx->nKeyCol;
+ continue;
+ }
+ if( resizeIndexObject(db, pIdx, pIdx->nKeyCol+n) ) return;
+ for(i=0, j=pIdx->nKeyCol; i<nPk; i++){
+ if( !hasColumn(pIdx->aiColumn, pIdx->nKeyCol, pPk->aiColumn[i]) ){
+ pIdx->aiColumn[j] = pPk->aiColumn[i];
+ pIdx->azColl[j] = pPk->azColl[i];
+ j++;
+ }
+ }
+ assert( pIdx->nColumn>=pIdx->nKeyCol+n );
+ assert( pIdx->nColumn>=j );
+ }
+
+ /* Add all table columns to the PRIMARY KEY index
+ */
+ if( nPk<pTab->nCol ){
+ if( resizeIndexObject(db, pPk, pTab->nCol) ) return;
+ for(i=0, j=nPk; i<pTab->nCol; i++){
+ if( !hasColumn(pPk->aiColumn, j, i) ){
+ assert( j<pPk->nColumn );
+ pPk->aiColumn[j] = i;
+ pPk->azColl[j] = sqlite3StrBINARY;
+ j++;
+ }
+ }
+ assert( pPk->nColumn==j );
+ assert( pTab->nCol==j );
+ }else{
+ pPk->nColumn = pTab->nCol;
+ }
+}
+
+/*
+** This routine is called to report the final ")" that terminates
+** a CREATE TABLE statement.
+**
+** The table structure that other action routines have been building
+** is added to the internal hash tables, assuming no errors have
+** occurred.
+**
+** An entry for the table is made in the master table on disk, unless
+** this is a temporary table or db->init.busy==1. When db->init.busy==1
+** it means we are reading the sqlite_master table because we just
+** connected to the database or because the sqlite_master table has
+** recently changed, so the entry for this table already exists in
+** the sqlite_master table. We do not want to create it again.
+**
+** If the pSelect argument is not NULL, it means that this routine
+** was called to create a table generated from a
+** "CREATE TABLE ... AS SELECT ..." statement. The column names of
+** the new table will match the result set of the SELECT.
+*/
+SQLITE_PRIVATE void sqlite3EndTable(
+ Parse *pParse, /* Parse context */
+ Token *pCons, /* The ',' token after the last column defn. */
+ Token *pEnd, /* The ')' before options in the CREATE TABLE */
+ u8 tabOpts, /* Extra table options. Usually 0. */
+ Select *pSelect /* Select from a "CREATE ... AS SELECT" */
+){
+ Table *p; /* The new table */
+ sqlite3 *db = pParse->db; /* The database connection */
+ int iDb; /* Database in which the table lives */
+ Index *pIdx; /* An implied index of the table */
+
+ if( pEnd==0 && pSelect==0 ){
+ return;
+ }
+ assert( !db->mallocFailed );
+ p = pParse->pNewTable;
+ if( p==0 ) return;
+
+ assert( !db->init.busy || !pSelect );
+
+ /* If the db->init.busy is 1 it means we are reading the SQL off the
+ ** "sqlite_master" or "sqlite_temp_master" table on the disk.
+ ** So do not write to the disk again. Extract the root page number
+ ** for the table from the db->init.newTnum field. (The page number
+ ** should have been put there by the sqliteOpenCb routine.)
+ */
+ if( db->init.busy ){
+ p->tnum = db->init.newTnum;
+ }
+
+ /* Special processing for WITHOUT ROWID Tables */
+ if( tabOpts & TF_WithoutRowid ){
+ if( (p->tabFlags & TF_Autoincrement) ){
+ sqlite3ErrorMsg(pParse,
+ "AUTOINCREMENT not allowed on WITHOUT ROWID tables");
+ return;
+ }
+ if( (p->tabFlags & TF_HasPrimaryKey)==0 ){
+ sqlite3ErrorMsg(pParse, "PRIMARY KEY missing on table %s", p->zName);
+ }else{
+ p->tabFlags |= TF_WithoutRowid | TF_NoVisibleRowid;
+ convertToWithoutRowidTable(pParse, p);
+ }
+ }
+
+ iDb = sqlite3SchemaToIndex(db, p->pSchema);
+
+#ifndef SQLITE_OMIT_CHECK
+ /* Resolve names in all CHECK constraint expressions.
+ */
+ if( p->pCheck ){
+ sqlite3ResolveSelfReference(pParse, p, NC_IsCheck, 0, p->pCheck);
+ }
+#endif /* !defined(SQLITE_OMIT_CHECK) */
+
+ /* Estimate the average row size for the table and for all implied indices */
+ estimateTableWidth(p);
+ for(pIdx=p->pIndex; pIdx; pIdx=pIdx->pNext){
+ estimateIndexWidth(pIdx);
+ }
+
+ /* If not initializing, then create a record for the new table
+ ** in the SQLITE_MASTER table of the database.
+ **
+ ** If this is a TEMPORARY table, write the entry into the auxiliary
+ ** file instead of into the main database file.
+ */
+ if( !db->init.busy ){
+ int n;
+ Vdbe *v;
+ char *zType; /* "view" or "table" */
+ char *zType2; /* "VIEW" or "TABLE" */
+ char *zStmt; /* Text of the CREATE TABLE or CREATE VIEW statement */
+
+ v = sqlite3GetVdbe(pParse);
+ if( NEVER(v==0) ) return;
+
+ sqlite3VdbeAddOp1(v, OP_Close, 0);
+
+ /*
+ ** Initialize zType for the new view or table.
+ */
+ if( p->pSelect==0 ){
+ /* A regular table */
+ zType = "table";
+ zType2 = "TABLE";
+#ifndef SQLITE_OMIT_VIEW
+ }else{
+ /* A view */
+ zType = "view";
+ zType2 = "VIEW";
+#endif
+ }
+
+ /* If this is a CREATE TABLE xx AS SELECT ..., execute the SELECT
+ ** statement to populate the new table. The root-page number for the
+ ** new table is in register pParse->regRoot.
+ **
+ ** Once the SELECT has been coded by sqlite3Select(), it is in a
+ ** suitable state to query for the column names and types to be used
+ ** by the new table.
+ **
+ ** A shared-cache write-lock is not required to write to the new table,
+ ** as a schema-lock must have already been obtained to create it. Since
+ ** a schema-lock excludes all other database users, the write-lock would
+ ** be redundant.
+ */
+ if( pSelect ){
+ SelectDest dest; /* Where the SELECT should store results */
+ int regYield; /* Register holding co-routine entry-point */
+ int addrTop; /* Top of the co-routine */
+ int regRec; /* A record to be insert into the new table */
+ int regRowid; /* Rowid of the next row to insert */
+ int addrInsLoop; /* Top of the loop for inserting rows */
+ Table *pSelTab; /* A table that describes the SELECT results */
+
+ regYield = ++pParse->nMem;
+ regRec = ++pParse->nMem;
+ regRowid = ++pParse->nMem;
+ assert(pParse->nTab==1);
+ sqlite3MayAbort(pParse);
+ sqlite3VdbeAddOp3(v, OP_OpenWrite, 1, pParse->regRoot, iDb);
+ sqlite3VdbeChangeP5(v, OPFLAG_P2ISREG);
+ pParse->nTab = 2;
+ addrTop = sqlite3VdbeCurrentAddr(v) + 1;
+ sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
+ sqlite3SelectDestInit(&dest, SRT_Coroutine, regYield);
+ sqlite3Select(pParse, pSelect, &dest);
+ sqlite3VdbeAddOp1(v, OP_EndCoroutine, regYield);
+ sqlite3VdbeJumpHere(v, addrTop - 1);
+ if( pParse->nErr ) return;
+ pSelTab = sqlite3ResultSetOfSelect(pParse, pSelect);
+ if( pSelTab==0 ) return;
+ assert( p->aCol==0 );
+ p->nCol = pSelTab->nCol;
+ p->aCol = pSelTab->aCol;
+ pSelTab->nCol = 0;
+ pSelTab->aCol = 0;
+ sqlite3DeleteTable(db, pSelTab);
+ addrInsLoop = sqlite3VdbeAddOp1(v, OP_Yield, dest.iSDParm);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, dest.iSdst, dest.nSdst, regRec);
+ sqlite3TableAffinity(v, p, 0);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, 1, regRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, 1, regRec, regRowid);
+ sqlite3VdbeGoto(v, addrInsLoop);
+ sqlite3VdbeJumpHere(v, addrInsLoop);
+ sqlite3VdbeAddOp1(v, OP_Close, 1);
+ }
+
+ /* Compute the complete text of the CREATE statement */
+ if( pSelect ){
+ zStmt = createTableStmt(db, p);
+ }else{
+ Token *pEnd2 = tabOpts ? &pParse->sLastToken : pEnd;
+ n = (int)(pEnd2->z - pParse->sNameToken.z);
+ if( pEnd2->z[0]!=';' ) n += pEnd2->n;
+ zStmt = sqlite3MPrintf(db,
+ "CREATE %s %.*s", zType2, n, pParse->sNameToken.z
+ );
+ }
+
+ /* A slot for the record has already been allocated in the
+ ** SQLITE_MASTER table. We just need to update that slot with all
+ ** the information we've collected.
+ */
+ sqlite3NestedParse(pParse,
+ "UPDATE %Q.%s "
+ "SET type='%s', name=%Q, tbl_name=%Q, rootpage=#%d, sql=%Q "
+ "WHERE rowid=#%d",
+ db->aDb[iDb].zName, SCHEMA_TABLE(iDb),
+ zType,
+ p->zName,
+ p->zName,
+ pParse->regRoot,
+ zStmt,
+ pParse->regRowid
+ );
+ sqlite3DbFree(db, zStmt);
+ sqlite3ChangeCookie(pParse, iDb);
+
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+ /* Check to see if we need to create an sqlite_sequence table for
+ ** keeping track of autoincrement keys.
+ */
+ if( p->tabFlags & TF_Autoincrement ){
+ Db *pDb = &db->aDb[iDb];
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( pDb->pSchema->pSeqTab==0 ){
+ sqlite3NestedParse(pParse,
+ "CREATE TABLE %Q.sqlite_sequence(name,seq)",
+ pDb->zName
+ );
+ }
+ }
+#endif
+
+ /* Reparse everything to update our internal data structures */
+ sqlite3VdbeAddParseSchemaOp(v, iDb,
+ sqlite3MPrintf(db, "tbl_name='%q' AND type!='trigger'", p->zName));
+ }
+
+
+ /* Add the table to the in-memory representation of the database.
+ */
+ if( db->init.busy ){
+ Table *pOld;
+ Schema *pSchema = p->pSchema;
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pOld = sqlite3HashInsert(&pSchema->tblHash, p->zName, p);
+ if( pOld ){
+ assert( p==pOld ); /* Malloc must have failed inside HashInsert() */
+ db->mallocFailed = 1;
+ return;
+ }
+ pParse->pNewTable = 0;
+ db->flags |= SQLITE_InternChanges;
+
+#ifndef SQLITE_OMIT_ALTERTABLE
+ if( !p->pSelect ){
+ const char *zName = (const char *)pParse->sNameToken.z;
+ int nName;
+ assert( !pSelect && pCons && pEnd );
+ if( pCons->z==0 ){
+ pCons = pEnd;
+ }
+ nName = (int)((const char *)pCons->z - zName);
+ p->addColOffset = 13 + sqlite3Utf8CharLen(zName, nName);
+ }
+#endif
+ }
+}
+
+#ifndef SQLITE_OMIT_VIEW
+/*
+** The parser calls this routine in order to create a new VIEW
+*/
+SQLITE_PRIVATE void sqlite3CreateView(
+ Parse *pParse, /* The parsing context */
+ Token *pBegin, /* The CREATE token that begins the statement */
+ Token *pName1, /* The token that holds the name of the view */
+ Token *pName2, /* The token that holds the name of the view */
+ ExprList *pCNames, /* Optional list of view column names */
+ Select *pSelect, /* A SELECT statement that will become the new view */
+ int isTemp, /* TRUE for a TEMPORARY view */
+ int noErr /* Suppress error messages if VIEW already exists */
+){
+ Table *p;
+ int n;
+ const char *z;
+ Token sEnd;
+ DbFixer sFix;
+ Token *pName = 0;
+ int iDb;
+ sqlite3 *db = pParse->db;
+
+ if( pParse->nVar>0 ){
+ sqlite3ErrorMsg(pParse, "parameters are not allowed in views");
+ goto create_view_fail;
+ }
+ sqlite3StartTable(pParse, pName1, pName2, isTemp, 1, 0, noErr);
+ p = pParse->pNewTable;
+ if( p==0 || pParse->nErr ) goto create_view_fail;
+ sqlite3TwoPartName(pParse, pName1, pName2, &pName);
+ iDb = sqlite3SchemaToIndex(db, p->pSchema);
+ sqlite3FixInit(&sFix, pParse, iDb, "view", pName);
+ if( sqlite3FixSelect(&sFix, pSelect) ) goto create_view_fail;
+
+ /* Make a copy of the entire SELECT statement that defines the view.
+ ** This will force all the Expr.token.z values to be dynamically
+ ** allocated rather than point to the input string - which means that
+ ** they will persist after the current sqlite3_exec() call returns.
+ */
+ p->pSelect = sqlite3SelectDup(db, pSelect, EXPRDUP_REDUCE);
+ p->pCheck = sqlite3ExprListDup(db, pCNames, EXPRDUP_REDUCE);
+ if( db->mallocFailed ) goto create_view_fail;
+
+ /* Locate the end of the CREATE VIEW statement. Make sEnd point to
+ ** the end.
+ */
+ sEnd = pParse->sLastToken;
+ assert( sEnd.z[0]!=0 );
+ if( sEnd.z[0]!=';' ){
+ sEnd.z += sEnd.n;
+ }
+ sEnd.n = 0;
+ n = (int)(sEnd.z - pBegin->z);
+ assert( n>0 );
+ z = pBegin->z;
+ while( sqlite3Isspace(z[n-1]) ){ n--; }
+ sEnd.z = &z[n-1];
+ sEnd.n = 1;
+
+ /* Use sqlite3EndTable() to add the view to the SQLITE_MASTER table */
+ sqlite3EndTable(pParse, 0, &sEnd, 0, 0);
+
+create_view_fail:
+ sqlite3SelectDelete(db, pSelect);
+ sqlite3ExprListDelete(db, pCNames);
+ return;
+}
+#endif /* SQLITE_OMIT_VIEW */
+
+#if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE)
+/*
+** The Table structure pTable is really a VIEW. Fill in the names of
+** the columns of the view in the pTable structure. Return the number
+** of errors. If an error is seen leave an error message in pParse->zErrMsg.
+*/
+SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
+ Table *pSelTab; /* A fake table from which we get the result set */
+ Select *pSel; /* Copy of the SELECT that implements the view */
+ int nErr = 0; /* Number of errors encountered */
+ int n; /* Temporarily holds the number of cursors assigned */
+ sqlite3 *db = pParse->db; /* Database connection for malloc errors */
+ sqlite3_xauth xAuth; /* Saved xAuth pointer */
+ u8 bEnabledLA; /* Saved db->lookaside.bEnabled state */
+
+ assert( pTable );
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( sqlite3VtabCallConnect(pParse, pTable) ){
+ return SQLITE_ERROR;
+ }
+ if( IsVirtual(pTable) ) return 0;
+#endif
+
+#ifndef SQLITE_OMIT_VIEW
+ /* A positive nCol means the columns names for this view are
+ ** already known.
+ */
+ if( pTable->nCol>0 ) return 0;
+
+ /* A negative nCol is a special marker meaning that we are currently
+ ** trying to compute the column names. If we enter this routine with
+ ** a negative nCol, it means two or more views form a loop, like this:
+ **
+ ** CREATE VIEW one AS SELECT * FROM two;
+ ** CREATE VIEW two AS SELECT * FROM one;
+ **
+ ** Actually, the error above is now caught prior to reaching this point.
+ ** But the following test is still important as it does come up
+ ** in the following:
+ **
+ ** CREATE TABLE main.ex1(a);
+ ** CREATE TEMP VIEW ex1 AS SELECT a FROM ex1;
+ ** SELECT * FROM temp.ex1;
+ */
+ if( pTable->nCol<0 ){
+ sqlite3ErrorMsg(pParse, "view %s is circularly defined", pTable->zName);
+ return 1;
+ }
+ assert( pTable->nCol>=0 );
+
+ /* If we get this far, it means we need to compute the table names.
+ ** Note that the call to sqlite3ResultSetOfSelect() will expand any
+ ** "*" elements in the results set of the view and will assign cursors
+ ** to the elements of the FROM clause. But we do not want these changes
+ ** to be permanent. So the computation is done on a copy of the SELECT
+ ** statement that defines the view.
+ */
+ assert( pTable->pSelect );
+ bEnabledLA = db->lookaside.bEnabled;
+ if( pTable->pCheck ){
+ db->lookaside.bEnabled = 0;
+ sqlite3ColumnsFromExprList(pParse, pTable->pCheck,
+ &pTable->nCol, &pTable->aCol);
+ }else{
+ pSel = sqlite3SelectDup(db, pTable->pSelect, 0);
+ if( pSel ){
+ n = pParse->nTab;
+ sqlite3SrcListAssignCursors(pParse, pSel->pSrc);
+ pTable->nCol = -1;
+ db->lookaside.bEnabled = 0;
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ xAuth = db->xAuth;
+ db->xAuth = 0;
+ pSelTab = sqlite3ResultSetOfSelect(pParse, pSel);
+ db->xAuth = xAuth;
+#else
+ pSelTab = sqlite3ResultSetOfSelect(pParse, pSel);
+#endif
+ pParse->nTab = n;
+ if( pSelTab ){
+ assert( pTable->aCol==0 );
+ pTable->nCol = pSelTab->nCol;
+ pTable->aCol = pSelTab->aCol;
+ pSelTab->nCol = 0;
+ pSelTab->aCol = 0;
+ sqlite3DeleteTable(db, pSelTab);
+ assert( sqlite3SchemaMutexHeld(db, 0, pTable->pSchema) );
+ }else{
+ pTable->nCol = 0;
+ nErr++;
+ }
+ sqlite3SelectDelete(db, pSel);
+ } else {
+ nErr++;
+ }
+ }
+ db->lookaside.bEnabled = bEnabledLA;
+ pTable->pSchema->schemaFlags |= DB_UnresetViews;
+#endif /* SQLITE_OMIT_VIEW */
+ return nErr;
+}
+#endif /* !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE) */
+
+#ifndef SQLITE_OMIT_VIEW
+/*
+** Clear the column names from every VIEW in database idx.
+*/
+static void sqliteViewResetAll(sqlite3 *db, int idx){
+ HashElem *i;
+ assert( sqlite3SchemaMutexHeld(db, idx, 0) );
+ if( !DbHasProperty(db, idx, DB_UnresetViews) ) return;
+ for(i=sqliteHashFirst(&db->aDb[idx].pSchema->tblHash); i;i=sqliteHashNext(i)){
+ Table *pTab = sqliteHashData(i);
+ if( pTab->pSelect ){
+ sqlite3DeleteColumnNames(db, pTab);
+ pTab->aCol = 0;
+ pTab->nCol = 0;
+ }
+ }
+ DbClearProperty(db, idx, DB_UnresetViews);
+}
+#else
+# define sqliteViewResetAll(A,B)
+#endif /* SQLITE_OMIT_VIEW */
+
+/*
+** This function is called by the VDBE to adjust the internal schema
+** used by SQLite when the btree layer moves a table root page. The
+** root-page of a table or index in database iDb has changed from iFrom
+** to iTo.
+**
+** Ticket #1728: The symbol table might still contain information
+** on tables and/or indices that are the process of being deleted.
+** If you are unlucky, one of those deleted indices or tables might
+** have the same rootpage number as the real table or index that is
+** being moved. So we cannot stop searching after the first match
+** because the first match might be for one of the deleted indices
+** or tables and not the table/index that is actually being moved.
+** We must continue looping until all tables and indices with
+** rootpage==iFrom have been converted to have a rootpage of iTo
+** in order to be certain that we got the right one.
+*/
+#ifndef SQLITE_OMIT_AUTOVACUUM
+SQLITE_PRIVATE void sqlite3RootPageMoved(sqlite3 *db, int iDb, int iFrom, int iTo){
+ HashElem *pElem;
+ Hash *pHash;
+ Db *pDb;
+
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pDb = &db->aDb[iDb];
+ pHash = &pDb->pSchema->tblHash;
+ for(pElem=sqliteHashFirst(pHash); pElem; pElem=sqliteHashNext(pElem)){
+ Table *pTab = sqliteHashData(pElem);
+ if( pTab->tnum==iFrom ){
+ pTab->tnum = iTo;
+ }
+ }
+ pHash = &pDb->pSchema->idxHash;
+ for(pElem=sqliteHashFirst(pHash); pElem; pElem=sqliteHashNext(pElem)){
+ Index *pIdx = sqliteHashData(pElem);
+ if( pIdx->tnum==iFrom ){
+ pIdx->tnum = iTo;
+ }
+ }
+}
+#endif
+
+/*
+** Write code to erase the table with root-page iTable from database iDb.
+** Also write code to modify the sqlite_master table and internal schema
+** if a root-page of another table is moved by the btree-layer whilst
+** erasing iTable (this can happen with an auto-vacuum database).
+*/
+static void destroyRootPage(Parse *pParse, int iTable, int iDb){
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ int r1 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_Destroy, iTable, r1, iDb);
+ sqlite3MayAbort(pParse);
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ /* OP_Destroy stores an in integer r1. If this integer
+ ** is non-zero, then it is the root page number of a table moved to
+ ** location iTable. The following code modifies the sqlite_master table to
+ ** reflect this.
+ **
+ ** The "#NNN" in the SQL is a special constant that means whatever value
+ ** is in register NNN. See grammar rules associated with the TK_REGISTER
+ ** token for additional information.
+ */
+ sqlite3NestedParse(pParse,
+ "UPDATE %Q.%s SET rootpage=%d WHERE #%d AND rootpage=#%d",
+ pParse->db->aDb[iDb].zName, SCHEMA_TABLE(iDb), iTable, r1, r1);
+#endif
+ sqlite3ReleaseTempReg(pParse, r1);
+}
+
+/*
+** Write VDBE code to erase table pTab and all associated indices on disk.
+** Code to update the sqlite_master tables and internal schema definitions
+** in case a root-page belonging to another table is moved by the btree layer
+** is also added (this can happen with an auto-vacuum database).
+*/
+static void destroyTable(Parse *pParse, Table *pTab){
+#ifdef SQLITE_OMIT_AUTOVACUUM
+ Index *pIdx;
+ int iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ destroyRootPage(pParse, pTab->tnum, iDb);
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ destroyRootPage(pParse, pIdx->tnum, iDb);
+ }
+#else
+ /* If the database may be auto-vacuum capable (if SQLITE_OMIT_AUTOVACUUM
+ ** is not defined), then it is important to call OP_Destroy on the
+ ** table and index root-pages in order, starting with the numerically
+ ** largest root-page number. This guarantees that none of the root-pages
+ ** to be destroyed is relocated by an earlier OP_Destroy. i.e. if the
+ ** following were coded:
+ **
+ ** OP_Destroy 4 0
+ ** ...
+ ** OP_Destroy 5 0
+ **
+ ** and root page 5 happened to be the largest root-page number in the
+ ** database, then root page 5 would be moved to page 4 by the
+ ** "OP_Destroy 4 0" opcode. The subsequent "OP_Destroy 5 0" would hit
+ ** a free-list page.
+ */
+ int iTab = pTab->tnum;
+ int iDestroyed = 0;
+
+ while( 1 ){
+ Index *pIdx;
+ int iLargest = 0;
+
+ if( iDestroyed==0 || iTab<iDestroyed ){
+ iLargest = iTab;
+ }
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ int iIdx = pIdx->tnum;
+ assert( pIdx->pSchema==pTab->pSchema );
+ if( (iDestroyed==0 || (iIdx<iDestroyed)) && iIdx>iLargest ){
+ iLargest = iIdx;
+ }
+ }
+ if( iLargest==0 ){
+ return;
+ }else{
+ int iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ assert( iDb>=0 && iDb<pParse->db->nDb );
+ destroyRootPage(pParse, iLargest, iDb);
+ iDestroyed = iLargest;
+ }
+ }
+#endif
+}
+
+/*
+** Remove entries from the sqlite_statN tables (for N in (1,2,3))
+** after a DROP INDEX or DROP TABLE command.
+*/
+static void sqlite3ClearStatTables(
+ Parse *pParse, /* The parsing context */
+ int iDb, /* The database number */
+ const char *zType, /* "idx" or "tbl" */
+ const char *zName /* Name of index or table */
+){
+ int i;
+ const char *zDbName = pParse->db->aDb[iDb].zName;
+ for(i=1; i<=4; i++){
+ char zTab[24];
+ sqlite3_snprintf(sizeof(zTab),zTab,"sqlite_stat%d",i);
+ if( sqlite3FindTable(pParse->db, zTab, zDbName) ){
+ sqlite3NestedParse(pParse,
+ "DELETE FROM %Q.%s WHERE %s=%Q",
+ zDbName, zTab, zType, zName
+ );
+ }
+ }
+}
+
+/*
+** Generate code to drop a table.
+*/
+SQLITE_PRIVATE void sqlite3CodeDropTable(Parse *pParse, Table *pTab, int iDb, int isView){
+ Vdbe *v;
+ sqlite3 *db = pParse->db;
+ Trigger *pTrigger;
+ Db *pDb = &db->aDb[iDb];
+
+ v = sqlite3GetVdbe(pParse);
+ assert( v!=0 );
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( IsVirtual(pTab) ){
+ sqlite3VdbeAddOp0(v, OP_VBegin);
+ }
+#endif
+
+ /* Drop all triggers associated with the table being dropped. Code
+ ** is generated to remove entries from sqlite_master and/or
+ ** sqlite_temp_master if required.
+ */
+ pTrigger = sqlite3TriggerList(pParse, pTab);
+ while( pTrigger ){
+ assert( pTrigger->pSchema==pTab->pSchema ||
+ pTrigger->pSchema==db->aDb[1].pSchema );
+ sqlite3DropTriggerPtr(pParse, pTrigger);
+ pTrigger = pTrigger->pNext;
+ }
+
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+ /* Remove any entries of the sqlite_sequence table associated with
+ ** the table being dropped. This is done before the table is dropped
+ ** at the btree level, in case the sqlite_sequence table needs to
+ ** move as a result of the drop (can happen in auto-vacuum mode).
+ */
+ if( pTab->tabFlags & TF_Autoincrement ){
+ sqlite3NestedParse(pParse,
+ "DELETE FROM %Q.sqlite_sequence WHERE name=%Q",
+ pDb->zName, pTab->zName
+ );
+ }
+#endif
+
+ /* Drop all SQLITE_MASTER table and index entries that refer to the
+ ** table. The program name loops through the master table and deletes
+ ** every row that refers to a table of the same name as the one being
+ ** dropped. Triggers are handled separately because a trigger can be
+ ** created in the temp database that refers to a table in another
+ ** database.
+ */
+ sqlite3NestedParse(pParse,
+ "DELETE FROM %Q.%s WHERE tbl_name=%Q and type!='trigger'",
+ pDb->zName, SCHEMA_TABLE(iDb), pTab->zName);
+ if( !isView && !IsVirtual(pTab) ){
+ destroyTable(pParse, pTab);
+ }
+
+ /* Remove the table entry from SQLite's internal schema and modify
+ ** the schema cookie.
+ */
+ if( IsVirtual(pTab) ){
+ sqlite3VdbeAddOp4(v, OP_VDestroy, iDb, 0, 0, pTab->zName, 0);
+ }
+ sqlite3VdbeAddOp4(v, OP_DropTable, iDb, 0, 0, pTab->zName, 0);
+ sqlite3ChangeCookie(pParse, iDb);
+ sqliteViewResetAll(db, iDb);
+}
+
+/*
+** This routine is called to do the work of a DROP TABLE statement.
+** pName is the name of the table to be dropped.
+*/
+SQLITE_PRIVATE void sqlite3DropTable(Parse *pParse, SrcList *pName, int isView, int noErr){
+ Table *pTab;
+ Vdbe *v;
+ sqlite3 *db = pParse->db;
+ int iDb;
+
+ if( db->mallocFailed ){
+ goto exit_drop_table;
+ }
+ assert( pParse->nErr==0 );
+ assert( pName->nSrc==1 );
+ if( sqlite3ReadSchema(pParse) ) goto exit_drop_table;
+ if( noErr ) db->suppressErr++;
+ pTab = sqlite3LocateTableItem(pParse, isView, &pName->a[0]);
+ if( noErr ) db->suppressErr--;
+
+ if( pTab==0 ){
+ if( noErr ) sqlite3CodeVerifyNamedSchema(pParse, pName->a[0].zDatabase);
+ goto exit_drop_table;
+ }
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ assert( iDb>=0 && iDb<db->nDb );
+
+ /* If pTab is a virtual table, call ViewGetColumnNames() to ensure
+ ** it is initialized.
+ */
+ if( IsVirtual(pTab) && sqlite3ViewGetColumnNames(pParse, pTab) ){
+ goto exit_drop_table;
+ }
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ int code;
+ const char *zTab = SCHEMA_TABLE(iDb);
+ const char *zDb = db->aDb[iDb].zName;
+ const char *zArg2 = 0;
+ if( sqlite3AuthCheck(pParse, SQLITE_DELETE, zTab, 0, zDb)){
+ goto exit_drop_table;
+ }
+ if( isView ){
+ if( !OMIT_TEMPDB && iDb==1 ){
+ code = SQLITE_DROP_TEMP_VIEW;
+ }else{
+ code = SQLITE_DROP_VIEW;
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ }else if( IsVirtual(pTab) ){
+ code = SQLITE_DROP_VTABLE;
+ zArg2 = sqlite3GetVTable(db, pTab)->pMod->zName;
+#endif
+ }else{
+ if( !OMIT_TEMPDB && iDb==1 ){
+ code = SQLITE_DROP_TEMP_TABLE;
+ }else{
+ code = SQLITE_DROP_TABLE;
+ }
+ }
+ if( sqlite3AuthCheck(pParse, code, pTab->zName, zArg2, zDb) ){
+ goto exit_drop_table;
+ }
+ if( sqlite3AuthCheck(pParse, SQLITE_DELETE, pTab->zName, 0, zDb) ){
+ goto exit_drop_table;
+ }
+ }
+#endif
+ if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0
+ && sqlite3StrNICmp(pTab->zName, "sqlite_stat", 11)!=0 ){
+ sqlite3ErrorMsg(pParse, "table %s may not be dropped", pTab->zName);
+ goto exit_drop_table;
+ }
+
+#ifndef SQLITE_OMIT_VIEW
+ /* Ensure DROP TABLE is not used on a view, and DROP VIEW is not used
+ ** on a table.
+ */
+ if( isView && pTab->pSelect==0 ){
+ sqlite3ErrorMsg(pParse, "use DROP TABLE to delete table %s", pTab->zName);
+ goto exit_drop_table;
+ }
+ if( !isView && pTab->pSelect ){
+ sqlite3ErrorMsg(pParse, "use DROP VIEW to delete view %s", pTab->zName);
+ goto exit_drop_table;
+ }
+#endif
+
+ /* Generate code to remove the table from the master table
+ ** on disk.
+ */
+ v = sqlite3GetVdbe(pParse);
+ if( v ){
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+ sqlite3ClearStatTables(pParse, iDb, "tbl", pTab->zName);
+ sqlite3FkDropTable(pParse, pName, pTab);
+ sqlite3CodeDropTable(pParse, pTab, iDb, isView);
+ }
+
+exit_drop_table:
+ sqlite3SrcListDelete(db, pName);
+}
+
+/*
+** This routine is called to create a new foreign key on the table
+** currently under construction. pFromCol determines which columns
+** in the current table point to the foreign key. If pFromCol==0 then
+** connect the key to the last column inserted. pTo is the name of
+** the table referred to (a.k.a the "parent" table). pToCol is a list
+** of tables in the parent pTo table. flags contains all
+** information about the conflict resolution algorithms specified
+** in the ON DELETE, ON UPDATE and ON INSERT clauses.
+**
+** An FKey structure is created and added to the table currently
+** under construction in the pParse->pNewTable field.
+**
+** The foreign key is set for IMMEDIATE processing. A subsequent call
+** to sqlite3DeferForeignKey() might change this to DEFERRED.
+*/
+SQLITE_PRIVATE void sqlite3CreateForeignKey(
+ Parse *pParse, /* Parsing context */
+ ExprList *pFromCol, /* Columns in this table that point to other table */
+ Token *pTo, /* Name of the other table */
+ ExprList *pToCol, /* Columns in the other table */
+ int flags /* Conflict resolution algorithms. */
+){
+ sqlite3 *db = pParse->db;
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ FKey *pFKey = 0;
+ FKey *pNextTo;
+ Table *p = pParse->pNewTable;
+ int nByte;
+ int i;
+ int nCol;
+ char *z;
+
+ assert( pTo!=0 );
+ if( p==0 || IN_DECLARE_VTAB ) goto fk_end;
+ if( pFromCol==0 ){
+ int iCol = p->nCol-1;
+ if( NEVER(iCol<0) ) goto fk_end;
+ if( pToCol && pToCol->nExpr!=1 ){
+ sqlite3ErrorMsg(pParse, "foreign key on %s"
+ " should reference only one column of table %T",
+ p->aCol[iCol].zName, pTo);
+ goto fk_end;
+ }
+ nCol = 1;
+ }else if( pToCol && pToCol->nExpr!=pFromCol->nExpr ){
+ sqlite3ErrorMsg(pParse,
+ "number of columns in foreign key does not match the number of "
+ "columns in the referenced table");
+ goto fk_end;
+ }else{
+ nCol = pFromCol->nExpr;
+ }
+ nByte = sizeof(*pFKey) + (nCol-1)*sizeof(pFKey->aCol[0]) + pTo->n + 1;
+ if( pToCol ){
+ for(i=0; i<pToCol->nExpr; i++){
+ nByte += sqlite3Strlen30(pToCol->a[i].zName) + 1;
+ }
+ }
+ pFKey = sqlite3DbMallocZero(db, nByte );
+ if( pFKey==0 ){
+ goto fk_end;
+ }
+ pFKey->pFrom = p;
+ pFKey->pNextFrom = p->pFKey;
+ z = (char*)&pFKey->aCol[nCol];
+ pFKey->zTo = z;
+ memcpy(z, pTo->z, pTo->n);
+ z[pTo->n] = 0;
+ sqlite3Dequote(z);
+ z += pTo->n+1;
+ pFKey->nCol = nCol;
+ if( pFromCol==0 ){
+ pFKey->aCol[0].iFrom = p->nCol-1;
+ }else{
+ for(i=0; i<nCol; i++){
+ int j;
+ for(j=0; j<p->nCol; j++){
+ if( sqlite3StrICmp(p->aCol[j].zName, pFromCol->a[i].zName)==0 ){
+ pFKey->aCol[i].iFrom = j;
+ break;
+ }
+ }
+ if( j>=p->nCol ){
+ sqlite3ErrorMsg(pParse,
+ "unknown column \"%s\" in foreign key definition",
+ pFromCol->a[i].zName);
+ goto fk_end;
+ }
+ }
+ }
+ if( pToCol ){
+ for(i=0; i<nCol; i++){
+ int n = sqlite3Strlen30(pToCol->a[i].zName);
+ pFKey->aCol[i].zCol = z;
+ memcpy(z, pToCol->a[i].zName, n);
+ z[n] = 0;
+ z += n+1;
+ }
+ }
+ pFKey->isDeferred = 0;
+ pFKey->aAction[0] = (u8)(flags & 0xff); /* ON DELETE action */
+ pFKey->aAction[1] = (u8)((flags >> 8 ) & 0xff); /* ON UPDATE action */
+
+ assert( sqlite3SchemaMutexHeld(db, 0, p->pSchema) );
+ pNextTo = (FKey *)sqlite3HashInsert(&p->pSchema->fkeyHash,
+ pFKey->zTo, (void *)pFKey
+ );
+ if( pNextTo==pFKey ){
+ db->mallocFailed = 1;
+ goto fk_end;
+ }
+ if( pNextTo ){
+ assert( pNextTo->pPrevTo==0 );
+ pFKey->pNextTo = pNextTo;
+ pNextTo->pPrevTo = pFKey;
+ }
+
+ /* Link the foreign key to the table as the last step.
+ */
+ p->pFKey = pFKey;
+ pFKey = 0;
+
+fk_end:
+ sqlite3DbFree(db, pFKey);
+#endif /* !defined(SQLITE_OMIT_FOREIGN_KEY) */
+ sqlite3ExprListDelete(db, pFromCol);
+ sqlite3ExprListDelete(db, pToCol);
+}
+
+/*
+** This routine is called when an INITIALLY IMMEDIATE or INITIALLY DEFERRED
+** clause is seen as part of a foreign key definition. The isDeferred
+** parameter is 1 for INITIALLY DEFERRED and 0 for INITIALLY IMMEDIATE.
+** The behavior of the most recently created foreign key is adjusted
+** accordingly.
+*/
+SQLITE_PRIVATE void sqlite3DeferForeignKey(Parse *pParse, int isDeferred){
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ Table *pTab;
+ FKey *pFKey;
+ if( (pTab = pParse->pNewTable)==0 || (pFKey = pTab->pFKey)==0 ) return;
+ assert( isDeferred==0 || isDeferred==1 ); /* EV: R-30323-21917 */
+ pFKey->isDeferred = (u8)isDeferred;
+#endif
+}
+
+/*
+** Generate code that will erase and refill index *pIdx. This is
+** used to initialize a newly created index or to recompute the
+** content of an index in response to a REINDEX command.
+**
+** if memRootPage is not negative, it means that the index is newly
+** created. The register specified by memRootPage contains the
+** root page number of the index. If memRootPage is negative, then
+** the index already exists and must be cleared before being refilled and
+** the root page number of the index is taken from pIndex->tnum.
+*/
+static void sqlite3RefillIndex(Parse *pParse, Index *pIndex, int memRootPage){
+ Table *pTab = pIndex->pTable; /* The table that is indexed */
+ int iTab = pParse->nTab++; /* Btree cursor used for pTab */
+ int iIdx = pParse->nTab++; /* Btree cursor used for pIndex */
+ int iSorter; /* Cursor opened by OpenSorter (if in use) */
+ int addr1; /* Address of top of loop */
+ int addr2; /* Address to jump to for next iteration */
+ int tnum; /* Root page of index */
+ int iPartIdxLabel; /* Jump to this label to skip a row */
+ Vdbe *v; /* Generate code into this virtual machine */
+ KeyInfo *pKey; /* KeyInfo for index */
+ int regRecord; /* Register holding assembled index record */
+ sqlite3 *db = pParse->db; /* The database connection */
+ int iDb = sqlite3SchemaToIndex(db, pIndex->pSchema);
+
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ if( sqlite3AuthCheck(pParse, SQLITE_REINDEX, pIndex->zName, 0,
+ db->aDb[iDb].zName ) ){
+ return;
+ }
+#endif
+
+ /* Require a write-lock on the table to perform this operation */
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 1, pTab->zName);
+
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ) return;
+ if( memRootPage>=0 ){
+ tnum = memRootPage;
+ }else{
+ tnum = pIndex->tnum;
+ }
+ pKey = sqlite3KeyInfoOfIndex(pParse, pIndex);
+
+ /* Open the sorter cursor if we are to use one. */
+ iSorter = pParse->nTab++;
+ sqlite3VdbeAddOp4(v, OP_SorterOpen, iSorter, 0, pIndex->nKeyCol, (char*)
+ sqlite3KeyInfoRef(pKey), P4_KEYINFO);
+
+ /* Open the table. Loop through all rows of the table, inserting index
+ ** records into the sorter. */
+ sqlite3OpenTable(pParse, iTab, iDb, pTab, OP_OpenRead);
+ addr1 = sqlite3VdbeAddOp2(v, OP_Rewind, iTab, 0); VdbeCoverage(v);
+ regRecord = sqlite3GetTempReg(pParse);
+
+ sqlite3GenerateIndexKey(pParse,pIndex,iTab,regRecord,0,&iPartIdxLabel,0,0);
+ sqlite3VdbeAddOp2(v, OP_SorterInsert, iSorter, regRecord);
+ sqlite3ResolvePartIdxLabel(pParse, iPartIdxLabel);
+ sqlite3VdbeAddOp2(v, OP_Next, iTab, addr1+1); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addr1);
+ if( memRootPage<0 ) sqlite3VdbeAddOp2(v, OP_Clear, tnum, iDb);
+ sqlite3VdbeAddOp4(v, OP_OpenWrite, iIdx, tnum, iDb,
+ (char *)pKey, P4_KEYINFO);
+ sqlite3VdbeChangeP5(v, OPFLAG_BULKCSR|((memRootPage>=0)?OPFLAG_P2ISREG:0));
+
+ addr1 = sqlite3VdbeAddOp2(v, OP_SorterSort, iSorter, 0); VdbeCoverage(v);
+ assert( pKey!=0 || db->mallocFailed || pParse->nErr );
+ if( IsUniqueIndex(pIndex) && pKey!=0 ){
+ int j2 = sqlite3VdbeCurrentAddr(v) + 3;
+ sqlite3VdbeGoto(v, j2);
+ addr2 = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp4Int(v, OP_SorterCompare, iSorter, j2, regRecord,
+ pIndex->nKeyCol); VdbeCoverage(v);
+ sqlite3UniqueConstraint(pParse, OE_Abort, pIndex);
+ }else{
+ addr2 = sqlite3VdbeCurrentAddr(v);
+ }
+ sqlite3VdbeAddOp3(v, OP_SorterData, iSorter, regRecord, iIdx);
+ sqlite3VdbeAddOp3(v, OP_Last, iIdx, 0, -1);
+ sqlite3VdbeAddOp3(v, OP_IdxInsert, iIdx, regRecord, 0);
+ sqlite3VdbeChangeP5(v, OPFLAG_USESEEKRESULT);
+ sqlite3ReleaseTempReg(pParse, regRecord);
+ sqlite3VdbeAddOp2(v, OP_SorterNext, iSorter, addr2); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addr1);
+
+ sqlite3VdbeAddOp1(v, OP_Close, iTab);
+ sqlite3VdbeAddOp1(v, OP_Close, iIdx);
+ sqlite3VdbeAddOp1(v, OP_Close, iSorter);
+}
+
+/*
+** Allocate heap space to hold an Index object with nCol columns.
+**
+** Increase the allocation size to provide an extra nExtra bytes
+** of 8-byte aligned space after the Index object and return a
+** pointer to this extra space in *ppExtra.
+*/
+SQLITE_PRIVATE Index *sqlite3AllocateIndexObject(
+ sqlite3 *db, /* Database connection */
+ i16 nCol, /* Total number of columns in the index */
+ int nExtra, /* Number of bytes of extra space to alloc */
+ char **ppExtra /* Pointer to the "extra" space */
+){
+ Index *p; /* Allocated index object */
+ int nByte; /* Bytes of space for Index object + arrays */
+
+ nByte = ROUND8(sizeof(Index)) + /* Index structure */
+ ROUND8(sizeof(char*)*nCol) + /* Index.azColl */
+ ROUND8(sizeof(LogEst)*(nCol+1) + /* Index.aiRowLogEst */
+ sizeof(i16)*nCol + /* Index.aiColumn */
+ sizeof(u8)*nCol); /* Index.aSortOrder */
+ p = sqlite3DbMallocZero(db, nByte + nExtra);
+ if( p ){
+ char *pExtra = ((char*)p)+ROUND8(sizeof(Index));
+ p->azColl = (const char**)pExtra; pExtra += ROUND8(sizeof(char*)*nCol);
+ p->aiRowLogEst = (LogEst*)pExtra; pExtra += sizeof(LogEst)*(nCol+1);
+ p->aiColumn = (i16*)pExtra; pExtra += sizeof(i16)*nCol;
+ p->aSortOrder = (u8*)pExtra;
+ p->nColumn = nCol;
+ p->nKeyCol = nCol - 1;
+ *ppExtra = ((char*)p) + nByte;
+ }
+ return p;
+}
+
+/*
+** Create a new index for an SQL table. pName1.pName2 is the name of the index
+** and pTblList is the name of the table that is to be indexed. Both will
+** be NULL for a primary key or an index that is created to satisfy a
+** UNIQUE constraint. If pTable and pIndex are NULL, use pParse->pNewTable
+** as the table to be indexed. pParse->pNewTable is a table that is
+** currently being constructed by a CREATE TABLE statement.
+**
+** pList is a list of columns to be indexed. pList will be NULL if this
+** is a primary key or unique-constraint on the most recent column added
+** to the table currently under construction.
+**
+** If the index is created successfully, return a pointer to the new Index
+** structure. This is used by sqlite3AddPrimaryKey() to mark the index
+** as the tables primary key (Index.idxType==SQLITE_IDXTYPE_PRIMARYKEY)
+*/
+SQLITE_PRIVATE Index *sqlite3CreateIndex(
+ Parse *pParse, /* All information about this parse */
+ Token *pName1, /* First part of index name. May be NULL */
+ Token *pName2, /* Second part of index name. May be NULL */
+ SrcList *pTblName, /* Table to index. Use pParse->pNewTable if 0 */
+ ExprList *pList, /* A list of columns to be indexed */
+ int onError, /* OE_Abort, OE_Ignore, OE_Replace, or OE_None */
+ Token *pStart, /* The CREATE token that begins this statement */
+ Expr *pPIWhere, /* WHERE clause for partial indices */
+ int sortOrder, /* Sort order of primary key when pList==NULL */
+ int ifNotExist /* Omit error if index already exists */
+){
+ Index *pRet = 0; /* Pointer to return */
+ Table *pTab = 0; /* Table to be indexed */
+ Index *pIndex = 0; /* The index to be created */
+ char *zName = 0; /* Name of the index */
+ int nName; /* Number of characters in zName */
+ int i, j;
+ DbFixer sFix; /* For assigning database names to pTable */
+ int sortOrderMask; /* 1 to honor DESC in index. 0 to ignore. */
+ sqlite3 *db = pParse->db;
+ Db *pDb; /* The specific table containing the indexed database */
+ int iDb; /* Index of the database that is being written */
+ Token *pName = 0; /* Unqualified name of the index to create */
+ struct ExprList_item *pListItem; /* For looping over pList */
+ int nExtra = 0; /* Space allocated for zExtra[] */
+ int nExtraCol; /* Number of extra columns needed */
+ char *zExtra = 0; /* Extra space after the Index object */
+ Index *pPk = 0; /* PRIMARY KEY index for WITHOUT ROWID tables */
+
+ if( db->mallocFailed || IN_DECLARE_VTAB || pParse->nErr>0 ){
+ goto exit_create_index;
+ }
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ goto exit_create_index;
+ }
+
+ /*
+ ** Find the table that is to be indexed. Return early if not found.
+ */
+ if( pTblName!=0 ){
+
+ /* Use the two-part index name to determine the database
+ ** to search for the table. 'Fix' the table name to this db
+ ** before looking up the table.
+ */
+ assert( pName1 && pName2 );
+ iDb = sqlite3TwoPartName(pParse, pName1, pName2, &pName);
+ if( iDb<0 ) goto exit_create_index;
+ assert( pName && pName->z );
+
+#ifndef SQLITE_OMIT_TEMPDB
+ /* If the index name was unqualified, check if the table
+ ** is a temp table. If so, set the database to 1. Do not do this
+ ** if initialising a database schema.
+ */
+ if( !db->init.busy ){
+ pTab = sqlite3SrcListLookup(pParse, pTblName);
+ if( pName2->n==0 && pTab && pTab->pSchema==db->aDb[1].pSchema ){
+ iDb = 1;
+ }
+ }
+#endif
+
+ sqlite3FixInit(&sFix, pParse, iDb, "index", pName);
+ if( sqlite3FixSrcList(&sFix, pTblName) ){
+ /* Because the parser constructs pTblName from a single identifier,
+ ** sqlite3FixSrcList can never fail. */
+ assert(0);
+ }
+ pTab = sqlite3LocateTableItem(pParse, 0, &pTblName->a[0]);
+ assert( db->mallocFailed==0 || pTab==0 );
+ if( pTab==0 ) goto exit_create_index;
+ if( iDb==1 && db->aDb[iDb].pSchema!=pTab->pSchema ){
+ sqlite3ErrorMsg(pParse,
+ "cannot create a TEMP index on non-TEMP table \"%s\"",
+ pTab->zName);
+ goto exit_create_index;
+ }
+ if( !HasRowid(pTab) ) pPk = sqlite3PrimaryKeyIndex(pTab);
+ }else{
+ assert( pName==0 );
+ assert( pStart==0 );
+ pTab = pParse->pNewTable;
+ if( !pTab ) goto exit_create_index;
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ }
+ pDb = &db->aDb[iDb];
+
+ assert( pTab!=0 );
+ assert( pParse->nErr==0 );
+ if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0
+ && db->init.busy==0
+#if SQLITE_USER_AUTHENTICATION
+ && sqlite3UserAuthTable(pTab->zName)==0
+#endif
+ && sqlite3StrNICmp(&pTab->zName[7],"altertab_",9)!=0 ){
+ sqlite3ErrorMsg(pParse, "table %s may not be indexed", pTab->zName);
+ goto exit_create_index;
+ }
+#ifndef SQLITE_OMIT_VIEW
+ if( pTab->pSelect ){
+ sqlite3ErrorMsg(pParse, "views may not be indexed");
+ goto exit_create_index;
+ }
+#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( IsVirtual(pTab) ){
+ sqlite3ErrorMsg(pParse, "virtual tables may not be indexed");
+ goto exit_create_index;
+ }
+#endif
+
+ /*
+ ** Find the name of the index. Make sure there is not already another
+ ** index or table with the same name.
+ **
+ ** Exception: If we are reading the names of permanent indices from the
+ ** sqlite_master table (because some other process changed the schema) and
+ ** one of the index names collides with the name of a temporary table or
+ ** index, then we will continue to process this index.
+ **
+ ** If pName==0 it means that we are
+ ** dealing with a primary key or UNIQUE constraint. We have to invent our
+ ** own name.
+ */
+ if( pName ){
+ zName = sqlite3NameFromToken(db, pName);
+ if( zName==0 ) goto exit_create_index;
+ assert( pName->z!=0 );
+ if( SQLITE_OK!=sqlite3CheckObjectName(pParse, zName) ){
+ goto exit_create_index;
+ }
+ if( !db->init.busy ){
+ if( sqlite3FindTable(db, zName, 0)!=0 ){
+ sqlite3ErrorMsg(pParse, "there is already a table named %s", zName);
+ goto exit_create_index;
+ }
+ }
+ if( sqlite3FindIndex(db, zName, pDb->zName)!=0 ){
+ if( !ifNotExist ){
+ sqlite3ErrorMsg(pParse, "index %s already exists", zName);
+ }else{
+ assert( !db->init.busy );
+ sqlite3CodeVerifySchema(pParse, iDb);
+ }
+ goto exit_create_index;
+ }
+ }else{
+ int n;
+ Index *pLoop;
+ for(pLoop=pTab->pIndex, n=1; pLoop; pLoop=pLoop->pNext, n++){}
+ zName = sqlite3MPrintf(db, "sqlite_autoindex_%s_%d", pTab->zName, n);
+ if( zName==0 ){
+ goto exit_create_index;
+ }
+ }
+
+ /* Check for authorization to create an index.
+ */
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ const char *zDb = pDb->zName;
+ if( sqlite3AuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(iDb), 0, zDb) ){
+ goto exit_create_index;
+ }
+ i = SQLITE_CREATE_INDEX;
+ if( !OMIT_TEMPDB && iDb==1 ) i = SQLITE_CREATE_TEMP_INDEX;
+ if( sqlite3AuthCheck(pParse, i, zName, pTab->zName, zDb) ){
+ goto exit_create_index;
+ }
+ }
+#endif
+
+ /* If pList==0, it means this routine was called to make a primary
+ ** key out of the last column added to the table under construction.
+ ** So create a fake list to simulate this.
+ */
+ if( pList==0 ){
+ Token prevCol;
+ prevCol.z = pTab->aCol[pTab->nCol-1].zName;
+ prevCol.n = sqlite3Strlen30(prevCol.z);
+ pList = sqlite3ExprListAppend(pParse, 0,
+ sqlite3ExprAlloc(db, TK_ID, &prevCol, 0));
+ if( pList==0 ) goto exit_create_index;
+ assert( pList->nExpr==1 );
+ sqlite3ExprListSetSortOrder(pList, sortOrder);
+ }else{
+ sqlite3ExprListCheckLength(pParse, pList, "index");
+ }
+
+ /* Figure out how many bytes of space are required to store explicitly
+ ** specified collation sequence names.
+ */
+ for(i=0; i<pList->nExpr; i++){
+ Expr *pExpr = pList->a[i].pExpr;
+ assert( pExpr!=0 );
+ if( pExpr->op==TK_COLLATE ){
+ nExtra += (1 + sqlite3Strlen30(pExpr->u.zToken));
+ }
+ }
+
+ /*
+ ** Allocate the index structure.
+ */
+ nName = sqlite3Strlen30(zName);
+ nExtraCol = pPk ? pPk->nKeyCol : 1;
+ pIndex = sqlite3AllocateIndexObject(db, pList->nExpr + nExtraCol,
+ nName + nExtra + 1, &zExtra);
+ if( db->mallocFailed ){
+ goto exit_create_index;
+ }
+ assert( EIGHT_BYTE_ALIGNMENT(pIndex->aiRowLogEst) );
+ assert( EIGHT_BYTE_ALIGNMENT(pIndex->azColl) );
+ pIndex->zName = zExtra;
+ zExtra += nName + 1;
+ memcpy(pIndex->zName, zName, nName+1);
+ pIndex->pTable = pTab;
+ pIndex->onError = (u8)onError;
+ pIndex->uniqNotNull = onError!=OE_None;
+ pIndex->idxType = pName ? SQLITE_IDXTYPE_APPDEF : SQLITE_IDXTYPE_UNIQUE;
+ pIndex->pSchema = db->aDb[iDb].pSchema;
+ pIndex->nKeyCol = pList->nExpr;
+ if( pPIWhere ){
+ sqlite3ResolveSelfReference(pParse, pTab, NC_PartIdx, pPIWhere, 0);
+ pIndex->pPartIdxWhere = pPIWhere;
+ pPIWhere = 0;
+ }
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+
+ /* Check to see if we should honor DESC requests on index columns
+ */
+ if( pDb->pSchema->file_format>=4 ){
+ sortOrderMask = -1; /* Honor DESC */
+ }else{
+ sortOrderMask = 0; /* Ignore DESC */
+ }
+
+ /* Analyze the list of expressions that form the terms of the index and
+ ** report any errors. In the common case where the expression is exactly
+ ** a table column, store that column in aiColumn[]. For general expressions,
+ ** populate pIndex->aColExpr and store XN_EXPR (-2) in aiColumn[].
+ **
+ ** TODO: Issue a warning if two or more columns of the index are identical.
+ ** TODO: Issue a warning if the table primary key is used as part of the
+ ** index key.
+ */
+ for(i=0, pListItem=pList->a; i<pList->nExpr; i++, pListItem++){
+ Expr *pCExpr; /* The i-th index expression */
+ int requestedSortOrder; /* ASC or DESC on the i-th expression */
+ const char *zColl; /* Collation sequence name */
+
+ sqlite3StringToId(pListItem->pExpr);
+ sqlite3ResolveSelfReference(pParse, pTab, NC_IdxExpr, pListItem->pExpr, 0);
+ if( pParse->nErr ) goto exit_create_index;
+ pCExpr = sqlite3ExprSkipCollate(pListItem->pExpr);
+ if( pCExpr->op!=TK_COLUMN ){
+ if( pTab==pParse->pNewTable ){
+ sqlite3ErrorMsg(pParse, "expressions prohibited in PRIMARY KEY and "
+ "UNIQUE constraints");
+ goto exit_create_index;
+ }
+ if( pIndex->aColExpr==0 ){
+ ExprList *pCopy = sqlite3ExprListDup(db, pList, 0);
+ pIndex->aColExpr = pCopy;
+ if( !db->mallocFailed ){
+ assert( pCopy!=0 );
+ pListItem = &pCopy->a[i];
+ }
+ }
+ j = XN_EXPR;
+ pIndex->aiColumn[i] = XN_EXPR;
+ pIndex->uniqNotNull = 0;
+ }else{
+ j = pCExpr->iColumn;
+ assert( j<=0x7fff );
+ if( j<0 ){
+ j = pTab->iPKey;
+ }else if( pTab->aCol[j].notNull==0 ){
+ pIndex->uniqNotNull = 0;
+ }
+ pIndex->aiColumn[i] = (i16)j;
+ }
+ zColl = 0;
+ if( pListItem->pExpr->op==TK_COLLATE ){
+ int nColl;
+ zColl = pListItem->pExpr->u.zToken;
+ nColl = sqlite3Strlen30(zColl) + 1;
+ assert( nExtra>=nColl );
+ memcpy(zExtra, zColl, nColl);
+ zColl = zExtra;
+ zExtra += nColl;
+ nExtra -= nColl;
+ }else if( j>=0 ){
+ zColl = pTab->aCol[j].zColl;
+ }
+ if( !zColl ) zColl = sqlite3StrBINARY;
+ if( !db->init.busy && !sqlite3LocateCollSeq(pParse, zColl) ){
+ goto exit_create_index;
+ }
+ pIndex->azColl[i] = zColl;
+ requestedSortOrder = pListItem->sortOrder & sortOrderMask;
+ pIndex->aSortOrder[i] = (u8)requestedSortOrder;
+ }
+
+ /* Append the table key to the end of the index. For WITHOUT ROWID
+ ** tables (when pPk!=0) this will be the declared PRIMARY KEY. For
+ ** normal tables (when pPk==0) this will be the rowid.
+ */
+ if( pPk ){
+ for(j=0; j<pPk->nKeyCol; j++){
+ int x = pPk->aiColumn[j];
+ assert( x>=0 );
+ if( hasColumn(pIndex->aiColumn, pIndex->nKeyCol, x) ){
+ pIndex->nColumn--;
+ }else{
+ pIndex->aiColumn[i] = x;
+ pIndex->azColl[i] = pPk->azColl[j];
+ pIndex->aSortOrder[i] = pPk->aSortOrder[j];
+ i++;
+ }
+ }
+ assert( i==pIndex->nColumn );
+ }else{
+ pIndex->aiColumn[i] = XN_ROWID;
+ pIndex->azColl[i] = sqlite3StrBINARY;
+ }
+ sqlite3DefaultRowEst(pIndex);
+ if( pParse->pNewTable==0 ) estimateIndexWidth(pIndex);
+
+ if( pTab==pParse->pNewTable ){
+ /* This routine has been called to create an automatic index as a
+ ** result of a PRIMARY KEY or UNIQUE clause on a column definition, or
+ ** a PRIMARY KEY or UNIQUE clause following the column definitions.
+ ** i.e. one of:
+ **
+ ** CREATE TABLE t(x PRIMARY KEY, y);
+ ** CREATE TABLE t(x, y, UNIQUE(x, y));
+ **
+ ** Either way, check to see if the table already has such an index. If
+ ** so, don't bother creating this one. This only applies to
+ ** automatically created indices. Users can do as they wish with
+ ** explicit indices.
+ **
+ ** Two UNIQUE or PRIMARY KEY constraints are considered equivalent
+ ** (and thus suppressing the second one) even if they have different
+ ** sort orders.
+ **
+ ** If there are different collating sequences or if the columns of
+ ** the constraint occur in different orders, then the constraints are
+ ** considered distinct and both result in separate indices.
+ */
+ Index *pIdx;
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ int k;
+ assert( IsUniqueIndex(pIdx) );
+ assert( pIdx->idxType!=SQLITE_IDXTYPE_APPDEF );
+ assert( IsUniqueIndex(pIndex) );
+
+ if( pIdx->nKeyCol!=pIndex->nKeyCol ) continue;
+ for(k=0; k<pIdx->nKeyCol; k++){
+ const char *z1;
+ const char *z2;
+ assert( pIdx->aiColumn[k]>=0 );
+ if( pIdx->aiColumn[k]!=pIndex->aiColumn[k] ) break;
+ z1 = pIdx->azColl[k];
+ z2 = pIndex->azColl[k];
+ if( z1!=z2 && sqlite3StrICmp(z1, z2) ) break;
+ }
+ if( k==pIdx->nKeyCol ){
+ if( pIdx->onError!=pIndex->onError ){
+ /* This constraint creates the same index as a previous
+ ** constraint specified somewhere in the CREATE TABLE statement.
+ ** However the ON CONFLICT clauses are different. If both this
+ ** constraint and the previous equivalent constraint have explicit
+ ** ON CONFLICT clauses this is an error. Otherwise, use the
+ ** explicitly specified behavior for the index.
+ */
+ if( !(pIdx->onError==OE_Default || pIndex->onError==OE_Default) ){
+ sqlite3ErrorMsg(pParse,
+ "conflicting ON CONFLICT clauses specified", 0);
+ }
+ if( pIdx->onError==OE_Default ){
+ pIdx->onError = pIndex->onError;
+ }
+ }
+ pRet = pIdx;
+ goto exit_create_index;
+ }
+ }
+ }
+
+ /* Link the new Index structure to its table and to the other
+ ** in-memory database structures.
+ */
+ assert( pParse->nErr==0 );
+ if( db->init.busy ){
+ Index *p;
+ assert( sqlite3SchemaMutexHeld(db, 0, pIndex->pSchema) );
+ p = sqlite3HashInsert(&pIndex->pSchema->idxHash,
+ pIndex->zName, pIndex);
+ if( p ){
+ assert( p==pIndex ); /* Malloc must have failed */
+ db->mallocFailed = 1;
+ goto exit_create_index;
+ }
+ db->flags |= SQLITE_InternChanges;
+ if( pTblName!=0 ){
+ pIndex->tnum = db->init.newTnum;
+ }
+ }
+
+ /* If this is the initial CREATE INDEX statement (or CREATE TABLE if the
+ ** index is an implied index for a UNIQUE or PRIMARY KEY constraint) then
+ ** emit code to allocate the index rootpage on disk and make an entry for
+ ** the index in the sqlite_master table and populate the index with
+ ** content. But, do not do this if we are simply reading the sqlite_master
+ ** table to parse the schema, or if this index is the PRIMARY KEY index
+ ** of a WITHOUT ROWID table.
+ **
+ ** If pTblName==0 it means this index is generated as an implied PRIMARY KEY
+ ** or UNIQUE index in a CREATE TABLE statement. Since the table
+ ** has just been created, it contains no data and the index initialization
+ ** step can be skipped.
+ */
+ else if( HasRowid(pTab) || pTblName!=0 ){
+ Vdbe *v;
+ char *zStmt;
+ int iMem = ++pParse->nMem;
+
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ) goto exit_create_index;
+
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+
+ /* Create the rootpage for the index using CreateIndex. But before
+ ** doing so, code a Noop instruction and store its address in
+ ** Index.tnum. This is required in case this index is actually a
+ ** PRIMARY KEY and the table is actually a WITHOUT ROWID table. In
+ ** that case the convertToWithoutRowidTable() routine will replace
+ ** the Noop with a Goto to jump over the VDBE code generated below. */
+ pIndex->tnum = sqlite3VdbeAddOp0(v, OP_Noop);
+ sqlite3VdbeAddOp2(v, OP_CreateIndex, iDb, iMem);
+
+ /* Gather the complete text of the CREATE INDEX statement into
+ ** the zStmt variable
+ */
+ if( pStart ){
+ int n = (int)(pParse->sLastToken.z - pName->z) + pParse->sLastToken.n;
+ if( pName->z[n-1]==';' ) n--;
+ /* A named index with an explicit CREATE INDEX statement */
+ zStmt = sqlite3MPrintf(db, "CREATE%s INDEX %.*s",
+ onError==OE_None ? "" : " UNIQUE", n, pName->z);
+ }else{
+ /* An automatic index created by a PRIMARY KEY or UNIQUE constraint */
+ /* zStmt = sqlite3MPrintf(""); */
+ zStmt = 0;
+ }
+
+ /* Add an entry in sqlite_master for this index
+ */
+ sqlite3NestedParse(pParse,
+ "INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);",
+ db->aDb[iDb].zName, SCHEMA_TABLE(iDb),
+ pIndex->zName,
+ pTab->zName,
+ iMem,
+ zStmt
+ );
+ sqlite3DbFree(db, zStmt);
+
+ /* Fill the index with data and reparse the schema. Code an OP_Expire
+ ** to invalidate all pre-compiled statements.
+ */
+ if( pTblName ){
+ sqlite3RefillIndex(pParse, pIndex, iMem);
+ sqlite3ChangeCookie(pParse, iDb);
+ sqlite3VdbeAddParseSchemaOp(v, iDb,
+ sqlite3MPrintf(db, "name='%q' AND type='index'", pIndex->zName));
+ sqlite3VdbeAddOp1(v, OP_Expire, 0);
+ }
+
+ sqlite3VdbeJumpHere(v, pIndex->tnum);
+ }
+
+ /* When adding an index to the list of indices for a table, make
+ ** sure all indices labeled OE_Replace come after all those labeled
+ ** OE_Ignore. This is necessary for the correct constraint check
+ ** processing (in sqlite3GenerateConstraintChecks()) as part of
+ ** UPDATE and INSERT statements.
+ */
+ if( db->init.busy || pTblName==0 ){
+ if( onError!=OE_Replace || pTab->pIndex==0
+ || pTab->pIndex->onError==OE_Replace){
+ pIndex->pNext = pTab->pIndex;
+ pTab->pIndex = pIndex;
+ }else{
+ Index *pOther = pTab->pIndex;
+ while( pOther->pNext && pOther->pNext->onError!=OE_Replace ){
+ pOther = pOther->pNext;
+ }
+ pIndex->pNext = pOther->pNext;
+ pOther->pNext = pIndex;
+ }
+ pRet = pIndex;
+ pIndex = 0;
+ }
+
+ /* Clean up before exiting */
+exit_create_index:
+ if( pIndex ) freeIndex(db, pIndex);
+ sqlite3ExprDelete(db, pPIWhere);
+ sqlite3ExprListDelete(db, pList);
+ sqlite3SrcListDelete(db, pTblName);
+ sqlite3DbFree(db, zName);
+ return pRet;
+}
+
+/*
+** Fill the Index.aiRowEst[] array with default information - information
+** to be used when we have not run the ANALYZE command.
+**
+** aiRowEst[0] is supposed to contain the number of elements in the index.
+** Since we do not know, guess 1 million. aiRowEst[1] is an estimate of the
+** number of rows in the table that match any particular value of the
+** first column of the index. aiRowEst[2] is an estimate of the number
+** of rows that match any particular combination of the first 2 columns
+** of the index. And so forth. It must always be the case that
+*
+** aiRowEst[N]<=aiRowEst[N-1]
+** aiRowEst[N]>=1
+**
+** Apart from that, we have little to go on besides intuition as to
+** how aiRowEst[] should be initialized. The numbers generated here
+** are based on typical values found in actual indices.
+*/
+SQLITE_PRIVATE void sqlite3DefaultRowEst(Index *pIdx){
+ /* 10, 9, 8, 7, 6 */
+ LogEst aVal[] = { 33, 32, 30, 28, 26 };
+ LogEst *a = pIdx->aiRowLogEst;
+ int nCopy = MIN(ArraySize(aVal), pIdx->nKeyCol);
+ int i;
+
+ /* Set the first entry (number of rows in the index) to the estimated
+ ** number of rows in the table. Or 10, if the estimated number of rows
+ ** in the table is less than that. */
+ a[0] = pIdx->pTable->nRowLogEst;
+ if( a[0]<33 ) a[0] = 33; assert( 33==sqlite3LogEst(10) );
+
+ /* Estimate that a[1] is 10, a[2] is 9, a[3] is 8, a[4] is 7, a[5] is
+ ** 6 and each subsequent value (if any) is 5. */
+ memcpy(&a[1], aVal, nCopy*sizeof(LogEst));
+ for(i=nCopy+1; i<=pIdx->nKeyCol; i++){
+ a[i] = 23; assert( 23==sqlite3LogEst(5) );
+ }
+
+ assert( 0==sqlite3LogEst(1) );
+ if( IsUniqueIndex(pIdx) ) a[pIdx->nKeyCol] = 0;
+}
+
+/*
+** This routine will drop an existing named index. This routine
+** implements the DROP INDEX statement.
+*/
+SQLITE_PRIVATE void sqlite3DropIndex(Parse *pParse, SrcList *pName, int ifExists){
+ Index *pIndex;
+ Vdbe *v;
+ sqlite3 *db = pParse->db;
+ int iDb;
+
+ assert( pParse->nErr==0 ); /* Never called with prior errors */
+ if( db->mallocFailed ){
+ goto exit_drop_index;
+ }
+ assert( pName->nSrc==1 );
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ goto exit_drop_index;
+ }
+ pIndex = sqlite3FindIndex(db, pName->a[0].zName, pName->a[0].zDatabase);
+ if( pIndex==0 ){
+ if( !ifExists ){
+ sqlite3ErrorMsg(pParse, "no such index: %S", pName, 0);
+ }else{
+ sqlite3CodeVerifyNamedSchema(pParse, pName->a[0].zDatabase);
+ }
+ pParse->checkSchema = 1;
+ goto exit_drop_index;
+ }
+ if( pIndex->idxType!=SQLITE_IDXTYPE_APPDEF ){
+ sqlite3ErrorMsg(pParse, "index associated with UNIQUE "
+ "or PRIMARY KEY constraint cannot be dropped", 0);
+ goto exit_drop_index;
+ }
+ iDb = sqlite3SchemaToIndex(db, pIndex->pSchema);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ int code = SQLITE_DROP_INDEX;
+ Table *pTab = pIndex->pTable;
+ const char *zDb = db->aDb[iDb].zName;
+ const char *zTab = SCHEMA_TABLE(iDb);
+ if( sqlite3AuthCheck(pParse, SQLITE_DELETE, zTab, 0, zDb) ){
+ goto exit_drop_index;
+ }
+ if( !OMIT_TEMPDB && iDb ) code = SQLITE_DROP_TEMP_INDEX;
+ if( sqlite3AuthCheck(pParse, code, pIndex->zName, pTab->zName, zDb) ){
+ goto exit_drop_index;
+ }
+ }
+#endif
+
+ /* Generate code to remove the index and from the master table */
+ v = sqlite3GetVdbe(pParse);
+ if( v ){
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+ sqlite3NestedParse(pParse,
+ "DELETE FROM %Q.%s WHERE name=%Q AND type='index'",
+ db->aDb[iDb].zName, SCHEMA_TABLE(iDb), pIndex->zName
+ );
+ sqlite3ClearStatTables(pParse, iDb, "idx", pIndex->zName);
+ sqlite3ChangeCookie(pParse, iDb);
+ destroyRootPage(pParse, pIndex->tnum, iDb);
+ sqlite3VdbeAddOp4(v, OP_DropIndex, iDb, 0, 0, pIndex->zName, 0);
+ }
+
+exit_drop_index:
+ sqlite3SrcListDelete(db, pName);
+}
+
+/*
+** pArray is a pointer to an array of objects. Each object in the
+** array is szEntry bytes in size. This routine uses sqlite3DbRealloc()
+** to extend the array so that there is space for a new object at the end.
+**
+** When this function is called, *pnEntry contains the current size of
+** the array (in entries - so the allocation is ((*pnEntry) * szEntry) bytes
+** in total).
+**
+** If the realloc() is successful (i.e. if no OOM condition occurs), the
+** space allocated for the new object is zeroed, *pnEntry updated to
+** reflect the new size of the array and a pointer to the new allocation
+** returned. *pIdx is set to the index of the new array entry in this case.
+**
+** Otherwise, if the realloc() fails, *pIdx is set to -1, *pnEntry remains
+** unchanged and a copy of pArray returned.
+*/
+SQLITE_PRIVATE void *sqlite3ArrayAllocate(
+ sqlite3 *db, /* Connection to notify of malloc failures */
+ void *pArray, /* Array of objects. Might be reallocated */
+ int szEntry, /* Size of each object in the array */
+ int *pnEntry, /* Number of objects currently in use */
+ int *pIdx /* Write the index of a new slot here */
+){
+ char *z;
+ int n = *pnEntry;
+ if( (n & (n-1))==0 ){
+ int sz = (n==0) ? 1 : 2*n;
+ void *pNew = sqlite3DbRealloc(db, pArray, sz*szEntry);
+ if( pNew==0 ){
+ *pIdx = -1;
+ return pArray;
+ }
+ pArray = pNew;
+ }
+ z = (char*)pArray;
+ memset(&z[n * szEntry], 0, szEntry);
+ *pIdx = n;
+ ++*pnEntry;
+ return pArray;
+}
+
+/*
+** Append a new element to the given IdList. Create a new IdList if
+** need be.
+**
+** A new IdList is returned, or NULL if malloc() fails.
+*/
+SQLITE_PRIVATE IdList *sqlite3IdListAppend(sqlite3 *db, IdList *pList, Token *pToken){
+ int i;
+ if( pList==0 ){
+ pList = sqlite3DbMallocZero(db, sizeof(IdList) );
+ if( pList==0 ) return 0;
+ }
+ pList->a = sqlite3ArrayAllocate(
+ db,
+ pList->a,
+ sizeof(pList->a[0]),
+ &pList->nId,
+ &i
+ );
+ if( i<0 ){
+ sqlite3IdListDelete(db, pList);
+ return 0;
+ }
+ pList->a[i].zName = sqlite3NameFromToken(db, pToken);
+ return pList;
+}
+
+/*
+** Delete an IdList.
+*/
+SQLITE_PRIVATE void sqlite3IdListDelete(sqlite3 *db, IdList *pList){
+ int i;
+ if( pList==0 ) return;
+ for(i=0; i<pList->nId; i++){
+ sqlite3DbFree(db, pList->a[i].zName);
+ }
+ sqlite3DbFree(db, pList->a);
+ sqlite3DbFree(db, pList);
+}
+
+/*
+** Return the index in pList of the identifier named zId. Return -1
+** if not found.
+*/
+SQLITE_PRIVATE int sqlite3IdListIndex(IdList *pList, const char *zName){
+ int i;
+ if( pList==0 ) return -1;
+ for(i=0; i<pList->nId; i++){
+ if( sqlite3StrICmp(pList->a[i].zName, zName)==0 ) return i;
+ }
+ return -1;
+}
+
+/*
+** Expand the space allocated for the given SrcList object by
+** creating nExtra new slots beginning at iStart. iStart is zero based.
+** New slots are zeroed.
+**
+** For example, suppose a SrcList initially contains two entries: A,B.
+** To append 3 new entries onto the end, do this:
+**
+** sqlite3SrcListEnlarge(db, pSrclist, 3, 2);
+**
+** After the call above it would contain: A, B, nil, nil, nil.
+** If the iStart argument had been 1 instead of 2, then the result
+** would have been: A, nil, nil, nil, B. To prepend the new slots,
+** the iStart value would be 0. The result then would
+** be: nil, nil, nil, A, B.
+**
+** If a memory allocation fails the SrcList is unchanged. The
+** db->mallocFailed flag will be set to true.
+*/
+SQLITE_PRIVATE SrcList *sqlite3SrcListEnlarge(
+ sqlite3 *db, /* Database connection to notify of OOM errors */
+ SrcList *pSrc, /* The SrcList to be enlarged */
+ int nExtra, /* Number of new slots to add to pSrc->a[] */
+ int iStart /* Index in pSrc->a[] of first new slot */
+){
+ int i;
+
+ /* Sanity checking on calling parameters */
+ assert( iStart>=0 );
+ assert( nExtra>=1 );
+ assert( pSrc!=0 );
+ assert( iStart<=pSrc->nSrc );
+
+ /* Allocate additional space if needed */
+ if( (u32)pSrc->nSrc+nExtra>pSrc->nAlloc ){
+ SrcList *pNew;
+ int nAlloc = pSrc->nSrc+nExtra;
+ int nGot;
+ pNew = sqlite3DbRealloc(db, pSrc,
+ sizeof(*pSrc) + (nAlloc-1)*sizeof(pSrc->a[0]) );
+ if( pNew==0 ){
+ assert( db->mallocFailed );
+ return pSrc;
+ }
+ pSrc = pNew;
+ nGot = (sqlite3DbMallocSize(db, pNew) - sizeof(*pSrc))/sizeof(pSrc->a[0])+1;
+ pSrc->nAlloc = nGot;
+ }
+
+ /* Move existing slots that come after the newly inserted slots
+ ** out of the way */
+ for(i=pSrc->nSrc-1; i>=iStart; i--){
+ pSrc->a[i+nExtra] = pSrc->a[i];
+ }
+ pSrc->nSrc += nExtra;
+
+ /* Zero the newly allocated slots */
+ memset(&pSrc->a[iStart], 0, sizeof(pSrc->a[0])*nExtra);
+ for(i=iStart; i<iStart+nExtra; i++){
+ pSrc->a[i].iCursor = -1;
+ }
+
+ /* Return a pointer to the enlarged SrcList */
+ return pSrc;
+}
+
+
+/*
+** Append a new table name to the given SrcList. Create a new SrcList if
+** need be. A new entry is created in the SrcList even if pTable is NULL.
+**
+** A SrcList is returned, or NULL if there is an OOM error. The returned
+** SrcList might be the same as the SrcList that was input or it might be
+** a new one. If an OOM error does occurs, then the prior value of pList
+** that is input to this routine is automatically freed.
+**
+** If pDatabase is not null, it means that the table has an optional
+** database name prefix. Like this: "database.table". The pDatabase
+** points to the table name and the pTable points to the database name.
+** The SrcList.a[].zName field is filled with the table name which might
+** come from pTable (if pDatabase is NULL) or from pDatabase.
+** SrcList.a[].zDatabase is filled with the database name from pTable,
+** or with NULL if no database is specified.
+**
+** In other words, if call like this:
+**
+** sqlite3SrcListAppend(D,A,B,0);
+**
+** Then B is a table name and the database name is unspecified. If called
+** like this:
+**
+** sqlite3SrcListAppend(D,A,B,C);
+**
+** Then C is the table name and B is the database name. If C is defined
+** then so is B. In other words, we never have a case where:
+**
+** sqlite3SrcListAppend(D,A,0,C);
+**
+** Both pTable and pDatabase are assumed to be quoted. They are dequoted
+** before being added to the SrcList.
+*/
+SQLITE_PRIVATE SrcList *sqlite3SrcListAppend(
+ sqlite3 *db, /* Connection to notify of malloc failures */
+ SrcList *pList, /* Append to this SrcList. NULL creates a new SrcList */
+ Token *pTable, /* Table to append */
+ Token *pDatabase /* Database of the table */
+){
+ struct SrcList_item *pItem;
+ assert( pDatabase==0 || pTable!=0 ); /* Cannot have C without B */
+ if( pList==0 ){
+ pList = sqlite3DbMallocZero(db, sizeof(SrcList) );
+ if( pList==0 ) return 0;
+ pList->nAlloc = 1;
+ }
+ pList = sqlite3SrcListEnlarge(db, pList, 1, pList->nSrc);
+ if( db->mallocFailed ){
+ sqlite3SrcListDelete(db, pList);
+ return 0;
+ }
+ pItem = &pList->a[pList->nSrc-1];
+ if( pDatabase && pDatabase->z==0 ){
+ pDatabase = 0;
+ }
+ if( pDatabase ){
+ Token *pTemp = pDatabase;
+ pDatabase = pTable;
+ pTable = pTemp;
+ }
+ pItem->zName = sqlite3NameFromToken(db, pTable);
+ pItem->zDatabase = sqlite3NameFromToken(db, pDatabase);
+ return pList;
+}
+
+/*
+** Assign VdbeCursor index numbers to all tables in a SrcList
+*/
+SQLITE_PRIVATE void sqlite3SrcListAssignCursors(Parse *pParse, SrcList *pList){
+ int i;
+ struct SrcList_item *pItem;
+ assert(pList || pParse->db->mallocFailed );
+ if( pList ){
+ for(i=0, pItem=pList->a; i<pList->nSrc; i++, pItem++){
+ if( pItem->iCursor>=0 ) break;
+ pItem->iCursor = pParse->nTab++;
+ if( pItem->pSelect ){
+ sqlite3SrcListAssignCursors(pParse, pItem->pSelect->pSrc);
+ }
+ }
+ }
+}
+
+/*
+** Delete an entire SrcList including all its substructure.
+*/
+SQLITE_PRIVATE void sqlite3SrcListDelete(sqlite3 *db, SrcList *pList){
+ int i;
+ struct SrcList_item *pItem;
+ if( pList==0 ) return;
+ for(pItem=pList->a, i=0; i<pList->nSrc; i++, pItem++){
+ sqlite3DbFree(db, pItem->zDatabase);
+ sqlite3DbFree(db, pItem->zName);
+ sqlite3DbFree(db, pItem->zAlias);
+ if( pItem->fg.isIndexedBy ) sqlite3DbFree(db, pItem->u1.zIndexedBy);
+ if( pItem->fg.isTabFunc ) sqlite3ExprListDelete(db, pItem->u1.pFuncArg);
+ sqlite3DeleteTable(db, pItem->pTab);
+ sqlite3SelectDelete(db, pItem->pSelect);
+ sqlite3ExprDelete(db, pItem->pOn);
+ sqlite3IdListDelete(db, pItem->pUsing);
+ }
+ sqlite3DbFree(db, pList);
+}
+
+/*
+** This routine is called by the parser to add a new term to the
+** end of a growing FROM clause. The "p" parameter is the part of
+** the FROM clause that has already been constructed. "p" is NULL
+** if this is the first term of the FROM clause. pTable and pDatabase
+** are the name of the table and database named in the FROM clause term.
+** pDatabase is NULL if the database name qualifier is missing - the
+** usual case. If the term has an alias, then pAlias points to the
+** alias token. If the term is a subquery, then pSubquery is the
+** SELECT statement that the subquery encodes. The pTable and
+** pDatabase parameters are NULL for subqueries. The pOn and pUsing
+** parameters are the content of the ON and USING clauses.
+**
+** Return a new SrcList which encodes is the FROM with the new
+** term added.
+*/
+SQLITE_PRIVATE SrcList *sqlite3SrcListAppendFromTerm(
+ Parse *pParse, /* Parsing context */
+ SrcList *p, /* The left part of the FROM clause already seen */
+ Token *pTable, /* Name of the table to add to the FROM clause */
+ Token *pDatabase, /* Name of the database containing pTable */
+ Token *pAlias, /* The right-hand side of the AS subexpression */
+ Select *pSubquery, /* A subquery used in place of a table name */
+ Expr *pOn, /* The ON clause of a join */
+ IdList *pUsing /* The USING clause of a join */
+){
+ struct SrcList_item *pItem;
+ sqlite3 *db = pParse->db;
+ if( !p && (pOn || pUsing) ){
+ sqlite3ErrorMsg(pParse, "a JOIN clause is required before %s",
+ (pOn ? "ON" : "USING")
+ );
+ goto append_from_error;
+ }
+ p = sqlite3SrcListAppend(db, p, pTable, pDatabase);
+ if( p==0 || NEVER(p->nSrc==0) ){
+ goto append_from_error;
+ }
+ pItem = &p->a[p->nSrc-1];
+ assert( pAlias!=0 );
+ if( pAlias->n ){
+ pItem->zAlias = sqlite3NameFromToken(db, pAlias);
+ }
+ pItem->pSelect = pSubquery;
+ pItem->pOn = pOn;
+ pItem->pUsing = pUsing;
+ return p;
+
+ append_from_error:
+ assert( p==0 );
+ sqlite3ExprDelete(db, pOn);
+ sqlite3IdListDelete(db, pUsing);
+ sqlite3SelectDelete(db, pSubquery);
+ return 0;
+}
+
+/*
+** Add an INDEXED BY or NOT INDEXED clause to the most recently added
+** element of the source-list passed as the second argument.
+*/
+SQLITE_PRIVATE void sqlite3SrcListIndexedBy(Parse *pParse, SrcList *p, Token *pIndexedBy){
+ assert( pIndexedBy!=0 );
+ if( p && ALWAYS(p->nSrc>0) ){
+ struct SrcList_item *pItem = &p->a[p->nSrc-1];
+ assert( pItem->fg.notIndexed==0 );
+ assert( pItem->fg.isIndexedBy==0 );
+ assert( pItem->fg.isTabFunc==0 );
+ if( pIndexedBy->n==1 && !pIndexedBy->z ){
+ /* A "NOT INDEXED" clause was supplied. See parse.y
+ ** construct "indexed_opt" for details. */
+ pItem->fg.notIndexed = 1;
+ }else{
+ pItem->u1.zIndexedBy = sqlite3NameFromToken(pParse->db, pIndexedBy);
+ pItem->fg.isIndexedBy = (pItem->u1.zIndexedBy!=0);
+ }
+ }
+}
+
+/*
+** Add the list of function arguments to the SrcList entry for a
+** table-valued-function.
+*/
+SQLITE_PRIVATE void sqlite3SrcListFuncArgs(Parse *pParse, SrcList *p, ExprList *pList){
+ if( p ){
+ struct SrcList_item *pItem = &p->a[p->nSrc-1];
+ assert( pItem->fg.notIndexed==0 );
+ assert( pItem->fg.isIndexedBy==0 );
+ assert( pItem->fg.isTabFunc==0 );
+ pItem->u1.pFuncArg = pList;
+ pItem->fg.isTabFunc = 1;
+ }else{
+ sqlite3ExprListDelete(pParse->db, pList);
+ }
+}
+
+/*
+** When building up a FROM clause in the parser, the join operator
+** is initially attached to the left operand. But the code generator
+** expects the join operator to be on the right operand. This routine
+** Shifts all join operators from left to right for an entire FROM
+** clause.
+**
+** Example: Suppose the join is like this:
+**
+** A natural cross join B
+**
+** The operator is "natural cross join". The A and B operands are stored
+** in p->a[0] and p->a[1], respectively. The parser initially stores the
+** operator with A. This routine shifts that operator over to B.
+*/
+SQLITE_PRIVATE void sqlite3SrcListShiftJoinType(SrcList *p){
+ if( p ){
+ int i;
+ for(i=p->nSrc-1; i>0; i--){
+ p->a[i].fg.jointype = p->a[i-1].fg.jointype;
+ }
+ p->a[0].fg.jointype = 0;
+ }
+}
+
+/*
+** Begin a transaction
+*/
+SQLITE_PRIVATE void sqlite3BeginTransaction(Parse *pParse, int type){
+ sqlite3 *db;
+ Vdbe *v;
+ int i;
+
+ assert( pParse!=0 );
+ db = pParse->db;
+ assert( db!=0 );
+/* if( db->aDb[0].pBt==0 ) return; */
+ if( sqlite3AuthCheck(pParse, SQLITE_TRANSACTION, "BEGIN", 0, 0) ){
+ return;
+ }
+ v = sqlite3GetVdbe(pParse);
+ if( !v ) return;
+ if( type!=TK_DEFERRED ){
+ for(i=0; i<db->nDb; i++){
+ sqlite3VdbeAddOp2(v, OP_Transaction, i, (type==TK_EXCLUSIVE)+1);
+ sqlite3VdbeUsesBtree(v, i);
+ }
+ }
+ sqlite3VdbeAddOp2(v, OP_AutoCommit, 0, 0);
+}
+
+/*
+** Commit a transaction
+*/
+SQLITE_PRIVATE void sqlite3CommitTransaction(Parse *pParse){
+ Vdbe *v;
+
+ assert( pParse!=0 );
+ assert( pParse->db!=0 );
+ if( sqlite3AuthCheck(pParse, SQLITE_TRANSACTION, "COMMIT", 0, 0) ){
+ return;
+ }
+ v = sqlite3GetVdbe(pParse);
+ if( v ){
+ sqlite3VdbeAddOp2(v, OP_AutoCommit, 1, 0);
+ }
+}
+
+/*
+** Rollback a transaction
+*/
+SQLITE_PRIVATE void sqlite3RollbackTransaction(Parse *pParse){
+ Vdbe *v;
+
+ assert( pParse!=0 );
+ assert( pParse->db!=0 );
+ if( sqlite3AuthCheck(pParse, SQLITE_TRANSACTION, "ROLLBACK", 0, 0) ){
+ return;
+ }
+ v = sqlite3GetVdbe(pParse);
+ if( v ){
+ sqlite3VdbeAddOp2(v, OP_AutoCommit, 1, 1);
+ }
+}
+
+/*
+** This function is called by the parser when it parses a command to create,
+** release or rollback an SQL savepoint.
+*/
+SQLITE_PRIVATE void sqlite3Savepoint(Parse *pParse, int op, Token *pName){
+ char *zName = sqlite3NameFromToken(pParse->db, pName);
+ if( zName ){
+ Vdbe *v = sqlite3GetVdbe(pParse);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ static const char * const az[] = { "BEGIN", "RELEASE", "ROLLBACK" };
+ assert( !SAVEPOINT_BEGIN && SAVEPOINT_RELEASE==1 && SAVEPOINT_ROLLBACK==2 );
+#endif
+ if( !v || sqlite3AuthCheck(pParse, SQLITE_SAVEPOINT, az[op], zName, 0) ){
+ sqlite3DbFree(pParse->db, zName);
+ return;
+ }
+ sqlite3VdbeAddOp4(v, OP_Savepoint, op, 0, 0, zName, P4_DYNAMIC);
+ }
+}
+
+/*
+** Make sure the TEMP database is open and available for use. Return
+** the number of errors. Leave any error messages in the pParse structure.
+*/
+SQLITE_PRIVATE int sqlite3OpenTempDatabase(Parse *pParse){
+ sqlite3 *db = pParse->db;
+ if( db->aDb[1].pBt==0 && !pParse->explain ){
+ int rc;
+ Btree *pBt;
+ static const int flags =
+ SQLITE_OPEN_READWRITE |
+ SQLITE_OPEN_CREATE |
+ SQLITE_OPEN_EXCLUSIVE |
+ SQLITE_OPEN_DELETEONCLOSE |
+ SQLITE_OPEN_TEMP_DB;
+
+ rc = sqlite3BtreeOpen(db->pVfs, 0, db, &pBt, 0, flags);
+ if( rc!=SQLITE_OK ){
+ sqlite3ErrorMsg(pParse, "unable to open a temporary database "
+ "file for storing temporary tables");
+ pParse->rc = rc;
+ return 1;
+ }
+ db->aDb[1].pBt = pBt;
+ assert( db->aDb[1].pSchema );
+ if( SQLITE_NOMEM==sqlite3BtreeSetPageSize(pBt, db->nextPagesize, -1, 0) ){
+ db->mallocFailed = 1;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** Record the fact that the schema cookie will need to be verified
+** for database iDb. The code to actually verify the schema cookie
+** will occur at the end of the top-level VDBE and will be generated
+** later, by sqlite3FinishCoding().
+*/
+SQLITE_PRIVATE void sqlite3CodeVerifySchema(Parse *pParse, int iDb){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ sqlite3 *db = pToplevel->db;
+
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( db->aDb[iDb].pBt!=0 || iDb==1 );
+ assert( iDb<SQLITE_MAX_ATTACHED+2 );
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( DbMaskTest(pToplevel->cookieMask, iDb)==0 ){
+ DbMaskSet(pToplevel->cookieMask, iDb);
+ pToplevel->cookieValue[iDb] = db->aDb[iDb].pSchema->schema_cookie;
+ if( !OMIT_TEMPDB && iDb==1 ){
+ sqlite3OpenTempDatabase(pToplevel);
+ }
+ }
+}
+
+/*
+** If argument zDb is NULL, then call sqlite3CodeVerifySchema() for each
+** attached database. Otherwise, invoke it for the database named zDb only.
+*/
+SQLITE_PRIVATE void sqlite3CodeVerifyNamedSchema(Parse *pParse, const char *zDb){
+ sqlite3 *db = pParse->db;
+ int i;
+ for(i=0; i<db->nDb; i++){
+ Db *pDb = &db->aDb[i];
+ if( pDb->pBt && (!zDb || 0==sqlite3StrICmp(zDb, pDb->zName)) ){
+ sqlite3CodeVerifySchema(pParse, i);
+ }
+ }
+}
+
+/*
+** Generate VDBE code that prepares for doing an operation that
+** might change the database.
+**
+** This routine starts a new transaction if we are not already within
+** a transaction. If we are already within a transaction, then a checkpoint
+** is set if the setStatement parameter is true. A checkpoint should
+** be set for operations that might fail (due to a constraint) part of
+** the way through and which will need to undo some writes without having to
+** rollback the whole transaction. For operations where all constraints
+** can be checked before any changes are made to the database, it is never
+** necessary to undo a write and the checkpoint should not be set.
+*/
+SQLITE_PRIVATE void sqlite3BeginWriteOperation(Parse *pParse, int setStatement, int iDb){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ sqlite3CodeVerifySchema(pParse, iDb);
+ DbMaskSet(pToplevel->writeMask, iDb);
+ pToplevel->isMultiWrite |= setStatement;
+}
+
+/*
+** Indicate that the statement currently under construction might write
+** more than one entry (example: deleting one row then inserting another,
+** inserting multiple rows in a table, or inserting a row and index entries.)
+** If an abort occurs after some of these writes have completed, then it will
+** be necessary to undo the completed writes.
+*/
+SQLITE_PRIVATE void sqlite3MultiWrite(Parse *pParse){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ pToplevel->isMultiWrite = 1;
+}
+
+/*
+** The code generator calls this routine if is discovers that it is
+** possible to abort a statement prior to completion. In order to
+** perform this abort without corrupting the database, we need to make
+** sure that the statement is protected by a statement transaction.
+**
+** Technically, we only need to set the mayAbort flag if the
+** isMultiWrite flag was previously set. There is a time dependency
+** such that the abort must occur after the multiwrite. This makes
+** some statements involving the REPLACE conflict resolution algorithm
+** go a little faster. But taking advantage of this time dependency
+** makes it more difficult to prove that the code is correct (in
+** particular, it prevents us from writing an effective
+** implementation of sqlite3AssertMayAbort()) and so we have chosen
+** to take the safe route and skip the optimization.
+*/
+SQLITE_PRIVATE void sqlite3MayAbort(Parse *pParse){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ pToplevel->mayAbort = 1;
+}
+
+/*
+** Code an OP_Halt that causes the vdbe to return an SQLITE_CONSTRAINT
+** error. The onError parameter determines which (if any) of the statement
+** and/or current transaction is rolled back.
+*/
+SQLITE_PRIVATE void sqlite3HaltConstraint(
+ Parse *pParse, /* Parsing context */
+ int errCode, /* extended error code */
+ int onError, /* Constraint type */
+ char *p4, /* Error message */
+ i8 p4type, /* P4_STATIC or P4_TRANSIENT */
+ u8 p5Errmsg /* P5_ErrMsg type */
+){
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ assert( (errCode&0xff)==SQLITE_CONSTRAINT );
+ if( onError==OE_Abort ){
+ sqlite3MayAbort(pParse);
+ }
+ sqlite3VdbeAddOp4(v, OP_Halt, errCode, onError, 0, p4, p4type);
+ if( p5Errmsg ) sqlite3VdbeChangeP5(v, p5Errmsg);
+}
+
+/*
+** Code an OP_Halt due to UNIQUE or PRIMARY KEY constraint violation.
+*/
+SQLITE_PRIVATE void sqlite3UniqueConstraint(
+ Parse *pParse, /* Parsing context */
+ int onError, /* Constraint type */
+ Index *pIdx /* The index that triggers the constraint */
+){
+ char *zErr;
+ int j;
+ StrAccum errMsg;
+ Table *pTab = pIdx->pTable;
+
+ sqlite3StrAccumInit(&errMsg, pParse->db, 0, 0, 200);
+ if( pIdx->aColExpr ){
+ sqlite3XPrintf(&errMsg, 0, "index '%q'", pIdx->zName);
+ }else{
+ for(j=0; j<pIdx->nKeyCol; j++){
+ char *zCol;
+ assert( pIdx->aiColumn[j]>=0 );
+ zCol = pTab->aCol[pIdx->aiColumn[j]].zName;
+ if( j ) sqlite3StrAccumAppend(&errMsg, ", ", 2);
+ sqlite3XPrintf(&errMsg, 0, "%s.%s", pTab->zName, zCol);
+ }
+ }
+ zErr = sqlite3StrAccumFinish(&errMsg);
+ sqlite3HaltConstraint(pParse,
+ IsPrimaryKeyIndex(pIdx) ? SQLITE_CONSTRAINT_PRIMARYKEY
+ : SQLITE_CONSTRAINT_UNIQUE,
+ onError, zErr, P4_DYNAMIC, P5_ConstraintUnique);
+}
+
+
+/*
+** Code an OP_Halt due to non-unique rowid.
+*/
+SQLITE_PRIVATE void sqlite3RowidConstraint(
+ Parse *pParse, /* Parsing context */
+ int onError, /* Conflict resolution algorithm */
+ Table *pTab /* The table with the non-unique rowid */
+){
+ char *zMsg;
+ int rc;
+ if( pTab->iPKey>=0 ){
+ zMsg = sqlite3MPrintf(pParse->db, "%s.%s", pTab->zName,
+ pTab->aCol[pTab->iPKey].zName);
+ rc = SQLITE_CONSTRAINT_PRIMARYKEY;
+ }else{
+ zMsg = sqlite3MPrintf(pParse->db, "%s.rowid", pTab->zName);
+ rc = SQLITE_CONSTRAINT_ROWID;
+ }
+ sqlite3HaltConstraint(pParse, rc, onError, zMsg, P4_DYNAMIC,
+ P5_ConstraintUnique);
+}
+
+/*
+** Check to see if pIndex uses the collating sequence pColl. Return
+** true if it does and false if it does not.
+*/
+#ifndef SQLITE_OMIT_REINDEX
+static int collationMatch(const char *zColl, Index *pIndex){
+ int i;
+ assert( zColl!=0 );
+ for(i=0; i<pIndex->nColumn; i++){
+ const char *z = pIndex->azColl[i];
+ assert( z!=0 || pIndex->aiColumn[i]<0 );
+ if( pIndex->aiColumn[i]>=0 && 0==sqlite3StrICmp(z, zColl) ){
+ return 1;
+ }
+ }
+ return 0;
+}
+#endif
+
+/*
+** Recompute all indices of pTab that use the collating sequence pColl.
+** If pColl==0 then recompute all indices of pTab.
+*/
+#ifndef SQLITE_OMIT_REINDEX
+static void reindexTable(Parse *pParse, Table *pTab, char const *zColl){
+ Index *pIndex; /* An index associated with pTab */
+
+ for(pIndex=pTab->pIndex; pIndex; pIndex=pIndex->pNext){
+ if( zColl==0 || collationMatch(zColl, pIndex) ){
+ int iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ sqlite3RefillIndex(pParse, pIndex, -1);
+ }
+ }
+}
+#endif
+
+/*
+** Recompute all indices of all tables in all databases where the
+** indices use the collating sequence pColl. If pColl==0 then recompute
+** all indices everywhere.
+*/
+#ifndef SQLITE_OMIT_REINDEX
+static void reindexDatabases(Parse *pParse, char const *zColl){
+ Db *pDb; /* A single database */
+ int iDb; /* The database index number */
+ sqlite3 *db = pParse->db; /* The database connection */
+ HashElem *k; /* For looping over tables in pDb */
+ Table *pTab; /* A table in the database */
+
+ assert( sqlite3BtreeHoldsAllMutexes(db) ); /* Needed for schema access */
+ for(iDb=0, pDb=db->aDb; iDb<db->nDb; iDb++, pDb++){
+ assert( pDb!=0 );
+ for(k=sqliteHashFirst(&pDb->pSchema->tblHash); k; k=sqliteHashNext(k)){
+ pTab = (Table*)sqliteHashData(k);
+ reindexTable(pParse, pTab, zColl);
+ }
+ }
+}
+#endif
+
+/*
+** Generate code for the REINDEX command.
+**
+** REINDEX -- 1
+** REINDEX <collation> -- 2
+** REINDEX ?<database>.?<tablename> -- 3
+** REINDEX ?<database>.?<indexname> -- 4
+**
+** Form 1 causes all indices in all attached databases to be rebuilt.
+** Form 2 rebuilds all indices in all databases that use the named
+** collating function. Forms 3 and 4 rebuild the named index or all
+** indices associated with the named table.
+*/
+#ifndef SQLITE_OMIT_REINDEX
+SQLITE_PRIVATE void sqlite3Reindex(Parse *pParse, Token *pName1, Token *pName2){
+ CollSeq *pColl; /* Collating sequence to be reindexed, or NULL */
+ char *z; /* Name of a table or index */
+ const char *zDb; /* Name of the database */
+ Table *pTab; /* A table in the database */
+ Index *pIndex; /* An index associated with pTab */
+ int iDb; /* The database index number */
+ sqlite3 *db = pParse->db; /* The database connection */
+ Token *pObjName; /* Name of the table or index to be reindexed */
+
+ /* Read the database schema. If an error occurs, leave an error message
+ ** and code in pParse and return NULL. */
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ return;
+ }
+
+ if( pName1==0 ){
+ reindexDatabases(pParse, 0);
+ return;
+ }else if( NEVER(pName2==0) || pName2->z==0 ){
+ char *zColl;
+ assert( pName1->z );
+ zColl = sqlite3NameFromToken(pParse->db, pName1);
+ if( !zColl ) return;
+ pColl = sqlite3FindCollSeq(db, ENC(db), zColl, 0);
+ if( pColl ){
+ reindexDatabases(pParse, zColl);
+ sqlite3DbFree(db, zColl);
+ return;
+ }
+ sqlite3DbFree(db, zColl);
+ }
+ iDb = sqlite3TwoPartName(pParse, pName1, pName2, &pObjName);
+ if( iDb<0 ) return;
+ z = sqlite3NameFromToken(db, pObjName);
+ if( z==0 ) return;
+ zDb = db->aDb[iDb].zName;
+ pTab = sqlite3FindTable(db, z, zDb);
+ if( pTab ){
+ reindexTable(pParse, pTab, 0);
+ sqlite3DbFree(db, z);
+ return;
+ }
+ pIndex = sqlite3FindIndex(db, z, zDb);
+ sqlite3DbFree(db, z);
+ if( pIndex ){
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ sqlite3RefillIndex(pParse, pIndex, -1);
+ return;
+ }
+ sqlite3ErrorMsg(pParse, "unable to identify the object to be reindexed");
+}
+#endif
+
+/*
+** Return a KeyInfo structure that is appropriate for the given Index.
+**
+** The KeyInfo structure for an index is cached in the Index object.
+** So there might be multiple references to the returned pointer. The
+** caller should not try to modify the KeyInfo object.
+**
+** The caller should invoke sqlite3KeyInfoUnref() on the returned object
+** when it has finished using it.
+*/
+SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoOfIndex(Parse *pParse, Index *pIdx){
+ int i;
+ int nCol = pIdx->nColumn;
+ int nKey = pIdx->nKeyCol;
+ KeyInfo *pKey;
+ if( pParse->nErr ) return 0;
+ if( pIdx->uniqNotNull ){
+ pKey = sqlite3KeyInfoAlloc(pParse->db, nKey, nCol-nKey);
+ }else{
+ pKey = sqlite3KeyInfoAlloc(pParse->db, nCol, 0);
+ }
+ if( pKey ){
+ assert( sqlite3KeyInfoIsWriteable(pKey) );
+ for(i=0; i<nCol; i++){
+ const char *zColl = pIdx->azColl[i];
+ pKey->aColl[i] = zColl==sqlite3StrBINARY ? 0 :
+ sqlite3LocateCollSeq(pParse, zColl);
+ pKey->aSortOrder[i] = pIdx->aSortOrder[i];
+ }
+ if( pParse->nErr ){
+ sqlite3KeyInfoUnref(pKey);
+ pKey = 0;
+ }
+ }
+ return pKey;
+}
+
+#ifndef SQLITE_OMIT_CTE
+/*
+** This routine is invoked once per CTE by the parser while parsing a
+** WITH clause.
+*/
+SQLITE_PRIVATE With *sqlite3WithAdd(
+ Parse *pParse, /* Parsing context */
+ With *pWith, /* Existing WITH clause, or NULL */
+ Token *pName, /* Name of the common-table */
+ ExprList *pArglist, /* Optional column name list for the table */
+ Select *pQuery /* Query used to initialize the table */
+){
+ sqlite3 *db = pParse->db;
+ With *pNew;
+ char *zName;
+
+ /* Check that the CTE name is unique within this WITH clause. If
+ ** not, store an error in the Parse structure. */
+ zName = sqlite3NameFromToken(pParse->db, pName);
+ if( zName && pWith ){
+ int i;
+ for(i=0; i<pWith->nCte; i++){
+ if( sqlite3StrICmp(zName, pWith->a[i].zName)==0 ){
+ sqlite3ErrorMsg(pParse, "duplicate WITH table name: %s", zName);
+ }
+ }
+ }
+
+ if( pWith ){
+ int nByte = sizeof(*pWith) + (sizeof(pWith->a[1]) * pWith->nCte);
+ pNew = sqlite3DbRealloc(db, pWith, nByte);
+ }else{
+ pNew = sqlite3DbMallocZero(db, sizeof(*pWith));
+ }
+ assert( zName!=0 || pNew==0 );
+ assert( db->mallocFailed==0 || pNew==0 );
+
+ if( pNew==0 ){
+ sqlite3ExprListDelete(db, pArglist);
+ sqlite3SelectDelete(db, pQuery);
+ sqlite3DbFree(db, zName);
+ pNew = pWith;
+ }else{
+ pNew->a[pNew->nCte].pSelect = pQuery;
+ pNew->a[pNew->nCte].pCols = pArglist;
+ pNew->a[pNew->nCte].zName = zName;
+ pNew->a[pNew->nCte].zCteErr = 0;
+ pNew->nCte++;
+ }
+
+ return pNew;
+}
+
+/*
+** Free the contents of the With object passed as the second argument.
+*/
+SQLITE_PRIVATE void sqlite3WithDelete(sqlite3 *db, With *pWith){
+ if( pWith ){
+ int i;
+ for(i=0; i<pWith->nCte; i++){
+ struct Cte *pCte = &pWith->a[i];
+ sqlite3ExprListDelete(db, pCte->pCols);
+ sqlite3SelectDelete(db, pCte->pSelect);
+ sqlite3DbFree(db, pCte->zName);
+ }
+ sqlite3DbFree(db, pWith);
+ }
+}
+#endif /* !defined(SQLITE_OMIT_CTE) */
+
+/************** End of build.c ***********************************************/
+/************** Begin file callback.c ****************************************/
+/*
+** 2005 May 23
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains functions used to access the internal hash tables
+** of user defined functions and collation sequences.
+*/
+
+/* #include "sqliteInt.h" */
+
+/*
+** Invoke the 'collation needed' callback to request a collation sequence
+** in the encoding enc of name zName, length nName.
+*/
+static void callCollNeeded(sqlite3 *db, int enc, const char *zName){
+ assert( !db->xCollNeeded || !db->xCollNeeded16 );
+ if( db->xCollNeeded ){
+ char *zExternal = sqlite3DbStrDup(db, zName);
+ if( !zExternal ) return;
+ db->xCollNeeded(db->pCollNeededArg, db, enc, zExternal);
+ sqlite3DbFree(db, zExternal);
+ }
+#ifndef SQLITE_OMIT_UTF16
+ if( db->xCollNeeded16 ){
+ char const *zExternal;
+ sqlite3_value *pTmp = sqlite3ValueNew(db);
+ sqlite3ValueSetStr(pTmp, -1, zName, SQLITE_UTF8, SQLITE_STATIC);
+ zExternal = sqlite3ValueText(pTmp, SQLITE_UTF16NATIVE);
+ if( zExternal ){
+ db->xCollNeeded16(db->pCollNeededArg, db, (int)ENC(db), zExternal);
+ }
+ sqlite3ValueFree(pTmp);
+ }
+#endif
+}
+
+/*
+** This routine is called if the collation factory fails to deliver a
+** collation function in the best encoding but there may be other versions
+** of this collation function (for other text encodings) available. Use one
+** of these instead if they exist. Avoid a UTF-8 <-> UTF-16 conversion if
+** possible.
+*/
+static int synthCollSeq(sqlite3 *db, CollSeq *pColl){
+ CollSeq *pColl2;
+ char *z = pColl->zName;
+ int i;
+ static const u8 aEnc[] = { SQLITE_UTF16BE, SQLITE_UTF16LE, SQLITE_UTF8 };
+ for(i=0; i<3; i++){
+ pColl2 = sqlite3FindCollSeq(db, aEnc[i], z, 0);
+ if( pColl2->xCmp!=0 ){
+ memcpy(pColl, pColl2, sizeof(CollSeq));
+ pColl->xDel = 0; /* Do not copy the destructor */
+ return SQLITE_OK;
+ }
+ }
+ return SQLITE_ERROR;
+}
+
+/*
+** This function is responsible for invoking the collation factory callback
+** or substituting a collation sequence of a different encoding when the
+** requested collation sequence is not available in the desired encoding.
+**
+** If it is not NULL, then pColl must point to the database native encoding
+** collation sequence with name zName, length nName.
+**
+** The return value is either the collation sequence to be used in database
+** db for collation type name zName, length nName, or NULL, if no collation
+** sequence can be found. If no collation is found, leave an error message.
+**
+** See also: sqlite3LocateCollSeq(), sqlite3FindCollSeq()
+*/
+SQLITE_PRIVATE CollSeq *sqlite3GetCollSeq(
+ Parse *pParse, /* Parsing context */
+ u8 enc, /* The desired encoding for the collating sequence */
+ CollSeq *pColl, /* Collating sequence with native encoding, or NULL */
+ const char *zName /* Collating sequence name */
+){
+ CollSeq *p;
+ sqlite3 *db = pParse->db;
+
+ p = pColl;
+ if( !p ){
+ p = sqlite3FindCollSeq(db, enc, zName, 0);
+ }
+ if( !p || !p->xCmp ){
+ /* No collation sequence of this type for this encoding is registered.
+ ** Call the collation factory to see if it can supply us with one.
+ */
+ callCollNeeded(db, enc, zName);
+ p = sqlite3FindCollSeq(db, enc, zName, 0);
+ }
+ if( p && !p->xCmp && synthCollSeq(db, p) ){
+ p = 0;
+ }
+ assert( !p || p->xCmp );
+ if( p==0 ){
+ sqlite3ErrorMsg(pParse, "no such collation sequence: %s", zName);
+ }
+ return p;
+}
+
+/*
+** This routine is called on a collation sequence before it is used to
+** check that it is defined. An undefined collation sequence exists when
+** a database is loaded that contains references to collation sequences
+** that have not been defined by sqlite3_create_collation() etc.
+**
+** If required, this routine calls the 'collation needed' callback to
+** request a definition of the collating sequence. If this doesn't work,
+** an equivalent collating sequence that uses a text encoding different
+** from the main database is substituted, if one is available.
+*/
+SQLITE_PRIVATE int sqlite3CheckCollSeq(Parse *pParse, CollSeq *pColl){
+ if( pColl ){
+ const char *zName = pColl->zName;
+ sqlite3 *db = pParse->db;
+ CollSeq *p = sqlite3GetCollSeq(pParse, ENC(db), pColl, zName);
+ if( !p ){
+ return SQLITE_ERROR;
+ }
+ assert( p==pColl );
+ }
+ return SQLITE_OK;
+}
+
+
+
+/*
+** Locate and return an entry from the db.aCollSeq hash table. If the entry
+** specified by zName and nName is not found and parameter 'create' is
+** true, then create a new entry. Otherwise return NULL.
+**
+** Each pointer stored in the sqlite3.aCollSeq hash table contains an
+** array of three CollSeq structures. The first is the collation sequence
+** preferred for UTF-8, the second UTF-16le, and the third UTF-16be.
+**
+** Stored immediately after the three collation sequences is a copy of
+** the collation sequence name. A pointer to this string is stored in
+** each collation sequence structure.
+*/
+static CollSeq *findCollSeqEntry(
+ sqlite3 *db, /* Database connection */
+ const char *zName, /* Name of the collating sequence */
+ int create /* Create a new entry if true */
+){
+ CollSeq *pColl;
+ pColl = sqlite3HashFind(&db->aCollSeq, zName);
+
+ if( 0==pColl && create ){
+ int nName = sqlite3Strlen30(zName);
+ pColl = sqlite3DbMallocZero(db, 3*sizeof(*pColl) + nName + 1);
+ if( pColl ){
+ CollSeq *pDel = 0;
+ pColl[0].zName = (char*)&pColl[3];
+ pColl[0].enc = SQLITE_UTF8;
+ pColl[1].zName = (char*)&pColl[3];
+ pColl[1].enc = SQLITE_UTF16LE;
+ pColl[2].zName = (char*)&pColl[3];
+ pColl[2].enc = SQLITE_UTF16BE;
+ memcpy(pColl[0].zName, zName, nName);
+ pColl[0].zName[nName] = 0;
+ pDel = sqlite3HashInsert(&db->aCollSeq, pColl[0].zName, pColl);
+
+ /* If a malloc() failure occurred in sqlite3HashInsert(), it will
+ ** return the pColl pointer to be deleted (because it wasn't added
+ ** to the hash table).
+ */
+ assert( pDel==0 || pDel==pColl );
+ if( pDel!=0 ){
+ db->mallocFailed = 1;
+ sqlite3DbFree(db, pDel);
+ pColl = 0;
+ }
+ }
+ }
+ return pColl;
+}
+
+/*
+** Parameter zName points to a UTF-8 encoded string nName bytes long.
+** Return the CollSeq* pointer for the collation sequence named zName
+** for the encoding 'enc' from the database 'db'.
+**
+** If the entry specified is not found and 'create' is true, then create a
+** new entry. Otherwise return NULL.
+**
+** A separate function sqlite3LocateCollSeq() is a wrapper around
+** this routine. sqlite3LocateCollSeq() invokes the collation factory
+** if necessary and generates an error message if the collating sequence
+** cannot be found.
+**
+** See also: sqlite3LocateCollSeq(), sqlite3GetCollSeq()
+*/
+SQLITE_PRIVATE CollSeq *sqlite3FindCollSeq(
+ sqlite3 *db,
+ u8 enc,
+ const char *zName,
+ int create
+){
+ CollSeq *pColl;
+ if( zName ){
+ pColl = findCollSeqEntry(db, zName, create);
+ }else{
+ pColl = db->pDfltColl;
+ }
+ assert( SQLITE_UTF8==1 && SQLITE_UTF16LE==2 && SQLITE_UTF16BE==3 );
+ assert( enc>=SQLITE_UTF8 && enc<=SQLITE_UTF16BE );
+ if( pColl ) pColl += enc-1;
+ return pColl;
+}
+
+/* During the search for the best function definition, this procedure
+** is called to test how well the function passed as the first argument
+** matches the request for a function with nArg arguments in a system
+** that uses encoding enc. The value returned indicates how well the
+** request is matched. A higher value indicates a better match.
+**
+** If nArg is -1 that means to only return a match (non-zero) if p->nArg
+** is also -1. In other words, we are searching for a function that
+** takes a variable number of arguments.
+**
+** If nArg is -2 that means that we are searching for any function
+** regardless of the number of arguments it uses, so return a positive
+** match score for any
+**
+** The returned value is always between 0 and 6, as follows:
+**
+** 0: Not a match.
+** 1: UTF8/16 conversion required and function takes any number of arguments.
+** 2: UTF16 byte order change required and function takes any number of args.
+** 3: encoding matches and function takes any number of arguments
+** 4: UTF8/16 conversion required - argument count matches exactly
+** 5: UTF16 byte order conversion required - argument count matches exactly
+** 6: Perfect match: encoding and argument count match exactly.
+**
+** If nArg==(-2) then any function with a non-null xStep or xFunc is
+** a perfect match and any function with both xStep and xFunc NULL is
+** a non-match.
+*/
+#define FUNC_PERFECT_MATCH 6 /* The score for a perfect match */
+static int matchQuality(
+ FuncDef *p, /* The function we are evaluating for match quality */
+ int nArg, /* Desired number of arguments. (-1)==any */
+ u8 enc /* Desired text encoding */
+){
+ int match;
+
+ /* nArg of -2 is a special case */
+ if( nArg==(-2) ) return (p->xFunc==0 && p->xStep==0) ? 0 : FUNC_PERFECT_MATCH;
+
+ /* Wrong number of arguments means "no match" */
+ if( p->nArg!=nArg && p->nArg>=0 ) return 0;
+
+ /* Give a better score to a function with a specific number of arguments
+ ** than to function that accepts any number of arguments. */
+ if( p->nArg==nArg ){
+ match = 4;
+ }else{
+ match = 1;
+ }
+
+ /* Bonus points if the text encoding matches */
+ if( enc==(p->funcFlags & SQLITE_FUNC_ENCMASK) ){
+ match += 2; /* Exact encoding match */
+ }else if( (enc & p->funcFlags & 2)!=0 ){
+ match += 1; /* Both are UTF16, but with different byte orders */
+ }
+
+ return match;
+}
+
+/*
+** Search a FuncDefHash for a function with the given name. Return
+** a pointer to the matching FuncDef if found, or 0 if there is no match.
+*/
+static FuncDef *functionSearch(
+ FuncDefHash *pHash, /* Hash table to search */
+ int h, /* Hash of the name */
+ const char *zFunc, /* Name of function */
+ int nFunc /* Number of bytes in zFunc */
+){
+ FuncDef *p;
+ for(p=pHash->a[h]; p; p=p->pHash){
+ if( sqlite3StrNICmp(p->zName, zFunc, nFunc)==0 && p->zName[nFunc]==0 ){
+ return p;
+ }
+ }
+ return 0;
+}
+
+/*
+** Insert a new FuncDef into a FuncDefHash hash table.
+*/
+SQLITE_PRIVATE void sqlite3FuncDefInsert(
+ FuncDefHash *pHash, /* The hash table into which to insert */
+ FuncDef *pDef /* The function definition to insert */
+){
+ FuncDef *pOther;
+ int nName = sqlite3Strlen30(pDef->zName);
+ u8 c1 = (u8)pDef->zName[0];
+ int h = (sqlite3UpperToLower[c1] + nName) % ArraySize(pHash->a);
+ pOther = functionSearch(pHash, h, pDef->zName, nName);
+ if( pOther ){
+ assert( pOther!=pDef && pOther->pNext!=pDef );
+ pDef->pNext = pOther->pNext;
+ pOther->pNext = pDef;
+ }else{
+ pDef->pNext = 0;
+ pDef->pHash = pHash->a[h];
+ pHash->a[h] = pDef;
+ }
+}
+
+
+
+/*
+** Locate a user function given a name, a number of arguments and a flag
+** indicating whether the function prefers UTF-16 over UTF-8. Return a
+** pointer to the FuncDef structure that defines that function, or return
+** NULL if the function does not exist.
+**
+** If the createFlag argument is true, then a new (blank) FuncDef
+** structure is created and liked into the "db" structure if a
+** no matching function previously existed.
+**
+** If nArg is -2, then the first valid function found is returned. A
+** function is valid if either xFunc or xStep is non-zero. The nArg==(-2)
+** case is used to see if zName is a valid function name for some number
+** of arguments. If nArg is -2, then createFlag must be 0.
+**
+** If createFlag is false, then a function with the required name and
+** number of arguments may be returned even if the eTextRep flag does not
+** match that requested.
+*/
+SQLITE_PRIVATE FuncDef *sqlite3FindFunction(
+ sqlite3 *db, /* An open database */
+ const char *zName, /* Name of the function. Not null-terminated */
+ int nName, /* Number of characters in the name */
+ int nArg, /* Number of arguments. -1 means any number */
+ u8 enc, /* Preferred text encoding */
+ u8 createFlag /* Create new entry if true and does not otherwise exist */
+){
+ FuncDef *p; /* Iterator variable */
+ FuncDef *pBest = 0; /* Best match found so far */
+ int bestScore = 0; /* Score of best match */
+ int h; /* Hash value */
+
+ assert( nArg>=(-2) );
+ assert( nArg>=(-1) || createFlag==0 );
+ h = (sqlite3UpperToLower[(u8)zName[0]] + nName) % ArraySize(db->aFunc.a);
+
+ /* First search for a match amongst the application-defined functions.
+ */
+ p = functionSearch(&db->aFunc, h, zName, nName);
+ while( p ){
+ int score = matchQuality(p, nArg, enc);
+ if( score>bestScore ){
+ pBest = p;
+ bestScore = score;
+ }
+ p = p->pNext;
+ }
+
+ /* If no match is found, search the built-in functions.
+ **
+ ** If the SQLITE_PreferBuiltin flag is set, then search the built-in
+ ** functions even if a prior app-defined function was found. And give
+ ** priority to built-in functions.
+ **
+ ** Except, if createFlag is true, that means that we are trying to
+ ** install a new function. Whatever FuncDef structure is returned it will
+ ** have fields overwritten with new information appropriate for the
+ ** new function. But the FuncDefs for built-in functions are read-only.
+ ** So we must not search for built-ins when creating a new function.
+ */
+ if( !createFlag && (pBest==0 || (db->flags & SQLITE_PreferBuiltin)!=0) ){
+ FuncDefHash *pHash = &GLOBAL(FuncDefHash, sqlite3GlobalFunctions);
+ bestScore = 0;
+ p = functionSearch(pHash, h, zName, nName);
+ while( p ){
+ int score = matchQuality(p, nArg, enc);
+ if( score>bestScore ){
+ pBest = p;
+ bestScore = score;
+ }
+ p = p->pNext;
+ }
+ }
+
+ /* If the createFlag parameter is true and the search did not reveal an
+ ** exact match for the name, number of arguments and encoding, then add a
+ ** new entry to the hash table and return it.
+ */
+ if( createFlag && bestScore<FUNC_PERFECT_MATCH &&
+ (pBest = sqlite3DbMallocZero(db, sizeof(*pBest)+nName+1))!=0 ){
+ pBest->zName = (char *)&pBest[1];
+ pBest->nArg = (u16)nArg;
+ pBest->funcFlags = enc;
+ memcpy(pBest->zName, zName, nName);
+ pBest->zName[nName] = 0;
+ sqlite3FuncDefInsert(&db->aFunc, pBest);
+ }
+
+ if( pBest && (pBest->xStep || pBest->xFunc || createFlag) ){
+ return pBest;
+ }
+ return 0;
+}
+
+/*
+** Free all resources held by the schema structure. The void* argument points
+** at a Schema struct. This function does not call sqlite3DbFree(db, ) on the
+** pointer itself, it just cleans up subsidiary resources (i.e. the contents
+** of the schema hash tables).
+**
+** The Schema.cache_size variable is not cleared.
+*/
+SQLITE_PRIVATE void sqlite3SchemaClear(void *p){
+ Hash temp1;
+ Hash temp2;
+ HashElem *pElem;
+ Schema *pSchema = (Schema *)p;
+
+ temp1 = pSchema->tblHash;
+ temp2 = pSchema->trigHash;
+ sqlite3HashInit(&pSchema->trigHash);
+ sqlite3HashClear(&pSchema->idxHash);
+ for(pElem=sqliteHashFirst(&temp2); pElem; pElem=sqliteHashNext(pElem)){
+ sqlite3DeleteTrigger(0, (Trigger*)sqliteHashData(pElem));
+ }
+ sqlite3HashClear(&temp2);
+ sqlite3HashInit(&pSchema->tblHash);
+ for(pElem=sqliteHashFirst(&temp1); pElem; pElem=sqliteHashNext(pElem)){
+ Table *pTab = sqliteHashData(pElem);
+ sqlite3DeleteTable(0, pTab);
+ }
+ sqlite3HashClear(&temp1);
+ sqlite3HashClear(&pSchema->fkeyHash);
+ pSchema->pSeqTab = 0;
+ if( pSchema->schemaFlags & DB_SchemaLoaded ){
+ pSchema->iGeneration++;
+ pSchema->schemaFlags &= ~DB_SchemaLoaded;
+ }
+}
+
+/*
+** Find and return the schema associated with a BTree. Create
+** a new one if necessary.
+*/
+SQLITE_PRIVATE Schema *sqlite3SchemaGet(sqlite3 *db, Btree *pBt){
+ Schema * p;
+ if( pBt ){
+ p = (Schema *)sqlite3BtreeSchema(pBt, sizeof(Schema), sqlite3SchemaClear);
+ }else{
+ p = (Schema *)sqlite3DbMallocZero(0, sizeof(Schema));
+ }
+ if( !p ){
+ db->mallocFailed = 1;
+ }else if ( 0==p->file_format ){
+ sqlite3HashInit(&p->tblHash);
+ sqlite3HashInit(&p->idxHash);
+ sqlite3HashInit(&p->trigHash);
+ sqlite3HashInit(&p->fkeyHash);
+ p->enc = SQLITE_UTF8;
+ }
+ return p;
+}
+
+/************** End of callback.c ********************************************/
+/************** Begin file delete.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains C code routines that are called by the parser
+** in order to generate code for DELETE FROM statements.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** While a SrcList can in general represent multiple tables and subqueries
+** (as in the FROM clause of a SELECT statement) in this case it contains
+** the name of a single table, as one might find in an INSERT, DELETE,
+** or UPDATE statement. Look up that table in the symbol table and
+** return a pointer. Set an error message and return NULL if the table
+** name is not found or if any other error occurs.
+**
+** The following fields are initialized appropriate in pSrc:
+**
+** pSrc->a[0].pTab Pointer to the Table object
+** pSrc->a[0].pIndex Pointer to the INDEXED BY index, if there is one
+**
+*/
+SQLITE_PRIVATE Table *sqlite3SrcListLookup(Parse *pParse, SrcList *pSrc){
+ struct SrcList_item *pItem = pSrc->a;
+ Table *pTab;
+ assert( pItem && pSrc->nSrc==1 );
+ pTab = sqlite3LocateTableItem(pParse, 0, pItem);
+ sqlite3DeleteTable(pParse->db, pItem->pTab);
+ pItem->pTab = pTab;
+ if( pTab ){
+ pTab->nRef++;
+ }
+ if( sqlite3IndexedByLookup(pParse, pItem) ){
+ pTab = 0;
+ }
+ return pTab;
+}
+
+/*
+** Check to make sure the given table is writable. If it is not
+** writable, generate an error message and return 1. If it is
+** writable return 0;
+*/
+SQLITE_PRIVATE int sqlite3IsReadOnly(Parse *pParse, Table *pTab, int viewOk){
+ /* A table is not writable under the following circumstances:
+ **
+ ** 1) It is a virtual table and no implementation of the xUpdate method
+ ** has been provided, or
+ ** 2) It is a system table (i.e. sqlite_master), this call is not
+ ** part of a nested parse and writable_schema pragma has not
+ ** been specified.
+ **
+ ** In either case leave an error message in pParse and return non-zero.
+ */
+ if( ( IsVirtual(pTab)
+ && sqlite3GetVTable(pParse->db, pTab)->pMod->pModule->xUpdate==0 )
+ || ( (pTab->tabFlags & TF_Readonly)!=0
+ && (pParse->db->flags & SQLITE_WriteSchema)==0
+ && pParse->nested==0 )
+ ){
+ sqlite3ErrorMsg(pParse, "table %s may not be modified", pTab->zName);
+ return 1;
+ }
+
+#ifndef SQLITE_OMIT_VIEW
+ if( !viewOk && pTab->pSelect ){
+ sqlite3ErrorMsg(pParse,"cannot modify %s because it is a view",pTab->zName);
+ return 1;
+ }
+#endif
+ return 0;
+}
+
+
+#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
+/*
+** Evaluate a view and store its result in an ephemeral table. The
+** pWhere argument is an optional WHERE clause that restricts the
+** set of rows in the view that are to be added to the ephemeral table.
+*/
+SQLITE_PRIVATE void sqlite3MaterializeView(
+ Parse *pParse, /* Parsing context */
+ Table *pView, /* View definition */
+ Expr *pWhere, /* Optional WHERE clause to be added */
+ int iCur /* Cursor number for ephemeral table */
+){
+ SelectDest dest;
+ Select *pSel;
+ SrcList *pFrom;
+ sqlite3 *db = pParse->db;
+ int iDb = sqlite3SchemaToIndex(db, pView->pSchema);
+ pWhere = sqlite3ExprDup(db, pWhere, 0);
+ pFrom = sqlite3SrcListAppend(db, 0, 0, 0);
+ if( pFrom ){
+ assert( pFrom->nSrc==1 );
+ pFrom->a[0].zName = sqlite3DbStrDup(db, pView->zName);
+ pFrom->a[0].zDatabase = sqlite3DbStrDup(db, db->aDb[iDb].zName);
+ assert( pFrom->a[0].pOn==0 );
+ assert( pFrom->a[0].pUsing==0 );
+ }
+ pSel = sqlite3SelectNew(pParse, 0, pFrom, pWhere, 0, 0, 0,
+ SF_IncludeHidden, 0, 0);
+ sqlite3SelectDestInit(&dest, SRT_EphemTab, iCur);
+ sqlite3Select(pParse, pSel, &dest);
+ sqlite3SelectDelete(db, pSel);
+}
+#endif /* !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER) */
+
+#if defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY)
+/*
+** Generate an expression tree to implement the WHERE, ORDER BY,
+** and LIMIT/OFFSET portion of DELETE and UPDATE statements.
+**
+** DELETE FROM table_wxyz WHERE a<5 ORDER BY a LIMIT 1;
+** \__________________________/
+** pLimitWhere (pInClause)
+*/
+SQLITE_PRIVATE Expr *sqlite3LimitWhere(
+ Parse *pParse, /* The parser context */
+ SrcList *pSrc, /* the FROM clause -- which tables to scan */
+ Expr *pWhere, /* The WHERE clause. May be null */
+ ExprList *pOrderBy, /* The ORDER BY clause. May be null */
+ Expr *pLimit, /* The LIMIT clause. May be null */
+ Expr *pOffset, /* The OFFSET clause. May be null */
+ char *zStmtType /* Either DELETE or UPDATE. For err msgs. */
+){
+ Expr *pWhereRowid = NULL; /* WHERE rowid .. */
+ Expr *pInClause = NULL; /* WHERE rowid IN ( select ) */
+ Expr *pSelectRowid = NULL; /* SELECT rowid ... */
+ ExprList *pEList = NULL; /* Expression list contaning only pSelectRowid */
+ SrcList *pSelectSrc = NULL; /* SELECT rowid FROM x ... (dup of pSrc) */
+ Select *pSelect = NULL; /* Complete SELECT tree */
+
+ /* Check that there isn't an ORDER BY without a LIMIT clause.
+ */
+ if( pOrderBy && (pLimit == 0) ) {
+ sqlite3ErrorMsg(pParse, "ORDER BY without LIMIT on %s", zStmtType);
+ goto limit_where_cleanup_2;
+ }
+
+ /* We only need to generate a select expression if there
+ ** is a limit/offset term to enforce.
+ */
+ if( pLimit == 0 ) {
+ /* if pLimit is null, pOffset will always be null as well. */
+ assert( pOffset == 0 );
+ return pWhere;
+ }
+
+ /* Generate a select expression tree to enforce the limit/offset
+ ** term for the DELETE or UPDATE statement. For example:
+ ** DELETE FROM table_a WHERE col1=1 ORDER BY col2 LIMIT 1 OFFSET 1
+ ** becomes:
+ ** DELETE FROM table_a WHERE rowid IN (
+ ** SELECT rowid FROM table_a WHERE col1=1 ORDER BY col2 LIMIT 1 OFFSET 1
+ ** );
+ */
+
+ pSelectRowid = sqlite3PExpr(pParse, TK_ROW, 0, 0, 0);
+ if( pSelectRowid == 0 ) goto limit_where_cleanup_2;
+ pEList = sqlite3ExprListAppend(pParse, 0, pSelectRowid);
+ if( pEList == 0 ) goto limit_where_cleanup_2;
+
+ /* duplicate the FROM clause as it is needed by both the DELETE/UPDATE tree
+ ** and the SELECT subtree. */
+ pSelectSrc = sqlite3SrcListDup(pParse->db, pSrc, 0);
+ if( pSelectSrc == 0 ) {
+ sqlite3ExprListDelete(pParse->db, pEList);
+ goto limit_where_cleanup_2;
+ }
+
+ /* generate the SELECT expression tree. */
+ pSelect = sqlite3SelectNew(pParse,pEList,pSelectSrc,pWhere,0,0,
+ pOrderBy,0,pLimit,pOffset);
+ if( pSelect == 0 ) return 0;
+
+ /* now generate the new WHERE rowid IN clause for the DELETE/UDPATE */
+ pWhereRowid = sqlite3PExpr(pParse, TK_ROW, 0, 0, 0);
+ if( pWhereRowid == 0 ) goto limit_where_cleanup_1;
+ pInClause = sqlite3PExpr(pParse, TK_IN, pWhereRowid, 0, 0);
+ if( pInClause == 0 ) goto limit_where_cleanup_1;
+
+ pInClause->x.pSelect = pSelect;
+ pInClause->flags |= EP_xIsSelect;
+ sqlite3ExprSetHeightAndFlags(pParse, pInClause);
+ return pInClause;
+
+ /* something went wrong. clean up anything allocated. */
+limit_where_cleanup_1:
+ sqlite3SelectDelete(pParse->db, pSelect);
+ return 0;
+
+limit_where_cleanup_2:
+ sqlite3ExprDelete(pParse->db, pWhere);
+ sqlite3ExprListDelete(pParse->db, pOrderBy);
+ sqlite3ExprDelete(pParse->db, pLimit);
+ sqlite3ExprDelete(pParse->db, pOffset);
+ return 0;
+}
+#endif /* defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) */
+ /* && !defined(SQLITE_OMIT_SUBQUERY) */
+
+/*
+** Generate code for a DELETE FROM statement.
+**
+** DELETE FROM table_wxyz WHERE a<5 AND b NOT NULL;
+** \________/ \________________/
+** pTabList pWhere
+*/
+SQLITE_PRIVATE void sqlite3DeleteFrom(
+ Parse *pParse, /* The parser context */
+ SrcList *pTabList, /* The table from which we should delete things */
+ Expr *pWhere /* The WHERE clause. May be null */
+){
+ Vdbe *v; /* The virtual database engine */
+ Table *pTab; /* The table from which records will be deleted */
+ const char *zDb; /* Name of database holding pTab */
+ int i; /* Loop counter */
+ WhereInfo *pWInfo; /* Information about the WHERE clause */
+ Index *pIdx; /* For looping over indices of the table */
+ int iTabCur; /* Cursor number for the table */
+ int iDataCur = 0; /* VDBE cursor for the canonical data source */
+ int iIdxCur = 0; /* Cursor number of the first index */
+ int nIdx; /* Number of indices */
+ sqlite3 *db; /* Main database structure */
+ AuthContext sContext; /* Authorization context */
+ NameContext sNC; /* Name context to resolve expressions in */
+ int iDb; /* Database number */
+ int memCnt = -1; /* Memory cell used for change counting */
+ int rcauth; /* Value returned by authorization callback */
+ int eOnePass; /* ONEPASS_OFF or _SINGLE or _MULTI */
+ int aiCurOnePass[2]; /* The write cursors opened by WHERE_ONEPASS */
+ u8 *aToOpen = 0; /* Open cursor iTabCur+j if aToOpen[j] is true */
+ Index *pPk; /* The PRIMARY KEY index on the table */
+ int iPk = 0; /* First of nPk registers holding PRIMARY KEY value */
+ i16 nPk = 1; /* Number of columns in the PRIMARY KEY */
+ int iKey; /* Memory cell holding key of row to be deleted */
+ i16 nKey; /* Number of memory cells in the row key */
+ int iEphCur = 0; /* Ephemeral table holding all primary key values */
+ int iRowSet = 0; /* Register for rowset of rows to delete */
+ int addrBypass = 0; /* Address of jump over the delete logic */
+ int addrLoop = 0; /* Top of the delete loop */
+ int addrEphOpen = 0; /* Instruction to open the Ephemeral table */
+
+#ifndef SQLITE_OMIT_TRIGGER
+ int isView; /* True if attempting to delete from a view */
+ Trigger *pTrigger; /* List of table triggers, if required */
+ int bComplex; /* True if there are either triggers or FKs */
+#endif
+
+ memset(&sContext, 0, sizeof(sContext));
+ db = pParse->db;
+ if( pParse->nErr || db->mallocFailed ){
+ goto delete_from_cleanup;
+ }
+ assert( pTabList->nSrc==1 );
+
+ /* Locate the table which we want to delete. This table has to be
+ ** put in an SrcList structure because some of the subroutines we
+ ** will be calling are designed to work with multiple tables and expect
+ ** an SrcList* parameter instead of just a Table* parameter.
+ */
+ pTab = sqlite3SrcListLookup(pParse, pTabList);
+ if( pTab==0 ) goto delete_from_cleanup;
+
+ /* Figure out if we have any triggers and if the table being
+ ** deleted from is a view
+ */
+#ifndef SQLITE_OMIT_TRIGGER
+ pTrigger = sqlite3TriggersExist(pParse, pTab, TK_DELETE, 0, 0);
+ isView = pTab->pSelect!=0;
+ bComplex = pTrigger || sqlite3FkRequired(pParse, pTab, 0, 0);
+#else
+# define pTrigger 0
+# define isView 0
+# define bComplex 0
+#endif
+#ifdef SQLITE_OMIT_VIEW
+# undef isView
+# define isView 0
+#endif
+
+ /* If pTab is really a view, make sure it has been initialized.
+ */
+ if( sqlite3ViewGetColumnNames(pParse, pTab) ){
+ goto delete_from_cleanup;
+ }
+
+ if( sqlite3IsReadOnly(pParse, pTab, (pTrigger?1:0)) ){
+ goto delete_from_cleanup;
+ }
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ assert( iDb<db->nDb );
+ zDb = db->aDb[iDb].zName;
+ rcauth = sqlite3AuthCheck(pParse, SQLITE_DELETE, pTab->zName, 0, zDb);
+ assert( rcauth==SQLITE_OK || rcauth==SQLITE_DENY || rcauth==SQLITE_IGNORE );
+ if( rcauth==SQLITE_DENY ){
+ goto delete_from_cleanup;
+ }
+ assert(!isView || pTrigger);
+
+ /* Assign cursor numbers to the table and all its indices.
+ */
+ assert( pTabList->nSrc==1 );
+ iTabCur = pTabList->a[0].iCursor = pParse->nTab++;
+ for(nIdx=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, nIdx++){
+ pParse->nTab++;
+ }
+
+ /* Start the view context
+ */
+ if( isView ){
+ sqlite3AuthContextPush(pParse, &sContext, pTab->zName);
+ }
+
+ /* Begin generating code.
+ */
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ){
+ goto delete_from_cleanup;
+ }
+ if( pParse->nested==0 ) sqlite3VdbeCountChanges(v);
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+
+ /* If we are trying to delete from a view, realize that view into
+ ** an ephemeral table.
+ */
+#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
+ if( isView ){
+ sqlite3MaterializeView(pParse, pTab, pWhere, iTabCur);
+ iDataCur = iIdxCur = iTabCur;
+ }
+#endif
+
+ /* Resolve the column names in the WHERE clause.
+ */
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pParse = pParse;
+ sNC.pSrcList = pTabList;
+ if( sqlite3ResolveExprNames(&sNC, pWhere) ){
+ goto delete_from_cleanup;
+ }
+
+ /* Initialize the counter of the number of rows deleted, if
+ ** we are counting rows.
+ */
+ if( db->flags & SQLITE_CountRows ){
+ memCnt = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, memCnt);
+ }
+
+#ifndef SQLITE_OMIT_TRUNCATE_OPTIMIZATION
+ /* Special case: A DELETE without a WHERE clause deletes everything.
+ ** It is easier just to erase the whole table. Prior to version 3.6.5,
+ ** this optimization caused the row change count (the value returned by
+ ** API function sqlite3_count_changes) to be set incorrectly. */
+ if( rcauth==SQLITE_OK
+ && pWhere==0
+ && !bComplex
+ && !IsVirtual(pTab)
+ ){
+ assert( !isView );
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 1, pTab->zName);
+ if( HasRowid(pTab) ){
+ sqlite3VdbeAddOp4(v, OP_Clear, pTab->tnum, iDb, memCnt,
+ pTab->zName, P4_STATIC);
+ }
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ assert( pIdx->pSchema==pTab->pSchema );
+ sqlite3VdbeAddOp2(v, OP_Clear, pIdx->tnum, iDb);
+ }
+ }else
+#endif /* SQLITE_OMIT_TRUNCATE_OPTIMIZATION */
+ {
+ u16 wcf = WHERE_ONEPASS_DESIRED|WHERE_DUPLICATES_OK;
+ wcf |= (bComplex ? 0 : WHERE_ONEPASS_MULTIROW);
+ if( HasRowid(pTab) ){
+ /* For a rowid table, initialize the RowSet to an empty set */
+ pPk = 0;
+ nPk = 1;
+ iRowSet = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Null, 0, iRowSet);
+ }else{
+ /* For a WITHOUT ROWID table, create an ephemeral table used to
+ ** hold all primary keys for rows to be deleted. */
+ pPk = sqlite3PrimaryKeyIndex(pTab);
+ assert( pPk!=0 );
+ nPk = pPk->nKeyCol;
+ iPk = pParse->nMem+1;
+ pParse->nMem += nPk;
+ iEphCur = pParse->nTab++;
+ addrEphOpen = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, iEphCur, nPk);
+ sqlite3VdbeSetP4KeyInfo(pParse, pPk);
+ }
+
+ /* Construct a query to find the rowid or primary key for every row
+ ** to be deleted, based on the WHERE clause. Set variable eOnePass
+ ** to indicate the strategy used to implement this delete:
+ **
+ ** ONEPASS_OFF: Two-pass approach - use a FIFO for rowids/PK values.
+ ** ONEPASS_SINGLE: One-pass approach - at most one row deleted.
+ ** ONEPASS_MULTI: One-pass approach - any number of rows may be deleted.
+ */
+ pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, 0, 0, wcf, iTabCur+1);
+ if( pWInfo==0 ) goto delete_from_cleanup;
+ eOnePass = sqlite3WhereOkOnePass(pWInfo, aiCurOnePass);
+ assert( IsVirtual(pTab)==0 || eOnePass!=ONEPASS_MULTI );
+ assert( IsVirtual(pTab) || bComplex || eOnePass!=ONEPASS_OFF );
+
+ /* Keep track of the number of rows to be deleted */
+ if( db->flags & SQLITE_CountRows ){
+ sqlite3VdbeAddOp2(v, OP_AddImm, memCnt, 1);
+ }
+
+ /* Extract the rowid or primary key for the current row */
+ if( pPk ){
+ for(i=0; i<nPk; i++){
+ assert( pPk->aiColumn[i]>=0 );
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iTabCur,
+ pPk->aiColumn[i], iPk+i);
+ }
+ iKey = iPk;
+ }else{
+ iKey = pParse->nMem + 1;
+ iKey = sqlite3ExprCodeGetColumn(pParse, pTab, -1, iTabCur, iKey, 0);
+ if( iKey>pParse->nMem ) pParse->nMem = iKey;
+ }
+
+ if( eOnePass!=ONEPASS_OFF ){
+ /* For ONEPASS, no need to store the rowid/primary-key. There is only
+ ** one, so just keep it in its register(s) and fall through to the
+ ** delete code. */
+ nKey = nPk; /* OP_Found will use an unpacked key */
+ aToOpen = sqlite3DbMallocRaw(db, nIdx+2);
+ if( aToOpen==0 ){
+ sqlite3WhereEnd(pWInfo);
+ goto delete_from_cleanup;
+ }
+ memset(aToOpen, 1, nIdx+1);
+ aToOpen[nIdx+1] = 0;
+ if( aiCurOnePass[0]>=0 ) aToOpen[aiCurOnePass[0]-iTabCur] = 0;
+ if( aiCurOnePass[1]>=0 ) aToOpen[aiCurOnePass[1]-iTabCur] = 0;
+ if( addrEphOpen ) sqlite3VdbeChangeToNoop(v, addrEphOpen);
+ }else{
+ if( pPk ){
+ /* Add the PK key for this row to the temporary table */
+ iKey = ++pParse->nMem;
+ nKey = 0; /* Zero tells OP_Found to use a composite key */
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, iPk, nPk, iKey,
+ sqlite3IndexAffinityStr(pParse->db, pPk), nPk);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iEphCur, iKey);
+ }else{
+ /* Add the rowid of the row to be deleted to the RowSet */
+ nKey = 1; /* OP_Seek always uses a single rowid */
+ sqlite3VdbeAddOp2(v, OP_RowSetAdd, iRowSet, iKey);
+ }
+ }
+
+ /* If this DELETE cannot use the ONEPASS strategy, this is the
+ ** end of the WHERE loop */
+ if( eOnePass!=ONEPASS_OFF ){
+ addrBypass = sqlite3VdbeMakeLabel(v);
+ }else{
+ sqlite3WhereEnd(pWInfo);
+ }
+
+ /* Unless this is a view, open cursors for the table we are
+ ** deleting from and all its indices. If this is a view, then the
+ ** only effect this statement has is to fire the INSTEAD OF
+ ** triggers.
+ */
+ if( !isView ){
+ int iAddrOnce = 0;
+ u8 p5 = (eOnePass==ONEPASS_OFF ? 0 : OPFLAG_FORDELETE);
+ if( eOnePass==ONEPASS_MULTI ){
+ iAddrOnce = sqlite3CodeOnce(pParse); VdbeCoverage(v);
+ }
+ testcase( IsVirtual(pTab) );
+ sqlite3OpenTableAndIndices(pParse, pTab, OP_OpenWrite, p5, iTabCur,
+ aToOpen, &iDataCur, &iIdxCur);
+ assert( pPk || IsVirtual(pTab) || iDataCur==iTabCur );
+ assert( pPk || IsVirtual(pTab) || iIdxCur==iDataCur+1 );
+ if( eOnePass==ONEPASS_MULTI ) sqlite3VdbeJumpHere(v, iAddrOnce);
+ }
+
+ /* Set up a loop over the rowids/primary-keys that were found in the
+ ** where-clause loop above.
+ */
+ if( eOnePass!=ONEPASS_OFF ){
+ assert( nKey==nPk ); /* OP_Found will use an unpacked key */
+ if( !IsVirtual(pTab) && aToOpen[iDataCur-iTabCur] ){
+ assert( pPk!=0 || pTab->pSelect!=0 );
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, iDataCur, addrBypass, iKey, nKey);
+ VdbeCoverage(v);
+ }
+ }else if( pPk ){
+ addrLoop = sqlite3VdbeAddOp1(v, OP_Rewind, iEphCur); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_RowKey, iEphCur, iKey);
+ assert( nKey==0 ); /* OP_Found will use a composite key */
+ }else{
+ addrLoop = sqlite3VdbeAddOp3(v, OP_RowSetRead, iRowSet, 0, iKey);
+ VdbeCoverage(v);
+ assert( nKey==1 );
+ }
+
+ /* Delete the row */
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( IsVirtual(pTab) ){
+ const char *pVTab = (const char *)sqlite3GetVTable(db, pTab);
+ sqlite3VtabMakeWritable(pParse, pTab);
+ sqlite3VdbeAddOp4(v, OP_VUpdate, 0, 1, iKey, pVTab, P4_VTAB);
+ sqlite3VdbeChangeP5(v, OE_Abort);
+ assert( eOnePass==ONEPASS_OFF || eOnePass==ONEPASS_SINGLE );
+ sqlite3MayAbort(pParse);
+ if( eOnePass==ONEPASS_SINGLE && sqlite3IsToplevel(pParse) ){
+ pParse->isMultiWrite = 0;
+ }
+ }else
+#endif
+ {
+ int count = (pParse->nested==0); /* True to count changes */
+ int iIdxNoSeek = -1;
+ if( bComplex==0 && aiCurOnePass[1]!=iDataCur ){
+ iIdxNoSeek = aiCurOnePass[1];
+ }
+ sqlite3GenerateRowDelete(pParse, pTab, pTrigger, iDataCur, iIdxCur,
+ iKey, nKey, count, OE_Default, eOnePass, iIdxNoSeek);
+ }
+
+ /* End of the loop over all rowids/primary-keys. */
+ if( eOnePass!=ONEPASS_OFF ){
+ sqlite3VdbeResolveLabel(v, addrBypass);
+ sqlite3WhereEnd(pWInfo);
+ }else if( pPk ){
+ sqlite3VdbeAddOp2(v, OP_Next, iEphCur, addrLoop+1); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addrLoop);
+ }else{
+ sqlite3VdbeGoto(v, addrLoop);
+ sqlite3VdbeJumpHere(v, addrLoop);
+ }
+
+ /* Close the cursors open on the table and its indexes. */
+ if( !isView && !IsVirtual(pTab) ){
+ if( !pPk ) sqlite3VdbeAddOp1(v, OP_Close, iDataCur);
+ for(i=0, pIdx=pTab->pIndex; pIdx; i++, pIdx=pIdx->pNext){
+ sqlite3VdbeAddOp1(v, OP_Close, iIdxCur + i);
+ }
+ }
+ } /* End non-truncate path */
+
+ /* Update the sqlite_sequence table by storing the content of the
+ ** maximum rowid counter values recorded while inserting into
+ ** autoincrement tables.
+ */
+ if( pParse->nested==0 && pParse->pTriggerTab==0 ){
+ sqlite3AutoincrementEnd(pParse);
+ }
+
+ /* Return the number of rows that were deleted. If this routine is
+ ** generating code because of a call to sqlite3NestedParse(), do not
+ ** invoke the callback function.
+ */
+ if( (db->flags&SQLITE_CountRows) && !pParse->nested && !pParse->pTriggerTab ){
+ sqlite3VdbeAddOp2(v, OP_ResultRow, memCnt, 1);
+ sqlite3VdbeSetNumCols(v, 1);
+ sqlite3VdbeSetColName(v, 0, COLNAME_NAME, "rows deleted", SQLITE_STATIC);
+ }
+
+delete_from_cleanup:
+ sqlite3AuthContextPop(&sContext);
+ sqlite3SrcListDelete(db, pTabList);
+ sqlite3ExprDelete(db, pWhere);
+ sqlite3DbFree(db, aToOpen);
+ return;
+}
+/* Make sure "isView" and other macros defined above are undefined. Otherwise
+** they may interfere with compilation of other functions in this file
+** (or in another file, if this file becomes part of the amalgamation). */
+#ifdef isView
+ #undef isView
+#endif
+#ifdef pTrigger
+ #undef pTrigger
+#endif
+
+/*
+** This routine generates VDBE code that causes a single row of a
+** single table to be deleted. Both the original table entry and
+** all indices are removed.
+**
+** Preconditions:
+**
+** 1. iDataCur is an open cursor on the btree that is the canonical data
+** store for the table. (This will be either the table itself,
+** in the case of a rowid table, or the PRIMARY KEY index in the case
+** of a WITHOUT ROWID table.)
+**
+** 2. Read/write cursors for all indices of pTab must be open as
+** cursor number iIdxCur+i for the i-th index.
+**
+** 3. The primary key for the row to be deleted must be stored in a
+** sequence of nPk memory cells starting at iPk. If nPk==0 that means
+** that a search record formed from OP_MakeRecord is contained in the
+** single memory location iPk.
+**
+** eMode:
+** Parameter eMode may be passed either ONEPASS_OFF (0), ONEPASS_SINGLE, or
+** ONEPASS_MULTI. If eMode is not ONEPASS_OFF, then the cursor
+** iDataCur already points to the row to delete. If eMode is ONEPASS_OFF
+** then this function must seek iDataCur to the entry identified by iPk
+** and nPk before reading from it.
+**
+** If eMode is ONEPASS_MULTI, then this call is being made as part
+** of a ONEPASS delete that affects multiple rows. In this case, if
+** iIdxNoSeek is a valid cursor number (>=0), then its position should
+** be preserved following the delete operation. Or, if iIdxNoSeek is not
+** a valid cursor number, the position of iDataCur should be preserved
+** instead.
+**
+** iIdxNoSeek:
+** If iIdxNoSeek is a valid cursor number (>=0), then it identifies an
+** index cursor (from within array of cursors starting at iIdxCur) that
+** already points to the index entry to be deleted.
+*/
+SQLITE_PRIVATE void sqlite3GenerateRowDelete(
+ Parse *pParse, /* Parsing context */
+ Table *pTab, /* Table containing the row to be deleted */
+ Trigger *pTrigger, /* List of triggers to (potentially) fire */
+ int iDataCur, /* Cursor from which column data is extracted */
+ int iIdxCur, /* First index cursor */
+ int iPk, /* First memory cell containing the PRIMARY KEY */
+ i16 nPk, /* Number of PRIMARY KEY memory cells */
+ u8 count, /* If non-zero, increment the row change counter */
+ u8 onconf, /* Default ON CONFLICT policy for triggers */
+ u8 eMode, /* ONEPASS_OFF, _SINGLE, or _MULTI. See above */
+ int iIdxNoSeek /* Cursor number of cursor that does not need seeking */
+){
+ Vdbe *v = pParse->pVdbe; /* Vdbe */
+ int iOld = 0; /* First register in OLD.* array */
+ int iLabel; /* Label resolved to end of generated code */
+ u8 opSeek; /* Seek opcode */
+
+ /* Vdbe is guaranteed to have been allocated by this stage. */
+ assert( v );
+ VdbeModuleComment((v, "BEGIN: GenRowDel(%d,%d,%d,%d)",
+ iDataCur, iIdxCur, iPk, (int)nPk));
+
+ /* Seek cursor iCur to the row to delete. If this row no longer exists
+ ** (this can happen if a trigger program has already deleted it), do
+ ** not attempt to delete it or fire any DELETE triggers. */
+ iLabel = sqlite3VdbeMakeLabel(v);
+ opSeek = HasRowid(pTab) ? OP_NotExists : OP_NotFound;
+ if( eMode==ONEPASS_OFF ){
+ sqlite3VdbeAddOp4Int(v, opSeek, iDataCur, iLabel, iPk, nPk);
+ VdbeCoverageIf(v, opSeek==OP_NotExists);
+ VdbeCoverageIf(v, opSeek==OP_NotFound);
+ }
+
+ /* If there are any triggers to fire, allocate a range of registers to
+ ** use for the old.* references in the triggers. */
+ if( sqlite3FkRequired(pParse, pTab, 0, 0) || pTrigger ){
+ u32 mask; /* Mask of OLD.* columns in use */
+ int iCol; /* Iterator used while populating OLD.* */
+ int addrStart; /* Start of BEFORE trigger programs */
+
+ /* TODO: Could use temporary registers here. Also could attempt to
+ ** avoid copying the contents of the rowid register. */
+ mask = sqlite3TriggerColmask(
+ pParse, pTrigger, 0, 0, TRIGGER_BEFORE|TRIGGER_AFTER, pTab, onconf
+ );
+ mask |= sqlite3FkOldmask(pParse, pTab);
+ iOld = pParse->nMem+1;
+ pParse->nMem += (1 + pTab->nCol);
+
+ /* Populate the OLD.* pseudo-table register array. These values will be
+ ** used by any BEFORE and AFTER triggers that exist. */
+ sqlite3VdbeAddOp2(v, OP_Copy, iPk, iOld);
+ for(iCol=0; iCol<pTab->nCol; iCol++){
+ testcase( mask!=0xffffffff && iCol==31 );
+ testcase( mask!=0xffffffff && iCol==32 );
+ if( mask==0xffffffff || (iCol<=31 && (mask & MASKBIT32(iCol))!=0) ){
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, iCol, iOld+iCol+1);
+ }
+ }
+
+ /* Invoke BEFORE DELETE trigger programs. */
+ addrStart = sqlite3VdbeCurrentAddr(v);
+ sqlite3CodeRowTrigger(pParse, pTrigger,
+ TK_DELETE, 0, TRIGGER_BEFORE, pTab, iOld, onconf, iLabel
+ );
+
+ /* If any BEFORE triggers were coded, then seek the cursor to the
+ ** row to be deleted again. It may be that the BEFORE triggers moved
+ ** the cursor or of already deleted the row that the cursor was
+ ** pointing to.
+ */
+ if( addrStart<sqlite3VdbeCurrentAddr(v) ){
+ sqlite3VdbeAddOp4Int(v, opSeek, iDataCur, iLabel, iPk, nPk);
+ VdbeCoverageIf(v, opSeek==OP_NotExists);
+ VdbeCoverageIf(v, opSeek==OP_NotFound);
+ }
+
+ /* Do FK processing. This call checks that any FK constraints that
+ ** refer to this table (i.e. constraints attached to other tables)
+ ** are not violated by deleting this row. */
+ sqlite3FkCheck(pParse, pTab, iOld, 0, 0, 0);
+ }
+
+ /* Delete the index and table entries. Skip this step if pTab is really
+ ** a view (in which case the only effect of the DELETE statement is to
+ ** fire the INSTEAD OF triggers). */
+ if( pTab->pSelect==0 ){
+ sqlite3GenerateRowIndexDelete(pParse, pTab, iDataCur, iIdxCur,0,iIdxNoSeek);
+ sqlite3VdbeAddOp2(v, OP_Delete, iDataCur, (count?OPFLAG_NCHANGE:0));
+ if( count ){
+ sqlite3VdbeChangeP4(v, -1, pTab->zName, P4_TRANSIENT);
+ }
+ if( iIdxNoSeek>=0 ){
+ sqlite3VdbeAddOp1(v, OP_Delete, iIdxNoSeek);
+ }
+ sqlite3VdbeChangeP5(v, eMode==ONEPASS_MULTI);
+ }
+
+ /* Do any ON CASCADE, SET NULL or SET DEFAULT operations required to
+ ** handle rows (possibly in other tables) that refer via a foreign key
+ ** to the row just deleted. */
+ sqlite3FkActions(pParse, pTab, 0, iOld, 0, 0);
+
+ /* Invoke AFTER DELETE trigger programs. */
+ sqlite3CodeRowTrigger(pParse, pTrigger,
+ TK_DELETE, 0, TRIGGER_AFTER, pTab, iOld, onconf, iLabel
+ );
+
+ /* Jump here if the row had already been deleted before any BEFORE
+ ** trigger programs were invoked. Or if a trigger program throws a
+ ** RAISE(IGNORE) exception. */
+ sqlite3VdbeResolveLabel(v, iLabel);
+ VdbeModuleComment((v, "END: GenRowDel()"));
+}
+
+/*
+** This routine generates VDBE code that causes the deletion of all
+** index entries associated with a single row of a single table, pTab
+**
+** Preconditions:
+**
+** 1. A read/write cursor "iDataCur" must be open on the canonical storage
+** btree for the table pTab. (This will be either the table itself
+** for rowid tables or to the primary key index for WITHOUT ROWID
+** tables.)
+**
+** 2. Read/write cursors for all indices of pTab must be open as
+** cursor number iIdxCur+i for the i-th index. (The pTab->pIndex
+** index is the 0-th index.)
+**
+** 3. The "iDataCur" cursor must be already be positioned on the row
+** that is to be deleted.
+*/
+SQLITE_PRIVATE void sqlite3GenerateRowIndexDelete(
+ Parse *pParse, /* Parsing and code generating context */
+ Table *pTab, /* Table containing the row to be deleted */
+ int iDataCur, /* Cursor of table holding data. */
+ int iIdxCur, /* First index cursor */
+ int *aRegIdx, /* Only delete if aRegIdx!=0 && aRegIdx[i]>0 */
+ int iIdxNoSeek /* Do not delete from this cursor */
+){
+ int i; /* Index loop counter */
+ int r1 = -1; /* Register holding an index key */
+ int iPartIdxLabel; /* Jump destination for skipping partial index entries */
+ Index *pIdx; /* Current index */
+ Index *pPrior = 0; /* Prior index */
+ Vdbe *v; /* The prepared statement under construction */
+ Index *pPk; /* PRIMARY KEY index, or NULL for rowid tables */
+
+ v = pParse->pVdbe;
+ pPk = HasRowid(pTab) ? 0 : sqlite3PrimaryKeyIndex(pTab);
+ for(i=0, pIdx=pTab->pIndex; pIdx; i++, pIdx=pIdx->pNext){
+ assert( iIdxCur+i!=iDataCur || pPk==pIdx );
+ if( aRegIdx!=0 && aRegIdx[i]==0 ) continue;
+ if( pIdx==pPk ) continue;
+ if( iIdxCur+i==iIdxNoSeek ) continue;
+ VdbeModuleComment((v, "GenRowIdxDel for %s", pIdx->zName));
+ r1 = sqlite3GenerateIndexKey(pParse, pIdx, iDataCur, 0, 1,
+ &iPartIdxLabel, pPrior, r1);
+ sqlite3VdbeAddOp3(v, OP_IdxDelete, iIdxCur+i, r1,
+ pIdx->uniqNotNull ? pIdx->nKeyCol : pIdx->nColumn);
+ sqlite3ResolvePartIdxLabel(pParse, iPartIdxLabel);
+ pPrior = pIdx;
+ }
+}
+
+/*
+** Generate code that will assemble an index key and stores it in register
+** regOut. The key with be for index pIdx which is an index on pTab.
+** iCur is the index of a cursor open on the pTab table and pointing to
+** the entry that needs indexing. If pTab is a WITHOUT ROWID table, then
+** iCur must be the cursor of the PRIMARY KEY index.
+**
+** Return a register number which is the first in a block of
+** registers that holds the elements of the index key. The
+** block of registers has already been deallocated by the time
+** this routine returns.
+**
+** If *piPartIdxLabel is not NULL, fill it in with a label and jump
+** to that label if pIdx is a partial index that should be skipped.
+** The label should be resolved using sqlite3ResolvePartIdxLabel().
+** A partial index should be skipped if its WHERE clause evaluates
+** to false or null. If pIdx is not a partial index, *piPartIdxLabel
+** will be set to zero which is an empty label that is ignored by
+** sqlite3ResolvePartIdxLabel().
+**
+** The pPrior and regPrior parameters are used to implement a cache to
+** avoid unnecessary register loads. If pPrior is not NULL, then it is
+** a pointer to a different index for which an index key has just been
+** computed into register regPrior. If the current pIdx index is generating
+** its key into the same sequence of registers and if pPrior and pIdx share
+** a column in common, then the register corresponding to that column already
+** holds the correct value and the loading of that register is skipped.
+** This optimization is helpful when doing a DELETE or an INTEGRITY_CHECK
+** on a table with multiple indices, and especially with the ROWID or
+** PRIMARY KEY columns of the index.
+*/
+SQLITE_PRIVATE int sqlite3GenerateIndexKey(
+ Parse *pParse, /* Parsing context */
+ Index *pIdx, /* The index for which to generate a key */
+ int iDataCur, /* Cursor number from which to take column data */
+ int regOut, /* Put the new key into this register if not 0 */
+ int prefixOnly, /* Compute only a unique prefix of the key */
+ int *piPartIdxLabel, /* OUT: Jump to this label to skip partial index */
+ Index *pPrior, /* Previously generated index key */
+ int regPrior /* Register holding previous generated key */
+){
+ Vdbe *v = pParse->pVdbe;
+ int j;
+ int regBase;
+ int nCol;
+
+ if( piPartIdxLabel ){
+ if( pIdx->pPartIdxWhere ){
+ *piPartIdxLabel = sqlite3VdbeMakeLabel(v);
+ pParse->iSelfTab = iDataCur;
+ sqlite3ExprCachePush(pParse);
+ sqlite3ExprIfFalseDup(pParse, pIdx->pPartIdxWhere, *piPartIdxLabel,
+ SQLITE_JUMPIFNULL);
+ }else{
+ *piPartIdxLabel = 0;
+ }
+ }
+ nCol = (prefixOnly && pIdx->uniqNotNull) ? pIdx->nKeyCol : pIdx->nColumn;
+ regBase = sqlite3GetTempRange(pParse, nCol);
+ if( pPrior && (regBase!=regPrior || pPrior->pPartIdxWhere) ) pPrior = 0;
+ for(j=0; j<nCol; j++){
+ if( pPrior
+ && pPrior->aiColumn[j]==pIdx->aiColumn[j]
+ && pPrior->aiColumn[j]!=XN_EXPR
+ ){
+ /* This column was already computed by the previous index */
+ continue;
+ }
+ sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iDataCur, j, regBase+j);
+ /* If the column affinity is REAL but the number is an integer, then it
+ ** might be stored in the table as an integer (using a compact
+ ** representation) then converted to REAL by an OP_RealAffinity opcode.
+ ** But we are getting ready to store this value back into an index, where
+ ** it should be converted by to INTEGER again. So omit the OP_RealAffinity
+ ** opcode if it is present */
+ sqlite3VdbeDeletePriorOpcode(v, OP_RealAffinity);
+ }
+ if( regOut ){
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regOut);
+ }
+ sqlite3ReleaseTempRange(pParse, regBase, nCol);
+ return regBase;
+}
+
+/*
+** If a prior call to sqlite3GenerateIndexKey() generated a jump-over label
+** because it was a partial index, then this routine should be called to
+** resolve that label.
+*/
+SQLITE_PRIVATE void sqlite3ResolvePartIdxLabel(Parse *pParse, int iLabel){
+ if( iLabel ){
+ sqlite3VdbeResolveLabel(pParse->pVdbe, iLabel);
+ sqlite3ExprCachePop(pParse);
+ }
+}
+
+/************** End of delete.c **********************************************/
+/************** Begin file func.c ********************************************/
+/*
+** 2002 February 23
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the C-language implementations for many of the SQL
+** functions of SQLite. (Some function, and in particular the date and
+** time functions, are implemented separately.)
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdlib.h> */
+/* #include <assert.h> */
+/* #include "vdbeInt.h" */
+
+/*
+** Return the collating function associated with a function.
+*/
+static CollSeq *sqlite3GetFuncCollSeq(sqlite3_context *context){
+ VdbeOp *pOp;
+ assert( context->pVdbe!=0 );
+ pOp = &context->pVdbe->aOp[context->iOp-1];
+ assert( pOp->opcode==OP_CollSeq );
+ assert( pOp->p4type==P4_COLLSEQ );
+ return pOp->p4.pColl;
+}
+
+/*
+** Indicate that the accumulator load should be skipped on this
+** iteration of the aggregate loop.
+*/
+static void sqlite3SkipAccumulatorLoad(sqlite3_context *context){
+ context->skipFlag = 1;
+}
+
+/*
+** Implementation of the non-aggregate min() and max() functions
+*/
+static void minmaxFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int i;
+ int mask; /* 0 for min() or 0xffffffff for max() */
+ int iBest;
+ CollSeq *pColl;
+
+ assert( argc>1 );
+ mask = sqlite3_user_data(context)==0 ? 0 : -1;
+ pColl = sqlite3GetFuncCollSeq(context);
+ assert( pColl );
+ assert( mask==-1 || mask==0 );
+ iBest = 0;
+ if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
+ for(i=1; i<argc; i++){
+ if( sqlite3_value_type(argv[i])==SQLITE_NULL ) return;
+ if( (sqlite3MemCompare(argv[iBest], argv[i], pColl)^mask)>=0 ){
+ testcase( mask==0 );
+ iBest = i;
+ }
+ }
+ sqlite3_result_value(context, argv[iBest]);
+}
+
+/*
+** Return the type of the argument.
+*/
+static void typeofFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ const char *z = 0;
+ UNUSED_PARAMETER(NotUsed);
+ switch( sqlite3_value_type(argv[0]) ){
+ case SQLITE_INTEGER: z = "integer"; break;
+ case SQLITE_TEXT: z = "text"; break;
+ case SQLITE_FLOAT: z = "real"; break;
+ case SQLITE_BLOB: z = "blob"; break;
+ default: z = "null"; break;
+ }
+ sqlite3_result_text(context, z, -1, SQLITE_STATIC);
+}
+
+
+/*
+** Implementation of the length() function
+*/
+static void lengthFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int len;
+
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ switch( sqlite3_value_type(argv[0]) ){
+ case SQLITE_BLOB:
+ case SQLITE_INTEGER:
+ case SQLITE_FLOAT: {
+ sqlite3_result_int(context, sqlite3_value_bytes(argv[0]));
+ break;
+ }
+ case SQLITE_TEXT: {
+ const unsigned char *z = sqlite3_value_text(argv[0]);
+ if( z==0 ) return;
+ len = 0;
+ while( *z ){
+ len++;
+ SQLITE_SKIP_UTF8(z);
+ }
+ sqlite3_result_int(context, len);
+ break;
+ }
+ default: {
+ sqlite3_result_null(context);
+ break;
+ }
+ }
+}
+
+/*
+** Implementation of the abs() function.
+**
+** IMP: R-23979-26855 The abs(X) function returns the absolute value of
+** the numeric argument X.
+*/
+static void absFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ switch( sqlite3_value_type(argv[0]) ){
+ case SQLITE_INTEGER: {
+ i64 iVal = sqlite3_value_int64(argv[0]);
+ if( iVal<0 ){
+ if( iVal==SMALLEST_INT64 ){
+ /* IMP: R-31676-45509 If X is the integer -9223372036854775808
+ ** then abs(X) throws an integer overflow error since there is no
+ ** equivalent positive 64-bit two complement value. */
+ sqlite3_result_error(context, "integer overflow", -1);
+ return;
+ }
+ iVal = -iVal;
+ }
+ sqlite3_result_int64(context, iVal);
+ break;
+ }
+ case SQLITE_NULL: {
+ /* IMP: R-37434-19929 Abs(X) returns NULL if X is NULL. */
+ sqlite3_result_null(context);
+ break;
+ }
+ default: {
+ /* Because sqlite3_value_double() returns 0.0 if the argument is not
+ ** something that can be converted into a number, we have:
+ ** IMP: R-01992-00519 Abs(X) returns 0.0 if X is a string or blob
+ ** that cannot be converted to a numeric value.
+ */
+ double rVal = sqlite3_value_double(argv[0]);
+ if( rVal<0 ) rVal = -rVal;
+ sqlite3_result_double(context, rVal);
+ break;
+ }
+ }
+}
+
+/*
+** Implementation of the instr() function.
+**
+** instr(haystack,needle) finds the first occurrence of needle
+** in haystack and returns the number of previous characters plus 1,
+** or 0 if needle does not occur within haystack.
+**
+** If both haystack and needle are BLOBs, then the result is one more than
+** the number of bytes in haystack prior to the first occurrence of needle,
+** or 0 if needle never occurs in haystack.
+*/
+static void instrFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *zHaystack;
+ const unsigned char *zNeedle;
+ int nHaystack;
+ int nNeedle;
+ int typeHaystack, typeNeedle;
+ int N = 1;
+ int isText;
+
+ UNUSED_PARAMETER(argc);
+ typeHaystack = sqlite3_value_type(argv[0]);
+ typeNeedle = sqlite3_value_type(argv[1]);
+ if( typeHaystack==SQLITE_NULL || typeNeedle==SQLITE_NULL ) return;
+ nHaystack = sqlite3_value_bytes(argv[0]);
+ nNeedle = sqlite3_value_bytes(argv[1]);
+ if( typeHaystack==SQLITE_BLOB && typeNeedle==SQLITE_BLOB ){
+ zHaystack = sqlite3_value_blob(argv[0]);
+ zNeedle = sqlite3_value_blob(argv[1]);
+ isText = 0;
+ }else{
+ zHaystack = sqlite3_value_text(argv[0]);
+ zNeedle = sqlite3_value_text(argv[1]);
+ isText = 1;
+ }
+ while( nNeedle<=nHaystack && memcmp(zHaystack, zNeedle, nNeedle)!=0 ){
+ N++;
+ do{
+ nHaystack--;
+ zHaystack++;
+ }while( isText && (zHaystack[0]&0xc0)==0x80 );
+ }
+ if( nNeedle>nHaystack ) N = 0;
+ sqlite3_result_int(context, N);
+}
+
+/*
+** Implementation of the printf() function.
+*/
+static void printfFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ PrintfArguments x;
+ StrAccum str;
+ const char *zFormat;
+ int n;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+
+ if( argc>=1 && (zFormat = (const char*)sqlite3_value_text(argv[0]))!=0 ){
+ x.nArg = argc-1;
+ x.nUsed = 0;
+ x.apArg = argv+1;
+ sqlite3StrAccumInit(&str, db, 0, 0, db->aLimit[SQLITE_LIMIT_LENGTH]);
+ sqlite3XPrintf(&str, SQLITE_PRINTF_SQLFUNC, zFormat, &x);
+ n = str.nChar;
+ sqlite3_result_text(context, sqlite3StrAccumFinish(&str), n,
+ SQLITE_DYNAMIC);
+ }
+}
+
+/*
+** Implementation of the substr() function.
+**
+** substr(x,p1,p2) returns p2 characters of x[] beginning with p1.
+** p1 is 1-indexed. So substr(x,1,1) returns the first character
+** of x. If x is text, then we actually count UTF-8 characters.
+** If x is a blob, then we count bytes.
+**
+** If p1 is negative, then we begin abs(p1) from the end of x[].
+**
+** If p2 is negative, return the p2 characters preceding p1.
+*/
+static void substrFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *z;
+ const unsigned char *z2;
+ int len;
+ int p0type;
+ i64 p1, p2;
+ int negP2 = 0;
+
+ assert( argc==3 || argc==2 );
+ if( sqlite3_value_type(argv[1])==SQLITE_NULL
+ || (argc==3 && sqlite3_value_type(argv[2])==SQLITE_NULL)
+ ){
+ return;
+ }
+ p0type = sqlite3_value_type(argv[0]);
+ p1 = sqlite3_value_int(argv[1]);
+ if( p0type==SQLITE_BLOB ){
+ len = sqlite3_value_bytes(argv[0]);
+ z = sqlite3_value_blob(argv[0]);
+ if( z==0 ) return;
+ assert( len==sqlite3_value_bytes(argv[0]) );
+ }else{
+ z = sqlite3_value_text(argv[0]);
+ if( z==0 ) return;
+ len = 0;
+ if( p1<0 ){
+ for(z2=z; *z2; len++){
+ SQLITE_SKIP_UTF8(z2);
+ }
+ }
+ }
+#ifdef SQLITE_SUBSTR_COMPATIBILITY
+ /* If SUBSTR_COMPATIBILITY is defined then substr(X,0,N) work the same as
+ ** as substr(X,1,N) - it returns the first N characters of X. This
+ ** is essentially a back-out of the bug-fix in check-in [5fc125d362df4b8]
+ ** from 2009-02-02 for compatibility of applications that exploited the
+ ** old buggy behavior. */
+ if( p1==0 ) p1 = 1; /* <rdar://problem/6778339> */
+#endif
+ if( argc==3 ){
+ p2 = sqlite3_value_int(argv[2]);
+ if( p2<0 ){
+ p2 = -p2;
+ negP2 = 1;
+ }
+ }else{
+ p2 = sqlite3_context_db_handle(context)->aLimit[SQLITE_LIMIT_LENGTH];
+ }
+ if( p1<0 ){
+ p1 += len;
+ if( p1<0 ){
+ p2 += p1;
+ if( p2<0 ) p2 = 0;
+ p1 = 0;
+ }
+ }else if( p1>0 ){
+ p1--;
+ }else if( p2>0 ){
+ p2--;
+ }
+ if( negP2 ){
+ p1 -= p2;
+ if( p1<0 ){
+ p2 += p1;
+ p1 = 0;
+ }
+ }
+ assert( p1>=0 && p2>=0 );
+ if( p0type!=SQLITE_BLOB ){
+ while( *z && p1 ){
+ SQLITE_SKIP_UTF8(z);
+ p1--;
+ }
+ for(z2=z; *z2 && p2; p2--){
+ SQLITE_SKIP_UTF8(z2);
+ }
+ sqlite3_result_text64(context, (char*)z, z2-z, SQLITE_TRANSIENT,
+ SQLITE_UTF8);
+ }else{
+ if( p1+p2>len ){
+ p2 = len-p1;
+ if( p2<0 ) p2 = 0;
+ }
+ sqlite3_result_blob64(context, (char*)&z[p1], (u64)p2, SQLITE_TRANSIENT);
+ }
+}
+
+/*
+** Implementation of the round() function
+*/
+#ifndef SQLITE_OMIT_FLOATING_POINT
+static void roundFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
+ int n = 0;
+ double r;
+ char *zBuf;
+ assert( argc==1 || argc==2 );
+ if( argc==2 ){
+ if( SQLITE_NULL==sqlite3_value_type(argv[1]) ) return;
+ n = sqlite3_value_int(argv[1]);
+ if( n>30 ) n = 30;
+ if( n<0 ) n = 0;
+ }
+ if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
+ r = sqlite3_value_double(argv[0]);
+ /* If Y==0 and X will fit in a 64-bit int,
+ ** handle the rounding directly,
+ ** otherwise use printf.
+ */
+ if( n==0 && r>=0 && r<LARGEST_INT64-1 ){
+ r = (double)((sqlite_int64)(r+0.5));
+ }else if( n==0 && r<0 && (-r)<LARGEST_INT64-1 ){
+ r = -(double)((sqlite_int64)((-r)+0.5));
+ }else{
+ zBuf = sqlite3_mprintf("%.*f",n,r);
+ if( zBuf==0 ){
+ sqlite3_result_error_nomem(context);
+ return;
+ }
+ sqlite3AtoF(zBuf, &r, sqlite3Strlen30(zBuf), SQLITE_UTF8);
+ sqlite3_free(zBuf);
+ }
+ sqlite3_result_double(context, r);
+}
+#endif
+
+/*
+** Allocate nByte bytes of space using sqlite3Malloc(). If the
+** allocation fails, call sqlite3_result_error_nomem() to notify
+** the database handle that malloc() has failed and return NULL.
+** If nByte is larger than the maximum string or blob length, then
+** raise an SQLITE_TOOBIG exception and return NULL.
+*/
+static void *contextMalloc(sqlite3_context *context, i64 nByte){
+ char *z;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ assert( nByte>0 );
+ testcase( nByte==db->aLimit[SQLITE_LIMIT_LENGTH] );
+ testcase( nByte==db->aLimit[SQLITE_LIMIT_LENGTH]+1 );
+ if( nByte>db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ sqlite3_result_error_toobig(context);
+ z = 0;
+ }else{
+ z = sqlite3Malloc(nByte);
+ if( !z ){
+ sqlite3_result_error_nomem(context);
+ }
+ }
+ return z;
+}
+
+/*
+** Implementation of the upper() and lower() SQL functions.
+*/
+static void upperFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
+ char *z1;
+ const char *z2;
+ int i, n;
+ UNUSED_PARAMETER(argc);
+ z2 = (char*)sqlite3_value_text(argv[0]);
+ n = sqlite3_value_bytes(argv[0]);
+ /* Verify that the call to _bytes() does not invalidate the _text() pointer */
+ assert( z2==(char*)sqlite3_value_text(argv[0]) );
+ if( z2 ){
+ z1 = contextMalloc(context, ((i64)n)+1);
+ if( z1 ){
+ for(i=0; i<n; i++){
+ z1[i] = (char)sqlite3Toupper(z2[i]);
+ }
+ sqlite3_result_text(context, z1, n, sqlite3_free);
+ }
+ }
+}
+static void lowerFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
+ char *z1;
+ const char *z2;
+ int i, n;
+ UNUSED_PARAMETER(argc);
+ z2 = (char*)sqlite3_value_text(argv[0]);
+ n = sqlite3_value_bytes(argv[0]);
+ /* Verify that the call to _bytes() does not invalidate the _text() pointer */
+ assert( z2==(char*)sqlite3_value_text(argv[0]) );
+ if( z2 ){
+ z1 = contextMalloc(context, ((i64)n)+1);
+ if( z1 ){
+ for(i=0; i<n; i++){
+ z1[i] = sqlite3Tolower(z2[i]);
+ }
+ sqlite3_result_text(context, z1, n, sqlite3_free);
+ }
+ }
+}
+
+/*
+** Some functions like COALESCE() and IFNULL() and UNLIKELY() are implemented
+** as VDBE code so that unused argument values do not have to be computed.
+** However, we still need some kind of function implementation for this
+** routines in the function table. The noopFunc macro provides this.
+** noopFunc will never be called so it doesn't matter what the implementation
+** is. We might as well use the "version()" function as a substitute.
+*/
+#define noopFunc versionFunc /* Substitute function - never called */
+
+/*
+** Implementation of random(). Return a random integer.
+*/
+static void randomFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ sqlite_int64 r;
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ sqlite3_randomness(sizeof(r), &r);
+ if( r<0 ){
+ /* We need to prevent a random number of 0x8000000000000000
+ ** (or -9223372036854775808) since when you do abs() of that
+ ** number of you get the same value back again. To do this
+ ** in a way that is testable, mask the sign bit off of negative
+ ** values, resulting in a positive value. Then take the
+ ** 2s complement of that positive value. The end result can
+ ** therefore be no less than -9223372036854775807.
+ */
+ r = -(r & LARGEST_INT64);
+ }
+ sqlite3_result_int64(context, r);
+}
+
+/*
+** Implementation of randomblob(N). Return a random blob
+** that is N bytes long.
+*/
+static void randomBlob(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int n;
+ unsigned char *p;
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ n = sqlite3_value_int(argv[0]);
+ if( n<1 ){
+ n = 1;
+ }
+ p = contextMalloc(context, n);
+ if( p ){
+ sqlite3_randomness(n, p);
+ sqlite3_result_blob(context, (char*)p, n, sqlite3_free);
+ }
+}
+
+/*
+** Implementation of the last_insert_rowid() SQL function. The return
+** value is the same as the sqlite3_last_insert_rowid() API function.
+*/
+static void last_insert_rowid(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ /* IMP: R-51513-12026 The last_insert_rowid() SQL function is a
+ ** wrapper around the sqlite3_last_insert_rowid() C/C++ interface
+ ** function. */
+ sqlite3_result_int64(context, sqlite3_last_insert_rowid(db));
+}
+
+/*
+** Implementation of the changes() SQL function.
+**
+** IMP: R-62073-11209 The changes() SQL function is a wrapper
+** around the sqlite3_changes() C/C++ function and hence follows the same
+** rules for counting changes.
+*/
+static void changes(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ sqlite3_result_int(context, sqlite3_changes(db));
+}
+
+/*
+** Implementation of the total_changes() SQL function. The return value is
+** the same as the sqlite3_total_changes() API function.
+*/
+static void total_changes(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ /* IMP: R-52756-41993 This function is a wrapper around the
+ ** sqlite3_total_changes() C/C++ interface. */
+ sqlite3_result_int(context, sqlite3_total_changes(db));
+}
+
+/*
+** A structure defining how to do GLOB-style comparisons.
+*/
+struct compareInfo {
+ u8 matchAll;
+ u8 matchOne;
+ u8 matchSet;
+ u8 noCase;
+};
+
+/*
+** For LIKE and GLOB matching on EBCDIC machines, assume that every
+** character is exactly one byte in size. Also, provde the Utf8Read()
+** macro for fast reading of the next character in the common case where
+** the next character is ASCII.
+*/
+#if defined(SQLITE_EBCDIC)
+# define sqlite3Utf8Read(A) (*((*A)++))
+# define Utf8Read(A) (*(A++))
+#else
+# define Utf8Read(A) (A[0]<0x80?*(A++):sqlite3Utf8Read(&A))
+#endif
+
+static const struct compareInfo globInfo = { '*', '?', '[', 0 };
+/* The correct SQL-92 behavior is for the LIKE operator to ignore
+** case. Thus 'a' LIKE 'A' would be true. */
+static const struct compareInfo likeInfoNorm = { '%', '_', 0, 1 };
+/* If SQLITE_CASE_SENSITIVE_LIKE is defined, then the LIKE operator
+** is case sensitive causing 'a' LIKE 'A' to be false */
+static const struct compareInfo likeInfoAlt = { '%', '_', 0, 0 };
+
+/*
+** Compare two UTF-8 strings for equality where the first string can
+** potentially be a "glob" or "like" expression. Return true (1) if they
+** are the same and false (0) if they are different.
+**
+** Globbing rules:
+**
+** '*' Matches any sequence of zero or more characters.
+**
+** '?' Matches exactly one character.
+**
+** [...] Matches one character from the enclosed list of
+** characters.
+**
+** [^...] Matches one character not in the enclosed list.
+**
+** With the [...] and [^...] matching, a ']' character can be included
+** in the list by making it the first character after '[' or '^'. A
+** range of characters can be specified using '-'. Example:
+** "[a-z]" matches any single lower-case letter. To match a '-', make
+** it the last character in the list.
+**
+** Like matching rules:
+**
+** '%' Matches any sequence of zero or more characters
+**
+*** '_' Matches any one character
+**
+** Ec Where E is the "esc" character and c is any other
+** character, including '%', '_', and esc, match exactly c.
+**
+** The comments within this routine usually assume glob matching.
+**
+** This routine is usually quick, but can be N**2 in the worst case.
+*/
+static int patternCompare(
+ const u8 *zPattern, /* The glob pattern */
+ const u8 *zString, /* The string to compare against the glob */
+ const struct compareInfo *pInfo, /* Information about how to do the compare */
+ u32 esc /* The escape character */
+){
+ u32 c, c2; /* Next pattern and input string chars */
+ u32 matchOne = pInfo->matchOne; /* "?" or "_" */
+ u32 matchAll = pInfo->matchAll; /* "*" or "%" */
+ u32 matchOther; /* "[" or the escape character */
+ u8 noCase = pInfo->noCase; /* True if uppercase==lowercase */
+ const u8 *zEscaped = 0; /* One past the last escaped input char */
+
+ /* The GLOB operator does not have an ESCAPE clause. And LIKE does not
+ ** have the matchSet operator. So we either have to look for one or
+ ** the other, never both. Hence the single variable matchOther is used
+ ** to store the one we have to look for.
+ */
+ matchOther = esc ? esc : pInfo->matchSet;
+
+ while( (c = Utf8Read(zPattern))!=0 ){
+ if( c==matchAll ){ /* Match "*" */
+ /* Skip over multiple "*" characters in the pattern. If there
+ ** are also "?" characters, skip those as well, but consume a
+ ** single character of the input string for each "?" skipped */
+ while( (c=Utf8Read(zPattern)) == matchAll || c == matchOne ){
+ if( c==matchOne && sqlite3Utf8Read(&zString)==0 ){
+ return 0;
+ }
+ }
+ if( c==0 ){
+ return 1; /* "*" at the end of the pattern matches */
+ }else if( c==matchOther ){
+ if( esc ){
+ c = sqlite3Utf8Read(&zPattern);
+ if( c==0 ) return 0;
+ }else{
+ /* "[...]" immediately follows the "*". We have to do a slow
+ ** recursive search in this case, but it is an unusual case. */
+ assert( matchOther<0x80 ); /* '[' is a single-byte character */
+ while( *zString
+ && patternCompare(&zPattern[-1],zString,pInfo,esc)==0 ){
+ SQLITE_SKIP_UTF8(zString);
+ }
+ return *zString!=0;
+ }
+ }
+
+ /* At this point variable c contains the first character of the
+ ** pattern string past the "*". Search in the input string for the
+ ** first matching character and recursively contine the match from
+ ** that point.
+ **
+ ** For a case-insensitive search, set variable cx to be the same as
+ ** c but in the other case and search the input string for either
+ ** c or cx.
+ */
+ if( c<=0x80 ){
+ u32 cx;
+ if( noCase ){
+ cx = sqlite3Toupper(c);
+ c = sqlite3Tolower(c);
+ }else{
+ cx = c;
+ }
+ while( (c2 = *(zString++))!=0 ){
+ if( c2!=c && c2!=cx ) continue;
+ if( patternCompare(zPattern,zString,pInfo,esc) ) return 1;
+ }
+ }else{
+ while( (c2 = Utf8Read(zString))!=0 ){
+ if( c2!=c ) continue;
+ if( patternCompare(zPattern,zString,pInfo,esc) ) return 1;
+ }
+ }
+ return 0;
+ }
+ if( c==matchOther ){
+ if( esc ){
+ c = sqlite3Utf8Read(&zPattern);
+ if( c==0 ) return 0;
+ zEscaped = zPattern;
+ }else{
+ u32 prior_c = 0;
+ int seen = 0;
+ int invert = 0;
+ c = sqlite3Utf8Read(&zString);
+ if( c==0 ) return 0;
+ c2 = sqlite3Utf8Read(&zPattern);
+ if( c2=='^' ){
+ invert = 1;
+ c2 = sqlite3Utf8Read(&zPattern);
+ }
+ if( c2==']' ){
+ if( c==']' ) seen = 1;
+ c2 = sqlite3Utf8Read(&zPattern);
+ }
+ while( c2 && c2!=']' ){
+ if( c2=='-' && zPattern[0]!=']' && zPattern[0]!=0 && prior_c>0 ){
+ c2 = sqlite3Utf8Read(&zPattern);
+ if( c>=prior_c && c<=c2 ) seen = 1;
+ prior_c = 0;
+ }else{
+ if( c==c2 ){
+ seen = 1;
+ }
+ prior_c = c2;
+ }
+ c2 = sqlite3Utf8Read(&zPattern);
+ }
+ if( c2==0 || (seen ^ invert)==0 ){
+ return 0;
+ }
+ continue;
+ }
+ }
+ c2 = Utf8Read(zString);
+ if( c==c2 ) continue;
+ if( noCase && c<0x80 && c2<0x80 && sqlite3Tolower(c)==sqlite3Tolower(c2) ){
+ continue;
+ }
+ if( c==matchOne && zPattern!=zEscaped && c2!=0 ) continue;
+ return 0;
+ }
+ return *zString==0;
+}
+
+/*
+** The sqlite3_strglob() interface.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_strglob(const char *zGlobPattern, const char *zString){
+ return patternCompare((u8*)zGlobPattern, (u8*)zString, &globInfo, 0)==0;
+}
+
+/*
+** The sqlite3_strlike() interface.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_strlike(const char *zPattern, const char *zStr, unsigned int esc){
+ return patternCompare((u8*)zPattern, (u8*)zStr, &likeInfoNorm, esc)==0;
+}
+
+/*
+** Count the number of times that the LIKE operator (or GLOB which is
+** just a variation of LIKE) gets called. This is used for testing
+** only.
+*/
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_like_count = 0;
+#endif
+
+
+/*
+** Implementation of the like() SQL function. This function implements
+** the build-in LIKE operator. The first argument to the function is the
+** pattern and the second argument is the string. So, the SQL statements:
+**
+** A LIKE B
+**
+** is implemented as like(B,A).
+**
+** This same function (with a different compareInfo structure) computes
+** the GLOB operator.
+*/
+static void likeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *zA, *zB;
+ u32 escape = 0;
+ int nPat;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+
+#ifdef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ if( sqlite3_value_type(argv[0])==SQLITE_BLOB
+ || sqlite3_value_type(argv[1])==SQLITE_BLOB
+ ){
+#ifdef SQLITE_TEST
+ sqlite3_like_count++;
+#endif
+ sqlite3_result_int(context, 0);
+ return;
+ }
+#endif
+ zB = sqlite3_value_text(argv[0]);
+ zA = sqlite3_value_text(argv[1]);
+
+ /* Limit the length of the LIKE or GLOB pattern to avoid problems
+ ** of deep recursion and N*N behavior in patternCompare().
+ */
+ nPat = sqlite3_value_bytes(argv[0]);
+ testcase( nPat==db->aLimit[SQLITE_LIMIT_LIKE_PATTERN_LENGTH] );
+ testcase( nPat==db->aLimit[SQLITE_LIMIT_LIKE_PATTERN_LENGTH]+1 );
+ if( nPat > db->aLimit[SQLITE_LIMIT_LIKE_PATTERN_LENGTH] ){
+ sqlite3_result_error(context, "LIKE or GLOB pattern too complex", -1);
+ return;
+ }
+ assert( zB==sqlite3_value_text(argv[0]) ); /* Encoding did not change */
+
+ if( argc==3 ){
+ /* The escape character string must consist of a single UTF-8 character.
+ ** Otherwise, return an error.
+ */
+ const unsigned char *zEsc = sqlite3_value_text(argv[2]);
+ if( zEsc==0 ) return;
+ if( sqlite3Utf8CharLen((char*)zEsc, -1)!=1 ){
+ sqlite3_result_error(context,
+ "ESCAPE expression must be a single character", -1);
+ return;
+ }
+ escape = sqlite3Utf8Read(&zEsc);
+ }
+ if( zA && zB ){
+ struct compareInfo *pInfo = sqlite3_user_data(context);
+#ifdef SQLITE_TEST
+ sqlite3_like_count++;
+#endif
+
+ sqlite3_result_int(context, patternCompare(zB, zA, pInfo, escape));
+ }
+}
+
+/*
+** Implementation of the NULLIF(x,y) function. The result is the first
+** argument if the arguments are different. The result is NULL if the
+** arguments are equal to each other.
+*/
+static void nullifFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ CollSeq *pColl = sqlite3GetFuncCollSeq(context);
+ UNUSED_PARAMETER(NotUsed);
+ if( sqlite3MemCompare(argv[0], argv[1], pColl)!=0 ){
+ sqlite3_result_value(context, argv[0]);
+ }
+}
+
+/*
+** Implementation of the sqlite_version() function. The result is the version
+** of the SQLite library that is running.
+*/
+static void versionFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ /* IMP: R-48699-48617 This function is an SQL wrapper around the
+ ** sqlite3_libversion() C-interface. */
+ sqlite3_result_text(context, sqlite3_libversion(), -1, SQLITE_STATIC);
+}
+
+/*
+** Implementation of the sqlite_source_id() function. The result is a string
+** that identifies the particular version of the source code used to build
+** SQLite.
+*/
+static void sourceidFunc(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **NotUsed2
+){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ /* IMP: R-24470-31136 This function is an SQL wrapper around the
+ ** sqlite3_sourceid() C interface. */
+ sqlite3_result_text(context, sqlite3_sourceid(), -1, SQLITE_STATIC);
+}
+
+/*
+** Implementation of the sqlite_log() function. This is a wrapper around
+** sqlite3_log(). The return value is NULL. The function exists purely for
+** its side-effects.
+*/
+static void errlogFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ UNUSED_PARAMETER(argc);
+ UNUSED_PARAMETER(context);
+ sqlite3_log(sqlite3_value_int(argv[0]), "%s", sqlite3_value_text(argv[1]));
+}
+
+/*
+** Implementation of the sqlite_compileoption_used() function.
+** The result is an integer that identifies if the compiler option
+** was used to build SQLite.
+*/
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+static void compileoptionusedFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const char *zOptName;
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ /* IMP: R-39564-36305 The sqlite_compileoption_used() SQL
+ ** function is a wrapper around the sqlite3_compileoption_used() C/C++
+ ** function.
+ */
+ if( (zOptName = (const char*)sqlite3_value_text(argv[0]))!=0 ){
+ sqlite3_result_int(context, sqlite3_compileoption_used(zOptName));
+ }
+}
+#endif /* SQLITE_OMIT_COMPILEOPTION_DIAGS */
+
+/*
+** Implementation of the sqlite_compileoption_get() function.
+** The result is a string that identifies the compiler options
+** used to build SQLite.
+*/
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+static void compileoptiongetFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int n;
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ /* IMP: R-04922-24076 The sqlite_compileoption_get() SQL function
+ ** is a wrapper around the sqlite3_compileoption_get() C/C++ function.
+ */
+ n = sqlite3_value_int(argv[0]);
+ sqlite3_result_text(context, sqlite3_compileoption_get(n), -1, SQLITE_STATIC);
+}
+#endif /* SQLITE_OMIT_COMPILEOPTION_DIAGS */
+
+/* Array for converting from half-bytes (nybbles) into ASCII hex
+** digits. */
+static const char hexdigits[] = {
+ '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
+};
+
+/*
+** Implementation of the QUOTE() function. This function takes a single
+** argument. If the argument is numeric, the return value is the same as
+** the argument. If the argument is NULL, the return value is the string
+** "NULL". Otherwise, the argument is enclosed in single quotes with
+** single-quote escapes.
+*/
+static void quoteFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ switch( sqlite3_value_type(argv[0]) ){
+ case SQLITE_FLOAT: {
+ double r1, r2;
+ char zBuf[50];
+ r1 = sqlite3_value_double(argv[0]);
+ sqlite3_snprintf(sizeof(zBuf), zBuf, "%!.15g", r1);
+ sqlite3AtoF(zBuf, &r2, 20, SQLITE_UTF8);
+ if( r1!=r2 ){
+ sqlite3_snprintf(sizeof(zBuf), zBuf, "%!.20e", r1);
+ }
+ sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+ break;
+ }
+ case SQLITE_INTEGER: {
+ sqlite3_result_value(context, argv[0]);
+ break;
+ }
+ case SQLITE_BLOB: {
+ char *zText = 0;
+ char const *zBlob = sqlite3_value_blob(argv[0]);
+ int nBlob = sqlite3_value_bytes(argv[0]);
+ assert( zBlob==sqlite3_value_blob(argv[0]) ); /* No encoding change */
+ zText = (char *)contextMalloc(context, (2*(i64)nBlob)+4);
+ if( zText ){
+ int i;
+ for(i=0; i<nBlob; i++){
+ zText[(i*2)+2] = hexdigits[(zBlob[i]>>4)&0x0F];
+ zText[(i*2)+3] = hexdigits[(zBlob[i])&0x0F];
+ }
+ zText[(nBlob*2)+2] = '\'';
+ zText[(nBlob*2)+3] = '\0';
+ zText[0] = 'X';
+ zText[1] = '\'';
+ sqlite3_result_text(context, zText, -1, SQLITE_TRANSIENT);
+ sqlite3_free(zText);
+ }
+ break;
+ }
+ case SQLITE_TEXT: {
+ int i,j;
+ u64 n;
+ const unsigned char *zArg = sqlite3_value_text(argv[0]);
+ char *z;
+
+ if( zArg==0 ) return;
+ for(i=0, n=0; zArg[i]; i++){ if( zArg[i]=='\'' ) n++; }
+ z = contextMalloc(context, ((i64)i)+((i64)n)+3);
+ if( z ){
+ z[0] = '\'';
+ for(i=0, j=1; zArg[i]; i++){
+ z[j++] = zArg[i];
+ if( zArg[i]=='\'' ){
+ z[j++] = '\'';
+ }
+ }
+ z[j++] = '\'';
+ z[j] = 0;
+ sqlite3_result_text(context, z, j, sqlite3_free);
+ }
+ break;
+ }
+ default: {
+ assert( sqlite3_value_type(argv[0])==SQLITE_NULL );
+ sqlite3_result_text(context, "NULL", 4, SQLITE_STATIC);
+ break;
+ }
+ }
+}
+
+/*
+** The unicode() function. Return the integer unicode code-point value
+** for the first character of the input string.
+*/
+static void unicodeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *z = sqlite3_value_text(argv[0]);
+ (void)argc;
+ if( z && z[0] ) sqlite3_result_int(context, sqlite3Utf8Read(&z));
+}
+
+/*
+** The char() function takes zero or more arguments, each of which is
+** an integer. It constructs a string where each character of the string
+** is the unicode character for the corresponding integer argument.
+*/
+static void charFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ unsigned char *z, *zOut;
+ int i;
+ zOut = z = sqlite3_malloc64( argc*4+1 );
+ if( z==0 ){
+ sqlite3_result_error_nomem(context);
+ return;
+ }
+ for(i=0; i<argc; i++){
+ sqlite3_int64 x;
+ unsigned c;
+ x = sqlite3_value_int64(argv[i]);
+ if( x<0 || x>0x10ffff ) x = 0xfffd;
+ c = (unsigned)(x & 0x1fffff);
+ if( c<0x00080 ){
+ *zOut++ = (u8)(c&0xFF);
+ }else if( c<0x00800 ){
+ *zOut++ = 0xC0 + (u8)((c>>6)&0x1F);
+ *zOut++ = 0x80 + (u8)(c & 0x3F);
+ }else if( c<0x10000 ){
+ *zOut++ = 0xE0 + (u8)((c>>12)&0x0F);
+ *zOut++ = 0x80 + (u8)((c>>6) & 0x3F);
+ *zOut++ = 0x80 + (u8)(c & 0x3F);
+ }else{
+ *zOut++ = 0xF0 + (u8)((c>>18) & 0x07);
+ *zOut++ = 0x80 + (u8)((c>>12) & 0x3F);
+ *zOut++ = 0x80 + (u8)((c>>6) & 0x3F);
+ *zOut++ = 0x80 + (u8)(c & 0x3F);
+ } \
+ }
+ sqlite3_result_text64(context, (char*)z, zOut-z, sqlite3_free, SQLITE_UTF8);
+}
+
+/*
+** The hex() function. Interpret the argument as a blob. Return
+** a hexadecimal rendering as text.
+*/
+static void hexFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int i, n;
+ const unsigned char *pBlob;
+ char *zHex, *z;
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ pBlob = sqlite3_value_blob(argv[0]);
+ n = sqlite3_value_bytes(argv[0]);
+ assert( pBlob==sqlite3_value_blob(argv[0]) ); /* No encoding change */
+ z = zHex = contextMalloc(context, ((i64)n)*2 + 1);
+ if( zHex ){
+ for(i=0; i<n; i++, pBlob++){
+ unsigned char c = *pBlob;
+ *(z++) = hexdigits[(c>>4)&0xf];
+ *(z++) = hexdigits[c&0xf];
+ }
+ *z = 0;
+ sqlite3_result_text(context, zHex, n*2, sqlite3_free);
+ }
+}
+
+/*
+** The zeroblob(N) function returns a zero-filled blob of size N bytes.
+*/
+static void zeroblobFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ i64 n;
+ int rc;
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ n = sqlite3_value_int64(argv[0]);
+ if( n<0 ) n = 0;
+ rc = sqlite3_result_zeroblob64(context, n); /* IMP: R-00293-64994 */
+ if( rc ){
+ sqlite3_result_error_code(context, rc);
+ }
+}
+
+/*
+** The replace() function. Three arguments are all strings: call
+** them A, B, and C. The result is also a string which is derived
+** from A by replacing every occurrence of B with C. The match
+** must be exact. Collating sequences are not used.
+*/
+static void replaceFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *zStr; /* The input string A */
+ const unsigned char *zPattern; /* The pattern string B */
+ const unsigned char *zRep; /* The replacement string C */
+ unsigned char *zOut; /* The output */
+ int nStr; /* Size of zStr */
+ int nPattern; /* Size of zPattern */
+ int nRep; /* Size of zRep */
+ i64 nOut; /* Maximum size of zOut */
+ int loopLimit; /* Last zStr[] that might match zPattern[] */
+ int i, j; /* Loop counters */
+
+ assert( argc==3 );
+ UNUSED_PARAMETER(argc);
+ zStr = sqlite3_value_text(argv[0]);
+ if( zStr==0 ) return;
+ nStr = sqlite3_value_bytes(argv[0]);
+ assert( zStr==sqlite3_value_text(argv[0]) ); /* No encoding change */
+ zPattern = sqlite3_value_text(argv[1]);
+ if( zPattern==0 ){
+ assert( sqlite3_value_type(argv[1])==SQLITE_NULL
+ || sqlite3_context_db_handle(context)->mallocFailed );
+ return;
+ }
+ if( zPattern[0]==0 ){
+ assert( sqlite3_value_type(argv[1])!=SQLITE_NULL );
+ sqlite3_result_value(context, argv[0]);
+ return;
+ }
+ nPattern = sqlite3_value_bytes(argv[1]);
+ assert( zPattern==sqlite3_value_text(argv[1]) ); /* No encoding change */
+ zRep = sqlite3_value_text(argv[2]);
+ if( zRep==0 ) return;
+ nRep = sqlite3_value_bytes(argv[2]);
+ assert( zRep==sqlite3_value_text(argv[2]) );
+ nOut = nStr + 1;
+ assert( nOut<SQLITE_MAX_LENGTH );
+ zOut = contextMalloc(context, (i64)nOut);
+ if( zOut==0 ){
+ return;
+ }
+ loopLimit = nStr - nPattern;
+ for(i=j=0; i<=loopLimit; i++){
+ if( zStr[i]!=zPattern[0] || memcmp(&zStr[i], zPattern, nPattern) ){
+ zOut[j++] = zStr[i];
+ }else{
+ u8 *zOld;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ nOut += nRep - nPattern;
+ testcase( nOut-1==db->aLimit[SQLITE_LIMIT_LENGTH] );
+ testcase( nOut-2==db->aLimit[SQLITE_LIMIT_LENGTH] );
+ if( nOut-1>db->aLimit[SQLITE_LIMIT_LENGTH] ){
+ sqlite3_result_error_toobig(context);
+ sqlite3_free(zOut);
+ return;
+ }
+ zOld = zOut;
+ zOut = sqlite3_realloc64(zOut, (int)nOut);
+ if( zOut==0 ){
+ sqlite3_result_error_nomem(context);
+ sqlite3_free(zOld);
+ return;
+ }
+ memcpy(&zOut[j], zRep, nRep);
+ j += nRep;
+ i += nPattern-1;
+ }
+ }
+ assert( j+nStr-i+1==nOut );
+ memcpy(&zOut[j], &zStr[i], nStr-i);
+ j += nStr - i;
+ assert( j<=nOut );
+ zOut[j] = 0;
+ sqlite3_result_text(context, (char*)zOut, j, sqlite3_free);
+}
+
+/*
+** Implementation of the TRIM(), LTRIM(), and RTRIM() functions.
+** The userdata is 0x1 for left trim, 0x2 for right trim, 0x3 for both.
+*/
+static void trimFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *zIn; /* Input string */
+ const unsigned char *zCharSet; /* Set of characters to trim */
+ int nIn; /* Number of bytes in input */
+ int flags; /* 1: trimleft 2: trimright 3: trim */
+ int i; /* Loop counter */
+ unsigned char *aLen = 0; /* Length of each character in zCharSet */
+ unsigned char **azChar = 0; /* Individual characters in zCharSet */
+ int nChar; /* Number of characters in zCharSet */
+
+ if( sqlite3_value_type(argv[0])==SQLITE_NULL ){
+ return;
+ }
+ zIn = sqlite3_value_text(argv[0]);
+ if( zIn==0 ) return;
+ nIn = sqlite3_value_bytes(argv[0]);
+ assert( zIn==sqlite3_value_text(argv[0]) );
+ if( argc==1 ){
+ static const unsigned char lenOne[] = { 1 };
+ static unsigned char * const azOne[] = { (u8*)" " };
+ nChar = 1;
+ aLen = (u8*)lenOne;
+ azChar = (unsigned char **)azOne;
+ zCharSet = 0;
+ }else if( (zCharSet = sqlite3_value_text(argv[1]))==0 ){
+ return;
+ }else{
+ const unsigned char *z;
+ for(z=zCharSet, nChar=0; *z; nChar++){
+ SQLITE_SKIP_UTF8(z);
+ }
+ if( nChar>0 ){
+ azChar = contextMalloc(context, ((i64)nChar)*(sizeof(char*)+1));
+ if( azChar==0 ){
+ return;
+ }
+ aLen = (unsigned char*)&azChar[nChar];
+ for(z=zCharSet, nChar=0; *z; nChar++){
+ azChar[nChar] = (unsigned char *)z;
+ SQLITE_SKIP_UTF8(z);
+ aLen[nChar] = (u8)(z - azChar[nChar]);
+ }
+ }
+ }
+ if( nChar>0 ){
+ flags = SQLITE_PTR_TO_INT(sqlite3_user_data(context));
+ if( flags & 1 ){
+ while( nIn>0 ){
+ int len = 0;
+ for(i=0; i<nChar; i++){
+ len = aLen[i];
+ if( len<=nIn && memcmp(zIn, azChar[i], len)==0 ) break;
+ }
+ if( i>=nChar ) break;
+ zIn += len;
+ nIn -= len;
+ }
+ }
+ if( flags & 2 ){
+ while( nIn>0 ){
+ int len = 0;
+ for(i=0; i<nChar; i++){
+ len = aLen[i];
+ if( len<=nIn && memcmp(&zIn[nIn-len],azChar[i],len)==0 ) break;
+ }
+ if( i>=nChar ) break;
+ nIn -= len;
+ }
+ }
+ if( zCharSet ){
+ sqlite3_free(azChar);
+ }
+ }
+ sqlite3_result_text(context, (char*)zIn, nIn, SQLITE_TRANSIENT);
+}
+
+
+/* IMP: R-25361-16150 This function is omitted from SQLite by default. It
+** is only available if the SQLITE_SOUNDEX compile-time option is used
+** when SQLite is built.
+*/
+#ifdef SQLITE_SOUNDEX
+/*
+** Compute the soundex encoding of a word.
+**
+** IMP: R-59782-00072 The soundex(X) function returns a string that is the
+** soundex encoding of the string X.
+*/
+static void soundexFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ char zResult[8];
+ const u8 *zIn;
+ int i, j;
+ static const unsigned char iCode[] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 1, 2, 3, 0, 1, 2, 0, 0, 2, 2, 4, 5, 5, 0,
+ 1, 2, 6, 2, 3, 0, 1, 0, 2, 0, 2, 0, 0, 0, 0, 0,
+ 0, 0, 1, 2, 3, 0, 1, 2, 0, 0, 2, 2, 4, 5, 5, 0,
+ 1, 2, 6, 2, 3, 0, 1, 0, 2, 0, 2, 0, 0, 0, 0, 0,
+ };
+ assert( argc==1 );
+ zIn = (u8*)sqlite3_value_text(argv[0]);
+ if( zIn==0 ) zIn = (u8*)"";
+ for(i=0; zIn[i] && !sqlite3Isalpha(zIn[i]); i++){}
+ if( zIn[i] ){
+ u8 prevcode = iCode[zIn[i]&0x7f];
+ zResult[0] = sqlite3Toupper(zIn[i]);
+ for(j=1; j<4 && zIn[i]; i++){
+ int code = iCode[zIn[i]&0x7f];
+ if( code>0 ){
+ if( code!=prevcode ){
+ prevcode = code;
+ zResult[j++] = code + '0';
+ }
+ }else{
+ prevcode = 0;
+ }
+ }
+ while( j<4 ){
+ zResult[j++] = '0';
+ }
+ zResult[j] = 0;
+ sqlite3_result_text(context, zResult, 4, SQLITE_TRANSIENT);
+ }else{
+ /* IMP: R-64894-50321 The string "?000" is returned if the argument
+ ** is NULL or contains no ASCII alphabetic characters. */
+ sqlite3_result_text(context, "?000", 4, SQLITE_STATIC);
+ }
+}
+#endif /* SQLITE_SOUNDEX */
+
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+/*
+** A function that loads a shared-library extension then returns NULL.
+*/
+static void loadExt(sqlite3_context *context, int argc, sqlite3_value **argv){
+ const char *zFile = (const char *)sqlite3_value_text(argv[0]);
+ const char *zProc;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ char *zErrMsg = 0;
+
+ if( argc==2 ){
+ zProc = (const char *)sqlite3_value_text(argv[1]);
+ }else{
+ zProc = 0;
+ }
+ if( zFile && sqlite3_load_extension(db, zFile, zProc, &zErrMsg) ){
+ sqlite3_result_error(context, zErrMsg, -1);
+ sqlite3_free(zErrMsg);
+ }
+}
+#endif
+
+
+/*
+** An instance of the following structure holds the context of a
+** sum() or avg() aggregate computation.
+*/
+typedef struct SumCtx SumCtx;
+struct SumCtx {
+ double rSum; /* Floating point sum */
+ i64 iSum; /* Integer sum */
+ i64 cnt; /* Number of elements summed */
+ u8 overflow; /* True if integer overflow seen */
+ u8 approx; /* True if non-integer value was input to the sum */
+};
+
+/*
+** Routines used to compute the sum, average, and total.
+**
+** The SUM() function follows the (broken) SQL standard which means
+** that it returns NULL if it sums over no inputs. TOTAL returns
+** 0.0 in that case. In addition, TOTAL always returns a float where
+** SUM might return an integer if it never encounters a floating point
+** value. TOTAL never fails, but SUM might through an exception if
+** it overflows an integer.
+*/
+static void sumStep(sqlite3_context *context, int argc, sqlite3_value **argv){
+ SumCtx *p;
+ int type;
+ assert( argc==1 );
+ UNUSED_PARAMETER(argc);
+ p = sqlite3_aggregate_context(context, sizeof(*p));
+ type = sqlite3_value_numeric_type(argv[0]);
+ if( p && type!=SQLITE_NULL ){
+ p->cnt++;
+ if( type==SQLITE_INTEGER ){
+ i64 v = sqlite3_value_int64(argv[0]);
+ p->rSum += v;
+ if( (p->approx|p->overflow)==0 && sqlite3AddInt64(&p->iSum, v) ){
+ p->overflow = 1;
+ }
+ }else{
+ p->rSum += sqlite3_value_double(argv[0]);
+ p->approx = 1;
+ }
+ }
+}
+static void sumFinalize(sqlite3_context *context){
+ SumCtx *p;
+ p = sqlite3_aggregate_context(context, 0);
+ if( p && p->cnt>0 ){
+ if( p->overflow ){
+ sqlite3_result_error(context,"integer overflow",-1);
+ }else if( p->approx ){
+ sqlite3_result_double(context, p->rSum);
+ }else{
+ sqlite3_result_int64(context, p->iSum);
+ }
+ }
+}
+static void avgFinalize(sqlite3_context *context){
+ SumCtx *p;
+ p = sqlite3_aggregate_context(context, 0);
+ if( p && p->cnt>0 ){
+ sqlite3_result_double(context, p->rSum/(double)p->cnt);
+ }
+}
+static void totalFinalize(sqlite3_context *context){
+ SumCtx *p;
+ p = sqlite3_aggregate_context(context, 0);
+ /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
+ sqlite3_result_double(context, p ? p->rSum : (double)0);
+}
+
+/*
+** The following structure keeps track of state information for the
+** count() aggregate function.
+*/
+typedef struct CountCtx CountCtx;
+struct CountCtx {
+ i64 n;
+};
+
+/*
+** Routines to implement the count() aggregate function.
+*/
+static void countStep(sqlite3_context *context, int argc, sqlite3_value **argv){
+ CountCtx *p;
+ p = sqlite3_aggregate_context(context, sizeof(*p));
+ if( (argc==0 || SQLITE_NULL!=sqlite3_value_type(argv[0])) && p ){
+ p->n++;
+ }
+
+#ifndef SQLITE_OMIT_DEPRECATED
+ /* The sqlite3_aggregate_count() function is deprecated. But just to make
+ ** sure it still operates correctly, verify that its count agrees with our
+ ** internal count when using count(*) and when the total count can be
+ ** expressed as a 32-bit integer. */
+ assert( argc==1 || p==0 || p->n>0x7fffffff
+ || p->n==sqlite3_aggregate_count(context) );
+#endif
+}
+static void countFinalize(sqlite3_context *context){
+ CountCtx *p;
+ p = sqlite3_aggregate_context(context, 0);
+ sqlite3_result_int64(context, p ? p->n : 0);
+}
+
+/*
+** Routines to implement min() and max() aggregate functions.
+*/
+static void minmaxStep(
+ sqlite3_context *context,
+ int NotUsed,
+ sqlite3_value **argv
+){
+ Mem *pArg = (Mem *)argv[0];
+ Mem *pBest;
+ UNUSED_PARAMETER(NotUsed);
+
+ pBest = (Mem *)sqlite3_aggregate_context(context, sizeof(*pBest));
+ if( !pBest ) return;
+
+ if( sqlite3_value_type(argv[0])==SQLITE_NULL ){
+ if( pBest->flags ) sqlite3SkipAccumulatorLoad(context);
+ }else if( pBest->flags ){
+ int max;
+ int cmp;
+ CollSeq *pColl = sqlite3GetFuncCollSeq(context);
+ /* This step function is used for both the min() and max() aggregates,
+ ** the only difference between the two being that the sense of the
+ ** comparison is inverted. For the max() aggregate, the
+ ** sqlite3_user_data() function returns (void *)-1. For min() it
+ ** returns (void *)db, where db is the sqlite3* database pointer.
+ ** Therefore the next statement sets variable 'max' to 1 for the max()
+ ** aggregate, or 0 for min().
+ */
+ max = sqlite3_user_data(context)!=0;
+ cmp = sqlite3MemCompare(pBest, pArg, pColl);
+ if( (max && cmp<0) || (!max && cmp>0) ){
+ sqlite3VdbeMemCopy(pBest, pArg);
+ }else{
+ sqlite3SkipAccumulatorLoad(context);
+ }
+ }else{
+ pBest->db = sqlite3_context_db_handle(context);
+ sqlite3VdbeMemCopy(pBest, pArg);
+ }
+}
+static void minMaxFinalize(sqlite3_context *context){
+ sqlite3_value *pRes;
+ pRes = (sqlite3_value *)sqlite3_aggregate_context(context, 0);
+ if( pRes ){
+ if( pRes->flags ){
+ sqlite3_result_value(context, pRes);
+ }
+ sqlite3VdbeMemRelease(pRes);
+ }
+}
+
+/*
+** group_concat(EXPR, ?SEPARATOR?)
+*/
+static void groupConcatStep(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const char *zVal;
+ StrAccum *pAccum;
+ const char *zSep;
+ int nVal, nSep;
+ assert( argc==1 || argc==2 );
+ if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
+ pAccum = (StrAccum*)sqlite3_aggregate_context(context, sizeof(*pAccum));
+
+ if( pAccum ){
+ sqlite3 *db = sqlite3_context_db_handle(context);
+ int firstTerm = pAccum->mxAlloc==0;
+ pAccum->mxAlloc = db->aLimit[SQLITE_LIMIT_LENGTH];
+ if( !firstTerm ){
+ if( argc==2 ){
+ zSep = (char*)sqlite3_value_text(argv[1]);
+ nSep = sqlite3_value_bytes(argv[1]);
+ }else{
+ zSep = ",";
+ nSep = 1;
+ }
+ if( nSep ) sqlite3StrAccumAppend(pAccum, zSep, nSep);
+ }
+ zVal = (char*)sqlite3_value_text(argv[0]);
+ nVal = sqlite3_value_bytes(argv[0]);
+ if( zVal ) sqlite3StrAccumAppend(pAccum, zVal, nVal);
+ }
+}
+static void groupConcatFinalize(sqlite3_context *context){
+ StrAccum *pAccum;
+ pAccum = sqlite3_aggregate_context(context, 0);
+ if( pAccum ){
+ if( pAccum->accError==STRACCUM_TOOBIG ){
+ sqlite3_result_error_toobig(context);
+ }else if( pAccum->accError==STRACCUM_NOMEM ){
+ sqlite3_result_error_nomem(context);
+ }else{
+ sqlite3_result_text(context, sqlite3StrAccumFinish(pAccum), -1,
+ sqlite3_free);
+ }
+ }
+}
+
+/*
+** This routine does per-connection function registration. Most
+** of the built-in functions above are part of the global function set.
+** This routine only deals with those that are not global.
+*/
+SQLITE_PRIVATE void sqlite3RegisterBuiltinFunctions(sqlite3 *db){
+ int rc = sqlite3_overload_function(db, "MATCH", 2);
+ assert( rc==SQLITE_NOMEM || rc==SQLITE_OK );
+ if( rc==SQLITE_NOMEM ){
+ db->mallocFailed = 1;
+ }
+}
+
+/*
+** Set the LIKEOPT flag on the 2-argument function with the given name.
+*/
+static void setLikeOptFlag(sqlite3 *db, const char *zName, u8 flagVal){
+ FuncDef *pDef;
+ pDef = sqlite3FindFunction(db, zName, sqlite3Strlen30(zName),
+ 2, SQLITE_UTF8, 0);
+ if( ALWAYS(pDef) ){
+ pDef->funcFlags |= flagVal;
+ }
+}
+
+/*
+** Register the built-in LIKE and GLOB functions. The caseSensitive
+** parameter determines whether or not the LIKE operator is case
+** sensitive. GLOB is always case sensitive.
+*/
+SQLITE_PRIVATE void sqlite3RegisterLikeFunctions(sqlite3 *db, int caseSensitive){
+ struct compareInfo *pInfo;
+ if( caseSensitive ){
+ pInfo = (struct compareInfo*)&likeInfoAlt;
+ }else{
+ pInfo = (struct compareInfo*)&likeInfoNorm;
+ }
+ sqlite3CreateFunc(db, "like", 2, SQLITE_UTF8, pInfo, likeFunc, 0, 0, 0);
+ sqlite3CreateFunc(db, "like", 3, SQLITE_UTF8, pInfo, likeFunc, 0, 0, 0);
+ sqlite3CreateFunc(db, "glob", 2, SQLITE_UTF8,
+ (struct compareInfo*)&globInfo, likeFunc, 0, 0, 0);
+ setLikeOptFlag(db, "glob", SQLITE_FUNC_LIKE | SQLITE_FUNC_CASE);
+ setLikeOptFlag(db, "like",
+ caseSensitive ? (SQLITE_FUNC_LIKE | SQLITE_FUNC_CASE) : SQLITE_FUNC_LIKE);
+}
+
+/*
+** pExpr points to an expression which implements a function. If
+** it is appropriate to apply the LIKE optimization to that function
+** then set aWc[0] through aWc[2] to the wildcard characters and
+** return TRUE. If the function is not a LIKE-style function then
+** return FALSE.
+**
+** *pIsNocase is set to true if uppercase and lowercase are equivalent for
+** the function (default for LIKE). If the function makes the distinction
+** between uppercase and lowercase (as does GLOB) then *pIsNocase is set to
+** false.
+*/
+SQLITE_PRIVATE int sqlite3IsLikeFunction(sqlite3 *db, Expr *pExpr, int *pIsNocase, char *aWc){
+ FuncDef *pDef;
+ if( pExpr->op!=TK_FUNCTION
+ || !pExpr->x.pList
+ || pExpr->x.pList->nExpr!=2
+ ){
+ return 0;
+ }
+ assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
+ pDef = sqlite3FindFunction(db, pExpr->u.zToken,
+ sqlite3Strlen30(pExpr->u.zToken),
+ 2, SQLITE_UTF8, 0);
+ if( NEVER(pDef==0) || (pDef->funcFlags & SQLITE_FUNC_LIKE)==0 ){
+ return 0;
+ }
+
+ /* The memcpy() statement assumes that the wildcard characters are
+ ** the first three statements in the compareInfo structure. The
+ ** asserts() that follow verify that assumption
+ */
+ memcpy(aWc, pDef->pUserData, 3);
+ assert( (char*)&likeInfoAlt == (char*)&likeInfoAlt.matchAll );
+ assert( &((char*)&likeInfoAlt)[1] == (char*)&likeInfoAlt.matchOne );
+ assert( &((char*)&likeInfoAlt)[2] == (char*)&likeInfoAlt.matchSet );
+ *pIsNocase = (pDef->funcFlags & SQLITE_FUNC_CASE)==0;
+ return 1;
+}
+
+/*
+** All of the FuncDef structures in the aBuiltinFunc[] array above
+** to the global function hash table. This occurs at start-time (as
+** a consequence of calling sqlite3_initialize()).
+**
+** After this routine runs
+*/
+SQLITE_PRIVATE void sqlite3RegisterGlobalFunctions(void){
+ /*
+ ** The following array holds FuncDef structures for all of the functions
+ ** defined in this file.
+ **
+ ** The array cannot be constant since changes are made to the
+ ** FuncDef.pHash elements at start-time. The elements of this array
+ ** are read-only after initialization is complete.
+ */
+ static SQLITE_WSD FuncDef aBuiltinFunc[] = {
+ FUNCTION(ltrim, 1, 1, 0, trimFunc ),
+ FUNCTION(ltrim, 2, 1, 0, trimFunc ),
+ FUNCTION(rtrim, 1, 2, 0, trimFunc ),
+ FUNCTION(rtrim, 2, 2, 0, trimFunc ),
+ FUNCTION(trim, 1, 3, 0, trimFunc ),
+ FUNCTION(trim, 2, 3, 0, trimFunc ),
+ FUNCTION(min, -1, 0, 1, minmaxFunc ),
+ FUNCTION(min, 0, 0, 1, 0 ),
+ AGGREGATE2(min, 1, 0, 1, minmaxStep, minMaxFinalize,
+ SQLITE_FUNC_MINMAX ),
+ FUNCTION(max, -1, 1, 1, minmaxFunc ),
+ FUNCTION(max, 0, 1, 1, 0 ),
+ AGGREGATE2(max, 1, 1, 1, minmaxStep, minMaxFinalize,
+ SQLITE_FUNC_MINMAX ),
+ FUNCTION2(typeof, 1, 0, 0, typeofFunc, SQLITE_FUNC_TYPEOF),
+ FUNCTION2(length, 1, 0, 0, lengthFunc, SQLITE_FUNC_LENGTH),
+ FUNCTION(instr, 2, 0, 0, instrFunc ),
+ FUNCTION(substr, 2, 0, 0, substrFunc ),
+ FUNCTION(substr, 3, 0, 0, substrFunc ),
+ FUNCTION(printf, -1, 0, 0, printfFunc ),
+ FUNCTION(unicode, 1, 0, 0, unicodeFunc ),
+ FUNCTION(char, -1, 0, 0, charFunc ),
+ FUNCTION(abs, 1, 0, 0, absFunc ),
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ FUNCTION(round, 1, 0, 0, roundFunc ),
+ FUNCTION(round, 2, 0, 0, roundFunc ),
+#endif
+ FUNCTION(upper, 1, 0, 0, upperFunc ),
+ FUNCTION(lower, 1, 0, 0, lowerFunc ),
+ FUNCTION(coalesce, 1, 0, 0, 0 ),
+ FUNCTION(coalesce, 0, 0, 0, 0 ),
+ FUNCTION2(coalesce, -1, 0, 0, noopFunc, SQLITE_FUNC_COALESCE),
+ FUNCTION(hex, 1, 0, 0, hexFunc ),
+ FUNCTION2(ifnull, 2, 0, 0, noopFunc, SQLITE_FUNC_COALESCE),
+ FUNCTION2(unlikely, 1, 0, 0, noopFunc, SQLITE_FUNC_UNLIKELY),
+ FUNCTION2(likelihood, 2, 0, 0, noopFunc, SQLITE_FUNC_UNLIKELY),
+ FUNCTION2(likely, 1, 0, 0, noopFunc, SQLITE_FUNC_UNLIKELY),
+ VFUNCTION(random, 0, 0, 0, randomFunc ),
+ VFUNCTION(randomblob, 1, 0, 0, randomBlob ),
+ FUNCTION(nullif, 2, 0, 1, nullifFunc ),
+ DFUNCTION(sqlite_version, 0, 0, 0, versionFunc ),
+ DFUNCTION(sqlite_source_id, 0, 0, 0, sourceidFunc ),
+ FUNCTION(sqlite_log, 2, 0, 0, errlogFunc ),
+#if SQLITE_USER_AUTHENTICATION
+ FUNCTION(sqlite_crypt, 2, 0, 0, sqlite3CryptFunc ),
+#endif
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+ DFUNCTION(sqlite_compileoption_used,1, 0, 0, compileoptionusedFunc ),
+ DFUNCTION(sqlite_compileoption_get, 1, 0, 0, compileoptiongetFunc ),
+#endif /* SQLITE_OMIT_COMPILEOPTION_DIAGS */
+ FUNCTION(quote, 1, 0, 0, quoteFunc ),
+ VFUNCTION(last_insert_rowid, 0, 0, 0, last_insert_rowid),
+ VFUNCTION(changes, 0, 0, 0, changes ),
+ VFUNCTION(total_changes, 0, 0, 0, total_changes ),
+ FUNCTION(replace, 3, 0, 0, replaceFunc ),
+ FUNCTION(zeroblob, 1, 0, 0, zeroblobFunc ),
+ #ifdef SQLITE_SOUNDEX
+ FUNCTION(soundex, 1, 0, 0, soundexFunc ),
+ #endif
+ #ifndef SQLITE_OMIT_LOAD_EXTENSION
+ VFUNCTION(load_extension, 1, 0, 0, loadExt ),
+ VFUNCTION(load_extension, 2, 0, 0, loadExt ),
+ #endif
+ AGGREGATE(sum, 1, 0, 0, sumStep, sumFinalize ),
+ AGGREGATE(total, 1, 0, 0, sumStep, totalFinalize ),
+ AGGREGATE(avg, 1, 0, 0, sumStep, avgFinalize ),
+ AGGREGATE2(count, 0, 0, 0, countStep, countFinalize,
+ SQLITE_FUNC_COUNT ),
+ AGGREGATE(count, 1, 0, 0, countStep, countFinalize ),
+ AGGREGATE(group_concat, 1, 0, 0, groupConcatStep, groupConcatFinalize),
+ AGGREGATE(group_concat, 2, 0, 0, groupConcatStep, groupConcatFinalize),
+
+ LIKEFUNC(glob, 2, &globInfo, SQLITE_FUNC_LIKE|SQLITE_FUNC_CASE),
+ #ifdef SQLITE_CASE_SENSITIVE_LIKE
+ LIKEFUNC(like, 2, &likeInfoAlt, SQLITE_FUNC_LIKE|SQLITE_FUNC_CASE),
+ LIKEFUNC(like, 3, &likeInfoAlt, SQLITE_FUNC_LIKE|SQLITE_FUNC_CASE),
+ #else
+ LIKEFUNC(like, 2, &likeInfoNorm, SQLITE_FUNC_LIKE),
+ LIKEFUNC(like, 3, &likeInfoNorm, SQLITE_FUNC_LIKE),
+ #endif
+ };
+
+ int i;
+ FuncDefHash *pHash = &GLOBAL(FuncDefHash, sqlite3GlobalFunctions);
+ FuncDef *aFunc = (FuncDef*)&GLOBAL(FuncDef, aBuiltinFunc);
+
+ for(i=0; i<ArraySize(aBuiltinFunc); i++){
+ sqlite3FuncDefInsert(pHash, &aFunc[i]);
+ }
+ sqlite3RegisterDateTimeFunctions();
+#ifndef SQLITE_OMIT_ALTERTABLE
+ sqlite3AlterFunctions();
+#endif
+#if defined(SQLITE_ENABLE_STAT3) || defined(SQLITE_ENABLE_STAT4)
+ sqlite3AnalyzeFunctions();
+#endif
+}
+
+/************** End of func.c ************************************************/
+/************** Begin file fkey.c ********************************************/
+/*
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used by the compiler to add foreign key
+** support to compiled SQL statements.
+*/
+/* #include "sqliteInt.h" */
+
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+#ifndef SQLITE_OMIT_TRIGGER
+
+/*
+** Deferred and Immediate FKs
+** --------------------------
+**
+** Foreign keys in SQLite come in two flavours: deferred and immediate.
+** If an immediate foreign key constraint is violated,
+** SQLITE_CONSTRAINT_FOREIGNKEY is returned and the current
+** statement transaction rolled back. If a
+** deferred foreign key constraint is violated, no action is taken
+** immediately. However if the application attempts to commit the
+** transaction before fixing the constraint violation, the attempt fails.
+**
+** Deferred constraints are implemented using a simple counter associated
+** with the database handle. The counter is set to zero each time a
+** database transaction is opened. Each time a statement is executed
+** that causes a foreign key violation, the counter is incremented. Each
+** time a statement is executed that removes an existing violation from
+** the database, the counter is decremented. When the transaction is
+** committed, the commit fails if the current value of the counter is
+** greater than zero. This scheme has two big drawbacks:
+**
+** * When a commit fails due to a deferred foreign key constraint,
+** there is no way to tell which foreign constraint is not satisfied,
+** or which row it is not satisfied for.
+**
+** * If the database contains foreign key violations when the
+** transaction is opened, this may cause the mechanism to malfunction.
+**
+** Despite these problems, this approach is adopted as it seems simpler
+** than the alternatives.
+**
+** INSERT operations:
+**
+** I.1) For each FK for which the table is the child table, search
+** the parent table for a match. If none is found increment the
+** constraint counter.
+**
+** I.2) For each FK for which the table is the parent table,
+** search the child table for rows that correspond to the new
+** row in the parent table. Decrement the counter for each row
+** found (as the constraint is now satisfied).
+**
+** DELETE operations:
+**
+** D.1) For each FK for which the table is the child table,
+** search the parent table for a row that corresponds to the
+** deleted row in the child table. If such a row is not found,
+** decrement the counter.
+**
+** D.2) For each FK for which the table is the parent table, search
+** the child table for rows that correspond to the deleted row
+** in the parent table. For each found increment the counter.
+**
+** UPDATE operations:
+**
+** An UPDATE command requires that all 4 steps above are taken, but only
+** for FK constraints for which the affected columns are actually
+** modified (values must be compared at runtime).
+**
+** Note that I.1 and D.1 are very similar operations, as are I.2 and D.2.
+** This simplifies the implementation a bit.
+**
+** For the purposes of immediate FK constraints, the OR REPLACE conflict
+** resolution is considered to delete rows before the new row is inserted.
+** If a delete caused by OR REPLACE violates an FK constraint, an exception
+** is thrown, even if the FK constraint would be satisfied after the new
+** row is inserted.
+**
+** Immediate constraints are usually handled similarly. The only difference
+** is that the counter used is stored as part of each individual statement
+** object (struct Vdbe). If, after the statement has run, its immediate
+** constraint counter is greater than zero,
+** it returns SQLITE_CONSTRAINT_FOREIGNKEY
+** and the statement transaction is rolled back. An exception is an INSERT
+** statement that inserts a single row only (no triggers). In this case,
+** instead of using a counter, an exception is thrown immediately if the
+** INSERT violates a foreign key constraint. This is necessary as such
+** an INSERT does not open a statement transaction.
+**
+** TODO: How should dropping a table be handled? How should renaming a
+** table be handled?
+**
+**
+** Query API Notes
+** ---------------
+**
+** Before coding an UPDATE or DELETE row operation, the code-generator
+** for those two operations needs to know whether or not the operation
+** requires any FK processing and, if so, which columns of the original
+** row are required by the FK processing VDBE code (i.e. if FKs were
+** implemented using triggers, which of the old.* columns would be
+** accessed). No information is required by the code-generator before
+** coding an INSERT operation. The functions used by the UPDATE/DELETE
+** generation code to query for this information are:
+**
+** sqlite3FkRequired() - Test to see if FK processing is required.
+** sqlite3FkOldmask() - Query for the set of required old.* columns.
+**
+**
+** Externally accessible module functions
+** --------------------------------------
+**
+** sqlite3FkCheck() - Check for foreign key violations.
+** sqlite3FkActions() - Code triggers for ON UPDATE/ON DELETE actions.
+** sqlite3FkDelete() - Delete an FKey structure.
+*/
+
+/*
+** VDBE Calling Convention
+** -----------------------
+**
+** Example:
+**
+** For the following INSERT statement:
+**
+** CREATE TABLE t1(a, b INTEGER PRIMARY KEY, c);
+** INSERT INTO t1 VALUES(1, 2, 3.1);
+**
+** Register (x): 2 (type integer)
+** Register (x+1): 1 (type integer)
+** Register (x+2): NULL (type NULL)
+** Register (x+3): 3.1 (type real)
+*/
+
+/*
+** A foreign key constraint requires that the key columns in the parent
+** table are collectively subject to a UNIQUE or PRIMARY KEY constraint.
+** Given that pParent is the parent table for foreign key constraint pFKey,
+** search the schema for a unique index on the parent key columns.
+**
+** If successful, zero is returned. If the parent key is an INTEGER PRIMARY
+** KEY column, then output variable *ppIdx is set to NULL. Otherwise, *ppIdx
+** is set to point to the unique index.
+**
+** If the parent key consists of a single column (the foreign key constraint
+** is not a composite foreign key), output variable *paiCol is set to NULL.
+** Otherwise, it is set to point to an allocated array of size N, where
+** N is the number of columns in the parent key. The first element of the
+** array is the index of the child table column that is mapped by the FK
+** constraint to the parent table column stored in the left-most column
+** of index *ppIdx. The second element of the array is the index of the
+** child table column that corresponds to the second left-most column of
+** *ppIdx, and so on.
+**
+** If the required index cannot be found, either because:
+**
+** 1) The named parent key columns do not exist, or
+**
+** 2) The named parent key columns do exist, but are not subject to a
+** UNIQUE or PRIMARY KEY constraint, or
+**
+** 3) No parent key columns were provided explicitly as part of the
+** foreign key definition, and the parent table does not have a
+** PRIMARY KEY, or
+**
+** 4) No parent key columns were provided explicitly as part of the
+** foreign key definition, and the PRIMARY KEY of the parent table
+** consists of a different number of columns to the child key in
+** the child table.
+**
+** then non-zero is returned, and a "foreign key mismatch" error loaded
+** into pParse. If an OOM error occurs, non-zero is returned and the
+** pParse->db->mallocFailed flag is set.
+*/
+SQLITE_PRIVATE int sqlite3FkLocateIndex(
+ Parse *pParse, /* Parse context to store any error in */
+ Table *pParent, /* Parent table of FK constraint pFKey */
+ FKey *pFKey, /* Foreign key to find index for */
+ Index **ppIdx, /* OUT: Unique index on parent table */
+ int **paiCol /* OUT: Map of index columns in pFKey */
+){
+ Index *pIdx = 0; /* Value to return via *ppIdx */
+ int *aiCol = 0; /* Value to return via *paiCol */
+ int nCol = pFKey->nCol; /* Number of columns in parent key */
+ char *zKey = pFKey->aCol[0].zCol; /* Name of left-most parent key column */
+
+ /* The caller is responsible for zeroing output parameters. */
+ assert( ppIdx && *ppIdx==0 );
+ assert( !paiCol || *paiCol==0 );
+ assert( pParse );
+
+ /* If this is a non-composite (single column) foreign key, check if it
+ ** maps to the INTEGER PRIMARY KEY of table pParent. If so, leave *ppIdx
+ ** and *paiCol set to zero and return early.
+ **
+ ** Otherwise, for a composite foreign key (more than one column), allocate
+ ** space for the aiCol array (returned via output parameter *paiCol).
+ ** Non-composite foreign keys do not require the aiCol array.
+ */
+ if( nCol==1 ){
+ /* The FK maps to the IPK if any of the following are true:
+ **
+ ** 1) There is an INTEGER PRIMARY KEY column and the FK is implicitly
+ ** mapped to the primary key of table pParent, or
+ ** 2) The FK is explicitly mapped to a column declared as INTEGER
+ ** PRIMARY KEY.
+ */
+ if( pParent->iPKey>=0 ){
+ if( !zKey ) return 0;
+ if( !sqlite3StrICmp(pParent->aCol[pParent->iPKey].zName, zKey) ) return 0;
+ }
+ }else if( paiCol ){
+ assert( nCol>1 );
+ aiCol = (int *)sqlite3DbMallocRaw(pParse->db, nCol*sizeof(int));
+ if( !aiCol ) return 1;
+ *paiCol = aiCol;
+ }
+
+ for(pIdx=pParent->pIndex; pIdx; pIdx=pIdx->pNext){
+ if( pIdx->nKeyCol==nCol && IsUniqueIndex(pIdx) ){
+ /* pIdx is a UNIQUE index (or a PRIMARY KEY) and has the right number
+ ** of columns. If each indexed column corresponds to a foreign key
+ ** column of pFKey, then this index is a winner. */
+
+ if( zKey==0 ){
+ /* If zKey is NULL, then this foreign key is implicitly mapped to
+ ** the PRIMARY KEY of table pParent. The PRIMARY KEY index may be
+ ** identified by the test. */
+ if( IsPrimaryKeyIndex(pIdx) ){
+ if( aiCol ){
+ int i;
+ for(i=0; i<nCol; i++) aiCol[i] = pFKey->aCol[i].iFrom;
+ }
+ break;
+ }
+ }else{
+ /* If zKey is non-NULL, then this foreign key was declared to
+ ** map to an explicit list of columns in table pParent. Check if this
+ ** index matches those columns. Also, check that the index uses
+ ** the default collation sequences for each column. */
+ int i, j;
+ for(i=0; i<nCol; i++){
+ i16 iCol = pIdx->aiColumn[i]; /* Index of column in parent tbl */
+ const char *zDfltColl; /* Def. collation for column */
+ char *zIdxCol; /* Name of indexed column */
+
+ if( iCol<0 ) break; /* No foreign keys against expression indexes */
+
+ /* If the index uses a collation sequence that is different from
+ ** the default collation sequence for the column, this index is
+ ** unusable. Bail out early in this case. */
+ zDfltColl = pParent->aCol[iCol].zColl;
+ if( !zDfltColl ) zDfltColl = sqlite3StrBINARY;
+ if( sqlite3StrICmp(pIdx->azColl[i], zDfltColl) ) break;
+
+ zIdxCol = pParent->aCol[iCol].zName;
+ for(j=0; j<nCol; j++){
+ if( sqlite3StrICmp(pFKey->aCol[j].zCol, zIdxCol)==0 ){
+ if( aiCol ) aiCol[i] = pFKey->aCol[j].iFrom;
+ break;
+ }
+ }
+ if( j==nCol ) break;
+ }
+ if( i==nCol ) break; /* pIdx is usable */
+ }
+ }
+ }
+
+ if( !pIdx ){
+ if( !pParse->disableTriggers ){
+ sqlite3ErrorMsg(pParse,
+ "foreign key mismatch - \"%w\" referencing \"%w\"",
+ pFKey->pFrom->zName, pFKey->zTo);
+ }
+ sqlite3DbFree(pParse->db, aiCol);
+ return 1;
+ }
+
+ *ppIdx = pIdx;
+ return 0;
+}
+
+/*
+** This function is called when a row is inserted into or deleted from the
+** child table of foreign key constraint pFKey. If an SQL UPDATE is executed
+** on the child table of pFKey, this function is invoked twice for each row
+** affected - once to "delete" the old row, and then again to "insert" the
+** new row.
+**
+** Each time it is called, this function generates VDBE code to locate the
+** row in the parent table that corresponds to the row being inserted into
+** or deleted from the child table. If the parent row can be found, no
+** special action is taken. Otherwise, if the parent row can *not* be
+** found in the parent table:
+**
+** Operation | FK type | Action taken
+** --------------------------------------------------------------------------
+** INSERT immediate Increment the "immediate constraint counter".
+**
+** DELETE immediate Decrement the "immediate constraint counter".
+**
+** INSERT deferred Increment the "deferred constraint counter".
+**
+** DELETE deferred Decrement the "deferred constraint counter".
+**
+** These operations are identified in the comment at the top of this file
+** (fkey.c) as "I.1" and "D.1".
+*/
+static void fkLookupParent(
+ Parse *pParse, /* Parse context */
+ int iDb, /* Index of database housing pTab */
+ Table *pTab, /* Parent table of FK pFKey */
+ Index *pIdx, /* Unique index on parent key columns in pTab */
+ FKey *pFKey, /* Foreign key constraint */
+ int *aiCol, /* Map from parent key columns to child table columns */
+ int regData, /* Address of array containing child table row */
+ int nIncr, /* Increment constraint counter by this */
+ int isIgnore /* If true, pretend pTab contains all NULL values */
+){
+ int i; /* Iterator variable */
+ Vdbe *v = sqlite3GetVdbe(pParse); /* Vdbe to add code to */
+ int iCur = pParse->nTab - 1; /* Cursor number to use */
+ int iOk = sqlite3VdbeMakeLabel(v); /* jump here if parent key found */
+
+ /* If nIncr is less than zero, then check at runtime if there are any
+ ** outstanding constraints to resolve. If there are not, there is no need
+ ** to check if deleting this row resolves any outstanding violations.
+ **
+ ** Check if any of the key columns in the child table row are NULL. If
+ ** any are, then the constraint is considered satisfied. No need to
+ ** search for a matching row in the parent table. */
+ if( nIncr<0 ){
+ sqlite3VdbeAddOp2(v, OP_FkIfZero, pFKey->isDeferred, iOk);
+ VdbeCoverage(v);
+ }
+ for(i=0; i<pFKey->nCol; i++){
+ int iReg = aiCol[i] + regData + 1;
+ sqlite3VdbeAddOp2(v, OP_IsNull, iReg, iOk); VdbeCoverage(v);
+ }
+
+ if( isIgnore==0 ){
+ if( pIdx==0 ){
+ /* If pIdx is NULL, then the parent key is the INTEGER PRIMARY KEY
+ ** column of the parent table (table pTab). */
+ int iMustBeInt; /* Address of MustBeInt instruction */
+ int regTemp = sqlite3GetTempReg(pParse);
+
+ /* Invoke MustBeInt to coerce the child key value to an integer (i.e.
+ ** apply the affinity of the parent key). If this fails, then there
+ ** is no matching parent key. Before using MustBeInt, make a copy of
+ ** the value. Otherwise, the value inserted into the child key column
+ ** will have INTEGER affinity applied to it, which may not be correct. */
+ sqlite3VdbeAddOp2(v, OP_SCopy, aiCol[0]+1+regData, regTemp);
+ iMustBeInt = sqlite3VdbeAddOp2(v, OP_MustBeInt, regTemp, 0);
+ VdbeCoverage(v);
+
+ /* If the parent table is the same as the child table, and we are about
+ ** to increment the constraint-counter (i.e. this is an INSERT operation),
+ ** then check if the row being inserted matches itself. If so, do not
+ ** increment the constraint-counter. */
+ if( pTab==pFKey->pFrom && nIncr==1 ){
+ sqlite3VdbeAddOp3(v, OP_Eq, regData, iOk, regTemp); VdbeCoverage(v);
+ sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
+ }
+
+ sqlite3OpenTable(pParse, iCur, iDb, pTab, OP_OpenRead);
+ sqlite3VdbeAddOp3(v, OP_NotExists, iCur, 0, regTemp); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, iOk);
+ sqlite3VdbeJumpHere(v, sqlite3VdbeCurrentAddr(v)-2);
+ sqlite3VdbeJumpHere(v, iMustBeInt);
+ sqlite3ReleaseTempReg(pParse, regTemp);
+ }else{
+ int nCol = pFKey->nCol;
+ int regTemp = sqlite3GetTempRange(pParse, nCol);
+ int regRec = sqlite3GetTempReg(pParse);
+
+ sqlite3VdbeAddOp3(v, OP_OpenRead, iCur, pIdx->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
+ for(i=0; i<nCol; i++){
+ sqlite3VdbeAddOp2(v, OP_Copy, aiCol[i]+1+regData, regTemp+i);
+ }
+
+ /* If the parent table is the same as the child table, and we are about
+ ** to increment the constraint-counter (i.e. this is an INSERT operation),
+ ** then check if the row being inserted matches itself. If so, do not
+ ** increment the constraint-counter.
+ **
+ ** If any of the parent-key values are NULL, then the row cannot match
+ ** itself. So set JUMPIFNULL to make sure we do the OP_Found if any
+ ** of the parent-key values are NULL (at this point it is known that
+ ** none of the child key values are).
+ */
+ if( pTab==pFKey->pFrom && nIncr==1 ){
+ int iJump = sqlite3VdbeCurrentAddr(v) + nCol + 1;
+ for(i=0; i<nCol; i++){
+ int iChild = aiCol[i]+1+regData;
+ int iParent = pIdx->aiColumn[i]+1+regData;
+ assert( pIdx->aiColumn[i]>=0 );
+ assert( aiCol[i]!=pTab->iPKey );
+ if( pIdx->aiColumn[i]==pTab->iPKey ){
+ /* The parent key is a composite key that includes the IPK column */
+ iParent = regData;
+ }
+ sqlite3VdbeAddOp3(v, OP_Ne, iChild, iJump, iParent); VdbeCoverage(v);
+ sqlite3VdbeChangeP5(v, SQLITE_JUMPIFNULL);
+ }
+ sqlite3VdbeGoto(v, iOk);
+ }
+
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, regTemp, nCol, regRec,
+ sqlite3IndexAffinityStr(pParse->db,pIdx), nCol);
+ sqlite3VdbeAddOp4Int(v, OP_Found, iCur, iOk, regRec, 0); VdbeCoverage(v);
+
+ sqlite3ReleaseTempReg(pParse, regRec);
+ sqlite3ReleaseTempRange(pParse, regTemp, nCol);
+ }
+ }
+
+ if( !pFKey->isDeferred && !(pParse->db->flags & SQLITE_DeferFKs)
+ && !pParse->pToplevel
+ && !pParse->isMultiWrite
+ ){
+ /* Special case: If this is an INSERT statement that will insert exactly
+ ** one row into the table, raise a constraint immediately instead of
+ ** incrementing a counter. This is necessary as the VM code is being
+ ** generated for will not open a statement transaction. */
+ assert( nIncr==1 );
+ sqlite3HaltConstraint(pParse, SQLITE_CONSTRAINT_FOREIGNKEY,
+ OE_Abort, 0, P4_STATIC, P5_ConstraintFK);
+ }else{
+ if( nIncr>0 && pFKey->isDeferred==0 ){
+ sqlite3MayAbort(pParse);
+ }
+ sqlite3VdbeAddOp2(v, OP_FkCounter, pFKey->isDeferred, nIncr);
+ }
+
+ sqlite3VdbeResolveLabel(v, iOk);
+ sqlite3VdbeAddOp1(v, OP_Close, iCur);
+}
+
+
+/*
+** Return an Expr object that refers to a memory register corresponding
+** to column iCol of table pTab.
+**
+** regBase is the first of an array of register that contains the data
+** for pTab. regBase itself holds the rowid. regBase+1 holds the first
+** column. regBase+2 holds the second column, and so forth.
+*/
+static Expr *exprTableRegister(
+ Parse *pParse, /* Parsing and code generating context */
+ Table *pTab, /* The table whose content is at r[regBase]... */
+ int regBase, /* Contents of table pTab */
+ i16 iCol /* Which column of pTab is desired */
+){
+ Expr *pExpr;
+ Column *pCol;
+ const char *zColl;
+ sqlite3 *db = pParse->db;
+
+ pExpr = sqlite3Expr(db, TK_REGISTER, 0);
+ if( pExpr ){
+ if( iCol>=0 && iCol!=pTab->iPKey ){
+ pCol = &pTab->aCol[iCol];
+ pExpr->iTable = regBase + iCol + 1;
+ pExpr->affinity = pCol->affinity;
+ zColl = pCol->zColl;
+ if( zColl==0 ) zColl = db->pDfltColl->zName;
+ pExpr = sqlite3ExprAddCollateString(pParse, pExpr, zColl);
+ }else{
+ pExpr->iTable = regBase;
+ pExpr->affinity = SQLITE_AFF_INTEGER;
+ }
+ }
+ return pExpr;
+}
+
+/*
+** Return an Expr object that refers to column iCol of table pTab which
+** has cursor iCur.
+*/
+static Expr *exprTableColumn(
+ sqlite3 *db, /* The database connection */
+ Table *pTab, /* The table whose column is desired */
+ int iCursor, /* The open cursor on the table */
+ i16 iCol /* The column that is wanted */
+){
+ Expr *pExpr = sqlite3Expr(db, TK_COLUMN, 0);
+ if( pExpr ){
+ pExpr->pTab = pTab;
+ pExpr->iTable = iCursor;
+ pExpr->iColumn = iCol;
+ }
+ return pExpr;
+}
+
+/*
+** This function is called to generate code executed when a row is deleted
+** from the parent table of foreign key constraint pFKey and, if pFKey is
+** deferred, when a row is inserted into the same table. When generating
+** code for an SQL UPDATE operation, this function may be called twice -
+** once to "delete" the old row and once to "insert" the new row.
+**
+** Parameter nIncr is passed -1 when inserting a row (as this may decrease
+** the number of FK violations in the db) or +1 when deleting one (as this
+** may increase the number of FK constraint problems).
+**
+** The code generated by this function scans through the rows in the child
+** table that correspond to the parent table row being deleted or inserted.
+** For each child row found, one of the following actions is taken:
+**
+** Operation | FK type | Action taken
+** --------------------------------------------------------------------------
+** DELETE immediate Increment the "immediate constraint counter".
+** Or, if the ON (UPDATE|DELETE) action is RESTRICT,
+** throw a "FOREIGN KEY constraint failed" exception.
+**
+** INSERT immediate Decrement the "immediate constraint counter".
+**
+** DELETE deferred Increment the "deferred constraint counter".
+** Or, if the ON (UPDATE|DELETE) action is RESTRICT,
+** throw a "FOREIGN KEY constraint failed" exception.
+**
+** INSERT deferred Decrement the "deferred constraint counter".
+**
+** These operations are identified in the comment at the top of this file
+** (fkey.c) as "I.2" and "D.2".
+*/
+static void fkScanChildren(
+ Parse *pParse, /* Parse context */
+ SrcList *pSrc, /* The child table to be scanned */
+ Table *pTab, /* The parent table */
+ Index *pIdx, /* Index on parent covering the foreign key */
+ FKey *pFKey, /* The foreign key linking pSrc to pTab */
+ int *aiCol, /* Map from pIdx cols to child table cols */
+ int regData, /* Parent row data starts here */
+ int nIncr /* Amount to increment deferred counter by */
+){
+ sqlite3 *db = pParse->db; /* Database handle */
+ int i; /* Iterator variable */
+ Expr *pWhere = 0; /* WHERE clause to scan with */
+ NameContext sNameContext; /* Context used to resolve WHERE clause */
+ WhereInfo *pWInfo; /* Context used by sqlite3WhereXXX() */
+ int iFkIfZero = 0; /* Address of OP_FkIfZero */
+ Vdbe *v = sqlite3GetVdbe(pParse);
+
+ assert( pIdx==0 || pIdx->pTable==pTab );
+ assert( pIdx==0 || pIdx->nKeyCol==pFKey->nCol );
+ assert( pIdx!=0 || pFKey->nCol==1 );
+ assert( pIdx!=0 || HasRowid(pTab) );
+
+ if( nIncr<0 ){
+ iFkIfZero = sqlite3VdbeAddOp2(v, OP_FkIfZero, pFKey->isDeferred, 0);
+ VdbeCoverage(v);
+ }
+
+ /* Create an Expr object representing an SQL expression like:
+ **
+ ** <parent-key1> = <child-key1> AND <parent-key2> = <child-key2> ...
+ **
+ ** The collation sequence used for the comparison should be that of
+ ** the parent key columns. The affinity of the parent key column should
+ ** be applied to each child key value before the comparison takes place.
+ */
+ for(i=0; i<pFKey->nCol; i++){
+ Expr *pLeft; /* Value from parent table row */
+ Expr *pRight; /* Column ref to child table */
+ Expr *pEq; /* Expression (pLeft = pRight) */
+ i16 iCol; /* Index of column in child table */
+ const char *zCol; /* Name of column in child table */
+
+ iCol = pIdx ? pIdx->aiColumn[i] : -1;
+ pLeft = exprTableRegister(pParse, pTab, regData, iCol);
+ iCol = aiCol ? aiCol[i] : pFKey->aCol[0].iFrom;
+ assert( iCol>=0 );
+ zCol = pFKey->pFrom->aCol[iCol].zName;
+ pRight = sqlite3Expr(db, TK_ID, zCol);
+ pEq = sqlite3PExpr(pParse, TK_EQ, pLeft, pRight, 0);
+ pWhere = sqlite3ExprAnd(db, pWhere, pEq);
+ }
+
+ /* If the child table is the same as the parent table, then add terms
+ ** to the WHERE clause that prevent this entry from being scanned.
+ ** The added WHERE clause terms are like this:
+ **
+ ** $current_rowid!=rowid
+ ** NOT( $current_a==a AND $current_b==b AND ... )
+ **
+ ** The first form is used for rowid tables. The second form is used
+ ** for WITHOUT ROWID tables. In the second form, the primary key is
+ ** (a,b,...)
+ */
+ if( pTab==pFKey->pFrom && nIncr>0 ){
+ Expr *pNe; /* Expression (pLeft != pRight) */
+ Expr *pLeft; /* Value from parent table row */
+ Expr *pRight; /* Column ref to child table */
+ if( HasRowid(pTab) ){
+ pLeft = exprTableRegister(pParse, pTab, regData, -1);
+ pRight = exprTableColumn(db, pTab, pSrc->a[0].iCursor, -1);
+ pNe = sqlite3PExpr(pParse, TK_NE, pLeft, pRight, 0);
+ }else{
+ Expr *pEq, *pAll = 0;
+ Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+ assert( pIdx!=0 );
+ for(i=0; i<pPk->nKeyCol; i++){
+ i16 iCol = pIdx->aiColumn[i];
+ assert( iCol>=0 );
+ pLeft = exprTableRegister(pParse, pTab, regData, iCol);
+ pRight = exprTableColumn(db, pTab, pSrc->a[0].iCursor, iCol);
+ pEq = sqlite3PExpr(pParse, TK_EQ, pLeft, pRight, 0);
+ pAll = sqlite3ExprAnd(db, pAll, pEq);
+ }
+ pNe = sqlite3PExpr(pParse, TK_NOT, pAll, 0, 0);
+ }
+ pWhere = sqlite3ExprAnd(db, pWhere, pNe);
+ }
+
+ /* Resolve the references in the WHERE clause. */
+ memset(&sNameContext, 0, sizeof(NameContext));
+ sNameContext.pSrcList = pSrc;
+ sNameContext.pParse = pParse;
+ sqlite3ResolveExprNames(&sNameContext, pWhere);
+
+ /* Create VDBE to loop through the entries in pSrc that match the WHERE
+ ** clause. For each row found, increment either the deferred or immediate
+ ** foreign key constraint counter. */
+ pWInfo = sqlite3WhereBegin(pParse, pSrc, pWhere, 0, 0, 0, 0);
+ sqlite3VdbeAddOp2(v, OP_FkCounter, pFKey->isDeferred, nIncr);
+ if( pWInfo ){
+ sqlite3WhereEnd(pWInfo);
+ }
+
+ /* Clean up the WHERE clause constructed above. */
+ sqlite3ExprDelete(db, pWhere);
+ if( iFkIfZero ){
+ sqlite3VdbeJumpHere(v, iFkIfZero);
+ }
+}
+
+/*
+** This function returns a linked list of FKey objects (connected by
+** FKey.pNextTo) holding all children of table pTab. For example,
+** given the following schema:
+**
+** CREATE TABLE t1(a PRIMARY KEY);
+** CREATE TABLE t2(b REFERENCES t1(a);
+**
+** Calling this function with table "t1" as an argument returns a pointer
+** to the FKey structure representing the foreign key constraint on table
+** "t2". Calling this function with "t2" as the argument would return a
+** NULL pointer (as there are no FK constraints for which t2 is the parent
+** table).
+*/
+SQLITE_PRIVATE FKey *sqlite3FkReferences(Table *pTab){
+ return (FKey *)sqlite3HashFind(&pTab->pSchema->fkeyHash, pTab->zName);
+}
+
+/*
+** The second argument is a Trigger structure allocated by the
+** fkActionTrigger() routine. This function deletes the Trigger structure
+** and all of its sub-components.
+**
+** The Trigger structure or any of its sub-components may be allocated from
+** the lookaside buffer belonging to database handle dbMem.
+*/
+static void fkTriggerDelete(sqlite3 *dbMem, Trigger *p){
+ if( p ){
+ TriggerStep *pStep = p->step_list;
+ sqlite3ExprDelete(dbMem, pStep->pWhere);
+ sqlite3ExprListDelete(dbMem, pStep->pExprList);
+ sqlite3SelectDelete(dbMem, pStep->pSelect);
+ sqlite3ExprDelete(dbMem, p->pWhen);
+ sqlite3DbFree(dbMem, p);
+ }
+}
+
+/*
+** This function is called to generate code that runs when table pTab is
+** being dropped from the database. The SrcList passed as the second argument
+** to this function contains a single entry guaranteed to resolve to
+** table pTab.
+**
+** Normally, no code is required. However, if either
+**
+** (a) The table is the parent table of a FK constraint, or
+** (b) The table is the child table of a deferred FK constraint and it is
+** determined at runtime that there are outstanding deferred FK
+** constraint violations in the database,
+**
+** then the equivalent of "DELETE FROM <tbl>" is executed before dropping
+** the table from the database. Triggers are disabled while running this
+** DELETE, but foreign key actions are not.
+*/
+SQLITE_PRIVATE void sqlite3FkDropTable(Parse *pParse, SrcList *pName, Table *pTab){
+ sqlite3 *db = pParse->db;
+ if( (db->flags&SQLITE_ForeignKeys) && !IsVirtual(pTab) && !pTab->pSelect ){
+ int iSkip = 0;
+ Vdbe *v = sqlite3GetVdbe(pParse);
+
+ assert( v ); /* VDBE has already been allocated */
+ if( sqlite3FkReferences(pTab)==0 ){
+ /* Search for a deferred foreign key constraint for which this table
+ ** is the child table. If one cannot be found, return without
+ ** generating any VDBE code. If one can be found, then jump over
+ ** the entire DELETE if there are no outstanding deferred constraints
+ ** when this statement is run. */
+ FKey *p;
+ for(p=pTab->pFKey; p; p=p->pNextFrom){
+ if( p->isDeferred || (db->flags & SQLITE_DeferFKs) ) break;
+ }
+ if( !p ) return;
+ iSkip = sqlite3VdbeMakeLabel(v);
+ sqlite3VdbeAddOp2(v, OP_FkIfZero, 1, iSkip); VdbeCoverage(v);
+ }
+
+ pParse->disableTriggers = 1;
+ sqlite3DeleteFrom(pParse, sqlite3SrcListDup(db, pName, 0), 0);
+ pParse->disableTriggers = 0;
+
+ /* If the DELETE has generated immediate foreign key constraint
+ ** violations, halt the VDBE and return an error at this point, before
+ ** any modifications to the schema are made. This is because statement
+ ** transactions are not able to rollback schema changes.
+ **
+ ** If the SQLITE_DeferFKs flag is set, then this is not required, as
+ ** the statement transaction will not be rolled back even if FK
+ ** constraints are violated.
+ */
+ if( (db->flags & SQLITE_DeferFKs)==0 ){
+ sqlite3VdbeAddOp2(v, OP_FkIfZero, 0, sqlite3VdbeCurrentAddr(v)+2);
+ VdbeCoverage(v);
+ sqlite3HaltConstraint(pParse, SQLITE_CONSTRAINT_FOREIGNKEY,
+ OE_Abort, 0, P4_STATIC, P5_ConstraintFK);
+ }
+
+ if( iSkip ){
+ sqlite3VdbeResolveLabel(v, iSkip);
+ }
+ }
+}
+
+
+/*
+** The second argument points to an FKey object representing a foreign key
+** for which pTab is the child table. An UPDATE statement against pTab
+** is currently being processed. For each column of the table that is
+** actually updated, the corresponding element in the aChange[] array
+** is zero or greater (if a column is unmodified the corresponding element
+** is set to -1). If the rowid column is modified by the UPDATE statement
+** the bChngRowid argument is non-zero.
+**
+** This function returns true if any of the columns that are part of the
+** child key for FK constraint *p are modified.
+*/
+static int fkChildIsModified(
+ Table *pTab, /* Table being updated */
+ FKey *p, /* Foreign key for which pTab is the child */
+ int *aChange, /* Array indicating modified columns */
+ int bChngRowid /* True if rowid is modified by this update */
+){
+ int i;
+ for(i=0; i<p->nCol; i++){
+ int iChildKey = p->aCol[i].iFrom;
+ if( aChange[iChildKey]>=0 ) return 1;
+ if( iChildKey==pTab->iPKey && bChngRowid ) return 1;
+ }
+ return 0;
+}
+
+/*
+** The second argument points to an FKey object representing a foreign key
+** for which pTab is the parent table. An UPDATE statement against pTab
+** is currently being processed. For each column of the table that is
+** actually updated, the corresponding element in the aChange[] array
+** is zero or greater (if a column is unmodified the corresponding element
+** is set to -1). If the rowid column is modified by the UPDATE statement
+** the bChngRowid argument is non-zero.
+**
+** This function returns true if any of the columns that are part of the
+** parent key for FK constraint *p are modified.
+*/
+static int fkParentIsModified(
+ Table *pTab,
+ FKey *p,
+ int *aChange,
+ int bChngRowid
+){
+ int i;
+ for(i=0; i<p->nCol; i++){
+ char *zKey = p->aCol[i].zCol;
+ int iKey;
+ for(iKey=0; iKey<pTab->nCol; iKey++){
+ if( aChange[iKey]>=0 || (iKey==pTab->iPKey && bChngRowid) ){
+ Column *pCol = &pTab->aCol[iKey];
+ if( zKey ){
+ if( 0==sqlite3StrICmp(pCol->zName, zKey) ) return 1;
+ }else if( pCol->colFlags & COLFLAG_PRIMKEY ){
+ return 1;
+ }
+ }
+ }
+ }
+ return 0;
+}
+
+/*
+** Return true if the parser passed as the first argument is being
+** used to code a trigger that is really a "SET NULL" action belonging
+** to trigger pFKey.
+*/
+static int isSetNullAction(Parse *pParse, FKey *pFKey){
+ Parse *pTop = sqlite3ParseToplevel(pParse);
+ if( pTop->pTriggerPrg ){
+ Trigger *p = pTop->pTriggerPrg->pTrigger;
+ if( (p==pFKey->apTrigger[0] && pFKey->aAction[0]==OE_SetNull)
+ || (p==pFKey->apTrigger[1] && pFKey->aAction[1]==OE_SetNull)
+ ){
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** This function is called when inserting, deleting or updating a row of
+** table pTab to generate VDBE code to perform foreign key constraint
+** processing for the operation.
+**
+** For a DELETE operation, parameter regOld is passed the index of the
+** first register in an array of (pTab->nCol+1) registers containing the
+** rowid of the row being deleted, followed by each of the column values
+** of the row being deleted, from left to right. Parameter regNew is passed
+** zero in this case.
+**
+** For an INSERT operation, regOld is passed zero and regNew is passed the
+** first register of an array of (pTab->nCol+1) registers containing the new
+** row data.
+**
+** For an UPDATE operation, this function is called twice. Once before
+** the original record is deleted from the table using the calling convention
+** described for DELETE. Then again after the original record is deleted
+** but before the new record is inserted using the INSERT convention.
+*/
+SQLITE_PRIVATE void sqlite3FkCheck(
+ Parse *pParse, /* Parse context */
+ Table *pTab, /* Row is being deleted from this table */
+ int regOld, /* Previous row data is stored here */
+ int regNew, /* New row data is stored here */
+ int *aChange, /* Array indicating UPDATEd columns (or 0) */
+ int bChngRowid /* True if rowid is UPDATEd */
+){
+ sqlite3 *db = pParse->db; /* Database handle */
+ FKey *pFKey; /* Used to iterate through FKs */
+ int iDb; /* Index of database containing pTab */
+ const char *zDb; /* Name of database containing pTab */
+ int isIgnoreErrors = pParse->disableTriggers;
+
+ /* Exactly one of regOld and regNew should be non-zero. */
+ assert( (regOld==0)!=(regNew==0) );
+
+ /* If foreign-keys are disabled, this function is a no-op. */
+ if( (db->flags&SQLITE_ForeignKeys)==0 ) return;
+
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ zDb = db->aDb[iDb].zName;
+
+ /* Loop through all the foreign key constraints for which pTab is the
+ ** child table (the table that the foreign key definition is part of). */
+ for(pFKey=pTab->pFKey; pFKey; pFKey=pFKey->pNextFrom){
+ Table *pTo; /* Parent table of foreign key pFKey */
+ Index *pIdx = 0; /* Index on key columns in pTo */
+ int *aiFree = 0;
+ int *aiCol;
+ int iCol;
+ int i;
+ int bIgnore = 0;
+
+ if( aChange
+ && sqlite3_stricmp(pTab->zName, pFKey->zTo)!=0
+ && fkChildIsModified(pTab, pFKey, aChange, bChngRowid)==0
+ ){
+ continue;
+ }
+
+ /* Find the parent table of this foreign key. Also find a unique index
+ ** on the parent key columns in the parent table. If either of these
+ ** schema items cannot be located, set an error in pParse and return
+ ** early. */
+ if( pParse->disableTriggers ){
+ pTo = sqlite3FindTable(db, pFKey->zTo, zDb);
+ }else{
+ pTo = sqlite3LocateTable(pParse, 0, pFKey->zTo, zDb);
+ }
+ if( !pTo || sqlite3FkLocateIndex(pParse, pTo, pFKey, &pIdx, &aiFree) ){
+ assert( isIgnoreErrors==0 || (regOld!=0 && regNew==0) );
+ if( !isIgnoreErrors || db->mallocFailed ) return;
+ if( pTo==0 ){
+ /* If isIgnoreErrors is true, then a table is being dropped. In this
+ ** case SQLite runs a "DELETE FROM xxx" on the table being dropped
+ ** before actually dropping it in order to check FK constraints.
+ ** If the parent table of an FK constraint on the current table is
+ ** missing, behave as if it is empty. i.e. decrement the relevant
+ ** FK counter for each row of the current table with non-NULL keys.
+ */
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ int iJump = sqlite3VdbeCurrentAddr(v) + pFKey->nCol + 1;
+ for(i=0; i<pFKey->nCol; i++){
+ int iReg = pFKey->aCol[i].iFrom + regOld + 1;
+ sqlite3VdbeAddOp2(v, OP_IsNull, iReg, iJump); VdbeCoverage(v);
+ }
+ sqlite3VdbeAddOp2(v, OP_FkCounter, pFKey->isDeferred, -1);
+ }
+ continue;
+ }
+ assert( pFKey->nCol==1 || (aiFree && pIdx) );
+
+ if( aiFree ){
+ aiCol = aiFree;
+ }else{
+ iCol = pFKey->aCol[0].iFrom;
+ aiCol = &iCol;
+ }
+ for(i=0; i<pFKey->nCol; i++){
+ if( aiCol[i]==pTab->iPKey ){
+ aiCol[i] = -1;
+ }
+ assert( pIdx==0 || pIdx->aiColumn[i]>=0 );
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ /* Request permission to read the parent key columns. If the
+ ** authorization callback returns SQLITE_IGNORE, behave as if any
+ ** values read from the parent table are NULL. */
+ if( db->xAuth ){
+ int rcauth;
+ char *zCol = pTo->aCol[pIdx ? pIdx->aiColumn[i] : pTo->iPKey].zName;
+ rcauth = sqlite3AuthReadCol(pParse, pTo->zName, zCol, iDb);
+ bIgnore = (rcauth==SQLITE_IGNORE);
+ }
+#endif
+ }
+
+ /* Take a shared-cache advisory read-lock on the parent table. Allocate
+ ** a cursor to use to search the unique index on the parent key columns
+ ** in the parent table. */
+ sqlite3TableLock(pParse, iDb, pTo->tnum, 0, pTo->zName);
+ pParse->nTab++;
+
+ if( regOld!=0 ){
+ /* A row is being removed from the child table. Search for the parent.
+ ** If the parent does not exist, removing the child row resolves an
+ ** outstanding foreign key constraint violation. */
+ fkLookupParent(pParse, iDb, pTo, pIdx, pFKey, aiCol, regOld, -1, bIgnore);
+ }
+ if( regNew!=0 && !isSetNullAction(pParse, pFKey) ){
+ /* A row is being added to the child table. If a parent row cannot
+ ** be found, adding the child row has violated the FK constraint.
+ **
+ ** If this operation is being performed as part of a trigger program
+ ** that is actually a "SET NULL" action belonging to this very
+ ** foreign key, then omit this scan altogether. As all child key
+ ** values are guaranteed to be NULL, it is not possible for adding
+ ** this row to cause an FK violation. */
+ fkLookupParent(pParse, iDb, pTo, pIdx, pFKey, aiCol, regNew, +1, bIgnore);
+ }
+
+ sqlite3DbFree(db, aiFree);
+ }
+
+ /* Loop through all the foreign key constraints that refer to this table.
+ ** (the "child" constraints) */
+ for(pFKey = sqlite3FkReferences(pTab); pFKey; pFKey=pFKey->pNextTo){
+ Index *pIdx = 0; /* Foreign key index for pFKey */
+ SrcList *pSrc;
+ int *aiCol = 0;
+
+ if( aChange && fkParentIsModified(pTab, pFKey, aChange, bChngRowid)==0 ){
+ continue;
+ }
+
+ if( !pFKey->isDeferred && !(db->flags & SQLITE_DeferFKs)
+ && !pParse->pToplevel && !pParse->isMultiWrite
+ ){
+ assert( regOld==0 && regNew!=0 );
+ /* Inserting a single row into a parent table cannot cause (or fix)
+ ** an immediate foreign key violation. So do nothing in this case. */
+ continue;
+ }
+
+ if( sqlite3FkLocateIndex(pParse, pTab, pFKey, &pIdx, &aiCol) ){
+ if( !isIgnoreErrors || db->mallocFailed ) return;
+ continue;
+ }
+ assert( aiCol || pFKey->nCol==1 );
+
+ /* Create a SrcList structure containing the child table. We need the
+ ** child table as a SrcList for sqlite3WhereBegin() */
+ pSrc = sqlite3SrcListAppend(db, 0, 0, 0);
+ if( pSrc ){
+ struct SrcList_item *pItem = pSrc->a;
+ pItem->pTab = pFKey->pFrom;
+ pItem->zName = pFKey->pFrom->zName;
+ pItem->pTab->nRef++;
+ pItem->iCursor = pParse->nTab++;
+
+ if( regNew!=0 ){
+ fkScanChildren(pParse, pSrc, pTab, pIdx, pFKey, aiCol, regNew, -1);
+ }
+ if( regOld!=0 ){
+ int eAction = pFKey->aAction[aChange!=0];
+ fkScanChildren(pParse, pSrc, pTab, pIdx, pFKey, aiCol, regOld, 1);
+ /* If this is a deferred FK constraint, or a CASCADE or SET NULL
+ ** action applies, then any foreign key violations caused by
+ ** removing the parent key will be rectified by the action trigger.
+ ** So do not set the "may-abort" flag in this case.
+ **
+ ** Note 1: If the FK is declared "ON UPDATE CASCADE", then the
+ ** may-abort flag will eventually be set on this statement anyway
+ ** (when this function is called as part of processing the UPDATE
+ ** within the action trigger).
+ **
+ ** Note 2: At first glance it may seem like SQLite could simply omit
+ ** all OP_FkCounter related scans when either CASCADE or SET NULL
+ ** applies. The trouble starts if the CASCADE or SET NULL action
+ ** trigger causes other triggers or action rules attached to the
+ ** child table to fire. In these cases the fk constraint counters
+ ** might be set incorrectly if any OP_FkCounter related scans are
+ ** omitted. */
+ if( !pFKey->isDeferred && eAction!=OE_Cascade && eAction!=OE_SetNull ){
+ sqlite3MayAbort(pParse);
+ }
+ }
+ pItem->zName = 0;
+ sqlite3SrcListDelete(db, pSrc);
+ }
+ sqlite3DbFree(db, aiCol);
+ }
+}
+
+#define COLUMN_MASK(x) (((x)>31) ? 0xffffffff : ((u32)1<<(x)))
+
+/*
+** This function is called before generating code to update or delete a
+** row contained in table pTab.
+*/
+SQLITE_PRIVATE u32 sqlite3FkOldmask(
+ Parse *pParse, /* Parse context */
+ Table *pTab /* Table being modified */
+){
+ u32 mask = 0;
+ if( pParse->db->flags&SQLITE_ForeignKeys ){
+ FKey *p;
+ int i;
+ for(p=pTab->pFKey; p; p=p->pNextFrom){
+ for(i=0; i<p->nCol; i++) mask |= COLUMN_MASK(p->aCol[i].iFrom);
+ }
+ for(p=sqlite3FkReferences(pTab); p; p=p->pNextTo){
+ Index *pIdx = 0;
+ sqlite3FkLocateIndex(pParse, pTab, p, &pIdx, 0);
+ if( pIdx ){
+ for(i=0; i<pIdx->nKeyCol; i++){
+ assert( pIdx->aiColumn[i]>=0 );
+ mask |= COLUMN_MASK(pIdx->aiColumn[i]);
+ }
+ }
+ }
+ }
+ return mask;
+}
+
+
+/*
+** This function is called before generating code to update or delete a
+** row contained in table pTab. If the operation is a DELETE, then
+** parameter aChange is passed a NULL value. For an UPDATE, aChange points
+** to an array of size N, where N is the number of columns in table pTab.
+** If the i'th column is not modified by the UPDATE, then the corresponding
+** entry in the aChange[] array is set to -1. If the column is modified,
+** the value is 0 or greater. Parameter chngRowid is set to true if the
+** UPDATE statement modifies the rowid fields of the table.
+**
+** If any foreign key processing will be required, this function returns
+** true. If there is no foreign key related processing, this function
+** returns false.
+*/
+SQLITE_PRIVATE int sqlite3FkRequired(
+ Parse *pParse, /* Parse context */
+ Table *pTab, /* Table being modified */
+ int *aChange, /* Non-NULL for UPDATE operations */
+ int chngRowid /* True for UPDATE that affects rowid */
+){
+ if( pParse->db->flags&SQLITE_ForeignKeys ){
+ if( !aChange ){
+ /* A DELETE operation. Foreign key processing is required if the
+ ** table in question is either the child or parent table for any
+ ** foreign key constraint. */
+ return (sqlite3FkReferences(pTab) || pTab->pFKey);
+ }else{
+ /* This is an UPDATE. Foreign key processing is only required if the
+ ** operation modifies one or more child or parent key columns. */
+ FKey *p;
+
+ /* Check if any child key columns are being modified. */
+ for(p=pTab->pFKey; p; p=p->pNextFrom){
+ if( fkChildIsModified(pTab, p, aChange, chngRowid) ) return 1;
+ }
+
+ /* Check if any parent key columns are being modified. */
+ for(p=sqlite3FkReferences(pTab); p; p=p->pNextTo){
+ if( fkParentIsModified(pTab, p, aChange, chngRowid) ) return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+/*
+** This function is called when an UPDATE or DELETE operation is being
+** compiled on table pTab, which is the parent table of foreign-key pFKey.
+** If the current operation is an UPDATE, then the pChanges parameter is
+** passed a pointer to the list of columns being modified. If it is a
+** DELETE, pChanges is passed a NULL pointer.
+**
+** It returns a pointer to a Trigger structure containing a trigger
+** equivalent to the ON UPDATE or ON DELETE action specified by pFKey.
+** If the action is "NO ACTION" or "RESTRICT", then a NULL pointer is
+** returned (these actions require no special handling by the triggers
+** sub-system, code for them is created by fkScanChildren()).
+**
+** For example, if pFKey is the foreign key and pTab is table "p" in
+** the following schema:
+**
+** CREATE TABLE p(pk PRIMARY KEY);
+** CREATE TABLE c(ck REFERENCES p ON DELETE CASCADE);
+**
+** then the returned trigger structure is equivalent to:
+**
+** CREATE TRIGGER ... DELETE ON p BEGIN
+** DELETE FROM c WHERE ck = old.pk;
+** END;
+**
+** The returned pointer is cached as part of the foreign key object. It
+** is eventually freed along with the rest of the foreign key object by
+** sqlite3FkDelete().
+*/
+static Trigger *fkActionTrigger(
+ Parse *pParse, /* Parse context */
+ Table *pTab, /* Table being updated or deleted from */
+ FKey *pFKey, /* Foreign key to get action for */
+ ExprList *pChanges /* Change-list for UPDATE, NULL for DELETE */
+){
+ sqlite3 *db = pParse->db; /* Database handle */
+ int action; /* One of OE_None, OE_Cascade etc. */
+ Trigger *pTrigger; /* Trigger definition to return */
+ int iAction = (pChanges!=0); /* 1 for UPDATE, 0 for DELETE */
+
+ action = pFKey->aAction[iAction];
+ pTrigger = pFKey->apTrigger[iAction];
+
+ if( action!=OE_None && !pTrigger ){
+ u8 enableLookaside; /* Copy of db->lookaside.bEnabled */
+ char const *zFrom; /* Name of child table */
+ int nFrom; /* Length in bytes of zFrom */
+ Index *pIdx = 0; /* Parent key index for this FK */
+ int *aiCol = 0; /* child table cols -> parent key cols */
+ TriggerStep *pStep = 0; /* First (only) step of trigger program */
+ Expr *pWhere = 0; /* WHERE clause of trigger step */
+ ExprList *pList = 0; /* Changes list if ON UPDATE CASCADE */
+ Select *pSelect = 0; /* If RESTRICT, "SELECT RAISE(...)" */
+ int i; /* Iterator variable */
+ Expr *pWhen = 0; /* WHEN clause for the trigger */
+
+ if( sqlite3FkLocateIndex(pParse, pTab, pFKey, &pIdx, &aiCol) ) return 0;
+ assert( aiCol || pFKey->nCol==1 );
+
+ for(i=0; i<pFKey->nCol; i++){
+ Token tOld = { "old", 3 }; /* Literal "old" token */
+ Token tNew = { "new", 3 }; /* Literal "new" token */
+ Token tFromCol; /* Name of column in child table */
+ Token tToCol; /* Name of column in parent table */
+ int iFromCol; /* Idx of column in child table */
+ Expr *pEq; /* tFromCol = OLD.tToCol */
+
+ iFromCol = aiCol ? aiCol[i] : pFKey->aCol[0].iFrom;
+ assert( iFromCol>=0 );
+ assert( pIdx!=0 || (pTab->iPKey>=0 && pTab->iPKey<pTab->nCol) );
+ assert( pIdx==0 || pIdx->aiColumn[i]>=0 );
+ tToCol.z = pTab->aCol[pIdx ? pIdx->aiColumn[i] : pTab->iPKey].zName;
+ tFromCol.z = pFKey->pFrom->aCol[iFromCol].zName;
+
+ tToCol.n = sqlite3Strlen30(tToCol.z);
+ tFromCol.n = sqlite3Strlen30(tFromCol.z);
+
+ /* Create the expression "OLD.zToCol = zFromCol". It is important
+ ** that the "OLD.zToCol" term is on the LHS of the = operator, so
+ ** that the affinity and collation sequence associated with the
+ ** parent table are used for the comparison. */
+ pEq = sqlite3PExpr(pParse, TK_EQ,
+ sqlite3PExpr(pParse, TK_DOT,
+ sqlite3ExprAlloc(db, TK_ID, &tOld, 0),
+ sqlite3ExprAlloc(db, TK_ID, &tToCol, 0)
+ , 0),
+ sqlite3ExprAlloc(db, TK_ID, &tFromCol, 0)
+ , 0);
+ pWhere = sqlite3ExprAnd(db, pWhere, pEq);
+
+ /* For ON UPDATE, construct the next term of the WHEN clause.
+ ** The final WHEN clause will be like this:
+ **
+ ** WHEN NOT(old.col1 IS new.col1 AND ... AND old.colN IS new.colN)
+ */
+ if( pChanges ){
+ pEq = sqlite3PExpr(pParse, TK_IS,
+ sqlite3PExpr(pParse, TK_DOT,
+ sqlite3ExprAlloc(db, TK_ID, &tOld, 0),
+ sqlite3ExprAlloc(db, TK_ID, &tToCol, 0),
+ 0),
+ sqlite3PExpr(pParse, TK_DOT,
+ sqlite3ExprAlloc(db, TK_ID, &tNew, 0),
+ sqlite3ExprAlloc(db, TK_ID, &tToCol, 0),
+ 0),
+ 0);
+ pWhen = sqlite3ExprAnd(db, pWhen, pEq);
+ }
+
+ if( action!=OE_Restrict && (action!=OE_Cascade || pChanges) ){
+ Expr *pNew;
+ if( action==OE_Cascade ){
+ pNew = sqlite3PExpr(pParse, TK_DOT,
+ sqlite3ExprAlloc(db, TK_ID, &tNew, 0),
+ sqlite3ExprAlloc(db, TK_ID, &tToCol, 0)
+ , 0);
+ }else if( action==OE_SetDflt ){
+ Expr *pDflt = pFKey->pFrom->aCol[iFromCol].pDflt;
+ if( pDflt ){
+ pNew = sqlite3ExprDup(db, pDflt, 0);
+ }else{
+ pNew = sqlite3PExpr(pParse, TK_NULL, 0, 0, 0);
+ }
+ }else{
+ pNew = sqlite3PExpr(pParse, TK_NULL, 0, 0, 0);
+ }
+ pList = sqlite3ExprListAppend(pParse, pList, pNew);
+ sqlite3ExprListSetName(pParse, pList, &tFromCol, 0);
+ }
+ }
+ sqlite3DbFree(db, aiCol);
+
+ zFrom = pFKey->pFrom->zName;
+ nFrom = sqlite3Strlen30(zFrom);
+
+ if( action==OE_Restrict ){
+ Token tFrom;
+ Expr *pRaise;
+
+ tFrom.z = zFrom;
+ tFrom.n = nFrom;
+ pRaise = sqlite3Expr(db, TK_RAISE, "FOREIGN KEY constraint failed");
+ if( pRaise ){
+ pRaise->affinity = OE_Abort;
+ }
+ pSelect = sqlite3SelectNew(pParse,
+ sqlite3ExprListAppend(pParse, 0, pRaise),
+ sqlite3SrcListAppend(db, 0, &tFrom, 0),
+ pWhere,
+ 0, 0, 0, 0, 0, 0
+ );
+ pWhere = 0;
+ }
+
+ /* Disable lookaside memory allocation */
+ enableLookaside = db->lookaside.bEnabled;
+ db->lookaside.bEnabled = 0;
+
+ pTrigger = (Trigger *)sqlite3DbMallocZero(db,
+ sizeof(Trigger) + /* struct Trigger */
+ sizeof(TriggerStep) + /* Single step in trigger program */
+ nFrom + 1 /* Space for pStep->zTarget */
+ );
+ if( pTrigger ){
+ pStep = pTrigger->step_list = (TriggerStep *)&pTrigger[1];
+ pStep->zTarget = (char *)&pStep[1];
+ memcpy((char *)pStep->zTarget, zFrom, nFrom);
+
+ pStep->pWhere = sqlite3ExprDup(db, pWhere, EXPRDUP_REDUCE);
+ pStep->pExprList = sqlite3ExprListDup(db, pList, EXPRDUP_REDUCE);
+ pStep->pSelect = sqlite3SelectDup(db, pSelect, EXPRDUP_REDUCE);
+ if( pWhen ){
+ pWhen = sqlite3PExpr(pParse, TK_NOT, pWhen, 0, 0);
+ pTrigger->pWhen = sqlite3ExprDup(db, pWhen, EXPRDUP_REDUCE);
+ }
+ }
+
+ /* Re-enable the lookaside buffer, if it was disabled earlier. */
+ db->lookaside.bEnabled = enableLookaside;
+
+ sqlite3ExprDelete(db, pWhere);
+ sqlite3ExprDelete(db, pWhen);
+ sqlite3ExprListDelete(db, pList);
+ sqlite3SelectDelete(db, pSelect);
+ if( db->mallocFailed==1 ){
+ fkTriggerDelete(db, pTrigger);
+ return 0;
+ }
+ assert( pStep!=0 );
+
+ switch( action ){
+ case OE_Restrict:
+ pStep->op = TK_SELECT;
+ break;
+ case OE_Cascade:
+ if( !pChanges ){
+ pStep->op = TK_DELETE;
+ break;
+ }
+ default:
+ pStep->op = TK_UPDATE;
+ }
+ pStep->pTrig = pTrigger;
+ pTrigger->pSchema = pTab->pSchema;
+ pTrigger->pTabSchema = pTab->pSchema;
+ pFKey->apTrigger[iAction] = pTrigger;
+ pTrigger->op = (pChanges ? TK_UPDATE : TK_DELETE);
+ }
+
+ return pTrigger;
+}
+
+/*
+** This function is called when deleting or updating a row to implement
+** any required CASCADE, SET NULL or SET DEFAULT actions.
+*/
+SQLITE_PRIVATE void sqlite3FkActions(
+ Parse *pParse, /* Parse context */
+ Table *pTab, /* Table being updated or deleted from */
+ ExprList *pChanges, /* Change-list for UPDATE, NULL for DELETE */
+ int regOld, /* Address of array containing old row */
+ int *aChange, /* Array indicating UPDATEd columns (or 0) */
+ int bChngRowid /* True if rowid is UPDATEd */
+){
+ /* If foreign-key support is enabled, iterate through all FKs that
+ ** refer to table pTab. If there is an action associated with the FK
+ ** for this operation (either update or delete), invoke the associated
+ ** trigger sub-program. */
+ if( pParse->db->flags&SQLITE_ForeignKeys ){
+ FKey *pFKey; /* Iterator variable */
+ for(pFKey = sqlite3FkReferences(pTab); pFKey; pFKey=pFKey->pNextTo){
+ if( aChange==0 || fkParentIsModified(pTab, pFKey, aChange, bChngRowid) ){
+ Trigger *pAct = fkActionTrigger(pParse, pTab, pFKey, pChanges);
+ if( pAct ){
+ sqlite3CodeRowTriggerDirect(pParse, pAct, pTab, regOld, OE_Abort, 0);
+ }
+ }
+ }
+ }
+}
+
+#endif /* ifndef SQLITE_OMIT_TRIGGER */
+
+/*
+** Free all memory associated with foreign key definitions attached to
+** table pTab. Remove the deleted foreign keys from the Schema.fkeyHash
+** hash table.
+*/
+SQLITE_PRIVATE void sqlite3FkDelete(sqlite3 *db, Table *pTab){
+ FKey *pFKey; /* Iterator variable */
+ FKey *pNext; /* Copy of pFKey->pNextFrom */
+
+ assert( db==0 || sqlite3SchemaMutexHeld(db, 0, pTab->pSchema) );
+ for(pFKey=pTab->pFKey; pFKey; pFKey=pNext){
+
+ /* Remove the FK from the fkeyHash hash table. */
+ if( !db || db->pnBytesFreed==0 ){
+ if( pFKey->pPrevTo ){
+ pFKey->pPrevTo->pNextTo = pFKey->pNextTo;
+ }else{
+ void *p = (void *)pFKey->pNextTo;
+ const char *z = (p ? pFKey->pNextTo->zTo : pFKey->zTo);
+ sqlite3HashInsert(&pTab->pSchema->fkeyHash, z, p);
+ }
+ if( pFKey->pNextTo ){
+ pFKey->pNextTo->pPrevTo = pFKey->pPrevTo;
+ }
+ }
+
+ /* EV: R-30323-21917 Each foreign key constraint in SQLite is
+ ** classified as either immediate or deferred.
+ */
+ assert( pFKey->isDeferred==0 || pFKey->isDeferred==1 );
+
+ /* Delete any triggers created to implement actions for this FK. */
+#ifndef SQLITE_OMIT_TRIGGER
+ fkTriggerDelete(db, pFKey->apTrigger[0]);
+ fkTriggerDelete(db, pFKey->apTrigger[1]);
+#endif
+
+ pNext = pFKey->pNextFrom;
+ sqlite3DbFree(db, pFKey);
+ }
+}
+#endif /* ifndef SQLITE_OMIT_FOREIGN_KEY */
+
+/************** End of fkey.c ************************************************/
+/************** Begin file insert.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains C code routines that are called by the parser
+** to handle INSERT statements in SQLite.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** Generate code that will
+**
+** (1) acquire a lock for table pTab then
+** (2) open pTab as cursor iCur.
+**
+** If pTab is a WITHOUT ROWID table, then it is the PRIMARY KEY index
+** for that table that is actually opened.
+*/
+SQLITE_PRIVATE void sqlite3OpenTable(
+ Parse *pParse, /* Generate code into this VDBE */
+ int iCur, /* The cursor number of the table */
+ int iDb, /* The database index in sqlite3.aDb[] */
+ Table *pTab, /* The table to be opened */
+ int opcode /* OP_OpenRead or OP_OpenWrite */
+){
+ Vdbe *v;
+ assert( !IsVirtual(pTab) );
+ v = sqlite3GetVdbe(pParse);
+ assert( opcode==OP_OpenWrite || opcode==OP_OpenRead );
+ sqlite3TableLock(pParse, iDb, pTab->tnum,
+ (opcode==OP_OpenWrite)?1:0, pTab->zName);
+ if( HasRowid(pTab) ){
+ sqlite3VdbeAddOp4Int(v, opcode, iCur, pTab->tnum, iDb, pTab->nCol);
+ VdbeComment((v, "%s", pTab->zName));
+ }else{
+ Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+ assert( pPk!=0 );
+ assert( pPk->tnum==pTab->tnum );
+ sqlite3VdbeAddOp3(v, opcode, iCur, pPk->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pPk);
+ VdbeComment((v, "%s", pTab->zName));
+ }
+}
+
+/*
+** Return a pointer to the column affinity string associated with index
+** pIdx. A column affinity string has one character for each column in
+** the table, according to the affinity of the column:
+**
+** Character Column affinity
+** ------------------------------
+** 'A' BLOB
+** 'B' TEXT
+** 'C' NUMERIC
+** 'D' INTEGER
+** 'F' REAL
+**
+** An extra 'D' is appended to the end of the string to cover the
+** rowid that appears as the last column in every index.
+**
+** Memory for the buffer containing the column index affinity string
+** is managed along with the rest of the Index structure. It will be
+** released when sqlite3DeleteIndex() is called.
+*/
+SQLITE_PRIVATE const char *sqlite3IndexAffinityStr(sqlite3 *db, Index *pIdx){
+ if( !pIdx->zColAff ){
+ /* The first time a column affinity string for a particular index is
+ ** required, it is allocated and populated here. It is then stored as
+ ** a member of the Index structure for subsequent use.
+ **
+ ** The column affinity string will eventually be deleted by
+ ** sqliteDeleteIndex() when the Index structure itself is cleaned
+ ** up.
+ */
+ int n;
+ Table *pTab = pIdx->pTable;
+ pIdx->zColAff = (char *)sqlite3DbMallocRaw(0, pIdx->nColumn+1);
+ if( !pIdx->zColAff ){
+ db->mallocFailed = 1;
+ return 0;
+ }
+ for(n=0; n<pIdx->nColumn; n++){
+ i16 x = pIdx->aiColumn[n];
+ if( x>=0 ){
+ pIdx->zColAff[n] = pTab->aCol[x].affinity;
+ }else if( x==XN_ROWID ){
+ pIdx->zColAff[n] = SQLITE_AFF_INTEGER;
+ }else{
+ char aff;
+ assert( x==XN_EXPR );
+ assert( pIdx->aColExpr!=0 );
+ aff = sqlite3ExprAffinity(pIdx->aColExpr->a[n].pExpr);
+ if( aff==0 ) aff = SQLITE_AFF_BLOB;
+ pIdx->zColAff[n] = aff;
+ }
+ }
+ pIdx->zColAff[n] = 0;
+ }
+
+ return pIdx->zColAff;
+}
+
+/*
+** Compute the affinity string for table pTab, if it has not already been
+** computed. As an optimization, omit trailing SQLITE_AFF_BLOB affinities.
+**
+** If the affinity exists (if it is no entirely SQLITE_AFF_BLOB values) and
+** if iReg>0 then code an OP_Affinity opcode that will set the affinities
+** for register iReg and following. Or if affinities exists and iReg==0,
+** then just set the P4 operand of the previous opcode (which should be
+** an OP_MakeRecord) to the affinity string.
+**
+** A column affinity string has one character per column:
+**
+** Character Column affinity
+** ------------------------------
+** 'A' BLOB
+** 'B' TEXT
+** 'C' NUMERIC
+** 'D' INTEGER
+** 'E' REAL
+*/
+SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe *v, Table *pTab, int iReg){
+ int i;
+ char *zColAff = pTab->zColAff;
+ if( zColAff==0 ){
+ sqlite3 *db = sqlite3VdbeDb(v);
+ zColAff = (char *)sqlite3DbMallocRaw(0, pTab->nCol+1);
+ if( !zColAff ){
+ db->mallocFailed = 1;
+ return;
+ }
+
+ for(i=0; i<pTab->nCol; i++){
+ zColAff[i] = pTab->aCol[i].affinity;
+ }
+ do{
+ zColAff[i--] = 0;
+ }while( i>=0 && zColAff[i]==SQLITE_AFF_BLOB );
+ pTab->zColAff = zColAff;
+ }
+ i = sqlite3Strlen30(zColAff);
+ if( i ){
+ if( iReg ){
+ sqlite3VdbeAddOp4(v, OP_Affinity, iReg, i, 0, zColAff, i);
+ }else{
+ sqlite3VdbeChangeP4(v, -1, zColAff, i);
+ }
+ }
+}
+
+/*
+** Return non-zero if the table pTab in database iDb or any of its indices
+** have been opened at any point in the VDBE program. This is used to see if
+** a statement of the form "INSERT INTO <iDb, pTab> SELECT ..." can
+** run without using a temporary table for the results of the SELECT.
+*/
+static int readsTable(Parse *p, int iDb, Table *pTab){
+ Vdbe *v = sqlite3GetVdbe(p);
+ int i;
+ int iEnd = sqlite3VdbeCurrentAddr(v);
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ VTable *pVTab = IsVirtual(pTab) ? sqlite3GetVTable(p->db, pTab) : 0;
+#endif
+
+ for(i=1; i<iEnd; i++){
+ VdbeOp *pOp = sqlite3VdbeGetOp(v, i);
+ assert( pOp!=0 );
+ if( pOp->opcode==OP_OpenRead && pOp->p3==iDb ){
+ Index *pIndex;
+ int tnum = pOp->p2;
+ if( tnum==pTab->tnum ){
+ return 1;
+ }
+ for(pIndex=pTab->pIndex; pIndex; pIndex=pIndex->pNext){
+ if( tnum==pIndex->tnum ){
+ return 1;
+ }
+ }
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( pOp->opcode==OP_VOpen && pOp->p4.pVtab==pVTab ){
+ assert( pOp->p4.pVtab!=0 );
+ assert( pOp->p4type==P4_VTAB );
+ return 1;
+ }
+#endif
+ }
+ return 0;
+}
+
+#ifndef SQLITE_OMIT_AUTOINCREMENT
+/*
+** Locate or create an AutoincInfo structure associated with table pTab
+** which is in database iDb. Return the register number for the register
+** that holds the maximum rowid.
+**
+** There is at most one AutoincInfo structure per table even if the
+** same table is autoincremented multiple times due to inserts within
+** triggers. A new AutoincInfo structure is created if this is the
+** first use of table pTab. On 2nd and subsequent uses, the original
+** AutoincInfo structure is used.
+**
+** Three memory locations are allocated:
+**
+** (1) Register to hold the name of the pTab table.
+** (2) Register to hold the maximum ROWID of pTab.
+** (3) Register to hold the rowid in sqlite_sequence of pTab
+**
+** The 2nd register is the one that is returned. That is all the
+** insert routine needs to know about.
+*/
+static int autoIncBegin(
+ Parse *pParse, /* Parsing context */
+ int iDb, /* Index of the database holding pTab */
+ Table *pTab /* The table we are writing to */
+){
+ int memId = 0; /* Register holding maximum rowid */
+ if( pTab->tabFlags & TF_Autoincrement ){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ AutoincInfo *pInfo;
+
+ pInfo = pToplevel->pAinc;
+ while( pInfo && pInfo->pTab!=pTab ){ pInfo = pInfo->pNext; }
+ if( pInfo==0 ){
+ pInfo = sqlite3DbMallocRaw(pParse->db, sizeof(*pInfo));
+ if( pInfo==0 ) return 0;
+ pInfo->pNext = pToplevel->pAinc;
+ pToplevel->pAinc = pInfo;
+ pInfo->pTab = pTab;
+ pInfo->iDb = iDb;
+ pToplevel->nMem++; /* Register to hold name of table */
+ pInfo->regCtr = ++pToplevel->nMem; /* Max rowid register */
+ pToplevel->nMem++; /* Rowid in sqlite_sequence */
+ }
+ memId = pInfo->regCtr;
+ }
+ return memId;
+}
+
+/*
+** This routine generates code that will initialize all of the
+** register used by the autoincrement tracker.
+*/
+SQLITE_PRIVATE void sqlite3AutoincrementBegin(Parse *pParse){
+ AutoincInfo *p; /* Information about an AUTOINCREMENT */
+ sqlite3 *db = pParse->db; /* The database connection */
+ Db *pDb; /* Database only autoinc table */
+ int memId; /* Register holding max rowid */
+ int addr; /* A VDBE address */
+ Vdbe *v = pParse->pVdbe; /* VDBE under construction */
+
+ /* This routine is never called during trigger-generation. It is
+ ** only called from the top-level */
+ assert( pParse->pTriggerTab==0 );
+ assert( sqlite3IsToplevel(pParse) );
+
+ assert( v ); /* We failed long ago if this is not so */
+ for(p = pParse->pAinc; p; p = p->pNext){
+ pDb = &db->aDb[p->iDb];
+ memId = p->regCtr;
+ assert( sqlite3SchemaMutexHeld(db, 0, pDb->pSchema) );
+ sqlite3OpenTable(pParse, 0, p->iDb, pDb->pSchema->pSeqTab, OP_OpenRead);
+ sqlite3VdbeAddOp3(v, OP_Null, 0, memId, memId+1);
+ addr = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeLoadString(v, memId-1, p->pTab->zName);
+ sqlite3VdbeAddOp2(v, OP_Rewind, 0, addr+9); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_Column, 0, 0, memId);
+ sqlite3VdbeAddOp3(v, OP_Ne, memId-1, addr+7, memId); VdbeCoverage(v);
+ sqlite3VdbeChangeP5(v, SQLITE_JUMPIFNULL);
+ sqlite3VdbeAddOp2(v, OP_Rowid, 0, memId+1);
+ sqlite3VdbeAddOp3(v, OP_Column, 0, 1, memId);
+ sqlite3VdbeGoto(v, addr+9);
+ sqlite3VdbeAddOp2(v, OP_Next, 0, addr+2); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, memId);
+ sqlite3VdbeAddOp0(v, OP_Close);
+ }
+}
+
+/*
+** Update the maximum rowid for an autoincrement calculation.
+**
+** This routine should be called when the top of the stack holds a
+** new rowid that is about to be inserted. If that new rowid is
+** larger than the maximum rowid in the memId memory cell, then the
+** memory cell is updated. The stack is unchanged.
+*/
+static void autoIncStep(Parse *pParse, int memId, int regRowid){
+ if( memId>0 ){
+ sqlite3VdbeAddOp2(pParse->pVdbe, OP_MemMax, memId, regRowid);
+ }
+}
+
+/*
+** This routine generates the code needed to write autoincrement
+** maximum rowid values back into the sqlite_sequence register.
+** Every statement that might do an INSERT into an autoincrement
+** table (either directly or through triggers) needs to call this
+** routine just before the "exit" code.
+*/
+SQLITE_PRIVATE void sqlite3AutoincrementEnd(Parse *pParse){
+ AutoincInfo *p;
+ Vdbe *v = pParse->pVdbe;
+ sqlite3 *db = pParse->db;
+
+ assert( v );
+ for(p = pParse->pAinc; p; p = p->pNext){
+ Db *pDb = &db->aDb[p->iDb];
+ int addr1;
+ int iRec;
+ int memId = p->regCtr;
+
+ iRec = sqlite3GetTempReg(pParse);
+ assert( sqlite3SchemaMutexHeld(db, 0, pDb->pSchema) );
+ sqlite3OpenTable(pParse, 0, p->iDb, pDb->pSchema->pSeqTab, OP_OpenWrite);
+ addr1 = sqlite3VdbeAddOp1(v, OP_NotNull, memId+1); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, 0, memId+1);
+ sqlite3VdbeJumpHere(v, addr1);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, memId-1, 2, iRec);
+ sqlite3VdbeAddOp3(v, OP_Insert, 0, iRec, memId+1);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+ sqlite3VdbeAddOp0(v, OP_Close);
+ sqlite3ReleaseTempReg(pParse, iRec);
+ }
+}
+#else
+/*
+** If SQLITE_OMIT_AUTOINCREMENT is defined, then the three routines
+** above are all no-ops
+*/
+# define autoIncBegin(A,B,C) (0)
+# define autoIncStep(A,B,C)
+#endif /* SQLITE_OMIT_AUTOINCREMENT */
+
+
+/* Forward declaration */
+static int xferOptimization(
+ Parse *pParse, /* Parser context */
+ Table *pDest, /* The table we are inserting into */
+ Select *pSelect, /* A SELECT statement to use as the data source */
+ int onError, /* How to handle constraint errors */
+ int iDbDest /* The database of pDest */
+);
+
+/*
+** This routine is called to handle SQL of the following forms:
+**
+** insert into TABLE (IDLIST) values(EXPRLIST),(EXPRLIST),...
+** insert into TABLE (IDLIST) select
+** insert into TABLE (IDLIST) default values
+**
+** The IDLIST following the table name is always optional. If omitted,
+** then a list of all (non-hidden) columns for the table is substituted.
+** The IDLIST appears in the pColumn parameter. pColumn is NULL if IDLIST
+** is omitted.
+**
+** For the pSelect parameter holds the values to be inserted for the
+** first two forms shown above. A VALUES clause is really just short-hand
+** for a SELECT statement that omits the FROM clause and everything else
+** that follows. If the pSelect parameter is NULL, that means that the
+** DEFAULT VALUES form of the INSERT statement is intended.
+**
+** The code generated follows one of four templates. For a simple
+** insert with data coming from a single-row VALUES clause, the code executes
+** once straight down through. Pseudo-code follows (we call this
+** the "1st template"):
+**
+** open write cursor to <table> and its indices
+** put VALUES clause expressions into registers
+** write the resulting record into <table>
+** cleanup
+**
+** The three remaining templates assume the statement is of the form
+**
+** INSERT INTO <table> SELECT ...
+**
+** If the SELECT clause is of the restricted form "SELECT * FROM <table2>" -
+** in other words if the SELECT pulls all columns from a single table
+** and there is no WHERE or LIMIT or GROUP BY or ORDER BY clauses, and
+** if <table2> and <table1> are distinct tables but have identical
+** schemas, including all the same indices, then a special optimization
+** is invoked that copies raw records from <table2> over to <table1>.
+** See the xferOptimization() function for the implementation of this
+** template. This is the 2nd template.
+**
+** open a write cursor to <table>
+** open read cursor on <table2>
+** transfer all records in <table2> over to <table>
+** close cursors
+** foreach index on <table>
+** open a write cursor on the <table> index
+** open a read cursor on the corresponding <table2> index
+** transfer all records from the read to the write cursors
+** close cursors
+** end foreach
+**
+** The 3rd template is for when the second template does not apply
+** and the SELECT clause does not read from <table> at any time.
+** The generated code follows this template:
+**
+** X <- A
+** goto B
+** A: setup for the SELECT
+** loop over the rows in the SELECT
+** load values into registers R..R+n
+** yield X
+** end loop
+** cleanup after the SELECT
+** end-coroutine X
+** B: open write cursor to <table> and its indices
+** C: yield X, at EOF goto D
+** insert the select result into <table> from R..R+n
+** goto C
+** D: cleanup
+**
+** The 4th template is used if the insert statement takes its
+** values from a SELECT but the data is being inserted into a table
+** that is also read as part of the SELECT. In the third form,
+** we have to use an intermediate table to store the results of
+** the select. The template is like this:
+**
+** X <- A
+** goto B
+** A: setup for the SELECT
+** loop over the tables in the SELECT
+** load value into register R..R+n
+** yield X
+** end loop
+** cleanup after the SELECT
+** end co-routine R
+** B: open temp table
+** L: yield X, at EOF goto M
+** insert row from R..R+n into temp table
+** goto L
+** M: open write cursor to <table> and its indices
+** rewind temp table
+** C: loop over rows of intermediate table
+** transfer values form intermediate table into <table>
+** end loop
+** D: cleanup
+*/
+SQLITE_PRIVATE void sqlite3Insert(
+ Parse *pParse, /* Parser context */
+ SrcList *pTabList, /* Name of table into which we are inserting */
+ Select *pSelect, /* A SELECT statement to use as the data source */
+ IdList *pColumn, /* Column names corresponding to IDLIST. */
+ int onError /* How to handle constraint errors */
+){
+ sqlite3 *db; /* The main database structure */
+ Table *pTab; /* The table to insert into. aka TABLE */
+ char *zTab; /* Name of the table into which we are inserting */
+ const char *zDb; /* Name of the database holding this table */
+ int i, j, idx; /* Loop counters */
+ Vdbe *v; /* Generate code into this virtual machine */
+ Index *pIdx; /* For looping over indices of the table */
+ int nColumn; /* Number of columns in the data */
+ int nHidden = 0; /* Number of hidden columns if TABLE is virtual */
+ int iDataCur = 0; /* VDBE cursor that is the main data repository */
+ int iIdxCur = 0; /* First index cursor */
+ int ipkColumn = -1; /* Column that is the INTEGER PRIMARY KEY */
+ int endOfLoop; /* Label for the end of the insertion loop */
+ int srcTab = 0; /* Data comes from this temporary cursor if >=0 */
+ int addrInsTop = 0; /* Jump to label "D" */
+ int addrCont = 0; /* Top of insert loop. Label "C" in templates 3 and 4 */
+ SelectDest dest; /* Destination for SELECT on rhs of INSERT */
+ int iDb; /* Index of database holding TABLE */
+ Db *pDb; /* The database containing table being inserted into */
+ u8 useTempTable = 0; /* Store SELECT results in intermediate table */
+ u8 appendFlag = 0; /* True if the insert is likely to be an append */
+ u8 withoutRowid; /* 0 for normal table. 1 for WITHOUT ROWID table */
+ u8 bIdListInOrder; /* True if IDLIST is in table order */
+ ExprList *pList = 0; /* List of VALUES() to be inserted */
+
+ /* Register allocations */
+ int regFromSelect = 0;/* Base register for data coming from SELECT */
+ int regAutoinc = 0; /* Register holding the AUTOINCREMENT counter */
+ int regRowCount = 0; /* Memory cell used for the row counter */
+ int regIns; /* Block of regs holding rowid+data being inserted */
+ int regRowid; /* registers holding insert rowid */
+ int regData; /* register holding first column to insert */
+ int *aRegIdx = 0; /* One register allocated to each index */
+
+#ifndef SQLITE_OMIT_TRIGGER
+ int isView; /* True if attempting to insert into a view */
+ Trigger *pTrigger; /* List of triggers on pTab, if required */
+ int tmask; /* Mask of trigger times */
+#endif
+
+ db = pParse->db;
+ memset(&dest, 0, sizeof(dest));
+ if( pParse->nErr || db->mallocFailed ){
+ goto insert_cleanup;
+ }
+
+ /* If the Select object is really just a simple VALUES() list with a
+ ** single row (the common case) then keep that one row of values
+ ** and discard the other (unused) parts of the pSelect object
+ */
+ if( pSelect && (pSelect->selFlags & SF_Values)!=0 && pSelect->pPrior==0 ){
+ pList = pSelect->pEList;
+ pSelect->pEList = 0;
+ sqlite3SelectDelete(db, pSelect);
+ pSelect = 0;
+ }
+
+ /* Locate the table into which we will be inserting new information.
+ */
+ assert( pTabList->nSrc==1 );
+ zTab = pTabList->a[0].zName;
+ if( NEVER(zTab==0) ) goto insert_cleanup;
+ pTab = sqlite3SrcListLookup(pParse, pTabList);
+ if( pTab==0 ){
+ goto insert_cleanup;
+ }
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ assert( iDb<db->nDb );
+ pDb = &db->aDb[iDb];
+ zDb = pDb->zName;
+ if( sqlite3AuthCheck(pParse, SQLITE_INSERT, pTab->zName, 0, zDb) ){
+ goto insert_cleanup;
+ }
+ withoutRowid = !HasRowid(pTab);
+
+ /* Figure out if we have any triggers and if the table being
+ ** inserted into is a view
+ */
+#ifndef SQLITE_OMIT_TRIGGER
+ pTrigger = sqlite3TriggersExist(pParse, pTab, TK_INSERT, 0, &tmask);
+ isView = pTab->pSelect!=0;
+#else
+# define pTrigger 0
+# define tmask 0
+# define isView 0
+#endif
+#ifdef SQLITE_OMIT_VIEW
+# undef isView
+# define isView 0
+#endif
+ assert( (pTrigger && tmask) || (pTrigger==0 && tmask==0) );
+
+ /* If pTab is really a view, make sure it has been initialized.
+ ** ViewGetColumnNames() is a no-op if pTab is not a view.
+ */
+ if( sqlite3ViewGetColumnNames(pParse, pTab) ){
+ goto insert_cleanup;
+ }
+
+ /* Cannot insert into a read-only table.
+ */
+ if( sqlite3IsReadOnly(pParse, pTab, tmask) ){
+ goto insert_cleanup;
+ }
+
+ /* Allocate a VDBE
+ */
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ) goto insert_cleanup;
+ if( pParse->nested==0 ) sqlite3VdbeCountChanges(v);
+ sqlite3BeginWriteOperation(pParse, pSelect || pTrigger, iDb);
+
+#ifndef SQLITE_OMIT_XFER_OPT
+ /* If the statement is of the form
+ **
+ ** INSERT INTO <table1> SELECT * FROM <table2>;
+ **
+ ** Then special optimizations can be applied that make the transfer
+ ** very fast and which reduce fragmentation of indices.
+ **
+ ** This is the 2nd template.
+ */
+ if( pColumn==0 && xferOptimization(pParse, pTab, pSelect, onError, iDb) ){
+ assert( !pTrigger );
+ assert( pList==0 );
+ goto insert_end;
+ }
+#endif /* SQLITE_OMIT_XFER_OPT */
+
+ /* If this is an AUTOINCREMENT table, look up the sequence number in the
+ ** sqlite_sequence table and store it in memory cell regAutoinc.
+ */
+ regAutoinc = autoIncBegin(pParse, iDb, pTab);
+
+ /* Allocate registers for holding the rowid of the new row,
+ ** the content of the new row, and the assembled row record.
+ */
+ regRowid = regIns = pParse->nMem+1;
+ pParse->nMem += pTab->nCol + 1;
+ if( IsVirtual(pTab) ){
+ regRowid++;
+ pParse->nMem++;
+ }
+ regData = regRowid+1;
+
+ /* If the INSERT statement included an IDLIST term, then make sure
+ ** all elements of the IDLIST really are columns of the table and
+ ** remember the column indices.
+ **
+ ** If the table has an INTEGER PRIMARY KEY column and that column
+ ** is named in the IDLIST, then record in the ipkColumn variable
+ ** the index into IDLIST of the primary key column. ipkColumn is
+ ** the index of the primary key as it appears in IDLIST, not as
+ ** is appears in the original table. (The index of the INTEGER
+ ** PRIMARY KEY in the original table is pTab->iPKey.)
+ */
+ bIdListInOrder = (pTab->tabFlags & TF_OOOHidden)==0;
+ if( pColumn ){
+ for(i=0; i<pColumn->nId; i++){
+ pColumn->a[i].idx = -1;
+ }
+ for(i=0; i<pColumn->nId; i++){
+ for(j=0; j<pTab->nCol; j++){
+ if( sqlite3StrICmp(pColumn->a[i].zName, pTab->aCol[j].zName)==0 ){
+ pColumn->a[i].idx = j;
+ if( i!=j ) bIdListInOrder = 0;
+ if( j==pTab->iPKey ){
+ ipkColumn = i; assert( !withoutRowid );
+ }
+ break;
+ }
+ }
+ if( j>=pTab->nCol ){
+ if( sqlite3IsRowid(pColumn->a[i].zName) && !withoutRowid ){
+ ipkColumn = i;
+ bIdListInOrder = 0;
+ }else{
+ sqlite3ErrorMsg(pParse, "table %S has no column named %s",
+ pTabList, 0, pColumn->a[i].zName);
+ pParse->checkSchema = 1;
+ goto insert_cleanup;
+ }
+ }
+ }
+ }
+
+ /* Figure out how many columns of data are supplied. If the data
+ ** is coming from a SELECT statement, then generate a co-routine that
+ ** produces a single row of the SELECT on each invocation. The
+ ** co-routine is the common header to the 3rd and 4th templates.
+ */
+ if( pSelect ){
+ /* Data is coming from a SELECT or from a multi-row VALUES clause.
+ ** Generate a co-routine to run the SELECT. */
+ int regYield; /* Register holding co-routine entry-point */
+ int addrTop; /* Top of the co-routine */
+ int rc; /* Result code */
+
+ regYield = ++pParse->nMem;
+ addrTop = sqlite3VdbeCurrentAddr(v) + 1;
+ sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
+ sqlite3SelectDestInit(&dest, SRT_Coroutine, regYield);
+ dest.iSdst = bIdListInOrder ? regData : 0;
+ dest.nSdst = pTab->nCol;
+ rc = sqlite3Select(pParse, pSelect, &dest);
+ regFromSelect = dest.iSdst;
+ if( rc || db->mallocFailed || pParse->nErr ) goto insert_cleanup;
+ sqlite3VdbeAddOp1(v, OP_EndCoroutine, regYield);
+ sqlite3VdbeJumpHere(v, addrTop - 1); /* label B: */
+ assert( pSelect->pEList );
+ nColumn = pSelect->pEList->nExpr;
+
+ /* Set useTempTable to TRUE if the result of the SELECT statement
+ ** should be written into a temporary table (template 4). Set to
+ ** FALSE if each output row of the SELECT can be written directly into
+ ** the destination table (template 3).
+ **
+ ** A temp table must be used if the table being updated is also one
+ ** of the tables being read by the SELECT statement. Also use a
+ ** temp table in the case of row triggers.
+ */
+ if( pTrigger || readsTable(pParse, iDb, pTab) ){
+ useTempTable = 1;
+ }
+
+ if( useTempTable ){
+ /* Invoke the coroutine to extract information from the SELECT
+ ** and add it to a transient table srcTab. The code generated
+ ** here is from the 4th template:
+ **
+ ** B: open temp table
+ ** L: yield X, goto M at EOF
+ ** insert row from R..R+n into temp table
+ ** goto L
+ ** M: ...
+ */
+ int regRec; /* Register to hold packed record */
+ int regTempRowid; /* Register to hold temp table ROWID */
+ int addrL; /* Label "L" */
+
+ srcTab = pParse->nTab++;
+ regRec = sqlite3GetTempReg(pParse);
+ regTempRowid = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp2(v, OP_OpenEphemeral, srcTab, nColumn);
+ addrL = sqlite3VdbeAddOp1(v, OP_Yield, dest.iSDParm); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regFromSelect, nColumn, regRec);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, srcTab, regTempRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, srcTab, regRec, regTempRowid);
+ sqlite3VdbeGoto(v, addrL);
+ sqlite3VdbeJumpHere(v, addrL);
+ sqlite3ReleaseTempReg(pParse, regRec);
+ sqlite3ReleaseTempReg(pParse, regTempRowid);
+ }
+ }else{
+ /* This is the case if the data for the INSERT is coming from a
+ ** single-row VALUES clause
+ */
+ NameContext sNC;
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pParse = pParse;
+ srcTab = -1;
+ assert( useTempTable==0 );
+ if( pList ){
+ nColumn = pList->nExpr;
+ if( sqlite3ResolveExprListNames(&sNC, pList) ){
+ goto insert_cleanup;
+ }
+ }else{
+ nColumn = 0;
+ }
+ }
+
+ /* If there is no IDLIST term but the table has an integer primary
+ ** key, the set the ipkColumn variable to the integer primary key
+ ** column index in the original table definition.
+ */
+ if( pColumn==0 && nColumn>0 ){
+ ipkColumn = pTab->iPKey;
+ }
+
+ /* Make sure the number of columns in the source data matches the number
+ ** of columns to be inserted into the table.
+ */
+ for(i=0; i<pTab->nCol; i++){
+ nHidden += (IsHiddenColumn(&pTab->aCol[i]) ? 1 : 0);
+ }
+ if( pColumn==0 && nColumn && nColumn!=(pTab->nCol-nHidden) ){
+ sqlite3ErrorMsg(pParse,
+ "table %S has %d columns but %d values were supplied",
+ pTabList, 0, pTab->nCol-nHidden, nColumn);
+ goto insert_cleanup;
+ }
+ if( pColumn!=0 && nColumn!=pColumn->nId ){
+ sqlite3ErrorMsg(pParse, "%d values for %d columns", nColumn, pColumn->nId);
+ goto insert_cleanup;
+ }
+
+ /* Initialize the count of rows to be inserted
+ */
+ if( db->flags & SQLITE_CountRows ){
+ regRowCount = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, regRowCount);
+ }
+
+ /* If this is not a view, open the table and and all indices */
+ if( !isView ){
+ int nIdx;
+ nIdx = sqlite3OpenTableAndIndices(pParse, pTab, OP_OpenWrite, 0, -1, 0,
+ &iDataCur, &iIdxCur);
+ aRegIdx = sqlite3DbMallocRaw(db, sizeof(int)*(nIdx+1));
+ if( aRegIdx==0 ){
+ goto insert_cleanup;
+ }
+ for(i=0; i<nIdx; i++){
+ aRegIdx[i] = ++pParse->nMem;
+ }
+ }
+
+ /* This is the top of the main insertion loop */
+ if( useTempTable ){
+ /* This block codes the top of loop only. The complete loop is the
+ ** following pseudocode (template 4):
+ **
+ ** rewind temp table, if empty goto D
+ ** C: loop over rows of intermediate table
+ ** transfer values form intermediate table into <table>
+ ** end loop
+ ** D: ...
+ */
+ addrInsTop = sqlite3VdbeAddOp1(v, OP_Rewind, srcTab); VdbeCoverage(v);
+ addrCont = sqlite3VdbeCurrentAddr(v);
+ }else if( pSelect ){
+ /* This block codes the top of loop only. The complete loop is the
+ ** following pseudocode (template 3):
+ **
+ ** C: yield X, at EOF goto D
+ ** insert the select result into <table> from R..R+n
+ ** goto C
+ ** D: ...
+ */
+ addrInsTop = addrCont = sqlite3VdbeAddOp1(v, OP_Yield, dest.iSDParm);
+ VdbeCoverage(v);
+ }
+
+ /* Run the BEFORE and INSTEAD OF triggers, if there are any
+ */
+ endOfLoop = sqlite3VdbeMakeLabel(v);
+ if( tmask & TRIGGER_BEFORE ){
+ int regCols = sqlite3GetTempRange(pParse, pTab->nCol+1);
+
+ /* build the NEW.* reference row. Note that if there is an INTEGER
+ ** PRIMARY KEY into which a NULL is being inserted, that NULL will be
+ ** translated into a unique ID for the row. But on a BEFORE trigger,
+ ** we do not know what the unique ID will be (because the insert has
+ ** not happened yet) so we substitute a rowid of -1
+ */
+ if( ipkColumn<0 ){
+ sqlite3VdbeAddOp2(v, OP_Integer, -1, regCols);
+ }else{
+ int addr1;
+ assert( !withoutRowid );
+ if( useTempTable ){
+ sqlite3VdbeAddOp3(v, OP_Column, srcTab, ipkColumn, regCols);
+ }else{
+ assert( pSelect==0 ); /* Otherwise useTempTable is true */
+ sqlite3ExprCode(pParse, pList->a[ipkColumn].pExpr, regCols);
+ }
+ addr1 = sqlite3VdbeAddOp1(v, OP_NotNull, regCols); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Integer, -1, regCols);
+ sqlite3VdbeJumpHere(v, addr1);
+ sqlite3VdbeAddOp1(v, OP_MustBeInt, regCols); VdbeCoverage(v);
+ }
+
+ /* Cannot have triggers on a virtual table. If it were possible,
+ ** this block would have to account for hidden column.
+ */
+ assert( !IsVirtual(pTab) );
+
+ /* Create the new column data
+ */
+ for(i=j=0; i<pTab->nCol; i++){
+ if( pColumn ){
+ for(j=0; j<pColumn->nId; j++){
+ if( pColumn->a[j].idx==i ) break;
+ }
+ }
+ if( (!useTempTable && !pList) || (pColumn && j>=pColumn->nId)
+ || (pColumn==0 && IsOrdinaryHiddenColumn(&pTab->aCol[i])) ){
+ sqlite3ExprCode(pParse, pTab->aCol[i].pDflt, regCols+i+1);
+ }else if( useTempTable ){
+ sqlite3VdbeAddOp3(v, OP_Column, srcTab, j, regCols+i+1);
+ }else{
+ assert( pSelect==0 ); /* Otherwise useTempTable is true */
+ sqlite3ExprCodeAndCache(pParse, pList->a[j].pExpr, regCols+i+1);
+ }
+ if( pColumn==0 && !IsOrdinaryHiddenColumn(&pTab->aCol[i]) ) j++;
+ }
+
+ /* If this is an INSERT on a view with an INSTEAD OF INSERT trigger,
+ ** do not attempt any conversions before assembling the record.
+ ** If this is a real table, attempt conversions as required by the
+ ** table column affinities.
+ */
+ if( !isView ){
+ sqlite3TableAffinity(v, pTab, regCols+1);
+ }
+
+ /* Fire BEFORE or INSTEAD OF triggers */
+ sqlite3CodeRowTrigger(pParse, pTrigger, TK_INSERT, 0, TRIGGER_BEFORE,
+ pTab, regCols-pTab->nCol-1, onError, endOfLoop);
+
+ sqlite3ReleaseTempRange(pParse, regCols, pTab->nCol+1);
+ }
+
+ /* Compute the content of the next row to insert into a range of
+ ** registers beginning at regIns.
+ */
+ if( !isView ){
+ if( IsVirtual(pTab) ){
+ /* The row that the VUpdate opcode will delete: none */
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regIns);
+ }
+ if( ipkColumn>=0 ){
+ if( useTempTable ){
+ sqlite3VdbeAddOp3(v, OP_Column, srcTab, ipkColumn, regRowid);
+ }else if( pSelect ){
+ sqlite3VdbeAddOp2(v, OP_Copy, regFromSelect+ipkColumn, regRowid);
+ }else{
+ VdbeOp *pOp;
+ sqlite3ExprCode(pParse, pList->a[ipkColumn].pExpr, regRowid);
+ pOp = sqlite3VdbeGetOp(v, -1);
+ if( ALWAYS(pOp) && pOp->opcode==OP_Null && !IsVirtual(pTab) ){
+ appendFlag = 1;
+ pOp->opcode = OP_NewRowid;
+ pOp->p1 = iDataCur;
+ pOp->p2 = regRowid;
+ pOp->p3 = regAutoinc;
+ }
+ }
+ /* If the PRIMARY KEY expression is NULL, then use OP_NewRowid
+ ** to generate a unique primary key value.
+ */
+ if( !appendFlag ){
+ int addr1;
+ if( !IsVirtual(pTab) ){
+ addr1 = sqlite3VdbeAddOp1(v, OP_NotNull, regRowid); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_NewRowid, iDataCur, regRowid, regAutoinc);
+ sqlite3VdbeJumpHere(v, addr1);
+ }else{
+ addr1 = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp2(v, OP_IsNull, regRowid, addr1+2); VdbeCoverage(v);
+ }
+ sqlite3VdbeAddOp1(v, OP_MustBeInt, regRowid); VdbeCoverage(v);
+ }
+ }else if( IsVirtual(pTab) || withoutRowid ){
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regRowid);
+ }else{
+ sqlite3VdbeAddOp3(v, OP_NewRowid, iDataCur, regRowid, regAutoinc);
+ appendFlag = 1;
+ }
+ autoIncStep(pParse, regAutoinc, regRowid);
+
+ /* Compute data for all columns of the new entry, beginning
+ ** with the first column.
+ */
+ nHidden = 0;
+ for(i=0; i<pTab->nCol; i++){
+ int iRegStore = regRowid+1+i;
+ if( i==pTab->iPKey ){
+ /* The value of the INTEGER PRIMARY KEY column is always a NULL.
+ ** Whenever this column is read, the rowid will be substituted
+ ** in its place. Hence, fill this column with a NULL to avoid
+ ** taking up data space with information that will never be used.
+ ** As there may be shallow copies of this value, make it a soft-NULL */
+ sqlite3VdbeAddOp1(v, OP_SoftNull, iRegStore);
+ continue;
+ }
+ if( pColumn==0 ){
+ if( IsHiddenColumn(&pTab->aCol[i]) ){
+ j = -1;
+ nHidden++;
+ }else{
+ j = i - nHidden;
+ }
+ }else{
+ for(j=0; j<pColumn->nId; j++){
+ if( pColumn->a[j].idx==i ) break;
+ }
+ }
+ if( j<0 || nColumn==0 || (pColumn && j>=pColumn->nId) ){
+ sqlite3ExprCodeFactorable(pParse, pTab->aCol[i].pDflt, iRegStore);
+ }else if( useTempTable ){
+ sqlite3VdbeAddOp3(v, OP_Column, srcTab, j, iRegStore);
+ }else if( pSelect ){
+ if( regFromSelect!=regData ){
+ sqlite3VdbeAddOp2(v, OP_SCopy, regFromSelect+j, iRegStore);
+ }
+ }else{
+ sqlite3ExprCode(pParse, pList->a[j].pExpr, iRegStore);
+ }
+ }
+
+ /* Generate code to check constraints and generate index keys and
+ ** do the insertion.
+ */
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( IsVirtual(pTab) ){
+ const char *pVTab = (const char *)sqlite3GetVTable(db, pTab);
+ sqlite3VtabMakeWritable(pParse, pTab);
+ sqlite3VdbeAddOp4(v, OP_VUpdate, 1, pTab->nCol+2, regIns, pVTab, P4_VTAB);
+ sqlite3VdbeChangeP5(v, onError==OE_Default ? OE_Abort : onError);
+ sqlite3MayAbort(pParse);
+ }else
+#endif
+ {
+ int isReplace; /* Set to true if constraints may cause a replace */
+ sqlite3GenerateConstraintChecks(pParse, pTab, aRegIdx, iDataCur, iIdxCur,
+ regIns, 0, ipkColumn>=0, onError, endOfLoop, &isReplace
+ );
+ sqlite3FkCheck(pParse, pTab, 0, regIns, 0, 0);
+ sqlite3CompleteInsertion(pParse, pTab, iDataCur, iIdxCur,
+ regIns, aRegIdx, 0, appendFlag, isReplace==0);
+ }
+ }
+
+ /* Update the count of rows that are inserted
+ */
+ if( (db->flags & SQLITE_CountRows)!=0 ){
+ sqlite3VdbeAddOp2(v, OP_AddImm, regRowCount, 1);
+ }
+
+ if( pTrigger ){
+ /* Code AFTER triggers */
+ sqlite3CodeRowTrigger(pParse, pTrigger, TK_INSERT, 0, TRIGGER_AFTER,
+ pTab, regData-2-pTab->nCol, onError, endOfLoop);
+ }
+
+ /* The bottom of the main insertion loop, if the data source
+ ** is a SELECT statement.
+ */
+ sqlite3VdbeResolveLabel(v, endOfLoop);
+ if( useTempTable ){
+ sqlite3VdbeAddOp2(v, OP_Next, srcTab, addrCont); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addrInsTop);
+ sqlite3VdbeAddOp1(v, OP_Close, srcTab);
+ }else if( pSelect ){
+ sqlite3VdbeGoto(v, addrCont);
+ sqlite3VdbeJumpHere(v, addrInsTop);
+ }
+
+ if( !IsVirtual(pTab) && !isView ){
+ /* Close all tables opened */
+ if( iDataCur<iIdxCur ) sqlite3VdbeAddOp1(v, OP_Close, iDataCur);
+ for(idx=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, idx++){
+ sqlite3VdbeAddOp1(v, OP_Close, idx+iIdxCur);
+ }
+ }
+
+insert_end:
+ /* Update the sqlite_sequence table by storing the content of the
+ ** maximum rowid counter values recorded while inserting into
+ ** autoincrement tables.
+ */
+ if( pParse->nested==0 && pParse->pTriggerTab==0 ){
+ sqlite3AutoincrementEnd(pParse);
+ }
+
+ /*
+ ** Return the number of rows inserted. If this routine is
+ ** generating code because of a call to sqlite3NestedParse(), do not
+ ** invoke the callback function.
+ */
+ if( (db->flags&SQLITE_CountRows) && !pParse->nested && !pParse->pTriggerTab ){
+ sqlite3VdbeAddOp2(v, OP_ResultRow, regRowCount, 1);
+ sqlite3VdbeSetNumCols(v, 1);
+ sqlite3VdbeSetColName(v, 0, COLNAME_NAME, "rows inserted", SQLITE_STATIC);
+ }
+
+insert_cleanup:
+ sqlite3SrcListDelete(db, pTabList);
+ sqlite3ExprListDelete(db, pList);
+ sqlite3SelectDelete(db, pSelect);
+ sqlite3IdListDelete(db, pColumn);
+ sqlite3DbFree(db, aRegIdx);
+}
+
+/* Make sure "isView" and other macros defined above are undefined. Otherwise
+** they may interfere with compilation of other functions in this file
+** (or in another file, if this file becomes part of the amalgamation). */
+#ifdef isView
+ #undef isView
+#endif
+#ifdef pTrigger
+ #undef pTrigger
+#endif
+#ifdef tmask
+ #undef tmask
+#endif
+
+/*
+** Generate code to do constraint checks prior to an INSERT or an UPDATE
+** on table pTab.
+**
+** The regNewData parameter is the first register in a range that contains
+** the data to be inserted or the data after the update. There will be
+** pTab->nCol+1 registers in this range. The first register (the one
+** that regNewData points to) will contain the new rowid, or NULL in the
+** case of a WITHOUT ROWID table. The second register in the range will
+** contain the content of the first table column. The third register will
+** contain the content of the second table column. And so forth.
+**
+** The regOldData parameter is similar to regNewData except that it contains
+** the data prior to an UPDATE rather than afterwards. regOldData is zero
+** for an INSERT. This routine can distinguish between UPDATE and INSERT by
+** checking regOldData for zero.
+**
+** For an UPDATE, the pkChng boolean is true if the true primary key (the
+** rowid for a normal table or the PRIMARY KEY for a WITHOUT ROWID table)
+** might be modified by the UPDATE. If pkChng is false, then the key of
+** the iDataCur content table is guaranteed to be unchanged by the UPDATE.
+**
+** For an INSERT, the pkChng boolean indicates whether or not the rowid
+** was explicitly specified as part of the INSERT statement. If pkChng
+** is zero, it means that the either rowid is computed automatically or
+** that the table is a WITHOUT ROWID table and has no rowid. On an INSERT,
+** pkChng will only be true if the INSERT statement provides an integer
+** value for either the rowid column or its INTEGER PRIMARY KEY alias.
+**
+** The code generated by this routine will store new index entries into
+** registers identified by aRegIdx[]. No index entry is created for
+** indices where aRegIdx[i]==0. The order of indices in aRegIdx[] is
+** the same as the order of indices on the linked list of indices
+** at pTab->pIndex.
+**
+** The caller must have already opened writeable cursors on the main
+** table and all applicable indices (that is to say, all indices for which
+** aRegIdx[] is not zero). iDataCur is the cursor for the main table when
+** inserting or updating a rowid table, or the cursor for the PRIMARY KEY
+** index when operating on a WITHOUT ROWID table. iIdxCur is the cursor
+** for the first index in the pTab->pIndex list. Cursors for other indices
+** are at iIdxCur+N for the N-th element of the pTab->pIndex list.
+**
+** This routine also generates code to check constraints. NOT NULL,
+** CHECK, and UNIQUE constraints are all checked. If a constraint fails,
+** then the appropriate action is performed. There are five possible
+** actions: ROLLBACK, ABORT, FAIL, REPLACE, and IGNORE.
+**
+** Constraint type Action What Happens
+** --------------- ---------- ----------------------------------------
+** any ROLLBACK The current transaction is rolled back and
+** sqlite3_step() returns immediately with a
+** return code of SQLITE_CONSTRAINT.
+**
+** any ABORT Back out changes from the current command
+** only (do not do a complete rollback) then
+** cause sqlite3_step() to return immediately
+** with SQLITE_CONSTRAINT.
+**
+** any FAIL Sqlite3_step() returns immediately with a
+** return code of SQLITE_CONSTRAINT. The
+** transaction is not rolled back and any
+** changes to prior rows are retained.
+**
+** any IGNORE The attempt in insert or update the current
+** row is skipped, without throwing an error.
+** Processing continues with the next row.
+** (There is an immediate jump to ignoreDest.)
+**
+** NOT NULL REPLACE The NULL value is replace by the default
+** value for that column. If the default value
+** is NULL, the action is the same as ABORT.
+**
+** UNIQUE REPLACE The other row that conflicts with the row
+** being inserted is removed.
+**
+** CHECK REPLACE Illegal. The results in an exception.
+**
+** Which action to take is determined by the overrideError parameter.
+** Or if overrideError==OE_Default, then the pParse->onError parameter
+** is used. Or if pParse->onError==OE_Default then the onError value
+** for the constraint is used.
+*/
+SQLITE_PRIVATE void sqlite3GenerateConstraintChecks(
+ Parse *pParse, /* The parser context */
+ Table *pTab, /* The table being inserted or updated */
+ int *aRegIdx, /* Use register aRegIdx[i] for index i. 0 for unused */
+ int iDataCur, /* Canonical data cursor (main table or PK index) */
+ int iIdxCur, /* First index cursor */
+ int regNewData, /* First register in a range holding values to insert */
+ int regOldData, /* Previous content. 0 for INSERTs */
+ u8 pkChng, /* Non-zero if the rowid or PRIMARY KEY changed */
+ u8 overrideError, /* Override onError to this if not OE_Default */
+ int ignoreDest, /* Jump to this label on an OE_Ignore resolution */
+ int *pbMayReplace /* OUT: Set to true if constraint may cause a replace */
+){
+ Vdbe *v; /* VDBE under constrution */
+ Index *pIdx; /* Pointer to one of the indices */
+ Index *pPk = 0; /* The PRIMARY KEY index */
+ sqlite3 *db; /* Database connection */
+ int i; /* loop counter */
+ int ix; /* Index loop counter */
+ int nCol; /* Number of columns */
+ int onError; /* Conflict resolution strategy */
+ int addr1; /* Address of jump instruction */
+ int seenReplace = 0; /* True if REPLACE is used to resolve INT PK conflict */
+ int nPkField; /* Number of fields in PRIMARY KEY. 1 for ROWID tables */
+ int ipkTop = 0; /* Top of the rowid change constraint check */
+ int ipkBottom = 0; /* Bottom of the rowid change constraint check */
+ u8 isUpdate; /* True if this is an UPDATE operation */
+ u8 bAffinityDone = 0; /* True if the OP_Affinity operation has been run */
+ int regRowid = -1; /* Register holding ROWID value */
+
+ isUpdate = regOldData!=0;
+ db = pParse->db;
+ v = sqlite3GetVdbe(pParse);
+ assert( v!=0 );
+ assert( pTab->pSelect==0 ); /* This table is not a VIEW */
+ nCol = pTab->nCol;
+
+ /* pPk is the PRIMARY KEY index for WITHOUT ROWID tables and NULL for
+ ** normal rowid tables. nPkField is the number of key fields in the
+ ** pPk index or 1 for a rowid table. In other words, nPkField is the
+ ** number of fields in the true primary key of the table. */
+ if( HasRowid(pTab) ){
+ pPk = 0;
+ nPkField = 1;
+ }else{
+ pPk = sqlite3PrimaryKeyIndex(pTab);
+ nPkField = pPk->nKeyCol;
+ }
+
+ /* Record that this module has started */
+ VdbeModuleComment((v, "BEGIN: GenCnstCks(%d,%d,%d,%d,%d)",
+ iDataCur, iIdxCur, regNewData, regOldData, pkChng));
+
+ /* Test all NOT NULL constraints.
+ */
+ for(i=0; i<nCol; i++){
+ if( i==pTab->iPKey ){
+ continue;
+ }
+ onError = pTab->aCol[i].notNull;
+ if( onError==OE_None ) continue;
+ if( overrideError!=OE_Default ){
+ onError = overrideError;
+ }else if( onError==OE_Default ){
+ onError = OE_Abort;
+ }
+ if( onError==OE_Replace && pTab->aCol[i].pDflt==0 ){
+ onError = OE_Abort;
+ }
+ assert( onError==OE_Rollback || onError==OE_Abort || onError==OE_Fail
+ || onError==OE_Ignore || onError==OE_Replace );
+ switch( onError ){
+ case OE_Abort:
+ sqlite3MayAbort(pParse);
+ /* Fall through */
+ case OE_Rollback:
+ case OE_Fail: {
+ char *zMsg = sqlite3MPrintf(db, "%s.%s", pTab->zName,
+ pTab->aCol[i].zName);
+ sqlite3VdbeAddOp4(v, OP_HaltIfNull, SQLITE_CONSTRAINT_NOTNULL, onError,
+ regNewData+1+i, zMsg, P4_DYNAMIC);
+ sqlite3VdbeChangeP5(v, P5_ConstraintNotNull);
+ VdbeCoverage(v);
+ break;
+ }
+ case OE_Ignore: {
+ sqlite3VdbeAddOp2(v, OP_IsNull, regNewData+1+i, ignoreDest);
+ VdbeCoverage(v);
+ break;
+ }
+ default: {
+ assert( onError==OE_Replace );
+ addr1 = sqlite3VdbeAddOp1(v, OP_NotNull, regNewData+1+i);
+ VdbeCoverage(v);
+ sqlite3ExprCode(pParse, pTab->aCol[i].pDflt, regNewData+1+i);
+ sqlite3VdbeJumpHere(v, addr1);
+ break;
+ }
+ }
+ }
+
+ /* Test all CHECK constraints
+ */
+#ifndef SQLITE_OMIT_CHECK
+ if( pTab->pCheck && (db->flags & SQLITE_IgnoreChecks)==0 ){
+ ExprList *pCheck = pTab->pCheck;
+ pParse->ckBase = regNewData+1;
+ onError = overrideError!=OE_Default ? overrideError : OE_Abort;
+ for(i=0; i<pCheck->nExpr; i++){
+ int allOk = sqlite3VdbeMakeLabel(v);
+ sqlite3ExprIfTrue(pParse, pCheck->a[i].pExpr, allOk, SQLITE_JUMPIFNULL);
+ if( onError==OE_Ignore ){
+ sqlite3VdbeGoto(v, ignoreDest);
+ }else{
+ char *zName = pCheck->a[i].zName;
+ if( zName==0 ) zName = pTab->zName;
+ if( onError==OE_Replace ) onError = OE_Abort; /* IMP: R-15569-63625 */
+ sqlite3HaltConstraint(pParse, SQLITE_CONSTRAINT_CHECK,
+ onError, zName, P4_TRANSIENT,
+ P5_ConstraintCheck);
+ }
+ sqlite3VdbeResolveLabel(v, allOk);
+ }
+ }
+#endif /* !defined(SQLITE_OMIT_CHECK) */
+
+ /* If rowid is changing, make sure the new rowid does not previously
+ ** exist in the table.
+ */
+ if( pkChng && pPk==0 ){
+ int addrRowidOk = sqlite3VdbeMakeLabel(v);
+
+ /* Figure out what action to take in case of a rowid collision */
+ onError = pTab->keyConf;
+ if( overrideError!=OE_Default ){
+ onError = overrideError;
+ }else if( onError==OE_Default ){
+ onError = OE_Abort;
+ }
+
+ if( isUpdate ){
+ /* pkChng!=0 does not mean that the rowid has change, only that
+ ** it might have changed. Skip the conflict logic below if the rowid
+ ** is unchanged. */
+ sqlite3VdbeAddOp3(v, OP_Eq, regNewData, addrRowidOk, regOldData);
+ sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
+ VdbeCoverage(v);
+ }
+
+ /* If the response to a rowid conflict is REPLACE but the response
+ ** to some other UNIQUE constraint is FAIL or IGNORE, then we need
+ ** to defer the running of the rowid conflict checking until after
+ ** the UNIQUE constraints have run.
+ */
+ if( onError==OE_Replace && overrideError!=OE_Replace ){
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ if( pIdx->onError==OE_Ignore || pIdx->onError==OE_Fail ){
+ ipkTop = sqlite3VdbeAddOp0(v, OP_Goto);
+ break;
+ }
+ }
+ }
+
+ /* Check to see if the new rowid already exists in the table. Skip
+ ** the following conflict logic if it does not. */
+ sqlite3VdbeAddOp3(v, OP_NotExists, iDataCur, addrRowidOk, regNewData);
+ VdbeCoverage(v);
+
+ /* Generate code that deals with a rowid collision */
+ switch( onError ){
+ default: {
+ onError = OE_Abort;
+ /* Fall thru into the next case */
+ }
+ case OE_Rollback:
+ case OE_Abort:
+ case OE_Fail: {
+ sqlite3RowidConstraint(pParse, onError, pTab);
+ break;
+ }
+ case OE_Replace: {
+ /* If there are DELETE triggers on this table and the
+ ** recursive-triggers flag is set, call GenerateRowDelete() to
+ ** remove the conflicting row from the table. This will fire
+ ** the triggers and remove both the table and index b-tree entries.
+ **
+ ** Otherwise, if there are no triggers or the recursive-triggers
+ ** flag is not set, but the table has one or more indexes, call
+ ** GenerateRowIndexDelete(). This removes the index b-tree entries
+ ** only. The table b-tree entry will be replaced by the new entry
+ ** when it is inserted.
+ **
+ ** If either GenerateRowDelete() or GenerateRowIndexDelete() is called,
+ ** also invoke MultiWrite() to indicate that this VDBE may require
+ ** statement rollback (if the statement is aborted after the delete
+ ** takes place). Earlier versions called sqlite3MultiWrite() regardless,
+ ** but being more selective here allows statements like:
+ **
+ ** REPLACE INTO t(rowid) VALUES($newrowid)
+ **
+ ** to run without a statement journal if there are no indexes on the
+ ** table.
+ */
+ Trigger *pTrigger = 0;
+ if( db->flags&SQLITE_RecTriggers ){
+ pTrigger = sqlite3TriggersExist(pParse, pTab, TK_DELETE, 0, 0);
+ }
+ if( pTrigger || sqlite3FkRequired(pParse, pTab, 0, 0) ){
+ sqlite3MultiWrite(pParse);
+ sqlite3GenerateRowDelete(pParse, pTab, pTrigger, iDataCur, iIdxCur,
+ regNewData, 1, 0, OE_Replace,
+ ONEPASS_SINGLE, -1);
+ }else{
+ if( pTab->pIndex ){
+ sqlite3MultiWrite(pParse);
+ sqlite3GenerateRowIndexDelete(pParse, pTab, iDataCur, iIdxCur,0,-1);
+ }
+ }
+ seenReplace = 1;
+ break;
+ }
+ case OE_Ignore: {
+ /*assert( seenReplace==0 );*/
+ sqlite3VdbeGoto(v, ignoreDest);
+ break;
+ }
+ }
+ sqlite3VdbeResolveLabel(v, addrRowidOk);
+ if( ipkTop ){
+ ipkBottom = sqlite3VdbeAddOp0(v, OP_Goto);
+ sqlite3VdbeJumpHere(v, ipkTop);
+ }
+ }
+
+ /* Test all UNIQUE constraints by creating entries for each UNIQUE
+ ** index and making sure that duplicate entries do not already exist.
+ ** Compute the revised record entries for indices as we go.
+ **
+ ** This loop also handles the case of the PRIMARY KEY index for a
+ ** WITHOUT ROWID table.
+ */
+ for(ix=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, ix++){
+ int regIdx; /* Range of registers hold conent for pIdx */
+ int regR; /* Range of registers holding conflicting PK */
+ int iThisCur; /* Cursor for this UNIQUE index */
+ int addrUniqueOk; /* Jump here if the UNIQUE constraint is satisfied */
+
+ if( aRegIdx[ix]==0 ) continue; /* Skip indices that do not change */
+ if( bAffinityDone==0 ){
+ sqlite3TableAffinity(v, pTab, regNewData+1);
+ bAffinityDone = 1;
+ }
+ iThisCur = iIdxCur+ix;
+ addrUniqueOk = sqlite3VdbeMakeLabel(v);
+
+ /* Skip partial indices for which the WHERE clause is not true */
+ if( pIdx->pPartIdxWhere ){
+ sqlite3VdbeAddOp2(v, OP_Null, 0, aRegIdx[ix]);
+ pParse->ckBase = regNewData+1;
+ sqlite3ExprIfFalseDup(pParse, pIdx->pPartIdxWhere, addrUniqueOk,
+ SQLITE_JUMPIFNULL);
+ pParse->ckBase = 0;
+ }
+
+ /* Create a record for this index entry as it should appear after
+ ** the insert or update. Store that record in the aRegIdx[ix] register
+ */
+ regIdx = sqlite3GetTempRange(pParse, pIdx->nColumn);
+ for(i=0; i<pIdx->nColumn; i++){
+ int iField = pIdx->aiColumn[i];
+ int x;
+ if( iField==XN_EXPR ){
+ pParse->ckBase = regNewData+1;
+ sqlite3ExprCodeCopy(pParse, pIdx->aColExpr->a[i].pExpr, regIdx+i);
+ pParse->ckBase = 0;
+ VdbeComment((v, "%s column %d", pIdx->zName, i));
+ }else{
+ if( iField==XN_ROWID || iField==pTab->iPKey ){
+ if( regRowid==regIdx+i ) continue; /* ROWID already in regIdx+i */
+ x = regNewData;
+ regRowid = pIdx->pPartIdxWhere ? -1 : regIdx+i;
+ }else{
+ x = iField + regNewData + 1;
+ }
+ sqlite3VdbeAddOp2(v, iField<0 ? OP_IntCopy : OP_SCopy, x, regIdx+i);
+ VdbeComment((v, "%s", iField<0 ? "rowid" : pTab->aCol[iField].zName));
+ }
+ }
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regIdx, pIdx->nColumn, aRegIdx[ix]);
+ VdbeComment((v, "for %s", pIdx->zName));
+ sqlite3ExprCacheAffinityChange(pParse, regIdx, pIdx->nColumn);
+
+ /* In an UPDATE operation, if this index is the PRIMARY KEY index
+ ** of a WITHOUT ROWID table and there has been no change the
+ ** primary key, then no collision is possible. The collision detection
+ ** logic below can all be skipped. */
+ if( isUpdate && pPk==pIdx && pkChng==0 ){
+ sqlite3VdbeResolveLabel(v, addrUniqueOk);
+ continue;
+ }
+
+ /* Find out what action to take in case there is a uniqueness conflict */
+ onError = pIdx->onError;
+ if( onError==OE_None ){
+ sqlite3ReleaseTempRange(pParse, regIdx, pIdx->nColumn);
+ sqlite3VdbeResolveLabel(v, addrUniqueOk);
+ continue; /* pIdx is not a UNIQUE index */
+ }
+ if( overrideError!=OE_Default ){
+ onError = overrideError;
+ }else if( onError==OE_Default ){
+ onError = OE_Abort;
+ }
+
+ /* Check to see if the new index entry will be unique */
+ sqlite3VdbeAddOp4Int(v, OP_NoConflict, iThisCur, addrUniqueOk,
+ regIdx, pIdx->nKeyCol); VdbeCoverage(v);
+
+ /* Generate code to handle collisions */
+ regR = (pIdx==pPk) ? regIdx : sqlite3GetTempRange(pParse, nPkField);
+ if( isUpdate || onError==OE_Replace ){
+ if( HasRowid(pTab) ){
+ sqlite3VdbeAddOp2(v, OP_IdxRowid, iThisCur, regR);
+ /* Conflict only if the rowid of the existing index entry
+ ** is different from old-rowid */
+ if( isUpdate ){
+ sqlite3VdbeAddOp3(v, OP_Eq, regR, addrUniqueOk, regOldData);
+ sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
+ VdbeCoverage(v);
+ }
+ }else{
+ int x;
+ /* Extract the PRIMARY KEY from the end of the index entry and
+ ** store it in registers regR..regR+nPk-1 */
+ if( pIdx!=pPk ){
+ for(i=0; i<pPk->nKeyCol; i++){
+ assert( pPk->aiColumn[i]>=0 );
+ x = sqlite3ColumnOfIndex(pIdx, pPk->aiColumn[i]);
+ sqlite3VdbeAddOp3(v, OP_Column, iThisCur, x, regR+i);
+ VdbeComment((v, "%s.%s", pTab->zName,
+ pTab->aCol[pPk->aiColumn[i]].zName));
+ }
+ }
+ if( isUpdate ){
+ /* If currently processing the PRIMARY KEY of a WITHOUT ROWID
+ ** table, only conflict if the new PRIMARY KEY values are actually
+ ** different from the old.
+ **
+ ** For a UNIQUE index, only conflict if the PRIMARY KEY values
+ ** of the matched index row are different from the original PRIMARY
+ ** KEY values of this row before the update. */
+ int addrJump = sqlite3VdbeCurrentAddr(v)+pPk->nKeyCol;
+ int op = OP_Ne;
+ int regCmp = (IsPrimaryKeyIndex(pIdx) ? regIdx : regR);
+
+ for(i=0; i<pPk->nKeyCol; i++){
+ char *p4 = (char*)sqlite3LocateCollSeq(pParse, pPk->azColl[i]);
+ x = pPk->aiColumn[i];
+ assert( x>=0 );
+ if( i==(pPk->nKeyCol-1) ){
+ addrJump = addrUniqueOk;
+ op = OP_Eq;
+ }
+ sqlite3VdbeAddOp4(v, op,
+ regOldData+1+x, addrJump, regCmp+i, p4, P4_COLLSEQ
+ );
+ sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
+ VdbeCoverageIf(v, op==OP_Eq);
+ VdbeCoverageIf(v, op==OP_Ne);
+ }
+ }
+ }
+ }
+
+ /* Generate code that executes if the new index entry is not unique */
+ assert( onError==OE_Rollback || onError==OE_Abort || onError==OE_Fail
+ || onError==OE_Ignore || onError==OE_Replace );
+ switch( onError ){
+ case OE_Rollback:
+ case OE_Abort:
+ case OE_Fail: {
+ sqlite3UniqueConstraint(pParse, onError, pIdx);
+ break;
+ }
+ case OE_Ignore: {
+ sqlite3VdbeGoto(v, ignoreDest);
+ break;
+ }
+ default: {
+ Trigger *pTrigger = 0;
+ assert( onError==OE_Replace );
+ sqlite3MultiWrite(pParse);
+ if( db->flags&SQLITE_RecTriggers ){
+ pTrigger = sqlite3TriggersExist(pParse, pTab, TK_DELETE, 0, 0);
+ }
+ sqlite3GenerateRowDelete(pParse, pTab, pTrigger, iDataCur, iIdxCur,
+ regR, nPkField, 0, OE_Replace,
+ (pIdx==pPk ? ONEPASS_SINGLE : ONEPASS_OFF), -1);
+ seenReplace = 1;
+ break;
+ }
+ }
+ sqlite3VdbeResolveLabel(v, addrUniqueOk);
+ sqlite3ReleaseTempRange(pParse, regIdx, pIdx->nColumn);
+ if( regR!=regIdx ) sqlite3ReleaseTempRange(pParse, regR, nPkField);
+ }
+ if( ipkTop ){
+ sqlite3VdbeGoto(v, ipkTop+1);
+ sqlite3VdbeJumpHere(v, ipkBottom);
+ }
+
+ *pbMayReplace = seenReplace;
+ VdbeModuleComment((v, "END: GenCnstCks(%d)", seenReplace));
+}
+
+/*
+** This routine generates code to finish the INSERT or UPDATE operation
+** that was started by a prior call to sqlite3GenerateConstraintChecks.
+** A consecutive range of registers starting at regNewData contains the
+** rowid and the content to be inserted.
+**
+** The arguments to this routine should be the same as the first six
+** arguments to sqlite3GenerateConstraintChecks.
+*/
+SQLITE_PRIVATE void sqlite3CompleteInsertion(
+ Parse *pParse, /* The parser context */
+ Table *pTab, /* the table into which we are inserting */
+ int iDataCur, /* Cursor of the canonical data source */
+ int iIdxCur, /* First index cursor */
+ int regNewData, /* Range of content */
+ int *aRegIdx, /* Register used by each index. 0 for unused indices */
+ int isUpdate, /* True for UPDATE, False for INSERT */
+ int appendBias, /* True if this is likely to be an append */
+ int useSeekResult /* True to set the USESEEKRESULT flag on OP_[Idx]Insert */
+){
+ Vdbe *v; /* Prepared statements under construction */
+ Index *pIdx; /* An index being inserted or updated */
+ u8 pik_flags; /* flag values passed to the btree insert */
+ int regData; /* Content registers (after the rowid) */
+ int regRec; /* Register holding assembled record for the table */
+ int i; /* Loop counter */
+ u8 bAffinityDone = 0; /* True if OP_Affinity has been run already */
+
+ v = sqlite3GetVdbe(pParse);
+ assert( v!=0 );
+ assert( pTab->pSelect==0 ); /* This table is not a VIEW */
+ for(i=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, i++){
+ if( aRegIdx[i]==0 ) continue;
+ bAffinityDone = 1;
+ if( pIdx->pPartIdxWhere ){
+ sqlite3VdbeAddOp2(v, OP_IsNull, aRegIdx[i], sqlite3VdbeCurrentAddr(v)+2);
+ VdbeCoverage(v);
+ }
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iIdxCur+i, aRegIdx[i]);
+ pik_flags = 0;
+ if( useSeekResult ) pik_flags = OPFLAG_USESEEKRESULT;
+ if( IsPrimaryKeyIndex(pIdx) && !HasRowid(pTab) ){
+ assert( pParse->nested==0 );
+ pik_flags |= OPFLAG_NCHANGE;
+ }
+ if( pik_flags ) sqlite3VdbeChangeP5(v, pik_flags);
+ }
+ if( !HasRowid(pTab) ) return;
+ regData = regNewData + 1;
+ regRec = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regData, pTab->nCol, regRec);
+ if( !bAffinityDone ) sqlite3TableAffinity(v, pTab, 0);
+ sqlite3ExprCacheAffinityChange(pParse, regData, pTab->nCol);
+ if( pParse->nested ){
+ pik_flags = 0;
+ }else{
+ pik_flags = OPFLAG_NCHANGE;
+ pik_flags |= (isUpdate?OPFLAG_ISUPDATE:OPFLAG_LASTROWID);
+ }
+ if( appendBias ){
+ pik_flags |= OPFLAG_APPEND;
+ }
+ if( useSeekResult ){
+ pik_flags |= OPFLAG_USESEEKRESULT;
+ }
+ sqlite3VdbeAddOp3(v, OP_Insert, iDataCur, regRec, regNewData);
+ if( !pParse->nested ){
+ sqlite3VdbeChangeP4(v, -1, pTab->zName, P4_TRANSIENT);
+ }
+ sqlite3VdbeChangeP5(v, pik_flags);
+}
+
+/*
+** Allocate cursors for the pTab table and all its indices and generate
+** code to open and initialized those cursors.
+**
+** The cursor for the object that contains the complete data (normally
+** the table itself, but the PRIMARY KEY index in the case of a WITHOUT
+** ROWID table) is returned in *piDataCur. The first index cursor is
+** returned in *piIdxCur. The number of indices is returned.
+**
+** Use iBase as the first cursor (either the *piDataCur for rowid tables
+** or the first index for WITHOUT ROWID tables) if it is non-negative.
+** If iBase is negative, then allocate the next available cursor.
+**
+** For a rowid table, *piDataCur will be exactly one less than *piIdxCur.
+** For a WITHOUT ROWID table, *piDataCur will be somewhere in the range
+** of *piIdxCurs, depending on where the PRIMARY KEY index appears on the
+** pTab->pIndex list.
+**
+** If pTab is a virtual table, then this routine is a no-op and the
+** *piDataCur and *piIdxCur values are left uninitialized.
+*/
+SQLITE_PRIVATE int sqlite3OpenTableAndIndices(
+ Parse *pParse, /* Parsing context */
+ Table *pTab, /* Table to be opened */
+ int op, /* OP_OpenRead or OP_OpenWrite */
+ u8 p5, /* P5 value for OP_Open* instructions */
+ int iBase, /* Use this for the table cursor, if there is one */
+ u8 *aToOpen, /* If not NULL: boolean for each table and index */
+ int *piDataCur, /* Write the database source cursor number here */
+ int *piIdxCur /* Write the first index cursor number here */
+){
+ int i;
+ int iDb;
+ int iDataCur;
+ Index *pIdx;
+ Vdbe *v;
+
+ assert( op==OP_OpenRead || op==OP_OpenWrite );
+ assert( op==OP_OpenWrite || p5==0 );
+ if( IsVirtual(pTab) ){
+ /* This routine is a no-op for virtual tables. Leave the output
+ ** variables *piDataCur and *piIdxCur uninitialized so that valgrind
+ ** can detect if they are used by mistake in the caller. */
+ return 0;
+ }
+ iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ v = sqlite3GetVdbe(pParse);
+ assert( v!=0 );
+ if( iBase<0 ) iBase = pParse->nTab;
+ iDataCur = iBase++;
+ if( piDataCur ) *piDataCur = iDataCur;
+ if( HasRowid(pTab) && (aToOpen==0 || aToOpen[0]) ){
+ sqlite3OpenTable(pParse, iDataCur, iDb, pTab, op);
+ }else{
+ sqlite3TableLock(pParse, iDb, pTab->tnum, op==OP_OpenWrite, pTab->zName);
+ }
+ if( piIdxCur ) *piIdxCur = iBase;
+ for(i=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, i++){
+ int iIdxCur = iBase++;
+ assert( pIdx->pSchema==pTab->pSchema );
+ if( IsPrimaryKeyIndex(pIdx) && !HasRowid(pTab) && piDataCur ){
+ *piDataCur = iIdxCur;
+ }
+ if( aToOpen==0 || aToOpen[i+1] ){
+ sqlite3VdbeAddOp3(v, op, iIdxCur, pIdx->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
+ sqlite3VdbeChangeP5(v, p5);
+ VdbeComment((v, "%s", pIdx->zName));
+ }
+ }
+ if( iBase>pParse->nTab ) pParse->nTab = iBase;
+ return i;
+}
+
+
+#ifdef SQLITE_TEST
+/*
+** The following global variable is incremented whenever the
+** transfer optimization is used. This is used for testing
+** purposes only - to make sure the transfer optimization really
+** is happening when it is supposed to.
+*/
+SQLITE_API int sqlite3_xferopt_count;
+#endif /* SQLITE_TEST */
+
+
+#ifndef SQLITE_OMIT_XFER_OPT
+/*
+** Check to see if index pSrc is compatible as a source of data
+** for index pDest in an insert transfer optimization. The rules
+** for a compatible index:
+**
+** * The index is over the same set of columns
+** * The same DESC and ASC markings occurs on all columns
+** * The same onError processing (OE_Abort, OE_Ignore, etc)
+** * The same collating sequence on each column
+** * The index has the exact same WHERE clause
+*/
+static int xferCompatibleIndex(Index *pDest, Index *pSrc){
+ int i;
+ assert( pDest && pSrc );
+ assert( pDest->pTable!=pSrc->pTable );
+ if( pDest->nKeyCol!=pSrc->nKeyCol ){
+ return 0; /* Different number of columns */
+ }
+ if( pDest->onError!=pSrc->onError ){
+ return 0; /* Different conflict resolution strategies */
+ }
+ for(i=0; i<pSrc->nKeyCol; i++){
+ if( pSrc->aiColumn[i]!=pDest->aiColumn[i] ){
+ return 0; /* Different columns indexed */
+ }
+ if( pSrc->aiColumn[i]==XN_EXPR ){
+ assert( pSrc->aColExpr!=0 && pDest->aColExpr!=0 );
+ if( sqlite3ExprCompare(pSrc->aColExpr->a[i].pExpr,
+ pDest->aColExpr->a[i].pExpr, -1)!=0 ){
+ return 0; /* Different expressions in the index */
+ }
+ }
+ if( pSrc->aSortOrder[i]!=pDest->aSortOrder[i] ){
+ return 0; /* Different sort orders */
+ }
+ if( sqlite3_stricmp(pSrc->azColl[i],pDest->azColl[i])!=0 ){
+ return 0; /* Different collating sequences */
+ }
+ }
+ if( sqlite3ExprCompare(pSrc->pPartIdxWhere, pDest->pPartIdxWhere, -1) ){
+ return 0; /* Different WHERE clauses */
+ }
+
+ /* If no test above fails then the indices must be compatible */
+ return 1;
+}
+
+/*
+** Attempt the transfer optimization on INSERTs of the form
+**
+** INSERT INTO tab1 SELECT * FROM tab2;
+**
+** The xfer optimization transfers raw records from tab2 over to tab1.
+** Columns are not decoded and reassembled, which greatly improves
+** performance. Raw index records are transferred in the same way.
+**
+** The xfer optimization is only attempted if tab1 and tab2 are compatible.
+** There are lots of rules for determining compatibility - see comments
+** embedded in the code for details.
+**
+** This routine returns TRUE if the optimization is guaranteed to be used.
+** Sometimes the xfer optimization will only work if the destination table
+** is empty - a factor that can only be determined at run-time. In that
+** case, this routine generates code for the xfer optimization but also
+** does a test to see if the destination table is empty and jumps over the
+** xfer optimization code if the test fails. In that case, this routine
+** returns FALSE so that the caller will know to go ahead and generate
+** an unoptimized transfer. This routine also returns FALSE if there
+** is no chance that the xfer optimization can be applied.
+**
+** This optimization is particularly useful at making VACUUM run faster.
+*/
+static int xferOptimization(
+ Parse *pParse, /* Parser context */
+ Table *pDest, /* The table we are inserting into */
+ Select *pSelect, /* A SELECT statement to use as the data source */
+ int onError, /* How to handle constraint errors */
+ int iDbDest /* The database of pDest */
+){
+ sqlite3 *db = pParse->db;
+ ExprList *pEList; /* The result set of the SELECT */
+ Table *pSrc; /* The table in the FROM clause of SELECT */
+ Index *pSrcIdx, *pDestIdx; /* Source and destination indices */
+ struct SrcList_item *pItem; /* An element of pSelect->pSrc */
+ int i; /* Loop counter */
+ int iDbSrc; /* The database of pSrc */
+ int iSrc, iDest; /* Cursors from source and destination */
+ int addr1, addr2; /* Loop addresses */
+ int emptyDestTest = 0; /* Address of test for empty pDest */
+ int emptySrcTest = 0; /* Address of test for empty pSrc */
+ Vdbe *v; /* The VDBE we are building */
+ int regAutoinc; /* Memory register used by AUTOINC */
+ int destHasUniqueIdx = 0; /* True if pDest has a UNIQUE index */
+ int regData, regRowid; /* Registers holding data and rowid */
+
+ if( pSelect==0 ){
+ return 0; /* Must be of the form INSERT INTO ... SELECT ... */
+ }
+ if( pParse->pWith || pSelect->pWith ){
+ /* Do not attempt to process this query if there are an WITH clauses
+ ** attached to it. Proceeding may generate a false "no such table: xxx"
+ ** error if pSelect reads from a CTE named "xxx". */
+ return 0;
+ }
+ if( sqlite3TriggerList(pParse, pDest) ){
+ return 0; /* tab1 must not have triggers */
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( pDest->tabFlags & TF_Virtual ){
+ return 0; /* tab1 must not be a virtual table */
+ }
+#endif
+ if( onError==OE_Default ){
+ if( pDest->iPKey>=0 ) onError = pDest->keyConf;
+ if( onError==OE_Default ) onError = OE_Abort;
+ }
+ assert(pSelect->pSrc); /* allocated even if there is no FROM clause */
+ if( pSelect->pSrc->nSrc!=1 ){
+ return 0; /* FROM clause must have exactly one term */
+ }
+ if( pSelect->pSrc->a[0].pSelect ){
+ return 0; /* FROM clause cannot contain a subquery */
+ }
+ if( pSelect->pWhere ){
+ return 0; /* SELECT may not have a WHERE clause */
+ }
+ if( pSelect->pOrderBy ){
+ return 0; /* SELECT may not have an ORDER BY clause */
+ }
+ /* Do not need to test for a HAVING clause. If HAVING is present but
+ ** there is no ORDER BY, we will get an error. */
+ if( pSelect->pGroupBy ){
+ return 0; /* SELECT may not have a GROUP BY clause */
+ }
+ if( pSelect->pLimit ){
+ return 0; /* SELECT may not have a LIMIT clause */
+ }
+ assert( pSelect->pOffset==0 ); /* Must be so if pLimit==0 */
+ if( pSelect->pPrior ){
+ return 0; /* SELECT may not be a compound query */
+ }
+ if( pSelect->selFlags & SF_Distinct ){
+ return 0; /* SELECT may not be DISTINCT */
+ }
+ pEList = pSelect->pEList;
+ assert( pEList!=0 );
+ if( pEList->nExpr!=1 ){
+ return 0; /* The result set must have exactly one column */
+ }
+ assert( pEList->a[0].pExpr );
+ if( pEList->a[0].pExpr->op!=TK_ASTERISK ){
+ return 0; /* The result set must be the special operator "*" */
+ }
+
+ /* At this point we have established that the statement is of the
+ ** correct syntactic form to participate in this optimization. Now
+ ** we have to check the semantics.
+ */
+ pItem = pSelect->pSrc->a;
+ pSrc = sqlite3LocateTableItem(pParse, 0, pItem);
+ if( pSrc==0 ){
+ return 0; /* FROM clause does not contain a real table */
+ }
+ if( pSrc==pDest ){
+ return 0; /* tab1 and tab2 may not be the same table */
+ }
+ if( HasRowid(pDest)!=HasRowid(pSrc) ){
+ return 0; /* source and destination must both be WITHOUT ROWID or not */
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( pSrc->tabFlags & TF_Virtual ){
+ return 0; /* tab2 must not be a virtual table */
+ }
+#endif
+ if( pSrc->pSelect ){
+ return 0; /* tab2 may not be a view */
+ }
+ if( pDest->nCol!=pSrc->nCol ){
+ return 0; /* Number of columns must be the same in tab1 and tab2 */
+ }
+ if( pDest->iPKey!=pSrc->iPKey ){
+ return 0; /* Both tables must have the same INTEGER PRIMARY KEY */
+ }
+ for(i=0; i<pDest->nCol; i++){
+ Column *pDestCol = &pDest->aCol[i];
+ Column *pSrcCol = &pSrc->aCol[i];
+#ifdef SQLITE_ENABLE_HIDDEN_COLUMNS
+ if( (db->flags & SQLITE_Vacuum)==0
+ && (pDestCol->colFlags | pSrcCol->colFlags) & COLFLAG_HIDDEN
+ ){
+ return 0; /* Neither table may have __hidden__ columns */
+ }
+#endif
+ if( pDestCol->affinity!=pSrcCol->affinity ){
+ return 0; /* Affinity must be the same on all columns */
+ }
+ if( sqlite3_stricmp(pDestCol->zColl, pSrcCol->zColl)!=0 ){
+ return 0; /* Collating sequence must be the same on all columns */
+ }
+ if( pDestCol->notNull && !pSrcCol->notNull ){
+ return 0; /* tab2 must be NOT NULL if tab1 is */
+ }
+ /* Default values for second and subsequent columns need to match. */
+ if( i>0
+ && ((pDestCol->zDflt==0)!=(pSrcCol->zDflt==0)
+ || (pDestCol->zDflt && strcmp(pDestCol->zDflt, pSrcCol->zDflt)!=0))
+ ){
+ return 0; /* Default values must be the same for all columns */
+ }
+ }
+ for(pDestIdx=pDest->pIndex; pDestIdx; pDestIdx=pDestIdx->pNext){
+ if( IsUniqueIndex(pDestIdx) ){
+ destHasUniqueIdx = 1;
+ }
+ for(pSrcIdx=pSrc->pIndex; pSrcIdx; pSrcIdx=pSrcIdx->pNext){
+ if( xferCompatibleIndex(pDestIdx, pSrcIdx) ) break;
+ }
+ if( pSrcIdx==0 ){
+ return 0; /* pDestIdx has no corresponding index in pSrc */
+ }
+ }
+#ifndef SQLITE_OMIT_CHECK
+ if( pDest->pCheck && sqlite3ExprListCompare(pSrc->pCheck,pDest->pCheck,-1) ){
+ return 0; /* Tables have different CHECK constraints. Ticket #2252 */
+ }
+#endif
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ /* Disallow the transfer optimization if the destination table constains
+ ** any foreign key constraints. This is more restrictive than necessary.
+ ** But the main beneficiary of the transfer optimization is the VACUUM
+ ** command, and the VACUUM command disables foreign key constraints. So
+ ** the extra complication to make this rule less restrictive is probably
+ ** not worth the effort. Ticket [6284df89debdfa61db8073e062908af0c9b6118e]
+ */
+ if( (db->flags & SQLITE_ForeignKeys)!=0 && pDest->pFKey!=0 ){
+ return 0;
+ }
+#endif
+ if( (db->flags & SQLITE_CountRows)!=0 ){
+ return 0; /* xfer opt does not play well with PRAGMA count_changes */
+ }
+
+ /* If we get this far, it means that the xfer optimization is at
+ ** least a possibility, though it might only work if the destination
+ ** table (tab1) is initially empty.
+ */
+#ifdef SQLITE_TEST
+ sqlite3_xferopt_count++;
+#endif
+ iDbSrc = sqlite3SchemaToIndex(db, pSrc->pSchema);
+ v = sqlite3GetVdbe(pParse);
+ sqlite3CodeVerifySchema(pParse, iDbSrc);
+ iSrc = pParse->nTab++;
+ iDest = pParse->nTab++;
+ regAutoinc = autoIncBegin(pParse, iDbDest, pDest);
+ regData = sqlite3GetTempReg(pParse);
+ regRowid = sqlite3GetTempReg(pParse);
+ sqlite3OpenTable(pParse, iDest, iDbDest, pDest, OP_OpenWrite);
+ assert( HasRowid(pDest) || destHasUniqueIdx );
+ if( (db->flags & SQLITE_Vacuum)==0 && (
+ (pDest->iPKey<0 && pDest->pIndex!=0) /* (1) */
+ || destHasUniqueIdx /* (2) */
+ || (onError!=OE_Abort && onError!=OE_Rollback) /* (3) */
+ )){
+ /* In some circumstances, we are able to run the xfer optimization
+ ** only if the destination table is initially empty. Unless the
+ ** SQLITE_Vacuum flag is set, this block generates code to make
+ ** that determination. If SQLITE_Vacuum is set, then the destination
+ ** table is always empty.
+ **
+ ** Conditions under which the destination must be empty:
+ **
+ ** (1) There is no INTEGER PRIMARY KEY but there are indices.
+ ** (If the destination is not initially empty, the rowid fields
+ ** of index entries might need to change.)
+ **
+ ** (2) The destination has a unique index. (The xfer optimization
+ ** is unable to test uniqueness.)
+ **
+ ** (3) onError is something other than OE_Abort and OE_Rollback.
+ */
+ addr1 = sqlite3VdbeAddOp2(v, OP_Rewind, iDest, 0); VdbeCoverage(v);
+ emptyDestTest = sqlite3VdbeAddOp0(v, OP_Goto);
+ sqlite3VdbeJumpHere(v, addr1);
+ }
+ if( HasRowid(pSrc) ){
+ sqlite3OpenTable(pParse, iSrc, iDbSrc, pSrc, OP_OpenRead);
+ emptySrcTest = sqlite3VdbeAddOp2(v, OP_Rewind, iSrc, 0); VdbeCoverage(v);
+ if( pDest->iPKey>=0 ){
+ addr1 = sqlite3VdbeAddOp2(v, OP_Rowid, iSrc, regRowid);
+ addr2 = sqlite3VdbeAddOp3(v, OP_NotExists, iDest, 0, regRowid);
+ VdbeCoverage(v);
+ sqlite3RowidConstraint(pParse, onError, pDest);
+ sqlite3VdbeJumpHere(v, addr2);
+ autoIncStep(pParse, regAutoinc, regRowid);
+ }else if( pDest->pIndex==0 ){
+ addr1 = sqlite3VdbeAddOp2(v, OP_NewRowid, iDest, regRowid);
+ }else{
+ addr1 = sqlite3VdbeAddOp2(v, OP_Rowid, iSrc, regRowid);
+ assert( (pDest->tabFlags & TF_Autoincrement)==0 );
+ }
+ sqlite3VdbeAddOp2(v, OP_RowData, iSrc, regData);
+ sqlite3VdbeAddOp3(v, OP_Insert, iDest, regData, regRowid);
+ sqlite3VdbeChangeP5(v, OPFLAG_NCHANGE|OPFLAG_LASTROWID|OPFLAG_APPEND);
+ sqlite3VdbeChangeP4(v, -1, pDest->zName, 0);
+ sqlite3VdbeAddOp2(v, OP_Next, iSrc, addr1); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Close, iSrc, 0);
+ sqlite3VdbeAddOp2(v, OP_Close, iDest, 0);
+ }else{
+ sqlite3TableLock(pParse, iDbDest, pDest->tnum, 1, pDest->zName);
+ sqlite3TableLock(pParse, iDbSrc, pSrc->tnum, 0, pSrc->zName);
+ }
+ for(pDestIdx=pDest->pIndex; pDestIdx; pDestIdx=pDestIdx->pNext){
+ u8 idxInsFlags = 0;
+ for(pSrcIdx=pSrc->pIndex; ALWAYS(pSrcIdx); pSrcIdx=pSrcIdx->pNext){
+ if( xferCompatibleIndex(pDestIdx, pSrcIdx) ) break;
+ }
+ assert( pSrcIdx );
+ sqlite3VdbeAddOp3(v, OP_OpenRead, iSrc, pSrcIdx->tnum, iDbSrc);
+ sqlite3VdbeSetP4KeyInfo(pParse, pSrcIdx);
+ VdbeComment((v, "%s", pSrcIdx->zName));
+ sqlite3VdbeAddOp3(v, OP_OpenWrite, iDest, pDestIdx->tnum, iDbDest);
+ sqlite3VdbeSetP4KeyInfo(pParse, pDestIdx);
+ sqlite3VdbeChangeP5(v, OPFLAG_BULKCSR);
+ VdbeComment((v, "%s", pDestIdx->zName));
+ addr1 = sqlite3VdbeAddOp2(v, OP_Rewind, iSrc, 0); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_RowKey, iSrc, regData);
+ if( db->flags & SQLITE_Vacuum ){
+ /* This INSERT command is part of a VACUUM operation, which guarantees
+ ** that the destination table is empty. If all indexed columns use
+ ** collation sequence BINARY, then it can also be assumed that the
+ ** index will be populated by inserting keys in strictly sorted
+ ** order. In this case, instead of seeking within the b-tree as part
+ ** of every OP_IdxInsert opcode, an OP_Last is added before the
+ ** OP_IdxInsert to seek to the point within the b-tree where each key
+ ** should be inserted. This is faster.
+ **
+ ** If any of the indexed columns use a collation sequence other than
+ ** BINARY, this optimization is disabled. This is because the user
+ ** might change the definition of a collation sequence and then run
+ ** a VACUUM command. In that case keys may not be written in strictly
+ ** sorted order. */
+ for(i=0; i<pSrcIdx->nColumn; i++){
+ const char *zColl = pSrcIdx->azColl[i];
+ assert( sqlite3_stricmp(sqlite3StrBINARY, zColl)!=0
+ || sqlite3StrBINARY==zColl );
+ if( sqlite3_stricmp(sqlite3StrBINARY, zColl) ) break;
+ }
+ if( i==pSrcIdx->nColumn ){
+ idxInsFlags = OPFLAG_USESEEKRESULT;
+ sqlite3VdbeAddOp3(v, OP_Last, iDest, 0, -1);
+ }
+ }
+ if( !HasRowid(pSrc) && pDestIdx->idxType==2 ){
+ idxInsFlags |= OPFLAG_NCHANGE;
+ }
+ sqlite3VdbeAddOp3(v, OP_IdxInsert, iDest, regData, 1);
+ sqlite3VdbeChangeP5(v, idxInsFlags);
+ sqlite3VdbeAddOp2(v, OP_Next, iSrc, addr1+1); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addr1);
+ sqlite3VdbeAddOp2(v, OP_Close, iSrc, 0);
+ sqlite3VdbeAddOp2(v, OP_Close, iDest, 0);
+ }
+ if( emptySrcTest ) sqlite3VdbeJumpHere(v, emptySrcTest);
+ sqlite3ReleaseTempReg(pParse, regRowid);
+ sqlite3ReleaseTempReg(pParse, regData);
+ if( emptyDestTest ){
+ sqlite3VdbeAddOp2(v, OP_Halt, SQLITE_OK, 0);
+ sqlite3VdbeJumpHere(v, emptyDestTest);
+ sqlite3VdbeAddOp2(v, OP_Close, iDest, 0);
+ return 0;
+ }else{
+ return 1;
+ }
+}
+#endif /* SQLITE_OMIT_XFER_OPT */
+
+/************** End of insert.c **********************************************/
+/************** Begin file legacy.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Main file for the SQLite library. The routines in this file
+** implement the programmer interface to the library. Routines in
+** other files are for internal use by SQLite and should not be
+** accessed by users of the library.
+*/
+
+/* #include "sqliteInt.h" */
+
+/*
+** Execute SQL code. Return one of the SQLITE_ success/failure
+** codes. Also write an error message into memory obtained from
+** malloc() and make *pzErrMsg point to that message.
+**
+** If the SQL is a query, then for each row in the query result
+** the xCallback() function is called. pArg becomes the first
+** argument to xCallback(). If xCallback=NULL then no callback
+** is invoked, even for queries.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_exec(
+ sqlite3 *db, /* The database on which the SQL executes */
+ const char *zSql, /* The SQL to be executed */
+ sqlite3_callback xCallback, /* Invoke this callback routine */
+ void *pArg, /* First argument to xCallback() */
+ char **pzErrMsg /* Write error messages here */
+){
+ int rc = SQLITE_OK; /* Return code */
+ const char *zLeftover; /* Tail of unprocessed SQL */
+ sqlite3_stmt *pStmt = 0; /* The current SQL statement */
+ char **azCols = 0; /* Names of result columns */
+ int callbackIsInit; /* True if callback data is initialized */
+
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+ if( zSql==0 ) zSql = "";
+
+ sqlite3_mutex_enter(db->mutex);
+ sqlite3Error(db, SQLITE_OK);
+ while( rc==SQLITE_OK && zSql[0] ){
+ int nCol;
+ char **azVals = 0;
+
+ pStmt = 0;
+ rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, &zLeftover);
+ assert( rc==SQLITE_OK || pStmt==0 );
+ if( rc!=SQLITE_OK ){
+ continue;
+ }
+ if( !pStmt ){
+ /* this happens for a comment or white-space */
+ zSql = zLeftover;
+ continue;
+ }
+
+ callbackIsInit = 0;
+ nCol = sqlite3_column_count(pStmt);
+
+ while( 1 ){
+ int i;
+ rc = sqlite3_step(pStmt);
+
+ /* Invoke the callback function if required */
+ if( xCallback && (SQLITE_ROW==rc ||
+ (SQLITE_DONE==rc && !callbackIsInit
+ && db->flags&SQLITE_NullCallback)) ){
+ if( !callbackIsInit ){
+ azCols = sqlite3DbMallocZero(db, 2*nCol*sizeof(const char*) + 1);
+ if( azCols==0 ){
+ goto exec_out;
+ }
+ for(i=0; i<nCol; i++){
+ azCols[i] = (char *)sqlite3_column_name(pStmt, i);
+ /* sqlite3VdbeSetColName() installs column names as UTF8
+ ** strings so there is no way for sqlite3_column_name() to fail. */
+ assert( azCols[i]!=0 );
+ }
+ callbackIsInit = 1;
+ }
+ if( rc==SQLITE_ROW ){
+ azVals = &azCols[nCol];
+ for(i=0; i<nCol; i++){
+ azVals[i] = (char *)sqlite3_column_text(pStmt, i);
+ if( !azVals[i] && sqlite3_column_type(pStmt, i)!=SQLITE_NULL ){
+ db->mallocFailed = 1;
+ goto exec_out;
+ }
+ }
+ }
+ if( xCallback(pArg, nCol, azVals, azCols) ){
+ /* EVIDENCE-OF: R-38229-40159 If the callback function to
+ ** sqlite3_exec() returns non-zero, then sqlite3_exec() will
+ ** return SQLITE_ABORT. */
+ rc = SQLITE_ABORT;
+ sqlite3VdbeFinalize((Vdbe *)pStmt);
+ pStmt = 0;
+ sqlite3Error(db, SQLITE_ABORT);
+ goto exec_out;
+ }
+ }
+
+ if( rc!=SQLITE_ROW ){
+ rc = sqlite3VdbeFinalize((Vdbe *)pStmt);
+ pStmt = 0;
+ zSql = zLeftover;
+ while( sqlite3Isspace(zSql[0]) ) zSql++;
+ break;
+ }
+ }
+
+ sqlite3DbFree(db, azCols);
+ azCols = 0;
+ }
+
+exec_out:
+ if( pStmt ) sqlite3VdbeFinalize((Vdbe *)pStmt);
+ sqlite3DbFree(db, azCols);
+
+ rc = sqlite3ApiExit(db, rc);
+ if( rc!=SQLITE_OK && pzErrMsg ){
+ int nErrMsg = 1 + sqlite3Strlen30(sqlite3_errmsg(db));
+ *pzErrMsg = sqlite3Malloc(nErrMsg);
+ if( *pzErrMsg ){
+ memcpy(*pzErrMsg, sqlite3_errmsg(db), nErrMsg);
+ }else{
+ rc = SQLITE_NOMEM;
+ sqlite3Error(db, SQLITE_NOMEM);
+ }
+ }else if( pzErrMsg ){
+ *pzErrMsg = 0;
+ }
+
+ assert( (rc&db->errMask)==rc );
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/************** End of legacy.c **********************************************/
+/************** Begin file loadext.c *****************************************/
+/*
+** 2006 June 7
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used to dynamically load extensions into
+** the SQLite library.
+*/
+
+#ifndef SQLITE_CORE
+ #define SQLITE_CORE 1 /* Disable the API redefinition in sqlite3ext.h */
+#endif
+/************** Include sqlite3ext.h in the middle of loadext.c **************/
+/************** Begin file sqlite3ext.h **************************************/
+/*
+** 2006 June 7
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the SQLite interface for use by
+** shared libraries that want to be imported as extensions into
+** an SQLite instance. Shared libraries that intend to be loaded
+** as extensions by SQLite should #include this file instead of
+** sqlite3.h.
+*/
+#ifndef _SQLITE3EXT_H_
+#define _SQLITE3EXT_H_
+/* #include "sqlite3.h" */
+
+typedef struct sqlite3_api_routines sqlite3_api_routines;
+
+/*
+** The following structure holds pointers to all of the SQLite API
+** routines.
+**
+** WARNING: In order to maintain backwards compatibility, add new
+** interfaces to the end of this structure only. If you insert new
+** interfaces in the middle of this structure, then older different
+** versions of SQLite will not be able to load each other's shared
+** libraries!
+*/
+struct sqlite3_api_routines {
+ void * (*aggregate_context)(sqlite3_context*,int nBytes);
+ int (*aggregate_count)(sqlite3_context*);
+ int (*bind_blob)(sqlite3_stmt*,int,const void*,int n,void(*)(void*));
+ int (*bind_double)(sqlite3_stmt*,int,double);
+ int (*bind_int)(sqlite3_stmt*,int,int);
+ int (*bind_int64)(sqlite3_stmt*,int,sqlite_int64);
+ int (*bind_null)(sqlite3_stmt*,int);
+ int (*bind_parameter_count)(sqlite3_stmt*);
+ int (*bind_parameter_index)(sqlite3_stmt*,const char*zName);
+ const char * (*bind_parameter_name)(sqlite3_stmt*,int);
+ int (*bind_text)(sqlite3_stmt*,int,const char*,int n,void(*)(void*));
+ int (*bind_text16)(sqlite3_stmt*,int,const void*,int,void(*)(void*));
+ int (*bind_value)(sqlite3_stmt*,int,const sqlite3_value*);
+ int (*busy_handler)(sqlite3*,int(*)(void*,int),void*);
+ int (*busy_timeout)(sqlite3*,int ms);
+ int (*changes)(sqlite3*);
+ int (*close)(sqlite3*);
+ int (*collation_needed)(sqlite3*,void*,void(*)(void*,sqlite3*,
+ int eTextRep,const char*));
+ int (*collation_needed16)(sqlite3*,void*,void(*)(void*,sqlite3*,
+ int eTextRep,const void*));
+ const void * (*column_blob)(sqlite3_stmt*,int iCol);
+ int (*column_bytes)(sqlite3_stmt*,int iCol);
+ int (*column_bytes16)(sqlite3_stmt*,int iCol);
+ int (*column_count)(sqlite3_stmt*pStmt);
+ const char * (*column_database_name)(sqlite3_stmt*,int);
+ const void * (*column_database_name16)(sqlite3_stmt*,int);
+ const char * (*column_decltype)(sqlite3_stmt*,int i);
+ const void * (*column_decltype16)(sqlite3_stmt*,int);
+ double (*column_double)(sqlite3_stmt*,int iCol);
+ int (*column_int)(sqlite3_stmt*,int iCol);
+ sqlite_int64 (*column_int64)(sqlite3_stmt*,int iCol);
+ const char * (*column_name)(sqlite3_stmt*,int);
+ const void * (*column_name16)(sqlite3_stmt*,int);
+ const char * (*column_origin_name)(sqlite3_stmt*,int);
+ const void * (*column_origin_name16)(sqlite3_stmt*,int);
+ const char * (*column_table_name)(sqlite3_stmt*,int);
+ const void * (*column_table_name16)(sqlite3_stmt*,int);
+ const unsigned char * (*column_text)(sqlite3_stmt*,int iCol);
+ const void * (*column_text16)(sqlite3_stmt*,int iCol);
+ int (*column_type)(sqlite3_stmt*,int iCol);
+ sqlite3_value* (*column_value)(sqlite3_stmt*,int iCol);
+ void * (*commit_hook)(sqlite3*,int(*)(void*),void*);
+ int (*complete)(const char*sql);
+ int (*complete16)(const void*sql);
+ int (*create_collation)(sqlite3*,const char*,int,void*,
+ int(*)(void*,int,const void*,int,const void*));
+ int (*create_collation16)(sqlite3*,const void*,int,void*,
+ int(*)(void*,int,const void*,int,const void*));
+ int (*create_function)(sqlite3*,const char*,int,int,void*,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*));
+ int (*create_function16)(sqlite3*,const void*,int,int,void*,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*));
+ int (*create_module)(sqlite3*,const char*,const sqlite3_module*,void*);
+ int (*data_count)(sqlite3_stmt*pStmt);
+ sqlite3 * (*db_handle)(sqlite3_stmt*);
+ int (*declare_vtab)(sqlite3*,const char*);
+ int (*enable_shared_cache)(int);
+ int (*errcode)(sqlite3*db);
+ const char * (*errmsg)(sqlite3*);
+ const void * (*errmsg16)(sqlite3*);
+ int (*exec)(sqlite3*,const char*,sqlite3_callback,void*,char**);
+ int (*expired)(sqlite3_stmt*);
+ int (*finalize)(sqlite3_stmt*pStmt);
+ void (*free)(void*);
+ void (*free_table)(char**result);
+ int (*get_autocommit)(sqlite3*);
+ void * (*get_auxdata)(sqlite3_context*,int);
+ int (*get_table)(sqlite3*,const char*,char***,int*,int*,char**);
+ int (*global_recover)(void);
+ void (*interruptx)(sqlite3*);
+ sqlite_int64 (*last_insert_rowid)(sqlite3*);
+ const char * (*libversion)(void);
+ int (*libversion_number)(void);
+ void *(*malloc)(int);
+ char * (*mprintf)(const char*,...);
+ int (*open)(const char*,sqlite3**);
+ int (*open16)(const void*,sqlite3**);
+ int (*prepare)(sqlite3*,const char*,int,sqlite3_stmt**,const char**);
+ int (*prepare16)(sqlite3*,const void*,int,sqlite3_stmt**,const void**);
+ void * (*profile)(sqlite3*,void(*)(void*,const char*,sqlite_uint64),void*);
+ void (*progress_handler)(sqlite3*,int,int(*)(void*),void*);
+ void *(*realloc)(void*,int);
+ int (*reset)(sqlite3_stmt*pStmt);
+ void (*result_blob)(sqlite3_context*,const void*,int,void(*)(void*));
+ void (*result_double)(sqlite3_context*,double);
+ void (*result_error)(sqlite3_context*,const char*,int);
+ void (*result_error16)(sqlite3_context*,const void*,int);
+ void (*result_int)(sqlite3_context*,int);
+ void (*result_int64)(sqlite3_context*,sqlite_int64);
+ void (*result_null)(sqlite3_context*);
+ void (*result_text)(sqlite3_context*,const char*,int,void(*)(void*));
+ void (*result_text16)(sqlite3_context*,const void*,int,void(*)(void*));
+ void (*result_text16be)(sqlite3_context*,const void*,int,void(*)(void*));
+ void (*result_text16le)(sqlite3_context*,const void*,int,void(*)(void*));
+ void (*result_value)(sqlite3_context*,sqlite3_value*);
+ void * (*rollback_hook)(sqlite3*,void(*)(void*),void*);
+ int (*set_authorizer)(sqlite3*,int(*)(void*,int,const char*,const char*,
+ const char*,const char*),void*);
+ void (*set_auxdata)(sqlite3_context*,int,void*,void (*)(void*));
+ char * (*snprintf)(int,char*,const char*,...);
+ int (*step)(sqlite3_stmt*);
+ int (*table_column_metadata)(sqlite3*,const char*,const char*,const char*,
+ char const**,char const**,int*,int*,int*);
+ void (*thread_cleanup)(void);
+ int (*total_changes)(sqlite3*);
+ void * (*trace)(sqlite3*,void(*xTrace)(void*,const char*),void*);
+ int (*transfer_bindings)(sqlite3_stmt*,sqlite3_stmt*);
+ void * (*update_hook)(sqlite3*,void(*)(void*,int ,char const*,char const*,
+ sqlite_int64),void*);
+ void * (*user_data)(sqlite3_context*);
+ const void * (*value_blob)(sqlite3_value*);
+ int (*value_bytes)(sqlite3_value*);
+ int (*value_bytes16)(sqlite3_value*);
+ double (*value_double)(sqlite3_value*);
+ int (*value_int)(sqlite3_value*);
+ sqlite_int64 (*value_int64)(sqlite3_value*);
+ int (*value_numeric_type)(sqlite3_value*);
+ const unsigned char * (*value_text)(sqlite3_value*);
+ const void * (*value_text16)(sqlite3_value*);
+ const void * (*value_text16be)(sqlite3_value*);
+ const void * (*value_text16le)(sqlite3_value*);
+ int (*value_type)(sqlite3_value*);
+ char *(*vmprintf)(const char*,va_list);
+ /* Added ??? */
+ int (*overload_function)(sqlite3*, const char *zFuncName, int nArg);
+ /* Added by 3.3.13 */
+ int (*prepare_v2)(sqlite3*,const char*,int,sqlite3_stmt**,const char**);
+ int (*prepare16_v2)(sqlite3*,const void*,int,sqlite3_stmt**,const void**);
+ int (*clear_bindings)(sqlite3_stmt*);
+ /* Added by 3.4.1 */
+ int (*create_module_v2)(sqlite3*,const char*,const sqlite3_module*,void*,
+ void (*xDestroy)(void *));
+ /* Added by 3.5.0 */
+ int (*bind_zeroblob)(sqlite3_stmt*,int,int);
+ int (*blob_bytes)(sqlite3_blob*);
+ int (*blob_close)(sqlite3_blob*);
+ int (*blob_open)(sqlite3*,const char*,const char*,const char*,sqlite3_int64,
+ int,sqlite3_blob**);
+ int (*blob_read)(sqlite3_blob*,void*,int,int);
+ int (*blob_write)(sqlite3_blob*,const void*,int,int);
+ int (*create_collation_v2)(sqlite3*,const char*,int,void*,
+ int(*)(void*,int,const void*,int,const void*),
+ void(*)(void*));
+ int (*file_control)(sqlite3*,const char*,int,void*);
+ sqlite3_int64 (*memory_highwater)(int);
+ sqlite3_int64 (*memory_used)(void);
+ sqlite3_mutex *(*mutex_alloc)(int);
+ void (*mutex_enter)(sqlite3_mutex*);
+ void (*mutex_free)(sqlite3_mutex*);
+ void (*mutex_leave)(sqlite3_mutex*);
+ int (*mutex_try)(sqlite3_mutex*);
+ int (*open_v2)(const char*,sqlite3**,int,const char*);
+ int (*release_memory)(int);
+ void (*result_error_nomem)(sqlite3_context*);
+ void (*result_error_toobig)(sqlite3_context*);
+ int (*sleep)(int);
+ void (*soft_heap_limit)(int);
+ sqlite3_vfs *(*vfs_find)(const char*);
+ int (*vfs_register)(sqlite3_vfs*,int);
+ int (*vfs_unregister)(sqlite3_vfs*);
+ int (*xthreadsafe)(void);
+ void (*result_zeroblob)(sqlite3_context*,int);
+ void (*result_error_code)(sqlite3_context*,int);
+ int (*test_control)(int, ...);
+ void (*randomness)(int,void*);
+ sqlite3 *(*context_db_handle)(sqlite3_context*);
+ int (*extended_result_codes)(sqlite3*,int);
+ int (*limit)(sqlite3*,int,int);
+ sqlite3_stmt *(*next_stmt)(sqlite3*,sqlite3_stmt*);
+ const char *(*sql)(sqlite3_stmt*);
+ int (*status)(int,int*,int*,int);
+ int (*backup_finish)(sqlite3_backup*);
+ sqlite3_backup *(*backup_init)(sqlite3*,const char*,sqlite3*,const char*);
+ int (*backup_pagecount)(sqlite3_backup*);
+ int (*backup_remaining)(sqlite3_backup*);
+ int (*backup_step)(sqlite3_backup*,int);
+ const char *(*compileoption_get)(int);
+ int (*compileoption_used)(const char*);
+ int (*create_function_v2)(sqlite3*,const char*,int,int,void*,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*),
+ void(*xDestroy)(void*));
+ int (*db_config)(sqlite3*,int,...);
+ sqlite3_mutex *(*db_mutex)(sqlite3*);
+ int (*db_status)(sqlite3*,int,int*,int*,int);
+ int (*extended_errcode)(sqlite3*);
+ void (*log)(int,const char*,...);
+ sqlite3_int64 (*soft_heap_limit64)(sqlite3_int64);
+ const char *(*sourceid)(void);
+ int (*stmt_status)(sqlite3_stmt*,int,int);
+ int (*strnicmp)(const char*,const char*,int);
+ int (*unlock_notify)(sqlite3*,void(*)(void**,int),void*);
+ int (*wal_autocheckpoint)(sqlite3*,int);
+ int (*wal_checkpoint)(sqlite3*,const char*);
+ void *(*wal_hook)(sqlite3*,int(*)(void*,sqlite3*,const char*,int),void*);
+ int (*blob_reopen)(sqlite3_blob*,sqlite3_int64);
+ int (*vtab_config)(sqlite3*,int op,...);
+ int (*vtab_on_conflict)(sqlite3*);
+ /* Version 3.7.16 and later */
+ int (*close_v2)(sqlite3*);
+ const char *(*db_filename)(sqlite3*,const char*);
+ int (*db_readonly)(sqlite3*,const char*);
+ int (*db_release_memory)(sqlite3*);
+ const char *(*errstr)(int);
+ int (*stmt_busy)(sqlite3_stmt*);
+ int (*stmt_readonly)(sqlite3_stmt*);
+ int (*stricmp)(const char*,const char*);
+ int (*uri_boolean)(const char*,const char*,int);
+ sqlite3_int64 (*uri_int64)(const char*,const char*,sqlite3_int64);
+ const char *(*uri_parameter)(const char*,const char*);
+ char *(*vsnprintf)(int,char*,const char*,va_list);
+ int (*wal_checkpoint_v2)(sqlite3*,const char*,int,int*,int*);
+ /* Version 3.8.7 and later */
+ int (*auto_extension)(void(*)(void));
+ int (*bind_blob64)(sqlite3_stmt*,int,const void*,sqlite3_uint64,
+ void(*)(void*));
+ int (*bind_text64)(sqlite3_stmt*,int,const char*,sqlite3_uint64,
+ void(*)(void*),unsigned char);
+ int (*cancel_auto_extension)(void(*)(void));
+ int (*load_extension)(sqlite3*,const char*,const char*,char**);
+ void *(*malloc64)(sqlite3_uint64);
+ sqlite3_uint64 (*msize)(void*);
+ void *(*realloc64)(void*,sqlite3_uint64);
+ void (*reset_auto_extension)(void);
+ void (*result_blob64)(sqlite3_context*,const void*,sqlite3_uint64,
+ void(*)(void*));
+ void (*result_text64)(sqlite3_context*,const char*,sqlite3_uint64,
+ void(*)(void*), unsigned char);
+ int (*strglob)(const char*,const char*);
+ /* Version 3.8.11 and later */
+ sqlite3_value *(*value_dup)(const sqlite3_value*);
+ void (*value_free)(sqlite3_value*);
+ int (*result_zeroblob64)(sqlite3_context*,sqlite3_uint64);
+ int (*bind_zeroblob64)(sqlite3_stmt*, int, sqlite3_uint64);
+ /* Version 3.9.0 and later */
+ unsigned int (*value_subtype)(sqlite3_value*);
+ void (*result_subtype)(sqlite3_context*,unsigned int);
+ /* Version 3.10.0 and later */
+ int (*status64)(int,sqlite3_int64*,sqlite3_int64*,int);
+ int (*strlike)(const char*,const char*,unsigned int);
+ int (*db_cacheflush)(sqlite3*);
+};
+
+/*
+** The following macros redefine the API routines so that they are
+** redirected through the global sqlite3_api structure.
+**
+** This header file is also used by the loadext.c source file
+** (part of the main SQLite library - not an extension) so that
+** it can get access to the sqlite3_api_routines structure
+** definition. But the main library does not want to redefine
+** the API. So the redefinition macros are only valid if the
+** SQLITE_CORE macros is undefined.
+*/
+#if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
+#define sqlite3_aggregate_context sqlite3_api->aggregate_context
+#ifndef SQLITE_OMIT_DEPRECATED
+#define sqlite3_aggregate_count sqlite3_api->aggregate_count
+#endif
+#define sqlite3_bind_blob sqlite3_api->bind_blob
+#define sqlite3_bind_double sqlite3_api->bind_double
+#define sqlite3_bind_int sqlite3_api->bind_int
+#define sqlite3_bind_int64 sqlite3_api->bind_int64
+#define sqlite3_bind_null sqlite3_api->bind_null
+#define sqlite3_bind_parameter_count sqlite3_api->bind_parameter_count
+#define sqlite3_bind_parameter_index sqlite3_api->bind_parameter_index
+#define sqlite3_bind_parameter_name sqlite3_api->bind_parameter_name
+#define sqlite3_bind_text sqlite3_api->bind_text
+#define sqlite3_bind_text16 sqlite3_api->bind_text16
+#define sqlite3_bind_value sqlite3_api->bind_value
+#define sqlite3_busy_handler sqlite3_api->busy_handler
+#define sqlite3_busy_timeout sqlite3_api->busy_timeout
+#define sqlite3_changes sqlite3_api->changes
+#define sqlite3_close sqlite3_api->close
+#define sqlite3_collation_needed sqlite3_api->collation_needed
+#define sqlite3_collation_needed16 sqlite3_api->collation_needed16
+#define sqlite3_column_blob sqlite3_api->column_blob
+#define sqlite3_column_bytes sqlite3_api->column_bytes
+#define sqlite3_column_bytes16 sqlite3_api->column_bytes16
+#define sqlite3_column_count sqlite3_api->column_count
+#define sqlite3_column_database_name sqlite3_api->column_database_name
+#define sqlite3_column_database_name16 sqlite3_api->column_database_name16
+#define sqlite3_column_decltype sqlite3_api->column_decltype
+#define sqlite3_column_decltype16 sqlite3_api->column_decltype16
+#define sqlite3_column_double sqlite3_api->column_double
+#define sqlite3_column_int sqlite3_api->column_int
+#define sqlite3_column_int64 sqlite3_api->column_int64
+#define sqlite3_column_name sqlite3_api->column_name
+#define sqlite3_column_name16 sqlite3_api->column_name16
+#define sqlite3_column_origin_name sqlite3_api->column_origin_name
+#define sqlite3_column_origin_name16 sqlite3_api->column_origin_name16
+#define sqlite3_column_table_name sqlite3_api->column_table_name
+#define sqlite3_column_table_name16 sqlite3_api->column_table_name16
+#define sqlite3_column_text sqlite3_api->column_text
+#define sqlite3_column_text16 sqlite3_api->column_text16
+#define sqlite3_column_type sqlite3_api->column_type
+#define sqlite3_column_value sqlite3_api->column_value
+#define sqlite3_commit_hook sqlite3_api->commit_hook
+#define sqlite3_complete sqlite3_api->complete
+#define sqlite3_complete16 sqlite3_api->complete16
+#define sqlite3_create_collation sqlite3_api->create_collation
+#define sqlite3_create_collation16 sqlite3_api->create_collation16
+#define sqlite3_create_function sqlite3_api->create_function
+#define sqlite3_create_function16 sqlite3_api->create_function16
+#define sqlite3_create_module sqlite3_api->create_module
+#define sqlite3_create_module_v2 sqlite3_api->create_module_v2
+#define sqlite3_data_count sqlite3_api->data_count
+#define sqlite3_db_handle sqlite3_api->db_handle
+#define sqlite3_declare_vtab sqlite3_api->declare_vtab
+#define sqlite3_enable_shared_cache sqlite3_api->enable_shared_cache
+#define sqlite3_errcode sqlite3_api->errcode
+#define sqlite3_errmsg sqlite3_api->errmsg
+#define sqlite3_errmsg16 sqlite3_api->errmsg16
+#define sqlite3_exec sqlite3_api->exec
+#ifndef SQLITE_OMIT_DEPRECATED
+#define sqlite3_expired sqlite3_api->expired
+#endif
+#define sqlite3_finalize sqlite3_api->finalize
+#define sqlite3_free sqlite3_api->free
+#define sqlite3_free_table sqlite3_api->free_table
+#define sqlite3_get_autocommit sqlite3_api->get_autocommit
+#define sqlite3_get_auxdata sqlite3_api->get_auxdata
+#define sqlite3_get_table sqlite3_api->get_table
+#ifndef SQLITE_OMIT_DEPRECATED
+#define sqlite3_global_recover sqlite3_api->global_recover
+#endif
+#define sqlite3_interrupt sqlite3_api->interruptx
+#define sqlite3_last_insert_rowid sqlite3_api->last_insert_rowid
+#define sqlite3_libversion sqlite3_api->libversion
+#define sqlite3_libversion_number sqlite3_api->libversion_number
+#define sqlite3_malloc sqlite3_api->malloc
+#define sqlite3_mprintf sqlite3_api->mprintf
+#define sqlite3_open sqlite3_api->open
+#define sqlite3_open16 sqlite3_api->open16
+#define sqlite3_prepare sqlite3_api->prepare
+#define sqlite3_prepare16 sqlite3_api->prepare16
+#define sqlite3_prepare_v2 sqlite3_api->prepare_v2
+#define sqlite3_prepare16_v2 sqlite3_api->prepare16_v2
+#define sqlite3_profile sqlite3_api->profile
+#define sqlite3_progress_handler sqlite3_api->progress_handler
+#define sqlite3_realloc sqlite3_api->realloc
+#define sqlite3_reset sqlite3_api->reset
+#define sqlite3_result_blob sqlite3_api->result_blob
+#define sqlite3_result_double sqlite3_api->result_double
+#define sqlite3_result_error sqlite3_api->result_error
+#define sqlite3_result_error16 sqlite3_api->result_error16
+#define sqlite3_result_int sqlite3_api->result_int
+#define sqlite3_result_int64 sqlite3_api->result_int64
+#define sqlite3_result_null sqlite3_api->result_null
+#define sqlite3_result_text sqlite3_api->result_text
+#define sqlite3_result_text16 sqlite3_api->result_text16
+#define sqlite3_result_text16be sqlite3_api->result_text16be
+#define sqlite3_result_text16le sqlite3_api->result_text16le
+#define sqlite3_result_value sqlite3_api->result_value
+#define sqlite3_rollback_hook sqlite3_api->rollback_hook
+#define sqlite3_set_authorizer sqlite3_api->set_authorizer
+#define sqlite3_set_auxdata sqlite3_api->set_auxdata
+#define sqlite3_snprintf sqlite3_api->snprintf
+#define sqlite3_step sqlite3_api->step
+#define sqlite3_table_column_metadata sqlite3_api->table_column_metadata
+#define sqlite3_thread_cleanup sqlite3_api->thread_cleanup
+#define sqlite3_total_changes sqlite3_api->total_changes
+#define sqlite3_trace sqlite3_api->trace
+#ifndef SQLITE_OMIT_DEPRECATED
+#define sqlite3_transfer_bindings sqlite3_api->transfer_bindings
+#endif
+#define sqlite3_update_hook sqlite3_api->update_hook
+#define sqlite3_user_data sqlite3_api->user_data
+#define sqlite3_value_blob sqlite3_api->value_blob
+#define sqlite3_value_bytes sqlite3_api->value_bytes
+#define sqlite3_value_bytes16 sqlite3_api->value_bytes16
+#define sqlite3_value_double sqlite3_api->value_double
+#define sqlite3_value_int sqlite3_api->value_int
+#define sqlite3_value_int64 sqlite3_api->value_int64
+#define sqlite3_value_numeric_type sqlite3_api->value_numeric_type
+#define sqlite3_value_text sqlite3_api->value_text
+#define sqlite3_value_text16 sqlite3_api->value_text16
+#define sqlite3_value_text16be sqlite3_api->value_text16be
+#define sqlite3_value_text16le sqlite3_api->value_text16le
+#define sqlite3_value_type sqlite3_api->value_type
+#define sqlite3_vmprintf sqlite3_api->vmprintf
+#define sqlite3_vsnprintf sqlite3_api->vsnprintf
+#define sqlite3_overload_function sqlite3_api->overload_function
+#define sqlite3_prepare_v2 sqlite3_api->prepare_v2
+#define sqlite3_prepare16_v2 sqlite3_api->prepare16_v2
+#define sqlite3_clear_bindings sqlite3_api->clear_bindings
+#define sqlite3_bind_zeroblob sqlite3_api->bind_zeroblob
+#define sqlite3_blob_bytes sqlite3_api->blob_bytes
+#define sqlite3_blob_close sqlite3_api->blob_close
+#define sqlite3_blob_open sqlite3_api->blob_open
+#define sqlite3_blob_read sqlite3_api->blob_read
+#define sqlite3_blob_write sqlite3_api->blob_write
+#define sqlite3_create_collation_v2 sqlite3_api->create_collation_v2
+#define sqlite3_file_control sqlite3_api->file_control
+#define sqlite3_memory_highwater sqlite3_api->memory_highwater
+#define sqlite3_memory_used sqlite3_api->memory_used
+#define sqlite3_mutex_alloc sqlite3_api->mutex_alloc
+#define sqlite3_mutex_enter sqlite3_api->mutex_enter
+#define sqlite3_mutex_free sqlite3_api->mutex_free
+#define sqlite3_mutex_leave sqlite3_api->mutex_leave
+#define sqlite3_mutex_try sqlite3_api->mutex_try
+#define sqlite3_open_v2 sqlite3_api->open_v2
+#define sqlite3_release_memory sqlite3_api->release_memory
+#define sqlite3_result_error_nomem sqlite3_api->result_error_nomem
+#define sqlite3_result_error_toobig sqlite3_api->result_error_toobig
+#define sqlite3_sleep sqlite3_api->sleep
+#define sqlite3_soft_heap_limit sqlite3_api->soft_heap_limit
+#define sqlite3_vfs_find sqlite3_api->vfs_find
+#define sqlite3_vfs_register sqlite3_api->vfs_register
+#define sqlite3_vfs_unregister sqlite3_api->vfs_unregister
+#define sqlite3_threadsafe sqlite3_api->xthreadsafe
+#define sqlite3_result_zeroblob sqlite3_api->result_zeroblob
+#define sqlite3_result_error_code sqlite3_api->result_error_code
+#define sqlite3_test_control sqlite3_api->test_control
+#define sqlite3_randomness sqlite3_api->randomness
+#define sqlite3_context_db_handle sqlite3_api->context_db_handle
+#define sqlite3_extended_result_codes sqlite3_api->extended_result_codes
+#define sqlite3_limit sqlite3_api->limit
+#define sqlite3_next_stmt sqlite3_api->next_stmt
+#define sqlite3_sql sqlite3_api->sql
+#define sqlite3_status sqlite3_api->status
+#define sqlite3_backup_finish sqlite3_api->backup_finish
+#define sqlite3_backup_init sqlite3_api->backup_init
+#define sqlite3_backup_pagecount sqlite3_api->backup_pagecount
+#define sqlite3_backup_remaining sqlite3_api->backup_remaining
+#define sqlite3_backup_step sqlite3_api->backup_step
+#define sqlite3_compileoption_get sqlite3_api->compileoption_get
+#define sqlite3_compileoption_used sqlite3_api->compileoption_used
+#define sqlite3_create_function_v2 sqlite3_api->create_function_v2
+#define sqlite3_db_config sqlite3_api->db_config
+#define sqlite3_db_mutex sqlite3_api->db_mutex
+#define sqlite3_db_status sqlite3_api->db_status
+#define sqlite3_extended_errcode sqlite3_api->extended_errcode
+#define sqlite3_log sqlite3_api->log
+#define sqlite3_soft_heap_limit64 sqlite3_api->soft_heap_limit64
+#define sqlite3_sourceid sqlite3_api->sourceid
+#define sqlite3_stmt_status sqlite3_api->stmt_status
+#define sqlite3_strnicmp sqlite3_api->strnicmp
+#define sqlite3_unlock_notify sqlite3_api->unlock_notify
+#define sqlite3_wal_autocheckpoint sqlite3_api->wal_autocheckpoint
+#define sqlite3_wal_checkpoint sqlite3_api->wal_checkpoint
+#define sqlite3_wal_hook sqlite3_api->wal_hook
+#define sqlite3_blob_reopen sqlite3_api->blob_reopen
+#define sqlite3_vtab_config sqlite3_api->vtab_config
+#define sqlite3_vtab_on_conflict sqlite3_api->vtab_on_conflict
+/* Version 3.7.16 and later */
+#define sqlite3_close_v2 sqlite3_api->close_v2
+#define sqlite3_db_filename sqlite3_api->db_filename
+#define sqlite3_db_readonly sqlite3_api->db_readonly
+#define sqlite3_db_release_memory sqlite3_api->db_release_memory
+#define sqlite3_errstr sqlite3_api->errstr
+#define sqlite3_stmt_busy sqlite3_api->stmt_busy
+#define sqlite3_stmt_readonly sqlite3_api->stmt_readonly
+#define sqlite3_stricmp sqlite3_api->stricmp
+#define sqlite3_uri_boolean sqlite3_api->uri_boolean
+#define sqlite3_uri_int64 sqlite3_api->uri_int64
+#define sqlite3_uri_parameter sqlite3_api->uri_parameter
+#define sqlite3_uri_vsnprintf sqlite3_api->vsnprintf
+#define sqlite3_wal_checkpoint_v2 sqlite3_api->wal_checkpoint_v2
+/* Version 3.8.7 and later */
+#define sqlite3_auto_extension sqlite3_api->auto_extension
+#define sqlite3_bind_blob64 sqlite3_api->bind_blob64
+#define sqlite3_bind_text64 sqlite3_api->bind_text64
+#define sqlite3_cancel_auto_extension sqlite3_api->cancel_auto_extension
+#define sqlite3_load_extension sqlite3_api->load_extension
+#define sqlite3_malloc64 sqlite3_api->malloc64
+#define sqlite3_msize sqlite3_api->msize
+#define sqlite3_realloc64 sqlite3_api->realloc64
+#define sqlite3_reset_auto_extension sqlite3_api->reset_auto_extension
+#define sqlite3_result_blob64 sqlite3_api->result_blob64
+#define sqlite3_result_text64 sqlite3_api->result_text64
+#define sqlite3_strglob sqlite3_api->strglob
+/* Version 3.8.11 and later */
+#define sqlite3_value_dup sqlite3_api->value_dup
+#define sqlite3_value_free sqlite3_api->value_free
+#define sqlite3_result_zeroblob64 sqlite3_api->result_zeroblob64
+#define sqlite3_bind_zeroblob64 sqlite3_api->bind_zeroblob64
+/* Version 3.9.0 and later */
+#define sqlite3_value_subtype sqlite3_api->value_subtype
+#define sqlite3_result_subtype sqlite3_api->result_subtype
+/* Version 3.10.0 and later */
+#define sqlite3_status64 sqlite3_api->status64
+#define sqlite3_strlike sqlite3_api->strlike
+#define sqlite3_db_cacheflush sqlite3_api->db_cacheflush
+#endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */
+
+#if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
+ /* This case when the file really is being compiled as a loadable
+ ** extension */
+# define SQLITE_EXTENSION_INIT1 const sqlite3_api_routines *sqlite3_api=0;
+# define SQLITE_EXTENSION_INIT2(v) sqlite3_api=v;
+# define SQLITE_EXTENSION_INIT3 \
+ extern const sqlite3_api_routines *sqlite3_api;
+#else
+ /* This case when the file is being statically linked into the
+ ** application */
+# define SQLITE_EXTENSION_INIT1 /*no-op*/
+# define SQLITE_EXTENSION_INIT2(v) (void)v; /* unused parameter */
+# define SQLITE_EXTENSION_INIT3 /*no-op*/
+#endif
+
+#endif /* _SQLITE3EXT_H_ */
+
+/************** End of sqlite3ext.h ******************************************/
+/************** Continuing where we left off in loadext.c ********************/
+/* #include "sqliteInt.h" */
+/* #include <string.h> */
+
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+
+/*
+** Some API routines are omitted when various features are
+** excluded from a build of SQLite. Substitute a NULL pointer
+** for any missing APIs.
+*/
+#ifndef SQLITE_ENABLE_COLUMN_METADATA
+# define sqlite3_column_database_name 0
+# define sqlite3_column_database_name16 0
+# define sqlite3_column_table_name 0
+# define sqlite3_column_table_name16 0
+# define sqlite3_column_origin_name 0
+# define sqlite3_column_origin_name16 0
+#endif
+
+#ifdef SQLITE_OMIT_AUTHORIZATION
+# define sqlite3_set_authorizer 0
+#endif
+
+#ifdef SQLITE_OMIT_UTF16
+# define sqlite3_bind_text16 0
+# define sqlite3_collation_needed16 0
+# define sqlite3_column_decltype16 0
+# define sqlite3_column_name16 0
+# define sqlite3_column_text16 0
+# define sqlite3_complete16 0
+# define sqlite3_create_collation16 0
+# define sqlite3_create_function16 0
+# define sqlite3_errmsg16 0
+# define sqlite3_open16 0
+# define sqlite3_prepare16 0
+# define sqlite3_prepare16_v2 0
+# define sqlite3_result_error16 0
+# define sqlite3_result_text16 0
+# define sqlite3_result_text16be 0
+# define sqlite3_result_text16le 0
+# define sqlite3_value_text16 0
+# define sqlite3_value_text16be 0
+# define sqlite3_value_text16le 0
+# define sqlite3_column_database_name16 0
+# define sqlite3_column_table_name16 0
+# define sqlite3_column_origin_name16 0
+#endif
+
+#ifdef SQLITE_OMIT_COMPLETE
+# define sqlite3_complete 0
+# define sqlite3_complete16 0
+#endif
+
+#ifdef SQLITE_OMIT_DECLTYPE
+# define sqlite3_column_decltype16 0
+# define sqlite3_column_decltype 0
+#endif
+
+#ifdef SQLITE_OMIT_PROGRESS_CALLBACK
+# define sqlite3_progress_handler 0
+#endif
+
+#ifdef SQLITE_OMIT_VIRTUALTABLE
+# define sqlite3_create_module 0
+# define sqlite3_create_module_v2 0
+# define sqlite3_declare_vtab 0
+# define sqlite3_vtab_config 0
+# define sqlite3_vtab_on_conflict 0
+#endif
+
+#ifdef SQLITE_OMIT_SHARED_CACHE
+# define sqlite3_enable_shared_cache 0
+#endif
+
+#ifdef SQLITE_OMIT_TRACE
+# define sqlite3_profile 0
+# define sqlite3_trace 0
+#endif
+
+#ifdef SQLITE_OMIT_GET_TABLE
+# define sqlite3_free_table 0
+# define sqlite3_get_table 0
+#endif
+
+#ifdef SQLITE_OMIT_INCRBLOB
+#define sqlite3_bind_zeroblob 0
+#define sqlite3_blob_bytes 0
+#define sqlite3_blob_close 0
+#define sqlite3_blob_open 0
+#define sqlite3_blob_read 0
+#define sqlite3_blob_write 0
+#define sqlite3_blob_reopen 0
+#endif
+
+/*
+** The following structure contains pointers to all SQLite API routines.
+** A pointer to this structure is passed into extensions when they are
+** loaded so that the extension can make calls back into the SQLite
+** library.
+**
+** When adding new APIs, add them to the bottom of this structure
+** in order to preserve backwards compatibility.
+**
+** Extensions that use newer APIs should first call the
+** sqlite3_libversion_number() to make sure that the API they
+** intend to use is supported by the library. Extensions should
+** also check to make sure that the pointer to the function is
+** not NULL before calling it.
+*/
+static const sqlite3_api_routines sqlite3Apis = {
+ sqlite3_aggregate_context,
+#ifndef SQLITE_OMIT_DEPRECATED
+ sqlite3_aggregate_count,
+#else
+ 0,
+#endif
+ sqlite3_bind_blob,
+ sqlite3_bind_double,
+ sqlite3_bind_int,
+ sqlite3_bind_int64,
+ sqlite3_bind_null,
+ sqlite3_bind_parameter_count,
+ sqlite3_bind_parameter_index,
+ sqlite3_bind_parameter_name,
+ sqlite3_bind_text,
+ sqlite3_bind_text16,
+ sqlite3_bind_value,
+ sqlite3_busy_handler,
+ sqlite3_busy_timeout,
+ sqlite3_changes,
+ sqlite3_close,
+ sqlite3_collation_needed,
+ sqlite3_collation_needed16,
+ sqlite3_column_blob,
+ sqlite3_column_bytes,
+ sqlite3_column_bytes16,
+ sqlite3_column_count,
+ sqlite3_column_database_name,
+ sqlite3_column_database_name16,
+ sqlite3_column_decltype,
+ sqlite3_column_decltype16,
+ sqlite3_column_double,
+ sqlite3_column_int,
+ sqlite3_column_int64,
+ sqlite3_column_name,
+ sqlite3_column_name16,
+ sqlite3_column_origin_name,
+ sqlite3_column_origin_name16,
+ sqlite3_column_table_name,
+ sqlite3_column_table_name16,
+ sqlite3_column_text,
+ sqlite3_column_text16,
+ sqlite3_column_type,
+ sqlite3_column_value,
+ sqlite3_commit_hook,
+ sqlite3_complete,
+ sqlite3_complete16,
+ sqlite3_create_collation,
+ sqlite3_create_collation16,
+ sqlite3_create_function,
+ sqlite3_create_function16,
+ sqlite3_create_module,
+ sqlite3_data_count,
+ sqlite3_db_handle,
+ sqlite3_declare_vtab,
+ sqlite3_enable_shared_cache,
+ sqlite3_errcode,
+ sqlite3_errmsg,
+ sqlite3_errmsg16,
+ sqlite3_exec,
+#ifndef SQLITE_OMIT_DEPRECATED
+ sqlite3_expired,
+#else
+ 0,
+#endif
+ sqlite3_finalize,
+ sqlite3_free,
+ sqlite3_free_table,
+ sqlite3_get_autocommit,
+ sqlite3_get_auxdata,
+ sqlite3_get_table,
+ 0, /* Was sqlite3_global_recover(), but that function is deprecated */
+ sqlite3_interrupt,
+ sqlite3_last_insert_rowid,
+ sqlite3_libversion,
+ sqlite3_libversion_number,
+ sqlite3_malloc,
+ sqlite3_mprintf,
+ sqlite3_open,
+ sqlite3_open16,
+ sqlite3_prepare,
+ sqlite3_prepare16,
+ sqlite3_profile,
+ sqlite3_progress_handler,
+ sqlite3_realloc,
+ sqlite3_reset,
+ sqlite3_result_blob,
+ sqlite3_result_double,
+ sqlite3_result_error,
+ sqlite3_result_error16,
+ sqlite3_result_int,
+ sqlite3_result_int64,
+ sqlite3_result_null,
+ sqlite3_result_text,
+ sqlite3_result_text16,
+ sqlite3_result_text16be,
+ sqlite3_result_text16le,
+ sqlite3_result_value,
+ sqlite3_rollback_hook,
+ sqlite3_set_authorizer,
+ sqlite3_set_auxdata,
+ sqlite3_snprintf,
+ sqlite3_step,
+ sqlite3_table_column_metadata,
+#ifndef SQLITE_OMIT_DEPRECATED
+ sqlite3_thread_cleanup,
+#else
+ 0,
+#endif
+ sqlite3_total_changes,
+ sqlite3_trace,
+#ifndef SQLITE_OMIT_DEPRECATED
+ sqlite3_transfer_bindings,
+#else
+ 0,
+#endif
+ sqlite3_update_hook,
+ sqlite3_user_data,
+ sqlite3_value_blob,
+ sqlite3_value_bytes,
+ sqlite3_value_bytes16,
+ sqlite3_value_double,
+ sqlite3_value_int,
+ sqlite3_value_int64,
+ sqlite3_value_numeric_type,
+ sqlite3_value_text,
+ sqlite3_value_text16,
+ sqlite3_value_text16be,
+ sqlite3_value_text16le,
+ sqlite3_value_type,
+ sqlite3_vmprintf,
+ /*
+ ** The original API set ends here. All extensions can call any
+ ** of the APIs above provided that the pointer is not NULL. But
+ ** before calling APIs that follow, extension should check the
+ ** sqlite3_libversion_number() to make sure they are dealing with
+ ** a library that is new enough to support that API.
+ *************************************************************************
+ */
+ sqlite3_overload_function,
+
+ /*
+ ** Added after 3.3.13
+ */
+ sqlite3_prepare_v2,
+ sqlite3_prepare16_v2,
+ sqlite3_clear_bindings,
+
+ /*
+ ** Added for 3.4.1
+ */
+ sqlite3_create_module_v2,
+
+ /*
+ ** Added for 3.5.0
+ */
+ sqlite3_bind_zeroblob,
+ sqlite3_blob_bytes,
+ sqlite3_blob_close,
+ sqlite3_blob_open,
+ sqlite3_blob_read,
+ sqlite3_blob_write,
+ sqlite3_create_collation_v2,
+ sqlite3_file_control,
+ sqlite3_memory_highwater,
+ sqlite3_memory_used,
+#ifdef SQLITE_MUTEX_OMIT
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+#else
+ sqlite3_mutex_alloc,
+ sqlite3_mutex_enter,
+ sqlite3_mutex_free,
+ sqlite3_mutex_leave,
+ sqlite3_mutex_try,
+#endif
+ sqlite3_open_v2,
+ sqlite3_release_memory,
+ sqlite3_result_error_nomem,
+ sqlite3_result_error_toobig,
+ sqlite3_sleep,
+ sqlite3_soft_heap_limit,
+ sqlite3_vfs_find,
+ sqlite3_vfs_register,
+ sqlite3_vfs_unregister,
+
+ /*
+ ** Added for 3.5.8
+ */
+ sqlite3_threadsafe,
+ sqlite3_result_zeroblob,
+ sqlite3_result_error_code,
+ sqlite3_test_control,
+ sqlite3_randomness,
+ sqlite3_context_db_handle,
+
+ /*
+ ** Added for 3.6.0
+ */
+ sqlite3_extended_result_codes,
+ sqlite3_limit,
+ sqlite3_next_stmt,
+ sqlite3_sql,
+ sqlite3_status,
+
+ /*
+ ** Added for 3.7.4
+ */
+ sqlite3_backup_finish,
+ sqlite3_backup_init,
+ sqlite3_backup_pagecount,
+ sqlite3_backup_remaining,
+ sqlite3_backup_step,
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+ sqlite3_compileoption_get,
+ sqlite3_compileoption_used,
+#else
+ 0,
+ 0,
+#endif
+ sqlite3_create_function_v2,
+ sqlite3_db_config,
+ sqlite3_db_mutex,
+ sqlite3_db_status,
+ sqlite3_extended_errcode,
+ sqlite3_log,
+ sqlite3_soft_heap_limit64,
+ sqlite3_sourceid,
+ sqlite3_stmt_status,
+ sqlite3_strnicmp,
+#ifdef SQLITE_ENABLE_UNLOCK_NOTIFY
+ sqlite3_unlock_notify,
+#else
+ 0,
+#endif
+#ifndef SQLITE_OMIT_WAL
+ sqlite3_wal_autocheckpoint,
+ sqlite3_wal_checkpoint,
+ sqlite3_wal_hook,
+#else
+ 0,
+ 0,
+ 0,
+#endif
+ sqlite3_blob_reopen,
+ sqlite3_vtab_config,
+ sqlite3_vtab_on_conflict,
+ sqlite3_close_v2,
+ sqlite3_db_filename,
+ sqlite3_db_readonly,
+ sqlite3_db_release_memory,
+ sqlite3_errstr,
+ sqlite3_stmt_busy,
+ sqlite3_stmt_readonly,
+ sqlite3_stricmp,
+ sqlite3_uri_boolean,
+ sqlite3_uri_int64,
+ sqlite3_uri_parameter,
+ sqlite3_vsnprintf,
+ sqlite3_wal_checkpoint_v2,
+ /* Version 3.8.7 and later */
+ sqlite3_auto_extension,
+ sqlite3_bind_blob64,
+ sqlite3_bind_text64,
+ sqlite3_cancel_auto_extension,
+ sqlite3_load_extension,
+ sqlite3_malloc64,
+ sqlite3_msize,
+ sqlite3_realloc64,
+ sqlite3_reset_auto_extension,
+ sqlite3_result_blob64,
+ sqlite3_result_text64,
+ sqlite3_strglob,
+ /* Version 3.8.11 and later */
+ (sqlite3_value*(*)(const sqlite3_value*))sqlite3_value_dup,
+ sqlite3_value_free,
+ sqlite3_result_zeroblob64,
+ sqlite3_bind_zeroblob64,
+ /* Version 3.9.0 and later */
+ sqlite3_value_subtype,
+ sqlite3_result_subtype,
+ /* Version 3.10.0 and later */
+ sqlite3_status64,
+ sqlite3_strlike,
+ sqlite3_db_cacheflush
+};
+
+/*
+** Attempt to load an SQLite extension library contained in the file
+** zFile. The entry point is zProc. zProc may be 0 in which case a
+** default entry point name (sqlite3_extension_init) is used. Use
+** of the default name is recommended.
+**
+** Return SQLITE_OK on success and SQLITE_ERROR if something goes wrong.
+**
+** If an error occurs and pzErrMsg is not 0, then fill *pzErrMsg with
+** error message text. The calling function should free this memory
+** by calling sqlite3DbFree(db, ).
+*/
+static int sqlite3LoadExtension(
+ sqlite3 *db, /* Load the extension into this database connection */
+ const char *zFile, /* Name of the shared library containing extension */
+ const char *zProc, /* Entry point. Use "sqlite3_extension_init" if 0 */
+ char **pzErrMsg /* Put error message here if not 0 */
+){
+ sqlite3_vfs *pVfs = db->pVfs;
+ void *handle;
+ int (*xInit)(sqlite3*,char**,const sqlite3_api_routines*);
+ char *zErrmsg = 0;
+ const char *zEntry;
+ char *zAltEntry = 0;
+ void **aHandle;
+ u64 nMsg = 300 + sqlite3Strlen30(zFile);
+ int ii;
+
+ /* Shared library endings to try if zFile cannot be loaded as written */
+ static const char *azEndings[] = {
+#if SQLITE_OS_WIN
+ "dll"
+#elif defined(__APPLE__)
+ "dylib"
+#else
+ "so"
+#endif
+ };
+
+
+ if( pzErrMsg ) *pzErrMsg = 0;
+
+ /* Ticket #1863. To avoid a creating security problems for older
+ ** applications that relink against newer versions of SQLite, the
+ ** ability to run load_extension is turned off by default. One
+ ** must call sqlite3_enable_load_extension() to turn on extension
+ ** loading. Otherwise you get the following error.
+ */
+ if( (db->flags & SQLITE_LoadExtension)==0 ){
+ if( pzErrMsg ){
+ *pzErrMsg = sqlite3_mprintf("not authorized");
+ }
+ return SQLITE_ERROR;
+ }
+
+ zEntry = zProc ? zProc : "sqlite3_extension_init";
+
+ handle = sqlite3OsDlOpen(pVfs, zFile);
+#if SQLITE_OS_UNIX || SQLITE_OS_WIN
+ for(ii=0; ii<ArraySize(azEndings) && handle==0; ii++){
+ char *zAltFile = sqlite3_mprintf("%s.%s", zFile, azEndings[ii]);
+ if( zAltFile==0 ) return SQLITE_NOMEM;
+ handle = sqlite3OsDlOpen(pVfs, zAltFile);
+ sqlite3_free(zAltFile);
+ }
+#endif
+ if( handle==0 ){
+ if( pzErrMsg ){
+ *pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
+ if( zErrmsg ){
+ sqlite3_snprintf(nMsg, zErrmsg,
+ "unable to open shared library [%s]", zFile);
+ sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
+ }
+ }
+ return SQLITE_ERROR;
+ }
+ xInit = (int(*)(sqlite3*,char**,const sqlite3_api_routines*))
+ sqlite3OsDlSym(pVfs, handle, zEntry);
+
+ /* If no entry point was specified and the default legacy
+ ** entry point name "sqlite3_extension_init" was not found, then
+ ** construct an entry point name "sqlite3_X_init" where the X is
+ ** replaced by the lowercase value of every ASCII alphabetic
+ ** character in the filename after the last "/" upto the first ".",
+ ** and eliding the first three characters if they are "lib".
+ ** Examples:
+ **
+ ** /usr/local/lib/libExample5.4.3.so ==> sqlite3_example_init
+ ** C:/lib/mathfuncs.dll ==> sqlite3_mathfuncs_init
+ */
+ if( xInit==0 && zProc==0 ){
+ int iFile, iEntry, c;
+ int ncFile = sqlite3Strlen30(zFile);
+ zAltEntry = sqlite3_malloc64(ncFile+30);
+ if( zAltEntry==0 ){
+ sqlite3OsDlClose(pVfs, handle);
+ return SQLITE_NOMEM;
+ }
+ memcpy(zAltEntry, "sqlite3_", 8);
+ for(iFile=ncFile-1; iFile>=0 && zFile[iFile]!='/'; iFile--){}
+ iFile++;
+ if( sqlite3_strnicmp(zFile+iFile, "lib", 3)==0 ) iFile += 3;
+ for(iEntry=8; (c = zFile[iFile])!=0 && c!='.'; iFile++){
+ if( sqlite3Isalpha(c) ){
+ zAltEntry[iEntry++] = (char)sqlite3UpperToLower[(unsigned)c];
+ }
+ }
+ memcpy(zAltEntry+iEntry, "_init", 6);
+ zEntry = zAltEntry;
+ xInit = (int(*)(sqlite3*,char**,const sqlite3_api_routines*))
+ sqlite3OsDlSym(pVfs, handle, zEntry);
+ }
+ if( xInit==0 ){
+ if( pzErrMsg ){
+ nMsg += sqlite3Strlen30(zEntry);
+ *pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
+ if( zErrmsg ){
+ sqlite3_snprintf(nMsg, zErrmsg,
+ "no entry point [%s] in shared library [%s]", zEntry, zFile);
+ sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
+ }
+ }
+ sqlite3OsDlClose(pVfs, handle);
+ sqlite3_free(zAltEntry);
+ return SQLITE_ERROR;
+ }
+ sqlite3_free(zAltEntry);
+ if( xInit(db, &zErrmsg, &sqlite3Apis) ){
+ if( pzErrMsg ){
+ *pzErrMsg = sqlite3_mprintf("error during initialization: %s", zErrmsg);
+ }
+ sqlite3_free(zErrmsg);
+ sqlite3OsDlClose(pVfs, handle);
+ return SQLITE_ERROR;
+ }
+
+ /* Append the new shared library handle to the db->aExtension array. */
+ aHandle = sqlite3DbMallocZero(db, sizeof(handle)*(db->nExtension+1));
+ if( aHandle==0 ){
+ return SQLITE_NOMEM;
+ }
+ if( db->nExtension>0 ){
+ memcpy(aHandle, db->aExtension, sizeof(handle)*db->nExtension);
+ }
+ sqlite3DbFree(db, db->aExtension);
+ db->aExtension = aHandle;
+
+ db->aExtension[db->nExtension++] = handle;
+ return SQLITE_OK;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_load_extension(
+ sqlite3 *db, /* Load the extension into this database connection */
+ const char *zFile, /* Name of the shared library containing extension */
+ const char *zProc, /* Entry point. Use "sqlite3_extension_init" if 0 */
+ char **pzErrMsg /* Put error message here if not 0 */
+){
+ int rc;
+ sqlite3_mutex_enter(db->mutex);
+ rc = sqlite3LoadExtension(db, zFile, zProc, pzErrMsg);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** Call this routine when the database connection is closing in order
+** to clean up loaded extensions
+*/
+SQLITE_PRIVATE void sqlite3CloseExtensions(sqlite3 *db){
+ int i;
+ assert( sqlite3_mutex_held(db->mutex) );
+ for(i=0; i<db->nExtension; i++){
+ sqlite3OsDlClose(db->pVfs, db->aExtension[i]);
+ }
+ sqlite3DbFree(db, db->aExtension);
+}
+
+/*
+** Enable or disable extension loading. Extension loading is disabled by
+** default so as not to open security holes in older applications.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_enable_load_extension(sqlite3 *db, int onoff){
+ sqlite3_mutex_enter(db->mutex);
+ if( onoff ){
+ db->flags |= SQLITE_LoadExtension;
+ }else{
+ db->flags &= ~SQLITE_LoadExtension;
+ }
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+
+#endif /* SQLITE_OMIT_LOAD_EXTENSION */
+
+/*
+** The auto-extension code added regardless of whether or not extension
+** loading is supported. We need a dummy sqlite3Apis pointer for that
+** code if regular extension loading is not available. This is that
+** dummy pointer.
+*/
+#ifdef SQLITE_OMIT_LOAD_EXTENSION
+static const sqlite3_api_routines sqlite3Apis = { 0 };
+#endif
+
+
+/*
+** The following object holds the list of automatically loaded
+** extensions.
+**
+** This list is shared across threads. The SQLITE_MUTEX_STATIC_MASTER
+** mutex must be held while accessing this list.
+*/
+typedef struct sqlite3AutoExtList sqlite3AutoExtList;
+static SQLITE_WSD struct sqlite3AutoExtList {
+ u32 nExt; /* Number of entries in aExt[] */
+ void (**aExt)(void); /* Pointers to the extension init functions */
+} sqlite3Autoext = { 0, 0 };
+
+/* The "wsdAutoext" macro will resolve to the autoextension
+** state vector. If writable static data is unsupported on the target,
+** we have to locate the state vector at run-time. In the more common
+** case where writable static data is supported, wsdStat can refer directly
+** to the "sqlite3Autoext" state vector declared above.
+*/
+#ifdef SQLITE_OMIT_WSD
+# define wsdAutoextInit \
+ sqlite3AutoExtList *x = &GLOBAL(sqlite3AutoExtList,sqlite3Autoext)
+# define wsdAutoext x[0]
+#else
+# define wsdAutoextInit
+# define wsdAutoext sqlite3Autoext
+#endif
+
+
+/*
+** Register a statically linked extension that is automatically
+** loaded by every new database connection.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_auto_extension(void (*xInit)(void)){
+ int rc = SQLITE_OK;
+#ifndef SQLITE_OMIT_AUTOINIT
+ rc = sqlite3_initialize();
+ if( rc ){
+ return rc;
+ }else
+#endif
+ {
+ u32 i;
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ wsdAutoextInit;
+ sqlite3_mutex_enter(mutex);
+ for(i=0; i<wsdAutoext.nExt; i++){
+ if( wsdAutoext.aExt[i]==xInit ) break;
+ }
+ if( i==wsdAutoext.nExt ){
+ u64 nByte = (wsdAutoext.nExt+1)*sizeof(wsdAutoext.aExt[0]);
+ void (**aNew)(void);
+ aNew = sqlite3_realloc64(wsdAutoext.aExt, nByte);
+ if( aNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ wsdAutoext.aExt = aNew;
+ wsdAutoext.aExt[wsdAutoext.nExt] = xInit;
+ wsdAutoext.nExt++;
+ }
+ }
+ sqlite3_mutex_leave(mutex);
+ assert( (rc&0xff)==rc );
+ return rc;
+ }
+}
+
+/*
+** Cancel a prior call to sqlite3_auto_extension. Remove xInit from the
+** set of routines that is invoked for each new database connection, if it
+** is currently on the list. If xInit is not on the list, then this
+** routine is a no-op.
+**
+** Return 1 if xInit was found on the list and removed. Return 0 if xInit
+** was not on the list.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_cancel_auto_extension(void (*xInit)(void)){
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ int i;
+ int n = 0;
+ wsdAutoextInit;
+ sqlite3_mutex_enter(mutex);
+ for(i=(int)wsdAutoext.nExt-1; i>=0; i--){
+ if( wsdAutoext.aExt[i]==xInit ){
+ wsdAutoext.nExt--;
+ wsdAutoext.aExt[i] = wsdAutoext.aExt[wsdAutoext.nExt];
+ n++;
+ break;
+ }
+ }
+ sqlite3_mutex_leave(mutex);
+ return n;
+}
+
+/*
+** Reset the automatic extension loading mechanism.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_reset_auto_extension(void){
+#ifndef SQLITE_OMIT_AUTOINIT
+ if( sqlite3_initialize()==SQLITE_OK )
+#endif
+ {
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ wsdAutoextInit;
+ sqlite3_mutex_enter(mutex);
+ sqlite3_free(wsdAutoext.aExt);
+ wsdAutoext.aExt = 0;
+ wsdAutoext.nExt = 0;
+ sqlite3_mutex_leave(mutex);
+ }
+}
+
+/*
+** Load all automatic extensions.
+**
+** If anything goes wrong, set an error in the database connection.
+*/
+SQLITE_PRIVATE void sqlite3AutoLoadExtensions(sqlite3 *db){
+ u32 i;
+ int go = 1;
+ int rc;
+ int (*xInit)(sqlite3*,char**,const sqlite3_api_routines*);
+
+ wsdAutoextInit;
+ if( wsdAutoext.nExt==0 ){
+ /* Common case: early out without every having to acquire a mutex */
+ return;
+ }
+ for(i=0; go; i++){
+ char *zErrmsg;
+#if SQLITE_THREADSAFE
+ sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
+#endif
+ sqlite3_mutex_enter(mutex);
+ if( i>=wsdAutoext.nExt ){
+ xInit = 0;
+ go = 0;
+ }else{
+ xInit = (int(*)(sqlite3*,char**,const sqlite3_api_routines*))
+ wsdAutoext.aExt[i];
+ }
+ sqlite3_mutex_leave(mutex);
+ zErrmsg = 0;
+ if( xInit && (rc = xInit(db, &zErrmsg, &sqlite3Apis))!=0 ){
+ sqlite3ErrorWithMsg(db, rc,
+ "automatic extension loading failed: %s", zErrmsg);
+ go = 0;
+ }
+ sqlite3_free(zErrmsg);
+ }
+}
+
+/************** End of loadext.c *********************************************/
+/************** Begin file pragma.c ******************************************/
+/*
+** 2003 April 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used to implement the PRAGMA command.
+*/
+/* #include "sqliteInt.h" */
+
+#if !defined(SQLITE_ENABLE_LOCKING_STYLE)
+# if defined(__APPLE__)
+# define SQLITE_ENABLE_LOCKING_STYLE 1
+# else
+# define SQLITE_ENABLE_LOCKING_STYLE 0
+# endif
+#endif
+
+/***************************************************************************
+** The "pragma.h" include file is an automatically generated file that
+** that includes the PragType_XXXX macro definitions and the aPragmaName[]
+** object. This ensures that the aPragmaName[] table is arranged in
+** lexicographical order to facility a binary search of the pragma name.
+** Do not edit pragma.h directly. Edit and rerun the script in at
+** ../tool/mkpragmatab.tcl. */
+/************** Include pragma.h in the middle of pragma.c *******************/
+/************** Begin file pragma.h ******************************************/
+/* DO NOT EDIT!
+** This file is automatically generated by the script at
+** ../tool/mkpragmatab.tcl. To update the set of pragmas, edit
+** that script and rerun it.
+*/
+#define PragTyp_HEADER_VALUE 0
+#define PragTyp_AUTO_VACUUM 1
+#define PragTyp_FLAG 2
+#define PragTyp_BUSY_TIMEOUT 3
+#define PragTyp_CACHE_SIZE 4
+#define PragTyp_CACHE_SPILL 5
+#define PragTyp_CASE_SENSITIVE_LIKE 6
+#define PragTyp_COLLATION_LIST 7
+#define PragTyp_COMPILE_OPTIONS 8
+#define PragTyp_DATA_STORE_DIRECTORY 9
+#define PragTyp_DATABASE_LIST 10
+#define PragTyp_DEFAULT_CACHE_SIZE 11
+#define PragTyp_ENCODING 12
+#define PragTyp_FOREIGN_KEY_CHECK 13
+#define PragTyp_FOREIGN_KEY_LIST 14
+#define PragTyp_INCREMENTAL_VACUUM 15
+#define PragTyp_INDEX_INFO 16
+#define PragTyp_INDEX_LIST 17
+#define PragTyp_INTEGRITY_CHECK 18
+#define PragTyp_JOURNAL_MODE 19
+#define PragTyp_JOURNAL_SIZE_LIMIT 20
+#define PragTyp_LOCK_PROXY_FILE 21
+#define PragTyp_LOCKING_MODE 22
+#define PragTyp_PAGE_COUNT 23
+#define PragTyp_MMAP_SIZE 24
+#define PragTyp_PAGE_SIZE 25
+#define PragTyp_SECURE_DELETE 26
+#define PragTyp_SHRINK_MEMORY 27
+#define PragTyp_SOFT_HEAP_LIMIT 28
+#define PragTyp_STATS 29
+#define PragTyp_SYNCHRONOUS 30
+#define PragTyp_TABLE_INFO 31
+#define PragTyp_TEMP_STORE 32
+#define PragTyp_TEMP_STORE_DIRECTORY 33
+#define PragTyp_THREADS 34
+#define PragTyp_WAL_AUTOCHECKPOINT 35
+#define PragTyp_WAL_CHECKPOINT 36
+#define PragTyp_ACTIVATE_EXTENSIONS 37
+#define PragTyp_HEXKEY 38
+#define PragTyp_KEY 39
+#define PragTyp_REKEY 40
+#define PragTyp_LOCK_STATUS 41
+#define PragTyp_PARSER_TRACE 42
+#define PragFlag_NeedSchema 0x01
+#define PragFlag_ReadOnly 0x02
+static const struct sPragmaNames {
+ const char *const zName; /* Name of pragma */
+ u8 ePragTyp; /* PragTyp_XXX value */
+ u8 mPragFlag; /* Zero or more PragFlag_XXX values */
+ u32 iArg; /* Extra argument */
+} aPragmaNames[] = {
+#if defined(SQLITE_HAS_CODEC) || defined(SQLITE_ENABLE_CEROD)
+ { /* zName: */ "activate_extensions",
+ /* ePragTyp: */ PragTyp_ACTIVATE_EXTENSIONS,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS)
+ { /* zName: */ "application_id",
+ /* ePragTyp: */ PragTyp_HEADER_VALUE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ BTREE_APPLICATION_ID },
+#endif
+#if !defined(SQLITE_OMIT_AUTOVACUUM)
+ { /* zName: */ "auto_vacuum",
+ /* ePragTyp: */ PragTyp_AUTO_VACUUM,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+#if !defined(SQLITE_OMIT_AUTOMATIC_INDEX)
+ { /* zName: */ "automatic_index",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_AutoIndex },
+#endif
+#endif
+ { /* zName: */ "busy_timeout",
+ /* ePragTyp: */ PragTyp_BUSY_TIMEOUT,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ { /* zName: */ "cache_size",
+ /* ePragTyp: */ PragTyp_CACHE_SIZE,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "cache_spill",
+ /* ePragTyp: */ PragTyp_CACHE_SPILL,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+ { /* zName: */ "case_sensitive_like",
+ /* ePragTyp: */ PragTyp_CASE_SENSITIVE_LIKE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "cell_size_check",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_CellSizeCk },
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "checkpoint_fullfsync",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_CkptFullFSync },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_PRAGMAS)
+ { /* zName: */ "collation_list",
+ /* ePragTyp: */ PragTyp_COLLATION_LIST,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_COMPILEOPTION_DIAGS)
+ { /* zName: */ "compile_options",
+ /* ePragTyp: */ PragTyp_COMPILE_OPTIONS,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "count_changes",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_CountRows },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS) && SQLITE_OS_WIN
+ { /* zName: */ "data_store_directory",
+ /* ePragTyp: */ PragTyp_DATA_STORE_DIRECTORY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS)
+ { /* zName: */ "data_version",
+ /* ePragTyp: */ PragTyp_HEADER_VALUE,
+ /* ePragFlag: */ PragFlag_ReadOnly,
+ /* iArg: */ BTREE_DATA_VERSION },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_PRAGMAS)
+ { /* zName: */ "database_list",
+ /* ePragTyp: */ PragTyp_DATABASE_LIST,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS) && !defined(SQLITE_OMIT_DEPRECATED)
+ { /* zName: */ "default_cache_size",
+ /* ePragTyp: */ PragTyp_DEFAULT_CACHE_SIZE,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+ { /* zName: */ "defer_foreign_keys",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_DeferFKs },
+#endif
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "empty_result_callbacks",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_NullCallback },
+#endif
+#if !defined(SQLITE_OMIT_UTF16)
+ { /* zName: */ "encoding",
+ /* ePragTyp: */ PragTyp_ENCODING,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+ { /* zName: */ "foreign_key_check",
+ /* ePragTyp: */ PragTyp_FOREIGN_KEY_CHECK,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FOREIGN_KEY)
+ { /* zName: */ "foreign_key_list",
+ /* ePragTyp: */ PragTyp_FOREIGN_KEY_LIST,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+#if !defined(SQLITE_OMIT_FOREIGN_KEY) && !defined(SQLITE_OMIT_TRIGGER)
+ { /* zName: */ "foreign_keys",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_ForeignKeys },
+#endif
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS)
+ { /* zName: */ "freelist_count",
+ /* ePragTyp: */ PragTyp_HEADER_VALUE,
+ /* ePragFlag: */ PragFlag_ReadOnly,
+ /* iArg: */ BTREE_FREE_PAGE_COUNT },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "full_column_names",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_FullColNames },
+ { /* zName: */ "fullfsync",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_FullFSync },
+#endif
+#if defined(SQLITE_HAS_CODEC)
+ { /* zName: */ "hexkey",
+ /* ePragTyp: */ PragTyp_HEXKEY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "hexrekey",
+ /* ePragTyp: */ PragTyp_HEXKEY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+#if !defined(SQLITE_OMIT_CHECK)
+ { /* zName: */ "ignore_check_constraints",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_IgnoreChecks },
+#endif
+#endif
+#if !defined(SQLITE_OMIT_AUTOVACUUM)
+ { /* zName: */ "incremental_vacuum",
+ /* ePragTyp: */ PragTyp_INCREMENTAL_VACUUM,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_PRAGMAS)
+ { /* zName: */ "index_info",
+ /* ePragTyp: */ PragTyp_INDEX_INFO,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+ { /* zName: */ "index_list",
+ /* ePragTyp: */ PragTyp_INDEX_LIST,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+ { /* zName: */ "index_xinfo",
+ /* ePragTyp: */ PragTyp_INDEX_INFO,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 1 },
+#endif
+#if !defined(SQLITE_OMIT_INTEGRITY_CHECK)
+ { /* zName: */ "integrity_check",
+ /* ePragTyp: */ PragTyp_INTEGRITY_CHECK,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ { /* zName: */ "journal_mode",
+ /* ePragTyp: */ PragTyp_JOURNAL_MODE,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+ { /* zName: */ "journal_size_limit",
+ /* ePragTyp: */ PragTyp_JOURNAL_SIZE_LIMIT,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if defined(SQLITE_HAS_CODEC)
+ { /* zName: */ "key",
+ /* ePragTyp: */ PragTyp_KEY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "legacy_file_format",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_LegacyFileFmt },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS) && SQLITE_ENABLE_LOCKING_STYLE
+ { /* zName: */ "lock_proxy_file",
+ /* ePragTyp: */ PragTyp_LOCK_PROXY_FILE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
+ { /* zName: */ "lock_status",
+ /* ePragTyp: */ PragTyp_LOCK_STATUS,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ { /* zName: */ "locking_mode",
+ /* ePragTyp: */ PragTyp_LOCKING_MODE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "max_page_count",
+ /* ePragTyp: */ PragTyp_PAGE_COUNT,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+ { /* zName: */ "mmap_size",
+ /* ePragTyp: */ PragTyp_MMAP_SIZE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "page_count",
+ /* ePragTyp: */ PragTyp_PAGE_COUNT,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+ { /* zName: */ "page_size",
+ /* ePragTyp: */ PragTyp_PAGE_SIZE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if defined(SQLITE_DEBUG) && !defined(SQLITE_OMIT_PARSER_TRACE)
+ { /* zName: */ "parser_trace",
+ /* ePragTyp: */ PragTyp_PARSER_TRACE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "query_only",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_QueryOnly },
+#endif
+#if !defined(SQLITE_OMIT_INTEGRITY_CHECK)
+ { /* zName: */ "quick_check",
+ /* ePragTyp: */ PragTyp_INTEGRITY_CHECK,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "read_uncommitted",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_ReadUncommitted },
+ { /* zName: */ "recursive_triggers",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_RecTriggers },
+#endif
+#if defined(SQLITE_HAS_CODEC)
+ { /* zName: */ "rekey",
+ /* ePragTyp: */ PragTyp_REKEY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "reverse_unordered_selects",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_ReverseOrder },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS)
+ { /* zName: */ "schema_version",
+ /* ePragTyp: */ PragTyp_HEADER_VALUE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ BTREE_SCHEMA_VERSION },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ { /* zName: */ "secure_delete",
+ /* ePragTyp: */ PragTyp_SECURE_DELETE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "short_column_names",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_ShortColNames },
+#endif
+ { /* zName: */ "shrink_memory",
+ /* ePragTyp: */ PragTyp_SHRINK_MEMORY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "soft_heap_limit",
+ /* ePragTyp: */ PragTyp_SOFT_HEAP_LIMIT,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+#if defined(SQLITE_DEBUG)
+ { /* zName: */ "sql_trace",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_SqlTrace },
+#endif
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_PRAGMAS)
+ { /* zName: */ "stats",
+ /* ePragTyp: */ PragTyp_STATS,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ { /* zName: */ "synchronous",
+ /* ePragTyp: */ PragTyp_SYNCHRONOUS,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_SCHEMA_PRAGMAS)
+ { /* zName: */ "table_info",
+ /* ePragTyp: */ PragTyp_TABLE_INFO,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ { /* zName: */ "temp_store",
+ /* ePragTyp: */ PragTyp_TEMP_STORE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "temp_store_directory",
+ /* ePragTyp: */ PragTyp_TEMP_STORE_DIRECTORY,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#endif
+ { /* zName: */ "threads",
+ /* ePragTyp: */ PragTyp_THREADS,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+#if !defined(SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS)
+ { /* zName: */ "user_version",
+ /* ePragTyp: */ PragTyp_HEADER_VALUE,
+ /* ePragFlag: */ 0,
+ /* iArg: */ BTREE_USER_VERSION },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+#if defined(SQLITE_DEBUG)
+ { /* zName: */ "vdbe_addoptrace",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_VdbeAddopTrace },
+ { /* zName: */ "vdbe_debug",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_SqlTrace|SQLITE_VdbeListing|SQLITE_VdbeTrace },
+ { /* zName: */ "vdbe_eqp",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_VdbeEQP },
+ { /* zName: */ "vdbe_listing",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_VdbeListing },
+ { /* zName: */ "vdbe_trace",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_VdbeTrace },
+#endif
+#endif
+#if !defined(SQLITE_OMIT_WAL)
+ { /* zName: */ "wal_autocheckpoint",
+ /* ePragTyp: */ PragTyp_WAL_AUTOCHECKPOINT,
+ /* ePragFlag: */ 0,
+ /* iArg: */ 0 },
+ { /* zName: */ "wal_checkpoint",
+ /* ePragTyp: */ PragTyp_WAL_CHECKPOINT,
+ /* ePragFlag: */ PragFlag_NeedSchema,
+ /* iArg: */ 0 },
+#endif
+#if !defined(SQLITE_OMIT_FLAG_PRAGMAS)
+ { /* zName: */ "writable_schema",
+ /* ePragTyp: */ PragTyp_FLAG,
+ /* ePragFlag: */ 0,
+ /* iArg: */ SQLITE_WriteSchema|SQLITE_RecoveryMode },
+#endif
+};
+/* Number of pragmas: 60 on by default, 73 total. */
+
+/************** End of pragma.h **********************************************/
+/************** Continuing where we left off in pragma.c *********************/
+
+/*
+** Interpret the given string as a safety level. Return 0 for OFF,
+** 1 for ON or NORMAL and 2 for FULL. Return 1 for an empty or
+** unrecognized string argument. The FULL option is disallowed
+** if the omitFull parameter it 1.
+**
+** Note that the values returned are one less that the values that
+** should be passed into sqlite3BtreeSetSafetyLevel(). The is done
+** to support legacy SQL code. The safety level used to be boolean
+** and older scripts may have used numbers 0 for OFF and 1 for ON.
+*/
+static u8 getSafetyLevel(const char *z, int omitFull, u8 dflt){
+ /* 123456789 123456789 */
+ static const char zText[] = "onoffalseyestruefull";
+ static const u8 iOffset[] = {0, 1, 2, 4, 9, 12, 16};
+ static const u8 iLength[] = {2, 2, 3, 5, 3, 4, 4};
+ static const u8 iValue[] = {1, 0, 0, 0, 1, 1, 2};
+ int i, n;
+ if( sqlite3Isdigit(*z) ){
+ return (u8)sqlite3Atoi(z);
+ }
+ n = sqlite3Strlen30(z);
+ for(i=0; i<ArraySize(iLength)-omitFull; i++){
+ if( iLength[i]==n && sqlite3StrNICmp(&zText[iOffset[i]],z,n)==0 ){
+ return iValue[i];
+ }
+ }
+ return dflt;
+}
+
+/*
+** Interpret the given string as a boolean value.
+*/
+SQLITE_PRIVATE u8 sqlite3GetBoolean(const char *z, u8 dflt){
+ return getSafetyLevel(z,1,dflt)!=0;
+}
+
+/* The sqlite3GetBoolean() function is used by other modules but the
+** remainder of this file is specific to PRAGMA processing. So omit
+** the rest of the file if PRAGMAs are omitted from the build.
+*/
+#if !defined(SQLITE_OMIT_PRAGMA)
+
+/*
+** Interpret the given string as a locking mode value.
+*/
+static int getLockingMode(const char *z){
+ if( z ){
+ if( 0==sqlite3StrICmp(z, "exclusive") ) return PAGER_LOCKINGMODE_EXCLUSIVE;
+ if( 0==sqlite3StrICmp(z, "normal") ) return PAGER_LOCKINGMODE_NORMAL;
+ }
+ return PAGER_LOCKINGMODE_QUERY;
+}
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+/*
+** Interpret the given string as an auto-vacuum mode value.
+**
+** The following strings, "none", "full" and "incremental" are
+** acceptable, as are their numeric equivalents: 0, 1 and 2 respectively.
+*/
+static int getAutoVacuum(const char *z){
+ int i;
+ if( 0==sqlite3StrICmp(z, "none") ) return BTREE_AUTOVACUUM_NONE;
+ if( 0==sqlite3StrICmp(z, "full") ) return BTREE_AUTOVACUUM_FULL;
+ if( 0==sqlite3StrICmp(z, "incremental") ) return BTREE_AUTOVACUUM_INCR;
+ i = sqlite3Atoi(z);
+ return (u8)((i>=0&&i<=2)?i:0);
+}
+#endif /* ifndef SQLITE_OMIT_AUTOVACUUM */
+
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+/*
+** Interpret the given string as a temp db location. Return 1 for file
+** backed temporary databases, 2 for the Red-Black tree in memory database
+** and 0 to use the compile-time default.
+*/
+static int getTempStore(const char *z){
+ if( z[0]>='0' && z[0]<='2' ){
+ return z[0] - '0';
+ }else if( sqlite3StrICmp(z, "file")==0 ){
+ return 1;
+ }else if( sqlite3StrICmp(z, "memory")==0 ){
+ return 2;
+ }else{
+ return 0;
+ }
+}
+#endif /* SQLITE_PAGER_PRAGMAS */
+
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+/*
+** Invalidate temp storage, either when the temp storage is changed
+** from default, or when 'file' and the temp_store_directory has changed
+*/
+static int invalidateTempStorage(Parse *pParse){
+ sqlite3 *db = pParse->db;
+ if( db->aDb[1].pBt!=0 ){
+ if( !db->autoCommit || sqlite3BtreeIsInReadTrans(db->aDb[1].pBt) ){
+ sqlite3ErrorMsg(pParse, "temporary storage cannot be changed "
+ "from within a transaction");
+ return SQLITE_ERROR;
+ }
+ sqlite3BtreeClose(db->aDb[1].pBt);
+ db->aDb[1].pBt = 0;
+ sqlite3ResetAllSchemasOfConnection(db);
+ }
+ return SQLITE_OK;
+}
+#endif /* SQLITE_PAGER_PRAGMAS */
+
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+/*
+** If the TEMP database is open, close it and mark the database schema
+** as needing reloading. This must be done when using the SQLITE_TEMP_STORE
+** or DEFAULT_TEMP_STORE pragmas.
+*/
+static int changeTempStorage(Parse *pParse, const char *zStorageType){
+ int ts = getTempStore(zStorageType);
+ sqlite3 *db = pParse->db;
+ if( db->temp_store==ts ) return SQLITE_OK;
+ if( invalidateTempStorage( pParse ) != SQLITE_OK ){
+ return SQLITE_ERROR;
+ }
+ db->temp_store = (u8)ts;
+ return SQLITE_OK;
+}
+#endif /* SQLITE_PAGER_PRAGMAS */
+
+/*
+** Set the names of the first N columns to the values in azCol[]
+*/
+static void setAllColumnNames(
+ Vdbe *v, /* The query under construction */
+ int N, /* Number of columns */
+ const char **azCol /* Names of columns */
+){
+ int i;
+ sqlite3VdbeSetNumCols(v, N);
+ for(i=0; i<N; i++){
+ sqlite3VdbeSetColName(v, i, COLNAME_NAME, azCol[i], SQLITE_STATIC);
+ }
+}
+static void setOneColumnName(Vdbe *v, const char *z){
+ setAllColumnNames(v, 1, &z);
+}
+
+/*
+** Generate code to return a single integer value.
+*/
+static void returnSingleInt(Vdbe *v, const char *zLabel, i64 value){
+ sqlite3VdbeAddOp4Dup8(v, OP_Int64, 0, 1, 0, (const u8*)&value, P4_INT64);
+ setOneColumnName(v, zLabel);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1);
+}
+
+/*
+** Generate code to return a single text value.
+*/
+static void returnSingleText(
+ Vdbe *v, /* Prepared statement under construction */
+ const char *zLabel, /* Name of the result column */
+ const char *zValue /* Value to be returned */
+){
+ if( zValue ){
+ sqlite3VdbeLoadString(v, 1, (const char*)zValue);
+ setOneColumnName(v, zLabel);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1);
+ }
+}
+
+
+/*
+** Set the safety_level and pager flags for pager iDb. Or if iDb<0
+** set these values for all pagers.
+*/
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+static void setAllPagerFlags(sqlite3 *db){
+ if( db->autoCommit ){
+ Db *pDb = db->aDb;
+ int n = db->nDb;
+ assert( SQLITE_FullFSync==PAGER_FULLFSYNC );
+ assert( SQLITE_CkptFullFSync==PAGER_CKPT_FULLFSYNC );
+ assert( SQLITE_CacheSpill==PAGER_CACHESPILL );
+ assert( (PAGER_FULLFSYNC | PAGER_CKPT_FULLFSYNC | PAGER_CACHESPILL)
+ == PAGER_FLAGS_MASK );
+ assert( (pDb->safety_level & PAGER_SYNCHRONOUS_MASK)==pDb->safety_level );
+ while( (n--) > 0 ){
+ if( pDb->pBt ){
+ sqlite3BtreeSetPagerFlags(pDb->pBt,
+ pDb->safety_level | (db->flags & PAGER_FLAGS_MASK) );
+ }
+ pDb++;
+ }
+ }
+}
+#else
+# define setAllPagerFlags(X) /* no-op */
+#endif
+
+
+/*
+** Return a human-readable name for a constraint resolution action.
+*/
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+static const char *actionName(u8 action){
+ const char *zName;
+ switch( action ){
+ case OE_SetNull: zName = "SET NULL"; break;
+ case OE_SetDflt: zName = "SET DEFAULT"; break;
+ case OE_Cascade: zName = "CASCADE"; break;
+ case OE_Restrict: zName = "RESTRICT"; break;
+ default: zName = "NO ACTION";
+ assert( action==OE_None ); break;
+ }
+ return zName;
+}
+#endif
+
+
+/*
+** Parameter eMode must be one of the PAGER_JOURNALMODE_XXX constants
+** defined in pager.h. This function returns the associated lowercase
+** journal-mode name.
+*/
+SQLITE_PRIVATE const char *sqlite3JournalModename(int eMode){
+ static char * const azModeName[] = {
+ "delete", "persist", "off", "truncate", "memory"
+#ifndef SQLITE_OMIT_WAL
+ , "wal"
+#endif
+ };
+ assert( PAGER_JOURNALMODE_DELETE==0 );
+ assert( PAGER_JOURNALMODE_PERSIST==1 );
+ assert( PAGER_JOURNALMODE_OFF==2 );
+ assert( PAGER_JOURNALMODE_TRUNCATE==3 );
+ assert( PAGER_JOURNALMODE_MEMORY==4 );
+ assert( PAGER_JOURNALMODE_WAL==5 );
+ assert( eMode>=0 && eMode<=ArraySize(azModeName) );
+
+ if( eMode==ArraySize(azModeName) ) return 0;
+ return azModeName[eMode];
+}
+
+/*
+** Process a pragma statement.
+**
+** Pragmas are of this form:
+**
+** PRAGMA [schema.]id [= value]
+**
+** The identifier might also be a string. The value is a string, and
+** identifier, or a number. If minusFlag is true, then the value is
+** a number that was preceded by a minus sign.
+**
+** If the left side is "database.id" then pId1 is the database name
+** and pId2 is the id. If the left side is just "id" then pId1 is the
+** id and pId2 is any empty string.
+*/
+SQLITE_PRIVATE void sqlite3Pragma(
+ Parse *pParse,
+ Token *pId1, /* First part of [schema.]id field */
+ Token *pId2, /* Second part of [schema.]id field, or NULL */
+ Token *pValue, /* Token for <value>, or NULL */
+ int minusFlag /* True if a '-' sign preceded <value> */
+){
+ char *zLeft = 0; /* Nul-terminated UTF-8 string <id> */
+ char *zRight = 0; /* Nul-terminated UTF-8 string <value>, or NULL */
+ const char *zDb = 0; /* The database name */
+ Token *pId; /* Pointer to <id> token */
+ char *aFcntl[4]; /* Argument to SQLITE_FCNTL_PRAGMA */
+ int iDb; /* Database index for <database> */
+ int lwr, upr, mid = 0; /* Binary search bounds */
+ int rc; /* return value form SQLITE_FCNTL_PRAGMA */
+ sqlite3 *db = pParse->db; /* The database connection */
+ Db *pDb; /* The specific database being pragmaed */
+ Vdbe *v = sqlite3GetVdbe(pParse); /* Prepared statement */
+ const struct sPragmaNames *pPragma;
+
+ if( v==0 ) return;
+ sqlite3VdbeRunOnlyOnce(v);
+ pParse->nMem = 2;
+
+ /* Interpret the [schema.] part of the pragma statement. iDb is the
+ ** index of the database this pragma is being applied to in db.aDb[]. */
+ iDb = sqlite3TwoPartName(pParse, pId1, pId2, &pId);
+ if( iDb<0 ) return;
+ pDb = &db->aDb[iDb];
+
+ /* If the temp database has been explicitly named as part of the
+ ** pragma, make sure it is open.
+ */
+ if( iDb==1 && sqlite3OpenTempDatabase(pParse) ){
+ return;
+ }
+
+ zLeft = sqlite3NameFromToken(db, pId);
+ if( !zLeft ) return;
+ if( minusFlag ){
+ zRight = sqlite3MPrintf(db, "-%T", pValue);
+ }else{
+ zRight = sqlite3NameFromToken(db, pValue);
+ }
+
+ assert( pId2 );
+ zDb = pId2->n>0 ? pDb->zName : 0;
+ if( sqlite3AuthCheck(pParse, SQLITE_PRAGMA, zLeft, zRight, zDb) ){
+ goto pragma_out;
+ }
+
+ /* Send an SQLITE_FCNTL_PRAGMA file-control to the underlying VFS
+ ** connection. If it returns SQLITE_OK, then assume that the VFS
+ ** handled the pragma and generate a no-op prepared statement.
+ **
+ ** IMPLEMENTATION-OF: R-12238-55120 Whenever a PRAGMA statement is parsed,
+ ** an SQLITE_FCNTL_PRAGMA file control is sent to the open sqlite3_file
+ ** object corresponding to the database file to which the pragma
+ ** statement refers.
+ **
+ ** IMPLEMENTATION-OF: R-29875-31678 The argument to the SQLITE_FCNTL_PRAGMA
+ ** file control is an array of pointers to strings (char**) in which the
+ ** second element of the array is the name of the pragma and the third
+ ** element is the argument to the pragma or NULL if the pragma has no
+ ** argument.
+ */
+ aFcntl[0] = 0;
+ aFcntl[1] = zLeft;
+ aFcntl[2] = zRight;
+ aFcntl[3] = 0;
+ db->busyHandler.nBusy = 0;
+ rc = sqlite3_file_control(db, zDb, SQLITE_FCNTL_PRAGMA, (void*)aFcntl);
+ if( rc==SQLITE_OK ){
+ returnSingleText(v, "result", aFcntl[0]);
+ sqlite3_free(aFcntl[0]);
+ goto pragma_out;
+ }
+ if( rc!=SQLITE_NOTFOUND ){
+ if( aFcntl[0] ){
+ sqlite3ErrorMsg(pParse, "%s", aFcntl[0]);
+ sqlite3_free(aFcntl[0]);
+ }
+ pParse->nErr++;
+ pParse->rc = rc;
+ goto pragma_out;
+ }
+
+ /* Locate the pragma in the lookup table */
+ lwr = 0;
+ upr = ArraySize(aPragmaNames)-1;
+ while( lwr<=upr ){
+ mid = (lwr+upr)/2;
+ rc = sqlite3_stricmp(zLeft, aPragmaNames[mid].zName);
+ if( rc==0 ) break;
+ if( rc<0 ){
+ upr = mid - 1;
+ }else{
+ lwr = mid + 1;
+ }
+ }
+ if( lwr>upr ) goto pragma_out;
+ pPragma = &aPragmaNames[mid];
+
+ /* Make sure the database schema is loaded if the pragma requires that */
+ if( (pPragma->mPragFlag & PragFlag_NeedSchema)!=0 ){
+ if( sqlite3ReadSchema(pParse) ) goto pragma_out;
+ }
+
+ /* Jump to the appropriate pragma handler */
+ switch( pPragma->ePragTyp ){
+
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS) && !defined(SQLITE_OMIT_DEPRECATED)
+ /*
+ ** PRAGMA [schema.]default_cache_size
+ ** PRAGMA [schema.]default_cache_size=N
+ **
+ ** The first form reports the current persistent setting for the
+ ** page cache size. The value returned is the maximum number of
+ ** pages in the page cache. The second form sets both the current
+ ** page cache size value and the persistent page cache size value
+ ** stored in the database file.
+ **
+ ** Older versions of SQLite would set the default cache size to a
+ ** negative number to indicate synchronous=OFF. These days, synchronous
+ ** is always on by default regardless of the sign of the default cache
+ ** size. But continue to take the absolute value of the default cache
+ ** size of historical compatibility.
+ */
+ case PragTyp_DEFAULT_CACHE_SIZE: {
+ static const int iLn = VDBE_OFFSET_LINENO(2);
+ static const VdbeOpList getCacheSize[] = {
+ { OP_Transaction, 0, 0, 0}, /* 0 */
+ { OP_ReadCookie, 0, 1, BTREE_DEFAULT_CACHE_SIZE}, /* 1 */
+ { OP_IfPos, 1, 8, 0},
+ { OP_Integer, 0, 2, 0},
+ { OP_Subtract, 1, 2, 1},
+ { OP_IfPos, 1, 8, 0},
+ { OP_Integer, 0, 1, 0}, /* 6 */
+ { OP_Noop, 0, 0, 0},
+ { OP_ResultRow, 1, 1, 0},
+ };
+ int addr;
+ sqlite3VdbeUsesBtree(v, iDb);
+ if( !zRight ){
+ setOneColumnName(v, "cache_size");
+ pParse->nMem += 2;
+ addr = sqlite3VdbeAddOpList(v, ArraySize(getCacheSize), getCacheSize,iLn);
+ sqlite3VdbeChangeP1(v, addr, iDb);
+ sqlite3VdbeChangeP1(v, addr+1, iDb);
+ sqlite3VdbeChangeP1(v, addr+6, SQLITE_DEFAULT_CACHE_SIZE);
+ }else{
+ int size = sqlite3AbsInt32(sqlite3Atoi(zRight));
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ sqlite3VdbeAddOp2(v, OP_Integer, size, 1);
+ sqlite3VdbeAddOp3(v, OP_SetCookie, iDb, BTREE_DEFAULT_CACHE_SIZE, 1);
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pDb->pSchema->cache_size = size;
+ sqlite3BtreeSetCacheSize(pDb->pBt, pDb->pSchema->cache_size);
+ }
+ break;
+ }
+#endif /* !SQLITE_OMIT_PAGER_PRAGMAS && !SQLITE_OMIT_DEPRECATED */
+
+#if !defined(SQLITE_OMIT_PAGER_PRAGMAS)
+ /*
+ ** PRAGMA [schema.]page_size
+ ** PRAGMA [schema.]page_size=N
+ **
+ ** The first form reports the current setting for the
+ ** database page size in bytes. The second form sets the
+ ** database page size value. The value can only be set if
+ ** the database has not yet been created.
+ */
+ case PragTyp_PAGE_SIZE: {
+ Btree *pBt = pDb->pBt;
+ assert( pBt!=0 );
+ if( !zRight ){
+ int size = ALWAYS(pBt) ? sqlite3BtreeGetPageSize(pBt) : 0;
+ returnSingleInt(v, "page_size", size);
+ }else{
+ /* Malloc may fail when setting the page-size, as there is an internal
+ ** buffer that the pager module resizes using sqlite3_realloc().
+ */
+ db->nextPagesize = sqlite3Atoi(zRight);
+ if( SQLITE_NOMEM==sqlite3BtreeSetPageSize(pBt, db->nextPagesize,-1,0) ){
+ db->mallocFailed = 1;
+ }
+ }
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]secure_delete
+ ** PRAGMA [schema.]secure_delete=ON/OFF
+ **
+ ** The first form reports the current setting for the
+ ** secure_delete flag. The second form changes the secure_delete
+ ** flag setting and reports thenew value.
+ */
+ case PragTyp_SECURE_DELETE: {
+ Btree *pBt = pDb->pBt;
+ int b = -1;
+ assert( pBt!=0 );
+ if( zRight ){
+ b = sqlite3GetBoolean(zRight, 0);
+ }
+ if( pId2->n==0 && b>=0 ){
+ int ii;
+ for(ii=0; ii<db->nDb; ii++){
+ sqlite3BtreeSecureDelete(db->aDb[ii].pBt, b);
+ }
+ }
+ b = sqlite3BtreeSecureDelete(pBt, b);
+ returnSingleInt(v, "secure_delete", b);
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]max_page_count
+ ** PRAGMA [schema.]max_page_count=N
+ **
+ ** The first form reports the current setting for the
+ ** maximum number of pages in the database file. The
+ ** second form attempts to change this setting. Both
+ ** forms return the current setting.
+ **
+ ** The absolute value of N is used. This is undocumented and might
+ ** change. The only purpose is to provide an easy way to test
+ ** the sqlite3AbsInt32() function.
+ **
+ ** PRAGMA [schema.]page_count
+ **
+ ** Return the number of pages in the specified database.
+ */
+ case PragTyp_PAGE_COUNT: {
+ int iReg;
+ sqlite3CodeVerifySchema(pParse, iDb);
+ iReg = ++pParse->nMem;
+ if( sqlite3Tolower(zLeft[0])=='p' ){
+ sqlite3VdbeAddOp2(v, OP_Pagecount, iDb, iReg);
+ }else{
+ sqlite3VdbeAddOp3(v, OP_MaxPgcnt, iDb, iReg,
+ sqlite3AbsInt32(sqlite3Atoi(zRight)));
+ }
+ sqlite3VdbeAddOp2(v, OP_ResultRow, iReg, 1);
+ sqlite3VdbeSetNumCols(v, 1);
+ sqlite3VdbeSetColName(v, 0, COLNAME_NAME, zLeft, SQLITE_TRANSIENT);
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]locking_mode
+ ** PRAGMA [schema.]locking_mode = (normal|exclusive)
+ */
+ case PragTyp_LOCKING_MODE: {
+ const char *zRet = "normal";
+ int eMode = getLockingMode(zRight);
+
+ if( pId2->n==0 && eMode==PAGER_LOCKINGMODE_QUERY ){
+ /* Simple "PRAGMA locking_mode;" statement. This is a query for
+ ** the current default locking mode (which may be different to
+ ** the locking-mode of the main database).
+ */
+ eMode = db->dfltLockMode;
+ }else{
+ Pager *pPager;
+ if( pId2->n==0 ){
+ /* This indicates that no database name was specified as part
+ ** of the PRAGMA command. In this case the locking-mode must be
+ ** set on all attached databases, as well as the main db file.
+ **
+ ** Also, the sqlite3.dfltLockMode variable is set so that
+ ** any subsequently attached databases also use the specified
+ ** locking mode.
+ */
+ int ii;
+ assert(pDb==&db->aDb[0]);
+ for(ii=2; ii<db->nDb; ii++){
+ pPager = sqlite3BtreePager(db->aDb[ii].pBt);
+ sqlite3PagerLockingMode(pPager, eMode);
+ }
+ db->dfltLockMode = (u8)eMode;
+ }
+ pPager = sqlite3BtreePager(pDb->pBt);
+ eMode = sqlite3PagerLockingMode(pPager, eMode);
+ }
+
+ assert( eMode==PAGER_LOCKINGMODE_NORMAL
+ || eMode==PAGER_LOCKINGMODE_EXCLUSIVE );
+ if( eMode==PAGER_LOCKINGMODE_EXCLUSIVE ){
+ zRet = "exclusive";
+ }
+ returnSingleText(v, "locking_mode", zRet);
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]journal_mode
+ ** PRAGMA [schema.]journal_mode =
+ ** (delete|persist|off|truncate|memory|wal|off)
+ */
+ case PragTyp_JOURNAL_MODE: {
+ int eMode; /* One of the PAGER_JOURNALMODE_XXX symbols */
+ int ii; /* Loop counter */
+
+ setOneColumnName(v, "journal_mode");
+ if( zRight==0 ){
+ /* If there is no "=MODE" part of the pragma, do a query for the
+ ** current mode */
+ eMode = PAGER_JOURNALMODE_QUERY;
+ }else{
+ const char *zMode;
+ int n = sqlite3Strlen30(zRight);
+ for(eMode=0; (zMode = sqlite3JournalModename(eMode))!=0; eMode++){
+ if( sqlite3StrNICmp(zRight, zMode, n)==0 ) break;
+ }
+ if( !zMode ){
+ /* If the "=MODE" part does not match any known journal mode,
+ ** then do a query */
+ eMode = PAGER_JOURNALMODE_QUERY;
+ }
+ }
+ if( eMode==PAGER_JOURNALMODE_QUERY && pId2->n==0 ){
+ /* Convert "PRAGMA journal_mode" into "PRAGMA main.journal_mode" */
+ iDb = 0;
+ pId2->n = 1;
+ }
+ for(ii=db->nDb-1; ii>=0; ii--){
+ if( db->aDb[ii].pBt && (ii==iDb || pId2->n==0) ){
+ sqlite3VdbeUsesBtree(v, ii);
+ sqlite3VdbeAddOp3(v, OP_JournalMode, ii, 1, eMode);
+ }
+ }
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1);
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]journal_size_limit
+ ** PRAGMA [schema.]journal_size_limit=N
+ **
+ ** Get or set the size limit on rollback journal files.
+ */
+ case PragTyp_JOURNAL_SIZE_LIMIT: {
+ Pager *pPager = sqlite3BtreePager(pDb->pBt);
+ i64 iLimit = -2;
+ if( zRight ){
+ sqlite3DecOrHexToI64(zRight, &iLimit);
+ if( iLimit<-1 ) iLimit = -1;
+ }
+ iLimit = sqlite3PagerJournalSizeLimit(pPager, iLimit);
+ returnSingleInt(v, "journal_size_limit", iLimit);
+ break;
+ }
+
+#endif /* SQLITE_OMIT_PAGER_PRAGMAS */
+
+ /*
+ ** PRAGMA [schema.]auto_vacuum
+ ** PRAGMA [schema.]auto_vacuum=N
+ **
+ ** Get or set the value of the database 'auto-vacuum' parameter.
+ ** The value is one of: 0 NONE 1 FULL 2 INCREMENTAL
+ */
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ case PragTyp_AUTO_VACUUM: {
+ Btree *pBt = pDb->pBt;
+ assert( pBt!=0 );
+ if( !zRight ){
+ returnSingleInt(v, "auto_vacuum", sqlite3BtreeGetAutoVacuum(pBt));
+ }else{
+ int eAuto = getAutoVacuum(zRight);
+ assert( eAuto>=0 && eAuto<=2 );
+ db->nextAutovac = (u8)eAuto;
+ /* Call SetAutoVacuum() to set initialize the internal auto and
+ ** incr-vacuum flags. This is required in case this connection
+ ** creates the database file. It is important that it is created
+ ** as an auto-vacuum capable db.
+ */
+ rc = sqlite3BtreeSetAutoVacuum(pBt, eAuto);
+ if( rc==SQLITE_OK && (eAuto==1 || eAuto==2) ){
+ /* When setting the auto_vacuum mode to either "full" or
+ ** "incremental", write the value of meta[6] in the database
+ ** file. Before writing to meta[6], check that meta[3] indicates
+ ** that this really is an auto-vacuum capable database.
+ */
+ static const int iLn = VDBE_OFFSET_LINENO(2);
+ static const VdbeOpList setMeta6[] = {
+ { OP_Transaction, 0, 1, 0}, /* 0 */
+ { OP_ReadCookie, 0, 1, BTREE_LARGEST_ROOT_PAGE},
+ { OP_If, 1, 0, 0}, /* 2 */
+ { OP_Halt, SQLITE_OK, OE_Abort, 0}, /* 3 */
+ { OP_Integer, 0, 1, 0}, /* 4 */
+ { OP_SetCookie, 0, BTREE_INCR_VACUUM, 1}, /* 5 */
+ };
+ int iAddr;
+ iAddr = sqlite3VdbeAddOpList(v, ArraySize(setMeta6), setMeta6, iLn);
+ sqlite3VdbeChangeP1(v, iAddr, iDb);
+ sqlite3VdbeChangeP1(v, iAddr+1, iDb);
+ sqlite3VdbeChangeP2(v, iAddr+2, iAddr+4);
+ sqlite3VdbeChangeP1(v, iAddr+4, eAuto-1);
+ sqlite3VdbeChangeP1(v, iAddr+5, iDb);
+ sqlite3VdbeUsesBtree(v, iDb);
+ }
+ }
+ break;
+ }
+#endif
+
+ /*
+ ** PRAGMA [schema.]incremental_vacuum(N)
+ **
+ ** Do N steps of incremental vacuuming on a database.
+ */
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ case PragTyp_INCREMENTAL_VACUUM: {
+ int iLimit, addr;
+ if( zRight==0 || !sqlite3GetInt32(zRight, &iLimit) || iLimit<=0 ){
+ iLimit = 0x7fffffff;
+ }
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ sqlite3VdbeAddOp2(v, OP_Integer, iLimit, 1);
+ addr = sqlite3VdbeAddOp1(v, OP_IncrVacuum, iDb); VdbeCoverage(v);
+ sqlite3VdbeAddOp1(v, OP_ResultRow, 1);
+ sqlite3VdbeAddOp2(v, OP_AddImm, 1, -1);
+ sqlite3VdbeAddOp2(v, OP_IfPos, 1, addr); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addr);
+ break;
+ }
+#endif
+
+#ifndef SQLITE_OMIT_PAGER_PRAGMAS
+ /*
+ ** PRAGMA [schema.]cache_size
+ ** PRAGMA [schema.]cache_size=N
+ **
+ ** The first form reports the current local setting for the
+ ** page cache size. The second form sets the local
+ ** page cache size value. If N is positive then that is the
+ ** number of pages in the cache. If N is negative, then the
+ ** number of pages is adjusted so that the cache uses -N kibibytes
+ ** of memory.
+ */
+ case PragTyp_CACHE_SIZE: {
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( !zRight ){
+ returnSingleInt(v, "cache_size", pDb->pSchema->cache_size);
+ }else{
+ int size = sqlite3Atoi(zRight);
+ pDb->pSchema->cache_size = size;
+ sqlite3BtreeSetCacheSize(pDb->pBt, pDb->pSchema->cache_size);
+ }
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]cache_spill
+ ** PRAGMA cache_spill=BOOLEAN
+ ** PRAGMA [schema.]cache_spill=N
+ **
+ ** The first form reports the current local setting for the
+ ** page cache spill size. The second form turns cache spill on
+ ** or off. When turnning cache spill on, the size is set to the
+ ** current cache_size. The third form sets a spill size that
+ ** may be different form the cache size.
+ ** If N is positive then that is the
+ ** number of pages in the cache. If N is negative, then the
+ ** number of pages is adjusted so that the cache uses -N kibibytes
+ ** of memory.
+ **
+ ** If the number of cache_spill pages is less then the number of
+ ** cache_size pages, no spilling occurs until the page count exceeds
+ ** the number of cache_size pages.
+ **
+ ** The cache_spill=BOOLEAN setting applies to all attached schemas,
+ ** not just the schema specified.
+ */
+ case PragTyp_CACHE_SPILL: {
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( !zRight ){
+ returnSingleInt(v, "cache_spill",
+ (db->flags & SQLITE_CacheSpill)==0 ? 0 :
+ sqlite3BtreeSetSpillSize(pDb->pBt,0));
+ }else{
+ int size = 1;
+ if( sqlite3GetInt32(zRight, &size) ){
+ sqlite3BtreeSetSpillSize(pDb->pBt, size);
+ }
+ if( sqlite3GetBoolean(zRight, size!=0) ){
+ db->flags |= SQLITE_CacheSpill;
+ }else{
+ db->flags &= ~SQLITE_CacheSpill;
+ }
+ setAllPagerFlags(db);
+ }
+ break;
+ }
+
+ /*
+ ** PRAGMA [schema.]mmap_size(N)
+ **
+ ** Used to set mapping size limit. The mapping size limit is
+ ** used to limit the aggregate size of all memory mapped regions of the
+ ** database file. If this parameter is set to zero, then memory mapping
+ ** is not used at all. If N is negative, then the default memory map
+ ** limit determined by sqlite3_config(SQLITE_CONFIG_MMAP_SIZE) is set.
+ ** The parameter N is measured in bytes.
+ **
+ ** This value is advisory. The underlying VFS is free to memory map
+ ** as little or as much as it wants. Except, if N is set to 0 then the
+ ** upper layers will never invoke the xFetch interfaces to the VFS.
+ */
+ case PragTyp_MMAP_SIZE: {
+ sqlite3_int64 sz;
+#if SQLITE_MAX_MMAP_SIZE>0
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( zRight ){
+ int ii;
+ sqlite3DecOrHexToI64(zRight, &sz);
+ if( sz<0 ) sz = sqlite3GlobalConfig.szMmap;
+ if( pId2->n==0 ) db->szMmap = sz;
+ for(ii=db->nDb-1; ii>=0; ii--){
+ if( db->aDb[ii].pBt && (ii==iDb || pId2->n==0) ){
+ sqlite3BtreeSetMmapLimit(db->aDb[ii].pBt, sz);
+ }
+ }
+ }
+ sz = -1;
+ rc = sqlite3_file_control(db, zDb, SQLITE_FCNTL_MMAP_SIZE, &sz);
+#else
+ sz = 0;
+ rc = SQLITE_OK;
+#endif
+ if( rc==SQLITE_OK ){
+ returnSingleInt(v, "mmap_size", sz);
+ }else if( rc!=SQLITE_NOTFOUND ){
+ pParse->nErr++;
+ pParse->rc = rc;
+ }
+ break;
+ }
+
+ /*
+ ** PRAGMA temp_store
+ ** PRAGMA temp_store = "default"|"memory"|"file"
+ **
+ ** Return or set the local value of the temp_store flag. Changing
+ ** the local value does not make changes to the disk file and the default
+ ** value will be restored the next time the database is opened.
+ **
+ ** Note that it is possible for the library compile-time options to
+ ** override this setting
+ */
+ case PragTyp_TEMP_STORE: {
+ if( !zRight ){
+ returnSingleInt(v, "temp_store", db->temp_store);
+ }else{
+ changeTempStorage(pParse, zRight);
+ }
+ break;
+ }
+
+ /*
+ ** PRAGMA temp_store_directory
+ ** PRAGMA temp_store_directory = ""|"directory_name"
+ **
+ ** Return or set the local value of the temp_store_directory flag. Changing
+ ** the value sets a specific directory to be used for temporary files.
+ ** Setting to a null string reverts to the default temporary directory search.
+ ** If temporary directory is changed, then invalidateTempStorage.
+ **
+ */
+ case PragTyp_TEMP_STORE_DIRECTORY: {
+ if( !zRight ){
+ returnSingleText(v, "temp_store_directory", sqlite3_temp_directory);
+ }else{
+#ifndef SQLITE_OMIT_WSD
+ if( zRight[0] ){
+ int res;
+ rc = sqlite3OsAccess(db->pVfs, zRight, SQLITE_ACCESS_READWRITE, &res);
+ if( rc!=SQLITE_OK || res==0 ){
+ sqlite3ErrorMsg(pParse, "not a writable directory");
+ goto pragma_out;
+ }
+ }
+ if( SQLITE_TEMP_STORE==0
+ || (SQLITE_TEMP_STORE==1 && db->temp_store<=1)
+ || (SQLITE_TEMP_STORE==2 && db->temp_store==1)
+ ){
+ invalidateTempStorage(pParse);
+ }
+ sqlite3_free(sqlite3_temp_directory);
+ if( zRight[0] ){
+ sqlite3_temp_directory = sqlite3_mprintf("%s", zRight);
+ }else{
+ sqlite3_temp_directory = 0;
+ }
+#endif /* SQLITE_OMIT_WSD */
+ }
+ break;
+ }
+
+#if SQLITE_OS_WIN
+ /*
+ ** PRAGMA data_store_directory
+ ** PRAGMA data_store_directory = ""|"directory_name"
+ **
+ ** Return or set the local value of the data_store_directory flag. Changing
+ ** the value sets a specific directory to be used for database files that
+ ** were specified with a relative pathname. Setting to a null string reverts
+ ** to the default database directory, which for database files specified with
+ ** a relative path will probably be based on the current directory for the
+ ** process. Database file specified with an absolute path are not impacted
+ ** by this setting, regardless of its value.
+ **
+ */
+ case PragTyp_DATA_STORE_DIRECTORY: {
+ if( !zRight ){
+ returnSingleText(v, "data_store_directory", sqlite3_data_directory);
+ }else{
+#ifndef SQLITE_OMIT_WSD
+ if( zRight[0] ){
+ int res;
+ rc = sqlite3OsAccess(db->pVfs, zRight, SQLITE_ACCESS_READWRITE, &res);
+ if( rc!=SQLITE_OK || res==0 ){
+ sqlite3ErrorMsg(pParse, "not a writable directory");
+ goto pragma_out;
+ }
+ }
+ sqlite3_free(sqlite3_data_directory);
+ if( zRight[0] ){
+ sqlite3_data_directory = sqlite3_mprintf("%s", zRight);
+ }else{
+ sqlite3_data_directory = 0;
+ }
+#endif /* SQLITE_OMIT_WSD */
+ }
+ break;
+ }
+#endif
+
+#if SQLITE_ENABLE_LOCKING_STYLE
+ /*
+ ** PRAGMA [schema.]lock_proxy_file
+ ** PRAGMA [schema.]lock_proxy_file = ":auto:"|"lock_file_path"
+ **
+ ** Return or set the value of the lock_proxy_file flag. Changing
+ ** the value sets a specific file to be used for database access locks.
+ **
+ */
+ case PragTyp_LOCK_PROXY_FILE: {
+ if( !zRight ){
+ Pager *pPager = sqlite3BtreePager(pDb->pBt);
+ char *proxy_file_path = NULL;
+ sqlite3_file *pFile = sqlite3PagerFile(pPager);
+ sqlite3OsFileControlHint(pFile, SQLITE_GET_LOCKPROXYFILE,
+ &proxy_file_path);
+ returnSingleText(v, "lock_proxy_file", proxy_file_path);
+ }else{
+ Pager *pPager = sqlite3BtreePager(pDb->pBt);
+ sqlite3_file *pFile = sqlite3PagerFile(pPager);
+ int res;
+ if( zRight[0] ){
+ res=sqlite3OsFileControl(pFile, SQLITE_SET_LOCKPROXYFILE,
+ zRight);
+ } else {
+ res=sqlite3OsFileControl(pFile, SQLITE_SET_LOCKPROXYFILE,
+ NULL);
+ }
+ if( res!=SQLITE_OK ){
+ sqlite3ErrorMsg(pParse, "failed to set lock proxy file");
+ goto pragma_out;
+ }
+ }
+ break;
+ }
+#endif /* SQLITE_ENABLE_LOCKING_STYLE */
+
+ /*
+ ** PRAGMA [schema.]synchronous
+ ** PRAGMA [schema.]synchronous=OFF|ON|NORMAL|FULL
+ **
+ ** Return or set the local value of the synchronous flag. Changing
+ ** the local value does not make changes to the disk file and the
+ ** default value will be restored the next time the database is
+ ** opened.
+ */
+ case PragTyp_SYNCHRONOUS: {
+ if( !zRight ){
+ returnSingleInt(v, "synchronous", pDb->safety_level-1);
+ }else{
+ if( !db->autoCommit ){
+ sqlite3ErrorMsg(pParse,
+ "Safety level may not be changed inside a transaction");
+ }else{
+ int iLevel = (getSafetyLevel(zRight,0,1)+1) & PAGER_SYNCHRONOUS_MASK;
+ if( iLevel==0 ) iLevel = 1;
+ pDb->safety_level = iLevel;
+ setAllPagerFlags(db);
+ }
+ }
+ break;
+ }
+#endif /* SQLITE_OMIT_PAGER_PRAGMAS */
+
+#ifndef SQLITE_OMIT_FLAG_PRAGMAS
+ case PragTyp_FLAG: {
+ if( zRight==0 ){
+ returnSingleInt(v, pPragma->zName, (db->flags & pPragma->iArg)!=0 );
+ }else{
+ int mask = pPragma->iArg; /* Mask of bits to set or clear. */
+ if( db->autoCommit==0 ){
+ /* Foreign key support may not be enabled or disabled while not
+ ** in auto-commit mode. */
+ mask &= ~(SQLITE_ForeignKeys);
+ }
+#if SQLITE_USER_AUTHENTICATION
+ if( db->auth.authLevel==UAUTH_User ){
+ /* Do not allow non-admin users to modify the schema arbitrarily */
+ mask &= ~(SQLITE_WriteSchema);
+ }
+#endif
+
+ if( sqlite3GetBoolean(zRight, 0) ){
+ db->flags |= mask;
+ }else{
+ db->flags &= ~mask;
+ if( mask==SQLITE_DeferFKs ) db->nDeferredImmCons = 0;
+ }
+
+ /* Many of the flag-pragmas modify the code generated by the SQL
+ ** compiler (eg. count_changes). So add an opcode to expire all
+ ** compiled SQL statements after modifying a pragma value.
+ */
+ sqlite3VdbeAddOp2(v, OP_Expire, 0, 0);
+ setAllPagerFlags(db);
+ }
+ break;
+ }
+#endif /* SQLITE_OMIT_FLAG_PRAGMAS */
+
+#ifndef SQLITE_OMIT_SCHEMA_PRAGMAS
+ /*
+ ** PRAGMA table_info(<table>)
+ **
+ ** Return a single row for each column of the named table. The columns of
+ ** the returned data set are:
+ **
+ ** cid: Column id (numbered from left to right, starting at 0)
+ ** name: Column name
+ ** type: Column declaration type.
+ ** notnull: True if 'NOT NULL' is part of column declaration
+ ** dflt_value: The default value for the column, if any.
+ */
+ case PragTyp_TABLE_INFO: if( zRight ){
+ Table *pTab;
+ pTab = sqlite3FindTable(db, zRight, zDb);
+ if( pTab ){
+ static const char *azCol[] = {
+ "cid", "name", "type", "notnull", "dflt_value", "pk"
+ };
+ int i, k;
+ int nHidden = 0;
+ Column *pCol;
+ Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+ pParse->nMem = 6;
+ sqlite3CodeVerifySchema(pParse, iDb);
+ setAllColumnNames(v, 6, azCol); assert( 6==ArraySize(azCol) );
+ sqlite3ViewGetColumnNames(pParse, pTab);
+ for(i=0, pCol=pTab->aCol; i<pTab->nCol; i++, pCol++){
+ if( IsHiddenColumn(pCol) ){
+ nHidden++;
+ continue;
+ }
+ if( (pCol->colFlags & COLFLAG_PRIMKEY)==0 ){
+ k = 0;
+ }else if( pPk==0 ){
+ k = 1;
+ }else{
+ for(k=1; k<=pTab->nCol && pPk->aiColumn[k-1]!=i; k++){}
+ }
+ sqlite3VdbeMultiLoad(v, 1, "issisi",
+ i-nHidden,
+ pCol->zName,
+ pCol->zType ? pCol->zType : "",
+ pCol->notNull ? 1 : 0,
+ pCol->zDflt,
+ k);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 6);
+ }
+ }
+ }
+ break;
+
+ case PragTyp_STATS: {
+ static const char *azCol[] = { "table", "index", "width", "height" };
+ Index *pIdx;
+ HashElem *i;
+ v = sqlite3GetVdbe(pParse);
+ pParse->nMem = 4;
+ sqlite3CodeVerifySchema(pParse, iDb);
+ setAllColumnNames(v, 4, azCol); assert( 4==ArraySize(azCol) );
+ for(i=sqliteHashFirst(&pDb->pSchema->tblHash); i; i=sqliteHashNext(i)){
+ Table *pTab = sqliteHashData(i);
+ sqlite3VdbeMultiLoad(v, 1, "ssii",
+ pTab->zName,
+ 0,
+ (int)sqlite3LogEstToInt(pTab->szTabRow),
+ (int)sqlite3LogEstToInt(pTab->nRowLogEst));
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 4);
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ sqlite3VdbeMultiLoad(v, 2, "sii",
+ pIdx->zName,
+ (int)sqlite3LogEstToInt(pIdx->szIdxRow),
+ (int)sqlite3LogEstToInt(pIdx->aiRowLogEst[0]));
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 4);
+ }
+ }
+ }
+ break;
+
+ case PragTyp_INDEX_INFO: if( zRight ){
+ Index *pIdx;
+ Table *pTab;
+ pIdx = sqlite3FindIndex(db, zRight, zDb);
+ if( pIdx ){
+ static const char *azCol[] = {
+ "seqno", "cid", "name", "desc", "coll", "key"
+ };
+ int i;
+ int mx;
+ if( pPragma->iArg ){
+ /* PRAGMA index_xinfo (newer version with more rows and columns) */
+ mx = pIdx->nColumn;
+ pParse->nMem = 6;
+ }else{
+ /* PRAGMA index_info (legacy version) */
+ mx = pIdx->nKeyCol;
+ pParse->nMem = 3;
+ }
+ pTab = pIdx->pTable;
+ sqlite3CodeVerifySchema(pParse, iDb);
+ assert( pParse->nMem<=ArraySize(azCol) );
+ setAllColumnNames(v, pParse->nMem, azCol);
+ for(i=0; i<mx; i++){
+ i16 cnum = pIdx->aiColumn[i];
+ sqlite3VdbeMultiLoad(v, 1, "iis", i, cnum,
+ cnum<0 ? 0 : pTab->aCol[cnum].zName);
+ if( pPragma->iArg ){
+ sqlite3VdbeMultiLoad(v, 4, "isi",
+ pIdx->aSortOrder[i],
+ pIdx->azColl[i],
+ i<pIdx->nKeyCol);
+ }
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, pParse->nMem);
+ }
+ }
+ }
+ break;
+
+ case PragTyp_INDEX_LIST: if( zRight ){
+ Index *pIdx;
+ Table *pTab;
+ int i;
+ pTab = sqlite3FindTable(db, zRight, zDb);
+ if( pTab ){
+ static const char *azCol[] = {
+ "seq", "name", "unique", "origin", "partial"
+ };
+ v = sqlite3GetVdbe(pParse);
+ pParse->nMem = 5;
+ sqlite3CodeVerifySchema(pParse, iDb);
+ setAllColumnNames(v, 5, azCol); assert( 5==ArraySize(azCol) );
+ for(pIdx=pTab->pIndex, i=0; pIdx; pIdx=pIdx->pNext, i++){
+ const char *azOrigin[] = { "c", "u", "pk" };
+ sqlite3VdbeMultiLoad(v, 1, "isisi",
+ i,
+ pIdx->zName,
+ IsUniqueIndex(pIdx),
+ azOrigin[pIdx->idxType],
+ pIdx->pPartIdxWhere!=0);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 5);
+ }
+ }
+ }
+ break;
+
+ case PragTyp_DATABASE_LIST: {
+ static const char *azCol[] = { "seq", "name", "file" };
+ int i;
+ pParse->nMem = 3;
+ setAllColumnNames(v, 3, azCol); assert( 3==ArraySize(azCol) );
+ for(i=0; i<db->nDb; i++){
+ if( db->aDb[i].pBt==0 ) continue;
+ assert( db->aDb[i].zName!=0 );
+ sqlite3VdbeMultiLoad(v, 1, "iss",
+ i,
+ db->aDb[i].zName,
+ sqlite3BtreeGetFilename(db->aDb[i].pBt));
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 3);
+ }
+ }
+ break;
+
+ case PragTyp_COLLATION_LIST: {
+ static const char *azCol[] = { "seq", "name" };
+ int i = 0;
+ HashElem *p;
+ pParse->nMem = 2;
+ setAllColumnNames(v, 2, azCol); assert( 2==ArraySize(azCol) );
+ for(p=sqliteHashFirst(&db->aCollSeq); p; p=sqliteHashNext(p)){
+ CollSeq *pColl = (CollSeq *)sqliteHashData(p);
+ sqlite3VdbeMultiLoad(v, 1, "is", i++, pColl->zName);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 2);
+ }
+ }
+ break;
+#endif /* SQLITE_OMIT_SCHEMA_PRAGMAS */
+
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+ case PragTyp_FOREIGN_KEY_LIST: if( zRight ){
+ FKey *pFK;
+ Table *pTab;
+ pTab = sqlite3FindTable(db, zRight, zDb);
+ if( pTab ){
+ v = sqlite3GetVdbe(pParse);
+ pFK = pTab->pFKey;
+ if( pFK ){
+ static const char *azCol[] = {
+ "id", "seq", "table", "from", "to", "on_update", "on_delete",
+ "match"
+ };
+ int i = 0;
+ pParse->nMem = 8;
+ sqlite3CodeVerifySchema(pParse, iDb);
+ setAllColumnNames(v, 8, azCol); assert( 8==ArraySize(azCol) );
+ while(pFK){
+ int j;
+ for(j=0; j<pFK->nCol; j++){
+ sqlite3VdbeMultiLoad(v, 1, "iissssss",
+ i,
+ j,
+ pFK->zTo,
+ pTab->aCol[pFK->aCol[j].iFrom].zName,
+ pFK->aCol[j].zCol,
+ actionName(pFK->aAction[1]), /* ON UPDATE */
+ actionName(pFK->aAction[0]), /* ON DELETE */
+ "NONE");
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 8);
+ }
+ ++i;
+ pFK = pFK->pNextFrom;
+ }
+ }
+ }
+ }
+ break;
+#endif /* !defined(SQLITE_OMIT_FOREIGN_KEY) */
+
+#ifndef SQLITE_OMIT_FOREIGN_KEY
+#ifndef SQLITE_OMIT_TRIGGER
+ case PragTyp_FOREIGN_KEY_CHECK: {
+ FKey *pFK; /* A foreign key constraint */
+ Table *pTab; /* Child table contain "REFERENCES" keyword */
+ Table *pParent; /* Parent table that child points to */
+ Index *pIdx; /* Index in the parent table */
+ int i; /* Loop counter: Foreign key number for pTab */
+ int j; /* Loop counter: Field of the foreign key */
+ HashElem *k; /* Loop counter: Next table in schema */
+ int x; /* result variable */
+ int regResult; /* 3 registers to hold a result row */
+ int regKey; /* Register to hold key for checking the FK */
+ int regRow; /* Registers to hold a row from pTab */
+ int addrTop; /* Top of a loop checking foreign keys */
+ int addrOk; /* Jump here if the key is OK */
+ int *aiCols; /* child to parent column mapping */
+ static const char *azCol[] = { "table", "rowid", "parent", "fkid" };
+
+ regResult = pParse->nMem+1;
+ pParse->nMem += 4;
+ regKey = ++pParse->nMem;
+ regRow = ++pParse->nMem;
+ v = sqlite3GetVdbe(pParse);
+ setAllColumnNames(v, 4, azCol); assert( 4==ArraySize(azCol) );
+ sqlite3CodeVerifySchema(pParse, iDb);
+ k = sqliteHashFirst(&db->aDb[iDb].pSchema->tblHash);
+ while( k ){
+ if( zRight ){
+ pTab = sqlite3LocateTable(pParse, 0, zRight, zDb);
+ k = 0;
+ }else{
+ pTab = (Table*)sqliteHashData(k);
+ k = sqliteHashNext(k);
+ }
+ if( pTab==0 || pTab->pFKey==0 ) continue;
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 0, pTab->zName);
+ if( pTab->nCol+regRow>pParse->nMem ) pParse->nMem = pTab->nCol + regRow;
+ sqlite3OpenTable(pParse, 0, iDb, pTab, OP_OpenRead);
+ sqlite3VdbeLoadString(v, regResult, pTab->zName);
+ for(i=1, pFK=pTab->pFKey; pFK; i++, pFK=pFK->pNextFrom){
+ pParent = sqlite3FindTable(db, pFK->zTo, zDb);
+ if( pParent==0 ) continue;
+ pIdx = 0;
+ sqlite3TableLock(pParse, iDb, pParent->tnum, 0, pParent->zName);
+ x = sqlite3FkLocateIndex(pParse, pParent, pFK, &pIdx, 0);
+ if( x==0 ){
+ if( pIdx==0 ){
+ sqlite3OpenTable(pParse, i, iDb, pParent, OP_OpenRead);
+ }else{
+ sqlite3VdbeAddOp3(v, OP_OpenRead, i, pIdx->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
+ }
+ }else{
+ k = 0;
+ break;
+ }
+ }
+ assert( pParse->nErr>0 || pFK==0 );
+ if( pFK ) break;
+ if( pParse->nTab<i ) pParse->nTab = i;
+ addrTop = sqlite3VdbeAddOp1(v, OP_Rewind, 0); VdbeCoverage(v);
+ for(i=1, pFK=pTab->pFKey; pFK; i++, pFK=pFK->pNextFrom){
+ pParent = sqlite3FindTable(db, pFK->zTo, zDb);
+ pIdx = 0;
+ aiCols = 0;
+ if( pParent ){
+ x = sqlite3FkLocateIndex(pParse, pParent, pFK, &pIdx, &aiCols);
+ assert( x==0 );
+ }
+ addrOk = sqlite3VdbeMakeLabel(v);
+ if( pParent && pIdx==0 ){
+ int iKey = pFK->aCol[0].iFrom;
+ assert( iKey>=0 && iKey<pTab->nCol );
+ if( iKey!=pTab->iPKey ){
+ sqlite3VdbeAddOp3(v, OP_Column, 0, iKey, regRow);
+ sqlite3ColumnDefault(v, pTab, iKey, regRow);
+ sqlite3VdbeAddOp2(v, OP_IsNull, regRow, addrOk); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_MustBeInt, regRow,
+ sqlite3VdbeCurrentAddr(v)+3); VdbeCoverage(v);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Rowid, 0, regRow);
+ }
+ sqlite3VdbeAddOp3(v, OP_NotExists, i, 0, regRow); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, addrOk);
+ sqlite3VdbeJumpHere(v, sqlite3VdbeCurrentAddr(v)-2);
+ }else{
+ for(j=0; j<pFK->nCol; j++){
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, 0,
+ aiCols ? aiCols[j] : pFK->aCol[j].iFrom, regRow+j);
+ sqlite3VdbeAddOp2(v, OP_IsNull, regRow+j, addrOk); VdbeCoverage(v);
+ }
+ if( pParent ){
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, regRow, pFK->nCol, regKey,
+ sqlite3IndexAffinityStr(db,pIdx), pFK->nCol);
+ sqlite3VdbeAddOp4Int(v, OP_Found, i, addrOk, regKey, 0);
+ VdbeCoverage(v);
+ }
+ }
+ sqlite3VdbeAddOp2(v, OP_Rowid, 0, regResult+1);
+ sqlite3VdbeMultiLoad(v, regResult+2, "si", pFK->zTo, i-1);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, regResult, 4);
+ sqlite3VdbeResolveLabel(v, addrOk);
+ sqlite3DbFree(db, aiCols);
+ }
+ sqlite3VdbeAddOp2(v, OP_Next, 0, addrTop+1); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addrTop);
+ }
+ }
+ break;
+#endif /* !defined(SQLITE_OMIT_TRIGGER) */
+#endif /* !defined(SQLITE_OMIT_FOREIGN_KEY) */
+
+#ifndef NDEBUG
+ case PragTyp_PARSER_TRACE: {
+ if( zRight ){
+ if( sqlite3GetBoolean(zRight, 0) ){
+ sqlite3ParserTrace(stdout, "parser: ");
+ }else{
+ sqlite3ParserTrace(0, 0);
+ }
+ }
+ }
+ break;
+#endif
+
+ /* Reinstall the LIKE and GLOB functions. The variant of LIKE
+ ** used will be case sensitive or not depending on the RHS.
+ */
+ case PragTyp_CASE_SENSITIVE_LIKE: {
+ if( zRight ){
+ sqlite3RegisterLikeFunctions(db, sqlite3GetBoolean(zRight, 0));
+ }
+ }
+ break;
+
+#ifndef SQLITE_INTEGRITY_CHECK_ERROR_MAX
+# define SQLITE_INTEGRITY_CHECK_ERROR_MAX 100
+#endif
+
+#ifndef SQLITE_OMIT_INTEGRITY_CHECK
+ /* Pragma "quick_check" is reduced version of
+ ** integrity_check designed to detect most database corruption
+ ** without most of the overhead of a full integrity-check.
+ */
+ case PragTyp_INTEGRITY_CHECK: {
+ int i, j, addr, mxErr;
+
+ /* Code that appears at the end of the integrity check. If no error
+ ** messages have been generated, output OK. Otherwise output the
+ ** error message
+ */
+ static const int iLn = VDBE_OFFSET_LINENO(2);
+ static const VdbeOpList endCode[] = {
+ { OP_AddImm, 1, 0, 0}, /* 0 */
+ { OP_If, 1, 0, 0}, /* 1 */
+ { OP_String8, 0, 3, 0}, /* 2 */
+ { OP_ResultRow, 3, 1, 0},
+ };
+
+ int isQuick = (sqlite3Tolower(zLeft[0])=='q');
+
+ /* If the PRAGMA command was of the form "PRAGMA <db>.integrity_check",
+ ** then iDb is set to the index of the database identified by <db>.
+ ** In this case, the integrity of database iDb only is verified by
+ ** the VDBE created below.
+ **
+ ** Otherwise, if the command was simply "PRAGMA integrity_check" (or
+ ** "PRAGMA quick_check"), then iDb is set to 0. In this case, set iDb
+ ** to -1 here, to indicate that the VDBE should verify the integrity
+ ** of all attached databases. */
+ assert( iDb>=0 );
+ assert( iDb==0 || pId2->z );
+ if( pId2->z==0 ) iDb = -1;
+
+ /* Initialize the VDBE program */
+ pParse->nMem = 6;
+ setOneColumnName(v, "integrity_check");
+
+ /* Set the maximum error count */
+ mxErr = SQLITE_INTEGRITY_CHECK_ERROR_MAX;
+ if( zRight ){
+ sqlite3GetInt32(zRight, &mxErr);
+ if( mxErr<=0 ){
+ mxErr = SQLITE_INTEGRITY_CHECK_ERROR_MAX;
+ }
+ }
+ sqlite3VdbeAddOp2(v, OP_Integer, mxErr, 1); /* reg[1] holds errors left */
+
+ /* Do an integrity check on each database file */
+ for(i=0; i<db->nDb; i++){
+ HashElem *x;
+ Hash *pTbls;
+ int cnt = 0;
+
+ if( OMIT_TEMPDB && i==1 ) continue;
+ if( iDb>=0 && i!=iDb ) continue;
+
+ sqlite3CodeVerifySchema(pParse, i);
+ addr = sqlite3VdbeAddOp1(v, OP_IfPos, 1); /* Halt if out of errors */
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Halt, 0, 0);
+ sqlite3VdbeJumpHere(v, addr);
+
+ /* Do an integrity check of the B-Tree
+ **
+ ** Begin by filling registers 2, 3, ... with the root pages numbers
+ ** for all tables and indices in the database.
+ */
+ assert( sqlite3SchemaMutexHeld(db, i, 0) );
+ pTbls = &db->aDb[i].pSchema->tblHash;
+ for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
+ Table *pTab = sqliteHashData(x);
+ Index *pIdx;
+ if( HasRowid(pTab) ){
+ sqlite3VdbeAddOp2(v, OP_Integer, pTab->tnum, 2+cnt);
+ VdbeComment((v, "%s", pTab->zName));
+ cnt++;
+ }
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ sqlite3VdbeAddOp2(v, OP_Integer, pIdx->tnum, 2+cnt);
+ VdbeComment((v, "%s", pIdx->zName));
+ cnt++;
+ }
+ }
+
+ /* Make sure sufficient number of registers have been allocated */
+ pParse->nMem = MAX( pParse->nMem, cnt+8 );
+
+ /* Do the b-tree integrity checks */
+ sqlite3VdbeAddOp3(v, OP_IntegrityCk, 2, cnt, 1);
+ sqlite3VdbeChangeP5(v, (u8)i);
+ addr = sqlite3VdbeAddOp1(v, OP_IsNull, 2); VdbeCoverage(v);
+ sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0,
+ sqlite3MPrintf(db, "*** in database %s ***\n", db->aDb[i].zName),
+ P4_DYNAMIC);
+ sqlite3VdbeAddOp3(v, OP_Move, 2, 4, 1);
+ sqlite3VdbeAddOp3(v, OP_Concat, 4, 3, 2);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 2, 1);
+ sqlite3VdbeJumpHere(v, addr);
+
+ /* Make sure all the indices are constructed correctly.
+ */
+ for(x=sqliteHashFirst(pTbls); x && !isQuick; x=sqliteHashNext(x)){
+ Table *pTab = sqliteHashData(x);
+ Index *pIdx, *pPk;
+ Index *pPrior = 0;
+ int loopTop;
+ int iDataCur, iIdxCur;
+ int r1 = -1;
+
+ if( pTab->pIndex==0 ) continue;
+ pPk = HasRowid(pTab) ? 0 : sqlite3PrimaryKeyIndex(pTab);
+ addr = sqlite3VdbeAddOp1(v, OP_IfPos, 1); /* Stop if out of errors */
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Halt, 0, 0);
+ sqlite3VdbeJumpHere(v, addr);
+ sqlite3ExprCacheClear(pParse);
+ sqlite3OpenTableAndIndices(pParse, pTab, OP_OpenRead, 0,
+ 1, 0, &iDataCur, &iIdxCur);
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, 7);
+ for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, 8+j); /* index entries counter */
+ }
+ pParse->nMem = MAX(pParse->nMem, 8+j);
+ sqlite3VdbeAddOp2(v, OP_Rewind, iDataCur, 0); VdbeCoverage(v);
+ loopTop = sqlite3VdbeAddOp2(v, OP_AddImm, 7, 1);
+ /* Verify that all NOT NULL columns really are NOT NULL */
+ for(j=0; j<pTab->nCol; j++){
+ char *zErr;
+ int jmp2, jmp3;
+ if( j==pTab->iPKey ) continue;
+ if( pTab->aCol[j].notNull==0 ) continue;
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, j, 3);
+ sqlite3VdbeChangeP5(v, OPFLAG_TYPEOFARG);
+ jmp2 = sqlite3VdbeAddOp1(v, OP_NotNull, 3); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_AddImm, 1, -1); /* Decrement error limit */
+ zErr = sqlite3MPrintf(db, "NULL value in %s.%s", pTab->zName,
+ pTab->aCol[j].zName);
+ sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0, zErr, P4_DYNAMIC);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 3, 1);
+ jmp3 = sqlite3VdbeAddOp1(v, OP_IfPos, 1); VdbeCoverage(v);
+ sqlite3VdbeAddOp0(v, OP_Halt);
+ sqlite3VdbeJumpHere(v, jmp2);
+ sqlite3VdbeJumpHere(v, jmp3);
+ }
+ /* Validate index entries for the current row */
+ for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
+ int jmp2, jmp3, jmp4, jmp5;
+ int ckUniq = sqlite3VdbeMakeLabel(v);
+ if( pPk==pIdx ) continue;
+ r1 = sqlite3GenerateIndexKey(pParse, pIdx, iDataCur, 0, 0, &jmp3,
+ pPrior, r1);
+ pPrior = pIdx;
+ sqlite3VdbeAddOp2(v, OP_AddImm, 8+j, 1); /* increment entry count */
+ /* Verify that an index entry exists for the current table row */
+ jmp2 = sqlite3VdbeAddOp4Int(v, OP_Found, iIdxCur+j, ckUniq, r1,
+ pIdx->nColumn); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_AddImm, 1, -1); /* Decrement error limit */
+ sqlite3VdbeLoadString(v, 3, "row ");
+ sqlite3VdbeAddOp3(v, OP_Concat, 7, 3, 3);
+ sqlite3VdbeLoadString(v, 4, " missing from index ");
+ sqlite3VdbeAddOp3(v, OP_Concat, 4, 3, 3);
+ jmp5 = sqlite3VdbeLoadString(v, 4, pIdx->zName);
+ sqlite3VdbeAddOp3(v, OP_Concat, 4, 3, 3);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 3, 1);
+ jmp4 = sqlite3VdbeAddOp1(v, OP_IfPos, 1); VdbeCoverage(v);
+ sqlite3VdbeAddOp0(v, OP_Halt);
+ sqlite3VdbeJumpHere(v, jmp2);
+ /* For UNIQUE indexes, verify that only one entry exists with the
+ ** current key. The entry is unique if (1) any column is NULL
+ ** or (2) the next entry has a different key */
+ if( IsUniqueIndex(pIdx) ){
+ int uniqOk = sqlite3VdbeMakeLabel(v);
+ int jmp6;
+ int kk;
+ for(kk=0; kk<pIdx->nKeyCol; kk++){
+ int iCol = pIdx->aiColumn[kk];
+ assert( iCol!=XN_ROWID && iCol<pTab->nCol );
+ if( iCol>=0 && pTab->aCol[iCol].notNull ) continue;
+ sqlite3VdbeAddOp2(v, OP_IsNull, r1+kk, uniqOk);
+ VdbeCoverage(v);
+ }
+ jmp6 = sqlite3VdbeAddOp1(v, OP_Next, iIdxCur+j); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, uniqOk);
+ sqlite3VdbeJumpHere(v, jmp6);
+ sqlite3VdbeAddOp4Int(v, OP_IdxGT, iIdxCur+j, uniqOk, r1,
+ pIdx->nKeyCol); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_AddImm, 1, -1); /* Decrement error limit */
+ sqlite3VdbeLoadString(v, 3, "non-unique entry in index ");
+ sqlite3VdbeGoto(v, jmp5);
+ sqlite3VdbeResolveLabel(v, uniqOk);
+ }
+ sqlite3VdbeJumpHere(v, jmp4);
+ sqlite3ResolvePartIdxLabel(pParse, jmp3);
+ }
+ sqlite3VdbeAddOp2(v, OP_Next, iDataCur, loopTop); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, loopTop-1);
+#ifndef SQLITE_OMIT_BTREECOUNT
+ sqlite3VdbeLoadString(v, 2, "wrong # of entries in index ");
+ for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
+ if( pPk==pIdx ) continue;
+ addr = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp2(v, OP_IfPos, 1, addr+2); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Halt, 0, 0);
+ sqlite3VdbeAddOp2(v, OP_Count, iIdxCur+j, 3);
+ sqlite3VdbeAddOp3(v, OP_Eq, 8+j, addr+8, 3); VdbeCoverage(v);
+ sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
+ sqlite3VdbeAddOp2(v, OP_AddImm, 1, -1);
+ sqlite3VdbeLoadString(v, 3, pIdx->zName);
+ sqlite3VdbeAddOp3(v, OP_Concat, 3, 2, 7);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 7, 1);
+ }
+#endif /* SQLITE_OMIT_BTREECOUNT */
+ }
+ }
+ addr = sqlite3VdbeAddOpList(v, ArraySize(endCode), endCode, iLn);
+ sqlite3VdbeChangeP2(v, addr, -mxErr);
+ sqlite3VdbeJumpHere(v, addr+1);
+ sqlite3VdbeChangeP4(v, addr+2, "ok", P4_STATIC);
+ }
+ break;
+#endif /* SQLITE_OMIT_INTEGRITY_CHECK */
+
+#ifndef SQLITE_OMIT_UTF16
+ /*
+ ** PRAGMA encoding
+ ** PRAGMA encoding = "utf-8"|"utf-16"|"utf-16le"|"utf-16be"
+ **
+ ** In its first form, this pragma returns the encoding of the main
+ ** database. If the database is not initialized, it is initialized now.
+ **
+ ** The second form of this pragma is a no-op if the main database file
+ ** has not already been initialized. In this case it sets the default
+ ** encoding that will be used for the main database file if a new file
+ ** is created. If an existing main database file is opened, then the
+ ** default text encoding for the existing database is used.
+ **
+ ** In all cases new databases created using the ATTACH command are
+ ** created to use the same default text encoding as the main database. If
+ ** the main database has not been initialized and/or created when ATTACH
+ ** is executed, this is done before the ATTACH operation.
+ **
+ ** In the second form this pragma sets the text encoding to be used in
+ ** new database files created using this database handle. It is only
+ ** useful if invoked immediately after the main database i
+ */
+ case PragTyp_ENCODING: {
+ static const struct EncName {
+ char *zName;
+ u8 enc;
+ } encnames[] = {
+ { "UTF8", SQLITE_UTF8 },
+ { "UTF-8", SQLITE_UTF8 }, /* Must be element [1] */
+ { "UTF-16le", SQLITE_UTF16LE }, /* Must be element [2] */
+ { "UTF-16be", SQLITE_UTF16BE }, /* Must be element [3] */
+ { "UTF16le", SQLITE_UTF16LE },
+ { "UTF16be", SQLITE_UTF16BE },
+ { "UTF-16", 0 }, /* SQLITE_UTF16NATIVE */
+ { "UTF16", 0 }, /* SQLITE_UTF16NATIVE */
+ { 0, 0 }
+ };
+ const struct EncName *pEnc;
+ if( !zRight ){ /* "PRAGMA encoding" */
+ if( sqlite3ReadSchema(pParse) ) goto pragma_out;
+ assert( encnames[SQLITE_UTF8].enc==SQLITE_UTF8 );
+ assert( encnames[SQLITE_UTF16LE].enc==SQLITE_UTF16LE );
+ assert( encnames[SQLITE_UTF16BE].enc==SQLITE_UTF16BE );
+ returnSingleText(v, "encoding", encnames[ENC(pParse->db)].zName);
+ }else{ /* "PRAGMA encoding = XXX" */
+ /* Only change the value of sqlite.enc if the database handle is not
+ ** initialized. If the main database exists, the new sqlite.enc value
+ ** will be overwritten when the schema is next loaded. If it does not
+ ** already exists, it will be created to use the new encoding value.
+ */
+ if(
+ !(DbHasProperty(db, 0, DB_SchemaLoaded)) ||
+ DbHasProperty(db, 0, DB_Empty)
+ ){
+ for(pEnc=&encnames[0]; pEnc->zName; pEnc++){
+ if( 0==sqlite3StrICmp(zRight, pEnc->zName) ){
+ SCHEMA_ENC(db) = ENC(db) =
+ pEnc->enc ? pEnc->enc : SQLITE_UTF16NATIVE;
+ break;
+ }
+ }
+ if( !pEnc->zName ){
+ sqlite3ErrorMsg(pParse, "unsupported encoding: %s", zRight);
+ }
+ }
+ }
+ }
+ break;
+#endif /* SQLITE_OMIT_UTF16 */
+
+#ifndef SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS
+ /*
+ ** PRAGMA [schema.]schema_version
+ ** PRAGMA [schema.]schema_version = <integer>
+ **
+ ** PRAGMA [schema.]user_version
+ ** PRAGMA [schema.]user_version = <integer>
+ **
+ ** PRAGMA [schema.]freelist_count = <integer>
+ **
+ ** PRAGMA [schema.]application_id
+ ** PRAGMA [schema.]application_id = <integer>
+ **
+ ** The pragma's schema_version and user_version are used to set or get
+ ** the value of the schema-version and user-version, respectively. Both
+ ** the schema-version and the user-version are 32-bit signed integers
+ ** stored in the database header.
+ **
+ ** The schema-cookie is usually only manipulated internally by SQLite. It
+ ** is incremented by SQLite whenever the database schema is modified (by
+ ** creating or dropping a table or index). The schema version is used by
+ ** SQLite each time a query is executed to ensure that the internal cache
+ ** of the schema used when compiling the SQL query matches the schema of
+ ** the database against which the compiled query is actually executed.
+ ** Subverting this mechanism by using "PRAGMA schema_version" to modify
+ ** the schema-version is potentially dangerous and may lead to program
+ ** crashes or database corruption. Use with caution!
+ **
+ ** The user-version is not used internally by SQLite. It may be used by
+ ** applications for any purpose.
+ */
+ case PragTyp_HEADER_VALUE: {
+ int iCookie = pPragma->iArg; /* Which cookie to read or write */
+ sqlite3VdbeUsesBtree(v, iDb);
+ if( zRight && (pPragma->mPragFlag & PragFlag_ReadOnly)==0 ){
+ /* Write the specified cookie value */
+ static const VdbeOpList setCookie[] = {
+ { OP_Transaction, 0, 1, 0}, /* 0 */
+ { OP_Integer, 0, 1, 0}, /* 1 */
+ { OP_SetCookie, 0, 0, 1}, /* 2 */
+ };
+ int addr = sqlite3VdbeAddOpList(v, ArraySize(setCookie), setCookie, 0);
+ sqlite3VdbeChangeP1(v, addr, iDb);
+ sqlite3VdbeChangeP1(v, addr+1, sqlite3Atoi(zRight));
+ sqlite3VdbeChangeP1(v, addr+2, iDb);
+ sqlite3VdbeChangeP2(v, addr+2, iCookie);
+ }else{
+ /* Read the specified cookie value */
+ static const VdbeOpList readCookie[] = {
+ { OP_Transaction, 0, 0, 0}, /* 0 */
+ { OP_ReadCookie, 0, 1, 0}, /* 1 */
+ { OP_ResultRow, 1, 1, 0}
+ };
+ int addr = sqlite3VdbeAddOpList(v, ArraySize(readCookie), readCookie, 0);
+ sqlite3VdbeChangeP1(v, addr, iDb);
+ sqlite3VdbeChangeP1(v, addr+1, iDb);
+ sqlite3VdbeChangeP3(v, addr+1, iCookie);
+ sqlite3VdbeSetNumCols(v, 1);
+ sqlite3VdbeSetColName(v, 0, COLNAME_NAME, zLeft, SQLITE_TRANSIENT);
+ }
+ }
+ break;
+#endif /* SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS */
+
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+ /*
+ ** PRAGMA compile_options
+ **
+ ** Return the names of all compile-time options used in this build,
+ ** one option per row.
+ */
+ case PragTyp_COMPILE_OPTIONS: {
+ int i = 0;
+ const char *zOpt;
+ pParse->nMem = 1;
+ setOneColumnName(v, "compile_option");
+ while( (zOpt = sqlite3_compileoption_get(i++))!=0 ){
+ sqlite3VdbeLoadString(v, 1, zOpt);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1);
+ }
+ }
+ break;
+#endif /* SQLITE_OMIT_COMPILEOPTION_DIAGS */
+
+#ifndef SQLITE_OMIT_WAL
+ /*
+ ** PRAGMA [schema.]wal_checkpoint = passive|full|restart|truncate
+ **
+ ** Checkpoint the database.
+ */
+ case PragTyp_WAL_CHECKPOINT: {
+ static const char *azCol[] = { "busy", "log", "checkpointed" };
+ int iBt = (pId2->z?iDb:SQLITE_MAX_ATTACHED);
+ int eMode = SQLITE_CHECKPOINT_PASSIVE;
+ if( zRight ){
+ if( sqlite3StrICmp(zRight, "full")==0 ){
+ eMode = SQLITE_CHECKPOINT_FULL;
+ }else if( sqlite3StrICmp(zRight, "restart")==0 ){
+ eMode = SQLITE_CHECKPOINT_RESTART;
+ }else if( sqlite3StrICmp(zRight, "truncate")==0 ){
+ eMode = SQLITE_CHECKPOINT_TRUNCATE;
+ }
+ }
+ setAllColumnNames(v, 3, azCol); assert( 3==ArraySize(azCol) );
+ pParse->nMem = 3;
+ sqlite3VdbeAddOp3(v, OP_Checkpoint, iBt, eMode, 1);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 3);
+ }
+ break;
+
+ /*
+ ** PRAGMA wal_autocheckpoint
+ ** PRAGMA wal_autocheckpoint = N
+ **
+ ** Configure a database connection to automatically checkpoint a database
+ ** after accumulating N frames in the log. Or query for the current value
+ ** of N.
+ */
+ case PragTyp_WAL_AUTOCHECKPOINT: {
+ if( zRight ){
+ sqlite3_wal_autocheckpoint(db, sqlite3Atoi(zRight));
+ }
+ returnSingleInt(v, "wal_autocheckpoint",
+ db->xWalCallback==sqlite3WalDefaultHook ?
+ SQLITE_PTR_TO_INT(db->pWalArg) : 0);
+ }
+ break;
+#endif
+
+ /*
+ ** PRAGMA shrink_memory
+ **
+ ** IMPLEMENTATION-OF: R-23445-46109 This pragma causes the database
+ ** connection on which it is invoked to free up as much memory as it
+ ** can, by calling sqlite3_db_release_memory().
+ */
+ case PragTyp_SHRINK_MEMORY: {
+ sqlite3_db_release_memory(db);
+ break;
+ }
+
+ /*
+ ** PRAGMA busy_timeout
+ ** PRAGMA busy_timeout = N
+ **
+ ** Call sqlite3_busy_timeout(db, N). Return the current timeout value
+ ** if one is set. If no busy handler or a different busy handler is set
+ ** then 0 is returned. Setting the busy_timeout to 0 or negative
+ ** disables the timeout.
+ */
+ /*case PragTyp_BUSY_TIMEOUT*/ default: {
+ assert( pPragma->ePragTyp==PragTyp_BUSY_TIMEOUT );
+ if( zRight ){
+ sqlite3_busy_timeout(db, sqlite3Atoi(zRight));
+ }
+ returnSingleInt(v, "timeout", db->busyTimeout);
+ break;
+ }
+
+ /*
+ ** PRAGMA soft_heap_limit
+ ** PRAGMA soft_heap_limit = N
+ **
+ ** IMPLEMENTATION-OF: R-26343-45930 This pragma invokes the
+ ** sqlite3_soft_heap_limit64() interface with the argument N, if N is
+ ** specified and is a non-negative integer.
+ ** IMPLEMENTATION-OF: R-64451-07163 The soft_heap_limit pragma always
+ ** returns the same integer that would be returned by the
+ ** sqlite3_soft_heap_limit64(-1) C-language function.
+ */
+ case PragTyp_SOFT_HEAP_LIMIT: {
+ sqlite3_int64 N;
+ if( zRight && sqlite3DecOrHexToI64(zRight, &N)==SQLITE_OK ){
+ sqlite3_soft_heap_limit64(N);
+ }
+ returnSingleInt(v, "soft_heap_limit", sqlite3_soft_heap_limit64(-1));
+ break;
+ }
+
+ /*
+ ** PRAGMA threads
+ ** PRAGMA threads = N
+ **
+ ** Configure the maximum number of worker threads. Return the new
+ ** maximum, which might be less than requested.
+ */
+ case PragTyp_THREADS: {
+ sqlite3_int64 N;
+ if( zRight
+ && sqlite3DecOrHexToI64(zRight, &N)==SQLITE_OK
+ && N>=0
+ ){
+ sqlite3_limit(db, SQLITE_LIMIT_WORKER_THREADS, (int)(N&0x7fffffff));
+ }
+ returnSingleInt(v, "threads",
+ sqlite3_limit(db, SQLITE_LIMIT_WORKER_THREADS, -1));
+ break;
+ }
+
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
+ /*
+ ** Report the current state of file logs for all databases
+ */
+ case PragTyp_LOCK_STATUS: {
+ static const char *const azLockName[] = {
+ "unlocked", "shared", "reserved", "pending", "exclusive"
+ };
+ static const char *azCol[] = { "database", "status" };
+ int i;
+ setAllColumnNames(v, 2, azCol); assert( 2==ArraySize(azCol) );
+ pParse->nMem = 2;
+ for(i=0; i<db->nDb; i++){
+ Btree *pBt;
+ const char *zState = "unknown";
+ int j;
+ if( db->aDb[i].zName==0 ) continue;
+ pBt = db->aDb[i].pBt;
+ if( pBt==0 || sqlite3BtreePager(pBt)==0 ){
+ zState = "closed";
+ }else if( sqlite3_file_control(db, i ? db->aDb[i].zName : 0,
+ SQLITE_FCNTL_LOCKSTATE, &j)==SQLITE_OK ){
+ zState = azLockName[j];
+ }
+ sqlite3VdbeMultiLoad(v, 1, "ss", db->aDb[i].zName, zState);
+ sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 2);
+ }
+ break;
+ }
+#endif
+
+#ifdef SQLITE_HAS_CODEC
+ case PragTyp_KEY: {
+ if( zRight ) sqlite3_key_v2(db, zDb, zRight, sqlite3Strlen30(zRight));
+ break;
+ }
+ case PragTyp_REKEY: {
+ if( zRight ) sqlite3_rekey_v2(db, zDb, zRight, sqlite3Strlen30(zRight));
+ break;
+ }
+ case PragTyp_HEXKEY: {
+ if( zRight ){
+ u8 iByte;
+ int i;
+ char zKey[40];
+ for(i=0, iByte=0; i<sizeof(zKey)*2 && sqlite3Isxdigit(zRight[i]); i++){
+ iByte = (iByte<<4) + sqlite3HexToInt(zRight[i]);
+ if( (i&1)!=0 ) zKey[i/2] = iByte;
+ }
+ if( (zLeft[3] & 0xf)==0xb ){
+ sqlite3_key_v2(db, zDb, zKey, i/2);
+ }else{
+ sqlite3_rekey_v2(db, zDb, zKey, i/2);
+ }
+ }
+ break;
+ }
+#endif
+#if defined(SQLITE_HAS_CODEC) || defined(SQLITE_ENABLE_CEROD)
+ case PragTyp_ACTIVATE_EXTENSIONS: if( zRight ){
+#ifdef SQLITE_HAS_CODEC
+ if( sqlite3StrNICmp(zRight, "see-", 4)==0 ){
+ sqlite3_activate_see(&zRight[4]);
+ }
+#endif
+#ifdef SQLITE_ENABLE_CEROD
+ if( sqlite3StrNICmp(zRight, "cerod-", 6)==0 ){
+ sqlite3_activate_cerod(&zRight[6]);
+ }
+#endif
+ }
+ break;
+#endif
+
+ } /* End of the PRAGMA switch */
+
+pragma_out:
+ sqlite3DbFree(db, zLeft);
+ sqlite3DbFree(db, zRight);
+}
+
+#endif /* SQLITE_OMIT_PRAGMA */
+
+/************** End of pragma.c **********************************************/
+/************** Begin file prepare.c *****************************************/
+/*
+** 2005 May 25
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the implementation of the sqlite3_prepare()
+** interface, and routines that contribute to loading the database schema
+** from disk.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** Fill the InitData structure with an error message that indicates
+** that the database is corrupt.
+*/
+static void corruptSchema(
+ InitData *pData, /* Initialization context */
+ const char *zObj, /* Object being parsed at the point of error */
+ const char *zExtra /* Error information */
+){
+ sqlite3 *db = pData->db;
+ if( !db->mallocFailed && (db->flags & SQLITE_RecoveryMode)==0 ){
+ char *z;
+ if( zObj==0 ) zObj = "?";
+ z = sqlite3_mprintf("malformed database schema (%s)", zObj);
+ if( z && zExtra ) z = sqlite3_mprintf("%z - %s", z, zExtra);
+ sqlite3DbFree(db, *pData->pzErrMsg);
+ *pData->pzErrMsg = z;
+ if( z==0 ) db->mallocFailed = 1;
+ }
+ pData->rc = db->mallocFailed ? SQLITE_NOMEM : SQLITE_CORRUPT_BKPT;
+}
+
+/*
+** This is the callback routine for the code that initializes the
+** database. See sqlite3Init() below for additional information.
+** This routine is also called from the OP_ParseSchema opcode of the VDBE.
+**
+** Each callback contains the following information:
+**
+** argv[0] = name of thing being created
+** argv[1] = root page number for table or index. 0 for trigger or view.
+** argv[2] = SQL text for the CREATE statement.
+**
+*/
+SQLITE_PRIVATE int sqlite3InitCallback(void *pInit, int argc, char **argv, char **NotUsed){
+ InitData *pData = (InitData*)pInit;
+ sqlite3 *db = pData->db;
+ int iDb = pData->iDb;
+
+ assert( argc==3 );
+ UNUSED_PARAMETER2(NotUsed, argc);
+ assert( sqlite3_mutex_held(db->mutex) );
+ DbClearProperty(db, iDb, DB_Empty);
+ if( db->mallocFailed ){
+ corruptSchema(pData, argv[0], 0);
+ return 1;
+ }
+
+ assert( iDb>=0 && iDb<db->nDb );
+ if( argv==0 ) return 0; /* Might happen if EMPTY_RESULT_CALLBACKS are on */
+ if( argv[1]==0 ){
+ corruptSchema(pData, argv[0], 0);
+ }else if( sqlite3_strnicmp(argv[2],"create ",7)==0 ){
+ /* Call the parser to process a CREATE TABLE, INDEX or VIEW.
+ ** But because db->init.busy is set to 1, no VDBE code is generated
+ ** or executed. All the parser does is build the internal data
+ ** structures that describe the table, index, or view.
+ */
+ int rc;
+ sqlite3_stmt *pStmt;
+ TESTONLY(int rcp); /* Return code from sqlite3_prepare() */
+
+ assert( db->init.busy );
+ db->init.iDb = iDb;
+ db->init.newTnum = sqlite3Atoi(argv[1]);
+ db->init.orphanTrigger = 0;
+ TESTONLY(rcp = ) sqlite3_prepare(db, argv[2], -1, &pStmt, 0);
+ rc = db->errCode;
+ assert( (rc&0xFF)==(rcp&0xFF) );
+ db->init.iDb = 0;
+ if( SQLITE_OK!=rc ){
+ if( db->init.orphanTrigger ){
+ assert( iDb==1 );
+ }else{
+ pData->rc = rc;
+ if( rc==SQLITE_NOMEM ){
+ db->mallocFailed = 1;
+ }else if( rc!=SQLITE_INTERRUPT && (rc&0xFF)!=SQLITE_LOCKED ){
+ corruptSchema(pData, argv[0], sqlite3_errmsg(db));
+ }
+ }
+ }
+ sqlite3_finalize(pStmt);
+ }else if( argv[0]==0 || (argv[2]!=0 && argv[2][0]!=0) ){
+ corruptSchema(pData, argv[0], 0);
+ }else{
+ /* If the SQL column is blank it means this is an index that
+ ** was created to be the PRIMARY KEY or to fulfill a UNIQUE
+ ** constraint for a CREATE TABLE. The index should have already
+ ** been created when we processed the CREATE TABLE. All we have
+ ** to do here is record the root page number for that index.
+ */
+ Index *pIndex;
+ pIndex = sqlite3FindIndex(db, argv[0], db->aDb[iDb].zName);
+ if( pIndex==0 ){
+ /* This can occur if there exists an index on a TEMP table which
+ ** has the same name as another index on a permanent index. Since
+ ** the permanent table is hidden by the TEMP table, we can also
+ ** safely ignore the index on the permanent table.
+ */
+ /* Do Nothing */;
+ }else if( sqlite3GetInt32(argv[1], &pIndex->tnum)==0 ){
+ corruptSchema(pData, argv[0], "invalid rootpage");
+ }
+ }
+ return 0;
+}
+
+/*
+** Attempt to read the database schema and initialize internal
+** data structures for a single database file. The index of the
+** database file is given by iDb. iDb==0 is used for the main
+** database. iDb==1 should never be used. iDb>=2 is used for
+** auxiliary databases. Return one of the SQLITE_ error codes to
+** indicate success or failure.
+*/
+static int sqlite3InitOne(sqlite3 *db, int iDb, char **pzErrMsg){
+ int rc;
+ int i;
+#ifndef SQLITE_OMIT_DEPRECATED
+ int size;
+#endif
+ Table *pTab;
+ Db *pDb;
+ char const *azArg[4];
+ int meta[5];
+ InitData initData;
+ char const *zMasterSchema;
+ char const *zMasterName;
+ int openedTransaction = 0;
+
+ /*
+ ** The master database table has a structure like this
+ */
+ static const char master_schema[] =
+ "CREATE TABLE sqlite_master(\n"
+ " type text,\n"
+ " name text,\n"
+ " tbl_name text,\n"
+ " rootpage integer,\n"
+ " sql text\n"
+ ")"
+ ;
+#ifndef SQLITE_OMIT_TEMPDB
+ static const char temp_master_schema[] =
+ "CREATE TEMP TABLE sqlite_temp_master(\n"
+ " type text,\n"
+ " name text,\n"
+ " tbl_name text,\n"
+ " rootpage integer,\n"
+ " sql text\n"
+ ")"
+ ;
+#else
+ #define temp_master_schema 0
+#endif
+
+ assert( iDb>=0 && iDb<db->nDb );
+ assert( db->aDb[iDb].pSchema );
+ assert( sqlite3_mutex_held(db->mutex) );
+ assert( iDb==1 || sqlite3BtreeHoldsMutex(db->aDb[iDb].pBt) );
+
+ /* zMasterSchema and zInitScript are set to point at the master schema
+ ** and initialisation script appropriate for the database being
+ ** initialized. zMasterName is the name of the master table.
+ */
+ if( !OMIT_TEMPDB && iDb==1 ){
+ zMasterSchema = temp_master_schema;
+ }else{
+ zMasterSchema = master_schema;
+ }
+ zMasterName = SCHEMA_TABLE(iDb);
+
+ /* Construct the schema tables. */
+ azArg[0] = zMasterName;
+ azArg[1] = "1";
+ azArg[2] = zMasterSchema;
+ azArg[3] = 0;
+ initData.db = db;
+ initData.iDb = iDb;
+ initData.rc = SQLITE_OK;
+ initData.pzErrMsg = pzErrMsg;
+ sqlite3InitCallback(&initData, 3, (char **)azArg, 0);
+ if( initData.rc ){
+ rc = initData.rc;
+ goto error_out;
+ }
+ pTab = sqlite3FindTable(db, zMasterName, db->aDb[iDb].zName);
+ if( ALWAYS(pTab) ){
+ pTab->tabFlags |= TF_Readonly;
+ }
+
+ /* Create a cursor to hold the database open
+ */
+ pDb = &db->aDb[iDb];
+ if( pDb->pBt==0 ){
+ if( !OMIT_TEMPDB && ALWAYS(iDb==1) ){
+ DbSetProperty(db, 1, DB_SchemaLoaded);
+ }
+ return SQLITE_OK;
+ }
+
+ /* If there is not already a read-only (or read-write) transaction opened
+ ** on the b-tree database, open one now. If a transaction is opened, it
+ ** will be closed before this function returns. */
+ sqlite3BtreeEnter(pDb->pBt);
+ if( !sqlite3BtreeIsInReadTrans(pDb->pBt) ){
+ rc = sqlite3BtreeBeginTrans(pDb->pBt, 0);
+ if( rc!=SQLITE_OK ){
+ sqlite3SetString(pzErrMsg, db, sqlite3ErrStr(rc));
+ goto initone_error_out;
+ }
+ openedTransaction = 1;
+ }
+
+ /* Get the database meta information.
+ **
+ ** Meta values are as follows:
+ ** meta[0] Schema cookie. Changes with each schema change.
+ ** meta[1] File format of schema layer.
+ ** meta[2] Size of the page cache.
+ ** meta[3] Largest rootpage (auto/incr_vacuum mode)
+ ** meta[4] Db text encoding. 1:UTF-8 2:UTF-16LE 3:UTF-16BE
+ ** meta[5] User version
+ ** meta[6] Incremental vacuum mode
+ ** meta[7] unused
+ ** meta[8] unused
+ ** meta[9] unused
+ **
+ ** Note: The #defined SQLITE_UTF* symbols in sqliteInt.h correspond to
+ ** the possible values of meta[4].
+ */
+ for(i=0; i<ArraySize(meta); i++){
+ sqlite3BtreeGetMeta(pDb->pBt, i+1, (u32 *)&meta[i]);
+ }
+ pDb->pSchema->schema_cookie = meta[BTREE_SCHEMA_VERSION-1];
+
+ /* If opening a non-empty database, check the text encoding. For the
+ ** main database, set sqlite3.enc to the encoding of the main database.
+ ** For an attached db, it is an error if the encoding is not the same
+ ** as sqlite3.enc.
+ */
+ if( meta[BTREE_TEXT_ENCODING-1] ){ /* text encoding */
+ if( iDb==0 ){
+#ifndef SQLITE_OMIT_UTF16
+ u8 encoding;
+ /* If opening the main database, set ENC(db). */
+ encoding = (u8)meta[BTREE_TEXT_ENCODING-1] & 3;
+ if( encoding==0 ) encoding = SQLITE_UTF8;
+ ENC(db) = encoding;
+#else
+ ENC(db) = SQLITE_UTF8;
+#endif
+ }else{
+ /* If opening an attached database, the encoding much match ENC(db) */
+ if( meta[BTREE_TEXT_ENCODING-1]!=ENC(db) ){
+ sqlite3SetString(pzErrMsg, db, "attached databases must use the same"
+ " text encoding as main database");
+ rc = SQLITE_ERROR;
+ goto initone_error_out;
+ }
+ }
+ }else{
+ DbSetProperty(db, iDb, DB_Empty);
+ }
+ pDb->pSchema->enc = ENC(db);
+
+ if( pDb->pSchema->cache_size==0 ){
+#ifndef SQLITE_OMIT_DEPRECATED
+ size = sqlite3AbsInt32(meta[BTREE_DEFAULT_CACHE_SIZE-1]);
+ if( size==0 ){ size = SQLITE_DEFAULT_CACHE_SIZE; }
+ pDb->pSchema->cache_size = size;
+#else
+ pDb->pSchema->cache_size = SQLITE_DEFAULT_CACHE_SIZE;
+#endif
+ sqlite3BtreeSetCacheSize(pDb->pBt, pDb->pSchema->cache_size);
+ }
+
+ /*
+ ** file_format==1 Version 3.0.0.
+ ** file_format==2 Version 3.1.3. // ALTER TABLE ADD COLUMN
+ ** file_format==3 Version 3.1.4. // ditto but with non-NULL defaults
+ ** file_format==4 Version 3.3.0. // DESC indices. Boolean constants
+ */
+ pDb->pSchema->file_format = (u8)meta[BTREE_FILE_FORMAT-1];
+ if( pDb->pSchema->file_format==0 ){
+ pDb->pSchema->file_format = 1;
+ }
+ if( pDb->pSchema->file_format>SQLITE_MAX_FILE_FORMAT ){
+ sqlite3SetString(pzErrMsg, db, "unsupported file format");
+ rc = SQLITE_ERROR;
+ goto initone_error_out;
+ }
+
+ /* Ticket #2804: When we open a database in the newer file format,
+ ** clear the legacy_file_format pragma flag so that a VACUUM will
+ ** not downgrade the database and thus invalidate any descending
+ ** indices that the user might have created.
+ */
+ if( iDb==0 && meta[BTREE_FILE_FORMAT-1]>=4 ){
+ db->flags &= ~SQLITE_LegacyFileFmt;
+ }
+
+ /* Read the schema information out of the schema tables
+ */
+ assert( db->init.busy );
+ {
+ char *zSql;
+ zSql = sqlite3MPrintf(db,
+ "SELECT name, rootpage, sql FROM '%q'.%s ORDER BY rowid",
+ db->aDb[iDb].zName, zMasterName);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ sqlite3_xauth xAuth;
+ xAuth = db->xAuth;
+ db->xAuth = 0;
+#endif
+ rc = sqlite3_exec(db, zSql, sqlite3InitCallback, &initData, 0);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ db->xAuth = xAuth;
+ }
+#endif
+ if( rc==SQLITE_OK ) rc = initData.rc;
+ sqlite3DbFree(db, zSql);
+#ifndef SQLITE_OMIT_ANALYZE
+ if( rc==SQLITE_OK ){
+ sqlite3AnalysisLoad(db, iDb);
+ }
+#endif
+ }
+ if( db->mallocFailed ){
+ rc = SQLITE_NOMEM;
+ sqlite3ResetAllSchemasOfConnection(db);
+ }
+ if( rc==SQLITE_OK || (db->flags&SQLITE_RecoveryMode)){
+ /* Black magic: If the SQLITE_RecoveryMode flag is set, then consider
+ ** the schema loaded, even if errors occurred. In this situation the
+ ** current sqlite3_prepare() operation will fail, but the following one
+ ** will attempt to compile the supplied statement against whatever subset
+ ** of the schema was loaded before the error occurred. The primary
+ ** purpose of this is to allow access to the sqlite_master table
+ ** even when its contents have been corrupted.
+ */
+ DbSetProperty(db, iDb, DB_SchemaLoaded);
+ rc = SQLITE_OK;
+ }
+
+ /* Jump here for an error that occurs after successfully allocating
+ ** curMain and calling sqlite3BtreeEnter(). For an error that occurs
+ ** before that point, jump to error_out.
+ */
+initone_error_out:
+ if( openedTransaction ){
+ sqlite3BtreeCommit(pDb->pBt);
+ }
+ sqlite3BtreeLeave(pDb->pBt);
+
+error_out:
+ if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ){
+ db->mallocFailed = 1;
+ }
+ return rc;
+}
+
+/*
+** Initialize all database files - the main database file, the file
+** used to store temporary tables, and any additional database files
+** created using ATTACH statements. Return a success code. If an
+** error occurs, write an error message into *pzErrMsg.
+**
+** After a database is initialized, the DB_SchemaLoaded bit is set
+** bit is set in the flags field of the Db structure. If the database
+** file was of zero-length, then the DB_Empty flag is also set.
+*/
+SQLITE_PRIVATE int sqlite3Init(sqlite3 *db, char **pzErrMsg){
+ int i, rc;
+ int commit_internal = !(db->flags&SQLITE_InternChanges);
+
+ assert( sqlite3_mutex_held(db->mutex) );
+ assert( sqlite3BtreeHoldsMutex(db->aDb[0].pBt) );
+ assert( db->init.busy==0 );
+ rc = SQLITE_OK;
+ db->init.busy = 1;
+ ENC(db) = SCHEMA_ENC(db);
+ for(i=0; rc==SQLITE_OK && i<db->nDb; i++){
+ if( DbHasProperty(db, i, DB_SchemaLoaded) || i==1 ) continue;
+ rc = sqlite3InitOne(db, i, pzErrMsg);
+ if( rc ){
+ sqlite3ResetOneSchema(db, i);
+ }
+ }
+
+ /* Once all the other databases have been initialized, load the schema
+ ** for the TEMP database. This is loaded last, as the TEMP database
+ ** schema may contain references to objects in other databases.
+ */
+#ifndef SQLITE_OMIT_TEMPDB
+ assert( db->nDb>1 );
+ if( rc==SQLITE_OK && !DbHasProperty(db, 1, DB_SchemaLoaded) ){
+ rc = sqlite3InitOne(db, 1, pzErrMsg);
+ if( rc ){
+ sqlite3ResetOneSchema(db, 1);
+ }
+ }
+#endif
+
+ db->init.busy = 0;
+ if( rc==SQLITE_OK && commit_internal ){
+ sqlite3CommitInternalChanges(db);
+ }
+
+ return rc;
+}
+
+/*
+** This routine is a no-op if the database schema is already initialized.
+** Otherwise, the schema is loaded. An error code is returned.
+*/
+SQLITE_PRIVATE int sqlite3ReadSchema(Parse *pParse){
+ int rc = SQLITE_OK;
+ sqlite3 *db = pParse->db;
+ assert( sqlite3_mutex_held(db->mutex) );
+ if( !db->init.busy ){
+ rc = sqlite3Init(db, &pParse->zErrMsg);
+ }
+ if( rc!=SQLITE_OK ){
+ pParse->rc = rc;
+ pParse->nErr++;
+ }
+ return rc;
+}
+
+
+/*
+** Check schema cookies in all databases. If any cookie is out
+** of date set pParse->rc to SQLITE_SCHEMA. If all schema cookies
+** make no changes to pParse->rc.
+*/
+static void schemaIsValid(Parse *pParse){
+ sqlite3 *db = pParse->db;
+ int iDb;
+ int rc;
+ int cookie;
+
+ assert( pParse->checkSchema );
+ assert( sqlite3_mutex_held(db->mutex) );
+ for(iDb=0; iDb<db->nDb; iDb++){
+ int openedTransaction = 0; /* True if a transaction is opened */
+ Btree *pBt = db->aDb[iDb].pBt; /* Btree database to read cookie from */
+ if( pBt==0 ) continue;
+
+ /* If there is not already a read-only (or read-write) transaction opened
+ ** on the b-tree database, open one now. If a transaction is opened, it
+ ** will be closed immediately after reading the meta-value. */
+ if( !sqlite3BtreeIsInReadTrans(pBt) ){
+ rc = sqlite3BtreeBeginTrans(pBt, 0);
+ if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ){
+ db->mallocFailed = 1;
+ }
+ if( rc!=SQLITE_OK ) return;
+ openedTransaction = 1;
+ }
+
+ /* Read the schema cookie from the database. If it does not match the
+ ** value stored as part of the in-memory schema representation,
+ ** set Parse.rc to SQLITE_SCHEMA. */
+ sqlite3BtreeGetMeta(pBt, BTREE_SCHEMA_VERSION, (u32 *)&cookie);
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( cookie!=db->aDb[iDb].pSchema->schema_cookie ){
+ sqlite3ResetOneSchema(db, iDb);
+ pParse->rc = SQLITE_SCHEMA;
+ }
+
+ /* Close the transaction, if one was opened. */
+ if( openedTransaction ){
+ sqlite3BtreeCommit(pBt);
+ }
+ }
+}
+
+/*
+** Convert a schema pointer into the iDb index that indicates
+** which database file in db->aDb[] the schema refers to.
+**
+** If the same database is attached more than once, the first
+** attached database is returned.
+*/
+SQLITE_PRIVATE int sqlite3SchemaToIndex(sqlite3 *db, Schema *pSchema){
+ int i = -1000000;
+
+ /* If pSchema is NULL, then return -1000000. This happens when code in
+ ** expr.c is trying to resolve a reference to a transient table (i.e. one
+ ** created by a sub-select). In this case the return value of this
+ ** function should never be used.
+ **
+ ** We return -1000000 instead of the more usual -1 simply because using
+ ** -1000000 as the incorrect index into db->aDb[] is much
+ ** more likely to cause a segfault than -1 (of course there are assert()
+ ** statements too, but it never hurts to play the odds).
+ */
+ assert( sqlite3_mutex_held(db->mutex) );
+ if( pSchema ){
+ for(i=0; ALWAYS(i<db->nDb); i++){
+ if( db->aDb[i].pSchema==pSchema ){
+ break;
+ }
+ }
+ assert( i>=0 && i<db->nDb );
+ }
+ return i;
+}
+
+/*
+** Free all memory allocations in the pParse object
+*/
+SQLITE_PRIVATE void sqlite3ParserReset(Parse *pParse){
+ if( pParse ){
+ sqlite3 *db = pParse->db;
+ sqlite3DbFree(db, pParse->aLabel);
+ sqlite3ExprListDelete(db, pParse->pConstExpr);
+ }
+}
+
+/*
+** Compile the UTF-8 encoded SQL statement zSql into a statement handle.
+*/
+static int sqlite3Prepare(
+ sqlite3 *db, /* Database handle. */
+ const char *zSql, /* UTF-8 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ int saveSqlFlag, /* True to copy SQL text into the sqlite3_stmt */
+ Vdbe *pReprepare, /* VM being reprepared */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const char **pzTail /* OUT: End of parsed string */
+){
+ Parse *pParse; /* Parsing context */
+ char *zErrMsg = 0; /* Error message */
+ int rc = SQLITE_OK; /* Result code */
+ int i; /* Loop counter */
+
+ /* Allocate the parsing context */
+ pParse = sqlite3StackAllocZero(db, sizeof(*pParse));
+ if( pParse==0 ){
+ rc = SQLITE_NOMEM;
+ goto end_prepare;
+ }
+ pParse->pReprepare = pReprepare;
+ assert( ppStmt && *ppStmt==0 );
+ assert( !db->mallocFailed );
+ assert( sqlite3_mutex_held(db->mutex) );
+
+ /* Check to verify that it is possible to get a read lock on all
+ ** database schemas. The inability to get a read lock indicates that
+ ** some other database connection is holding a write-lock, which in
+ ** turn means that the other connection has made uncommitted changes
+ ** to the schema.
+ **
+ ** Were we to proceed and prepare the statement against the uncommitted
+ ** schema changes and if those schema changes are subsequently rolled
+ ** back and different changes are made in their place, then when this
+ ** prepared statement goes to run the schema cookie would fail to detect
+ ** the schema change. Disaster would follow.
+ **
+ ** This thread is currently holding mutexes on all Btrees (because
+ ** of the sqlite3BtreeEnterAll() in sqlite3LockAndPrepare()) so it
+ ** is not possible for another thread to start a new schema change
+ ** while this routine is running. Hence, we do not need to hold
+ ** locks on the schema, we just need to make sure nobody else is
+ ** holding them.
+ **
+ ** Note that setting READ_UNCOMMITTED overrides most lock detection,
+ ** but it does *not* override schema lock detection, so this all still
+ ** works even if READ_UNCOMMITTED is set.
+ */
+ for(i=0; i<db->nDb; i++) {
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ assert( sqlite3BtreeHoldsMutex(pBt) );
+ rc = sqlite3BtreeSchemaLocked(pBt);
+ if( rc ){
+ const char *zDb = db->aDb[i].zName;
+ sqlite3ErrorWithMsg(db, rc, "database schema is locked: %s", zDb);
+ testcase( db->flags & SQLITE_ReadUncommitted );
+ goto end_prepare;
+ }
+ }
+ }
+
+ sqlite3VtabUnlockList(db);
+
+ pParse->db = db;
+ pParse->nQueryLoop = 0; /* Logarithmic, so 0 really means 1 */
+ if( nBytes>=0 && (nBytes==0 || zSql[nBytes-1]!=0) ){
+ char *zSqlCopy;
+ int mxLen = db->aLimit[SQLITE_LIMIT_SQL_LENGTH];
+ testcase( nBytes==mxLen );
+ testcase( nBytes==mxLen+1 );
+ if( nBytes>mxLen ){
+ sqlite3ErrorWithMsg(db, SQLITE_TOOBIG, "statement too long");
+ rc = sqlite3ApiExit(db, SQLITE_TOOBIG);
+ goto end_prepare;
+ }
+ zSqlCopy = sqlite3DbStrNDup(db, zSql, nBytes);
+ if( zSqlCopy ){
+ sqlite3RunParser(pParse, zSqlCopy, &zErrMsg);
+ sqlite3DbFree(db, zSqlCopy);
+ pParse->zTail = &zSql[pParse->zTail-zSqlCopy];
+ }else{
+ pParse->zTail = &zSql[nBytes];
+ }
+ }else{
+ sqlite3RunParser(pParse, zSql, &zErrMsg);
+ }
+ assert( 0==pParse->nQueryLoop );
+
+ if( db->mallocFailed ){
+ pParse->rc = SQLITE_NOMEM;
+ }
+ if( pParse->rc==SQLITE_DONE ) pParse->rc = SQLITE_OK;
+ if( pParse->checkSchema ){
+ schemaIsValid(pParse);
+ }
+ if( db->mallocFailed ){
+ pParse->rc = SQLITE_NOMEM;
+ }
+ if( pzTail ){
+ *pzTail = pParse->zTail;
+ }
+ rc = pParse->rc;
+
+#ifndef SQLITE_OMIT_EXPLAIN
+ if( rc==SQLITE_OK && pParse->pVdbe && pParse->explain ){
+ static const char * const azColName[] = {
+ "addr", "opcode", "p1", "p2", "p3", "p4", "p5", "comment",
+ "selectid", "order", "from", "detail"
+ };
+ int iFirst, mx;
+ if( pParse->explain==2 ){
+ sqlite3VdbeSetNumCols(pParse->pVdbe, 4);
+ iFirst = 8;
+ mx = 12;
+ }else{
+ sqlite3VdbeSetNumCols(pParse->pVdbe, 8);
+ iFirst = 0;
+ mx = 8;
+ }
+ for(i=iFirst; i<mx; i++){
+ sqlite3VdbeSetColName(pParse->pVdbe, i-iFirst, COLNAME_NAME,
+ azColName[i], SQLITE_STATIC);
+ }
+ }
+#endif
+
+ if( db->init.busy==0 ){
+ Vdbe *pVdbe = pParse->pVdbe;
+ sqlite3VdbeSetSql(pVdbe, zSql, (int)(pParse->zTail-zSql), saveSqlFlag);
+ }
+ if( pParse->pVdbe && (rc!=SQLITE_OK || db->mallocFailed) ){
+ sqlite3VdbeFinalize(pParse->pVdbe);
+ assert(!(*ppStmt));
+ }else{
+ *ppStmt = (sqlite3_stmt*)pParse->pVdbe;
+ }
+
+ if( zErrMsg ){
+ sqlite3ErrorWithMsg(db, rc, "%s", zErrMsg);
+ sqlite3DbFree(db, zErrMsg);
+ }else{
+ sqlite3Error(db, rc);
+ }
+
+ /* Delete any TriggerPrg structures allocated while parsing this statement. */
+ while( pParse->pTriggerPrg ){
+ TriggerPrg *pT = pParse->pTriggerPrg;
+ pParse->pTriggerPrg = pT->pNext;
+ sqlite3DbFree(db, pT);
+ }
+
+end_prepare:
+
+ sqlite3ParserReset(pParse);
+ sqlite3StackFree(db, pParse);
+ rc = sqlite3ApiExit(db, rc);
+ assert( (rc&db->errMask)==rc );
+ return rc;
+}
+static int sqlite3LockAndPrepare(
+ sqlite3 *db, /* Database handle. */
+ const char *zSql, /* UTF-8 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ int saveSqlFlag, /* True to copy SQL text into the sqlite3_stmt */
+ Vdbe *pOld, /* VM being reprepared */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const char **pzTail /* OUT: End of parsed string */
+){
+ int rc;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( ppStmt==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ *ppStmt = 0;
+ if( !sqlite3SafetyCheckOk(db)||zSql==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ sqlite3_mutex_enter(db->mutex);
+ sqlite3BtreeEnterAll(db);
+ rc = sqlite3Prepare(db, zSql, nBytes, saveSqlFlag, pOld, ppStmt, pzTail);
+ if( rc==SQLITE_SCHEMA ){
+ sqlite3_finalize(*ppStmt);
+ rc = sqlite3Prepare(db, zSql, nBytes, saveSqlFlag, pOld, ppStmt, pzTail);
+ }
+ sqlite3BtreeLeaveAll(db);
+ sqlite3_mutex_leave(db->mutex);
+ assert( rc==SQLITE_OK || *ppStmt==0 );
+ return rc;
+}
+
+/*
+** Rerun the compilation of a statement after a schema change.
+**
+** If the statement is successfully recompiled, return SQLITE_OK. Otherwise,
+** if the statement cannot be recompiled because another connection has
+** locked the sqlite3_master table, return SQLITE_LOCKED. If any other error
+** occurs, return SQLITE_SCHEMA.
+*/
+SQLITE_PRIVATE int sqlite3Reprepare(Vdbe *p){
+ int rc;
+ sqlite3_stmt *pNew;
+ const char *zSql;
+ sqlite3 *db;
+
+ assert( sqlite3_mutex_held(sqlite3VdbeDb(p)->mutex) );
+ zSql = sqlite3_sql((sqlite3_stmt *)p);
+ assert( zSql!=0 ); /* Reprepare only called for prepare_v2() statements */
+ db = sqlite3VdbeDb(p);
+ assert( sqlite3_mutex_held(db->mutex) );
+ rc = sqlite3LockAndPrepare(db, zSql, -1, 0, p, &pNew, 0);
+ if( rc ){
+ if( rc==SQLITE_NOMEM ){
+ db->mallocFailed = 1;
+ }
+ assert( pNew==0 );
+ return rc;
+ }else{
+ assert( pNew!=0 );
+ }
+ sqlite3VdbeSwap((Vdbe*)pNew, p);
+ sqlite3TransferBindings(pNew, (sqlite3_stmt*)p);
+ sqlite3VdbeResetStepResult((Vdbe*)pNew);
+ sqlite3VdbeFinalize((Vdbe*)pNew);
+ return SQLITE_OK;
+}
+
+
+/*
+** Two versions of the official API. Legacy and new use. In the legacy
+** version, the original SQL text is not saved in the prepared statement
+** and so if a schema change occurs, SQLITE_SCHEMA is returned by
+** sqlite3_step(). In the new version, the original SQL text is retained
+** and the statement is automatically recompiled if an schema change
+** occurs.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare(
+ sqlite3 *db, /* Database handle. */
+ const char *zSql, /* UTF-8 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const char **pzTail /* OUT: End of parsed string */
+){
+ int rc;
+ rc = sqlite3LockAndPrepare(db,zSql,nBytes,0,0,ppStmt,pzTail);
+ assert( rc==SQLITE_OK || ppStmt==0 || *ppStmt==0 ); /* VERIFY: F13021 */
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare_v2(
+ sqlite3 *db, /* Database handle. */
+ const char *zSql, /* UTF-8 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const char **pzTail /* OUT: End of parsed string */
+){
+ int rc;
+ rc = sqlite3LockAndPrepare(db,zSql,nBytes,1,0,ppStmt,pzTail);
+ assert( rc==SQLITE_OK || ppStmt==0 || *ppStmt==0 ); /* VERIFY: F13021 */
+ return rc;
+}
+
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** Compile the UTF-16 encoded SQL statement zSql into a statement handle.
+*/
+static int sqlite3Prepare16(
+ sqlite3 *db, /* Database handle. */
+ const void *zSql, /* UTF-16 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ int saveSqlFlag, /* True to save SQL text into the sqlite3_stmt */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const void **pzTail /* OUT: End of parsed string */
+){
+ /* This function currently works by first transforming the UTF-16
+ ** encoded string to UTF-8, then invoking sqlite3_prepare(). The
+ ** tricky bit is figuring out the pointer to return in *pzTail.
+ */
+ char *zSql8;
+ const char *zTail8 = 0;
+ int rc = SQLITE_OK;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( ppStmt==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ *ppStmt = 0;
+ if( !sqlite3SafetyCheckOk(db)||zSql==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ if( nBytes>=0 ){
+ int sz;
+ const char *z = (const char*)zSql;
+ for(sz=0; sz<nBytes && (z[sz]!=0 || z[sz+1]!=0); sz += 2){}
+ nBytes = sz;
+ }
+ sqlite3_mutex_enter(db->mutex);
+ zSql8 = sqlite3Utf16to8(db, zSql, nBytes, SQLITE_UTF16NATIVE);
+ if( zSql8 ){
+ rc = sqlite3LockAndPrepare(db, zSql8, -1, saveSqlFlag, 0, ppStmt, &zTail8);
+ }
+
+ if( zTail8 && pzTail ){
+ /* If sqlite3_prepare returns a tail pointer, we calculate the
+ ** equivalent pointer into the UTF-16 string by counting the unicode
+ ** characters between zSql8 and zTail8, and then returning a pointer
+ ** the same number of characters into the UTF-16 string.
+ */
+ int chars_parsed = sqlite3Utf8CharLen(zSql8, (int)(zTail8-zSql8));
+ *pzTail = (u8 *)zSql + sqlite3Utf16ByteLen(zSql, chars_parsed);
+ }
+ sqlite3DbFree(db, zSql8);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** Two versions of the official API. Legacy and new use. In the legacy
+** version, the original SQL text is not saved in the prepared statement
+** and so if a schema change occurs, SQLITE_SCHEMA is returned by
+** sqlite3_step(). In the new version, the original SQL text is retained
+** and the statement is automatically recompiled if an schema change
+** occurs.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare16(
+ sqlite3 *db, /* Database handle. */
+ const void *zSql, /* UTF-16 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const void **pzTail /* OUT: End of parsed string */
+){
+ int rc;
+ rc = sqlite3Prepare16(db,zSql,nBytes,0,ppStmt,pzTail);
+ assert( rc==SQLITE_OK || ppStmt==0 || *ppStmt==0 ); /* VERIFY: F13021 */
+ return rc;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare16_v2(
+ sqlite3 *db, /* Database handle. */
+ const void *zSql, /* UTF-16 encoded SQL statement. */
+ int nBytes, /* Length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: A pointer to the prepared statement */
+ const void **pzTail /* OUT: End of parsed string */
+){
+ int rc;
+ rc = sqlite3Prepare16(db,zSql,nBytes,1,ppStmt,pzTail);
+ assert( rc==SQLITE_OK || ppStmt==0 || *ppStmt==0 ); /* VERIFY: F13021 */
+ return rc;
+}
+
+#endif /* SQLITE_OMIT_UTF16 */
+
+/************** End of prepare.c *********************************************/
+/************** Begin file select.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains C code routines that are called by the parser
+** to handle SELECT statements in SQLite.
+*/
+/* #include "sqliteInt.h" */
+
+/*
+** Trace output macros
+*/
+#if SELECTTRACE_ENABLED
+/***/ int sqlite3SelectTrace = 0;
+# define SELECTTRACE(K,P,S,X) \
+ if(sqlite3SelectTrace&(K)) \
+ sqlite3DebugPrintf("%*s%s.%p: ",(P)->nSelectIndent*2-2,"",\
+ (S)->zSelName,(S)),\
+ sqlite3DebugPrintf X
+#else
+# define SELECTTRACE(K,P,S,X)
+#endif
+
+
+/*
+** An instance of the following object is used to record information about
+** how to process the DISTINCT keyword, to simplify passing that information
+** into the selectInnerLoop() routine.
+*/
+typedef struct DistinctCtx DistinctCtx;
+struct DistinctCtx {
+ u8 isTnct; /* True if the DISTINCT keyword is present */
+ u8 eTnctType; /* One of the WHERE_DISTINCT_* operators */
+ int tabTnct; /* Ephemeral table used for DISTINCT processing */
+ int addrTnct; /* Address of OP_OpenEphemeral opcode for tabTnct */
+};
+
+/*
+** An instance of the following object is used to record information about
+** the ORDER BY (or GROUP BY) clause of query is being coded.
+*/
+typedef struct SortCtx SortCtx;
+struct SortCtx {
+ ExprList *pOrderBy; /* The ORDER BY (or GROUP BY clause) */
+ int nOBSat; /* Number of ORDER BY terms satisfied by indices */
+ int iECursor; /* Cursor number for the sorter */
+ int regReturn; /* Register holding block-output return address */
+ int labelBkOut; /* Start label for the block-output subroutine */
+ int addrSortIndex; /* Address of the OP_SorterOpen or OP_OpenEphemeral */
+ int labelDone; /* Jump here when done, ex: LIMIT reached */
+ u8 sortFlags; /* Zero or more SORTFLAG_* bits */
+};
+#define SORTFLAG_UseSorter 0x01 /* Use SorterOpen instead of OpenEphemeral */
+
+/*
+** Delete all the content of a Select structure. Deallocate the structure
+** itself only if bFree is true.
+*/
+static void clearSelect(sqlite3 *db, Select *p, int bFree){
+ while( p ){
+ Select *pPrior = p->pPrior;
+ sqlite3ExprListDelete(db, p->pEList);
+ sqlite3SrcListDelete(db, p->pSrc);
+ sqlite3ExprDelete(db, p->pWhere);
+ sqlite3ExprListDelete(db, p->pGroupBy);
+ sqlite3ExprDelete(db, p->pHaving);
+ sqlite3ExprListDelete(db, p->pOrderBy);
+ sqlite3ExprDelete(db, p->pLimit);
+ sqlite3ExprDelete(db, p->pOffset);
+ sqlite3WithDelete(db, p->pWith);
+ if( bFree ) sqlite3DbFree(db, p);
+ p = pPrior;
+ bFree = 1;
+ }
+}
+
+/*
+** Initialize a SelectDest structure.
+*/
+SQLITE_PRIVATE void sqlite3SelectDestInit(SelectDest *pDest, int eDest, int iParm){
+ pDest->eDest = (u8)eDest;
+ pDest->iSDParm = iParm;
+ pDest->affSdst = 0;
+ pDest->iSdst = 0;
+ pDest->nSdst = 0;
+}
+
+
+/*
+** Allocate a new Select structure and return a pointer to that
+** structure.
+*/
+SQLITE_PRIVATE Select *sqlite3SelectNew(
+ Parse *pParse, /* Parsing context */
+ ExprList *pEList, /* which columns to include in the result */
+ SrcList *pSrc, /* the FROM clause -- which tables to scan */
+ Expr *pWhere, /* the WHERE clause */
+ ExprList *pGroupBy, /* the GROUP BY clause */
+ Expr *pHaving, /* the HAVING clause */
+ ExprList *pOrderBy, /* the ORDER BY clause */
+ u16 selFlags, /* Flag parameters, such as SF_Distinct */
+ Expr *pLimit, /* LIMIT value. NULL means not used */
+ Expr *pOffset /* OFFSET value. NULL means no offset */
+){
+ Select *pNew;
+ Select standin;
+ sqlite3 *db = pParse->db;
+ pNew = sqlite3DbMallocZero(db, sizeof(*pNew) );
+ if( pNew==0 ){
+ assert( db->mallocFailed );
+ pNew = &standin;
+ memset(pNew, 0, sizeof(*pNew));
+ }
+ if( pEList==0 ){
+ pEList = sqlite3ExprListAppend(pParse, 0, sqlite3Expr(db,TK_ASTERISK,0));
+ }
+ pNew->pEList = pEList;
+ if( pSrc==0 ) pSrc = sqlite3DbMallocZero(db, sizeof(*pSrc));
+ pNew->pSrc = pSrc;
+ pNew->pWhere = pWhere;
+ pNew->pGroupBy = pGroupBy;
+ pNew->pHaving = pHaving;
+ pNew->pOrderBy = pOrderBy;
+ pNew->selFlags = selFlags;
+ pNew->op = TK_SELECT;
+ pNew->pLimit = pLimit;
+ pNew->pOffset = pOffset;
+ assert( pOffset==0 || pLimit!=0 || pParse->nErr>0 || db->mallocFailed!=0 );
+ pNew->addrOpenEphm[0] = -1;
+ pNew->addrOpenEphm[1] = -1;
+ if( db->mallocFailed ) {
+ clearSelect(db, pNew, pNew!=&standin);
+ pNew = 0;
+ }else{
+ assert( pNew->pSrc!=0 || pParse->nErr>0 );
+ }
+ assert( pNew!=&standin );
+ return pNew;
+}
+
+#if SELECTTRACE_ENABLED
+/*
+** Set the name of a Select object
+*/
+SQLITE_PRIVATE void sqlite3SelectSetName(Select *p, const char *zName){
+ if( p && zName ){
+ sqlite3_snprintf(sizeof(p->zSelName), p->zSelName, "%s", zName);
+ }
+}
+#endif
+
+
+/*
+** Delete the given Select structure and all of its substructures.
+*/
+SQLITE_PRIVATE void sqlite3SelectDelete(sqlite3 *db, Select *p){
+ clearSelect(db, p, 1);
+}
+
+/*
+** Return a pointer to the right-most SELECT statement in a compound.
+*/
+static Select *findRightmost(Select *p){
+ while( p->pNext ) p = p->pNext;
+ return p;
+}
+
+/*
+** Given 1 to 3 identifiers preceding the JOIN keyword, determine the
+** type of join. Return an integer constant that expresses that type
+** in terms of the following bit values:
+**
+** JT_INNER
+** JT_CROSS
+** JT_OUTER
+** JT_NATURAL
+** JT_LEFT
+** JT_RIGHT
+**
+** A full outer join is the combination of JT_LEFT and JT_RIGHT.
+**
+** If an illegal or unsupported join type is seen, then still return
+** a join type, but put an error in the pParse structure.
+*/
+SQLITE_PRIVATE int sqlite3JoinType(Parse *pParse, Token *pA, Token *pB, Token *pC){
+ int jointype = 0;
+ Token *apAll[3];
+ Token *p;
+ /* 0123456789 123456789 123456789 123 */
+ static const char zKeyText[] = "naturaleftouterightfullinnercross";
+ static const struct {
+ u8 i; /* Beginning of keyword text in zKeyText[] */
+ u8 nChar; /* Length of the keyword in characters */
+ u8 code; /* Join type mask */
+ } aKeyword[] = {
+ /* natural */ { 0, 7, JT_NATURAL },
+ /* left */ { 6, 4, JT_LEFT|JT_OUTER },
+ /* outer */ { 10, 5, JT_OUTER },
+ /* right */ { 14, 5, JT_RIGHT|JT_OUTER },
+ /* full */ { 19, 4, JT_LEFT|JT_RIGHT|JT_OUTER },
+ /* inner */ { 23, 5, JT_INNER },
+ /* cross */ { 28, 5, JT_INNER|JT_CROSS },
+ };
+ int i, j;
+ apAll[0] = pA;
+ apAll[1] = pB;
+ apAll[2] = pC;
+ for(i=0; i<3 && apAll[i]; i++){
+ p = apAll[i];
+ for(j=0; j<ArraySize(aKeyword); j++){
+ if( p->n==aKeyword[j].nChar
+ && sqlite3StrNICmp((char*)p->z, &zKeyText[aKeyword[j].i], p->n)==0 ){
+ jointype |= aKeyword[j].code;
+ break;
+ }
+ }
+ testcase( j==0 || j==1 || j==2 || j==3 || j==4 || j==5 || j==6 );
+ if( j>=ArraySize(aKeyword) ){
+ jointype |= JT_ERROR;
+ break;
+ }
+ }
+ if(
+ (jointype & (JT_INNER|JT_OUTER))==(JT_INNER|JT_OUTER) ||
+ (jointype & JT_ERROR)!=0
+ ){
+ const char *zSp = " ";
+ assert( pB!=0 );
+ if( pC==0 ){ zSp++; }
+ sqlite3ErrorMsg(pParse, "unknown or unsupported join type: "
+ "%T %T%s%T", pA, pB, zSp, pC);
+ jointype = JT_INNER;
+ }else if( (jointype & JT_OUTER)!=0
+ && (jointype & (JT_LEFT|JT_RIGHT))!=JT_LEFT ){
+ sqlite3ErrorMsg(pParse,
+ "RIGHT and FULL OUTER JOINs are not currently supported");
+ jointype = JT_INNER;
+ }
+ return jointype;
+}
+
+/*
+** Return the index of a column in a table. Return -1 if the column
+** is not contained in the table.
+*/
+static int columnIndex(Table *pTab, const char *zCol){
+ int i;
+ for(i=0; i<pTab->nCol; i++){
+ if( sqlite3StrICmp(pTab->aCol[i].zName, zCol)==0 ) return i;
+ }
+ return -1;
+}
+
+/*
+** Search the first N tables in pSrc, from left to right, looking for a
+** table that has a column named zCol.
+**
+** When found, set *piTab and *piCol to the table index and column index
+** of the matching column and return TRUE.
+**
+** If not found, return FALSE.
+*/
+static int tableAndColumnIndex(
+ SrcList *pSrc, /* Array of tables to search */
+ int N, /* Number of tables in pSrc->a[] to search */
+ const char *zCol, /* Name of the column we are looking for */
+ int *piTab, /* Write index of pSrc->a[] here */
+ int *piCol /* Write index of pSrc->a[*piTab].pTab->aCol[] here */
+){
+ int i; /* For looping over tables in pSrc */
+ int iCol; /* Index of column matching zCol */
+
+ assert( (piTab==0)==(piCol==0) ); /* Both or neither are NULL */
+ for(i=0; i<N; i++){
+ iCol = columnIndex(pSrc->a[i].pTab, zCol);
+ if( iCol>=0 ){
+ if( piTab ){
+ *piTab = i;
+ *piCol = iCol;
+ }
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** This function is used to add terms implied by JOIN syntax to the
+** WHERE clause expression of a SELECT statement. The new term, which
+** is ANDed with the existing WHERE clause, is of the form:
+**
+** (tab1.col1 = tab2.col2)
+**
+** where tab1 is the iSrc'th table in SrcList pSrc and tab2 is the
+** (iSrc+1)'th. Column col1 is column iColLeft of tab1, and col2 is
+** column iColRight of tab2.
+*/
+static void addWhereTerm(
+ Parse *pParse, /* Parsing context */
+ SrcList *pSrc, /* List of tables in FROM clause */
+ int iLeft, /* Index of first table to join in pSrc */
+ int iColLeft, /* Index of column in first table */
+ int iRight, /* Index of second table in pSrc */
+ int iColRight, /* Index of column in second table */
+ int isOuterJoin, /* True if this is an OUTER join */
+ Expr **ppWhere /* IN/OUT: The WHERE clause to add to */
+){
+ sqlite3 *db = pParse->db;
+ Expr *pE1;
+ Expr *pE2;
+ Expr *pEq;
+
+ assert( iLeft<iRight );
+ assert( pSrc->nSrc>iRight );
+ assert( pSrc->a[iLeft].pTab );
+ assert( pSrc->a[iRight].pTab );
+
+ pE1 = sqlite3CreateColumnExpr(db, pSrc, iLeft, iColLeft);
+ pE2 = sqlite3CreateColumnExpr(db, pSrc, iRight, iColRight);
+
+ pEq = sqlite3PExpr(pParse, TK_EQ, pE1, pE2, 0);
+ if( pEq && isOuterJoin ){
+ ExprSetProperty(pEq, EP_FromJoin);
+ assert( !ExprHasProperty(pEq, EP_TokenOnly|EP_Reduced) );
+ ExprSetVVAProperty(pEq, EP_NoReduce);
+ pEq->iRightJoinTable = (i16)pE2->iTable;
+ }
+ *ppWhere = sqlite3ExprAnd(db, *ppWhere, pEq);
+}
+
+/*
+** Set the EP_FromJoin property on all terms of the given expression.
+** And set the Expr.iRightJoinTable to iTable for every term in the
+** expression.
+**
+** The EP_FromJoin property is used on terms of an expression to tell
+** the LEFT OUTER JOIN processing logic that this term is part of the
+** join restriction specified in the ON or USING clause and not a part
+** of the more general WHERE clause. These terms are moved over to the
+** WHERE clause during join processing but we need to remember that they
+** originated in the ON or USING clause.
+**
+** The Expr.iRightJoinTable tells the WHERE clause processing that the
+** expression depends on table iRightJoinTable even if that table is not
+** explicitly mentioned in the expression. That information is needed
+** for cases like this:
+**
+** SELECT * FROM t1 LEFT JOIN t2 ON t1.a=t2.b AND t1.x=5
+**
+** The where clause needs to defer the handling of the t1.x=5
+** term until after the t2 loop of the join. In that way, a
+** NULL t2 row will be inserted whenever t1.x!=5. If we do not
+** defer the handling of t1.x=5, it will be processed immediately
+** after the t1 loop and rows with t1.x!=5 will never appear in
+** the output, which is incorrect.
+*/
+static void setJoinExpr(Expr *p, int iTable){
+ while( p ){
+ ExprSetProperty(p, EP_FromJoin);
+ assert( !ExprHasProperty(p, EP_TokenOnly|EP_Reduced) );
+ ExprSetVVAProperty(p, EP_NoReduce);
+ p->iRightJoinTable = (i16)iTable;
+ if( p->op==TK_FUNCTION && p->x.pList ){
+ int i;
+ for(i=0; i<p->x.pList->nExpr; i++){
+ setJoinExpr(p->x.pList->a[i].pExpr, iTable);
+ }
+ }
+ setJoinExpr(p->pLeft, iTable);
+ p = p->pRight;
+ }
+}
+
+/*
+** This routine processes the join information for a SELECT statement.
+** ON and USING clauses are converted into extra terms of the WHERE clause.
+** NATURAL joins also create extra WHERE clause terms.
+**
+** The terms of a FROM clause are contained in the Select.pSrc structure.
+** The left most table is the first entry in Select.pSrc. The right-most
+** table is the last entry. The join operator is held in the entry to
+** the left. Thus entry 0 contains the join operator for the join between
+** entries 0 and 1. Any ON or USING clauses associated with the join are
+** also attached to the left entry.
+**
+** This routine returns the number of errors encountered.
+*/
+static int sqliteProcessJoin(Parse *pParse, Select *p){
+ SrcList *pSrc; /* All tables in the FROM clause */
+ int i, j; /* Loop counters */
+ struct SrcList_item *pLeft; /* Left table being joined */
+ struct SrcList_item *pRight; /* Right table being joined */
+
+ pSrc = p->pSrc;
+ pLeft = &pSrc->a[0];
+ pRight = &pLeft[1];
+ for(i=0; i<pSrc->nSrc-1; i++, pRight++, pLeft++){
+ Table *pLeftTab = pLeft->pTab;
+ Table *pRightTab = pRight->pTab;
+ int isOuter;
+
+ if( NEVER(pLeftTab==0 || pRightTab==0) ) continue;
+ isOuter = (pRight->fg.jointype & JT_OUTER)!=0;
+
+ /* When the NATURAL keyword is present, add WHERE clause terms for
+ ** every column that the two tables have in common.
+ */
+ if( pRight->fg.jointype & JT_NATURAL ){
+ if( pRight->pOn || pRight->pUsing ){
+ sqlite3ErrorMsg(pParse, "a NATURAL join may not have "
+ "an ON or USING clause", 0);
+ return 1;
+ }
+ for(j=0; j<pRightTab->nCol; j++){
+ char *zName; /* Name of column in the right table */
+ int iLeft; /* Matching left table */
+ int iLeftCol; /* Matching column in the left table */
+
+ zName = pRightTab->aCol[j].zName;
+ if( tableAndColumnIndex(pSrc, i+1, zName, &iLeft, &iLeftCol) ){
+ addWhereTerm(pParse, pSrc, iLeft, iLeftCol, i+1, j,
+ isOuter, &p->pWhere);
+ }
+ }
+ }
+
+ /* Disallow both ON and USING clauses in the same join
+ */
+ if( pRight->pOn && pRight->pUsing ){
+ sqlite3ErrorMsg(pParse, "cannot have both ON and USING "
+ "clauses in the same join");
+ return 1;
+ }
+
+ /* Add the ON clause to the end of the WHERE clause, connected by
+ ** an AND operator.
+ */
+ if( pRight->pOn ){
+ if( isOuter ) setJoinExpr(pRight->pOn, pRight->iCursor);
+ p->pWhere = sqlite3ExprAnd(pParse->db, p->pWhere, pRight->pOn);
+ pRight->pOn = 0;
+ }
+
+ /* Create extra terms on the WHERE clause for each column named
+ ** in the USING clause. Example: If the two tables to be joined are
+ ** A and B and the USING clause names X, Y, and Z, then add this
+ ** to the WHERE clause: A.X=B.X AND A.Y=B.Y AND A.Z=B.Z
+ ** Report an error if any column mentioned in the USING clause is
+ ** not contained in both tables to be joined.
+ */
+ if( pRight->pUsing ){
+ IdList *pList = pRight->pUsing;
+ for(j=0; j<pList->nId; j++){
+ char *zName; /* Name of the term in the USING clause */
+ int iLeft; /* Table on the left with matching column name */
+ int iLeftCol; /* Column number of matching column on the left */
+ int iRightCol; /* Column number of matching column on the right */
+
+ zName = pList->a[j].zName;
+ iRightCol = columnIndex(pRightTab, zName);
+ if( iRightCol<0
+ || !tableAndColumnIndex(pSrc, i+1, zName, &iLeft, &iLeftCol)
+ ){
+ sqlite3ErrorMsg(pParse, "cannot join using column %s - column "
+ "not present in both tables", zName);
+ return 1;
+ }
+ addWhereTerm(pParse, pSrc, iLeft, iLeftCol, i+1, iRightCol,
+ isOuter, &p->pWhere);
+ }
+ }
+ }
+ return 0;
+}
+
+/* Forward reference */
+static KeyInfo *keyInfoFromExprList(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* Form the KeyInfo object from this ExprList */
+ int iStart, /* Begin with this column of pList */
+ int nExtra /* Add this many extra columns to the end */
+);
+
+/*
+** Generate code that will push the record in registers regData
+** through regData+nData-1 onto the sorter.
+*/
+static void pushOntoSorter(
+ Parse *pParse, /* Parser context */
+ SortCtx *pSort, /* Information about the ORDER BY clause */
+ Select *pSelect, /* The whole SELECT statement */
+ int regData, /* First register holding data to be sorted */
+ int regOrigData, /* First register holding data before packing */
+ int nData, /* Number of elements in the data array */
+ int nPrefixReg /* No. of reg prior to regData available for use */
+){
+ Vdbe *v = pParse->pVdbe; /* Stmt under construction */
+ int bSeq = ((pSort->sortFlags & SORTFLAG_UseSorter)==0);
+ int nExpr = pSort->pOrderBy->nExpr; /* No. of ORDER BY terms */
+ int nBase = nExpr + bSeq + nData; /* Fields in sorter record */
+ int regBase; /* Regs for sorter record */
+ int regRecord = ++pParse->nMem; /* Assembled sorter record */
+ int nOBSat = pSort->nOBSat; /* ORDER BY terms to skip */
+ int op; /* Opcode to add sorter record to sorter */
+ int iLimit; /* LIMIT counter */
+
+ assert( bSeq==0 || bSeq==1 );
+ assert( nData==1 || regData==regOrigData );
+ if( nPrefixReg ){
+ assert( nPrefixReg==nExpr+bSeq );
+ regBase = regData - nExpr - bSeq;
+ }else{
+ regBase = pParse->nMem + 1;
+ pParse->nMem += nBase;
+ }
+ assert( pSelect->iOffset==0 || pSelect->iLimit!=0 );
+ iLimit = pSelect->iOffset ? pSelect->iOffset+1 : pSelect->iLimit;
+ pSort->labelDone = sqlite3VdbeMakeLabel(v);
+ sqlite3ExprCodeExprList(pParse, pSort->pOrderBy, regBase, regOrigData,
+ SQLITE_ECEL_DUP|SQLITE_ECEL_REF);
+ if( bSeq ){
+ sqlite3VdbeAddOp2(v, OP_Sequence, pSort->iECursor, regBase+nExpr);
+ }
+ if( nPrefixReg==0 ){
+ sqlite3ExprCodeMove(pParse, regData, regBase+nExpr+bSeq, nData);
+ }
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase+nOBSat, nBase-nOBSat, regRecord);
+ if( nOBSat>0 ){
+ int regPrevKey; /* The first nOBSat columns of the previous row */
+ int addrFirst; /* Address of the OP_IfNot opcode */
+ int addrJmp; /* Address of the OP_Jump opcode */
+ VdbeOp *pOp; /* Opcode that opens the sorter */
+ int nKey; /* Number of sorting key columns, including OP_Sequence */
+ KeyInfo *pKI; /* Original KeyInfo on the sorter table */
+
+ regPrevKey = pParse->nMem+1;
+ pParse->nMem += pSort->nOBSat;
+ nKey = nExpr - pSort->nOBSat + bSeq;
+ if( bSeq ){
+ addrFirst = sqlite3VdbeAddOp1(v, OP_IfNot, regBase+nExpr);
+ }else{
+ addrFirst = sqlite3VdbeAddOp1(v, OP_SequenceTest, pSort->iECursor);
+ }
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_Compare, regPrevKey, regBase, pSort->nOBSat);
+ pOp = sqlite3VdbeGetOp(v, pSort->addrSortIndex);
+ if( pParse->db->mallocFailed ) return;
+ pOp->p2 = nKey + nData;
+ pKI = pOp->p4.pKeyInfo;
+ memset(pKI->aSortOrder, 0, pKI->nField); /* Makes OP_Jump below testable */
+ sqlite3VdbeChangeP4(v, -1, (char*)pKI, P4_KEYINFO);
+ testcase( pKI->nXField>2 );
+ pOp->p4.pKeyInfo = keyInfoFromExprList(pParse, pSort->pOrderBy, nOBSat,
+ pKI->nXField-1);
+ addrJmp = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp3(v, OP_Jump, addrJmp+1, 0, addrJmp+1); VdbeCoverage(v);
+ pSort->labelBkOut = sqlite3VdbeMakeLabel(v);
+ pSort->regReturn = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Gosub, pSort->regReturn, pSort->labelBkOut);
+ sqlite3VdbeAddOp1(v, OP_ResetSorter, pSort->iECursor);
+ if( iLimit ){
+ sqlite3VdbeAddOp2(v, OP_IfNot, iLimit, pSort->labelDone);
+ VdbeCoverage(v);
+ }
+ sqlite3VdbeJumpHere(v, addrFirst);
+ sqlite3ExprCodeMove(pParse, regBase, regPrevKey, pSort->nOBSat);
+ sqlite3VdbeJumpHere(v, addrJmp);
+ }
+ if( pSort->sortFlags & SORTFLAG_UseSorter ){
+ op = OP_SorterInsert;
+ }else{
+ op = OP_IdxInsert;
+ }
+ sqlite3VdbeAddOp2(v, op, pSort->iECursor, regRecord);
+ if( iLimit ){
+ int addr;
+ addr = sqlite3VdbeAddOp3(v, OP_IfNotZero, iLimit, 0, 1); VdbeCoverage(v);
+ sqlite3VdbeAddOp1(v, OP_Last, pSort->iECursor);
+ sqlite3VdbeAddOp1(v, OP_Delete, pSort->iECursor);
+ sqlite3VdbeJumpHere(v, addr);
+ }
+}
+
+/*
+** Add code to implement the OFFSET
+*/
+static void codeOffset(
+ Vdbe *v, /* Generate code into this VM */
+ int iOffset, /* Register holding the offset counter */
+ int iContinue /* Jump here to skip the current record */
+){
+ if( iOffset>0 ){
+ sqlite3VdbeAddOp3(v, OP_IfPos, iOffset, iContinue, 1); VdbeCoverage(v);
+ VdbeComment((v, "OFFSET"));
+ }
+}
+
+/*
+** Add code that will check to make sure the N registers starting at iMem
+** form a distinct entry. iTab is a sorting index that holds previously
+** seen combinations of the N values. A new entry is made in iTab
+** if the current N values are new.
+**
+** A jump to addrRepeat is made and the N+1 values are popped from the
+** stack if the top N elements are not distinct.
+*/
+static void codeDistinct(
+ Parse *pParse, /* Parsing and code generating context */
+ int iTab, /* A sorting index used to test for distinctness */
+ int addrRepeat, /* Jump to here if not distinct */
+ int N, /* Number of elements */
+ int iMem /* First element */
+){
+ Vdbe *v;
+ int r1;
+
+ v = pParse->pVdbe;
+ r1 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp4Int(v, OP_Found, iTab, addrRepeat, iMem, N); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, iMem, N, r1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iTab, r1);
+ sqlite3ReleaseTempReg(pParse, r1);
+}
+
+#ifndef SQLITE_OMIT_SUBQUERY
+/*
+** Generate an error message when a SELECT is used within a subexpression
+** (example: "a IN (SELECT * FROM table)") but it has more than 1 result
+** column. We do this in a subroutine because the error used to occur
+** in multiple places. (The error only occurs in one place now, but we
+** retain the subroutine to minimize code disruption.)
+*/
+static int checkForMultiColumnSelectError(
+ Parse *pParse, /* Parse context. */
+ SelectDest *pDest, /* Destination of SELECT results */
+ int nExpr /* Number of result columns returned by SELECT */
+){
+ int eDest = pDest->eDest;
+ if( nExpr>1 && (eDest==SRT_Mem || eDest==SRT_Set) ){
+ sqlite3ErrorMsg(pParse, "only a single result allowed for "
+ "a SELECT that is part of an expression");
+ return 1;
+ }else{
+ return 0;
+ }
+}
+#endif
+
+/*
+** This routine generates the code for the inside of the inner loop
+** of a SELECT.
+**
+** If srcTab is negative, then the pEList expressions
+** are evaluated in order to get the data for this row. If srcTab is
+** zero or more, then data is pulled from srcTab and pEList is used only
+** to get number columns and the datatype for each column.
+*/
+static void selectInnerLoop(
+ Parse *pParse, /* The parser context */
+ Select *p, /* The complete select statement being coded */
+ ExprList *pEList, /* List of values being extracted */
+ int srcTab, /* Pull data from this table */
+ SortCtx *pSort, /* If not NULL, info on how to process ORDER BY */
+ DistinctCtx *pDistinct, /* If not NULL, info on how to process DISTINCT */
+ SelectDest *pDest, /* How to dispose of the results */
+ int iContinue, /* Jump here to continue with next row */
+ int iBreak /* Jump here to break out of the inner loop */
+){
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ int hasDistinct; /* True if the DISTINCT keyword is present */
+ int regResult; /* Start of memory holding result set */
+ int eDest = pDest->eDest; /* How to dispose of results */
+ int iParm = pDest->iSDParm; /* First argument to disposal method */
+ int nResultCol; /* Number of result columns */
+ int nPrefixReg = 0; /* Number of extra registers before regResult */
+
+ assert( v );
+ assert( pEList!=0 );
+ hasDistinct = pDistinct ? pDistinct->eTnctType : WHERE_DISTINCT_NOOP;
+ if( pSort && pSort->pOrderBy==0 ) pSort = 0;
+ if( pSort==0 && !hasDistinct ){
+ assert( iContinue!=0 );
+ codeOffset(v, p->iOffset, iContinue);
+ }
+
+ /* Pull the requested columns.
+ */
+ nResultCol = pEList->nExpr;
+
+ if( pDest->iSdst==0 ){
+ if( pSort ){
+ nPrefixReg = pSort->pOrderBy->nExpr;
+ if( !(pSort->sortFlags & SORTFLAG_UseSorter) ) nPrefixReg++;
+ pParse->nMem += nPrefixReg;
+ }
+ pDest->iSdst = pParse->nMem+1;
+ pParse->nMem += nResultCol;
+ }else if( pDest->iSdst+nResultCol > pParse->nMem ){
+ /* This is an error condition that can result, for example, when a SELECT
+ ** on the right-hand side of an INSERT contains more result columns than
+ ** there are columns in the table on the left. The error will be caught
+ ** and reported later. But we need to make sure enough memory is allocated
+ ** to avoid other spurious errors in the meantime. */
+ pParse->nMem += nResultCol;
+ }
+ pDest->nSdst = nResultCol;
+ regResult = pDest->iSdst;
+ if( srcTab>=0 ){
+ for(i=0; i<nResultCol; i++){
+ sqlite3VdbeAddOp3(v, OP_Column, srcTab, i, regResult+i);
+ VdbeComment((v, "%s", pEList->a[i].zName));
+ }
+ }else if( eDest!=SRT_Exists ){
+ /* If the destination is an EXISTS(...) expression, the actual
+ ** values returned by the SELECT are not required.
+ */
+ u8 ecelFlags;
+ if( eDest==SRT_Mem || eDest==SRT_Output || eDest==SRT_Coroutine ){
+ ecelFlags = SQLITE_ECEL_DUP;
+ }else{
+ ecelFlags = 0;
+ }
+ sqlite3ExprCodeExprList(pParse, pEList, regResult, 0, ecelFlags);
+ }
+
+ /* If the DISTINCT keyword was present on the SELECT statement
+ ** and this row has been seen before, then do not make this row
+ ** part of the result.
+ */
+ if( hasDistinct ){
+ switch( pDistinct->eTnctType ){
+ case WHERE_DISTINCT_ORDERED: {
+ VdbeOp *pOp; /* No longer required OpenEphemeral instr. */
+ int iJump; /* Jump destination */
+ int regPrev; /* Previous row content */
+
+ /* Allocate space for the previous row */
+ regPrev = pParse->nMem+1;
+ pParse->nMem += nResultCol;
+
+ /* Change the OP_OpenEphemeral coded earlier to an OP_Null
+ ** sets the MEM_Cleared bit on the first register of the
+ ** previous value. This will cause the OP_Ne below to always
+ ** fail on the first iteration of the loop even if the first
+ ** row is all NULLs.
+ */
+ sqlite3VdbeChangeToNoop(v, pDistinct->addrTnct);
+ pOp = sqlite3VdbeGetOp(v, pDistinct->addrTnct);
+ pOp->opcode = OP_Null;
+ pOp->p1 = 1;
+ pOp->p2 = regPrev;
+
+ iJump = sqlite3VdbeCurrentAddr(v) + nResultCol;
+ for(i=0; i<nResultCol; i++){
+ CollSeq *pColl = sqlite3ExprCollSeq(pParse, pEList->a[i].pExpr);
+ if( i<nResultCol-1 ){
+ sqlite3VdbeAddOp3(v, OP_Ne, regResult+i, iJump, regPrev+i);
+ VdbeCoverage(v);
+ }else{
+ sqlite3VdbeAddOp3(v, OP_Eq, regResult+i, iContinue, regPrev+i);
+ VdbeCoverage(v);
+ }
+ sqlite3VdbeChangeP4(v, -1, (const char *)pColl, P4_COLLSEQ);
+ sqlite3VdbeChangeP5(v, SQLITE_NULLEQ);
+ }
+ assert( sqlite3VdbeCurrentAddr(v)==iJump || pParse->db->mallocFailed );
+ sqlite3VdbeAddOp3(v, OP_Copy, regResult, regPrev, nResultCol-1);
+ break;
+ }
+
+ case WHERE_DISTINCT_UNIQUE: {
+ sqlite3VdbeChangeToNoop(v, pDistinct->addrTnct);
+ break;
+ }
+
+ default: {
+ assert( pDistinct->eTnctType==WHERE_DISTINCT_UNORDERED );
+ codeDistinct(pParse, pDistinct->tabTnct, iContinue, nResultCol,
+ regResult);
+ break;
+ }
+ }
+ if( pSort==0 ){
+ codeOffset(v, p->iOffset, iContinue);
+ }
+ }
+
+ switch( eDest ){
+ /* In this mode, write each query result to the key of the temporary
+ ** table iParm.
+ */
+#ifndef SQLITE_OMIT_COMPOUND_SELECT
+ case SRT_Union: {
+ int r1;
+ r1 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regResult, nResultCol, r1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iParm, r1);
+ sqlite3ReleaseTempReg(pParse, r1);
+ break;
+ }
+
+ /* Construct a record from the query result, but instead of
+ ** saving that record, use it as a key to delete elements from
+ ** the temporary table iParm.
+ */
+ case SRT_Except: {
+ sqlite3VdbeAddOp3(v, OP_IdxDelete, iParm, regResult, nResultCol);
+ break;
+ }
+#endif /* SQLITE_OMIT_COMPOUND_SELECT */
+
+ /* Store the result as data using a unique key.
+ */
+ case SRT_Fifo:
+ case SRT_DistFifo:
+ case SRT_Table:
+ case SRT_EphemTab: {
+ int r1 = sqlite3GetTempRange(pParse, nPrefixReg+1);
+ testcase( eDest==SRT_Table );
+ testcase( eDest==SRT_EphemTab );
+ testcase( eDest==SRT_Fifo );
+ testcase( eDest==SRT_DistFifo );
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regResult, nResultCol, r1+nPrefixReg);
+#ifndef SQLITE_OMIT_CTE
+ if( eDest==SRT_DistFifo ){
+ /* If the destination is DistFifo, then cursor (iParm+1) is open
+ ** on an ephemeral index. If the current row is already present
+ ** in the index, do not write it to the output. If not, add the
+ ** current row to the index and proceed with writing it to the
+ ** output table as well. */
+ int addr = sqlite3VdbeCurrentAddr(v) + 4;
+ sqlite3VdbeAddOp4Int(v, OP_Found, iParm+1, addr, r1, 0);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iParm+1, r1);
+ assert( pSort==0 );
+ }
+#endif
+ if( pSort ){
+ pushOntoSorter(pParse, pSort, p, r1+nPrefixReg,regResult,1,nPrefixReg);
+ }else{
+ int r2 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, iParm, r2);
+ sqlite3VdbeAddOp3(v, OP_Insert, iParm, r1, r2);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+ sqlite3ReleaseTempReg(pParse, r2);
+ }
+ sqlite3ReleaseTempRange(pParse, r1, nPrefixReg+1);
+ break;
+ }
+
+#ifndef SQLITE_OMIT_SUBQUERY
+ /* If we are creating a set for an "expr IN (SELECT ...)" construct,
+ ** then there should be a single item on the stack. Write this
+ ** item into the set table with bogus data.
+ */
+ case SRT_Set: {
+ assert( nResultCol==1 );
+ pDest->affSdst =
+ sqlite3CompareAffinity(pEList->a[0].pExpr, pDest->affSdst);
+ if( pSort ){
+ /* At first glance you would think we could optimize out the
+ ** ORDER BY in this case since the order of entries in the set
+ ** does not matter. But there might be a LIMIT clause, in which
+ ** case the order does matter */
+ pushOntoSorter(pParse, pSort, p, regResult, regResult, 1, nPrefixReg);
+ }else{
+ int r1 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, regResult,1,r1, &pDest->affSdst, 1);
+ sqlite3ExprCacheAffinityChange(pParse, regResult, 1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iParm, r1);
+ sqlite3ReleaseTempReg(pParse, r1);
+ }
+ break;
+ }
+
+ /* If any row exist in the result set, record that fact and abort.
+ */
+ case SRT_Exists: {
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, iParm);
+ /* The LIMIT clause will terminate the loop for us */
+ break;
+ }
+
+ /* If this is a scalar select that is part of an expression, then
+ ** store the results in the appropriate memory cell and break out
+ ** of the scan loop.
+ */
+ case SRT_Mem: {
+ assert( nResultCol==1 );
+ if( pSort ){
+ pushOntoSorter(pParse, pSort, p, regResult, regResult, 1, nPrefixReg);
+ }else{
+ assert( regResult==iParm );
+ /* The LIMIT clause will jump out of the loop for us */
+ }
+ break;
+ }
+#endif /* #ifndef SQLITE_OMIT_SUBQUERY */
+
+ case SRT_Coroutine: /* Send data to a co-routine */
+ case SRT_Output: { /* Return the results */
+ testcase( eDest==SRT_Coroutine );
+ testcase( eDest==SRT_Output );
+ if( pSort ){
+ pushOntoSorter(pParse, pSort, p, regResult, regResult, nResultCol,
+ nPrefixReg);
+ }else if( eDest==SRT_Coroutine ){
+ sqlite3VdbeAddOp1(v, OP_Yield, pDest->iSDParm);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_ResultRow, regResult, nResultCol);
+ sqlite3ExprCacheAffinityChange(pParse, regResult, nResultCol);
+ }
+ break;
+ }
+
+#ifndef SQLITE_OMIT_CTE
+ /* Write the results into a priority queue that is order according to
+ ** pDest->pOrderBy (in pSO). pDest->iSDParm (in iParm) is the cursor for an
+ ** index with pSO->nExpr+2 columns. Build a key using pSO for the first
+ ** pSO->nExpr columns, then make sure all keys are unique by adding a
+ ** final OP_Sequence column. The last column is the record as a blob.
+ */
+ case SRT_DistQueue:
+ case SRT_Queue: {
+ int nKey;
+ int r1, r2, r3;
+ int addrTest = 0;
+ ExprList *pSO;
+ pSO = pDest->pOrderBy;
+ assert( pSO );
+ nKey = pSO->nExpr;
+ r1 = sqlite3GetTempReg(pParse);
+ r2 = sqlite3GetTempRange(pParse, nKey+2);
+ r3 = r2+nKey+1;
+ if( eDest==SRT_DistQueue ){
+ /* If the destination is DistQueue, then cursor (iParm+1) is open
+ ** on a second ephemeral index that holds all values every previously
+ ** added to the queue. */
+ addrTest = sqlite3VdbeAddOp4Int(v, OP_Found, iParm+1, 0,
+ regResult, nResultCol);
+ VdbeCoverage(v);
+ }
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regResult, nResultCol, r3);
+ if( eDest==SRT_DistQueue ){
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iParm+1, r3);
+ sqlite3VdbeChangeP5(v, OPFLAG_USESEEKRESULT);
+ }
+ for(i=0; i<nKey; i++){
+ sqlite3VdbeAddOp2(v, OP_SCopy,
+ regResult + pSO->a[i].u.x.iOrderByCol - 1,
+ r2+i);
+ }
+ sqlite3VdbeAddOp2(v, OP_Sequence, iParm, r2+nKey);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, r2, nKey+2, r1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iParm, r1);
+ if( addrTest ) sqlite3VdbeJumpHere(v, addrTest);
+ sqlite3ReleaseTempReg(pParse, r1);
+ sqlite3ReleaseTempRange(pParse, r2, nKey+2);
+ break;
+ }
+#endif /* SQLITE_OMIT_CTE */
+
+
+
+#if !defined(SQLITE_OMIT_TRIGGER)
+ /* Discard the results. This is used for SELECT statements inside
+ ** the body of a TRIGGER. The purpose of such selects is to call
+ ** user-defined functions that have side effects. We do not care
+ ** about the actual results of the select.
+ */
+ default: {
+ assert( eDest==SRT_Discard );
+ break;
+ }
+#endif
+ }
+
+ /* Jump to the end of the loop if the LIMIT is reached. Except, if
+ ** there is a sorter, in which case the sorter has already limited
+ ** the output for us.
+ */
+ if( pSort==0 && p->iLimit ){
+ sqlite3VdbeAddOp2(v, OP_DecrJumpZero, p->iLimit, iBreak); VdbeCoverage(v);
+ }
+}
+
+/*
+** Allocate a KeyInfo object sufficient for an index of N key columns and
+** X extra columns.
+*/
+SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoAlloc(sqlite3 *db, int N, int X){
+ KeyInfo *p = sqlite3DbMallocZero(0,
+ sizeof(KeyInfo) + (N+X)*(sizeof(CollSeq*)+1));
+ if( p ){
+ p->aSortOrder = (u8*)&p->aColl[N+X];
+ p->nField = (u16)N;
+ p->nXField = (u16)X;
+ p->enc = ENC(db);
+ p->db = db;
+ p->nRef = 1;
+ }else{
+ db->mallocFailed = 1;
+ }
+ return p;
+}
+
+/*
+** Deallocate a KeyInfo object
+*/
+SQLITE_PRIVATE void sqlite3KeyInfoUnref(KeyInfo *p){
+ if( p ){
+ assert( p->nRef>0 );
+ p->nRef--;
+ if( p->nRef==0 ) sqlite3DbFree(0, p);
+ }
+}
+
+/*
+** Make a new pointer to a KeyInfo object
+*/
+SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoRef(KeyInfo *p){
+ if( p ){
+ assert( p->nRef>0 );
+ p->nRef++;
+ }
+ return p;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** Return TRUE if a KeyInfo object can be change. The KeyInfo object
+** can only be changed if this is just a single reference to the object.
+**
+** This routine is used only inside of assert() statements.
+*/
+SQLITE_PRIVATE int sqlite3KeyInfoIsWriteable(KeyInfo *p){ return p->nRef==1; }
+#endif /* SQLITE_DEBUG */
+
+/*
+** Given an expression list, generate a KeyInfo structure that records
+** the collating sequence for each expression in that expression list.
+**
+** If the ExprList is an ORDER BY or GROUP BY clause then the resulting
+** KeyInfo structure is appropriate for initializing a virtual index to
+** implement that clause. If the ExprList is the result set of a SELECT
+** then the KeyInfo structure is appropriate for initializing a virtual
+** index to implement a DISTINCT test.
+**
+** Space to hold the KeyInfo structure is obtained from malloc. The calling
+** function is responsible for seeing that this structure is eventually
+** freed.
+*/
+static KeyInfo *keyInfoFromExprList(
+ Parse *pParse, /* Parsing context */
+ ExprList *pList, /* Form the KeyInfo object from this ExprList */
+ int iStart, /* Begin with this column of pList */
+ int nExtra /* Add this many extra columns to the end */
+){
+ int nExpr;
+ KeyInfo *pInfo;
+ struct ExprList_item *pItem;
+ sqlite3 *db = pParse->db;
+ int i;
+
+ nExpr = pList->nExpr;
+ pInfo = sqlite3KeyInfoAlloc(db, nExpr-iStart, nExtra+1);
+ if( pInfo ){
+ assert( sqlite3KeyInfoIsWriteable(pInfo) );
+ for(i=iStart, pItem=pList->a+iStart; i<nExpr; i++, pItem++){
+ CollSeq *pColl;
+ pColl = sqlite3ExprCollSeq(pParse, pItem->pExpr);
+ if( !pColl ) pColl = db->pDfltColl;
+ pInfo->aColl[i-iStart] = pColl;
+ pInfo->aSortOrder[i-iStart] = pItem->sortOrder;
+ }
+ }
+ return pInfo;
+}
+
+/*
+** Name of the connection operator, used for error messages.
+*/
+static const char *selectOpName(int id){
+ char *z;
+ switch( id ){
+ case TK_ALL: z = "UNION ALL"; break;
+ case TK_INTERSECT: z = "INTERSECT"; break;
+ case TK_EXCEPT: z = "EXCEPT"; break;
+ default: z = "UNION"; break;
+ }
+ return z;
+}
+
+#ifndef SQLITE_OMIT_EXPLAIN
+/*
+** Unless an "EXPLAIN QUERY PLAN" command is being processed, this function
+** is a no-op. Otherwise, it adds a single row of output to the EQP result,
+** where the caption is of the form:
+**
+** "USE TEMP B-TREE FOR xxx"
+**
+** where xxx is one of "DISTINCT", "ORDER BY" or "GROUP BY". Exactly which
+** is determined by the zUsage argument.
+*/
+static void explainTempTable(Parse *pParse, const char *zUsage){
+ if( pParse->explain==2 ){
+ Vdbe *v = pParse->pVdbe;
+ char *zMsg = sqlite3MPrintf(pParse->db, "USE TEMP B-TREE FOR %s", zUsage);
+ sqlite3VdbeAddOp4(v, OP_Explain, pParse->iSelectId, 0, 0, zMsg, P4_DYNAMIC);
+ }
+}
+
+/*
+** Assign expression b to lvalue a. A second, no-op, version of this macro
+** is provided when SQLITE_OMIT_EXPLAIN is defined. This allows the code
+** in sqlite3Select() to assign values to structure member variables that
+** only exist if SQLITE_OMIT_EXPLAIN is not defined without polluting the
+** code with #ifndef directives.
+*/
+# define explainSetInteger(a, b) a = b
+
+#else
+/* No-op versions of the explainXXX() functions and macros. */
+# define explainTempTable(y,z)
+# define explainSetInteger(y,z)
+#endif
+
+#if !defined(SQLITE_OMIT_EXPLAIN) && !defined(SQLITE_OMIT_COMPOUND_SELECT)
+/*
+** Unless an "EXPLAIN QUERY PLAN" command is being processed, this function
+** is a no-op. Otherwise, it adds a single row of output to the EQP result,
+** where the caption is of one of the two forms:
+**
+** "COMPOSITE SUBQUERIES iSub1 and iSub2 (op)"
+** "COMPOSITE SUBQUERIES iSub1 and iSub2 USING TEMP B-TREE (op)"
+**
+** where iSub1 and iSub2 are the integers passed as the corresponding
+** function parameters, and op is the text representation of the parameter
+** of the same name. The parameter "op" must be one of TK_UNION, TK_EXCEPT,
+** TK_INTERSECT or TK_ALL. The first form is used if argument bUseTmp is
+** false, or the second form if it is true.
+*/
+static void explainComposite(
+ Parse *pParse, /* Parse context */
+ int op, /* One of TK_UNION, TK_EXCEPT etc. */
+ int iSub1, /* Subquery id 1 */
+ int iSub2, /* Subquery id 2 */
+ int bUseTmp /* True if a temp table was used */
+){
+ assert( op==TK_UNION || op==TK_EXCEPT || op==TK_INTERSECT || op==TK_ALL );
+ if( pParse->explain==2 ){
+ Vdbe *v = pParse->pVdbe;
+ char *zMsg = sqlite3MPrintf(
+ pParse->db, "COMPOUND SUBQUERIES %d AND %d %s(%s)", iSub1, iSub2,
+ bUseTmp?"USING TEMP B-TREE ":"", selectOpName(op)
+ );
+ sqlite3VdbeAddOp4(v, OP_Explain, pParse->iSelectId, 0, 0, zMsg, P4_DYNAMIC);
+ }
+}
+#else
+/* No-op versions of the explainXXX() functions and macros. */
+# define explainComposite(v,w,x,y,z)
+#endif
+
+/*
+** If the inner loop was generated using a non-null pOrderBy argument,
+** then the results were placed in a sorter. After the loop is terminated
+** we need to run the sorter and output the results. The following
+** routine generates the code needed to do that.
+*/
+static void generateSortTail(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The SELECT statement */
+ SortCtx *pSort, /* Information on the ORDER BY clause */
+ int nColumn, /* Number of columns of data */
+ SelectDest *pDest /* Write the sorted results here */
+){
+ Vdbe *v = pParse->pVdbe; /* The prepared statement */
+ int addrBreak = pSort->labelDone; /* Jump here to exit loop */
+ int addrContinue = sqlite3VdbeMakeLabel(v); /* Jump here for next cycle */
+ int addr;
+ int addrOnce = 0;
+ int iTab;
+ ExprList *pOrderBy = pSort->pOrderBy;
+ int eDest = pDest->eDest;
+ int iParm = pDest->iSDParm;
+ int regRow;
+ int regRowid;
+ int nKey;
+ int iSortTab; /* Sorter cursor to read from */
+ int nSortData; /* Trailing values to read from sorter */
+ int i;
+ int bSeq; /* True if sorter record includes seq. no. */
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+ struct ExprList_item *aOutEx = p->pEList->a;
+#endif
+
+ assert( addrBreak<0 );
+ if( pSort->labelBkOut ){
+ sqlite3VdbeAddOp2(v, OP_Gosub, pSort->regReturn, pSort->labelBkOut);
+ sqlite3VdbeGoto(v, addrBreak);
+ sqlite3VdbeResolveLabel(v, pSort->labelBkOut);
+ }
+ iTab = pSort->iECursor;
+ if( eDest==SRT_Output || eDest==SRT_Coroutine ){
+ regRowid = 0;
+ regRow = pDest->iSdst;
+ nSortData = nColumn;
+ }else{
+ regRowid = sqlite3GetTempReg(pParse);
+ regRow = sqlite3GetTempReg(pParse);
+ nSortData = 1;
+ }
+ nKey = pOrderBy->nExpr - pSort->nOBSat;
+ if( pSort->sortFlags & SORTFLAG_UseSorter ){
+ int regSortOut = ++pParse->nMem;
+ iSortTab = pParse->nTab++;
+ if( pSort->labelBkOut ){
+ addrOnce = sqlite3CodeOnce(pParse); VdbeCoverage(v);
+ }
+ sqlite3VdbeAddOp3(v, OP_OpenPseudo, iSortTab, regSortOut, nKey+1+nSortData);
+ if( addrOnce ) sqlite3VdbeJumpHere(v, addrOnce);
+ addr = 1 + sqlite3VdbeAddOp2(v, OP_SorterSort, iTab, addrBreak);
+ VdbeCoverage(v);
+ codeOffset(v, p->iOffset, addrContinue);
+ sqlite3VdbeAddOp3(v, OP_SorterData, iTab, regSortOut, iSortTab);
+ bSeq = 0;
+ }else{
+ addr = 1 + sqlite3VdbeAddOp2(v, OP_Sort, iTab, addrBreak); VdbeCoverage(v);
+ codeOffset(v, p->iOffset, addrContinue);
+ iSortTab = iTab;
+ bSeq = 1;
+ }
+ for(i=0; i<nSortData; i++){
+ sqlite3VdbeAddOp3(v, OP_Column, iSortTab, nKey+bSeq+i, regRow+i);
+ VdbeComment((v, "%s", aOutEx[i].zName ? aOutEx[i].zName : aOutEx[i].zSpan));
+ }
+ switch( eDest ){
+ case SRT_EphemTab: {
+ sqlite3VdbeAddOp2(v, OP_NewRowid, iParm, regRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, iParm, regRow, regRowid);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+ break;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case SRT_Set: {
+ assert( nColumn==1 );
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, regRow, 1, regRowid,
+ &pDest->affSdst, 1);
+ sqlite3ExprCacheAffinityChange(pParse, regRow, 1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iParm, regRowid);
+ break;
+ }
+ case SRT_Mem: {
+ assert( nColumn==1 );
+ sqlite3ExprCodeMove(pParse, regRow, iParm, 1);
+ /* The LIMIT clause will terminate the loop for us */
+ break;
+ }
+#endif
+ default: {
+ assert( eDest==SRT_Output || eDest==SRT_Coroutine );
+ testcase( eDest==SRT_Output );
+ testcase( eDest==SRT_Coroutine );
+ if( eDest==SRT_Output ){
+ sqlite3VdbeAddOp2(v, OP_ResultRow, pDest->iSdst, nColumn);
+ sqlite3ExprCacheAffinityChange(pParse, pDest->iSdst, nColumn);
+ }else{
+ sqlite3VdbeAddOp1(v, OP_Yield, pDest->iSDParm);
+ }
+ break;
+ }
+ }
+ if( regRowid ){
+ sqlite3ReleaseTempReg(pParse, regRow);
+ sqlite3ReleaseTempReg(pParse, regRowid);
+ }
+ /* The bottom of the loop
+ */
+ sqlite3VdbeResolveLabel(v, addrContinue);
+ if( pSort->sortFlags & SORTFLAG_UseSorter ){
+ sqlite3VdbeAddOp2(v, OP_SorterNext, iTab, addr); VdbeCoverage(v);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Next, iTab, addr); VdbeCoverage(v);
+ }
+ if( pSort->regReturn ) sqlite3VdbeAddOp1(v, OP_Return, pSort->regReturn);
+ sqlite3VdbeResolveLabel(v, addrBreak);
+}
+
+/*
+** Return a pointer to a string containing the 'declaration type' of the
+** expression pExpr. The string may be treated as static by the caller.
+**
+** Also try to estimate the size of the returned value and return that
+** result in *pEstWidth.
+**
+** The declaration type is the exact datatype definition extracted from the
+** original CREATE TABLE statement if the expression is a column. The
+** declaration type for a ROWID field is INTEGER. Exactly when an expression
+** is considered a column can be complex in the presence of subqueries. The
+** result-set expression in all of the following SELECT statements is
+** considered a column by this function.
+**
+** SELECT col FROM tbl;
+** SELECT (SELECT col FROM tbl;
+** SELECT (SELECT col FROM tbl);
+** SELECT abc FROM (SELECT col AS abc FROM tbl);
+**
+** The declaration type for any expression other than a column is NULL.
+**
+** This routine has either 3 or 6 parameters depending on whether or not
+** the SQLITE_ENABLE_COLUMN_METADATA compile-time option is used.
+*/
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+# define columnType(A,B,C,D,E,F) columnTypeImpl(A,B,C,D,E,F)
+#else /* if !defined(SQLITE_ENABLE_COLUMN_METADATA) */
+# define columnType(A,B,C,D,E,F) columnTypeImpl(A,B,F)
+#endif
+static const char *columnTypeImpl(
+ NameContext *pNC,
+ Expr *pExpr,
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+ const char **pzOrigDb,
+ const char **pzOrigTab,
+ const char **pzOrigCol,
+#endif
+ u8 *pEstWidth
+){
+ char const *zType = 0;
+ int j;
+ u8 estWidth = 1;
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+ char const *zOrigDb = 0;
+ char const *zOrigTab = 0;
+ char const *zOrigCol = 0;
+#endif
+
+ assert( pExpr!=0 );
+ assert( pNC->pSrcList!=0 );
+ switch( pExpr->op ){
+ case TK_AGG_COLUMN:
+ case TK_COLUMN: {
+ /* The expression is a column. Locate the table the column is being
+ ** extracted from in NameContext.pSrcList. This table may be real
+ ** database table or a subquery.
+ */
+ Table *pTab = 0; /* Table structure column is extracted from */
+ Select *pS = 0; /* Select the column is extracted from */
+ int iCol = pExpr->iColumn; /* Index of column in pTab */
+ testcase( pExpr->op==TK_AGG_COLUMN );
+ testcase( pExpr->op==TK_COLUMN );
+ while( pNC && !pTab ){
+ SrcList *pTabList = pNC->pSrcList;
+ for(j=0;j<pTabList->nSrc && pTabList->a[j].iCursor!=pExpr->iTable;j++);
+ if( j<pTabList->nSrc ){
+ pTab = pTabList->a[j].pTab;
+ pS = pTabList->a[j].pSelect;
+ }else{
+ pNC = pNC->pNext;
+ }
+ }
+
+ if( pTab==0 ){
+ /* At one time, code such as "SELECT new.x" within a trigger would
+ ** cause this condition to run. Since then, we have restructured how
+ ** trigger code is generated and so this condition is no longer
+ ** possible. However, it can still be true for statements like
+ ** the following:
+ **
+ ** CREATE TABLE t1(col INTEGER);
+ ** SELECT (SELECT t1.col) FROM FROM t1;
+ **
+ ** when columnType() is called on the expression "t1.col" in the
+ ** sub-select. In this case, set the column type to NULL, even
+ ** though it should really be "INTEGER".
+ **
+ ** This is not a problem, as the column type of "t1.col" is never
+ ** used. When columnType() is called on the expression
+ ** "(SELECT t1.col)", the correct type is returned (see the TK_SELECT
+ ** branch below. */
+ break;
+ }
+
+ assert( pTab && pExpr->pTab==pTab );
+ if( pS ){
+ /* The "table" is actually a sub-select or a view in the FROM clause
+ ** of the SELECT statement. Return the declaration type and origin
+ ** data for the result-set column of the sub-select.
+ */
+ if( iCol>=0 && ALWAYS(iCol<pS->pEList->nExpr) ){
+ /* If iCol is less than zero, then the expression requests the
+ ** rowid of the sub-select or view. This expression is legal (see
+ ** test case misc2.2.2) - it always evaluates to NULL.
+ **
+ ** The ALWAYS() is because iCol>=pS->pEList->nExpr will have been
+ ** caught already by name resolution.
+ */
+ NameContext sNC;
+ Expr *p = pS->pEList->a[iCol].pExpr;
+ sNC.pSrcList = pS->pSrc;
+ sNC.pNext = pNC;
+ sNC.pParse = pNC->pParse;
+ zType = columnType(&sNC, p,&zOrigDb,&zOrigTab,&zOrigCol, &estWidth);
+ }
+ }else if( pTab->pSchema ){
+ /* A real table */
+ assert( !pS );
+ if( iCol<0 ) iCol = pTab->iPKey;
+ assert( iCol==-1 || (iCol>=0 && iCol<pTab->nCol) );
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+ if( iCol<0 ){
+ zType = "INTEGER";
+ zOrigCol = "rowid";
+ }else{
+ zType = pTab->aCol[iCol].zType;
+ zOrigCol = pTab->aCol[iCol].zName;
+ estWidth = pTab->aCol[iCol].szEst;
+ }
+ zOrigTab = pTab->zName;
+ if( pNC->pParse ){
+ int iDb = sqlite3SchemaToIndex(pNC->pParse->db, pTab->pSchema);
+ zOrigDb = pNC->pParse->db->aDb[iDb].zName;
+ }
+#else
+ if( iCol<0 ){
+ zType = "INTEGER";
+ }else{
+ zType = pTab->aCol[iCol].zType;
+ estWidth = pTab->aCol[iCol].szEst;
+ }
+#endif
+ }
+ break;
+ }
+#ifndef SQLITE_OMIT_SUBQUERY
+ case TK_SELECT: {
+ /* The expression is a sub-select. Return the declaration type and
+ ** origin info for the single column in the result set of the SELECT
+ ** statement.
+ */
+ NameContext sNC;
+ Select *pS = pExpr->x.pSelect;
+ Expr *p = pS->pEList->a[0].pExpr;
+ assert( ExprHasProperty(pExpr, EP_xIsSelect) );
+ sNC.pSrcList = pS->pSrc;
+ sNC.pNext = pNC;
+ sNC.pParse = pNC->pParse;
+ zType = columnType(&sNC, p, &zOrigDb, &zOrigTab, &zOrigCol, &estWidth);
+ break;
+ }
+#endif
+ }
+
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+ if( pzOrigDb ){
+ assert( pzOrigTab && pzOrigCol );
+ *pzOrigDb = zOrigDb;
+ *pzOrigTab = zOrigTab;
+ *pzOrigCol = zOrigCol;
+ }
+#endif
+ if( pEstWidth ) *pEstWidth = estWidth;
+ return zType;
+}
+
+/*
+** Generate code that will tell the VDBE the declaration types of columns
+** in the result set.
+*/
+static void generateColumnTypes(
+ Parse *pParse, /* Parser context */
+ SrcList *pTabList, /* List of tables */
+ ExprList *pEList /* Expressions defining the result set */
+){
+#ifndef SQLITE_OMIT_DECLTYPE
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ NameContext sNC;
+ sNC.pSrcList = pTabList;
+ sNC.pParse = pParse;
+ for(i=0; i<pEList->nExpr; i++){
+ Expr *p = pEList->a[i].pExpr;
+ const char *zType;
+#ifdef SQLITE_ENABLE_COLUMN_METADATA
+ const char *zOrigDb = 0;
+ const char *zOrigTab = 0;
+ const char *zOrigCol = 0;
+ zType = columnType(&sNC, p, &zOrigDb, &zOrigTab, &zOrigCol, 0);
+
+ /* The vdbe must make its own copy of the column-type and other
+ ** column specific strings, in case the schema is reset before this
+ ** virtual machine is deleted.
+ */
+ sqlite3VdbeSetColName(v, i, COLNAME_DATABASE, zOrigDb, SQLITE_TRANSIENT);
+ sqlite3VdbeSetColName(v, i, COLNAME_TABLE, zOrigTab, SQLITE_TRANSIENT);
+ sqlite3VdbeSetColName(v, i, COLNAME_COLUMN, zOrigCol, SQLITE_TRANSIENT);
+#else
+ zType = columnType(&sNC, p, 0, 0, 0, 0);
+#endif
+ sqlite3VdbeSetColName(v, i, COLNAME_DECLTYPE, zType, SQLITE_TRANSIENT);
+ }
+#endif /* !defined(SQLITE_OMIT_DECLTYPE) */
+}
+
+/*
+** Generate code that will tell the VDBE the names of columns
+** in the result set. This information is used to provide the
+** azCol[] values in the callback.
+*/
+static void generateColumnNames(
+ Parse *pParse, /* Parser context */
+ SrcList *pTabList, /* List of tables */
+ ExprList *pEList /* Expressions defining the result set */
+){
+ Vdbe *v = pParse->pVdbe;
+ int i, j;
+ sqlite3 *db = pParse->db;
+ int fullNames, shortNames;
+
+#ifndef SQLITE_OMIT_EXPLAIN
+ /* If this is an EXPLAIN, skip this step */
+ if( pParse->explain ){
+ return;
+ }
+#endif
+
+ if( pParse->colNamesSet || db->mallocFailed ) return;
+ assert( v!=0 );
+ assert( pTabList!=0 );
+ pParse->colNamesSet = 1;
+ fullNames = (db->flags & SQLITE_FullColNames)!=0;
+ shortNames = (db->flags & SQLITE_ShortColNames)!=0;
+ sqlite3VdbeSetNumCols(v, pEList->nExpr);
+ for(i=0; i<pEList->nExpr; i++){
+ Expr *p;
+ p = pEList->a[i].pExpr;
+ if( NEVER(p==0) ) continue;
+ if( pEList->a[i].zName ){
+ char *zName = pEList->a[i].zName;
+ sqlite3VdbeSetColName(v, i, COLNAME_NAME, zName, SQLITE_TRANSIENT);
+ }else if( p->op==TK_COLUMN || p->op==TK_AGG_COLUMN ){
+ Table *pTab;
+ char *zCol;
+ int iCol = p->iColumn;
+ for(j=0; ALWAYS(j<pTabList->nSrc); j++){
+ if( pTabList->a[j].iCursor==p->iTable ) break;
+ }
+ assert( j<pTabList->nSrc );
+ pTab = pTabList->a[j].pTab;
+ if( iCol<0 ) iCol = pTab->iPKey;
+ assert( iCol==-1 || (iCol>=0 && iCol<pTab->nCol) );
+ if( iCol<0 ){
+ zCol = "rowid";
+ }else{
+ zCol = pTab->aCol[iCol].zName;
+ }
+ if( !shortNames && !fullNames ){
+ sqlite3VdbeSetColName(v, i, COLNAME_NAME,
+ sqlite3DbStrDup(db, pEList->a[i].zSpan), SQLITE_DYNAMIC);
+ }else if( fullNames ){
+ char *zName = 0;
+ zName = sqlite3MPrintf(db, "%s.%s", pTab->zName, zCol);
+ sqlite3VdbeSetColName(v, i, COLNAME_NAME, zName, SQLITE_DYNAMIC);
+ }else{
+ sqlite3VdbeSetColName(v, i, COLNAME_NAME, zCol, SQLITE_TRANSIENT);
+ }
+ }else{
+ const char *z = pEList->a[i].zSpan;
+ z = z==0 ? sqlite3MPrintf(db, "column%d", i+1) : sqlite3DbStrDup(db, z);
+ sqlite3VdbeSetColName(v, i, COLNAME_NAME, z, SQLITE_DYNAMIC);
+ }
+ }
+ generateColumnTypes(pParse, pTabList, pEList);
+}
+
+/*
+** Given an expression list (which is really the list of expressions
+** that form the result set of a SELECT statement) compute appropriate
+** column names for a table that would hold the expression list.
+**
+** All column names will be unique.
+**
+** Only the column names are computed. Column.zType, Column.zColl,
+** and other fields of Column are zeroed.
+**
+** Return SQLITE_OK on success. If a memory allocation error occurs,
+** store NULL in *paCol and 0 in *pnCol and return SQLITE_NOMEM.
+*/
+SQLITE_PRIVATE int sqlite3ColumnsFromExprList(
+ Parse *pParse, /* Parsing context */
+ ExprList *pEList, /* Expr list from which to derive column names */
+ i16 *pnCol, /* Write the number of columns here */
+ Column **paCol /* Write the new column list here */
+){
+ sqlite3 *db = pParse->db; /* Database connection */
+ int i, j; /* Loop counters */
+ u32 cnt; /* Index added to make the name unique */
+ Column *aCol, *pCol; /* For looping over result columns */
+ int nCol; /* Number of columns in the result set */
+ Expr *p; /* Expression for a single result column */
+ char *zName; /* Column name */
+ int nName; /* Size of name in zName[] */
+ Hash ht; /* Hash table of column names */
+
+ sqlite3HashInit(&ht);
+ if( pEList ){
+ nCol = pEList->nExpr;
+ aCol = sqlite3DbMallocZero(db, sizeof(aCol[0])*nCol);
+ testcase( aCol==0 );
+ }else{
+ nCol = 0;
+ aCol = 0;
+ }
+ assert( nCol==(i16)nCol );
+ *pnCol = nCol;
+ *paCol = aCol;
+
+ for(i=0, pCol=aCol; i<nCol && !db->mallocFailed; i++, pCol++){
+ /* Get an appropriate name for the column
+ */
+ p = sqlite3ExprSkipCollate(pEList->a[i].pExpr);
+ if( (zName = pEList->a[i].zName)!=0 ){
+ /* If the column contains an "AS <name>" phrase, use <name> as the name */
+ }else{
+ Expr *pColExpr = p; /* The expression that is the result column name */
+ Table *pTab; /* Table associated with this expression */
+ while( pColExpr->op==TK_DOT ){
+ pColExpr = pColExpr->pRight;
+ assert( pColExpr!=0 );
+ }
+ if( pColExpr->op==TK_COLUMN && ALWAYS(pColExpr->pTab!=0) ){
+ /* For columns use the column name name */
+ int iCol = pColExpr->iColumn;
+ pTab = pColExpr->pTab;
+ if( iCol<0 ) iCol = pTab->iPKey;
+ zName = iCol>=0 ? pTab->aCol[iCol].zName : "rowid";
+ }else if( pColExpr->op==TK_ID ){
+ assert( !ExprHasProperty(pColExpr, EP_IntValue) );
+ zName = pColExpr->u.zToken;
+ }else{
+ /* Use the original text of the column expression as its name */
+ zName = pEList->a[i].zSpan;
+ }
+ }
+ zName = sqlite3MPrintf(db, "%s", zName);
+
+ /* Make sure the column name is unique. If the name is not unique,
+ ** append an integer to the name so that it becomes unique.
+ */
+ cnt = 0;
+ while( zName && sqlite3HashFind(&ht, zName)!=0 ){
+ nName = sqlite3Strlen30(zName);
+ if( nName>0 ){
+ for(j=nName-1; j>0 && sqlite3Isdigit(zName[j]); j--){}
+ if( zName[j]==':' ) nName = j;
+ }
+ zName = sqlite3MPrintf(db, "%.*z:%u", nName, zName, ++cnt);
+ if( cnt>3 ) sqlite3_randomness(sizeof(cnt), &cnt);
+ }
+ pCol->zName = zName;
+ sqlite3ColumnPropertiesFromName(0, pCol);
+ if( zName && sqlite3HashInsert(&ht, zName, pCol)==pCol ){
+ db->mallocFailed = 1;
+ }
+ }
+ sqlite3HashClear(&ht);
+ if( db->mallocFailed ){
+ for(j=0; j<i; j++){
+ sqlite3DbFree(db, aCol[j].zName);
+ }
+ sqlite3DbFree(db, aCol);
+ *paCol = 0;
+ *pnCol = 0;
+ return SQLITE_NOMEM;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Add type and collation information to a column list based on
+** a SELECT statement.
+**
+** The column list presumably came from selectColumnNamesFromExprList().
+** The column list has only names, not types or collations. This
+** routine goes through and adds the types and collations.
+**
+** This routine requires that all identifiers in the SELECT
+** statement be resolved.
+*/
+static void selectAddColumnTypeAndCollation(
+ Parse *pParse, /* Parsing contexts */
+ Table *pTab, /* Add column type information to this table */
+ Select *pSelect /* SELECT used to determine types and collations */
+){
+ sqlite3 *db = pParse->db;
+ NameContext sNC;
+ Column *pCol;
+ CollSeq *pColl;
+ int i;
+ Expr *p;
+ struct ExprList_item *a;
+ u64 szAll = 0;
+
+ assert( pSelect!=0 );
+ assert( (pSelect->selFlags & SF_Resolved)!=0 );
+ assert( pTab->nCol==pSelect->pEList->nExpr || db->mallocFailed );
+ if( db->mallocFailed ) return;
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pSrcList = pSelect->pSrc;
+ a = pSelect->pEList->a;
+ for(i=0, pCol=pTab->aCol; i<pTab->nCol; i++, pCol++){
+ p = a[i].pExpr;
+ if( pCol->zType==0 ){
+ pCol->zType = sqlite3DbStrDup(db,
+ columnType(&sNC, p,0,0,0, &pCol->szEst));
+ }
+ szAll += pCol->szEst;
+ pCol->affinity = sqlite3ExprAffinity(p);
+ if( pCol->affinity==0 ) pCol->affinity = SQLITE_AFF_BLOB;
+ pColl = sqlite3ExprCollSeq(pParse, p);
+ if( pColl && pCol->zColl==0 ){
+ pCol->zColl = sqlite3DbStrDup(db, pColl->zName);
+ }
+ }
+ pTab->szTabRow = sqlite3LogEst(szAll*4);
+}
+
+/*
+** Given a SELECT statement, generate a Table structure that describes
+** the result set of that SELECT.
+*/
+SQLITE_PRIVATE Table *sqlite3ResultSetOfSelect(Parse *pParse, Select *pSelect){
+ Table *pTab;
+ sqlite3 *db = pParse->db;
+ int savedFlags;
+
+ savedFlags = db->flags;
+ db->flags &= ~SQLITE_FullColNames;
+ db->flags |= SQLITE_ShortColNames;
+ sqlite3SelectPrep(pParse, pSelect, 0);
+ if( pParse->nErr ) return 0;
+ while( pSelect->pPrior ) pSelect = pSelect->pPrior;
+ db->flags = savedFlags;
+ pTab = sqlite3DbMallocZero(db, sizeof(Table) );
+ if( pTab==0 ){
+ return 0;
+ }
+ /* The sqlite3ResultSetOfSelect() is only used n contexts where lookaside
+ ** is disabled */
+ assert( db->lookaside.bEnabled==0 );
+ pTab->nRef = 1;
+ pTab->zName = 0;
+ pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
+ sqlite3ColumnsFromExprList(pParse, pSelect->pEList, &pTab->nCol, &pTab->aCol);
+ selectAddColumnTypeAndCollation(pParse, pTab, pSelect);
+ pTab->iPKey = -1;
+ if( db->mallocFailed ){
+ sqlite3DeleteTable(db, pTab);
+ return 0;
+ }
+ return pTab;
+}
+
+/*
+** Get a VDBE for the given parser context. Create a new one if necessary.
+** If an error occurs, return NULL and leave a message in pParse.
+*/
+SQLITE_PRIVATE Vdbe *sqlite3GetVdbe(Parse *pParse){
+ Vdbe *v = pParse->pVdbe;
+ if( v==0 ){
+ v = pParse->pVdbe = sqlite3VdbeCreate(pParse);
+ if( v ) sqlite3VdbeAddOp0(v, OP_Init);
+ if( pParse->pToplevel==0
+ && OptimizationEnabled(pParse->db,SQLITE_FactorOutConst)
+ ){
+ pParse->okConstFactor = 1;
+ }
+
+ }
+ return v;
+}
+
+
+/*
+** Compute the iLimit and iOffset fields of the SELECT based on the
+** pLimit and pOffset expressions. pLimit and pOffset hold the expressions
+** that appear in the original SQL statement after the LIMIT and OFFSET
+** keywords. Or NULL if those keywords are omitted. iLimit and iOffset
+** are the integer memory register numbers for counters used to compute
+** the limit and offset. If there is no limit and/or offset, then
+** iLimit and iOffset are negative.
+**
+** This routine changes the values of iLimit and iOffset only if
+** a limit or offset is defined by pLimit and pOffset. iLimit and
+** iOffset should have been preset to appropriate default values (zero)
+** prior to calling this routine.
+**
+** The iOffset register (if it exists) is initialized to the value
+** of the OFFSET. The iLimit register is initialized to LIMIT. Register
+** iOffset+1 is initialized to LIMIT+OFFSET.
+**
+** Only if pLimit!=0 or pOffset!=0 do the limit registers get
+** redefined. The UNION ALL operator uses this property to force
+** the reuse of the same limit and offset registers across multiple
+** SELECT statements.
+*/
+static void computeLimitRegisters(Parse *pParse, Select *p, int iBreak){
+ Vdbe *v = 0;
+ int iLimit = 0;
+ int iOffset;
+ int n;
+ if( p->iLimit ) return;
+
+ /*
+ ** "LIMIT -1" always shows all rows. There is some
+ ** controversy about what the correct behavior should be.
+ ** The current implementation interprets "LIMIT 0" to mean
+ ** no rows.
+ */
+ sqlite3ExprCacheClear(pParse);
+ assert( p->pOffset==0 || p->pLimit!=0 );
+ if( p->pLimit ){
+ p->iLimit = iLimit = ++pParse->nMem;
+ v = sqlite3GetVdbe(pParse);
+ assert( v!=0 );
+ if( sqlite3ExprIsInteger(p->pLimit, &n) ){
+ sqlite3VdbeAddOp2(v, OP_Integer, n, iLimit);
+ VdbeComment((v, "LIMIT counter"));
+ if( n==0 ){
+ sqlite3VdbeGoto(v, iBreak);
+ }else if( n>=0 && p->nSelectRow>(u64)n ){
+ p->nSelectRow = n;
+ }
+ }else{
+ sqlite3ExprCode(pParse, p->pLimit, iLimit);
+ sqlite3VdbeAddOp1(v, OP_MustBeInt, iLimit); VdbeCoverage(v);
+ VdbeComment((v, "LIMIT counter"));
+ sqlite3VdbeAddOp2(v, OP_IfNot, iLimit, iBreak); VdbeCoverage(v);
+ }
+ if( p->pOffset ){
+ p->iOffset = iOffset = ++pParse->nMem;
+ pParse->nMem++; /* Allocate an extra register for limit+offset */
+ sqlite3ExprCode(pParse, p->pOffset, iOffset);
+ sqlite3VdbeAddOp1(v, OP_MustBeInt, iOffset); VdbeCoverage(v);
+ VdbeComment((v, "OFFSET counter"));
+ sqlite3VdbeAddOp3(v, OP_SetIfNotPos, iOffset, iOffset, 0);
+ sqlite3VdbeAddOp3(v, OP_Add, iLimit, iOffset, iOffset+1);
+ VdbeComment((v, "LIMIT+OFFSET"));
+ sqlite3VdbeAddOp3(v, OP_SetIfNotPos, iLimit, iOffset+1, -1);
+ }
+ }
+}
+
+#ifndef SQLITE_OMIT_COMPOUND_SELECT
+/*
+** Return the appropriate collating sequence for the iCol-th column of
+** the result set for the compound-select statement "p". Return NULL if
+** the column has no default collating sequence.
+**
+** The collating sequence for the compound select is taken from the
+** left-most term of the select that has a collating sequence.
+*/
+static CollSeq *multiSelectCollSeq(Parse *pParse, Select *p, int iCol){
+ CollSeq *pRet;
+ if( p->pPrior ){
+ pRet = multiSelectCollSeq(pParse, p->pPrior, iCol);
+ }else{
+ pRet = 0;
+ }
+ assert( iCol>=0 );
+ /* iCol must be less than p->pEList->nExpr. Otherwise an error would
+ ** have been thrown during name resolution and we would not have gotten
+ ** this far */
+ if( pRet==0 && ALWAYS(iCol<p->pEList->nExpr) ){
+ pRet = sqlite3ExprCollSeq(pParse, p->pEList->a[iCol].pExpr);
+ }
+ return pRet;
+}
+
+/*
+** The select statement passed as the second parameter is a compound SELECT
+** with an ORDER BY clause. This function allocates and returns a KeyInfo
+** structure suitable for implementing the ORDER BY.
+**
+** Space to hold the KeyInfo structure is obtained from malloc. The calling
+** function is responsible for ensuring that this structure is eventually
+** freed.
+*/
+static KeyInfo *multiSelectOrderByKeyInfo(Parse *pParse, Select *p, int nExtra){
+ ExprList *pOrderBy = p->pOrderBy;
+ int nOrderBy = p->pOrderBy->nExpr;
+ sqlite3 *db = pParse->db;
+ KeyInfo *pRet = sqlite3KeyInfoAlloc(db, nOrderBy+nExtra, 1);
+ if( pRet ){
+ int i;
+ for(i=0; i<nOrderBy; i++){
+ struct ExprList_item *pItem = &pOrderBy->a[i];
+ Expr *pTerm = pItem->pExpr;
+ CollSeq *pColl;
+
+ if( pTerm->flags & EP_Collate ){
+ pColl = sqlite3ExprCollSeq(pParse, pTerm);
+ }else{
+ pColl = multiSelectCollSeq(pParse, p, pItem->u.x.iOrderByCol-1);
+ if( pColl==0 ) pColl = db->pDfltColl;
+ pOrderBy->a[i].pExpr =
+ sqlite3ExprAddCollateString(pParse, pTerm, pColl->zName);
+ }
+ assert( sqlite3KeyInfoIsWriteable(pRet) );
+ pRet->aColl[i] = pColl;
+ pRet->aSortOrder[i] = pOrderBy->a[i].sortOrder;
+ }
+ }
+
+ return pRet;
+}
+
+#ifndef SQLITE_OMIT_CTE
+/*
+** This routine generates VDBE code to compute the content of a WITH RECURSIVE
+** query of the form:
+**
+** <recursive-table> AS (<setup-query> UNION [ALL] <recursive-query>)
+** \___________/ \_______________/
+** p->pPrior p
+**
+**
+** There is exactly one reference to the recursive-table in the FROM clause
+** of recursive-query, marked with the SrcList->a[].fg.isRecursive flag.
+**
+** The setup-query runs once to generate an initial set of rows that go
+** into a Queue table. Rows are extracted from the Queue table one by
+** one. Each row extracted from Queue is output to pDest. Then the single
+** extracted row (now in the iCurrent table) becomes the content of the
+** recursive-table for a recursive-query run. The output of the recursive-query
+** is added back into the Queue table. Then another row is extracted from Queue
+** and the iteration continues until the Queue table is empty.
+**
+** If the compound query operator is UNION then no duplicate rows are ever
+** inserted into the Queue table. The iDistinct table keeps a copy of all rows
+** that have ever been inserted into Queue and causes duplicates to be
+** discarded. If the operator is UNION ALL, then duplicates are allowed.
+**
+** If the query has an ORDER BY, then entries in the Queue table are kept in
+** ORDER BY order and the first entry is extracted for each cycle. Without
+** an ORDER BY, the Queue table is just a FIFO.
+**
+** If a LIMIT clause is provided, then the iteration stops after LIMIT rows
+** have been output to pDest. A LIMIT of zero means to output no rows and a
+** negative LIMIT means to output all rows. If there is also an OFFSET clause
+** with a positive value, then the first OFFSET outputs are discarded rather
+** than being sent to pDest. The LIMIT count does not begin until after OFFSET
+** rows have been skipped.
+*/
+static void generateWithRecursiveQuery(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The recursive SELECT to be coded */
+ SelectDest *pDest /* What to do with query results */
+){
+ SrcList *pSrc = p->pSrc; /* The FROM clause of the recursive query */
+ int nCol = p->pEList->nExpr; /* Number of columns in the recursive table */
+ Vdbe *v = pParse->pVdbe; /* The prepared statement under construction */
+ Select *pSetup = p->pPrior; /* The setup query */
+ int addrTop; /* Top of the loop */
+ int addrCont, addrBreak; /* CONTINUE and BREAK addresses */
+ int iCurrent = 0; /* The Current table */
+ int regCurrent; /* Register holding Current table */
+ int iQueue; /* The Queue table */
+ int iDistinct = 0; /* To ensure unique results if UNION */
+ int eDest = SRT_Fifo; /* How to write to Queue */
+ SelectDest destQueue; /* SelectDest targetting the Queue table */
+ int i; /* Loop counter */
+ int rc; /* Result code */
+ ExprList *pOrderBy; /* The ORDER BY clause */
+ Expr *pLimit, *pOffset; /* Saved LIMIT and OFFSET */
+ int regLimit, regOffset; /* Registers used by LIMIT and OFFSET */
+
+ /* Obtain authorization to do a recursive query */
+ if( sqlite3AuthCheck(pParse, SQLITE_RECURSIVE, 0, 0, 0) ) return;
+
+ /* Process the LIMIT and OFFSET clauses, if they exist */
+ addrBreak = sqlite3VdbeMakeLabel(v);
+ computeLimitRegisters(pParse, p, addrBreak);
+ pLimit = p->pLimit;
+ pOffset = p->pOffset;
+ regLimit = p->iLimit;
+ regOffset = p->iOffset;
+ p->pLimit = p->pOffset = 0;
+ p->iLimit = p->iOffset = 0;
+ pOrderBy = p->pOrderBy;
+
+ /* Locate the cursor number of the Current table */
+ for(i=0; ALWAYS(i<pSrc->nSrc); i++){
+ if( pSrc->a[i].fg.isRecursive ){
+ iCurrent = pSrc->a[i].iCursor;
+ break;
+ }
+ }
+
+ /* Allocate cursors numbers for Queue and Distinct. The cursor number for
+ ** the Distinct table must be exactly one greater than Queue in order
+ ** for the SRT_DistFifo and SRT_DistQueue destinations to work. */
+ iQueue = pParse->nTab++;
+ if( p->op==TK_UNION ){
+ eDest = pOrderBy ? SRT_DistQueue : SRT_DistFifo;
+ iDistinct = pParse->nTab++;
+ }else{
+ eDest = pOrderBy ? SRT_Queue : SRT_Fifo;
+ }
+ sqlite3SelectDestInit(&destQueue, eDest, iQueue);
+
+ /* Allocate cursors for Current, Queue, and Distinct. */
+ regCurrent = ++pParse->nMem;
+ sqlite3VdbeAddOp3(v, OP_OpenPseudo, iCurrent, regCurrent, nCol);
+ if( pOrderBy ){
+ KeyInfo *pKeyInfo = multiSelectOrderByKeyInfo(pParse, p, 1);
+ sqlite3VdbeAddOp4(v, OP_OpenEphemeral, iQueue, pOrderBy->nExpr+2, 0,
+ (char*)pKeyInfo, P4_KEYINFO);
+ destQueue.pOrderBy = pOrderBy;
+ }else{
+ sqlite3VdbeAddOp2(v, OP_OpenEphemeral, iQueue, nCol);
+ }
+ VdbeComment((v, "Queue table"));
+ if( iDistinct ){
+ p->addrOpenEphm[0] = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, iDistinct, 0);
+ p->selFlags |= SF_UsesEphemeral;
+ }
+
+ /* Detach the ORDER BY clause from the compound SELECT */
+ p->pOrderBy = 0;
+
+ /* Store the results of the setup-query in Queue. */
+ pSetup->pNext = 0;
+ rc = sqlite3Select(pParse, pSetup, &destQueue);
+ pSetup->pNext = p;
+ if( rc ) goto end_of_recursive_query;
+
+ /* Find the next row in the Queue and output that row */
+ addrTop = sqlite3VdbeAddOp2(v, OP_Rewind, iQueue, addrBreak); VdbeCoverage(v);
+
+ /* Transfer the next row in Queue over to Current */
+ sqlite3VdbeAddOp1(v, OP_NullRow, iCurrent); /* To reset column cache */
+ if( pOrderBy ){
+ sqlite3VdbeAddOp3(v, OP_Column, iQueue, pOrderBy->nExpr+1, regCurrent);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_RowData, iQueue, regCurrent);
+ }
+ sqlite3VdbeAddOp1(v, OP_Delete, iQueue);
+
+ /* Output the single row in Current */
+ addrCont = sqlite3VdbeMakeLabel(v);
+ codeOffset(v, regOffset, addrCont);
+ selectInnerLoop(pParse, p, p->pEList, iCurrent,
+ 0, 0, pDest, addrCont, addrBreak);
+ if( regLimit ){
+ sqlite3VdbeAddOp2(v, OP_DecrJumpZero, regLimit, addrBreak);
+ VdbeCoverage(v);
+ }
+ sqlite3VdbeResolveLabel(v, addrCont);
+
+ /* Execute the recursive SELECT taking the single row in Current as
+ ** the value for the recursive-table. Store the results in the Queue.
+ */
+ if( p->selFlags & SF_Aggregate ){
+ sqlite3ErrorMsg(pParse, "recursive aggregate queries not supported");
+ }else{
+ p->pPrior = 0;
+ sqlite3Select(pParse, p, &destQueue);
+ assert( p->pPrior==0 );
+ p->pPrior = pSetup;
+ }
+
+ /* Keep running the loop until the Queue is empty */
+ sqlite3VdbeGoto(v, addrTop);
+ sqlite3VdbeResolveLabel(v, addrBreak);
+
+end_of_recursive_query:
+ sqlite3ExprListDelete(pParse->db, p->pOrderBy);
+ p->pOrderBy = pOrderBy;
+ p->pLimit = pLimit;
+ p->pOffset = pOffset;
+ return;
+}
+#endif /* SQLITE_OMIT_CTE */
+
+/* Forward references */
+static int multiSelectOrderBy(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The right-most of SELECTs to be coded */
+ SelectDest *pDest /* What to do with query results */
+);
+
+/*
+** Handle the special case of a compound-select that originates from a
+** VALUES clause. By handling this as a special case, we avoid deep
+** recursion, and thus do not need to enforce the SQLITE_LIMIT_COMPOUND_SELECT
+** on a VALUES clause.
+**
+** Because the Select object originates from a VALUES clause:
+** (1) It has no LIMIT or OFFSET
+** (2) All terms are UNION ALL
+** (3) There is no ORDER BY clause
+*/
+static int multiSelectValues(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The right-most of SELECTs to be coded */
+ SelectDest *pDest /* What to do with query results */
+){
+ Select *pPrior;
+ int nRow = 1;
+ int rc = 0;
+ assert( p->selFlags & SF_MultiValue );
+ do{
+ assert( p->selFlags & SF_Values );
+ assert( p->op==TK_ALL || (p->op==TK_SELECT && p->pPrior==0) );
+ assert( p->pLimit==0 );
+ assert( p->pOffset==0 );
+ assert( p->pNext==0 || p->pEList->nExpr==p->pNext->pEList->nExpr );
+ if( p->pPrior==0 ) break;
+ assert( p->pPrior->pNext==p );
+ p = p->pPrior;
+ nRow++;
+ }while(1);
+ while( p ){
+ pPrior = p->pPrior;
+ p->pPrior = 0;
+ rc = sqlite3Select(pParse, p, pDest);
+ p->pPrior = pPrior;
+ if( rc ) break;
+ p->nSelectRow = nRow;
+ p = p->pNext;
+ }
+ return rc;
+}
+
+/*
+** This routine is called to process a compound query form from
+** two or more separate queries using UNION, UNION ALL, EXCEPT, or
+** INTERSECT
+**
+** "p" points to the right-most of the two queries. the query on the
+** left is p->pPrior. The left query could also be a compound query
+** in which case this routine will be called recursively.
+**
+** The results of the total query are to be written into a destination
+** of type eDest with parameter iParm.
+**
+** Example 1: Consider a three-way compound SQL statement.
+**
+** SELECT a FROM t1 UNION SELECT b FROM t2 UNION SELECT c FROM t3
+**
+** This statement is parsed up as follows:
+**
+** SELECT c FROM t3
+** |
+** `-----> SELECT b FROM t2
+** |
+** `------> SELECT a FROM t1
+**
+** The arrows in the diagram above represent the Select.pPrior pointer.
+** So if this routine is called with p equal to the t3 query, then
+** pPrior will be the t2 query. p->op will be TK_UNION in this case.
+**
+** Notice that because of the way SQLite parses compound SELECTs, the
+** individual selects always group from left to right.
+*/
+static int multiSelect(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The right-most of SELECTs to be coded */
+ SelectDest *pDest /* What to do with query results */
+){
+ int rc = SQLITE_OK; /* Success code from a subroutine */
+ Select *pPrior; /* Another SELECT immediately to our left */
+ Vdbe *v; /* Generate code to this VDBE */
+ SelectDest dest; /* Alternative data destination */
+ Select *pDelete = 0; /* Chain of simple selects to delete */
+ sqlite3 *db; /* Database connection */
+#ifndef SQLITE_OMIT_EXPLAIN
+ int iSub1 = 0; /* EQP id of left-hand query */
+ int iSub2 = 0; /* EQP id of right-hand query */
+#endif
+
+ /* Make sure there is no ORDER BY or LIMIT clause on prior SELECTs. Only
+ ** the last (right-most) SELECT in the series may have an ORDER BY or LIMIT.
+ */
+ assert( p && p->pPrior ); /* Calling function guarantees this much */
+ assert( (p->selFlags & SF_Recursive)==0 || p->op==TK_ALL || p->op==TK_UNION );
+ db = pParse->db;
+ pPrior = p->pPrior;
+ dest = *pDest;
+ if( pPrior->pOrderBy ){
+ sqlite3ErrorMsg(pParse,"ORDER BY clause should come after %s not before",
+ selectOpName(p->op));
+ rc = 1;
+ goto multi_select_end;
+ }
+ if( pPrior->pLimit ){
+ sqlite3ErrorMsg(pParse,"LIMIT clause should come after %s not before",
+ selectOpName(p->op));
+ rc = 1;
+ goto multi_select_end;
+ }
+
+ v = sqlite3GetVdbe(pParse);
+ assert( v!=0 ); /* The VDBE already created by calling function */
+
+ /* Create the destination temporary table if necessary
+ */
+ if( dest.eDest==SRT_EphemTab ){
+ assert( p->pEList );
+ sqlite3VdbeAddOp2(v, OP_OpenEphemeral, dest.iSDParm, p->pEList->nExpr);
+ sqlite3VdbeChangeP5(v, BTREE_UNORDERED);
+ dest.eDest = SRT_Table;
+ }
+
+ /* Special handling for a compound-select that originates as a VALUES clause.
+ */
+ if( p->selFlags & SF_MultiValue ){
+ rc = multiSelectValues(pParse, p, &dest);
+ goto multi_select_end;
+ }
+
+ /* Make sure all SELECTs in the statement have the same number of elements
+ ** in their result sets.
+ */
+ assert( p->pEList && pPrior->pEList );
+ assert( p->pEList->nExpr==pPrior->pEList->nExpr );
+
+#ifndef SQLITE_OMIT_CTE
+ if( p->selFlags & SF_Recursive ){
+ generateWithRecursiveQuery(pParse, p, &dest);
+ }else
+#endif
+
+ /* Compound SELECTs that have an ORDER BY clause are handled separately.
+ */
+ if( p->pOrderBy ){
+ return multiSelectOrderBy(pParse, p, pDest);
+ }else
+
+ /* Generate code for the left and right SELECT statements.
+ */
+ switch( p->op ){
+ case TK_ALL: {
+ int addr = 0;
+ int nLimit;
+ assert( !pPrior->pLimit );
+ pPrior->iLimit = p->iLimit;
+ pPrior->iOffset = p->iOffset;
+ pPrior->pLimit = p->pLimit;
+ pPrior->pOffset = p->pOffset;
+ explainSetInteger(iSub1, pParse->iNextSelectId);
+ rc = sqlite3Select(pParse, pPrior, &dest);
+ p->pLimit = 0;
+ p->pOffset = 0;
+ if( rc ){
+ goto multi_select_end;
+ }
+ p->pPrior = 0;
+ p->iLimit = pPrior->iLimit;
+ p->iOffset = pPrior->iOffset;
+ if( p->iLimit ){
+ addr = sqlite3VdbeAddOp1(v, OP_IfNot, p->iLimit); VdbeCoverage(v);
+ VdbeComment((v, "Jump ahead if LIMIT reached"));
+ if( p->iOffset ){
+ sqlite3VdbeAddOp3(v, OP_SetIfNotPos, p->iOffset, p->iOffset, 0);
+ sqlite3VdbeAddOp3(v, OP_Add, p->iLimit, p->iOffset, p->iOffset+1);
+ sqlite3VdbeAddOp3(v, OP_SetIfNotPos, p->iLimit, p->iOffset+1, -1);
+ }
+ }
+ explainSetInteger(iSub2, pParse->iNextSelectId);
+ rc = sqlite3Select(pParse, p, &dest);
+ testcase( rc!=SQLITE_OK );
+ pDelete = p->pPrior;
+ p->pPrior = pPrior;
+ p->nSelectRow += pPrior->nSelectRow;
+ if( pPrior->pLimit
+ && sqlite3ExprIsInteger(pPrior->pLimit, &nLimit)
+ && nLimit>0 && p->nSelectRow > (u64)nLimit
+ ){
+ p->nSelectRow = nLimit;
+ }
+ if( addr ){
+ sqlite3VdbeJumpHere(v, addr);
+ }
+ break;
+ }
+ case TK_EXCEPT:
+ case TK_UNION: {
+ int unionTab; /* Cursor number of the temporary table holding result */
+ u8 op = 0; /* One of the SRT_ operations to apply to self */
+ int priorOp; /* The SRT_ operation to apply to prior selects */
+ Expr *pLimit, *pOffset; /* Saved values of p->nLimit and p->nOffset */
+ int addr;
+ SelectDest uniondest;
+
+ testcase( p->op==TK_EXCEPT );
+ testcase( p->op==TK_UNION );
+ priorOp = SRT_Union;
+ if( dest.eDest==priorOp ){
+ /* We can reuse a temporary table generated by a SELECT to our
+ ** right.
+ */
+ assert( p->pLimit==0 ); /* Not allowed on leftward elements */
+ assert( p->pOffset==0 ); /* Not allowed on leftward elements */
+ unionTab = dest.iSDParm;
+ }else{
+ /* We will need to create our own temporary table to hold the
+ ** intermediate results.
+ */
+ unionTab = pParse->nTab++;
+ assert( p->pOrderBy==0 );
+ addr = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, unionTab, 0);
+ assert( p->addrOpenEphm[0] == -1 );
+ p->addrOpenEphm[0] = addr;
+ findRightmost(p)->selFlags |= SF_UsesEphemeral;
+ assert( p->pEList );
+ }
+
+ /* Code the SELECT statements to our left
+ */
+ assert( !pPrior->pOrderBy );
+ sqlite3SelectDestInit(&uniondest, priorOp, unionTab);
+ explainSetInteger(iSub1, pParse->iNextSelectId);
+ rc = sqlite3Select(pParse, pPrior, &uniondest);
+ if( rc ){
+ goto multi_select_end;
+ }
+
+ /* Code the current SELECT statement
+ */
+ if( p->op==TK_EXCEPT ){
+ op = SRT_Except;
+ }else{
+ assert( p->op==TK_UNION );
+ op = SRT_Union;
+ }
+ p->pPrior = 0;
+ pLimit = p->pLimit;
+ p->pLimit = 0;
+ pOffset = p->pOffset;
+ p->pOffset = 0;
+ uniondest.eDest = op;
+ explainSetInteger(iSub2, pParse->iNextSelectId);
+ rc = sqlite3Select(pParse, p, &uniondest);
+ testcase( rc!=SQLITE_OK );
+ /* Query flattening in sqlite3Select() might refill p->pOrderBy.
+ ** Be sure to delete p->pOrderBy, therefore, to avoid a memory leak. */
+ sqlite3ExprListDelete(db, p->pOrderBy);
+ pDelete = p->pPrior;
+ p->pPrior = pPrior;
+ p->pOrderBy = 0;
+ if( p->op==TK_UNION ) p->nSelectRow += pPrior->nSelectRow;
+ sqlite3ExprDelete(db, p->pLimit);
+ p->pLimit = pLimit;
+ p->pOffset = pOffset;
+ p->iLimit = 0;
+ p->iOffset = 0;
+
+ /* Convert the data in the temporary table into whatever form
+ ** it is that we currently need.
+ */
+ assert( unionTab==dest.iSDParm || dest.eDest!=priorOp );
+ if( dest.eDest!=priorOp ){
+ int iCont, iBreak, iStart;
+ assert( p->pEList );
+ if( dest.eDest==SRT_Output ){
+ Select *pFirst = p;
+ while( pFirst->pPrior ) pFirst = pFirst->pPrior;
+ generateColumnNames(pParse, pFirst->pSrc, pFirst->pEList);
+ }
+ iBreak = sqlite3VdbeMakeLabel(v);
+ iCont = sqlite3VdbeMakeLabel(v);
+ computeLimitRegisters(pParse, p, iBreak);
+ sqlite3VdbeAddOp2(v, OP_Rewind, unionTab, iBreak); VdbeCoverage(v);
+ iStart = sqlite3VdbeCurrentAddr(v);
+ selectInnerLoop(pParse, p, p->pEList, unionTab,
+ 0, 0, &dest, iCont, iBreak);
+ sqlite3VdbeResolveLabel(v, iCont);
+ sqlite3VdbeAddOp2(v, OP_Next, unionTab, iStart); VdbeCoverage(v);
+ sqlite3VdbeResolveLabel(v, iBreak);
+ sqlite3VdbeAddOp2(v, OP_Close, unionTab, 0);
+ }
+ break;
+ }
+ default: assert( p->op==TK_INTERSECT ); {
+ int tab1, tab2;
+ int iCont, iBreak, iStart;
+ Expr *pLimit, *pOffset;
+ int addr;
+ SelectDest intersectdest;
+ int r1;
+
+ /* INTERSECT is different from the others since it requires
+ ** two temporary tables. Hence it has its own case. Begin
+ ** by allocating the tables we will need.
+ */
+ tab1 = pParse->nTab++;
+ tab2 = pParse->nTab++;
+ assert( p->pOrderBy==0 );
+
+ addr = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, tab1, 0);
+ assert( p->addrOpenEphm[0] == -1 );
+ p->addrOpenEphm[0] = addr;
+ findRightmost(p)->selFlags |= SF_UsesEphemeral;
+ assert( p->pEList );
+
+ /* Code the SELECTs to our left into temporary table "tab1".
+ */
+ sqlite3SelectDestInit(&intersectdest, SRT_Union, tab1);
+ explainSetInteger(iSub1, pParse->iNextSelectId);
+ rc = sqlite3Select(pParse, pPrior, &intersectdest);
+ if( rc ){
+ goto multi_select_end;
+ }
+
+ /* Code the current SELECT into temporary table "tab2"
+ */
+ addr = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, tab2, 0);
+ assert( p->addrOpenEphm[1] == -1 );
+ p->addrOpenEphm[1] = addr;
+ p->pPrior = 0;
+ pLimit = p->pLimit;
+ p->pLimit = 0;
+ pOffset = p->pOffset;
+ p->pOffset = 0;
+ intersectdest.iSDParm = tab2;
+ explainSetInteger(iSub2, pParse->iNextSelectId);
+ rc = sqlite3Select(pParse, p, &intersectdest);
+ testcase( rc!=SQLITE_OK );
+ pDelete = p->pPrior;
+ p->pPrior = pPrior;
+ if( p->nSelectRow>pPrior->nSelectRow ) p->nSelectRow = pPrior->nSelectRow;
+ sqlite3ExprDelete(db, p->pLimit);
+ p->pLimit = pLimit;
+ p->pOffset = pOffset;
+
+ /* Generate code to take the intersection of the two temporary
+ ** tables.
+ */
+ assert( p->pEList );
+ if( dest.eDest==SRT_Output ){
+ Select *pFirst = p;
+ while( pFirst->pPrior ) pFirst = pFirst->pPrior;
+ generateColumnNames(pParse, pFirst->pSrc, pFirst->pEList);
+ }
+ iBreak = sqlite3VdbeMakeLabel(v);
+ iCont = sqlite3VdbeMakeLabel(v);
+ computeLimitRegisters(pParse, p, iBreak);
+ sqlite3VdbeAddOp2(v, OP_Rewind, tab1, iBreak); VdbeCoverage(v);
+ r1 = sqlite3GetTempReg(pParse);
+ iStart = sqlite3VdbeAddOp2(v, OP_RowKey, tab1, r1);
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, tab2, iCont, r1, 0); VdbeCoverage(v);
+ sqlite3ReleaseTempReg(pParse, r1);
+ selectInnerLoop(pParse, p, p->pEList, tab1,
+ 0, 0, &dest, iCont, iBreak);
+ sqlite3VdbeResolveLabel(v, iCont);
+ sqlite3VdbeAddOp2(v, OP_Next, tab1, iStart); VdbeCoverage(v);
+ sqlite3VdbeResolveLabel(v, iBreak);
+ sqlite3VdbeAddOp2(v, OP_Close, tab2, 0);
+ sqlite3VdbeAddOp2(v, OP_Close, tab1, 0);
+ break;
+ }
+ }
+
+ explainComposite(pParse, p->op, iSub1, iSub2, p->op!=TK_ALL);
+
+ /* Compute collating sequences used by
+ ** temporary tables needed to implement the compound select.
+ ** Attach the KeyInfo structure to all temporary tables.
+ **
+ ** This section is run by the right-most SELECT statement only.
+ ** SELECT statements to the left always skip this part. The right-most
+ ** SELECT might also skip this part if it has no ORDER BY clause and
+ ** no temp tables are required.
+ */
+ if( p->selFlags & SF_UsesEphemeral ){
+ int i; /* Loop counter */
+ KeyInfo *pKeyInfo; /* Collating sequence for the result set */
+ Select *pLoop; /* For looping through SELECT statements */
+ CollSeq **apColl; /* For looping through pKeyInfo->aColl[] */
+ int nCol; /* Number of columns in result set */
+
+ assert( p->pNext==0 );
+ nCol = p->pEList->nExpr;
+ pKeyInfo = sqlite3KeyInfoAlloc(db, nCol, 1);
+ if( !pKeyInfo ){
+ rc = SQLITE_NOMEM;
+ goto multi_select_end;
+ }
+ for(i=0, apColl=pKeyInfo->aColl; i<nCol; i++, apColl++){
+ *apColl = multiSelectCollSeq(pParse, p, i);
+ if( 0==*apColl ){
+ *apColl = db->pDfltColl;
+ }
+ }
+
+ for(pLoop=p; pLoop; pLoop=pLoop->pPrior){
+ for(i=0; i<2; i++){
+ int addr = pLoop->addrOpenEphm[i];
+ if( addr<0 ){
+ /* If [0] is unused then [1] is also unused. So we can
+ ** always safely abort as soon as the first unused slot is found */
+ assert( pLoop->addrOpenEphm[1]<0 );
+ break;
+ }
+ sqlite3VdbeChangeP2(v, addr, nCol);
+ sqlite3VdbeChangeP4(v, addr, (char*)sqlite3KeyInfoRef(pKeyInfo),
+ P4_KEYINFO);
+ pLoop->addrOpenEphm[i] = -1;
+ }
+ }
+ sqlite3KeyInfoUnref(pKeyInfo);
+ }
+
+multi_select_end:
+ pDest->iSdst = dest.iSdst;
+ pDest->nSdst = dest.nSdst;
+ sqlite3SelectDelete(db, pDelete);
+ return rc;
+}
+#endif /* SQLITE_OMIT_COMPOUND_SELECT */
+
+/*
+** Error message for when two or more terms of a compound select have different
+** size result sets.
+*/
+SQLITE_PRIVATE void sqlite3SelectWrongNumTermsError(Parse *pParse, Select *p){
+ if( p->selFlags & SF_Values ){
+ sqlite3ErrorMsg(pParse, "all VALUES must have the same number of terms");
+ }else{
+ sqlite3ErrorMsg(pParse, "SELECTs to the left and right of %s"
+ " do not have the same number of result columns", selectOpName(p->op));
+ }
+}
+
+/*
+** Code an output subroutine for a coroutine implementation of a
+** SELECT statment.
+**
+** The data to be output is contained in pIn->iSdst. There are
+** pIn->nSdst columns to be output. pDest is where the output should
+** be sent.
+**
+** regReturn is the number of the register holding the subroutine
+** return address.
+**
+** If regPrev>0 then it is the first register in a vector that
+** records the previous output. mem[regPrev] is a flag that is false
+** if there has been no previous output. If regPrev>0 then code is
+** generated to suppress duplicates. pKeyInfo is used for comparing
+** keys.
+**
+** If the LIMIT found in p->iLimit is reached, jump immediately to
+** iBreak.
+*/
+static int generateOutputSubroutine(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The SELECT statement */
+ SelectDest *pIn, /* Coroutine supplying data */
+ SelectDest *pDest, /* Where to send the data */
+ int regReturn, /* The return address register */
+ int regPrev, /* Previous result register. No uniqueness if 0 */
+ KeyInfo *pKeyInfo, /* For comparing with previous entry */
+ int iBreak /* Jump here if we hit the LIMIT */
+){
+ Vdbe *v = pParse->pVdbe;
+ int iContinue;
+ int addr;
+
+ addr = sqlite3VdbeCurrentAddr(v);
+ iContinue = sqlite3VdbeMakeLabel(v);
+
+ /* Suppress duplicates for UNION, EXCEPT, and INTERSECT
+ */
+ if( regPrev ){
+ int addr1, addr2;
+ addr1 = sqlite3VdbeAddOp1(v, OP_IfNot, regPrev); VdbeCoverage(v);
+ addr2 = sqlite3VdbeAddOp4(v, OP_Compare, pIn->iSdst, regPrev+1, pIn->nSdst,
+ (char*)sqlite3KeyInfoRef(pKeyInfo), P4_KEYINFO);
+ sqlite3VdbeAddOp3(v, OP_Jump, addr2+2, iContinue, addr2+2); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addr1);
+ sqlite3VdbeAddOp3(v, OP_Copy, pIn->iSdst, regPrev+1, pIn->nSdst-1);
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, regPrev);
+ }
+ if( pParse->db->mallocFailed ) return 0;
+
+ /* Suppress the first OFFSET entries if there is an OFFSET clause
+ */
+ codeOffset(v, p->iOffset, iContinue);
+
+ assert( pDest->eDest!=SRT_Exists );
+ assert( pDest->eDest!=SRT_Table );
+ switch( pDest->eDest ){
+ /* Store the result as data using a unique key.
+ */
+ case SRT_EphemTab: {
+ int r1 = sqlite3GetTempReg(pParse);
+ int r2 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, pIn->iSdst, pIn->nSdst, r1);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, pDest->iSDParm, r2);
+ sqlite3VdbeAddOp3(v, OP_Insert, pDest->iSDParm, r1, r2);
+ sqlite3VdbeChangeP5(v, OPFLAG_APPEND);
+ sqlite3ReleaseTempReg(pParse, r2);
+ sqlite3ReleaseTempReg(pParse, r1);
+ break;
+ }
+
+#ifndef SQLITE_OMIT_SUBQUERY
+ /* If we are creating a set for an "expr IN (SELECT ...)" construct,
+ ** then there should be a single item on the stack. Write this
+ ** item into the set table with bogus data.
+ */
+ case SRT_Set: {
+ int r1;
+ assert( pIn->nSdst==1 || pParse->nErr>0 );
+ pDest->affSdst =
+ sqlite3CompareAffinity(p->pEList->a[0].pExpr, pDest->affSdst);
+ r1 = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, pIn->iSdst, 1, r1, &pDest->affSdst,1);
+ sqlite3ExprCacheAffinityChange(pParse, pIn->iSdst, 1);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, pDest->iSDParm, r1);
+ sqlite3ReleaseTempReg(pParse, r1);
+ break;
+ }
+
+ /* If this is a scalar select that is part of an expression, then
+ ** store the results in the appropriate memory cell and break out
+ ** of the scan loop.
+ */
+ case SRT_Mem: {
+ assert( pIn->nSdst==1 || pParse->nErr>0 ); testcase( pIn->nSdst!=1 );
+ sqlite3ExprCodeMove(pParse, pIn->iSdst, pDest->iSDParm, 1);
+ /* The LIMIT clause will jump out of the loop for us */
+ break;
+ }
+#endif /* #ifndef SQLITE_OMIT_SUBQUERY */
+
+ /* The results are stored in a sequence of registers
+ ** starting at pDest->iSdst. Then the co-routine yields.
+ */
+ case SRT_Coroutine: {
+ if( pDest->iSdst==0 ){
+ pDest->iSdst = sqlite3GetTempRange(pParse, pIn->nSdst);
+ pDest->nSdst = pIn->nSdst;
+ }
+ sqlite3ExprCodeMove(pParse, pIn->iSdst, pDest->iSdst, pIn->nSdst);
+ sqlite3VdbeAddOp1(v, OP_Yield, pDest->iSDParm);
+ break;
+ }
+
+ /* If none of the above, then the result destination must be
+ ** SRT_Output. This routine is never called with any other
+ ** destination other than the ones handled above or SRT_Output.
+ **
+ ** For SRT_Output, results are stored in a sequence of registers.
+ ** Then the OP_ResultRow opcode is used to cause sqlite3_step() to
+ ** return the next row of result.
+ */
+ default: {
+ assert( pDest->eDest==SRT_Output );
+ sqlite3VdbeAddOp2(v, OP_ResultRow, pIn->iSdst, pIn->nSdst);
+ sqlite3ExprCacheAffinityChange(pParse, pIn->iSdst, pIn->nSdst);
+ break;
+ }
+ }
+
+ /* Jump to the end of the loop if the LIMIT is reached.
+ */
+ if( p->iLimit ){
+ sqlite3VdbeAddOp2(v, OP_DecrJumpZero, p->iLimit, iBreak); VdbeCoverage(v);
+ }
+
+ /* Generate the subroutine return
+ */
+ sqlite3VdbeResolveLabel(v, iContinue);
+ sqlite3VdbeAddOp1(v, OP_Return, regReturn);
+
+ return addr;
+}
+
+/*
+** Alternative compound select code generator for cases when there
+** is an ORDER BY clause.
+**
+** We assume a query of the following form:
+**
+** <selectA> <operator> <selectB> ORDER BY <orderbylist>
+**
+** <operator> is one of UNION ALL, UNION, EXCEPT, or INTERSECT. The idea
+** is to code both <selectA> and <selectB> with the ORDER BY clause as
+** co-routines. Then run the co-routines in parallel and merge the results
+** into the output. In addition to the two coroutines (called selectA and
+** selectB) there are 7 subroutines:
+**
+** outA: Move the output of the selectA coroutine into the output
+** of the compound query.
+**
+** outB: Move the output of the selectB coroutine into the output
+** of the compound query. (Only generated for UNION and
+** UNION ALL. EXCEPT and INSERTSECT never output a row that
+** appears only in B.)
+**
+** AltB: Called when there is data from both coroutines and A<B.
+**
+** AeqB: Called when there is data from both coroutines and A==B.
+**
+** AgtB: Called when there is data from both coroutines and A>B.
+**
+** EofA: Called when data is exhausted from selectA.
+**
+** EofB: Called when data is exhausted from selectB.
+**
+** The implementation of the latter five subroutines depend on which
+** <operator> is used:
+**
+**
+** UNION ALL UNION EXCEPT INTERSECT
+** ------------- ----------------- -------------- -----------------
+** AltB: outA, nextA outA, nextA outA, nextA nextA
+**
+** AeqB: outA, nextA nextA nextA outA, nextA
+**
+** AgtB: outB, nextB outB, nextB nextB nextB
+**
+** EofA: outB, nextB outB, nextB halt halt
+**
+** EofB: outA, nextA outA, nextA outA, nextA halt
+**
+** In the AltB, AeqB, and AgtB subroutines, an EOF on A following nextA
+** causes an immediate jump to EofA and an EOF on B following nextB causes
+** an immediate jump to EofB. Within EofA and EofB, and EOF on entry or
+** following nextX causes a jump to the end of the select processing.
+**
+** Duplicate removal in the UNION, EXCEPT, and INTERSECT cases is handled
+** within the output subroutine. The regPrev register set holds the previously
+** output value. A comparison is made against this value and the output
+** is skipped if the next results would be the same as the previous.
+**
+** The implementation plan is to implement the two coroutines and seven
+** subroutines first, then put the control logic at the bottom. Like this:
+**
+** goto Init
+** coA: coroutine for left query (A)
+** coB: coroutine for right query (B)
+** outA: output one row of A
+** outB: output one row of B (UNION and UNION ALL only)
+** EofA: ...
+** EofB: ...
+** AltB: ...
+** AeqB: ...
+** AgtB: ...
+** Init: initialize coroutine registers
+** yield coA
+** if eof(A) goto EofA
+** yield coB
+** if eof(B) goto EofB
+** Cmpr: Compare A, B
+** Jump AltB, AeqB, AgtB
+** End: ...
+**
+** We call AltB, AeqB, AgtB, EofA, and EofB "subroutines" but they are not
+** actually called using Gosub and they do not Return. EofA and EofB loop
+** until all data is exhausted then jump to the "end" labe. AltB, AeqB,
+** and AgtB jump to either L2 or to one of EofA or EofB.
+*/
+#ifndef SQLITE_OMIT_COMPOUND_SELECT
+static int multiSelectOrderBy(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The right-most of SELECTs to be coded */
+ SelectDest *pDest /* What to do with query results */
+){
+ int i, j; /* Loop counters */
+ Select *pPrior; /* Another SELECT immediately to our left */
+ Vdbe *v; /* Generate code to this VDBE */
+ SelectDest destA; /* Destination for coroutine A */
+ SelectDest destB; /* Destination for coroutine B */
+ int regAddrA; /* Address register for select-A coroutine */
+ int regAddrB; /* Address register for select-B coroutine */
+ int addrSelectA; /* Address of the select-A coroutine */
+ int addrSelectB; /* Address of the select-B coroutine */
+ int regOutA; /* Address register for the output-A subroutine */
+ int regOutB; /* Address register for the output-B subroutine */
+ int addrOutA; /* Address of the output-A subroutine */
+ int addrOutB = 0; /* Address of the output-B subroutine */
+ int addrEofA; /* Address of the select-A-exhausted subroutine */
+ int addrEofA_noB; /* Alternate addrEofA if B is uninitialized */
+ int addrEofB; /* Address of the select-B-exhausted subroutine */
+ int addrAltB; /* Address of the A<B subroutine */
+ int addrAeqB; /* Address of the A==B subroutine */
+ int addrAgtB; /* Address of the A>B subroutine */
+ int regLimitA; /* Limit register for select-A */
+ int regLimitB; /* Limit register for select-A */
+ int regPrev; /* A range of registers to hold previous output */
+ int savedLimit; /* Saved value of p->iLimit */
+ int savedOffset; /* Saved value of p->iOffset */
+ int labelCmpr; /* Label for the start of the merge algorithm */
+ int labelEnd; /* Label for the end of the overall SELECT stmt */
+ int addr1; /* Jump instructions that get retargetted */
+ int op; /* One of TK_ALL, TK_UNION, TK_EXCEPT, TK_INTERSECT */
+ KeyInfo *pKeyDup = 0; /* Comparison information for duplicate removal */
+ KeyInfo *pKeyMerge; /* Comparison information for merging rows */
+ sqlite3 *db; /* Database connection */
+ ExprList *pOrderBy; /* The ORDER BY clause */
+ int nOrderBy; /* Number of terms in the ORDER BY clause */
+ int *aPermute; /* Mapping from ORDER BY terms to result set columns */
+#ifndef SQLITE_OMIT_EXPLAIN
+ int iSub1; /* EQP id of left-hand query */
+ int iSub2; /* EQP id of right-hand query */
+#endif
+
+ assert( p->pOrderBy!=0 );
+ assert( pKeyDup==0 ); /* "Managed" code needs this. Ticket #3382. */
+ db = pParse->db;
+ v = pParse->pVdbe;
+ assert( v!=0 ); /* Already thrown the error if VDBE alloc failed */
+ labelEnd = sqlite3VdbeMakeLabel(v);
+ labelCmpr = sqlite3VdbeMakeLabel(v);
+
+
+ /* Patch up the ORDER BY clause
+ */
+ op = p->op;
+ pPrior = p->pPrior;
+ assert( pPrior->pOrderBy==0 );
+ pOrderBy = p->pOrderBy;
+ assert( pOrderBy );
+ nOrderBy = pOrderBy->nExpr;
+
+ /* For operators other than UNION ALL we have to make sure that
+ ** the ORDER BY clause covers every term of the result set. Add
+ ** terms to the ORDER BY clause as necessary.
+ */
+ if( op!=TK_ALL ){
+ for(i=1; db->mallocFailed==0 && i<=p->pEList->nExpr; i++){
+ struct ExprList_item *pItem;
+ for(j=0, pItem=pOrderBy->a; j<nOrderBy; j++, pItem++){
+ assert( pItem->u.x.iOrderByCol>0 );
+ if( pItem->u.x.iOrderByCol==i ) break;
+ }
+ if( j==nOrderBy ){
+ Expr *pNew = sqlite3Expr(db, TK_INTEGER, 0);
+ if( pNew==0 ) return SQLITE_NOMEM;
+ pNew->flags |= EP_IntValue;
+ pNew->u.iValue = i;
+ pOrderBy = sqlite3ExprListAppend(pParse, pOrderBy, pNew);
+ if( pOrderBy ) pOrderBy->a[nOrderBy++].u.x.iOrderByCol = (u16)i;
+ }
+ }
+ }
+
+ /* Compute the comparison permutation and keyinfo that is used with
+ ** the permutation used to determine if the next
+ ** row of results comes from selectA or selectB. Also add explicit
+ ** collations to the ORDER BY clause terms so that when the subqueries
+ ** to the right and the left are evaluated, they use the correct
+ ** collation.
+ */
+ aPermute = sqlite3DbMallocRaw(db, sizeof(int)*nOrderBy);
+ if( aPermute ){
+ struct ExprList_item *pItem;
+ for(i=0, pItem=pOrderBy->a; i<nOrderBy; i++, pItem++){
+ assert( pItem->u.x.iOrderByCol>0 );
+ assert( pItem->u.x.iOrderByCol<=p->pEList->nExpr );
+ aPermute[i] = pItem->u.x.iOrderByCol - 1;
+ }
+ pKeyMerge = multiSelectOrderByKeyInfo(pParse, p, 1);
+ }else{
+ pKeyMerge = 0;
+ }
+
+ /* Reattach the ORDER BY clause to the query.
+ */
+ p->pOrderBy = pOrderBy;
+ pPrior->pOrderBy = sqlite3ExprListDup(pParse->db, pOrderBy, 0);
+
+ /* Allocate a range of temporary registers and the KeyInfo needed
+ ** for the logic that removes duplicate result rows when the
+ ** operator is UNION, EXCEPT, or INTERSECT (but not UNION ALL).
+ */
+ if( op==TK_ALL ){
+ regPrev = 0;
+ }else{
+ int nExpr = p->pEList->nExpr;
+ assert( nOrderBy>=nExpr || db->mallocFailed );
+ regPrev = pParse->nMem+1;
+ pParse->nMem += nExpr+1;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, regPrev);
+ pKeyDup = sqlite3KeyInfoAlloc(db, nExpr, 1);
+ if( pKeyDup ){
+ assert( sqlite3KeyInfoIsWriteable(pKeyDup) );
+ for(i=0; i<nExpr; i++){
+ pKeyDup->aColl[i] = multiSelectCollSeq(pParse, p, i);
+ pKeyDup->aSortOrder[i] = 0;
+ }
+ }
+ }
+
+ /* Separate the left and the right query from one another
+ */
+ p->pPrior = 0;
+ pPrior->pNext = 0;
+ sqlite3ResolveOrderGroupBy(pParse, p, p->pOrderBy, "ORDER");
+ if( pPrior->pPrior==0 ){
+ sqlite3ResolveOrderGroupBy(pParse, pPrior, pPrior->pOrderBy, "ORDER");
+ }
+
+ /* Compute the limit registers */
+ computeLimitRegisters(pParse, p, labelEnd);
+ if( p->iLimit && op==TK_ALL ){
+ regLimitA = ++pParse->nMem;
+ regLimitB = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Copy, p->iOffset ? p->iOffset+1 : p->iLimit,
+ regLimitA);
+ sqlite3VdbeAddOp2(v, OP_Copy, regLimitA, regLimitB);
+ }else{
+ regLimitA = regLimitB = 0;
+ }
+ sqlite3ExprDelete(db, p->pLimit);
+ p->pLimit = 0;
+ sqlite3ExprDelete(db, p->pOffset);
+ p->pOffset = 0;
+
+ regAddrA = ++pParse->nMem;
+ regAddrB = ++pParse->nMem;
+ regOutA = ++pParse->nMem;
+ regOutB = ++pParse->nMem;
+ sqlite3SelectDestInit(&destA, SRT_Coroutine, regAddrA);
+ sqlite3SelectDestInit(&destB, SRT_Coroutine, regAddrB);
+
+ /* Generate a coroutine to evaluate the SELECT statement to the
+ ** left of the compound operator - the "A" select.
+ */
+ addrSelectA = sqlite3VdbeCurrentAddr(v) + 1;
+ addr1 = sqlite3VdbeAddOp3(v, OP_InitCoroutine, regAddrA, 0, addrSelectA);
+ VdbeComment((v, "left SELECT"));
+ pPrior->iLimit = regLimitA;
+ explainSetInteger(iSub1, pParse->iNextSelectId);
+ sqlite3Select(pParse, pPrior, &destA);
+ sqlite3VdbeAddOp1(v, OP_EndCoroutine, regAddrA);
+ sqlite3VdbeJumpHere(v, addr1);
+
+ /* Generate a coroutine to evaluate the SELECT statement on
+ ** the right - the "B" select
+ */
+ addrSelectB = sqlite3VdbeCurrentAddr(v) + 1;
+ addr1 = sqlite3VdbeAddOp3(v, OP_InitCoroutine, regAddrB, 0, addrSelectB);
+ VdbeComment((v, "right SELECT"));
+ savedLimit = p->iLimit;
+ savedOffset = p->iOffset;
+ p->iLimit = regLimitB;
+ p->iOffset = 0;
+ explainSetInteger(iSub2, pParse->iNextSelectId);
+ sqlite3Select(pParse, p, &destB);
+ p->iLimit = savedLimit;
+ p->iOffset = savedOffset;
+ sqlite3VdbeAddOp1(v, OP_EndCoroutine, regAddrB);
+
+ /* Generate a subroutine that outputs the current row of the A
+ ** select as the next output row of the compound select.
+ */
+ VdbeNoopComment((v, "Output routine for A"));
+ addrOutA = generateOutputSubroutine(pParse,
+ p, &destA, pDest, regOutA,
+ regPrev, pKeyDup, labelEnd);
+
+ /* Generate a subroutine that outputs the current row of the B
+ ** select as the next output row of the compound select.
+ */
+ if( op==TK_ALL || op==TK_UNION ){
+ VdbeNoopComment((v, "Output routine for B"));
+ addrOutB = generateOutputSubroutine(pParse,
+ p, &destB, pDest, regOutB,
+ regPrev, pKeyDup, labelEnd);
+ }
+ sqlite3KeyInfoUnref(pKeyDup);
+
+ /* Generate a subroutine to run when the results from select A
+ ** are exhausted and only data in select B remains.
+ */
+ if( op==TK_EXCEPT || op==TK_INTERSECT ){
+ addrEofA_noB = addrEofA = labelEnd;
+ }else{
+ VdbeNoopComment((v, "eof-A subroutine"));
+ addrEofA = sqlite3VdbeAddOp2(v, OP_Gosub, regOutB, addrOutB);
+ addrEofA_noB = sqlite3VdbeAddOp2(v, OP_Yield, regAddrB, labelEnd);
+ VdbeCoverage(v);
+ sqlite3VdbeGoto(v, addrEofA);
+ p->nSelectRow += pPrior->nSelectRow;
+ }
+
+ /* Generate a subroutine to run when the results from select B
+ ** are exhausted and only data in select A remains.
+ */
+ if( op==TK_INTERSECT ){
+ addrEofB = addrEofA;
+ if( p->nSelectRow > pPrior->nSelectRow ) p->nSelectRow = pPrior->nSelectRow;
+ }else{
+ VdbeNoopComment((v, "eof-B subroutine"));
+ addrEofB = sqlite3VdbeAddOp2(v, OP_Gosub, regOutA, addrOutA);
+ sqlite3VdbeAddOp2(v, OP_Yield, regAddrA, labelEnd); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, addrEofB);
+ }
+
+ /* Generate code to handle the case of A<B
+ */
+ VdbeNoopComment((v, "A-lt-B subroutine"));
+ addrAltB = sqlite3VdbeAddOp2(v, OP_Gosub, regOutA, addrOutA);
+ sqlite3VdbeAddOp2(v, OP_Yield, regAddrA, addrEofA); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, labelCmpr);
+
+ /* Generate code to handle the case of A==B
+ */
+ if( op==TK_ALL ){
+ addrAeqB = addrAltB;
+ }else if( op==TK_INTERSECT ){
+ addrAeqB = addrAltB;
+ addrAltB++;
+ }else{
+ VdbeNoopComment((v, "A-eq-B subroutine"));
+ addrAeqB =
+ sqlite3VdbeAddOp2(v, OP_Yield, regAddrA, addrEofA); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, labelCmpr);
+ }
+
+ /* Generate code to handle the case of A>B
+ */
+ VdbeNoopComment((v, "A-gt-B subroutine"));
+ addrAgtB = sqlite3VdbeCurrentAddr(v);
+ if( op==TK_ALL || op==TK_UNION ){
+ sqlite3VdbeAddOp2(v, OP_Gosub, regOutB, addrOutB);
+ }
+ sqlite3VdbeAddOp2(v, OP_Yield, regAddrB, addrEofB); VdbeCoverage(v);
+ sqlite3VdbeGoto(v, labelCmpr);
+
+ /* This code runs once to initialize everything.
+ */
+ sqlite3VdbeJumpHere(v, addr1);
+ sqlite3VdbeAddOp2(v, OP_Yield, regAddrA, addrEofA_noB); VdbeCoverage(v);
+ sqlite3VdbeAddOp2(v, OP_Yield, regAddrB, addrEofB); VdbeCoverage(v);
+
+ /* Implement the main merge loop
+ */
+ sqlite3VdbeResolveLabel(v, labelCmpr);
+ sqlite3VdbeAddOp4(v, OP_Permutation, 0, 0, 0, (char*)aPermute, P4_INTARRAY);
+ sqlite3VdbeAddOp4(v, OP_Compare, destA.iSdst, destB.iSdst, nOrderBy,
+ (char*)pKeyMerge, P4_KEYINFO);
+ sqlite3VdbeChangeP5(v, OPFLAG_PERMUTE);
+ sqlite3VdbeAddOp3(v, OP_Jump, addrAltB, addrAeqB, addrAgtB); VdbeCoverage(v);
+
+ /* Jump to the this point in order to terminate the query.
+ */
+ sqlite3VdbeResolveLabel(v, labelEnd);
+
+ /* Set the number of output columns
+ */
+ if( pDest->eDest==SRT_Output ){
+ Select *pFirst = pPrior;
+ while( pFirst->pPrior ) pFirst = pFirst->pPrior;
+ generateColumnNames(pParse, pFirst->pSrc, pFirst->pEList);
+ }
+
+ /* Reassembly the compound query so that it will be freed correctly
+ ** by the calling function */
+ if( p->pPrior ){
+ sqlite3SelectDelete(db, p->pPrior);
+ }
+ p->pPrior = pPrior;
+ pPrior->pNext = p;
+
+ /*** TBD: Insert subroutine calls to close cursors on incomplete
+ **** subqueries ****/
+ explainComposite(pParse, p->op, iSub1, iSub2, 0);
+ return pParse->nErr!=0;
+}
+#endif
+
+#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
+/* Forward Declarations */
+static void substExprList(sqlite3*, ExprList*, int, ExprList*);
+static void substSelect(sqlite3*, Select *, int, ExprList*, int);
+
+/*
+** Scan through the expression pExpr. Replace every reference to
+** a column in table number iTable with a copy of the iColumn-th
+** entry in pEList. (But leave references to the ROWID column
+** unchanged.)
+**
+** This routine is part of the flattening procedure. A subquery
+** whose result set is defined by pEList appears as entry in the
+** FROM clause of a SELECT such that the VDBE cursor assigned to that
+** FORM clause entry is iTable. This routine make the necessary
+** changes to pExpr so that it refers directly to the source table
+** of the subquery rather the result set of the subquery.
+*/
+static Expr *substExpr(
+ sqlite3 *db, /* Report malloc errors to this connection */
+ Expr *pExpr, /* Expr in which substitution occurs */
+ int iTable, /* Table to be substituted */
+ ExprList *pEList /* Substitute expressions */
+){
+ if( pExpr==0 ) return 0;
+ if( pExpr->op==TK_COLUMN && pExpr->iTable==iTable ){
+ if( pExpr->iColumn<0 ){
+ pExpr->op = TK_NULL;
+ }else{
+ Expr *pNew;
+ assert( pEList!=0 && pExpr->iColumn<pEList->nExpr );
+ assert( pExpr->pLeft==0 && pExpr->pRight==0 );
+ pNew = sqlite3ExprDup(db, pEList->a[pExpr->iColumn].pExpr, 0);
+ sqlite3ExprDelete(db, pExpr);
+ pExpr = pNew;
+ }
+ }else{
+ pExpr->pLeft = substExpr(db, pExpr->pLeft, iTable, pEList);
+ pExpr->pRight = substExpr(db, pExpr->pRight, iTable, pEList);
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ substSelect(db, pExpr->x.pSelect, iTable, pEList, 1);
+ }else{
+ substExprList(db, pExpr->x.pList, iTable, pEList);
+ }
+ }
+ return pExpr;
+}
+static void substExprList(
+ sqlite3 *db, /* Report malloc errors here */
+ ExprList *pList, /* List to scan and in which to make substitutes */
+ int iTable, /* Table to be substituted */
+ ExprList *pEList /* Substitute values */
+){
+ int i;
+ if( pList==0 ) return;
+ for(i=0; i<pList->nExpr; i++){
+ pList->a[i].pExpr = substExpr(db, pList->a[i].pExpr, iTable, pEList);
+ }
+}
+static void substSelect(
+ sqlite3 *db, /* Report malloc errors here */
+ Select *p, /* SELECT statement in which to make substitutions */
+ int iTable, /* Table to be replaced */
+ ExprList *pEList, /* Substitute values */
+ int doPrior /* Do substitutes on p->pPrior too */
+){
+ SrcList *pSrc;
+ struct SrcList_item *pItem;
+ int i;
+ if( !p ) return;
+ do{
+ substExprList(db, p->pEList, iTable, pEList);
+ substExprList(db, p->pGroupBy, iTable, pEList);
+ substExprList(db, p->pOrderBy, iTable, pEList);
+ p->pHaving = substExpr(db, p->pHaving, iTable, pEList);
+ p->pWhere = substExpr(db, p->pWhere, iTable, pEList);
+ pSrc = p->pSrc;
+ assert( pSrc!=0 );
+ for(i=pSrc->nSrc, pItem=pSrc->a; i>0; i--, pItem++){
+ substSelect(db, pItem->pSelect, iTable, pEList, 1);
+ if( pItem->fg.isTabFunc ){
+ substExprList(db, pItem->u1.pFuncArg, iTable, pEList);
+ }
+ }
+ }while( doPrior && (p = p->pPrior)!=0 );
+}
+#endif /* !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) */
+
+#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
+/*
+** This routine attempts to flatten subqueries as a performance optimization.
+** This routine returns 1 if it makes changes and 0 if no flattening occurs.
+**
+** To understand the concept of flattening, consider the following
+** query:
+**
+** SELECT a FROM (SELECT x+y AS a FROM t1 WHERE z<100) WHERE a>5
+**
+** The default way of implementing this query is to execute the
+** subquery first and store the results in a temporary table, then
+** run the outer query on that temporary table. This requires two
+** passes over the data. Furthermore, because the temporary table
+** has no indices, the WHERE clause on the outer query cannot be
+** optimized.
+**
+** This routine attempts to rewrite queries such as the above into
+** a single flat select, like this:
+**
+** SELECT x+y AS a FROM t1 WHERE z<100 AND a>5
+**
+** The code generated for this simplification gives the same result
+** but only has to scan the data once. And because indices might
+** exist on the table t1, a complete scan of the data might be
+** avoided.
+**
+** Flattening is only attempted if all of the following are true:
+**
+** (1) The subquery and the outer query do not both use aggregates.
+**
+** (2) The subquery is not an aggregate or (2a) the outer query is not a join
+** and (2b) the outer query does not use subqueries other than the one
+** FROM-clause subquery that is a candidate for flattening. (2b is
+** due to ticket [2f7170d73bf9abf80] from 2015-02-09.)
+**
+** (3) The subquery is not the right operand of a left outer join
+** (Originally ticket #306. Strengthened by ticket #3300)
+**
+** (4) The subquery is not DISTINCT.
+**
+** (**) At one point restrictions (4) and (5) defined a subset of DISTINCT
+** sub-queries that were excluded from this optimization. Restriction
+** (4) has since been expanded to exclude all DISTINCT subqueries.
+**
+** (6) The subquery does not use aggregates or the outer query is not
+** DISTINCT.
+**
+** (7) The subquery has a FROM clause. TODO: For subqueries without
+** A FROM clause, consider adding a FROM close with the special
+** table sqlite_once that consists of a single row containing a
+** single NULL.
+**
+** (8) The subquery does not use LIMIT or the outer query is not a join.
+**
+** (9) The subquery does not use LIMIT or the outer query does not use
+** aggregates.
+**
+** (**) Restriction (10) was removed from the code on 2005-02-05 but we
+** accidently carried the comment forward until 2014-09-15. Original
+** text: "The subquery does not use aggregates or the outer query
+** does not use LIMIT."
+**
+** (11) The subquery and the outer query do not both have ORDER BY clauses.
+**
+** (**) Not implemented. Subsumed into restriction (3). Was previously
+** a separate restriction deriving from ticket #350.
+**
+** (13) The subquery and outer query do not both use LIMIT.
+**
+** (14) The subquery does not use OFFSET.
+**
+** (15) The outer query is not part of a compound select or the
+** subquery does not have a LIMIT clause.
+** (See ticket #2339 and ticket [02a8e81d44]).
+**
+** (16) The outer query is not an aggregate or the subquery does
+** not contain ORDER BY. (Ticket #2942) This used to not matter
+** until we introduced the group_concat() function.
+**
+** (17) The sub-query is not a compound select, or it is a UNION ALL
+** compound clause made up entirely of non-aggregate queries, and
+** the parent query:
+**
+** * is not itself part of a compound select,
+** * is not an aggregate or DISTINCT query, and
+** * is not a join
+**
+** The parent and sub-query may contain WHERE clauses. Subject to
+** rules (11), (13) and (14), they may also contain ORDER BY,
+** LIMIT and OFFSET clauses. The subquery cannot use any compound
+** operator other than UNION ALL because all the other compound
+** operators have an implied DISTINCT which is disallowed by
+** restriction (4).
+**
+** Also, each component of the sub-query must return the same number
+** of result columns. This is actually a requirement for any compound
+** SELECT statement, but all the code here does is make sure that no
+** such (illegal) sub-query is flattened. The caller will detect the
+** syntax error and return a detailed message.
+**
+** (18) If the sub-query is a compound select, then all terms of the
+** ORDER by clause of the parent must be simple references to
+** columns of the sub-query.
+**
+** (19) The subquery does not use LIMIT or the outer query does not
+** have a WHERE clause.
+**
+** (20) If the sub-query is a compound select, then it must not use
+** an ORDER BY clause. Ticket #3773. We could relax this constraint
+** somewhat by saying that the terms of the ORDER BY clause must
+** appear as unmodified result columns in the outer query. But we
+** have other optimizations in mind to deal with that case.
+**
+** (21) The subquery does not use LIMIT or the outer query is not
+** DISTINCT. (See ticket [752e1646fc]).
+**
+** (22) The subquery is not a recursive CTE.
+**
+** (23) The parent is not a recursive CTE, or the sub-query is not a
+** compound query. This restriction is because transforming the
+** parent to a compound query confuses the code that handles
+** recursive queries in multiSelect().
+**
+** (24) The subquery is not an aggregate that uses the built-in min() or
+** or max() functions. (Without this restriction, a query like:
+** "SELECT x FROM (SELECT max(y), x FROM t1)" would not necessarily
+** return the value X for which Y was maximal.)
+**
+**
+** In this routine, the "p" parameter is a pointer to the outer query.
+** The subquery is p->pSrc->a[iFrom]. isAgg is true if the outer query
+** uses aggregates and subqueryIsAgg is true if the subquery uses aggregates.
+**
+** If flattening is not attempted, this routine is a no-op and returns 0.
+** If flattening is attempted this routine returns 1.
+**
+** All of the expression analysis must occur on both the outer query and
+** the subquery before this routine runs.
+*/
+static int flattenSubquery(
+ Parse *pParse, /* Parsing context */
+ Select *p, /* The parent or outer SELECT statement */
+ int iFrom, /* Index in p->pSrc->a[] of the inner subquery */
+ int isAgg, /* True if outer SELECT uses aggregate functions */
+ int subqueryIsAgg /* True if the subquery uses aggregate functions */
+){
+ const char *zSavedAuthContext = pParse->zAuthContext;
+ Select *pParent; /* Current UNION ALL term of the other query */
+ Select *pSub; /* The inner query or "subquery" */
+ Select *pSub1; /* Pointer to the rightmost select in sub-query */
+ SrcList *pSrc; /* The FROM clause of the outer query */
+ SrcList *pSubSrc; /* The FROM clause of the subquery */
+ ExprList *pList; /* The result set of the outer query */
+ int iParent; /* VDBE cursor number of the pSub result set temp table */
+ int i; /* Loop counter */
+ Expr *pWhere; /* The WHERE clause */
+ struct SrcList_item *pSubitem; /* The subquery */
+ sqlite3 *db = pParse->db;
+
+ /* Check to see if flattening is permitted. Return 0 if not.
+ */
+ assert( p!=0 );
+ assert( p->pPrior==0 ); /* Unable to flatten compound queries */
+ if( OptimizationDisabled(db, SQLITE_QueryFlattener) ) return 0;
+ pSrc = p->pSrc;
+ assert( pSrc && iFrom>=0 && iFrom<pSrc->nSrc );
+ pSubitem = &pSrc->a[iFrom];
+ iParent = pSubitem->iCursor;
+ pSub = pSubitem->pSelect;
+ assert( pSub!=0 );
+ if( subqueryIsAgg ){
+ if( isAgg ) return 0; /* Restriction (1) */
+ if( pSrc->nSrc>1 ) return 0; /* Restriction (2a) */
+ if( (p->pWhere && ExprHasProperty(p->pWhere,EP_Subquery))
+ || (sqlite3ExprListFlags(p->pEList) & EP_Subquery)!=0
+ || (sqlite3ExprListFlags(p->pOrderBy) & EP_Subquery)!=0
+ ){
+ return 0; /* Restriction (2b) */
+ }
+ }
+
+ pSubSrc = pSub->pSrc;
+ assert( pSubSrc );
+ /* Prior to version 3.1.2, when LIMIT and OFFSET had to be simple constants,
+ ** not arbitrary expressions, we allowed some combining of LIMIT and OFFSET
+ ** because they could be computed at compile-time. But when LIMIT and OFFSET
+ ** became arbitrary expressions, we were forced to add restrictions (13)
+ ** and (14). */
+ if( pSub->pLimit && p->pLimit ) return 0; /* Restriction (13) */
+ if( pSub->pOffset ) return 0; /* Restriction (14) */
+ if( (p->selFlags & SF_Compound)!=0 && pSub->pLimit ){
+ return 0; /* Restriction (15) */
+ }
+ if( pSubSrc->nSrc==0 ) return 0; /* Restriction (7) */
+ if( pSub->selFlags & SF_Distinct ) return 0; /* Restriction (5) */
+ if( pSub->pLimit && (pSrc->nSrc>1 || isAgg) ){
+ return 0; /* Restrictions (8)(9) */
+ }
+ if( (p->selFlags & SF_Distinct)!=0 && subqueryIsAgg ){
+ return 0; /* Restriction (6) */
+ }
+ if( p->pOrderBy && pSub->pOrderBy ){
+ return 0; /* Restriction (11) */
+ }
+ if( isAgg && pSub->pOrderBy ) return 0; /* Restriction (16) */
+ if( pSub->pLimit && p->pWhere ) return 0; /* Restriction (19) */
+ if( pSub->pLimit && (p->selFlags & SF_Distinct)!=0 ){
+ return 0; /* Restriction (21) */
+ }
+ testcase( pSub->selFlags & SF_Recursive );
+ testcase( pSub->selFlags & SF_MinMaxAgg );
+ if( pSub->selFlags & (SF_Recursive|SF_MinMaxAgg) ){
+ return 0; /* Restrictions (22) and (24) */
+ }
+ if( (p->selFlags & SF_Recursive) && pSub->pPrior ){
+ return 0; /* Restriction (23) */
+ }
+
+ /* OBSOLETE COMMENT 1:
+ ** Restriction 3: If the subquery is a join, make sure the subquery is
+ ** not used as the right operand of an outer join. Examples of why this
+ ** is not allowed:
+ **
+ ** t1 LEFT OUTER JOIN (t2 JOIN t3)
+ **
+ ** If we flatten the above, we would get
+ **
+ ** (t1 LEFT OUTER JOIN t2) JOIN t3
+ **
+ ** which is not at all the same thing.
+ **
+ ** OBSOLETE COMMENT 2:
+ ** Restriction 12: If the subquery is the right operand of a left outer
+ ** join, make sure the subquery has no WHERE clause.
+ ** An examples of why this is not allowed:
+ **
+ ** t1 LEFT OUTER JOIN (SELECT * FROM t2 WHERE t2.x>0)
+ **
+ ** If we flatten the above, we would get
+ **
+ ** (t1 LEFT OUTER JOIN t2) WHERE t2.x>0
+ **
+ ** But the t2.x>0 test will always fail on a NULL row of t2, which
+ ** effectively converts the OUTER JOIN into an INNER JOIN.
+ **
+ ** THIS OVERRIDES OBSOLETE COMMENTS 1 AND 2 ABOVE:
+ ** Ticket #3300 shows that flattening the right term of a LEFT JOIN
+ ** is fraught with danger. Best to avoid the whole thing. If the
+ ** subquery is the right term of a LEFT JOIN, then do not flatten.
+ */
+ if( (pSubitem->fg.jointype & JT_OUTER)!=0 ){
+ return 0;
+ }
+
+ /* Restriction 17: If the sub-query is a compound SELECT, then it must
+ ** use only the UNION ALL operator. And none of the simple select queries
+ ** that make up the compound SELECT are allowed to be aggregate or distinct
+ ** queries.
+ */
+ if( pSub->pPrior ){
+ if( pSub->pOrderBy ){
+ return 0; /* Restriction 20 */
+ }
+ if( isAgg || (p->selFlags & SF_Distinct)!=0 || pSrc->nSrc!=1 ){
+ return 0;
+ }
+ for(pSub1=pSub; pSub1; pSub1=pSub1->pPrior){
+ testcase( (pSub1->selFlags & (SF_Distinct|SF_Aggregate))==SF_Distinct );
+ testcase( (pSub1->selFlags & (SF_Distinct|SF_Aggregate))==SF_Aggregate );
+ assert( pSub->pSrc!=0 );
+ assert( pSub->pEList->nExpr==pSub1->pEList->nExpr );
+ if( (pSub1->selFlags & (SF_Distinct|SF_Aggregate))!=0
+ || (pSub1->pPrior && pSub1->op!=TK_ALL)
+ || pSub1->pSrc->nSrc<1
+ ){
+ return 0;
+ }
+ testcase( pSub1->pSrc->nSrc>1 );
+ }
+
+ /* Restriction 18. */
+ if( p->pOrderBy ){
+ int ii;
+ for(ii=0; ii<p->pOrderBy->nExpr; ii++){
+ if( p->pOrderBy->a[ii].u.x.iOrderByCol==0 ) return 0;
+ }
+ }
+ }
+
+ /***** If we reach this point, flattening is permitted. *****/
+ SELECTTRACE(1,pParse,p,("flatten %s.%p from term %d\n",
+ pSub->zSelName, pSub, iFrom));
+
+ /* Authorize the subquery */
+ pParse->zAuthContext = pSubitem->zName;
+ TESTONLY(i =) sqlite3AuthCheck(pParse, SQLITE_SELECT, 0, 0, 0);
+ testcase( i==SQLITE_DENY );
+ pParse->zAuthContext = zSavedAuthContext;
+
+ /* If the sub-query is a compound SELECT statement, then (by restrictions
+ ** 17 and 18 above) it must be a UNION ALL and the parent query must
+ ** be of the form:
+ **
+ ** SELECT <expr-list> FROM (<sub-query>) <where-clause>
+ **
+ ** followed by any ORDER BY, LIMIT and/or OFFSET clauses. This block
+ ** creates N-1 copies of the parent query without any ORDER BY, LIMIT or
+ ** OFFSET clauses and joins them to the left-hand-side of the original
+ ** using UNION ALL operators. In this case N is the number of simple
+ ** select statements in the compound sub-query.
+ **
+ ** Example:
+ **
+ ** SELECT a+1 FROM (
+ ** SELECT x FROM tab
+ ** UNION ALL
+ ** SELECT y FROM tab
+ ** UNION ALL
+ ** SELECT abs(z*2) FROM tab2
+ ** ) WHERE a!=5 ORDER BY 1
+ **
+ ** Transformed into:
+ **
+ ** SELECT x+1 FROM tab WHERE x+1!=5
+ ** UNION ALL
+ ** SELECT y+1 FROM tab WHERE y+1!=5
+ ** UNION ALL
+ ** SELECT abs(z*2)+1 FROM tab2 WHERE abs(z*2)+1!=5
+ ** ORDER BY 1
+ **
+ ** We call this the "compound-subquery flattening".
+ */
+ for(pSub=pSub->pPrior; pSub; pSub=pSub->pPrior){
+ Select *pNew;
+ ExprList *pOrderBy = p->pOrderBy;
+ Expr *pLimit = p->pLimit;
+ Expr *pOffset = p->pOffset;
+ Select *pPrior = p->pPrior;
+ p->pOrderBy = 0;
+ p->pSrc = 0;
+ p->pPrior = 0;
+ p->pLimit = 0;
+ p->pOffset = 0;
+ pNew = sqlite3SelectDup(db, p, 0);
+ sqlite3SelectSetName(pNew, pSub->zSelName);
+ p->pOffset = pOffset;
+ p->pLimit = pLimit;
+ p->pOrderBy = pOrderBy;
+ p->pSrc = pSrc;
+ p->op = TK_ALL;
+ if( pNew==0 ){
+ p->pPrior = pPrior;
+ }else{
+ pNew->pPrior = pPrior;
+ if( pPrior ) pPrior->pNext = pNew;
+ pNew->pNext = p;
+ p->pPrior = pNew;
+ SELECTTRACE(2,pParse,p,
+ ("compound-subquery flattener creates %s.%p as peer\n",
+ pNew->zSelName, pNew));
+ }
+ if( db->mallocFailed ) return 1;
+ }
+
+ /* Begin flattening the iFrom-th entry of the FROM clause
+ ** in the outer query.
+ */
+ pSub = pSub1 = pSubitem->pSelect;
+
+ /* Delete the transient table structure associated with the
+ ** subquery
+ */
+ sqlite3DbFree(db, pSubitem->zDatabase);
+ sqlite3DbFree(db, pSubitem->zName);
+ sqlite3DbFree(db, pSubitem->zAlias);
+ pSubitem->zDatabase = 0;
+ pSubitem->zName = 0;
+ pSubitem->zAlias = 0;
+ pSubitem->pSelect = 0;
+
+ /* Defer deleting the Table object associated with the
+ ** subquery until code generation is
+ ** complete, since there may still exist Expr.pTab entries that
+ ** refer to the subquery even after flattening. Ticket #3346.
+ **
+ ** pSubitem->pTab is always non-NULL by test restrictions and tests above.
+ */
+ if( ALWAYS(pSubitem->pTab!=0) ){
+ Table *pTabToDel = pSubitem->pTab;
+ if( pTabToDel->nRef==1 ){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ pTabToDel->pNextZombie = pToplevel->pZombieTab;
+ pToplevel->pZombieTab = pTabToDel;
+ }else{
+ pTabToDel->nRef--;
+ }
+ pSubitem->pTab = 0;
+ }
+
+ /* The following loop runs once for each term in a compound-subquery
+ ** flattening (as described above). If we are doing a different kind
+ ** of flattening - a flattening other than a compound-subquery flattening -
+ ** then this loop only runs once.
+ **
+ ** This loop moves all of the FROM elements of the subquery into the
+ ** the FROM clause of the outer query. Before doing this, remember
+ ** the cursor number for the original outer query FROM element in
+ ** iParent. The iParent cursor will never be used. Subsequent code
+ ** will scan expressions looking for iParent references and replace
+ ** those references with expressions that resolve to the subquery FROM
+ ** elements we are now copying in.
+ */
+ for(pParent=p; pParent; pParent=pParent->pPrior, pSub=pSub->pPrior){
+ int nSubSrc;
+ u8 jointype = 0;
+ pSubSrc = pSub->pSrc; /* FROM clause of subquery */
+ nSubSrc = pSubSrc->nSrc; /* Number of terms in subquery FROM clause */
+ pSrc = pParent->pSrc; /* FROM clause of the outer query */
+
+ if( pSrc ){
+ assert( pParent==p ); /* First time through the loop */
+ jointype = pSubitem->fg.jointype;
+ }else{
+ assert( pParent!=p ); /* 2nd and subsequent times through the loop */
+ pSrc = pParent->pSrc = sqlite3SrcListAppend(db, 0, 0, 0);
+ if( pSrc==0 ){
+ assert( db->mallocFailed );
+ break;
+ }
+ }
+
+ /* The subquery uses a single slot of the FROM clause of the outer
+ ** query. If the subquery has more than one element in its FROM clause,
+ ** then expand the outer query to make space for it to hold all elements
+ ** of the subquery.
+ **
+ ** Example:
+ **
+ ** SELECT * FROM tabA, (SELECT * FROM sub1, sub2), tabB;
+ **
+ ** The outer query has 3 slots in its FROM clause. One slot of the
+ ** outer query (the middle slot) is used by the subquery. The next
+ ** block of code will expand the outer query FROM clause to 4 slots.
+ ** The middle slot is expanded to two slots in order to make space
+ ** for the two elements in the FROM clause of the subquery.
+ */
+ if( nSubSrc>1 ){
+ pParent->pSrc = pSrc = sqlite3SrcListEnlarge(db, pSrc, nSubSrc-1,iFrom+1);
+ if( db->mallocFailed ){
+ break;
+ }
+ }
+
+ /* Transfer the FROM clause terms from the subquery into the
+ ** outer query.
+ */
+ for(i=0; i<nSubSrc; i++){
+ sqlite3IdListDelete(db, pSrc->a[i+iFrom].pUsing);
+ assert( pSrc->a[i+iFrom].fg.isTabFunc==0 );
+ pSrc->a[i+iFrom] = pSubSrc->a[i];
+ memset(&pSubSrc->a[i], 0, sizeof(pSubSrc->a[i]));
+ }
+ pSrc->a[iFrom].fg.jointype = jointype;
+
+ /* Now begin substituting subquery result set expressions for
+ ** references to the iParent in the outer query.
+ **
+ ** Example:
+ **
+ ** SELECT a+5, b*10 FROM (SELECT x*3 AS a, y+10 AS b FROM t1) WHERE a>b;
+ ** \ \_____________ subquery __________/ /
+ ** \_____________________ outer query ______________________________/
+ **
+ ** We look at every expression in the outer query and every place we see
+ ** "a" we substitute "x*3" and every place we see "b" we substitute "y+10".
+ */
+ pList = pParent->pEList;
+ for(i=0; i<pList->nExpr; i++){
+ if( pList->a[i].zName==0 ){
+ char *zName = sqlite3DbStrDup(db, pList->a[i].zSpan);
+ sqlite3Dequote(zName);
+ pList->a[i].zName = zName;
+ }
+ }
+ if( pSub->pOrderBy ){
+ /* At this point, any non-zero iOrderByCol values indicate that the
+ ** ORDER BY column expression is identical to the iOrderByCol'th
+ ** expression returned by SELECT statement pSub. Since these values
+ ** do not necessarily correspond to columns in SELECT statement pParent,
+ ** zero them before transfering the ORDER BY clause.
+ **
+ ** Not doing this may cause an error if a subsequent call to this
+ ** function attempts to flatten a compound sub-query into pParent
+ ** (the only way this can happen is if the compound sub-query is
+ ** currently part of pSub->pSrc). See ticket [d11a6e908f]. */
+ ExprList *pOrderBy = pSub->pOrderBy;
+ for(i=0; i<pOrderBy->nExpr; i++){
+ pOrderBy->a[i].u.x.iOrderByCol = 0;
+ }
+ assert( pParent->pOrderBy==0 );
+ assert( pSub->pPrior==0 );
+ pParent->pOrderBy = pOrderBy;
+ pSub->pOrderBy = 0;
+ }
+ pWhere = sqlite3ExprDup(db, pSub->pWhere, 0);
+ if( subqueryIsAgg ){
+ assert( pParent->pHaving==0 );
+ pParent->pHaving = pParent->pWhere;
+ pParent->pWhere = pWhere;
+ pParent->pHaving = sqlite3ExprAnd(db, pParent->pHaving,
+ sqlite3ExprDup(db, pSub->pHaving, 0));
+ assert( pParent->pGroupBy==0 );
+ pParent->pGroupBy = sqlite3ExprListDup(db, pSub->pGroupBy, 0);
+ }else{
+ pParent->pWhere = sqlite3ExprAnd(db, pParent->pWhere, pWhere);
+ }
+ substSelect(db, pParent, iParent, pSub->pEList, 0);
+
+ /* The flattened query is distinct if either the inner or the
+ ** outer query is distinct.
+ */
+ pParent->selFlags |= pSub->selFlags & SF_Distinct;
+
+ /*
+ ** SELECT ... FROM (SELECT ... LIMIT a OFFSET b) LIMIT x OFFSET y;
+ **
+ ** One is tempted to try to add a and b to combine the limits. But this
+ ** does not work if either limit is negative.
+ */
+ if( pSub->pLimit ){
+ pParent->pLimit = pSub->pLimit;
+ pSub->pLimit = 0;
+ }
+ }
+
+ /* Finially, delete what is left of the subquery and return
+ ** success.
+ */
+ sqlite3SelectDelete(db, pSub1);
+
+#if SELECTTRACE_ENABLED
+ if( sqlite3SelectTrace & 0x100 ){
+ SELECTTRACE(0x100,pParse,p,("After flattening:\n"));
+ sqlite3TreeViewSelect(0, p, 0);
+ }
+#endif
+
+ return 1;
+}
+#endif /* !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) */
+
+
+
+#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
+/*
+** Make copies of relevant WHERE clause terms of the outer query into
+** the WHERE clause of subquery. Example:
+**
+** SELECT * FROM (SELECT a AS x, c-d AS y FROM t1) WHERE x=5 AND y=10;
+**
+** Transformed into:
+**
+** SELECT * FROM (SELECT a AS x, c-d AS y FROM t1 WHERE a=5 AND c-d=10)
+** WHERE x=5 AND y=10;
+**
+** The hope is that the terms added to the inner query will make it more
+** efficient.
+**
+** Do not attempt this optimization if:
+**
+** (1) The inner query is an aggregate. (In that case, we'd really want
+** to copy the outer WHERE-clause terms onto the HAVING clause of the
+** inner query. But they probably won't help there so do not bother.)
+**
+** (2) The inner query is the recursive part of a common table expression.
+**
+** (3) The inner query has a LIMIT clause (since the changes to the WHERE
+** close would change the meaning of the LIMIT).
+**
+** (4) The inner query is the right operand of a LEFT JOIN. (The caller
+** enforces this restriction since this routine does not have enough
+** information to know.)
+**
+** (5) The WHERE clause expression originates in the ON or USING clause
+** of a LEFT JOIN.
+**
+** Return 0 if no changes are made and non-zero if one or more WHERE clause
+** terms are duplicated into the subquery.
+*/
+static int pushDownWhereTerms(
+ sqlite3 *db, /* The database connection (for malloc()) */
+ Select *pSubq, /* The subquery whose WHERE clause is to be augmented */
+ Expr *pWhere, /* The WHERE clause of the outer query */
+ int iCursor /* Cursor number of the subquery */
+){
+ Expr *pNew;
+ int nChng = 0;
+ if( pWhere==0 ) return 0;
+ if( (pSubq->selFlags & (SF_Aggregate|SF_Recursive))!=0 ){
+ return 0; /* restrictions (1) and (2) */
+ }
+ if( pSubq->pLimit!=0 ){
+ return 0; /* restriction (3) */
+ }
+ while( pWhere->op==TK_AND ){
+ nChng += pushDownWhereTerms(db, pSubq, pWhere->pRight, iCursor);
+ pWhere = pWhere->pLeft;
+ }
+ if( ExprHasProperty(pWhere,EP_FromJoin) ) return 0; /* restriction 5 */
+ if( sqlite3ExprIsTableConstant(pWhere, iCursor) ){
+ nChng++;
+ while( pSubq ){
+ pNew = sqlite3ExprDup(db, pWhere, 0);
+ pNew = substExpr(db, pNew, iCursor, pSubq->pEList);
+ pSubq->pWhere = sqlite3ExprAnd(db, pSubq->pWhere, pNew);
+ pSubq = pSubq->pPrior;
+ }
+ }
+ return nChng;
+}
+#endif /* !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) */
+
+/*
+** Based on the contents of the AggInfo structure indicated by the first
+** argument, this function checks if the following are true:
+**
+** * the query contains just a single aggregate function,
+** * the aggregate function is either min() or max(), and
+** * the argument to the aggregate function is a column value.
+**
+** If all of the above are true, then WHERE_ORDERBY_MIN or WHERE_ORDERBY_MAX
+** is returned as appropriate. Also, *ppMinMax is set to point to the
+** list of arguments passed to the aggregate before returning.
+**
+** Or, if the conditions above are not met, *ppMinMax is set to 0 and
+** WHERE_ORDERBY_NORMAL is returned.
+*/
+static u8 minMaxQuery(AggInfo *pAggInfo, ExprList **ppMinMax){
+ int eRet = WHERE_ORDERBY_NORMAL; /* Return value */
+
+ *ppMinMax = 0;
+ if( pAggInfo->nFunc==1 ){
+ Expr *pExpr = pAggInfo->aFunc[0].pExpr; /* Aggregate function */
+ ExprList *pEList = pExpr->x.pList; /* Arguments to agg function */
+
+ assert( pExpr->op==TK_AGG_FUNCTION );
+ if( pEList && pEList->nExpr==1 && pEList->a[0].pExpr->op==TK_AGG_COLUMN ){
+ const char *zFunc = pExpr->u.zToken;
+ if( sqlite3StrICmp(zFunc, "min")==0 ){
+ eRet = WHERE_ORDERBY_MIN;
+ *ppMinMax = pEList;
+ }else if( sqlite3StrICmp(zFunc, "max")==0 ){
+ eRet = WHERE_ORDERBY_MAX;
+ *ppMinMax = pEList;
+ }
+ }
+ }
+
+ assert( *ppMinMax==0 || (*ppMinMax)->nExpr==1 );
+ return eRet;
+}
+
+/*
+** The select statement passed as the first argument is an aggregate query.
+** The second argument is the associated aggregate-info object. This
+** function tests if the SELECT is of the form:
+**
+** SELECT count(*) FROM <tbl>
+**
+** where table is a database table, not a sub-select or view. If the query
+** does match this pattern, then a pointer to the Table object representing
+** <tbl> is returned. Otherwise, 0 is returned.
+*/
+static Table *isSimpleCount(Select *p, AggInfo *pAggInfo){
+ Table *pTab;
+ Expr *pExpr;
+
+ assert( !p->pGroupBy );
+
+ if( p->pWhere || p->pEList->nExpr!=1
+ || p->pSrc->nSrc!=1 || p->pSrc->a[0].pSelect
+ ){
+ return 0;
+ }
+ pTab = p->pSrc->a[0].pTab;
+ pExpr = p->pEList->a[0].pExpr;
+ assert( pTab && !pTab->pSelect && pExpr );
+
+ if( IsVirtual(pTab) ) return 0;
+ if( pExpr->op!=TK_AGG_FUNCTION ) return 0;
+ if( NEVER(pAggInfo->nFunc==0) ) return 0;
+ if( (pAggInfo->aFunc[0].pFunc->funcFlags&SQLITE_FUNC_COUNT)==0 ) return 0;
+ if( pExpr->flags&EP_Distinct ) return 0;
+
+ return pTab;
+}
+
+/*
+** If the source-list item passed as an argument was augmented with an
+** INDEXED BY clause, then try to locate the specified index. If there
+** was such a clause and the named index cannot be found, return
+** SQLITE_ERROR and leave an error in pParse. Otherwise, populate
+** pFrom->pIndex and return SQLITE_OK.
+*/
+SQLITE_PRIVATE int sqlite3IndexedByLookup(Parse *pParse, struct SrcList_item *pFrom){
+ if( pFrom->pTab && pFrom->fg.isIndexedBy ){
+ Table *pTab = pFrom->pTab;
+ char *zIndexedBy = pFrom->u1.zIndexedBy;
+ Index *pIdx;
+ for(pIdx=pTab->pIndex;
+ pIdx && sqlite3StrICmp(pIdx->zName, zIndexedBy);
+ pIdx=pIdx->pNext
+ );
+ if( !pIdx ){
+ sqlite3ErrorMsg(pParse, "no such index: %s", zIndexedBy, 0);
+ pParse->checkSchema = 1;
+ return SQLITE_ERROR;
+ }
+ pFrom->pIBIndex = pIdx;
+ }
+ return SQLITE_OK;
+}
+/*
+** Detect compound SELECT statements that use an ORDER BY clause with
+** an alternative collating sequence.
+**
+** SELECT ... FROM t1 EXCEPT SELECT ... FROM t2 ORDER BY .. COLLATE ...
+**
+** These are rewritten as a subquery:
+**
+** SELECT * FROM (SELECT ... FROM t1 EXCEPT SELECT ... FROM t2)
+** ORDER BY ... COLLATE ...
+**
+** This transformation is necessary because the multiSelectOrderBy() routine
+** above that generates the code for a compound SELECT with an ORDER BY clause
+** uses a merge algorithm that requires the same collating sequence on the
+** result columns as on the ORDER BY clause. See ticket
+** http://www.sqlite.org/src/info/6709574d2a
+**
+** This transformation is only needed for EXCEPT, INTERSECT, and UNION.
+** The UNION ALL operator works fine with multiSelectOrderBy() even when
+** there are COLLATE terms in the ORDER BY.
+*/
+static int convertCompoundSelectToSubquery(Walker *pWalker, Select *p){
+ int i;
+ Select *pNew;
+ Select *pX;
+ sqlite3 *db;
+ struct ExprList_item *a;
+ SrcList *pNewSrc;
+ Parse *pParse;
+ Token dummy;
+
+ if( p->pPrior==0 ) return WRC_Continue;
+ if( p->pOrderBy==0 ) return WRC_Continue;
+ for(pX=p; pX && (pX->op==TK_ALL || pX->op==TK_SELECT); pX=pX->pPrior){}
+ if( pX==0 ) return WRC_Continue;
+ a = p->pOrderBy->a;
+ for(i=p->pOrderBy->nExpr-1; i>=0; i--){
+ if( a[i].pExpr->flags & EP_Collate ) break;
+ }
+ if( i<0 ) return WRC_Continue;
+
+ /* If we reach this point, that means the transformation is required. */
+
+ pParse = pWalker->pParse;
+ db = pParse->db;
+ pNew = sqlite3DbMallocZero(db, sizeof(*pNew) );
+ if( pNew==0 ) return WRC_Abort;
+ memset(&dummy, 0, sizeof(dummy));
+ pNewSrc = sqlite3SrcListAppendFromTerm(pParse,0,0,0,&dummy,pNew,0,0);
+ if( pNewSrc==0 ) return WRC_Abort;
+ *pNew = *p;
+ p->pSrc = pNewSrc;
+ p->pEList = sqlite3ExprListAppend(pParse, 0, sqlite3Expr(db, TK_ASTERISK, 0));
+ p->op = TK_SELECT;
+ p->pWhere = 0;
+ pNew->pGroupBy = 0;
+ pNew->pHaving = 0;
+ pNew->pOrderBy = 0;
+ p->pPrior = 0;
+ p->pNext = 0;
+ p->pWith = 0;
+ p->selFlags &= ~SF_Compound;
+ assert( (p->selFlags & SF_Converted)==0 );
+ p->selFlags |= SF_Converted;
+ assert( pNew->pPrior!=0 );
+ pNew->pPrior->pNext = pNew;
+ pNew->pLimit = 0;
+ pNew->pOffset = 0;
+ return WRC_Continue;
+}
+
+/*
+** Check to see if the FROM clause term pFrom has table-valued function
+** arguments. If it does, leave an error message in pParse and return
+** non-zero, since pFrom is not allowed to be a table-valued function.
+*/
+static int cannotBeFunction(Parse *pParse, struct SrcList_item *pFrom){
+ if( pFrom->fg.isTabFunc ){
+ sqlite3ErrorMsg(pParse, "'%s' is not a function", pFrom->zName);
+ return 1;
+ }
+ return 0;
+}
+
+#ifndef SQLITE_OMIT_CTE
+/*
+** Argument pWith (which may be NULL) points to a linked list of nested
+** WITH contexts, from inner to outermost. If the table identified by
+** FROM clause element pItem is really a common-table-expression (CTE)
+** then return a pointer to the CTE definition for that table. Otherwise
+** return NULL.
+**
+** If a non-NULL value is returned, set *ppContext to point to the With
+** object that the returned CTE belongs to.
+*/
+static struct Cte *searchWith(
+ With *pWith, /* Current innermost WITH clause */
+ struct SrcList_item *pItem, /* FROM clause element to resolve */
+ With **ppContext /* OUT: WITH clause return value belongs to */
+){
+ const char *zName;
+ if( pItem->zDatabase==0 && (zName = pItem->zName)!=0 ){
+ With *p;
+ for(p=pWith; p; p=p->pOuter){
+ int i;
+ for(i=0; i<p->nCte; i++){
+ if( sqlite3StrICmp(zName, p->a[i].zName)==0 ){
+ *ppContext = p;
+ return &p->a[i];
+ }
+ }
+ }
+ }
+ return 0;
+}
+
+/* The code generator maintains a stack of active WITH clauses
+** with the inner-most WITH clause being at the top of the stack.
+**
+** This routine pushes the WITH clause passed as the second argument
+** onto the top of the stack. If argument bFree is true, then this
+** WITH clause will never be popped from the stack. In this case it
+** should be freed along with the Parse object. In other cases, when
+** bFree==0, the With object will be freed along with the SELECT
+** statement with which it is associated.
+*/
+SQLITE_PRIVATE void sqlite3WithPush(Parse *pParse, With *pWith, u8 bFree){
+ assert( bFree==0 || (pParse->pWith==0 && pParse->pWithToFree==0) );
+ if( pWith ){
+ assert( pParse->pWith!=pWith );
+ pWith->pOuter = pParse->pWith;
+ pParse->pWith = pWith;
+ if( bFree ) pParse->pWithToFree = pWith;
+ }
+}
+
+/*
+** This function checks if argument pFrom refers to a CTE declared by
+** a WITH clause on the stack currently maintained by the parser. And,
+** if currently processing a CTE expression, if it is a recursive
+** reference to the current CTE.
+**
+** If pFrom falls into either of the two categories above, pFrom->pTab
+** and other fields are populated accordingly. The caller should check
+** (pFrom->pTab!=0) to determine whether or not a successful match
+** was found.
+**
+** Whether or not a match is found, SQLITE_OK is returned if no error
+** occurs. If an error does occur, an error message is stored in the
+** parser and some error code other than SQLITE_OK returned.
+*/
+static int withExpand(
+ Walker *pWalker,
+ struct SrcList_item *pFrom
+){
+ Parse *pParse = pWalker->pParse;
+ sqlite3 *db = pParse->db;
+ struct Cte *pCte; /* Matched CTE (or NULL if no match) */
+ With *pWith; /* WITH clause that pCte belongs to */
+
+ assert( pFrom->pTab==0 );
+
+ pCte = searchWith(pParse->pWith, pFrom, &pWith);
+ if( pCte ){
+ Table *pTab;
+ ExprList *pEList;
+ Select *pSel;
+ Select *pLeft; /* Left-most SELECT statement */
+ int bMayRecursive; /* True if compound joined by UNION [ALL] */
+ With *pSavedWith; /* Initial value of pParse->pWith */
+
+ /* If pCte->zCteErr is non-NULL at this point, then this is an illegal
+ ** recursive reference to CTE pCte. Leave an error in pParse and return
+ ** early. If pCte->zCteErr is NULL, then this is not a recursive reference.
+ ** In this case, proceed. */
+ if( pCte->zCteErr ){
+ sqlite3ErrorMsg(pParse, pCte->zCteErr, pCte->zName);
+ return SQLITE_ERROR;
+ }
+ if( cannotBeFunction(pParse, pFrom) ) return SQLITE_ERROR;
+
+ assert( pFrom->pTab==0 );
+ pFrom->pTab = pTab = sqlite3DbMallocZero(db, sizeof(Table));
+ if( pTab==0 ) return WRC_Abort;
+ pTab->nRef = 1;
+ pTab->zName = sqlite3DbStrDup(db, pCte->zName);
+ pTab->iPKey = -1;
+ pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
+ pTab->tabFlags |= TF_Ephemeral | TF_NoVisibleRowid;
+ pFrom->pSelect = sqlite3SelectDup(db, pCte->pSelect, 0);
+ if( db->mallocFailed ) return SQLITE_NOMEM;
+ assert( pFrom->pSelect );
+
+ /* Check if this is a recursive CTE. */
+ pSel = pFrom->pSelect;
+ bMayRecursive = ( pSel->op==TK_ALL || pSel->op==TK_UNION );
+ if( bMayRecursive ){
+ int i;
+ SrcList *pSrc = pFrom->pSelect->pSrc;
+ for(i=0; i<pSrc->nSrc; i++){
+ struct SrcList_item *pItem = &pSrc->a[i];
+ if( pItem->zDatabase==0
+ && pItem->zName!=0
+ && 0==sqlite3StrICmp(pItem->zName, pCte->zName)
+ ){
+ pItem->pTab = pTab;
+ pItem->fg.isRecursive = 1;
+ pTab->nRef++;
+ pSel->selFlags |= SF_Recursive;
+ }
+ }
+ }
+
+ /* Only one recursive reference is permitted. */
+ if( pTab->nRef>2 ){
+ sqlite3ErrorMsg(
+ pParse, "multiple references to recursive table: %s", pCte->zName
+ );
+ return SQLITE_ERROR;
+ }
+ assert( pTab->nRef==1 || ((pSel->selFlags&SF_Recursive) && pTab->nRef==2 ));
+
+ pCte->zCteErr = "circular reference: %s";
+ pSavedWith = pParse->pWith;
+ pParse->pWith = pWith;
+ sqlite3WalkSelect(pWalker, bMayRecursive ? pSel->pPrior : pSel);
+ pParse->pWith = pWith;
+
+ for(pLeft=pSel; pLeft->pPrior; pLeft=pLeft->pPrior);
+ pEList = pLeft->pEList;
+ if( pCte->pCols ){
+ if( pEList && pEList->nExpr!=pCte->pCols->nExpr ){
+ sqlite3ErrorMsg(pParse, "table %s has %d values for %d columns",
+ pCte->zName, pEList->nExpr, pCte->pCols->nExpr
+ );
+ pParse->pWith = pSavedWith;
+ return SQLITE_ERROR;
+ }
+ pEList = pCte->pCols;
+ }
+
+ sqlite3ColumnsFromExprList(pParse, pEList, &pTab->nCol, &pTab->aCol);
+ if( bMayRecursive ){
+ if( pSel->selFlags & SF_Recursive ){
+ pCte->zCteErr = "multiple recursive references: %s";
+ }else{
+ pCte->zCteErr = "recursive reference in a subquery: %s";
+ }
+ sqlite3WalkSelect(pWalker, pSel);
+ }
+ pCte->zCteErr = 0;
+ pParse->pWith = pSavedWith;
+ }
+
+ return SQLITE_OK;
+}
+#endif
+
+#ifndef SQLITE_OMIT_CTE
+/*
+** If the SELECT passed as the second argument has an associated WITH
+** clause, pop it from the stack stored as part of the Parse object.
+**
+** This function is used as the xSelectCallback2() callback by
+** sqlite3SelectExpand() when walking a SELECT tree to resolve table
+** names and other FROM clause elements.
+*/
+static void selectPopWith(Walker *pWalker, Select *p){
+ Parse *pParse = pWalker->pParse;
+ With *pWith = findRightmost(p)->pWith;
+ if( pWith!=0 ){
+ assert( pParse->pWith==pWith );
+ pParse->pWith = pWith->pOuter;
+ }
+}
+#else
+#define selectPopWith 0
+#endif
+
+/*
+** This routine is a Walker callback for "expanding" a SELECT statement.
+** "Expanding" means to do the following:
+**
+** (1) Make sure VDBE cursor numbers have been assigned to every
+** element of the FROM clause.
+**
+** (2) Fill in the pTabList->a[].pTab fields in the SrcList that
+** defines FROM clause. When views appear in the FROM clause,
+** fill pTabList->a[].pSelect with a copy of the SELECT statement
+** that implements the view. A copy is made of the view's SELECT
+** statement so that we can freely modify or delete that statement
+** without worrying about messing up the persistent representation
+** of the view.
+**
+** (3) Add terms to the WHERE clause to accommodate the NATURAL keyword
+** on joins and the ON and USING clause of joins.
+**
+** (4) Scan the list of columns in the result set (pEList) looking
+** for instances of the "*" operator or the TABLE.* operator.
+** If found, expand each "*" to be every column in every table
+** and TABLE.* to be every column in TABLE.
+**
+*/
+static int selectExpander(Walker *pWalker, Select *p){
+ Parse *pParse = pWalker->pParse;
+ int i, j, k;
+ SrcList *pTabList;
+ ExprList *pEList;
+ struct SrcList_item *pFrom;
+ sqlite3 *db = pParse->db;
+ Expr *pE, *pRight, *pExpr;
+ u16 selFlags = p->selFlags;
+
+ p->selFlags |= SF_Expanded;
+ if( db->mallocFailed ){
+ return WRC_Abort;
+ }
+ if( NEVER(p->pSrc==0) || (selFlags & SF_Expanded)!=0 ){
+ return WRC_Prune;
+ }
+ pTabList = p->pSrc;
+ pEList = p->pEList;
+ if( pWalker->xSelectCallback2==selectPopWith ){
+ sqlite3WithPush(pParse, findRightmost(p)->pWith, 0);
+ }
+
+ /* Make sure cursor numbers have been assigned to all entries in
+ ** the FROM clause of the SELECT statement.
+ */
+ sqlite3SrcListAssignCursors(pParse, pTabList);
+
+ /* Look up every table named in the FROM clause of the select. If
+ ** an entry of the FROM clause is a subquery instead of a table or view,
+ ** then create a transient table structure to describe the subquery.
+ */
+ for(i=0, pFrom=pTabList->a; i<pTabList->nSrc; i++, pFrom++){
+ Table *pTab;
+ assert( pFrom->fg.isRecursive==0 || pFrom->pTab!=0 );
+ if( pFrom->fg.isRecursive ) continue;
+ assert( pFrom->pTab==0 );
+#ifndef SQLITE_OMIT_CTE
+ if( withExpand(pWalker, pFrom) ) return WRC_Abort;
+ if( pFrom->pTab ) {} else
+#endif
+ if( pFrom->zName==0 ){
+#ifndef SQLITE_OMIT_SUBQUERY
+ Select *pSel = pFrom->pSelect;
+ /* A sub-query in the FROM clause of a SELECT */
+ assert( pSel!=0 );
+ assert( pFrom->pTab==0 );
+ if( sqlite3WalkSelect(pWalker, pSel) ) return WRC_Abort;
+ pFrom->pTab = pTab = sqlite3DbMallocZero(db, sizeof(Table));
+ if( pTab==0 ) return WRC_Abort;
+ pTab->nRef = 1;
+ pTab->zName = sqlite3MPrintf(db, "sqlite_sq_%p", (void*)pTab);
+ while( pSel->pPrior ){ pSel = pSel->pPrior; }
+ sqlite3ColumnsFromExprList(pParse, pSel->pEList,&pTab->nCol,&pTab->aCol);
+ pTab->iPKey = -1;
+ pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
+ pTab->tabFlags |= TF_Ephemeral;
+#endif
+ }else{
+ /* An ordinary table or view name in the FROM clause */
+ assert( pFrom->pTab==0 );
+ pFrom->pTab = pTab = sqlite3LocateTableItem(pParse, 0, pFrom);
+ if( pTab==0 ) return WRC_Abort;
+ if( pTab->nRef==0xffff ){
+ sqlite3ErrorMsg(pParse, "too many references to \"%s\": max 65535",
+ pTab->zName);
+ pFrom->pTab = 0;
+ return WRC_Abort;
+ }
+ pTab->nRef++;
+ if( !IsVirtual(pTab) && cannotBeFunction(pParse, pFrom) ){
+ return WRC_Abort;
+ }
+#if !defined(SQLITE_OMIT_VIEW) || !defined (SQLITE_OMIT_VIRTUALTABLE)
+ if( IsVirtual(pTab) || pTab->pSelect ){
+ i16 nCol;
+ if( sqlite3ViewGetColumnNames(pParse, pTab) ) return WRC_Abort;
+ assert( pFrom->pSelect==0 );
+ pFrom->pSelect = sqlite3SelectDup(db, pTab->pSelect, 0);
+ sqlite3SelectSetName(pFrom->pSelect, pTab->zName);
+ nCol = pTab->nCol;
+ pTab->nCol = -1;
+ sqlite3WalkSelect(pWalker, pFrom->pSelect);
+ pTab->nCol = nCol;
+ }
+#endif
+ }
+
+ /* Locate the index named by the INDEXED BY clause, if any. */
+ if( sqlite3IndexedByLookup(pParse, pFrom) ){
+ return WRC_Abort;
+ }
+ }
+
+ /* Process NATURAL keywords, and ON and USING clauses of joins.
+ */
+ if( db->mallocFailed || sqliteProcessJoin(pParse, p) ){
+ return WRC_Abort;
+ }
+
+ /* For every "*" that occurs in the column list, insert the names of
+ ** all columns in all tables. And for every TABLE.* insert the names
+ ** of all columns in TABLE. The parser inserted a special expression
+ ** with the TK_ASTERISK operator for each "*" that it found in the column
+ ** list. The following code just has to locate the TK_ASTERISK
+ ** expressions and expand each one to the list of all columns in
+ ** all tables.
+ **
+ ** The first loop just checks to see if there are any "*" operators
+ ** that need expanding.
+ */
+ for(k=0; k<pEList->nExpr; k++){
+ pE = pEList->a[k].pExpr;
+ if( pE->op==TK_ASTERISK ) break;
+ assert( pE->op!=TK_DOT || pE->pRight!=0 );
+ assert( pE->op!=TK_DOT || (pE->pLeft!=0 && pE->pLeft->op==TK_ID) );
+ if( pE->op==TK_DOT && pE->pRight->op==TK_ASTERISK ) break;
+ }
+ if( k<pEList->nExpr ){
+ /*
+ ** If we get here it means the result set contains one or more "*"
+ ** operators that need to be expanded. Loop through each expression
+ ** in the result set and expand them one by one.
+ */
+ struct ExprList_item *a = pEList->a;
+ ExprList *pNew = 0;
+ int flags = pParse->db->flags;
+ int longNames = (flags & SQLITE_FullColNames)!=0
+ && (flags & SQLITE_ShortColNames)==0;
+
+ for(k=0; k<pEList->nExpr; k++){
+ pE = a[k].pExpr;
+ pRight = pE->pRight;
+ assert( pE->op!=TK_DOT || pRight!=0 );
+ if( pE->op!=TK_ASTERISK
+ && (pE->op!=TK_DOT || pRight->op!=TK_ASTERISK)
+ ){
+ /* This particular expression does not need to be expanded.
+ */
+ pNew = sqlite3ExprListAppend(pParse, pNew, a[k].pExpr);
+ if( pNew ){
+ pNew->a[pNew->nExpr-1].zName = a[k].zName;
+ pNew->a[pNew->nExpr-1].zSpan = a[k].zSpan;
+ a[k].zName = 0;
+ a[k].zSpan = 0;
+ }
+ a[k].pExpr = 0;
+ }else{
+ /* This expression is a "*" or a "TABLE.*" and needs to be
+ ** expanded. */
+ int tableSeen = 0; /* Set to 1 when TABLE matches */
+ char *zTName = 0; /* text of name of TABLE */
+ if( pE->op==TK_DOT ){
+ assert( pE->pLeft!=0 );
+ assert( !ExprHasProperty(pE->pLeft, EP_IntValue) );
+ zTName = pE->pLeft->u.zToken;
+ }
+ for(i=0, pFrom=pTabList->a; i<pTabList->nSrc; i++, pFrom++){
+ Table *pTab = pFrom->pTab;
+ Select *pSub = pFrom->pSelect;
+ char *zTabName = pFrom->zAlias;
+ const char *zSchemaName = 0;
+ int iDb;
+ if( zTabName==0 ){
+ zTabName = pTab->zName;
+ }
+ if( db->mallocFailed ) break;
+ if( pSub==0 || (pSub->selFlags & SF_NestedFrom)==0 ){
+ pSub = 0;
+ if( zTName && sqlite3StrICmp(zTName, zTabName)!=0 ){
+ continue;
+ }
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ zSchemaName = iDb>=0 ? db->aDb[iDb].zName : "*";
+ }
+ for(j=0; j<pTab->nCol; j++){
+ char *zName = pTab->aCol[j].zName;
+ char *zColname; /* The computed column name */
+ char *zToFree; /* Malloced string that needs to be freed */
+ Token sColname; /* Computed column name as a token */
+
+ assert( zName );
+ if( zTName && pSub
+ && sqlite3MatchSpanName(pSub->pEList->a[j].zSpan, 0, zTName, 0)==0
+ ){
+ continue;
+ }
+
+ /* If a column is marked as 'hidden', omit it from the expanded
+ ** result-set list unless the SELECT has the SF_IncludeHidden
+ ** bit set.
+ */
+ if( (p->selFlags & SF_IncludeHidden)==0
+ && IsHiddenColumn(&pTab->aCol[j])
+ ){
+ continue;
+ }
+ tableSeen = 1;
+
+ if( i>0 && zTName==0 ){
+ if( (pFrom->fg.jointype & JT_NATURAL)!=0
+ && tableAndColumnIndex(pTabList, i, zName, 0, 0)
+ ){
+ /* In a NATURAL join, omit the join columns from the
+ ** table to the right of the join */
+ continue;
+ }
+ if( sqlite3IdListIndex(pFrom->pUsing, zName)>=0 ){
+ /* In a join with a USING clause, omit columns in the
+ ** using clause from the table on the right. */
+ continue;
+ }
+ }
+ pRight = sqlite3Expr(db, TK_ID, zName);
+ zColname = zName;
+ zToFree = 0;
+ if( longNames || pTabList->nSrc>1 ){
+ Expr *pLeft;
+ pLeft = sqlite3Expr(db, TK_ID, zTabName);
+ pExpr = sqlite3PExpr(pParse, TK_DOT, pLeft, pRight, 0);
+ if( zSchemaName ){
+ pLeft = sqlite3Expr(db, TK_ID, zSchemaName);
+ pExpr = sqlite3PExpr(pParse, TK_DOT, pLeft, pExpr, 0);
+ }
+ if( longNames ){
+ zColname = sqlite3MPrintf(db, "%s.%s", zTabName, zName);
+ zToFree = zColname;
+ }
+ }else{
+ pExpr = pRight;
+ }
+ pNew = sqlite3ExprListAppend(pParse, pNew, pExpr);
+ sColname.z = zColname;
+ sColname.n = sqlite3Strlen30(zColname);
+ sqlite3ExprListSetName(pParse, pNew, &sColname, 0);
+ if( pNew && (p->selFlags & SF_NestedFrom)!=0 ){
+ struct ExprList_item *pX = &pNew->a[pNew->nExpr-1];
+ if( pSub ){
+ pX->zSpan = sqlite3DbStrDup(db, pSub->pEList->a[j].zSpan);
+ testcase( pX->zSpan==0 );
+ }else{
+ pX->zSpan = sqlite3MPrintf(db, "%s.%s.%s",
+ zSchemaName, zTabName, zColname);
+ testcase( pX->zSpan==0 );
+ }
+ pX->bSpanIsTab = 1;
+ }
+ sqlite3DbFree(db, zToFree);
+ }
+ }
+ if( !tableSeen ){
+ if( zTName ){
+ sqlite3ErrorMsg(pParse, "no such table: %s", zTName);
+ }else{
+ sqlite3ErrorMsg(pParse, "no tables specified");
+ }
+ }
+ }
+ }
+ sqlite3ExprListDelete(db, pEList);
+ p->pEList = pNew;
+ }
+#if SQLITE_MAX_COLUMN
+ if( p->pEList && p->pEList->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){
+ sqlite3ErrorMsg(pParse, "too many columns in result set");
+ return WRC_Abort;
+ }
+#endif
+ return WRC_Continue;
+}
+
+/*
+** No-op routine for the parse-tree walker.
+**
+** When this routine is the Walker.xExprCallback then expression trees
+** are walked without any actions being taken at each node. Presumably,
+** when this routine is used for Walker.xExprCallback then
+** Walker.xSelectCallback is set to do something useful for every
+** subquery in the parser tree.
+*/
+SQLITE_PRIVATE int sqlite3ExprWalkNoop(Walker *NotUsed, Expr *NotUsed2){
+ UNUSED_PARAMETER2(NotUsed, NotUsed2);
+ return WRC_Continue;
+}
+
+/*
+** This routine "expands" a SELECT statement and all of its subqueries.
+** For additional information on what it means to "expand" a SELECT
+** statement, see the comment on the selectExpand worker callback above.
+**
+** Expanding a SELECT statement is the first step in processing a
+** SELECT statement. The SELECT statement must be expanded before
+** name resolution is performed.
+**
+** If anything goes wrong, an error message is written into pParse.
+** The calling function can detect the problem by looking at pParse->nErr
+** and/or pParse->db->mallocFailed.
+*/
+static void sqlite3SelectExpand(Parse *pParse, Select *pSelect){
+ Walker w;
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = sqlite3ExprWalkNoop;
+ w.pParse = pParse;
+ if( pParse->hasCompound ){
+ w.xSelectCallback = convertCompoundSelectToSubquery;
+ sqlite3WalkSelect(&w, pSelect);
+ }
+ w.xSelectCallback = selectExpander;
+ if( (pSelect->selFlags & SF_MultiValue)==0 ){
+ w.xSelectCallback2 = selectPopWith;
+ }
+ sqlite3WalkSelect(&w, pSelect);
+}
+
+
+#ifndef SQLITE_OMIT_SUBQUERY
+/*
+** This is a Walker.xSelectCallback callback for the sqlite3SelectTypeInfo()
+** interface.
+**
+** For each FROM-clause subquery, add Column.zType and Column.zColl
+** information to the Table structure that represents the result set
+** of that subquery.
+**
+** The Table structure that represents the result set was constructed
+** by selectExpander() but the type and collation information was omitted
+** at that point because identifiers had not yet been resolved. This
+** routine is called after identifier resolution.
+*/
+static void selectAddSubqueryTypeInfo(Walker *pWalker, Select *p){
+ Parse *pParse;
+ int i;
+ SrcList *pTabList;
+ struct SrcList_item *pFrom;
+
+ assert( p->selFlags & SF_Resolved );
+ assert( (p->selFlags & SF_HasTypeInfo)==0 );
+ p->selFlags |= SF_HasTypeInfo;
+ pParse = pWalker->pParse;
+ pTabList = p->pSrc;
+ for(i=0, pFrom=pTabList->a; i<pTabList->nSrc; i++, pFrom++){
+ Table *pTab = pFrom->pTab;
+ assert( pTab!=0 );
+ if( (pTab->tabFlags & TF_Ephemeral)!=0 ){
+ /* A sub-query in the FROM clause of a SELECT */
+ Select *pSel = pFrom->pSelect;
+ if( pSel ){
+ while( pSel->pPrior ) pSel = pSel->pPrior;
+ selectAddColumnTypeAndCollation(pParse, pTab, pSel);
+ }
+ }
+ }
+}
+#endif
+
+
+/*
+** This routine adds datatype and collating sequence information to
+** the Table structures of all FROM-clause subqueries in a
+** SELECT statement.
+**
+** Use this routine after name resolution.
+*/
+static void sqlite3SelectAddTypeInfo(Parse *pParse, Select *pSelect){
+#ifndef SQLITE_OMIT_SUBQUERY
+ Walker w;
+ memset(&w, 0, sizeof(w));
+ w.xSelectCallback2 = selectAddSubqueryTypeInfo;
+ w.xExprCallback = sqlite3ExprWalkNoop;
+ w.pParse = pParse;
+ sqlite3WalkSelect(&w, pSelect);
+#endif
+}
+
+
+/*
+** This routine sets up a SELECT statement for processing. The
+** following is accomplished:
+**
+** * VDBE Cursor numbers are assigned to all FROM-clause terms.
+** * Ephemeral Table objects are created for all FROM-clause subqueries.
+** * ON and USING clauses are shifted into WHERE statements
+** * Wildcards "*" and "TABLE.*" in result sets are expanded.
+** * Identifiers in expression are matched to tables.
+**
+** This routine acts recursively on all subqueries within the SELECT.
+*/
+SQLITE_PRIVATE void sqlite3SelectPrep(
+ Parse *pParse, /* The parser context */
+ Select *p, /* The SELECT statement being coded. */
+ NameContext *pOuterNC /* Name context for container */
+){
+ sqlite3 *db;
+ if( NEVER(p==0) ) return;
+ db = pParse->db;
+ if( db->mallocFailed ) return;
+ if( p->selFlags & SF_HasTypeInfo ) return;
+ sqlite3SelectExpand(pParse, p);
+ if( pParse->nErr || db->mallocFailed ) return;
+ sqlite3ResolveSelectNames(pParse, p, pOuterNC);
+ if( pParse->nErr || db->mallocFailed ) return;
+ sqlite3SelectAddTypeInfo(pParse, p);
+}
+
+/*
+** Reset the aggregate accumulator.
+**
+** The aggregate accumulator is a set of memory cells that hold
+** intermediate results while calculating an aggregate. This
+** routine generates code that stores NULLs in all of those memory
+** cells.
+*/
+static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ struct AggInfo_func *pFunc;
+ int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
+ if( nReg==0 ) return;
+#ifdef SQLITE_DEBUG
+ /* Verify that all AggInfo registers are within the range specified by
+ ** AggInfo.mnReg..AggInfo.mxReg */
+ assert( nReg==pAggInfo->mxReg-pAggInfo->mnReg+1 );
+ for(i=0; i<pAggInfo->nColumn; i++){
+ assert( pAggInfo->aCol[i].iMem>=pAggInfo->mnReg
+ && pAggInfo->aCol[i].iMem<=pAggInfo->mxReg );
+ }
+ for(i=0; i<pAggInfo->nFunc; i++){
+ assert( pAggInfo->aFunc[i].iMem>=pAggInfo->mnReg
+ && pAggInfo->aFunc[i].iMem<=pAggInfo->mxReg );
+ }
+#endif
+ sqlite3VdbeAddOp3(v, OP_Null, 0, pAggInfo->mnReg, pAggInfo->mxReg);
+ for(pFunc=pAggInfo->aFunc, i=0; i<pAggInfo->nFunc; i++, pFunc++){
+ if( pFunc->iDistinct>=0 ){
+ Expr *pE = pFunc->pExpr;
+ assert( !ExprHasProperty(pE, EP_xIsSelect) );
+ if( pE->x.pList==0 || pE->x.pList->nExpr!=1 ){
+ sqlite3ErrorMsg(pParse, "DISTINCT aggregates must have exactly one "
+ "argument");
+ pFunc->iDistinct = -1;
+ }else{
+ KeyInfo *pKeyInfo = keyInfoFromExprList(pParse, pE->x.pList, 0, 0);
+ sqlite3VdbeAddOp4(v, OP_OpenEphemeral, pFunc->iDistinct, 0, 0,
+ (char*)pKeyInfo, P4_KEYINFO);
+ }
+ }
+ }
+}
+
+/*
+** Invoke the OP_AggFinalize opcode for every aggregate function
+** in the AggInfo structure.
+*/
+static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ struct AggInfo_func *pF;
+ for(i=0, pF=pAggInfo->aFunc; i<pAggInfo->nFunc; i++, pF++){
+ ExprList *pList = pF->pExpr->x.pList;
+ assert( !ExprHasProperty(pF->pExpr, EP_xIsSelect) );
+ sqlite3VdbeAddOp4(v, OP_AggFinal, pF->iMem, pList ? pList->nExpr : 0, 0,
+ (void*)pF->pFunc, P4_FUNCDEF);
+ }
+}
+
+/*
+** Update the accumulator memory cells for an aggregate based on
+** the current cursor position.
+*/
+static void updateAccumulator(Parse *pParse, AggInfo *pAggInfo){
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ int regHit = 0;
+ int addrHitTest = 0;
+ struct AggInfo_func *pF;
+ struct AggInfo_col *pC;
+
+ pAggInfo->directMode = 1;
+ for(i=0, pF=pAggInfo->aFunc; i<pAggInfo->nFunc; i++, pF++){
+ int nArg;
+ int addrNext = 0;
+ int regAgg;
+ ExprList *pList = pF->pExpr->x.pList;
+ assert( !ExprHasProperty(pF->pExpr, EP_xIsSelect) );
+ if( pList ){
+ nArg = pList->nExpr;
+ regAgg = sqlite3GetTempRange(pParse, nArg);
+ sqlite3ExprCodeExprList(pParse, pList, regAgg, 0, SQLITE_ECEL_DUP);
+ }else{
+ nArg = 0;
+ regAgg = 0;
+ }
+ if( pF->iDistinct>=0 ){
+ addrNext = sqlite3VdbeMakeLabel(v);
+ testcase( nArg==0 ); /* Error condition */
+ testcase( nArg>1 ); /* Also an error */
+ codeDistinct(pParse, pF->iDistinct, addrNext, 1, regAgg);
+ }
+ if( pF->pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL ){
+ CollSeq *pColl = 0;
+ struct ExprList_item *pItem;
+ int j;
+ assert( pList!=0 ); /* pList!=0 if pF->pFunc has NEEDCOLL */
+ for(j=0, pItem=pList->a; !pColl && j<nArg; j++, pItem++){
+ pColl = sqlite3ExprCollSeq(pParse, pItem->pExpr);
+ }
+ if( !pColl ){
+ pColl = pParse->db->pDfltColl;
+ }
+ if( regHit==0 && pAggInfo->nAccumulator ) regHit = ++pParse->nMem;
+ sqlite3VdbeAddOp4(v, OP_CollSeq, regHit, 0, 0, (char *)pColl, P4_COLLSEQ);
+ }
+ sqlite3VdbeAddOp4(v, OP_AggStep0, 0, regAgg, pF->iMem,
+ (void*)pF->pFunc, P4_FUNCDEF);
+ sqlite3VdbeChangeP5(v, (u8)nArg);
+ sqlite3ExprCacheAffinityChange(pParse, regAgg, nArg);
+ sqlite3ReleaseTempRange(pParse, regAgg, nArg);
+ if( addrNext ){
+ sqlite3VdbeResolveLabel(v, addrNext);
+ sqlite3ExprCacheClear(pParse);
+ }
+ }
+
+ /* Before populating the accumulator registers, clear the column cache.
+ ** Otherwise, if any of the required column values are already present
+ ** in registers, sqlite3ExprCode() may use OP_SCopy to copy the value
+ ** to pC->iMem. But by the time the value is used, the original register
+ ** may have been used, invalidating the underlying buffer holding the
+ ** text or blob value. See ticket [883034dcb5].
+ **
+ ** Another solution would be to change the OP_SCopy used to copy cached
+ ** values to an OP_Copy.
+ */
+ if( regHit ){
+ addrHitTest = sqlite3VdbeAddOp1(v, OP_If, regHit); VdbeCoverage(v);
+ }
+ sqlite3ExprCacheClear(pParse);
+ for(i=0, pC=pAggInfo->aCol; i<pAggInfo->nAccumulator; i++, pC++){
+ sqlite3ExprCode(pParse, pC->pExpr, pC->iMem);
+ }
+ pAggInfo->directMode = 0;
+ sqlite3ExprCacheClear(pParse);
+ if( addrHitTest ){
+ sqlite3VdbeJumpHere(v, addrHitTest);
+ }
+}
+
+/*
+** Add a single OP_Explain instruction to the VDBE to explain a simple
+** count(*) query ("SELECT count(*) FROM pTab").
+*/
+#ifndef SQLITE_OMIT_EXPLAIN
+static void explainSimpleCount(
+ Parse *pParse, /* Parse context */
+ Table *pTab, /* Table being queried */
+ Index *pIdx /* Index used to optimize scan, or NULL */
+){
+ if( pParse->explain==2 ){
+ int bCover = (pIdx!=0 && (HasRowid(pTab) || !IsPrimaryKeyIndex(pIdx)));
+ char *zEqp = sqlite3MPrintf(pParse->db, "SCAN TABLE %s%s%s",
+ pTab->zName,
+ bCover ? " USING COVERING INDEX " : "",
+ bCover ? pIdx->zName : ""
+ );
+ sqlite3VdbeAddOp4(
+ pParse->pVdbe, OP_Explain, pParse->iSelectId, 0, 0, zEqp, P4_DYNAMIC
+ );
+ }
+}
+#else
+# define explainSimpleCount(a,b,c)
+#endif
+
+/*
+** Generate code for the SELECT statement given in the p argument.
+**
+** The results are returned according to the SelectDest structure.
+** See comments in sqliteInt.h for further information.
+**
+** This routine returns the number of errors. If any errors are
+** encountered, then an appropriate error message is left in
+** pParse->zErrMsg.
+**
+** This routine does NOT free the Select structure passed in. The
+** calling function needs to do that.
+*/
+SQLITE_PRIVATE int sqlite3Select(
+ Parse *pParse, /* The parser context */
+ Select *p, /* The SELECT statement being coded. */
+ SelectDest *pDest /* What to do with the query results */
+){
+ int i, j; /* Loop counters */
+ WhereInfo *pWInfo; /* Return from sqlite3WhereBegin() */
+ Vdbe *v; /* The virtual machine under construction */
+ int isAgg; /* True for select lists like "count(*)" */
+ ExprList *pEList = 0; /* List of columns to extract. */
+ SrcList *pTabList; /* List of tables to select from */
+ Expr *pWhere; /* The WHERE clause. May be NULL */
+ ExprList *pGroupBy; /* The GROUP BY clause. May be NULL */
+ Expr *pHaving; /* The HAVING clause. May be NULL */
+ int rc = 1; /* Value to return from this function */
+ DistinctCtx sDistinct; /* Info on how to code the DISTINCT keyword */
+ SortCtx sSort; /* Info on how to code the ORDER BY clause */
+ AggInfo sAggInfo; /* Information used by aggregate queries */
+ int iEnd; /* Address of the end of the query */
+ sqlite3 *db; /* The database connection */
+
+#ifndef SQLITE_OMIT_EXPLAIN
+ int iRestoreSelectId = pParse->iSelectId;
+ pParse->iSelectId = pParse->iNextSelectId++;
+#endif
+
+ db = pParse->db;
+ if( p==0 || db->mallocFailed || pParse->nErr ){
+ return 1;
+ }
+ if( sqlite3AuthCheck(pParse, SQLITE_SELECT, 0, 0, 0) ) return 1;
+ memset(&sAggInfo, 0, sizeof(sAggInfo));
+#if SELECTTRACE_ENABLED
+ pParse->nSelectIndent++;
+ SELECTTRACE(1,pParse,p, ("begin processing:\n"));
+ if( sqlite3SelectTrace & 0x100 ){
+ sqlite3TreeViewSelect(0, p, 0);
+ }
+#endif
+
+ assert( p->pOrderBy==0 || pDest->eDest!=SRT_DistFifo );
+ assert( p->pOrderBy==0 || pDest->eDest!=SRT_Fifo );
+ assert( p->pOrderBy==0 || pDest->eDest!=SRT_DistQueue );
+ assert( p->pOrderBy==0 || pDest->eDest!=SRT_Queue );
+ if( IgnorableOrderby(pDest) ){
+ assert(pDest->eDest==SRT_Exists || pDest->eDest==SRT_Union ||
+ pDest->eDest==SRT_Except || pDest->eDest==SRT_Discard ||
+ pDest->eDest==SRT_Queue || pDest->eDest==SRT_DistFifo ||
+ pDest->eDest==SRT_DistQueue || pDest->eDest==SRT_Fifo);
+ /* If ORDER BY makes no difference in the output then neither does
+ ** DISTINCT so it can be removed too. */
+ sqlite3ExprListDelete(db, p->pOrderBy);
+ p->pOrderBy = 0;
+ p->selFlags &= ~SF_Distinct;
+ }
+ sqlite3SelectPrep(pParse, p, 0);
+ memset(&sSort, 0, sizeof(sSort));
+ sSort.pOrderBy = p->pOrderBy;
+ pTabList = p->pSrc;
+ if( pParse->nErr || db->mallocFailed ){
+ goto select_end;
+ }
+ assert( p->pEList!=0 );
+ isAgg = (p->selFlags & SF_Aggregate)!=0;
+#if SELECTTRACE_ENABLED
+ if( sqlite3SelectTrace & 0x100 ){
+ SELECTTRACE(0x100,pParse,p, ("after name resolution:\n"));
+ sqlite3TreeViewSelect(0, p, 0);
+ }
+#endif
+
+
+ /* If writing to memory or generating a set
+ ** only a single column may be output.
+ */
+#ifndef SQLITE_OMIT_SUBQUERY
+ if( checkForMultiColumnSelectError(pParse, pDest, p->pEList->nExpr) ){
+ goto select_end;
+ }
+#endif
+
+ /* Try to flatten subqueries in the FROM clause up into the main query
+ */
+#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
+ for(i=0; !p->pPrior && i<pTabList->nSrc; i++){
+ struct SrcList_item *pItem = &pTabList->a[i];
+ Select *pSub = pItem->pSelect;
+ int isAggSub;
+ Table *pTab = pItem->pTab;
+ if( pSub==0 ) continue;
+
+ /* Catch mismatch in the declared columns of a view and the number of
+ ** columns in the SELECT on the RHS */
+ if( pTab->nCol!=pSub->pEList->nExpr ){
+ sqlite3ErrorMsg(pParse, "expected %d columns for '%s' but got %d",
+ pTab->nCol, pTab->zName, pSub->pEList->nExpr);
+ goto select_end;
+ }
+
+ isAggSub = (pSub->selFlags & SF_Aggregate)!=0;
+ if( flattenSubquery(pParse, p, i, isAgg, isAggSub) ){
+ /* This subquery can be absorbed into its parent. */
+ if( isAggSub ){
+ isAgg = 1;
+ p->selFlags |= SF_Aggregate;
+ }
+ i = -1;
+ }
+ pTabList = p->pSrc;
+ if( db->mallocFailed ) goto select_end;
+ if( !IgnorableOrderby(pDest) ){
+ sSort.pOrderBy = p->pOrderBy;
+ }
+ }
+#endif
+
+ /* Get a pointer the VDBE under construction, allocating a new VDBE if one
+ ** does not already exist */
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ) goto select_end;
+
+#ifndef SQLITE_OMIT_COMPOUND_SELECT
+ /* Handle compound SELECT statements using the separate multiSelect()
+ ** procedure.
+ */
+ if( p->pPrior ){
+ rc = multiSelect(pParse, p, pDest);
+ explainSetInteger(pParse->iSelectId, iRestoreSelectId);
+#if SELECTTRACE_ENABLED
+ SELECTTRACE(1,pParse,p,("end compound-select processing\n"));
+ pParse->nSelectIndent--;
+#endif
+ return rc;
+ }
+#endif
+
+ /* Generate code for all sub-queries in the FROM clause
+ */
+#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
+ for(i=0; i<pTabList->nSrc; i++){
+ struct SrcList_item *pItem = &pTabList->a[i];
+ SelectDest dest;
+ Select *pSub = pItem->pSelect;
+ if( pSub==0 ) continue;
+
+ /* Sometimes the code for a subquery will be generated more than
+ ** once, if the subquery is part of the WHERE clause in a LEFT JOIN,
+ ** for example. In that case, do not regenerate the code to manifest
+ ** a view or the co-routine to implement a view. The first instance
+ ** is sufficient, though the subroutine to manifest the view does need
+ ** to be invoked again. */
+ if( pItem->addrFillSub ){
+ if( pItem->fg.viaCoroutine==0 ){
+ sqlite3VdbeAddOp2(v, OP_Gosub, pItem->regReturn, pItem->addrFillSub);
+ }
+ continue;
+ }
+
+ /* Increment Parse.nHeight by the height of the largest expression
+ ** tree referred to by this, the parent select. The child select
+ ** may contain expression trees of at most
+ ** (SQLITE_MAX_EXPR_DEPTH-Parse.nHeight) height. This is a bit
+ ** more conservative than necessary, but much easier than enforcing
+ ** an exact limit.
+ */
+ pParse->nHeight += sqlite3SelectExprHeight(p);
+
+ /* Make copies of constant WHERE-clause terms in the outer query down
+ ** inside the subquery. This can help the subquery to run more efficiently.
+ */
+ if( (pItem->fg.jointype & JT_OUTER)==0
+ && pushDownWhereTerms(db, pSub, p->pWhere, pItem->iCursor)
+ ){
+#if SELECTTRACE_ENABLED
+ if( sqlite3SelectTrace & 0x100 ){
+ SELECTTRACE(0x100,pParse,p,("After WHERE-clause push-down:\n"));
+ sqlite3TreeViewSelect(0, p, 0);
+ }
+#endif
+ }
+
+ /* Generate code to implement the subquery
+ */
+ if( pTabList->nSrc==1
+ && (p->selFlags & SF_All)==0
+ && OptimizationEnabled(db, SQLITE_SubqCoroutine)
+ ){
+ /* Implement a co-routine that will return a single row of the result
+ ** set on each invocation.
+ */
+ int addrTop = sqlite3VdbeCurrentAddr(v)+1;
+ pItem->regReturn = ++pParse->nMem;
+ sqlite3VdbeAddOp3(v, OP_InitCoroutine, pItem->regReturn, 0, addrTop);
+ VdbeComment((v, "%s", pItem->pTab->zName));
+ pItem->addrFillSub = addrTop;
+ sqlite3SelectDestInit(&dest, SRT_Coroutine, pItem->regReturn);
+ explainSetInteger(pItem->iSelectId, (u8)pParse->iNextSelectId);
+ sqlite3Select(pParse, pSub, &dest);
+ pItem->pTab->nRowLogEst = sqlite3LogEst(pSub->nSelectRow);
+ pItem->fg.viaCoroutine = 1;
+ pItem->regResult = dest.iSdst;
+ sqlite3VdbeAddOp1(v, OP_EndCoroutine, pItem->regReturn);
+ sqlite3VdbeJumpHere(v, addrTop-1);
+ sqlite3ClearTempRegCache(pParse);
+ }else{
+ /* Generate a subroutine that will fill an ephemeral table with
+ ** the content of this subquery. pItem->addrFillSub will point
+ ** to the address of the generated subroutine. pItem->regReturn
+ ** is a register allocated to hold the subroutine return address
+ */
+ int topAddr;
+ int onceAddr = 0;
+ int retAddr;
+ assert( pItem->addrFillSub==0 );
+ pItem->regReturn = ++pParse->nMem;
+ topAddr = sqlite3VdbeAddOp2(v, OP_Integer, 0, pItem->regReturn);
+ pItem->addrFillSub = topAddr+1;
+ if( pItem->fg.isCorrelated==0 ){
+ /* If the subquery is not correlated and if we are not inside of
+ ** a trigger, then we only need to compute the value of the subquery
+ ** once. */
+ onceAddr = sqlite3CodeOnce(pParse); VdbeCoverage(v);
+ VdbeComment((v, "materialize \"%s\"", pItem->pTab->zName));
+ }else{
+ VdbeNoopComment((v, "materialize \"%s\"", pItem->pTab->zName));
+ }
+ sqlite3SelectDestInit(&dest, SRT_EphemTab, pItem->iCursor);
+ explainSetInteger(pItem->iSelectId, (u8)pParse->iNextSelectId);
+ sqlite3Select(pParse, pSub, &dest);
+ pItem->pTab->nRowLogEst = sqlite3LogEst(pSub->nSelectRow);
+ if( onceAddr ) sqlite3VdbeJumpHere(v, onceAddr);
+ retAddr = sqlite3VdbeAddOp1(v, OP_Return, pItem->regReturn);
+ VdbeComment((v, "end %s", pItem->pTab->zName));
+ sqlite3VdbeChangeP1(v, topAddr, retAddr);
+ sqlite3ClearTempRegCache(pParse);
+ }
+ if( db->mallocFailed ) goto select_end;
+ pParse->nHeight -= sqlite3SelectExprHeight(p);
+ }
+#endif
+
+ /* Various elements of the SELECT copied into local variables for
+ ** convenience */
+ pEList = p->pEList;
+ pWhere = p->pWhere;
+ pGroupBy = p->pGroupBy;
+ pHaving = p->pHaving;
+ sDistinct.isTnct = (p->selFlags & SF_Distinct)!=0;
+
+#if SELECTTRACE_ENABLED
+ if( sqlite3SelectTrace & 0x400 ){
+ SELECTTRACE(0x400,pParse,p,("After all FROM-clause analysis:\n"));
+ sqlite3TreeViewSelect(0, p, 0);
+ }
+#endif
+
+ /* If the query is DISTINCT with an ORDER BY but is not an aggregate, and
+ ** if the select-list is the same as the ORDER BY list, then this query
+ ** can be rewritten as a GROUP BY. In other words, this:
+ **
+ ** SELECT DISTINCT xyz FROM ... ORDER BY xyz
+ **
+ ** is transformed to:
+ **
+ ** SELECT xyz FROM ... GROUP BY xyz ORDER BY xyz
+ **
+ ** The second form is preferred as a single index (or temp-table) may be
+ ** used for both the ORDER BY and DISTINCT processing. As originally
+ ** written the query must use a temp-table for at least one of the ORDER
+ ** BY and DISTINCT, and an index or separate temp-table for the other.
+ */
+ if( (p->selFlags & (SF_Distinct|SF_Aggregate))==SF_Distinct
+ && sqlite3ExprListCompare(sSort.pOrderBy, pEList, -1)==0
+ ){
+ p->selFlags &= ~SF_Distinct;
+ pGroupBy = p->pGroupBy = sqlite3ExprListDup(db, pEList, 0);
+ /* Notice that even thought SF_Distinct has been cleared from p->selFlags,
+ ** the sDistinct.isTnct is still set. Hence, isTnct represents the
+ ** original setting of the SF_Distinct flag, not the current setting */
+ assert( sDistinct.isTnct );
+ }
+
+ /* If there is an ORDER BY clause, then create an ephemeral index to
+ ** do the sorting. But this sorting ephemeral index might end up
+ ** being unused if the data can be extracted in pre-sorted order.
+ ** If that is the case, then the OP_OpenEphemeral instruction will be
+ ** changed to an OP_Noop once we figure out that the sorting index is
+ ** not needed. The sSort.addrSortIndex variable is used to facilitate
+ ** that change.
+ */
+ if( sSort.pOrderBy ){
+ KeyInfo *pKeyInfo;
+ pKeyInfo = keyInfoFromExprList(pParse, sSort.pOrderBy, 0, pEList->nExpr);
+ sSort.iECursor = pParse->nTab++;
+ sSort.addrSortIndex =
+ sqlite3VdbeAddOp4(v, OP_OpenEphemeral,
+ sSort.iECursor, sSort.pOrderBy->nExpr+1+pEList->nExpr, 0,
+ (char*)pKeyInfo, P4_KEYINFO
+ );
+ }else{
+ sSort.addrSortIndex = -1;
+ }
+
+ /* If the output is destined for a temporary table, open that table.
+ */
+ if( pDest->eDest==SRT_EphemTab ){
+ sqlite3VdbeAddOp2(v, OP_OpenEphemeral, pDest->iSDParm, pEList->nExpr);
+ }
+
+ /* Set the limiter.
+ */
+ iEnd = sqlite3VdbeMakeLabel(v);
+ p->nSelectRow = LARGEST_INT64;
+ computeLimitRegisters(pParse, p, iEnd);
+ if( p->iLimit==0 && sSort.addrSortIndex>=0 ){
+ sqlite3VdbeChangeOpcode(v, sSort.addrSortIndex, OP_SorterOpen);
+ sSort.sortFlags |= SORTFLAG_UseSorter;
+ }
+
+ /* Open an ephemeral index to use for the distinct set.
+ */
+ if( p->selFlags & SF_Distinct ){
+ sDistinct.tabTnct = pParse->nTab++;
+ sDistinct.addrTnct = sqlite3VdbeAddOp4(v, OP_OpenEphemeral,
+ sDistinct.tabTnct, 0, 0,
+ (char*)keyInfoFromExprList(pParse, p->pEList,0,0),
+ P4_KEYINFO);
+ sqlite3VdbeChangeP5(v, BTREE_UNORDERED);
+ sDistinct.eTnctType = WHERE_DISTINCT_UNORDERED;
+ }else{
+ sDistinct.eTnctType = WHERE_DISTINCT_NOOP;
+ }
+
+ if( !isAgg && pGroupBy==0 ){
+ /* No aggregate functions and no GROUP BY clause */
+ u16 wctrlFlags = (sDistinct.isTnct ? WHERE_WANT_DISTINCT : 0);
+
+ /* Begin the database scan. */
+ pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, sSort.pOrderBy,
+ p->pEList, wctrlFlags, 0);
+ if( pWInfo==0 ) goto select_end;
+ if( sqlite3WhereOutputRowCount(pWInfo) < p->nSelectRow ){
+ p->nSelectRow = sqlite3WhereOutputRowCount(pWInfo);
+ }
+ if( sDistinct.isTnct && sqlite3WhereIsDistinct(pWInfo) ){
+ sDistinct.eTnctType = sqlite3WhereIsDistinct(pWInfo);
+ }
+ if( sSort.pOrderBy ){
+ sSort.nOBSat = sqlite3WhereIsOrdered(pWInfo);
+ if( sSort.nOBSat==sSort.pOrderBy->nExpr ){
+ sSort.pOrderBy = 0;
+ }
+ }
+
+ /* If sorting index that was created by a prior OP_OpenEphemeral
+ ** instruction ended up not being needed, then change the OP_OpenEphemeral
+ ** into an OP_Noop.
+ */
+ if( sSort.addrSortIndex>=0 && sSort.pOrderBy==0 ){
+ sqlite3VdbeChangeToNoop(v, sSort.addrSortIndex);
+ }
+
+ /* Use the standard inner loop. */
+ selectInnerLoop(pParse, p, pEList, -1, &sSort, &sDistinct, pDest,
+ sqlite3WhereContinueLabel(pWInfo),
+ sqlite3WhereBreakLabel(pWInfo));
+
+ /* End the database scan loop.
+ */
+ sqlite3WhereEnd(pWInfo);
+ }else{
+ /* This case when there exist aggregate functions or a GROUP BY clause
+ ** or both */
+ NameContext sNC; /* Name context for processing aggregate information */
+ int iAMem; /* First Mem address for storing current GROUP BY */
+ int iBMem; /* First Mem address for previous GROUP BY */
+ int iUseFlag; /* Mem address holding flag indicating that at least
+ ** one row of the input to the aggregator has been
+ ** processed */
+ int iAbortFlag; /* Mem address which causes query abort if positive */
+ int groupBySort; /* Rows come from source in GROUP BY order */
+ int addrEnd; /* End of processing for this SELECT */
+ int sortPTab = 0; /* Pseudotable used to decode sorting results */
+ int sortOut = 0; /* Output register from the sorter */
+ int orderByGrp = 0; /* True if the GROUP BY and ORDER BY are the same */
+
+ /* Remove any and all aliases between the result set and the
+ ** GROUP BY clause.
+ */
+ if( pGroupBy ){
+ int k; /* Loop counter */
+ struct ExprList_item *pItem; /* For looping over expression in a list */
+
+ for(k=p->pEList->nExpr, pItem=p->pEList->a; k>0; k--, pItem++){
+ pItem->u.x.iAlias = 0;
+ }
+ for(k=pGroupBy->nExpr, pItem=pGroupBy->a; k>0; k--, pItem++){
+ pItem->u.x.iAlias = 0;
+ }
+ if( p->nSelectRow>100 ) p->nSelectRow = 100;
+ }else{
+ p->nSelectRow = 1;
+ }
+
+ /* If there is both a GROUP BY and an ORDER BY clause and they are
+ ** identical, then it may be possible to disable the ORDER BY clause
+ ** on the grounds that the GROUP BY will cause elements to come out
+ ** in the correct order. It also may not - the GROUP BY might use a
+ ** database index that causes rows to be grouped together as required
+ ** but not actually sorted. Either way, record the fact that the
+ ** ORDER BY and GROUP BY clauses are the same by setting the orderByGrp
+ ** variable. */
+ if( sqlite3ExprListCompare(pGroupBy, sSort.pOrderBy, -1)==0 ){
+ orderByGrp = 1;
+ }
+
+ /* Create a label to jump to when we want to abort the query */
+ addrEnd = sqlite3VdbeMakeLabel(v);
+
+ /* Convert TK_COLUMN nodes into TK_AGG_COLUMN and make entries in
+ ** sAggInfo for all TK_AGG_FUNCTION nodes in expressions of the
+ ** SELECT statement.
+ */
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pParse = pParse;
+ sNC.pSrcList = pTabList;
+ sNC.pAggInfo = &sAggInfo;
+ sAggInfo.mnReg = pParse->nMem+1;
+ sAggInfo.nSortingColumn = pGroupBy ? pGroupBy->nExpr : 0;
+ sAggInfo.pGroupBy = pGroupBy;
+ sqlite3ExprAnalyzeAggList(&sNC, pEList);
+ sqlite3ExprAnalyzeAggList(&sNC, sSort.pOrderBy);
+ if( pHaving ){
+ sqlite3ExprAnalyzeAggregates(&sNC, pHaving);
+ }
+ sAggInfo.nAccumulator = sAggInfo.nColumn;
+ for(i=0; i<sAggInfo.nFunc; i++){
+ assert( !ExprHasProperty(sAggInfo.aFunc[i].pExpr, EP_xIsSelect) );
+ sNC.ncFlags |= NC_InAggFunc;
+ sqlite3ExprAnalyzeAggList(&sNC, sAggInfo.aFunc[i].pExpr->x.pList);
+ sNC.ncFlags &= ~NC_InAggFunc;
+ }
+ sAggInfo.mxReg = pParse->nMem;
+ if( db->mallocFailed ) goto select_end;
+
+ /* Processing for aggregates with GROUP BY is very different and
+ ** much more complex than aggregates without a GROUP BY.
+ */
+ if( pGroupBy ){
+ KeyInfo *pKeyInfo; /* Keying information for the group by clause */
+ int addr1; /* A-vs-B comparision jump */
+ int addrOutputRow; /* Start of subroutine that outputs a result row */
+ int regOutputRow; /* Return address register for output subroutine */
+ int addrSetAbort; /* Set the abort flag and return */
+ int addrTopOfLoop; /* Top of the input loop */
+ int addrSortingIdx; /* The OP_OpenEphemeral for the sorting index */
+ int addrReset; /* Subroutine for resetting the accumulator */
+ int regReset; /* Return address register for reset subroutine */
+
+ /* If there is a GROUP BY clause we might need a sorting index to
+ ** implement it. Allocate that sorting index now. If it turns out
+ ** that we do not need it after all, the OP_SorterOpen instruction
+ ** will be converted into a Noop.
+ */
+ sAggInfo.sortingIdx = pParse->nTab++;
+ pKeyInfo = keyInfoFromExprList(pParse, pGroupBy, 0, sAggInfo.nColumn);
+ addrSortingIdx = sqlite3VdbeAddOp4(v, OP_SorterOpen,
+ sAggInfo.sortingIdx, sAggInfo.nSortingColumn,
+ 0, (char*)pKeyInfo, P4_KEYINFO);
+
+ /* Initialize memory locations used by GROUP BY aggregate processing
+ */
+ iUseFlag = ++pParse->nMem;
+ iAbortFlag = ++pParse->nMem;
+ regOutputRow = ++pParse->nMem;
+ addrOutputRow = sqlite3VdbeMakeLabel(v);
+ regReset = ++pParse->nMem;
+ addrReset = sqlite3VdbeMakeLabel(v);
+ iAMem = pParse->nMem + 1;
+ pParse->nMem += pGroupBy->nExpr;
+ iBMem = pParse->nMem + 1;
+ pParse->nMem += pGroupBy->nExpr;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, iAbortFlag);
+ VdbeComment((v, "clear abort flag"));
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, iUseFlag);
+ VdbeComment((v, "indicate accumulator empty"));
+ sqlite3VdbeAddOp3(v, OP_Null, 0, iAMem, iAMem+pGroupBy->nExpr-1);
+
+ /* Begin a loop that will extract all source rows in GROUP BY order.
+ ** This might involve two separate loops with an OP_Sort in between, or
+ ** it might be a single loop that uses an index to extract information
+ ** in the right order to begin with.
+ */
+ sqlite3VdbeAddOp2(v, OP_Gosub, regReset, addrReset);
+ pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, pGroupBy, 0,
+ WHERE_GROUPBY | (orderByGrp ? WHERE_SORTBYGROUP : 0), 0
+ );
+ if( pWInfo==0 ) goto select_end;
+ if( sqlite3WhereIsOrdered(pWInfo)==pGroupBy->nExpr ){
+ /* The optimizer is able to deliver rows in group by order so
+ ** we do not have to sort. The OP_OpenEphemeral table will be
+ ** cancelled later because we still need to use the pKeyInfo
+ */
+ groupBySort = 0;
+ }else{
+ /* Rows are coming out in undetermined order. We have to push
+ ** each row into a sorting index, terminate the first loop,
+ ** then loop over the sorting index in order to get the output
+ ** in sorted order
+ */
+ int regBase;
+ int regRecord;
+ int nCol;
+ int nGroupBy;
+
+ explainTempTable(pParse,
+ (sDistinct.isTnct && (p->selFlags&SF_Distinct)==0) ?
+ "DISTINCT" : "GROUP BY");
+
+ groupBySort = 1;
+ nGroupBy = pGroupBy->nExpr;
+ nCol = nGroupBy;
+ j = nGroupBy;
+ for(i=0; i<sAggInfo.nColumn; i++){
+ if( sAggInfo.aCol[i].iSorterColumn>=j ){
+ nCol++;
+ j++;
+ }
+ }
+ regBase = sqlite3GetTempRange(pParse, nCol);
+ sqlite3ExprCacheClear(pParse);
+ sqlite3ExprCodeExprList(pParse, pGroupBy, regBase, 0, 0);
+ j = nGroupBy;
+ for(i=0; i<sAggInfo.nColumn; i++){
+ struct AggInfo_col *pCol = &sAggInfo.aCol[i];
+ if( pCol->iSorterColumn>=j ){
+ int r1 = j + regBase;
+ sqlite3ExprCodeGetColumnToReg(pParse,
+ pCol->pTab, pCol->iColumn, pCol->iTable, r1);
+ j++;
+ }
+ }
+ regRecord = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regRecord);
+ sqlite3VdbeAddOp2(v, OP_SorterInsert, sAggInfo.sortingIdx, regRecord);
+ sqlite3ReleaseTempReg(pParse, regRecord);
+ sqlite3ReleaseTempRange(pParse, regBase, nCol);
+ sqlite3WhereEnd(pWInfo);
+ sAggInfo.sortingIdxPTab = sortPTab = pParse->nTab++;
+ sortOut = sqlite3GetTempReg(pParse);
+ sqlite3VdbeAddOp3(v, OP_OpenPseudo, sortPTab, sortOut, nCol);
+ sqlite3VdbeAddOp2(v, OP_SorterSort, sAggInfo.sortingIdx, addrEnd);
+ VdbeComment((v, "GROUP BY sort")); VdbeCoverage(v);
+ sAggInfo.useSortingIdx = 1;
+ sqlite3ExprCacheClear(pParse);
+
+ }
+
+ /* If the index or temporary table used by the GROUP BY sort
+ ** will naturally deliver rows in the order required by the ORDER BY
+ ** clause, cancel the ephemeral table open coded earlier.
+ **
+ ** This is an optimization - the correct answer should result regardless.
+ ** Use the SQLITE_GroupByOrder flag with SQLITE_TESTCTRL_OPTIMIZER to
+ ** disable this optimization for testing purposes. */
+ if( orderByGrp && OptimizationEnabled(db, SQLITE_GroupByOrder)
+ && (groupBySort || sqlite3WhereIsSorted(pWInfo))
+ ){
+ sSort.pOrderBy = 0;
+ sqlite3VdbeChangeToNoop(v, sSort.addrSortIndex);
+ }
+
+ /* Evaluate the current GROUP BY terms and store in b0, b1, b2...
+ ** (b0 is memory location iBMem+0, b1 is iBMem+1, and so forth)
+ ** Then compare the current GROUP BY terms against the GROUP BY terms
+ ** from the previous row currently stored in a0, a1, a2...
+ */
+ addrTopOfLoop = sqlite3VdbeCurrentAddr(v);
+ sqlite3ExprCacheClear(pParse);
+ if( groupBySort ){
+ sqlite3VdbeAddOp3(v, OP_SorterData, sAggInfo.sortingIdx,
+ sortOut, sortPTab);
+ }
+ for(j=0; j<pGroupBy->nExpr; j++){
+ if( groupBySort ){
+ sqlite3VdbeAddOp3(v, OP_Column, sortPTab, j, iBMem+j);
+ }else{
+ sAggInfo.directMode = 1;
+ sqlite3ExprCode(pParse, pGroupBy->a[j].pExpr, iBMem+j);
+ }
+ }
+ sqlite3VdbeAddOp4(v, OP_Compare, iAMem, iBMem, pGroupBy->nExpr,
+ (char*)sqlite3KeyInfoRef(pKeyInfo), P4_KEYINFO);
+ addr1 = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp3(v, OP_Jump, addr1+1, 0, addr1+1); VdbeCoverage(v);
+
+ /* Generate code that runs whenever the GROUP BY changes.
+ ** Changes in the GROUP BY are detected by the previous code
+ ** block. If there were no changes, this block is skipped.
+ **
+ ** This code copies current group by terms in b0,b1,b2,...
+ ** over to a0,a1,a2. It then calls the output subroutine
+ ** and resets the aggregate accumulator registers in preparation
+ ** for the next GROUP BY batch.
+ */
+ sqlite3ExprCodeMove(pParse, iBMem, iAMem, pGroupBy->nExpr);
+ sqlite3VdbeAddOp2(v, OP_Gosub, regOutputRow, addrOutputRow);
+ VdbeComment((v, "output one row"));
+ sqlite3VdbeAddOp2(v, OP_IfPos, iAbortFlag, addrEnd); VdbeCoverage(v);
+ VdbeComment((v, "check abort flag"));
+ sqlite3VdbeAddOp2(v, OP_Gosub, regReset, addrReset);
+ VdbeComment((v, "reset accumulator"));
+
+ /* Update the aggregate accumulators based on the content of
+ ** the current row
+ */
+ sqlite3VdbeJumpHere(v, addr1);
+ updateAccumulator(pParse, &sAggInfo);
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, iUseFlag);
+ VdbeComment((v, "indicate data in accumulator"));
+
+ /* End of the loop
+ */
+ if( groupBySort ){
+ sqlite3VdbeAddOp2(v, OP_SorterNext, sAggInfo.sortingIdx, addrTopOfLoop);
+ VdbeCoverage(v);
+ }else{
+ sqlite3WhereEnd(pWInfo);
+ sqlite3VdbeChangeToNoop(v, addrSortingIdx);
+ }
+
+ /* Output the final row of result
+ */
+ sqlite3VdbeAddOp2(v, OP_Gosub, regOutputRow, addrOutputRow);
+ VdbeComment((v, "output final row"));
+
+ /* Jump over the subroutines
+ */
+ sqlite3VdbeGoto(v, addrEnd);
+
+ /* Generate a subroutine that outputs a single row of the result
+ ** set. This subroutine first looks at the iUseFlag. If iUseFlag
+ ** is less than or equal to zero, the subroutine is a no-op. If
+ ** the processing calls for the query to abort, this subroutine
+ ** increments the iAbortFlag memory location before returning in
+ ** order to signal the caller to abort.
+ */
+ addrSetAbort = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, iAbortFlag);
+ VdbeComment((v, "set abort flag"));
+ sqlite3VdbeAddOp1(v, OP_Return, regOutputRow);
+ sqlite3VdbeResolveLabel(v, addrOutputRow);
+ addrOutputRow = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp2(v, OP_IfPos, iUseFlag, addrOutputRow+2);
+ VdbeCoverage(v);
+ VdbeComment((v, "Groupby result generator entry point"));
+ sqlite3VdbeAddOp1(v, OP_Return, regOutputRow);
+ finalizeAggFunctions(pParse, &sAggInfo);
+ sqlite3ExprIfFalse(pParse, pHaving, addrOutputRow+1, SQLITE_JUMPIFNULL);
+ selectInnerLoop(pParse, p, p->pEList, -1, &sSort,
+ &sDistinct, pDest,
+ addrOutputRow+1, addrSetAbort);
+ sqlite3VdbeAddOp1(v, OP_Return, regOutputRow);
+ VdbeComment((v, "end groupby result generator"));
+
+ /* Generate a subroutine that will reset the group-by accumulator
+ */
+ sqlite3VdbeResolveLabel(v, addrReset);
+ resetAccumulator(pParse, &sAggInfo);
+ sqlite3VdbeAddOp1(v, OP_Return, regReset);
+
+ } /* endif pGroupBy. Begin aggregate queries without GROUP BY: */
+ else {
+ ExprList *pDel = 0;
+#ifndef SQLITE_OMIT_BTREECOUNT
+ Table *pTab;
+ if( (pTab = isSimpleCount(p, &sAggInfo))!=0 ){
+ /* If isSimpleCount() returns a pointer to a Table structure, then
+ ** the SQL statement is of the form:
+ **
+ ** SELECT count(*) FROM <tbl>
+ **
+ ** where the Table structure returned represents table <tbl>.
+ **
+ ** This statement is so common that it is optimized specially. The
+ ** OP_Count instruction is executed either on the intkey table that
+ ** contains the data for table <tbl> or on one of its indexes. It
+ ** is better to execute the op on an index, as indexes are almost
+ ** always spread across less pages than their corresponding tables.
+ */
+ const int iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+ const int iCsr = pParse->nTab++; /* Cursor to scan b-tree */
+ Index *pIdx; /* Iterator variable */
+ KeyInfo *pKeyInfo = 0; /* Keyinfo for scanned index */
+ Index *pBest = 0; /* Best index found so far */
+ int iRoot = pTab->tnum; /* Root page of scanned b-tree */
+
+ sqlite3CodeVerifySchema(pParse, iDb);
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 0, pTab->zName);
+
+ /* Search for the index that has the lowest scan cost.
+ **
+ ** (2011-04-15) Do not do a full scan of an unordered index.
+ **
+ ** (2013-10-03) Do not count the entries in a partial index.
+ **
+ ** In practice the KeyInfo structure will not be used. It is only
+ ** passed to keep OP_OpenRead happy.
+ */
+ if( !HasRowid(pTab) ) pBest = sqlite3PrimaryKeyIndex(pTab);
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ if( pIdx->bUnordered==0
+ && pIdx->szIdxRow<pTab->szTabRow
+ && pIdx->pPartIdxWhere==0
+ && (!pBest || pIdx->szIdxRow<pBest->szIdxRow)
+ ){
+ pBest = pIdx;
+ }
+ }
+ if( pBest ){
+ iRoot = pBest->tnum;
+ pKeyInfo = sqlite3KeyInfoOfIndex(pParse, pBest);
+ }
+
+ /* Open a read-only cursor, execute the OP_Count, close the cursor. */
+ sqlite3VdbeAddOp4Int(v, OP_OpenRead, iCsr, iRoot, iDb, 1);
+ if( pKeyInfo ){
+ sqlite3VdbeChangeP4(v, -1, (char *)pKeyInfo, P4_KEYINFO);
+ }
+ sqlite3VdbeAddOp2(v, OP_Count, iCsr, sAggInfo.aFunc[0].iMem);
+ sqlite3VdbeAddOp1(v, OP_Close, iCsr);
+ explainSimpleCount(pParse, pTab, pBest);
+ }else
+#endif /* SQLITE_OMIT_BTREECOUNT */
+ {
+ /* Check if the query is of one of the following forms:
+ **
+ ** SELECT min(x) FROM ...
+ ** SELECT max(x) FROM ...
+ **
+ ** If it is, then ask the code in where.c to attempt to sort results
+ ** as if there was an "ORDER ON x" or "ORDER ON x DESC" clause.
+ ** If where.c is able to produce results sorted in this order, then
+ ** add vdbe code to break out of the processing loop after the
+ ** first iteration (since the first iteration of the loop is
+ ** guaranteed to operate on the row with the minimum or maximum
+ ** value of x, the only row required).
+ **
+ ** A special flag must be passed to sqlite3WhereBegin() to slightly
+ ** modify behavior as follows:
+ **
+ ** + If the query is a "SELECT min(x)", then the loop coded by
+ ** where.c should not iterate over any values with a NULL value
+ ** for x.
+ **
+ ** + The optimizer code in where.c (the thing that decides which
+ ** index or indices to use) should place a different priority on
+ ** satisfying the 'ORDER BY' clause than it does in other cases.
+ ** Refer to code and comments in where.c for details.
+ */
+ ExprList *pMinMax = 0;
+ u8 flag = WHERE_ORDERBY_NORMAL;
+
+ assert( p->pGroupBy==0 );
+ assert( flag==0 );
+ if( p->pHaving==0 ){
+ flag = minMaxQuery(&sAggInfo, &pMinMax);
+ }
+ assert( flag==0 || (pMinMax!=0 && pMinMax->nExpr==1) );
+
+ if( flag ){
+ pMinMax = sqlite3ExprListDup(db, pMinMax, 0);
+ pDel = pMinMax;
+ if( pMinMax && !db->mallocFailed ){
+ pMinMax->a[0].sortOrder = flag!=WHERE_ORDERBY_MIN ?1:0;
+ pMinMax->a[0].pExpr->op = TK_COLUMN;
+ }
+ }
+
+ /* This case runs if the aggregate has no GROUP BY clause. The
+ ** processing is much simpler since there is only a single row
+ ** of output.
+ */
+ resetAccumulator(pParse, &sAggInfo);
+ pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, pMinMax,0,flag,0);
+ if( pWInfo==0 ){
+ sqlite3ExprListDelete(db, pDel);
+ goto select_end;
+ }
+ updateAccumulator(pParse, &sAggInfo);
+ assert( pMinMax==0 || pMinMax->nExpr==1 );
+ if( sqlite3WhereIsOrdered(pWInfo)>0 ){
+ sqlite3VdbeGoto(v, sqlite3WhereBreakLabel(pWInfo));
+ VdbeComment((v, "%s() by index",
+ (flag==WHERE_ORDERBY_MIN?"min":"max")));
+ }
+ sqlite3WhereEnd(pWInfo);
+ finalizeAggFunctions(pParse, &sAggInfo);
+ }
+
+ sSort.pOrderBy = 0;
+ sqlite3ExprIfFalse(pParse, pHaving, addrEnd, SQLITE_JUMPIFNULL);
+ selectInnerLoop(pParse, p, p->pEList, -1, 0, 0,
+ pDest, addrEnd, addrEnd);
+ sqlite3ExprListDelete(db, pDel);
+ }
+ sqlite3VdbeResolveLabel(v, addrEnd);
+
+ } /* endif aggregate query */
+
+ if( sDistinct.eTnctType==WHERE_DISTINCT_UNORDERED ){
+ explainTempTable(pParse, "DISTINCT");
+ }
+
+ /* If there is an ORDER BY clause, then we need to sort the results
+ ** and send them to the callback one by one.
+ */
+ if( sSort.pOrderBy ){
+ explainTempTable(pParse,
+ sSort.nOBSat>0 ? "RIGHT PART OF ORDER BY":"ORDER BY");
+ generateSortTail(pParse, p, &sSort, pEList->nExpr, pDest);
+ }
+
+ /* Jump here to skip this query
+ */
+ sqlite3VdbeResolveLabel(v, iEnd);
+
+ /* The SELECT has been coded. If there is an error in the Parse structure,
+ ** set the return code to 1. Otherwise 0. */
+ rc = (pParse->nErr>0);
+
+ /* Control jumps to here if an error is encountered above, or upon
+ ** successful coding of the SELECT.
+ */
+select_end:
+ explainSetInteger(pParse->iSelectId, iRestoreSelectId);
+
+ /* Identify column names if results of the SELECT are to be output.
+ */
+ if( rc==SQLITE_OK && pDest->eDest==SRT_Output ){
+ generateColumnNames(pParse, pTabList, pEList);
+ }
+
+ sqlite3DbFree(db, sAggInfo.aCol);
+ sqlite3DbFree(db, sAggInfo.aFunc);
+#if SELECTTRACE_ENABLED
+ SELECTTRACE(1,pParse,p,("end processing\n"));
+ pParse->nSelectIndent--;
+#endif
+ return rc;
+}
+
+/************** End of select.c **********************************************/
+/************** Begin file table.c *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the sqlite3_get_table() and sqlite3_free_table()
+** interface routines. These are just wrappers around the main
+** interface routine of sqlite3_exec().
+**
+** These routines are in a separate files so that they will not be linked
+** if they are not used.
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdlib.h> */
+/* #include <string.h> */
+
+#ifndef SQLITE_OMIT_GET_TABLE
+
+/*
+** This structure is used to pass data from sqlite3_get_table() through
+** to the callback function is uses to build the result.
+*/
+typedef struct TabResult {
+ char **azResult; /* Accumulated output */
+ char *zErrMsg; /* Error message text, if an error occurs */
+ u32 nAlloc; /* Slots allocated for azResult[] */
+ u32 nRow; /* Number of rows in the result */
+ u32 nColumn; /* Number of columns in the result */
+ u32 nData; /* Slots used in azResult[]. (nRow+1)*nColumn */
+ int rc; /* Return code from sqlite3_exec() */
+} TabResult;
+
+/*
+** This routine is called once for each row in the result table. Its job
+** is to fill in the TabResult structure appropriately, allocating new
+** memory as necessary.
+*/
+static int sqlite3_get_table_cb(void *pArg, int nCol, char **argv, char **colv){
+ TabResult *p = (TabResult*)pArg; /* Result accumulator */
+ int need; /* Slots needed in p->azResult[] */
+ int i; /* Loop counter */
+ char *z; /* A single column of result */
+
+ /* Make sure there is enough space in p->azResult to hold everything
+ ** we need to remember from this invocation of the callback.
+ */
+ if( p->nRow==0 && argv!=0 ){
+ need = nCol*2;
+ }else{
+ need = nCol;
+ }
+ if( p->nData + need > p->nAlloc ){
+ char **azNew;
+ p->nAlloc = p->nAlloc*2 + need;
+ azNew = sqlite3_realloc64( p->azResult, sizeof(char*)*p->nAlloc );
+ if( azNew==0 ) goto malloc_failed;
+ p->azResult = azNew;
+ }
+
+ /* If this is the first row, then generate an extra row containing
+ ** the names of all columns.
+ */
+ if( p->nRow==0 ){
+ p->nColumn = nCol;
+ for(i=0; i<nCol; i++){
+ z = sqlite3_mprintf("%s", colv[i]);
+ if( z==0 ) goto malloc_failed;
+ p->azResult[p->nData++] = z;
+ }
+ }else if( (int)p->nColumn!=nCol ){
+ sqlite3_free(p->zErrMsg);
+ p->zErrMsg = sqlite3_mprintf(
+ "sqlite3_get_table() called with two or more incompatible queries"
+ );
+ p->rc = SQLITE_ERROR;
+ return 1;
+ }
+
+ /* Copy over the row data
+ */
+ if( argv!=0 ){
+ for(i=0; i<nCol; i++){
+ if( argv[i]==0 ){
+ z = 0;
+ }else{
+ int n = sqlite3Strlen30(argv[i])+1;
+ z = sqlite3_malloc64( n );
+ if( z==0 ) goto malloc_failed;
+ memcpy(z, argv[i], n);
+ }
+ p->azResult[p->nData++] = z;
+ }
+ p->nRow++;
+ }
+ return 0;
+
+malloc_failed:
+ p->rc = SQLITE_NOMEM;
+ return 1;
+}
+
+/*
+** Query the database. But instead of invoking a callback for each row,
+** malloc() for space to hold the result and return the entire results
+** at the conclusion of the call.
+**
+** The result that is written to ***pazResult is held in memory obtained
+** from malloc(). But the caller cannot free this memory directly.
+** Instead, the entire table should be passed to sqlite3_free_table() when
+** the calling procedure is finished using it.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_get_table(
+ sqlite3 *db, /* The database on which the SQL executes */
+ const char *zSql, /* The SQL to be executed */
+ char ***pazResult, /* Write the result table here */
+ int *pnRow, /* Write the number of rows in the result here */
+ int *pnColumn, /* Write the number of columns of result here */
+ char **pzErrMsg /* Write error messages here */
+){
+ int rc;
+ TabResult res;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || pazResult==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ *pazResult = 0;
+ if( pnColumn ) *pnColumn = 0;
+ if( pnRow ) *pnRow = 0;
+ if( pzErrMsg ) *pzErrMsg = 0;
+ res.zErrMsg = 0;
+ res.nRow = 0;
+ res.nColumn = 0;
+ res.nData = 1;
+ res.nAlloc = 20;
+ res.rc = SQLITE_OK;
+ res.azResult = sqlite3_malloc64(sizeof(char*)*res.nAlloc );
+ if( res.azResult==0 ){
+ db->errCode = SQLITE_NOMEM;
+ return SQLITE_NOMEM;
+ }
+ res.azResult[0] = 0;
+ rc = sqlite3_exec(db, zSql, sqlite3_get_table_cb, &res, pzErrMsg);
+ assert( sizeof(res.azResult[0])>= sizeof(res.nData) );
+ res.azResult[0] = SQLITE_INT_TO_PTR(res.nData);
+ if( (rc&0xff)==SQLITE_ABORT ){
+ sqlite3_free_table(&res.azResult[1]);
+ if( res.zErrMsg ){
+ if( pzErrMsg ){
+ sqlite3_free(*pzErrMsg);
+ *pzErrMsg = sqlite3_mprintf("%s",res.zErrMsg);
+ }
+ sqlite3_free(res.zErrMsg);
+ }
+ db->errCode = res.rc; /* Assume 32-bit assignment is atomic */
+ return res.rc;
+ }
+ sqlite3_free(res.zErrMsg);
+ if( rc!=SQLITE_OK ){
+ sqlite3_free_table(&res.azResult[1]);
+ return rc;
+ }
+ if( res.nAlloc>res.nData ){
+ char **azNew;
+ azNew = sqlite3_realloc64( res.azResult, sizeof(char*)*res.nData );
+ if( azNew==0 ){
+ sqlite3_free_table(&res.azResult[1]);
+ db->errCode = SQLITE_NOMEM;
+ return SQLITE_NOMEM;
+ }
+ res.azResult = azNew;
+ }
+ *pazResult = &res.azResult[1];
+ if( pnColumn ) *pnColumn = res.nColumn;
+ if( pnRow ) *pnRow = res.nRow;
+ return rc;
+}
+
+/*
+** This routine frees the space the sqlite3_get_table() malloced.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_free_table(
+ char **azResult /* Result returned from sqlite3_get_table() */
+){
+ if( azResult ){
+ int i, n;
+ azResult--;
+ assert( azResult!=0 );
+ n = SQLITE_PTR_TO_INT(azResult[0]);
+ for(i=1; i<n; i++){ if( azResult[i] ) sqlite3_free(azResult[i]); }
+ sqlite3_free(azResult);
+ }
+}
+
+#endif /* SQLITE_OMIT_GET_TABLE */
+
+/************** End of table.c ***********************************************/
+/************** Begin file trigger.c *****************************************/
+/*
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains the implementation for TRIGGERs
+*/
+/* #include "sqliteInt.h" */
+
+#ifndef SQLITE_OMIT_TRIGGER
+/*
+** Delete a linked list of TriggerStep structures.
+*/
+SQLITE_PRIVATE void sqlite3DeleteTriggerStep(sqlite3 *db, TriggerStep *pTriggerStep){
+ while( pTriggerStep ){
+ TriggerStep * pTmp = pTriggerStep;
+ pTriggerStep = pTriggerStep->pNext;
+
+ sqlite3ExprDelete(db, pTmp->pWhere);
+ sqlite3ExprListDelete(db, pTmp->pExprList);
+ sqlite3SelectDelete(db, pTmp->pSelect);
+ sqlite3IdListDelete(db, pTmp->pIdList);
+
+ sqlite3DbFree(db, pTmp);
+ }
+}
+
+/*
+** Given table pTab, return a list of all the triggers attached to
+** the table. The list is connected by Trigger.pNext pointers.
+**
+** All of the triggers on pTab that are in the same database as pTab
+** are already attached to pTab->pTrigger. But there might be additional
+** triggers on pTab in the TEMP schema. This routine prepends all
+** TEMP triggers on pTab to the beginning of the pTab->pTrigger list
+** and returns the combined list.
+**
+** To state it another way: This routine returns a list of all triggers
+** that fire off of pTab. The list will include any TEMP triggers on
+** pTab as well as the triggers lised in pTab->pTrigger.
+*/
+SQLITE_PRIVATE Trigger *sqlite3TriggerList(Parse *pParse, Table *pTab){
+ Schema * const pTmpSchema = pParse->db->aDb[1].pSchema;
+ Trigger *pList = 0; /* List of triggers to return */
+
+ if( pParse->disableTriggers ){
+ return 0;
+ }
+
+ if( pTmpSchema!=pTab->pSchema ){
+ HashElem *p;
+ assert( sqlite3SchemaMutexHeld(pParse->db, 0, pTmpSchema) );
+ for(p=sqliteHashFirst(&pTmpSchema->trigHash); p; p=sqliteHashNext(p)){
+ Trigger *pTrig = (Trigger *)sqliteHashData(p);
+ if( pTrig->pTabSchema==pTab->pSchema
+ && 0==sqlite3StrICmp(pTrig->table, pTab->zName)
+ ){
+ pTrig->pNext = (pList ? pList : pTab->pTrigger);
+ pList = pTrig;
+ }
+ }
+ }
+
+ return (pList ? pList : pTab->pTrigger);
+}
+
+/*
+** This is called by the parser when it sees a CREATE TRIGGER statement
+** up to the point of the BEGIN before the trigger actions. A Trigger
+** structure is generated based on the information available and stored
+** in pParse->pNewTrigger. After the trigger actions have been parsed, the
+** sqlite3FinishTrigger() function is called to complete the trigger
+** construction process.
+*/
+SQLITE_PRIVATE void sqlite3BeginTrigger(
+ Parse *pParse, /* The parse context of the CREATE TRIGGER statement */
+ Token *pName1, /* The name of the trigger */
+ Token *pName2, /* The name of the trigger */
+ int tr_tm, /* One of TK_BEFORE, TK_AFTER, TK_INSTEAD */
+ int op, /* One of TK_INSERT, TK_UPDATE, TK_DELETE */
+ IdList *pColumns, /* column list if this is an UPDATE OF trigger */
+ SrcList *pTableName,/* The name of the table/view the trigger applies to */
+ Expr *pWhen, /* WHEN clause */
+ int isTemp, /* True if the TEMPORARY keyword is present */
+ int noErr /* Suppress errors if the trigger already exists */
+){
+ Trigger *pTrigger = 0; /* The new trigger */
+ Table *pTab; /* Table that the trigger fires off of */
+ char *zName = 0; /* Name of the trigger */
+ sqlite3 *db = pParse->db; /* The database connection */
+ int iDb; /* The database to store the trigger in */
+ Token *pName; /* The unqualified db name */
+ DbFixer sFix; /* State vector for the DB fixer */
+ int iTabDb; /* Index of the database holding pTab */
+
+ assert( pName1!=0 ); /* pName1->z might be NULL, but not pName1 itself */
+ assert( pName2!=0 );
+ assert( op==TK_INSERT || op==TK_UPDATE || op==TK_DELETE );
+ assert( op>0 && op<0xff );
+ if( isTemp ){
+ /* If TEMP was specified, then the trigger name may not be qualified. */
+ if( pName2->n>0 ){
+ sqlite3ErrorMsg(pParse, "temporary trigger may not have qualified name");
+ goto trigger_cleanup;
+ }
+ iDb = 1;
+ pName = pName1;
+ }else{
+ /* Figure out the db that the trigger will be created in */
+ iDb = sqlite3TwoPartName(pParse, pName1, pName2, &pName);
+ if( iDb<0 ){
+ goto trigger_cleanup;
+ }
+ }
+ if( !pTableName || db->mallocFailed ){
+ goto trigger_cleanup;
+ }
+
+ /* A long-standing parser bug is that this syntax was allowed:
+ **
+ ** CREATE TRIGGER attached.demo AFTER INSERT ON attached.tab ....
+ ** ^^^^^^^^
+ **
+ ** To maintain backwards compatibility, ignore the database
+ ** name on pTableName if we are reparsing out of SQLITE_MASTER.
+ */
+ if( db->init.busy && iDb!=1 ){
+ sqlite3DbFree(db, pTableName->a[0].zDatabase);
+ pTableName->a[0].zDatabase = 0;
+ }
+
+ /* If the trigger name was unqualified, and the table is a temp table,
+ ** then set iDb to 1 to create the trigger in the temporary database.
+ ** If sqlite3SrcListLookup() returns 0, indicating the table does not
+ ** exist, the error is caught by the block below.
+ */
+ pTab = sqlite3SrcListLookup(pParse, pTableName);
+ if( db->init.busy==0 && pName2->n==0 && pTab
+ && pTab->pSchema==db->aDb[1].pSchema ){
+ iDb = 1;
+ }
+
+ /* Ensure the table name matches database name and that the table exists */
+ if( db->mallocFailed ) goto trigger_cleanup;
+ assert( pTableName->nSrc==1 );
+ sqlite3FixInit(&sFix, pParse, iDb, "trigger", pName);
+ if( sqlite3FixSrcList(&sFix, pTableName) ){
+ goto trigger_cleanup;
+ }
+ pTab = sqlite3SrcListLookup(pParse, pTableName);
+ if( !pTab ){
+ /* The table does not exist. */
+ if( db->init.iDb==1 ){
+ /* Ticket #3810.
+ ** Normally, whenever a table is dropped, all associated triggers are
+ ** dropped too. But if a TEMP trigger is created on a non-TEMP table
+ ** and the table is dropped by a different database connection, the
+ ** trigger is not visible to the database connection that does the
+ ** drop so the trigger cannot be dropped. This results in an
+ ** "orphaned trigger" - a trigger whose associated table is missing.
+ */
+ db->init.orphanTrigger = 1;
+ }
+ goto trigger_cleanup;
+ }
+ if( IsVirtual(pTab) ){
+ sqlite3ErrorMsg(pParse, "cannot create triggers on virtual tables");
+ goto trigger_cleanup;
+ }
+
+ /* Check that the trigger name is not reserved and that no trigger of the
+ ** specified name exists */
+ zName = sqlite3NameFromToken(db, pName);
+ if( !zName || SQLITE_OK!=sqlite3CheckObjectName(pParse, zName) ){
+ goto trigger_cleanup;
+ }
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ if( sqlite3HashFind(&(db->aDb[iDb].pSchema->trigHash),zName) ){
+ if( !noErr ){
+ sqlite3ErrorMsg(pParse, "trigger %T already exists", pName);
+ }else{
+ assert( !db->init.busy );
+ sqlite3CodeVerifySchema(pParse, iDb);
+ }
+ goto trigger_cleanup;
+ }
+
+ /* Do not create a trigger on a system table */
+ if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0 ){
+ sqlite3ErrorMsg(pParse, "cannot create trigger on system table");
+ goto trigger_cleanup;
+ }
+
+ /* INSTEAD of triggers are only for views and views only support INSTEAD
+ ** of triggers.
+ */
+ if( pTab->pSelect && tr_tm!=TK_INSTEAD ){
+ sqlite3ErrorMsg(pParse, "cannot create %s trigger on view: %S",
+ (tr_tm == TK_BEFORE)?"BEFORE":"AFTER", pTableName, 0);
+ goto trigger_cleanup;
+ }
+ if( !pTab->pSelect && tr_tm==TK_INSTEAD ){
+ sqlite3ErrorMsg(pParse, "cannot create INSTEAD OF"
+ " trigger on table: %S", pTableName, 0);
+ goto trigger_cleanup;
+ }
+ iTabDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ int code = SQLITE_CREATE_TRIGGER;
+ const char *zDb = db->aDb[iTabDb].zName;
+ const char *zDbTrig = isTemp ? db->aDb[1].zName : zDb;
+ if( iTabDb==1 || isTemp ) code = SQLITE_CREATE_TEMP_TRIGGER;
+ if( sqlite3AuthCheck(pParse, code, zName, pTab->zName, zDbTrig) ){
+ goto trigger_cleanup;
+ }
+ if( sqlite3AuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(iTabDb),0,zDb)){
+ goto trigger_cleanup;
+ }
+ }
+#endif
+
+ /* INSTEAD OF triggers can only appear on views and BEFORE triggers
+ ** cannot appear on views. So we might as well translate every
+ ** INSTEAD OF trigger into a BEFORE trigger. It simplifies code
+ ** elsewhere.
+ */
+ if (tr_tm == TK_INSTEAD){
+ tr_tm = TK_BEFORE;
+ }
+
+ /* Build the Trigger object */
+ pTrigger = (Trigger*)sqlite3DbMallocZero(db, sizeof(Trigger));
+ if( pTrigger==0 ) goto trigger_cleanup;
+ pTrigger->zName = zName;
+ zName = 0;
+ pTrigger->table = sqlite3DbStrDup(db, pTableName->a[0].zName);
+ pTrigger->pSchema = db->aDb[iDb].pSchema;
+ pTrigger->pTabSchema = pTab->pSchema;
+ pTrigger->op = (u8)op;
+ pTrigger->tr_tm = tr_tm==TK_BEFORE ? TRIGGER_BEFORE : TRIGGER_AFTER;
+ pTrigger->pWhen = sqlite3ExprDup(db, pWhen, EXPRDUP_REDUCE);
+ pTrigger->pColumns = sqlite3IdListDup(db, pColumns);
+ assert( pParse->pNewTrigger==0 );
+ pParse->pNewTrigger = pTrigger;
+
+trigger_cleanup:
+ sqlite3DbFree(db, zName);
+ sqlite3SrcListDelete(db, pTableName);
+ sqlite3IdListDelete(db, pColumns);
+ sqlite3ExprDelete(db, pWhen);
+ if( !pParse->pNewTrigger ){
+ sqlite3DeleteTrigger(db, pTrigger);
+ }else{
+ assert( pParse->pNewTrigger==pTrigger );
+ }
+}
+
+/*
+** This routine is called after all of the trigger actions have been parsed
+** in order to complete the process of building the trigger.
+*/
+SQLITE_PRIVATE void sqlite3FinishTrigger(
+ Parse *pParse, /* Parser context */
+ TriggerStep *pStepList, /* The triggered program */
+ Token *pAll /* Token that describes the complete CREATE TRIGGER */
+){
+ Trigger *pTrig = pParse->pNewTrigger; /* Trigger being finished */
+ char *zName; /* Name of trigger */
+ sqlite3 *db = pParse->db; /* The database */
+ DbFixer sFix; /* Fixer object */
+ int iDb; /* Database containing the trigger */
+ Token nameToken; /* Trigger name for error reporting */
+
+ pParse->pNewTrigger = 0;
+ if( NEVER(pParse->nErr) || !pTrig ) goto triggerfinish_cleanup;
+ zName = pTrig->zName;
+ iDb = sqlite3SchemaToIndex(pParse->db, pTrig->pSchema);
+ pTrig->step_list = pStepList;
+ while( pStepList ){
+ pStepList->pTrig = pTrig;
+ pStepList = pStepList->pNext;
+ }
+ nameToken.z = pTrig->zName;
+ nameToken.n = sqlite3Strlen30(nameToken.z);
+ sqlite3FixInit(&sFix, pParse, iDb, "trigger", &nameToken);
+ if( sqlite3FixTriggerStep(&sFix, pTrig->step_list)
+ || sqlite3FixExpr(&sFix, pTrig->pWhen)
+ ){
+ goto triggerfinish_cleanup;
+ }
+
+ /* if we are not initializing,
+ ** build the sqlite_master entry
+ */
+ if( !db->init.busy ){
+ Vdbe *v;
+ char *z;
+
+ /* Make an entry in the sqlite_master table */
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ) goto triggerfinish_cleanup;
+ sqlite3BeginWriteOperation(pParse, 0, iDb);
+ z = sqlite3DbStrNDup(db, (char*)pAll->z, pAll->n);
+ sqlite3NestedParse(pParse,
+ "INSERT INTO %Q.%s VALUES('trigger',%Q,%Q,0,'CREATE TRIGGER %q')",
+ db->aDb[iDb].zName, SCHEMA_TABLE(iDb), zName,
+ pTrig->table, z);
+ sqlite3DbFree(db, z);
+ sqlite3ChangeCookie(pParse, iDb);
+ sqlite3VdbeAddParseSchemaOp(v, iDb,
+ sqlite3MPrintf(db, "type='trigger' AND name='%q'", zName));
+ }
+
+ if( db->init.busy ){
+ Trigger *pLink = pTrig;
+ Hash *pHash = &db->aDb[iDb].pSchema->trigHash;
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pTrig = sqlite3HashInsert(pHash, zName, pTrig);
+ if( pTrig ){
+ db->mallocFailed = 1;
+ }else if( pLink->pSchema==pLink->pTabSchema ){
+ Table *pTab;
+ pTab = sqlite3HashFind(&pLink->pTabSchema->tblHash, pLink->table);
+ assert( pTab!=0 );
+ pLink->pNext = pTab->pTrigger;
+ pTab->pTrigger = pLink;
+ }
+ }
+
+triggerfinish_cleanup:
+ sqlite3DeleteTrigger(db, pTrig);
+ assert( !pParse->pNewTrigger );
+ sqlite3DeleteTriggerStep(db, pStepList);
+}
+
+/*
+** Turn a SELECT statement (that the pSelect parameter points to) into
+** a trigger step. Return a pointer to a TriggerStep structure.
+**
+** The parser calls this routine when it finds a SELECT statement in
+** body of a TRIGGER.
+*/
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerSelectStep(sqlite3 *db, Select *pSelect){
+ TriggerStep *pTriggerStep = sqlite3DbMallocZero(db, sizeof(TriggerStep));
+ if( pTriggerStep==0 ) {
+ sqlite3SelectDelete(db, pSelect);
+ return 0;
+ }
+ pTriggerStep->op = TK_SELECT;
+ pTriggerStep->pSelect = pSelect;
+ pTriggerStep->orconf = OE_Default;
+ return pTriggerStep;
+}
+
+/*
+** Allocate space to hold a new trigger step. The allocated space
+** holds both the TriggerStep object and the TriggerStep.target.z string.
+**
+** If an OOM error occurs, NULL is returned and db->mallocFailed is set.
+*/
+static TriggerStep *triggerStepAllocate(
+ sqlite3 *db, /* Database connection */
+ u8 op, /* Trigger opcode */
+ Token *pName /* The target name */
+){
+ TriggerStep *pTriggerStep;
+
+ pTriggerStep = sqlite3DbMallocZero(db, sizeof(TriggerStep) + pName->n + 1);
+ if( pTriggerStep ){
+ char *z = (char*)&pTriggerStep[1];
+ memcpy(z, pName->z, pName->n);
+ sqlite3Dequote(z);
+ pTriggerStep->zTarget = z;
+ pTriggerStep->op = op;
+ }
+ return pTriggerStep;
+}
+
+/*
+** Build a trigger step out of an INSERT statement. Return a pointer
+** to the new trigger step.
+**
+** The parser calls this routine when it sees an INSERT inside the
+** body of a trigger.
+*/
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerInsertStep(
+ sqlite3 *db, /* The database connection */
+ Token *pTableName, /* Name of the table into which we insert */
+ IdList *pColumn, /* List of columns in pTableName to insert into */
+ Select *pSelect, /* A SELECT statement that supplies values */
+ u8 orconf /* The conflict algorithm (OE_Abort, OE_Replace, etc.) */
+){
+ TriggerStep *pTriggerStep;
+
+ assert(pSelect != 0 || db->mallocFailed);
+
+ pTriggerStep = triggerStepAllocate(db, TK_INSERT, pTableName);
+ if( pTriggerStep ){
+ pTriggerStep->pSelect = sqlite3SelectDup(db, pSelect, EXPRDUP_REDUCE);
+ pTriggerStep->pIdList = pColumn;
+ pTriggerStep->orconf = orconf;
+ }else{
+ sqlite3IdListDelete(db, pColumn);
+ }
+ sqlite3SelectDelete(db, pSelect);
+
+ return pTriggerStep;
+}
+
+/*
+** Construct a trigger step that implements an UPDATE statement and return
+** a pointer to that trigger step. The parser calls this routine when it
+** sees an UPDATE statement inside the body of a CREATE TRIGGER.
+*/
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerUpdateStep(
+ sqlite3 *db, /* The database connection */
+ Token *pTableName, /* Name of the table to be updated */
+ ExprList *pEList, /* The SET clause: list of column and new values */
+ Expr *pWhere, /* The WHERE clause */
+ u8 orconf /* The conflict algorithm. (OE_Abort, OE_Ignore, etc) */
+){
+ TriggerStep *pTriggerStep;
+
+ pTriggerStep = triggerStepAllocate(db, TK_UPDATE, pTableName);
+ if( pTriggerStep ){
+ pTriggerStep->pExprList = sqlite3ExprListDup(db, pEList, EXPRDUP_REDUCE);
+ pTriggerStep->pWhere = sqlite3ExprDup(db, pWhere, EXPRDUP_REDUCE);
+ pTriggerStep->orconf = orconf;
+ }
+ sqlite3ExprListDelete(db, pEList);
+ sqlite3ExprDelete(db, pWhere);
+ return pTriggerStep;
+}
+
+/*
+** Construct a trigger step that implements a DELETE statement and return
+** a pointer to that trigger step. The parser calls this routine when it
+** sees a DELETE statement inside the body of a CREATE TRIGGER.
+*/
+SQLITE_PRIVATE TriggerStep *sqlite3TriggerDeleteStep(
+ sqlite3 *db, /* Database connection */
+ Token *pTableName, /* The table from which rows are deleted */
+ Expr *pWhere /* The WHERE clause */
+){
+ TriggerStep *pTriggerStep;
+
+ pTriggerStep = triggerStepAllocate(db, TK_DELETE, pTableName);
+ if( pTriggerStep ){
+ pTriggerStep->pWhere = sqlite3ExprDup(db, pWhere, EXPRDUP_REDUCE);
+ pTriggerStep->orconf = OE_Default;
+ }
+ sqlite3ExprDelete(db, pWhere);
+ return pTriggerStep;
+}
+
+/*
+** Recursively delete a Trigger structure
+*/
+SQLITE_PRIVATE void sqlite3DeleteTrigger(sqlite3 *db, Trigger *pTrigger){
+ if( pTrigger==0 ) return;
+ sqlite3DeleteTriggerStep(db, pTrigger->step_list);
+ sqlite3DbFree(db, pTrigger->zName);
+ sqlite3DbFree(db, pTrigger->table);
+ sqlite3ExprDelete(db, pTrigger->pWhen);
+ sqlite3IdListDelete(db, pTrigger->pColumns);
+ sqlite3DbFree(db, pTrigger);
+}
+
+/*
+** This function is called to drop a trigger from the database schema.
+**
+** This may be called directly from the parser and therefore identifies
+** the trigger by name. The sqlite3DropTriggerPtr() routine does the
+** same job as this routine except it takes a pointer to the trigger
+** instead of the trigger name.
+**/
+SQLITE_PRIVATE void sqlite3DropTrigger(Parse *pParse, SrcList *pName, int noErr){
+ Trigger *pTrigger = 0;
+ int i;
+ const char *zDb;
+ const char *zName;
+ sqlite3 *db = pParse->db;
+
+ if( db->mallocFailed ) goto drop_trigger_cleanup;
+ if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
+ goto drop_trigger_cleanup;
+ }
+
+ assert( pName->nSrc==1 );
+ zDb = pName->a[0].zDatabase;
+ zName = pName->a[0].zName;
+ assert( zDb!=0 || sqlite3BtreeHoldsAllMutexes(db) );
+ for(i=OMIT_TEMPDB; i<db->nDb; i++){
+ int j = (i<2) ? i^1 : i; /* Search TEMP before MAIN */
+ if( zDb && sqlite3StrICmp(db->aDb[j].zName, zDb) ) continue;
+ assert( sqlite3SchemaMutexHeld(db, j, 0) );
+ pTrigger = sqlite3HashFind(&(db->aDb[j].pSchema->trigHash), zName);
+ if( pTrigger ) break;
+ }
+ if( !pTrigger ){
+ if( !noErr ){
+ sqlite3ErrorMsg(pParse, "no such trigger: %S", pName, 0);
+ }else{
+ sqlite3CodeVerifyNamedSchema(pParse, zDb);
+ }
+ pParse->checkSchema = 1;
+ goto drop_trigger_cleanup;
+ }
+ sqlite3DropTriggerPtr(pParse, pTrigger);
+
+drop_trigger_cleanup:
+ sqlite3SrcListDelete(db, pName);
+}
+
+/*
+** Return a pointer to the Table structure for the table that a trigger
+** is set on.
+*/
+static Table *tableOfTrigger(Trigger *pTrigger){
+ return sqlite3HashFind(&pTrigger->pTabSchema->tblHash, pTrigger->table);
+}
+
+
+/*
+** Drop a trigger given a pointer to that trigger.
+*/
+SQLITE_PRIVATE void sqlite3DropTriggerPtr(Parse *pParse, Trigger *pTrigger){
+ Table *pTable;
+ Vdbe *v;
+ sqlite3 *db = pParse->db;
+ int iDb;
+
+ iDb = sqlite3SchemaToIndex(pParse->db, pTrigger->pSchema);
+ assert( iDb>=0 && iDb<db->nDb );
+ pTable = tableOfTrigger(pTrigger);
+ assert( pTable );
+ assert( pTable->pSchema==pTrigger->pSchema || iDb==1 );
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ int code = SQLITE_DROP_TRIGGER;
+ const char *zDb = db->aDb[iDb].zName;
+ const char *zTab = SCHEMA_TABLE(iDb);
+ if( iDb==1 ) code = SQLITE_DROP_TEMP_TRIGGER;
+ if( sqlite3AuthCheck(pParse, code, pTrigger->zName, pTable->zName, zDb) ||
+ sqlite3AuthCheck(pParse, SQLITE_DELETE, zTab, 0, zDb) ){
+ return;
+ }
+ }
+#endif
+
+ /* Generate code to destroy the database record of the trigger.
+ */
+ assert( pTable!=0 );
+ if( (v = sqlite3GetVdbe(pParse))!=0 ){
+ sqlite3NestedParse(pParse,
+ "DELETE FROM %Q.%s WHERE name=%Q AND type='trigger'",
+ db->aDb[iDb].zName, SCHEMA_TABLE(iDb), pTrigger->zName
+ );
+ sqlite3ChangeCookie(pParse, iDb);
+ sqlite3VdbeAddOp4(v, OP_DropTrigger, iDb, 0, 0, pTrigger->zName, 0);
+ }
+}
+
+/*
+** Remove a trigger from the hash tables of the sqlite* pointer.
+*/
+SQLITE_PRIVATE void sqlite3UnlinkAndDeleteTrigger(sqlite3 *db, int iDb, const char *zName){
+ Trigger *pTrigger;
+ Hash *pHash;
+
+ assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
+ pHash = &(db->aDb[iDb].pSchema->trigHash);
+ pTrigger = sqlite3HashInsert(pHash, zName, 0);
+ if( ALWAYS(pTrigger) ){
+ if( pTrigger->pSchema==pTrigger->pTabSchema ){
+ Table *pTab = tableOfTrigger(pTrigger);
+ Trigger **pp;
+ for(pp=&pTab->pTrigger; *pp!=pTrigger; pp=&((*pp)->pNext));
+ *pp = (*pp)->pNext;
+ }
+ sqlite3DeleteTrigger(db, pTrigger);
+ db->flags |= SQLITE_InternChanges;
+ }
+}
+
+/*
+** pEList is the SET clause of an UPDATE statement. Each entry
+** in pEList is of the format <id>=<expr>. If any of the entries
+** in pEList have an <id> which matches an identifier in pIdList,
+** then return TRUE. If pIdList==NULL, then it is considered a
+** wildcard that matches anything. Likewise if pEList==NULL then
+** it matches anything so always return true. Return false only
+** if there is no match.
+*/
+static int checkColumnOverlap(IdList *pIdList, ExprList *pEList){
+ int e;
+ if( pIdList==0 || NEVER(pEList==0) ) return 1;
+ for(e=0; e<pEList->nExpr; e++){
+ if( sqlite3IdListIndex(pIdList, pEList->a[e].zName)>=0 ) return 1;
+ }
+ return 0;
+}
+
+/*
+** Return a list of all triggers on table pTab if there exists at least
+** one trigger that must be fired when an operation of type 'op' is
+** performed on the table, and, if that operation is an UPDATE, if at
+** least one of the columns in pChanges is being modified.
+*/
+SQLITE_PRIVATE Trigger *sqlite3TriggersExist(
+ Parse *pParse, /* Parse context */
+ Table *pTab, /* The table the contains the triggers */
+ int op, /* one of TK_DELETE, TK_INSERT, TK_UPDATE */
+ ExprList *pChanges, /* Columns that change in an UPDATE statement */
+ int *pMask /* OUT: Mask of TRIGGER_BEFORE|TRIGGER_AFTER */
+){
+ int mask = 0;
+ Trigger *pList = 0;
+ Trigger *p;
+
+ if( (pParse->db->flags & SQLITE_EnableTrigger)!=0 ){
+ pList = sqlite3TriggerList(pParse, pTab);
+ }
+ assert( pList==0 || IsVirtual(pTab)==0 );
+ for(p=pList; p; p=p->pNext){
+ if( p->op==op && checkColumnOverlap(p->pColumns, pChanges) ){
+ mask |= p->tr_tm;
+ }
+ }
+ if( pMask ){
+ *pMask = mask;
+ }
+ return (mask ? pList : 0);
+}
+
+/*
+** Convert the pStep->zTarget string into a SrcList and return a pointer
+** to that SrcList.
+**
+** This routine adds a specific database name, if needed, to the target when
+** forming the SrcList. This prevents a trigger in one database from
+** referring to a target in another database. An exception is when the
+** trigger is in TEMP in which case it can refer to any other database it
+** wants.
+*/
+static SrcList *targetSrcList(
+ Parse *pParse, /* The parsing context */
+ TriggerStep *pStep /* The trigger containing the target token */
+){
+ sqlite3 *db = pParse->db;
+ int iDb; /* Index of the database to use */
+ SrcList *pSrc; /* SrcList to be returned */
+
+ pSrc = sqlite3SrcListAppend(db, 0, 0, 0);
+ if( pSrc ){
+ assert( pSrc->nSrc>0 );
+ pSrc->a[pSrc->nSrc-1].zName = sqlite3DbStrDup(db, pStep->zTarget);
+ iDb = sqlite3SchemaToIndex(db, pStep->pTrig->pSchema);
+ if( iDb==0 || iDb>=2 ){
+ assert( iDb<db->nDb );
+ pSrc->a[pSrc->nSrc-1].zDatabase = sqlite3DbStrDup(db, db->aDb[iDb].zName);
+ }
+ }
+ return pSrc;
+}
+
+/*
+** Generate VDBE code for the statements inside the body of a single
+** trigger.
+*/
+static int codeTriggerProgram(
+ Parse *pParse, /* The parser context */
+ TriggerStep *pStepList, /* List of statements inside the trigger body */
+ int orconf /* Conflict algorithm. (OE_Abort, etc) */
+){
+ TriggerStep *pStep;
+ Vdbe *v = pParse->pVdbe;
+ sqlite3 *db = pParse->db;
+
+ assert( pParse->pTriggerTab && pParse->pToplevel );
+ assert( pStepList );
+ assert( v!=0 );
+ for(pStep=pStepList; pStep; pStep=pStep->pNext){
+ /* Figure out the ON CONFLICT policy that will be used for this step
+ ** of the trigger program. If the statement that caused this trigger
+ ** to fire had an explicit ON CONFLICT, then use it. Otherwise, use
+ ** the ON CONFLICT policy that was specified as part of the trigger
+ ** step statement. Example:
+ **
+ ** CREATE TRIGGER AFTER INSERT ON t1 BEGIN;
+ ** INSERT OR REPLACE INTO t2 VALUES(new.a, new.b);
+ ** END;
+ **
+ ** INSERT INTO t1 ... ; -- insert into t2 uses REPLACE policy
+ ** INSERT OR IGNORE INTO t1 ... ; -- insert into t2 uses IGNORE policy
+ */
+ pParse->eOrconf = (orconf==OE_Default)?pStep->orconf:(u8)orconf;
+ assert( pParse->okConstFactor==0 );
+
+ switch( pStep->op ){
+ case TK_UPDATE: {
+ sqlite3Update(pParse,
+ targetSrcList(pParse, pStep),
+ sqlite3ExprListDup(db, pStep->pExprList, 0),
+ sqlite3ExprDup(db, pStep->pWhere, 0),
+ pParse->eOrconf
+ );
+ break;
+ }
+ case TK_INSERT: {
+ sqlite3Insert(pParse,
+ targetSrcList(pParse, pStep),
+ sqlite3SelectDup(db, pStep->pSelect, 0),
+ sqlite3IdListDup(db, pStep->pIdList),
+ pParse->eOrconf
+ );
+ break;
+ }
+ case TK_DELETE: {
+ sqlite3DeleteFrom(pParse,
+ targetSrcList(pParse, pStep),
+ sqlite3ExprDup(db, pStep->pWhere, 0)
+ );
+ break;
+ }
+ default: assert( pStep->op==TK_SELECT ); {
+ SelectDest sDest;
+ Select *pSelect = sqlite3SelectDup(db, pStep->pSelect, 0);
+ sqlite3SelectDestInit(&sDest, SRT_Discard, 0);
+ sqlite3Select(pParse, pSelect, &sDest);
+ sqlite3SelectDelete(db, pSelect);
+ break;
+ }
+ }
+ if( pStep->op!=TK_SELECT ){
+ sqlite3VdbeAddOp0(v, OP_ResetCount);
+ }
+ }
+
+ return 0;
+}
+
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+/*
+** This function is used to add VdbeComment() annotations to a VDBE
+** program. It is not used in production code, only for debugging.
+*/
+static const char *onErrorText(int onError){
+ switch( onError ){
+ case OE_Abort: return "abort";
+ case OE_Rollback: return "rollback";
+ case OE_Fail: return "fail";
+ case OE_Replace: return "replace";
+ case OE_Ignore: return "ignore";
+ case OE_Default: return "default";
+ }
+ return "n/a";
+}
+#endif
+
+/*
+** Parse context structure pFrom has just been used to create a sub-vdbe
+** (trigger program). If an error has occurred, transfer error information
+** from pFrom to pTo.
+*/
+static void transferParseError(Parse *pTo, Parse *pFrom){
+ assert( pFrom->zErrMsg==0 || pFrom->nErr );
+ assert( pTo->zErrMsg==0 || pTo->nErr );
+ if( pTo->nErr==0 ){
+ pTo->zErrMsg = pFrom->zErrMsg;
+ pTo->nErr = pFrom->nErr;
+ pTo->rc = pFrom->rc;
+ }else{
+ sqlite3DbFree(pFrom->db, pFrom->zErrMsg);
+ }
+}
+
+/*
+** Create and populate a new TriggerPrg object with a sub-program
+** implementing trigger pTrigger with ON CONFLICT policy orconf.
+*/
+static TriggerPrg *codeRowTrigger(
+ Parse *pParse, /* Current parse context */
+ Trigger *pTrigger, /* Trigger to code */
+ Table *pTab, /* The table pTrigger is attached to */
+ int orconf /* ON CONFLICT policy to code trigger program with */
+){
+ Parse *pTop = sqlite3ParseToplevel(pParse);
+ sqlite3 *db = pParse->db; /* Database handle */
+ TriggerPrg *pPrg; /* Value to return */
+ Expr *pWhen = 0; /* Duplicate of trigger WHEN expression */
+ Vdbe *v; /* Temporary VM */
+ NameContext sNC; /* Name context for sub-vdbe */
+ SubProgram *pProgram = 0; /* Sub-vdbe for trigger program */
+ Parse *pSubParse; /* Parse context for sub-vdbe */
+ int iEndTrigger = 0; /* Label to jump to if WHEN is false */
+
+ assert( pTrigger->zName==0 || pTab==tableOfTrigger(pTrigger) );
+ assert( pTop->pVdbe );
+
+ /* Allocate the TriggerPrg and SubProgram objects. To ensure that they
+ ** are freed if an error occurs, link them into the Parse.pTriggerPrg
+ ** list of the top-level Parse object sooner rather than later. */
+ pPrg = sqlite3DbMallocZero(db, sizeof(TriggerPrg));
+ if( !pPrg ) return 0;
+ pPrg->pNext = pTop->pTriggerPrg;
+ pTop->pTriggerPrg = pPrg;
+ pPrg->pProgram = pProgram = sqlite3DbMallocZero(db, sizeof(SubProgram));
+ if( !pProgram ) return 0;
+ sqlite3VdbeLinkSubProgram(pTop->pVdbe, pProgram);
+ pPrg->pTrigger = pTrigger;
+ pPrg->orconf = orconf;
+ pPrg->aColmask[0] = 0xffffffff;
+ pPrg->aColmask[1] = 0xffffffff;
+
+ /* Allocate and populate a new Parse context to use for coding the
+ ** trigger sub-program. */
+ pSubParse = sqlite3StackAllocZero(db, sizeof(Parse));
+ if( !pSubParse ) return 0;
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pParse = pSubParse;
+ pSubParse->db = db;
+ pSubParse->pTriggerTab = pTab;
+ pSubParse->pToplevel = pTop;
+ pSubParse->zAuthContext = pTrigger->zName;
+ pSubParse->eTriggerOp = pTrigger->op;
+ pSubParse->nQueryLoop = pParse->nQueryLoop;
+
+ v = sqlite3GetVdbe(pSubParse);
+ if( v ){
+ VdbeComment((v, "Start: %s.%s (%s %s%s%s ON %s)",
+ pTrigger->zName, onErrorText(orconf),
+ (pTrigger->tr_tm==TRIGGER_BEFORE ? "BEFORE" : "AFTER"),
+ (pTrigger->op==TK_UPDATE ? "UPDATE" : ""),
+ (pTrigger->op==TK_INSERT ? "INSERT" : ""),
+ (pTrigger->op==TK_DELETE ? "DELETE" : ""),
+ pTab->zName
+ ));
+#ifndef SQLITE_OMIT_TRACE
+ sqlite3VdbeChangeP4(v, -1,
+ sqlite3MPrintf(db, "-- TRIGGER %s", pTrigger->zName), P4_DYNAMIC
+ );
+#endif
+
+ /* If one was specified, code the WHEN clause. If it evaluates to false
+ ** (or NULL) the sub-vdbe is immediately halted by jumping to the
+ ** OP_Halt inserted at the end of the program. */
+ if( pTrigger->pWhen ){
+ pWhen = sqlite3ExprDup(db, pTrigger->pWhen, 0);
+ if( SQLITE_OK==sqlite3ResolveExprNames(&sNC, pWhen)
+ && db->mallocFailed==0
+ ){
+ iEndTrigger = sqlite3VdbeMakeLabel(v);
+ sqlite3ExprIfFalse(pSubParse, pWhen, iEndTrigger, SQLITE_JUMPIFNULL);
+ }
+ sqlite3ExprDelete(db, pWhen);
+ }
+
+ /* Code the trigger program into the sub-vdbe. */
+ codeTriggerProgram(pSubParse, pTrigger->step_list, orconf);
+
+ /* Insert an OP_Halt at the end of the sub-program. */
+ if( iEndTrigger ){
+ sqlite3VdbeResolveLabel(v, iEndTrigger);
+ }
+ sqlite3VdbeAddOp0(v, OP_Halt);
+ VdbeComment((v, "End: %s.%s", pTrigger->zName, onErrorText(orconf)));
+
+ transferParseError(pParse, pSubParse);
+ if( db->mallocFailed==0 ){
+ pProgram->aOp = sqlite3VdbeTakeOpArray(v, &pProgram->nOp, &pTop->nMaxArg);
+ }
+ pProgram->nMem = pSubParse->nMem;
+ pProgram->nCsr = pSubParse->nTab;
+ pProgram->nOnce = pSubParse->nOnce;
+ pProgram->token = (void *)pTrigger;
+ pPrg->aColmask[0] = pSubParse->oldmask;
+ pPrg->aColmask[1] = pSubParse->newmask;
+ sqlite3VdbeDelete(v);
+ }
+
+ assert( !pSubParse->pAinc && !pSubParse->pZombieTab );
+ assert( !pSubParse->pTriggerPrg && !pSubParse->nMaxArg );
+ sqlite3ParserReset(pSubParse);
+ sqlite3StackFree(db, pSubParse);
+
+ return pPrg;
+}
+
+/*
+** Return a pointer to a TriggerPrg object containing the sub-program for
+** trigger pTrigger with default ON CONFLICT algorithm orconf. If no such
+** TriggerPrg object exists, a new object is allocated and populated before
+** being returned.
+*/
+static TriggerPrg *getRowTrigger(
+ Parse *pParse, /* Current parse context */
+ Trigger *pTrigger, /* Trigger to code */
+ Table *pTab, /* The table trigger pTrigger is attached to */
+ int orconf /* ON CONFLICT algorithm. */
+){
+ Parse *pRoot = sqlite3ParseToplevel(pParse);
+ TriggerPrg *pPrg;
+
+ assert( pTrigger->zName==0 || pTab==tableOfTrigger(pTrigger) );
+
+ /* It may be that this trigger has already been coded (or is in the
+ ** process of being coded). If this is the case, then an entry with
+ ** a matching TriggerPrg.pTrigger field will be present somewhere
+ ** in the Parse.pTriggerPrg list. Search for such an entry. */
+ for(pPrg=pRoot->pTriggerPrg;
+ pPrg && (pPrg->pTrigger!=pTrigger || pPrg->orconf!=orconf);
+ pPrg=pPrg->pNext
+ );
+
+ /* If an existing TriggerPrg could not be located, create a new one. */
+ if( !pPrg ){
+ pPrg = codeRowTrigger(pParse, pTrigger, pTab, orconf);
+ }
+
+ return pPrg;
+}
+
+/*
+** Generate code for the trigger program associated with trigger p on
+** table pTab. The reg, orconf and ignoreJump parameters passed to this
+** function are the same as those described in the header function for
+** sqlite3CodeRowTrigger()
+*/
+SQLITE_PRIVATE void sqlite3CodeRowTriggerDirect(
+ Parse *pParse, /* Parse context */
+ Trigger *p, /* Trigger to code */
+ Table *pTab, /* The table to code triggers from */
+ int reg, /* Reg array containing OLD.* and NEW.* values */
+ int orconf, /* ON CONFLICT policy */
+ int ignoreJump /* Instruction to jump to for RAISE(IGNORE) */
+){
+ Vdbe *v = sqlite3GetVdbe(pParse); /* Main VM */
+ TriggerPrg *pPrg;
+ pPrg = getRowTrigger(pParse, p, pTab, orconf);
+ assert( pPrg || pParse->nErr || pParse->db->mallocFailed );
+
+ /* Code the OP_Program opcode in the parent VDBE. P4 of the OP_Program
+ ** is a pointer to the sub-vdbe containing the trigger program. */
+ if( pPrg ){
+ int bRecursive = (p->zName && 0==(pParse->db->flags&SQLITE_RecTriggers));
+
+ sqlite3VdbeAddOp3(v, OP_Program, reg, ignoreJump, ++pParse->nMem);
+ sqlite3VdbeChangeP4(v, -1, (const char *)pPrg->pProgram, P4_SUBPROGRAM);
+ VdbeComment(
+ (v, "Call: %s.%s", (p->zName?p->zName:"fkey"), onErrorText(orconf)));
+
+ /* Set the P5 operand of the OP_Program instruction to non-zero if
+ ** recursive invocation of this trigger program is disallowed. Recursive
+ ** invocation is disallowed if (a) the sub-program is really a trigger,
+ ** not a foreign key action, and (b) the flag to enable recursive triggers
+ ** is clear. */
+ sqlite3VdbeChangeP5(v, (u8)bRecursive);
+ }
+}
+
+/*
+** This is called to code the required FOR EACH ROW triggers for an operation
+** on table pTab. The operation to code triggers for (INSERT, UPDATE or DELETE)
+** is given by the op parameter. The tr_tm parameter determines whether the
+** BEFORE or AFTER triggers are coded. If the operation is an UPDATE, then
+** parameter pChanges is passed the list of columns being modified.
+**
+** If there are no triggers that fire at the specified time for the specified
+** operation on pTab, this function is a no-op.
+**
+** The reg argument is the address of the first in an array of registers
+** that contain the values substituted for the new.* and old.* references
+** in the trigger program. If N is the number of columns in table pTab
+** (a copy of pTab->nCol), then registers are populated as follows:
+**
+** Register Contains
+** ------------------------------------------------------
+** reg+0 OLD.rowid
+** reg+1 OLD.* value of left-most column of pTab
+** ... ...
+** reg+N OLD.* value of right-most column of pTab
+** reg+N+1 NEW.rowid
+** reg+N+2 OLD.* value of left-most column of pTab
+** ... ...
+** reg+N+N+1 NEW.* value of right-most column of pTab
+**
+** For ON DELETE triggers, the registers containing the NEW.* values will
+** never be accessed by the trigger program, so they are not allocated or
+** populated by the caller (there is no data to populate them with anyway).
+** Similarly, for ON INSERT triggers the values stored in the OLD.* registers
+** are never accessed, and so are not allocated by the caller. So, for an
+** ON INSERT trigger, the value passed to this function as parameter reg
+** is not a readable register, although registers (reg+N) through
+** (reg+N+N+1) are.
+**
+** Parameter orconf is the default conflict resolution algorithm for the
+** trigger program to use (REPLACE, IGNORE etc.). Parameter ignoreJump
+** is the instruction that control should jump to if a trigger program
+** raises an IGNORE exception.
+*/
+SQLITE_PRIVATE void sqlite3CodeRowTrigger(
+ Parse *pParse, /* Parse context */
+ Trigger *pTrigger, /* List of triggers on table pTab */
+ int op, /* One of TK_UPDATE, TK_INSERT, TK_DELETE */
+ ExprList *pChanges, /* Changes list for any UPDATE OF triggers */
+ int tr_tm, /* One of TRIGGER_BEFORE, TRIGGER_AFTER */
+ Table *pTab, /* The table to code triggers from */
+ int reg, /* The first in an array of registers (see above) */
+ int orconf, /* ON CONFLICT policy */
+ int ignoreJump /* Instruction to jump to for RAISE(IGNORE) */
+){
+ Trigger *p; /* Used to iterate through pTrigger list */
+
+ assert( op==TK_UPDATE || op==TK_INSERT || op==TK_DELETE );
+ assert( tr_tm==TRIGGER_BEFORE || tr_tm==TRIGGER_AFTER );
+ assert( (op==TK_UPDATE)==(pChanges!=0) );
+
+ for(p=pTrigger; p; p=p->pNext){
+
+ /* Sanity checking: The schema for the trigger and for the table are
+ ** always defined. The trigger must be in the same schema as the table
+ ** or else it must be a TEMP trigger. */
+ assert( p->pSchema!=0 );
+ assert( p->pTabSchema!=0 );
+ assert( p->pSchema==p->pTabSchema
+ || p->pSchema==pParse->db->aDb[1].pSchema );
+
+ /* Determine whether we should code this trigger */
+ if( p->op==op
+ && p->tr_tm==tr_tm
+ && checkColumnOverlap(p->pColumns, pChanges)
+ ){
+ sqlite3CodeRowTriggerDirect(pParse, p, pTab, reg, orconf, ignoreJump);
+ }
+ }
+}
+
+/*
+** Triggers may access values stored in the old.* or new.* pseudo-table.
+** This function returns a 32-bit bitmask indicating which columns of the
+** old.* or new.* tables actually are used by triggers. This information
+** may be used by the caller, for example, to avoid having to load the entire
+** old.* record into memory when executing an UPDATE or DELETE command.
+**
+** Bit 0 of the returned mask is set if the left-most column of the
+** table may be accessed using an [old|new].<col> reference. Bit 1 is set if
+** the second leftmost column value is required, and so on. If there
+** are more than 32 columns in the table, and at least one of the columns
+** with an index greater than 32 may be accessed, 0xffffffff is returned.
+**
+** It is not possible to determine if the old.rowid or new.rowid column is
+** accessed by triggers. The caller must always assume that it is.
+**
+** Parameter isNew must be either 1 or 0. If it is 0, then the mask returned
+** applies to the old.* table. If 1, the new.* table.
+**
+** Parameter tr_tm must be a mask with one or both of the TRIGGER_BEFORE
+** and TRIGGER_AFTER bits set. Values accessed by BEFORE triggers are only
+** included in the returned mask if the TRIGGER_BEFORE bit is set in the
+** tr_tm parameter. Similarly, values accessed by AFTER triggers are only
+** included in the returned mask if the TRIGGER_AFTER bit is set in tr_tm.
+*/
+SQLITE_PRIVATE u32 sqlite3TriggerColmask(
+ Parse *pParse, /* Parse context */
+ Trigger *pTrigger, /* List of triggers on table pTab */
+ ExprList *pChanges, /* Changes list for any UPDATE OF triggers */
+ int isNew, /* 1 for new.* ref mask, 0 for old.* ref mask */
+ int tr_tm, /* Mask of TRIGGER_BEFORE|TRIGGER_AFTER */
+ Table *pTab, /* The table to code triggers from */
+ int orconf /* Default ON CONFLICT policy for trigger steps */
+){
+ const int op = pChanges ? TK_UPDATE : TK_DELETE;
+ u32 mask = 0;
+ Trigger *p;
+
+ assert( isNew==1 || isNew==0 );
+ for(p=pTrigger; p; p=p->pNext){
+ if( p->op==op && (tr_tm&p->tr_tm)
+ && checkColumnOverlap(p->pColumns,pChanges)
+ ){
+ TriggerPrg *pPrg;
+ pPrg = getRowTrigger(pParse, p, pTab, orconf);
+ if( pPrg ){
+ mask |= pPrg->aColmask[isNew];
+ }
+ }
+ }
+
+ return mask;
+}
+
+#endif /* !defined(SQLITE_OMIT_TRIGGER) */
+
+/************** End of trigger.c *********************************************/
+/************** Begin file update.c ******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains C code routines that are called by the parser
+** to handle UPDATE statements.
+*/
+/* #include "sqliteInt.h" */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Forward declaration */
+static void updateVirtualTable(
+ Parse *pParse, /* The parsing context */
+ SrcList *pSrc, /* The virtual table to be modified */
+ Table *pTab, /* The virtual table */
+ ExprList *pChanges, /* The columns to change in the UPDATE statement */
+ Expr *pRowidExpr, /* Expression used to recompute the rowid */
+ int *aXRef, /* Mapping from columns of pTab to entries in pChanges */
+ Expr *pWhere, /* WHERE clause of the UPDATE statement */
+ int onError /* ON CONFLICT strategy */
+);
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/*
+** The most recently coded instruction was an OP_Column to retrieve the
+** i-th column of table pTab. This routine sets the P4 parameter of the
+** OP_Column to the default value, if any.
+**
+** The default value of a column is specified by a DEFAULT clause in the
+** column definition. This was either supplied by the user when the table
+** was created, or added later to the table definition by an ALTER TABLE
+** command. If the latter, then the row-records in the table btree on disk
+** may not contain a value for the column and the default value, taken
+** from the P4 parameter of the OP_Column instruction, is returned instead.
+** If the former, then all row-records are guaranteed to include a value
+** for the column and the P4 value is not required.
+**
+** Column definitions created by an ALTER TABLE command may only have
+** literal default values specified: a number, null or a string. (If a more
+** complicated default expression value was provided, it is evaluated
+** when the ALTER TABLE is executed and one of the literal values written
+** into the sqlite_master table.)
+**
+** Therefore, the P4 parameter is only required if the default value for
+** the column is a literal number, string or null. The sqlite3ValueFromExpr()
+** function is capable of transforming these types of expressions into
+** sqlite3_value objects.
+**
+** If parameter iReg is not negative, code an OP_RealAffinity instruction
+** on register iReg. This is used when an equivalent integer value is
+** stored in place of an 8-byte floating point value in order to save
+** space.
+*/
+SQLITE_PRIVATE void sqlite3ColumnDefault(Vdbe *v, Table *pTab, int i, int iReg){
+ assert( pTab!=0 );
+ if( !pTab->pSelect ){
+ sqlite3_value *pValue = 0;
+ u8 enc = ENC(sqlite3VdbeDb(v));
+ Column *pCol = &pTab->aCol[i];
+ VdbeComment((v, "%s.%s", pTab->zName, pCol->zName));
+ assert( i<pTab->nCol );
+ sqlite3ValueFromExpr(sqlite3VdbeDb(v), pCol->pDflt, enc,
+ pCol->affinity, &pValue);
+ if( pValue ){
+ sqlite3VdbeChangeP4(v, -1, (const char *)pValue, P4_MEM);
+ }
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ if( pTab->aCol[i].affinity==SQLITE_AFF_REAL ){
+ sqlite3VdbeAddOp1(v, OP_RealAffinity, iReg);
+ }
+#endif
+ }
+}
+
+/*
+** Process an UPDATE statement.
+**
+** UPDATE OR IGNORE table_wxyz SET a=b, c=d WHERE e<5 AND f NOT NULL;
+** \_______/ \________/ \______/ \________________/
+* onError pTabList pChanges pWhere
+*/
+SQLITE_PRIVATE void sqlite3Update(
+ Parse *pParse, /* The parser context */
+ SrcList *pTabList, /* The table in which we should change things */
+ ExprList *pChanges, /* Things to be changed */
+ Expr *pWhere, /* The WHERE clause. May be null */
+ int onError /* How to handle constraint errors */
+){
+ int i, j; /* Loop counters */
+ Table *pTab; /* The table to be updated */
+ int addrTop = 0; /* VDBE instruction address of the start of the loop */
+ WhereInfo *pWInfo; /* Information about the WHERE clause */
+ Vdbe *v; /* The virtual database engine */
+ Index *pIdx; /* For looping over indices */
+ Index *pPk; /* The PRIMARY KEY index for WITHOUT ROWID tables */
+ int nIdx; /* Number of indices that need updating */
+ int iBaseCur; /* Base cursor number */
+ int iDataCur; /* Cursor for the canonical data btree */
+ int iIdxCur; /* Cursor for the first index */
+ sqlite3 *db; /* The database structure */
+ int *aRegIdx = 0; /* One register assigned to each index to be updated */
+ int *aXRef = 0; /* aXRef[i] is the index in pChanges->a[] of the
+ ** an expression for the i-th column of the table.
+ ** aXRef[i]==-1 if the i-th column is not changed. */
+ u8 *aToOpen; /* 1 for tables and indices to be opened */
+ u8 chngPk; /* PRIMARY KEY changed in a WITHOUT ROWID table */
+ u8 chngRowid; /* Rowid changed in a normal table */
+ u8 chngKey; /* Either chngPk or chngRowid */
+ Expr *pRowidExpr = 0; /* Expression defining the new record number */
+ AuthContext sContext; /* The authorization context */
+ NameContext sNC; /* The name-context to resolve expressions in */
+ int iDb; /* Database containing the table being updated */
+ int okOnePass; /* True for one-pass algorithm without the FIFO */
+ int hasFK; /* True if foreign key processing is required */
+ int labelBreak; /* Jump here to break out of UPDATE loop */
+ int labelContinue; /* Jump here to continue next step of UPDATE loop */
+
+#ifndef SQLITE_OMIT_TRIGGER
+ int isView; /* True when updating a view (INSTEAD OF trigger) */
+ Trigger *pTrigger; /* List of triggers on pTab, if required */
+ int tmask; /* Mask of TRIGGER_BEFORE|TRIGGER_AFTER */
+#endif
+ int newmask; /* Mask of NEW.* columns accessed by BEFORE triggers */
+ int iEph = 0; /* Ephemeral table holding all primary key values */
+ int nKey = 0; /* Number of elements in regKey for WITHOUT ROWID */
+ int aiCurOnePass[2]; /* The write cursors opened by WHERE_ONEPASS */
+
+ /* Register Allocations */
+ int regRowCount = 0; /* A count of rows changed */
+ int regOldRowid = 0; /* The old rowid */
+ int regNewRowid = 0; /* The new rowid */
+ int regNew = 0; /* Content of the NEW.* table in triggers */
+ int regOld = 0; /* Content of OLD.* table in triggers */
+ int regRowSet = 0; /* Rowset of rows to be updated */
+ int regKey = 0; /* composite PRIMARY KEY value */
+
+ memset(&sContext, 0, sizeof(sContext));
+ db = pParse->db;
+ if( pParse->nErr || db->mallocFailed ){
+ goto update_cleanup;
+ }
+ assert( pTabList->nSrc==1 );
+
+ /* Locate the table which we want to update.
+ */
+ pTab = sqlite3SrcListLookup(pParse, pTabList);
+ if( pTab==0 ) goto update_cleanup;
+ iDb = sqlite3SchemaToIndex(pParse->db, pTab->pSchema);
+
+ /* Figure out if we have any triggers and if the table being
+ ** updated is a view.
+ */
+#ifndef SQLITE_OMIT_TRIGGER
+ pTrigger = sqlite3TriggersExist(pParse, pTab, TK_UPDATE, pChanges, &tmask);
+ isView = pTab->pSelect!=0;
+ assert( pTrigger || tmask==0 );
+#else
+# define pTrigger 0
+# define isView 0
+# define tmask 0
+#endif
+#ifdef SQLITE_OMIT_VIEW
+# undef isView
+# define isView 0
+#endif
+
+ if( sqlite3ViewGetColumnNames(pParse, pTab) ){
+ goto update_cleanup;
+ }
+ if( sqlite3IsReadOnly(pParse, pTab, tmask) ){
+ goto update_cleanup;
+ }
+
+ /* Allocate a cursors for the main database table and for all indices.
+ ** The index cursors might not be used, but if they are used they
+ ** need to occur right after the database cursor. So go ahead and
+ ** allocate enough space, just in case.
+ */
+ pTabList->a[0].iCursor = iBaseCur = iDataCur = pParse->nTab++;
+ iIdxCur = iDataCur+1;
+ pPk = HasRowid(pTab) ? 0 : sqlite3PrimaryKeyIndex(pTab);
+ for(nIdx=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, nIdx++){
+ if( IsPrimaryKeyIndex(pIdx) && pPk!=0 ){
+ iDataCur = pParse->nTab;
+ pTabList->a[0].iCursor = iDataCur;
+ }
+ pParse->nTab++;
+ }
+
+ /* Allocate space for aXRef[], aRegIdx[], and aToOpen[].
+ ** Initialize aXRef[] and aToOpen[] to their default values.
+ */
+ aXRef = sqlite3DbMallocRaw(db, sizeof(int) * (pTab->nCol+nIdx) + nIdx+2 );
+ if( aXRef==0 ) goto update_cleanup;
+ aRegIdx = aXRef+pTab->nCol;
+ aToOpen = (u8*)(aRegIdx+nIdx);
+ memset(aToOpen, 1, nIdx+1);
+ aToOpen[nIdx+1] = 0;
+ for(i=0; i<pTab->nCol; i++) aXRef[i] = -1;
+
+ /* Initialize the name-context */
+ memset(&sNC, 0, sizeof(sNC));
+ sNC.pParse = pParse;
+ sNC.pSrcList = pTabList;
+
+ /* Resolve the column names in all the expressions of the
+ ** of the UPDATE statement. Also find the column index
+ ** for each column to be updated in the pChanges array. For each
+ ** column to be updated, make sure we have authorization to change
+ ** that column.
+ */
+ chngRowid = chngPk = 0;
+ for(i=0; i<pChanges->nExpr; i++){
+ if( sqlite3ResolveExprNames(&sNC, pChanges->a[i].pExpr) ){
+ goto update_cleanup;
+ }
+ for(j=0; j<pTab->nCol; j++){
+ if( sqlite3StrICmp(pTab->aCol[j].zName, pChanges->a[i].zName)==0 ){
+ if( j==pTab->iPKey ){
+ chngRowid = 1;
+ pRowidExpr = pChanges->a[i].pExpr;
+ }else if( pPk && (pTab->aCol[j].colFlags & COLFLAG_PRIMKEY)!=0 ){
+ chngPk = 1;
+ }
+ aXRef[j] = i;
+ break;
+ }
+ }
+ if( j>=pTab->nCol ){
+ if( pPk==0 && sqlite3IsRowid(pChanges->a[i].zName) ){
+ j = -1;
+ chngRowid = 1;
+ pRowidExpr = pChanges->a[i].pExpr;
+ }else{
+ sqlite3ErrorMsg(pParse, "no such column: %s", pChanges->a[i].zName);
+ pParse->checkSchema = 1;
+ goto update_cleanup;
+ }
+ }
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ {
+ int rc;
+ rc = sqlite3AuthCheck(pParse, SQLITE_UPDATE, pTab->zName,
+ j<0 ? "ROWID" : pTab->aCol[j].zName,
+ db->aDb[iDb].zName);
+ if( rc==SQLITE_DENY ){
+ goto update_cleanup;
+ }else if( rc==SQLITE_IGNORE ){
+ aXRef[j] = -1;
+ }
+ }
+#endif
+ }
+ assert( (chngRowid & chngPk)==0 );
+ assert( chngRowid==0 || chngRowid==1 );
+ assert( chngPk==0 || chngPk==1 );
+ chngKey = chngRowid + chngPk;
+
+ /* The SET expressions are not actually used inside the WHERE loop.
+ ** So reset the colUsed mask. Unless this is a virtual table. In that
+ ** case, set all bits of the colUsed mask (to ensure that the virtual
+ ** table implementation makes all columns available).
+ */
+ pTabList->a[0].colUsed = IsVirtual(pTab) ? (Bitmask)-1 : 0;
+
+ hasFK = sqlite3FkRequired(pParse, pTab, aXRef, chngKey);
+
+ /* There is one entry in the aRegIdx[] array for each index on the table
+ ** being updated. Fill in aRegIdx[] with a register number that will hold
+ ** the key for accessing each index.
+ **
+ ** FIXME: Be smarter about omitting indexes that use expressions.
+ */
+ for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
+ int reg;
+ if( chngKey || hasFK || pIdx->pPartIdxWhere || pIdx==pPk ){
+ reg = ++pParse->nMem;
+ }else{
+ reg = 0;
+ for(i=0; i<pIdx->nKeyCol; i++){
+ i16 iIdxCol = pIdx->aiColumn[i];
+ if( iIdxCol<0 || aXRef[iIdxCol]>=0 ){
+ reg = ++pParse->nMem;
+ break;
+ }
+ }
+ }
+ if( reg==0 ) aToOpen[j+1] = 0;
+ aRegIdx[j] = reg;
+ }
+
+ /* Begin generating code. */
+ v = sqlite3GetVdbe(pParse);
+ if( v==0 ) goto update_cleanup;
+ if( pParse->nested==0 ) sqlite3VdbeCountChanges(v);
+ sqlite3BeginWriteOperation(pParse, 1, iDb);
+
+ /* Allocate required registers. */
+ if( !IsVirtual(pTab) ){
+ regRowSet = ++pParse->nMem;
+ regOldRowid = regNewRowid = ++pParse->nMem;
+ if( chngPk || pTrigger || hasFK ){
+ regOld = pParse->nMem + 1;
+ pParse->nMem += pTab->nCol;
+ }
+ if( chngKey || pTrigger || hasFK ){
+ regNewRowid = ++pParse->nMem;
+ }
+ regNew = pParse->nMem + 1;
+ pParse->nMem += pTab->nCol;
+ }
+
+ /* Start the view context. */
+ if( isView ){
+ sqlite3AuthContextPush(pParse, &sContext, pTab->zName);
+ }
+
+ /* If we are trying to update a view, realize that view into
+ ** an ephemeral table.
+ */
+#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
+ if( isView ){
+ sqlite3MaterializeView(pParse, pTab, pWhere, iDataCur);
+ }
+#endif
+
+ /* Resolve the column names in all the expressions in the
+ ** WHERE clause.
+ */
+ if( sqlite3ResolveExprNames(&sNC, pWhere) ){
+ goto update_cleanup;
+ }
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ /* Virtual tables must be handled separately */
+ if( IsVirtual(pTab) ){
+ updateVirtualTable(pParse, pTabList, pTab, pChanges, pRowidExpr, aXRef,
+ pWhere, onError);
+ goto update_cleanup;
+ }
+#endif
+
+ /* Begin the database scan
+ */
+ if( HasRowid(pTab) ){
+ sqlite3VdbeAddOp3(v, OP_Null, 0, regRowSet, regOldRowid);
+ pWInfo = sqlite3WhereBegin(
+ pParse, pTabList, pWhere, 0, 0, WHERE_ONEPASS_DESIRED, iIdxCur
+ );
+ if( pWInfo==0 ) goto update_cleanup;
+ okOnePass = sqlite3WhereOkOnePass(pWInfo, aiCurOnePass);
+
+ /* Remember the rowid of every item to be updated.
+ */
+ sqlite3VdbeAddOp2(v, OP_Rowid, iDataCur, regOldRowid);
+ if( !okOnePass ){
+ sqlite3VdbeAddOp2(v, OP_RowSetAdd, regRowSet, regOldRowid);
+ }
+
+ /* End the database scan loop.
+ */
+ sqlite3WhereEnd(pWInfo);
+ }else{
+ int iPk; /* First of nPk memory cells holding PRIMARY KEY value */
+ i16 nPk; /* Number of components of the PRIMARY KEY */
+ int addrOpen; /* Address of the OpenEphemeral instruction */
+
+ assert( pPk!=0 );
+ nPk = pPk->nKeyCol;
+ iPk = pParse->nMem+1;
+ pParse->nMem += nPk;
+ regKey = ++pParse->nMem;
+ iEph = pParse->nTab++;
+ sqlite3VdbeAddOp2(v, OP_Null, 0, iPk);
+ addrOpen = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, iEph, nPk);
+ sqlite3VdbeSetP4KeyInfo(pParse, pPk);
+ pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, 0, 0,
+ WHERE_ONEPASS_DESIRED, iIdxCur);
+ if( pWInfo==0 ) goto update_cleanup;
+ okOnePass = sqlite3WhereOkOnePass(pWInfo, aiCurOnePass);
+ for(i=0; i<nPk; i++){
+ assert( pPk->aiColumn[i]>=0 );
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, pPk->aiColumn[i],
+ iPk+i);
+ }
+ if( okOnePass ){
+ sqlite3VdbeChangeToNoop(v, addrOpen);
+ nKey = nPk;
+ regKey = iPk;
+ }else{
+ sqlite3VdbeAddOp4(v, OP_MakeRecord, iPk, nPk, regKey,
+ sqlite3IndexAffinityStr(db, pPk), nPk);
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, iEph, regKey);
+ }
+ sqlite3WhereEnd(pWInfo);
+ }
+
+ /* Initialize the count of updated rows
+ */
+ if( (db->flags & SQLITE_CountRows) && !pParse->pTriggerTab ){
+ regRowCount = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, regRowCount);
+ }
+
+ labelBreak = sqlite3VdbeMakeLabel(v);
+ if( !isView ){
+ /*
+ ** Open every index that needs updating. Note that if any
+ ** index could potentially invoke a REPLACE conflict resolution
+ ** action, then we need to open all indices because we might need
+ ** to be deleting some records.
+ */
+ if( onError==OE_Replace ){
+ memset(aToOpen, 1, nIdx+1);
+ }else{
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ if( pIdx->onError==OE_Replace ){
+ memset(aToOpen, 1, nIdx+1);
+ break;
+ }
+ }
+ }
+ if( okOnePass ){
+ if( aiCurOnePass[0]>=0 ) aToOpen[aiCurOnePass[0]-iBaseCur] = 0;
+ if( aiCurOnePass[1]>=0 ) aToOpen[aiCurOnePass[1]-iBaseCur] = 0;
+ }
+ sqlite3OpenTableAndIndices(pParse, pTab, OP_OpenWrite, 0, iBaseCur, aToOpen,
+ 0, 0);
+ }
+
+ /* Top of the update loop */
+ if( okOnePass ){
+ if( aToOpen[iDataCur-iBaseCur] && !isView ){
+ assert( pPk );
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, iDataCur, labelBreak, regKey, nKey);
+ VdbeCoverageNeverTaken(v);
+ }
+ labelContinue = labelBreak;
+ sqlite3VdbeAddOp2(v, OP_IsNull, pPk ? regKey : regOldRowid, labelBreak);
+ VdbeCoverageIf(v, pPk==0);
+ VdbeCoverageIf(v, pPk!=0);
+ }else if( pPk ){
+ labelContinue = sqlite3VdbeMakeLabel(v);
+ sqlite3VdbeAddOp2(v, OP_Rewind, iEph, labelBreak); VdbeCoverage(v);
+ addrTop = sqlite3VdbeAddOp2(v, OP_RowKey, iEph, regKey);
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, iDataCur, labelContinue, regKey, 0);
+ VdbeCoverage(v);
+ }else{
+ labelContinue = sqlite3VdbeAddOp3(v, OP_RowSetRead, regRowSet, labelBreak,
+ regOldRowid);
+ VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_NotExists, iDataCur, labelContinue, regOldRowid);
+ VdbeCoverage(v);
+ }
+
+ /* If the record number will change, set register regNewRowid to
+ ** contain the new value. If the record number is not being modified,
+ ** then regNewRowid is the same register as regOldRowid, which is
+ ** already populated. */
+ assert( chngKey || pTrigger || hasFK || regOldRowid==regNewRowid );
+ if( chngRowid ){
+ sqlite3ExprCode(pParse, pRowidExpr, regNewRowid);
+ sqlite3VdbeAddOp1(v, OP_MustBeInt, regNewRowid); VdbeCoverage(v);
+ }
+
+ /* Compute the old pre-UPDATE content of the row being changed, if that
+ ** information is needed */
+ if( chngPk || hasFK || pTrigger ){
+ u32 oldmask = (hasFK ? sqlite3FkOldmask(pParse, pTab) : 0);
+ oldmask |= sqlite3TriggerColmask(pParse,
+ pTrigger, pChanges, 0, TRIGGER_BEFORE|TRIGGER_AFTER, pTab, onError
+ );
+ for(i=0; i<pTab->nCol; i++){
+ if( oldmask==0xffffffff
+ || (i<32 && (oldmask & MASKBIT32(i))!=0)
+ || (pTab->aCol[i].colFlags & COLFLAG_PRIMKEY)!=0
+ ){
+ testcase( oldmask!=0xffffffff && i==31 );
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, i, regOld+i);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regOld+i);
+ }
+ }
+ if( chngRowid==0 && pPk==0 ){
+ sqlite3VdbeAddOp2(v, OP_Copy, regOldRowid, regNewRowid);
+ }
+ }
+
+ /* Populate the array of registers beginning at regNew with the new
+ ** row data. This array is used to check constants, create the new
+ ** table and index records, and as the values for any new.* references
+ ** made by triggers.
+ **
+ ** If there are one or more BEFORE triggers, then do not populate the
+ ** registers associated with columns that are (a) not modified by
+ ** this UPDATE statement and (b) not accessed by new.* references. The
+ ** values for registers not modified by the UPDATE must be reloaded from
+ ** the database after the BEFORE triggers are fired anyway (as the trigger
+ ** may have modified them). So not loading those that are not going to
+ ** be used eliminates some redundant opcodes.
+ */
+ newmask = sqlite3TriggerColmask(
+ pParse, pTrigger, pChanges, 1, TRIGGER_BEFORE, pTab, onError
+ );
+ for(i=0; i<pTab->nCol; i++){
+ if( i==pTab->iPKey ){
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regNew+i);
+ }else{
+ j = aXRef[i];
+ if( j>=0 ){
+ sqlite3ExprCode(pParse, pChanges->a[j].pExpr, regNew+i);
+ }else if( 0==(tmask&TRIGGER_BEFORE) || i>31 || (newmask & MASKBIT32(i)) ){
+ /* This branch loads the value of a column that will not be changed
+ ** into a register. This is done if there are no BEFORE triggers, or
+ ** if there are one or more BEFORE triggers that use this value via
+ ** a new.* reference in a trigger program.
+ */
+ testcase( i==31 );
+ testcase( i==32 );
+ sqlite3ExprCodeGetColumnToReg(pParse, pTab, i, iDataCur, regNew+i);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regNew+i);
+ }
+ }
+ }
+
+ /* Fire any BEFORE UPDATE triggers. This happens before constraints are
+ ** verified. One could argue that this is wrong.
+ */
+ if( tmask&TRIGGER_BEFORE ){
+ sqlite3TableAffinity(v, pTab, regNew);
+ sqlite3CodeRowTrigger(pParse, pTrigger, TK_UPDATE, pChanges,
+ TRIGGER_BEFORE, pTab, regOldRowid, onError, labelContinue);
+
+ /* The row-trigger may have deleted the row being updated. In this
+ ** case, jump to the next row. No updates or AFTER triggers are
+ ** required. This behavior - what happens when the row being updated
+ ** is deleted or renamed by a BEFORE trigger - is left undefined in the
+ ** documentation.
+ */
+ if( pPk ){
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, iDataCur, labelContinue,regKey,nKey);
+ VdbeCoverage(v);
+ }else{
+ sqlite3VdbeAddOp3(v, OP_NotExists, iDataCur, labelContinue, regOldRowid);
+ VdbeCoverage(v);
+ }
+
+ /* If it did not delete it, the row-trigger may still have modified
+ ** some of the columns of the row being updated. Load the values for
+ ** all columns not modified by the update statement into their
+ ** registers in case this has happened.
+ */
+ for(i=0; i<pTab->nCol; i++){
+ if( aXRef[i]<0 && i!=pTab->iPKey ){
+ sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, i, regNew+i);
+ }
+ }
+ }
+
+ if( !isView ){
+ int addr1 = 0; /* Address of jump instruction */
+ int bReplace = 0; /* True if REPLACE conflict resolution might happen */
+
+ /* Do constraint checks. */
+ assert( regOldRowid>0 );
+ sqlite3GenerateConstraintChecks(pParse, pTab, aRegIdx, iDataCur, iIdxCur,
+ regNewRowid, regOldRowid, chngKey, onError, labelContinue, &bReplace);
+
+ /* Do FK constraint checks. */
+ if( hasFK ){
+ sqlite3FkCheck(pParse, pTab, regOldRowid, 0, aXRef, chngKey);
+ }
+
+ /* Delete the index entries associated with the current record. */
+ if( bReplace || chngKey ){
+ if( pPk ){
+ addr1 = sqlite3VdbeAddOp4Int(v, OP_NotFound, iDataCur, 0, regKey, nKey);
+ }else{
+ addr1 = sqlite3VdbeAddOp3(v, OP_NotExists, iDataCur, 0, regOldRowid);
+ }
+ VdbeCoverageNeverTaken(v);
+ }
+ sqlite3GenerateRowIndexDelete(pParse, pTab, iDataCur, iIdxCur, aRegIdx, -1);
+
+ /* If changing the record number, delete the old record. */
+ if( hasFK || chngKey || pPk!=0 ){
+ sqlite3VdbeAddOp2(v, OP_Delete, iDataCur, 0);
+ }
+ if( bReplace || chngKey ){
+ sqlite3VdbeJumpHere(v, addr1);
+ }
+
+ if( hasFK ){
+ sqlite3FkCheck(pParse, pTab, 0, regNewRowid, aXRef, chngKey);
+ }
+
+ /* Insert the new index entries and the new record. */
+ sqlite3CompleteInsertion(pParse, pTab, iDataCur, iIdxCur,
+ regNewRowid, aRegIdx, 1, 0, 0);
+
+ /* Do any ON CASCADE, SET NULL or SET DEFAULT operations required to
+ ** handle rows (possibly in other tables) that refer via a foreign key
+ ** to the row just updated. */
+ if( hasFK ){
+ sqlite3FkActions(pParse, pTab, pChanges, regOldRowid, aXRef, chngKey);
+ }
+ }
+
+ /* Increment the row counter
+ */
+ if( (db->flags & SQLITE_CountRows) && !pParse->pTriggerTab){
+ sqlite3VdbeAddOp2(v, OP_AddImm, regRowCount, 1);
+ }
+
+ sqlite3CodeRowTrigger(pParse, pTrigger, TK_UPDATE, pChanges,
+ TRIGGER_AFTER, pTab, regOldRowid, onError, labelContinue);
+
+ /* Repeat the above with the next record to be updated, until
+ ** all record selected by the WHERE clause have been updated.
+ */
+ if( okOnePass ){
+ /* Nothing to do at end-of-loop for a single-pass */
+ }else if( pPk ){
+ sqlite3VdbeResolveLabel(v, labelContinue);
+ sqlite3VdbeAddOp2(v, OP_Next, iEph, addrTop); VdbeCoverage(v);
+ }else{
+ sqlite3VdbeGoto(v, labelContinue);
+ }
+ sqlite3VdbeResolveLabel(v, labelBreak);
+
+ /* Close all tables */
+ for(i=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, i++){
+ assert( aRegIdx );
+ if( aToOpen[i+1] ){
+ sqlite3VdbeAddOp2(v, OP_Close, iIdxCur+i, 0);
+ }
+ }
+ if( iDataCur<iIdxCur ) sqlite3VdbeAddOp2(v, OP_Close, iDataCur, 0);
+
+ /* Update the sqlite_sequence table by storing the content of the
+ ** maximum rowid counter values recorded while inserting into
+ ** autoincrement tables.
+ */
+ if( pParse->nested==0 && pParse->pTriggerTab==0 ){
+ sqlite3AutoincrementEnd(pParse);
+ }
+
+ /*
+ ** Return the number of rows that were changed. If this routine is
+ ** generating code because of a call to sqlite3NestedParse(), do not
+ ** invoke the callback function.
+ */
+ if( (db->flags&SQLITE_CountRows) && !pParse->pTriggerTab && !pParse->nested ){
+ sqlite3VdbeAddOp2(v, OP_ResultRow, regRowCount, 1);
+ sqlite3VdbeSetNumCols(v, 1);
+ sqlite3VdbeSetColName(v, 0, COLNAME_NAME, "rows updated", SQLITE_STATIC);
+ }
+
+update_cleanup:
+ sqlite3AuthContextPop(&sContext);
+ sqlite3DbFree(db, aXRef); /* Also frees aRegIdx[] and aToOpen[] */
+ sqlite3SrcListDelete(db, pTabList);
+ sqlite3ExprListDelete(db, pChanges);
+ sqlite3ExprDelete(db, pWhere);
+ return;
+}
+/* Make sure "isView" and other macros defined above are undefined. Otherwise
+** they may interfere with compilation of other functions in this file
+** (or in another file, if this file becomes part of the amalgamation). */
+#ifdef isView
+ #undef isView
+#endif
+#ifdef pTrigger
+ #undef pTrigger
+#endif
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Generate code for an UPDATE of a virtual table.
+**
+** There are two possible strategies - the default and the special
+** "onepass" strategy. Onepass is only used if the virtual table
+** implementation indicates that pWhere may match at most one row.
+**
+** The default strategy is to create an ephemeral table that contains
+** for each row to be changed:
+**
+** (A) The original rowid of that row.
+** (B) The revised rowid for the row.
+** (C) The content of every column in the row.
+**
+** Then loop through the contents of this ephemeral table executing a
+** VUpdate for each row. When finished, drop the ephemeral table.
+**
+** The "onepass" strategy does not use an ephemeral table. Instead, it
+** stores the same values (A, B and C above) in a register array and
+** makes a single invocation of VUpdate.
+*/
+static void updateVirtualTable(
+ Parse *pParse, /* The parsing context */
+ SrcList *pSrc, /* The virtual table to be modified */
+ Table *pTab, /* The virtual table */
+ ExprList *pChanges, /* The columns to change in the UPDATE statement */
+ Expr *pRowid, /* Expression used to recompute the rowid */
+ int *aXRef, /* Mapping from columns of pTab to entries in pChanges */
+ Expr *pWhere, /* WHERE clause of the UPDATE statement */
+ int onError /* ON CONFLICT strategy */
+){
+ Vdbe *v = pParse->pVdbe; /* Virtual machine under construction */
+ int ephemTab; /* Table holding the result of the SELECT */
+ int i; /* Loop counter */
+ sqlite3 *db = pParse->db; /* Database connection */
+ const char *pVTab = (const char*)sqlite3GetVTable(db, pTab);
+ WhereInfo *pWInfo;
+ int nArg = 2 + pTab->nCol; /* Number of arguments to VUpdate */
+ int regArg; /* First register in VUpdate arg array */
+ int regRec; /* Register in which to assemble record */
+ int regRowid; /* Register for ephem table rowid */
+ int iCsr = pSrc->a[0].iCursor; /* Cursor used for virtual table scan */
+ int aDummy[2]; /* Unused arg for sqlite3WhereOkOnePass() */
+ int bOnePass; /* True to use onepass strategy */
+ int addr; /* Address of OP_OpenEphemeral */
+
+ /* Allocate nArg registers to martial the arguments to VUpdate. Then
+ ** create and open the ephemeral table in which the records created from
+ ** these arguments will be temporarily stored. */
+ assert( v );
+ ephemTab = pParse->nTab++;
+ addr= sqlite3VdbeAddOp2(v, OP_OpenEphemeral, ephemTab, nArg);
+ regArg = pParse->nMem + 1;
+ pParse->nMem += nArg;
+ regRec = ++pParse->nMem;
+ regRowid = ++pParse->nMem;
+
+ /* Start scanning the virtual table */
+ pWInfo = sqlite3WhereBegin(pParse, pSrc, pWhere, 0,0,WHERE_ONEPASS_DESIRED,0);
+ if( pWInfo==0 ) return;
+
+ /* Populate the argument registers. */
+ sqlite3VdbeAddOp2(v, OP_Rowid, iCsr, regArg);
+ if( pRowid ){
+ sqlite3ExprCode(pParse, pRowid, regArg+1);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Rowid, iCsr, regArg+1);
+ }
+ for(i=0; i<pTab->nCol; i++){
+ if( aXRef[i]>=0 ){
+ sqlite3ExprCode(pParse, pChanges->a[aXRef[i]].pExpr, regArg+2+i);
+ }else{
+ sqlite3VdbeAddOp3(v, OP_VColumn, iCsr, i, regArg+2+i);
+ }
+ }
+
+ bOnePass = sqlite3WhereOkOnePass(pWInfo, aDummy);
+
+ if( bOnePass ){
+ /* If using the onepass strategy, no-op out the OP_OpenEphemeral coded
+ ** above. Also, if this is a top-level parse (not a trigger), clear the
+ ** multi-write flag so that the VM does not open a statement journal */
+ sqlite3VdbeChangeToNoop(v, addr);
+ if( sqlite3IsToplevel(pParse) ){
+ pParse->isMultiWrite = 0;
+ }
+ }else{
+ /* Create a record from the argument register contents and insert it into
+ ** the ephemeral table. */
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, regArg, nArg, regRec);
+ sqlite3VdbeAddOp2(v, OP_NewRowid, ephemTab, regRowid);
+ sqlite3VdbeAddOp3(v, OP_Insert, ephemTab, regRec, regRowid);
+ }
+
+
+ if( bOnePass==0 ){
+ /* End the virtual table scan */
+ sqlite3WhereEnd(pWInfo);
+
+ /* Begin scannning through the ephemeral table. */
+ addr = sqlite3VdbeAddOp1(v, OP_Rewind, ephemTab); VdbeCoverage(v);
+
+ /* Extract arguments from the current row of the ephemeral table and
+ ** invoke the VUpdate method. */
+ for(i=0; i<nArg; i++){
+ sqlite3VdbeAddOp3(v, OP_Column, ephemTab, i, regArg+i);
+ }
+ }
+ sqlite3VtabMakeWritable(pParse, pTab);
+ sqlite3VdbeAddOp4(v, OP_VUpdate, 0, nArg, regArg, pVTab, P4_VTAB);
+ sqlite3VdbeChangeP5(v, onError==OE_Default ? OE_Abort : onError);
+ sqlite3MayAbort(pParse);
+
+ /* End of the ephemeral table scan. Or, if using the onepass strategy,
+ ** jump to here if the scan visited zero rows. */
+ if( bOnePass==0 ){
+ sqlite3VdbeAddOp2(v, OP_Next, ephemTab, addr+1); VdbeCoverage(v);
+ sqlite3VdbeJumpHere(v, addr);
+ sqlite3VdbeAddOp2(v, OP_Close, ephemTab, 0);
+ }else{
+ sqlite3WhereEnd(pWInfo);
+ }
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/************** End of update.c **********************************************/
+/************** Begin file vacuum.c ******************************************/
+/*
+** 2003 April 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used to implement the VACUUM command.
+**
+** Most of the code in this file may be omitted by defining the
+** SQLITE_OMIT_VACUUM macro.
+*/
+/* #include "sqliteInt.h" */
+/* #include "vdbeInt.h" */
+
+#if !defined(SQLITE_OMIT_VACUUM) && !defined(SQLITE_OMIT_ATTACH)
+/*
+** Finalize a prepared statement. If there was an error, store the
+** text of the error message in *pzErrMsg. Return the result code.
+*/
+static int vacuumFinalize(sqlite3 *db, sqlite3_stmt *pStmt, char **pzErrMsg){
+ int rc;
+ rc = sqlite3VdbeFinalize((Vdbe*)pStmt);
+ if( rc ){
+ sqlite3SetString(pzErrMsg, db, sqlite3_errmsg(db));
+ }
+ return rc;
+}
+
+/*
+** Execute zSql on database db. Return an error code.
+*/
+static int execSql(sqlite3 *db, char **pzErrMsg, const char *zSql){
+ sqlite3_stmt *pStmt;
+ VVA_ONLY( int rc; )
+ if( !zSql ){
+ return SQLITE_NOMEM;
+ }
+ if( SQLITE_OK!=sqlite3_prepare(db, zSql, -1, &pStmt, 0) ){
+ sqlite3SetString(pzErrMsg, db, sqlite3_errmsg(db));
+ return sqlite3_errcode(db);
+ }
+ VVA_ONLY( rc = ) sqlite3_step(pStmt);
+ assert( rc!=SQLITE_ROW || (db->flags&SQLITE_CountRows) );
+ return vacuumFinalize(db, pStmt, pzErrMsg);
+}
+
+/*
+** Execute zSql on database db. The statement returns exactly
+** one column. Execute this as SQL on the same database.
+*/
+static int execExecSql(sqlite3 *db, char **pzErrMsg, const char *zSql){
+ sqlite3_stmt *pStmt;
+ int rc;
+
+ rc = sqlite3_prepare(db, zSql, -1, &pStmt, 0);
+ if( rc!=SQLITE_OK ) return rc;
+
+ while( SQLITE_ROW==sqlite3_step(pStmt) ){
+ rc = execSql(db, pzErrMsg, (char*)sqlite3_column_text(pStmt, 0));
+ if( rc!=SQLITE_OK ){
+ vacuumFinalize(db, pStmt, pzErrMsg);
+ return rc;
+ }
+ }
+
+ return vacuumFinalize(db, pStmt, pzErrMsg);
+}
+
+/*
+** The VACUUM command is used to clean up the database,
+** collapse free space, etc. It is modelled after the VACUUM command
+** in PostgreSQL. The VACUUM command works as follows:
+**
+** (1) Create a new transient database file
+** (2) Copy all content from the database being vacuumed into
+** the new transient database file
+** (3) Copy content from the transient database back into the
+** original database.
+**
+** The transient database requires temporary disk space approximately
+** equal to the size of the original database. The copy operation of
+** step (3) requires additional temporary disk space approximately equal
+** to the size of the original database for the rollback journal.
+** Hence, temporary disk space that is approximately 2x the size of the
+** original database is required. Every page of the database is written
+** approximately 3 times: Once for step (2) and twice for step (3).
+** Two writes per page are required in step (3) because the original
+** database content must be written into the rollback journal prior to
+** overwriting the database with the vacuumed content.
+**
+** Only 1x temporary space and only 1x writes would be required if
+** the copy of step (3) were replaced by deleting the original database
+** and renaming the transient database as the original. But that will
+** not work if other processes are attached to the original database.
+** And a power loss in between deleting the original and renaming the
+** transient would cause the database file to appear to be deleted
+** following reboot.
+*/
+SQLITE_PRIVATE void sqlite3Vacuum(Parse *pParse){
+ Vdbe *v = sqlite3GetVdbe(pParse);
+ if( v ){
+ sqlite3VdbeAddOp2(v, OP_Vacuum, 0, 0);
+ sqlite3VdbeUsesBtree(v, 0);
+ }
+ return;
+}
+
+/*
+** This routine implements the OP_Vacuum opcode of the VDBE.
+*/
+SQLITE_PRIVATE int sqlite3RunVacuum(char **pzErrMsg, sqlite3 *db){
+ int rc = SQLITE_OK; /* Return code from service routines */
+ Btree *pMain; /* The database being vacuumed */
+ Btree *pTemp; /* The temporary database we vacuum into */
+ char *zSql = 0; /* SQL statements */
+ int saved_flags; /* Saved value of the db->flags */
+ int saved_nChange; /* Saved value of db->nChange */
+ int saved_nTotalChange; /* Saved value of db->nTotalChange */
+ void (*saved_xTrace)(void*,const char*); /* Saved db->xTrace */
+ Db *pDb = 0; /* Database to detach at end of vacuum */
+ int isMemDb; /* True if vacuuming a :memory: database */
+ int nRes; /* Bytes of reserved space at the end of each page */
+ int nDb; /* Number of attached databases */
+
+ if( !db->autoCommit ){
+ sqlite3SetString(pzErrMsg, db, "cannot VACUUM from within a transaction");
+ return SQLITE_ERROR;
+ }
+ if( db->nVdbeActive>1 ){
+ sqlite3SetString(pzErrMsg, db,"cannot VACUUM - SQL statements in progress");
+ return SQLITE_ERROR;
+ }
+
+ /* Save the current value of the database flags so that it can be
+ ** restored before returning. Then set the writable-schema flag, and
+ ** disable CHECK and foreign key constraints. */
+ saved_flags = db->flags;
+ saved_nChange = db->nChange;
+ saved_nTotalChange = db->nTotalChange;
+ saved_xTrace = db->xTrace;
+ db->flags |= SQLITE_WriteSchema | SQLITE_IgnoreChecks | SQLITE_PreferBuiltin;
+ db->flags &= ~(SQLITE_ForeignKeys | SQLITE_ReverseOrder);
+ db->xTrace = 0;
+
+ pMain = db->aDb[0].pBt;
+ isMemDb = sqlite3PagerIsMemdb(sqlite3BtreePager(pMain));
+
+ /* Attach the temporary database as 'vacuum_db'. The synchronous pragma
+ ** can be set to 'off' for this file, as it is not recovered if a crash
+ ** occurs anyway. The integrity of the database is maintained by a
+ ** (possibly synchronous) transaction opened on the main database before
+ ** sqlite3BtreeCopyFile() is called.
+ **
+ ** An optimisation would be to use a non-journaled pager.
+ ** (Later:) I tried setting "PRAGMA vacuum_db.journal_mode=OFF" but
+ ** that actually made the VACUUM run slower. Very little journalling
+ ** actually occurs when doing a vacuum since the vacuum_db is initially
+ ** empty. Only the journal header is written. Apparently it takes more
+ ** time to parse and run the PRAGMA to turn journalling off than it does
+ ** to write the journal header file.
+ */
+ nDb = db->nDb;
+ if( sqlite3TempInMemory(db) ){
+ zSql = "ATTACH ':memory:' AS vacuum_db;";
+ }else{
+ zSql = "ATTACH '' AS vacuum_db;";
+ }
+ rc = execSql(db, pzErrMsg, zSql);
+ if( db->nDb>nDb ){
+ pDb = &db->aDb[db->nDb-1];
+ assert( strcmp(pDb->zName,"vacuum_db")==0 );
+ }
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+ pTemp = db->aDb[db->nDb-1].pBt;
+
+ /* The call to execSql() to attach the temp database has left the file
+ ** locked (as there was more than one active statement when the transaction
+ ** to read the schema was concluded. Unlock it here so that this doesn't
+ ** cause problems for the call to BtreeSetPageSize() below. */
+ sqlite3BtreeCommit(pTemp);
+
+ nRes = sqlite3BtreeGetOptimalReserve(pMain);
+
+ /* A VACUUM cannot change the pagesize of an encrypted database. */
+#ifdef SQLITE_HAS_CODEC
+ if( db->nextPagesize ){
+ extern void sqlite3CodecGetKey(sqlite3*, int, void**, int*);
+ int nKey;
+ char *zKey;
+ sqlite3CodecGetKey(db, 0, (void**)&zKey, &nKey);
+ if( nKey ) db->nextPagesize = 0;
+ }
+#endif
+
+ rc = execSql(db, pzErrMsg, "PRAGMA vacuum_db.synchronous=OFF");
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+
+ /* Begin a transaction and take an exclusive lock on the main database
+ ** file. This is done before the sqlite3BtreeGetPageSize(pMain) call below,
+ ** to ensure that we do not try to change the page-size on a WAL database.
+ */
+ rc = execSql(db, pzErrMsg, "BEGIN;");
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+ rc = sqlite3BtreeBeginTrans(pMain, 2);
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+
+ /* Do not attempt to change the page size for a WAL database */
+ if( sqlite3PagerGetJournalMode(sqlite3BtreePager(pMain))
+ ==PAGER_JOURNALMODE_WAL ){
+ db->nextPagesize = 0;
+ }
+
+ if( sqlite3BtreeSetPageSize(pTemp, sqlite3BtreeGetPageSize(pMain), nRes, 0)
+ || (!isMemDb && sqlite3BtreeSetPageSize(pTemp, db->nextPagesize, nRes, 0))
+ || NEVER(db->mallocFailed)
+ ){
+ rc = SQLITE_NOMEM;
+ goto end_of_vacuum;
+ }
+
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ sqlite3BtreeSetAutoVacuum(pTemp, db->nextAutovac>=0 ? db->nextAutovac :
+ sqlite3BtreeGetAutoVacuum(pMain));
+#endif
+
+ /* Query the schema of the main database. Create a mirror schema
+ ** in the temporary database.
+ */
+ rc = execExecSql(db, pzErrMsg,
+ "SELECT 'CREATE TABLE vacuum_db.' || substr(sql,14) "
+ " FROM sqlite_master WHERE type='table' AND name!='sqlite_sequence'"
+ " AND coalesce(rootpage,1)>0"
+ );
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+ rc = execExecSql(db, pzErrMsg,
+ "SELECT 'CREATE INDEX vacuum_db.' || substr(sql,14)"
+ " FROM sqlite_master WHERE sql LIKE 'CREATE INDEX %' ");
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+ rc = execExecSql(db, pzErrMsg,
+ "SELECT 'CREATE UNIQUE INDEX vacuum_db.' || substr(sql,21) "
+ " FROM sqlite_master WHERE sql LIKE 'CREATE UNIQUE INDEX %'");
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+
+ /* Loop through the tables in the main database. For each, do
+ ** an "INSERT INTO vacuum_db.xxx SELECT * FROM main.xxx;" to copy
+ ** the contents to the temporary database.
+ */
+ assert( (db->flags & SQLITE_Vacuum)==0 );
+ db->flags |= SQLITE_Vacuum;
+ rc = execExecSql(db, pzErrMsg,
+ "SELECT 'INSERT INTO vacuum_db.' || quote(name) "
+ "|| ' SELECT * FROM main.' || quote(name) || ';'"
+ "FROM main.sqlite_master "
+ "WHERE type = 'table' AND name!='sqlite_sequence' "
+ " AND coalesce(rootpage,1)>0"
+ );
+ assert( (db->flags & SQLITE_Vacuum)!=0 );
+ db->flags &= ~SQLITE_Vacuum;
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+
+ /* Copy over the sequence table
+ */
+ rc = execExecSql(db, pzErrMsg,
+ "SELECT 'DELETE FROM vacuum_db.' || quote(name) || ';' "
+ "FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence' "
+ );
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+ rc = execExecSql(db, pzErrMsg,
+ "SELECT 'INSERT INTO vacuum_db.' || quote(name) "
+ "|| ' SELECT * FROM main.' || quote(name) || ';' "
+ "FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';"
+ );
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+
+
+ /* Copy the triggers, views, and virtual tables from the main database
+ ** over to the temporary database. None of these objects has any
+ ** associated storage, so all we have to do is copy their entries
+ ** from the SQLITE_MASTER table.
+ */
+ rc = execSql(db, pzErrMsg,
+ "INSERT INTO vacuum_db.sqlite_master "
+ " SELECT type, name, tbl_name, rootpage, sql"
+ " FROM main.sqlite_master"
+ " WHERE type='view' OR type='trigger'"
+ " OR (type='table' AND rootpage=0)"
+ );
+ if( rc ) goto end_of_vacuum;
+
+ /* At this point, there is a write transaction open on both the
+ ** vacuum database and the main database. Assuming no error occurs,
+ ** both transactions are closed by this block - the main database
+ ** transaction by sqlite3BtreeCopyFile() and the other by an explicit
+ ** call to sqlite3BtreeCommit().
+ */
+ {
+ u32 meta;
+ int i;
+
+ /* This array determines which meta meta values are preserved in the
+ ** vacuum. Even entries are the meta value number and odd entries
+ ** are an increment to apply to the meta value after the vacuum.
+ ** The increment is used to increase the schema cookie so that other
+ ** connections to the same database will know to reread the schema.
+ */
+ static const unsigned char aCopy[] = {
+ BTREE_SCHEMA_VERSION, 1, /* Add one to the old schema cookie */
+ BTREE_DEFAULT_CACHE_SIZE, 0, /* Preserve the default page cache size */
+ BTREE_TEXT_ENCODING, 0, /* Preserve the text encoding */
+ BTREE_USER_VERSION, 0, /* Preserve the user version */
+ BTREE_APPLICATION_ID, 0, /* Preserve the application id */
+ };
+
+ assert( 1==sqlite3BtreeIsInTrans(pTemp) );
+ assert( 1==sqlite3BtreeIsInTrans(pMain) );
+
+ /* Copy Btree meta values */
+ for(i=0; i<ArraySize(aCopy); i+=2){
+ /* GetMeta() and UpdateMeta() cannot fail in this context because
+ ** we already have page 1 loaded into cache and marked dirty. */
+ sqlite3BtreeGetMeta(pMain, aCopy[i], &meta);
+ rc = sqlite3BtreeUpdateMeta(pTemp, aCopy[i], meta+aCopy[i+1]);
+ if( NEVER(rc!=SQLITE_OK) ) goto end_of_vacuum;
+ }
+
+ rc = sqlite3BtreeCopyFile(pMain, pTemp);
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+ rc = sqlite3BtreeCommit(pTemp);
+ if( rc!=SQLITE_OK ) goto end_of_vacuum;
+#ifndef SQLITE_OMIT_AUTOVACUUM
+ sqlite3BtreeSetAutoVacuum(pMain, sqlite3BtreeGetAutoVacuum(pTemp));
+#endif
+ }
+
+ assert( rc==SQLITE_OK );
+ rc = sqlite3BtreeSetPageSize(pMain, sqlite3BtreeGetPageSize(pTemp), nRes,1);
+
+end_of_vacuum:
+ /* Restore the original value of db->flags */
+ db->flags = saved_flags;
+ db->nChange = saved_nChange;
+ db->nTotalChange = saved_nTotalChange;
+ db->xTrace = saved_xTrace;
+ sqlite3BtreeSetPageSize(pMain, -1, -1, 1);
+
+ /* Currently there is an SQL level transaction open on the vacuum
+ ** database. No locks are held on any other files (since the main file
+ ** was committed at the btree level). So it safe to end the transaction
+ ** by manually setting the autoCommit flag to true and detaching the
+ ** vacuum database. The vacuum_db journal file is deleted when the pager
+ ** is closed by the DETACH.
+ */
+ db->autoCommit = 1;
+
+ if( pDb ){
+ sqlite3BtreeClose(pDb->pBt);
+ pDb->pBt = 0;
+ pDb->pSchema = 0;
+ }
+
+ /* This both clears the schemas and reduces the size of the db->aDb[]
+ ** array. */
+ sqlite3ResetAllSchemasOfConnection(db);
+
+ return rc;
+}
+
+#endif /* SQLITE_OMIT_VACUUM && SQLITE_OMIT_ATTACH */
+
+/************** End of vacuum.c **********************************************/
+/************** Begin file vtab.c ********************************************/
+/*
+** 2006 June 10
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code used to help implement virtual tables.
+*/
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* #include "sqliteInt.h" */
+
+/*
+** Before a virtual table xCreate() or xConnect() method is invoked, the
+** sqlite3.pVtabCtx member variable is set to point to an instance of
+** this struct allocated on the stack. It is used by the implementation of
+** the sqlite3_declare_vtab() and sqlite3_vtab_config() APIs, both of which
+** are invoked only from within xCreate and xConnect methods.
+*/
+struct VtabCtx {
+ VTable *pVTable; /* The virtual table being constructed */
+ Table *pTab; /* The Table object to which the virtual table belongs */
+ VtabCtx *pPrior; /* Parent context (if any) */
+ int bDeclared; /* True after sqlite3_declare_vtab() is called */
+};
+
+/*
+** The actual function that does the work of creating a new module.
+** This function implements the sqlite3_create_module() and
+** sqlite3_create_module_v2() interfaces.
+*/
+static int createModule(
+ sqlite3 *db, /* Database in which module is registered */
+ const char *zName, /* Name assigned to this module */
+ const sqlite3_module *pModule, /* The definition of the module */
+ void *pAux, /* Context pointer for xCreate/xConnect */
+ void (*xDestroy)(void *) /* Module destructor function */
+){
+ int rc = SQLITE_OK;
+ int nName;
+
+ sqlite3_mutex_enter(db->mutex);
+ nName = sqlite3Strlen30(zName);
+ if( sqlite3HashFind(&db->aModule, zName) ){
+ rc = SQLITE_MISUSE_BKPT;
+ }else{
+ Module *pMod;
+ pMod = (Module *)sqlite3DbMallocRaw(db, sizeof(Module) + nName + 1);
+ if( pMod ){
+ Module *pDel;
+ char *zCopy = (char *)(&pMod[1]);
+ memcpy(zCopy, zName, nName+1);
+ pMod->zName = zCopy;
+ pMod->pModule = pModule;
+ pMod->pAux = pAux;
+ pMod->xDestroy = xDestroy;
+ pMod->pEpoTab = 0;
+ pDel = (Module *)sqlite3HashInsert(&db->aModule,zCopy,(void*)pMod);
+ assert( pDel==0 || pDel==pMod );
+ if( pDel ){
+ db->mallocFailed = 1;
+ sqlite3DbFree(db, pDel);
+ }
+ }
+ }
+ rc = sqlite3ApiExit(db, rc);
+ if( rc!=SQLITE_OK && xDestroy ) xDestroy(pAux);
+
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+
+/*
+** External API function used to create a new virtual-table module.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_module(
+ sqlite3 *db, /* Database in which module is registered */
+ const char *zName, /* Name assigned to this module */
+ const sqlite3_module *pModule, /* The definition of the module */
+ void *pAux /* Context pointer for xCreate/xConnect */
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ return createModule(db, zName, pModule, pAux, 0);
+}
+
+/*
+** External API function used to create a new virtual-table module.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_module_v2(
+ sqlite3 *db, /* Database in which module is registered */
+ const char *zName, /* Name assigned to this module */
+ const sqlite3_module *pModule, /* The definition of the module */
+ void *pAux, /* Context pointer for xCreate/xConnect */
+ void (*xDestroy)(void *) /* Module destructor function */
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ return createModule(db, zName, pModule, pAux, xDestroy);
+}
+
+/*
+** Lock the virtual table so that it cannot be disconnected.
+** Locks nest. Every lock should have a corresponding unlock.
+** If an unlock is omitted, resources leaks will occur.
+**
+** If a disconnect is attempted while a virtual table is locked,
+** the disconnect is deferred until all locks have been removed.
+*/
+SQLITE_PRIVATE void sqlite3VtabLock(VTable *pVTab){
+ pVTab->nRef++;
+}
+
+
+/*
+** pTab is a pointer to a Table structure representing a virtual-table.
+** Return a pointer to the VTable object used by connection db to access
+** this virtual-table, if one has been created, or NULL otherwise.
+*/
+SQLITE_PRIVATE VTable *sqlite3GetVTable(sqlite3 *db, Table *pTab){
+ VTable *pVtab;
+ assert( IsVirtual(pTab) );
+ for(pVtab=pTab->pVTable; pVtab && pVtab->db!=db; pVtab=pVtab->pNext);
+ return pVtab;
+}
+
+/*
+** Decrement the ref-count on a virtual table object. When the ref-count
+** reaches zero, call the xDisconnect() method to delete the object.
+*/
+SQLITE_PRIVATE void sqlite3VtabUnlock(VTable *pVTab){
+ sqlite3 *db = pVTab->db;
+
+ assert( db );
+ assert( pVTab->nRef>0 );
+ assert( db->magic==SQLITE_MAGIC_OPEN || db->magic==SQLITE_MAGIC_ZOMBIE );
+
+ pVTab->nRef--;
+ if( pVTab->nRef==0 ){
+ sqlite3_vtab *p = pVTab->pVtab;
+ if( p ){
+ p->pModule->xDisconnect(p);
+ }
+ sqlite3DbFree(db, pVTab);
+ }
+}
+
+/*
+** Table p is a virtual table. This function moves all elements in the
+** p->pVTable list to the sqlite3.pDisconnect lists of their associated
+** database connections to be disconnected at the next opportunity.
+** Except, if argument db is not NULL, then the entry associated with
+** connection db is left in the p->pVTable list.
+*/
+static VTable *vtabDisconnectAll(sqlite3 *db, Table *p){
+ VTable *pRet = 0;
+ VTable *pVTable = p->pVTable;
+ p->pVTable = 0;
+
+ /* Assert that the mutex (if any) associated with the BtShared database
+ ** that contains table p is held by the caller. See header comments
+ ** above function sqlite3VtabUnlockList() for an explanation of why
+ ** this makes it safe to access the sqlite3.pDisconnect list of any
+ ** database connection that may have an entry in the p->pVTable list.
+ */
+ assert( db==0 || sqlite3SchemaMutexHeld(db, 0, p->pSchema) );
+
+ while( pVTable ){
+ sqlite3 *db2 = pVTable->db;
+ VTable *pNext = pVTable->pNext;
+ assert( db2 );
+ if( db2==db ){
+ pRet = pVTable;
+ p->pVTable = pRet;
+ pRet->pNext = 0;
+ }else{
+ pVTable->pNext = db2->pDisconnect;
+ db2->pDisconnect = pVTable;
+ }
+ pVTable = pNext;
+ }
+
+ assert( !db || pRet );
+ return pRet;
+}
+
+/*
+** Table *p is a virtual table. This function removes the VTable object
+** for table *p associated with database connection db from the linked
+** list in p->pVTab. It also decrements the VTable ref count. This is
+** used when closing database connection db to free all of its VTable
+** objects without disturbing the rest of the Schema object (which may
+** be being used by other shared-cache connections).
+*/
+SQLITE_PRIVATE void sqlite3VtabDisconnect(sqlite3 *db, Table *p){
+ VTable **ppVTab;
+
+ assert( IsVirtual(p) );
+ assert( sqlite3BtreeHoldsAllMutexes(db) );
+ assert( sqlite3_mutex_held(db->mutex) );
+
+ for(ppVTab=&p->pVTable; *ppVTab; ppVTab=&(*ppVTab)->pNext){
+ if( (*ppVTab)->db==db ){
+ VTable *pVTab = *ppVTab;
+ *ppVTab = pVTab->pNext;
+ sqlite3VtabUnlock(pVTab);
+ break;
+ }
+ }
+}
+
+
+/*
+** Disconnect all the virtual table objects in the sqlite3.pDisconnect list.
+**
+** This function may only be called when the mutexes associated with all
+** shared b-tree databases opened using connection db are held by the
+** caller. This is done to protect the sqlite3.pDisconnect list. The
+** sqlite3.pDisconnect list is accessed only as follows:
+**
+** 1) By this function. In this case, all BtShared mutexes and the mutex
+** associated with the database handle itself must be held.
+**
+** 2) By function vtabDisconnectAll(), when it adds a VTable entry to
+** the sqlite3.pDisconnect list. In this case either the BtShared mutex
+** associated with the database the virtual table is stored in is held
+** or, if the virtual table is stored in a non-sharable database, then
+** the database handle mutex is held.
+**
+** As a result, a sqlite3.pDisconnect cannot be accessed simultaneously
+** by multiple threads. It is thread-safe.
+*/
+SQLITE_PRIVATE void sqlite3VtabUnlockList(sqlite3 *db){
+ VTable *p = db->pDisconnect;
+ db->pDisconnect = 0;
+
+ assert( sqlite3BtreeHoldsAllMutexes(db) );
+ assert( sqlite3_mutex_held(db->mutex) );
+
+ if( p ){
+ sqlite3ExpirePreparedStatements(db);
+ do {
+ VTable *pNext = p->pNext;
+ sqlite3VtabUnlock(p);
+ p = pNext;
+ }while( p );
+ }
+}
+
+/*
+** Clear any and all virtual-table information from the Table record.
+** This routine is called, for example, just before deleting the Table
+** record.
+**
+** Since it is a virtual-table, the Table structure contains a pointer
+** to the head of a linked list of VTable structures. Each VTable
+** structure is associated with a single sqlite3* user of the schema.
+** The reference count of the VTable structure associated with database
+** connection db is decremented immediately (which may lead to the
+** structure being xDisconnected and free). Any other VTable structures
+** in the list are moved to the sqlite3.pDisconnect list of the associated
+** database connection.
+*/
+SQLITE_PRIVATE void sqlite3VtabClear(sqlite3 *db, Table *p){
+ if( !db || db->pnBytesFreed==0 ) vtabDisconnectAll(0, p);
+ if( p->azModuleArg ){
+ int i;
+ for(i=0; i<p->nModuleArg; i++){
+ if( i!=1 ) sqlite3DbFree(db, p->azModuleArg[i]);
+ }
+ sqlite3DbFree(db, p->azModuleArg);
+ }
+}
+
+/*
+** Add a new module argument to pTable->azModuleArg[].
+** The string is not copied - the pointer is stored. The
+** string will be freed automatically when the table is
+** deleted.
+*/
+static void addModuleArgument(sqlite3 *db, Table *pTable, char *zArg){
+ int nBytes = sizeof(char *)*(2+pTable->nModuleArg);
+ char **azModuleArg;
+ azModuleArg = sqlite3DbRealloc(db, pTable->azModuleArg, nBytes);
+ if( azModuleArg==0 ){
+ sqlite3DbFree(db, zArg);
+ }else{
+ int i = pTable->nModuleArg++;
+ azModuleArg[i] = zArg;
+ azModuleArg[i+1] = 0;
+ pTable->azModuleArg = azModuleArg;
+ }
+}
+
+/*
+** The parser calls this routine when it first sees a CREATE VIRTUAL TABLE
+** statement. The module name has been parsed, but the optional list
+** of parameters that follow the module name are still pending.
+*/
+SQLITE_PRIVATE void sqlite3VtabBeginParse(
+ Parse *pParse, /* Parsing context */
+ Token *pName1, /* Name of new table, or database name */
+ Token *pName2, /* Name of new table or NULL */
+ Token *pModuleName, /* Name of the module for the virtual table */
+ int ifNotExists /* No error if the table already exists */
+){
+ int iDb; /* The database the table is being created in */
+ Table *pTable; /* The new virtual table */
+ sqlite3 *db; /* Database connection */
+
+ sqlite3StartTable(pParse, pName1, pName2, 0, 0, 1, ifNotExists);
+ pTable = pParse->pNewTable;
+ if( pTable==0 ) return;
+ assert( 0==pTable->pIndex );
+
+ db = pParse->db;
+ iDb = sqlite3SchemaToIndex(db, pTable->pSchema);
+ assert( iDb>=0 );
+
+ pTable->tabFlags |= TF_Virtual;
+ pTable->nModuleArg = 0;
+ addModuleArgument(db, pTable, sqlite3NameFromToken(db, pModuleName));
+ addModuleArgument(db, pTable, 0);
+ addModuleArgument(db, pTable, sqlite3DbStrDup(db, pTable->zName));
+ assert( (pParse->sNameToken.z==pName2->z && pName2->z!=0)
+ || (pParse->sNameToken.z==pName1->z && pName2->z==0)
+ );
+ pParse->sNameToken.n = (int)(
+ &pModuleName->z[pModuleName->n] - pParse->sNameToken.z
+ );
+
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ /* Creating a virtual table invokes the authorization callback twice.
+ ** The first invocation, to obtain permission to INSERT a row into the
+ ** sqlite_master table, has already been made by sqlite3StartTable().
+ ** The second call, to obtain permission to create the table, is made now.
+ */
+ if( pTable->azModuleArg ){
+ sqlite3AuthCheck(pParse, SQLITE_CREATE_VTABLE, pTable->zName,
+ pTable->azModuleArg[0], pParse->db->aDb[iDb].zName);
+ }
+#endif
+}
+
+/*
+** This routine takes the module argument that has been accumulating
+** in pParse->zArg[] and appends it to the list of arguments on the
+** virtual table currently under construction in pParse->pTable.
+*/
+static void addArgumentToVtab(Parse *pParse){
+ if( pParse->sArg.z && pParse->pNewTable ){
+ const char *z = (const char*)pParse->sArg.z;
+ int n = pParse->sArg.n;
+ sqlite3 *db = pParse->db;
+ addModuleArgument(db, pParse->pNewTable, sqlite3DbStrNDup(db, z, n));
+ }
+}
+
+/*
+** The parser calls this routine after the CREATE VIRTUAL TABLE statement
+** has been completely parsed.
+*/
+SQLITE_PRIVATE void sqlite3VtabFinishParse(Parse *pParse, Token *pEnd){
+ Table *pTab = pParse->pNewTable; /* The table being constructed */
+ sqlite3 *db = pParse->db; /* The database connection */
+
+ if( pTab==0 ) return;
+ addArgumentToVtab(pParse);
+ pParse->sArg.z = 0;
+ if( pTab->nModuleArg<1 ) return;
+
+ /* If the CREATE VIRTUAL TABLE statement is being entered for the
+ ** first time (in other words if the virtual table is actually being
+ ** created now instead of just being read out of sqlite_master) then
+ ** do additional initialization work and store the statement text
+ ** in the sqlite_master table.
+ */
+ if( !db->init.busy ){
+ char *zStmt;
+ char *zWhere;
+ int iDb;
+ int iReg;
+ Vdbe *v;
+
+ /* Compute the complete text of the CREATE VIRTUAL TABLE statement */
+ if( pEnd ){
+ pParse->sNameToken.n = (int)(pEnd->z - pParse->sNameToken.z) + pEnd->n;
+ }
+ zStmt = sqlite3MPrintf(db, "CREATE VIRTUAL TABLE %T", &pParse->sNameToken);
+
+ /* A slot for the record has already been allocated in the
+ ** SQLITE_MASTER table. We just need to update that slot with all
+ ** the information we've collected.
+ **
+ ** The VM register number pParse->regRowid holds the rowid of an
+ ** entry in the sqlite_master table tht was created for this vtab
+ ** by sqlite3StartTable().
+ */
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ sqlite3NestedParse(pParse,
+ "UPDATE %Q.%s "
+ "SET type='table', name=%Q, tbl_name=%Q, rootpage=0, sql=%Q "
+ "WHERE rowid=#%d",
+ db->aDb[iDb].zName, SCHEMA_TABLE(iDb),
+ pTab->zName,
+ pTab->zName,
+ zStmt,
+ pParse->regRowid
+ );
+ sqlite3DbFree(db, zStmt);
+ v = sqlite3GetVdbe(pParse);
+ sqlite3ChangeCookie(pParse, iDb);
+
+ sqlite3VdbeAddOp2(v, OP_Expire, 0, 0);
+ zWhere = sqlite3MPrintf(db, "name='%q' AND type='table'", pTab->zName);
+ sqlite3VdbeAddParseSchemaOp(v, iDb, zWhere);
+
+ iReg = ++pParse->nMem;
+ sqlite3VdbeLoadString(v, iReg, pTab->zName);
+ sqlite3VdbeAddOp2(v, OP_VCreate, iDb, iReg);
+ }
+
+ /* If we are rereading the sqlite_master table create the in-memory
+ ** record of the table. The xConnect() method is not called until
+ ** the first time the virtual table is used in an SQL statement. This
+ ** allows a schema that contains virtual tables to be loaded before
+ ** the required virtual table implementations are registered. */
+ else {
+ Table *pOld;
+ Schema *pSchema = pTab->pSchema;
+ const char *zName = pTab->zName;
+ assert( sqlite3SchemaMutexHeld(db, 0, pSchema) );
+ pOld = sqlite3HashInsert(&pSchema->tblHash, zName, pTab);
+ if( pOld ){
+ db->mallocFailed = 1;
+ assert( pTab==pOld ); /* Malloc must have failed inside HashInsert() */
+ return;
+ }
+ pParse->pNewTable = 0;
+ }
+}
+
+/*
+** The parser calls this routine when it sees the first token
+** of an argument to the module name in a CREATE VIRTUAL TABLE statement.
+*/
+SQLITE_PRIVATE void sqlite3VtabArgInit(Parse *pParse){
+ addArgumentToVtab(pParse);
+ pParse->sArg.z = 0;
+ pParse->sArg.n = 0;
+}
+
+/*
+** The parser calls this routine for each token after the first token
+** in an argument to the module name in a CREATE VIRTUAL TABLE statement.
+*/
+SQLITE_PRIVATE void sqlite3VtabArgExtend(Parse *pParse, Token *p){
+ Token *pArg = &pParse->sArg;
+ if( pArg->z==0 ){
+ pArg->z = p->z;
+ pArg->n = p->n;
+ }else{
+ assert(pArg->z <= p->z);
+ pArg->n = (int)(&p->z[p->n] - pArg->z);
+ }
+}
+
+/*
+** Invoke a virtual table constructor (either xCreate or xConnect). The
+** pointer to the function to invoke is passed as the fourth parameter
+** to this procedure.
+*/
+static int vtabCallConstructor(
+ sqlite3 *db,
+ Table *pTab,
+ Module *pMod,
+ int (*xConstruct)(sqlite3*,void*,int,const char*const*,sqlite3_vtab**,char**),
+ char **pzErr
+){
+ VtabCtx sCtx;
+ VTable *pVTable;
+ int rc;
+ const char *const*azArg = (const char *const*)pTab->azModuleArg;
+ int nArg = pTab->nModuleArg;
+ char *zErr = 0;
+ char *zModuleName;
+ int iDb;
+ VtabCtx *pCtx;
+
+ /* Check that the virtual-table is not already being initialized */
+ for(pCtx=db->pVtabCtx; pCtx; pCtx=pCtx->pPrior){
+ if( pCtx->pTab==pTab ){
+ *pzErr = sqlite3MPrintf(db,
+ "vtable constructor called recursively: %s", pTab->zName
+ );
+ return SQLITE_LOCKED;
+ }
+ }
+
+ zModuleName = sqlite3MPrintf(db, "%s", pTab->zName);
+ if( !zModuleName ){
+ return SQLITE_NOMEM;
+ }
+
+ pVTable = sqlite3DbMallocZero(db, sizeof(VTable));
+ if( !pVTable ){
+ sqlite3DbFree(db, zModuleName);
+ return SQLITE_NOMEM;
+ }
+ pVTable->db = db;
+ pVTable->pMod = pMod;
+
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ pTab->azModuleArg[1] = db->aDb[iDb].zName;
+
+ /* Invoke the virtual table constructor */
+ assert( &db->pVtabCtx );
+ assert( xConstruct );
+ sCtx.pTab = pTab;
+ sCtx.pVTable = pVTable;
+ sCtx.pPrior = db->pVtabCtx;
+ sCtx.bDeclared = 0;
+ db->pVtabCtx = &sCtx;
+ rc = xConstruct(db, pMod->pAux, nArg, azArg, &pVTable->pVtab, &zErr);
+ db->pVtabCtx = sCtx.pPrior;
+ if( rc==SQLITE_NOMEM ) db->mallocFailed = 1;
+ assert( sCtx.pTab==pTab );
+
+ if( SQLITE_OK!=rc ){
+ if( zErr==0 ){
+ *pzErr = sqlite3MPrintf(db, "vtable constructor failed: %s", zModuleName);
+ }else {
+ *pzErr = sqlite3MPrintf(db, "%s", zErr);
+ sqlite3_free(zErr);
+ }
+ sqlite3DbFree(db, pVTable);
+ }else if( ALWAYS(pVTable->pVtab) ){
+ /* Justification of ALWAYS(): A correct vtab constructor must allocate
+ ** the sqlite3_vtab object if successful. */
+ memset(pVTable->pVtab, 0, sizeof(pVTable->pVtab[0]));
+ pVTable->pVtab->pModule = pMod->pModule;
+ pVTable->nRef = 1;
+ if( sCtx.bDeclared==0 ){
+ const char *zFormat = "vtable constructor did not declare schema: %s";
+ *pzErr = sqlite3MPrintf(db, zFormat, pTab->zName);
+ sqlite3VtabUnlock(pVTable);
+ rc = SQLITE_ERROR;
+ }else{
+ int iCol;
+ u8 oooHidden = 0;
+ /* If everything went according to plan, link the new VTable structure
+ ** into the linked list headed by pTab->pVTable. Then loop through the
+ ** columns of the table to see if any of them contain the token "hidden".
+ ** If so, set the Column COLFLAG_HIDDEN flag and remove the token from
+ ** the type string. */
+ pVTable->pNext = pTab->pVTable;
+ pTab->pVTable = pVTable;
+
+ for(iCol=0; iCol<pTab->nCol; iCol++){
+ char *zType = pTab->aCol[iCol].zType;
+ int nType;
+ int i = 0;
+ if( !zType ){
+ pTab->tabFlags |= oooHidden;
+ continue;
+ }
+ nType = sqlite3Strlen30(zType);
+ if( sqlite3StrNICmp("hidden", zType, 6)||(zType[6] && zType[6]!=' ') ){
+ for(i=0; i<nType; i++){
+ if( (0==sqlite3StrNICmp(" hidden", &zType[i], 7))
+ && (zType[i+7]=='\0' || zType[i+7]==' ')
+ ){
+ i++;
+ break;
+ }
+ }
+ }
+ if( i<nType ){
+ int j;
+ int nDel = 6 + (zType[i+6] ? 1 : 0);
+ for(j=i; (j+nDel)<=nType; j++){
+ zType[j] = zType[j+nDel];
+ }
+ if( zType[i]=='\0' && i>0 ){
+ assert(zType[i-1]==' ');
+ zType[i-1] = '\0';
+ }
+ pTab->aCol[iCol].colFlags |= COLFLAG_HIDDEN;
+ oooHidden = TF_OOOHidden;
+ }else{
+ pTab->tabFlags |= oooHidden;
+ }
+ }
+ }
+ }
+
+ sqlite3DbFree(db, zModuleName);
+ return rc;
+}
+
+/*
+** This function is invoked by the parser to call the xConnect() method
+** of the virtual table pTab. If an error occurs, an error code is returned
+** and an error left in pParse.
+**
+** This call is a no-op if table pTab is not a virtual table.
+*/
+SQLITE_PRIVATE int sqlite3VtabCallConnect(Parse *pParse, Table *pTab){
+ sqlite3 *db = pParse->db;
+ const char *zMod;
+ Module *pMod;
+ int rc;
+
+ assert( pTab );
+ if( (pTab->tabFlags & TF_Virtual)==0 || sqlite3GetVTable(db, pTab) ){
+ return SQLITE_OK;
+ }
+
+ /* Locate the required virtual table module */
+ zMod = pTab->azModuleArg[0];
+ pMod = (Module*)sqlite3HashFind(&db->aModule, zMod);
+
+ if( !pMod ){
+ const char *zModule = pTab->azModuleArg[0];
+ sqlite3ErrorMsg(pParse, "no such module: %s", zModule);
+ rc = SQLITE_ERROR;
+ }else{
+ char *zErr = 0;
+ rc = vtabCallConstructor(db, pTab, pMod, pMod->pModule->xConnect, &zErr);
+ if( rc!=SQLITE_OK ){
+ sqlite3ErrorMsg(pParse, "%s", zErr);
+ }
+ sqlite3DbFree(db, zErr);
+ }
+
+ return rc;
+}
+/*
+** Grow the db->aVTrans[] array so that there is room for at least one
+** more v-table. Return SQLITE_NOMEM if a malloc fails, or SQLITE_OK otherwise.
+*/
+static int growVTrans(sqlite3 *db){
+ const int ARRAY_INCR = 5;
+
+ /* Grow the sqlite3.aVTrans array if required */
+ if( (db->nVTrans%ARRAY_INCR)==0 ){
+ VTable **aVTrans;
+ int nBytes = sizeof(sqlite3_vtab *) * (db->nVTrans + ARRAY_INCR);
+ aVTrans = sqlite3DbRealloc(db, (void *)db->aVTrans, nBytes);
+ if( !aVTrans ){
+ return SQLITE_NOMEM;
+ }
+ memset(&aVTrans[db->nVTrans], 0, sizeof(sqlite3_vtab *)*ARRAY_INCR);
+ db->aVTrans = aVTrans;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Add the virtual table pVTab to the array sqlite3.aVTrans[]. Space should
+** have already been reserved using growVTrans().
+*/
+static void addToVTrans(sqlite3 *db, VTable *pVTab){
+ /* Add pVtab to the end of sqlite3.aVTrans */
+ db->aVTrans[db->nVTrans++] = pVTab;
+ sqlite3VtabLock(pVTab);
+}
+
+/*
+** This function is invoked by the vdbe to call the xCreate method
+** of the virtual table named zTab in database iDb.
+**
+** If an error occurs, *pzErr is set to point an an English language
+** description of the error and an SQLITE_XXX error code is returned.
+** In this case the caller must call sqlite3DbFree(db, ) on *pzErr.
+*/
+SQLITE_PRIVATE int sqlite3VtabCallCreate(sqlite3 *db, int iDb, const char *zTab, char **pzErr){
+ int rc = SQLITE_OK;
+ Table *pTab;
+ Module *pMod;
+ const char *zMod;
+
+ pTab = sqlite3FindTable(db, zTab, db->aDb[iDb].zName);
+ assert( pTab && (pTab->tabFlags & TF_Virtual)!=0 && !pTab->pVTable );
+
+ /* Locate the required virtual table module */
+ zMod = pTab->azModuleArg[0];
+ pMod = (Module*)sqlite3HashFind(&db->aModule, zMod);
+
+ /* If the module has been registered and includes a Create method,
+ ** invoke it now. If the module has not been registered, return an
+ ** error. Otherwise, do nothing.
+ */
+ if( pMod==0 || pMod->pModule->xCreate==0 || pMod->pModule->xDestroy==0 ){
+ *pzErr = sqlite3MPrintf(db, "no such module: %s", zMod);
+ rc = SQLITE_ERROR;
+ }else{
+ rc = vtabCallConstructor(db, pTab, pMod, pMod->pModule->xCreate, pzErr);
+ }
+
+ /* Justification of ALWAYS(): The xConstructor method is required to
+ ** create a valid sqlite3_vtab if it returns SQLITE_OK. */
+ if( rc==SQLITE_OK && ALWAYS(sqlite3GetVTable(db, pTab)) ){
+ rc = growVTrans(db);
+ if( rc==SQLITE_OK ){
+ addToVTrans(db, sqlite3GetVTable(db, pTab));
+ }
+ }
+
+ return rc;
+}
+
+/*
+** This function is used to set the schema of a virtual table. It is only
+** valid to call this function from within the xCreate() or xConnect() of a
+** virtual table module.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
+ VtabCtx *pCtx;
+ Parse *pParse;
+ int rc = SQLITE_OK;
+ Table *pTab;
+ char *zErr = 0;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zCreateTable==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pCtx = db->pVtabCtx;
+ if( !pCtx || pCtx->bDeclared ){
+ sqlite3Error(db, SQLITE_MISUSE);
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_MISUSE_BKPT;
+ }
+ pTab = pCtx->pTab;
+ assert( (pTab->tabFlags & TF_Virtual)!=0 );
+
+ pParse = sqlite3StackAllocZero(db, sizeof(*pParse));
+ if( pParse==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ pParse->declareVtab = 1;
+ pParse->db = db;
+ pParse->nQueryLoop = 1;
+
+ if( SQLITE_OK==sqlite3RunParser(pParse, zCreateTable, &zErr)
+ && pParse->pNewTable
+ && !db->mallocFailed
+ && !pParse->pNewTable->pSelect
+ && (pParse->pNewTable->tabFlags & TF_Virtual)==0
+ ){
+ if( !pTab->aCol ){
+ pTab->aCol = pParse->pNewTable->aCol;
+ pTab->nCol = pParse->pNewTable->nCol;
+ pParse->pNewTable->nCol = 0;
+ pParse->pNewTable->aCol = 0;
+ }
+ pCtx->bDeclared = 1;
+ }else{
+ sqlite3ErrorWithMsg(db, SQLITE_ERROR, (zErr ? "%s" : 0), zErr);
+ sqlite3DbFree(db, zErr);
+ rc = SQLITE_ERROR;
+ }
+ pParse->declareVtab = 0;
+
+ if( pParse->pVdbe ){
+ sqlite3VdbeFinalize(pParse->pVdbe);
+ }
+ sqlite3DeleteTable(db, pParse->pNewTable);
+ sqlite3ParserReset(pParse);
+ sqlite3StackFree(db, pParse);
+ }
+
+ assert( (rc&0xff)==rc );
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** This function is invoked by the vdbe to call the xDestroy method
+** of the virtual table named zTab in database iDb. This occurs
+** when a DROP TABLE is mentioned.
+**
+** This call is a no-op if zTab is not a virtual table.
+*/
+SQLITE_PRIVATE int sqlite3VtabCallDestroy(sqlite3 *db, int iDb, const char *zTab){
+ int rc = SQLITE_OK;
+ Table *pTab;
+
+ pTab = sqlite3FindTable(db, zTab, db->aDb[iDb].zName);
+ if( ALWAYS(pTab!=0 && pTab->pVTable!=0) ){
+ VTable *p;
+ int (*xDestroy)(sqlite3_vtab *);
+ for(p=pTab->pVTable; p; p=p->pNext){
+ assert( p->pVtab );
+ if( p->pVtab->nRef>0 ){
+ return SQLITE_LOCKED;
+ }
+ }
+ p = vtabDisconnectAll(db, pTab);
+ xDestroy = p->pMod->pModule->xDestroy;
+ assert( xDestroy!=0 ); /* Checked before the virtual table is created */
+ rc = xDestroy(p->pVtab);
+ /* Remove the sqlite3_vtab* from the aVTrans[] array, if applicable */
+ if( rc==SQLITE_OK ){
+ assert( pTab->pVTable==p && p->pNext==0 );
+ p->pVtab = 0;
+ pTab->pVTable = 0;
+ sqlite3VtabUnlock(p);
+ }
+ }
+
+ return rc;
+}
+
+/*
+** This function invokes either the xRollback or xCommit method
+** of each of the virtual tables in the sqlite3.aVTrans array. The method
+** called is identified by the second argument, "offset", which is
+** the offset of the method to call in the sqlite3_module structure.
+**
+** The array is cleared after invoking the callbacks.
+*/
+static void callFinaliser(sqlite3 *db, int offset){
+ int i;
+ if( db->aVTrans ){
+ VTable **aVTrans = db->aVTrans;
+ db->aVTrans = 0;
+ for(i=0; i<db->nVTrans; i++){
+ VTable *pVTab = aVTrans[i];
+ sqlite3_vtab *p = pVTab->pVtab;
+ if( p ){
+ int (*x)(sqlite3_vtab *);
+ x = *(int (**)(sqlite3_vtab *))((char *)p->pModule + offset);
+ if( x ) x(p);
+ }
+ pVTab->iSavepoint = 0;
+ sqlite3VtabUnlock(pVTab);
+ }
+ sqlite3DbFree(db, aVTrans);
+ db->nVTrans = 0;
+ }
+}
+
+/*
+** Invoke the xSync method of all virtual tables in the sqlite3.aVTrans
+** array. Return the error code for the first error that occurs, or
+** SQLITE_OK if all xSync operations are successful.
+**
+** If an error message is available, leave it in p->zErrMsg.
+*/
+SQLITE_PRIVATE int sqlite3VtabSync(sqlite3 *db, Vdbe *p){
+ int i;
+ int rc = SQLITE_OK;
+ VTable **aVTrans = db->aVTrans;
+
+ db->aVTrans = 0;
+ for(i=0; rc==SQLITE_OK && i<db->nVTrans; i++){
+ int (*x)(sqlite3_vtab *);
+ sqlite3_vtab *pVtab = aVTrans[i]->pVtab;
+ if( pVtab && (x = pVtab->pModule->xSync)!=0 ){
+ rc = x(pVtab);
+ sqlite3VtabImportErrmsg(p, pVtab);
+ }
+ }
+ db->aVTrans = aVTrans;
+ return rc;
+}
+
+/*
+** Invoke the xRollback method of all virtual tables in the
+** sqlite3.aVTrans array. Then clear the array itself.
+*/
+SQLITE_PRIVATE int sqlite3VtabRollback(sqlite3 *db){
+ callFinaliser(db, offsetof(sqlite3_module,xRollback));
+ return SQLITE_OK;
+}
+
+/*
+** Invoke the xCommit method of all virtual tables in the
+** sqlite3.aVTrans array. Then clear the array itself.
+*/
+SQLITE_PRIVATE int sqlite3VtabCommit(sqlite3 *db){
+ callFinaliser(db, offsetof(sqlite3_module,xCommit));
+ return SQLITE_OK;
+}
+
+/*
+** If the virtual table pVtab supports the transaction interface
+** (xBegin/xRollback/xCommit and optionally xSync) and a transaction is
+** not currently open, invoke the xBegin method now.
+**
+** If the xBegin call is successful, place the sqlite3_vtab pointer
+** in the sqlite3.aVTrans array.
+*/
+SQLITE_PRIVATE int sqlite3VtabBegin(sqlite3 *db, VTable *pVTab){
+ int rc = SQLITE_OK;
+ const sqlite3_module *pModule;
+
+ /* Special case: If db->aVTrans is NULL and db->nVTrans is greater
+ ** than zero, then this function is being called from within a
+ ** virtual module xSync() callback. It is illegal to write to
+ ** virtual module tables in this case, so return SQLITE_LOCKED.
+ */
+ if( sqlite3VtabInSync(db) ){
+ return SQLITE_LOCKED;
+ }
+ if( !pVTab ){
+ return SQLITE_OK;
+ }
+ pModule = pVTab->pVtab->pModule;
+
+ if( pModule->xBegin ){
+ int i;
+
+ /* If pVtab is already in the aVTrans array, return early */
+ for(i=0; i<db->nVTrans; i++){
+ if( db->aVTrans[i]==pVTab ){
+ return SQLITE_OK;
+ }
+ }
+
+ /* Invoke the xBegin method. If successful, add the vtab to the
+ ** sqlite3.aVTrans[] array. */
+ rc = growVTrans(db);
+ if( rc==SQLITE_OK ){
+ rc = pModule->xBegin(pVTab->pVtab);
+ if( rc==SQLITE_OK ){
+ int iSvpt = db->nStatement + db->nSavepoint;
+ addToVTrans(db, pVTab);
+ if( iSvpt ) rc = sqlite3VtabSavepoint(db, SAVEPOINT_BEGIN, iSvpt-1);
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Invoke either the xSavepoint, xRollbackTo or xRelease method of all
+** virtual tables that currently have an open transaction. Pass iSavepoint
+** as the second argument to the virtual table method invoked.
+**
+** If op is SAVEPOINT_BEGIN, the xSavepoint method is invoked. If it is
+** SAVEPOINT_ROLLBACK, the xRollbackTo method. Otherwise, if op is
+** SAVEPOINT_RELEASE, then the xRelease method of each virtual table with
+** an open transaction is invoked.
+**
+** If any virtual table method returns an error code other than SQLITE_OK,
+** processing is abandoned and the error returned to the caller of this
+** function immediately. If all calls to virtual table methods are successful,
+** SQLITE_OK is returned.
+*/
+SQLITE_PRIVATE int sqlite3VtabSavepoint(sqlite3 *db, int op, int iSavepoint){
+ int rc = SQLITE_OK;
+
+ assert( op==SAVEPOINT_RELEASE||op==SAVEPOINT_ROLLBACK||op==SAVEPOINT_BEGIN );
+ assert( iSavepoint>=-1 );
+ if( db->aVTrans ){
+ int i;
+ for(i=0; rc==SQLITE_OK && i<db->nVTrans; i++){
+ VTable *pVTab = db->aVTrans[i];
+ const sqlite3_module *pMod = pVTab->pMod->pModule;
+ if( pVTab->pVtab && pMod->iVersion>=2 ){
+ int (*xMethod)(sqlite3_vtab *, int);
+ switch( op ){
+ case SAVEPOINT_BEGIN:
+ xMethod = pMod->xSavepoint;
+ pVTab->iSavepoint = iSavepoint+1;
+ break;
+ case SAVEPOINT_ROLLBACK:
+ xMethod = pMod->xRollbackTo;
+ break;
+ default:
+ xMethod = pMod->xRelease;
+ break;
+ }
+ if( xMethod && pVTab->iSavepoint>iSavepoint ){
+ rc = xMethod(pVTab->pVtab, iSavepoint);
+ }
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** The first parameter (pDef) is a function implementation. The
+** second parameter (pExpr) is the first argument to this function.
+** If pExpr is a column in a virtual table, then let the virtual
+** table implementation have an opportunity to overload the function.
+**
+** This routine is used to allow virtual table implementations to
+** overload MATCH, LIKE, GLOB, and REGEXP operators.
+**
+** Return either the pDef argument (indicating no change) or a
+** new FuncDef structure that is marked as ephemeral using the
+** SQLITE_FUNC_EPHEM flag.
+*/
+SQLITE_PRIVATE FuncDef *sqlite3VtabOverloadFunction(
+ sqlite3 *db, /* Database connection for reporting malloc problems */
+ FuncDef *pDef, /* Function to possibly overload */
+ int nArg, /* Number of arguments to the function */
+ Expr *pExpr /* First argument to the function */
+){
+ Table *pTab;
+ sqlite3_vtab *pVtab;
+ sqlite3_module *pMod;
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**) = 0;
+ void *pArg = 0;
+ FuncDef *pNew;
+ int rc = 0;
+ char *zLowerName;
+ unsigned char *z;
+
+
+ /* Check to see the left operand is a column in a virtual table */
+ if( NEVER(pExpr==0) ) return pDef;
+ if( pExpr->op!=TK_COLUMN ) return pDef;
+ pTab = pExpr->pTab;
+ if( NEVER(pTab==0) ) return pDef;
+ if( (pTab->tabFlags & TF_Virtual)==0 ) return pDef;
+ pVtab = sqlite3GetVTable(db, pTab)->pVtab;
+ assert( pVtab!=0 );
+ assert( pVtab->pModule!=0 );
+ pMod = (sqlite3_module *)pVtab->pModule;
+ if( pMod->xFindFunction==0 ) return pDef;
+
+ /* Call the xFindFunction method on the virtual table implementation
+ ** to see if the implementation wants to overload this function
+ */
+ zLowerName = sqlite3DbStrDup(db, pDef->zName);
+ if( zLowerName ){
+ for(z=(unsigned char*)zLowerName; *z; z++){
+ *z = sqlite3UpperToLower[*z];
+ }
+ rc = pMod->xFindFunction(pVtab, nArg, zLowerName, &xFunc, &pArg);
+ sqlite3DbFree(db, zLowerName);
+ }
+ if( rc==0 ){
+ return pDef;
+ }
+
+ /* Create a new ephemeral function definition for the overloaded
+ ** function */
+ pNew = sqlite3DbMallocZero(db, sizeof(*pNew)
+ + sqlite3Strlen30(pDef->zName) + 1);
+ if( pNew==0 ){
+ return pDef;
+ }
+ *pNew = *pDef;
+ pNew->zName = (char *)&pNew[1];
+ memcpy(pNew->zName, pDef->zName, sqlite3Strlen30(pDef->zName)+1);
+ pNew->xFunc = xFunc;
+ pNew->pUserData = pArg;
+ pNew->funcFlags |= SQLITE_FUNC_EPHEM;
+ return pNew;
+}
+
+/*
+** Make sure virtual table pTab is contained in the pParse->apVirtualLock[]
+** array so that an OP_VBegin will get generated for it. Add pTab to the
+** array if it is missing. If pTab is already in the array, this routine
+** is a no-op.
+*/
+SQLITE_PRIVATE void sqlite3VtabMakeWritable(Parse *pParse, Table *pTab){
+ Parse *pToplevel = sqlite3ParseToplevel(pParse);
+ int i, n;
+ Table **apVtabLock;
+
+ assert( IsVirtual(pTab) );
+ for(i=0; i<pToplevel->nVtabLock; i++){
+ if( pTab==pToplevel->apVtabLock[i] ) return;
+ }
+ n = (pToplevel->nVtabLock+1)*sizeof(pToplevel->apVtabLock[0]);
+ apVtabLock = sqlite3_realloc64(pToplevel->apVtabLock, n);
+ if( apVtabLock ){
+ pToplevel->apVtabLock = apVtabLock;
+ pToplevel->apVtabLock[pToplevel->nVtabLock++] = pTab;
+ }else{
+ pToplevel->db->mallocFailed = 1;
+ }
+}
+
+/*
+** Check to see if virtual tale module pMod can be have an eponymous
+** virtual table instance. If it can, create one if one does not already
+** exist. Return non-zero if the eponymous virtual table instance exists
+** when this routine returns, and return zero if it does not exist.
+**
+** An eponymous virtual table instance is one that is named after its
+** module, and more importantly, does not require a CREATE VIRTUAL TABLE
+** statement in order to come into existance. Eponymous virtual table
+** instances always exist. They cannot be DROP-ed.
+**
+** Any virtual table module for which xConnect and xCreate are the same
+** method can have an eponymous virtual table instance.
+*/
+SQLITE_PRIVATE int sqlite3VtabEponymousTableInit(Parse *pParse, Module *pMod){
+ const sqlite3_module *pModule = pMod->pModule;
+ Table *pTab;
+ char *zErr = 0;
+ int nName;
+ int rc;
+ sqlite3 *db = pParse->db;
+ if( pMod->pEpoTab ) return 1;
+ if( pModule->xCreate!=0 && pModule->xCreate!=pModule->xConnect ) return 0;
+ nName = sqlite3Strlen30(pMod->zName) + 1;
+ pTab = sqlite3DbMallocZero(db, sizeof(Table) + nName);
+ if( pTab==0 ) return 0;
+ pMod->pEpoTab = pTab;
+ pTab->zName = (char*)&pTab[1];
+ memcpy(pTab->zName, pMod->zName, nName);
+ pTab->nRef = 1;
+ pTab->pSchema = db->aDb[0].pSchema;
+ pTab->tabFlags |= TF_Virtual;
+ pTab->nModuleArg = 0;
+ pTab->iPKey = -1;
+ addModuleArgument(db, pTab, sqlite3DbStrDup(db, pTab->zName));
+ addModuleArgument(db, pTab, 0);
+ addModuleArgument(db, pTab, sqlite3DbStrDup(db, pTab->zName));
+ rc = vtabCallConstructor(db, pTab, pMod, pModule->xConnect, &zErr);
+ if( rc ){
+ sqlite3ErrorMsg(pParse, "%s", zErr);
+ sqlite3DbFree(db, zErr);
+ sqlite3VtabEponymousTableClear(db, pMod);
+ return 0;
+ }
+ return 1;
+}
+
+/*
+** Erase the eponymous virtual table instance associated with
+** virtual table module pMod, if it exists.
+*/
+SQLITE_PRIVATE void sqlite3VtabEponymousTableClear(sqlite3 *db, Module *pMod){
+ Table *pTab = pMod->pEpoTab;
+ if( pTab!=0 ){
+ sqlite3DeleteColumnNames(db, pTab);
+ sqlite3VtabClear(db, pTab);
+ sqlite3DbFree(db, pTab);
+ pMod->pEpoTab = 0;
+ }
+}
+
+/*
+** Return the ON CONFLICT resolution mode in effect for the virtual
+** table update operation currently in progress.
+**
+** The results of this routine are undefined unless it is called from
+** within an xUpdate method.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_vtab_on_conflict(sqlite3 *db){
+ static const unsigned char aMap[] = {
+ SQLITE_ROLLBACK, SQLITE_ABORT, SQLITE_FAIL, SQLITE_IGNORE, SQLITE_REPLACE
+ };
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ assert( OE_Rollback==1 && OE_Abort==2 && OE_Fail==3 );
+ assert( OE_Ignore==4 && OE_Replace==5 );
+ assert( db->vtabOnConflict>=1 && db->vtabOnConflict<=5 );
+ return (int)aMap[db->vtabOnConflict-1];
+}
+
+/*
+** Call from within the xCreate() or xConnect() methods to provide
+** the SQLite core with additional information about the behavior
+** of the virtual table being implemented.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_vtab_config(sqlite3 *db, int op, ...){
+ va_list ap;
+ int rc = SQLITE_OK;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ va_start(ap, op);
+ switch( op ){
+ case SQLITE_VTAB_CONSTRAINT_SUPPORT: {
+ VtabCtx *p = db->pVtabCtx;
+ if( !p ){
+ rc = SQLITE_MISUSE_BKPT;
+ }else{
+ assert( p->pTab==0 || (p->pTab->tabFlags & TF_Virtual)!=0 );
+ p->pVTable->bConstraint = (u8)va_arg(ap, int);
+ }
+ break;
+ }
+ default:
+ rc = SQLITE_MISUSE_BKPT;
+ break;
+ }
+ va_end(ap);
+
+ if( rc!=SQLITE_OK ) sqlite3Error(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/************** End of vtab.c ************************************************/
+/************** Begin file wherecode.c ***************************************/
+/*
+** 2015-06-06
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This module contains C code that generates VDBE code used to process
+** the WHERE clause of SQL statements.
+**
+** This file was split off from where.c on 2015-06-06 in order to reduce the
+** size of where.c and make it easier to edit. This file contains the routines
+** that actually generate the bulk of the WHERE loop code. The original where.c
+** file retains the code that does query planning and analysis.
+*/
+/* #include "sqliteInt.h" */
+/************** Include whereInt.h in the middle of wherecode.c **************/
+/************** Begin file whereInt.h ****************************************/
+/*
+** 2013-11-12
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains structure and macro definitions for the query
+** planner logic in "where.c". These definitions are broken out into
+** a separate source file for easier editing.
+*/
+
+/*
+** Trace output macros
+*/
+#if defined(SQLITE_TEST) || defined(SQLITE_DEBUG)
+/***/ int sqlite3WhereTrace;
+#endif
+#if defined(SQLITE_DEBUG) \
+ && (defined(SQLITE_TEST) || defined(SQLITE_ENABLE_WHERETRACE))
+# define WHERETRACE(K,X) if(sqlite3WhereTrace&(K)) sqlite3DebugPrintf X
+# define WHERETRACE_ENABLED 1
+#else
+# define WHERETRACE(K,X)
+#endif
+
+/* Forward references
+*/
+typedef struct WhereClause WhereClause;
+typedef struct WhereMaskSet WhereMaskSet;
+typedef struct WhereOrInfo WhereOrInfo;
+typedef struct WhereAndInfo WhereAndInfo;
+typedef struct WhereLevel WhereLevel;
+typedef struct WhereLoop WhereLoop;
+typedef struct WherePath WherePath;
+typedef struct WhereTerm WhereTerm;
+typedef struct WhereLoopBuilder WhereLoopBuilder;
+typedef struct WhereScan WhereScan;
+typedef struct WhereOrCost WhereOrCost;
+typedef struct WhereOrSet WhereOrSet;
+
+/*
+** This object contains information needed to implement a single nested
+** loop in WHERE clause.
+**
+** Contrast this object with WhereLoop. This object describes the
+** implementation of the loop. WhereLoop describes the algorithm.
+** This object contains a pointer to the WhereLoop algorithm as one of
+** its elements.
+**
+** The WhereInfo object contains a single instance of this object for
+** each term in the FROM clause (which is to say, for each of the
+** nested loops as implemented). The order of WhereLevel objects determines
+** the loop nested order, with WhereInfo.a[0] being the outer loop and
+** WhereInfo.a[WhereInfo.nLevel-1] being the inner loop.
+*/
+struct WhereLevel {
+ int iLeftJoin; /* Memory cell used to implement LEFT OUTER JOIN */
+ int iTabCur; /* The VDBE cursor used to access the table */
+ int iIdxCur; /* The VDBE cursor used to access pIdx */
+ int addrBrk; /* Jump here to break out of the loop */
+ int addrNxt; /* Jump here to start the next IN combination */
+ int addrSkip; /* Jump here for next iteration of skip-scan */
+ int addrCont; /* Jump here to continue with the next loop cycle */
+ int addrFirst; /* First instruction of interior of the loop */
+ int addrBody; /* Beginning of the body of this loop */
+#ifndef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ int iLikeRepCntr; /* LIKE range processing counter register */
+ int addrLikeRep; /* LIKE range processing address */
+#endif
+ u8 iFrom; /* Which entry in the FROM clause */
+ u8 op, p3, p5; /* Opcode, P3 & P5 of the opcode that ends the loop */
+ int p1, p2; /* Operands of the opcode used to ends the loop */
+ union { /* Information that depends on pWLoop->wsFlags */
+ struct {
+ int nIn; /* Number of entries in aInLoop[] */
+ struct InLoop {
+ int iCur; /* The VDBE cursor used by this IN operator */
+ int addrInTop; /* Top of the IN loop */
+ u8 eEndLoopOp; /* IN Loop terminator. OP_Next or OP_Prev */
+ } *aInLoop; /* Information about each nested IN operator */
+ } in; /* Used when pWLoop->wsFlags&WHERE_IN_ABLE */
+ Index *pCovidx; /* Possible covering index for WHERE_MULTI_OR */
+ } u;
+ struct WhereLoop *pWLoop; /* The selected WhereLoop object */
+ Bitmask notReady; /* FROM entries not usable at this level */
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ int addrVisit; /* Address at which row is visited */
+#endif
+};
+
+/*
+** Each instance of this object represents an algorithm for evaluating one
+** term of a join. Every term of the FROM clause will have at least
+** one corresponding WhereLoop object (unless INDEXED BY constraints
+** prevent a query solution - which is an error) and many terms of the
+** FROM clause will have multiple WhereLoop objects, each describing a
+** potential way of implementing that FROM-clause term, together with
+** dependencies and cost estimates for using the chosen algorithm.
+**
+** Query planning consists of building up a collection of these WhereLoop
+** objects, then computing a particular sequence of WhereLoop objects, with
+** one WhereLoop object per FROM clause term, that satisfy all dependencies
+** and that minimize the overall cost.
+*/
+struct WhereLoop {
+ Bitmask prereq; /* Bitmask of other loops that must run first */
+ Bitmask maskSelf; /* Bitmask identifying table iTab */
+#ifdef SQLITE_DEBUG
+ char cId; /* Symbolic ID of this loop for debugging use */
+#endif
+ u8 iTab; /* Position in FROM clause of table for this loop */
+ u8 iSortIdx; /* Sorting index number. 0==None */
+ LogEst rSetup; /* One-time setup cost (ex: create transient index) */
+ LogEst rRun; /* Cost of running each loop */
+ LogEst nOut; /* Estimated number of output rows */
+ union {
+ struct { /* Information for internal btree tables */
+ u16 nEq; /* Number of equality constraints */
+ Index *pIndex; /* Index used, or NULL */
+ } btree;
+ struct { /* Information for virtual tables */
+ int idxNum; /* Index number */
+ u8 needFree; /* True if sqlite3_free(idxStr) is needed */
+ i8 isOrdered; /* True if satisfies ORDER BY */
+ u16 omitMask; /* Terms that may be omitted */
+ char *idxStr; /* Index identifier string */
+ } vtab;
+ } u;
+ u32 wsFlags; /* WHERE_* flags describing the plan */
+ u16 nLTerm; /* Number of entries in aLTerm[] */
+ u16 nSkip; /* Number of NULL aLTerm[] entries */
+ /**** whereLoopXfer() copies fields above ***********************/
+# define WHERE_LOOP_XFER_SZ offsetof(WhereLoop,nLSlot)
+ u16 nLSlot; /* Number of slots allocated for aLTerm[] */
+ WhereTerm **aLTerm; /* WhereTerms used */
+ WhereLoop *pNextLoop; /* Next WhereLoop object in the WhereClause */
+ WhereTerm *aLTermSpace[3]; /* Initial aLTerm[] space */
+};
+
+/* This object holds the prerequisites and the cost of running a
+** subquery on one operand of an OR operator in the WHERE clause.
+** See WhereOrSet for additional information
+*/
+struct WhereOrCost {
+ Bitmask prereq; /* Prerequisites */
+ LogEst rRun; /* Cost of running this subquery */
+ LogEst nOut; /* Number of outputs for this subquery */
+};
+
+/* The WhereOrSet object holds a set of possible WhereOrCosts that
+** correspond to the subquery(s) of OR-clause processing. Only the
+** best N_OR_COST elements are retained.
+*/
+#define N_OR_COST 3
+struct WhereOrSet {
+ u16 n; /* Number of valid a[] entries */
+ WhereOrCost a[N_OR_COST]; /* Set of best costs */
+};
+
+/*
+** Each instance of this object holds a sequence of WhereLoop objects
+** that implement some or all of a query plan.
+**
+** Think of each WhereLoop object as a node in a graph with arcs
+** showing dependencies and costs for travelling between nodes. (That is
+** not a completely accurate description because WhereLoop costs are a
+** vector, not a scalar, and because dependencies are many-to-one, not
+** one-to-one as are graph nodes. But it is a useful visualization aid.)
+** Then a WherePath object is a path through the graph that visits some
+** or all of the WhereLoop objects once.
+**
+** The "solver" works by creating the N best WherePath objects of length
+** 1. Then using those as a basis to compute the N best WherePath objects
+** of length 2. And so forth until the length of WherePaths equals the
+** number of nodes in the FROM clause. The best (lowest cost) WherePath
+** at the end is the chosen query plan.
+*/
+struct WherePath {
+ Bitmask maskLoop; /* Bitmask of all WhereLoop objects in this path */
+ Bitmask revLoop; /* aLoop[]s that should be reversed for ORDER BY */
+ LogEst nRow; /* Estimated number of rows generated by this path */
+ LogEst rCost; /* Total cost of this path */
+ LogEst rUnsorted; /* Total cost of this path ignoring sorting costs */
+ i8 isOrdered; /* No. of ORDER BY terms satisfied. -1 for unknown */
+ WhereLoop **aLoop; /* Array of WhereLoop objects implementing this path */
+};
+
+/*
+** The query generator uses an array of instances of this structure to
+** help it analyze the subexpressions of the WHERE clause. Each WHERE
+** clause subexpression is separated from the others by AND operators,
+** usually, or sometimes subexpressions separated by OR.
+**
+** All WhereTerms are collected into a single WhereClause structure.
+** The following identity holds:
+**
+** WhereTerm.pWC->a[WhereTerm.idx] == WhereTerm
+**
+** When a term is of the form:
+**
+** X <op> <expr>
+**
+** where X is a column name and <op> is one of certain operators,
+** then WhereTerm.leftCursor and WhereTerm.u.leftColumn record the
+** cursor number and column number for X. WhereTerm.eOperator records
+** the <op> using a bitmask encoding defined by WO_xxx below. The
+** use of a bitmask encoding for the operator allows us to search
+** quickly for terms that match any of several different operators.
+**
+** A WhereTerm might also be two or more subterms connected by OR:
+**
+** (t1.X <op> <expr>) OR (t1.Y <op> <expr>) OR ....
+**
+** In this second case, wtFlag has the TERM_ORINFO bit set and eOperator==WO_OR
+** and the WhereTerm.u.pOrInfo field points to auxiliary information that
+** is collected about the OR clause.
+**
+** If a term in the WHERE clause does not match either of the two previous
+** categories, then eOperator==0. The WhereTerm.pExpr field is still set
+** to the original subexpression content and wtFlags is set up appropriately
+** but no other fields in the WhereTerm object are meaningful.
+**
+** When eOperator!=0, prereqRight and prereqAll record sets of cursor numbers,
+** but they do so indirectly. A single WhereMaskSet structure translates
+** cursor number into bits and the translated bit is stored in the prereq
+** fields. The translation is used in order to maximize the number of
+** bits that will fit in a Bitmask. The VDBE cursor numbers might be
+** spread out over the non-negative integers. For example, the cursor
+** numbers might be 3, 8, 9, 10, 20, 23, 41, and 45. The WhereMaskSet
+** translates these sparse cursor numbers into consecutive integers
+** beginning with 0 in order to make the best possible use of the available
+** bits in the Bitmask. So, in the example above, the cursor numbers
+** would be mapped into integers 0 through 7.
+**
+** The number of terms in a join is limited by the number of bits
+** in prereqRight and prereqAll. The default is 64 bits, hence SQLite
+** is only able to process joins with 64 or fewer tables.
+*/
+struct WhereTerm {
+ Expr *pExpr; /* Pointer to the subexpression that is this term */
+ int iParent; /* Disable pWC->a[iParent] when this term disabled */
+ int leftCursor; /* Cursor number of X in "X <op> <expr>" */
+ union {
+ int leftColumn; /* Column number of X in "X <op> <expr>" */
+ WhereOrInfo *pOrInfo; /* Extra information if (eOperator & WO_OR)!=0 */
+ WhereAndInfo *pAndInfo; /* Extra information if (eOperator& WO_AND)!=0 */
+ } u;
+ LogEst truthProb; /* Probability of truth for this expression */
+ u16 eOperator; /* A WO_xx value describing <op> */
+ u16 wtFlags; /* TERM_xxx bit flags. See below */
+ u8 nChild; /* Number of children that must disable us */
+ u8 eMatchOp; /* Op for vtab MATCH/LIKE/GLOB/REGEXP terms */
+ WhereClause *pWC; /* The clause this term is part of */
+ Bitmask prereqRight; /* Bitmask of tables used by pExpr->pRight */
+ Bitmask prereqAll; /* Bitmask of tables referenced by pExpr */
+};
+
+/*
+** Allowed values of WhereTerm.wtFlags
+*/
+#define TERM_DYNAMIC 0x01 /* Need to call sqlite3ExprDelete(db, pExpr) */
+#define TERM_VIRTUAL 0x02 /* Added by the optimizer. Do not code */
+#define TERM_CODED 0x04 /* This term is already coded */
+#define TERM_COPIED 0x08 /* Has a child */
+#define TERM_ORINFO 0x10 /* Need to free the WhereTerm.u.pOrInfo object */
+#define TERM_ANDINFO 0x20 /* Need to free the WhereTerm.u.pAndInfo obj */
+#define TERM_OR_OK 0x40 /* Used during OR-clause processing */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+# define TERM_VNULL 0x80 /* Manufactured x>NULL or x<=NULL term */
+#else
+# define TERM_VNULL 0x00 /* Disabled if not using stat3 */
+#endif
+#define TERM_LIKEOPT 0x100 /* Virtual terms from the LIKE optimization */
+#define TERM_LIKECOND 0x200 /* Conditionally this LIKE operator term */
+#define TERM_LIKE 0x400 /* The original LIKE operator */
+#define TERM_IS 0x800 /* Term.pExpr is an IS operator */
+
+/*
+** An instance of the WhereScan object is used as an iterator for locating
+** terms in the WHERE clause that are useful to the query planner.
+*/
+struct WhereScan {
+ WhereClause *pOrigWC; /* Original, innermost WhereClause */
+ WhereClause *pWC; /* WhereClause currently being scanned */
+ const char *zCollName; /* Required collating sequence, if not NULL */
+ Expr *pIdxExpr; /* Search for this index expression */
+ char idxaff; /* Must match this affinity, if zCollName!=NULL */
+ unsigned char nEquiv; /* Number of entries in aEquiv[] */
+ unsigned char iEquiv; /* Next unused slot in aEquiv[] */
+ u32 opMask; /* Acceptable operators */
+ int k; /* Resume scanning at this->pWC->a[this->k] */
+ int aiCur[11]; /* Cursors in the equivalence class */
+ i16 aiColumn[11]; /* Corresponding column number in the eq-class */
+};
+
+/*
+** An instance of the following structure holds all information about a
+** WHERE clause. Mostly this is a container for one or more WhereTerms.
+**
+** Explanation of pOuter: For a WHERE clause of the form
+**
+** a AND ((b AND c) OR (d AND e)) AND f
+**
+** There are separate WhereClause objects for the whole clause and for
+** the subclauses "(b AND c)" and "(d AND e)". The pOuter field of the
+** subclauses points to the WhereClause object for the whole clause.
+*/
+struct WhereClause {
+ WhereInfo *pWInfo; /* WHERE clause processing context */
+ WhereClause *pOuter; /* Outer conjunction */
+ u8 op; /* Split operator. TK_AND or TK_OR */
+ int nTerm; /* Number of terms */
+ int nSlot; /* Number of entries in a[] */
+ WhereTerm *a; /* Each a[] describes a term of the WHERE cluase */
+#if defined(SQLITE_SMALL_STACK)
+ WhereTerm aStatic[1]; /* Initial static space for a[] */
+#else
+ WhereTerm aStatic[8]; /* Initial static space for a[] */
+#endif
+};
+
+/*
+** A WhereTerm with eOperator==WO_OR has its u.pOrInfo pointer set to
+** a dynamically allocated instance of the following structure.
+*/
+struct WhereOrInfo {
+ WhereClause wc; /* Decomposition into subterms */
+ Bitmask indexable; /* Bitmask of all indexable tables in the clause */
+};
+
+/*
+** A WhereTerm with eOperator==WO_AND has its u.pAndInfo pointer set to
+** a dynamically allocated instance of the following structure.
+*/
+struct WhereAndInfo {
+ WhereClause wc; /* The subexpression broken out */
+};
+
+/*
+** An instance of the following structure keeps track of a mapping
+** between VDBE cursor numbers and bits of the bitmasks in WhereTerm.
+**
+** The VDBE cursor numbers are small integers contained in
+** SrcList_item.iCursor and Expr.iTable fields. For any given WHERE
+** clause, the cursor numbers might not begin with 0 and they might
+** contain gaps in the numbering sequence. But we want to make maximum
+** use of the bits in our bitmasks. This structure provides a mapping
+** from the sparse cursor numbers into consecutive integers beginning
+** with 0.
+**
+** If WhereMaskSet.ix[A]==B it means that The A-th bit of a Bitmask
+** corresponds VDBE cursor number B. The A-th bit of a bitmask is 1<<A.
+**
+** For example, if the WHERE clause expression used these VDBE
+** cursors: 4, 5, 8, 29, 57, 73. Then the WhereMaskSet structure
+** would map those cursor numbers into bits 0 through 5.
+**
+** Note that the mapping is not necessarily ordered. In the example
+** above, the mapping might go like this: 4->3, 5->1, 8->2, 29->0,
+** 57->5, 73->4. Or one of 719 other combinations might be used. It
+** does not really matter. What is important is that sparse cursor
+** numbers all get mapped into bit numbers that begin with 0 and contain
+** no gaps.
+*/
+struct WhereMaskSet {
+ int n; /* Number of assigned cursor values */
+ int ix[BMS]; /* Cursor assigned to each bit */
+};
+
+/*
+** Initialize a WhereMaskSet object
+*/
+#define initMaskSet(P) (P)->n=0
+
+/*
+** This object is a convenience wrapper holding all information needed
+** to construct WhereLoop objects for a particular query.
+*/
+struct WhereLoopBuilder {
+ WhereInfo *pWInfo; /* Information about this WHERE */
+ WhereClause *pWC; /* WHERE clause terms */
+ ExprList *pOrderBy; /* ORDER BY clause */
+ WhereLoop *pNew; /* Template WhereLoop */
+ WhereOrSet *pOrSet; /* Record best loops here, if not NULL */
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ UnpackedRecord *pRec; /* Probe for stat4 (if required) */
+ int nRecValid; /* Number of valid fields currently in pRec */
+#endif
+};
+
+/*
+** The WHERE clause processing routine has two halves. The
+** first part does the start of the WHERE loop and the second
+** half does the tail of the WHERE loop. An instance of
+** this structure is returned by the first half and passed
+** into the second half to give some continuity.
+**
+** An instance of this object holds the complete state of the query
+** planner.
+*/
+struct WhereInfo {
+ Parse *pParse; /* Parsing and code generating context */
+ SrcList *pTabList; /* List of tables in the join */
+ ExprList *pOrderBy; /* The ORDER BY clause or NULL */
+ ExprList *pResultSet; /* Result set. DISTINCT operates on these */
+ WhereLoop *pLoops; /* List of all WhereLoop objects */
+ Bitmask revMask; /* Mask of ORDER BY terms that need reversing */
+ LogEst nRowOut; /* Estimated number of output rows */
+ u16 wctrlFlags; /* Flags originally passed to sqlite3WhereBegin() */
+ i8 nOBSat; /* Number of ORDER BY terms satisfied by indices */
+ u8 sorted; /* True if really sorted (not just grouped) */
+ u8 eOnePass; /* ONEPASS_OFF, or _SINGLE, or _MULTI */
+ u8 untestedTerms; /* Not all WHERE terms resolved by outer loop */
+ u8 eDistinct; /* One of the WHERE_DISTINCT_* values below */
+ u8 nLevel; /* Number of nested loop */
+ int iTop; /* The very beginning of the WHERE loop */
+ int iContinue; /* Jump here to continue with next record */
+ int iBreak; /* Jump here to break out of the loop */
+ int savedNQueryLoop; /* pParse->nQueryLoop outside the WHERE loop */
+ int aiCurOnePass[2]; /* OP_OpenWrite cursors for the ONEPASS opt */
+ WhereMaskSet sMaskSet; /* Map cursor numbers to bitmasks */
+ WhereClause sWC; /* Decomposition of the WHERE clause */
+ WhereLevel a[1]; /* Information about each nest loop in WHERE */
+};
+
+/*
+** Private interfaces - callable only by other where.c routines.
+**
+** where.c:
+*/
+SQLITE_PRIVATE Bitmask sqlite3WhereGetMask(WhereMaskSet*,int);
+SQLITE_PRIVATE WhereTerm *sqlite3WhereFindTerm(
+ WhereClause *pWC, /* The WHERE clause to be searched */
+ int iCur, /* Cursor number of LHS */
+ int iColumn, /* Column number of LHS */
+ Bitmask notReady, /* RHS must not overlap with this mask */
+ u32 op, /* Mask of WO_xx values describing operator */
+ Index *pIdx /* Must be compatible with this index, if not NULL */
+);
+
+/* wherecode.c: */
+#ifndef SQLITE_OMIT_EXPLAIN
+SQLITE_PRIVATE int sqlite3WhereExplainOneScan(
+ Parse *pParse, /* Parse context */
+ SrcList *pTabList, /* Table list this loop refers to */
+ WhereLevel *pLevel, /* Scan to write OP_Explain opcode for */
+ int iLevel, /* Value for "level" column of output */
+ int iFrom, /* Value for "from" column of output */
+ u16 wctrlFlags /* Flags passed to sqlite3WhereBegin() */
+);
+#else
+# define sqlite3WhereExplainOneScan(u,v,w,x,y,z) 0
+#endif /* SQLITE_OMIT_EXPLAIN */
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+SQLITE_PRIVATE void sqlite3WhereAddScanStatus(
+ Vdbe *v, /* Vdbe to add scanstatus entry to */
+ SrcList *pSrclist, /* FROM clause pLvl reads data from */
+ WhereLevel *pLvl, /* Level to add scanstatus() entry for */
+ int addrExplain /* Address of OP_Explain (or 0) */
+);
+#else
+# define sqlite3WhereAddScanStatus(a, b, c, d) ((void)d)
+#endif
+SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
+ WhereInfo *pWInfo, /* Complete information about the WHERE clause */
+ int iLevel, /* Which level of pWInfo->a[] should be coded */
+ Bitmask notReady /* Which tables are currently available */
+);
+
+/* whereexpr.c: */
+SQLITE_PRIVATE void sqlite3WhereClauseInit(WhereClause*,WhereInfo*);
+SQLITE_PRIVATE void sqlite3WhereClauseClear(WhereClause*);
+SQLITE_PRIVATE void sqlite3WhereSplit(WhereClause*,Expr*,u8);
+SQLITE_PRIVATE Bitmask sqlite3WhereExprUsage(WhereMaskSet*, Expr*);
+SQLITE_PRIVATE Bitmask sqlite3WhereExprListUsage(WhereMaskSet*, ExprList*);
+SQLITE_PRIVATE void sqlite3WhereExprAnalyze(SrcList*, WhereClause*);
+SQLITE_PRIVATE void sqlite3WhereTabFuncArgs(Parse*, struct SrcList_item*, WhereClause*);
+
+
+
+
+
+/*
+** Bitmasks for the operators on WhereTerm objects. These are all
+** operators that are of interest to the query planner. An
+** OR-ed combination of these values can be used when searching for
+** particular WhereTerms within a WhereClause.
+*/
+#define WO_IN 0x0001
+#define WO_EQ 0x0002
+#define WO_LT (WO_EQ<<(TK_LT-TK_EQ))
+#define WO_LE (WO_EQ<<(TK_LE-TK_EQ))
+#define WO_GT (WO_EQ<<(TK_GT-TK_EQ))
+#define WO_GE (WO_EQ<<(TK_GE-TK_EQ))
+#define WO_MATCH 0x0040
+#define WO_IS 0x0080
+#define WO_ISNULL 0x0100
+#define WO_OR 0x0200 /* Two or more OR-connected terms */
+#define WO_AND 0x0400 /* Two or more AND-connected terms */
+#define WO_EQUIV 0x0800 /* Of the form A==B, both columns */
+#define WO_NOOP 0x1000 /* This term does not restrict search space */
+
+#define WO_ALL 0x1fff /* Mask of all possible WO_* values */
+#define WO_SINGLE 0x01ff /* Mask of all non-compound WO_* values */
+
+/*
+** These are definitions of bits in the WhereLoop.wsFlags field.
+** The particular combination of bits in each WhereLoop help to
+** determine the algorithm that WhereLoop represents.
+*/
+#define WHERE_COLUMN_EQ 0x00000001 /* x=EXPR */
+#define WHERE_COLUMN_RANGE 0x00000002 /* x<EXPR and/or x>EXPR */
+#define WHERE_COLUMN_IN 0x00000004 /* x IN (...) */
+#define WHERE_COLUMN_NULL 0x00000008 /* x IS NULL */
+#define WHERE_CONSTRAINT 0x0000000f /* Any of the WHERE_COLUMN_xxx values */
+#define WHERE_TOP_LIMIT 0x00000010 /* x<EXPR or x<=EXPR constraint */
+#define WHERE_BTM_LIMIT 0x00000020 /* x>EXPR or x>=EXPR constraint */
+#define WHERE_BOTH_LIMIT 0x00000030 /* Both x>EXPR and x<EXPR */
+#define WHERE_IDX_ONLY 0x00000040 /* Use index only - omit table */
+#define WHERE_IPK 0x00000100 /* x is the INTEGER PRIMARY KEY */
+#define WHERE_INDEXED 0x00000200 /* WhereLoop.u.btree.pIndex is valid */
+#define WHERE_VIRTUALTABLE 0x00000400 /* WhereLoop.u.vtab is valid */
+#define WHERE_IN_ABLE 0x00000800 /* Able to support an IN operator */
+#define WHERE_ONEROW 0x00001000 /* Selects no more than one row */
+#define WHERE_MULTI_OR 0x00002000 /* OR using multiple indices */
+#define WHERE_AUTO_INDEX 0x00004000 /* Uses an ephemeral index */
+#define WHERE_SKIPSCAN 0x00008000 /* Uses the skip-scan algorithm */
+#define WHERE_UNQ_WANTED 0x00010000 /* WHERE_ONEROW would have been helpful*/
+#define WHERE_PARTIALIDX 0x00020000 /* The automatic index is partial */
+
+/************** End of whereInt.h ********************************************/
+/************** Continuing where we left off in wherecode.c ******************/
+
+#ifndef SQLITE_OMIT_EXPLAIN
+/*
+** This routine is a helper for explainIndexRange() below
+**
+** pStr holds the text of an expression that we are building up one term
+** at a time. This routine adds a new term to the end of the expression.
+** Terms are separated by AND so add the "AND" text for second and subsequent
+** terms only.
+*/
+static void explainAppendTerm(
+ StrAccum *pStr, /* The text expression being built */
+ int iTerm, /* Index of this term. First is zero */
+ const char *zColumn, /* Name of the column */
+ const char *zOp /* Name of the operator */
+){
+ if( iTerm ) sqlite3StrAccumAppend(pStr, " AND ", 5);
+ sqlite3StrAccumAppendAll(pStr, zColumn);
+ sqlite3StrAccumAppend(pStr, zOp, 1);
+ sqlite3StrAccumAppend(pStr, "?", 1);
+}
+
+/*
+** Return the name of the i-th column of the pIdx index.
+*/
+static const char *explainIndexColumnName(Index *pIdx, int i){
+ i = pIdx->aiColumn[i];
+ if( i==XN_EXPR ) return "<expr>";
+ if( i==XN_ROWID ) return "rowid";
+ return pIdx->pTable->aCol[i].zName;
+}
+
+/*
+** Argument pLevel describes a strategy for scanning table pTab. This
+** function appends text to pStr that describes the subset of table
+** rows scanned by the strategy in the form of an SQL expression.
+**
+** For example, if the query:
+**
+** SELECT * FROM t1 WHERE a=1 AND b>2;
+**
+** is run and there is an index on (a, b), then this function returns a
+** string similar to:
+**
+** "a=? AND b>?"
+*/
+static void explainIndexRange(StrAccum *pStr, WhereLoop *pLoop){
+ Index *pIndex = pLoop->u.btree.pIndex;
+ u16 nEq = pLoop->u.btree.nEq;
+ u16 nSkip = pLoop->nSkip;
+ int i, j;
+
+ if( nEq==0 && (pLoop->wsFlags&(WHERE_BTM_LIMIT|WHERE_TOP_LIMIT))==0 ) return;
+ sqlite3StrAccumAppend(pStr, " (", 2);
+ for(i=0; i<nEq; i++){
+ const char *z = explainIndexColumnName(pIndex, i);
+ if( i ) sqlite3StrAccumAppend(pStr, " AND ", 5);
+ sqlite3XPrintf(pStr, 0, i>=nSkip ? "%s=?" : "ANY(%s)", z);
+ }
+
+ j = i;
+ if( pLoop->wsFlags&WHERE_BTM_LIMIT ){
+ const char *z = explainIndexColumnName(pIndex, i);
+ explainAppendTerm(pStr, i++, z, ">");
+ }
+ if( pLoop->wsFlags&WHERE_TOP_LIMIT ){
+ const char *z = explainIndexColumnName(pIndex, j);
+ explainAppendTerm(pStr, i, z, "<");
+ }
+ sqlite3StrAccumAppend(pStr, ")", 1);
+}
+
+/*
+** This function is a no-op unless currently processing an EXPLAIN QUERY PLAN
+** command, or if either SQLITE_DEBUG or SQLITE_ENABLE_STMT_SCANSTATUS was
+** defined at compile-time. If it is not a no-op, a single OP_Explain opcode
+** is added to the output to describe the table scan strategy in pLevel.
+**
+** If an OP_Explain opcode is added to the VM, its address is returned.
+** Otherwise, if no OP_Explain is coded, zero is returned.
+*/
+SQLITE_PRIVATE int sqlite3WhereExplainOneScan(
+ Parse *pParse, /* Parse context */
+ SrcList *pTabList, /* Table list this loop refers to */
+ WhereLevel *pLevel, /* Scan to write OP_Explain opcode for */
+ int iLevel, /* Value for "level" column of output */
+ int iFrom, /* Value for "from" column of output */
+ u16 wctrlFlags /* Flags passed to sqlite3WhereBegin() */
+){
+ int ret = 0;
+#if !defined(SQLITE_DEBUG) && !defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+ if( pParse->explain==2 )
+#endif
+ {
+ struct SrcList_item *pItem = &pTabList->a[pLevel->iFrom];
+ Vdbe *v = pParse->pVdbe; /* VM being constructed */
+ sqlite3 *db = pParse->db; /* Database handle */
+ int iId = pParse->iSelectId; /* Select id (left-most output column) */
+ int isSearch; /* True for a SEARCH. False for SCAN. */
+ WhereLoop *pLoop; /* The controlling WhereLoop object */
+ u32 flags; /* Flags that describe this loop */
+ char *zMsg; /* Text to add to EQP output */
+ StrAccum str; /* EQP output string */
+ char zBuf[100]; /* Initial space for EQP output string */
+
+ pLoop = pLevel->pWLoop;
+ flags = pLoop->wsFlags;
+ if( (flags&WHERE_MULTI_OR) || (wctrlFlags&WHERE_ONETABLE_ONLY) ) return 0;
+
+ isSearch = (flags&(WHERE_BTM_LIMIT|WHERE_TOP_LIMIT))!=0
+ || ((flags&WHERE_VIRTUALTABLE)==0 && (pLoop->u.btree.nEq>0))
+ || (wctrlFlags&(WHERE_ORDERBY_MIN|WHERE_ORDERBY_MAX));
+
+ sqlite3StrAccumInit(&str, db, zBuf, sizeof(zBuf), SQLITE_MAX_LENGTH);
+ sqlite3StrAccumAppendAll(&str, isSearch ? "SEARCH" : "SCAN");
+ if( pItem->pSelect ){
+ sqlite3XPrintf(&str, 0, " SUBQUERY %d", pItem->iSelectId);
+ }else{
+ sqlite3XPrintf(&str, 0, " TABLE %s", pItem->zName);
+ }
+
+ if( pItem->zAlias ){
+ sqlite3XPrintf(&str, 0, " AS %s", pItem->zAlias);
+ }
+ if( (flags & (WHERE_IPK|WHERE_VIRTUALTABLE))==0 ){
+ const char *zFmt = 0;
+ Index *pIdx;
+
+ assert( pLoop->u.btree.pIndex!=0 );
+ pIdx = pLoop->u.btree.pIndex;
+ assert( !(flags&WHERE_AUTO_INDEX) || (flags&WHERE_IDX_ONLY) );
+ if( !HasRowid(pItem->pTab) && IsPrimaryKeyIndex(pIdx) ){
+ if( isSearch ){
+ zFmt = "PRIMARY KEY";
+ }
+ }else if( flags & WHERE_PARTIALIDX ){
+ zFmt = "AUTOMATIC PARTIAL COVERING INDEX";
+ }else if( flags & WHERE_AUTO_INDEX ){
+ zFmt = "AUTOMATIC COVERING INDEX";
+ }else if( flags & WHERE_IDX_ONLY ){
+ zFmt = "COVERING INDEX %s";
+ }else{
+ zFmt = "INDEX %s";
+ }
+ if( zFmt ){
+ sqlite3StrAccumAppend(&str, " USING ", 7);
+ sqlite3XPrintf(&str, 0, zFmt, pIdx->zName);
+ explainIndexRange(&str, pLoop);
+ }
+ }else if( (flags & WHERE_IPK)!=0 && (flags & WHERE_CONSTRAINT)!=0 ){
+ const char *zRangeOp;
+ if( flags&(WHERE_COLUMN_EQ|WHERE_COLUMN_IN) ){
+ zRangeOp = "=";
+ }else if( (flags&WHERE_BOTH_LIMIT)==WHERE_BOTH_LIMIT ){
+ zRangeOp = ">? AND rowid<";
+ }else if( flags&WHERE_BTM_LIMIT ){
+ zRangeOp = ">";
+ }else{
+ assert( flags&WHERE_TOP_LIMIT);
+ zRangeOp = "<";
+ }
+ sqlite3XPrintf(&str, 0, " USING INTEGER PRIMARY KEY (rowid%s?)",zRangeOp);
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ else if( (flags & WHERE_VIRTUALTABLE)!=0 ){
+ sqlite3XPrintf(&str, 0, " VIRTUAL TABLE INDEX %d:%s",
+ pLoop->u.vtab.idxNum, pLoop->u.vtab.idxStr);
+ }
+#endif
+#ifdef SQLITE_EXPLAIN_ESTIMATED_ROWS
+ if( pLoop->nOut>=10 ){
+ sqlite3XPrintf(&str, 0, " (~%llu rows)", sqlite3LogEstToInt(pLoop->nOut));
+ }else{
+ sqlite3StrAccumAppend(&str, " (~1 row)", 9);
+ }
+#endif
+ zMsg = sqlite3StrAccumFinish(&str);
+ ret = sqlite3VdbeAddOp4(v, OP_Explain, iId, iLevel, iFrom, zMsg,P4_DYNAMIC);
+ }
+ return ret;
+}
+#endif /* SQLITE_OMIT_EXPLAIN */
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+/*
+** Configure the VM passed as the first argument with an
+** sqlite3_stmt_scanstatus() entry corresponding to the scan used to
+** implement level pLvl. Argument pSrclist is a pointer to the FROM
+** clause that the scan reads data from.
+**
+** If argument addrExplain is not 0, it must be the address of an
+** OP_Explain instruction that describes the same loop.
+*/
+SQLITE_PRIVATE void sqlite3WhereAddScanStatus(
+ Vdbe *v, /* Vdbe to add scanstatus entry to */
+ SrcList *pSrclist, /* FROM clause pLvl reads data from */
+ WhereLevel *pLvl, /* Level to add scanstatus() entry for */
+ int addrExplain /* Address of OP_Explain (or 0) */
+){
+ const char *zObj = 0;
+ WhereLoop *pLoop = pLvl->pWLoop;
+ if( (pLoop->wsFlags & WHERE_VIRTUALTABLE)==0 && pLoop->u.btree.pIndex!=0 ){
+ zObj = pLoop->u.btree.pIndex->zName;
+ }else{
+ zObj = pSrclist->a[pLvl->iFrom].zName;
+ }
+ sqlite3VdbeScanStatus(
+ v, addrExplain, pLvl->addrBody, pLvl->addrVisit, pLoop->nOut, zObj
+ );
+}
+#endif
+
+
+/*
+** Disable a term in the WHERE clause. Except, do not disable the term
+** if it controls a LEFT OUTER JOIN and it did not originate in the ON
+** or USING clause of that join.
+**
+** Consider the term t2.z='ok' in the following queries:
+**
+** (1) SELECT * FROM t1 LEFT JOIN t2 ON t1.a=t2.x WHERE t2.z='ok'
+** (2) SELECT * FROM t1 LEFT JOIN t2 ON t1.a=t2.x AND t2.z='ok'
+** (3) SELECT * FROM t1, t2 WHERE t1.a=t2.x AND t2.z='ok'
+**
+** The t2.z='ok' is disabled in the in (2) because it originates
+** in the ON clause. The term is disabled in (3) because it is not part
+** of a LEFT OUTER JOIN. In (1), the term is not disabled.
+**
+** Disabling a term causes that term to not be tested in the inner loop
+** of the join. Disabling is an optimization. When terms are satisfied
+** by indices, we disable them to prevent redundant tests in the inner
+** loop. We would get the correct results if nothing were ever disabled,
+** but joins might run a little slower. The trick is to disable as much
+** as we can without disabling too much. If we disabled in (1), we'd get
+** the wrong answer. See ticket #813.
+**
+** If all the children of a term are disabled, then that term is also
+** automatically disabled. In this way, terms get disabled if derived
+** virtual terms are tested first. For example:
+**
+** x GLOB 'abc*' AND x>='abc' AND x<'acd'
+** \___________/ \______/ \_____/
+** parent child1 child2
+**
+** Only the parent term was in the original WHERE clause. The child1
+** and child2 terms were added by the LIKE optimization. If both of
+** the virtual child terms are valid, then testing of the parent can be
+** skipped.
+**
+** Usually the parent term is marked as TERM_CODED. But if the parent
+** term was originally TERM_LIKE, then the parent gets TERM_LIKECOND instead.
+** The TERM_LIKECOND marking indicates that the term should be coded inside
+** a conditional such that is only evaluated on the second pass of a
+** LIKE-optimization loop, when scanning BLOBs instead of strings.
+*/
+static void disableTerm(WhereLevel *pLevel, WhereTerm *pTerm){
+ int nLoop = 0;
+ while( pTerm
+ && (pTerm->wtFlags & TERM_CODED)==0
+ && (pLevel->iLeftJoin==0 || ExprHasProperty(pTerm->pExpr, EP_FromJoin))
+ && (pLevel->notReady & pTerm->prereqAll)==0
+ ){
+ if( nLoop && (pTerm->wtFlags & TERM_LIKE)!=0 ){
+ pTerm->wtFlags |= TERM_LIKECOND;
+ }else{
+ pTerm->wtFlags |= TERM_CODED;
+ }
+ if( pTerm->iParent<0 ) break;
+ pTerm = &pTerm->pWC->a[pTerm->iParent];
+ pTerm->nChild--;
+ if( pTerm->nChild!=0 ) break;
+ nLoop++;
+ }
+}
+
+/*
+** Code an OP_Affinity opcode to apply the column affinity string zAff
+** to the n registers starting at base.
+**
+** As an optimization, SQLITE_AFF_BLOB entries (which are no-ops) at the
+** beginning and end of zAff are ignored. If all entries in zAff are
+** SQLITE_AFF_BLOB, then no code gets generated.
+**
+** This routine makes its own copy of zAff so that the caller is free
+** to modify zAff after this routine returns.
+*/
+static void codeApplyAffinity(Parse *pParse, int base, int n, char *zAff){
+ Vdbe *v = pParse->pVdbe;
+ if( zAff==0 ){
+ assert( pParse->db->mallocFailed );
+ return;
+ }
+ assert( v!=0 );
+
+ /* Adjust base and n to skip over SQLITE_AFF_BLOB entries at the beginning
+ ** and end of the affinity string.
+ */
+ while( n>0 && zAff[0]==SQLITE_AFF_BLOB ){
+ n--;
+ base++;
+ zAff++;
+ }
+ while( n>1 && zAff[n-1]==SQLITE_AFF_BLOB ){
+ n--;
+ }
+
+ /* Code the OP_Affinity opcode if there is anything left to do. */
+ if( n>0 ){
+ sqlite3VdbeAddOp2(v, OP_Affinity, base, n);
+ sqlite3VdbeChangeP4(v, -1, zAff, n);
+ sqlite3ExprCacheAffinityChange(pParse, base, n);
+ }
+}
+
+
+/*
+** Generate code for a single equality term of the WHERE clause. An equality
+** term can be either X=expr or X IN (...). pTerm is the term to be
+** coded.
+**
+** The current value for the constraint is left in register iReg.
+**
+** For a constraint of the form X=expr, the expression is evaluated and its
+** result is left on the stack. For constraints of the form X IN (...)
+** this routine sets up a loop that will iterate over all values of X.
+*/
+static int codeEqualityTerm(
+ Parse *pParse, /* The parsing context */
+ WhereTerm *pTerm, /* The term of the WHERE clause to be coded */
+ WhereLevel *pLevel, /* The level of the FROM clause we are working on */
+ int iEq, /* Index of the equality term within this level */
+ int bRev, /* True for reverse-order IN operations */
+ int iTarget /* Attempt to leave results in this register */
+){
+ Expr *pX = pTerm->pExpr;
+ Vdbe *v = pParse->pVdbe;
+ int iReg; /* Register holding results */
+
+ assert( iTarget>0 );
+ if( pX->op==TK_EQ || pX->op==TK_IS ){
+ iReg = sqlite3ExprCodeTarget(pParse, pX->pRight, iTarget);
+ }else if( pX->op==TK_ISNULL ){
+ iReg = iTarget;
+ sqlite3VdbeAddOp2(v, OP_Null, 0, iReg);
+#ifndef SQLITE_OMIT_SUBQUERY
+ }else{
+ int eType;
+ int iTab;
+ struct InLoop *pIn;
+ WhereLoop *pLoop = pLevel->pWLoop;
+
+ if( (pLoop->wsFlags & WHERE_VIRTUALTABLE)==0
+ && pLoop->u.btree.pIndex!=0
+ && pLoop->u.btree.pIndex->aSortOrder[iEq]
+ ){
+ testcase( iEq==0 );
+ testcase( bRev );
+ bRev = !bRev;
+ }
+ assert( pX->op==TK_IN );
+ iReg = iTarget;
+ eType = sqlite3FindInIndex(pParse, pX, IN_INDEX_LOOP, 0);
+ if( eType==IN_INDEX_INDEX_DESC ){
+ testcase( bRev );
+ bRev = !bRev;
+ }
+ iTab = pX->iTable;
+ sqlite3VdbeAddOp2(v, bRev ? OP_Last : OP_Rewind, iTab, 0);
+ VdbeCoverageIf(v, bRev);
+ VdbeCoverageIf(v, !bRev);
+ assert( (pLoop->wsFlags & WHERE_MULTI_OR)==0 );
+ pLoop->wsFlags |= WHERE_IN_ABLE;
+ if( pLevel->u.in.nIn==0 ){
+ pLevel->addrNxt = sqlite3VdbeMakeLabel(v);
+ }
+ pLevel->u.in.nIn++;
+ pLevel->u.in.aInLoop =
+ sqlite3DbReallocOrFree(pParse->db, pLevel->u.in.aInLoop,
+ sizeof(pLevel->u.in.aInLoop[0])*pLevel->u.in.nIn);
+ pIn = pLevel->u.in.aInLoop;
+ if( pIn ){
+ pIn += pLevel->u.in.nIn - 1;
+ pIn->iCur = iTab;
+ if( eType==IN_INDEX_ROWID ){
+ pIn->addrInTop = sqlite3VdbeAddOp2(v, OP_Rowid, iTab, iReg);
+ }else{
+ pIn->addrInTop = sqlite3VdbeAddOp3(v, OP_Column, iTab, 0, iReg);
+ }
+ pIn->eEndLoopOp = bRev ? OP_PrevIfOpen : OP_NextIfOpen;
+ sqlite3VdbeAddOp1(v, OP_IsNull, iReg); VdbeCoverage(v);
+ }else{
+ pLevel->u.in.nIn = 0;
+ }
+#endif
+ }
+ disableTerm(pLevel, pTerm);
+ return iReg;
+}
+
+/*
+** Generate code that will evaluate all == and IN constraints for an
+** index scan.
+**
+** For example, consider table t1(a,b,c,d,e,f) with index i1(a,b,c).
+** Suppose the WHERE clause is this: a==5 AND b IN (1,2,3) AND c>5 AND c<10
+** The index has as many as three equality constraints, but in this
+** example, the third "c" value is an inequality. So only two
+** constraints are coded. This routine will generate code to evaluate
+** a==5 and b IN (1,2,3). The current values for a and b will be stored
+** in consecutive registers and the index of the first register is returned.
+**
+** In the example above nEq==2. But this subroutine works for any value
+** of nEq including 0. If nEq==0, this routine is nearly a no-op.
+** The only thing it does is allocate the pLevel->iMem memory cell and
+** compute the affinity string.
+**
+** The nExtraReg parameter is 0 or 1. It is 0 if all WHERE clause constraints
+** are == or IN and are covered by the nEq. nExtraReg is 1 if there is
+** an inequality constraint (such as the "c>=5 AND c<10" in the example) that
+** occurs after the nEq quality constraints.
+**
+** This routine allocates a range of nEq+nExtraReg memory cells and returns
+** the index of the first memory cell in that range. The code that
+** calls this routine will use that memory range to store keys for
+** start and termination conditions of the loop.
+** key value of the loop. If one or more IN operators appear, then
+** this routine allocates an additional nEq memory cells for internal
+** use.
+**
+** Before returning, *pzAff is set to point to a buffer containing a
+** copy of the column affinity string of the index allocated using
+** sqlite3DbMalloc(). Except, entries in the copy of the string associated
+** with equality constraints that use BLOB or NONE affinity are set to
+** SQLITE_AFF_BLOB. This is to deal with SQL such as the following:
+**
+** CREATE TABLE t1(a TEXT PRIMARY KEY, b);
+** SELECT ... FROM t1 AS t2, t1 WHERE t1.a = t2.b;
+**
+** In the example above, the index on t1(a) has TEXT affinity. But since
+** the right hand side of the equality constraint (t2.b) has BLOB/NONE affinity,
+** no conversion should be attempted before using a t2.b value as part of
+** a key to search the index. Hence the first byte in the returned affinity
+** string in this example would be set to SQLITE_AFF_BLOB.
+*/
+static int codeAllEqualityTerms(
+ Parse *pParse, /* Parsing context */
+ WhereLevel *pLevel, /* Which nested loop of the FROM we are coding */
+ int bRev, /* Reverse the order of IN operators */
+ int nExtraReg, /* Number of extra registers to allocate */
+ char **pzAff /* OUT: Set to point to affinity string */
+){
+ u16 nEq; /* The number of == or IN constraints to code */
+ u16 nSkip; /* Number of left-most columns to skip */
+ Vdbe *v = pParse->pVdbe; /* The vm under construction */
+ Index *pIdx; /* The index being used for this loop */
+ WhereTerm *pTerm; /* A single constraint term */
+ WhereLoop *pLoop; /* The WhereLoop object */
+ int j; /* Loop counter */
+ int regBase; /* Base register */
+ int nReg; /* Number of registers to allocate */
+ char *zAff; /* Affinity string to return */
+
+ /* This module is only called on query plans that use an index. */
+ pLoop = pLevel->pWLoop;
+ assert( (pLoop->wsFlags & WHERE_VIRTUALTABLE)==0 );
+ nEq = pLoop->u.btree.nEq;
+ nSkip = pLoop->nSkip;
+ pIdx = pLoop->u.btree.pIndex;
+ assert( pIdx!=0 );
+
+ /* Figure out how many memory cells we will need then allocate them.
+ */
+ regBase = pParse->nMem + 1;
+ nReg = pLoop->u.btree.nEq + nExtraReg;
+ pParse->nMem += nReg;
+
+ zAff = sqlite3DbStrDup(pParse->db,sqlite3IndexAffinityStr(pParse->db,pIdx));
+ if( !zAff ){
+ pParse->db->mallocFailed = 1;
+ }
+
+ if( nSkip ){
+ int iIdxCur = pLevel->iIdxCur;
+ sqlite3VdbeAddOp1(v, (bRev?OP_Last:OP_Rewind), iIdxCur);
+ VdbeCoverageIf(v, bRev==0);
+ VdbeCoverageIf(v, bRev!=0);
+ VdbeComment((v, "begin skip-scan on %s", pIdx->zName));
+ j = sqlite3VdbeAddOp0(v, OP_Goto);
+ pLevel->addrSkip = sqlite3VdbeAddOp4Int(v, (bRev?OP_SeekLT:OP_SeekGT),
+ iIdxCur, 0, regBase, nSkip);
+ VdbeCoverageIf(v, bRev==0);
+ VdbeCoverageIf(v, bRev!=0);
+ sqlite3VdbeJumpHere(v, j);
+ for(j=0; j<nSkip; j++){
+ sqlite3VdbeAddOp3(v, OP_Column, iIdxCur, j, regBase+j);
+ testcase( pIdx->aiColumn[j]==XN_EXPR );
+ VdbeComment((v, "%s", explainIndexColumnName(pIdx, j)));
+ }
+ }
+
+ /* Evaluate the equality constraints
+ */
+ assert( zAff==0 || (int)strlen(zAff)>=nEq );
+ for(j=nSkip; j<nEq; j++){
+ int r1;
+ pTerm = pLoop->aLTerm[j];
+ assert( pTerm!=0 );
+ /* The following testcase is true for indices with redundant columns.
+ ** Ex: CREATE INDEX i1 ON t1(a,b,a); SELECT * FROM t1 WHERE a=0 AND b=0; */
+ testcase( (pTerm->wtFlags & TERM_CODED)!=0 );
+ testcase( pTerm->wtFlags & TERM_VIRTUAL );
+ r1 = codeEqualityTerm(pParse, pTerm, pLevel, j, bRev, regBase+j);
+ if( r1!=regBase+j ){
+ if( nReg==1 ){
+ sqlite3ReleaseTempReg(pParse, regBase);
+ regBase = r1;
+ }else{
+ sqlite3VdbeAddOp2(v, OP_SCopy, r1, regBase+j);
+ }
+ }
+ testcase( pTerm->eOperator & WO_ISNULL );
+ testcase( pTerm->eOperator & WO_IN );
+ if( (pTerm->eOperator & (WO_ISNULL|WO_IN))==0 ){
+ Expr *pRight = pTerm->pExpr->pRight;
+ if( (pTerm->wtFlags & TERM_IS)==0 && sqlite3ExprCanBeNull(pRight) ){
+ sqlite3VdbeAddOp2(v, OP_IsNull, regBase+j, pLevel->addrBrk);
+ VdbeCoverage(v);
+ }
+ if( zAff ){
+ if( sqlite3CompareAffinity(pRight, zAff[j])==SQLITE_AFF_BLOB ){
+ zAff[j] = SQLITE_AFF_BLOB;
+ }
+ if( sqlite3ExprNeedsNoAffinityChange(pRight, zAff[j]) ){
+ zAff[j] = SQLITE_AFF_BLOB;
+ }
+ }
+ }
+ }
+ *pzAff = zAff;
+ return regBase;
+}
+
+#ifndef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+/*
+** If the most recently coded instruction is a constant range contraint
+** that originated from the LIKE optimization, then change the P3 to be
+** pLoop->iLikeRepCntr and set P5.
+**
+** The LIKE optimization trys to evaluate "x LIKE 'abc%'" as a range
+** expression: "x>='ABC' AND x<'abd'". But this requires that the range
+** scan loop run twice, once for strings and a second time for BLOBs.
+** The OP_String opcodes on the second pass convert the upper and lower
+** bound string contants to blobs. This routine makes the necessary changes
+** to the OP_String opcodes for that to happen.
+**
+** Except, of course, if SQLITE_LIKE_DOESNT_MATCH_BLOBS is defined, then
+** only the one pass through the string space is required, so this routine
+** becomes a no-op.
+*/
+static void whereLikeOptimizationStringFixup(
+ Vdbe *v, /* prepared statement under construction */
+ WhereLevel *pLevel, /* The loop that contains the LIKE operator */
+ WhereTerm *pTerm /* The upper or lower bound just coded */
+){
+ if( pTerm->wtFlags & TERM_LIKEOPT ){
+ VdbeOp *pOp;
+ assert( pLevel->iLikeRepCntr>0 );
+ pOp = sqlite3VdbeGetOp(v, -1);
+ assert( pOp!=0 );
+ assert( pOp->opcode==OP_String8
+ || pTerm->pWC->pWInfo->pParse->db->mallocFailed );
+ pOp->p3 = pLevel->iLikeRepCntr;
+ pOp->p5 = 1;
+ }
+}
+#else
+# define whereLikeOptimizationStringFixup(A,B,C)
+#endif
+
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+/*
+** Information is passed from codeCursorHint() down to individual nodes of
+** the expression tree (by sqlite3WalkExpr()) using an instance of this
+** structure.
+*/
+struct CCurHint {
+ int iTabCur; /* Cursor for the main table */
+ int iIdxCur; /* Cursor for the index, if pIdx!=0. Unused otherwise */
+ Index *pIdx; /* The index used to access the table */
+};
+
+/*
+** This function is called for every node of an expression that is a candidate
+** for a cursor hint on an index cursor. For TK_COLUMN nodes that reference
+** the table CCurHint.iTabCur, verify that the same column can be
+** accessed through the index. If it cannot, then set pWalker->eCode to 1.
+*/
+static int codeCursorHintCheckExpr(Walker *pWalker, Expr *pExpr){
+ struct CCurHint *pHint = pWalker->u.pCCurHint;
+ assert( pHint->pIdx!=0 );
+ if( pExpr->op==TK_COLUMN
+ && pExpr->iTable==pHint->iTabCur
+ && sqlite3ColumnOfIndex(pHint->pIdx, pExpr->iColumn)<0
+ ){
+ pWalker->eCode = 1;
+ }
+ return WRC_Continue;
+}
+
+
+/*
+** This function is called on every node of an expression tree used as an
+** argument to the OP_CursorHint instruction. If the node is a TK_COLUMN
+** that accesses any table other than the one identified by
+** CCurHint.iTabCur, then do the following:
+**
+** 1) allocate a register and code an OP_Column instruction to read
+** the specified column into the new register, and
+**
+** 2) transform the expression node to a TK_REGISTER node that reads
+** from the newly populated register.
+**
+** Also, if the node is a TK_COLUMN that does access the table idenified
+** by pCCurHint.iTabCur, and an index is being used (which we will
+** know because CCurHint.pIdx!=0) then transform the TK_COLUMN into
+** an access of the index rather than the original table.
+*/
+static int codeCursorHintFixExpr(Walker *pWalker, Expr *pExpr){
+ int rc = WRC_Continue;
+ struct CCurHint *pHint = pWalker->u.pCCurHint;
+ if( pExpr->op==TK_COLUMN ){
+ if( pExpr->iTable!=pHint->iTabCur ){
+ Vdbe *v = pWalker->pParse->pVdbe;
+ int reg = ++pWalker->pParse->nMem; /* Register for column value */
+ sqlite3ExprCodeGetColumnOfTable(
+ v, pExpr->pTab, pExpr->iTable, pExpr->iColumn, reg
+ );
+ pExpr->op = TK_REGISTER;
+ pExpr->iTable = reg;
+ }else if( pHint->pIdx!=0 ){
+ pExpr->iTable = pHint->iIdxCur;
+ pExpr->iColumn = sqlite3ColumnOfIndex(pHint->pIdx, pExpr->iColumn);
+ assert( pExpr->iColumn>=0 );
+ }
+ }else if( pExpr->op==TK_AGG_FUNCTION ){
+ /* An aggregate function in the WHERE clause of a query means this must
+ ** be a correlated sub-query, and expression pExpr is an aggregate from
+ ** the parent context. Do not walk the function arguments in this case.
+ **
+ ** todo: It should be possible to replace this node with a TK_REGISTER
+ ** expression, as the result of the expression must be stored in a
+ ** register at this point. The same holds for TK_AGG_COLUMN nodes. */
+ rc = WRC_Prune;
+ }
+ return rc;
+}
+
+/*
+** Insert an OP_CursorHint instruction if it is appropriate to do so.
+*/
+static void codeCursorHint(
+ WhereInfo *pWInfo, /* The where clause */
+ WhereLevel *pLevel, /* Which loop to provide hints for */
+ WhereTerm *pEndRange /* Hint this end-of-scan boundary term if not NULL */
+){
+ Parse *pParse = pWInfo->pParse;
+ sqlite3 *db = pParse->db;
+ Vdbe *v = pParse->pVdbe;
+ Expr *pExpr = 0;
+ WhereLoop *pLoop = pLevel->pWLoop;
+ int iCur;
+ WhereClause *pWC;
+ WhereTerm *pTerm;
+ int i, j;
+ struct CCurHint sHint;
+ Walker sWalker;
+
+ if( OptimizationDisabled(db, SQLITE_CursorHints) ) return;
+ iCur = pLevel->iTabCur;
+ assert( iCur==pWInfo->pTabList->a[pLevel->iFrom].iCursor );
+ sHint.iTabCur = iCur;
+ sHint.iIdxCur = pLevel->iIdxCur;
+ sHint.pIdx = pLoop->u.btree.pIndex;
+ memset(&sWalker, 0, sizeof(sWalker));
+ sWalker.pParse = pParse;
+ sWalker.u.pCCurHint = &sHint;
+ pWC = &pWInfo->sWC;
+ for(i=0; i<pWC->nTerm; i++){
+ pTerm = &pWC->a[i];
+ if( pTerm->wtFlags & (TERM_VIRTUAL|TERM_CODED) ) continue;
+ if( pTerm->prereqAll & pLevel->notReady ) continue;
+ if( ExprHasProperty(pTerm->pExpr, EP_FromJoin) ) continue;
+
+ /* All terms in pWLoop->aLTerm[] except pEndRange are used to initialize
+ ** the cursor. These terms are not needed as hints for a pure range
+ ** scan (that has no == terms) so omit them. */
+ if( pLoop->u.btree.nEq==0 && pTerm!=pEndRange ){
+ for(j=0; j<pLoop->nLTerm && pLoop->aLTerm[j]!=pTerm; j++){}
+ if( j<pLoop->nLTerm ) continue;
+ }
+
+ /* No subqueries or non-deterministic functions allowed */
+ if( sqlite3ExprContainsSubquery(pTerm->pExpr) ) continue;
+
+ /* For an index scan, make sure referenced columns are actually in
+ ** the index. */
+ if( sHint.pIdx!=0 ){
+ sWalker.eCode = 0;
+ sWalker.xExprCallback = codeCursorHintCheckExpr;
+ sqlite3WalkExpr(&sWalker, pTerm->pExpr);
+ if( sWalker.eCode ) continue;
+ }
+
+ /* If we survive all prior tests, that means this term is worth hinting */
+ pExpr = sqlite3ExprAnd(db, pExpr, sqlite3ExprDup(db, pTerm->pExpr, 0));
+ }
+ if( pExpr!=0 ){
+ sWalker.xExprCallback = codeCursorHintFixExpr;
+ sqlite3WalkExpr(&sWalker, pExpr);
+ sqlite3VdbeAddOp4(v, OP_CursorHint,
+ (sHint.pIdx ? sHint.iIdxCur : sHint.iTabCur), 0, 0,
+ (const char*)pExpr, P4_EXPR);
+ }
+}
+#else
+# define codeCursorHint(A,B,C) /* No-op */
+#endif /* SQLITE_ENABLE_CURSOR_HINTS */
+
+/*
+** Generate code for the start of the iLevel-th loop in the WHERE clause
+** implementation described by pWInfo.
+*/
+SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
+ WhereInfo *pWInfo, /* Complete information about the WHERE clause */
+ int iLevel, /* Which level of pWInfo->a[] should be coded */
+ Bitmask notReady /* Which tables are currently available */
+){
+ int j, k; /* Loop counters */
+ int iCur; /* The VDBE cursor for the table */
+ int addrNxt; /* Where to jump to continue with the next IN case */
+ int omitTable; /* True if we use the index only */
+ int bRev; /* True if we need to scan in reverse order */
+ WhereLevel *pLevel; /* The where level to be coded */
+ WhereLoop *pLoop; /* The WhereLoop object being coded */
+ WhereClause *pWC; /* Decomposition of the entire WHERE clause */
+ WhereTerm *pTerm; /* A WHERE clause term */
+ Parse *pParse; /* Parsing context */
+ sqlite3 *db; /* Database connection */
+ Vdbe *v; /* The prepared stmt under constructions */
+ struct SrcList_item *pTabItem; /* FROM clause term being coded */
+ int addrBrk; /* Jump here to break out of the loop */
+ int addrCont; /* Jump here to continue with next cycle */
+ int iRowidReg = 0; /* Rowid is stored in this register, if not zero */
+ int iReleaseReg = 0; /* Temp register to free before returning */
+
+ pParse = pWInfo->pParse;
+ v = pParse->pVdbe;
+ pWC = &pWInfo->sWC;
+ db = pParse->db;
+ pLevel = &pWInfo->a[iLevel];
+ pLoop = pLevel->pWLoop;
+ pTabItem = &pWInfo->pTabList->a[pLevel->iFrom];
+ iCur = pTabItem->iCursor;
+ pLevel->notReady = notReady & ~sqlite3WhereGetMask(&pWInfo->sMaskSet, iCur);
+ bRev = (pWInfo->revMask>>iLevel)&1;
+ omitTable = (pLoop->wsFlags & WHERE_IDX_ONLY)!=0
+ && (pWInfo->wctrlFlags & WHERE_FORCE_TABLE)==0;
+ VdbeModuleComment((v, "Begin WHERE-loop%d: %s",iLevel,pTabItem->pTab->zName));
+
+ /* Create labels for the "break" and "continue" instructions
+ ** for the current loop. Jump to addrBrk to break out of a loop.
+ ** Jump to cont to go immediately to the next iteration of the
+ ** loop.
+ **
+ ** When there is an IN operator, we also have a "addrNxt" label that
+ ** means to continue with the next IN value combination. When
+ ** there are no IN operators in the constraints, the "addrNxt" label
+ ** is the same as "addrBrk".
+ */
+ addrBrk = pLevel->addrBrk = pLevel->addrNxt = sqlite3VdbeMakeLabel(v);
+ addrCont = pLevel->addrCont = sqlite3VdbeMakeLabel(v);
+
+ /* If this is the right table of a LEFT OUTER JOIN, allocate and
+ ** initialize a memory cell that records if this table matches any
+ ** row of the left table of the join.
+ */
+ if( pLevel->iFrom>0 && (pTabItem[0].fg.jointype & JT_LEFT)!=0 ){
+ pLevel->iLeftJoin = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Integer, 0, pLevel->iLeftJoin);
+ VdbeComment((v, "init LEFT JOIN no-match flag"));
+ }
+
+ /* Special case of a FROM clause subquery implemented as a co-routine */
+ if( pTabItem->fg.viaCoroutine ){
+ int regYield = pTabItem->regReturn;
+ sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, pTabItem->addrFillSub);
+ pLevel->p2 = sqlite3VdbeAddOp2(v, OP_Yield, regYield, addrBrk);
+ VdbeCoverage(v);
+ VdbeComment((v, "next row of \"%s\"", pTabItem->pTab->zName));
+ pLevel->op = OP_Goto;
+ }else
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( (pLoop->wsFlags & WHERE_VIRTUALTABLE)!=0 ){
+ /* Case 1: The table is a virtual-table. Use the VFilter and VNext
+ ** to access the data.
+ */
+ int iReg; /* P3 Value for OP_VFilter */
+ int addrNotFound;
+ int nConstraint = pLoop->nLTerm;
+
+ sqlite3ExprCachePush(pParse);
+ iReg = sqlite3GetTempRange(pParse, nConstraint+2);
+ addrNotFound = pLevel->addrBrk;
+ for(j=0; j<nConstraint; j++){
+ int iTarget = iReg+j+2;
+ pTerm = pLoop->aLTerm[j];
+ if( pTerm==0 ) continue;
+ if( pTerm->eOperator & WO_IN ){
+ codeEqualityTerm(pParse, pTerm, pLevel, j, bRev, iTarget);
+ addrNotFound = pLevel->addrNxt;
+ }else{
+ sqlite3ExprCode(pParse, pTerm->pExpr->pRight, iTarget);
+ }
+ }
+ sqlite3VdbeAddOp2(v, OP_Integer, pLoop->u.vtab.idxNum, iReg);
+ sqlite3VdbeAddOp2(v, OP_Integer, nConstraint, iReg+1);
+ sqlite3VdbeAddOp4(v, OP_VFilter, iCur, addrNotFound, iReg,
+ pLoop->u.vtab.idxStr,
+ pLoop->u.vtab.needFree ? P4_MPRINTF : P4_STATIC);
+ VdbeCoverage(v);
+ pLoop->u.vtab.needFree = 0;
+ for(j=0; j<nConstraint && j<16; j++){
+ if( (pLoop->u.vtab.omitMask>>j)&1 ){
+ disableTerm(pLevel, pLoop->aLTerm[j]);
+ }
+ }
+ pLevel->p1 = iCur;
+ pLevel->op = pWInfo->eOnePass ? OP_Noop : OP_VNext;
+ pLevel->p2 = sqlite3VdbeCurrentAddr(v);
+ sqlite3ReleaseTempRange(pParse, iReg, nConstraint+2);
+ sqlite3ExprCachePop(pParse);
+ }else
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+ if( (pLoop->wsFlags & WHERE_IPK)!=0
+ && (pLoop->wsFlags & (WHERE_COLUMN_IN|WHERE_COLUMN_EQ))!=0
+ ){
+ /* Case 2: We can directly reference a single row using an
+ ** equality comparison against the ROWID field. Or
+ ** we reference multiple rows using a "rowid IN (...)"
+ ** construct.
+ */
+ assert( pLoop->u.btree.nEq==1 );
+ pTerm = pLoop->aLTerm[0];
+ assert( pTerm!=0 );
+ assert( pTerm->pExpr!=0 );
+ assert( omitTable==0 );
+ testcase( pTerm->wtFlags & TERM_VIRTUAL );
+ iReleaseReg = ++pParse->nMem;
+ iRowidReg = codeEqualityTerm(pParse, pTerm, pLevel, 0, bRev, iReleaseReg);
+ if( iRowidReg!=iReleaseReg ) sqlite3ReleaseTempReg(pParse, iReleaseReg);
+ addrNxt = pLevel->addrNxt;
+ sqlite3VdbeAddOp2(v, OP_MustBeInt, iRowidReg, addrNxt); VdbeCoverage(v);
+ sqlite3VdbeAddOp3(v, OP_NotExists, iCur, addrNxt, iRowidReg);
+ VdbeCoverage(v);
+ sqlite3ExprCacheAffinityChange(pParse, iRowidReg, 1);
+ sqlite3ExprCacheStore(pParse, iCur, -1, iRowidReg);
+ VdbeComment((v, "pk"));
+ pLevel->op = OP_Noop;
+ }else if( (pLoop->wsFlags & WHERE_IPK)!=0
+ && (pLoop->wsFlags & WHERE_COLUMN_RANGE)!=0
+ ){
+ /* Case 3: We have an inequality comparison against the ROWID field.
+ */
+ int testOp = OP_Noop;
+ int start;
+ int memEndValue = 0;
+ WhereTerm *pStart, *pEnd;
+
+ assert( omitTable==0 );
+ j = 0;
+ pStart = pEnd = 0;
+ if( pLoop->wsFlags & WHERE_BTM_LIMIT ) pStart = pLoop->aLTerm[j++];
+ if( pLoop->wsFlags & WHERE_TOP_LIMIT ) pEnd = pLoop->aLTerm[j++];
+ assert( pStart!=0 || pEnd!=0 );
+ if( bRev ){
+ pTerm = pStart;
+ pStart = pEnd;
+ pEnd = pTerm;
+ }
+ codeCursorHint(pWInfo, pLevel, pEnd);
+ if( pStart ){
+ Expr *pX; /* The expression that defines the start bound */
+ int r1, rTemp; /* Registers for holding the start boundary */
+
+ /* The following constant maps TK_xx codes into corresponding
+ ** seek opcodes. It depends on a particular ordering of TK_xx
+ */
+ const u8 aMoveOp[] = {
+ /* TK_GT */ OP_SeekGT,
+ /* TK_LE */ OP_SeekLE,
+ /* TK_LT */ OP_SeekLT,
+ /* TK_GE */ OP_SeekGE
+ };
+ assert( TK_LE==TK_GT+1 ); /* Make sure the ordering.. */
+ assert( TK_LT==TK_GT+2 ); /* ... of the TK_xx values... */
+ assert( TK_GE==TK_GT+3 ); /* ... is correcct. */
+
+ assert( (pStart->wtFlags & TERM_VNULL)==0 );
+ testcase( pStart->wtFlags & TERM_VIRTUAL );
+ pX = pStart->pExpr;
+ assert( pX!=0 );
+ testcase( pStart->leftCursor!=iCur ); /* transitive constraints */
+ r1 = sqlite3ExprCodeTemp(pParse, pX->pRight, &rTemp);
+ sqlite3VdbeAddOp3(v, aMoveOp[pX->op-TK_GT], iCur, addrBrk, r1);
+ VdbeComment((v, "pk"));
+ VdbeCoverageIf(v, pX->op==TK_GT);
+ VdbeCoverageIf(v, pX->op==TK_LE);
+ VdbeCoverageIf(v, pX->op==TK_LT);
+ VdbeCoverageIf(v, pX->op==TK_GE);
+ sqlite3ExprCacheAffinityChange(pParse, r1, 1);
+ sqlite3ReleaseTempReg(pParse, rTemp);
+ disableTerm(pLevel, pStart);
+ }else{
+ sqlite3VdbeAddOp2(v, bRev ? OP_Last : OP_Rewind, iCur, addrBrk);
+ VdbeCoverageIf(v, bRev==0);
+ VdbeCoverageIf(v, bRev!=0);
+ }
+ if( pEnd ){
+ Expr *pX;
+ pX = pEnd->pExpr;
+ assert( pX!=0 );
+ assert( (pEnd->wtFlags & TERM_VNULL)==0 );
+ testcase( pEnd->leftCursor!=iCur ); /* Transitive constraints */
+ testcase( pEnd->wtFlags & TERM_VIRTUAL );
+ memEndValue = ++pParse->nMem;
+ sqlite3ExprCode(pParse, pX->pRight, memEndValue);
+ if( pX->op==TK_LT || pX->op==TK_GT ){
+ testOp = bRev ? OP_Le : OP_Ge;
+ }else{
+ testOp = bRev ? OP_Lt : OP_Gt;
+ }
+ disableTerm(pLevel, pEnd);
+ }
+ start = sqlite3VdbeCurrentAddr(v);
+ pLevel->op = bRev ? OP_Prev : OP_Next;
+ pLevel->p1 = iCur;
+ pLevel->p2 = start;
+ assert( pLevel->p5==0 );
+ if( testOp!=OP_Noop ){
+ iRowidReg = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Rowid, iCur, iRowidReg);
+ sqlite3ExprCacheStore(pParse, iCur, -1, iRowidReg);
+ sqlite3VdbeAddOp3(v, testOp, memEndValue, addrBrk, iRowidReg);
+ VdbeCoverageIf(v, testOp==OP_Le);
+ VdbeCoverageIf(v, testOp==OP_Lt);
+ VdbeCoverageIf(v, testOp==OP_Ge);
+ VdbeCoverageIf(v, testOp==OP_Gt);
+ sqlite3VdbeChangeP5(v, SQLITE_AFF_NUMERIC | SQLITE_JUMPIFNULL);
+ }
+ }else if( pLoop->wsFlags & WHERE_INDEXED ){
+ /* Case 4: A scan using an index.
+ **
+ ** The WHERE clause may contain zero or more equality
+ ** terms ("==" or "IN" operators) that refer to the N
+ ** left-most columns of the index. It may also contain
+ ** inequality constraints (>, <, >= or <=) on the indexed
+ ** column that immediately follows the N equalities. Only
+ ** the right-most column can be an inequality - the rest must
+ ** use the "==" and "IN" operators. For example, if the
+ ** index is on (x,y,z), then the following clauses are all
+ ** optimized:
+ **
+ ** x=5
+ ** x=5 AND y=10
+ ** x=5 AND y<10
+ ** x=5 AND y>5 AND y<10
+ ** x=5 AND y=5 AND z<=10
+ **
+ ** The z<10 term of the following cannot be used, only
+ ** the x=5 term:
+ **
+ ** x=5 AND z<10
+ **
+ ** N may be zero if there are inequality constraints.
+ ** If there are no inequality constraints, then N is at
+ ** least one.
+ **
+ ** This case is also used when there are no WHERE clause
+ ** constraints but an index is selected anyway, in order
+ ** to force the output order to conform to an ORDER BY.
+ */
+ static const u8 aStartOp[] = {
+ 0,
+ 0,
+ OP_Rewind, /* 2: (!start_constraints && startEq && !bRev) */
+ OP_Last, /* 3: (!start_constraints && startEq && bRev) */
+ OP_SeekGT, /* 4: (start_constraints && !startEq && !bRev) */
+ OP_SeekLT, /* 5: (start_constraints && !startEq && bRev) */
+ OP_SeekGE, /* 6: (start_constraints && startEq && !bRev) */
+ OP_SeekLE /* 7: (start_constraints && startEq && bRev) */
+ };
+ static const u8 aEndOp[] = {
+ OP_IdxGE, /* 0: (end_constraints && !bRev && !endEq) */
+ OP_IdxGT, /* 1: (end_constraints && !bRev && endEq) */
+ OP_IdxLE, /* 2: (end_constraints && bRev && !endEq) */
+ OP_IdxLT, /* 3: (end_constraints && bRev && endEq) */
+ };
+ u16 nEq = pLoop->u.btree.nEq; /* Number of == or IN terms */
+ int regBase; /* Base register holding constraint values */
+ WhereTerm *pRangeStart = 0; /* Inequality constraint at range start */
+ WhereTerm *pRangeEnd = 0; /* Inequality constraint at range end */
+ int startEq; /* True if range start uses ==, >= or <= */
+ int endEq; /* True if range end uses ==, >= or <= */
+ int start_constraints; /* Start of range is constrained */
+ int nConstraint; /* Number of constraint terms */
+ Index *pIdx; /* The index we will be using */
+ int iIdxCur; /* The VDBE cursor for the index */
+ int nExtraReg = 0; /* Number of extra registers needed */
+ int op; /* Instruction opcode */
+ char *zStartAff; /* Affinity for start of range constraint */
+ char cEndAff = 0; /* Affinity for end of range constraint */
+ u8 bSeekPastNull = 0; /* True to seek past initial nulls */
+ u8 bStopAtNull = 0; /* Add condition to terminate at NULLs */
+
+ pIdx = pLoop->u.btree.pIndex;
+ iIdxCur = pLevel->iIdxCur;
+ assert( nEq>=pLoop->nSkip );
+
+ /* If this loop satisfies a sort order (pOrderBy) request that
+ ** was passed to this function to implement a "SELECT min(x) ..."
+ ** query, then the caller will only allow the loop to run for
+ ** a single iteration. This means that the first row returned
+ ** should not have a NULL value stored in 'x'. If column 'x' is
+ ** the first one after the nEq equality constraints in the index,
+ ** this requires some special handling.
+ */
+ assert( pWInfo->pOrderBy==0
+ || pWInfo->pOrderBy->nExpr==1
+ || (pWInfo->wctrlFlags&WHERE_ORDERBY_MIN)==0 );
+ if( (pWInfo->wctrlFlags&WHERE_ORDERBY_MIN)!=0
+ && pWInfo->nOBSat>0
+ && (pIdx->nKeyCol>nEq)
+ ){
+ assert( pLoop->nSkip==0 );
+ bSeekPastNull = 1;
+ nExtraReg = 1;
+ }
+
+ /* Find any inequality constraint terms for the start and end
+ ** of the range.
+ */
+ j = nEq;
+ if( pLoop->wsFlags & WHERE_BTM_LIMIT ){
+ pRangeStart = pLoop->aLTerm[j++];
+ nExtraReg = 1;
+ /* Like optimization range constraints always occur in pairs */
+ assert( (pRangeStart->wtFlags & TERM_LIKEOPT)==0 ||
+ (pLoop->wsFlags & WHERE_TOP_LIMIT)!=0 );
+ }
+ if( pLoop->wsFlags & WHERE_TOP_LIMIT ){
+ pRangeEnd = pLoop->aLTerm[j++];
+ nExtraReg = 1;
+#ifndef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ if( (pRangeEnd->wtFlags & TERM_LIKEOPT)!=0 ){
+ assert( pRangeStart!=0 ); /* LIKE opt constraints */
+ assert( pRangeStart->wtFlags & TERM_LIKEOPT ); /* occur in pairs */
+ pLevel->iLikeRepCntr = ++pParse->nMem;
+ testcase( bRev );
+ testcase( pIdx->aSortOrder[nEq]==SQLITE_SO_DESC );
+ sqlite3VdbeAddOp2(v, OP_Integer,
+ bRev ^ (pIdx->aSortOrder[nEq]==SQLITE_SO_DESC),
+ pLevel->iLikeRepCntr);
+ VdbeComment((v, "LIKE loop counter"));
+ pLevel->addrLikeRep = sqlite3VdbeCurrentAddr(v);
+ }
+#endif
+ if( pRangeStart==0
+ && (j = pIdx->aiColumn[nEq])>=0
+ && pIdx->pTable->aCol[j].notNull==0
+ ){
+ bSeekPastNull = 1;
+ }
+ }
+ assert( pRangeEnd==0 || (pRangeEnd->wtFlags & TERM_VNULL)==0 );
+
+ /* If we are doing a reverse order scan on an ascending index, or
+ ** a forward order scan on a descending index, interchange the
+ ** start and end terms (pRangeStart and pRangeEnd).
+ */
+ if( (nEq<pIdx->nKeyCol && bRev==(pIdx->aSortOrder[nEq]==SQLITE_SO_ASC))
+ || (bRev && pIdx->nKeyCol==nEq)
+ ){
+ SWAP(WhereTerm *, pRangeEnd, pRangeStart);
+ SWAP(u8, bSeekPastNull, bStopAtNull);
+ }
+
+ /* Generate code to evaluate all constraint terms using == or IN
+ ** and store the values of those terms in an array of registers
+ ** starting at regBase.
+ */
+ codeCursorHint(pWInfo, pLevel, pRangeEnd);
+ regBase = codeAllEqualityTerms(pParse,pLevel,bRev,nExtraReg,&zStartAff);
+ assert( zStartAff==0 || sqlite3Strlen30(zStartAff)>=nEq );
+ if( zStartAff ) cEndAff = zStartAff[nEq];
+ addrNxt = pLevel->addrNxt;
+
+ testcase( pRangeStart && (pRangeStart->eOperator & WO_LE)!=0 );
+ testcase( pRangeStart && (pRangeStart->eOperator & WO_GE)!=0 );
+ testcase( pRangeEnd && (pRangeEnd->eOperator & WO_LE)!=0 );
+ testcase( pRangeEnd && (pRangeEnd->eOperator & WO_GE)!=0 );
+ startEq = !pRangeStart || pRangeStart->eOperator & (WO_LE|WO_GE);
+ endEq = !pRangeEnd || pRangeEnd->eOperator & (WO_LE|WO_GE);
+ start_constraints = pRangeStart || nEq>0;
+
+ /* Seek the index cursor to the start of the range. */
+ nConstraint = nEq;
+ if( pRangeStart ){
+ Expr *pRight = pRangeStart->pExpr->pRight;
+ sqlite3ExprCode(pParse, pRight, regBase+nEq);
+ whereLikeOptimizationStringFixup(v, pLevel, pRangeStart);
+ if( (pRangeStart->wtFlags & TERM_VNULL)==0
+ && sqlite3ExprCanBeNull(pRight)
+ ){
+ sqlite3VdbeAddOp2(v, OP_IsNull, regBase+nEq, addrNxt);
+ VdbeCoverage(v);
+ }
+ if( zStartAff ){
+ if( sqlite3CompareAffinity(pRight, zStartAff[nEq])==SQLITE_AFF_BLOB){
+ /* Since the comparison is to be performed with no conversions
+ ** applied to the operands, set the affinity to apply to pRight to
+ ** SQLITE_AFF_BLOB. */
+ zStartAff[nEq] = SQLITE_AFF_BLOB;
+ }
+ if( sqlite3ExprNeedsNoAffinityChange(pRight, zStartAff[nEq]) ){
+ zStartAff[nEq] = SQLITE_AFF_BLOB;
+ }
+ }
+ nConstraint++;
+ testcase( pRangeStart->wtFlags & TERM_VIRTUAL );
+ }else if( bSeekPastNull ){
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regBase+nEq);
+ nConstraint++;
+ startEq = 0;
+ start_constraints = 1;
+ }
+ codeApplyAffinity(pParse, regBase, nConstraint - bSeekPastNull, zStartAff);
+ op = aStartOp[(start_constraints<<2) + (startEq<<1) + bRev];
+ assert( op!=0 );
+ sqlite3VdbeAddOp4Int(v, op, iIdxCur, addrNxt, regBase, nConstraint);
+ VdbeCoverage(v);
+ VdbeCoverageIf(v, op==OP_Rewind); testcase( op==OP_Rewind );
+ VdbeCoverageIf(v, op==OP_Last); testcase( op==OP_Last );
+ VdbeCoverageIf(v, op==OP_SeekGT); testcase( op==OP_SeekGT );
+ VdbeCoverageIf(v, op==OP_SeekGE); testcase( op==OP_SeekGE );
+ VdbeCoverageIf(v, op==OP_SeekLE); testcase( op==OP_SeekLE );
+ VdbeCoverageIf(v, op==OP_SeekLT); testcase( op==OP_SeekLT );
+
+ /* Load the value for the inequality constraint at the end of the
+ ** range (if any).
+ */
+ nConstraint = nEq;
+ if( pRangeEnd ){
+ Expr *pRight = pRangeEnd->pExpr->pRight;
+ sqlite3ExprCacheRemove(pParse, regBase+nEq, 1);
+ sqlite3ExprCode(pParse, pRight, regBase+nEq);
+ whereLikeOptimizationStringFixup(v, pLevel, pRangeEnd);
+ if( (pRangeEnd->wtFlags & TERM_VNULL)==0
+ && sqlite3ExprCanBeNull(pRight)
+ ){
+ sqlite3VdbeAddOp2(v, OP_IsNull, regBase+nEq, addrNxt);
+ VdbeCoverage(v);
+ }
+ if( sqlite3CompareAffinity(pRight, cEndAff)!=SQLITE_AFF_BLOB
+ && !sqlite3ExprNeedsNoAffinityChange(pRight, cEndAff)
+ ){
+ codeApplyAffinity(pParse, regBase+nEq, 1, &cEndAff);
+ }
+ nConstraint++;
+ testcase( pRangeEnd->wtFlags & TERM_VIRTUAL );
+ }else if( bStopAtNull ){
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regBase+nEq);
+ endEq = 0;
+ nConstraint++;
+ }
+ sqlite3DbFree(db, zStartAff);
+
+ /* Top of the loop body */
+ pLevel->p2 = sqlite3VdbeCurrentAddr(v);
+
+ /* Check if the index cursor is past the end of the range. */
+ if( nConstraint ){
+ op = aEndOp[bRev*2 + endEq];
+ sqlite3VdbeAddOp4Int(v, op, iIdxCur, addrNxt, regBase, nConstraint);
+ testcase( op==OP_IdxGT ); VdbeCoverageIf(v, op==OP_IdxGT );
+ testcase( op==OP_IdxGE ); VdbeCoverageIf(v, op==OP_IdxGE );
+ testcase( op==OP_IdxLT ); VdbeCoverageIf(v, op==OP_IdxLT );
+ testcase( op==OP_IdxLE ); VdbeCoverageIf(v, op==OP_IdxLE );
+ }
+
+ /* Seek the table cursor, if required */
+ disableTerm(pLevel, pRangeStart);
+ disableTerm(pLevel, pRangeEnd);
+ if( omitTable ){
+ /* pIdx is a covering index. No need to access the main table. */
+ }else if( HasRowid(pIdx->pTable) ){
+ iRowidReg = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_IdxRowid, iIdxCur, iRowidReg);
+ sqlite3ExprCacheStore(pParse, iCur, -1, iRowidReg);
+ if( pWInfo->eOnePass!=ONEPASS_OFF ){
+ sqlite3VdbeAddOp3(v, OP_NotExists, iCur, 0, iRowidReg);
+ VdbeCoverage(v);
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Seek, iCur, iRowidReg); /* Deferred seek */
+ }
+ }else if( iCur!=iIdxCur ){
+ Index *pPk = sqlite3PrimaryKeyIndex(pIdx->pTable);
+ iRowidReg = sqlite3GetTempRange(pParse, pPk->nKeyCol);
+ for(j=0; j<pPk->nKeyCol; j++){
+ k = sqlite3ColumnOfIndex(pIdx, pPk->aiColumn[j]);
+ sqlite3VdbeAddOp3(v, OP_Column, iIdxCur, k, iRowidReg+j);
+ }
+ sqlite3VdbeAddOp4Int(v, OP_NotFound, iCur, addrCont,
+ iRowidReg, pPk->nKeyCol); VdbeCoverage(v);
+ }
+
+ /* Record the instruction used to terminate the loop. Disable
+ ** WHERE clause terms made redundant by the index range scan.
+ */
+ if( pLoop->wsFlags & WHERE_ONEROW ){
+ pLevel->op = OP_Noop;
+ }else if( bRev ){
+ pLevel->op = OP_Prev;
+ }else{
+ pLevel->op = OP_Next;
+ }
+ pLevel->p1 = iIdxCur;
+ pLevel->p3 = (pLoop->wsFlags&WHERE_UNQ_WANTED)!=0 ? 1:0;
+ if( (pLoop->wsFlags & WHERE_CONSTRAINT)==0 ){
+ pLevel->p5 = SQLITE_STMTSTATUS_FULLSCAN_STEP;
+ }else{
+ assert( pLevel->p5==0 );
+ }
+ }else
+
+#ifndef SQLITE_OMIT_OR_OPTIMIZATION
+ if( pLoop->wsFlags & WHERE_MULTI_OR ){
+ /* Case 5: Two or more separately indexed terms connected by OR
+ **
+ ** Example:
+ **
+ ** CREATE TABLE t1(a,b,c,d);
+ ** CREATE INDEX i1 ON t1(a);
+ ** CREATE INDEX i2 ON t1(b);
+ ** CREATE INDEX i3 ON t1(c);
+ **
+ ** SELECT * FROM t1 WHERE a=5 OR b=7 OR (c=11 AND d=13)
+ **
+ ** In the example, there are three indexed terms connected by OR.
+ ** The top of the loop looks like this:
+ **
+ ** Null 1 # Zero the rowset in reg 1
+ **
+ ** Then, for each indexed term, the following. The arguments to
+ ** RowSetTest are such that the rowid of the current row is inserted
+ ** into the RowSet. If it is already present, control skips the
+ ** Gosub opcode and jumps straight to the code generated by WhereEnd().
+ **
+ ** sqlite3WhereBegin(<term>)
+ ** RowSetTest # Insert rowid into rowset
+ ** Gosub 2 A
+ ** sqlite3WhereEnd()
+ **
+ ** Following the above, code to terminate the loop. Label A, the target
+ ** of the Gosub above, jumps to the instruction right after the Goto.
+ **
+ ** Null 1 # Zero the rowset in reg 1
+ ** Goto B # The loop is finished.
+ **
+ ** A: <loop body> # Return data, whatever.
+ **
+ ** Return 2 # Jump back to the Gosub
+ **
+ ** B: <after the loop>
+ **
+ ** Added 2014-05-26: If the table is a WITHOUT ROWID table, then
+ ** use an ephemeral index instead of a RowSet to record the primary
+ ** keys of the rows we have already seen.
+ **
+ */
+ WhereClause *pOrWc; /* The OR-clause broken out into subterms */
+ SrcList *pOrTab; /* Shortened table list or OR-clause generation */
+ Index *pCov = 0; /* Potential covering index (or NULL) */
+ int iCovCur = pParse->nTab++; /* Cursor used for index scans (if any) */
+
+ int regReturn = ++pParse->nMem; /* Register used with OP_Gosub */
+ int regRowset = 0; /* Register for RowSet object */
+ int regRowid = 0; /* Register holding rowid */
+ int iLoopBody = sqlite3VdbeMakeLabel(v); /* Start of loop body */
+ int iRetInit; /* Address of regReturn init */
+ int untestedTerms = 0; /* Some terms not completely tested */
+ int ii; /* Loop counter */
+ u16 wctrlFlags; /* Flags for sub-WHERE clause */
+ Expr *pAndExpr = 0; /* An ".. AND (...)" expression */
+ Table *pTab = pTabItem->pTab;
+
+ pTerm = pLoop->aLTerm[0];
+ assert( pTerm!=0 );
+ assert( pTerm->eOperator & WO_OR );
+ assert( (pTerm->wtFlags & TERM_ORINFO)!=0 );
+ pOrWc = &pTerm->u.pOrInfo->wc;
+ pLevel->op = OP_Return;
+ pLevel->p1 = regReturn;
+
+ /* Set up a new SrcList in pOrTab containing the table being scanned
+ ** by this loop in the a[0] slot and all notReady tables in a[1..] slots.
+ ** This becomes the SrcList in the recursive call to sqlite3WhereBegin().
+ */
+ if( pWInfo->nLevel>1 ){
+ int nNotReady; /* The number of notReady tables */
+ struct SrcList_item *origSrc; /* Original list of tables */
+ nNotReady = pWInfo->nLevel - iLevel - 1;
+ pOrTab = sqlite3StackAllocRaw(db,
+ sizeof(*pOrTab)+ nNotReady*sizeof(pOrTab->a[0]));
+ if( pOrTab==0 ) return notReady;
+ pOrTab->nAlloc = (u8)(nNotReady + 1);
+ pOrTab->nSrc = pOrTab->nAlloc;
+ memcpy(pOrTab->a, pTabItem, sizeof(*pTabItem));
+ origSrc = pWInfo->pTabList->a;
+ for(k=1; k<=nNotReady; k++){
+ memcpy(&pOrTab->a[k], &origSrc[pLevel[k].iFrom], sizeof(pOrTab->a[k]));
+ }
+ }else{
+ pOrTab = pWInfo->pTabList;
+ }
+
+ /* Initialize the rowset register to contain NULL. An SQL NULL is
+ ** equivalent to an empty rowset. Or, create an ephemeral index
+ ** capable of holding primary keys in the case of a WITHOUT ROWID.
+ **
+ ** Also initialize regReturn to contain the address of the instruction
+ ** immediately following the OP_Return at the bottom of the loop. This
+ ** is required in a few obscure LEFT JOIN cases where control jumps
+ ** over the top of the loop into the body of it. In this case the
+ ** correct response for the end-of-loop code (the OP_Return) is to
+ ** fall through to the next instruction, just as an OP_Next does if
+ ** called on an uninitialized cursor.
+ */
+ if( (pWInfo->wctrlFlags & WHERE_DUPLICATES_OK)==0 ){
+ if( HasRowid(pTab) ){
+ regRowset = ++pParse->nMem;
+ sqlite3VdbeAddOp2(v, OP_Null, 0, regRowset);
+ }else{
+ Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+ regRowset = pParse->nTab++;
+ sqlite3VdbeAddOp2(v, OP_OpenEphemeral, regRowset, pPk->nKeyCol);
+ sqlite3VdbeSetP4KeyInfo(pParse, pPk);
+ }
+ regRowid = ++pParse->nMem;
+ }
+ iRetInit = sqlite3VdbeAddOp2(v, OP_Integer, 0, regReturn);
+
+ /* If the original WHERE clause is z of the form: (x1 OR x2 OR ...) AND y
+ ** Then for every term xN, evaluate as the subexpression: xN AND z
+ ** That way, terms in y that are factored into the disjunction will
+ ** be picked up by the recursive calls to sqlite3WhereBegin() below.
+ **
+ ** Actually, each subexpression is converted to "xN AND w" where w is
+ ** the "interesting" terms of z - terms that did not originate in the
+ ** ON or USING clause of a LEFT JOIN, and terms that are usable as
+ ** indices.
+ **
+ ** This optimization also only applies if the (x1 OR x2 OR ...) term
+ ** is not contained in the ON clause of a LEFT JOIN.
+ ** See ticket http://www.sqlite.org/src/info/f2369304e4
+ */
+ if( pWC->nTerm>1 ){
+ int iTerm;
+ for(iTerm=0; iTerm<pWC->nTerm; iTerm++){
+ Expr *pExpr = pWC->a[iTerm].pExpr;
+ if( &pWC->a[iTerm] == pTerm ) continue;
+ if( ExprHasProperty(pExpr, EP_FromJoin) ) continue;
+ if( (pWC->a[iTerm].wtFlags & TERM_VIRTUAL)!=0 ) continue;
+ if( (pWC->a[iTerm].eOperator & WO_ALL)==0 ) continue;
+ testcase( pWC->a[iTerm].wtFlags & TERM_ORINFO );
+ pExpr = sqlite3ExprDup(db, pExpr, 0);
+ pAndExpr = sqlite3ExprAnd(db, pAndExpr, pExpr);
+ }
+ if( pAndExpr ){
+ pAndExpr = sqlite3PExpr(pParse, TK_AND|TKFLG_DONTFOLD, 0, pAndExpr, 0);
+ }
+ }
+
+ /* Run a separate WHERE clause for each term of the OR clause. After
+ ** eliminating duplicates from other WHERE clauses, the action for each
+ ** sub-WHERE clause is to to invoke the main loop body as a subroutine.
+ */
+ wctrlFlags = WHERE_OMIT_OPEN_CLOSE
+ | WHERE_FORCE_TABLE
+ | WHERE_ONETABLE_ONLY
+ | WHERE_NO_AUTOINDEX;
+ for(ii=0; ii<pOrWc->nTerm; ii++){
+ WhereTerm *pOrTerm = &pOrWc->a[ii];
+ if( pOrTerm->leftCursor==iCur || (pOrTerm->eOperator & WO_AND)!=0 ){
+ WhereInfo *pSubWInfo; /* Info for single OR-term scan */
+ Expr *pOrExpr = pOrTerm->pExpr; /* Current OR clause term */
+ int jmp1 = 0; /* Address of jump operation */
+ if( pAndExpr && !ExprHasProperty(pOrExpr, EP_FromJoin) ){
+ pAndExpr->pLeft = pOrExpr;
+ pOrExpr = pAndExpr;
+ }
+ /* Loop through table entries that match term pOrTerm. */
+ WHERETRACE(0xffff, ("Subplan for OR-clause:\n"));
+ pSubWInfo = sqlite3WhereBegin(pParse, pOrTab, pOrExpr, 0, 0,
+ wctrlFlags, iCovCur);
+ assert( pSubWInfo || pParse->nErr || db->mallocFailed );
+ if( pSubWInfo ){
+ WhereLoop *pSubLoop;
+ int addrExplain = sqlite3WhereExplainOneScan(
+ pParse, pOrTab, &pSubWInfo->a[0], iLevel, pLevel->iFrom, 0
+ );
+ sqlite3WhereAddScanStatus(v, pOrTab, &pSubWInfo->a[0], addrExplain);
+
+ /* This is the sub-WHERE clause body. First skip over
+ ** duplicate rows from prior sub-WHERE clauses, and record the
+ ** rowid (or PRIMARY KEY) for the current row so that the same
+ ** row will be skipped in subsequent sub-WHERE clauses.
+ */
+ if( (pWInfo->wctrlFlags & WHERE_DUPLICATES_OK)==0 ){
+ int r;
+ int iSet = ((ii==pOrWc->nTerm-1)?-1:ii);
+ if( HasRowid(pTab) ){
+ r = sqlite3ExprCodeGetColumn(pParse, pTab, -1, iCur, regRowid, 0);
+ jmp1 = sqlite3VdbeAddOp4Int(v, OP_RowSetTest, regRowset, 0,
+ r,iSet);
+ VdbeCoverage(v);
+ }else{
+ Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+ int nPk = pPk->nKeyCol;
+ int iPk;
+
+ /* Read the PK into an array of temp registers. */
+ r = sqlite3GetTempRange(pParse, nPk);
+ for(iPk=0; iPk<nPk; iPk++){
+ int iCol = pPk->aiColumn[iPk];
+ sqlite3ExprCodeGetColumnToReg(pParse, pTab, iCol, iCur, r+iPk);
+ }
+
+ /* Check if the temp table already contains this key. If so,
+ ** the row has already been included in the result set and
+ ** can be ignored (by jumping past the Gosub below). Otherwise,
+ ** insert the key into the temp table and proceed with processing
+ ** the row.
+ **
+ ** Use some of the same optimizations as OP_RowSetTest: If iSet
+ ** is zero, assume that the key cannot already be present in
+ ** the temp table. And if iSet is -1, assume that there is no
+ ** need to insert the key into the temp table, as it will never
+ ** be tested for. */
+ if( iSet ){
+ jmp1 = sqlite3VdbeAddOp4Int(v, OP_Found, regRowset, 0, r, nPk);
+ VdbeCoverage(v);
+ }
+ if( iSet>=0 ){
+ sqlite3VdbeAddOp3(v, OP_MakeRecord, r, nPk, regRowid);
+ sqlite3VdbeAddOp3(v, OP_IdxInsert, regRowset, regRowid, 0);
+ if( iSet ) sqlite3VdbeChangeP5(v, OPFLAG_USESEEKRESULT);
+ }
+
+ /* Release the array of temp registers */
+ sqlite3ReleaseTempRange(pParse, r, nPk);
+ }
+ }
+
+ /* Invoke the main loop body as a subroutine */
+ sqlite3VdbeAddOp2(v, OP_Gosub, regReturn, iLoopBody);
+
+ /* Jump here (skipping the main loop body subroutine) if the
+ ** current sub-WHERE row is a duplicate from prior sub-WHEREs. */
+ if( jmp1 ) sqlite3VdbeJumpHere(v, jmp1);
+
+ /* The pSubWInfo->untestedTerms flag means that this OR term
+ ** contained one or more AND term from a notReady table. The
+ ** terms from the notReady table could not be tested and will
+ ** need to be tested later.
+ */
+ if( pSubWInfo->untestedTerms ) untestedTerms = 1;
+
+ /* If all of the OR-connected terms are optimized using the same
+ ** index, and the index is opened using the same cursor number
+ ** by each call to sqlite3WhereBegin() made by this loop, it may
+ ** be possible to use that index as a covering index.
+ **
+ ** If the call to sqlite3WhereBegin() above resulted in a scan that
+ ** uses an index, and this is either the first OR-connected term
+ ** processed or the index is the same as that used by all previous
+ ** terms, set pCov to the candidate covering index. Otherwise, set
+ ** pCov to NULL to indicate that no candidate covering index will
+ ** be available.
+ */
+ pSubLoop = pSubWInfo->a[0].pWLoop;
+ assert( (pSubLoop->wsFlags & WHERE_AUTO_INDEX)==0 );
+ if( (pSubLoop->wsFlags & WHERE_INDEXED)!=0
+ && (ii==0 || pSubLoop->u.btree.pIndex==pCov)
+ && (HasRowid(pTab) || !IsPrimaryKeyIndex(pSubLoop->u.btree.pIndex))
+ ){
+ assert( pSubWInfo->a[0].iIdxCur==iCovCur );
+ pCov = pSubLoop->u.btree.pIndex;
+ wctrlFlags |= WHERE_REOPEN_IDX;
+ }else{
+ pCov = 0;
+ }
+
+ /* Finish the loop through table entries that match term pOrTerm. */
+ sqlite3WhereEnd(pSubWInfo);
+ }
+ }
+ }
+ pLevel->u.pCovidx = pCov;
+ if( pCov ) pLevel->iIdxCur = iCovCur;
+ if( pAndExpr ){
+ pAndExpr->pLeft = 0;
+ sqlite3ExprDelete(db, pAndExpr);
+ }
+ sqlite3VdbeChangeP1(v, iRetInit, sqlite3VdbeCurrentAddr(v));
+ sqlite3VdbeGoto(v, pLevel->addrBrk);
+ sqlite3VdbeResolveLabel(v, iLoopBody);
+
+ if( pWInfo->nLevel>1 ) sqlite3StackFree(db, pOrTab);
+ if( !untestedTerms ) disableTerm(pLevel, pTerm);
+ }else
+#endif /* SQLITE_OMIT_OR_OPTIMIZATION */
+
+ {
+ /* Case 6: There is no usable index. We must do a complete
+ ** scan of the entire table.
+ */
+ static const u8 aStep[] = { OP_Next, OP_Prev };
+ static const u8 aStart[] = { OP_Rewind, OP_Last };
+ assert( bRev==0 || bRev==1 );
+ if( pTabItem->fg.isRecursive ){
+ /* Tables marked isRecursive have only a single row that is stored in
+ ** a pseudo-cursor. No need to Rewind or Next such cursors. */
+ pLevel->op = OP_Noop;
+ }else{
+ codeCursorHint(pWInfo, pLevel, 0);
+ pLevel->op = aStep[bRev];
+ pLevel->p1 = iCur;
+ pLevel->p2 = 1 + sqlite3VdbeAddOp2(v, aStart[bRev], iCur, addrBrk);
+ VdbeCoverageIf(v, bRev==0);
+ VdbeCoverageIf(v, bRev!=0);
+ pLevel->p5 = SQLITE_STMTSTATUS_FULLSCAN_STEP;
+ }
+ }
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+ pLevel->addrVisit = sqlite3VdbeCurrentAddr(v);
+#endif
+
+ /* Insert code to test every subexpression that can be completely
+ ** computed using the current set of tables.
+ */
+ for(pTerm=pWC->a, j=pWC->nTerm; j>0; j--, pTerm++){
+ Expr *pE;
+ int skipLikeAddr = 0;
+ testcase( pTerm->wtFlags & TERM_VIRTUAL );
+ testcase( pTerm->wtFlags & TERM_CODED );
+ if( pTerm->wtFlags & (TERM_VIRTUAL|TERM_CODED) ) continue;
+ if( (pTerm->prereqAll & pLevel->notReady)!=0 ){
+ testcase( pWInfo->untestedTerms==0
+ && (pWInfo->wctrlFlags & WHERE_ONETABLE_ONLY)!=0 );
+ pWInfo->untestedTerms = 1;
+ continue;
+ }
+ pE = pTerm->pExpr;
+ assert( pE!=0 );
+ if( pLevel->iLeftJoin && !ExprHasProperty(pE, EP_FromJoin) ){
+ continue;
+ }
+ if( pTerm->wtFlags & TERM_LIKECOND ){
+#ifdef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ continue;
+#else
+ assert( pLevel->iLikeRepCntr>0 );
+ skipLikeAddr = sqlite3VdbeAddOp1(v, OP_IfNot, pLevel->iLikeRepCntr);
+ VdbeCoverage(v);
+#endif
+ }
+ sqlite3ExprIfFalse(pParse, pE, addrCont, SQLITE_JUMPIFNULL);
+ if( skipLikeAddr ) sqlite3VdbeJumpHere(v, skipLikeAddr);
+ pTerm->wtFlags |= TERM_CODED;
+ }
+
+ /* Insert code to test for implied constraints based on transitivity
+ ** of the "==" operator.
+ **
+ ** Example: If the WHERE clause contains "t1.a=t2.b" and "t2.b=123"
+ ** and we are coding the t1 loop and the t2 loop has not yet coded,
+ ** then we cannot use the "t1.a=t2.b" constraint, but we can code
+ ** the implied "t1.a=123" constraint.
+ */
+ for(pTerm=pWC->a, j=pWC->nTerm; j>0; j--, pTerm++){
+ Expr *pE, *pEAlt;
+ WhereTerm *pAlt;
+ if( pTerm->wtFlags & (TERM_VIRTUAL|TERM_CODED) ) continue;
+ if( (pTerm->eOperator & (WO_EQ|WO_IS))==0 ) continue;
+ if( (pTerm->eOperator & WO_EQUIV)==0 ) continue;
+ if( pTerm->leftCursor!=iCur ) continue;
+ if( pLevel->iLeftJoin ) continue;
+ pE = pTerm->pExpr;
+ assert( !ExprHasProperty(pE, EP_FromJoin) );
+ assert( (pTerm->prereqRight & pLevel->notReady)!=0 );
+ pAlt = sqlite3WhereFindTerm(pWC, iCur, pTerm->u.leftColumn, notReady,
+ WO_EQ|WO_IN|WO_IS, 0);
+ if( pAlt==0 ) continue;
+ if( pAlt->wtFlags & (TERM_CODED) ) continue;
+ testcase( pAlt->eOperator & WO_EQ );
+ testcase( pAlt->eOperator & WO_IS );
+ testcase( pAlt->eOperator & WO_IN );
+ VdbeModuleComment((v, "begin transitive constraint"));
+ pEAlt = sqlite3StackAllocRaw(db, sizeof(*pEAlt));
+ if( pEAlt ){
+ *pEAlt = *pAlt->pExpr;
+ pEAlt->pLeft = pE->pLeft;
+ sqlite3ExprIfFalse(pParse, pEAlt, addrCont, SQLITE_JUMPIFNULL);
+ sqlite3StackFree(db, pEAlt);
+ }
+ }
+
+ /* For a LEFT OUTER JOIN, generate code that will record the fact that
+ ** at least one row of the right table has matched the left table.
+ */
+ if( pLevel->iLeftJoin ){
+ pLevel->addrFirst = sqlite3VdbeCurrentAddr(v);
+ sqlite3VdbeAddOp2(v, OP_Integer, 1, pLevel->iLeftJoin);
+ VdbeComment((v, "record LEFT JOIN hit"));
+ sqlite3ExprCacheClear(pParse);
+ for(pTerm=pWC->a, j=0; j<pWC->nTerm; j++, pTerm++){
+ testcase( pTerm->wtFlags & TERM_VIRTUAL );
+ testcase( pTerm->wtFlags & TERM_CODED );
+ if( pTerm->wtFlags & (TERM_VIRTUAL|TERM_CODED) ) continue;
+ if( (pTerm->prereqAll & pLevel->notReady)!=0 ){
+ assert( pWInfo->untestedTerms );
+ continue;
+ }
+ assert( pTerm->pExpr );
+ sqlite3ExprIfFalse(pParse, pTerm->pExpr, addrCont, SQLITE_JUMPIFNULL);
+ pTerm->wtFlags |= TERM_CODED;
+ }
+ }
+
+ return pLevel->notReady;
+}
+
+/************** End of wherecode.c *******************************************/
+/************** Begin file whereexpr.c ***************************************/
+/*
+** 2015-06-08
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This module contains C code that generates VDBE code used to process
+** the WHERE clause of SQL statements.
+**
+** This file was originally part of where.c but was split out to improve
+** readability and editabiliity. This file contains utility routines for
+** analyzing Expr objects in the WHERE clause.
+*/
+/* #include "sqliteInt.h" */
+/* #include "whereInt.h" */
+
+/* Forward declarations */
+static void exprAnalyze(SrcList*, WhereClause*, int);
+
+/*
+** Deallocate all memory associated with a WhereOrInfo object.
+*/
+static void whereOrInfoDelete(sqlite3 *db, WhereOrInfo *p){
+ sqlite3WhereClauseClear(&p->wc);
+ sqlite3DbFree(db, p);
+}
+
+/*
+** Deallocate all memory associated with a WhereAndInfo object.
+*/
+static void whereAndInfoDelete(sqlite3 *db, WhereAndInfo *p){
+ sqlite3WhereClauseClear(&p->wc);
+ sqlite3DbFree(db, p);
+}
+
+/*
+** Add a single new WhereTerm entry to the WhereClause object pWC.
+** The new WhereTerm object is constructed from Expr p and with wtFlags.
+** The index in pWC->a[] of the new WhereTerm is returned on success.
+** 0 is returned if the new WhereTerm could not be added due to a memory
+** allocation error. The memory allocation failure will be recorded in
+** the db->mallocFailed flag so that higher-level functions can detect it.
+**
+** This routine will increase the size of the pWC->a[] array as necessary.
+**
+** If the wtFlags argument includes TERM_DYNAMIC, then responsibility
+** for freeing the expression p is assumed by the WhereClause object pWC.
+** This is true even if this routine fails to allocate a new WhereTerm.
+**
+** WARNING: This routine might reallocate the space used to store
+** WhereTerms. All pointers to WhereTerms should be invalidated after
+** calling this routine. Such pointers may be reinitialized by referencing
+** the pWC->a[] array.
+*/
+static int whereClauseInsert(WhereClause *pWC, Expr *p, u16 wtFlags){
+ WhereTerm *pTerm;
+ int idx;
+ testcase( wtFlags & TERM_VIRTUAL );
+ if( pWC->nTerm>=pWC->nSlot ){
+ WhereTerm *pOld = pWC->a;
+ sqlite3 *db = pWC->pWInfo->pParse->db;
+ pWC->a = sqlite3DbMallocRaw(db, sizeof(pWC->a[0])*pWC->nSlot*2 );
+ if( pWC->a==0 ){
+ if( wtFlags & TERM_DYNAMIC ){
+ sqlite3ExprDelete(db, p);
+ }
+ pWC->a = pOld;
+ return 0;
+ }
+ memcpy(pWC->a, pOld, sizeof(pWC->a[0])*pWC->nTerm);
+ if( pOld!=pWC->aStatic ){
+ sqlite3DbFree(db, pOld);
+ }
+ pWC->nSlot = sqlite3DbMallocSize(db, pWC->a)/sizeof(pWC->a[0]);
+ memset(&pWC->a[pWC->nTerm], 0, sizeof(pWC->a[0])*(pWC->nSlot-pWC->nTerm));
+ }
+ pTerm = &pWC->a[idx = pWC->nTerm++];
+ if( p && ExprHasProperty(p, EP_Unlikely) ){
+ pTerm->truthProb = sqlite3LogEst(p->iTable) - 270;
+ }else{
+ pTerm->truthProb = 1;
+ }
+ pTerm->pExpr = sqlite3ExprSkipCollate(p);
+ pTerm->wtFlags = wtFlags;
+ pTerm->pWC = pWC;
+ pTerm->iParent = -1;
+ return idx;
+}
+
+/*
+** Return TRUE if the given operator is one of the operators that is
+** allowed for an indexable WHERE clause term. The allowed operators are
+** "=", "<", ">", "<=", ">=", "IN", and "IS NULL"
+*/
+static int allowedOp(int op){
+ assert( TK_GT>TK_EQ && TK_GT<TK_GE );
+ assert( TK_LT>TK_EQ && TK_LT<TK_GE );
+ assert( TK_LE>TK_EQ && TK_LE<TK_GE );
+ assert( TK_GE==TK_EQ+4 );
+ return op==TK_IN || (op>=TK_EQ && op<=TK_GE) || op==TK_ISNULL || op==TK_IS;
+}
+
+/*
+** Commute a comparison operator. Expressions of the form "X op Y"
+** are converted into "Y op X".
+**
+** If left/right precedence rules come into play when determining the
+** collating sequence, then COLLATE operators are adjusted to ensure
+** that the collating sequence does not change. For example:
+** "Y collate NOCASE op X" becomes "X op Y" because any collation sequence on
+** the left hand side of a comparison overrides any collation sequence
+** attached to the right. For the same reason the EP_Collate flag
+** is not commuted.
+*/
+static void exprCommute(Parse *pParse, Expr *pExpr){
+ u16 expRight = (pExpr->pRight->flags & EP_Collate);
+ u16 expLeft = (pExpr->pLeft->flags & EP_Collate);
+ assert( allowedOp(pExpr->op) && pExpr->op!=TK_IN );
+ if( expRight==expLeft ){
+ /* Either X and Y both have COLLATE operator or neither do */
+ if( expRight ){
+ /* Both X and Y have COLLATE operators. Make sure X is always
+ ** used by clearing the EP_Collate flag from Y. */
+ pExpr->pRight->flags &= ~EP_Collate;
+ }else if( sqlite3ExprCollSeq(pParse, pExpr->pLeft)!=0 ){
+ /* Neither X nor Y have COLLATE operators, but X has a non-default
+ ** collating sequence. So add the EP_Collate marker on X to cause
+ ** it to be searched first. */
+ pExpr->pLeft->flags |= EP_Collate;
+ }
+ }
+ SWAP(Expr*,pExpr->pRight,pExpr->pLeft);
+ if( pExpr->op>=TK_GT ){
+ assert( TK_LT==TK_GT+2 );
+ assert( TK_GE==TK_LE+2 );
+ assert( TK_GT>TK_EQ );
+ assert( TK_GT<TK_LE );
+ assert( pExpr->op>=TK_GT && pExpr->op<=TK_GE );
+ pExpr->op = ((pExpr->op-TK_GT)^2)+TK_GT;
+ }
+}
+
+/*
+** Translate from TK_xx operator to WO_xx bitmask.
+*/
+static u16 operatorMask(int op){
+ u16 c;
+ assert( allowedOp(op) );
+ if( op==TK_IN ){
+ c = WO_IN;
+ }else if( op==TK_ISNULL ){
+ c = WO_ISNULL;
+ }else if( op==TK_IS ){
+ c = WO_IS;
+ }else{
+ assert( (WO_EQ<<(op-TK_EQ)) < 0x7fff );
+ c = (u16)(WO_EQ<<(op-TK_EQ));
+ }
+ assert( op!=TK_ISNULL || c==WO_ISNULL );
+ assert( op!=TK_IN || c==WO_IN );
+ assert( op!=TK_EQ || c==WO_EQ );
+ assert( op!=TK_LT || c==WO_LT );
+ assert( op!=TK_LE || c==WO_LE );
+ assert( op!=TK_GT || c==WO_GT );
+ assert( op!=TK_GE || c==WO_GE );
+ assert( op!=TK_IS || c==WO_IS );
+ return c;
+}
+
+
+#ifndef SQLITE_OMIT_LIKE_OPTIMIZATION
+/*
+** Check to see if the given expression is a LIKE or GLOB operator that
+** can be optimized using inequality constraints. Return TRUE if it is
+** so and false if not.
+**
+** In order for the operator to be optimizible, the RHS must be a string
+** literal that does not begin with a wildcard. The LHS must be a column
+** that may only be NULL, a string, or a BLOB, never a number. (This means
+** that virtual tables cannot participate in the LIKE optimization.) The
+** collating sequence for the column on the LHS must be appropriate for
+** the operator.
+*/
+static int isLikeOrGlob(
+ Parse *pParse, /* Parsing and code generating context */
+ Expr *pExpr, /* Test this expression */
+ Expr **ppPrefix, /* Pointer to TK_STRING expression with pattern prefix */
+ int *pisComplete, /* True if the only wildcard is % in the last character */
+ int *pnoCase /* True if uppercase is equivalent to lowercase */
+){
+ const char *z = 0; /* String on RHS of LIKE operator */
+ Expr *pRight, *pLeft; /* Right and left size of LIKE operator */
+ ExprList *pList; /* List of operands to the LIKE operator */
+ int c; /* One character in z[] */
+ int cnt; /* Number of non-wildcard prefix characters */
+ char wc[3]; /* Wildcard characters */
+ sqlite3 *db = pParse->db; /* Database connection */
+ sqlite3_value *pVal = 0;
+ int op; /* Opcode of pRight */
+
+ if( !sqlite3IsLikeFunction(db, pExpr, pnoCase, wc) ){
+ return 0;
+ }
+#ifdef SQLITE_EBCDIC
+ if( *pnoCase ) return 0;
+#endif
+ pList = pExpr->x.pList;
+ pLeft = pList->a[1].pExpr;
+ if( pLeft->op!=TK_COLUMN
+ || sqlite3ExprAffinity(pLeft)!=SQLITE_AFF_TEXT
+ || IsVirtual(pLeft->pTab) /* Value might be numeric */
+ ){
+ /* IMP: R-02065-49465 The left-hand side of the LIKE or GLOB operator must
+ ** be the name of an indexed column with TEXT affinity. */
+ return 0;
+ }
+ assert( pLeft->iColumn!=(-1) ); /* Because IPK never has AFF_TEXT */
+
+ pRight = sqlite3ExprSkipCollate(pList->a[0].pExpr);
+ op = pRight->op;
+ if( op==TK_VARIABLE ){
+ Vdbe *pReprepare = pParse->pReprepare;
+ int iCol = pRight->iColumn;
+ pVal = sqlite3VdbeGetBoundValue(pReprepare, iCol, SQLITE_AFF_BLOB);
+ if( pVal && sqlite3_value_type(pVal)==SQLITE_TEXT ){
+ z = (char *)sqlite3_value_text(pVal);
+ }
+ sqlite3VdbeSetVarmask(pParse->pVdbe, iCol);
+ assert( pRight->op==TK_VARIABLE || pRight->op==TK_REGISTER );
+ }else if( op==TK_STRING ){
+ z = pRight->u.zToken;
+ }
+ if( z ){
+ cnt = 0;
+ while( (c=z[cnt])!=0 && c!=wc[0] && c!=wc[1] && c!=wc[2] ){
+ cnt++;
+ }
+ if( cnt!=0 && 255!=(u8)z[cnt-1] ){
+ Expr *pPrefix;
+ *pisComplete = c==wc[0] && z[cnt+1]==0;
+ pPrefix = sqlite3Expr(db, TK_STRING, z);
+ if( pPrefix ) pPrefix->u.zToken[cnt] = 0;
+ *ppPrefix = pPrefix;
+ if( op==TK_VARIABLE ){
+ Vdbe *v = pParse->pVdbe;
+ sqlite3VdbeSetVarmask(v, pRight->iColumn);
+ if( *pisComplete && pRight->u.zToken[1] ){
+ /* If the rhs of the LIKE expression is a variable, and the current
+ ** value of the variable means there is no need to invoke the LIKE
+ ** function, then no OP_Variable will be added to the program.
+ ** This causes problems for the sqlite3_bind_parameter_name()
+ ** API. To work around them, add a dummy OP_Variable here.
+ */
+ int r1 = sqlite3GetTempReg(pParse);
+ sqlite3ExprCodeTarget(pParse, pRight, r1);
+ sqlite3VdbeChangeP3(v, sqlite3VdbeCurrentAddr(v)-1, 0);
+ sqlite3ReleaseTempReg(pParse, r1);
+ }
+ }
+ }else{
+ z = 0;
+ }
+ }
+
+ sqlite3ValueFree(pVal);
+ return (z!=0);
+}
+#endif /* SQLITE_OMIT_LIKE_OPTIMIZATION */
+
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Check to see if the given expression is of the form
+**
+** column OP expr
+**
+** where OP is one of MATCH, GLOB, LIKE or REGEXP and "column" is a
+** column of a virtual table.
+**
+** If it is then return TRUE. If not, return FALSE.
+*/
+static int isMatchOfColumn(
+ Expr *pExpr, /* Test this expression */
+ unsigned char *peOp2 /* OUT: 0 for MATCH, or else an op2 value */
+){
+ struct Op2 {
+ const char *zOp;
+ unsigned char eOp2;
+ } aOp[] = {
+ { "match", SQLITE_INDEX_CONSTRAINT_MATCH },
+ { "glob", SQLITE_INDEX_CONSTRAINT_GLOB },
+ { "like", SQLITE_INDEX_CONSTRAINT_LIKE },
+ { "regexp", SQLITE_INDEX_CONSTRAINT_REGEXP }
+ };
+ ExprList *pList;
+ Expr *pCol; /* Column reference */
+ int i;
+
+ if( pExpr->op!=TK_FUNCTION ){
+ return 0;
+ }
+ pList = pExpr->x.pList;
+ if( pList==0 || pList->nExpr!=2 ){
+ return 0;
+ }
+ pCol = pList->a[1].pExpr;
+ if( pCol->op!=TK_COLUMN || !IsVirtual(pCol->pTab) ){
+ return 0;
+ }
+ for(i=0; i<ArraySize(aOp); i++){
+ if( sqlite3StrICmp(pExpr->u.zToken, aOp[i].zOp)==0 ){
+ *peOp2 = aOp[i].eOp2;
+ return 1;
+ }
+ }
+ return 0;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/*
+** If the pBase expression originated in the ON or USING clause of
+** a join, then transfer the appropriate markings over to derived.
+*/
+static void transferJoinMarkings(Expr *pDerived, Expr *pBase){
+ if( pDerived ){
+ pDerived->flags |= pBase->flags & EP_FromJoin;
+ pDerived->iRightJoinTable = pBase->iRightJoinTable;
+ }
+}
+
+/*
+** Mark term iChild as being a child of term iParent
+*/
+static void markTermAsChild(WhereClause *pWC, int iChild, int iParent){
+ pWC->a[iChild].iParent = iParent;
+ pWC->a[iChild].truthProb = pWC->a[iParent].truthProb;
+ pWC->a[iParent].nChild++;
+}
+
+/*
+** Return the N-th AND-connected subterm of pTerm. Or if pTerm is not
+** a conjunction, then return just pTerm when N==0. If N is exceeds
+** the number of available subterms, return NULL.
+*/
+static WhereTerm *whereNthSubterm(WhereTerm *pTerm, int N){
+ if( pTerm->eOperator!=WO_AND ){
+ return N==0 ? pTerm : 0;
+ }
+ if( N<pTerm->u.pAndInfo->wc.nTerm ){
+ return &pTerm->u.pAndInfo->wc.a[N];
+ }
+ return 0;
+}
+
+/*
+** Subterms pOne and pTwo are contained within WHERE clause pWC. The
+** two subterms are in disjunction - they are OR-ed together.
+**
+** If these two terms are both of the form: "A op B" with the same
+** A and B values but different operators and if the operators are
+** compatible (if one is = and the other is <, for example) then
+** add a new virtual AND term to pWC that is the combination of the
+** two.
+**
+** Some examples:
+**
+** x<y OR x=y --> x<=y
+** x=y OR x=y --> x=y
+** x<=y OR x<y --> x<=y
+**
+** The following is NOT generated:
+**
+** x<y OR x>y --> x!=y
+*/
+static void whereCombineDisjuncts(
+ SrcList *pSrc, /* the FROM clause */
+ WhereClause *pWC, /* The complete WHERE clause */
+ WhereTerm *pOne, /* First disjunct */
+ WhereTerm *pTwo /* Second disjunct */
+){
+ u16 eOp = pOne->eOperator | pTwo->eOperator;
+ sqlite3 *db; /* Database connection (for malloc) */
+ Expr *pNew; /* New virtual expression */
+ int op; /* Operator for the combined expression */
+ int idxNew; /* Index in pWC of the next virtual term */
+
+ if( (pOne->eOperator & (WO_EQ|WO_LT|WO_LE|WO_GT|WO_GE))==0 ) return;
+ if( (pTwo->eOperator & (WO_EQ|WO_LT|WO_LE|WO_GT|WO_GE))==0 ) return;
+ if( (eOp & (WO_EQ|WO_LT|WO_LE))!=eOp
+ && (eOp & (WO_EQ|WO_GT|WO_GE))!=eOp ) return;
+ assert( pOne->pExpr->pLeft!=0 && pOne->pExpr->pRight!=0 );
+ assert( pTwo->pExpr->pLeft!=0 && pTwo->pExpr->pRight!=0 );
+ if( sqlite3ExprCompare(pOne->pExpr->pLeft, pTwo->pExpr->pLeft, -1) ) return;
+ if( sqlite3ExprCompare(pOne->pExpr->pRight, pTwo->pExpr->pRight, -1) )return;
+ /* If we reach this point, it means the two subterms can be combined */
+ if( (eOp & (eOp-1))!=0 ){
+ if( eOp & (WO_LT|WO_LE) ){
+ eOp = WO_LE;
+ }else{
+ assert( eOp & (WO_GT|WO_GE) );
+ eOp = WO_GE;
+ }
+ }
+ db = pWC->pWInfo->pParse->db;
+ pNew = sqlite3ExprDup(db, pOne->pExpr, 0);
+ if( pNew==0 ) return;
+ for(op=TK_EQ; eOp!=(WO_EQ<<(op-TK_EQ)); op++){ assert( op<TK_GE ); }
+ pNew->op = op;
+ idxNew = whereClauseInsert(pWC, pNew, TERM_VIRTUAL|TERM_DYNAMIC);
+ exprAnalyze(pSrc, pWC, idxNew);
+}
+
+#if !defined(SQLITE_OMIT_OR_OPTIMIZATION) && !defined(SQLITE_OMIT_SUBQUERY)
+/*
+** Analyze a term that consists of two or more OR-connected
+** subterms. So in:
+**
+** ... WHERE (a=5) AND (b=7 OR c=9 OR d=13) AND (d=13)
+** ^^^^^^^^^^^^^^^^^^^^
+**
+** This routine analyzes terms such as the middle term in the above example.
+** A WhereOrTerm object is computed and attached to the term under
+** analysis, regardless of the outcome of the analysis. Hence:
+**
+** WhereTerm.wtFlags |= TERM_ORINFO
+** WhereTerm.u.pOrInfo = a dynamically allocated WhereOrTerm object
+**
+** The term being analyzed must have two or more of OR-connected subterms.
+** A single subterm might be a set of AND-connected sub-subterms.
+** Examples of terms under analysis:
+**
+** (A) t1.x=t2.y OR t1.x=t2.z OR t1.y=15 OR t1.z=t3.a+5
+** (B) x=expr1 OR expr2=x OR x=expr3
+** (C) t1.x=t2.y OR (t1.x=t2.z AND t1.y=15)
+** (D) x=expr1 OR (y>11 AND y<22 AND z LIKE '*hello*')
+** (E) (p.a=1 AND q.b=2 AND r.c=3) OR (p.x=4 AND q.y=5 AND r.z=6)
+** (F) x>A OR (x=A AND y>=B)
+**
+** CASE 1:
+**
+** If all subterms are of the form T.C=expr for some single column of C and
+** a single table T (as shown in example B above) then create a new virtual
+** term that is an equivalent IN expression. In other words, if the term
+** being analyzed is:
+**
+** x = expr1 OR expr2 = x OR x = expr3
+**
+** then create a new virtual term like this:
+**
+** x IN (expr1,expr2,expr3)
+**
+** CASE 2:
+**
+** If there are exactly two disjuncts and one side has x>A and the other side
+** has x=A (for the same x and A) then add a new virtual conjunct term to the
+** WHERE clause of the form "x>=A". Example:
+**
+** x>A OR (x=A AND y>B) adds: x>=A
+**
+** The added conjunct can sometimes be helpful in query planning.
+**
+** CASE 3:
+**
+** If all subterms are indexable by a single table T, then set
+**
+** WhereTerm.eOperator = WO_OR
+** WhereTerm.u.pOrInfo->indexable |= the cursor number for table T
+**
+** A subterm is "indexable" if it is of the form
+** "T.C <op> <expr>" where C is any column of table T and
+** <op> is one of "=", "<", "<=", ">", ">=", "IS NULL", or "IN".
+** A subterm is also indexable if it is an AND of two or more
+** subsubterms at least one of which is indexable. Indexable AND
+** subterms have their eOperator set to WO_AND and they have
+** u.pAndInfo set to a dynamically allocated WhereAndTerm object.
+**
+** From another point of view, "indexable" means that the subterm could
+** potentially be used with an index if an appropriate index exists.
+** This analysis does not consider whether or not the index exists; that
+** is decided elsewhere. This analysis only looks at whether subterms
+** appropriate for indexing exist.
+**
+** All examples A through E above satisfy case 3. But if a term
+** also satisfies case 1 (such as B) we know that the optimizer will
+** always prefer case 1, so in that case we pretend that case 3 is not
+** satisfied.
+**
+** It might be the case that multiple tables are indexable. For example,
+** (E) above is indexable on tables P, Q, and R.
+**
+** Terms that satisfy case 3 are candidates for lookup by using
+** separate indices to find rowids for each subterm and composing
+** the union of all rowids using a RowSet object. This is similar
+** to "bitmap indices" in other database engines.
+**
+** OTHERWISE:
+**
+** If none of cases 1, 2, or 3 apply, then leave the eOperator set to
+** zero. This term is not useful for search.
+*/
+static void exprAnalyzeOrTerm(
+ SrcList *pSrc, /* the FROM clause */
+ WhereClause *pWC, /* the complete WHERE clause */
+ int idxTerm /* Index of the OR-term to be analyzed */
+){
+ WhereInfo *pWInfo = pWC->pWInfo; /* WHERE clause processing context */
+ Parse *pParse = pWInfo->pParse; /* Parser context */
+ sqlite3 *db = pParse->db; /* Database connection */
+ WhereTerm *pTerm = &pWC->a[idxTerm]; /* The term to be analyzed */
+ Expr *pExpr = pTerm->pExpr; /* The expression of the term */
+ int i; /* Loop counters */
+ WhereClause *pOrWc; /* Breakup of pTerm into subterms */
+ WhereTerm *pOrTerm; /* A Sub-term within the pOrWc */
+ WhereOrInfo *pOrInfo; /* Additional information associated with pTerm */
+ Bitmask chngToIN; /* Tables that might satisfy case 1 */
+ Bitmask indexable; /* Tables that are indexable, satisfying case 2 */
+
+ /*
+ ** Break the OR clause into its separate subterms. The subterms are
+ ** stored in a WhereClause structure containing within the WhereOrInfo
+ ** object that is attached to the original OR clause term.
+ */
+ assert( (pTerm->wtFlags & (TERM_DYNAMIC|TERM_ORINFO|TERM_ANDINFO))==0 );
+ assert( pExpr->op==TK_OR );
+ pTerm->u.pOrInfo = pOrInfo = sqlite3DbMallocZero(db, sizeof(*pOrInfo));
+ if( pOrInfo==0 ) return;
+ pTerm->wtFlags |= TERM_ORINFO;
+ pOrWc = &pOrInfo->wc;
+ sqlite3WhereClauseInit(pOrWc, pWInfo);
+ sqlite3WhereSplit(pOrWc, pExpr, TK_OR);
+ sqlite3WhereExprAnalyze(pSrc, pOrWc);
+ if( db->mallocFailed ) return;
+ assert( pOrWc->nTerm>=2 );
+
+ /*
+ ** Compute the set of tables that might satisfy cases 1 or 3.
+ */
+ indexable = ~(Bitmask)0;
+ chngToIN = ~(Bitmask)0;
+ for(i=pOrWc->nTerm-1, pOrTerm=pOrWc->a; i>=0 && indexable; i--, pOrTerm++){
+ if( (pOrTerm->eOperator & WO_SINGLE)==0 ){
+ WhereAndInfo *pAndInfo;
+ assert( (pOrTerm->wtFlags & (TERM_ANDINFO|TERM_ORINFO))==0 );
+ chngToIN = 0;
+ pAndInfo = sqlite3DbMallocRaw(db, sizeof(*pAndInfo));
+ if( pAndInfo ){
+ WhereClause *pAndWC;
+ WhereTerm *pAndTerm;
+ int j;
+ Bitmask b = 0;
+ pOrTerm->u.pAndInfo = pAndInfo;
+ pOrTerm->wtFlags |= TERM_ANDINFO;
+ pOrTerm->eOperator = WO_AND;
+ pAndWC = &pAndInfo->wc;
+ sqlite3WhereClauseInit(pAndWC, pWC->pWInfo);
+ sqlite3WhereSplit(pAndWC, pOrTerm->pExpr, TK_AND);
+ sqlite3WhereExprAnalyze(pSrc, pAndWC);
+ pAndWC->pOuter = pWC;
+ testcase( db->mallocFailed );
+ if( !db->mallocFailed ){
+ for(j=0, pAndTerm=pAndWC->a; j<pAndWC->nTerm; j++, pAndTerm++){
+ assert( pAndTerm->pExpr );
+ if( allowedOp(pAndTerm->pExpr->op) ){
+ b |= sqlite3WhereGetMask(&pWInfo->sMaskSet, pAndTerm->leftCursor);
+ }
+ }
+ }
+ indexable &= b;
+ }
+ }else if( pOrTerm->wtFlags & TERM_COPIED ){
+ /* Skip this term for now. We revisit it when we process the
+ ** corresponding TERM_VIRTUAL term */
+ }else{
+ Bitmask b;
+ b = sqlite3WhereGetMask(&pWInfo->sMaskSet, pOrTerm->leftCursor);
+ if( pOrTerm->wtFlags & TERM_VIRTUAL ){
+ WhereTerm *pOther = &pOrWc->a[pOrTerm->iParent];
+ b |= sqlite3WhereGetMask(&pWInfo->sMaskSet, pOther->leftCursor);
+ }
+ indexable &= b;
+ if( (pOrTerm->eOperator & WO_EQ)==0 ){
+ chngToIN = 0;
+ }else{
+ chngToIN &= b;
+ }
+ }
+ }
+
+ /*
+ ** Record the set of tables that satisfy case 3. The set might be
+ ** empty.
+ */
+ pOrInfo->indexable = indexable;
+ pTerm->eOperator = indexable==0 ? 0 : WO_OR;
+
+ /* For a two-way OR, attempt to implementation case 2.
+ */
+ if( indexable && pOrWc->nTerm==2 ){
+ int iOne = 0;
+ WhereTerm *pOne;
+ while( (pOne = whereNthSubterm(&pOrWc->a[0],iOne++))!=0 ){
+ int iTwo = 0;
+ WhereTerm *pTwo;
+ while( (pTwo = whereNthSubterm(&pOrWc->a[1],iTwo++))!=0 ){
+ whereCombineDisjuncts(pSrc, pWC, pOne, pTwo);
+ }
+ }
+ }
+
+ /*
+ ** chngToIN holds a set of tables that *might* satisfy case 1. But
+ ** we have to do some additional checking to see if case 1 really
+ ** is satisfied.
+ **
+ ** chngToIN will hold either 0, 1, or 2 bits. The 0-bit case means
+ ** that there is no possibility of transforming the OR clause into an
+ ** IN operator because one or more terms in the OR clause contain
+ ** something other than == on a column in the single table. The 1-bit
+ ** case means that every term of the OR clause is of the form
+ ** "table.column=expr" for some single table. The one bit that is set
+ ** will correspond to the common table. We still need to check to make
+ ** sure the same column is used on all terms. The 2-bit case is when
+ ** the all terms are of the form "table1.column=table2.column". It
+ ** might be possible to form an IN operator with either table1.column
+ ** or table2.column as the LHS if either is common to every term of
+ ** the OR clause.
+ **
+ ** Note that terms of the form "table.column1=table.column2" (the
+ ** same table on both sizes of the ==) cannot be optimized.
+ */
+ if( chngToIN ){
+ int okToChngToIN = 0; /* True if the conversion to IN is valid */
+ int iColumn = -1; /* Column index on lhs of IN operator */
+ int iCursor = -1; /* Table cursor common to all terms */
+ int j = 0; /* Loop counter */
+
+ /* Search for a table and column that appears on one side or the
+ ** other of the == operator in every subterm. That table and column
+ ** will be recorded in iCursor and iColumn. There might not be any
+ ** such table and column. Set okToChngToIN if an appropriate table
+ ** and column is found but leave okToChngToIN false if not found.
+ */
+ for(j=0; j<2 && !okToChngToIN; j++){
+ pOrTerm = pOrWc->a;
+ for(i=pOrWc->nTerm-1; i>=0; i--, pOrTerm++){
+ assert( pOrTerm->eOperator & WO_EQ );
+ pOrTerm->wtFlags &= ~TERM_OR_OK;
+ if( pOrTerm->leftCursor==iCursor ){
+ /* This is the 2-bit case and we are on the second iteration and
+ ** current term is from the first iteration. So skip this term. */
+ assert( j==1 );
+ continue;
+ }
+ if( (chngToIN & sqlite3WhereGetMask(&pWInfo->sMaskSet,
+ pOrTerm->leftCursor))==0 ){
+ /* This term must be of the form t1.a==t2.b where t2 is in the
+ ** chngToIN set but t1 is not. This term will be either preceded
+ ** or follwed by an inverted copy (t2.b==t1.a). Skip this term
+ ** and use its inversion. */
+ testcase( pOrTerm->wtFlags & TERM_COPIED );
+ testcase( pOrTerm->wtFlags & TERM_VIRTUAL );
+ assert( pOrTerm->wtFlags & (TERM_COPIED|TERM_VIRTUAL) );
+ continue;
+ }
+ iColumn = pOrTerm->u.leftColumn;
+ iCursor = pOrTerm->leftCursor;
+ break;
+ }
+ if( i<0 ){
+ /* No candidate table+column was found. This can only occur
+ ** on the second iteration */
+ assert( j==1 );
+ assert( IsPowerOfTwo(chngToIN) );
+ assert( chngToIN==sqlite3WhereGetMask(&pWInfo->sMaskSet, iCursor) );
+ break;
+ }
+ testcase( j==1 );
+
+ /* We have found a candidate table and column. Check to see if that
+ ** table and column is common to every term in the OR clause */
+ okToChngToIN = 1;
+ for(; i>=0 && okToChngToIN; i--, pOrTerm++){
+ assert( pOrTerm->eOperator & WO_EQ );
+ if( pOrTerm->leftCursor!=iCursor ){
+ pOrTerm->wtFlags &= ~TERM_OR_OK;
+ }else if( pOrTerm->u.leftColumn!=iColumn ){
+ okToChngToIN = 0;
+ }else{
+ int affLeft, affRight;
+ /* If the right-hand side is also a column, then the affinities
+ ** of both right and left sides must be such that no type
+ ** conversions are required on the right. (Ticket #2249)
+ */
+ affRight = sqlite3ExprAffinity(pOrTerm->pExpr->pRight);
+ affLeft = sqlite3ExprAffinity(pOrTerm->pExpr->pLeft);
+ if( affRight!=0 && affRight!=affLeft ){
+ okToChngToIN = 0;
+ }else{
+ pOrTerm->wtFlags |= TERM_OR_OK;
+ }
+ }
+ }
+ }
+
+ /* At this point, okToChngToIN is true if original pTerm satisfies
+ ** case 1. In that case, construct a new virtual term that is
+ ** pTerm converted into an IN operator.
+ */
+ if( okToChngToIN ){
+ Expr *pDup; /* A transient duplicate expression */
+ ExprList *pList = 0; /* The RHS of the IN operator */
+ Expr *pLeft = 0; /* The LHS of the IN operator */
+ Expr *pNew; /* The complete IN operator */
+
+ for(i=pOrWc->nTerm-1, pOrTerm=pOrWc->a; i>=0; i--, pOrTerm++){
+ if( (pOrTerm->wtFlags & TERM_OR_OK)==0 ) continue;
+ assert( pOrTerm->eOperator & WO_EQ );
+ assert( pOrTerm->leftCursor==iCursor );
+ assert( pOrTerm->u.leftColumn==iColumn );
+ pDup = sqlite3ExprDup(db, pOrTerm->pExpr->pRight, 0);
+ pList = sqlite3ExprListAppend(pWInfo->pParse, pList, pDup);
+ pLeft = pOrTerm->pExpr->pLeft;
+ }
+ assert( pLeft!=0 );
+ pDup = sqlite3ExprDup(db, pLeft, 0);
+ pNew = sqlite3PExpr(pParse, TK_IN, pDup, 0, 0);
+ if( pNew ){
+ int idxNew;
+ transferJoinMarkings(pNew, pExpr);
+ assert( !ExprHasProperty(pNew, EP_xIsSelect) );
+ pNew->x.pList = pList;
+ idxNew = whereClauseInsert(pWC, pNew, TERM_VIRTUAL|TERM_DYNAMIC);
+ testcase( idxNew==0 );
+ exprAnalyze(pSrc, pWC, idxNew);
+ pTerm = &pWC->a[idxTerm];
+ markTermAsChild(pWC, idxNew, idxTerm);
+ }else{
+ sqlite3ExprListDelete(db, pList);
+ }
+ pTerm->eOperator = WO_NOOP; /* case 1 trumps case 3 */
+ }
+ }
+}
+#endif /* !SQLITE_OMIT_OR_OPTIMIZATION && !SQLITE_OMIT_SUBQUERY */
+
+/*
+** We already know that pExpr is a binary operator where both operands are
+** column references. This routine checks to see if pExpr is an equivalence
+** relation:
+** 1. The SQLITE_Transitive optimization must be enabled
+** 2. Must be either an == or an IS operator
+** 3. Not originating in the ON clause of an OUTER JOIN
+** 4. The affinities of A and B must be compatible
+** 5a. Both operands use the same collating sequence OR
+** 5b. The overall collating sequence is BINARY
+** If this routine returns TRUE, that means that the RHS can be substituted
+** for the LHS anyplace else in the WHERE clause where the LHS column occurs.
+** This is an optimization. No harm comes from returning 0. But if 1 is
+** returned when it should not be, then incorrect answers might result.
+*/
+static int termIsEquivalence(Parse *pParse, Expr *pExpr){
+ char aff1, aff2;
+ CollSeq *pColl;
+ const char *zColl1, *zColl2;
+ if( !OptimizationEnabled(pParse->db, SQLITE_Transitive) ) return 0;
+ if( pExpr->op!=TK_EQ && pExpr->op!=TK_IS ) return 0;
+ if( ExprHasProperty(pExpr, EP_FromJoin) ) return 0;
+ aff1 = sqlite3ExprAffinity(pExpr->pLeft);
+ aff2 = sqlite3ExprAffinity(pExpr->pRight);
+ if( aff1!=aff2
+ && (!sqlite3IsNumericAffinity(aff1) || !sqlite3IsNumericAffinity(aff2))
+ ){
+ return 0;
+ }
+ pColl = sqlite3BinaryCompareCollSeq(pParse, pExpr->pLeft, pExpr->pRight);
+ if( pColl==0 || sqlite3StrICmp(pColl->zName, "BINARY")==0 ) return 1;
+ pColl = sqlite3ExprCollSeq(pParse, pExpr->pLeft);
+ /* Since pLeft and pRight are both a column references, their collating
+ ** sequence should always be defined. */
+ zColl1 = ALWAYS(pColl) ? pColl->zName : 0;
+ pColl = sqlite3ExprCollSeq(pParse, pExpr->pRight);
+ zColl2 = ALWAYS(pColl) ? pColl->zName : 0;
+ return sqlite3StrICmp(zColl1, zColl2)==0;
+}
+
+/*
+** Recursively walk the expressions of a SELECT statement and generate
+** a bitmask indicating which tables are used in that expression
+** tree.
+*/
+static Bitmask exprSelectUsage(WhereMaskSet *pMaskSet, Select *pS){
+ Bitmask mask = 0;
+ while( pS ){
+ SrcList *pSrc = pS->pSrc;
+ mask |= sqlite3WhereExprListUsage(pMaskSet, pS->pEList);
+ mask |= sqlite3WhereExprListUsage(pMaskSet, pS->pGroupBy);
+ mask |= sqlite3WhereExprListUsage(pMaskSet, pS->pOrderBy);
+ mask |= sqlite3WhereExprUsage(pMaskSet, pS->pWhere);
+ mask |= sqlite3WhereExprUsage(pMaskSet, pS->pHaving);
+ if( ALWAYS(pSrc!=0) ){
+ int i;
+ for(i=0; i<pSrc->nSrc; i++){
+ mask |= exprSelectUsage(pMaskSet, pSrc->a[i].pSelect);
+ mask |= sqlite3WhereExprUsage(pMaskSet, pSrc->a[i].pOn);
+ }
+ }
+ pS = pS->pPrior;
+ }
+ return mask;
+}
+
+/*
+** Expression pExpr is one operand of a comparison operator that might
+** be useful for indexing. This routine checks to see if pExpr appears
+** in any index. Return TRUE (1) if pExpr is an indexed term and return
+** FALSE (0) if not. If TRUE is returned, also set *piCur to the cursor
+** number of the table that is indexed and *piColumn to the column number
+** of the column that is indexed, or -2 if an expression is being indexed.
+**
+** If pExpr is a TK_COLUMN column reference, then this routine always returns
+** true even if that particular column is not indexed, because the column
+** might be added to an automatic index later.
+*/
+static int exprMightBeIndexed(
+ SrcList *pFrom, /* The FROM clause */
+ Bitmask mPrereq, /* Bitmask of FROM clause terms referenced by pExpr */
+ Expr *pExpr, /* An operand of a comparison operator */
+ int *piCur, /* Write the referenced table cursor number here */
+ int *piColumn /* Write the referenced table column number here */
+){
+ Index *pIdx;
+ int i;
+ int iCur;
+ if( pExpr->op==TK_COLUMN ){
+ *piCur = pExpr->iTable;
+ *piColumn = pExpr->iColumn;
+ return 1;
+ }
+ if( mPrereq==0 ) return 0; /* No table references */
+ if( (mPrereq&(mPrereq-1))!=0 ) return 0; /* Refs more than one table */
+ for(i=0; mPrereq>1; i++, mPrereq>>=1){}
+ iCur = pFrom->a[i].iCursor;
+ for(pIdx=pFrom->a[i].pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ if( pIdx->aColExpr==0 ) continue;
+ for(i=0; i<pIdx->nKeyCol; i++){
+ if( pIdx->aiColumn[i]!=(-2) ) continue;
+ if( sqlite3ExprCompare(pExpr, pIdx->aColExpr->a[i].pExpr, iCur)==0 ){
+ *piCur = iCur;
+ *piColumn = -2;
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+/*
+** The input to this routine is an WhereTerm structure with only the
+** "pExpr" field filled in. The job of this routine is to analyze the
+** subexpression and populate all the other fields of the WhereTerm
+** structure.
+**
+** If the expression is of the form "<expr> <op> X" it gets commuted
+** to the standard form of "X <op> <expr>".
+**
+** If the expression is of the form "X <op> Y" where both X and Y are
+** columns, then the original expression is unchanged and a new virtual
+** term of the form "Y <op> X" is added to the WHERE clause and
+** analyzed separately. The original term is marked with TERM_COPIED
+** and the new term is marked with TERM_DYNAMIC (because it's pExpr
+** needs to be freed with the WhereClause) and TERM_VIRTUAL (because it
+** is a commuted copy of a prior term.) The original term has nChild=1
+** and the copy has idxParent set to the index of the original term.
+*/
+static void exprAnalyze(
+ SrcList *pSrc, /* the FROM clause */
+ WhereClause *pWC, /* the WHERE clause */
+ int idxTerm /* Index of the term to be analyzed */
+){
+ WhereInfo *pWInfo = pWC->pWInfo; /* WHERE clause processing context */
+ WhereTerm *pTerm; /* The term to be analyzed */
+ WhereMaskSet *pMaskSet; /* Set of table index masks */
+ Expr *pExpr; /* The expression to be analyzed */
+ Bitmask prereqLeft; /* Prerequesites of the pExpr->pLeft */
+ Bitmask prereqAll; /* Prerequesites of pExpr */
+ Bitmask extraRight = 0; /* Extra dependencies on LEFT JOIN */
+ Expr *pStr1 = 0; /* RHS of LIKE/GLOB operator */
+ int isComplete = 0; /* RHS of LIKE/GLOB ends with wildcard */
+ int noCase = 0; /* uppercase equivalent to lowercase */
+ int op; /* Top-level operator. pExpr->op */
+ Parse *pParse = pWInfo->pParse; /* Parsing context */
+ sqlite3 *db = pParse->db; /* Database connection */
+ unsigned char eOp2; /* op2 value for LIKE/REGEXP/GLOB */
+
+ if( db->mallocFailed ){
+ return;
+ }
+ pTerm = &pWC->a[idxTerm];
+ pMaskSet = &pWInfo->sMaskSet;
+ pExpr = pTerm->pExpr;
+ assert( pExpr->op!=TK_AS && pExpr->op!=TK_COLLATE );
+ prereqLeft = sqlite3WhereExprUsage(pMaskSet, pExpr->pLeft);
+ op = pExpr->op;
+ if( op==TK_IN ){
+ assert( pExpr->pRight==0 );
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ pTerm->prereqRight = exprSelectUsage(pMaskSet, pExpr->x.pSelect);
+ }else{
+ pTerm->prereqRight = sqlite3WhereExprListUsage(pMaskSet, pExpr->x.pList);
+ }
+ }else if( op==TK_ISNULL ){
+ pTerm->prereqRight = 0;
+ }else{
+ pTerm->prereqRight = sqlite3WhereExprUsage(pMaskSet, pExpr->pRight);
+ }
+ prereqAll = sqlite3WhereExprUsage(pMaskSet, pExpr);
+ if( ExprHasProperty(pExpr, EP_FromJoin) ){
+ Bitmask x = sqlite3WhereGetMask(pMaskSet, pExpr->iRightJoinTable);
+ prereqAll |= x;
+ extraRight = x-1; /* ON clause terms may not be used with an index
+ ** on left table of a LEFT JOIN. Ticket #3015 */
+ }
+ pTerm->prereqAll = prereqAll;
+ pTerm->leftCursor = -1;
+ pTerm->iParent = -1;
+ pTerm->eOperator = 0;
+ if( allowedOp(op) ){
+ int iCur, iColumn;
+ Expr *pLeft = sqlite3ExprSkipCollate(pExpr->pLeft);
+ Expr *pRight = sqlite3ExprSkipCollate(pExpr->pRight);
+ u16 opMask = (pTerm->prereqRight & prereqLeft)==0 ? WO_ALL : WO_EQUIV;
+ if( exprMightBeIndexed(pSrc, prereqLeft, pLeft, &iCur, &iColumn) ){
+ pTerm->leftCursor = iCur;
+ pTerm->u.leftColumn = iColumn;
+ pTerm->eOperator = operatorMask(op) & opMask;
+ }
+ if( op==TK_IS ) pTerm->wtFlags |= TERM_IS;
+ if( pRight
+ && exprMightBeIndexed(pSrc, pTerm->prereqRight, pRight, &iCur, &iColumn)
+ ){
+ WhereTerm *pNew;
+ Expr *pDup;
+ u16 eExtraOp = 0; /* Extra bits for pNew->eOperator */
+ if( pTerm->leftCursor>=0 ){
+ int idxNew;
+ pDup = sqlite3ExprDup(db, pExpr, 0);
+ if( db->mallocFailed ){
+ sqlite3ExprDelete(db, pDup);
+ return;
+ }
+ idxNew = whereClauseInsert(pWC, pDup, TERM_VIRTUAL|TERM_DYNAMIC);
+ if( idxNew==0 ) return;
+ pNew = &pWC->a[idxNew];
+ markTermAsChild(pWC, idxNew, idxTerm);
+ if( op==TK_IS ) pNew->wtFlags |= TERM_IS;
+ pTerm = &pWC->a[idxTerm];
+ pTerm->wtFlags |= TERM_COPIED;
+
+ if( termIsEquivalence(pParse, pDup) ){
+ pTerm->eOperator |= WO_EQUIV;
+ eExtraOp = WO_EQUIV;
+ }
+ }else{
+ pDup = pExpr;
+ pNew = pTerm;
+ }
+ exprCommute(pParse, pDup);
+ pNew->leftCursor = iCur;
+ pNew->u.leftColumn = iColumn;
+ testcase( (prereqLeft | extraRight) != prereqLeft );
+ pNew->prereqRight = prereqLeft | extraRight;
+ pNew->prereqAll = prereqAll;
+ pNew->eOperator = (operatorMask(pDup->op) + eExtraOp) & opMask;
+ }
+ }
+
+#ifndef SQLITE_OMIT_BETWEEN_OPTIMIZATION
+ /* If a term is the BETWEEN operator, create two new virtual terms
+ ** that define the range that the BETWEEN implements. For example:
+ **
+ ** a BETWEEN b AND c
+ **
+ ** is converted into:
+ **
+ ** (a BETWEEN b AND c) AND (a>=b) AND (a<=c)
+ **
+ ** The two new terms are added onto the end of the WhereClause object.
+ ** The new terms are "dynamic" and are children of the original BETWEEN
+ ** term. That means that if the BETWEEN term is coded, the children are
+ ** skipped. Or, if the children are satisfied by an index, the original
+ ** BETWEEN term is skipped.
+ */
+ else if( pExpr->op==TK_BETWEEN && pWC->op==TK_AND ){
+ ExprList *pList = pExpr->x.pList;
+ int i;
+ static const u8 ops[] = {TK_GE, TK_LE};
+ assert( pList!=0 );
+ assert( pList->nExpr==2 );
+ for(i=0; i<2; i++){
+ Expr *pNewExpr;
+ int idxNew;
+ pNewExpr = sqlite3PExpr(pParse, ops[i],
+ sqlite3ExprDup(db, pExpr->pLeft, 0),
+ sqlite3ExprDup(db, pList->a[i].pExpr, 0), 0);
+ transferJoinMarkings(pNewExpr, pExpr);
+ idxNew = whereClauseInsert(pWC, pNewExpr, TERM_VIRTUAL|TERM_DYNAMIC);
+ testcase( idxNew==0 );
+ exprAnalyze(pSrc, pWC, idxNew);
+ pTerm = &pWC->a[idxTerm];
+ markTermAsChild(pWC, idxNew, idxTerm);
+ }
+ }
+#endif /* SQLITE_OMIT_BETWEEN_OPTIMIZATION */
+
+#if !defined(SQLITE_OMIT_OR_OPTIMIZATION) && !defined(SQLITE_OMIT_SUBQUERY)
+ /* Analyze a term that is composed of two or more subterms connected by
+ ** an OR operator.
+ */
+ else if( pExpr->op==TK_OR ){
+ assert( pWC->op==TK_AND );
+ exprAnalyzeOrTerm(pSrc, pWC, idxTerm);
+ pTerm = &pWC->a[idxTerm];
+ }
+#endif /* SQLITE_OMIT_OR_OPTIMIZATION */
+
+#ifndef SQLITE_OMIT_LIKE_OPTIMIZATION
+ /* Add constraints to reduce the search space on a LIKE or GLOB
+ ** operator.
+ **
+ ** A like pattern of the form "x LIKE 'aBc%'" is changed into constraints
+ **
+ ** x>='ABC' AND x<'abd' AND x LIKE 'aBc%'
+ **
+ ** The last character of the prefix "abc" is incremented to form the
+ ** termination condition "abd". If case is not significant (the default
+ ** for LIKE) then the lower-bound is made all uppercase and the upper-
+ ** bound is made all lowercase so that the bounds also work when comparing
+ ** BLOBs.
+ */
+ if( pWC->op==TK_AND
+ && isLikeOrGlob(pParse, pExpr, &pStr1, &isComplete, &noCase)
+ ){
+ Expr *pLeft; /* LHS of LIKE/GLOB operator */
+ Expr *pStr2; /* Copy of pStr1 - RHS of LIKE/GLOB operator */
+ Expr *pNewExpr1;
+ Expr *pNewExpr2;
+ int idxNew1;
+ int idxNew2;
+ const char *zCollSeqName; /* Name of collating sequence */
+ const u16 wtFlags = TERM_LIKEOPT | TERM_VIRTUAL | TERM_DYNAMIC;
+
+ pLeft = pExpr->x.pList->a[1].pExpr;
+ pStr2 = sqlite3ExprDup(db, pStr1, 0);
+
+ /* Convert the lower bound to upper-case and the upper bound to
+ ** lower-case (upper-case is less than lower-case in ASCII) so that
+ ** the range constraints also work for BLOBs
+ */
+ if( noCase && !pParse->db->mallocFailed ){
+ int i;
+ char c;
+ pTerm->wtFlags |= TERM_LIKE;
+ for(i=0; (c = pStr1->u.zToken[i])!=0; i++){
+ pStr1->u.zToken[i] = sqlite3Toupper(c);
+ pStr2->u.zToken[i] = sqlite3Tolower(c);
+ }
+ }
+
+ if( !db->mallocFailed ){
+ u8 c, *pC; /* Last character before the first wildcard */
+ pC = (u8*)&pStr2->u.zToken[sqlite3Strlen30(pStr2->u.zToken)-1];
+ c = *pC;
+ if( noCase ){
+ /* The point is to increment the last character before the first
+ ** wildcard. But if we increment '@', that will push it into the
+ ** alphabetic range where case conversions will mess up the
+ ** inequality. To avoid this, make sure to also run the full
+ ** LIKE on all candidate expressions by clearing the isComplete flag
+ */
+ if( c=='A'-1 ) isComplete = 0;
+ c = sqlite3UpperToLower[c];
+ }
+ *pC = c + 1;
+ }
+ zCollSeqName = noCase ? "NOCASE" : "BINARY";
+ pNewExpr1 = sqlite3ExprDup(db, pLeft, 0);
+ pNewExpr1 = sqlite3PExpr(pParse, TK_GE,
+ sqlite3ExprAddCollateString(pParse,pNewExpr1,zCollSeqName),
+ pStr1, 0);
+ transferJoinMarkings(pNewExpr1, pExpr);
+ idxNew1 = whereClauseInsert(pWC, pNewExpr1, wtFlags);
+ testcase( idxNew1==0 );
+ exprAnalyze(pSrc, pWC, idxNew1);
+ pNewExpr2 = sqlite3ExprDup(db, pLeft, 0);
+ pNewExpr2 = sqlite3PExpr(pParse, TK_LT,
+ sqlite3ExprAddCollateString(pParse,pNewExpr2,zCollSeqName),
+ pStr2, 0);
+ transferJoinMarkings(pNewExpr2, pExpr);
+ idxNew2 = whereClauseInsert(pWC, pNewExpr2, wtFlags);
+ testcase( idxNew2==0 );
+ exprAnalyze(pSrc, pWC, idxNew2);
+ pTerm = &pWC->a[idxTerm];
+ if( isComplete ){
+ markTermAsChild(pWC, idxNew1, idxTerm);
+ markTermAsChild(pWC, idxNew2, idxTerm);
+ }
+ }
+#endif /* SQLITE_OMIT_LIKE_OPTIMIZATION */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ /* Add a WO_MATCH auxiliary term to the constraint set if the
+ ** current expression is of the form: column MATCH expr.
+ ** This information is used by the xBestIndex methods of
+ ** virtual tables. The native query optimizer does not attempt
+ ** to do anything with MATCH functions.
+ */
+ if( isMatchOfColumn(pExpr, &eOp2) ){
+ int idxNew;
+ Expr *pRight, *pLeft;
+ WhereTerm *pNewTerm;
+ Bitmask prereqColumn, prereqExpr;
+
+ pRight = pExpr->x.pList->a[0].pExpr;
+ pLeft = pExpr->x.pList->a[1].pExpr;
+ prereqExpr = sqlite3WhereExprUsage(pMaskSet, pRight);
+ prereqColumn = sqlite3WhereExprUsage(pMaskSet, pLeft);
+ if( (prereqExpr & prereqColumn)==0 ){
+ Expr *pNewExpr;
+ pNewExpr = sqlite3PExpr(pParse, TK_MATCH,
+ 0, sqlite3ExprDup(db, pRight, 0), 0);
+ idxNew = whereClauseInsert(pWC, pNewExpr, TERM_VIRTUAL|TERM_DYNAMIC);
+ testcase( idxNew==0 );
+ pNewTerm = &pWC->a[idxNew];
+ pNewTerm->prereqRight = prereqExpr;
+ pNewTerm->leftCursor = pLeft->iTable;
+ pNewTerm->u.leftColumn = pLeft->iColumn;
+ pNewTerm->eOperator = WO_MATCH;
+ pNewTerm->eMatchOp = eOp2;
+ markTermAsChild(pWC, idxNew, idxTerm);
+ pTerm = &pWC->a[idxTerm];
+ pTerm->wtFlags |= TERM_COPIED;
+ pNewTerm->prereqAll = pTerm->prereqAll;
+ }
+ }
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ /* When sqlite_stat3 histogram data is available an operator of the
+ ** form "x IS NOT NULL" can sometimes be evaluated more efficiently
+ ** as "x>NULL" if x is not an INTEGER PRIMARY KEY. So construct a
+ ** virtual term of that form.
+ **
+ ** Note that the virtual term must be tagged with TERM_VNULL.
+ */
+ if( pExpr->op==TK_NOTNULL
+ && pExpr->pLeft->op==TK_COLUMN
+ && pExpr->pLeft->iColumn>=0
+ && OptimizationEnabled(db, SQLITE_Stat34)
+ ){
+ Expr *pNewExpr;
+ Expr *pLeft = pExpr->pLeft;
+ int idxNew;
+ WhereTerm *pNewTerm;
+
+ pNewExpr = sqlite3PExpr(pParse, TK_GT,
+ sqlite3ExprDup(db, pLeft, 0),
+ sqlite3PExpr(pParse, TK_NULL, 0, 0, 0), 0);
+
+ idxNew = whereClauseInsert(pWC, pNewExpr,
+ TERM_VIRTUAL|TERM_DYNAMIC|TERM_VNULL);
+ if( idxNew ){
+ pNewTerm = &pWC->a[idxNew];
+ pNewTerm->prereqRight = 0;
+ pNewTerm->leftCursor = pLeft->iTable;
+ pNewTerm->u.leftColumn = pLeft->iColumn;
+ pNewTerm->eOperator = WO_GT;
+ markTermAsChild(pWC, idxNew, idxTerm);
+ pTerm = &pWC->a[idxTerm];
+ pTerm->wtFlags |= TERM_COPIED;
+ pNewTerm->prereqAll = pTerm->prereqAll;
+ }
+ }
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+ /* Prevent ON clause terms of a LEFT JOIN from being used to drive
+ ** an index for tables to the left of the join.
+ */
+ pTerm->prereqRight |= extraRight;
+}
+
+/***************************************************************************
+** Routines with file scope above. Interface to the rest of the where.c
+** subsystem follows.
+***************************************************************************/
+
+/*
+** This routine identifies subexpressions in the WHERE clause where
+** each subexpression is separated by the AND operator or some other
+** operator specified in the op parameter. The WhereClause structure
+** is filled with pointers to subexpressions. For example:
+**
+** WHERE a=='hello' AND coalesce(b,11)<10 AND (c+12!=d OR c==22)
+** \________/ \_______________/ \________________/
+** slot[0] slot[1] slot[2]
+**
+** The original WHERE clause in pExpr is unaltered. All this routine
+** does is make slot[] entries point to substructure within pExpr.
+**
+** In the previous sentence and in the diagram, "slot[]" refers to
+** the WhereClause.a[] array. The slot[] array grows as needed to contain
+** all terms of the WHERE clause.
+*/
+SQLITE_PRIVATE void sqlite3WhereSplit(WhereClause *pWC, Expr *pExpr, u8 op){
+ Expr *pE2 = sqlite3ExprSkipCollate(pExpr);
+ pWC->op = op;
+ if( pE2==0 ) return;
+ if( pE2->op!=op ){
+ whereClauseInsert(pWC, pExpr, 0);
+ }else{
+ sqlite3WhereSplit(pWC, pE2->pLeft, op);
+ sqlite3WhereSplit(pWC, pE2->pRight, op);
+ }
+}
+
+/*
+** Initialize a preallocated WhereClause structure.
+*/
+SQLITE_PRIVATE void sqlite3WhereClauseInit(
+ WhereClause *pWC, /* The WhereClause to be initialized */
+ WhereInfo *pWInfo /* The WHERE processing context */
+){
+ pWC->pWInfo = pWInfo;
+ pWC->pOuter = 0;
+ pWC->nTerm = 0;
+ pWC->nSlot = ArraySize(pWC->aStatic);
+ pWC->a = pWC->aStatic;
+}
+
+/*
+** Deallocate a WhereClause structure. The WhereClause structure
+** itself is not freed. This routine is the inverse of
+** sqlite3WhereClauseInit().
+*/
+SQLITE_PRIVATE void sqlite3WhereClauseClear(WhereClause *pWC){
+ int i;
+ WhereTerm *a;
+ sqlite3 *db = pWC->pWInfo->pParse->db;
+ for(i=pWC->nTerm-1, a=pWC->a; i>=0; i--, a++){
+ if( a->wtFlags & TERM_DYNAMIC ){
+ sqlite3ExprDelete(db, a->pExpr);
+ }
+ if( a->wtFlags & TERM_ORINFO ){
+ whereOrInfoDelete(db, a->u.pOrInfo);
+ }else if( a->wtFlags & TERM_ANDINFO ){
+ whereAndInfoDelete(db, a->u.pAndInfo);
+ }
+ }
+ if( pWC->a!=pWC->aStatic ){
+ sqlite3DbFree(db, pWC->a);
+ }
+}
+
+
+/*
+** These routines walk (recursively) an expression tree and generate
+** a bitmask indicating which tables are used in that expression
+** tree.
+*/
+SQLITE_PRIVATE Bitmask sqlite3WhereExprUsage(WhereMaskSet *pMaskSet, Expr *p){
+ Bitmask mask = 0;
+ if( p==0 ) return 0;
+ if( p->op==TK_COLUMN ){
+ mask = sqlite3WhereGetMask(pMaskSet, p->iTable);
+ return mask;
+ }
+ mask = sqlite3WhereExprUsage(pMaskSet, p->pRight);
+ mask |= sqlite3WhereExprUsage(pMaskSet, p->pLeft);
+ if( ExprHasProperty(p, EP_xIsSelect) ){
+ mask |= exprSelectUsage(pMaskSet, p->x.pSelect);
+ }else{
+ mask |= sqlite3WhereExprListUsage(pMaskSet, p->x.pList);
+ }
+ return mask;
+}
+SQLITE_PRIVATE Bitmask sqlite3WhereExprListUsage(WhereMaskSet *pMaskSet, ExprList *pList){
+ int i;
+ Bitmask mask = 0;
+ if( pList ){
+ for(i=0; i<pList->nExpr; i++){
+ mask |= sqlite3WhereExprUsage(pMaskSet, pList->a[i].pExpr);
+ }
+ }
+ return mask;
+}
+
+
+/*
+** Call exprAnalyze on all terms in a WHERE clause.
+**
+** Note that exprAnalyze() might add new virtual terms onto the
+** end of the WHERE clause. We do not want to analyze these new
+** virtual terms, so start analyzing at the end and work forward
+** so that the added virtual terms are never processed.
+*/
+SQLITE_PRIVATE void sqlite3WhereExprAnalyze(
+ SrcList *pTabList, /* the FROM clause */
+ WhereClause *pWC /* the WHERE clause to be analyzed */
+){
+ int i;
+ for(i=pWC->nTerm-1; i>=0; i--){
+ exprAnalyze(pTabList, pWC, i);
+ }
+}
+
+/*
+** For table-valued-functions, transform the function arguments into
+** new WHERE clause terms.
+**
+** Each function argument translates into an equality constraint against
+** a HIDDEN column in the table.
+*/
+SQLITE_PRIVATE void sqlite3WhereTabFuncArgs(
+ Parse *pParse, /* Parsing context */
+ struct SrcList_item *pItem, /* The FROM clause term to process */
+ WhereClause *pWC /* Xfer function arguments to here */
+){
+ Table *pTab;
+ int j, k;
+ ExprList *pArgs;
+ Expr *pColRef;
+ Expr *pTerm;
+ if( pItem->fg.isTabFunc==0 ) return;
+ pTab = pItem->pTab;
+ assert( pTab!=0 );
+ pArgs = pItem->u1.pFuncArg;
+ if( pArgs==0 ) return;
+ for(j=k=0; j<pArgs->nExpr; j++){
+ while( k<pTab->nCol && (pTab->aCol[k].colFlags & COLFLAG_HIDDEN)==0 ){k++;}
+ if( k>=pTab->nCol ){
+ sqlite3ErrorMsg(pParse, "too many arguments on %s() - max %d",
+ pTab->zName, j);
+ return;
+ }
+ pColRef = sqlite3PExpr(pParse, TK_COLUMN, 0, 0, 0);
+ if( pColRef==0 ) return;
+ pColRef->iTable = pItem->iCursor;
+ pColRef->iColumn = k++;
+ pColRef->pTab = pTab;
+ pTerm = sqlite3PExpr(pParse, TK_EQ, pColRef,
+ sqlite3ExprDup(pParse->db, pArgs->a[j].pExpr, 0), 0);
+ whereClauseInsert(pWC, pTerm, TERM_DYNAMIC);
+ }
+}
+
+/************** End of whereexpr.c *******************************************/
+/************** Begin file where.c *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This module contains C code that generates VDBE code used to process
+** the WHERE clause of SQL statements. This module is responsible for
+** generating the code that loops through a table looking for applicable
+** rows. Indices are selected and used to speed the search when doing
+** so is applicable. Because this module is responsible for selecting
+** indices, you might also think of this module as the "query optimizer".
+*/
+/* #include "sqliteInt.h" */
+/* #include "whereInt.h" */
+
+/* Forward declaration of methods */
+static int whereLoopResize(sqlite3*, WhereLoop*, int);
+
+/* Test variable that can be set to enable WHERE tracing */
+#if defined(SQLITE_TEST) || defined(SQLITE_DEBUG)
+/***/ int sqlite3WhereTrace = 0;
+#endif
+
+
+/*
+** Return the estimated number of output rows from a WHERE clause
+*/
+SQLITE_PRIVATE u64 sqlite3WhereOutputRowCount(WhereInfo *pWInfo){
+ return sqlite3LogEstToInt(pWInfo->nRowOut);
+}
+
+/*
+** Return one of the WHERE_DISTINCT_xxxxx values to indicate how this
+** WHERE clause returns outputs for DISTINCT processing.
+*/
+SQLITE_PRIVATE int sqlite3WhereIsDistinct(WhereInfo *pWInfo){
+ return pWInfo->eDistinct;
+}
+
+/*
+** Return TRUE if the WHERE clause returns rows in ORDER BY order.
+** Return FALSE if the output needs to be sorted.
+*/
+SQLITE_PRIVATE int sqlite3WhereIsOrdered(WhereInfo *pWInfo){
+ return pWInfo->nOBSat;
+}
+
+/*
+** Return the VDBE address or label to jump to in order to continue
+** immediately with the next row of a WHERE clause.
+*/
+SQLITE_PRIVATE int sqlite3WhereContinueLabel(WhereInfo *pWInfo){
+ assert( pWInfo->iContinue!=0 );
+ return pWInfo->iContinue;
+}
+
+/*
+** Return the VDBE address or label to jump to in order to break
+** out of a WHERE loop.
+*/
+SQLITE_PRIVATE int sqlite3WhereBreakLabel(WhereInfo *pWInfo){
+ return pWInfo->iBreak;
+}
+
+/*
+** Return ONEPASS_OFF (0) if an UPDATE or DELETE statement is unable to
+** operate directly on the rowis returned by a WHERE clause. Return
+** ONEPASS_SINGLE (1) if the statement can operation directly because only
+** a single row is to be changed. Return ONEPASS_MULTI (2) if the one-pass
+** optimization can be used on multiple
+**
+** If the ONEPASS optimization is used (if this routine returns true)
+** then also write the indices of open cursors used by ONEPASS
+** into aiCur[0] and aiCur[1]. iaCur[0] gets the cursor of the data
+** table and iaCur[1] gets the cursor used by an auxiliary index.
+** Either value may be -1, indicating that cursor is not used.
+** Any cursors returned will have been opened for writing.
+**
+** aiCur[0] and aiCur[1] both get -1 if the where-clause logic is
+** unable to use the ONEPASS optimization.
+*/
+SQLITE_PRIVATE int sqlite3WhereOkOnePass(WhereInfo *pWInfo, int *aiCur){
+ memcpy(aiCur, pWInfo->aiCurOnePass, sizeof(int)*2);
+#ifdef WHERETRACE_ENABLED
+ if( sqlite3WhereTrace && pWInfo->eOnePass!=ONEPASS_OFF ){
+ sqlite3DebugPrintf("%s cursors: %d %d\n",
+ pWInfo->eOnePass==ONEPASS_SINGLE ? "ONEPASS_SINGLE" : "ONEPASS_MULTI",
+ aiCur[0], aiCur[1]);
+ }
+#endif
+ return pWInfo->eOnePass;
+}
+
+/*
+** Move the content of pSrc into pDest
+*/
+static void whereOrMove(WhereOrSet *pDest, WhereOrSet *pSrc){
+ pDest->n = pSrc->n;
+ memcpy(pDest->a, pSrc->a, pDest->n*sizeof(pDest->a[0]));
+}
+
+/*
+** Try to insert a new prerequisite/cost entry into the WhereOrSet pSet.
+**
+** The new entry might overwrite an existing entry, or it might be
+** appended, or it might be discarded. Do whatever is the right thing
+** so that pSet keeps the N_OR_COST best entries seen so far.
+*/
+static int whereOrInsert(
+ WhereOrSet *pSet, /* The WhereOrSet to be updated */
+ Bitmask prereq, /* Prerequisites of the new entry */
+ LogEst rRun, /* Run-cost of the new entry */
+ LogEst nOut /* Number of outputs for the new entry */
+){
+ u16 i;
+ WhereOrCost *p;
+ for(i=pSet->n, p=pSet->a; i>0; i--, p++){
+ if( rRun<=p->rRun && (prereq & p->prereq)==prereq ){
+ goto whereOrInsert_done;
+ }
+ if( p->rRun<=rRun && (p->prereq & prereq)==p->prereq ){
+ return 0;
+ }
+ }
+ if( pSet->n<N_OR_COST ){
+ p = &pSet->a[pSet->n++];
+ p->nOut = nOut;
+ }else{
+ p = pSet->a;
+ for(i=1; i<pSet->n; i++){
+ if( p->rRun>pSet->a[i].rRun ) p = pSet->a + i;
+ }
+ if( p->rRun<=rRun ) return 0;
+ }
+whereOrInsert_done:
+ p->prereq = prereq;
+ p->rRun = rRun;
+ if( p->nOut>nOut ) p->nOut = nOut;
+ return 1;
+}
+
+/*
+** Return the bitmask for the given cursor number. Return 0 if
+** iCursor is not in the set.
+*/
+SQLITE_PRIVATE Bitmask sqlite3WhereGetMask(WhereMaskSet *pMaskSet, int iCursor){
+ int i;
+ assert( pMaskSet->n<=(int)sizeof(Bitmask)*8 );
+ for(i=0; i<pMaskSet->n; i++){
+ if( pMaskSet->ix[i]==iCursor ){
+ return MASKBIT(i);
+ }
+ }
+ return 0;
+}
+
+/*
+** Create a new mask for cursor iCursor.
+**
+** There is one cursor per table in the FROM clause. The number of
+** tables in the FROM clause is limited by a test early in the
+** sqlite3WhereBegin() routine. So we know that the pMaskSet->ix[]
+** array will never overflow.
+*/
+static void createMask(WhereMaskSet *pMaskSet, int iCursor){
+ assert( pMaskSet->n < ArraySize(pMaskSet->ix) );
+ pMaskSet->ix[pMaskSet->n++] = iCursor;
+}
+
+/*
+** Advance to the next WhereTerm that matches according to the criteria
+** established when the pScan object was initialized by whereScanInit().
+** Return NULL if there are no more matching WhereTerms.
+*/
+static WhereTerm *whereScanNext(WhereScan *pScan){
+ int iCur; /* The cursor on the LHS of the term */
+ i16 iColumn; /* The column on the LHS of the term. -1 for IPK */
+ Expr *pX; /* An expression being tested */
+ WhereClause *pWC; /* Shorthand for pScan->pWC */
+ WhereTerm *pTerm; /* The term being tested */
+ int k = pScan->k; /* Where to start scanning */
+
+ while( pScan->iEquiv<=pScan->nEquiv ){
+ iCur = pScan->aiCur[pScan->iEquiv-1];
+ iColumn = pScan->aiColumn[pScan->iEquiv-1];
+ if( iColumn==XN_EXPR && pScan->pIdxExpr==0 ) return 0;
+ while( (pWC = pScan->pWC)!=0 ){
+ for(pTerm=pWC->a+k; k<pWC->nTerm; k++, pTerm++){
+ if( pTerm->leftCursor==iCur
+ && pTerm->u.leftColumn==iColumn
+ && (iColumn!=XN_EXPR
+ || sqlite3ExprCompare(pTerm->pExpr->pLeft,pScan->pIdxExpr,iCur)==0)
+ && (pScan->iEquiv<=1 || !ExprHasProperty(pTerm->pExpr, EP_FromJoin))
+ ){
+ if( (pTerm->eOperator & WO_EQUIV)!=0
+ && pScan->nEquiv<ArraySize(pScan->aiCur)
+ && (pX = sqlite3ExprSkipCollate(pTerm->pExpr->pRight))->op==TK_COLUMN
+ ){
+ int j;
+ for(j=0; j<pScan->nEquiv; j++){
+ if( pScan->aiCur[j]==pX->iTable
+ && pScan->aiColumn[j]==pX->iColumn ){
+ break;
+ }
+ }
+ if( j==pScan->nEquiv ){
+ pScan->aiCur[j] = pX->iTable;
+ pScan->aiColumn[j] = pX->iColumn;
+ pScan->nEquiv++;
+ }
+ }
+ if( (pTerm->eOperator & pScan->opMask)!=0 ){
+ /* Verify the affinity and collating sequence match */
+ if( pScan->zCollName && (pTerm->eOperator & WO_ISNULL)==0 ){
+ CollSeq *pColl;
+ Parse *pParse = pWC->pWInfo->pParse;
+ pX = pTerm->pExpr;
+ if( !sqlite3IndexAffinityOk(pX, pScan->idxaff) ){
+ continue;
+ }
+ assert(pX->pLeft);
+ pColl = sqlite3BinaryCompareCollSeq(pParse,
+ pX->pLeft, pX->pRight);
+ if( pColl==0 ) pColl = pParse->db->pDfltColl;
+ if( sqlite3StrICmp(pColl->zName, pScan->zCollName) ){
+ continue;
+ }
+ }
+ if( (pTerm->eOperator & (WO_EQ|WO_IS))!=0
+ && (pX = pTerm->pExpr->pRight)->op==TK_COLUMN
+ && pX->iTable==pScan->aiCur[0]
+ && pX->iColumn==pScan->aiColumn[0]
+ ){
+ testcase( pTerm->eOperator & WO_IS );
+ continue;
+ }
+ pScan->k = k+1;
+ return pTerm;
+ }
+ }
+ }
+ pScan->pWC = pScan->pWC->pOuter;
+ k = 0;
+ }
+ pScan->pWC = pScan->pOrigWC;
+ k = 0;
+ pScan->iEquiv++;
+ }
+ return 0;
+}
+
+/*
+** Initialize a WHERE clause scanner object. Return a pointer to the
+** first match. Return NULL if there are no matches.
+**
+** The scanner will be searching the WHERE clause pWC. It will look
+** for terms of the form "X <op> <expr>" where X is column iColumn of table
+** iCur. The <op> must be one of the operators described by opMask.
+**
+** If the search is for X and the WHERE clause contains terms of the
+** form X=Y then this routine might also return terms of the form
+** "Y <op> <expr>". The number of levels of transitivity is limited,
+** but is enough to handle most commonly occurring SQL statements.
+**
+** If X is not the INTEGER PRIMARY KEY then X must be compatible with
+** index pIdx.
+*/
+static WhereTerm *whereScanInit(
+ WhereScan *pScan, /* The WhereScan object being initialized */
+ WhereClause *pWC, /* The WHERE clause to be scanned */
+ int iCur, /* Cursor to scan for */
+ int iColumn, /* Column to scan for */
+ u32 opMask, /* Operator(s) to scan for */
+ Index *pIdx /* Must be compatible with this index */
+){
+ int j = 0;
+
+ /* memset(pScan, 0, sizeof(*pScan)); */
+ pScan->pOrigWC = pWC;
+ pScan->pWC = pWC;
+ pScan->pIdxExpr = 0;
+ if( pIdx ){
+ j = iColumn;
+ iColumn = pIdx->aiColumn[j];
+ if( iColumn==XN_EXPR ) pScan->pIdxExpr = pIdx->aColExpr->a[j].pExpr;
+ }
+ if( pIdx && iColumn>=0 ){
+ pScan->idxaff = pIdx->pTable->aCol[iColumn].affinity;
+ pScan->zCollName = pIdx->azColl[j];
+ }else{
+ pScan->idxaff = 0;
+ pScan->zCollName = 0;
+ }
+ pScan->opMask = opMask;
+ pScan->k = 0;
+ pScan->aiCur[0] = iCur;
+ pScan->aiColumn[0] = iColumn;
+ pScan->nEquiv = 1;
+ pScan->iEquiv = 1;
+ return whereScanNext(pScan);
+}
+
+/*
+** Search for a term in the WHERE clause that is of the form "X <op> <expr>"
+** where X is a reference to the iColumn of table iCur and <op> is one of
+** the WO_xx operator codes specified by the op parameter.
+** Return a pointer to the term. Return 0 if not found.
+**
+** If pIdx!=0 then search for terms matching the iColumn-th column of pIdx
+** rather than the iColumn-th column of table iCur.
+**
+** The term returned might by Y=<expr> if there is another constraint in
+** the WHERE clause that specifies that X=Y. Any such constraints will be
+** identified by the WO_EQUIV bit in the pTerm->eOperator field. The
+** aiCur[]/iaColumn[] arrays hold X and all its equivalents. There are 11
+** slots in aiCur[]/aiColumn[] so that means we can look for X plus up to 10
+** other equivalent values. Hence a search for X will return <expr> if X=A1
+** and A1=A2 and A2=A3 and ... and A9=A10 and A10=<expr>.
+**
+** If there are multiple terms in the WHERE clause of the form "X <op> <expr>"
+** then try for the one with no dependencies on <expr> - in other words where
+** <expr> is a constant expression of some kind. Only return entries of
+** the form "X <op> Y" where Y is a column in another table if no terms of
+** the form "X <op> <const-expr>" exist. If no terms with a constant RHS
+** exist, try to return a term that does not use WO_EQUIV.
+*/
+SQLITE_PRIVATE WhereTerm *sqlite3WhereFindTerm(
+ WhereClause *pWC, /* The WHERE clause to be searched */
+ int iCur, /* Cursor number of LHS */
+ int iColumn, /* Column number of LHS */
+ Bitmask notReady, /* RHS must not overlap with this mask */
+ u32 op, /* Mask of WO_xx values describing operator */
+ Index *pIdx /* Must be compatible with this index, if not NULL */
+){
+ WhereTerm *pResult = 0;
+ WhereTerm *p;
+ WhereScan scan;
+
+ p = whereScanInit(&scan, pWC, iCur, iColumn, op, pIdx);
+ op &= WO_EQ|WO_IS;
+ while( p ){
+ if( (p->prereqRight & notReady)==0 ){
+ if( p->prereqRight==0 && (p->eOperator&op)!=0 ){
+ testcase( p->eOperator & WO_IS );
+ return p;
+ }
+ if( pResult==0 ) pResult = p;
+ }
+ p = whereScanNext(&scan);
+ }
+ return pResult;
+}
+
+/*
+** This function searches pList for an entry that matches the iCol-th column
+** of index pIdx.
+**
+** If such an expression is found, its index in pList->a[] is returned. If
+** no expression is found, -1 is returned.
+*/
+static int findIndexCol(
+ Parse *pParse, /* Parse context */
+ ExprList *pList, /* Expression list to search */
+ int iBase, /* Cursor for table associated with pIdx */
+ Index *pIdx, /* Index to match column of */
+ int iCol /* Column of index to match */
+){
+ int i;
+ const char *zColl = pIdx->azColl[iCol];
+
+ for(i=0; i<pList->nExpr; i++){
+ Expr *p = sqlite3ExprSkipCollate(pList->a[i].pExpr);
+ if( p->op==TK_COLUMN
+ && p->iColumn==pIdx->aiColumn[iCol]
+ && p->iTable==iBase
+ ){
+ CollSeq *pColl = sqlite3ExprCollSeq(pParse, pList->a[i].pExpr);
+ if( pColl && 0==sqlite3StrICmp(pColl->zName, zColl) ){
+ return i;
+ }
+ }
+ }
+
+ return -1;
+}
+
+/*
+** Return TRUE if the iCol-th column of index pIdx is NOT NULL
+*/
+static int indexColumnNotNull(Index *pIdx, int iCol){
+ int j;
+ assert( pIdx!=0 );
+ assert( iCol>=0 && iCol<pIdx->nColumn );
+ j = pIdx->aiColumn[iCol];
+ if( j>=0 ){
+ return pIdx->pTable->aCol[j].notNull;
+ }else if( j==(-1) ){
+ return 1;
+ }else{
+ assert( j==(-2) );
+ return 0; /* Assume an indexed expression can always yield a NULL */
+
+ }
+}
+
+/*
+** Return true if the DISTINCT expression-list passed as the third argument
+** is redundant.
+**
+** A DISTINCT list is redundant if any subset of the columns in the
+** DISTINCT list are collectively unique and individually non-null.
+*/
+static int isDistinctRedundant(
+ Parse *pParse, /* Parsing context */
+ SrcList *pTabList, /* The FROM clause */
+ WhereClause *pWC, /* The WHERE clause */
+ ExprList *pDistinct /* The result set that needs to be DISTINCT */
+){
+ Table *pTab;
+ Index *pIdx;
+ int i;
+ int iBase;
+
+ /* If there is more than one table or sub-select in the FROM clause of
+ ** this query, then it will not be possible to show that the DISTINCT
+ ** clause is redundant. */
+ if( pTabList->nSrc!=1 ) return 0;
+ iBase = pTabList->a[0].iCursor;
+ pTab = pTabList->a[0].pTab;
+
+ /* If any of the expressions is an IPK column on table iBase, then return
+ ** true. Note: The (p->iTable==iBase) part of this test may be false if the
+ ** current SELECT is a correlated sub-query.
+ */
+ for(i=0; i<pDistinct->nExpr; i++){
+ Expr *p = sqlite3ExprSkipCollate(pDistinct->a[i].pExpr);
+ if( p->op==TK_COLUMN && p->iTable==iBase && p->iColumn<0 ) return 1;
+ }
+
+ /* Loop through all indices on the table, checking each to see if it makes
+ ** the DISTINCT qualifier redundant. It does so if:
+ **
+ ** 1. The index is itself UNIQUE, and
+ **
+ ** 2. All of the columns in the index are either part of the pDistinct
+ ** list, or else the WHERE clause contains a term of the form "col=X",
+ ** where X is a constant value. The collation sequences of the
+ ** comparison and select-list expressions must match those of the index.
+ **
+ ** 3. All of those index columns for which the WHERE clause does not
+ ** contain a "col=X" term are subject to a NOT NULL constraint.
+ */
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ if( !IsUniqueIndex(pIdx) ) continue;
+ for(i=0; i<pIdx->nKeyCol; i++){
+ if( 0==sqlite3WhereFindTerm(pWC, iBase, i, ~(Bitmask)0, WO_EQ, pIdx) ){
+ if( findIndexCol(pParse, pDistinct, iBase, pIdx, i)<0 ) break;
+ if( indexColumnNotNull(pIdx, i)==0 ) break;
+ }
+ }
+ if( i==pIdx->nKeyCol ){
+ /* This index implies that the DISTINCT qualifier is redundant. */
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+
+/*
+** Estimate the logarithm of the input value to base 2.
+*/
+static LogEst estLog(LogEst N){
+ return N<=10 ? 0 : sqlite3LogEst(N) - 33;
+}
+
+/*
+** Convert OP_Column opcodes to OP_Copy in previously generated code.
+**
+** This routine runs over generated VDBE code and translates OP_Column
+** opcodes into OP_Copy when the table is being accessed via co-routine
+** instead of via table lookup.
+**
+** If the bIncrRowid parameter is 0, then any OP_Rowid instructions on
+** cursor iTabCur are transformed into OP_Null. Or, if bIncrRowid is non-zero,
+** then each OP_Rowid is transformed into an instruction to increment the
+** value stored in its output register.
+*/
+static void translateColumnToCopy(
+ Vdbe *v, /* The VDBE containing code to translate */
+ int iStart, /* Translate from this opcode to the end */
+ int iTabCur, /* OP_Column/OP_Rowid references to this table */
+ int iRegister, /* The first column is in this register */
+ int bIncrRowid /* If non-zero, transform OP_rowid to OP_AddImm(1) */
+){
+ VdbeOp *pOp = sqlite3VdbeGetOp(v, iStart);
+ int iEnd = sqlite3VdbeCurrentAddr(v);
+ for(; iStart<iEnd; iStart++, pOp++){
+ if( pOp->p1!=iTabCur ) continue;
+ if( pOp->opcode==OP_Column ){
+ pOp->opcode = OP_Copy;
+ pOp->p1 = pOp->p2 + iRegister;
+ pOp->p2 = pOp->p3;
+ pOp->p3 = 0;
+ }else if( pOp->opcode==OP_Rowid ){
+ if( bIncrRowid ){
+ /* Increment the value stored in the P2 operand of the OP_Rowid. */
+ pOp->opcode = OP_AddImm;
+ pOp->p1 = pOp->p2;
+ pOp->p2 = 1;
+ }else{
+ pOp->opcode = OP_Null;
+ pOp->p1 = 0;
+ pOp->p3 = 0;
+ }
+ }
+ }
+}
+
+/*
+** Two routines for printing the content of an sqlite3_index_info
+** structure. Used for testing and debugging only. If neither
+** SQLITE_TEST or SQLITE_DEBUG are defined, then these routines
+** are no-ops.
+*/
+#if !defined(SQLITE_OMIT_VIRTUALTABLE) && defined(WHERETRACE_ENABLED)
+static void TRACE_IDX_INPUTS(sqlite3_index_info *p){
+ int i;
+ if( !sqlite3WhereTrace ) return;
+ for(i=0; i<p->nConstraint; i++){
+ sqlite3DebugPrintf(" constraint[%d]: col=%d termid=%d op=%d usabled=%d\n",
+ i,
+ p->aConstraint[i].iColumn,
+ p->aConstraint[i].iTermOffset,
+ p->aConstraint[i].op,
+ p->aConstraint[i].usable);
+ }
+ for(i=0; i<p->nOrderBy; i++){
+ sqlite3DebugPrintf(" orderby[%d]: col=%d desc=%d\n",
+ i,
+ p->aOrderBy[i].iColumn,
+ p->aOrderBy[i].desc);
+ }
+}
+static void TRACE_IDX_OUTPUTS(sqlite3_index_info *p){
+ int i;
+ if( !sqlite3WhereTrace ) return;
+ for(i=0; i<p->nConstraint; i++){
+ sqlite3DebugPrintf(" usage[%d]: argvIdx=%d omit=%d\n",
+ i,
+ p->aConstraintUsage[i].argvIndex,
+ p->aConstraintUsage[i].omit);
+ }
+ sqlite3DebugPrintf(" idxNum=%d\n", p->idxNum);
+ sqlite3DebugPrintf(" idxStr=%s\n", p->idxStr);
+ sqlite3DebugPrintf(" orderByConsumed=%d\n", p->orderByConsumed);
+ sqlite3DebugPrintf(" estimatedCost=%g\n", p->estimatedCost);
+ sqlite3DebugPrintf(" estimatedRows=%lld\n", p->estimatedRows);
+}
+#else
+#define TRACE_IDX_INPUTS(A)
+#define TRACE_IDX_OUTPUTS(A)
+#endif
+
+#ifndef SQLITE_OMIT_AUTOMATIC_INDEX
+/*
+** Return TRUE if the WHERE clause term pTerm is of a form where it
+** could be used with an index to access pSrc, assuming an appropriate
+** index existed.
+*/
+static int termCanDriveIndex(
+ WhereTerm *pTerm, /* WHERE clause term to check */
+ struct SrcList_item *pSrc, /* Table we are trying to access */
+ Bitmask notReady /* Tables in outer loops of the join */
+){
+ char aff;
+ if( pTerm->leftCursor!=pSrc->iCursor ) return 0;
+ if( (pTerm->eOperator & (WO_EQ|WO_IS))==0 ) return 0;
+ if( (pTerm->prereqRight & notReady)!=0 ) return 0;
+ if( pTerm->u.leftColumn<0 ) return 0;
+ aff = pSrc->pTab->aCol[pTerm->u.leftColumn].affinity;
+ if( !sqlite3IndexAffinityOk(pTerm->pExpr, aff) ) return 0;
+ testcase( pTerm->pExpr->op==TK_IS );
+ return 1;
+}
+#endif
+
+
+#ifndef SQLITE_OMIT_AUTOMATIC_INDEX
+/*
+** Generate code to construct the Index object for an automatic index
+** and to set up the WhereLevel object pLevel so that the code generator
+** makes use of the automatic index.
+*/
+static void constructAutomaticIndex(
+ Parse *pParse, /* The parsing context */
+ WhereClause *pWC, /* The WHERE clause */
+ struct SrcList_item *pSrc, /* The FROM clause term to get the next index */
+ Bitmask notReady, /* Mask of cursors that are not available */
+ WhereLevel *pLevel /* Write new index here */
+){
+ int nKeyCol; /* Number of columns in the constructed index */
+ WhereTerm *pTerm; /* A single term of the WHERE clause */
+ WhereTerm *pWCEnd; /* End of pWC->a[] */
+ Index *pIdx; /* Object describing the transient index */
+ Vdbe *v; /* Prepared statement under construction */
+ int addrInit; /* Address of the initialization bypass jump */
+ Table *pTable; /* The table being indexed */
+ int addrTop; /* Top of the index fill loop */
+ int regRecord; /* Register holding an index record */
+ int n; /* Column counter */
+ int i; /* Loop counter */
+ int mxBitCol; /* Maximum column in pSrc->colUsed */
+ CollSeq *pColl; /* Collating sequence to on a column */
+ WhereLoop *pLoop; /* The Loop object */
+ char *zNotUsed; /* Extra space on the end of pIdx */
+ Bitmask idxCols; /* Bitmap of columns used for indexing */
+ Bitmask extraCols; /* Bitmap of additional columns */
+ u8 sentWarning = 0; /* True if a warnning has been issued */
+ Expr *pPartial = 0; /* Partial Index Expression */
+ int iContinue = 0; /* Jump here to skip excluded rows */
+ struct SrcList_item *pTabItem; /* FROM clause term being indexed */
+ int addrCounter = 0; /* Address where integer counter is initialized */
+ int regBase; /* Array of registers where record is assembled */
+
+ /* Generate code to skip over the creation and initialization of the
+ ** transient index on 2nd and subsequent iterations of the loop. */
+ v = pParse->pVdbe;
+ assert( v!=0 );
+ addrInit = sqlite3CodeOnce(pParse); VdbeCoverage(v);
+
+ /* Count the number of columns that will be added to the index
+ ** and used to match WHERE clause constraints */
+ nKeyCol = 0;
+ pTable = pSrc->pTab;
+ pWCEnd = &pWC->a[pWC->nTerm];
+ pLoop = pLevel->pWLoop;
+ idxCols = 0;
+ for(pTerm=pWC->a; pTerm<pWCEnd; pTerm++){
+ Expr *pExpr = pTerm->pExpr;
+ assert( !ExprHasProperty(pExpr, EP_FromJoin) /* prereq always non-zero */
+ || pExpr->iRightJoinTable!=pSrc->iCursor /* for the right-hand */
+ || pLoop->prereq!=0 ); /* table of a LEFT JOIN */
+ if( pLoop->prereq==0
+ && (pTerm->wtFlags & TERM_VIRTUAL)==0
+ && !ExprHasProperty(pExpr, EP_FromJoin)
+ && sqlite3ExprIsTableConstant(pExpr, pSrc->iCursor) ){
+ pPartial = sqlite3ExprAnd(pParse->db, pPartial,
+ sqlite3ExprDup(pParse->db, pExpr, 0));
+ }
+ if( termCanDriveIndex(pTerm, pSrc, notReady) ){
+ int iCol = pTerm->u.leftColumn;
+ Bitmask cMask = iCol>=BMS ? MASKBIT(BMS-1) : MASKBIT(iCol);
+ testcase( iCol==BMS );
+ testcase( iCol==BMS-1 );
+ if( !sentWarning ){
+ sqlite3_log(SQLITE_WARNING_AUTOINDEX,
+ "automatic index on %s(%s)", pTable->zName,
+ pTable->aCol[iCol].zName);
+ sentWarning = 1;
+ }
+ if( (idxCols & cMask)==0 ){
+ if( whereLoopResize(pParse->db, pLoop, nKeyCol+1) ){
+ goto end_auto_index_create;
+ }
+ pLoop->aLTerm[nKeyCol++] = pTerm;
+ idxCols |= cMask;
+ }
+ }
+ }
+ assert( nKeyCol>0 );
+ pLoop->u.btree.nEq = pLoop->nLTerm = nKeyCol;
+ pLoop->wsFlags = WHERE_COLUMN_EQ | WHERE_IDX_ONLY | WHERE_INDEXED
+ | WHERE_AUTO_INDEX;
+
+ /* Count the number of additional columns needed to create a
+ ** covering index. A "covering index" is an index that contains all
+ ** columns that are needed by the query. With a covering index, the
+ ** original table never needs to be accessed. Automatic indices must
+ ** be a covering index because the index will not be updated if the
+ ** original table changes and the index and table cannot both be used
+ ** if they go out of sync.
+ */
+ extraCols = pSrc->colUsed & (~idxCols | MASKBIT(BMS-1));
+ mxBitCol = MIN(BMS-1,pTable->nCol);
+ testcase( pTable->nCol==BMS-1 );
+ testcase( pTable->nCol==BMS-2 );
+ for(i=0; i<mxBitCol; i++){
+ if( extraCols & MASKBIT(i) ) nKeyCol++;
+ }
+ if( pSrc->colUsed & MASKBIT(BMS-1) ){
+ nKeyCol += pTable->nCol - BMS + 1;
+ }
+
+ /* Construct the Index object to describe this index */
+ pIdx = sqlite3AllocateIndexObject(pParse->db, nKeyCol+1, 0, &zNotUsed);
+ if( pIdx==0 ) goto end_auto_index_create;
+ pLoop->u.btree.pIndex = pIdx;
+ pIdx->zName = "auto-index";
+ pIdx->pTable = pTable;
+ n = 0;
+ idxCols = 0;
+ for(pTerm=pWC->a; pTerm<pWCEnd; pTerm++){
+ if( termCanDriveIndex(pTerm, pSrc, notReady) ){
+ int iCol = pTerm->u.leftColumn;
+ Bitmask cMask = iCol>=BMS ? MASKBIT(BMS-1) : MASKBIT(iCol);
+ testcase( iCol==BMS-1 );
+ testcase( iCol==BMS );
+ if( (idxCols & cMask)==0 ){
+ Expr *pX = pTerm->pExpr;
+ idxCols |= cMask;
+ pIdx->aiColumn[n] = pTerm->u.leftColumn;
+ pColl = sqlite3BinaryCompareCollSeq(pParse, pX->pLeft, pX->pRight);
+ pIdx->azColl[n] = pColl ? pColl->zName : sqlite3StrBINARY;
+ n++;
+ }
+ }
+ }
+ assert( (u32)n==pLoop->u.btree.nEq );
+
+ /* Add additional columns needed to make the automatic index into
+ ** a covering index */
+ for(i=0; i<mxBitCol; i++){
+ if( extraCols & MASKBIT(i) ){
+ pIdx->aiColumn[n] = i;
+ pIdx->azColl[n] = sqlite3StrBINARY;
+ n++;
+ }
+ }
+ if( pSrc->colUsed & MASKBIT(BMS-1) ){
+ for(i=BMS-1; i<pTable->nCol; i++){
+ pIdx->aiColumn[n] = i;
+ pIdx->azColl[n] = sqlite3StrBINARY;
+ n++;
+ }
+ }
+ assert( n==nKeyCol );
+ pIdx->aiColumn[n] = XN_ROWID;
+ pIdx->azColl[n] = sqlite3StrBINARY;
+
+ /* Create the automatic index */
+ assert( pLevel->iIdxCur>=0 );
+ pLevel->iIdxCur = pParse->nTab++;
+ sqlite3VdbeAddOp2(v, OP_OpenAutoindex, pLevel->iIdxCur, nKeyCol+1);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
+ VdbeComment((v, "for %s", pTable->zName));
+
+ /* Fill the automatic index with content */
+ sqlite3ExprCachePush(pParse);
+ pTabItem = &pWC->pWInfo->pTabList->a[pLevel->iFrom];
+ if( pTabItem->fg.viaCoroutine ){
+ int regYield = pTabItem->regReturn;
+ addrCounter = sqlite3VdbeAddOp2(v, OP_Integer, 0, 0);
+ sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, pTabItem->addrFillSub);
+ addrTop = sqlite3VdbeAddOp1(v, OP_Yield, regYield);
+ VdbeCoverage(v);
+ VdbeComment((v, "next row of \"%s\"", pTabItem->pTab->zName));
+ }else{
+ addrTop = sqlite3VdbeAddOp1(v, OP_Rewind, pLevel->iTabCur); VdbeCoverage(v);
+ }
+ if( pPartial ){
+ iContinue = sqlite3VdbeMakeLabel(v);
+ sqlite3ExprIfFalse(pParse, pPartial, iContinue, SQLITE_JUMPIFNULL);
+ pLoop->wsFlags |= WHERE_PARTIALIDX;
+ }
+ regRecord = sqlite3GetTempReg(pParse);
+ regBase = sqlite3GenerateIndexKey(
+ pParse, pIdx, pLevel->iTabCur, regRecord, 0, 0, 0, 0
+ );
+ sqlite3VdbeAddOp2(v, OP_IdxInsert, pLevel->iIdxCur, regRecord);
+ sqlite3VdbeChangeP5(v, OPFLAG_USESEEKRESULT);
+ if( pPartial ) sqlite3VdbeResolveLabel(v, iContinue);
+ if( pTabItem->fg.viaCoroutine ){
+ sqlite3VdbeChangeP2(v, addrCounter, regBase+n);
+ translateColumnToCopy(v, addrTop, pLevel->iTabCur, pTabItem->regResult, 1);
+ sqlite3VdbeGoto(v, addrTop);
+ pTabItem->fg.viaCoroutine = 0;
+ }else{
+ sqlite3VdbeAddOp2(v, OP_Next, pLevel->iTabCur, addrTop+1); VdbeCoverage(v);
+ }
+ sqlite3VdbeChangeP5(v, SQLITE_STMTSTATUS_AUTOINDEX);
+ sqlite3VdbeJumpHere(v, addrTop);
+ sqlite3ReleaseTempReg(pParse, regRecord);
+ sqlite3ExprCachePop(pParse);
+
+ /* Jump here when skipping the initialization */
+ sqlite3VdbeJumpHere(v, addrInit);
+
+end_auto_index_create:
+ sqlite3ExprDelete(pParse->db, pPartial);
+}
+#endif /* SQLITE_OMIT_AUTOMATIC_INDEX */
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Allocate and populate an sqlite3_index_info structure. It is the
+** responsibility of the caller to eventually release the structure
+** by passing the pointer returned by this function to sqlite3_free().
+*/
+static sqlite3_index_info *allocateIndexInfo(
+ Parse *pParse,
+ WhereClause *pWC,
+ Bitmask mUnusable, /* Ignore terms with these prereqs */
+ struct SrcList_item *pSrc,
+ ExprList *pOrderBy
+){
+ int i, j;
+ int nTerm;
+ struct sqlite3_index_constraint *pIdxCons;
+ struct sqlite3_index_orderby *pIdxOrderBy;
+ struct sqlite3_index_constraint_usage *pUsage;
+ WhereTerm *pTerm;
+ int nOrderBy;
+ sqlite3_index_info *pIdxInfo;
+
+ /* Count the number of possible WHERE clause constraints referring
+ ** to this virtual table */
+ for(i=nTerm=0, pTerm=pWC->a; i<pWC->nTerm; i++, pTerm++){
+ if( pTerm->leftCursor != pSrc->iCursor ) continue;
+ if( pTerm->prereqRight & mUnusable ) continue;
+ assert( IsPowerOfTwo(pTerm->eOperator & ~WO_EQUIV) );
+ testcase( pTerm->eOperator & WO_IN );
+ testcase( pTerm->eOperator & WO_ISNULL );
+ testcase( pTerm->eOperator & WO_IS );
+ testcase( pTerm->eOperator & WO_ALL );
+ if( (pTerm->eOperator & ~(WO_ISNULL|WO_EQUIV|WO_IS))==0 ) continue;
+ if( pTerm->wtFlags & TERM_VNULL ) continue;
+ assert( pTerm->u.leftColumn>=(-1) );
+ nTerm++;
+ }
+
+ /* If the ORDER BY clause contains only columns in the current
+ ** virtual table then allocate space for the aOrderBy part of
+ ** the sqlite3_index_info structure.
+ */
+ nOrderBy = 0;
+ if( pOrderBy ){
+ int n = pOrderBy->nExpr;
+ for(i=0; i<n; i++){
+ Expr *pExpr = pOrderBy->a[i].pExpr;
+ if( pExpr->op!=TK_COLUMN || pExpr->iTable!=pSrc->iCursor ) break;
+ }
+ if( i==n){
+ nOrderBy = n;
+ }
+ }
+
+ /* Allocate the sqlite3_index_info structure
+ */
+ pIdxInfo = sqlite3DbMallocZero(pParse->db, sizeof(*pIdxInfo)
+ + (sizeof(*pIdxCons) + sizeof(*pUsage))*nTerm
+ + sizeof(*pIdxOrderBy)*nOrderBy );
+ if( pIdxInfo==0 ){
+ sqlite3ErrorMsg(pParse, "out of memory");
+ return 0;
+ }
+
+ /* Initialize the structure. The sqlite3_index_info structure contains
+ ** many fields that are declared "const" to prevent xBestIndex from
+ ** changing them. We have to do some funky casting in order to
+ ** initialize those fields.
+ */
+ pIdxCons = (struct sqlite3_index_constraint*)&pIdxInfo[1];
+ pIdxOrderBy = (struct sqlite3_index_orderby*)&pIdxCons[nTerm];
+ pUsage = (struct sqlite3_index_constraint_usage*)&pIdxOrderBy[nOrderBy];
+ *(int*)&pIdxInfo->nConstraint = nTerm;
+ *(int*)&pIdxInfo->nOrderBy = nOrderBy;
+ *(struct sqlite3_index_constraint**)&pIdxInfo->aConstraint = pIdxCons;
+ *(struct sqlite3_index_orderby**)&pIdxInfo->aOrderBy = pIdxOrderBy;
+ *(struct sqlite3_index_constraint_usage**)&pIdxInfo->aConstraintUsage =
+ pUsage;
+
+ for(i=j=0, pTerm=pWC->a; i<pWC->nTerm; i++, pTerm++){
+ u8 op;
+ if( pTerm->leftCursor != pSrc->iCursor ) continue;
+ if( pTerm->prereqRight & mUnusable ) continue;
+ assert( IsPowerOfTwo(pTerm->eOperator & ~WO_EQUIV) );
+ testcase( pTerm->eOperator & WO_IN );
+ testcase( pTerm->eOperator & WO_IS );
+ testcase( pTerm->eOperator & WO_ISNULL );
+ testcase( pTerm->eOperator & WO_ALL );
+ if( (pTerm->eOperator & ~(WO_ISNULL|WO_EQUIV|WO_IS))==0 ) continue;
+ if( pTerm->wtFlags & TERM_VNULL ) continue;
+ assert( pTerm->u.leftColumn>=(-1) );
+ pIdxCons[j].iColumn = pTerm->u.leftColumn;
+ pIdxCons[j].iTermOffset = i;
+ op = (u8)pTerm->eOperator & WO_ALL;
+ if( op==WO_IN ) op = WO_EQ;
+ if( op==WO_MATCH ){
+ op = pTerm->eMatchOp;
+ }
+ pIdxCons[j].op = op;
+ /* The direct assignment in the previous line is possible only because
+ ** the WO_ and SQLITE_INDEX_CONSTRAINT_ codes are identical. The
+ ** following asserts verify this fact. */
+ assert( WO_EQ==SQLITE_INDEX_CONSTRAINT_EQ );
+ assert( WO_LT==SQLITE_INDEX_CONSTRAINT_LT );
+ assert( WO_LE==SQLITE_INDEX_CONSTRAINT_LE );
+ assert( WO_GT==SQLITE_INDEX_CONSTRAINT_GT );
+ assert( WO_GE==SQLITE_INDEX_CONSTRAINT_GE );
+ assert( WO_MATCH==SQLITE_INDEX_CONSTRAINT_MATCH );
+ assert( pTerm->eOperator & (WO_IN|WO_EQ|WO_LT|WO_LE|WO_GT|WO_GE|WO_MATCH) );
+ j++;
+ }
+ for(i=0; i<nOrderBy; i++){
+ Expr *pExpr = pOrderBy->a[i].pExpr;
+ pIdxOrderBy[i].iColumn = pExpr->iColumn;
+ pIdxOrderBy[i].desc = pOrderBy->a[i].sortOrder;
+ }
+
+ return pIdxInfo;
+}
+
+/*
+** The table object reference passed as the second argument to this function
+** must represent a virtual table. This function invokes the xBestIndex()
+** method of the virtual table with the sqlite3_index_info object that
+** comes in as the 3rd argument to this function.
+**
+** If an error occurs, pParse is populated with an error message and a
+** non-zero value is returned. Otherwise, 0 is returned and the output
+** part of the sqlite3_index_info structure is left populated.
+**
+** Whether or not an error is returned, it is the responsibility of the
+** caller to eventually free p->idxStr if p->needToFreeIdxStr indicates
+** that this is required.
+*/
+static int vtabBestIndex(Parse *pParse, Table *pTab, sqlite3_index_info *p){
+ sqlite3_vtab *pVtab = sqlite3GetVTable(pParse->db, pTab)->pVtab;
+ int i;
+ int rc;
+
+ TRACE_IDX_INPUTS(p);
+ rc = pVtab->pModule->xBestIndex(pVtab, p);
+ TRACE_IDX_OUTPUTS(p);
+
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_NOMEM ){
+ pParse->db->mallocFailed = 1;
+ }else if( !pVtab->zErrMsg ){
+ sqlite3ErrorMsg(pParse, "%s", sqlite3ErrStr(rc));
+ }else{
+ sqlite3ErrorMsg(pParse, "%s", pVtab->zErrMsg);
+ }
+ }
+ sqlite3_free(pVtab->zErrMsg);
+ pVtab->zErrMsg = 0;
+
+ for(i=0; i<p->nConstraint; i++){
+ if( !p->aConstraint[i].usable && p->aConstraintUsage[i].argvIndex>0 ){
+ sqlite3ErrorMsg(pParse,
+ "table %s: xBestIndex returned an invalid plan", pTab->zName);
+ }
+ }
+
+ return pParse->nErr;
+}
+#endif /* !defined(SQLITE_OMIT_VIRTUALTABLE) */
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** Estimate the location of a particular key among all keys in an
+** index. Store the results in aStat as follows:
+**
+** aStat[0] Est. number of rows less than pRec
+** aStat[1] Est. number of rows equal to pRec
+**
+** Return the index of the sample that is the smallest sample that
+** is greater than or equal to pRec. Note that this index is not an index
+** into the aSample[] array - it is an index into a virtual set of samples
+** based on the contents of aSample[] and the number of fields in record
+** pRec.
+*/
+static int whereKeyStats(
+ Parse *pParse, /* Database connection */
+ Index *pIdx, /* Index to consider domain of */
+ UnpackedRecord *pRec, /* Vector of values to consider */
+ int roundUp, /* Round up if true. Round down if false */
+ tRowcnt *aStat /* OUT: stats written here */
+){
+ IndexSample *aSample = pIdx->aSample;
+ int iCol; /* Index of required stats in anEq[] etc. */
+ int i; /* Index of first sample >= pRec */
+ int iSample; /* Smallest sample larger than or equal to pRec */
+ int iMin = 0; /* Smallest sample not yet tested */
+ int iTest; /* Next sample to test */
+ int res; /* Result of comparison operation */
+ int nField; /* Number of fields in pRec */
+ tRowcnt iLower = 0; /* anLt[] + anEq[] of largest sample pRec is > */
+
+#ifndef SQLITE_DEBUG
+ UNUSED_PARAMETER( pParse );
+#endif
+ assert( pRec!=0 );
+ assert( pIdx->nSample>0 );
+ assert( pRec->nField>0 && pRec->nField<=pIdx->nSampleCol );
+
+ /* Do a binary search to find the first sample greater than or equal
+ ** to pRec. If pRec contains a single field, the set of samples to search
+ ** is simply the aSample[] array. If the samples in aSample[] contain more
+ ** than one fields, all fields following the first are ignored.
+ **
+ ** If pRec contains N fields, where N is more than one, then as well as the
+ ** samples in aSample[] (truncated to N fields), the search also has to
+ ** consider prefixes of those samples. For example, if the set of samples
+ ** in aSample is:
+ **
+ ** aSample[0] = (a, 5)
+ ** aSample[1] = (a, 10)
+ ** aSample[2] = (b, 5)
+ ** aSample[3] = (c, 100)
+ ** aSample[4] = (c, 105)
+ **
+ ** Then the search space should ideally be the samples above and the
+ ** unique prefixes [a], [b] and [c]. But since that is hard to organize,
+ ** the code actually searches this set:
+ **
+ ** 0: (a)
+ ** 1: (a, 5)
+ ** 2: (a, 10)
+ ** 3: (a, 10)
+ ** 4: (b)
+ ** 5: (b, 5)
+ ** 6: (c)
+ ** 7: (c, 100)
+ ** 8: (c, 105)
+ ** 9: (c, 105)
+ **
+ ** For each sample in the aSample[] array, N samples are present in the
+ ** effective sample array. In the above, samples 0 and 1 are based on
+ ** sample aSample[0]. Samples 2 and 3 on aSample[1] etc.
+ **
+ ** Often, sample i of each block of N effective samples has (i+1) fields.
+ ** Except, each sample may be extended to ensure that it is greater than or
+ ** equal to the previous sample in the array. For example, in the above,
+ ** sample 2 is the first sample of a block of N samples, so at first it
+ ** appears that it should be 1 field in size. However, that would make it
+ ** smaller than sample 1, so the binary search would not work. As a result,
+ ** it is extended to two fields. The duplicates that this creates do not
+ ** cause any problems.
+ */
+ nField = pRec->nField;
+ iCol = 0;
+ iSample = pIdx->nSample * nField;
+ do{
+ int iSamp; /* Index in aSample[] of test sample */
+ int n; /* Number of fields in test sample */
+
+ iTest = (iMin+iSample)/2;
+ iSamp = iTest / nField;
+ if( iSamp>0 ){
+ /* The proposed effective sample is a prefix of sample aSample[iSamp].
+ ** Specifically, the shortest prefix of at least (1 + iTest%nField)
+ ** fields that is greater than the previous effective sample. */
+ for(n=(iTest % nField) + 1; n<nField; n++){
+ if( aSample[iSamp-1].anLt[n-1]!=aSample[iSamp].anLt[n-1] ) break;
+ }
+ }else{
+ n = iTest + 1;
+ }
+
+ pRec->nField = n;
+ res = sqlite3VdbeRecordCompare(aSample[iSamp].n, aSample[iSamp].p, pRec);
+ if( res<0 ){
+ iLower = aSample[iSamp].anLt[n-1] + aSample[iSamp].anEq[n-1];
+ iMin = iTest+1;
+ }else if( res==0 && n<nField ){
+ iLower = aSample[iSamp].anLt[n-1];
+ iMin = iTest+1;
+ res = -1;
+ }else{
+ iSample = iTest;
+ iCol = n-1;
+ }
+ }while( res && iMin<iSample );
+ i = iSample / nField;
+
+#ifdef SQLITE_DEBUG
+ /* The following assert statements check that the binary search code
+ ** above found the right answer. This block serves no purpose other
+ ** than to invoke the asserts. */
+ if( pParse->db->mallocFailed==0 ){
+ if( res==0 ){
+ /* If (res==0) is true, then pRec must be equal to sample i. */
+ assert( i<pIdx->nSample );
+ assert( iCol==nField-1 );
+ pRec->nField = nField;
+ assert( 0==sqlite3VdbeRecordCompare(aSample[i].n, aSample[i].p, pRec)
+ || pParse->db->mallocFailed
+ );
+ }else{
+ /* Unless i==pIdx->nSample, indicating that pRec is larger than
+ ** all samples in the aSample[] array, pRec must be smaller than the
+ ** (iCol+1) field prefix of sample i. */
+ assert( i<=pIdx->nSample && i>=0 );
+ pRec->nField = iCol+1;
+ assert( i==pIdx->nSample
+ || sqlite3VdbeRecordCompare(aSample[i].n, aSample[i].p, pRec)>0
+ || pParse->db->mallocFailed );
+
+ /* if i==0 and iCol==0, then record pRec is smaller than all samples
+ ** in the aSample[] array. Otherwise, if (iCol>0) then pRec must
+ ** be greater than or equal to the (iCol) field prefix of sample i.
+ ** If (i>0), then pRec must also be greater than sample (i-1). */
+ if( iCol>0 ){
+ pRec->nField = iCol;
+ assert( sqlite3VdbeRecordCompare(aSample[i].n, aSample[i].p, pRec)<=0
+ || pParse->db->mallocFailed );
+ }
+ if( i>0 ){
+ pRec->nField = nField;
+ assert( sqlite3VdbeRecordCompare(aSample[i-1].n, aSample[i-1].p, pRec)<0
+ || pParse->db->mallocFailed );
+ }
+ }
+ }
+#endif /* ifdef SQLITE_DEBUG */
+
+ if( res==0 ){
+ /* Record pRec is equal to sample i */
+ assert( iCol==nField-1 );
+ aStat[0] = aSample[i].anLt[iCol];
+ aStat[1] = aSample[i].anEq[iCol];
+ }else{
+ /* At this point, the (iCol+1) field prefix of aSample[i] is the first
+ ** sample that is greater than pRec. Or, if i==pIdx->nSample then pRec
+ ** is larger than all samples in the array. */
+ tRowcnt iUpper, iGap;
+ if( i>=pIdx->nSample ){
+ iUpper = sqlite3LogEstToInt(pIdx->aiRowLogEst[0]);
+ }else{
+ iUpper = aSample[i].anLt[iCol];
+ }
+
+ if( iLower>=iUpper ){
+ iGap = 0;
+ }else{
+ iGap = iUpper - iLower;
+ }
+ if( roundUp ){
+ iGap = (iGap*2)/3;
+ }else{
+ iGap = iGap/3;
+ }
+ aStat[0] = iLower + iGap;
+ aStat[1] = pIdx->aAvgEq[iCol];
+ }
+
+ /* Restore the pRec->nField value before returning. */
+ pRec->nField = nField;
+ return i;
+}
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+/*
+** If it is not NULL, pTerm is a term that provides an upper or lower
+** bound on a range scan. Without considering pTerm, it is estimated
+** that the scan will visit nNew rows. This function returns the number
+** estimated to be visited after taking pTerm into account.
+**
+** If the user explicitly specified a likelihood() value for this term,
+** then the return value is the likelihood multiplied by the number of
+** input rows. Otherwise, this function assumes that an "IS NOT NULL" term
+** has a likelihood of 0.50, and any other term a likelihood of 0.25.
+*/
+static LogEst whereRangeAdjust(WhereTerm *pTerm, LogEst nNew){
+ LogEst nRet = nNew;
+ if( pTerm ){
+ if( pTerm->truthProb<=0 ){
+ nRet += pTerm->truthProb;
+ }else if( (pTerm->wtFlags & TERM_VNULL)==0 ){
+ nRet -= 20; assert( 20==sqlite3LogEst(4) );
+ }
+ }
+ return nRet;
+}
+
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** Return the affinity for a single column of an index.
+*/
+static char sqlite3IndexColumnAffinity(sqlite3 *db, Index *pIdx, int iCol){
+ assert( iCol>=0 && iCol<pIdx->nColumn );
+ if( !pIdx->zColAff ){
+ if( sqlite3IndexAffinityStr(db, pIdx)==0 ) return SQLITE_AFF_BLOB;
+ }
+ return pIdx->zColAff[iCol];
+}
+#endif
+
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** This function is called to estimate the number of rows visited by a
+** range-scan on a skip-scan index. For example:
+**
+** CREATE INDEX i1 ON t1(a, b, c);
+** SELECT * FROM t1 WHERE a=? AND c BETWEEN ? AND ?;
+**
+** Value pLoop->nOut is currently set to the estimated number of rows
+** visited for scanning (a=? AND b=?). This function reduces that estimate
+** by some factor to account for the (c BETWEEN ? AND ?) expression based
+** on the stat4 data for the index. this scan will be peformed multiple
+** times (once for each (a,b) combination that matches a=?) is dealt with
+** by the caller.
+**
+** It does this by scanning through all stat4 samples, comparing values
+** extracted from pLower and pUpper with the corresponding column in each
+** sample. If L and U are the number of samples found to be less than or
+** equal to the values extracted from pLower and pUpper respectively, and
+** N is the total number of samples, the pLoop->nOut value is adjusted
+** as follows:
+**
+** nOut = nOut * ( min(U - L, 1) / N )
+**
+** If pLower is NULL, or a value cannot be extracted from the term, L is
+** set to zero. If pUpper is NULL, or a value cannot be extracted from it,
+** U is set to N.
+**
+** Normally, this function sets *pbDone to 1 before returning. However,
+** if no value can be extracted from either pLower or pUpper (and so the
+** estimate of the number of rows delivered remains unchanged), *pbDone
+** is left as is.
+**
+** If an error occurs, an SQLite error code is returned. Otherwise,
+** SQLITE_OK.
+*/
+static int whereRangeSkipScanEst(
+ Parse *pParse, /* Parsing & code generating context */
+ WhereTerm *pLower, /* Lower bound on the range. ex: "x>123" Might be NULL */
+ WhereTerm *pUpper, /* Upper bound on the range. ex: "x<455" Might be NULL */
+ WhereLoop *pLoop, /* Update the .nOut value of this loop */
+ int *pbDone /* Set to true if at least one expr. value extracted */
+){
+ Index *p = pLoop->u.btree.pIndex;
+ int nEq = pLoop->u.btree.nEq;
+ sqlite3 *db = pParse->db;
+ int nLower = -1;
+ int nUpper = p->nSample+1;
+ int rc = SQLITE_OK;
+ u8 aff = sqlite3IndexColumnAffinity(db, p, nEq);
+ CollSeq *pColl;
+
+ sqlite3_value *p1 = 0; /* Value extracted from pLower */
+ sqlite3_value *p2 = 0; /* Value extracted from pUpper */
+ sqlite3_value *pVal = 0; /* Value extracted from record */
+
+ pColl = sqlite3LocateCollSeq(pParse, p->azColl[nEq]);
+ if( pLower ){
+ rc = sqlite3Stat4ValueFromExpr(pParse, pLower->pExpr->pRight, aff, &p1);
+ nLower = 0;
+ }
+ if( pUpper && rc==SQLITE_OK ){
+ rc = sqlite3Stat4ValueFromExpr(pParse, pUpper->pExpr->pRight, aff, &p2);
+ nUpper = p2 ? 0 : p->nSample;
+ }
+
+ if( p1 || p2 ){
+ int i;
+ int nDiff;
+ for(i=0; rc==SQLITE_OK && i<p->nSample; i++){
+ rc = sqlite3Stat4Column(db, p->aSample[i].p, p->aSample[i].n, nEq, &pVal);
+ if( rc==SQLITE_OK && p1 ){
+ int res = sqlite3MemCompare(p1, pVal, pColl);
+ if( res>=0 ) nLower++;
+ }
+ if( rc==SQLITE_OK && p2 ){
+ int res = sqlite3MemCompare(p2, pVal, pColl);
+ if( res>=0 ) nUpper++;
+ }
+ }
+ nDiff = (nUpper - nLower);
+ if( nDiff<=0 ) nDiff = 1;
+
+ /* If there is both an upper and lower bound specified, and the
+ ** comparisons indicate that they are close together, use the fallback
+ ** method (assume that the scan visits 1/64 of the rows) for estimating
+ ** the number of rows visited. Otherwise, estimate the number of rows
+ ** using the method described in the header comment for this function. */
+ if( nDiff!=1 || pUpper==0 || pLower==0 ){
+ int nAdjust = (sqlite3LogEst(p->nSample) - sqlite3LogEst(nDiff));
+ pLoop->nOut -= nAdjust;
+ *pbDone = 1;
+ WHERETRACE(0x10, ("range skip-scan regions: %u..%u adjust=%d est=%d\n",
+ nLower, nUpper, nAdjust*-1, pLoop->nOut));
+ }
+
+ }else{
+ assert( *pbDone==0 );
+ }
+
+ sqlite3ValueFree(p1);
+ sqlite3ValueFree(p2);
+ sqlite3ValueFree(pVal);
+
+ return rc;
+}
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+/*
+** This function is used to estimate the number of rows that will be visited
+** by scanning an index for a range of values. The range may have an upper
+** bound, a lower bound, or both. The WHERE clause terms that set the upper
+** and lower bounds are represented by pLower and pUpper respectively. For
+** example, assuming that index p is on t1(a):
+**
+** ... FROM t1 WHERE a > ? AND a < ? ...
+** |_____| |_____|
+** | |
+** pLower pUpper
+**
+** If either of the upper or lower bound is not present, then NULL is passed in
+** place of the corresponding WhereTerm.
+**
+** The value in (pBuilder->pNew->u.btree.nEq) is the number of the index
+** column subject to the range constraint. Or, equivalently, the number of
+** equality constraints optimized by the proposed index scan. For example,
+** assuming index p is on t1(a, b), and the SQL query is:
+**
+** ... FROM t1 WHERE a = ? AND b > ? AND b < ? ...
+**
+** then nEq is set to 1 (as the range restricted column, b, is the second
+** left-most column of the index). Or, if the query is:
+**
+** ... FROM t1 WHERE a > ? AND a < ? ...
+**
+** then nEq is set to 0.
+**
+** When this function is called, *pnOut is set to the sqlite3LogEst() of the
+** number of rows that the index scan is expected to visit without
+** considering the range constraints. If nEq is 0, then *pnOut is the number of
+** rows in the index. Assuming no error occurs, *pnOut is adjusted (reduced)
+** to account for the range constraints pLower and pUpper.
+**
+** In the absence of sqlite_stat4 ANALYZE data, or if such data cannot be
+** used, a single range inequality reduces the search space by a factor of 4.
+** and a pair of constraints (x>? AND x<?) reduces the expected number of
+** rows visited by a factor of 64.
+*/
+static int whereRangeScanEst(
+ Parse *pParse, /* Parsing & code generating context */
+ WhereLoopBuilder *pBuilder,
+ WhereTerm *pLower, /* Lower bound on the range. ex: "x>123" Might be NULL */
+ WhereTerm *pUpper, /* Upper bound on the range. ex: "x<455" Might be NULL */
+ WhereLoop *pLoop /* Modify the .nOut and maybe .rRun fields */
+){
+ int rc = SQLITE_OK;
+ int nOut = pLoop->nOut;
+ LogEst nNew;
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ Index *p = pLoop->u.btree.pIndex;
+ int nEq = pLoop->u.btree.nEq;
+
+ if( p->nSample>0 && nEq<p->nSampleCol ){
+ if( nEq==pBuilder->nRecValid ){
+ UnpackedRecord *pRec = pBuilder->pRec;
+ tRowcnt a[2];
+ u8 aff;
+
+ /* Variable iLower will be set to the estimate of the number of rows in
+ ** the index that are less than the lower bound of the range query. The
+ ** lower bound being the concatenation of $P and $L, where $P is the
+ ** key-prefix formed by the nEq values matched against the nEq left-most
+ ** columns of the index, and $L is the value in pLower.
+ **
+ ** Or, if pLower is NULL or $L cannot be extracted from it (because it
+ ** is not a simple variable or literal value), the lower bound of the
+ ** range is $P. Due to a quirk in the way whereKeyStats() works, even
+ ** if $L is available, whereKeyStats() is called for both ($P) and
+ ** ($P:$L) and the larger of the two returned values is used.
+ **
+ ** Similarly, iUpper is to be set to the estimate of the number of rows
+ ** less than the upper bound of the range query. Where the upper bound
+ ** is either ($P) or ($P:$U). Again, even if $U is available, both values
+ ** of iUpper are requested of whereKeyStats() and the smaller used.
+ **
+ ** The number of rows between the two bounds is then just iUpper-iLower.
+ */
+ tRowcnt iLower; /* Rows less than the lower bound */
+ tRowcnt iUpper; /* Rows less than the upper bound */
+ int iLwrIdx = -2; /* aSample[] for the lower bound */
+ int iUprIdx = -1; /* aSample[] for the upper bound */
+
+ if( pRec ){
+ testcase( pRec->nField!=pBuilder->nRecValid );
+ pRec->nField = pBuilder->nRecValid;
+ }
+ aff = sqlite3IndexColumnAffinity(pParse->db, p, nEq);
+ assert( nEq!=p->nKeyCol || aff==SQLITE_AFF_INTEGER );
+ /* Determine iLower and iUpper using ($P) only. */
+ if( nEq==0 ){
+ iLower = 0;
+ iUpper = p->nRowEst0;
+ }else{
+ /* Note: this call could be optimized away - since the same values must
+ ** have been requested when testing key $P in whereEqualScanEst(). */
+ whereKeyStats(pParse, p, pRec, 0, a);
+ iLower = a[0];
+ iUpper = a[0] + a[1];
+ }
+
+ assert( pLower==0 || (pLower->eOperator & (WO_GT|WO_GE))!=0 );
+ assert( pUpper==0 || (pUpper->eOperator & (WO_LT|WO_LE))!=0 );
+ assert( p->aSortOrder!=0 );
+ if( p->aSortOrder[nEq] ){
+ /* The roles of pLower and pUpper are swapped for a DESC index */
+ SWAP(WhereTerm*, pLower, pUpper);
+ }
+
+ /* If possible, improve on the iLower estimate using ($P:$L). */
+ if( pLower ){
+ int bOk; /* True if value is extracted from pExpr */
+ Expr *pExpr = pLower->pExpr->pRight;
+ rc = sqlite3Stat4ProbeSetValue(pParse, p, &pRec, pExpr, aff, nEq, &bOk);
+ if( rc==SQLITE_OK && bOk ){
+ tRowcnt iNew;
+ iLwrIdx = whereKeyStats(pParse, p, pRec, 0, a);
+ iNew = a[0] + ((pLower->eOperator & (WO_GT|WO_LE)) ? a[1] : 0);
+ if( iNew>iLower ) iLower = iNew;
+ nOut--;
+ pLower = 0;
+ }
+ }
+
+ /* If possible, improve on the iUpper estimate using ($P:$U). */
+ if( pUpper ){
+ int bOk; /* True if value is extracted from pExpr */
+ Expr *pExpr = pUpper->pExpr->pRight;
+ rc = sqlite3Stat4ProbeSetValue(pParse, p, &pRec, pExpr, aff, nEq, &bOk);
+ if( rc==SQLITE_OK && bOk ){
+ tRowcnt iNew;
+ iUprIdx = whereKeyStats(pParse, p, pRec, 1, a);
+ iNew = a[0] + ((pUpper->eOperator & (WO_GT|WO_LE)) ? a[1] : 0);
+ if( iNew<iUpper ) iUpper = iNew;
+ nOut--;
+ pUpper = 0;
+ }
+ }
+
+ pBuilder->pRec = pRec;
+ if( rc==SQLITE_OK ){
+ if( iUpper>iLower ){
+ nNew = sqlite3LogEst(iUpper - iLower);
+ /* TUNING: If both iUpper and iLower are derived from the same
+ ** sample, then assume they are 4x more selective. This brings
+ ** the estimated selectivity more in line with what it would be
+ ** if estimated without the use of STAT3/4 tables. */
+ if( iLwrIdx==iUprIdx ) nNew -= 20; assert( 20==sqlite3LogEst(4) );
+ }else{
+ nNew = 10; assert( 10==sqlite3LogEst(2) );
+ }
+ if( nNew<nOut ){
+ nOut = nNew;
+ }
+ WHERETRACE(0x10, ("STAT4 range scan: %u..%u est=%d\n",
+ (u32)iLower, (u32)iUpper, nOut));
+ }
+ }else{
+ int bDone = 0;
+ rc = whereRangeSkipScanEst(pParse, pLower, pUpper, pLoop, &bDone);
+ if( bDone ) return rc;
+ }
+ }
+#else
+ UNUSED_PARAMETER(pParse);
+ UNUSED_PARAMETER(pBuilder);
+ assert( pLower || pUpper );
+#endif
+ assert( pUpper==0 || (pUpper->wtFlags & TERM_VNULL)==0 );
+ nNew = whereRangeAdjust(pLower, nOut);
+ nNew = whereRangeAdjust(pUpper, nNew);
+
+ /* TUNING: If there is both an upper and lower limit and neither limit
+ ** has an application-defined likelihood(), assume the range is
+ ** reduced by an additional 75%. This means that, by default, an open-ended
+ ** range query (e.g. col > ?) is assumed to match 1/4 of the rows in the
+ ** index. While a closed range (e.g. col BETWEEN ? AND ?) is estimated to
+ ** match 1/64 of the index. */
+ if( pLower && pLower->truthProb>0 && pUpper && pUpper->truthProb>0 ){
+ nNew -= 20;
+ }
+
+ nOut -= (pLower!=0) + (pUpper!=0);
+ if( nNew<10 ) nNew = 10;
+ if( nNew<nOut ) nOut = nNew;
+#if defined(WHERETRACE_ENABLED)
+ if( pLoop->nOut>nOut ){
+ WHERETRACE(0x10,("Range scan lowers nOut from %d to %d\n",
+ pLoop->nOut, nOut));
+ }
+#endif
+ pLoop->nOut = (LogEst)nOut;
+ return rc;
+}
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** Estimate the number of rows that will be returned based on
+** an equality constraint x=VALUE and where that VALUE occurs in
+** the histogram data. This only works when x is the left-most
+** column of an index and sqlite_stat3 histogram data is available
+** for that index. When pExpr==NULL that means the constraint is
+** "x IS NULL" instead of "x=VALUE".
+**
+** Write the estimated row count into *pnRow and return SQLITE_OK.
+** If unable to make an estimate, leave *pnRow unchanged and return
+** non-zero.
+**
+** This routine can fail if it is unable to load a collating sequence
+** required for string comparison, or if unable to allocate memory
+** for a UTF conversion required for comparison. The error is stored
+** in the pParse structure.
+*/
+static int whereEqualScanEst(
+ Parse *pParse, /* Parsing & code generating context */
+ WhereLoopBuilder *pBuilder,
+ Expr *pExpr, /* Expression for VALUE in the x=VALUE constraint */
+ tRowcnt *pnRow /* Write the revised row estimate here */
+){
+ Index *p = pBuilder->pNew->u.btree.pIndex;
+ int nEq = pBuilder->pNew->u.btree.nEq;
+ UnpackedRecord *pRec = pBuilder->pRec;
+ u8 aff; /* Column affinity */
+ int rc; /* Subfunction return code */
+ tRowcnt a[2]; /* Statistics */
+ int bOk;
+
+ assert( nEq>=1 );
+ assert( nEq<=p->nColumn );
+ assert( p->aSample!=0 );
+ assert( p->nSample>0 );
+ assert( pBuilder->nRecValid<nEq );
+
+ /* If values are not available for all fields of the index to the left
+ ** of this one, no estimate can be made. Return SQLITE_NOTFOUND. */
+ if( pBuilder->nRecValid<(nEq-1) ){
+ return SQLITE_NOTFOUND;
+ }
+
+ /* This is an optimization only. The call to sqlite3Stat4ProbeSetValue()
+ ** below would return the same value. */
+ if( nEq>=p->nColumn ){
+ *pnRow = 1;
+ return SQLITE_OK;
+ }
+
+ aff = sqlite3IndexColumnAffinity(pParse->db, p, nEq-1);
+ rc = sqlite3Stat4ProbeSetValue(pParse, p, &pRec, pExpr, aff, nEq-1, &bOk);
+ pBuilder->pRec = pRec;
+ if( rc!=SQLITE_OK ) return rc;
+ if( bOk==0 ) return SQLITE_NOTFOUND;
+ pBuilder->nRecValid = nEq;
+
+ whereKeyStats(pParse, p, pRec, 0, a);
+ WHERETRACE(0x10,("equality scan regions: %d\n", (int)a[1]));
+ *pnRow = a[1];
+
+ return rc;
+}
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+/*
+** Estimate the number of rows that will be returned based on
+** an IN constraint where the right-hand side of the IN operator
+** is a list of values. Example:
+**
+** WHERE x IN (1,2,3,4)
+**
+** Write the estimated row count into *pnRow and return SQLITE_OK.
+** If unable to make an estimate, leave *pnRow unchanged and return
+** non-zero.
+**
+** This routine can fail if it is unable to load a collating sequence
+** required for string comparison, or if unable to allocate memory
+** for a UTF conversion required for comparison. The error is stored
+** in the pParse structure.
+*/
+static int whereInScanEst(
+ Parse *pParse, /* Parsing & code generating context */
+ WhereLoopBuilder *pBuilder,
+ ExprList *pList, /* The value list on the RHS of "x IN (v1,v2,v3,...)" */
+ tRowcnt *pnRow /* Write the revised row estimate here */
+){
+ Index *p = pBuilder->pNew->u.btree.pIndex;
+ i64 nRow0 = sqlite3LogEstToInt(p->aiRowLogEst[0]);
+ int nRecValid = pBuilder->nRecValid;
+ int rc = SQLITE_OK; /* Subfunction return code */
+ tRowcnt nEst; /* Number of rows for a single term */
+ tRowcnt nRowEst = 0; /* New estimate of the number of rows */
+ int i; /* Loop counter */
+
+ assert( p->aSample!=0 );
+ for(i=0; rc==SQLITE_OK && i<pList->nExpr; i++){
+ nEst = nRow0;
+ rc = whereEqualScanEst(pParse, pBuilder, pList->a[i].pExpr, &nEst);
+ nRowEst += nEst;
+ pBuilder->nRecValid = nRecValid;
+ }
+
+ if( rc==SQLITE_OK ){
+ if( nRowEst > nRow0 ) nRowEst = nRow0;
+ *pnRow = nRowEst;
+ WHERETRACE(0x10,("IN row estimate: est=%d\n", nRowEst));
+ }
+ assert( pBuilder->nRecValid==nRecValid );
+ return rc;
+}
+#endif /* SQLITE_ENABLE_STAT3_OR_STAT4 */
+
+
+#ifdef WHERETRACE_ENABLED
+/*
+** Print the content of a WhereTerm object
+*/
+static void whereTermPrint(WhereTerm *pTerm, int iTerm){
+ if( pTerm==0 ){
+ sqlite3DebugPrintf("TERM-%-3d NULL\n", iTerm);
+ }else{
+ char zType[4];
+ memcpy(zType, "...", 4);
+ if( pTerm->wtFlags & TERM_VIRTUAL ) zType[0] = 'V';
+ if( pTerm->eOperator & WO_EQUIV ) zType[1] = 'E';
+ if( ExprHasProperty(pTerm->pExpr, EP_FromJoin) ) zType[2] = 'L';
+ sqlite3DebugPrintf(
+ "TERM-%-3d %p %s cursor=%-3d prob=%-3d op=0x%03x wtFlags=0x%04x\n",
+ iTerm, pTerm, zType, pTerm->leftCursor, pTerm->truthProb,
+ pTerm->eOperator, pTerm->wtFlags);
+ sqlite3TreeViewExpr(0, pTerm->pExpr, 0);
+ }
+}
+#endif
+
+#ifdef WHERETRACE_ENABLED
+/*
+** Print a WhereLoop object for debugging purposes
+*/
+static void whereLoopPrint(WhereLoop *p, WhereClause *pWC){
+ WhereInfo *pWInfo = pWC->pWInfo;
+ int nb = 1+(pWInfo->pTabList->nSrc+7)/8;
+ struct SrcList_item *pItem = pWInfo->pTabList->a + p->iTab;
+ Table *pTab = pItem->pTab;
+ sqlite3DebugPrintf("%c%2d.%0*llx.%0*llx", p->cId,
+ p->iTab, nb, p->maskSelf, nb, p->prereq);
+ sqlite3DebugPrintf(" %12s",
+ pItem->zAlias ? pItem->zAlias : pTab->zName);
+ if( (p->wsFlags & WHERE_VIRTUALTABLE)==0 ){
+ const char *zName;
+ if( p->u.btree.pIndex && (zName = p->u.btree.pIndex->zName)!=0 ){
+ if( strncmp(zName, "sqlite_autoindex_", 17)==0 ){
+ int i = sqlite3Strlen30(zName) - 1;
+ while( zName[i]!='_' ) i--;
+ zName += i;
+ }
+ sqlite3DebugPrintf(".%-16s %2d", zName, p->u.btree.nEq);
+ }else{
+ sqlite3DebugPrintf("%20s","");
+ }
+ }else{
+ char *z;
+ if( p->u.vtab.idxStr ){
+ z = sqlite3_mprintf("(%d,\"%s\",%x)",
+ p->u.vtab.idxNum, p->u.vtab.idxStr, p->u.vtab.omitMask);
+ }else{
+ z = sqlite3_mprintf("(%d,%x)", p->u.vtab.idxNum, p->u.vtab.omitMask);
+ }
+ sqlite3DebugPrintf(" %-19s", z);
+ sqlite3_free(z);
+ }
+ if( p->wsFlags & WHERE_SKIPSCAN ){
+ sqlite3DebugPrintf(" f %05x %d-%d", p->wsFlags, p->nLTerm,p->nSkip);
+ }else{
+ sqlite3DebugPrintf(" f %05x N %d", p->wsFlags, p->nLTerm);
+ }
+ sqlite3DebugPrintf(" cost %d,%d,%d\n", p->rSetup, p->rRun, p->nOut);
+ if( p->nLTerm && (sqlite3WhereTrace & 0x100)!=0 ){
+ int i;
+ for(i=0; i<p->nLTerm; i++){
+ whereTermPrint(p->aLTerm[i], i);
+ }
+ }
+}
+#endif
+
+/*
+** Convert bulk memory into a valid WhereLoop that can be passed
+** to whereLoopClear harmlessly.
+*/
+static void whereLoopInit(WhereLoop *p){
+ p->aLTerm = p->aLTermSpace;
+ p->nLTerm = 0;
+ p->nLSlot = ArraySize(p->aLTermSpace);
+ p->wsFlags = 0;
+}
+
+/*
+** Clear the WhereLoop.u union. Leave WhereLoop.pLTerm intact.
+*/
+static void whereLoopClearUnion(sqlite3 *db, WhereLoop *p){
+ if( p->wsFlags & (WHERE_VIRTUALTABLE|WHERE_AUTO_INDEX) ){
+ if( (p->wsFlags & WHERE_VIRTUALTABLE)!=0 && p->u.vtab.needFree ){
+ sqlite3_free(p->u.vtab.idxStr);
+ p->u.vtab.needFree = 0;
+ p->u.vtab.idxStr = 0;
+ }else if( (p->wsFlags & WHERE_AUTO_INDEX)!=0 && p->u.btree.pIndex!=0 ){
+ sqlite3DbFree(db, p->u.btree.pIndex->zColAff);
+ sqlite3DbFree(db, p->u.btree.pIndex);
+ p->u.btree.pIndex = 0;
+ }
+ }
+}
+
+/*
+** Deallocate internal memory used by a WhereLoop object
+*/
+static void whereLoopClear(sqlite3 *db, WhereLoop *p){
+ if( p->aLTerm!=p->aLTermSpace ) sqlite3DbFree(db, p->aLTerm);
+ whereLoopClearUnion(db, p);
+ whereLoopInit(p);
+}
+
+/*
+** Increase the memory allocation for pLoop->aLTerm[] to be at least n.
+*/
+static int whereLoopResize(sqlite3 *db, WhereLoop *p, int n){
+ WhereTerm **paNew;
+ if( p->nLSlot>=n ) return SQLITE_OK;
+ n = (n+7)&~7;
+ paNew = sqlite3DbMallocRaw(db, sizeof(p->aLTerm[0])*n);
+ if( paNew==0 ) return SQLITE_NOMEM;
+ memcpy(paNew, p->aLTerm, sizeof(p->aLTerm[0])*p->nLSlot);
+ if( p->aLTerm!=p->aLTermSpace ) sqlite3DbFree(db, p->aLTerm);
+ p->aLTerm = paNew;
+ p->nLSlot = n;
+ return SQLITE_OK;
+}
+
+/*
+** Transfer content from the second pLoop into the first.
+*/
+static int whereLoopXfer(sqlite3 *db, WhereLoop *pTo, WhereLoop *pFrom){
+ whereLoopClearUnion(db, pTo);
+ if( whereLoopResize(db, pTo, pFrom->nLTerm) ){
+ memset(&pTo->u, 0, sizeof(pTo->u));
+ return SQLITE_NOMEM;
+ }
+ memcpy(pTo, pFrom, WHERE_LOOP_XFER_SZ);
+ memcpy(pTo->aLTerm, pFrom->aLTerm, pTo->nLTerm*sizeof(pTo->aLTerm[0]));
+ if( pFrom->wsFlags & WHERE_VIRTUALTABLE ){
+ pFrom->u.vtab.needFree = 0;
+ }else if( (pFrom->wsFlags & WHERE_AUTO_INDEX)!=0 ){
+ pFrom->u.btree.pIndex = 0;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Delete a WhereLoop object
+*/
+static void whereLoopDelete(sqlite3 *db, WhereLoop *p){
+ whereLoopClear(db, p);
+ sqlite3DbFree(db, p);
+}
+
+/*
+** Free a WhereInfo structure
+*/
+static void whereInfoFree(sqlite3 *db, WhereInfo *pWInfo){
+ if( ALWAYS(pWInfo) ){
+ int i;
+ for(i=0; i<pWInfo->nLevel; i++){
+ WhereLevel *pLevel = &pWInfo->a[i];
+ if( pLevel->pWLoop && (pLevel->pWLoop->wsFlags & WHERE_IN_ABLE) ){
+ sqlite3DbFree(db, pLevel->u.in.aInLoop);
+ }
+ }
+ sqlite3WhereClauseClear(&pWInfo->sWC);
+ while( pWInfo->pLoops ){
+ WhereLoop *p = pWInfo->pLoops;
+ pWInfo->pLoops = p->pNextLoop;
+ whereLoopDelete(db, p);
+ }
+ sqlite3DbFree(db, pWInfo);
+ }
+}
+
+/*
+** Return TRUE if all of the following are true:
+**
+** (1) X has the same or lower cost that Y
+** (2) X is a proper subset of Y
+** (3) X skips at least as many columns as Y
+**
+** By "proper subset" we mean that X uses fewer WHERE clause terms
+** than Y and that every WHERE clause term used by X is also used
+** by Y.
+**
+** If X is a proper subset of Y then Y is a better choice and ought
+** to have a lower cost. This routine returns TRUE when that cost
+** relationship is inverted and needs to be adjusted. The third rule
+** was added because if X uses skip-scan less than Y it still might
+** deserve a lower cost even if it is a proper subset of Y.
+*/
+static int whereLoopCheaperProperSubset(
+ const WhereLoop *pX, /* First WhereLoop to compare */
+ const WhereLoop *pY /* Compare against this WhereLoop */
+){
+ int i, j;
+ if( pX->nLTerm-pX->nSkip >= pY->nLTerm-pY->nSkip ){
+ return 0; /* X is not a subset of Y */
+ }
+ if( pY->nSkip > pX->nSkip ) return 0;
+ if( pX->rRun >= pY->rRun ){
+ if( pX->rRun > pY->rRun ) return 0; /* X costs more than Y */
+ if( pX->nOut > pY->nOut ) return 0; /* X costs more than Y */
+ }
+ for(i=pX->nLTerm-1; i>=0; i--){
+ if( pX->aLTerm[i]==0 ) continue;
+ for(j=pY->nLTerm-1; j>=0; j--){
+ if( pY->aLTerm[j]==pX->aLTerm[i] ) break;
+ }
+ if( j<0 ) return 0; /* X not a subset of Y since term X[i] not used by Y */
+ }
+ return 1; /* All conditions meet */
+}
+
+/*
+** Try to adjust the cost of WhereLoop pTemplate upwards or downwards so
+** that:
+**
+** (1) pTemplate costs less than any other WhereLoops that are a proper
+** subset of pTemplate
+**
+** (2) pTemplate costs more than any other WhereLoops for which pTemplate
+** is a proper subset.
+**
+** To say "WhereLoop X is a proper subset of Y" means that X uses fewer
+** WHERE clause terms than Y and that every WHERE clause term used by X is
+** also used by Y.
+*/
+static void whereLoopAdjustCost(const WhereLoop *p, WhereLoop *pTemplate){
+ if( (pTemplate->wsFlags & WHERE_INDEXED)==0 ) return;
+ for(; p; p=p->pNextLoop){
+ if( p->iTab!=pTemplate->iTab ) continue;
+ if( (p->wsFlags & WHERE_INDEXED)==0 ) continue;
+ if( whereLoopCheaperProperSubset(p, pTemplate) ){
+ /* Adjust pTemplate cost downward so that it is cheaper than its
+ ** subset p. */
+ WHERETRACE(0x80,("subset cost adjustment %d,%d to %d,%d\n",
+ pTemplate->rRun, pTemplate->nOut, p->rRun, p->nOut-1));
+ pTemplate->rRun = p->rRun;
+ pTemplate->nOut = p->nOut - 1;
+ }else if( whereLoopCheaperProperSubset(pTemplate, p) ){
+ /* Adjust pTemplate cost upward so that it is costlier than p since
+ ** pTemplate is a proper subset of p */
+ WHERETRACE(0x80,("subset cost adjustment %d,%d to %d,%d\n",
+ pTemplate->rRun, pTemplate->nOut, p->rRun, p->nOut+1));
+ pTemplate->rRun = p->rRun;
+ pTemplate->nOut = p->nOut + 1;
+ }
+ }
+}
+
+/*
+** Search the list of WhereLoops in *ppPrev looking for one that can be
+** supplanted by pTemplate.
+**
+** Return NULL if the WhereLoop list contains an entry that can supplant
+** pTemplate, in other words if pTemplate does not belong on the list.
+**
+** If pX is a WhereLoop that pTemplate can supplant, then return the
+** link that points to pX.
+**
+** If pTemplate cannot supplant any existing element of the list but needs
+** to be added to the list, then return a pointer to the tail of the list.
+*/
+static WhereLoop **whereLoopFindLesser(
+ WhereLoop **ppPrev,
+ const WhereLoop *pTemplate
+){
+ WhereLoop *p;
+ for(p=(*ppPrev); p; ppPrev=&p->pNextLoop, p=*ppPrev){
+ if( p->iTab!=pTemplate->iTab || p->iSortIdx!=pTemplate->iSortIdx ){
+ /* If either the iTab or iSortIdx values for two WhereLoop are different
+ ** then those WhereLoops need to be considered separately. Neither is
+ ** a candidate to replace the other. */
+ continue;
+ }
+ /* In the current implementation, the rSetup value is either zero
+ ** or the cost of building an automatic index (NlogN) and the NlogN
+ ** is the same for compatible WhereLoops. */
+ assert( p->rSetup==0 || pTemplate->rSetup==0
+ || p->rSetup==pTemplate->rSetup );
+
+ /* whereLoopAddBtree() always generates and inserts the automatic index
+ ** case first. Hence compatible candidate WhereLoops never have a larger
+ ** rSetup. Call this SETUP-INVARIANT */
+ assert( p->rSetup>=pTemplate->rSetup );
+
+ /* Any loop using an appliation-defined index (or PRIMARY KEY or
+ ** UNIQUE constraint) with one or more == constraints is better
+ ** than an automatic index. Unless it is a skip-scan. */
+ if( (p->wsFlags & WHERE_AUTO_INDEX)!=0
+ && (pTemplate->nSkip)==0
+ && (pTemplate->wsFlags & WHERE_INDEXED)!=0
+ && (pTemplate->wsFlags & WHERE_COLUMN_EQ)!=0
+ && (p->prereq & pTemplate->prereq)==pTemplate->prereq
+ ){
+ break;
+ }
+
+ /* If existing WhereLoop p is better than pTemplate, pTemplate can be
+ ** discarded. WhereLoop p is better if:
+ ** (1) p has no more dependencies than pTemplate, and
+ ** (2) p has an equal or lower cost than pTemplate
+ */
+ if( (p->prereq & pTemplate->prereq)==p->prereq /* (1) */
+ && p->rSetup<=pTemplate->rSetup /* (2a) */
+ && p->rRun<=pTemplate->rRun /* (2b) */
+ && p->nOut<=pTemplate->nOut /* (2c) */
+ ){
+ return 0; /* Discard pTemplate */
+ }
+
+ /* If pTemplate is always better than p, then cause p to be overwritten
+ ** with pTemplate. pTemplate is better than p if:
+ ** (1) pTemplate has no more dependences than p, and
+ ** (2) pTemplate has an equal or lower cost than p.
+ */
+ if( (p->prereq & pTemplate->prereq)==pTemplate->prereq /* (1) */
+ && p->rRun>=pTemplate->rRun /* (2a) */
+ && p->nOut>=pTemplate->nOut /* (2b) */
+ ){
+ assert( p->rSetup>=pTemplate->rSetup ); /* SETUP-INVARIANT above */
+ break; /* Cause p to be overwritten by pTemplate */
+ }
+ }
+ return ppPrev;
+}
+
+/*
+** Insert or replace a WhereLoop entry using the template supplied.
+**
+** An existing WhereLoop entry might be overwritten if the new template
+** is better and has fewer dependencies. Or the template will be ignored
+** and no insert will occur if an existing WhereLoop is faster and has
+** fewer dependencies than the template. Otherwise a new WhereLoop is
+** added based on the template.
+**
+** If pBuilder->pOrSet is not NULL then we care about only the
+** prerequisites and rRun and nOut costs of the N best loops. That
+** information is gathered in the pBuilder->pOrSet object. This special
+** processing mode is used only for OR clause processing.
+**
+** When accumulating multiple loops (when pBuilder->pOrSet is NULL) we
+** still might overwrite similar loops with the new template if the
+** new template is better. Loops may be overwritten if the following
+** conditions are met:
+**
+** (1) They have the same iTab.
+** (2) They have the same iSortIdx.
+** (3) The template has same or fewer dependencies than the current loop
+** (4) The template has the same or lower cost than the current loop
+*/
+static int whereLoopInsert(WhereLoopBuilder *pBuilder, WhereLoop *pTemplate){
+ WhereLoop **ppPrev, *p;
+ WhereInfo *pWInfo = pBuilder->pWInfo;
+ sqlite3 *db = pWInfo->pParse->db;
+
+ /* If pBuilder->pOrSet is defined, then only keep track of the costs
+ ** and prereqs.
+ */
+ if( pBuilder->pOrSet!=0 ){
+ if( pTemplate->nLTerm ){
+#if WHERETRACE_ENABLED
+ u16 n = pBuilder->pOrSet->n;
+ int x =
+#endif
+ whereOrInsert(pBuilder->pOrSet, pTemplate->prereq, pTemplate->rRun,
+ pTemplate->nOut);
+#if WHERETRACE_ENABLED /* 0x8 */
+ if( sqlite3WhereTrace & 0x8 ){
+ sqlite3DebugPrintf(x?" or-%d: ":" or-X: ", n);
+ whereLoopPrint(pTemplate, pBuilder->pWC);
+ }
+#endif
+ }
+ return SQLITE_OK;
+ }
+
+ /* Look for an existing WhereLoop to replace with pTemplate
+ */
+ whereLoopAdjustCost(pWInfo->pLoops, pTemplate);
+ ppPrev = whereLoopFindLesser(&pWInfo->pLoops, pTemplate);
+
+ if( ppPrev==0 ){
+ /* There already exists a WhereLoop on the list that is better
+ ** than pTemplate, so just ignore pTemplate */
+#if WHERETRACE_ENABLED /* 0x8 */
+ if( sqlite3WhereTrace & 0x8 ){
+ sqlite3DebugPrintf(" skip: ");
+ whereLoopPrint(pTemplate, pBuilder->pWC);
+ }
+#endif
+ return SQLITE_OK;
+ }else{
+ p = *ppPrev;
+ }
+
+ /* If we reach this point it means that either p[] should be overwritten
+ ** with pTemplate[] if p[] exists, or if p==NULL then allocate a new
+ ** WhereLoop and insert it.
+ */
+#if WHERETRACE_ENABLED /* 0x8 */
+ if( sqlite3WhereTrace & 0x8 ){
+ if( p!=0 ){
+ sqlite3DebugPrintf("replace: ");
+ whereLoopPrint(p, pBuilder->pWC);
+ }
+ sqlite3DebugPrintf(" add: ");
+ whereLoopPrint(pTemplate, pBuilder->pWC);
+ }
+#endif
+ if( p==0 ){
+ /* Allocate a new WhereLoop to add to the end of the list */
+ *ppPrev = p = sqlite3DbMallocRaw(db, sizeof(WhereLoop));
+ if( p==0 ) return SQLITE_NOMEM;
+ whereLoopInit(p);
+ p->pNextLoop = 0;
+ }else{
+ /* We will be overwriting WhereLoop p[]. But before we do, first
+ ** go through the rest of the list and delete any other entries besides
+ ** p[] that are also supplated by pTemplate */
+ WhereLoop **ppTail = &p->pNextLoop;
+ WhereLoop *pToDel;
+ while( *ppTail ){
+ ppTail = whereLoopFindLesser(ppTail, pTemplate);
+ if( ppTail==0 ) break;
+ pToDel = *ppTail;
+ if( pToDel==0 ) break;
+ *ppTail = pToDel->pNextLoop;
+#if WHERETRACE_ENABLED /* 0x8 */
+ if( sqlite3WhereTrace & 0x8 ){
+ sqlite3DebugPrintf(" delete: ");
+ whereLoopPrint(pToDel, pBuilder->pWC);
+ }
+#endif
+ whereLoopDelete(db, pToDel);
+ }
+ }
+ whereLoopXfer(db, p, pTemplate);
+ if( (p->wsFlags & WHERE_VIRTUALTABLE)==0 ){
+ Index *pIndex = p->u.btree.pIndex;
+ if( pIndex && pIndex->tnum==0 ){
+ p->u.btree.pIndex = 0;
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Adjust the WhereLoop.nOut value downward to account for terms of the
+** WHERE clause that reference the loop but which are not used by an
+** index.
+*
+** For every WHERE clause term that is not used by the index
+** and which has a truth probability assigned by one of the likelihood(),
+** likely(), or unlikely() SQL functions, reduce the estimated number
+** of output rows by the probability specified.
+**
+** TUNING: For every WHERE clause term that is not used by the index
+** and which does not have an assigned truth probability, heuristics
+** described below are used to try to estimate the truth probability.
+** TODO --> Perhaps this is something that could be improved by better
+** table statistics.
+**
+** Heuristic 1: Estimate the truth probability as 93.75%. The 93.75%
+** value corresponds to -1 in LogEst notation, so this means decrement
+** the WhereLoop.nOut field for every such WHERE clause term.
+**
+** Heuristic 2: If there exists one or more WHERE clause terms of the
+** form "x==EXPR" and EXPR is not a constant 0 or 1, then make sure the
+** final output row estimate is no greater than 1/4 of the total number
+** of rows in the table. In other words, assume that x==EXPR will filter
+** out at least 3 out of 4 rows. If EXPR is -1 or 0 or 1, then maybe the
+** "x" column is boolean or else -1 or 0 or 1 is a common default value
+** on the "x" column and so in that case only cap the output row estimate
+** at 1/2 instead of 1/4.
+*/
+static void whereLoopOutputAdjust(
+ WhereClause *pWC, /* The WHERE clause */
+ WhereLoop *pLoop, /* The loop to adjust downward */
+ LogEst nRow /* Number of rows in the entire table */
+){
+ WhereTerm *pTerm, *pX;
+ Bitmask notAllowed = ~(pLoop->prereq|pLoop->maskSelf);
+ int i, j, k;
+ LogEst iReduce = 0; /* pLoop->nOut should not exceed nRow-iReduce */
+
+ assert( (pLoop->wsFlags & WHERE_AUTO_INDEX)==0 );
+ for(i=pWC->nTerm, pTerm=pWC->a; i>0; i--, pTerm++){
+ if( (pTerm->wtFlags & TERM_VIRTUAL)!=0 ) break;
+ if( (pTerm->prereqAll & pLoop->maskSelf)==0 ) continue;
+ if( (pTerm->prereqAll & notAllowed)!=0 ) continue;
+ for(j=pLoop->nLTerm-1; j>=0; j--){
+ pX = pLoop->aLTerm[j];
+ if( pX==0 ) continue;
+ if( pX==pTerm ) break;
+ if( pX->iParent>=0 && (&pWC->a[pX->iParent])==pTerm ) break;
+ }
+ if( j<0 ){
+ if( pTerm->truthProb<=0 ){
+ /* If a truth probability is specified using the likelihood() hints,
+ ** then use the probability provided by the application. */
+ pLoop->nOut += pTerm->truthProb;
+ }else{
+ /* In the absence of explicit truth probabilities, use heuristics to
+ ** guess a reasonable truth probability. */
+ pLoop->nOut--;
+ if( pTerm->eOperator&(WO_EQ|WO_IS) ){
+ Expr *pRight = pTerm->pExpr->pRight;
+ testcase( pTerm->pExpr->op==TK_IS );
+ if( sqlite3ExprIsInteger(pRight, &k) && k>=(-1) && k<=1 ){
+ k = 10;
+ }else{
+ k = 20;
+ }
+ if( iReduce<k ) iReduce = k;
+ }
+ }
+ }
+ }
+ if( pLoop->nOut > nRow-iReduce ) pLoop->nOut = nRow - iReduce;
+}
+
+/*
+** Adjust the cost C by the costMult facter T. This only occurs if
+** compiled with -DSQLITE_ENABLE_COSTMULT
+*/
+#ifdef SQLITE_ENABLE_COSTMULT
+# define ApplyCostMultiplier(C,T) C += T
+#else
+# define ApplyCostMultiplier(C,T)
+#endif
+
+/*
+** We have so far matched pBuilder->pNew->u.btree.nEq terms of the
+** index pIndex. Try to match one more.
+**
+** When this function is called, pBuilder->pNew->nOut contains the
+** number of rows expected to be visited by filtering using the nEq
+** terms only. If it is modified, this value is restored before this
+** function returns.
+**
+** If pProbe->tnum==0, that means pIndex is a fake index used for the
+** INTEGER PRIMARY KEY.
+*/
+static int whereLoopAddBtreeIndex(
+ WhereLoopBuilder *pBuilder, /* The WhereLoop factory */
+ struct SrcList_item *pSrc, /* FROM clause term being analyzed */
+ Index *pProbe, /* An index on pSrc */
+ LogEst nInMul /* log(Number of iterations due to IN) */
+){
+ WhereInfo *pWInfo = pBuilder->pWInfo; /* WHERE analyse context */
+ Parse *pParse = pWInfo->pParse; /* Parsing context */
+ sqlite3 *db = pParse->db; /* Database connection malloc context */
+ WhereLoop *pNew; /* Template WhereLoop under construction */
+ WhereTerm *pTerm; /* A WhereTerm under consideration */
+ int opMask; /* Valid operators for constraints */
+ WhereScan scan; /* Iterator for WHERE terms */
+ Bitmask saved_prereq; /* Original value of pNew->prereq */
+ u16 saved_nLTerm; /* Original value of pNew->nLTerm */
+ u16 saved_nEq; /* Original value of pNew->u.btree.nEq */
+ u16 saved_nSkip; /* Original value of pNew->nSkip */
+ u32 saved_wsFlags; /* Original value of pNew->wsFlags */
+ LogEst saved_nOut; /* Original value of pNew->nOut */
+ int rc = SQLITE_OK; /* Return code */
+ LogEst rSize; /* Number of rows in the table */
+ LogEst rLogSize; /* Logarithm of table size */
+ WhereTerm *pTop = 0, *pBtm = 0; /* Top and bottom range constraints */
+
+ pNew = pBuilder->pNew;
+ if( db->mallocFailed ) return SQLITE_NOMEM;
+
+ assert( (pNew->wsFlags & WHERE_VIRTUALTABLE)==0 );
+ assert( (pNew->wsFlags & WHERE_TOP_LIMIT)==0 );
+ if( pNew->wsFlags & WHERE_BTM_LIMIT ){
+ opMask = WO_LT|WO_LE;
+ }else if( /*pProbe->tnum<=0 ||*/ (pSrc->fg.jointype & JT_LEFT)!=0 ){
+ opMask = WO_EQ|WO_IN|WO_GT|WO_GE|WO_LT|WO_LE;
+ }else{
+ opMask = WO_EQ|WO_IN|WO_GT|WO_GE|WO_LT|WO_LE|WO_ISNULL|WO_IS;
+ }
+ if( pProbe->bUnordered ) opMask &= ~(WO_GT|WO_GE|WO_LT|WO_LE);
+
+ assert( pNew->u.btree.nEq<pProbe->nColumn );
+
+ saved_nEq = pNew->u.btree.nEq;
+ saved_nSkip = pNew->nSkip;
+ saved_nLTerm = pNew->nLTerm;
+ saved_wsFlags = pNew->wsFlags;
+ saved_prereq = pNew->prereq;
+ saved_nOut = pNew->nOut;
+ pTerm = whereScanInit(&scan, pBuilder->pWC, pSrc->iCursor, saved_nEq,
+ opMask, pProbe);
+ pNew->rSetup = 0;
+ rSize = pProbe->aiRowLogEst[0];
+ rLogSize = estLog(rSize);
+ for(; rc==SQLITE_OK && pTerm!=0; pTerm = whereScanNext(&scan)){
+ u16 eOp = pTerm->eOperator; /* Shorthand for pTerm->eOperator */
+ LogEst rCostIdx;
+ LogEst nOutUnadjusted; /* nOut before IN() and WHERE adjustments */
+ int nIn = 0;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ int nRecValid = pBuilder->nRecValid;
+#endif
+ if( (eOp==WO_ISNULL || (pTerm->wtFlags&TERM_VNULL)!=0)
+ && indexColumnNotNull(pProbe, saved_nEq)
+ ){
+ continue; /* ignore IS [NOT] NULL constraints on NOT NULL columns */
+ }
+ if( pTerm->prereqRight & pNew->maskSelf ) continue;
+
+ /* Do not allow the upper bound of a LIKE optimization range constraint
+ ** to mix with a lower range bound from some other source */
+ if( pTerm->wtFlags & TERM_LIKEOPT && pTerm->eOperator==WO_LT ) continue;
+
+ pNew->wsFlags = saved_wsFlags;
+ pNew->u.btree.nEq = saved_nEq;
+ pNew->nLTerm = saved_nLTerm;
+ if( whereLoopResize(db, pNew, pNew->nLTerm+1) ) break; /* OOM */
+ pNew->aLTerm[pNew->nLTerm++] = pTerm;
+ pNew->prereq = (saved_prereq | pTerm->prereqRight) & ~pNew->maskSelf;
+
+ assert( nInMul==0
+ || (pNew->wsFlags & WHERE_COLUMN_NULL)!=0
+ || (pNew->wsFlags & WHERE_COLUMN_IN)!=0
+ || (pNew->wsFlags & WHERE_SKIPSCAN)!=0
+ );
+
+ if( eOp & WO_IN ){
+ Expr *pExpr = pTerm->pExpr;
+ pNew->wsFlags |= WHERE_COLUMN_IN;
+ if( ExprHasProperty(pExpr, EP_xIsSelect) ){
+ /* "x IN (SELECT ...)": TUNING: the SELECT returns 25 rows */
+ nIn = 46; assert( 46==sqlite3LogEst(25) );
+ }else if( ALWAYS(pExpr->x.pList && pExpr->x.pList->nExpr) ){
+ /* "x IN (value, value, ...)" */
+ nIn = sqlite3LogEst(pExpr->x.pList->nExpr);
+ }
+ assert( nIn>0 ); /* RHS always has 2 or more terms... The parser
+ ** changes "x IN (?)" into "x=?". */
+
+ }else if( eOp & (WO_EQ|WO_IS) ){
+ int iCol = pProbe->aiColumn[saved_nEq];
+ pNew->wsFlags |= WHERE_COLUMN_EQ;
+ assert( saved_nEq==pNew->u.btree.nEq );
+ if( iCol==XN_ROWID
+ || (iCol>0 && nInMul==0 && saved_nEq==pProbe->nKeyCol-1)
+ ){
+ if( iCol>=0 && pProbe->uniqNotNull==0 ){
+ pNew->wsFlags |= WHERE_UNQ_WANTED;
+ }else{
+ pNew->wsFlags |= WHERE_ONEROW;
+ }
+ }
+ }else if( eOp & WO_ISNULL ){
+ pNew->wsFlags |= WHERE_COLUMN_NULL;
+ }else if( eOp & (WO_GT|WO_GE) ){
+ testcase( eOp & WO_GT );
+ testcase( eOp & WO_GE );
+ pNew->wsFlags |= WHERE_COLUMN_RANGE|WHERE_BTM_LIMIT;
+ pBtm = pTerm;
+ pTop = 0;
+ if( pTerm->wtFlags & TERM_LIKEOPT ){
+ /* Range contraints that come from the LIKE optimization are
+ ** always used in pairs. */
+ pTop = &pTerm[1];
+ assert( (pTop-(pTerm->pWC->a))<pTerm->pWC->nTerm );
+ assert( pTop->wtFlags & TERM_LIKEOPT );
+ assert( pTop->eOperator==WO_LT );
+ if( whereLoopResize(db, pNew, pNew->nLTerm+1) ) break; /* OOM */
+ pNew->aLTerm[pNew->nLTerm++] = pTop;
+ pNew->wsFlags |= WHERE_TOP_LIMIT;
+ }
+ }else{
+ assert( eOp & (WO_LT|WO_LE) );
+ testcase( eOp & WO_LT );
+ testcase( eOp & WO_LE );
+ pNew->wsFlags |= WHERE_COLUMN_RANGE|WHERE_TOP_LIMIT;
+ pTop = pTerm;
+ pBtm = (pNew->wsFlags & WHERE_BTM_LIMIT)!=0 ?
+ pNew->aLTerm[pNew->nLTerm-2] : 0;
+ }
+
+ /* At this point pNew->nOut is set to the number of rows expected to
+ ** be visited by the index scan before considering term pTerm, or the
+ ** values of nIn and nInMul. In other words, assuming that all
+ ** "x IN(...)" terms are replaced with "x = ?". This block updates
+ ** the value of pNew->nOut to account for pTerm (but not nIn/nInMul). */
+ assert( pNew->nOut==saved_nOut );
+ if( pNew->wsFlags & WHERE_COLUMN_RANGE ){
+ /* Adjust nOut using stat3/stat4 data. Or, if there is no stat3/stat4
+ ** data, using some other estimate. */
+ whereRangeScanEst(pParse, pBuilder, pBtm, pTop, pNew);
+ }else{
+ int nEq = ++pNew->u.btree.nEq;
+ assert( eOp & (WO_ISNULL|WO_EQ|WO_IN|WO_IS) );
+
+ assert( pNew->nOut==saved_nOut );
+ if( pTerm->truthProb<=0 && pProbe->aiColumn[saved_nEq]>=0 ){
+ assert( (eOp & WO_IN) || nIn==0 );
+ testcase( eOp & WO_IN );
+ pNew->nOut += pTerm->truthProb;
+ pNew->nOut -= nIn;
+ }else{
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ tRowcnt nOut = 0;
+ if( nInMul==0
+ && pProbe->nSample
+ && pNew->u.btree.nEq<=pProbe->nSampleCol
+ && ((eOp & WO_IN)==0 || !ExprHasProperty(pTerm->pExpr, EP_xIsSelect))
+ ){
+ Expr *pExpr = pTerm->pExpr;
+ if( (eOp & (WO_EQ|WO_ISNULL|WO_IS))!=0 ){
+ testcase( eOp & WO_EQ );
+ testcase( eOp & WO_IS );
+ testcase( eOp & WO_ISNULL );
+ rc = whereEqualScanEst(pParse, pBuilder, pExpr->pRight, &nOut);
+ }else{
+ rc = whereInScanEst(pParse, pBuilder, pExpr->x.pList, &nOut);
+ }
+ if( rc==SQLITE_NOTFOUND ) rc = SQLITE_OK;
+ if( rc!=SQLITE_OK ) break; /* Jump out of the pTerm loop */
+ if( nOut ){
+ pNew->nOut = sqlite3LogEst(nOut);
+ if( pNew->nOut>saved_nOut ) pNew->nOut = saved_nOut;
+ pNew->nOut -= nIn;
+ }
+ }
+ if( nOut==0 )
+#endif
+ {
+ pNew->nOut += (pProbe->aiRowLogEst[nEq] - pProbe->aiRowLogEst[nEq-1]);
+ if( eOp & WO_ISNULL ){
+ /* TUNING: If there is no likelihood() value, assume that a
+ ** "col IS NULL" expression matches twice as many rows
+ ** as (col=?). */
+ pNew->nOut += 10;
+ }
+ }
+ }
+ }
+
+ /* Set rCostIdx to the cost of visiting selected rows in index. Add
+ ** it to pNew->rRun, which is currently set to the cost of the index
+ ** seek only. Then, if this is a non-covering index, add the cost of
+ ** visiting the rows in the main table. */
+ rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
+ pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
+ if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK))==0 ){
+ pNew->rRun = sqlite3LogEstAdd(pNew->rRun, pNew->nOut + 16);
+ }
+ ApplyCostMultiplier(pNew->rRun, pProbe->pTable->costMult);
+
+ nOutUnadjusted = pNew->nOut;
+ pNew->rRun += nInMul + nIn;
+ pNew->nOut += nInMul + nIn;
+ whereLoopOutputAdjust(pBuilder->pWC, pNew, rSize);
+ rc = whereLoopInsert(pBuilder, pNew);
+
+ if( pNew->wsFlags & WHERE_COLUMN_RANGE ){
+ pNew->nOut = saved_nOut;
+ }else{
+ pNew->nOut = nOutUnadjusted;
+ }
+
+ if( (pNew->wsFlags & WHERE_TOP_LIMIT)==0
+ && pNew->u.btree.nEq<pProbe->nColumn
+ ){
+ whereLoopAddBtreeIndex(pBuilder, pSrc, pProbe, nInMul+nIn);
+ }
+ pNew->nOut = saved_nOut;
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ pBuilder->nRecValid = nRecValid;
+#endif
+ }
+ pNew->prereq = saved_prereq;
+ pNew->u.btree.nEq = saved_nEq;
+ pNew->nSkip = saved_nSkip;
+ pNew->wsFlags = saved_wsFlags;
+ pNew->nOut = saved_nOut;
+ pNew->nLTerm = saved_nLTerm;
+
+ /* Consider using a skip-scan if there are no WHERE clause constraints
+ ** available for the left-most terms of the index, and if the average
+ ** number of repeats in the left-most terms is at least 18.
+ **
+ ** The magic number 18 is selected on the basis that scanning 17 rows
+ ** is almost always quicker than an index seek (even though if the index
+ ** contains fewer than 2^17 rows we assume otherwise in other parts of
+ ** the code). And, even if it is not, it should not be too much slower.
+ ** On the other hand, the extra seeks could end up being significantly
+ ** more expensive. */
+ assert( 42==sqlite3LogEst(18) );
+ if( saved_nEq==saved_nSkip
+ && saved_nEq+1<pProbe->nKeyCol
+ && pProbe->noSkipScan==0
+ && pProbe->aiRowLogEst[saved_nEq+1]>=42 /* TUNING: Minimum for skip-scan */
+ && (rc = whereLoopResize(db, pNew, pNew->nLTerm+1))==SQLITE_OK
+ ){
+ LogEst nIter;
+ pNew->u.btree.nEq++;
+ pNew->nSkip++;
+ pNew->aLTerm[pNew->nLTerm++] = 0;
+ pNew->wsFlags |= WHERE_SKIPSCAN;
+ nIter = pProbe->aiRowLogEst[saved_nEq] - pProbe->aiRowLogEst[saved_nEq+1];
+ pNew->nOut -= nIter;
+ /* TUNING: Because uncertainties in the estimates for skip-scan queries,
+ ** add a 1.375 fudge factor to make skip-scan slightly less likely. */
+ nIter += 5;
+ whereLoopAddBtreeIndex(pBuilder, pSrc, pProbe, nIter + nInMul);
+ pNew->nOut = saved_nOut;
+ pNew->u.btree.nEq = saved_nEq;
+ pNew->nSkip = saved_nSkip;
+ pNew->wsFlags = saved_wsFlags;
+ }
+
+ return rc;
+}
+
+/*
+** Return True if it is possible that pIndex might be useful in
+** implementing the ORDER BY clause in pBuilder.
+**
+** Return False if pBuilder does not contain an ORDER BY clause or
+** if there is no way for pIndex to be useful in implementing that
+** ORDER BY clause.
+*/
+static int indexMightHelpWithOrderBy(
+ WhereLoopBuilder *pBuilder,
+ Index *pIndex,
+ int iCursor
+){
+ ExprList *pOB;
+ ExprList *aColExpr;
+ int ii, jj;
+
+ if( pIndex->bUnordered ) return 0;
+ if( (pOB = pBuilder->pWInfo->pOrderBy)==0 ) return 0;
+ for(ii=0; ii<pOB->nExpr; ii++){
+ Expr *pExpr = sqlite3ExprSkipCollate(pOB->a[ii].pExpr);
+ if( pExpr->op==TK_COLUMN && pExpr->iTable==iCursor ){
+ if( pExpr->iColumn<0 ) return 1;
+ for(jj=0; jj<pIndex->nKeyCol; jj++){
+ if( pExpr->iColumn==pIndex->aiColumn[jj] ) return 1;
+ }
+ }else if( (aColExpr = pIndex->aColExpr)!=0 ){
+ for(jj=0; jj<pIndex->nKeyCol; jj++){
+ if( pIndex->aiColumn[jj]!=XN_EXPR ) continue;
+ if( sqlite3ExprCompare(pExpr,aColExpr->a[jj].pExpr,iCursor)==0 ){
+ return 1;
+ }
+ }
+ }
+ }
+ return 0;
+}
+
+/*
+** Return a bitmask where 1s indicate that the corresponding column of
+** the table is used by an index. Only the first 63 columns are considered.
+*/
+static Bitmask columnsInIndex(Index *pIdx){
+ Bitmask m = 0;
+ int j;
+ for(j=pIdx->nColumn-1; j>=0; j--){
+ int x = pIdx->aiColumn[j];
+ if( x>=0 ){
+ testcase( x==BMS-1 );
+ testcase( x==BMS-2 );
+ if( x<BMS-1 ) m |= MASKBIT(x);
+ }
+ }
+ return m;
+}
+
+/* Check to see if a partial index with pPartIndexWhere can be used
+** in the current query. Return true if it can be and false if not.
+*/
+static int whereUsablePartialIndex(int iTab, WhereClause *pWC, Expr *pWhere){
+ int i;
+ WhereTerm *pTerm;
+ while( pWhere->op==TK_AND ){
+ if( !whereUsablePartialIndex(iTab,pWC,pWhere->pLeft) ) return 0;
+ pWhere = pWhere->pRight;
+ }
+ for(i=0, pTerm=pWC->a; i<pWC->nTerm; i++, pTerm++){
+ Expr *pExpr = pTerm->pExpr;
+ if( sqlite3ExprImpliesExpr(pExpr, pWhere, iTab)
+ && (!ExprHasProperty(pExpr, EP_FromJoin) || pExpr->iRightJoinTable==iTab)
+ ){
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/*
+** Add all WhereLoop objects for a single table of the join where the table
+** is idenfied by pBuilder->pNew->iTab. That table is guaranteed to be
+** a b-tree table, not a virtual table.
+**
+** The costs (WhereLoop.rRun) of the b-tree loops added by this function
+** are calculated as follows:
+**
+** For a full scan, assuming the table (or index) contains nRow rows:
+**
+** cost = nRow * 3.0 // full-table scan
+** cost = nRow * K // scan of covering index
+** cost = nRow * (K+3.0) // scan of non-covering index
+**
+** where K is a value between 1.1 and 3.0 set based on the relative
+** estimated average size of the index and table records.
+**
+** For an index scan, where nVisit is the number of index rows visited
+** by the scan, and nSeek is the number of seek operations required on
+** the index b-tree:
+**
+** cost = nSeek * (log(nRow) + K * nVisit) // covering index
+** cost = nSeek * (log(nRow) + (K+3.0) * nVisit) // non-covering index
+**
+** Normally, nSeek is 1. nSeek values greater than 1 come about if the
+** WHERE clause includes "x IN (....)" terms used in place of "x=?". Or when
+** implicit "x IN (SELECT x FROM tbl)" terms are added for skip-scans.
+**
+** The estimated values (nRow, nVisit, nSeek) often contain a large amount
+** of uncertainty. For this reason, scoring is designed to pick plans that
+** "do the least harm" if the estimates are inaccurate. For example, a
+** log(nRow) factor is omitted from a non-covering index scan in order to
+** bias the scoring in favor of using an index, since the worst-case
+** performance of using an index is far better than the worst-case performance
+** of a full table scan.
+*/
+static int whereLoopAddBtree(
+ WhereLoopBuilder *pBuilder, /* WHERE clause information */
+ Bitmask mExtra /* Extra prerequesites for using this table */
+){
+ WhereInfo *pWInfo; /* WHERE analysis context */
+ Index *pProbe; /* An index we are evaluating */
+ Index sPk; /* A fake index object for the primary key */
+ LogEst aiRowEstPk[2]; /* The aiRowLogEst[] value for the sPk index */
+ i16 aiColumnPk = -1; /* The aColumn[] value for the sPk index */
+ SrcList *pTabList; /* The FROM clause */
+ struct SrcList_item *pSrc; /* The FROM clause btree term to add */
+ WhereLoop *pNew; /* Template WhereLoop object */
+ int rc = SQLITE_OK; /* Return code */
+ int iSortIdx = 1; /* Index number */
+ int b; /* A boolean value */
+ LogEst rSize; /* number of rows in the table */
+ LogEst rLogSize; /* Logarithm of the number of rows in the table */
+ WhereClause *pWC; /* The parsed WHERE clause */
+ Table *pTab; /* Table being queried */
+
+ pNew = pBuilder->pNew;
+ pWInfo = pBuilder->pWInfo;
+ pTabList = pWInfo->pTabList;
+ pSrc = pTabList->a + pNew->iTab;
+ pTab = pSrc->pTab;
+ pWC = pBuilder->pWC;
+ assert( !IsVirtual(pSrc->pTab) );
+
+ if( pSrc->pIBIndex ){
+ /* An INDEXED BY clause specifies a particular index to use */
+ pProbe = pSrc->pIBIndex;
+ }else if( !HasRowid(pTab) ){
+ pProbe = pTab->pIndex;
+ }else{
+ /* There is no INDEXED BY clause. Create a fake Index object in local
+ ** variable sPk to represent the rowid primary key index. Make this
+ ** fake index the first in a chain of Index objects with all of the real
+ ** indices to follow */
+ Index *pFirst; /* First of real indices on the table */
+ memset(&sPk, 0, sizeof(Index));
+ sPk.nKeyCol = 1;
+ sPk.nColumn = 1;
+ sPk.aiColumn = &aiColumnPk;
+ sPk.aiRowLogEst = aiRowEstPk;
+ sPk.onError = OE_Replace;
+ sPk.pTable = pTab;
+ sPk.szIdxRow = pTab->szTabRow;
+ aiRowEstPk[0] = pTab->nRowLogEst;
+ aiRowEstPk[1] = 0;
+ pFirst = pSrc->pTab->pIndex;
+ if( pSrc->fg.notIndexed==0 ){
+ /* The real indices of the table are only considered if the
+ ** NOT INDEXED qualifier is omitted from the FROM clause */
+ sPk.pNext = pFirst;
+ }
+ pProbe = &sPk;
+ }
+ rSize = pTab->nRowLogEst;
+ rLogSize = estLog(rSize);
+
+#ifndef SQLITE_OMIT_AUTOMATIC_INDEX
+ /* Automatic indexes */
+ if( !pBuilder->pOrSet /* Not part of an OR optimization */
+ && (pWInfo->wctrlFlags & WHERE_NO_AUTOINDEX)==0
+ && (pWInfo->pParse->db->flags & SQLITE_AutoIndex)!=0
+ && pSrc->pIBIndex==0 /* Has no INDEXED BY clause */
+ && !pSrc->fg.notIndexed /* Has no NOT INDEXED clause */
+ && HasRowid(pTab) /* Not WITHOUT ROWID table. (FIXME: Why not?) */
+ && !pSrc->fg.isCorrelated /* Not a correlated subquery */
+ && !pSrc->fg.isRecursive /* Not a recursive common table expression. */
+ ){
+ /* Generate auto-index WhereLoops */
+ WhereTerm *pTerm;
+ WhereTerm *pWCEnd = pWC->a + pWC->nTerm;
+ for(pTerm=pWC->a; rc==SQLITE_OK && pTerm<pWCEnd; pTerm++){
+ if( pTerm->prereqRight & pNew->maskSelf ) continue;
+ if( termCanDriveIndex(pTerm, pSrc, 0) ){
+ pNew->u.btree.nEq = 1;
+ pNew->nSkip = 0;
+ pNew->u.btree.pIndex = 0;
+ pNew->nLTerm = 1;
+ pNew->aLTerm[0] = pTerm;
+ /* TUNING: One-time cost for computing the automatic index is
+ ** estimated to be X*N*log2(N) where N is the number of rows in
+ ** the table being indexed and where X is 7 (LogEst=28) for normal
+ ** tables or 1.375 (LogEst=4) for views and subqueries. The value
+ ** of X is smaller for views and subqueries so that the query planner
+ ** will be more aggressive about generating automatic indexes for
+ ** those objects, since there is no opportunity to add schema
+ ** indexes on subqueries and views. */
+ pNew->rSetup = rLogSize + rSize + 4;
+ if( pTab->pSelect==0 && (pTab->tabFlags & TF_Ephemeral)==0 ){
+ pNew->rSetup += 24;
+ }
+ ApplyCostMultiplier(pNew->rSetup, pTab->costMult);
+ /* TUNING: Each index lookup yields 20 rows in the table. This
+ ** is more than the usual guess of 10 rows, since we have no way
+ ** of knowing how selective the index will ultimately be. It would
+ ** not be unreasonable to make this value much larger. */
+ pNew->nOut = 43; assert( 43==sqlite3LogEst(20) );
+ pNew->rRun = sqlite3LogEstAdd(rLogSize,pNew->nOut);
+ pNew->wsFlags = WHERE_AUTO_INDEX;
+ pNew->prereq = mExtra | pTerm->prereqRight;
+ rc = whereLoopInsert(pBuilder, pNew);
+ }
+ }
+ }
+#endif /* SQLITE_OMIT_AUTOMATIC_INDEX */
+
+ /* Loop over all indices
+ */
+ for(; rc==SQLITE_OK && pProbe; pProbe=pProbe->pNext, iSortIdx++){
+ if( pProbe->pPartIdxWhere!=0
+ && !whereUsablePartialIndex(pSrc->iCursor, pWC, pProbe->pPartIdxWhere) ){
+ testcase( pNew->iTab!=pSrc->iCursor ); /* See ticket [98d973b8f5] */
+ continue; /* Partial index inappropriate for this query */
+ }
+ rSize = pProbe->aiRowLogEst[0];
+ pNew->u.btree.nEq = 0;
+ pNew->nSkip = 0;
+ pNew->nLTerm = 0;
+ pNew->iSortIdx = 0;
+ pNew->rSetup = 0;
+ pNew->prereq = mExtra;
+ pNew->nOut = rSize;
+ pNew->u.btree.pIndex = pProbe;
+ b = indexMightHelpWithOrderBy(pBuilder, pProbe, pSrc->iCursor);
+ /* The ONEPASS_DESIRED flags never occurs together with ORDER BY */
+ assert( (pWInfo->wctrlFlags & WHERE_ONEPASS_DESIRED)==0 || b==0 );
+ if( pProbe->tnum<=0 ){
+ /* Integer primary key index */
+ pNew->wsFlags = WHERE_IPK;
+
+ /* Full table scan */
+ pNew->iSortIdx = b ? iSortIdx : 0;
+ /* TUNING: Cost of full table scan is (N*3.0). */
+ pNew->rRun = rSize + 16;
+ ApplyCostMultiplier(pNew->rRun, pTab->costMult);
+ whereLoopOutputAdjust(pWC, pNew, rSize);
+ rc = whereLoopInsert(pBuilder, pNew);
+ pNew->nOut = rSize;
+ if( rc ) break;
+ }else{
+ Bitmask m;
+ if( pProbe->isCovering ){
+ pNew->wsFlags = WHERE_IDX_ONLY | WHERE_INDEXED;
+ m = 0;
+ }else{
+ m = pSrc->colUsed & ~columnsInIndex(pProbe);
+ pNew->wsFlags = (m==0) ? (WHERE_IDX_ONLY|WHERE_INDEXED) : WHERE_INDEXED;
+ }
+
+ /* Full scan via index */
+ if( b
+ || !HasRowid(pTab)
+ || ( m==0
+ && pProbe->bUnordered==0
+ && (pProbe->szIdxRow<pTab->szTabRow)
+ && (pWInfo->wctrlFlags & WHERE_ONEPASS_DESIRED)==0
+ && sqlite3GlobalConfig.bUseCis
+ && OptimizationEnabled(pWInfo->pParse->db, SQLITE_CoverIdxScan)
+ )
+ ){
+ pNew->iSortIdx = b ? iSortIdx : 0;
+
+ /* The cost of visiting the index rows is N*K, where K is
+ ** between 1.1 and 3.0, depending on the relative sizes of the
+ ** index and table rows. If this is a non-covering index scan,
+ ** also add the cost of visiting table rows (N*3.0). */
+ pNew->rRun = rSize + 1 + (15*pProbe->szIdxRow)/pTab->szTabRow;
+ if( m!=0 ){
+ pNew->rRun = sqlite3LogEstAdd(pNew->rRun, rSize+16);
+ }
+ ApplyCostMultiplier(pNew->rRun, pTab->costMult);
+ whereLoopOutputAdjust(pWC, pNew, rSize);
+ rc = whereLoopInsert(pBuilder, pNew);
+ pNew->nOut = rSize;
+ if( rc ) break;
+ }
+ }
+
+ rc = whereLoopAddBtreeIndex(pBuilder, pSrc, pProbe, 0);
+#ifdef SQLITE_ENABLE_STAT3_OR_STAT4
+ sqlite3Stat4ProbeFree(pBuilder->pRec);
+ pBuilder->nRecValid = 0;
+ pBuilder->pRec = 0;
+#endif
+
+ /* If there was an INDEXED BY clause, then only that one index is
+ ** considered. */
+ if( pSrc->pIBIndex ) break;
+ }
+ return rc;
+}
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Add all WhereLoop objects for a table of the join identified by
+** pBuilder->pNew->iTab. That table is guaranteed to be a virtual table.
+**
+** If there are no LEFT or CROSS JOIN joins in the query, both mExtra and
+** mUnusable are set to 0. Otherwise, mExtra is a mask of all FROM clause
+** entries that occur before the virtual table in the FROM clause and are
+** separated from it by at least one LEFT or CROSS JOIN. Similarly, the
+** mUnusable mask contains all FROM clause entries that occur after the
+** virtual table and are separated from it by at least one LEFT or
+** CROSS JOIN.
+**
+** For example, if the query were:
+**
+** ... FROM t1, t2 LEFT JOIN t3, t4, vt CROSS JOIN t5, t6;
+**
+** then mExtra corresponds to (t1, t2) and mUnusable to (t5, t6).
+**
+** All the tables in mExtra must be scanned before the current virtual
+** table. So any terms for which all prerequisites are satisfied by
+** mExtra may be specified as "usable" in all calls to xBestIndex.
+** Conversely, all tables in mUnusable must be scanned after the current
+** virtual table, so any terms for which the prerequisites overlap with
+** mUnusable should always be configured as "not-usable" for xBestIndex.
+*/
+static int whereLoopAddVirtual(
+ WhereLoopBuilder *pBuilder, /* WHERE clause information */
+ Bitmask mExtra, /* Tables that must be scanned before this one */
+ Bitmask mUnusable /* Tables that must be scanned after this one */
+){
+ WhereInfo *pWInfo; /* WHERE analysis context */
+ Parse *pParse; /* The parsing context */
+ WhereClause *pWC; /* The WHERE clause */
+ struct SrcList_item *pSrc; /* The FROM clause term to search */
+ Table *pTab;
+ sqlite3 *db;
+ sqlite3_index_info *pIdxInfo;
+ struct sqlite3_index_constraint *pIdxCons;
+ struct sqlite3_index_constraint_usage *pUsage;
+ WhereTerm *pTerm;
+ int i, j;
+ int iTerm, mxTerm;
+ int nConstraint;
+ int seenIn = 0; /* True if an IN operator is seen */
+ int seenVar = 0; /* True if a non-constant constraint is seen */
+ int iPhase; /* 0: const w/o IN, 1: const, 2: no IN, 2: IN */
+ WhereLoop *pNew;
+ int rc = SQLITE_OK;
+
+ assert( (mExtra & mUnusable)==0 );
+ pWInfo = pBuilder->pWInfo;
+ pParse = pWInfo->pParse;
+ db = pParse->db;
+ pWC = pBuilder->pWC;
+ pNew = pBuilder->pNew;
+ pSrc = &pWInfo->pTabList->a[pNew->iTab];
+ pTab = pSrc->pTab;
+ assert( IsVirtual(pTab) );
+ pIdxInfo = allocateIndexInfo(pParse, pWC, mUnusable, pSrc,pBuilder->pOrderBy);
+ if( pIdxInfo==0 ) return SQLITE_NOMEM;
+ pNew->prereq = 0;
+ pNew->rSetup = 0;
+ pNew->wsFlags = WHERE_VIRTUALTABLE;
+ pNew->nLTerm = 0;
+ pNew->u.vtab.needFree = 0;
+ pUsage = pIdxInfo->aConstraintUsage;
+ nConstraint = pIdxInfo->nConstraint;
+ if( whereLoopResize(db, pNew, nConstraint) ){
+ sqlite3DbFree(db, pIdxInfo);
+ return SQLITE_NOMEM;
+ }
+
+ for(iPhase=0; iPhase<=3; iPhase++){
+ if( !seenIn && (iPhase&1)!=0 ){
+ iPhase++;
+ if( iPhase>3 ) break;
+ }
+ if( !seenVar && iPhase>1 ) break;
+ pIdxCons = *(struct sqlite3_index_constraint**)&pIdxInfo->aConstraint;
+ for(i=0; i<pIdxInfo->nConstraint; i++, pIdxCons++){
+ j = pIdxCons->iTermOffset;
+ pTerm = &pWC->a[j];
+ switch( iPhase ){
+ case 0: /* Constants without IN operator */
+ pIdxCons->usable = 0;
+ if( (pTerm->eOperator & WO_IN)!=0 ){
+ seenIn = 1;
+ }
+ if( (pTerm->prereqRight & ~mExtra)!=0 ){
+ seenVar = 1;
+ }else if( (pTerm->eOperator & WO_IN)==0 ){
+ pIdxCons->usable = 1;
+ }
+ break;
+ case 1: /* Constants with IN operators */
+ assert( seenIn );
+ pIdxCons->usable = (pTerm->prereqRight & ~mExtra)==0;
+ break;
+ case 2: /* Variables without IN */
+ assert( seenVar );
+ pIdxCons->usable = (pTerm->eOperator & WO_IN)==0;
+ break;
+ default: /* Variables with IN */
+ assert( seenVar && seenIn );
+ pIdxCons->usable = 1;
+ break;
+ }
+ }
+ memset(pUsage, 0, sizeof(pUsage[0])*pIdxInfo->nConstraint);
+ if( pIdxInfo->needToFreeIdxStr ) sqlite3_free(pIdxInfo->idxStr);
+ pIdxInfo->idxStr = 0;
+ pIdxInfo->idxNum = 0;
+ pIdxInfo->needToFreeIdxStr = 0;
+ pIdxInfo->orderByConsumed = 0;
+ pIdxInfo->estimatedCost = SQLITE_BIG_DBL / (double)2;
+ pIdxInfo->estimatedRows = 25;
+ pIdxInfo->idxFlags = 0;
+ pIdxInfo->colUsed = (sqlite3_int64)pSrc->colUsed;
+ rc = vtabBestIndex(pParse, pTab, pIdxInfo);
+ if( rc ) goto whereLoopAddVtab_exit;
+ pIdxCons = *(struct sqlite3_index_constraint**)&pIdxInfo->aConstraint;
+ pNew->prereq = mExtra;
+ mxTerm = -1;
+ assert( pNew->nLSlot>=nConstraint );
+ for(i=0; i<nConstraint; i++) pNew->aLTerm[i] = 0;
+ pNew->u.vtab.omitMask = 0;
+ for(i=0; i<nConstraint; i++, pIdxCons++){
+ if( (iTerm = pUsage[i].argvIndex - 1)>=0 ){
+ j = pIdxCons->iTermOffset;
+ if( iTerm>=nConstraint
+ || j<0
+ || j>=pWC->nTerm
+ || pNew->aLTerm[iTerm]!=0
+ ){
+ rc = SQLITE_ERROR;
+ sqlite3ErrorMsg(pParse, "%s.xBestIndex() malfunction", pTab->zName);
+ goto whereLoopAddVtab_exit;
+ }
+ testcase( iTerm==nConstraint-1 );
+ testcase( j==0 );
+ testcase( j==pWC->nTerm-1 );
+ pTerm = &pWC->a[j];
+ pNew->prereq |= pTerm->prereqRight;
+ assert( iTerm<pNew->nLSlot );
+ pNew->aLTerm[iTerm] = pTerm;
+ if( iTerm>mxTerm ) mxTerm = iTerm;
+ testcase( iTerm==15 );
+ testcase( iTerm==16 );
+ if( iTerm<16 && pUsage[i].omit ) pNew->u.vtab.omitMask |= 1<<iTerm;
+ if( (pTerm->eOperator & WO_IN)!=0 ){
+ if( pUsage[i].omit==0 ){
+ /* Do not attempt to use an IN constraint if the virtual table
+ ** says that the equivalent EQ constraint cannot be safely omitted.
+ ** If we do attempt to use such a constraint, some rows might be
+ ** repeated in the output. */
+ break;
+ }
+ /* A virtual table that is constrained by an IN clause may not
+ ** consume the ORDER BY clause because (1) the order of IN terms
+ ** is not necessarily related to the order of output terms and
+ ** (2) Multiple outputs from a single IN value will not merge
+ ** together. */
+ pIdxInfo->orderByConsumed = 0;
+ pIdxInfo->idxFlags &= ~SQLITE_INDEX_SCAN_UNIQUE;
+ }
+ }
+ }
+ if( i>=nConstraint ){
+ pNew->nLTerm = mxTerm+1;
+ assert( pNew->nLTerm<=pNew->nLSlot );
+ pNew->u.vtab.idxNum = pIdxInfo->idxNum;
+ pNew->u.vtab.needFree = pIdxInfo->needToFreeIdxStr;
+ pIdxInfo->needToFreeIdxStr = 0;
+ pNew->u.vtab.idxStr = pIdxInfo->idxStr;
+ pNew->u.vtab.isOrdered = (i8)(pIdxInfo->orderByConsumed ?
+ pIdxInfo->nOrderBy : 0);
+ pNew->rSetup = 0;
+ pNew->rRun = sqlite3LogEstFromDouble(pIdxInfo->estimatedCost);
+ pNew->nOut = sqlite3LogEst(pIdxInfo->estimatedRows);
+
+ /* Set the WHERE_ONEROW flag if the xBestIndex() method indicated
+ ** that the scan will visit at most one row. Clear it otherwise. */
+ if( pIdxInfo->idxFlags & SQLITE_INDEX_SCAN_UNIQUE ){
+ pNew->wsFlags |= WHERE_ONEROW;
+ }else{
+ pNew->wsFlags &= ~WHERE_ONEROW;
+ }
+ whereLoopInsert(pBuilder, pNew);
+ if( pNew->u.vtab.needFree ){
+ sqlite3_free(pNew->u.vtab.idxStr);
+ pNew->u.vtab.needFree = 0;
+ }
+ }
+ }
+
+whereLoopAddVtab_exit:
+ if( pIdxInfo->needToFreeIdxStr ) sqlite3_free(pIdxInfo->idxStr);
+ sqlite3DbFree(db, pIdxInfo);
+ return rc;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/*
+** Add WhereLoop entries to handle OR terms. This works for either
+** btrees or virtual tables.
+*/
+static int whereLoopAddOr(
+ WhereLoopBuilder *pBuilder,
+ Bitmask mExtra,
+ Bitmask mUnusable
+){
+ WhereInfo *pWInfo = pBuilder->pWInfo;
+ WhereClause *pWC;
+ WhereLoop *pNew;
+ WhereTerm *pTerm, *pWCEnd;
+ int rc = SQLITE_OK;
+ int iCur;
+ WhereClause tempWC;
+ WhereLoopBuilder sSubBuild;
+ WhereOrSet sSum, sCur;
+ struct SrcList_item *pItem;
+
+ pWC = pBuilder->pWC;
+ pWCEnd = pWC->a + pWC->nTerm;
+ pNew = pBuilder->pNew;
+ memset(&sSum, 0, sizeof(sSum));
+ pItem = pWInfo->pTabList->a + pNew->iTab;
+ iCur = pItem->iCursor;
+
+ for(pTerm=pWC->a; pTerm<pWCEnd && rc==SQLITE_OK; pTerm++){
+ if( (pTerm->eOperator & WO_OR)!=0
+ && (pTerm->u.pOrInfo->indexable & pNew->maskSelf)!=0
+ ){
+ WhereClause * const pOrWC = &pTerm->u.pOrInfo->wc;
+ WhereTerm * const pOrWCEnd = &pOrWC->a[pOrWC->nTerm];
+ WhereTerm *pOrTerm;
+ int once = 1;
+ int i, j;
+
+ sSubBuild = *pBuilder;
+ sSubBuild.pOrderBy = 0;
+ sSubBuild.pOrSet = &sCur;
+
+ WHERETRACE(0x200, ("Begin processing OR-clause %p\n", pTerm));
+ for(pOrTerm=pOrWC->a; pOrTerm<pOrWCEnd; pOrTerm++){
+ if( (pOrTerm->eOperator & WO_AND)!=0 ){
+ sSubBuild.pWC = &pOrTerm->u.pAndInfo->wc;
+ }else if( pOrTerm->leftCursor==iCur ){
+ tempWC.pWInfo = pWC->pWInfo;
+ tempWC.pOuter = pWC;
+ tempWC.op = TK_AND;
+ tempWC.nTerm = 1;
+ tempWC.a = pOrTerm;
+ sSubBuild.pWC = &tempWC;
+ }else{
+ continue;
+ }
+ sCur.n = 0;
+#ifdef WHERETRACE_ENABLED
+ WHERETRACE(0x200, ("OR-term %d of %p has %d subterms:\n",
+ (int)(pOrTerm-pOrWC->a), pTerm, sSubBuild.pWC->nTerm));
+ if( sqlite3WhereTrace & 0x400 ){
+ for(i=0; i<sSubBuild.pWC->nTerm; i++){
+ whereTermPrint(&sSubBuild.pWC->a[i], i);
+ }
+ }
+#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( IsVirtual(pItem->pTab) ){
+ rc = whereLoopAddVirtual(&sSubBuild, mExtra, mUnusable);
+ }else
+#endif
+ {
+ rc = whereLoopAddBtree(&sSubBuild, mExtra);
+ }
+ if( rc==SQLITE_OK ){
+ rc = whereLoopAddOr(&sSubBuild, mExtra, mUnusable);
+ }
+ assert( rc==SQLITE_OK || sCur.n==0 );
+ if( sCur.n==0 ){
+ sSum.n = 0;
+ break;
+ }else if( once ){
+ whereOrMove(&sSum, &sCur);
+ once = 0;
+ }else{
+ WhereOrSet sPrev;
+ whereOrMove(&sPrev, &sSum);
+ sSum.n = 0;
+ for(i=0; i<sPrev.n; i++){
+ for(j=0; j<sCur.n; j++){
+ whereOrInsert(&sSum, sPrev.a[i].prereq | sCur.a[j].prereq,
+ sqlite3LogEstAdd(sPrev.a[i].rRun, sCur.a[j].rRun),
+ sqlite3LogEstAdd(sPrev.a[i].nOut, sCur.a[j].nOut));
+ }
+ }
+ }
+ }
+ pNew->nLTerm = 1;
+ pNew->aLTerm[0] = pTerm;
+ pNew->wsFlags = WHERE_MULTI_OR;
+ pNew->rSetup = 0;
+ pNew->iSortIdx = 0;
+ memset(&pNew->u, 0, sizeof(pNew->u));
+ for(i=0; rc==SQLITE_OK && i<sSum.n; i++){
+ /* TUNING: Currently sSum.a[i].rRun is set to the sum of the costs
+ ** of all sub-scans required by the OR-scan. However, due to rounding
+ ** errors, it may be that the cost of the OR-scan is equal to its
+ ** most expensive sub-scan. Add the smallest possible penalty
+ ** (equivalent to multiplying the cost by 1.07) to ensure that
+ ** this does not happen. Otherwise, for WHERE clauses such as the
+ ** following where there is an index on "y":
+ **
+ ** WHERE likelihood(x=?, 0.99) OR y=?
+ **
+ ** the planner may elect to "OR" together a full-table scan and an
+ ** index lookup. And other similarly odd results. */
+ pNew->rRun = sSum.a[i].rRun + 1;
+ pNew->nOut = sSum.a[i].nOut;
+ pNew->prereq = sSum.a[i].prereq;
+ rc = whereLoopInsert(pBuilder, pNew);
+ }
+ WHERETRACE(0x200, ("End processing OR-clause %p\n", pTerm));
+ }
+ }
+ return rc;
+}
+
+/*
+** Add all WhereLoop objects for all tables
+*/
+static int whereLoopAddAll(WhereLoopBuilder *pBuilder){
+ WhereInfo *pWInfo = pBuilder->pWInfo;
+ Bitmask mExtra = 0;
+ Bitmask mPrior = 0;
+ int iTab;
+ SrcList *pTabList = pWInfo->pTabList;
+ struct SrcList_item *pItem;
+ struct SrcList_item *pEnd = &pTabList->a[pWInfo->nLevel];
+ sqlite3 *db = pWInfo->pParse->db;
+ int rc = SQLITE_OK;
+ WhereLoop *pNew;
+ u8 priorJointype = 0;
+
+ /* Loop over the tables in the join, from left to right */
+ pNew = pBuilder->pNew;
+ whereLoopInit(pNew);
+ for(iTab=0, pItem=pTabList->a; pItem<pEnd; iTab++, pItem++){
+ Bitmask mUnusable = 0;
+ pNew->iTab = iTab;
+ pNew->maskSelf = sqlite3WhereGetMask(&pWInfo->sMaskSet, pItem->iCursor);
+ if( ((pItem->fg.jointype|priorJointype) & (JT_LEFT|JT_CROSS))!=0 ){
+ /* This condition is true when pItem is the FROM clause term on the
+ ** right-hand-side of a LEFT or CROSS JOIN. */
+ mExtra = mPrior;
+ }
+ priorJointype = pItem->fg.jointype;
+ if( IsVirtual(pItem->pTab) ){
+ struct SrcList_item *p;
+ for(p=&pItem[1]; p<pEnd; p++){
+ if( mUnusable || (p->fg.jointype & (JT_LEFT|JT_CROSS)) ){
+ mUnusable |= sqlite3WhereGetMask(&pWInfo->sMaskSet, p->iCursor);
+ }
+ }
+ rc = whereLoopAddVirtual(pBuilder, mExtra, mUnusable);
+ }else{
+ rc = whereLoopAddBtree(pBuilder, mExtra);
+ }
+ if( rc==SQLITE_OK ){
+ rc = whereLoopAddOr(pBuilder, mExtra, mUnusable);
+ }
+ mPrior |= pNew->maskSelf;
+ if( rc || db->mallocFailed ) break;
+ }
+
+ whereLoopClear(db, pNew);
+ return rc;
+}
+
+/*
+** Examine a WherePath (with the addition of the extra WhereLoop of the 5th
+** parameters) to see if it outputs rows in the requested ORDER BY
+** (or GROUP BY) without requiring a separate sort operation. Return N:
+**
+** N>0: N terms of the ORDER BY clause are satisfied
+** N==0: No terms of the ORDER BY clause are satisfied
+** N<0: Unknown yet how many terms of ORDER BY might be satisfied.
+**
+** Note that processing for WHERE_GROUPBY and WHERE_DISTINCTBY is not as
+** strict. With GROUP BY and DISTINCT the only requirement is that
+** equivalent rows appear immediately adjacent to one another. GROUP BY
+** and DISTINCT do not require rows to appear in any particular order as long
+** as equivalent rows are grouped together. Thus for GROUP BY and DISTINCT
+** the pOrderBy terms can be matched in any order. With ORDER BY, the
+** pOrderBy terms must be matched in strict left-to-right order.
+*/
+static i8 wherePathSatisfiesOrderBy(
+ WhereInfo *pWInfo, /* The WHERE clause */
+ ExprList *pOrderBy, /* ORDER BY or GROUP BY or DISTINCT clause to check */
+ WherePath *pPath, /* The WherePath to check */
+ u16 wctrlFlags, /* Might contain WHERE_GROUPBY or WHERE_DISTINCTBY */
+ u16 nLoop, /* Number of entries in pPath->aLoop[] */
+ WhereLoop *pLast, /* Add this WhereLoop to the end of pPath->aLoop[] */
+ Bitmask *pRevMask /* OUT: Mask of WhereLoops to run in reverse order */
+){
+ u8 revSet; /* True if rev is known */
+ u8 rev; /* Composite sort order */
+ u8 revIdx; /* Index sort order */
+ u8 isOrderDistinct; /* All prior WhereLoops are order-distinct */
+ u8 distinctColumns; /* True if the loop has UNIQUE NOT NULL columns */
+ u8 isMatch; /* iColumn matches a term of the ORDER BY clause */
+ u16 nKeyCol; /* Number of key columns in pIndex */
+ u16 nColumn; /* Total number of ordered columns in the index */
+ u16 nOrderBy; /* Number terms in the ORDER BY clause */
+ int iLoop; /* Index of WhereLoop in pPath being processed */
+ int i, j; /* Loop counters */
+ int iCur; /* Cursor number for current WhereLoop */
+ int iColumn; /* A column number within table iCur */
+ WhereLoop *pLoop = 0; /* Current WhereLoop being processed. */
+ WhereTerm *pTerm; /* A single term of the WHERE clause */
+ Expr *pOBExpr; /* An expression from the ORDER BY clause */
+ CollSeq *pColl; /* COLLATE function from an ORDER BY clause term */
+ Index *pIndex; /* The index associated with pLoop */
+ sqlite3 *db = pWInfo->pParse->db; /* Database connection */
+ Bitmask obSat = 0; /* Mask of ORDER BY terms satisfied so far */
+ Bitmask obDone; /* Mask of all ORDER BY terms */
+ Bitmask orderDistinctMask; /* Mask of all well-ordered loops */
+ Bitmask ready; /* Mask of inner loops */
+
+ /*
+ ** We say the WhereLoop is "one-row" if it generates no more than one
+ ** row of output. A WhereLoop is one-row if all of the following are true:
+ ** (a) All index columns match with WHERE_COLUMN_EQ.
+ ** (b) The index is unique
+ ** Any WhereLoop with an WHERE_COLUMN_EQ constraint on the rowid is one-row.
+ ** Every one-row WhereLoop will have the WHERE_ONEROW bit set in wsFlags.
+ **
+ ** We say the WhereLoop is "order-distinct" if the set of columns from
+ ** that WhereLoop that are in the ORDER BY clause are different for every
+ ** row of the WhereLoop. Every one-row WhereLoop is automatically
+ ** order-distinct. A WhereLoop that has no columns in the ORDER BY clause
+ ** is not order-distinct. To be order-distinct is not quite the same as being
+ ** UNIQUE since a UNIQUE column or index can have multiple rows that
+ ** are NULL and NULL values are equivalent for the purpose of order-distinct.
+ ** To be order-distinct, the columns must be UNIQUE and NOT NULL.
+ **
+ ** The rowid for a table is always UNIQUE and NOT NULL so whenever the
+ ** rowid appears in the ORDER BY clause, the corresponding WhereLoop is
+ ** automatically order-distinct.
+ */
+
+ assert( pOrderBy!=0 );
+ if( nLoop && OptimizationDisabled(db, SQLITE_OrderByIdxJoin) ) return 0;
+
+ nOrderBy = pOrderBy->nExpr;
+ testcase( nOrderBy==BMS-1 );
+ if( nOrderBy>BMS-1 ) return 0; /* Cannot optimize overly large ORDER BYs */
+ isOrderDistinct = 1;
+ obDone = MASKBIT(nOrderBy)-1;
+ orderDistinctMask = 0;
+ ready = 0;
+ for(iLoop=0; isOrderDistinct && obSat<obDone && iLoop<=nLoop; iLoop++){
+ if( iLoop>0 ) ready |= pLoop->maskSelf;
+ pLoop = iLoop<nLoop ? pPath->aLoop[iLoop] : pLast;
+ if( pLoop->wsFlags & WHERE_VIRTUALTABLE ){
+ if( pLoop->u.vtab.isOrdered ) obSat = obDone;
+ break;
+ }
+ iCur = pWInfo->pTabList->a[pLoop->iTab].iCursor;
+
+ /* Mark off any ORDER BY term X that is a column in the table of
+ ** the current loop for which there is term in the WHERE
+ ** clause of the form X IS NULL or X=? that reference only outer
+ ** loops.
+ */
+ for(i=0; i<nOrderBy; i++){
+ if( MASKBIT(i) & obSat ) continue;
+ pOBExpr = sqlite3ExprSkipCollate(pOrderBy->a[i].pExpr);
+ if( pOBExpr->op!=TK_COLUMN ) continue;
+ if( pOBExpr->iTable!=iCur ) continue;
+ pTerm = sqlite3WhereFindTerm(&pWInfo->sWC, iCur, pOBExpr->iColumn,
+ ~ready, WO_EQ|WO_ISNULL|WO_IS, 0);
+ if( pTerm==0 ) continue;
+ if( (pTerm->eOperator&(WO_EQ|WO_IS))!=0 && pOBExpr->iColumn>=0 ){
+ const char *z1, *z2;
+ pColl = sqlite3ExprCollSeq(pWInfo->pParse, pOrderBy->a[i].pExpr);
+ if( !pColl ) pColl = db->pDfltColl;
+ z1 = pColl->zName;
+ pColl = sqlite3ExprCollSeq(pWInfo->pParse, pTerm->pExpr);
+ if( !pColl ) pColl = db->pDfltColl;
+ z2 = pColl->zName;
+ if( sqlite3StrICmp(z1, z2)!=0 ) continue;
+ testcase( pTerm->pExpr->op==TK_IS );
+ }
+ obSat |= MASKBIT(i);
+ }
+
+ if( (pLoop->wsFlags & WHERE_ONEROW)==0 ){
+ if( pLoop->wsFlags & WHERE_IPK ){
+ pIndex = 0;
+ nKeyCol = 0;
+ nColumn = 1;
+ }else if( (pIndex = pLoop->u.btree.pIndex)==0 || pIndex->bUnordered ){
+ return 0;
+ }else{
+ nKeyCol = pIndex->nKeyCol;
+ nColumn = pIndex->nColumn;
+ assert( nColumn==nKeyCol+1 || !HasRowid(pIndex->pTable) );
+ assert( pIndex->aiColumn[nColumn-1]==XN_ROWID
+ || !HasRowid(pIndex->pTable));
+ isOrderDistinct = IsUniqueIndex(pIndex);
+ }
+
+ /* Loop through all columns of the index and deal with the ones
+ ** that are not constrained by == or IN.
+ */
+ rev = revSet = 0;
+ distinctColumns = 0;
+ for(j=0; j<nColumn; j++){
+ u8 bOnce; /* True to run the ORDER BY search loop */
+
+ /* Skip over == and IS NULL terms */
+ if( j<pLoop->u.btree.nEq
+ && pLoop->nSkip==0
+ && ((i = pLoop->aLTerm[j]->eOperator) & (WO_EQ|WO_ISNULL|WO_IS))!=0
+ ){
+ if( i & WO_ISNULL ){
+ testcase( isOrderDistinct );
+ isOrderDistinct = 0;
+ }
+ continue;
+ }
+
+ /* Get the column number in the table (iColumn) and sort order
+ ** (revIdx) for the j-th column of the index.
+ */
+ if( pIndex ){
+ iColumn = pIndex->aiColumn[j];
+ revIdx = pIndex->aSortOrder[j];
+ if( iColumn==pIndex->pTable->iPKey ) iColumn = -1;
+ }else{
+ iColumn = XN_ROWID;
+ revIdx = 0;
+ }
+
+ /* An unconstrained column that might be NULL means that this
+ ** WhereLoop is not well-ordered
+ */
+ if( isOrderDistinct
+ && iColumn>=0
+ && j>=pLoop->u.btree.nEq
+ && pIndex->pTable->aCol[iColumn].notNull==0
+ ){
+ isOrderDistinct = 0;
+ }
+
+ /* Find the ORDER BY term that corresponds to the j-th column
+ ** of the index and mark that ORDER BY term off
+ */
+ bOnce = 1;
+ isMatch = 0;
+ for(i=0; bOnce && i<nOrderBy; i++){
+ if( MASKBIT(i) & obSat ) continue;
+ pOBExpr = sqlite3ExprSkipCollate(pOrderBy->a[i].pExpr);
+ testcase( wctrlFlags & WHERE_GROUPBY );
+ testcase( wctrlFlags & WHERE_DISTINCTBY );
+ if( (wctrlFlags & (WHERE_GROUPBY|WHERE_DISTINCTBY))==0 ) bOnce = 0;
+ if( iColumn>=(-1) ){
+ if( pOBExpr->op!=TK_COLUMN ) continue;
+ if( pOBExpr->iTable!=iCur ) continue;
+ if( pOBExpr->iColumn!=iColumn ) continue;
+ }else{
+ if( sqlite3ExprCompare(pOBExpr,pIndex->aColExpr->a[j].pExpr,iCur) ){
+ continue;
+ }
+ }
+ if( iColumn>=0 ){
+ pColl = sqlite3ExprCollSeq(pWInfo->pParse, pOrderBy->a[i].pExpr);
+ if( !pColl ) pColl = db->pDfltColl;
+ if( sqlite3StrICmp(pColl->zName, pIndex->azColl[j])!=0 ) continue;
+ }
+ isMatch = 1;
+ break;
+ }
+ if( isMatch && (wctrlFlags & WHERE_GROUPBY)==0 ){
+ /* Make sure the sort order is compatible in an ORDER BY clause.
+ ** Sort order is irrelevant for a GROUP BY clause. */
+ if( revSet ){
+ if( (rev ^ revIdx)!=pOrderBy->a[i].sortOrder ) isMatch = 0;
+ }else{
+ rev = revIdx ^ pOrderBy->a[i].sortOrder;
+ if( rev ) *pRevMask |= MASKBIT(iLoop);
+ revSet = 1;
+ }
+ }
+ if( isMatch ){
+ if( iColumn<0 ){
+ testcase( distinctColumns==0 );
+ distinctColumns = 1;
+ }
+ obSat |= MASKBIT(i);
+ }else{
+ /* No match found */
+ if( j==0 || j<nKeyCol ){
+ testcase( isOrderDistinct!=0 );
+ isOrderDistinct = 0;
+ }
+ break;
+ }
+ } /* end Loop over all index columns */
+ if( distinctColumns ){
+ testcase( isOrderDistinct==0 );
+ isOrderDistinct = 1;
+ }
+ } /* end-if not one-row */
+
+ /* Mark off any other ORDER BY terms that reference pLoop */
+ if( isOrderDistinct ){
+ orderDistinctMask |= pLoop->maskSelf;
+ for(i=0; i<nOrderBy; i++){
+ Expr *p;
+ Bitmask mTerm;
+ if( MASKBIT(i) & obSat ) continue;
+ p = pOrderBy->a[i].pExpr;
+ mTerm = sqlite3WhereExprUsage(&pWInfo->sMaskSet,p);
+ if( mTerm==0 && !sqlite3ExprIsConstant(p) ) continue;
+ if( (mTerm&~orderDistinctMask)==0 ){
+ obSat |= MASKBIT(i);
+ }
+ }
+ }
+ } /* End the loop over all WhereLoops from outer-most down to inner-most */
+ if( obSat==obDone ) return (i8)nOrderBy;
+ if( !isOrderDistinct ){
+ for(i=nOrderBy-1; i>0; i--){
+ Bitmask m = MASKBIT(i) - 1;
+ if( (obSat&m)==m ) return i;
+ }
+ return 0;
+ }
+ return -1;
+}
+
+
+/*
+** If the WHERE_GROUPBY flag is set in the mask passed to sqlite3WhereBegin(),
+** the planner assumes that the specified pOrderBy list is actually a GROUP
+** BY clause - and so any order that groups rows as required satisfies the
+** request.
+**
+** Normally, in this case it is not possible for the caller to determine
+** whether or not the rows are really being delivered in sorted order, or
+** just in some other order that provides the required grouping. However,
+** if the WHERE_SORTBYGROUP flag is also passed to sqlite3WhereBegin(), then
+** this function may be called on the returned WhereInfo object. It returns
+** true if the rows really will be sorted in the specified order, or false
+** otherwise.
+**
+** For example, assuming:
+**
+** CREATE INDEX i1 ON t1(x, Y);
+**
+** then
+**
+** SELECT * FROM t1 GROUP BY x,y ORDER BY x,y; -- IsSorted()==1
+** SELECT * FROM t1 GROUP BY y,x ORDER BY y,x; -- IsSorted()==0
+*/
+SQLITE_PRIVATE int sqlite3WhereIsSorted(WhereInfo *pWInfo){
+ assert( pWInfo->wctrlFlags & WHERE_GROUPBY );
+ assert( pWInfo->wctrlFlags & WHERE_SORTBYGROUP );
+ return pWInfo->sorted;
+}
+
+#ifdef WHERETRACE_ENABLED
+/* For debugging use only: */
+static const char *wherePathName(WherePath *pPath, int nLoop, WhereLoop *pLast){
+ static char zName[65];
+ int i;
+ for(i=0; i<nLoop; i++){ zName[i] = pPath->aLoop[i]->cId; }
+ if( pLast ) zName[i++] = pLast->cId;
+ zName[i] = 0;
+ return zName;
+}
+#endif
+
+/*
+** Return the cost of sorting nRow rows, assuming that the keys have
+** nOrderby columns and that the first nSorted columns are already in
+** order.
+*/
+static LogEst whereSortingCost(
+ WhereInfo *pWInfo,
+ LogEst nRow,
+ int nOrderBy,
+ int nSorted
+){
+ /* TUNING: Estimated cost of a full external sort, where N is
+ ** the number of rows to sort is:
+ **
+ ** cost = (3.0 * N * log(N)).
+ **
+ ** Or, if the order-by clause has X terms but only the last Y
+ ** terms are out of order, then block-sorting will reduce the
+ ** sorting cost to:
+ **
+ ** cost = (3.0 * N * log(N)) * (Y/X)
+ **
+ ** The (Y/X) term is implemented using stack variable rScale
+ ** below. */
+ LogEst rScale, rSortCost;
+ assert( nOrderBy>0 && 66==sqlite3LogEst(100) );
+ rScale = sqlite3LogEst((nOrderBy-nSorted)*100/nOrderBy) - 66;
+ rSortCost = nRow + estLog(nRow) + rScale + 16;
+
+ /* TUNING: The cost of implementing DISTINCT using a B-TREE is
+ ** similar but with a larger constant of proportionality.
+ ** Multiply by an additional factor of 3.0. */
+ if( pWInfo->wctrlFlags & WHERE_WANT_DISTINCT ){
+ rSortCost += 16;
+ }
+
+ return rSortCost;
+}
+
+/*
+** Given the list of WhereLoop objects at pWInfo->pLoops, this routine
+** attempts to find the lowest cost path that visits each WhereLoop
+** once. This path is then loaded into the pWInfo->a[].pWLoop fields.
+**
+** Assume that the total number of output rows that will need to be sorted
+** will be nRowEst (in the 10*log2 representation). Or, ignore sorting
+** costs if nRowEst==0.
+**
+** Return SQLITE_OK on success or SQLITE_NOMEM of a memory allocation
+** error occurs.
+*/
+static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
+ int mxChoice; /* Maximum number of simultaneous paths tracked */
+ int nLoop; /* Number of terms in the join */
+ Parse *pParse; /* Parsing context */
+ sqlite3 *db; /* The database connection */
+ int iLoop; /* Loop counter over the terms of the join */
+ int ii, jj; /* Loop counters */
+ int mxI = 0; /* Index of next entry to replace */
+ int nOrderBy; /* Number of ORDER BY clause terms */
+ LogEst mxCost = 0; /* Maximum cost of a set of paths */
+ LogEst mxUnsorted = 0; /* Maximum unsorted cost of a set of path */
+ int nTo, nFrom; /* Number of valid entries in aTo[] and aFrom[] */
+ WherePath *aFrom; /* All nFrom paths at the previous level */
+ WherePath *aTo; /* The nTo best paths at the current level */
+ WherePath *pFrom; /* An element of aFrom[] that we are working on */
+ WherePath *pTo; /* An element of aTo[] that we are working on */
+ WhereLoop *pWLoop; /* One of the WhereLoop objects */
+ WhereLoop **pX; /* Used to divy up the pSpace memory */
+ LogEst *aSortCost = 0; /* Sorting and partial sorting costs */
+ char *pSpace; /* Temporary memory used by this routine */
+ int nSpace; /* Bytes of space allocated at pSpace */
+
+ pParse = pWInfo->pParse;
+ db = pParse->db;
+ nLoop = pWInfo->nLevel;
+ /* TUNING: For simple queries, only the best path is tracked.
+ ** For 2-way joins, the 5 best paths are followed.
+ ** For joins of 3 or more tables, track the 10 best paths */
+ mxChoice = (nLoop<=1) ? 1 : (nLoop==2 ? 5 : 10);
+ assert( nLoop<=pWInfo->pTabList->nSrc );
+ WHERETRACE(0x002, ("---- begin solver. (nRowEst=%d)\n", nRowEst));
+
+ /* If nRowEst is zero and there is an ORDER BY clause, ignore it. In this
+ ** case the purpose of this call is to estimate the number of rows returned
+ ** by the overall query. Once this estimate has been obtained, the caller
+ ** will invoke this function a second time, passing the estimate as the
+ ** nRowEst parameter. */
+ if( pWInfo->pOrderBy==0 || nRowEst==0 ){
+ nOrderBy = 0;
+ }else{
+ nOrderBy = pWInfo->pOrderBy->nExpr;
+ }
+
+ /* Allocate and initialize space for aTo, aFrom and aSortCost[] */
+ nSpace = (sizeof(WherePath)+sizeof(WhereLoop*)*nLoop)*mxChoice*2;
+ nSpace += sizeof(LogEst) * nOrderBy;
+ pSpace = sqlite3DbMallocRaw(db, nSpace);
+ if( pSpace==0 ) return SQLITE_NOMEM;
+ aTo = (WherePath*)pSpace;
+ aFrom = aTo+mxChoice;
+ memset(aFrom, 0, sizeof(aFrom[0]));
+ pX = (WhereLoop**)(aFrom+mxChoice);
+ for(ii=mxChoice*2, pFrom=aTo; ii>0; ii--, pFrom++, pX += nLoop){
+ pFrom->aLoop = pX;
+ }
+ if( nOrderBy ){
+ /* If there is an ORDER BY clause and it is not being ignored, set up
+ ** space for the aSortCost[] array. Each element of the aSortCost array
+ ** is either zero - meaning it has not yet been initialized - or the
+ ** cost of sorting nRowEst rows of data where the first X terms of
+ ** the ORDER BY clause are already in order, where X is the array
+ ** index. */
+ aSortCost = (LogEst*)pX;
+ memset(aSortCost, 0, sizeof(LogEst) * nOrderBy);
+ }
+ assert( aSortCost==0 || &pSpace[nSpace]==(char*)&aSortCost[nOrderBy] );
+ assert( aSortCost!=0 || &pSpace[nSpace]==(char*)pX );
+
+ /* Seed the search with a single WherePath containing zero WhereLoops.
+ **
+ ** TUNING: Do not let the number of iterations go above 28. If the cost
+ ** of computing an automatic index is not paid back within the first 28
+ ** rows, then do not use the automatic index. */
+ aFrom[0].nRow = MIN(pParse->nQueryLoop, 48); assert( 48==sqlite3LogEst(28) );
+ nFrom = 1;
+ assert( aFrom[0].isOrdered==0 );
+ if( nOrderBy ){
+ /* If nLoop is zero, then there are no FROM terms in the query. Since
+ ** in this case the query may return a maximum of one row, the results
+ ** are already in the requested order. Set isOrdered to nOrderBy to
+ ** indicate this. Or, if nLoop is greater than zero, set isOrdered to
+ ** -1, indicating that the result set may or may not be ordered,
+ ** depending on the loops added to the current plan. */
+ aFrom[0].isOrdered = nLoop>0 ? -1 : nOrderBy;
+ }
+
+ /* Compute successively longer WherePaths using the previous generation
+ ** of WherePaths as the basis for the next. Keep track of the mxChoice
+ ** best paths at each generation */
+ for(iLoop=0; iLoop<nLoop; iLoop++){
+ nTo = 0;
+ for(ii=0, pFrom=aFrom; ii<nFrom; ii++, pFrom++){
+ for(pWLoop=pWInfo->pLoops; pWLoop; pWLoop=pWLoop->pNextLoop){
+ LogEst nOut; /* Rows visited by (pFrom+pWLoop) */
+ LogEst rCost; /* Cost of path (pFrom+pWLoop) */
+ LogEst rUnsorted; /* Unsorted cost of (pFrom+pWLoop) */
+ i8 isOrdered = pFrom->isOrdered; /* isOrdered for (pFrom+pWLoop) */
+ Bitmask maskNew; /* Mask of src visited by (..) */
+ Bitmask revMask = 0; /* Mask of rev-order loops for (..) */
+
+ if( (pWLoop->prereq & ~pFrom->maskLoop)!=0 ) continue;
+ if( (pWLoop->maskSelf & pFrom->maskLoop)!=0 ) continue;
+ /* At this point, pWLoop is a candidate to be the next loop.
+ ** Compute its cost */
+ rUnsorted = sqlite3LogEstAdd(pWLoop->rSetup,pWLoop->rRun + pFrom->nRow);
+ rUnsorted = sqlite3LogEstAdd(rUnsorted, pFrom->rUnsorted);
+ nOut = pFrom->nRow + pWLoop->nOut;
+ maskNew = pFrom->maskLoop | pWLoop->maskSelf;
+ if( isOrdered<0 ){
+ isOrdered = wherePathSatisfiesOrderBy(pWInfo,
+ pWInfo->pOrderBy, pFrom, pWInfo->wctrlFlags,
+ iLoop, pWLoop, &revMask);
+ }else{
+ revMask = pFrom->revLoop;
+ }
+ if( isOrdered>=0 && isOrdered<nOrderBy ){
+ if( aSortCost[isOrdered]==0 ){
+ aSortCost[isOrdered] = whereSortingCost(
+ pWInfo, nRowEst, nOrderBy, isOrdered
+ );
+ }
+ rCost = sqlite3LogEstAdd(rUnsorted, aSortCost[isOrdered]);
+
+ WHERETRACE(0x002,
+ ("---- sort cost=%-3d (%d/%d) increases cost %3d to %-3d\n",
+ aSortCost[isOrdered], (nOrderBy-isOrdered), nOrderBy,
+ rUnsorted, rCost));
+ }else{
+ rCost = rUnsorted;
+ }
+
+ /* Check to see if pWLoop should be added to the set of
+ ** mxChoice best-so-far paths.
+ **
+ ** First look for an existing path among best-so-far paths
+ ** that covers the same set of loops and has the same isOrdered
+ ** setting as the current path candidate.
+ **
+ ** The term "((pTo->isOrdered^isOrdered)&0x80)==0" is equivalent
+ ** to (pTo->isOrdered==(-1))==(isOrdered==(-1))" for the range
+ ** of legal values for isOrdered, -1..64.
+ */
+ for(jj=0, pTo=aTo; jj<nTo; jj++, pTo++){
+ if( pTo->maskLoop==maskNew
+ && ((pTo->isOrdered^isOrdered)&0x80)==0
+ ){
+ testcase( jj==nTo-1 );
+ break;
+ }
+ }
+ if( jj>=nTo ){
+ /* None of the existing best-so-far paths match the candidate. */
+ if( nTo>=mxChoice
+ && (rCost>mxCost || (rCost==mxCost && rUnsorted>=mxUnsorted))
+ ){
+ /* The current candidate is no better than any of the mxChoice
+ ** paths currently in the best-so-far buffer. So discard
+ ** this candidate as not viable. */
+#ifdef WHERETRACE_ENABLED /* 0x4 */
+ if( sqlite3WhereTrace&0x4 ){
+ sqlite3DebugPrintf("Skip %s cost=%-3d,%3d order=%c\n",
+ wherePathName(pFrom, iLoop, pWLoop), rCost, nOut,
+ isOrdered>=0 ? isOrdered+'0' : '?');
+ }
+#endif
+ continue;
+ }
+ /* If we reach this points it means that the new candidate path
+ ** needs to be added to the set of best-so-far paths. */
+ if( nTo<mxChoice ){
+ /* Increase the size of the aTo set by one */
+ jj = nTo++;
+ }else{
+ /* New path replaces the prior worst to keep count below mxChoice */
+ jj = mxI;
+ }
+ pTo = &aTo[jj];
+#ifdef WHERETRACE_ENABLED /* 0x4 */
+ if( sqlite3WhereTrace&0x4 ){
+ sqlite3DebugPrintf("New %s cost=%-3d,%3d order=%c\n",
+ wherePathName(pFrom, iLoop, pWLoop), rCost, nOut,
+ isOrdered>=0 ? isOrdered+'0' : '?');
+ }
+#endif
+ }else{
+ /* Control reaches here if best-so-far path pTo=aTo[jj] covers the
+ ** same set of loops and has the sam isOrdered setting as the
+ ** candidate path. Check to see if the candidate should replace
+ ** pTo or if the candidate should be skipped */
+ if( pTo->rCost<rCost || (pTo->rCost==rCost && pTo->nRow<=nOut) ){
+#ifdef WHERETRACE_ENABLED /* 0x4 */
+ if( sqlite3WhereTrace&0x4 ){
+ sqlite3DebugPrintf(
+ "Skip %s cost=%-3d,%3d order=%c",
+ wherePathName(pFrom, iLoop, pWLoop), rCost, nOut,
+ isOrdered>=0 ? isOrdered+'0' : '?');
+ sqlite3DebugPrintf(" vs %s cost=%-3d,%d order=%c\n",
+ wherePathName(pTo, iLoop+1, 0), pTo->rCost, pTo->nRow,
+ pTo->isOrdered>=0 ? pTo->isOrdered+'0' : '?');
+ }
+#endif
+ /* Discard the candidate path from further consideration */
+ testcase( pTo->rCost==rCost );
+ continue;
+ }
+ testcase( pTo->rCost==rCost+1 );
+ /* Control reaches here if the candidate path is better than the
+ ** pTo path. Replace pTo with the candidate. */
+#ifdef WHERETRACE_ENABLED /* 0x4 */
+ if( sqlite3WhereTrace&0x4 ){
+ sqlite3DebugPrintf(
+ "Update %s cost=%-3d,%3d order=%c",
+ wherePathName(pFrom, iLoop, pWLoop), rCost, nOut,
+ isOrdered>=0 ? isOrdered+'0' : '?');
+ sqlite3DebugPrintf(" was %s cost=%-3d,%3d order=%c\n",
+ wherePathName(pTo, iLoop+1, 0), pTo->rCost, pTo->nRow,
+ pTo->isOrdered>=0 ? pTo->isOrdered+'0' : '?');
+ }
+#endif
+ }
+ /* pWLoop is a winner. Add it to the set of best so far */
+ pTo->maskLoop = pFrom->maskLoop | pWLoop->maskSelf;
+ pTo->revLoop = revMask;
+ pTo->nRow = nOut;
+ pTo->rCost = rCost;
+ pTo->rUnsorted = rUnsorted;
+ pTo->isOrdered = isOrdered;
+ memcpy(pTo->aLoop, pFrom->aLoop, sizeof(WhereLoop*)*iLoop);
+ pTo->aLoop[iLoop] = pWLoop;
+ if( nTo>=mxChoice ){
+ mxI = 0;
+ mxCost = aTo[0].rCost;
+ mxUnsorted = aTo[0].nRow;
+ for(jj=1, pTo=&aTo[1]; jj<mxChoice; jj++, pTo++){
+ if( pTo->rCost>mxCost
+ || (pTo->rCost==mxCost && pTo->rUnsorted>mxUnsorted)
+ ){
+ mxCost = pTo->rCost;
+ mxUnsorted = pTo->rUnsorted;
+ mxI = jj;
+ }
+ }
+ }
+ }
+ }
+
+#ifdef WHERETRACE_ENABLED /* >=2 */
+ if( sqlite3WhereTrace & 0x02 ){
+ sqlite3DebugPrintf("---- after round %d ----\n", iLoop);
+ for(ii=0, pTo=aTo; ii<nTo; ii++, pTo++){
+ sqlite3DebugPrintf(" %s cost=%-3d nrow=%-3d order=%c",
+ wherePathName(pTo, iLoop+1, 0), pTo->rCost, pTo->nRow,
+ pTo->isOrdered>=0 ? (pTo->isOrdered+'0') : '?');
+ if( pTo->isOrdered>0 ){
+ sqlite3DebugPrintf(" rev=0x%llx\n", pTo->revLoop);
+ }else{
+ sqlite3DebugPrintf("\n");
+ }
+ }
+ }
+#endif
+
+ /* Swap the roles of aFrom and aTo for the next generation */
+ pFrom = aTo;
+ aTo = aFrom;
+ aFrom = pFrom;
+ nFrom = nTo;
+ }
+
+ if( nFrom==0 ){
+ sqlite3ErrorMsg(pParse, "no query solution");
+ sqlite3DbFree(db, pSpace);
+ return SQLITE_ERROR;
+ }
+
+ /* Find the lowest cost path. pFrom will be left pointing to that path */
+ pFrom = aFrom;
+ for(ii=1; ii<nFrom; ii++){
+ if( pFrom->rCost>aFrom[ii].rCost ) pFrom = &aFrom[ii];
+ }
+ assert( pWInfo->nLevel==nLoop );
+ /* Load the lowest cost path into pWInfo */
+ for(iLoop=0; iLoop<nLoop; iLoop++){
+ WhereLevel *pLevel = pWInfo->a + iLoop;
+ pLevel->pWLoop = pWLoop = pFrom->aLoop[iLoop];
+ pLevel->iFrom = pWLoop->iTab;
+ pLevel->iTabCur = pWInfo->pTabList->a[pLevel->iFrom].iCursor;
+ }
+ if( (pWInfo->wctrlFlags & WHERE_WANT_DISTINCT)!=0
+ && (pWInfo->wctrlFlags & WHERE_DISTINCTBY)==0
+ && pWInfo->eDistinct==WHERE_DISTINCT_NOOP
+ && nRowEst
+ ){
+ Bitmask notUsed;
+ int rc = wherePathSatisfiesOrderBy(pWInfo, pWInfo->pResultSet, pFrom,
+ WHERE_DISTINCTBY, nLoop-1, pFrom->aLoop[nLoop-1], &notUsed);
+ if( rc==pWInfo->pResultSet->nExpr ){
+ pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
+ }
+ }
+ if( pWInfo->pOrderBy ){
+ if( pWInfo->wctrlFlags & WHERE_DISTINCTBY ){
+ if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
+ pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
+ }
+ }else{
+ pWInfo->nOBSat = pFrom->isOrdered;
+ if( pWInfo->nOBSat<0 ) pWInfo->nOBSat = 0;
+ pWInfo->revMask = pFrom->revLoop;
+ }
+ if( (pWInfo->wctrlFlags & WHERE_SORTBYGROUP)
+ && pWInfo->nOBSat==pWInfo->pOrderBy->nExpr && nLoop>0
+ ){
+ Bitmask revMask = 0;
+ int nOrder = wherePathSatisfiesOrderBy(pWInfo, pWInfo->pOrderBy,
+ pFrom, 0, nLoop-1, pFrom->aLoop[nLoop-1], &revMask
+ );
+ assert( pWInfo->sorted==0 );
+ if( nOrder==pWInfo->pOrderBy->nExpr ){
+ pWInfo->sorted = 1;
+ pWInfo->revMask = revMask;
+ }
+ }
+ }
+
+
+ pWInfo->nRowOut = pFrom->nRow;
+
+ /* Free temporary memory and return success */
+ sqlite3DbFree(db, pSpace);
+ return SQLITE_OK;
+}
+
+/*
+** Most queries use only a single table (they are not joins) and have
+** simple == constraints against indexed fields. This routine attempts
+** to plan those simple cases using much less ceremony than the
+** general-purpose query planner, and thereby yield faster sqlite3_prepare()
+** times for the common case.
+**
+** Return non-zero on success, if this query can be handled by this
+** no-frills query planner. Return zero if this query needs the
+** general-purpose query planner.
+*/
+static int whereShortCut(WhereLoopBuilder *pBuilder){
+ WhereInfo *pWInfo;
+ struct SrcList_item *pItem;
+ WhereClause *pWC;
+ WhereTerm *pTerm;
+ WhereLoop *pLoop;
+ int iCur;
+ int j;
+ Table *pTab;
+ Index *pIdx;
+
+ pWInfo = pBuilder->pWInfo;
+ if( pWInfo->wctrlFlags & WHERE_FORCE_TABLE ) return 0;
+ assert( pWInfo->pTabList->nSrc>=1 );
+ pItem = pWInfo->pTabList->a;
+ pTab = pItem->pTab;
+ if( IsVirtual(pTab) ) return 0;
+ if( pItem->fg.isIndexedBy ) return 0;
+ iCur = pItem->iCursor;
+ pWC = &pWInfo->sWC;
+ pLoop = pBuilder->pNew;
+ pLoop->wsFlags = 0;
+ pLoop->nSkip = 0;
+ pTerm = sqlite3WhereFindTerm(pWC, iCur, -1, 0, WO_EQ|WO_IS, 0);
+ if( pTerm ){
+ testcase( pTerm->eOperator & WO_IS );
+ pLoop->wsFlags = WHERE_COLUMN_EQ|WHERE_IPK|WHERE_ONEROW;
+ pLoop->aLTerm[0] = pTerm;
+ pLoop->nLTerm = 1;
+ pLoop->u.btree.nEq = 1;
+ /* TUNING: Cost of a rowid lookup is 10 */
+ pLoop->rRun = 33; /* 33==sqlite3LogEst(10) */
+ }else{
+ for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+ int opMask;
+ assert( pLoop->aLTermSpace==pLoop->aLTerm );
+ if( !IsUniqueIndex(pIdx)
+ || pIdx->pPartIdxWhere!=0
+ || pIdx->nKeyCol>ArraySize(pLoop->aLTermSpace)
+ ) continue;
+ opMask = pIdx->uniqNotNull ? (WO_EQ|WO_IS) : WO_EQ;
+ for(j=0; j<pIdx->nKeyCol; j++){
+ pTerm = sqlite3WhereFindTerm(pWC, iCur, j, 0, opMask, pIdx);
+ if( pTerm==0 ) break;
+ testcase( pTerm->eOperator & WO_IS );
+ pLoop->aLTerm[j] = pTerm;
+ }
+ if( j!=pIdx->nKeyCol ) continue;
+ pLoop->wsFlags = WHERE_COLUMN_EQ|WHERE_ONEROW|WHERE_INDEXED;
+ if( pIdx->isCovering || (pItem->colUsed & ~columnsInIndex(pIdx))==0 ){
+ pLoop->wsFlags |= WHERE_IDX_ONLY;
+ }
+ pLoop->nLTerm = j;
+ pLoop->u.btree.nEq = j;
+ pLoop->u.btree.pIndex = pIdx;
+ /* TUNING: Cost of a unique index lookup is 15 */
+ pLoop->rRun = 39; /* 39==sqlite3LogEst(15) */
+ break;
+ }
+ }
+ if( pLoop->wsFlags ){
+ pLoop->nOut = (LogEst)1;
+ pWInfo->a[0].pWLoop = pLoop;
+ pLoop->maskSelf = sqlite3WhereGetMask(&pWInfo->sMaskSet, iCur);
+ pWInfo->a[0].iTabCur = iCur;
+ pWInfo->nRowOut = 1;
+ if( pWInfo->pOrderBy ) pWInfo->nOBSat = pWInfo->pOrderBy->nExpr;
+ if( pWInfo->wctrlFlags & WHERE_WANT_DISTINCT ){
+ pWInfo->eDistinct = WHERE_DISTINCT_UNIQUE;
+ }
+#ifdef SQLITE_DEBUG
+ pLoop->cId = '0';
+#endif
+ return 1;
+ }
+ return 0;
+}
+
+/*
+** Generate the beginning of the loop used for WHERE clause processing.
+** The return value is a pointer to an opaque structure that contains
+** information needed to terminate the loop. Later, the calling routine
+** should invoke sqlite3WhereEnd() with the return value of this function
+** in order to complete the WHERE clause processing.
+**
+** If an error occurs, this routine returns NULL.
+**
+** The basic idea is to do a nested loop, one loop for each table in
+** the FROM clause of a select. (INSERT and UPDATE statements are the
+** same as a SELECT with only a single table in the FROM clause.) For
+** example, if the SQL is this:
+**
+** SELECT * FROM t1, t2, t3 WHERE ...;
+**
+** Then the code generated is conceptually like the following:
+**
+** foreach row1 in t1 do \ Code generated
+** foreach row2 in t2 do |-- by sqlite3WhereBegin()
+** foreach row3 in t3 do /
+** ...
+** end \ Code generated
+** end |-- by sqlite3WhereEnd()
+** end /
+**
+** Note that the loops might not be nested in the order in which they
+** appear in the FROM clause if a different order is better able to make
+** use of indices. Note also that when the IN operator appears in
+** the WHERE clause, it might result in additional nested loops for
+** scanning through all values on the right-hand side of the IN.
+**
+** There are Btree cursors associated with each table. t1 uses cursor
+** number pTabList->a[0].iCursor. t2 uses the cursor pTabList->a[1].iCursor.
+** And so forth. This routine generates code to open those VDBE cursors
+** and sqlite3WhereEnd() generates the code to close them.
+**
+** The code that sqlite3WhereBegin() generates leaves the cursors named
+** in pTabList pointing at their appropriate entries. The [...] code
+** can use OP_Column and OP_Rowid opcodes on these cursors to extract
+** data from the various tables of the loop.
+**
+** If the WHERE clause is empty, the foreach loops must each scan their
+** entire tables. Thus a three-way join is an O(N^3) operation. But if
+** the tables have indices and there are terms in the WHERE clause that
+** refer to those indices, a complete table scan can be avoided and the
+** code will run much faster. Most of the work of this routine is checking
+** to see if there are indices that can be used to speed up the loop.
+**
+** Terms of the WHERE clause are also used to limit which rows actually
+** make it to the "..." in the middle of the loop. After each "foreach",
+** terms of the WHERE clause that use only terms in that loop and outer
+** loops are evaluated and if false a jump is made around all subsequent
+** inner loops (or around the "..." if the test occurs within the inner-
+** most loop)
+**
+** OUTER JOINS
+**
+** An outer join of tables t1 and t2 is conceptally coded as follows:
+**
+** foreach row1 in t1 do
+** flag = 0
+** foreach row2 in t2 do
+** start:
+** ...
+** flag = 1
+** end
+** if flag==0 then
+** move the row2 cursor to a null row
+** goto start
+** fi
+** end
+**
+** ORDER BY CLAUSE PROCESSING
+**
+** pOrderBy is a pointer to the ORDER BY clause (or the GROUP BY clause
+** if the WHERE_GROUPBY flag is set in wctrlFlags) of a SELECT statement
+** if there is one. If there is no ORDER BY clause or if this routine
+** is called from an UPDATE or DELETE statement, then pOrderBy is NULL.
+**
+** The iIdxCur parameter is the cursor number of an index. If
+** WHERE_ONETABLE_ONLY is set, iIdxCur is the cursor number of an index
+** to use for OR clause processing. The WHERE clause should use this
+** specific cursor. If WHERE_ONEPASS_DESIRED is set, then iIdxCur is
+** the first cursor in an array of cursors for all indices. iIdxCur should
+** be used to compute the appropriate cursor depending on which index is
+** used.
+*/
+SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
+ Parse *pParse, /* The parser context */
+ SrcList *pTabList, /* FROM clause: A list of all tables to be scanned */
+ Expr *pWhere, /* The WHERE clause */
+ ExprList *pOrderBy, /* An ORDER BY (or GROUP BY) clause, or NULL */
+ ExprList *pResultSet, /* Result set of the query */
+ u16 wctrlFlags, /* One of the WHERE_* flags defined in sqliteInt.h */
+ int iIdxCur /* If WHERE_ONETABLE_ONLY is set, index cursor number */
+){
+ int nByteWInfo; /* Num. bytes allocated for WhereInfo struct */
+ int nTabList; /* Number of elements in pTabList */
+ WhereInfo *pWInfo; /* Will become the return value of this function */
+ Vdbe *v = pParse->pVdbe; /* The virtual database engine */
+ Bitmask notReady; /* Cursors that are not yet positioned */
+ WhereLoopBuilder sWLB; /* The WhereLoop builder */
+ WhereMaskSet *pMaskSet; /* The expression mask set */
+ WhereLevel *pLevel; /* A single level in pWInfo->a[] */
+ WhereLoop *pLoop; /* Pointer to a single WhereLoop object */
+ int ii; /* Loop counter */
+ sqlite3 *db; /* Database connection */
+ int rc; /* Return code */
+ u8 bFordelete = 0;
+
+ assert( (wctrlFlags & WHERE_ONEPASS_MULTIROW)==0 || (
+ (wctrlFlags & WHERE_ONEPASS_DESIRED)!=0
+ && (wctrlFlags & WHERE_OMIT_OPEN_CLOSE)==0
+ ));
+
+ /* Variable initialization */
+ db = pParse->db;
+ memset(&sWLB, 0, sizeof(sWLB));
+
+ /* An ORDER/GROUP BY clause of more than 63 terms cannot be optimized */
+ testcase( pOrderBy && pOrderBy->nExpr==BMS-1 );
+ if( pOrderBy && pOrderBy->nExpr>=BMS ) pOrderBy = 0;
+ sWLB.pOrderBy = pOrderBy;
+
+ /* Disable the DISTINCT optimization if SQLITE_DistinctOpt is set via
+ ** sqlite3_test_ctrl(SQLITE_TESTCTRL_OPTIMIZATIONS,...) */
+ if( OptimizationDisabled(db, SQLITE_DistinctOpt) ){
+ wctrlFlags &= ~WHERE_WANT_DISTINCT;
+ }
+
+ /* The number of tables in the FROM clause is limited by the number of
+ ** bits in a Bitmask
+ */
+ testcase( pTabList->nSrc==BMS );
+ if( pTabList->nSrc>BMS ){
+ sqlite3ErrorMsg(pParse, "at most %d tables in a join", BMS);
+ return 0;
+ }
+
+ /* This function normally generates a nested loop for all tables in
+ ** pTabList. But if the WHERE_ONETABLE_ONLY flag is set, then we should
+ ** only generate code for the first table in pTabList and assume that
+ ** any cursors associated with subsequent tables are uninitialized.
+ */
+ nTabList = (wctrlFlags & WHERE_ONETABLE_ONLY) ? 1 : pTabList->nSrc;
+
+ /* Allocate and initialize the WhereInfo structure that will become the
+ ** return value. A single allocation is used to store the WhereInfo
+ ** struct, the contents of WhereInfo.a[], the WhereClause structure
+ ** and the WhereMaskSet structure. Since WhereClause contains an 8-byte
+ ** field (type Bitmask) it must be aligned on an 8-byte boundary on
+ ** some architectures. Hence the ROUND8() below.
+ */
+ nByteWInfo = ROUND8(sizeof(WhereInfo)+(nTabList-1)*sizeof(WhereLevel));
+ pWInfo = sqlite3DbMallocZero(db, nByteWInfo + sizeof(WhereLoop));
+ if( db->mallocFailed ){
+ sqlite3DbFree(db, pWInfo);
+ pWInfo = 0;
+ goto whereBeginError;
+ }
+ pWInfo->aiCurOnePass[0] = pWInfo->aiCurOnePass[1] = -1;
+ pWInfo->nLevel = nTabList;
+ pWInfo->pParse = pParse;
+ pWInfo->pTabList = pTabList;
+ pWInfo->pOrderBy = pOrderBy;
+ pWInfo->pResultSet = pResultSet;
+ pWInfo->iBreak = pWInfo->iContinue = sqlite3VdbeMakeLabel(v);
+ pWInfo->wctrlFlags = wctrlFlags;
+ pWInfo->savedNQueryLoop = pParse->nQueryLoop;
+ assert( pWInfo->eOnePass==ONEPASS_OFF ); /* ONEPASS defaults to OFF */
+ pMaskSet = &pWInfo->sMaskSet;
+ sWLB.pWInfo = pWInfo;
+ sWLB.pWC = &pWInfo->sWC;
+ sWLB.pNew = (WhereLoop*)(((char*)pWInfo)+nByteWInfo);
+ assert( EIGHT_BYTE_ALIGNMENT(sWLB.pNew) );
+ whereLoopInit(sWLB.pNew);
+#ifdef SQLITE_DEBUG
+ sWLB.pNew->cId = '*';
+#endif
+
+ /* Split the WHERE clause into separate subexpressions where each
+ ** subexpression is separated by an AND operator.
+ */
+ initMaskSet(pMaskSet);
+ sqlite3WhereClauseInit(&pWInfo->sWC, pWInfo);
+ sqlite3WhereSplit(&pWInfo->sWC, pWhere, TK_AND);
+
+ /* Special case: a WHERE clause that is constant. Evaluate the
+ ** expression and either jump over all of the code or fall thru.
+ */
+ for(ii=0; ii<sWLB.pWC->nTerm; ii++){
+ if( nTabList==0 || sqlite3ExprIsConstantNotJoin(sWLB.pWC->a[ii].pExpr) ){
+ sqlite3ExprIfFalse(pParse, sWLB.pWC->a[ii].pExpr, pWInfo->iBreak,
+ SQLITE_JUMPIFNULL);
+ sWLB.pWC->a[ii].wtFlags |= TERM_CODED;
+ }
+ }
+
+ /* Special case: No FROM clause
+ */
+ if( nTabList==0 ){
+ if( pOrderBy ) pWInfo->nOBSat = pOrderBy->nExpr;
+ if( wctrlFlags & WHERE_WANT_DISTINCT ){
+ pWInfo->eDistinct = WHERE_DISTINCT_UNIQUE;
+ }
+ }
+
+ /* Assign a bit from the bitmask to every term in the FROM clause.
+ **
+ ** The N-th term of the FROM clause is assigned a bitmask of 1<<N.
+ **
+ ** The rule of the previous sentence ensures thta if X is the bitmask for
+ ** a table T, then X-1 is the bitmask for all other tables to the left of T.
+ ** Knowing the bitmask for all tables to the left of a left join is
+ ** important. Ticket #3015.
+ **
+ ** Note that bitmasks are created for all pTabList->nSrc tables in
+ ** pTabList, not just the first nTabList tables. nTabList is normally
+ ** equal to pTabList->nSrc but might be shortened to 1 if the
+ ** WHERE_ONETABLE_ONLY flag is set.
+ */
+ for(ii=0; ii<pTabList->nSrc; ii++){
+ createMask(pMaskSet, pTabList->a[ii].iCursor);
+ sqlite3WhereTabFuncArgs(pParse, &pTabList->a[ii], &pWInfo->sWC);
+ }
+#ifdef SQLITE_DEBUG
+ for(ii=0; ii<pTabList->nSrc; ii++){
+ Bitmask m = sqlite3WhereGetMask(pMaskSet, pTabList->a[ii].iCursor);
+ assert( m==MASKBIT(ii) );
+ }
+#endif
+
+ /* Analyze all of the subexpressions. */
+ sqlite3WhereExprAnalyze(pTabList, &pWInfo->sWC);
+ if( db->mallocFailed ) goto whereBeginError;
+
+ if( wctrlFlags & WHERE_WANT_DISTINCT ){
+ if( isDistinctRedundant(pParse, pTabList, &pWInfo->sWC, pResultSet) ){
+ /* The DISTINCT marking is pointless. Ignore it. */
+ pWInfo->eDistinct = WHERE_DISTINCT_UNIQUE;
+ }else if( pOrderBy==0 ){
+ /* Try to ORDER BY the result set to make distinct processing easier */
+ pWInfo->wctrlFlags |= WHERE_DISTINCTBY;
+ pWInfo->pOrderBy = pResultSet;
+ }
+ }
+
+ /* Construct the WhereLoop objects */
+ WHERETRACE(0xffff,("*** Optimizer Start *** (wctrlFlags: 0x%x)\n",
+ wctrlFlags));
+#if defined(WHERETRACE_ENABLED)
+ if( sqlite3WhereTrace & 0x100 ){ /* Display all terms of the WHERE clause */
+ int i;
+ for(i=0; i<sWLB.pWC->nTerm; i++){
+ whereTermPrint(&sWLB.pWC->a[i], i);
+ }
+ }
+#endif
+
+ if( nTabList!=1 || whereShortCut(&sWLB)==0 ){
+ rc = whereLoopAddAll(&sWLB);
+ if( rc ) goto whereBeginError;
+
+#ifdef WHERETRACE_ENABLED
+ if( sqlite3WhereTrace ){ /* Display all of the WhereLoop objects */
+ WhereLoop *p;
+ int i;
+ static const char zLabel[] = "0123456789abcdefghijklmnopqrstuvwyxz"
+ "ABCDEFGHIJKLMNOPQRSTUVWYXZ";
+ for(p=pWInfo->pLoops, i=0; p; p=p->pNextLoop, i++){
+ p->cId = zLabel[i%sizeof(zLabel)];
+ whereLoopPrint(p, sWLB.pWC);
+ }
+ }
+#endif
+
+ wherePathSolver(pWInfo, 0);
+ if( db->mallocFailed ) goto whereBeginError;
+ if( pWInfo->pOrderBy ){
+ wherePathSolver(pWInfo, pWInfo->nRowOut+1);
+ if( db->mallocFailed ) goto whereBeginError;
+ }
+ }
+ if( pWInfo->pOrderBy==0 && (db->flags & SQLITE_ReverseOrder)!=0 ){
+ pWInfo->revMask = (Bitmask)(-1);
+ }
+ if( pParse->nErr || NEVER(db->mallocFailed) ){
+ goto whereBeginError;
+ }
+#ifdef WHERETRACE_ENABLED
+ if( sqlite3WhereTrace ){
+ sqlite3DebugPrintf("---- Solution nRow=%d", pWInfo->nRowOut);
+ if( pWInfo->nOBSat>0 ){
+ sqlite3DebugPrintf(" ORDERBY=%d,0x%llx", pWInfo->nOBSat, pWInfo->revMask);
+ }
+ switch( pWInfo->eDistinct ){
+ case WHERE_DISTINCT_UNIQUE: {
+ sqlite3DebugPrintf(" DISTINCT=unique");
+ break;
+ }
+ case WHERE_DISTINCT_ORDERED: {
+ sqlite3DebugPrintf(" DISTINCT=ordered");
+ break;
+ }
+ case WHERE_DISTINCT_UNORDERED: {
+ sqlite3DebugPrintf(" DISTINCT=unordered");
+ break;
+ }
+ }
+ sqlite3DebugPrintf("\n");
+ for(ii=0; ii<pWInfo->nLevel; ii++){
+ whereLoopPrint(pWInfo->a[ii].pWLoop, sWLB.pWC);
+ }
+ }
+#endif
+ /* Attempt to omit tables from the join that do not effect the result */
+ if( pWInfo->nLevel>=2
+ && pResultSet!=0
+ && OptimizationEnabled(db, SQLITE_OmitNoopJoin)
+ ){
+ Bitmask tabUsed = sqlite3WhereExprListUsage(pMaskSet, pResultSet);
+ if( sWLB.pOrderBy ){
+ tabUsed |= sqlite3WhereExprListUsage(pMaskSet, sWLB.pOrderBy);
+ }
+ while( pWInfo->nLevel>=2 ){
+ WhereTerm *pTerm, *pEnd;
+ pLoop = pWInfo->a[pWInfo->nLevel-1].pWLoop;
+ if( (pWInfo->pTabList->a[pLoop->iTab].fg.jointype & JT_LEFT)==0 ) break;
+ if( (wctrlFlags & WHERE_WANT_DISTINCT)==0
+ && (pLoop->wsFlags & WHERE_ONEROW)==0
+ ){
+ break;
+ }
+ if( (tabUsed & pLoop->maskSelf)!=0 ) break;
+ pEnd = sWLB.pWC->a + sWLB.pWC->nTerm;
+ for(pTerm=sWLB.pWC->a; pTerm<pEnd; pTerm++){
+ if( (pTerm->prereqAll & pLoop->maskSelf)!=0
+ && !ExprHasProperty(pTerm->pExpr, EP_FromJoin)
+ ){
+ break;
+ }
+ }
+ if( pTerm<pEnd ) break;
+ WHERETRACE(0xffff, ("-> drop loop %c not used\n", pLoop->cId));
+ pWInfo->nLevel--;
+ nTabList--;
+ }
+ }
+ WHERETRACE(0xffff,("*** Optimizer Finished ***\n"));
+ pWInfo->pParse->nQueryLoop += pWInfo->nRowOut;
+
+ /* If the caller is an UPDATE or DELETE statement that is requesting
+ ** to use a one-pass algorithm, determine if this is appropriate.
+ ** The one-pass algorithm only works if the WHERE clause constrains
+ ** the statement to update or delete a single row.
+ */
+ assert( (wctrlFlags & WHERE_ONEPASS_DESIRED)==0 || pWInfo->nLevel==1 );
+ if( (wctrlFlags & WHERE_ONEPASS_DESIRED)!=0 ){
+ int wsFlags = pWInfo->a[0].pWLoop->wsFlags;
+ int bOnerow = (wsFlags & WHERE_ONEROW)!=0;
+ if( bOnerow || ( (wctrlFlags & WHERE_ONEPASS_MULTIROW)
+ && 0==(wsFlags & WHERE_VIRTUALTABLE)
+ )){
+ pWInfo->eOnePass = bOnerow ? ONEPASS_SINGLE : ONEPASS_MULTI;
+ if( HasRowid(pTabList->a[0].pTab) && (wsFlags & WHERE_IDX_ONLY) ){
+ if( wctrlFlags & WHERE_ONEPASS_MULTIROW ){
+ bFordelete = OPFLAG_FORDELETE;
+ }
+ pWInfo->a[0].pWLoop->wsFlags = (wsFlags & ~WHERE_IDX_ONLY);
+ }
+ }
+ }
+
+ /* Open all tables in the pTabList and any indices selected for
+ ** searching those tables.
+ */
+ for(ii=0, pLevel=pWInfo->a; ii<nTabList; ii++, pLevel++){
+ Table *pTab; /* Table to open */
+ int iDb; /* Index of database containing table/index */
+ struct SrcList_item *pTabItem;
+
+ pTabItem = &pTabList->a[pLevel->iFrom];
+ pTab = pTabItem->pTab;
+ iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
+ pLoop = pLevel->pWLoop;
+ if( (pTab->tabFlags & TF_Ephemeral)!=0 || pTab->pSelect ){
+ /* Do nothing */
+ }else
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( (pLoop->wsFlags & WHERE_VIRTUALTABLE)!=0 ){
+ const char *pVTab = (const char *)sqlite3GetVTable(db, pTab);
+ int iCur = pTabItem->iCursor;
+ sqlite3VdbeAddOp4(v, OP_VOpen, iCur, 0, 0, pVTab, P4_VTAB);
+ }else if( IsVirtual(pTab) ){
+ /* noop */
+ }else
+#endif
+ if( (pLoop->wsFlags & WHERE_IDX_ONLY)==0
+ && (wctrlFlags & WHERE_OMIT_OPEN_CLOSE)==0 ){
+ int op = OP_OpenRead;
+ if( pWInfo->eOnePass!=ONEPASS_OFF ){
+ op = OP_OpenWrite;
+ pWInfo->aiCurOnePass[0] = pTabItem->iCursor;
+ };
+ sqlite3OpenTable(pParse, pTabItem->iCursor, iDb, pTab, op);
+ assert( pTabItem->iCursor==pLevel->iTabCur );
+ testcase( pWInfo->eOnePass==ONEPASS_OFF && pTab->nCol==BMS-1 );
+ testcase( pWInfo->eOnePass==ONEPASS_OFF && pTab->nCol==BMS );
+ if( pWInfo->eOnePass==ONEPASS_OFF && pTab->nCol<BMS && HasRowid(pTab) ){
+ Bitmask b = pTabItem->colUsed;
+ int n = 0;
+ for(; b; b=b>>1, n++){}
+ sqlite3VdbeChangeP4(v, sqlite3VdbeCurrentAddr(v)-1,
+ SQLITE_INT_TO_PTR(n), P4_INT32);
+ assert( n<=pTab->nCol );
+ }
+#ifdef SQLITE_ENABLE_CURSOR_HINTS
+ if( pLoop->u.btree.pIndex!=0 ){
+ sqlite3VdbeChangeP5(v, OPFLAG_SEEKEQ|bFordelete);
+ }else
+#endif
+ {
+ sqlite3VdbeChangeP5(v, bFordelete);
+ }
+#ifdef SQLITE_ENABLE_COLUMN_USED_MASK
+ sqlite3VdbeAddOp4Dup8(v, OP_ColumnsUsed, pTabItem->iCursor, 0, 0,
+ (const u8*)&pTabItem->colUsed, P4_INT64);
+#endif
+ }else{
+ sqlite3TableLock(pParse, iDb, pTab->tnum, 0, pTab->zName);
+ }
+ if( pLoop->wsFlags & WHERE_INDEXED ){
+ Index *pIx = pLoop->u.btree.pIndex;
+ int iIndexCur;
+ int op = OP_OpenRead;
+ /* iIdxCur is always set if to a positive value if ONEPASS is possible */
+ assert( iIdxCur!=0 || (pWInfo->wctrlFlags & WHERE_ONEPASS_DESIRED)==0 );
+ if( !HasRowid(pTab) && IsPrimaryKeyIndex(pIx)
+ && (wctrlFlags & WHERE_ONETABLE_ONLY)!=0
+ ){
+ /* This is one term of an OR-optimization using the PRIMARY KEY of a
+ ** WITHOUT ROWID table. No need for a separate index */
+ iIndexCur = pLevel->iTabCur;
+ op = 0;
+ }else if( pWInfo->eOnePass!=ONEPASS_OFF ){
+ Index *pJ = pTabItem->pTab->pIndex;
+ iIndexCur = iIdxCur;
+ assert( wctrlFlags & WHERE_ONEPASS_DESIRED );
+ while( ALWAYS(pJ) && pJ!=pIx ){
+ iIndexCur++;
+ pJ = pJ->pNext;
+ }
+ op = OP_OpenWrite;
+ pWInfo->aiCurOnePass[1] = iIndexCur;
+ }else if( iIdxCur && (wctrlFlags & WHERE_ONETABLE_ONLY)!=0 ){
+ iIndexCur = iIdxCur;
+ if( wctrlFlags & WHERE_REOPEN_IDX ) op = OP_ReopenIdx;
+ }else{
+ iIndexCur = pParse->nTab++;
+ }
+ pLevel->iIdxCur = iIndexCur;
+ assert( pIx->pSchema==pTab->pSchema );
+ assert( iIndexCur>=0 );
+ if( op ){
+ sqlite3VdbeAddOp3(v, op, iIndexCur, pIx->tnum, iDb);
+ sqlite3VdbeSetP4KeyInfo(pParse, pIx);
+ if( (pLoop->wsFlags & WHERE_CONSTRAINT)!=0
+ && (pLoop->wsFlags & (WHERE_COLUMN_RANGE|WHERE_SKIPSCAN))==0
+ && (pWInfo->wctrlFlags&WHERE_ORDERBY_MIN)==0
+ ){
+ sqlite3VdbeChangeP5(v, OPFLAG_SEEKEQ); /* Hint to COMDB2 */
+ }
+ VdbeComment((v, "%s", pIx->zName));
+#ifdef SQLITE_ENABLE_COLUMN_USED_MASK
+ {
+ u64 colUsed = 0;
+ int ii, jj;
+ for(ii=0; ii<pIx->nColumn; ii++){
+ jj = pIx->aiColumn[ii];
+ if( jj<0 ) continue;
+ if( jj>63 ) jj = 63;
+ if( (pTabItem->colUsed & MASKBIT(jj))==0 ) continue;
+ colUsed |= ((u64)1)<<(ii<63 ? ii : 63);
+ }
+ sqlite3VdbeAddOp4Dup8(v, OP_ColumnsUsed, iIndexCur, 0, 0,
+ (u8*)&colUsed, P4_INT64);
+ }
+#endif /* SQLITE_ENABLE_COLUMN_USED_MASK */
+ }
+ }
+ if( iDb>=0 ) sqlite3CodeVerifySchema(pParse, iDb);
+ }
+ pWInfo->iTop = sqlite3VdbeCurrentAddr(v);
+ if( db->mallocFailed ) goto whereBeginError;
+
+ /* Generate the code to do the search. Each iteration of the for
+ ** loop below generates code for a single nested loop of the VM
+ ** program.
+ */
+ notReady = ~(Bitmask)0;
+ for(ii=0; ii<nTabList; ii++){
+ int addrExplain;
+ int wsFlags;
+ pLevel = &pWInfo->a[ii];
+ wsFlags = pLevel->pWLoop->wsFlags;
+#ifndef SQLITE_OMIT_AUTOMATIC_INDEX
+ if( (pLevel->pWLoop->wsFlags & WHERE_AUTO_INDEX)!=0 ){
+ constructAutomaticIndex(pParse, &pWInfo->sWC,
+ &pTabList->a[pLevel->iFrom], notReady, pLevel);
+ if( db->mallocFailed ) goto whereBeginError;
+ }
+#endif
+ addrExplain = sqlite3WhereExplainOneScan(
+ pParse, pTabList, pLevel, ii, pLevel->iFrom, wctrlFlags
+ );
+ pLevel->addrBody = sqlite3VdbeCurrentAddr(v);
+ notReady = sqlite3WhereCodeOneLoopStart(pWInfo, ii, notReady);
+ pWInfo->iContinue = pLevel->addrCont;
+ if( (wsFlags&WHERE_MULTI_OR)==0 && (wctrlFlags&WHERE_ONETABLE_ONLY)==0 ){
+ sqlite3WhereAddScanStatus(v, pTabList, pLevel, addrExplain);
+ }
+ }
+
+ /* Done. */
+ VdbeModuleComment((v, "Begin WHERE-core"));
+ return pWInfo;
+
+ /* Jump here if malloc fails */
+whereBeginError:
+ if( pWInfo ){
+ pParse->nQueryLoop = pWInfo->savedNQueryLoop;
+ whereInfoFree(db, pWInfo);
+ }
+ return 0;
+}
+
+/*
+** Generate the end of the WHERE loop. See comments on
+** sqlite3WhereBegin() for additional information.
+*/
+SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
+ Parse *pParse = pWInfo->pParse;
+ Vdbe *v = pParse->pVdbe;
+ int i;
+ WhereLevel *pLevel;
+ WhereLoop *pLoop;
+ SrcList *pTabList = pWInfo->pTabList;
+ sqlite3 *db = pParse->db;
+
+ /* Generate loop termination code.
+ */
+ VdbeModuleComment((v, "End WHERE-core"));
+ sqlite3ExprCacheClear(pParse);
+ for(i=pWInfo->nLevel-1; i>=0; i--){
+ int addr;
+ pLevel = &pWInfo->a[i];
+ pLoop = pLevel->pWLoop;
+ sqlite3VdbeResolveLabel(v, pLevel->addrCont);
+ if( pLevel->op!=OP_Noop ){
+ sqlite3VdbeAddOp3(v, pLevel->op, pLevel->p1, pLevel->p2, pLevel->p3);
+ sqlite3VdbeChangeP5(v, pLevel->p5);
+ VdbeCoverage(v);
+ VdbeCoverageIf(v, pLevel->op==OP_Next);
+ VdbeCoverageIf(v, pLevel->op==OP_Prev);
+ VdbeCoverageIf(v, pLevel->op==OP_VNext);
+ }
+ if( pLoop->wsFlags & WHERE_IN_ABLE && pLevel->u.in.nIn>0 ){
+ struct InLoop *pIn;
+ int j;
+ sqlite3VdbeResolveLabel(v, pLevel->addrNxt);
+ for(j=pLevel->u.in.nIn, pIn=&pLevel->u.in.aInLoop[j-1]; j>0; j--, pIn--){
+ sqlite3VdbeJumpHere(v, pIn->addrInTop+1);
+ sqlite3VdbeAddOp2(v, pIn->eEndLoopOp, pIn->iCur, pIn->addrInTop);
+ VdbeCoverage(v);
+ VdbeCoverageIf(v, pIn->eEndLoopOp==OP_PrevIfOpen);
+ VdbeCoverageIf(v, pIn->eEndLoopOp==OP_NextIfOpen);
+ sqlite3VdbeJumpHere(v, pIn->addrInTop-1);
+ }
+ }
+ sqlite3VdbeResolveLabel(v, pLevel->addrBrk);
+ if( pLevel->addrSkip ){
+ sqlite3VdbeGoto(v, pLevel->addrSkip);
+ VdbeComment((v, "next skip-scan on %s", pLoop->u.btree.pIndex->zName));
+ sqlite3VdbeJumpHere(v, pLevel->addrSkip);
+ sqlite3VdbeJumpHere(v, pLevel->addrSkip-2);
+ }
+#ifndef SQLITE_LIKE_DOESNT_MATCH_BLOBS
+ if( pLevel->addrLikeRep ){
+ int op;
+ if( sqlite3VdbeGetOp(v, pLevel->addrLikeRep-1)->p1 ){
+ op = OP_DecrJumpZero;
+ }else{
+ op = OP_JumpZeroIncr;
+ }
+ sqlite3VdbeAddOp2(v, op, pLevel->iLikeRepCntr, pLevel->addrLikeRep);
+ VdbeCoverage(v);
+ }
+#endif
+ if( pLevel->iLeftJoin ){
+ addr = sqlite3VdbeAddOp1(v, OP_IfPos, pLevel->iLeftJoin); VdbeCoverage(v);
+ assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0
+ || (pLoop->wsFlags & WHERE_INDEXED)!=0 );
+ if( (pLoop->wsFlags & WHERE_IDX_ONLY)==0 ){
+ sqlite3VdbeAddOp1(v, OP_NullRow, pTabList->a[i].iCursor);
+ }
+ if( pLoop->wsFlags & WHERE_INDEXED ){
+ sqlite3VdbeAddOp1(v, OP_NullRow, pLevel->iIdxCur);
+ }
+ if( pLevel->op==OP_Return ){
+ sqlite3VdbeAddOp2(v, OP_Gosub, pLevel->p1, pLevel->addrFirst);
+ }else{
+ sqlite3VdbeGoto(v, pLevel->addrFirst);
+ }
+ sqlite3VdbeJumpHere(v, addr);
+ }
+ VdbeModuleComment((v, "End WHERE-loop%d: %s", i,
+ pWInfo->pTabList->a[pLevel->iFrom].pTab->zName));
+ }
+
+ /* The "break" point is here, just past the end of the outer loop.
+ ** Set it.
+ */
+ sqlite3VdbeResolveLabel(v, pWInfo->iBreak);
+
+ assert( pWInfo->nLevel<=pTabList->nSrc );
+ for(i=0, pLevel=pWInfo->a; i<pWInfo->nLevel; i++, pLevel++){
+ int k, last;
+ VdbeOp *pOp;
+ Index *pIdx = 0;
+ struct SrcList_item *pTabItem = &pTabList->a[pLevel->iFrom];
+ Table *pTab = pTabItem->pTab;
+ assert( pTab!=0 );
+ pLoop = pLevel->pWLoop;
+
+ /* For a co-routine, change all OP_Column references to the table of
+ ** the co-routine into OP_Copy of result contained in a register.
+ ** OP_Rowid becomes OP_Null.
+ */
+ if( pTabItem->fg.viaCoroutine && !db->mallocFailed ){
+ translateColumnToCopy(v, pLevel->addrBody, pLevel->iTabCur,
+ pTabItem->regResult, 0);
+ continue;
+ }
+
+ /* Close all of the cursors that were opened by sqlite3WhereBegin.
+ ** Except, do not close cursors that will be reused by the OR optimization
+ ** (WHERE_OMIT_OPEN_CLOSE). And do not close the OP_OpenWrite cursors
+ ** created for the ONEPASS optimization.
+ */
+ if( (pTab->tabFlags & TF_Ephemeral)==0
+ && pTab->pSelect==0
+ && (pWInfo->wctrlFlags & WHERE_OMIT_OPEN_CLOSE)==0
+ ){
+ int ws = pLoop->wsFlags;
+ if( pWInfo->eOnePass==ONEPASS_OFF && (ws & WHERE_IDX_ONLY)==0 ){
+ sqlite3VdbeAddOp1(v, OP_Close, pTabItem->iCursor);
+ }
+ if( (ws & WHERE_INDEXED)!=0
+ && (ws & (WHERE_IPK|WHERE_AUTO_INDEX))==0
+ && pLevel->iIdxCur!=pWInfo->aiCurOnePass[1]
+ ){
+ sqlite3VdbeAddOp1(v, OP_Close, pLevel->iIdxCur);
+ }
+ }
+
+ /* If this scan uses an index, make VDBE code substitutions to read data
+ ** from the index instead of from the table where possible. In some cases
+ ** this optimization prevents the table from ever being read, which can
+ ** yield a significant performance boost.
+ **
+ ** Calls to the code generator in between sqlite3WhereBegin and
+ ** sqlite3WhereEnd will have created code that references the table
+ ** directly. This loop scans all that code looking for opcodes
+ ** that reference the table and converts them into opcodes that
+ ** reference the index.
+ */
+ if( pLoop->wsFlags & (WHERE_INDEXED|WHERE_IDX_ONLY) ){
+ pIdx = pLoop->u.btree.pIndex;
+ }else if( pLoop->wsFlags & WHERE_MULTI_OR ){
+ pIdx = pLevel->u.pCovidx;
+ }
+ if( pIdx
+ && (pWInfo->eOnePass==ONEPASS_OFF || !HasRowid(pIdx->pTable))
+ && !db->mallocFailed
+ ){
+ last = sqlite3VdbeCurrentAddr(v);
+ k = pLevel->addrBody;
+ pOp = sqlite3VdbeGetOp(v, k);
+ for(; k<last; k++, pOp++){
+ if( pOp->p1!=pLevel->iTabCur ) continue;
+ if( pOp->opcode==OP_Column ){
+ int x = pOp->p2;
+ assert( pIdx->pTable==pTab );
+ if( !HasRowid(pTab) ){
+ Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+ x = pPk->aiColumn[x];
+ assert( x>=0 );
+ }
+ x = sqlite3ColumnOfIndex(pIdx, x);
+ if( x>=0 ){
+ pOp->p2 = x;
+ pOp->p1 = pLevel->iIdxCur;
+ }
+ assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0 || x>=0 );
+ }else if( pOp->opcode==OP_Rowid ){
+ pOp->p1 = pLevel->iIdxCur;
+ pOp->opcode = OP_IdxRowid;
+ }
+ }
+ }
+ }
+
+ /* Final cleanup
+ */
+ pParse->nQueryLoop = pWInfo->savedNQueryLoop;
+ whereInfoFree(db, pWInfo);
+ return;
+}
+
+/************** End of where.c ***********************************************/
+/************** Begin file parse.c *******************************************/
+/*
+** 2000-05-29
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Driver template for the LEMON parser generator.
+**
+** The "lemon" program processes an LALR(1) input grammar file, then uses
+** this template to construct a parser. The "lemon" program inserts text
+** at each "%%" line. Also, any "P-a-r-s-e" identifer prefix (without the
+** interstitial "-" characters) contained in this template is changed into
+** the value of the %name directive from the grammar. Otherwise, the content
+** of this template is copied straight through into the generate parser
+** source file.
+**
+** The following is the concatenation of all %include directives from the
+** input grammar file:
+*/
+/* #include <stdio.h> */
+/************ Begin %include sections from the grammar ************************/
+
+/* #include "sqliteInt.h" */
+
+/*
+** Disable all error recovery processing in the parser push-down
+** automaton.
+*/
+#define YYNOERRORRECOVERY 1
+
+/*
+** Make yytestcase() the same as testcase()
+*/
+#define yytestcase(X) testcase(X)
+
+/*
+** Indicate that sqlite3ParserFree() will never be called with a null
+** pointer.
+*/
+#define YYPARSEFREENEVERNULL 1
+
+/*
+** Alternative datatype for the argument to the malloc() routine passed
+** into sqlite3ParserAlloc(). The default is size_t.
+*/
+#define YYMALLOCARGTYPE u64
+
+/*
+** An instance of this structure holds information about the
+** LIMIT clause of a SELECT statement.
+*/
+struct LimitVal {
+ Expr *pLimit; /* The LIMIT expression. NULL if there is no limit */
+ Expr *pOffset; /* The OFFSET expression. NULL if there is none */
+};
+
+/*
+** An instance of this structure is used to store the LIKE,
+** GLOB, NOT LIKE, and NOT GLOB operators.
+*/
+struct LikeOp {
+ Token eOperator; /* "like" or "glob" or "regexp" */
+ int bNot; /* True if the NOT keyword is present */
+};
+
+/*
+** An instance of the following structure describes the event of a
+** TRIGGER. "a" is the event type, one of TK_UPDATE, TK_INSERT,
+** TK_DELETE, or TK_INSTEAD. If the event is of the form
+**
+** UPDATE ON (a,b,c)
+**
+** Then the "b" IdList records the list "a,b,c".
+*/
+struct TrigEvent { int a; IdList * b; };
+
+/*
+** An instance of this structure holds the ATTACH key and the key type.
+*/
+struct AttachKey { int type; Token key; };
+
+
+ /*
+ ** For a compound SELECT statement, make sure p->pPrior->pNext==p for
+ ** all elements in the list. And make sure list length does not exceed
+ ** SQLITE_LIMIT_COMPOUND_SELECT.
+ */
+ static void parserDoubleLinkSelect(Parse *pParse, Select *p){
+ if( p->pPrior ){
+ Select *pNext = 0, *pLoop;
+ int mxSelect, cnt = 0;
+ for(pLoop=p; pLoop; pNext=pLoop, pLoop=pLoop->pPrior, cnt++){
+ pLoop->pNext = pNext;
+ pLoop->selFlags |= SF_Compound;
+ }
+ if( (p->selFlags & SF_MultiValue)==0 &&
+ (mxSelect = pParse->db->aLimit[SQLITE_LIMIT_COMPOUND_SELECT])>0 &&
+ cnt>mxSelect
+ ){
+ sqlite3ErrorMsg(pParse, "too many terms in compound SELECT");
+ }
+ }
+ }
+
+ /* This is a utility routine used to set the ExprSpan.zStart and
+ ** ExprSpan.zEnd values of pOut so that the span covers the complete
+ ** range of text beginning with pStart and going to the end of pEnd.
+ */
+ static void spanSet(ExprSpan *pOut, Token *pStart, Token *pEnd){
+ pOut->zStart = pStart->z;
+ pOut->zEnd = &pEnd->z[pEnd->n];
+ }
+
+ /* Construct a new Expr object from a single identifier. Use the
+ ** new Expr to populate pOut. Set the span of pOut to be the identifier
+ ** that created the expression.
+ */
+ static void spanExpr(ExprSpan *pOut, Parse *pParse, int op, Token *pValue){
+ pOut->pExpr = sqlite3PExpr(pParse, op, 0, 0, pValue);
+ pOut->zStart = pValue->z;
+ pOut->zEnd = &pValue->z[pValue->n];
+ }
+
+ /* This routine constructs a binary expression node out of two ExprSpan
+ ** objects and uses the result to populate a new ExprSpan object.
+ */
+ static void spanBinaryExpr(
+ ExprSpan *pOut, /* Write the result here */
+ Parse *pParse, /* The parsing context. Errors accumulate here */
+ int op, /* The binary operation */
+ ExprSpan *pLeft, /* The left operand */
+ ExprSpan *pRight /* The right operand */
+ ){
+ pOut->pExpr = sqlite3PExpr(pParse, op, pLeft->pExpr, pRight->pExpr, 0);
+ pOut->zStart = pLeft->zStart;
+ pOut->zEnd = pRight->zEnd;
+ }
+
+ /* If doNot is true, then add a TK_NOT Expr-node wrapper around the
+ ** outside of *ppExpr.
+ */
+ static void exprNot(Parse *pParse, int doNot, Expr **ppExpr){
+ if( doNot ) *ppExpr = sqlite3PExpr(pParse, TK_NOT, *ppExpr, 0, 0);
+ }
+
+ /* Construct an expression node for a unary postfix operator
+ */
+ static void spanUnaryPostfix(
+ ExprSpan *pOut, /* Write the new expression node here */
+ Parse *pParse, /* Parsing context to record errors */
+ int op, /* The operator */
+ ExprSpan *pOperand, /* The operand */
+ Token *pPostOp /* The operand token for setting the span */
+ ){
+ pOut->pExpr = sqlite3PExpr(pParse, op, pOperand->pExpr, 0, 0);
+ pOut->zStart = pOperand->zStart;
+ pOut->zEnd = &pPostOp->z[pPostOp->n];
+ }
+
+ /* A routine to convert a binary TK_IS or TK_ISNOT expression into a
+ ** unary TK_ISNULL or TK_NOTNULL expression. */
+ static void binaryToUnaryIfNull(Parse *pParse, Expr *pY, Expr *pA, int op){
+ sqlite3 *db = pParse->db;
+ if( pY && pA && pY->op==TK_NULL ){
+ pA->op = (u8)op;
+ sqlite3ExprDelete(db, pA->pRight);
+ pA->pRight = 0;
+ }
+ }
+
+ /* Construct an expression node for a unary prefix operator
+ */
+ static void spanUnaryPrefix(
+ ExprSpan *pOut, /* Write the new expression node here */
+ Parse *pParse, /* Parsing context to record errors */
+ int op, /* The operator */
+ ExprSpan *pOperand, /* The operand */
+ Token *pPreOp /* The operand token for setting the span */
+ ){
+ pOut->pExpr = sqlite3PExpr(pParse, op, pOperand->pExpr, 0, 0);
+ pOut->zStart = pPreOp->z;
+ pOut->zEnd = pOperand->zEnd;
+ }
+
+ /* Add a single new term to an ExprList that is used to store a
+ ** list of identifiers. Report an error if the ID list contains
+ ** a COLLATE clause or an ASC or DESC keyword, except ignore the
+ ** error while parsing a legacy schema.
+ */
+ static ExprList *parserAddExprIdListTerm(
+ Parse *pParse,
+ ExprList *pPrior,
+ Token *pIdToken,
+ int hasCollate,
+ int sortOrder
+ ){
+ ExprList *p = sqlite3ExprListAppend(pParse, pPrior, 0);
+ if( (hasCollate || sortOrder!=SQLITE_SO_UNDEFINED)
+ && pParse->db->init.busy==0
+ ){
+ sqlite3ErrorMsg(pParse, "syntax error after column name \"%.*s\"",
+ pIdToken->n, pIdToken->z);
+ }
+ sqlite3ExprListSetName(pParse, p, pIdToken, 1);
+ return p;
+ }
+/**************** End of %include directives **********************************/
+/* These constants specify the various numeric values for terminal symbols
+** in a format understandable to "makeheaders". This section is blank unless
+** "lemon" is run with the "-m" command-line option.
+***************** Begin makeheaders token definitions *************************/
+/**************** End makeheaders token definitions ***************************/
+
+/* The next sections is a series of control #defines.
+** various aspects of the generated parser.
+** YYCODETYPE is the data type used to store the integer codes
+** that represent terminal and non-terminal symbols.
+** "unsigned char" is used if there are fewer than
+** 256 symbols. Larger types otherwise.
+** YYNOCODE is a number of type YYCODETYPE that is not used for
+** any terminal or nonterminal symbol.
+** YYFALLBACK If defined, this indicates that one or more tokens
+** (also known as: "terminal symbols") have fall-back
+** values which should be used if the original symbol
+** would not parse. This permits keywords to sometimes
+** be used as identifiers, for example.
+** YYACTIONTYPE is the data type used for "action codes" - numbers
+** that indicate what to do in response to the next
+** token.
+** sqlite3ParserTOKENTYPE is the data type used for minor type for terminal
+** symbols. Background: A "minor type" is a semantic
+** value associated with a terminal or non-terminal
+** symbols. For example, for an "ID" terminal symbol,
+** the minor type might be the name of the identifier.
+** Each non-terminal can have a different minor type.
+** Terminal symbols all have the same minor type, though.
+** This macros defines the minor type for terminal
+** symbols.
+** YYMINORTYPE is the data type used for all minor types.
+** This is typically a union of many types, one of
+** which is sqlite3ParserTOKENTYPE. The entry in the union
+** for terminal symbols is called "yy0".
+** YYSTACKDEPTH is the maximum depth of the parser's stack. If
+** zero the stack is dynamically sized using realloc()
+** sqlite3ParserARG_SDECL A static variable declaration for the %extra_argument
+** sqlite3ParserARG_PDECL A parameter declaration for the %extra_argument
+** sqlite3ParserARG_STORE Code to store %extra_argument into yypParser
+** sqlite3ParserARG_FETCH Code to extract %extra_argument from yypParser
+** YYERRORSYMBOL is the code number of the error symbol. If not
+** defined, then do no error processing.
+** YYNSTATE the combined number of states.
+** YYNRULE the number of rules in the grammar
+** YY_MAX_SHIFT Maximum value for shift actions
+** YY_MIN_SHIFTREDUCE Minimum value for shift-reduce actions
+** YY_MAX_SHIFTREDUCE Maximum value for shift-reduce actions
+** YY_MIN_REDUCE Maximum value for reduce actions
+** YY_ERROR_ACTION The yy_action[] code for syntax error
+** YY_ACCEPT_ACTION The yy_action[] code for accept
+** YY_NO_ACTION The yy_action[] code for no-op
+*/
+#ifndef INTERFACE
+# define INTERFACE 1
+#endif
+/************* Begin control #defines *****************************************/
+#define YYCODETYPE unsigned char
+#define YYNOCODE 253
+#define YYACTIONTYPE unsigned short int
+#define YYWILDCARD 70
+#define sqlite3ParserTOKENTYPE Token
+typedef union {
+ int yyinit;
+ sqlite3ParserTOKENTYPE yy0;
+ int yy4;
+ struct TrigEvent yy90;
+ ExprSpan yy118;
+ TriggerStep* yy203;
+ struct {int value; int mask;} yy215;
+ SrcList* yy259;
+ struct LimitVal yy292;
+ Expr* yy314;
+ ExprList* yy322;
+ struct LikeOp yy342;
+ IdList* yy384;
+ Select* yy387;
+ With* yy451;
+} YYMINORTYPE;
+#ifndef YYSTACKDEPTH
+#define YYSTACKDEPTH 100
+#endif
+#define sqlite3ParserARG_SDECL Parse *pParse;
+#define sqlite3ParserARG_PDECL ,Parse *pParse
+#define sqlite3ParserARG_FETCH Parse *pParse = yypParser->pParse
+#define sqlite3ParserARG_STORE yypParser->pParse = pParse
+#define YYFALLBACK 1
+#define YYNSTATE 436
+#define YYNRULE 328
+#define YY_MAX_SHIFT 435
+#define YY_MIN_SHIFTREDUCE 649
+#define YY_MAX_SHIFTREDUCE 976
+#define YY_MIN_REDUCE 977
+#define YY_MAX_REDUCE 1304
+#define YY_ERROR_ACTION 1305
+#define YY_ACCEPT_ACTION 1306
+#define YY_NO_ACTION 1307
+/************* End control #defines *******************************************/
+
+/* The yyzerominor constant is used to initialize instances of
+** YYMINORTYPE objects to zero. */
+static const YYMINORTYPE yyzerominor = { 0 };
+
+/* Define the yytestcase() macro to be a no-op if is not already defined
+** otherwise.
+**
+** Applications can choose to define yytestcase() in the %include section
+** to a macro that can assist in verifying code coverage. For production
+** code the yytestcase() macro should be turned off. But it is useful
+** for testing.
+*/
+#ifndef yytestcase
+# define yytestcase(X)
+#endif
+
+
+/* Next are the tables used to determine what action to take based on the
+** current state and lookahead token. These tables are used to implement
+** functions that take a state number and lookahead value and return an
+** action integer.
+**
+** Suppose the action integer is N. Then the action is determined as
+** follows
+**
+** 0 <= N <= YY_MAX_SHIFT Shift N. That is, push the lookahead
+** token onto the stack and goto state N.
+**
+** N between YY_MIN_SHIFTREDUCE Shift to an arbitrary state then
+** and YY_MAX_SHIFTREDUCE reduce by rule N-YY_MIN_SHIFTREDUCE.
+**
+** N between YY_MIN_REDUCE Reduce by rule N-YY_MIN_REDUCE
+** and YY_MAX_REDUCE
+
+** N == YY_ERROR_ACTION A syntax error has occurred.
+**
+** N == YY_ACCEPT_ACTION The parser accepts its input.
+**
+** N == YY_NO_ACTION No such action. Denotes unused
+** slots in the yy_action[] table.
+**
+** The action table is constructed as a single large table named yy_action[].
+** Given state S and lookahead X, the action is computed as
+**
+** yy_action[ yy_shift_ofst[S] + X ]
+**
+** If the index value yy_shift_ofst[S]+X is out of range or if the value
+** yy_lookahead[yy_shift_ofst[S]+X] is not equal to X or if yy_shift_ofst[S]
+** is equal to YY_SHIFT_USE_DFLT, it means that the action is not in the table
+** and that yy_default[S] should be used instead.
+**
+** The formula above is for computing the action when the lookahead is
+** a terminal symbol. If the lookahead is a non-terminal (as occurs after
+** a reduce action) then the yy_reduce_ofst[] array is used in place of
+** the yy_shift_ofst[] array and YY_REDUCE_USE_DFLT is used in place of
+** YY_SHIFT_USE_DFLT.
+**
+** The following are the tables generated in this section:
+**
+** yy_action[] A single table containing all actions.
+** yy_lookahead[] A table containing the lookahead for each entry in
+** yy_action. Used to detect hash collisions.
+** yy_shift_ofst[] For each state, the offset into yy_action for
+** shifting terminals.
+** yy_reduce_ofst[] For each state, the offset into yy_action for
+** shifting non-terminals after a reduce.
+** yy_default[] Default action for each state.
+**
+*********** Begin parsing tables **********************************************/
+#define YY_ACTTAB_COUNT (1501)
+static const YYACTIONTYPE yy_action[] = {
+ /* 0 */ 311, 1306, 145, 651, 2, 192, 652, 338, 780, 92,
+ /* 10 */ 92, 92, 92, 85, 90, 90, 90, 90, 89, 89,
+ /* 20 */ 88, 88, 88, 87, 335, 88, 88, 88, 87, 335,
+ /* 30 */ 327, 856, 856, 92, 92, 92, 92, 697, 90, 90,
+ /* 40 */ 90, 90, 89, 89, 88, 88, 88, 87, 335, 76,
+ /* 50 */ 807, 74, 93, 94, 84, 868, 871, 860, 860, 91,
+ /* 60 */ 91, 92, 92, 92, 92, 335, 90, 90, 90, 90,
+ /* 70 */ 89, 89, 88, 88, 88, 87, 335, 311, 780, 90,
+ /* 80 */ 90, 90, 90, 89, 89, 88, 88, 88, 87, 335,
+ /* 90 */ 356, 808, 776, 701, 689, 689, 86, 83, 166, 257,
+ /* 100 */ 809, 715, 430, 86, 83, 166, 324, 697, 856, 856,
+ /* 110 */ 201, 158, 276, 387, 271, 386, 188, 689, 689, 828,
+ /* 120 */ 86, 83, 166, 269, 833, 49, 123, 87, 335, 93,
+ /* 130 */ 94, 84, 868, 871, 860, 860, 91, 91, 92, 92,
+ /* 140 */ 92, 92, 239, 90, 90, 90, 90, 89, 89, 88,
+ /* 150 */ 88, 88, 87, 335, 311, 763, 333, 332, 216, 408,
+ /* 160 */ 394, 69, 231, 393, 690, 691, 396, 910, 251, 354,
+ /* 170 */ 250, 288, 315, 430, 908, 430, 909, 89, 89, 88,
+ /* 180 */ 88, 88, 87, 335, 391, 856, 856, 690, 691, 183,
+ /* 190 */ 95, 123, 384, 381, 380, 833, 31, 833, 49, 912,
+ /* 200 */ 912, 751, 752, 379, 123, 311, 93, 94, 84, 868,
+ /* 210 */ 871, 860, 860, 91, 91, 92, 92, 92, 92, 114,
+ /* 220 */ 90, 90, 90, 90, 89, 89, 88, 88, 88, 87,
+ /* 230 */ 335, 430, 408, 399, 435, 657, 856, 856, 346, 57,
+ /* 240 */ 232, 828, 109, 704, 366, 689, 689, 363, 825, 760,
+ /* 250 */ 97, 749, 752, 833, 49, 708, 708, 93, 94, 84,
+ /* 260 */ 868, 871, 860, 860, 91, 91, 92, 92, 92, 92,
+ /* 270 */ 423, 90, 90, 90, 90, 89, 89, 88, 88, 88,
+ /* 280 */ 87, 335, 311, 114, 22, 361, 688, 58, 408, 390,
+ /* 290 */ 251, 349, 240, 213, 762, 689, 689, 847, 685, 115,
+ /* 300 */ 361, 231, 393, 689, 689, 396, 183, 689, 689, 384,
+ /* 310 */ 381, 380, 361, 856, 856, 690, 691, 160, 159, 223,
+ /* 320 */ 379, 738, 25, 806, 707, 841, 143, 689, 689, 835,
+ /* 330 */ 392, 339, 766, 766, 93, 94, 84, 868, 871, 860,
+ /* 340 */ 860, 91, 91, 92, 92, 92, 92, 914, 90, 90,
+ /* 350 */ 90, 90, 89, 89, 88, 88, 88, 87, 335, 311,
+ /* 360 */ 840, 840, 840, 266, 257, 690, 691, 778, 706, 86,
+ /* 370 */ 83, 166, 219, 690, 691, 737, 1, 690, 691, 689,
+ /* 380 */ 689, 689, 689, 430, 86, 83, 166, 249, 688, 937,
+ /* 390 */ 856, 856, 427, 699, 700, 828, 298, 690, 691, 221,
+ /* 400 */ 686, 115, 123, 944, 795, 833, 48, 342, 305, 970,
+ /* 410 */ 847, 93, 94, 84, 868, 871, 860, 860, 91, 91,
+ /* 420 */ 92, 92, 92, 92, 114, 90, 90, 90, 90, 89,
+ /* 430 */ 89, 88, 88, 88, 87, 335, 311, 940, 841, 679,
+ /* 440 */ 713, 429, 835, 430, 251, 354, 250, 355, 288, 690,
+ /* 450 */ 691, 690, 691, 285, 941, 340, 971, 287, 210, 23,
+ /* 460 */ 174, 793, 832, 430, 353, 833, 10, 856, 856, 24,
+ /* 470 */ 942, 151, 753, 840, 840, 840, 794, 968, 1290, 321,
+ /* 480 */ 398, 1290, 356, 352, 754, 833, 49, 935, 93, 94,
+ /* 490 */ 84, 868, 871, 860, 860, 91, 91, 92, 92, 92,
+ /* 500 */ 92, 430, 90, 90, 90, 90, 89, 89, 88, 88,
+ /* 510 */ 88, 87, 335, 311, 376, 114, 907, 705, 430, 907,
+ /* 520 */ 328, 890, 114, 833, 10, 966, 430, 857, 857, 320,
+ /* 530 */ 189, 163, 832, 165, 430, 906, 344, 323, 906, 904,
+ /* 540 */ 833, 10, 965, 306, 856, 856, 187, 419, 833, 10,
+ /* 550 */ 220, 869, 872, 832, 222, 403, 833, 49, 1219, 793,
+ /* 560 */ 68, 937, 406, 245, 66, 93, 94, 84, 868, 871,
+ /* 570 */ 860, 860, 91, 91, 92, 92, 92, 92, 861, 90,
+ /* 580 */ 90, 90, 90, 89, 89, 88, 88, 88, 87, 335,
+ /* 590 */ 311, 404, 213, 762, 834, 345, 114, 940, 902, 368,
+ /* 600 */ 727, 5, 316, 192, 396, 772, 780, 269, 230, 242,
+ /* 610 */ 771, 244, 397, 164, 941, 385, 123, 347, 55, 355,
+ /* 620 */ 329, 856, 856, 728, 333, 332, 688, 968, 1291, 724,
+ /* 630 */ 942, 1291, 413, 214, 833, 9, 362, 286, 955, 115,
+ /* 640 */ 718, 311, 93, 94, 84, 868, 871, 860, 860, 91,
+ /* 650 */ 91, 92, 92, 92, 92, 430, 90, 90, 90, 90,
+ /* 660 */ 89, 89, 88, 88, 88, 87, 335, 912, 912, 1300,
+ /* 670 */ 1300, 758, 856, 856, 325, 966, 780, 833, 35, 747,
+ /* 680 */ 720, 334, 699, 700, 977, 652, 338, 243, 745, 920,
+ /* 690 */ 920, 369, 187, 93, 94, 84, 868, 871, 860, 860,
+ /* 700 */ 91, 91, 92, 92, 92, 92, 114, 90, 90, 90,
+ /* 710 */ 90, 89, 89, 88, 88, 88, 87, 335, 311, 430,
+ /* 720 */ 954, 430, 112, 310, 430, 693, 317, 698, 400, 430,
+ /* 730 */ 793, 359, 430, 1017, 430, 192, 430, 401, 780, 430,
+ /* 740 */ 360, 833, 36, 833, 12, 430, 833, 27, 316, 856,
+ /* 750 */ 856, 833, 37, 20, 833, 38, 833, 39, 833, 28,
+ /* 760 */ 72, 833, 29, 663, 664, 665, 264, 833, 40, 234,
+ /* 770 */ 93, 94, 84, 868, 871, 860, 860, 91, 91, 92,
+ /* 780 */ 92, 92, 92, 430, 90, 90, 90, 90, 89, 89,
+ /* 790 */ 88, 88, 88, 87, 335, 311, 430, 698, 430, 917,
+ /* 800 */ 147, 430, 165, 916, 275, 833, 41, 430, 780, 430,
+ /* 810 */ 21, 430, 259, 430, 262, 274, 430, 367, 833, 42,
+ /* 820 */ 833, 11, 430, 833, 43, 235, 856, 856, 793, 833,
+ /* 830 */ 99, 833, 44, 833, 45, 833, 32, 75, 833, 46,
+ /* 840 */ 305, 967, 257, 257, 833, 47, 311, 93, 94, 84,
+ /* 850 */ 868, 871, 860, 860, 91, 91, 92, 92, 92, 92,
+ /* 860 */ 430, 90, 90, 90, 90, 89, 89, 88, 88, 88,
+ /* 870 */ 87, 335, 430, 186, 185, 184, 238, 856, 856, 650,
+ /* 880 */ 2, 1064, 833, 33, 739, 217, 218, 257, 971, 257,
+ /* 890 */ 426, 317, 257, 774, 833, 117, 257, 311, 93, 94,
+ /* 900 */ 84, 868, 871, 860, 860, 91, 91, 92, 92, 92,
+ /* 910 */ 92, 430, 90, 90, 90, 90, 89, 89, 88, 88,
+ /* 920 */ 88, 87, 335, 430, 318, 124, 212, 163, 856, 856,
+ /* 930 */ 943, 900, 898, 833, 118, 759, 726, 725, 257, 755,
+ /* 940 */ 289, 289, 733, 734, 961, 833, 119, 682, 311, 93,
+ /* 950 */ 82, 84, 868, 871, 860, 860, 91, 91, 92, 92,
+ /* 960 */ 92, 92, 430, 90, 90, 90, 90, 89, 89, 88,
+ /* 970 */ 88, 88, 87, 335, 430, 716, 246, 322, 331, 856,
+ /* 980 */ 856, 256, 114, 357, 833, 53, 808, 913, 913, 932,
+ /* 990 */ 156, 416, 420, 424, 930, 809, 833, 34, 364, 311,
+ /* 1000 */ 253, 94, 84, 868, 871, 860, 860, 91, 91, 92,
+ /* 1010 */ 92, 92, 92, 430, 90, 90, 90, 90, 89, 89,
+ /* 1020 */ 88, 88, 88, 87, 335, 430, 114, 114, 114, 960,
+ /* 1030 */ 856, 856, 307, 258, 830, 833, 100, 191, 252, 377,
+ /* 1040 */ 267, 68, 197, 68, 261, 716, 769, 833, 50, 71,
+ /* 1050 */ 911, 911, 263, 84, 868, 871, 860, 860, 91, 91,
+ /* 1060 */ 92, 92, 92, 92, 430, 90, 90, 90, 90, 89,
+ /* 1070 */ 89, 88, 88, 88, 87, 335, 80, 425, 802, 3,
+ /* 1080 */ 1214, 191, 430, 265, 336, 336, 833, 101, 741, 80,
+ /* 1090 */ 425, 897, 3, 723, 722, 428, 721, 336, 336, 430,
+ /* 1100 */ 893, 270, 430, 197, 833, 102, 430, 800, 428, 430,
+ /* 1110 */ 695, 430, 843, 111, 414, 430, 784, 409, 430, 831,
+ /* 1120 */ 430, 833, 98, 123, 833, 116, 847, 414, 833, 49,
+ /* 1130 */ 779, 833, 113, 833, 106, 226, 123, 833, 105, 847,
+ /* 1140 */ 833, 103, 833, 104, 791, 411, 77, 78, 290, 412,
+ /* 1150 */ 430, 291, 114, 79, 432, 431, 389, 430, 835, 77,
+ /* 1160 */ 78, 897, 839, 408, 410, 430, 79, 432, 431, 372,
+ /* 1170 */ 703, 835, 833, 52, 430, 80, 425, 430, 3, 833,
+ /* 1180 */ 54, 772, 843, 336, 336, 684, 771, 833, 51, 840,
+ /* 1190 */ 840, 840, 842, 19, 428, 672, 833, 26, 671, 833,
+ /* 1200 */ 30, 673, 840, 840, 840, 842, 19, 207, 661, 278,
+ /* 1210 */ 304, 148, 280, 414, 282, 248, 358, 822, 382, 6,
+ /* 1220 */ 348, 161, 273, 80, 425, 847, 3, 934, 895, 720,
+ /* 1230 */ 894, 336, 336, 296, 157, 415, 241, 284, 674, 958,
+ /* 1240 */ 194, 953, 428, 951, 948, 77, 78, 777, 319, 56,
+ /* 1250 */ 59, 135, 79, 432, 431, 121, 66, 835, 146, 128,
+ /* 1260 */ 350, 414, 819, 130, 351, 131, 132, 133, 375, 173,
+ /* 1270 */ 107, 138, 149, 847, 365, 178, 62, 70, 425, 936,
+ /* 1280 */ 3, 827, 889, 371, 255, 336, 336, 792, 840, 840,
+ /* 1290 */ 840, 842, 19, 77, 78, 915, 428, 208, 179, 144,
+ /* 1300 */ 79, 432, 431, 373, 260, 835, 180, 326, 675, 181,
+ /* 1310 */ 308, 744, 388, 743, 731, 414, 718, 742, 730, 712,
+ /* 1320 */ 402, 309, 711, 272, 788, 65, 710, 847, 709, 277,
+ /* 1330 */ 193, 789, 787, 279, 876, 73, 840, 840, 840, 842,
+ /* 1340 */ 19, 786, 281, 418, 283, 422, 227, 77, 78, 330,
+ /* 1350 */ 228, 229, 96, 767, 79, 432, 431, 407, 67, 835,
+ /* 1360 */ 215, 292, 293, 405, 294, 303, 302, 301, 204, 299,
+ /* 1370 */ 295, 202, 676, 681, 7, 433, 669, 203, 205, 206,
+ /* 1380 */ 125, 110, 313, 434, 667, 666, 658, 168, 224, 237,
+ /* 1390 */ 840, 840, 840, 842, 19, 120, 656, 337, 236, 155,
+ /* 1400 */ 167, 341, 233, 314, 108, 905, 903, 826, 127, 126,
+ /* 1410 */ 756, 170, 129, 172, 247, 928, 134, 136, 171, 60,
+ /* 1420 */ 61, 123, 169, 137, 933, 175, 176, 927, 8, 13,
+ /* 1430 */ 177, 254, 918, 139, 191, 924, 140, 370, 678, 150,
+ /* 1440 */ 374, 182, 274, 268, 141, 122, 63, 14, 378, 15,
+ /* 1450 */ 383, 64, 225, 846, 845, 874, 16, 4, 729, 765,
+ /* 1460 */ 770, 162, 395, 209, 211, 142, 801, 878, 796, 312,
+ /* 1470 */ 71, 68, 875, 873, 939, 190, 417, 938, 17, 195,
+ /* 1480 */ 196, 152, 18, 975, 199, 976, 153, 198, 154, 421,
+ /* 1490 */ 877, 844, 696, 81, 200, 297, 343, 1019, 1018, 300,
+ /* 1500 */ 653,
+};
+static const YYCODETYPE yy_lookahead[] = {
+ /* 0 */ 19, 144, 145, 146, 147, 24, 1, 2, 27, 80,
+ /* 10 */ 81, 82, 83, 84, 85, 86, 87, 88, 89, 90,
+ /* 20 */ 91, 92, 93, 94, 95, 91, 92, 93, 94, 95,
+ /* 30 */ 19, 50, 51, 80, 81, 82, 83, 27, 85, 86,
+ /* 40 */ 87, 88, 89, 90, 91, 92, 93, 94, 95, 137,
+ /* 50 */ 177, 139, 71, 72, 73, 74, 75, 76, 77, 78,
+ /* 60 */ 79, 80, 81, 82, 83, 95, 85, 86, 87, 88,
+ /* 70 */ 89, 90, 91, 92, 93, 94, 95, 19, 97, 85,
+ /* 80 */ 86, 87, 88, 89, 90, 91, 92, 93, 94, 95,
+ /* 90 */ 152, 33, 212, 173, 27, 28, 223, 224, 225, 152,
+ /* 100 */ 42, 181, 152, 223, 224, 225, 95, 97, 50, 51,
+ /* 110 */ 99, 100, 101, 102, 103, 104, 105, 27, 28, 59,
+ /* 120 */ 223, 224, 225, 112, 174, 175, 66, 94, 95, 71,
+ /* 130 */ 72, 73, 74, 75, 76, 77, 78, 79, 80, 81,
+ /* 140 */ 82, 83, 195, 85, 86, 87, 88, 89, 90, 91,
+ /* 150 */ 92, 93, 94, 95, 19, 197, 89, 90, 220, 209,
+ /* 160 */ 210, 26, 119, 120, 97, 98, 208, 100, 108, 109,
+ /* 170 */ 110, 152, 157, 152, 107, 152, 109, 89, 90, 91,
+ /* 180 */ 92, 93, 94, 95, 163, 50, 51, 97, 98, 99,
+ /* 190 */ 55, 66, 102, 103, 104, 174, 175, 174, 175, 132,
+ /* 200 */ 133, 192, 193, 113, 66, 19, 71, 72, 73, 74,
+ /* 210 */ 75, 76, 77, 78, 79, 80, 81, 82, 83, 198,
+ /* 220 */ 85, 86, 87, 88, 89, 90, 91, 92, 93, 94,
+ /* 230 */ 95, 152, 209, 210, 148, 149, 50, 51, 100, 53,
+ /* 240 */ 154, 59, 156, 174, 229, 27, 28, 232, 163, 163,
+ /* 250 */ 22, 192, 193, 174, 175, 27, 28, 71, 72, 73,
+ /* 260 */ 74, 75, 76, 77, 78, 79, 80, 81, 82, 83,
+ /* 270 */ 251, 85, 86, 87, 88, 89, 90, 91, 92, 93,
+ /* 280 */ 94, 95, 19, 198, 198, 152, 152, 24, 209, 210,
+ /* 290 */ 108, 109, 110, 196, 197, 27, 28, 69, 164, 165,
+ /* 300 */ 152, 119, 120, 27, 28, 208, 99, 27, 28, 102,
+ /* 310 */ 103, 104, 152, 50, 51, 97, 98, 89, 90, 185,
+ /* 320 */ 113, 187, 22, 177, 174, 97, 58, 27, 28, 101,
+ /* 330 */ 115, 245, 117, 118, 71, 72, 73, 74, 75, 76,
+ /* 340 */ 77, 78, 79, 80, 81, 82, 83, 11, 85, 86,
+ /* 350 */ 87, 88, 89, 90, 91, 92, 93, 94, 95, 19,
+ /* 360 */ 132, 133, 134, 23, 152, 97, 98, 91, 174, 223,
+ /* 370 */ 224, 225, 239, 97, 98, 187, 22, 97, 98, 27,
+ /* 380 */ 28, 27, 28, 152, 223, 224, 225, 239, 152, 163,
+ /* 390 */ 50, 51, 170, 171, 172, 59, 160, 97, 98, 239,
+ /* 400 */ 164, 165, 66, 242, 124, 174, 175, 195, 22, 23,
+ /* 410 */ 69, 71, 72, 73, 74, 75, 76, 77, 78, 79,
+ /* 420 */ 80, 81, 82, 83, 198, 85, 86, 87, 88, 89,
+ /* 430 */ 90, 91, 92, 93, 94, 95, 19, 12, 97, 21,
+ /* 440 */ 23, 152, 101, 152, 108, 109, 110, 221, 152, 97,
+ /* 450 */ 98, 97, 98, 152, 29, 243, 70, 226, 23, 233,
+ /* 460 */ 26, 26, 152, 152, 238, 174, 175, 50, 51, 22,
+ /* 470 */ 45, 24, 47, 132, 133, 134, 124, 22, 23, 188,
+ /* 480 */ 163, 26, 152, 65, 59, 174, 175, 163, 71, 72,
+ /* 490 */ 73, 74, 75, 76, 77, 78, 79, 80, 81, 82,
+ /* 500 */ 83, 152, 85, 86, 87, 88, 89, 90, 91, 92,
+ /* 510 */ 93, 94, 95, 19, 19, 198, 152, 23, 152, 152,
+ /* 520 */ 209, 103, 198, 174, 175, 70, 152, 50, 51, 219,
+ /* 530 */ 213, 214, 152, 98, 152, 171, 172, 188, 171, 172,
+ /* 540 */ 174, 175, 248, 249, 50, 51, 51, 251, 174, 175,
+ /* 550 */ 220, 74, 75, 152, 188, 152, 174, 175, 140, 124,
+ /* 560 */ 26, 163, 188, 16, 130, 71, 72, 73, 74, 75,
+ /* 570 */ 76, 77, 78, 79, 80, 81, 82, 83, 101, 85,
+ /* 580 */ 86, 87, 88, 89, 90, 91, 92, 93, 94, 95,
+ /* 590 */ 19, 209, 196, 197, 23, 231, 198, 12, 231, 219,
+ /* 600 */ 37, 22, 107, 24, 208, 116, 27, 112, 201, 62,
+ /* 610 */ 121, 64, 152, 152, 29, 52, 66, 221, 211, 221,
+ /* 620 */ 219, 50, 51, 60, 89, 90, 152, 22, 23, 183,
+ /* 630 */ 45, 26, 47, 22, 174, 175, 238, 152, 164, 165,
+ /* 640 */ 106, 19, 71, 72, 73, 74, 75, 76, 77, 78,
+ /* 650 */ 79, 80, 81, 82, 83, 152, 85, 86, 87, 88,
+ /* 660 */ 89, 90, 91, 92, 93, 94, 95, 132, 133, 119,
+ /* 670 */ 120, 163, 50, 51, 111, 70, 97, 174, 175, 181,
+ /* 680 */ 182, 170, 171, 172, 0, 1, 2, 140, 190, 108,
+ /* 690 */ 109, 110, 51, 71, 72, 73, 74, 75, 76, 77,
+ /* 700 */ 78, 79, 80, 81, 82, 83, 198, 85, 86, 87,
+ /* 710 */ 88, 89, 90, 91, 92, 93, 94, 95, 19, 152,
+ /* 720 */ 152, 152, 22, 166, 152, 168, 169, 27, 19, 152,
+ /* 730 */ 26, 19, 152, 122, 152, 24, 152, 28, 27, 152,
+ /* 740 */ 28, 174, 175, 174, 175, 152, 174, 175, 107, 50,
+ /* 750 */ 51, 174, 175, 22, 174, 175, 174, 175, 174, 175,
+ /* 760 */ 138, 174, 175, 7, 8, 9, 16, 174, 175, 152,
+ /* 770 */ 71, 72, 73, 74, 75, 76, 77, 78, 79, 80,
+ /* 780 */ 81, 82, 83, 152, 85, 86, 87, 88, 89, 90,
+ /* 790 */ 91, 92, 93, 94, 95, 19, 152, 97, 152, 31,
+ /* 800 */ 24, 152, 98, 35, 101, 174, 175, 152, 97, 152,
+ /* 810 */ 79, 152, 62, 152, 64, 112, 152, 49, 174, 175,
+ /* 820 */ 174, 175, 152, 174, 175, 152, 50, 51, 124, 174,
+ /* 830 */ 175, 174, 175, 174, 175, 174, 175, 138, 174, 175,
+ /* 840 */ 22, 23, 152, 152, 174, 175, 19, 71, 72, 73,
+ /* 850 */ 74, 75, 76, 77, 78, 79, 80, 81, 82, 83,
+ /* 860 */ 152, 85, 86, 87, 88, 89, 90, 91, 92, 93,
+ /* 870 */ 94, 95, 152, 108, 109, 110, 152, 50, 51, 146,
+ /* 880 */ 147, 23, 174, 175, 26, 195, 195, 152, 70, 152,
+ /* 890 */ 168, 169, 152, 26, 174, 175, 152, 19, 71, 72,
+ /* 900 */ 73, 74, 75, 76, 77, 78, 79, 80, 81, 82,
+ /* 910 */ 83, 152, 85, 86, 87, 88, 89, 90, 91, 92,
+ /* 920 */ 93, 94, 95, 152, 246, 247, 213, 214, 50, 51,
+ /* 930 */ 195, 152, 195, 174, 175, 195, 100, 101, 152, 195,
+ /* 940 */ 152, 152, 7, 8, 152, 174, 175, 163, 19, 71,
+ /* 950 */ 72, 73, 74, 75, 76, 77, 78, 79, 80, 81,
+ /* 960 */ 82, 83, 152, 85, 86, 87, 88, 89, 90, 91,
+ /* 970 */ 92, 93, 94, 95, 152, 27, 152, 189, 189, 50,
+ /* 980 */ 51, 195, 198, 152, 174, 175, 33, 132, 133, 152,
+ /* 990 */ 123, 163, 163, 163, 152, 42, 174, 175, 152, 19,
+ /* 1000 */ 152, 72, 73, 74, 75, 76, 77, 78, 79, 80,
+ /* 1010 */ 81, 82, 83, 152, 85, 86, 87, 88, 89, 90,
+ /* 1020 */ 91, 92, 93, 94, 95, 152, 198, 198, 198, 23,
+ /* 1030 */ 50, 51, 26, 152, 23, 174, 175, 26, 23, 23,
+ /* 1040 */ 23, 26, 26, 26, 152, 97, 23, 174, 175, 26,
+ /* 1050 */ 132, 133, 152, 73, 74, 75, 76, 77, 78, 79,
+ /* 1060 */ 80, 81, 82, 83, 152, 85, 86, 87, 88, 89,
+ /* 1070 */ 90, 91, 92, 93, 94, 95, 19, 20, 23, 22,
+ /* 1080 */ 23, 26, 152, 152, 27, 28, 174, 175, 152, 19,
+ /* 1090 */ 20, 27, 22, 183, 183, 38, 152, 27, 28, 152,
+ /* 1100 */ 23, 152, 152, 26, 174, 175, 152, 152, 38, 152,
+ /* 1110 */ 23, 152, 27, 26, 57, 152, 215, 163, 152, 152,
+ /* 1120 */ 152, 174, 175, 66, 174, 175, 69, 57, 174, 175,
+ /* 1130 */ 152, 174, 175, 174, 175, 212, 66, 174, 175, 69,
+ /* 1140 */ 174, 175, 174, 175, 152, 152, 89, 90, 152, 193,
+ /* 1150 */ 152, 152, 198, 96, 97, 98, 91, 152, 101, 89,
+ /* 1160 */ 90, 97, 152, 209, 210, 152, 96, 97, 98, 235,
+ /* 1170 */ 152, 101, 174, 175, 152, 19, 20, 152, 22, 174,
+ /* 1180 */ 175, 116, 97, 27, 28, 152, 121, 174, 175, 132,
+ /* 1190 */ 133, 134, 135, 136, 38, 152, 174, 175, 152, 174,
+ /* 1200 */ 175, 152, 132, 133, 134, 135, 136, 234, 152, 212,
+ /* 1210 */ 150, 199, 212, 57, 212, 240, 240, 203, 178, 200,
+ /* 1220 */ 216, 186, 177, 19, 20, 69, 22, 203, 177, 182,
+ /* 1230 */ 177, 27, 28, 202, 200, 228, 216, 216, 155, 39,
+ /* 1240 */ 122, 159, 38, 159, 41, 89, 90, 91, 159, 241,
+ /* 1250 */ 241, 22, 96, 97, 98, 71, 130, 101, 222, 191,
+ /* 1260 */ 18, 57, 203, 194, 159, 194, 194, 194, 18, 158,
+ /* 1270 */ 244, 191, 222, 69, 159, 158, 137, 19, 20, 203,
+ /* 1280 */ 22, 191, 203, 46, 236, 27, 28, 159, 132, 133,
+ /* 1290 */ 134, 135, 136, 89, 90, 237, 38, 159, 158, 22,
+ /* 1300 */ 96, 97, 98, 179, 159, 101, 158, 48, 159, 158,
+ /* 1310 */ 179, 176, 107, 176, 184, 57, 106, 176, 184, 176,
+ /* 1320 */ 125, 179, 178, 176, 218, 107, 176, 69, 176, 217,
+ /* 1330 */ 159, 218, 218, 217, 159, 137, 132, 133, 134, 135,
+ /* 1340 */ 136, 218, 217, 179, 217, 179, 227, 89, 90, 95,
+ /* 1350 */ 230, 230, 129, 207, 96, 97, 98, 126, 128, 101,
+ /* 1360 */ 5, 206, 205, 127, 204, 10, 11, 12, 13, 14,
+ /* 1370 */ 203, 25, 17, 162, 26, 161, 13, 153, 153, 6,
+ /* 1380 */ 247, 180, 250, 151, 151, 151, 151, 32, 180, 34,
+ /* 1390 */ 132, 133, 134, 135, 136, 167, 4, 3, 43, 22,
+ /* 1400 */ 15, 68, 142, 250, 16, 23, 23, 120, 111, 131,
+ /* 1410 */ 20, 56, 123, 125, 16, 1, 123, 131, 63, 79,
+ /* 1420 */ 79, 66, 67, 111, 28, 36, 122, 1, 5, 22,
+ /* 1430 */ 107, 140, 54, 54, 26, 61, 107, 44, 20, 24,
+ /* 1440 */ 19, 105, 112, 23, 22, 40, 22, 22, 53, 22,
+ /* 1450 */ 53, 22, 53, 23, 23, 23, 22, 22, 30, 116,
+ /* 1460 */ 23, 122, 26, 23, 23, 22, 28, 11, 124, 114,
+ /* 1470 */ 26, 26, 23, 23, 23, 36, 24, 23, 36, 26,
+ /* 1480 */ 22, 22, 36, 23, 122, 23, 22, 26, 22, 24,
+ /* 1490 */ 23, 23, 23, 22, 122, 23, 141, 122, 122, 15,
+ /* 1500 */ 1,
+};
+#define YY_SHIFT_USE_DFLT (-89)
+#define YY_SHIFT_COUNT (435)
+#define YY_SHIFT_MIN (-88)
+#define YY_SHIFT_MAX (1499)
+static const short yy_shift_ofst[] = {
+ /* 0 */ 5, 1057, 1355, 1070, 1204, 1204, 1204, 90, 60, -19,
+ /* 10 */ 58, 58, 186, 1204, 1204, 1204, 1204, 1204, 1204, 1204,
+ /* 20 */ 67, 67, 182, 336, 218, 550, 135, 263, 340, 417,
+ /* 30 */ 494, 571, 622, 699, 776, 827, 827, 827, 827, 827,
+ /* 40 */ 827, 827, 827, 827, 827, 827, 827, 827, 827, 827,
+ /* 50 */ 878, 827, 929, 980, 980, 1156, 1204, 1204, 1204, 1204,
+ /* 60 */ 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204,
+ /* 70 */ 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204,
+ /* 80 */ 1204, 1204, 1204, 1204, 1258, 1204, 1204, 1204, 1204, 1204,
+ /* 90 */ 1204, 1204, 1204, 1204, 1204, 1204, 1204, 1204, -71, -47,
+ /* 100 */ -47, -47, -47, -47, -6, 88, -66, 218, 218, 418,
+ /* 110 */ 495, 535, 535, 33, 43, 10, -30, -89, -89, -89,
+ /* 120 */ 11, 425, 425, 268, 455, 605, 218, 218, 218, 218,
+ /* 130 */ 218, 218, 218, 218, 218, 218, 218, 218, 218, 218,
+ /* 140 */ 218, 218, 218, 218, 218, 684, 138, 10, 43, 125,
+ /* 150 */ 125, 125, 125, 125, 125, -89, -89, -89, 228, 341,
+ /* 160 */ 341, 207, 276, 300, 280, 352, 354, 218, 218, 218,
+ /* 170 */ 218, 218, 218, 218, 218, 218, 218, 218, 218, 218,
+ /* 180 */ 218, 218, 218, 218, 563, 563, 563, 218, 218, 435,
+ /* 190 */ 218, 218, 218, 579, 218, 218, 585, 218, 218, 218,
+ /* 200 */ 218, 218, 218, 218, 218, 218, 218, 581, 768, 711,
+ /* 210 */ 711, 711, 704, 215, 1065, 756, 434, 709, 709, 712,
+ /* 220 */ 434, 712, 534, 858, 641, 953, 709, -88, 953, 953,
+ /* 230 */ 867, 489, 447, 1200, 1118, 1118, 1203, 1203, 1118, 1229,
+ /* 240 */ 1184, 1126, 1242, 1242, 1242, 1242, 1118, 1250, 1126, 1229,
+ /* 250 */ 1184, 1184, 1126, 1118, 1250, 1139, 1237, 1118, 1118, 1250,
+ /* 260 */ 1277, 1118, 1250, 1118, 1250, 1277, 1205, 1205, 1205, 1259,
+ /* 270 */ 1277, 1205, 1210, 1205, 1259, 1205, 1205, 1195, 1218, 1195,
+ /* 280 */ 1218, 1195, 1218, 1195, 1218, 1118, 1118, 1198, 1277, 1254,
+ /* 290 */ 1254, 1277, 1223, 1231, 1230, 1236, 1126, 1346, 1348, 1363,
+ /* 300 */ 1363, 1373, 1373, 1373, 1373, -89, -89, -89, -89, -89,
+ /* 310 */ -89, 477, 547, 386, 818, 750, 765, 700, 1006, 731,
+ /* 320 */ 1011, 1015, 1016, 1017, 948, 836, 935, 703, 1023, 1055,
+ /* 330 */ 1064, 1077, 855, 918, 1087, 1085, 611, 1392, 1394, 1377,
+ /* 340 */ 1260, 1385, 1333, 1388, 1382, 1383, 1287, 1278, 1297, 1289,
+ /* 350 */ 1390, 1288, 1398, 1414, 1293, 1286, 1340, 1341, 1312, 1396,
+ /* 360 */ 1389, 1304, 1426, 1423, 1407, 1323, 1291, 1378, 1408, 1379,
+ /* 370 */ 1374, 1393, 1329, 1415, 1418, 1421, 1330, 1336, 1422, 1395,
+ /* 380 */ 1424, 1425, 1420, 1427, 1397, 1428, 1429, 1399, 1405, 1430,
+ /* 390 */ 1431, 1432, 1343, 1434, 1437, 1435, 1436, 1339, 1440, 1441,
+ /* 400 */ 1438, 1439, 1443, 1344, 1444, 1442, 1445, 1446, 1444, 1449,
+ /* 410 */ 1450, 1451, 1453, 1454, 1458, 1456, 1460, 1459, 1452, 1461,
+ /* 420 */ 1462, 1464, 1465, 1461, 1467, 1466, 1468, 1469, 1471, 1362,
+ /* 430 */ 1372, 1375, 1376, 1472, 1484, 1499,
+};
+#define YY_REDUCE_USE_DFLT (-144)
+#define YY_REDUCE_COUNT (310)
+#define YY_REDUCE_MIN (-143)
+#define YY_REDUCE_MAX (1235)
+static const short yy_reduce_ofst[] = {
+ /* 0 */ -143, 954, 86, 21, -50, 23, 79, 134, 226, -120,
+ /* 10 */ -127, 146, 161, 291, 349, 366, 311, 382, 374, 231,
+ /* 20 */ 364, 367, 396, 398, 236, 317, -103, -103, -103, -103,
+ /* 30 */ -103, -103, -103, -103, -103, -103, -103, -103, -103, -103,
+ /* 40 */ -103, -103, -103, -103, -103, -103, -103, -103, -103, -103,
+ /* 50 */ -103, -103, -103, -103, -103, 460, 503, 567, 569, 572,
+ /* 60 */ 577, 580, 582, 584, 587, 593, 631, 644, 646, 649,
+ /* 70 */ 655, 657, 659, 661, 664, 670, 708, 720, 759, 771,
+ /* 80 */ 810, 822, 861, 873, 912, 930, 947, 950, 957, 959,
+ /* 90 */ 963, 966, 968, 998, 1005, 1013, 1022, 1025, -103, -103,
+ /* 100 */ -103, -103, -103, -103, -103, -103, -103, 474, 212, 15,
+ /* 110 */ 498, 222, 511, -103, 97, 557, -103, -103, -103, -103,
+ /* 120 */ -80, 9, 59, 19, 294, 294, -53, -62, 690, 691,
+ /* 130 */ 735, 737, 740, 744, 133, 310, 148, 330, 160, 380,
+ /* 140 */ 786, 788, 401, 296, 789, 733, 85, 722, -42, 324,
+ /* 150 */ 508, 784, 828, 829, 830, 678, 713, 407, 69, 150,
+ /* 160 */ 194, 188, 289, 301, 403, 461, 485, 568, 617, 673,
+ /* 170 */ 724, 779, 792, 824, 831, 837, 842, 846, 848, 881,
+ /* 180 */ 892, 900, 931, 936, 446, 910, 911, 944, 949, 901,
+ /* 190 */ 955, 967, 978, 923, 992, 993, 956, 996, 999, 1010,
+ /* 200 */ 289, 1018, 1033, 1043, 1046, 1049, 1056, 934, 973, 997,
+ /* 210 */ 1000, 1002, 901, 1012, 1019, 1060, 1014, 1004, 1020, 975,
+ /* 220 */ 1024, 976, 1040, 1035, 1047, 1045, 1021, 1007, 1051, 1053,
+ /* 230 */ 1031, 1034, 1083, 1026, 1082, 1084, 1008, 1009, 1089, 1036,
+ /* 240 */ 1068, 1059, 1069, 1071, 1072, 1073, 1105, 1111, 1076, 1050,
+ /* 250 */ 1080, 1090, 1079, 1115, 1117, 1058, 1048, 1128, 1138, 1140,
+ /* 260 */ 1124, 1145, 1148, 1149, 1151, 1131, 1135, 1137, 1141, 1130,
+ /* 270 */ 1142, 1143, 1144, 1147, 1134, 1150, 1152, 1106, 1112, 1113,
+ /* 280 */ 1116, 1114, 1125, 1123, 1127, 1171, 1175, 1119, 1164, 1120,
+ /* 290 */ 1121, 1166, 1146, 1155, 1157, 1160, 1167, 1211, 1214, 1224,
+ /* 300 */ 1225, 1232, 1233, 1234, 1235, 1132, 1153, 1133, 1201, 1208,
+ /* 310 */ 1228,
+};
+static const YYACTIONTYPE yy_default[] = {
+ /* 0 */ 982, 1300, 1300, 1300, 1214, 1214, 1214, 1305, 1300, 1109,
+ /* 10 */ 1138, 1138, 1274, 1305, 1305, 1305, 1305, 1305, 1305, 1212,
+ /* 20 */ 1305, 1305, 1305, 1300, 1305, 1113, 1144, 1305, 1305, 1305,
+ /* 30 */ 1305, 1305, 1305, 1305, 1305, 1273, 1275, 1152, 1151, 1254,
+ /* 40 */ 1125, 1149, 1142, 1146, 1215, 1208, 1209, 1207, 1211, 1216,
+ /* 50 */ 1305, 1145, 1177, 1192, 1176, 1305, 1305, 1305, 1305, 1305,
+ /* 60 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 70 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 80 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 90 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1186, 1191,
+ /* 100 */ 1198, 1190, 1187, 1179, 1178, 1180, 1181, 1305, 1305, 1008,
+ /* 110 */ 1074, 1305, 1305, 1182, 1305, 1020, 1183, 1195, 1194, 1193,
+ /* 120 */ 1015, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 130 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 140 */ 1305, 1305, 1305, 1305, 1305, 982, 1300, 1305, 1305, 1300,
+ /* 150 */ 1300, 1300, 1300, 1300, 1300, 1292, 1113, 1103, 1305, 1305,
+ /* 160 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1280, 1278,
+ /* 170 */ 1305, 1227, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 180 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 190 */ 1305, 1305, 1305, 1109, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 200 */ 1305, 1305, 1305, 1305, 1305, 1305, 988, 1305, 1247, 1109,
+ /* 210 */ 1109, 1109, 1111, 1089, 1101, 990, 1148, 1127, 1127, 1259,
+ /* 220 */ 1148, 1259, 1045, 1068, 1042, 1138, 1127, 1210, 1138, 1138,
+ /* 230 */ 1110, 1101, 1305, 1285, 1118, 1118, 1277, 1277, 1118, 1157,
+ /* 240 */ 1078, 1148, 1085, 1085, 1085, 1085, 1118, 1005, 1148, 1157,
+ /* 250 */ 1078, 1078, 1148, 1118, 1005, 1253, 1251, 1118, 1118, 1005,
+ /* 260 */ 1220, 1118, 1005, 1118, 1005, 1220, 1076, 1076, 1076, 1060,
+ /* 270 */ 1220, 1076, 1045, 1076, 1060, 1076, 1076, 1131, 1126, 1131,
+ /* 280 */ 1126, 1131, 1126, 1131, 1126, 1118, 1118, 1305, 1220, 1224,
+ /* 290 */ 1224, 1220, 1143, 1132, 1141, 1139, 1148, 1011, 1063, 998,
+ /* 300 */ 998, 987, 987, 987, 987, 1297, 1297, 1292, 1047, 1047,
+ /* 310 */ 1030, 1305, 1305, 1305, 1305, 1305, 1305, 1022, 1305, 1229,
+ /* 320 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 330 */ 1305, 1305, 1305, 1305, 1305, 1305, 1164, 1305, 983, 1287,
+ /* 340 */ 1305, 1305, 1284, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 350 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 360 */ 1305, 1257, 1305, 1305, 1305, 1305, 1305, 1305, 1250, 1249,
+ /* 370 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 380 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305,
+ /* 390 */ 1305, 1305, 1092, 1305, 1305, 1305, 1096, 1305, 1305, 1305,
+ /* 400 */ 1305, 1305, 1305, 1305, 1140, 1305, 1133, 1305, 1213, 1305,
+ /* 410 */ 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1305, 1302,
+ /* 420 */ 1305, 1305, 1305, 1301, 1305, 1305, 1305, 1305, 1305, 1166,
+ /* 430 */ 1305, 1165, 1169, 1305, 996, 1305,
+};
+/********** End of lemon-generated parsing tables *****************************/
+
+/* The next table maps tokens (terminal symbols) into fallback tokens.
+** If a construct like the following:
+**
+** %fallback ID X Y Z.
+**
+** appears in the grammar, then ID becomes a fallback token for X, Y,
+** and Z. Whenever one of the tokens X, Y, or Z is input to the parser
+** but it does not parse, the type of the token is changed to ID and
+** the parse is retried before an error is thrown.
+**
+** This feature can be used, for example, to cause some keywords in a language
+** to revert to identifiers if they keyword does not apply in the context where
+** it appears.
+*/
+#ifdef YYFALLBACK
+static const YYCODETYPE yyFallback[] = {
+ 0, /* $ => nothing */
+ 0, /* SEMI => nothing */
+ 27, /* EXPLAIN => ID */
+ 27, /* QUERY => ID */
+ 27, /* PLAN => ID */
+ 27, /* BEGIN => ID */
+ 0, /* TRANSACTION => nothing */
+ 27, /* DEFERRED => ID */
+ 27, /* IMMEDIATE => ID */
+ 27, /* EXCLUSIVE => ID */
+ 0, /* COMMIT => nothing */
+ 27, /* END => ID */
+ 27, /* ROLLBACK => ID */
+ 27, /* SAVEPOINT => ID */
+ 27, /* RELEASE => ID */
+ 0, /* TO => nothing */
+ 0, /* TABLE => nothing */
+ 0, /* CREATE => nothing */
+ 27, /* IF => ID */
+ 0, /* NOT => nothing */
+ 0, /* EXISTS => nothing */
+ 27, /* TEMP => ID */
+ 0, /* LP => nothing */
+ 0, /* RP => nothing */
+ 0, /* AS => nothing */
+ 27, /* WITHOUT => ID */
+ 0, /* COMMA => nothing */
+ 0, /* ID => nothing */
+ 0, /* INDEXED => nothing */
+ 27, /* ABORT => ID */
+ 27, /* ACTION => ID */
+ 27, /* AFTER => ID */
+ 27, /* ANALYZE => ID */
+ 27, /* ASC => ID */
+ 27, /* ATTACH => ID */
+ 27, /* BEFORE => ID */
+ 27, /* BY => ID */
+ 27, /* CASCADE => ID */
+ 27, /* CAST => ID */
+ 27, /* COLUMNKW => ID */
+ 27, /* CONFLICT => ID */
+ 27, /* DATABASE => ID */
+ 27, /* DESC => ID */
+ 27, /* DETACH => ID */
+ 27, /* EACH => ID */
+ 27, /* FAIL => ID */
+ 27, /* FOR => ID */
+ 27, /* IGNORE => ID */
+ 27, /* INITIALLY => ID */
+ 27, /* INSTEAD => ID */
+ 27, /* LIKE_KW => ID */
+ 27, /* MATCH => ID */
+ 27, /* NO => ID */
+ 27, /* KEY => ID */
+ 27, /* OF => ID */
+ 27, /* OFFSET => ID */
+ 27, /* PRAGMA => ID */
+ 27, /* RAISE => ID */
+ 27, /* RECURSIVE => ID */
+ 27, /* REPLACE => ID */
+ 27, /* RESTRICT => ID */
+ 27, /* ROW => ID */
+ 27, /* TRIGGER => ID */
+ 27, /* VACUUM => ID */
+ 27, /* VIEW => ID */
+ 27, /* VIRTUAL => ID */
+ 27, /* WITH => ID */
+ 27, /* REINDEX => ID */
+ 27, /* RENAME => ID */
+ 27, /* CTIME_KW => ID */
+};
+#endif /* YYFALLBACK */
+
+/* The following structure represents a single element of the
+** parser's stack. Information stored includes:
+**
+** + The state number for the parser at this level of the stack.
+**
+** + The value of the token stored at this level of the stack.
+** (In other words, the "major" token.)
+**
+** + The semantic value stored at this level of the stack. This is
+** the information used by the action routines in the grammar.
+** It is sometimes called the "minor" token.
+**
+** After the "shift" half of a SHIFTREDUCE action, the stateno field
+** actually contains the reduce action for the second half of the
+** SHIFTREDUCE.
+*/
+struct yyStackEntry {
+ YYACTIONTYPE stateno; /* The state-number, or reduce action in SHIFTREDUCE */
+ YYCODETYPE major; /* The major token value. This is the code
+ ** number for the token at this stack level */
+ YYMINORTYPE minor; /* The user-supplied minor token value. This
+ ** is the value of the token */
+};
+typedef struct yyStackEntry yyStackEntry;
+
+/* The state of the parser is completely contained in an instance of
+** the following structure */
+struct yyParser {
+ int yyidx; /* Index of top element in stack */
+#ifdef YYTRACKMAXSTACKDEPTH
+ int yyidxMax; /* Maximum value of yyidx */
+#endif
+ int yyerrcnt; /* Shifts left before out of the error */
+ sqlite3ParserARG_SDECL /* A place to hold %extra_argument */
+#if YYSTACKDEPTH<=0
+ int yystksz; /* Current side of the stack */
+ yyStackEntry *yystack; /* The parser's stack */
+#else
+ yyStackEntry yystack[YYSTACKDEPTH]; /* The parser's stack */
+#endif
+};
+typedef struct yyParser yyParser;
+
+#ifndef NDEBUG
+/* #include <stdio.h> */
+static FILE *yyTraceFILE = 0;
+static char *yyTracePrompt = 0;
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/*
+** Turn parser tracing on by giving a stream to which to write the trace
+** and a prompt to preface each trace message. Tracing is turned off
+** by making either argument NULL
+**
+** Inputs:
+** <ul>
+** <li> A FILE* to which trace output should be written.
+** If NULL, then tracing is turned off.
+** <li> A prefix string written at the beginning of every
+** line of trace output. If NULL, then tracing is
+** turned off.
+** </ul>
+**
+** Outputs:
+** None.
+*/
+SQLITE_PRIVATE void sqlite3ParserTrace(FILE *TraceFILE, char *zTracePrompt){
+ yyTraceFILE = TraceFILE;
+ yyTracePrompt = zTracePrompt;
+ if( yyTraceFILE==0 ) yyTracePrompt = 0;
+ else if( yyTracePrompt==0 ) yyTraceFILE = 0;
+}
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/* For tracing shifts, the names of all terminals and nonterminals
+** are required. The following table supplies these names */
+static const char *const yyTokenName[] = {
+ "$", "SEMI", "EXPLAIN", "QUERY",
+ "PLAN", "BEGIN", "TRANSACTION", "DEFERRED",
+ "IMMEDIATE", "EXCLUSIVE", "COMMIT", "END",
+ "ROLLBACK", "SAVEPOINT", "RELEASE", "TO",
+ "TABLE", "CREATE", "IF", "NOT",
+ "EXISTS", "TEMP", "LP", "RP",
+ "AS", "WITHOUT", "COMMA", "ID",
+ "INDEXED", "ABORT", "ACTION", "AFTER",
+ "ANALYZE", "ASC", "ATTACH", "BEFORE",
+ "BY", "CASCADE", "CAST", "COLUMNKW",
+ "CONFLICT", "DATABASE", "DESC", "DETACH",
+ "EACH", "FAIL", "FOR", "IGNORE",
+ "INITIALLY", "INSTEAD", "LIKE_KW", "MATCH",
+ "NO", "KEY", "OF", "OFFSET",
+ "PRAGMA", "RAISE", "RECURSIVE", "REPLACE",
+ "RESTRICT", "ROW", "TRIGGER", "VACUUM",
+ "VIEW", "VIRTUAL", "WITH", "REINDEX",
+ "RENAME", "CTIME_KW", "ANY", "OR",
+ "AND", "IS", "BETWEEN", "IN",
+ "ISNULL", "NOTNULL", "NE", "EQ",
+ "GT", "LE", "LT", "GE",
+ "ESCAPE", "BITAND", "BITOR", "LSHIFT",
+ "RSHIFT", "PLUS", "MINUS", "STAR",
+ "SLASH", "REM", "CONCAT", "COLLATE",
+ "BITNOT", "STRING", "JOIN_KW", "CONSTRAINT",
+ "DEFAULT", "NULL", "PRIMARY", "UNIQUE",
+ "CHECK", "REFERENCES", "AUTOINCR", "ON",
+ "INSERT", "DELETE", "UPDATE", "SET",
+ "DEFERRABLE", "FOREIGN", "DROP", "UNION",
+ "ALL", "EXCEPT", "INTERSECT", "SELECT",
+ "VALUES", "DISTINCT", "DOT", "FROM",
+ "JOIN", "USING", "ORDER", "GROUP",
+ "HAVING", "LIMIT", "WHERE", "INTO",
+ "INTEGER", "FLOAT", "BLOB", "VARIABLE",
+ "CASE", "WHEN", "THEN", "ELSE",
+ "INDEX", "ALTER", "ADD", "error",
+ "input", "cmdlist", "ecmd", "explain",
+ "cmdx", "cmd", "transtype", "trans_opt",
+ "nm", "savepoint_opt", "create_table", "create_table_args",
+ "createkw", "temp", "ifnotexists", "dbnm",
+ "columnlist", "conslist_opt", "table_options", "select",
+ "column", "columnid", "type", "carglist",
+ "typetoken", "typename", "signed", "plus_num",
+ "minus_num", "ccons", "term", "expr",
+ "onconf", "sortorder", "autoinc", "eidlist_opt",
+ "refargs", "defer_subclause", "refarg", "refact",
+ "init_deferred_pred_opt", "conslist", "tconscomma", "tcons",
+ "sortlist", "eidlist", "defer_subclause_opt", "orconf",
+ "resolvetype", "raisetype", "ifexists", "fullname",
+ "selectnowith", "oneselect", "with", "multiselect_op",
+ "distinct", "selcollist", "from", "where_opt",
+ "groupby_opt", "having_opt", "orderby_opt", "limit_opt",
+ "values", "nexprlist", "exprlist", "sclp",
+ "as", "seltablist", "stl_prefix", "joinop",
+ "indexed_opt", "on_opt", "using_opt", "idlist",
+ "setlist", "insert_cmd", "idlist_opt", "likeop",
+ "between_op", "in_op", "case_operand", "case_exprlist",
+ "case_else", "uniqueflag", "collate", "nmnum",
+ "trigger_decl", "trigger_cmd_list", "trigger_time", "trigger_event",
+ "foreach_clause", "when_clause", "trigger_cmd", "trnm",
+ "tridxby", "database_kw_opt", "key_opt", "add_column_fullname",
+ "kwcolumn_opt", "create_vtab", "vtabarglist", "vtabarg",
+ "vtabargtoken", "lp", "anylist", "wqlist",
+};
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/* For tracing reduce actions, the names of all rules are required.
+*/
+static const char *const yyRuleName[] = {
+ /* 0 */ "input ::= cmdlist",
+ /* 1 */ "cmdlist ::= cmdlist ecmd",
+ /* 2 */ "cmdlist ::= ecmd",
+ /* 3 */ "ecmd ::= SEMI",
+ /* 4 */ "ecmd ::= explain cmdx SEMI",
+ /* 5 */ "explain ::=",
+ /* 6 */ "explain ::= EXPLAIN",
+ /* 7 */ "explain ::= EXPLAIN QUERY PLAN",
+ /* 8 */ "cmdx ::= cmd",
+ /* 9 */ "cmd ::= BEGIN transtype trans_opt",
+ /* 10 */ "trans_opt ::=",
+ /* 11 */ "trans_opt ::= TRANSACTION",
+ /* 12 */ "trans_opt ::= TRANSACTION nm",
+ /* 13 */ "transtype ::=",
+ /* 14 */ "transtype ::= DEFERRED",
+ /* 15 */ "transtype ::= IMMEDIATE",
+ /* 16 */ "transtype ::= EXCLUSIVE",
+ /* 17 */ "cmd ::= COMMIT trans_opt",
+ /* 18 */ "cmd ::= END trans_opt",
+ /* 19 */ "cmd ::= ROLLBACK trans_opt",
+ /* 20 */ "savepoint_opt ::= SAVEPOINT",
+ /* 21 */ "savepoint_opt ::=",
+ /* 22 */ "cmd ::= SAVEPOINT nm",
+ /* 23 */ "cmd ::= RELEASE savepoint_opt nm",
+ /* 24 */ "cmd ::= ROLLBACK trans_opt TO savepoint_opt nm",
+ /* 25 */ "cmd ::= create_table create_table_args",
+ /* 26 */ "create_table ::= createkw temp TABLE ifnotexists nm dbnm",
+ /* 27 */ "createkw ::= CREATE",
+ /* 28 */ "ifnotexists ::=",
+ /* 29 */ "ifnotexists ::= IF NOT EXISTS",
+ /* 30 */ "temp ::= TEMP",
+ /* 31 */ "temp ::=",
+ /* 32 */ "create_table_args ::= LP columnlist conslist_opt RP table_options",
+ /* 33 */ "create_table_args ::= AS select",
+ /* 34 */ "table_options ::=",
+ /* 35 */ "table_options ::= WITHOUT nm",
+ /* 36 */ "columnlist ::= columnlist COMMA column",
+ /* 37 */ "columnlist ::= column",
+ /* 38 */ "column ::= columnid type carglist",
+ /* 39 */ "columnid ::= nm",
+ /* 40 */ "nm ::= ID|INDEXED",
+ /* 41 */ "nm ::= STRING",
+ /* 42 */ "nm ::= JOIN_KW",
+ /* 43 */ "type ::=",
+ /* 44 */ "type ::= typetoken",
+ /* 45 */ "typetoken ::= typename",
+ /* 46 */ "typetoken ::= typename LP signed RP",
+ /* 47 */ "typetoken ::= typename LP signed COMMA signed RP",
+ /* 48 */ "typename ::= ID|STRING",
+ /* 49 */ "typename ::= typename ID|STRING",
+ /* 50 */ "signed ::= plus_num",
+ /* 51 */ "signed ::= minus_num",
+ /* 52 */ "carglist ::= carglist ccons",
+ /* 53 */ "carglist ::=",
+ /* 54 */ "ccons ::= CONSTRAINT nm",
+ /* 55 */ "ccons ::= DEFAULT term",
+ /* 56 */ "ccons ::= DEFAULT LP expr RP",
+ /* 57 */ "ccons ::= DEFAULT PLUS term",
+ /* 58 */ "ccons ::= DEFAULT MINUS term",
+ /* 59 */ "ccons ::= DEFAULT ID|INDEXED",
+ /* 60 */ "ccons ::= NULL onconf",
+ /* 61 */ "ccons ::= NOT NULL onconf",
+ /* 62 */ "ccons ::= PRIMARY KEY sortorder onconf autoinc",
+ /* 63 */ "ccons ::= UNIQUE onconf",
+ /* 64 */ "ccons ::= CHECK LP expr RP",
+ /* 65 */ "ccons ::= REFERENCES nm eidlist_opt refargs",
+ /* 66 */ "ccons ::= defer_subclause",
+ /* 67 */ "ccons ::= COLLATE ID|STRING",
+ /* 68 */ "autoinc ::=",
+ /* 69 */ "autoinc ::= AUTOINCR",
+ /* 70 */ "refargs ::=",
+ /* 71 */ "refargs ::= refargs refarg",
+ /* 72 */ "refarg ::= MATCH nm",
+ /* 73 */ "refarg ::= ON INSERT refact",
+ /* 74 */ "refarg ::= ON DELETE refact",
+ /* 75 */ "refarg ::= ON UPDATE refact",
+ /* 76 */ "refact ::= SET NULL",
+ /* 77 */ "refact ::= SET DEFAULT",
+ /* 78 */ "refact ::= CASCADE",
+ /* 79 */ "refact ::= RESTRICT",
+ /* 80 */ "refact ::= NO ACTION",
+ /* 81 */ "defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt",
+ /* 82 */ "defer_subclause ::= DEFERRABLE init_deferred_pred_opt",
+ /* 83 */ "init_deferred_pred_opt ::=",
+ /* 84 */ "init_deferred_pred_opt ::= INITIALLY DEFERRED",
+ /* 85 */ "init_deferred_pred_opt ::= INITIALLY IMMEDIATE",
+ /* 86 */ "conslist_opt ::=",
+ /* 87 */ "conslist_opt ::= COMMA conslist",
+ /* 88 */ "conslist ::= conslist tconscomma tcons",
+ /* 89 */ "conslist ::= tcons",
+ /* 90 */ "tconscomma ::= COMMA",
+ /* 91 */ "tconscomma ::=",
+ /* 92 */ "tcons ::= CONSTRAINT nm",
+ /* 93 */ "tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf",
+ /* 94 */ "tcons ::= UNIQUE LP sortlist RP onconf",
+ /* 95 */ "tcons ::= CHECK LP expr RP onconf",
+ /* 96 */ "tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt",
+ /* 97 */ "defer_subclause_opt ::=",
+ /* 98 */ "defer_subclause_opt ::= defer_subclause",
+ /* 99 */ "onconf ::=",
+ /* 100 */ "onconf ::= ON CONFLICT resolvetype",
+ /* 101 */ "orconf ::=",
+ /* 102 */ "orconf ::= OR resolvetype",
+ /* 103 */ "resolvetype ::= raisetype",
+ /* 104 */ "resolvetype ::= IGNORE",
+ /* 105 */ "resolvetype ::= REPLACE",
+ /* 106 */ "cmd ::= DROP TABLE ifexists fullname",
+ /* 107 */ "ifexists ::= IF EXISTS",
+ /* 108 */ "ifexists ::=",
+ /* 109 */ "cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select",
+ /* 110 */ "cmd ::= DROP VIEW ifexists fullname",
+ /* 111 */ "cmd ::= select",
+ /* 112 */ "select ::= with selectnowith",
+ /* 113 */ "selectnowith ::= oneselect",
+ /* 114 */ "selectnowith ::= selectnowith multiselect_op oneselect",
+ /* 115 */ "multiselect_op ::= UNION",
+ /* 116 */ "multiselect_op ::= UNION ALL",
+ /* 117 */ "multiselect_op ::= EXCEPT|INTERSECT",
+ /* 118 */ "oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt",
+ /* 119 */ "oneselect ::= values",
+ /* 120 */ "values ::= VALUES LP nexprlist RP",
+ /* 121 */ "values ::= values COMMA LP exprlist RP",
+ /* 122 */ "distinct ::= DISTINCT",
+ /* 123 */ "distinct ::= ALL",
+ /* 124 */ "distinct ::=",
+ /* 125 */ "sclp ::= selcollist COMMA",
+ /* 126 */ "sclp ::=",
+ /* 127 */ "selcollist ::= sclp expr as",
+ /* 128 */ "selcollist ::= sclp STAR",
+ /* 129 */ "selcollist ::= sclp nm DOT STAR",
+ /* 130 */ "as ::= AS nm",
+ /* 131 */ "as ::= ID|STRING",
+ /* 132 */ "as ::=",
+ /* 133 */ "from ::=",
+ /* 134 */ "from ::= FROM seltablist",
+ /* 135 */ "stl_prefix ::= seltablist joinop",
+ /* 136 */ "stl_prefix ::=",
+ /* 137 */ "seltablist ::= stl_prefix nm dbnm as indexed_opt on_opt using_opt",
+ /* 138 */ "seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_opt using_opt",
+ /* 139 */ "seltablist ::= stl_prefix LP select RP as on_opt using_opt",
+ /* 140 */ "seltablist ::= stl_prefix LP seltablist RP as on_opt using_opt",
+ /* 141 */ "dbnm ::=",
+ /* 142 */ "dbnm ::= DOT nm",
+ /* 143 */ "fullname ::= nm dbnm",
+ /* 144 */ "joinop ::= COMMA|JOIN",
+ /* 145 */ "joinop ::= JOIN_KW JOIN",
+ /* 146 */ "joinop ::= JOIN_KW nm JOIN",
+ /* 147 */ "joinop ::= JOIN_KW nm nm JOIN",
+ /* 148 */ "on_opt ::= ON expr",
+ /* 149 */ "on_opt ::=",
+ /* 150 */ "indexed_opt ::=",
+ /* 151 */ "indexed_opt ::= INDEXED BY nm",
+ /* 152 */ "indexed_opt ::= NOT INDEXED",
+ /* 153 */ "using_opt ::= USING LP idlist RP",
+ /* 154 */ "using_opt ::=",
+ /* 155 */ "orderby_opt ::=",
+ /* 156 */ "orderby_opt ::= ORDER BY sortlist",
+ /* 157 */ "sortlist ::= sortlist COMMA expr sortorder",
+ /* 158 */ "sortlist ::= expr sortorder",
+ /* 159 */ "sortorder ::= ASC",
+ /* 160 */ "sortorder ::= DESC",
+ /* 161 */ "sortorder ::=",
+ /* 162 */ "groupby_opt ::=",
+ /* 163 */ "groupby_opt ::= GROUP BY nexprlist",
+ /* 164 */ "having_opt ::=",
+ /* 165 */ "having_opt ::= HAVING expr",
+ /* 166 */ "limit_opt ::=",
+ /* 167 */ "limit_opt ::= LIMIT expr",
+ /* 168 */ "limit_opt ::= LIMIT expr OFFSET expr",
+ /* 169 */ "limit_opt ::= LIMIT expr COMMA expr",
+ /* 170 */ "cmd ::= with DELETE FROM fullname indexed_opt where_opt",
+ /* 171 */ "where_opt ::=",
+ /* 172 */ "where_opt ::= WHERE expr",
+ /* 173 */ "cmd ::= with UPDATE orconf fullname indexed_opt SET setlist where_opt",
+ /* 174 */ "setlist ::= setlist COMMA nm EQ expr",
+ /* 175 */ "setlist ::= nm EQ expr",
+ /* 176 */ "cmd ::= with insert_cmd INTO fullname idlist_opt select",
+ /* 177 */ "cmd ::= with insert_cmd INTO fullname idlist_opt DEFAULT VALUES",
+ /* 178 */ "insert_cmd ::= INSERT orconf",
+ /* 179 */ "insert_cmd ::= REPLACE",
+ /* 180 */ "idlist_opt ::=",
+ /* 181 */ "idlist_opt ::= LP idlist RP",
+ /* 182 */ "idlist ::= idlist COMMA nm",
+ /* 183 */ "idlist ::= nm",
+ /* 184 */ "expr ::= term",
+ /* 185 */ "expr ::= LP expr RP",
+ /* 186 */ "term ::= NULL",
+ /* 187 */ "expr ::= ID|INDEXED",
+ /* 188 */ "expr ::= JOIN_KW",
+ /* 189 */ "expr ::= nm DOT nm",
+ /* 190 */ "expr ::= nm DOT nm DOT nm",
+ /* 191 */ "term ::= INTEGER|FLOAT|BLOB",
+ /* 192 */ "term ::= STRING",
+ /* 193 */ "expr ::= VARIABLE",
+ /* 194 */ "expr ::= expr COLLATE ID|STRING",
+ /* 195 */ "expr ::= CAST LP expr AS typetoken RP",
+ /* 196 */ "expr ::= ID|INDEXED LP distinct exprlist RP",
+ /* 197 */ "expr ::= ID|INDEXED LP STAR RP",
+ /* 198 */ "term ::= CTIME_KW",
+ /* 199 */ "expr ::= expr AND expr",
+ /* 200 */ "expr ::= expr OR expr",
+ /* 201 */ "expr ::= expr LT|GT|GE|LE expr",
+ /* 202 */ "expr ::= expr EQ|NE expr",
+ /* 203 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
+ /* 204 */ "expr ::= expr PLUS|MINUS expr",
+ /* 205 */ "expr ::= expr STAR|SLASH|REM expr",
+ /* 206 */ "expr ::= expr CONCAT expr",
+ /* 207 */ "likeop ::= LIKE_KW|MATCH",
+ /* 208 */ "likeop ::= NOT LIKE_KW|MATCH",
+ /* 209 */ "expr ::= expr likeop expr",
+ /* 210 */ "expr ::= expr likeop expr ESCAPE expr",
+ /* 211 */ "expr ::= expr ISNULL|NOTNULL",
+ /* 212 */ "expr ::= expr NOT NULL",
+ /* 213 */ "expr ::= expr IS expr",
+ /* 214 */ "expr ::= expr IS NOT expr",
+ /* 215 */ "expr ::= NOT expr",
+ /* 216 */ "expr ::= BITNOT expr",
+ /* 217 */ "expr ::= MINUS expr",
+ /* 218 */ "expr ::= PLUS expr",
+ /* 219 */ "between_op ::= BETWEEN",
+ /* 220 */ "between_op ::= NOT BETWEEN",
+ /* 221 */ "expr ::= expr between_op expr AND expr",
+ /* 222 */ "in_op ::= IN",
+ /* 223 */ "in_op ::= NOT IN",
+ /* 224 */ "expr ::= expr in_op LP exprlist RP",
+ /* 225 */ "expr ::= LP select RP",
+ /* 226 */ "expr ::= expr in_op LP select RP",
+ /* 227 */ "expr ::= expr in_op nm dbnm",
+ /* 228 */ "expr ::= EXISTS LP select RP",
+ /* 229 */ "expr ::= CASE case_operand case_exprlist case_else END",
+ /* 230 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
+ /* 231 */ "case_exprlist ::= WHEN expr THEN expr",
+ /* 232 */ "case_else ::= ELSE expr",
+ /* 233 */ "case_else ::=",
+ /* 234 */ "case_operand ::= expr",
+ /* 235 */ "case_operand ::=",
+ /* 236 */ "exprlist ::= nexprlist",
+ /* 237 */ "exprlist ::=",
+ /* 238 */ "nexprlist ::= nexprlist COMMA expr",
+ /* 239 */ "nexprlist ::= expr",
+ /* 240 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
+ /* 241 */ "uniqueflag ::= UNIQUE",
+ /* 242 */ "uniqueflag ::=",
+ /* 243 */ "eidlist_opt ::=",
+ /* 244 */ "eidlist_opt ::= LP eidlist RP",
+ /* 245 */ "eidlist ::= eidlist COMMA nm collate sortorder",
+ /* 246 */ "eidlist ::= nm collate sortorder",
+ /* 247 */ "collate ::=",
+ /* 248 */ "collate ::= COLLATE ID|STRING",
+ /* 249 */ "cmd ::= DROP INDEX ifexists fullname",
+ /* 250 */ "cmd ::= VACUUM",
+ /* 251 */ "cmd ::= VACUUM nm",
+ /* 252 */ "cmd ::= PRAGMA nm dbnm",
+ /* 253 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
+ /* 254 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
+ /* 255 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
+ /* 256 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
+ /* 257 */ "nmnum ::= plus_num",
+ /* 258 */ "nmnum ::= nm",
+ /* 259 */ "nmnum ::= ON",
+ /* 260 */ "nmnum ::= DELETE",
+ /* 261 */ "nmnum ::= DEFAULT",
+ /* 262 */ "plus_num ::= PLUS INTEGER|FLOAT",
+ /* 263 */ "plus_num ::= INTEGER|FLOAT",
+ /* 264 */ "minus_num ::= MINUS INTEGER|FLOAT",
+ /* 265 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
+ /* 266 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
+ /* 267 */ "trigger_time ::= BEFORE",
+ /* 268 */ "trigger_time ::= AFTER",
+ /* 269 */ "trigger_time ::= INSTEAD OF",
+ /* 270 */ "trigger_time ::=",
+ /* 271 */ "trigger_event ::= DELETE|INSERT",
+ /* 272 */ "trigger_event ::= UPDATE",
+ /* 273 */ "trigger_event ::= UPDATE OF idlist",
+ /* 274 */ "foreach_clause ::=",
+ /* 275 */ "foreach_clause ::= FOR EACH ROW",
+ /* 276 */ "when_clause ::=",
+ /* 277 */ "when_clause ::= WHEN expr",
+ /* 278 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
+ /* 279 */ "trigger_cmd_list ::= trigger_cmd SEMI",
+ /* 280 */ "trnm ::= nm",
+ /* 281 */ "trnm ::= nm DOT nm",
+ /* 282 */ "tridxby ::=",
+ /* 283 */ "tridxby ::= INDEXED BY nm",
+ /* 284 */ "tridxby ::= NOT INDEXED",
+ /* 285 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist where_opt",
+ /* 286 */ "trigger_cmd ::= insert_cmd INTO trnm idlist_opt select",
+ /* 287 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt",
+ /* 288 */ "trigger_cmd ::= select",
+ /* 289 */ "expr ::= RAISE LP IGNORE RP",
+ /* 290 */ "expr ::= RAISE LP raisetype COMMA nm RP",
+ /* 291 */ "raisetype ::= ROLLBACK",
+ /* 292 */ "raisetype ::= ABORT",
+ /* 293 */ "raisetype ::= FAIL",
+ /* 294 */ "cmd ::= DROP TRIGGER ifexists fullname",
+ /* 295 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
+ /* 296 */ "cmd ::= DETACH database_kw_opt expr",
+ /* 297 */ "key_opt ::=",
+ /* 298 */ "key_opt ::= KEY expr",
+ /* 299 */ "database_kw_opt ::= DATABASE",
+ /* 300 */ "database_kw_opt ::=",
+ /* 301 */ "cmd ::= REINDEX",
+ /* 302 */ "cmd ::= REINDEX nm dbnm",
+ /* 303 */ "cmd ::= ANALYZE",
+ /* 304 */ "cmd ::= ANALYZE nm dbnm",
+ /* 305 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
+ /* 306 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt column",
+ /* 307 */ "add_column_fullname ::= fullname",
+ /* 308 */ "kwcolumn_opt ::=",
+ /* 309 */ "kwcolumn_opt ::= COLUMNKW",
+ /* 310 */ "cmd ::= create_vtab",
+ /* 311 */ "cmd ::= create_vtab LP vtabarglist RP",
+ /* 312 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
+ /* 313 */ "vtabarglist ::= vtabarg",
+ /* 314 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
+ /* 315 */ "vtabarg ::=",
+ /* 316 */ "vtabarg ::= vtabarg vtabargtoken",
+ /* 317 */ "vtabargtoken ::= ANY",
+ /* 318 */ "vtabargtoken ::= lp anylist RP",
+ /* 319 */ "lp ::= LP",
+ /* 320 */ "anylist ::=",
+ /* 321 */ "anylist ::= anylist LP anylist RP",
+ /* 322 */ "anylist ::= anylist ANY",
+ /* 323 */ "with ::=",
+ /* 324 */ "with ::= WITH wqlist",
+ /* 325 */ "with ::= WITH RECURSIVE wqlist",
+ /* 326 */ "wqlist ::= nm eidlist_opt AS LP select RP",
+ /* 327 */ "wqlist ::= wqlist COMMA nm eidlist_opt AS LP select RP",
+};
+#endif /* NDEBUG */
+
+
+#if YYSTACKDEPTH<=0
+/*
+** Try to increase the size of the parser stack.
+*/
+static void yyGrowStack(yyParser *p){
+ int newSize;
+ yyStackEntry *pNew;
+
+ newSize = p->yystksz*2 + 100;
+ pNew = realloc(p->yystack, newSize*sizeof(pNew[0]));
+ if( pNew ){
+ p->yystack = pNew;
+ p->yystksz = newSize;
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sStack grows to %d entries!\n",
+ yyTracePrompt, p->yystksz);
+ }
+#endif
+ }
+}
+#endif
+
+/* Datatype of the argument to the memory allocated passed as the
+** second argument to sqlite3ParserAlloc() below. This can be changed by
+** putting an appropriate #define in the %include section of the input
+** grammar.
+*/
+#ifndef YYMALLOCARGTYPE
+# define YYMALLOCARGTYPE size_t
+#endif
+
+/*
+** This function allocates a new parser.
+** The only argument is a pointer to a function which works like
+** malloc.
+**
+** Inputs:
+** A pointer to the function used to allocate memory.
+**
+** Outputs:
+** A pointer to a parser. This pointer is used in subsequent calls
+** to sqlite3Parser and sqlite3ParserFree.
+*/
+SQLITE_PRIVATE void *sqlite3ParserAlloc(void *(*mallocProc)(YYMALLOCARGTYPE)){
+ yyParser *pParser;
+ pParser = (yyParser*)(*mallocProc)( (YYMALLOCARGTYPE)sizeof(yyParser) );
+ if( pParser ){
+ pParser->yyidx = -1;
+#ifdef YYTRACKMAXSTACKDEPTH
+ pParser->yyidxMax = 0;
+#endif
+#if YYSTACKDEPTH<=0
+ pParser->yystack = NULL;
+ pParser->yystksz = 0;
+ yyGrowStack(pParser);
+#endif
+ }
+ return pParser;
+}
+
+/* The following function deletes the "minor type" or semantic value
+** associated with a symbol. The symbol can be either a terminal
+** or nonterminal. "yymajor" is the symbol code, and "yypminor" is
+** a pointer to the value to be deleted. The code used to do the
+** deletions is derived from the %destructor and/or %token_destructor
+** directives of the input grammar.
+*/
+static void yy_destructor(
+ yyParser *yypParser, /* The parser */
+ YYCODETYPE yymajor, /* Type code for object to destroy */
+ YYMINORTYPE *yypminor /* The object to be destroyed */
+){
+ sqlite3ParserARG_FETCH;
+ switch( yymajor ){
+ /* Here is inserted the actions which take place when a
+ ** terminal or non-terminal is destroyed. This can happen
+ ** when the symbol is popped from the stack during a
+ ** reduce or during error processing or when a parser is
+ ** being destroyed before it is finished parsing.
+ **
+ ** Note: during a reduce, the only symbols destroyed are those
+ ** which appear on the RHS of the rule, but which are *not* used
+ ** inside the C code.
+ */
+/********* Begin destructor definitions ***************************************/
+ case 163: /* select */
+ case 196: /* selectnowith */
+ case 197: /* oneselect */
+ case 208: /* values */
+{
+sqlite3SelectDelete(pParse->db, (yypminor->yy387));
+}
+ break;
+ case 174: /* term */
+ case 175: /* expr */
+{
+sqlite3ExprDelete(pParse->db, (yypminor->yy118).pExpr);
+}
+ break;
+ case 179: /* eidlist_opt */
+ case 188: /* sortlist */
+ case 189: /* eidlist */
+ case 201: /* selcollist */
+ case 204: /* groupby_opt */
+ case 206: /* orderby_opt */
+ case 209: /* nexprlist */
+ case 210: /* exprlist */
+ case 211: /* sclp */
+ case 220: /* setlist */
+ case 227: /* case_exprlist */
+{
+sqlite3ExprListDelete(pParse->db, (yypminor->yy322));
+}
+ break;
+ case 195: /* fullname */
+ case 202: /* from */
+ case 213: /* seltablist */
+ case 214: /* stl_prefix */
+{
+sqlite3SrcListDelete(pParse->db, (yypminor->yy259));
+}
+ break;
+ case 198: /* with */
+ case 251: /* wqlist */
+{
+sqlite3WithDelete(pParse->db, (yypminor->yy451));
+}
+ break;
+ case 203: /* where_opt */
+ case 205: /* having_opt */
+ case 217: /* on_opt */
+ case 226: /* case_operand */
+ case 228: /* case_else */
+ case 237: /* when_clause */
+ case 242: /* key_opt */
+{
+sqlite3ExprDelete(pParse->db, (yypminor->yy314));
+}
+ break;
+ case 218: /* using_opt */
+ case 219: /* idlist */
+ case 222: /* idlist_opt */
+{
+sqlite3IdListDelete(pParse->db, (yypminor->yy384));
+}
+ break;
+ case 233: /* trigger_cmd_list */
+ case 238: /* trigger_cmd */
+{
+sqlite3DeleteTriggerStep(pParse->db, (yypminor->yy203));
+}
+ break;
+ case 235: /* trigger_event */
+{
+sqlite3IdListDelete(pParse->db, (yypminor->yy90).b);
+}
+ break;
+/********* End destructor definitions *****************************************/
+ default: break; /* If no destructor action specified: do nothing */
+ }
+}
+
+/*
+** Pop the parser's stack once.
+**
+** If there is a destructor routine associated with the token which
+** is popped from the stack, then call it.
+*/
+static void yy_pop_parser_stack(yyParser *pParser){
+ yyStackEntry *yytos;
+ assert( pParser->yyidx>=0 );
+ yytos = &pParser->yystack[pParser->yyidx--];
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sPopping %s\n",
+ yyTracePrompt,
+ yyTokenName[yytos->major]);
+ }
+#endif
+ yy_destructor(pParser, yytos->major, &yytos->minor);
+}
+
+/*
+** Deallocate and destroy a parser. Destructors are called for
+** all stack elements before shutting the parser down.
+**
+** If the YYPARSEFREENEVERNULL macro exists (for example because it
+** is defined in a %include section of the input grammar) then it is
+** assumed that the input pointer is never NULL.
+*/
+SQLITE_PRIVATE void sqlite3ParserFree(
+ void *p, /* The parser to be deleted */
+ void (*freeProc)(void*) /* Function used to reclaim memory */
+){
+ yyParser *pParser = (yyParser*)p;
+#ifndef YYPARSEFREENEVERNULL
+ if( pParser==0 ) return;
+#endif
+ while( pParser->yyidx>=0 ) yy_pop_parser_stack(pParser);
+#if YYSTACKDEPTH<=0
+ free(pParser->yystack);
+#endif
+ (*freeProc)((void*)pParser);
+}
+
+/*
+** Return the peak depth of the stack for a parser.
+*/
+#ifdef YYTRACKMAXSTACKDEPTH
+SQLITE_PRIVATE int sqlite3ParserStackPeak(void *p){
+ yyParser *pParser = (yyParser*)p;
+ return pParser->yyidxMax;
+}
+#endif
+
+/*
+** Find the appropriate action for a parser given the terminal
+** look-ahead token iLookAhead.
+*/
+static int yy_find_shift_action(
+ yyParser *pParser, /* The parser */
+ YYCODETYPE iLookAhead /* The look-ahead token */
+){
+ int i;
+ int stateno = pParser->yystack[pParser->yyidx].stateno;
+
+ if( stateno>=YY_MIN_REDUCE ) return stateno;
+ assert( stateno <= YY_SHIFT_COUNT );
+ do{
+ i = yy_shift_ofst[stateno];
+ if( i==YY_SHIFT_USE_DFLT ) return yy_default[stateno];
+ assert( iLookAhead!=YYNOCODE );
+ i += iLookAhead;
+ if( i<0 || i>=YY_ACTTAB_COUNT || yy_lookahead[i]!=iLookAhead ){
+ if( iLookAhead>0 ){
+#ifdef YYFALLBACK
+ YYCODETYPE iFallback; /* Fallback token */
+ if( iLookAhead<sizeof(yyFallback)/sizeof(yyFallback[0])
+ && (iFallback = yyFallback[iLookAhead])!=0 ){
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE, "%sFALLBACK %s => %s\n",
+ yyTracePrompt, yyTokenName[iLookAhead], yyTokenName[iFallback]);
+ }
+#endif
+ assert( yyFallback[iFallback]==0 ); /* Fallback loop must terminate */
+ iLookAhead = iFallback;
+ continue;
+ }
+#endif
+#ifdef YYWILDCARD
+ {
+ int j = i - iLookAhead + YYWILDCARD;
+ if(
+#if YY_SHIFT_MIN+YYWILDCARD<0
+ j>=0 &&
+#endif
+#if YY_SHIFT_MAX+YYWILDCARD>=YY_ACTTAB_COUNT
+ j<YY_ACTTAB_COUNT &&
+#endif
+ yy_lookahead[j]==YYWILDCARD
+ ){
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE, "%sWILDCARD %s => %s\n",
+ yyTracePrompt, yyTokenName[iLookAhead],
+ yyTokenName[YYWILDCARD]);
+ }
+#endif /* NDEBUG */
+ return yy_action[j];
+ }
+ }
+#endif /* YYWILDCARD */
+ }
+ return yy_default[stateno];
+ }else{
+ return yy_action[i];
+ }
+ }while(1);
+}
+
+/*
+** Find the appropriate action for a parser given the non-terminal
+** look-ahead token iLookAhead.
+*/
+static int yy_find_reduce_action(
+ int stateno, /* Current state number */
+ YYCODETYPE iLookAhead /* The look-ahead token */
+){
+ int i;
+#ifdef YYERRORSYMBOL
+ if( stateno>YY_REDUCE_COUNT ){
+ return yy_default[stateno];
+ }
+#else
+ assert( stateno<=YY_REDUCE_COUNT );
+#endif
+ i = yy_reduce_ofst[stateno];
+ assert( i!=YY_REDUCE_USE_DFLT );
+ assert( iLookAhead!=YYNOCODE );
+ i += iLookAhead;
+#ifdef YYERRORSYMBOL
+ if( i<0 || i>=YY_ACTTAB_COUNT || yy_lookahead[i]!=iLookAhead ){
+ return yy_default[stateno];
+ }
+#else
+ assert( i>=0 && i<YY_ACTTAB_COUNT );
+ assert( yy_lookahead[i]==iLookAhead );
+#endif
+ return yy_action[i];
+}
+
+/*
+** The following routine is called if the stack overflows.
+*/
+static void yyStackOverflow(yyParser *yypParser, YYMINORTYPE *yypMinor){
+ sqlite3ParserARG_FETCH;
+ yypParser->yyidx--;
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sStack Overflow!\n",yyTracePrompt);
+ }
+#endif
+ while( yypParser->yyidx>=0 ) yy_pop_parser_stack(yypParser);
+ /* Here code is inserted which will execute if the parser
+ ** stack every overflows */
+/******** Begin %stack_overflow code ******************************************/
+
+ UNUSED_PARAMETER(yypMinor); /* Silence some compiler warnings */
+ sqlite3ErrorMsg(pParse, "parser stack overflow");
+/******** End %stack_overflow code ********************************************/
+ sqlite3ParserARG_STORE; /* Suppress warning about unused %extra_argument var */
+}
+
+/*
+** Print tracing information for a SHIFT action
+*/
+#ifndef NDEBUG
+static void yyTraceShift(yyParser *yypParser, int yyNewState){
+ if( yyTraceFILE ){
+ if( yyNewState<YYNSTATE ){
+ fprintf(yyTraceFILE,"%sShift '%s', go to state %d\n",
+ yyTracePrompt,yyTokenName[yypParser->yystack[yypParser->yyidx].major],
+ yyNewState);
+ }else{
+ fprintf(yyTraceFILE,"%sShift '%s'\n",
+ yyTracePrompt,yyTokenName[yypParser->yystack[yypParser->yyidx].major]);
+ }
+ }
+}
+#else
+# define yyTraceShift(X,Y)
+#endif
+
+/*
+** Perform a shift action.
+*/
+static void yy_shift(
+ yyParser *yypParser, /* The parser to be shifted */
+ int yyNewState, /* The new state to shift in */
+ int yyMajor, /* The major token to shift in */
+ YYMINORTYPE *yypMinor /* Pointer to the minor token to shift in */
+){
+ yyStackEntry *yytos;
+ yypParser->yyidx++;
+#ifdef YYTRACKMAXSTACKDEPTH
+ if( yypParser->yyidx>yypParser->yyidxMax ){
+ yypParser->yyidxMax = yypParser->yyidx;
+ }
+#endif
+#if YYSTACKDEPTH>0
+ if( yypParser->yyidx>=YYSTACKDEPTH ){
+ yyStackOverflow(yypParser, yypMinor);
+ return;
+ }
+#else
+ if( yypParser->yyidx>=yypParser->yystksz ){
+ yyGrowStack(yypParser);
+ if( yypParser->yyidx>=yypParser->yystksz ){
+ yyStackOverflow(yypParser, yypMinor);
+ return;
+ }
+ }
+#endif
+ yytos = &yypParser->yystack[yypParser->yyidx];
+ yytos->stateno = (YYACTIONTYPE)yyNewState;
+ yytos->major = (YYCODETYPE)yyMajor;
+ yytos->minor = *yypMinor;
+ yyTraceShift(yypParser, yyNewState);
+}
+
+/* The following table contains information about every rule that
+** is used during the reduce.
+*/
+static const struct {
+ YYCODETYPE lhs; /* Symbol on the left-hand side of the rule */
+ unsigned char nrhs; /* Number of right-hand side symbols in the rule */
+} yyRuleInfo[] = {
+ { 144, 1 },
+ { 145, 2 },
+ { 145, 1 },
+ { 146, 1 },
+ { 146, 3 },
+ { 147, 0 },
+ { 147, 1 },
+ { 147, 3 },
+ { 148, 1 },
+ { 149, 3 },
+ { 151, 0 },
+ { 151, 1 },
+ { 151, 2 },
+ { 150, 0 },
+ { 150, 1 },
+ { 150, 1 },
+ { 150, 1 },
+ { 149, 2 },
+ { 149, 2 },
+ { 149, 2 },
+ { 153, 1 },
+ { 153, 0 },
+ { 149, 2 },
+ { 149, 3 },
+ { 149, 5 },
+ { 149, 2 },
+ { 154, 6 },
+ { 156, 1 },
+ { 158, 0 },
+ { 158, 3 },
+ { 157, 1 },
+ { 157, 0 },
+ { 155, 5 },
+ { 155, 2 },
+ { 162, 0 },
+ { 162, 2 },
+ { 160, 3 },
+ { 160, 1 },
+ { 164, 3 },
+ { 165, 1 },
+ { 152, 1 },
+ { 152, 1 },
+ { 152, 1 },
+ { 166, 0 },
+ { 166, 1 },
+ { 168, 1 },
+ { 168, 4 },
+ { 168, 6 },
+ { 169, 1 },
+ { 169, 2 },
+ { 170, 1 },
+ { 170, 1 },
+ { 167, 2 },
+ { 167, 0 },
+ { 173, 2 },
+ { 173, 2 },
+ { 173, 4 },
+ { 173, 3 },
+ { 173, 3 },
+ { 173, 2 },
+ { 173, 2 },
+ { 173, 3 },
+ { 173, 5 },
+ { 173, 2 },
+ { 173, 4 },
+ { 173, 4 },
+ { 173, 1 },
+ { 173, 2 },
+ { 178, 0 },
+ { 178, 1 },
+ { 180, 0 },
+ { 180, 2 },
+ { 182, 2 },
+ { 182, 3 },
+ { 182, 3 },
+ { 182, 3 },
+ { 183, 2 },
+ { 183, 2 },
+ { 183, 1 },
+ { 183, 1 },
+ { 183, 2 },
+ { 181, 3 },
+ { 181, 2 },
+ { 184, 0 },
+ { 184, 2 },
+ { 184, 2 },
+ { 161, 0 },
+ { 161, 2 },
+ { 185, 3 },
+ { 185, 1 },
+ { 186, 1 },
+ { 186, 0 },
+ { 187, 2 },
+ { 187, 7 },
+ { 187, 5 },
+ { 187, 5 },
+ { 187, 10 },
+ { 190, 0 },
+ { 190, 1 },
+ { 176, 0 },
+ { 176, 3 },
+ { 191, 0 },
+ { 191, 2 },
+ { 192, 1 },
+ { 192, 1 },
+ { 192, 1 },
+ { 149, 4 },
+ { 194, 2 },
+ { 194, 0 },
+ { 149, 9 },
+ { 149, 4 },
+ { 149, 1 },
+ { 163, 2 },
+ { 196, 1 },
+ { 196, 3 },
+ { 199, 1 },
+ { 199, 2 },
+ { 199, 1 },
+ { 197, 9 },
+ { 197, 1 },
+ { 208, 4 },
+ { 208, 5 },
+ { 200, 1 },
+ { 200, 1 },
+ { 200, 0 },
+ { 211, 2 },
+ { 211, 0 },
+ { 201, 3 },
+ { 201, 2 },
+ { 201, 4 },
+ { 212, 2 },
+ { 212, 1 },
+ { 212, 0 },
+ { 202, 0 },
+ { 202, 2 },
+ { 214, 2 },
+ { 214, 0 },
+ { 213, 7 },
+ { 213, 9 },
+ { 213, 7 },
+ { 213, 7 },
+ { 159, 0 },
+ { 159, 2 },
+ { 195, 2 },
+ { 215, 1 },
+ { 215, 2 },
+ { 215, 3 },
+ { 215, 4 },
+ { 217, 2 },
+ { 217, 0 },
+ { 216, 0 },
+ { 216, 3 },
+ { 216, 2 },
+ { 218, 4 },
+ { 218, 0 },
+ { 206, 0 },
+ { 206, 3 },
+ { 188, 4 },
+ { 188, 2 },
+ { 177, 1 },
+ { 177, 1 },
+ { 177, 0 },
+ { 204, 0 },
+ { 204, 3 },
+ { 205, 0 },
+ { 205, 2 },
+ { 207, 0 },
+ { 207, 2 },
+ { 207, 4 },
+ { 207, 4 },
+ { 149, 6 },
+ { 203, 0 },
+ { 203, 2 },
+ { 149, 8 },
+ { 220, 5 },
+ { 220, 3 },
+ { 149, 6 },
+ { 149, 7 },
+ { 221, 2 },
+ { 221, 1 },
+ { 222, 0 },
+ { 222, 3 },
+ { 219, 3 },
+ { 219, 1 },
+ { 175, 1 },
+ { 175, 3 },
+ { 174, 1 },
+ { 175, 1 },
+ { 175, 1 },
+ { 175, 3 },
+ { 175, 5 },
+ { 174, 1 },
+ { 174, 1 },
+ { 175, 1 },
+ { 175, 3 },
+ { 175, 6 },
+ { 175, 5 },
+ { 175, 4 },
+ { 174, 1 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 3 },
+ { 223, 1 },
+ { 223, 2 },
+ { 175, 3 },
+ { 175, 5 },
+ { 175, 2 },
+ { 175, 3 },
+ { 175, 3 },
+ { 175, 4 },
+ { 175, 2 },
+ { 175, 2 },
+ { 175, 2 },
+ { 175, 2 },
+ { 224, 1 },
+ { 224, 2 },
+ { 175, 5 },
+ { 225, 1 },
+ { 225, 2 },
+ { 175, 5 },
+ { 175, 3 },
+ { 175, 5 },
+ { 175, 4 },
+ { 175, 4 },
+ { 175, 5 },
+ { 227, 5 },
+ { 227, 4 },
+ { 228, 2 },
+ { 228, 0 },
+ { 226, 1 },
+ { 226, 0 },
+ { 210, 1 },
+ { 210, 0 },
+ { 209, 3 },
+ { 209, 1 },
+ { 149, 12 },
+ { 229, 1 },
+ { 229, 0 },
+ { 179, 0 },
+ { 179, 3 },
+ { 189, 5 },
+ { 189, 3 },
+ { 230, 0 },
+ { 230, 2 },
+ { 149, 4 },
+ { 149, 1 },
+ { 149, 2 },
+ { 149, 3 },
+ { 149, 5 },
+ { 149, 6 },
+ { 149, 5 },
+ { 149, 6 },
+ { 231, 1 },
+ { 231, 1 },
+ { 231, 1 },
+ { 231, 1 },
+ { 231, 1 },
+ { 171, 2 },
+ { 171, 1 },
+ { 172, 2 },
+ { 149, 5 },
+ { 232, 11 },
+ { 234, 1 },
+ { 234, 1 },
+ { 234, 2 },
+ { 234, 0 },
+ { 235, 1 },
+ { 235, 1 },
+ { 235, 3 },
+ { 236, 0 },
+ { 236, 3 },
+ { 237, 0 },
+ { 237, 2 },
+ { 233, 3 },
+ { 233, 2 },
+ { 239, 1 },
+ { 239, 3 },
+ { 240, 0 },
+ { 240, 3 },
+ { 240, 2 },
+ { 238, 7 },
+ { 238, 5 },
+ { 238, 5 },
+ { 238, 1 },
+ { 175, 4 },
+ { 175, 6 },
+ { 193, 1 },
+ { 193, 1 },
+ { 193, 1 },
+ { 149, 4 },
+ { 149, 6 },
+ { 149, 3 },
+ { 242, 0 },
+ { 242, 2 },
+ { 241, 1 },
+ { 241, 0 },
+ { 149, 1 },
+ { 149, 3 },
+ { 149, 1 },
+ { 149, 3 },
+ { 149, 6 },
+ { 149, 6 },
+ { 243, 1 },
+ { 244, 0 },
+ { 244, 1 },
+ { 149, 1 },
+ { 149, 4 },
+ { 245, 8 },
+ { 246, 1 },
+ { 246, 3 },
+ { 247, 0 },
+ { 247, 2 },
+ { 248, 1 },
+ { 248, 3 },
+ { 249, 1 },
+ { 250, 0 },
+ { 250, 4 },
+ { 250, 2 },
+ { 198, 0 },
+ { 198, 2 },
+ { 198, 3 },
+ { 251, 6 },
+ { 251, 8 },
+};
+
+static void yy_accept(yyParser*); /* Forward Declaration */
+
+/*
+** Perform a reduce action and the shift that must immediately
+** follow the reduce.
+*/
+static void yy_reduce(
+ yyParser *yypParser, /* The parser */
+ int yyruleno /* Number of the rule by which to reduce */
+){
+ int yygoto; /* The next state */
+ int yyact; /* The next action */
+ YYMINORTYPE yygotominor; /* The LHS of the rule reduced */
+ yyStackEntry *yymsp; /* The top of the parser's stack */
+ int yysize; /* Amount to pop the stack */
+ sqlite3ParserARG_FETCH;
+ yymsp = &yypParser->yystack[yypParser->yyidx];
+#ifndef NDEBUG
+ if( yyTraceFILE && yyruleno>=0
+ && yyruleno<(int)(sizeof(yyRuleName)/sizeof(yyRuleName[0])) ){
+ yysize = yyRuleInfo[yyruleno].nrhs;
+ fprintf(yyTraceFILE, "%sReduce [%s], go to state %d.\n", yyTracePrompt,
+ yyRuleName[yyruleno], yymsp[-yysize].stateno);
+ }
+#endif /* NDEBUG */
+ yygotominor = yyzerominor;
+
+ switch( yyruleno ){
+ /* Beginning here are the reduction cases. A typical example
+ ** follows:
+ ** case 0:
+ ** #line <lineno> <grammarfile>
+ ** { ... } // User supplied code
+ ** #line <lineno> <thisfile>
+ ** break;
+ */
+/********** Begin reduce actions **********************************************/
+ case 5: /* explain ::= */
+{ sqlite3BeginParse(pParse, 0); }
+ break;
+ case 6: /* explain ::= EXPLAIN */
+{ sqlite3BeginParse(pParse, 1); }
+ break;
+ case 7: /* explain ::= EXPLAIN QUERY PLAN */
+{ sqlite3BeginParse(pParse, 2); }
+ break;
+ case 8: /* cmdx ::= cmd */
+{ sqlite3FinishCoding(pParse); }
+ break;
+ case 9: /* cmd ::= BEGIN transtype trans_opt */
+{sqlite3BeginTransaction(pParse, yymsp[-1].minor.yy4);}
+ break;
+ case 13: /* transtype ::= */
+{yygotominor.yy4 = TK_DEFERRED;}
+ break;
+ case 14: /* transtype ::= DEFERRED */
+ case 15: /* transtype ::= IMMEDIATE */ yytestcase(yyruleno==15);
+ case 16: /* transtype ::= EXCLUSIVE */ yytestcase(yyruleno==16);
+ case 115: /* multiselect_op ::= UNION */ yytestcase(yyruleno==115);
+ case 117: /* multiselect_op ::= EXCEPT|INTERSECT */ yytestcase(yyruleno==117);
+{yygotominor.yy4 = yymsp[0].major;}
+ break;
+ case 17: /* cmd ::= COMMIT trans_opt */
+ case 18: /* cmd ::= END trans_opt */ yytestcase(yyruleno==18);
+{sqlite3CommitTransaction(pParse);}
+ break;
+ case 19: /* cmd ::= ROLLBACK trans_opt */
+{sqlite3RollbackTransaction(pParse);}
+ break;
+ case 22: /* cmd ::= SAVEPOINT nm */
+{
+ sqlite3Savepoint(pParse, SAVEPOINT_BEGIN, &yymsp[0].minor.yy0);
+}
+ break;
+ case 23: /* cmd ::= RELEASE savepoint_opt nm */
+{
+ sqlite3Savepoint(pParse, SAVEPOINT_RELEASE, &yymsp[0].minor.yy0);
+}
+ break;
+ case 24: /* cmd ::= ROLLBACK trans_opt TO savepoint_opt nm */
+{
+ sqlite3Savepoint(pParse, SAVEPOINT_ROLLBACK, &yymsp[0].minor.yy0);
+}
+ break;
+ case 26: /* create_table ::= createkw temp TABLE ifnotexists nm dbnm */
+{
+ sqlite3StartTable(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,yymsp[-4].minor.yy4,0,0,yymsp[-2].minor.yy4);
+}
+ break;
+ case 27: /* createkw ::= CREATE */
+{
+ pParse->db->lookaside.bEnabled = 0;
+ yygotominor.yy0 = yymsp[0].minor.yy0;
+}
+ break;
+ case 28: /* ifnotexists ::= */
+ case 31: /* temp ::= */ yytestcase(yyruleno==31);
+ case 34: /* table_options ::= */ yytestcase(yyruleno==34);
+ case 68: /* autoinc ::= */ yytestcase(yyruleno==68);
+ case 81: /* defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */ yytestcase(yyruleno==81);
+ case 83: /* init_deferred_pred_opt ::= */ yytestcase(yyruleno==83);
+ case 85: /* init_deferred_pred_opt ::= INITIALLY IMMEDIATE */ yytestcase(yyruleno==85);
+ case 97: /* defer_subclause_opt ::= */ yytestcase(yyruleno==97);
+ case 108: /* ifexists ::= */ yytestcase(yyruleno==108);
+ case 124: /* distinct ::= */ yytestcase(yyruleno==124);
+ case 219: /* between_op ::= BETWEEN */ yytestcase(yyruleno==219);
+ case 222: /* in_op ::= IN */ yytestcase(yyruleno==222);
+ case 247: /* collate ::= */ yytestcase(yyruleno==247);
+{yygotominor.yy4 = 0;}
+ break;
+ case 29: /* ifnotexists ::= IF NOT EXISTS */
+ case 30: /* temp ::= TEMP */ yytestcase(yyruleno==30);
+ case 69: /* autoinc ::= AUTOINCR */ yytestcase(yyruleno==69);
+ case 84: /* init_deferred_pred_opt ::= INITIALLY DEFERRED */ yytestcase(yyruleno==84);
+ case 107: /* ifexists ::= IF EXISTS */ yytestcase(yyruleno==107);
+ case 220: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==220);
+ case 223: /* in_op ::= NOT IN */ yytestcase(yyruleno==223);
+ case 248: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==248);
+{yygotominor.yy4 = 1;}
+ break;
+ case 32: /* create_table_args ::= LP columnlist conslist_opt RP table_options */
+{
+ sqlite3EndTable(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,yymsp[0].minor.yy4,0);
+}
+ break;
+ case 33: /* create_table_args ::= AS select */
+{
+ sqlite3EndTable(pParse,0,0,0,yymsp[0].minor.yy387);
+ sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy387);
+}
+ break;
+ case 35: /* table_options ::= WITHOUT nm */
+{
+ if( yymsp[0].minor.yy0.n==5 && sqlite3_strnicmp(yymsp[0].minor.yy0.z,"rowid",5)==0 ){
+ yygotominor.yy4 = TF_WithoutRowid | TF_NoVisibleRowid;
+ }else{
+ yygotominor.yy4 = 0;
+ sqlite3ErrorMsg(pParse, "unknown table option: %.*s", yymsp[0].minor.yy0.n, yymsp[0].minor.yy0.z);
+ }
+}
+ break;
+ case 38: /* column ::= columnid type carglist */
+{
+ yygotominor.yy0.z = yymsp[-2].minor.yy0.z;
+ yygotominor.yy0.n = (int)(pParse->sLastToken.z-yymsp[-2].minor.yy0.z) + pParse->sLastToken.n;
+}
+ break;
+ case 39: /* columnid ::= nm */
+{
+ sqlite3AddColumn(pParse,&yymsp[0].minor.yy0);
+ yygotominor.yy0 = yymsp[0].minor.yy0;
+ pParse->constraintName.n = 0;
+}
+ break;
+ case 40: /* nm ::= ID|INDEXED */
+ case 41: /* nm ::= STRING */ yytestcase(yyruleno==41);
+ case 42: /* nm ::= JOIN_KW */ yytestcase(yyruleno==42);
+ case 45: /* typetoken ::= typename */ yytestcase(yyruleno==45);
+ case 48: /* typename ::= ID|STRING */ yytestcase(yyruleno==48);
+ case 130: /* as ::= AS nm */ yytestcase(yyruleno==130);
+ case 131: /* as ::= ID|STRING */ yytestcase(yyruleno==131);
+ case 142: /* dbnm ::= DOT nm */ yytestcase(yyruleno==142);
+ case 151: /* indexed_opt ::= INDEXED BY nm */ yytestcase(yyruleno==151);
+ case 257: /* nmnum ::= plus_num */ yytestcase(yyruleno==257);
+ case 258: /* nmnum ::= nm */ yytestcase(yyruleno==258);
+ case 259: /* nmnum ::= ON */ yytestcase(yyruleno==259);
+ case 260: /* nmnum ::= DELETE */ yytestcase(yyruleno==260);
+ case 261: /* nmnum ::= DEFAULT */ yytestcase(yyruleno==261);
+ case 262: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==262);
+ case 263: /* plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==263);
+ case 264: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==264);
+ case 280: /* trnm ::= nm */ yytestcase(yyruleno==280);
+{yygotominor.yy0 = yymsp[0].minor.yy0;}
+ break;
+ case 44: /* type ::= typetoken */
+{sqlite3AddColumnType(pParse,&yymsp[0].minor.yy0);}
+ break;
+ case 46: /* typetoken ::= typename LP signed RP */
+{
+ yygotominor.yy0.z = yymsp[-3].minor.yy0.z;
+ yygotominor.yy0.n = (int)(&yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n] - yymsp[-3].minor.yy0.z);
+}
+ break;
+ case 47: /* typetoken ::= typename LP signed COMMA signed RP */
+{
+ yygotominor.yy0.z = yymsp[-5].minor.yy0.z;
+ yygotominor.yy0.n = (int)(&yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n] - yymsp[-5].minor.yy0.z);
+}
+ break;
+ case 49: /* typename ::= typename ID|STRING */
+{yygotominor.yy0.z=yymsp[-1].minor.yy0.z; yygotominor.yy0.n=yymsp[0].minor.yy0.n+(int)(yymsp[0].minor.yy0.z-yymsp[-1].minor.yy0.z);}
+ break;
+ case 54: /* ccons ::= CONSTRAINT nm */
+ case 92: /* tcons ::= CONSTRAINT nm */ yytestcase(yyruleno==92);
+{pParse->constraintName = yymsp[0].minor.yy0;}
+ break;
+ case 55: /* ccons ::= DEFAULT term */
+ case 57: /* ccons ::= DEFAULT PLUS term */ yytestcase(yyruleno==57);
+{sqlite3AddDefaultValue(pParse,&yymsp[0].minor.yy118);}
+ break;
+ case 56: /* ccons ::= DEFAULT LP expr RP */
+{sqlite3AddDefaultValue(pParse,&yymsp[-1].minor.yy118);}
+ break;
+ case 58: /* ccons ::= DEFAULT MINUS term */
+{
+ ExprSpan v;
+ v.pExpr = sqlite3PExpr(pParse, TK_UMINUS, yymsp[0].minor.yy118.pExpr, 0, 0);
+ v.zStart = yymsp[-1].minor.yy0.z;
+ v.zEnd = yymsp[0].minor.yy118.zEnd;
+ sqlite3AddDefaultValue(pParse,&v);
+}
+ break;
+ case 59: /* ccons ::= DEFAULT ID|INDEXED */
+{
+ ExprSpan v;
+ spanExpr(&v, pParse, TK_STRING, &yymsp[0].minor.yy0);
+ sqlite3AddDefaultValue(pParse,&v);
+}
+ break;
+ case 61: /* ccons ::= NOT NULL onconf */
+{sqlite3AddNotNull(pParse, yymsp[0].minor.yy4);}
+ break;
+ case 62: /* ccons ::= PRIMARY KEY sortorder onconf autoinc */
+{sqlite3AddPrimaryKey(pParse,0,yymsp[-1].minor.yy4,yymsp[0].minor.yy4,yymsp[-2].minor.yy4);}
+ break;
+ case 63: /* ccons ::= UNIQUE onconf */
+{sqlite3CreateIndex(pParse,0,0,0,0,yymsp[0].minor.yy4,0,0,0,0);}
+ break;
+ case 64: /* ccons ::= CHECK LP expr RP */
+{sqlite3AddCheckConstraint(pParse,yymsp[-1].minor.yy118.pExpr);}
+ break;
+ case 65: /* ccons ::= REFERENCES nm eidlist_opt refargs */
+{sqlite3CreateForeignKey(pParse,0,&yymsp[-2].minor.yy0,yymsp[-1].minor.yy322,yymsp[0].minor.yy4);}
+ break;
+ case 66: /* ccons ::= defer_subclause */
+{sqlite3DeferForeignKey(pParse,yymsp[0].minor.yy4);}
+ break;
+ case 67: /* ccons ::= COLLATE ID|STRING */
+{sqlite3AddCollateType(pParse, &yymsp[0].minor.yy0);}
+ break;
+ case 70: /* refargs ::= */
+{ yygotominor.yy4 = OE_None*0x0101; /* EV: R-19803-45884 */}
+ break;
+ case 71: /* refargs ::= refargs refarg */
+{ yygotominor.yy4 = (yymsp[-1].minor.yy4 & ~yymsp[0].minor.yy215.mask) | yymsp[0].minor.yy215.value; }
+ break;
+ case 72: /* refarg ::= MATCH nm */
+ case 73: /* refarg ::= ON INSERT refact */ yytestcase(yyruleno==73);
+{ yygotominor.yy215.value = 0; yygotominor.yy215.mask = 0x000000; }
+ break;
+ case 74: /* refarg ::= ON DELETE refact */
+{ yygotominor.yy215.value = yymsp[0].minor.yy4; yygotominor.yy215.mask = 0x0000ff; }
+ break;
+ case 75: /* refarg ::= ON UPDATE refact */
+{ yygotominor.yy215.value = yymsp[0].minor.yy4<<8; yygotominor.yy215.mask = 0x00ff00; }
+ break;
+ case 76: /* refact ::= SET NULL */
+{ yygotominor.yy4 = OE_SetNull; /* EV: R-33326-45252 */}
+ break;
+ case 77: /* refact ::= SET DEFAULT */
+{ yygotominor.yy4 = OE_SetDflt; /* EV: R-33326-45252 */}
+ break;
+ case 78: /* refact ::= CASCADE */
+{ yygotominor.yy4 = OE_Cascade; /* EV: R-33326-45252 */}
+ break;
+ case 79: /* refact ::= RESTRICT */
+{ yygotominor.yy4 = OE_Restrict; /* EV: R-33326-45252 */}
+ break;
+ case 80: /* refact ::= NO ACTION */
+{ yygotominor.yy4 = OE_None; /* EV: R-33326-45252 */}
+ break;
+ case 82: /* defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
+ case 98: /* defer_subclause_opt ::= defer_subclause */ yytestcase(yyruleno==98);
+ case 100: /* onconf ::= ON CONFLICT resolvetype */ yytestcase(yyruleno==100);
+ case 102: /* orconf ::= OR resolvetype */ yytestcase(yyruleno==102);
+ case 103: /* resolvetype ::= raisetype */ yytestcase(yyruleno==103);
+ case 178: /* insert_cmd ::= INSERT orconf */ yytestcase(yyruleno==178);
+{yygotominor.yy4 = yymsp[0].minor.yy4;}
+ break;
+ case 86: /* conslist_opt ::= */
+{yygotominor.yy0.n = 0; yygotominor.yy0.z = 0;}
+ break;
+ case 87: /* conslist_opt ::= COMMA conslist */
+{yygotominor.yy0 = yymsp[-1].minor.yy0;}
+ break;
+ case 90: /* tconscomma ::= COMMA */
+{pParse->constraintName.n = 0;}
+ break;
+ case 93: /* tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
+{sqlite3AddPrimaryKey(pParse,yymsp[-3].minor.yy322,yymsp[0].minor.yy4,yymsp[-2].minor.yy4,0);}
+ break;
+ case 94: /* tcons ::= UNIQUE LP sortlist RP onconf */
+{sqlite3CreateIndex(pParse,0,0,0,yymsp[-2].minor.yy322,yymsp[0].minor.yy4,0,0,0,0);}
+ break;
+ case 95: /* tcons ::= CHECK LP expr RP onconf */
+{sqlite3AddCheckConstraint(pParse,yymsp[-2].minor.yy118.pExpr);}
+ break;
+ case 96: /* tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
+{
+ sqlite3CreateForeignKey(pParse, yymsp[-6].minor.yy322, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy322, yymsp[-1].minor.yy4);
+ sqlite3DeferForeignKey(pParse, yymsp[0].minor.yy4);
+}
+ break;
+ case 99: /* onconf ::= */
+ case 101: /* orconf ::= */ yytestcase(yyruleno==101);
+{yygotominor.yy4 = OE_Default;}
+ break;
+ case 104: /* resolvetype ::= IGNORE */
+{yygotominor.yy4 = OE_Ignore;}
+ break;
+ case 105: /* resolvetype ::= REPLACE */
+ case 179: /* insert_cmd ::= REPLACE */ yytestcase(yyruleno==179);
+{yygotominor.yy4 = OE_Replace;}
+ break;
+ case 106: /* cmd ::= DROP TABLE ifexists fullname */
+{
+ sqlite3DropTable(pParse, yymsp[0].minor.yy259, 0, yymsp[-1].minor.yy4);
+}
+ break;
+ case 109: /* cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
+{
+ sqlite3CreateView(pParse, &yymsp[-8].minor.yy0, &yymsp[-4].minor.yy0, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy322, yymsp[0].minor.yy387, yymsp[-7].minor.yy4, yymsp[-5].minor.yy4);
+}
+ break;
+ case 110: /* cmd ::= DROP VIEW ifexists fullname */
+{
+ sqlite3DropTable(pParse, yymsp[0].minor.yy259, 1, yymsp[-1].minor.yy4);
+}
+ break;
+ case 111: /* cmd ::= select */
+{
+ SelectDest dest = {SRT_Output, 0, 0, 0, 0, 0};
+ sqlite3Select(pParse, yymsp[0].minor.yy387, &dest);
+ sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy387);
+}
+ break;
+ case 112: /* select ::= with selectnowith */
+{
+ Select *p = yymsp[0].minor.yy387;
+ if( p ){
+ p->pWith = yymsp[-1].minor.yy451;
+ parserDoubleLinkSelect(pParse, p);
+ }else{
+ sqlite3WithDelete(pParse->db, yymsp[-1].minor.yy451);
+ }
+ yygotominor.yy387 = p;
+}
+ break;
+ case 113: /* selectnowith ::= oneselect */
+ case 119: /* oneselect ::= values */ yytestcase(yyruleno==119);
+{yygotominor.yy387 = yymsp[0].minor.yy387;}
+ break;
+ case 114: /* selectnowith ::= selectnowith multiselect_op oneselect */
+{
+ Select *pRhs = yymsp[0].minor.yy387;
+ Select *pLhs = yymsp[-2].minor.yy387;
+ if( pRhs && pRhs->pPrior ){
+ SrcList *pFrom;
+ Token x;
+ x.n = 0;
+ parserDoubleLinkSelect(pParse, pRhs);
+ pFrom = sqlite3SrcListAppendFromTerm(pParse,0,0,0,&x,pRhs,0,0);
+ pRhs = sqlite3SelectNew(pParse,0,pFrom,0,0,0,0,0,0,0);
+ }
+ if( pRhs ){
+ pRhs->op = (u8)yymsp[-1].minor.yy4;
+ pRhs->pPrior = pLhs;
+ if( ALWAYS(pLhs) ) pLhs->selFlags &= ~SF_MultiValue;
+ pRhs->selFlags &= ~SF_MultiValue;
+ if( yymsp[-1].minor.yy4!=TK_ALL ) pParse->hasCompound = 1;
+ }else{
+ sqlite3SelectDelete(pParse->db, pLhs);
+ }
+ yygotominor.yy387 = pRhs;
+}
+ break;
+ case 116: /* multiselect_op ::= UNION ALL */
+{yygotominor.yy4 = TK_ALL;}
+ break;
+ case 118: /* oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
+{
+ yygotominor.yy387 = sqlite3SelectNew(pParse,yymsp[-6].minor.yy322,yymsp[-5].minor.yy259,yymsp[-4].minor.yy314,yymsp[-3].minor.yy322,yymsp[-2].minor.yy314,yymsp[-1].minor.yy322,yymsp[-7].minor.yy4,yymsp[0].minor.yy292.pLimit,yymsp[0].minor.yy292.pOffset);
+#if SELECTTRACE_ENABLED
+ /* Populate the Select.zSelName[] string that is used to help with
+ ** query planner debugging, to differentiate between multiple Select
+ ** objects in a complex query.
+ **
+ ** If the SELECT keyword is immediately followed by a C-style comment
+ ** then extract the first few alphanumeric characters from within that
+ ** comment to be the zSelName value. Otherwise, the label is #N where
+ ** is an integer that is incremented with each SELECT statement seen.
+ */
+ if( yygotominor.yy387!=0 ){
+ const char *z = yymsp[-8].minor.yy0.z+6;
+ int i;
+ sqlite3_snprintf(sizeof(yygotominor.yy387->zSelName), yygotominor.yy387->zSelName, "#%d",
+ ++pParse->nSelect);
+ while( z[0]==' ' ) z++;
+ if( z[0]=='/' && z[1]=='*' ){
+ z += 2;
+ while( z[0]==' ' ) z++;
+ for(i=0; sqlite3Isalnum(z[i]); i++){}
+ sqlite3_snprintf(sizeof(yygotominor.yy387->zSelName), yygotominor.yy387->zSelName, "%.*s", i, z);
+ }
+ }
+#endif /* SELECTRACE_ENABLED */
+}
+ break;
+ case 120: /* values ::= VALUES LP nexprlist RP */
+{
+ yygotominor.yy387 = sqlite3SelectNew(pParse,yymsp[-1].minor.yy322,0,0,0,0,0,SF_Values,0,0);
+}
+ break;
+ case 121: /* values ::= values COMMA LP exprlist RP */
+{
+ Select *pRight, *pLeft = yymsp[-4].minor.yy387;
+ pRight = sqlite3SelectNew(pParse,yymsp[-1].minor.yy322,0,0,0,0,0,SF_Values|SF_MultiValue,0,0);
+ if( ALWAYS(pLeft) ) pLeft->selFlags &= ~SF_MultiValue;
+ if( pRight ){
+ pRight->op = TK_ALL;
+ pLeft = yymsp[-4].minor.yy387;
+ pRight->pPrior = pLeft;
+ yygotominor.yy387 = pRight;
+ }else{
+ yygotominor.yy387 = pLeft;
+ }
+}
+ break;
+ case 122: /* distinct ::= DISTINCT */
+{yygotominor.yy4 = SF_Distinct;}
+ break;
+ case 123: /* distinct ::= ALL */
+{yygotominor.yy4 = SF_All;}
+ break;
+ case 125: /* sclp ::= selcollist COMMA */
+ case 244: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==244);
+{yygotominor.yy322 = yymsp[-1].minor.yy322;}
+ break;
+ case 126: /* sclp ::= */
+ case 155: /* orderby_opt ::= */ yytestcase(yyruleno==155);
+ case 162: /* groupby_opt ::= */ yytestcase(yyruleno==162);
+ case 237: /* exprlist ::= */ yytestcase(yyruleno==237);
+ case 243: /* eidlist_opt ::= */ yytestcase(yyruleno==243);
+{yygotominor.yy322 = 0;}
+ break;
+ case 127: /* selcollist ::= sclp expr as */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-2].minor.yy322, yymsp[-1].minor.yy118.pExpr);
+ if( yymsp[0].minor.yy0.n>0 ) sqlite3ExprListSetName(pParse, yygotominor.yy322, &yymsp[0].minor.yy0, 1);
+ sqlite3ExprListSetSpan(pParse,yygotominor.yy322,&yymsp[-1].minor.yy118);
+}
+ break;
+ case 128: /* selcollist ::= sclp STAR */
+{
+ Expr *p = sqlite3Expr(pParse->db, TK_ASTERISK, 0);
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-1].minor.yy322, p);
+}
+ break;
+ case 129: /* selcollist ::= sclp nm DOT STAR */
+{
+ Expr *pRight = sqlite3PExpr(pParse, TK_ASTERISK, 0, 0, &yymsp[0].minor.yy0);
+ Expr *pLeft = sqlite3PExpr(pParse, TK_ID, 0, 0, &yymsp[-2].minor.yy0);
+ Expr *pDot = sqlite3PExpr(pParse, TK_DOT, pLeft, pRight, 0);
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy322, pDot);
+}
+ break;
+ case 132: /* as ::= */
+{yygotominor.yy0.n = 0;}
+ break;
+ case 133: /* from ::= */
+{yygotominor.yy259 = sqlite3DbMallocZero(pParse->db, sizeof(*yygotominor.yy259));}
+ break;
+ case 134: /* from ::= FROM seltablist */
+{
+ yygotominor.yy259 = yymsp[0].minor.yy259;
+ sqlite3SrcListShiftJoinType(yygotominor.yy259);
+}
+ break;
+ case 135: /* stl_prefix ::= seltablist joinop */
+{
+ yygotominor.yy259 = yymsp[-1].minor.yy259;
+ if( ALWAYS(yygotominor.yy259 && yygotominor.yy259->nSrc>0) ) yygotominor.yy259->a[yygotominor.yy259->nSrc-1].fg.jointype = (u8)yymsp[0].minor.yy4;
+}
+ break;
+ case 136: /* stl_prefix ::= */
+{yygotominor.yy259 = 0;}
+ break;
+ case 137: /* seltablist ::= stl_prefix nm dbnm as indexed_opt on_opt using_opt */
+{
+ yygotominor.yy259 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-6].minor.yy259,&yymsp[-5].minor.yy0,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,0,yymsp[-1].minor.yy314,yymsp[0].minor.yy384);
+ sqlite3SrcListIndexedBy(pParse, yygotominor.yy259, &yymsp[-2].minor.yy0);
+}
+ break;
+ case 138: /* seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_opt using_opt */
+{
+ yygotominor.yy259 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-8].minor.yy259,&yymsp[-7].minor.yy0,&yymsp[-6].minor.yy0,&yymsp[-2].minor.yy0,0,yymsp[-1].minor.yy314,yymsp[0].minor.yy384);
+ sqlite3SrcListFuncArgs(pParse, yygotominor.yy259, yymsp[-4].minor.yy322);
+}
+ break;
+ case 139: /* seltablist ::= stl_prefix LP select RP as on_opt using_opt */
+{
+ yygotominor.yy259 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-6].minor.yy259,0,0,&yymsp[-2].minor.yy0,yymsp[-4].minor.yy387,yymsp[-1].minor.yy314,yymsp[0].minor.yy384);
+ }
+ break;
+ case 140: /* seltablist ::= stl_prefix LP seltablist RP as on_opt using_opt */
+{
+ if( yymsp[-6].minor.yy259==0 && yymsp[-2].minor.yy0.n==0 && yymsp[-1].minor.yy314==0 && yymsp[0].minor.yy384==0 ){
+ yygotominor.yy259 = yymsp[-4].minor.yy259;
+ }else if( yymsp[-4].minor.yy259->nSrc==1 ){
+ yygotominor.yy259 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-6].minor.yy259,0,0,&yymsp[-2].minor.yy0,0,yymsp[-1].minor.yy314,yymsp[0].minor.yy384);
+ if( yygotominor.yy259 ){
+ struct SrcList_item *pNew = &yygotominor.yy259->a[yygotominor.yy259->nSrc-1];
+ struct SrcList_item *pOld = yymsp[-4].minor.yy259->a;
+ pNew->zName = pOld->zName;
+ pNew->zDatabase = pOld->zDatabase;
+ pNew->pSelect = pOld->pSelect;
+ pOld->zName = pOld->zDatabase = 0;
+ pOld->pSelect = 0;
+ }
+ sqlite3SrcListDelete(pParse->db, yymsp[-4].minor.yy259);
+ }else{
+ Select *pSubquery;
+ sqlite3SrcListShiftJoinType(yymsp[-4].minor.yy259);
+ pSubquery = sqlite3SelectNew(pParse,0,yymsp[-4].minor.yy259,0,0,0,0,SF_NestedFrom,0,0);
+ yygotominor.yy259 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-6].minor.yy259,0,0,&yymsp[-2].minor.yy0,pSubquery,yymsp[-1].minor.yy314,yymsp[0].minor.yy384);
+ }
+ }
+ break;
+ case 141: /* dbnm ::= */
+ case 150: /* indexed_opt ::= */ yytestcase(yyruleno==150);
+{yygotominor.yy0.z=0; yygotominor.yy0.n=0;}
+ break;
+ case 143: /* fullname ::= nm dbnm */
+{yygotominor.yy259 = sqlite3SrcListAppend(pParse->db,0,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0);}
+ break;
+ case 144: /* joinop ::= COMMA|JOIN */
+{ yygotominor.yy4 = JT_INNER; }
+ break;
+ case 145: /* joinop ::= JOIN_KW JOIN */
+{ yygotominor.yy4 = sqlite3JoinType(pParse,&yymsp[-1].minor.yy0,0,0); }
+ break;
+ case 146: /* joinop ::= JOIN_KW nm JOIN */
+{ yygotominor.yy4 = sqlite3JoinType(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0); }
+ break;
+ case 147: /* joinop ::= JOIN_KW nm nm JOIN */
+{ yygotominor.yy4 = sqlite3JoinType(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0); }
+ break;
+ case 148: /* on_opt ::= ON expr */
+ case 165: /* having_opt ::= HAVING expr */ yytestcase(yyruleno==165);
+ case 172: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==172);
+ case 232: /* case_else ::= ELSE expr */ yytestcase(yyruleno==232);
+ case 234: /* case_operand ::= expr */ yytestcase(yyruleno==234);
+{yygotominor.yy314 = yymsp[0].minor.yy118.pExpr;}
+ break;
+ case 149: /* on_opt ::= */
+ case 164: /* having_opt ::= */ yytestcase(yyruleno==164);
+ case 171: /* where_opt ::= */ yytestcase(yyruleno==171);
+ case 233: /* case_else ::= */ yytestcase(yyruleno==233);
+ case 235: /* case_operand ::= */ yytestcase(yyruleno==235);
+{yygotominor.yy314 = 0;}
+ break;
+ case 152: /* indexed_opt ::= NOT INDEXED */
+{yygotominor.yy0.z=0; yygotominor.yy0.n=1;}
+ break;
+ case 153: /* using_opt ::= USING LP idlist RP */
+ case 181: /* idlist_opt ::= LP idlist RP */ yytestcase(yyruleno==181);
+{yygotominor.yy384 = yymsp[-1].minor.yy384;}
+ break;
+ case 154: /* using_opt ::= */
+ case 180: /* idlist_opt ::= */ yytestcase(yyruleno==180);
+{yygotominor.yy384 = 0;}
+ break;
+ case 156: /* orderby_opt ::= ORDER BY sortlist */
+ case 163: /* groupby_opt ::= GROUP BY nexprlist */ yytestcase(yyruleno==163);
+ case 236: /* exprlist ::= nexprlist */ yytestcase(yyruleno==236);
+{yygotominor.yy322 = yymsp[0].minor.yy322;}
+ break;
+ case 157: /* sortlist ::= sortlist COMMA expr sortorder */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy322,yymsp[-1].minor.yy118.pExpr);
+ sqlite3ExprListSetSortOrder(yygotominor.yy322,yymsp[0].minor.yy4);
+}
+ break;
+ case 158: /* sortlist ::= expr sortorder */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[-1].minor.yy118.pExpr);
+ sqlite3ExprListSetSortOrder(yygotominor.yy322,yymsp[0].minor.yy4);
+}
+ break;
+ case 159: /* sortorder ::= ASC */
+{yygotominor.yy4 = SQLITE_SO_ASC;}
+ break;
+ case 160: /* sortorder ::= DESC */
+{yygotominor.yy4 = SQLITE_SO_DESC;}
+ break;
+ case 161: /* sortorder ::= */
+{yygotominor.yy4 = SQLITE_SO_UNDEFINED;}
+ break;
+ case 166: /* limit_opt ::= */
+{yygotominor.yy292.pLimit = 0; yygotominor.yy292.pOffset = 0;}
+ break;
+ case 167: /* limit_opt ::= LIMIT expr */
+{yygotominor.yy292.pLimit = yymsp[0].minor.yy118.pExpr; yygotominor.yy292.pOffset = 0;}
+ break;
+ case 168: /* limit_opt ::= LIMIT expr OFFSET expr */
+{yygotominor.yy292.pLimit = yymsp[-2].minor.yy118.pExpr; yygotominor.yy292.pOffset = yymsp[0].minor.yy118.pExpr;}
+ break;
+ case 169: /* limit_opt ::= LIMIT expr COMMA expr */
+{yygotominor.yy292.pOffset = yymsp[-2].minor.yy118.pExpr; yygotominor.yy292.pLimit = yymsp[0].minor.yy118.pExpr;}
+ break;
+ case 170: /* cmd ::= with DELETE FROM fullname indexed_opt where_opt */
+{
+ sqlite3WithPush(pParse, yymsp[-5].minor.yy451, 1);
+ sqlite3SrcListIndexedBy(pParse, yymsp[-2].minor.yy259, &yymsp[-1].minor.yy0);
+ sqlite3DeleteFrom(pParse,yymsp[-2].minor.yy259,yymsp[0].minor.yy314);
+}
+ break;
+ case 173: /* cmd ::= with UPDATE orconf fullname indexed_opt SET setlist where_opt */
+{
+ sqlite3WithPush(pParse, yymsp[-7].minor.yy451, 1);
+ sqlite3SrcListIndexedBy(pParse, yymsp[-4].minor.yy259, &yymsp[-3].minor.yy0);
+ sqlite3ExprListCheckLength(pParse,yymsp[-1].minor.yy322,"set list");
+ sqlite3Update(pParse,yymsp[-4].minor.yy259,yymsp[-1].minor.yy322,yymsp[0].minor.yy314,yymsp[-5].minor.yy4);
+}
+ break;
+ case 174: /* setlist ::= setlist COMMA nm EQ expr */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy322, yymsp[0].minor.yy118.pExpr);
+ sqlite3ExprListSetName(pParse, yygotominor.yy322, &yymsp[-2].minor.yy0, 1);
+}
+ break;
+ case 175: /* setlist ::= nm EQ expr */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse, 0, yymsp[0].minor.yy118.pExpr);
+ sqlite3ExprListSetName(pParse, yygotominor.yy322, &yymsp[-2].minor.yy0, 1);
+}
+ break;
+ case 176: /* cmd ::= with insert_cmd INTO fullname idlist_opt select */
+{
+ sqlite3WithPush(pParse, yymsp[-5].minor.yy451, 1);
+ sqlite3Insert(pParse, yymsp[-2].minor.yy259, yymsp[0].minor.yy387, yymsp[-1].minor.yy384, yymsp[-4].minor.yy4);
+}
+ break;
+ case 177: /* cmd ::= with insert_cmd INTO fullname idlist_opt DEFAULT VALUES */
+{
+ sqlite3WithPush(pParse, yymsp[-6].minor.yy451, 1);
+ sqlite3Insert(pParse, yymsp[-3].minor.yy259, 0, yymsp[-2].minor.yy384, yymsp[-5].minor.yy4);
+}
+ break;
+ case 182: /* idlist ::= idlist COMMA nm */
+{yygotominor.yy384 = sqlite3IdListAppend(pParse->db,yymsp[-2].minor.yy384,&yymsp[0].minor.yy0);}
+ break;
+ case 183: /* idlist ::= nm */
+{yygotominor.yy384 = sqlite3IdListAppend(pParse->db,0,&yymsp[0].minor.yy0);}
+ break;
+ case 184: /* expr ::= term */
+{yygotominor.yy118 = yymsp[0].minor.yy118;}
+ break;
+ case 185: /* expr ::= LP expr RP */
+{yygotominor.yy118.pExpr = yymsp[-1].minor.yy118.pExpr; spanSet(&yygotominor.yy118,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0);}
+ break;
+ case 186: /* term ::= NULL */
+ case 191: /* term ::= INTEGER|FLOAT|BLOB */ yytestcase(yyruleno==191);
+ case 192: /* term ::= STRING */ yytestcase(yyruleno==192);
+{spanExpr(&yygotominor.yy118, pParse, yymsp[0].major, &yymsp[0].minor.yy0);}
+ break;
+ case 187: /* expr ::= ID|INDEXED */
+ case 188: /* expr ::= JOIN_KW */ yytestcase(yyruleno==188);
+{spanExpr(&yygotominor.yy118, pParse, TK_ID, &yymsp[0].minor.yy0);}
+ break;
+ case 189: /* expr ::= nm DOT nm */
+{
+ Expr *temp1 = sqlite3PExpr(pParse, TK_ID, 0, 0, &yymsp[-2].minor.yy0);
+ Expr *temp2 = sqlite3PExpr(pParse, TK_ID, 0, 0, &yymsp[0].minor.yy0);
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_DOT, temp1, temp2, 0);
+ spanSet(&yygotominor.yy118,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0);
+}
+ break;
+ case 190: /* expr ::= nm DOT nm DOT nm */
+{
+ Expr *temp1 = sqlite3PExpr(pParse, TK_ID, 0, 0, &yymsp[-4].minor.yy0);
+ Expr *temp2 = sqlite3PExpr(pParse, TK_ID, 0, 0, &yymsp[-2].minor.yy0);
+ Expr *temp3 = sqlite3PExpr(pParse, TK_ID, 0, 0, &yymsp[0].minor.yy0);
+ Expr *temp4 = sqlite3PExpr(pParse, TK_DOT, temp2, temp3, 0);
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_DOT, temp1, temp4, 0);
+ spanSet(&yygotominor.yy118,&yymsp[-4].minor.yy0,&yymsp[0].minor.yy0);
+}
+ break;
+ case 193: /* expr ::= VARIABLE */
+{
+ if( yymsp[0].minor.yy0.n>=2 && yymsp[0].minor.yy0.z[0]=='#' && sqlite3Isdigit(yymsp[0].minor.yy0.z[1]) ){
+ /* When doing a nested parse, one can include terms in an expression
+ ** that look like this: #1 #2 ... These terms refer to registers
+ ** in the virtual machine. #N is the N-th register. */
+ if( pParse->nested==0 ){
+ sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &yymsp[0].minor.yy0);
+ yygotominor.yy118.pExpr = 0;
+ }else{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_REGISTER, 0, 0, &yymsp[0].minor.yy0);
+ if( yygotominor.yy118.pExpr ) sqlite3GetInt32(&yymsp[0].minor.yy0.z[1], &yygotominor.yy118.pExpr->iTable);
+ }
+ }else{
+ spanExpr(&yygotominor.yy118, pParse, TK_VARIABLE, &yymsp[0].minor.yy0);
+ sqlite3ExprAssignVarNumber(pParse, yygotominor.yy118.pExpr);
+ }
+ spanSet(&yygotominor.yy118, &yymsp[0].minor.yy0, &yymsp[0].minor.yy0);
+}
+ break;
+ case 194: /* expr ::= expr COLLATE ID|STRING */
+{
+ yygotominor.yy118.pExpr = sqlite3ExprAddCollateToken(pParse, yymsp[-2].minor.yy118.pExpr, &yymsp[0].minor.yy0, 1);
+ yygotominor.yy118.zStart = yymsp[-2].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+}
+ break;
+ case 195: /* expr ::= CAST LP expr AS typetoken RP */
+{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_CAST, yymsp[-3].minor.yy118.pExpr, 0, &yymsp[-1].minor.yy0);
+ spanSet(&yygotominor.yy118,&yymsp[-5].minor.yy0,&yymsp[0].minor.yy0);
+}
+ break;
+ case 196: /* expr ::= ID|INDEXED LP distinct exprlist RP */
+{
+ if( yymsp[-1].minor.yy322 && yymsp[-1].minor.yy322->nExpr>pParse->db->aLimit[SQLITE_LIMIT_FUNCTION_ARG] ){
+ sqlite3ErrorMsg(pParse, "too many arguments on function %T", &yymsp[-4].minor.yy0);
+ }
+ yygotominor.yy118.pExpr = sqlite3ExprFunction(pParse, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0);
+ spanSet(&yygotominor.yy118,&yymsp[-4].minor.yy0,&yymsp[0].minor.yy0);
+ if( yymsp[-2].minor.yy4==SF_Distinct && yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->flags |= EP_Distinct;
+ }
+}
+ break;
+ case 197: /* expr ::= ID|INDEXED LP STAR RP */
+{
+ yygotominor.yy118.pExpr = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0);
+ spanSet(&yygotominor.yy118,&yymsp[-3].minor.yy0,&yymsp[0].minor.yy0);
+}
+ break;
+ case 198: /* term ::= CTIME_KW */
+{
+ yygotominor.yy118.pExpr = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0);
+ spanSet(&yygotominor.yy118, &yymsp[0].minor.yy0, &yymsp[0].minor.yy0);
+}
+ break;
+ case 199: /* expr ::= expr AND expr */
+ case 200: /* expr ::= expr OR expr */ yytestcase(yyruleno==200);
+ case 201: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==201);
+ case 202: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==202);
+ case 203: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==203);
+ case 204: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==204);
+ case 205: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==205);
+ case 206: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==206);
+{spanBinaryExpr(&yygotominor.yy118,pParse,yymsp[-1].major,&yymsp[-2].minor.yy118,&yymsp[0].minor.yy118);}
+ break;
+ case 207: /* likeop ::= LIKE_KW|MATCH */
+{yygotominor.yy342.eOperator = yymsp[0].minor.yy0; yygotominor.yy342.bNot = 0;}
+ break;
+ case 208: /* likeop ::= NOT LIKE_KW|MATCH */
+{yygotominor.yy342.eOperator = yymsp[0].minor.yy0; yygotominor.yy342.bNot = 1;}
+ break;
+ case 209: /* expr ::= expr likeop expr */
+{
+ ExprList *pList;
+ pList = sqlite3ExprListAppend(pParse,0, yymsp[0].minor.yy118.pExpr);
+ pList = sqlite3ExprListAppend(pParse,pList, yymsp[-2].minor.yy118.pExpr);
+ yygotominor.yy118.pExpr = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy342.eOperator);
+ exprNot(pParse, yymsp[-1].minor.yy342.bNot, &yygotominor.yy118.pExpr);
+ yygotominor.yy118.zStart = yymsp[-2].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = yymsp[0].minor.yy118.zEnd;
+ if( yygotominor.yy118.pExpr ) yygotominor.yy118.pExpr->flags |= EP_InfixFunc;
+}
+ break;
+ case 210: /* expr ::= expr likeop expr ESCAPE expr */
+{
+ ExprList *pList;
+ pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy118.pExpr);
+ pList = sqlite3ExprListAppend(pParse,pList, yymsp[-4].minor.yy118.pExpr);
+ pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy118.pExpr);
+ yygotominor.yy118.pExpr = sqlite3ExprFunction(pParse, pList, &yymsp[-3].minor.yy342.eOperator);
+ exprNot(pParse, yymsp[-3].minor.yy342.bNot, &yygotominor.yy118.pExpr);
+ yygotominor.yy118.zStart = yymsp[-4].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = yymsp[0].minor.yy118.zEnd;
+ if( yygotominor.yy118.pExpr ) yygotominor.yy118.pExpr->flags |= EP_InfixFunc;
+}
+ break;
+ case 211: /* expr ::= expr ISNULL|NOTNULL */
+{spanUnaryPostfix(&yygotominor.yy118,pParse,yymsp[0].major,&yymsp[-1].minor.yy118,&yymsp[0].minor.yy0);}
+ break;
+ case 212: /* expr ::= expr NOT NULL */
+{spanUnaryPostfix(&yygotominor.yy118,pParse,TK_NOTNULL,&yymsp[-2].minor.yy118,&yymsp[0].minor.yy0);}
+ break;
+ case 213: /* expr ::= expr IS expr */
+{
+ spanBinaryExpr(&yygotominor.yy118,pParse,TK_IS,&yymsp[-2].minor.yy118,&yymsp[0].minor.yy118);
+ binaryToUnaryIfNull(pParse, yymsp[0].minor.yy118.pExpr, yygotominor.yy118.pExpr, TK_ISNULL);
+}
+ break;
+ case 214: /* expr ::= expr IS NOT expr */
+{
+ spanBinaryExpr(&yygotominor.yy118,pParse,TK_ISNOT,&yymsp[-3].minor.yy118,&yymsp[0].minor.yy118);
+ binaryToUnaryIfNull(pParse, yymsp[0].minor.yy118.pExpr, yygotominor.yy118.pExpr, TK_NOTNULL);
+}
+ break;
+ case 215: /* expr ::= NOT expr */
+ case 216: /* expr ::= BITNOT expr */ yytestcase(yyruleno==216);
+{spanUnaryPrefix(&yygotominor.yy118,pParse,yymsp[-1].major,&yymsp[0].minor.yy118,&yymsp[-1].minor.yy0);}
+ break;
+ case 217: /* expr ::= MINUS expr */
+{spanUnaryPrefix(&yygotominor.yy118,pParse,TK_UMINUS,&yymsp[0].minor.yy118,&yymsp[-1].minor.yy0);}
+ break;
+ case 218: /* expr ::= PLUS expr */
+{spanUnaryPrefix(&yygotominor.yy118,pParse,TK_UPLUS,&yymsp[0].minor.yy118,&yymsp[-1].minor.yy0);}
+ break;
+ case 221: /* expr ::= expr between_op expr AND expr */
+{
+ ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy118.pExpr);
+ pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy118.pExpr);
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_BETWEEN, yymsp[-4].minor.yy118.pExpr, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->x.pList = pList;
+ }else{
+ sqlite3ExprListDelete(pParse->db, pList);
+ }
+ exprNot(pParse, yymsp[-3].minor.yy4, &yygotominor.yy118.pExpr);
+ yygotominor.yy118.zStart = yymsp[-4].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = yymsp[0].minor.yy118.zEnd;
+}
+ break;
+ case 224: /* expr ::= expr in_op LP exprlist RP */
+{
+ if( yymsp[-1].minor.yy322==0 ){
+ /* Expressions of the form
+ **
+ ** expr1 IN ()
+ ** expr1 NOT IN ()
+ **
+ ** simplify to constants 0 (false) and 1 (true), respectively,
+ ** regardless of the value of expr1.
+ */
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_INTEGER, 0, 0, &sqlite3IntTokens[yymsp[-3].minor.yy4]);
+ sqlite3ExprDelete(pParse->db, yymsp[-4].minor.yy118.pExpr);
+ }else if( yymsp[-1].minor.yy322->nExpr==1 ){
+ /* Expressions of the form:
+ **
+ ** expr1 IN (?1)
+ ** expr1 NOT IN (?2)
+ **
+ ** with exactly one value on the RHS can be simplified to something
+ ** like this:
+ **
+ ** expr1 == ?1
+ ** expr1 <> ?2
+ **
+ ** But, the RHS of the == or <> is marked with the EP_Generic flag
+ ** so that it may not contribute to the computation of comparison
+ ** affinity or the collating sequence to use for comparison. Otherwise,
+ ** the semantics would be subtly different from IN or NOT IN.
+ */
+ Expr *pRHS = yymsp[-1].minor.yy322->a[0].pExpr;
+ yymsp[-1].minor.yy322->a[0].pExpr = 0;
+ sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
+ /* pRHS cannot be NULL because a malloc error would have been detected
+ ** before now and control would have never reached this point */
+ if( ALWAYS(pRHS) ){
+ pRHS->flags &= ~EP_Collate;
+ pRHS->flags |= EP_Generic;
+ }
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, yymsp[-3].minor.yy4 ? TK_NE : TK_EQ, yymsp[-4].minor.yy118.pExpr, pRHS, 0);
+ }else{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy118.pExpr, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->x.pList = yymsp[-1].minor.yy322;
+ sqlite3ExprSetHeightAndFlags(pParse, yygotominor.yy118.pExpr);
+ }else{
+ sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
+ }
+ exprNot(pParse, yymsp[-3].minor.yy4, &yygotominor.yy118.pExpr);
+ }
+ yygotominor.yy118.zStart = yymsp[-4].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+ }
+ break;
+ case 225: /* expr ::= LP select RP */
+{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_SELECT, 0, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->x.pSelect = yymsp[-1].minor.yy387;
+ ExprSetProperty(yygotominor.yy118.pExpr, EP_xIsSelect|EP_Subquery);
+ sqlite3ExprSetHeightAndFlags(pParse, yygotominor.yy118.pExpr);
+ }else{
+ sqlite3SelectDelete(pParse->db, yymsp[-1].minor.yy387);
+ }
+ yygotominor.yy118.zStart = yymsp[-2].minor.yy0.z;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+ }
+ break;
+ case 226: /* expr ::= expr in_op LP select RP */
+{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy118.pExpr, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->x.pSelect = yymsp[-1].minor.yy387;
+ ExprSetProperty(yygotominor.yy118.pExpr, EP_xIsSelect|EP_Subquery);
+ sqlite3ExprSetHeightAndFlags(pParse, yygotominor.yy118.pExpr);
+ }else{
+ sqlite3SelectDelete(pParse->db, yymsp[-1].minor.yy387);
+ }
+ exprNot(pParse, yymsp[-3].minor.yy4, &yygotominor.yy118.pExpr);
+ yygotominor.yy118.zStart = yymsp[-4].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+ }
+ break;
+ case 227: /* expr ::= expr in_op nm dbnm */
+{
+ SrcList *pSrc = sqlite3SrcListAppend(pParse->db, 0,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0);
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_IN, yymsp[-3].minor.yy118.pExpr, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->x.pSelect = sqlite3SelectNew(pParse, 0,pSrc,0,0,0,0,0,0,0);
+ ExprSetProperty(yygotominor.yy118.pExpr, EP_xIsSelect|EP_Subquery);
+ sqlite3ExprSetHeightAndFlags(pParse, yygotominor.yy118.pExpr);
+ }else{
+ sqlite3SrcListDelete(pParse->db, pSrc);
+ }
+ exprNot(pParse, yymsp[-2].minor.yy4, &yygotominor.yy118.pExpr);
+ yygotominor.yy118.zStart = yymsp[-3].minor.yy118.zStart;
+ yygotominor.yy118.zEnd = yymsp[0].minor.yy0.z ? &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n] : &yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n];
+ }
+ break;
+ case 228: /* expr ::= EXISTS LP select RP */
+{
+ Expr *p = yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_EXISTS, 0, 0, 0);
+ if( p ){
+ p->x.pSelect = yymsp[-1].minor.yy387;
+ ExprSetProperty(p, EP_xIsSelect|EP_Subquery);
+ sqlite3ExprSetHeightAndFlags(pParse, p);
+ }else{
+ sqlite3SelectDelete(pParse->db, yymsp[-1].minor.yy387);
+ }
+ yygotominor.yy118.zStart = yymsp[-3].minor.yy0.z;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+ }
+ break;
+ case 229: /* expr ::= CASE case_operand case_exprlist case_else END */
+{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy314, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->x.pList = yymsp[-1].minor.yy314 ? sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[-1].minor.yy314) : yymsp[-2].minor.yy322;
+ sqlite3ExprSetHeightAndFlags(pParse, yygotominor.yy118.pExpr);
+ }else{
+ sqlite3ExprListDelete(pParse->db, yymsp[-2].minor.yy322);
+ sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy314);
+ }
+ yygotominor.yy118.zStart = yymsp[-4].minor.yy0.z;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+}
+ break;
+ case 230: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[-2].minor.yy118.pExpr);
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,yygotominor.yy322, yymsp[0].minor.yy118.pExpr);
+}
+ break;
+ case 231: /* case_exprlist ::= WHEN expr THEN expr */
+{
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy118.pExpr);
+ yygotominor.yy322 = sqlite3ExprListAppend(pParse,yygotominor.yy322, yymsp[0].minor.yy118.pExpr);
+}
+ break;
+ case 238: /* nexprlist ::= nexprlist COMMA expr */
+{yygotominor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[0].minor.yy118.pExpr);}
+ break;
+ case 239: /* nexprlist ::= expr */
+{yygotominor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy118.pExpr);}
+ break;
+ case 240: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+{
+ sqlite3CreateIndex(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0,
+ sqlite3SrcListAppend(pParse->db,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy322, yymsp[-10].minor.yy4,
+ &yymsp[-11].minor.yy0, yymsp[0].minor.yy314, SQLITE_SO_ASC, yymsp[-8].minor.yy4);
+}
+ break;
+ case 241: /* uniqueflag ::= UNIQUE */
+ case 292: /* raisetype ::= ABORT */ yytestcase(yyruleno==292);
+{yygotominor.yy4 = OE_Abort;}
+ break;
+ case 242: /* uniqueflag ::= */
+{yygotominor.yy4 = OE_None;}
+ break;
+ case 245: /* eidlist ::= eidlist COMMA nm collate sortorder */
+{
+ yygotominor.yy322 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy4, yymsp[0].minor.yy4);
+}
+ break;
+ case 246: /* eidlist ::= nm collate sortorder */
+{
+ yygotominor.yy322 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy4, yymsp[0].minor.yy4);
+}
+ break;
+ case 249: /* cmd ::= DROP INDEX ifexists fullname */
+{sqlite3DropIndex(pParse, yymsp[0].minor.yy259, yymsp[-1].minor.yy4);}
+ break;
+ case 250: /* cmd ::= VACUUM */
+ case 251: /* cmd ::= VACUUM nm */ yytestcase(yyruleno==251);
+{sqlite3Vacuum(pParse);}
+ break;
+ case 252: /* cmd ::= PRAGMA nm dbnm */
+{sqlite3Pragma(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,0,0);}
+ break;
+ case 253: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
+{sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,0);}
+ break;
+ case 254: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
+{sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,0);}
+ break;
+ case 255: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
+{sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,1);}
+ break;
+ case 256: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
+{sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,1);}
+ break;
+ case 265: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+{
+ Token all;
+ all.z = yymsp[-3].minor.yy0.z;
+ all.n = (int)(yymsp[0].minor.yy0.z - yymsp[-3].minor.yy0.z) + yymsp[0].minor.yy0.n;
+ sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy203, &all);
+}
+ break;
+ case 266: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+{
+ sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy4, yymsp[-4].minor.yy90.a, yymsp[-4].minor.yy90.b, yymsp[-2].minor.yy259, yymsp[0].minor.yy314, yymsp[-10].minor.yy4, yymsp[-8].minor.yy4);
+ yygotominor.yy0 = (yymsp[-6].minor.yy0.n==0?yymsp[-7].minor.yy0:yymsp[-6].minor.yy0);
+}
+ break;
+ case 267: /* trigger_time ::= BEFORE */
+ case 270: /* trigger_time ::= */ yytestcase(yyruleno==270);
+{ yygotominor.yy4 = TK_BEFORE; }
+ break;
+ case 268: /* trigger_time ::= AFTER */
+{ yygotominor.yy4 = TK_AFTER; }
+ break;
+ case 269: /* trigger_time ::= INSTEAD OF */
+{ yygotominor.yy4 = TK_INSTEAD;}
+ break;
+ case 271: /* trigger_event ::= DELETE|INSERT */
+ case 272: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==272);
+{yygotominor.yy90.a = yymsp[0].major; yygotominor.yy90.b = 0;}
+ break;
+ case 273: /* trigger_event ::= UPDATE OF idlist */
+{yygotominor.yy90.a = TK_UPDATE; yygotominor.yy90.b = yymsp[0].minor.yy384;}
+ break;
+ case 276: /* when_clause ::= */
+ case 297: /* key_opt ::= */ yytestcase(yyruleno==297);
+{ yygotominor.yy314 = 0; }
+ break;
+ case 277: /* when_clause ::= WHEN expr */
+ case 298: /* key_opt ::= KEY expr */ yytestcase(yyruleno==298);
+{ yygotominor.yy314 = yymsp[0].minor.yy118.pExpr; }
+ break;
+ case 278: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+{
+ assert( yymsp[-2].minor.yy203!=0 );
+ yymsp[-2].minor.yy203->pLast->pNext = yymsp[-1].minor.yy203;
+ yymsp[-2].minor.yy203->pLast = yymsp[-1].minor.yy203;
+ yygotominor.yy203 = yymsp[-2].minor.yy203;
+}
+ break;
+ case 279: /* trigger_cmd_list ::= trigger_cmd SEMI */
+{
+ assert( yymsp[-1].minor.yy203!=0 );
+ yymsp[-1].minor.yy203->pLast = yymsp[-1].minor.yy203;
+ yygotominor.yy203 = yymsp[-1].minor.yy203;
+}
+ break;
+ case 281: /* trnm ::= nm DOT nm */
+{
+ yygotominor.yy0 = yymsp[0].minor.yy0;
+ sqlite3ErrorMsg(pParse,
+ "qualified table names are not allowed on INSERT, UPDATE, and DELETE "
+ "statements within triggers");
+}
+ break;
+ case 283: /* tridxby ::= INDEXED BY nm */
+{
+ sqlite3ErrorMsg(pParse,
+ "the INDEXED BY clause is not allowed on UPDATE or DELETE statements "
+ "within triggers");
+}
+ break;
+ case 284: /* tridxby ::= NOT INDEXED */
+{
+ sqlite3ErrorMsg(pParse,
+ "the NOT INDEXED clause is not allowed on UPDATE or DELETE statements "
+ "within triggers");
+}
+ break;
+ case 285: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist where_opt */
+{ yygotominor.yy203 = sqlite3TriggerUpdateStep(pParse->db, &yymsp[-4].minor.yy0, yymsp[-1].minor.yy322, yymsp[0].minor.yy314, yymsp[-5].minor.yy4); }
+ break;
+ case 286: /* trigger_cmd ::= insert_cmd INTO trnm idlist_opt select */
+{yygotominor.yy203 = sqlite3TriggerInsertStep(pParse->db, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy384, yymsp[0].minor.yy387, yymsp[-4].minor.yy4);}
+ break;
+ case 287: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt */
+{yygotominor.yy203 = sqlite3TriggerDeleteStep(pParse->db, &yymsp[-2].minor.yy0, yymsp[0].minor.yy314);}
+ break;
+ case 288: /* trigger_cmd ::= select */
+{yygotominor.yy203 = sqlite3TriggerSelectStep(pParse->db, yymsp[0].minor.yy387); }
+ break;
+ case 289: /* expr ::= RAISE LP IGNORE RP */
+{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_RAISE, 0, 0, 0);
+ if( yygotominor.yy118.pExpr ){
+ yygotominor.yy118.pExpr->affinity = OE_Ignore;
+ }
+ yygotominor.yy118.zStart = yymsp[-3].minor.yy0.z;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+}
+ break;
+ case 290: /* expr ::= RAISE LP raisetype COMMA nm RP */
+{
+ yygotominor.yy118.pExpr = sqlite3PExpr(pParse, TK_RAISE, 0, 0, &yymsp[-1].minor.yy0);
+ if( yygotominor.yy118.pExpr ) {
+ yygotominor.yy118.pExpr->affinity = (char)yymsp[-3].minor.yy4;
+ }
+ yygotominor.yy118.zStart = yymsp[-5].minor.yy0.z;
+ yygotominor.yy118.zEnd = &yymsp[0].minor.yy0.z[yymsp[0].minor.yy0.n];
+}
+ break;
+ case 291: /* raisetype ::= ROLLBACK */
+{yygotominor.yy4 = OE_Rollback;}
+ break;
+ case 293: /* raisetype ::= FAIL */
+{yygotominor.yy4 = OE_Fail;}
+ break;
+ case 294: /* cmd ::= DROP TRIGGER ifexists fullname */
+{
+ sqlite3DropTrigger(pParse,yymsp[0].minor.yy259,yymsp[-1].minor.yy4);
+}
+ break;
+ case 295: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+{
+ sqlite3Attach(pParse, yymsp[-3].minor.yy118.pExpr, yymsp[-1].minor.yy118.pExpr, yymsp[0].minor.yy314);
+}
+ break;
+ case 296: /* cmd ::= DETACH database_kw_opt expr */
+{
+ sqlite3Detach(pParse, yymsp[0].minor.yy118.pExpr);
+}
+ break;
+ case 301: /* cmd ::= REINDEX */
+{sqlite3Reindex(pParse, 0, 0);}
+ break;
+ case 302: /* cmd ::= REINDEX nm dbnm */
+{sqlite3Reindex(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
+ break;
+ case 303: /* cmd ::= ANALYZE */
+{sqlite3Analyze(pParse, 0, 0);}
+ break;
+ case 304: /* cmd ::= ANALYZE nm dbnm */
+{sqlite3Analyze(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
+ break;
+ case 305: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
+{
+ sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy259,&yymsp[0].minor.yy0);
+}
+ break;
+ case 306: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt column */
+{
+ sqlite3AlterFinishAddColumn(pParse, &yymsp[0].minor.yy0);
+}
+ break;
+ case 307: /* add_column_fullname ::= fullname */
+{
+ pParse->db->lookaside.bEnabled = 0;
+ sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy259);
+}
+ break;
+ case 310: /* cmd ::= create_vtab */
+{sqlite3VtabFinishParse(pParse,0);}
+ break;
+ case 311: /* cmd ::= create_vtab LP vtabarglist RP */
+{sqlite3VtabFinishParse(pParse,&yymsp[0].minor.yy0);}
+ break;
+ case 312: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+{
+ sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy4);
+}
+ break;
+ case 315: /* vtabarg ::= */
+{sqlite3VtabArgInit(pParse);}
+ break;
+ case 317: /* vtabargtoken ::= ANY */
+ case 318: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==318);
+ case 319: /* lp ::= LP */ yytestcase(yyruleno==319);
+{sqlite3VtabArgExtend(pParse,&yymsp[0].minor.yy0);}
+ break;
+ case 323: /* with ::= */
+{yygotominor.yy451 = 0;}
+ break;
+ case 324: /* with ::= WITH wqlist */
+ case 325: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==325);
+{ yygotominor.yy451 = yymsp[0].minor.yy451; }
+ break;
+ case 326: /* wqlist ::= nm eidlist_opt AS LP select RP */
+{
+ yygotominor.yy451 = sqlite3WithAdd(pParse, 0, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy322, yymsp[-1].minor.yy387);
+}
+ break;
+ case 327: /* wqlist ::= wqlist COMMA nm eidlist_opt AS LP select RP */
+{
+ yygotominor.yy451 = sqlite3WithAdd(pParse, yymsp[-7].minor.yy451, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy322, yymsp[-1].minor.yy387);
+}
+ break;
+ default:
+ /* (0) input ::= cmdlist */ yytestcase(yyruleno==0);
+ /* (1) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==1);
+ /* (2) cmdlist ::= ecmd */ yytestcase(yyruleno==2);
+ /* (3) ecmd ::= SEMI */ yytestcase(yyruleno==3);
+ /* (4) ecmd ::= explain cmdx SEMI */ yytestcase(yyruleno==4);
+ /* (10) trans_opt ::= */ yytestcase(yyruleno==10);
+ /* (11) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==11);
+ /* (12) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==12);
+ /* (20) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==20);
+ /* (21) savepoint_opt ::= */ yytestcase(yyruleno==21);
+ /* (25) cmd ::= create_table create_table_args */ yytestcase(yyruleno==25);
+ /* (36) columnlist ::= columnlist COMMA column */ yytestcase(yyruleno==36);
+ /* (37) columnlist ::= column */ yytestcase(yyruleno==37);
+ /* (43) type ::= */ yytestcase(yyruleno==43);
+ /* (50) signed ::= plus_num */ yytestcase(yyruleno==50);
+ /* (51) signed ::= minus_num */ yytestcase(yyruleno==51);
+ /* (52) carglist ::= carglist ccons */ yytestcase(yyruleno==52);
+ /* (53) carglist ::= */ yytestcase(yyruleno==53);
+ /* (60) ccons ::= NULL onconf */ yytestcase(yyruleno==60);
+ /* (88) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==88);
+ /* (89) conslist ::= tcons */ yytestcase(yyruleno==89);
+ /* (91) tconscomma ::= */ yytestcase(yyruleno==91);
+ /* (274) foreach_clause ::= */ yytestcase(yyruleno==274);
+ /* (275) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==275);
+ /* (282) tridxby ::= */ yytestcase(yyruleno==282);
+ /* (299) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==299);
+ /* (300) database_kw_opt ::= */ yytestcase(yyruleno==300);
+ /* (308) kwcolumn_opt ::= */ yytestcase(yyruleno==308);
+ /* (309) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==309);
+ /* (313) vtabarglist ::= vtabarg */ yytestcase(yyruleno==313);
+ /* (314) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==314);
+ /* (316) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==316);
+ /* (320) anylist ::= */ yytestcase(yyruleno==320);
+ /* (321) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==321);
+ /* (322) anylist ::= anylist ANY */ yytestcase(yyruleno==322);
+ break;
+/********** End reduce actions ************************************************/
+ };
+ assert( yyruleno>=0 && yyruleno<sizeof(yyRuleInfo)/sizeof(yyRuleInfo[0]) );
+ yygoto = yyRuleInfo[yyruleno].lhs;
+ yysize = yyRuleInfo[yyruleno].nrhs;
+ yypParser->yyidx -= yysize;
+ yyact = yy_find_reduce_action(yymsp[-yysize].stateno,(YYCODETYPE)yygoto);
+ if( yyact <= YY_MAX_SHIFTREDUCE ){
+ if( yyact>YY_MAX_SHIFT ) yyact += YY_MIN_REDUCE - YY_MIN_SHIFTREDUCE;
+ /* If the reduce action popped at least
+ ** one element off the stack, then we can push the new element back
+ ** onto the stack here, and skip the stack overflow test in yy_shift().
+ ** That gives a significant speed improvement. */
+ if( yysize ){
+ yypParser->yyidx++;
+ yymsp -= yysize-1;
+ yymsp->stateno = (YYACTIONTYPE)yyact;
+ yymsp->major = (YYCODETYPE)yygoto;
+ yymsp->minor = yygotominor;
+ yyTraceShift(yypParser, yyact);
+ }else{
+ yy_shift(yypParser,yyact,yygoto,&yygotominor);
+ }
+ }else{
+ assert( yyact == YY_ACCEPT_ACTION );
+ yy_accept(yypParser);
+ }
+}
+
+/*
+** The following code executes when the parse fails
+*/
+#ifndef YYNOERRORRECOVERY
+static void yy_parse_failed(
+ yyParser *yypParser /* The parser */
+){
+ sqlite3ParserARG_FETCH;
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sFail!\n",yyTracePrompt);
+ }
+#endif
+ while( yypParser->yyidx>=0 ) yy_pop_parser_stack(yypParser);
+ /* Here code is inserted which will be executed whenever the
+ ** parser fails */
+/************ Begin %parse_failure code ***************************************/
+/************ End %parse_failure code *****************************************/
+ sqlite3ParserARG_STORE; /* Suppress warning about unused %extra_argument variable */
+}
+#endif /* YYNOERRORRECOVERY */
+
+/*
+** The following code executes when a syntax error first occurs.
+*/
+static void yy_syntax_error(
+ yyParser *yypParser, /* The parser */
+ int yymajor, /* The major type of the error token */
+ YYMINORTYPE yyminor /* The minor type of the error token */
+){
+ sqlite3ParserARG_FETCH;
+#define TOKEN (yyminor.yy0)
+/************ Begin %syntax_error code ****************************************/
+
+ UNUSED_PARAMETER(yymajor); /* Silence some compiler warnings */
+ assert( TOKEN.z[0] ); /* The tokenizer always gives us a token */
+ sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &TOKEN);
+/************ End %syntax_error code ******************************************/
+ sqlite3ParserARG_STORE; /* Suppress warning about unused %extra_argument variable */
+}
+
+/*
+** The following is executed when the parser accepts
+*/
+static void yy_accept(
+ yyParser *yypParser /* The parser */
+){
+ sqlite3ParserARG_FETCH;
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sAccept!\n",yyTracePrompt);
+ }
+#endif
+ while( yypParser->yyidx>=0 ) yy_pop_parser_stack(yypParser);
+ /* Here code is inserted which will be executed whenever the
+ ** parser accepts */
+/*********** Begin %parse_accept code *****************************************/
+/*********** End %parse_accept code *******************************************/
+ sqlite3ParserARG_STORE; /* Suppress warning about unused %extra_argument variable */
+}
+
+/* The main parser program.
+** The first argument is a pointer to a structure obtained from
+** "sqlite3ParserAlloc" which describes the current state of the parser.
+** The second argument is the major token number. The third is
+** the minor token. The fourth optional argument is whatever the
+** user wants (and specified in the grammar) and is available for
+** use by the action routines.
+**
+** Inputs:
+** <ul>
+** <li> A pointer to the parser (an opaque structure.)
+** <li> The major token number.
+** <li> The minor token number.
+** <li> An option argument of a grammar-specified type.
+** </ul>
+**
+** Outputs:
+** None.
+*/
+SQLITE_PRIVATE void sqlite3Parser(
+ void *yyp, /* The parser */
+ int yymajor, /* The major token code number */
+ sqlite3ParserTOKENTYPE yyminor /* The value for the token */
+ sqlite3ParserARG_PDECL /* Optional %extra_argument parameter */
+){
+ YYMINORTYPE yyminorunion;
+ int yyact; /* The parser action. */
+#if !defined(YYERRORSYMBOL) && !defined(YYNOERRORRECOVERY)
+ int yyendofinput; /* True if we are at the end of input */
+#endif
+#ifdef YYERRORSYMBOL
+ int yyerrorhit = 0; /* True if yymajor has invoked an error */
+#endif
+ yyParser *yypParser; /* The parser */
+
+ /* (re)initialize the parser, if necessary */
+ yypParser = (yyParser*)yyp;
+ if( yypParser->yyidx<0 ){
+#if YYSTACKDEPTH<=0
+ if( yypParser->yystksz <=0 ){
+ /*memset(&yyminorunion, 0, sizeof(yyminorunion));*/
+ yyminorunion = yyzerominor;
+ yyStackOverflow(yypParser, &yyminorunion);
+ return;
+ }
+#endif
+ yypParser->yyidx = 0;
+ yypParser->yyerrcnt = -1;
+ yypParser->yystack[0].stateno = 0;
+ yypParser->yystack[0].major = 0;
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sInitialize. Empty stack. State 0\n",
+ yyTracePrompt);
+ }
+#endif
+ }
+ yyminorunion.yy0 = yyminor;
+#if !defined(YYERRORSYMBOL) && !defined(YYNOERRORRECOVERY)
+ yyendofinput = (yymajor==0);
+#endif
+ sqlite3ParserARG_STORE;
+
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sInput '%s'\n",yyTracePrompt,yyTokenName[yymajor]);
+ }
+#endif
+
+ do{
+ yyact = yy_find_shift_action(yypParser,(YYCODETYPE)yymajor);
+ if( yyact <= YY_MAX_SHIFTREDUCE ){
+ if( yyact > YY_MAX_SHIFT ) yyact += YY_MIN_REDUCE - YY_MIN_SHIFTREDUCE;
+ yy_shift(yypParser,yyact,yymajor,&yyminorunion);
+ yypParser->yyerrcnt--;
+ yymajor = YYNOCODE;
+ }else if( yyact <= YY_MAX_REDUCE ){
+ yy_reduce(yypParser,yyact-YY_MIN_REDUCE);
+ }else{
+ assert( yyact == YY_ERROR_ACTION );
+#ifdef YYERRORSYMBOL
+ int yymx;
+#endif
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sSyntax Error!\n",yyTracePrompt);
+ }
+#endif
+#ifdef YYERRORSYMBOL
+ /* A syntax error has occurred.
+ ** The response to an error depends upon whether or not the
+ ** grammar defines an error token "ERROR".
+ **
+ ** This is what we do if the grammar does define ERROR:
+ **
+ ** * Call the %syntax_error function.
+ **
+ ** * Begin popping the stack until we enter a state where
+ ** it is legal to shift the error symbol, then shift
+ ** the error symbol.
+ **
+ ** * Set the error count to three.
+ **
+ ** * Begin accepting and shifting new tokens. No new error
+ ** processing will occur until three tokens have been
+ ** shifted successfully.
+ **
+ */
+ if( yypParser->yyerrcnt<0 ){
+ yy_syntax_error(yypParser,yymajor,yyminorunion);
+ }
+ yymx = yypParser->yystack[yypParser->yyidx].major;
+ if( yymx==YYERRORSYMBOL || yyerrorhit ){
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ fprintf(yyTraceFILE,"%sDiscard input token %s\n",
+ yyTracePrompt,yyTokenName[yymajor]);
+ }
+#endif
+ yy_destructor(yypParser, (YYCODETYPE)yymajor,&yyminorunion);
+ yymajor = YYNOCODE;
+ }else{
+ while(
+ yypParser->yyidx >= 0 &&
+ yymx != YYERRORSYMBOL &&
+ (yyact = yy_find_reduce_action(
+ yypParser->yystack[yypParser->yyidx].stateno,
+ YYERRORSYMBOL)) >= YY_MIN_REDUCE
+ ){
+ yy_pop_parser_stack(yypParser);
+ }
+ if( yypParser->yyidx < 0 || yymajor==0 ){
+ yy_destructor(yypParser,(YYCODETYPE)yymajor,&yyminorunion);
+ yy_parse_failed(yypParser);
+ yymajor = YYNOCODE;
+ }else if( yymx!=YYERRORSYMBOL ){
+ YYMINORTYPE u2;
+ u2.YYERRSYMDT = 0;
+ yy_shift(yypParser,yyact,YYERRORSYMBOL,&u2);
+ }
+ }
+ yypParser->yyerrcnt = 3;
+ yyerrorhit = 1;
+#elif defined(YYNOERRORRECOVERY)
+ /* If the YYNOERRORRECOVERY macro is defined, then do not attempt to
+ ** do any kind of error recovery. Instead, simply invoke the syntax
+ ** error routine and continue going as if nothing had happened.
+ **
+ ** Applications can set this macro (for example inside %include) if
+ ** they intend to abandon the parse upon the first syntax error seen.
+ */
+ yy_syntax_error(yypParser,yymajor,yyminorunion);
+ yy_destructor(yypParser,(YYCODETYPE)yymajor,&yyminorunion);
+ yymajor = YYNOCODE;
+
+#else /* YYERRORSYMBOL is not defined */
+ /* This is what we do if the grammar does not define ERROR:
+ **
+ ** * Report an error message, and throw away the input token.
+ **
+ ** * If the input token is $, then fail the parse.
+ **
+ ** As before, subsequent error messages are suppressed until
+ ** three input tokens have been successfully shifted.
+ */
+ if( yypParser->yyerrcnt<=0 ){
+ yy_syntax_error(yypParser,yymajor,yyminorunion);
+ }
+ yypParser->yyerrcnt = 3;
+ yy_destructor(yypParser,(YYCODETYPE)yymajor,&yyminorunion);
+ if( yyendofinput ){
+ yy_parse_failed(yypParser);
+ }
+ yymajor = YYNOCODE;
+#endif
+ }
+ }while( yymajor!=YYNOCODE && yypParser->yyidx>=0 );
+#ifndef NDEBUG
+ if( yyTraceFILE ){
+ int i;
+ fprintf(yyTraceFILE,"%sReturn. Stack=",yyTracePrompt);
+ for(i=1; i<=yypParser->yyidx; i++)
+ fprintf(yyTraceFILE,"%c%s", i==1 ? '[' : ' ',
+ yyTokenName[yypParser->yystack[i].major]);
+ fprintf(yyTraceFILE,"]\n");
+ }
+#endif
+ return;
+}
+
+/************** End of parse.c ***********************************************/
+/************** Begin file tokenize.c ****************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** An tokenizer for SQL
+**
+** This file contains C code that splits an SQL input string up into
+** individual tokens and sends those tokens one-by-one over to the
+** parser for analysis.
+*/
+/* #include "sqliteInt.h" */
+/* #include <stdlib.h> */
+
+/*
+** The charMap() macro maps alphabetic characters into their
+** lower-case ASCII equivalent. On ASCII machines, this is just
+** an upper-to-lower case map. On EBCDIC machines we also need
+** to adjust the encoding. Only alphabetic characters and underscores
+** need to be translated.
+*/
+#ifdef SQLITE_ASCII
+# define charMap(X) sqlite3UpperToLower[(unsigned char)X]
+#endif
+#ifdef SQLITE_EBCDIC
+# define charMap(X) ebcdicToAscii[(unsigned char)X]
+const unsigned char ebcdicToAscii[] = {
+/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 2x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 3x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 4x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 5x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 95, 0, 0, /* 6x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 7x */
+ 0, 97, 98, 99,100,101,102,103,104,105, 0, 0, 0, 0, 0, 0, /* 8x */
+ 0,106,107,108,109,110,111,112,113,114, 0, 0, 0, 0, 0, 0, /* 9x */
+ 0, 0,115,116,117,118,119,120,121,122, 0, 0, 0, 0, 0, 0, /* Ax */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* Bx */
+ 0, 97, 98, 99,100,101,102,103,104,105, 0, 0, 0, 0, 0, 0, /* Cx */
+ 0,106,107,108,109,110,111,112,113,114, 0, 0, 0, 0, 0, 0, /* Dx */
+ 0, 0,115,116,117,118,119,120,121,122, 0, 0, 0, 0, 0, 0, /* Ex */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* Fx */
+};
+#endif
+
+/*
+** The sqlite3KeywordCode function looks up an identifier to determine if
+** it is a keyword. If it is a keyword, the token code of that keyword is
+** returned. If the input is not a keyword, TK_ID is returned.
+**
+** The implementation of this routine was generated by a program,
+** mkkeywordhash.h, located in the tool subdirectory of the distribution.
+** The output of the mkkeywordhash.c program is written into a file
+** named keywordhash.h and then included into this source file by
+** the #include below.
+*/
+/************** Include keywordhash.h in the middle of tokenize.c ************/
+/************** Begin file keywordhash.h *************************************/
+/***** This file contains automatically generated code ******
+**
+** The code in this file has been automatically generated by
+**
+** sqlite/tool/mkkeywordhash.c
+**
+** The code in this file implements a function that determines whether
+** or not a given identifier is really an SQL keyword. The same thing
+** might be implemented more directly using a hand-written hash table.
+** But by using this automatically generated code, the size of the code
+** is substantially reduced. This is important for embedded applications
+** on platforms with limited memory.
+*/
+/* Hash score: 182 */
+static int keywordCode(const char *z, int n, int *pType){
+ /* zText[] encodes 834 bytes of keywords in 554 bytes */
+ /* REINDEXEDESCAPEACHECKEYBEFOREIGNOREGEXPLAINSTEADDATABASELECT */
+ /* ABLEFTHENDEFERRABLELSEXCEPTRANSACTIONATURALTERAISEXCLUSIVE */
+ /* XISTSAVEPOINTERSECTRIGGEREFERENCESCONSTRAINTOFFSETEMPORARY */
+ /* UNIQUERYWITHOUTERELEASEATTACHAVINGROUPDATEBEGINNERECURSIVE */
+ /* BETWEENOTNULLIKECASCADELETECASECOLLATECREATECURRENT_DATEDETACH */
+ /* IMMEDIATEJOINSERTMATCHPLANALYZEPRAGMABORTVALUESVIRTUALIMITWHEN */
+ /* WHERENAMEAFTEREPLACEANDEFAULTAUTOINCREMENTCASTCOLUMNCOMMIT */
+ /* CONFLICTCROSSCURRENT_TIMESTAMPRIMARYDEFERREDISTINCTDROPFAIL */
+ /* FROMFULLGLOBYIFISNULLORDERESTRICTRIGHTROLLBACKROWUNIONUSING */
+ /* VACUUMVIEWINITIALLY */
+ static const char zText[553] = {
+ 'R','E','I','N','D','E','X','E','D','E','S','C','A','P','E','A','C','H',
+ 'E','C','K','E','Y','B','E','F','O','R','E','I','G','N','O','R','E','G',
+ 'E','X','P','L','A','I','N','S','T','E','A','D','D','A','T','A','B','A',
+ 'S','E','L','E','C','T','A','B','L','E','F','T','H','E','N','D','E','F',
+ 'E','R','R','A','B','L','E','L','S','E','X','C','E','P','T','R','A','N',
+ 'S','A','C','T','I','O','N','A','T','U','R','A','L','T','E','R','A','I',
+ 'S','E','X','C','L','U','S','I','V','E','X','I','S','T','S','A','V','E',
+ 'P','O','I','N','T','E','R','S','E','C','T','R','I','G','G','E','R','E',
+ 'F','E','R','E','N','C','E','S','C','O','N','S','T','R','A','I','N','T',
+ 'O','F','F','S','E','T','E','M','P','O','R','A','R','Y','U','N','I','Q',
+ 'U','E','R','Y','W','I','T','H','O','U','T','E','R','E','L','E','A','S',
+ 'E','A','T','T','A','C','H','A','V','I','N','G','R','O','U','P','D','A',
+ 'T','E','B','E','G','I','N','N','E','R','E','C','U','R','S','I','V','E',
+ 'B','E','T','W','E','E','N','O','T','N','U','L','L','I','K','E','C','A',
+ 'S','C','A','D','E','L','E','T','E','C','A','S','E','C','O','L','L','A',
+ 'T','E','C','R','E','A','T','E','C','U','R','R','E','N','T','_','D','A',
+ 'T','E','D','E','T','A','C','H','I','M','M','E','D','I','A','T','E','J',
+ 'O','I','N','S','E','R','T','M','A','T','C','H','P','L','A','N','A','L',
+ 'Y','Z','E','P','R','A','G','M','A','B','O','R','T','V','A','L','U','E',
+ 'S','V','I','R','T','U','A','L','I','M','I','T','W','H','E','N','W','H',
+ 'E','R','E','N','A','M','E','A','F','T','E','R','E','P','L','A','C','E',
+ 'A','N','D','E','F','A','U','L','T','A','U','T','O','I','N','C','R','E',
+ 'M','E','N','T','C','A','S','T','C','O','L','U','M','N','C','O','M','M',
+ 'I','T','C','O','N','F','L','I','C','T','C','R','O','S','S','C','U','R',
+ 'R','E','N','T','_','T','I','M','E','S','T','A','M','P','R','I','M','A',
+ 'R','Y','D','E','F','E','R','R','E','D','I','S','T','I','N','C','T','D',
+ 'R','O','P','F','A','I','L','F','R','O','M','F','U','L','L','G','L','O',
+ 'B','Y','I','F','I','S','N','U','L','L','O','R','D','E','R','E','S','T',
+ 'R','I','C','T','R','I','G','H','T','R','O','L','L','B','A','C','K','R',
+ 'O','W','U','N','I','O','N','U','S','I','N','G','V','A','C','U','U','M',
+ 'V','I','E','W','I','N','I','T','I','A','L','L','Y',
+ };
+ static const unsigned char aHash[127] = {
+ 76, 105, 117, 74, 0, 45, 0, 0, 82, 0, 77, 0, 0,
+ 42, 12, 78, 15, 0, 116, 85, 54, 112, 0, 19, 0, 0,
+ 121, 0, 119, 115, 0, 22, 93, 0, 9, 0, 0, 70, 71,
+ 0, 69, 6, 0, 48, 90, 102, 0, 118, 101, 0, 0, 44,
+ 0, 103, 24, 0, 17, 0, 122, 53, 23, 0, 5, 110, 25,
+ 96, 0, 0, 124, 106, 60, 123, 57, 28, 55, 0, 91, 0,
+ 100, 26, 0, 99, 0, 0, 0, 95, 92, 97, 88, 109, 14,
+ 39, 108, 0, 81, 0, 18, 89, 111, 32, 0, 120, 80, 113,
+ 62, 46, 84, 0, 0, 94, 40, 59, 114, 0, 36, 0, 0,
+ 29, 0, 86, 63, 64, 0, 20, 61, 0, 56,
+ };
+ static const unsigned char aNext[124] = {
+ 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 2, 0, 0, 0, 0, 0, 0, 13, 0, 0, 0, 0,
+ 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 33, 0, 21, 0, 0, 0, 0, 0, 50,
+ 0, 43, 3, 47, 0, 0, 0, 0, 30, 0, 58, 0, 38,
+ 0, 0, 0, 1, 66, 0, 0, 67, 0, 41, 0, 0, 0,
+ 0, 0, 0, 49, 65, 0, 0, 0, 0, 31, 52, 16, 34,
+ 10, 0, 0, 0, 0, 0, 0, 0, 11, 72, 79, 0, 8,
+ 0, 104, 98, 0, 107, 0, 87, 0, 75, 51, 0, 27, 37,
+ 73, 83, 0, 35, 68, 0, 0,
+ };
+ static const unsigned char aLen[124] = {
+ 7, 7, 5, 4, 6, 4, 5, 3, 6, 7, 3, 6, 6,
+ 7, 7, 3, 8, 2, 6, 5, 4, 4, 3, 10, 4, 6,
+ 11, 6, 2, 7, 5, 5, 9, 6, 9, 9, 7, 10, 10,
+ 4, 6, 2, 3, 9, 4, 2, 6, 5, 7, 4, 5, 7,
+ 6, 6, 5, 6, 5, 5, 9, 7, 7, 3, 2, 4, 4,
+ 7, 3, 6, 4, 7, 6, 12, 6, 9, 4, 6, 5, 4,
+ 7, 6, 5, 6, 7, 5, 4, 5, 6, 5, 7, 3, 7,
+ 13, 2, 2, 4, 6, 6, 8, 5, 17, 12, 7, 8, 8,
+ 2, 4, 4, 4, 4, 4, 2, 2, 6, 5, 8, 5, 8,
+ 3, 5, 5, 6, 4, 9, 3,
+ };
+ static const unsigned short int aOffset[124] = {
+ 0, 2, 2, 8, 9, 14, 16, 20, 23, 25, 25, 29, 33,
+ 36, 41, 46, 48, 53, 54, 59, 62, 65, 67, 69, 78, 81,
+ 86, 91, 95, 96, 101, 105, 109, 117, 122, 128, 136, 142, 152,
+ 159, 162, 162, 165, 167, 167, 171, 176, 179, 184, 184, 188, 192,
+ 199, 204, 209, 212, 218, 221, 225, 234, 240, 240, 240, 243, 246,
+ 250, 251, 255, 261, 265, 272, 278, 290, 296, 305, 307, 313, 318,
+ 320, 327, 332, 337, 343, 349, 354, 358, 361, 367, 371, 378, 380,
+ 387, 389, 391, 400, 404, 410, 416, 424, 429, 429, 445, 452, 459,
+ 460, 467, 471, 475, 479, 483, 486, 488, 490, 496, 500, 508, 513,
+ 521, 524, 529, 534, 540, 544, 549,
+ };
+ static const unsigned char aCode[124] = {
+ TK_REINDEX, TK_INDEXED, TK_INDEX, TK_DESC, TK_ESCAPE,
+ TK_EACH, TK_CHECK, TK_KEY, TK_BEFORE, TK_FOREIGN,
+ TK_FOR, TK_IGNORE, TK_LIKE_KW, TK_EXPLAIN, TK_INSTEAD,
+ TK_ADD, TK_DATABASE, TK_AS, TK_SELECT, TK_TABLE,
+ TK_JOIN_KW, TK_THEN, TK_END, TK_DEFERRABLE, TK_ELSE,
+ TK_EXCEPT, TK_TRANSACTION,TK_ACTION, TK_ON, TK_JOIN_KW,
+ TK_ALTER, TK_RAISE, TK_EXCLUSIVE, TK_EXISTS, TK_SAVEPOINT,
+ TK_INTERSECT, TK_TRIGGER, TK_REFERENCES, TK_CONSTRAINT, TK_INTO,
+ TK_OFFSET, TK_OF, TK_SET, TK_TEMP, TK_TEMP,
+ TK_OR, TK_UNIQUE, TK_QUERY, TK_WITHOUT, TK_WITH,
+ TK_JOIN_KW, TK_RELEASE, TK_ATTACH, TK_HAVING, TK_GROUP,
+ TK_UPDATE, TK_BEGIN, TK_JOIN_KW, TK_RECURSIVE, TK_BETWEEN,
+ TK_NOTNULL, TK_NOT, TK_NO, TK_NULL, TK_LIKE_KW,
+ TK_CASCADE, TK_ASC, TK_DELETE, TK_CASE, TK_COLLATE,
+ TK_CREATE, TK_CTIME_KW, TK_DETACH, TK_IMMEDIATE, TK_JOIN,
+ TK_INSERT, TK_MATCH, TK_PLAN, TK_ANALYZE, TK_PRAGMA,
+ TK_ABORT, TK_VALUES, TK_VIRTUAL, TK_LIMIT, TK_WHEN,
+ TK_WHERE, TK_RENAME, TK_AFTER, TK_REPLACE, TK_AND,
+ TK_DEFAULT, TK_AUTOINCR, TK_TO, TK_IN, TK_CAST,
+ TK_COLUMNKW, TK_COMMIT, TK_CONFLICT, TK_JOIN_KW, TK_CTIME_KW,
+ TK_CTIME_KW, TK_PRIMARY, TK_DEFERRED, TK_DISTINCT, TK_IS,
+ TK_DROP, TK_FAIL, TK_FROM, TK_JOIN_KW, TK_LIKE_KW,
+ TK_BY, TK_IF, TK_ISNULL, TK_ORDER, TK_RESTRICT,
+ TK_JOIN_KW, TK_ROLLBACK, TK_ROW, TK_UNION, TK_USING,
+ TK_VACUUM, TK_VIEW, TK_INITIALLY, TK_ALL,
+ };
+ int h, i;
+ if( n>=2 ){
+ h = ((charMap(z[0])*4) ^ (charMap(z[n-1])*3) ^ n) % 127;
+ for(i=((int)aHash[h])-1; i>=0; i=((int)aNext[i])-1){
+ if( aLen[i]==n && sqlite3StrNICmp(&zText[aOffset[i]],z,n)==0 ){
+ testcase( i==0 ); /* REINDEX */
+ testcase( i==1 ); /* INDEXED */
+ testcase( i==2 ); /* INDEX */
+ testcase( i==3 ); /* DESC */
+ testcase( i==4 ); /* ESCAPE */
+ testcase( i==5 ); /* EACH */
+ testcase( i==6 ); /* CHECK */
+ testcase( i==7 ); /* KEY */
+ testcase( i==8 ); /* BEFORE */
+ testcase( i==9 ); /* FOREIGN */
+ testcase( i==10 ); /* FOR */
+ testcase( i==11 ); /* IGNORE */
+ testcase( i==12 ); /* REGEXP */
+ testcase( i==13 ); /* EXPLAIN */
+ testcase( i==14 ); /* INSTEAD */
+ testcase( i==15 ); /* ADD */
+ testcase( i==16 ); /* DATABASE */
+ testcase( i==17 ); /* AS */
+ testcase( i==18 ); /* SELECT */
+ testcase( i==19 ); /* TABLE */
+ testcase( i==20 ); /* LEFT */
+ testcase( i==21 ); /* THEN */
+ testcase( i==22 ); /* END */
+ testcase( i==23 ); /* DEFERRABLE */
+ testcase( i==24 ); /* ELSE */
+ testcase( i==25 ); /* EXCEPT */
+ testcase( i==26 ); /* TRANSACTION */
+ testcase( i==27 ); /* ACTION */
+ testcase( i==28 ); /* ON */
+ testcase( i==29 ); /* NATURAL */
+ testcase( i==30 ); /* ALTER */
+ testcase( i==31 ); /* RAISE */
+ testcase( i==32 ); /* EXCLUSIVE */
+ testcase( i==33 ); /* EXISTS */
+ testcase( i==34 ); /* SAVEPOINT */
+ testcase( i==35 ); /* INTERSECT */
+ testcase( i==36 ); /* TRIGGER */
+ testcase( i==37 ); /* REFERENCES */
+ testcase( i==38 ); /* CONSTRAINT */
+ testcase( i==39 ); /* INTO */
+ testcase( i==40 ); /* OFFSET */
+ testcase( i==41 ); /* OF */
+ testcase( i==42 ); /* SET */
+ testcase( i==43 ); /* TEMPORARY */
+ testcase( i==44 ); /* TEMP */
+ testcase( i==45 ); /* OR */
+ testcase( i==46 ); /* UNIQUE */
+ testcase( i==47 ); /* QUERY */
+ testcase( i==48 ); /* WITHOUT */
+ testcase( i==49 ); /* WITH */
+ testcase( i==50 ); /* OUTER */
+ testcase( i==51 ); /* RELEASE */
+ testcase( i==52 ); /* ATTACH */
+ testcase( i==53 ); /* HAVING */
+ testcase( i==54 ); /* GROUP */
+ testcase( i==55 ); /* UPDATE */
+ testcase( i==56 ); /* BEGIN */
+ testcase( i==57 ); /* INNER */
+ testcase( i==58 ); /* RECURSIVE */
+ testcase( i==59 ); /* BETWEEN */
+ testcase( i==60 ); /* NOTNULL */
+ testcase( i==61 ); /* NOT */
+ testcase( i==62 ); /* NO */
+ testcase( i==63 ); /* NULL */
+ testcase( i==64 ); /* LIKE */
+ testcase( i==65 ); /* CASCADE */
+ testcase( i==66 ); /* ASC */
+ testcase( i==67 ); /* DELETE */
+ testcase( i==68 ); /* CASE */
+ testcase( i==69 ); /* COLLATE */
+ testcase( i==70 ); /* CREATE */
+ testcase( i==71 ); /* CURRENT_DATE */
+ testcase( i==72 ); /* DETACH */
+ testcase( i==73 ); /* IMMEDIATE */
+ testcase( i==74 ); /* JOIN */
+ testcase( i==75 ); /* INSERT */
+ testcase( i==76 ); /* MATCH */
+ testcase( i==77 ); /* PLAN */
+ testcase( i==78 ); /* ANALYZE */
+ testcase( i==79 ); /* PRAGMA */
+ testcase( i==80 ); /* ABORT */
+ testcase( i==81 ); /* VALUES */
+ testcase( i==82 ); /* VIRTUAL */
+ testcase( i==83 ); /* LIMIT */
+ testcase( i==84 ); /* WHEN */
+ testcase( i==85 ); /* WHERE */
+ testcase( i==86 ); /* RENAME */
+ testcase( i==87 ); /* AFTER */
+ testcase( i==88 ); /* REPLACE */
+ testcase( i==89 ); /* AND */
+ testcase( i==90 ); /* DEFAULT */
+ testcase( i==91 ); /* AUTOINCREMENT */
+ testcase( i==92 ); /* TO */
+ testcase( i==93 ); /* IN */
+ testcase( i==94 ); /* CAST */
+ testcase( i==95 ); /* COLUMN */
+ testcase( i==96 ); /* COMMIT */
+ testcase( i==97 ); /* CONFLICT */
+ testcase( i==98 ); /* CROSS */
+ testcase( i==99 ); /* CURRENT_TIMESTAMP */
+ testcase( i==100 ); /* CURRENT_TIME */
+ testcase( i==101 ); /* PRIMARY */
+ testcase( i==102 ); /* DEFERRED */
+ testcase( i==103 ); /* DISTINCT */
+ testcase( i==104 ); /* IS */
+ testcase( i==105 ); /* DROP */
+ testcase( i==106 ); /* FAIL */
+ testcase( i==107 ); /* FROM */
+ testcase( i==108 ); /* FULL */
+ testcase( i==109 ); /* GLOB */
+ testcase( i==110 ); /* BY */
+ testcase( i==111 ); /* IF */
+ testcase( i==112 ); /* ISNULL */
+ testcase( i==113 ); /* ORDER */
+ testcase( i==114 ); /* RESTRICT */
+ testcase( i==115 ); /* RIGHT */
+ testcase( i==116 ); /* ROLLBACK */
+ testcase( i==117 ); /* ROW */
+ testcase( i==118 ); /* UNION */
+ testcase( i==119 ); /* USING */
+ testcase( i==120 ); /* VACUUM */
+ testcase( i==121 ); /* VIEW */
+ testcase( i==122 ); /* INITIALLY */
+ testcase( i==123 ); /* ALL */
+ *pType = aCode[i];
+ break;
+ }
+ }
+ }
+ return n;
+}
+SQLITE_PRIVATE int sqlite3KeywordCode(const unsigned char *z, int n){
+ int id = TK_ID;
+ keywordCode((char*)z, n, &id);
+ return id;
+}
+#define SQLITE_N_KEYWORD 124
+
+/************** End of keywordhash.h *****************************************/
+/************** Continuing where we left off in tokenize.c *******************/
+
+
+/*
+** If X is a character that can be used in an identifier then
+** IdChar(X) will be true. Otherwise it is false.
+**
+** For ASCII, any character with the high-order bit set is
+** allowed in an identifier. For 7-bit characters,
+** sqlite3IsIdChar[X] must be 1.
+**
+** For EBCDIC, the rules are more complex but have the same
+** end result.
+**
+** Ticket #1066. the SQL standard does not allow '$' in the
+** middle of identifiers. But many SQL implementations do.
+** SQLite will allow '$' in identifiers for compatibility.
+** But the feature is undocumented.
+*/
+#ifdef SQLITE_ASCII
+#define IdChar(C) ((sqlite3CtypeMap[(unsigned char)C]&0x46)!=0)
+#endif
+#ifdef SQLITE_EBCDIC
+SQLITE_PRIVATE const char sqlite3IsEbcdicIdChar[] = {
+/* x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 xA xB xC xD xE xF */
+ 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, /* 4x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, /* 5x */
+ 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, /* 6x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, /* 7x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 0, /* 8x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, /* 9x */
+ 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, /* Ax */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* Bx */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, /* Cx */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, /* Dx */
+ 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, /* Ex */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, /* Fx */
+};
+#define IdChar(C) (((c=C)>=0x42 && sqlite3IsEbcdicIdChar[c-0x40]))
+#endif
+
+/* Make the IdChar function accessible from ctime.c */
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+SQLITE_PRIVATE int sqlite3IsIdChar(u8 c){ return IdChar(c); }
+#endif
+
+
+/*
+** Return the length of the token that begins at z[0].
+** Store the token type in *tokenType before returning.
+*/
+SQLITE_PRIVATE int sqlite3GetToken(const unsigned char *z, int *tokenType){
+ int i, c;
+ switch( *z ){
+ case ' ': case '\t': case '\n': case '\f': case '\r': {
+ testcase( z[0]==' ' );
+ testcase( z[0]=='\t' );
+ testcase( z[0]=='\n' );
+ testcase( z[0]=='\f' );
+ testcase( z[0]=='\r' );
+ for(i=1; sqlite3Isspace(z[i]); i++){}
+ *tokenType = TK_SPACE;
+ return i;
+ }
+ case '-': {
+ if( z[1]=='-' ){
+ for(i=2; (c=z[i])!=0 && c!='\n'; i++){}
+ *tokenType = TK_SPACE; /* IMP: R-22934-25134 */
+ return i;
+ }
+ *tokenType = TK_MINUS;
+ return 1;
+ }
+ case '(': {
+ *tokenType = TK_LP;
+ return 1;
+ }
+ case ')': {
+ *tokenType = TK_RP;
+ return 1;
+ }
+ case ';': {
+ *tokenType = TK_SEMI;
+ return 1;
+ }
+ case '+': {
+ *tokenType = TK_PLUS;
+ return 1;
+ }
+ case '*': {
+ *tokenType = TK_STAR;
+ return 1;
+ }
+ case '/': {
+ if( z[1]!='*' || z[2]==0 ){
+ *tokenType = TK_SLASH;
+ return 1;
+ }
+ for(i=3, c=z[2]; (c!='*' || z[i]!='/') && (c=z[i])!=0; i++){}
+ if( c ) i++;
+ *tokenType = TK_SPACE; /* IMP: R-22934-25134 */
+ return i;
+ }
+ case '%': {
+ *tokenType = TK_REM;
+ return 1;
+ }
+ case '=': {
+ *tokenType = TK_EQ;
+ return 1 + (z[1]=='=');
+ }
+ case '<': {
+ if( (c=z[1])=='=' ){
+ *tokenType = TK_LE;
+ return 2;
+ }else if( c=='>' ){
+ *tokenType = TK_NE;
+ return 2;
+ }else if( c=='<' ){
+ *tokenType = TK_LSHIFT;
+ return 2;
+ }else{
+ *tokenType = TK_LT;
+ return 1;
+ }
+ }
+ case '>': {
+ if( (c=z[1])=='=' ){
+ *tokenType = TK_GE;
+ return 2;
+ }else if( c=='>' ){
+ *tokenType = TK_RSHIFT;
+ return 2;
+ }else{
+ *tokenType = TK_GT;
+ return 1;
+ }
+ }
+ case '!': {
+ if( z[1]!='=' ){
+ *tokenType = TK_ILLEGAL;
+ return 2;
+ }else{
+ *tokenType = TK_NE;
+ return 2;
+ }
+ }
+ case '|': {
+ if( z[1]!='|' ){
+ *tokenType = TK_BITOR;
+ return 1;
+ }else{
+ *tokenType = TK_CONCAT;
+ return 2;
+ }
+ }
+ case ',': {
+ *tokenType = TK_COMMA;
+ return 1;
+ }
+ case '&': {
+ *tokenType = TK_BITAND;
+ return 1;
+ }
+ case '~': {
+ *tokenType = TK_BITNOT;
+ return 1;
+ }
+ case '`':
+ case '\'':
+ case '"': {
+ int delim = z[0];
+ testcase( delim=='`' );
+ testcase( delim=='\'' );
+ testcase( delim=='"' );
+ for(i=1; (c=z[i])!=0; i++){
+ if( c==delim ){
+ if( z[i+1]==delim ){
+ i++;
+ }else{
+ break;
+ }
+ }
+ }
+ if( c=='\'' ){
+ *tokenType = TK_STRING;
+ return i+1;
+ }else if( c!=0 ){
+ *tokenType = TK_ID;
+ return i+1;
+ }else{
+ *tokenType = TK_ILLEGAL;
+ return i;
+ }
+ }
+ case '.': {
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ if( !sqlite3Isdigit(z[1]) )
+#endif
+ {
+ *tokenType = TK_DOT;
+ return 1;
+ }
+ /* If the next character is a digit, this is a floating point
+ ** number that begins with ".". Fall thru into the next case */
+ }
+ case '0': case '1': case '2': case '3': case '4':
+ case '5': case '6': case '7': case '8': case '9': {
+ testcase( z[0]=='0' ); testcase( z[0]=='1' ); testcase( z[0]=='2' );
+ testcase( z[0]=='3' ); testcase( z[0]=='4' ); testcase( z[0]=='5' );
+ testcase( z[0]=='6' ); testcase( z[0]=='7' ); testcase( z[0]=='8' );
+ testcase( z[0]=='9' );
+ *tokenType = TK_INTEGER;
+#ifndef SQLITE_OMIT_HEX_INTEGER
+ if( z[0]=='0' && (z[1]=='x' || z[1]=='X') && sqlite3Isxdigit(z[2]) ){
+ for(i=3; sqlite3Isxdigit(z[i]); i++){}
+ return i;
+ }
+#endif
+ for(i=0; sqlite3Isdigit(z[i]); i++){}
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ if( z[i]=='.' ){
+ i++;
+ while( sqlite3Isdigit(z[i]) ){ i++; }
+ *tokenType = TK_FLOAT;
+ }
+ if( (z[i]=='e' || z[i]=='E') &&
+ ( sqlite3Isdigit(z[i+1])
+ || ((z[i+1]=='+' || z[i+1]=='-') && sqlite3Isdigit(z[i+2]))
+ )
+ ){
+ i += 2;
+ while( sqlite3Isdigit(z[i]) ){ i++; }
+ *tokenType = TK_FLOAT;
+ }
+#endif
+ while( IdChar(z[i]) ){
+ *tokenType = TK_ILLEGAL;
+ i++;
+ }
+ return i;
+ }
+ case '[': {
+ for(i=1, c=z[0]; c!=']' && (c=z[i])!=0; i++){}
+ *tokenType = c==']' ? TK_ID : TK_ILLEGAL;
+ return i;
+ }
+ case '?': {
+ *tokenType = TK_VARIABLE;
+ for(i=1; sqlite3Isdigit(z[i]); i++){}
+ return i;
+ }
+#ifndef SQLITE_OMIT_TCL_VARIABLE
+ case '$':
+#endif
+ case '@': /* For compatibility with MS SQL Server */
+ case '#':
+ case ':': {
+ int n = 0;
+ testcase( z[0]=='$' ); testcase( z[0]=='@' );
+ testcase( z[0]==':' ); testcase( z[0]=='#' );
+ *tokenType = TK_VARIABLE;
+ for(i=1; (c=z[i])!=0; i++){
+ if( IdChar(c) ){
+ n++;
+#ifndef SQLITE_OMIT_TCL_VARIABLE
+ }else if( c=='(' && n>0 ){
+ do{
+ i++;
+ }while( (c=z[i])!=0 && !sqlite3Isspace(c) && c!=')' );
+ if( c==')' ){
+ i++;
+ }else{
+ *tokenType = TK_ILLEGAL;
+ }
+ break;
+ }else if( c==':' && z[i+1]==':' ){
+ i++;
+#endif
+ }else{
+ break;
+ }
+ }
+ if( n==0 ) *tokenType = TK_ILLEGAL;
+ return i;
+ }
+#ifndef SQLITE_OMIT_BLOB_LITERAL
+ case 'x': case 'X': {
+ testcase( z[0]=='x' ); testcase( z[0]=='X' );
+ if( z[1]=='\'' ){
+ *tokenType = TK_BLOB;
+ for(i=2; sqlite3Isxdigit(z[i]); i++){}
+ if( z[i]!='\'' || i%2 ){
+ *tokenType = TK_ILLEGAL;
+ while( z[i] && z[i]!='\'' ){ i++; }
+ }
+ if( z[i] ) i++;
+ return i;
+ }
+ /* Otherwise fall through to the next case */
+ }
+#endif
+ default: {
+ if( !IdChar(*z) ){
+ break;
+ }
+ for(i=1; IdChar(z[i]); i++){}
+ *tokenType = TK_ID;
+ return keywordCode((char*)z, i, tokenType);
+ }
+ }
+ *tokenType = TK_ILLEGAL;
+ return 1;
+}
+
+/*
+** Run the parser on the given SQL string. The parser structure is
+** passed in. An SQLITE_ status code is returned. If an error occurs
+** then an and attempt is made to write an error message into
+** memory obtained from sqlite3_malloc() and to make *pzErrMsg point to that
+** error message.
+*/
+SQLITE_PRIVATE int sqlite3RunParser(Parse *pParse, const char *zSql, char **pzErrMsg){
+ int nErr = 0; /* Number of errors encountered */
+ int i; /* Loop counter */
+ void *pEngine; /* The LEMON-generated LALR(1) parser */
+ int tokenType; /* type of the next token */
+ int lastTokenParsed = -1; /* type of the previous token */
+ u8 enableLookaside; /* Saved value of db->lookaside.bEnabled */
+ sqlite3 *db = pParse->db; /* The database connection */
+ int mxSqlLen; /* Max length of an SQL string */
+
+ assert( zSql!=0 );
+ mxSqlLen = db->aLimit[SQLITE_LIMIT_SQL_LENGTH];
+ if( db->nVdbeActive==0 ){
+ db->u1.isInterrupted = 0;
+ }
+ pParse->rc = SQLITE_OK;
+ pParse->zTail = zSql;
+ i = 0;
+ assert( pzErrMsg!=0 );
+ /* sqlite3ParserTrace(stdout, "parser: "); */
+ pEngine = sqlite3ParserAlloc(sqlite3Malloc);
+ if( pEngine==0 ){
+ db->mallocFailed = 1;
+ return SQLITE_NOMEM;
+ }
+ assert( pParse->pNewTable==0 );
+ assert( pParse->pNewTrigger==0 );
+ assert( pParse->nVar==0 );
+ assert( pParse->nzVar==0 );
+ assert( pParse->azVar==0 );
+ enableLookaside = db->lookaside.bEnabled;
+ if( db->lookaside.pStart ) db->lookaside.bEnabled = 1;
+ while( zSql[i]!=0 ){
+ assert( i>=0 );
+ pParse->sLastToken.z = &zSql[i];
+ pParse->sLastToken.n = sqlite3GetToken((unsigned char*)&zSql[i],&tokenType);
+ i += pParse->sLastToken.n;
+ if( i>mxSqlLen ){
+ pParse->rc = SQLITE_TOOBIG;
+ break;
+ }
+ if( tokenType>=TK_SPACE ){
+ assert( tokenType==TK_SPACE || tokenType==TK_ILLEGAL );
+ if( db->u1.isInterrupted ){
+ sqlite3ErrorMsg(pParse, "interrupt");
+ pParse->rc = SQLITE_INTERRUPT;
+ break;
+ }
+ if( tokenType==TK_ILLEGAL ){
+ sqlite3ErrorMsg(pParse, "unrecognized token: \"%T\"",
+ &pParse->sLastToken);
+ break;
+ }
+ }else{
+ if( tokenType==TK_SEMI ) pParse->zTail = &zSql[i];
+ sqlite3Parser(pEngine, tokenType, pParse->sLastToken, pParse);
+ lastTokenParsed = tokenType;
+ if( pParse->rc!=SQLITE_OK || db->mallocFailed ) break;
+ }
+ }
+ assert( nErr==0 );
+ if( pParse->rc==SQLITE_OK && db->mallocFailed==0 ){
+ assert( zSql[i]==0 );
+ if( lastTokenParsed!=TK_SEMI ){
+ sqlite3Parser(pEngine, TK_SEMI, pParse->sLastToken, pParse);
+ pParse->zTail = &zSql[i];
+ }
+ if( pParse->rc==SQLITE_OK && db->mallocFailed==0 ){
+ sqlite3Parser(pEngine, 0, pParse->sLastToken, pParse);
+ }
+ }
+#ifdef YYTRACKMAXSTACKDEPTH
+ sqlite3_mutex_enter(sqlite3MallocMutex());
+ sqlite3StatusHighwater(SQLITE_STATUS_PARSER_STACK,
+ sqlite3ParserStackPeak(pEngine)
+ );
+ sqlite3_mutex_leave(sqlite3MallocMutex());
+#endif /* YYDEBUG */
+ sqlite3ParserFree(pEngine, sqlite3_free);
+ db->lookaside.bEnabled = enableLookaside;
+ if( db->mallocFailed ){
+ pParse->rc = SQLITE_NOMEM;
+ }
+ if( pParse->rc!=SQLITE_OK && pParse->rc!=SQLITE_DONE && pParse->zErrMsg==0 ){
+ pParse->zErrMsg = sqlite3MPrintf(db, "%s", sqlite3ErrStr(pParse->rc));
+ }
+ assert( pzErrMsg!=0 );
+ if( pParse->zErrMsg ){
+ *pzErrMsg = pParse->zErrMsg;
+ sqlite3_log(pParse->rc, "%s", *pzErrMsg);
+ pParse->zErrMsg = 0;
+ nErr++;
+ }
+ if( pParse->pVdbe && pParse->nErr>0 && pParse->nested==0 ){
+ sqlite3VdbeDelete(pParse->pVdbe);
+ pParse->pVdbe = 0;
+ }
+#ifndef SQLITE_OMIT_SHARED_CACHE
+ if( pParse->nested==0 ){
+ sqlite3DbFree(db, pParse->aTableLock);
+ pParse->aTableLock = 0;
+ pParse->nTableLock = 0;
+ }
+#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ sqlite3_free(pParse->apVtabLock);
+#endif
+
+ if( !IN_DECLARE_VTAB ){
+ /* If the pParse->declareVtab flag is set, do not delete any table
+ ** structure built up in pParse->pNewTable. The calling code (see vtab.c)
+ ** will take responsibility for freeing the Table structure.
+ */
+ sqlite3DeleteTable(db, pParse->pNewTable);
+ }
+
+ sqlite3WithDelete(db, pParse->pWithToFree);
+ sqlite3DeleteTrigger(db, pParse->pNewTrigger);
+ for(i=pParse->nzVar-1; i>=0; i--) sqlite3DbFree(db, pParse->azVar[i]);
+ sqlite3DbFree(db, pParse->azVar);
+ while( pParse->pAinc ){
+ AutoincInfo *p = pParse->pAinc;
+ pParse->pAinc = p->pNext;
+ sqlite3DbFree(db, p);
+ }
+ while( pParse->pZombieTab ){
+ Table *p = pParse->pZombieTab;
+ pParse->pZombieTab = p->pNextZombie;
+ sqlite3DeleteTable(db, p);
+ }
+ assert( nErr==0 || pParse->rc!=SQLITE_OK );
+ return nErr;
+}
+
+/************** End of tokenize.c ********************************************/
+/************** Begin file complete.c ****************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** An tokenizer for SQL
+**
+** This file contains C code that implements the sqlite3_complete() API.
+** This code used to be part of the tokenizer.c source file. But by
+** separating it out, the code will be automatically omitted from
+** static links that do not use it.
+*/
+/* #include "sqliteInt.h" */
+#ifndef SQLITE_OMIT_COMPLETE
+
+/*
+** This is defined in tokenize.c. We just have to import the definition.
+*/
+#ifndef SQLITE_AMALGAMATION
+#ifdef SQLITE_ASCII
+#define IdChar(C) ((sqlite3CtypeMap[(unsigned char)C]&0x46)!=0)
+#endif
+#ifdef SQLITE_EBCDIC
+SQLITE_PRIVATE const char sqlite3IsEbcdicIdChar[];
+#define IdChar(C) (((c=C)>=0x42 && sqlite3IsEbcdicIdChar[c-0x40]))
+#endif
+#endif /* SQLITE_AMALGAMATION */
+
+
+/*
+** Token types used by the sqlite3_complete() routine. See the header
+** comments on that procedure for additional information.
+*/
+#define tkSEMI 0
+#define tkWS 1
+#define tkOTHER 2
+#ifndef SQLITE_OMIT_TRIGGER
+#define tkEXPLAIN 3
+#define tkCREATE 4
+#define tkTEMP 5
+#define tkTRIGGER 6
+#define tkEND 7
+#endif
+
+/*
+** Return TRUE if the given SQL string ends in a semicolon.
+**
+** Special handling is require for CREATE TRIGGER statements.
+** Whenever the CREATE TRIGGER keywords are seen, the statement
+** must end with ";END;".
+**
+** This implementation uses a state machine with 8 states:
+**
+** (0) INVALID We have not yet seen a non-whitespace character.
+**
+** (1) START At the beginning or end of an SQL statement. This routine
+** returns 1 if it ends in the START state and 0 if it ends
+** in any other state.
+**
+** (2) NORMAL We are in the middle of statement which ends with a single
+** semicolon.
+**
+** (3) EXPLAIN The keyword EXPLAIN has been seen at the beginning of
+** a statement.
+**
+** (4) CREATE The keyword CREATE has been seen at the beginning of a
+** statement, possibly preceded by EXPLAIN and/or followed by
+** TEMP or TEMPORARY
+**
+** (5) TRIGGER We are in the middle of a trigger definition that must be
+** ended by a semicolon, the keyword END, and another semicolon.
+**
+** (6) SEMI We've seen the first semicolon in the ";END;" that occurs at
+** the end of a trigger definition.
+**
+** (7) END We've seen the ";END" of the ";END;" that occurs at the end
+** of a trigger definition.
+**
+** Transitions between states above are determined by tokens extracted
+** from the input. The following tokens are significant:
+**
+** (0) tkSEMI A semicolon.
+** (1) tkWS Whitespace.
+** (2) tkOTHER Any other SQL token.
+** (3) tkEXPLAIN The "explain" keyword.
+** (4) tkCREATE The "create" keyword.
+** (5) tkTEMP The "temp" or "temporary" keyword.
+** (6) tkTRIGGER The "trigger" keyword.
+** (7) tkEND The "end" keyword.
+**
+** Whitespace never causes a state transition and is always ignored.
+** This means that a SQL string of all whitespace is invalid.
+**
+** If we compile with SQLITE_OMIT_TRIGGER, all of the computation needed
+** to recognize the end of a trigger can be omitted. All we have to do
+** is look for a semicolon that is not part of an string or comment.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_complete(const char *zSql){
+ u8 state = 0; /* Current state, using numbers defined in header comment */
+ u8 token; /* Value of the next token */
+
+#ifndef SQLITE_OMIT_TRIGGER
+ /* A complex statement machine used to detect the end of a CREATE TRIGGER
+ ** statement. This is the normal case.
+ */
+ static const u8 trans[8][8] = {
+ /* Token: */
+ /* State: ** SEMI WS OTHER EXPLAIN CREATE TEMP TRIGGER END */
+ /* 0 INVALID: */ { 1, 0, 2, 3, 4, 2, 2, 2, },
+ /* 1 START: */ { 1, 1, 2, 3, 4, 2, 2, 2, },
+ /* 2 NORMAL: */ { 1, 2, 2, 2, 2, 2, 2, 2, },
+ /* 3 EXPLAIN: */ { 1, 3, 3, 2, 4, 2, 2, 2, },
+ /* 4 CREATE: */ { 1, 4, 2, 2, 2, 4, 5, 2, },
+ /* 5 TRIGGER: */ { 6, 5, 5, 5, 5, 5, 5, 5, },
+ /* 6 SEMI: */ { 6, 6, 5, 5, 5, 5, 5, 7, },
+ /* 7 END: */ { 1, 7, 5, 5, 5, 5, 5, 5, },
+ };
+#else
+ /* If triggers are not supported by this compile then the statement machine
+ ** used to detect the end of a statement is much simpler
+ */
+ static const u8 trans[3][3] = {
+ /* Token: */
+ /* State: ** SEMI WS OTHER */
+ /* 0 INVALID: */ { 1, 0, 2, },
+ /* 1 START: */ { 1, 1, 2, },
+ /* 2 NORMAL: */ { 1, 2, 2, },
+ };
+#endif /* SQLITE_OMIT_TRIGGER */
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( zSql==0 ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+
+ while( *zSql ){
+ switch( *zSql ){
+ case ';': { /* A semicolon */
+ token = tkSEMI;
+ break;
+ }
+ case ' ':
+ case '\r':
+ case '\t':
+ case '\n':
+ case '\f': { /* White space is ignored */
+ token = tkWS;
+ break;
+ }
+ case '/': { /* C-style comments */
+ if( zSql[1]!='*' ){
+ token = tkOTHER;
+ break;
+ }
+ zSql += 2;
+ while( zSql[0] && (zSql[0]!='*' || zSql[1]!='/') ){ zSql++; }
+ if( zSql[0]==0 ) return 0;
+ zSql++;
+ token = tkWS;
+ break;
+ }
+ case '-': { /* SQL-style comments from "--" to end of line */
+ if( zSql[1]!='-' ){
+ token = tkOTHER;
+ break;
+ }
+ while( *zSql && *zSql!='\n' ){ zSql++; }
+ if( *zSql==0 ) return state==1;
+ token = tkWS;
+ break;
+ }
+ case '[': { /* Microsoft-style identifiers in [...] */
+ zSql++;
+ while( *zSql && *zSql!=']' ){ zSql++; }
+ if( *zSql==0 ) return 0;
+ token = tkOTHER;
+ break;
+ }
+ case '`': /* Grave-accent quoted symbols used by MySQL */
+ case '"': /* single- and double-quoted strings */
+ case '\'': {
+ int c = *zSql;
+ zSql++;
+ while( *zSql && *zSql!=c ){ zSql++; }
+ if( *zSql==0 ) return 0;
+ token = tkOTHER;
+ break;
+ }
+ default: {
+#ifdef SQLITE_EBCDIC
+ unsigned char c;
+#endif
+ if( IdChar((u8)*zSql) ){
+ /* Keywords and unquoted identifiers */
+ int nId;
+ for(nId=1; IdChar(zSql[nId]); nId++){}
+#ifdef SQLITE_OMIT_TRIGGER
+ token = tkOTHER;
+#else
+ switch( *zSql ){
+ case 'c': case 'C': {
+ if( nId==6 && sqlite3StrNICmp(zSql, "create", 6)==0 ){
+ token = tkCREATE;
+ }else{
+ token = tkOTHER;
+ }
+ break;
+ }
+ case 't': case 'T': {
+ if( nId==7 && sqlite3StrNICmp(zSql, "trigger", 7)==0 ){
+ token = tkTRIGGER;
+ }else if( nId==4 && sqlite3StrNICmp(zSql, "temp", 4)==0 ){
+ token = tkTEMP;
+ }else if( nId==9 && sqlite3StrNICmp(zSql, "temporary", 9)==0 ){
+ token = tkTEMP;
+ }else{
+ token = tkOTHER;
+ }
+ break;
+ }
+ case 'e': case 'E': {
+ if( nId==3 && sqlite3StrNICmp(zSql, "end", 3)==0 ){
+ token = tkEND;
+ }else
+#ifndef SQLITE_OMIT_EXPLAIN
+ if( nId==7 && sqlite3StrNICmp(zSql, "explain", 7)==0 ){
+ token = tkEXPLAIN;
+ }else
+#endif
+ {
+ token = tkOTHER;
+ }
+ break;
+ }
+ default: {
+ token = tkOTHER;
+ break;
+ }
+ }
+#endif /* SQLITE_OMIT_TRIGGER */
+ zSql += nId-1;
+ }else{
+ /* Operators and special symbols */
+ token = tkOTHER;
+ }
+ break;
+ }
+ }
+ state = trans[state][token];
+ zSql++;
+ }
+ return state==1;
+}
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** This routine is the same as the sqlite3_complete() routine described
+** above, except that the parameter is required to be UTF-16 encoded, not
+** UTF-8.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_complete16(const void *zSql){
+ sqlite3_value *pVal;
+ char const *zSql8;
+ int rc;
+
+#ifndef SQLITE_OMIT_AUTOINIT
+ rc = sqlite3_initialize();
+ if( rc ) return rc;
+#endif
+ pVal = sqlite3ValueNew(0);
+ sqlite3ValueSetStr(pVal, -1, zSql, SQLITE_UTF16NATIVE, SQLITE_STATIC);
+ zSql8 = sqlite3ValueText(pVal, SQLITE_UTF8);
+ if( zSql8 ){
+ rc = sqlite3_complete(zSql8);
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ sqlite3ValueFree(pVal);
+ return rc & 0xff;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+#endif /* SQLITE_OMIT_COMPLETE */
+
+/************** End of complete.c ********************************************/
+/************** Begin file main.c ********************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Main file for the SQLite library. The routines in this file
+** implement the programmer interface to the library. Routines in
+** other files are for internal use by SQLite and should not be
+** accessed by users of the library.
+*/
+/* #include "sqliteInt.h" */
+
+#ifdef SQLITE_ENABLE_FTS3
+/************** Include fts3.h in the middle of main.c ***********************/
+/************** Begin file fts3.h ********************************************/
+/*
+** 2006 Oct 10
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This header file is used by programs that want to link against the
+** FTS3 library. All it does is declare the sqlite3Fts3Init() interface.
+*/
+/* #include "sqlite3.h" */
+
+#if 0
+extern "C" {
+#endif /* __cplusplus */
+
+SQLITE_PRIVATE int sqlite3Fts3Init(sqlite3 *db);
+
+#if 0
+} /* extern "C" */
+#endif /* __cplusplus */
+
+/************** End of fts3.h ************************************************/
+/************** Continuing where we left off in main.c ***********************/
+#endif
+#ifdef SQLITE_ENABLE_RTREE
+/************** Include rtree.h in the middle of main.c **********************/
+/************** Begin file rtree.h *******************************************/
+/*
+** 2008 May 26
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This header file is used by programs that want to link against the
+** RTREE library. All it does is declare the sqlite3RtreeInit() interface.
+*/
+/* #include "sqlite3.h" */
+
+#if 0
+extern "C" {
+#endif /* __cplusplus */
+
+SQLITE_PRIVATE int sqlite3RtreeInit(sqlite3 *db);
+
+#if 0
+} /* extern "C" */
+#endif /* __cplusplus */
+
+/************** End of rtree.h ***********************************************/
+/************** Continuing where we left off in main.c ***********************/
+#endif
+#ifdef SQLITE_ENABLE_ICU
+/************** Include sqliteicu.h in the middle of main.c ******************/
+/************** Begin file sqliteicu.h ***************************************/
+/*
+** 2008 May 26
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This header file is used by programs that want to link against the
+** ICU extension. All it does is declare the sqlite3IcuInit() interface.
+*/
+/* #include "sqlite3.h" */
+
+#if 0
+extern "C" {
+#endif /* __cplusplus */
+
+SQLITE_PRIVATE int sqlite3IcuInit(sqlite3 *db);
+
+#if 0
+} /* extern "C" */
+#endif /* __cplusplus */
+
+
+/************** End of sqliteicu.h *******************************************/
+/************** Continuing where we left off in main.c ***********************/
+#endif
+#ifdef SQLITE_ENABLE_JSON1
+SQLITE_PRIVATE int sqlite3Json1Init(sqlite3*);
+#endif
+#ifdef SQLITE_ENABLE_FTS5
+SQLITE_PRIVATE int sqlite3Fts5Init(sqlite3*);
+#endif
+
+#ifndef SQLITE_AMALGAMATION
+/* IMPLEMENTATION-OF: R-46656-45156 The sqlite3_version[] string constant
+** contains the text of SQLITE_VERSION macro.
+*/
+SQLITE_API const char sqlite3_version[] = SQLITE_VERSION;
+#endif
+
+/* IMPLEMENTATION-OF: R-53536-42575 The sqlite3_libversion() function returns
+** a pointer to the to the sqlite3_version[] string constant.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_libversion(void){ return sqlite3_version; }
+
+/* IMPLEMENTATION-OF: R-63124-39300 The sqlite3_sourceid() function returns a
+** pointer to a string constant whose value is the same as the
+** SQLITE_SOURCE_ID C preprocessor macro.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; }
+
+/* IMPLEMENTATION-OF: R-35210-63508 The sqlite3_libversion_number() function
+** returns an integer equal to SQLITE_VERSION_NUMBER.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_libversion_number(void){ return SQLITE_VERSION_NUMBER; }
+
+/* IMPLEMENTATION-OF: R-20790-14025 The sqlite3_threadsafe() function returns
+** zero if and only if SQLite was compiled with mutexing code omitted due to
+** the SQLITE_THREADSAFE compile-time option being set to 0.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_threadsafe(void){ return SQLITE_THREADSAFE; }
+
+/*
+** When compiling the test fixture or with debugging enabled (on Win32),
+** this variable being set to non-zero will cause OSTRACE macros to emit
+** extra diagnostic information.
+*/
+#ifdef SQLITE_HAVE_OS_TRACE
+# ifndef SQLITE_DEBUG_OS_TRACE
+# define SQLITE_DEBUG_OS_TRACE 0
+# endif
+ int sqlite3OSTrace = SQLITE_DEBUG_OS_TRACE;
+#endif
+
+#if !defined(SQLITE_OMIT_TRACE) && defined(SQLITE_ENABLE_IOTRACE)
+/*
+** If the following function pointer is not NULL and if
+** SQLITE_ENABLE_IOTRACE is enabled, then messages describing
+** I/O active are written using this function. These messages
+** are intended for debugging activity only.
+*/
+SQLITE_API void (SQLITE_CDECL *sqlite3IoTrace)(const char*, ...) = 0;
+#endif
+
+/*
+** If the following global variable points to a string which is the
+** name of a directory, then that directory will be used to store
+** temporary files.
+**
+** See also the "PRAGMA temp_store_directory" SQL command.
+*/
+SQLITE_API char *sqlite3_temp_directory = 0;
+
+/*
+** If the following global variable points to a string which is the
+** name of a directory, then that directory will be used to store
+** all database files specified with a relative pathname.
+**
+** See also the "PRAGMA data_store_directory" SQL command.
+*/
+SQLITE_API char *sqlite3_data_directory = 0;
+
+/*
+** Initialize SQLite.
+**
+** This routine must be called to initialize the memory allocation,
+** VFS, and mutex subsystems prior to doing any serious work with
+** SQLite. But as long as you do not compile with SQLITE_OMIT_AUTOINIT
+** this routine will be called automatically by key routines such as
+** sqlite3_open().
+**
+** This routine is a no-op except on its very first call for the process,
+** or for the first call after a call to sqlite3_shutdown.
+**
+** The first thread to call this routine runs the initialization to
+** completion. If subsequent threads call this routine before the first
+** thread has finished the initialization process, then the subsequent
+** threads must block until the first thread finishes with the initialization.
+**
+** The first thread might call this routine recursively. Recursive
+** calls to this routine should not block, of course. Otherwise the
+** initialization process would never complete.
+**
+** Let X be the first thread to enter this routine. Let Y be some other
+** thread. Then while the initial invocation of this routine by X is
+** incomplete, it is required that:
+**
+** * Calls to this routine from Y must block until the outer-most
+** call by X completes.
+**
+** * Recursive calls to this routine from thread X return immediately
+** without blocking.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_initialize(void){
+ MUTEX_LOGIC( sqlite3_mutex *pMaster; ) /* The main static mutex */
+ int rc; /* Result code */
+#ifdef SQLITE_EXTRA_INIT
+ int bRunExtraInit = 0; /* Extra initialization needed */
+#endif
+
+#ifdef SQLITE_OMIT_WSD
+ rc = sqlite3_wsd_init(4096, 24);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+#endif
+
+ /* If the following assert() fails on some obscure processor/compiler
+ ** combination, the work-around is to set the correct pointer
+ ** size at compile-time using -DSQLITE_PTRSIZE=n compile-time option */
+ assert( SQLITE_PTRSIZE==sizeof(char*) );
+
+ /* If SQLite is already completely initialized, then this call
+ ** to sqlite3_initialize() should be a no-op. But the initialization
+ ** must be complete. So isInit must not be set until the very end
+ ** of this routine.
+ */
+ if( sqlite3GlobalConfig.isInit ) return SQLITE_OK;
+
+ /* Make sure the mutex subsystem is initialized. If unable to
+ ** initialize the mutex subsystem, return early with the error.
+ ** If the system is so sick that we are unable to allocate a mutex,
+ ** there is not much SQLite is going to be able to do.
+ **
+ ** The mutex subsystem must take care of serializing its own
+ ** initialization.
+ */
+ rc = sqlite3MutexInit();
+ if( rc ) return rc;
+
+ /* Initialize the malloc() system and the recursive pInitMutex mutex.
+ ** This operation is protected by the STATIC_MASTER mutex. Note that
+ ** MutexAlloc() is called for a static mutex prior to initializing the
+ ** malloc subsystem - this implies that the allocation of a static
+ ** mutex must not require support from the malloc subsystem.
+ */
+ MUTEX_LOGIC( pMaster = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER); )
+ sqlite3_mutex_enter(pMaster);
+ sqlite3GlobalConfig.isMutexInit = 1;
+ if( !sqlite3GlobalConfig.isMallocInit ){
+ rc = sqlite3MallocInit();
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3GlobalConfig.isMallocInit = 1;
+ if( !sqlite3GlobalConfig.pInitMutex ){
+ sqlite3GlobalConfig.pInitMutex =
+ sqlite3MutexAlloc(SQLITE_MUTEX_RECURSIVE);
+ if( sqlite3GlobalConfig.bCoreMutex && !sqlite3GlobalConfig.pInitMutex ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3GlobalConfig.nRefInitMutex++;
+ }
+ sqlite3_mutex_leave(pMaster);
+
+ /* If rc is not SQLITE_OK at this point, then either the malloc
+ ** subsystem could not be initialized or the system failed to allocate
+ ** the pInitMutex mutex. Return an error in either case. */
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* Do the rest of the initialization under the recursive mutex so
+ ** that we will be able to handle recursive calls into
+ ** sqlite3_initialize(). The recursive calls normally come through
+ ** sqlite3_os_init() when it invokes sqlite3_vfs_register(), but other
+ ** recursive calls might also be possible.
+ **
+ ** IMPLEMENTATION-OF: R-00140-37445 SQLite automatically serializes calls
+ ** to the xInit method, so the xInit method need not be threadsafe.
+ **
+ ** The following mutex is what serializes access to the appdef pcache xInit
+ ** methods. The sqlite3_pcache_methods.xInit() all is embedded in the
+ ** call to sqlite3PcacheInitialize().
+ */
+ sqlite3_mutex_enter(sqlite3GlobalConfig.pInitMutex);
+ if( sqlite3GlobalConfig.isInit==0 && sqlite3GlobalConfig.inProgress==0 ){
+ FuncDefHash *pHash = &GLOBAL(FuncDefHash, sqlite3GlobalFunctions);
+ sqlite3GlobalConfig.inProgress = 1;
+#ifdef SQLITE_ENABLE_SQLLOG
+ {
+ extern void sqlite3_init_sqllog(void);
+ sqlite3_init_sqllog();
+ }
+#endif
+ memset(pHash, 0, sizeof(sqlite3GlobalFunctions));
+ sqlite3RegisterGlobalFunctions();
+ if( sqlite3GlobalConfig.isPCacheInit==0 ){
+ rc = sqlite3PcacheInitialize();
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3GlobalConfig.isPCacheInit = 1;
+ rc = sqlite3OsInit();
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3PCacheBufferSetup( sqlite3GlobalConfig.pPage,
+ sqlite3GlobalConfig.szPage, sqlite3GlobalConfig.nPage);
+ sqlite3GlobalConfig.isInit = 1;
+#ifdef SQLITE_EXTRA_INIT
+ bRunExtraInit = 1;
+#endif
+ }
+ sqlite3GlobalConfig.inProgress = 0;
+ }
+ sqlite3_mutex_leave(sqlite3GlobalConfig.pInitMutex);
+
+ /* Go back under the static mutex and clean up the recursive
+ ** mutex to prevent a resource leak.
+ */
+ sqlite3_mutex_enter(pMaster);
+ sqlite3GlobalConfig.nRefInitMutex--;
+ if( sqlite3GlobalConfig.nRefInitMutex<=0 ){
+ assert( sqlite3GlobalConfig.nRefInitMutex==0 );
+ sqlite3_mutex_free(sqlite3GlobalConfig.pInitMutex);
+ sqlite3GlobalConfig.pInitMutex = 0;
+ }
+ sqlite3_mutex_leave(pMaster);
+
+ /* The following is just a sanity check to make sure SQLite has
+ ** been compiled correctly. It is important to run this code, but
+ ** we don't want to run it too often and soak up CPU cycles for no
+ ** reason. So we run it once during initialization.
+ */
+#ifndef NDEBUG
+#ifndef SQLITE_OMIT_FLOATING_POINT
+ /* This section of code's only "output" is via assert() statements. */
+ if ( rc==SQLITE_OK ){
+ u64 x = (((u64)1)<<63)-1;
+ double y;
+ assert(sizeof(x)==8);
+ assert(sizeof(x)==sizeof(y));
+ memcpy(&y, &x, 8);
+ assert( sqlite3IsNaN(y) );
+ }
+#endif
+#endif
+
+ /* Do extra initialization steps requested by the SQLITE_EXTRA_INIT
+ ** compile-time option.
+ */
+#ifdef SQLITE_EXTRA_INIT
+ if( bRunExtraInit ){
+ int SQLITE_EXTRA_INIT(const char*);
+ rc = SQLITE_EXTRA_INIT(0);
+ }
+#endif
+
+ return rc;
+}
+
+/*
+** Undo the effects of sqlite3_initialize(). Must not be called while
+** there are outstanding database connections or memory allocations or
+** while any part of SQLite is otherwise in use in any thread. This
+** routine is not threadsafe. But it is safe to invoke this routine
+** on when SQLite is already shut down. If SQLite is already shut down
+** when this routine is invoked, then this routine is a harmless no-op.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_shutdown(void){
+#ifdef SQLITE_OMIT_WSD
+ int rc = sqlite3_wsd_init(4096, 24);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+#endif
+
+ if( sqlite3GlobalConfig.isInit ){
+#ifdef SQLITE_EXTRA_SHUTDOWN
+ void SQLITE_EXTRA_SHUTDOWN(void);
+ SQLITE_EXTRA_SHUTDOWN();
+#endif
+ sqlite3_os_end();
+ sqlite3_reset_auto_extension();
+ sqlite3GlobalConfig.isInit = 0;
+ }
+ if( sqlite3GlobalConfig.isPCacheInit ){
+ sqlite3PcacheShutdown();
+ sqlite3GlobalConfig.isPCacheInit = 0;
+ }
+ if( sqlite3GlobalConfig.isMallocInit ){
+ sqlite3MallocEnd();
+ sqlite3GlobalConfig.isMallocInit = 0;
+
+#ifndef SQLITE_OMIT_SHUTDOWN_DIRECTORIES
+ /* The heap subsystem has now been shutdown and these values are supposed
+ ** to be NULL or point to memory that was obtained from sqlite3_malloc(),
+ ** which would rely on that heap subsystem; therefore, make sure these
+ ** values cannot refer to heap memory that was just invalidated when the
+ ** heap subsystem was shutdown. This is only done if the current call to
+ ** this function resulted in the heap subsystem actually being shutdown.
+ */
+ sqlite3_data_directory = 0;
+ sqlite3_temp_directory = 0;
+#endif
+ }
+ if( sqlite3GlobalConfig.isMutexInit ){
+ sqlite3MutexEnd();
+ sqlite3GlobalConfig.isMutexInit = 0;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** This API allows applications to modify the global configuration of
+** the SQLite library at run-time.
+**
+** This routine should only be called when there are no outstanding
+** database connections or memory allocations. This routine is not
+** threadsafe. Failure to heed these warnings can lead to unpredictable
+** behavior.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_config(int op, ...){
+ va_list ap;
+ int rc = SQLITE_OK;
+
+ /* sqlite3_config() shall return SQLITE_MISUSE if it is invoked while
+ ** the SQLite library is in use. */
+ if( sqlite3GlobalConfig.isInit ) return SQLITE_MISUSE_BKPT;
+
+ va_start(ap, op);
+ switch( op ){
+
+ /* Mutex configuration options are only available in a threadsafe
+ ** compile.
+ */
+#if defined(SQLITE_THREADSAFE) && SQLITE_THREADSAFE>0 /* IMP: R-54466-46756 */
+ case SQLITE_CONFIG_SINGLETHREAD: {
+ /* EVIDENCE-OF: R-02748-19096 This option sets the threading mode to
+ ** Single-thread. */
+ sqlite3GlobalConfig.bCoreMutex = 0; /* Disable mutex on core */
+ sqlite3GlobalConfig.bFullMutex = 0; /* Disable mutex on connections */
+ break;
+ }
+#endif
+#if defined(SQLITE_THREADSAFE) && SQLITE_THREADSAFE>0 /* IMP: R-20520-54086 */
+ case SQLITE_CONFIG_MULTITHREAD: {
+ /* EVIDENCE-OF: R-14374-42468 This option sets the threading mode to
+ ** Multi-thread. */
+ sqlite3GlobalConfig.bCoreMutex = 1; /* Enable mutex on core */
+ sqlite3GlobalConfig.bFullMutex = 0; /* Disable mutex on connections */
+ break;
+ }
+#endif
+#if defined(SQLITE_THREADSAFE) && SQLITE_THREADSAFE>0 /* IMP: R-59593-21810 */
+ case SQLITE_CONFIG_SERIALIZED: {
+ /* EVIDENCE-OF: R-41220-51800 This option sets the threading mode to
+ ** Serialized. */
+ sqlite3GlobalConfig.bCoreMutex = 1; /* Enable mutex on core */
+ sqlite3GlobalConfig.bFullMutex = 1; /* Enable mutex on connections */
+ break;
+ }
+#endif
+#if defined(SQLITE_THREADSAFE) && SQLITE_THREADSAFE>0 /* IMP: R-63666-48755 */
+ case SQLITE_CONFIG_MUTEX: {
+ /* Specify an alternative mutex implementation */
+ sqlite3GlobalConfig.mutex = *va_arg(ap, sqlite3_mutex_methods*);
+ break;
+ }
+#endif
+#if defined(SQLITE_THREADSAFE) && SQLITE_THREADSAFE>0 /* IMP: R-14450-37597 */
+ case SQLITE_CONFIG_GETMUTEX: {
+ /* Retrieve the current mutex implementation */
+ *va_arg(ap, sqlite3_mutex_methods*) = sqlite3GlobalConfig.mutex;
+ break;
+ }
+#endif
+
+ case SQLITE_CONFIG_MALLOC: {
+ /* EVIDENCE-OF: R-55594-21030 The SQLITE_CONFIG_MALLOC option takes a
+ ** single argument which is a pointer to an instance of the
+ ** sqlite3_mem_methods structure. The argument specifies alternative
+ ** low-level memory allocation routines to be used in place of the memory
+ ** allocation routines built into SQLite. */
+ sqlite3GlobalConfig.m = *va_arg(ap, sqlite3_mem_methods*);
+ break;
+ }
+ case SQLITE_CONFIG_GETMALLOC: {
+ /* EVIDENCE-OF: R-51213-46414 The SQLITE_CONFIG_GETMALLOC option takes a
+ ** single argument which is a pointer to an instance of the
+ ** sqlite3_mem_methods structure. The sqlite3_mem_methods structure is
+ ** filled with the currently defined memory allocation routines. */
+ if( sqlite3GlobalConfig.m.xMalloc==0 ) sqlite3MemSetDefault();
+ *va_arg(ap, sqlite3_mem_methods*) = sqlite3GlobalConfig.m;
+ break;
+ }
+ case SQLITE_CONFIG_MEMSTATUS: {
+ /* EVIDENCE-OF: R-61275-35157 The SQLITE_CONFIG_MEMSTATUS option takes
+ ** single argument of type int, interpreted as a boolean, which enables
+ ** or disables the collection of memory allocation statistics. */
+ sqlite3GlobalConfig.bMemstat = va_arg(ap, int);
+ break;
+ }
+ case SQLITE_CONFIG_SCRATCH: {
+ /* EVIDENCE-OF: R-08404-60887 There are three arguments to
+ ** SQLITE_CONFIG_SCRATCH: A pointer an 8-byte aligned memory buffer from
+ ** which the scratch allocations will be drawn, the size of each scratch
+ ** allocation (sz), and the maximum number of scratch allocations (N). */
+ sqlite3GlobalConfig.pScratch = va_arg(ap, void*);
+ sqlite3GlobalConfig.szScratch = va_arg(ap, int);
+ sqlite3GlobalConfig.nScratch = va_arg(ap, int);
+ break;
+ }
+ case SQLITE_CONFIG_PAGECACHE: {
+ /* EVIDENCE-OF: R-18761-36601 There are three arguments to
+ ** SQLITE_CONFIG_PAGECACHE: A pointer to 8-byte aligned memory (pMem),
+ ** the size of each page cache line (sz), and the number of cache lines
+ ** (N). */
+ sqlite3GlobalConfig.pPage = va_arg(ap, void*);
+ sqlite3GlobalConfig.szPage = va_arg(ap, int);
+ sqlite3GlobalConfig.nPage = va_arg(ap, int);
+ break;
+ }
+ case SQLITE_CONFIG_PCACHE_HDRSZ: {
+ /* EVIDENCE-OF: R-39100-27317 The SQLITE_CONFIG_PCACHE_HDRSZ option takes
+ ** a single parameter which is a pointer to an integer and writes into
+ ** that integer the number of extra bytes per page required for each page
+ ** in SQLITE_CONFIG_PAGECACHE. */
+ *va_arg(ap, int*) =
+ sqlite3HeaderSizeBtree() +
+ sqlite3HeaderSizePcache() +
+ sqlite3HeaderSizePcache1();
+ break;
+ }
+
+ case SQLITE_CONFIG_PCACHE: {
+ /* no-op */
+ break;
+ }
+ case SQLITE_CONFIG_GETPCACHE: {
+ /* now an error */
+ rc = SQLITE_ERROR;
+ break;
+ }
+
+ case SQLITE_CONFIG_PCACHE2: {
+ /* EVIDENCE-OF: R-63325-48378 The SQLITE_CONFIG_PCACHE2 option takes a
+ ** single argument which is a pointer to an sqlite3_pcache_methods2
+ ** object. This object specifies the interface to a custom page cache
+ ** implementation. */
+ sqlite3GlobalConfig.pcache2 = *va_arg(ap, sqlite3_pcache_methods2*);
+ break;
+ }
+ case SQLITE_CONFIG_GETPCACHE2: {
+ /* EVIDENCE-OF: R-22035-46182 The SQLITE_CONFIG_GETPCACHE2 option takes a
+ ** single argument which is a pointer to an sqlite3_pcache_methods2
+ ** object. SQLite copies of the current page cache implementation into
+ ** that object. */
+ if( sqlite3GlobalConfig.pcache2.xInit==0 ){
+ sqlite3PCacheSetDefault();
+ }
+ *va_arg(ap, sqlite3_pcache_methods2*) = sqlite3GlobalConfig.pcache2;
+ break;
+ }
+
+/* EVIDENCE-OF: R-06626-12911 The SQLITE_CONFIG_HEAP option is only
+** available if SQLite is compiled with either SQLITE_ENABLE_MEMSYS3 or
+** SQLITE_ENABLE_MEMSYS5 and returns SQLITE_ERROR if invoked otherwise. */
+#if defined(SQLITE_ENABLE_MEMSYS3) || defined(SQLITE_ENABLE_MEMSYS5)
+ case SQLITE_CONFIG_HEAP: {
+ /* EVIDENCE-OF: R-19854-42126 There are three arguments to
+ ** SQLITE_CONFIG_HEAP: An 8-byte aligned pointer to the memory, the
+ ** number of bytes in the memory buffer, and the minimum allocation size.
+ */
+ sqlite3GlobalConfig.pHeap = va_arg(ap, void*);
+ sqlite3GlobalConfig.nHeap = va_arg(ap, int);
+ sqlite3GlobalConfig.mnReq = va_arg(ap, int);
+
+ if( sqlite3GlobalConfig.mnReq<1 ){
+ sqlite3GlobalConfig.mnReq = 1;
+ }else if( sqlite3GlobalConfig.mnReq>(1<<12) ){
+ /* cap min request size at 2^12 */
+ sqlite3GlobalConfig.mnReq = (1<<12);
+ }
+
+ if( sqlite3GlobalConfig.pHeap==0 ){
+ /* EVIDENCE-OF: R-49920-60189 If the first pointer (the memory pointer)
+ ** is NULL, then SQLite reverts to using its default memory allocator
+ ** (the system malloc() implementation), undoing any prior invocation of
+ ** SQLITE_CONFIG_MALLOC.
+ **
+ ** Setting sqlite3GlobalConfig.m to all zeros will cause malloc to
+ ** revert to its default implementation when sqlite3_initialize() is run
+ */
+ memset(&sqlite3GlobalConfig.m, 0, sizeof(sqlite3GlobalConfig.m));
+ }else{
+ /* EVIDENCE-OF: R-61006-08918 If the memory pointer is not NULL then the
+ ** alternative memory allocator is engaged to handle all of SQLites
+ ** memory allocation needs. */
+#ifdef SQLITE_ENABLE_MEMSYS3
+ sqlite3GlobalConfig.m = *sqlite3MemGetMemsys3();
+#endif
+#ifdef SQLITE_ENABLE_MEMSYS5
+ sqlite3GlobalConfig.m = *sqlite3MemGetMemsys5();
+#endif
+ }
+ break;
+ }
+#endif
+
+ case SQLITE_CONFIG_LOOKASIDE: {
+ sqlite3GlobalConfig.szLookaside = va_arg(ap, int);
+ sqlite3GlobalConfig.nLookaside = va_arg(ap, int);
+ break;
+ }
+
+ /* Record a pointer to the logger function and its first argument.
+ ** The default is NULL. Logging is disabled if the function pointer is
+ ** NULL.
+ */
+ case SQLITE_CONFIG_LOG: {
+ /* MSVC is picky about pulling func ptrs from va lists.
+ ** http://support.microsoft.com/kb/47961
+ ** sqlite3GlobalConfig.xLog = va_arg(ap, void(*)(void*,int,const char*));
+ */
+ typedef void(*LOGFUNC_t)(void*,int,const char*);
+ sqlite3GlobalConfig.xLog = va_arg(ap, LOGFUNC_t);
+ sqlite3GlobalConfig.pLogArg = va_arg(ap, void*);
+ break;
+ }
+
+ /* EVIDENCE-OF: R-55548-33817 The compile-time setting for URI filenames
+ ** can be changed at start-time using the
+ ** sqlite3_config(SQLITE_CONFIG_URI,1) or
+ ** sqlite3_config(SQLITE_CONFIG_URI,0) configuration calls.
+ */
+ case SQLITE_CONFIG_URI: {
+ /* EVIDENCE-OF: R-25451-61125 The SQLITE_CONFIG_URI option takes a single
+ ** argument of type int. If non-zero, then URI handling is globally
+ ** enabled. If the parameter is zero, then URI handling is globally
+ ** disabled. */
+ sqlite3GlobalConfig.bOpenUri = va_arg(ap, int);
+ break;
+ }
+
+ case SQLITE_CONFIG_COVERING_INDEX_SCAN: {
+ /* EVIDENCE-OF: R-36592-02772 The SQLITE_CONFIG_COVERING_INDEX_SCAN
+ ** option takes a single integer argument which is interpreted as a
+ ** boolean in order to enable or disable the use of covering indices for
+ ** full table scans in the query optimizer. */
+ sqlite3GlobalConfig.bUseCis = va_arg(ap, int);
+ break;
+ }
+
+#ifdef SQLITE_ENABLE_SQLLOG
+ case SQLITE_CONFIG_SQLLOG: {
+ typedef void(*SQLLOGFUNC_t)(void*, sqlite3*, const char*, int);
+ sqlite3GlobalConfig.xSqllog = va_arg(ap, SQLLOGFUNC_t);
+ sqlite3GlobalConfig.pSqllogArg = va_arg(ap, void *);
+ break;
+ }
+#endif
+
+ case SQLITE_CONFIG_MMAP_SIZE: {
+ /* EVIDENCE-OF: R-58063-38258 SQLITE_CONFIG_MMAP_SIZE takes two 64-bit
+ ** integer (sqlite3_int64) values that are the default mmap size limit
+ ** (the default setting for PRAGMA mmap_size) and the maximum allowed
+ ** mmap size limit. */
+ sqlite3_int64 szMmap = va_arg(ap, sqlite3_int64);
+ sqlite3_int64 mxMmap = va_arg(ap, sqlite3_int64);
+ /* EVIDENCE-OF: R-53367-43190 If either argument to this option is
+ ** negative, then that argument is changed to its compile-time default.
+ **
+ ** EVIDENCE-OF: R-34993-45031 The maximum allowed mmap size will be
+ ** silently truncated if necessary so that it does not exceed the
+ ** compile-time maximum mmap size set by the SQLITE_MAX_MMAP_SIZE
+ ** compile-time option.
+ */
+ if( mxMmap<0 || mxMmap>SQLITE_MAX_MMAP_SIZE ){
+ mxMmap = SQLITE_MAX_MMAP_SIZE;
+ }
+ if( szMmap<0 ) szMmap = SQLITE_DEFAULT_MMAP_SIZE;
+ if( szMmap>mxMmap) szMmap = mxMmap;
+ sqlite3GlobalConfig.mxMmap = mxMmap;
+ sqlite3GlobalConfig.szMmap = szMmap;
+ break;
+ }
+
+#if SQLITE_OS_WIN && defined(SQLITE_WIN32_MALLOC) /* IMP: R-04780-55815 */
+ case SQLITE_CONFIG_WIN32_HEAPSIZE: {
+ /* EVIDENCE-OF: R-34926-03360 SQLITE_CONFIG_WIN32_HEAPSIZE takes a 32-bit
+ ** unsigned integer value that specifies the maximum size of the created
+ ** heap. */
+ sqlite3GlobalConfig.nHeap = va_arg(ap, int);
+ break;
+ }
+#endif
+
+ case SQLITE_CONFIG_PMASZ: {
+ sqlite3GlobalConfig.szPma = va_arg(ap, unsigned int);
+ break;
+ }
+
+ default: {
+ rc = SQLITE_ERROR;
+ break;
+ }
+ }
+ va_end(ap);
+ return rc;
+}
+
+/*
+** Set up the lookaside buffers for a database connection.
+** Return SQLITE_OK on success.
+** If lookaside is already active, return SQLITE_BUSY.
+**
+** The sz parameter is the number of bytes in each lookaside slot.
+** The cnt parameter is the number of slots. If pStart is NULL the
+** space for the lookaside memory is obtained from sqlite3_malloc().
+** If pStart is not NULL then it is sz*cnt bytes of memory to use for
+** the lookaside memory.
+*/
+static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){
+#ifndef SQLITE_OMIT_LOOKASIDE
+ void *pStart;
+ if( db->lookaside.nOut ){
+ return SQLITE_BUSY;
+ }
+ /* Free any existing lookaside buffer for this handle before
+ ** allocating a new one so we don't have to have space for
+ ** both at the same time.
+ */
+ if( db->lookaside.bMalloced ){
+ sqlite3_free(db->lookaside.pStart);
+ }
+ /* The size of a lookaside slot after ROUNDDOWN8 needs to be larger
+ ** than a pointer to be useful.
+ */
+ sz = ROUNDDOWN8(sz); /* IMP: R-33038-09382 */
+ if( sz<=(int)sizeof(LookasideSlot*) ) sz = 0;
+ if( cnt<0 ) cnt = 0;
+ if( sz==0 || cnt==0 ){
+ sz = 0;
+ pStart = 0;
+ }else if( pBuf==0 ){
+ sqlite3BeginBenignMalloc();
+ pStart = sqlite3Malloc( sz*cnt ); /* IMP: R-61949-35727 */
+ sqlite3EndBenignMalloc();
+ if( pStart ) cnt = sqlite3MallocSize(pStart)/sz;
+ }else{
+ pStart = pBuf;
+ }
+ db->lookaside.pStart = pStart;
+ db->lookaside.pFree = 0;
+ db->lookaside.sz = (u16)sz;
+ if( pStart ){
+ int i;
+ LookasideSlot *p;
+ assert( sz > (int)sizeof(LookasideSlot*) );
+ p = (LookasideSlot*)pStart;
+ for(i=cnt-1; i>=0; i--){
+ p->pNext = db->lookaside.pFree;
+ db->lookaside.pFree = p;
+ p = (LookasideSlot*)&((u8*)p)[sz];
+ }
+ db->lookaside.pEnd = p;
+ db->lookaside.bEnabled = 1;
+ db->lookaside.bMalloced = pBuf==0 ?1:0;
+ }else{
+ db->lookaside.pStart = db;
+ db->lookaside.pEnd = db;
+ db->lookaside.bEnabled = 0;
+ db->lookaside.bMalloced = 0;
+ }
+#endif /* SQLITE_OMIT_LOOKASIDE */
+ return SQLITE_OK;
+}
+
+/*
+** Return the mutex associated with a database connection.
+*/
+SQLITE_API sqlite3_mutex *SQLITE_STDCALL sqlite3_db_mutex(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return db->mutex;
+}
+
+/*
+** Free up as much memory as we can from the given database
+** connection.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_release_memory(sqlite3 *db){
+ int i;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ sqlite3BtreeEnterAll(db);
+ for(i=0; i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt ){
+ Pager *pPager = sqlite3BtreePager(pBt);
+ sqlite3PagerShrink(pPager);
+ }
+ }
+ sqlite3BtreeLeaveAll(db);
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+
+/*
+** Flush any dirty pages in the pager-cache for any attached database
+** to disk.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_cacheflush(sqlite3 *db){
+ int i;
+ int rc = SQLITE_OK;
+ int bSeenBusy = 0;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ sqlite3BtreeEnterAll(db);
+ for(i=0; rc==SQLITE_OK && i<db->nDb; i++){
+ Btree *pBt = db->aDb[i].pBt;
+ if( pBt && sqlite3BtreeIsInTrans(pBt) ){
+ Pager *pPager = sqlite3BtreePager(pBt);
+ rc = sqlite3PagerFlush(pPager);
+ if( rc==SQLITE_BUSY ){
+ bSeenBusy = 1;
+ rc = SQLITE_OK;
+ }
+ }
+ }
+ sqlite3BtreeLeaveAll(db);
+ sqlite3_mutex_leave(db->mutex);
+ return ((rc==SQLITE_OK && bSeenBusy) ? SQLITE_BUSY : rc);
+}
+
+/*
+** Configuration settings for an individual database connection
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_db_config(sqlite3 *db, int op, ...){
+ va_list ap;
+ int rc;
+ va_start(ap, op);
+ switch( op ){
+ case SQLITE_DBCONFIG_LOOKASIDE: {
+ void *pBuf = va_arg(ap, void*); /* IMP: R-26835-10964 */
+ int sz = va_arg(ap, int); /* IMP: R-47871-25994 */
+ int cnt = va_arg(ap, int); /* IMP: R-04460-53386 */
+ rc = setupLookaside(db, pBuf, sz, cnt);
+ break;
+ }
+ default: {
+ static const struct {
+ int op; /* The opcode */
+ u32 mask; /* Mask of the bit in sqlite3.flags to set/clear */
+ } aFlagOp[] = {
+ { SQLITE_DBCONFIG_ENABLE_FKEY, SQLITE_ForeignKeys },
+ { SQLITE_DBCONFIG_ENABLE_TRIGGER, SQLITE_EnableTrigger },
+ };
+ unsigned int i;
+ rc = SQLITE_ERROR; /* IMP: R-42790-23372 */
+ for(i=0; i<ArraySize(aFlagOp); i++){
+ if( aFlagOp[i].op==op ){
+ int onoff = va_arg(ap, int);
+ int *pRes = va_arg(ap, int*);
+ int oldFlags = db->flags;
+ if( onoff>0 ){
+ db->flags |= aFlagOp[i].mask;
+ }else if( onoff==0 ){
+ db->flags &= ~aFlagOp[i].mask;
+ }
+ if( oldFlags!=db->flags ){
+ sqlite3ExpirePreparedStatements(db);
+ }
+ if( pRes ){
+ *pRes = (db->flags & aFlagOp[i].mask)!=0;
+ }
+ rc = SQLITE_OK;
+ break;
+ }
+ }
+ break;
+ }
+ }
+ va_end(ap);
+ return rc;
+}
+
+
+/*
+** Return true if the buffer z[0..n-1] contains all spaces.
+*/
+static int allSpaces(const char *z, int n){
+ while( n>0 && z[n-1]==' ' ){ n--; }
+ return n==0;
+}
+
+/*
+** This is the default collating function named "BINARY" which is always
+** available.
+**
+** If the padFlag argument is not NULL then space padding at the end
+** of strings is ignored. This implements the RTRIM collation.
+*/
+static int binCollFunc(
+ void *padFlag,
+ int nKey1, const void *pKey1,
+ int nKey2, const void *pKey2
+){
+ int rc, n;
+ n = nKey1<nKey2 ? nKey1 : nKey2;
+ /* EVIDENCE-OF: R-65033-28449 The built-in BINARY collation compares
+ ** strings byte by byte using the memcmp() function from the standard C
+ ** library. */
+ rc = memcmp(pKey1, pKey2, n);
+ if( rc==0 ){
+ if( padFlag
+ && allSpaces(((char*)pKey1)+n, nKey1-n)
+ && allSpaces(((char*)pKey2)+n, nKey2-n)
+ ){
+ /* EVIDENCE-OF: R-31624-24737 RTRIM is like BINARY except that extra
+ ** spaces at the end of either string do not change the result. In other
+ ** words, strings will compare equal to one another as long as they
+ ** differ only in the number of spaces at the end.
+ */
+ }else{
+ rc = nKey1 - nKey2;
+ }
+ }
+ return rc;
+}
+
+/*
+** Another built-in collating sequence: NOCASE.
+**
+** This collating sequence is intended to be used for "case independent
+** comparison". SQLite's knowledge of upper and lower case equivalents
+** extends only to the 26 characters used in the English language.
+**
+** At the moment there is only a UTF-8 implementation.
+*/
+static int nocaseCollatingFunc(
+ void *NotUsed,
+ int nKey1, const void *pKey1,
+ int nKey2, const void *pKey2
+){
+ int r = sqlite3StrNICmp(
+ (const char *)pKey1, (const char *)pKey2, (nKey1<nKey2)?nKey1:nKey2);
+ UNUSED_PARAMETER(NotUsed);
+ if( 0==r ){
+ r = nKey1-nKey2;
+ }
+ return r;
+}
+
+/*
+** Return the ROWID of the most recent insert
+*/
+SQLITE_API sqlite_int64 SQLITE_STDCALL sqlite3_last_insert_rowid(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return db->lastRowid;
+}
+
+/*
+** Return the number of changes in the most recent call to sqlite3_exec().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_changes(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return db->nChange;
+}
+
+/*
+** Return the number of changes since the database handle was opened.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_total_changes(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return db->nTotalChange;
+}
+
+/*
+** Close all open savepoints. This function only manipulates fields of the
+** database handle object, it does not close any savepoints that may be open
+** at the b-tree/pager level.
+*/
+SQLITE_PRIVATE void sqlite3CloseSavepoints(sqlite3 *db){
+ while( db->pSavepoint ){
+ Savepoint *pTmp = db->pSavepoint;
+ db->pSavepoint = pTmp->pNext;
+ sqlite3DbFree(db, pTmp);
+ }
+ db->nSavepoint = 0;
+ db->nStatement = 0;
+ db->isTransactionSavepoint = 0;
+}
+
+/*
+** Invoke the destructor function associated with FuncDef p, if any. Except,
+** if this is not the last copy of the function, do not invoke it. Multiple
+** copies of a single function are created when create_function() is called
+** with SQLITE_ANY as the encoding.
+*/
+static void functionDestroy(sqlite3 *db, FuncDef *p){
+ FuncDestructor *pDestructor = p->pDestructor;
+ if( pDestructor ){
+ pDestructor->nRef--;
+ if( pDestructor->nRef==0 ){
+ pDestructor->xDestroy(pDestructor->pUserData);
+ sqlite3DbFree(db, pDestructor);
+ }
+ }
+}
+
+/*
+** Disconnect all sqlite3_vtab objects that belong to database connection
+** db. This is called when db is being closed.
+*/
+static void disconnectAllVtab(sqlite3 *db){
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ int i;
+ HashElem *p;
+ sqlite3BtreeEnterAll(db);
+ for(i=0; i<db->nDb; i++){
+ Schema *pSchema = db->aDb[i].pSchema;
+ if( db->aDb[i].pSchema ){
+ for(p=sqliteHashFirst(&pSchema->tblHash); p; p=sqliteHashNext(p)){
+ Table *pTab = (Table *)sqliteHashData(p);
+ if( IsVirtual(pTab) ) sqlite3VtabDisconnect(db, pTab);
+ }
+ }
+ }
+ for(p=sqliteHashFirst(&db->aModule); p; p=sqliteHashNext(p)){
+ Module *pMod = (Module *)sqliteHashData(p);
+ if( pMod->pEpoTab ){
+ sqlite3VtabDisconnect(db, pMod->pEpoTab);
+ }
+ }
+ sqlite3VtabUnlockList(db);
+ sqlite3BtreeLeaveAll(db);
+#else
+ UNUSED_PARAMETER(db);
+#endif
+}
+
+/*
+** Return TRUE if database connection db has unfinalized prepared
+** statements or unfinished sqlite3_backup objects.
+*/
+static int connectionIsBusy(sqlite3 *db){
+ int j;
+ assert( sqlite3_mutex_held(db->mutex) );
+ if( db->pVdbe ) return 1;
+ for(j=0; j<db->nDb; j++){
+ Btree *pBt = db->aDb[j].pBt;
+ if( pBt && sqlite3BtreeIsInBackup(pBt) ) return 1;
+ }
+ return 0;
+}
+
+/*
+** Close an existing SQLite database
+*/
+static int sqlite3Close(sqlite3 *db, int forceZombie){
+ if( !db ){
+ /* EVIDENCE-OF: R-63257-11740 Calling sqlite3_close() or
+ ** sqlite3_close_v2() with a NULL pointer argument is a harmless no-op. */
+ return SQLITE_OK;
+ }
+ if( !sqlite3SafetyCheckSickOrOk(db) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ sqlite3_mutex_enter(db->mutex);
+
+ /* Force xDisconnect calls on all virtual tables */
+ disconnectAllVtab(db);
+
+ /* If a transaction is open, the disconnectAllVtab() call above
+ ** will not have called the xDisconnect() method on any virtual
+ ** tables in the db->aVTrans[] array. The following sqlite3VtabRollback()
+ ** call will do so. We need to do this before the check for active
+ ** SQL statements below, as the v-table implementation may be storing
+ ** some prepared statements internally.
+ */
+ sqlite3VtabRollback(db);
+
+ /* Legacy behavior (sqlite3_close() behavior) is to return
+ ** SQLITE_BUSY if the connection can not be closed immediately.
+ */
+ if( !forceZombie && connectionIsBusy(db) ){
+ sqlite3ErrorWithMsg(db, SQLITE_BUSY, "unable to close due to unfinalized "
+ "statements or unfinished backups");
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_BUSY;
+ }
+
+#ifdef SQLITE_ENABLE_SQLLOG
+ if( sqlite3GlobalConfig.xSqllog ){
+ /* Closing the handle. Fourth parameter is passed the value 2. */
+ sqlite3GlobalConfig.xSqllog(sqlite3GlobalConfig.pSqllogArg, db, 0, 2);
+ }
+#endif
+
+ /* Convert the connection into a zombie and then close it.
+ */
+ db->magic = SQLITE_MAGIC_ZOMBIE;
+ sqlite3LeaveMutexAndCloseZombie(db);
+ return SQLITE_OK;
+}
+
+/*
+** Two variations on the public interface for closing a database
+** connection. The sqlite3_close() version returns SQLITE_BUSY and
+** leaves the connection option if there are unfinalized prepared
+** statements or unfinished sqlite3_backups. The sqlite3_close_v2()
+** version forces the connection to become a zombie if there are
+** unclosed resources, and arranges for deallocation when the last
+** prepare statement or sqlite3_backup closes.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_close(sqlite3 *db){ return sqlite3Close(db,0); }
+SQLITE_API int SQLITE_STDCALL sqlite3_close_v2(sqlite3 *db){ return sqlite3Close(db,1); }
+
+
+/*
+** Close the mutex on database connection db.
+**
+** Furthermore, if database connection db is a zombie (meaning that there
+** has been a prior call to sqlite3_close(db) or sqlite3_close_v2(db)) and
+** every sqlite3_stmt has now been finalized and every sqlite3_backup has
+** finished, then free all resources.
+*/
+SQLITE_PRIVATE void sqlite3LeaveMutexAndCloseZombie(sqlite3 *db){
+ HashElem *i; /* Hash table iterator */
+ int j;
+
+ /* If there are outstanding sqlite3_stmt or sqlite3_backup objects
+ ** or if the connection has not yet been closed by sqlite3_close_v2(),
+ ** then just leave the mutex and return.
+ */
+ if( db->magic!=SQLITE_MAGIC_ZOMBIE || connectionIsBusy(db) ){
+ sqlite3_mutex_leave(db->mutex);
+ return;
+ }
+
+ /* If we reach this point, it means that the database connection has
+ ** closed all sqlite3_stmt and sqlite3_backup objects and has been
+ ** passed to sqlite3_close (meaning that it is a zombie). Therefore,
+ ** go ahead and free all resources.
+ */
+
+ /* If a transaction is open, roll it back. This also ensures that if
+ ** any database schemas have been modified by an uncommitted transaction
+ ** they are reset. And that the required b-tree mutex is held to make
+ ** the pager rollback and schema reset an atomic operation. */
+ sqlite3RollbackAll(db, SQLITE_OK);
+
+ /* Free any outstanding Savepoint structures. */
+ sqlite3CloseSavepoints(db);
+
+ /* Close all database connections */
+ for(j=0; j<db->nDb; j++){
+ struct Db *pDb = &db->aDb[j];
+ if( pDb->pBt ){
+ sqlite3BtreeClose(pDb->pBt);
+ pDb->pBt = 0;
+ if( j!=1 ){
+ pDb->pSchema = 0;
+ }
+ }
+ }
+ /* Clear the TEMP schema separately and last */
+ if( db->aDb[1].pSchema ){
+ sqlite3SchemaClear(db->aDb[1].pSchema);
+ }
+ sqlite3VtabUnlockList(db);
+
+ /* Free up the array of auxiliary databases */
+ sqlite3CollapseDatabaseArray(db);
+ assert( db->nDb<=2 );
+ assert( db->aDb==db->aDbStatic );
+
+ /* Tell the code in notify.c that the connection no longer holds any
+ ** locks and does not require any further unlock-notify callbacks.
+ */
+ sqlite3ConnectionClosed(db);
+
+ for(j=0; j<ArraySize(db->aFunc.a); j++){
+ FuncDef *pNext, *pHash, *p;
+ for(p=db->aFunc.a[j]; p; p=pHash){
+ pHash = p->pHash;
+ while( p ){
+ functionDestroy(db, p);
+ pNext = p->pNext;
+ sqlite3DbFree(db, p);
+ p = pNext;
+ }
+ }
+ }
+ for(i=sqliteHashFirst(&db->aCollSeq); i; i=sqliteHashNext(i)){
+ CollSeq *pColl = (CollSeq *)sqliteHashData(i);
+ /* Invoke any destructors registered for collation sequence user data. */
+ for(j=0; j<3; j++){
+ if( pColl[j].xDel ){
+ pColl[j].xDel(pColl[j].pUser);
+ }
+ }
+ sqlite3DbFree(db, pColl);
+ }
+ sqlite3HashClear(&db->aCollSeq);
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ for(i=sqliteHashFirst(&db->aModule); i; i=sqliteHashNext(i)){
+ Module *pMod = (Module *)sqliteHashData(i);
+ if( pMod->xDestroy ){
+ pMod->xDestroy(pMod->pAux);
+ }
+ sqlite3VtabEponymousTableClear(db, pMod);
+ sqlite3DbFree(db, pMod);
+ }
+ sqlite3HashClear(&db->aModule);
+#endif
+
+ sqlite3Error(db, SQLITE_OK); /* Deallocates any cached error strings. */
+ sqlite3ValueFree(db->pErr);
+ sqlite3CloseExtensions(db);
+#if SQLITE_USER_AUTHENTICATION
+ sqlite3_free(db->auth.zAuthUser);
+ sqlite3_free(db->auth.zAuthPW);
+#endif
+
+ db->magic = SQLITE_MAGIC_ERROR;
+
+ /* The temp-database schema is allocated differently from the other schema
+ ** objects (using sqliteMalloc() directly, instead of sqlite3BtreeSchema()).
+ ** So it needs to be freed here. Todo: Why not roll the temp schema into
+ ** the same sqliteMalloc() as the one that allocates the database
+ ** structure?
+ */
+ sqlite3DbFree(db, db->aDb[1].pSchema);
+ sqlite3_mutex_leave(db->mutex);
+ db->magic = SQLITE_MAGIC_CLOSED;
+ sqlite3_mutex_free(db->mutex);
+ assert( db->lookaside.nOut==0 ); /* Fails on a lookaside memory leak */
+ if( db->lookaside.bMalloced ){
+ sqlite3_free(db->lookaside.pStart);
+ }
+ sqlite3_free(db);
+}
+
+/*
+** Rollback all database files. If tripCode is not SQLITE_OK, then
+** any write cursors are invalidated ("tripped" - as in "tripping a circuit
+** breaker") and made to return tripCode if there are any further
+** attempts to use that cursor. Read cursors remain open and valid
+** but are "saved" in case the table pages are moved around.
+*/
+SQLITE_PRIVATE void sqlite3RollbackAll(sqlite3 *db, int tripCode){
+ int i;
+ int inTrans = 0;
+ int schemaChange;
+ assert( sqlite3_mutex_held(db->mutex) );
+ sqlite3BeginBenignMalloc();
+
+ /* Obtain all b-tree mutexes before making any calls to BtreeRollback().
+ ** This is important in case the transaction being rolled back has
+ ** modified the database schema. If the b-tree mutexes are not taken
+ ** here, then another shared-cache connection might sneak in between
+ ** the database rollback and schema reset, which can cause false
+ ** corruption reports in some cases. */
+ sqlite3BtreeEnterAll(db);
+ schemaChange = (db->flags & SQLITE_InternChanges)!=0 && db->init.busy==0;
+
+ for(i=0; i<db->nDb; i++){
+ Btree *p = db->aDb[i].pBt;
+ if( p ){
+ if( sqlite3BtreeIsInTrans(p) ){
+ inTrans = 1;
+ }
+ sqlite3BtreeRollback(p, tripCode, !schemaChange);
+ }
+ }
+ sqlite3VtabRollback(db);
+ sqlite3EndBenignMalloc();
+
+ if( (db->flags&SQLITE_InternChanges)!=0 && db->init.busy==0 ){
+ sqlite3ExpirePreparedStatements(db);
+ sqlite3ResetAllSchemasOfConnection(db);
+ }
+ sqlite3BtreeLeaveAll(db);
+
+ /* Any deferred constraint violations have now been resolved. */
+ db->nDeferredCons = 0;
+ db->nDeferredImmCons = 0;
+ db->flags &= ~SQLITE_DeferFKs;
+
+ /* If one has been configured, invoke the rollback-hook callback */
+ if( db->xRollbackCallback && (inTrans || !db->autoCommit) ){
+ db->xRollbackCallback(db->pRollbackArg);
+ }
+}
+
+/*
+** Return a static string containing the name corresponding to the error code
+** specified in the argument.
+*/
+#if defined(SQLITE_NEED_ERR_NAME)
+SQLITE_PRIVATE const char *sqlite3ErrName(int rc){
+ const char *zName = 0;
+ int i, origRc = rc;
+ for(i=0; i<2 && zName==0; i++, rc &= 0xff){
+ switch( rc ){
+ case SQLITE_OK: zName = "SQLITE_OK"; break;
+ case SQLITE_ERROR: zName = "SQLITE_ERROR"; break;
+ case SQLITE_INTERNAL: zName = "SQLITE_INTERNAL"; break;
+ case SQLITE_PERM: zName = "SQLITE_PERM"; break;
+ case SQLITE_ABORT: zName = "SQLITE_ABORT"; break;
+ case SQLITE_ABORT_ROLLBACK: zName = "SQLITE_ABORT_ROLLBACK"; break;
+ case SQLITE_BUSY: zName = "SQLITE_BUSY"; break;
+ case SQLITE_BUSY_RECOVERY: zName = "SQLITE_BUSY_RECOVERY"; break;
+ case SQLITE_BUSY_SNAPSHOT: zName = "SQLITE_BUSY_SNAPSHOT"; break;
+ case SQLITE_LOCKED: zName = "SQLITE_LOCKED"; break;
+ case SQLITE_LOCKED_SHAREDCACHE: zName = "SQLITE_LOCKED_SHAREDCACHE";break;
+ case SQLITE_NOMEM: zName = "SQLITE_NOMEM"; break;
+ case SQLITE_READONLY: zName = "SQLITE_READONLY"; break;
+ case SQLITE_READONLY_RECOVERY: zName = "SQLITE_READONLY_RECOVERY"; break;
+ case SQLITE_READONLY_CANTLOCK: zName = "SQLITE_READONLY_CANTLOCK"; break;
+ case SQLITE_READONLY_ROLLBACK: zName = "SQLITE_READONLY_ROLLBACK"; break;
+ case SQLITE_READONLY_DBMOVED: zName = "SQLITE_READONLY_DBMOVED"; break;
+ case SQLITE_INTERRUPT: zName = "SQLITE_INTERRUPT"; break;
+ case SQLITE_IOERR: zName = "SQLITE_IOERR"; break;
+ case SQLITE_IOERR_READ: zName = "SQLITE_IOERR_READ"; break;
+ case SQLITE_IOERR_SHORT_READ: zName = "SQLITE_IOERR_SHORT_READ"; break;
+ case SQLITE_IOERR_WRITE: zName = "SQLITE_IOERR_WRITE"; break;
+ case SQLITE_IOERR_FSYNC: zName = "SQLITE_IOERR_FSYNC"; break;
+ case SQLITE_IOERR_DIR_FSYNC: zName = "SQLITE_IOERR_DIR_FSYNC"; break;
+ case SQLITE_IOERR_TRUNCATE: zName = "SQLITE_IOERR_TRUNCATE"; break;
+ case SQLITE_IOERR_FSTAT: zName = "SQLITE_IOERR_FSTAT"; break;
+ case SQLITE_IOERR_UNLOCK: zName = "SQLITE_IOERR_UNLOCK"; break;
+ case SQLITE_IOERR_RDLOCK: zName = "SQLITE_IOERR_RDLOCK"; break;
+ case SQLITE_IOERR_DELETE: zName = "SQLITE_IOERR_DELETE"; break;
+ case SQLITE_IOERR_NOMEM: zName = "SQLITE_IOERR_NOMEM"; break;
+ case SQLITE_IOERR_ACCESS: zName = "SQLITE_IOERR_ACCESS"; break;
+ case SQLITE_IOERR_CHECKRESERVEDLOCK:
+ zName = "SQLITE_IOERR_CHECKRESERVEDLOCK"; break;
+ case SQLITE_IOERR_LOCK: zName = "SQLITE_IOERR_LOCK"; break;
+ case SQLITE_IOERR_CLOSE: zName = "SQLITE_IOERR_CLOSE"; break;
+ case SQLITE_IOERR_DIR_CLOSE: zName = "SQLITE_IOERR_DIR_CLOSE"; break;
+ case SQLITE_IOERR_SHMOPEN: zName = "SQLITE_IOERR_SHMOPEN"; break;
+ case SQLITE_IOERR_SHMSIZE: zName = "SQLITE_IOERR_SHMSIZE"; break;
+ case SQLITE_IOERR_SHMLOCK: zName = "SQLITE_IOERR_SHMLOCK"; break;
+ case SQLITE_IOERR_SHMMAP: zName = "SQLITE_IOERR_SHMMAP"; break;
+ case SQLITE_IOERR_SEEK: zName = "SQLITE_IOERR_SEEK"; break;
+ case SQLITE_IOERR_DELETE_NOENT: zName = "SQLITE_IOERR_DELETE_NOENT";break;
+ case SQLITE_IOERR_MMAP: zName = "SQLITE_IOERR_MMAP"; break;
+ case SQLITE_IOERR_GETTEMPPATH: zName = "SQLITE_IOERR_GETTEMPPATH"; break;
+ case SQLITE_IOERR_CONVPATH: zName = "SQLITE_IOERR_CONVPATH"; break;
+ case SQLITE_CORRUPT: zName = "SQLITE_CORRUPT"; break;
+ case SQLITE_CORRUPT_VTAB: zName = "SQLITE_CORRUPT_VTAB"; break;
+ case SQLITE_NOTFOUND: zName = "SQLITE_NOTFOUND"; break;
+ case SQLITE_FULL: zName = "SQLITE_FULL"; break;
+ case SQLITE_CANTOPEN: zName = "SQLITE_CANTOPEN"; break;
+ case SQLITE_CANTOPEN_NOTEMPDIR: zName = "SQLITE_CANTOPEN_NOTEMPDIR";break;
+ case SQLITE_CANTOPEN_ISDIR: zName = "SQLITE_CANTOPEN_ISDIR"; break;
+ case SQLITE_CANTOPEN_FULLPATH: zName = "SQLITE_CANTOPEN_FULLPATH"; break;
+ case SQLITE_CANTOPEN_CONVPATH: zName = "SQLITE_CANTOPEN_CONVPATH"; break;
+ case SQLITE_PROTOCOL: zName = "SQLITE_PROTOCOL"; break;
+ case SQLITE_EMPTY: zName = "SQLITE_EMPTY"; break;
+ case SQLITE_SCHEMA: zName = "SQLITE_SCHEMA"; break;
+ case SQLITE_TOOBIG: zName = "SQLITE_TOOBIG"; break;
+ case SQLITE_CONSTRAINT: zName = "SQLITE_CONSTRAINT"; break;
+ case SQLITE_CONSTRAINT_UNIQUE: zName = "SQLITE_CONSTRAINT_UNIQUE"; break;
+ case SQLITE_CONSTRAINT_TRIGGER: zName = "SQLITE_CONSTRAINT_TRIGGER";break;
+ case SQLITE_CONSTRAINT_FOREIGNKEY:
+ zName = "SQLITE_CONSTRAINT_FOREIGNKEY"; break;
+ case SQLITE_CONSTRAINT_CHECK: zName = "SQLITE_CONSTRAINT_CHECK"; break;
+ case SQLITE_CONSTRAINT_PRIMARYKEY:
+ zName = "SQLITE_CONSTRAINT_PRIMARYKEY"; break;
+ case SQLITE_CONSTRAINT_NOTNULL: zName = "SQLITE_CONSTRAINT_NOTNULL";break;
+ case SQLITE_CONSTRAINT_COMMITHOOK:
+ zName = "SQLITE_CONSTRAINT_COMMITHOOK"; break;
+ case SQLITE_CONSTRAINT_VTAB: zName = "SQLITE_CONSTRAINT_VTAB"; break;
+ case SQLITE_CONSTRAINT_FUNCTION:
+ zName = "SQLITE_CONSTRAINT_FUNCTION"; break;
+ case SQLITE_CONSTRAINT_ROWID: zName = "SQLITE_CONSTRAINT_ROWID"; break;
+ case SQLITE_MISMATCH: zName = "SQLITE_MISMATCH"; break;
+ case SQLITE_MISUSE: zName = "SQLITE_MISUSE"; break;
+ case SQLITE_NOLFS: zName = "SQLITE_NOLFS"; break;
+ case SQLITE_AUTH: zName = "SQLITE_AUTH"; break;
+ case SQLITE_FORMAT: zName = "SQLITE_FORMAT"; break;
+ case SQLITE_RANGE: zName = "SQLITE_RANGE"; break;
+ case SQLITE_NOTADB: zName = "SQLITE_NOTADB"; break;
+ case SQLITE_ROW: zName = "SQLITE_ROW"; break;
+ case SQLITE_NOTICE: zName = "SQLITE_NOTICE"; break;
+ case SQLITE_NOTICE_RECOVER_WAL: zName = "SQLITE_NOTICE_RECOVER_WAL";break;
+ case SQLITE_NOTICE_RECOVER_ROLLBACK:
+ zName = "SQLITE_NOTICE_RECOVER_ROLLBACK"; break;
+ case SQLITE_WARNING: zName = "SQLITE_WARNING"; break;
+ case SQLITE_WARNING_AUTOINDEX: zName = "SQLITE_WARNING_AUTOINDEX"; break;
+ case SQLITE_DONE: zName = "SQLITE_DONE"; break;
+ }
+ }
+ if( zName==0 ){
+ static char zBuf[50];
+ sqlite3_snprintf(sizeof(zBuf), zBuf, "SQLITE_UNKNOWN(%d)", origRc);
+ zName = zBuf;
+ }
+ return zName;
+}
+#endif
+
+/*
+** Return a static string that describes the kind of error specified in the
+** argument.
+*/
+SQLITE_PRIVATE const char *sqlite3ErrStr(int rc){
+ static const char* const aMsg[] = {
+ /* SQLITE_OK */ "not an error",
+ /* SQLITE_ERROR */ "SQL logic error or missing database",
+ /* SQLITE_INTERNAL */ 0,
+ /* SQLITE_PERM */ "access permission denied",
+ /* SQLITE_ABORT */ "callback requested query abort",
+ /* SQLITE_BUSY */ "database is locked",
+ /* SQLITE_LOCKED */ "database table is locked",
+ /* SQLITE_NOMEM */ "out of memory",
+ /* SQLITE_READONLY */ "attempt to write a readonly database",
+ /* SQLITE_INTERRUPT */ "interrupted",
+ /* SQLITE_IOERR */ "disk I/O error",
+ /* SQLITE_CORRUPT */ "database disk image is malformed",
+ /* SQLITE_NOTFOUND */ "unknown operation",
+ /* SQLITE_FULL */ "database or disk is full",
+ /* SQLITE_CANTOPEN */ "unable to open database file",
+ /* SQLITE_PROTOCOL */ "locking protocol",
+ /* SQLITE_EMPTY */ "table contains no data",
+ /* SQLITE_SCHEMA */ "database schema has changed",
+ /* SQLITE_TOOBIG */ "string or blob too big",
+ /* SQLITE_CONSTRAINT */ "constraint failed",
+ /* SQLITE_MISMATCH */ "datatype mismatch",
+ /* SQLITE_MISUSE */ "library routine called out of sequence",
+ /* SQLITE_NOLFS */ "large file support is disabled",
+ /* SQLITE_AUTH */ "authorization denied",
+ /* SQLITE_FORMAT */ "auxiliary database format error",
+ /* SQLITE_RANGE */ "bind or column index out of range",
+ /* SQLITE_NOTADB */ "file is encrypted or is not a database",
+ };
+ const char *zErr = "unknown error";
+ switch( rc ){
+ case SQLITE_ABORT_ROLLBACK: {
+ zErr = "abort due to ROLLBACK";
+ break;
+ }
+ default: {
+ rc &= 0xff;
+ if( ALWAYS(rc>=0) && rc<ArraySize(aMsg) && aMsg[rc]!=0 ){
+ zErr = aMsg[rc];
+ }
+ break;
+ }
+ }
+ return zErr;
+}
+
+/*
+** This routine implements a busy callback that sleeps and tries
+** again until a timeout value is reached. The timeout value is
+** an integer number of milliseconds passed in as the first
+** argument.
+*/
+static int sqliteDefaultBusyCallback(
+ void *ptr, /* Database connection */
+ int count /* Number of times table has been busy */
+){
+#if SQLITE_OS_WIN || HAVE_USLEEP
+ static const u8 delays[] =
+ { 1, 2, 5, 10, 15, 20, 25, 25, 25, 50, 50, 100 };
+ static const u8 totals[] =
+ { 0, 1, 3, 8, 18, 33, 53, 78, 103, 128, 178, 228 };
+# define NDELAY ArraySize(delays)
+ sqlite3 *db = (sqlite3 *)ptr;
+ int timeout = db->busyTimeout;
+ int delay, prior;
+
+ assert( count>=0 );
+ if( count < NDELAY ){
+ delay = delays[count];
+ prior = totals[count];
+ }else{
+ delay = delays[NDELAY-1];
+ prior = totals[NDELAY-1] + delay*(count-(NDELAY-1));
+ }
+ if( prior + delay > timeout ){
+ delay = timeout - prior;
+ if( delay<=0 ) return 0;
+ }
+ sqlite3OsSleep(db->pVfs, delay*1000);
+ return 1;
+#else
+ sqlite3 *db = (sqlite3 *)ptr;
+ int timeout = ((sqlite3 *)ptr)->busyTimeout;
+ if( (count+1)*1000 > timeout ){
+ return 0;
+ }
+ sqlite3OsSleep(db->pVfs, 1000000);
+ return 1;
+#endif
+}
+
+/*
+** Invoke the given busy handler.
+**
+** This routine is called when an operation failed with a lock.
+** If this routine returns non-zero, the lock is retried. If it
+** returns 0, the operation aborts with an SQLITE_BUSY error.
+*/
+SQLITE_PRIVATE int sqlite3InvokeBusyHandler(BusyHandler *p){
+ int rc;
+ if( NEVER(p==0) || p->xFunc==0 || p->nBusy<0 ) return 0;
+ rc = p->xFunc(p->pArg, p->nBusy);
+ if( rc==0 ){
+ p->nBusy = -1;
+ }else{
+ p->nBusy++;
+ }
+ return rc;
+}
+
+/*
+** This routine sets the busy callback for an Sqlite database to the
+** given callback function with the given argument.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_busy_handler(
+ sqlite3 *db,
+ int (*xBusy)(void*,int),
+ void *pArg
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ db->busyHandler.xFunc = xBusy;
+ db->busyHandler.pArg = pArg;
+ db->busyHandler.nBusy = 0;
+ db->busyTimeout = 0;
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+/*
+** This routine sets the progress callback for an Sqlite database to the
+** given callback function with the given argument. The progress callback will
+** be invoked every nOps opcodes.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_progress_handler(
+ sqlite3 *db,
+ int nOps,
+ int (*xProgress)(void*),
+ void *pArg
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ if( nOps>0 ){
+ db->xProgress = xProgress;
+ db->nProgressOps = (unsigned)nOps;
+ db->pProgressArg = pArg;
+ }else{
+ db->xProgress = 0;
+ db->nProgressOps = 0;
+ db->pProgressArg = 0;
+ }
+ sqlite3_mutex_leave(db->mutex);
+}
+#endif
+
+
+/*
+** This routine installs a default busy handler that waits for the
+** specified number of milliseconds before returning 0.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_busy_timeout(sqlite3 *db, int ms){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ if( ms>0 ){
+ sqlite3_busy_handler(db, sqliteDefaultBusyCallback, (void*)db);
+ db->busyTimeout = ms;
+ }else{
+ sqlite3_busy_handler(db, 0, 0);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Cause any pending operation to stop at its earliest opportunity.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_interrupt(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return;
+ }
+#endif
+ db->u1.isInterrupted = 1;
+}
+
+
+/*
+** This function is exactly the same as sqlite3_create_function(), except
+** that it is designed to be called by internal code. The difference is
+** that if a malloc() fails in sqlite3_create_function(), an error code
+** is returned and the mallocFailed flag cleared.
+*/
+SQLITE_PRIVATE int sqlite3CreateFunc(
+ sqlite3 *db,
+ const char *zFunctionName,
+ int nArg,
+ int enc,
+ void *pUserData,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value **),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value **),
+ void (*xFinal)(sqlite3_context*),
+ FuncDestructor *pDestructor
+){
+ FuncDef *p;
+ int nName;
+ int extraFlags;
+
+ assert( sqlite3_mutex_held(db->mutex) );
+ if( zFunctionName==0 ||
+ (xFunc && (xFinal || xStep)) ||
+ (!xFunc && (xFinal && !xStep)) ||
+ (!xFunc && (!xFinal && xStep)) ||
+ (nArg<-1 || nArg>SQLITE_MAX_FUNCTION_ARG) ||
+ (255<(nName = sqlite3Strlen30( zFunctionName))) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+
+ assert( SQLITE_FUNC_CONSTANT==SQLITE_DETERMINISTIC );
+ extraFlags = enc & SQLITE_DETERMINISTIC;
+ enc &= (SQLITE_FUNC_ENCMASK|SQLITE_ANY);
+
+#ifndef SQLITE_OMIT_UTF16
+ /* If SQLITE_UTF16 is specified as the encoding type, transform this
+ ** to one of SQLITE_UTF16LE or SQLITE_UTF16BE using the
+ ** SQLITE_UTF16NATIVE macro. SQLITE_UTF16 is not used internally.
+ **
+ ** If SQLITE_ANY is specified, add three versions of the function
+ ** to the hash table.
+ */
+ if( enc==SQLITE_UTF16 ){
+ enc = SQLITE_UTF16NATIVE;
+ }else if( enc==SQLITE_ANY ){
+ int rc;
+ rc = sqlite3CreateFunc(db, zFunctionName, nArg, SQLITE_UTF8|extraFlags,
+ pUserData, xFunc, xStep, xFinal, pDestructor);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3CreateFunc(db, zFunctionName, nArg, SQLITE_UTF16LE|extraFlags,
+ pUserData, xFunc, xStep, xFinal, pDestructor);
+ }
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ enc = SQLITE_UTF16BE;
+ }
+#else
+ enc = SQLITE_UTF8;
+#endif
+
+ /* Check if an existing function is being overridden or deleted. If so,
+ ** and there are active VMs, then return SQLITE_BUSY. If a function
+ ** is being overridden/deleted but there are no active VMs, allow the
+ ** operation to continue but invalidate all precompiled statements.
+ */
+ p = sqlite3FindFunction(db, zFunctionName, nName, nArg, (u8)enc, 0);
+ if( p && (p->funcFlags & SQLITE_FUNC_ENCMASK)==enc && p->nArg==nArg ){
+ if( db->nVdbeActive ){
+ sqlite3ErrorWithMsg(db, SQLITE_BUSY,
+ "unable to delete/modify user-function due to active statements");
+ assert( !db->mallocFailed );
+ return SQLITE_BUSY;
+ }else{
+ sqlite3ExpirePreparedStatements(db);
+ }
+ }
+
+ p = sqlite3FindFunction(db, zFunctionName, nName, nArg, (u8)enc, 1);
+ assert(p || db->mallocFailed);
+ if( !p ){
+ return SQLITE_NOMEM;
+ }
+
+ /* If an older version of the function with a configured destructor is
+ ** being replaced invoke the destructor function here. */
+ functionDestroy(db, p);
+
+ if( pDestructor ){
+ pDestructor->nRef++;
+ }
+ p->pDestructor = pDestructor;
+ p->funcFlags = (p->funcFlags & SQLITE_FUNC_ENCMASK) | extraFlags;
+ testcase( p->funcFlags & SQLITE_DETERMINISTIC );
+ p->xFunc = xFunc;
+ p->xStep = xStep;
+ p->xFinalize = xFinal;
+ p->pUserData = pUserData;
+ p->nArg = (u16)nArg;
+ return SQLITE_OK;
+}
+
+/*
+** Create new user functions.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function(
+ sqlite3 *db,
+ const char *zFunc,
+ int nArg,
+ int enc,
+ void *p,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value **),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value **),
+ void (*xFinal)(sqlite3_context*)
+){
+ return sqlite3_create_function_v2(db, zFunc, nArg, enc, p, xFunc, xStep,
+ xFinal, 0);
+}
+
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function_v2(
+ sqlite3 *db,
+ const char *zFunc,
+ int nArg,
+ int enc,
+ void *p,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value **),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value **),
+ void (*xFinal)(sqlite3_context*),
+ void (*xDestroy)(void *)
+){
+ int rc = SQLITE_ERROR;
+ FuncDestructor *pArg = 0;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ if( xDestroy ){
+ pArg = (FuncDestructor *)sqlite3DbMallocZero(db, sizeof(FuncDestructor));
+ if( !pArg ){
+ xDestroy(p);
+ goto out;
+ }
+ pArg->xDestroy = xDestroy;
+ pArg->pUserData = p;
+ }
+ rc = sqlite3CreateFunc(db, zFunc, nArg, enc, p, xFunc, xStep, xFinal, pArg);
+ if( pArg && pArg->nRef==0 ){
+ assert( rc!=SQLITE_OK );
+ xDestroy(p);
+ sqlite3DbFree(db, pArg);
+ }
+
+ out:
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+#ifndef SQLITE_OMIT_UTF16
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function16(
+ sqlite3 *db,
+ const void *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *p,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*)
+){
+ int rc;
+ char *zFunc8;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zFunctionName==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ assert( !db->mallocFailed );
+ zFunc8 = sqlite3Utf16to8(db, zFunctionName, -1, SQLITE_UTF16NATIVE);
+ rc = sqlite3CreateFunc(db, zFunc8, nArg, eTextRep, p, xFunc, xStep, xFinal,0);
+ sqlite3DbFree(db, zFunc8);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+#endif
+
+
+/*
+** Declare that a function has been overloaded by a virtual table.
+**
+** If the function already exists as a regular global function, then
+** this routine is a no-op. If the function does not exist, then create
+** a new one that always throws a run-time error.
+**
+** When virtual tables intend to provide an overloaded function, they
+** should call this routine to make sure the global function exists.
+** A global function must exist in order for name resolution to work
+** properly.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_overload_function(
+ sqlite3 *db,
+ const char *zName,
+ int nArg
+){
+ int nName = sqlite3Strlen30(zName);
+ int rc = SQLITE_OK;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zName==0 || nArg<-2 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ if( sqlite3FindFunction(db, zName, nName, nArg, SQLITE_UTF8, 0)==0 ){
+ rc = sqlite3CreateFunc(db, zName, nArg, SQLITE_UTF8,
+ 0, sqlite3InvalidFunction, 0, 0, 0);
+ }
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+#ifndef SQLITE_OMIT_TRACE
+/*
+** Register a trace function. The pArg from the previously registered trace
+** is returned.
+**
+** A NULL trace function means that no tracing is executes. A non-NULL
+** trace is a pointer to a function that is invoked at the start of each
+** SQL statement.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_trace(sqlite3 *db, void (*xTrace)(void*,const char*), void *pArg){
+ void *pOld;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pOld = db->pTraceArg;
+ db->xTrace = xTrace;
+ db->pTraceArg = pArg;
+ sqlite3_mutex_leave(db->mutex);
+ return pOld;
+}
+/*
+** Register a profile function. The pArg from the previously registered
+** profile function is returned.
+**
+** A NULL profile function means that no profiling is executes. A non-NULL
+** profile is a pointer to a function that is invoked at the conclusion of
+** each SQL statement that is run.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_profile(
+ sqlite3 *db,
+ void (*xProfile)(void*,const char*,sqlite_uint64),
+ void *pArg
+){
+ void *pOld;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pOld = db->pProfileArg;
+ db->xProfile = xProfile;
+ db->pProfileArg = pArg;
+ sqlite3_mutex_leave(db->mutex);
+ return pOld;
+}
+#endif /* SQLITE_OMIT_TRACE */
+
+/*
+** Register a function to be invoked when a transaction commits.
+** If the invoked function returns non-zero, then the commit becomes a
+** rollback.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_commit_hook(
+ sqlite3 *db, /* Attach the hook to this database */
+ int (*xCallback)(void*), /* Function to invoke on each commit */
+ void *pArg /* Argument to the function */
+){
+ void *pOld;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pOld = db->pCommitArg;
+ db->xCommitCallback = xCallback;
+ db->pCommitArg = pArg;
+ sqlite3_mutex_leave(db->mutex);
+ return pOld;
+}
+
+/*
+** Register a callback to be invoked each time a row is updated,
+** inserted or deleted using this database connection.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_update_hook(
+ sqlite3 *db, /* Attach the hook to this database */
+ void (*xCallback)(void*,int,char const *,char const *,sqlite_int64),
+ void *pArg /* Argument to the function */
+){
+ void *pRet;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pRet = db->pUpdateArg;
+ db->xUpdateCallback = xCallback;
+ db->pUpdateArg = pArg;
+ sqlite3_mutex_leave(db->mutex);
+ return pRet;
+}
+
+/*
+** Register a callback to be invoked each time a transaction is rolled
+** back by this database connection.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_rollback_hook(
+ sqlite3 *db, /* Attach the hook to this database */
+ void (*xCallback)(void*), /* Callback function */
+ void *pArg /* Argument to the function */
+){
+ void *pRet;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pRet = db->pRollbackArg;
+ db->xRollbackCallback = xCallback;
+ db->pRollbackArg = pArg;
+ sqlite3_mutex_leave(db->mutex);
+ return pRet;
+}
+
+#ifndef SQLITE_OMIT_WAL
+/*
+** The sqlite3_wal_hook() callback registered by sqlite3_wal_autocheckpoint().
+** Invoke sqlite3_wal_checkpoint if the number of frames in the log file
+** is greater than sqlite3.pWalArg cast to an integer (the value configured by
+** wal_autocheckpoint()).
+*/
+SQLITE_PRIVATE int sqlite3WalDefaultHook(
+ void *pClientData, /* Argument */
+ sqlite3 *db, /* Connection */
+ const char *zDb, /* Database */
+ int nFrame /* Size of WAL */
+){
+ if( nFrame>=SQLITE_PTR_TO_INT(pClientData) ){
+ sqlite3BeginBenignMalloc();
+ sqlite3_wal_checkpoint(db, zDb);
+ sqlite3EndBenignMalloc();
+ }
+ return SQLITE_OK;
+}
+#endif /* SQLITE_OMIT_WAL */
+
+/*
+** Configure an sqlite3_wal_hook() callback to automatically checkpoint
+** a database after committing a transaction if there are nFrame or
+** more frames in the log file. Passing zero or a negative value as the
+** nFrame parameter disables automatic checkpoints entirely.
+**
+** The callback registered by this function replaces any existing callback
+** registered using sqlite3_wal_hook(). Likewise, registering a callback
+** using sqlite3_wal_hook() disables the automatic checkpoint mechanism
+** configured by this function.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_autocheckpoint(sqlite3 *db, int nFrame){
+#ifdef SQLITE_OMIT_WAL
+ UNUSED_PARAMETER(db);
+ UNUSED_PARAMETER(nFrame);
+#else
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ if( nFrame>0 ){
+ sqlite3_wal_hook(db, sqlite3WalDefaultHook, SQLITE_INT_TO_PTR(nFrame));
+ }else{
+ sqlite3_wal_hook(db, 0, 0);
+ }
+#endif
+ return SQLITE_OK;
+}
+
+/*
+** Register a callback to be invoked each time a transaction is written
+** into the write-ahead-log by this database connection.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_wal_hook(
+ sqlite3 *db, /* Attach the hook to this db handle */
+ int(*xCallback)(void *, sqlite3*, const char*, int),
+ void *pArg /* First argument passed to xCallback() */
+){
+#ifndef SQLITE_OMIT_WAL
+ void *pRet;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pRet = db->pWalArg;
+ db->xWalCallback = xCallback;
+ db->pWalArg = pArg;
+ sqlite3_mutex_leave(db->mutex);
+ return pRet;
+#else
+ return 0;
+#endif
+}
+
+/*
+** Checkpoint database zDb.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_checkpoint_v2(
+ sqlite3 *db, /* Database handle */
+ const char *zDb, /* Name of attached database (or NULL) */
+ int eMode, /* SQLITE_CHECKPOINT_* value */
+ int *pnLog, /* OUT: Size of WAL log in frames */
+ int *pnCkpt /* OUT: Total number of frames checkpointed */
+){
+#ifdef SQLITE_OMIT_WAL
+ return SQLITE_OK;
+#else
+ int rc; /* Return code */
+ int iDb = SQLITE_MAX_ATTACHED; /* sqlite3.aDb[] index of db to checkpoint */
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+
+ /* Initialize the output variables to -1 in case an error occurs. */
+ if( pnLog ) *pnLog = -1;
+ if( pnCkpt ) *pnCkpt = -1;
+
+ assert( SQLITE_CHECKPOINT_PASSIVE==0 );
+ assert( SQLITE_CHECKPOINT_FULL==1 );
+ assert( SQLITE_CHECKPOINT_RESTART==2 );
+ assert( SQLITE_CHECKPOINT_TRUNCATE==3 );
+ if( eMode<SQLITE_CHECKPOINT_PASSIVE || eMode>SQLITE_CHECKPOINT_TRUNCATE ){
+ /* EVIDENCE-OF: R-03996-12088 The M parameter must be a valid checkpoint
+ ** mode: */
+ return SQLITE_MISUSE;
+ }
+
+ sqlite3_mutex_enter(db->mutex);
+ if( zDb && zDb[0] ){
+ iDb = sqlite3FindDbName(db, zDb);
+ }
+ if( iDb<0 ){
+ rc = SQLITE_ERROR;
+ sqlite3ErrorWithMsg(db, SQLITE_ERROR, "unknown database: %s", zDb);
+ }else{
+ db->busyHandler.nBusy = 0;
+ rc = sqlite3Checkpoint(db, iDb, eMode, pnLog, pnCkpt);
+ sqlite3Error(db, rc);
+ }
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+#endif
+}
+
+
+/*
+** Checkpoint database zDb. If zDb is NULL, or if the buffer zDb points
+** to contains a zero-length string, all attached databases are
+** checkpointed.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_checkpoint(sqlite3 *db, const char *zDb){
+ /* EVIDENCE-OF: R-41613-20553 The sqlite3_wal_checkpoint(D,X) is equivalent to
+ ** sqlite3_wal_checkpoint_v2(D,X,SQLITE_CHECKPOINT_PASSIVE,0,0). */
+ return sqlite3_wal_checkpoint_v2(db,zDb,SQLITE_CHECKPOINT_PASSIVE,0,0);
+}
+
+#ifndef SQLITE_OMIT_WAL
+/*
+** Run a checkpoint on database iDb. This is a no-op if database iDb is
+** not currently open in WAL mode.
+**
+** If a transaction is open on the database being checkpointed, this
+** function returns SQLITE_LOCKED and a checkpoint is not attempted. If
+** an error occurs while running the checkpoint, an SQLite error code is
+** returned (i.e. SQLITE_IOERR). Otherwise, SQLITE_OK.
+**
+** The mutex on database handle db should be held by the caller. The mutex
+** associated with the specific b-tree being checkpointed is taken by
+** this function while the checkpoint is running.
+**
+** If iDb is passed SQLITE_MAX_ATTACHED, then all attached databases are
+** checkpointed. If an error is encountered it is returned immediately -
+** no attempt is made to checkpoint any remaining databases.
+**
+** Parameter eMode is one of SQLITE_CHECKPOINT_PASSIVE, FULL or RESTART.
+*/
+SQLITE_PRIVATE int sqlite3Checkpoint(sqlite3 *db, int iDb, int eMode, int *pnLog, int *pnCkpt){
+ int rc = SQLITE_OK; /* Return code */
+ int i; /* Used to iterate through attached dbs */
+ int bBusy = 0; /* True if SQLITE_BUSY has been encountered */
+
+ assert( sqlite3_mutex_held(db->mutex) );
+ assert( !pnLog || *pnLog==-1 );
+ assert( !pnCkpt || *pnCkpt==-1 );
+
+ for(i=0; i<db->nDb && rc==SQLITE_OK; i++){
+ if( i==iDb || iDb==SQLITE_MAX_ATTACHED ){
+ rc = sqlite3BtreeCheckpoint(db->aDb[i].pBt, eMode, pnLog, pnCkpt);
+ pnLog = 0;
+ pnCkpt = 0;
+ if( rc==SQLITE_BUSY ){
+ bBusy = 1;
+ rc = SQLITE_OK;
+ }
+ }
+ }
+
+ return (rc==SQLITE_OK && bBusy) ? SQLITE_BUSY : rc;
+}
+#endif /* SQLITE_OMIT_WAL */
+
+/*
+** This function returns true if main-memory should be used instead of
+** a temporary file for transient pager files and statement journals.
+** The value returned depends on the value of db->temp_store (runtime
+** parameter) and the compile time value of SQLITE_TEMP_STORE. The
+** following table describes the relationship between these two values
+** and this functions return value.
+**
+** SQLITE_TEMP_STORE db->temp_store Location of temporary database
+** ----------------- -------------- ------------------------------
+** 0 any file (return 0)
+** 1 1 file (return 0)
+** 1 2 memory (return 1)
+** 1 0 file (return 0)
+** 2 1 file (return 0)
+** 2 2 memory (return 1)
+** 2 0 memory (return 1)
+** 3 any memory (return 1)
+*/
+SQLITE_PRIVATE int sqlite3TempInMemory(const sqlite3 *db){
+#if SQLITE_TEMP_STORE==1
+ return ( db->temp_store==2 );
+#endif
+#if SQLITE_TEMP_STORE==2
+ return ( db->temp_store!=1 );
+#endif
+#if SQLITE_TEMP_STORE==3
+ UNUSED_PARAMETER(db);
+ return 1;
+#endif
+#if SQLITE_TEMP_STORE<1 || SQLITE_TEMP_STORE>3
+ UNUSED_PARAMETER(db);
+ return 0;
+#endif
+}
+
+/*
+** Return UTF-8 encoded English language explanation of the most recent
+** error.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_errmsg(sqlite3 *db){
+ const char *z;
+ if( !db ){
+ return sqlite3ErrStr(SQLITE_NOMEM);
+ }
+ if( !sqlite3SafetyCheckSickOrOk(db) ){
+ return sqlite3ErrStr(SQLITE_MISUSE_BKPT);
+ }
+ sqlite3_mutex_enter(db->mutex);
+ if( db->mallocFailed ){
+ z = sqlite3ErrStr(SQLITE_NOMEM);
+ }else{
+ testcase( db->pErr==0 );
+ z = (char*)sqlite3_value_text(db->pErr);
+ assert( !db->mallocFailed );
+ if( z==0 ){
+ z = sqlite3ErrStr(db->errCode);
+ }
+ }
+ sqlite3_mutex_leave(db->mutex);
+ return z;
+}
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** Return UTF-16 encoded English language explanation of the most recent
+** error.
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_errmsg16(sqlite3 *db){
+ static const u16 outOfMem[] = {
+ 'o', 'u', 't', ' ', 'o', 'f', ' ', 'm', 'e', 'm', 'o', 'r', 'y', 0
+ };
+ static const u16 misuse[] = {
+ 'l', 'i', 'b', 'r', 'a', 'r', 'y', ' ',
+ 'r', 'o', 'u', 't', 'i', 'n', 'e', ' ',
+ 'c', 'a', 'l', 'l', 'e', 'd', ' ',
+ 'o', 'u', 't', ' ',
+ 'o', 'f', ' ',
+ 's', 'e', 'q', 'u', 'e', 'n', 'c', 'e', 0
+ };
+
+ const void *z;
+ if( !db ){
+ return (void *)outOfMem;
+ }
+ if( !sqlite3SafetyCheckSickOrOk(db) ){
+ return (void *)misuse;
+ }
+ sqlite3_mutex_enter(db->mutex);
+ if( db->mallocFailed ){
+ z = (void *)outOfMem;
+ }else{
+ z = sqlite3_value_text16(db->pErr);
+ if( z==0 ){
+ sqlite3ErrorWithMsg(db, db->errCode, sqlite3ErrStr(db->errCode));
+ z = sqlite3_value_text16(db->pErr);
+ }
+ /* A malloc() may have failed within the call to sqlite3_value_text16()
+ ** above. If this is the case, then the db->mallocFailed flag needs to
+ ** be cleared before returning. Do this directly, instead of via
+ ** sqlite3ApiExit(), to avoid setting the database handle error message.
+ */
+ db->mallocFailed = 0;
+ }
+ sqlite3_mutex_leave(db->mutex);
+ return z;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+/*
+** Return the most recent error code generated by an SQLite routine. If NULL is
+** passed to this function, we assume a malloc() failed during sqlite3_open().
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_errcode(sqlite3 *db){
+ if( db && !sqlite3SafetyCheckSickOrOk(db) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ if( !db || db->mallocFailed ){
+ return SQLITE_NOMEM;
+ }
+ return db->errCode & db->errMask;
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_extended_errcode(sqlite3 *db){
+ if( db && !sqlite3SafetyCheckSickOrOk(db) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+ if( !db || db->mallocFailed ){
+ return SQLITE_NOMEM;
+ }
+ return db->errCode;
+}
+
+/*
+** Return a string that describes the kind of error specified in the
+** argument. For now, this simply calls the internal sqlite3ErrStr()
+** function.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_errstr(int rc){
+ return sqlite3ErrStr(rc);
+}
+
+/*
+** Create a new collating function for database "db". The name is zName
+** and the encoding is enc.
+*/
+static int createCollation(
+ sqlite3* db,
+ const char *zName,
+ u8 enc,
+ void* pCtx,
+ int(*xCompare)(void*,int,const void*,int,const void*),
+ void(*xDel)(void*)
+){
+ CollSeq *pColl;
+ int enc2;
+
+ assert( sqlite3_mutex_held(db->mutex) );
+
+ /* If SQLITE_UTF16 is specified as the encoding type, transform this
+ ** to one of SQLITE_UTF16LE or SQLITE_UTF16BE using the
+ ** SQLITE_UTF16NATIVE macro. SQLITE_UTF16 is not used internally.
+ */
+ enc2 = enc;
+ testcase( enc2==SQLITE_UTF16 );
+ testcase( enc2==SQLITE_UTF16_ALIGNED );
+ if( enc2==SQLITE_UTF16 || enc2==SQLITE_UTF16_ALIGNED ){
+ enc2 = SQLITE_UTF16NATIVE;
+ }
+ if( enc2<SQLITE_UTF8 || enc2>SQLITE_UTF16BE ){
+ return SQLITE_MISUSE_BKPT;
+ }
+
+ /* Check if this call is removing or replacing an existing collation
+ ** sequence. If so, and there are active VMs, return busy. If there
+ ** are no active VMs, invalidate any pre-compiled statements.
+ */
+ pColl = sqlite3FindCollSeq(db, (u8)enc2, zName, 0);
+ if( pColl && pColl->xCmp ){
+ if( db->nVdbeActive ){
+ sqlite3ErrorWithMsg(db, SQLITE_BUSY,
+ "unable to delete/modify collation sequence due to active statements");
+ return SQLITE_BUSY;
+ }
+ sqlite3ExpirePreparedStatements(db);
+
+ /* If collation sequence pColl was created directly by a call to
+ ** sqlite3_create_collation, and not generated by synthCollSeq(),
+ ** then any copies made by synthCollSeq() need to be invalidated.
+ ** Also, collation destructor - CollSeq.xDel() - function may need
+ ** to be called.
+ */
+ if( (pColl->enc & ~SQLITE_UTF16_ALIGNED)==enc2 ){
+ CollSeq *aColl = sqlite3HashFind(&db->aCollSeq, zName);
+ int j;
+ for(j=0; j<3; j++){
+ CollSeq *p = &aColl[j];
+ if( p->enc==pColl->enc ){
+ if( p->xDel ){
+ p->xDel(p->pUser);
+ }
+ p->xCmp = 0;
+ }
+ }
+ }
+ }
+
+ pColl = sqlite3FindCollSeq(db, (u8)enc2, zName, 1);
+ if( pColl==0 ) return SQLITE_NOMEM;
+ pColl->xCmp = xCompare;
+ pColl->pUser = pCtx;
+ pColl->xDel = xDel;
+ pColl->enc = (u8)(enc2 | (enc & SQLITE_UTF16_ALIGNED));
+ sqlite3Error(db, SQLITE_OK);
+ return SQLITE_OK;
+}
+
+
+/*
+** This array defines hard upper bounds on limit values. The
+** initializer must be kept in sync with the SQLITE_LIMIT_*
+** #defines in sqlite3.h.
+*/
+static const int aHardLimit[] = {
+ SQLITE_MAX_LENGTH,
+ SQLITE_MAX_SQL_LENGTH,
+ SQLITE_MAX_COLUMN,
+ SQLITE_MAX_EXPR_DEPTH,
+ SQLITE_MAX_COMPOUND_SELECT,
+ SQLITE_MAX_VDBE_OP,
+ SQLITE_MAX_FUNCTION_ARG,
+ SQLITE_MAX_ATTACHED,
+ SQLITE_MAX_LIKE_PATTERN_LENGTH,
+ SQLITE_MAX_VARIABLE_NUMBER, /* IMP: R-38091-32352 */
+ SQLITE_MAX_TRIGGER_DEPTH,
+ SQLITE_MAX_WORKER_THREADS,
+};
+
+/*
+** Make sure the hard limits are set to reasonable values
+*/
+#if SQLITE_MAX_LENGTH<100
+# error SQLITE_MAX_LENGTH must be at least 100
+#endif
+#if SQLITE_MAX_SQL_LENGTH<100
+# error SQLITE_MAX_SQL_LENGTH must be at least 100
+#endif
+#if SQLITE_MAX_SQL_LENGTH>SQLITE_MAX_LENGTH
+# error SQLITE_MAX_SQL_LENGTH must not be greater than SQLITE_MAX_LENGTH
+#endif
+#if SQLITE_MAX_COMPOUND_SELECT<2
+# error SQLITE_MAX_COMPOUND_SELECT must be at least 2
+#endif
+#if SQLITE_MAX_VDBE_OP<40
+# error SQLITE_MAX_VDBE_OP must be at least 40
+#endif
+#if SQLITE_MAX_FUNCTION_ARG<0 || SQLITE_MAX_FUNCTION_ARG>1000
+# error SQLITE_MAX_FUNCTION_ARG must be between 0 and 1000
+#endif
+#if SQLITE_MAX_ATTACHED<0 || SQLITE_MAX_ATTACHED>125
+# error SQLITE_MAX_ATTACHED must be between 0 and 125
+#endif
+#if SQLITE_MAX_LIKE_PATTERN_LENGTH<1
+# error SQLITE_MAX_LIKE_PATTERN_LENGTH must be at least 1
+#endif
+#if SQLITE_MAX_COLUMN>32767
+# error SQLITE_MAX_COLUMN must not exceed 32767
+#endif
+#if SQLITE_MAX_TRIGGER_DEPTH<1
+# error SQLITE_MAX_TRIGGER_DEPTH must be at least 1
+#endif
+#if SQLITE_MAX_WORKER_THREADS<0 || SQLITE_MAX_WORKER_THREADS>50
+# error SQLITE_MAX_WORKER_THREADS must be between 0 and 50
+#endif
+
+
+/*
+** Change the value of a limit. Report the old value.
+** If an invalid limit index is supplied, report -1.
+** Make no changes but still report the old value if the
+** new limit is negative.
+**
+** A new lower limit does not shrink existing constructs.
+** It merely prevents new constructs that exceed the limit
+** from forming.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_limit(sqlite3 *db, int limitId, int newLimit){
+ int oldLimit;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return -1;
+ }
+#endif
+
+ /* EVIDENCE-OF: R-30189-54097 For each limit category SQLITE_LIMIT_NAME
+ ** there is a hard upper bound set at compile-time by a C preprocessor
+ ** macro called SQLITE_MAX_NAME. (The "_LIMIT_" in the name is changed to
+ ** "_MAX_".)
+ */
+ assert( aHardLimit[SQLITE_LIMIT_LENGTH]==SQLITE_MAX_LENGTH );
+ assert( aHardLimit[SQLITE_LIMIT_SQL_LENGTH]==SQLITE_MAX_SQL_LENGTH );
+ assert( aHardLimit[SQLITE_LIMIT_COLUMN]==SQLITE_MAX_COLUMN );
+ assert( aHardLimit[SQLITE_LIMIT_EXPR_DEPTH]==SQLITE_MAX_EXPR_DEPTH );
+ assert( aHardLimit[SQLITE_LIMIT_COMPOUND_SELECT]==SQLITE_MAX_COMPOUND_SELECT);
+ assert( aHardLimit[SQLITE_LIMIT_VDBE_OP]==SQLITE_MAX_VDBE_OP );
+ assert( aHardLimit[SQLITE_LIMIT_FUNCTION_ARG]==SQLITE_MAX_FUNCTION_ARG );
+ assert( aHardLimit[SQLITE_LIMIT_ATTACHED]==SQLITE_MAX_ATTACHED );
+ assert( aHardLimit[SQLITE_LIMIT_LIKE_PATTERN_LENGTH]==
+ SQLITE_MAX_LIKE_PATTERN_LENGTH );
+ assert( aHardLimit[SQLITE_LIMIT_VARIABLE_NUMBER]==SQLITE_MAX_VARIABLE_NUMBER);
+ assert( aHardLimit[SQLITE_LIMIT_TRIGGER_DEPTH]==SQLITE_MAX_TRIGGER_DEPTH );
+ assert( aHardLimit[SQLITE_LIMIT_WORKER_THREADS]==SQLITE_MAX_WORKER_THREADS );
+ assert( SQLITE_LIMIT_WORKER_THREADS==(SQLITE_N_LIMIT-1) );
+
+
+ if( limitId<0 || limitId>=SQLITE_N_LIMIT ){
+ return -1;
+ }
+ oldLimit = db->aLimit[limitId];
+ if( newLimit>=0 ){ /* IMP: R-52476-28732 */
+ if( newLimit>aHardLimit[limitId] ){
+ newLimit = aHardLimit[limitId]; /* IMP: R-51463-25634 */
+ }
+ db->aLimit[limitId] = newLimit;
+ }
+ return oldLimit; /* IMP: R-53341-35419 */
+}
+
+/*
+** This function is used to parse both URIs and non-URI filenames passed by the
+** user to API functions sqlite3_open() or sqlite3_open_v2(), and for database
+** URIs specified as part of ATTACH statements.
+**
+** The first argument to this function is the name of the VFS to use (or
+** a NULL to signify the default VFS) if the URI does not contain a "vfs=xxx"
+** query parameter. The second argument contains the URI (or non-URI filename)
+** itself. When this function is called the *pFlags variable should contain
+** the default flags to open the database handle with. The value stored in
+** *pFlags may be updated before returning if the URI filename contains
+** "cache=xxx" or "mode=xxx" query parameters.
+**
+** If successful, SQLITE_OK is returned. In this case *ppVfs is set to point to
+** the VFS that should be used to open the database file. *pzFile is set to
+** point to a buffer containing the name of the file to open. It is the
+** responsibility of the caller to eventually call sqlite3_free() to release
+** this buffer.
+**
+** If an error occurs, then an SQLite error code is returned and *pzErrMsg
+** may be set to point to a buffer containing an English language error
+** message. It is the responsibility of the caller to eventually release
+** this buffer by calling sqlite3_free().
+*/
+SQLITE_PRIVATE int sqlite3ParseUri(
+ const char *zDefaultVfs, /* VFS to use if no "vfs=xxx" query option */
+ const char *zUri, /* Nul-terminated URI to parse */
+ unsigned int *pFlags, /* IN/OUT: SQLITE_OPEN_XXX flags */
+ sqlite3_vfs **ppVfs, /* OUT: VFS to use */
+ char **pzFile, /* OUT: Filename component of URI */
+ char **pzErrMsg /* OUT: Error message (if rc!=SQLITE_OK) */
+){
+ int rc = SQLITE_OK;
+ unsigned int flags = *pFlags;
+ const char *zVfs = zDefaultVfs;
+ char *zFile;
+ char c;
+ int nUri = sqlite3Strlen30(zUri);
+
+ assert( *pzErrMsg==0 );
+
+ if( ((flags & SQLITE_OPEN_URI) /* IMP: R-48725-32206 */
+ || sqlite3GlobalConfig.bOpenUri) /* IMP: R-51689-46548 */
+ && nUri>=5 && memcmp(zUri, "file:", 5)==0 /* IMP: R-57884-37496 */
+ ){
+ char *zOpt;
+ int eState; /* Parser state when parsing URI */
+ int iIn; /* Input character index */
+ int iOut = 0; /* Output character index */
+ u64 nByte = nUri+2; /* Bytes of space to allocate */
+
+ /* Make sure the SQLITE_OPEN_URI flag is set to indicate to the VFS xOpen
+ ** method that there may be extra parameters following the file-name. */
+ flags |= SQLITE_OPEN_URI;
+
+ for(iIn=0; iIn<nUri; iIn++) nByte += (zUri[iIn]=='&');
+ zFile = sqlite3_malloc64(nByte);
+ if( !zFile ) return SQLITE_NOMEM;
+
+ iIn = 5;
+#ifdef SQLITE_ALLOW_URI_AUTHORITY
+ if( strncmp(zUri+5, "///", 3)==0 ){
+ iIn = 7;
+ /* The following condition causes URIs with five leading / characters
+ ** like file://///host/path to be converted into UNCs like //host/path.
+ ** The correct URI for that UNC has only two or four leading / characters
+ ** file://host/path or file:////host/path. But 5 leading slashes is a
+ ** common error, we are told, so we handle it as a special case. */
+ if( strncmp(zUri+7, "///", 3)==0 ){ iIn++; }
+ }else if( strncmp(zUri+5, "//localhost/", 12)==0 ){
+ iIn = 16;
+ }
+#else
+ /* Discard the scheme and authority segments of the URI. */
+ if( zUri[5]=='/' && zUri[6]=='/' ){
+ iIn = 7;
+ while( zUri[iIn] && zUri[iIn]!='/' ) iIn++;
+ if( iIn!=7 && (iIn!=16 || memcmp("localhost", &zUri[7], 9)) ){
+ *pzErrMsg = sqlite3_mprintf("invalid uri authority: %.*s",
+ iIn-7, &zUri[7]);
+ rc = SQLITE_ERROR;
+ goto parse_uri_out;
+ }
+ }
+#endif
+
+ /* Copy the filename and any query parameters into the zFile buffer.
+ ** Decode %HH escape codes along the way.
+ **
+ ** Within this loop, variable eState may be set to 0, 1 or 2, depending
+ ** on the parsing context. As follows:
+ **
+ ** 0: Parsing file-name.
+ ** 1: Parsing name section of a name=value query parameter.
+ ** 2: Parsing value section of a name=value query parameter.
+ */
+ eState = 0;
+ while( (c = zUri[iIn])!=0 && c!='#' ){
+ iIn++;
+ if( c=='%'
+ && sqlite3Isxdigit(zUri[iIn])
+ && sqlite3Isxdigit(zUri[iIn+1])
+ ){
+ int octet = (sqlite3HexToInt(zUri[iIn++]) << 4);
+ octet += sqlite3HexToInt(zUri[iIn++]);
+
+ assert( octet>=0 && octet<256 );
+ if( octet==0 ){
+ /* This branch is taken when "%00" appears within the URI. In this
+ ** case we ignore all text in the remainder of the path, name or
+ ** value currently being parsed. So ignore the current character
+ ** and skip to the next "?", "=" or "&", as appropriate. */
+ while( (c = zUri[iIn])!=0 && c!='#'
+ && (eState!=0 || c!='?')
+ && (eState!=1 || (c!='=' && c!='&'))
+ && (eState!=2 || c!='&')
+ ){
+ iIn++;
+ }
+ continue;
+ }
+ c = octet;
+ }else if( eState==1 && (c=='&' || c=='=') ){
+ if( zFile[iOut-1]==0 ){
+ /* An empty option name. Ignore this option altogether. */
+ while( zUri[iIn] && zUri[iIn]!='#' && zUri[iIn-1]!='&' ) iIn++;
+ continue;
+ }
+ if( c=='&' ){
+ zFile[iOut++] = '\0';
+ }else{
+ eState = 2;
+ }
+ c = 0;
+ }else if( (eState==0 && c=='?') || (eState==2 && c=='&') ){
+ c = 0;
+ eState = 1;
+ }
+ zFile[iOut++] = c;
+ }
+ if( eState==1 ) zFile[iOut++] = '\0';
+ zFile[iOut++] = '\0';
+ zFile[iOut++] = '\0';
+
+ /* Check if there were any options specified that should be interpreted
+ ** here. Options that are interpreted here include "vfs" and those that
+ ** correspond to flags that may be passed to the sqlite3_open_v2()
+ ** method. */
+ zOpt = &zFile[sqlite3Strlen30(zFile)+1];
+ while( zOpt[0] ){
+ int nOpt = sqlite3Strlen30(zOpt);
+ char *zVal = &zOpt[nOpt+1];
+ int nVal = sqlite3Strlen30(zVal);
+
+ if( nOpt==3 && memcmp("vfs", zOpt, 3)==0 ){
+ zVfs = zVal;
+ }else{
+ struct OpenMode {
+ const char *z;
+ int mode;
+ } *aMode = 0;
+ char *zModeType = 0;
+ int mask = 0;
+ int limit = 0;
+
+ if( nOpt==5 && memcmp("cache", zOpt, 5)==0 ){
+ static struct OpenMode aCacheMode[] = {
+ { "shared", SQLITE_OPEN_SHAREDCACHE },
+ { "private", SQLITE_OPEN_PRIVATECACHE },
+ { 0, 0 }
+ };
+
+ mask = SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_PRIVATECACHE;
+ aMode = aCacheMode;
+ limit = mask;
+ zModeType = "cache";
+ }
+ if( nOpt==4 && memcmp("mode", zOpt, 4)==0 ){
+ static struct OpenMode aOpenMode[] = {
+ { "ro", SQLITE_OPEN_READONLY },
+ { "rw", SQLITE_OPEN_READWRITE },
+ { "rwc", SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE },
+ { "memory", SQLITE_OPEN_MEMORY },
+ { 0, 0 }
+ };
+
+ mask = SQLITE_OPEN_READONLY | SQLITE_OPEN_READWRITE
+ | SQLITE_OPEN_CREATE | SQLITE_OPEN_MEMORY;
+ aMode = aOpenMode;
+ limit = mask & flags;
+ zModeType = "access";
+ }
+
+ if( aMode ){
+ int i;
+ int mode = 0;
+ for(i=0; aMode[i].z; i++){
+ const char *z = aMode[i].z;
+ if( nVal==sqlite3Strlen30(z) && 0==memcmp(zVal, z, nVal) ){
+ mode = aMode[i].mode;
+ break;
+ }
+ }
+ if( mode==0 ){
+ *pzErrMsg = sqlite3_mprintf("no such %s mode: %s", zModeType, zVal);
+ rc = SQLITE_ERROR;
+ goto parse_uri_out;
+ }
+ if( (mode & ~SQLITE_OPEN_MEMORY)>limit ){
+ *pzErrMsg = sqlite3_mprintf("%s mode not allowed: %s",
+ zModeType, zVal);
+ rc = SQLITE_PERM;
+ goto parse_uri_out;
+ }
+ flags = (flags & ~mask) | mode;
+ }
+ }
+
+ zOpt = &zVal[nVal+1];
+ }
+
+ }else{
+ zFile = sqlite3_malloc64(nUri+2);
+ if( !zFile ) return SQLITE_NOMEM;
+ memcpy(zFile, zUri, nUri);
+ zFile[nUri] = '\0';
+ zFile[nUri+1] = '\0';
+ flags &= ~SQLITE_OPEN_URI;
+ }
+
+ *ppVfs = sqlite3_vfs_find(zVfs);
+ if( *ppVfs==0 ){
+ *pzErrMsg = sqlite3_mprintf("no such vfs: %s", zVfs);
+ rc = SQLITE_ERROR;
+ }
+ parse_uri_out:
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(zFile);
+ zFile = 0;
+ }
+ *pFlags = flags;
+ *pzFile = zFile;
+ return rc;
+}
+
+
+/*
+** This routine does the work of opening a database on behalf of
+** sqlite3_open() and sqlite3_open16(). The database filename "zFilename"
+** is UTF-8 encoded.
+*/
+static int openDatabase(
+ const char *zFilename, /* Database filename UTF-8 encoded */
+ sqlite3 **ppDb, /* OUT: Returned database handle */
+ unsigned int flags, /* Operational flags */
+ const char *zVfs /* Name of the VFS to use */
+){
+ sqlite3 *db; /* Store allocated handle here */
+ int rc; /* Return code */
+ int isThreadsafe; /* True for threadsafe connections */
+ char *zOpen = 0; /* Filename argument to pass to BtreeOpen() */
+ char *zErrMsg = 0; /* Error message from sqlite3ParseUri() */
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( ppDb==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ *ppDb = 0;
+#ifndef SQLITE_OMIT_AUTOINIT
+ rc = sqlite3_initialize();
+ if( rc ) return rc;
+#endif
+
+ /* Only allow sensible combinations of bits in the flags argument.
+ ** Throw an error if any non-sense combination is used. If we
+ ** do not block illegal combinations here, it could trigger
+ ** assert() statements in deeper layers. Sensible combinations
+ ** are:
+ **
+ ** 1: SQLITE_OPEN_READONLY
+ ** 2: SQLITE_OPEN_READWRITE
+ ** 6: SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE
+ */
+ assert( SQLITE_OPEN_READONLY == 0x01 );
+ assert( SQLITE_OPEN_READWRITE == 0x02 );
+ assert( SQLITE_OPEN_CREATE == 0x04 );
+ testcase( (1<<(flags&7))==0x02 ); /* READONLY */
+ testcase( (1<<(flags&7))==0x04 ); /* READWRITE */
+ testcase( (1<<(flags&7))==0x40 ); /* READWRITE | CREATE */
+ if( ((1<<(flags&7)) & 0x46)==0 ){
+ return SQLITE_MISUSE_BKPT; /* IMP: R-65497-44594 */
+ }
+
+ if( sqlite3GlobalConfig.bCoreMutex==0 ){
+ isThreadsafe = 0;
+ }else if( flags & SQLITE_OPEN_NOMUTEX ){
+ isThreadsafe = 0;
+ }else if( flags & SQLITE_OPEN_FULLMUTEX ){
+ isThreadsafe = 1;
+ }else{
+ isThreadsafe = sqlite3GlobalConfig.bFullMutex;
+ }
+ if( flags & SQLITE_OPEN_PRIVATECACHE ){
+ flags &= ~SQLITE_OPEN_SHAREDCACHE;
+ }else if( sqlite3GlobalConfig.sharedCacheEnabled ){
+ flags |= SQLITE_OPEN_SHAREDCACHE;
+ }
+
+ /* Remove harmful bits from the flags parameter
+ **
+ ** The SQLITE_OPEN_NOMUTEX and SQLITE_OPEN_FULLMUTEX flags were
+ ** dealt with in the previous code block. Besides these, the only
+ ** valid input flags for sqlite3_open_v2() are SQLITE_OPEN_READONLY,
+ ** SQLITE_OPEN_READWRITE, SQLITE_OPEN_CREATE, SQLITE_OPEN_SHAREDCACHE,
+ ** SQLITE_OPEN_PRIVATECACHE, and some reserved bits. Silently mask
+ ** off all other flags.
+ */
+ flags &= ~( SQLITE_OPEN_DELETEONCLOSE |
+ SQLITE_OPEN_EXCLUSIVE |
+ SQLITE_OPEN_MAIN_DB |
+ SQLITE_OPEN_TEMP_DB |
+ SQLITE_OPEN_TRANSIENT_DB |
+ SQLITE_OPEN_MAIN_JOURNAL |
+ SQLITE_OPEN_TEMP_JOURNAL |
+ SQLITE_OPEN_SUBJOURNAL |
+ SQLITE_OPEN_MASTER_JOURNAL |
+ SQLITE_OPEN_NOMUTEX |
+ SQLITE_OPEN_FULLMUTEX |
+ SQLITE_OPEN_WAL
+ );
+
+ /* Allocate the sqlite data structure */
+ db = sqlite3MallocZero( sizeof(sqlite3) );
+ if( db==0 ) goto opendb_out;
+ if( isThreadsafe ){
+ db->mutex = sqlite3MutexAlloc(SQLITE_MUTEX_RECURSIVE);
+ if( db->mutex==0 ){
+ sqlite3_free(db);
+ db = 0;
+ goto opendb_out;
+ }
+ }
+ sqlite3_mutex_enter(db->mutex);
+ db->errMask = 0xff;
+ db->nDb = 2;
+ db->magic = SQLITE_MAGIC_BUSY;
+ db->aDb = db->aDbStatic;
+
+ assert( sizeof(db->aLimit)==sizeof(aHardLimit) );
+ memcpy(db->aLimit, aHardLimit, sizeof(db->aLimit));
+ db->aLimit[SQLITE_LIMIT_WORKER_THREADS] = SQLITE_DEFAULT_WORKER_THREADS;
+ db->autoCommit = 1;
+ db->nextAutovac = -1;
+ db->szMmap = sqlite3GlobalConfig.szMmap;
+ db->nextPagesize = 0;
+ db->nMaxSorterMmap = 0x7FFFFFFF;
+ db->flags |= SQLITE_ShortColNames | SQLITE_EnableTrigger | SQLITE_CacheSpill
+#if !defined(SQLITE_DEFAULT_AUTOMATIC_INDEX) || SQLITE_DEFAULT_AUTOMATIC_INDEX
+ | SQLITE_AutoIndex
+#endif
+#if SQLITE_DEFAULT_CKPTFULLFSYNC
+ | SQLITE_CkptFullFSync
+#endif
+#if SQLITE_DEFAULT_FILE_FORMAT<4
+ | SQLITE_LegacyFileFmt
+#endif
+#ifdef SQLITE_ENABLE_LOAD_EXTENSION
+ | SQLITE_LoadExtension
+#endif
+#if SQLITE_DEFAULT_RECURSIVE_TRIGGERS
+ | SQLITE_RecTriggers
+#endif
+#if defined(SQLITE_DEFAULT_FOREIGN_KEYS) && SQLITE_DEFAULT_FOREIGN_KEYS
+ | SQLITE_ForeignKeys
+#endif
+#if defined(SQLITE_REVERSE_UNORDERED_SELECTS)
+ | SQLITE_ReverseOrder
+#endif
+#if defined(SQLITE_ENABLE_OVERSIZE_CELL_CHECK)
+ | SQLITE_CellSizeCk
+#endif
+ ;
+ sqlite3HashInit(&db->aCollSeq);
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ sqlite3HashInit(&db->aModule);
+#endif
+
+ /* Add the default collation sequence BINARY. BINARY works for both UTF-8
+ ** and UTF-16, so add a version for each to avoid any unnecessary
+ ** conversions. The only error that can occur here is a malloc() failure.
+ **
+ ** EVIDENCE-OF: R-52786-44878 SQLite defines three built-in collating
+ ** functions:
+ */
+ createCollation(db, sqlite3StrBINARY, SQLITE_UTF8, 0, binCollFunc, 0);
+ createCollation(db, sqlite3StrBINARY, SQLITE_UTF16BE, 0, binCollFunc, 0);
+ createCollation(db, sqlite3StrBINARY, SQLITE_UTF16LE, 0, binCollFunc, 0);
+ createCollation(db, "NOCASE", SQLITE_UTF8, 0, nocaseCollatingFunc, 0);
+ createCollation(db, "RTRIM", SQLITE_UTF8, (void*)1, binCollFunc, 0);
+ if( db->mallocFailed ){
+ goto opendb_out;
+ }
+ /* EVIDENCE-OF: R-08308-17224 The default collating function for all
+ ** strings is BINARY.
+ */
+ db->pDfltColl = sqlite3FindCollSeq(db, SQLITE_UTF8, sqlite3StrBINARY, 0);
+ assert( db->pDfltColl!=0 );
+
+ /* Parse the filename/URI argument. */
+ db->openFlags = flags;
+ rc = sqlite3ParseUri(zVfs, zFilename, &flags, &db->pVfs, &zOpen, &zErrMsg);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_NOMEM ) db->mallocFailed = 1;
+ sqlite3ErrorWithMsg(db, rc, zErrMsg ? "%s" : 0, zErrMsg);
+ sqlite3_free(zErrMsg);
+ goto opendb_out;
+ }
+
+ /* Open the backend database driver */
+ rc = sqlite3BtreeOpen(db->pVfs, zOpen, db, &db->aDb[0].pBt, 0,
+ flags | SQLITE_OPEN_MAIN_DB);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_IOERR_NOMEM ){
+ rc = SQLITE_NOMEM;
+ }
+ sqlite3Error(db, rc);
+ goto opendb_out;
+ }
+ sqlite3BtreeEnter(db->aDb[0].pBt);
+ db->aDb[0].pSchema = sqlite3SchemaGet(db, db->aDb[0].pBt);
+ if( !db->mallocFailed ) ENC(db) = SCHEMA_ENC(db);
+ sqlite3BtreeLeave(db->aDb[0].pBt);
+ db->aDb[1].pSchema = sqlite3SchemaGet(db, 0);
+
+ /* The default safety_level for the main database is 'full'; for the temp
+ ** database it is 'NONE'. This matches the pager layer defaults.
+ */
+ db->aDb[0].zName = "main";
+ db->aDb[0].safety_level = 3;
+ db->aDb[1].zName = "temp";
+ db->aDb[1].safety_level = 1;
+
+ db->magic = SQLITE_MAGIC_OPEN;
+ if( db->mallocFailed ){
+ goto opendb_out;
+ }
+
+ /* Register all built-in functions, but do not attempt to read the
+ ** database schema yet. This is delayed until the first time the database
+ ** is accessed.
+ */
+ sqlite3Error(db, SQLITE_OK);
+ sqlite3RegisterBuiltinFunctions(db);
+
+ /* Load automatic extensions - extensions that have been registered
+ ** using the sqlite3_automatic_extension() API.
+ */
+ rc = sqlite3_errcode(db);
+ if( rc==SQLITE_OK ){
+ sqlite3AutoLoadExtensions(db);
+ rc = sqlite3_errcode(db);
+ if( rc!=SQLITE_OK ){
+ goto opendb_out;
+ }
+ }
+
+#ifdef SQLITE_ENABLE_FTS1
+ if( !db->mallocFailed ){
+ extern int sqlite3Fts1Init(sqlite3*);
+ rc = sqlite3Fts1Init(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_FTS2
+ if( !db->mallocFailed && rc==SQLITE_OK ){
+ extern int sqlite3Fts2Init(sqlite3*);
+ rc = sqlite3Fts2Init(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_FTS3 /* automatically defined by SQLITE_ENABLE_FTS4 */
+ if( !db->mallocFailed && rc==SQLITE_OK ){
+ rc = sqlite3Fts3Init(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_FTS5
+ if( !db->mallocFailed && rc==SQLITE_OK ){
+ rc = sqlite3Fts5Init(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_ICU
+ if( !db->mallocFailed && rc==SQLITE_OK ){
+ rc = sqlite3IcuInit(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_RTREE
+ if( !db->mallocFailed && rc==SQLITE_OK){
+ rc = sqlite3RtreeInit(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_DBSTAT_VTAB
+ if( !db->mallocFailed && rc==SQLITE_OK){
+ rc = sqlite3DbstatRegister(db);
+ }
+#endif
+
+#ifdef SQLITE_ENABLE_JSON1
+ if( !db->mallocFailed && rc==SQLITE_OK){
+ rc = sqlite3Json1Init(db);
+ }
+#endif
+
+ /* -DSQLITE_DEFAULT_LOCKING_MODE=1 makes EXCLUSIVE the default locking
+ ** mode. -DSQLITE_DEFAULT_LOCKING_MODE=0 make NORMAL the default locking
+ ** mode. Doing nothing at all also makes NORMAL the default.
+ */
+#ifdef SQLITE_DEFAULT_LOCKING_MODE
+ db->dfltLockMode = SQLITE_DEFAULT_LOCKING_MODE;
+ sqlite3PagerLockingMode(sqlite3BtreePager(db->aDb[0].pBt),
+ SQLITE_DEFAULT_LOCKING_MODE);
+#endif
+
+ if( rc ) sqlite3Error(db, rc);
+
+ /* Enable the lookaside-malloc subsystem */
+ setupLookaside(db, 0, sqlite3GlobalConfig.szLookaside,
+ sqlite3GlobalConfig.nLookaside);
+
+ sqlite3_wal_autocheckpoint(db, SQLITE_DEFAULT_WAL_AUTOCHECKPOINT);
+
+opendb_out:
+ if( db ){
+ assert( db->mutex!=0 || isThreadsafe==0
+ || sqlite3GlobalConfig.bFullMutex==0 );
+ sqlite3_mutex_leave(db->mutex);
+ }
+ rc = sqlite3_errcode(db);
+ assert( db!=0 || rc==SQLITE_NOMEM );
+ if( rc==SQLITE_NOMEM ){
+ sqlite3_close(db);
+ db = 0;
+ }else if( rc!=SQLITE_OK ){
+ db->magic = SQLITE_MAGIC_SICK;
+ }
+ *ppDb = db;
+#ifdef SQLITE_ENABLE_SQLLOG
+ if( sqlite3GlobalConfig.xSqllog ){
+ /* Opening a db handle. Fourth parameter is passed 0. */
+ void *pArg = sqlite3GlobalConfig.pSqllogArg;
+ sqlite3GlobalConfig.xSqllog(pArg, db, zFilename, 0);
+ }
+#endif
+#if defined(SQLITE_HAS_CODEC)
+ if( rc==SQLITE_OK ){
+ const char *zHexKey = sqlite3_uri_parameter(zOpen, "hexkey");
+ if( zHexKey && zHexKey[0] ){
+ u8 iByte;
+ int i;
+ char zKey[40];
+ for(i=0, iByte=0; i<sizeof(zKey)*2 && sqlite3Isxdigit(zHexKey[i]); i++){
+ iByte = (iByte<<4) + sqlite3HexToInt(zHexKey[i]);
+ if( (i&1)!=0 ) zKey[i/2] = iByte;
+ }
+ sqlite3_key_v2(db, 0, zKey, i/2);
+ }
+ }
+#endif
+ sqlite3_free(zOpen);
+ return rc & 0xff;
+}
+
+/*
+** Open a new database handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_open(
+ const char *zFilename,
+ sqlite3 **ppDb
+){
+ return openDatabase(zFilename, ppDb,
+ SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE, 0);
+}
+SQLITE_API int SQLITE_STDCALL sqlite3_open_v2(
+ const char *filename, /* Database filename (UTF-8) */
+ sqlite3 **ppDb, /* OUT: SQLite db handle */
+ int flags, /* Flags */
+ const char *zVfs /* Name of VFS module to use */
+){
+ return openDatabase(filename, ppDb, (unsigned int)flags, zVfs);
+}
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** Open a new database handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_open16(
+ const void *zFilename,
+ sqlite3 **ppDb
+){
+ char const *zFilename8; /* zFilename encoded in UTF-8 instead of UTF-16 */
+ sqlite3_value *pVal;
+ int rc;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( ppDb==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ *ppDb = 0;
+#ifndef SQLITE_OMIT_AUTOINIT
+ rc = sqlite3_initialize();
+ if( rc ) return rc;
+#endif
+ if( zFilename==0 ) zFilename = "\000\000";
+ pVal = sqlite3ValueNew(0);
+ sqlite3ValueSetStr(pVal, -1, zFilename, SQLITE_UTF16NATIVE, SQLITE_STATIC);
+ zFilename8 = sqlite3ValueText(pVal, SQLITE_UTF8);
+ if( zFilename8 ){
+ rc = openDatabase(zFilename8, ppDb,
+ SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE, 0);
+ assert( *ppDb || rc==SQLITE_NOMEM );
+ if( rc==SQLITE_OK && !DbHasProperty(*ppDb, 0, DB_SchemaLoaded) ){
+ SCHEMA_ENC(*ppDb) = ENC(*ppDb) = SQLITE_UTF16NATIVE;
+ }
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ sqlite3ValueFree(pVal);
+
+ return rc & 0xff;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+/*
+** Register a new collation sequence with the database handle db.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation(
+ sqlite3* db,
+ const char *zName,
+ int enc,
+ void* pCtx,
+ int(*xCompare)(void*,int,const void*,int,const void*)
+){
+ return sqlite3_create_collation_v2(db, zName, enc, pCtx, xCompare, 0);
+}
+
+/*
+** Register a new collation sequence with the database handle db.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation_v2(
+ sqlite3* db,
+ const char *zName,
+ int enc,
+ void* pCtx,
+ int(*xCompare)(void*,int,const void*,int,const void*),
+ void(*xDel)(void*)
+){
+ int rc;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ assert( !db->mallocFailed );
+ rc = createCollation(db, zName, (u8)enc, pCtx, xCompare, xDel);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** Register a new collation sequence with the database handle db.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation16(
+ sqlite3* db,
+ const void *zName,
+ int enc,
+ void* pCtx,
+ int(*xCompare)(void*,int,const void*,int,const void*)
+){
+ int rc = SQLITE_OK;
+ char *zName8;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ assert( !db->mallocFailed );
+ zName8 = sqlite3Utf16to8(db, zName, -1, SQLITE_UTF16NATIVE);
+ if( zName8 ){
+ rc = createCollation(db, zName8, (u8)enc, pCtx, xCompare, 0);
+ sqlite3DbFree(db, zName8);
+ }
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+/*
+** Register a collation sequence factory callback with the database handle
+** db. Replace any previously installed collation sequence factory.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_collation_needed(
+ sqlite3 *db,
+ void *pCollNeededArg,
+ void(*xCollNeeded)(void*,sqlite3*,int eTextRep,const char*)
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ db->xCollNeeded = xCollNeeded;
+ db->xCollNeeded16 = 0;
+ db->pCollNeededArg = pCollNeededArg;
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+
+#ifndef SQLITE_OMIT_UTF16
+/*
+** Register a collation sequence factory callback with the database handle
+** db. Replace any previously installed collation sequence factory.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_collation_needed16(
+ sqlite3 *db,
+ void *pCollNeededArg,
+ void(*xCollNeeded16)(void*,sqlite3*,int eTextRep,const void*)
+){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ db->xCollNeeded = 0;
+ db->xCollNeeded16 = xCollNeeded16;
+ db->pCollNeededArg = pCollNeededArg;
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+#endif /* SQLITE_OMIT_UTF16 */
+
+#ifndef SQLITE_OMIT_DEPRECATED
+/*
+** This function is now an anachronism. It used to be used to recover from a
+** malloc() failure, but SQLite now does this automatically.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_global_recover(void){
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** Test to see whether or not the database connection is in autocommit
+** mode. Return TRUE if it is and FALSE if not. Autocommit mode is on
+** by default. Autocommit is disabled by a BEGIN statement and reenabled
+** by the next COMMIT or ROLLBACK.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_get_autocommit(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ return db->autoCommit;
+}
+
+/*
+** The following routines are substitutes for constants SQLITE_CORRUPT,
+** SQLITE_MISUSE, SQLITE_CANTOPEN, SQLITE_IOERR and possibly other error
+** constants. They serve two purposes:
+**
+** 1. Serve as a convenient place to set a breakpoint in a debugger
+** to detect when version error conditions occurs.
+**
+** 2. Invoke sqlite3_log() to provide the source code location where
+** a low-level error is first detected.
+*/
+SQLITE_PRIVATE int sqlite3CorruptError(int lineno){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_CORRUPT,
+ "database corruption at line %d of [%.10s]",
+ lineno, 20+sqlite3_sourceid());
+ return SQLITE_CORRUPT;
+}
+SQLITE_PRIVATE int sqlite3MisuseError(int lineno){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_MISUSE,
+ "misuse at line %d of [%.10s]",
+ lineno, 20+sqlite3_sourceid());
+ return SQLITE_MISUSE;
+}
+SQLITE_PRIVATE int sqlite3CantopenError(int lineno){
+ testcase( sqlite3GlobalConfig.xLog!=0 );
+ sqlite3_log(SQLITE_CANTOPEN,
+ "cannot open file at line %d of [%.10s]",
+ lineno, 20+sqlite3_sourceid());
+ return SQLITE_CANTOPEN;
+}
+
+
+#ifndef SQLITE_OMIT_DEPRECATED
+/*
+** This is a convenience routine that makes sure that all thread-specific
+** data for this thread has been deallocated.
+**
+** SQLite no longer uses thread-specific data so this routine is now a
+** no-op. It is retained for historical compatibility.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_thread_cleanup(void){
+}
+#endif
+
+/*
+** Return meta information about a specific column of a database table.
+** See comment in sqlite3.h (sqlite.h.in) for details.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_table_column_metadata(
+ sqlite3 *db, /* Connection handle */
+ const char *zDbName, /* Database name or NULL */
+ const char *zTableName, /* Table name */
+ const char *zColumnName, /* Column name */
+ char const **pzDataType, /* OUTPUT: Declared data type */
+ char const **pzCollSeq, /* OUTPUT: Collation sequence name */
+ int *pNotNull, /* OUTPUT: True if NOT NULL constraint exists */
+ int *pPrimaryKey, /* OUTPUT: True if column part of PK */
+ int *pAutoinc /* OUTPUT: True if column is auto-increment */
+){
+ int rc;
+ char *zErrMsg = 0;
+ Table *pTab = 0;
+ Column *pCol = 0;
+ int iCol = 0;
+ char const *zDataType = 0;
+ char const *zCollSeq = 0;
+ int notnull = 0;
+ int primarykey = 0;
+ int autoinc = 0;
+
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) || zTableName==0 ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+
+ /* Ensure the database schema has been loaded */
+ sqlite3_mutex_enter(db->mutex);
+ sqlite3BtreeEnterAll(db);
+ rc = sqlite3Init(db, &zErrMsg);
+ if( SQLITE_OK!=rc ){
+ goto error_out;
+ }
+
+ /* Locate the table in question */
+ pTab = sqlite3FindTable(db, zTableName, zDbName);
+ if( !pTab || pTab->pSelect ){
+ pTab = 0;
+ goto error_out;
+ }
+
+ /* Find the column for which info is requested */
+ if( zColumnName==0 ){
+ /* Query for existance of table only */
+ }else{
+ for(iCol=0; iCol<pTab->nCol; iCol++){
+ pCol = &pTab->aCol[iCol];
+ if( 0==sqlite3StrICmp(pCol->zName, zColumnName) ){
+ break;
+ }
+ }
+ if( iCol==pTab->nCol ){
+ if( HasRowid(pTab) && sqlite3IsRowid(zColumnName) ){
+ iCol = pTab->iPKey;
+ pCol = iCol>=0 ? &pTab->aCol[iCol] : 0;
+ }else{
+ pTab = 0;
+ goto error_out;
+ }
+ }
+ }
+
+ /* The following block stores the meta information that will be returned
+ ** to the caller in local variables zDataType, zCollSeq, notnull, primarykey
+ ** and autoinc. At this point there are two possibilities:
+ **
+ ** 1. The specified column name was rowid", "oid" or "_rowid_"
+ ** and there is no explicitly declared IPK column.
+ **
+ ** 2. The table is not a view and the column name identified an
+ ** explicitly declared column. Copy meta information from *pCol.
+ */
+ if( pCol ){
+ zDataType = pCol->zType;
+ zCollSeq = pCol->zColl;
+ notnull = pCol->notNull!=0;
+ primarykey = (pCol->colFlags & COLFLAG_PRIMKEY)!=0;
+ autoinc = pTab->iPKey==iCol && (pTab->tabFlags & TF_Autoincrement)!=0;
+ }else{
+ zDataType = "INTEGER";
+ primarykey = 1;
+ }
+ if( !zCollSeq ){
+ zCollSeq = sqlite3StrBINARY;
+ }
+
+error_out:
+ sqlite3BtreeLeaveAll(db);
+
+ /* Whether the function call succeeded or failed, set the output parameters
+ ** to whatever their local counterparts contain. If an error did occur,
+ ** this has the effect of zeroing all output parameters.
+ */
+ if( pzDataType ) *pzDataType = zDataType;
+ if( pzCollSeq ) *pzCollSeq = zCollSeq;
+ if( pNotNull ) *pNotNull = notnull;
+ if( pPrimaryKey ) *pPrimaryKey = primarykey;
+ if( pAutoinc ) *pAutoinc = autoinc;
+
+ if( SQLITE_OK==rc && !pTab ){
+ sqlite3DbFree(db, zErrMsg);
+ zErrMsg = sqlite3MPrintf(db, "no such table column: %s.%s", zTableName,
+ zColumnName);
+ rc = SQLITE_ERROR;
+ }
+ sqlite3ErrorWithMsg(db, rc, (zErrMsg?"%s":0), zErrMsg);
+ sqlite3DbFree(db, zErrMsg);
+ rc = sqlite3ApiExit(db, rc);
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** Sleep for a little while. Return the amount of time slept.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_sleep(int ms){
+ sqlite3_vfs *pVfs;
+ int rc;
+ pVfs = sqlite3_vfs_find(0);
+ if( pVfs==0 ) return 0;
+
+ /* This function works in milliseconds, but the underlying OsSleep()
+ ** API uses microseconds. Hence the 1000's.
+ */
+ rc = (sqlite3OsSleep(pVfs, 1000*ms)/1000);
+ return rc;
+}
+
+/*
+** Enable or disable the extended result codes.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_extended_result_codes(sqlite3 *db, int onoff){
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ db->errMask = onoff ? 0xffffffff : 0xff;
+ sqlite3_mutex_leave(db->mutex);
+ return SQLITE_OK;
+}
+
+/*
+** Invoke the xFileControl method on a particular database.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_file_control(sqlite3 *db, const char *zDbName, int op, void *pArg){
+ int rc = SQLITE_ERROR;
+ Btree *pBtree;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ pBtree = sqlite3DbNameToBtree(db, zDbName);
+ if( pBtree ){
+ Pager *pPager;
+ sqlite3_file *fd;
+ sqlite3BtreeEnter(pBtree);
+ pPager = sqlite3BtreePager(pBtree);
+ assert( pPager!=0 );
+ fd = sqlite3PagerFile(pPager);
+ assert( fd!=0 );
+ if( op==SQLITE_FCNTL_FILE_POINTER ){
+ *(sqlite3_file**)pArg = fd;
+ rc = SQLITE_OK;
+ }else if( op==SQLITE_FCNTL_VFS_POINTER ){
+ *(sqlite3_vfs**)pArg = sqlite3PagerVfs(pPager);
+ rc = SQLITE_OK;
+ }else if( op==SQLITE_FCNTL_JOURNAL_POINTER ){
+ *(sqlite3_file**)pArg = sqlite3PagerJrnlFile(pPager);
+ rc = SQLITE_OK;
+ }else if( fd->pMethods ){
+ rc = sqlite3OsFileControl(fd, op, pArg);
+ }else{
+ rc = SQLITE_NOTFOUND;
+ }
+ sqlite3BtreeLeave(pBtree);
+ }
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** Interface to the testing logic.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_test_control(int op, ...){
+ int rc = 0;
+#ifdef SQLITE_OMIT_BUILTIN_TEST
+ UNUSED_PARAMETER(op);
+#else
+ va_list ap;
+ va_start(ap, op);
+ switch( op ){
+
+ /*
+ ** Save the current state of the PRNG.
+ */
+ case SQLITE_TESTCTRL_PRNG_SAVE: {
+ sqlite3PrngSaveState();
+ break;
+ }
+
+ /*
+ ** Restore the state of the PRNG to the last state saved using
+ ** PRNG_SAVE. If PRNG_SAVE has never before been called, then
+ ** this verb acts like PRNG_RESET.
+ */
+ case SQLITE_TESTCTRL_PRNG_RESTORE: {
+ sqlite3PrngRestoreState();
+ break;
+ }
+
+ /*
+ ** Reset the PRNG back to its uninitialized state. The next call
+ ** to sqlite3_randomness() will reseed the PRNG using a single call
+ ** to the xRandomness method of the default VFS.
+ */
+ case SQLITE_TESTCTRL_PRNG_RESET: {
+ sqlite3_randomness(0,0);
+ break;
+ }
+
+ /*
+ ** sqlite3_test_control(BITVEC_TEST, size, program)
+ **
+ ** Run a test against a Bitvec object of size. The program argument
+ ** is an array of integers that defines the test. Return -1 on a
+ ** memory allocation error, 0 on success, or non-zero for an error.
+ ** See the sqlite3BitvecBuiltinTest() for additional information.
+ */
+ case SQLITE_TESTCTRL_BITVEC_TEST: {
+ int sz = va_arg(ap, int);
+ int *aProg = va_arg(ap, int*);
+ rc = sqlite3BitvecBuiltinTest(sz, aProg);
+ break;
+ }
+
+ /*
+ ** sqlite3_test_control(FAULT_INSTALL, xCallback)
+ **
+ ** Arrange to invoke xCallback() whenever sqlite3FaultSim() is called,
+ ** if xCallback is not NULL.
+ **
+ ** As a test of the fault simulator mechanism itself, sqlite3FaultSim(0)
+ ** is called immediately after installing the new callback and the return
+ ** value from sqlite3FaultSim(0) becomes the return from
+ ** sqlite3_test_control().
+ */
+ case SQLITE_TESTCTRL_FAULT_INSTALL: {
+ /* MSVC is picky about pulling func ptrs from va lists.
+ ** http://support.microsoft.com/kb/47961
+ ** sqlite3GlobalConfig.xTestCallback = va_arg(ap, int(*)(int));
+ */
+ typedef int(*TESTCALLBACKFUNC_t)(int);
+ sqlite3GlobalConfig.xTestCallback = va_arg(ap, TESTCALLBACKFUNC_t);
+ rc = sqlite3FaultSim(0);
+ break;
+ }
+
+ /*
+ ** sqlite3_test_control(BENIGN_MALLOC_HOOKS, xBegin, xEnd)
+ **
+ ** Register hooks to call to indicate which malloc() failures
+ ** are benign.
+ */
+ case SQLITE_TESTCTRL_BENIGN_MALLOC_HOOKS: {
+ typedef void (*void_function)(void);
+ void_function xBenignBegin;
+ void_function xBenignEnd;
+ xBenignBegin = va_arg(ap, void_function);
+ xBenignEnd = va_arg(ap, void_function);
+ sqlite3BenignMallocHooks(xBenignBegin, xBenignEnd);
+ break;
+ }
+
+ /*
+ ** sqlite3_test_control(SQLITE_TESTCTRL_PENDING_BYTE, unsigned int X)
+ **
+ ** Set the PENDING byte to the value in the argument, if X>0.
+ ** Make no changes if X==0. Return the value of the pending byte
+ ** as it existing before this routine was called.
+ **
+ ** IMPORTANT: Changing the PENDING byte from 0x40000000 results in
+ ** an incompatible database file format. Changing the PENDING byte
+ ** while any database connection is open results in undefined and
+ ** deleterious behavior.
+ */
+ case SQLITE_TESTCTRL_PENDING_BYTE: {
+ rc = PENDING_BYTE;
+#ifndef SQLITE_OMIT_WSD
+ {
+ unsigned int newVal = va_arg(ap, unsigned int);
+ if( newVal ) sqlite3PendingByte = newVal;
+ }
+#endif
+ break;
+ }
+
+ /*
+ ** sqlite3_test_control(SQLITE_TESTCTRL_ASSERT, int X)
+ **
+ ** This action provides a run-time test to see whether or not
+ ** assert() was enabled at compile-time. If X is true and assert()
+ ** is enabled, then the return value is true. If X is true and
+ ** assert() is disabled, then the return value is zero. If X is
+ ** false and assert() is enabled, then the assertion fires and the
+ ** process aborts. If X is false and assert() is disabled, then the
+ ** return value is zero.
+ */
+ case SQLITE_TESTCTRL_ASSERT: {
+ volatile int x = 0;
+ assert( (x = va_arg(ap,int))!=0 );
+ rc = x;
+ break;
+ }
+
+
+ /*
+ ** sqlite3_test_control(SQLITE_TESTCTRL_ALWAYS, int X)
+ **
+ ** This action provides a run-time test to see how the ALWAYS and
+ ** NEVER macros were defined at compile-time.
+ **
+ ** The return value is ALWAYS(X).
+ **
+ ** The recommended test is X==2. If the return value is 2, that means
+ ** ALWAYS() and NEVER() are both no-op pass-through macros, which is the
+ ** default setting. If the return value is 1, then ALWAYS() is either
+ ** hard-coded to true or else it asserts if its argument is false.
+ ** The first behavior (hard-coded to true) is the case if
+ ** SQLITE_TESTCTRL_ASSERT shows that assert() is disabled and the second
+ ** behavior (assert if the argument to ALWAYS() is false) is the case if
+ ** SQLITE_TESTCTRL_ASSERT shows that assert() is enabled.
+ **
+ ** The run-time test procedure might look something like this:
+ **
+ ** if( sqlite3_test_control(SQLITE_TESTCTRL_ALWAYS, 2)==2 ){
+ ** // ALWAYS() and NEVER() are no-op pass-through macros
+ ** }else if( sqlite3_test_control(SQLITE_TESTCTRL_ASSERT, 1) ){
+ ** // ALWAYS(x) asserts that x is true. NEVER(x) asserts x is false.
+ ** }else{
+ ** // ALWAYS(x) is a constant 1. NEVER(x) is a constant 0.
+ ** }
+ */
+ case SQLITE_TESTCTRL_ALWAYS: {
+ int x = va_arg(ap,int);
+ rc = ALWAYS(x);
+ break;
+ }
+
+ /*
+ ** sqlite3_test_control(SQLITE_TESTCTRL_BYTEORDER);
+ **
+ ** The integer returned reveals the byte-order of the computer on which
+ ** SQLite is running:
+ **
+ ** 1 big-endian, determined at run-time
+ ** 10 little-endian, determined at run-time
+ ** 432101 big-endian, determined at compile-time
+ ** 123410 little-endian, determined at compile-time
+ */
+ case SQLITE_TESTCTRL_BYTEORDER: {
+ rc = SQLITE_BYTEORDER*100 + SQLITE_LITTLEENDIAN*10 + SQLITE_BIGENDIAN;
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_RESERVE, sqlite3 *db, int N)
+ **
+ ** Set the nReserve size to N for the main database on the database
+ ** connection db.
+ */
+ case SQLITE_TESTCTRL_RESERVE: {
+ sqlite3 *db = va_arg(ap, sqlite3*);
+ int x = va_arg(ap,int);
+ sqlite3_mutex_enter(db->mutex);
+ sqlite3BtreeSetPageSize(db->aDb[0].pBt, 0, x, 0);
+ sqlite3_mutex_leave(db->mutex);
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_OPTIMIZATIONS, sqlite3 *db, int N)
+ **
+ ** Enable or disable various optimizations for testing purposes. The
+ ** argument N is a bitmask of optimizations to be disabled. For normal
+ ** operation N should be 0. The idea is that a test program (like the
+ ** SQL Logic Test or SLT test module) can run the same SQL multiple times
+ ** with various optimizations disabled to verify that the same answer
+ ** is obtained in every case.
+ */
+ case SQLITE_TESTCTRL_OPTIMIZATIONS: {
+ sqlite3 *db = va_arg(ap, sqlite3*);
+ db->dbOptFlags = (u16)(va_arg(ap, int) & 0xffff);
+ break;
+ }
+
+#ifdef SQLITE_N_KEYWORD
+ /* sqlite3_test_control(SQLITE_TESTCTRL_ISKEYWORD, const char *zWord)
+ **
+ ** If zWord is a keyword recognized by the parser, then return the
+ ** number of keywords. Or if zWord is not a keyword, return 0.
+ **
+ ** This test feature is only available in the amalgamation since
+ ** the SQLITE_N_KEYWORD macro is not defined in this file if SQLite
+ ** is built using separate source files.
+ */
+ case SQLITE_TESTCTRL_ISKEYWORD: {
+ const char *zWord = va_arg(ap, const char*);
+ int n = sqlite3Strlen30(zWord);
+ rc = (sqlite3KeywordCode((u8*)zWord, n)!=TK_ID) ? SQLITE_N_KEYWORD : 0;
+ break;
+ }
+#endif
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_SCRATCHMALLOC, sz, &pNew, pFree);
+ **
+ ** Pass pFree into sqlite3ScratchFree().
+ ** If sz>0 then allocate a scratch buffer into pNew.
+ */
+ case SQLITE_TESTCTRL_SCRATCHMALLOC: {
+ void *pFree, **ppNew;
+ int sz;
+ sz = va_arg(ap, int);
+ ppNew = va_arg(ap, void**);
+ pFree = va_arg(ap, void*);
+ if( sz ) *ppNew = sqlite3ScratchMalloc(sz);
+ sqlite3ScratchFree(pFree);
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_LOCALTIME_FAULT, int onoff);
+ **
+ ** If parameter onoff is non-zero, configure the wrappers so that all
+ ** subsequent calls to localtime() and variants fail. If onoff is zero,
+ ** undo this setting.
+ */
+ case SQLITE_TESTCTRL_LOCALTIME_FAULT: {
+ sqlite3GlobalConfig.bLocaltimeFault = va_arg(ap, int);
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_NEVER_CORRUPT, int);
+ **
+ ** Set or clear a flag that indicates that the database file is always well-
+ ** formed and never corrupt. This flag is clear by default, indicating that
+ ** database files might have arbitrary corruption. Setting the flag during
+ ** testing causes certain assert() statements in the code to be activated
+ ** that demonstrat invariants on well-formed database files.
+ */
+ case SQLITE_TESTCTRL_NEVER_CORRUPT: {
+ sqlite3GlobalConfig.neverCorrupt = va_arg(ap, int);
+ break;
+ }
+
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_VDBE_COVERAGE, xCallback, ptr);
+ **
+ ** Set the VDBE coverage callback function to xCallback with context
+ ** pointer ptr.
+ */
+ case SQLITE_TESTCTRL_VDBE_COVERAGE: {
+#ifdef SQLITE_VDBE_COVERAGE
+ typedef void (*branch_callback)(void*,int,u8,u8);
+ sqlite3GlobalConfig.xVdbeBranch = va_arg(ap,branch_callback);
+ sqlite3GlobalConfig.pVdbeBranchArg = va_arg(ap,void*);
+#endif
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_SORTER_MMAP, db, nMax); */
+ case SQLITE_TESTCTRL_SORTER_MMAP: {
+ sqlite3 *db = va_arg(ap, sqlite3*);
+ db->nMaxSorterMmap = va_arg(ap, int);
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_ISINIT);
+ **
+ ** Return SQLITE_OK if SQLite has been initialized and SQLITE_ERROR if
+ ** not.
+ */
+ case SQLITE_TESTCTRL_ISINIT: {
+ if( sqlite3GlobalConfig.isInit==0 ) rc = SQLITE_ERROR;
+ break;
+ }
+
+ /* sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, db, dbName, onOff, tnum);
+ **
+ ** This test control is used to create imposter tables. "db" is a pointer
+ ** to the database connection. dbName is the database name (ex: "main" or
+ ** "temp") which will receive the imposter. "onOff" turns imposter mode on
+ ** or off. "tnum" is the root page of the b-tree to which the imposter
+ ** table should connect.
+ **
+ ** Enable imposter mode only when the schema has already been parsed. Then
+ ** run a single CREATE TABLE statement to construct the imposter table in
+ ** the parsed schema. Then turn imposter mode back off again.
+ **
+ ** If onOff==0 and tnum>0 then reset the schema for all databases, causing
+ ** the schema to be reparsed the next time it is needed. This has the
+ ** effect of erasing all imposter tables.
+ */
+ case SQLITE_TESTCTRL_IMPOSTER: {
+ sqlite3 *db = va_arg(ap, sqlite3*);
+ sqlite3_mutex_enter(db->mutex);
+ db->init.iDb = sqlite3FindDbName(db, va_arg(ap,const char*));
+ db->init.busy = db->init.imposterTable = va_arg(ap,int);
+ db->init.newTnum = va_arg(ap,int);
+ if( db->init.busy==0 && db->init.newTnum>0 ){
+ sqlite3ResetAllSchemasOfConnection(db);
+ }
+ sqlite3_mutex_leave(db->mutex);
+ break;
+ }
+ }
+ va_end(ap);
+#endif /* SQLITE_OMIT_BUILTIN_TEST */
+ return rc;
+}
+
+/*
+** This is a utility routine, useful to VFS implementations, that checks
+** to see if a database file was a URI that contained a specific query
+** parameter, and if so obtains the value of the query parameter.
+**
+** The zFilename argument is the filename pointer passed into the xOpen()
+** method of a VFS implementation. The zParam argument is the name of the
+** query parameter we seek. This routine returns the value of the zParam
+** parameter if it exists. If the parameter does not exist, this routine
+** returns a NULL pointer.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_uri_parameter(const char *zFilename, const char *zParam){
+ if( zFilename==0 || zParam==0 ) return 0;
+ zFilename += sqlite3Strlen30(zFilename) + 1;
+ while( zFilename[0] ){
+ int x = strcmp(zFilename, zParam);
+ zFilename += sqlite3Strlen30(zFilename) + 1;
+ if( x==0 ) return zFilename;
+ zFilename += sqlite3Strlen30(zFilename) + 1;
+ }
+ return 0;
+}
+
+/*
+** Return a boolean value for a query parameter.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_uri_boolean(const char *zFilename, const char *zParam, int bDflt){
+ const char *z = sqlite3_uri_parameter(zFilename, zParam);
+ bDflt = bDflt!=0;
+ return z ? sqlite3GetBoolean(z, bDflt) : bDflt;
+}
+
+/*
+** Return a 64-bit integer value for a query parameter.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_uri_int64(
+ const char *zFilename, /* Filename as passed to xOpen */
+ const char *zParam, /* URI parameter sought */
+ sqlite3_int64 bDflt /* return if parameter is missing */
+){
+ const char *z = sqlite3_uri_parameter(zFilename, zParam);
+ sqlite3_int64 v;
+ if( z && sqlite3DecOrHexToI64(z, &v)==SQLITE_OK ){
+ bDflt = v;
+ }
+ return bDflt;
+}
+
+/*
+** Return the Btree pointer identified by zDbName. Return NULL if not found.
+*/
+SQLITE_PRIVATE Btree *sqlite3DbNameToBtree(sqlite3 *db, const char *zDbName){
+ int i;
+ for(i=0; i<db->nDb; i++){
+ if( db->aDb[i].pBt
+ && (zDbName==0 || sqlite3StrICmp(zDbName, db->aDb[i].zName)==0)
+ ){
+ return db->aDb[i].pBt;
+ }
+ }
+ return 0;
+}
+
+/*
+** Return the filename of the database associated with a database
+** connection.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_db_filename(sqlite3 *db, const char *zDbName){
+ Btree *pBt;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return 0;
+ }
+#endif
+ pBt = sqlite3DbNameToBtree(db, zDbName);
+ return pBt ? sqlite3BtreeGetFilename(pBt) : 0;
+}
+
+/*
+** Return 1 if database is read-only or 0 if read/write. Return -1 if
+** no such database exists.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_readonly(sqlite3 *db, const char *zDbName){
+ Btree *pBt;
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ (void)SQLITE_MISUSE_BKPT;
+ return -1;
+ }
+#endif
+ pBt = sqlite3DbNameToBtree(db, zDbName);
+ return pBt ? sqlite3BtreeIsReadonly(pBt) : -1;
+}
+
+#ifdef SQLITE_ENABLE_SNAPSHOT
+/*
+** Obtain a snapshot handle for the snapshot of database zDb currently
+** being read by handle db.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_snapshot_get(
+ sqlite3 *db,
+ const char *zDb,
+ sqlite3_snapshot **ppSnapshot
+){
+ int rc = SQLITE_ERROR;
+#ifndef SQLITE_OMIT_WAL
+ int iDb;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+
+ iDb = sqlite3FindDbName(db, zDb);
+ if( iDb==0 || iDb>1 ){
+ Btree *pBt = db->aDb[iDb].pBt;
+ if( 0==sqlite3BtreeIsInTrans(pBt) ){
+ rc = sqlite3BtreeBeginTrans(pBt, 0);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3PagerSnapshotGet(sqlite3BtreePager(pBt), ppSnapshot);
+ }
+ }
+ }
+
+ sqlite3_mutex_leave(db->mutex);
+#endif /* SQLITE_OMIT_WAL */
+ return rc;
+}
+
+/*
+** Open a read-transaction on the snapshot idendified by pSnapshot.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_snapshot_open(
+ sqlite3 *db,
+ const char *zDb,
+ sqlite3_snapshot *pSnapshot
+){
+ int rc = SQLITE_ERROR;
+#ifndef SQLITE_OMIT_WAL
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+ if( !sqlite3SafetyCheckOk(db) ){
+ return SQLITE_MISUSE_BKPT;
+ }
+#endif
+ sqlite3_mutex_enter(db->mutex);
+ if( db->autoCommit==0 ){
+ int iDb;
+ iDb = sqlite3FindDbName(db, zDb);
+ if( iDb==0 || iDb>1 ){
+ Btree *pBt = db->aDb[iDb].pBt;
+ if( 0==sqlite3BtreeIsInReadTrans(pBt) ){
+ rc = sqlite3PagerSnapshotOpen(sqlite3BtreePager(pBt), pSnapshot);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3BtreeBeginTrans(pBt, 0);
+ sqlite3PagerSnapshotOpen(sqlite3BtreePager(pBt), 0);
+ }
+ }
+ }
+ }
+
+ sqlite3_mutex_leave(db->mutex);
+#endif /* SQLITE_OMIT_WAL */
+ return rc;
+}
+
+/*
+** Free a snapshot handle obtained from sqlite3_snapshot_get().
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_snapshot_free(sqlite3_snapshot *pSnapshot){
+ sqlite3_free(pSnapshot);
+}
+#endif /* SQLITE_ENABLE_SNAPSHOT */
+
+/************** End of main.c ************************************************/
+/************** Begin file notify.c ******************************************/
+/*
+** 2009 March 3
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains the implementation of the sqlite3_unlock_notify()
+** API method and its associated functionality.
+*/
+/* #include "sqliteInt.h" */
+/* #include "btreeInt.h" */
+
+/* Omit this entire file if SQLITE_ENABLE_UNLOCK_NOTIFY is not defined. */
+#ifdef SQLITE_ENABLE_UNLOCK_NOTIFY
+
+/*
+** Public interfaces:
+**
+** sqlite3ConnectionBlocked()
+** sqlite3ConnectionUnlocked()
+** sqlite3ConnectionClosed()
+** sqlite3_unlock_notify()
+*/
+
+#define assertMutexHeld() \
+ assert( sqlite3_mutex_held(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER)) )
+
+/*
+** Head of a linked list of all sqlite3 objects created by this process
+** for which either sqlite3.pBlockingConnection or sqlite3.pUnlockConnection
+** is not NULL. This variable may only accessed while the STATIC_MASTER
+** mutex is held.
+*/
+static sqlite3 *SQLITE_WSD sqlite3BlockedList = 0;
+
+#ifndef NDEBUG
+/*
+** This function is a complex assert() that verifies the following
+** properties of the blocked connections list:
+**
+** 1) Each entry in the list has a non-NULL value for either
+** pUnlockConnection or pBlockingConnection, or both.
+**
+** 2) All entries in the list that share a common value for
+** xUnlockNotify are grouped together.
+**
+** 3) If the argument db is not NULL, then none of the entries in the
+** blocked connections list have pUnlockConnection or pBlockingConnection
+** set to db. This is used when closing connection db.
+*/
+static void checkListProperties(sqlite3 *db){
+ sqlite3 *p;
+ for(p=sqlite3BlockedList; p; p=p->pNextBlocked){
+ int seen = 0;
+ sqlite3 *p2;
+
+ /* Verify property (1) */
+ assert( p->pUnlockConnection || p->pBlockingConnection );
+
+ /* Verify property (2) */
+ for(p2=sqlite3BlockedList; p2!=p; p2=p2->pNextBlocked){
+ if( p2->xUnlockNotify==p->xUnlockNotify ) seen = 1;
+ assert( p2->xUnlockNotify==p->xUnlockNotify || !seen );
+ assert( db==0 || p->pUnlockConnection!=db );
+ assert( db==0 || p->pBlockingConnection!=db );
+ }
+ }
+}
+#else
+# define checkListProperties(x)
+#endif
+
+/*
+** Remove connection db from the blocked connections list. If connection
+** db is not currently a part of the list, this function is a no-op.
+*/
+static void removeFromBlockedList(sqlite3 *db){
+ sqlite3 **pp;
+ assertMutexHeld();
+ for(pp=&sqlite3BlockedList; *pp; pp = &(*pp)->pNextBlocked){
+ if( *pp==db ){
+ *pp = (*pp)->pNextBlocked;
+ break;
+ }
+ }
+}
+
+/*
+** Add connection db to the blocked connections list. It is assumed
+** that it is not already a part of the list.
+*/
+static void addToBlockedList(sqlite3 *db){
+ sqlite3 **pp;
+ assertMutexHeld();
+ for(
+ pp=&sqlite3BlockedList;
+ *pp && (*pp)->xUnlockNotify!=db->xUnlockNotify;
+ pp=&(*pp)->pNextBlocked
+ );
+ db->pNextBlocked = *pp;
+ *pp = db;
+}
+
+/*
+** Obtain the STATIC_MASTER mutex.
+*/
+static void enterMutex(void){
+ sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER));
+ checkListProperties(0);
+}
+
+/*
+** Release the STATIC_MASTER mutex.
+*/
+static void leaveMutex(void){
+ assertMutexHeld();
+ checkListProperties(0);
+ sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER));
+}
+
+/*
+** Register an unlock-notify callback.
+**
+** This is called after connection "db" has attempted some operation
+** but has received an SQLITE_LOCKED error because another connection
+** (call it pOther) in the same process was busy using the same shared
+** cache. pOther is found by looking at db->pBlockingConnection.
+**
+** If there is no blocking connection, the callback is invoked immediately,
+** before this routine returns.
+**
+** If pOther is already blocked on db, then report SQLITE_LOCKED, to indicate
+** a deadlock.
+**
+** Otherwise, make arrangements to invoke xNotify when pOther drops
+** its locks.
+**
+** Each call to this routine overrides any prior callbacks registered
+** on the same "db". If xNotify==0 then any prior callbacks are immediately
+** cancelled.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_unlock_notify(
+ sqlite3 *db,
+ void (*xNotify)(void **, int),
+ void *pArg
+){
+ int rc = SQLITE_OK;
+
+ sqlite3_mutex_enter(db->mutex);
+ enterMutex();
+
+ if( xNotify==0 ){
+ removeFromBlockedList(db);
+ db->pBlockingConnection = 0;
+ db->pUnlockConnection = 0;
+ db->xUnlockNotify = 0;
+ db->pUnlockArg = 0;
+ }else if( 0==db->pBlockingConnection ){
+ /* The blocking transaction has been concluded. Or there never was a
+ ** blocking transaction. In either case, invoke the notify callback
+ ** immediately.
+ */
+ xNotify(&pArg, 1);
+ }else{
+ sqlite3 *p;
+
+ for(p=db->pBlockingConnection; p && p!=db; p=p->pUnlockConnection){}
+ if( p ){
+ rc = SQLITE_LOCKED; /* Deadlock detected. */
+ }else{
+ db->pUnlockConnection = db->pBlockingConnection;
+ db->xUnlockNotify = xNotify;
+ db->pUnlockArg = pArg;
+ removeFromBlockedList(db);
+ addToBlockedList(db);
+ }
+ }
+
+ leaveMutex();
+ assert( !db->mallocFailed );
+ sqlite3ErrorWithMsg(db, rc, (rc?"database is deadlocked":0));
+ sqlite3_mutex_leave(db->mutex);
+ return rc;
+}
+
+/*
+** This function is called while stepping or preparing a statement
+** associated with connection db. The operation will return SQLITE_LOCKED
+** to the user because it requires a lock that will not be available
+** until connection pBlocker concludes its current transaction.
+*/
+SQLITE_PRIVATE void sqlite3ConnectionBlocked(sqlite3 *db, sqlite3 *pBlocker){
+ enterMutex();
+ if( db->pBlockingConnection==0 && db->pUnlockConnection==0 ){
+ addToBlockedList(db);
+ }
+ db->pBlockingConnection = pBlocker;
+ leaveMutex();
+}
+
+/*
+** This function is called when
+** the transaction opened by database db has just finished. Locks held
+** by database connection db have been released.
+**
+** This function loops through each entry in the blocked connections
+** list and does the following:
+**
+** 1) If the sqlite3.pBlockingConnection member of a list entry is
+** set to db, then set pBlockingConnection=0.
+**
+** 2) If the sqlite3.pUnlockConnection member of a list entry is
+** set to db, then invoke the configured unlock-notify callback and
+** set pUnlockConnection=0.
+**
+** 3) If the two steps above mean that pBlockingConnection==0 and
+** pUnlockConnection==0, remove the entry from the blocked connections
+** list.
+*/
+SQLITE_PRIVATE void sqlite3ConnectionUnlocked(sqlite3 *db){
+ void (*xUnlockNotify)(void **, int) = 0; /* Unlock-notify cb to invoke */
+ int nArg = 0; /* Number of entries in aArg[] */
+ sqlite3 **pp; /* Iterator variable */
+ void **aArg; /* Arguments to the unlock callback */
+ void **aDyn = 0; /* Dynamically allocated space for aArg[] */
+ void *aStatic[16]; /* Starter space for aArg[]. No malloc required */
+
+ aArg = aStatic;
+ enterMutex(); /* Enter STATIC_MASTER mutex */
+
+ /* This loop runs once for each entry in the blocked-connections list. */
+ for(pp=&sqlite3BlockedList; *pp; /* no-op */ ){
+ sqlite3 *p = *pp;
+
+ /* Step 1. */
+ if( p->pBlockingConnection==db ){
+ p->pBlockingConnection = 0;
+ }
+
+ /* Step 2. */
+ if( p->pUnlockConnection==db ){
+ assert( p->xUnlockNotify );
+ if( p->xUnlockNotify!=xUnlockNotify && nArg!=0 ){
+ xUnlockNotify(aArg, nArg);
+ nArg = 0;
+ }
+
+ sqlite3BeginBenignMalloc();
+ assert( aArg==aDyn || (aDyn==0 && aArg==aStatic) );
+ assert( nArg<=(int)ArraySize(aStatic) || aArg==aDyn );
+ if( (!aDyn && nArg==(int)ArraySize(aStatic))
+ || (aDyn && nArg==(int)(sqlite3MallocSize(aDyn)/sizeof(void*)))
+ ){
+ /* The aArg[] array needs to grow. */
+ void **pNew = (void **)sqlite3Malloc(nArg*sizeof(void *)*2);
+ if( pNew ){
+ memcpy(pNew, aArg, nArg*sizeof(void *));
+ sqlite3_free(aDyn);
+ aDyn = aArg = pNew;
+ }else{
+ /* This occurs when the array of context pointers that need to
+ ** be passed to the unlock-notify callback is larger than the
+ ** aStatic[] array allocated on the stack and the attempt to
+ ** allocate a larger array from the heap has failed.
+ **
+ ** This is a difficult situation to handle. Returning an error
+ ** code to the caller is insufficient, as even if an error code
+ ** is returned the transaction on connection db will still be
+ ** closed and the unlock-notify callbacks on blocked connections
+ ** will go unissued. This might cause the application to wait
+ ** indefinitely for an unlock-notify callback that will never
+ ** arrive.
+ **
+ ** Instead, invoke the unlock-notify callback with the context
+ ** array already accumulated. We can then clear the array and
+ ** begin accumulating any further context pointers without
+ ** requiring any dynamic allocation. This is sub-optimal because
+ ** it means that instead of one callback with a large array of
+ ** context pointers the application will receive two or more
+ ** callbacks with smaller arrays of context pointers, which will
+ ** reduce the applications ability to prioritize multiple
+ ** connections. But it is the best that can be done under the
+ ** circumstances.
+ */
+ xUnlockNotify(aArg, nArg);
+ nArg = 0;
+ }
+ }
+ sqlite3EndBenignMalloc();
+
+ aArg[nArg++] = p->pUnlockArg;
+ xUnlockNotify = p->xUnlockNotify;
+ p->pUnlockConnection = 0;
+ p->xUnlockNotify = 0;
+ p->pUnlockArg = 0;
+ }
+
+ /* Step 3. */
+ if( p->pBlockingConnection==0 && p->pUnlockConnection==0 ){
+ /* Remove connection p from the blocked connections list. */
+ *pp = p->pNextBlocked;
+ p->pNextBlocked = 0;
+ }else{
+ pp = &p->pNextBlocked;
+ }
+ }
+
+ if( nArg!=0 ){
+ xUnlockNotify(aArg, nArg);
+ }
+ sqlite3_free(aDyn);
+ leaveMutex(); /* Leave STATIC_MASTER mutex */
+}
+
+/*
+** This is called when the database connection passed as an argument is
+** being closed. The connection is removed from the blocked list.
+*/
+SQLITE_PRIVATE void sqlite3ConnectionClosed(sqlite3 *db){
+ sqlite3ConnectionUnlocked(db);
+ enterMutex();
+ removeFromBlockedList(db);
+ checkListProperties(db);
+ leaveMutex();
+}
+#endif
+
+/************** End of notify.c **********************************************/
+/************** Begin file fts3.c ********************************************/
+/*
+** 2006 Oct 10
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This is an SQLite module implementing full-text search.
+*/
+
+/*
+** The code in this file is only compiled if:
+**
+** * The FTS3 module is being built as an extension
+** (in which case SQLITE_CORE is not defined), or
+**
+** * The FTS3 module is being built into the core of
+** SQLite (in which case SQLITE_ENABLE_FTS3 is defined).
+*/
+
+/* The full-text index is stored in a series of b+tree (-like)
+** structures called segments which map terms to doclists. The
+** structures are like b+trees in layout, but are constructed from the
+** bottom up in optimal fashion and are not updatable. Since trees
+** are built from the bottom up, things will be described from the
+** bottom up.
+**
+**
+**** Varints ****
+** The basic unit of encoding is a variable-length integer called a
+** varint. We encode variable-length integers in little-endian order
+** using seven bits * per byte as follows:
+**
+** KEY:
+** A = 0xxxxxxx 7 bits of data and one flag bit
+** B = 1xxxxxxx 7 bits of data and one flag bit
+**
+** 7 bits - A
+** 14 bits - BA
+** 21 bits - BBA
+** and so on.
+**
+** This is similar in concept to how sqlite encodes "varints" but
+** the encoding is not the same. SQLite varints are big-endian
+** are are limited to 9 bytes in length whereas FTS3 varints are
+** little-endian and can be up to 10 bytes in length (in theory).
+**
+** Example encodings:
+**
+** 1: 0x01
+** 127: 0x7f
+** 128: 0x81 0x00
+**
+**
+**** Document lists ****
+** A doclist (document list) holds a docid-sorted list of hits for a
+** given term. Doclists hold docids and associated token positions.
+** A docid is the unique integer identifier for a single document.
+** A position is the index of a word within the document. The first
+** word of the document has a position of 0.
+**
+** FTS3 used to optionally store character offsets using a compile-time
+** option. But that functionality is no longer supported.
+**
+** A doclist is stored like this:
+**
+** array {
+** varint docid; (delta from previous doclist)
+** array { (position list for column 0)
+** varint position; (2 more than the delta from previous position)
+** }
+** array {
+** varint POS_COLUMN; (marks start of position list for new column)
+** varint column; (index of new column)
+** array {
+** varint position; (2 more than the delta from previous position)
+** }
+** }
+** varint POS_END; (marks end of positions for this document.
+** }
+**
+** Here, array { X } means zero or more occurrences of X, adjacent in
+** memory. A "position" is an index of a token in the token stream
+** generated by the tokenizer. Note that POS_END and POS_COLUMN occur
+** in the same logical place as the position element, and act as sentinals
+** ending a position list array. POS_END is 0. POS_COLUMN is 1.
+** The positions numbers are not stored literally but rather as two more
+** than the difference from the prior position, or the just the position plus
+** 2 for the first position. Example:
+**
+** label: A B C D E F G H I J K
+** value: 123 5 9 1 1 14 35 0 234 72 0
+**
+** The 123 value is the first docid. For column zero in this document
+** there are two matches at positions 3 and 10 (5-2 and 9-2+3). The 1
+** at D signals the start of a new column; the 1 at E indicates that the
+** new column is column number 1. There are two positions at 12 and 45
+** (14-2 and 35-2+12). The 0 at H indicate the end-of-document. The
+** 234 at I is the delta to next docid (357). It has one position 70
+** (72-2) and then terminates with the 0 at K.
+**
+** A "position-list" is the list of positions for multiple columns for
+** a single docid. A "column-list" is the set of positions for a single
+** column. Hence, a position-list consists of one or more column-lists,
+** a document record consists of a docid followed by a position-list and
+** a doclist consists of one or more document records.
+**
+** A bare doclist omits the position information, becoming an
+** array of varint-encoded docids.
+**
+**** Segment leaf nodes ****
+** Segment leaf nodes store terms and doclists, ordered by term. Leaf
+** nodes are written using LeafWriter, and read using LeafReader (to
+** iterate through a single leaf node's data) and LeavesReader (to
+** iterate through a segment's entire leaf layer). Leaf nodes have
+** the format:
+**
+** varint iHeight; (height from leaf level, always 0)
+** varint nTerm; (length of first term)
+** char pTerm[nTerm]; (content of first term)
+** varint nDoclist; (length of term's associated doclist)
+** char pDoclist[nDoclist]; (content of doclist)
+** array {
+** (further terms are delta-encoded)
+** varint nPrefix; (length of prefix shared with previous term)
+** varint nSuffix; (length of unshared suffix)
+** char pTermSuffix[nSuffix];(unshared suffix of next term)
+** varint nDoclist; (length of term's associated doclist)
+** char pDoclist[nDoclist]; (content of doclist)
+** }
+**
+** Here, array { X } means zero or more occurrences of X, adjacent in
+** memory.
+**
+** Leaf nodes are broken into blocks which are stored contiguously in
+** the %_segments table in sorted order. This means that when the end
+** of a node is reached, the next term is in the node with the next
+** greater node id.
+**
+** New data is spilled to a new leaf node when the current node
+** exceeds LEAF_MAX bytes (default 2048). New data which itself is
+** larger than STANDALONE_MIN (default 1024) is placed in a standalone
+** node (a leaf node with a single term and doclist). The goal of
+** these settings is to pack together groups of small doclists while
+** making it efficient to directly access large doclists. The
+** assumption is that large doclists represent terms which are more
+** likely to be query targets.
+**
+** TODO(shess) It may be useful for blocking decisions to be more
+** dynamic. For instance, it may make more sense to have a 2.5k leaf
+** node rather than splitting into 2k and .5k nodes. My intuition is
+** that this might extend through 2x or 4x the pagesize.
+**
+**
+**** Segment interior nodes ****
+** Segment interior nodes store blockids for subtree nodes and terms
+** to describe what data is stored by the each subtree. Interior
+** nodes are written using InteriorWriter, and read using
+** InteriorReader. InteriorWriters are created as needed when
+** SegmentWriter creates new leaf nodes, or when an interior node
+** itself grows too big and must be split. The format of interior
+** nodes:
+**
+** varint iHeight; (height from leaf level, always >0)
+** varint iBlockid; (block id of node's leftmost subtree)
+** optional {
+** varint nTerm; (length of first term)
+** char pTerm[nTerm]; (content of first term)
+** array {
+** (further terms are delta-encoded)
+** varint nPrefix; (length of shared prefix with previous term)
+** varint nSuffix; (length of unshared suffix)
+** char pTermSuffix[nSuffix]; (unshared suffix of next term)
+** }
+** }
+**
+** Here, optional { X } means an optional element, while array { X }
+** means zero or more occurrences of X, adjacent in memory.
+**
+** An interior node encodes n terms separating n+1 subtrees. The
+** subtree blocks are contiguous, so only the first subtree's blockid
+** is encoded. The subtree at iBlockid will contain all terms less
+** than the first term encoded (or all terms if no term is encoded).
+** Otherwise, for terms greater than or equal to pTerm[i] but less
+** than pTerm[i+1], the subtree for that term will be rooted at
+** iBlockid+i. Interior nodes only store enough term data to
+** distinguish adjacent children (if the rightmost term of the left
+** child is "something", and the leftmost term of the right child is
+** "wicked", only "w" is stored).
+**
+** New data is spilled to a new interior node at the same height when
+** the current node exceeds INTERIOR_MAX bytes (default 2048).
+** INTERIOR_MIN_TERMS (default 7) keeps large terms from monopolizing
+** interior nodes and making the tree too skinny. The interior nodes
+** at a given height are naturally tracked by interior nodes at
+** height+1, and so on.
+**
+**
+**** Segment directory ****
+** The segment directory in table %_segdir stores meta-information for
+** merging and deleting segments, and also the root node of the
+** segment's tree.
+**
+** The root node is the top node of the segment's tree after encoding
+** the entire segment, restricted to ROOT_MAX bytes (default 1024).
+** This could be either a leaf node or an interior node. If the top
+** node requires more than ROOT_MAX bytes, it is flushed to %_segments
+** and a new root interior node is generated (which should always fit
+** within ROOT_MAX because it only needs space for 2 varints, the
+** height and the blockid of the previous root).
+**
+** The meta-information in the segment directory is:
+** level - segment level (see below)
+** idx - index within level
+** - (level,idx uniquely identify a segment)
+** start_block - first leaf node
+** leaves_end_block - last leaf node
+** end_block - last block (including interior nodes)
+** root - contents of root node
+**
+** If the root node is a leaf node, then start_block,
+** leaves_end_block, and end_block are all 0.
+**
+**
+**** Segment merging ****
+** To amortize update costs, segments are grouped into levels and
+** merged in batches. Each increase in level represents exponentially
+** more documents.
+**
+** New documents (actually, document updates) are tokenized and
+** written individually (using LeafWriter) to a level 0 segment, with
+** incrementing idx. When idx reaches MERGE_COUNT (default 16), all
+** level 0 segments are merged into a single level 1 segment. Level 1
+** is populated like level 0, and eventually MERGE_COUNT level 1
+** segments are merged to a single level 2 segment (representing
+** MERGE_COUNT^2 updates), and so on.
+**
+** A segment merge traverses all segments at a given level in
+** parallel, performing a straightforward sorted merge. Since segment
+** leaf nodes are written in to the %_segments table in order, this
+** merge traverses the underlying sqlite disk structures efficiently.
+** After the merge, all segment blocks from the merged level are
+** deleted.
+**
+** MERGE_COUNT controls how often we merge segments. 16 seems to be
+** somewhat of a sweet spot for insertion performance. 32 and 64 show
+** very similar performance numbers to 16 on insertion, though they're
+** a tiny bit slower (perhaps due to more overhead in merge-time
+** sorting). 8 is about 20% slower than 16, 4 about 50% slower than
+** 16, 2 about 66% slower than 16.
+**
+** At query time, high MERGE_COUNT increases the number of segments
+** which need to be scanned and merged. For instance, with 100k docs
+** inserted:
+**
+** MERGE_COUNT segments
+** 16 25
+** 8 12
+** 4 10
+** 2 6
+**
+** This appears to have only a moderate impact on queries for very
+** frequent terms (which are somewhat dominated by segment merge
+** costs), and infrequent and non-existent terms still seem to be fast
+** even with many segments.
+**
+** TODO(shess) That said, it would be nice to have a better query-side
+** argument for MERGE_COUNT of 16. Also, it is possible/likely that
+** optimizations to things like doclist merging will swing the sweet
+** spot around.
+**
+**
+**
+**** Handling of deletions and updates ****
+** Since we're using a segmented structure, with no docid-oriented
+** index into the term index, we clearly cannot simply update the term
+** index when a document is deleted or updated. For deletions, we
+** write an empty doclist (varint(docid) varint(POS_END)), for updates
+** we simply write the new doclist. Segment merges overwrite older
+** data for a particular docid with newer data, so deletes or updates
+** will eventually overtake the earlier data and knock it out. The
+** query logic likewise merges doclists so that newer data knocks out
+** older data.
+*/
+
+/************** Include fts3Int.h in the middle of fts3.c ********************/
+/************** Begin file fts3Int.h *****************************************/
+/*
+** 2009 Nov 12
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+*/
+#ifndef _FTSINT_H
+#define _FTSINT_H
+
+#if !defined(NDEBUG) && !defined(SQLITE_DEBUG)
+# define NDEBUG 1
+#endif
+
+/*
+** FTS4 is really an extension for FTS3. It is enabled using the
+** SQLITE_ENABLE_FTS3 macro. But to avoid confusion we also all
+** the SQLITE_ENABLE_FTS4 macro to serve as an alisse for SQLITE_ENABLE_FTS3.
+*/
+#if defined(SQLITE_ENABLE_FTS4) && !defined(SQLITE_ENABLE_FTS3)
+# define SQLITE_ENABLE_FTS3
+#endif
+
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* If not building as part of the core, include sqlite3ext.h. */
+#ifndef SQLITE_CORE
+/* # include "sqlite3ext.h" */
+SQLITE_EXTENSION_INIT3
+#endif
+
+/* #include "sqlite3.h" */
+/************** Include fts3_tokenizer.h in the middle of fts3Int.h **********/
+/************** Begin file fts3_tokenizer.h **********************************/
+/*
+** 2006 July 10
+**
+** The author disclaims copyright to this source code.
+**
+*************************************************************************
+** Defines the interface to tokenizers used by fulltext-search. There
+** are three basic components:
+**
+** sqlite3_tokenizer_module is a singleton defining the tokenizer
+** interface functions. This is essentially the class structure for
+** tokenizers.
+**
+** sqlite3_tokenizer is used to define a particular tokenizer, perhaps
+** including customization information defined at creation time.
+**
+** sqlite3_tokenizer_cursor is generated by a tokenizer to generate
+** tokens from a particular input.
+*/
+#ifndef _FTS3_TOKENIZER_H_
+#define _FTS3_TOKENIZER_H_
+
+/* TODO(shess) Only used for SQLITE_OK and SQLITE_DONE at this time.
+** If tokenizers are to be allowed to call sqlite3_*() functions, then
+** we will need a way to register the API consistently.
+*/
+/* #include "sqlite3.h" */
+
+/*
+** Structures used by the tokenizer interface. When a new tokenizer
+** implementation is registered, the caller provides a pointer to
+** an sqlite3_tokenizer_module containing pointers to the callback
+** functions that make up an implementation.
+**
+** When an fts3 table is created, it passes any arguments passed to
+** the tokenizer clause of the CREATE VIRTUAL TABLE statement to the
+** sqlite3_tokenizer_module.xCreate() function of the requested tokenizer
+** implementation. The xCreate() function in turn returns an
+** sqlite3_tokenizer structure representing the specific tokenizer to
+** be used for the fts3 table (customized by the tokenizer clause arguments).
+**
+** To tokenize an input buffer, the sqlite3_tokenizer_module.xOpen()
+** method is called. It returns an sqlite3_tokenizer_cursor object
+** that may be used to tokenize a specific input buffer based on
+** the tokenization rules supplied by a specific sqlite3_tokenizer
+** object.
+*/
+typedef struct sqlite3_tokenizer_module sqlite3_tokenizer_module;
+typedef struct sqlite3_tokenizer sqlite3_tokenizer;
+typedef struct sqlite3_tokenizer_cursor sqlite3_tokenizer_cursor;
+
+struct sqlite3_tokenizer_module {
+
+ /*
+ ** Structure version. Should always be set to 0 or 1.
+ */
+ int iVersion;
+
+ /*
+ ** Create a new tokenizer. The values in the argv[] array are the
+ ** arguments passed to the "tokenizer" clause of the CREATE VIRTUAL
+ ** TABLE statement that created the fts3 table. For example, if
+ ** the following SQL is executed:
+ **
+ ** CREATE .. USING fts3( ... , tokenizer <tokenizer-name> arg1 arg2)
+ **
+ ** then argc is set to 2, and the argv[] array contains pointers
+ ** to the strings "arg1" and "arg2".
+ **
+ ** This method should return either SQLITE_OK (0), or an SQLite error
+ ** code. If SQLITE_OK is returned, then *ppTokenizer should be set
+ ** to point at the newly created tokenizer structure. The generic
+ ** sqlite3_tokenizer.pModule variable should not be initialized by
+ ** this callback. The caller will do so.
+ */
+ int (*xCreate)(
+ int argc, /* Size of argv array */
+ const char *const*argv, /* Tokenizer argument strings */
+ sqlite3_tokenizer **ppTokenizer /* OUT: Created tokenizer */
+ );
+
+ /*
+ ** Destroy an existing tokenizer. The fts3 module calls this method
+ ** exactly once for each successful call to xCreate().
+ */
+ int (*xDestroy)(sqlite3_tokenizer *pTokenizer);
+
+ /*
+ ** Create a tokenizer cursor to tokenize an input buffer. The caller
+ ** is responsible for ensuring that the input buffer remains valid
+ ** until the cursor is closed (using the xClose() method).
+ */
+ int (*xOpen)(
+ sqlite3_tokenizer *pTokenizer, /* Tokenizer object */
+ const char *pInput, int nBytes, /* Input buffer */
+ sqlite3_tokenizer_cursor **ppCursor /* OUT: Created tokenizer cursor */
+ );
+
+ /*
+ ** Destroy an existing tokenizer cursor. The fts3 module calls this
+ ** method exactly once for each successful call to xOpen().
+ */
+ int (*xClose)(sqlite3_tokenizer_cursor *pCursor);
+
+ /*
+ ** Retrieve the next token from the tokenizer cursor pCursor. This
+ ** method should either return SQLITE_OK and set the values of the
+ ** "OUT" variables identified below, or SQLITE_DONE to indicate that
+ ** the end of the buffer has been reached, or an SQLite error code.
+ **
+ ** *ppToken should be set to point at a buffer containing the
+ ** normalized version of the token (i.e. after any case-folding and/or
+ ** stemming has been performed). *pnBytes should be set to the length
+ ** of this buffer in bytes. The input text that generated the token is
+ ** identified by the byte offsets returned in *piStartOffset and
+ ** *piEndOffset. *piStartOffset should be set to the index of the first
+ ** byte of the token in the input buffer. *piEndOffset should be set
+ ** to the index of the first byte just past the end of the token in
+ ** the input buffer.
+ **
+ ** The buffer *ppToken is set to point at is managed by the tokenizer
+ ** implementation. It is only required to be valid until the next call
+ ** to xNext() or xClose().
+ */
+ /* TODO(shess) current implementation requires pInput to be
+ ** nul-terminated. This should either be fixed, or pInput/nBytes
+ ** should be converted to zInput.
+ */
+ int (*xNext)(
+ sqlite3_tokenizer_cursor *pCursor, /* Tokenizer cursor */
+ const char **ppToken, int *pnBytes, /* OUT: Normalized text for token */
+ int *piStartOffset, /* OUT: Byte offset of token in input buffer */
+ int *piEndOffset, /* OUT: Byte offset of end of token in input buffer */
+ int *piPosition /* OUT: Number of tokens returned before this one */
+ );
+
+ /***********************************************************************
+ ** Methods below this point are only available if iVersion>=1.
+ */
+
+ /*
+ ** Configure the language id of a tokenizer cursor.
+ */
+ int (*xLanguageid)(sqlite3_tokenizer_cursor *pCsr, int iLangid);
+};
+
+struct sqlite3_tokenizer {
+ const sqlite3_tokenizer_module *pModule; /* The module for this tokenizer */
+ /* Tokenizer implementations will typically add additional fields */
+};
+
+struct sqlite3_tokenizer_cursor {
+ sqlite3_tokenizer *pTokenizer; /* Tokenizer for this cursor. */
+ /* Tokenizer implementations will typically add additional fields */
+};
+
+int fts3_global_term_cnt(int iTerm, int iCol);
+int fts3_term_cnt(int iTerm, int iCol);
+
+
+#endif /* _FTS3_TOKENIZER_H_ */
+
+/************** End of fts3_tokenizer.h **************************************/
+/************** Continuing where we left off in fts3Int.h ********************/
+/************** Include fts3_hash.h in the middle of fts3Int.h ***************/
+/************** Begin file fts3_hash.h ***************************************/
+/*
+** 2001 September 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This is the header file for the generic hash-table implementation
+** used in SQLite. We've modified it slightly to serve as a standalone
+** hash table implementation for the full-text indexing module.
+**
+*/
+#ifndef _FTS3_HASH_H_
+#define _FTS3_HASH_H_
+
+/* Forward declarations of structures. */
+typedef struct Fts3Hash Fts3Hash;
+typedef struct Fts3HashElem Fts3HashElem;
+
+/* A complete hash table is an instance of the following structure.
+** The internals of this structure are intended to be opaque -- client
+** code should not attempt to access or modify the fields of this structure
+** directly. Change this structure only by using the routines below.
+** However, many of the "procedures" and "functions" for modifying and
+** accessing this structure are really macros, so we can't really make
+** this structure opaque.
+*/
+struct Fts3Hash {
+ char keyClass; /* HASH_INT, _POINTER, _STRING, _BINARY */
+ char copyKey; /* True if copy of key made on insert */
+ int count; /* Number of entries in this table */
+ Fts3HashElem *first; /* The first element of the array */
+ int htsize; /* Number of buckets in the hash table */
+ struct _fts3ht { /* the hash table */
+ int count; /* Number of entries with this hash */
+ Fts3HashElem *chain; /* Pointer to first entry with this hash */
+ } *ht;
+};
+
+/* Each element in the hash table is an instance of the following
+** structure. All elements are stored on a single doubly-linked list.
+**
+** Again, this structure is intended to be opaque, but it can't really
+** be opaque because it is used by macros.
+*/
+struct Fts3HashElem {
+ Fts3HashElem *next, *prev; /* Next and previous elements in the table */
+ void *data; /* Data associated with this element */
+ void *pKey; int nKey; /* Key associated with this element */
+};
+
+/*
+** There are 2 different modes of operation for a hash table:
+**
+** FTS3_HASH_STRING pKey points to a string that is nKey bytes long
+** (including the null-terminator, if any). Case
+** is respected in comparisons.
+**
+** FTS3_HASH_BINARY pKey points to binary data nKey bytes long.
+** memcmp() is used to compare keys.
+**
+** A copy of the key is made if the copyKey parameter to fts3HashInit is 1.
+*/
+#define FTS3_HASH_STRING 1
+#define FTS3_HASH_BINARY 2
+
+/*
+** Access routines. To delete, insert a NULL pointer.
+*/
+SQLITE_PRIVATE void sqlite3Fts3HashInit(Fts3Hash *pNew, char keyClass, char copyKey);
+SQLITE_PRIVATE void *sqlite3Fts3HashInsert(Fts3Hash*, const void *pKey, int nKey, void *pData);
+SQLITE_PRIVATE void *sqlite3Fts3HashFind(const Fts3Hash*, const void *pKey, int nKey);
+SQLITE_PRIVATE void sqlite3Fts3HashClear(Fts3Hash*);
+SQLITE_PRIVATE Fts3HashElem *sqlite3Fts3HashFindElem(const Fts3Hash *, const void *, int);
+
+/*
+** Shorthand for the functions above
+*/
+#define fts3HashInit sqlite3Fts3HashInit
+#define fts3HashInsert sqlite3Fts3HashInsert
+#define fts3HashFind sqlite3Fts3HashFind
+#define fts3HashClear sqlite3Fts3HashClear
+#define fts3HashFindElem sqlite3Fts3HashFindElem
+
+/*
+** Macros for looping over all elements of a hash table. The idiom is
+** like this:
+**
+** Fts3Hash h;
+** Fts3HashElem *p;
+** ...
+** for(p=fts3HashFirst(&h); p; p=fts3HashNext(p)){
+** SomeStructure *pData = fts3HashData(p);
+** // do something with pData
+** }
+*/
+#define fts3HashFirst(H) ((H)->first)
+#define fts3HashNext(E) ((E)->next)
+#define fts3HashData(E) ((E)->data)
+#define fts3HashKey(E) ((E)->pKey)
+#define fts3HashKeysize(E) ((E)->nKey)
+
+/*
+** Number of entries in a hash table
+*/
+#define fts3HashCount(H) ((H)->count)
+
+#endif /* _FTS3_HASH_H_ */
+
+/************** End of fts3_hash.h *******************************************/
+/************** Continuing where we left off in fts3Int.h ********************/
+
+/*
+** This constant determines the maximum depth of an FTS expression tree
+** that the library will create and use. FTS uses recursion to perform
+** various operations on the query tree, so the disadvantage of a large
+** limit is that it may allow very large queries to use large amounts
+** of stack space (perhaps causing a stack overflow).
+*/
+#ifndef SQLITE_FTS3_MAX_EXPR_DEPTH
+# define SQLITE_FTS3_MAX_EXPR_DEPTH 12
+#endif
+
+
+/*
+** This constant controls how often segments are merged. Once there are
+** FTS3_MERGE_COUNT segments of level N, they are merged into a single
+** segment of level N+1.
+*/
+#define FTS3_MERGE_COUNT 16
+
+/*
+** This is the maximum amount of data (in bytes) to store in the
+** Fts3Table.pendingTerms hash table. Normally, the hash table is
+** populated as documents are inserted/updated/deleted in a transaction
+** and used to create a new segment when the transaction is committed.
+** However if this limit is reached midway through a transaction, a new
+** segment is created and the hash table cleared immediately.
+*/
+#define FTS3_MAX_PENDING_DATA (1*1024*1024)
+
+/*
+** Macro to return the number of elements in an array. SQLite has a
+** similar macro called ArraySize(). Use a different name to avoid
+** a collision when building an amalgamation with built-in FTS3.
+*/
+#define SizeofArray(X) ((int)(sizeof(X)/sizeof(X[0])))
+
+
+#ifndef MIN
+# define MIN(x,y) ((x)<(y)?(x):(y))
+#endif
+#ifndef MAX
+# define MAX(x,y) ((x)>(y)?(x):(y))
+#endif
+
+/*
+** Maximum length of a varint encoded integer. The varint format is different
+** from that used by SQLite, so the maximum length is 10, not 9.
+*/
+#define FTS3_VARINT_MAX 10
+
+/*
+** FTS4 virtual tables may maintain multiple indexes - one index of all terms
+** in the document set and zero or more prefix indexes. All indexes are stored
+** as one or more b+-trees in the %_segments and %_segdir tables.
+**
+** It is possible to determine which index a b+-tree belongs to based on the
+** value stored in the "%_segdir.level" column. Given this value L, the index
+** that the b+-tree belongs to is (L<<10). In other words, all b+-trees with
+** level values between 0 and 1023 (inclusive) belong to index 0, all levels
+** between 1024 and 2047 to index 1, and so on.
+**
+** It is considered impossible for an index to use more than 1024 levels. In
+** theory though this may happen, but only after at least
+** (FTS3_MERGE_COUNT^1024) separate flushes of the pending-terms tables.
+*/
+#define FTS3_SEGDIR_MAXLEVEL 1024
+#define FTS3_SEGDIR_MAXLEVEL_STR "1024"
+
+/*
+** The testcase() macro is only used by the amalgamation. If undefined,
+** make it a no-op.
+*/
+#ifndef testcase
+# define testcase(X)
+#endif
+
+/*
+** Terminator values for position-lists and column-lists.
+*/
+#define POS_COLUMN (1) /* Column-list terminator */
+#define POS_END (0) /* Position-list terminator */
+
+/*
+** This section provides definitions to allow the
+** FTS3 extension to be compiled outside of the
+** amalgamation.
+*/
+#ifndef SQLITE_AMALGAMATION
+/*
+** Macros indicating that conditional expressions are always true or
+** false.
+*/
+#ifdef SQLITE_COVERAGE_TEST
+# define ALWAYS(x) (1)
+# define NEVER(X) (0)
+#elif defined(SQLITE_DEBUG)
+# define ALWAYS(x) sqlite3Fts3Always((x)!=0)
+# define NEVER(x) sqlite3Fts3Never((x)!=0)
+SQLITE_PRIVATE int sqlite3Fts3Always(int b);
+SQLITE_PRIVATE int sqlite3Fts3Never(int b);
+#else
+# define ALWAYS(x) (x)
+# define NEVER(x) (x)
+#endif
+
+/*
+** Internal types used by SQLite.
+*/
+typedef unsigned char u8; /* 1-byte (or larger) unsigned integer */
+typedef short int i16; /* 2-byte (or larger) signed integer */
+typedef unsigned int u32; /* 4-byte unsigned integer */
+typedef sqlite3_uint64 u64; /* 8-byte unsigned integer */
+typedef sqlite3_int64 i64; /* 8-byte signed integer */
+
+/*
+** Macro used to suppress compiler warnings for unused parameters.
+*/
+#define UNUSED_PARAMETER(x) (void)(x)
+
+/*
+** Activate assert() only if SQLITE_TEST is enabled.
+*/
+#if !defined(NDEBUG) && !defined(SQLITE_DEBUG)
+# define NDEBUG 1
+#endif
+
+/*
+** The TESTONLY macro is used to enclose variable declarations or
+** other bits of code that are needed to support the arguments
+** within testcase() and assert() macros.
+*/
+#if defined(SQLITE_DEBUG) || defined(SQLITE_COVERAGE_TEST)
+# define TESTONLY(X) X
+#else
+# define TESTONLY(X)
+#endif
+
+#endif /* SQLITE_AMALGAMATION */
+
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE int sqlite3Fts3Corrupt(void);
+# define FTS_CORRUPT_VTAB sqlite3Fts3Corrupt()
+#else
+# define FTS_CORRUPT_VTAB SQLITE_CORRUPT_VTAB
+#endif
+
+typedef struct Fts3Table Fts3Table;
+typedef struct Fts3Cursor Fts3Cursor;
+typedef struct Fts3Expr Fts3Expr;
+typedef struct Fts3Phrase Fts3Phrase;
+typedef struct Fts3PhraseToken Fts3PhraseToken;
+
+typedef struct Fts3Doclist Fts3Doclist;
+typedef struct Fts3SegFilter Fts3SegFilter;
+typedef struct Fts3DeferredToken Fts3DeferredToken;
+typedef struct Fts3SegReader Fts3SegReader;
+typedef struct Fts3MultiSegReader Fts3MultiSegReader;
+
+typedef struct MatchinfoBuffer MatchinfoBuffer;
+
+/*
+** A connection to a fulltext index is an instance of the following
+** structure. The xCreate and xConnect methods create an instance
+** of this structure and xDestroy and xDisconnect free that instance.
+** All other methods receive a pointer to the structure as one of their
+** arguments.
+*/
+struct Fts3Table {
+ sqlite3_vtab base; /* Base class used by SQLite core */
+ sqlite3 *db; /* The database connection */
+ const char *zDb; /* logical database name */
+ const char *zName; /* virtual table name */
+ int nColumn; /* number of named columns in virtual table */
+ char **azColumn; /* column names. malloced */
+ u8 *abNotindexed; /* True for 'notindexed' columns */
+ sqlite3_tokenizer *pTokenizer; /* tokenizer for inserts and queries */
+ char *zContentTbl; /* content=xxx option, or NULL */
+ char *zLanguageid; /* languageid=xxx option, or NULL */
+ int nAutoincrmerge; /* Value configured by 'automerge' */
+ u32 nLeafAdd; /* Number of leaf blocks added this trans */
+
+ /* Precompiled statements used by the implementation. Each of these
+ ** statements is run and reset within a single virtual table API call.
+ */
+ sqlite3_stmt *aStmt[40];
+
+ char *zReadExprlist;
+ char *zWriteExprlist;
+
+ int nNodeSize; /* Soft limit for node size */
+ u8 bFts4; /* True for FTS4, false for FTS3 */
+ u8 bHasStat; /* True if %_stat table exists (2==unknown) */
+ u8 bHasDocsize; /* True if %_docsize table exists */
+ u8 bDescIdx; /* True if doclists are in reverse order */
+ u8 bIgnoreSavepoint; /* True to ignore xSavepoint invocations */
+ int nPgsz; /* Page size for host database */
+ char *zSegmentsTbl; /* Name of %_segments table */
+ sqlite3_blob *pSegments; /* Blob handle open on %_segments table */
+
+ /*
+ ** The following array of hash tables is used to buffer pending index
+ ** updates during transactions. All pending updates buffered at any one
+ ** time must share a common language-id (see the FTS4 langid= feature).
+ ** The current language id is stored in variable iPrevLangid.
+ **
+ ** A single FTS4 table may have multiple full-text indexes. For each index
+ ** there is an entry in the aIndex[] array. Index 0 is an index of all the
+ ** terms that appear in the document set. Each subsequent index in aIndex[]
+ ** is an index of prefixes of a specific length.
+ **
+ ** Variable nPendingData contains an estimate the memory consumed by the
+ ** pending data structures, including hash table overhead, but not including
+ ** malloc overhead. When nPendingData exceeds nMaxPendingData, all hash
+ ** tables are flushed to disk. Variable iPrevDocid is the docid of the most
+ ** recently inserted record.
+ */
+ int nIndex; /* Size of aIndex[] */
+ struct Fts3Index {
+ int nPrefix; /* Prefix length (0 for main terms index) */
+ Fts3Hash hPending; /* Pending terms table for this index */
+ } *aIndex;
+ int nMaxPendingData; /* Max pending data before flush to disk */
+ int nPendingData; /* Current bytes of pending data */
+ sqlite_int64 iPrevDocid; /* Docid of most recently inserted document */
+ int iPrevLangid; /* Langid of recently inserted document */
+ int bPrevDelete; /* True if last operation was a delete */
+
+#if defined(SQLITE_DEBUG) || defined(SQLITE_COVERAGE_TEST)
+ /* State variables used for validating that the transaction control
+ ** methods of the virtual table are called at appropriate times. These
+ ** values do not contribute to FTS functionality; they are used for
+ ** verifying the operation of the SQLite core.
+ */
+ int inTransaction; /* True after xBegin but before xCommit/xRollback */
+ int mxSavepoint; /* Largest valid xSavepoint integer */
+#endif
+
+#ifdef SQLITE_TEST
+ /* True to disable the incremental doclist optimization. This is controled
+ ** by special insert command 'test-no-incr-doclist'. */
+ int bNoIncrDoclist;
+#endif
+};
+
+/*
+** When the core wants to read from the virtual table, it creates a
+** virtual table cursor (an instance of the following structure) using
+** the xOpen method. Cursors are destroyed using the xClose method.
+*/
+struct Fts3Cursor {
+ sqlite3_vtab_cursor base; /* Base class used by SQLite core */
+ i16 eSearch; /* Search strategy (see below) */
+ u8 isEof; /* True if at End Of Results */
+ u8 isRequireSeek; /* True if must seek pStmt to %_content row */
+ sqlite3_stmt *pStmt; /* Prepared statement in use by the cursor */
+ Fts3Expr *pExpr; /* Parsed MATCH query string */
+ int iLangid; /* Language being queried for */
+ int nPhrase; /* Number of matchable phrases in query */
+ Fts3DeferredToken *pDeferred; /* Deferred search tokens, if any */
+ sqlite3_int64 iPrevId; /* Previous id read from aDoclist */
+ char *pNextId; /* Pointer into the body of aDoclist */
+ char *aDoclist; /* List of docids for full-text queries */
+ int nDoclist; /* Size of buffer at aDoclist */
+ u8 bDesc; /* True to sort in descending order */
+ int eEvalmode; /* An FTS3_EVAL_XX constant */
+ int nRowAvg; /* Average size of database rows, in pages */
+ sqlite3_int64 nDoc; /* Documents in table */
+ i64 iMinDocid; /* Minimum docid to return */
+ i64 iMaxDocid; /* Maximum docid to return */
+ int isMatchinfoNeeded; /* True when aMatchinfo[] needs filling in */
+ MatchinfoBuffer *pMIBuffer; /* Buffer for matchinfo data */
+};
+
+#define FTS3_EVAL_FILTER 0
+#define FTS3_EVAL_NEXT 1
+#define FTS3_EVAL_MATCHINFO 2
+
+/*
+** The Fts3Cursor.eSearch member is always set to one of the following.
+** Actualy, Fts3Cursor.eSearch can be greater than or equal to
+** FTS3_FULLTEXT_SEARCH. If so, then Fts3Cursor.eSearch - 2 is the index
+** of the column to be searched. For example, in
+**
+** CREATE VIRTUAL TABLE ex1 USING fts3(a,b,c,d);
+** SELECT docid FROM ex1 WHERE b MATCH 'one two three';
+**
+** Because the LHS of the MATCH operator is 2nd column "b",
+** Fts3Cursor.eSearch will be set to FTS3_FULLTEXT_SEARCH+1. (+0 for a,
+** +1 for b, +2 for c, +3 for d.) If the LHS of MATCH were "ex1"
+** indicating that all columns should be searched,
+** then eSearch would be set to FTS3_FULLTEXT_SEARCH+4.
+*/
+#define FTS3_FULLSCAN_SEARCH 0 /* Linear scan of %_content table */
+#define FTS3_DOCID_SEARCH 1 /* Lookup by rowid on %_content table */
+#define FTS3_FULLTEXT_SEARCH 2 /* Full-text index search */
+
+/*
+** The lower 16-bits of the sqlite3_index_info.idxNum value set by
+** the xBestIndex() method contains the Fts3Cursor.eSearch value described
+** above. The upper 16-bits contain a combination of the following
+** bits, used to describe extra constraints on full-text searches.
+*/
+#define FTS3_HAVE_LANGID 0x00010000 /* languageid=? */
+#define FTS3_HAVE_DOCID_GE 0x00020000 /* docid>=? */
+#define FTS3_HAVE_DOCID_LE 0x00040000 /* docid<=? */
+
+struct Fts3Doclist {
+ char *aAll; /* Array containing doclist (or NULL) */
+ int nAll; /* Size of a[] in bytes */
+ char *pNextDocid; /* Pointer to next docid */
+
+ sqlite3_int64 iDocid; /* Current docid (if pList!=0) */
+ int bFreeList; /* True if pList should be sqlite3_free()d */
+ char *pList; /* Pointer to position list following iDocid */
+ int nList; /* Length of position list */
+};
+
+/*
+** A "phrase" is a sequence of one or more tokens that must match in
+** sequence. A single token is the base case and the most common case.
+** For a sequence of tokens contained in double-quotes (i.e. "one two three")
+** nToken will be the number of tokens in the string.
+*/
+struct Fts3PhraseToken {
+ char *z; /* Text of the token */
+ int n; /* Number of bytes in buffer z */
+ int isPrefix; /* True if token ends with a "*" character */
+ int bFirst; /* True if token must appear at position 0 */
+
+ /* Variables above this point are populated when the expression is
+ ** parsed (by code in fts3_expr.c). Below this point the variables are
+ ** used when evaluating the expression. */
+ Fts3DeferredToken *pDeferred; /* Deferred token object for this token */
+ Fts3MultiSegReader *pSegcsr; /* Segment-reader for this token */
+};
+
+struct Fts3Phrase {
+ /* Cache of doclist for this phrase. */
+ Fts3Doclist doclist;
+ int bIncr; /* True if doclist is loaded incrementally */
+ int iDoclistToken;
+
+ /* Used by sqlite3Fts3EvalPhrasePoslist() if this is a descendent of an
+ ** OR condition. */
+ char *pOrPoslist;
+ i64 iOrDocid;
+
+ /* Variables below this point are populated by fts3_expr.c when parsing
+ ** a MATCH expression. Everything above is part of the evaluation phase.
+ */
+ int nToken; /* Number of tokens in the phrase */
+ int iColumn; /* Index of column this phrase must match */
+ Fts3PhraseToken aToken[1]; /* One entry for each token in the phrase */
+};
+
+/*
+** A tree of these objects forms the RHS of a MATCH operator.
+**
+** If Fts3Expr.eType is FTSQUERY_PHRASE and isLoaded is true, then aDoclist
+** points to a malloced buffer, size nDoclist bytes, containing the results
+** of this phrase query in FTS3 doclist format. As usual, the initial
+** "Length" field found in doclists stored on disk is omitted from this
+** buffer.
+**
+** Variable aMI is used only for FTSQUERY_NEAR nodes to store the global
+** matchinfo data. If it is not NULL, it points to an array of size nCol*3,
+** where nCol is the number of columns in the queried FTS table. The array
+** is populated as follows:
+**
+** aMI[iCol*3 + 0] = Undefined
+** aMI[iCol*3 + 1] = Number of occurrences
+** aMI[iCol*3 + 2] = Number of rows containing at least one instance
+**
+** The aMI array is allocated using sqlite3_malloc(). It should be freed
+** when the expression node is.
+*/
+struct Fts3Expr {
+ int eType; /* One of the FTSQUERY_XXX values defined below */
+ int nNear; /* Valid if eType==FTSQUERY_NEAR */
+ Fts3Expr *pParent; /* pParent->pLeft==this or pParent->pRight==this */
+ Fts3Expr *pLeft; /* Left operand */
+ Fts3Expr *pRight; /* Right operand */
+ Fts3Phrase *pPhrase; /* Valid if eType==FTSQUERY_PHRASE */
+
+ /* The following are used by the fts3_eval.c module. */
+ sqlite3_int64 iDocid; /* Current docid */
+ u8 bEof; /* True this expression is at EOF already */
+ u8 bStart; /* True if iDocid is valid */
+ u8 bDeferred; /* True if this expression is entirely deferred */
+
+ /* The following are used by the fts3_snippet.c module. */
+ int iPhrase; /* Index of this phrase in matchinfo() results */
+ u32 *aMI; /* See above */
+};
+
+/*
+** Candidate values for Fts3Query.eType. Note that the order of the first
+** four values is in order of precedence when parsing expressions. For
+** example, the following:
+**
+** "a OR b AND c NOT d NEAR e"
+**
+** is equivalent to:
+**
+** "a OR (b AND (c NOT (d NEAR e)))"
+*/
+#define FTSQUERY_NEAR 1
+#define FTSQUERY_NOT 2
+#define FTSQUERY_AND 3
+#define FTSQUERY_OR 4
+#define FTSQUERY_PHRASE 5
+
+
+/* fts3_write.c */
+SQLITE_PRIVATE int sqlite3Fts3UpdateMethod(sqlite3_vtab*,int,sqlite3_value**,sqlite3_int64*);
+SQLITE_PRIVATE int sqlite3Fts3PendingTermsFlush(Fts3Table *);
+SQLITE_PRIVATE void sqlite3Fts3PendingTermsClear(Fts3Table *);
+SQLITE_PRIVATE int sqlite3Fts3Optimize(Fts3Table *);
+SQLITE_PRIVATE int sqlite3Fts3SegReaderNew(int, int, sqlite3_int64,
+ sqlite3_int64, sqlite3_int64, const char *, int, Fts3SegReader**);
+SQLITE_PRIVATE int sqlite3Fts3SegReaderPending(
+ Fts3Table*,int,const char*,int,int,Fts3SegReader**);
+SQLITE_PRIVATE void sqlite3Fts3SegReaderFree(Fts3SegReader *);
+SQLITE_PRIVATE int sqlite3Fts3AllSegdirs(Fts3Table*, int, int, int, sqlite3_stmt **);
+SQLITE_PRIVATE int sqlite3Fts3ReadBlock(Fts3Table*, sqlite3_int64, char **, int*, int*);
+
+SQLITE_PRIVATE int sqlite3Fts3SelectDoctotal(Fts3Table *, sqlite3_stmt **);
+SQLITE_PRIVATE int sqlite3Fts3SelectDocsize(Fts3Table *, sqlite3_int64, sqlite3_stmt **);
+
+#ifndef SQLITE_DISABLE_FTS4_DEFERRED
+SQLITE_PRIVATE void sqlite3Fts3FreeDeferredTokens(Fts3Cursor *);
+SQLITE_PRIVATE int sqlite3Fts3DeferToken(Fts3Cursor *, Fts3PhraseToken *, int);
+SQLITE_PRIVATE int sqlite3Fts3CacheDeferredDoclists(Fts3Cursor *);
+SQLITE_PRIVATE void sqlite3Fts3FreeDeferredDoclists(Fts3Cursor *);
+SQLITE_PRIVATE int sqlite3Fts3DeferredTokenList(Fts3DeferredToken *, char **, int *);
+#else
+# define sqlite3Fts3FreeDeferredTokens(x)
+# define sqlite3Fts3DeferToken(x,y,z) SQLITE_OK
+# define sqlite3Fts3CacheDeferredDoclists(x) SQLITE_OK
+# define sqlite3Fts3FreeDeferredDoclists(x)
+# define sqlite3Fts3DeferredTokenList(x,y,z) SQLITE_OK
+#endif
+
+SQLITE_PRIVATE void sqlite3Fts3SegmentsClose(Fts3Table *);
+SQLITE_PRIVATE int sqlite3Fts3MaxLevel(Fts3Table *, int *);
+
+/* Special values interpreted by sqlite3SegReaderCursor() */
+#define FTS3_SEGCURSOR_PENDING -1
+#define FTS3_SEGCURSOR_ALL -2
+
+SQLITE_PRIVATE int sqlite3Fts3SegReaderStart(Fts3Table*, Fts3MultiSegReader*, Fts3SegFilter*);
+SQLITE_PRIVATE int sqlite3Fts3SegReaderStep(Fts3Table *, Fts3MultiSegReader *);
+SQLITE_PRIVATE void sqlite3Fts3SegReaderFinish(Fts3MultiSegReader *);
+
+SQLITE_PRIVATE int sqlite3Fts3SegReaderCursor(Fts3Table *,
+ int, int, int, const char *, int, int, int, Fts3MultiSegReader *);
+
+/* Flags allowed as part of the 4th argument to SegmentReaderIterate() */
+#define FTS3_SEGMENT_REQUIRE_POS 0x00000001
+#define FTS3_SEGMENT_IGNORE_EMPTY 0x00000002
+#define FTS3_SEGMENT_COLUMN_FILTER 0x00000004
+#define FTS3_SEGMENT_PREFIX 0x00000008
+#define FTS3_SEGMENT_SCAN 0x00000010
+#define FTS3_SEGMENT_FIRST 0x00000020
+
+/* Type passed as 4th argument to SegmentReaderIterate() */
+struct Fts3SegFilter {
+ const char *zTerm;
+ int nTerm;
+ int iCol;
+ int flags;
+};
+
+struct Fts3MultiSegReader {
+ /* Used internally by sqlite3Fts3SegReaderXXX() calls */
+ Fts3SegReader **apSegment; /* Array of Fts3SegReader objects */
+ int nSegment; /* Size of apSegment array */
+ int nAdvance; /* How many seg-readers to advance */
+ Fts3SegFilter *pFilter; /* Pointer to filter object */
+ char *aBuffer; /* Buffer to merge doclists in */
+ int nBuffer; /* Allocated size of aBuffer[] in bytes */
+
+ int iColFilter; /* If >=0, filter for this column */
+ int bRestart;
+
+ /* Used by fts3.c only. */
+ int nCost; /* Cost of running iterator */
+ int bLookup; /* True if a lookup of a single entry. */
+
+ /* Output values. Valid only after Fts3SegReaderStep() returns SQLITE_ROW. */
+ char *zTerm; /* Pointer to term buffer */
+ int nTerm; /* Size of zTerm in bytes */
+ char *aDoclist; /* Pointer to doclist buffer */
+ int nDoclist; /* Size of aDoclist[] in bytes */
+};
+
+SQLITE_PRIVATE int sqlite3Fts3Incrmerge(Fts3Table*,int,int);
+
+#define fts3GetVarint32(p, piVal) ( \
+ (*(u8*)(p)&0x80) ? sqlite3Fts3GetVarint32(p, piVal) : (*piVal=*(u8*)(p), 1) \
+)
+
+/* fts3.c */
+SQLITE_PRIVATE void sqlite3Fts3ErrMsg(char**,const char*,...);
+SQLITE_PRIVATE int sqlite3Fts3PutVarint(char *, sqlite3_int64);
+SQLITE_PRIVATE int sqlite3Fts3GetVarint(const char *, sqlite_int64 *);
+SQLITE_PRIVATE int sqlite3Fts3GetVarint32(const char *, int *);
+SQLITE_PRIVATE int sqlite3Fts3VarintLen(sqlite3_uint64);
+SQLITE_PRIVATE void sqlite3Fts3Dequote(char *);
+SQLITE_PRIVATE void sqlite3Fts3DoclistPrev(int,char*,int,char**,sqlite3_int64*,int*,u8*);
+SQLITE_PRIVATE int sqlite3Fts3EvalPhraseStats(Fts3Cursor *, Fts3Expr *, u32 *);
+SQLITE_PRIVATE int sqlite3Fts3FirstFilter(sqlite3_int64, char *, int, char *);
+SQLITE_PRIVATE void sqlite3Fts3CreateStatTable(int*, Fts3Table*);
+SQLITE_PRIVATE int sqlite3Fts3EvalTestDeferred(Fts3Cursor *pCsr, int *pRc);
+
+/* fts3_tokenizer.c */
+SQLITE_PRIVATE const char *sqlite3Fts3NextToken(const char *, int *);
+SQLITE_PRIVATE int sqlite3Fts3InitHashTable(sqlite3 *, Fts3Hash *, const char *);
+SQLITE_PRIVATE int sqlite3Fts3InitTokenizer(Fts3Hash *pHash, const char *,
+ sqlite3_tokenizer **, char **
+);
+SQLITE_PRIVATE int sqlite3Fts3IsIdChar(char);
+
+/* fts3_snippet.c */
+SQLITE_PRIVATE void sqlite3Fts3Offsets(sqlite3_context*, Fts3Cursor*);
+SQLITE_PRIVATE void sqlite3Fts3Snippet(sqlite3_context *, Fts3Cursor *, const char *,
+ const char *, const char *, int, int
+);
+SQLITE_PRIVATE void sqlite3Fts3Matchinfo(sqlite3_context *, Fts3Cursor *, const char *);
+SQLITE_PRIVATE void sqlite3Fts3MIBufferFree(MatchinfoBuffer *p);
+
+/* fts3_expr.c */
+SQLITE_PRIVATE int sqlite3Fts3ExprParse(sqlite3_tokenizer *, int,
+ char **, int, int, int, const char *, int, Fts3Expr **, char **
+);
+SQLITE_PRIVATE void sqlite3Fts3ExprFree(Fts3Expr *);
+#ifdef SQLITE_TEST
+SQLITE_PRIVATE int sqlite3Fts3ExprInitTestInterface(sqlite3 *db);
+SQLITE_PRIVATE int sqlite3Fts3InitTerm(sqlite3 *db);
+#endif
+
+SQLITE_PRIVATE int sqlite3Fts3OpenTokenizer(sqlite3_tokenizer *, int, const char *, int,
+ sqlite3_tokenizer_cursor **
+);
+
+/* fts3_aux.c */
+SQLITE_PRIVATE int sqlite3Fts3InitAux(sqlite3 *db);
+
+SQLITE_PRIVATE void sqlite3Fts3EvalPhraseCleanup(Fts3Phrase *);
+
+SQLITE_PRIVATE int sqlite3Fts3MsrIncrStart(
+ Fts3Table*, Fts3MultiSegReader*, int, const char*, int);
+SQLITE_PRIVATE int sqlite3Fts3MsrIncrNext(
+ Fts3Table *, Fts3MultiSegReader *, sqlite3_int64 *, char **, int *);
+SQLITE_PRIVATE int sqlite3Fts3EvalPhrasePoslist(Fts3Cursor *, Fts3Expr *, int iCol, char **);
+SQLITE_PRIVATE int sqlite3Fts3MsrOvfl(Fts3Cursor *, Fts3MultiSegReader *, int *);
+SQLITE_PRIVATE int sqlite3Fts3MsrIncrRestart(Fts3MultiSegReader *pCsr);
+
+/* fts3_tokenize_vtab.c */
+SQLITE_PRIVATE int sqlite3Fts3InitTok(sqlite3*, Fts3Hash *);
+
+/* fts3_unicode2.c (functions generated by parsing unicode text files) */
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+SQLITE_PRIVATE int sqlite3FtsUnicodeFold(int, int);
+SQLITE_PRIVATE int sqlite3FtsUnicodeIsalnum(int);
+SQLITE_PRIVATE int sqlite3FtsUnicodeIsdiacritic(int);
+#endif
+
+#endif /* !SQLITE_CORE || SQLITE_ENABLE_FTS3 */
+#endif /* _FTSINT_H */
+
+/************** End of fts3Int.h *********************************************/
+/************** Continuing where we left off in fts3.c ***********************/
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+#if defined(SQLITE_ENABLE_FTS3) && !defined(SQLITE_CORE)
+# define SQLITE_CORE 1
+#endif
+
+/* #include <assert.h> */
+/* #include <stdlib.h> */
+/* #include <stddef.h> */
+/* #include <stdio.h> */
+/* #include <string.h> */
+/* #include <stdarg.h> */
+
+/* #include "fts3.h" */
+#ifndef SQLITE_CORE
+/* # include "sqlite3ext.h" */
+ SQLITE_EXTENSION_INIT1
+#endif
+
+static int fts3EvalNext(Fts3Cursor *pCsr);
+static int fts3EvalStart(Fts3Cursor *pCsr);
+static int fts3TermSegReaderCursor(
+ Fts3Cursor *, const char *, int, int, Fts3MultiSegReader **);
+
+#ifndef SQLITE_AMALGAMATION
+# if defined(SQLITE_DEBUG)
+SQLITE_PRIVATE int sqlite3Fts3Always(int b) { assert( b ); return b; }
+SQLITE_PRIVATE int sqlite3Fts3Never(int b) { assert( !b ); return b; }
+# endif
+#endif
+
+/*
+** Write a 64-bit variable-length integer to memory starting at p[0].
+** The length of data written will be between 1 and FTS3_VARINT_MAX bytes.
+** The number of bytes written is returned.
+*/
+SQLITE_PRIVATE int sqlite3Fts3PutVarint(char *p, sqlite_int64 v){
+ unsigned char *q = (unsigned char *) p;
+ sqlite_uint64 vu = v;
+ do{
+ *q++ = (unsigned char) ((vu & 0x7f) | 0x80);
+ vu >>= 7;
+ }while( vu!=0 );
+ q[-1] &= 0x7f; /* turn off high bit in final byte */
+ assert( q - (unsigned char *)p <= FTS3_VARINT_MAX );
+ return (int) (q - (unsigned char *)p);
+}
+
+#define GETVARINT_STEP(v, ptr, shift, mask1, mask2, var, ret) \
+ v = (v & mask1) | ( (*ptr++) << shift ); \
+ if( (v & mask2)==0 ){ var = v; return ret; }
+#define GETVARINT_INIT(v, ptr, shift, mask1, mask2, var, ret) \
+ v = (*ptr++); \
+ if( (v & mask2)==0 ){ var = v; return ret; }
+
+/*
+** Read a 64-bit variable-length integer from memory starting at p[0].
+** Return the number of bytes read, or 0 on error.
+** The value is stored in *v.
+*/
+SQLITE_PRIVATE int sqlite3Fts3GetVarint(const char *p, sqlite_int64 *v){
+ const char *pStart = p;
+ u32 a;
+ u64 b;
+ int shift;
+
+ GETVARINT_INIT(a, p, 0, 0x00, 0x80, *v, 1);
+ GETVARINT_STEP(a, p, 7, 0x7F, 0x4000, *v, 2);
+ GETVARINT_STEP(a, p, 14, 0x3FFF, 0x200000, *v, 3);
+ GETVARINT_STEP(a, p, 21, 0x1FFFFF, 0x10000000, *v, 4);
+ b = (a & 0x0FFFFFFF );
+
+ for(shift=28; shift<=63; shift+=7){
+ u64 c = *p++;
+ b += (c&0x7F) << shift;
+ if( (c & 0x80)==0 ) break;
+ }
+ *v = b;
+ return (int)(p - pStart);
+}
+
+/*
+** Similar to sqlite3Fts3GetVarint(), except that the output is truncated to a
+** 32-bit integer before it is returned.
+*/
+SQLITE_PRIVATE int sqlite3Fts3GetVarint32(const char *p, int *pi){
+ u32 a;
+
+#ifndef fts3GetVarint32
+ GETVARINT_INIT(a, p, 0, 0x00, 0x80, *pi, 1);
+#else
+ a = (*p++);
+ assert( a & 0x80 );
+#endif
+
+ GETVARINT_STEP(a, p, 7, 0x7F, 0x4000, *pi, 2);
+ GETVARINT_STEP(a, p, 14, 0x3FFF, 0x200000, *pi, 3);
+ GETVARINT_STEP(a, p, 21, 0x1FFFFF, 0x10000000, *pi, 4);
+ a = (a & 0x0FFFFFFF );
+ *pi = (int)(a | ((u32)(*p & 0x0F) << 28));
+ return 5;
+}
+
+/*
+** Return the number of bytes required to encode v as a varint
+*/
+SQLITE_PRIVATE int sqlite3Fts3VarintLen(sqlite3_uint64 v){
+ int i = 0;
+ do{
+ i++;
+ v >>= 7;
+ }while( v!=0 );
+ return i;
+}
+
+/*
+** Convert an SQL-style quoted string into a normal string by removing
+** the quote characters. The conversion is done in-place. If the
+** input does not begin with a quote character, then this routine
+** is a no-op.
+**
+** Examples:
+**
+** "abc" becomes abc
+** 'xyz' becomes xyz
+** [pqr] becomes pqr
+** `mno` becomes mno
+**
+*/
+SQLITE_PRIVATE void sqlite3Fts3Dequote(char *z){
+ char quote; /* Quote character (if any ) */
+
+ quote = z[0];
+ if( quote=='[' || quote=='\'' || quote=='"' || quote=='`' ){
+ int iIn = 1; /* Index of next byte to read from input */
+ int iOut = 0; /* Index of next byte to write to output */
+
+ /* If the first byte was a '[', then the close-quote character is a ']' */
+ if( quote=='[' ) quote = ']';
+
+ while( z[iIn] ){
+ if( z[iIn]==quote ){
+ if( z[iIn+1]!=quote ) break;
+ z[iOut++] = quote;
+ iIn += 2;
+ }else{
+ z[iOut++] = z[iIn++];
+ }
+ }
+ z[iOut] = '\0';
+ }
+}
+
+/*
+** Read a single varint from the doclist at *pp and advance *pp to point
+** to the first byte past the end of the varint. Add the value of the varint
+** to *pVal.
+*/
+static void fts3GetDeltaVarint(char **pp, sqlite3_int64 *pVal){
+ sqlite3_int64 iVal;
+ *pp += sqlite3Fts3GetVarint(*pp, &iVal);
+ *pVal += iVal;
+}
+
+/*
+** When this function is called, *pp points to the first byte following a
+** varint that is part of a doclist (or position-list, or any other list
+** of varints). This function moves *pp to point to the start of that varint,
+** and sets *pVal by the varint value.
+**
+** Argument pStart points to the first byte of the doclist that the
+** varint is part of.
+*/
+static void fts3GetReverseVarint(
+ char **pp,
+ char *pStart,
+ sqlite3_int64 *pVal
+){
+ sqlite3_int64 iVal;
+ char *p;
+
+ /* Pointer p now points at the first byte past the varint we are
+ ** interested in. So, unless the doclist is corrupt, the 0x80 bit is
+ ** clear on character p[-1]. */
+ for(p = (*pp)-2; p>=pStart && *p&0x80; p--);
+ p++;
+ *pp = p;
+
+ sqlite3Fts3GetVarint(p, &iVal);
+ *pVal = iVal;
+}
+
+/*
+** The xDisconnect() virtual table method.
+*/
+static int fts3DisconnectMethod(sqlite3_vtab *pVtab){
+ Fts3Table *p = (Fts3Table *)pVtab;
+ int i;
+
+ assert( p->nPendingData==0 );
+ assert( p->pSegments==0 );
+
+ /* Free any prepared statements held */
+ for(i=0; i<SizeofArray(p->aStmt); i++){
+ sqlite3_finalize(p->aStmt[i]);
+ }
+ sqlite3_free(p->zSegmentsTbl);
+ sqlite3_free(p->zReadExprlist);
+ sqlite3_free(p->zWriteExprlist);
+ sqlite3_free(p->zContentTbl);
+ sqlite3_free(p->zLanguageid);
+
+ /* Invoke the tokenizer destructor to free the tokenizer. */
+ p->pTokenizer->pModule->xDestroy(p->pTokenizer);
+
+ sqlite3_free(p);
+ return SQLITE_OK;
+}
+
+/*
+** Write an error message into *pzErr
+*/
+SQLITE_PRIVATE void sqlite3Fts3ErrMsg(char **pzErr, const char *zFormat, ...){
+ va_list ap;
+ sqlite3_free(*pzErr);
+ va_start(ap, zFormat);
+ *pzErr = sqlite3_vmprintf(zFormat, ap);
+ va_end(ap);
+}
+
+/*
+** Construct one or more SQL statements from the format string given
+** and then evaluate those statements. The success code is written
+** into *pRc.
+**
+** If *pRc is initially non-zero then this routine is a no-op.
+*/
+static void fts3DbExec(
+ int *pRc, /* Success code */
+ sqlite3 *db, /* Database in which to run SQL */
+ const char *zFormat, /* Format string for SQL */
+ ... /* Arguments to the format string */
+){
+ va_list ap;
+ char *zSql;
+ if( *pRc ) return;
+ va_start(ap, zFormat);
+ zSql = sqlite3_vmprintf(zFormat, ap);
+ va_end(ap);
+ if( zSql==0 ){
+ *pRc = SQLITE_NOMEM;
+ }else{
+ *pRc = sqlite3_exec(db, zSql, 0, 0, 0);
+ sqlite3_free(zSql);
+ }
+}
+
+/*
+** The xDestroy() virtual table method.
+*/
+static int fts3DestroyMethod(sqlite3_vtab *pVtab){
+ Fts3Table *p = (Fts3Table *)pVtab;
+ int rc = SQLITE_OK; /* Return code */
+ const char *zDb = p->zDb; /* Name of database (e.g. "main", "temp") */
+ sqlite3 *db = p->db; /* Database handle */
+
+ /* Drop the shadow tables */
+ if( p->zContentTbl==0 ){
+ fts3DbExec(&rc, db, "DROP TABLE IF EXISTS %Q.'%q_content'", zDb, p->zName);
+ }
+ fts3DbExec(&rc, db, "DROP TABLE IF EXISTS %Q.'%q_segments'", zDb,p->zName);
+ fts3DbExec(&rc, db, "DROP TABLE IF EXISTS %Q.'%q_segdir'", zDb, p->zName);
+ fts3DbExec(&rc, db, "DROP TABLE IF EXISTS %Q.'%q_docsize'", zDb, p->zName);
+ fts3DbExec(&rc, db, "DROP TABLE IF EXISTS %Q.'%q_stat'", zDb, p->zName);
+
+ /* If everything has worked, invoke fts3DisconnectMethod() to free the
+ ** memory associated with the Fts3Table structure and return SQLITE_OK.
+ ** Otherwise, return an SQLite error code.
+ */
+ return (rc==SQLITE_OK ? fts3DisconnectMethod(pVtab) : rc);
+}
+
+
+/*
+** Invoke sqlite3_declare_vtab() to declare the schema for the FTS3 table
+** passed as the first argument. This is done as part of the xConnect()
+** and xCreate() methods.
+**
+** If *pRc is non-zero when this function is called, it is a no-op.
+** Otherwise, if an error occurs, an SQLite error code is stored in *pRc
+** before returning.
+*/
+static void fts3DeclareVtab(int *pRc, Fts3Table *p){
+ if( *pRc==SQLITE_OK ){
+ int i; /* Iterator variable */
+ int rc; /* Return code */
+ char *zSql; /* SQL statement passed to declare_vtab() */
+ char *zCols; /* List of user defined columns */
+ const char *zLanguageid;
+
+ zLanguageid = (p->zLanguageid ? p->zLanguageid : "__langid");
+ sqlite3_vtab_config(p->db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
+
+ /* Create a list of user columns for the virtual table */
+ zCols = sqlite3_mprintf("%Q, ", p->azColumn[0]);
+ for(i=1; zCols && i<p->nColumn; i++){
+ zCols = sqlite3_mprintf("%z%Q, ", zCols, p->azColumn[i]);
+ }
+
+ /* Create the whole "CREATE TABLE" statement to pass to SQLite */
+ zSql = sqlite3_mprintf(
+ "CREATE TABLE x(%s %Q HIDDEN, docid HIDDEN, %Q HIDDEN)",
+ zCols, p->zName, zLanguageid
+ );
+ if( !zCols || !zSql ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_declare_vtab(p->db, zSql);
+ }
+
+ sqlite3_free(zSql);
+ sqlite3_free(zCols);
+ *pRc = rc;
+ }
+}
+
+/*
+** Create the %_stat table if it does not already exist.
+*/
+SQLITE_PRIVATE void sqlite3Fts3CreateStatTable(int *pRc, Fts3Table *p){
+ fts3DbExec(pRc, p->db,
+ "CREATE TABLE IF NOT EXISTS %Q.'%q_stat'"
+ "(id INTEGER PRIMARY KEY, value BLOB);",
+ p->zDb, p->zName
+ );
+ if( (*pRc)==SQLITE_OK ) p->bHasStat = 1;
+}
+
+/*
+** Create the backing store tables (%_content, %_segments and %_segdir)
+** required by the FTS3 table passed as the only argument. This is done
+** as part of the vtab xCreate() method.
+**
+** If the p->bHasDocsize boolean is true (indicating that this is an
+** FTS4 table, not an FTS3 table) then also create the %_docsize and
+** %_stat tables required by FTS4.
+*/
+static int fts3CreateTables(Fts3Table *p){
+ int rc = SQLITE_OK; /* Return code */
+ int i; /* Iterator variable */
+ sqlite3 *db = p->db; /* The database connection */
+
+ if( p->zContentTbl==0 ){
+ const char *zLanguageid = p->zLanguageid;
+ char *zContentCols; /* Columns of %_content table */
+
+ /* Create a list of user columns for the content table */
+ zContentCols = sqlite3_mprintf("docid INTEGER PRIMARY KEY");
+ for(i=0; zContentCols && i<p->nColumn; i++){
+ char *z = p->azColumn[i];
+ zContentCols = sqlite3_mprintf("%z, 'c%d%q'", zContentCols, i, z);
+ }
+ if( zLanguageid && zContentCols ){
+ zContentCols = sqlite3_mprintf("%z, langid", zContentCols, zLanguageid);
+ }
+ if( zContentCols==0 ) rc = SQLITE_NOMEM;
+
+ /* Create the content table */
+ fts3DbExec(&rc, db,
+ "CREATE TABLE %Q.'%q_content'(%s)",
+ p->zDb, p->zName, zContentCols
+ );
+ sqlite3_free(zContentCols);
+ }
+
+ /* Create other tables */
+ fts3DbExec(&rc, db,
+ "CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);",
+ p->zDb, p->zName
+ );
+ fts3DbExec(&rc, db,
+ "CREATE TABLE %Q.'%q_segdir'("
+ "level INTEGER,"
+ "idx INTEGER,"
+ "start_block INTEGER,"
+ "leaves_end_block INTEGER,"
+ "end_block INTEGER,"
+ "root BLOB,"
+ "PRIMARY KEY(level, idx)"
+ ");",
+ p->zDb, p->zName
+ );
+ if( p->bHasDocsize ){
+ fts3DbExec(&rc, db,
+ "CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);",
+ p->zDb, p->zName
+ );
+ }
+ assert( p->bHasStat==p->bFts4 );
+ if( p->bHasStat ){
+ sqlite3Fts3CreateStatTable(&rc, p);
+ }
+ return rc;
+}
+
+/*
+** Store the current database page-size in bytes in p->nPgsz.
+**
+** If *pRc is non-zero when this function is called, it is a no-op.
+** Otherwise, if an error occurs, an SQLite error code is stored in *pRc
+** before returning.
+*/
+static void fts3DatabasePageSize(int *pRc, Fts3Table *p){
+ if( *pRc==SQLITE_OK ){
+ int rc; /* Return code */
+ char *zSql; /* SQL text "PRAGMA %Q.page_size" */
+ sqlite3_stmt *pStmt; /* Compiled "PRAGMA %Q.page_size" statement */
+
+ zSql = sqlite3_mprintf("PRAGMA %Q.page_size", p->zDb);
+ if( !zSql ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare(p->db, zSql, -1, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_step(pStmt);
+ p->nPgsz = sqlite3_column_int(pStmt, 0);
+ rc = sqlite3_finalize(pStmt);
+ }else if( rc==SQLITE_AUTH ){
+ p->nPgsz = 1024;
+ rc = SQLITE_OK;
+ }
+ }
+ assert( p->nPgsz>0 || rc!=SQLITE_OK );
+ sqlite3_free(zSql);
+ *pRc = rc;
+ }
+}
+
+/*
+** "Special" FTS4 arguments are column specifications of the following form:
+**
+** <key> = <value>
+**
+** There may not be whitespace surrounding the "=" character. The <value>
+** term may be quoted, but the <key> may not.
+*/
+static int fts3IsSpecialColumn(
+ const char *z,
+ int *pnKey,
+ char **pzValue
+){
+ char *zValue;
+ const char *zCsr = z;
+
+ while( *zCsr!='=' ){
+ if( *zCsr=='\0' ) return 0;
+ zCsr++;
+ }
+
+ *pnKey = (int)(zCsr-z);
+ zValue = sqlite3_mprintf("%s", &zCsr[1]);
+ if( zValue ){
+ sqlite3Fts3Dequote(zValue);
+ }
+ *pzValue = zValue;
+ return 1;
+}
+
+/*
+** Append the output of a printf() style formatting to an existing string.
+*/
+static void fts3Appendf(
+ int *pRc, /* IN/OUT: Error code */
+ char **pz, /* IN/OUT: Pointer to string buffer */
+ const char *zFormat, /* Printf format string to append */
+ ... /* Arguments for printf format string */
+){
+ if( *pRc==SQLITE_OK ){
+ va_list ap;
+ char *z;
+ va_start(ap, zFormat);
+ z = sqlite3_vmprintf(zFormat, ap);
+ va_end(ap);
+ if( z && *pz ){
+ char *z2 = sqlite3_mprintf("%s%s", *pz, z);
+ sqlite3_free(z);
+ z = z2;
+ }
+ if( z==0 ) *pRc = SQLITE_NOMEM;
+ sqlite3_free(*pz);
+ *pz = z;
+ }
+}
+
+/*
+** Return a copy of input string zInput enclosed in double-quotes (") and
+** with all double quote characters escaped. For example:
+**
+** fts3QuoteId("un \"zip\"") -> "un \"\"zip\"\""
+**
+** The pointer returned points to memory obtained from sqlite3_malloc(). It
+** is the callers responsibility to call sqlite3_free() to release this
+** memory.
+*/
+static char *fts3QuoteId(char const *zInput){
+ int nRet;
+ char *zRet;
+ nRet = 2 + (int)strlen(zInput)*2 + 1;
+ zRet = sqlite3_malloc(nRet);
+ if( zRet ){
+ int i;
+ char *z = zRet;
+ *(z++) = '"';
+ for(i=0; zInput[i]; i++){
+ if( zInput[i]=='"' ) *(z++) = '"';
+ *(z++) = zInput[i];
+ }
+ *(z++) = '"';
+ *(z++) = '\0';
+ }
+ return zRet;
+}
+
+/*
+** Return a list of comma separated SQL expressions and a FROM clause that
+** could be used in a SELECT statement such as the following:
+**
+** SELECT <list of expressions> FROM %_content AS x ...
+**
+** to return the docid, followed by each column of text data in order
+** from left to write. If parameter zFunc is not NULL, then instead of
+** being returned directly each column of text data is passed to an SQL
+** function named zFunc first. For example, if zFunc is "unzip" and the
+** table has the three user-defined columns "a", "b", and "c", the following
+** string is returned:
+**
+** "docid, unzip(x.'a'), unzip(x.'b'), unzip(x.'c') FROM %_content AS x"
+**
+** The pointer returned points to a buffer allocated by sqlite3_malloc(). It
+** is the responsibility of the caller to eventually free it.
+**
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op (and
+** a NULL pointer is returned). Otherwise, if an OOM error is encountered
+** by this function, NULL is returned and *pRc is set to SQLITE_NOMEM. If
+** no error occurs, *pRc is left unmodified.
+*/
+static char *fts3ReadExprList(Fts3Table *p, const char *zFunc, int *pRc){
+ char *zRet = 0;
+ char *zFree = 0;
+ char *zFunction;
+ int i;
+
+ if( p->zContentTbl==0 ){
+ if( !zFunc ){
+ zFunction = "";
+ }else{
+ zFree = zFunction = fts3QuoteId(zFunc);
+ }
+ fts3Appendf(pRc, &zRet, "docid");
+ for(i=0; i<p->nColumn; i++){
+ fts3Appendf(pRc, &zRet, ",%s(x.'c%d%q')", zFunction, i, p->azColumn[i]);
+ }
+ if( p->zLanguageid ){
+ fts3Appendf(pRc, &zRet, ", x.%Q", "langid");
+ }
+ sqlite3_free(zFree);
+ }else{
+ fts3Appendf(pRc, &zRet, "rowid");
+ for(i=0; i<p->nColumn; i++){
+ fts3Appendf(pRc, &zRet, ", x.'%q'", p->azColumn[i]);
+ }
+ if( p->zLanguageid ){
+ fts3Appendf(pRc, &zRet, ", x.%Q", p->zLanguageid);
+ }
+ }
+ fts3Appendf(pRc, &zRet, " FROM '%q'.'%q%s' AS x",
+ p->zDb,
+ (p->zContentTbl ? p->zContentTbl : p->zName),
+ (p->zContentTbl ? "" : "_content")
+ );
+ return zRet;
+}
+
+/*
+** Return a list of N comma separated question marks, where N is the number
+** of columns in the %_content table (one for the docid plus one for each
+** user-defined text column).
+**
+** If argument zFunc is not NULL, then all but the first question mark
+** is preceded by zFunc and an open bracket, and followed by a closed
+** bracket. For example, if zFunc is "zip" and the FTS3 table has three
+** user-defined text columns, the following string is returned:
+**
+** "?, zip(?), zip(?), zip(?)"
+**
+** The pointer returned points to a buffer allocated by sqlite3_malloc(). It
+** is the responsibility of the caller to eventually free it.
+**
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op (and
+** a NULL pointer is returned). Otherwise, if an OOM error is encountered
+** by this function, NULL is returned and *pRc is set to SQLITE_NOMEM. If
+** no error occurs, *pRc is left unmodified.
+*/
+static char *fts3WriteExprList(Fts3Table *p, const char *zFunc, int *pRc){
+ char *zRet = 0;
+ char *zFree = 0;
+ char *zFunction;
+ int i;
+
+ if( !zFunc ){
+ zFunction = "";
+ }else{
+ zFree = zFunction = fts3QuoteId(zFunc);
+ }
+ fts3Appendf(pRc, &zRet, "?");
+ for(i=0; i<p->nColumn; i++){
+ fts3Appendf(pRc, &zRet, ",%s(?)", zFunction);
+ }
+ if( p->zLanguageid ){
+ fts3Appendf(pRc, &zRet, ", ?");
+ }
+ sqlite3_free(zFree);
+ return zRet;
+}
+
+/*
+** This function interprets the string at (*pp) as a non-negative integer
+** value. It reads the integer and sets *pnOut to the value read, then
+** sets *pp to point to the byte immediately following the last byte of
+** the integer value.
+**
+** Only decimal digits ('0'..'9') may be part of an integer value.
+**
+** If *pp does not being with a decimal digit SQLITE_ERROR is returned and
+** the output value undefined. Otherwise SQLITE_OK is returned.
+**
+** This function is used when parsing the "prefix=" FTS4 parameter.
+*/
+static int fts3GobbleInt(const char **pp, int *pnOut){
+ const int MAX_NPREFIX = 10000000;
+ const char *p; /* Iterator pointer */
+ int nInt = 0; /* Output value */
+
+ for(p=*pp; p[0]>='0' && p[0]<='9'; p++){
+ nInt = nInt * 10 + (p[0] - '0');
+ if( nInt>MAX_NPREFIX ){
+ nInt = 0;
+ break;
+ }
+ }
+ if( p==*pp ) return SQLITE_ERROR;
+ *pnOut = nInt;
+ *pp = p;
+ return SQLITE_OK;
+}
+
+/*
+** This function is called to allocate an array of Fts3Index structures
+** representing the indexes maintained by the current FTS table. FTS tables
+** always maintain the main "terms" index, but may also maintain one or
+** more "prefix" indexes, depending on the value of the "prefix=" parameter
+** (if any) specified as part of the CREATE VIRTUAL TABLE statement.
+**
+** Argument zParam is passed the value of the "prefix=" option if one was
+** specified, or NULL otherwise.
+**
+** If no error occurs, SQLITE_OK is returned and *apIndex set to point to
+** the allocated array. *pnIndex is set to the number of elements in the
+** array. If an error does occur, an SQLite error code is returned.
+**
+** Regardless of whether or not an error is returned, it is the responsibility
+** of the caller to call sqlite3_free() on the output array to free it.
+*/
+static int fts3PrefixParameter(
+ const char *zParam, /* ABC in prefix=ABC parameter to parse */
+ int *pnIndex, /* OUT: size of *apIndex[] array */
+ struct Fts3Index **apIndex /* OUT: Array of indexes for this table */
+){
+ struct Fts3Index *aIndex; /* Allocated array */
+ int nIndex = 1; /* Number of entries in array */
+
+ if( zParam && zParam[0] ){
+ const char *p;
+ nIndex++;
+ for(p=zParam; *p; p++){
+ if( *p==',' ) nIndex++;
+ }
+ }
+
+ aIndex = sqlite3_malloc(sizeof(struct Fts3Index) * nIndex);
+ *apIndex = aIndex;
+ if( !aIndex ){
+ return SQLITE_NOMEM;
+ }
+
+ memset(aIndex, 0, sizeof(struct Fts3Index) * nIndex);
+ if( zParam ){
+ const char *p = zParam;
+ int i;
+ for(i=1; i<nIndex; i++){
+ int nPrefix = 0;
+ if( fts3GobbleInt(&p, &nPrefix) ) return SQLITE_ERROR;
+ assert( nPrefix>=0 );
+ if( nPrefix==0 ){
+ nIndex--;
+ i--;
+ }else{
+ aIndex[i].nPrefix = nPrefix;
+ }
+ p++;
+ }
+ }
+
+ *pnIndex = nIndex;
+ return SQLITE_OK;
+}
+
+/*
+** This function is called when initializing an FTS4 table that uses the
+** content=xxx option. It determines the number of and names of the columns
+** of the new FTS4 table.
+**
+** The third argument passed to this function is the value passed to the
+** config=xxx option (i.e. "xxx"). This function queries the database for
+** a table of that name. If found, the output variables are populated
+** as follows:
+**
+** *pnCol: Set to the number of columns table xxx has,
+**
+** *pnStr: Set to the total amount of space required to store a copy
+** of each columns name, including the nul-terminator.
+**
+** *pazCol: Set to point to an array of *pnCol strings. Each string is
+** the name of the corresponding column in table xxx. The array
+** and its contents are allocated using a single allocation. It
+** is the responsibility of the caller to free this allocation
+** by eventually passing the *pazCol value to sqlite3_free().
+**
+** If the table cannot be found, an error code is returned and the output
+** variables are undefined. Or, if an OOM is encountered, SQLITE_NOMEM is
+** returned (and the output variables are undefined).
+*/
+static int fts3ContentColumns(
+ sqlite3 *db, /* Database handle */
+ const char *zDb, /* Name of db (i.e. "main", "temp" etc.) */
+ const char *zTbl, /* Name of content table */
+ const char ***pazCol, /* OUT: Malloc'd array of column names */
+ int *pnCol, /* OUT: Size of array *pazCol */
+ int *pnStr, /* OUT: Bytes of string content */
+ char **pzErr /* OUT: error message */
+){
+ int rc = SQLITE_OK; /* Return code */
+ char *zSql; /* "SELECT *" statement on zTbl */
+ sqlite3_stmt *pStmt = 0; /* Compiled version of zSql */
+
+ zSql = sqlite3_mprintf("SELECT * FROM %Q.%Q", zDb, zTbl);
+ if( !zSql ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare(db, zSql, -1, &pStmt, 0);
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts3ErrMsg(pzErr, "%s", sqlite3_errmsg(db));
+ }
+ }
+ sqlite3_free(zSql);
+
+ if( rc==SQLITE_OK ){
+ const char **azCol; /* Output array */
+ int nStr = 0; /* Size of all column names (incl. 0x00) */
+ int nCol; /* Number of table columns */
+ int i; /* Used to iterate through columns */
+
+ /* Loop through the returned columns. Set nStr to the number of bytes of
+ ** space required to store a copy of each column name, including the
+ ** nul-terminator byte. */
+ nCol = sqlite3_column_count(pStmt);
+ for(i=0; i<nCol; i++){
+ const char *zCol = sqlite3_column_name(pStmt, i);
+ nStr += (int)strlen(zCol) + 1;
+ }
+
+ /* Allocate and populate the array to return. */
+ azCol = (const char **)sqlite3_malloc(sizeof(char *) * nCol + nStr);
+ if( azCol==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ char *p = (char *)&azCol[nCol];
+ for(i=0; i<nCol; i++){
+ const char *zCol = sqlite3_column_name(pStmt, i);
+ int n = (int)strlen(zCol)+1;
+ memcpy(p, zCol, n);
+ azCol[i] = p;
+ p += n;
+ }
+ }
+ sqlite3_finalize(pStmt);
+
+ /* Set the output variables. */
+ *pnCol = nCol;
+ *pnStr = nStr;
+ *pazCol = azCol;
+ }
+
+ return rc;
+}
+
+/*
+** This function is the implementation of both the xConnect and xCreate
+** methods of the FTS3 virtual table.
+**
+** The argv[] array contains the following:
+**
+** argv[0] -> module name ("fts3" or "fts4")
+** argv[1] -> database name
+** argv[2] -> table name
+** argv[...] -> "column name" and other module argument fields.
+*/
+static int fts3InitVtab(
+ int isCreate, /* True for xCreate, false for xConnect */
+ sqlite3 *db, /* The SQLite database connection */
+ void *pAux, /* Hash table containing tokenizers */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVTab, /* Write the resulting vtab structure here */
+ char **pzErr /* Write any error message here */
+){
+ Fts3Hash *pHash = (Fts3Hash *)pAux;
+ Fts3Table *p = 0; /* Pointer to allocated vtab */
+ int rc = SQLITE_OK; /* Return code */
+ int i; /* Iterator variable */
+ int nByte; /* Size of allocation used for *p */
+ int iCol; /* Column index */
+ int nString = 0; /* Bytes required to hold all column names */
+ int nCol = 0; /* Number of columns in the FTS table */
+ char *zCsr; /* Space for holding column names */
+ int nDb; /* Bytes required to hold database name */
+ int nName; /* Bytes required to hold table name */
+ int isFts4 = (argv[0][3]=='4'); /* True for FTS4, false for FTS3 */
+ const char **aCol; /* Array of column names */
+ sqlite3_tokenizer *pTokenizer = 0; /* Tokenizer for this table */
+
+ int nIndex = 0; /* Size of aIndex[] array */
+ struct Fts3Index *aIndex = 0; /* Array of indexes for this table */
+
+ /* The results of parsing supported FTS4 key=value options: */
+ int bNoDocsize = 0; /* True to omit %_docsize table */
+ int bDescIdx = 0; /* True to store descending indexes */
+ char *zPrefix = 0; /* Prefix parameter value (or NULL) */
+ char *zCompress = 0; /* compress=? parameter (or NULL) */
+ char *zUncompress = 0; /* uncompress=? parameter (or NULL) */
+ char *zContent = 0; /* content=? parameter (or NULL) */
+ char *zLanguageid = 0; /* languageid=? parameter (or NULL) */
+ char **azNotindexed = 0; /* The set of notindexed= columns */
+ int nNotindexed = 0; /* Size of azNotindexed[] array */
+
+ assert( strlen(argv[0])==4 );
+ assert( (sqlite3_strnicmp(argv[0], "fts4", 4)==0 && isFts4)
+ || (sqlite3_strnicmp(argv[0], "fts3", 4)==0 && !isFts4)
+ );
+
+ nDb = (int)strlen(argv[1]) + 1;
+ nName = (int)strlen(argv[2]) + 1;
+
+ nByte = sizeof(const char *) * (argc-2);
+ aCol = (const char **)sqlite3_malloc(nByte);
+ if( aCol ){
+ memset((void*)aCol, 0, nByte);
+ azNotindexed = (char **)sqlite3_malloc(nByte);
+ }
+ if( azNotindexed ){
+ memset(azNotindexed, 0, nByte);
+ }
+ if( !aCol || !azNotindexed ){
+ rc = SQLITE_NOMEM;
+ goto fts3_init_out;
+ }
+
+ /* Loop through all of the arguments passed by the user to the FTS3/4
+ ** module (i.e. all the column names and special arguments). This loop
+ ** does the following:
+ **
+ ** + Figures out the number of columns the FTSX table will have, and
+ ** the number of bytes of space that must be allocated to store copies
+ ** of the column names.
+ **
+ ** + If there is a tokenizer specification included in the arguments,
+ ** initializes the tokenizer pTokenizer.
+ */
+ for(i=3; rc==SQLITE_OK && i<argc; i++){
+ char const *z = argv[i];
+ int nKey;
+ char *zVal;
+
+ /* Check if this is a tokenizer specification */
+ if( !pTokenizer
+ && strlen(z)>8
+ && 0==sqlite3_strnicmp(z, "tokenize", 8)
+ && 0==sqlite3Fts3IsIdChar(z[8])
+ ){
+ rc = sqlite3Fts3InitTokenizer(pHash, &z[9], &pTokenizer, pzErr);
+ }
+
+ /* Check if it is an FTS4 special argument. */
+ else if( isFts4 && fts3IsSpecialColumn(z, &nKey, &zVal) ){
+ struct Fts4Option {
+ const char *zOpt;
+ int nOpt;
+ } aFts4Opt[] = {
+ { "matchinfo", 9 }, /* 0 -> MATCHINFO */
+ { "prefix", 6 }, /* 1 -> PREFIX */
+ { "compress", 8 }, /* 2 -> COMPRESS */
+ { "uncompress", 10 }, /* 3 -> UNCOMPRESS */
+ { "order", 5 }, /* 4 -> ORDER */
+ { "content", 7 }, /* 5 -> CONTENT */
+ { "languageid", 10 }, /* 6 -> LANGUAGEID */
+ { "notindexed", 10 } /* 7 -> NOTINDEXED */
+ };
+
+ int iOpt;
+ if( !zVal ){
+ rc = SQLITE_NOMEM;
+ }else{
+ for(iOpt=0; iOpt<SizeofArray(aFts4Opt); iOpt++){
+ struct Fts4Option *pOp = &aFts4Opt[iOpt];
+ if( nKey==pOp->nOpt && !sqlite3_strnicmp(z, pOp->zOpt, pOp->nOpt) ){
+ break;
+ }
+ }
+ if( iOpt==SizeofArray(aFts4Opt) ){
+ sqlite3Fts3ErrMsg(pzErr, "unrecognized parameter: %s", z);
+ rc = SQLITE_ERROR;
+ }else{
+ switch( iOpt ){
+ case 0: /* MATCHINFO */
+ if( strlen(zVal)!=4 || sqlite3_strnicmp(zVal, "fts3", 4) ){
+ sqlite3Fts3ErrMsg(pzErr, "unrecognized matchinfo: %s", zVal);
+ rc = SQLITE_ERROR;
+ }
+ bNoDocsize = 1;
+ break;
+
+ case 1: /* PREFIX */
+ sqlite3_free(zPrefix);
+ zPrefix = zVal;
+ zVal = 0;
+ break;
+
+ case 2: /* COMPRESS */
+ sqlite3_free(zCompress);
+ zCompress = zVal;
+ zVal = 0;
+ break;
+
+ case 3: /* UNCOMPRESS */
+ sqlite3_free(zUncompress);
+ zUncompress = zVal;
+ zVal = 0;
+ break;
+
+ case 4: /* ORDER */
+ if( (strlen(zVal)!=3 || sqlite3_strnicmp(zVal, "asc", 3))
+ && (strlen(zVal)!=4 || sqlite3_strnicmp(zVal, "desc", 4))
+ ){
+ sqlite3Fts3ErrMsg(pzErr, "unrecognized order: %s", zVal);
+ rc = SQLITE_ERROR;
+ }
+ bDescIdx = (zVal[0]=='d' || zVal[0]=='D');
+ break;
+
+ case 5: /* CONTENT */
+ sqlite3_free(zContent);
+ zContent = zVal;
+ zVal = 0;
+ break;
+
+ case 6: /* LANGUAGEID */
+ assert( iOpt==6 );
+ sqlite3_free(zLanguageid);
+ zLanguageid = zVal;
+ zVal = 0;
+ break;
+
+ case 7: /* NOTINDEXED */
+ azNotindexed[nNotindexed++] = zVal;
+ zVal = 0;
+ break;
+ }
+ }
+ sqlite3_free(zVal);
+ }
+ }
+
+ /* Otherwise, the argument is a column name. */
+ else {
+ nString += (int)(strlen(z) + 1);
+ aCol[nCol++] = z;
+ }
+ }
+
+ /* If a content=xxx option was specified, the following:
+ **
+ ** 1. Ignore any compress= and uncompress= options.
+ **
+ ** 2. If no column names were specified as part of the CREATE VIRTUAL
+ ** TABLE statement, use all columns from the content table.
+ */
+ if( rc==SQLITE_OK && zContent ){
+ sqlite3_free(zCompress);
+ sqlite3_free(zUncompress);
+ zCompress = 0;
+ zUncompress = 0;
+ if( nCol==0 ){
+ sqlite3_free((void*)aCol);
+ aCol = 0;
+ rc = fts3ContentColumns(db, argv[1], zContent,&aCol,&nCol,&nString,pzErr);
+
+ /* If a languageid= option was specified, remove the language id
+ ** column from the aCol[] array. */
+ if( rc==SQLITE_OK && zLanguageid ){
+ int j;
+ for(j=0; j<nCol; j++){
+ if( sqlite3_stricmp(zLanguageid, aCol[j])==0 ){
+ int k;
+ for(k=j; k<nCol; k++) aCol[k] = aCol[k+1];
+ nCol--;
+ break;
+ }
+ }
+ }
+ }
+ }
+ if( rc!=SQLITE_OK ) goto fts3_init_out;
+
+ if( nCol==0 ){
+ assert( nString==0 );
+ aCol[0] = "content";
+ nString = 8;
+ nCol = 1;
+ }
+
+ if( pTokenizer==0 ){
+ rc = sqlite3Fts3InitTokenizer(pHash, "simple", &pTokenizer, pzErr);
+ if( rc!=SQLITE_OK ) goto fts3_init_out;
+ }
+ assert( pTokenizer );
+
+ rc = fts3PrefixParameter(zPrefix, &nIndex, &aIndex);
+ if( rc==SQLITE_ERROR ){
+ assert( zPrefix );
+ sqlite3Fts3ErrMsg(pzErr, "error parsing prefix parameter: %s", zPrefix);
+ }
+ if( rc!=SQLITE_OK ) goto fts3_init_out;
+
+ /* Allocate and populate the Fts3Table structure. */
+ nByte = sizeof(Fts3Table) + /* Fts3Table */
+ nCol * sizeof(char *) + /* azColumn */
+ nIndex * sizeof(struct Fts3Index) + /* aIndex */
+ nCol * sizeof(u8) + /* abNotindexed */
+ nName + /* zName */
+ nDb + /* zDb */
+ nString; /* Space for azColumn strings */
+ p = (Fts3Table*)sqlite3_malloc(nByte);
+ if( p==0 ){
+ rc = SQLITE_NOMEM;
+ goto fts3_init_out;
+ }
+ memset(p, 0, nByte);
+ p->db = db;
+ p->nColumn = nCol;
+ p->nPendingData = 0;
+ p->azColumn = (char **)&p[1];
+ p->pTokenizer = pTokenizer;
+ p->nMaxPendingData = FTS3_MAX_PENDING_DATA;
+ p->bHasDocsize = (isFts4 && bNoDocsize==0);
+ p->bHasStat = isFts4;
+ p->bFts4 = isFts4;
+ p->bDescIdx = bDescIdx;
+ p->nAutoincrmerge = 0xff; /* 0xff means setting unknown */
+ p->zContentTbl = zContent;
+ p->zLanguageid = zLanguageid;
+ zContent = 0;
+ zLanguageid = 0;
+ TESTONLY( p->inTransaction = -1 );
+ TESTONLY( p->mxSavepoint = -1 );
+
+ p->aIndex = (struct Fts3Index *)&p->azColumn[nCol];
+ memcpy(p->aIndex, aIndex, sizeof(struct Fts3Index) * nIndex);
+ p->nIndex = nIndex;
+ for(i=0; i<nIndex; i++){
+ fts3HashInit(&p->aIndex[i].hPending, FTS3_HASH_STRING, 1);
+ }
+ p->abNotindexed = (u8 *)&p->aIndex[nIndex];
+
+ /* Fill in the zName and zDb fields of the vtab structure. */
+ zCsr = (char *)&p->abNotindexed[nCol];
+ p->zName = zCsr;
+ memcpy(zCsr, argv[2], nName);
+ zCsr += nName;
+ p->zDb = zCsr;
+ memcpy(zCsr, argv[1], nDb);
+ zCsr += nDb;
+
+ /* Fill in the azColumn array */
+ for(iCol=0; iCol<nCol; iCol++){
+ char *z;
+ int n = 0;
+ z = (char *)sqlite3Fts3NextToken(aCol[iCol], &n);
+ memcpy(zCsr, z, n);
+ zCsr[n] = '\0';
+ sqlite3Fts3Dequote(zCsr);
+ p->azColumn[iCol] = zCsr;
+ zCsr += n+1;
+ assert( zCsr <= &((char *)p)[nByte] );
+ }
+
+ /* Fill in the abNotindexed array */
+ for(iCol=0; iCol<nCol; iCol++){
+ int n = (int)strlen(p->azColumn[iCol]);
+ for(i=0; i<nNotindexed; i++){
+ char *zNot = azNotindexed[i];
+ if( zNot && n==(int)strlen(zNot)
+ && 0==sqlite3_strnicmp(p->azColumn[iCol], zNot, n)
+ ){
+ p->abNotindexed[iCol] = 1;
+ sqlite3_free(zNot);
+ azNotindexed[i] = 0;
+ }
+ }
+ }
+ for(i=0; i<nNotindexed; i++){
+ if( azNotindexed[i] ){
+ sqlite3Fts3ErrMsg(pzErr, "no such column: %s", azNotindexed[i]);
+ rc = SQLITE_ERROR;
+ }
+ }
+
+ if( rc==SQLITE_OK && (zCompress==0)!=(zUncompress==0) ){
+ char const *zMiss = (zCompress==0 ? "compress" : "uncompress");
+ rc = SQLITE_ERROR;
+ sqlite3Fts3ErrMsg(pzErr, "missing %s parameter in fts4 constructor", zMiss);
+ }
+ p->zReadExprlist = fts3ReadExprList(p, zUncompress, &rc);
+ p->zWriteExprlist = fts3WriteExprList(p, zCompress, &rc);
+ if( rc!=SQLITE_OK ) goto fts3_init_out;
+
+ /* If this is an xCreate call, create the underlying tables in the
+ ** database. TODO: For xConnect(), it could verify that said tables exist.
+ */
+ if( isCreate ){
+ rc = fts3CreateTables(p);
+ }
+
+ /* Check to see if a legacy fts3 table has been "upgraded" by the
+ ** addition of a %_stat table so that it can use incremental merge.
+ */
+ if( !isFts4 && !isCreate ){
+ p->bHasStat = 2;
+ }
+
+ /* Figure out the page-size for the database. This is required in order to
+ ** estimate the cost of loading large doclists from the database. */
+ fts3DatabasePageSize(&rc, p);
+ p->nNodeSize = p->nPgsz-35;
+
+ /* Declare the table schema to SQLite. */
+ fts3DeclareVtab(&rc, p);
+
+fts3_init_out:
+ sqlite3_free(zPrefix);
+ sqlite3_free(aIndex);
+ sqlite3_free(zCompress);
+ sqlite3_free(zUncompress);
+ sqlite3_free(zContent);
+ sqlite3_free(zLanguageid);
+ for(i=0; i<nNotindexed; i++) sqlite3_free(azNotindexed[i]);
+ sqlite3_free((void *)aCol);
+ sqlite3_free((void *)azNotindexed);
+ if( rc!=SQLITE_OK ){
+ if( p ){
+ fts3DisconnectMethod((sqlite3_vtab *)p);
+ }else if( pTokenizer ){
+ pTokenizer->pModule->xDestroy(pTokenizer);
+ }
+ }else{
+ assert( p->pSegments==0 );
+ *ppVTab = &p->base;
+ }
+ return rc;
+}
+
+/*
+** The xConnect() and xCreate() methods for the virtual table. All the
+** work is done in function fts3InitVtab().
+*/
+static int fts3ConnectMethod(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* Pointer to tokenizer hash table */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ return fts3InitVtab(0, db, pAux, argc, argv, ppVtab, pzErr);
+}
+static int fts3CreateMethod(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* Pointer to tokenizer hash table */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ return fts3InitVtab(1, db, pAux, argc, argv, ppVtab, pzErr);
+}
+
+/*
+** Set the pIdxInfo->estimatedRows variable to nRow. Unless this
+** extension is currently being used by a version of SQLite too old to
+** support estimatedRows. In that case this function is a no-op.
+*/
+static void fts3SetEstimatedRows(sqlite3_index_info *pIdxInfo, i64 nRow){
+#if SQLITE_VERSION_NUMBER>=3008002
+ if( sqlite3_libversion_number()>=3008002 ){
+ pIdxInfo->estimatedRows = nRow;
+ }
+#endif
+}
+
+/*
+** Set the SQLITE_INDEX_SCAN_UNIQUE flag in pIdxInfo->flags. Unless this
+** extension is currently being used by a version of SQLite too old to
+** support index-info flags. In that case this function is a no-op.
+*/
+static void fts3SetUniqueFlag(sqlite3_index_info *pIdxInfo){
+#if SQLITE_VERSION_NUMBER>=3008012
+ if( sqlite3_libversion_number()>=3008012 ){
+ pIdxInfo->idxFlags |= SQLITE_INDEX_SCAN_UNIQUE;
+ }
+#endif
+}
+
+/*
+** Implementation of the xBestIndex method for FTS3 tables. There
+** are three possible strategies, in order of preference:
+**
+** 1. Direct lookup by rowid or docid.
+** 2. Full-text search using a MATCH operator on a non-docid column.
+** 3. Linear scan of %_content table.
+*/
+static int fts3BestIndexMethod(sqlite3_vtab *pVTab, sqlite3_index_info *pInfo){
+ Fts3Table *p = (Fts3Table *)pVTab;
+ int i; /* Iterator variable */
+ int iCons = -1; /* Index of constraint to use */
+
+ int iLangidCons = -1; /* Index of langid=x constraint, if present */
+ int iDocidGe = -1; /* Index of docid>=x constraint, if present */
+ int iDocidLe = -1; /* Index of docid<=x constraint, if present */
+ int iIdx;
+
+ /* By default use a full table scan. This is an expensive option,
+ ** so search through the constraints to see if a more efficient
+ ** strategy is possible.
+ */
+ pInfo->idxNum = FTS3_FULLSCAN_SEARCH;
+ pInfo->estimatedCost = 5000000;
+ for(i=0; i<pInfo->nConstraint; i++){
+ int bDocid; /* True if this constraint is on docid */
+ struct sqlite3_index_constraint *pCons = &pInfo->aConstraint[i];
+ if( pCons->usable==0 ){
+ if( pCons->op==SQLITE_INDEX_CONSTRAINT_MATCH ){
+ /* There exists an unusable MATCH constraint. This means that if
+ ** the planner does elect to use the results of this call as part
+ ** of the overall query plan the user will see an "unable to use
+ ** function MATCH in the requested context" error. To discourage
+ ** this, return a very high cost here. */
+ pInfo->idxNum = FTS3_FULLSCAN_SEARCH;
+ pInfo->estimatedCost = 1e50;
+ fts3SetEstimatedRows(pInfo, ((sqlite3_int64)1) << 50);
+ return SQLITE_OK;
+ }
+ continue;
+ }
+
+ bDocid = (pCons->iColumn<0 || pCons->iColumn==p->nColumn+1);
+
+ /* A direct lookup on the rowid or docid column. Assign a cost of 1.0. */
+ if( iCons<0 && pCons->op==SQLITE_INDEX_CONSTRAINT_EQ && bDocid ){
+ pInfo->idxNum = FTS3_DOCID_SEARCH;
+ pInfo->estimatedCost = 1.0;
+ iCons = i;
+ }
+
+ /* A MATCH constraint. Use a full-text search.
+ **
+ ** If there is more than one MATCH constraint available, use the first
+ ** one encountered. If there is both a MATCH constraint and a direct
+ ** rowid/docid lookup, prefer the MATCH strategy. This is done even
+ ** though the rowid/docid lookup is faster than a MATCH query, selecting
+ ** it would lead to an "unable to use function MATCH in the requested
+ ** context" error.
+ */
+ if( pCons->op==SQLITE_INDEX_CONSTRAINT_MATCH
+ && pCons->iColumn>=0 && pCons->iColumn<=p->nColumn
+ ){
+ pInfo->idxNum = FTS3_FULLTEXT_SEARCH + pCons->iColumn;
+ pInfo->estimatedCost = 2.0;
+ iCons = i;
+ }
+
+ /* Equality constraint on the langid column */
+ if( pCons->op==SQLITE_INDEX_CONSTRAINT_EQ
+ && pCons->iColumn==p->nColumn + 2
+ ){
+ iLangidCons = i;
+ }
+
+ if( bDocid ){
+ switch( pCons->op ){
+ case SQLITE_INDEX_CONSTRAINT_GE:
+ case SQLITE_INDEX_CONSTRAINT_GT:
+ iDocidGe = i;
+ break;
+
+ case SQLITE_INDEX_CONSTRAINT_LE:
+ case SQLITE_INDEX_CONSTRAINT_LT:
+ iDocidLe = i;
+ break;
+ }
+ }
+ }
+
+ /* If using a docid=? or rowid=? strategy, set the UNIQUE flag. */
+ if( pInfo->idxNum==FTS3_DOCID_SEARCH ) fts3SetUniqueFlag(pInfo);
+
+ iIdx = 1;
+ if( iCons>=0 ){
+ pInfo->aConstraintUsage[iCons].argvIndex = iIdx++;
+ pInfo->aConstraintUsage[iCons].omit = 1;
+ }
+ if( iLangidCons>=0 ){
+ pInfo->idxNum |= FTS3_HAVE_LANGID;
+ pInfo->aConstraintUsage[iLangidCons].argvIndex = iIdx++;
+ }
+ if( iDocidGe>=0 ){
+ pInfo->idxNum |= FTS3_HAVE_DOCID_GE;
+ pInfo->aConstraintUsage[iDocidGe].argvIndex = iIdx++;
+ }
+ if( iDocidLe>=0 ){
+ pInfo->idxNum |= FTS3_HAVE_DOCID_LE;
+ pInfo->aConstraintUsage[iDocidLe].argvIndex = iIdx++;
+ }
+
+ /* Regardless of the strategy selected, FTS can deliver rows in rowid (or
+ ** docid) order. Both ascending and descending are possible.
+ */
+ if( pInfo->nOrderBy==1 ){
+ struct sqlite3_index_orderby *pOrder = &pInfo->aOrderBy[0];
+ if( pOrder->iColumn<0 || pOrder->iColumn==p->nColumn+1 ){
+ if( pOrder->desc ){
+ pInfo->idxStr = "DESC";
+ }else{
+ pInfo->idxStr = "ASC";
+ }
+ pInfo->orderByConsumed = 1;
+ }
+ }
+
+ assert( p->pSegments==0 );
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of xOpen method.
+*/
+static int fts3OpenMethod(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCsr){
+ sqlite3_vtab_cursor *pCsr; /* Allocated cursor */
+
+ UNUSED_PARAMETER(pVTab);
+
+ /* Allocate a buffer large enough for an Fts3Cursor structure. If the
+ ** allocation succeeds, zero it and return SQLITE_OK. Otherwise,
+ ** if the allocation fails, return SQLITE_NOMEM.
+ */
+ *ppCsr = pCsr = (sqlite3_vtab_cursor *)sqlite3_malloc(sizeof(Fts3Cursor));
+ if( !pCsr ){
+ return SQLITE_NOMEM;
+ }
+ memset(pCsr, 0, sizeof(Fts3Cursor));
+ return SQLITE_OK;
+}
+
+/*
+** Close the cursor. For additional information see the documentation
+** on the xClose method of the virtual table interface.
+*/
+static int fts3CloseMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3Cursor *pCsr = (Fts3Cursor *)pCursor;
+ assert( ((Fts3Table *)pCsr->base.pVtab)->pSegments==0 );
+ sqlite3_finalize(pCsr->pStmt);
+ sqlite3Fts3ExprFree(pCsr->pExpr);
+ sqlite3Fts3FreeDeferredTokens(pCsr);
+ sqlite3_free(pCsr->aDoclist);
+ sqlite3Fts3MIBufferFree(pCsr->pMIBuffer);
+ assert( ((Fts3Table *)pCsr->base.pVtab)->pSegments==0 );
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+/*
+** If pCsr->pStmt has not been prepared (i.e. if pCsr->pStmt==0), then
+** compose and prepare an SQL statement of the form:
+**
+** "SELECT <columns> FROM %_content WHERE rowid = ?"
+**
+** (or the equivalent for a content=xxx table) and set pCsr->pStmt to
+** it. If an error occurs, return an SQLite error code.
+**
+** Otherwise, set *ppStmt to point to pCsr->pStmt and return SQLITE_OK.
+*/
+static int fts3CursorSeekStmt(Fts3Cursor *pCsr, sqlite3_stmt **ppStmt){
+ int rc = SQLITE_OK;
+ if( pCsr->pStmt==0 ){
+ Fts3Table *p = (Fts3Table *)pCsr->base.pVtab;
+ char *zSql;
+ zSql = sqlite3_mprintf("SELECT %s WHERE rowid = ?", p->zReadExprlist);
+ if( !zSql ) return SQLITE_NOMEM;
+ rc = sqlite3_prepare_v2(p->db, zSql, -1, &pCsr->pStmt, 0);
+ sqlite3_free(zSql);
+ }
+ *ppStmt = pCsr->pStmt;
+ return rc;
+}
+
+/*
+** Position the pCsr->pStmt statement so that it is on the row
+** of the %_content table that contains the last match. Return
+** SQLITE_OK on success.
+*/
+static int fts3CursorSeek(sqlite3_context *pContext, Fts3Cursor *pCsr){
+ int rc = SQLITE_OK;
+ if( pCsr->isRequireSeek ){
+ sqlite3_stmt *pStmt = 0;
+
+ rc = fts3CursorSeekStmt(pCsr, &pStmt);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pCsr->pStmt, 1, pCsr->iPrevId);
+ pCsr->isRequireSeek = 0;
+ if( SQLITE_ROW==sqlite3_step(pCsr->pStmt) ){
+ return SQLITE_OK;
+ }else{
+ rc = sqlite3_reset(pCsr->pStmt);
+ if( rc==SQLITE_OK && ((Fts3Table *)pCsr->base.pVtab)->zContentTbl==0 ){
+ /* If no row was found and no error has occurred, then the %_content
+ ** table is missing a row that is present in the full-text index.
+ ** The data structures are corrupt. */
+ rc = FTS_CORRUPT_VTAB;
+ pCsr->isEof = 1;
+ }
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK && pContext ){
+ sqlite3_result_error_code(pContext, rc);
+ }
+ return rc;
+}
+
+/*
+** This function is used to process a single interior node when searching
+** a b-tree for a term or term prefix. The node data is passed to this
+** function via the zNode/nNode parameters. The term to search for is
+** passed in zTerm/nTerm.
+**
+** If piFirst is not NULL, then this function sets *piFirst to the blockid
+** of the child node that heads the sub-tree that may contain the term.
+**
+** If piLast is not NULL, then *piLast is set to the right-most child node
+** that heads a sub-tree that may contain a term for which zTerm/nTerm is
+** a prefix.
+**
+** If an OOM error occurs, SQLITE_NOMEM is returned. Otherwise, SQLITE_OK.
+*/
+static int fts3ScanInteriorNode(
+ const char *zTerm, /* Term to select leaves for */
+ int nTerm, /* Size of term zTerm in bytes */
+ const char *zNode, /* Buffer containing segment interior node */
+ int nNode, /* Size of buffer at zNode */
+ sqlite3_int64 *piFirst, /* OUT: Selected child node */
+ sqlite3_int64 *piLast /* OUT: Selected child node */
+){
+ int rc = SQLITE_OK; /* Return code */
+ const char *zCsr = zNode; /* Cursor to iterate through node */
+ const char *zEnd = &zCsr[nNode];/* End of interior node buffer */
+ char *zBuffer = 0; /* Buffer to load terms into */
+ int nAlloc = 0; /* Size of allocated buffer */
+ int isFirstTerm = 1; /* True when processing first term on page */
+ sqlite3_int64 iChild; /* Block id of child node to descend to */
+
+ /* Skip over the 'height' varint that occurs at the start of every
+ ** interior node. Then load the blockid of the left-child of the b-tree
+ ** node into variable iChild.
+ **
+ ** Even if the data structure on disk is corrupted, this (reading two
+ ** varints from the buffer) does not risk an overread. If zNode is a
+ ** root node, then the buffer comes from a SELECT statement. SQLite does
+ ** not make this guarantee explicitly, but in practice there are always
+ ** either more than 20 bytes of allocated space following the nNode bytes of
+ ** contents, or two zero bytes. Or, if the node is read from the %_segments
+ ** table, then there are always 20 bytes of zeroed padding following the
+ ** nNode bytes of content (see sqlite3Fts3ReadBlock() for details).
+ */
+ zCsr += sqlite3Fts3GetVarint(zCsr, &iChild);
+ zCsr += sqlite3Fts3GetVarint(zCsr, &iChild);
+ if( zCsr>zEnd ){
+ return FTS_CORRUPT_VTAB;
+ }
+
+ while( zCsr<zEnd && (piFirst || piLast) ){
+ int cmp; /* memcmp() result */
+ int nSuffix; /* Size of term suffix */
+ int nPrefix = 0; /* Size of term prefix */
+ int nBuffer; /* Total term size */
+
+ /* Load the next term on the node into zBuffer. Use realloc() to expand
+ ** the size of zBuffer if required. */
+ if( !isFirstTerm ){
+ zCsr += fts3GetVarint32(zCsr, &nPrefix);
+ }
+ isFirstTerm = 0;
+ zCsr += fts3GetVarint32(zCsr, &nSuffix);
+
+ if( nPrefix<0 || nSuffix<0 || &zCsr[nSuffix]>zEnd ){
+ rc = FTS_CORRUPT_VTAB;
+ goto finish_scan;
+ }
+ if( nPrefix+nSuffix>nAlloc ){
+ char *zNew;
+ nAlloc = (nPrefix+nSuffix) * 2;
+ zNew = (char *)sqlite3_realloc(zBuffer, nAlloc);
+ if( !zNew ){
+ rc = SQLITE_NOMEM;
+ goto finish_scan;
+ }
+ zBuffer = zNew;
+ }
+ assert( zBuffer );
+ memcpy(&zBuffer[nPrefix], zCsr, nSuffix);
+ nBuffer = nPrefix + nSuffix;
+ zCsr += nSuffix;
+
+ /* Compare the term we are searching for with the term just loaded from
+ ** the interior node. If the specified term is greater than or equal
+ ** to the term from the interior node, then all terms on the sub-tree
+ ** headed by node iChild are smaller than zTerm. No need to search
+ ** iChild.
+ **
+ ** If the interior node term is larger than the specified term, then
+ ** the tree headed by iChild may contain the specified term.
+ */
+ cmp = memcmp(zTerm, zBuffer, (nBuffer>nTerm ? nTerm : nBuffer));
+ if( piFirst && (cmp<0 || (cmp==0 && nBuffer>nTerm)) ){
+ *piFirst = iChild;
+ piFirst = 0;
+ }
+
+ if( piLast && cmp<0 ){
+ *piLast = iChild;
+ piLast = 0;
+ }
+
+ iChild++;
+ };
+
+ if( piFirst ) *piFirst = iChild;
+ if( piLast ) *piLast = iChild;
+
+ finish_scan:
+ sqlite3_free(zBuffer);
+ return rc;
+}
+
+
+/*
+** The buffer pointed to by argument zNode (size nNode bytes) contains an
+** interior node of a b-tree segment. The zTerm buffer (size nTerm bytes)
+** contains a term. This function searches the sub-tree headed by the zNode
+** node for the range of leaf nodes that may contain the specified term
+** or terms for which the specified term is a prefix.
+**
+** If piLeaf is not NULL, then *piLeaf is set to the blockid of the
+** left-most leaf node in the tree that may contain the specified term.
+** If piLeaf2 is not NULL, then *piLeaf2 is set to the blockid of the
+** right-most leaf node that may contain a term for which the specified
+** term is a prefix.
+**
+** It is possible that the range of returned leaf nodes does not contain
+** the specified term or any terms for which it is a prefix. However, if the
+** segment does contain any such terms, they are stored within the identified
+** range. Because this function only inspects interior segment nodes (and
+** never loads leaf nodes into memory), it is not possible to be sure.
+**
+** If an error occurs, an error code other than SQLITE_OK is returned.
+*/
+static int fts3SelectLeaf(
+ Fts3Table *p, /* Virtual table handle */
+ const char *zTerm, /* Term to select leaves for */
+ int nTerm, /* Size of term zTerm in bytes */
+ const char *zNode, /* Buffer containing segment interior node */
+ int nNode, /* Size of buffer at zNode */
+ sqlite3_int64 *piLeaf, /* Selected leaf node */
+ sqlite3_int64 *piLeaf2 /* Selected leaf node */
+){
+ int rc = SQLITE_OK; /* Return code */
+ int iHeight; /* Height of this node in tree */
+
+ assert( piLeaf || piLeaf2 );
+
+ fts3GetVarint32(zNode, &iHeight);
+ rc = fts3ScanInteriorNode(zTerm, nTerm, zNode, nNode, piLeaf, piLeaf2);
+ assert( !piLeaf2 || !piLeaf || rc!=SQLITE_OK || (*piLeaf<=*piLeaf2) );
+
+ if( rc==SQLITE_OK && iHeight>1 ){
+ char *zBlob = 0; /* Blob read from %_segments table */
+ int nBlob = 0; /* Size of zBlob in bytes */
+
+ if( piLeaf && piLeaf2 && (*piLeaf!=*piLeaf2) ){
+ rc = sqlite3Fts3ReadBlock(p, *piLeaf, &zBlob, &nBlob, 0);
+ if( rc==SQLITE_OK ){
+ rc = fts3SelectLeaf(p, zTerm, nTerm, zBlob, nBlob, piLeaf, 0);
+ }
+ sqlite3_free(zBlob);
+ piLeaf = 0;
+ zBlob = 0;
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3ReadBlock(p, piLeaf?*piLeaf:*piLeaf2, &zBlob, &nBlob, 0);
+ }
+ if( rc==SQLITE_OK ){
+ rc = fts3SelectLeaf(p, zTerm, nTerm, zBlob, nBlob, piLeaf, piLeaf2);
+ }
+ sqlite3_free(zBlob);
+ }
+
+ return rc;
+}
+
+/*
+** This function is used to create delta-encoded serialized lists of FTS3
+** varints. Each call to this function appends a single varint to a list.
+*/
+static void fts3PutDeltaVarint(
+ char **pp, /* IN/OUT: Output pointer */
+ sqlite3_int64 *piPrev, /* IN/OUT: Previous value written to list */
+ sqlite3_int64 iVal /* Write this value to the list */
+){
+ assert( iVal-*piPrev > 0 || (*piPrev==0 && iVal==0) );
+ *pp += sqlite3Fts3PutVarint(*pp, iVal-*piPrev);
+ *piPrev = iVal;
+}
+
+/*
+** When this function is called, *ppPoslist is assumed to point to the
+** start of a position-list. After it returns, *ppPoslist points to the
+** first byte after the position-list.
+**
+** A position list is list of positions (delta encoded) and columns for
+** a single document record of a doclist. So, in other words, this
+** routine advances *ppPoslist so that it points to the next docid in
+** the doclist, or to the first byte past the end of the doclist.
+**
+** If pp is not NULL, then the contents of the position list are copied
+** to *pp. *pp is set to point to the first byte past the last byte copied
+** before this function returns.
+*/
+static void fts3PoslistCopy(char **pp, char **ppPoslist){
+ char *pEnd = *ppPoslist;
+ char c = 0;
+
+ /* The end of a position list is marked by a zero encoded as an FTS3
+ ** varint. A single POS_END (0) byte. Except, if the 0 byte is preceded by
+ ** a byte with the 0x80 bit set, then it is not a varint 0, but the tail
+ ** of some other, multi-byte, value.
+ **
+ ** The following while-loop moves pEnd to point to the first byte that is not
+ ** immediately preceded by a byte with the 0x80 bit set. Then increments
+ ** pEnd once more so that it points to the byte immediately following the
+ ** last byte in the position-list.
+ */
+ while( *pEnd | c ){
+ c = *pEnd++ & 0x80;
+ testcase( c!=0 && (*pEnd)==0 );
+ }
+ pEnd++; /* Advance past the POS_END terminator byte */
+
+ if( pp ){
+ int n = (int)(pEnd - *ppPoslist);
+ char *p = *pp;
+ memcpy(p, *ppPoslist, n);
+ p += n;
+ *pp = p;
+ }
+ *ppPoslist = pEnd;
+}
+
+/*
+** When this function is called, *ppPoslist is assumed to point to the
+** start of a column-list. After it returns, *ppPoslist points to the
+** to the terminator (POS_COLUMN or POS_END) byte of the column-list.
+**
+** A column-list is list of delta-encoded positions for a single column
+** within a single document within a doclist.
+**
+** The column-list is terminated either by a POS_COLUMN varint (1) or
+** a POS_END varint (0). This routine leaves *ppPoslist pointing to
+** the POS_COLUMN or POS_END that terminates the column-list.
+**
+** If pp is not NULL, then the contents of the column-list are copied
+** to *pp. *pp is set to point to the first byte past the last byte copied
+** before this function returns. The POS_COLUMN or POS_END terminator
+** is not copied into *pp.
+*/
+static void fts3ColumnlistCopy(char **pp, char **ppPoslist){
+ char *pEnd = *ppPoslist;
+ char c = 0;
+
+ /* A column-list is terminated by either a 0x01 or 0x00 byte that is
+ ** not part of a multi-byte varint.
+ */
+ while( 0xFE & (*pEnd | c) ){
+ c = *pEnd++ & 0x80;
+ testcase( c!=0 && ((*pEnd)&0xfe)==0 );
+ }
+ if( pp ){
+ int n = (int)(pEnd - *ppPoslist);
+ char *p = *pp;
+ memcpy(p, *ppPoslist, n);
+ p += n;
+ *pp = p;
+ }
+ *ppPoslist = pEnd;
+}
+
+/*
+** Value used to signify the end of an position-list. This is safe because
+** it is not possible to have a document with 2^31 terms.
+*/
+#define POSITION_LIST_END 0x7fffffff
+
+/*
+** This function is used to help parse position-lists. When this function is
+** called, *pp may point to the start of the next varint in the position-list
+** being parsed, or it may point to 1 byte past the end of the position-list
+** (in which case **pp will be a terminator bytes POS_END (0) or
+** (1)).
+**
+** If *pp points past the end of the current position-list, set *pi to
+** POSITION_LIST_END and return. Otherwise, read the next varint from *pp,
+** increment the current value of *pi by the value read, and set *pp to
+** point to the next value before returning.
+**
+** Before calling this routine *pi must be initialized to the value of
+** the previous position, or zero if we are reading the first position
+** in the position-list. Because positions are delta-encoded, the value
+** of the previous position is needed in order to compute the value of
+** the next position.
+*/
+static void fts3ReadNextPos(
+ char **pp, /* IN/OUT: Pointer into position-list buffer */
+ sqlite3_int64 *pi /* IN/OUT: Value read from position-list */
+){
+ if( (**pp)&0xFE ){
+ fts3GetDeltaVarint(pp, pi);
+ *pi -= 2;
+ }else{
+ *pi = POSITION_LIST_END;
+ }
+}
+
+/*
+** If parameter iCol is not 0, write an POS_COLUMN (1) byte followed by
+** the value of iCol encoded as a varint to *pp. This will start a new
+** column list.
+**
+** Set *pp to point to the byte just after the last byte written before
+** returning (do not modify it if iCol==0). Return the total number of bytes
+** written (0 if iCol==0).
+*/
+static int fts3PutColNumber(char **pp, int iCol){
+ int n = 0; /* Number of bytes written */
+ if( iCol ){
+ char *p = *pp; /* Output pointer */
+ n = 1 + sqlite3Fts3PutVarint(&p[1], iCol);
+ *p = 0x01;
+ *pp = &p[n];
+ }
+ return n;
+}
+
+/*
+** Compute the union of two position lists. The output written
+** into *pp contains all positions of both *pp1 and *pp2 in sorted
+** order and with any duplicates removed. All pointers are
+** updated appropriately. The caller is responsible for insuring
+** that there is enough space in *pp to hold the complete output.
+*/
+static void fts3PoslistMerge(
+ char **pp, /* Output buffer */
+ char **pp1, /* Left input list */
+ char **pp2 /* Right input list */
+){
+ char *p = *pp;
+ char *p1 = *pp1;
+ char *p2 = *pp2;
+
+ while( *p1 || *p2 ){
+ int iCol1; /* The current column index in pp1 */
+ int iCol2; /* The current column index in pp2 */
+
+ if( *p1==POS_COLUMN ) fts3GetVarint32(&p1[1], &iCol1);
+ else if( *p1==POS_END ) iCol1 = POSITION_LIST_END;
+ else iCol1 = 0;
+
+ if( *p2==POS_COLUMN ) fts3GetVarint32(&p2[1], &iCol2);
+ else if( *p2==POS_END ) iCol2 = POSITION_LIST_END;
+ else iCol2 = 0;
+
+ if( iCol1==iCol2 ){
+ sqlite3_int64 i1 = 0; /* Last position from pp1 */
+ sqlite3_int64 i2 = 0; /* Last position from pp2 */
+ sqlite3_int64 iPrev = 0;
+ int n = fts3PutColNumber(&p, iCol1);
+ p1 += n;
+ p2 += n;
+
+ /* At this point, both p1 and p2 point to the start of column-lists
+ ** for the same column (the column with index iCol1 and iCol2).
+ ** A column-list is a list of non-negative delta-encoded varints, each
+ ** incremented by 2 before being stored. Each list is terminated by a
+ ** POS_END (0) or POS_COLUMN (1). The following block merges the two lists
+ ** and writes the results to buffer p. p is left pointing to the byte
+ ** after the list written. No terminator (POS_END or POS_COLUMN) is
+ ** written to the output.
+ */
+ fts3GetDeltaVarint(&p1, &i1);
+ fts3GetDeltaVarint(&p2, &i2);
+ do {
+ fts3PutDeltaVarint(&p, &iPrev, (i1<i2) ? i1 : i2);
+ iPrev -= 2;
+ if( i1==i2 ){
+ fts3ReadNextPos(&p1, &i1);
+ fts3ReadNextPos(&p2, &i2);
+ }else if( i1<i2 ){
+ fts3ReadNextPos(&p1, &i1);
+ }else{
+ fts3ReadNextPos(&p2, &i2);
+ }
+ }while( i1!=POSITION_LIST_END || i2!=POSITION_LIST_END );
+ }else if( iCol1<iCol2 ){
+ p1 += fts3PutColNumber(&p, iCol1);
+ fts3ColumnlistCopy(&p, &p1);
+ }else{
+ p2 += fts3PutColNumber(&p, iCol2);
+ fts3ColumnlistCopy(&p, &p2);
+ }
+ }
+
+ *p++ = POS_END;
+ *pp = p;
+ *pp1 = p1 + 1;
+ *pp2 = p2 + 1;
+}
+
+/*
+** This function is used to merge two position lists into one. When it is
+** called, *pp1 and *pp2 must both point to position lists. A position-list is
+** the part of a doclist that follows each document id. For example, if a row
+** contains:
+**
+** 'a b c'|'x y z'|'a b b a'
+**
+** Then the position list for this row for token 'b' would consist of:
+**
+** 0x02 0x01 0x02 0x03 0x03 0x00
+**
+** When this function returns, both *pp1 and *pp2 are left pointing to the
+** byte following the 0x00 terminator of their respective position lists.
+**
+** If isSaveLeft is 0, an entry is added to the output position list for
+** each position in *pp2 for which there exists one or more positions in
+** *pp1 so that (pos(*pp2)>pos(*pp1) && pos(*pp2)-pos(*pp1)<=nToken). i.e.
+** when the *pp1 token appears before the *pp2 token, but not more than nToken
+** slots before it.
+**
+** e.g. nToken==1 searches for adjacent positions.
+*/
+static int fts3PoslistPhraseMerge(
+ char **pp, /* IN/OUT: Preallocated output buffer */
+ int nToken, /* Maximum difference in token positions */
+ int isSaveLeft, /* Save the left position */
+ int isExact, /* If *pp1 is exactly nTokens before *pp2 */
+ char **pp1, /* IN/OUT: Left input list */
+ char **pp2 /* IN/OUT: Right input list */
+){
+ char *p = *pp;
+ char *p1 = *pp1;
+ char *p2 = *pp2;
+ int iCol1 = 0;
+ int iCol2 = 0;
+
+ /* Never set both isSaveLeft and isExact for the same invocation. */
+ assert( isSaveLeft==0 || isExact==0 );
+
+ assert( p!=0 && *p1!=0 && *p2!=0 );
+ if( *p1==POS_COLUMN ){
+ p1++;
+ p1 += fts3GetVarint32(p1, &iCol1);
+ }
+ if( *p2==POS_COLUMN ){
+ p2++;
+ p2 += fts3GetVarint32(p2, &iCol2);
+ }
+
+ while( 1 ){
+ if( iCol1==iCol2 ){
+ char *pSave = p;
+ sqlite3_int64 iPrev = 0;
+ sqlite3_int64 iPos1 = 0;
+ sqlite3_int64 iPos2 = 0;
+
+ if( iCol1 ){
+ *p++ = POS_COLUMN;
+ p += sqlite3Fts3PutVarint(p, iCol1);
+ }
+
+ assert( *p1!=POS_END && *p1!=POS_COLUMN );
+ assert( *p2!=POS_END && *p2!=POS_COLUMN );
+ fts3GetDeltaVarint(&p1, &iPos1); iPos1 -= 2;
+ fts3GetDeltaVarint(&p2, &iPos2); iPos2 -= 2;
+
+ while( 1 ){
+ if( iPos2==iPos1+nToken
+ || (isExact==0 && iPos2>iPos1 && iPos2<=iPos1+nToken)
+ ){
+ sqlite3_int64 iSave;
+ iSave = isSaveLeft ? iPos1 : iPos2;
+ fts3PutDeltaVarint(&p, &iPrev, iSave+2); iPrev -= 2;
+ pSave = 0;
+ assert( p );
+ }
+ if( (!isSaveLeft && iPos2<=(iPos1+nToken)) || iPos2<=iPos1 ){
+ if( (*p2&0xFE)==0 ) break;
+ fts3GetDeltaVarint(&p2, &iPos2); iPos2 -= 2;
+ }else{
+ if( (*p1&0xFE)==0 ) break;
+ fts3GetDeltaVarint(&p1, &iPos1); iPos1 -= 2;
+ }
+ }
+
+ if( pSave ){
+ assert( pp && p );
+ p = pSave;
+ }
+
+ fts3ColumnlistCopy(0, &p1);
+ fts3ColumnlistCopy(0, &p2);
+ assert( (*p1&0xFE)==0 && (*p2&0xFE)==0 );
+ if( 0==*p1 || 0==*p2 ) break;
+
+ p1++;
+ p1 += fts3GetVarint32(p1, &iCol1);
+ p2++;
+ p2 += fts3GetVarint32(p2, &iCol2);
+ }
+
+ /* Advance pointer p1 or p2 (whichever corresponds to the smaller of
+ ** iCol1 and iCol2) so that it points to either the 0x00 that marks the
+ ** end of the position list, or the 0x01 that precedes the next
+ ** column-number in the position list.
+ */
+ else if( iCol1<iCol2 ){
+ fts3ColumnlistCopy(0, &p1);
+ if( 0==*p1 ) break;
+ p1++;
+ p1 += fts3GetVarint32(p1, &iCol1);
+ }else{
+ fts3ColumnlistCopy(0, &p2);
+ if( 0==*p2 ) break;
+ p2++;
+ p2 += fts3GetVarint32(p2, &iCol2);
+ }
+ }
+
+ fts3PoslistCopy(0, &p2);
+ fts3PoslistCopy(0, &p1);
+ *pp1 = p1;
+ *pp2 = p2;
+ if( *pp==p ){
+ return 0;
+ }
+ *p++ = 0x00;
+ *pp = p;
+ return 1;
+}
+
+/*
+** Merge two position-lists as required by the NEAR operator. The argument
+** position lists correspond to the left and right phrases of an expression
+** like:
+**
+** "phrase 1" NEAR "phrase number 2"
+**
+** Position list *pp1 corresponds to the left-hand side of the NEAR
+** expression and *pp2 to the right. As usual, the indexes in the position
+** lists are the offsets of the last token in each phrase (tokens "1" and "2"
+** in the example above).
+**
+** The output position list - written to *pp - is a copy of *pp2 with those
+** entries that are not sufficiently NEAR entries in *pp1 removed.
+*/
+static int fts3PoslistNearMerge(
+ char **pp, /* Output buffer */
+ char *aTmp, /* Temporary buffer space */
+ int nRight, /* Maximum difference in token positions */
+ int nLeft, /* Maximum difference in token positions */
+ char **pp1, /* IN/OUT: Left input list */
+ char **pp2 /* IN/OUT: Right input list */
+){
+ char *p1 = *pp1;
+ char *p2 = *pp2;
+
+ char *pTmp1 = aTmp;
+ char *pTmp2;
+ char *aTmp2;
+ int res = 1;
+
+ fts3PoslistPhraseMerge(&pTmp1, nRight, 0, 0, pp1, pp2);
+ aTmp2 = pTmp2 = pTmp1;
+ *pp1 = p1;
+ *pp2 = p2;
+ fts3PoslistPhraseMerge(&pTmp2, nLeft, 1, 0, pp2, pp1);
+ if( pTmp1!=aTmp && pTmp2!=aTmp2 ){
+ fts3PoslistMerge(pp, &aTmp, &aTmp2);
+ }else if( pTmp1!=aTmp ){
+ fts3PoslistCopy(pp, &aTmp);
+ }else if( pTmp2!=aTmp2 ){
+ fts3PoslistCopy(pp, &aTmp2);
+ }else{
+ res = 0;
+ }
+
+ return res;
+}
+
+/*
+** An instance of this function is used to merge together the (potentially
+** large number of) doclists for each term that matches a prefix query.
+** See function fts3TermSelectMerge() for details.
+*/
+typedef struct TermSelect TermSelect;
+struct TermSelect {
+ char *aaOutput[16]; /* Malloc'd output buffers */
+ int anOutput[16]; /* Size each output buffer in bytes */
+};
+
+/*
+** This function is used to read a single varint from a buffer. Parameter
+** pEnd points 1 byte past the end of the buffer. When this function is
+** called, if *pp points to pEnd or greater, then the end of the buffer
+** has been reached. In this case *pp is set to 0 and the function returns.
+**
+** If *pp does not point to or past pEnd, then a single varint is read
+** from *pp. *pp is then set to point 1 byte past the end of the read varint.
+**
+** If bDescIdx is false, the value read is added to *pVal before returning.
+** If it is true, the value read is subtracted from *pVal before this
+** function returns.
+*/
+static void fts3GetDeltaVarint3(
+ char **pp, /* IN/OUT: Point to read varint from */
+ char *pEnd, /* End of buffer */
+ int bDescIdx, /* True if docids are descending */
+ sqlite3_int64 *pVal /* IN/OUT: Integer value */
+){
+ if( *pp>=pEnd ){
+ *pp = 0;
+ }else{
+ sqlite3_int64 iVal;
+ *pp += sqlite3Fts3GetVarint(*pp, &iVal);
+ if( bDescIdx ){
+ *pVal -= iVal;
+ }else{
+ *pVal += iVal;
+ }
+ }
+}
+
+/*
+** This function is used to write a single varint to a buffer. The varint
+** is written to *pp. Before returning, *pp is set to point 1 byte past the
+** end of the value written.
+**
+** If *pbFirst is zero when this function is called, the value written to
+** the buffer is that of parameter iVal.
+**
+** If *pbFirst is non-zero when this function is called, then the value
+** written is either (iVal-*piPrev) (if bDescIdx is zero) or (*piPrev-iVal)
+** (if bDescIdx is non-zero).
+**
+** Before returning, this function always sets *pbFirst to 1 and *piPrev
+** to the value of parameter iVal.
+*/
+static void fts3PutDeltaVarint3(
+ char **pp, /* IN/OUT: Output pointer */
+ int bDescIdx, /* True for descending docids */
+ sqlite3_int64 *piPrev, /* IN/OUT: Previous value written to list */
+ int *pbFirst, /* IN/OUT: True after first int written */
+ sqlite3_int64 iVal /* Write this value to the list */
+){
+ sqlite3_int64 iWrite;
+ if( bDescIdx==0 || *pbFirst==0 ){
+ iWrite = iVal - *piPrev;
+ }else{
+ iWrite = *piPrev - iVal;
+ }
+ assert( *pbFirst || *piPrev==0 );
+ assert( *pbFirst==0 || iWrite>0 );
+ *pp += sqlite3Fts3PutVarint(*pp, iWrite);
+ *piPrev = iVal;
+ *pbFirst = 1;
+}
+
+
+/*
+** This macro is used by various functions that merge doclists. The two
+** arguments are 64-bit docid values. If the value of the stack variable
+** bDescDoclist is 0 when this macro is invoked, then it returns (i1-i2).
+** Otherwise, (i2-i1).
+**
+** Using this makes it easier to write code that can merge doclists that are
+** sorted in either ascending or descending order.
+*/
+#define DOCID_CMP(i1, i2) ((bDescDoclist?-1:1) * (i1-i2))
+
+/*
+** This function does an "OR" merge of two doclists (output contains all
+** positions contained in either argument doclist). If the docids in the
+** input doclists are sorted in ascending order, parameter bDescDoclist
+** should be false. If they are sorted in ascending order, it should be
+** passed a non-zero value.
+**
+** If no error occurs, *paOut is set to point at an sqlite3_malloc'd buffer
+** containing the output doclist and SQLITE_OK is returned. In this case
+** *pnOut is set to the number of bytes in the output doclist.
+**
+** If an error occurs, an SQLite error code is returned. The output values
+** are undefined in this case.
+*/
+static int fts3DoclistOrMerge(
+ int bDescDoclist, /* True if arguments are desc */
+ char *a1, int n1, /* First doclist */
+ char *a2, int n2, /* Second doclist */
+ char **paOut, int *pnOut /* OUT: Malloc'd doclist */
+){
+ sqlite3_int64 i1 = 0;
+ sqlite3_int64 i2 = 0;
+ sqlite3_int64 iPrev = 0;
+ char *pEnd1 = &a1[n1];
+ char *pEnd2 = &a2[n2];
+ char *p1 = a1;
+ char *p2 = a2;
+ char *p;
+ char *aOut;
+ int bFirstOut = 0;
+
+ *paOut = 0;
+ *pnOut = 0;
+
+ /* Allocate space for the output. Both the input and output doclists
+ ** are delta encoded. If they are in ascending order (bDescDoclist==0),
+ ** then the first docid in each list is simply encoded as a varint. For
+ ** each subsequent docid, the varint stored is the difference between the
+ ** current and previous docid (a positive number - since the list is in
+ ** ascending order).
+ **
+ ** The first docid written to the output is therefore encoded using the
+ ** same number of bytes as it is in whichever of the input lists it is
+ ** read from. And each subsequent docid read from the same input list
+ ** consumes either the same or less bytes as it did in the input (since
+ ** the difference between it and the previous value in the output must
+ ** be a positive value less than or equal to the delta value read from
+ ** the input list). The same argument applies to all but the first docid
+ ** read from the 'other' list. And to the contents of all position lists
+ ** that will be copied and merged from the input to the output.
+ **
+ ** However, if the first docid copied to the output is a negative number,
+ ** then the encoding of the first docid from the 'other' input list may
+ ** be larger in the output than it was in the input (since the delta value
+ ** may be a larger positive integer than the actual docid).
+ **
+ ** The space required to store the output is therefore the sum of the
+ ** sizes of the two inputs, plus enough space for exactly one of the input
+ ** docids to grow.
+ **
+ ** A symetric argument may be made if the doclists are in descending
+ ** order.
+ */
+ aOut = sqlite3_malloc(n1+n2+FTS3_VARINT_MAX-1);
+ if( !aOut ) return SQLITE_NOMEM;
+
+ p = aOut;
+ fts3GetDeltaVarint3(&p1, pEnd1, 0, &i1);
+ fts3GetDeltaVarint3(&p2, pEnd2, 0, &i2);
+ while( p1 || p2 ){
+ sqlite3_int64 iDiff = DOCID_CMP(i1, i2);
+
+ if( p2 && p1 && iDiff==0 ){
+ fts3PutDeltaVarint3(&p, bDescDoclist, &iPrev, &bFirstOut, i1);
+ fts3PoslistMerge(&p, &p1, &p2);
+ fts3GetDeltaVarint3(&p1, pEnd1, bDescDoclist, &i1);
+ fts3GetDeltaVarint3(&p2, pEnd2, bDescDoclist, &i2);
+ }else if( !p2 || (p1 && iDiff<0) ){
+ fts3PutDeltaVarint3(&p, bDescDoclist, &iPrev, &bFirstOut, i1);
+ fts3PoslistCopy(&p, &p1);
+ fts3GetDeltaVarint3(&p1, pEnd1, bDescDoclist, &i1);
+ }else{
+ fts3PutDeltaVarint3(&p, bDescDoclist, &iPrev, &bFirstOut, i2);
+ fts3PoslistCopy(&p, &p2);
+ fts3GetDeltaVarint3(&p2, pEnd2, bDescDoclist, &i2);
+ }
+ }
+
+ *paOut = aOut;
+ *pnOut = (int)(p-aOut);
+ assert( *pnOut<=n1+n2+FTS3_VARINT_MAX-1 );
+ return SQLITE_OK;
+}
+
+/*
+** This function does a "phrase" merge of two doclists. In a phrase merge,
+** the output contains a copy of each position from the right-hand input
+** doclist for which there is a position in the left-hand input doclist
+** exactly nDist tokens before it.
+**
+** If the docids in the input doclists are sorted in ascending order,
+** parameter bDescDoclist should be false. If they are sorted in ascending
+** order, it should be passed a non-zero value.
+**
+** The right-hand input doclist is overwritten by this function.
+*/
+static int fts3DoclistPhraseMerge(
+ int bDescDoclist, /* True if arguments are desc */
+ int nDist, /* Distance from left to right (1=adjacent) */
+ char *aLeft, int nLeft, /* Left doclist */
+ char **paRight, int *pnRight /* IN/OUT: Right/output doclist */
+){
+ sqlite3_int64 i1 = 0;
+ sqlite3_int64 i2 = 0;
+ sqlite3_int64 iPrev = 0;
+ char *aRight = *paRight;
+ char *pEnd1 = &aLeft[nLeft];
+ char *pEnd2 = &aRight[*pnRight];
+ char *p1 = aLeft;
+ char *p2 = aRight;
+ char *p;
+ int bFirstOut = 0;
+ char *aOut;
+
+ assert( nDist>0 );
+ if( bDescDoclist ){
+ aOut = sqlite3_malloc(*pnRight + FTS3_VARINT_MAX);
+ if( aOut==0 ) return SQLITE_NOMEM;
+ }else{
+ aOut = aRight;
+ }
+ p = aOut;
+
+ fts3GetDeltaVarint3(&p1, pEnd1, 0, &i1);
+ fts3GetDeltaVarint3(&p2, pEnd2, 0, &i2);
+
+ while( p1 && p2 ){
+ sqlite3_int64 iDiff = DOCID_CMP(i1, i2);
+ if( iDiff==0 ){
+ char *pSave = p;
+ sqlite3_int64 iPrevSave = iPrev;
+ int bFirstOutSave = bFirstOut;
+
+ fts3PutDeltaVarint3(&p, bDescDoclist, &iPrev, &bFirstOut, i1);
+ if( 0==fts3PoslistPhraseMerge(&p, nDist, 0, 1, &p1, &p2) ){
+ p = pSave;
+ iPrev = iPrevSave;
+ bFirstOut = bFirstOutSave;
+ }
+ fts3GetDeltaVarint3(&p1, pEnd1, bDescDoclist, &i1);
+ fts3GetDeltaVarint3(&p2, pEnd2, bDescDoclist, &i2);
+ }else if( iDiff<0 ){
+ fts3PoslistCopy(0, &p1);
+ fts3GetDeltaVarint3(&p1, pEnd1, bDescDoclist, &i1);
+ }else{
+ fts3PoslistCopy(0, &p2);
+ fts3GetDeltaVarint3(&p2, pEnd2, bDescDoclist, &i2);
+ }
+ }
+
+ *pnRight = (int)(p - aOut);
+ if( bDescDoclist ){
+ sqlite3_free(aRight);
+ *paRight = aOut;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Argument pList points to a position list nList bytes in size. This
+** function checks to see if the position list contains any entries for
+** a token in position 0 (of any column). If so, it writes argument iDelta
+** to the output buffer pOut, followed by a position list consisting only
+** of the entries from pList at position 0, and terminated by an 0x00 byte.
+** The value returned is the number of bytes written to pOut (if any).
+*/
+SQLITE_PRIVATE int sqlite3Fts3FirstFilter(
+ sqlite3_int64 iDelta, /* Varint that may be written to pOut */
+ char *pList, /* Position list (no 0x00 term) */
+ int nList, /* Size of pList in bytes */
+ char *pOut /* Write output here */
+){
+ int nOut = 0;
+ int bWritten = 0; /* True once iDelta has been written */
+ char *p = pList;
+ char *pEnd = &pList[nList];
+
+ if( *p!=0x01 ){
+ if( *p==0x02 ){
+ nOut += sqlite3Fts3PutVarint(&pOut[nOut], iDelta);
+ pOut[nOut++] = 0x02;
+ bWritten = 1;
+ }
+ fts3ColumnlistCopy(0, &p);
+ }
+
+ while( p<pEnd && *p==0x01 ){
+ sqlite3_int64 iCol;
+ p++;
+ p += sqlite3Fts3GetVarint(p, &iCol);
+ if( *p==0x02 ){
+ if( bWritten==0 ){
+ nOut += sqlite3Fts3PutVarint(&pOut[nOut], iDelta);
+ bWritten = 1;
+ }
+ pOut[nOut++] = 0x01;
+ nOut += sqlite3Fts3PutVarint(&pOut[nOut], iCol);
+ pOut[nOut++] = 0x02;
+ }
+ fts3ColumnlistCopy(0, &p);
+ }
+ if( bWritten ){
+ pOut[nOut++] = 0x00;
+ }
+
+ return nOut;
+}
+
+
+/*
+** Merge all doclists in the TermSelect.aaOutput[] array into a single
+** doclist stored in TermSelect.aaOutput[0]. If successful, delete all
+** other doclists (except the aaOutput[0] one) and return SQLITE_OK.
+**
+** If an OOM error occurs, return SQLITE_NOMEM. In this case it is
+** the responsibility of the caller to free any doclists left in the
+** TermSelect.aaOutput[] array.
+*/
+static int fts3TermSelectFinishMerge(Fts3Table *p, TermSelect *pTS){
+ char *aOut = 0;
+ int nOut = 0;
+ int i;
+
+ /* Loop through the doclists in the aaOutput[] array. Merge them all
+ ** into a single doclist.
+ */
+ for(i=0; i<SizeofArray(pTS->aaOutput); i++){
+ if( pTS->aaOutput[i] ){
+ if( !aOut ){
+ aOut = pTS->aaOutput[i];
+ nOut = pTS->anOutput[i];
+ pTS->aaOutput[i] = 0;
+ }else{
+ int nNew;
+ char *aNew;
+
+ int rc = fts3DoclistOrMerge(p->bDescIdx,
+ pTS->aaOutput[i], pTS->anOutput[i], aOut, nOut, &aNew, &nNew
+ );
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(aOut);
+ return rc;
+ }
+
+ sqlite3_free(pTS->aaOutput[i]);
+ sqlite3_free(aOut);
+ pTS->aaOutput[i] = 0;
+ aOut = aNew;
+ nOut = nNew;
+ }
+ }
+ }
+
+ pTS->aaOutput[0] = aOut;
+ pTS->anOutput[0] = nOut;
+ return SQLITE_OK;
+}
+
+/*
+** Merge the doclist aDoclist/nDoclist into the TermSelect object passed
+** as the first argument. The merge is an "OR" merge (see function
+** fts3DoclistOrMerge() for details).
+**
+** This function is called with the doclist for each term that matches
+** a queried prefix. It merges all these doclists into one, the doclist
+** for the specified prefix. Since there can be a very large number of
+** doclists to merge, the merging is done pair-wise using the TermSelect
+** object.
+**
+** This function returns SQLITE_OK if the merge is successful, or an
+** SQLite error code (SQLITE_NOMEM) if an error occurs.
+*/
+static int fts3TermSelectMerge(
+ Fts3Table *p, /* FTS table handle */
+ TermSelect *pTS, /* TermSelect object to merge into */
+ char *aDoclist, /* Pointer to doclist */
+ int nDoclist /* Size of aDoclist in bytes */
+){
+ if( pTS->aaOutput[0]==0 ){
+ /* If this is the first term selected, copy the doclist to the output
+ ** buffer using memcpy().
+ **
+ ** Add FTS3_VARINT_MAX bytes of unused space to the end of the
+ ** allocation. This is so as to ensure that the buffer is big enough
+ ** to hold the current doclist AND'd with any other doclist. If the
+ ** doclists are stored in order=ASC order, this padding would not be
+ ** required (since the size of [doclistA AND doclistB] is always less
+ ** than or equal to the size of [doclistA] in that case). But this is
+ ** not true for order=DESC. For example, a doclist containing (1, -1)
+ ** may be smaller than (-1), as in the first example the -1 may be stored
+ ** as a single-byte delta, whereas in the second it must be stored as a
+ ** FTS3_VARINT_MAX byte varint.
+ **
+ ** Similar padding is added in the fts3DoclistOrMerge() function.
+ */
+ pTS->aaOutput[0] = sqlite3_malloc(nDoclist + FTS3_VARINT_MAX + 1);
+ pTS->anOutput[0] = nDoclist;
+ if( pTS->aaOutput[0] ){
+ memcpy(pTS->aaOutput[0], aDoclist, nDoclist);
+ }else{
+ return SQLITE_NOMEM;
+ }
+ }else{
+ char *aMerge = aDoclist;
+ int nMerge = nDoclist;
+ int iOut;
+
+ for(iOut=0; iOut<SizeofArray(pTS->aaOutput); iOut++){
+ if( pTS->aaOutput[iOut]==0 ){
+ assert( iOut>0 );
+ pTS->aaOutput[iOut] = aMerge;
+ pTS->anOutput[iOut] = nMerge;
+ break;
+ }else{
+ char *aNew;
+ int nNew;
+
+ int rc = fts3DoclistOrMerge(p->bDescIdx, aMerge, nMerge,
+ pTS->aaOutput[iOut], pTS->anOutput[iOut], &aNew, &nNew
+ );
+ if( rc!=SQLITE_OK ){
+ if( aMerge!=aDoclist ) sqlite3_free(aMerge);
+ return rc;
+ }
+
+ if( aMerge!=aDoclist ) sqlite3_free(aMerge);
+ sqlite3_free(pTS->aaOutput[iOut]);
+ pTS->aaOutput[iOut] = 0;
+
+ aMerge = aNew;
+ nMerge = nNew;
+ if( (iOut+1)==SizeofArray(pTS->aaOutput) ){
+ pTS->aaOutput[iOut] = aMerge;
+ pTS->anOutput[iOut] = nMerge;
+ }
+ }
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Append SegReader object pNew to the end of the pCsr->apSegment[] array.
+*/
+static int fts3SegReaderCursorAppend(
+ Fts3MultiSegReader *pCsr,
+ Fts3SegReader *pNew
+){
+ if( (pCsr->nSegment%16)==0 ){
+ Fts3SegReader **apNew;
+ int nByte = (pCsr->nSegment + 16)*sizeof(Fts3SegReader*);
+ apNew = (Fts3SegReader **)sqlite3_realloc(pCsr->apSegment, nByte);
+ if( !apNew ){
+ sqlite3Fts3SegReaderFree(pNew);
+ return SQLITE_NOMEM;
+ }
+ pCsr->apSegment = apNew;
+ }
+ pCsr->apSegment[pCsr->nSegment++] = pNew;
+ return SQLITE_OK;
+}
+
+/*
+** Add seg-reader objects to the Fts3MultiSegReader object passed as the
+** 8th argument.
+**
+** This function returns SQLITE_OK if successful, or an SQLite error code
+** otherwise.
+*/
+static int fts3SegReaderCursor(
+ Fts3Table *p, /* FTS3 table handle */
+ int iLangid, /* Language id */
+ int iIndex, /* Index to search (from 0 to p->nIndex-1) */
+ int iLevel, /* Level of segments to scan */
+ const char *zTerm, /* Term to query for */
+ int nTerm, /* Size of zTerm in bytes */
+ int isPrefix, /* True for a prefix search */
+ int isScan, /* True to scan from zTerm to EOF */
+ Fts3MultiSegReader *pCsr /* Cursor object to populate */
+){
+ int rc = SQLITE_OK; /* Error code */
+ sqlite3_stmt *pStmt = 0; /* Statement to iterate through segments */
+ int rc2; /* Result of sqlite3_reset() */
+
+ /* If iLevel is less than 0 and this is not a scan, include a seg-reader
+ ** for the pending-terms. If this is a scan, then this call must be being
+ ** made by an fts4aux module, not an FTS table. In this case calling
+ ** Fts3SegReaderPending might segfault, as the data structures used by
+ ** fts4aux are not completely populated. So it's easiest to filter these
+ ** calls out here. */
+ if( iLevel<0 && p->aIndex ){
+ Fts3SegReader *pSeg = 0;
+ rc = sqlite3Fts3SegReaderPending(p, iIndex, zTerm, nTerm, isPrefix||isScan, &pSeg);
+ if( rc==SQLITE_OK && pSeg ){
+ rc = fts3SegReaderCursorAppend(pCsr, pSeg);
+ }
+ }
+
+ if( iLevel!=FTS3_SEGCURSOR_PENDING ){
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3AllSegdirs(p, iLangid, iIndex, iLevel, &pStmt);
+ }
+
+ while( rc==SQLITE_OK && SQLITE_ROW==(rc = sqlite3_step(pStmt)) ){
+ Fts3SegReader *pSeg = 0;
+
+ /* Read the values returned by the SELECT into local variables. */
+ sqlite3_int64 iStartBlock = sqlite3_column_int64(pStmt, 1);
+ sqlite3_int64 iLeavesEndBlock = sqlite3_column_int64(pStmt, 2);
+ sqlite3_int64 iEndBlock = sqlite3_column_int64(pStmt, 3);
+ int nRoot = sqlite3_column_bytes(pStmt, 4);
+ char const *zRoot = sqlite3_column_blob(pStmt, 4);
+
+ /* If zTerm is not NULL, and this segment is not stored entirely on its
+ ** root node, the range of leaves scanned can be reduced. Do this. */
+ if( iStartBlock && zTerm ){
+ sqlite3_int64 *pi = (isPrefix ? &iLeavesEndBlock : 0);
+ rc = fts3SelectLeaf(p, zTerm, nTerm, zRoot, nRoot, &iStartBlock, pi);
+ if( rc!=SQLITE_OK ) goto finished;
+ if( isPrefix==0 && isScan==0 ) iLeavesEndBlock = iStartBlock;
+ }
+
+ rc = sqlite3Fts3SegReaderNew(pCsr->nSegment+1,
+ (isPrefix==0 && isScan==0),
+ iStartBlock, iLeavesEndBlock,
+ iEndBlock, zRoot, nRoot, &pSeg
+ );
+ if( rc!=SQLITE_OK ) goto finished;
+ rc = fts3SegReaderCursorAppend(pCsr, pSeg);
+ }
+ }
+
+ finished:
+ rc2 = sqlite3_reset(pStmt);
+ if( rc==SQLITE_DONE ) rc = rc2;
+
+ return rc;
+}
+
+/*
+** Set up a cursor object for iterating through a full-text index or a
+** single level therein.
+*/
+SQLITE_PRIVATE int sqlite3Fts3SegReaderCursor(
+ Fts3Table *p, /* FTS3 table handle */
+ int iLangid, /* Language-id to search */
+ int iIndex, /* Index to search (from 0 to p->nIndex-1) */
+ int iLevel, /* Level of segments to scan */
+ const char *zTerm, /* Term to query for */
+ int nTerm, /* Size of zTerm in bytes */
+ int isPrefix, /* True for a prefix search */
+ int isScan, /* True to scan from zTerm to EOF */
+ Fts3MultiSegReader *pCsr /* Cursor object to populate */
+){
+ assert( iIndex>=0 && iIndex<p->nIndex );
+ assert( iLevel==FTS3_SEGCURSOR_ALL
+ || iLevel==FTS3_SEGCURSOR_PENDING
+ || iLevel>=0
+ );
+ assert( iLevel<FTS3_SEGDIR_MAXLEVEL );
+ assert( FTS3_SEGCURSOR_ALL<0 && FTS3_SEGCURSOR_PENDING<0 );
+ assert( isPrefix==0 || isScan==0 );
+
+ memset(pCsr, 0, sizeof(Fts3MultiSegReader));
+ return fts3SegReaderCursor(
+ p, iLangid, iIndex, iLevel, zTerm, nTerm, isPrefix, isScan, pCsr
+ );
+}
+
+/*
+** In addition to its current configuration, have the Fts3MultiSegReader
+** passed as the 4th argument also scan the doclist for term zTerm/nTerm.
+**
+** SQLITE_OK is returned if no error occurs, otherwise an SQLite error code.
+*/
+static int fts3SegReaderCursorAddZero(
+ Fts3Table *p, /* FTS virtual table handle */
+ int iLangid,
+ const char *zTerm, /* Term to scan doclist of */
+ int nTerm, /* Number of bytes in zTerm */
+ Fts3MultiSegReader *pCsr /* Fts3MultiSegReader to modify */
+){
+ return fts3SegReaderCursor(p,
+ iLangid, 0, FTS3_SEGCURSOR_ALL, zTerm, nTerm, 0, 0,pCsr
+ );
+}
+
+/*
+** Open an Fts3MultiSegReader to scan the doclist for term zTerm/nTerm. Or,
+** if isPrefix is true, to scan the doclist for all terms for which
+** zTerm/nTerm is a prefix. If successful, return SQLITE_OK and write
+** a pointer to the new Fts3MultiSegReader to *ppSegcsr. Otherwise, return
+** an SQLite error code.
+**
+** It is the responsibility of the caller to free this object by eventually
+** passing it to fts3SegReaderCursorFree()
+**
+** SQLITE_OK is returned if no error occurs, otherwise an SQLite error code.
+** Output parameter *ppSegcsr is set to 0 if an error occurs.
+*/
+static int fts3TermSegReaderCursor(
+ Fts3Cursor *pCsr, /* Virtual table cursor handle */
+ const char *zTerm, /* Term to query for */
+ int nTerm, /* Size of zTerm in bytes */
+ int isPrefix, /* True for a prefix search */
+ Fts3MultiSegReader **ppSegcsr /* OUT: Allocated seg-reader cursor */
+){
+ Fts3MultiSegReader *pSegcsr; /* Object to allocate and return */
+ int rc = SQLITE_NOMEM; /* Return code */
+
+ pSegcsr = sqlite3_malloc(sizeof(Fts3MultiSegReader));
+ if( pSegcsr ){
+ int i;
+ int bFound = 0; /* True once an index has been found */
+ Fts3Table *p = (Fts3Table *)pCsr->base.pVtab;
+
+ if( isPrefix ){
+ for(i=1; bFound==0 && i<p->nIndex; i++){
+ if( p->aIndex[i].nPrefix==nTerm ){
+ bFound = 1;
+ rc = sqlite3Fts3SegReaderCursor(p, pCsr->iLangid,
+ i, FTS3_SEGCURSOR_ALL, zTerm, nTerm, 0, 0, pSegcsr
+ );
+ pSegcsr->bLookup = 1;
+ }
+ }
+
+ for(i=1; bFound==0 && i<p->nIndex; i++){
+ if( p->aIndex[i].nPrefix==nTerm+1 ){
+ bFound = 1;
+ rc = sqlite3Fts3SegReaderCursor(p, pCsr->iLangid,
+ i, FTS3_SEGCURSOR_ALL, zTerm, nTerm, 1, 0, pSegcsr
+ );
+ if( rc==SQLITE_OK ){
+ rc = fts3SegReaderCursorAddZero(
+ p, pCsr->iLangid, zTerm, nTerm, pSegcsr
+ );
+ }
+ }
+ }
+ }
+
+ if( bFound==0 ){
+ rc = sqlite3Fts3SegReaderCursor(p, pCsr->iLangid,
+ 0, FTS3_SEGCURSOR_ALL, zTerm, nTerm, isPrefix, 0, pSegcsr
+ );
+ pSegcsr->bLookup = !isPrefix;
+ }
+ }
+
+ *ppSegcsr = pSegcsr;
+ return rc;
+}
+
+/*
+** Free an Fts3MultiSegReader allocated by fts3TermSegReaderCursor().
+*/
+static void fts3SegReaderCursorFree(Fts3MultiSegReader *pSegcsr){
+ sqlite3Fts3SegReaderFinish(pSegcsr);
+ sqlite3_free(pSegcsr);
+}
+
+/*
+** This function retrieves the doclist for the specified term (or term
+** prefix) from the database.
+*/
+static int fts3TermSelect(
+ Fts3Table *p, /* Virtual table handle */
+ Fts3PhraseToken *pTok, /* Token to query for */
+ int iColumn, /* Column to query (or -ve for all columns) */
+ int *pnOut, /* OUT: Size of buffer at *ppOut */
+ char **ppOut /* OUT: Malloced result buffer */
+){
+ int rc; /* Return code */
+ Fts3MultiSegReader *pSegcsr; /* Seg-reader cursor for this term */
+ TermSelect tsc; /* Object for pair-wise doclist merging */
+ Fts3SegFilter filter; /* Segment term filter configuration */
+
+ pSegcsr = pTok->pSegcsr;
+ memset(&tsc, 0, sizeof(TermSelect));
+
+ filter.flags = FTS3_SEGMENT_IGNORE_EMPTY | FTS3_SEGMENT_REQUIRE_POS
+ | (pTok->isPrefix ? FTS3_SEGMENT_PREFIX : 0)
+ | (pTok->bFirst ? FTS3_SEGMENT_FIRST : 0)
+ | (iColumn<p->nColumn ? FTS3_SEGMENT_COLUMN_FILTER : 0);
+ filter.iCol = iColumn;
+ filter.zTerm = pTok->z;
+ filter.nTerm = pTok->n;
+
+ rc = sqlite3Fts3SegReaderStart(p, pSegcsr, &filter);
+ while( SQLITE_OK==rc
+ && SQLITE_ROW==(rc = sqlite3Fts3SegReaderStep(p, pSegcsr))
+ ){
+ rc = fts3TermSelectMerge(p, &tsc, pSegcsr->aDoclist, pSegcsr->nDoclist);
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = fts3TermSelectFinishMerge(p, &tsc);
+ }
+ if( rc==SQLITE_OK ){
+ *ppOut = tsc.aaOutput[0];
+ *pnOut = tsc.anOutput[0];
+ }else{
+ int i;
+ for(i=0; i<SizeofArray(tsc.aaOutput); i++){
+ sqlite3_free(tsc.aaOutput[i]);
+ }
+ }
+
+ fts3SegReaderCursorFree(pSegcsr);
+ pTok->pSegcsr = 0;
+ return rc;
+}
+
+/*
+** This function counts the total number of docids in the doclist stored
+** in buffer aList[], size nList bytes.
+**
+** If the isPoslist argument is true, then it is assumed that the doclist
+** contains a position-list following each docid. Otherwise, it is assumed
+** that the doclist is simply a list of docids stored as delta encoded
+** varints.
+*/
+static int fts3DoclistCountDocids(char *aList, int nList){
+ int nDoc = 0; /* Return value */
+ if( aList ){
+ char *aEnd = &aList[nList]; /* Pointer to one byte after EOF */
+ char *p = aList; /* Cursor */
+ while( p<aEnd ){
+ nDoc++;
+ while( (*p++)&0x80 ); /* Skip docid varint */
+ fts3PoslistCopy(0, &p); /* Skip over position list */
+ }
+ }
+
+ return nDoc;
+}
+
+/*
+** Advance the cursor to the next row in the %_content table that
+** matches the search criteria. For a MATCH search, this will be
+** the next row that matches. For a full-table scan, this will be
+** simply the next row in the %_content table. For a docid lookup,
+** this routine simply sets the EOF flag.
+**
+** Return SQLITE_OK if nothing goes wrong. SQLITE_OK is returned
+** even if we reach end-of-file. The fts3EofMethod() will be called
+** subsequently to determine whether or not an EOF was hit.
+*/
+static int fts3NextMethod(sqlite3_vtab_cursor *pCursor){
+ int rc;
+ Fts3Cursor *pCsr = (Fts3Cursor *)pCursor;
+ if( pCsr->eSearch==FTS3_DOCID_SEARCH || pCsr->eSearch==FTS3_FULLSCAN_SEARCH ){
+ if( SQLITE_ROW!=sqlite3_step(pCsr->pStmt) ){
+ pCsr->isEof = 1;
+ rc = sqlite3_reset(pCsr->pStmt);
+ }else{
+ pCsr->iPrevId = sqlite3_column_int64(pCsr->pStmt, 0);
+ rc = SQLITE_OK;
+ }
+ }else{
+ rc = fts3EvalNext((Fts3Cursor *)pCursor);
+ }
+ assert( ((Fts3Table *)pCsr->base.pVtab)->pSegments==0 );
+ return rc;
+}
+
+/*
+** The following are copied from sqliteInt.h.
+**
+** Constants for the largest and smallest possible 64-bit signed integers.
+** These macros are designed to work correctly on both 32-bit and 64-bit
+** compilers.
+*/
+#ifndef SQLITE_AMALGAMATION
+# define LARGEST_INT64 (0xffffffff|(((sqlite3_int64)0x7fffffff)<<32))
+# define SMALLEST_INT64 (((sqlite3_int64)-1) - LARGEST_INT64)
+#endif
+
+/*
+** If the numeric type of argument pVal is "integer", then return it
+** converted to a 64-bit signed integer. Otherwise, return a copy of
+** the second parameter, iDefault.
+*/
+static sqlite3_int64 fts3DocidRange(sqlite3_value *pVal, i64 iDefault){
+ if( pVal ){
+ int eType = sqlite3_value_numeric_type(pVal);
+ if( eType==SQLITE_INTEGER ){
+ return sqlite3_value_int64(pVal);
+ }
+ }
+ return iDefault;
+}
+
+/*
+** This is the xFilter interface for the virtual table. See
+** the virtual table xFilter method documentation for additional
+** information.
+**
+** If idxNum==FTS3_FULLSCAN_SEARCH then do a full table scan against
+** the %_content table.
+**
+** If idxNum==FTS3_DOCID_SEARCH then do a docid lookup for a single entry
+** in the %_content table.
+**
+** If idxNum>=FTS3_FULLTEXT_SEARCH then use the full text index. The
+** column on the left-hand side of the MATCH operator is column
+** number idxNum-FTS3_FULLTEXT_SEARCH, 0 indexed. argv[0] is the right-hand
+** side of the MATCH operator.
+*/
+static int fts3FilterMethod(
+ sqlite3_vtab_cursor *pCursor, /* The cursor used for this query */
+ int idxNum, /* Strategy index */
+ const char *idxStr, /* Unused */
+ int nVal, /* Number of elements in apVal */
+ sqlite3_value **apVal /* Arguments for the indexing scheme */
+){
+ int rc = SQLITE_OK;
+ char *zSql; /* SQL statement used to access %_content */
+ int eSearch;
+ Fts3Table *p = (Fts3Table *)pCursor->pVtab;
+ Fts3Cursor *pCsr = (Fts3Cursor *)pCursor;
+
+ sqlite3_value *pCons = 0; /* The MATCH or rowid constraint, if any */
+ sqlite3_value *pLangid = 0; /* The "langid = ?" constraint, if any */
+ sqlite3_value *pDocidGe = 0; /* The "docid >= ?" constraint, if any */
+ sqlite3_value *pDocidLe = 0; /* The "docid <= ?" constraint, if any */
+ int iIdx;
+
+ UNUSED_PARAMETER(idxStr);
+ UNUSED_PARAMETER(nVal);
+
+ eSearch = (idxNum & 0x0000FFFF);
+ assert( eSearch>=0 && eSearch<=(FTS3_FULLTEXT_SEARCH+p->nColumn) );
+ assert( p->pSegments==0 );
+
+ /* Collect arguments into local variables */
+ iIdx = 0;
+ if( eSearch!=FTS3_FULLSCAN_SEARCH ) pCons = apVal[iIdx++];
+ if( idxNum & FTS3_HAVE_LANGID ) pLangid = apVal[iIdx++];
+ if( idxNum & FTS3_HAVE_DOCID_GE ) pDocidGe = apVal[iIdx++];
+ if( idxNum & FTS3_HAVE_DOCID_LE ) pDocidLe = apVal[iIdx++];
+ assert( iIdx==nVal );
+
+ /* In case the cursor has been used before, clear it now. */
+ sqlite3_finalize(pCsr->pStmt);
+ sqlite3_free(pCsr->aDoclist);
+ sqlite3Fts3MIBufferFree(pCsr->pMIBuffer);
+ sqlite3Fts3ExprFree(pCsr->pExpr);
+ memset(&pCursor[1], 0, sizeof(Fts3Cursor)-sizeof(sqlite3_vtab_cursor));
+
+ /* Set the lower and upper bounds on docids to return */
+ pCsr->iMinDocid = fts3DocidRange(pDocidGe, SMALLEST_INT64);
+ pCsr->iMaxDocid = fts3DocidRange(pDocidLe, LARGEST_INT64);
+
+ if( idxStr ){
+ pCsr->bDesc = (idxStr[0]=='D');
+ }else{
+ pCsr->bDesc = p->bDescIdx;
+ }
+ pCsr->eSearch = (i16)eSearch;
+
+ if( eSearch!=FTS3_DOCID_SEARCH && eSearch!=FTS3_FULLSCAN_SEARCH ){
+ int iCol = eSearch-FTS3_FULLTEXT_SEARCH;
+ const char *zQuery = (const char *)sqlite3_value_text(pCons);
+
+ if( zQuery==0 && sqlite3_value_type(pCons)!=SQLITE_NULL ){
+ return SQLITE_NOMEM;
+ }
+
+ pCsr->iLangid = 0;
+ if( pLangid ) pCsr->iLangid = sqlite3_value_int(pLangid);
+
+ assert( p->base.zErrMsg==0 );
+ rc = sqlite3Fts3ExprParse(p->pTokenizer, pCsr->iLangid,
+ p->azColumn, p->bFts4, p->nColumn, iCol, zQuery, -1, &pCsr->pExpr,
+ &p->base.zErrMsg
+ );
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ rc = fts3EvalStart(pCsr);
+ sqlite3Fts3SegmentsClose(p);
+ if( rc!=SQLITE_OK ) return rc;
+ pCsr->pNextId = pCsr->aDoclist;
+ pCsr->iPrevId = 0;
+ }
+
+ /* Compile a SELECT statement for this cursor. For a full-table-scan, the
+ ** statement loops through all rows of the %_content table. For a
+ ** full-text query or docid lookup, the statement retrieves a single
+ ** row by docid.
+ */
+ if( eSearch==FTS3_FULLSCAN_SEARCH ){
+ if( pDocidGe || pDocidLe ){
+ zSql = sqlite3_mprintf(
+ "SELECT %s WHERE rowid BETWEEN %lld AND %lld ORDER BY rowid %s",
+ p->zReadExprlist, pCsr->iMinDocid, pCsr->iMaxDocid,
+ (pCsr->bDesc ? "DESC" : "ASC")
+ );
+ }else{
+ zSql = sqlite3_mprintf("SELECT %s ORDER BY rowid %s",
+ p->zReadExprlist, (pCsr->bDesc ? "DESC" : "ASC")
+ );
+ }
+ if( zSql ){
+ rc = sqlite3_prepare_v2(p->db, zSql, -1, &pCsr->pStmt, 0);
+ sqlite3_free(zSql);
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ }else if( eSearch==FTS3_DOCID_SEARCH ){
+ rc = fts3CursorSeekStmt(pCsr, &pCsr->pStmt);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_bind_value(pCsr->pStmt, 1, pCons);
+ }
+ }
+ if( rc!=SQLITE_OK ) return rc;
+
+ return fts3NextMethod(pCursor);
+}
+
+/*
+** This is the xEof method of the virtual table. SQLite calls this
+** routine to find out if it has reached the end of a result set.
+*/
+static int fts3EofMethod(sqlite3_vtab_cursor *pCursor){
+ return ((Fts3Cursor *)pCursor)->isEof;
+}
+
+/*
+** This is the xRowid method. The SQLite core calls this routine to
+** retrieve the rowid for the current row of the result set. fts3
+** exposes %_content.docid as the rowid for the virtual table. The
+** rowid should be written to *pRowid.
+*/
+static int fts3RowidMethod(sqlite3_vtab_cursor *pCursor, sqlite_int64 *pRowid){
+ Fts3Cursor *pCsr = (Fts3Cursor *) pCursor;
+ *pRowid = pCsr->iPrevId;
+ return SQLITE_OK;
+}
+
+/*
+** This is the xColumn method, called by SQLite to request a value from
+** the row that the supplied cursor currently points to.
+**
+** If:
+**
+** (iCol < p->nColumn) -> The value of the iCol'th user column.
+** (iCol == p->nColumn) -> Magic column with the same name as the table.
+** (iCol == p->nColumn+1) -> Docid column
+** (iCol == p->nColumn+2) -> Langid column
+*/
+static int fts3ColumnMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite3_context *pCtx, /* Context for sqlite3_result_xxx() calls */
+ int iCol /* Index of column to read value from */
+){
+ int rc = SQLITE_OK; /* Return Code */
+ Fts3Cursor *pCsr = (Fts3Cursor *) pCursor;
+ Fts3Table *p = (Fts3Table *)pCursor->pVtab;
+
+ /* The column value supplied by SQLite must be in range. */
+ assert( iCol>=0 && iCol<=p->nColumn+2 );
+
+ if( iCol==p->nColumn+1 ){
+ /* This call is a request for the "docid" column. Since "docid" is an
+ ** alias for "rowid", use the xRowid() method to obtain the value.
+ */
+ sqlite3_result_int64(pCtx, pCsr->iPrevId);
+ }else if( iCol==p->nColumn ){
+ /* The extra column whose name is the same as the table.
+ ** Return a blob which is a pointer to the cursor. */
+ sqlite3_result_blob(pCtx, &pCsr, sizeof(pCsr), SQLITE_TRANSIENT);
+ }else if( iCol==p->nColumn+2 && pCsr->pExpr ){
+ sqlite3_result_int64(pCtx, pCsr->iLangid);
+ }else{
+ /* The requested column is either a user column (one that contains
+ ** indexed data), or the language-id column. */
+ rc = fts3CursorSeek(0, pCsr);
+
+ if( rc==SQLITE_OK ){
+ if( iCol==p->nColumn+2 ){
+ int iLangid = 0;
+ if( p->zLanguageid ){
+ iLangid = sqlite3_column_int(pCsr->pStmt, p->nColumn+1);
+ }
+ sqlite3_result_int(pCtx, iLangid);
+ }else if( sqlite3_data_count(pCsr->pStmt)>(iCol+1) ){
+ sqlite3_result_value(pCtx, sqlite3_column_value(pCsr->pStmt, iCol+1));
+ }
+ }
+ }
+
+ assert( ((Fts3Table *)pCsr->base.pVtab)->pSegments==0 );
+ return rc;
+}
+
+/*
+** This function is the implementation of the xUpdate callback used by
+** FTS3 virtual tables. It is invoked by SQLite each time a row is to be
+** inserted, updated or deleted.
+*/
+static int fts3UpdateMethod(
+ sqlite3_vtab *pVtab, /* Virtual table handle */
+ int nArg, /* Size of argument array */
+ sqlite3_value **apVal, /* Array of arguments */
+ sqlite_int64 *pRowid /* OUT: The affected (or effected) rowid */
+){
+ return sqlite3Fts3UpdateMethod(pVtab, nArg, apVal, pRowid);
+}
+
+/*
+** Implementation of xSync() method. Flush the contents of the pending-terms
+** hash-table to the database.
+*/
+static int fts3SyncMethod(sqlite3_vtab *pVtab){
+
+ /* Following an incremental-merge operation, assuming that the input
+ ** segments are not completely consumed (the usual case), they are updated
+ ** in place to remove the entries that have already been merged. This
+ ** involves updating the leaf block that contains the smallest unmerged
+ ** entry and each block (if any) between the leaf and the root node. So
+ ** if the height of the input segment b-trees is N, and input segments
+ ** are merged eight at a time, updating the input segments at the end
+ ** of an incremental-merge requires writing (8*(1+N)) blocks. N is usually
+ ** small - often between 0 and 2. So the overhead of the incremental
+ ** merge is somewhere between 8 and 24 blocks. To avoid this overhead
+ ** dwarfing the actual productive work accomplished, the incremental merge
+ ** is only attempted if it will write at least 64 leaf blocks. Hence
+ ** nMinMerge.
+ **
+ ** Of course, updating the input segments also involves deleting a bunch
+ ** of blocks from the segments table. But this is not considered overhead
+ ** as it would also be required by a crisis-merge that used the same input
+ ** segments.
+ */
+ const u32 nMinMerge = 64; /* Minimum amount of incr-merge work to do */
+
+ Fts3Table *p = (Fts3Table*)pVtab;
+ int rc = sqlite3Fts3PendingTermsFlush(p);
+
+ if( rc==SQLITE_OK
+ && p->nLeafAdd>(nMinMerge/16)
+ && p->nAutoincrmerge && p->nAutoincrmerge!=0xff
+ ){
+ int mxLevel = 0; /* Maximum relative level value in db */
+ int A; /* Incr-merge parameter A */
+
+ rc = sqlite3Fts3MaxLevel(p, &mxLevel);
+ assert( rc==SQLITE_OK || mxLevel==0 );
+ A = p->nLeafAdd * mxLevel;
+ A += (A/2);
+ if( A>(int)nMinMerge ) rc = sqlite3Fts3Incrmerge(p, A, p->nAutoincrmerge);
+ }
+ sqlite3Fts3SegmentsClose(p);
+ return rc;
+}
+
+/*
+** If it is currently unknown whether or not the FTS table has an %_stat
+** table (if p->bHasStat==2), attempt to determine this (set p->bHasStat
+** to 0 or 1). Return SQLITE_OK if successful, or an SQLite error code
+** if an error occurs.
+*/
+static int fts3SetHasStat(Fts3Table *p){
+ int rc = SQLITE_OK;
+ if( p->bHasStat==2 ){
+ const char *zFmt ="SELECT 1 FROM %Q.sqlite_master WHERE tbl_name='%q_stat'";
+ char *zSql = sqlite3_mprintf(zFmt, p->zDb, p->zName);
+ if( zSql ){
+ sqlite3_stmt *pStmt = 0;
+ rc = sqlite3_prepare_v2(p->db, zSql, -1, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ int bHasStat = (sqlite3_step(pStmt)==SQLITE_ROW);
+ rc = sqlite3_finalize(pStmt);
+ if( rc==SQLITE_OK ) p->bHasStat = bHasStat;
+ }
+ sqlite3_free(zSql);
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ }
+ return rc;
+}
+
+/*
+** Implementation of xBegin() method.
+*/
+static int fts3BeginMethod(sqlite3_vtab *pVtab){
+ Fts3Table *p = (Fts3Table*)pVtab;
+ UNUSED_PARAMETER(pVtab);
+ assert( p->pSegments==0 );
+ assert( p->nPendingData==0 );
+ assert( p->inTransaction!=1 );
+ TESTONLY( p->inTransaction = 1 );
+ TESTONLY( p->mxSavepoint = -1; );
+ p->nLeafAdd = 0;
+ return fts3SetHasStat(p);
+}
+
+/*
+** Implementation of xCommit() method. This is a no-op. The contents of
+** the pending-terms hash-table have already been flushed into the database
+** by fts3SyncMethod().
+*/
+static int fts3CommitMethod(sqlite3_vtab *pVtab){
+ TESTONLY( Fts3Table *p = (Fts3Table*)pVtab );
+ UNUSED_PARAMETER(pVtab);
+ assert( p->nPendingData==0 );
+ assert( p->inTransaction!=0 );
+ assert( p->pSegments==0 );
+ TESTONLY( p->inTransaction = 0 );
+ TESTONLY( p->mxSavepoint = -1; );
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of xRollback(). Discard the contents of the pending-terms
+** hash-table. Any changes made to the database are reverted by SQLite.
+*/
+static int fts3RollbackMethod(sqlite3_vtab *pVtab){
+ Fts3Table *p = (Fts3Table*)pVtab;
+ sqlite3Fts3PendingTermsClear(p);
+ assert( p->inTransaction!=0 );
+ TESTONLY( p->inTransaction = 0 );
+ TESTONLY( p->mxSavepoint = -1; );
+ return SQLITE_OK;
+}
+
+/*
+** When called, *ppPoslist must point to the byte immediately following the
+** end of a position-list. i.e. ( (*ppPoslist)[-1]==POS_END ). This function
+** moves *ppPoslist so that it instead points to the first byte of the
+** same position list.
+*/
+static void fts3ReversePoslist(char *pStart, char **ppPoslist){
+ char *p = &(*ppPoslist)[-2];
+ char c = 0;
+
+ /* Skip backwards passed any trailing 0x00 bytes added by NearTrim() */
+ while( p>pStart && (c=*p--)==0 );
+
+ /* Search backwards for a varint with value zero (the end of the previous
+ ** poslist). This is an 0x00 byte preceded by some byte that does not
+ ** have the 0x80 bit set. */
+ while( p>pStart && (*p & 0x80) | c ){
+ c = *p--;
+ }
+ assert( p==pStart || c==0 );
+
+ /* At this point p points to that preceding byte without the 0x80 bit
+ ** set. So to find the start of the poslist, skip forward 2 bytes then
+ ** over a varint.
+ **
+ ** Normally. The other case is that p==pStart and the poslist to return
+ ** is the first in the doclist. In this case do not skip forward 2 bytes.
+ ** The second part of the if condition (c==0 && *ppPoslist>&p[2])
+ ** is required for cases where the first byte of a doclist and the
+ ** doclist is empty. For example, if the first docid is 10, a doclist
+ ** that begins with:
+ **
+ ** 0x0A 0x00 <next docid delta varint>
+ */
+ if( p>pStart || (c==0 && *ppPoslist>&p[2]) ){ p = &p[2]; }
+ while( *p++&0x80 );
+ *ppPoslist = p;
+}
+
+/*
+** Helper function used by the implementation of the overloaded snippet(),
+** offsets() and optimize() SQL functions.
+**
+** If the value passed as the third argument is a blob of size
+** sizeof(Fts3Cursor*), then the blob contents are copied to the
+** output variable *ppCsr and SQLITE_OK is returned. Otherwise, an error
+** message is written to context pContext and SQLITE_ERROR returned. The
+** string passed via zFunc is used as part of the error message.
+*/
+static int fts3FunctionArg(
+ sqlite3_context *pContext, /* SQL function call context */
+ const char *zFunc, /* Function name */
+ sqlite3_value *pVal, /* argv[0] passed to function */
+ Fts3Cursor **ppCsr /* OUT: Store cursor handle here */
+){
+ Fts3Cursor *pRet;
+ if( sqlite3_value_type(pVal)!=SQLITE_BLOB
+ || sqlite3_value_bytes(pVal)!=sizeof(Fts3Cursor *)
+ ){
+ char *zErr = sqlite3_mprintf("illegal first argument to %s", zFunc);
+ sqlite3_result_error(pContext, zErr, -1);
+ sqlite3_free(zErr);
+ return SQLITE_ERROR;
+ }
+ memcpy(&pRet, sqlite3_value_blob(pVal), sizeof(Fts3Cursor *));
+ *ppCsr = pRet;
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of the snippet() function for FTS3
+*/
+static void fts3SnippetFunc(
+ sqlite3_context *pContext, /* SQLite function call context */
+ int nVal, /* Size of apVal[] array */
+ sqlite3_value **apVal /* Array of arguments */
+){
+ Fts3Cursor *pCsr; /* Cursor handle passed through apVal[0] */
+ const char *zStart = "<b>";
+ const char *zEnd = "</b>";
+ const char *zEllipsis = "<b>...</b>";
+ int iCol = -1;
+ int nToken = 15; /* Default number of tokens in snippet */
+
+ /* There must be at least one argument passed to this function (otherwise
+ ** the non-overloaded version would have been called instead of this one).
+ */
+ assert( nVal>=1 );
+
+ if( nVal>6 ){
+ sqlite3_result_error(pContext,
+ "wrong number of arguments to function snippet()", -1);
+ return;
+ }
+ if( fts3FunctionArg(pContext, "snippet", apVal[0], &pCsr) ) return;
+
+ switch( nVal ){
+ case 6: nToken = sqlite3_value_int(apVal[5]);
+ case 5: iCol = sqlite3_value_int(apVal[4]);
+ case 4: zEllipsis = (const char*)sqlite3_value_text(apVal[3]);
+ case 3: zEnd = (const char*)sqlite3_value_text(apVal[2]);
+ case 2: zStart = (const char*)sqlite3_value_text(apVal[1]);
+ }
+ if( !zEllipsis || !zEnd || !zStart ){
+ sqlite3_result_error_nomem(pContext);
+ }else if( nToken==0 ){
+ sqlite3_result_text(pContext, "", -1, SQLITE_STATIC);
+ }else if( SQLITE_OK==fts3CursorSeek(pContext, pCsr) ){
+ sqlite3Fts3Snippet(pContext, pCsr, zStart, zEnd, zEllipsis, iCol, nToken);
+ }
+}
+
+/*
+** Implementation of the offsets() function for FTS3
+*/
+static void fts3OffsetsFunc(
+ sqlite3_context *pContext, /* SQLite function call context */
+ int nVal, /* Size of argument array */
+ sqlite3_value **apVal /* Array of arguments */
+){
+ Fts3Cursor *pCsr; /* Cursor handle passed through apVal[0] */
+
+ UNUSED_PARAMETER(nVal);
+
+ assert( nVal==1 );
+ if( fts3FunctionArg(pContext, "offsets", apVal[0], &pCsr) ) return;
+ assert( pCsr );
+ if( SQLITE_OK==fts3CursorSeek(pContext, pCsr) ){
+ sqlite3Fts3Offsets(pContext, pCsr);
+ }
+}
+
+/*
+** Implementation of the special optimize() function for FTS3. This
+** function merges all segments in the database to a single segment.
+** Example usage is:
+**
+** SELECT optimize(t) FROM t LIMIT 1;
+**
+** where 't' is the name of an FTS3 table.
+*/
+static void fts3OptimizeFunc(
+ sqlite3_context *pContext, /* SQLite function call context */
+ int nVal, /* Size of argument array */
+ sqlite3_value **apVal /* Array of arguments */
+){
+ int rc; /* Return code */
+ Fts3Table *p; /* Virtual table handle */
+ Fts3Cursor *pCursor; /* Cursor handle passed through apVal[0] */
+
+ UNUSED_PARAMETER(nVal);
+
+ assert( nVal==1 );
+ if( fts3FunctionArg(pContext, "optimize", apVal[0], &pCursor) ) return;
+ p = (Fts3Table *)pCursor->base.pVtab;
+ assert( p );
+
+ rc = sqlite3Fts3Optimize(p);
+
+ switch( rc ){
+ case SQLITE_OK:
+ sqlite3_result_text(pContext, "Index optimized", -1, SQLITE_STATIC);
+ break;
+ case SQLITE_DONE:
+ sqlite3_result_text(pContext, "Index already optimal", -1, SQLITE_STATIC);
+ break;
+ default:
+ sqlite3_result_error_code(pContext, rc);
+ break;
+ }
+}
+
+/*
+** Implementation of the matchinfo() function for FTS3
+*/
+static void fts3MatchinfoFunc(
+ sqlite3_context *pContext, /* SQLite function call context */
+ int nVal, /* Size of argument array */
+ sqlite3_value **apVal /* Array of arguments */
+){
+ Fts3Cursor *pCsr; /* Cursor handle passed through apVal[0] */
+ assert( nVal==1 || nVal==2 );
+ if( SQLITE_OK==fts3FunctionArg(pContext, "matchinfo", apVal[0], &pCsr) ){
+ const char *zArg = 0;
+ if( nVal>1 ){
+ zArg = (const char *)sqlite3_value_text(apVal[1]);
+ }
+ sqlite3Fts3Matchinfo(pContext, pCsr, zArg);
+ }
+}
+
+/*
+** This routine implements the xFindFunction method for the FTS3
+** virtual table.
+*/
+static int fts3FindFunctionMethod(
+ sqlite3_vtab *pVtab, /* Virtual table handle */
+ int nArg, /* Number of SQL function arguments */
+ const char *zName, /* Name of SQL function */
+ void (**pxFunc)(sqlite3_context*,int,sqlite3_value**), /* OUT: Result */
+ void **ppArg /* Unused */
+){
+ struct Overloaded {
+ const char *zName;
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**);
+ } aOverload[] = {
+ { "snippet", fts3SnippetFunc },
+ { "offsets", fts3OffsetsFunc },
+ { "optimize", fts3OptimizeFunc },
+ { "matchinfo", fts3MatchinfoFunc },
+ };
+ int i; /* Iterator variable */
+
+ UNUSED_PARAMETER(pVtab);
+ UNUSED_PARAMETER(nArg);
+ UNUSED_PARAMETER(ppArg);
+
+ for(i=0; i<SizeofArray(aOverload); i++){
+ if( strcmp(zName, aOverload[i].zName)==0 ){
+ *pxFunc = aOverload[i].xFunc;
+ return 1;
+ }
+ }
+
+ /* No function of the specified name was found. Return 0. */
+ return 0;
+}
+
+/*
+** Implementation of FTS3 xRename method. Rename an fts3 table.
+*/
+static int fts3RenameMethod(
+ sqlite3_vtab *pVtab, /* Virtual table handle */
+ const char *zName /* New name of table */
+){
+ Fts3Table *p = (Fts3Table *)pVtab;
+ sqlite3 *db = p->db; /* Database connection */
+ int rc; /* Return Code */
+
+ /* At this point it must be known if the %_stat table exists or not.
+ ** So bHasStat may not be 2. */
+ rc = fts3SetHasStat(p);
+
+ /* As it happens, the pending terms table is always empty here. This is
+ ** because an "ALTER TABLE RENAME TABLE" statement inside a transaction
+ ** always opens a savepoint transaction. And the xSavepoint() method
+ ** flushes the pending terms table. But leave the (no-op) call to
+ ** PendingTermsFlush() in in case that changes.
+ */
+ assert( p->nPendingData==0 );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3PendingTermsFlush(p);
+ }
+
+ if( p->zContentTbl==0 ){
+ fts3DbExec(&rc, db,
+ "ALTER TABLE %Q.'%q_content' RENAME TO '%q_content';",
+ p->zDb, p->zName, zName
+ );
+ }
+
+ if( p->bHasDocsize ){
+ fts3DbExec(&rc, db,
+ "ALTER TABLE %Q.'%q_docsize' RENAME TO '%q_docsize';",
+ p->zDb, p->zName, zName
+ );
+ }
+ if( p->bHasStat ){
+ fts3DbExec(&rc, db,
+ "ALTER TABLE %Q.'%q_stat' RENAME TO '%q_stat';",
+ p->zDb, p->zName, zName
+ );
+ }
+ fts3DbExec(&rc, db,
+ "ALTER TABLE %Q.'%q_segments' RENAME TO '%q_segments';",
+ p->zDb, p->zName, zName
+ );
+ fts3DbExec(&rc, db,
+ "ALTER TABLE %Q.'%q_segdir' RENAME TO '%q_segdir';",
+ p->zDb, p->zName, zName
+ );
+ return rc;
+}
+
+/*
+** The xSavepoint() method.
+**
+** Flush the contents of the pending-terms table to disk.
+*/
+static int fts3SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
+ int rc = SQLITE_OK;
+ UNUSED_PARAMETER(iSavepoint);
+ assert( ((Fts3Table *)pVtab)->inTransaction );
+ assert( ((Fts3Table *)pVtab)->mxSavepoint < iSavepoint );
+ TESTONLY( ((Fts3Table *)pVtab)->mxSavepoint = iSavepoint );
+ if( ((Fts3Table *)pVtab)->bIgnoreSavepoint==0 ){
+ rc = fts3SyncMethod(pVtab);
+ }
+ return rc;
+}
+
+/*
+** The xRelease() method.
+**
+** This is a no-op.
+*/
+static int fts3ReleaseMethod(sqlite3_vtab *pVtab, int iSavepoint){
+ TESTONLY( Fts3Table *p = (Fts3Table*)pVtab );
+ UNUSED_PARAMETER(iSavepoint);
+ UNUSED_PARAMETER(pVtab);
+ assert( p->inTransaction );
+ assert( p->mxSavepoint >= iSavepoint );
+ TESTONLY( p->mxSavepoint = iSavepoint-1 );
+ return SQLITE_OK;
+}
+
+/*
+** The xRollbackTo() method.
+**
+** Discard the contents of the pending terms table.
+*/
+static int fts3RollbackToMethod(sqlite3_vtab *pVtab, int iSavepoint){
+ Fts3Table *p = (Fts3Table*)pVtab;
+ UNUSED_PARAMETER(iSavepoint);
+ assert( p->inTransaction );
+ assert( p->mxSavepoint >= iSavepoint );
+ TESTONLY( p->mxSavepoint = iSavepoint );
+ sqlite3Fts3PendingTermsClear(p);
+ return SQLITE_OK;
+}
+
+static const sqlite3_module fts3Module = {
+ /* iVersion */ 2,
+ /* xCreate */ fts3CreateMethod,
+ /* xConnect */ fts3ConnectMethod,
+ /* xBestIndex */ fts3BestIndexMethod,
+ /* xDisconnect */ fts3DisconnectMethod,
+ /* xDestroy */ fts3DestroyMethod,
+ /* xOpen */ fts3OpenMethod,
+ /* xClose */ fts3CloseMethod,
+ /* xFilter */ fts3FilterMethod,
+ /* xNext */ fts3NextMethod,
+ /* xEof */ fts3EofMethod,
+ /* xColumn */ fts3ColumnMethod,
+ /* xRowid */ fts3RowidMethod,
+ /* xUpdate */ fts3UpdateMethod,
+ /* xBegin */ fts3BeginMethod,
+ /* xSync */ fts3SyncMethod,
+ /* xCommit */ fts3CommitMethod,
+ /* xRollback */ fts3RollbackMethod,
+ /* xFindFunction */ fts3FindFunctionMethod,
+ /* xRename */ fts3RenameMethod,
+ /* xSavepoint */ fts3SavepointMethod,
+ /* xRelease */ fts3ReleaseMethod,
+ /* xRollbackTo */ fts3RollbackToMethod,
+};
+
+/*
+** This function is registered as the module destructor (called when an
+** FTS3 enabled database connection is closed). It frees the memory
+** allocated for the tokenizer hash table.
+*/
+static void hashDestroy(void *p){
+ Fts3Hash *pHash = (Fts3Hash *)p;
+ sqlite3Fts3HashClear(pHash);
+ sqlite3_free(pHash);
+}
+
+/*
+** The fts3 built-in tokenizers - "simple", "porter" and "icu"- are
+** implemented in files fts3_tokenizer1.c, fts3_porter.c and fts3_icu.c
+** respectively. The following three forward declarations are for functions
+** declared in these files used to retrieve the respective implementations.
+**
+** Calling sqlite3Fts3SimpleTokenizerModule() sets the value pointed
+** to by the argument to point to the "simple" tokenizer implementation.
+** And so on.
+*/
+SQLITE_PRIVATE void sqlite3Fts3SimpleTokenizerModule(sqlite3_tokenizer_module const**ppModule);
+SQLITE_PRIVATE void sqlite3Fts3PorterTokenizerModule(sqlite3_tokenizer_module const**ppModule);
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+SQLITE_PRIVATE void sqlite3Fts3UnicodeTokenizer(sqlite3_tokenizer_module const**ppModule);
+#endif
+#ifdef SQLITE_ENABLE_ICU
+SQLITE_PRIVATE void sqlite3Fts3IcuTokenizerModule(sqlite3_tokenizer_module const**ppModule);
+#endif
+
+/*
+** Initialize the fts3 extension. If this extension is built as part
+** of the sqlite library, then this function is called directly by
+** SQLite. If fts3 is built as a dynamically loadable extension, this
+** function is called by the sqlite3_extension_init() entry point.
+*/
+SQLITE_PRIVATE int sqlite3Fts3Init(sqlite3 *db){
+ int rc = SQLITE_OK;
+ Fts3Hash *pHash = 0;
+ const sqlite3_tokenizer_module *pSimple = 0;
+ const sqlite3_tokenizer_module *pPorter = 0;
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+ const sqlite3_tokenizer_module *pUnicode = 0;
+#endif
+
+#ifdef SQLITE_ENABLE_ICU
+ const sqlite3_tokenizer_module *pIcu = 0;
+ sqlite3Fts3IcuTokenizerModule(&pIcu);
+#endif
+
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+ sqlite3Fts3UnicodeTokenizer(&pUnicode);
+#endif
+
+#ifdef SQLITE_TEST
+ rc = sqlite3Fts3InitTerm(db);
+ if( rc!=SQLITE_OK ) return rc;
+#endif
+
+ rc = sqlite3Fts3InitAux(db);
+ if( rc!=SQLITE_OK ) return rc;
+
+ sqlite3Fts3SimpleTokenizerModule(&pSimple);
+ sqlite3Fts3PorterTokenizerModule(&pPorter);
+
+ /* Allocate and initialize the hash-table used to store tokenizers. */
+ pHash = sqlite3_malloc(sizeof(Fts3Hash));
+ if( !pHash ){
+ rc = SQLITE_NOMEM;
+ }else{
+ sqlite3Fts3HashInit(pHash, FTS3_HASH_STRING, 1);
+ }
+
+ /* Load the built-in tokenizers into the hash table */
+ if( rc==SQLITE_OK ){
+ if( sqlite3Fts3HashInsert(pHash, "simple", 7, (void *)pSimple)
+ || sqlite3Fts3HashInsert(pHash, "porter", 7, (void *)pPorter)
+
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+ || sqlite3Fts3HashInsert(pHash, "unicode61", 10, (void *)pUnicode)
+#endif
+#ifdef SQLITE_ENABLE_ICU
+ || (pIcu && sqlite3Fts3HashInsert(pHash, "icu", 4, (void *)pIcu))
+#endif
+ ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+
+#ifdef SQLITE_TEST
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3ExprInitTestInterface(db);
+ }
+#endif
+
+ /* Create the virtual table wrapper around the hash-table and overload
+ ** the two scalar functions. If this is successful, register the
+ ** module with sqlite.
+ */
+ if( SQLITE_OK==rc
+ && SQLITE_OK==(rc = sqlite3Fts3InitHashTable(db, pHash, "fts3_tokenizer"))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "snippet", -1))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "offsets", 1))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "matchinfo", 1))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "matchinfo", 2))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "optimize", 1))
+ ){
+ rc = sqlite3_create_module_v2(
+ db, "fts3", &fts3Module, (void *)pHash, hashDestroy
+ );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_module_v2(
+ db, "fts4", &fts3Module, (void *)pHash, 0
+ );
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3InitTok(db, (void *)pHash);
+ }
+ return rc;
+ }
+
+
+ /* An error has occurred. Delete the hash table and return the error code. */
+ assert( rc!=SQLITE_OK );
+ if( pHash ){
+ sqlite3Fts3HashClear(pHash);
+ sqlite3_free(pHash);
+ }
+ return rc;
+}
+
+/*
+** Allocate an Fts3MultiSegReader for each token in the expression headed
+** by pExpr.
+**
+** An Fts3SegReader object is a cursor that can seek or scan a range of
+** entries within a single segment b-tree. An Fts3MultiSegReader uses multiple
+** Fts3SegReader objects internally to provide an interface to seek or scan
+** within the union of all segments of a b-tree. Hence the name.
+**
+** If the allocated Fts3MultiSegReader just seeks to a single entry in a
+** segment b-tree (if the term is not a prefix or it is a prefix for which
+** there exists prefix b-tree of the right length) then it may be traversed
+** and merged incrementally. Otherwise, it has to be merged into an in-memory
+** doclist and then traversed.
+*/
+static void fts3EvalAllocateReaders(
+ Fts3Cursor *pCsr, /* FTS cursor handle */
+ Fts3Expr *pExpr, /* Allocate readers for this expression */
+ int *pnToken, /* OUT: Total number of tokens in phrase. */
+ int *pnOr, /* OUT: Total number of OR nodes in expr. */
+ int *pRc /* IN/OUT: Error code */
+){
+ if( pExpr && SQLITE_OK==*pRc ){
+ if( pExpr->eType==FTSQUERY_PHRASE ){
+ int i;
+ int nToken = pExpr->pPhrase->nToken;
+ *pnToken += nToken;
+ for(i=0; i<nToken; i++){
+ Fts3PhraseToken *pToken = &pExpr->pPhrase->aToken[i];
+ int rc = fts3TermSegReaderCursor(pCsr,
+ pToken->z, pToken->n, pToken->isPrefix, &pToken->pSegcsr
+ );
+ if( rc!=SQLITE_OK ){
+ *pRc = rc;
+ return;
+ }
+ }
+ assert( pExpr->pPhrase->iDoclistToken==0 );
+ pExpr->pPhrase->iDoclistToken = -1;
+ }else{
+ *pnOr += (pExpr->eType==FTSQUERY_OR);
+ fts3EvalAllocateReaders(pCsr, pExpr->pLeft, pnToken, pnOr, pRc);
+ fts3EvalAllocateReaders(pCsr, pExpr->pRight, pnToken, pnOr, pRc);
+ }
+ }
+}
+
+/*
+** Arguments pList/nList contain the doclist for token iToken of phrase p.
+** It is merged into the main doclist stored in p->doclist.aAll/nAll.
+**
+** This function assumes that pList points to a buffer allocated using
+** sqlite3_malloc(). This function takes responsibility for eventually
+** freeing the buffer.
+**
+** SQLITE_OK is returned if successful, or SQLITE_NOMEM if an error occurs.
+*/
+static int fts3EvalPhraseMergeToken(
+ Fts3Table *pTab, /* FTS Table pointer */
+ Fts3Phrase *p, /* Phrase to merge pList/nList into */
+ int iToken, /* Token pList/nList corresponds to */
+ char *pList, /* Pointer to doclist */
+ int nList /* Number of bytes in pList */
+){
+ int rc = SQLITE_OK;
+ assert( iToken!=p->iDoclistToken );
+
+ if( pList==0 ){
+ sqlite3_free(p->doclist.aAll);
+ p->doclist.aAll = 0;
+ p->doclist.nAll = 0;
+ }
+
+ else if( p->iDoclistToken<0 ){
+ p->doclist.aAll = pList;
+ p->doclist.nAll = nList;
+ }
+
+ else if( p->doclist.aAll==0 ){
+ sqlite3_free(pList);
+ }
+
+ else {
+ char *pLeft;
+ char *pRight;
+ int nLeft;
+ int nRight;
+ int nDiff;
+
+ if( p->iDoclistToken<iToken ){
+ pLeft = p->doclist.aAll;
+ nLeft = p->doclist.nAll;
+ pRight = pList;
+ nRight = nList;
+ nDiff = iToken - p->iDoclistToken;
+ }else{
+ pRight = p->doclist.aAll;
+ nRight = p->doclist.nAll;
+ pLeft = pList;
+ nLeft = nList;
+ nDiff = p->iDoclistToken - iToken;
+ }
+
+ rc = fts3DoclistPhraseMerge(
+ pTab->bDescIdx, nDiff, pLeft, nLeft, &pRight, &nRight
+ );
+ sqlite3_free(pLeft);
+ p->doclist.aAll = pRight;
+ p->doclist.nAll = nRight;
+ }
+
+ if( iToken>p->iDoclistToken ) p->iDoclistToken = iToken;
+ return rc;
+}
+
+/*
+** Load the doclist for phrase p into p->doclist.aAll/nAll. The loaded doclist
+** does not take deferred tokens into account.
+**
+** SQLITE_OK is returned if no error occurs, otherwise an SQLite error code.
+*/
+static int fts3EvalPhraseLoad(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Phrase *p /* Phrase object */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int iToken;
+ int rc = SQLITE_OK;
+
+ for(iToken=0; rc==SQLITE_OK && iToken<p->nToken; iToken++){
+ Fts3PhraseToken *pToken = &p->aToken[iToken];
+ assert( pToken->pDeferred==0 || pToken->pSegcsr==0 );
+
+ if( pToken->pSegcsr ){
+ int nThis = 0;
+ char *pThis = 0;
+ rc = fts3TermSelect(pTab, pToken, p->iColumn, &nThis, &pThis);
+ if( rc==SQLITE_OK ){
+ rc = fts3EvalPhraseMergeToken(pTab, p, iToken, pThis, nThis);
+ }
+ }
+ assert( pToken->pSegcsr==0 );
+ }
+
+ return rc;
+}
+
+/*
+** This function is called on each phrase after the position lists for
+** any deferred tokens have been loaded into memory. It updates the phrases
+** current position list to include only those positions that are really
+** instances of the phrase (after considering deferred tokens). If this
+** means that the phrase does not appear in the current row, doclist.pList
+** and doclist.nList are both zeroed.
+**
+** SQLITE_OK is returned if no error occurs, otherwise an SQLite error code.
+*/
+static int fts3EvalDeferredPhrase(Fts3Cursor *pCsr, Fts3Phrase *pPhrase){
+ int iToken; /* Used to iterate through phrase tokens */
+ char *aPoslist = 0; /* Position list for deferred tokens */
+ int nPoslist = 0; /* Number of bytes in aPoslist */
+ int iPrev = -1; /* Token number of previous deferred token */
+
+ assert( pPhrase->doclist.bFreeList==0 );
+
+ for(iToken=0; iToken<pPhrase->nToken; iToken++){
+ Fts3PhraseToken *pToken = &pPhrase->aToken[iToken];
+ Fts3DeferredToken *pDeferred = pToken->pDeferred;
+
+ if( pDeferred ){
+ char *pList;
+ int nList;
+ int rc = sqlite3Fts3DeferredTokenList(pDeferred, &pList, &nList);
+ if( rc!=SQLITE_OK ) return rc;
+
+ if( pList==0 ){
+ sqlite3_free(aPoslist);
+ pPhrase->doclist.pList = 0;
+ pPhrase->doclist.nList = 0;
+ return SQLITE_OK;
+
+ }else if( aPoslist==0 ){
+ aPoslist = pList;
+ nPoslist = nList;
+
+ }else{
+ char *aOut = pList;
+ char *p1 = aPoslist;
+ char *p2 = aOut;
+
+ assert( iPrev>=0 );
+ fts3PoslistPhraseMerge(&aOut, iToken-iPrev, 0, 1, &p1, &p2);
+ sqlite3_free(aPoslist);
+ aPoslist = pList;
+ nPoslist = (int)(aOut - aPoslist);
+ if( nPoslist==0 ){
+ sqlite3_free(aPoslist);
+ pPhrase->doclist.pList = 0;
+ pPhrase->doclist.nList = 0;
+ return SQLITE_OK;
+ }
+ }
+ iPrev = iToken;
+ }
+ }
+
+ if( iPrev>=0 ){
+ int nMaxUndeferred = pPhrase->iDoclistToken;
+ if( nMaxUndeferred<0 ){
+ pPhrase->doclist.pList = aPoslist;
+ pPhrase->doclist.nList = nPoslist;
+ pPhrase->doclist.iDocid = pCsr->iPrevId;
+ pPhrase->doclist.bFreeList = 1;
+ }else{
+ int nDistance;
+ char *p1;
+ char *p2;
+ char *aOut;
+
+ if( nMaxUndeferred>iPrev ){
+ p1 = aPoslist;
+ p2 = pPhrase->doclist.pList;
+ nDistance = nMaxUndeferred - iPrev;
+ }else{
+ p1 = pPhrase->doclist.pList;
+ p2 = aPoslist;
+ nDistance = iPrev - nMaxUndeferred;
+ }
+
+ aOut = (char *)sqlite3_malloc(nPoslist+8);
+ if( !aOut ){
+ sqlite3_free(aPoslist);
+ return SQLITE_NOMEM;
+ }
+
+ pPhrase->doclist.pList = aOut;
+ if( fts3PoslistPhraseMerge(&aOut, nDistance, 0, 1, &p1, &p2) ){
+ pPhrase->doclist.bFreeList = 1;
+ pPhrase->doclist.nList = (int)(aOut - pPhrase->doclist.pList);
+ }else{
+ sqlite3_free(aOut);
+ pPhrase->doclist.pList = 0;
+ pPhrase->doclist.nList = 0;
+ }
+ sqlite3_free(aPoslist);
+ }
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Maximum number of tokens a phrase may have to be considered for the
+** incremental doclists strategy.
+*/
+#define MAX_INCR_PHRASE_TOKENS 4
+
+/*
+** This function is called for each Fts3Phrase in a full-text query
+** expression to initialize the mechanism for returning rows. Once this
+** function has been called successfully on an Fts3Phrase, it may be
+** used with fts3EvalPhraseNext() to iterate through the matching docids.
+**
+** If parameter bOptOk is true, then the phrase may (or may not) use the
+** incremental loading strategy. Otherwise, the entire doclist is loaded into
+** memory within this call.
+**
+** SQLITE_OK is returned if no error occurs, otherwise an SQLite error code.
+*/
+static int fts3EvalPhraseStart(Fts3Cursor *pCsr, int bOptOk, Fts3Phrase *p){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int rc = SQLITE_OK; /* Error code */
+ int i;
+
+ /* Determine if doclists may be loaded from disk incrementally. This is
+ ** possible if the bOptOk argument is true, the FTS doclists will be
+ ** scanned in forward order, and the phrase consists of
+ ** MAX_INCR_PHRASE_TOKENS or fewer tokens, none of which are are "^first"
+ ** tokens or prefix tokens that cannot use a prefix-index. */
+ int bHaveIncr = 0;
+ int bIncrOk = (bOptOk
+ && pCsr->bDesc==pTab->bDescIdx
+ && p->nToken<=MAX_INCR_PHRASE_TOKENS && p->nToken>0
+#ifdef SQLITE_TEST
+ && pTab->bNoIncrDoclist==0
+#endif
+ );
+ for(i=0; bIncrOk==1 && i<p->nToken; i++){
+ Fts3PhraseToken *pToken = &p->aToken[i];
+ if( pToken->bFirst || (pToken->pSegcsr!=0 && !pToken->pSegcsr->bLookup) ){
+ bIncrOk = 0;
+ }
+ if( pToken->pSegcsr ) bHaveIncr = 1;
+ }
+
+ if( bIncrOk && bHaveIncr ){
+ /* Use the incremental approach. */
+ int iCol = (p->iColumn >= pTab->nColumn ? -1 : p->iColumn);
+ for(i=0; rc==SQLITE_OK && i<p->nToken; i++){
+ Fts3PhraseToken *pToken = &p->aToken[i];
+ Fts3MultiSegReader *pSegcsr = pToken->pSegcsr;
+ if( pSegcsr ){
+ rc = sqlite3Fts3MsrIncrStart(pTab, pSegcsr, iCol, pToken->z, pToken->n);
+ }
+ }
+ p->bIncr = 1;
+ }else{
+ /* Load the full doclist for the phrase into memory. */
+ rc = fts3EvalPhraseLoad(pCsr, p);
+ p->bIncr = 0;
+ }
+
+ assert( rc!=SQLITE_OK || p->nToken<1 || p->aToken[0].pSegcsr==0 || p->bIncr );
+ return rc;
+}
+
+/*
+** This function is used to iterate backwards (from the end to start)
+** through doclists. It is used by this module to iterate through phrase
+** doclists in reverse and by the fts3_write.c module to iterate through
+** pending-terms lists when writing to databases with "order=desc".
+**
+** The doclist may be sorted in ascending (parameter bDescIdx==0) or
+** descending (parameter bDescIdx==1) order of docid. Regardless, this
+** function iterates from the end of the doclist to the beginning.
+*/
+SQLITE_PRIVATE void sqlite3Fts3DoclistPrev(
+ int bDescIdx, /* True if the doclist is desc */
+ char *aDoclist, /* Pointer to entire doclist */
+ int nDoclist, /* Length of aDoclist in bytes */
+ char **ppIter, /* IN/OUT: Iterator pointer */
+ sqlite3_int64 *piDocid, /* IN/OUT: Docid pointer */
+ int *pnList, /* OUT: List length pointer */
+ u8 *pbEof /* OUT: End-of-file flag */
+){
+ char *p = *ppIter;
+
+ assert( nDoclist>0 );
+ assert( *pbEof==0 );
+ assert( p || *piDocid==0 );
+ assert( !p || (p>aDoclist && p<&aDoclist[nDoclist]) );
+
+ if( p==0 ){
+ sqlite3_int64 iDocid = 0;
+ char *pNext = 0;
+ char *pDocid = aDoclist;
+ char *pEnd = &aDoclist[nDoclist];
+ int iMul = 1;
+
+ while( pDocid<pEnd ){
+ sqlite3_int64 iDelta;
+ pDocid += sqlite3Fts3GetVarint(pDocid, &iDelta);
+ iDocid += (iMul * iDelta);
+ pNext = pDocid;
+ fts3PoslistCopy(0, &pDocid);
+ while( pDocid<pEnd && *pDocid==0 ) pDocid++;
+ iMul = (bDescIdx ? -1 : 1);
+ }
+
+ *pnList = (int)(pEnd - pNext);
+ *ppIter = pNext;
+ *piDocid = iDocid;
+ }else{
+ int iMul = (bDescIdx ? -1 : 1);
+ sqlite3_int64 iDelta;
+ fts3GetReverseVarint(&p, aDoclist, &iDelta);
+ *piDocid -= (iMul * iDelta);
+
+ if( p==aDoclist ){
+ *pbEof = 1;
+ }else{
+ char *pSave = p;
+ fts3ReversePoslist(aDoclist, &p);
+ *pnList = (int)(pSave - p);
+ }
+ *ppIter = p;
+ }
+}
+
+/*
+** Iterate forwards through a doclist.
+*/
+SQLITE_PRIVATE void sqlite3Fts3DoclistNext(
+ int bDescIdx, /* True if the doclist is desc */
+ char *aDoclist, /* Pointer to entire doclist */
+ int nDoclist, /* Length of aDoclist in bytes */
+ char **ppIter, /* IN/OUT: Iterator pointer */
+ sqlite3_int64 *piDocid, /* IN/OUT: Docid pointer */
+ u8 *pbEof /* OUT: End-of-file flag */
+){
+ char *p = *ppIter;
+
+ assert( nDoclist>0 );
+ assert( *pbEof==0 );
+ assert( p || *piDocid==0 );
+ assert( !p || (p>=aDoclist && p<=&aDoclist[nDoclist]) );
+
+ if( p==0 ){
+ p = aDoclist;
+ p += sqlite3Fts3GetVarint(p, piDocid);
+ }else{
+ fts3PoslistCopy(0, &p);
+ while( p<&aDoclist[nDoclist] && *p==0 ) p++;
+ if( p>=&aDoclist[nDoclist] ){
+ *pbEof = 1;
+ }else{
+ sqlite3_int64 iVar;
+ p += sqlite3Fts3GetVarint(p, &iVar);
+ *piDocid += ((bDescIdx ? -1 : 1) * iVar);
+ }
+ }
+
+ *ppIter = p;
+}
+
+/*
+** Advance the iterator pDL to the next entry in pDL->aAll/nAll. Set *pbEof
+** to true if EOF is reached.
+*/
+static void fts3EvalDlPhraseNext(
+ Fts3Table *pTab,
+ Fts3Doclist *pDL,
+ u8 *pbEof
+){
+ char *pIter; /* Used to iterate through aAll */
+ char *pEnd = &pDL->aAll[pDL->nAll]; /* 1 byte past end of aAll */
+
+ if( pDL->pNextDocid ){
+ pIter = pDL->pNextDocid;
+ }else{
+ pIter = pDL->aAll;
+ }
+
+ if( pIter>=pEnd ){
+ /* We have already reached the end of this doclist. EOF. */
+ *pbEof = 1;
+ }else{
+ sqlite3_int64 iDelta;
+ pIter += sqlite3Fts3GetVarint(pIter, &iDelta);
+ if( pTab->bDescIdx==0 || pDL->pNextDocid==0 ){
+ pDL->iDocid += iDelta;
+ }else{
+ pDL->iDocid -= iDelta;
+ }
+ pDL->pList = pIter;
+ fts3PoslistCopy(0, &pIter);
+ pDL->nList = (int)(pIter - pDL->pList);
+
+ /* pIter now points just past the 0x00 that terminates the position-
+ ** list for document pDL->iDocid. However, if this position-list was
+ ** edited in place by fts3EvalNearTrim(), then pIter may not actually
+ ** point to the start of the next docid value. The following line deals
+ ** with this case by advancing pIter past the zero-padding added by
+ ** fts3EvalNearTrim(). */
+ while( pIter<pEnd && *pIter==0 ) pIter++;
+
+ pDL->pNextDocid = pIter;
+ assert( pIter>=&pDL->aAll[pDL->nAll] || *pIter );
+ *pbEof = 0;
+ }
+}
+
+/*
+** Helper type used by fts3EvalIncrPhraseNext() and incrPhraseTokenNext().
+*/
+typedef struct TokenDoclist TokenDoclist;
+struct TokenDoclist {
+ int bIgnore;
+ sqlite3_int64 iDocid;
+ char *pList;
+ int nList;
+};
+
+/*
+** Token pToken is an incrementally loaded token that is part of a
+** multi-token phrase. Advance it to the next matching document in the
+** database and populate output variable *p with the details of the new
+** entry. Or, if the iterator has reached EOF, set *pbEof to true.
+**
+** If an error occurs, return an SQLite error code. Otherwise, return
+** SQLITE_OK.
+*/
+static int incrPhraseTokenNext(
+ Fts3Table *pTab, /* Virtual table handle */
+ Fts3Phrase *pPhrase, /* Phrase to advance token of */
+ int iToken, /* Specific token to advance */
+ TokenDoclist *p, /* OUT: Docid and doclist for new entry */
+ u8 *pbEof /* OUT: True if iterator is at EOF */
+){
+ int rc = SQLITE_OK;
+
+ if( pPhrase->iDoclistToken==iToken ){
+ assert( p->bIgnore==0 );
+ assert( pPhrase->aToken[iToken].pSegcsr==0 );
+ fts3EvalDlPhraseNext(pTab, &pPhrase->doclist, pbEof);
+ p->pList = pPhrase->doclist.pList;
+ p->nList = pPhrase->doclist.nList;
+ p->iDocid = pPhrase->doclist.iDocid;
+ }else{
+ Fts3PhraseToken *pToken = &pPhrase->aToken[iToken];
+ assert( pToken->pDeferred==0 );
+ assert( pToken->pSegcsr || pPhrase->iDoclistToken>=0 );
+ if( pToken->pSegcsr ){
+ assert( p->bIgnore==0 );
+ rc = sqlite3Fts3MsrIncrNext(
+ pTab, pToken->pSegcsr, &p->iDocid, &p->pList, &p->nList
+ );
+ if( p->pList==0 ) *pbEof = 1;
+ }else{
+ p->bIgnore = 1;
+ }
+ }
+
+ return rc;
+}
+
+
+/*
+** The phrase iterator passed as the second argument:
+**
+** * features at least one token that uses an incremental doclist, and
+**
+** * does not contain any deferred tokens.
+**
+** Advance it to the next matching documnent in the database and populate
+** the Fts3Doclist.pList and nList fields.
+**
+** If there is no "next" entry and no error occurs, then *pbEof is set to
+** 1 before returning. Otherwise, if no error occurs and the iterator is
+** successfully advanced, *pbEof is set to 0.
+**
+** If an error occurs, return an SQLite error code. Otherwise, return
+** SQLITE_OK.
+*/
+static int fts3EvalIncrPhraseNext(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Phrase *p, /* Phrase object to advance to next docid */
+ u8 *pbEof /* OUT: Set to 1 if EOF */
+){
+ int rc = SQLITE_OK;
+ Fts3Doclist *pDL = &p->doclist;
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ u8 bEof = 0;
+
+ /* This is only called if it is guaranteed that the phrase has at least
+ ** one incremental token. In which case the bIncr flag is set. */
+ assert( p->bIncr==1 );
+
+ if( p->nToken==1 && p->bIncr ){
+ rc = sqlite3Fts3MsrIncrNext(pTab, p->aToken[0].pSegcsr,
+ &pDL->iDocid, &pDL->pList, &pDL->nList
+ );
+ if( pDL->pList==0 ) bEof = 1;
+ }else{
+ int bDescDoclist = pCsr->bDesc;
+ struct TokenDoclist a[MAX_INCR_PHRASE_TOKENS];
+
+ memset(a, 0, sizeof(a));
+ assert( p->nToken<=MAX_INCR_PHRASE_TOKENS );
+ assert( p->iDoclistToken<MAX_INCR_PHRASE_TOKENS );
+
+ while( bEof==0 ){
+ int bMaxSet = 0;
+ sqlite3_int64 iMax = 0; /* Largest docid for all iterators */
+ int i; /* Used to iterate through tokens */
+
+ /* Advance the iterator for each token in the phrase once. */
+ for(i=0; rc==SQLITE_OK && i<p->nToken && bEof==0; i++){
+ rc = incrPhraseTokenNext(pTab, p, i, &a[i], &bEof);
+ if( a[i].bIgnore==0 && (bMaxSet==0 || DOCID_CMP(iMax, a[i].iDocid)<0) ){
+ iMax = a[i].iDocid;
+ bMaxSet = 1;
+ }
+ }
+ assert( rc!=SQLITE_OK || (p->nToken>=1 && a[p->nToken-1].bIgnore==0) );
+ assert( rc!=SQLITE_OK || bMaxSet );
+
+ /* Keep advancing iterators until they all point to the same document */
+ for(i=0; i<p->nToken; i++){
+ while( rc==SQLITE_OK && bEof==0
+ && a[i].bIgnore==0 && DOCID_CMP(a[i].iDocid, iMax)<0
+ ){
+ rc = incrPhraseTokenNext(pTab, p, i, &a[i], &bEof);
+ if( DOCID_CMP(a[i].iDocid, iMax)>0 ){
+ iMax = a[i].iDocid;
+ i = 0;
+ }
+ }
+ }
+
+ /* Check if the current entries really are a phrase match */
+ if( bEof==0 ){
+ int nList = 0;
+ int nByte = a[p->nToken-1].nList;
+ char *aDoclist = sqlite3_malloc(nByte+1);
+ if( !aDoclist ) return SQLITE_NOMEM;
+ memcpy(aDoclist, a[p->nToken-1].pList, nByte+1);
+
+ for(i=0; i<(p->nToken-1); i++){
+ if( a[i].bIgnore==0 ){
+ char *pL = a[i].pList;
+ char *pR = aDoclist;
+ char *pOut = aDoclist;
+ int nDist = p->nToken-1-i;
+ int res = fts3PoslistPhraseMerge(&pOut, nDist, 0, 1, &pL, &pR);
+ if( res==0 ) break;
+ nList = (int)(pOut - aDoclist);
+ }
+ }
+ if( i==(p->nToken-1) ){
+ pDL->iDocid = iMax;
+ pDL->pList = aDoclist;
+ pDL->nList = nList;
+ pDL->bFreeList = 1;
+ break;
+ }
+ sqlite3_free(aDoclist);
+ }
+ }
+ }
+
+ *pbEof = bEof;
+ return rc;
+}
+
+/*
+** Attempt to move the phrase iterator to point to the next matching docid.
+** If an error occurs, return an SQLite error code. Otherwise, return
+** SQLITE_OK.
+**
+** If there is no "next" entry and no error occurs, then *pbEof is set to
+** 1 before returning. Otherwise, if no error occurs and the iterator is
+** successfully advanced, *pbEof is set to 0.
+*/
+static int fts3EvalPhraseNext(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Phrase *p, /* Phrase object to advance to next docid */
+ u8 *pbEof /* OUT: Set to 1 if EOF */
+){
+ int rc = SQLITE_OK;
+ Fts3Doclist *pDL = &p->doclist;
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+
+ if( p->bIncr ){
+ rc = fts3EvalIncrPhraseNext(pCsr, p, pbEof);
+ }else if( pCsr->bDesc!=pTab->bDescIdx && pDL->nAll ){
+ sqlite3Fts3DoclistPrev(pTab->bDescIdx, pDL->aAll, pDL->nAll,
+ &pDL->pNextDocid, &pDL->iDocid, &pDL->nList, pbEof
+ );
+ pDL->pList = pDL->pNextDocid;
+ }else{
+ fts3EvalDlPhraseNext(pTab, pDL, pbEof);
+ }
+
+ return rc;
+}
+
+/*
+**
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op.
+** Otherwise, fts3EvalPhraseStart() is called on all phrases within the
+** expression. Also the Fts3Expr.bDeferred variable is set to true for any
+** expressions for which all descendent tokens are deferred.
+**
+** If parameter bOptOk is zero, then it is guaranteed that the
+** Fts3Phrase.doclist.aAll/nAll variables contain the entire doclist for
+** each phrase in the expression (subject to deferred token processing).
+** Or, if bOptOk is non-zero, then one or more tokens within the expression
+** may be loaded incrementally, meaning doclist.aAll/nAll is not available.
+**
+** If an error occurs within this function, *pRc is set to an SQLite error
+** code before returning.
+*/
+static void fts3EvalStartReaders(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Expr *pExpr, /* Expression to initialize phrases in */
+ int *pRc /* IN/OUT: Error code */
+){
+ if( pExpr && SQLITE_OK==*pRc ){
+ if( pExpr->eType==FTSQUERY_PHRASE ){
+ int nToken = pExpr->pPhrase->nToken;
+ if( nToken ){
+ int i;
+ for(i=0; i<nToken; i++){
+ if( pExpr->pPhrase->aToken[i].pDeferred==0 ) break;
+ }
+ pExpr->bDeferred = (i==nToken);
+ }
+ *pRc = fts3EvalPhraseStart(pCsr, 1, pExpr->pPhrase);
+ }else{
+ fts3EvalStartReaders(pCsr, pExpr->pLeft, pRc);
+ fts3EvalStartReaders(pCsr, pExpr->pRight, pRc);
+ pExpr->bDeferred = (pExpr->pLeft->bDeferred && pExpr->pRight->bDeferred);
+ }
+ }
+}
+
+/*
+** An array of the following structures is assembled as part of the process
+** of selecting tokens to defer before the query starts executing (as part
+** of the xFilter() method). There is one element in the array for each
+** token in the FTS expression.
+**
+** Tokens are divided into AND/NEAR clusters. All tokens in a cluster belong
+** to phrases that are connected only by AND and NEAR operators (not OR or
+** NOT). When determining tokens to defer, each AND/NEAR cluster is considered
+** separately. The root of a tokens AND/NEAR cluster is stored in
+** Fts3TokenAndCost.pRoot.
+*/
+typedef struct Fts3TokenAndCost Fts3TokenAndCost;
+struct Fts3TokenAndCost {
+ Fts3Phrase *pPhrase; /* The phrase the token belongs to */
+ int iToken; /* Position of token in phrase */
+ Fts3PhraseToken *pToken; /* The token itself */
+ Fts3Expr *pRoot; /* Root of NEAR/AND cluster */
+ int nOvfl; /* Number of overflow pages to load doclist */
+ int iCol; /* The column the token must match */
+};
+
+/*
+** This function is used to populate an allocated Fts3TokenAndCost array.
+**
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op.
+** Otherwise, if an error occurs during execution, *pRc is set to an
+** SQLite error code.
+*/
+static void fts3EvalTokenCosts(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Expr *pRoot, /* Root of current AND/NEAR cluster */
+ Fts3Expr *pExpr, /* Expression to consider */
+ Fts3TokenAndCost **ppTC, /* Write new entries to *(*ppTC)++ */
+ Fts3Expr ***ppOr, /* Write new OR root to *(*ppOr)++ */
+ int *pRc /* IN/OUT: Error code */
+){
+ if( *pRc==SQLITE_OK ){
+ if( pExpr->eType==FTSQUERY_PHRASE ){
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ int i;
+ for(i=0; *pRc==SQLITE_OK && i<pPhrase->nToken; i++){
+ Fts3TokenAndCost *pTC = (*ppTC)++;
+ pTC->pPhrase = pPhrase;
+ pTC->iToken = i;
+ pTC->pRoot = pRoot;
+ pTC->pToken = &pPhrase->aToken[i];
+ pTC->iCol = pPhrase->iColumn;
+ *pRc = sqlite3Fts3MsrOvfl(pCsr, pTC->pToken->pSegcsr, &pTC->nOvfl);
+ }
+ }else if( pExpr->eType!=FTSQUERY_NOT ){
+ assert( pExpr->eType==FTSQUERY_OR
+ || pExpr->eType==FTSQUERY_AND
+ || pExpr->eType==FTSQUERY_NEAR
+ );
+ assert( pExpr->pLeft && pExpr->pRight );
+ if( pExpr->eType==FTSQUERY_OR ){
+ pRoot = pExpr->pLeft;
+ **ppOr = pRoot;
+ (*ppOr)++;
+ }
+ fts3EvalTokenCosts(pCsr, pRoot, pExpr->pLeft, ppTC, ppOr, pRc);
+ if( pExpr->eType==FTSQUERY_OR ){
+ pRoot = pExpr->pRight;
+ **ppOr = pRoot;
+ (*ppOr)++;
+ }
+ fts3EvalTokenCosts(pCsr, pRoot, pExpr->pRight, ppTC, ppOr, pRc);
+ }
+ }
+}
+
+/*
+** Determine the average document (row) size in pages. If successful,
+** write this value to *pnPage and return SQLITE_OK. Otherwise, return
+** an SQLite error code.
+**
+** The average document size in pages is calculated by first calculating
+** determining the average size in bytes, B. If B is less than the amount
+** of data that will fit on a single leaf page of an intkey table in
+** this database, then the average docsize is 1. Otherwise, it is 1 plus
+** the number of overflow pages consumed by a record B bytes in size.
+*/
+static int fts3EvalAverageDocsize(Fts3Cursor *pCsr, int *pnPage){
+ if( pCsr->nRowAvg==0 ){
+ /* The average document size, which is required to calculate the cost
+ ** of each doclist, has not yet been determined. Read the required
+ ** data from the %_stat table to calculate it.
+ **
+ ** Entry 0 of the %_stat table is a blob containing (nCol+1) FTS3
+ ** varints, where nCol is the number of columns in the FTS3 table.
+ ** The first varint is the number of documents currently stored in
+ ** the table. The following nCol varints contain the total amount of
+ ** data stored in all rows of each column of the table, from left
+ ** to right.
+ */
+ int rc;
+ Fts3Table *p = (Fts3Table*)pCsr->base.pVtab;
+ sqlite3_stmt *pStmt;
+ sqlite3_int64 nDoc = 0;
+ sqlite3_int64 nByte = 0;
+ const char *pEnd;
+ const char *a;
+
+ rc = sqlite3Fts3SelectDoctotal(p, &pStmt);
+ if( rc!=SQLITE_OK ) return rc;
+ a = sqlite3_column_blob(pStmt, 0);
+ assert( a );
+
+ pEnd = &a[sqlite3_column_bytes(pStmt, 0)];
+ a += sqlite3Fts3GetVarint(a, &nDoc);
+ while( a<pEnd ){
+ a += sqlite3Fts3GetVarint(a, &nByte);
+ }
+ if( nDoc==0 || nByte==0 ){
+ sqlite3_reset(pStmt);
+ return FTS_CORRUPT_VTAB;
+ }
+
+ pCsr->nDoc = nDoc;
+ pCsr->nRowAvg = (int)(((nByte / nDoc) + p->nPgsz) / p->nPgsz);
+ assert( pCsr->nRowAvg>0 );
+ rc = sqlite3_reset(pStmt);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+
+ *pnPage = pCsr->nRowAvg;
+ return SQLITE_OK;
+}
+
+/*
+** This function is called to select the tokens (if any) that will be
+** deferred. The array aTC[] has already been populated when this is
+** called.
+**
+** This function is called once for each AND/NEAR cluster in the
+** expression. Each invocation determines which tokens to defer within
+** the cluster with root node pRoot. See comments above the definition
+** of struct Fts3TokenAndCost for more details.
+**
+** If no error occurs, SQLITE_OK is returned and sqlite3Fts3DeferToken()
+** called on each token to defer. Otherwise, an SQLite error code is
+** returned.
+*/
+static int fts3EvalSelectDeferred(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Expr *pRoot, /* Consider tokens with this root node */
+ Fts3TokenAndCost *aTC, /* Array of expression tokens and costs */
+ int nTC /* Number of entries in aTC[] */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int nDocSize = 0; /* Number of pages per doc loaded */
+ int rc = SQLITE_OK; /* Return code */
+ int ii; /* Iterator variable for various purposes */
+ int nOvfl = 0; /* Total overflow pages used by doclists */
+ int nToken = 0; /* Total number of tokens in cluster */
+
+ int nMinEst = 0; /* The minimum count for any phrase so far. */
+ int nLoad4 = 1; /* (Phrases that will be loaded)^4. */
+
+ /* Tokens are never deferred for FTS tables created using the content=xxx
+ ** option. The reason being that it is not guaranteed that the content
+ ** table actually contains the same data as the index. To prevent this from
+ ** causing any problems, the deferred token optimization is completely
+ ** disabled for content=xxx tables. */
+ if( pTab->zContentTbl ){
+ return SQLITE_OK;
+ }
+
+ /* Count the tokens in this AND/NEAR cluster. If none of the doclists
+ ** associated with the tokens spill onto overflow pages, or if there is
+ ** only 1 token, exit early. No tokens to defer in this case. */
+ for(ii=0; ii<nTC; ii++){
+ if( aTC[ii].pRoot==pRoot ){
+ nOvfl += aTC[ii].nOvfl;
+ nToken++;
+ }
+ }
+ if( nOvfl==0 || nToken<2 ) return SQLITE_OK;
+
+ /* Obtain the average docsize (in pages). */
+ rc = fts3EvalAverageDocsize(pCsr, &nDocSize);
+ assert( rc!=SQLITE_OK || nDocSize>0 );
+
+
+ /* Iterate through all tokens in this AND/NEAR cluster, in ascending order
+ ** of the number of overflow pages that will be loaded by the pager layer
+ ** to retrieve the entire doclist for the token from the full-text index.
+ ** Load the doclists for tokens that are either:
+ **
+ ** a. The cheapest token in the entire query (i.e. the one visited by the
+ ** first iteration of this loop), or
+ **
+ ** b. Part of a multi-token phrase.
+ **
+ ** After each token doclist is loaded, merge it with the others from the
+ ** same phrase and count the number of documents that the merged doclist
+ ** contains. Set variable "nMinEst" to the smallest number of documents in
+ ** any phrase doclist for which 1 or more token doclists have been loaded.
+ ** Let nOther be the number of other phrases for which it is certain that
+ ** one or more tokens will not be deferred.
+ **
+ ** Then, for each token, defer it if loading the doclist would result in
+ ** loading N or more overflow pages into memory, where N is computed as:
+ **
+ ** (nMinEst + 4^nOther - 1) / (4^nOther)
+ */
+ for(ii=0; ii<nToken && rc==SQLITE_OK; ii++){
+ int iTC; /* Used to iterate through aTC[] array. */
+ Fts3TokenAndCost *pTC = 0; /* Set to cheapest remaining token. */
+
+ /* Set pTC to point to the cheapest remaining token. */
+ for(iTC=0; iTC<nTC; iTC++){
+ if( aTC[iTC].pToken && aTC[iTC].pRoot==pRoot
+ && (!pTC || aTC[iTC].nOvfl<pTC->nOvfl)
+ ){
+ pTC = &aTC[iTC];
+ }
+ }
+ assert( pTC );
+
+ if( ii && pTC->nOvfl>=((nMinEst+(nLoad4/4)-1)/(nLoad4/4))*nDocSize ){
+ /* The number of overflow pages to load for this (and therefore all
+ ** subsequent) tokens is greater than the estimated number of pages
+ ** that will be loaded if all subsequent tokens are deferred.
+ */
+ Fts3PhraseToken *pToken = pTC->pToken;
+ rc = sqlite3Fts3DeferToken(pCsr, pToken, pTC->iCol);
+ fts3SegReaderCursorFree(pToken->pSegcsr);
+ pToken->pSegcsr = 0;
+ }else{
+ /* Set nLoad4 to the value of (4^nOther) for the next iteration of the
+ ** for-loop. Except, limit the value to 2^24 to prevent it from
+ ** overflowing the 32-bit integer it is stored in. */
+ if( ii<12 ) nLoad4 = nLoad4*4;
+
+ if( ii==0 || (pTC->pPhrase->nToken>1 && ii!=nToken-1) ){
+ /* Either this is the cheapest token in the entire query, or it is
+ ** part of a multi-token phrase. Either way, the entire doclist will
+ ** (eventually) be loaded into memory. It may as well be now. */
+ Fts3PhraseToken *pToken = pTC->pToken;
+ int nList = 0;
+ char *pList = 0;
+ rc = fts3TermSelect(pTab, pToken, pTC->iCol, &nList, &pList);
+ assert( rc==SQLITE_OK || pList==0 );
+ if( rc==SQLITE_OK ){
+ rc = fts3EvalPhraseMergeToken(
+ pTab, pTC->pPhrase, pTC->iToken,pList,nList
+ );
+ }
+ if( rc==SQLITE_OK ){
+ int nCount;
+ nCount = fts3DoclistCountDocids(
+ pTC->pPhrase->doclist.aAll, pTC->pPhrase->doclist.nAll
+ );
+ if( ii==0 || nCount<nMinEst ) nMinEst = nCount;
+ }
+ }
+ }
+ pTC->pToken = 0;
+ }
+
+ return rc;
+}
+
+/*
+** This function is called from within the xFilter method. It initializes
+** the full-text query currently stored in pCsr->pExpr. To iterate through
+** the results of a query, the caller does:
+**
+** fts3EvalStart(pCsr);
+** while( 1 ){
+** fts3EvalNext(pCsr);
+** if( pCsr->bEof ) break;
+** ... return row pCsr->iPrevId to the caller ...
+** }
+*/
+static int fts3EvalStart(Fts3Cursor *pCsr){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int rc = SQLITE_OK;
+ int nToken = 0;
+ int nOr = 0;
+
+ /* Allocate a MultiSegReader for each token in the expression. */
+ fts3EvalAllocateReaders(pCsr, pCsr->pExpr, &nToken, &nOr, &rc);
+
+ /* Determine which, if any, tokens in the expression should be deferred. */
+#ifndef SQLITE_DISABLE_FTS4_DEFERRED
+ if( rc==SQLITE_OK && nToken>1 && pTab->bFts4 ){
+ Fts3TokenAndCost *aTC;
+ Fts3Expr **apOr;
+ aTC = (Fts3TokenAndCost *)sqlite3_malloc(
+ sizeof(Fts3TokenAndCost) * nToken
+ + sizeof(Fts3Expr *) * nOr * 2
+ );
+ apOr = (Fts3Expr **)&aTC[nToken];
+
+ if( !aTC ){
+ rc = SQLITE_NOMEM;
+ }else{
+ int ii;
+ Fts3TokenAndCost *pTC = aTC;
+ Fts3Expr **ppOr = apOr;
+
+ fts3EvalTokenCosts(pCsr, 0, pCsr->pExpr, &pTC, &ppOr, &rc);
+ nToken = (int)(pTC-aTC);
+ nOr = (int)(ppOr-apOr);
+
+ if( rc==SQLITE_OK ){
+ rc = fts3EvalSelectDeferred(pCsr, 0, aTC, nToken);
+ for(ii=0; rc==SQLITE_OK && ii<nOr; ii++){
+ rc = fts3EvalSelectDeferred(pCsr, apOr[ii], aTC, nToken);
+ }
+ }
+
+ sqlite3_free(aTC);
+ }
+ }
+#endif
+
+ fts3EvalStartReaders(pCsr, pCsr->pExpr, &rc);
+ return rc;
+}
+
+/*
+** Invalidate the current position list for phrase pPhrase.
+*/
+static void fts3EvalInvalidatePoslist(Fts3Phrase *pPhrase){
+ if( pPhrase->doclist.bFreeList ){
+ sqlite3_free(pPhrase->doclist.pList);
+ }
+ pPhrase->doclist.pList = 0;
+ pPhrase->doclist.nList = 0;
+ pPhrase->doclist.bFreeList = 0;
+}
+
+/*
+** This function is called to edit the position list associated with
+** the phrase object passed as the fifth argument according to a NEAR
+** condition. For example:
+**
+** abc NEAR/5 "def ghi"
+**
+** Parameter nNear is passed the NEAR distance of the expression (5 in
+** the example above). When this function is called, *paPoslist points to
+** the position list, and *pnToken is the number of phrase tokens in, the
+** phrase on the other side of the NEAR operator to pPhrase. For example,
+** if pPhrase refers to the "def ghi" phrase, then *paPoslist points to
+** the position list associated with phrase "abc".
+**
+** All positions in the pPhrase position list that are not sufficiently
+** close to a position in the *paPoslist position list are removed. If this
+** leaves 0 positions, zero is returned. Otherwise, non-zero.
+**
+** Before returning, *paPoslist is set to point to the position lsit
+** associated with pPhrase. And *pnToken is set to the number of tokens in
+** pPhrase.
+*/
+static int fts3EvalNearTrim(
+ int nNear, /* NEAR distance. As in "NEAR/nNear". */
+ char *aTmp, /* Temporary space to use */
+ char **paPoslist, /* IN/OUT: Position list */
+ int *pnToken, /* IN/OUT: Tokens in phrase of *paPoslist */
+ Fts3Phrase *pPhrase /* The phrase object to trim the doclist of */
+){
+ int nParam1 = nNear + pPhrase->nToken;
+ int nParam2 = nNear + *pnToken;
+ int nNew;
+ char *p2;
+ char *pOut;
+ int res;
+
+ assert( pPhrase->doclist.pList );
+
+ p2 = pOut = pPhrase->doclist.pList;
+ res = fts3PoslistNearMerge(
+ &pOut, aTmp, nParam1, nParam2, paPoslist, &p2
+ );
+ if( res ){
+ nNew = (int)(pOut - pPhrase->doclist.pList) - 1;
+ assert( pPhrase->doclist.pList[nNew]=='\0' );
+ assert( nNew<=pPhrase->doclist.nList && nNew>0 );
+ memset(&pPhrase->doclist.pList[nNew], 0, pPhrase->doclist.nList - nNew);
+ pPhrase->doclist.nList = nNew;
+ *paPoslist = pPhrase->doclist.pList;
+ *pnToken = pPhrase->nToken;
+ }
+
+ return res;
+}
+
+/*
+** This function is a no-op if *pRc is other than SQLITE_OK when it is called.
+** Otherwise, it advances the expression passed as the second argument to
+** point to the next matching row in the database. Expressions iterate through
+** matching rows in docid order. Ascending order if Fts3Cursor.bDesc is zero,
+** or descending if it is non-zero.
+**
+** If an error occurs, *pRc is set to an SQLite error code. Otherwise, if
+** successful, the following variables in pExpr are set:
+**
+** Fts3Expr.bEof (non-zero if EOF - there is no next row)
+** Fts3Expr.iDocid (valid if bEof==0. The docid of the next row)
+**
+** If the expression is of type FTSQUERY_PHRASE, and the expression is not
+** at EOF, then the following variables are populated with the position list
+** for the phrase for the visited row:
+**
+** FTs3Expr.pPhrase->doclist.nList (length of pList in bytes)
+** FTs3Expr.pPhrase->doclist.pList (pointer to position list)
+**
+** It says above that this function advances the expression to the next
+** matching row. This is usually true, but there are the following exceptions:
+**
+** 1. Deferred tokens are not taken into account. If a phrase consists
+** entirely of deferred tokens, it is assumed to match every row in
+** the db. In this case the position-list is not populated at all.
+**
+** Or, if a phrase contains one or more deferred tokens and one or
+** more non-deferred tokens, then the expression is advanced to the
+** next possible match, considering only non-deferred tokens. In other
+** words, if the phrase is "A B C", and "B" is deferred, the expression
+** is advanced to the next row that contains an instance of "A * C",
+** where "*" may match any single token. The position list in this case
+** is populated as for "A * C" before returning.
+**
+** 2. NEAR is treated as AND. If the expression is "x NEAR y", it is
+** advanced to point to the next row that matches "x AND y".
+**
+** See sqlite3Fts3EvalTestDeferred() for details on testing if a row is
+** really a match, taking into account deferred tokens and NEAR operators.
+*/
+static void fts3EvalNextRow(
+ Fts3Cursor *pCsr, /* FTS Cursor handle */
+ Fts3Expr *pExpr, /* Expr. to advance to next matching row */
+ int *pRc /* IN/OUT: Error code */
+){
+ if( *pRc==SQLITE_OK ){
+ int bDescDoclist = pCsr->bDesc; /* Used by DOCID_CMP() macro */
+ assert( pExpr->bEof==0 );
+ pExpr->bStart = 1;
+
+ switch( pExpr->eType ){
+ case FTSQUERY_NEAR:
+ case FTSQUERY_AND: {
+ Fts3Expr *pLeft = pExpr->pLeft;
+ Fts3Expr *pRight = pExpr->pRight;
+ assert( !pLeft->bDeferred || !pRight->bDeferred );
+
+ if( pLeft->bDeferred ){
+ /* LHS is entirely deferred. So we assume it matches every row.
+ ** Advance the RHS iterator to find the next row visited. */
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ pExpr->iDocid = pRight->iDocid;
+ pExpr->bEof = pRight->bEof;
+ }else if( pRight->bDeferred ){
+ /* RHS is entirely deferred. So we assume it matches every row.
+ ** Advance the LHS iterator to find the next row visited. */
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ pExpr->iDocid = pLeft->iDocid;
+ pExpr->bEof = pLeft->bEof;
+ }else{
+ /* Neither the RHS or LHS are deferred. */
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ while( !pLeft->bEof && !pRight->bEof && *pRc==SQLITE_OK ){
+ sqlite3_int64 iDiff = DOCID_CMP(pLeft->iDocid, pRight->iDocid);
+ if( iDiff==0 ) break;
+ if( iDiff<0 ){
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ }else{
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ }
+ }
+ pExpr->iDocid = pLeft->iDocid;
+ pExpr->bEof = (pLeft->bEof || pRight->bEof);
+ if( pExpr->eType==FTSQUERY_NEAR && pExpr->bEof ){
+ if( pRight->pPhrase && pRight->pPhrase->doclist.aAll ){
+ Fts3Doclist *pDl = &pRight->pPhrase->doclist;
+ while( *pRc==SQLITE_OK && pRight->bEof==0 ){
+ memset(pDl->pList, 0, pDl->nList);
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ }
+ }
+ if( pLeft->pPhrase && pLeft->pPhrase->doclist.aAll ){
+ Fts3Doclist *pDl = &pLeft->pPhrase->doclist;
+ while( *pRc==SQLITE_OK && pLeft->bEof==0 ){
+ memset(pDl->pList, 0, pDl->nList);
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ }
+ }
+ }
+ }
+ break;
+ }
+
+ case FTSQUERY_OR: {
+ Fts3Expr *pLeft = pExpr->pLeft;
+ Fts3Expr *pRight = pExpr->pRight;
+ sqlite3_int64 iCmp = DOCID_CMP(pLeft->iDocid, pRight->iDocid);
+
+ assert( pLeft->bStart || pLeft->iDocid==pRight->iDocid );
+ assert( pRight->bStart || pLeft->iDocid==pRight->iDocid );
+
+ if( pRight->bEof || (pLeft->bEof==0 && iCmp<0) ){
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ }else if( pLeft->bEof || (pRight->bEof==0 && iCmp>0) ){
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ }else{
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ }
+
+ pExpr->bEof = (pLeft->bEof && pRight->bEof);
+ iCmp = DOCID_CMP(pLeft->iDocid, pRight->iDocid);
+ if( pRight->bEof || (pLeft->bEof==0 && iCmp<0) ){
+ pExpr->iDocid = pLeft->iDocid;
+ }else{
+ pExpr->iDocid = pRight->iDocid;
+ }
+
+ break;
+ }
+
+ case FTSQUERY_NOT: {
+ Fts3Expr *pLeft = pExpr->pLeft;
+ Fts3Expr *pRight = pExpr->pRight;
+
+ if( pRight->bStart==0 ){
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ assert( *pRc!=SQLITE_OK || pRight->bStart );
+ }
+
+ fts3EvalNextRow(pCsr, pLeft, pRc);
+ if( pLeft->bEof==0 ){
+ while( !*pRc
+ && !pRight->bEof
+ && DOCID_CMP(pLeft->iDocid, pRight->iDocid)>0
+ ){
+ fts3EvalNextRow(pCsr, pRight, pRc);
+ }
+ }
+ pExpr->iDocid = pLeft->iDocid;
+ pExpr->bEof = pLeft->bEof;
+ break;
+ }
+
+ default: {
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ fts3EvalInvalidatePoslist(pPhrase);
+ *pRc = fts3EvalPhraseNext(pCsr, pPhrase, &pExpr->bEof);
+ pExpr->iDocid = pPhrase->doclist.iDocid;
+ break;
+ }
+ }
+ }
+}
+
+/*
+** If *pRc is not SQLITE_OK, or if pExpr is not the root node of a NEAR
+** cluster, then this function returns 1 immediately.
+**
+** Otherwise, it checks if the current row really does match the NEAR
+** expression, using the data currently stored in the position lists
+** (Fts3Expr->pPhrase.doclist.pList/nList) for each phrase in the expression.
+**
+** If the current row is a match, the position list associated with each
+** phrase in the NEAR expression is edited in place to contain only those
+** phrase instances sufficiently close to their peers to satisfy all NEAR
+** constraints. In this case it returns 1. If the NEAR expression does not
+** match the current row, 0 is returned. The position lists may or may not
+** be edited if 0 is returned.
+*/
+static int fts3EvalNearTest(Fts3Expr *pExpr, int *pRc){
+ int res = 1;
+
+ /* The following block runs if pExpr is the root of a NEAR query.
+ ** For example, the query:
+ **
+ ** "w" NEAR "x" NEAR "y" NEAR "z"
+ **
+ ** which is represented in tree form as:
+ **
+ ** |
+ ** +--NEAR--+ <-- root of NEAR query
+ ** | |
+ ** +--NEAR--+ "z"
+ ** | |
+ ** +--NEAR--+ "y"
+ ** | |
+ ** "w" "x"
+ **
+ ** The right-hand child of a NEAR node is always a phrase. The
+ ** left-hand child may be either a phrase or a NEAR node. There are
+ ** no exceptions to this - it's the way the parser in fts3_expr.c works.
+ */
+ if( *pRc==SQLITE_OK
+ && pExpr->eType==FTSQUERY_NEAR
+ && pExpr->bEof==0
+ && (pExpr->pParent==0 || pExpr->pParent->eType!=FTSQUERY_NEAR)
+ ){
+ Fts3Expr *p;
+ int nTmp = 0; /* Bytes of temp space */
+ char *aTmp; /* Temp space for PoslistNearMerge() */
+
+ /* Allocate temporary working space. */
+ for(p=pExpr; p->pLeft; p=p->pLeft){
+ nTmp += p->pRight->pPhrase->doclist.nList;
+ }
+ nTmp += p->pPhrase->doclist.nList;
+ if( nTmp==0 ){
+ res = 0;
+ }else{
+ aTmp = sqlite3_malloc(nTmp*2);
+ if( !aTmp ){
+ *pRc = SQLITE_NOMEM;
+ res = 0;
+ }else{
+ char *aPoslist = p->pPhrase->doclist.pList;
+ int nToken = p->pPhrase->nToken;
+
+ for(p=p->pParent;res && p && p->eType==FTSQUERY_NEAR; p=p->pParent){
+ Fts3Phrase *pPhrase = p->pRight->pPhrase;
+ int nNear = p->nNear;
+ res = fts3EvalNearTrim(nNear, aTmp, &aPoslist, &nToken, pPhrase);
+ }
+
+ aPoslist = pExpr->pRight->pPhrase->doclist.pList;
+ nToken = pExpr->pRight->pPhrase->nToken;
+ for(p=pExpr->pLeft; p && res; p=p->pLeft){
+ int nNear;
+ Fts3Phrase *pPhrase;
+ assert( p->pParent && p->pParent->pLeft==p );
+ nNear = p->pParent->nNear;
+ pPhrase = (
+ p->eType==FTSQUERY_NEAR ? p->pRight->pPhrase : p->pPhrase
+ );
+ res = fts3EvalNearTrim(nNear, aTmp, &aPoslist, &nToken, pPhrase);
+ }
+ }
+
+ sqlite3_free(aTmp);
+ }
+ }
+
+ return res;
+}
+
+/*
+** This function is a helper function for sqlite3Fts3EvalTestDeferred().
+** Assuming no error occurs or has occurred, It returns non-zero if the
+** expression passed as the second argument matches the row that pCsr
+** currently points to, or zero if it does not.
+**
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op.
+** If an error occurs during execution of this function, *pRc is set to
+** the appropriate SQLite error code. In this case the returned value is
+** undefined.
+*/
+static int fts3EvalTestExpr(
+ Fts3Cursor *pCsr, /* FTS cursor handle */
+ Fts3Expr *pExpr, /* Expr to test. May or may not be root. */
+ int *pRc /* IN/OUT: Error code */
+){
+ int bHit = 1; /* Return value */
+ if( *pRc==SQLITE_OK ){
+ switch( pExpr->eType ){
+ case FTSQUERY_NEAR:
+ case FTSQUERY_AND:
+ bHit = (
+ fts3EvalTestExpr(pCsr, pExpr->pLeft, pRc)
+ && fts3EvalTestExpr(pCsr, pExpr->pRight, pRc)
+ && fts3EvalNearTest(pExpr, pRc)
+ );
+
+ /* If the NEAR expression does not match any rows, zero the doclist for
+ ** all phrases involved in the NEAR. This is because the snippet(),
+ ** offsets() and matchinfo() functions are not supposed to recognize
+ ** any instances of phrases that are part of unmatched NEAR queries.
+ ** For example if this expression:
+ **
+ ** ... MATCH 'a OR (b NEAR c)'
+ **
+ ** is matched against a row containing:
+ **
+ ** 'a b d e'
+ **
+ ** then any snippet() should ony highlight the "a" term, not the "b"
+ ** (as "b" is part of a non-matching NEAR clause).
+ */
+ if( bHit==0
+ && pExpr->eType==FTSQUERY_NEAR
+ && (pExpr->pParent==0 || pExpr->pParent->eType!=FTSQUERY_NEAR)
+ ){
+ Fts3Expr *p;
+ for(p=pExpr; p->pPhrase==0; p=p->pLeft){
+ if( p->pRight->iDocid==pCsr->iPrevId ){
+ fts3EvalInvalidatePoslist(p->pRight->pPhrase);
+ }
+ }
+ if( p->iDocid==pCsr->iPrevId ){
+ fts3EvalInvalidatePoslist(p->pPhrase);
+ }
+ }
+
+ break;
+
+ case FTSQUERY_OR: {
+ int bHit1 = fts3EvalTestExpr(pCsr, pExpr->pLeft, pRc);
+ int bHit2 = fts3EvalTestExpr(pCsr, pExpr->pRight, pRc);
+ bHit = bHit1 || bHit2;
+ break;
+ }
+
+ case FTSQUERY_NOT:
+ bHit = (
+ fts3EvalTestExpr(pCsr, pExpr->pLeft, pRc)
+ && !fts3EvalTestExpr(pCsr, pExpr->pRight, pRc)
+ );
+ break;
+
+ default: {
+#ifndef SQLITE_DISABLE_FTS4_DEFERRED
+ if( pCsr->pDeferred
+ && (pExpr->iDocid==pCsr->iPrevId || pExpr->bDeferred)
+ ){
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ assert( pExpr->bDeferred || pPhrase->doclist.bFreeList==0 );
+ if( pExpr->bDeferred ){
+ fts3EvalInvalidatePoslist(pPhrase);
+ }
+ *pRc = fts3EvalDeferredPhrase(pCsr, pPhrase);
+ bHit = (pPhrase->doclist.pList!=0);
+ pExpr->iDocid = pCsr->iPrevId;
+ }else
+#endif
+ {
+ bHit = (pExpr->bEof==0 && pExpr->iDocid==pCsr->iPrevId);
+ }
+ break;
+ }
+ }
+ }
+ return bHit;
+}
+
+/*
+** This function is called as the second part of each xNext operation when
+** iterating through the results of a full-text query. At this point the
+** cursor points to a row that matches the query expression, with the
+** following caveats:
+**
+** * Up until this point, "NEAR" operators in the expression have been
+** treated as "AND".
+**
+** * Deferred tokens have not yet been considered.
+**
+** If *pRc is not SQLITE_OK when this function is called, it immediately
+** returns 0. Otherwise, it tests whether or not after considering NEAR
+** operators and deferred tokens the current row is still a match for the
+** expression. It returns 1 if both of the following are true:
+**
+** 1. *pRc is SQLITE_OK when this function returns, and
+**
+** 2. After scanning the current FTS table row for the deferred tokens,
+** it is determined that the row does *not* match the query.
+**
+** Or, if no error occurs and it seems the current row does match the FTS
+** query, return 0.
+*/
+SQLITE_PRIVATE int sqlite3Fts3EvalTestDeferred(Fts3Cursor *pCsr, int *pRc){
+ int rc = *pRc;
+ int bMiss = 0;
+ if( rc==SQLITE_OK ){
+
+ /* If there are one or more deferred tokens, load the current row into
+ ** memory and scan it to determine the position list for each deferred
+ ** token. Then, see if this row is really a match, considering deferred
+ ** tokens and NEAR operators (neither of which were taken into account
+ ** earlier, by fts3EvalNextRow()).
+ */
+ if( pCsr->pDeferred ){
+ rc = fts3CursorSeek(0, pCsr);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3CacheDeferredDoclists(pCsr);
+ }
+ }
+ bMiss = (0==fts3EvalTestExpr(pCsr, pCsr->pExpr, &rc));
+
+ /* Free the position-lists accumulated for each deferred token above. */
+ sqlite3Fts3FreeDeferredDoclists(pCsr);
+ *pRc = rc;
+ }
+ return (rc==SQLITE_OK && bMiss);
+}
+
+/*
+** Advance to the next document that matches the FTS expression in
+** Fts3Cursor.pExpr.
+*/
+static int fts3EvalNext(Fts3Cursor *pCsr){
+ int rc = SQLITE_OK; /* Return Code */
+ Fts3Expr *pExpr = pCsr->pExpr;
+ assert( pCsr->isEof==0 );
+ if( pExpr==0 ){
+ pCsr->isEof = 1;
+ }else{
+ do {
+ if( pCsr->isRequireSeek==0 ){
+ sqlite3_reset(pCsr->pStmt);
+ }
+ assert( sqlite3_data_count(pCsr->pStmt)==0 );
+ fts3EvalNextRow(pCsr, pExpr, &rc);
+ pCsr->isEof = pExpr->bEof;
+ pCsr->isRequireSeek = 1;
+ pCsr->isMatchinfoNeeded = 1;
+ pCsr->iPrevId = pExpr->iDocid;
+ }while( pCsr->isEof==0 && sqlite3Fts3EvalTestDeferred(pCsr, &rc) );
+ }
+
+ /* Check if the cursor is past the end of the docid range specified
+ ** by Fts3Cursor.iMinDocid/iMaxDocid. If so, set the EOF flag. */
+ if( rc==SQLITE_OK && (
+ (pCsr->bDesc==0 && pCsr->iPrevId>pCsr->iMaxDocid)
+ || (pCsr->bDesc!=0 && pCsr->iPrevId<pCsr->iMinDocid)
+ )){
+ pCsr->isEof = 1;
+ }
+
+ return rc;
+}
+
+/*
+** Restart interation for expression pExpr so that the next call to
+** fts3EvalNext() visits the first row. Do not allow incremental
+** loading or merging of phrase doclists for this iteration.
+**
+** If *pRc is other than SQLITE_OK when this function is called, it is
+** a no-op. If an error occurs within this function, *pRc is set to an
+** SQLite error code before returning.
+*/
+static void fts3EvalRestart(
+ Fts3Cursor *pCsr,
+ Fts3Expr *pExpr,
+ int *pRc
+){
+ if( pExpr && *pRc==SQLITE_OK ){
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+
+ if( pPhrase ){
+ fts3EvalInvalidatePoslist(pPhrase);
+ if( pPhrase->bIncr ){
+ int i;
+ for(i=0; i<pPhrase->nToken; i++){
+ Fts3PhraseToken *pToken = &pPhrase->aToken[i];
+ assert( pToken->pDeferred==0 );
+ if( pToken->pSegcsr ){
+ sqlite3Fts3MsrIncrRestart(pToken->pSegcsr);
+ }
+ }
+ *pRc = fts3EvalPhraseStart(pCsr, 0, pPhrase);
+ }
+ pPhrase->doclist.pNextDocid = 0;
+ pPhrase->doclist.iDocid = 0;
+ pPhrase->pOrPoslist = 0;
+ }
+
+ pExpr->iDocid = 0;
+ pExpr->bEof = 0;
+ pExpr->bStart = 0;
+
+ fts3EvalRestart(pCsr, pExpr->pLeft, pRc);
+ fts3EvalRestart(pCsr, pExpr->pRight, pRc);
+ }
+}
+
+/*
+** After allocating the Fts3Expr.aMI[] array for each phrase in the
+** expression rooted at pExpr, the cursor iterates through all rows matched
+** by pExpr, calling this function for each row. This function increments
+** the values in Fts3Expr.aMI[] according to the position-list currently
+** found in Fts3Expr.pPhrase->doclist.pList for each of the phrase
+** expression nodes.
+*/
+static void fts3EvalUpdateCounts(Fts3Expr *pExpr){
+ if( pExpr ){
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ if( pPhrase && pPhrase->doclist.pList ){
+ int iCol = 0;
+ char *p = pPhrase->doclist.pList;
+
+ assert( *p );
+ while( 1 ){
+ u8 c = 0;
+ int iCnt = 0;
+ while( 0xFE & (*p | c) ){
+ if( (c&0x80)==0 ) iCnt++;
+ c = *p++ & 0x80;
+ }
+
+ /* aMI[iCol*3 + 1] = Number of occurrences
+ ** aMI[iCol*3 + 2] = Number of rows containing at least one instance
+ */
+ pExpr->aMI[iCol*3 + 1] += iCnt;
+ pExpr->aMI[iCol*3 + 2] += (iCnt>0);
+ if( *p==0x00 ) break;
+ p++;
+ p += fts3GetVarint32(p, &iCol);
+ }
+ }
+
+ fts3EvalUpdateCounts(pExpr->pLeft);
+ fts3EvalUpdateCounts(pExpr->pRight);
+ }
+}
+
+/*
+** Expression pExpr must be of type FTSQUERY_PHRASE.
+**
+** If it is not already allocated and populated, this function allocates and
+** populates the Fts3Expr.aMI[] array for expression pExpr. If pExpr is part
+** of a NEAR expression, then it also allocates and populates the same array
+** for all other phrases that are part of the NEAR expression.
+**
+** SQLITE_OK is returned if the aMI[] array is successfully allocated and
+** populated. Otherwise, if an error occurs, an SQLite error code is returned.
+*/
+static int fts3EvalGatherStats(
+ Fts3Cursor *pCsr, /* Cursor object */
+ Fts3Expr *pExpr /* FTSQUERY_PHRASE expression */
+){
+ int rc = SQLITE_OK; /* Return code */
+
+ assert( pExpr->eType==FTSQUERY_PHRASE );
+ if( pExpr->aMI==0 ){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ Fts3Expr *pRoot; /* Root of NEAR expression */
+ Fts3Expr *p; /* Iterator used for several purposes */
+
+ sqlite3_int64 iPrevId = pCsr->iPrevId;
+ sqlite3_int64 iDocid;
+ u8 bEof;
+
+ /* Find the root of the NEAR expression */
+ pRoot = pExpr;
+ while( pRoot->pParent && pRoot->pParent->eType==FTSQUERY_NEAR ){
+ pRoot = pRoot->pParent;
+ }
+ iDocid = pRoot->iDocid;
+ bEof = pRoot->bEof;
+ assert( pRoot->bStart );
+
+ /* Allocate space for the aMSI[] array of each FTSQUERY_PHRASE node */
+ for(p=pRoot; p; p=p->pLeft){
+ Fts3Expr *pE = (p->eType==FTSQUERY_PHRASE?p:p->pRight);
+ assert( pE->aMI==0 );
+ pE->aMI = (u32 *)sqlite3_malloc(pTab->nColumn * 3 * sizeof(u32));
+ if( !pE->aMI ) return SQLITE_NOMEM;
+ memset(pE->aMI, 0, pTab->nColumn * 3 * sizeof(u32));
+ }
+
+ fts3EvalRestart(pCsr, pRoot, &rc);
+
+ while( pCsr->isEof==0 && rc==SQLITE_OK ){
+
+ do {
+ /* Ensure the %_content statement is reset. */
+ if( pCsr->isRequireSeek==0 ) sqlite3_reset(pCsr->pStmt);
+ assert( sqlite3_data_count(pCsr->pStmt)==0 );
+
+ /* Advance to the next document */
+ fts3EvalNextRow(pCsr, pRoot, &rc);
+ pCsr->isEof = pRoot->bEof;
+ pCsr->isRequireSeek = 1;
+ pCsr->isMatchinfoNeeded = 1;
+ pCsr->iPrevId = pRoot->iDocid;
+ }while( pCsr->isEof==0
+ && pRoot->eType==FTSQUERY_NEAR
+ && sqlite3Fts3EvalTestDeferred(pCsr, &rc)
+ );
+
+ if( rc==SQLITE_OK && pCsr->isEof==0 ){
+ fts3EvalUpdateCounts(pRoot);
+ }
+ }
+
+ pCsr->isEof = 0;
+ pCsr->iPrevId = iPrevId;
+
+ if( bEof ){
+ pRoot->bEof = bEof;
+ }else{
+ /* Caution: pRoot may iterate through docids in ascending or descending
+ ** order. For this reason, even though it seems more defensive, the
+ ** do loop can not be written:
+ **
+ ** do {...} while( pRoot->iDocid<iDocid && rc==SQLITE_OK );
+ */
+ fts3EvalRestart(pCsr, pRoot, &rc);
+ do {
+ fts3EvalNextRow(pCsr, pRoot, &rc);
+ assert( pRoot->bEof==0 );
+ }while( pRoot->iDocid!=iDocid && rc==SQLITE_OK );
+ }
+ }
+ return rc;
+}
+
+/*
+** This function is used by the matchinfo() module to query a phrase
+** expression node for the following information:
+**
+** 1. The total number of occurrences of the phrase in each column of
+** the FTS table (considering all rows), and
+**
+** 2. For each column, the number of rows in the table for which the
+** column contains at least one instance of the phrase.
+**
+** If no error occurs, SQLITE_OK is returned and the values for each column
+** written into the array aiOut as follows:
+**
+** aiOut[iCol*3 + 1] = Number of occurrences
+** aiOut[iCol*3 + 2] = Number of rows containing at least one instance
+**
+** Caveats:
+**
+** * If a phrase consists entirely of deferred tokens, then all output
+** values are set to the number of documents in the table. In other
+** words we assume that very common tokens occur exactly once in each
+** column of each row of the table.
+**
+** * If a phrase contains some deferred tokens (and some non-deferred
+** tokens), count the potential occurrence identified by considering
+** the non-deferred tokens instead of actual phrase occurrences.
+**
+** * If the phrase is part of a NEAR expression, then only phrase instances
+** that meet the NEAR constraint are included in the counts.
+*/
+SQLITE_PRIVATE int sqlite3Fts3EvalPhraseStats(
+ Fts3Cursor *pCsr, /* FTS cursor handle */
+ Fts3Expr *pExpr, /* Phrase expression */
+ u32 *aiOut /* Array to write results into (see above) */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int rc = SQLITE_OK;
+ int iCol;
+
+ if( pExpr->bDeferred && pExpr->pParent->eType!=FTSQUERY_NEAR ){
+ assert( pCsr->nDoc>0 );
+ for(iCol=0; iCol<pTab->nColumn; iCol++){
+ aiOut[iCol*3 + 1] = (u32)pCsr->nDoc;
+ aiOut[iCol*3 + 2] = (u32)pCsr->nDoc;
+ }
+ }else{
+ rc = fts3EvalGatherStats(pCsr, pExpr);
+ if( rc==SQLITE_OK ){
+ assert( pExpr->aMI );
+ for(iCol=0; iCol<pTab->nColumn; iCol++){
+ aiOut[iCol*3 + 1] = pExpr->aMI[iCol*3 + 1];
+ aiOut[iCol*3 + 2] = pExpr->aMI[iCol*3 + 2];
+ }
+ }
+ }
+
+ return rc;
+}
+
+/*
+** The expression pExpr passed as the second argument to this function
+** must be of type FTSQUERY_PHRASE.
+**
+** The returned value is either NULL or a pointer to a buffer containing
+** a position-list indicating the occurrences of the phrase in column iCol
+** of the current row.
+**
+** More specifically, the returned buffer contains 1 varint for each
+** occurrence of the phrase in the column, stored using the normal (delta+2)
+** compression and is terminated by either an 0x01 or 0x00 byte. For example,
+** if the requested column contains "a b X c d X X" and the position-list
+** for 'X' is requested, the buffer returned may contain:
+**
+** 0x04 0x05 0x03 0x01 or 0x04 0x05 0x03 0x00
+**
+** This function works regardless of whether or not the phrase is deferred,
+** incremental, or neither.
+*/
+SQLITE_PRIVATE int sqlite3Fts3EvalPhrasePoslist(
+ Fts3Cursor *pCsr, /* FTS3 cursor object */
+ Fts3Expr *pExpr, /* Phrase to return doclist for */
+ int iCol, /* Column to return position list for */
+ char **ppOut /* OUT: Pointer to position list */
+){
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ char *pIter;
+ int iThis;
+ sqlite3_int64 iDocid;
+
+ /* If this phrase is applies specifically to some column other than
+ ** column iCol, return a NULL pointer. */
+ *ppOut = 0;
+ assert( iCol>=0 && iCol<pTab->nColumn );
+ if( (pPhrase->iColumn<pTab->nColumn && pPhrase->iColumn!=iCol) ){
+ return SQLITE_OK;
+ }
+
+ iDocid = pExpr->iDocid;
+ pIter = pPhrase->doclist.pList;
+ if( iDocid!=pCsr->iPrevId || pExpr->bEof ){
+ int rc = SQLITE_OK;
+ int bDescDoclist = pTab->bDescIdx; /* For DOCID_CMP macro */
+ int bOr = 0;
+ u8 bTreeEof = 0;
+ Fts3Expr *p; /* Used to iterate from pExpr to root */
+ Fts3Expr *pNear; /* Most senior NEAR ancestor (or pExpr) */
+ int bMatch;
+
+ /* Check if this phrase descends from an OR expression node. If not,
+ ** return NULL. Otherwise, the entry that corresponds to docid
+ ** pCsr->iPrevId may lie earlier in the doclist buffer. Or, if the
+ ** tree that the node is part of has been marked as EOF, but the node
+ ** itself is not EOF, then it may point to an earlier entry. */
+ pNear = pExpr;
+ for(p=pExpr->pParent; p; p=p->pParent){
+ if( p->eType==FTSQUERY_OR ) bOr = 1;
+ if( p->eType==FTSQUERY_NEAR ) pNear = p;
+ if( p->bEof ) bTreeEof = 1;
+ }
+ if( bOr==0 ) return SQLITE_OK;
+
+ /* This is the descendent of an OR node. In this case we cannot use
+ ** an incremental phrase. Load the entire doclist for the phrase
+ ** into memory in this case. */
+ if( pPhrase->bIncr ){
+ int bEofSave = pNear->bEof;
+ fts3EvalRestart(pCsr, pNear, &rc);
+ while( rc==SQLITE_OK && !pNear->bEof ){
+ fts3EvalNextRow(pCsr, pNear, &rc);
+ if( bEofSave==0 && pNear->iDocid==iDocid ) break;
+ }
+ assert( rc!=SQLITE_OK || pPhrase->bIncr==0 );
+ }
+ if( bTreeEof ){
+ while( rc==SQLITE_OK && !pNear->bEof ){
+ fts3EvalNextRow(pCsr, pNear, &rc);
+ }
+ }
+ if( rc!=SQLITE_OK ) return rc;
+
+ bMatch = 1;
+ for(p=pNear; p; p=p->pLeft){
+ u8 bEof = 0;
+ Fts3Expr *pTest = p;
+ Fts3Phrase *pPh;
+ assert( pTest->eType==FTSQUERY_NEAR || pTest->eType==FTSQUERY_PHRASE );
+ if( pTest->eType==FTSQUERY_NEAR ) pTest = pTest->pRight;
+ assert( pTest->eType==FTSQUERY_PHRASE );
+ pPh = pTest->pPhrase;
+
+ pIter = pPh->pOrPoslist;
+ iDocid = pPh->iOrDocid;
+ if( pCsr->bDesc==bDescDoclist ){
+ bEof = !pPh->doclist.nAll ||
+ (pIter >= (pPh->doclist.aAll + pPh->doclist.nAll));
+ while( (pIter==0 || DOCID_CMP(iDocid, pCsr->iPrevId)<0 ) && bEof==0 ){
+ sqlite3Fts3DoclistNext(
+ bDescDoclist, pPh->doclist.aAll, pPh->doclist.nAll,
+ &pIter, &iDocid, &bEof
+ );
+ }
+ }else{
+ bEof = !pPh->doclist.nAll || (pIter && pIter<=pPh->doclist.aAll);
+ while( (pIter==0 || DOCID_CMP(iDocid, pCsr->iPrevId)>0 ) && bEof==0 ){
+ int dummy;
+ sqlite3Fts3DoclistPrev(
+ bDescDoclist, pPh->doclist.aAll, pPh->doclist.nAll,
+ &pIter, &iDocid, &dummy, &bEof
+ );
+ }
+ }
+ pPh->pOrPoslist = pIter;
+ pPh->iOrDocid = iDocid;
+ if( bEof || iDocid!=pCsr->iPrevId ) bMatch = 0;
+ }
+
+ if( bMatch ){
+ pIter = pPhrase->pOrPoslist;
+ }else{
+ pIter = 0;
+ }
+ }
+ if( pIter==0 ) return SQLITE_OK;
+
+ if( *pIter==0x01 ){
+ pIter++;
+ pIter += fts3GetVarint32(pIter, &iThis);
+ }else{
+ iThis = 0;
+ }
+ while( iThis<iCol ){
+ fts3ColumnlistCopy(0, &pIter);
+ if( *pIter==0x00 ) return SQLITE_OK;
+ pIter++;
+ pIter += fts3GetVarint32(pIter, &iThis);
+ }
+ if( *pIter==0x00 ){
+ pIter = 0;
+ }
+
+ *ppOut = ((iCol==iThis)?pIter:0);
+ return SQLITE_OK;
+}
+
+/*
+** Free all components of the Fts3Phrase structure that were allocated by
+** the eval module. Specifically, this means to free:
+**
+** * the contents of pPhrase->doclist, and
+** * any Fts3MultiSegReader objects held by phrase tokens.
+*/
+SQLITE_PRIVATE void sqlite3Fts3EvalPhraseCleanup(Fts3Phrase *pPhrase){
+ if( pPhrase ){
+ int i;
+ sqlite3_free(pPhrase->doclist.aAll);
+ fts3EvalInvalidatePoslist(pPhrase);
+ memset(&pPhrase->doclist, 0, sizeof(Fts3Doclist));
+ for(i=0; i<pPhrase->nToken; i++){
+ fts3SegReaderCursorFree(pPhrase->aToken[i].pSegcsr);
+ pPhrase->aToken[i].pSegcsr = 0;
+ }
+ }
+}
+
+
+/*
+** Return SQLITE_CORRUPT_VTAB.
+*/
+#ifdef SQLITE_DEBUG
+SQLITE_PRIVATE int sqlite3Fts3Corrupt(){
+ return SQLITE_CORRUPT_VTAB;
+}
+#endif
+
+#if !SQLITE_CORE
+/*
+** Initialize API pointer table, if required.
+*/
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+SQLITE_API int SQLITE_STDCALL sqlite3_fts3_init(
+ sqlite3 *db,
+ char **pzErrMsg,
+ const sqlite3_api_routines *pApi
+){
+ SQLITE_EXTENSION_INIT2(pApi)
+ return sqlite3Fts3Init(db);
+}
+#endif
+
+#endif
+
+/************** End of fts3.c ************************************************/
+/************** Begin file fts3_aux.c ****************************************/
+/*
+** 2011 Jan 27
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <string.h> */
+/* #include <assert.h> */
+
+typedef struct Fts3auxTable Fts3auxTable;
+typedef struct Fts3auxCursor Fts3auxCursor;
+
+struct Fts3auxTable {
+ sqlite3_vtab base; /* Base class used by SQLite core */
+ Fts3Table *pFts3Tab;
+};
+
+struct Fts3auxCursor {
+ sqlite3_vtab_cursor base; /* Base class used by SQLite core */
+ Fts3MultiSegReader csr; /* Must be right after "base" */
+ Fts3SegFilter filter;
+ char *zStop;
+ int nStop; /* Byte-length of string zStop */
+ int iLangid; /* Language id to query */
+ int isEof; /* True if cursor is at EOF */
+ sqlite3_int64 iRowid; /* Current rowid */
+
+ int iCol; /* Current value of 'col' column */
+ int nStat; /* Size of aStat[] array */
+ struct Fts3auxColstats {
+ sqlite3_int64 nDoc; /* 'documents' values for current csr row */
+ sqlite3_int64 nOcc; /* 'occurrences' values for current csr row */
+ } *aStat;
+};
+
+/*
+** Schema of the terms table.
+*/
+#define FTS3_AUX_SCHEMA \
+ "CREATE TABLE x(term, col, documents, occurrences, languageid HIDDEN)"
+
+/*
+** This function does all the work for both the xConnect and xCreate methods.
+** These tables have no persistent representation of their own, so xConnect
+** and xCreate are identical operations.
+*/
+static int fts3auxConnectMethod(
+ sqlite3 *db, /* Database connection */
+ void *pUnused, /* Unused */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ char const *zDb; /* Name of database (e.g. "main") */
+ char const *zFts3; /* Name of fts3 table */
+ int nDb; /* Result of strlen(zDb) */
+ int nFts3; /* Result of strlen(zFts3) */
+ int nByte; /* Bytes of space to allocate here */
+ int rc; /* value returned by declare_vtab() */
+ Fts3auxTable *p; /* Virtual table object to return */
+
+ UNUSED_PARAMETER(pUnused);
+
+ /* The user should invoke this in one of two forms:
+ **
+ ** CREATE VIRTUAL TABLE xxx USING fts4aux(fts4-table);
+ ** CREATE VIRTUAL TABLE xxx USING fts4aux(fts4-table-db, fts4-table);
+ */
+ if( argc!=4 && argc!=5 ) goto bad_args;
+
+ zDb = argv[1];
+ nDb = (int)strlen(zDb);
+ if( argc==5 ){
+ if( nDb==4 && 0==sqlite3_strnicmp("temp", zDb, 4) ){
+ zDb = argv[3];
+ nDb = (int)strlen(zDb);
+ zFts3 = argv[4];
+ }else{
+ goto bad_args;
+ }
+ }else{
+ zFts3 = argv[3];
+ }
+ nFts3 = (int)strlen(zFts3);
+
+ rc = sqlite3_declare_vtab(db, FTS3_AUX_SCHEMA);
+ if( rc!=SQLITE_OK ) return rc;
+
+ nByte = sizeof(Fts3auxTable) + sizeof(Fts3Table) + nDb + nFts3 + 2;
+ p = (Fts3auxTable *)sqlite3_malloc(nByte);
+ if( !p ) return SQLITE_NOMEM;
+ memset(p, 0, nByte);
+
+ p->pFts3Tab = (Fts3Table *)&p[1];
+ p->pFts3Tab->zDb = (char *)&p->pFts3Tab[1];
+ p->pFts3Tab->zName = &p->pFts3Tab->zDb[nDb+1];
+ p->pFts3Tab->db = db;
+ p->pFts3Tab->nIndex = 1;
+
+ memcpy((char *)p->pFts3Tab->zDb, zDb, nDb);
+ memcpy((char *)p->pFts3Tab->zName, zFts3, nFts3);
+ sqlite3Fts3Dequote((char *)p->pFts3Tab->zName);
+
+ *ppVtab = (sqlite3_vtab *)p;
+ return SQLITE_OK;
+
+ bad_args:
+ sqlite3Fts3ErrMsg(pzErr, "invalid arguments to fts4aux constructor");
+ return SQLITE_ERROR;
+}
+
+/*
+** This function does the work for both the xDisconnect and xDestroy methods.
+** These tables have no persistent representation of their own, so xDisconnect
+** and xDestroy are identical operations.
+*/
+static int fts3auxDisconnectMethod(sqlite3_vtab *pVtab){
+ Fts3auxTable *p = (Fts3auxTable *)pVtab;
+ Fts3Table *pFts3 = p->pFts3Tab;
+ int i;
+
+ /* Free any prepared statements held */
+ for(i=0; i<SizeofArray(pFts3->aStmt); i++){
+ sqlite3_finalize(pFts3->aStmt[i]);
+ }
+ sqlite3_free(pFts3->zSegmentsTbl);
+ sqlite3_free(p);
+ return SQLITE_OK;
+}
+
+#define FTS4AUX_EQ_CONSTRAINT 1
+#define FTS4AUX_GE_CONSTRAINT 2
+#define FTS4AUX_LE_CONSTRAINT 4
+
+/*
+** xBestIndex - Analyze a WHERE and ORDER BY clause.
+*/
+static int fts3auxBestIndexMethod(
+ sqlite3_vtab *pVTab,
+ sqlite3_index_info *pInfo
+){
+ int i;
+ int iEq = -1;
+ int iGe = -1;
+ int iLe = -1;
+ int iLangid = -1;
+ int iNext = 1; /* Next free argvIndex value */
+
+ UNUSED_PARAMETER(pVTab);
+
+ /* This vtab delivers always results in "ORDER BY term ASC" order. */
+ if( pInfo->nOrderBy==1
+ && pInfo->aOrderBy[0].iColumn==0
+ && pInfo->aOrderBy[0].desc==0
+ ){
+ pInfo->orderByConsumed = 1;
+ }
+
+ /* Search for equality and range constraints on the "term" column.
+ ** And equality constraints on the hidden "languageid" column. */
+ for(i=0; i<pInfo->nConstraint; i++){
+ if( pInfo->aConstraint[i].usable ){
+ int op = pInfo->aConstraint[i].op;
+ int iCol = pInfo->aConstraint[i].iColumn;
+
+ if( iCol==0 ){
+ if( op==SQLITE_INDEX_CONSTRAINT_EQ ) iEq = i;
+ if( op==SQLITE_INDEX_CONSTRAINT_LT ) iLe = i;
+ if( op==SQLITE_INDEX_CONSTRAINT_LE ) iLe = i;
+ if( op==SQLITE_INDEX_CONSTRAINT_GT ) iGe = i;
+ if( op==SQLITE_INDEX_CONSTRAINT_GE ) iGe = i;
+ }
+ if( iCol==4 ){
+ if( op==SQLITE_INDEX_CONSTRAINT_EQ ) iLangid = i;
+ }
+ }
+ }
+
+ if( iEq>=0 ){
+ pInfo->idxNum = FTS4AUX_EQ_CONSTRAINT;
+ pInfo->aConstraintUsage[iEq].argvIndex = iNext++;
+ pInfo->estimatedCost = 5;
+ }else{
+ pInfo->idxNum = 0;
+ pInfo->estimatedCost = 20000;
+ if( iGe>=0 ){
+ pInfo->idxNum += FTS4AUX_GE_CONSTRAINT;
+ pInfo->aConstraintUsage[iGe].argvIndex = iNext++;
+ pInfo->estimatedCost /= 2;
+ }
+ if( iLe>=0 ){
+ pInfo->idxNum += FTS4AUX_LE_CONSTRAINT;
+ pInfo->aConstraintUsage[iLe].argvIndex = iNext++;
+ pInfo->estimatedCost /= 2;
+ }
+ }
+ if( iLangid>=0 ){
+ pInfo->aConstraintUsage[iLangid].argvIndex = iNext++;
+ pInfo->estimatedCost--;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** xOpen - Open a cursor.
+*/
+static int fts3auxOpenMethod(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCsr){
+ Fts3auxCursor *pCsr; /* Pointer to cursor object to return */
+
+ UNUSED_PARAMETER(pVTab);
+
+ pCsr = (Fts3auxCursor *)sqlite3_malloc(sizeof(Fts3auxCursor));
+ if( !pCsr ) return SQLITE_NOMEM;
+ memset(pCsr, 0, sizeof(Fts3auxCursor));
+
+ *ppCsr = (sqlite3_vtab_cursor *)pCsr;
+ return SQLITE_OK;
+}
+
+/*
+** xClose - Close a cursor.
+*/
+static int fts3auxCloseMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3Table *pFts3 = ((Fts3auxTable *)pCursor->pVtab)->pFts3Tab;
+ Fts3auxCursor *pCsr = (Fts3auxCursor *)pCursor;
+
+ sqlite3Fts3SegmentsClose(pFts3);
+ sqlite3Fts3SegReaderFinish(&pCsr->csr);
+ sqlite3_free((void *)pCsr->filter.zTerm);
+ sqlite3_free(pCsr->zStop);
+ sqlite3_free(pCsr->aStat);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+static int fts3auxGrowStatArray(Fts3auxCursor *pCsr, int nSize){
+ if( nSize>pCsr->nStat ){
+ struct Fts3auxColstats *aNew;
+ aNew = (struct Fts3auxColstats *)sqlite3_realloc(pCsr->aStat,
+ sizeof(struct Fts3auxColstats) * nSize
+ );
+ if( aNew==0 ) return SQLITE_NOMEM;
+ memset(&aNew[pCsr->nStat], 0,
+ sizeof(struct Fts3auxColstats) * (nSize - pCsr->nStat)
+ );
+ pCsr->aStat = aNew;
+ pCsr->nStat = nSize;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** xNext - Advance the cursor to the next row, if any.
+*/
+static int fts3auxNextMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3auxCursor *pCsr = (Fts3auxCursor *)pCursor;
+ Fts3Table *pFts3 = ((Fts3auxTable *)pCursor->pVtab)->pFts3Tab;
+ int rc;
+
+ /* Increment our pretend rowid value. */
+ pCsr->iRowid++;
+
+ for(pCsr->iCol++; pCsr->iCol<pCsr->nStat; pCsr->iCol++){
+ if( pCsr->aStat[pCsr->iCol].nDoc>0 ) return SQLITE_OK;
+ }
+
+ rc = sqlite3Fts3SegReaderStep(pFts3, &pCsr->csr);
+ if( rc==SQLITE_ROW ){
+ int i = 0;
+ int nDoclist = pCsr->csr.nDoclist;
+ char *aDoclist = pCsr->csr.aDoclist;
+ int iCol;
+
+ int eState = 0;
+
+ if( pCsr->zStop ){
+ int n = (pCsr->nStop<pCsr->csr.nTerm) ? pCsr->nStop : pCsr->csr.nTerm;
+ int mc = memcmp(pCsr->zStop, pCsr->csr.zTerm, n);
+ if( mc<0 || (mc==0 && pCsr->csr.nTerm>pCsr->nStop) ){
+ pCsr->isEof = 1;
+ return SQLITE_OK;
+ }
+ }
+
+ if( fts3auxGrowStatArray(pCsr, 2) ) return SQLITE_NOMEM;
+ memset(pCsr->aStat, 0, sizeof(struct Fts3auxColstats) * pCsr->nStat);
+ iCol = 0;
+
+ while( i<nDoclist ){
+ sqlite3_int64 v = 0;
+
+ i += sqlite3Fts3GetVarint(&aDoclist[i], &v);
+ switch( eState ){
+ /* State 0. In this state the integer just read was a docid. */
+ case 0:
+ pCsr->aStat[0].nDoc++;
+ eState = 1;
+ iCol = 0;
+ break;
+
+ /* State 1. In this state we are expecting either a 1, indicating
+ ** that the following integer will be a column number, or the
+ ** start of a position list for column 0.
+ **
+ ** The only difference between state 1 and state 2 is that if the
+ ** integer encountered in state 1 is not 0 or 1, then we need to
+ ** increment the column 0 "nDoc" count for this term.
+ */
+ case 1:
+ assert( iCol==0 );
+ if( v>1 ){
+ pCsr->aStat[1].nDoc++;
+ }
+ eState = 2;
+ /* fall through */
+
+ case 2:
+ if( v==0 ){ /* 0x00. Next integer will be a docid. */
+ eState = 0;
+ }else if( v==1 ){ /* 0x01. Next integer will be a column number. */
+ eState = 3;
+ }else{ /* 2 or greater. A position. */
+ pCsr->aStat[iCol+1].nOcc++;
+ pCsr->aStat[0].nOcc++;
+ }
+ break;
+
+ /* State 3. The integer just read is a column number. */
+ default: assert( eState==3 );
+ iCol = (int)v;
+ if( fts3auxGrowStatArray(pCsr, iCol+2) ) return SQLITE_NOMEM;
+ pCsr->aStat[iCol+1].nDoc++;
+ eState = 2;
+ break;
+ }
+ }
+
+ pCsr->iCol = 0;
+ rc = SQLITE_OK;
+ }else{
+ pCsr->isEof = 1;
+ }
+ return rc;
+}
+
+/*
+** xFilter - Initialize a cursor to point at the start of its data.
+*/
+static int fts3auxFilterMethod(
+ sqlite3_vtab_cursor *pCursor, /* The cursor used for this query */
+ int idxNum, /* Strategy index */
+ const char *idxStr, /* Unused */
+ int nVal, /* Number of elements in apVal */
+ sqlite3_value **apVal /* Arguments for the indexing scheme */
+){
+ Fts3auxCursor *pCsr = (Fts3auxCursor *)pCursor;
+ Fts3Table *pFts3 = ((Fts3auxTable *)pCursor->pVtab)->pFts3Tab;
+ int rc;
+ int isScan = 0;
+ int iLangVal = 0; /* Language id to query */
+
+ int iEq = -1; /* Index of term=? value in apVal */
+ int iGe = -1; /* Index of term>=? value in apVal */
+ int iLe = -1; /* Index of term<=? value in apVal */
+ int iLangid = -1; /* Index of languageid=? value in apVal */
+ int iNext = 0;
+
+ UNUSED_PARAMETER(nVal);
+ UNUSED_PARAMETER(idxStr);
+
+ assert( idxStr==0 );
+ assert( idxNum==FTS4AUX_EQ_CONSTRAINT || idxNum==0
+ || idxNum==FTS4AUX_LE_CONSTRAINT || idxNum==FTS4AUX_GE_CONSTRAINT
+ || idxNum==(FTS4AUX_LE_CONSTRAINT|FTS4AUX_GE_CONSTRAINT)
+ );
+
+ if( idxNum==FTS4AUX_EQ_CONSTRAINT ){
+ iEq = iNext++;
+ }else{
+ isScan = 1;
+ if( idxNum & FTS4AUX_GE_CONSTRAINT ){
+ iGe = iNext++;
+ }
+ if( idxNum & FTS4AUX_LE_CONSTRAINT ){
+ iLe = iNext++;
+ }
+ }
+ if( iNext<nVal ){
+ iLangid = iNext++;
+ }
+
+ /* In case this cursor is being reused, close and zero it. */
+ testcase(pCsr->filter.zTerm);
+ sqlite3Fts3SegReaderFinish(&pCsr->csr);
+ sqlite3_free((void *)pCsr->filter.zTerm);
+ sqlite3_free(pCsr->aStat);
+ memset(&pCsr->csr, 0, ((u8*)&pCsr[1]) - (u8*)&pCsr->csr);
+
+ pCsr->filter.flags = FTS3_SEGMENT_REQUIRE_POS|FTS3_SEGMENT_IGNORE_EMPTY;
+ if( isScan ) pCsr->filter.flags |= FTS3_SEGMENT_SCAN;
+
+ if( iEq>=0 || iGe>=0 ){
+ const unsigned char *zStr = sqlite3_value_text(apVal[0]);
+ assert( (iEq==0 && iGe==-1) || (iEq==-1 && iGe==0) );
+ if( zStr ){
+ pCsr->filter.zTerm = sqlite3_mprintf("%s", zStr);
+ pCsr->filter.nTerm = sqlite3_value_bytes(apVal[0]);
+ if( pCsr->filter.zTerm==0 ) return SQLITE_NOMEM;
+ }
+ }
+
+ if( iLe>=0 ){
+ pCsr->zStop = sqlite3_mprintf("%s", sqlite3_value_text(apVal[iLe]));
+ pCsr->nStop = sqlite3_value_bytes(apVal[iLe]);
+ if( pCsr->zStop==0 ) return SQLITE_NOMEM;
+ }
+
+ if( iLangid>=0 ){
+ iLangVal = sqlite3_value_int(apVal[iLangid]);
+
+ /* If the user specified a negative value for the languageid, use zero
+ ** instead. This works, as the "languageid=?" constraint will also
+ ** be tested by the VDBE layer. The test will always be false (since
+ ** this module will not return a row with a negative languageid), and
+ ** so the overall query will return zero rows. */
+ if( iLangVal<0 ) iLangVal = 0;
+ }
+ pCsr->iLangid = iLangVal;
+
+ rc = sqlite3Fts3SegReaderCursor(pFts3, iLangVal, 0, FTS3_SEGCURSOR_ALL,
+ pCsr->filter.zTerm, pCsr->filter.nTerm, 0, isScan, &pCsr->csr
+ );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3SegReaderStart(pFts3, &pCsr->csr, &pCsr->filter);
+ }
+
+ if( rc==SQLITE_OK ) rc = fts3auxNextMethod(pCursor);
+ return rc;
+}
+
+/*
+** xEof - Return true if the cursor is at EOF, or false otherwise.
+*/
+static int fts3auxEofMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3auxCursor *pCsr = (Fts3auxCursor *)pCursor;
+ return pCsr->isEof;
+}
+
+/*
+** xColumn - Return a column value.
+*/
+static int fts3auxColumnMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite3_context *pCtx, /* Context for sqlite3_result_xxx() calls */
+ int iCol /* Index of column to read value from */
+){
+ Fts3auxCursor *p = (Fts3auxCursor *)pCursor;
+
+ assert( p->isEof==0 );
+ switch( iCol ){
+ case 0: /* term */
+ sqlite3_result_text(pCtx, p->csr.zTerm, p->csr.nTerm, SQLITE_TRANSIENT);
+ break;
+
+ case 1: /* col */
+ if( p->iCol ){
+ sqlite3_result_int(pCtx, p->iCol-1);
+ }else{
+ sqlite3_result_text(pCtx, "*", -1, SQLITE_STATIC);
+ }
+ break;
+
+ case 2: /* documents */
+ sqlite3_result_int64(pCtx, p->aStat[p->iCol].nDoc);
+ break;
+
+ case 3: /* occurrences */
+ sqlite3_result_int64(pCtx, p->aStat[p->iCol].nOcc);
+ break;
+
+ default: /* languageid */
+ assert( iCol==4 );
+ sqlite3_result_int(pCtx, p->iLangid);
+ break;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** xRowid - Return the current rowid for the cursor.
+*/
+static int fts3auxRowidMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite_int64 *pRowid /* OUT: Rowid value */
+){
+ Fts3auxCursor *pCsr = (Fts3auxCursor *)pCursor;
+ *pRowid = pCsr->iRowid;
+ return SQLITE_OK;
+}
+
+/*
+** Register the fts3aux module with database connection db. Return SQLITE_OK
+** if successful or an error code if sqlite3_create_module() fails.
+*/
+SQLITE_PRIVATE int sqlite3Fts3InitAux(sqlite3 *db){
+ static const sqlite3_module fts3aux_module = {
+ 0, /* iVersion */
+ fts3auxConnectMethod, /* xCreate */
+ fts3auxConnectMethod, /* xConnect */
+ fts3auxBestIndexMethod, /* xBestIndex */
+ fts3auxDisconnectMethod, /* xDisconnect */
+ fts3auxDisconnectMethod, /* xDestroy */
+ fts3auxOpenMethod, /* xOpen */
+ fts3auxCloseMethod, /* xClose */
+ fts3auxFilterMethod, /* xFilter */
+ fts3auxNextMethod, /* xNext */
+ fts3auxEofMethod, /* xEof */
+ fts3auxColumnMethod, /* xColumn */
+ fts3auxRowidMethod, /* xRowid */
+ 0, /* xUpdate */
+ 0, /* xBegin */
+ 0, /* xSync */
+ 0, /* xCommit */
+ 0, /* xRollback */
+ 0, /* xFindFunction */
+ 0, /* xRename */
+ 0, /* xSavepoint */
+ 0, /* xRelease */
+ 0 /* xRollbackTo */
+ };
+ int rc; /* Return code */
+
+ rc = sqlite3_create_module(db, "fts4aux", &fts3aux_module, 0);
+ return rc;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_aux.c ********************************************/
+/************** Begin file fts3_expr.c ***************************************/
+/*
+** 2008 Nov 28
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This module contains code that implements a parser for fts3 query strings
+** (the right-hand argument to the MATCH operator). Because the supported
+** syntax is relatively simple, the whole tokenizer/parser system is
+** hand-coded.
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/*
+** By default, this module parses the legacy syntax that has been
+** traditionally used by fts3. Or, if SQLITE_ENABLE_FTS3_PARENTHESIS
+** is defined, then it uses the new syntax. The differences between
+** the new and the old syntaxes are:
+**
+** a) The new syntax supports parenthesis. The old does not.
+**
+** b) The new syntax supports the AND and NOT operators. The old does not.
+**
+** c) The old syntax supports the "-" token qualifier. This is not
+** supported by the new syntax (it is replaced by the NOT operator).
+**
+** d) When using the old syntax, the OR operator has a greater precedence
+** than an implicit AND. When using the new, both implicity and explicit
+** AND operators have a higher precedence than OR.
+**
+** If compiled with SQLITE_TEST defined, then this module exports the
+** symbol "int sqlite3_fts3_enable_parentheses". Setting this variable
+** to zero causes the module to use the old syntax. If it is set to
+** non-zero the new syntax is activated. This is so both syntaxes can
+** be tested using a single build of testfixture.
+**
+** The following describes the syntax supported by the fts3 MATCH
+** operator in a similar format to that used by the lemon parser
+** generator. This module does not use actually lemon, it uses a
+** custom parser.
+**
+** query ::= andexpr (OR andexpr)*.
+**
+** andexpr ::= notexpr (AND? notexpr)*.
+**
+** notexpr ::= nearexpr (NOT nearexpr|-TOKEN)*.
+** notexpr ::= LP query RP.
+**
+** nearexpr ::= phrase (NEAR distance_opt nearexpr)*.
+**
+** distance_opt ::= .
+** distance_opt ::= / INTEGER.
+**
+** phrase ::= TOKEN.
+** phrase ::= COLUMN:TOKEN.
+** phrase ::= "TOKEN TOKEN TOKEN...".
+*/
+
+#ifdef SQLITE_TEST
+SQLITE_API int sqlite3_fts3_enable_parentheses = 0;
+#else
+# ifdef SQLITE_ENABLE_FTS3_PARENTHESIS
+# define sqlite3_fts3_enable_parentheses 1
+# else
+# define sqlite3_fts3_enable_parentheses 0
+# endif
+#endif
+
+/*
+** Default span for NEAR operators.
+*/
+#define SQLITE_FTS3_DEFAULT_NEAR_PARAM 10
+
+/* #include <string.h> */
+/* #include <assert.h> */
+
+/*
+** isNot:
+** This variable is used by function getNextNode(). When getNextNode() is
+** called, it sets ParseContext.isNot to true if the 'next node' is a
+** FTSQUERY_PHRASE with a unary "-" attached to it. i.e. "mysql" in the
+** FTS3 query "sqlite -mysql". Otherwise, ParseContext.isNot is set to
+** zero.
+*/
+typedef struct ParseContext ParseContext;
+struct ParseContext {
+ sqlite3_tokenizer *pTokenizer; /* Tokenizer module */
+ int iLangid; /* Language id used with tokenizer */
+ const char **azCol; /* Array of column names for fts3 table */
+ int bFts4; /* True to allow FTS4-only syntax */
+ int nCol; /* Number of entries in azCol[] */
+ int iDefaultCol; /* Default column to query */
+ int isNot; /* True if getNextNode() sees a unary - */
+ sqlite3_context *pCtx; /* Write error message here */
+ int nNest; /* Number of nested brackets */
+};
+
+/*
+** This function is equivalent to the standard isspace() function.
+**
+** The standard isspace() can be awkward to use safely, because although it
+** is defined to accept an argument of type int, its behavior when passed
+** an integer that falls outside of the range of the unsigned char type
+** is undefined (and sometimes, "undefined" means segfault). This wrapper
+** is defined to accept an argument of type char, and always returns 0 for
+** any values that fall outside of the range of the unsigned char type (i.e.
+** negative values).
+*/
+static int fts3isspace(char c){
+ return c==' ' || c=='\t' || c=='\n' || c=='\r' || c=='\v' || c=='\f';
+}
+
+/*
+** Allocate nByte bytes of memory using sqlite3_malloc(). If successful,
+** zero the memory before returning a pointer to it. If unsuccessful,
+** return NULL.
+*/
+static void *fts3MallocZero(int nByte){
+ void *pRet = sqlite3_malloc(nByte);
+ if( pRet ) memset(pRet, 0, nByte);
+ return pRet;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3OpenTokenizer(
+ sqlite3_tokenizer *pTokenizer,
+ int iLangid,
+ const char *z,
+ int n,
+ sqlite3_tokenizer_cursor **ppCsr
+){
+ sqlite3_tokenizer_module const *pModule = pTokenizer->pModule;
+ sqlite3_tokenizer_cursor *pCsr = 0;
+ int rc;
+
+ rc = pModule->xOpen(pTokenizer, z, n, &pCsr);
+ assert( rc==SQLITE_OK || pCsr==0 );
+ if( rc==SQLITE_OK ){
+ pCsr->pTokenizer = pTokenizer;
+ if( pModule->iVersion>=1 ){
+ rc = pModule->xLanguageid(pCsr, iLangid);
+ if( rc!=SQLITE_OK ){
+ pModule->xClose(pCsr);
+ pCsr = 0;
+ }
+ }
+ }
+ *ppCsr = pCsr;
+ return rc;
+}
+
+/*
+** Function getNextNode(), which is called by fts3ExprParse(), may itself
+** call fts3ExprParse(). So this forward declaration is required.
+*/
+static int fts3ExprParse(ParseContext *, const char *, int, Fts3Expr **, int *);
+
+/*
+** Extract the next token from buffer z (length n) using the tokenizer
+** and other information (column names etc.) in pParse. Create an Fts3Expr
+** structure of type FTSQUERY_PHRASE containing a phrase consisting of this
+** single token and set *ppExpr to point to it. If the end of the buffer is
+** reached before a token is found, set *ppExpr to zero. It is the
+** responsibility of the caller to eventually deallocate the allocated
+** Fts3Expr structure (if any) by passing it to sqlite3_free().
+**
+** Return SQLITE_OK if successful, or SQLITE_NOMEM if a memory allocation
+** fails.
+*/
+static int getNextToken(
+ ParseContext *pParse, /* fts3 query parse context */
+ int iCol, /* Value for Fts3Phrase.iColumn */
+ const char *z, int n, /* Input string */
+ Fts3Expr **ppExpr, /* OUT: expression */
+ int *pnConsumed /* OUT: Number of bytes consumed */
+){
+ sqlite3_tokenizer *pTokenizer = pParse->pTokenizer;
+ sqlite3_tokenizer_module const *pModule = pTokenizer->pModule;
+ int rc;
+ sqlite3_tokenizer_cursor *pCursor;
+ Fts3Expr *pRet = 0;
+ int i = 0;
+
+ /* Set variable i to the maximum number of bytes of input to tokenize. */
+ for(i=0; i<n; i++){
+ if( sqlite3_fts3_enable_parentheses && (z[i]=='(' || z[i]==')') ) break;
+ if( z[i]=='"' ) break;
+ }
+
+ *pnConsumed = i;
+ rc = sqlite3Fts3OpenTokenizer(pTokenizer, pParse->iLangid, z, i, &pCursor);
+ if( rc==SQLITE_OK ){
+ const char *zToken;
+ int nToken = 0, iStart = 0, iEnd = 0, iPosition = 0;
+ int nByte; /* total space to allocate */
+
+ rc = pModule->xNext(pCursor, &zToken, &nToken, &iStart, &iEnd, &iPosition);
+ if( rc==SQLITE_OK ){
+ nByte = sizeof(Fts3Expr) + sizeof(Fts3Phrase) + nToken;
+ pRet = (Fts3Expr *)fts3MallocZero(nByte);
+ if( !pRet ){
+ rc = SQLITE_NOMEM;
+ }else{
+ pRet->eType = FTSQUERY_PHRASE;
+ pRet->pPhrase = (Fts3Phrase *)&pRet[1];
+ pRet->pPhrase->nToken = 1;
+ pRet->pPhrase->iColumn = iCol;
+ pRet->pPhrase->aToken[0].n = nToken;
+ pRet->pPhrase->aToken[0].z = (char *)&pRet->pPhrase[1];
+ memcpy(pRet->pPhrase->aToken[0].z, zToken, nToken);
+
+ if( iEnd<n && z[iEnd]=='*' ){
+ pRet->pPhrase->aToken[0].isPrefix = 1;
+ iEnd++;
+ }
+
+ while( 1 ){
+ if( !sqlite3_fts3_enable_parentheses
+ && iStart>0 && z[iStart-1]=='-'
+ ){
+ pParse->isNot = 1;
+ iStart--;
+ }else if( pParse->bFts4 && iStart>0 && z[iStart-1]=='^' ){
+ pRet->pPhrase->aToken[0].bFirst = 1;
+ iStart--;
+ }else{
+ break;
+ }
+ }
+
+ }
+ *pnConsumed = iEnd;
+ }else if( i && rc==SQLITE_DONE ){
+ rc = SQLITE_OK;
+ }
+
+ pModule->xClose(pCursor);
+ }
+
+ *ppExpr = pRet;
+ return rc;
+}
+
+
+/*
+** Enlarge a memory allocation. If an out-of-memory allocation occurs,
+** then free the old allocation.
+*/
+static void *fts3ReallocOrFree(void *pOrig, int nNew){
+ void *pRet = sqlite3_realloc(pOrig, nNew);
+ if( !pRet ){
+ sqlite3_free(pOrig);
+ }
+ return pRet;
+}
+
+/*
+** Buffer zInput, length nInput, contains the contents of a quoted string
+** that appeared as part of an fts3 query expression. Neither quote character
+** is included in the buffer. This function attempts to tokenize the entire
+** input buffer and create an Fts3Expr structure of type FTSQUERY_PHRASE
+** containing the results.
+**
+** If successful, SQLITE_OK is returned and *ppExpr set to point at the
+** allocated Fts3Expr structure. Otherwise, either SQLITE_NOMEM (out of memory
+** error) or SQLITE_ERROR (tokenization error) is returned and *ppExpr set
+** to 0.
+*/
+static int getNextString(
+ ParseContext *pParse, /* fts3 query parse context */
+ const char *zInput, int nInput, /* Input string */
+ Fts3Expr **ppExpr /* OUT: expression */
+){
+ sqlite3_tokenizer *pTokenizer = pParse->pTokenizer;
+ sqlite3_tokenizer_module const *pModule = pTokenizer->pModule;
+ int rc;
+ Fts3Expr *p = 0;
+ sqlite3_tokenizer_cursor *pCursor = 0;
+ char *zTemp = 0;
+ int nTemp = 0;
+
+ const int nSpace = sizeof(Fts3Expr) + sizeof(Fts3Phrase);
+ int nToken = 0;
+
+ /* The final Fts3Expr data structure, including the Fts3Phrase,
+ ** Fts3PhraseToken structures token buffers are all stored as a single
+ ** allocation so that the expression can be freed with a single call to
+ ** sqlite3_free(). Setting this up requires a two pass approach.
+ **
+ ** The first pass, in the block below, uses a tokenizer cursor to iterate
+ ** through the tokens in the expression. This pass uses fts3ReallocOrFree()
+ ** to assemble data in two dynamic buffers:
+ **
+ ** Buffer p: Points to the Fts3Expr structure, followed by the Fts3Phrase
+ ** structure, followed by the array of Fts3PhraseToken
+ ** structures. This pass only populates the Fts3PhraseToken array.
+ **
+ ** Buffer zTemp: Contains copies of all tokens.
+ **
+ ** The second pass, in the block that begins "if( rc==SQLITE_DONE )" below,
+ ** appends buffer zTemp to buffer p, and fills in the Fts3Expr and Fts3Phrase
+ ** structures.
+ */
+ rc = sqlite3Fts3OpenTokenizer(
+ pTokenizer, pParse->iLangid, zInput, nInput, &pCursor);
+ if( rc==SQLITE_OK ){
+ int ii;
+ for(ii=0; rc==SQLITE_OK; ii++){
+ const char *zByte;
+ int nByte = 0, iBegin = 0, iEnd = 0, iPos = 0;
+ rc = pModule->xNext(pCursor, &zByte, &nByte, &iBegin, &iEnd, &iPos);
+ if( rc==SQLITE_OK ){
+ Fts3PhraseToken *pToken;
+
+ p = fts3ReallocOrFree(p, nSpace + ii*sizeof(Fts3PhraseToken));
+ if( !p ) goto no_mem;
+
+ zTemp = fts3ReallocOrFree(zTemp, nTemp + nByte);
+ if( !zTemp ) goto no_mem;
+
+ assert( nToken==ii );
+ pToken = &((Fts3Phrase *)(&p[1]))->aToken[ii];
+ memset(pToken, 0, sizeof(Fts3PhraseToken));
+
+ memcpy(&zTemp[nTemp], zByte, nByte);
+ nTemp += nByte;
+
+ pToken->n = nByte;
+ pToken->isPrefix = (iEnd<nInput && zInput[iEnd]=='*');
+ pToken->bFirst = (iBegin>0 && zInput[iBegin-1]=='^');
+ nToken = ii+1;
+ }
+ }
+
+ pModule->xClose(pCursor);
+ pCursor = 0;
+ }
+
+ if( rc==SQLITE_DONE ){
+ int jj;
+ char *zBuf = 0;
+
+ p = fts3ReallocOrFree(p, nSpace + nToken*sizeof(Fts3PhraseToken) + nTemp);
+ if( !p ) goto no_mem;
+ memset(p, 0, (char *)&(((Fts3Phrase *)&p[1])->aToken[0])-(char *)p);
+ p->eType = FTSQUERY_PHRASE;
+ p->pPhrase = (Fts3Phrase *)&p[1];
+ p->pPhrase->iColumn = pParse->iDefaultCol;
+ p->pPhrase->nToken = nToken;
+
+ zBuf = (char *)&p->pPhrase->aToken[nToken];
+ if( zTemp ){
+ memcpy(zBuf, zTemp, nTemp);
+ sqlite3_free(zTemp);
+ }else{
+ assert( nTemp==0 );
+ }
+
+ for(jj=0; jj<p->pPhrase->nToken; jj++){
+ p->pPhrase->aToken[jj].z = zBuf;
+ zBuf += p->pPhrase->aToken[jj].n;
+ }
+ rc = SQLITE_OK;
+ }
+
+ *ppExpr = p;
+ return rc;
+no_mem:
+
+ if( pCursor ){
+ pModule->xClose(pCursor);
+ }
+ sqlite3_free(zTemp);
+ sqlite3_free(p);
+ *ppExpr = 0;
+ return SQLITE_NOMEM;
+}
+
+/*
+** The output variable *ppExpr is populated with an allocated Fts3Expr
+** structure, or set to 0 if the end of the input buffer is reached.
+**
+** Returns an SQLite error code. SQLITE_OK if everything works, SQLITE_NOMEM
+** if a malloc failure occurs, or SQLITE_ERROR if a parse error is encountered.
+** If SQLITE_ERROR is returned, pContext is populated with an error message.
+*/
+static int getNextNode(
+ ParseContext *pParse, /* fts3 query parse context */
+ const char *z, int n, /* Input string */
+ Fts3Expr **ppExpr, /* OUT: expression */
+ int *pnConsumed /* OUT: Number of bytes consumed */
+){
+ static const struct Fts3Keyword {
+ char *z; /* Keyword text */
+ unsigned char n; /* Length of the keyword */
+ unsigned char parenOnly; /* Only valid in paren mode */
+ unsigned char eType; /* Keyword code */
+ } aKeyword[] = {
+ { "OR" , 2, 0, FTSQUERY_OR },
+ { "AND", 3, 1, FTSQUERY_AND },
+ { "NOT", 3, 1, FTSQUERY_NOT },
+ { "NEAR", 4, 0, FTSQUERY_NEAR }
+ };
+ int ii;
+ int iCol;
+ int iColLen;
+ int rc;
+ Fts3Expr *pRet = 0;
+
+ const char *zInput = z;
+ int nInput = n;
+
+ pParse->isNot = 0;
+
+ /* Skip over any whitespace before checking for a keyword, an open or
+ ** close bracket, or a quoted string.
+ */
+ while( nInput>0 && fts3isspace(*zInput) ){
+ nInput--;
+ zInput++;
+ }
+ if( nInput==0 ){
+ return SQLITE_DONE;
+ }
+
+ /* See if we are dealing with a keyword. */
+ for(ii=0; ii<(int)(sizeof(aKeyword)/sizeof(struct Fts3Keyword)); ii++){
+ const struct Fts3Keyword *pKey = &aKeyword[ii];
+
+ if( (pKey->parenOnly & ~sqlite3_fts3_enable_parentheses)!=0 ){
+ continue;
+ }
+
+ if( nInput>=pKey->n && 0==memcmp(zInput, pKey->z, pKey->n) ){
+ int nNear = SQLITE_FTS3_DEFAULT_NEAR_PARAM;
+ int nKey = pKey->n;
+ char cNext;
+
+ /* If this is a "NEAR" keyword, check for an explicit nearness. */
+ if( pKey->eType==FTSQUERY_NEAR ){
+ assert( nKey==4 );
+ if( zInput[4]=='/' && zInput[5]>='0' && zInput[5]<='9' ){
+ nNear = 0;
+ for(nKey=5; zInput[nKey]>='0' && zInput[nKey]<='9'; nKey++){
+ nNear = nNear * 10 + (zInput[nKey] - '0');
+ }
+ }
+ }
+
+ /* At this point this is probably a keyword. But for that to be true,
+ ** the next byte must contain either whitespace, an open or close
+ ** parenthesis, a quote character, or EOF.
+ */
+ cNext = zInput[nKey];
+ if( fts3isspace(cNext)
+ || cNext=='"' || cNext=='(' || cNext==')' || cNext==0
+ ){
+ pRet = (Fts3Expr *)fts3MallocZero(sizeof(Fts3Expr));
+ if( !pRet ){
+ return SQLITE_NOMEM;
+ }
+ pRet->eType = pKey->eType;
+ pRet->nNear = nNear;
+ *ppExpr = pRet;
+ *pnConsumed = (int)((zInput - z) + nKey);
+ return SQLITE_OK;
+ }
+
+ /* Turns out that wasn't a keyword after all. This happens if the
+ ** user has supplied a token such as "ORacle". Continue.
+ */
+ }
+ }
+
+ /* See if we are dealing with a quoted phrase. If this is the case, then
+ ** search for the closing quote and pass the whole string to getNextString()
+ ** for processing. This is easy to do, as fts3 has no syntax for escaping
+ ** a quote character embedded in a string.
+ */
+ if( *zInput=='"' ){
+ for(ii=1; ii<nInput && zInput[ii]!='"'; ii++);
+ *pnConsumed = (int)((zInput - z) + ii + 1);
+ if( ii==nInput ){
+ return SQLITE_ERROR;
+ }
+ return getNextString(pParse, &zInput[1], ii-1, ppExpr);
+ }
+
+ if( sqlite3_fts3_enable_parentheses ){
+ if( *zInput=='(' ){
+ int nConsumed = 0;
+ pParse->nNest++;
+ rc = fts3ExprParse(pParse, zInput+1, nInput-1, ppExpr, &nConsumed);
+ if( rc==SQLITE_OK && !*ppExpr ){ rc = SQLITE_DONE; }
+ *pnConsumed = (int)(zInput - z) + 1 + nConsumed;
+ return rc;
+ }else if( *zInput==')' ){
+ pParse->nNest--;
+ *pnConsumed = (int)((zInput - z) + 1);
+ *ppExpr = 0;
+ return SQLITE_DONE;
+ }
+ }
+
+ /* If control flows to this point, this must be a regular token, or
+ ** the end of the input. Read a regular token using the sqlite3_tokenizer
+ ** interface. Before doing so, figure out if there is an explicit
+ ** column specifier for the token.
+ **
+ ** TODO: Strangely, it is not possible to associate a column specifier
+ ** with a quoted phrase, only with a single token. Not sure if this was
+ ** an implementation artifact or an intentional decision when fts3 was
+ ** first implemented. Whichever it was, this module duplicates the
+ ** limitation.
+ */
+ iCol = pParse->iDefaultCol;
+ iColLen = 0;
+ for(ii=0; ii<pParse->nCol; ii++){
+ const char *zStr = pParse->azCol[ii];
+ int nStr = (int)strlen(zStr);
+ if( nInput>nStr && zInput[nStr]==':'
+ && sqlite3_strnicmp(zStr, zInput, nStr)==0
+ ){
+ iCol = ii;
+ iColLen = (int)((zInput - z) + nStr + 1);
+ break;
+ }
+ }
+ rc = getNextToken(pParse, iCol, &z[iColLen], n-iColLen, ppExpr, pnConsumed);
+ *pnConsumed += iColLen;
+ return rc;
+}
+
+/*
+** The argument is an Fts3Expr structure for a binary operator (any type
+** except an FTSQUERY_PHRASE). Return an integer value representing the
+** precedence of the operator. Lower values have a higher precedence (i.e.
+** group more tightly). For example, in the C language, the == operator
+** groups more tightly than ||, and would therefore have a higher precedence.
+**
+** When using the new fts3 query syntax (when SQLITE_ENABLE_FTS3_PARENTHESIS
+** is defined), the order of the operators in precedence from highest to
+** lowest is:
+**
+** NEAR
+** NOT
+** AND (including implicit ANDs)
+** OR
+**
+** Note that when using the old query syntax, the OR operator has a higher
+** precedence than the AND operator.
+*/
+static int opPrecedence(Fts3Expr *p){
+ assert( p->eType!=FTSQUERY_PHRASE );
+ if( sqlite3_fts3_enable_parentheses ){
+ return p->eType;
+ }else if( p->eType==FTSQUERY_NEAR ){
+ return 1;
+ }else if( p->eType==FTSQUERY_OR ){
+ return 2;
+ }
+ assert( p->eType==FTSQUERY_AND );
+ return 3;
+}
+
+/*
+** Argument ppHead contains a pointer to the current head of a query
+** expression tree being parsed. pPrev is the expression node most recently
+** inserted into the tree. This function adds pNew, which is always a binary
+** operator node, into the expression tree based on the relative precedence
+** of pNew and the existing nodes of the tree. This may result in the head
+** of the tree changing, in which case *ppHead is set to the new root node.
+*/
+static void insertBinaryOperator(
+ Fts3Expr **ppHead, /* Pointer to the root node of a tree */
+ Fts3Expr *pPrev, /* Node most recently inserted into the tree */
+ Fts3Expr *pNew /* New binary node to insert into expression tree */
+){
+ Fts3Expr *pSplit = pPrev;
+ while( pSplit->pParent && opPrecedence(pSplit->pParent)<=opPrecedence(pNew) ){
+ pSplit = pSplit->pParent;
+ }
+
+ if( pSplit->pParent ){
+ assert( pSplit->pParent->pRight==pSplit );
+ pSplit->pParent->pRight = pNew;
+ pNew->pParent = pSplit->pParent;
+ }else{
+ *ppHead = pNew;
+ }
+ pNew->pLeft = pSplit;
+ pSplit->pParent = pNew;
+}
+
+/*
+** Parse the fts3 query expression found in buffer z, length n. This function
+** returns either when the end of the buffer is reached or an unmatched
+** closing bracket - ')' - is encountered.
+**
+** If successful, SQLITE_OK is returned, *ppExpr is set to point to the
+** parsed form of the expression and *pnConsumed is set to the number of
+** bytes read from buffer z. Otherwise, *ppExpr is set to 0 and SQLITE_NOMEM
+** (out of memory error) or SQLITE_ERROR (parse error) is returned.
+*/
+static int fts3ExprParse(
+ ParseContext *pParse, /* fts3 query parse context */
+ const char *z, int n, /* Text of MATCH query */
+ Fts3Expr **ppExpr, /* OUT: Parsed query structure */
+ int *pnConsumed /* OUT: Number of bytes consumed */
+){
+ Fts3Expr *pRet = 0;
+ Fts3Expr *pPrev = 0;
+ Fts3Expr *pNotBranch = 0; /* Only used in legacy parse mode */
+ int nIn = n;
+ const char *zIn = z;
+ int rc = SQLITE_OK;
+ int isRequirePhrase = 1;
+
+ while( rc==SQLITE_OK ){
+ Fts3Expr *p = 0;
+ int nByte = 0;
+
+ rc = getNextNode(pParse, zIn, nIn, &p, &nByte);
+ assert( nByte>0 || (rc!=SQLITE_OK && p==0) );
+ if( rc==SQLITE_OK ){
+ if( p ){
+ int isPhrase;
+
+ if( !sqlite3_fts3_enable_parentheses
+ && p->eType==FTSQUERY_PHRASE && pParse->isNot
+ ){
+ /* Create an implicit NOT operator. */
+ Fts3Expr *pNot = fts3MallocZero(sizeof(Fts3Expr));
+ if( !pNot ){
+ sqlite3Fts3ExprFree(p);
+ rc = SQLITE_NOMEM;
+ goto exprparse_out;
+ }
+ pNot->eType = FTSQUERY_NOT;
+ pNot->pRight = p;
+ p->pParent = pNot;
+ if( pNotBranch ){
+ pNot->pLeft = pNotBranch;
+ pNotBranch->pParent = pNot;
+ }
+ pNotBranch = pNot;
+ p = pPrev;
+ }else{
+ int eType = p->eType;
+ isPhrase = (eType==FTSQUERY_PHRASE || p->pLeft);
+
+ /* The isRequirePhrase variable is set to true if a phrase or
+ ** an expression contained in parenthesis is required. If a
+ ** binary operator (AND, OR, NOT or NEAR) is encounted when
+ ** isRequirePhrase is set, this is a syntax error.
+ */
+ if( !isPhrase && isRequirePhrase ){
+ sqlite3Fts3ExprFree(p);
+ rc = SQLITE_ERROR;
+ goto exprparse_out;
+ }
+
+ if( isPhrase && !isRequirePhrase ){
+ /* Insert an implicit AND operator. */
+ Fts3Expr *pAnd;
+ assert( pRet && pPrev );
+ pAnd = fts3MallocZero(sizeof(Fts3Expr));
+ if( !pAnd ){
+ sqlite3Fts3ExprFree(p);
+ rc = SQLITE_NOMEM;
+ goto exprparse_out;
+ }
+ pAnd->eType = FTSQUERY_AND;
+ insertBinaryOperator(&pRet, pPrev, pAnd);
+ pPrev = pAnd;
+ }
+
+ /* This test catches attempts to make either operand of a NEAR
+ ** operator something other than a phrase. For example, either of
+ ** the following:
+ **
+ ** (bracketed expression) NEAR phrase
+ ** phrase NEAR (bracketed expression)
+ **
+ ** Return an error in either case.
+ */
+ if( pPrev && (
+ (eType==FTSQUERY_NEAR && !isPhrase && pPrev->eType!=FTSQUERY_PHRASE)
+ || (eType!=FTSQUERY_PHRASE && isPhrase && pPrev->eType==FTSQUERY_NEAR)
+ )){
+ sqlite3Fts3ExprFree(p);
+ rc = SQLITE_ERROR;
+ goto exprparse_out;
+ }
+
+ if( isPhrase ){
+ if( pRet ){
+ assert( pPrev && pPrev->pLeft && pPrev->pRight==0 );
+ pPrev->pRight = p;
+ p->pParent = pPrev;
+ }else{
+ pRet = p;
+ }
+ }else{
+ insertBinaryOperator(&pRet, pPrev, p);
+ }
+ isRequirePhrase = !isPhrase;
+ }
+ pPrev = p;
+ }
+ assert( nByte>0 );
+ }
+ assert( rc!=SQLITE_OK || (nByte>0 && nByte<=nIn) );
+ nIn -= nByte;
+ zIn += nByte;
+ }
+
+ if( rc==SQLITE_DONE && pRet && isRequirePhrase ){
+ rc = SQLITE_ERROR;
+ }
+
+ if( rc==SQLITE_DONE ){
+ rc = SQLITE_OK;
+ if( !sqlite3_fts3_enable_parentheses && pNotBranch ){
+ if( !pRet ){
+ rc = SQLITE_ERROR;
+ }else{
+ Fts3Expr *pIter = pNotBranch;
+ while( pIter->pLeft ){
+ pIter = pIter->pLeft;
+ }
+ pIter->pLeft = pRet;
+ pRet->pParent = pIter;
+ pRet = pNotBranch;
+ }
+ }
+ }
+ *pnConsumed = n - nIn;
+
+exprparse_out:
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts3ExprFree(pRet);
+ sqlite3Fts3ExprFree(pNotBranch);
+ pRet = 0;
+ }
+ *ppExpr = pRet;
+ return rc;
+}
+
+/*
+** Return SQLITE_ERROR if the maximum depth of the expression tree passed
+** as the only argument is more than nMaxDepth.
+*/
+static int fts3ExprCheckDepth(Fts3Expr *p, int nMaxDepth){
+ int rc = SQLITE_OK;
+ if( p ){
+ if( nMaxDepth<0 ){
+ rc = SQLITE_TOOBIG;
+ }else{
+ rc = fts3ExprCheckDepth(p->pLeft, nMaxDepth-1);
+ if( rc==SQLITE_OK ){
+ rc = fts3ExprCheckDepth(p->pRight, nMaxDepth-1);
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** This function attempts to transform the expression tree at (*pp) to
+** an equivalent but more balanced form. The tree is modified in place.
+** If successful, SQLITE_OK is returned and (*pp) set to point to the
+** new root expression node.
+**
+** nMaxDepth is the maximum allowable depth of the balanced sub-tree.
+**
+** Otherwise, if an error occurs, an SQLite error code is returned and
+** expression (*pp) freed.
+*/
+static int fts3ExprBalance(Fts3Expr **pp, int nMaxDepth){
+ int rc = SQLITE_OK; /* Return code */
+ Fts3Expr *pRoot = *pp; /* Initial root node */
+ Fts3Expr *pFree = 0; /* List of free nodes. Linked by pParent. */
+ int eType = pRoot->eType; /* Type of node in this tree */
+
+ if( nMaxDepth==0 ){
+ rc = SQLITE_ERROR;
+ }
+
+ if( rc==SQLITE_OK ){
+ if( (eType==FTSQUERY_AND || eType==FTSQUERY_OR) ){
+ Fts3Expr **apLeaf;
+ apLeaf = (Fts3Expr **)sqlite3_malloc(sizeof(Fts3Expr *) * nMaxDepth);
+ if( 0==apLeaf ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(apLeaf, 0, sizeof(Fts3Expr *) * nMaxDepth);
+ }
+
+ if( rc==SQLITE_OK ){
+ int i;
+ Fts3Expr *p;
+
+ /* Set $p to point to the left-most leaf in the tree of eType nodes. */
+ for(p=pRoot; p->eType==eType; p=p->pLeft){
+ assert( p->pParent==0 || p->pParent->pLeft==p );
+ assert( p->pLeft && p->pRight );
+ }
+
+ /* This loop runs once for each leaf in the tree of eType nodes. */
+ while( 1 ){
+ int iLvl;
+ Fts3Expr *pParent = p->pParent; /* Current parent of p */
+
+ assert( pParent==0 || pParent->pLeft==p );
+ p->pParent = 0;
+ if( pParent ){
+ pParent->pLeft = 0;
+ }else{
+ pRoot = 0;
+ }
+ rc = fts3ExprBalance(&p, nMaxDepth-1);
+ if( rc!=SQLITE_OK ) break;
+
+ for(iLvl=0; p && iLvl<nMaxDepth; iLvl++){
+ if( apLeaf[iLvl]==0 ){
+ apLeaf[iLvl] = p;
+ p = 0;
+ }else{
+ assert( pFree );
+ pFree->pLeft = apLeaf[iLvl];
+ pFree->pRight = p;
+ pFree->pLeft->pParent = pFree;
+ pFree->pRight->pParent = pFree;
+
+ p = pFree;
+ pFree = pFree->pParent;
+ p->pParent = 0;
+ apLeaf[iLvl] = 0;
+ }
+ }
+ if( p ){
+ sqlite3Fts3ExprFree(p);
+ rc = SQLITE_TOOBIG;
+ break;
+ }
+
+ /* If that was the last leaf node, break out of the loop */
+ if( pParent==0 ) break;
+
+ /* Set $p to point to the next leaf in the tree of eType nodes */
+ for(p=pParent->pRight; p->eType==eType; p=p->pLeft);
+
+ /* Remove pParent from the original tree. */
+ assert( pParent->pParent==0 || pParent->pParent->pLeft==pParent );
+ pParent->pRight->pParent = pParent->pParent;
+ if( pParent->pParent ){
+ pParent->pParent->pLeft = pParent->pRight;
+ }else{
+ assert( pParent==pRoot );
+ pRoot = pParent->pRight;
+ }
+
+ /* Link pParent into the free node list. It will be used as an
+ ** internal node of the new tree. */
+ pParent->pParent = pFree;
+ pFree = pParent;
+ }
+
+ if( rc==SQLITE_OK ){
+ p = 0;
+ for(i=0; i<nMaxDepth; i++){
+ if( apLeaf[i] ){
+ if( p==0 ){
+ p = apLeaf[i];
+ p->pParent = 0;
+ }else{
+ assert( pFree!=0 );
+ pFree->pRight = p;
+ pFree->pLeft = apLeaf[i];
+ pFree->pLeft->pParent = pFree;
+ pFree->pRight->pParent = pFree;
+
+ p = pFree;
+ pFree = pFree->pParent;
+ p->pParent = 0;
+ }
+ }
+ }
+ pRoot = p;
+ }else{
+ /* An error occurred. Delete the contents of the apLeaf[] array
+ ** and pFree list. Everything else is cleaned up by the call to
+ ** sqlite3Fts3ExprFree(pRoot) below. */
+ Fts3Expr *pDel;
+ for(i=0; i<nMaxDepth; i++){
+ sqlite3Fts3ExprFree(apLeaf[i]);
+ }
+ while( (pDel=pFree)!=0 ){
+ pFree = pDel->pParent;
+ sqlite3_free(pDel);
+ }
+ }
+
+ assert( pFree==0 );
+ sqlite3_free( apLeaf );
+ }
+ }else if( eType==FTSQUERY_NOT ){
+ Fts3Expr *pLeft = pRoot->pLeft;
+ Fts3Expr *pRight = pRoot->pRight;
+
+ pRoot->pLeft = 0;
+ pRoot->pRight = 0;
+ pLeft->pParent = 0;
+ pRight->pParent = 0;
+
+ rc = fts3ExprBalance(&pLeft, nMaxDepth-1);
+ if( rc==SQLITE_OK ){
+ rc = fts3ExprBalance(&pRight, nMaxDepth-1);
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts3ExprFree(pRight);
+ sqlite3Fts3ExprFree(pLeft);
+ }else{
+ assert( pLeft && pRight );
+ pRoot->pLeft = pLeft;
+ pLeft->pParent = pRoot;
+ pRoot->pRight = pRight;
+ pRight->pParent = pRoot;
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts3ExprFree(pRoot);
+ pRoot = 0;
+ }
+ *pp = pRoot;
+ return rc;
+}
+
+/*
+** This function is similar to sqlite3Fts3ExprParse(), with the following
+** differences:
+**
+** 1. It does not do expression rebalancing.
+** 2. It does not check that the expression does not exceed the
+** maximum allowable depth.
+** 3. Even if it fails, *ppExpr may still be set to point to an
+** expression tree. It should be deleted using sqlite3Fts3ExprFree()
+** in this case.
+*/
+static int fts3ExprParseUnbalanced(
+ sqlite3_tokenizer *pTokenizer, /* Tokenizer module */
+ int iLangid, /* Language id for tokenizer */
+ char **azCol, /* Array of column names for fts3 table */
+ int bFts4, /* True to allow FTS4-only syntax */
+ int nCol, /* Number of entries in azCol[] */
+ int iDefaultCol, /* Default column to query */
+ const char *z, int n, /* Text of MATCH query */
+ Fts3Expr **ppExpr /* OUT: Parsed query structure */
+){
+ int nParsed;
+ int rc;
+ ParseContext sParse;
+
+ memset(&sParse, 0, sizeof(ParseContext));
+ sParse.pTokenizer = pTokenizer;
+ sParse.iLangid = iLangid;
+ sParse.azCol = (const char **)azCol;
+ sParse.nCol = nCol;
+ sParse.iDefaultCol = iDefaultCol;
+ sParse.bFts4 = bFts4;
+ if( z==0 ){
+ *ppExpr = 0;
+ return SQLITE_OK;
+ }
+ if( n<0 ){
+ n = (int)strlen(z);
+ }
+ rc = fts3ExprParse(&sParse, z, n, ppExpr, &nParsed);
+ assert( rc==SQLITE_OK || *ppExpr==0 );
+
+ /* Check for mismatched parenthesis */
+ if( rc==SQLITE_OK && sParse.nNest ){
+ rc = SQLITE_ERROR;
+ }
+
+ return rc;
+}
+
+/*
+** Parameters z and n contain a pointer to and length of a buffer containing
+** an fts3 query expression, respectively. This function attempts to parse the
+** query expression and create a tree of Fts3Expr structures representing the
+** parsed expression. If successful, *ppExpr is set to point to the head
+** of the parsed expression tree and SQLITE_OK is returned. If an error
+** occurs, either SQLITE_NOMEM (out-of-memory error) or SQLITE_ERROR (parse
+** error) is returned and *ppExpr is set to 0.
+**
+** If parameter n is a negative number, then z is assumed to point to a
+** nul-terminated string and the length is determined using strlen().
+**
+** The first parameter, pTokenizer, is passed the fts3 tokenizer module to
+** use to normalize query tokens while parsing the expression. The azCol[]
+** array, which is assumed to contain nCol entries, should contain the names
+** of each column in the target fts3 table, in order from left to right.
+** Column names must be nul-terminated strings.
+**
+** The iDefaultCol parameter should be passed the index of the table column
+** that appears on the left-hand-side of the MATCH operator (the default
+** column to match against for tokens for which a column name is not explicitly
+** specified as part of the query string), or -1 if tokens may by default
+** match any table column.
+*/
+SQLITE_PRIVATE int sqlite3Fts3ExprParse(
+ sqlite3_tokenizer *pTokenizer, /* Tokenizer module */
+ int iLangid, /* Language id for tokenizer */
+ char **azCol, /* Array of column names for fts3 table */
+ int bFts4, /* True to allow FTS4-only syntax */
+ int nCol, /* Number of entries in azCol[] */
+ int iDefaultCol, /* Default column to query */
+ const char *z, int n, /* Text of MATCH query */
+ Fts3Expr **ppExpr, /* OUT: Parsed query structure */
+ char **pzErr /* OUT: Error message (sqlite3_malloc) */
+){
+ int rc = fts3ExprParseUnbalanced(
+ pTokenizer, iLangid, azCol, bFts4, nCol, iDefaultCol, z, n, ppExpr
+ );
+
+ /* Rebalance the expression. And check that its depth does not exceed
+ ** SQLITE_FTS3_MAX_EXPR_DEPTH. */
+ if( rc==SQLITE_OK && *ppExpr ){
+ rc = fts3ExprBalance(ppExpr, SQLITE_FTS3_MAX_EXPR_DEPTH);
+ if( rc==SQLITE_OK ){
+ rc = fts3ExprCheckDepth(*ppExpr, SQLITE_FTS3_MAX_EXPR_DEPTH);
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts3ExprFree(*ppExpr);
+ *ppExpr = 0;
+ if( rc==SQLITE_TOOBIG ){
+ sqlite3Fts3ErrMsg(pzErr,
+ "FTS expression tree is too large (maximum depth %d)",
+ SQLITE_FTS3_MAX_EXPR_DEPTH
+ );
+ rc = SQLITE_ERROR;
+ }else if( rc==SQLITE_ERROR ){
+ sqlite3Fts3ErrMsg(pzErr, "malformed MATCH expression: [%s]", z);
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Free a single node of an expression tree.
+*/
+static void fts3FreeExprNode(Fts3Expr *p){
+ assert( p->eType==FTSQUERY_PHRASE || p->pPhrase==0 );
+ sqlite3Fts3EvalPhraseCleanup(p->pPhrase);
+ sqlite3_free(p->aMI);
+ sqlite3_free(p);
+}
+
+/*
+** Free a parsed fts3 query expression allocated by sqlite3Fts3ExprParse().
+**
+** This function would be simpler if it recursively called itself. But
+** that would mean passing a sufficiently large expression to ExprParse()
+** could cause a stack overflow.
+*/
+SQLITE_PRIVATE void sqlite3Fts3ExprFree(Fts3Expr *pDel){
+ Fts3Expr *p;
+ assert( pDel==0 || pDel->pParent==0 );
+ for(p=pDel; p && (p->pLeft||p->pRight); p=(p->pLeft ? p->pLeft : p->pRight)){
+ assert( p->pParent==0 || p==p->pParent->pRight || p==p->pParent->pLeft );
+ }
+ while( p ){
+ Fts3Expr *pParent = p->pParent;
+ fts3FreeExprNode(p);
+ if( pParent && p==pParent->pLeft && pParent->pRight ){
+ p = pParent->pRight;
+ while( p && (p->pLeft || p->pRight) ){
+ assert( p==p->pParent->pRight || p==p->pParent->pLeft );
+ p = (p->pLeft ? p->pLeft : p->pRight);
+ }
+ }else{
+ p = pParent;
+ }
+ }
+}
+
+/****************************************************************************
+*****************************************************************************
+** Everything after this point is just test code.
+*/
+
+#ifdef SQLITE_TEST
+
+/* #include <stdio.h> */
+
+/*
+** Function to query the hash-table of tokenizers (see README.tokenizers).
+*/
+static int queryTestTokenizer(
+ sqlite3 *db,
+ const char *zName,
+ const sqlite3_tokenizer_module **pp
+){
+ int rc;
+ sqlite3_stmt *pStmt;
+ const char zSql[] = "SELECT fts3_tokenizer(?)";
+
+ *pp = 0;
+ rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ sqlite3_bind_text(pStmt, 1, zName, -1, SQLITE_STATIC);
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ if( sqlite3_column_type(pStmt, 0)==SQLITE_BLOB ){
+ memcpy((void *)pp, sqlite3_column_blob(pStmt, 0), sizeof(*pp));
+ }
+ }
+
+ return sqlite3_finalize(pStmt);
+}
+
+/*
+** Return a pointer to a buffer containing a text representation of the
+** expression passed as the first argument. The buffer is obtained from
+** sqlite3_malloc(). It is the responsibility of the caller to use
+** sqlite3_free() to release the memory. If an OOM condition is encountered,
+** NULL is returned.
+**
+** If the second argument is not NULL, then its contents are prepended to
+** the returned expression text and then freed using sqlite3_free().
+*/
+static char *exprToString(Fts3Expr *pExpr, char *zBuf){
+ if( pExpr==0 ){
+ return sqlite3_mprintf("");
+ }
+ switch( pExpr->eType ){
+ case FTSQUERY_PHRASE: {
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ int i;
+ zBuf = sqlite3_mprintf(
+ "%zPHRASE %d 0", zBuf, pPhrase->iColumn);
+ for(i=0; zBuf && i<pPhrase->nToken; i++){
+ zBuf = sqlite3_mprintf("%z %.*s%s", zBuf,
+ pPhrase->aToken[i].n, pPhrase->aToken[i].z,
+ (pPhrase->aToken[i].isPrefix?"+":"")
+ );
+ }
+ return zBuf;
+ }
+
+ case FTSQUERY_NEAR:
+ zBuf = sqlite3_mprintf("%zNEAR/%d ", zBuf, pExpr->nNear);
+ break;
+ case FTSQUERY_NOT:
+ zBuf = sqlite3_mprintf("%zNOT ", zBuf);
+ break;
+ case FTSQUERY_AND:
+ zBuf = sqlite3_mprintf("%zAND ", zBuf);
+ break;
+ case FTSQUERY_OR:
+ zBuf = sqlite3_mprintf("%zOR ", zBuf);
+ break;
+ }
+
+ if( zBuf ) zBuf = sqlite3_mprintf("%z{", zBuf);
+ if( zBuf ) zBuf = exprToString(pExpr->pLeft, zBuf);
+ if( zBuf ) zBuf = sqlite3_mprintf("%z} {", zBuf);
+
+ if( zBuf ) zBuf = exprToString(pExpr->pRight, zBuf);
+ if( zBuf ) zBuf = sqlite3_mprintf("%z}", zBuf);
+
+ return zBuf;
+}
+
+/*
+** This is the implementation of a scalar SQL function used to test the
+** expression parser. It should be called as follows:
+**
+** fts3_exprtest(<tokenizer>, <expr>, <column 1>, ...);
+**
+** The first argument, <tokenizer>, is the name of the fts3 tokenizer used
+** to parse the query expression (see README.tokenizers). The second argument
+** is the query expression to parse. Each subsequent argument is the name
+** of a column of the fts3 table that the query expression may refer to.
+** For example:
+**
+** SELECT fts3_exprtest('simple', 'Bill col2:Bloggs', 'col1', 'col2');
+*/
+static void fts3ExprTest(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ sqlite3_tokenizer_module const *pModule = 0;
+ sqlite3_tokenizer *pTokenizer = 0;
+ int rc;
+ char **azCol = 0;
+ const char *zExpr;
+ int nExpr;
+ int nCol;
+ int ii;
+ Fts3Expr *pExpr;
+ char *zBuf = 0;
+ sqlite3 *db = sqlite3_context_db_handle(context);
+
+ if( argc<3 ){
+ sqlite3_result_error(context,
+ "Usage: fts3_exprtest(tokenizer, expr, col1, ...", -1
+ );
+ return;
+ }
+
+ rc = queryTestTokenizer(db,
+ (const char *)sqlite3_value_text(argv[0]), &pModule);
+ if( rc==SQLITE_NOMEM ){
+ sqlite3_result_error_nomem(context);
+ goto exprtest_out;
+ }else if( !pModule ){
+ sqlite3_result_error(context, "No such tokenizer module", -1);
+ goto exprtest_out;
+ }
+
+ rc = pModule->xCreate(0, 0, &pTokenizer);
+ assert( rc==SQLITE_NOMEM || rc==SQLITE_OK );
+ if( rc==SQLITE_NOMEM ){
+ sqlite3_result_error_nomem(context);
+ goto exprtest_out;
+ }
+ pTokenizer->pModule = pModule;
+
+ zExpr = (const char *)sqlite3_value_text(argv[1]);
+ nExpr = sqlite3_value_bytes(argv[1]);
+ nCol = argc-2;
+ azCol = (char **)sqlite3_malloc(nCol*sizeof(char *));
+ if( !azCol ){
+ sqlite3_result_error_nomem(context);
+ goto exprtest_out;
+ }
+ for(ii=0; ii<nCol; ii++){
+ azCol[ii] = (char *)sqlite3_value_text(argv[ii+2]);
+ }
+
+ if( sqlite3_user_data(context) ){
+ char *zDummy = 0;
+ rc = sqlite3Fts3ExprParse(
+ pTokenizer, 0, azCol, 0, nCol, nCol, zExpr, nExpr, &pExpr, &zDummy
+ );
+ assert( rc==SQLITE_OK || pExpr==0 );
+ sqlite3_free(zDummy);
+ }else{
+ rc = fts3ExprParseUnbalanced(
+ pTokenizer, 0, azCol, 0, nCol, nCol, zExpr, nExpr, &pExpr
+ );
+ }
+
+ if( rc!=SQLITE_OK && rc!=SQLITE_NOMEM ){
+ sqlite3Fts3ExprFree(pExpr);
+ sqlite3_result_error(context, "Error parsing expression", -1);
+ }else if( rc==SQLITE_NOMEM || !(zBuf = exprToString(pExpr, 0)) ){
+ sqlite3_result_error_nomem(context);
+ }else{
+ sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+ sqlite3_free(zBuf);
+ }
+
+ sqlite3Fts3ExprFree(pExpr);
+
+exprtest_out:
+ if( pModule && pTokenizer ){
+ rc = pModule->xDestroy(pTokenizer);
+ }
+ sqlite3_free(azCol);
+}
+
+/*
+** Register the query expression parser test function fts3_exprtest()
+** with database connection db.
+*/
+SQLITE_PRIVATE int sqlite3Fts3ExprInitTestInterface(sqlite3* db){
+ int rc = sqlite3_create_function(
+ db, "fts3_exprtest", -1, SQLITE_UTF8, 0, fts3ExprTest, 0, 0
+ );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_function(db, "fts3_exprtest_rebalance",
+ -1, SQLITE_UTF8, (void *)1, fts3ExprTest, 0, 0
+ );
+ }
+ return rc;
+}
+
+#endif
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_expr.c *******************************************/
+/************** Begin file fts3_hash.c ***************************************/
+/*
+** 2001 September 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This is the implementation of generic hash-tables used in SQLite.
+** We've modified it slightly to serve as a standalone hash table
+** implementation for the full-text indexing module.
+*/
+
+/*
+** The code in this file is only compiled if:
+**
+** * The FTS3 module is being built as an extension
+** (in which case SQLITE_CORE is not defined), or
+**
+** * The FTS3 module is being built into the core of
+** SQLite (in which case SQLITE_ENABLE_FTS3 is defined).
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <assert.h> */
+/* #include <stdlib.h> */
+/* #include <string.h> */
+
+/* #include "fts3_hash.h" */
+
+/*
+** Malloc and Free functions
+*/
+static void *fts3HashMalloc(int n){
+ void *p = sqlite3_malloc(n);
+ if( p ){
+ memset(p, 0, n);
+ }
+ return p;
+}
+static void fts3HashFree(void *p){
+ sqlite3_free(p);
+}
+
+/* Turn bulk memory into a hash table object by initializing the
+** fields of the Hash structure.
+**
+** "pNew" is a pointer to the hash table that is to be initialized.
+** keyClass is one of the constants
+** FTS3_HASH_BINARY or FTS3_HASH_STRING. The value of keyClass
+** determines what kind of key the hash table will use. "copyKey" is
+** true if the hash table should make its own private copy of keys and
+** false if it should just use the supplied pointer.
+*/
+SQLITE_PRIVATE void sqlite3Fts3HashInit(Fts3Hash *pNew, char keyClass, char copyKey){
+ assert( pNew!=0 );
+ assert( keyClass>=FTS3_HASH_STRING && keyClass<=FTS3_HASH_BINARY );
+ pNew->keyClass = keyClass;
+ pNew->copyKey = copyKey;
+ pNew->first = 0;
+ pNew->count = 0;
+ pNew->htsize = 0;
+ pNew->ht = 0;
+}
+
+/* Remove all entries from a hash table. Reclaim all memory.
+** Call this routine to delete a hash table or to reset a hash table
+** to the empty state.
+*/
+SQLITE_PRIVATE void sqlite3Fts3HashClear(Fts3Hash *pH){
+ Fts3HashElem *elem; /* For looping over all elements of the table */
+
+ assert( pH!=0 );
+ elem = pH->first;
+ pH->first = 0;
+ fts3HashFree(pH->ht);
+ pH->ht = 0;
+ pH->htsize = 0;
+ while( elem ){
+ Fts3HashElem *next_elem = elem->next;
+ if( pH->copyKey && elem->pKey ){
+ fts3HashFree(elem->pKey);
+ }
+ fts3HashFree(elem);
+ elem = next_elem;
+ }
+ pH->count = 0;
+}
+
+/*
+** Hash and comparison functions when the mode is FTS3_HASH_STRING
+*/
+static int fts3StrHash(const void *pKey, int nKey){
+ const char *z = (const char *)pKey;
+ unsigned h = 0;
+ if( nKey<=0 ) nKey = (int) strlen(z);
+ while( nKey > 0 ){
+ h = (h<<3) ^ h ^ *z++;
+ nKey--;
+ }
+ return (int)(h & 0x7fffffff);
+}
+static int fts3StrCompare(const void *pKey1, int n1, const void *pKey2, int n2){
+ if( n1!=n2 ) return 1;
+ return strncmp((const char*)pKey1,(const char*)pKey2,n1);
+}
+
+/*
+** Hash and comparison functions when the mode is FTS3_HASH_BINARY
+*/
+static int fts3BinHash(const void *pKey, int nKey){
+ int h = 0;
+ const char *z = (const char *)pKey;
+ while( nKey-- > 0 ){
+ h = (h<<3) ^ h ^ *(z++);
+ }
+ return h & 0x7fffffff;
+}
+static int fts3BinCompare(const void *pKey1, int n1, const void *pKey2, int n2){
+ if( n1!=n2 ) return 1;
+ return memcmp(pKey1,pKey2,n1);
+}
+
+/*
+** Return a pointer to the appropriate hash function given the key class.
+**
+** The C syntax in this function definition may be unfamilar to some
+** programmers, so we provide the following additional explanation:
+**
+** The name of the function is "ftsHashFunction". The function takes a
+** single parameter "keyClass". The return value of ftsHashFunction()
+** is a pointer to another function. Specifically, the return value
+** of ftsHashFunction() is a pointer to a function that takes two parameters
+** with types "const void*" and "int" and returns an "int".
+*/
+static int (*ftsHashFunction(int keyClass))(const void*,int){
+ if( keyClass==FTS3_HASH_STRING ){
+ return &fts3StrHash;
+ }else{
+ assert( keyClass==FTS3_HASH_BINARY );
+ return &fts3BinHash;
+ }
+}
+
+/*
+** Return a pointer to the appropriate hash function given the key class.
+**
+** For help in interpreted the obscure C code in the function definition,
+** see the header comment on the previous function.
+*/
+static int (*ftsCompareFunction(int keyClass))(const void*,int,const void*,int){
+ if( keyClass==FTS3_HASH_STRING ){
+ return &fts3StrCompare;
+ }else{
+ assert( keyClass==FTS3_HASH_BINARY );
+ return &fts3BinCompare;
+ }
+}
+
+/* Link an element into the hash table
+*/
+static void fts3HashInsertElement(
+ Fts3Hash *pH, /* The complete hash table */
+ struct _fts3ht *pEntry, /* The entry into which pNew is inserted */
+ Fts3HashElem *pNew /* The element to be inserted */
+){
+ Fts3HashElem *pHead; /* First element already in pEntry */
+ pHead = pEntry->chain;
+ if( pHead ){
+ pNew->next = pHead;
+ pNew->prev = pHead->prev;
+ if( pHead->prev ){ pHead->prev->next = pNew; }
+ else { pH->first = pNew; }
+ pHead->prev = pNew;
+ }else{
+ pNew->next = pH->first;
+ if( pH->first ){ pH->first->prev = pNew; }
+ pNew->prev = 0;
+ pH->first = pNew;
+ }
+ pEntry->count++;
+ pEntry->chain = pNew;
+}
+
+
+/* Resize the hash table so that it cantains "new_size" buckets.
+** "new_size" must be a power of 2. The hash table might fail
+** to resize if sqliteMalloc() fails.
+**
+** Return non-zero if a memory allocation error occurs.
+*/
+static int fts3Rehash(Fts3Hash *pH, int new_size){
+ struct _fts3ht *new_ht; /* The new hash table */
+ Fts3HashElem *elem, *next_elem; /* For looping over existing elements */
+ int (*xHash)(const void*,int); /* The hash function */
+
+ assert( (new_size & (new_size-1))==0 );
+ new_ht = (struct _fts3ht *)fts3HashMalloc( new_size*sizeof(struct _fts3ht) );
+ if( new_ht==0 ) return 1;
+ fts3HashFree(pH->ht);
+ pH->ht = new_ht;
+ pH->htsize = new_size;
+ xHash = ftsHashFunction(pH->keyClass);
+ for(elem=pH->first, pH->first=0; elem; elem = next_elem){
+ int h = (*xHash)(elem->pKey, elem->nKey) & (new_size-1);
+ next_elem = elem->next;
+ fts3HashInsertElement(pH, &new_ht[h], elem);
+ }
+ return 0;
+}
+
+/* This function (for internal use only) locates an element in an
+** hash table that matches the given key. The hash for this key has
+** already been computed and is passed as the 4th parameter.
+*/
+static Fts3HashElem *fts3FindElementByHash(
+ const Fts3Hash *pH, /* The pH to be searched */
+ const void *pKey, /* The key we are searching for */
+ int nKey,
+ int h /* The hash for this key. */
+){
+ Fts3HashElem *elem; /* Used to loop thru the element list */
+ int count; /* Number of elements left to test */
+ int (*xCompare)(const void*,int,const void*,int); /* comparison function */
+
+ if( pH->ht ){
+ struct _fts3ht *pEntry = &pH->ht[h];
+ elem = pEntry->chain;
+ count = pEntry->count;
+ xCompare = ftsCompareFunction(pH->keyClass);
+ while( count-- && elem ){
+ if( (*xCompare)(elem->pKey,elem->nKey,pKey,nKey)==0 ){
+ return elem;
+ }
+ elem = elem->next;
+ }
+ }
+ return 0;
+}
+
+/* Remove a single entry from the hash table given a pointer to that
+** element and a hash on the element's key.
+*/
+static void fts3RemoveElementByHash(
+ Fts3Hash *pH, /* The pH containing "elem" */
+ Fts3HashElem* elem, /* The element to be removed from the pH */
+ int h /* Hash value for the element */
+){
+ struct _fts3ht *pEntry;
+ if( elem->prev ){
+ elem->prev->next = elem->next;
+ }else{
+ pH->first = elem->next;
+ }
+ if( elem->next ){
+ elem->next->prev = elem->prev;
+ }
+ pEntry = &pH->ht[h];
+ if( pEntry->chain==elem ){
+ pEntry->chain = elem->next;
+ }
+ pEntry->count--;
+ if( pEntry->count<=0 ){
+ pEntry->chain = 0;
+ }
+ if( pH->copyKey && elem->pKey ){
+ fts3HashFree(elem->pKey);
+ }
+ fts3HashFree( elem );
+ pH->count--;
+ if( pH->count<=0 ){
+ assert( pH->first==0 );
+ assert( pH->count==0 );
+ fts3HashClear(pH);
+ }
+}
+
+SQLITE_PRIVATE Fts3HashElem *sqlite3Fts3HashFindElem(
+ const Fts3Hash *pH,
+ const void *pKey,
+ int nKey
+){
+ int h; /* A hash on key */
+ int (*xHash)(const void*,int); /* The hash function */
+
+ if( pH==0 || pH->ht==0 ) return 0;
+ xHash = ftsHashFunction(pH->keyClass);
+ assert( xHash!=0 );
+ h = (*xHash)(pKey,nKey);
+ assert( (pH->htsize & (pH->htsize-1))==0 );
+ return fts3FindElementByHash(pH,pKey,nKey, h & (pH->htsize-1));
+}
+
+/*
+** Attempt to locate an element of the hash table pH with a key
+** that matches pKey,nKey. Return the data for this element if it is
+** found, or NULL if there is no match.
+*/
+SQLITE_PRIVATE void *sqlite3Fts3HashFind(const Fts3Hash *pH, const void *pKey, int nKey){
+ Fts3HashElem *pElem; /* The element that matches key (if any) */
+
+ pElem = sqlite3Fts3HashFindElem(pH, pKey, nKey);
+ return pElem ? pElem->data : 0;
+}
+
+/* Insert an element into the hash table pH. The key is pKey,nKey
+** and the data is "data".
+**
+** If no element exists with a matching key, then a new
+** element is created. A copy of the key is made if the copyKey
+** flag is set. NULL is returned.
+**
+** If another element already exists with the same key, then the
+** new data replaces the old data and the old data is returned.
+** The key is not copied in this instance. If a malloc fails, then
+** the new data is returned and the hash table is unchanged.
+**
+** If the "data" parameter to this function is NULL, then the
+** element corresponding to "key" is removed from the hash table.
+*/
+SQLITE_PRIVATE void *sqlite3Fts3HashInsert(
+ Fts3Hash *pH, /* The hash table to insert into */
+ const void *pKey, /* The key */
+ int nKey, /* Number of bytes in the key */
+ void *data /* The data */
+){
+ int hraw; /* Raw hash value of the key */
+ int h; /* the hash of the key modulo hash table size */
+ Fts3HashElem *elem; /* Used to loop thru the element list */
+ Fts3HashElem *new_elem; /* New element added to the pH */
+ int (*xHash)(const void*,int); /* The hash function */
+
+ assert( pH!=0 );
+ xHash = ftsHashFunction(pH->keyClass);
+ assert( xHash!=0 );
+ hraw = (*xHash)(pKey, nKey);
+ assert( (pH->htsize & (pH->htsize-1))==0 );
+ h = hraw & (pH->htsize-1);
+ elem = fts3FindElementByHash(pH,pKey,nKey,h);
+ if( elem ){
+ void *old_data = elem->data;
+ if( data==0 ){
+ fts3RemoveElementByHash(pH,elem,h);
+ }else{
+ elem->data = data;
+ }
+ return old_data;
+ }
+ if( data==0 ) return 0;
+ if( (pH->htsize==0 && fts3Rehash(pH,8))
+ || (pH->count>=pH->htsize && fts3Rehash(pH, pH->htsize*2))
+ ){
+ pH->count = 0;
+ return data;
+ }
+ assert( pH->htsize>0 );
+ new_elem = (Fts3HashElem*)fts3HashMalloc( sizeof(Fts3HashElem) );
+ if( new_elem==0 ) return data;
+ if( pH->copyKey && pKey!=0 ){
+ new_elem->pKey = fts3HashMalloc( nKey );
+ if( new_elem->pKey==0 ){
+ fts3HashFree(new_elem);
+ return data;
+ }
+ memcpy((void*)new_elem->pKey, pKey, nKey);
+ }else{
+ new_elem->pKey = (void*)pKey;
+ }
+ new_elem->nKey = nKey;
+ pH->count++;
+ assert( pH->htsize>0 );
+ assert( (pH->htsize & (pH->htsize-1))==0 );
+ h = hraw & (pH->htsize-1);
+ fts3HashInsertElement(pH, &pH->ht[h], new_elem);
+ new_elem->data = data;
+ return 0;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_hash.c *******************************************/
+/************** Begin file fts3_porter.c *************************************/
+/*
+** 2006 September 30
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Implementation of the full-text-search tokenizer that implements
+** a Porter stemmer.
+*/
+
+/*
+** The code in this file is only compiled if:
+**
+** * The FTS3 module is being built as an extension
+** (in which case SQLITE_CORE is not defined), or
+**
+** * The FTS3 module is being built into the core of
+** SQLite (in which case SQLITE_ENABLE_FTS3 is defined).
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <assert.h> */
+/* #include <stdlib.h> */
+/* #include <stdio.h> */
+/* #include <string.h> */
+
+/* #include "fts3_tokenizer.h" */
+
+/*
+** Class derived from sqlite3_tokenizer
+*/
+typedef struct porter_tokenizer {
+ sqlite3_tokenizer base; /* Base class */
+} porter_tokenizer;
+
+/*
+** Class derived from sqlite3_tokenizer_cursor
+*/
+typedef struct porter_tokenizer_cursor {
+ sqlite3_tokenizer_cursor base;
+ const char *zInput; /* input we are tokenizing */
+ int nInput; /* size of the input */
+ int iOffset; /* current position in zInput */
+ int iToken; /* index of next token to be returned */
+ char *zToken; /* storage for current token */
+ int nAllocated; /* space allocated to zToken buffer */
+} porter_tokenizer_cursor;
+
+
+/*
+** Create a new tokenizer instance.
+*/
+static int porterCreate(
+ int argc, const char * const *argv,
+ sqlite3_tokenizer **ppTokenizer
+){
+ porter_tokenizer *t;
+
+ UNUSED_PARAMETER(argc);
+ UNUSED_PARAMETER(argv);
+
+ t = (porter_tokenizer *) sqlite3_malloc(sizeof(*t));
+ if( t==NULL ) return SQLITE_NOMEM;
+ memset(t, 0, sizeof(*t));
+ *ppTokenizer = &t->base;
+ return SQLITE_OK;
+}
+
+/*
+** Destroy a tokenizer
+*/
+static int porterDestroy(sqlite3_tokenizer *pTokenizer){
+ sqlite3_free(pTokenizer);
+ return SQLITE_OK;
+}
+
+/*
+** Prepare to begin tokenizing a particular string. The input
+** string to be tokenized is zInput[0..nInput-1]. A cursor
+** used to incrementally tokenize this string is returned in
+** *ppCursor.
+*/
+static int porterOpen(
+ sqlite3_tokenizer *pTokenizer, /* The tokenizer */
+ const char *zInput, int nInput, /* String to be tokenized */
+ sqlite3_tokenizer_cursor **ppCursor /* OUT: Tokenization cursor */
+){
+ porter_tokenizer_cursor *c;
+
+ UNUSED_PARAMETER(pTokenizer);
+
+ c = (porter_tokenizer_cursor *) sqlite3_malloc(sizeof(*c));
+ if( c==NULL ) return SQLITE_NOMEM;
+
+ c->zInput = zInput;
+ if( zInput==0 ){
+ c->nInput = 0;
+ }else if( nInput<0 ){
+ c->nInput = (int)strlen(zInput);
+ }else{
+ c->nInput = nInput;
+ }
+ c->iOffset = 0; /* start tokenizing at the beginning */
+ c->iToken = 0;
+ c->zToken = NULL; /* no space allocated, yet. */
+ c->nAllocated = 0;
+
+ *ppCursor = &c->base;
+ return SQLITE_OK;
+}
+
+/*
+** Close a tokenization cursor previously opened by a call to
+** porterOpen() above.
+*/
+static int porterClose(sqlite3_tokenizer_cursor *pCursor){
+ porter_tokenizer_cursor *c = (porter_tokenizer_cursor *) pCursor;
+ sqlite3_free(c->zToken);
+ sqlite3_free(c);
+ return SQLITE_OK;
+}
+/*
+** Vowel or consonant
+*/
+static const char cType[] = {
+ 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0,
+ 1, 1, 1, 2, 1
+};
+
+/*
+** isConsonant() and isVowel() determine if their first character in
+** the string they point to is a consonant or a vowel, according
+** to Porter ruls.
+**
+** A consonate is any letter other than 'a', 'e', 'i', 'o', or 'u'.
+** 'Y' is a consonant unless it follows another consonant,
+** in which case it is a vowel.
+**
+** In these routine, the letters are in reverse order. So the 'y' rule
+** is that 'y' is a consonant unless it is followed by another
+** consonent.
+*/
+static int isVowel(const char*);
+static int isConsonant(const char *z){
+ int j;
+ char x = *z;
+ if( x==0 ) return 0;
+ assert( x>='a' && x<='z' );
+ j = cType[x-'a'];
+ if( j<2 ) return j;
+ return z[1]==0 || isVowel(z + 1);
+}
+static int isVowel(const char *z){
+ int j;
+ char x = *z;
+ if( x==0 ) return 0;
+ assert( x>='a' && x<='z' );
+ j = cType[x-'a'];
+ if( j<2 ) return 1-j;
+ return isConsonant(z + 1);
+}
+
+/*
+** Let any sequence of one or more vowels be represented by V and let
+** C be sequence of one or more consonants. Then every word can be
+** represented as:
+**
+** [C] (VC){m} [V]
+**
+** In prose: A word is an optional consonant followed by zero or
+** vowel-consonant pairs followed by an optional vowel. "m" is the
+** number of vowel consonant pairs. This routine computes the value
+** of m for the first i bytes of a word.
+**
+** Return true if the m-value for z is 1 or more. In other words,
+** return true if z contains at least one vowel that is followed
+** by a consonant.
+**
+** In this routine z[] is in reverse order. So we are really looking
+** for an instance of a consonant followed by a vowel.
+*/
+static int m_gt_0(const char *z){
+ while( isVowel(z) ){ z++; }
+ if( *z==0 ) return 0;
+ while( isConsonant(z) ){ z++; }
+ return *z!=0;
+}
+
+/* Like mgt0 above except we are looking for a value of m which is
+** exactly 1
+*/
+static int m_eq_1(const char *z){
+ while( isVowel(z) ){ z++; }
+ if( *z==0 ) return 0;
+ while( isConsonant(z) ){ z++; }
+ if( *z==0 ) return 0;
+ while( isVowel(z) ){ z++; }
+ if( *z==0 ) return 1;
+ while( isConsonant(z) ){ z++; }
+ return *z==0;
+}
+
+/* Like mgt0 above except we are looking for a value of m>1 instead
+** or m>0
+*/
+static int m_gt_1(const char *z){
+ while( isVowel(z) ){ z++; }
+ if( *z==0 ) return 0;
+ while( isConsonant(z) ){ z++; }
+ if( *z==0 ) return 0;
+ while( isVowel(z) ){ z++; }
+ if( *z==0 ) return 0;
+ while( isConsonant(z) ){ z++; }
+ return *z!=0;
+}
+
+/*
+** Return TRUE if there is a vowel anywhere within z[0..n-1]
+*/
+static int hasVowel(const char *z){
+ while( isConsonant(z) ){ z++; }
+ return *z!=0;
+}
+
+/*
+** Return TRUE if the word ends in a double consonant.
+**
+** The text is reversed here. So we are really looking at
+** the first two characters of z[].
+*/
+static int doubleConsonant(const char *z){
+ return isConsonant(z) && z[0]==z[1];
+}
+
+/*
+** Return TRUE if the word ends with three letters which
+** are consonant-vowel-consonent and where the final consonant
+** is not 'w', 'x', or 'y'.
+**
+** The word is reversed here. So we are really checking the
+** first three letters and the first one cannot be in [wxy].
+*/
+static int star_oh(const char *z){
+ return
+ isConsonant(z) &&
+ z[0]!='w' && z[0]!='x' && z[0]!='y' &&
+ isVowel(z+1) &&
+ isConsonant(z+2);
+}
+
+/*
+** If the word ends with zFrom and xCond() is true for the stem
+** of the word that preceeds the zFrom ending, then change the
+** ending to zTo.
+**
+** The input word *pz and zFrom are both in reverse order. zTo
+** is in normal order.
+**
+** Return TRUE if zFrom matches. Return FALSE if zFrom does not
+** match. Not that TRUE is returned even if xCond() fails and
+** no substitution occurs.
+*/
+static int stem(
+ char **pz, /* The word being stemmed (Reversed) */
+ const char *zFrom, /* If the ending matches this... (Reversed) */
+ const char *zTo, /* ... change the ending to this (not reversed) */
+ int (*xCond)(const char*) /* Condition that must be true */
+){
+ char *z = *pz;
+ while( *zFrom && *zFrom==*z ){ z++; zFrom++; }
+ if( *zFrom!=0 ) return 0;
+ if( xCond && !xCond(z) ) return 1;
+ while( *zTo ){
+ *(--z) = *(zTo++);
+ }
+ *pz = z;
+ return 1;
+}
+
+/*
+** This is the fallback stemmer used when the porter stemmer is
+** inappropriate. The input word is copied into the output with
+** US-ASCII case folding. If the input word is too long (more
+** than 20 bytes if it contains no digits or more than 6 bytes if
+** it contains digits) then word is truncated to 20 or 6 bytes
+** by taking 10 or 3 bytes from the beginning and end.
+*/
+static void copy_stemmer(const char *zIn, int nIn, char *zOut, int *pnOut){
+ int i, mx, j;
+ int hasDigit = 0;
+ for(i=0; i<nIn; i++){
+ char c = zIn[i];
+ if( c>='A' && c<='Z' ){
+ zOut[i] = c - 'A' + 'a';
+ }else{
+ if( c>='0' && c<='9' ) hasDigit = 1;
+ zOut[i] = c;
+ }
+ }
+ mx = hasDigit ? 3 : 10;
+ if( nIn>mx*2 ){
+ for(j=mx, i=nIn-mx; i<nIn; i++, j++){
+ zOut[j] = zOut[i];
+ }
+ i = j;
+ }
+ zOut[i] = 0;
+ *pnOut = i;
+}
+
+
+/*
+** Stem the input word zIn[0..nIn-1]. Store the output in zOut.
+** zOut is at least big enough to hold nIn bytes. Write the actual
+** size of the output word (exclusive of the '\0' terminator) into *pnOut.
+**
+** Any upper-case characters in the US-ASCII character set ([A-Z])
+** are converted to lower case. Upper-case UTF characters are
+** unchanged.
+**
+** Words that are longer than about 20 bytes are stemmed by retaining
+** a few bytes from the beginning and the end of the word. If the
+** word contains digits, 3 bytes are taken from the beginning and
+** 3 bytes from the end. For long words without digits, 10 bytes
+** are taken from each end. US-ASCII case folding still applies.
+**
+** If the input word contains not digits but does characters not
+** in [a-zA-Z] then no stemming is attempted and this routine just
+** copies the input into the input into the output with US-ASCII
+** case folding.
+**
+** Stemming never increases the length of the word. So there is
+** no chance of overflowing the zOut buffer.
+*/
+static void porter_stemmer(const char *zIn, int nIn, char *zOut, int *pnOut){
+ int i, j;
+ char zReverse[28];
+ char *z, *z2;
+ if( nIn<3 || nIn>=(int)sizeof(zReverse)-7 ){
+ /* The word is too big or too small for the porter stemmer.
+ ** Fallback to the copy stemmer */
+ copy_stemmer(zIn, nIn, zOut, pnOut);
+ return;
+ }
+ for(i=0, j=sizeof(zReverse)-6; i<nIn; i++, j--){
+ char c = zIn[i];
+ if( c>='A' && c<='Z' ){
+ zReverse[j] = c + 'a' - 'A';
+ }else if( c>='a' && c<='z' ){
+ zReverse[j] = c;
+ }else{
+ /* The use of a character not in [a-zA-Z] means that we fallback
+ ** to the copy stemmer */
+ copy_stemmer(zIn, nIn, zOut, pnOut);
+ return;
+ }
+ }
+ memset(&zReverse[sizeof(zReverse)-5], 0, 5);
+ z = &zReverse[j+1];
+
+
+ /* Step 1a */
+ if( z[0]=='s' ){
+ if(
+ !stem(&z, "sess", "ss", 0) &&
+ !stem(&z, "sei", "i", 0) &&
+ !stem(&z, "ss", "ss", 0)
+ ){
+ z++;
+ }
+ }
+
+ /* Step 1b */
+ z2 = z;
+ if( stem(&z, "dee", "ee", m_gt_0) ){
+ /* Do nothing. The work was all in the test */
+ }else if(
+ (stem(&z, "gni", "", hasVowel) || stem(&z, "de", "", hasVowel))
+ && z!=z2
+ ){
+ if( stem(&z, "ta", "ate", 0) ||
+ stem(&z, "lb", "ble", 0) ||
+ stem(&z, "zi", "ize", 0) ){
+ /* Do nothing. The work was all in the test */
+ }else if( doubleConsonant(z) && (*z!='l' && *z!='s' && *z!='z') ){
+ z++;
+ }else if( m_eq_1(z) && star_oh(z) ){
+ *(--z) = 'e';
+ }
+ }
+
+ /* Step 1c */
+ if( z[0]=='y' && hasVowel(z+1) ){
+ z[0] = 'i';
+ }
+
+ /* Step 2 */
+ switch( z[1] ){
+ case 'a':
+ if( !stem(&z, "lanoita", "ate", m_gt_0) ){
+ stem(&z, "lanoit", "tion", m_gt_0);
+ }
+ break;
+ case 'c':
+ if( !stem(&z, "icne", "ence", m_gt_0) ){
+ stem(&z, "icna", "ance", m_gt_0);
+ }
+ break;
+ case 'e':
+ stem(&z, "rezi", "ize", m_gt_0);
+ break;
+ case 'g':
+ stem(&z, "igol", "log", m_gt_0);
+ break;
+ case 'l':
+ if( !stem(&z, "ilb", "ble", m_gt_0)
+ && !stem(&z, "illa", "al", m_gt_0)
+ && !stem(&z, "iltne", "ent", m_gt_0)
+ && !stem(&z, "ile", "e", m_gt_0)
+ ){
+ stem(&z, "ilsuo", "ous", m_gt_0);
+ }
+ break;
+ case 'o':
+ if( !stem(&z, "noitazi", "ize", m_gt_0)
+ && !stem(&z, "noita", "ate", m_gt_0)
+ ){
+ stem(&z, "rota", "ate", m_gt_0);
+ }
+ break;
+ case 's':
+ if( !stem(&z, "msila", "al", m_gt_0)
+ && !stem(&z, "ssenevi", "ive", m_gt_0)
+ && !stem(&z, "ssenluf", "ful", m_gt_0)
+ ){
+ stem(&z, "ssensuo", "ous", m_gt_0);
+ }
+ break;
+ case 't':
+ if( !stem(&z, "itila", "al", m_gt_0)
+ && !stem(&z, "itivi", "ive", m_gt_0)
+ ){
+ stem(&z, "itilib", "ble", m_gt_0);
+ }
+ break;
+ }
+
+ /* Step 3 */
+ switch( z[0] ){
+ case 'e':
+ if( !stem(&z, "etaci", "ic", m_gt_0)
+ && !stem(&z, "evita", "", m_gt_0)
+ ){
+ stem(&z, "ezila", "al", m_gt_0);
+ }
+ break;
+ case 'i':
+ stem(&z, "itici", "ic", m_gt_0);
+ break;
+ case 'l':
+ if( !stem(&z, "laci", "ic", m_gt_0) ){
+ stem(&z, "luf", "", m_gt_0);
+ }
+ break;
+ case 's':
+ stem(&z, "ssen", "", m_gt_0);
+ break;
+ }
+
+ /* Step 4 */
+ switch( z[1] ){
+ case 'a':
+ if( z[0]=='l' && m_gt_1(z+2) ){
+ z += 2;
+ }
+ break;
+ case 'c':
+ if( z[0]=='e' && z[2]=='n' && (z[3]=='a' || z[3]=='e') && m_gt_1(z+4) ){
+ z += 4;
+ }
+ break;
+ case 'e':
+ if( z[0]=='r' && m_gt_1(z+2) ){
+ z += 2;
+ }
+ break;
+ case 'i':
+ if( z[0]=='c' && m_gt_1(z+2) ){
+ z += 2;
+ }
+ break;
+ case 'l':
+ if( z[0]=='e' && z[2]=='b' && (z[3]=='a' || z[3]=='i') && m_gt_1(z+4) ){
+ z += 4;
+ }
+ break;
+ case 'n':
+ if( z[0]=='t' ){
+ if( z[2]=='a' ){
+ if( m_gt_1(z+3) ){
+ z += 3;
+ }
+ }else if( z[2]=='e' ){
+ if( !stem(&z, "tneme", "", m_gt_1)
+ && !stem(&z, "tnem", "", m_gt_1)
+ ){
+ stem(&z, "tne", "", m_gt_1);
+ }
+ }
+ }
+ break;
+ case 'o':
+ if( z[0]=='u' ){
+ if( m_gt_1(z+2) ){
+ z += 2;
+ }
+ }else if( z[3]=='s' || z[3]=='t' ){
+ stem(&z, "noi", "", m_gt_1);
+ }
+ break;
+ case 's':
+ if( z[0]=='m' && z[2]=='i' && m_gt_1(z+3) ){
+ z += 3;
+ }
+ break;
+ case 't':
+ if( !stem(&z, "eta", "", m_gt_1) ){
+ stem(&z, "iti", "", m_gt_1);
+ }
+ break;
+ case 'u':
+ if( z[0]=='s' && z[2]=='o' && m_gt_1(z+3) ){
+ z += 3;
+ }
+ break;
+ case 'v':
+ case 'z':
+ if( z[0]=='e' && z[2]=='i' && m_gt_1(z+3) ){
+ z += 3;
+ }
+ break;
+ }
+
+ /* Step 5a */
+ if( z[0]=='e' ){
+ if( m_gt_1(z+1) ){
+ z++;
+ }else if( m_eq_1(z+1) && !star_oh(z+1) ){
+ z++;
+ }
+ }
+
+ /* Step 5b */
+ if( m_gt_1(z) && z[0]=='l' && z[1]=='l' ){
+ z++;
+ }
+
+ /* z[] is now the stemmed word in reverse order. Flip it back
+ ** around into forward order and return.
+ */
+ *pnOut = i = (int)strlen(z);
+ zOut[i] = 0;
+ while( *z ){
+ zOut[--i] = *(z++);
+ }
+}
+
+/*
+** Characters that can be part of a token. We assume any character
+** whose value is greater than 0x80 (any UTF character) can be
+** part of a token. In other words, delimiters all must have
+** values of 0x7f or lower.
+*/
+static const char porterIdChar[] = {
+/* x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 xA xB xC xD xE xF */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, /* 3x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 4x */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, /* 5x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 6x */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, /* 7x */
+};
+#define isDelim(C) (((ch=C)&0x80)==0 && (ch<0x30 || !porterIdChar[ch-0x30]))
+
+/*
+** Extract the next token from a tokenization cursor. The cursor must
+** have been opened by a prior call to porterOpen().
+*/
+static int porterNext(
+ sqlite3_tokenizer_cursor *pCursor, /* Cursor returned by porterOpen */
+ const char **pzToken, /* OUT: *pzToken is the token text */
+ int *pnBytes, /* OUT: Number of bytes in token */
+ int *piStartOffset, /* OUT: Starting offset of token */
+ int *piEndOffset, /* OUT: Ending offset of token */
+ int *piPosition /* OUT: Position integer of token */
+){
+ porter_tokenizer_cursor *c = (porter_tokenizer_cursor *) pCursor;
+ const char *z = c->zInput;
+
+ while( c->iOffset<c->nInput ){
+ int iStartOffset, ch;
+
+ /* Scan past delimiter characters */
+ while( c->iOffset<c->nInput && isDelim(z[c->iOffset]) ){
+ c->iOffset++;
+ }
+
+ /* Count non-delimiter characters. */
+ iStartOffset = c->iOffset;
+ while( c->iOffset<c->nInput && !isDelim(z[c->iOffset]) ){
+ c->iOffset++;
+ }
+
+ if( c->iOffset>iStartOffset ){
+ int n = c->iOffset-iStartOffset;
+ if( n>c->nAllocated ){
+ char *pNew;
+ c->nAllocated = n+20;
+ pNew = sqlite3_realloc(c->zToken, c->nAllocated);
+ if( !pNew ) return SQLITE_NOMEM;
+ c->zToken = pNew;
+ }
+ porter_stemmer(&z[iStartOffset], n, c->zToken, pnBytes);
+ *pzToken = c->zToken;
+ *piStartOffset = iStartOffset;
+ *piEndOffset = c->iOffset;
+ *piPosition = c->iToken++;
+ return SQLITE_OK;
+ }
+ }
+ return SQLITE_DONE;
+}
+
+/*
+** The set of routines that implement the porter-stemmer tokenizer
+*/
+static const sqlite3_tokenizer_module porterTokenizerModule = {
+ 0,
+ porterCreate,
+ porterDestroy,
+ porterOpen,
+ porterClose,
+ porterNext,
+ 0
+};
+
+/*
+** Allocate a new porter tokenizer. Return a pointer to the new
+** tokenizer in *ppModule
+*/
+SQLITE_PRIVATE void sqlite3Fts3PorterTokenizerModule(
+ sqlite3_tokenizer_module const**ppModule
+){
+ *ppModule = &porterTokenizerModule;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_porter.c *****************************************/
+/************** Begin file fts3_tokenizer.c **********************************/
+/*
+** 2007 June 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This is part of an SQLite module implementing full-text search.
+** This particular file implements the generic tokenizer interface.
+*/
+
+/*
+** The code in this file is only compiled if:
+**
+** * The FTS3 module is being built as an extension
+** (in which case SQLITE_CORE is not defined), or
+**
+** * The FTS3 module is being built into the core of
+** SQLite (in which case SQLITE_ENABLE_FTS3 is defined).
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <assert.h> */
+/* #include <string.h> */
+
+/*
+** Implementation of the SQL scalar function for accessing the underlying
+** hash table. This function may be called as follows:
+**
+** SELECT <function-name>(<key-name>);
+** SELECT <function-name>(<key-name>, <pointer>);
+**
+** where <function-name> is the name passed as the second argument
+** to the sqlite3Fts3InitHashTable() function (e.g. 'fts3_tokenizer').
+**
+** If the <pointer> argument is specified, it must be a blob value
+** containing a pointer to be stored as the hash data corresponding
+** to the string <key-name>. If <pointer> is not specified, then
+** the string <key-name> must already exist in the has table. Otherwise,
+** an error is returned.
+**
+** Whether or not the <pointer> argument is specified, the value returned
+** is a blob containing the pointer stored as the hash data corresponding
+** to string <key-name> (after the hash-table is updated, if applicable).
+*/
+static void scalarFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ Fts3Hash *pHash;
+ void *pPtr = 0;
+ const unsigned char *zName;
+ int nName;
+
+ assert( argc==1 || argc==2 );
+
+ pHash = (Fts3Hash *)sqlite3_user_data(context);
+
+ zName = sqlite3_value_text(argv[0]);
+ nName = sqlite3_value_bytes(argv[0])+1;
+
+ if( argc==2 ){
+ void *pOld;
+ int n = sqlite3_value_bytes(argv[1]);
+ if( zName==0 || n!=sizeof(pPtr) ){
+ sqlite3_result_error(context, "argument type mismatch", -1);
+ return;
+ }
+ pPtr = *(void **)sqlite3_value_blob(argv[1]);
+ pOld = sqlite3Fts3HashInsert(pHash, (void *)zName, nName, pPtr);
+ if( pOld==pPtr ){
+ sqlite3_result_error(context, "out of memory", -1);
+ return;
+ }
+ }else{
+ if( zName ){
+ pPtr = sqlite3Fts3HashFind(pHash, zName, nName);
+ }
+ if( !pPtr ){
+ char *zErr = sqlite3_mprintf("unknown tokenizer: %s", zName);
+ sqlite3_result_error(context, zErr, -1);
+ sqlite3_free(zErr);
+ return;
+ }
+ }
+
+ sqlite3_result_blob(context, (void *)&pPtr, sizeof(pPtr), SQLITE_TRANSIENT);
+}
+
+SQLITE_PRIVATE int sqlite3Fts3IsIdChar(char c){
+ static const char isFtsIdChar[] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1x */
+ 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 2x */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, /* 3x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 4x */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, /* 5x */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 6x */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, /* 7x */
+ };
+ return (c&0x80 || isFtsIdChar[(int)(c)]);
+}
+
+SQLITE_PRIVATE const char *sqlite3Fts3NextToken(const char *zStr, int *pn){
+ const char *z1;
+ const char *z2 = 0;
+
+ /* Find the start of the next token. */
+ z1 = zStr;
+ while( z2==0 ){
+ char c = *z1;
+ switch( c ){
+ case '\0': return 0; /* No more tokens here */
+ case '\'':
+ case '"':
+ case '`': {
+ z2 = z1;
+ while( *++z2 && (*z2!=c || *++z2==c) );
+ break;
+ }
+ case '[':
+ z2 = &z1[1];
+ while( *z2 && z2[0]!=']' ) z2++;
+ if( *z2 ) z2++;
+ break;
+
+ default:
+ if( sqlite3Fts3IsIdChar(*z1) ){
+ z2 = &z1[1];
+ while( sqlite3Fts3IsIdChar(*z2) ) z2++;
+ }else{
+ z1++;
+ }
+ }
+ }
+
+ *pn = (int)(z2-z1);
+ return z1;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3InitTokenizer(
+ Fts3Hash *pHash, /* Tokenizer hash table */
+ const char *zArg, /* Tokenizer name */
+ sqlite3_tokenizer **ppTok, /* OUT: Tokenizer (if applicable) */
+ char **pzErr /* OUT: Set to malloced error message */
+){
+ int rc;
+ char *z = (char *)zArg;
+ int n = 0;
+ char *zCopy;
+ char *zEnd; /* Pointer to nul-term of zCopy */
+ sqlite3_tokenizer_module *m;
+
+ zCopy = sqlite3_mprintf("%s", zArg);
+ if( !zCopy ) return SQLITE_NOMEM;
+ zEnd = &zCopy[strlen(zCopy)];
+
+ z = (char *)sqlite3Fts3NextToken(zCopy, &n);
+ if( z==0 ){
+ assert( n==0 );
+ z = zCopy;
+ }
+ z[n] = '\0';
+ sqlite3Fts3Dequote(z);
+
+ m = (sqlite3_tokenizer_module *)sqlite3Fts3HashFind(pHash,z,(int)strlen(z)+1);
+ if( !m ){
+ sqlite3Fts3ErrMsg(pzErr, "unknown tokenizer: %s", z);
+ rc = SQLITE_ERROR;
+ }else{
+ char const **aArg = 0;
+ int iArg = 0;
+ z = &z[n+1];
+ while( z<zEnd && (NULL!=(z = (char *)sqlite3Fts3NextToken(z, &n))) ){
+ int nNew = sizeof(char *)*(iArg+1);
+ char const **aNew = (const char **)sqlite3_realloc((void *)aArg, nNew);
+ if( !aNew ){
+ sqlite3_free(zCopy);
+ sqlite3_free((void *)aArg);
+ return SQLITE_NOMEM;
+ }
+ aArg = aNew;
+ aArg[iArg++] = z;
+ z[n] = '\0';
+ sqlite3Fts3Dequote(z);
+ z = &z[n+1];
+ }
+ rc = m->xCreate(iArg, aArg, ppTok);
+ assert( rc!=SQLITE_OK || *ppTok );
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts3ErrMsg(pzErr, "unknown tokenizer");
+ }else{
+ (*ppTok)->pModule = m;
+ }
+ sqlite3_free((void *)aArg);
+ }
+
+ sqlite3_free(zCopy);
+ return rc;
+}
+
+
+#ifdef SQLITE_TEST
+
+#include <tcl.h>
+/* #include <string.h> */
+
+/*
+** Implementation of a special SQL scalar function for testing tokenizers
+** designed to be used in concert with the Tcl testing framework. This
+** function must be called with two or more arguments:
+**
+** SELECT <function-name>(<key-name>, ..., <input-string>);
+**
+** where <function-name> is the name passed as the second argument
+** to the sqlite3Fts3InitHashTable() function (e.g. 'fts3_tokenizer')
+** concatenated with the string '_test' (e.g. 'fts3_tokenizer_test').
+**
+** The return value is a string that may be interpreted as a Tcl
+** list. For each token in the <input-string>, three elements are
+** added to the returned list. The first is the token position, the
+** second is the token text (folded, stemmed, etc.) and the third is the
+** substring of <input-string> associated with the token. For example,
+** using the built-in "simple" tokenizer:
+**
+** SELECT fts_tokenizer_test('simple', 'I don't see how');
+**
+** will return the string:
+**
+** "{0 i I 1 dont don't 2 see see 3 how how}"
+**
+*/
+static void testFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ Fts3Hash *pHash;
+ sqlite3_tokenizer_module *p;
+ sqlite3_tokenizer *pTokenizer = 0;
+ sqlite3_tokenizer_cursor *pCsr = 0;
+
+ const char *zErr = 0;
+
+ const char *zName;
+ int nName;
+ const char *zInput;
+ int nInput;
+
+ const char *azArg[64];
+
+ const char *zToken;
+ int nToken = 0;
+ int iStart = 0;
+ int iEnd = 0;
+ int iPos = 0;
+ int i;
+
+ Tcl_Obj *pRet;
+
+ if( argc<2 ){
+ sqlite3_result_error(context, "insufficient arguments", -1);
+ return;
+ }
+
+ nName = sqlite3_value_bytes(argv[0]);
+ zName = (const char *)sqlite3_value_text(argv[0]);
+ nInput = sqlite3_value_bytes(argv[argc-1]);
+ zInput = (const char *)sqlite3_value_text(argv[argc-1]);
+
+ pHash = (Fts3Hash *)sqlite3_user_data(context);
+ p = (sqlite3_tokenizer_module *)sqlite3Fts3HashFind(pHash, zName, nName+1);
+
+ if( !p ){
+ char *zErr2 = sqlite3_mprintf("unknown tokenizer: %s", zName);
+ sqlite3_result_error(context, zErr2, -1);
+ sqlite3_free(zErr2);
+ return;
+ }
+
+ pRet = Tcl_NewObj();
+ Tcl_IncrRefCount(pRet);
+
+ for(i=1; i<argc-1; i++){
+ azArg[i-1] = (const char *)sqlite3_value_text(argv[i]);
+ }
+
+ if( SQLITE_OK!=p->xCreate(argc-2, azArg, &pTokenizer) ){
+ zErr = "error in xCreate()";
+ goto finish;
+ }
+ pTokenizer->pModule = p;
+ if( sqlite3Fts3OpenTokenizer(pTokenizer, 0, zInput, nInput, &pCsr) ){
+ zErr = "error in xOpen()";
+ goto finish;
+ }
+
+ while( SQLITE_OK==p->xNext(pCsr, &zToken, &nToken, &iStart, &iEnd, &iPos) ){
+ Tcl_ListObjAppendElement(0, pRet, Tcl_NewIntObj(iPos));
+ Tcl_ListObjAppendElement(0, pRet, Tcl_NewStringObj(zToken, nToken));
+ zToken = &zInput[iStart];
+ nToken = iEnd-iStart;
+ Tcl_ListObjAppendElement(0, pRet, Tcl_NewStringObj(zToken, nToken));
+ }
+
+ if( SQLITE_OK!=p->xClose(pCsr) ){
+ zErr = "error in xClose()";
+ goto finish;
+ }
+ if( SQLITE_OK!=p->xDestroy(pTokenizer) ){
+ zErr = "error in xDestroy()";
+ goto finish;
+ }
+
+finish:
+ if( zErr ){
+ sqlite3_result_error(context, zErr, -1);
+ }else{
+ sqlite3_result_text(context, Tcl_GetString(pRet), -1, SQLITE_TRANSIENT);
+ }
+ Tcl_DecrRefCount(pRet);
+}
+
+static
+int registerTokenizer(
+ sqlite3 *db,
+ char *zName,
+ const sqlite3_tokenizer_module *p
+){
+ int rc;
+ sqlite3_stmt *pStmt;
+ const char zSql[] = "SELECT fts3_tokenizer(?, ?)";
+
+ rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ sqlite3_bind_text(pStmt, 1, zName, -1, SQLITE_STATIC);
+ sqlite3_bind_blob(pStmt, 2, &p, sizeof(p), SQLITE_STATIC);
+ sqlite3_step(pStmt);
+
+ return sqlite3_finalize(pStmt);
+}
+
+static
+int queryTokenizer(
+ sqlite3 *db,
+ char *zName,
+ const sqlite3_tokenizer_module **pp
+){
+ int rc;
+ sqlite3_stmt *pStmt;
+ const char zSql[] = "SELECT fts3_tokenizer(?)";
+
+ *pp = 0;
+ rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ sqlite3_bind_text(pStmt, 1, zName, -1, SQLITE_STATIC);
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ if( sqlite3_column_type(pStmt, 0)==SQLITE_BLOB ){
+ memcpy((void *)pp, sqlite3_column_blob(pStmt, 0), sizeof(*pp));
+ }
+ }
+
+ return sqlite3_finalize(pStmt);
+}
+
+SQLITE_PRIVATE void sqlite3Fts3SimpleTokenizerModule(sqlite3_tokenizer_module const**ppModule);
+
+/*
+** Implementation of the scalar function fts3_tokenizer_internal_test().
+** This function is used for testing only, it is not included in the
+** build unless SQLITE_TEST is defined.
+**
+** The purpose of this is to test that the fts3_tokenizer() function
+** can be used as designed by the C-code in the queryTokenizer and
+** registerTokenizer() functions above. These two functions are repeated
+** in the README.tokenizer file as an example, so it is important to
+** test them.
+**
+** To run the tests, evaluate the fts3_tokenizer_internal_test() scalar
+** function with no arguments. An assert() will fail if a problem is
+** detected. i.e.:
+**
+** SELECT fts3_tokenizer_internal_test();
+**
+*/
+static void intTestFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ int rc;
+ const sqlite3_tokenizer_module *p1;
+ const sqlite3_tokenizer_module *p2;
+ sqlite3 *db = (sqlite3 *)sqlite3_user_data(context);
+
+ UNUSED_PARAMETER(argc);
+ UNUSED_PARAMETER(argv);
+
+ /* Test the query function */
+ sqlite3Fts3SimpleTokenizerModule(&p1);
+ rc = queryTokenizer(db, "simple", &p2);
+ assert( rc==SQLITE_OK );
+ assert( p1==p2 );
+ rc = queryTokenizer(db, "nosuchtokenizer", &p2);
+ assert( rc==SQLITE_ERROR );
+ assert( p2==0 );
+ assert( 0==strcmp(sqlite3_errmsg(db), "unknown tokenizer: nosuchtokenizer") );
+
+ /* Test the storage function */
+ rc = registerTokenizer(db, "nosuchtokenizer", p1);
+ assert( rc==SQLITE_OK );
+ rc = queryTokenizer(db, "nosuchtokenizer", &p2);
+ assert( rc==SQLITE_OK );
+ assert( p2==p1 );
+
+ sqlite3_result_text(context, "ok", -1, SQLITE_STATIC);
+}
+
+#endif
+
+/*
+** Set up SQL objects in database db used to access the contents of
+** the hash table pointed to by argument pHash. The hash table must
+** been initialized to use string keys, and to take a private copy
+** of the key when a value is inserted. i.e. by a call similar to:
+**
+** sqlite3Fts3HashInit(pHash, FTS3_HASH_STRING, 1);
+**
+** This function adds a scalar function (see header comment above
+** scalarFunc() in this file for details) and, if ENABLE_TABLE is
+** defined at compilation time, a temporary virtual table (see header
+** comment above struct HashTableVtab) to the database schema. Both
+** provide read/write access to the contents of *pHash.
+**
+** The third argument to this function, zName, is used as the name
+** of both the scalar and, if created, the virtual table.
+*/
+SQLITE_PRIVATE int sqlite3Fts3InitHashTable(
+ sqlite3 *db,
+ Fts3Hash *pHash,
+ const char *zName
+){
+ int rc = SQLITE_OK;
+ void *p = (void *)pHash;
+ const int any = SQLITE_ANY;
+
+#ifdef SQLITE_TEST
+ char *zTest = 0;
+ char *zTest2 = 0;
+ void *pdb = (void *)db;
+ zTest = sqlite3_mprintf("%s_test", zName);
+ zTest2 = sqlite3_mprintf("%s_internal_test", zName);
+ if( !zTest || !zTest2 ){
+ rc = SQLITE_NOMEM;
+ }
+#endif
+
+ if( SQLITE_OK==rc ){
+ rc = sqlite3_create_function(db, zName, 1, any, p, scalarFunc, 0, 0);
+ }
+ if( SQLITE_OK==rc ){
+ rc = sqlite3_create_function(db, zName, 2, any, p, scalarFunc, 0, 0);
+ }
+#ifdef SQLITE_TEST
+ if( SQLITE_OK==rc ){
+ rc = sqlite3_create_function(db, zTest, -1, any, p, testFunc, 0, 0);
+ }
+ if( SQLITE_OK==rc ){
+ rc = sqlite3_create_function(db, zTest2, 0, any, pdb, intTestFunc, 0, 0);
+ }
+#endif
+
+#ifdef SQLITE_TEST
+ sqlite3_free(zTest);
+ sqlite3_free(zTest2);
+#endif
+
+ return rc;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_tokenizer.c **************************************/
+/************** Begin file fts3_tokenizer1.c *********************************/
+/*
+** 2006 Oct 10
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Implementation of the "simple" full-text-search tokenizer.
+*/
+
+/*
+** The code in this file is only compiled if:
+**
+** * The FTS3 module is being built as an extension
+** (in which case SQLITE_CORE is not defined), or
+**
+** * The FTS3 module is being built into the core of
+** SQLite (in which case SQLITE_ENABLE_FTS3 is defined).
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <assert.h> */
+/* #include <stdlib.h> */
+/* #include <stdio.h> */
+/* #include <string.h> */
+
+/* #include "fts3_tokenizer.h" */
+
+typedef struct simple_tokenizer {
+ sqlite3_tokenizer base;
+ char delim[128]; /* flag ASCII delimiters */
+} simple_tokenizer;
+
+typedef struct simple_tokenizer_cursor {
+ sqlite3_tokenizer_cursor base;
+ const char *pInput; /* input we are tokenizing */
+ int nBytes; /* size of the input */
+ int iOffset; /* current position in pInput */
+ int iToken; /* index of next token to be returned */
+ char *pToken; /* storage for current token */
+ int nTokenAllocated; /* space allocated to zToken buffer */
+} simple_tokenizer_cursor;
+
+
+static int simpleDelim(simple_tokenizer *t, unsigned char c){
+ return c<0x80 && t->delim[c];
+}
+static int fts3_isalnum(int x){
+ return (x>='0' && x<='9') || (x>='A' && x<='Z') || (x>='a' && x<='z');
+}
+
+/*
+** Create a new tokenizer instance.
+*/
+static int simpleCreate(
+ int argc, const char * const *argv,
+ sqlite3_tokenizer **ppTokenizer
+){
+ simple_tokenizer *t;
+
+ t = (simple_tokenizer *) sqlite3_malloc(sizeof(*t));
+ if( t==NULL ) return SQLITE_NOMEM;
+ memset(t, 0, sizeof(*t));
+
+ /* TODO(shess) Delimiters need to remain the same from run to run,
+ ** else we need to reindex. One solution would be a meta-table to
+ ** track such information in the database, then we'd only want this
+ ** information on the initial create.
+ */
+ if( argc>1 ){
+ int i, n = (int)strlen(argv[1]);
+ for(i=0; i<n; i++){
+ unsigned char ch = argv[1][i];
+ /* We explicitly don't support UTF-8 delimiters for now. */
+ if( ch>=0x80 ){
+ sqlite3_free(t);
+ return SQLITE_ERROR;
+ }
+ t->delim[ch] = 1;
+ }
+ } else {
+ /* Mark non-alphanumeric ASCII characters as delimiters */
+ int i;
+ for(i=1; i<0x80; i++){
+ t->delim[i] = !fts3_isalnum(i) ? -1 : 0;
+ }
+ }
+
+ *ppTokenizer = &t->base;
+ return SQLITE_OK;
+}
+
+/*
+** Destroy a tokenizer
+*/
+static int simpleDestroy(sqlite3_tokenizer *pTokenizer){
+ sqlite3_free(pTokenizer);
+ return SQLITE_OK;
+}
+
+/*
+** Prepare to begin tokenizing a particular string. The input
+** string to be tokenized is pInput[0..nBytes-1]. A cursor
+** used to incrementally tokenize this string is returned in
+** *ppCursor.
+*/
+static int simpleOpen(
+ sqlite3_tokenizer *pTokenizer, /* The tokenizer */
+ const char *pInput, int nBytes, /* String to be tokenized */
+ sqlite3_tokenizer_cursor **ppCursor /* OUT: Tokenization cursor */
+){
+ simple_tokenizer_cursor *c;
+
+ UNUSED_PARAMETER(pTokenizer);
+
+ c = (simple_tokenizer_cursor *) sqlite3_malloc(sizeof(*c));
+ if( c==NULL ) return SQLITE_NOMEM;
+
+ c->pInput = pInput;
+ if( pInput==0 ){
+ c->nBytes = 0;
+ }else if( nBytes<0 ){
+ c->nBytes = (int)strlen(pInput);
+ }else{
+ c->nBytes = nBytes;
+ }
+ c->iOffset = 0; /* start tokenizing at the beginning */
+ c->iToken = 0;
+ c->pToken = NULL; /* no space allocated, yet. */
+ c->nTokenAllocated = 0;
+
+ *ppCursor = &c->base;
+ return SQLITE_OK;
+}
+
+/*
+** Close a tokenization cursor previously opened by a call to
+** simpleOpen() above.
+*/
+static int simpleClose(sqlite3_tokenizer_cursor *pCursor){
+ simple_tokenizer_cursor *c = (simple_tokenizer_cursor *) pCursor;
+ sqlite3_free(c->pToken);
+ sqlite3_free(c);
+ return SQLITE_OK;
+}
+
+/*
+** Extract the next token from a tokenization cursor. The cursor must
+** have been opened by a prior call to simpleOpen().
+*/
+static int simpleNext(
+ sqlite3_tokenizer_cursor *pCursor, /* Cursor returned by simpleOpen */
+ const char **ppToken, /* OUT: *ppToken is the token text */
+ int *pnBytes, /* OUT: Number of bytes in token */
+ int *piStartOffset, /* OUT: Starting offset of token */
+ int *piEndOffset, /* OUT: Ending offset of token */
+ int *piPosition /* OUT: Position integer of token */
+){
+ simple_tokenizer_cursor *c = (simple_tokenizer_cursor *) pCursor;
+ simple_tokenizer *t = (simple_tokenizer *) pCursor->pTokenizer;
+ unsigned char *p = (unsigned char *)c->pInput;
+
+ while( c->iOffset<c->nBytes ){
+ int iStartOffset;
+
+ /* Scan past delimiter characters */
+ while( c->iOffset<c->nBytes && simpleDelim(t, p[c->iOffset]) ){
+ c->iOffset++;
+ }
+
+ /* Count non-delimiter characters. */
+ iStartOffset = c->iOffset;
+ while( c->iOffset<c->nBytes && !simpleDelim(t, p[c->iOffset]) ){
+ c->iOffset++;
+ }
+
+ if( c->iOffset>iStartOffset ){
+ int i, n = c->iOffset-iStartOffset;
+ if( n>c->nTokenAllocated ){
+ char *pNew;
+ c->nTokenAllocated = n+20;
+ pNew = sqlite3_realloc(c->pToken, c->nTokenAllocated);
+ if( !pNew ) return SQLITE_NOMEM;
+ c->pToken = pNew;
+ }
+ for(i=0; i<n; i++){
+ /* TODO(shess) This needs expansion to handle UTF-8
+ ** case-insensitivity.
+ */
+ unsigned char ch = p[iStartOffset+i];
+ c->pToken[i] = (char)((ch>='A' && ch<='Z') ? ch-'A'+'a' : ch);
+ }
+ *ppToken = c->pToken;
+ *pnBytes = n;
+ *piStartOffset = iStartOffset;
+ *piEndOffset = c->iOffset;
+ *piPosition = c->iToken++;
+
+ return SQLITE_OK;
+ }
+ }
+ return SQLITE_DONE;
+}
+
+/*
+** The set of routines that implement the simple tokenizer
+*/
+static const sqlite3_tokenizer_module simpleTokenizerModule = {
+ 0,
+ simpleCreate,
+ simpleDestroy,
+ simpleOpen,
+ simpleClose,
+ simpleNext,
+ 0,
+};
+
+/*
+** Allocate a new simple tokenizer. Return a pointer to the new
+** tokenizer in *ppModule
+*/
+SQLITE_PRIVATE void sqlite3Fts3SimpleTokenizerModule(
+ sqlite3_tokenizer_module const**ppModule
+){
+ *ppModule = &simpleTokenizerModule;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_tokenizer1.c *************************************/
+/************** Begin file fts3_tokenize_vtab.c ******************************/
+/*
+** 2013 Apr 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains code for the "fts3tokenize" virtual table module.
+** An fts3tokenize virtual table is created as follows:
+**
+** CREATE VIRTUAL TABLE <tbl> USING fts3tokenize(
+** <tokenizer-name>, <arg-1>, ...
+** );
+**
+** The table created has the following schema:
+**
+** CREATE TABLE <tbl>(input, token, start, end, position)
+**
+** When queried, the query must include a WHERE clause of type:
+**
+** input = <string>
+**
+** The virtual table module tokenizes this <string>, using the FTS3
+** tokenizer specified by the arguments to the CREATE VIRTUAL TABLE
+** statement and returns one row for each token in the result. With
+** fields set as follows:
+**
+** input: Always set to a copy of <string>
+** token: A token from the input.
+** start: Byte offset of the token within the input <string>.
+** end: Byte offset of the byte immediately following the end of the
+** token within the input string.
+** pos: Token offset of token within input.
+**
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <string.h> */
+/* #include <assert.h> */
+
+typedef struct Fts3tokTable Fts3tokTable;
+typedef struct Fts3tokCursor Fts3tokCursor;
+
+/*
+** Virtual table structure.
+*/
+struct Fts3tokTable {
+ sqlite3_vtab base; /* Base class used by SQLite core */
+ const sqlite3_tokenizer_module *pMod;
+ sqlite3_tokenizer *pTok;
+};
+
+/*
+** Virtual table cursor structure.
+*/
+struct Fts3tokCursor {
+ sqlite3_vtab_cursor base; /* Base class used by SQLite core */
+ char *zInput; /* Input string */
+ sqlite3_tokenizer_cursor *pCsr; /* Cursor to iterate through zInput */
+ int iRowid; /* Current 'rowid' value */
+ const char *zToken; /* Current 'token' value */
+ int nToken; /* Size of zToken in bytes */
+ int iStart; /* Current 'start' value */
+ int iEnd; /* Current 'end' value */
+ int iPos; /* Current 'pos' value */
+};
+
+/*
+** Query FTS for the tokenizer implementation named zName.
+*/
+static int fts3tokQueryTokenizer(
+ Fts3Hash *pHash,
+ const char *zName,
+ const sqlite3_tokenizer_module **pp,
+ char **pzErr
+){
+ sqlite3_tokenizer_module *p;
+ int nName = (int)strlen(zName);
+
+ p = (sqlite3_tokenizer_module *)sqlite3Fts3HashFind(pHash, zName, nName+1);
+ if( !p ){
+ sqlite3Fts3ErrMsg(pzErr, "unknown tokenizer: %s", zName);
+ return SQLITE_ERROR;
+ }
+
+ *pp = p;
+ return SQLITE_OK;
+}
+
+/*
+** The second argument, argv[], is an array of pointers to nul-terminated
+** strings. This function makes a copy of the array and strings into a
+** single block of memory. It then dequotes any of the strings that appear
+** to be quoted.
+**
+** If successful, output parameter *pazDequote is set to point at the
+** array of dequoted strings and SQLITE_OK is returned. The caller is
+** responsible for eventually calling sqlite3_free() to free the array
+** in this case. Or, if an error occurs, an SQLite error code is returned.
+** The final value of *pazDequote is undefined in this case.
+*/
+static int fts3tokDequoteArray(
+ int argc, /* Number of elements in argv[] */
+ const char * const *argv, /* Input array */
+ char ***pazDequote /* Output array */
+){
+ int rc = SQLITE_OK; /* Return code */
+ if( argc==0 ){
+ *pazDequote = 0;
+ }else{
+ int i;
+ int nByte = 0;
+ char **azDequote;
+
+ for(i=0; i<argc; i++){
+ nByte += (int)(strlen(argv[i]) + 1);
+ }
+
+ *pazDequote = azDequote = sqlite3_malloc(sizeof(char *)*argc + nByte);
+ if( azDequote==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ char *pSpace = (char *)&azDequote[argc];
+ for(i=0; i<argc; i++){
+ int n = (int)strlen(argv[i]);
+ azDequote[i] = pSpace;
+ memcpy(pSpace, argv[i], n+1);
+ sqlite3Fts3Dequote(pSpace);
+ pSpace += (n+1);
+ }
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Schema of the tokenizer table.
+*/
+#define FTS3_TOK_SCHEMA "CREATE TABLE x(input, token, start, end, position)"
+
+/*
+** This function does all the work for both the xConnect and xCreate methods.
+** These tables have no persistent representation of their own, so xConnect
+** and xCreate are identical operations.
+**
+** argv[0]: module name
+** argv[1]: database name
+** argv[2]: table name
+** argv[3]: first argument (tokenizer name)
+*/
+static int fts3tokConnectMethod(
+ sqlite3 *db, /* Database connection */
+ void *pHash, /* Hash table of tokenizers */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ Fts3tokTable *pTab = 0;
+ const sqlite3_tokenizer_module *pMod = 0;
+ sqlite3_tokenizer *pTok = 0;
+ int rc;
+ char **azDequote = 0;
+ int nDequote;
+
+ rc = sqlite3_declare_vtab(db, FTS3_TOK_SCHEMA);
+ if( rc!=SQLITE_OK ) return rc;
+
+ nDequote = argc-3;
+ rc = fts3tokDequoteArray(nDequote, &argv[3], &azDequote);
+
+ if( rc==SQLITE_OK ){
+ const char *zModule;
+ if( nDequote<1 ){
+ zModule = "simple";
+ }else{
+ zModule = azDequote[0];
+ }
+ rc = fts3tokQueryTokenizer((Fts3Hash*)pHash, zModule, &pMod, pzErr);
+ }
+
+ assert( (rc==SQLITE_OK)==(pMod!=0) );
+ if( rc==SQLITE_OK ){
+ const char * const *azArg = (const char * const *)&azDequote[1];
+ rc = pMod->xCreate((nDequote>1 ? nDequote-1 : 0), azArg, &pTok);
+ }
+
+ if( rc==SQLITE_OK ){
+ pTab = (Fts3tokTable *)sqlite3_malloc(sizeof(Fts3tokTable));
+ if( pTab==0 ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ memset(pTab, 0, sizeof(Fts3tokTable));
+ pTab->pMod = pMod;
+ pTab->pTok = pTok;
+ *ppVtab = &pTab->base;
+ }else{
+ if( pTok ){
+ pMod->xDestroy(pTok);
+ }
+ }
+
+ sqlite3_free(azDequote);
+ return rc;
+}
+
+/*
+** This function does the work for both the xDisconnect and xDestroy methods.
+** These tables have no persistent representation of their own, so xDisconnect
+** and xDestroy are identical operations.
+*/
+static int fts3tokDisconnectMethod(sqlite3_vtab *pVtab){
+ Fts3tokTable *pTab = (Fts3tokTable *)pVtab;
+
+ pTab->pMod->xDestroy(pTab->pTok);
+ sqlite3_free(pTab);
+ return SQLITE_OK;
+}
+
+/*
+** xBestIndex - Analyze a WHERE and ORDER BY clause.
+*/
+static int fts3tokBestIndexMethod(
+ sqlite3_vtab *pVTab,
+ sqlite3_index_info *pInfo
+){
+ int i;
+ UNUSED_PARAMETER(pVTab);
+
+ for(i=0; i<pInfo->nConstraint; i++){
+ if( pInfo->aConstraint[i].usable
+ && pInfo->aConstraint[i].iColumn==0
+ && pInfo->aConstraint[i].op==SQLITE_INDEX_CONSTRAINT_EQ
+ ){
+ pInfo->idxNum = 1;
+ pInfo->aConstraintUsage[i].argvIndex = 1;
+ pInfo->aConstraintUsage[i].omit = 1;
+ pInfo->estimatedCost = 1;
+ return SQLITE_OK;
+ }
+ }
+
+ pInfo->idxNum = 0;
+ assert( pInfo->estimatedCost>1000000.0 );
+
+ return SQLITE_OK;
+}
+
+/*
+** xOpen - Open a cursor.
+*/
+static int fts3tokOpenMethod(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCsr){
+ Fts3tokCursor *pCsr;
+ UNUSED_PARAMETER(pVTab);
+
+ pCsr = (Fts3tokCursor *)sqlite3_malloc(sizeof(Fts3tokCursor));
+ if( pCsr==0 ){
+ return SQLITE_NOMEM;
+ }
+ memset(pCsr, 0, sizeof(Fts3tokCursor));
+
+ *ppCsr = (sqlite3_vtab_cursor *)pCsr;
+ return SQLITE_OK;
+}
+
+/*
+** Reset the tokenizer cursor passed as the only argument. As if it had
+** just been returned by fts3tokOpenMethod().
+*/
+static void fts3tokResetCursor(Fts3tokCursor *pCsr){
+ if( pCsr->pCsr ){
+ Fts3tokTable *pTab = (Fts3tokTable *)(pCsr->base.pVtab);
+ pTab->pMod->xClose(pCsr->pCsr);
+ pCsr->pCsr = 0;
+ }
+ sqlite3_free(pCsr->zInput);
+ pCsr->zInput = 0;
+ pCsr->zToken = 0;
+ pCsr->nToken = 0;
+ pCsr->iStart = 0;
+ pCsr->iEnd = 0;
+ pCsr->iPos = 0;
+ pCsr->iRowid = 0;
+}
+
+/*
+** xClose - Close a cursor.
+*/
+static int fts3tokCloseMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3tokCursor *pCsr = (Fts3tokCursor *)pCursor;
+
+ fts3tokResetCursor(pCsr);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+/*
+** xNext - Advance the cursor to the next row, if any.
+*/
+static int fts3tokNextMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3tokCursor *pCsr = (Fts3tokCursor *)pCursor;
+ Fts3tokTable *pTab = (Fts3tokTable *)(pCursor->pVtab);
+ int rc; /* Return code */
+
+ pCsr->iRowid++;
+ rc = pTab->pMod->xNext(pCsr->pCsr,
+ &pCsr->zToken, &pCsr->nToken,
+ &pCsr->iStart, &pCsr->iEnd, &pCsr->iPos
+ );
+
+ if( rc!=SQLITE_OK ){
+ fts3tokResetCursor(pCsr);
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ }
+
+ return rc;
+}
+
+/*
+** xFilter - Initialize a cursor to point at the start of its data.
+*/
+static int fts3tokFilterMethod(
+ sqlite3_vtab_cursor *pCursor, /* The cursor used for this query */
+ int idxNum, /* Strategy index */
+ const char *idxStr, /* Unused */
+ int nVal, /* Number of elements in apVal */
+ sqlite3_value **apVal /* Arguments for the indexing scheme */
+){
+ int rc = SQLITE_ERROR;
+ Fts3tokCursor *pCsr = (Fts3tokCursor *)pCursor;
+ Fts3tokTable *pTab = (Fts3tokTable *)(pCursor->pVtab);
+ UNUSED_PARAMETER(idxStr);
+ UNUSED_PARAMETER(nVal);
+
+ fts3tokResetCursor(pCsr);
+ if( idxNum==1 ){
+ const char *zByte = (const char *)sqlite3_value_text(apVal[0]);
+ int nByte = sqlite3_value_bytes(apVal[0]);
+ pCsr->zInput = sqlite3_malloc(nByte+1);
+ if( pCsr->zInput==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memcpy(pCsr->zInput, zByte, nByte);
+ pCsr->zInput[nByte] = 0;
+ rc = pTab->pMod->xOpen(pTab->pTok, pCsr->zInput, nByte, &pCsr->pCsr);
+ if( rc==SQLITE_OK ){
+ pCsr->pCsr->pTokenizer = pTab->pTok;
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ) return rc;
+ return fts3tokNextMethod(pCursor);
+}
+
+/*
+** xEof - Return true if the cursor is at EOF, or false otherwise.
+*/
+static int fts3tokEofMethod(sqlite3_vtab_cursor *pCursor){
+ Fts3tokCursor *pCsr = (Fts3tokCursor *)pCursor;
+ return (pCsr->zToken==0);
+}
+
+/*
+** xColumn - Return a column value.
+*/
+static int fts3tokColumnMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite3_context *pCtx, /* Context for sqlite3_result_xxx() calls */
+ int iCol /* Index of column to read value from */
+){
+ Fts3tokCursor *pCsr = (Fts3tokCursor *)pCursor;
+
+ /* CREATE TABLE x(input, token, start, end, position) */
+ switch( iCol ){
+ case 0:
+ sqlite3_result_text(pCtx, pCsr->zInput, -1, SQLITE_TRANSIENT);
+ break;
+ case 1:
+ sqlite3_result_text(pCtx, pCsr->zToken, pCsr->nToken, SQLITE_TRANSIENT);
+ break;
+ case 2:
+ sqlite3_result_int(pCtx, pCsr->iStart);
+ break;
+ case 3:
+ sqlite3_result_int(pCtx, pCsr->iEnd);
+ break;
+ default:
+ assert( iCol==4 );
+ sqlite3_result_int(pCtx, pCsr->iPos);
+ break;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** xRowid - Return the current rowid for the cursor.
+*/
+static int fts3tokRowidMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite_int64 *pRowid /* OUT: Rowid value */
+){
+ Fts3tokCursor *pCsr = (Fts3tokCursor *)pCursor;
+ *pRowid = (sqlite3_int64)pCsr->iRowid;
+ return SQLITE_OK;
+}
+
+/*
+** Register the fts3tok module with database connection db. Return SQLITE_OK
+** if successful or an error code if sqlite3_create_module() fails.
+*/
+SQLITE_PRIVATE int sqlite3Fts3InitTok(sqlite3 *db, Fts3Hash *pHash){
+ static const sqlite3_module fts3tok_module = {
+ 0, /* iVersion */
+ fts3tokConnectMethod, /* xCreate */
+ fts3tokConnectMethod, /* xConnect */
+ fts3tokBestIndexMethod, /* xBestIndex */
+ fts3tokDisconnectMethod, /* xDisconnect */
+ fts3tokDisconnectMethod, /* xDestroy */
+ fts3tokOpenMethod, /* xOpen */
+ fts3tokCloseMethod, /* xClose */
+ fts3tokFilterMethod, /* xFilter */
+ fts3tokNextMethod, /* xNext */
+ fts3tokEofMethod, /* xEof */
+ fts3tokColumnMethod, /* xColumn */
+ fts3tokRowidMethod, /* xRowid */
+ 0, /* xUpdate */
+ 0, /* xBegin */
+ 0, /* xSync */
+ 0, /* xCommit */
+ 0, /* xRollback */
+ 0, /* xFindFunction */
+ 0, /* xRename */
+ 0, /* xSavepoint */
+ 0, /* xRelease */
+ 0 /* xRollbackTo */
+ };
+ int rc; /* Return code */
+
+ rc = sqlite3_create_module(db, "fts3tokenize", &fts3tok_module, (void*)pHash);
+ return rc;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_tokenize_vtab.c **********************************/
+/************** Begin file fts3_write.c **************************************/
+/*
+** 2009 Oct 23
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file is part of the SQLite FTS3 extension module. Specifically,
+** this file contains code to insert, update and delete rows from FTS3
+** tables. It also contains code to merge FTS3 b-tree segments. Some
+** of the sub-routines used to merge segments are also used by the query
+** code in fts3.c.
+*/
+
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <string.h> */
+/* #include <assert.h> */
+/* #include <stdlib.h> */
+
+
+#define FTS_MAX_APPENDABLE_HEIGHT 16
+
+/*
+** When full-text index nodes are loaded from disk, the buffer that they
+** are loaded into has the following number of bytes of padding at the end
+** of it. i.e. if a full-text index node is 900 bytes in size, then a buffer
+** of 920 bytes is allocated for it.
+**
+** This means that if we have a pointer into a buffer containing node data,
+** it is always safe to read up to two varints from it without risking an
+** overread, even if the node data is corrupted.
+*/
+#define FTS3_NODE_PADDING (FTS3_VARINT_MAX*2)
+
+/*
+** Under certain circumstances, b-tree nodes (doclists) can be loaded into
+** memory incrementally instead of all at once. This can be a big performance
+** win (reduced IO and CPU) if SQLite stops calling the virtual table xNext()
+** method before retrieving all query results (as may happen, for example,
+** if a query has a LIMIT clause).
+**
+** Incremental loading is used for b-tree nodes FTS3_NODE_CHUNK_THRESHOLD
+** bytes and larger. Nodes are loaded in chunks of FTS3_NODE_CHUNKSIZE bytes.
+** The code is written so that the hard lower-limit for each of these values
+** is 1. Clearly such small values would be inefficient, but can be useful
+** for testing purposes.
+**
+** If this module is built with SQLITE_TEST defined, these constants may
+** be overridden at runtime for testing purposes. File fts3_test.c contains
+** a Tcl interface to read and write the values.
+*/
+#ifdef SQLITE_TEST
+int test_fts3_node_chunksize = (4*1024);
+int test_fts3_node_chunk_threshold = (4*1024)*4;
+# define FTS3_NODE_CHUNKSIZE test_fts3_node_chunksize
+# define FTS3_NODE_CHUNK_THRESHOLD test_fts3_node_chunk_threshold
+#else
+# define FTS3_NODE_CHUNKSIZE (4*1024)
+# define FTS3_NODE_CHUNK_THRESHOLD (FTS3_NODE_CHUNKSIZE*4)
+#endif
+
+/*
+** The two values that may be meaningfully bound to the :1 parameter in
+** statements SQL_REPLACE_STAT and SQL_SELECT_STAT.
+*/
+#define FTS_STAT_DOCTOTAL 0
+#define FTS_STAT_INCRMERGEHINT 1
+#define FTS_STAT_AUTOINCRMERGE 2
+
+/*
+** If FTS_LOG_MERGES is defined, call sqlite3_log() to report each automatic
+** and incremental merge operation that takes place. This is used for
+** debugging FTS only, it should not usually be turned on in production
+** systems.
+*/
+#ifdef FTS3_LOG_MERGES
+static void fts3LogMerge(int nMerge, sqlite3_int64 iAbsLevel){
+ sqlite3_log(SQLITE_OK, "%d-way merge from level %d", nMerge, (int)iAbsLevel);
+}
+#else
+#define fts3LogMerge(x, y)
+#endif
+
+
+typedef struct PendingList PendingList;
+typedef struct SegmentNode SegmentNode;
+typedef struct SegmentWriter SegmentWriter;
+
+/*
+** An instance of the following data structure is used to build doclists
+** incrementally. See function fts3PendingListAppend() for details.
+*/
+struct PendingList {
+ int nData;
+ char *aData;
+ int nSpace;
+ sqlite3_int64 iLastDocid;
+ sqlite3_int64 iLastCol;
+ sqlite3_int64 iLastPos;
+};
+
+
+/*
+** Each cursor has a (possibly empty) linked list of the following objects.
+*/
+struct Fts3DeferredToken {
+ Fts3PhraseToken *pToken; /* Pointer to corresponding expr token */
+ int iCol; /* Column token must occur in */
+ Fts3DeferredToken *pNext; /* Next in list of deferred tokens */
+ PendingList *pList; /* Doclist is assembled here */
+};
+
+/*
+** An instance of this structure is used to iterate through the terms on
+** a contiguous set of segment b-tree leaf nodes. Although the details of
+** this structure are only manipulated by code in this file, opaque handles
+** of type Fts3SegReader* are also used by code in fts3.c to iterate through
+** terms when querying the full-text index. See functions:
+**
+** sqlite3Fts3SegReaderNew()
+** sqlite3Fts3SegReaderFree()
+** sqlite3Fts3SegReaderIterate()
+**
+** Methods used to manipulate Fts3SegReader structures:
+**
+** fts3SegReaderNext()
+** fts3SegReaderFirstDocid()
+** fts3SegReaderNextDocid()
+*/
+struct Fts3SegReader {
+ int iIdx; /* Index within level, or 0x7FFFFFFF for PT */
+ u8 bLookup; /* True for a lookup only */
+ u8 rootOnly; /* True for a root-only reader */
+
+ sqlite3_int64 iStartBlock; /* Rowid of first leaf block to traverse */
+ sqlite3_int64 iLeafEndBlock; /* Rowid of final leaf block to traverse */
+ sqlite3_int64 iEndBlock; /* Rowid of final block in segment (or 0) */
+ sqlite3_int64 iCurrentBlock; /* Current leaf block (or 0) */
+
+ char *aNode; /* Pointer to node data (or NULL) */
+ int nNode; /* Size of buffer at aNode (or 0) */
+ int nPopulate; /* If >0, bytes of buffer aNode[] loaded */
+ sqlite3_blob *pBlob; /* If not NULL, blob handle to read node */
+
+ Fts3HashElem **ppNextElem;
+
+ /* Variables set by fts3SegReaderNext(). These may be read directly
+ ** by the caller. They are valid from the time SegmentReaderNew() returns
+ ** until SegmentReaderNext() returns something other than SQLITE_OK
+ ** (i.e. SQLITE_DONE).
+ */
+ int nTerm; /* Number of bytes in current term */
+ char *zTerm; /* Pointer to current term */
+ int nTermAlloc; /* Allocated size of zTerm buffer */
+ char *aDoclist; /* Pointer to doclist of current entry */
+ int nDoclist; /* Size of doclist in current entry */
+
+ /* The following variables are used by fts3SegReaderNextDocid() to iterate
+ ** through the current doclist (aDoclist/nDoclist).
+ */
+ char *pOffsetList;
+ int nOffsetList; /* For descending pending seg-readers only */
+ sqlite3_int64 iDocid;
+};
+
+#define fts3SegReaderIsPending(p) ((p)->ppNextElem!=0)
+#define fts3SegReaderIsRootOnly(p) ((p)->rootOnly!=0)
+
+/*
+** An instance of this structure is used to create a segment b-tree in the
+** database. The internal details of this type are only accessed by the
+** following functions:
+**
+** fts3SegWriterAdd()
+** fts3SegWriterFlush()
+** fts3SegWriterFree()
+*/
+struct SegmentWriter {
+ SegmentNode *pTree; /* Pointer to interior tree structure */
+ sqlite3_int64 iFirst; /* First slot in %_segments written */
+ sqlite3_int64 iFree; /* Next free slot in %_segments */
+ char *zTerm; /* Pointer to previous term buffer */
+ int nTerm; /* Number of bytes in zTerm */
+ int nMalloc; /* Size of malloc'd buffer at zMalloc */
+ char *zMalloc; /* Malloc'd space (possibly) used for zTerm */
+ int nSize; /* Size of allocation at aData */
+ int nData; /* Bytes of data in aData */
+ char *aData; /* Pointer to block from malloc() */
+ i64 nLeafData; /* Number of bytes of leaf data written */
+};
+
+/*
+** Type SegmentNode is used by the following three functions to create
+** the interior part of the segment b+-tree structures (everything except
+** the leaf nodes). These functions and type are only ever used by code
+** within the fts3SegWriterXXX() family of functions described above.
+**
+** fts3NodeAddTerm()
+** fts3NodeWrite()
+** fts3NodeFree()
+**
+** When a b+tree is written to the database (either as a result of a merge
+** or the pending-terms table being flushed), leaves are written into the
+** database file as soon as they are completely populated. The interior of
+** the tree is assembled in memory and written out only once all leaves have
+** been populated and stored. This is Ok, as the b+-tree fanout is usually
+** very large, meaning that the interior of the tree consumes relatively
+** little memory.
+*/
+struct SegmentNode {
+ SegmentNode *pParent; /* Parent node (or NULL for root node) */
+ SegmentNode *pRight; /* Pointer to right-sibling */
+ SegmentNode *pLeftmost; /* Pointer to left-most node of this depth */
+ int nEntry; /* Number of terms written to node so far */
+ char *zTerm; /* Pointer to previous term buffer */
+ int nTerm; /* Number of bytes in zTerm */
+ int nMalloc; /* Size of malloc'd buffer at zMalloc */
+ char *zMalloc; /* Malloc'd space (possibly) used for zTerm */
+ int nData; /* Bytes of valid data so far */
+ char *aData; /* Node data */
+};
+
+/*
+** Valid values for the second argument to fts3SqlStmt().
+*/
+#define SQL_DELETE_CONTENT 0
+#define SQL_IS_EMPTY 1
+#define SQL_DELETE_ALL_CONTENT 2
+#define SQL_DELETE_ALL_SEGMENTS 3
+#define SQL_DELETE_ALL_SEGDIR 4
+#define SQL_DELETE_ALL_DOCSIZE 5
+#define SQL_DELETE_ALL_STAT 6
+#define SQL_SELECT_CONTENT_BY_ROWID 7
+#define SQL_NEXT_SEGMENT_INDEX 8
+#define SQL_INSERT_SEGMENTS 9
+#define SQL_NEXT_SEGMENTS_ID 10
+#define SQL_INSERT_SEGDIR 11
+#define SQL_SELECT_LEVEL 12
+#define SQL_SELECT_LEVEL_RANGE 13
+#define SQL_SELECT_LEVEL_COUNT 14
+#define SQL_SELECT_SEGDIR_MAX_LEVEL 15
+#define SQL_DELETE_SEGDIR_LEVEL 16
+#define SQL_DELETE_SEGMENTS_RANGE 17
+#define SQL_CONTENT_INSERT 18
+#define SQL_DELETE_DOCSIZE 19
+#define SQL_REPLACE_DOCSIZE 20
+#define SQL_SELECT_DOCSIZE 21
+#define SQL_SELECT_STAT 22
+#define SQL_REPLACE_STAT 23
+
+#define SQL_SELECT_ALL_PREFIX_LEVEL 24
+#define SQL_DELETE_ALL_TERMS_SEGDIR 25
+#define SQL_DELETE_SEGDIR_RANGE 26
+#define SQL_SELECT_ALL_LANGID 27
+#define SQL_FIND_MERGE_LEVEL 28
+#define SQL_MAX_LEAF_NODE_ESTIMATE 29
+#define SQL_DELETE_SEGDIR_ENTRY 30
+#define SQL_SHIFT_SEGDIR_ENTRY 31
+#define SQL_SELECT_SEGDIR 32
+#define SQL_CHOMP_SEGDIR 33
+#define SQL_SEGMENT_IS_APPENDABLE 34
+#define SQL_SELECT_INDEXES 35
+#define SQL_SELECT_MXLEVEL 36
+
+#define SQL_SELECT_LEVEL_RANGE2 37
+#define SQL_UPDATE_LEVEL_IDX 38
+#define SQL_UPDATE_LEVEL 39
+
+/*
+** This function is used to obtain an SQLite prepared statement handle
+** for the statement identified by the second argument. If successful,
+** *pp is set to the requested statement handle and SQLITE_OK returned.
+** Otherwise, an SQLite error code is returned and *pp is set to 0.
+**
+** If argument apVal is not NULL, then it must point to an array with
+** at least as many entries as the requested statement has bound
+** parameters. The values are bound to the statements parameters before
+** returning.
+*/
+static int fts3SqlStmt(
+ Fts3Table *p, /* Virtual table handle */
+ int eStmt, /* One of the SQL_XXX constants above */
+ sqlite3_stmt **pp, /* OUT: Statement handle */
+ sqlite3_value **apVal /* Values to bind to statement */
+){
+ const char *azSql[] = {
+/* 0 */ "DELETE FROM %Q.'%q_content' WHERE rowid = ?",
+/* 1 */ "SELECT NOT EXISTS(SELECT docid FROM %Q.'%q_content' WHERE rowid!=?)",
+/* 2 */ "DELETE FROM %Q.'%q_content'",
+/* 3 */ "DELETE FROM %Q.'%q_segments'",
+/* 4 */ "DELETE FROM %Q.'%q_segdir'",
+/* 5 */ "DELETE FROM %Q.'%q_docsize'",
+/* 6 */ "DELETE FROM %Q.'%q_stat'",
+/* 7 */ "SELECT %s WHERE rowid=?",
+/* 8 */ "SELECT (SELECT max(idx) FROM %Q.'%q_segdir' WHERE level = ?) + 1",
+/* 9 */ "REPLACE INTO %Q.'%q_segments'(blockid, block) VALUES(?, ?)",
+/* 10 */ "SELECT coalesce((SELECT max(blockid) FROM %Q.'%q_segments') + 1, 1)",
+/* 11 */ "REPLACE INTO %Q.'%q_segdir' VALUES(?,?,?,?,?,?)",
+
+ /* Return segments in order from oldest to newest.*/
+/* 12 */ "SELECT idx, start_block, leaves_end_block, end_block, root "
+ "FROM %Q.'%q_segdir' WHERE level = ? ORDER BY idx ASC",
+/* 13 */ "SELECT idx, start_block, leaves_end_block, end_block, root "
+ "FROM %Q.'%q_segdir' WHERE level BETWEEN ? AND ?"
+ "ORDER BY level DESC, idx ASC",
+
+/* 14 */ "SELECT count(*) FROM %Q.'%q_segdir' WHERE level = ?",
+/* 15 */ "SELECT max(level) FROM %Q.'%q_segdir' WHERE level BETWEEN ? AND ?",
+
+/* 16 */ "DELETE FROM %Q.'%q_segdir' WHERE level = ?",
+/* 17 */ "DELETE FROM %Q.'%q_segments' WHERE blockid BETWEEN ? AND ?",
+/* 18 */ "INSERT INTO %Q.'%q_content' VALUES(%s)",
+/* 19 */ "DELETE FROM %Q.'%q_docsize' WHERE docid = ?",
+/* 20 */ "REPLACE INTO %Q.'%q_docsize' VALUES(?,?)",
+/* 21 */ "SELECT size FROM %Q.'%q_docsize' WHERE docid=?",
+/* 22 */ "SELECT value FROM %Q.'%q_stat' WHERE id=?",
+/* 23 */ "REPLACE INTO %Q.'%q_stat' VALUES(?,?)",
+/* 24 */ "",
+/* 25 */ "",
+
+/* 26 */ "DELETE FROM %Q.'%q_segdir' WHERE level BETWEEN ? AND ?",
+/* 27 */ "SELECT ? UNION SELECT level / (1024 * ?) FROM %Q.'%q_segdir'",
+
+/* This statement is used to determine which level to read the input from
+** when performing an incremental merge. It returns the absolute level number
+** of the oldest level in the db that contains at least ? segments. Or,
+** if no level in the FTS index contains more than ? segments, the statement
+** returns zero rows. */
+/* 28 */ "SELECT level FROM %Q.'%q_segdir' GROUP BY level HAVING count(*)>=?"
+ " ORDER BY (level %% 1024) ASC LIMIT 1",
+
+/* Estimate the upper limit on the number of leaf nodes in a new segment
+** created by merging the oldest :2 segments from absolute level :1. See
+** function sqlite3Fts3Incrmerge() for details. */
+/* 29 */ "SELECT 2 * total(1 + leaves_end_block - start_block) "
+ " FROM %Q.'%q_segdir' WHERE level = ? AND idx < ?",
+
+/* SQL_DELETE_SEGDIR_ENTRY
+** Delete the %_segdir entry on absolute level :1 with index :2. */
+/* 30 */ "DELETE FROM %Q.'%q_segdir' WHERE level = ? AND idx = ?",
+
+/* SQL_SHIFT_SEGDIR_ENTRY
+** Modify the idx value for the segment with idx=:3 on absolute level :2
+** to :1. */
+/* 31 */ "UPDATE %Q.'%q_segdir' SET idx = ? WHERE level=? AND idx=?",
+
+/* SQL_SELECT_SEGDIR
+** Read a single entry from the %_segdir table. The entry from absolute
+** level :1 with index value :2. */
+/* 32 */ "SELECT idx, start_block, leaves_end_block, end_block, root "
+ "FROM %Q.'%q_segdir' WHERE level = ? AND idx = ?",
+
+/* SQL_CHOMP_SEGDIR
+** Update the start_block (:1) and root (:2) fields of the %_segdir
+** entry located on absolute level :3 with index :4. */
+/* 33 */ "UPDATE %Q.'%q_segdir' SET start_block = ?, root = ?"
+ "WHERE level = ? AND idx = ?",
+
+/* SQL_SEGMENT_IS_APPENDABLE
+** Return a single row if the segment with end_block=? is appendable. Or
+** no rows otherwise. */
+/* 34 */ "SELECT 1 FROM %Q.'%q_segments' WHERE blockid=? AND block IS NULL",
+
+/* SQL_SELECT_INDEXES
+** Return the list of valid segment indexes for absolute level ? */
+/* 35 */ "SELECT idx FROM %Q.'%q_segdir' WHERE level=? ORDER BY 1 ASC",
+
+/* SQL_SELECT_MXLEVEL
+** Return the largest relative level in the FTS index or indexes. */
+/* 36 */ "SELECT max( level %% 1024 ) FROM %Q.'%q_segdir'",
+
+ /* Return segments in order from oldest to newest.*/
+/* 37 */ "SELECT level, idx, end_block "
+ "FROM %Q.'%q_segdir' WHERE level BETWEEN ? AND ? "
+ "ORDER BY level DESC, idx ASC",
+
+ /* Update statements used while promoting segments */
+/* 38 */ "UPDATE OR FAIL %Q.'%q_segdir' SET level=-1,idx=? "
+ "WHERE level=? AND idx=?",
+/* 39 */ "UPDATE OR FAIL %Q.'%q_segdir' SET level=? WHERE level=-1"
+
+ };
+ int rc = SQLITE_OK;
+ sqlite3_stmt *pStmt;
+
+ assert( SizeofArray(azSql)==SizeofArray(p->aStmt) );
+ assert( eStmt<SizeofArray(azSql) && eStmt>=0 );
+
+ pStmt = p->aStmt[eStmt];
+ if( !pStmt ){
+ char *zSql;
+ if( eStmt==SQL_CONTENT_INSERT ){
+ zSql = sqlite3_mprintf(azSql[eStmt], p->zDb, p->zName, p->zWriteExprlist);
+ }else if( eStmt==SQL_SELECT_CONTENT_BY_ROWID ){
+ zSql = sqlite3_mprintf(azSql[eStmt], p->zReadExprlist);
+ }else{
+ zSql = sqlite3_mprintf(azSql[eStmt], p->zDb, p->zName);
+ }
+ if( !zSql ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(p->db, zSql, -1, &pStmt, NULL);
+ sqlite3_free(zSql);
+ assert( rc==SQLITE_OK || pStmt==0 );
+ p->aStmt[eStmt] = pStmt;
+ }
+ }
+ if( apVal ){
+ int i;
+ int nParam = sqlite3_bind_parameter_count(pStmt);
+ for(i=0; rc==SQLITE_OK && i<nParam; i++){
+ rc = sqlite3_bind_value(pStmt, i+1, apVal[i]);
+ }
+ }
+ *pp = pStmt;
+ return rc;
+}
+
+
+static int fts3SelectDocsize(
+ Fts3Table *pTab, /* FTS3 table handle */
+ sqlite3_int64 iDocid, /* Docid to bind for SQL_SELECT_DOCSIZE */
+ sqlite3_stmt **ppStmt /* OUT: Statement handle */
+){
+ sqlite3_stmt *pStmt = 0; /* Statement requested from fts3SqlStmt() */
+ int rc; /* Return code */
+
+ rc = fts3SqlStmt(pTab, SQL_SELECT_DOCSIZE, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pStmt, 1, iDocid);
+ rc = sqlite3_step(pStmt);
+ if( rc!=SQLITE_ROW || sqlite3_column_type(pStmt, 0)!=SQLITE_BLOB ){
+ rc = sqlite3_reset(pStmt);
+ if( rc==SQLITE_OK ) rc = FTS_CORRUPT_VTAB;
+ pStmt = 0;
+ }else{
+ rc = SQLITE_OK;
+ }
+ }
+
+ *ppStmt = pStmt;
+ return rc;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3SelectDoctotal(
+ Fts3Table *pTab, /* Fts3 table handle */
+ sqlite3_stmt **ppStmt /* OUT: Statement handle */
+){
+ sqlite3_stmt *pStmt = 0;
+ int rc;
+ rc = fts3SqlStmt(pTab, SQL_SELECT_STAT, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int(pStmt, 1, FTS_STAT_DOCTOTAL);
+ if( sqlite3_step(pStmt)!=SQLITE_ROW
+ || sqlite3_column_type(pStmt, 0)!=SQLITE_BLOB
+ ){
+ rc = sqlite3_reset(pStmt);
+ if( rc==SQLITE_OK ) rc = FTS_CORRUPT_VTAB;
+ pStmt = 0;
+ }
+ }
+ *ppStmt = pStmt;
+ return rc;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3SelectDocsize(
+ Fts3Table *pTab, /* Fts3 table handle */
+ sqlite3_int64 iDocid, /* Docid to read size data for */
+ sqlite3_stmt **ppStmt /* OUT: Statement handle */
+){
+ return fts3SelectDocsize(pTab, iDocid, ppStmt);
+}
+
+/*
+** Similar to fts3SqlStmt(). Except, after binding the parameters in
+** array apVal[] to the SQL statement identified by eStmt, the statement
+** is executed.
+**
+** Returns SQLITE_OK if the statement is successfully executed, or an
+** SQLite error code otherwise.
+*/
+static void fts3SqlExec(
+ int *pRC, /* Result code */
+ Fts3Table *p, /* The FTS3 table */
+ int eStmt, /* Index of statement to evaluate */
+ sqlite3_value **apVal /* Parameters to bind */
+){
+ sqlite3_stmt *pStmt;
+ int rc;
+ if( *pRC ) return;
+ rc = fts3SqlStmt(p, eStmt, &pStmt, apVal);
+ if( rc==SQLITE_OK ){
+ sqlite3_step(pStmt);
+ rc = sqlite3_reset(pStmt);
+ }
+ *pRC = rc;
+}
+
+
+/*
+** This function ensures that the caller has obtained an exclusive
+** shared-cache table-lock on the %_segdir table. This is required before
+** writing data to the fts3 table. If this lock is not acquired first, then
+** the caller may end up attempting to take this lock as part of committing
+** a transaction, causing SQLite to return SQLITE_LOCKED or
+** LOCKED_SHAREDCACHEto a COMMIT command.
+**
+** It is best to avoid this because if FTS3 returns any error when
+** committing a transaction, the whole transaction will be rolled back.
+** And this is not what users expect when they get SQLITE_LOCKED_SHAREDCACHE.
+** It can still happen if the user locks the underlying tables directly
+** instead of accessing them via FTS.
+*/
+static int fts3Writelock(Fts3Table *p){
+ int rc = SQLITE_OK;
+
+ if( p->nPendingData==0 ){
+ sqlite3_stmt *pStmt;
+ rc = fts3SqlStmt(p, SQL_DELETE_SEGDIR_LEVEL, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_null(pStmt, 1);
+ sqlite3_step(pStmt);
+ rc = sqlite3_reset(pStmt);
+ }
+ }
+
+ return rc;
+}
+
+/*
+** FTS maintains a separate indexes for each language-id (a 32-bit integer).
+** Within each language id, a separate index is maintained to store the
+** document terms, and each configured prefix size (configured the FTS
+** "prefix=" option). And each index consists of multiple levels ("relative
+** levels").
+**
+** All three of these values (the language id, the specific index and the
+** level within the index) are encoded in 64-bit integer values stored
+** in the %_segdir table on disk. This function is used to convert three
+** separate component values into the single 64-bit integer value that
+** can be used to query the %_segdir table.
+**
+** Specifically, each language-id/index combination is allocated 1024
+** 64-bit integer level values ("absolute levels"). The main terms index
+** for language-id 0 is allocate values 0-1023. The first prefix index
+** (if any) for language-id 0 is allocated values 1024-2047. And so on.
+** Language 1 indexes are allocated immediately following language 0.
+**
+** So, for a system with nPrefix prefix indexes configured, the block of
+** absolute levels that corresponds to language-id iLangid and index
+** iIndex starts at absolute level ((iLangid * (nPrefix+1) + iIndex) * 1024).
+*/
+static sqlite3_int64 getAbsoluteLevel(
+ Fts3Table *p, /* FTS3 table handle */
+ int iLangid, /* Language id */
+ int iIndex, /* Index in p->aIndex[] */
+ int iLevel /* Level of segments */
+){
+ sqlite3_int64 iBase; /* First absolute level for iLangid/iIndex */
+ assert( iLangid>=0 );
+ assert( p->nIndex>0 );
+ assert( iIndex>=0 && iIndex<p->nIndex );
+
+ iBase = ((sqlite3_int64)iLangid * p->nIndex + iIndex) * FTS3_SEGDIR_MAXLEVEL;
+ return iBase + iLevel;
+}
+
+/*
+** Set *ppStmt to a statement handle that may be used to iterate through
+** all rows in the %_segdir table, from oldest to newest. If successful,
+** return SQLITE_OK. If an error occurs while preparing the statement,
+** return an SQLite error code.
+**
+** There is only ever one instance of this SQL statement compiled for
+** each FTS3 table.
+**
+** The statement returns the following columns from the %_segdir table:
+**
+** 0: idx
+** 1: start_block
+** 2: leaves_end_block
+** 3: end_block
+** 4: root
+*/
+SQLITE_PRIVATE int sqlite3Fts3AllSegdirs(
+ Fts3Table *p, /* FTS3 table */
+ int iLangid, /* Language being queried */
+ int iIndex, /* Index for p->aIndex[] */
+ int iLevel, /* Level to select (relative level) */
+ sqlite3_stmt **ppStmt /* OUT: Compiled statement */
+){
+ int rc;
+ sqlite3_stmt *pStmt = 0;
+
+ assert( iLevel==FTS3_SEGCURSOR_ALL || iLevel>=0 );
+ assert( iLevel<FTS3_SEGDIR_MAXLEVEL );
+ assert( iIndex>=0 && iIndex<p->nIndex );
+
+ if( iLevel<0 ){
+ /* "SELECT * FROM %_segdir WHERE level BETWEEN ? AND ? ORDER BY ..." */
+ rc = fts3SqlStmt(p, SQL_SELECT_LEVEL_RANGE, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pStmt, 1, getAbsoluteLevel(p, iLangid, iIndex, 0));
+ sqlite3_bind_int64(pStmt, 2,
+ getAbsoluteLevel(p, iLangid, iIndex, FTS3_SEGDIR_MAXLEVEL-1)
+ );
+ }
+ }else{
+ /* "SELECT * FROM %_segdir WHERE level = ? ORDER BY ..." */
+ rc = fts3SqlStmt(p, SQL_SELECT_LEVEL, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pStmt, 1, getAbsoluteLevel(p, iLangid, iIndex,iLevel));
+ }
+ }
+ *ppStmt = pStmt;
+ return rc;
+}
+
+
+/*
+** Append a single varint to a PendingList buffer. SQLITE_OK is returned
+** if successful, or an SQLite error code otherwise.
+**
+** This function also serves to allocate the PendingList structure itself.
+** For example, to create a new PendingList structure containing two
+** varints:
+**
+** PendingList *p = 0;
+** fts3PendingListAppendVarint(&p, 1);
+** fts3PendingListAppendVarint(&p, 2);
+*/
+static int fts3PendingListAppendVarint(
+ PendingList **pp, /* IN/OUT: Pointer to PendingList struct */
+ sqlite3_int64 i /* Value to append to data */
+){
+ PendingList *p = *pp;
+
+ /* Allocate or grow the PendingList as required. */
+ if( !p ){
+ p = sqlite3_malloc(sizeof(*p) + 100);
+ if( !p ){
+ return SQLITE_NOMEM;
+ }
+ p->nSpace = 100;
+ p->aData = (char *)&p[1];
+ p->nData = 0;
+ }
+ else if( p->nData+FTS3_VARINT_MAX+1>p->nSpace ){
+ int nNew = p->nSpace * 2;
+ p = sqlite3_realloc(p, sizeof(*p) + nNew);
+ if( !p ){
+ sqlite3_free(*pp);
+ *pp = 0;
+ return SQLITE_NOMEM;
+ }
+ p->nSpace = nNew;
+ p->aData = (char *)&p[1];
+ }
+
+ /* Append the new serialized varint to the end of the list. */
+ p->nData += sqlite3Fts3PutVarint(&p->aData[p->nData], i);
+ p->aData[p->nData] = '\0';
+ *pp = p;
+ return SQLITE_OK;
+}
+
+/*
+** Add a docid/column/position entry to a PendingList structure. Non-zero
+** is returned if the structure is sqlite3_realloced as part of adding
+** the entry. Otherwise, zero.
+**
+** If an OOM error occurs, *pRc is set to SQLITE_NOMEM before returning.
+** Zero is always returned in this case. Otherwise, if no OOM error occurs,
+** it is set to SQLITE_OK.
+*/
+static int fts3PendingListAppend(
+ PendingList **pp, /* IN/OUT: PendingList structure */
+ sqlite3_int64 iDocid, /* Docid for entry to add */
+ sqlite3_int64 iCol, /* Column for entry to add */
+ sqlite3_int64 iPos, /* Position of term for entry to add */
+ int *pRc /* OUT: Return code */
+){
+ PendingList *p = *pp;
+ int rc = SQLITE_OK;
+
+ assert( !p || p->iLastDocid<=iDocid );
+
+ if( !p || p->iLastDocid!=iDocid ){
+ sqlite3_int64 iDelta = iDocid - (p ? p->iLastDocid : 0);
+ if( p ){
+ assert( p->nData<p->nSpace );
+ assert( p->aData[p->nData]==0 );
+ p->nData++;
+ }
+ if( SQLITE_OK!=(rc = fts3PendingListAppendVarint(&p, iDelta)) ){
+ goto pendinglistappend_out;
+ }
+ p->iLastCol = -1;
+ p->iLastPos = 0;
+ p->iLastDocid = iDocid;
+ }
+ if( iCol>0 && p->iLastCol!=iCol ){
+ if( SQLITE_OK!=(rc = fts3PendingListAppendVarint(&p, 1))
+ || SQLITE_OK!=(rc = fts3PendingListAppendVarint(&p, iCol))
+ ){
+ goto pendinglistappend_out;
+ }
+ p->iLastCol = iCol;
+ p->iLastPos = 0;
+ }
+ if( iCol>=0 ){
+ assert( iPos>p->iLastPos || (iPos==0 && p->iLastPos==0) );
+ rc = fts3PendingListAppendVarint(&p, 2+iPos-p->iLastPos);
+ if( rc==SQLITE_OK ){
+ p->iLastPos = iPos;
+ }
+ }
+
+ pendinglistappend_out:
+ *pRc = rc;
+ if( p!=*pp ){
+ *pp = p;
+ return 1;
+ }
+ return 0;
+}
+
+/*
+** Free a PendingList object allocated by fts3PendingListAppend().
+*/
+static void fts3PendingListDelete(PendingList *pList){
+ sqlite3_free(pList);
+}
+
+/*
+** Add an entry to one of the pending-terms hash tables.
+*/
+static int fts3PendingTermsAddOne(
+ Fts3Table *p,
+ int iCol,
+ int iPos,
+ Fts3Hash *pHash, /* Pending terms hash table to add entry to */
+ const char *zToken,
+ int nToken
+){
+ PendingList *pList;
+ int rc = SQLITE_OK;
+
+ pList = (PendingList *)fts3HashFind(pHash, zToken, nToken);
+ if( pList ){
+ p->nPendingData -= (pList->nData + nToken + sizeof(Fts3HashElem));
+ }
+ if( fts3PendingListAppend(&pList, p->iPrevDocid, iCol, iPos, &rc) ){
+ if( pList==fts3HashInsert(pHash, zToken, nToken, pList) ){
+ /* Malloc failed while inserting the new entry. This can only
+ ** happen if there was no previous entry for this token.
+ */
+ assert( 0==fts3HashFind(pHash, zToken, nToken) );
+ sqlite3_free(pList);
+ rc = SQLITE_NOMEM;
+ }
+ }
+ if( rc==SQLITE_OK ){
+ p->nPendingData += (pList->nData + nToken + sizeof(Fts3HashElem));
+ }
+ return rc;
+}
+
+/*
+** Tokenize the nul-terminated string zText and add all tokens to the
+** pending-terms hash-table. The docid used is that currently stored in
+** p->iPrevDocid, and the column is specified by argument iCol.
+**
+** If successful, SQLITE_OK is returned. Otherwise, an SQLite error code.
+*/
+static int fts3PendingTermsAdd(
+ Fts3Table *p, /* Table into which text will be inserted */
+ int iLangid, /* Language id to use */
+ const char *zText, /* Text of document to be inserted */
+ int iCol, /* Column into which text is being inserted */
+ u32 *pnWord /* IN/OUT: Incr. by number tokens inserted */
+){
+ int rc;
+ int iStart = 0;
+ int iEnd = 0;
+ int iPos = 0;
+ int nWord = 0;
+
+ char const *zToken;
+ int nToken = 0;
+
+ sqlite3_tokenizer *pTokenizer = p->pTokenizer;
+ sqlite3_tokenizer_module const *pModule = pTokenizer->pModule;
+ sqlite3_tokenizer_cursor *pCsr;
+ int (*xNext)(sqlite3_tokenizer_cursor *pCursor,
+ const char**,int*,int*,int*,int*);
+
+ assert( pTokenizer && pModule );
+
+ /* If the user has inserted a NULL value, this function may be called with
+ ** zText==0. In this case, add zero token entries to the hash table and
+ ** return early. */
+ if( zText==0 ){
+ *pnWord = 0;
+ return SQLITE_OK;
+ }
+
+ rc = sqlite3Fts3OpenTokenizer(pTokenizer, iLangid, zText, -1, &pCsr);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ xNext = pModule->xNext;
+ while( SQLITE_OK==rc
+ && SQLITE_OK==(rc = xNext(pCsr, &zToken, &nToken, &iStart, &iEnd, &iPos))
+ ){
+ int i;
+ if( iPos>=nWord ) nWord = iPos+1;
+
+ /* Positions cannot be negative; we use -1 as a terminator internally.
+ ** Tokens must have a non-zero length.
+ */
+ if( iPos<0 || !zToken || nToken<=0 ){
+ rc = SQLITE_ERROR;
+ break;
+ }
+
+ /* Add the term to the terms index */
+ rc = fts3PendingTermsAddOne(
+ p, iCol, iPos, &p->aIndex[0].hPending, zToken, nToken
+ );
+
+ /* Add the term to each of the prefix indexes that it is not too
+ ** short for. */
+ for(i=1; rc==SQLITE_OK && i<p->nIndex; i++){
+ struct Fts3Index *pIndex = &p->aIndex[i];
+ if( nToken<pIndex->nPrefix ) continue;
+ rc = fts3PendingTermsAddOne(
+ p, iCol, iPos, &pIndex->hPending, zToken, pIndex->nPrefix
+ );
+ }
+ }
+
+ pModule->xClose(pCsr);
+ *pnWord += nWord;
+ return (rc==SQLITE_DONE ? SQLITE_OK : rc);
+}
+
+/*
+** Calling this function indicates that subsequent calls to
+** fts3PendingTermsAdd() are to add term/position-list pairs for the
+** contents of the document with docid iDocid.
+*/
+static int fts3PendingTermsDocid(
+ Fts3Table *p, /* Full-text table handle */
+ int bDelete, /* True if this op is a delete */
+ int iLangid, /* Language id of row being written */
+ sqlite_int64 iDocid /* Docid of row being written */
+){
+ assert( iLangid>=0 );
+ assert( bDelete==1 || bDelete==0 );
+
+ /* TODO(shess) Explore whether partially flushing the buffer on
+ ** forced-flush would provide better performance. I suspect that if
+ ** we ordered the doclists by size and flushed the largest until the
+ ** buffer was half empty, that would let the less frequent terms
+ ** generate longer doclists.
+ */
+ if( iDocid<p->iPrevDocid
+ || (iDocid==p->iPrevDocid && p->bPrevDelete==0)
+ || p->iPrevLangid!=iLangid
+ || p->nPendingData>p->nMaxPendingData
+ ){
+ int rc = sqlite3Fts3PendingTermsFlush(p);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ p->iPrevDocid = iDocid;
+ p->iPrevLangid = iLangid;
+ p->bPrevDelete = bDelete;
+ return SQLITE_OK;
+}
+
+/*
+** Discard the contents of the pending-terms hash tables.
+*/
+SQLITE_PRIVATE void sqlite3Fts3PendingTermsClear(Fts3Table *p){
+ int i;
+ for(i=0; i<p->nIndex; i++){
+ Fts3HashElem *pElem;
+ Fts3Hash *pHash = &p->aIndex[i].hPending;
+ for(pElem=fts3HashFirst(pHash); pElem; pElem=fts3HashNext(pElem)){
+ PendingList *pList = (PendingList *)fts3HashData(pElem);
+ fts3PendingListDelete(pList);
+ }
+ fts3HashClear(pHash);
+ }
+ p->nPendingData = 0;
+}
+
+/*
+** This function is called by the xUpdate() method as part of an INSERT
+** operation. It adds entries for each term in the new record to the
+** pendingTerms hash table.
+**
+** Argument apVal is the same as the similarly named argument passed to
+** fts3InsertData(). Parameter iDocid is the docid of the new row.
+*/
+static int fts3InsertTerms(
+ Fts3Table *p,
+ int iLangid,
+ sqlite3_value **apVal,
+ u32 *aSz
+){
+ int i; /* Iterator variable */
+ for(i=2; i<p->nColumn+2; i++){
+ int iCol = i-2;
+ if( p->abNotindexed[iCol]==0 ){
+ const char *zText = (const char *)sqlite3_value_text(apVal[i]);
+ int rc = fts3PendingTermsAdd(p, iLangid, zText, iCol, &aSz[iCol]);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ aSz[p->nColumn] += sqlite3_value_bytes(apVal[i]);
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** This function is called by the xUpdate() method for an INSERT operation.
+** The apVal parameter is passed a copy of the apVal argument passed by
+** SQLite to the xUpdate() method. i.e:
+**
+** apVal[0] Not used for INSERT.
+** apVal[1] rowid
+** apVal[2] Left-most user-defined column
+** ...
+** apVal[p->nColumn+1] Right-most user-defined column
+** apVal[p->nColumn+2] Hidden column with same name as table
+** apVal[p->nColumn+3] Hidden "docid" column (alias for rowid)
+** apVal[p->nColumn+4] Hidden languageid column
+*/
+static int fts3InsertData(
+ Fts3Table *p, /* Full-text table */
+ sqlite3_value **apVal, /* Array of values to insert */
+ sqlite3_int64 *piDocid /* OUT: Docid for row just inserted */
+){
+ int rc; /* Return code */
+ sqlite3_stmt *pContentInsert; /* INSERT INTO %_content VALUES(...) */
+
+ if( p->zContentTbl ){
+ sqlite3_value *pRowid = apVal[p->nColumn+3];
+ if( sqlite3_value_type(pRowid)==SQLITE_NULL ){
+ pRowid = apVal[1];
+ }
+ if( sqlite3_value_type(pRowid)!=SQLITE_INTEGER ){
+ return SQLITE_CONSTRAINT;
+ }
+ *piDocid = sqlite3_value_int64(pRowid);
+ return SQLITE_OK;
+ }
+
+ /* Locate the statement handle used to insert data into the %_content
+ ** table. The SQL for this statement is:
+ **
+ ** INSERT INTO %_content VALUES(?, ?, ?, ...)
+ **
+ ** The statement features N '?' variables, where N is the number of user
+ ** defined columns in the FTS3 table, plus one for the docid field.
+ */
+ rc = fts3SqlStmt(p, SQL_CONTENT_INSERT, &pContentInsert, &apVal[1]);
+ if( rc==SQLITE_OK && p->zLanguageid ){
+ rc = sqlite3_bind_int(
+ pContentInsert, p->nColumn+2,
+ sqlite3_value_int(apVal[p->nColumn+4])
+ );
+ }
+ if( rc!=SQLITE_OK ) return rc;
+
+ /* There is a quirk here. The users INSERT statement may have specified
+ ** a value for the "rowid" field, for the "docid" field, or for both.
+ ** Which is a problem, since "rowid" and "docid" are aliases for the
+ ** same value. For example:
+ **
+ ** INSERT INTO fts3tbl(rowid, docid) VALUES(1, 2);
+ **
+ ** In FTS3, this is an error. It is an error to specify non-NULL values
+ ** for both docid and some other rowid alias.
+ */
+ if( SQLITE_NULL!=sqlite3_value_type(apVal[3+p->nColumn]) ){
+ if( SQLITE_NULL==sqlite3_value_type(apVal[0])
+ && SQLITE_NULL!=sqlite3_value_type(apVal[1])
+ ){
+ /* A rowid/docid conflict. */
+ return SQLITE_ERROR;
+ }
+ rc = sqlite3_bind_value(pContentInsert, 1, apVal[3+p->nColumn]);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+
+ /* Execute the statement to insert the record. Set *piDocid to the
+ ** new docid value.
+ */
+ sqlite3_step(pContentInsert);
+ rc = sqlite3_reset(pContentInsert);
+
+ *piDocid = sqlite3_last_insert_rowid(p->db);
+ return rc;
+}
+
+
+
+/*
+** Remove all data from the FTS3 table. Clear the hash table containing
+** pending terms.
+*/
+static int fts3DeleteAll(Fts3Table *p, int bContent){
+ int rc = SQLITE_OK; /* Return code */
+
+ /* Discard the contents of the pending-terms hash table. */
+ sqlite3Fts3PendingTermsClear(p);
+
+ /* Delete everything from the shadow tables. Except, leave %_content as
+ ** is if bContent is false. */
+ assert( p->zContentTbl==0 || bContent==0 );
+ if( bContent ) fts3SqlExec(&rc, p, SQL_DELETE_ALL_CONTENT, 0);
+ fts3SqlExec(&rc, p, SQL_DELETE_ALL_SEGMENTS, 0);
+ fts3SqlExec(&rc, p, SQL_DELETE_ALL_SEGDIR, 0);
+ if( p->bHasDocsize ){
+ fts3SqlExec(&rc, p, SQL_DELETE_ALL_DOCSIZE, 0);
+ }
+ if( p->bHasStat ){
+ fts3SqlExec(&rc, p, SQL_DELETE_ALL_STAT, 0);
+ }
+ return rc;
+}
+
+/*
+**
+*/
+static int langidFromSelect(Fts3Table *p, sqlite3_stmt *pSelect){
+ int iLangid = 0;
+ if( p->zLanguageid ) iLangid = sqlite3_column_int(pSelect, p->nColumn+1);
+ return iLangid;
+}
+
+/*
+** The first element in the apVal[] array is assumed to contain the docid
+** (an integer) of a row about to be deleted. Remove all terms from the
+** full-text index.
+*/
+static void fts3DeleteTerms(
+ int *pRC, /* Result code */
+ Fts3Table *p, /* The FTS table to delete from */
+ sqlite3_value *pRowid, /* The docid to be deleted */
+ u32 *aSz, /* Sizes of deleted document written here */
+ int *pbFound /* OUT: Set to true if row really does exist */
+){
+ int rc;
+ sqlite3_stmt *pSelect;
+
+ assert( *pbFound==0 );
+ if( *pRC ) return;
+ rc = fts3SqlStmt(p, SQL_SELECT_CONTENT_BY_ROWID, &pSelect, &pRowid);
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pSelect) ){
+ int i;
+ int iLangid = langidFromSelect(p, pSelect);
+ i64 iDocid = sqlite3_column_int64(pSelect, 0);
+ rc = fts3PendingTermsDocid(p, 1, iLangid, iDocid);
+ for(i=1; rc==SQLITE_OK && i<=p->nColumn; i++){
+ int iCol = i-1;
+ if( p->abNotindexed[iCol]==0 ){
+ const char *zText = (const char *)sqlite3_column_text(pSelect, i);
+ rc = fts3PendingTermsAdd(p, iLangid, zText, -1, &aSz[iCol]);
+ aSz[p->nColumn] += sqlite3_column_bytes(pSelect, i);
+ }
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3_reset(pSelect);
+ *pRC = rc;
+ return;
+ }
+ *pbFound = 1;
+ }
+ rc = sqlite3_reset(pSelect);
+ }else{
+ sqlite3_reset(pSelect);
+ }
+ *pRC = rc;
+}
+
+/*
+** Forward declaration to account for the circular dependency between
+** functions fts3SegmentMerge() and fts3AllocateSegdirIdx().
+*/
+static int fts3SegmentMerge(Fts3Table *, int, int, int);
+
+/*
+** This function allocates a new level iLevel index in the segdir table.
+** Usually, indexes are allocated within a level sequentially starting
+** with 0, so the allocated index is one greater than the value returned
+** by:
+**
+** SELECT max(idx) FROM %_segdir WHERE level = :iLevel
+**
+** However, if there are already FTS3_MERGE_COUNT indexes at the requested
+** level, they are merged into a single level (iLevel+1) segment and the
+** allocated index is 0.
+**
+** If successful, *piIdx is set to the allocated index slot and SQLITE_OK
+** returned. Otherwise, an SQLite error code is returned.
+*/
+static int fts3AllocateSegdirIdx(
+ Fts3Table *p,
+ int iLangid, /* Language id */
+ int iIndex, /* Index for p->aIndex */
+ int iLevel,
+ int *piIdx
+){
+ int rc; /* Return Code */
+ sqlite3_stmt *pNextIdx; /* Query for next idx at level iLevel */
+ int iNext = 0; /* Result of query pNextIdx */
+
+ assert( iLangid>=0 );
+ assert( p->nIndex>=1 );
+
+ /* Set variable iNext to the next available segdir index at level iLevel. */
+ rc = fts3SqlStmt(p, SQL_NEXT_SEGMENT_INDEX, &pNextIdx, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(
+ pNextIdx, 1, getAbsoluteLevel(p, iLangid, iIndex, iLevel)
+ );
+ if( SQLITE_ROW==sqlite3_step(pNextIdx) ){
+ iNext = sqlite3_column_int(pNextIdx, 0);
+ }
+ rc = sqlite3_reset(pNextIdx);
+ }
+
+ if( rc==SQLITE_OK ){
+ /* If iNext is FTS3_MERGE_COUNT, indicating that level iLevel is already
+ ** full, merge all segments in level iLevel into a single iLevel+1
+ ** segment and allocate (newly freed) index 0 at level iLevel. Otherwise,
+ ** if iNext is less than FTS3_MERGE_COUNT, allocate index iNext.
+ */
+ if( iNext>=FTS3_MERGE_COUNT ){
+ fts3LogMerge(16, getAbsoluteLevel(p, iLangid, iIndex, iLevel));
+ rc = fts3SegmentMerge(p, iLangid, iIndex, iLevel);
+ *piIdx = 0;
+ }else{
+ *piIdx = iNext;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** The %_segments table is declared as follows:
+**
+** CREATE TABLE %_segments(blockid INTEGER PRIMARY KEY, block BLOB)
+**
+** This function reads data from a single row of the %_segments table. The
+** specific row is identified by the iBlockid parameter. If paBlob is not
+** NULL, then a buffer is allocated using sqlite3_malloc() and populated
+** with the contents of the blob stored in the "block" column of the
+** identified table row is. Whether or not paBlob is NULL, *pnBlob is set
+** to the size of the blob in bytes before returning.
+**
+** If an error occurs, or the table does not contain the specified row,
+** an SQLite error code is returned. Otherwise, SQLITE_OK is returned. If
+** paBlob is non-NULL, then it is the responsibility of the caller to
+** eventually free the returned buffer.
+**
+** This function may leave an open sqlite3_blob* handle in the
+** Fts3Table.pSegments variable. This handle is reused by subsequent calls
+** to this function. The handle may be closed by calling the
+** sqlite3Fts3SegmentsClose() function. Reusing a blob handle is a handy
+** performance improvement, but the blob handle should always be closed
+** before control is returned to the user (to prevent a lock being held
+** on the database file for longer than necessary). Thus, any virtual table
+** method (xFilter etc.) that may directly or indirectly call this function
+** must call sqlite3Fts3SegmentsClose() before returning.
+*/
+SQLITE_PRIVATE int sqlite3Fts3ReadBlock(
+ Fts3Table *p, /* FTS3 table handle */
+ sqlite3_int64 iBlockid, /* Access the row with blockid=$iBlockid */
+ char **paBlob, /* OUT: Blob data in malloc'd buffer */
+ int *pnBlob, /* OUT: Size of blob data */
+ int *pnLoad /* OUT: Bytes actually loaded */
+){
+ int rc; /* Return code */
+
+ /* pnBlob must be non-NULL. paBlob may be NULL or non-NULL. */
+ assert( pnBlob );
+
+ if( p->pSegments ){
+ rc = sqlite3_blob_reopen(p->pSegments, iBlockid);
+ }else{
+ if( 0==p->zSegmentsTbl ){
+ p->zSegmentsTbl = sqlite3_mprintf("%s_segments", p->zName);
+ if( 0==p->zSegmentsTbl ) return SQLITE_NOMEM;
+ }
+ rc = sqlite3_blob_open(
+ p->db, p->zDb, p->zSegmentsTbl, "block", iBlockid, 0, &p->pSegments
+ );
+ }
+
+ if( rc==SQLITE_OK ){
+ int nByte = sqlite3_blob_bytes(p->pSegments);
+ *pnBlob = nByte;
+ if( paBlob ){
+ char *aByte = sqlite3_malloc(nByte + FTS3_NODE_PADDING);
+ if( !aByte ){
+ rc = SQLITE_NOMEM;
+ }else{
+ if( pnLoad && nByte>(FTS3_NODE_CHUNK_THRESHOLD) ){
+ nByte = FTS3_NODE_CHUNKSIZE;
+ *pnLoad = nByte;
+ }
+ rc = sqlite3_blob_read(p->pSegments, aByte, nByte, 0);
+ memset(&aByte[nByte], 0, FTS3_NODE_PADDING);
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(aByte);
+ aByte = 0;
+ }
+ }
+ *paBlob = aByte;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Close the blob handle at p->pSegments, if it is open. See comments above
+** the sqlite3Fts3ReadBlock() function for details.
+*/
+SQLITE_PRIVATE void sqlite3Fts3SegmentsClose(Fts3Table *p){
+ sqlite3_blob_close(p->pSegments);
+ p->pSegments = 0;
+}
+
+static int fts3SegReaderIncrRead(Fts3SegReader *pReader){
+ int nRead; /* Number of bytes to read */
+ int rc; /* Return code */
+
+ nRead = MIN(pReader->nNode - pReader->nPopulate, FTS3_NODE_CHUNKSIZE);
+ rc = sqlite3_blob_read(
+ pReader->pBlob,
+ &pReader->aNode[pReader->nPopulate],
+ nRead,
+ pReader->nPopulate
+ );
+
+ if( rc==SQLITE_OK ){
+ pReader->nPopulate += nRead;
+ memset(&pReader->aNode[pReader->nPopulate], 0, FTS3_NODE_PADDING);
+ if( pReader->nPopulate==pReader->nNode ){
+ sqlite3_blob_close(pReader->pBlob);
+ pReader->pBlob = 0;
+ pReader->nPopulate = 0;
+ }
+ }
+ return rc;
+}
+
+static int fts3SegReaderRequire(Fts3SegReader *pReader, char *pFrom, int nByte){
+ int rc = SQLITE_OK;
+ assert( !pReader->pBlob
+ || (pFrom>=pReader->aNode && pFrom<&pReader->aNode[pReader->nNode])
+ );
+ while( pReader->pBlob && rc==SQLITE_OK
+ && (pFrom - pReader->aNode + nByte)>pReader->nPopulate
+ ){
+ rc = fts3SegReaderIncrRead(pReader);
+ }
+ return rc;
+}
+
+/*
+** Set an Fts3SegReader cursor to point at EOF.
+*/
+static void fts3SegReaderSetEof(Fts3SegReader *pSeg){
+ if( !fts3SegReaderIsRootOnly(pSeg) ){
+ sqlite3_free(pSeg->aNode);
+ sqlite3_blob_close(pSeg->pBlob);
+ pSeg->pBlob = 0;
+ }
+ pSeg->aNode = 0;
+}
+
+/*
+** Move the iterator passed as the first argument to the next term in the
+** segment. If successful, SQLITE_OK is returned. If there is no next term,
+** SQLITE_DONE. Otherwise, an SQLite error code.
+*/
+static int fts3SegReaderNext(
+ Fts3Table *p,
+ Fts3SegReader *pReader,
+ int bIncr
+){
+ int rc; /* Return code of various sub-routines */
+ char *pNext; /* Cursor variable */
+ int nPrefix; /* Number of bytes in term prefix */
+ int nSuffix; /* Number of bytes in term suffix */
+
+ if( !pReader->aDoclist ){
+ pNext = pReader->aNode;
+ }else{
+ pNext = &pReader->aDoclist[pReader->nDoclist];
+ }
+
+ if( !pNext || pNext>=&pReader->aNode[pReader->nNode] ){
+
+ if( fts3SegReaderIsPending(pReader) ){
+ Fts3HashElem *pElem = *(pReader->ppNextElem);
+ sqlite3_free(pReader->aNode);
+ pReader->aNode = 0;
+ if( pElem ){
+ char *aCopy;
+ PendingList *pList = (PendingList *)fts3HashData(pElem);
+ int nCopy = pList->nData+1;
+ pReader->zTerm = (char *)fts3HashKey(pElem);
+ pReader->nTerm = fts3HashKeysize(pElem);
+ aCopy = (char*)sqlite3_malloc(nCopy);
+ if( !aCopy ) return SQLITE_NOMEM;
+ memcpy(aCopy, pList->aData, nCopy);
+ pReader->nNode = pReader->nDoclist = nCopy;
+ pReader->aNode = pReader->aDoclist = aCopy;
+ pReader->ppNextElem++;
+ assert( pReader->aNode );
+ }
+ return SQLITE_OK;
+ }
+
+ fts3SegReaderSetEof(pReader);
+
+ /* If iCurrentBlock>=iLeafEndBlock, this is an EOF condition. All leaf
+ ** blocks have already been traversed. */
+ assert( pReader->iCurrentBlock<=pReader->iLeafEndBlock );
+ if( pReader->iCurrentBlock>=pReader->iLeafEndBlock ){
+ return SQLITE_OK;
+ }
+
+ rc = sqlite3Fts3ReadBlock(
+ p, ++pReader->iCurrentBlock, &pReader->aNode, &pReader->nNode,
+ (bIncr ? &pReader->nPopulate : 0)
+ );
+ if( rc!=SQLITE_OK ) return rc;
+ assert( pReader->pBlob==0 );
+ if( bIncr && pReader->nPopulate<pReader->nNode ){
+ pReader->pBlob = p->pSegments;
+ p->pSegments = 0;
+ }
+ pNext = pReader->aNode;
+ }
+
+ assert( !fts3SegReaderIsPending(pReader) );
+
+ rc = fts3SegReaderRequire(pReader, pNext, FTS3_VARINT_MAX*2);
+ if( rc!=SQLITE_OK ) return rc;
+
+ /* Because of the FTS3_NODE_PADDING bytes of padding, the following is
+ ** safe (no risk of overread) even if the node data is corrupted. */
+ pNext += fts3GetVarint32(pNext, &nPrefix);
+ pNext += fts3GetVarint32(pNext, &nSuffix);
+ if( nPrefix<0 || nSuffix<=0
+ || &pNext[nSuffix]>&pReader->aNode[pReader->nNode]
+ ){
+ return FTS_CORRUPT_VTAB;
+ }
+
+ if( nPrefix+nSuffix>pReader->nTermAlloc ){
+ int nNew = (nPrefix+nSuffix)*2;
+ char *zNew = sqlite3_realloc(pReader->zTerm, nNew);
+ if( !zNew ){
+ return SQLITE_NOMEM;
+ }
+ pReader->zTerm = zNew;
+ pReader->nTermAlloc = nNew;
+ }
+
+ rc = fts3SegReaderRequire(pReader, pNext, nSuffix+FTS3_VARINT_MAX);
+ if( rc!=SQLITE_OK ) return rc;
+
+ memcpy(&pReader->zTerm[nPrefix], pNext, nSuffix);
+ pReader->nTerm = nPrefix+nSuffix;
+ pNext += nSuffix;
+ pNext += fts3GetVarint32(pNext, &pReader->nDoclist);
+ pReader->aDoclist = pNext;
+ pReader->pOffsetList = 0;
+
+ /* Check that the doclist does not appear to extend past the end of the
+ ** b-tree node. And that the final byte of the doclist is 0x00. If either
+ ** of these statements is untrue, then the data structure is corrupt.
+ */
+ if( &pReader->aDoclist[pReader->nDoclist]>&pReader->aNode[pReader->nNode]
+ || (pReader->nPopulate==0 && pReader->aDoclist[pReader->nDoclist-1])
+ ){
+ return FTS_CORRUPT_VTAB;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Set the SegReader to point to the first docid in the doclist associated
+** with the current term.
+*/
+static int fts3SegReaderFirstDocid(Fts3Table *pTab, Fts3SegReader *pReader){
+ int rc = SQLITE_OK;
+ assert( pReader->aDoclist );
+ assert( !pReader->pOffsetList );
+ if( pTab->bDescIdx && fts3SegReaderIsPending(pReader) ){
+ u8 bEof = 0;
+ pReader->iDocid = 0;
+ pReader->nOffsetList = 0;
+ sqlite3Fts3DoclistPrev(0,
+ pReader->aDoclist, pReader->nDoclist, &pReader->pOffsetList,
+ &pReader->iDocid, &pReader->nOffsetList, &bEof
+ );
+ }else{
+ rc = fts3SegReaderRequire(pReader, pReader->aDoclist, FTS3_VARINT_MAX);
+ if( rc==SQLITE_OK ){
+ int n = sqlite3Fts3GetVarint(pReader->aDoclist, &pReader->iDocid);
+ pReader->pOffsetList = &pReader->aDoclist[n];
+ }
+ }
+ return rc;
+}
+
+/*
+** Advance the SegReader to point to the next docid in the doclist
+** associated with the current term.
+**
+** If arguments ppOffsetList and pnOffsetList are not NULL, then
+** *ppOffsetList is set to point to the first column-offset list
+** in the doclist entry (i.e. immediately past the docid varint).
+** *pnOffsetList is set to the length of the set of column-offset
+** lists, not including the nul-terminator byte. For example:
+*/
+static int fts3SegReaderNextDocid(
+ Fts3Table *pTab,
+ Fts3SegReader *pReader, /* Reader to advance to next docid */
+ char **ppOffsetList, /* OUT: Pointer to current position-list */
+ int *pnOffsetList /* OUT: Length of *ppOffsetList in bytes */
+){
+ int rc = SQLITE_OK;
+ char *p = pReader->pOffsetList;
+ char c = 0;
+
+ assert( p );
+
+ if( pTab->bDescIdx && fts3SegReaderIsPending(pReader) ){
+ /* A pending-terms seg-reader for an FTS4 table that uses order=desc.
+ ** Pending-terms doclists are always built up in ascending order, so
+ ** we have to iterate through them backwards here. */
+ u8 bEof = 0;
+ if( ppOffsetList ){
+ *ppOffsetList = pReader->pOffsetList;
+ *pnOffsetList = pReader->nOffsetList - 1;
+ }
+ sqlite3Fts3DoclistPrev(0,
+ pReader->aDoclist, pReader->nDoclist, &p, &pReader->iDocid,
+ &pReader->nOffsetList, &bEof
+ );
+ if( bEof ){
+ pReader->pOffsetList = 0;
+ }else{
+ pReader->pOffsetList = p;
+ }
+ }else{
+ char *pEnd = &pReader->aDoclist[pReader->nDoclist];
+
+ /* Pointer p currently points at the first byte of an offset list. The
+ ** following block advances it to point one byte past the end of
+ ** the same offset list. */
+ while( 1 ){
+
+ /* The following line of code (and the "p++" below the while() loop) is
+ ** normally all that is required to move pointer p to the desired
+ ** position. The exception is if this node is being loaded from disk
+ ** incrementally and pointer "p" now points to the first byte past
+ ** the populated part of pReader->aNode[].
+ */
+ while( *p | c ) c = *p++ & 0x80;
+ assert( *p==0 );
+
+ if( pReader->pBlob==0 || p<&pReader->aNode[pReader->nPopulate] ) break;
+ rc = fts3SegReaderIncrRead(pReader);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ p++;
+
+ /* If required, populate the output variables with a pointer to and the
+ ** size of the previous offset-list.
+ */
+ if( ppOffsetList ){
+ *ppOffsetList = pReader->pOffsetList;
+ *pnOffsetList = (int)(p - pReader->pOffsetList - 1);
+ }
+
+ /* List may have been edited in place by fts3EvalNearTrim() */
+ while( p<pEnd && *p==0 ) p++;
+
+ /* If there are no more entries in the doclist, set pOffsetList to
+ ** NULL. Otherwise, set Fts3SegReader.iDocid to the next docid and
+ ** Fts3SegReader.pOffsetList to point to the next offset list before
+ ** returning.
+ */
+ if( p>=pEnd ){
+ pReader->pOffsetList = 0;
+ }else{
+ rc = fts3SegReaderRequire(pReader, p, FTS3_VARINT_MAX);
+ if( rc==SQLITE_OK ){
+ sqlite3_int64 iDelta;
+ pReader->pOffsetList = p + sqlite3Fts3GetVarint(p, &iDelta);
+ if( pTab->bDescIdx ){
+ pReader->iDocid -= iDelta;
+ }else{
+ pReader->iDocid += iDelta;
+ }
+ }
+ }
+ }
+
+ return SQLITE_OK;
+}
+
+
+SQLITE_PRIVATE int sqlite3Fts3MsrOvfl(
+ Fts3Cursor *pCsr,
+ Fts3MultiSegReader *pMsr,
+ int *pnOvfl
+){
+ Fts3Table *p = (Fts3Table*)pCsr->base.pVtab;
+ int nOvfl = 0;
+ int ii;
+ int rc = SQLITE_OK;
+ int pgsz = p->nPgsz;
+
+ assert( p->bFts4 );
+ assert( pgsz>0 );
+
+ for(ii=0; rc==SQLITE_OK && ii<pMsr->nSegment; ii++){
+ Fts3SegReader *pReader = pMsr->apSegment[ii];
+ if( !fts3SegReaderIsPending(pReader)
+ && !fts3SegReaderIsRootOnly(pReader)
+ ){
+ sqlite3_int64 jj;
+ for(jj=pReader->iStartBlock; jj<=pReader->iLeafEndBlock; jj++){
+ int nBlob;
+ rc = sqlite3Fts3ReadBlock(p, jj, 0, &nBlob, 0);
+ if( rc!=SQLITE_OK ) break;
+ if( (nBlob+35)>pgsz ){
+ nOvfl += (nBlob + 34)/pgsz;
+ }
+ }
+ }
+ }
+ *pnOvfl = nOvfl;
+ return rc;
+}
+
+/*
+** Free all allocations associated with the iterator passed as the
+** second argument.
+*/
+SQLITE_PRIVATE void sqlite3Fts3SegReaderFree(Fts3SegReader *pReader){
+ if( pReader ){
+ if( !fts3SegReaderIsPending(pReader) ){
+ sqlite3_free(pReader->zTerm);
+ }
+ if( !fts3SegReaderIsRootOnly(pReader) ){
+ sqlite3_free(pReader->aNode);
+ }
+ sqlite3_blob_close(pReader->pBlob);
+ }
+ sqlite3_free(pReader);
+}
+
+/*
+** Allocate a new SegReader object.
+*/
+SQLITE_PRIVATE int sqlite3Fts3SegReaderNew(
+ int iAge, /* Segment "age". */
+ int bLookup, /* True for a lookup only */
+ sqlite3_int64 iStartLeaf, /* First leaf to traverse */
+ sqlite3_int64 iEndLeaf, /* Final leaf to traverse */
+ sqlite3_int64 iEndBlock, /* Final block of segment */
+ const char *zRoot, /* Buffer containing root node */
+ int nRoot, /* Size of buffer containing root node */
+ Fts3SegReader **ppReader /* OUT: Allocated Fts3SegReader */
+){
+ Fts3SegReader *pReader; /* Newly allocated SegReader object */
+ int nExtra = 0; /* Bytes to allocate segment root node */
+
+ assert( iStartLeaf<=iEndLeaf );
+ if( iStartLeaf==0 ){
+ nExtra = nRoot + FTS3_NODE_PADDING;
+ }
+
+ pReader = (Fts3SegReader *)sqlite3_malloc(sizeof(Fts3SegReader) + nExtra);
+ if( !pReader ){
+ return SQLITE_NOMEM;
+ }
+ memset(pReader, 0, sizeof(Fts3SegReader));
+ pReader->iIdx = iAge;
+ pReader->bLookup = bLookup!=0;
+ pReader->iStartBlock = iStartLeaf;
+ pReader->iLeafEndBlock = iEndLeaf;
+ pReader->iEndBlock = iEndBlock;
+
+ if( nExtra ){
+ /* The entire segment is stored in the root node. */
+ pReader->aNode = (char *)&pReader[1];
+ pReader->rootOnly = 1;
+ pReader->nNode = nRoot;
+ memcpy(pReader->aNode, zRoot, nRoot);
+ memset(&pReader->aNode[nRoot], 0, FTS3_NODE_PADDING);
+ }else{
+ pReader->iCurrentBlock = iStartLeaf-1;
+ }
+ *ppReader = pReader;
+ return SQLITE_OK;
+}
+
+/*
+** This is a comparison function used as a qsort() callback when sorting
+** an array of pending terms by term. This occurs as part of flushing
+** the contents of the pending-terms hash table to the database.
+*/
+static int SQLITE_CDECL fts3CompareElemByTerm(
+ const void *lhs,
+ const void *rhs
+){
+ char *z1 = fts3HashKey(*(Fts3HashElem **)lhs);
+ char *z2 = fts3HashKey(*(Fts3HashElem **)rhs);
+ int n1 = fts3HashKeysize(*(Fts3HashElem **)lhs);
+ int n2 = fts3HashKeysize(*(Fts3HashElem **)rhs);
+
+ int n = (n1<n2 ? n1 : n2);
+ int c = memcmp(z1, z2, n);
+ if( c==0 ){
+ c = n1 - n2;
+ }
+ return c;
+}
+
+/*
+** This function is used to allocate an Fts3SegReader that iterates through
+** a subset of the terms stored in the Fts3Table.pendingTerms array.
+**
+** If the isPrefixIter parameter is zero, then the returned SegReader iterates
+** through each term in the pending-terms table. Or, if isPrefixIter is
+** non-zero, it iterates through each term and its prefixes. For example, if
+** the pending terms hash table contains the terms "sqlite", "mysql" and
+** "firebird", then the iterator visits the following 'terms' (in the order
+** shown):
+**
+** f fi fir fire fireb firebi firebir firebird
+** m my mys mysq mysql
+** s sq sql sqli sqlit sqlite
+**
+** Whereas if isPrefixIter is zero, the terms visited are:
+**
+** firebird mysql sqlite
+*/
+SQLITE_PRIVATE int sqlite3Fts3SegReaderPending(
+ Fts3Table *p, /* Virtual table handle */
+ int iIndex, /* Index for p->aIndex */
+ const char *zTerm, /* Term to search for */
+ int nTerm, /* Size of buffer zTerm */
+ int bPrefix, /* True for a prefix iterator */
+ Fts3SegReader **ppReader /* OUT: SegReader for pending-terms */
+){
+ Fts3SegReader *pReader = 0; /* Fts3SegReader object to return */
+ Fts3HashElem *pE; /* Iterator variable */
+ Fts3HashElem **aElem = 0; /* Array of term hash entries to scan */
+ int nElem = 0; /* Size of array at aElem */
+ int rc = SQLITE_OK; /* Return Code */
+ Fts3Hash *pHash;
+
+ pHash = &p->aIndex[iIndex].hPending;
+ if( bPrefix ){
+ int nAlloc = 0; /* Size of allocated array at aElem */
+
+ for(pE=fts3HashFirst(pHash); pE; pE=fts3HashNext(pE)){
+ char *zKey = (char *)fts3HashKey(pE);
+ int nKey = fts3HashKeysize(pE);
+ if( nTerm==0 || (nKey>=nTerm && 0==memcmp(zKey, zTerm, nTerm)) ){
+ if( nElem==nAlloc ){
+ Fts3HashElem **aElem2;
+ nAlloc += 16;
+ aElem2 = (Fts3HashElem **)sqlite3_realloc(
+ aElem, nAlloc*sizeof(Fts3HashElem *)
+ );
+ if( !aElem2 ){
+ rc = SQLITE_NOMEM;
+ nElem = 0;
+ break;
+ }
+ aElem = aElem2;
+ }
+
+ aElem[nElem++] = pE;
+ }
+ }
+
+ /* If more than one term matches the prefix, sort the Fts3HashElem
+ ** objects in term order using qsort(). This uses the same comparison
+ ** callback as is used when flushing terms to disk.
+ */
+ if( nElem>1 ){
+ qsort(aElem, nElem, sizeof(Fts3HashElem *), fts3CompareElemByTerm);
+ }
+
+ }else{
+ /* The query is a simple term lookup that matches at most one term in
+ ** the index. All that is required is a straight hash-lookup.
+ **
+ ** Because the stack address of pE may be accessed via the aElem pointer
+ ** below, the "Fts3HashElem *pE" must be declared so that it is valid
+ ** within this entire function, not just this "else{...}" block.
+ */
+ pE = fts3HashFindElem(pHash, zTerm, nTerm);
+ if( pE ){
+ aElem = &pE;
+ nElem = 1;
+ }
+ }
+
+ if( nElem>0 ){
+ int nByte = sizeof(Fts3SegReader) + (nElem+1)*sizeof(Fts3HashElem *);
+ pReader = (Fts3SegReader *)sqlite3_malloc(nByte);
+ if( !pReader ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(pReader, 0, nByte);
+ pReader->iIdx = 0x7FFFFFFF;
+ pReader->ppNextElem = (Fts3HashElem **)&pReader[1];
+ memcpy(pReader->ppNextElem, aElem, nElem*sizeof(Fts3HashElem *));
+ }
+ }
+
+ if( bPrefix ){
+ sqlite3_free(aElem);
+ }
+ *ppReader = pReader;
+ return rc;
+}
+
+/*
+** Compare the entries pointed to by two Fts3SegReader structures.
+** Comparison is as follows:
+**
+** 1) EOF is greater than not EOF.
+**
+** 2) The current terms (if any) are compared using memcmp(). If one
+** term is a prefix of another, the longer term is considered the
+** larger.
+**
+** 3) By segment age. An older segment is considered larger.
+*/
+static int fts3SegReaderCmp(Fts3SegReader *pLhs, Fts3SegReader *pRhs){
+ int rc;
+ if( pLhs->aNode && pRhs->aNode ){
+ int rc2 = pLhs->nTerm - pRhs->nTerm;
+ if( rc2<0 ){
+ rc = memcmp(pLhs->zTerm, pRhs->zTerm, pLhs->nTerm);
+ }else{
+ rc = memcmp(pLhs->zTerm, pRhs->zTerm, pRhs->nTerm);
+ }
+ if( rc==0 ){
+ rc = rc2;
+ }
+ }else{
+ rc = (pLhs->aNode==0) - (pRhs->aNode==0);
+ }
+ if( rc==0 ){
+ rc = pRhs->iIdx - pLhs->iIdx;
+ }
+ assert( rc!=0 );
+ return rc;
+}
+
+/*
+** A different comparison function for SegReader structures. In this
+** version, it is assumed that each SegReader points to an entry in
+** a doclist for identical terms. Comparison is made as follows:
+**
+** 1) EOF (end of doclist in this case) is greater than not EOF.
+**
+** 2) By current docid.
+**
+** 3) By segment age. An older segment is considered larger.
+*/
+static int fts3SegReaderDoclistCmp(Fts3SegReader *pLhs, Fts3SegReader *pRhs){
+ int rc = (pLhs->pOffsetList==0)-(pRhs->pOffsetList==0);
+ if( rc==0 ){
+ if( pLhs->iDocid==pRhs->iDocid ){
+ rc = pRhs->iIdx - pLhs->iIdx;
+ }else{
+ rc = (pLhs->iDocid > pRhs->iDocid) ? 1 : -1;
+ }
+ }
+ assert( pLhs->aNode && pRhs->aNode );
+ return rc;
+}
+static int fts3SegReaderDoclistCmpRev(Fts3SegReader *pLhs, Fts3SegReader *pRhs){
+ int rc = (pLhs->pOffsetList==0)-(pRhs->pOffsetList==0);
+ if( rc==0 ){
+ if( pLhs->iDocid==pRhs->iDocid ){
+ rc = pRhs->iIdx - pLhs->iIdx;
+ }else{
+ rc = (pLhs->iDocid < pRhs->iDocid) ? 1 : -1;
+ }
+ }
+ assert( pLhs->aNode && pRhs->aNode );
+ return rc;
+}
+
+/*
+** Compare the term that the Fts3SegReader object passed as the first argument
+** points to with the term specified by arguments zTerm and nTerm.
+**
+** If the pSeg iterator is already at EOF, return 0. Otherwise, return
+** -ve if the pSeg term is less than zTerm/nTerm, 0 if the two terms are
+** equal, or +ve if the pSeg term is greater than zTerm/nTerm.
+*/
+static int fts3SegReaderTermCmp(
+ Fts3SegReader *pSeg, /* Segment reader object */
+ const char *zTerm, /* Term to compare to */
+ int nTerm /* Size of term zTerm in bytes */
+){
+ int res = 0;
+ if( pSeg->aNode ){
+ if( pSeg->nTerm>nTerm ){
+ res = memcmp(pSeg->zTerm, zTerm, nTerm);
+ }else{
+ res = memcmp(pSeg->zTerm, zTerm, pSeg->nTerm);
+ }
+ if( res==0 ){
+ res = pSeg->nTerm-nTerm;
+ }
+ }
+ return res;
+}
+
+/*
+** Argument apSegment is an array of nSegment elements. It is known that
+** the final (nSegment-nSuspect) members are already in sorted order
+** (according to the comparison function provided). This function shuffles
+** the array around until all entries are in sorted order.
+*/
+static void fts3SegReaderSort(
+ Fts3SegReader **apSegment, /* Array to sort entries of */
+ int nSegment, /* Size of apSegment array */
+ int nSuspect, /* Unsorted entry count */
+ int (*xCmp)(Fts3SegReader *, Fts3SegReader *) /* Comparison function */
+){
+ int i; /* Iterator variable */
+
+ assert( nSuspect<=nSegment );
+
+ if( nSuspect==nSegment ) nSuspect--;
+ for(i=nSuspect-1; i>=0; i--){
+ int j;
+ for(j=i; j<(nSegment-1); j++){
+ Fts3SegReader *pTmp;
+ if( xCmp(apSegment[j], apSegment[j+1])<0 ) break;
+ pTmp = apSegment[j+1];
+ apSegment[j+1] = apSegment[j];
+ apSegment[j] = pTmp;
+ }
+ }
+
+#ifndef NDEBUG
+ /* Check that the list really is sorted now. */
+ for(i=0; i<(nSuspect-1); i++){
+ assert( xCmp(apSegment[i], apSegment[i+1])<0 );
+ }
+#endif
+}
+
+/*
+** Insert a record into the %_segments table.
+*/
+static int fts3WriteSegment(
+ Fts3Table *p, /* Virtual table handle */
+ sqlite3_int64 iBlock, /* Block id for new block */
+ char *z, /* Pointer to buffer containing block data */
+ int n /* Size of buffer z in bytes */
+){
+ sqlite3_stmt *pStmt;
+ int rc = fts3SqlStmt(p, SQL_INSERT_SEGMENTS, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pStmt, 1, iBlock);
+ sqlite3_bind_blob(pStmt, 2, z, n, SQLITE_STATIC);
+ sqlite3_step(pStmt);
+ rc = sqlite3_reset(pStmt);
+ }
+ return rc;
+}
+
+/*
+** Find the largest relative level number in the table. If successful, set
+** *pnMax to this value and return SQLITE_OK. Otherwise, if an error occurs,
+** set *pnMax to zero and return an SQLite error code.
+*/
+SQLITE_PRIVATE int sqlite3Fts3MaxLevel(Fts3Table *p, int *pnMax){
+ int rc;
+ int mxLevel = 0;
+ sqlite3_stmt *pStmt = 0;
+
+ rc = fts3SqlStmt(p, SQL_SELECT_MXLEVEL, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ mxLevel = sqlite3_column_int(pStmt, 0);
+ }
+ rc = sqlite3_reset(pStmt);
+ }
+ *pnMax = mxLevel;
+ return rc;
+}
+
+/*
+** Insert a record into the %_segdir table.
+*/
+static int fts3WriteSegdir(
+ Fts3Table *p, /* Virtual table handle */
+ sqlite3_int64 iLevel, /* Value for "level" field (absolute level) */
+ int iIdx, /* Value for "idx" field */
+ sqlite3_int64 iStartBlock, /* Value for "start_block" field */
+ sqlite3_int64 iLeafEndBlock, /* Value for "leaves_end_block" field */
+ sqlite3_int64 iEndBlock, /* Value for "end_block" field */
+ sqlite3_int64 nLeafData, /* Bytes of leaf data in segment */
+ char *zRoot, /* Blob value for "root" field */
+ int nRoot /* Number of bytes in buffer zRoot */
+){
+ sqlite3_stmt *pStmt;
+ int rc = fts3SqlStmt(p, SQL_INSERT_SEGDIR, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pStmt, 1, iLevel);
+ sqlite3_bind_int(pStmt, 2, iIdx);
+ sqlite3_bind_int64(pStmt, 3, iStartBlock);
+ sqlite3_bind_int64(pStmt, 4, iLeafEndBlock);
+ if( nLeafData==0 ){
+ sqlite3_bind_int64(pStmt, 5, iEndBlock);
+ }else{
+ char *zEnd = sqlite3_mprintf("%lld %lld", iEndBlock, nLeafData);
+ if( !zEnd ) return SQLITE_NOMEM;
+ sqlite3_bind_text(pStmt, 5, zEnd, -1, sqlite3_free);
+ }
+ sqlite3_bind_blob(pStmt, 6, zRoot, nRoot, SQLITE_STATIC);
+ sqlite3_step(pStmt);
+ rc = sqlite3_reset(pStmt);
+ }
+ return rc;
+}
+
+/*
+** Return the size of the common prefix (if any) shared by zPrev and
+** zNext, in bytes. For example,
+**
+** fts3PrefixCompress("abc", 3, "abcdef", 6) // returns 3
+** fts3PrefixCompress("abX", 3, "abcdef", 6) // returns 2
+** fts3PrefixCompress("abX", 3, "Xbcdef", 6) // returns 0
+*/
+static int fts3PrefixCompress(
+ const char *zPrev, /* Buffer containing previous term */
+ int nPrev, /* Size of buffer zPrev in bytes */
+ const char *zNext, /* Buffer containing next term */
+ int nNext /* Size of buffer zNext in bytes */
+){
+ int n;
+ UNUSED_PARAMETER(nNext);
+ for(n=0; n<nPrev && zPrev[n]==zNext[n]; n++);
+ return n;
+}
+
+/*
+** Add term zTerm to the SegmentNode. It is guaranteed that zTerm is larger
+** (according to memcmp) than the previous term.
+*/
+static int fts3NodeAddTerm(
+ Fts3Table *p, /* Virtual table handle */
+ SegmentNode **ppTree, /* IN/OUT: SegmentNode handle */
+ int isCopyTerm, /* True if zTerm/nTerm is transient */
+ const char *zTerm, /* Pointer to buffer containing term */
+ int nTerm /* Size of term in bytes */
+){
+ SegmentNode *pTree = *ppTree;
+ int rc;
+ SegmentNode *pNew;
+
+ /* First try to append the term to the current node. Return early if
+ ** this is possible.
+ */
+ if( pTree ){
+ int nData = pTree->nData; /* Current size of node in bytes */
+ int nReq = nData; /* Required space after adding zTerm */
+ int nPrefix; /* Number of bytes of prefix compression */
+ int nSuffix; /* Suffix length */
+
+ nPrefix = fts3PrefixCompress(pTree->zTerm, pTree->nTerm, zTerm, nTerm);
+ nSuffix = nTerm-nPrefix;
+
+ nReq += sqlite3Fts3VarintLen(nPrefix)+sqlite3Fts3VarintLen(nSuffix)+nSuffix;
+ if( nReq<=p->nNodeSize || !pTree->zTerm ){
+
+ if( nReq>p->nNodeSize ){
+ /* An unusual case: this is the first term to be added to the node
+ ** and the static node buffer (p->nNodeSize bytes) is not large
+ ** enough. Use a separately malloced buffer instead This wastes
+ ** p->nNodeSize bytes, but since this scenario only comes about when
+ ** the database contain two terms that share a prefix of almost 2KB,
+ ** this is not expected to be a serious problem.
+ */
+ assert( pTree->aData==(char *)&pTree[1] );
+ pTree->aData = (char *)sqlite3_malloc(nReq);
+ if( !pTree->aData ){
+ return SQLITE_NOMEM;
+ }
+ }
+
+ if( pTree->zTerm ){
+ /* There is no prefix-length field for first term in a node */
+ nData += sqlite3Fts3PutVarint(&pTree->aData[nData], nPrefix);
+ }
+
+ nData += sqlite3Fts3PutVarint(&pTree->aData[nData], nSuffix);
+ memcpy(&pTree->aData[nData], &zTerm[nPrefix], nSuffix);
+ pTree->nData = nData + nSuffix;
+ pTree->nEntry++;
+
+ if( isCopyTerm ){
+ if( pTree->nMalloc<nTerm ){
+ char *zNew = sqlite3_realloc(pTree->zMalloc, nTerm*2);
+ if( !zNew ){
+ return SQLITE_NOMEM;
+ }
+ pTree->nMalloc = nTerm*2;
+ pTree->zMalloc = zNew;
+ }
+ pTree->zTerm = pTree->zMalloc;
+ memcpy(pTree->zTerm, zTerm, nTerm);
+ pTree->nTerm = nTerm;
+ }else{
+ pTree->zTerm = (char *)zTerm;
+ pTree->nTerm = nTerm;
+ }
+ return SQLITE_OK;
+ }
+ }
+
+ /* If control flows to here, it was not possible to append zTerm to the
+ ** current node. Create a new node (a right-sibling of the current node).
+ ** If this is the first node in the tree, the term is added to it.
+ **
+ ** Otherwise, the term is not added to the new node, it is left empty for
+ ** now. Instead, the term is inserted into the parent of pTree. If pTree
+ ** has no parent, one is created here.
+ */
+ pNew = (SegmentNode *)sqlite3_malloc(sizeof(SegmentNode) + p->nNodeSize);
+ if( !pNew ){
+ return SQLITE_NOMEM;
+ }
+ memset(pNew, 0, sizeof(SegmentNode));
+ pNew->nData = 1 + FTS3_VARINT_MAX;
+ pNew->aData = (char *)&pNew[1];
+
+ if( pTree ){
+ SegmentNode *pParent = pTree->pParent;
+ rc = fts3NodeAddTerm(p, &pParent, isCopyTerm, zTerm, nTerm);
+ if( pTree->pParent==0 ){
+ pTree->pParent = pParent;
+ }
+ pTree->pRight = pNew;
+ pNew->pLeftmost = pTree->pLeftmost;
+ pNew->pParent = pParent;
+ pNew->zMalloc = pTree->zMalloc;
+ pNew->nMalloc = pTree->nMalloc;
+ pTree->zMalloc = 0;
+ }else{
+ pNew->pLeftmost = pNew;
+ rc = fts3NodeAddTerm(p, &pNew, isCopyTerm, zTerm, nTerm);
+ }
+
+ *ppTree = pNew;
+ return rc;
+}
+
+/*
+** Helper function for fts3NodeWrite().
+*/
+static int fts3TreeFinishNode(
+ SegmentNode *pTree,
+ int iHeight,
+ sqlite3_int64 iLeftChild
+){
+ int nStart;
+ assert( iHeight>=1 && iHeight<128 );
+ nStart = FTS3_VARINT_MAX - sqlite3Fts3VarintLen(iLeftChild);
+ pTree->aData[nStart] = (char)iHeight;
+ sqlite3Fts3PutVarint(&pTree->aData[nStart+1], iLeftChild);
+ return nStart;
+}
+
+/*
+** Write the buffer for the segment node pTree and all of its peers to the
+** database. Then call this function recursively to write the parent of
+** pTree and its peers to the database.
+**
+** Except, if pTree is a root node, do not write it to the database. Instead,
+** set output variables *paRoot and *pnRoot to contain the root node.
+**
+** If successful, SQLITE_OK is returned and output variable *piLast is
+** set to the largest blockid written to the database (or zero if no
+** blocks were written to the db). Otherwise, an SQLite error code is
+** returned.
+*/
+static int fts3NodeWrite(
+ Fts3Table *p, /* Virtual table handle */
+ SegmentNode *pTree, /* SegmentNode handle */
+ int iHeight, /* Height of this node in tree */
+ sqlite3_int64 iLeaf, /* Block id of first leaf node */
+ sqlite3_int64 iFree, /* Block id of next free slot in %_segments */
+ sqlite3_int64 *piLast, /* OUT: Block id of last entry written */
+ char **paRoot, /* OUT: Data for root node */
+ int *pnRoot /* OUT: Size of root node in bytes */
+){
+ int rc = SQLITE_OK;
+
+ if( !pTree->pParent ){
+ /* Root node of the tree. */
+ int nStart = fts3TreeFinishNode(pTree, iHeight, iLeaf);
+ *piLast = iFree-1;
+ *pnRoot = pTree->nData - nStart;
+ *paRoot = &pTree->aData[nStart];
+ }else{
+ SegmentNode *pIter;
+ sqlite3_int64 iNextFree = iFree;
+ sqlite3_int64 iNextLeaf = iLeaf;
+ for(pIter=pTree->pLeftmost; pIter && rc==SQLITE_OK; pIter=pIter->pRight){
+ int nStart = fts3TreeFinishNode(pIter, iHeight, iNextLeaf);
+ int nWrite = pIter->nData - nStart;
+
+ rc = fts3WriteSegment(p, iNextFree, &pIter->aData[nStart], nWrite);
+ iNextFree++;
+ iNextLeaf += (pIter->nEntry+1);
+ }
+ if( rc==SQLITE_OK ){
+ assert( iNextLeaf==iFree );
+ rc = fts3NodeWrite(
+ p, pTree->pParent, iHeight+1, iFree, iNextFree, piLast, paRoot, pnRoot
+ );
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Free all memory allocations associated with the tree pTree.
+*/
+static void fts3NodeFree(SegmentNode *pTree){
+ if( pTree ){
+ SegmentNode *p = pTree->pLeftmost;
+ fts3NodeFree(p->pParent);
+ while( p ){
+ SegmentNode *pRight = p->pRight;
+ if( p->aData!=(char *)&p[1] ){
+ sqlite3_free(p->aData);
+ }
+ assert( pRight==0 || p->zMalloc==0 );
+ sqlite3_free(p->zMalloc);
+ sqlite3_free(p);
+ p = pRight;
+ }
+ }
+}
+
+/*
+** Add a term to the segment being constructed by the SegmentWriter object
+** *ppWriter. When adding the first term to a segment, *ppWriter should
+** be passed NULL. This function will allocate a new SegmentWriter object
+** and return it via the input/output variable *ppWriter in this case.
+**
+** If successful, SQLITE_OK is returned. Otherwise, an SQLite error code.
+*/
+static int fts3SegWriterAdd(
+ Fts3Table *p, /* Virtual table handle */
+ SegmentWriter **ppWriter, /* IN/OUT: SegmentWriter handle */
+ int isCopyTerm, /* True if buffer zTerm must be copied */
+ const char *zTerm, /* Pointer to buffer containing term */
+ int nTerm, /* Size of term in bytes */
+ const char *aDoclist, /* Pointer to buffer containing doclist */
+ int nDoclist /* Size of doclist in bytes */
+){
+ int nPrefix; /* Size of term prefix in bytes */
+ int nSuffix; /* Size of term suffix in bytes */
+ int nReq; /* Number of bytes required on leaf page */
+ int nData;
+ SegmentWriter *pWriter = *ppWriter;
+
+ if( !pWriter ){
+ int rc;
+ sqlite3_stmt *pStmt;
+
+ /* Allocate the SegmentWriter structure */
+ pWriter = (SegmentWriter *)sqlite3_malloc(sizeof(SegmentWriter));
+ if( !pWriter ) return SQLITE_NOMEM;
+ memset(pWriter, 0, sizeof(SegmentWriter));
+ *ppWriter = pWriter;
+
+ /* Allocate a buffer in which to accumulate data */
+ pWriter->aData = (char *)sqlite3_malloc(p->nNodeSize);
+ if( !pWriter->aData ) return SQLITE_NOMEM;
+ pWriter->nSize = p->nNodeSize;
+
+ /* Find the next free blockid in the %_segments table */
+ rc = fts3SqlStmt(p, SQL_NEXT_SEGMENTS_ID, &pStmt, 0);
+ if( rc!=SQLITE_OK ) return rc;
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ pWriter->iFree = sqlite3_column_int64(pStmt, 0);
+ pWriter->iFirst = pWriter->iFree;
+ }
+ rc = sqlite3_reset(pStmt);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ nData = pWriter->nData;
+
+ nPrefix = fts3PrefixCompress(pWriter->zTerm, pWriter->nTerm, zTerm, nTerm);
+ nSuffix = nTerm-nPrefix;
+
+ /* Figure out how many bytes are required by this new entry */
+ nReq = sqlite3Fts3VarintLen(nPrefix) + /* varint containing prefix size */
+ sqlite3Fts3VarintLen(nSuffix) + /* varint containing suffix size */
+ nSuffix + /* Term suffix */
+ sqlite3Fts3VarintLen(nDoclist) + /* Size of doclist */
+ nDoclist; /* Doclist data */
+
+ if( nData>0 && nData+nReq>p->nNodeSize ){
+ int rc;
+
+ /* The current leaf node is full. Write it out to the database. */
+ rc = fts3WriteSegment(p, pWriter->iFree++, pWriter->aData, nData);
+ if( rc!=SQLITE_OK ) return rc;
+ p->nLeafAdd++;
+
+ /* Add the current term to the interior node tree. The term added to
+ ** the interior tree must:
+ **
+ ** a) be greater than the largest term on the leaf node just written
+ ** to the database (still available in pWriter->zTerm), and
+ **
+ ** b) be less than or equal to the term about to be added to the new
+ ** leaf node (zTerm/nTerm).
+ **
+ ** In other words, it must be the prefix of zTerm 1 byte longer than
+ ** the common prefix (if any) of zTerm and pWriter->zTerm.
+ */
+ assert( nPrefix<nTerm );
+ rc = fts3NodeAddTerm(p, &pWriter->pTree, isCopyTerm, zTerm, nPrefix+1);
+ if( rc!=SQLITE_OK ) return rc;
+
+ nData = 0;
+ pWriter->nTerm = 0;
+
+ nPrefix = 0;
+ nSuffix = nTerm;
+ nReq = 1 + /* varint containing prefix size */
+ sqlite3Fts3VarintLen(nTerm) + /* varint containing suffix size */
+ nTerm + /* Term suffix */
+ sqlite3Fts3VarintLen(nDoclist) + /* Size of doclist */
+ nDoclist; /* Doclist data */
+ }
+
+ /* Increase the total number of bytes written to account for the new entry. */
+ pWriter->nLeafData += nReq;
+
+ /* If the buffer currently allocated is too small for this entry, realloc
+ ** the buffer to make it large enough.
+ */
+ if( nReq>pWriter->nSize ){
+ char *aNew = sqlite3_realloc(pWriter->aData, nReq);
+ if( !aNew ) return SQLITE_NOMEM;
+ pWriter->aData = aNew;
+ pWriter->nSize = nReq;
+ }
+ assert( nData+nReq<=pWriter->nSize );
+
+ /* Append the prefix-compressed term and doclist to the buffer. */
+ nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nPrefix);
+ nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nSuffix);
+ memcpy(&pWriter->aData[nData], &zTerm[nPrefix], nSuffix);
+ nData += nSuffix;
+ nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nDoclist);
+ memcpy(&pWriter->aData[nData], aDoclist, nDoclist);
+ pWriter->nData = nData + nDoclist;
+
+ /* Save the current term so that it can be used to prefix-compress the next.
+ ** If the isCopyTerm parameter is true, then the buffer pointed to by
+ ** zTerm is transient, so take a copy of the term data. Otherwise, just
+ ** store a copy of the pointer.
+ */
+ if( isCopyTerm ){
+ if( nTerm>pWriter->nMalloc ){
+ char *zNew = sqlite3_realloc(pWriter->zMalloc, nTerm*2);
+ if( !zNew ){
+ return SQLITE_NOMEM;
+ }
+ pWriter->nMalloc = nTerm*2;
+ pWriter->zMalloc = zNew;
+ pWriter->zTerm = zNew;
+ }
+ assert( pWriter->zTerm==pWriter->zMalloc );
+ memcpy(pWriter->zTerm, zTerm, nTerm);
+ }else{
+ pWriter->zTerm = (char *)zTerm;
+ }
+ pWriter->nTerm = nTerm;
+
+ return SQLITE_OK;
+}
+
+/*
+** Flush all data associated with the SegmentWriter object pWriter to the
+** database. This function must be called after all terms have been added
+** to the segment using fts3SegWriterAdd(). If successful, SQLITE_OK is
+** returned. Otherwise, an SQLite error code.
+*/
+static int fts3SegWriterFlush(
+ Fts3Table *p, /* Virtual table handle */
+ SegmentWriter *pWriter, /* SegmentWriter to flush to the db */
+ sqlite3_int64 iLevel, /* Value for 'level' column of %_segdir */
+ int iIdx /* Value for 'idx' column of %_segdir */
+){
+ int rc; /* Return code */
+ if( pWriter->pTree ){
+ sqlite3_int64 iLast = 0; /* Largest block id written to database */
+ sqlite3_int64 iLastLeaf; /* Largest leaf block id written to db */
+ char *zRoot = NULL; /* Pointer to buffer containing root node */
+ int nRoot = 0; /* Size of buffer zRoot */
+
+ iLastLeaf = pWriter->iFree;
+ rc = fts3WriteSegment(p, pWriter->iFree++, pWriter->aData, pWriter->nData);
+ if( rc==SQLITE_OK ){
+ rc = fts3NodeWrite(p, pWriter->pTree, 1,
+ pWriter->iFirst, pWriter->iFree, &iLast, &zRoot, &nRoot);
+ }
+ if( rc==SQLITE_OK ){
+ rc = fts3WriteSegdir(p, iLevel, iIdx,
+ pWriter->iFirst, iLastLeaf, iLast, pWriter->nLeafData, zRoot, nRoot);
+ }
+ }else{
+ /* The entire tree fits on the root node. Write it to the segdir table. */
+ rc = fts3WriteSegdir(p, iLevel, iIdx,
+ 0, 0, 0, pWriter->nLeafData, pWriter->aData, pWriter->nData);
+ }
+ p->nLeafAdd++;
+ return rc;
+}
+
+/*
+** Release all memory held by the SegmentWriter object passed as the
+** first argument.
+*/
+static void fts3SegWriterFree(SegmentWriter *pWriter){
+ if( pWriter ){
+ sqlite3_free(pWriter->aData);
+ sqlite3_free(pWriter->zMalloc);
+ fts3NodeFree(pWriter->pTree);
+ sqlite3_free(pWriter);
+ }
+}
+
+/*
+** The first value in the apVal[] array is assumed to contain an integer.
+** This function tests if there exist any documents with docid values that
+** are different from that integer. i.e. if deleting the document with docid
+** pRowid would mean the FTS3 table were empty.
+**
+** If successful, *pisEmpty is set to true if the table is empty except for
+** document pRowid, or false otherwise, and SQLITE_OK is returned. If an
+** error occurs, an SQLite error code is returned.
+*/
+static int fts3IsEmpty(Fts3Table *p, sqlite3_value *pRowid, int *pisEmpty){
+ sqlite3_stmt *pStmt;
+ int rc;
+ if( p->zContentTbl ){
+ /* If using the content=xxx option, assume the table is never empty */
+ *pisEmpty = 0;
+ rc = SQLITE_OK;
+ }else{
+ rc = fts3SqlStmt(p, SQL_IS_EMPTY, &pStmt, &pRowid);
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ *pisEmpty = sqlite3_column_int(pStmt, 0);
+ }
+ rc = sqlite3_reset(pStmt);
+ }
+ }
+ return rc;
+}
+
+/*
+** Set *pnMax to the largest segment level in the database for the index
+** iIndex.
+**
+** Segment levels are stored in the 'level' column of the %_segdir table.
+**
+** Return SQLITE_OK if successful, or an SQLite error code if not.
+*/
+static int fts3SegmentMaxLevel(
+ Fts3Table *p,
+ int iLangid,
+ int iIndex,
+ sqlite3_int64 *pnMax
+){
+ sqlite3_stmt *pStmt;
+ int rc;
+ assert( iIndex>=0 && iIndex<p->nIndex );
+
+ /* Set pStmt to the compiled version of:
+ **
+ ** SELECT max(level) FROM %Q.'%q_segdir' WHERE level BETWEEN ? AND ?
+ **
+ ** (1024 is actually the value of macro FTS3_SEGDIR_PREFIXLEVEL_STR).
+ */
+ rc = fts3SqlStmt(p, SQL_SELECT_SEGDIR_MAX_LEVEL, &pStmt, 0);
+ if( rc!=SQLITE_OK ) return rc;
+ sqlite3_bind_int64(pStmt, 1, getAbsoluteLevel(p, iLangid, iIndex, 0));
+ sqlite3_bind_int64(pStmt, 2,
+ getAbsoluteLevel(p, iLangid, iIndex, FTS3_SEGDIR_MAXLEVEL-1)
+ );
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ *pnMax = sqlite3_column_int64(pStmt, 0);
+ }
+ return sqlite3_reset(pStmt);
+}
+
+/*
+** iAbsLevel is an absolute level that may be assumed to exist within
+** the database. This function checks if it is the largest level number
+** within its index. Assuming no error occurs, *pbMax is set to 1 if
+** iAbsLevel is indeed the largest level, or 0 otherwise, and SQLITE_OK
+** is returned. If an error occurs, an error code is returned and the
+** final value of *pbMax is undefined.
+*/
+static int fts3SegmentIsMaxLevel(Fts3Table *p, i64 iAbsLevel, int *pbMax){
+
+ /* Set pStmt to the compiled version of:
+ **
+ ** SELECT max(level) FROM %Q.'%q_segdir' WHERE level BETWEEN ? AND ?
+ **
+ ** (1024 is actually the value of macro FTS3_SEGDIR_PREFIXLEVEL_STR).
+ */
+ sqlite3_stmt *pStmt;
+ int rc = fts3SqlStmt(p, SQL_SELECT_SEGDIR_MAX_LEVEL, &pStmt, 0);
+ if( rc!=SQLITE_OK ) return rc;
+ sqlite3_bind_int64(pStmt, 1, iAbsLevel+1);
+ sqlite3_bind_int64(pStmt, 2,
+ ((iAbsLevel/FTS3_SEGDIR_MAXLEVEL)+1) * FTS3_SEGDIR_MAXLEVEL
+ );
+
+ *pbMax = 0;
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ *pbMax = sqlite3_column_type(pStmt, 0)==SQLITE_NULL;
+ }
+ return sqlite3_reset(pStmt);
+}
+
+/*
+** Delete all entries in the %_segments table associated with the segment
+** opened with seg-reader pSeg. This function does not affect the contents
+** of the %_segdir table.
+*/
+static int fts3DeleteSegment(
+ Fts3Table *p, /* FTS table handle */
+ Fts3SegReader *pSeg /* Segment to delete */
+){
+ int rc = SQLITE_OK; /* Return code */
+ if( pSeg->iStartBlock ){
+ sqlite3_stmt *pDelete; /* SQL statement to delete rows */
+ rc = fts3SqlStmt(p, SQL_DELETE_SEGMENTS_RANGE, &pDelete, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDelete, 1, pSeg->iStartBlock);
+ sqlite3_bind_int64(pDelete, 2, pSeg->iEndBlock);
+ sqlite3_step(pDelete);
+ rc = sqlite3_reset(pDelete);
+ }
+ }
+ return rc;
+}
+
+/*
+** This function is used after merging multiple segments into a single large
+** segment to delete the old, now redundant, segment b-trees. Specifically,
+** it:
+**
+** 1) Deletes all %_segments entries for the segments associated with
+** each of the SegReader objects in the array passed as the third
+** argument, and
+**
+** 2) deletes all %_segdir entries with level iLevel, or all %_segdir
+** entries regardless of level if (iLevel<0).
+**
+** SQLITE_OK is returned if successful, otherwise an SQLite error code.
+*/
+static int fts3DeleteSegdir(
+ Fts3Table *p, /* Virtual table handle */
+ int iLangid, /* Language id */
+ int iIndex, /* Index for p->aIndex */
+ int iLevel, /* Level of %_segdir entries to delete */
+ Fts3SegReader **apSegment, /* Array of SegReader objects */
+ int nReader /* Size of array apSegment */
+){
+ int rc = SQLITE_OK; /* Return Code */
+ int i; /* Iterator variable */
+ sqlite3_stmt *pDelete = 0; /* SQL statement to delete rows */
+
+ for(i=0; rc==SQLITE_OK && i<nReader; i++){
+ rc = fts3DeleteSegment(p, apSegment[i]);
+ }
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ assert( iLevel>=0 || iLevel==FTS3_SEGCURSOR_ALL );
+ if( iLevel==FTS3_SEGCURSOR_ALL ){
+ rc = fts3SqlStmt(p, SQL_DELETE_SEGDIR_RANGE, &pDelete, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDelete, 1, getAbsoluteLevel(p, iLangid, iIndex, 0));
+ sqlite3_bind_int64(pDelete, 2,
+ getAbsoluteLevel(p, iLangid, iIndex, FTS3_SEGDIR_MAXLEVEL-1)
+ );
+ }
+ }else{
+ rc = fts3SqlStmt(p, SQL_DELETE_SEGDIR_LEVEL, &pDelete, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(
+ pDelete, 1, getAbsoluteLevel(p, iLangid, iIndex, iLevel)
+ );
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ sqlite3_step(pDelete);
+ rc = sqlite3_reset(pDelete);
+ }
+
+ return rc;
+}
+
+/*
+** When this function is called, buffer *ppList (size *pnList bytes) contains
+** a position list that may (or may not) feature multiple columns. This
+** function adjusts the pointer *ppList and the length *pnList so that they
+** identify the subset of the position list that corresponds to column iCol.
+**
+** If there are no entries in the input position list for column iCol, then
+** *pnList is set to zero before returning.
+**
+** If parameter bZero is non-zero, then any part of the input list following
+** the end of the output list is zeroed before returning.
+*/
+static void fts3ColumnFilter(
+ int iCol, /* Column to filter on */
+ int bZero, /* Zero out anything following *ppList */
+ char **ppList, /* IN/OUT: Pointer to position list */
+ int *pnList /* IN/OUT: Size of buffer *ppList in bytes */
+){
+ char *pList = *ppList;
+ int nList = *pnList;
+ char *pEnd = &pList[nList];
+ int iCurrent = 0;
+ char *p = pList;
+
+ assert( iCol>=0 );
+ while( 1 ){
+ char c = 0;
+ while( p<pEnd && (c | *p)&0xFE ) c = *p++ & 0x80;
+
+ if( iCol==iCurrent ){
+ nList = (int)(p - pList);
+ break;
+ }
+
+ nList -= (int)(p - pList);
+ pList = p;
+ if( nList==0 ){
+ break;
+ }
+ p = &pList[1];
+ p += fts3GetVarint32(p, &iCurrent);
+ }
+
+ if( bZero && &pList[nList]!=pEnd ){
+ memset(&pList[nList], 0, pEnd - &pList[nList]);
+ }
+ *ppList = pList;
+ *pnList = nList;
+}
+
+/*
+** Cache data in the Fts3MultiSegReader.aBuffer[] buffer (overwriting any
+** existing data). Grow the buffer if required.
+**
+** If successful, return SQLITE_OK. Otherwise, if an OOM error is encountered
+** trying to resize the buffer, return SQLITE_NOMEM.
+*/
+static int fts3MsrBufferData(
+ Fts3MultiSegReader *pMsr, /* Multi-segment-reader handle */
+ char *pList,
+ int nList
+){
+ if( nList>pMsr->nBuffer ){
+ char *pNew;
+ pMsr->nBuffer = nList*2;
+ pNew = (char *)sqlite3_realloc(pMsr->aBuffer, pMsr->nBuffer);
+ if( !pNew ) return SQLITE_NOMEM;
+ pMsr->aBuffer = pNew;
+ }
+
+ memcpy(pMsr->aBuffer, pList, nList);
+ return SQLITE_OK;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3MsrIncrNext(
+ Fts3Table *p, /* Virtual table handle */
+ Fts3MultiSegReader *pMsr, /* Multi-segment-reader handle */
+ sqlite3_int64 *piDocid, /* OUT: Docid value */
+ char **paPoslist, /* OUT: Pointer to position list */
+ int *pnPoslist /* OUT: Size of position list in bytes */
+){
+ int nMerge = pMsr->nAdvance;
+ Fts3SegReader **apSegment = pMsr->apSegment;
+ int (*xCmp)(Fts3SegReader *, Fts3SegReader *) = (
+ p->bDescIdx ? fts3SegReaderDoclistCmpRev : fts3SegReaderDoclistCmp
+ );
+
+ if( nMerge==0 ){
+ *paPoslist = 0;
+ return SQLITE_OK;
+ }
+
+ while( 1 ){
+ Fts3SegReader *pSeg;
+ pSeg = pMsr->apSegment[0];
+
+ if( pSeg->pOffsetList==0 ){
+ *paPoslist = 0;
+ break;
+ }else{
+ int rc;
+ char *pList;
+ int nList;
+ int j;
+ sqlite3_int64 iDocid = apSegment[0]->iDocid;
+
+ rc = fts3SegReaderNextDocid(p, apSegment[0], &pList, &nList);
+ j = 1;
+ while( rc==SQLITE_OK
+ && j<nMerge
+ && apSegment[j]->pOffsetList
+ && apSegment[j]->iDocid==iDocid
+ ){
+ rc = fts3SegReaderNextDocid(p, apSegment[j], 0, 0);
+ j++;
+ }
+ if( rc!=SQLITE_OK ) return rc;
+ fts3SegReaderSort(pMsr->apSegment, nMerge, j, xCmp);
+
+ if( nList>0 && fts3SegReaderIsPending(apSegment[0]) ){
+ rc = fts3MsrBufferData(pMsr, pList, nList+1);
+ if( rc!=SQLITE_OK ) return rc;
+ assert( (pMsr->aBuffer[nList] & 0xFE)==0x00 );
+ pList = pMsr->aBuffer;
+ }
+
+ if( pMsr->iColFilter>=0 ){
+ fts3ColumnFilter(pMsr->iColFilter, 1, &pList, &nList);
+ }
+
+ if( nList>0 ){
+ *paPoslist = pList;
+ *piDocid = iDocid;
+ *pnPoslist = nList;
+ break;
+ }
+ }
+ }
+
+ return SQLITE_OK;
+}
+
+static int fts3SegReaderStart(
+ Fts3Table *p, /* Virtual table handle */
+ Fts3MultiSegReader *pCsr, /* Cursor object */
+ const char *zTerm, /* Term searched for (or NULL) */
+ int nTerm /* Length of zTerm in bytes */
+){
+ int i;
+ int nSeg = pCsr->nSegment;
+
+ /* If the Fts3SegFilter defines a specific term (or term prefix) to search
+ ** for, then advance each segment iterator until it points to a term of
+ ** equal or greater value than the specified term. This prevents many
+ ** unnecessary merge/sort operations for the case where single segment
+ ** b-tree leaf nodes contain more than one term.
+ */
+ for(i=0; pCsr->bRestart==0 && i<pCsr->nSegment; i++){
+ int res = 0;
+ Fts3SegReader *pSeg = pCsr->apSegment[i];
+ do {
+ int rc = fts3SegReaderNext(p, pSeg, 0);
+ if( rc!=SQLITE_OK ) return rc;
+ }while( zTerm && (res = fts3SegReaderTermCmp(pSeg, zTerm, nTerm))<0 );
+
+ if( pSeg->bLookup && res!=0 ){
+ fts3SegReaderSetEof(pSeg);
+ }
+ }
+ fts3SegReaderSort(pCsr->apSegment, nSeg, nSeg, fts3SegReaderCmp);
+
+ return SQLITE_OK;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3SegReaderStart(
+ Fts3Table *p, /* Virtual table handle */
+ Fts3MultiSegReader *pCsr, /* Cursor object */
+ Fts3SegFilter *pFilter /* Restrictions on range of iteration */
+){
+ pCsr->pFilter = pFilter;
+ return fts3SegReaderStart(p, pCsr, pFilter->zTerm, pFilter->nTerm);
+}
+
+SQLITE_PRIVATE int sqlite3Fts3MsrIncrStart(
+ Fts3Table *p, /* Virtual table handle */
+ Fts3MultiSegReader *pCsr, /* Cursor object */
+ int iCol, /* Column to match on. */
+ const char *zTerm, /* Term to iterate through a doclist for */
+ int nTerm /* Number of bytes in zTerm */
+){
+ int i;
+ int rc;
+ int nSegment = pCsr->nSegment;
+ int (*xCmp)(Fts3SegReader *, Fts3SegReader *) = (
+ p->bDescIdx ? fts3SegReaderDoclistCmpRev : fts3SegReaderDoclistCmp
+ );
+
+ assert( pCsr->pFilter==0 );
+ assert( zTerm && nTerm>0 );
+
+ /* Advance each segment iterator until it points to the term zTerm/nTerm. */
+ rc = fts3SegReaderStart(p, pCsr, zTerm, nTerm);
+ if( rc!=SQLITE_OK ) return rc;
+
+ /* Determine how many of the segments actually point to zTerm/nTerm. */
+ for(i=0; i<nSegment; i++){
+ Fts3SegReader *pSeg = pCsr->apSegment[i];
+ if( !pSeg->aNode || fts3SegReaderTermCmp(pSeg, zTerm, nTerm) ){
+ break;
+ }
+ }
+ pCsr->nAdvance = i;
+
+ /* Advance each of the segments to point to the first docid. */
+ for(i=0; i<pCsr->nAdvance; i++){
+ rc = fts3SegReaderFirstDocid(p, pCsr->apSegment[i]);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ fts3SegReaderSort(pCsr->apSegment, i, i, xCmp);
+
+ assert( iCol<0 || iCol<p->nColumn );
+ pCsr->iColFilter = iCol;
+
+ return SQLITE_OK;
+}
+
+/*
+** This function is called on a MultiSegReader that has been started using
+** sqlite3Fts3MsrIncrStart(). One or more calls to MsrIncrNext() may also
+** have been made. Calling this function puts the MultiSegReader in such
+** a state that if the next two calls are:
+**
+** sqlite3Fts3SegReaderStart()
+** sqlite3Fts3SegReaderStep()
+**
+** then the entire doclist for the term is available in
+** MultiSegReader.aDoclist/nDoclist.
+*/
+SQLITE_PRIVATE int sqlite3Fts3MsrIncrRestart(Fts3MultiSegReader *pCsr){
+ int i; /* Used to iterate through segment-readers */
+
+ assert( pCsr->zTerm==0 );
+ assert( pCsr->nTerm==0 );
+ assert( pCsr->aDoclist==0 );
+ assert( pCsr->nDoclist==0 );
+
+ pCsr->nAdvance = 0;
+ pCsr->bRestart = 1;
+ for(i=0; i<pCsr->nSegment; i++){
+ pCsr->apSegment[i]->pOffsetList = 0;
+ pCsr->apSegment[i]->nOffsetList = 0;
+ pCsr->apSegment[i]->iDocid = 0;
+ }
+
+ return SQLITE_OK;
+}
+
+
+SQLITE_PRIVATE int sqlite3Fts3SegReaderStep(
+ Fts3Table *p, /* Virtual table handle */
+ Fts3MultiSegReader *pCsr /* Cursor object */
+){
+ int rc = SQLITE_OK;
+
+ int isIgnoreEmpty = (pCsr->pFilter->flags & FTS3_SEGMENT_IGNORE_EMPTY);
+ int isRequirePos = (pCsr->pFilter->flags & FTS3_SEGMENT_REQUIRE_POS);
+ int isColFilter = (pCsr->pFilter->flags & FTS3_SEGMENT_COLUMN_FILTER);
+ int isPrefix = (pCsr->pFilter->flags & FTS3_SEGMENT_PREFIX);
+ int isScan = (pCsr->pFilter->flags & FTS3_SEGMENT_SCAN);
+ int isFirst = (pCsr->pFilter->flags & FTS3_SEGMENT_FIRST);
+
+ Fts3SegReader **apSegment = pCsr->apSegment;
+ int nSegment = pCsr->nSegment;
+ Fts3SegFilter *pFilter = pCsr->pFilter;
+ int (*xCmp)(Fts3SegReader *, Fts3SegReader *) = (
+ p->bDescIdx ? fts3SegReaderDoclistCmpRev : fts3SegReaderDoclistCmp
+ );
+
+ if( pCsr->nSegment==0 ) return SQLITE_OK;
+
+ do {
+ int nMerge;
+ int i;
+
+ /* Advance the first pCsr->nAdvance entries in the apSegment[] array
+ ** forward. Then sort the list in order of current term again.
+ */
+ for(i=0; i<pCsr->nAdvance; i++){
+ Fts3SegReader *pSeg = apSegment[i];
+ if( pSeg->bLookup ){
+ fts3SegReaderSetEof(pSeg);
+ }else{
+ rc = fts3SegReaderNext(p, pSeg, 0);
+ }
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ fts3SegReaderSort(apSegment, nSegment, pCsr->nAdvance, fts3SegReaderCmp);
+ pCsr->nAdvance = 0;
+
+ /* If all the seg-readers are at EOF, we're finished. return SQLITE_OK. */
+ assert( rc==SQLITE_OK );
+ if( apSegment[0]->aNode==0 ) break;
+
+ pCsr->nTerm = apSegment[0]->nTerm;
+ pCsr->zTerm = apSegment[0]->zTerm;
+
+ /* If this is a prefix-search, and if the term that apSegment[0] points
+ ** to does not share a suffix with pFilter->zTerm/nTerm, then all
+ ** required callbacks have been made. In this case exit early.
+ **
+ ** Similarly, if this is a search for an exact match, and the first term
+ ** of segment apSegment[0] is not a match, exit early.
+ */
+ if( pFilter->zTerm && !isScan ){
+ if( pCsr->nTerm<pFilter->nTerm
+ || (!isPrefix && pCsr->nTerm>pFilter->nTerm)
+ || memcmp(pCsr->zTerm, pFilter->zTerm, pFilter->nTerm)
+ ){
+ break;
+ }
+ }
+
+ nMerge = 1;
+ while( nMerge<nSegment
+ && apSegment[nMerge]->aNode
+ && apSegment[nMerge]->nTerm==pCsr->nTerm
+ && 0==memcmp(pCsr->zTerm, apSegment[nMerge]->zTerm, pCsr->nTerm)
+ ){
+ nMerge++;
+ }
+
+ assert( isIgnoreEmpty || (isRequirePos && !isColFilter) );
+ if( nMerge==1
+ && !isIgnoreEmpty
+ && !isFirst
+ && (p->bDescIdx==0 || fts3SegReaderIsPending(apSegment[0])==0)
+ ){
+ pCsr->nDoclist = apSegment[0]->nDoclist;
+ if( fts3SegReaderIsPending(apSegment[0]) ){
+ rc = fts3MsrBufferData(pCsr, apSegment[0]->aDoclist, pCsr->nDoclist);
+ pCsr->aDoclist = pCsr->aBuffer;
+ }else{
+ pCsr->aDoclist = apSegment[0]->aDoclist;
+ }
+ if( rc==SQLITE_OK ) rc = SQLITE_ROW;
+ }else{
+ int nDoclist = 0; /* Size of doclist */
+ sqlite3_int64 iPrev = 0; /* Previous docid stored in doclist */
+
+ /* The current term of the first nMerge entries in the array
+ ** of Fts3SegReader objects is the same. The doclists must be merged
+ ** and a single term returned with the merged doclist.
+ */
+ for(i=0; i<nMerge; i++){
+ fts3SegReaderFirstDocid(p, apSegment[i]);
+ }
+ fts3SegReaderSort(apSegment, nMerge, nMerge, xCmp);
+ while( apSegment[0]->pOffsetList ){
+ int j; /* Number of segments that share a docid */
+ char *pList = 0;
+ int nList = 0;
+ int nByte;
+ sqlite3_int64 iDocid = apSegment[0]->iDocid;
+ fts3SegReaderNextDocid(p, apSegment[0], &pList, &nList);
+ j = 1;
+ while( j<nMerge
+ && apSegment[j]->pOffsetList
+ && apSegment[j]->iDocid==iDocid
+ ){
+ fts3SegReaderNextDocid(p, apSegment[j], 0, 0);
+ j++;
+ }
+
+ if( isColFilter ){
+ fts3ColumnFilter(pFilter->iCol, 0, &pList, &nList);
+ }
+
+ if( !isIgnoreEmpty || nList>0 ){
+
+ /* Calculate the 'docid' delta value to write into the merged
+ ** doclist. */
+ sqlite3_int64 iDelta;
+ if( p->bDescIdx && nDoclist>0 ){
+ iDelta = iPrev - iDocid;
+ }else{
+ iDelta = iDocid - iPrev;
+ }
+ assert( iDelta>0 || (nDoclist==0 && iDelta==iDocid) );
+ assert( nDoclist>0 || iDelta==iDocid );
+
+ nByte = sqlite3Fts3VarintLen(iDelta) + (isRequirePos?nList+1:0);
+ if( nDoclist+nByte>pCsr->nBuffer ){
+ char *aNew;
+ pCsr->nBuffer = (nDoclist+nByte)*2;
+ aNew = sqlite3_realloc(pCsr->aBuffer, pCsr->nBuffer);
+ if( !aNew ){
+ return SQLITE_NOMEM;
+ }
+ pCsr->aBuffer = aNew;
+ }
+
+ if( isFirst ){
+ char *a = &pCsr->aBuffer[nDoclist];
+ int nWrite;
+
+ nWrite = sqlite3Fts3FirstFilter(iDelta, pList, nList, a);
+ if( nWrite ){
+ iPrev = iDocid;
+ nDoclist += nWrite;
+ }
+ }else{
+ nDoclist += sqlite3Fts3PutVarint(&pCsr->aBuffer[nDoclist], iDelta);
+ iPrev = iDocid;
+ if( isRequirePos ){
+ memcpy(&pCsr->aBuffer[nDoclist], pList, nList);
+ nDoclist += nList;
+ pCsr->aBuffer[nDoclist++] = '\0';
+ }
+ }
+ }
+
+ fts3SegReaderSort(apSegment, nMerge, j, xCmp);
+ }
+ if( nDoclist>0 ){
+ pCsr->aDoclist = pCsr->aBuffer;
+ pCsr->nDoclist = nDoclist;
+ rc = SQLITE_ROW;
+ }
+ }
+ pCsr->nAdvance = nMerge;
+ }while( rc==SQLITE_OK );
+
+ return rc;
+}
+
+
+SQLITE_PRIVATE void sqlite3Fts3SegReaderFinish(
+ Fts3MultiSegReader *pCsr /* Cursor object */
+){
+ if( pCsr ){
+ int i;
+ for(i=0; i<pCsr->nSegment; i++){
+ sqlite3Fts3SegReaderFree(pCsr->apSegment[i]);
+ }
+ sqlite3_free(pCsr->apSegment);
+ sqlite3_free(pCsr->aBuffer);
+
+ pCsr->nSegment = 0;
+ pCsr->apSegment = 0;
+ pCsr->aBuffer = 0;
+ }
+}
+
+/*
+** Decode the "end_block" field, selected by column iCol of the SELECT
+** statement passed as the first argument.
+**
+** The "end_block" field may contain either an integer, or a text field
+** containing the text representation of two non-negative integers separated
+** by one or more space (0x20) characters. In the first case, set *piEndBlock
+** to the integer value and *pnByte to zero before returning. In the second,
+** set *piEndBlock to the first value and *pnByte to the second.
+*/
+static void fts3ReadEndBlockField(
+ sqlite3_stmt *pStmt,
+ int iCol,
+ i64 *piEndBlock,
+ i64 *pnByte
+){
+ const unsigned char *zText = sqlite3_column_text(pStmt, iCol);
+ if( zText ){
+ int i;
+ int iMul = 1;
+ i64 iVal = 0;
+ for(i=0; zText[i]>='0' && zText[i]<='9'; i++){
+ iVal = iVal*10 + (zText[i] - '0');
+ }
+ *piEndBlock = iVal;
+ while( zText[i]==' ' ) i++;
+ iVal = 0;
+ if( zText[i]=='-' ){
+ i++;
+ iMul = -1;
+ }
+ for(/* no-op */; zText[i]>='0' && zText[i]<='9'; i++){
+ iVal = iVal*10 + (zText[i] - '0');
+ }
+ *pnByte = (iVal * (i64)iMul);
+ }
+}
+
+
+/*
+** A segment of size nByte bytes has just been written to absolute level
+** iAbsLevel. Promote any segments that should be promoted as a result.
+*/
+static int fts3PromoteSegments(
+ Fts3Table *p, /* FTS table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level just updated */
+ sqlite3_int64 nByte /* Size of new segment at iAbsLevel */
+){
+ int rc = SQLITE_OK;
+ sqlite3_stmt *pRange;
+
+ rc = fts3SqlStmt(p, SQL_SELECT_LEVEL_RANGE2, &pRange, 0);
+
+ if( rc==SQLITE_OK ){
+ int bOk = 0;
+ i64 iLast = (iAbsLevel/FTS3_SEGDIR_MAXLEVEL + 1) * FTS3_SEGDIR_MAXLEVEL - 1;
+ i64 nLimit = (nByte*3)/2;
+
+ /* Loop through all entries in the %_segdir table corresponding to
+ ** segments in this index on levels greater than iAbsLevel. If there is
+ ** at least one such segment, and it is possible to determine that all
+ ** such segments are smaller than nLimit bytes in size, they will be
+ ** promoted to level iAbsLevel. */
+ sqlite3_bind_int64(pRange, 1, iAbsLevel+1);
+ sqlite3_bind_int64(pRange, 2, iLast);
+ while( SQLITE_ROW==sqlite3_step(pRange) ){
+ i64 nSize = 0, dummy;
+ fts3ReadEndBlockField(pRange, 2, &dummy, &nSize);
+ if( nSize<=0 || nSize>nLimit ){
+ /* If nSize==0, then the %_segdir.end_block field does not not
+ ** contain a size value. This happens if it was written by an
+ ** old version of FTS. In this case it is not possible to determine
+ ** the size of the segment, and so segment promotion does not
+ ** take place. */
+ bOk = 0;
+ break;
+ }
+ bOk = 1;
+ }
+ rc = sqlite3_reset(pRange);
+
+ if( bOk ){
+ int iIdx = 0;
+ sqlite3_stmt *pUpdate1 = 0;
+ sqlite3_stmt *pUpdate2 = 0;
+
+ if( rc==SQLITE_OK ){
+ rc = fts3SqlStmt(p, SQL_UPDATE_LEVEL_IDX, &pUpdate1, 0);
+ }
+ if( rc==SQLITE_OK ){
+ rc = fts3SqlStmt(p, SQL_UPDATE_LEVEL, &pUpdate2, 0);
+ }
+
+ if( rc==SQLITE_OK ){
+
+ /* Loop through all %_segdir entries for segments in this index with
+ ** levels equal to or greater than iAbsLevel. As each entry is visited,
+ ** updated it to set (level = -1) and (idx = N), where N is 0 for the
+ ** oldest segment in the range, 1 for the next oldest, and so on.
+ **
+ ** In other words, move all segments being promoted to level -1,
+ ** setting the "idx" fields as appropriate to keep them in the same
+ ** order. The contents of level -1 (which is never used, except
+ ** transiently here), will be moved back to level iAbsLevel below. */
+ sqlite3_bind_int64(pRange, 1, iAbsLevel);
+ while( SQLITE_ROW==sqlite3_step(pRange) ){
+ sqlite3_bind_int(pUpdate1, 1, iIdx++);
+ sqlite3_bind_int(pUpdate1, 2, sqlite3_column_int(pRange, 0));
+ sqlite3_bind_int(pUpdate1, 3, sqlite3_column_int(pRange, 1));
+ sqlite3_step(pUpdate1);
+ rc = sqlite3_reset(pUpdate1);
+ if( rc!=SQLITE_OK ){
+ sqlite3_reset(pRange);
+ break;
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_reset(pRange);
+ }
+
+ /* Move level -1 to level iAbsLevel */
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pUpdate2, 1, iAbsLevel);
+ sqlite3_step(pUpdate2);
+ rc = sqlite3_reset(pUpdate2);
+ }
+ }
+ }
+
+
+ return rc;
+}
+
+/*
+** Merge all level iLevel segments in the database into a single
+** iLevel+1 segment. Or, if iLevel<0, merge all segments into a
+** single segment with a level equal to the numerically largest level
+** currently present in the database.
+**
+** If this function is called with iLevel<0, but there is only one
+** segment in the database, SQLITE_DONE is returned immediately.
+** Otherwise, if successful, SQLITE_OK is returned. If an error occurs,
+** an SQLite error code is returned.
+*/
+static int fts3SegmentMerge(
+ Fts3Table *p,
+ int iLangid, /* Language id to merge */
+ int iIndex, /* Index in p->aIndex[] to merge */
+ int iLevel /* Level to merge */
+){
+ int rc; /* Return code */
+ int iIdx = 0; /* Index of new segment */
+ sqlite3_int64 iNewLevel = 0; /* Level/index to create new segment at */
+ SegmentWriter *pWriter = 0; /* Used to write the new, merged, segment */
+ Fts3SegFilter filter; /* Segment term filter condition */
+ Fts3MultiSegReader csr; /* Cursor to iterate through level(s) */
+ int bIgnoreEmpty = 0; /* True to ignore empty segments */
+ i64 iMaxLevel = 0; /* Max level number for this index/langid */
+
+ assert( iLevel==FTS3_SEGCURSOR_ALL
+ || iLevel==FTS3_SEGCURSOR_PENDING
+ || iLevel>=0
+ );
+ assert( iLevel<FTS3_SEGDIR_MAXLEVEL );
+ assert( iIndex>=0 && iIndex<p->nIndex );
+
+ rc = sqlite3Fts3SegReaderCursor(p, iLangid, iIndex, iLevel, 0, 0, 1, 0, &csr);
+ if( rc!=SQLITE_OK || csr.nSegment==0 ) goto finished;
+
+ if( iLevel!=FTS3_SEGCURSOR_PENDING ){
+ rc = fts3SegmentMaxLevel(p, iLangid, iIndex, &iMaxLevel);
+ if( rc!=SQLITE_OK ) goto finished;
+ }
+
+ if( iLevel==FTS3_SEGCURSOR_ALL ){
+ /* This call is to merge all segments in the database to a single
+ ** segment. The level of the new segment is equal to the numerically
+ ** greatest segment level currently present in the database for this
+ ** index. The idx of the new segment is always 0. */
+ if( csr.nSegment==1 ){
+ rc = SQLITE_DONE;
+ goto finished;
+ }
+ iNewLevel = iMaxLevel;
+ bIgnoreEmpty = 1;
+
+ }else{
+ /* This call is to merge all segments at level iLevel. find the next
+ ** available segment index at level iLevel+1. The call to
+ ** fts3AllocateSegdirIdx() will merge the segments at level iLevel+1 to
+ ** a single iLevel+2 segment if necessary. */
+ assert( FTS3_SEGCURSOR_PENDING==-1 );
+ iNewLevel = getAbsoluteLevel(p, iLangid, iIndex, iLevel+1);
+ rc = fts3AllocateSegdirIdx(p, iLangid, iIndex, iLevel+1, &iIdx);
+ bIgnoreEmpty = (iLevel!=FTS3_SEGCURSOR_PENDING) && (iNewLevel>iMaxLevel);
+ }
+ if( rc!=SQLITE_OK ) goto finished;
+
+ assert( csr.nSegment>0 );
+ assert( iNewLevel>=getAbsoluteLevel(p, iLangid, iIndex, 0) );
+ assert( iNewLevel<getAbsoluteLevel(p, iLangid, iIndex,FTS3_SEGDIR_MAXLEVEL) );
+
+ memset(&filter, 0, sizeof(Fts3SegFilter));
+ filter.flags = FTS3_SEGMENT_REQUIRE_POS;
+ filter.flags |= (bIgnoreEmpty ? FTS3_SEGMENT_IGNORE_EMPTY : 0);
+
+ rc = sqlite3Fts3SegReaderStart(p, &csr, &filter);
+ while( SQLITE_OK==rc ){
+ rc = sqlite3Fts3SegReaderStep(p, &csr);
+ if( rc!=SQLITE_ROW ) break;
+ rc = fts3SegWriterAdd(p, &pWriter, 1,
+ csr.zTerm, csr.nTerm, csr.aDoclist, csr.nDoclist);
+ }
+ if( rc!=SQLITE_OK ) goto finished;
+ assert( pWriter || bIgnoreEmpty );
+
+ if( iLevel!=FTS3_SEGCURSOR_PENDING ){
+ rc = fts3DeleteSegdir(
+ p, iLangid, iIndex, iLevel, csr.apSegment, csr.nSegment
+ );
+ if( rc!=SQLITE_OK ) goto finished;
+ }
+ if( pWriter ){
+ rc = fts3SegWriterFlush(p, pWriter, iNewLevel, iIdx);
+ if( rc==SQLITE_OK ){
+ if( iLevel==FTS3_SEGCURSOR_PENDING || iNewLevel<iMaxLevel ){
+ rc = fts3PromoteSegments(p, iNewLevel, pWriter->nLeafData);
+ }
+ }
+ }
+
+ finished:
+ fts3SegWriterFree(pWriter);
+ sqlite3Fts3SegReaderFinish(&csr);
+ return rc;
+}
+
+
+/*
+** Flush the contents of pendingTerms to level 0 segments.
+*/
+SQLITE_PRIVATE int sqlite3Fts3PendingTermsFlush(Fts3Table *p){
+ int rc = SQLITE_OK;
+ int i;
+
+ for(i=0; rc==SQLITE_OK && i<p->nIndex; i++){
+ rc = fts3SegmentMerge(p, p->iPrevLangid, i, FTS3_SEGCURSOR_PENDING);
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ }
+ sqlite3Fts3PendingTermsClear(p);
+
+ /* Determine the auto-incr-merge setting if unknown. If enabled,
+ ** estimate the number of leaf blocks of content to be written
+ */
+ if( rc==SQLITE_OK && p->bHasStat
+ && p->nAutoincrmerge==0xff && p->nLeafAdd>0
+ ){
+ sqlite3_stmt *pStmt = 0;
+ rc = fts3SqlStmt(p, SQL_SELECT_STAT, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int(pStmt, 1, FTS_STAT_AUTOINCRMERGE);
+ rc = sqlite3_step(pStmt);
+ if( rc==SQLITE_ROW ){
+ p->nAutoincrmerge = sqlite3_column_int(pStmt, 0);
+ if( p->nAutoincrmerge==1 ) p->nAutoincrmerge = 8;
+ }else if( rc==SQLITE_DONE ){
+ p->nAutoincrmerge = 0;
+ }
+ rc = sqlite3_reset(pStmt);
+ }
+ }
+ return rc;
+}
+
+/*
+** Encode N integers as varints into a blob.
+*/
+static void fts3EncodeIntArray(
+ int N, /* The number of integers to encode */
+ u32 *a, /* The integer values */
+ char *zBuf, /* Write the BLOB here */
+ int *pNBuf /* Write number of bytes if zBuf[] used here */
+){
+ int i, j;
+ for(i=j=0; i<N; i++){
+ j += sqlite3Fts3PutVarint(&zBuf[j], (sqlite3_int64)a[i]);
+ }
+ *pNBuf = j;
+}
+
+/*
+** Decode a blob of varints into N integers
+*/
+static void fts3DecodeIntArray(
+ int N, /* The number of integers to decode */
+ u32 *a, /* Write the integer values */
+ const char *zBuf, /* The BLOB containing the varints */
+ int nBuf /* size of the BLOB */
+){
+ int i, j;
+ UNUSED_PARAMETER(nBuf);
+ for(i=j=0; i<N; i++){
+ sqlite3_int64 x;
+ j += sqlite3Fts3GetVarint(&zBuf[j], &x);
+ assert(j<=nBuf);
+ a[i] = (u32)(x & 0xffffffff);
+ }
+}
+
+/*
+** Insert the sizes (in tokens) for each column of the document
+** with docid equal to p->iPrevDocid. The sizes are encoded as
+** a blob of varints.
+*/
+static void fts3InsertDocsize(
+ int *pRC, /* Result code */
+ Fts3Table *p, /* Table into which to insert */
+ u32 *aSz /* Sizes of each column, in tokens */
+){
+ char *pBlob; /* The BLOB encoding of the document size */
+ int nBlob; /* Number of bytes in the BLOB */
+ sqlite3_stmt *pStmt; /* Statement used to insert the encoding */
+ int rc; /* Result code from subfunctions */
+
+ if( *pRC ) return;
+ pBlob = sqlite3_malloc( 10*p->nColumn );
+ if( pBlob==0 ){
+ *pRC = SQLITE_NOMEM;
+ return;
+ }
+ fts3EncodeIntArray(p->nColumn, aSz, pBlob, &nBlob);
+ rc = fts3SqlStmt(p, SQL_REPLACE_DOCSIZE, &pStmt, 0);
+ if( rc ){
+ sqlite3_free(pBlob);
+ *pRC = rc;
+ return;
+ }
+ sqlite3_bind_int64(pStmt, 1, p->iPrevDocid);
+ sqlite3_bind_blob(pStmt, 2, pBlob, nBlob, sqlite3_free);
+ sqlite3_step(pStmt);
+ *pRC = sqlite3_reset(pStmt);
+}
+
+/*
+** Record 0 of the %_stat table contains a blob consisting of N varints,
+** where N is the number of user defined columns in the fts3 table plus
+** two. If nCol is the number of user defined columns, then values of the
+** varints are set as follows:
+**
+** Varint 0: Total number of rows in the table.
+**
+** Varint 1..nCol: For each column, the total number of tokens stored in
+** the column for all rows of the table.
+**
+** Varint 1+nCol: The total size, in bytes, of all text values in all
+** columns of all rows of the table.
+**
+*/
+static void fts3UpdateDocTotals(
+ int *pRC, /* The result code */
+ Fts3Table *p, /* Table being updated */
+ u32 *aSzIns, /* Size increases */
+ u32 *aSzDel, /* Size decreases */
+ int nChng /* Change in the number of documents */
+){
+ char *pBlob; /* Storage for BLOB written into %_stat */
+ int nBlob; /* Size of BLOB written into %_stat */
+ u32 *a; /* Array of integers that becomes the BLOB */
+ sqlite3_stmt *pStmt; /* Statement for reading and writing */
+ int i; /* Loop counter */
+ int rc; /* Result code from subfunctions */
+
+ const int nStat = p->nColumn+2;
+
+ if( *pRC ) return;
+ a = sqlite3_malloc( (sizeof(u32)+10)*nStat );
+ if( a==0 ){
+ *pRC = SQLITE_NOMEM;
+ return;
+ }
+ pBlob = (char*)&a[nStat];
+ rc = fts3SqlStmt(p, SQL_SELECT_STAT, &pStmt, 0);
+ if( rc ){
+ sqlite3_free(a);
+ *pRC = rc;
+ return;
+ }
+ sqlite3_bind_int(pStmt, 1, FTS_STAT_DOCTOTAL);
+ if( sqlite3_step(pStmt)==SQLITE_ROW ){
+ fts3DecodeIntArray(nStat, a,
+ sqlite3_column_blob(pStmt, 0),
+ sqlite3_column_bytes(pStmt, 0));
+ }else{
+ memset(a, 0, sizeof(u32)*(nStat) );
+ }
+ rc = sqlite3_reset(pStmt);
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(a);
+ *pRC = rc;
+ return;
+ }
+ if( nChng<0 && a[0]<(u32)(-nChng) ){
+ a[0] = 0;
+ }else{
+ a[0] += nChng;
+ }
+ for(i=0; i<p->nColumn+1; i++){
+ u32 x = a[i+1];
+ if( x+aSzIns[i] < aSzDel[i] ){
+ x = 0;
+ }else{
+ x = x + aSzIns[i] - aSzDel[i];
+ }
+ a[i+1] = x;
+ }
+ fts3EncodeIntArray(nStat, a, pBlob, &nBlob);
+ rc = fts3SqlStmt(p, SQL_REPLACE_STAT, &pStmt, 0);
+ if( rc ){
+ sqlite3_free(a);
+ *pRC = rc;
+ return;
+ }
+ sqlite3_bind_int(pStmt, 1, FTS_STAT_DOCTOTAL);
+ sqlite3_bind_blob(pStmt, 2, pBlob, nBlob, SQLITE_STATIC);
+ sqlite3_step(pStmt);
+ *pRC = sqlite3_reset(pStmt);
+ sqlite3_free(a);
+}
+
+/*
+** Merge the entire database so that there is one segment for each
+** iIndex/iLangid combination.
+*/
+static int fts3DoOptimize(Fts3Table *p, int bReturnDone){
+ int bSeenDone = 0;
+ int rc;
+ sqlite3_stmt *pAllLangid = 0;
+
+ rc = fts3SqlStmt(p, SQL_SELECT_ALL_LANGID, &pAllLangid, 0);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ sqlite3_bind_int(pAllLangid, 1, p->iPrevLangid);
+ sqlite3_bind_int(pAllLangid, 2, p->nIndex);
+ while( sqlite3_step(pAllLangid)==SQLITE_ROW ){
+ int i;
+ int iLangid = sqlite3_column_int(pAllLangid, 0);
+ for(i=0; rc==SQLITE_OK && i<p->nIndex; i++){
+ rc = fts3SegmentMerge(p, iLangid, i, FTS3_SEGCURSOR_ALL);
+ if( rc==SQLITE_DONE ){
+ bSeenDone = 1;
+ rc = SQLITE_OK;
+ }
+ }
+ }
+ rc2 = sqlite3_reset(pAllLangid);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ sqlite3Fts3SegmentsClose(p);
+ sqlite3Fts3PendingTermsClear(p);
+
+ return (rc==SQLITE_OK && bReturnDone && bSeenDone) ? SQLITE_DONE : rc;
+}
+
+/*
+** This function is called when the user executes the following statement:
+**
+** INSERT INTO <tbl>(<tbl>) VALUES('rebuild');
+**
+** The entire FTS index is discarded and rebuilt. If the table is one
+** created using the content=xxx option, then the new index is based on
+** the current contents of the xxx table. Otherwise, it is rebuilt based
+** on the contents of the %_content table.
+*/
+static int fts3DoRebuild(Fts3Table *p){
+ int rc; /* Return Code */
+
+ rc = fts3DeleteAll(p, 0);
+ if( rc==SQLITE_OK ){
+ u32 *aSz = 0;
+ u32 *aSzIns = 0;
+ u32 *aSzDel = 0;
+ sqlite3_stmt *pStmt = 0;
+ int nEntry = 0;
+
+ /* Compose and prepare an SQL statement to loop through the content table */
+ char *zSql = sqlite3_mprintf("SELECT %s" , p->zReadExprlist);
+ if( !zSql ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(p->db, zSql, -1, &pStmt, 0);
+ sqlite3_free(zSql);
+ }
+
+ if( rc==SQLITE_OK ){
+ int nByte = sizeof(u32) * (p->nColumn+1)*3;
+ aSz = (u32 *)sqlite3_malloc(nByte);
+ if( aSz==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(aSz, 0, nByte);
+ aSzIns = &aSz[p->nColumn+1];
+ aSzDel = &aSzIns[p->nColumn+1];
+ }
+ }
+
+ while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pStmt) ){
+ int iCol;
+ int iLangid = langidFromSelect(p, pStmt);
+ rc = fts3PendingTermsDocid(p, 0, iLangid, sqlite3_column_int64(pStmt, 0));
+ memset(aSz, 0, sizeof(aSz[0]) * (p->nColumn+1));
+ for(iCol=0; rc==SQLITE_OK && iCol<p->nColumn; iCol++){
+ if( p->abNotindexed[iCol]==0 ){
+ const char *z = (const char *) sqlite3_column_text(pStmt, iCol+1);
+ rc = fts3PendingTermsAdd(p, iLangid, z, iCol, &aSz[iCol]);
+ aSz[p->nColumn] += sqlite3_column_bytes(pStmt, iCol+1);
+ }
+ }
+ if( p->bHasDocsize ){
+ fts3InsertDocsize(&rc, p, aSz);
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3_finalize(pStmt);
+ pStmt = 0;
+ }else{
+ nEntry++;
+ for(iCol=0; iCol<=p->nColumn; iCol++){
+ aSzIns[iCol] += aSz[iCol];
+ }
+ }
+ }
+ if( p->bFts4 ){
+ fts3UpdateDocTotals(&rc, p, aSzIns, aSzDel, nEntry);
+ }
+ sqlite3_free(aSz);
+
+ if( pStmt ){
+ int rc2 = sqlite3_finalize(pStmt);
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ }
+ }
+
+ return rc;
+}
+
+
+/*
+** This function opens a cursor used to read the input data for an
+** incremental merge operation. Specifically, it opens a cursor to scan
+** the oldest nSeg segments (idx=0 through idx=(nSeg-1)) in absolute
+** level iAbsLevel.
+*/
+static int fts3IncrmergeCsr(
+ Fts3Table *p, /* FTS3 table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level to open */
+ int nSeg, /* Number of segments to merge */
+ Fts3MultiSegReader *pCsr /* Cursor object to populate */
+){
+ int rc; /* Return Code */
+ sqlite3_stmt *pStmt = 0; /* Statement used to read %_segdir entry */
+ int nByte; /* Bytes allocated at pCsr->apSegment[] */
+
+ /* Allocate space for the Fts3MultiSegReader.aCsr[] array */
+ memset(pCsr, 0, sizeof(*pCsr));
+ nByte = sizeof(Fts3SegReader *) * nSeg;
+ pCsr->apSegment = (Fts3SegReader **)sqlite3_malloc(nByte);
+
+ if( pCsr->apSegment==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(pCsr->apSegment, 0, nByte);
+ rc = fts3SqlStmt(p, SQL_SELECT_LEVEL, &pStmt, 0);
+ }
+ if( rc==SQLITE_OK ){
+ int i;
+ int rc2;
+ sqlite3_bind_int64(pStmt, 1, iAbsLevel);
+ assert( pCsr->nSegment==0 );
+ for(i=0; rc==SQLITE_OK && sqlite3_step(pStmt)==SQLITE_ROW && i<nSeg; i++){
+ rc = sqlite3Fts3SegReaderNew(i, 0,
+ sqlite3_column_int64(pStmt, 1), /* segdir.start_block */
+ sqlite3_column_int64(pStmt, 2), /* segdir.leaves_end_block */
+ sqlite3_column_int64(pStmt, 3), /* segdir.end_block */
+ sqlite3_column_blob(pStmt, 4), /* segdir.root */
+ sqlite3_column_bytes(pStmt, 4), /* segdir.root */
+ &pCsr->apSegment[i]
+ );
+ pCsr->nSegment++;
+ }
+ rc2 = sqlite3_reset(pStmt);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ return rc;
+}
+
+typedef struct IncrmergeWriter IncrmergeWriter;
+typedef struct NodeWriter NodeWriter;
+typedef struct Blob Blob;
+typedef struct NodeReader NodeReader;
+
+/*
+** An instance of the following structure is used as a dynamic buffer
+** to build up nodes or other blobs of data in.
+**
+** The function blobGrowBuffer() is used to extend the allocation.
+*/
+struct Blob {
+ char *a; /* Pointer to allocation */
+ int n; /* Number of valid bytes of data in a[] */
+ int nAlloc; /* Allocated size of a[] (nAlloc>=n) */
+};
+
+/*
+** This structure is used to build up buffers containing segment b-tree
+** nodes (blocks).
+*/
+struct NodeWriter {
+ sqlite3_int64 iBlock; /* Current block id */
+ Blob key; /* Last key written to the current block */
+ Blob block; /* Current block image */
+};
+
+/*
+** An object of this type contains the state required to create or append
+** to an appendable b-tree segment.
+*/
+struct IncrmergeWriter {
+ int nLeafEst; /* Space allocated for leaf blocks */
+ int nWork; /* Number of leaf pages flushed */
+ sqlite3_int64 iAbsLevel; /* Absolute level of input segments */
+ int iIdx; /* Index of *output* segment in iAbsLevel+1 */
+ sqlite3_int64 iStart; /* Block number of first allocated block */
+ sqlite3_int64 iEnd; /* Block number of last allocated block */
+ sqlite3_int64 nLeafData; /* Bytes of leaf page data so far */
+ u8 bNoLeafData; /* If true, store 0 for segment size */
+ NodeWriter aNodeWriter[FTS_MAX_APPENDABLE_HEIGHT];
+};
+
+/*
+** An object of the following type is used to read data from a single
+** FTS segment node. See the following functions:
+**
+** nodeReaderInit()
+** nodeReaderNext()
+** nodeReaderRelease()
+*/
+struct NodeReader {
+ const char *aNode;
+ int nNode;
+ int iOff; /* Current offset within aNode[] */
+
+ /* Output variables. Containing the current node entry. */
+ sqlite3_int64 iChild; /* Pointer to child node */
+ Blob term; /* Current term */
+ const char *aDoclist; /* Pointer to doclist */
+ int nDoclist; /* Size of doclist in bytes */
+};
+
+/*
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op.
+** Otherwise, if the allocation at pBlob->a is not already at least nMin
+** bytes in size, extend (realloc) it to be so.
+**
+** If an OOM error occurs, set *pRc to SQLITE_NOMEM and leave pBlob->a
+** unmodified. Otherwise, if the allocation succeeds, update pBlob->nAlloc
+** to reflect the new size of the pBlob->a[] buffer.
+*/
+static void blobGrowBuffer(Blob *pBlob, int nMin, int *pRc){
+ if( *pRc==SQLITE_OK && nMin>pBlob->nAlloc ){
+ int nAlloc = nMin;
+ char *a = (char *)sqlite3_realloc(pBlob->a, nAlloc);
+ if( a ){
+ pBlob->nAlloc = nAlloc;
+ pBlob->a = a;
+ }else{
+ *pRc = SQLITE_NOMEM;
+ }
+ }
+}
+
+/*
+** Attempt to advance the node-reader object passed as the first argument to
+** the next entry on the node.
+**
+** Return an error code if an error occurs (SQLITE_NOMEM is possible).
+** Otherwise return SQLITE_OK. If there is no next entry on the node
+** (e.g. because the current entry is the last) set NodeReader->aNode to
+** NULL to indicate EOF. Otherwise, populate the NodeReader structure output
+** variables for the new entry.
+*/
+static int nodeReaderNext(NodeReader *p){
+ int bFirst = (p->term.n==0); /* True for first term on the node */
+ int nPrefix = 0; /* Bytes to copy from previous term */
+ int nSuffix = 0; /* Bytes to append to the prefix */
+ int rc = SQLITE_OK; /* Return code */
+
+ assert( p->aNode );
+ if( p->iChild && bFirst==0 ) p->iChild++;
+ if( p->iOff>=p->nNode ){
+ /* EOF */
+ p->aNode = 0;
+ }else{
+ if( bFirst==0 ){
+ p->iOff += fts3GetVarint32(&p->aNode[p->iOff], &nPrefix);
+ }
+ p->iOff += fts3GetVarint32(&p->aNode[p->iOff], &nSuffix);
+
+ blobGrowBuffer(&p->term, nPrefix+nSuffix, &rc);
+ if( rc==SQLITE_OK ){
+ memcpy(&p->term.a[nPrefix], &p->aNode[p->iOff], nSuffix);
+ p->term.n = nPrefix+nSuffix;
+ p->iOff += nSuffix;
+ if( p->iChild==0 ){
+ p->iOff += fts3GetVarint32(&p->aNode[p->iOff], &p->nDoclist);
+ p->aDoclist = &p->aNode[p->iOff];
+ p->iOff += p->nDoclist;
+ }
+ }
+ }
+
+ assert( p->iOff<=p->nNode );
+
+ return rc;
+}
+
+/*
+** Release all dynamic resources held by node-reader object *p.
+*/
+static void nodeReaderRelease(NodeReader *p){
+ sqlite3_free(p->term.a);
+}
+
+/*
+** Initialize a node-reader object to read the node in buffer aNode/nNode.
+**
+** If successful, SQLITE_OK is returned and the NodeReader object set to
+** point to the first entry on the node (if any). Otherwise, an SQLite
+** error code is returned.
+*/
+static int nodeReaderInit(NodeReader *p, const char *aNode, int nNode){
+ memset(p, 0, sizeof(NodeReader));
+ p->aNode = aNode;
+ p->nNode = nNode;
+
+ /* Figure out if this is a leaf or an internal node. */
+ if( p->aNode[0] ){
+ /* An internal node. */
+ p->iOff = 1 + sqlite3Fts3GetVarint(&p->aNode[1], &p->iChild);
+ }else{
+ p->iOff = 1;
+ }
+
+ return nodeReaderNext(p);
+}
+
+/*
+** This function is called while writing an FTS segment each time a leaf o
+** node is finished and written to disk. The key (zTerm/nTerm) is guaranteed
+** to be greater than the largest key on the node just written, but smaller
+** than or equal to the first key that will be written to the next leaf
+** node.
+**
+** The block id of the leaf node just written to disk may be found in
+** (pWriter->aNodeWriter[0].iBlock) when this function is called.
+*/
+static int fts3IncrmergePush(
+ Fts3Table *p, /* Fts3 table handle */
+ IncrmergeWriter *pWriter, /* Writer object */
+ const char *zTerm, /* Term to write to internal node */
+ int nTerm /* Bytes at zTerm */
+){
+ sqlite3_int64 iPtr = pWriter->aNodeWriter[0].iBlock;
+ int iLayer;
+
+ assert( nTerm>0 );
+ for(iLayer=1; ALWAYS(iLayer<FTS_MAX_APPENDABLE_HEIGHT); iLayer++){
+ sqlite3_int64 iNextPtr = 0;
+ NodeWriter *pNode = &pWriter->aNodeWriter[iLayer];
+ int rc = SQLITE_OK;
+ int nPrefix;
+ int nSuffix;
+ int nSpace;
+
+ /* Figure out how much space the key will consume if it is written to
+ ** the current node of layer iLayer. Due to the prefix compression,
+ ** the space required changes depending on which node the key is to
+ ** be added to. */
+ nPrefix = fts3PrefixCompress(pNode->key.a, pNode->key.n, zTerm, nTerm);
+ nSuffix = nTerm - nPrefix;
+ nSpace = sqlite3Fts3VarintLen(nPrefix);
+ nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix;
+
+ if( pNode->key.n==0 || (pNode->block.n + nSpace)<=p->nNodeSize ){
+ /* If the current node of layer iLayer contains zero keys, or if adding
+ ** the key to it will not cause it to grow to larger than nNodeSize
+ ** bytes in size, write the key here. */
+
+ Blob *pBlk = &pNode->block;
+ if( pBlk->n==0 ){
+ blobGrowBuffer(pBlk, p->nNodeSize, &rc);
+ if( rc==SQLITE_OK ){
+ pBlk->a[0] = (char)iLayer;
+ pBlk->n = 1 + sqlite3Fts3PutVarint(&pBlk->a[1], iPtr);
+ }
+ }
+ blobGrowBuffer(pBlk, pBlk->n + nSpace, &rc);
+ blobGrowBuffer(&pNode->key, nTerm, &rc);
+
+ if( rc==SQLITE_OK ){
+ if( pNode->key.n ){
+ pBlk->n += sqlite3Fts3PutVarint(&pBlk->a[pBlk->n], nPrefix);
+ }
+ pBlk->n += sqlite3Fts3PutVarint(&pBlk->a[pBlk->n], nSuffix);
+ memcpy(&pBlk->a[pBlk->n], &zTerm[nPrefix], nSuffix);
+ pBlk->n += nSuffix;
+
+ memcpy(pNode->key.a, zTerm, nTerm);
+ pNode->key.n = nTerm;
+ }
+ }else{
+ /* Otherwise, flush the current node of layer iLayer to disk.
+ ** Then allocate a new, empty sibling node. The key will be written
+ ** into the parent of this node. */
+ rc = fts3WriteSegment(p, pNode->iBlock, pNode->block.a, pNode->block.n);
+
+ assert( pNode->block.nAlloc>=p->nNodeSize );
+ pNode->block.a[0] = (char)iLayer;
+ pNode->block.n = 1 + sqlite3Fts3PutVarint(&pNode->block.a[1], iPtr+1);
+
+ iNextPtr = pNode->iBlock;
+ pNode->iBlock++;
+ pNode->key.n = 0;
+ }
+
+ if( rc!=SQLITE_OK || iNextPtr==0 ) return rc;
+ iPtr = iNextPtr;
+ }
+
+ assert( 0 );
+ return 0;
+}
+
+/*
+** Append a term and (optionally) doclist to the FTS segment node currently
+** stored in blob *pNode. The node need not contain any terms, but the
+** header must be written before this function is called.
+**
+** A node header is a single 0x00 byte for a leaf node, or a height varint
+** followed by the left-hand-child varint for an internal node.
+**
+** The term to be appended is passed via arguments zTerm/nTerm. For a
+** leaf node, the doclist is passed as aDoclist/nDoclist. For an internal
+** node, both aDoclist and nDoclist must be passed 0.
+**
+** If the size of the value in blob pPrev is zero, then this is the first
+** term written to the node. Otherwise, pPrev contains a copy of the
+** previous term. Before this function returns, it is updated to contain a
+** copy of zTerm/nTerm.
+**
+** It is assumed that the buffer associated with pNode is already large
+** enough to accommodate the new entry. The buffer associated with pPrev
+** is extended by this function if requrired.
+**
+** If an error (i.e. OOM condition) occurs, an SQLite error code is
+** returned. Otherwise, SQLITE_OK.
+*/
+static int fts3AppendToNode(
+ Blob *pNode, /* Current node image to append to */
+ Blob *pPrev, /* Buffer containing previous term written */
+ const char *zTerm, /* New term to write */
+ int nTerm, /* Size of zTerm in bytes */
+ const char *aDoclist, /* Doclist (or NULL) to write */
+ int nDoclist /* Size of aDoclist in bytes */
+){
+ int rc = SQLITE_OK; /* Return code */
+ int bFirst = (pPrev->n==0); /* True if this is the first term written */
+ int nPrefix; /* Size of term prefix in bytes */
+ int nSuffix; /* Size of term suffix in bytes */
+
+ /* Node must have already been started. There must be a doclist for a
+ ** leaf node, and there must not be a doclist for an internal node. */
+ assert( pNode->n>0 );
+ assert( (pNode->a[0]=='\0')==(aDoclist!=0) );
+
+ blobGrowBuffer(pPrev, nTerm, &rc);
+ if( rc!=SQLITE_OK ) return rc;
+
+ nPrefix = fts3PrefixCompress(pPrev->a, pPrev->n, zTerm, nTerm);
+ nSuffix = nTerm - nPrefix;
+ memcpy(pPrev->a, zTerm, nTerm);
+ pPrev->n = nTerm;
+
+ if( bFirst==0 ){
+ pNode->n += sqlite3Fts3PutVarint(&pNode->a[pNode->n], nPrefix);
+ }
+ pNode->n += sqlite3Fts3PutVarint(&pNode->a[pNode->n], nSuffix);
+ memcpy(&pNode->a[pNode->n], &zTerm[nPrefix], nSuffix);
+ pNode->n += nSuffix;
+
+ if( aDoclist ){
+ pNode->n += sqlite3Fts3PutVarint(&pNode->a[pNode->n], nDoclist);
+ memcpy(&pNode->a[pNode->n], aDoclist, nDoclist);
+ pNode->n += nDoclist;
+ }
+
+ assert( pNode->n<=pNode->nAlloc );
+
+ return SQLITE_OK;
+}
+
+/*
+** Append the current term and doclist pointed to by cursor pCsr to the
+** appendable b-tree segment opened for writing by pWriter.
+**
+** Return SQLITE_OK if successful, or an SQLite error code otherwise.
+*/
+static int fts3IncrmergeAppend(
+ Fts3Table *p, /* Fts3 table handle */
+ IncrmergeWriter *pWriter, /* Writer object */
+ Fts3MultiSegReader *pCsr /* Cursor containing term and doclist */
+){
+ const char *zTerm = pCsr->zTerm;
+ int nTerm = pCsr->nTerm;
+ const char *aDoclist = pCsr->aDoclist;
+ int nDoclist = pCsr->nDoclist;
+ int rc = SQLITE_OK; /* Return code */
+ int nSpace; /* Total space in bytes required on leaf */
+ int nPrefix; /* Size of prefix shared with previous term */
+ int nSuffix; /* Size of suffix (nTerm - nPrefix) */
+ NodeWriter *pLeaf; /* Object used to write leaf nodes */
+
+ pLeaf = &pWriter->aNodeWriter[0];
+ nPrefix = fts3PrefixCompress(pLeaf->key.a, pLeaf->key.n, zTerm, nTerm);
+ nSuffix = nTerm - nPrefix;
+
+ nSpace = sqlite3Fts3VarintLen(nPrefix);
+ nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix;
+ nSpace += sqlite3Fts3VarintLen(nDoclist) + nDoclist;
+
+ /* If the current block is not empty, and if adding this term/doclist
+ ** to the current block would make it larger than Fts3Table.nNodeSize
+ ** bytes, write this block out to the database. */
+ if( pLeaf->block.n>0 && (pLeaf->block.n + nSpace)>p->nNodeSize ){
+ rc = fts3WriteSegment(p, pLeaf->iBlock, pLeaf->block.a, pLeaf->block.n);
+ pWriter->nWork++;
+
+ /* Add the current term to the parent node. The term added to the
+ ** parent must:
+ **
+ ** a) be greater than the largest term on the leaf node just written
+ ** to the database (still available in pLeaf->key), and
+ **
+ ** b) be less than or equal to the term about to be added to the new
+ ** leaf node (zTerm/nTerm).
+ **
+ ** In other words, it must be the prefix of zTerm 1 byte longer than
+ ** the common prefix (if any) of zTerm and pWriter->zTerm.
+ */
+ if( rc==SQLITE_OK ){
+ rc = fts3IncrmergePush(p, pWriter, zTerm, nPrefix+1);
+ }
+
+ /* Advance to the next output block */
+ pLeaf->iBlock++;
+ pLeaf->key.n = 0;
+ pLeaf->block.n = 0;
+
+ nSuffix = nTerm;
+ nSpace = 1;
+ nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix;
+ nSpace += sqlite3Fts3VarintLen(nDoclist) + nDoclist;
+ }
+
+ pWriter->nLeafData += nSpace;
+ blobGrowBuffer(&pLeaf->block, pLeaf->block.n + nSpace, &rc);
+ if( rc==SQLITE_OK ){
+ if( pLeaf->block.n==0 ){
+ pLeaf->block.n = 1;
+ pLeaf->block.a[0] = '\0';
+ }
+ rc = fts3AppendToNode(
+ &pLeaf->block, &pLeaf->key, zTerm, nTerm, aDoclist, nDoclist
+ );
+ }
+
+ return rc;
+}
+
+/*
+** This function is called to release all dynamic resources held by the
+** merge-writer object pWriter, and if no error has occurred, to flush
+** all outstanding node buffers held by pWriter to disk.
+**
+** If *pRc is not SQLITE_OK when this function is called, then no attempt
+** is made to write any data to disk. Instead, this function serves only
+** to release outstanding resources.
+**
+** Otherwise, if *pRc is initially SQLITE_OK and an error occurs while
+** flushing buffers to disk, *pRc is set to an SQLite error code before
+** returning.
+*/
+static void fts3IncrmergeRelease(
+ Fts3Table *p, /* FTS3 table handle */
+ IncrmergeWriter *pWriter, /* Merge-writer object */
+ int *pRc /* IN/OUT: Error code */
+){
+ int i; /* Used to iterate through non-root layers */
+ int iRoot; /* Index of root in pWriter->aNodeWriter */
+ NodeWriter *pRoot; /* NodeWriter for root node */
+ int rc = *pRc; /* Error code */
+
+ /* Set iRoot to the index in pWriter->aNodeWriter[] of the output segment
+ ** root node. If the segment fits entirely on a single leaf node, iRoot
+ ** will be set to 0. If the root node is the parent of the leaves, iRoot
+ ** will be 1. And so on. */
+ for(iRoot=FTS_MAX_APPENDABLE_HEIGHT-1; iRoot>=0; iRoot--){
+ NodeWriter *pNode = &pWriter->aNodeWriter[iRoot];
+ if( pNode->block.n>0 ) break;
+ assert( *pRc || pNode->block.nAlloc==0 );
+ assert( *pRc || pNode->key.nAlloc==0 );
+ sqlite3_free(pNode->block.a);
+ sqlite3_free(pNode->key.a);
+ }
+
+ /* Empty output segment. This is a no-op. */
+ if( iRoot<0 ) return;
+
+ /* The entire output segment fits on a single node. Normally, this means
+ ** the node would be stored as a blob in the "root" column of the %_segdir
+ ** table. However, this is not permitted in this case. The problem is that
+ ** space has already been reserved in the %_segments table, and so the
+ ** start_block and end_block fields of the %_segdir table must be populated.
+ ** And, by design or by accident, released versions of FTS cannot handle
+ ** segments that fit entirely on the root node with start_block!=0.
+ **
+ ** Instead, create a synthetic root node that contains nothing but a
+ ** pointer to the single content node. So that the segment consists of a
+ ** single leaf and a single interior (root) node.
+ **
+ ** Todo: Better might be to defer allocating space in the %_segments
+ ** table until we are sure it is needed.
+ */
+ if( iRoot==0 ){
+ Blob *pBlock = &pWriter->aNodeWriter[1].block;
+ blobGrowBuffer(pBlock, 1 + FTS3_VARINT_MAX, &rc);
+ if( rc==SQLITE_OK ){
+ pBlock->a[0] = 0x01;
+ pBlock->n = 1 + sqlite3Fts3PutVarint(
+ &pBlock->a[1], pWriter->aNodeWriter[0].iBlock
+ );
+ }
+ iRoot = 1;
+ }
+ pRoot = &pWriter->aNodeWriter[iRoot];
+
+ /* Flush all currently outstanding nodes to disk. */
+ for(i=0; i<iRoot; i++){
+ NodeWriter *pNode = &pWriter->aNodeWriter[i];
+ if( pNode->block.n>0 && rc==SQLITE_OK ){
+ rc = fts3WriteSegment(p, pNode->iBlock, pNode->block.a, pNode->block.n);
+ }
+ sqlite3_free(pNode->block.a);
+ sqlite3_free(pNode->key.a);
+ }
+
+ /* Write the %_segdir record. */
+ if( rc==SQLITE_OK ){
+ rc = fts3WriteSegdir(p,
+ pWriter->iAbsLevel+1, /* level */
+ pWriter->iIdx, /* idx */
+ pWriter->iStart, /* start_block */
+ pWriter->aNodeWriter[0].iBlock, /* leaves_end_block */
+ pWriter->iEnd, /* end_block */
+ (pWriter->bNoLeafData==0 ? pWriter->nLeafData : 0), /* end_block */
+ pRoot->block.a, pRoot->block.n /* root */
+ );
+ }
+ sqlite3_free(pRoot->block.a);
+ sqlite3_free(pRoot->key.a);
+
+ *pRc = rc;
+}
+
+/*
+** Compare the term in buffer zLhs (size in bytes nLhs) with that in
+** zRhs (size in bytes nRhs) using memcmp. If one term is a prefix of
+** the other, it is considered to be smaller than the other.
+**
+** Return -ve if zLhs is smaller than zRhs, 0 if it is equal, or +ve
+** if it is greater.
+*/
+static int fts3TermCmp(
+ const char *zLhs, int nLhs, /* LHS of comparison */
+ const char *zRhs, int nRhs /* RHS of comparison */
+){
+ int nCmp = MIN(nLhs, nRhs);
+ int res;
+
+ res = memcmp(zLhs, zRhs, nCmp);
+ if( res==0 ) res = nLhs - nRhs;
+
+ return res;
+}
+
+
+/*
+** Query to see if the entry in the %_segments table with blockid iEnd is
+** NULL. If no error occurs and the entry is NULL, set *pbRes 1 before
+** returning. Otherwise, set *pbRes to 0.
+**
+** Or, if an error occurs while querying the database, return an SQLite
+** error code. The final value of *pbRes is undefined in this case.
+**
+** This is used to test if a segment is an "appendable" segment. If it
+** is, then a NULL entry has been inserted into the %_segments table
+** with blockid %_segdir.end_block.
+*/
+static int fts3IsAppendable(Fts3Table *p, sqlite3_int64 iEnd, int *pbRes){
+ int bRes = 0; /* Result to set *pbRes to */
+ sqlite3_stmt *pCheck = 0; /* Statement to query database with */
+ int rc; /* Return code */
+
+ rc = fts3SqlStmt(p, SQL_SEGMENT_IS_APPENDABLE, &pCheck, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pCheck, 1, iEnd);
+ if( SQLITE_ROW==sqlite3_step(pCheck) ) bRes = 1;
+ rc = sqlite3_reset(pCheck);
+ }
+
+ *pbRes = bRes;
+ return rc;
+}
+
+/*
+** This function is called when initializing an incremental-merge operation.
+** It checks if the existing segment with index value iIdx at absolute level
+** (iAbsLevel+1) can be appended to by the incremental merge. If it can, the
+** merge-writer object *pWriter is initialized to write to it.
+**
+** An existing segment can be appended to by an incremental merge if:
+**
+** * It was initially created as an appendable segment (with all required
+** space pre-allocated), and
+**
+** * The first key read from the input (arguments zKey and nKey) is
+** greater than the largest key currently stored in the potential
+** output segment.
+*/
+static int fts3IncrmergeLoad(
+ Fts3Table *p, /* Fts3 table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level of input segments */
+ int iIdx, /* Index of candidate output segment */
+ const char *zKey, /* First key to write */
+ int nKey, /* Number of bytes in nKey */
+ IncrmergeWriter *pWriter /* Populate this object */
+){
+ int rc; /* Return code */
+ sqlite3_stmt *pSelect = 0; /* SELECT to read %_segdir entry */
+
+ rc = fts3SqlStmt(p, SQL_SELECT_SEGDIR, &pSelect, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_int64 iStart = 0; /* Value of %_segdir.start_block */
+ sqlite3_int64 iLeafEnd = 0; /* Value of %_segdir.leaves_end_block */
+ sqlite3_int64 iEnd = 0; /* Value of %_segdir.end_block */
+ const char *aRoot = 0; /* Pointer to %_segdir.root buffer */
+ int nRoot = 0; /* Size of aRoot[] in bytes */
+ int rc2; /* Return code from sqlite3_reset() */
+ int bAppendable = 0; /* Set to true if segment is appendable */
+
+ /* Read the %_segdir entry for index iIdx absolute level (iAbsLevel+1) */
+ sqlite3_bind_int64(pSelect, 1, iAbsLevel+1);
+ sqlite3_bind_int(pSelect, 2, iIdx);
+ if( sqlite3_step(pSelect)==SQLITE_ROW ){
+ iStart = sqlite3_column_int64(pSelect, 1);
+ iLeafEnd = sqlite3_column_int64(pSelect, 2);
+ fts3ReadEndBlockField(pSelect, 3, &iEnd, &pWriter->nLeafData);
+ if( pWriter->nLeafData<0 ){
+ pWriter->nLeafData = pWriter->nLeafData * -1;
+ }
+ pWriter->bNoLeafData = (pWriter->nLeafData==0);
+ nRoot = sqlite3_column_bytes(pSelect, 4);
+ aRoot = sqlite3_column_blob(pSelect, 4);
+ }else{
+ return sqlite3_reset(pSelect);
+ }
+
+ /* Check for the zero-length marker in the %_segments table */
+ rc = fts3IsAppendable(p, iEnd, &bAppendable);
+
+ /* Check that zKey/nKey is larger than the largest key the candidate */
+ if( rc==SQLITE_OK && bAppendable ){
+ char *aLeaf = 0;
+ int nLeaf = 0;
+
+ rc = sqlite3Fts3ReadBlock(p, iLeafEnd, &aLeaf, &nLeaf, 0);
+ if( rc==SQLITE_OK ){
+ NodeReader reader;
+ for(rc = nodeReaderInit(&reader, aLeaf, nLeaf);
+ rc==SQLITE_OK && reader.aNode;
+ rc = nodeReaderNext(&reader)
+ ){
+ assert( reader.aNode );
+ }
+ if( fts3TermCmp(zKey, nKey, reader.term.a, reader.term.n)<=0 ){
+ bAppendable = 0;
+ }
+ nodeReaderRelease(&reader);
+ }
+ sqlite3_free(aLeaf);
+ }
+
+ if( rc==SQLITE_OK && bAppendable ){
+ /* It is possible to append to this segment. Set up the IncrmergeWriter
+ ** object to do so. */
+ int i;
+ int nHeight = (int)aRoot[0];
+ NodeWriter *pNode;
+
+ pWriter->nLeafEst = (int)((iEnd - iStart) + 1)/FTS_MAX_APPENDABLE_HEIGHT;
+ pWriter->iStart = iStart;
+ pWriter->iEnd = iEnd;
+ pWriter->iAbsLevel = iAbsLevel;
+ pWriter->iIdx = iIdx;
+
+ for(i=nHeight+1; i<FTS_MAX_APPENDABLE_HEIGHT; i++){
+ pWriter->aNodeWriter[i].iBlock = pWriter->iStart + i*pWriter->nLeafEst;
+ }
+
+ pNode = &pWriter->aNodeWriter[nHeight];
+ pNode->iBlock = pWriter->iStart + pWriter->nLeafEst*nHeight;
+ blobGrowBuffer(&pNode->block, MAX(nRoot, p->nNodeSize), &rc);
+ if( rc==SQLITE_OK ){
+ memcpy(pNode->block.a, aRoot, nRoot);
+ pNode->block.n = nRoot;
+ }
+
+ for(i=nHeight; i>=0 && rc==SQLITE_OK; i--){
+ NodeReader reader;
+ pNode = &pWriter->aNodeWriter[i];
+
+ rc = nodeReaderInit(&reader, pNode->block.a, pNode->block.n);
+ while( reader.aNode && rc==SQLITE_OK ) rc = nodeReaderNext(&reader);
+ blobGrowBuffer(&pNode->key, reader.term.n, &rc);
+ if( rc==SQLITE_OK ){
+ memcpy(pNode->key.a, reader.term.a, reader.term.n);
+ pNode->key.n = reader.term.n;
+ if( i>0 ){
+ char *aBlock = 0;
+ int nBlock = 0;
+ pNode = &pWriter->aNodeWriter[i-1];
+ pNode->iBlock = reader.iChild;
+ rc = sqlite3Fts3ReadBlock(p, reader.iChild, &aBlock, &nBlock, 0);
+ blobGrowBuffer(&pNode->block, MAX(nBlock, p->nNodeSize), &rc);
+ if( rc==SQLITE_OK ){
+ memcpy(pNode->block.a, aBlock, nBlock);
+ pNode->block.n = nBlock;
+ }
+ sqlite3_free(aBlock);
+ }
+ }
+ nodeReaderRelease(&reader);
+ }
+ }
+
+ rc2 = sqlite3_reset(pSelect);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ return rc;
+}
+
+/*
+** Determine the largest segment index value that exists within absolute
+** level iAbsLevel+1. If no error occurs, set *piIdx to this value plus
+** one before returning SQLITE_OK. Or, if there are no segments at all
+** within level iAbsLevel, set *piIdx to zero.
+**
+** If an error occurs, return an SQLite error code. The final value of
+** *piIdx is undefined in this case.
+*/
+static int fts3IncrmergeOutputIdx(
+ Fts3Table *p, /* FTS Table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute index of input segments */
+ int *piIdx /* OUT: Next free index at iAbsLevel+1 */
+){
+ int rc;
+ sqlite3_stmt *pOutputIdx = 0; /* SQL used to find output index */
+
+ rc = fts3SqlStmt(p, SQL_NEXT_SEGMENT_INDEX, &pOutputIdx, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pOutputIdx, 1, iAbsLevel+1);
+ sqlite3_step(pOutputIdx);
+ *piIdx = sqlite3_column_int(pOutputIdx, 0);
+ rc = sqlite3_reset(pOutputIdx);
+ }
+
+ return rc;
+}
+
+/*
+** Allocate an appendable output segment on absolute level iAbsLevel+1
+** with idx value iIdx.
+**
+** In the %_segdir table, a segment is defined by the values in three
+** columns:
+**
+** start_block
+** leaves_end_block
+** end_block
+**
+** When an appendable segment is allocated, it is estimated that the
+** maximum number of leaf blocks that may be required is the sum of the
+** number of leaf blocks consumed by the input segments, plus the number
+** of input segments, multiplied by two. This value is stored in stack
+** variable nLeafEst.
+**
+** A total of 16*nLeafEst blocks are allocated when an appendable segment
+** is created ((1 + end_block - start_block)==16*nLeafEst). The contiguous
+** array of leaf nodes starts at the first block allocated. The array
+** of interior nodes that are parents of the leaf nodes start at block
+** (start_block + (1 + end_block - start_block) / 16). And so on.
+**
+** In the actual code below, the value "16" is replaced with the
+** pre-processor macro FTS_MAX_APPENDABLE_HEIGHT.
+*/
+static int fts3IncrmergeWriter(
+ Fts3Table *p, /* Fts3 table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level of input segments */
+ int iIdx, /* Index of new output segment */
+ Fts3MultiSegReader *pCsr, /* Cursor that data will be read from */
+ IncrmergeWriter *pWriter /* Populate this object */
+){
+ int rc; /* Return Code */
+ int i; /* Iterator variable */
+ int nLeafEst = 0; /* Blocks allocated for leaf nodes */
+ sqlite3_stmt *pLeafEst = 0; /* SQL used to determine nLeafEst */
+ sqlite3_stmt *pFirstBlock = 0; /* SQL used to determine first block */
+
+ /* Calculate nLeafEst. */
+ rc = fts3SqlStmt(p, SQL_MAX_LEAF_NODE_ESTIMATE, &pLeafEst, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pLeafEst, 1, iAbsLevel);
+ sqlite3_bind_int64(pLeafEst, 2, pCsr->nSegment);
+ if( SQLITE_ROW==sqlite3_step(pLeafEst) ){
+ nLeafEst = sqlite3_column_int(pLeafEst, 0);
+ }
+ rc = sqlite3_reset(pLeafEst);
+ }
+ if( rc!=SQLITE_OK ) return rc;
+
+ /* Calculate the first block to use in the output segment */
+ rc = fts3SqlStmt(p, SQL_NEXT_SEGMENTS_ID, &pFirstBlock, 0);
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pFirstBlock) ){
+ pWriter->iStart = sqlite3_column_int64(pFirstBlock, 0);
+ pWriter->iEnd = pWriter->iStart - 1;
+ pWriter->iEnd += nLeafEst * FTS_MAX_APPENDABLE_HEIGHT;
+ }
+ rc = sqlite3_reset(pFirstBlock);
+ }
+ if( rc!=SQLITE_OK ) return rc;
+
+ /* Insert the marker in the %_segments table to make sure nobody tries
+ ** to steal the space just allocated. This is also used to identify
+ ** appendable segments. */
+ rc = fts3WriteSegment(p, pWriter->iEnd, 0, 0);
+ if( rc!=SQLITE_OK ) return rc;
+
+ pWriter->iAbsLevel = iAbsLevel;
+ pWriter->nLeafEst = nLeafEst;
+ pWriter->iIdx = iIdx;
+
+ /* Set up the array of NodeWriter objects */
+ for(i=0; i<FTS_MAX_APPENDABLE_HEIGHT; i++){
+ pWriter->aNodeWriter[i].iBlock = pWriter->iStart + i*pWriter->nLeafEst;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Remove an entry from the %_segdir table. This involves running the
+** following two statements:
+**
+** DELETE FROM %_segdir WHERE level = :iAbsLevel AND idx = :iIdx
+** UPDATE %_segdir SET idx = idx - 1 WHERE level = :iAbsLevel AND idx > :iIdx
+**
+** The DELETE statement removes the specific %_segdir level. The UPDATE
+** statement ensures that the remaining segments have contiguously allocated
+** idx values.
+*/
+static int fts3RemoveSegdirEntry(
+ Fts3Table *p, /* FTS3 table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level to delete from */
+ int iIdx /* Index of %_segdir entry to delete */
+){
+ int rc; /* Return code */
+ sqlite3_stmt *pDelete = 0; /* DELETE statement */
+
+ rc = fts3SqlStmt(p, SQL_DELETE_SEGDIR_ENTRY, &pDelete, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDelete, 1, iAbsLevel);
+ sqlite3_bind_int(pDelete, 2, iIdx);
+ sqlite3_step(pDelete);
+ rc = sqlite3_reset(pDelete);
+ }
+
+ return rc;
+}
+
+/*
+** One or more segments have just been removed from absolute level iAbsLevel.
+** Update the 'idx' values of the remaining segments in the level so that
+** the idx values are a contiguous sequence starting from 0.
+*/
+static int fts3RepackSegdirLevel(
+ Fts3Table *p, /* FTS3 table handle */
+ sqlite3_int64 iAbsLevel /* Absolute level to repack */
+){
+ int rc; /* Return code */
+ int *aIdx = 0; /* Array of remaining idx values */
+ int nIdx = 0; /* Valid entries in aIdx[] */
+ int nAlloc = 0; /* Allocated size of aIdx[] */
+ int i; /* Iterator variable */
+ sqlite3_stmt *pSelect = 0; /* Select statement to read idx values */
+ sqlite3_stmt *pUpdate = 0; /* Update statement to modify idx values */
+
+ rc = fts3SqlStmt(p, SQL_SELECT_INDEXES, &pSelect, 0);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ sqlite3_bind_int64(pSelect, 1, iAbsLevel);
+ while( SQLITE_ROW==sqlite3_step(pSelect) ){
+ if( nIdx>=nAlloc ){
+ int *aNew;
+ nAlloc += 16;
+ aNew = sqlite3_realloc(aIdx, nAlloc*sizeof(int));
+ if( !aNew ){
+ rc = SQLITE_NOMEM;
+ break;
+ }
+ aIdx = aNew;
+ }
+ aIdx[nIdx++] = sqlite3_column_int(pSelect, 0);
+ }
+ rc2 = sqlite3_reset(pSelect);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = fts3SqlStmt(p, SQL_SHIFT_SEGDIR_ENTRY, &pUpdate, 0);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pUpdate, 2, iAbsLevel);
+ }
+
+ assert( p->bIgnoreSavepoint==0 );
+ p->bIgnoreSavepoint = 1;
+ for(i=0; rc==SQLITE_OK && i<nIdx; i++){
+ if( aIdx[i]!=i ){
+ sqlite3_bind_int(pUpdate, 3, aIdx[i]);
+ sqlite3_bind_int(pUpdate, 1, i);
+ sqlite3_step(pUpdate);
+ rc = sqlite3_reset(pUpdate);
+ }
+ }
+ p->bIgnoreSavepoint = 0;
+
+ sqlite3_free(aIdx);
+ return rc;
+}
+
+static void fts3StartNode(Blob *pNode, int iHeight, sqlite3_int64 iChild){
+ pNode->a[0] = (char)iHeight;
+ if( iChild ){
+ assert( pNode->nAlloc>=1+sqlite3Fts3VarintLen(iChild) );
+ pNode->n = 1 + sqlite3Fts3PutVarint(&pNode->a[1], iChild);
+ }else{
+ assert( pNode->nAlloc>=1 );
+ pNode->n = 1;
+ }
+}
+
+/*
+** The first two arguments are a pointer to and the size of a segment b-tree
+** node. The node may be a leaf or an internal node.
+**
+** This function creates a new node image in blob object *pNew by copying
+** all terms that are greater than or equal to zTerm/nTerm (for leaf nodes)
+** or greater than zTerm/nTerm (for internal nodes) from aNode/nNode.
+*/
+static int fts3TruncateNode(
+ const char *aNode, /* Current node image */
+ int nNode, /* Size of aNode in bytes */
+ Blob *pNew, /* OUT: Write new node image here */
+ const char *zTerm, /* Omit all terms smaller than this */
+ int nTerm, /* Size of zTerm in bytes */
+ sqlite3_int64 *piBlock /* OUT: Block number in next layer down */
+){
+ NodeReader reader; /* Reader object */
+ Blob prev = {0, 0, 0}; /* Previous term written to new node */
+ int rc = SQLITE_OK; /* Return code */
+ int bLeaf = aNode[0]=='\0'; /* True for a leaf node */
+
+ /* Allocate required output space */
+ blobGrowBuffer(pNew, nNode, &rc);
+ if( rc!=SQLITE_OK ) return rc;
+ pNew->n = 0;
+
+ /* Populate new node buffer */
+ for(rc = nodeReaderInit(&reader, aNode, nNode);
+ rc==SQLITE_OK && reader.aNode;
+ rc = nodeReaderNext(&reader)
+ ){
+ if( pNew->n==0 ){
+ int res = fts3TermCmp(reader.term.a, reader.term.n, zTerm, nTerm);
+ if( res<0 || (bLeaf==0 && res==0) ) continue;
+ fts3StartNode(pNew, (int)aNode[0], reader.iChild);
+ *piBlock = reader.iChild;
+ }
+ rc = fts3AppendToNode(
+ pNew, &prev, reader.term.a, reader.term.n,
+ reader.aDoclist, reader.nDoclist
+ );
+ if( rc!=SQLITE_OK ) break;
+ }
+ if( pNew->n==0 ){
+ fts3StartNode(pNew, (int)aNode[0], reader.iChild);
+ *piBlock = reader.iChild;
+ }
+ assert( pNew->n<=pNew->nAlloc );
+
+ nodeReaderRelease(&reader);
+ sqlite3_free(prev.a);
+ return rc;
+}
+
+/*
+** Remove all terms smaller than zTerm/nTerm from segment iIdx in absolute
+** level iAbsLevel. This may involve deleting entries from the %_segments
+** table, and modifying existing entries in both the %_segments and %_segdir
+** tables.
+**
+** SQLITE_OK is returned if the segment is updated successfully. Or an
+** SQLite error code otherwise.
+*/
+static int fts3TruncateSegment(
+ Fts3Table *p, /* FTS3 table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level of segment to modify */
+ int iIdx, /* Index within level of segment to modify */
+ const char *zTerm, /* Remove terms smaller than this */
+ int nTerm /* Number of bytes in buffer zTerm */
+){
+ int rc = SQLITE_OK; /* Return code */
+ Blob root = {0,0,0}; /* New root page image */
+ Blob block = {0,0,0}; /* Buffer used for any other block */
+ sqlite3_int64 iBlock = 0; /* Block id */
+ sqlite3_int64 iNewStart = 0; /* New value for iStartBlock */
+ sqlite3_int64 iOldStart = 0; /* Old value for iStartBlock */
+ sqlite3_stmt *pFetch = 0; /* Statement used to fetch segdir */
+
+ rc = fts3SqlStmt(p, SQL_SELECT_SEGDIR, &pFetch, 0);
+ if( rc==SQLITE_OK ){
+ int rc2; /* sqlite3_reset() return code */
+ sqlite3_bind_int64(pFetch, 1, iAbsLevel);
+ sqlite3_bind_int(pFetch, 2, iIdx);
+ if( SQLITE_ROW==sqlite3_step(pFetch) ){
+ const char *aRoot = sqlite3_column_blob(pFetch, 4);
+ int nRoot = sqlite3_column_bytes(pFetch, 4);
+ iOldStart = sqlite3_column_int64(pFetch, 1);
+ rc = fts3TruncateNode(aRoot, nRoot, &root, zTerm, nTerm, &iBlock);
+ }
+ rc2 = sqlite3_reset(pFetch);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ while( rc==SQLITE_OK && iBlock ){
+ char *aBlock = 0;
+ int nBlock = 0;
+ iNewStart = iBlock;
+
+ rc = sqlite3Fts3ReadBlock(p, iBlock, &aBlock, &nBlock, 0);
+ if( rc==SQLITE_OK ){
+ rc = fts3TruncateNode(aBlock, nBlock, &block, zTerm, nTerm, &iBlock);
+ }
+ if( rc==SQLITE_OK ){
+ rc = fts3WriteSegment(p, iNewStart, block.a, block.n);
+ }
+ sqlite3_free(aBlock);
+ }
+
+ /* Variable iNewStart now contains the first valid leaf node. */
+ if( rc==SQLITE_OK && iNewStart ){
+ sqlite3_stmt *pDel = 0;
+ rc = fts3SqlStmt(p, SQL_DELETE_SEGMENTS_RANGE, &pDel, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDel, 1, iOldStart);
+ sqlite3_bind_int64(pDel, 2, iNewStart-1);
+ sqlite3_step(pDel);
+ rc = sqlite3_reset(pDel);
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ sqlite3_stmt *pChomp = 0;
+ rc = fts3SqlStmt(p, SQL_CHOMP_SEGDIR, &pChomp, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pChomp, 1, iNewStart);
+ sqlite3_bind_blob(pChomp, 2, root.a, root.n, SQLITE_STATIC);
+ sqlite3_bind_int64(pChomp, 3, iAbsLevel);
+ sqlite3_bind_int(pChomp, 4, iIdx);
+ sqlite3_step(pChomp);
+ rc = sqlite3_reset(pChomp);
+ }
+ }
+
+ sqlite3_free(root.a);
+ sqlite3_free(block.a);
+ return rc;
+}
+
+/*
+** This function is called after an incrmental-merge operation has run to
+** merge (or partially merge) two or more segments from absolute level
+** iAbsLevel.
+**
+** Each input segment is either removed from the db completely (if all of
+** its data was copied to the output segment by the incrmerge operation)
+** or modified in place so that it no longer contains those entries that
+** have been duplicated in the output segment.
+*/
+static int fts3IncrmergeChomp(
+ Fts3Table *p, /* FTS table handle */
+ sqlite3_int64 iAbsLevel, /* Absolute level containing segments */
+ Fts3MultiSegReader *pCsr, /* Chomp all segments opened by this cursor */
+ int *pnRem /* Number of segments not deleted */
+){
+ int i;
+ int nRem = 0;
+ int rc = SQLITE_OK;
+
+ for(i=pCsr->nSegment-1; i>=0 && rc==SQLITE_OK; i--){
+ Fts3SegReader *pSeg = 0;
+ int j;
+
+ /* Find the Fts3SegReader object with Fts3SegReader.iIdx==i. It is hiding
+ ** somewhere in the pCsr->apSegment[] array. */
+ for(j=0; ALWAYS(j<pCsr->nSegment); j++){
+ pSeg = pCsr->apSegment[j];
+ if( pSeg->iIdx==i ) break;
+ }
+ assert( j<pCsr->nSegment && pSeg->iIdx==i );
+
+ if( pSeg->aNode==0 ){
+ /* Seg-reader is at EOF. Remove the entire input segment. */
+ rc = fts3DeleteSegment(p, pSeg);
+ if( rc==SQLITE_OK ){
+ rc = fts3RemoveSegdirEntry(p, iAbsLevel, pSeg->iIdx);
+ }
+ *pnRem = 0;
+ }else{
+ /* The incremental merge did not copy all the data from this
+ ** segment to the upper level. The segment is modified in place
+ ** so that it contains no keys smaller than zTerm/nTerm. */
+ const char *zTerm = pSeg->zTerm;
+ int nTerm = pSeg->nTerm;
+ rc = fts3TruncateSegment(p, iAbsLevel, pSeg->iIdx, zTerm, nTerm);
+ nRem++;
+ }
+ }
+
+ if( rc==SQLITE_OK && nRem!=pCsr->nSegment ){
+ rc = fts3RepackSegdirLevel(p, iAbsLevel);
+ }
+
+ *pnRem = nRem;
+ return rc;
+}
+
+/*
+** Store an incr-merge hint in the database.
+*/
+static int fts3IncrmergeHintStore(Fts3Table *p, Blob *pHint){
+ sqlite3_stmt *pReplace = 0;
+ int rc; /* Return code */
+
+ rc = fts3SqlStmt(p, SQL_REPLACE_STAT, &pReplace, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int(pReplace, 1, FTS_STAT_INCRMERGEHINT);
+ sqlite3_bind_blob(pReplace, 2, pHint->a, pHint->n, SQLITE_STATIC);
+ sqlite3_step(pReplace);
+ rc = sqlite3_reset(pReplace);
+ }
+
+ return rc;
+}
+
+/*
+** Load an incr-merge hint from the database. The incr-merge hint, if one
+** exists, is stored in the rowid==1 row of the %_stat table.
+**
+** If successful, populate blob *pHint with the value read from the %_stat
+** table and return SQLITE_OK. Otherwise, if an error occurs, return an
+** SQLite error code.
+*/
+static int fts3IncrmergeHintLoad(Fts3Table *p, Blob *pHint){
+ sqlite3_stmt *pSelect = 0;
+ int rc;
+
+ pHint->n = 0;
+ rc = fts3SqlStmt(p, SQL_SELECT_STAT, &pSelect, 0);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ sqlite3_bind_int(pSelect, 1, FTS_STAT_INCRMERGEHINT);
+ if( SQLITE_ROW==sqlite3_step(pSelect) ){
+ const char *aHint = sqlite3_column_blob(pSelect, 0);
+ int nHint = sqlite3_column_bytes(pSelect, 0);
+ if( aHint ){
+ blobGrowBuffer(pHint, nHint, &rc);
+ if( rc==SQLITE_OK ){
+ memcpy(pHint->a, aHint, nHint);
+ pHint->n = nHint;
+ }
+ }
+ }
+ rc2 = sqlite3_reset(pSelect);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ return rc;
+}
+
+/*
+** If *pRc is not SQLITE_OK when this function is called, it is a no-op.
+** Otherwise, append an entry to the hint stored in blob *pHint. Each entry
+** consists of two varints, the absolute level number of the input segments
+** and the number of input segments.
+**
+** If successful, leave *pRc set to SQLITE_OK and return. If an error occurs,
+** set *pRc to an SQLite error code before returning.
+*/
+static void fts3IncrmergeHintPush(
+ Blob *pHint, /* Hint blob to append to */
+ i64 iAbsLevel, /* First varint to store in hint */
+ int nInput, /* Second varint to store in hint */
+ int *pRc /* IN/OUT: Error code */
+){
+ blobGrowBuffer(pHint, pHint->n + 2*FTS3_VARINT_MAX, pRc);
+ if( *pRc==SQLITE_OK ){
+ pHint->n += sqlite3Fts3PutVarint(&pHint->a[pHint->n], iAbsLevel);
+ pHint->n += sqlite3Fts3PutVarint(&pHint->a[pHint->n], (i64)nInput);
+ }
+}
+
+/*
+** Read the last entry (most recently pushed) from the hint blob *pHint
+** and then remove the entry. Write the two values read to *piAbsLevel and
+** *pnInput before returning.
+**
+** If no error occurs, return SQLITE_OK. If the hint blob in *pHint does
+** not contain at least two valid varints, return SQLITE_CORRUPT_VTAB.
+*/
+static int fts3IncrmergeHintPop(Blob *pHint, i64 *piAbsLevel, int *pnInput){
+ const int nHint = pHint->n;
+ int i;
+
+ i = pHint->n-2;
+ while( i>0 && (pHint->a[i-1] & 0x80) ) i--;
+ while( i>0 && (pHint->a[i-1] & 0x80) ) i--;
+
+ pHint->n = i;
+ i += sqlite3Fts3GetVarint(&pHint->a[i], piAbsLevel);
+ i += fts3GetVarint32(&pHint->a[i], pnInput);
+ if( i!=nHint ) return FTS_CORRUPT_VTAB;
+
+ return SQLITE_OK;
+}
+
+
+/*
+** Attempt an incremental merge that writes nMerge leaf blocks.
+**
+** Incremental merges happen nMin segments at a time. The segments
+** to be merged are the nMin oldest segments (the ones with the smallest
+** values for the _segdir.idx field) in the highest level that contains
+** at least nMin segments. Multiple merges might occur in an attempt to
+** write the quota of nMerge leaf blocks.
+*/
+SQLITE_PRIVATE int sqlite3Fts3Incrmerge(Fts3Table *p, int nMerge, int nMin){
+ int rc; /* Return code */
+ int nRem = nMerge; /* Number of leaf pages yet to be written */
+ Fts3MultiSegReader *pCsr; /* Cursor used to read input data */
+ Fts3SegFilter *pFilter; /* Filter used with cursor pCsr */
+ IncrmergeWriter *pWriter; /* Writer object */
+ int nSeg = 0; /* Number of input segments */
+ sqlite3_int64 iAbsLevel = 0; /* Absolute level number to work on */
+ Blob hint = {0, 0, 0}; /* Hint read from %_stat table */
+ int bDirtyHint = 0; /* True if blob 'hint' has been modified */
+
+ /* Allocate space for the cursor, filter and writer objects */
+ const int nAlloc = sizeof(*pCsr) + sizeof(*pFilter) + sizeof(*pWriter);
+ pWriter = (IncrmergeWriter *)sqlite3_malloc(nAlloc);
+ if( !pWriter ) return SQLITE_NOMEM;
+ pFilter = (Fts3SegFilter *)&pWriter[1];
+ pCsr = (Fts3MultiSegReader *)&pFilter[1];
+
+ rc = fts3IncrmergeHintLoad(p, &hint);
+ while( rc==SQLITE_OK && nRem>0 ){
+ const i64 nMod = FTS3_SEGDIR_MAXLEVEL * p->nIndex;
+ sqlite3_stmt *pFindLevel = 0; /* SQL used to determine iAbsLevel */
+ int bUseHint = 0; /* True if attempting to append */
+ int iIdx = 0; /* Largest idx in level (iAbsLevel+1) */
+
+ /* Search the %_segdir table for the absolute level with the smallest
+ ** relative level number that contains at least nMin segments, if any.
+ ** If one is found, set iAbsLevel to the absolute level number and
+ ** nSeg to nMin. If no level with at least nMin segments can be found,
+ ** set nSeg to -1.
+ */
+ rc = fts3SqlStmt(p, SQL_FIND_MERGE_LEVEL, &pFindLevel, 0);
+ sqlite3_bind_int(pFindLevel, 1, nMin);
+ if( sqlite3_step(pFindLevel)==SQLITE_ROW ){
+ iAbsLevel = sqlite3_column_int64(pFindLevel, 0);
+ nSeg = nMin;
+ }else{
+ nSeg = -1;
+ }
+ rc = sqlite3_reset(pFindLevel);
+
+ /* If the hint read from the %_stat table is not empty, check if the
+ ** last entry in it specifies a relative level smaller than or equal
+ ** to the level identified by the block above (if any). If so, this
+ ** iteration of the loop will work on merging at the hinted level.
+ */
+ if( rc==SQLITE_OK && hint.n ){
+ int nHint = hint.n;
+ sqlite3_int64 iHintAbsLevel = 0; /* Hint level */
+ int nHintSeg = 0; /* Hint number of segments */
+
+ rc = fts3IncrmergeHintPop(&hint, &iHintAbsLevel, &nHintSeg);
+ if( nSeg<0 || (iAbsLevel % nMod) >= (iHintAbsLevel % nMod) ){
+ iAbsLevel = iHintAbsLevel;
+ nSeg = nHintSeg;
+ bUseHint = 1;
+ bDirtyHint = 1;
+ }else{
+ /* This undoes the effect of the HintPop() above - so that no entry
+ ** is removed from the hint blob. */
+ hint.n = nHint;
+ }
+ }
+
+ /* If nSeg is less that zero, then there is no level with at least
+ ** nMin segments and no hint in the %_stat table. No work to do.
+ ** Exit early in this case. */
+ if( nSeg<0 ) break;
+
+ /* Open a cursor to iterate through the contents of the oldest nSeg
+ ** indexes of absolute level iAbsLevel. If this cursor is opened using
+ ** the 'hint' parameters, it is possible that there are less than nSeg
+ ** segments available in level iAbsLevel. In this case, no work is
+ ** done on iAbsLevel - fall through to the next iteration of the loop
+ ** to start work on some other level. */
+ memset(pWriter, 0, nAlloc);
+ pFilter->flags = FTS3_SEGMENT_REQUIRE_POS;
+
+ if( rc==SQLITE_OK ){
+ rc = fts3IncrmergeOutputIdx(p, iAbsLevel, &iIdx);
+ assert( bUseHint==1 || bUseHint==0 );
+ if( iIdx==0 || (bUseHint && iIdx==1) ){
+ int bIgnore = 0;
+ rc = fts3SegmentIsMaxLevel(p, iAbsLevel+1, &bIgnore);
+ if( bIgnore ){
+ pFilter->flags |= FTS3_SEGMENT_IGNORE_EMPTY;
+ }
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = fts3IncrmergeCsr(p, iAbsLevel, nSeg, pCsr);
+ }
+ if( SQLITE_OK==rc && pCsr->nSegment==nSeg
+ && SQLITE_OK==(rc = sqlite3Fts3SegReaderStart(p, pCsr, pFilter))
+ && SQLITE_ROW==(rc = sqlite3Fts3SegReaderStep(p, pCsr))
+ ){
+ if( bUseHint && iIdx>0 ){
+ const char *zKey = pCsr->zTerm;
+ int nKey = pCsr->nTerm;
+ rc = fts3IncrmergeLoad(p, iAbsLevel, iIdx-1, zKey, nKey, pWriter);
+ }else{
+ rc = fts3IncrmergeWriter(p, iAbsLevel, iIdx, pCsr, pWriter);
+ }
+
+ if( rc==SQLITE_OK && pWriter->nLeafEst ){
+ fts3LogMerge(nSeg, iAbsLevel);
+ do {
+ rc = fts3IncrmergeAppend(p, pWriter, pCsr);
+ if( rc==SQLITE_OK ) rc = sqlite3Fts3SegReaderStep(p, pCsr);
+ if( pWriter->nWork>=nRem && rc==SQLITE_ROW ) rc = SQLITE_OK;
+ }while( rc==SQLITE_ROW );
+
+ /* Update or delete the input segments */
+ if( rc==SQLITE_OK ){
+ nRem -= (1 + pWriter->nWork);
+ rc = fts3IncrmergeChomp(p, iAbsLevel, pCsr, &nSeg);
+ if( nSeg!=0 ){
+ bDirtyHint = 1;
+ fts3IncrmergeHintPush(&hint, iAbsLevel, nSeg, &rc);
+ }
+ }
+ }
+
+ if( nSeg!=0 ){
+ pWriter->nLeafData = pWriter->nLeafData * -1;
+ }
+ fts3IncrmergeRelease(p, pWriter, &rc);
+ if( nSeg==0 && pWriter->bNoLeafData==0 ){
+ fts3PromoteSegments(p, iAbsLevel+1, pWriter->nLeafData);
+ }
+ }
+
+ sqlite3Fts3SegReaderFinish(pCsr);
+ }
+
+ /* Write the hint values into the %_stat table for the next incr-merger */
+ if( bDirtyHint && rc==SQLITE_OK ){
+ rc = fts3IncrmergeHintStore(p, &hint);
+ }
+
+ sqlite3_free(pWriter);
+ sqlite3_free(hint.a);
+ return rc;
+}
+
+/*
+** Convert the text beginning at *pz into an integer and return
+** its value. Advance *pz to point to the first character past
+** the integer.
+*/
+static int fts3Getint(const char **pz){
+ const char *z = *pz;
+ int i = 0;
+ while( (*z)>='0' && (*z)<='9' ) i = 10*i + *(z++) - '0';
+ *pz = z;
+ return i;
+}
+
+/*
+** Process statements of the form:
+**
+** INSERT INTO table(table) VALUES('merge=A,B');
+**
+** A and B are integers that decode to be the number of leaf pages
+** written for the merge, and the minimum number of segments on a level
+** before it will be selected for a merge, respectively.
+*/
+static int fts3DoIncrmerge(
+ Fts3Table *p, /* FTS3 table handle */
+ const char *zParam /* Nul-terminated string containing "A,B" */
+){
+ int rc;
+ int nMin = (FTS3_MERGE_COUNT / 2);
+ int nMerge = 0;
+ const char *z = zParam;
+
+ /* Read the first integer value */
+ nMerge = fts3Getint(&z);
+
+ /* If the first integer value is followed by a ',', read the second
+ ** integer value. */
+ if( z[0]==',' && z[1]!='\0' ){
+ z++;
+ nMin = fts3Getint(&z);
+ }
+
+ if( z[0]!='\0' || nMin<2 ){
+ rc = SQLITE_ERROR;
+ }else{
+ rc = SQLITE_OK;
+ if( !p->bHasStat ){
+ assert( p->bFts4==0 );
+ sqlite3Fts3CreateStatTable(&rc, p);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3Incrmerge(p, nMerge, nMin);
+ }
+ sqlite3Fts3SegmentsClose(p);
+ }
+ return rc;
+}
+
+/*
+** Process statements of the form:
+**
+** INSERT INTO table(table) VALUES('automerge=X');
+**
+** where X is an integer. X==0 means to turn automerge off. X!=0 means
+** turn it on. The setting is persistent.
+*/
+static int fts3DoAutoincrmerge(
+ Fts3Table *p, /* FTS3 table handle */
+ const char *zParam /* Nul-terminated string containing boolean */
+){
+ int rc = SQLITE_OK;
+ sqlite3_stmt *pStmt = 0;
+ p->nAutoincrmerge = fts3Getint(&zParam);
+ if( p->nAutoincrmerge==1 || p->nAutoincrmerge>FTS3_MERGE_COUNT ){
+ p->nAutoincrmerge = 8;
+ }
+ if( !p->bHasStat ){
+ assert( p->bFts4==0 );
+ sqlite3Fts3CreateStatTable(&rc, p);
+ if( rc ) return rc;
+ }
+ rc = fts3SqlStmt(p, SQL_REPLACE_STAT, &pStmt, 0);
+ if( rc ) return rc;
+ sqlite3_bind_int(pStmt, 1, FTS_STAT_AUTOINCRMERGE);
+ sqlite3_bind_int(pStmt, 2, p->nAutoincrmerge);
+ sqlite3_step(pStmt);
+ rc = sqlite3_reset(pStmt);
+ return rc;
+}
+
+/*
+** Return a 64-bit checksum for the FTS index entry specified by the
+** arguments to this function.
+*/
+static u64 fts3ChecksumEntry(
+ const char *zTerm, /* Pointer to buffer containing term */
+ int nTerm, /* Size of zTerm in bytes */
+ int iLangid, /* Language id for current row */
+ int iIndex, /* Index (0..Fts3Table.nIndex-1) */
+ i64 iDocid, /* Docid for current row. */
+ int iCol, /* Column number */
+ int iPos /* Position */
+){
+ int i;
+ u64 ret = (u64)iDocid;
+
+ ret += (ret<<3) + iLangid;
+ ret += (ret<<3) + iIndex;
+ ret += (ret<<3) + iCol;
+ ret += (ret<<3) + iPos;
+ for(i=0; i<nTerm; i++) ret += (ret<<3) + zTerm[i];
+
+ return ret;
+}
+
+/*
+** Return a checksum of all entries in the FTS index that correspond to
+** language id iLangid. The checksum is calculated by XORing the checksums
+** of each individual entry (see fts3ChecksumEntry()) together.
+**
+** If successful, the checksum value is returned and *pRc set to SQLITE_OK.
+** Otherwise, if an error occurs, *pRc is set to an SQLite error code. The
+** return value is undefined in this case.
+*/
+static u64 fts3ChecksumIndex(
+ Fts3Table *p, /* FTS3 table handle */
+ int iLangid, /* Language id to return cksum for */
+ int iIndex, /* Index to cksum (0..p->nIndex-1) */
+ int *pRc /* OUT: Return code */
+){
+ Fts3SegFilter filter;
+ Fts3MultiSegReader csr;
+ int rc;
+ u64 cksum = 0;
+
+ assert( *pRc==SQLITE_OK );
+
+ memset(&filter, 0, sizeof(filter));
+ memset(&csr, 0, sizeof(csr));
+ filter.flags = FTS3_SEGMENT_REQUIRE_POS|FTS3_SEGMENT_IGNORE_EMPTY;
+ filter.flags |= FTS3_SEGMENT_SCAN;
+
+ rc = sqlite3Fts3SegReaderCursor(
+ p, iLangid, iIndex, FTS3_SEGCURSOR_ALL, 0, 0, 0, 1,&csr
+ );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3SegReaderStart(p, &csr, &filter);
+ }
+
+ if( rc==SQLITE_OK ){
+ while( SQLITE_ROW==(rc = sqlite3Fts3SegReaderStep(p, &csr)) ){
+ char *pCsr = csr.aDoclist;
+ char *pEnd = &pCsr[csr.nDoclist];
+
+ i64 iDocid = 0;
+ i64 iCol = 0;
+ i64 iPos = 0;
+
+ pCsr += sqlite3Fts3GetVarint(pCsr, &iDocid);
+ while( pCsr<pEnd ){
+ i64 iVal = 0;
+ pCsr += sqlite3Fts3GetVarint(pCsr, &iVal);
+ if( pCsr<pEnd ){
+ if( iVal==0 || iVal==1 ){
+ iCol = 0;
+ iPos = 0;
+ if( iVal ){
+ pCsr += sqlite3Fts3GetVarint(pCsr, &iCol);
+ }else{
+ pCsr += sqlite3Fts3GetVarint(pCsr, &iVal);
+ iDocid += iVal;
+ }
+ }else{
+ iPos += (iVal - 2);
+ cksum = cksum ^ fts3ChecksumEntry(
+ csr.zTerm, csr.nTerm, iLangid, iIndex, iDocid,
+ (int)iCol, (int)iPos
+ );
+ }
+ }
+ }
+ }
+ }
+ sqlite3Fts3SegReaderFinish(&csr);
+
+ *pRc = rc;
+ return cksum;
+}
+
+/*
+** Check if the contents of the FTS index match the current contents of the
+** content table. If no error occurs and the contents do match, set *pbOk
+** to true and return SQLITE_OK. Or if the contents do not match, set *pbOk
+** to false before returning.
+**
+** If an error occurs (e.g. an OOM or IO error), return an SQLite error
+** code. The final value of *pbOk is undefined in this case.
+*/
+static int fts3IntegrityCheck(Fts3Table *p, int *pbOk){
+ int rc = SQLITE_OK; /* Return code */
+ u64 cksum1 = 0; /* Checksum based on FTS index contents */
+ u64 cksum2 = 0; /* Checksum based on %_content contents */
+ sqlite3_stmt *pAllLangid = 0; /* Statement to return all language-ids */
+
+ /* This block calculates the checksum according to the FTS index. */
+ rc = fts3SqlStmt(p, SQL_SELECT_ALL_LANGID, &pAllLangid, 0);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ sqlite3_bind_int(pAllLangid, 1, p->iPrevLangid);
+ sqlite3_bind_int(pAllLangid, 2, p->nIndex);
+ while( rc==SQLITE_OK && sqlite3_step(pAllLangid)==SQLITE_ROW ){
+ int iLangid = sqlite3_column_int(pAllLangid, 0);
+ int i;
+ for(i=0; i<p->nIndex; i++){
+ cksum1 = cksum1 ^ fts3ChecksumIndex(p, iLangid, i, &rc);
+ }
+ }
+ rc2 = sqlite3_reset(pAllLangid);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ /* This block calculates the checksum according to the %_content table */
+ if( rc==SQLITE_OK ){
+ sqlite3_tokenizer_module const *pModule = p->pTokenizer->pModule;
+ sqlite3_stmt *pStmt = 0;
+ char *zSql;
+
+ zSql = sqlite3_mprintf("SELECT %s" , p->zReadExprlist);
+ if( !zSql ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(p->db, zSql, -1, &pStmt, 0);
+ sqlite3_free(zSql);
+ }
+
+ while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pStmt) ){
+ i64 iDocid = sqlite3_column_int64(pStmt, 0);
+ int iLang = langidFromSelect(p, pStmt);
+ int iCol;
+
+ for(iCol=0; rc==SQLITE_OK && iCol<p->nColumn; iCol++){
+ if( p->abNotindexed[iCol]==0 ){
+ const char *zText = (const char *)sqlite3_column_text(pStmt, iCol+1);
+ int nText = sqlite3_column_bytes(pStmt, iCol+1);
+ sqlite3_tokenizer_cursor *pT = 0;
+
+ rc = sqlite3Fts3OpenTokenizer(p->pTokenizer, iLang, zText, nText,&pT);
+ while( rc==SQLITE_OK ){
+ char const *zToken; /* Buffer containing token */
+ int nToken = 0; /* Number of bytes in token */
+ int iDum1 = 0, iDum2 = 0; /* Dummy variables */
+ int iPos = 0; /* Position of token in zText */
+
+ rc = pModule->xNext(pT, &zToken, &nToken, &iDum1, &iDum2, &iPos);
+ if( rc==SQLITE_OK ){
+ int i;
+ cksum2 = cksum2 ^ fts3ChecksumEntry(
+ zToken, nToken, iLang, 0, iDocid, iCol, iPos
+ );
+ for(i=1; i<p->nIndex; i++){
+ if( p->aIndex[i].nPrefix<=nToken ){
+ cksum2 = cksum2 ^ fts3ChecksumEntry(
+ zToken, p->aIndex[i].nPrefix, iLang, i, iDocid, iCol, iPos
+ );
+ }
+ }
+ }
+ }
+ if( pT ) pModule->xClose(pT);
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ }
+ }
+ }
+
+ sqlite3_finalize(pStmt);
+ }
+
+ *pbOk = (cksum1==cksum2);
+ return rc;
+}
+
+/*
+** Run the integrity-check. If no error occurs and the current contents of
+** the FTS index are correct, return SQLITE_OK. Or, if the contents of the
+** FTS index are incorrect, return SQLITE_CORRUPT_VTAB.
+**
+** Or, if an error (e.g. an OOM or IO error) occurs, return an SQLite
+** error code.
+**
+** The integrity-check works as follows. For each token and indexed token
+** prefix in the document set, a 64-bit checksum is calculated (by code
+** in fts3ChecksumEntry()) based on the following:
+**
+** + The index number (0 for the main index, 1 for the first prefix
+** index etc.),
+** + The token (or token prefix) text itself,
+** + The language-id of the row it appears in,
+** + The docid of the row it appears in,
+** + The column it appears in, and
+** + The tokens position within that column.
+**
+** The checksums for all entries in the index are XORed together to create
+** a single checksum for the entire index.
+**
+** The integrity-check code calculates the same checksum in two ways:
+**
+** 1. By scanning the contents of the FTS index, and
+** 2. By scanning and tokenizing the content table.
+**
+** If the two checksums are identical, the integrity-check is deemed to have
+** passed.
+*/
+static int fts3DoIntegrityCheck(
+ Fts3Table *p /* FTS3 table handle */
+){
+ int rc;
+ int bOk = 0;
+ rc = fts3IntegrityCheck(p, &bOk);
+ if( rc==SQLITE_OK && bOk==0 ) rc = FTS_CORRUPT_VTAB;
+ return rc;
+}
+
+/*
+** Handle a 'special' INSERT of the form:
+**
+** "INSERT INTO tbl(tbl) VALUES(<expr>)"
+**
+** Argument pVal contains the result of <expr>. Currently the only
+** meaningful value to insert is the text 'optimize'.
+*/
+static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){
+ int rc; /* Return Code */
+ const char *zVal = (const char *)sqlite3_value_text(pVal);
+ int nVal = sqlite3_value_bytes(pVal);
+
+ if( !zVal ){
+ return SQLITE_NOMEM;
+ }else if( nVal==8 && 0==sqlite3_strnicmp(zVal, "optimize", 8) ){
+ rc = fts3DoOptimize(p, 0);
+ }else if( nVal==7 && 0==sqlite3_strnicmp(zVal, "rebuild", 7) ){
+ rc = fts3DoRebuild(p);
+ }else if( nVal==15 && 0==sqlite3_strnicmp(zVal, "integrity-check", 15) ){
+ rc = fts3DoIntegrityCheck(p);
+ }else if( nVal>6 && 0==sqlite3_strnicmp(zVal, "merge=", 6) ){
+ rc = fts3DoIncrmerge(p, &zVal[6]);
+ }else if( nVal>10 && 0==sqlite3_strnicmp(zVal, "automerge=", 10) ){
+ rc = fts3DoAutoincrmerge(p, &zVal[10]);
+#ifdef SQLITE_TEST
+ }else if( nVal>9 && 0==sqlite3_strnicmp(zVal, "nodesize=", 9) ){
+ p->nNodeSize = atoi(&zVal[9]);
+ rc = SQLITE_OK;
+ }else if( nVal>11 && 0==sqlite3_strnicmp(zVal, "maxpending=", 9) ){
+ p->nMaxPendingData = atoi(&zVal[11]);
+ rc = SQLITE_OK;
+ }else if( nVal>21 && 0==sqlite3_strnicmp(zVal, "test-no-incr-doclist=", 21) ){
+ p->bNoIncrDoclist = atoi(&zVal[21]);
+ rc = SQLITE_OK;
+#endif
+ }else{
+ rc = SQLITE_ERROR;
+ }
+
+ return rc;
+}
+
+#ifndef SQLITE_DISABLE_FTS4_DEFERRED
+/*
+** Delete all cached deferred doclists. Deferred doclists are cached
+** (allocated) by the sqlite3Fts3CacheDeferredDoclists() function.
+*/
+SQLITE_PRIVATE void sqlite3Fts3FreeDeferredDoclists(Fts3Cursor *pCsr){
+ Fts3DeferredToken *pDef;
+ for(pDef=pCsr->pDeferred; pDef; pDef=pDef->pNext){
+ fts3PendingListDelete(pDef->pList);
+ pDef->pList = 0;
+ }
+}
+
+/*
+** Free all entries in the pCsr->pDeffered list. Entries are added to
+** this list using sqlite3Fts3DeferToken().
+*/
+SQLITE_PRIVATE void sqlite3Fts3FreeDeferredTokens(Fts3Cursor *pCsr){
+ Fts3DeferredToken *pDef;
+ Fts3DeferredToken *pNext;
+ for(pDef=pCsr->pDeferred; pDef; pDef=pNext){
+ pNext = pDef->pNext;
+ fts3PendingListDelete(pDef->pList);
+ sqlite3_free(pDef);
+ }
+ pCsr->pDeferred = 0;
+}
+
+/*
+** Generate deferred-doclists for all tokens in the pCsr->pDeferred list
+** based on the row that pCsr currently points to.
+**
+** A deferred-doclist is like any other doclist with position information
+** included, except that it only contains entries for a single row of the
+** table, not for all rows.
+*/
+SQLITE_PRIVATE int sqlite3Fts3CacheDeferredDoclists(Fts3Cursor *pCsr){
+ int rc = SQLITE_OK; /* Return code */
+ if( pCsr->pDeferred ){
+ int i; /* Used to iterate through table columns */
+ sqlite3_int64 iDocid; /* Docid of the row pCsr points to */
+ Fts3DeferredToken *pDef; /* Used to iterate through deferred tokens */
+
+ Fts3Table *p = (Fts3Table *)pCsr->base.pVtab;
+ sqlite3_tokenizer *pT = p->pTokenizer;
+ sqlite3_tokenizer_module const *pModule = pT->pModule;
+
+ assert( pCsr->isRequireSeek==0 );
+ iDocid = sqlite3_column_int64(pCsr->pStmt, 0);
+
+ for(i=0; i<p->nColumn && rc==SQLITE_OK; i++){
+ if( p->abNotindexed[i]==0 ){
+ const char *zText = (const char *)sqlite3_column_text(pCsr->pStmt, i+1);
+ sqlite3_tokenizer_cursor *pTC = 0;
+
+ rc = sqlite3Fts3OpenTokenizer(pT, pCsr->iLangid, zText, -1, &pTC);
+ while( rc==SQLITE_OK ){
+ char const *zToken; /* Buffer containing token */
+ int nToken = 0; /* Number of bytes in token */
+ int iDum1 = 0, iDum2 = 0; /* Dummy variables */
+ int iPos = 0; /* Position of token in zText */
+
+ rc = pModule->xNext(pTC, &zToken, &nToken, &iDum1, &iDum2, &iPos);
+ for(pDef=pCsr->pDeferred; pDef && rc==SQLITE_OK; pDef=pDef->pNext){
+ Fts3PhraseToken *pPT = pDef->pToken;
+ if( (pDef->iCol>=p->nColumn || pDef->iCol==i)
+ && (pPT->bFirst==0 || iPos==0)
+ && (pPT->n==nToken || (pPT->isPrefix && pPT->n<nToken))
+ && (0==memcmp(zToken, pPT->z, pPT->n))
+ ){
+ fts3PendingListAppend(&pDef->pList, iDocid, i, iPos, &rc);
+ }
+ }
+ }
+ if( pTC ) pModule->xClose(pTC);
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ }
+ }
+
+ for(pDef=pCsr->pDeferred; pDef && rc==SQLITE_OK; pDef=pDef->pNext){
+ if( pDef->pList ){
+ rc = fts3PendingListAppendVarint(&pDef->pList, 0);
+ }
+ }
+ }
+
+ return rc;
+}
+
+SQLITE_PRIVATE int sqlite3Fts3DeferredTokenList(
+ Fts3DeferredToken *p,
+ char **ppData,
+ int *pnData
+){
+ char *pRet;
+ int nSkip;
+ sqlite3_int64 dummy;
+
+ *ppData = 0;
+ *pnData = 0;
+
+ if( p->pList==0 ){
+ return SQLITE_OK;
+ }
+
+ pRet = (char *)sqlite3_malloc(p->pList->nData);
+ if( !pRet ) return SQLITE_NOMEM;
+
+ nSkip = sqlite3Fts3GetVarint(p->pList->aData, &dummy);
+ *pnData = p->pList->nData - nSkip;
+ *ppData = pRet;
+
+ memcpy(pRet, &p->pList->aData[nSkip], *pnData);
+ return SQLITE_OK;
+}
+
+/*
+** Add an entry for token pToken to the pCsr->pDeferred list.
+*/
+SQLITE_PRIVATE int sqlite3Fts3DeferToken(
+ Fts3Cursor *pCsr, /* Fts3 table cursor */
+ Fts3PhraseToken *pToken, /* Token to defer */
+ int iCol /* Column that token must appear in (or -1) */
+){
+ Fts3DeferredToken *pDeferred;
+ pDeferred = sqlite3_malloc(sizeof(*pDeferred));
+ if( !pDeferred ){
+ return SQLITE_NOMEM;
+ }
+ memset(pDeferred, 0, sizeof(*pDeferred));
+ pDeferred->pToken = pToken;
+ pDeferred->pNext = pCsr->pDeferred;
+ pDeferred->iCol = iCol;
+ pCsr->pDeferred = pDeferred;
+
+ assert( pToken->pDeferred==0 );
+ pToken->pDeferred = pDeferred;
+
+ return SQLITE_OK;
+}
+#endif
+
+/*
+** SQLite value pRowid contains the rowid of a row that may or may not be
+** present in the FTS3 table. If it is, delete it and adjust the contents
+** of subsiduary data structures accordingly.
+*/
+static int fts3DeleteByRowid(
+ Fts3Table *p,
+ sqlite3_value *pRowid,
+ int *pnChng, /* IN/OUT: Decrement if row is deleted */
+ u32 *aSzDel
+){
+ int rc = SQLITE_OK; /* Return code */
+ int bFound = 0; /* True if *pRowid really is in the table */
+
+ fts3DeleteTerms(&rc, p, pRowid, aSzDel, &bFound);
+ if( bFound && rc==SQLITE_OK ){
+ int isEmpty = 0; /* Deleting *pRowid leaves the table empty */
+ rc = fts3IsEmpty(p, pRowid, &isEmpty);
+ if( rc==SQLITE_OK ){
+ if( isEmpty ){
+ /* Deleting this row means the whole table is empty. In this case
+ ** delete the contents of all three tables and throw away any
+ ** data in the pendingTerms hash table. */
+ rc = fts3DeleteAll(p, 1);
+ *pnChng = 0;
+ memset(aSzDel, 0, sizeof(u32) * (p->nColumn+1) * 2);
+ }else{
+ *pnChng = *pnChng - 1;
+ if( p->zContentTbl==0 ){
+ fts3SqlExec(&rc, p, SQL_DELETE_CONTENT, &pRowid);
+ }
+ if( p->bHasDocsize ){
+ fts3SqlExec(&rc, p, SQL_DELETE_DOCSIZE, &pRowid);
+ }
+ }
+ }
+ }
+
+ return rc;
+}
+
+/*
+** This function does the work for the xUpdate method of FTS3 virtual
+** tables. The schema of the virtual table being:
+**
+** CREATE TABLE <table name>(
+** <user columns>,
+** <table name> HIDDEN,
+** docid HIDDEN,
+** <langid> HIDDEN
+** );
+**
+**
+*/
+SQLITE_PRIVATE int sqlite3Fts3UpdateMethod(
+ sqlite3_vtab *pVtab, /* FTS3 vtab object */
+ int nArg, /* Size of argument array */
+ sqlite3_value **apVal, /* Array of arguments */
+ sqlite_int64 *pRowid /* OUT: The affected (or effected) rowid */
+){
+ Fts3Table *p = (Fts3Table *)pVtab;
+ int rc = SQLITE_OK; /* Return Code */
+ int isRemove = 0; /* True for an UPDATE or DELETE */
+ u32 *aSzIns = 0; /* Sizes of inserted documents */
+ u32 *aSzDel = 0; /* Sizes of deleted documents */
+ int nChng = 0; /* Net change in number of documents */
+ int bInsertDone = 0;
+
+ /* At this point it must be known if the %_stat table exists or not.
+ ** So bHasStat may not be 2. */
+ assert( p->bHasStat==0 || p->bHasStat==1 );
+
+ assert( p->pSegments==0 );
+ assert(
+ nArg==1 /* DELETE operations */
+ || nArg==(2 + p->nColumn + 3) /* INSERT or UPDATE operations */
+ );
+
+ /* Check for a "special" INSERT operation. One of the form:
+ **
+ ** INSERT INTO xyz(xyz) VALUES('command');
+ */
+ if( nArg>1
+ && sqlite3_value_type(apVal[0])==SQLITE_NULL
+ && sqlite3_value_type(apVal[p->nColumn+2])!=SQLITE_NULL
+ ){
+ rc = fts3SpecialInsert(p, apVal[p->nColumn+2]);
+ goto update_out;
+ }
+
+ if( nArg>1 && sqlite3_value_int(apVal[2 + p->nColumn + 2])<0 ){
+ rc = SQLITE_CONSTRAINT;
+ goto update_out;
+ }
+
+ /* Allocate space to hold the change in document sizes */
+ aSzDel = sqlite3_malloc( sizeof(aSzDel[0])*(p->nColumn+1)*2 );
+ if( aSzDel==0 ){
+ rc = SQLITE_NOMEM;
+ goto update_out;
+ }
+ aSzIns = &aSzDel[p->nColumn+1];
+ memset(aSzDel, 0, sizeof(aSzDel[0])*(p->nColumn+1)*2);
+
+ rc = fts3Writelock(p);
+ if( rc!=SQLITE_OK ) goto update_out;
+
+ /* If this is an INSERT operation, or an UPDATE that modifies the rowid
+ ** value, then this operation requires constraint handling.
+ **
+ ** If the on-conflict mode is REPLACE, this means that the existing row
+ ** should be deleted from the database before inserting the new row. Or,
+ ** if the on-conflict mode is other than REPLACE, then this method must
+ ** detect the conflict and return SQLITE_CONSTRAINT before beginning to
+ ** modify the database file.
+ */
+ if( nArg>1 && p->zContentTbl==0 ){
+ /* Find the value object that holds the new rowid value. */
+ sqlite3_value *pNewRowid = apVal[3+p->nColumn];
+ if( sqlite3_value_type(pNewRowid)==SQLITE_NULL ){
+ pNewRowid = apVal[1];
+ }
+
+ if( sqlite3_value_type(pNewRowid)!=SQLITE_NULL && (
+ sqlite3_value_type(apVal[0])==SQLITE_NULL
+ || sqlite3_value_int64(apVal[0])!=sqlite3_value_int64(pNewRowid)
+ )){
+ /* The new rowid is not NULL (in this case the rowid will be
+ ** automatically assigned and there is no chance of a conflict), and
+ ** the statement is either an INSERT or an UPDATE that modifies the
+ ** rowid column. So if the conflict mode is REPLACE, then delete any
+ ** existing row with rowid=pNewRowid.
+ **
+ ** Or, if the conflict mode is not REPLACE, insert the new record into
+ ** the %_content table. If we hit the duplicate rowid constraint (or any
+ ** other error) while doing so, return immediately.
+ **
+ ** This branch may also run if pNewRowid contains a value that cannot
+ ** be losslessly converted to an integer. In this case, the eventual
+ ** call to fts3InsertData() (either just below or further on in this
+ ** function) will return SQLITE_MISMATCH. If fts3DeleteByRowid is
+ ** invoked, it will delete zero rows (since no row will have
+ ** docid=$pNewRowid if $pNewRowid is not an integer value).
+ */
+ if( sqlite3_vtab_on_conflict(p->db)==SQLITE_REPLACE ){
+ rc = fts3DeleteByRowid(p, pNewRowid, &nChng, aSzDel);
+ }else{
+ rc = fts3InsertData(p, apVal, pRowid);
+ bInsertDone = 1;
+ }
+ }
+ }
+ if( rc!=SQLITE_OK ){
+ goto update_out;
+ }
+
+ /* If this is a DELETE or UPDATE operation, remove the old record. */
+ if( sqlite3_value_type(apVal[0])!=SQLITE_NULL ){
+ assert( sqlite3_value_type(apVal[0])==SQLITE_INTEGER );
+ rc = fts3DeleteByRowid(p, apVal[0], &nChng, aSzDel);
+ isRemove = 1;
+ }
+
+ /* If this is an INSERT or UPDATE operation, insert the new record. */
+ if( nArg>1 && rc==SQLITE_OK ){
+ int iLangid = sqlite3_value_int(apVal[2 + p->nColumn + 2]);
+ if( bInsertDone==0 ){
+ rc = fts3InsertData(p, apVal, pRowid);
+ if( rc==SQLITE_CONSTRAINT && p->zContentTbl==0 ){
+ rc = FTS_CORRUPT_VTAB;
+ }
+ }
+ if( rc==SQLITE_OK && (!isRemove || *pRowid!=p->iPrevDocid ) ){
+ rc = fts3PendingTermsDocid(p, 0, iLangid, *pRowid);
+ }
+ if( rc==SQLITE_OK ){
+ assert( p->iPrevDocid==*pRowid );
+ rc = fts3InsertTerms(p, iLangid, apVal, aSzIns);
+ }
+ if( p->bHasDocsize ){
+ fts3InsertDocsize(&rc, p, aSzIns);
+ }
+ nChng++;
+ }
+
+ if( p->bFts4 ){
+ fts3UpdateDocTotals(&rc, p, aSzIns, aSzDel, nChng);
+ }
+
+ update_out:
+ sqlite3_free(aSzDel);
+ sqlite3Fts3SegmentsClose(p);
+ return rc;
+}
+
+/*
+** Flush any data in the pending-terms hash table to disk. If successful,
+** merge all segments in the database (including the new segment, if
+** there was any data to flush) into a single segment.
+*/
+SQLITE_PRIVATE int sqlite3Fts3Optimize(Fts3Table *p){
+ int rc;
+ rc = sqlite3_exec(p->db, "SAVEPOINT fts3", 0, 0, 0);
+ if( rc==SQLITE_OK ){
+ rc = fts3DoOptimize(p, 1);
+ if( rc==SQLITE_OK || rc==SQLITE_DONE ){
+ int rc2 = sqlite3_exec(p->db, "RELEASE fts3", 0, 0, 0);
+ if( rc2!=SQLITE_OK ) rc = rc2;
+ }else{
+ sqlite3_exec(p->db, "ROLLBACK TO fts3", 0, 0, 0);
+ sqlite3_exec(p->db, "RELEASE fts3", 0, 0, 0);
+ }
+ }
+ sqlite3Fts3SegmentsClose(p);
+ return rc;
+}
+
+#endif
+
+/************** End of fts3_write.c ******************************************/
+/************** Begin file fts3_snippet.c ************************************/
+/*
+** 2009 Oct 23
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+*/
+
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <string.h> */
+/* #include <assert.h> */
+
+/*
+** Characters that may appear in the second argument to matchinfo().
+*/
+#define FTS3_MATCHINFO_NPHRASE 'p' /* 1 value */
+#define FTS3_MATCHINFO_NCOL 'c' /* 1 value */
+#define FTS3_MATCHINFO_NDOC 'n' /* 1 value */
+#define FTS3_MATCHINFO_AVGLENGTH 'a' /* nCol values */
+#define FTS3_MATCHINFO_LENGTH 'l' /* nCol values */
+#define FTS3_MATCHINFO_LCS 's' /* nCol values */
+#define FTS3_MATCHINFO_HITS 'x' /* 3*nCol*nPhrase values */
+#define FTS3_MATCHINFO_LHITS 'y' /* nCol*nPhrase values */
+#define FTS3_MATCHINFO_LHITS_BM 'b' /* nCol*nPhrase values */
+
+/*
+** The default value for the second argument to matchinfo().
+*/
+#define FTS3_MATCHINFO_DEFAULT "pcx"
+
+
+/*
+** Used as an fts3ExprIterate() context when loading phrase doclists to
+** Fts3Expr.aDoclist[]/nDoclist.
+*/
+typedef struct LoadDoclistCtx LoadDoclistCtx;
+struct LoadDoclistCtx {
+ Fts3Cursor *pCsr; /* FTS3 Cursor */
+ int nPhrase; /* Number of phrases seen so far */
+ int nToken; /* Number of tokens seen so far */
+};
+
+/*
+** The following types are used as part of the implementation of the
+** fts3BestSnippet() routine.
+*/
+typedef struct SnippetIter SnippetIter;
+typedef struct SnippetPhrase SnippetPhrase;
+typedef struct SnippetFragment SnippetFragment;
+
+struct SnippetIter {
+ Fts3Cursor *pCsr; /* Cursor snippet is being generated from */
+ int iCol; /* Extract snippet from this column */
+ int nSnippet; /* Requested snippet length (in tokens) */
+ int nPhrase; /* Number of phrases in query */
+ SnippetPhrase *aPhrase; /* Array of size nPhrase */
+ int iCurrent; /* First token of current snippet */
+};
+
+struct SnippetPhrase {
+ int nToken; /* Number of tokens in phrase */
+ char *pList; /* Pointer to start of phrase position list */
+ int iHead; /* Next value in position list */
+ char *pHead; /* Position list data following iHead */
+ int iTail; /* Next value in trailing position list */
+ char *pTail; /* Position list data following iTail */
+};
+
+struct SnippetFragment {
+ int iCol; /* Column snippet is extracted from */
+ int iPos; /* Index of first token in snippet */
+ u64 covered; /* Mask of query phrases covered */
+ u64 hlmask; /* Mask of snippet terms to highlight */
+};
+
+/*
+** This type is used as an fts3ExprIterate() context object while
+** accumulating the data returned by the matchinfo() function.
+*/
+typedef struct MatchInfo MatchInfo;
+struct MatchInfo {
+ Fts3Cursor *pCursor; /* FTS3 Cursor */
+ int nCol; /* Number of columns in table */
+ int nPhrase; /* Number of matchable phrases in query */
+ sqlite3_int64 nDoc; /* Number of docs in database */
+ char flag;
+ u32 *aMatchinfo; /* Pre-allocated buffer */
+};
+
+/*
+** An instance of this structure is used to manage a pair of buffers, each
+** (nElem * sizeof(u32)) bytes in size. See the MatchinfoBuffer code below
+** for details.
+*/
+struct MatchinfoBuffer {
+ u8 aRef[3];
+ int nElem;
+ int bGlobal; /* Set if global data is loaded */
+ char *zMatchinfo;
+ u32 aMatchinfo[1];
+};
+
+
+/*
+** The snippet() and offsets() functions both return text values. An instance
+** of the following structure is used to accumulate those values while the
+** functions are running. See fts3StringAppend() for details.
+*/
+typedef struct StrBuffer StrBuffer;
+struct StrBuffer {
+ char *z; /* Pointer to buffer containing string */
+ int n; /* Length of z in bytes (excl. nul-term) */
+ int nAlloc; /* Allocated size of buffer z in bytes */
+};
+
+
+/*************************************************************************
+** Start of MatchinfoBuffer code.
+*/
+
+/*
+** Allocate a two-slot MatchinfoBuffer object.
+*/
+static MatchinfoBuffer *fts3MIBufferNew(int nElem, const char *zMatchinfo){
+ MatchinfoBuffer *pRet;
+ int nByte = sizeof(u32) * (2*nElem + 1) + sizeof(MatchinfoBuffer);
+ int nStr = (int)strlen(zMatchinfo);
+
+ pRet = sqlite3_malloc(nByte + nStr+1);
+ if( pRet ){
+ memset(pRet, 0, nByte);
+ pRet->aMatchinfo[0] = (u8*)(&pRet->aMatchinfo[1]) - (u8*)pRet;
+ pRet->aMatchinfo[1+nElem] = pRet->aMatchinfo[0] + sizeof(u32)*(nElem+1);
+ pRet->nElem = nElem;
+ pRet->zMatchinfo = ((char*)pRet) + nByte;
+ memcpy(pRet->zMatchinfo, zMatchinfo, nStr+1);
+ pRet->aRef[0] = 1;
+ }
+
+ return pRet;
+}
+
+static void fts3MIBufferFree(void *p){
+ MatchinfoBuffer *pBuf = (MatchinfoBuffer*)((u8*)p - ((u32*)p)[-1]);
+
+ assert( (u32*)p==&pBuf->aMatchinfo[1]
+ || (u32*)p==&pBuf->aMatchinfo[pBuf->nElem+2]
+ );
+ if( (u32*)p==&pBuf->aMatchinfo[1] ){
+ pBuf->aRef[1] = 0;
+ }else{
+ pBuf->aRef[2] = 0;
+ }
+
+ if( pBuf->aRef[0]==0 && pBuf->aRef[1]==0 && pBuf->aRef[2]==0 ){
+ sqlite3_free(pBuf);
+ }
+}
+
+static void (*fts3MIBufferAlloc(MatchinfoBuffer *p, u32 **paOut))(void*){
+ void (*xRet)(void*) = 0;
+ u32 *aOut = 0;
+
+ if( p->aRef[1]==0 ){
+ p->aRef[1] = 1;
+ aOut = &p->aMatchinfo[1];
+ xRet = fts3MIBufferFree;
+ }
+ else if( p->aRef[2]==0 ){
+ p->aRef[2] = 1;
+ aOut = &p->aMatchinfo[p->nElem+2];
+ xRet = fts3MIBufferFree;
+ }else{
+ aOut = (u32*)sqlite3_malloc(p->nElem * sizeof(u32));
+ if( aOut ){
+ xRet = sqlite3_free;
+ if( p->bGlobal ) memcpy(aOut, &p->aMatchinfo[1], p->nElem*sizeof(u32));
+ }
+ }
+
+ *paOut = aOut;
+ return xRet;
+}
+
+static void fts3MIBufferSetGlobal(MatchinfoBuffer *p){
+ p->bGlobal = 1;
+ memcpy(&p->aMatchinfo[2+p->nElem], &p->aMatchinfo[1], p->nElem*sizeof(u32));
+}
+
+/*
+** Free a MatchinfoBuffer object allocated using fts3MIBufferNew()
+*/
+SQLITE_PRIVATE void sqlite3Fts3MIBufferFree(MatchinfoBuffer *p){
+ if( p ){
+ assert( p->aRef[0]==1 );
+ p->aRef[0] = 0;
+ if( p->aRef[0]==0 && p->aRef[1]==0 && p->aRef[2]==0 ){
+ sqlite3_free(p);
+ }
+ }
+}
+
+/*
+** End of MatchinfoBuffer code.
+*************************************************************************/
+
+
+/*
+** This function is used to help iterate through a position-list. A position
+** list is a list of unique integers, sorted from smallest to largest. Each
+** element of the list is represented by an FTS3 varint that takes the value
+** of the difference between the current element and the previous one plus
+** two. For example, to store the position-list:
+**
+** 4 9 113
+**
+** the three varints:
+**
+** 6 7 106
+**
+** are encoded.
+**
+** When this function is called, *pp points to the start of an element of
+** the list. *piPos contains the value of the previous entry in the list.
+** After it returns, *piPos contains the value of the next element of the
+** list and *pp is advanced to the following varint.
+*/
+static void fts3GetDeltaPosition(char **pp, int *piPos){
+ int iVal;
+ *pp += fts3GetVarint32(*pp, &iVal);
+ *piPos += (iVal-2);
+}
+
+/*
+** Helper function for fts3ExprIterate() (see below).
+*/
+static int fts3ExprIterate2(
+ Fts3Expr *pExpr, /* Expression to iterate phrases of */
+ int *piPhrase, /* Pointer to phrase counter */
+ int (*x)(Fts3Expr*,int,void*), /* Callback function to invoke for phrases */
+ void *pCtx /* Second argument to pass to callback */
+){
+ int rc; /* Return code */
+ int eType = pExpr->eType; /* Type of expression node pExpr */
+
+ if( eType!=FTSQUERY_PHRASE ){
+ assert( pExpr->pLeft && pExpr->pRight );
+ rc = fts3ExprIterate2(pExpr->pLeft, piPhrase, x, pCtx);
+ if( rc==SQLITE_OK && eType!=FTSQUERY_NOT ){
+ rc = fts3ExprIterate2(pExpr->pRight, piPhrase, x, pCtx);
+ }
+ }else{
+ rc = x(pExpr, *piPhrase, pCtx);
+ (*piPhrase)++;
+ }
+ return rc;
+}
+
+/*
+** Iterate through all phrase nodes in an FTS3 query, except those that
+** are part of a sub-tree that is the right-hand-side of a NOT operator.
+** For each phrase node found, the supplied callback function is invoked.
+**
+** If the callback function returns anything other than SQLITE_OK,
+** the iteration is abandoned and the error code returned immediately.
+** Otherwise, SQLITE_OK is returned after a callback has been made for
+** all eligible phrase nodes.
+*/
+static int fts3ExprIterate(
+ Fts3Expr *pExpr, /* Expression to iterate phrases of */
+ int (*x)(Fts3Expr*,int,void*), /* Callback function to invoke for phrases */
+ void *pCtx /* Second argument to pass to callback */
+){
+ int iPhrase = 0; /* Variable used as the phrase counter */
+ return fts3ExprIterate2(pExpr, &iPhrase, x, pCtx);
+}
+
+
+/*
+** This is an fts3ExprIterate() callback used while loading the doclists
+** for each phrase into Fts3Expr.aDoclist[]/nDoclist. See also
+** fts3ExprLoadDoclists().
+*/
+static int fts3ExprLoadDoclistsCb(Fts3Expr *pExpr, int iPhrase, void *ctx){
+ int rc = SQLITE_OK;
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ LoadDoclistCtx *p = (LoadDoclistCtx *)ctx;
+
+ UNUSED_PARAMETER(iPhrase);
+
+ p->nPhrase++;
+ p->nToken += pPhrase->nToken;
+
+ return rc;
+}
+
+/*
+** Load the doclists for each phrase in the query associated with FTS3 cursor
+** pCsr.
+**
+** If pnPhrase is not NULL, then *pnPhrase is set to the number of matchable
+** phrases in the expression (all phrases except those directly or
+** indirectly descended from the right-hand-side of a NOT operator). If
+** pnToken is not NULL, then it is set to the number of tokens in all
+** matchable phrases of the expression.
+*/
+static int fts3ExprLoadDoclists(
+ Fts3Cursor *pCsr, /* Fts3 cursor for current query */
+ int *pnPhrase, /* OUT: Number of phrases in query */
+ int *pnToken /* OUT: Number of tokens in query */
+){
+ int rc; /* Return Code */
+ LoadDoclistCtx sCtx = {0,0,0}; /* Context for fts3ExprIterate() */
+ sCtx.pCsr = pCsr;
+ rc = fts3ExprIterate(pCsr->pExpr, fts3ExprLoadDoclistsCb, (void *)&sCtx);
+ if( pnPhrase ) *pnPhrase = sCtx.nPhrase;
+ if( pnToken ) *pnToken = sCtx.nToken;
+ return rc;
+}
+
+static int fts3ExprPhraseCountCb(Fts3Expr *pExpr, int iPhrase, void *ctx){
+ (*(int *)ctx)++;
+ pExpr->iPhrase = iPhrase;
+ return SQLITE_OK;
+}
+static int fts3ExprPhraseCount(Fts3Expr *pExpr){
+ int nPhrase = 0;
+ (void)fts3ExprIterate(pExpr, fts3ExprPhraseCountCb, (void *)&nPhrase);
+ return nPhrase;
+}
+
+/*
+** Advance the position list iterator specified by the first two
+** arguments so that it points to the first element with a value greater
+** than or equal to parameter iNext.
+*/
+static void fts3SnippetAdvance(char **ppIter, int *piIter, int iNext){
+ char *pIter = *ppIter;
+ if( pIter ){
+ int iIter = *piIter;
+
+ while( iIter<iNext ){
+ if( 0==(*pIter & 0xFE) ){
+ iIter = -1;
+ pIter = 0;
+ break;
+ }
+ fts3GetDeltaPosition(&pIter, &iIter);
+ }
+
+ *piIter = iIter;
+ *ppIter = pIter;
+ }
+}
+
+/*
+** Advance the snippet iterator to the next candidate snippet.
+*/
+static int fts3SnippetNextCandidate(SnippetIter *pIter){
+ int i; /* Loop counter */
+
+ if( pIter->iCurrent<0 ){
+ /* The SnippetIter object has just been initialized. The first snippet
+ ** candidate always starts at offset 0 (even if this candidate has a
+ ** score of 0.0).
+ */
+ pIter->iCurrent = 0;
+
+ /* Advance the 'head' iterator of each phrase to the first offset that
+ ** is greater than or equal to (iNext+nSnippet).
+ */
+ for(i=0; i<pIter->nPhrase; i++){
+ SnippetPhrase *pPhrase = &pIter->aPhrase[i];
+ fts3SnippetAdvance(&pPhrase->pHead, &pPhrase->iHead, pIter->nSnippet);
+ }
+ }else{
+ int iStart;
+ int iEnd = 0x7FFFFFFF;
+
+ for(i=0; i<pIter->nPhrase; i++){
+ SnippetPhrase *pPhrase = &pIter->aPhrase[i];
+ if( pPhrase->pHead && pPhrase->iHead<iEnd ){
+ iEnd = pPhrase->iHead;
+ }
+ }
+ if( iEnd==0x7FFFFFFF ){
+ return 1;
+ }
+
+ pIter->iCurrent = iStart = iEnd - pIter->nSnippet + 1;
+ for(i=0; i<pIter->nPhrase; i++){
+ SnippetPhrase *pPhrase = &pIter->aPhrase[i];
+ fts3SnippetAdvance(&pPhrase->pHead, &pPhrase->iHead, iEnd+1);
+ fts3SnippetAdvance(&pPhrase->pTail, &pPhrase->iTail, iStart);
+ }
+ }
+
+ return 0;
+}
+
+/*
+** Retrieve information about the current candidate snippet of snippet
+** iterator pIter.
+*/
+static void fts3SnippetDetails(
+ SnippetIter *pIter, /* Snippet iterator */
+ u64 mCovered, /* Bitmask of phrases already covered */
+ int *piToken, /* OUT: First token of proposed snippet */
+ int *piScore, /* OUT: "Score" for this snippet */
+ u64 *pmCover, /* OUT: Bitmask of phrases covered */
+ u64 *pmHighlight /* OUT: Bitmask of terms to highlight */
+){
+ int iStart = pIter->iCurrent; /* First token of snippet */
+ int iScore = 0; /* Score of this snippet */
+ int i; /* Loop counter */
+ u64 mCover = 0; /* Mask of phrases covered by this snippet */
+ u64 mHighlight = 0; /* Mask of tokens to highlight in snippet */
+
+ for(i=0; i<pIter->nPhrase; i++){
+ SnippetPhrase *pPhrase = &pIter->aPhrase[i];
+ if( pPhrase->pTail ){
+ char *pCsr = pPhrase->pTail;
+ int iCsr = pPhrase->iTail;
+
+ while( iCsr<(iStart+pIter->nSnippet) ){
+ int j;
+ u64 mPhrase = (u64)1 << i;
+ u64 mPos = (u64)1 << (iCsr - iStart);
+ assert( iCsr>=iStart );
+ if( (mCover|mCovered)&mPhrase ){
+ iScore++;
+ }else{
+ iScore += 1000;
+ }
+ mCover |= mPhrase;
+
+ for(j=0; j<pPhrase->nToken; j++){
+ mHighlight |= (mPos>>j);
+ }
+
+ if( 0==(*pCsr & 0x0FE) ) break;
+ fts3GetDeltaPosition(&pCsr, &iCsr);
+ }
+ }
+ }
+
+ /* Set the output variables before returning. */
+ *piToken = iStart;
+ *piScore = iScore;
+ *pmCover = mCover;
+ *pmHighlight = mHighlight;
+}
+
+/*
+** This function is an fts3ExprIterate() callback used by fts3BestSnippet().
+** Each invocation populates an element of the SnippetIter.aPhrase[] array.
+*/
+static int fts3SnippetFindPositions(Fts3Expr *pExpr, int iPhrase, void *ctx){
+ SnippetIter *p = (SnippetIter *)ctx;
+ SnippetPhrase *pPhrase = &p->aPhrase[iPhrase];
+ char *pCsr;
+ int rc;
+
+ pPhrase->nToken = pExpr->pPhrase->nToken;
+ rc = sqlite3Fts3EvalPhrasePoslist(p->pCsr, pExpr, p->iCol, &pCsr);
+ assert( rc==SQLITE_OK || pCsr==0 );
+ if( pCsr ){
+ int iFirst = 0;
+ pPhrase->pList = pCsr;
+ fts3GetDeltaPosition(&pCsr, &iFirst);
+ assert( iFirst>=0 );
+ pPhrase->pHead = pCsr;
+ pPhrase->pTail = pCsr;
+ pPhrase->iHead = iFirst;
+ pPhrase->iTail = iFirst;
+ }else{
+ assert( rc!=SQLITE_OK || (
+ pPhrase->pList==0 && pPhrase->pHead==0 && pPhrase->pTail==0
+ ));
+ }
+
+ return rc;
+}
+
+/*
+** Select the fragment of text consisting of nFragment contiguous tokens
+** from column iCol that represent the "best" snippet. The best snippet
+** is the snippet with the highest score, where scores are calculated
+** by adding:
+**
+** (a) +1 point for each occurrence of a matchable phrase in the snippet.
+**
+** (b) +1000 points for the first occurrence of each matchable phrase in
+** the snippet for which the corresponding mCovered bit is not set.
+**
+** The selected snippet parameters are stored in structure *pFragment before
+** returning. The score of the selected snippet is stored in *piScore
+** before returning.
+*/
+static int fts3BestSnippet(
+ int nSnippet, /* Desired snippet length */
+ Fts3Cursor *pCsr, /* Cursor to create snippet for */
+ int iCol, /* Index of column to create snippet from */
+ u64 mCovered, /* Mask of phrases already covered */
+ u64 *pmSeen, /* IN/OUT: Mask of phrases seen */
+ SnippetFragment *pFragment, /* OUT: Best snippet found */
+ int *piScore /* OUT: Score of snippet pFragment */
+){
+ int rc; /* Return Code */
+ int nList; /* Number of phrases in expression */
+ SnippetIter sIter; /* Iterates through snippet candidates */
+ int nByte; /* Number of bytes of space to allocate */
+ int iBestScore = -1; /* Best snippet score found so far */
+ int i; /* Loop counter */
+
+ memset(&sIter, 0, sizeof(sIter));
+
+ /* Iterate through the phrases in the expression to count them. The same
+ ** callback makes sure the doclists are loaded for each phrase.
+ */
+ rc = fts3ExprLoadDoclists(pCsr, &nList, 0);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* Now that it is known how many phrases there are, allocate and zero
+ ** the required space using malloc().
+ */
+ nByte = sizeof(SnippetPhrase) * nList;
+ sIter.aPhrase = (SnippetPhrase *)sqlite3_malloc(nByte);
+ if( !sIter.aPhrase ){
+ return SQLITE_NOMEM;
+ }
+ memset(sIter.aPhrase, 0, nByte);
+
+ /* Initialize the contents of the SnippetIter object. Then iterate through
+ ** the set of phrases in the expression to populate the aPhrase[] array.
+ */
+ sIter.pCsr = pCsr;
+ sIter.iCol = iCol;
+ sIter.nSnippet = nSnippet;
+ sIter.nPhrase = nList;
+ sIter.iCurrent = -1;
+ rc = fts3ExprIterate(pCsr->pExpr, fts3SnippetFindPositions, (void*)&sIter);
+ if( rc==SQLITE_OK ){
+
+ /* Set the *pmSeen output variable. */
+ for(i=0; i<nList; i++){
+ if( sIter.aPhrase[i].pHead ){
+ *pmSeen |= (u64)1 << i;
+ }
+ }
+
+ /* Loop through all candidate snippets. Store the best snippet in
+ ** *pFragment. Store its associated 'score' in iBestScore.
+ */
+ pFragment->iCol = iCol;
+ while( !fts3SnippetNextCandidate(&sIter) ){
+ int iPos;
+ int iScore;
+ u64 mCover;
+ u64 mHighlite;
+ fts3SnippetDetails(&sIter, mCovered, &iPos, &iScore, &mCover,&mHighlite);
+ assert( iScore>=0 );
+ if( iScore>iBestScore ){
+ pFragment->iPos = iPos;
+ pFragment->hlmask = mHighlite;
+ pFragment->covered = mCover;
+ iBestScore = iScore;
+ }
+ }
+
+ *piScore = iBestScore;
+ }
+ sqlite3_free(sIter.aPhrase);
+ return rc;
+}
+
+
+/*
+** Append a string to the string-buffer passed as the first argument.
+**
+** If nAppend is negative, then the length of the string zAppend is
+** determined using strlen().
+*/
+static int fts3StringAppend(
+ StrBuffer *pStr, /* Buffer to append to */
+ const char *zAppend, /* Pointer to data to append to buffer */
+ int nAppend /* Size of zAppend in bytes (or -1) */
+){
+ if( nAppend<0 ){
+ nAppend = (int)strlen(zAppend);
+ }
+
+ /* If there is insufficient space allocated at StrBuffer.z, use realloc()
+ ** to grow the buffer until so that it is big enough to accomadate the
+ ** appended data.
+ */
+ if( pStr->n+nAppend+1>=pStr->nAlloc ){
+ int nAlloc = pStr->nAlloc+nAppend+100;
+ char *zNew = sqlite3_realloc(pStr->z, nAlloc);
+ if( !zNew ){
+ return SQLITE_NOMEM;
+ }
+ pStr->z = zNew;
+ pStr->nAlloc = nAlloc;
+ }
+ assert( pStr->z!=0 && (pStr->nAlloc >= pStr->n+nAppend+1) );
+
+ /* Append the data to the string buffer. */
+ memcpy(&pStr->z[pStr->n], zAppend, nAppend);
+ pStr->n += nAppend;
+ pStr->z[pStr->n] = '\0';
+
+ return SQLITE_OK;
+}
+
+/*
+** The fts3BestSnippet() function often selects snippets that end with a
+** query term. That is, the final term of the snippet is always a term
+** that requires highlighting. For example, if 'X' is a highlighted term
+** and '.' is a non-highlighted term, BestSnippet() may select:
+**
+** ........X.....X
+**
+** This function "shifts" the beginning of the snippet forward in the
+** document so that there are approximately the same number of
+** non-highlighted terms to the right of the final highlighted term as there
+** are to the left of the first highlighted term. For example, to this:
+**
+** ....X.....X....
+**
+** This is done as part of extracting the snippet text, not when selecting
+** the snippet. Snippet selection is done based on doclists only, so there
+** is no way for fts3BestSnippet() to know whether or not the document
+** actually contains terms that follow the final highlighted term.
+*/
+static int fts3SnippetShift(
+ Fts3Table *pTab, /* FTS3 table snippet comes from */
+ int iLangid, /* Language id to use in tokenizing */
+ int nSnippet, /* Number of tokens desired for snippet */
+ const char *zDoc, /* Document text to extract snippet from */
+ int nDoc, /* Size of buffer zDoc in bytes */
+ int *piPos, /* IN/OUT: First token of snippet */
+ u64 *pHlmask /* IN/OUT: Mask of tokens to highlight */
+){
+ u64 hlmask = *pHlmask; /* Local copy of initial highlight-mask */
+
+ if( hlmask ){
+ int nLeft; /* Tokens to the left of first highlight */
+ int nRight; /* Tokens to the right of last highlight */
+ int nDesired; /* Ideal number of tokens to shift forward */
+
+ for(nLeft=0; !(hlmask & ((u64)1 << nLeft)); nLeft++);
+ for(nRight=0; !(hlmask & ((u64)1 << (nSnippet-1-nRight))); nRight++);
+ nDesired = (nLeft-nRight)/2;
+
+ /* Ideally, the start of the snippet should be pushed forward in the
+ ** document nDesired tokens. This block checks if there are actually
+ ** nDesired tokens to the right of the snippet. If so, *piPos and
+ ** *pHlMask are updated to shift the snippet nDesired tokens to the
+ ** right. Otherwise, the snippet is shifted by the number of tokens
+ ** available.
+ */
+ if( nDesired>0 ){
+ int nShift; /* Number of tokens to shift snippet by */
+ int iCurrent = 0; /* Token counter */
+ int rc; /* Return Code */
+ sqlite3_tokenizer_module *pMod;
+ sqlite3_tokenizer_cursor *pC;
+ pMod = (sqlite3_tokenizer_module *)pTab->pTokenizer->pModule;
+
+ /* Open a cursor on zDoc/nDoc. Check if there are (nSnippet+nDesired)
+ ** or more tokens in zDoc/nDoc.
+ */
+ rc = sqlite3Fts3OpenTokenizer(pTab->pTokenizer, iLangid, zDoc, nDoc, &pC);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ while( rc==SQLITE_OK && iCurrent<(nSnippet+nDesired) ){
+ const char *ZDUMMY; int DUMMY1 = 0, DUMMY2 = 0, DUMMY3 = 0;
+ rc = pMod->xNext(pC, &ZDUMMY, &DUMMY1, &DUMMY2, &DUMMY3, &iCurrent);
+ }
+ pMod->xClose(pC);
+ if( rc!=SQLITE_OK && rc!=SQLITE_DONE ){ return rc; }
+
+ nShift = (rc==SQLITE_DONE)+iCurrent-nSnippet;
+ assert( nShift<=nDesired );
+ if( nShift>0 ){
+ *piPos += nShift;
+ *pHlmask = hlmask >> nShift;
+ }
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Extract the snippet text for fragment pFragment from cursor pCsr and
+** append it to string buffer pOut.
+*/
+static int fts3SnippetText(
+ Fts3Cursor *pCsr, /* FTS3 Cursor */
+ SnippetFragment *pFragment, /* Snippet to extract */
+ int iFragment, /* Fragment number */
+ int isLast, /* True for final fragment in snippet */
+ int nSnippet, /* Number of tokens in extracted snippet */
+ const char *zOpen, /* String inserted before highlighted term */
+ const char *zClose, /* String inserted after highlighted term */
+ const char *zEllipsis, /* String inserted between snippets */
+ StrBuffer *pOut /* Write output here */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int rc; /* Return code */
+ const char *zDoc; /* Document text to extract snippet from */
+ int nDoc; /* Size of zDoc in bytes */
+ int iCurrent = 0; /* Current token number of document */
+ int iEnd = 0; /* Byte offset of end of current token */
+ int isShiftDone = 0; /* True after snippet is shifted */
+ int iPos = pFragment->iPos; /* First token of snippet */
+ u64 hlmask = pFragment->hlmask; /* Highlight-mask for snippet */
+ int iCol = pFragment->iCol+1; /* Query column to extract text from */
+ sqlite3_tokenizer_module *pMod; /* Tokenizer module methods object */
+ sqlite3_tokenizer_cursor *pC; /* Tokenizer cursor open on zDoc/nDoc */
+
+ zDoc = (const char *)sqlite3_column_text(pCsr->pStmt, iCol);
+ if( zDoc==0 ){
+ if( sqlite3_column_type(pCsr->pStmt, iCol)!=SQLITE_NULL ){
+ return SQLITE_NOMEM;
+ }
+ return SQLITE_OK;
+ }
+ nDoc = sqlite3_column_bytes(pCsr->pStmt, iCol);
+
+ /* Open a token cursor on the document. */
+ pMod = (sqlite3_tokenizer_module *)pTab->pTokenizer->pModule;
+ rc = sqlite3Fts3OpenTokenizer(pTab->pTokenizer, pCsr->iLangid, zDoc,nDoc,&pC);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ while( rc==SQLITE_OK ){
+ const char *ZDUMMY; /* Dummy argument used with tokenizer */
+ int DUMMY1 = -1; /* Dummy argument used with tokenizer */
+ int iBegin = 0; /* Offset in zDoc of start of token */
+ int iFin = 0; /* Offset in zDoc of end of token */
+ int isHighlight = 0; /* True for highlighted terms */
+
+ /* Variable DUMMY1 is initialized to a negative value above. Elsewhere
+ ** in the FTS code the variable that the third argument to xNext points to
+ ** is initialized to zero before the first (*but not necessarily
+ ** subsequent*) call to xNext(). This is done for a particular application
+ ** that needs to know whether or not the tokenizer is being used for
+ ** snippet generation or for some other purpose.
+ **
+ ** Extreme care is required when writing code to depend on this
+ ** initialization. It is not a documented part of the tokenizer interface.
+ ** If a tokenizer is used directly by any code outside of FTS, this
+ ** convention might not be respected. */
+ rc = pMod->xNext(pC, &ZDUMMY, &DUMMY1, &iBegin, &iFin, &iCurrent);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_DONE ){
+ /* Special case - the last token of the snippet is also the last token
+ ** of the column. Append any punctuation that occurred between the end
+ ** of the previous token and the end of the document to the output.
+ ** Then break out of the loop. */
+ rc = fts3StringAppend(pOut, &zDoc[iEnd], -1);
+ }
+ break;
+ }
+ if( iCurrent<iPos ){ continue; }
+
+ if( !isShiftDone ){
+ int n = nDoc - iBegin;
+ rc = fts3SnippetShift(
+ pTab, pCsr->iLangid, nSnippet, &zDoc[iBegin], n, &iPos, &hlmask
+ );
+ isShiftDone = 1;
+
+ /* Now that the shift has been done, check if the initial "..." are
+ ** required. They are required if (a) this is not the first fragment,
+ ** or (b) this fragment does not begin at position 0 of its column.
+ */
+ if( rc==SQLITE_OK ){
+ if( iPos>0 || iFragment>0 ){
+ rc = fts3StringAppend(pOut, zEllipsis, -1);
+ }else if( iBegin ){
+ rc = fts3StringAppend(pOut, zDoc, iBegin);
+ }
+ }
+ if( rc!=SQLITE_OK || iCurrent<iPos ) continue;
+ }
+
+ if( iCurrent>=(iPos+nSnippet) ){
+ if( isLast ){
+ rc = fts3StringAppend(pOut, zEllipsis, -1);
+ }
+ break;
+ }
+
+ /* Set isHighlight to true if this term should be highlighted. */
+ isHighlight = (hlmask & ((u64)1 << (iCurrent-iPos)))!=0;
+
+ if( iCurrent>iPos ) rc = fts3StringAppend(pOut, &zDoc[iEnd], iBegin-iEnd);
+ if( rc==SQLITE_OK && isHighlight ) rc = fts3StringAppend(pOut, zOpen, -1);
+ if( rc==SQLITE_OK ) rc = fts3StringAppend(pOut, &zDoc[iBegin], iFin-iBegin);
+ if( rc==SQLITE_OK && isHighlight ) rc = fts3StringAppend(pOut, zClose, -1);
+
+ iEnd = iFin;
+ }
+
+ pMod->xClose(pC);
+ return rc;
+}
+
+
+/*
+** This function is used to count the entries in a column-list (a
+** delta-encoded list of term offsets within a single column of a single
+** row). When this function is called, *ppCollist should point to the
+** beginning of the first varint in the column-list (the varint that
+** contains the position of the first matching term in the column data).
+** Before returning, *ppCollist is set to point to the first byte after
+** the last varint in the column-list (either the 0x00 signifying the end
+** of the position-list, or the 0x01 that precedes the column number of
+** the next column in the position-list).
+**
+** The number of elements in the column-list is returned.
+*/
+static int fts3ColumnlistCount(char **ppCollist){
+ char *pEnd = *ppCollist;
+ char c = 0;
+ int nEntry = 0;
+
+ /* A column-list is terminated by either a 0x01 or 0x00. */
+ while( 0xFE & (*pEnd | c) ){
+ c = *pEnd++ & 0x80;
+ if( !c ) nEntry++;
+ }
+
+ *ppCollist = pEnd;
+ return nEntry;
+}
+
+/*
+** This function gathers 'y' or 'b' data for a single phrase.
+*/
+static void fts3ExprLHits(
+ Fts3Expr *pExpr, /* Phrase expression node */
+ MatchInfo *p /* Matchinfo context */
+){
+ Fts3Table *pTab = (Fts3Table *)p->pCursor->base.pVtab;
+ int iStart;
+ Fts3Phrase *pPhrase = pExpr->pPhrase;
+ char *pIter = pPhrase->doclist.pList;
+ int iCol = 0;
+
+ assert( p->flag==FTS3_MATCHINFO_LHITS_BM || p->flag==FTS3_MATCHINFO_LHITS );
+ if( p->flag==FTS3_MATCHINFO_LHITS ){
+ iStart = pExpr->iPhrase * p->nCol;
+ }else{
+ iStart = pExpr->iPhrase * ((p->nCol + 31) / 32);
+ }
+
+ while( 1 ){
+ int nHit = fts3ColumnlistCount(&pIter);
+ if( (pPhrase->iColumn>=pTab->nColumn || pPhrase->iColumn==iCol) ){
+ if( p->flag==FTS3_MATCHINFO_LHITS ){
+ p->aMatchinfo[iStart + iCol] = (u32)nHit;
+ }else if( nHit ){
+ p->aMatchinfo[iStart + (iCol+1)/32] |= (1 << (iCol&0x1F));
+ }
+ }
+ assert( *pIter==0x00 || *pIter==0x01 );
+ if( *pIter!=0x01 ) break;
+ pIter++;
+ pIter += fts3GetVarint32(pIter, &iCol);
+ }
+}
+
+/*
+** Gather the results for matchinfo directives 'y' and 'b'.
+*/
+static void fts3ExprLHitGather(
+ Fts3Expr *pExpr,
+ MatchInfo *p
+){
+ assert( (pExpr->pLeft==0)==(pExpr->pRight==0) );
+ if( pExpr->bEof==0 && pExpr->iDocid==p->pCursor->iPrevId ){
+ if( pExpr->pLeft ){
+ fts3ExprLHitGather(pExpr->pLeft, p);
+ fts3ExprLHitGather(pExpr->pRight, p);
+ }else{
+ fts3ExprLHits(pExpr, p);
+ }
+ }
+}
+
+/*
+** fts3ExprIterate() callback used to collect the "global" matchinfo stats
+** for a single query.
+**
+** fts3ExprIterate() callback to load the 'global' elements of a
+** FTS3_MATCHINFO_HITS matchinfo array. The global stats are those elements
+** of the matchinfo array that are constant for all rows returned by the
+** current query.
+**
+** Argument pCtx is actually a pointer to a struct of type MatchInfo. This
+** function populates Matchinfo.aMatchinfo[] as follows:
+**
+** for(iCol=0; iCol<nCol; iCol++){
+** aMatchinfo[3*iPhrase*nCol + 3*iCol + 1] = X;
+** aMatchinfo[3*iPhrase*nCol + 3*iCol + 2] = Y;
+** }
+**
+** where X is the number of matches for phrase iPhrase is column iCol of all
+** rows of the table. Y is the number of rows for which column iCol contains
+** at least one instance of phrase iPhrase.
+**
+** If the phrase pExpr consists entirely of deferred tokens, then all X and
+** Y values are set to nDoc, where nDoc is the number of documents in the
+** file system. This is done because the full-text index doclist is required
+** to calculate these values properly, and the full-text index doclist is
+** not available for deferred tokens.
+*/
+static int fts3ExprGlobalHitsCb(
+ Fts3Expr *pExpr, /* Phrase expression node */
+ int iPhrase, /* Phrase number (numbered from zero) */
+ void *pCtx /* Pointer to MatchInfo structure */
+){
+ MatchInfo *p = (MatchInfo *)pCtx;
+ return sqlite3Fts3EvalPhraseStats(
+ p->pCursor, pExpr, &p->aMatchinfo[3*iPhrase*p->nCol]
+ );
+}
+
+/*
+** fts3ExprIterate() callback used to collect the "local" part of the
+** FTS3_MATCHINFO_HITS array. The local stats are those elements of the
+** array that are different for each row returned by the query.
+*/
+static int fts3ExprLocalHitsCb(
+ Fts3Expr *pExpr, /* Phrase expression node */
+ int iPhrase, /* Phrase number */
+ void *pCtx /* Pointer to MatchInfo structure */
+){
+ int rc = SQLITE_OK;
+ MatchInfo *p = (MatchInfo *)pCtx;
+ int iStart = iPhrase * p->nCol * 3;
+ int i;
+
+ for(i=0; i<p->nCol && rc==SQLITE_OK; i++){
+ char *pCsr;
+ rc = sqlite3Fts3EvalPhrasePoslist(p->pCursor, pExpr, i, &pCsr);
+ if( pCsr ){
+ p->aMatchinfo[iStart+i*3] = fts3ColumnlistCount(&pCsr);
+ }else{
+ p->aMatchinfo[iStart+i*3] = 0;
+ }
+ }
+
+ return rc;
+}
+
+static int fts3MatchinfoCheck(
+ Fts3Table *pTab,
+ char cArg,
+ char **pzErr
+){
+ if( (cArg==FTS3_MATCHINFO_NPHRASE)
+ || (cArg==FTS3_MATCHINFO_NCOL)
+ || (cArg==FTS3_MATCHINFO_NDOC && pTab->bFts4)
+ || (cArg==FTS3_MATCHINFO_AVGLENGTH && pTab->bFts4)
+ || (cArg==FTS3_MATCHINFO_LENGTH && pTab->bHasDocsize)
+ || (cArg==FTS3_MATCHINFO_LCS)
+ || (cArg==FTS3_MATCHINFO_HITS)
+ || (cArg==FTS3_MATCHINFO_LHITS)
+ || (cArg==FTS3_MATCHINFO_LHITS_BM)
+ ){
+ return SQLITE_OK;
+ }
+ sqlite3Fts3ErrMsg(pzErr, "unrecognized matchinfo request: %c", cArg);
+ return SQLITE_ERROR;
+}
+
+static int fts3MatchinfoSize(MatchInfo *pInfo, char cArg){
+ int nVal; /* Number of integers output by cArg */
+
+ switch( cArg ){
+ case FTS3_MATCHINFO_NDOC:
+ case FTS3_MATCHINFO_NPHRASE:
+ case FTS3_MATCHINFO_NCOL:
+ nVal = 1;
+ break;
+
+ case FTS3_MATCHINFO_AVGLENGTH:
+ case FTS3_MATCHINFO_LENGTH:
+ case FTS3_MATCHINFO_LCS:
+ nVal = pInfo->nCol;
+ break;
+
+ case FTS3_MATCHINFO_LHITS:
+ nVal = pInfo->nCol * pInfo->nPhrase;
+ break;
+
+ case FTS3_MATCHINFO_LHITS_BM:
+ nVal = pInfo->nPhrase * ((pInfo->nCol + 31) / 32);
+ break;
+
+ default:
+ assert( cArg==FTS3_MATCHINFO_HITS );
+ nVal = pInfo->nCol * pInfo->nPhrase * 3;
+ break;
+ }
+
+ return nVal;
+}
+
+static int fts3MatchinfoSelectDoctotal(
+ Fts3Table *pTab,
+ sqlite3_stmt **ppStmt,
+ sqlite3_int64 *pnDoc,
+ const char **paLen
+){
+ sqlite3_stmt *pStmt;
+ const char *a;
+ sqlite3_int64 nDoc;
+
+ if( !*ppStmt ){
+ int rc = sqlite3Fts3SelectDoctotal(pTab, ppStmt);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ pStmt = *ppStmt;
+ assert( sqlite3_data_count(pStmt)==1 );
+
+ a = sqlite3_column_blob(pStmt, 0);
+ a += sqlite3Fts3GetVarint(a, &nDoc);
+ if( nDoc==0 ) return FTS_CORRUPT_VTAB;
+ *pnDoc = (u32)nDoc;
+
+ if( paLen ) *paLen = a;
+ return SQLITE_OK;
+}
+
+/*
+** An instance of the following structure is used to store state while
+** iterating through a multi-column position-list corresponding to the
+** hits for a single phrase on a single row in order to calculate the
+** values for a matchinfo() FTS3_MATCHINFO_LCS request.
+*/
+typedef struct LcsIterator LcsIterator;
+struct LcsIterator {
+ Fts3Expr *pExpr; /* Pointer to phrase expression */
+ int iPosOffset; /* Tokens count up to end of this phrase */
+ char *pRead; /* Cursor used to iterate through aDoclist */
+ int iPos; /* Current position */
+};
+
+/*
+** If LcsIterator.iCol is set to the following value, the iterator has
+** finished iterating through all offsets for all columns.
+*/
+#define LCS_ITERATOR_FINISHED 0x7FFFFFFF;
+
+static int fts3MatchinfoLcsCb(
+ Fts3Expr *pExpr, /* Phrase expression node */
+ int iPhrase, /* Phrase number (numbered from zero) */
+ void *pCtx /* Pointer to MatchInfo structure */
+){
+ LcsIterator *aIter = (LcsIterator *)pCtx;
+ aIter[iPhrase].pExpr = pExpr;
+ return SQLITE_OK;
+}
+
+/*
+** Advance the iterator passed as an argument to the next position. Return
+** 1 if the iterator is at EOF or if it now points to the start of the
+** position list for the next column.
+*/
+static int fts3LcsIteratorAdvance(LcsIterator *pIter){
+ char *pRead = pIter->pRead;
+ sqlite3_int64 iRead;
+ int rc = 0;
+
+ pRead += sqlite3Fts3GetVarint(pRead, &iRead);
+ if( iRead==0 || iRead==1 ){
+ pRead = 0;
+ rc = 1;
+ }else{
+ pIter->iPos += (int)(iRead-2);
+ }
+
+ pIter->pRead = pRead;
+ return rc;
+}
+
+/*
+** This function implements the FTS3_MATCHINFO_LCS matchinfo() flag.
+**
+** If the call is successful, the longest-common-substring lengths for each
+** column are written into the first nCol elements of the pInfo->aMatchinfo[]
+** array before returning. SQLITE_OK is returned in this case.
+**
+** Otherwise, if an error occurs, an SQLite error code is returned and the
+** data written to the first nCol elements of pInfo->aMatchinfo[] is
+** undefined.
+*/
+static int fts3MatchinfoLcs(Fts3Cursor *pCsr, MatchInfo *pInfo){
+ LcsIterator *aIter;
+ int i;
+ int iCol;
+ int nToken = 0;
+
+ /* Allocate and populate the array of LcsIterator objects. The array
+ ** contains one element for each matchable phrase in the query.
+ **/
+ aIter = sqlite3_malloc(sizeof(LcsIterator) * pCsr->nPhrase);
+ if( !aIter ) return SQLITE_NOMEM;
+ memset(aIter, 0, sizeof(LcsIterator) * pCsr->nPhrase);
+ (void)fts3ExprIterate(pCsr->pExpr, fts3MatchinfoLcsCb, (void*)aIter);
+
+ for(i=0; i<pInfo->nPhrase; i++){
+ LcsIterator *pIter = &aIter[i];
+ nToken -= pIter->pExpr->pPhrase->nToken;
+ pIter->iPosOffset = nToken;
+ }
+
+ for(iCol=0; iCol<pInfo->nCol; iCol++){
+ int nLcs = 0; /* LCS value for this column */
+ int nLive = 0; /* Number of iterators in aIter not at EOF */
+
+ for(i=0; i<pInfo->nPhrase; i++){
+ int rc;
+ LcsIterator *pIt = &aIter[i];
+ rc = sqlite3Fts3EvalPhrasePoslist(pCsr, pIt->pExpr, iCol, &pIt->pRead);
+ if( rc!=SQLITE_OK ) return rc;
+ if( pIt->pRead ){
+ pIt->iPos = pIt->iPosOffset;
+ fts3LcsIteratorAdvance(&aIter[i]);
+ nLive++;
+ }
+ }
+
+ while( nLive>0 ){
+ LcsIterator *pAdv = 0; /* The iterator to advance by one position */
+ int nThisLcs = 0; /* LCS for the current iterator positions */
+
+ for(i=0; i<pInfo->nPhrase; i++){
+ LcsIterator *pIter = &aIter[i];
+ if( pIter->pRead==0 ){
+ /* This iterator is already at EOF for this column. */
+ nThisLcs = 0;
+ }else{
+ if( pAdv==0 || pIter->iPos<pAdv->iPos ){
+ pAdv = pIter;
+ }
+ if( nThisLcs==0 || pIter->iPos==pIter[-1].iPos ){
+ nThisLcs++;
+ }else{
+ nThisLcs = 1;
+ }
+ if( nThisLcs>nLcs ) nLcs = nThisLcs;
+ }
+ }
+ if( fts3LcsIteratorAdvance(pAdv) ) nLive--;
+ }
+
+ pInfo->aMatchinfo[iCol] = nLcs;
+ }
+
+ sqlite3_free(aIter);
+ return SQLITE_OK;
+}
+
+/*
+** Populate the buffer pInfo->aMatchinfo[] with an array of integers to
+** be returned by the matchinfo() function. Argument zArg contains the
+** format string passed as the second argument to matchinfo (or the
+** default value "pcx" if no second argument was specified). The format
+** string has already been validated and the pInfo->aMatchinfo[] array
+** is guaranteed to be large enough for the output.
+**
+** If bGlobal is true, then populate all fields of the matchinfo() output.
+** If it is false, then assume that those fields that do not change between
+** rows (i.e. FTS3_MATCHINFO_NPHRASE, NCOL, NDOC, AVGLENGTH and part of HITS)
+** have already been populated.
+**
+** Return SQLITE_OK if successful, or an SQLite error code if an error
+** occurs. If a value other than SQLITE_OK is returned, the state the
+** pInfo->aMatchinfo[] buffer is left in is undefined.
+*/
+static int fts3MatchinfoValues(
+ Fts3Cursor *pCsr, /* FTS3 cursor object */
+ int bGlobal, /* True to grab the global stats */
+ MatchInfo *pInfo, /* Matchinfo context object */
+ const char *zArg /* Matchinfo format string */
+){
+ int rc = SQLITE_OK;
+ int i;
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ sqlite3_stmt *pSelect = 0;
+
+ for(i=0; rc==SQLITE_OK && zArg[i]; i++){
+ pInfo->flag = zArg[i];
+ switch( zArg[i] ){
+ case FTS3_MATCHINFO_NPHRASE:
+ if( bGlobal ) pInfo->aMatchinfo[0] = pInfo->nPhrase;
+ break;
+
+ case FTS3_MATCHINFO_NCOL:
+ if( bGlobal ) pInfo->aMatchinfo[0] = pInfo->nCol;
+ break;
+
+ case FTS3_MATCHINFO_NDOC:
+ if( bGlobal ){
+ sqlite3_int64 nDoc = 0;
+ rc = fts3MatchinfoSelectDoctotal(pTab, &pSelect, &nDoc, 0);
+ pInfo->aMatchinfo[0] = (u32)nDoc;
+ }
+ break;
+
+ case FTS3_MATCHINFO_AVGLENGTH:
+ if( bGlobal ){
+ sqlite3_int64 nDoc; /* Number of rows in table */
+ const char *a; /* Aggregate column length array */
+
+ rc = fts3MatchinfoSelectDoctotal(pTab, &pSelect, &nDoc, &a);
+ if( rc==SQLITE_OK ){
+ int iCol;
+ for(iCol=0; iCol<pInfo->nCol; iCol++){
+ u32 iVal;
+ sqlite3_int64 nToken;
+ a += sqlite3Fts3GetVarint(a, &nToken);
+ iVal = (u32)(((u32)(nToken&0xffffffff)+nDoc/2)/nDoc);
+ pInfo->aMatchinfo[iCol] = iVal;
+ }
+ }
+ }
+ break;
+
+ case FTS3_MATCHINFO_LENGTH: {
+ sqlite3_stmt *pSelectDocsize = 0;
+ rc = sqlite3Fts3SelectDocsize(pTab, pCsr->iPrevId, &pSelectDocsize);
+ if( rc==SQLITE_OK ){
+ int iCol;
+ const char *a = sqlite3_column_blob(pSelectDocsize, 0);
+ for(iCol=0; iCol<pInfo->nCol; iCol++){
+ sqlite3_int64 nToken;
+ a += sqlite3Fts3GetVarint(a, &nToken);
+ pInfo->aMatchinfo[iCol] = (u32)nToken;
+ }
+ }
+ sqlite3_reset(pSelectDocsize);
+ break;
+ }
+
+ case FTS3_MATCHINFO_LCS:
+ rc = fts3ExprLoadDoclists(pCsr, 0, 0);
+ if( rc==SQLITE_OK ){
+ rc = fts3MatchinfoLcs(pCsr, pInfo);
+ }
+ break;
+
+ case FTS3_MATCHINFO_LHITS_BM:
+ case FTS3_MATCHINFO_LHITS: {
+ int nZero = fts3MatchinfoSize(pInfo, zArg[i]) * sizeof(u32);
+ memset(pInfo->aMatchinfo, 0, nZero);
+ fts3ExprLHitGather(pCsr->pExpr, pInfo);
+ break;
+ }
+
+ default: {
+ Fts3Expr *pExpr;
+ assert( zArg[i]==FTS3_MATCHINFO_HITS );
+ pExpr = pCsr->pExpr;
+ rc = fts3ExprLoadDoclists(pCsr, 0, 0);
+ if( rc!=SQLITE_OK ) break;
+ if( bGlobal ){
+ if( pCsr->pDeferred ){
+ rc = fts3MatchinfoSelectDoctotal(pTab, &pSelect, &pInfo->nDoc, 0);
+ if( rc!=SQLITE_OK ) break;
+ }
+ rc = fts3ExprIterate(pExpr, fts3ExprGlobalHitsCb,(void*)pInfo);
+ sqlite3Fts3EvalTestDeferred(pCsr, &rc);
+ if( rc!=SQLITE_OK ) break;
+ }
+ (void)fts3ExprIterate(pExpr, fts3ExprLocalHitsCb,(void*)pInfo);
+ break;
+ }
+ }
+
+ pInfo->aMatchinfo += fts3MatchinfoSize(pInfo, zArg[i]);
+ }
+
+ sqlite3_reset(pSelect);
+ return rc;
+}
+
+
+/*
+** Populate pCsr->aMatchinfo[] with data for the current row. The
+** 'matchinfo' data is an array of 32-bit unsigned integers (C type u32).
+*/
+static void fts3GetMatchinfo(
+ sqlite3_context *pCtx, /* Return results here */
+ Fts3Cursor *pCsr, /* FTS3 Cursor object */
+ const char *zArg /* Second argument to matchinfo() function */
+){
+ MatchInfo sInfo;
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int rc = SQLITE_OK;
+ int bGlobal = 0; /* Collect 'global' stats as well as local */
+
+ u32 *aOut = 0;
+ void (*xDestroyOut)(void*) = 0;
+
+ memset(&sInfo, 0, sizeof(MatchInfo));
+ sInfo.pCursor = pCsr;
+ sInfo.nCol = pTab->nColumn;
+
+ /* If there is cached matchinfo() data, but the format string for the
+ ** cache does not match the format string for this request, discard
+ ** the cached data. */
+ if( pCsr->pMIBuffer && strcmp(pCsr->pMIBuffer->zMatchinfo, zArg) ){
+ sqlite3Fts3MIBufferFree(pCsr->pMIBuffer);
+ pCsr->pMIBuffer = 0;
+ }
+
+ /* If Fts3Cursor.pMIBuffer is NULL, then this is the first time the
+ ** matchinfo function has been called for this query. In this case
+ ** allocate the array used to accumulate the matchinfo data and
+ ** initialize those elements that are constant for every row.
+ */
+ if( pCsr->pMIBuffer==0 ){
+ int nMatchinfo = 0; /* Number of u32 elements in match-info */
+ int i; /* Used to iterate through zArg */
+
+ /* Determine the number of phrases in the query */
+ pCsr->nPhrase = fts3ExprPhraseCount(pCsr->pExpr);
+ sInfo.nPhrase = pCsr->nPhrase;
+
+ /* Determine the number of integers in the buffer returned by this call. */
+ for(i=0; zArg[i]; i++){
+ char *zErr = 0;
+ if( fts3MatchinfoCheck(pTab, zArg[i], &zErr) ){
+ sqlite3_result_error(pCtx, zErr, -1);
+ sqlite3_free(zErr);
+ return;
+ }
+ nMatchinfo += fts3MatchinfoSize(&sInfo, zArg[i]);
+ }
+
+ /* Allocate space for Fts3Cursor.aMatchinfo[] and Fts3Cursor.zMatchinfo. */
+ pCsr->pMIBuffer = fts3MIBufferNew(nMatchinfo, zArg);
+ if( !pCsr->pMIBuffer ) rc = SQLITE_NOMEM;
+
+ pCsr->isMatchinfoNeeded = 1;
+ bGlobal = 1;
+ }
+
+ if( rc==SQLITE_OK ){
+ xDestroyOut = fts3MIBufferAlloc(pCsr->pMIBuffer, &aOut);
+ if( xDestroyOut==0 ){
+ rc = SQLITE_NOMEM;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ sInfo.aMatchinfo = aOut;
+ sInfo.nPhrase = pCsr->nPhrase;
+ rc = fts3MatchinfoValues(pCsr, bGlobal, &sInfo, zArg);
+ if( bGlobal ){
+ fts3MIBufferSetGlobal(pCsr->pMIBuffer);
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_result_error_code(pCtx, rc);
+ if( xDestroyOut ) xDestroyOut(aOut);
+ }else{
+ int n = pCsr->pMIBuffer->nElem * sizeof(u32);
+ sqlite3_result_blob(pCtx, aOut, n, xDestroyOut);
+ }
+}
+
+/*
+** Implementation of snippet() function.
+*/
+SQLITE_PRIVATE void sqlite3Fts3Snippet(
+ sqlite3_context *pCtx, /* SQLite function call context */
+ Fts3Cursor *pCsr, /* Cursor object */
+ const char *zStart, /* Snippet start text - "<b>" */
+ const char *zEnd, /* Snippet end text - "</b>" */
+ const char *zEllipsis, /* Snippet ellipsis text - "<b>...</b>" */
+ int iCol, /* Extract snippet from this column */
+ int nToken /* Approximate number of tokens in snippet */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ int rc = SQLITE_OK;
+ int i;
+ StrBuffer res = {0, 0, 0};
+
+ /* The returned text includes up to four fragments of text extracted from
+ ** the data in the current row. The first iteration of the for(...) loop
+ ** below attempts to locate a single fragment of text nToken tokens in
+ ** size that contains at least one instance of all phrases in the query
+ ** expression that appear in the current row. If such a fragment of text
+ ** cannot be found, the second iteration of the loop attempts to locate
+ ** a pair of fragments, and so on.
+ */
+ int nSnippet = 0; /* Number of fragments in this snippet */
+ SnippetFragment aSnippet[4]; /* Maximum of 4 fragments per snippet */
+ int nFToken = -1; /* Number of tokens in each fragment */
+
+ if( !pCsr->pExpr ){
+ sqlite3_result_text(pCtx, "", 0, SQLITE_STATIC);
+ return;
+ }
+
+ for(nSnippet=1; 1; nSnippet++){
+
+ int iSnip; /* Loop counter 0..nSnippet-1 */
+ u64 mCovered = 0; /* Bitmask of phrases covered by snippet */
+ u64 mSeen = 0; /* Bitmask of phrases seen by BestSnippet() */
+
+ if( nToken>=0 ){
+ nFToken = (nToken+nSnippet-1) / nSnippet;
+ }else{
+ nFToken = -1 * nToken;
+ }
+
+ for(iSnip=0; iSnip<nSnippet; iSnip++){
+ int iBestScore = -1; /* Best score of columns checked so far */
+ int iRead; /* Used to iterate through columns */
+ SnippetFragment *pFragment = &aSnippet[iSnip];
+
+ memset(pFragment, 0, sizeof(*pFragment));
+
+ /* Loop through all columns of the table being considered for snippets.
+ ** If the iCol argument to this function was negative, this means all
+ ** columns of the FTS3 table. Otherwise, only column iCol is considered.
+ */
+ for(iRead=0; iRead<pTab->nColumn; iRead++){
+ SnippetFragment sF = {0, 0, 0, 0};
+ int iS = 0;
+ if( iCol>=0 && iRead!=iCol ) continue;
+
+ /* Find the best snippet of nFToken tokens in column iRead. */
+ rc = fts3BestSnippet(nFToken, pCsr, iRead, mCovered, &mSeen, &sF, &iS);
+ if( rc!=SQLITE_OK ){
+ goto snippet_out;
+ }
+ if( iS>iBestScore ){
+ *pFragment = sF;
+ iBestScore = iS;
+ }
+ }
+
+ mCovered |= pFragment->covered;
+ }
+
+ /* If all query phrases seen by fts3BestSnippet() are present in at least
+ ** one of the nSnippet snippet fragments, break out of the loop.
+ */
+ assert( (mCovered&mSeen)==mCovered );
+ if( mSeen==mCovered || nSnippet==SizeofArray(aSnippet) ) break;
+ }
+
+ assert( nFToken>0 );
+
+ for(i=0; i<nSnippet && rc==SQLITE_OK; i++){
+ rc = fts3SnippetText(pCsr, &aSnippet[i],
+ i, (i==nSnippet-1), nFToken, zStart, zEnd, zEllipsis, &res
+ );
+ }
+
+ snippet_out:
+ sqlite3Fts3SegmentsClose(pTab);
+ if( rc!=SQLITE_OK ){
+ sqlite3_result_error_code(pCtx, rc);
+ sqlite3_free(res.z);
+ }else{
+ sqlite3_result_text(pCtx, res.z, -1, sqlite3_free);
+ }
+}
+
+
+typedef struct TermOffset TermOffset;
+typedef struct TermOffsetCtx TermOffsetCtx;
+
+struct TermOffset {
+ char *pList; /* Position-list */
+ int iPos; /* Position just read from pList */
+ int iOff; /* Offset of this term from read positions */
+};
+
+struct TermOffsetCtx {
+ Fts3Cursor *pCsr;
+ int iCol; /* Column of table to populate aTerm for */
+ int iTerm;
+ sqlite3_int64 iDocid;
+ TermOffset *aTerm;
+};
+
+/*
+** This function is an fts3ExprIterate() callback used by sqlite3Fts3Offsets().
+*/
+static int fts3ExprTermOffsetInit(Fts3Expr *pExpr, int iPhrase, void *ctx){
+ TermOffsetCtx *p = (TermOffsetCtx *)ctx;
+ int nTerm; /* Number of tokens in phrase */
+ int iTerm; /* For looping through nTerm phrase terms */
+ char *pList; /* Pointer to position list for phrase */
+ int iPos = 0; /* First position in position-list */
+ int rc;
+
+ UNUSED_PARAMETER(iPhrase);
+ rc = sqlite3Fts3EvalPhrasePoslist(p->pCsr, pExpr, p->iCol, &pList);
+ nTerm = pExpr->pPhrase->nToken;
+ if( pList ){
+ fts3GetDeltaPosition(&pList, &iPos);
+ assert( iPos>=0 );
+ }
+
+ for(iTerm=0; iTerm<nTerm; iTerm++){
+ TermOffset *pT = &p->aTerm[p->iTerm++];
+ pT->iOff = nTerm-iTerm-1;
+ pT->pList = pList;
+ pT->iPos = iPos;
+ }
+
+ return rc;
+}
+
+/*
+** Implementation of offsets() function.
+*/
+SQLITE_PRIVATE void sqlite3Fts3Offsets(
+ sqlite3_context *pCtx, /* SQLite function call context */
+ Fts3Cursor *pCsr /* Cursor object */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ sqlite3_tokenizer_module const *pMod = pTab->pTokenizer->pModule;
+ int rc; /* Return Code */
+ int nToken; /* Number of tokens in query */
+ int iCol; /* Column currently being processed */
+ StrBuffer res = {0, 0, 0}; /* Result string */
+ TermOffsetCtx sCtx; /* Context for fts3ExprTermOffsetInit() */
+
+ if( !pCsr->pExpr ){
+ sqlite3_result_text(pCtx, "", 0, SQLITE_STATIC);
+ return;
+ }
+
+ memset(&sCtx, 0, sizeof(sCtx));
+ assert( pCsr->isRequireSeek==0 );
+
+ /* Count the number of terms in the query */
+ rc = fts3ExprLoadDoclists(pCsr, 0, &nToken);
+ if( rc!=SQLITE_OK ) goto offsets_out;
+
+ /* Allocate the array of TermOffset iterators. */
+ sCtx.aTerm = (TermOffset *)sqlite3_malloc(sizeof(TermOffset)*nToken);
+ if( 0==sCtx.aTerm ){
+ rc = SQLITE_NOMEM;
+ goto offsets_out;
+ }
+ sCtx.iDocid = pCsr->iPrevId;
+ sCtx.pCsr = pCsr;
+
+ /* Loop through the table columns, appending offset information to
+ ** string-buffer res for each column.
+ */
+ for(iCol=0; iCol<pTab->nColumn; iCol++){
+ sqlite3_tokenizer_cursor *pC; /* Tokenizer cursor */
+ const char *ZDUMMY; /* Dummy argument used with xNext() */
+ int NDUMMY = 0; /* Dummy argument used with xNext() */
+ int iStart = 0;
+ int iEnd = 0;
+ int iCurrent = 0;
+ const char *zDoc;
+ int nDoc;
+
+ /* Initialize the contents of sCtx.aTerm[] for column iCol. There is
+ ** no way that this operation can fail, so the return code from
+ ** fts3ExprIterate() can be discarded.
+ */
+ sCtx.iCol = iCol;
+ sCtx.iTerm = 0;
+ (void)fts3ExprIterate(pCsr->pExpr, fts3ExprTermOffsetInit, (void*)&sCtx);
+
+ /* Retreive the text stored in column iCol. If an SQL NULL is stored
+ ** in column iCol, jump immediately to the next iteration of the loop.
+ ** If an OOM occurs while retrieving the data (this can happen if SQLite
+ ** needs to transform the data from utf-16 to utf-8), return SQLITE_NOMEM
+ ** to the caller.
+ */
+ zDoc = (const char *)sqlite3_column_text(pCsr->pStmt, iCol+1);
+ nDoc = sqlite3_column_bytes(pCsr->pStmt, iCol+1);
+ if( zDoc==0 ){
+ if( sqlite3_column_type(pCsr->pStmt, iCol+1)==SQLITE_NULL ){
+ continue;
+ }
+ rc = SQLITE_NOMEM;
+ goto offsets_out;
+ }
+
+ /* Initialize a tokenizer iterator to iterate through column iCol. */
+ rc = sqlite3Fts3OpenTokenizer(pTab->pTokenizer, pCsr->iLangid,
+ zDoc, nDoc, &pC
+ );
+ if( rc!=SQLITE_OK ) goto offsets_out;
+
+ rc = pMod->xNext(pC, &ZDUMMY, &NDUMMY, &iStart, &iEnd, &iCurrent);
+ while( rc==SQLITE_OK ){
+ int i; /* Used to loop through terms */
+ int iMinPos = 0x7FFFFFFF; /* Position of next token */
+ TermOffset *pTerm = 0; /* TermOffset associated with next token */
+
+ for(i=0; i<nToken; i++){
+ TermOffset *pT = &sCtx.aTerm[i];
+ if( pT->pList && (pT->iPos-pT->iOff)<iMinPos ){
+ iMinPos = pT->iPos-pT->iOff;
+ pTerm = pT;
+ }
+ }
+
+ if( !pTerm ){
+ /* All offsets for this column have been gathered. */
+ rc = SQLITE_DONE;
+ }else{
+ assert( iCurrent<=iMinPos );
+ if( 0==(0xFE&*pTerm->pList) ){
+ pTerm->pList = 0;
+ }else{
+ fts3GetDeltaPosition(&pTerm->pList, &pTerm->iPos);
+ }
+ while( rc==SQLITE_OK && iCurrent<iMinPos ){
+ rc = pMod->xNext(pC, &ZDUMMY, &NDUMMY, &iStart, &iEnd, &iCurrent);
+ }
+ if( rc==SQLITE_OK ){
+ char aBuffer[64];
+ sqlite3_snprintf(sizeof(aBuffer), aBuffer,
+ "%d %d %d %d ", iCol, pTerm-sCtx.aTerm, iStart, iEnd-iStart
+ );
+ rc = fts3StringAppend(&res, aBuffer, -1);
+ }else if( rc==SQLITE_DONE && pTab->zContentTbl==0 ){
+ rc = FTS_CORRUPT_VTAB;
+ }
+ }
+ }
+ if( rc==SQLITE_DONE ){
+ rc = SQLITE_OK;
+ }
+
+ pMod->xClose(pC);
+ if( rc!=SQLITE_OK ) goto offsets_out;
+ }
+
+ offsets_out:
+ sqlite3_free(sCtx.aTerm);
+ assert( rc!=SQLITE_DONE );
+ sqlite3Fts3SegmentsClose(pTab);
+ if( rc!=SQLITE_OK ){
+ sqlite3_result_error_code(pCtx, rc);
+ sqlite3_free(res.z);
+ }else{
+ sqlite3_result_text(pCtx, res.z, res.n-1, sqlite3_free);
+ }
+ return;
+}
+
+/*
+** Implementation of matchinfo() function.
+*/
+SQLITE_PRIVATE void sqlite3Fts3Matchinfo(
+ sqlite3_context *pContext, /* Function call context */
+ Fts3Cursor *pCsr, /* FTS3 table cursor */
+ const char *zArg /* Second arg to matchinfo() function */
+){
+ Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
+ const char *zFormat;
+
+ if( zArg ){
+ zFormat = zArg;
+ }else{
+ zFormat = FTS3_MATCHINFO_DEFAULT;
+ }
+
+ if( !pCsr->pExpr ){
+ sqlite3_result_blob(pContext, "", 0, SQLITE_STATIC);
+ return;
+ }else{
+ /* Retrieve matchinfo() data. */
+ fts3GetMatchinfo(pContext, pCsr, zFormat);
+ sqlite3Fts3SegmentsClose(pTab);
+ }
+}
+
+#endif
+
+/************** End of fts3_snippet.c ****************************************/
+/************** Begin file fts3_unicode.c ************************************/
+/*
+** 2012 May 24
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Implementation of the "unicode" full-text-search tokenizer.
+*/
+
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+
+/* #include <assert.h> */
+/* #include <stdlib.h> */
+/* #include <stdio.h> */
+/* #include <string.h> */
+
+/* #include "fts3_tokenizer.h" */
+
+/*
+** The following two macros - READ_UTF8 and WRITE_UTF8 - have been copied
+** from the sqlite3 source file utf.c. If this file is compiled as part
+** of the amalgamation, they are not required.
+*/
+#ifndef SQLITE_AMALGAMATION
+
+static const unsigned char sqlite3Utf8Trans1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x00, 0x01, 0x00, 0x00,
+};
+
+#define READ_UTF8(zIn, zTerm, c) \
+ c = *(zIn++); \
+ if( c>=0xc0 ){ \
+ c = sqlite3Utf8Trans1[c-0xc0]; \
+ while( zIn!=zTerm && (*zIn & 0xc0)==0x80 ){ \
+ c = (c<<6) + (0x3f & *(zIn++)); \
+ } \
+ if( c<0x80 \
+ || (c&0xFFFFF800)==0xD800 \
+ || (c&0xFFFFFFFE)==0xFFFE ){ c = 0xFFFD; } \
+ }
+
+#define WRITE_UTF8(zOut, c) { \
+ if( c<0x00080 ){ \
+ *zOut++ = (u8)(c&0xFF); \
+ } \
+ else if( c<0x00800 ){ \
+ *zOut++ = 0xC0 + (u8)((c>>6)&0x1F); \
+ *zOut++ = 0x80 + (u8)(c & 0x3F); \
+ } \
+ else if( c<0x10000 ){ \
+ *zOut++ = 0xE0 + (u8)((c>>12)&0x0F); \
+ *zOut++ = 0x80 + (u8)((c>>6) & 0x3F); \
+ *zOut++ = 0x80 + (u8)(c & 0x3F); \
+ }else{ \
+ *zOut++ = 0xF0 + (u8)((c>>18) & 0x07); \
+ *zOut++ = 0x80 + (u8)((c>>12) & 0x3F); \
+ *zOut++ = 0x80 + (u8)((c>>6) & 0x3F); \
+ *zOut++ = 0x80 + (u8)(c & 0x3F); \
+ } \
+}
+
+#endif /* ifndef SQLITE_AMALGAMATION */
+
+typedef struct unicode_tokenizer unicode_tokenizer;
+typedef struct unicode_cursor unicode_cursor;
+
+struct unicode_tokenizer {
+ sqlite3_tokenizer base;
+ int bRemoveDiacritic;
+ int nException;
+ int *aiException;
+};
+
+struct unicode_cursor {
+ sqlite3_tokenizer_cursor base;
+ const unsigned char *aInput; /* Input text being tokenized */
+ int nInput; /* Size of aInput[] in bytes */
+ int iOff; /* Current offset within aInput[] */
+ int iToken; /* Index of next token to be returned */
+ char *zToken; /* storage for current token */
+ int nAlloc; /* space allocated at zToken */
+};
+
+
+/*
+** Destroy a tokenizer allocated by unicodeCreate().
+*/
+static int unicodeDestroy(sqlite3_tokenizer *pTokenizer){
+ if( pTokenizer ){
+ unicode_tokenizer *p = (unicode_tokenizer *)pTokenizer;
+ sqlite3_free(p->aiException);
+ sqlite3_free(p);
+ }
+ return SQLITE_OK;
+}
+
+/*
+** As part of a tokenchars= or separators= option, the CREATE VIRTUAL TABLE
+** statement has specified that the tokenizer for this table shall consider
+** all characters in string zIn/nIn to be separators (if bAlnum==0) or
+** token characters (if bAlnum==1).
+**
+** For each codepoint in the zIn/nIn string, this function checks if the
+** sqlite3FtsUnicodeIsalnum() function already returns the desired result.
+** If so, no action is taken. Otherwise, the codepoint is added to the
+** unicode_tokenizer.aiException[] array. For the purposes of tokenization,
+** the return value of sqlite3FtsUnicodeIsalnum() is inverted for all
+** codepoints in the aiException[] array.
+**
+** If a standalone diacritic mark (one that sqlite3FtsUnicodeIsdiacritic()
+** identifies as a diacritic) occurs in the zIn/nIn string it is ignored.
+** It is not possible to change the behavior of the tokenizer with respect
+** to these codepoints.
+*/
+static int unicodeAddExceptions(
+ unicode_tokenizer *p, /* Tokenizer to add exceptions to */
+ int bAlnum, /* Replace Isalnum() return value with this */
+ const char *zIn, /* Array of characters to make exceptions */
+ int nIn /* Length of z in bytes */
+){
+ const unsigned char *z = (const unsigned char *)zIn;
+ const unsigned char *zTerm = &z[nIn];
+ int iCode;
+ int nEntry = 0;
+
+ assert( bAlnum==0 || bAlnum==1 );
+
+ while( z<zTerm ){
+ READ_UTF8(z, zTerm, iCode);
+ assert( (sqlite3FtsUnicodeIsalnum(iCode) & 0xFFFFFFFE)==0 );
+ if( sqlite3FtsUnicodeIsalnum(iCode)!=bAlnum
+ && sqlite3FtsUnicodeIsdiacritic(iCode)==0
+ ){
+ nEntry++;
+ }
+ }
+
+ if( nEntry ){
+ int *aNew; /* New aiException[] array */
+ int nNew; /* Number of valid entries in array aNew[] */
+
+ aNew = sqlite3_realloc(p->aiException, (p->nException+nEntry)*sizeof(int));
+ if( aNew==0 ) return SQLITE_NOMEM;
+ nNew = p->nException;
+
+ z = (const unsigned char *)zIn;
+ while( z<zTerm ){
+ READ_UTF8(z, zTerm, iCode);
+ if( sqlite3FtsUnicodeIsalnum(iCode)!=bAlnum
+ && sqlite3FtsUnicodeIsdiacritic(iCode)==0
+ ){
+ int i, j;
+ for(i=0; i<nNew && aNew[i]<iCode; i++);
+ for(j=nNew; j>i; j--) aNew[j] = aNew[j-1];
+ aNew[i] = iCode;
+ nNew++;
+ }
+ }
+ p->aiException = aNew;
+ p->nException = nNew;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Return true if the p->aiException[] array contains the value iCode.
+*/
+static int unicodeIsException(unicode_tokenizer *p, int iCode){
+ if( p->nException>0 ){
+ int *a = p->aiException;
+ int iLo = 0;
+ int iHi = p->nException-1;
+
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ if( iCode==a[iTest] ){
+ return 1;
+ }else if( iCode>a[iTest] ){
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ }
+
+ return 0;
+}
+
+/*
+** Return true if, for the purposes of tokenization, codepoint iCode is
+** considered a token character (not a separator).
+*/
+static int unicodeIsAlnum(unicode_tokenizer *p, int iCode){
+ assert( (sqlite3FtsUnicodeIsalnum(iCode) & 0xFFFFFFFE)==0 );
+ return sqlite3FtsUnicodeIsalnum(iCode) ^ unicodeIsException(p, iCode);
+}
+
+/*
+** Create a new tokenizer instance.
+*/
+static int unicodeCreate(
+ int nArg, /* Size of array argv[] */
+ const char * const *azArg, /* Tokenizer creation arguments */
+ sqlite3_tokenizer **pp /* OUT: New tokenizer handle */
+){
+ unicode_tokenizer *pNew; /* New tokenizer object */
+ int i;
+ int rc = SQLITE_OK;
+
+ pNew = (unicode_tokenizer *) sqlite3_malloc(sizeof(unicode_tokenizer));
+ if( pNew==NULL ) return SQLITE_NOMEM;
+ memset(pNew, 0, sizeof(unicode_tokenizer));
+ pNew->bRemoveDiacritic = 1;
+
+ for(i=0; rc==SQLITE_OK && i<nArg; i++){
+ const char *z = azArg[i];
+ int n = (int)strlen(z);
+
+ if( n==19 && memcmp("remove_diacritics=1", z, 19)==0 ){
+ pNew->bRemoveDiacritic = 1;
+ }
+ else if( n==19 && memcmp("remove_diacritics=0", z, 19)==0 ){
+ pNew->bRemoveDiacritic = 0;
+ }
+ else if( n>=11 && memcmp("tokenchars=", z, 11)==0 ){
+ rc = unicodeAddExceptions(pNew, 1, &z[11], n-11);
+ }
+ else if( n>=11 && memcmp("separators=", z, 11)==0 ){
+ rc = unicodeAddExceptions(pNew, 0, &z[11], n-11);
+ }
+ else{
+ /* Unrecognized argument */
+ rc = SQLITE_ERROR;
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ unicodeDestroy((sqlite3_tokenizer *)pNew);
+ pNew = 0;
+ }
+ *pp = (sqlite3_tokenizer *)pNew;
+ return rc;
+}
+
+/*
+** Prepare to begin tokenizing a particular string. The input
+** string to be tokenized is pInput[0..nBytes-1]. A cursor
+** used to incrementally tokenize this string is returned in
+** *ppCursor.
+*/
+static int unicodeOpen(
+ sqlite3_tokenizer *p, /* The tokenizer */
+ const char *aInput, /* Input string */
+ int nInput, /* Size of string aInput in bytes */
+ sqlite3_tokenizer_cursor **pp /* OUT: New cursor object */
+){
+ unicode_cursor *pCsr;
+
+ pCsr = (unicode_cursor *)sqlite3_malloc(sizeof(unicode_cursor));
+ if( pCsr==0 ){
+ return SQLITE_NOMEM;
+ }
+ memset(pCsr, 0, sizeof(unicode_cursor));
+
+ pCsr->aInput = (const unsigned char *)aInput;
+ if( aInput==0 ){
+ pCsr->nInput = 0;
+ }else if( nInput<0 ){
+ pCsr->nInput = (int)strlen(aInput);
+ }else{
+ pCsr->nInput = nInput;
+ }
+
+ *pp = &pCsr->base;
+ UNUSED_PARAMETER(p);
+ return SQLITE_OK;
+}
+
+/*
+** Close a tokenization cursor previously opened by a call to
+** simpleOpen() above.
+*/
+static int unicodeClose(sqlite3_tokenizer_cursor *pCursor){
+ unicode_cursor *pCsr = (unicode_cursor *) pCursor;
+ sqlite3_free(pCsr->zToken);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+/*
+** Extract the next token from a tokenization cursor. The cursor must
+** have been opened by a prior call to simpleOpen().
+*/
+static int unicodeNext(
+ sqlite3_tokenizer_cursor *pC, /* Cursor returned by simpleOpen */
+ const char **paToken, /* OUT: Token text */
+ int *pnToken, /* OUT: Number of bytes at *paToken */
+ int *piStart, /* OUT: Starting offset of token */
+ int *piEnd, /* OUT: Ending offset of token */
+ int *piPos /* OUT: Position integer of token */
+){
+ unicode_cursor *pCsr = (unicode_cursor *)pC;
+ unicode_tokenizer *p = ((unicode_tokenizer *)pCsr->base.pTokenizer);
+ int iCode = 0;
+ char *zOut;
+ const unsigned char *z = &pCsr->aInput[pCsr->iOff];
+ const unsigned char *zStart = z;
+ const unsigned char *zEnd;
+ const unsigned char *zTerm = &pCsr->aInput[pCsr->nInput];
+
+ /* Scan past any delimiter characters before the start of the next token.
+ ** Return SQLITE_DONE early if this takes us all the way to the end of
+ ** the input. */
+ while( z<zTerm ){
+ READ_UTF8(z, zTerm, iCode);
+ if( unicodeIsAlnum(p, iCode) ) break;
+ zStart = z;
+ }
+ if( zStart>=zTerm ) return SQLITE_DONE;
+
+ zOut = pCsr->zToken;
+ do {
+ int iOut;
+
+ /* Grow the output buffer if required. */
+ if( (zOut-pCsr->zToken)>=(pCsr->nAlloc-4) ){
+ char *zNew = sqlite3_realloc(pCsr->zToken, pCsr->nAlloc+64);
+ if( !zNew ) return SQLITE_NOMEM;
+ zOut = &zNew[zOut - pCsr->zToken];
+ pCsr->zToken = zNew;
+ pCsr->nAlloc += 64;
+ }
+
+ /* Write the folded case of the last character read to the output */
+ zEnd = z;
+ iOut = sqlite3FtsUnicodeFold(iCode, p->bRemoveDiacritic);
+ if( iOut ){
+ WRITE_UTF8(zOut, iOut);
+ }
+
+ /* If the cursor is not at EOF, read the next character */
+ if( z>=zTerm ) break;
+ READ_UTF8(z, zTerm, iCode);
+ }while( unicodeIsAlnum(p, iCode)
+ || sqlite3FtsUnicodeIsdiacritic(iCode)
+ );
+
+ /* Set the output variables and return. */
+ pCsr->iOff = (int)(z - pCsr->aInput);
+ *paToken = pCsr->zToken;
+ *pnToken = (int)(zOut - pCsr->zToken);
+ *piStart = (int)(zStart - pCsr->aInput);
+ *piEnd = (int)(zEnd - pCsr->aInput);
+ *piPos = pCsr->iToken++;
+ return SQLITE_OK;
+}
+
+/*
+** Set *ppModule to a pointer to the sqlite3_tokenizer_module
+** structure for the unicode tokenizer.
+*/
+SQLITE_PRIVATE void sqlite3Fts3UnicodeTokenizer(sqlite3_tokenizer_module const **ppModule){
+ static const sqlite3_tokenizer_module module = {
+ 0,
+ unicodeCreate,
+ unicodeDestroy,
+ unicodeOpen,
+ unicodeClose,
+ unicodeNext,
+ 0,
+ };
+ *ppModule = &module;
+}
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+#endif /* ifndef SQLITE_DISABLE_FTS3_UNICODE */
+
+/************** End of fts3_unicode.c ****************************************/
+/************** Begin file fts3_unicode2.c ***********************************/
+/*
+** 2012 May 25
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+*/
+
+/*
+** DO NOT EDIT THIS MACHINE GENERATED FILE.
+*/
+
+#ifndef SQLITE_DISABLE_FTS3_UNICODE
+#if defined(SQLITE_ENABLE_FTS3) || defined(SQLITE_ENABLE_FTS4)
+
+/* #include <assert.h> */
+
+/*
+** Return true if the argument corresponds to a unicode codepoint
+** classified as either a letter or a number. Otherwise false.
+**
+** The results are undefined if the value passed to this function
+** is less than zero.
+*/
+SQLITE_PRIVATE int sqlite3FtsUnicodeIsalnum(int c){
+ /* Each unsigned integer in the following array corresponds to a contiguous
+ ** range of unicode codepoints that are not either letters or numbers (i.e.
+ ** codepoints for which this function should return 0).
+ **
+ ** The most significant 22 bits in each 32-bit value contain the first
+ ** codepoint in the range. The least significant 10 bits are used to store
+ ** the size of the range (always at least 1). In other words, the value
+ ** ((C<<22) + N) represents a range of N codepoints starting with codepoint
+ ** C. It is not possible to represent a range larger than 1023 codepoints
+ ** using this format.
+ */
+ static const unsigned int aEntry[] = {
+ 0x00000030, 0x0000E807, 0x00016C06, 0x0001EC2F, 0x0002AC07,
+ 0x0002D001, 0x0002D803, 0x0002EC01, 0x0002FC01, 0x00035C01,
+ 0x0003DC01, 0x000B0804, 0x000B480E, 0x000B9407, 0x000BB401,
+ 0x000BBC81, 0x000DD401, 0x000DF801, 0x000E1002, 0x000E1C01,
+ 0x000FD801, 0x00120808, 0x00156806, 0x00162402, 0x00163C01,
+ 0x00164437, 0x0017CC02, 0x00180005, 0x00181816, 0x00187802,
+ 0x00192C15, 0x0019A804, 0x0019C001, 0x001B5001, 0x001B580F,
+ 0x001B9C07, 0x001BF402, 0x001C000E, 0x001C3C01, 0x001C4401,
+ 0x001CC01B, 0x001E980B, 0x001FAC09, 0x001FD804, 0x00205804,
+ 0x00206C09, 0x00209403, 0x0020A405, 0x0020C00F, 0x00216403,
+ 0x00217801, 0x0023901B, 0x00240004, 0x0024E803, 0x0024F812,
+ 0x00254407, 0x00258804, 0x0025C001, 0x00260403, 0x0026F001,
+ 0x0026F807, 0x00271C02, 0x00272C03, 0x00275C01, 0x00278802,
+ 0x0027C802, 0x0027E802, 0x00280403, 0x0028F001, 0x0028F805,
+ 0x00291C02, 0x00292C03, 0x00294401, 0x0029C002, 0x0029D401,
+ 0x002A0403, 0x002AF001, 0x002AF808, 0x002B1C03, 0x002B2C03,
+ 0x002B8802, 0x002BC002, 0x002C0403, 0x002CF001, 0x002CF807,
+ 0x002D1C02, 0x002D2C03, 0x002D5802, 0x002D8802, 0x002DC001,
+ 0x002E0801, 0x002EF805, 0x002F1803, 0x002F2804, 0x002F5C01,
+ 0x002FCC08, 0x00300403, 0x0030F807, 0x00311803, 0x00312804,
+ 0x00315402, 0x00318802, 0x0031FC01, 0x00320802, 0x0032F001,
+ 0x0032F807, 0x00331803, 0x00332804, 0x00335402, 0x00338802,
+ 0x00340802, 0x0034F807, 0x00351803, 0x00352804, 0x00355C01,
+ 0x00358802, 0x0035E401, 0x00360802, 0x00372801, 0x00373C06,
+ 0x00375801, 0x00376008, 0x0037C803, 0x0038C401, 0x0038D007,
+ 0x0038FC01, 0x00391C09, 0x00396802, 0x003AC401, 0x003AD006,
+ 0x003AEC02, 0x003B2006, 0x003C041F, 0x003CD00C, 0x003DC417,
+ 0x003E340B, 0x003E6424, 0x003EF80F, 0x003F380D, 0x0040AC14,
+ 0x00412806, 0x00415804, 0x00417803, 0x00418803, 0x00419C07,
+ 0x0041C404, 0x0042080C, 0x00423C01, 0x00426806, 0x0043EC01,
+ 0x004D740C, 0x004E400A, 0x00500001, 0x0059B402, 0x005A0001,
+ 0x005A6C02, 0x005BAC03, 0x005C4803, 0x005CC805, 0x005D4802,
+ 0x005DC802, 0x005ED023, 0x005F6004, 0x005F7401, 0x0060000F,
+ 0x0062A401, 0x0064800C, 0x0064C00C, 0x00650001, 0x00651002,
+ 0x0066C011, 0x00672002, 0x00677822, 0x00685C05, 0x00687802,
+ 0x0069540A, 0x0069801D, 0x0069FC01, 0x006A8007, 0x006AA006,
+ 0x006C0005, 0x006CD011, 0x006D6823, 0x006E0003, 0x006E840D,
+ 0x006F980E, 0x006FF004, 0x00709014, 0x0070EC05, 0x0071F802,
+ 0x00730008, 0x00734019, 0x0073B401, 0x0073C803, 0x00770027,
+ 0x0077F004, 0x007EF401, 0x007EFC03, 0x007F3403, 0x007F7403,
+ 0x007FB403, 0x007FF402, 0x00800065, 0x0081A806, 0x0081E805,
+ 0x00822805, 0x0082801A, 0x00834021, 0x00840002, 0x00840C04,
+ 0x00842002, 0x00845001, 0x00845803, 0x00847806, 0x00849401,
+ 0x00849C01, 0x0084A401, 0x0084B801, 0x0084E802, 0x00850005,
+ 0x00852804, 0x00853C01, 0x00864264, 0x00900027, 0x0091000B,
+ 0x0092704E, 0x00940200, 0x009C0475, 0x009E53B9, 0x00AD400A,
+ 0x00B39406, 0x00B3BC03, 0x00B3E404, 0x00B3F802, 0x00B5C001,
+ 0x00B5FC01, 0x00B7804F, 0x00B8C00C, 0x00BA001A, 0x00BA6C59,
+ 0x00BC00D6, 0x00BFC00C, 0x00C00005, 0x00C02019, 0x00C0A807,
+ 0x00C0D802, 0x00C0F403, 0x00C26404, 0x00C28001, 0x00C3EC01,
+ 0x00C64002, 0x00C6580A, 0x00C70024, 0x00C8001F, 0x00C8A81E,
+ 0x00C94001, 0x00C98020, 0x00CA2827, 0x00CB003F, 0x00CC0100,
+ 0x01370040, 0x02924037, 0x0293F802, 0x02983403, 0x0299BC10,
+ 0x029A7C01, 0x029BC008, 0x029C0017, 0x029C8002, 0x029E2402,
+ 0x02A00801, 0x02A01801, 0x02A02C01, 0x02A08C09, 0x02A0D804,
+ 0x02A1D004, 0x02A20002, 0x02A2D011, 0x02A33802, 0x02A38012,
+ 0x02A3E003, 0x02A4980A, 0x02A51C0D, 0x02A57C01, 0x02A60004,
+ 0x02A6CC1B, 0x02A77802, 0x02A8A40E, 0x02A90C01, 0x02A93002,
+ 0x02A97004, 0x02A9DC03, 0x02A9EC01, 0x02AAC001, 0x02AAC803,
+ 0x02AADC02, 0x02AAF802, 0x02AB0401, 0x02AB7802, 0x02ABAC07,
+ 0x02ABD402, 0x02AF8C0B, 0x03600001, 0x036DFC02, 0x036FFC02,
+ 0x037FFC01, 0x03EC7801, 0x03ECA401, 0x03EEC810, 0x03F4F802,
+ 0x03F7F002, 0x03F8001A, 0x03F88007, 0x03F8C023, 0x03F95013,
+ 0x03F9A004, 0x03FBFC01, 0x03FC040F, 0x03FC6807, 0x03FCEC06,
+ 0x03FD6C0B, 0x03FF8007, 0x03FFA007, 0x03FFE405, 0x04040003,
+ 0x0404DC09, 0x0405E411, 0x0406400C, 0x0407402E, 0x040E7C01,
+ 0x040F4001, 0x04215C01, 0x04247C01, 0x0424FC01, 0x04280403,
+ 0x04281402, 0x04283004, 0x0428E003, 0x0428FC01, 0x04294009,
+ 0x0429FC01, 0x042CE407, 0x04400003, 0x0440E016, 0x04420003,
+ 0x0442C012, 0x04440003, 0x04449C0E, 0x04450004, 0x04460003,
+ 0x0446CC0E, 0x04471404, 0x045AAC0D, 0x0491C004, 0x05BD442E,
+ 0x05BE3C04, 0x074000F6, 0x07440027, 0x0744A4B5, 0x07480046,
+ 0x074C0057, 0x075B0401, 0x075B6C01, 0x075BEC01, 0x075C5401,
+ 0x075CD401, 0x075D3C01, 0x075DBC01, 0x075E2401, 0x075EA401,
+ 0x075F0C01, 0x07BBC002, 0x07C0002C, 0x07C0C064, 0x07C2800F,
+ 0x07C2C40E, 0x07C3040F, 0x07C3440F, 0x07C4401F, 0x07C4C03C,
+ 0x07C5C02B, 0x07C7981D, 0x07C8402B, 0x07C90009, 0x07C94002,
+ 0x07CC0021, 0x07CCC006, 0x07CCDC46, 0x07CE0014, 0x07CE8025,
+ 0x07CF1805, 0x07CF8011, 0x07D0003F, 0x07D10001, 0x07D108B6,
+ 0x07D3E404, 0x07D4003E, 0x07D50004, 0x07D54018, 0x07D7EC46,
+ 0x07D9140B, 0x07DA0046, 0x07DC0074, 0x38000401, 0x38008060,
+ 0x380400F0,
+ };
+ static const unsigned int aAscii[4] = {
+ 0xFFFFFFFF, 0xFC00FFFF, 0xF8000001, 0xF8000001,
+ };
+
+ if( c<128 ){
+ return ( (aAscii[c >> 5] & (1 << (c & 0x001F)))==0 );
+ }else if( c<(1<<22) ){
+ unsigned int key = (((unsigned int)c)<<10) | 0x000003FF;
+ int iRes = 0;
+ int iHi = sizeof(aEntry)/sizeof(aEntry[0]) - 1;
+ int iLo = 0;
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ if( key >= aEntry[iTest] ){
+ iRes = iTest;
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ assert( aEntry[0]<key );
+ assert( key>=aEntry[iRes] );
+ return (((unsigned int)c) >= ((aEntry[iRes]>>10) + (aEntry[iRes]&0x3FF)));
+ }
+ return 1;
+}
+
+
+/*
+** If the argument is a codepoint corresponding to a lowercase letter
+** in the ASCII range with a diacritic added, return the codepoint
+** of the ASCII letter only. For example, if passed 235 - "LATIN
+** SMALL LETTER E WITH DIAERESIS" - return 65 ("LATIN SMALL LETTER
+** E"). The resuls of passing a codepoint that corresponds to an
+** uppercase letter are undefined.
+*/
+static int remove_diacritic(int c){
+ unsigned short aDia[] = {
+ 0, 1797, 1848, 1859, 1891, 1928, 1940, 1995,
+ 2024, 2040, 2060, 2110, 2168, 2206, 2264, 2286,
+ 2344, 2383, 2472, 2488, 2516, 2596, 2668, 2732,
+ 2782, 2842, 2894, 2954, 2984, 3000, 3028, 3336,
+ 3456, 3696, 3712, 3728, 3744, 3896, 3912, 3928,
+ 3968, 4008, 4040, 4106, 4138, 4170, 4202, 4234,
+ 4266, 4296, 4312, 4344, 4408, 4424, 4472, 4504,
+ 6148, 6198, 6264, 6280, 6360, 6429, 6505, 6529,
+ 61448, 61468, 61534, 61592, 61642, 61688, 61704, 61726,
+ 61784, 61800, 61836, 61880, 61914, 61948, 61998, 62122,
+ 62154, 62200, 62218, 62302, 62364, 62442, 62478, 62536,
+ 62554, 62584, 62604, 62640, 62648, 62656, 62664, 62730,
+ 62924, 63050, 63082, 63274, 63390,
+ };
+ char aChar[] = {
+ '\0', 'a', 'c', 'e', 'i', 'n', 'o', 'u', 'y', 'y', 'a', 'c',
+ 'd', 'e', 'e', 'g', 'h', 'i', 'j', 'k', 'l', 'n', 'o', 'r',
+ 's', 't', 'u', 'u', 'w', 'y', 'z', 'o', 'u', 'a', 'i', 'o',
+ 'u', 'g', 'k', 'o', 'j', 'g', 'n', 'a', 'e', 'i', 'o', 'r',
+ 'u', 's', 't', 'h', 'a', 'e', 'o', 'y', '\0', '\0', '\0', '\0',
+ '\0', '\0', '\0', '\0', 'a', 'b', 'd', 'd', 'e', 'f', 'g', 'h',
+ 'h', 'i', 'k', 'l', 'l', 'm', 'n', 'p', 'r', 'r', 's', 't',
+ 'u', 'v', 'w', 'w', 'x', 'y', 'z', 'h', 't', 'w', 'y', 'a',
+ 'e', 'i', 'o', 'u', 'y',
+ };
+
+ unsigned int key = (((unsigned int)c)<<3) | 0x00000007;
+ int iRes = 0;
+ int iHi = sizeof(aDia)/sizeof(aDia[0]) - 1;
+ int iLo = 0;
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ if( key >= aDia[iTest] ){
+ iRes = iTest;
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ assert( key>=aDia[iRes] );
+ return ((c > (aDia[iRes]>>3) + (aDia[iRes]&0x07)) ? c : (int)aChar[iRes]);
+}
+
+
+/*
+** Return true if the argument interpreted as a unicode codepoint
+** is a diacritical modifier character.
+*/
+SQLITE_PRIVATE int sqlite3FtsUnicodeIsdiacritic(int c){
+ unsigned int mask0 = 0x08029FDF;
+ unsigned int mask1 = 0x000361F8;
+ if( c<768 || c>817 ) return 0;
+ return (c < 768+32) ?
+ (mask0 & (1 << (c-768))) :
+ (mask1 & (1 << (c-768-32)));
+}
+
+
+/*
+** Interpret the argument as a unicode codepoint. If the codepoint
+** is an upper case character that has a lower case equivalent,
+** return the codepoint corresponding to the lower case version.
+** Otherwise, return a copy of the argument.
+**
+** The results are undefined if the value passed to this function
+** is less than zero.
+*/
+SQLITE_PRIVATE int sqlite3FtsUnicodeFold(int c, int bRemoveDiacritic){
+ /* Each entry in the following array defines a rule for folding a range
+ ** of codepoints to lower case. The rule applies to a range of nRange
+ ** codepoints starting at codepoint iCode.
+ **
+ ** If the least significant bit in flags is clear, then the rule applies
+ ** to all nRange codepoints (i.e. all nRange codepoints are upper case and
+ ** need to be folded). Or, if it is set, then the rule only applies to
+ ** every second codepoint in the range, starting with codepoint C.
+ **
+ ** The 7 most significant bits in flags are an index into the aiOff[]
+ ** array. If a specific codepoint C does require folding, then its lower
+ ** case equivalent is ((C + aiOff[flags>>1]) & 0xFFFF).
+ **
+ ** The contents of this array are generated by parsing the CaseFolding.txt
+ ** file distributed as part of the "Unicode Character Database". See
+ ** http://www.unicode.org for details.
+ */
+ static const struct TableEntry {
+ unsigned short iCode;
+ unsigned char flags;
+ unsigned char nRange;
+ } aEntry[] = {
+ {65, 14, 26}, {181, 64, 1}, {192, 14, 23},
+ {216, 14, 7}, {256, 1, 48}, {306, 1, 6},
+ {313, 1, 16}, {330, 1, 46}, {376, 116, 1},
+ {377, 1, 6}, {383, 104, 1}, {385, 50, 1},
+ {386, 1, 4}, {390, 44, 1}, {391, 0, 1},
+ {393, 42, 2}, {395, 0, 1}, {398, 32, 1},
+ {399, 38, 1}, {400, 40, 1}, {401, 0, 1},
+ {403, 42, 1}, {404, 46, 1}, {406, 52, 1},
+ {407, 48, 1}, {408, 0, 1}, {412, 52, 1},
+ {413, 54, 1}, {415, 56, 1}, {416, 1, 6},
+ {422, 60, 1}, {423, 0, 1}, {425, 60, 1},
+ {428, 0, 1}, {430, 60, 1}, {431, 0, 1},
+ {433, 58, 2}, {435, 1, 4}, {439, 62, 1},
+ {440, 0, 1}, {444, 0, 1}, {452, 2, 1},
+ {453, 0, 1}, {455, 2, 1}, {456, 0, 1},
+ {458, 2, 1}, {459, 1, 18}, {478, 1, 18},
+ {497, 2, 1}, {498, 1, 4}, {502, 122, 1},
+ {503, 134, 1}, {504, 1, 40}, {544, 110, 1},
+ {546, 1, 18}, {570, 70, 1}, {571, 0, 1},
+ {573, 108, 1}, {574, 68, 1}, {577, 0, 1},
+ {579, 106, 1}, {580, 28, 1}, {581, 30, 1},
+ {582, 1, 10}, {837, 36, 1}, {880, 1, 4},
+ {886, 0, 1}, {902, 18, 1}, {904, 16, 3},
+ {908, 26, 1}, {910, 24, 2}, {913, 14, 17},
+ {931, 14, 9}, {962, 0, 1}, {975, 4, 1},
+ {976, 140, 1}, {977, 142, 1}, {981, 146, 1},
+ {982, 144, 1}, {984, 1, 24}, {1008, 136, 1},
+ {1009, 138, 1}, {1012, 130, 1}, {1013, 128, 1},
+ {1015, 0, 1}, {1017, 152, 1}, {1018, 0, 1},
+ {1021, 110, 3}, {1024, 34, 16}, {1040, 14, 32},
+ {1120, 1, 34}, {1162, 1, 54}, {1216, 6, 1},
+ {1217, 1, 14}, {1232, 1, 88}, {1329, 22, 38},
+ {4256, 66, 38}, {4295, 66, 1}, {4301, 66, 1},
+ {7680, 1, 150}, {7835, 132, 1}, {7838, 96, 1},
+ {7840, 1, 96}, {7944, 150, 8}, {7960, 150, 6},
+ {7976, 150, 8}, {7992, 150, 8}, {8008, 150, 6},
+ {8025, 151, 8}, {8040, 150, 8}, {8072, 150, 8},
+ {8088, 150, 8}, {8104, 150, 8}, {8120, 150, 2},
+ {8122, 126, 2}, {8124, 148, 1}, {8126, 100, 1},
+ {8136, 124, 4}, {8140, 148, 1}, {8152, 150, 2},
+ {8154, 120, 2}, {8168, 150, 2}, {8170, 118, 2},
+ {8172, 152, 1}, {8184, 112, 2}, {8186, 114, 2},
+ {8188, 148, 1}, {8486, 98, 1}, {8490, 92, 1},
+ {8491, 94, 1}, {8498, 12, 1}, {8544, 8, 16},
+ {8579, 0, 1}, {9398, 10, 26}, {11264, 22, 47},
+ {11360, 0, 1}, {11362, 88, 1}, {11363, 102, 1},
+ {11364, 90, 1}, {11367, 1, 6}, {11373, 84, 1},
+ {11374, 86, 1}, {11375, 80, 1}, {11376, 82, 1},
+ {11378, 0, 1}, {11381, 0, 1}, {11390, 78, 2},
+ {11392, 1, 100}, {11499, 1, 4}, {11506, 0, 1},
+ {42560, 1, 46}, {42624, 1, 24}, {42786, 1, 14},
+ {42802, 1, 62}, {42873, 1, 4}, {42877, 76, 1},
+ {42878, 1, 10}, {42891, 0, 1}, {42893, 74, 1},
+ {42896, 1, 4}, {42912, 1, 10}, {42922, 72, 1},
+ {65313, 14, 26},
+ };
+ static const unsigned short aiOff[] = {
+ 1, 2, 8, 15, 16, 26, 28, 32,
+ 37, 38, 40, 48, 63, 64, 69, 71,
+ 79, 80, 116, 202, 203, 205, 206, 207,
+ 209, 210, 211, 213, 214, 217, 218, 219,
+ 775, 7264, 10792, 10795, 23228, 23256, 30204, 54721,
+ 54753, 54754, 54756, 54787, 54793, 54809, 57153, 57274,
+ 57921, 58019, 58363, 61722, 65268, 65341, 65373, 65406,
+ 65408, 65410, 65415, 65424, 65436, 65439, 65450, 65462,
+ 65472, 65476, 65478, 65480, 65482, 65488, 65506, 65511,
+ 65514, 65521, 65527, 65528, 65529,
+ };
+
+ int ret = c;
+
+ assert( c>=0 );
+ assert( sizeof(unsigned short)==2 && sizeof(unsigned char)==1 );
+
+ if( c<128 ){
+ if( c>='A' && c<='Z' ) ret = c + ('a' - 'A');
+ }else if( c<65536 ){
+ int iHi = sizeof(aEntry)/sizeof(aEntry[0]) - 1;
+ int iLo = 0;
+ int iRes = -1;
+
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ int cmp = (c - aEntry[iTest].iCode);
+ if( cmp>=0 ){
+ iRes = iTest;
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ assert( iRes<0 || c>=aEntry[iRes].iCode );
+
+ if( iRes>=0 ){
+ const struct TableEntry *p = &aEntry[iRes];
+ if( c<(p->iCode + p->nRange) && 0==(0x01 & p->flags & (p->iCode ^ c)) ){
+ ret = (c + (aiOff[p->flags>>1])) & 0x0000FFFF;
+ assert( ret>0 );
+ }
+ }
+
+ if( bRemoveDiacritic ) ret = remove_diacritic(ret);
+ }
+
+ else if( c>=66560 && c<66600 ){
+ ret = c + 40;
+ }
+
+ return ret;
+}
+#endif /* defined(SQLITE_ENABLE_FTS3) || defined(SQLITE_ENABLE_FTS4) */
+#endif /* !defined(SQLITE_DISABLE_FTS3_UNICODE) */
+
+/************** End of fts3_unicode2.c ***************************************/
+/************** Begin file rtree.c *******************************************/
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file contains code for implementations of the r-tree and r*-tree
+** algorithms packaged as an SQLite virtual table module.
+*/
+
+/*
+** Database Format of R-Tree Tables
+** --------------------------------
+**
+** The data structure for a single virtual r-tree table is stored in three
+** native SQLite tables declared as follows. In each case, the '%' character
+** in the table name is replaced with the user-supplied name of the r-tree
+** table.
+**
+** CREATE TABLE %_node(nodeno INTEGER PRIMARY KEY, data BLOB)
+** CREATE TABLE %_parent(nodeno INTEGER PRIMARY KEY, parentnode INTEGER)
+** CREATE TABLE %_rowid(rowid INTEGER PRIMARY KEY, nodeno INTEGER)
+**
+** The data for each node of the r-tree structure is stored in the %_node
+** table. For each node that is not the root node of the r-tree, there is
+** an entry in the %_parent table associating the node with its parent.
+** And for each row of data in the table, there is an entry in the %_rowid
+** table that maps from the entries rowid to the id of the node that it
+** is stored on.
+**
+** The root node of an r-tree always exists, even if the r-tree table is
+** empty. The nodeno of the root node is always 1. All other nodes in the
+** table must be the same size as the root node. The content of each node
+** is formatted as follows:
+**
+** 1. If the node is the root node (node 1), then the first 2 bytes
+** of the node contain the tree depth as a big-endian integer.
+** For non-root nodes, the first 2 bytes are left unused.
+**
+** 2. The next 2 bytes contain the number of entries currently
+** stored in the node.
+**
+** 3. The remainder of the node contains the node entries. Each entry
+** consists of a single 8-byte integer followed by an even number
+** of 4-byte coordinates. For leaf nodes the integer is the rowid
+** of a record. For internal nodes it is the node number of a
+** child page.
+*/
+
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_RTREE)
+
+#ifndef SQLITE_CORE
+/* #include "sqlite3ext.h" */
+ SQLITE_EXTENSION_INIT1
+#else
+/* #include "sqlite3.h" */
+#endif
+
+/* #include <string.h> */
+/* #include <assert.h> */
+/* #include <stdio.h> */
+
+#ifndef SQLITE_AMALGAMATION
+#include "sqlite3rtree.h"
+typedef sqlite3_int64 i64;
+typedef unsigned char u8;
+typedef unsigned short u16;
+typedef unsigned int u32;
+#endif
+
+/* The following macro is used to suppress compiler warnings.
+*/
+#ifndef UNUSED_PARAMETER
+# define UNUSED_PARAMETER(x) (void)(x)
+#endif
+
+typedef struct Rtree Rtree;
+typedef struct RtreeCursor RtreeCursor;
+typedef struct RtreeNode RtreeNode;
+typedef struct RtreeCell RtreeCell;
+typedef struct RtreeConstraint RtreeConstraint;
+typedef struct RtreeMatchArg RtreeMatchArg;
+typedef struct RtreeGeomCallback RtreeGeomCallback;
+typedef union RtreeCoord RtreeCoord;
+typedef struct RtreeSearchPoint RtreeSearchPoint;
+
+/* The rtree may have between 1 and RTREE_MAX_DIMENSIONS dimensions. */
+#define RTREE_MAX_DIMENSIONS 5
+
+/* Size of hash table Rtree.aHash. This hash table is not expected to
+** ever contain very many entries, so a fixed number of buckets is
+** used.
+*/
+#define HASHSIZE 97
+
+/* The xBestIndex method of this virtual table requires an estimate of
+** the number of rows in the virtual table to calculate the costs of
+** various strategies. If possible, this estimate is loaded from the
+** sqlite_stat1 table (with RTREE_MIN_ROWEST as a hard-coded minimum).
+** Otherwise, if no sqlite_stat1 entry is available, use
+** RTREE_DEFAULT_ROWEST.
+*/
+#define RTREE_DEFAULT_ROWEST 1048576
+#define RTREE_MIN_ROWEST 100
+
+/*
+** An rtree virtual-table object.
+*/
+struct Rtree {
+ sqlite3_vtab base; /* Base class. Must be first */
+ sqlite3 *db; /* Host database connection */
+ int iNodeSize; /* Size in bytes of each node in the node table */
+ u8 nDim; /* Number of dimensions */
+ u8 eCoordType; /* RTREE_COORD_REAL32 or RTREE_COORD_INT32 */
+ u8 nBytesPerCell; /* Bytes consumed per cell */
+ int iDepth; /* Current depth of the r-tree structure */
+ char *zDb; /* Name of database containing r-tree table */
+ char *zName; /* Name of r-tree table */
+ int nBusy; /* Current number of users of this structure */
+ i64 nRowEst; /* Estimated number of rows in this table */
+
+ /* List of nodes removed during a CondenseTree operation. List is
+ ** linked together via the pointer normally used for hash chains -
+ ** RtreeNode.pNext. RtreeNode.iNode stores the depth of the sub-tree
+ ** headed by the node (leaf nodes have RtreeNode.iNode==0).
+ */
+ RtreeNode *pDeleted;
+ int iReinsertHeight; /* Height of sub-trees Reinsert() has run on */
+
+ /* Statements to read/write/delete a record from xxx_node */
+ sqlite3_stmt *pReadNode;
+ sqlite3_stmt *pWriteNode;
+ sqlite3_stmt *pDeleteNode;
+
+ /* Statements to read/write/delete a record from xxx_rowid */
+ sqlite3_stmt *pReadRowid;
+ sqlite3_stmt *pWriteRowid;
+ sqlite3_stmt *pDeleteRowid;
+
+ /* Statements to read/write/delete a record from xxx_parent */
+ sqlite3_stmt *pReadParent;
+ sqlite3_stmt *pWriteParent;
+ sqlite3_stmt *pDeleteParent;
+
+ RtreeNode *aHash[HASHSIZE]; /* Hash table of in-memory nodes. */
+};
+
+/* Possible values for Rtree.eCoordType: */
+#define RTREE_COORD_REAL32 0
+#define RTREE_COORD_INT32 1
+
+/*
+** If SQLITE_RTREE_INT_ONLY is defined, then this virtual table will
+** only deal with integer coordinates. No floating point operations
+** will be done.
+*/
+#ifdef SQLITE_RTREE_INT_ONLY
+ typedef sqlite3_int64 RtreeDValue; /* High accuracy coordinate */
+ typedef int RtreeValue; /* Low accuracy coordinate */
+# define RTREE_ZERO 0
+#else
+ typedef double RtreeDValue; /* High accuracy coordinate */
+ typedef float RtreeValue; /* Low accuracy coordinate */
+# define RTREE_ZERO 0.0
+#endif
+
+/*
+** When doing a search of an r-tree, instances of the following structure
+** record intermediate results from the tree walk.
+**
+** The id is always a node-id. For iLevel>=1 the id is the node-id of
+** the node that the RtreeSearchPoint represents. When iLevel==0, however,
+** the id is of the parent node and the cell that RtreeSearchPoint
+** represents is the iCell-th entry in the parent node.
+*/
+struct RtreeSearchPoint {
+ RtreeDValue rScore; /* The score for this node. Smallest goes first. */
+ sqlite3_int64 id; /* Node ID */
+ u8 iLevel; /* 0=entries. 1=leaf node. 2+ for higher */
+ u8 eWithin; /* PARTLY_WITHIN or FULLY_WITHIN */
+ u8 iCell; /* Cell index within the node */
+};
+
+/*
+** The minimum number of cells allowed for a node is a third of the
+** maximum. In Gutman's notation:
+**
+** m = M/3
+**
+** If an R*-tree "Reinsert" operation is required, the same number of
+** cells are removed from the overfull node and reinserted into the tree.
+*/
+#define RTREE_MINCELLS(p) ((((p)->iNodeSize-4)/(p)->nBytesPerCell)/3)
+#define RTREE_REINSERT(p) RTREE_MINCELLS(p)
+#define RTREE_MAXCELLS 51
+
+/*
+** The smallest possible node-size is (512-64)==448 bytes. And the largest
+** supported cell size is 48 bytes (8 byte rowid + ten 4 byte coordinates).
+** Therefore all non-root nodes must contain at least 3 entries. Since
+** 2^40 is greater than 2^64, an r-tree structure always has a depth of
+** 40 or less.
+*/
+#define RTREE_MAX_DEPTH 40
+
+
+/*
+** Number of entries in the cursor RtreeNode cache. The first entry is
+** used to cache the RtreeNode for RtreeCursor.sPoint. The remaining
+** entries cache the RtreeNode for the first elements of the priority queue.
+*/
+#define RTREE_CACHE_SZ 5
+
+/*
+** An rtree cursor object.
+*/
+struct RtreeCursor {
+ sqlite3_vtab_cursor base; /* Base class. Must be first */
+ u8 atEOF; /* True if at end of search */
+ u8 bPoint; /* True if sPoint is valid */
+ int iStrategy; /* Copy of idxNum search parameter */
+ int nConstraint; /* Number of entries in aConstraint */
+ RtreeConstraint *aConstraint; /* Search constraints. */
+ int nPointAlloc; /* Number of slots allocated for aPoint[] */
+ int nPoint; /* Number of slots used in aPoint[] */
+ int mxLevel; /* iLevel value for root of the tree */
+ RtreeSearchPoint *aPoint; /* Priority queue for search points */
+ RtreeSearchPoint sPoint; /* Cached next search point */
+ RtreeNode *aNode[RTREE_CACHE_SZ]; /* Rtree node cache */
+ u32 anQueue[RTREE_MAX_DEPTH+1]; /* Number of queued entries by iLevel */
+};
+
+/* Return the Rtree of a RtreeCursor */
+#define RTREE_OF_CURSOR(X) ((Rtree*)((X)->base.pVtab))
+
+/*
+** A coordinate can be either a floating point number or a integer. All
+** coordinates within a single R-Tree are always of the same time.
+*/
+union RtreeCoord {
+ RtreeValue f; /* Floating point value */
+ int i; /* Integer value */
+ u32 u; /* Unsigned for byte-order conversions */
+};
+
+/*
+** The argument is an RtreeCoord. Return the value stored within the RtreeCoord
+** formatted as a RtreeDValue (double or int64). This macro assumes that local
+** variable pRtree points to the Rtree structure associated with the
+** RtreeCoord.
+*/
+#ifdef SQLITE_RTREE_INT_ONLY
+# define DCOORD(coord) ((RtreeDValue)coord.i)
+#else
+# define DCOORD(coord) ( \
+ (pRtree->eCoordType==RTREE_COORD_REAL32) ? \
+ ((double)coord.f) : \
+ ((double)coord.i) \
+ )
+#endif
+
+/*
+** A search constraint.
+*/
+struct RtreeConstraint {
+ int iCoord; /* Index of constrained coordinate */
+ int op; /* Constraining operation */
+ union {
+ RtreeDValue rValue; /* Constraint value. */
+ int (*xGeom)(sqlite3_rtree_geometry*,int,RtreeDValue*,int*);
+ int (*xQueryFunc)(sqlite3_rtree_query_info*);
+ } u;
+ sqlite3_rtree_query_info *pInfo; /* xGeom and xQueryFunc argument */
+};
+
+/* Possible values for RtreeConstraint.op */
+#define RTREE_EQ 0x41 /* A */
+#define RTREE_LE 0x42 /* B */
+#define RTREE_LT 0x43 /* C */
+#define RTREE_GE 0x44 /* D */
+#define RTREE_GT 0x45 /* E */
+#define RTREE_MATCH 0x46 /* F: Old-style sqlite3_rtree_geometry_callback() */
+#define RTREE_QUERY 0x47 /* G: New-style sqlite3_rtree_query_callback() */
+
+
+/*
+** An rtree structure node.
+*/
+struct RtreeNode {
+ RtreeNode *pParent; /* Parent node */
+ i64 iNode; /* The node number */
+ int nRef; /* Number of references to this node */
+ int isDirty; /* True if the node needs to be written to disk */
+ u8 *zData; /* Content of the node, as should be on disk */
+ RtreeNode *pNext; /* Next node in this hash collision chain */
+};
+
+/* Return the number of cells in a node */
+#define NCELL(pNode) readInt16(&(pNode)->zData[2])
+
+/*
+** A single cell from a node, deserialized
+*/
+struct RtreeCell {
+ i64 iRowid; /* Node or entry ID */
+ RtreeCoord aCoord[RTREE_MAX_DIMENSIONS*2]; /* Bounding box coordinates */
+};
+
+
+/*
+** This object becomes the sqlite3_user_data() for the SQL functions
+** that are created by sqlite3_rtree_geometry_callback() and
+** sqlite3_rtree_query_callback() and which appear on the right of MATCH
+** operators in order to constrain a search.
+**
+** xGeom and xQueryFunc are the callback functions. Exactly one of
+** xGeom and xQueryFunc fields is non-NULL, depending on whether the
+** SQL function was created using sqlite3_rtree_geometry_callback() or
+** sqlite3_rtree_query_callback().
+**
+** This object is deleted automatically by the destructor mechanism in
+** sqlite3_create_function_v2().
+*/
+struct RtreeGeomCallback {
+ int (*xGeom)(sqlite3_rtree_geometry*, int, RtreeDValue*, int*);
+ int (*xQueryFunc)(sqlite3_rtree_query_info*);
+ void (*xDestructor)(void*);
+ void *pContext;
+};
+
+
+/*
+** Value for the first field of every RtreeMatchArg object. The MATCH
+** operator tests that the first field of a blob operand matches this
+** value to avoid operating on invalid blobs (which could cause a segfault).
+*/
+#define RTREE_GEOMETRY_MAGIC 0x891245AB
+
+/*
+** An instance of this structure (in the form of a BLOB) is returned by
+** the SQL functions that sqlite3_rtree_geometry_callback() and
+** sqlite3_rtree_query_callback() create, and is read as the right-hand
+** operand to the MATCH operator of an R-Tree.
+*/
+struct RtreeMatchArg {
+ u32 magic; /* Always RTREE_GEOMETRY_MAGIC */
+ RtreeGeomCallback cb; /* Info about the callback functions */
+ int nParam; /* Number of parameters to the SQL function */
+ sqlite3_value **apSqlParam; /* Original SQL parameter values */
+ RtreeDValue aParam[1]; /* Values for parameters to the SQL function */
+};
+
+#ifndef MAX
+# define MAX(x,y) ((x) < (y) ? (y) : (x))
+#endif
+#ifndef MIN
+# define MIN(x,y) ((x) > (y) ? (y) : (x))
+#endif
+
+/*
+** Functions to deserialize a 16 bit integer, 32 bit real number and
+** 64 bit integer. The deserialized value is returned.
+*/
+static int readInt16(u8 *p){
+ return (p[0]<<8) + p[1];
+}
+static void readCoord(u8 *p, RtreeCoord *pCoord){
+ pCoord->u = (
+ (((u32)p[0]) << 24) +
+ (((u32)p[1]) << 16) +
+ (((u32)p[2]) << 8) +
+ (((u32)p[3]) << 0)
+ );
+}
+static i64 readInt64(u8 *p){
+ return (
+ (((i64)p[0]) << 56) +
+ (((i64)p[1]) << 48) +
+ (((i64)p[2]) << 40) +
+ (((i64)p[3]) << 32) +
+ (((i64)p[4]) << 24) +
+ (((i64)p[5]) << 16) +
+ (((i64)p[6]) << 8) +
+ (((i64)p[7]) << 0)
+ );
+}
+
+/*
+** Functions to serialize a 16 bit integer, 32 bit real number and
+** 64 bit integer. The value returned is the number of bytes written
+** to the argument buffer (always 2, 4 and 8 respectively).
+*/
+static int writeInt16(u8 *p, int i){
+ p[0] = (i>> 8)&0xFF;
+ p[1] = (i>> 0)&0xFF;
+ return 2;
+}
+static int writeCoord(u8 *p, RtreeCoord *pCoord){
+ u32 i;
+ assert( sizeof(RtreeCoord)==4 );
+ assert( sizeof(u32)==4 );
+ i = pCoord->u;
+ p[0] = (i>>24)&0xFF;
+ p[1] = (i>>16)&0xFF;
+ p[2] = (i>> 8)&0xFF;
+ p[3] = (i>> 0)&0xFF;
+ return 4;
+}
+static int writeInt64(u8 *p, i64 i){
+ p[0] = (i>>56)&0xFF;
+ p[1] = (i>>48)&0xFF;
+ p[2] = (i>>40)&0xFF;
+ p[3] = (i>>32)&0xFF;
+ p[4] = (i>>24)&0xFF;
+ p[5] = (i>>16)&0xFF;
+ p[6] = (i>> 8)&0xFF;
+ p[7] = (i>> 0)&0xFF;
+ return 8;
+}
+
+/*
+** Increment the reference count of node p.
+*/
+static void nodeReference(RtreeNode *p){
+ if( p ){
+ p->nRef++;
+ }
+}
+
+/*
+** Clear the content of node p (set all bytes to 0x00).
+*/
+static void nodeZero(Rtree *pRtree, RtreeNode *p){
+ memset(&p->zData[2], 0, pRtree->iNodeSize-2);
+ p->isDirty = 1;
+}
+
+/*
+** Given a node number iNode, return the corresponding key to use
+** in the Rtree.aHash table.
+*/
+static int nodeHash(i64 iNode){
+ return iNode % HASHSIZE;
+}
+
+/*
+** Search the node hash table for node iNode. If found, return a pointer
+** to it. Otherwise, return 0.
+*/
+static RtreeNode *nodeHashLookup(Rtree *pRtree, i64 iNode){
+ RtreeNode *p;
+ for(p=pRtree->aHash[nodeHash(iNode)]; p && p->iNode!=iNode; p=p->pNext);
+ return p;
+}
+
+/*
+** Add node pNode to the node hash table.
+*/
+static void nodeHashInsert(Rtree *pRtree, RtreeNode *pNode){
+ int iHash;
+ assert( pNode->pNext==0 );
+ iHash = nodeHash(pNode->iNode);
+ pNode->pNext = pRtree->aHash[iHash];
+ pRtree->aHash[iHash] = pNode;
+}
+
+/*
+** Remove node pNode from the node hash table.
+*/
+static void nodeHashDelete(Rtree *pRtree, RtreeNode *pNode){
+ RtreeNode **pp;
+ if( pNode->iNode!=0 ){
+ pp = &pRtree->aHash[nodeHash(pNode->iNode)];
+ for( ; (*pp)!=pNode; pp = &(*pp)->pNext){ assert(*pp); }
+ *pp = pNode->pNext;
+ pNode->pNext = 0;
+ }
+}
+
+/*
+** Allocate and return new r-tree node. Initially, (RtreeNode.iNode==0),
+** indicating that node has not yet been assigned a node number. It is
+** assigned a node number when nodeWrite() is called to write the
+** node contents out to the database.
+*/
+static RtreeNode *nodeNew(Rtree *pRtree, RtreeNode *pParent){
+ RtreeNode *pNode;
+ pNode = (RtreeNode *)sqlite3_malloc(sizeof(RtreeNode) + pRtree->iNodeSize);
+ if( pNode ){
+ memset(pNode, 0, sizeof(RtreeNode) + pRtree->iNodeSize);
+ pNode->zData = (u8 *)&pNode[1];
+ pNode->nRef = 1;
+ pNode->pParent = pParent;
+ pNode->isDirty = 1;
+ nodeReference(pParent);
+ }
+ return pNode;
+}
+
+/*
+** Obtain a reference to an r-tree node.
+*/
+static int nodeAcquire(
+ Rtree *pRtree, /* R-tree structure */
+ i64 iNode, /* Node number to load */
+ RtreeNode *pParent, /* Either the parent node or NULL */
+ RtreeNode **ppNode /* OUT: Acquired node */
+){
+ int rc;
+ int rc2 = SQLITE_OK;
+ RtreeNode *pNode;
+
+ /* Check if the requested node is already in the hash table. If so,
+ ** increase its reference count and return it.
+ */
+ if( (pNode = nodeHashLookup(pRtree, iNode)) ){
+ assert( !pParent || !pNode->pParent || pNode->pParent==pParent );
+ if( pParent && !pNode->pParent ){
+ nodeReference(pParent);
+ pNode->pParent = pParent;
+ }
+ pNode->nRef++;
+ *ppNode = pNode;
+ return SQLITE_OK;
+ }
+
+ sqlite3_bind_int64(pRtree->pReadNode, 1, iNode);
+ rc = sqlite3_step(pRtree->pReadNode);
+ if( rc==SQLITE_ROW ){
+ const u8 *zBlob = sqlite3_column_blob(pRtree->pReadNode, 0);
+ if( pRtree->iNodeSize==sqlite3_column_bytes(pRtree->pReadNode, 0) ){
+ pNode = (RtreeNode *)sqlite3_malloc(sizeof(RtreeNode)+pRtree->iNodeSize);
+ if( !pNode ){
+ rc2 = SQLITE_NOMEM;
+ }else{
+ pNode->pParent = pParent;
+ pNode->zData = (u8 *)&pNode[1];
+ pNode->nRef = 1;
+ pNode->iNode = iNode;
+ pNode->isDirty = 0;
+ pNode->pNext = 0;
+ memcpy(pNode->zData, zBlob, pRtree->iNodeSize);
+ nodeReference(pParent);
+ }
+ }
+ }
+ rc = sqlite3_reset(pRtree->pReadNode);
+ if( rc==SQLITE_OK ) rc = rc2;
+
+ /* If the root node was just loaded, set pRtree->iDepth to the height
+ ** of the r-tree structure. A height of zero means all data is stored on
+ ** the root node. A height of one means the children of the root node
+ ** are the leaves, and so on. If the depth as specified on the root node
+ ** is greater than RTREE_MAX_DEPTH, the r-tree structure must be corrupt.
+ */
+ if( pNode && iNode==1 ){
+ pRtree->iDepth = readInt16(pNode->zData);
+ if( pRtree->iDepth>RTREE_MAX_DEPTH ){
+ rc = SQLITE_CORRUPT_VTAB;
+ }
+ }
+
+ /* If no error has occurred so far, check if the "number of entries"
+ ** field on the node is too large. If so, set the return code to
+ ** SQLITE_CORRUPT_VTAB.
+ */
+ if( pNode && rc==SQLITE_OK ){
+ if( NCELL(pNode)>((pRtree->iNodeSize-4)/pRtree->nBytesPerCell) ){
+ rc = SQLITE_CORRUPT_VTAB;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ if( pNode!=0 ){
+ nodeHashInsert(pRtree, pNode);
+ }else{
+ rc = SQLITE_CORRUPT_VTAB;
+ }
+ *ppNode = pNode;
+ }else{
+ sqlite3_free(pNode);
+ *ppNode = 0;
+ }
+
+ return rc;
+}
+
+/*
+** Overwrite cell iCell of node pNode with the contents of pCell.
+*/
+static void nodeOverwriteCell(
+ Rtree *pRtree, /* The overall R-Tree */
+ RtreeNode *pNode, /* The node into which the cell is to be written */
+ RtreeCell *pCell, /* The cell to write */
+ int iCell /* Index into pNode into which pCell is written */
+){
+ int ii;
+ u8 *p = &pNode->zData[4 + pRtree->nBytesPerCell*iCell];
+ p += writeInt64(p, pCell->iRowid);
+ for(ii=0; ii<(pRtree->nDim*2); ii++){
+ p += writeCoord(p, &pCell->aCoord[ii]);
+ }
+ pNode->isDirty = 1;
+}
+
+/*
+** Remove the cell with index iCell from node pNode.
+*/
+static void nodeDeleteCell(Rtree *pRtree, RtreeNode *pNode, int iCell){
+ u8 *pDst = &pNode->zData[4 + pRtree->nBytesPerCell*iCell];
+ u8 *pSrc = &pDst[pRtree->nBytesPerCell];
+ int nByte = (NCELL(pNode) - iCell - 1) * pRtree->nBytesPerCell;
+ memmove(pDst, pSrc, nByte);
+ writeInt16(&pNode->zData[2], NCELL(pNode)-1);
+ pNode->isDirty = 1;
+}
+
+/*
+** Insert the contents of cell pCell into node pNode. If the insert
+** is successful, return SQLITE_OK.
+**
+** If there is not enough free space in pNode, return SQLITE_FULL.
+*/
+static int nodeInsertCell(
+ Rtree *pRtree, /* The overall R-Tree */
+ RtreeNode *pNode, /* Write new cell into this node */
+ RtreeCell *pCell /* The cell to be inserted */
+){
+ int nCell; /* Current number of cells in pNode */
+ int nMaxCell; /* Maximum number of cells for pNode */
+
+ nMaxCell = (pRtree->iNodeSize-4)/pRtree->nBytesPerCell;
+ nCell = NCELL(pNode);
+
+ assert( nCell<=nMaxCell );
+ if( nCell<nMaxCell ){
+ nodeOverwriteCell(pRtree, pNode, pCell, nCell);
+ writeInt16(&pNode->zData[2], nCell+1);
+ pNode->isDirty = 1;
+ }
+
+ return (nCell==nMaxCell);
+}
+
+/*
+** If the node is dirty, write it out to the database.
+*/
+static int nodeWrite(Rtree *pRtree, RtreeNode *pNode){
+ int rc = SQLITE_OK;
+ if( pNode->isDirty ){
+ sqlite3_stmt *p = pRtree->pWriteNode;
+ if( pNode->iNode ){
+ sqlite3_bind_int64(p, 1, pNode->iNode);
+ }else{
+ sqlite3_bind_null(p, 1);
+ }
+ sqlite3_bind_blob(p, 2, pNode->zData, pRtree->iNodeSize, SQLITE_STATIC);
+ sqlite3_step(p);
+ pNode->isDirty = 0;
+ rc = sqlite3_reset(p);
+ if( pNode->iNode==0 && rc==SQLITE_OK ){
+ pNode->iNode = sqlite3_last_insert_rowid(pRtree->db);
+ nodeHashInsert(pRtree, pNode);
+ }
+ }
+ return rc;
+}
+
+/*
+** Release a reference to a node. If the node is dirty and the reference
+** count drops to zero, the node data is written to the database.
+*/
+static int nodeRelease(Rtree *pRtree, RtreeNode *pNode){
+ int rc = SQLITE_OK;
+ if( pNode ){
+ assert( pNode->nRef>0 );
+ pNode->nRef--;
+ if( pNode->nRef==0 ){
+ if( pNode->iNode==1 ){
+ pRtree->iDepth = -1;
+ }
+ if( pNode->pParent ){
+ rc = nodeRelease(pRtree, pNode->pParent);
+ }
+ if( rc==SQLITE_OK ){
+ rc = nodeWrite(pRtree, pNode);
+ }
+ nodeHashDelete(pRtree, pNode);
+ sqlite3_free(pNode);
+ }
+ }
+ return rc;
+}
+
+/*
+** Return the 64-bit integer value associated with cell iCell of
+** node pNode. If pNode is a leaf node, this is a rowid. If it is
+** an internal node, then the 64-bit integer is a child page number.
+*/
+static i64 nodeGetRowid(
+ Rtree *pRtree, /* The overall R-Tree */
+ RtreeNode *pNode, /* The node from which to extract the ID */
+ int iCell /* The cell index from which to extract the ID */
+){
+ assert( iCell<NCELL(pNode) );
+ return readInt64(&pNode->zData[4 + pRtree->nBytesPerCell*iCell]);
+}
+
+/*
+** Return coordinate iCoord from cell iCell in node pNode.
+*/
+static void nodeGetCoord(
+ Rtree *pRtree, /* The overall R-Tree */
+ RtreeNode *pNode, /* The node from which to extract a coordinate */
+ int iCell, /* The index of the cell within the node */
+ int iCoord, /* Which coordinate to extract */
+ RtreeCoord *pCoord /* OUT: Space to write result to */
+){
+ readCoord(&pNode->zData[12 + pRtree->nBytesPerCell*iCell + 4*iCoord], pCoord);
+}
+
+/*
+** Deserialize cell iCell of node pNode. Populate the structure pointed
+** to by pCell with the results.
+*/
+static void nodeGetCell(
+ Rtree *pRtree, /* The overall R-Tree */
+ RtreeNode *pNode, /* The node containing the cell to be read */
+ int iCell, /* Index of the cell within the node */
+ RtreeCell *pCell /* OUT: Write the cell contents here */
+){
+ u8 *pData;
+ RtreeCoord *pCoord;
+ int ii;
+ pCell->iRowid = nodeGetRowid(pRtree, pNode, iCell);
+ pData = pNode->zData + (12 + pRtree->nBytesPerCell*iCell);
+ pCoord = pCell->aCoord;
+ for(ii=0; ii<pRtree->nDim*2; ii++){
+ readCoord(&pData[ii*4], &pCoord[ii]);
+ }
+}
+
+
+/* Forward declaration for the function that does the work of
+** the virtual table module xCreate() and xConnect() methods.
+*/
+static int rtreeInit(
+ sqlite3 *, void *, int, const char *const*, sqlite3_vtab **, char **, int
+);
+
+/*
+** Rtree virtual table module xCreate method.
+*/
+static int rtreeCreate(
+ sqlite3 *db,
+ void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVtab,
+ char **pzErr
+){
+ return rtreeInit(db, pAux, argc, argv, ppVtab, pzErr, 1);
+}
+
+/*
+** Rtree virtual table module xConnect method.
+*/
+static int rtreeConnect(
+ sqlite3 *db,
+ void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVtab,
+ char **pzErr
+){
+ return rtreeInit(db, pAux, argc, argv, ppVtab, pzErr, 0);
+}
+
+/*
+** Increment the r-tree reference count.
+*/
+static void rtreeReference(Rtree *pRtree){
+ pRtree->nBusy++;
+}
+
+/*
+** Decrement the r-tree reference count. When the reference count reaches
+** zero the structure is deleted.
+*/
+static void rtreeRelease(Rtree *pRtree){
+ pRtree->nBusy--;
+ if( pRtree->nBusy==0 ){
+ sqlite3_finalize(pRtree->pReadNode);
+ sqlite3_finalize(pRtree->pWriteNode);
+ sqlite3_finalize(pRtree->pDeleteNode);
+ sqlite3_finalize(pRtree->pReadRowid);
+ sqlite3_finalize(pRtree->pWriteRowid);
+ sqlite3_finalize(pRtree->pDeleteRowid);
+ sqlite3_finalize(pRtree->pReadParent);
+ sqlite3_finalize(pRtree->pWriteParent);
+ sqlite3_finalize(pRtree->pDeleteParent);
+ sqlite3_free(pRtree);
+ }
+}
+
+/*
+** Rtree virtual table module xDisconnect method.
+*/
+static int rtreeDisconnect(sqlite3_vtab *pVtab){
+ rtreeRelease((Rtree *)pVtab);
+ return SQLITE_OK;
+}
+
+/*
+** Rtree virtual table module xDestroy method.
+*/
+static int rtreeDestroy(sqlite3_vtab *pVtab){
+ Rtree *pRtree = (Rtree *)pVtab;
+ int rc;
+ char *zCreate = sqlite3_mprintf(
+ "DROP TABLE '%q'.'%q_node';"
+ "DROP TABLE '%q'.'%q_rowid';"
+ "DROP TABLE '%q'.'%q_parent';",
+ pRtree->zDb, pRtree->zName,
+ pRtree->zDb, pRtree->zName,
+ pRtree->zDb, pRtree->zName
+ );
+ if( !zCreate ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_exec(pRtree->db, zCreate, 0, 0, 0);
+ sqlite3_free(zCreate);
+ }
+ if( rc==SQLITE_OK ){
+ rtreeRelease(pRtree);
+ }
+
+ return rc;
+}
+
+/*
+** Rtree virtual table module xOpen method.
+*/
+static int rtreeOpen(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCursor){
+ int rc = SQLITE_NOMEM;
+ RtreeCursor *pCsr;
+
+ pCsr = (RtreeCursor *)sqlite3_malloc(sizeof(RtreeCursor));
+ if( pCsr ){
+ memset(pCsr, 0, sizeof(RtreeCursor));
+ pCsr->base.pVtab = pVTab;
+ rc = SQLITE_OK;
+ }
+ *ppCursor = (sqlite3_vtab_cursor *)pCsr;
+
+ return rc;
+}
+
+
+/*
+** Free the RtreeCursor.aConstraint[] array and its contents.
+*/
+static void freeCursorConstraints(RtreeCursor *pCsr){
+ if( pCsr->aConstraint ){
+ int i; /* Used to iterate through constraint array */
+ for(i=0; i<pCsr->nConstraint; i++){
+ sqlite3_rtree_query_info *pInfo = pCsr->aConstraint[i].pInfo;
+ if( pInfo ){
+ if( pInfo->xDelUser ) pInfo->xDelUser(pInfo->pUser);
+ sqlite3_free(pInfo);
+ }
+ }
+ sqlite3_free(pCsr->aConstraint);
+ pCsr->aConstraint = 0;
+ }
+}
+
+/*
+** Rtree virtual table module xClose method.
+*/
+static int rtreeClose(sqlite3_vtab_cursor *cur){
+ Rtree *pRtree = (Rtree *)(cur->pVtab);
+ int ii;
+ RtreeCursor *pCsr = (RtreeCursor *)cur;
+ freeCursorConstraints(pCsr);
+ sqlite3_free(pCsr->aPoint);
+ for(ii=0; ii<RTREE_CACHE_SZ; ii++) nodeRelease(pRtree, pCsr->aNode[ii]);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+/*
+** Rtree virtual table module xEof method.
+**
+** Return non-zero if the cursor does not currently point to a valid
+** record (i.e if the scan has finished), or zero otherwise.
+*/
+static int rtreeEof(sqlite3_vtab_cursor *cur){
+ RtreeCursor *pCsr = (RtreeCursor *)cur;
+ return pCsr->atEOF;
+}
+
+/*
+** Convert raw bits from the on-disk RTree record into a coordinate value.
+** The on-disk format is big-endian and needs to be converted for little-
+** endian platforms. The on-disk record stores integer coordinates if
+** eInt is true and it stores 32-bit floating point records if eInt is
+** false. a[] is the four bytes of the on-disk record to be decoded.
+** Store the results in "r".
+**
+** There are three versions of this macro, one each for little-endian and
+** big-endian processors and a third generic implementation. The endian-
+** specific implementations are much faster and are preferred if the
+** processor endianness is known at compile-time. The SQLITE_BYTEORDER
+** macro is part of sqliteInt.h and hence the endian-specific
+** implementation will only be used if this module is compiled as part
+** of the amalgamation.
+*/
+#if defined(SQLITE_BYTEORDER) && SQLITE_BYTEORDER==1234
+#define RTREE_DECODE_COORD(eInt, a, r) { \
+ RtreeCoord c; /* Coordinate decoded */ \
+ memcpy(&c.u,a,4); \
+ c.u = ((c.u>>24)&0xff)|((c.u>>8)&0xff00)| \
+ ((c.u&0xff)<<24)|((c.u&0xff00)<<8); \
+ r = eInt ? (sqlite3_rtree_dbl)c.i : (sqlite3_rtree_dbl)c.f; \
+}
+#elif defined(SQLITE_BYTEORDER) && SQLITE_BYTEORDER==4321
+#define RTREE_DECODE_COORD(eInt, a, r) { \
+ RtreeCoord c; /* Coordinate decoded */ \
+ memcpy(&c.u,a,4); \
+ r = eInt ? (sqlite3_rtree_dbl)c.i : (sqlite3_rtree_dbl)c.f; \
+}
+#else
+#define RTREE_DECODE_COORD(eInt, a, r) { \
+ RtreeCoord c; /* Coordinate decoded */ \
+ c.u = ((u32)a[0]<<24) + ((u32)a[1]<<16) \
+ +((u32)a[2]<<8) + a[3]; \
+ r = eInt ? (sqlite3_rtree_dbl)c.i : (sqlite3_rtree_dbl)c.f; \
+}
+#endif
+
+/*
+** Check the RTree node or entry given by pCellData and p against the MATCH
+** constraint pConstraint.
+*/
+static int rtreeCallbackConstraint(
+ RtreeConstraint *pConstraint, /* The constraint to test */
+ int eInt, /* True if RTree holding integer coordinates */
+ u8 *pCellData, /* Raw cell content */
+ RtreeSearchPoint *pSearch, /* Container of this cell */
+ sqlite3_rtree_dbl *prScore, /* OUT: score for the cell */
+ int *peWithin /* OUT: visibility of the cell */
+){
+ int i; /* Loop counter */
+ sqlite3_rtree_query_info *pInfo = pConstraint->pInfo; /* Callback info */
+ int nCoord = pInfo->nCoord; /* No. of coordinates */
+ int rc; /* Callback return code */
+ sqlite3_rtree_dbl aCoord[RTREE_MAX_DIMENSIONS*2]; /* Decoded coordinates */
+
+ assert( pConstraint->op==RTREE_MATCH || pConstraint->op==RTREE_QUERY );
+ assert( nCoord==2 || nCoord==4 || nCoord==6 || nCoord==8 || nCoord==10 );
+
+ if( pConstraint->op==RTREE_QUERY && pSearch->iLevel==1 ){
+ pInfo->iRowid = readInt64(pCellData);
+ }
+ pCellData += 8;
+ for(i=0; i<nCoord; i++, pCellData += 4){
+ RTREE_DECODE_COORD(eInt, pCellData, aCoord[i]);
+ }
+ if( pConstraint->op==RTREE_MATCH ){
+ rc = pConstraint->u.xGeom((sqlite3_rtree_geometry*)pInfo,
+ nCoord, aCoord, &i);
+ if( i==0 ) *peWithin = NOT_WITHIN;
+ *prScore = RTREE_ZERO;
+ }else{
+ pInfo->aCoord = aCoord;
+ pInfo->iLevel = pSearch->iLevel - 1;
+ pInfo->rScore = pInfo->rParentScore = pSearch->rScore;
+ pInfo->eWithin = pInfo->eParentWithin = pSearch->eWithin;
+ rc = pConstraint->u.xQueryFunc(pInfo);
+ if( pInfo->eWithin<*peWithin ) *peWithin = pInfo->eWithin;
+ if( pInfo->rScore<*prScore || *prScore<RTREE_ZERO ){
+ *prScore = pInfo->rScore;
+ }
+ }
+ return rc;
+}
+
+/*
+** Check the internal RTree node given by pCellData against constraint p.
+** If this constraint cannot be satisfied by any child within the node,
+** set *peWithin to NOT_WITHIN.
+*/
+static void rtreeNonleafConstraint(
+ RtreeConstraint *p, /* The constraint to test */
+ int eInt, /* True if RTree holds integer coordinates */
+ u8 *pCellData, /* Raw cell content as appears on disk */
+ int *peWithin /* Adjust downward, as appropriate */
+){
+ sqlite3_rtree_dbl val; /* Coordinate value convert to a double */
+
+ /* p->iCoord might point to either a lower or upper bound coordinate
+ ** in a coordinate pair. But make pCellData point to the lower bound.
+ */
+ pCellData += 8 + 4*(p->iCoord&0xfe);
+
+ assert(p->op==RTREE_LE || p->op==RTREE_LT || p->op==RTREE_GE
+ || p->op==RTREE_GT || p->op==RTREE_EQ );
+ switch( p->op ){
+ case RTREE_LE:
+ case RTREE_LT:
+ case RTREE_EQ:
+ RTREE_DECODE_COORD(eInt, pCellData, val);
+ /* val now holds the lower bound of the coordinate pair */
+ if( p->u.rValue>=val ) return;
+ if( p->op!=RTREE_EQ ) break; /* RTREE_LE and RTREE_LT end here */
+ /* Fall through for the RTREE_EQ case */
+
+ default: /* RTREE_GT or RTREE_GE, or fallthrough of RTREE_EQ */
+ pCellData += 4;
+ RTREE_DECODE_COORD(eInt, pCellData, val);
+ /* val now holds the upper bound of the coordinate pair */
+ if( p->u.rValue<=val ) return;
+ }
+ *peWithin = NOT_WITHIN;
+}
+
+/*
+** Check the leaf RTree cell given by pCellData against constraint p.
+** If this constraint is not satisfied, set *peWithin to NOT_WITHIN.
+** If the constraint is satisfied, leave *peWithin unchanged.
+**
+** The constraint is of the form: xN op $val
+**
+** The op is given by p->op. The xN is p->iCoord-th coordinate in
+** pCellData. $val is given by p->u.rValue.
+*/
+static void rtreeLeafConstraint(
+ RtreeConstraint *p, /* The constraint to test */
+ int eInt, /* True if RTree holds integer coordinates */
+ u8 *pCellData, /* Raw cell content as appears on disk */
+ int *peWithin /* Adjust downward, as appropriate */
+){
+ RtreeDValue xN; /* Coordinate value converted to a double */
+
+ assert(p->op==RTREE_LE || p->op==RTREE_LT || p->op==RTREE_GE
+ || p->op==RTREE_GT || p->op==RTREE_EQ );
+ pCellData += 8 + p->iCoord*4;
+ RTREE_DECODE_COORD(eInt, pCellData, xN);
+ switch( p->op ){
+ case RTREE_LE: if( xN <= p->u.rValue ) return; break;
+ case RTREE_LT: if( xN < p->u.rValue ) return; break;
+ case RTREE_GE: if( xN >= p->u.rValue ) return; break;
+ case RTREE_GT: if( xN > p->u.rValue ) return; break;
+ default: if( xN == p->u.rValue ) return; break;
+ }
+ *peWithin = NOT_WITHIN;
+}
+
+/*
+** One of the cells in node pNode is guaranteed to have a 64-bit
+** integer value equal to iRowid. Return the index of this cell.
+*/
+static int nodeRowidIndex(
+ Rtree *pRtree,
+ RtreeNode *pNode,
+ i64 iRowid,
+ int *piIndex
+){
+ int ii;
+ int nCell = NCELL(pNode);
+ assert( nCell<200 );
+ for(ii=0; ii<nCell; ii++){
+ if( nodeGetRowid(pRtree, pNode, ii)==iRowid ){
+ *piIndex = ii;
+ return SQLITE_OK;
+ }
+ }
+ return SQLITE_CORRUPT_VTAB;
+}
+
+/*
+** Return the index of the cell containing a pointer to node pNode
+** in its parent. If pNode is the root node, return -1.
+*/
+static int nodeParentIndex(Rtree *pRtree, RtreeNode *pNode, int *piIndex){
+ RtreeNode *pParent = pNode->pParent;
+ if( pParent ){
+ return nodeRowidIndex(pRtree, pParent, pNode->iNode, piIndex);
+ }
+ *piIndex = -1;
+ return SQLITE_OK;
+}
+
+/*
+** Compare two search points. Return negative, zero, or positive if the first
+** is less than, equal to, or greater than the second.
+**
+** The rScore is the primary key. Smaller rScore values come first.
+** If the rScore is a tie, then use iLevel as the tie breaker with smaller
+** iLevel values coming first. In this way, if rScore is the same for all
+** SearchPoints, then iLevel becomes the deciding factor and the result
+** is a depth-first search, which is the desired default behavior.
+*/
+static int rtreeSearchPointCompare(
+ const RtreeSearchPoint *pA,
+ const RtreeSearchPoint *pB
+){
+ if( pA->rScore<pB->rScore ) return -1;
+ if( pA->rScore>pB->rScore ) return +1;
+ if( pA->iLevel<pB->iLevel ) return -1;
+ if( pA->iLevel>pB->iLevel ) return +1;
+ return 0;
+}
+
+/*
+** Interchange to search points in a cursor.
+*/
+static void rtreeSearchPointSwap(RtreeCursor *p, int i, int j){
+ RtreeSearchPoint t = p->aPoint[i];
+ assert( i<j );
+ p->aPoint[i] = p->aPoint[j];
+ p->aPoint[j] = t;
+ i++; j++;
+ if( i<RTREE_CACHE_SZ ){
+ if( j>=RTREE_CACHE_SZ ){
+ nodeRelease(RTREE_OF_CURSOR(p), p->aNode[i]);
+ p->aNode[i] = 0;
+ }else{
+ RtreeNode *pTemp = p->aNode[i];
+ p->aNode[i] = p->aNode[j];
+ p->aNode[j] = pTemp;
+ }
+ }
+}
+
+/*
+** Return the search point with the lowest current score.
+*/
+static RtreeSearchPoint *rtreeSearchPointFirst(RtreeCursor *pCur){
+ return pCur->bPoint ? &pCur->sPoint : pCur->nPoint ? pCur->aPoint : 0;
+}
+
+/*
+** Get the RtreeNode for the search point with the lowest score.
+*/
+static RtreeNode *rtreeNodeOfFirstSearchPoint(RtreeCursor *pCur, int *pRC){
+ sqlite3_int64 id;
+ int ii = 1 - pCur->bPoint;
+ assert( ii==0 || ii==1 );
+ assert( pCur->bPoint || pCur->nPoint );
+ if( pCur->aNode[ii]==0 ){
+ assert( pRC!=0 );
+ id = ii ? pCur->aPoint[0].id : pCur->sPoint.id;
+ *pRC = nodeAcquire(RTREE_OF_CURSOR(pCur), id, 0, &pCur->aNode[ii]);
+ }
+ return pCur->aNode[ii];
+}
+
+/*
+** Push a new element onto the priority queue
+*/
+static RtreeSearchPoint *rtreeEnqueue(
+ RtreeCursor *pCur, /* The cursor */
+ RtreeDValue rScore, /* Score for the new search point */
+ u8 iLevel /* Level for the new search point */
+){
+ int i, j;
+ RtreeSearchPoint *pNew;
+ if( pCur->nPoint>=pCur->nPointAlloc ){
+ int nNew = pCur->nPointAlloc*2 + 8;
+ pNew = sqlite3_realloc(pCur->aPoint, nNew*sizeof(pCur->aPoint[0]));
+ if( pNew==0 ) return 0;
+ pCur->aPoint = pNew;
+ pCur->nPointAlloc = nNew;
+ }
+ i = pCur->nPoint++;
+ pNew = pCur->aPoint + i;
+ pNew->rScore = rScore;
+ pNew->iLevel = iLevel;
+ assert( iLevel<=RTREE_MAX_DEPTH );
+ while( i>0 ){
+ RtreeSearchPoint *pParent;
+ j = (i-1)/2;
+ pParent = pCur->aPoint + j;
+ if( rtreeSearchPointCompare(pNew, pParent)>=0 ) break;
+ rtreeSearchPointSwap(pCur, j, i);
+ i = j;
+ pNew = pParent;
+ }
+ return pNew;
+}
+
+/*
+** Allocate a new RtreeSearchPoint and return a pointer to it. Return
+** NULL if malloc fails.
+*/
+static RtreeSearchPoint *rtreeSearchPointNew(
+ RtreeCursor *pCur, /* The cursor */
+ RtreeDValue rScore, /* Score for the new search point */
+ u8 iLevel /* Level for the new search point */
+){
+ RtreeSearchPoint *pNew, *pFirst;
+ pFirst = rtreeSearchPointFirst(pCur);
+ pCur->anQueue[iLevel]++;
+ if( pFirst==0
+ || pFirst->rScore>rScore
+ || (pFirst->rScore==rScore && pFirst->iLevel>iLevel)
+ ){
+ if( pCur->bPoint ){
+ int ii;
+ pNew = rtreeEnqueue(pCur, rScore, iLevel);
+ if( pNew==0 ) return 0;
+ ii = (int)(pNew - pCur->aPoint) + 1;
+ if( ii<RTREE_CACHE_SZ ){
+ assert( pCur->aNode[ii]==0 );
+ pCur->aNode[ii] = pCur->aNode[0];
+ }else{
+ nodeRelease(RTREE_OF_CURSOR(pCur), pCur->aNode[0]);
+ }
+ pCur->aNode[0] = 0;
+ *pNew = pCur->sPoint;
+ }
+ pCur->sPoint.rScore = rScore;
+ pCur->sPoint.iLevel = iLevel;
+ pCur->bPoint = 1;
+ return &pCur->sPoint;
+ }else{
+ return rtreeEnqueue(pCur, rScore, iLevel);
+ }
+}
+
+#if 0
+/* Tracing routines for the RtreeSearchPoint queue */
+static void tracePoint(RtreeSearchPoint *p, int idx, RtreeCursor *pCur){
+ if( idx<0 ){ printf(" s"); }else{ printf("%2d", idx); }
+ printf(" %d.%05lld.%02d %g %d",
+ p->iLevel, p->id, p->iCell, p->rScore, p->eWithin
+ );
+ idx++;
+ if( idx<RTREE_CACHE_SZ ){
+ printf(" %p\n", pCur->aNode[idx]);
+ }else{
+ printf("\n");
+ }
+}
+static void traceQueue(RtreeCursor *pCur, const char *zPrefix){
+ int ii;
+ printf("=== %9s ", zPrefix);
+ if( pCur->bPoint ){
+ tracePoint(&pCur->sPoint, -1, pCur);
+ }
+ for(ii=0; ii<pCur->nPoint; ii++){
+ if( ii>0 || pCur->bPoint ) printf(" ");
+ tracePoint(&pCur->aPoint[ii], ii, pCur);
+ }
+}
+# define RTREE_QUEUE_TRACE(A,B) traceQueue(A,B)
+#else
+# define RTREE_QUEUE_TRACE(A,B) /* no-op */
+#endif
+
+/* Remove the search point with the lowest current score.
+*/
+static void rtreeSearchPointPop(RtreeCursor *p){
+ int i, j, k, n;
+ i = 1 - p->bPoint;
+ assert( i==0 || i==1 );
+ if( p->aNode[i] ){
+ nodeRelease(RTREE_OF_CURSOR(p), p->aNode[i]);
+ p->aNode[i] = 0;
+ }
+ if( p->bPoint ){
+ p->anQueue[p->sPoint.iLevel]--;
+ p->bPoint = 0;
+ }else if( p->nPoint ){
+ p->anQueue[p->aPoint[0].iLevel]--;
+ n = --p->nPoint;
+ p->aPoint[0] = p->aPoint[n];
+ if( n<RTREE_CACHE_SZ-1 ){
+ p->aNode[1] = p->aNode[n+1];
+ p->aNode[n+1] = 0;
+ }
+ i = 0;
+ while( (j = i*2+1)<n ){
+ k = j+1;
+ if( k<n && rtreeSearchPointCompare(&p->aPoint[k], &p->aPoint[j])<0 ){
+ if( rtreeSearchPointCompare(&p->aPoint[k], &p->aPoint[i])<0 ){
+ rtreeSearchPointSwap(p, i, k);
+ i = k;
+ }else{
+ break;
+ }
+ }else{
+ if( rtreeSearchPointCompare(&p->aPoint[j], &p->aPoint[i])<0 ){
+ rtreeSearchPointSwap(p, i, j);
+ i = j;
+ }else{
+ break;
+ }
+ }
+ }
+ }
+}
+
+
+/*
+** Continue the search on cursor pCur until the front of the queue
+** contains an entry suitable for returning as a result-set row,
+** or until the RtreeSearchPoint queue is empty, indicating that the
+** query has completed.
+*/
+static int rtreeStepToLeaf(RtreeCursor *pCur){
+ RtreeSearchPoint *p;
+ Rtree *pRtree = RTREE_OF_CURSOR(pCur);
+ RtreeNode *pNode;
+ int eWithin;
+ int rc = SQLITE_OK;
+ int nCell;
+ int nConstraint = pCur->nConstraint;
+ int ii;
+ int eInt;
+ RtreeSearchPoint x;
+
+ eInt = pRtree->eCoordType==RTREE_COORD_INT32;
+ while( (p = rtreeSearchPointFirst(pCur))!=0 && p->iLevel>0 ){
+ pNode = rtreeNodeOfFirstSearchPoint(pCur, &rc);
+ if( rc ) return rc;
+ nCell = NCELL(pNode);
+ assert( nCell<200 );
+ while( p->iCell<nCell ){
+ sqlite3_rtree_dbl rScore = (sqlite3_rtree_dbl)-1;
+ u8 *pCellData = pNode->zData + (4+pRtree->nBytesPerCell*p->iCell);
+ eWithin = FULLY_WITHIN;
+ for(ii=0; ii<nConstraint; ii++){
+ RtreeConstraint *pConstraint = pCur->aConstraint + ii;
+ if( pConstraint->op>=RTREE_MATCH ){
+ rc = rtreeCallbackConstraint(pConstraint, eInt, pCellData, p,
+ &rScore, &eWithin);
+ if( rc ) return rc;
+ }else if( p->iLevel==1 ){
+ rtreeLeafConstraint(pConstraint, eInt, pCellData, &eWithin);
+ }else{
+ rtreeNonleafConstraint(pConstraint, eInt, pCellData, &eWithin);
+ }
+ if( eWithin==NOT_WITHIN ) break;
+ }
+ p->iCell++;
+ if( eWithin==NOT_WITHIN ) continue;
+ x.iLevel = p->iLevel - 1;
+ if( x.iLevel ){
+ x.id = readInt64(pCellData);
+ x.iCell = 0;
+ }else{
+ x.id = p->id;
+ x.iCell = p->iCell - 1;
+ }
+ if( p->iCell>=nCell ){
+ RTREE_QUEUE_TRACE(pCur, "POP-S:");
+ rtreeSearchPointPop(pCur);
+ }
+ if( rScore<RTREE_ZERO ) rScore = RTREE_ZERO;
+ p = rtreeSearchPointNew(pCur, rScore, x.iLevel);
+ if( p==0 ) return SQLITE_NOMEM;
+ p->eWithin = eWithin;
+ p->id = x.id;
+ p->iCell = x.iCell;
+ RTREE_QUEUE_TRACE(pCur, "PUSH-S:");
+ break;
+ }
+ if( p->iCell>=nCell ){
+ RTREE_QUEUE_TRACE(pCur, "POP-Se:");
+ rtreeSearchPointPop(pCur);
+ }
+ }
+ pCur->atEOF = p==0;
+ return SQLITE_OK;
+}
+
+/*
+** Rtree virtual table module xNext method.
+*/
+static int rtreeNext(sqlite3_vtab_cursor *pVtabCursor){
+ RtreeCursor *pCsr = (RtreeCursor *)pVtabCursor;
+ int rc = SQLITE_OK;
+
+ /* Move to the next entry that matches the configured constraints. */
+ RTREE_QUEUE_TRACE(pCsr, "POP-Nx:");
+ rtreeSearchPointPop(pCsr);
+ rc = rtreeStepToLeaf(pCsr);
+ return rc;
+}
+
+/*
+** Rtree virtual table module xRowid method.
+*/
+static int rtreeRowid(sqlite3_vtab_cursor *pVtabCursor, sqlite_int64 *pRowid){
+ RtreeCursor *pCsr = (RtreeCursor *)pVtabCursor;
+ RtreeSearchPoint *p = rtreeSearchPointFirst(pCsr);
+ int rc = SQLITE_OK;
+ RtreeNode *pNode = rtreeNodeOfFirstSearchPoint(pCsr, &rc);
+ if( rc==SQLITE_OK && p ){
+ *pRowid = nodeGetRowid(RTREE_OF_CURSOR(pCsr), pNode, p->iCell);
+ }
+ return rc;
+}
+
+/*
+** Rtree virtual table module xColumn method.
+*/
+static int rtreeColumn(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int i){
+ Rtree *pRtree = (Rtree *)cur->pVtab;
+ RtreeCursor *pCsr = (RtreeCursor *)cur;
+ RtreeSearchPoint *p = rtreeSearchPointFirst(pCsr);
+ RtreeCoord c;
+ int rc = SQLITE_OK;
+ RtreeNode *pNode = rtreeNodeOfFirstSearchPoint(pCsr, &rc);
+
+ if( rc ) return rc;
+ if( p==0 ) return SQLITE_OK;
+ if( i==0 ){
+ sqlite3_result_int64(ctx, nodeGetRowid(pRtree, pNode, p->iCell));
+ }else{
+ if( rc ) return rc;
+ nodeGetCoord(pRtree, pNode, p->iCell, i-1, &c);
+#ifndef SQLITE_RTREE_INT_ONLY
+ if( pRtree->eCoordType==RTREE_COORD_REAL32 ){
+ sqlite3_result_double(ctx, c.f);
+ }else
+#endif
+ {
+ assert( pRtree->eCoordType==RTREE_COORD_INT32 );
+ sqlite3_result_int(ctx, c.i);
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Use nodeAcquire() to obtain the leaf node containing the record with
+** rowid iRowid. If successful, set *ppLeaf to point to the node and
+** return SQLITE_OK. If there is no such record in the table, set
+** *ppLeaf to 0 and return SQLITE_OK. If an error occurs, set *ppLeaf
+** to zero and return an SQLite error code.
+*/
+static int findLeafNode(
+ Rtree *pRtree, /* RTree to search */
+ i64 iRowid, /* The rowid searching for */
+ RtreeNode **ppLeaf, /* Write the node here */
+ sqlite3_int64 *piNode /* Write the node-id here */
+){
+ int rc;
+ *ppLeaf = 0;
+ sqlite3_bind_int64(pRtree->pReadRowid, 1, iRowid);
+ if( sqlite3_step(pRtree->pReadRowid)==SQLITE_ROW ){
+ i64 iNode = sqlite3_column_int64(pRtree->pReadRowid, 0);
+ if( piNode ) *piNode = iNode;
+ rc = nodeAcquire(pRtree, iNode, 0, ppLeaf);
+ sqlite3_reset(pRtree->pReadRowid);
+ }else{
+ rc = sqlite3_reset(pRtree->pReadRowid);
+ }
+ return rc;
+}
+
+/*
+** This function is called to configure the RtreeConstraint object passed
+** as the second argument for a MATCH constraint. The value passed as the
+** first argument to this function is the right-hand operand to the MATCH
+** operator.
+*/
+static int deserializeGeometry(sqlite3_value *pValue, RtreeConstraint *pCons){
+ RtreeMatchArg *pBlob; /* BLOB returned by geometry function */
+ sqlite3_rtree_query_info *pInfo; /* Callback information */
+ int nBlob; /* Size of the geometry function blob */
+ int nExpected; /* Expected size of the BLOB */
+
+ /* Check that value is actually a blob. */
+ if( sqlite3_value_type(pValue)!=SQLITE_BLOB ) return SQLITE_ERROR;
+
+ /* Check that the blob is roughly the right size. */
+ nBlob = sqlite3_value_bytes(pValue);
+ if( nBlob<(int)sizeof(RtreeMatchArg) ){
+ return SQLITE_ERROR;
+ }
+
+ pInfo = (sqlite3_rtree_query_info*)sqlite3_malloc( sizeof(*pInfo)+nBlob );
+ if( !pInfo ) return SQLITE_NOMEM;
+ memset(pInfo, 0, sizeof(*pInfo));
+ pBlob = (RtreeMatchArg*)&pInfo[1];
+
+ memcpy(pBlob, sqlite3_value_blob(pValue), nBlob);
+ nExpected = (int)(sizeof(RtreeMatchArg) +
+ pBlob->nParam*sizeof(sqlite3_value*) +
+ (pBlob->nParam-1)*sizeof(RtreeDValue));
+ if( pBlob->magic!=RTREE_GEOMETRY_MAGIC || nBlob!=nExpected ){
+ sqlite3_free(pInfo);
+ return SQLITE_ERROR;
+ }
+ pInfo->pContext = pBlob->cb.pContext;
+ pInfo->nParam = pBlob->nParam;
+ pInfo->aParam = pBlob->aParam;
+ pInfo->apSqlParam = pBlob->apSqlParam;
+
+ if( pBlob->cb.xGeom ){
+ pCons->u.xGeom = pBlob->cb.xGeom;
+ }else{
+ pCons->op = RTREE_QUERY;
+ pCons->u.xQueryFunc = pBlob->cb.xQueryFunc;
+ }
+ pCons->pInfo = pInfo;
+ return SQLITE_OK;
+}
+
+/*
+** Rtree virtual table module xFilter method.
+*/
+static int rtreeFilter(
+ sqlite3_vtab_cursor *pVtabCursor,
+ int idxNum, const char *idxStr,
+ int argc, sqlite3_value **argv
+){
+ Rtree *pRtree = (Rtree *)pVtabCursor->pVtab;
+ RtreeCursor *pCsr = (RtreeCursor *)pVtabCursor;
+ RtreeNode *pRoot = 0;
+ int ii;
+ int rc = SQLITE_OK;
+ int iCell = 0;
+
+ rtreeReference(pRtree);
+
+ /* Reset the cursor to the same state as rtreeOpen() leaves it in. */
+ freeCursorConstraints(pCsr);
+ sqlite3_free(pCsr->aPoint);
+ memset(pCsr, 0, sizeof(RtreeCursor));
+ pCsr->base.pVtab = (sqlite3_vtab*)pRtree;
+
+ pCsr->iStrategy = idxNum;
+ if( idxNum==1 ){
+ /* Special case - lookup by rowid. */
+ RtreeNode *pLeaf; /* Leaf on which the required cell resides */
+ RtreeSearchPoint *p; /* Search point for the the leaf */
+ i64 iRowid = sqlite3_value_int64(argv[0]);
+ i64 iNode = 0;
+ rc = findLeafNode(pRtree, iRowid, &pLeaf, &iNode);
+ if( rc==SQLITE_OK && pLeaf!=0 ){
+ p = rtreeSearchPointNew(pCsr, RTREE_ZERO, 0);
+ assert( p!=0 ); /* Always returns pCsr->sPoint */
+ pCsr->aNode[0] = pLeaf;
+ p->id = iNode;
+ p->eWithin = PARTLY_WITHIN;
+ rc = nodeRowidIndex(pRtree, pLeaf, iRowid, &iCell);
+ p->iCell = iCell;
+ RTREE_QUEUE_TRACE(pCsr, "PUSH-F1:");
+ }else{
+ pCsr->atEOF = 1;
+ }
+ }else{
+ /* Normal case - r-tree scan. Set up the RtreeCursor.aConstraint array
+ ** with the configured constraints.
+ */
+ rc = nodeAcquire(pRtree, 1, 0, &pRoot);
+ if( rc==SQLITE_OK && argc>0 ){
+ pCsr->aConstraint = sqlite3_malloc(sizeof(RtreeConstraint)*argc);
+ pCsr->nConstraint = argc;
+ if( !pCsr->aConstraint ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(pCsr->aConstraint, 0, sizeof(RtreeConstraint)*argc);
+ memset(pCsr->anQueue, 0, sizeof(u32)*(pRtree->iDepth + 1));
+ assert( (idxStr==0 && argc==0)
+ || (idxStr && (int)strlen(idxStr)==argc*2) );
+ for(ii=0; ii<argc; ii++){
+ RtreeConstraint *p = &pCsr->aConstraint[ii];
+ p->op = idxStr[ii*2];
+ p->iCoord = idxStr[ii*2+1]-'0';
+ if( p->op>=RTREE_MATCH ){
+ /* A MATCH operator. The right-hand-side must be a blob that
+ ** can be cast into an RtreeMatchArg object. One created using
+ ** an sqlite3_rtree_geometry_callback() SQL user function.
+ */
+ rc = deserializeGeometry(argv[ii], p);
+ if( rc!=SQLITE_OK ){
+ break;
+ }
+ p->pInfo->nCoord = pRtree->nDim*2;
+ p->pInfo->anQueue = pCsr->anQueue;
+ p->pInfo->mxLevel = pRtree->iDepth + 1;
+ }else{
+#ifdef SQLITE_RTREE_INT_ONLY
+ p->u.rValue = sqlite3_value_int64(argv[ii]);
+#else
+ p->u.rValue = sqlite3_value_double(argv[ii]);
+#endif
+ }
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ RtreeSearchPoint *pNew;
+ pNew = rtreeSearchPointNew(pCsr, RTREE_ZERO, pRtree->iDepth+1);
+ if( pNew==0 ) return SQLITE_NOMEM;
+ pNew->id = 1;
+ pNew->iCell = 0;
+ pNew->eWithin = PARTLY_WITHIN;
+ assert( pCsr->bPoint==1 );
+ pCsr->aNode[0] = pRoot;
+ pRoot = 0;
+ RTREE_QUEUE_TRACE(pCsr, "PUSH-Fm:");
+ rc = rtreeStepToLeaf(pCsr);
+ }
+ }
+
+ nodeRelease(pRtree, pRoot);
+ rtreeRelease(pRtree);
+ return rc;
+}
+
+/*
+** Set the pIdxInfo->estimatedRows variable to nRow. Unless this
+** extension is currently being used by a version of SQLite too old to
+** support estimatedRows. In that case this function is a no-op.
+*/
+static void setEstimatedRows(sqlite3_index_info *pIdxInfo, i64 nRow){
+#if SQLITE_VERSION_NUMBER>=3008002
+ if( sqlite3_libversion_number()>=3008002 ){
+ pIdxInfo->estimatedRows = nRow;
+ }
+#endif
+}
+
+/*
+** Rtree virtual table module xBestIndex method. There are three
+** table scan strategies to choose from (in order from most to
+** least desirable):
+**
+** idxNum idxStr Strategy
+** ------------------------------------------------
+** 1 Unused Direct lookup by rowid.
+** 2 See below R-tree query or full-table scan.
+** ------------------------------------------------
+**
+** If strategy 1 is used, then idxStr is not meaningful. If strategy
+** 2 is used, idxStr is formatted to contain 2 bytes for each
+** constraint used. The first two bytes of idxStr correspond to
+** the constraint in sqlite3_index_info.aConstraintUsage[] with
+** (argvIndex==1) etc.
+**
+** The first of each pair of bytes in idxStr identifies the constraint
+** operator as follows:
+**
+** Operator Byte Value
+** ----------------------
+** = 0x41 ('A')
+** <= 0x42 ('B')
+** < 0x43 ('C')
+** >= 0x44 ('D')
+** > 0x45 ('E')
+** MATCH 0x46 ('F')
+** ----------------------
+**
+** The second of each pair of bytes identifies the coordinate column
+** to which the constraint applies. The leftmost coordinate column
+** is 'a', the second from the left 'b' etc.
+*/
+static int rtreeBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
+ Rtree *pRtree = (Rtree*)tab;
+ int rc = SQLITE_OK;
+ int ii;
+ int bMatch = 0; /* True if there exists a MATCH constraint */
+ i64 nRow; /* Estimated rows returned by this scan */
+
+ int iIdx = 0;
+ char zIdxStr[RTREE_MAX_DIMENSIONS*8+1];
+ memset(zIdxStr, 0, sizeof(zIdxStr));
+
+ /* Check if there exists a MATCH constraint - even an unusable one. If there
+ ** is, do not consider the lookup-by-rowid plan as using such a plan would
+ ** require the VDBE to evaluate the MATCH constraint, which is not currently
+ ** possible. */
+ for(ii=0; ii<pIdxInfo->nConstraint; ii++){
+ if( pIdxInfo->aConstraint[ii].op==SQLITE_INDEX_CONSTRAINT_MATCH ){
+ bMatch = 1;
+ }
+ }
+
+ assert( pIdxInfo->idxStr==0 );
+ for(ii=0; ii<pIdxInfo->nConstraint && iIdx<(int)(sizeof(zIdxStr)-1); ii++){
+ struct sqlite3_index_constraint *p = &pIdxInfo->aConstraint[ii];
+
+ if( bMatch==0 && p->usable
+ && p->iColumn==0 && p->op==SQLITE_INDEX_CONSTRAINT_EQ
+ ){
+ /* We have an equality constraint on the rowid. Use strategy 1. */
+ int jj;
+ for(jj=0; jj<ii; jj++){
+ pIdxInfo->aConstraintUsage[jj].argvIndex = 0;
+ pIdxInfo->aConstraintUsage[jj].omit = 0;
+ }
+ pIdxInfo->idxNum = 1;
+ pIdxInfo->aConstraintUsage[ii].argvIndex = 1;
+ pIdxInfo->aConstraintUsage[jj].omit = 1;
+
+ /* This strategy involves a two rowid lookups on an B-Tree structures
+ ** and then a linear search of an R-Tree node. This should be
+ ** considered almost as quick as a direct rowid lookup (for which
+ ** sqlite uses an internal cost of 0.0). It is expected to return
+ ** a single row.
+ */
+ pIdxInfo->estimatedCost = 30.0;
+ setEstimatedRows(pIdxInfo, 1);
+ return SQLITE_OK;
+ }
+
+ if( p->usable && (p->iColumn>0 || p->op==SQLITE_INDEX_CONSTRAINT_MATCH) ){
+ u8 op;
+ switch( p->op ){
+ case SQLITE_INDEX_CONSTRAINT_EQ: op = RTREE_EQ; break;
+ case SQLITE_INDEX_CONSTRAINT_GT: op = RTREE_GT; break;
+ case SQLITE_INDEX_CONSTRAINT_LE: op = RTREE_LE; break;
+ case SQLITE_INDEX_CONSTRAINT_LT: op = RTREE_LT; break;
+ case SQLITE_INDEX_CONSTRAINT_GE: op = RTREE_GE; break;
+ default:
+ assert( p->op==SQLITE_INDEX_CONSTRAINT_MATCH );
+ op = RTREE_MATCH;
+ break;
+ }
+ zIdxStr[iIdx++] = op;
+ zIdxStr[iIdx++] = p->iColumn - 1 + '0';
+ pIdxInfo->aConstraintUsage[ii].argvIndex = (iIdx/2);
+ pIdxInfo->aConstraintUsage[ii].omit = 1;
+ }
+ }
+
+ pIdxInfo->idxNum = 2;
+ pIdxInfo->needToFreeIdxStr = 1;
+ if( iIdx>0 && 0==(pIdxInfo->idxStr = sqlite3_mprintf("%s", zIdxStr)) ){
+ return SQLITE_NOMEM;
+ }
+
+ nRow = pRtree->nRowEst / (iIdx + 1);
+ pIdxInfo->estimatedCost = (double)6.0 * (double)nRow;
+ setEstimatedRows(pIdxInfo, nRow);
+
+ return rc;
+}
+
+/*
+** Return the N-dimensional volumn of the cell stored in *p.
+*/
+static RtreeDValue cellArea(Rtree *pRtree, RtreeCell *p){
+ RtreeDValue area = (RtreeDValue)1;
+ int ii;
+ for(ii=0; ii<(pRtree->nDim*2); ii+=2){
+ area = (area * (DCOORD(p->aCoord[ii+1]) - DCOORD(p->aCoord[ii])));
+ }
+ return area;
+}
+
+/*
+** Return the margin length of cell p. The margin length is the sum
+** of the objects size in each dimension.
+*/
+static RtreeDValue cellMargin(Rtree *pRtree, RtreeCell *p){
+ RtreeDValue margin = (RtreeDValue)0;
+ int ii;
+ for(ii=0; ii<(pRtree->nDim*2); ii+=2){
+ margin += (DCOORD(p->aCoord[ii+1]) - DCOORD(p->aCoord[ii]));
+ }
+ return margin;
+}
+
+/*
+** Store the union of cells p1 and p2 in p1.
+*/
+static void cellUnion(Rtree *pRtree, RtreeCell *p1, RtreeCell *p2){
+ int ii;
+ if( pRtree->eCoordType==RTREE_COORD_REAL32 ){
+ for(ii=0; ii<(pRtree->nDim*2); ii+=2){
+ p1->aCoord[ii].f = MIN(p1->aCoord[ii].f, p2->aCoord[ii].f);
+ p1->aCoord[ii+1].f = MAX(p1->aCoord[ii+1].f, p2->aCoord[ii+1].f);
+ }
+ }else{
+ for(ii=0; ii<(pRtree->nDim*2); ii+=2){
+ p1->aCoord[ii].i = MIN(p1->aCoord[ii].i, p2->aCoord[ii].i);
+ p1->aCoord[ii+1].i = MAX(p1->aCoord[ii+1].i, p2->aCoord[ii+1].i);
+ }
+ }
+}
+
+/*
+** Return true if the area covered by p2 is a subset of the area covered
+** by p1. False otherwise.
+*/
+static int cellContains(Rtree *pRtree, RtreeCell *p1, RtreeCell *p2){
+ int ii;
+ int isInt = (pRtree->eCoordType==RTREE_COORD_INT32);
+ for(ii=0; ii<(pRtree->nDim*2); ii+=2){
+ RtreeCoord *a1 = &p1->aCoord[ii];
+ RtreeCoord *a2 = &p2->aCoord[ii];
+ if( (!isInt && (a2[0].f<a1[0].f || a2[1].f>a1[1].f))
+ || ( isInt && (a2[0].i<a1[0].i || a2[1].i>a1[1].i))
+ ){
+ return 0;
+ }
+ }
+ return 1;
+}
+
+/*
+** Return the amount cell p would grow by if it were unioned with pCell.
+*/
+static RtreeDValue cellGrowth(Rtree *pRtree, RtreeCell *p, RtreeCell *pCell){
+ RtreeDValue area;
+ RtreeCell cell;
+ memcpy(&cell, p, sizeof(RtreeCell));
+ area = cellArea(pRtree, &cell);
+ cellUnion(pRtree, &cell, pCell);
+ return (cellArea(pRtree, &cell)-area);
+}
+
+static RtreeDValue cellOverlap(
+ Rtree *pRtree,
+ RtreeCell *p,
+ RtreeCell *aCell,
+ int nCell
+){
+ int ii;
+ RtreeDValue overlap = RTREE_ZERO;
+ for(ii=0; ii<nCell; ii++){
+ int jj;
+ RtreeDValue o = (RtreeDValue)1;
+ for(jj=0; jj<(pRtree->nDim*2); jj+=2){
+ RtreeDValue x1, x2;
+ x1 = MAX(DCOORD(p->aCoord[jj]), DCOORD(aCell[ii].aCoord[jj]));
+ x2 = MIN(DCOORD(p->aCoord[jj+1]), DCOORD(aCell[ii].aCoord[jj+1]));
+ if( x2<x1 ){
+ o = (RtreeDValue)0;
+ break;
+ }else{
+ o = o * (x2-x1);
+ }
+ }
+ overlap += o;
+ }
+ return overlap;
+}
+
+
+/*
+** This function implements the ChooseLeaf algorithm from Gutman[84].
+** ChooseSubTree in r*tree terminology.
+*/
+static int ChooseLeaf(
+ Rtree *pRtree, /* Rtree table */
+ RtreeCell *pCell, /* Cell to insert into rtree */
+ int iHeight, /* Height of sub-tree rooted at pCell */
+ RtreeNode **ppLeaf /* OUT: Selected leaf page */
+){
+ int rc;
+ int ii;
+ RtreeNode *pNode;
+ rc = nodeAcquire(pRtree, 1, 0, &pNode);
+
+ for(ii=0; rc==SQLITE_OK && ii<(pRtree->iDepth-iHeight); ii++){
+ int iCell;
+ sqlite3_int64 iBest = 0;
+
+ RtreeDValue fMinGrowth = RTREE_ZERO;
+ RtreeDValue fMinArea = RTREE_ZERO;
+
+ int nCell = NCELL(pNode);
+ RtreeCell cell;
+ RtreeNode *pChild;
+
+ RtreeCell *aCell = 0;
+
+ /* Select the child node which will be enlarged the least if pCell
+ ** is inserted into it. Resolve ties by choosing the entry with
+ ** the smallest area.
+ */
+ for(iCell=0; iCell<nCell; iCell++){
+ int bBest = 0;
+ RtreeDValue growth;
+ RtreeDValue area;
+ nodeGetCell(pRtree, pNode, iCell, &cell);
+ growth = cellGrowth(pRtree, &cell, pCell);
+ area = cellArea(pRtree, &cell);
+ if( iCell==0||growth<fMinGrowth||(growth==fMinGrowth && area<fMinArea) ){
+ bBest = 1;
+ }
+ if( bBest ){
+ fMinGrowth = growth;
+ fMinArea = area;
+ iBest = cell.iRowid;
+ }
+ }
+
+ sqlite3_free(aCell);
+ rc = nodeAcquire(pRtree, iBest, pNode, &pChild);
+ nodeRelease(pRtree, pNode);
+ pNode = pChild;
+ }
+
+ *ppLeaf = pNode;
+ return rc;
+}
+
+/*
+** A cell with the same content as pCell has just been inserted into
+** the node pNode. This function updates the bounding box cells in
+** all ancestor elements.
+*/
+static int AdjustTree(
+ Rtree *pRtree, /* Rtree table */
+ RtreeNode *pNode, /* Adjust ancestry of this node. */
+ RtreeCell *pCell /* This cell was just inserted */
+){
+ RtreeNode *p = pNode;
+ while( p->pParent ){
+ RtreeNode *pParent = p->pParent;
+ RtreeCell cell;
+ int iCell;
+
+ if( nodeParentIndex(pRtree, p, &iCell) ){
+ return SQLITE_CORRUPT_VTAB;
+ }
+
+ nodeGetCell(pRtree, pParent, iCell, &cell);
+ if( !cellContains(pRtree, &cell, pCell) ){
+ cellUnion(pRtree, &cell, pCell);
+ nodeOverwriteCell(pRtree, pParent, &cell, iCell);
+ }
+
+ p = pParent;
+ }
+ return SQLITE_OK;
+}
+
+/*
+** Write mapping (iRowid->iNode) to the <rtree>_rowid table.
+*/
+static int rowidWrite(Rtree *pRtree, sqlite3_int64 iRowid, sqlite3_int64 iNode){
+ sqlite3_bind_int64(pRtree->pWriteRowid, 1, iRowid);
+ sqlite3_bind_int64(pRtree->pWriteRowid, 2, iNode);
+ sqlite3_step(pRtree->pWriteRowid);
+ return sqlite3_reset(pRtree->pWriteRowid);
+}
+
+/*
+** Write mapping (iNode->iPar) to the <rtree>_parent table.
+*/
+static int parentWrite(Rtree *pRtree, sqlite3_int64 iNode, sqlite3_int64 iPar){
+ sqlite3_bind_int64(pRtree->pWriteParent, 1, iNode);
+ sqlite3_bind_int64(pRtree->pWriteParent, 2, iPar);
+ sqlite3_step(pRtree->pWriteParent);
+ return sqlite3_reset(pRtree->pWriteParent);
+}
+
+static int rtreeInsertCell(Rtree *, RtreeNode *, RtreeCell *, int);
+
+
+/*
+** Arguments aIdx, aDistance and aSpare all point to arrays of size
+** nIdx. The aIdx array contains the set of integers from 0 to
+** (nIdx-1) in no particular order. This function sorts the values
+** in aIdx according to the indexed values in aDistance. For
+** example, assuming the inputs:
+**
+** aIdx = { 0, 1, 2, 3 }
+** aDistance = { 5.0, 2.0, 7.0, 6.0 }
+**
+** this function sets the aIdx array to contain:
+**
+** aIdx = { 0, 1, 2, 3 }
+**
+** The aSpare array is used as temporary working space by the
+** sorting algorithm.
+*/
+static void SortByDistance(
+ int *aIdx,
+ int nIdx,
+ RtreeDValue *aDistance,
+ int *aSpare
+){
+ if( nIdx>1 ){
+ int iLeft = 0;
+ int iRight = 0;
+
+ int nLeft = nIdx/2;
+ int nRight = nIdx-nLeft;
+ int *aLeft = aIdx;
+ int *aRight = &aIdx[nLeft];
+
+ SortByDistance(aLeft, nLeft, aDistance, aSpare);
+ SortByDistance(aRight, nRight, aDistance, aSpare);
+
+ memcpy(aSpare, aLeft, sizeof(int)*nLeft);
+ aLeft = aSpare;
+
+ while( iLeft<nLeft || iRight<nRight ){
+ if( iLeft==nLeft ){
+ aIdx[iLeft+iRight] = aRight[iRight];
+ iRight++;
+ }else if( iRight==nRight ){
+ aIdx[iLeft+iRight] = aLeft[iLeft];
+ iLeft++;
+ }else{
+ RtreeDValue fLeft = aDistance[aLeft[iLeft]];
+ RtreeDValue fRight = aDistance[aRight[iRight]];
+ if( fLeft<fRight ){
+ aIdx[iLeft+iRight] = aLeft[iLeft];
+ iLeft++;
+ }else{
+ aIdx[iLeft+iRight] = aRight[iRight];
+ iRight++;
+ }
+ }
+ }
+
+#if 0
+ /* Check that the sort worked */
+ {
+ int jj;
+ for(jj=1; jj<nIdx; jj++){
+ RtreeDValue left = aDistance[aIdx[jj-1]];
+ RtreeDValue right = aDistance[aIdx[jj]];
+ assert( left<=right );
+ }
+ }
+#endif
+ }
+}
+
+/*
+** Arguments aIdx, aCell and aSpare all point to arrays of size
+** nIdx. The aIdx array contains the set of integers from 0 to
+** (nIdx-1) in no particular order. This function sorts the values
+** in aIdx according to dimension iDim of the cells in aCell. The
+** minimum value of dimension iDim is considered first, the
+** maximum used to break ties.
+**
+** The aSpare array is used as temporary working space by the
+** sorting algorithm.
+*/
+static void SortByDimension(
+ Rtree *pRtree,
+ int *aIdx,
+ int nIdx,
+ int iDim,
+ RtreeCell *aCell,
+ int *aSpare
+){
+ if( nIdx>1 ){
+
+ int iLeft = 0;
+ int iRight = 0;
+
+ int nLeft = nIdx/2;
+ int nRight = nIdx-nLeft;
+ int *aLeft = aIdx;
+ int *aRight = &aIdx[nLeft];
+
+ SortByDimension(pRtree, aLeft, nLeft, iDim, aCell, aSpare);
+ SortByDimension(pRtree, aRight, nRight, iDim, aCell, aSpare);
+
+ memcpy(aSpare, aLeft, sizeof(int)*nLeft);
+ aLeft = aSpare;
+ while( iLeft<nLeft || iRight<nRight ){
+ RtreeDValue xleft1 = DCOORD(aCell[aLeft[iLeft]].aCoord[iDim*2]);
+ RtreeDValue xleft2 = DCOORD(aCell[aLeft[iLeft]].aCoord[iDim*2+1]);
+ RtreeDValue xright1 = DCOORD(aCell[aRight[iRight]].aCoord[iDim*2]);
+ RtreeDValue xright2 = DCOORD(aCell[aRight[iRight]].aCoord[iDim*2+1]);
+ if( (iLeft!=nLeft) && ((iRight==nRight)
+ || (xleft1<xright1)
+ || (xleft1==xright1 && xleft2<xright2)
+ )){
+ aIdx[iLeft+iRight] = aLeft[iLeft];
+ iLeft++;
+ }else{
+ aIdx[iLeft+iRight] = aRight[iRight];
+ iRight++;
+ }
+ }
+
+#if 0
+ /* Check that the sort worked */
+ {
+ int jj;
+ for(jj=1; jj<nIdx; jj++){
+ RtreeDValue xleft1 = aCell[aIdx[jj-1]].aCoord[iDim*2];
+ RtreeDValue xleft2 = aCell[aIdx[jj-1]].aCoord[iDim*2+1];
+ RtreeDValue xright1 = aCell[aIdx[jj]].aCoord[iDim*2];
+ RtreeDValue xright2 = aCell[aIdx[jj]].aCoord[iDim*2+1];
+ assert( xleft1<=xright1 && (xleft1<xright1 || xleft2<=xright2) );
+ }
+ }
+#endif
+ }
+}
+
+/*
+** Implementation of the R*-tree variant of SplitNode from Beckman[1990].
+*/
+static int splitNodeStartree(
+ Rtree *pRtree,
+ RtreeCell *aCell,
+ int nCell,
+ RtreeNode *pLeft,
+ RtreeNode *pRight,
+ RtreeCell *pBboxLeft,
+ RtreeCell *pBboxRight
+){
+ int **aaSorted;
+ int *aSpare;
+ int ii;
+
+ int iBestDim = 0;
+ int iBestSplit = 0;
+ RtreeDValue fBestMargin = RTREE_ZERO;
+
+ int nByte = (pRtree->nDim+1)*(sizeof(int*)+nCell*sizeof(int));
+
+ aaSorted = (int **)sqlite3_malloc(nByte);
+ if( !aaSorted ){
+ return SQLITE_NOMEM;
+ }
+
+ aSpare = &((int *)&aaSorted[pRtree->nDim])[pRtree->nDim*nCell];
+ memset(aaSorted, 0, nByte);
+ for(ii=0; ii<pRtree->nDim; ii++){
+ int jj;
+ aaSorted[ii] = &((int *)&aaSorted[pRtree->nDim])[ii*nCell];
+ for(jj=0; jj<nCell; jj++){
+ aaSorted[ii][jj] = jj;
+ }
+ SortByDimension(pRtree, aaSorted[ii], nCell, ii, aCell, aSpare);
+ }
+
+ for(ii=0; ii<pRtree->nDim; ii++){
+ RtreeDValue margin = RTREE_ZERO;
+ RtreeDValue fBestOverlap = RTREE_ZERO;
+ RtreeDValue fBestArea = RTREE_ZERO;
+ int iBestLeft = 0;
+ int nLeft;
+
+ for(
+ nLeft=RTREE_MINCELLS(pRtree);
+ nLeft<=(nCell-RTREE_MINCELLS(pRtree));
+ nLeft++
+ ){
+ RtreeCell left;
+ RtreeCell right;
+ int kk;
+ RtreeDValue overlap;
+ RtreeDValue area;
+
+ memcpy(&left, &aCell[aaSorted[ii][0]], sizeof(RtreeCell));
+ memcpy(&right, &aCell[aaSorted[ii][nCell-1]], sizeof(RtreeCell));
+ for(kk=1; kk<(nCell-1); kk++){
+ if( kk<nLeft ){
+ cellUnion(pRtree, &left, &aCell[aaSorted[ii][kk]]);
+ }else{
+ cellUnion(pRtree, &right, &aCell[aaSorted[ii][kk]]);
+ }
+ }
+ margin += cellMargin(pRtree, &left);
+ margin += cellMargin(pRtree, &right);
+ overlap = cellOverlap(pRtree, &left, &right, 1);
+ area = cellArea(pRtree, &left) + cellArea(pRtree, &right);
+ if( (nLeft==RTREE_MINCELLS(pRtree))
+ || (overlap<fBestOverlap)
+ || (overlap==fBestOverlap && area<fBestArea)
+ ){
+ iBestLeft = nLeft;
+ fBestOverlap = overlap;
+ fBestArea = area;
+ }
+ }
+
+ if( ii==0 || margin<fBestMargin ){
+ iBestDim = ii;
+ fBestMargin = margin;
+ iBestSplit = iBestLeft;
+ }
+ }
+
+ memcpy(pBboxLeft, &aCell[aaSorted[iBestDim][0]], sizeof(RtreeCell));
+ memcpy(pBboxRight, &aCell[aaSorted[iBestDim][iBestSplit]], sizeof(RtreeCell));
+ for(ii=0; ii<nCell; ii++){
+ RtreeNode *pTarget = (ii<iBestSplit)?pLeft:pRight;
+ RtreeCell *pBbox = (ii<iBestSplit)?pBboxLeft:pBboxRight;
+ RtreeCell *pCell = &aCell[aaSorted[iBestDim][ii]];
+ nodeInsertCell(pRtree, pTarget, pCell);
+ cellUnion(pRtree, pBbox, pCell);
+ }
+
+ sqlite3_free(aaSorted);
+ return SQLITE_OK;
+}
+
+
+static int updateMapping(
+ Rtree *pRtree,
+ i64 iRowid,
+ RtreeNode *pNode,
+ int iHeight
+){
+ int (*xSetMapping)(Rtree *, sqlite3_int64, sqlite3_int64);
+ xSetMapping = ((iHeight==0)?rowidWrite:parentWrite);
+ if( iHeight>0 ){
+ RtreeNode *pChild = nodeHashLookup(pRtree, iRowid);
+ if( pChild ){
+ nodeRelease(pRtree, pChild->pParent);
+ nodeReference(pNode);
+ pChild->pParent = pNode;
+ }
+ }
+ return xSetMapping(pRtree, iRowid, pNode->iNode);
+}
+
+static int SplitNode(
+ Rtree *pRtree,
+ RtreeNode *pNode,
+ RtreeCell *pCell,
+ int iHeight
+){
+ int i;
+ int newCellIsRight = 0;
+
+ int rc = SQLITE_OK;
+ int nCell = NCELL(pNode);
+ RtreeCell *aCell;
+ int *aiUsed;
+
+ RtreeNode *pLeft = 0;
+ RtreeNode *pRight = 0;
+
+ RtreeCell leftbbox;
+ RtreeCell rightbbox;
+
+ /* Allocate an array and populate it with a copy of pCell and
+ ** all cells from node pLeft. Then zero the original node.
+ */
+ aCell = sqlite3_malloc((sizeof(RtreeCell)+sizeof(int))*(nCell+1));
+ if( !aCell ){
+ rc = SQLITE_NOMEM;
+ goto splitnode_out;
+ }
+ aiUsed = (int *)&aCell[nCell+1];
+ memset(aiUsed, 0, sizeof(int)*(nCell+1));
+ for(i=0; i<nCell; i++){
+ nodeGetCell(pRtree, pNode, i, &aCell[i]);
+ }
+ nodeZero(pRtree, pNode);
+ memcpy(&aCell[nCell], pCell, sizeof(RtreeCell));
+ nCell++;
+
+ if( pNode->iNode==1 ){
+ pRight = nodeNew(pRtree, pNode);
+ pLeft = nodeNew(pRtree, pNode);
+ pRtree->iDepth++;
+ pNode->isDirty = 1;
+ writeInt16(pNode->zData, pRtree->iDepth);
+ }else{
+ pLeft = pNode;
+ pRight = nodeNew(pRtree, pLeft->pParent);
+ nodeReference(pLeft);
+ }
+
+ if( !pLeft || !pRight ){
+ rc = SQLITE_NOMEM;
+ goto splitnode_out;
+ }
+
+ memset(pLeft->zData, 0, pRtree->iNodeSize);
+ memset(pRight->zData, 0, pRtree->iNodeSize);
+
+ rc = splitNodeStartree(pRtree, aCell, nCell, pLeft, pRight,
+ &leftbbox, &rightbbox);
+ if( rc!=SQLITE_OK ){
+ goto splitnode_out;
+ }
+
+ /* Ensure both child nodes have node numbers assigned to them by calling
+ ** nodeWrite(). Node pRight always needs a node number, as it was created
+ ** by nodeNew() above. But node pLeft sometimes already has a node number.
+ ** In this case avoid the all to nodeWrite().
+ */
+ if( SQLITE_OK!=(rc = nodeWrite(pRtree, pRight))
+ || (0==pLeft->iNode && SQLITE_OK!=(rc = nodeWrite(pRtree, pLeft)))
+ ){
+ goto splitnode_out;
+ }
+
+ rightbbox.iRowid = pRight->iNode;
+ leftbbox.iRowid = pLeft->iNode;
+
+ if( pNode->iNode==1 ){
+ rc = rtreeInsertCell(pRtree, pLeft->pParent, &leftbbox, iHeight+1);
+ if( rc!=SQLITE_OK ){
+ goto splitnode_out;
+ }
+ }else{
+ RtreeNode *pParent = pLeft->pParent;
+ int iCell;
+ rc = nodeParentIndex(pRtree, pLeft, &iCell);
+ if( rc==SQLITE_OK ){
+ nodeOverwriteCell(pRtree, pParent, &leftbbox, iCell);
+ rc = AdjustTree(pRtree, pParent, &leftbbox);
+ }
+ if( rc!=SQLITE_OK ){
+ goto splitnode_out;
+ }
+ }
+ if( (rc = rtreeInsertCell(pRtree, pRight->pParent, &rightbbox, iHeight+1)) ){
+ goto splitnode_out;
+ }
+
+ for(i=0; i<NCELL(pRight); i++){
+ i64 iRowid = nodeGetRowid(pRtree, pRight, i);
+ rc = updateMapping(pRtree, iRowid, pRight, iHeight);
+ if( iRowid==pCell->iRowid ){
+ newCellIsRight = 1;
+ }
+ if( rc!=SQLITE_OK ){
+ goto splitnode_out;
+ }
+ }
+ if( pNode->iNode==1 ){
+ for(i=0; i<NCELL(pLeft); i++){
+ i64 iRowid = nodeGetRowid(pRtree, pLeft, i);
+ rc = updateMapping(pRtree, iRowid, pLeft, iHeight);
+ if( rc!=SQLITE_OK ){
+ goto splitnode_out;
+ }
+ }
+ }else if( newCellIsRight==0 ){
+ rc = updateMapping(pRtree, pCell->iRowid, pLeft, iHeight);
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = nodeRelease(pRtree, pRight);
+ pRight = 0;
+ }
+ if( rc==SQLITE_OK ){
+ rc = nodeRelease(pRtree, pLeft);
+ pLeft = 0;
+ }
+
+splitnode_out:
+ nodeRelease(pRtree, pRight);
+ nodeRelease(pRtree, pLeft);
+ sqlite3_free(aCell);
+ return rc;
+}
+
+/*
+** If node pLeaf is not the root of the r-tree and its pParent pointer is
+** still NULL, load all ancestor nodes of pLeaf into memory and populate
+** the pLeaf->pParent chain all the way up to the root node.
+**
+** This operation is required when a row is deleted (or updated - an update
+** is implemented as a delete followed by an insert). SQLite provides the
+** rowid of the row to delete, which can be used to find the leaf on which
+** the entry resides (argument pLeaf). Once the leaf is located, this
+** function is called to determine its ancestry.
+*/
+static int fixLeafParent(Rtree *pRtree, RtreeNode *pLeaf){
+ int rc = SQLITE_OK;
+ RtreeNode *pChild = pLeaf;
+ while( rc==SQLITE_OK && pChild->iNode!=1 && pChild->pParent==0 ){
+ int rc2 = SQLITE_OK; /* sqlite3_reset() return code */
+ sqlite3_bind_int64(pRtree->pReadParent, 1, pChild->iNode);
+ rc = sqlite3_step(pRtree->pReadParent);
+ if( rc==SQLITE_ROW ){
+ RtreeNode *pTest; /* Used to test for reference loops */
+ i64 iNode; /* Node number of parent node */
+
+ /* Before setting pChild->pParent, test that we are not creating a
+ ** loop of references (as we would if, say, pChild==pParent). We don't
+ ** want to do this as it leads to a memory leak when trying to delete
+ ** the referenced counted node structures.
+ */
+ iNode = sqlite3_column_int64(pRtree->pReadParent, 0);
+ for(pTest=pLeaf; pTest && pTest->iNode!=iNode; pTest=pTest->pParent);
+ if( !pTest ){
+ rc2 = nodeAcquire(pRtree, iNode, 0, &pChild->pParent);
+ }
+ }
+ rc = sqlite3_reset(pRtree->pReadParent);
+ if( rc==SQLITE_OK ) rc = rc2;
+ if( rc==SQLITE_OK && !pChild->pParent ) rc = SQLITE_CORRUPT_VTAB;
+ pChild = pChild->pParent;
+ }
+ return rc;
+}
+
+static int deleteCell(Rtree *, RtreeNode *, int, int);
+
+static int removeNode(Rtree *pRtree, RtreeNode *pNode, int iHeight){
+ int rc;
+ int rc2;
+ RtreeNode *pParent = 0;
+ int iCell;
+
+ assert( pNode->nRef==1 );
+
+ /* Remove the entry in the parent cell. */
+ rc = nodeParentIndex(pRtree, pNode, &iCell);
+ if( rc==SQLITE_OK ){
+ pParent = pNode->pParent;
+ pNode->pParent = 0;
+ rc = deleteCell(pRtree, pParent, iCell, iHeight+1);
+ }
+ rc2 = nodeRelease(pRtree, pParent);
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+
+ /* Remove the xxx_node entry. */
+ sqlite3_bind_int64(pRtree->pDeleteNode, 1, pNode->iNode);
+ sqlite3_step(pRtree->pDeleteNode);
+ if( SQLITE_OK!=(rc = sqlite3_reset(pRtree->pDeleteNode)) ){
+ return rc;
+ }
+
+ /* Remove the xxx_parent entry. */
+ sqlite3_bind_int64(pRtree->pDeleteParent, 1, pNode->iNode);
+ sqlite3_step(pRtree->pDeleteParent);
+ if( SQLITE_OK!=(rc = sqlite3_reset(pRtree->pDeleteParent)) ){
+ return rc;
+ }
+
+ /* Remove the node from the in-memory hash table and link it into
+ ** the Rtree.pDeleted list. Its contents will be re-inserted later on.
+ */
+ nodeHashDelete(pRtree, pNode);
+ pNode->iNode = iHeight;
+ pNode->pNext = pRtree->pDeleted;
+ pNode->nRef++;
+ pRtree->pDeleted = pNode;
+
+ return SQLITE_OK;
+}
+
+static int fixBoundingBox(Rtree *pRtree, RtreeNode *pNode){
+ RtreeNode *pParent = pNode->pParent;
+ int rc = SQLITE_OK;
+ if( pParent ){
+ int ii;
+ int nCell = NCELL(pNode);
+ RtreeCell box; /* Bounding box for pNode */
+ nodeGetCell(pRtree, pNode, 0, &box);
+ for(ii=1; ii<nCell; ii++){
+ RtreeCell cell;
+ nodeGetCell(pRtree, pNode, ii, &cell);
+ cellUnion(pRtree, &box, &cell);
+ }
+ box.iRowid = pNode->iNode;
+ rc = nodeParentIndex(pRtree, pNode, &ii);
+ if( rc==SQLITE_OK ){
+ nodeOverwriteCell(pRtree, pParent, &box, ii);
+ rc = fixBoundingBox(pRtree, pParent);
+ }
+ }
+ return rc;
+}
+
+/*
+** Delete the cell at index iCell of node pNode. After removing the
+** cell, adjust the r-tree data structure if required.
+*/
+static int deleteCell(Rtree *pRtree, RtreeNode *pNode, int iCell, int iHeight){
+ RtreeNode *pParent;
+ int rc;
+
+ if( SQLITE_OK!=(rc = fixLeafParent(pRtree, pNode)) ){
+ return rc;
+ }
+
+ /* Remove the cell from the node. This call just moves bytes around
+ ** the in-memory node image, so it cannot fail.
+ */
+ nodeDeleteCell(pRtree, pNode, iCell);
+
+ /* If the node is not the tree root and now has less than the minimum
+ ** number of cells, remove it from the tree. Otherwise, update the
+ ** cell in the parent node so that it tightly contains the updated
+ ** node.
+ */
+ pParent = pNode->pParent;
+ assert( pParent || pNode->iNode==1 );
+ if( pParent ){
+ if( NCELL(pNode)<RTREE_MINCELLS(pRtree) ){
+ rc = removeNode(pRtree, pNode, iHeight);
+ }else{
+ rc = fixBoundingBox(pRtree, pNode);
+ }
+ }
+
+ return rc;
+}
+
+static int Reinsert(
+ Rtree *pRtree,
+ RtreeNode *pNode,
+ RtreeCell *pCell,
+ int iHeight
+){
+ int *aOrder;
+ int *aSpare;
+ RtreeCell *aCell;
+ RtreeDValue *aDistance;
+ int nCell;
+ RtreeDValue aCenterCoord[RTREE_MAX_DIMENSIONS];
+ int iDim;
+ int ii;
+ int rc = SQLITE_OK;
+ int n;
+
+ memset(aCenterCoord, 0, sizeof(RtreeDValue)*RTREE_MAX_DIMENSIONS);
+
+ nCell = NCELL(pNode)+1;
+ n = (nCell+1)&(~1);
+
+ /* Allocate the buffers used by this operation. The allocation is
+ ** relinquished before this function returns.
+ */
+ aCell = (RtreeCell *)sqlite3_malloc(n * (
+ sizeof(RtreeCell) + /* aCell array */
+ sizeof(int) + /* aOrder array */
+ sizeof(int) + /* aSpare array */
+ sizeof(RtreeDValue) /* aDistance array */
+ ));
+ if( !aCell ){
+ return SQLITE_NOMEM;
+ }
+ aOrder = (int *)&aCell[n];
+ aSpare = (int *)&aOrder[n];
+ aDistance = (RtreeDValue *)&aSpare[n];
+
+ for(ii=0; ii<nCell; ii++){
+ if( ii==(nCell-1) ){
+ memcpy(&aCell[ii], pCell, sizeof(RtreeCell));
+ }else{
+ nodeGetCell(pRtree, pNode, ii, &aCell[ii]);
+ }
+ aOrder[ii] = ii;
+ for(iDim=0; iDim<pRtree->nDim; iDim++){
+ aCenterCoord[iDim] += DCOORD(aCell[ii].aCoord[iDim*2]);
+ aCenterCoord[iDim] += DCOORD(aCell[ii].aCoord[iDim*2+1]);
+ }
+ }
+ for(iDim=0; iDim<pRtree->nDim; iDim++){
+ aCenterCoord[iDim] = (aCenterCoord[iDim]/(nCell*(RtreeDValue)2));
+ }
+
+ for(ii=0; ii<nCell; ii++){
+ aDistance[ii] = RTREE_ZERO;
+ for(iDim=0; iDim<pRtree->nDim; iDim++){
+ RtreeDValue coord = (DCOORD(aCell[ii].aCoord[iDim*2+1]) -
+ DCOORD(aCell[ii].aCoord[iDim*2]));
+ aDistance[ii] += (coord-aCenterCoord[iDim])*(coord-aCenterCoord[iDim]);
+ }
+ }
+
+ SortByDistance(aOrder, nCell, aDistance, aSpare);
+ nodeZero(pRtree, pNode);
+
+ for(ii=0; rc==SQLITE_OK && ii<(nCell-(RTREE_MINCELLS(pRtree)+1)); ii++){
+ RtreeCell *p = &aCell[aOrder[ii]];
+ nodeInsertCell(pRtree, pNode, p);
+ if( p->iRowid==pCell->iRowid ){
+ if( iHeight==0 ){
+ rc = rowidWrite(pRtree, p->iRowid, pNode->iNode);
+ }else{
+ rc = parentWrite(pRtree, p->iRowid, pNode->iNode);
+ }
+ }
+ }
+ if( rc==SQLITE_OK ){
+ rc = fixBoundingBox(pRtree, pNode);
+ }
+ for(; rc==SQLITE_OK && ii<nCell; ii++){
+ /* Find a node to store this cell in. pNode->iNode currently contains
+ ** the height of the sub-tree headed by the cell.
+ */
+ RtreeNode *pInsert;
+ RtreeCell *p = &aCell[aOrder[ii]];
+ rc = ChooseLeaf(pRtree, p, iHeight, &pInsert);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ rc = rtreeInsertCell(pRtree, pInsert, p, iHeight);
+ rc2 = nodeRelease(pRtree, pInsert);
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ }
+ }
+
+ sqlite3_free(aCell);
+ return rc;
+}
+
+/*
+** Insert cell pCell into node pNode. Node pNode is the head of a
+** subtree iHeight high (leaf nodes have iHeight==0).
+*/
+static int rtreeInsertCell(
+ Rtree *pRtree,
+ RtreeNode *pNode,
+ RtreeCell *pCell,
+ int iHeight
+){
+ int rc = SQLITE_OK;
+ if( iHeight>0 ){
+ RtreeNode *pChild = nodeHashLookup(pRtree, pCell->iRowid);
+ if( pChild ){
+ nodeRelease(pRtree, pChild->pParent);
+ nodeReference(pNode);
+ pChild->pParent = pNode;
+ }
+ }
+ if( nodeInsertCell(pRtree, pNode, pCell) ){
+ if( iHeight<=pRtree->iReinsertHeight || pNode->iNode==1){
+ rc = SplitNode(pRtree, pNode, pCell, iHeight);
+ }else{
+ pRtree->iReinsertHeight = iHeight;
+ rc = Reinsert(pRtree, pNode, pCell, iHeight);
+ }
+ }else{
+ rc = AdjustTree(pRtree, pNode, pCell);
+ if( rc==SQLITE_OK ){
+ if( iHeight==0 ){
+ rc = rowidWrite(pRtree, pCell->iRowid, pNode->iNode);
+ }else{
+ rc = parentWrite(pRtree, pCell->iRowid, pNode->iNode);
+ }
+ }
+ }
+ return rc;
+}
+
+static int reinsertNodeContent(Rtree *pRtree, RtreeNode *pNode){
+ int ii;
+ int rc = SQLITE_OK;
+ int nCell = NCELL(pNode);
+
+ for(ii=0; rc==SQLITE_OK && ii<nCell; ii++){
+ RtreeNode *pInsert;
+ RtreeCell cell;
+ nodeGetCell(pRtree, pNode, ii, &cell);
+
+ /* Find a node to store this cell in. pNode->iNode currently contains
+ ** the height of the sub-tree headed by the cell.
+ */
+ rc = ChooseLeaf(pRtree, &cell, (int)pNode->iNode, &pInsert);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ rc = rtreeInsertCell(pRtree, pInsert, &cell, (int)pNode->iNode);
+ rc2 = nodeRelease(pRtree, pInsert);
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ }
+ }
+ return rc;
+}
+
+/*
+** Select a currently unused rowid for a new r-tree record.
+*/
+static int newRowid(Rtree *pRtree, i64 *piRowid){
+ int rc;
+ sqlite3_bind_null(pRtree->pWriteRowid, 1);
+ sqlite3_bind_null(pRtree->pWriteRowid, 2);
+ sqlite3_step(pRtree->pWriteRowid);
+ rc = sqlite3_reset(pRtree->pWriteRowid);
+ *piRowid = sqlite3_last_insert_rowid(pRtree->db);
+ return rc;
+}
+
+/*
+** Remove the entry with rowid=iDelete from the r-tree structure.
+*/
+static int rtreeDeleteRowid(Rtree *pRtree, sqlite3_int64 iDelete){
+ int rc; /* Return code */
+ RtreeNode *pLeaf = 0; /* Leaf node containing record iDelete */
+ int iCell; /* Index of iDelete cell in pLeaf */
+ RtreeNode *pRoot; /* Root node of rtree structure */
+
+
+ /* Obtain a reference to the root node to initialize Rtree.iDepth */
+ rc = nodeAcquire(pRtree, 1, 0, &pRoot);
+
+ /* Obtain a reference to the leaf node that contains the entry
+ ** about to be deleted.
+ */
+ if( rc==SQLITE_OK ){
+ rc = findLeafNode(pRtree, iDelete, &pLeaf, 0);
+ }
+
+ /* Delete the cell in question from the leaf node. */
+ if( rc==SQLITE_OK ){
+ int rc2;
+ rc = nodeRowidIndex(pRtree, pLeaf, iDelete, &iCell);
+ if( rc==SQLITE_OK ){
+ rc = deleteCell(pRtree, pLeaf, iCell, 0);
+ }
+ rc2 = nodeRelease(pRtree, pLeaf);
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ }
+
+ /* Delete the corresponding entry in the <rtree>_rowid table. */
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pRtree->pDeleteRowid, 1, iDelete);
+ sqlite3_step(pRtree->pDeleteRowid);
+ rc = sqlite3_reset(pRtree->pDeleteRowid);
+ }
+
+ /* Check if the root node now has exactly one child. If so, remove
+ ** it, schedule the contents of the child for reinsertion and
+ ** reduce the tree height by one.
+ **
+ ** This is equivalent to copying the contents of the child into
+ ** the root node (the operation that Gutman's paper says to perform
+ ** in this scenario).
+ */
+ if( rc==SQLITE_OK && pRtree->iDepth>0 && NCELL(pRoot)==1 ){
+ int rc2;
+ RtreeNode *pChild;
+ i64 iChild = nodeGetRowid(pRtree, pRoot, 0);
+ rc = nodeAcquire(pRtree, iChild, pRoot, &pChild);
+ if( rc==SQLITE_OK ){
+ rc = removeNode(pRtree, pChild, pRtree->iDepth-1);
+ }
+ rc2 = nodeRelease(pRtree, pChild);
+ if( rc==SQLITE_OK ) rc = rc2;
+ if( rc==SQLITE_OK ){
+ pRtree->iDepth--;
+ writeInt16(pRoot->zData, pRtree->iDepth);
+ pRoot->isDirty = 1;
+ }
+ }
+
+ /* Re-insert the contents of any underfull nodes removed from the tree. */
+ for(pLeaf=pRtree->pDeleted; pLeaf; pLeaf=pRtree->pDeleted){
+ if( rc==SQLITE_OK ){
+ rc = reinsertNodeContent(pRtree, pLeaf);
+ }
+ pRtree->pDeleted = pLeaf->pNext;
+ sqlite3_free(pLeaf);
+ }
+
+ /* Release the reference to the root node. */
+ if( rc==SQLITE_OK ){
+ rc = nodeRelease(pRtree, pRoot);
+ }else{
+ nodeRelease(pRtree, pRoot);
+ }
+
+ return rc;
+}
+
+/*
+** Rounding constants for float->double conversion.
+*/
+#define RNDTOWARDS (1.0 - 1.0/8388608.0) /* Round towards zero */
+#define RNDAWAY (1.0 + 1.0/8388608.0) /* Round away from zero */
+
+#if !defined(SQLITE_RTREE_INT_ONLY)
+/*
+** Convert an sqlite3_value into an RtreeValue (presumably a float)
+** while taking care to round toward negative or positive, respectively.
+*/
+static RtreeValue rtreeValueDown(sqlite3_value *v){
+ double d = sqlite3_value_double(v);
+ float f = (float)d;
+ if( f>d ){
+ f = (float)(d*(d<0 ? RNDAWAY : RNDTOWARDS));
+ }
+ return f;
+}
+static RtreeValue rtreeValueUp(sqlite3_value *v){
+ double d = sqlite3_value_double(v);
+ float f = (float)d;
+ if( f<d ){
+ f = (float)(d*(d<0 ? RNDTOWARDS : RNDAWAY));
+ }
+ return f;
+}
+#endif /* !defined(SQLITE_RTREE_INT_ONLY) */
+
+
+/*
+** The xUpdate method for rtree module virtual tables.
+*/
+static int rtreeUpdate(
+ sqlite3_vtab *pVtab,
+ int nData,
+ sqlite3_value **azData,
+ sqlite_int64 *pRowid
+){
+ Rtree *pRtree = (Rtree *)pVtab;
+ int rc = SQLITE_OK;
+ RtreeCell cell; /* New cell to insert if nData>1 */
+ int bHaveRowid = 0; /* Set to 1 after new rowid is determined */
+
+ rtreeReference(pRtree);
+ assert(nData>=1);
+
+ cell.iRowid = 0; /* Used only to suppress a compiler warning */
+
+ /* Constraint handling. A write operation on an r-tree table may return
+ ** SQLITE_CONSTRAINT for two reasons:
+ **
+ ** 1. A duplicate rowid value, or
+ ** 2. The supplied data violates the "x2>=x1" constraint.
+ **
+ ** In the first case, if the conflict-handling mode is REPLACE, then
+ ** the conflicting row can be removed before proceeding. In the second
+ ** case, SQLITE_CONSTRAINT must be returned regardless of the
+ ** conflict-handling mode specified by the user.
+ */
+ if( nData>1 ){
+ int ii;
+
+ /* Populate the cell.aCoord[] array. The first coordinate is azData[3].
+ **
+ ** NB: nData can only be less than nDim*2+3 if the rtree is mis-declared
+ ** with "column" that are interpreted as table constraints.
+ ** Example: CREATE VIRTUAL TABLE bad USING rtree(x,y,CHECK(y>5));
+ ** This problem was discovered after years of use, so we silently ignore
+ ** these kinds of misdeclared tables to avoid breaking any legacy.
+ */
+ assert( nData<=(pRtree->nDim*2 + 3) );
+
+#ifndef SQLITE_RTREE_INT_ONLY
+ if( pRtree->eCoordType==RTREE_COORD_REAL32 ){
+ for(ii=0; ii<nData-4; ii+=2){
+ cell.aCoord[ii].f = rtreeValueDown(azData[ii+3]);
+ cell.aCoord[ii+1].f = rtreeValueUp(azData[ii+4]);
+ if( cell.aCoord[ii].f>cell.aCoord[ii+1].f ){
+ rc = SQLITE_CONSTRAINT;
+ goto constraint;
+ }
+ }
+ }else
+#endif
+ {
+ for(ii=0; ii<nData-4; ii+=2){
+ cell.aCoord[ii].i = sqlite3_value_int(azData[ii+3]);
+ cell.aCoord[ii+1].i = sqlite3_value_int(azData[ii+4]);
+ if( cell.aCoord[ii].i>cell.aCoord[ii+1].i ){
+ rc = SQLITE_CONSTRAINT;
+ goto constraint;
+ }
+ }
+ }
+
+ /* If a rowid value was supplied, check if it is already present in
+ ** the table. If so, the constraint has failed. */
+ if( sqlite3_value_type(azData[2])!=SQLITE_NULL ){
+ cell.iRowid = sqlite3_value_int64(azData[2]);
+ if( sqlite3_value_type(azData[0])==SQLITE_NULL
+ || sqlite3_value_int64(azData[0])!=cell.iRowid
+ ){
+ int steprc;
+ sqlite3_bind_int64(pRtree->pReadRowid, 1, cell.iRowid);
+ steprc = sqlite3_step(pRtree->pReadRowid);
+ rc = sqlite3_reset(pRtree->pReadRowid);
+ if( SQLITE_ROW==steprc ){
+ if( sqlite3_vtab_on_conflict(pRtree->db)==SQLITE_REPLACE ){
+ rc = rtreeDeleteRowid(pRtree, cell.iRowid);
+ }else{
+ rc = SQLITE_CONSTRAINT;
+ goto constraint;
+ }
+ }
+ }
+ bHaveRowid = 1;
+ }
+ }
+
+ /* If azData[0] is not an SQL NULL value, it is the rowid of a
+ ** record to delete from the r-tree table. The following block does
+ ** just that.
+ */
+ if( sqlite3_value_type(azData[0])!=SQLITE_NULL ){
+ rc = rtreeDeleteRowid(pRtree, sqlite3_value_int64(azData[0]));
+ }
+
+ /* If the azData[] array contains more than one element, elements
+ ** (azData[2]..azData[argc-1]) contain a new record to insert into
+ ** the r-tree structure.
+ */
+ if( rc==SQLITE_OK && nData>1 ){
+ /* Insert the new record into the r-tree */
+ RtreeNode *pLeaf = 0;
+
+ /* Figure out the rowid of the new row. */
+ if( bHaveRowid==0 ){
+ rc = newRowid(pRtree, &cell.iRowid);
+ }
+ *pRowid = cell.iRowid;
+
+ if( rc==SQLITE_OK ){
+ rc = ChooseLeaf(pRtree, &cell, 0, &pLeaf);
+ }
+ if( rc==SQLITE_OK ){
+ int rc2;
+ pRtree->iReinsertHeight = -1;
+ rc = rtreeInsertCell(pRtree, pLeaf, &cell, 0);
+ rc2 = nodeRelease(pRtree, pLeaf);
+ if( rc==SQLITE_OK ){
+ rc = rc2;
+ }
+ }
+ }
+
+constraint:
+ rtreeRelease(pRtree);
+ return rc;
+}
+
+/*
+** The xRename method for rtree module virtual tables.
+*/
+static int rtreeRename(sqlite3_vtab *pVtab, const char *zNewName){
+ Rtree *pRtree = (Rtree *)pVtab;
+ int rc = SQLITE_NOMEM;
+ char *zSql = sqlite3_mprintf(
+ "ALTER TABLE %Q.'%q_node' RENAME TO \"%w_node\";"
+ "ALTER TABLE %Q.'%q_parent' RENAME TO \"%w_parent\";"
+ "ALTER TABLE %Q.'%q_rowid' RENAME TO \"%w_rowid\";"
+ , pRtree->zDb, pRtree->zName, zNewName
+ , pRtree->zDb, pRtree->zName, zNewName
+ , pRtree->zDb, pRtree->zName, zNewName
+ );
+ if( zSql ){
+ rc = sqlite3_exec(pRtree->db, zSql, 0, 0, 0);
+ sqlite3_free(zSql);
+ }
+ return rc;
+}
+
+/*
+** This function populates the pRtree->nRowEst variable with an estimate
+** of the number of rows in the virtual table. If possible, this is based
+** on sqlite_stat1 data. Otherwise, use RTREE_DEFAULT_ROWEST.
+*/
+static int rtreeQueryStat1(sqlite3 *db, Rtree *pRtree){
+ const char *zFmt = "SELECT stat FROM %Q.sqlite_stat1 WHERE tbl = '%q_rowid'";
+ char *zSql;
+ sqlite3_stmt *p;
+ int rc;
+ i64 nRow = 0;
+
+ zSql = sqlite3_mprintf(zFmt, pRtree->zDb, pRtree->zName);
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(db, zSql, -1, &p, 0);
+ if( rc==SQLITE_OK ){
+ if( sqlite3_step(p)==SQLITE_ROW ) nRow = sqlite3_column_int64(p, 0);
+ rc = sqlite3_finalize(p);
+ }else if( rc!=SQLITE_NOMEM ){
+ rc = SQLITE_OK;
+ }
+
+ if( rc==SQLITE_OK ){
+ if( nRow==0 ){
+ pRtree->nRowEst = RTREE_DEFAULT_ROWEST;
+ }else{
+ pRtree->nRowEst = MAX(nRow, RTREE_MIN_ROWEST);
+ }
+ }
+ sqlite3_free(zSql);
+ }
+
+ return rc;
+}
+
+static sqlite3_module rtreeModule = {
+ 0, /* iVersion */
+ rtreeCreate, /* xCreate - create a table */
+ rtreeConnect, /* xConnect - connect to an existing table */
+ rtreeBestIndex, /* xBestIndex - Determine search strategy */
+ rtreeDisconnect, /* xDisconnect - Disconnect from a table */
+ rtreeDestroy, /* xDestroy - Drop a table */
+ rtreeOpen, /* xOpen - open a cursor */
+ rtreeClose, /* xClose - close a cursor */
+ rtreeFilter, /* xFilter - configure scan constraints */
+ rtreeNext, /* xNext - advance a cursor */
+ rtreeEof, /* xEof */
+ rtreeColumn, /* xColumn - read data */
+ rtreeRowid, /* xRowid - read data */
+ rtreeUpdate, /* xUpdate - write data */
+ 0, /* xBegin - begin transaction */
+ 0, /* xSync - sync transaction */
+ 0, /* xCommit - commit transaction */
+ 0, /* xRollback - rollback transaction */
+ 0, /* xFindFunction - function overloading */
+ rtreeRename, /* xRename - rename the table */
+ 0, /* xSavepoint */
+ 0, /* xRelease */
+ 0 /* xRollbackTo */
+};
+
+static int rtreeSqlInit(
+ Rtree *pRtree,
+ sqlite3 *db,
+ const char *zDb,
+ const char *zPrefix,
+ int isCreate
+){
+ int rc = SQLITE_OK;
+
+ #define N_STATEMENT 9
+ static const char *azSql[N_STATEMENT] = {
+ /* Read and write the xxx_node table */
+ "SELECT data FROM '%q'.'%q_node' WHERE nodeno = :1",
+ "INSERT OR REPLACE INTO '%q'.'%q_node' VALUES(:1, :2)",
+ "DELETE FROM '%q'.'%q_node' WHERE nodeno = :1",
+
+ /* Read and write the xxx_rowid table */
+ "SELECT nodeno FROM '%q'.'%q_rowid' WHERE rowid = :1",
+ "INSERT OR REPLACE INTO '%q'.'%q_rowid' VALUES(:1, :2)",
+ "DELETE FROM '%q'.'%q_rowid' WHERE rowid = :1",
+
+ /* Read and write the xxx_parent table */
+ "SELECT parentnode FROM '%q'.'%q_parent' WHERE nodeno = :1",
+ "INSERT OR REPLACE INTO '%q'.'%q_parent' VALUES(:1, :2)",
+ "DELETE FROM '%q'.'%q_parent' WHERE nodeno = :1"
+ };
+ sqlite3_stmt **appStmt[N_STATEMENT];
+ int i;
+
+ pRtree->db = db;
+
+ if( isCreate ){
+ char *zCreate = sqlite3_mprintf(
+"CREATE TABLE \"%w\".\"%w_node\"(nodeno INTEGER PRIMARY KEY, data BLOB);"
+"CREATE TABLE \"%w\".\"%w_rowid\"(rowid INTEGER PRIMARY KEY, nodeno INTEGER);"
+"CREATE TABLE \"%w\".\"%w_parent\"(nodeno INTEGER PRIMARY KEY,"
+ " parentnode INTEGER);"
+"INSERT INTO '%q'.'%q_node' VALUES(1, zeroblob(%d))",
+ zDb, zPrefix, zDb, zPrefix, zDb, zPrefix, zDb, zPrefix, pRtree->iNodeSize
+ );
+ if( !zCreate ){
+ return SQLITE_NOMEM;
+ }
+ rc = sqlite3_exec(db, zCreate, 0, 0, 0);
+ sqlite3_free(zCreate);
+ if( rc!=SQLITE_OK ){
+ return rc;
+ }
+ }
+
+ appStmt[0] = &pRtree->pReadNode;
+ appStmt[1] = &pRtree->pWriteNode;
+ appStmt[2] = &pRtree->pDeleteNode;
+ appStmt[3] = &pRtree->pReadRowid;
+ appStmt[4] = &pRtree->pWriteRowid;
+ appStmt[5] = &pRtree->pDeleteRowid;
+ appStmt[6] = &pRtree->pReadParent;
+ appStmt[7] = &pRtree->pWriteParent;
+ appStmt[8] = &pRtree->pDeleteParent;
+
+ rc = rtreeQueryStat1(db, pRtree);
+ for(i=0; i<N_STATEMENT && rc==SQLITE_OK; i++){
+ char *zSql = sqlite3_mprintf(azSql[i], zDb, zPrefix);
+ if( zSql ){
+ rc = sqlite3_prepare_v2(db, zSql, -1, appStmt[i], 0);
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ sqlite3_free(zSql);
+ }
+
+ return rc;
+}
+
+/*
+** The second argument to this function contains the text of an SQL statement
+** that returns a single integer value. The statement is compiled and executed
+** using database connection db. If successful, the integer value returned
+** is written to *piVal and SQLITE_OK returned. Otherwise, an SQLite error
+** code is returned and the value of *piVal after returning is not defined.
+*/
+static int getIntFromStmt(sqlite3 *db, const char *zSql, int *piVal){
+ int rc = SQLITE_NOMEM;
+ if( zSql ){
+ sqlite3_stmt *pStmt = 0;
+ rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, 0);
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ *piVal = sqlite3_column_int(pStmt, 0);
+ }
+ rc = sqlite3_finalize(pStmt);
+ }
+ }
+ return rc;
+}
+
+/*
+** This function is called from within the xConnect() or xCreate() method to
+** determine the node-size used by the rtree table being created or connected
+** to. If successful, pRtree->iNodeSize is populated and SQLITE_OK returned.
+** Otherwise, an SQLite error code is returned.
+**
+** If this function is being called as part of an xConnect(), then the rtree
+** table already exists. In this case the node-size is determined by inspecting
+** the root node of the tree.
+**
+** Otherwise, for an xCreate(), use 64 bytes less than the database page-size.
+** This ensures that each node is stored on a single database page. If the
+** database page-size is so large that more than RTREE_MAXCELLS entries
+** would fit in a single node, use a smaller node-size.
+*/
+static int getNodeSize(
+ sqlite3 *db, /* Database handle */
+ Rtree *pRtree, /* Rtree handle */
+ int isCreate, /* True for xCreate, false for xConnect */
+ char **pzErr /* OUT: Error message, if any */
+){
+ int rc;
+ char *zSql;
+ if( isCreate ){
+ int iPageSize = 0;
+ zSql = sqlite3_mprintf("PRAGMA %Q.page_size", pRtree->zDb);
+ rc = getIntFromStmt(db, zSql, &iPageSize);
+ if( rc==SQLITE_OK ){
+ pRtree->iNodeSize = iPageSize-64;
+ if( (4+pRtree->nBytesPerCell*RTREE_MAXCELLS)<pRtree->iNodeSize ){
+ pRtree->iNodeSize = 4+pRtree->nBytesPerCell*RTREE_MAXCELLS;
+ }
+ }else{
+ *pzErr = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ }
+ }else{
+ zSql = sqlite3_mprintf(
+ "SELECT length(data) FROM '%q'.'%q_node' WHERE nodeno = 1",
+ pRtree->zDb, pRtree->zName
+ );
+ rc = getIntFromStmt(db, zSql, &pRtree->iNodeSize);
+ if( rc!=SQLITE_OK ){
+ *pzErr = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ }
+ }
+
+ sqlite3_free(zSql);
+ return rc;
+}
+
+/*
+** This function is the implementation of both the xConnect and xCreate
+** methods of the r-tree virtual table.
+**
+** argv[0] -> module name
+** argv[1] -> database name
+** argv[2] -> table name
+** argv[...] -> column names...
+*/
+static int rtreeInit(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* One of the RTREE_COORD_* constants */
+ int argc, const char *const*argv, /* Parameters to CREATE TABLE statement */
+ sqlite3_vtab **ppVtab, /* OUT: New virtual table */
+ char **pzErr, /* OUT: Error message, if any */
+ int isCreate /* True for xCreate, false for xConnect */
+){
+ int rc = SQLITE_OK;
+ Rtree *pRtree;
+ int nDb; /* Length of string argv[1] */
+ int nName; /* Length of string argv[2] */
+ int eCoordType = (pAux ? RTREE_COORD_INT32 : RTREE_COORD_REAL32);
+
+ const char *aErrMsg[] = {
+ 0, /* 0 */
+ "Wrong number of columns for an rtree table", /* 1 */
+ "Too few columns for an rtree table", /* 2 */
+ "Too many columns for an rtree table" /* 3 */
+ };
+
+ int iErr = (argc<6) ? 2 : argc>(RTREE_MAX_DIMENSIONS*2+4) ? 3 : argc%2;
+ if( aErrMsg[iErr] ){
+ *pzErr = sqlite3_mprintf("%s", aErrMsg[iErr]);
+ return SQLITE_ERROR;
+ }
+
+ sqlite3_vtab_config(db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
+
+ /* Allocate the sqlite3_vtab structure */
+ nDb = (int)strlen(argv[1]);
+ nName = (int)strlen(argv[2]);
+ pRtree = (Rtree *)sqlite3_malloc(sizeof(Rtree)+nDb+nName+2);
+ if( !pRtree ){
+ return SQLITE_NOMEM;
+ }
+ memset(pRtree, 0, sizeof(Rtree)+nDb+nName+2);
+ pRtree->nBusy = 1;
+ pRtree->base.pModule = &rtreeModule;
+ pRtree->zDb = (char *)&pRtree[1];
+ pRtree->zName = &pRtree->zDb[nDb+1];
+ pRtree->nDim = (argc-4)/2;
+ pRtree->nBytesPerCell = 8 + pRtree->nDim*4*2;
+ pRtree->eCoordType = eCoordType;
+ memcpy(pRtree->zDb, argv[1], nDb);
+ memcpy(pRtree->zName, argv[2], nName);
+
+ /* Figure out the node size to use. */
+ rc = getNodeSize(db, pRtree, isCreate, pzErr);
+
+ /* Create/Connect to the underlying relational database schema. If
+ ** that is successful, call sqlite3_declare_vtab() to configure
+ ** the r-tree table schema.
+ */
+ if( rc==SQLITE_OK ){
+ if( (rc = rtreeSqlInit(pRtree, db, argv[1], argv[2], isCreate)) ){
+ *pzErr = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ }else{
+ char *zSql = sqlite3_mprintf("CREATE TABLE x(%s", argv[3]);
+ char *zTmp;
+ int ii;
+ for(ii=4; zSql && ii<argc; ii++){
+ zTmp = zSql;
+ zSql = sqlite3_mprintf("%s, %s", zTmp, argv[ii]);
+ sqlite3_free(zTmp);
+ }
+ if( zSql ){
+ zTmp = zSql;
+ zSql = sqlite3_mprintf("%s);", zTmp);
+ sqlite3_free(zTmp);
+ }
+ if( !zSql ){
+ rc = SQLITE_NOMEM;
+ }else if( SQLITE_OK!=(rc = sqlite3_declare_vtab(db, zSql)) ){
+ *pzErr = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ }
+ sqlite3_free(zSql);
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ *ppVtab = (sqlite3_vtab *)pRtree;
+ }else{
+ assert( *ppVtab==0 );
+ assert( pRtree->nBusy==1 );
+ rtreeRelease(pRtree);
+ }
+ return rc;
+}
+
+
+/*
+** Implementation of a scalar function that decodes r-tree nodes to
+** human readable strings. This can be used for debugging and analysis.
+**
+** The scalar function takes two arguments: (1) the number of dimensions
+** to the rtree (between 1 and 5, inclusive) and (2) a blob of data containing
+** an r-tree node. For a two-dimensional r-tree structure called "rt", to
+** deserialize all nodes, a statement like:
+**
+** SELECT rtreenode(2, data) FROM rt_node;
+**
+** The human readable string takes the form of a Tcl list with one
+** entry for each cell in the r-tree node. Each entry is itself a
+** list, containing the 8-byte rowid/pageno followed by the
+** <num-dimension>*2 coordinates.
+*/
+static void rtreenode(sqlite3_context *ctx, int nArg, sqlite3_value **apArg){
+ char *zText = 0;
+ RtreeNode node;
+ Rtree tree;
+ int ii;
+
+ UNUSED_PARAMETER(nArg);
+ memset(&node, 0, sizeof(RtreeNode));
+ memset(&tree, 0, sizeof(Rtree));
+ tree.nDim = sqlite3_value_int(apArg[0]);
+ tree.nBytesPerCell = 8 + 8 * tree.nDim;
+ node.zData = (u8 *)sqlite3_value_blob(apArg[1]);
+
+ for(ii=0; ii<NCELL(&node); ii++){
+ char zCell[512];
+ int nCell = 0;
+ RtreeCell cell;
+ int jj;
+
+ nodeGetCell(&tree, &node, ii, &cell);
+ sqlite3_snprintf(512-nCell,&zCell[nCell],"%lld", cell.iRowid);
+ nCell = (int)strlen(zCell);
+ for(jj=0; jj<tree.nDim*2; jj++){
+#ifndef SQLITE_RTREE_INT_ONLY
+ sqlite3_snprintf(512-nCell,&zCell[nCell], " %g",
+ (double)cell.aCoord[jj].f);
+#else
+ sqlite3_snprintf(512-nCell,&zCell[nCell], " %d",
+ cell.aCoord[jj].i);
+#endif
+ nCell = (int)strlen(zCell);
+ }
+
+ if( zText ){
+ char *zTextNew = sqlite3_mprintf("%s {%s}", zText, zCell);
+ sqlite3_free(zText);
+ zText = zTextNew;
+ }else{
+ zText = sqlite3_mprintf("{%s}", zCell);
+ }
+ }
+
+ sqlite3_result_text(ctx, zText, -1, sqlite3_free);
+}
+
+/* This routine implements an SQL function that returns the "depth" parameter
+** from the front of a blob that is an r-tree node. For example:
+**
+** SELECT rtreedepth(data) FROM rt_node WHERE nodeno=1;
+**
+** The depth value is 0 for all nodes other than the root node, and the root
+** node always has nodeno=1, so the example above is the primary use for this
+** routine. This routine is intended for testing and analysis only.
+*/
+static void rtreedepth(sqlite3_context *ctx, int nArg, sqlite3_value **apArg){
+ UNUSED_PARAMETER(nArg);
+ if( sqlite3_value_type(apArg[0])!=SQLITE_BLOB
+ || sqlite3_value_bytes(apArg[0])<2
+ ){
+ sqlite3_result_error(ctx, "Invalid argument to rtreedepth()", -1);
+ }else{
+ u8 *zBlob = (u8 *)sqlite3_value_blob(apArg[0]);
+ sqlite3_result_int(ctx, readInt16(zBlob));
+ }
+}
+
+/*
+** Register the r-tree module with database handle db. This creates the
+** virtual table module "rtree" and the debugging/analysis scalar
+** function "rtreenode".
+*/
+SQLITE_PRIVATE int sqlite3RtreeInit(sqlite3 *db){
+ const int utf8 = SQLITE_UTF8;
+ int rc;
+
+ rc = sqlite3_create_function(db, "rtreenode", 2, utf8, 0, rtreenode, 0, 0);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_function(db, "rtreedepth", 1, utf8, 0,rtreedepth, 0, 0);
+ }
+ if( rc==SQLITE_OK ){
+#ifdef SQLITE_RTREE_INT_ONLY
+ void *c = (void *)RTREE_COORD_INT32;
+#else
+ void *c = (void *)RTREE_COORD_REAL32;
+#endif
+ rc = sqlite3_create_module_v2(db, "rtree", &rtreeModule, c, 0);
+ }
+ if( rc==SQLITE_OK ){
+ void *c = (void *)RTREE_COORD_INT32;
+ rc = sqlite3_create_module_v2(db, "rtree_i32", &rtreeModule, c, 0);
+ }
+
+ return rc;
+}
+
+/*
+** This routine deletes the RtreeGeomCallback object that was attached
+** one of the SQL functions create by sqlite3_rtree_geometry_callback()
+** or sqlite3_rtree_query_callback(). In other words, this routine is the
+** destructor for an RtreeGeomCallback objecct. This routine is called when
+** the corresponding SQL function is deleted.
+*/
+static void rtreeFreeCallback(void *p){
+ RtreeGeomCallback *pInfo = (RtreeGeomCallback*)p;
+ if( pInfo->xDestructor ) pInfo->xDestructor(pInfo->pContext);
+ sqlite3_free(p);
+}
+
+/*
+** This routine frees the BLOB that is returned by geomCallback().
+*/
+static void rtreeMatchArgFree(void *pArg){
+ int i;
+ RtreeMatchArg *p = (RtreeMatchArg*)pArg;
+ for(i=0; i<p->nParam; i++){
+ sqlite3_value_free(p->apSqlParam[i]);
+ }
+ sqlite3_free(p);
+}
+
+/*
+** Each call to sqlite3_rtree_geometry_callback() or
+** sqlite3_rtree_query_callback() creates an ordinary SQLite
+** scalar function that is implemented by this routine.
+**
+** All this function does is construct an RtreeMatchArg object that
+** contains the geometry-checking callback routines and a list of
+** parameters to this function, then return that RtreeMatchArg object
+** as a BLOB.
+**
+** The R-Tree MATCH operator will read the returned BLOB, deserialize
+** the RtreeMatchArg object, and use the RtreeMatchArg object to figure
+** out which elements of the R-Tree should be returned by the query.
+*/
+static void geomCallback(sqlite3_context *ctx, int nArg, sqlite3_value **aArg){
+ RtreeGeomCallback *pGeomCtx = (RtreeGeomCallback *)sqlite3_user_data(ctx);
+ RtreeMatchArg *pBlob;
+ int nBlob;
+ int memErr = 0;
+
+ nBlob = sizeof(RtreeMatchArg) + (nArg-1)*sizeof(RtreeDValue)
+ + nArg*sizeof(sqlite3_value*);
+ pBlob = (RtreeMatchArg *)sqlite3_malloc(nBlob);
+ if( !pBlob ){
+ sqlite3_result_error_nomem(ctx);
+ }else{
+ int i;
+ pBlob->magic = RTREE_GEOMETRY_MAGIC;
+ pBlob->cb = pGeomCtx[0];
+ pBlob->apSqlParam = (sqlite3_value**)&pBlob->aParam[nArg];
+ pBlob->nParam = nArg;
+ for(i=0; i<nArg; i++){
+ pBlob->apSqlParam[i] = sqlite3_value_dup(aArg[i]);
+ if( pBlob->apSqlParam[i]==0 ) memErr = 1;
+#ifdef SQLITE_RTREE_INT_ONLY
+ pBlob->aParam[i] = sqlite3_value_int64(aArg[i]);
+#else
+ pBlob->aParam[i] = sqlite3_value_double(aArg[i]);
+#endif
+ }
+ if( memErr ){
+ sqlite3_result_error_nomem(ctx);
+ rtreeMatchArgFree(pBlob);
+ }else{
+ sqlite3_result_blob(ctx, pBlob, nBlob, rtreeMatchArgFree);
+ }
+ }
+}
+
+/*
+** Register a new geometry function for use with the r-tree MATCH operator.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_geometry_callback(
+ sqlite3 *db, /* Register SQL function on this connection */
+ const char *zGeom, /* Name of the new SQL function */
+ int (*xGeom)(sqlite3_rtree_geometry*,int,RtreeDValue*,int*), /* Callback */
+ void *pContext /* Extra data associated with the callback */
+){
+ RtreeGeomCallback *pGeomCtx; /* Context object for new user-function */
+
+ /* Allocate and populate the context object. */
+ pGeomCtx = (RtreeGeomCallback *)sqlite3_malloc(sizeof(RtreeGeomCallback));
+ if( !pGeomCtx ) return SQLITE_NOMEM;
+ pGeomCtx->xGeom = xGeom;
+ pGeomCtx->xQueryFunc = 0;
+ pGeomCtx->xDestructor = 0;
+ pGeomCtx->pContext = pContext;
+ return sqlite3_create_function_v2(db, zGeom, -1, SQLITE_ANY,
+ (void *)pGeomCtx, geomCallback, 0, 0, rtreeFreeCallback
+ );
+}
+
+/*
+** Register a new 2nd-generation geometry function for use with the
+** r-tree MATCH operator.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_query_callback(
+ sqlite3 *db, /* Register SQL function on this connection */
+ const char *zQueryFunc, /* Name of new SQL function */
+ int (*xQueryFunc)(sqlite3_rtree_query_info*), /* Callback */
+ void *pContext, /* Extra data passed into the callback */
+ void (*xDestructor)(void*) /* Destructor for the extra data */
+){
+ RtreeGeomCallback *pGeomCtx; /* Context object for new user-function */
+
+ /* Allocate and populate the context object. */
+ pGeomCtx = (RtreeGeomCallback *)sqlite3_malloc(sizeof(RtreeGeomCallback));
+ if( !pGeomCtx ) return SQLITE_NOMEM;
+ pGeomCtx->xGeom = 0;
+ pGeomCtx->xQueryFunc = xQueryFunc;
+ pGeomCtx->xDestructor = xDestructor;
+ pGeomCtx->pContext = pContext;
+ return sqlite3_create_function_v2(db, zQueryFunc, -1, SQLITE_ANY,
+ (void *)pGeomCtx, geomCallback, 0, 0, rtreeFreeCallback
+ );
+}
+
+#if !SQLITE_CORE
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_init(
+ sqlite3 *db,
+ char **pzErrMsg,
+ const sqlite3_api_routines *pApi
+){
+ SQLITE_EXTENSION_INIT2(pApi)
+ return sqlite3RtreeInit(db);
+}
+#endif
+
+#endif
+
+/************** End of rtree.c ***********************************************/
+/************** Begin file icu.c *********************************************/
+/*
+** 2007 May 6
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** $Id: icu.c,v 1.7 2007/12/13 21:54:11 drh Exp $
+**
+** This file implements an integration between the ICU library
+** ("International Components for Unicode", an open-source library
+** for handling unicode data) and SQLite. The integration uses
+** ICU to provide the following to SQLite:
+**
+** * An implementation of the SQL regexp() function (and hence REGEXP
+** operator) using the ICU uregex_XX() APIs.
+**
+** * Implementations of the SQL scalar upper() and lower() functions
+** for case mapping.
+**
+** * Integration of ICU and SQLite collation sequences.
+**
+** * An implementation of the LIKE operator that uses ICU to
+** provide case-independent matching.
+*/
+
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_ICU)
+
+/* Include ICU headers */
+#include <unicode/utypes.h>
+#include <unicode/uregex.h>
+#include <unicode/ustring.h>
+#include <unicode/ucol.h>
+
+/* #include <assert.h> */
+
+#ifndef SQLITE_CORE
+/* #include "sqlite3ext.h" */
+ SQLITE_EXTENSION_INIT1
+#else
+/* #include "sqlite3.h" */
+#endif
+
+/*
+** Maximum length (in bytes) of the pattern in a LIKE or GLOB
+** operator.
+*/
+#ifndef SQLITE_MAX_LIKE_PATTERN_LENGTH
+# define SQLITE_MAX_LIKE_PATTERN_LENGTH 50000
+#endif
+
+/*
+** Version of sqlite3_free() that is always a function, never a macro.
+*/
+static void xFree(void *p){
+ sqlite3_free(p);
+}
+
+/*
+** Compare two UTF-8 strings for equality where the first string is
+** a "LIKE" expression. Return true (1) if they are the same and
+** false (0) if they are different.
+*/
+static int icuLikeCompare(
+ const uint8_t *zPattern, /* LIKE pattern */
+ const uint8_t *zString, /* The UTF-8 string to compare against */
+ const UChar32 uEsc /* The escape character */
+){
+ static const int MATCH_ONE = (UChar32)'_';
+ static const int MATCH_ALL = (UChar32)'%';
+
+ int iPattern = 0; /* Current byte index in zPattern */
+ int iString = 0; /* Current byte index in zString */
+
+ int prevEscape = 0; /* True if the previous character was uEsc */
+
+ while( zPattern[iPattern]!=0 ){
+
+ /* Read (and consume) the next character from the input pattern. */
+ UChar32 uPattern;
+ U8_NEXT_UNSAFE(zPattern, iPattern, uPattern);
+
+ /* There are now 4 possibilities:
+ **
+ ** 1. uPattern is an unescaped match-all character "%",
+ ** 2. uPattern is an unescaped match-one character "_",
+ ** 3. uPattern is an unescaped escape character, or
+ ** 4. uPattern is to be handled as an ordinary character
+ */
+ if( !prevEscape && uPattern==MATCH_ALL ){
+ /* Case 1. */
+ uint8_t c;
+
+ /* Skip any MATCH_ALL or MATCH_ONE characters that follow a
+ ** MATCH_ALL. For each MATCH_ONE, skip one character in the
+ ** test string.
+ */
+ while( (c=zPattern[iPattern]) == MATCH_ALL || c == MATCH_ONE ){
+ if( c==MATCH_ONE ){
+ if( zString[iString]==0 ) return 0;
+ U8_FWD_1_UNSAFE(zString, iString);
+ }
+ iPattern++;
+ }
+
+ if( zPattern[iPattern]==0 ) return 1;
+
+ while( zString[iString] ){
+ if( icuLikeCompare(&zPattern[iPattern], &zString[iString], uEsc) ){
+ return 1;
+ }
+ U8_FWD_1_UNSAFE(zString, iString);
+ }
+ return 0;
+
+ }else if( !prevEscape && uPattern==MATCH_ONE ){
+ /* Case 2. */
+ if( zString[iString]==0 ) return 0;
+ U8_FWD_1_UNSAFE(zString, iString);
+
+ }else if( !prevEscape && uPattern==uEsc){
+ /* Case 3. */
+ prevEscape = 1;
+
+ }else{
+ /* Case 4. */
+ UChar32 uString;
+ U8_NEXT_UNSAFE(zString, iString, uString);
+ uString = u_foldCase(uString, U_FOLD_CASE_DEFAULT);
+ uPattern = u_foldCase(uPattern, U_FOLD_CASE_DEFAULT);
+ if( uString!=uPattern ){
+ return 0;
+ }
+ prevEscape = 0;
+ }
+ }
+
+ return zString[iString]==0;
+}
+
+/*
+** Implementation of the like() SQL function. This function implements
+** the build-in LIKE operator. The first argument to the function is the
+** pattern and the second argument is the string. So, the SQL statements:
+**
+** A LIKE B
+**
+** is implemented as like(B, A). If there is an escape character E,
+**
+** A LIKE B ESCAPE E
+**
+** is mapped to like(B, A, E).
+*/
+static void icuLikeFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const unsigned char *zA = sqlite3_value_text(argv[0]);
+ const unsigned char *zB = sqlite3_value_text(argv[1]);
+ UChar32 uEsc = 0;
+
+ /* Limit the length of the LIKE or GLOB pattern to avoid problems
+ ** of deep recursion and N*N behavior in patternCompare().
+ */
+ if( sqlite3_value_bytes(argv[0])>SQLITE_MAX_LIKE_PATTERN_LENGTH ){
+ sqlite3_result_error(context, "LIKE or GLOB pattern too complex", -1);
+ return;
+ }
+
+
+ if( argc==3 ){
+ /* The escape character string must consist of a single UTF-8 character.
+ ** Otherwise, return an error.
+ */
+ int nE= sqlite3_value_bytes(argv[2]);
+ const unsigned char *zE = sqlite3_value_text(argv[2]);
+ int i = 0;
+ if( zE==0 ) return;
+ U8_NEXT(zE, i, nE, uEsc);
+ if( i!=nE){
+ sqlite3_result_error(context,
+ "ESCAPE expression must be a single character", -1);
+ return;
+ }
+ }
+
+ if( zA && zB ){
+ sqlite3_result_int(context, icuLikeCompare(zA, zB, uEsc));
+ }
+}
+
+/*
+** This function is called when an ICU function called from within
+** the implementation of an SQL scalar function returns an error.
+**
+** The scalar function context passed as the first argument is
+** loaded with an error message based on the following two args.
+*/
+static void icuFunctionError(
+ sqlite3_context *pCtx, /* SQLite scalar function context */
+ const char *zName, /* Name of ICU function that failed */
+ UErrorCode e /* Error code returned by ICU function */
+){
+ char zBuf[128];
+ sqlite3_snprintf(128, zBuf, "ICU error: %s(): %s", zName, u_errorName(e));
+ zBuf[127] = '\0';
+ sqlite3_result_error(pCtx, zBuf, -1);
+}
+
+/*
+** Function to delete compiled regexp objects. Registered as
+** a destructor function with sqlite3_set_auxdata().
+*/
+static void icuRegexpDelete(void *p){
+ URegularExpression *pExpr = (URegularExpression *)p;
+ uregex_close(pExpr);
+}
+
+/*
+** Implementation of SQLite REGEXP operator. This scalar function takes
+** two arguments. The first is a regular expression pattern to compile
+** the second is a string to match against that pattern. If either
+** argument is an SQL NULL, then NULL Is returned. Otherwise, the result
+** is 1 if the string matches the pattern, or 0 otherwise.
+**
+** SQLite maps the regexp() function to the regexp() operator such
+** that the following two are equivalent:
+**
+** zString REGEXP zPattern
+** regexp(zPattern, zString)
+**
+** Uses the following ICU regexp APIs:
+**
+** uregex_open()
+** uregex_matches()
+** uregex_close()
+*/
+static void icuRegexpFunc(sqlite3_context *p, int nArg, sqlite3_value **apArg){
+ UErrorCode status = U_ZERO_ERROR;
+ URegularExpression *pExpr;
+ UBool res;
+ const UChar *zString = sqlite3_value_text16(apArg[1]);
+
+ (void)nArg; /* Unused parameter */
+
+ /* If the left hand side of the regexp operator is NULL,
+ ** then the result is also NULL.
+ */
+ if( !zString ){
+ return;
+ }
+
+ pExpr = sqlite3_get_auxdata(p, 0);
+ if( !pExpr ){
+ const UChar *zPattern = sqlite3_value_text16(apArg[0]);
+ if( !zPattern ){
+ return;
+ }
+ pExpr = uregex_open(zPattern, -1, 0, 0, &status);
+
+ if( U_SUCCESS(status) ){
+ sqlite3_set_auxdata(p, 0, pExpr, icuRegexpDelete);
+ }else{
+ assert(!pExpr);
+ icuFunctionError(p, "uregex_open", status);
+ return;
+ }
+ }
+
+ /* Configure the text that the regular expression operates on. */
+ uregex_setText(pExpr, zString, -1, &status);
+ if( !U_SUCCESS(status) ){
+ icuFunctionError(p, "uregex_setText", status);
+ return;
+ }
+
+ /* Attempt the match */
+ res = uregex_matches(pExpr, 0, &status);
+ if( !U_SUCCESS(status) ){
+ icuFunctionError(p, "uregex_matches", status);
+ return;
+ }
+
+ /* Set the text that the regular expression operates on to a NULL
+ ** pointer. This is not really necessary, but it is tidier than
+ ** leaving the regular expression object configured with an invalid
+ ** pointer after this function returns.
+ */
+ uregex_setText(pExpr, 0, 0, &status);
+
+ /* Return 1 or 0. */
+ sqlite3_result_int(p, res ? 1 : 0);
+}
+
+/*
+** Implementations of scalar functions for case mapping - upper() and
+** lower(). Function upper() converts its input to upper-case (ABC).
+** Function lower() converts to lower-case (abc).
+**
+** ICU provides two types of case mapping, "general" case mapping and
+** "language specific". Refer to ICU documentation for the differences
+** between the two.
+**
+** To utilise "general" case mapping, the upper() or lower() scalar
+** functions are invoked with one argument:
+**
+** upper('ABC') -> 'abc'
+** lower('abc') -> 'ABC'
+**
+** To access ICU "language specific" case mapping, upper() or lower()
+** should be invoked with two arguments. The second argument is the name
+** of the locale to use. Passing an empty string ("") or SQL NULL value
+** as the second argument is the same as invoking the 1 argument version
+** of upper() or lower().
+**
+** lower('I', 'en_us') -> 'i'
+** lower('I', 'tr_tr') -> 'ı' (small dotless i)
+**
+** http://www.icu-project.org/userguide/posix.html#case_mappings
+*/
+static void icuCaseFunc16(sqlite3_context *p, int nArg, sqlite3_value **apArg){
+ const UChar *zInput;
+ UChar *zOutput;
+ int nInput;
+ int nOutput;
+
+ UErrorCode status = U_ZERO_ERROR;
+ const char *zLocale = 0;
+
+ assert(nArg==1 || nArg==2);
+ if( nArg==2 ){
+ zLocale = (const char *)sqlite3_value_text(apArg[1]);
+ }
+
+ zInput = sqlite3_value_text16(apArg[0]);
+ if( !zInput ){
+ return;
+ }
+ nInput = sqlite3_value_bytes16(apArg[0]);
+
+ nOutput = nInput * 2 + 2;
+ zOutput = sqlite3_malloc(nOutput);
+ if( !zOutput ){
+ return;
+ }
+
+ if( sqlite3_user_data(p) ){
+ u_strToUpper(zOutput, nOutput/2, zInput, nInput/2, zLocale, &status);
+ }else{
+ u_strToLower(zOutput, nOutput/2, zInput, nInput/2, zLocale, &status);
+ }
+
+ if( !U_SUCCESS(status) ){
+ icuFunctionError(p, "u_strToLower()/u_strToUpper", status);
+ return;
+ }
+
+ sqlite3_result_text16(p, zOutput, -1, xFree);
+}
+
+/*
+** Collation sequence destructor function. The pCtx argument points to
+** a UCollator structure previously allocated using ucol_open().
+*/
+static void icuCollationDel(void *pCtx){
+ UCollator *p = (UCollator *)pCtx;
+ ucol_close(p);
+}
+
+/*
+** Collation sequence comparison function. The pCtx argument points to
+** a UCollator structure previously allocated using ucol_open().
+*/
+static int icuCollationColl(
+ void *pCtx,
+ int nLeft,
+ const void *zLeft,
+ int nRight,
+ const void *zRight
+){
+ UCollationResult res;
+ UCollator *p = (UCollator *)pCtx;
+ res = ucol_strcoll(p, (UChar *)zLeft, nLeft/2, (UChar *)zRight, nRight/2);
+ switch( res ){
+ case UCOL_LESS: return -1;
+ case UCOL_GREATER: return +1;
+ case UCOL_EQUAL: return 0;
+ }
+ assert(!"Unexpected return value from ucol_strcoll()");
+ return 0;
+}
+
+/*
+** Implementation of the scalar function icu_load_collation().
+**
+** This scalar function is used to add ICU collation based collation
+** types to an SQLite database connection. It is intended to be called
+** as follows:
+**
+** SELECT icu_load_collation(<locale>, <collation-name>);
+**
+** Where <locale> is a string containing an ICU locale identifier (i.e.
+** "en_AU", "tr_TR" etc.) and <collation-name> is the name of the
+** collation sequence to create.
+*/
+static void icuLoadCollation(
+ sqlite3_context *p,
+ int nArg,
+ sqlite3_value **apArg
+){
+ sqlite3 *db = (sqlite3 *)sqlite3_user_data(p);
+ UErrorCode status = U_ZERO_ERROR;
+ const char *zLocale; /* Locale identifier - (eg. "jp_JP") */
+ const char *zName; /* SQL Collation sequence name (eg. "japanese") */
+ UCollator *pUCollator; /* ICU library collation object */
+ int rc; /* Return code from sqlite3_create_collation_x() */
+
+ assert(nArg==2);
+ (void)nArg; /* Unused parameter */
+ zLocale = (const char *)sqlite3_value_text(apArg[0]);
+ zName = (const char *)sqlite3_value_text(apArg[1]);
+
+ if( !zLocale || !zName ){
+ return;
+ }
+
+ pUCollator = ucol_open(zLocale, &status);
+ if( !U_SUCCESS(status) ){
+ icuFunctionError(p, "ucol_open", status);
+ return;
+ }
+ assert(p);
+
+ rc = sqlite3_create_collation_v2(db, zName, SQLITE_UTF16, (void *)pUCollator,
+ icuCollationColl, icuCollationDel
+ );
+ if( rc!=SQLITE_OK ){
+ ucol_close(pUCollator);
+ sqlite3_result_error(p, "Error registering collation function", -1);
+ }
+}
+
+/*
+** Register the ICU extension functions with database db.
+*/
+SQLITE_PRIVATE int sqlite3IcuInit(sqlite3 *db){
+ struct IcuScalar {
+ const char *zName; /* Function name */
+ int nArg; /* Number of arguments */
+ int enc; /* Optimal text encoding */
+ void *pContext; /* sqlite3_user_data() context */
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**);
+ } scalars[] = {
+ {"regexp", 2, SQLITE_ANY, 0, icuRegexpFunc},
+
+ {"lower", 1, SQLITE_UTF16, 0, icuCaseFunc16},
+ {"lower", 2, SQLITE_UTF16, 0, icuCaseFunc16},
+ {"upper", 1, SQLITE_UTF16, (void*)1, icuCaseFunc16},
+ {"upper", 2, SQLITE_UTF16, (void*)1, icuCaseFunc16},
+
+ {"lower", 1, SQLITE_UTF8, 0, icuCaseFunc16},
+ {"lower", 2, SQLITE_UTF8, 0, icuCaseFunc16},
+ {"upper", 1, SQLITE_UTF8, (void*)1, icuCaseFunc16},
+ {"upper", 2, SQLITE_UTF8, (void*)1, icuCaseFunc16},
+
+ {"like", 2, SQLITE_UTF8, 0, icuLikeFunc},
+ {"like", 3, SQLITE_UTF8, 0, icuLikeFunc},
+
+ {"icu_load_collation", 2, SQLITE_UTF8, (void*)db, icuLoadCollation},
+ };
+
+ int rc = SQLITE_OK;
+ int i;
+
+ for(i=0; rc==SQLITE_OK && i<(int)(sizeof(scalars)/sizeof(scalars[0])); i++){
+ struct IcuScalar *p = &scalars[i];
+ rc = sqlite3_create_function(
+ db, p->zName, p->nArg, p->enc, p->pContext, p->xFunc, 0, 0
+ );
+ }
+
+ return rc;
+}
+
+#if !SQLITE_CORE
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+SQLITE_API int SQLITE_STDCALL sqlite3_icu_init(
+ sqlite3 *db,
+ char **pzErrMsg,
+ const sqlite3_api_routines *pApi
+){
+ SQLITE_EXTENSION_INIT2(pApi)
+ return sqlite3IcuInit(db);
+}
+#endif
+
+#endif
+
+/************** End of icu.c *************************************************/
+/************** Begin file fts3_icu.c ****************************************/
+/*
+** 2007 June 22
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This file implements a tokenizer for fts3 based on the ICU library.
+*/
+/* #include "fts3Int.h" */
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+#ifdef SQLITE_ENABLE_ICU
+
+/* #include <assert.h> */
+/* #include <string.h> */
+/* #include "fts3_tokenizer.h" */
+
+#include <unicode/ubrk.h>
+/* #include <unicode/ucol.h> */
+/* #include <unicode/ustring.h> */
+#include <unicode/utf16.h>
+
+typedef struct IcuTokenizer IcuTokenizer;
+typedef struct IcuCursor IcuCursor;
+
+struct IcuTokenizer {
+ sqlite3_tokenizer base;
+ char *zLocale;
+};
+
+struct IcuCursor {
+ sqlite3_tokenizer_cursor base;
+
+ UBreakIterator *pIter; /* ICU break-iterator object */
+ int nChar; /* Number of UChar elements in pInput */
+ UChar *aChar; /* Copy of input using utf-16 encoding */
+ int *aOffset; /* Offsets of each character in utf-8 input */
+
+ int nBuffer;
+ char *zBuffer;
+
+ int iToken;
+};
+
+/*
+** Create a new tokenizer instance.
+*/
+static int icuCreate(
+ int argc, /* Number of entries in argv[] */
+ const char * const *argv, /* Tokenizer creation arguments */
+ sqlite3_tokenizer **ppTokenizer /* OUT: Created tokenizer */
+){
+ IcuTokenizer *p;
+ int n = 0;
+
+ if( argc>0 ){
+ n = strlen(argv[0])+1;
+ }
+ p = (IcuTokenizer *)sqlite3_malloc(sizeof(IcuTokenizer)+n);
+ if( !p ){
+ return SQLITE_NOMEM;
+ }
+ memset(p, 0, sizeof(IcuTokenizer));
+
+ if( n ){
+ p->zLocale = (char *)&p[1];
+ memcpy(p->zLocale, argv[0], n);
+ }
+
+ *ppTokenizer = (sqlite3_tokenizer *)p;
+
+ return SQLITE_OK;
+}
+
+/*
+** Destroy a tokenizer
+*/
+static int icuDestroy(sqlite3_tokenizer *pTokenizer){
+ IcuTokenizer *p = (IcuTokenizer *)pTokenizer;
+ sqlite3_free(p);
+ return SQLITE_OK;
+}
+
+/*
+** Prepare to begin tokenizing a particular string. The input
+** string to be tokenized is pInput[0..nBytes-1]. A cursor
+** used to incrementally tokenize this string is returned in
+** *ppCursor.
+*/
+static int icuOpen(
+ sqlite3_tokenizer *pTokenizer, /* The tokenizer */
+ const char *zInput, /* Input string */
+ int nInput, /* Length of zInput in bytes */
+ sqlite3_tokenizer_cursor **ppCursor /* OUT: Tokenization cursor */
+){
+ IcuTokenizer *p = (IcuTokenizer *)pTokenizer;
+ IcuCursor *pCsr;
+
+ const int32_t opt = U_FOLD_CASE_DEFAULT;
+ UErrorCode status = U_ZERO_ERROR;
+ int nChar;
+
+ UChar32 c;
+ int iInput = 0;
+ int iOut = 0;
+
+ *ppCursor = 0;
+
+ if( zInput==0 ){
+ nInput = 0;
+ zInput = "";
+ }else if( nInput<0 ){
+ nInput = strlen(zInput);
+ }
+ nChar = nInput+1;
+ pCsr = (IcuCursor *)sqlite3_malloc(
+ sizeof(IcuCursor) + /* IcuCursor */
+ ((nChar+3)&~3) * sizeof(UChar) + /* IcuCursor.aChar[] */
+ (nChar+1) * sizeof(int) /* IcuCursor.aOffset[] */
+ );
+ if( !pCsr ){
+ return SQLITE_NOMEM;
+ }
+ memset(pCsr, 0, sizeof(IcuCursor));
+ pCsr->aChar = (UChar *)&pCsr[1];
+ pCsr->aOffset = (int *)&pCsr->aChar[(nChar+3)&~3];
+
+ pCsr->aOffset[iOut] = iInput;
+ U8_NEXT(zInput, iInput, nInput, c);
+ while( c>0 ){
+ int isError = 0;
+ c = u_foldCase(c, opt);
+ U16_APPEND(pCsr->aChar, iOut, nChar, c, isError);
+ if( isError ){
+ sqlite3_free(pCsr);
+ return SQLITE_ERROR;
+ }
+ pCsr->aOffset[iOut] = iInput;
+
+ if( iInput<nInput ){
+ U8_NEXT(zInput, iInput, nInput, c);
+ }else{
+ c = 0;
+ }
+ }
+
+ pCsr->pIter = ubrk_open(UBRK_WORD, p->zLocale, pCsr->aChar, iOut, &status);
+ if( !U_SUCCESS(status) ){
+ sqlite3_free(pCsr);
+ return SQLITE_ERROR;
+ }
+ pCsr->nChar = iOut;
+
+ ubrk_first(pCsr->pIter);
+ *ppCursor = (sqlite3_tokenizer_cursor *)pCsr;
+ return SQLITE_OK;
+}
+
+/*
+** Close a tokenization cursor previously opened by a call to icuOpen().
+*/
+static int icuClose(sqlite3_tokenizer_cursor *pCursor){
+ IcuCursor *pCsr = (IcuCursor *)pCursor;
+ ubrk_close(pCsr->pIter);
+ sqlite3_free(pCsr->zBuffer);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+/*
+** Extract the next token from a tokenization cursor.
+*/
+static int icuNext(
+ sqlite3_tokenizer_cursor *pCursor, /* Cursor returned by simpleOpen */
+ const char **ppToken, /* OUT: *ppToken is the token text */
+ int *pnBytes, /* OUT: Number of bytes in token */
+ int *piStartOffset, /* OUT: Starting offset of token */
+ int *piEndOffset, /* OUT: Ending offset of token */
+ int *piPosition /* OUT: Position integer of token */
+){
+ IcuCursor *pCsr = (IcuCursor *)pCursor;
+
+ int iStart = 0;
+ int iEnd = 0;
+ int nByte = 0;
+
+ while( iStart==iEnd ){
+ UChar32 c;
+
+ iStart = ubrk_current(pCsr->pIter);
+ iEnd = ubrk_next(pCsr->pIter);
+ if( iEnd==UBRK_DONE ){
+ return SQLITE_DONE;
+ }
+
+ while( iStart<iEnd ){
+ int iWhite = iStart;
+ U16_NEXT(pCsr->aChar, iWhite, pCsr->nChar, c);
+ if( u_isspace(c) ){
+ iStart = iWhite;
+ }else{
+ break;
+ }
+ }
+ assert(iStart<=iEnd);
+ }
+
+ do {
+ UErrorCode status = U_ZERO_ERROR;
+ if( nByte ){
+ char *zNew = sqlite3_realloc(pCsr->zBuffer, nByte);
+ if( !zNew ){
+ return SQLITE_NOMEM;
+ }
+ pCsr->zBuffer = zNew;
+ pCsr->nBuffer = nByte;
+ }
+
+ u_strToUTF8(
+ pCsr->zBuffer, pCsr->nBuffer, &nByte, /* Output vars */
+ &pCsr->aChar[iStart], iEnd-iStart, /* Input vars */
+ &status /* Output success/failure */
+ );
+ } while( nByte>pCsr->nBuffer );
+
+ *ppToken = pCsr->zBuffer;
+ *pnBytes = nByte;
+ *piStartOffset = pCsr->aOffset[iStart];
+ *piEndOffset = pCsr->aOffset[iEnd];
+ *piPosition = pCsr->iToken++;
+
+ return SQLITE_OK;
+}
+
+/*
+** The set of routines that implement the simple tokenizer
+*/
+static const sqlite3_tokenizer_module icuTokenizerModule = {
+ 0, /* iVersion */
+ icuCreate, /* xCreate */
+ icuDestroy, /* xCreate */
+ icuOpen, /* xOpen */
+ icuClose, /* xClose */
+ icuNext, /* xNext */
+ 0, /* xLanguageid */
+};
+
+/*
+** Set *ppModule to point at the implementation of the ICU tokenizer.
+*/
+SQLITE_PRIVATE void sqlite3Fts3IcuTokenizerModule(
+ sqlite3_tokenizer_module const**ppModule
+){
+ *ppModule = &icuTokenizerModule;
+}
+
+#endif /* defined(SQLITE_ENABLE_ICU) */
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3) */
+
+/************** End of fts3_icu.c ********************************************/
+/************** Begin file sqlite3rbu.c **************************************/
+/*
+** 2014 August 30
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+**
+** OVERVIEW
+**
+** The RBU extension requires that the RBU update be packaged as an
+** SQLite database. The tables it expects to find are described in
+** sqlite3rbu.h. Essentially, for each table xyz in the target database
+** that the user wishes to write to, a corresponding data_xyz table is
+** created in the RBU database and populated with one row for each row to
+** update, insert or delete from the target table.
+**
+** The update proceeds in three stages:
+**
+** 1) The database is updated. The modified database pages are written
+** to a *-oal file. A *-oal file is just like a *-wal file, except
+** that it is named "<database>-oal" instead of "<database>-wal".
+** Because regular SQLite clients do not look for file named
+** "<database>-oal", they go on using the original database in
+** rollback mode while the *-oal file is being generated.
+**
+** During this stage RBU does not update the database by writing
+** directly to the target tables. Instead it creates "imposter"
+** tables using the SQLITE_TESTCTRL_IMPOSTER interface that it uses
+** to update each b-tree individually. All updates required by each
+** b-tree are completed before moving on to the next, and all
+** updates are done in sorted key order.
+**
+** 2) The "<database>-oal" file is moved to the equivalent "<database>-wal"
+** location using a call to rename(2). Before doing this the RBU
+** module takes an EXCLUSIVE lock on the database file, ensuring
+** that there are no other active readers.
+**
+** Once the EXCLUSIVE lock is released, any other database readers
+** detect the new *-wal file and read the database in wal mode. At
+** this point they see the new version of the database - including
+** the updates made as part of the RBU update.
+**
+** 3) The new *-wal file is checkpointed. This proceeds in the same way
+** as a regular database checkpoint, except that a single frame is
+** checkpointed each time sqlite3rbu_step() is called. If the RBU
+** handle is closed before the entire *-wal file is checkpointed,
+** the checkpoint progress is saved in the RBU database and the
+** checkpoint can be resumed by another RBU client at some point in
+** the future.
+**
+** POTENTIAL PROBLEMS
+**
+** The rename() call might not be portable. And RBU is not currently
+** syncing the directory after renaming the file.
+**
+** When state is saved, any commit to the *-oal file and the commit to
+** the RBU update database are not atomic. So if the power fails at the
+** wrong moment they might get out of sync. As the main database will be
+** committed before the RBU update database this will likely either just
+** pass unnoticed, or result in SQLITE_CONSTRAINT errors (due to UNIQUE
+** constraint violations).
+**
+** If some client does modify the target database mid RBU update, or some
+** other error occurs, the RBU extension will keep throwing errors. It's
+** not really clear how to get out of this state. The system could just
+** by delete the RBU update database and *-oal file and have the device
+** download the update again and start over.
+**
+** At present, for an UPDATE, both the new.* and old.* records are
+** collected in the rbu_xyz table. And for both UPDATEs and DELETEs all
+** fields are collected. This means we're probably writing a lot more
+** data to disk when saving the state of an ongoing update to the RBU
+** update database than is strictly necessary.
+**
+*/
+
+/* #include <assert.h> */
+/* #include <string.h> */
+/* #include <stdio.h> */
+
+/* #include "sqlite3.h" */
+
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_RBU)
+/************** Include sqlite3rbu.h in the middle of sqlite3rbu.c ***********/
+/************** Begin file sqlite3rbu.h **************************************/
+/*
+** 2014 August 30
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains the public interface for the RBU extension.
+*/
+
+/*
+** SUMMARY
+**
+** Writing a transaction containing a large number of operations on
+** b-tree indexes that are collectively larger than the available cache
+** memory can be very inefficient.
+**
+** The problem is that in order to update a b-tree, the leaf page (at least)
+** containing the entry being inserted or deleted must be modified. If the
+** working set of leaves is larger than the available cache memory, then a
+** single leaf that is modified more than once as part of the transaction
+** may be loaded from or written to the persistent media multiple times.
+** Additionally, because the index updates are likely to be applied in
+** random order, access to pages within the database is also likely to be in
+** random order, which is itself quite inefficient.
+**
+** One way to improve the situation is to sort the operations on each index
+** by index key before applying them to the b-tree. This leads to an IO
+** pattern that resembles a single linear scan through the index b-tree,
+** and all but guarantees each modified leaf page is loaded and stored
+** exactly once. SQLite uses this trick to improve the performance of
+** CREATE INDEX commands. This extension allows it to be used to improve
+** the performance of large transactions on existing databases.
+**
+** Additionally, this extension allows the work involved in writing the
+** large transaction to be broken down into sub-transactions performed
+** sequentially by separate processes. This is useful if the system cannot
+** guarantee that a single update process will run for long enough to apply
+** the entire update, for example because the update is being applied on a
+** mobile device that is frequently rebooted. Even after the writer process
+** has committed one or more sub-transactions, other database clients continue
+** to read from the original database snapshot. In other words, partially
+** applied transactions are not visible to other clients.
+**
+** "RBU" stands for "Resumable Bulk Update". As in a large database update
+** transmitted via a wireless network to a mobile device. A transaction
+** applied using this extension is hence refered to as an "RBU update".
+**
+**
+** LIMITATIONS
+**
+** An "RBU update" transaction is subject to the following limitations:
+**
+** * The transaction must consist of INSERT, UPDATE and DELETE operations
+** only.
+**
+** * INSERT statements may not use any default values.
+**
+** * UPDATE and DELETE statements must identify their target rows by
+** non-NULL PRIMARY KEY values. Rows with NULL values stored in PRIMARY
+** KEY fields may not be updated or deleted. If the table being written
+** has no PRIMARY KEY, affected rows must be identified by rowid.
+**
+** * UPDATE statements may not modify PRIMARY KEY columns.
+**
+** * No triggers will be fired.
+**
+** * No foreign key violations are detected or reported.
+**
+** * CHECK constraints are not enforced.
+**
+** * No constraint handling mode except for "OR ROLLBACK" is supported.
+**
+**
+** PREPARATION
+**
+** An "RBU update" is stored as a separate SQLite database. A database
+** containing an RBU update is an "RBU database". For each table in the
+** target database to be updated, the RBU database should contain a table
+** named "data_<target name>" containing the same set of columns as the
+** target table, and one more - "rbu_control". The data_% table should
+** have no PRIMARY KEY or UNIQUE constraints, but each column should have
+** the same type as the corresponding column in the target database.
+** The "rbu_control" column should have no type at all. For example, if
+** the target database contains:
+**
+** CREATE TABLE t1(a INTEGER PRIMARY KEY, b TEXT, c UNIQUE);
+**
+** Then the RBU database should contain:
+**
+** CREATE TABLE data_t1(a INTEGER, b TEXT, c, rbu_control);
+**
+** The order of the columns in the data_% table does not matter.
+**
+** Instead of a regular table, the RBU database may also contain virtual
+** tables or view named using the data_<target> naming scheme.
+**
+** Instead of the plain data_<target> naming scheme, RBU database tables
+** may also be named data<integer>_<target>, where <integer> is any sequence
+** of zero or more numeric characters (0-9). This can be significant because
+** tables within the RBU database are always processed in order sorted by
+** name. By judicious selection of the the <integer> portion of the names
+** of the RBU tables the user can therefore control the order in which they
+** are processed. This can be useful, for example, to ensure that "external
+** content" FTS4 tables are updated before their underlying content tables.
+**
+** If the target database table is a virtual table or a table that has no
+** PRIMARY KEY declaration, the data_% table must also contain a column
+** named "rbu_rowid". This column is mapped to the tables implicit primary
+** key column - "rowid". Virtual tables for which the "rowid" column does
+** not function like a primary key value cannot be updated using RBU. For
+** example, if the target db contains either of the following:
+**
+** CREATE VIRTUAL TABLE x1 USING fts3(a, b);
+** CREATE TABLE x1(a, b)
+**
+** then the RBU database should contain:
+**
+** CREATE TABLE data_x1(a, b, rbu_rowid, rbu_control);
+**
+** All non-hidden columns (i.e. all columns matched by "SELECT *") of the
+** target table must be present in the input table. For virtual tables,
+** hidden columns are optional - they are updated by RBU if present in
+** the input table, or not otherwise. For example, to write to an fts4
+** table with a hidden languageid column such as:
+**
+** CREATE VIRTUAL TABLE ft1 USING fts4(a, b, languageid='langid');
+**
+** Either of the following input table schemas may be used:
+**
+** CREATE TABLE data_ft1(a, b, langid, rbu_rowid, rbu_control);
+** CREATE TABLE data_ft1(a, b, rbu_rowid, rbu_control);
+**
+** For each row to INSERT into the target database as part of the RBU
+** update, the corresponding data_% table should contain a single record
+** with the "rbu_control" column set to contain integer value 0. The
+** other columns should be set to the values that make up the new record
+** to insert.
+**
+** If the target database table has an INTEGER PRIMARY KEY, it is not
+** possible to insert a NULL value into the IPK column. Attempting to
+** do so results in an SQLITE_MISMATCH error.
+**
+** For each row to DELETE from the target database as part of the RBU
+** update, the corresponding data_% table should contain a single record
+** with the "rbu_control" column set to contain integer value 1. The
+** real primary key values of the row to delete should be stored in the
+** corresponding columns of the data_% table. The values stored in the
+** other columns are not used.
+**
+** For each row to UPDATE from the target database as part of the RBU
+** update, the corresponding data_% table should contain a single record
+** with the "rbu_control" column set to contain a value of type text.
+** The real primary key values identifying the row to update should be
+** stored in the corresponding columns of the data_% table row, as should
+** the new values of all columns being update. The text value in the
+** "rbu_control" column must contain the same number of characters as
+** there are columns in the target database table, and must consist entirely
+** of 'x' and '.' characters (or in some special cases 'd' - see below). For
+** each column that is being updated, the corresponding character is set to
+** 'x'. For those that remain as they are, the corresponding character of the
+** rbu_control value should be set to '.'. For example, given the tables
+** above, the update statement:
+**
+** UPDATE t1 SET c = 'usa' WHERE a = 4;
+**
+** is represented by the data_t1 row created by:
+**
+** INSERT INTO data_t1(a, b, c, rbu_control) VALUES(4, NULL, 'usa', '..x');
+**
+** Instead of an 'x' character, characters of the rbu_control value specified
+** for UPDATEs may also be set to 'd'. In this case, instead of updating the
+** target table with the value stored in the corresponding data_% column, the
+** user-defined SQL function "rbu_delta()" is invoked and the result stored in
+** the target table column. rbu_delta() is invoked with two arguments - the
+** original value currently stored in the target table column and the
+** value specified in the data_xxx table.
+**
+** For example, this row:
+**
+** INSERT INTO data_t1(a, b, c, rbu_control) VALUES(4, NULL, 'usa', '..d');
+**
+** is similar to an UPDATE statement such as:
+**
+** UPDATE t1 SET c = rbu_delta(c, 'usa') WHERE a = 4;
+**
+** Finally, if an 'f' character appears in place of a 'd' or 's' in an
+** ota_control string, the contents of the data_xxx table column is assumed
+** to be a "fossil delta" - a patch to be applied to a blob value in the
+** format used by the fossil source-code management system. In this case
+** the existing value within the target database table must be of type BLOB.
+** It is replaced by the result of applying the specified fossil delta to
+** itself.
+**
+** If the target database table is a virtual table or a table with no PRIMARY
+** KEY, the rbu_control value should not include a character corresponding
+** to the rbu_rowid value. For example, this:
+**
+** INSERT INTO data_ft1(a, b, rbu_rowid, rbu_control)
+** VALUES(NULL, 'usa', 12, '.x');
+**
+** causes a result similar to:
+**
+** UPDATE ft1 SET b = 'usa' WHERE rowid = 12;
+**
+** The data_xxx tables themselves should have no PRIMARY KEY declarations.
+** However, RBU is more efficient if reading the rows in from each data_xxx
+** table in "rowid" order is roughly the same as reading them sorted by
+** the PRIMARY KEY of the corresponding target database table. In other
+** words, rows should be sorted using the destination table PRIMARY KEY
+** fields before they are inserted into the data_xxx tables.
+**
+** USAGE
+**
+** The API declared below allows an application to apply an RBU update
+** stored on disk to an existing target database. Essentially, the
+** application:
+**
+** 1) Opens an RBU handle using the sqlite3rbu_open() function.
+**
+** 2) Registers any required virtual table modules with the database
+** handle returned by sqlite3rbu_db(). Also, if required, register
+** the rbu_delta() implementation.
+**
+** 3) Calls the sqlite3rbu_step() function one or more times on
+** the new handle. Each call to sqlite3rbu_step() performs a single
+** b-tree operation, so thousands of calls may be required to apply
+** a complete update.
+**
+** 4) Calls sqlite3rbu_close() to close the RBU update handle. If
+** sqlite3rbu_step() has been called enough times to completely
+** apply the update to the target database, then the RBU database
+** is marked as fully applied. Otherwise, the state of the RBU
+** update application is saved in the RBU database for later
+** resumption.
+**
+** See comments below for more detail on APIs.
+**
+** If an update is only partially applied to the target database by the
+** time sqlite3rbu_close() is called, various state information is saved
+** within the RBU database. This allows subsequent processes to automatically
+** resume the RBU update from where it left off.
+**
+** To remove all RBU extension state information, returning an RBU database
+** to its original contents, it is sufficient to drop all tables that begin
+** with the prefix "rbu_"
+**
+** DATABASE LOCKING
+**
+** An RBU update may not be applied to a database in WAL mode. Attempting
+** to do so is an error (SQLITE_ERROR).
+**
+** While an RBU handle is open, a SHARED lock may be held on the target
+** database file. This means it is possible for other clients to read the
+** database, but not to write it.
+**
+** If an RBU update is started and then suspended before it is completed,
+** then an external client writes to the database, then attempting to resume
+** the suspended RBU update is also an error (SQLITE_BUSY).
+*/
+
+#ifndef _SQLITE3RBU_H
+#define _SQLITE3RBU_H
+
+/* #include "sqlite3.h" ** Required for error code definitions ** */
+
+#if 0
+extern "C" {
+#endif
+
+typedef struct sqlite3rbu sqlite3rbu;
+
+/*
+** Open an RBU handle.
+**
+** Argument zTarget is the path to the target database. Argument zRbu is
+** the path to the RBU database. Each call to this function must be matched
+** by a call to sqlite3rbu_close(). When opening the databases, RBU passes
+** the SQLITE_CONFIG_URI flag to sqlite3_open_v2(). So if either zTarget
+** or zRbu begin with "file:", it will be interpreted as an SQLite
+** database URI, not a regular file name.
+**
+** If the zState argument is passed a NULL value, the RBU extension stores
+** the current state of the update (how many rows have been updated, which
+** indexes are yet to be updated etc.) within the RBU database itself. This
+** can be convenient, as it means that the RBU application does not need to
+** organize removing a separate state file after the update is concluded.
+** Or, if zState is non-NULL, it must be a path to a database file in which
+** the RBU extension can store the state of the update.
+**
+** When resuming an RBU update, the zState argument must be passed the same
+** value as when the RBU update was started.
+**
+** Once the RBU update is finished, the RBU extension does not
+** automatically remove any zState database file, even if it created it.
+**
+** By default, RBU uses the default VFS to access the files on disk. To
+** use a VFS other than the default, an SQLite "file:" URI containing a
+** "vfs=..." option may be passed as the zTarget option.
+**
+** IMPORTANT NOTE FOR ZIPVFS USERS: The RBU extension works with all of
+** SQLite's built-in VFSs, including the multiplexor VFS. However it does
+** not work out of the box with zipvfs. Refer to the comment describing
+** the zipvfs_create_vfs() API below for details on using RBU with zipvfs.
+*/
+SQLITE_API sqlite3rbu *SQLITE_STDCALL sqlite3rbu_open(
+ const char *zTarget,
+ const char *zRbu,
+ const char *zState
+);
+
+/*
+** Internally, each RBU connection uses a separate SQLite database
+** connection to access the target and rbu update databases. This
+** API allows the application direct access to these database handles.
+**
+** The first argument passed to this function must be a valid, open, RBU
+** handle. The second argument should be passed zero to access the target
+** database handle, or non-zero to access the rbu update database handle.
+** Accessing the underlying database handles may be useful in the
+** following scenarios:
+**
+** * If any target tables are virtual tables, it may be necessary to
+** call sqlite3_create_module() on the target database handle to
+** register the required virtual table implementations.
+**
+** * If the data_xxx tables in the RBU source database are virtual
+** tables, the application may need to call sqlite3_create_module() on
+** the rbu update db handle to any required virtual table
+** implementations.
+**
+** * If the application uses the "rbu_delta()" feature described above,
+** it must use sqlite3_create_function() or similar to register the
+** rbu_delta() implementation with the target database handle.
+**
+** If an error has occurred, either while opening or stepping the RBU object,
+** this function may return NULL. The error code and message may be collected
+** when sqlite3rbu_close() is called.
+**
+** Database handles returned by this function remain valid until the next
+** call to any sqlite3rbu_xxx() function other than sqlite3rbu_db().
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3rbu_db(sqlite3rbu*, int bRbu);
+
+/*
+** Do some work towards applying the RBU update to the target db.
+**
+** Return SQLITE_DONE if the update has been completely applied, or
+** SQLITE_OK if no error occurs but there remains work to do to apply
+** the RBU update. If an error does occur, some other error code is
+** returned.
+**
+** Once a call to sqlite3rbu_step() has returned a value other than
+** SQLITE_OK, all subsequent calls on the same RBU handle are no-ops
+** that immediately return the same value.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_step(sqlite3rbu *pRbu);
+
+/*
+** Force RBU to save its state to disk.
+**
+** If a power failure or application crash occurs during an update, following
+** system recovery RBU may resume the update from the point at which the state
+** was last saved. In other words, from the most recent successful call to
+** sqlite3rbu_close() or this function.
+**
+** SQLITE_OK is returned if successful, or an SQLite error code otherwise.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_savestate(sqlite3rbu *pRbu);
+
+/*
+** Close an RBU handle.
+**
+** If the RBU update has been completely applied, mark the RBU database
+** as fully applied. Otherwise, assuming no error has occurred, save the
+** current state of the RBU update appliation to the RBU database.
+**
+** If an error has already occurred as part of an sqlite3rbu_step()
+** or sqlite3rbu_open() call, or if one occurs within this function, an
+** SQLite error code is returned. Additionally, *pzErrmsg may be set to
+** point to a buffer containing a utf-8 formatted English language error
+** message. It is the responsibility of the caller to eventually free any
+** such buffer using sqlite3_free().
+**
+** Otherwise, if no error occurs, this function returns SQLITE_OK if the
+** update has been partially applied, or SQLITE_DONE if it has been
+** completely applied.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_close(sqlite3rbu *pRbu, char **pzErrmsg);
+
+/*
+** Return the total number of key-value operations (inserts, deletes or
+** updates) that have been performed on the target database since the
+** current RBU update was started.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3rbu_progress(sqlite3rbu *pRbu);
+
+/*
+** Create an RBU VFS named zName that accesses the underlying file-system
+** via existing VFS zParent. Or, if the zParent parameter is passed NULL,
+** then the new RBU VFS uses the default system VFS to access the file-system.
+** The new object is registered as a non-default VFS with SQLite before
+** returning.
+**
+** Part of the RBU implementation uses a custom VFS object. Usually, this
+** object is created and deleted automatically by RBU.
+**
+** The exception is for applications that also use zipvfs. In this case,
+** the custom VFS must be explicitly created by the user before the RBU
+** handle is opened. The RBU VFS should be installed so that the zipvfs
+** VFS uses the RBU VFS, which in turn uses any other VFS layers in use
+** (for example multiplexor) to access the file-system. For example,
+** to assemble an RBU enabled VFS stack that uses both zipvfs and
+** multiplexor (error checking omitted):
+**
+** // Create a VFS named "multiplex" (not the default).
+** sqlite3_multiplex_initialize(0, 0);
+**
+** // Create an rbu VFS named "rbu" that uses multiplexor. If the
+** // second argument were replaced with NULL, the "rbu" VFS would
+** // access the file-system via the system default VFS, bypassing the
+** // multiplexor.
+** sqlite3rbu_create_vfs("rbu", "multiplex");
+**
+** // Create a zipvfs VFS named "zipvfs" that uses rbu.
+** zipvfs_create_vfs_v3("zipvfs", "rbu", 0, xCompressorAlgorithmDetector);
+**
+** // Make zipvfs the default VFS.
+** sqlite3_vfs_register(sqlite3_vfs_find("zipvfs"), 1);
+**
+** Because the default VFS created above includes a RBU functionality, it
+** may be used by RBU clients. Attempting to use RBU with a zipvfs VFS stack
+** that does not include the RBU layer results in an error.
+**
+** The overhead of adding the "rbu" VFS to the system is negligible for
+** non-RBU users. There is no harm in an application accessing the
+** file-system via "rbu" all the time, even if it only uses RBU functionality
+** occasionally.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_create_vfs(const char *zName, const char *zParent);
+
+/*
+** Deregister and destroy an RBU vfs created by an earlier call to
+** sqlite3rbu_create_vfs().
+**
+** VFS objects are not reference counted. If a VFS object is destroyed
+** before all database handles that use it have been closed, the results
+** are undefined.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3rbu_destroy_vfs(const char *zName);
+
+#if 0
+} /* end of the 'extern "C"' block */
+#endif
+
+#endif /* _SQLITE3RBU_H */
+
+/************** End of sqlite3rbu.h ******************************************/
+/************** Continuing where we left off in sqlite3rbu.c *****************/
+
+#if defined(_WIN32_WCE)
+/* #include "windows.h" */
+#endif
+
+/* Maximum number of prepared UPDATE statements held by this module */
+#define SQLITE_RBU_UPDATE_CACHESIZE 16
+
+/*
+** Swap two objects of type TYPE.
+*/
+#if !defined(SQLITE_AMALGAMATION)
+# define SWAP(TYPE,A,B) {TYPE t=A; A=B; B=t;}
+#endif
+
+/*
+** The rbu_state table is used to save the state of a partially applied
+** update so that it can be resumed later. The table consists of integer
+** keys mapped to values as follows:
+**
+** RBU_STATE_STAGE:
+** May be set to integer values 1, 2, 4 or 5. As follows:
+** 1: the *-rbu file is currently under construction.
+** 2: the *-rbu file has been constructed, but not yet moved
+** to the *-wal path.
+** 4: the checkpoint is underway.
+** 5: the rbu update has been checkpointed.
+**
+** RBU_STATE_TBL:
+** Only valid if STAGE==1. The target database name of the table
+** currently being written.
+**
+** RBU_STATE_IDX:
+** Only valid if STAGE==1. The target database name of the index
+** currently being written, or NULL if the main table is currently being
+** updated.
+**
+** RBU_STATE_ROW:
+** Only valid if STAGE==1. Number of rows already processed for the current
+** table/index.
+**
+** RBU_STATE_PROGRESS:
+** Trbul number of sqlite3rbu_step() calls made so far as part of this
+** rbu update.
+**
+** RBU_STATE_CKPT:
+** Valid if STAGE==4. The 64-bit checksum associated with the wal-index
+** header created by recovering the *-wal file. This is used to detect
+** cases when another client appends frames to the *-wal file in the
+** middle of an incremental checkpoint (an incremental checkpoint cannot
+** be continued if this happens).
+**
+** RBU_STATE_COOKIE:
+** Valid if STAGE==1. The current change-counter cookie value in the
+** target db file.
+**
+** RBU_STATE_OALSZ:
+** Valid if STAGE==1. The size in bytes of the *-oal file.
+*/
+#define RBU_STATE_STAGE 1
+#define RBU_STATE_TBL 2
+#define RBU_STATE_IDX 3
+#define RBU_STATE_ROW 4
+#define RBU_STATE_PROGRESS 5
+#define RBU_STATE_CKPT 6
+#define RBU_STATE_COOKIE 7
+#define RBU_STATE_OALSZ 8
+
+#define RBU_STAGE_OAL 1
+#define RBU_STAGE_MOVE 2
+#define RBU_STAGE_CAPTURE 3
+#define RBU_STAGE_CKPT 4
+#define RBU_STAGE_DONE 5
+
+
+#define RBU_CREATE_STATE \
+ "CREATE TABLE IF NOT EXISTS %s.rbu_state(k INTEGER PRIMARY KEY, v)"
+
+typedef struct RbuFrame RbuFrame;
+typedef struct RbuObjIter RbuObjIter;
+typedef struct RbuState RbuState;
+typedef struct rbu_vfs rbu_vfs;
+typedef struct rbu_file rbu_file;
+typedef struct RbuUpdateStmt RbuUpdateStmt;
+
+#if !defined(SQLITE_AMALGAMATION)
+typedef unsigned int u32;
+typedef unsigned char u8;
+typedef sqlite3_int64 i64;
+#endif
+
+/*
+** These values must match the values defined in wal.c for the equivalent
+** locks. These are not magic numbers as they are part of the SQLite file
+** format.
+*/
+#define WAL_LOCK_WRITE 0
+#define WAL_LOCK_CKPT 1
+#define WAL_LOCK_READ0 3
+
+/*
+** A structure to store values read from the rbu_state table in memory.
+*/
+struct RbuState {
+ int eStage;
+ char *zTbl;
+ char *zIdx;
+ i64 iWalCksum;
+ int nRow;
+ i64 nProgress;
+ u32 iCookie;
+ i64 iOalSz;
+};
+
+struct RbuUpdateStmt {
+ char *zMask; /* Copy of update mask used with pUpdate */
+ sqlite3_stmt *pUpdate; /* Last update statement (or NULL) */
+ RbuUpdateStmt *pNext;
+};
+
+/*
+** An iterator of this type is used to iterate through all objects in
+** the target database that require updating. For each such table, the
+** iterator visits, in order:
+**
+** * the table itself,
+** * each index of the table (zero or more points to visit), and
+** * a special "cleanup table" state.
+**
+** abIndexed:
+** If the table has no indexes on it, abIndexed is set to NULL. Otherwise,
+** it points to an array of flags nTblCol elements in size. The flag is
+** set for each column that is either a part of the PK or a part of an
+** index. Or clear otherwise.
+**
+*/
+struct RbuObjIter {
+ sqlite3_stmt *pTblIter; /* Iterate through tables */
+ sqlite3_stmt *pIdxIter; /* Index iterator */
+ int nTblCol; /* Size of azTblCol[] array */
+ char **azTblCol; /* Array of unquoted target column names */
+ char **azTblType; /* Array of target column types */
+ int *aiSrcOrder; /* src table col -> target table col */
+ u8 *abTblPk; /* Array of flags, set on target PK columns */
+ u8 *abNotNull; /* Array of flags, set on NOT NULL columns */
+ u8 *abIndexed; /* Array of flags, set on indexed & PK cols */
+ int eType; /* Table type - an RBU_PK_XXX value */
+
+ /* Output variables. zTbl==0 implies EOF. */
+ int bCleanup; /* True in "cleanup" state */
+ const char *zTbl; /* Name of target db table */
+ const char *zDataTbl; /* Name of rbu db table (or null) */
+ const char *zIdx; /* Name of target db index (or null) */
+ int iTnum; /* Root page of current object */
+ int iPkTnum; /* If eType==EXTERNAL, root of PK index */
+ int bUnique; /* Current index is unique */
+
+ /* Statements created by rbuObjIterPrepareAll() */
+ int nCol; /* Number of columns in current object */
+ sqlite3_stmt *pSelect; /* Source data */
+ sqlite3_stmt *pInsert; /* Statement for INSERT operations */
+ sqlite3_stmt *pDelete; /* Statement for DELETE ops */
+ sqlite3_stmt *pTmpInsert; /* Insert into rbu_tmp_$zDataTbl */
+
+ /* Last UPDATE used (for PK b-tree updates only), or NULL. */
+ RbuUpdateStmt *pRbuUpdate;
+};
+
+/*
+** Values for RbuObjIter.eType
+**
+** 0: Table does not exist (error)
+** 1: Table has an implicit rowid.
+** 2: Table has an explicit IPK column.
+** 3: Table has an external PK index.
+** 4: Table is WITHOUT ROWID.
+** 5: Table is a virtual table.
+*/
+#define RBU_PK_NOTABLE 0
+#define RBU_PK_NONE 1
+#define RBU_PK_IPK 2
+#define RBU_PK_EXTERNAL 3
+#define RBU_PK_WITHOUT_ROWID 4
+#define RBU_PK_VTAB 5
+
+
+/*
+** Within the RBU_STAGE_OAL stage, each call to sqlite3rbu_step() performs
+** one of the following operations.
+*/
+#define RBU_INSERT 1 /* Insert on a main table b-tree */
+#define RBU_DELETE 2 /* Delete a row from a main table b-tree */
+#define RBU_IDX_DELETE 3 /* Delete a row from an aux. index b-tree */
+#define RBU_IDX_INSERT 4 /* Insert on an aux. index b-tree */
+#define RBU_UPDATE 5 /* Update a row in a main table b-tree */
+
+
+/*
+** A single step of an incremental checkpoint - frame iWalFrame of the wal
+** file should be copied to page iDbPage of the database file.
+*/
+struct RbuFrame {
+ u32 iDbPage;
+ u32 iWalFrame;
+};
+
+/*
+** RBU handle.
+*/
+struct sqlite3rbu {
+ int eStage; /* Value of RBU_STATE_STAGE field */
+ sqlite3 *dbMain; /* target database handle */
+ sqlite3 *dbRbu; /* rbu database handle */
+ char *zTarget; /* Path to target db */
+ char *zRbu; /* Path to rbu db */
+ char *zState; /* Path to state db (or NULL if zRbu) */
+ char zStateDb[5]; /* Db name for state ("stat" or "main") */
+ int rc; /* Value returned by last rbu_step() call */
+ char *zErrmsg; /* Error message if rc!=SQLITE_OK */
+ int nStep; /* Rows processed for current object */
+ int nProgress; /* Rows processed for all objects */
+ RbuObjIter objiter; /* Iterator for skipping through tbl/idx */
+ const char *zVfsName; /* Name of automatically created rbu vfs */
+ rbu_file *pTargetFd; /* File handle open on target db */
+ i64 iOalSz;
+
+ /* The following state variables are used as part of the incremental
+ ** checkpoint stage (eStage==RBU_STAGE_CKPT). See comments surrounding
+ ** function rbuSetupCheckpoint() for details. */
+ u32 iMaxFrame; /* Largest iWalFrame value in aFrame[] */
+ u32 mLock;
+ int nFrame; /* Entries in aFrame[] array */
+ int nFrameAlloc; /* Allocated size of aFrame[] array */
+ RbuFrame *aFrame;
+ int pgsz;
+ u8 *aBuf;
+ i64 iWalCksum;
+};
+
+/*
+** An rbu VFS is implemented using an instance of this structure.
+*/
+struct rbu_vfs {
+ sqlite3_vfs base; /* rbu VFS shim methods */
+ sqlite3_vfs *pRealVfs; /* Underlying VFS */
+ sqlite3_mutex *mutex; /* Mutex to protect pMain */
+ rbu_file *pMain; /* Linked list of main db files */
+};
+
+/*
+** Each file opened by an rbu VFS is represented by an instance of
+** the following structure.
+*/
+struct rbu_file {
+ sqlite3_file base; /* sqlite3_file methods */
+ sqlite3_file *pReal; /* Underlying file handle */
+ rbu_vfs *pRbuVfs; /* Pointer to the rbu_vfs object */
+ sqlite3rbu *pRbu; /* Pointer to rbu object (rbu target only) */
+
+ int openFlags; /* Flags this file was opened with */
+ u32 iCookie; /* Cookie value for main db files */
+ u8 iWriteVer; /* "write-version" value for main db files */
+
+ int nShm; /* Number of entries in apShm[] array */
+ char **apShm; /* Array of mmap'd *-shm regions */
+ char *zDel; /* Delete this when closing file */
+
+ const char *zWal; /* Wal filename for this main db file */
+ rbu_file *pWalFd; /* Wal file descriptor for this main db */
+ rbu_file *pMainNext; /* Next MAIN_DB file */
+};
+
+
+/*************************************************************************
+** The following three functions, found below:
+**
+** rbuDeltaGetInt()
+** rbuDeltaChecksum()
+** rbuDeltaApply()
+**
+** are lifted from the fossil source code (http://fossil-scm.org). They
+** are used to implement the scalar SQL function rbu_fossil_delta().
+*/
+
+/*
+** Read bytes from *pz and convert them into a positive integer. When
+** finished, leave *pz pointing to the first character past the end of
+** the integer. The *pLen parameter holds the length of the string
+** in *pz and is decremented once for each character in the integer.
+*/
+static unsigned int rbuDeltaGetInt(const char **pz, int *pLen){
+ static const signed char zValue[] = {
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
+ -1, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
+ 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, -1, -1, -1, -1, 36,
+ -1, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51,
+ 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, -1, -1, -1, 63, -1,
+ };
+ unsigned int v = 0;
+ int c;
+ unsigned char *z = (unsigned char*)*pz;
+ unsigned char *zStart = z;
+ while( (c = zValue[0x7f&*(z++)])>=0 ){
+ v = (v<<6) + c;
+ }
+ z--;
+ *pLen -= z - zStart;
+ *pz = (char*)z;
+ return v;
+}
+
+/*
+** Compute a 32-bit checksum on the N-byte buffer. Return the result.
+*/
+static unsigned int rbuDeltaChecksum(const char *zIn, size_t N){
+ const unsigned char *z = (const unsigned char *)zIn;
+ unsigned sum0 = 0;
+ unsigned sum1 = 0;
+ unsigned sum2 = 0;
+ unsigned sum3 = 0;
+ while(N >= 16){
+ sum0 += ((unsigned)z[0] + z[4] + z[8] + z[12]);
+ sum1 += ((unsigned)z[1] + z[5] + z[9] + z[13]);
+ sum2 += ((unsigned)z[2] + z[6] + z[10]+ z[14]);
+ sum3 += ((unsigned)z[3] + z[7] + z[11]+ z[15]);
+ z += 16;
+ N -= 16;
+ }
+ while(N >= 4){
+ sum0 += z[0];
+ sum1 += z[1];
+ sum2 += z[2];
+ sum3 += z[3];
+ z += 4;
+ N -= 4;
+ }
+ sum3 += (sum2 << 8) + (sum1 << 16) + (sum0 << 24);
+ switch(N){
+ case 3: sum3 += (z[2] << 8);
+ case 2: sum3 += (z[1] << 16);
+ case 1: sum3 += (z[0] << 24);
+ default: ;
+ }
+ return sum3;
+}
+
+/*
+** Apply a delta.
+**
+** The output buffer should be big enough to hold the whole output
+** file and a NUL terminator at the end. The delta_output_size()
+** routine will determine this size for you.
+**
+** The delta string should be null-terminated. But the delta string
+** may contain embedded NUL characters (if the input and output are
+** binary files) so we also have to pass in the length of the delta in
+** the lenDelta parameter.
+**
+** This function returns the size of the output file in bytes (excluding
+** the final NUL terminator character). Except, if the delta string is
+** malformed or intended for use with a source file other than zSrc,
+** then this routine returns -1.
+**
+** Refer to the delta_create() documentation above for a description
+** of the delta file format.
+*/
+static int rbuDeltaApply(
+ const char *zSrc, /* The source or pattern file */
+ int lenSrc, /* Length of the source file */
+ const char *zDelta, /* Delta to apply to the pattern */
+ int lenDelta, /* Length of the delta */
+ char *zOut /* Write the output into this preallocated buffer */
+){
+ unsigned int limit;
+ unsigned int total = 0;
+#ifndef FOSSIL_OMIT_DELTA_CKSUM_TEST
+ char *zOrigOut = zOut;
+#endif
+
+ limit = rbuDeltaGetInt(&zDelta, &lenDelta);
+ if( *zDelta!='\n' ){
+ /* ERROR: size integer not terminated by "\n" */
+ return -1;
+ }
+ zDelta++; lenDelta--;
+ while( *zDelta && lenDelta>0 ){
+ unsigned int cnt, ofst;
+ cnt = rbuDeltaGetInt(&zDelta, &lenDelta);
+ switch( zDelta[0] ){
+ case '@': {
+ zDelta++; lenDelta--;
+ ofst = rbuDeltaGetInt(&zDelta, &lenDelta);
+ if( lenDelta>0 && zDelta[0]!=',' ){
+ /* ERROR: copy command not terminated by ',' */
+ return -1;
+ }
+ zDelta++; lenDelta--;
+ total += cnt;
+ if( total>limit ){
+ /* ERROR: copy exceeds output file size */
+ return -1;
+ }
+ if( (int)(ofst+cnt) > lenSrc ){
+ /* ERROR: copy extends past end of input */
+ return -1;
+ }
+ memcpy(zOut, &zSrc[ofst], cnt);
+ zOut += cnt;
+ break;
+ }
+ case ':': {
+ zDelta++; lenDelta--;
+ total += cnt;
+ if( total>limit ){
+ /* ERROR: insert command gives an output larger than predicted */
+ return -1;
+ }
+ if( (int)cnt>lenDelta ){
+ /* ERROR: insert count exceeds size of delta */
+ return -1;
+ }
+ memcpy(zOut, zDelta, cnt);
+ zOut += cnt;
+ zDelta += cnt;
+ lenDelta -= cnt;
+ break;
+ }
+ case ';': {
+ zDelta++; lenDelta--;
+ zOut[0] = 0;
+#ifndef FOSSIL_OMIT_DELTA_CKSUM_TEST
+ if( cnt!=rbuDeltaChecksum(zOrigOut, total) ){
+ /* ERROR: bad checksum */
+ return -1;
+ }
+#endif
+ if( total!=limit ){
+ /* ERROR: generated size does not match predicted size */
+ return -1;
+ }
+ return total;
+ }
+ default: {
+ /* ERROR: unknown delta operator */
+ return -1;
+ }
+ }
+ }
+ /* ERROR: unterminated delta */
+ return -1;
+}
+
+static int rbuDeltaOutputSize(const char *zDelta, int lenDelta){
+ int size;
+ size = rbuDeltaGetInt(&zDelta, &lenDelta);
+ if( *zDelta!='\n' ){
+ /* ERROR: size integer not terminated by "\n" */
+ return -1;
+ }
+ return size;
+}
+
+/*
+** End of code taken from fossil.
+*************************************************************************/
+
+/*
+** Implementation of SQL scalar function rbu_fossil_delta().
+**
+** This function applies a fossil delta patch to a blob. Exactly two
+** arguments must be passed to this function. The first is the blob to
+** patch and the second the patch to apply. If no error occurs, this
+** function returns the patched blob.
+*/
+static void rbuFossilDeltaFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const char *aDelta;
+ int nDelta;
+ const char *aOrig;
+ int nOrig;
+
+ int nOut;
+ int nOut2;
+ char *aOut;
+
+ assert( argc==2 );
+
+ nOrig = sqlite3_value_bytes(argv[0]);
+ aOrig = (const char*)sqlite3_value_blob(argv[0]);
+ nDelta = sqlite3_value_bytes(argv[1]);
+ aDelta = (const char*)sqlite3_value_blob(argv[1]);
+
+ /* Figure out the size of the output */
+ nOut = rbuDeltaOutputSize(aDelta, nDelta);
+ if( nOut<0 ){
+ sqlite3_result_error(context, "corrupt fossil delta", -1);
+ return;
+ }
+
+ aOut = sqlite3_malloc(nOut+1);
+ if( aOut==0 ){
+ sqlite3_result_error_nomem(context);
+ }else{
+ nOut2 = rbuDeltaApply(aOrig, nOrig, aDelta, nDelta, aOut);
+ if( nOut2!=nOut ){
+ sqlite3_result_error(context, "corrupt fossil delta", -1);
+ }else{
+ sqlite3_result_blob(context, aOut, nOut, sqlite3_free);
+ }
+ }
+}
+
+
+/*
+** Prepare the SQL statement in buffer zSql against database handle db.
+** If successful, set *ppStmt to point to the new statement and return
+** SQLITE_OK.
+**
+** Otherwise, if an error does occur, set *ppStmt to NULL and return
+** an SQLite error code. Additionally, set output variable *pzErrmsg to
+** point to a buffer containing an error message. It is the responsibility
+** of the caller to (eventually) free this buffer using sqlite3_free().
+*/
+static int prepareAndCollectError(
+ sqlite3 *db,
+ sqlite3_stmt **ppStmt,
+ char **pzErrmsg,
+ const char *zSql
+){
+ int rc = sqlite3_prepare_v2(db, zSql, -1, ppStmt, 0);
+ if( rc!=SQLITE_OK ){
+ *pzErrmsg = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ *ppStmt = 0;
+ }
+ return rc;
+}
+
+/*
+** Reset the SQL statement passed as the first argument. Return a copy
+** of the value returned by sqlite3_reset().
+**
+** If an error has occurred, then set *pzErrmsg to point to a buffer
+** containing an error message. It is the responsibility of the caller
+** to eventually free this buffer using sqlite3_free().
+*/
+static int resetAndCollectError(sqlite3_stmt *pStmt, char **pzErrmsg){
+ int rc = sqlite3_reset(pStmt);
+ if( rc!=SQLITE_OK ){
+ *pzErrmsg = sqlite3_mprintf("%s", sqlite3_errmsg(sqlite3_db_handle(pStmt)));
+ }
+ return rc;
+}
+
+/*
+** Unless it is NULL, argument zSql points to a buffer allocated using
+** sqlite3_malloc containing an SQL statement. This function prepares the SQL
+** statement against database db and frees the buffer. If statement
+** compilation is successful, *ppStmt is set to point to the new statement
+** handle and SQLITE_OK is returned.
+**
+** Otherwise, if an error occurs, *ppStmt is set to NULL and an error code
+** returned. In this case, *pzErrmsg may also be set to point to an error
+** message. It is the responsibility of the caller to free this error message
+** buffer using sqlite3_free().
+**
+** If argument zSql is NULL, this function assumes that an OOM has occurred.
+** In this case SQLITE_NOMEM is returned and *ppStmt set to NULL.
+*/
+static int prepareFreeAndCollectError(
+ sqlite3 *db,
+ sqlite3_stmt **ppStmt,
+ char **pzErrmsg,
+ char *zSql
+){
+ int rc;
+ assert( *pzErrmsg==0 );
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ *ppStmt = 0;
+ }else{
+ rc = prepareAndCollectError(db, ppStmt, pzErrmsg, zSql);
+ sqlite3_free(zSql);
+ }
+ return rc;
+}
+
+/*
+** Free the RbuObjIter.azTblCol[] and RbuObjIter.abTblPk[] arrays allocated
+** by an earlier call to rbuObjIterCacheTableInfo().
+*/
+static void rbuObjIterFreeCols(RbuObjIter *pIter){
+ int i;
+ for(i=0; i<pIter->nTblCol; i++){
+ sqlite3_free(pIter->azTblCol[i]);
+ sqlite3_free(pIter->azTblType[i]);
+ }
+ sqlite3_free(pIter->azTblCol);
+ pIter->azTblCol = 0;
+ pIter->azTblType = 0;
+ pIter->aiSrcOrder = 0;
+ pIter->abTblPk = 0;
+ pIter->abNotNull = 0;
+ pIter->nTblCol = 0;
+ pIter->eType = 0; /* Invalid value */
+}
+
+/*
+** Finalize all statements and free all allocations that are specific to
+** the current object (table/index pair).
+*/
+static void rbuObjIterClearStatements(RbuObjIter *pIter){
+ RbuUpdateStmt *pUp;
+
+ sqlite3_finalize(pIter->pSelect);
+ sqlite3_finalize(pIter->pInsert);
+ sqlite3_finalize(pIter->pDelete);
+ sqlite3_finalize(pIter->pTmpInsert);
+ pUp = pIter->pRbuUpdate;
+ while( pUp ){
+ RbuUpdateStmt *pTmp = pUp->pNext;
+ sqlite3_finalize(pUp->pUpdate);
+ sqlite3_free(pUp);
+ pUp = pTmp;
+ }
+
+ pIter->pSelect = 0;
+ pIter->pInsert = 0;
+ pIter->pDelete = 0;
+ pIter->pRbuUpdate = 0;
+ pIter->pTmpInsert = 0;
+ pIter->nCol = 0;
+}
+
+/*
+** Clean up any resources allocated as part of the iterator object passed
+** as the only argument.
+*/
+static void rbuObjIterFinalize(RbuObjIter *pIter){
+ rbuObjIterClearStatements(pIter);
+ sqlite3_finalize(pIter->pTblIter);
+ sqlite3_finalize(pIter->pIdxIter);
+ rbuObjIterFreeCols(pIter);
+ memset(pIter, 0, sizeof(RbuObjIter));
+}
+
+/*
+** Advance the iterator to the next position.
+**
+** If no error occurs, SQLITE_OK is returned and the iterator is left
+** pointing to the next entry. Otherwise, an error code and message is
+** left in the RBU handle passed as the first argument. A copy of the
+** error code is returned.
+*/
+static int rbuObjIterNext(sqlite3rbu *p, RbuObjIter *pIter){
+ int rc = p->rc;
+ if( rc==SQLITE_OK ){
+
+ /* Free any SQLite statements used while processing the previous object */
+ rbuObjIterClearStatements(pIter);
+ if( pIter->zIdx==0 ){
+ rc = sqlite3_exec(p->dbMain,
+ "DROP TRIGGER IF EXISTS temp.rbu_insert_tr;"
+ "DROP TRIGGER IF EXISTS temp.rbu_update1_tr;"
+ "DROP TRIGGER IF EXISTS temp.rbu_update2_tr;"
+ "DROP TRIGGER IF EXISTS temp.rbu_delete_tr;"
+ , 0, 0, &p->zErrmsg
+ );
+ }
+
+ if( rc==SQLITE_OK ){
+ if( pIter->bCleanup ){
+ rbuObjIterFreeCols(pIter);
+ pIter->bCleanup = 0;
+ rc = sqlite3_step(pIter->pTblIter);
+ if( rc!=SQLITE_ROW ){
+ rc = resetAndCollectError(pIter->pTblIter, &p->zErrmsg);
+ pIter->zTbl = 0;
+ }else{
+ pIter->zTbl = (const char*)sqlite3_column_text(pIter->pTblIter, 0);
+ pIter->zDataTbl = (const char*)sqlite3_column_text(pIter->pTblIter,1);
+ rc = (pIter->zDataTbl && pIter->zTbl) ? SQLITE_OK : SQLITE_NOMEM;
+ }
+ }else{
+ if( pIter->zIdx==0 ){
+ sqlite3_stmt *pIdx = pIter->pIdxIter;
+ rc = sqlite3_bind_text(pIdx, 1, pIter->zTbl, -1, SQLITE_STATIC);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_step(pIter->pIdxIter);
+ if( rc!=SQLITE_ROW ){
+ rc = resetAndCollectError(pIter->pIdxIter, &p->zErrmsg);
+ pIter->bCleanup = 1;
+ pIter->zIdx = 0;
+ }else{
+ pIter->zIdx = (const char*)sqlite3_column_text(pIter->pIdxIter, 0);
+ pIter->iTnum = sqlite3_column_int(pIter->pIdxIter, 1);
+ pIter->bUnique = sqlite3_column_int(pIter->pIdxIter, 2);
+ rc = pIter->zIdx ? SQLITE_OK : SQLITE_NOMEM;
+ }
+ }
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ rbuObjIterFinalize(pIter);
+ p->rc = rc;
+ }
+ return rc;
+}
+
+
+/*
+** The implementation of the rbu_target_name() SQL function. This function
+** accepts one argument - the name of a table in the RBU database. If the
+** table name matches the pattern:
+**
+** data[0-9]_<name>
+**
+** where <name> is any sequence of 1 or more characters, <name> is returned.
+** Otherwise, if the only argument does not match the above pattern, an SQL
+** NULL is returned.
+**
+** "data_t1" -> "t1"
+** "data0123_t2" -> "t2"
+** "dataAB_t3" -> NULL
+*/
+static void rbuTargetNameFunc(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ const char *zIn;
+ assert( argc==1 );
+
+ zIn = (const char*)sqlite3_value_text(argv[0]);
+ if( zIn && strlen(zIn)>4 && memcmp("data", zIn, 4)==0 ){
+ int i;
+ for(i=4; zIn[i]>='0' && zIn[i]<='9'; i++);
+ if( zIn[i]=='_' && zIn[i+1] ){
+ sqlite3_result_text(context, &zIn[i+1], -1, SQLITE_STATIC);
+ }
+ }
+}
+
+/*
+** Initialize the iterator structure passed as the second argument.
+**
+** If no error occurs, SQLITE_OK is returned and the iterator is left
+** pointing to the first entry. Otherwise, an error code and message is
+** left in the RBU handle passed as the first argument. A copy of the
+** error code is returned.
+*/
+static int rbuObjIterFirst(sqlite3rbu *p, RbuObjIter *pIter){
+ int rc;
+ memset(pIter, 0, sizeof(RbuObjIter));
+
+ rc = prepareAndCollectError(p->dbRbu, &pIter->pTblIter, &p->zErrmsg,
+ "SELECT rbu_target_name(name) AS target, name FROM sqlite_master "
+ "WHERE type IN ('table', 'view') AND target IS NOT NULL "
+ "ORDER BY name"
+ );
+
+ if( rc==SQLITE_OK ){
+ rc = prepareAndCollectError(p->dbMain, &pIter->pIdxIter, &p->zErrmsg,
+ "SELECT name, rootpage, sql IS NULL OR substr(8, 6)=='UNIQUE' "
+ " FROM main.sqlite_master "
+ " WHERE type='index' AND tbl_name = ?"
+ );
+ }
+
+ pIter->bCleanup = 1;
+ p->rc = rc;
+ return rbuObjIterNext(p, pIter);
+}
+
+/*
+** This is a wrapper around "sqlite3_mprintf(zFmt, ...)". If an OOM occurs,
+** an error code is stored in the RBU handle passed as the first argument.
+**
+** If an error has already occurred (p->rc is already set to something other
+** than SQLITE_OK), then this function returns NULL without modifying the
+** stored error code. In this case it still calls sqlite3_free() on any
+** printf() parameters associated with %z conversions.
+*/
+static char *rbuMPrintf(sqlite3rbu *p, const char *zFmt, ...){
+ char *zSql = 0;
+ va_list ap;
+ va_start(ap, zFmt);
+ zSql = sqlite3_vmprintf(zFmt, ap);
+ if( p->rc==SQLITE_OK ){
+ if( zSql==0 ) p->rc = SQLITE_NOMEM;
+ }else{
+ sqlite3_free(zSql);
+ zSql = 0;
+ }
+ va_end(ap);
+ return zSql;
+}
+
+/*
+** Argument zFmt is a sqlite3_mprintf() style format string. The trailing
+** arguments are the usual subsitution values. This function performs
+** the printf() style substitutions and executes the result as an SQL
+** statement on the RBU handles database.
+**
+** If an error occurs, an error code and error message is stored in the
+** RBU handle. If an error has already occurred when this function is
+** called, it is a no-op.
+*/
+static int rbuMPrintfExec(sqlite3rbu *p, sqlite3 *db, const char *zFmt, ...){
+ va_list ap;
+ char *zSql;
+ va_start(ap, zFmt);
+ zSql = sqlite3_vmprintf(zFmt, ap);
+ if( p->rc==SQLITE_OK ){
+ if( zSql==0 ){
+ p->rc = SQLITE_NOMEM;
+ }else{
+ p->rc = sqlite3_exec(db, zSql, 0, 0, &p->zErrmsg);
+ }
+ }
+ sqlite3_free(zSql);
+ va_end(ap);
+ return p->rc;
+}
+
+/*
+** Attempt to allocate and return a pointer to a zeroed block of nByte
+** bytes.
+**
+** If an error (i.e. an OOM condition) occurs, return NULL and leave an
+** error code in the rbu handle passed as the first argument. Or, if an
+** error has already occurred when this function is called, return NULL
+** immediately without attempting the allocation or modifying the stored
+** error code.
+*/
+static void *rbuMalloc(sqlite3rbu *p, int nByte){
+ void *pRet = 0;
+ if( p->rc==SQLITE_OK ){
+ assert( nByte>0 );
+ pRet = sqlite3_malloc(nByte);
+ if( pRet==0 ){
+ p->rc = SQLITE_NOMEM;
+ }else{
+ memset(pRet, 0, nByte);
+ }
+ }
+ return pRet;
+}
+
+
+/*
+** Allocate and zero the pIter->azTblCol[] and abTblPk[] arrays so that
+** there is room for at least nCol elements. If an OOM occurs, store an
+** error code in the RBU handle passed as the first argument.
+*/
+static void rbuAllocateIterArrays(sqlite3rbu *p, RbuObjIter *pIter, int nCol){
+ int nByte = (2*sizeof(char*) + sizeof(int) + 3*sizeof(u8)) * nCol;
+ char **azNew;
+
+ azNew = (char**)rbuMalloc(p, nByte);
+ if( azNew ){
+ pIter->azTblCol = azNew;
+ pIter->azTblType = &azNew[nCol];
+ pIter->aiSrcOrder = (int*)&pIter->azTblType[nCol];
+ pIter->abTblPk = (u8*)&pIter->aiSrcOrder[nCol];
+ pIter->abNotNull = (u8*)&pIter->abTblPk[nCol];
+ pIter->abIndexed = (u8*)&pIter->abNotNull[nCol];
+ }
+}
+
+/*
+** The first argument must be a nul-terminated string. This function
+** returns a copy of the string in memory obtained from sqlite3_malloc().
+** It is the responsibility of the caller to eventually free this memory
+** using sqlite3_free().
+**
+** If an OOM condition is encountered when attempting to allocate memory,
+** output variable (*pRc) is set to SQLITE_NOMEM before returning. Otherwise,
+** if the allocation succeeds, (*pRc) is left unchanged.
+*/
+static char *rbuStrndup(const char *zStr, int *pRc){
+ char *zRet = 0;
+
+ assert( *pRc==SQLITE_OK );
+ if( zStr ){
+ int nCopy = strlen(zStr) + 1;
+ zRet = (char*)sqlite3_malloc(nCopy);
+ if( zRet ){
+ memcpy(zRet, zStr, nCopy);
+ }else{
+ *pRc = SQLITE_NOMEM;
+ }
+ }
+
+ return zRet;
+}
+
+/*
+** Finalize the statement passed as the second argument.
+**
+** If the sqlite3_finalize() call indicates that an error occurs, and the
+** rbu handle error code is not already set, set the error code and error
+** message accordingly.
+*/
+static void rbuFinalize(sqlite3rbu *p, sqlite3_stmt *pStmt){
+ sqlite3 *db = sqlite3_db_handle(pStmt);
+ int rc = sqlite3_finalize(pStmt);
+ if( p->rc==SQLITE_OK && rc!=SQLITE_OK ){
+ p->rc = rc;
+ p->zErrmsg = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ }
+}
+
+/* Determine the type of a table.
+**
+** peType is of type (int*), a pointer to an output parameter of type
+** (int). This call sets the output parameter as follows, depending
+** on the type of the table specified by parameters dbName and zTbl.
+**
+** RBU_PK_NOTABLE: No such table.
+** RBU_PK_NONE: Table has an implicit rowid.
+** RBU_PK_IPK: Table has an explicit IPK column.
+** RBU_PK_EXTERNAL: Table has an external PK index.
+** RBU_PK_WITHOUT_ROWID: Table is WITHOUT ROWID.
+** RBU_PK_VTAB: Table is a virtual table.
+**
+** Argument *piPk is also of type (int*), and also points to an output
+** parameter. Unless the table has an external primary key index
+** (i.e. unless *peType is set to 3), then *piPk is set to zero. Or,
+** if the table does have an external primary key index, then *piPk
+** is set to the root page number of the primary key index before
+** returning.
+**
+** ALGORITHM:
+**
+** if( no entry exists in sqlite_master ){
+** return RBU_PK_NOTABLE
+** }else if( sql for the entry starts with "CREATE VIRTUAL" ){
+** return RBU_PK_VTAB
+** }else if( "PRAGMA index_list()" for the table contains a "pk" index ){
+** if( the index that is the pk exists in sqlite_master ){
+** *piPK = rootpage of that index.
+** return RBU_PK_EXTERNAL
+** }else{
+** return RBU_PK_WITHOUT_ROWID
+** }
+** }else if( "PRAGMA table_info()" lists one or more "pk" columns ){
+** return RBU_PK_IPK
+** }else{
+** return RBU_PK_NONE
+** }
+*/
+static void rbuTableType(
+ sqlite3rbu *p,
+ const char *zTab,
+ int *peType,
+ int *piTnum,
+ int *piPk
+){
+ /*
+ ** 0) SELECT count(*) FROM sqlite_master where name=%Q AND IsVirtual(%Q)
+ ** 1) PRAGMA index_list = ?
+ ** 2) SELECT count(*) FROM sqlite_master where name=%Q
+ ** 3) PRAGMA table_info = ?
+ */
+ sqlite3_stmt *aStmt[4] = {0, 0, 0, 0};
+
+ *peType = RBU_PK_NOTABLE;
+ *piPk = 0;
+
+ assert( p->rc==SQLITE_OK );
+ p->rc = prepareFreeAndCollectError(p->dbMain, &aStmt[0], &p->zErrmsg,
+ sqlite3_mprintf(
+ "SELECT (sql LIKE 'create virtual%%'), rootpage"
+ " FROM sqlite_master"
+ " WHERE name=%Q", zTab
+ ));
+ if( p->rc!=SQLITE_OK || sqlite3_step(aStmt[0])!=SQLITE_ROW ){
+ /* Either an error, or no such table. */
+ goto rbuTableType_end;
+ }
+ if( sqlite3_column_int(aStmt[0], 0) ){
+ *peType = RBU_PK_VTAB; /* virtual table */
+ goto rbuTableType_end;
+ }
+ *piTnum = sqlite3_column_int(aStmt[0], 1);
+
+ p->rc = prepareFreeAndCollectError(p->dbMain, &aStmt[1], &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA index_list=%Q",zTab)
+ );
+ if( p->rc ) goto rbuTableType_end;
+ while( sqlite3_step(aStmt[1])==SQLITE_ROW ){
+ const u8 *zOrig = sqlite3_column_text(aStmt[1], 3);
+ const u8 *zIdx = sqlite3_column_text(aStmt[1], 1);
+ if( zOrig && zIdx && zOrig[0]=='p' ){
+ p->rc = prepareFreeAndCollectError(p->dbMain, &aStmt[2], &p->zErrmsg,
+ sqlite3_mprintf(
+ "SELECT rootpage FROM sqlite_master WHERE name = %Q", zIdx
+ ));
+ if( p->rc==SQLITE_OK ){
+ if( sqlite3_step(aStmt[2])==SQLITE_ROW ){
+ *piPk = sqlite3_column_int(aStmt[2], 0);
+ *peType = RBU_PK_EXTERNAL;
+ }else{
+ *peType = RBU_PK_WITHOUT_ROWID;
+ }
+ }
+ goto rbuTableType_end;
+ }
+ }
+
+ p->rc = prepareFreeAndCollectError(p->dbMain, &aStmt[3], &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA table_info=%Q",zTab)
+ );
+ if( p->rc==SQLITE_OK ){
+ while( sqlite3_step(aStmt[3])==SQLITE_ROW ){
+ if( sqlite3_column_int(aStmt[3],5)>0 ){
+ *peType = RBU_PK_IPK; /* explicit IPK column */
+ goto rbuTableType_end;
+ }
+ }
+ *peType = RBU_PK_NONE;
+ }
+
+rbuTableType_end: {
+ unsigned int i;
+ for(i=0; i<sizeof(aStmt)/sizeof(aStmt[0]); i++){
+ rbuFinalize(p, aStmt[i]);
+ }
+ }
+}
+
+/*
+** This is a helper function for rbuObjIterCacheTableInfo(). It populates
+** the pIter->abIndexed[] array.
+*/
+static void rbuObjIterCacheIndexedCols(sqlite3rbu *p, RbuObjIter *pIter){
+ sqlite3_stmt *pList = 0;
+ int bIndex = 0;
+
+ if( p->rc==SQLITE_OK ){
+ memcpy(pIter->abIndexed, pIter->abTblPk, sizeof(u8)*pIter->nTblCol);
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pList, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA main.index_list = %Q", pIter->zTbl)
+ );
+ }
+
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pList) ){
+ const char *zIdx = (const char*)sqlite3_column_text(pList, 1);
+ sqlite3_stmt *pXInfo = 0;
+ if( zIdx==0 ) break;
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pXInfo, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA main.index_xinfo = %Q", zIdx)
+ );
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pXInfo) ){
+ int iCid = sqlite3_column_int(pXInfo, 1);
+ if( iCid>=0 ) pIter->abIndexed[iCid] = 1;
+ }
+ rbuFinalize(p, pXInfo);
+ bIndex = 1;
+ }
+
+ rbuFinalize(p, pList);
+ if( bIndex==0 ) pIter->abIndexed = 0;
+}
+
+
+/*
+** If they are not already populated, populate the pIter->azTblCol[],
+** pIter->abTblPk[], pIter->nTblCol and pIter->bRowid variables according to
+** the table (not index) that the iterator currently points to.
+**
+** Return SQLITE_OK if successful, or an SQLite error code otherwise. If
+** an error does occur, an error code and error message are also left in
+** the RBU handle.
+*/
+static int rbuObjIterCacheTableInfo(sqlite3rbu *p, RbuObjIter *pIter){
+ if( pIter->azTblCol==0 ){
+ sqlite3_stmt *pStmt = 0;
+ int nCol = 0;
+ int i; /* for() loop iterator variable */
+ int bRbuRowid = 0; /* If input table has column "rbu_rowid" */
+ int iOrder = 0;
+ int iTnum = 0;
+
+ /* Figure out the type of table this step will deal with. */
+ assert( pIter->eType==0 );
+ rbuTableType(p, pIter->zTbl, &pIter->eType, &iTnum, &pIter->iPkTnum);
+ if( p->rc==SQLITE_OK && pIter->eType==RBU_PK_NOTABLE ){
+ p->rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf("no such table: %s", pIter->zTbl);
+ }
+ if( p->rc ) return p->rc;
+ if( pIter->zIdx==0 ) pIter->iTnum = iTnum;
+
+ assert( pIter->eType==RBU_PK_NONE || pIter->eType==RBU_PK_IPK
+ || pIter->eType==RBU_PK_EXTERNAL || pIter->eType==RBU_PK_WITHOUT_ROWID
+ || pIter->eType==RBU_PK_VTAB
+ );
+
+ /* Populate the azTblCol[] and nTblCol variables based on the columns
+ ** of the input table. Ignore any input table columns that begin with
+ ** "rbu_". */
+ p->rc = prepareFreeAndCollectError(p->dbRbu, &pStmt, &p->zErrmsg,
+ sqlite3_mprintf("SELECT * FROM '%q'", pIter->zDataTbl)
+ );
+ if( p->rc==SQLITE_OK ){
+ nCol = sqlite3_column_count(pStmt);
+ rbuAllocateIterArrays(p, pIter, nCol);
+ }
+ for(i=0; p->rc==SQLITE_OK && i<nCol; i++){
+ const char *zName = (const char*)sqlite3_column_name(pStmt, i);
+ if( sqlite3_strnicmp("rbu_", zName, 4) ){
+ char *zCopy = rbuStrndup(zName, &p->rc);
+ pIter->aiSrcOrder[pIter->nTblCol] = pIter->nTblCol;
+ pIter->azTblCol[pIter->nTblCol++] = zCopy;
+ }
+ else if( 0==sqlite3_stricmp("rbu_rowid", zName) ){
+ bRbuRowid = 1;
+ }
+ }
+ sqlite3_finalize(pStmt);
+ pStmt = 0;
+
+ if( p->rc==SQLITE_OK
+ && bRbuRowid!=(pIter->eType==RBU_PK_VTAB || pIter->eType==RBU_PK_NONE)
+ ){
+ p->rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf(
+ "table %q %s rbu_rowid column", pIter->zDataTbl,
+ (bRbuRowid ? "may not have" : "requires")
+ );
+ }
+
+ /* Check that all non-HIDDEN columns in the destination table are also
+ ** present in the input table. Populate the abTblPk[], azTblType[] and
+ ** aiTblOrder[] arrays at the same time. */
+ if( p->rc==SQLITE_OK ){
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pStmt, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA table_info(%Q)", pIter->zTbl)
+ );
+ }
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pStmt) ){
+ const char *zName = (const char*)sqlite3_column_text(pStmt, 1);
+ if( zName==0 ) break; /* An OOM - finalize() below returns S_NOMEM */
+ for(i=iOrder; i<pIter->nTblCol; i++){
+ if( 0==strcmp(zName, pIter->azTblCol[i]) ) break;
+ }
+ if( i==pIter->nTblCol ){
+ p->rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf("column missing from %q: %s",
+ pIter->zDataTbl, zName
+ );
+ }else{
+ int iPk = sqlite3_column_int(pStmt, 5);
+ int bNotNull = sqlite3_column_int(pStmt, 3);
+ const char *zType = (const char*)sqlite3_column_text(pStmt, 2);
+
+ if( i!=iOrder ){
+ SWAP(int, pIter->aiSrcOrder[i], pIter->aiSrcOrder[iOrder]);
+ SWAP(char*, pIter->azTblCol[i], pIter->azTblCol[iOrder]);
+ }
+
+ pIter->azTblType[iOrder] = rbuStrndup(zType, &p->rc);
+ pIter->abTblPk[iOrder] = (iPk!=0);
+ pIter->abNotNull[iOrder] = (u8)bNotNull || (iPk!=0);
+ iOrder++;
+ }
+ }
+
+ rbuFinalize(p, pStmt);
+ rbuObjIterCacheIndexedCols(p, pIter);
+ assert( pIter->eType!=RBU_PK_VTAB || pIter->abIndexed==0 );
+ }
+
+ return p->rc;
+}
+
+/*
+** This function constructs and returns a pointer to a nul-terminated
+** string containing some SQL clause or list based on one or more of the
+** column names currently stored in the pIter->azTblCol[] array.
+*/
+static char *rbuObjIterGetCollist(
+ sqlite3rbu *p, /* RBU object */
+ RbuObjIter *pIter /* Object iterator for column names */
+){
+ char *zList = 0;
+ const char *zSep = "";
+ int i;
+ for(i=0; i<pIter->nTblCol; i++){
+ const char *z = pIter->azTblCol[i];
+ zList = rbuMPrintf(p, "%z%s\"%w\"", zList, zSep, z);
+ zSep = ", ";
+ }
+ return zList;
+}
+
+/*
+** This function is used to create a SELECT list (the list of SQL
+** expressions that follows a SELECT keyword) for a SELECT statement
+** used to read from an data_xxx or rbu_tmp_xxx table while updating the
+** index object currently indicated by the iterator object passed as the
+** second argument. A "PRAGMA index_xinfo = <idxname>" statement is used
+** to obtain the required information.
+**
+** If the index is of the following form:
+**
+** CREATE INDEX i1 ON t1(c, b COLLATE nocase);
+**
+** and "t1" is a table with an explicit INTEGER PRIMARY KEY column
+** "ipk", the returned string is:
+**
+** "`c` COLLATE 'BINARY', `b` COLLATE 'NOCASE', `ipk` COLLATE 'BINARY'"
+**
+** As well as the returned string, three other malloc'd strings are
+** returned via output parameters. As follows:
+**
+** pzImposterCols: ...
+** pzImposterPk: ...
+** pzWhere: ...
+*/
+static char *rbuObjIterGetIndexCols(
+ sqlite3rbu *p, /* RBU object */
+ RbuObjIter *pIter, /* Object iterator for column names */
+ char **pzImposterCols, /* OUT: Columns for imposter table */
+ char **pzImposterPk, /* OUT: Imposter PK clause */
+ char **pzWhere, /* OUT: WHERE clause */
+ int *pnBind /* OUT: Trbul number of columns */
+){
+ int rc = p->rc; /* Error code */
+ int rc2; /* sqlite3_finalize() return code */
+ char *zRet = 0; /* String to return */
+ char *zImpCols = 0; /* String to return via *pzImposterCols */
+ char *zImpPK = 0; /* String to return via *pzImposterPK */
+ char *zWhere = 0; /* String to return via *pzWhere */
+ int nBind = 0; /* Value to return via *pnBind */
+ const char *zCom = ""; /* Set to ", " later on */
+ const char *zAnd = ""; /* Set to " AND " later on */
+ sqlite3_stmt *pXInfo = 0; /* PRAGMA index_xinfo = ? */
+
+ if( rc==SQLITE_OK ){
+ assert( p->zErrmsg==0 );
+ rc = prepareFreeAndCollectError(p->dbMain, &pXInfo, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA main.index_xinfo = %Q", pIter->zIdx)
+ );
+ }
+
+ while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pXInfo) ){
+ int iCid = sqlite3_column_int(pXInfo, 1);
+ int bDesc = sqlite3_column_int(pXInfo, 3);
+ const char *zCollate = (const char*)sqlite3_column_text(pXInfo, 4);
+ const char *zCol;
+ const char *zType;
+
+ if( iCid<0 ){
+ /* An integer primary key. If the table has an explicit IPK, use
+ ** its name. Otherwise, use "rbu_rowid". */
+ if( pIter->eType==RBU_PK_IPK ){
+ int i;
+ for(i=0; pIter->abTblPk[i]==0; i++);
+ assert( i<pIter->nTblCol );
+ zCol = pIter->azTblCol[i];
+ }else{
+ zCol = "rbu_rowid";
+ }
+ zType = "INTEGER";
+ }else{
+ zCol = pIter->azTblCol[iCid];
+ zType = pIter->azTblType[iCid];
+ }
+
+ zRet = sqlite3_mprintf("%z%s\"%w\" COLLATE %Q", zRet, zCom, zCol, zCollate);
+ if( pIter->bUnique==0 || sqlite3_column_int(pXInfo, 5) ){
+ const char *zOrder = (bDesc ? " DESC" : "");
+ zImpPK = sqlite3_mprintf("%z%s\"rbu_imp_%d%w\"%s",
+ zImpPK, zCom, nBind, zCol, zOrder
+ );
+ }
+ zImpCols = sqlite3_mprintf("%z%s\"rbu_imp_%d%w\" %s COLLATE %Q",
+ zImpCols, zCom, nBind, zCol, zType, zCollate
+ );
+ zWhere = sqlite3_mprintf(
+ "%z%s\"rbu_imp_%d%w\" IS ?", zWhere, zAnd, nBind, zCol
+ );
+ if( zRet==0 || zImpPK==0 || zImpCols==0 || zWhere==0 ) rc = SQLITE_NOMEM;
+ zCom = ", ";
+ zAnd = " AND ";
+ nBind++;
+ }
+
+ rc2 = sqlite3_finalize(pXInfo);
+ if( rc==SQLITE_OK ) rc = rc2;
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(zRet);
+ sqlite3_free(zImpCols);
+ sqlite3_free(zImpPK);
+ sqlite3_free(zWhere);
+ zRet = 0;
+ zImpCols = 0;
+ zImpPK = 0;
+ zWhere = 0;
+ p->rc = rc;
+ }
+
+ *pzImposterCols = zImpCols;
+ *pzImposterPk = zImpPK;
+ *pzWhere = zWhere;
+ *pnBind = nBind;
+ return zRet;
+}
+
+/*
+** Assuming the current table columns are "a", "b" and "c", and the zObj
+** paramter is passed "old", return a string of the form:
+**
+** "old.a, old.b, old.b"
+**
+** With the column names escaped.
+**
+** For tables with implicit rowids - RBU_PK_EXTERNAL and RBU_PK_NONE, append
+** the text ", old._rowid_" to the returned value.
+*/
+static char *rbuObjIterGetOldlist(
+ sqlite3rbu *p,
+ RbuObjIter *pIter,
+ const char *zObj
+){
+ char *zList = 0;
+ if( p->rc==SQLITE_OK && pIter->abIndexed ){
+ const char *zS = "";
+ int i;
+ for(i=0; i<pIter->nTblCol; i++){
+ if( pIter->abIndexed[i] ){
+ const char *zCol = pIter->azTblCol[i];
+ zList = sqlite3_mprintf("%z%s%s.\"%w\"", zList, zS, zObj, zCol);
+ }else{
+ zList = sqlite3_mprintf("%z%sNULL", zList, zS);
+ }
+ zS = ", ";
+ if( zList==0 ){
+ p->rc = SQLITE_NOMEM;
+ break;
+ }
+ }
+
+ /* For a table with implicit rowids, append "old._rowid_" to the list. */
+ if( pIter->eType==RBU_PK_EXTERNAL || pIter->eType==RBU_PK_NONE ){
+ zList = rbuMPrintf(p, "%z, %s._rowid_", zList, zObj);
+ }
+ }
+ return zList;
+}
+
+/*
+** Return an expression that can be used in a WHERE clause to match the
+** primary key of the current table. For example, if the table is:
+**
+** CREATE TABLE t1(a, b, c, PRIMARY KEY(b, c));
+**
+** Return the string:
+**
+** "b = ?1 AND c = ?2"
+*/
+static char *rbuObjIterGetWhere(
+ sqlite3rbu *p,
+ RbuObjIter *pIter
+){
+ char *zList = 0;
+ if( pIter->eType==RBU_PK_VTAB || pIter->eType==RBU_PK_NONE ){
+ zList = rbuMPrintf(p, "_rowid_ = ?%d", pIter->nTblCol+1);
+ }else if( pIter->eType==RBU_PK_EXTERNAL ){
+ const char *zSep = "";
+ int i;
+ for(i=0; i<pIter->nTblCol; i++){
+ if( pIter->abTblPk[i] ){
+ zList = rbuMPrintf(p, "%z%sc%d=?%d", zList, zSep, i, i+1);
+ zSep = " AND ";
+ }
+ }
+ zList = rbuMPrintf(p,
+ "_rowid_ = (SELECT id FROM rbu_imposter2 WHERE %z)", zList
+ );
+
+ }else{
+ const char *zSep = "";
+ int i;
+ for(i=0; i<pIter->nTblCol; i++){
+ if( pIter->abTblPk[i] ){
+ const char *zCol = pIter->azTblCol[i];
+ zList = rbuMPrintf(p, "%z%s\"%w\"=?%d", zList, zSep, zCol, i+1);
+ zSep = " AND ";
+ }
+ }
+ }
+ return zList;
+}
+
+/*
+** The SELECT statement iterating through the keys for the current object
+** (p->objiter.pSelect) currently points to a valid row. However, there
+** is something wrong with the rbu_control value in the rbu_control value
+** stored in the (p->nCol+1)'th column. Set the error code and error message
+** of the RBU handle to something reflecting this.
+*/
+static void rbuBadControlError(sqlite3rbu *p){
+ p->rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf("invalid rbu_control value");
+}
+
+
+/*
+** Return a nul-terminated string containing the comma separated list of
+** assignments that should be included following the "SET" keyword of
+** an UPDATE statement used to update the table object that the iterator
+** passed as the second argument currently points to if the rbu_control
+** column of the data_xxx table entry is set to zMask.
+**
+** The memory for the returned string is obtained from sqlite3_malloc().
+** It is the responsibility of the caller to eventually free it using
+** sqlite3_free().
+**
+** If an OOM error is encountered when allocating space for the new
+** string, an error code is left in the rbu handle passed as the first
+** argument and NULL is returned. Or, if an error has already occurred
+** when this function is called, NULL is returned immediately, without
+** attempting the allocation or modifying the stored error code.
+*/
+static char *rbuObjIterGetSetlist(
+ sqlite3rbu *p,
+ RbuObjIter *pIter,
+ const char *zMask
+){
+ char *zList = 0;
+ if( p->rc==SQLITE_OK ){
+ int i;
+
+ if( (int)strlen(zMask)!=pIter->nTblCol ){
+ rbuBadControlError(p);
+ }else{
+ const char *zSep = "";
+ for(i=0; i<pIter->nTblCol; i++){
+ char c = zMask[pIter->aiSrcOrder[i]];
+ if( c=='x' ){
+ zList = rbuMPrintf(p, "%z%s\"%w\"=?%d",
+ zList, zSep, pIter->azTblCol[i], i+1
+ );
+ zSep = ", ";
+ }
+ else if( c=='d' ){
+ zList = rbuMPrintf(p, "%z%s\"%w\"=rbu_delta(\"%w\", ?%d)",
+ zList, zSep, pIter->azTblCol[i], pIter->azTblCol[i], i+1
+ );
+ zSep = ", ";
+ }
+ else if( c=='f' ){
+ zList = rbuMPrintf(p, "%z%s\"%w\"=rbu_fossil_delta(\"%w\", ?%d)",
+ zList, zSep, pIter->azTblCol[i], pIter->azTblCol[i], i+1
+ );
+ zSep = ", ";
+ }
+ }
+ }
+ }
+ return zList;
+}
+
+/*
+** Return a nul-terminated string consisting of nByte comma separated
+** "?" expressions. For example, if nByte is 3, return a pointer to
+** a buffer containing the string "?,?,?".
+**
+** The memory for the returned string is obtained from sqlite3_malloc().
+** It is the responsibility of the caller to eventually free it using
+** sqlite3_free().
+**
+** If an OOM error is encountered when allocating space for the new
+** string, an error code is left in the rbu handle passed as the first
+** argument and NULL is returned. Or, if an error has already occurred
+** when this function is called, NULL is returned immediately, without
+** attempting the allocation or modifying the stored error code.
+*/
+static char *rbuObjIterGetBindlist(sqlite3rbu *p, int nBind){
+ char *zRet = 0;
+ int nByte = nBind*2 + 1;
+
+ zRet = (char*)rbuMalloc(p, nByte);
+ if( zRet ){
+ int i;
+ for(i=0; i<nBind; i++){
+ zRet[i*2] = '?';
+ zRet[i*2+1] = (i+1==nBind) ? '\0' : ',';
+ }
+ }
+ return zRet;
+}
+
+/*
+** The iterator currently points to a table (not index) of type
+** RBU_PK_WITHOUT_ROWID. This function creates the PRIMARY KEY
+** declaration for the corresponding imposter table. For example,
+** if the iterator points to a table created as:
+**
+** CREATE TABLE t1(a, b, c, PRIMARY KEY(b, a DESC)) WITHOUT ROWID
+**
+** this function returns:
+**
+** PRIMARY KEY("b", "a" DESC)
+*/
+static char *rbuWithoutRowidPK(sqlite3rbu *p, RbuObjIter *pIter){
+ char *z = 0;
+ assert( pIter->zIdx==0 );
+ if( p->rc==SQLITE_OK ){
+ const char *zSep = "PRIMARY KEY(";
+ sqlite3_stmt *pXList = 0; /* PRAGMA index_list = (pIter->zTbl) */
+ sqlite3_stmt *pXInfo = 0; /* PRAGMA index_xinfo = <pk-index> */
+
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pXList, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA main.index_list = %Q", pIter->zTbl)
+ );
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pXList) ){
+ const char *zOrig = (const char*)sqlite3_column_text(pXList,3);
+ if( zOrig && strcmp(zOrig, "pk")==0 ){
+ const char *zIdx = (const char*)sqlite3_column_text(pXList,1);
+ if( zIdx ){
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pXInfo, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA main.index_xinfo = %Q", zIdx)
+ );
+ }
+ break;
+ }
+ }
+ rbuFinalize(p, pXList);
+
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pXInfo) ){
+ if( sqlite3_column_int(pXInfo, 5) ){
+ /* int iCid = sqlite3_column_int(pXInfo, 0); */
+ const char *zCol = (const char*)sqlite3_column_text(pXInfo, 2);
+ const char *zDesc = sqlite3_column_int(pXInfo, 3) ? " DESC" : "";
+ z = rbuMPrintf(p, "%z%s\"%w\"%s", z, zSep, zCol, zDesc);
+ zSep = ", ";
+ }
+ }
+ z = rbuMPrintf(p, "%z)", z);
+ rbuFinalize(p, pXInfo);
+ }
+ return z;
+}
+
+/*
+** This function creates the second imposter table used when writing to
+** a table b-tree where the table has an external primary key. If the
+** iterator passed as the second argument does not currently point to
+** a table (not index) with an external primary key, this function is a
+** no-op.
+**
+** Assuming the iterator does point to a table with an external PK, this
+** function creates a WITHOUT ROWID imposter table named "rbu_imposter2"
+** used to access that PK index. For example, if the target table is
+** declared as follows:
+**
+** CREATE TABLE t1(a, b TEXT, c REAL, PRIMARY KEY(b, c));
+**
+** then the imposter table schema is:
+**
+** CREATE TABLE rbu_imposter2(c1 TEXT, c2 REAL, id INTEGER) WITHOUT ROWID;
+**
+*/
+static void rbuCreateImposterTable2(sqlite3rbu *p, RbuObjIter *pIter){
+ if( p->rc==SQLITE_OK && pIter->eType==RBU_PK_EXTERNAL ){
+ int tnum = pIter->iPkTnum; /* Root page of PK index */
+ sqlite3_stmt *pQuery = 0; /* SELECT name ... WHERE rootpage = $tnum */
+ const char *zIdx = 0; /* Name of PK index */
+ sqlite3_stmt *pXInfo = 0; /* PRAGMA main.index_xinfo = $zIdx */
+ const char *zComma = "";
+ char *zCols = 0; /* Used to build up list of table cols */
+ char *zPk = 0; /* Used to build up table PK declaration */
+
+ /* Figure out the name of the primary key index for the current table.
+ ** This is needed for the argument to "PRAGMA index_xinfo". Set
+ ** zIdx to point to a nul-terminated string containing this name. */
+ p->rc = prepareAndCollectError(p->dbMain, &pQuery, &p->zErrmsg,
+ "SELECT name FROM sqlite_master WHERE rootpage = ?"
+ );
+ if( p->rc==SQLITE_OK ){
+ sqlite3_bind_int(pQuery, 1, tnum);
+ if( SQLITE_ROW==sqlite3_step(pQuery) ){
+ zIdx = (const char*)sqlite3_column_text(pQuery, 0);
+ }
+ }
+ if( zIdx ){
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pXInfo, &p->zErrmsg,
+ sqlite3_mprintf("PRAGMA main.index_xinfo = %Q", zIdx)
+ );
+ }
+ rbuFinalize(p, pQuery);
+
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pXInfo) ){
+ int bKey = sqlite3_column_int(pXInfo, 5);
+ if( bKey ){
+ int iCid = sqlite3_column_int(pXInfo, 1);
+ int bDesc = sqlite3_column_int(pXInfo, 3);
+ const char *zCollate = (const char*)sqlite3_column_text(pXInfo, 4);
+ zCols = rbuMPrintf(p, "%z%sc%d %s COLLATE %s", zCols, zComma,
+ iCid, pIter->azTblType[iCid], zCollate
+ );
+ zPk = rbuMPrintf(p, "%z%sc%d%s", zPk, zComma, iCid, bDesc?" DESC":"");
+ zComma = ", ";
+ }
+ }
+ zCols = rbuMPrintf(p, "%z, id INTEGER", zCols);
+ rbuFinalize(p, pXInfo);
+
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 1, tnum);
+ rbuMPrintfExec(p, p->dbMain,
+ "CREATE TABLE rbu_imposter2(%z, PRIMARY KEY(%z)) WITHOUT ROWID",
+ zCols, zPk
+ );
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 0, 0);
+ }
+}
+
+/*
+** If an error has already occurred when this function is called, it
+** immediately returns zero (without doing any work). Or, if an error
+** occurs during the execution of this function, it sets the error code
+** in the sqlite3rbu object indicated by the first argument and returns
+** zero.
+**
+** The iterator passed as the second argument is guaranteed to point to
+** a table (not an index) when this function is called. This function
+** attempts to create any imposter table required to write to the main
+** table b-tree of the table before returning. Non-zero is returned if
+** an imposter table are created, or zero otherwise.
+**
+** An imposter table is required in all cases except RBU_PK_VTAB. Only
+** virtual tables are written to directly. The imposter table has the
+** same schema as the actual target table (less any UNIQUE constraints).
+** More precisely, the "same schema" means the same columns, types,
+** collation sequences. For tables that do not have an external PRIMARY
+** KEY, it also means the same PRIMARY KEY declaration.
+*/
+static void rbuCreateImposterTable(sqlite3rbu *p, RbuObjIter *pIter){
+ if( p->rc==SQLITE_OK && pIter->eType!=RBU_PK_VTAB ){
+ int tnum = pIter->iTnum;
+ const char *zComma = "";
+ char *zSql = 0;
+ int iCol;
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 0, 1);
+
+ for(iCol=0; p->rc==SQLITE_OK && iCol<pIter->nTblCol; iCol++){
+ const char *zPk = "";
+ const char *zCol = pIter->azTblCol[iCol];
+ const char *zColl = 0;
+
+ p->rc = sqlite3_table_column_metadata(
+ p->dbMain, "main", pIter->zTbl, zCol, 0, &zColl, 0, 0, 0
+ );
+
+ if( pIter->eType==RBU_PK_IPK && pIter->abTblPk[iCol] ){
+ /* If the target table column is an "INTEGER PRIMARY KEY", add
+ ** "PRIMARY KEY" to the imposter table column declaration. */
+ zPk = "PRIMARY KEY ";
+ }
+ zSql = rbuMPrintf(p, "%z%s\"%w\" %s %sCOLLATE %s%s",
+ zSql, zComma, zCol, pIter->azTblType[iCol], zPk, zColl,
+ (pIter->abNotNull[iCol] ? " NOT NULL" : "")
+ );
+ zComma = ", ";
+ }
+
+ if( pIter->eType==RBU_PK_WITHOUT_ROWID ){
+ char *zPk = rbuWithoutRowidPK(p, pIter);
+ if( zPk ){
+ zSql = rbuMPrintf(p, "%z, %z", zSql, zPk);
+ }
+ }
+
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 1, tnum);
+ rbuMPrintfExec(p, p->dbMain, "CREATE TABLE \"rbu_imp_%w\"(%z)%s",
+ pIter->zTbl, zSql,
+ (pIter->eType==RBU_PK_WITHOUT_ROWID ? " WITHOUT ROWID" : "")
+ );
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 0, 0);
+ }
+}
+
+/*
+** Prepare a statement used to insert rows into the "rbu_tmp_xxx" table.
+** Specifically a statement of the form:
+**
+** INSERT INTO rbu_tmp_xxx VALUES(?, ?, ? ...);
+**
+** The number of bound variables is equal to the number of columns in
+** the target table, plus one (for the rbu_control column), plus one more
+** (for the rbu_rowid column) if the target table is an implicit IPK or
+** virtual table.
+*/
+static void rbuObjIterPrepareTmpInsert(
+ sqlite3rbu *p,
+ RbuObjIter *pIter,
+ const char *zCollist,
+ const char *zRbuRowid
+){
+ int bRbuRowid = (pIter->eType==RBU_PK_EXTERNAL || pIter->eType==RBU_PK_NONE);
+ char *zBind = rbuObjIterGetBindlist(p, pIter->nTblCol + 1 + bRbuRowid);
+ if( zBind ){
+ assert( pIter->pTmpInsert==0 );
+ p->rc = prepareFreeAndCollectError(
+ p->dbRbu, &pIter->pTmpInsert, &p->zErrmsg, sqlite3_mprintf(
+ "INSERT INTO %s.'rbu_tmp_%q'(rbu_control,%s%s) VALUES(%z)",
+ p->zStateDb, pIter->zDataTbl, zCollist, zRbuRowid, zBind
+ ));
+ }
+}
+
+static void rbuTmpInsertFunc(
+ sqlite3_context *pCtx,
+ int nVal,
+ sqlite3_value **apVal
+){
+ sqlite3rbu *p = sqlite3_user_data(pCtx);
+ int rc = SQLITE_OK;
+ int i;
+
+ for(i=0; rc==SQLITE_OK && i<nVal; i++){
+ rc = sqlite3_bind_value(p->objiter.pTmpInsert, i+1, apVal[i]);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3_step(p->objiter.pTmpInsert);
+ rc = sqlite3_reset(p->objiter.pTmpInsert);
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_result_error_code(pCtx, rc);
+ }
+}
+
+/*
+** Ensure that the SQLite statement handles required to update the
+** target database object currently indicated by the iterator passed
+** as the second argument are available.
+*/
+static int rbuObjIterPrepareAll(
+ sqlite3rbu *p,
+ RbuObjIter *pIter,
+ int nOffset /* Add "LIMIT -1 OFFSET $nOffset" to SELECT */
+){
+ assert( pIter->bCleanup==0 );
+ if( pIter->pSelect==0 && rbuObjIterCacheTableInfo(p, pIter)==SQLITE_OK ){
+ const int tnum = pIter->iTnum;
+ char *zCollist = 0; /* List of indexed columns */
+ char **pz = &p->zErrmsg;
+ const char *zIdx = pIter->zIdx;
+ char *zLimit = 0;
+
+ if( nOffset ){
+ zLimit = sqlite3_mprintf(" LIMIT -1 OFFSET %d", nOffset);
+ if( !zLimit ) p->rc = SQLITE_NOMEM;
+ }
+
+ if( zIdx ){
+ const char *zTbl = pIter->zTbl;
+ char *zImposterCols = 0; /* Columns for imposter table */
+ char *zImposterPK = 0; /* Primary key declaration for imposter */
+ char *zWhere = 0; /* WHERE clause on PK columns */
+ char *zBind = 0;
+ int nBind = 0;
+
+ assert( pIter->eType!=RBU_PK_VTAB );
+ zCollist = rbuObjIterGetIndexCols(
+ p, pIter, &zImposterCols, &zImposterPK, &zWhere, &nBind
+ );
+ zBind = rbuObjIterGetBindlist(p, nBind);
+
+ /* Create the imposter table used to write to this index. */
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 0, 1);
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 1,tnum);
+ rbuMPrintfExec(p, p->dbMain,
+ "CREATE TABLE \"rbu_imp_%w\"( %s, PRIMARY KEY( %s ) ) WITHOUT ROWID",
+ zTbl, zImposterCols, zImposterPK
+ );
+ sqlite3_test_control(SQLITE_TESTCTRL_IMPOSTER, p->dbMain, "main", 0, 0);
+
+ /* Create the statement to insert index entries */
+ pIter->nCol = nBind;
+ if( p->rc==SQLITE_OK ){
+ p->rc = prepareFreeAndCollectError(
+ p->dbMain, &pIter->pInsert, &p->zErrmsg,
+ sqlite3_mprintf("INSERT INTO \"rbu_imp_%w\" VALUES(%s)", zTbl, zBind)
+ );
+ }
+
+ /* And to delete index entries */
+ if( p->rc==SQLITE_OK ){
+ p->rc = prepareFreeAndCollectError(
+ p->dbMain, &pIter->pDelete, &p->zErrmsg,
+ sqlite3_mprintf("DELETE FROM \"rbu_imp_%w\" WHERE %s", zTbl, zWhere)
+ );
+ }
+
+ /* Create the SELECT statement to read keys in sorted order */
+ if( p->rc==SQLITE_OK ){
+ char *zSql;
+ if( pIter->eType==RBU_PK_EXTERNAL || pIter->eType==RBU_PK_NONE ){
+ zSql = sqlite3_mprintf(
+ "SELECT %s, rbu_control FROM %s.'rbu_tmp_%q' ORDER BY %s%s",
+ zCollist, p->zStateDb, pIter->zDataTbl,
+ zCollist, zLimit
+ );
+ }else{
+ zSql = sqlite3_mprintf(
+ "SELECT %s, rbu_control FROM '%q' "
+ "WHERE typeof(rbu_control)='integer' AND rbu_control!=1 "
+ "UNION ALL "
+ "SELECT %s, rbu_control FROM %s.'rbu_tmp_%q' "
+ "ORDER BY %s%s",
+ zCollist, pIter->zDataTbl,
+ zCollist, p->zStateDb, pIter->zDataTbl,
+ zCollist, zLimit
+ );
+ }
+ p->rc = prepareFreeAndCollectError(p->dbRbu, &pIter->pSelect, pz, zSql);
+ }
+
+ sqlite3_free(zImposterCols);
+ sqlite3_free(zImposterPK);
+ sqlite3_free(zWhere);
+ sqlite3_free(zBind);
+ }else{
+ int bRbuRowid = (pIter->eType==RBU_PK_VTAB || pIter->eType==RBU_PK_NONE);
+ const char *zTbl = pIter->zTbl; /* Table this step applies to */
+ const char *zWrite; /* Imposter table name */
+
+ char *zBindings = rbuObjIterGetBindlist(p, pIter->nTblCol + bRbuRowid);
+ char *zWhere = rbuObjIterGetWhere(p, pIter);
+ char *zOldlist = rbuObjIterGetOldlist(p, pIter, "old");
+ char *zNewlist = rbuObjIterGetOldlist(p, pIter, "new");
+
+ zCollist = rbuObjIterGetCollist(p, pIter);
+ pIter->nCol = pIter->nTblCol;
+
+ /* Create the imposter table or tables (if required). */
+ rbuCreateImposterTable(p, pIter);
+ rbuCreateImposterTable2(p, pIter);
+ zWrite = (pIter->eType==RBU_PK_VTAB ? "" : "rbu_imp_");
+
+ /* Create the INSERT statement to write to the target PK b-tree */
+ if( p->rc==SQLITE_OK ){
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pIter->pInsert, pz,
+ sqlite3_mprintf(
+ "INSERT INTO \"%s%w\"(%s%s) VALUES(%s)",
+ zWrite, zTbl, zCollist, (bRbuRowid ? ", _rowid_" : ""), zBindings
+ )
+ );
+ }
+
+ /* Create the DELETE statement to write to the target PK b-tree */
+ if( p->rc==SQLITE_OK ){
+ p->rc = prepareFreeAndCollectError(p->dbMain, &pIter->pDelete, pz,
+ sqlite3_mprintf(
+ "DELETE FROM \"%s%w\" WHERE %s", zWrite, zTbl, zWhere
+ )
+ );
+ }
+
+ if( pIter->abIndexed ){
+ const char *zRbuRowid = "";
+ if( pIter->eType==RBU_PK_EXTERNAL || pIter->eType==RBU_PK_NONE ){
+ zRbuRowid = ", rbu_rowid";
+ }
+
+ /* Create the rbu_tmp_xxx table and the triggers to populate it. */
+ rbuMPrintfExec(p, p->dbRbu,
+ "CREATE TABLE IF NOT EXISTS %s.'rbu_tmp_%q' AS "
+ "SELECT *%s FROM '%q' WHERE 0;"
+ , p->zStateDb, pIter->zDataTbl
+ , (pIter->eType==RBU_PK_EXTERNAL ? ", 0 AS rbu_rowid" : "")
+ , pIter->zDataTbl
+ );
+
+ rbuMPrintfExec(p, p->dbMain,
+ "CREATE TEMP TRIGGER rbu_delete_tr BEFORE DELETE ON \"%s%w\" "
+ "BEGIN "
+ " SELECT rbu_tmp_insert(2, %s);"
+ "END;"
+
+ "CREATE TEMP TRIGGER rbu_update1_tr BEFORE UPDATE ON \"%s%w\" "
+ "BEGIN "
+ " SELECT rbu_tmp_insert(2, %s);"
+ "END;"
+
+ "CREATE TEMP TRIGGER rbu_update2_tr AFTER UPDATE ON \"%s%w\" "
+ "BEGIN "
+ " SELECT rbu_tmp_insert(3, %s);"
+ "END;",
+ zWrite, zTbl, zOldlist,
+ zWrite, zTbl, zOldlist,
+ zWrite, zTbl, zNewlist
+ );
+
+ if( pIter->eType==RBU_PK_EXTERNAL || pIter->eType==RBU_PK_NONE ){
+ rbuMPrintfExec(p, p->dbMain,
+ "CREATE TEMP TRIGGER rbu_insert_tr AFTER INSERT ON \"%s%w\" "
+ "BEGIN "
+ " SELECT rbu_tmp_insert(0, %s);"
+ "END;",
+ zWrite, zTbl, zNewlist
+ );
+ }
+
+ rbuObjIterPrepareTmpInsert(p, pIter, zCollist, zRbuRowid);
+ }
+
+ /* Create the SELECT statement to read keys from data_xxx */
+ if( p->rc==SQLITE_OK ){
+ p->rc = prepareFreeAndCollectError(p->dbRbu, &pIter->pSelect, pz,
+ sqlite3_mprintf(
+ "SELECT %s, rbu_control%s FROM '%q'%s",
+ zCollist, (bRbuRowid ? ", rbu_rowid" : ""),
+ pIter->zDataTbl, zLimit
+ )
+ );
+ }
+
+ sqlite3_free(zWhere);
+ sqlite3_free(zOldlist);
+ sqlite3_free(zNewlist);
+ sqlite3_free(zBindings);
+ }
+ sqlite3_free(zCollist);
+ sqlite3_free(zLimit);
+ }
+
+ return p->rc;
+}
+
+/*
+** Set output variable *ppStmt to point to an UPDATE statement that may
+** be used to update the imposter table for the main table b-tree of the
+** table object that pIter currently points to, assuming that the
+** rbu_control column of the data_xyz table contains zMask.
+**
+** If the zMask string does not specify any columns to update, then this
+** is not an error. Output variable *ppStmt is set to NULL in this case.
+*/
+static int rbuGetUpdateStmt(
+ sqlite3rbu *p, /* RBU handle */
+ RbuObjIter *pIter, /* Object iterator */
+ const char *zMask, /* rbu_control value ('x.x.') */
+ sqlite3_stmt **ppStmt /* OUT: UPDATE statement handle */
+){
+ RbuUpdateStmt **pp;
+ RbuUpdateStmt *pUp = 0;
+ int nUp = 0;
+
+ /* In case an error occurs */
+ *ppStmt = 0;
+
+ /* Search for an existing statement. If one is found, shift it to the front
+ ** of the LRU queue and return immediately. Otherwise, leave nUp pointing
+ ** to the number of statements currently in the cache and pUp to the
+ ** last object in the list. */
+ for(pp=&pIter->pRbuUpdate; *pp; pp=&((*pp)->pNext)){
+ pUp = *pp;
+ if( strcmp(pUp->zMask, zMask)==0 ){
+ *pp = pUp->pNext;
+ pUp->pNext = pIter->pRbuUpdate;
+ pIter->pRbuUpdate = pUp;
+ *ppStmt = pUp->pUpdate;
+ return SQLITE_OK;
+ }
+ nUp++;
+ }
+ assert( pUp==0 || pUp->pNext==0 );
+
+ if( nUp>=SQLITE_RBU_UPDATE_CACHESIZE ){
+ for(pp=&pIter->pRbuUpdate; *pp!=pUp; pp=&((*pp)->pNext));
+ *pp = 0;
+ sqlite3_finalize(pUp->pUpdate);
+ pUp->pUpdate = 0;
+ }else{
+ pUp = (RbuUpdateStmt*)rbuMalloc(p, sizeof(RbuUpdateStmt)+pIter->nTblCol+1);
+ }
+
+ if( pUp ){
+ char *zWhere = rbuObjIterGetWhere(p, pIter);
+ char *zSet = rbuObjIterGetSetlist(p, pIter, zMask);
+ char *zUpdate = 0;
+
+ pUp->zMask = (char*)&pUp[1];
+ memcpy(pUp->zMask, zMask, pIter->nTblCol);
+ pUp->pNext = pIter->pRbuUpdate;
+ pIter->pRbuUpdate = pUp;
+
+ if( zSet ){
+ const char *zPrefix = "";
+
+ if( pIter->eType!=RBU_PK_VTAB ) zPrefix = "rbu_imp_";
+ zUpdate = sqlite3_mprintf("UPDATE \"%s%w\" SET %s WHERE %s",
+ zPrefix, pIter->zTbl, zSet, zWhere
+ );
+ p->rc = prepareFreeAndCollectError(
+ p->dbMain, &pUp->pUpdate, &p->zErrmsg, zUpdate
+ );
+ *ppStmt = pUp->pUpdate;
+ }
+ sqlite3_free(zWhere);
+ sqlite3_free(zSet);
+ }
+
+ return p->rc;
+}
+
+static sqlite3 *rbuOpenDbhandle(sqlite3rbu *p, const char *zName){
+ sqlite3 *db = 0;
+ if( p->rc==SQLITE_OK ){
+ const int flags = SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE|SQLITE_OPEN_URI;
+ p->rc = sqlite3_open_v2(zName, &db, flags, p->zVfsName);
+ if( p->rc ){
+ p->zErrmsg = sqlite3_mprintf("%s", sqlite3_errmsg(db));
+ sqlite3_close(db);
+ db = 0;
+ }
+ }
+ return db;
+}
+
+/*
+** Open the database handle and attach the RBU database as "rbu". If an
+** error occurs, leave an error code and message in the RBU handle.
+*/
+static void rbuOpenDatabase(sqlite3rbu *p){
+ assert( p->rc==SQLITE_OK );
+ assert( p->dbMain==0 && p->dbRbu==0 );
+
+ p->eStage = 0;
+ p->dbMain = rbuOpenDbhandle(p, p->zTarget);
+ p->dbRbu = rbuOpenDbhandle(p, p->zRbu);
+
+ /* If using separate RBU and state databases, attach the state database to
+ ** the RBU db handle now. */
+ if( p->zState ){
+ rbuMPrintfExec(p, p->dbRbu, "ATTACH %Q AS stat", p->zState);
+ memcpy(p->zStateDb, "stat", 4);
+ }else{
+ memcpy(p->zStateDb, "main", 4);
+ }
+
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_create_function(p->dbMain,
+ "rbu_tmp_insert", -1, SQLITE_UTF8, (void*)p, rbuTmpInsertFunc, 0, 0
+ );
+ }
+
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_create_function(p->dbMain,
+ "rbu_fossil_delta", 2, SQLITE_UTF8, 0, rbuFossilDeltaFunc, 0, 0
+ );
+ }
+
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_create_function(p->dbRbu,
+ "rbu_target_name", 1, SQLITE_UTF8, (void*)p, rbuTargetNameFunc, 0, 0
+ );
+ }
+
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_file_control(p->dbMain, "main", SQLITE_FCNTL_RBU, (void*)p);
+ }
+ rbuMPrintfExec(p, p->dbMain, "SELECT * FROM sqlite_master");
+
+ /* Mark the database file just opened as an RBU target database. If
+ ** this call returns SQLITE_NOTFOUND, then the RBU vfs is not in use.
+ ** This is an error. */
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_file_control(p->dbMain, "main", SQLITE_FCNTL_RBU, (void*)p);
+ }
+
+ if( p->rc==SQLITE_NOTFOUND ){
+ p->rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf("rbu vfs not found");
+ }
+}
+
+/*
+** This routine is a copy of the sqlite3FileSuffix3() routine from the core.
+** It is a no-op unless SQLITE_ENABLE_8_3_NAMES is defined.
+**
+** If SQLITE_ENABLE_8_3_NAMES is set at compile-time and if the database
+** filename in zBaseFilename is a URI with the "8_3_names=1" parameter and
+** if filename in z[] has a suffix (a.k.a. "extension") that is longer than
+** three characters, then shorten the suffix on z[] to be the last three
+** characters of the original suffix.
+**
+** If SQLITE_ENABLE_8_3_NAMES is set to 2 at compile-time, then always
+** do the suffix shortening regardless of URI parameter.
+**
+** Examples:
+**
+** test.db-journal => test.nal
+** test.db-wal => test.wal
+** test.db-shm => test.shm
+** test.db-mj7f3319fa => test.9fa
+*/
+static void rbuFileSuffix3(const char *zBase, char *z){
+#ifdef SQLITE_ENABLE_8_3_NAMES
+#if SQLITE_ENABLE_8_3_NAMES<2
+ if( sqlite3_uri_boolean(zBase, "8_3_names", 0) )
+#endif
+ {
+ int i, sz;
+ sz = sqlite3Strlen30(z);
+ for(i=sz-1; i>0 && z[i]!='/' && z[i]!='.'; i--){}
+ if( z[i]=='.' && ALWAYS(sz>i+4) ) memmove(&z[i+1], &z[sz-3], 4);
+ }
+#endif
+}
+
+/*
+** Return the current wal-index header checksum for the target database
+** as a 64-bit integer.
+**
+** The checksum is store in the first page of xShmMap memory as an 8-byte
+** blob starting at byte offset 40.
+*/
+static i64 rbuShmChecksum(sqlite3rbu *p){
+ i64 iRet = 0;
+ if( p->rc==SQLITE_OK ){
+ sqlite3_file *pDb = p->pTargetFd->pReal;
+ u32 volatile *ptr;
+ p->rc = pDb->pMethods->xShmMap(pDb, 0, 32*1024, 0, (void volatile**)&ptr);
+ if( p->rc==SQLITE_OK ){
+ iRet = ((i64)ptr[10] << 32) + ptr[11];
+ }
+ }
+ return iRet;
+}
+
+/*
+** This function is called as part of initializing or reinitializing an
+** incremental checkpoint.
+**
+** It populates the sqlite3rbu.aFrame[] array with the set of
+** (wal frame -> db page) copy operations required to checkpoint the
+** current wal file, and obtains the set of shm locks required to safely
+** perform the copy operations directly on the file-system.
+**
+** If argument pState is not NULL, then the incremental checkpoint is
+** being resumed. In this case, if the checksum of the wal-index-header
+** following recovery is not the same as the checksum saved in the RbuState
+** object, then the rbu handle is set to DONE state. This occurs if some
+** other client appends a transaction to the wal file in the middle of
+** an incremental checkpoint.
+*/
+static void rbuSetupCheckpoint(sqlite3rbu *p, RbuState *pState){
+
+ /* If pState is NULL, then the wal file may not have been opened and
+ ** recovered. Running a read-statement here to ensure that doing so
+ ** does not interfere with the "capture" process below. */
+ if( pState==0 ){
+ p->eStage = 0;
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_exec(p->dbMain, "SELECT * FROM sqlite_master", 0, 0, 0);
+ }
+ }
+
+ /* Assuming no error has occurred, run a "restart" checkpoint with the
+ ** sqlite3rbu.eStage variable set to CAPTURE. This turns on the following
+ ** special behaviour in the rbu VFS:
+ **
+ ** * If the exclusive shm WRITER or READ0 lock cannot be obtained,
+ ** the checkpoint fails with SQLITE_BUSY (normally SQLite would
+ ** proceed with running a passive checkpoint instead of failing).
+ **
+ ** * Attempts to read from the *-wal file or write to the database file
+ ** do not perform any IO. Instead, the frame/page combinations that
+ ** would be read/written are recorded in the sqlite3rbu.aFrame[]
+ ** array.
+ **
+ ** * Calls to xShmLock(UNLOCK) to release the exclusive shm WRITER,
+ ** READ0 and CHECKPOINT locks taken as part of the checkpoint are
+ ** no-ops. These locks will not be released until the connection
+ ** is closed.
+ **
+ ** * Attempting to xSync() the database file causes an SQLITE_INTERNAL
+ ** error.
+ **
+ ** As a result, unless an error (i.e. OOM or SQLITE_BUSY) occurs, the
+ ** checkpoint below fails with SQLITE_INTERNAL, and leaves the aFrame[]
+ ** array populated with a set of (frame -> page) mappings. Because the
+ ** WRITER, CHECKPOINT and READ0 locks are still held, it is safe to copy
+ ** data from the wal file into the database file according to the
+ ** contents of aFrame[].
+ */
+ if( p->rc==SQLITE_OK ){
+ int rc2;
+ p->eStage = RBU_STAGE_CAPTURE;
+ rc2 = sqlite3_exec(p->dbMain, "PRAGMA main.wal_checkpoint=restart", 0, 0,0);
+ if( rc2!=SQLITE_INTERNAL ) p->rc = rc2;
+ }
+
+ if( p->rc==SQLITE_OK ){
+ p->eStage = RBU_STAGE_CKPT;
+ p->nStep = (pState ? pState->nRow : 0);
+ p->aBuf = rbuMalloc(p, p->pgsz);
+ p->iWalCksum = rbuShmChecksum(p);
+ }
+
+ if( p->rc==SQLITE_OK && pState && pState->iWalCksum!=p->iWalCksum ){
+ p->rc = SQLITE_DONE;
+ p->eStage = RBU_STAGE_DONE;
+ }
+}
+
+/*
+** Called when iAmt bytes are read from offset iOff of the wal file while
+** the rbu object is in capture mode. Record the frame number of the frame
+** being read in the aFrame[] array.
+*/
+static int rbuCaptureWalRead(sqlite3rbu *pRbu, i64 iOff, int iAmt){
+ const u32 mReq = (1<<WAL_LOCK_WRITE)|(1<<WAL_LOCK_CKPT)|(1<<WAL_LOCK_READ0);
+ u32 iFrame;
+
+ if( pRbu->mLock!=mReq ){
+ pRbu->rc = SQLITE_BUSY;
+ return SQLITE_INTERNAL;
+ }
+
+ pRbu->pgsz = iAmt;
+ if( pRbu->nFrame==pRbu->nFrameAlloc ){
+ int nNew = (pRbu->nFrameAlloc ? pRbu->nFrameAlloc : 64) * 2;
+ RbuFrame *aNew;
+ aNew = (RbuFrame*)sqlite3_realloc(pRbu->aFrame, nNew * sizeof(RbuFrame));
+ if( aNew==0 ) return SQLITE_NOMEM;
+ pRbu->aFrame = aNew;
+ pRbu->nFrameAlloc = nNew;
+ }
+
+ iFrame = (u32)((iOff-32) / (i64)(iAmt+24)) + 1;
+ if( pRbu->iMaxFrame<iFrame ) pRbu->iMaxFrame = iFrame;
+ pRbu->aFrame[pRbu->nFrame].iWalFrame = iFrame;
+ pRbu->aFrame[pRbu->nFrame].iDbPage = 0;
+ pRbu->nFrame++;
+ return SQLITE_OK;
+}
+
+/*
+** Called when a page of data is written to offset iOff of the database
+** file while the rbu handle is in capture mode. Record the page number
+** of the page being written in the aFrame[] array.
+*/
+static int rbuCaptureDbWrite(sqlite3rbu *pRbu, i64 iOff){
+ pRbu->aFrame[pRbu->nFrame-1].iDbPage = (u32)(iOff / pRbu->pgsz) + 1;
+ return SQLITE_OK;
+}
+
+/*
+** This is called as part of an incremental checkpoint operation. Copy
+** a single frame of data from the wal file into the database file, as
+** indicated by the RbuFrame object.
+*/
+static void rbuCheckpointFrame(sqlite3rbu *p, RbuFrame *pFrame){
+ sqlite3_file *pWal = p->pTargetFd->pWalFd->pReal;
+ sqlite3_file *pDb = p->pTargetFd->pReal;
+ i64 iOff;
+
+ assert( p->rc==SQLITE_OK );
+ iOff = (i64)(pFrame->iWalFrame-1) * (p->pgsz + 24) + 32 + 24;
+ p->rc = pWal->pMethods->xRead(pWal, p->aBuf, p->pgsz, iOff);
+ if( p->rc ) return;
+
+ iOff = (i64)(pFrame->iDbPage-1) * p->pgsz;
+ p->rc = pDb->pMethods->xWrite(pDb, p->aBuf, p->pgsz, iOff);
+}
+
+
+/*
+** Take an EXCLUSIVE lock on the database file.
+*/
+static void rbuLockDatabase(sqlite3rbu *p){
+ sqlite3_file *pReal = p->pTargetFd->pReal;
+ assert( p->rc==SQLITE_OK );
+ p->rc = pReal->pMethods->xLock(pReal, SQLITE_LOCK_SHARED);
+ if( p->rc==SQLITE_OK ){
+ p->rc = pReal->pMethods->xLock(pReal, SQLITE_LOCK_EXCLUSIVE);
+ }
+}
+
+#if defined(_WIN32_WCE)
+static LPWSTR rbuWinUtf8ToUnicode(const char *zFilename){
+ int nChar;
+ LPWSTR zWideFilename;
+
+ nChar = MultiByteToWideChar(CP_UTF8, 0, zFilename, -1, NULL, 0);
+ if( nChar==0 ){
+ return 0;
+ }
+ zWideFilename = sqlite3_malloc( nChar*sizeof(zWideFilename[0]) );
+ if( zWideFilename==0 ){
+ return 0;
+ }
+ memset(zWideFilename, 0, nChar*sizeof(zWideFilename[0]));
+ nChar = MultiByteToWideChar(CP_UTF8, 0, zFilename, -1, zWideFilename,
+ nChar);
+ if( nChar==0 ){
+ sqlite3_free(zWideFilename);
+ zWideFilename = 0;
+ }
+ return zWideFilename;
+}
+#endif
+
+/*
+** The RBU handle is currently in RBU_STAGE_OAL state, with a SHARED lock
+** on the database file. This proc moves the *-oal file to the *-wal path,
+** then reopens the database file (this time in vanilla, non-oal, WAL mode).
+** If an error occurs, leave an error code and error message in the rbu
+** handle.
+*/
+static void rbuMoveOalFile(sqlite3rbu *p){
+ const char *zBase = sqlite3_db_filename(p->dbMain, "main");
+
+ char *zWal = sqlite3_mprintf("%s-wal", zBase);
+ char *zOal = sqlite3_mprintf("%s-oal", zBase);
+
+ assert( p->eStage==RBU_STAGE_MOVE );
+ assert( p->rc==SQLITE_OK && p->zErrmsg==0 );
+ if( zWal==0 || zOal==0 ){
+ p->rc = SQLITE_NOMEM;
+ }else{
+ /* Move the *-oal file to *-wal. At this point connection p->db is
+ ** holding a SHARED lock on the target database file (because it is
+ ** in WAL mode). So no other connection may be writing the db.
+ **
+ ** In order to ensure that there are no database readers, an EXCLUSIVE
+ ** lock is obtained here before the *-oal is moved to *-wal.
+ */
+ rbuLockDatabase(p);
+ if( p->rc==SQLITE_OK ){
+ rbuFileSuffix3(zBase, zWal);
+ rbuFileSuffix3(zBase, zOal);
+
+ /* Re-open the databases. */
+ rbuObjIterFinalize(&p->objiter);
+ sqlite3_close(p->dbMain);
+ sqlite3_close(p->dbRbu);
+ p->dbMain = 0;
+ p->dbRbu = 0;
+
+#if defined(_WIN32_WCE)
+ {
+ LPWSTR zWideOal;
+ LPWSTR zWideWal;
+
+ zWideOal = rbuWinUtf8ToUnicode(zOal);
+ if( zWideOal ){
+ zWideWal = rbuWinUtf8ToUnicode(zWal);
+ if( zWideWal ){
+ if( MoveFileW(zWideOal, zWideWal) ){
+ p->rc = SQLITE_OK;
+ }else{
+ p->rc = SQLITE_IOERR;
+ }
+ sqlite3_free(zWideWal);
+ }else{
+ p->rc = SQLITE_IOERR_NOMEM;
+ }
+ sqlite3_free(zWideOal);
+ }else{
+ p->rc = SQLITE_IOERR_NOMEM;
+ }
+ }
+#else
+ p->rc = rename(zOal, zWal) ? SQLITE_IOERR : SQLITE_OK;
+#endif
+
+ if( p->rc==SQLITE_OK ){
+ rbuOpenDatabase(p);
+ rbuSetupCheckpoint(p, 0);
+ }
+ }
+ }
+
+ sqlite3_free(zWal);
+ sqlite3_free(zOal);
+}
+
+/*
+** The SELECT statement iterating through the keys for the current object
+** (p->objiter.pSelect) currently points to a valid row. This function
+** determines the type of operation requested by this row and returns
+** one of the following values to indicate the result:
+**
+** * RBU_INSERT
+** * RBU_DELETE
+** * RBU_IDX_DELETE
+** * RBU_UPDATE
+**
+** If RBU_UPDATE is returned, then output variable *pzMask is set to
+** point to the text value indicating the columns to update.
+**
+** If the rbu_control field contains an invalid value, an error code and
+** message are left in the RBU handle and zero returned.
+*/
+static int rbuStepType(sqlite3rbu *p, const char **pzMask){
+ int iCol = p->objiter.nCol; /* Index of rbu_control column */
+ int res = 0; /* Return value */
+
+ switch( sqlite3_column_type(p->objiter.pSelect, iCol) ){
+ case SQLITE_INTEGER: {
+ int iVal = sqlite3_column_int(p->objiter.pSelect, iCol);
+ if( iVal==0 ){
+ res = RBU_INSERT;
+ }else if( iVal==1 ){
+ res = RBU_DELETE;
+ }else if( iVal==2 ){
+ res = RBU_IDX_DELETE;
+ }else if( iVal==3 ){
+ res = RBU_IDX_INSERT;
+ }
+ break;
+ }
+
+ case SQLITE_TEXT: {
+ const unsigned char *z = sqlite3_column_text(p->objiter.pSelect, iCol);
+ if( z==0 ){
+ p->rc = SQLITE_NOMEM;
+ }else{
+ *pzMask = (const char*)z;
+ }
+ res = RBU_UPDATE;
+
+ break;
+ }
+
+ default:
+ break;
+ }
+
+ if( res==0 ){
+ rbuBadControlError(p);
+ }
+ return res;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** Assert that column iCol of statement pStmt is named zName.
+*/
+static void assertColumnName(sqlite3_stmt *pStmt, int iCol, const char *zName){
+ const char *zCol = sqlite3_column_name(pStmt, iCol);
+ assert( 0==sqlite3_stricmp(zName, zCol) );
+}
+#else
+# define assertColumnName(x,y,z)
+#endif
+
+/*
+** This function does the work for an sqlite3rbu_step() call.
+**
+** The object-iterator (p->objiter) currently points to a valid object,
+** and the input cursor (p->objiter.pSelect) currently points to a valid
+** input row. Perform whatever processing is required and return.
+**
+** If no error occurs, SQLITE_OK is returned. Otherwise, an error code
+** and message is left in the RBU handle and a copy of the error code
+** returned.
+*/
+static int rbuStep(sqlite3rbu *p){
+ RbuObjIter *pIter = &p->objiter;
+ const char *zMask = 0;
+ int i;
+ int eType = rbuStepType(p, &zMask);
+
+ if( eType ){
+ assert( eType!=RBU_UPDATE || pIter->zIdx==0 );
+
+ if( pIter->zIdx==0 && eType==RBU_IDX_DELETE ){
+ rbuBadControlError(p);
+ }
+ else if(
+ eType==RBU_INSERT
+ || eType==RBU_DELETE
+ || eType==RBU_IDX_DELETE
+ || eType==RBU_IDX_INSERT
+ ){
+ sqlite3_value *pVal;
+ sqlite3_stmt *pWriter;
+
+ assert( eType!=RBU_UPDATE );
+ assert( eType!=RBU_DELETE || pIter->zIdx==0 );
+
+ if( eType==RBU_IDX_DELETE || eType==RBU_DELETE ){
+ pWriter = pIter->pDelete;
+ }else{
+ pWriter = pIter->pInsert;
+ }
+
+ for(i=0; i<pIter->nCol; i++){
+ /* If this is an INSERT into a table b-tree and the table has an
+ ** explicit INTEGER PRIMARY KEY, check that this is not an attempt
+ ** to write a NULL into the IPK column. That is not permitted. */
+ if( eType==RBU_INSERT
+ && pIter->zIdx==0 && pIter->eType==RBU_PK_IPK && pIter->abTblPk[i]
+ && sqlite3_column_type(pIter->pSelect, i)==SQLITE_NULL
+ ){
+ p->rc = SQLITE_MISMATCH;
+ p->zErrmsg = sqlite3_mprintf("datatype mismatch");
+ goto step_out;
+ }
+
+ if( eType==RBU_DELETE && pIter->abTblPk[i]==0 ){
+ continue;
+ }
+
+ pVal = sqlite3_column_value(pIter->pSelect, i);
+ p->rc = sqlite3_bind_value(pWriter, i+1, pVal);
+ if( p->rc ) goto step_out;
+ }
+ if( pIter->zIdx==0
+ && (pIter->eType==RBU_PK_VTAB || pIter->eType==RBU_PK_NONE)
+ ){
+ /* For a virtual table, or a table with no primary key, the
+ ** SELECT statement is:
+ **
+ ** SELECT <cols>, rbu_control, rbu_rowid FROM ....
+ **
+ ** Hence column_value(pIter->nCol+1).
+ */
+ assertColumnName(pIter->pSelect, pIter->nCol+1, "rbu_rowid");
+ pVal = sqlite3_column_value(pIter->pSelect, pIter->nCol+1);
+ p->rc = sqlite3_bind_value(pWriter, pIter->nCol+1, pVal);
+ }
+ if( p->rc==SQLITE_OK ){
+ sqlite3_step(pWriter);
+ p->rc = resetAndCollectError(pWriter, &p->zErrmsg);
+ }
+ }else{
+ sqlite3_value *pVal;
+ sqlite3_stmt *pUpdate = 0;
+ assert( eType==RBU_UPDATE );
+ rbuGetUpdateStmt(p, pIter, zMask, &pUpdate);
+ if( pUpdate ){
+ for(i=0; p->rc==SQLITE_OK && i<pIter->nCol; i++){
+ char c = zMask[pIter->aiSrcOrder[i]];
+ pVal = sqlite3_column_value(pIter->pSelect, i);
+ if( pIter->abTblPk[i] || c!='.' ){
+ p->rc = sqlite3_bind_value(pUpdate, i+1, pVal);
+ }
+ }
+ if( p->rc==SQLITE_OK
+ && (pIter->eType==RBU_PK_VTAB || pIter->eType==RBU_PK_NONE)
+ ){
+ /* Bind the rbu_rowid value to column _rowid_ */
+ assertColumnName(pIter->pSelect, pIter->nCol+1, "rbu_rowid");
+ pVal = sqlite3_column_value(pIter->pSelect, pIter->nCol+1);
+ p->rc = sqlite3_bind_value(pUpdate, pIter->nCol+1, pVal);
+ }
+ if( p->rc==SQLITE_OK ){
+ sqlite3_step(pUpdate);
+ p->rc = resetAndCollectError(pUpdate, &p->zErrmsg);
+ }
+ }
+ }
+ }
+
+ step_out:
+ return p->rc;
+}
+
+/*
+** Increment the schema cookie of the main database opened by p->dbMain.
+*/
+static void rbuIncrSchemaCookie(sqlite3rbu *p){
+ if( p->rc==SQLITE_OK ){
+ int iCookie = 1000000;
+ sqlite3_stmt *pStmt;
+
+ p->rc = prepareAndCollectError(p->dbMain, &pStmt, &p->zErrmsg,
+ "PRAGMA schema_version"
+ );
+ if( p->rc==SQLITE_OK ){
+ /* Coverage: it may be that this sqlite3_step() cannot fail. There
+ ** is already a transaction open, so the prepared statement cannot
+ ** throw an SQLITE_SCHEMA exception. The only database page the
+ ** statement reads is page 1, which is guaranteed to be in the cache.
+ ** And no memory allocations are required. */
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ iCookie = sqlite3_column_int(pStmt, 0);
+ }
+ rbuFinalize(p, pStmt);
+ }
+ if( p->rc==SQLITE_OK ){
+ rbuMPrintfExec(p, p->dbMain, "PRAGMA schema_version = %d", iCookie+1);
+ }
+ }
+}
+
+/*
+** Update the contents of the rbu_state table within the rbu database. The
+** value stored in the RBU_STATE_STAGE column is eStage. All other values
+** are determined by inspecting the rbu handle passed as the first argument.
+*/
+static void rbuSaveState(sqlite3rbu *p, int eStage){
+ if( p->rc==SQLITE_OK || p->rc==SQLITE_DONE ){
+ sqlite3_stmt *pInsert = 0;
+ int rc;
+
+ assert( p->zErrmsg==0 );
+ rc = prepareFreeAndCollectError(p->dbRbu, &pInsert, &p->zErrmsg,
+ sqlite3_mprintf(
+ "INSERT OR REPLACE INTO %s.rbu_state(k, v) VALUES "
+ "(%d, %d), "
+ "(%d, %Q), "
+ "(%d, %Q), "
+ "(%d, %d), "
+ "(%d, %d), "
+ "(%d, %lld), "
+ "(%d, %lld), "
+ "(%d, %lld) ",
+ p->zStateDb,
+ RBU_STATE_STAGE, eStage,
+ RBU_STATE_TBL, p->objiter.zTbl,
+ RBU_STATE_IDX, p->objiter.zIdx,
+ RBU_STATE_ROW, p->nStep,
+ RBU_STATE_PROGRESS, p->nProgress,
+ RBU_STATE_CKPT, p->iWalCksum,
+ RBU_STATE_COOKIE, (i64)p->pTargetFd->iCookie,
+ RBU_STATE_OALSZ, p->iOalSz
+ )
+ );
+ assert( pInsert==0 || rc==SQLITE_OK );
+
+ if( rc==SQLITE_OK ){
+ sqlite3_step(pInsert);
+ rc = sqlite3_finalize(pInsert);
+ }
+ if( rc!=SQLITE_OK ) p->rc = rc;
+ }
+}
+
+
+/*
+** Step the RBU object.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_step(sqlite3rbu *p){
+ if( p ){
+ switch( p->eStage ){
+ case RBU_STAGE_OAL: {
+ RbuObjIter *pIter = &p->objiter;
+ while( p->rc==SQLITE_OK && pIter->zTbl ){
+
+ if( pIter->bCleanup ){
+ /* Clean up the rbu_tmp_xxx table for the previous table. It
+ ** cannot be dropped as there are currently active SQL statements.
+ ** But the contents can be deleted. */
+ if( pIter->abIndexed ){
+ rbuMPrintfExec(p, p->dbRbu,
+ "DELETE FROM %s.'rbu_tmp_%q'", p->zStateDb, pIter->zDataTbl
+ );
+ }
+ }else{
+ rbuObjIterPrepareAll(p, pIter, 0);
+
+ /* Advance to the next row to process. */
+ if( p->rc==SQLITE_OK ){
+ int rc = sqlite3_step(pIter->pSelect);
+ if( rc==SQLITE_ROW ){
+ p->nProgress++;
+ p->nStep++;
+ return rbuStep(p);
+ }
+ p->rc = sqlite3_reset(pIter->pSelect);
+ p->nStep = 0;
+ }
+ }
+
+ rbuObjIterNext(p, pIter);
+ }
+
+ if( p->rc==SQLITE_OK ){
+ assert( pIter->zTbl==0 );
+ rbuSaveState(p, RBU_STAGE_MOVE);
+ rbuIncrSchemaCookie(p);
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_exec(p->dbMain, "COMMIT", 0, 0, &p->zErrmsg);
+ }
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_exec(p->dbRbu, "COMMIT", 0, 0, &p->zErrmsg);
+ }
+ p->eStage = RBU_STAGE_MOVE;
+ }
+ break;
+ }
+
+ case RBU_STAGE_MOVE: {
+ if( p->rc==SQLITE_OK ){
+ rbuMoveOalFile(p);
+ p->nProgress++;
+ }
+ break;
+ }
+
+ case RBU_STAGE_CKPT: {
+ if( p->rc==SQLITE_OK ){
+ if( p->nStep>=p->nFrame ){
+ sqlite3_file *pDb = p->pTargetFd->pReal;
+
+ /* Sync the db file */
+ p->rc = pDb->pMethods->xSync(pDb, SQLITE_SYNC_NORMAL);
+
+ /* Update nBackfill */
+ if( p->rc==SQLITE_OK ){
+ void volatile *ptr;
+ p->rc = pDb->pMethods->xShmMap(pDb, 0, 32*1024, 0, &ptr);
+ if( p->rc==SQLITE_OK ){
+ ((u32 volatile*)ptr)[24] = p->iMaxFrame;
+ }
+ }
+
+ if( p->rc==SQLITE_OK ){
+ p->eStage = RBU_STAGE_DONE;
+ p->rc = SQLITE_DONE;
+ }
+ }else{
+ RbuFrame *pFrame = &p->aFrame[p->nStep];
+ rbuCheckpointFrame(p, pFrame);
+ p->nStep++;
+ }
+ p->nProgress++;
+ }
+ break;
+ }
+
+ default:
+ break;
+ }
+ return p->rc;
+ }else{
+ return SQLITE_NOMEM;
+ }
+}
+
+/*
+** Free an RbuState object allocated by rbuLoadState().
+*/
+static void rbuFreeState(RbuState *p){
+ if( p ){
+ sqlite3_free(p->zTbl);
+ sqlite3_free(p->zIdx);
+ sqlite3_free(p);
+ }
+}
+
+/*
+** Allocate an RbuState object and load the contents of the rbu_state
+** table into it. Return a pointer to the new object. It is the
+** responsibility of the caller to eventually free the object using
+** sqlite3_free().
+**
+** If an error occurs, leave an error code and message in the rbu handle
+** and return NULL.
+*/
+static RbuState *rbuLoadState(sqlite3rbu *p){
+ RbuState *pRet = 0;
+ sqlite3_stmt *pStmt = 0;
+ int rc;
+ int rc2;
+
+ pRet = (RbuState*)rbuMalloc(p, sizeof(RbuState));
+ if( pRet==0 ) return 0;
+
+ rc = prepareFreeAndCollectError(p->dbRbu, &pStmt, &p->zErrmsg,
+ sqlite3_mprintf("SELECT k, v FROM %s.rbu_state", p->zStateDb)
+ );
+ while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pStmt) ){
+ switch( sqlite3_column_int(pStmt, 0) ){
+ case RBU_STATE_STAGE:
+ pRet->eStage = sqlite3_column_int(pStmt, 1);
+ if( pRet->eStage!=RBU_STAGE_OAL
+ && pRet->eStage!=RBU_STAGE_MOVE
+ && pRet->eStage!=RBU_STAGE_CKPT
+ ){
+ p->rc = SQLITE_CORRUPT;
+ }
+ break;
+
+ case RBU_STATE_TBL:
+ pRet->zTbl = rbuStrndup((char*)sqlite3_column_text(pStmt, 1), &rc);
+ break;
+
+ case RBU_STATE_IDX:
+ pRet->zIdx = rbuStrndup((char*)sqlite3_column_text(pStmt, 1), &rc);
+ break;
+
+ case RBU_STATE_ROW:
+ pRet->nRow = sqlite3_column_int(pStmt, 1);
+ break;
+
+ case RBU_STATE_PROGRESS:
+ pRet->nProgress = sqlite3_column_int64(pStmt, 1);
+ break;
+
+ case RBU_STATE_CKPT:
+ pRet->iWalCksum = sqlite3_column_int64(pStmt, 1);
+ break;
+
+ case RBU_STATE_COOKIE:
+ pRet->iCookie = (u32)sqlite3_column_int64(pStmt, 1);
+ break;
+
+ case RBU_STATE_OALSZ:
+ pRet->iOalSz = (u32)sqlite3_column_int64(pStmt, 1);
+ break;
+
+ default:
+ rc = SQLITE_CORRUPT;
+ break;
+ }
+ }
+ rc2 = sqlite3_finalize(pStmt);
+ if( rc==SQLITE_OK ) rc = rc2;
+
+ p->rc = rc;
+ return pRet;
+}
+
+/*
+** Compare strings z1 and z2, returning 0 if they are identical, or non-zero
+** otherwise. Either or both argument may be NULL. Two NULL values are
+** considered equal, and NULL is considered distinct from all other values.
+*/
+static int rbuStrCompare(const char *z1, const char *z2){
+ if( z1==0 && z2==0 ) return 0;
+ if( z1==0 || z2==0 ) return 1;
+ return (sqlite3_stricmp(z1, z2)!=0);
+}
+
+/*
+** This function is called as part of sqlite3rbu_open() when initializing
+** an rbu handle in OAL stage. If the rbu update has not started (i.e.
+** the rbu_state table was empty) it is a no-op. Otherwise, it arranges
+** things so that the next call to sqlite3rbu_step() continues on from
+** where the previous rbu handle left off.
+**
+** If an error occurs, an error code and error message are left in the
+** rbu handle passed as the first argument.
+*/
+static void rbuSetupOal(sqlite3rbu *p, RbuState *pState){
+ assert( p->rc==SQLITE_OK );
+ if( pState->zTbl ){
+ RbuObjIter *pIter = &p->objiter;
+ int rc = SQLITE_OK;
+
+ while( rc==SQLITE_OK && pIter->zTbl && (pIter->bCleanup
+ || rbuStrCompare(pIter->zIdx, pState->zIdx)
+ || rbuStrCompare(pIter->zTbl, pState->zTbl)
+ )){
+ rc = rbuObjIterNext(p, pIter);
+ }
+
+ if( rc==SQLITE_OK && !pIter->zTbl ){
+ rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf("rbu_state mismatch error");
+ }
+
+ if( rc==SQLITE_OK ){
+ p->nStep = pState->nRow;
+ rc = rbuObjIterPrepareAll(p, &p->objiter, p->nStep);
+ }
+
+ p->rc = rc;
+ }
+}
+
+/*
+** If there is a "*-oal" file in the file-system corresponding to the
+** target database in the file-system, delete it. If an error occurs,
+** leave an error code and error message in the rbu handle.
+*/
+static void rbuDeleteOalFile(sqlite3rbu *p){
+ char *zOal = rbuMPrintf(p, "%s-oal", p->zTarget);
+ if( zOal ){
+ sqlite3_vfs *pVfs = sqlite3_vfs_find(0);
+ assert( pVfs && p->rc==SQLITE_OK && p->zErrmsg==0 );
+ pVfs->xDelete(pVfs, zOal, 0);
+ sqlite3_free(zOal);
+ }
+}
+
+/*
+** Allocate a private rbu VFS for the rbu handle passed as the only
+** argument. This VFS will be used unless the call to sqlite3rbu_open()
+** specified a URI with a vfs=? option in place of a target database
+** file name.
+*/
+static void rbuCreateVfs(sqlite3rbu *p){
+ int rnd;
+ char zRnd[64];
+
+ assert( p->rc==SQLITE_OK );
+ sqlite3_randomness(sizeof(int), (void*)&rnd);
+ sqlite3_snprintf(sizeof(zRnd), zRnd, "rbu_vfs_%d", rnd);
+ p->rc = sqlite3rbu_create_vfs(zRnd, 0);
+ if( p->rc==SQLITE_OK ){
+ sqlite3_vfs *pVfs = sqlite3_vfs_find(zRnd);
+ assert( pVfs );
+ p->zVfsName = pVfs->zName;
+ }
+}
+
+/*
+** Destroy the private VFS created for the rbu handle passed as the only
+** argument by an earlier call to rbuCreateVfs().
+*/
+static void rbuDeleteVfs(sqlite3rbu *p){
+ if( p->zVfsName ){
+ sqlite3rbu_destroy_vfs(p->zVfsName);
+ p->zVfsName = 0;
+ }
+}
+
+/*
+** Open and return a new RBU handle.
+*/
+SQLITE_API sqlite3rbu *SQLITE_STDCALL sqlite3rbu_open(
+ const char *zTarget,
+ const char *zRbu,
+ const char *zState
+){
+ sqlite3rbu *p;
+ int nTarget = strlen(zTarget);
+ int nRbu = strlen(zRbu);
+ int nState = zState ? strlen(zState) : 0;
+
+ p = (sqlite3rbu*)sqlite3_malloc(sizeof(sqlite3rbu)+nTarget+1+nRbu+1+nState+1);
+ if( p ){
+ RbuState *pState = 0;
+
+ /* Create the custom VFS. */
+ memset(p, 0, sizeof(sqlite3rbu));
+ rbuCreateVfs(p);
+
+ /* Open the target database */
+ if( p->rc==SQLITE_OK ){
+ p->zTarget = (char*)&p[1];
+ memcpy(p->zTarget, zTarget, nTarget+1);
+ p->zRbu = &p->zTarget[nTarget+1];
+ memcpy(p->zRbu, zRbu, nRbu+1);
+ if( zState ){
+ p->zState = &p->zRbu[nRbu+1];
+ memcpy(p->zState, zState, nState+1);
+ }
+ rbuOpenDatabase(p);
+ }
+
+ /* If it has not already been created, create the rbu_state table */
+ rbuMPrintfExec(p, p->dbRbu, RBU_CREATE_STATE, p->zStateDb);
+
+ if( p->rc==SQLITE_OK ){
+ pState = rbuLoadState(p);
+ assert( pState || p->rc!=SQLITE_OK );
+ if( p->rc==SQLITE_OK ){
+
+ if( pState->eStage==0 ){
+ rbuDeleteOalFile(p);
+ p->eStage = RBU_STAGE_OAL;
+ }else{
+ p->eStage = pState->eStage;
+ }
+ p->nProgress = pState->nProgress;
+ p->iOalSz = pState->iOalSz;
+ }
+ }
+ assert( p->rc!=SQLITE_OK || p->eStage!=0 );
+
+ if( p->rc==SQLITE_OK && p->pTargetFd->pWalFd ){
+ if( p->eStage==RBU_STAGE_OAL ){
+ p->rc = SQLITE_ERROR;
+ p->zErrmsg = sqlite3_mprintf("cannot update wal mode database");
+ }else if( p->eStage==RBU_STAGE_MOVE ){
+ p->eStage = RBU_STAGE_CKPT;
+ p->nStep = 0;
+ }
+ }
+
+ if( p->rc==SQLITE_OK
+ && (p->eStage==RBU_STAGE_OAL || p->eStage==RBU_STAGE_MOVE)
+ && pState->eStage!=0 && p->pTargetFd->iCookie!=pState->iCookie
+ ){
+ /* At this point (pTargetFd->iCookie) contains the value of the
+ ** change-counter cookie (the thing that gets incremented when a
+ ** transaction is committed in rollback mode) currently stored on
+ ** page 1 of the database file. */
+ p->rc = SQLITE_BUSY;
+ p->zErrmsg = sqlite3_mprintf("database modified during rbu update");
+ }
+
+ if( p->rc==SQLITE_OK ){
+ if( p->eStage==RBU_STAGE_OAL ){
+ sqlite3 *db = p->dbMain;
+
+ /* Open transactions both databases. The *-oal file is opened or
+ ** created at this point. */
+ p->rc = sqlite3_exec(db, "BEGIN IMMEDIATE", 0, 0, &p->zErrmsg);
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3_exec(p->dbRbu, "BEGIN IMMEDIATE", 0, 0, &p->zErrmsg);
+ }
+
+ /* Check if the main database is a zipvfs db. If it is, set the upper
+ ** level pager to use "journal_mode=off". This prevents it from
+ ** generating a large journal using a temp file. */
+ if( p->rc==SQLITE_OK ){
+ int frc = sqlite3_file_control(db, "main", SQLITE_FCNTL_ZIPVFS, 0);
+ if( frc==SQLITE_OK ){
+ p->rc = sqlite3_exec(db, "PRAGMA journal_mode=off",0,0,&p->zErrmsg);
+ }
+ }
+
+ /* Point the object iterator at the first object */
+ if( p->rc==SQLITE_OK ){
+ p->rc = rbuObjIterFirst(p, &p->objiter);
+ }
+
+ /* If the RBU database contains no data_xxx tables, declare the RBU
+ ** update finished. */
+ if( p->rc==SQLITE_OK && p->objiter.zTbl==0 ){
+ p->rc = SQLITE_DONE;
+ }
+
+ if( p->rc==SQLITE_OK ){
+ rbuSetupOal(p, pState);
+ }
+
+ }else if( p->eStage==RBU_STAGE_MOVE ){
+ /* no-op */
+ }else if( p->eStage==RBU_STAGE_CKPT ){
+ rbuSetupCheckpoint(p, pState);
+ }else if( p->eStage==RBU_STAGE_DONE ){
+ p->rc = SQLITE_DONE;
+ }else{
+ p->rc = SQLITE_CORRUPT;
+ }
+ }
+
+ rbuFreeState(pState);
+ }
+
+ return p;
+}
+
+
+/*
+** Return the database handle used by pRbu.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3rbu_db(sqlite3rbu *pRbu, int bRbu){
+ sqlite3 *db = 0;
+ if( pRbu ){
+ db = (bRbu ? pRbu->dbRbu : pRbu->dbMain);
+ }
+ return db;
+}
+
+
+/*
+** If the error code currently stored in the RBU handle is SQLITE_CONSTRAINT,
+** then edit any error message string so as to remove all occurrences of
+** the pattern "rbu_imp_[0-9]*".
+*/
+static void rbuEditErrmsg(sqlite3rbu *p){
+ if( p->rc==SQLITE_CONSTRAINT && p->zErrmsg ){
+ int i;
+ int nErrmsg = strlen(p->zErrmsg);
+ for(i=0; i<(nErrmsg-8); i++){
+ if( memcmp(&p->zErrmsg[i], "rbu_imp_", 8)==0 ){
+ int nDel = 8;
+ while( p->zErrmsg[i+nDel]>='0' && p->zErrmsg[i+nDel]<='9' ) nDel++;
+ memmove(&p->zErrmsg[i], &p->zErrmsg[i+nDel], nErrmsg + 1 - i - nDel);
+ nErrmsg -= nDel;
+ }
+ }
+ }
+}
+
+/*
+** Close the RBU handle.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_close(sqlite3rbu *p, char **pzErrmsg){
+ int rc;
+ if( p ){
+
+ /* Commit the transaction to the *-oal file. */
+ if( p->rc==SQLITE_OK && p->eStage==RBU_STAGE_OAL ){
+ p->rc = sqlite3_exec(p->dbMain, "COMMIT", 0, 0, &p->zErrmsg);
+ }
+
+ rbuSaveState(p, p->eStage);
+
+ if( p->rc==SQLITE_OK && p->eStage==RBU_STAGE_OAL ){
+ p->rc = sqlite3_exec(p->dbRbu, "COMMIT", 0, 0, &p->zErrmsg);
+ }
+
+ /* Close any open statement handles. */
+ rbuObjIterFinalize(&p->objiter);
+
+ /* Close the open database handle and VFS object. */
+ sqlite3_close(p->dbMain);
+ sqlite3_close(p->dbRbu);
+ rbuDeleteVfs(p);
+ sqlite3_free(p->aBuf);
+ sqlite3_free(p->aFrame);
+
+ rbuEditErrmsg(p);
+ rc = p->rc;
+ *pzErrmsg = p->zErrmsg;
+ sqlite3_free(p);
+ }else{
+ rc = SQLITE_NOMEM;
+ *pzErrmsg = 0;
+ }
+ return rc;
+}
+
+/*
+** Return the total number of key-value operations (inserts, deletes or
+** updates) that have been performed on the target database since the
+** current RBU update was started.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3rbu_progress(sqlite3rbu *pRbu){
+ return pRbu->nProgress;
+}
+
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_savestate(sqlite3rbu *p){
+ int rc = p->rc;
+
+ if( rc==SQLITE_DONE ) return SQLITE_OK;
+
+ assert( p->eStage>=RBU_STAGE_OAL && p->eStage<=RBU_STAGE_DONE );
+ if( p->eStage==RBU_STAGE_OAL ){
+ assert( rc!=SQLITE_DONE );
+ if( rc==SQLITE_OK ) rc = sqlite3_exec(p->dbMain, "COMMIT", 0, 0, 0);
+ }
+
+ p->rc = rc;
+ rbuSaveState(p, p->eStage);
+ rc = p->rc;
+
+ if( p->eStage==RBU_STAGE_OAL ){
+ assert( rc!=SQLITE_DONE );
+ if( rc==SQLITE_OK ) rc = sqlite3_exec(p->dbRbu, "COMMIT", 0, 0, 0);
+ if( rc==SQLITE_OK ) rc = sqlite3_exec(p->dbRbu, "BEGIN IMMEDIATE", 0, 0, 0);
+ if( rc==SQLITE_OK ) rc = sqlite3_exec(p->dbMain, "BEGIN IMMEDIATE", 0, 0,0);
+ }
+
+ p->rc = rc;
+ return rc;
+}
+
+/**************************************************************************
+** Beginning of RBU VFS shim methods. The VFS shim modifies the behaviour
+** of a standard VFS in the following ways:
+**
+** 1. Whenever the first page of a main database file is read or
+** written, the value of the change-counter cookie is stored in
+** rbu_file.iCookie. Similarly, the value of the "write-version"
+** database header field is stored in rbu_file.iWriteVer. This ensures
+** that the values are always trustworthy within an open transaction.
+**
+** 2. Whenever an SQLITE_OPEN_WAL file is opened, the (rbu_file.pWalFd)
+** member variable of the associated database file descriptor is set
+** to point to the new file. A mutex protected linked list of all main
+** db fds opened using a particular RBU VFS is maintained at
+** rbu_vfs.pMain to facilitate this.
+**
+** 3. Using a new file-control "SQLITE_FCNTL_RBU", a main db rbu_file
+** object can be marked as the target database of an RBU update. This
+** turns on the following extra special behaviour:
+**
+** 3a. If xAccess() is called to check if there exists a *-wal file
+** associated with an RBU target database currently in RBU_STAGE_OAL
+** stage (preparing the *-oal file), the following special handling
+** applies:
+**
+** * if the *-wal file does exist, return SQLITE_CANTOPEN. An RBU
+** target database may not be in wal mode already.
+**
+** * if the *-wal file does not exist, set the output parameter to
+** non-zero (to tell SQLite that it does exist) anyway.
+**
+** Then, when xOpen() is called to open the *-wal file associated with
+** the RBU target in RBU_STAGE_OAL stage, instead of opening the *-wal
+** file, the rbu vfs opens the corresponding *-oal file instead.
+**
+** 3b. The *-shm pages returned by xShmMap() for a target db file in
+** RBU_STAGE_OAL mode are actually stored in heap memory. This is to
+** avoid creating a *-shm file on disk. Additionally, xShmLock() calls
+** are no-ops on target database files in RBU_STAGE_OAL mode. This is
+** because assert() statements in some VFS implementations fail if
+** xShmLock() is called before xShmMap().
+**
+** 3c. If an EXCLUSIVE lock is attempted on a target database file in any
+** mode except RBU_STAGE_DONE (all work completed and checkpointed), it
+** fails with an SQLITE_BUSY error. This is to stop RBU connections
+** from automatically checkpointing a *-wal (or *-oal) file from within
+** sqlite3_close().
+**
+** 3d. In RBU_STAGE_CAPTURE mode, all xRead() calls on the wal file, and
+** all xWrite() calls on the target database file perform no IO.
+** Instead the frame and page numbers that would be read and written
+** are recorded. Additionally, successful attempts to obtain exclusive
+** xShmLock() WRITER, CHECKPOINTER and READ0 locks on the target
+** database file are recorded. xShmLock() calls to unlock the same
+** locks are no-ops (so that once obtained, these locks are never
+** relinquished). Finally, calls to xSync() on the target database
+** file fail with SQLITE_INTERNAL errors.
+*/
+
+static void rbuUnlockShm(rbu_file *p){
+ if( p->pRbu ){
+ int (*xShmLock)(sqlite3_file*,int,int,int) = p->pReal->pMethods->xShmLock;
+ int i;
+ for(i=0; i<SQLITE_SHM_NLOCK;i++){
+ if( (1<<i) & p->pRbu->mLock ){
+ xShmLock(p->pReal, i, 1, SQLITE_SHM_UNLOCK|SQLITE_SHM_EXCLUSIVE);
+ }
+ }
+ p->pRbu->mLock = 0;
+ }
+}
+
+/*
+** Close an rbu file.
+*/
+static int rbuVfsClose(sqlite3_file *pFile){
+ rbu_file *p = (rbu_file*)pFile;
+ int rc;
+ int i;
+
+ /* Free the contents of the apShm[] array. And the array itself. */
+ for(i=0; i<p->nShm; i++){
+ sqlite3_free(p->apShm[i]);
+ }
+ sqlite3_free(p->apShm);
+ p->apShm = 0;
+ sqlite3_free(p->zDel);
+
+ if( p->openFlags & SQLITE_OPEN_MAIN_DB ){
+ rbu_file **pp;
+ sqlite3_mutex_enter(p->pRbuVfs->mutex);
+ for(pp=&p->pRbuVfs->pMain; *pp!=p; pp=&((*pp)->pMainNext));
+ *pp = p->pMainNext;
+ sqlite3_mutex_leave(p->pRbuVfs->mutex);
+ rbuUnlockShm(p);
+ p->pReal->pMethods->xShmUnmap(p->pReal, 0);
+ }
+
+ /* Close the underlying file handle */
+ rc = p->pReal->pMethods->xClose(p->pReal);
+ return rc;
+}
+
+
+/*
+** Read and return an unsigned 32-bit big-endian integer from the buffer
+** passed as the only argument.
+*/
+static u32 rbuGetU32(u8 *aBuf){
+ return ((u32)aBuf[0] << 24)
+ + ((u32)aBuf[1] << 16)
+ + ((u32)aBuf[2] << 8)
+ + ((u32)aBuf[3]);
+}
+
+/*
+** Read data from an rbuVfs-file.
+*/
+static int rbuVfsRead(
+ sqlite3_file *pFile,
+ void *zBuf,
+ int iAmt,
+ sqlite_int64 iOfst
+){
+ rbu_file *p = (rbu_file*)pFile;
+ sqlite3rbu *pRbu = p->pRbu;
+ int rc;
+
+ if( pRbu && pRbu->eStage==RBU_STAGE_CAPTURE ){
+ assert( p->openFlags & SQLITE_OPEN_WAL );
+ rc = rbuCaptureWalRead(p->pRbu, iOfst, iAmt);
+ }else{
+ if( pRbu && pRbu->eStage==RBU_STAGE_OAL
+ && (p->openFlags & SQLITE_OPEN_WAL)
+ && iOfst>=pRbu->iOalSz
+ ){
+ rc = SQLITE_OK;
+ memset(zBuf, 0, iAmt);
+ }else{
+ rc = p->pReal->pMethods->xRead(p->pReal, zBuf, iAmt, iOfst);
+ }
+ if( rc==SQLITE_OK && iOfst==0 && (p->openFlags & SQLITE_OPEN_MAIN_DB) ){
+ /* These look like magic numbers. But they are stable, as they are part
+ ** of the definition of the SQLite file format, which may not change. */
+ u8 *pBuf = (u8*)zBuf;
+ p->iCookie = rbuGetU32(&pBuf[24]);
+ p->iWriteVer = pBuf[19];
+ }
+ }
+ return rc;
+}
+
+/*
+** Write data to an rbuVfs-file.
+*/
+static int rbuVfsWrite(
+ sqlite3_file *pFile,
+ const void *zBuf,
+ int iAmt,
+ sqlite_int64 iOfst
+){
+ rbu_file *p = (rbu_file*)pFile;
+ sqlite3rbu *pRbu = p->pRbu;
+ int rc;
+
+ if( pRbu && pRbu->eStage==RBU_STAGE_CAPTURE ){
+ assert( p->openFlags & SQLITE_OPEN_MAIN_DB );
+ rc = rbuCaptureDbWrite(p->pRbu, iOfst);
+ }else{
+ if( pRbu && pRbu->eStage==RBU_STAGE_OAL
+ && (p->openFlags & SQLITE_OPEN_WAL)
+ && iOfst>=pRbu->iOalSz
+ ){
+ pRbu->iOalSz = iAmt + iOfst;
+ }
+ rc = p->pReal->pMethods->xWrite(p->pReal, zBuf, iAmt, iOfst);
+ if( rc==SQLITE_OK && iOfst==0 && (p->openFlags & SQLITE_OPEN_MAIN_DB) ){
+ /* These look like magic numbers. But they are stable, as they are part
+ ** of the definition of the SQLite file format, which may not change. */
+ u8 *pBuf = (u8*)zBuf;
+ p->iCookie = rbuGetU32(&pBuf[24]);
+ p->iWriteVer = pBuf[19];
+ }
+ }
+ return rc;
+}
+
+/*
+** Truncate an rbuVfs-file.
+*/
+static int rbuVfsTruncate(sqlite3_file *pFile, sqlite_int64 size){
+ rbu_file *p = (rbu_file*)pFile;
+ return p->pReal->pMethods->xTruncate(p->pReal, size);
+}
+
+/*
+** Sync an rbuVfs-file.
+*/
+static int rbuVfsSync(sqlite3_file *pFile, int flags){
+ rbu_file *p = (rbu_file *)pFile;
+ if( p->pRbu && p->pRbu->eStage==RBU_STAGE_CAPTURE ){
+ if( p->openFlags & SQLITE_OPEN_MAIN_DB ){
+ return SQLITE_INTERNAL;
+ }
+ return SQLITE_OK;
+ }
+ return p->pReal->pMethods->xSync(p->pReal, flags);
+}
+
+/*
+** Return the current file-size of an rbuVfs-file.
+*/
+static int rbuVfsFileSize(sqlite3_file *pFile, sqlite_int64 *pSize){
+ rbu_file *p = (rbu_file *)pFile;
+ return p->pReal->pMethods->xFileSize(p->pReal, pSize);
+}
+
+/*
+** Lock an rbuVfs-file.
+*/
+static int rbuVfsLock(sqlite3_file *pFile, int eLock){
+ rbu_file *p = (rbu_file*)pFile;
+ sqlite3rbu *pRbu = p->pRbu;
+ int rc = SQLITE_OK;
+
+ assert( p->openFlags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_TEMP_DB) );
+ if( pRbu && eLock==SQLITE_LOCK_EXCLUSIVE && pRbu->eStage!=RBU_STAGE_DONE ){
+ /* Do not allow EXCLUSIVE locks. Preventing SQLite from taking this
+ ** prevents it from checkpointing the database from sqlite3_close(). */
+ rc = SQLITE_BUSY;
+ }else{
+ rc = p->pReal->pMethods->xLock(p->pReal, eLock);
+ }
+
+ return rc;
+}
+
+/*
+** Unlock an rbuVfs-file.
+*/
+static int rbuVfsUnlock(sqlite3_file *pFile, int eLock){
+ rbu_file *p = (rbu_file *)pFile;
+ return p->pReal->pMethods->xUnlock(p->pReal, eLock);
+}
+
+/*
+** Check if another file-handle holds a RESERVED lock on an rbuVfs-file.
+*/
+static int rbuVfsCheckReservedLock(sqlite3_file *pFile, int *pResOut){
+ rbu_file *p = (rbu_file *)pFile;
+ return p->pReal->pMethods->xCheckReservedLock(p->pReal, pResOut);
+}
+
+/*
+** File control method. For custom operations on an rbuVfs-file.
+*/
+static int rbuVfsFileControl(sqlite3_file *pFile, int op, void *pArg){
+ rbu_file *p = (rbu_file *)pFile;
+ int (*xControl)(sqlite3_file*,int,void*) = p->pReal->pMethods->xFileControl;
+ int rc;
+
+ assert( p->openFlags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_TEMP_DB)
+ || p->openFlags & (SQLITE_OPEN_TRANSIENT_DB|SQLITE_OPEN_TEMP_JOURNAL)
+ );
+ if( op==SQLITE_FCNTL_RBU ){
+ sqlite3rbu *pRbu = (sqlite3rbu*)pArg;
+
+ /* First try to find another RBU vfs lower down in the vfs stack. If
+ ** one is found, this vfs will operate in pass-through mode. The lower
+ ** level vfs will do the special RBU handling. */
+ rc = xControl(p->pReal, op, pArg);
+
+ if( rc==SQLITE_NOTFOUND ){
+ /* Now search for a zipvfs instance lower down in the VFS stack. If
+ ** one is found, this is an error. */
+ void *dummy = 0;
+ rc = xControl(p->pReal, SQLITE_FCNTL_ZIPVFS, &dummy);
+ if( rc==SQLITE_OK ){
+ rc = SQLITE_ERROR;
+ pRbu->zErrmsg = sqlite3_mprintf("rbu/zipvfs setup error");
+ }else if( rc==SQLITE_NOTFOUND ){
+ pRbu->pTargetFd = p;
+ p->pRbu = pRbu;
+ if( p->pWalFd ) p->pWalFd->pRbu = pRbu;
+ rc = SQLITE_OK;
+ }
+ }
+ return rc;
+ }
+
+ rc = xControl(p->pReal, op, pArg);
+ if( rc==SQLITE_OK && op==SQLITE_FCNTL_VFSNAME ){
+ rbu_vfs *pRbuVfs = p->pRbuVfs;
+ char *zIn = *(char**)pArg;
+ char *zOut = sqlite3_mprintf("rbu(%s)/%z", pRbuVfs->base.zName, zIn);
+ *(char**)pArg = zOut;
+ if( zOut==0 ) rc = SQLITE_NOMEM;
+ }
+
+ return rc;
+}
+
+/*
+** Return the sector-size in bytes for an rbuVfs-file.
+*/
+static int rbuVfsSectorSize(sqlite3_file *pFile){
+ rbu_file *p = (rbu_file *)pFile;
+ return p->pReal->pMethods->xSectorSize(p->pReal);
+}
+
+/*
+** Return the device characteristic flags supported by an rbuVfs-file.
+*/
+static int rbuVfsDeviceCharacteristics(sqlite3_file *pFile){
+ rbu_file *p = (rbu_file *)pFile;
+ return p->pReal->pMethods->xDeviceCharacteristics(p->pReal);
+}
+
+/*
+** Take or release a shared-memory lock.
+*/
+static int rbuVfsShmLock(sqlite3_file *pFile, int ofst, int n, int flags){
+ rbu_file *p = (rbu_file*)pFile;
+ sqlite3rbu *pRbu = p->pRbu;
+ int rc = SQLITE_OK;
+
+#ifdef SQLITE_AMALGAMATION
+ assert( WAL_CKPT_LOCK==1 );
+#endif
+
+ assert( p->openFlags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_TEMP_DB) );
+ if( pRbu && (pRbu->eStage==RBU_STAGE_OAL || pRbu->eStage==RBU_STAGE_MOVE) ){
+ /* Magic number 1 is the WAL_CKPT_LOCK lock. Preventing SQLite from
+ ** taking this lock also prevents any checkpoints from occurring.
+ ** todo: really, it's not clear why this might occur, as
+ ** wal_autocheckpoint ought to be turned off. */
+ if( ofst==WAL_LOCK_CKPT && n==1 ) rc = SQLITE_BUSY;
+ }else{
+ int bCapture = 0;
+ if( n==1 && (flags & SQLITE_SHM_EXCLUSIVE)
+ && pRbu && pRbu->eStage==RBU_STAGE_CAPTURE
+ && (ofst==WAL_LOCK_WRITE || ofst==WAL_LOCK_CKPT || ofst==WAL_LOCK_READ0)
+ ){
+ bCapture = 1;
+ }
+
+ if( bCapture==0 || 0==(flags & SQLITE_SHM_UNLOCK) ){
+ rc = p->pReal->pMethods->xShmLock(p->pReal, ofst, n, flags);
+ if( bCapture && rc==SQLITE_OK ){
+ pRbu->mLock |= (1 << ofst);
+ }
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Obtain a pointer to a mapping of a single 32KiB page of the *-shm file.
+*/
+static int rbuVfsShmMap(
+ sqlite3_file *pFile,
+ int iRegion,
+ int szRegion,
+ int isWrite,
+ void volatile **pp
+){
+ rbu_file *p = (rbu_file*)pFile;
+ int rc = SQLITE_OK;
+ int eStage = (p->pRbu ? p->pRbu->eStage : 0);
+
+ /* If not in RBU_STAGE_OAL, allow this call to pass through. Or, if this
+ ** rbu is in the RBU_STAGE_OAL state, use heap memory for *-shm space
+ ** instead of a file on disk. */
+ assert( p->openFlags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_TEMP_DB) );
+ if( eStage==RBU_STAGE_OAL || eStage==RBU_STAGE_MOVE ){
+ if( iRegion<=p->nShm ){
+ int nByte = (iRegion+1) * sizeof(char*);
+ char **apNew = (char**)sqlite3_realloc(p->apShm, nByte);
+ if( apNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(&apNew[p->nShm], 0, sizeof(char*) * (1 + iRegion - p->nShm));
+ p->apShm = apNew;
+ p->nShm = iRegion+1;
+ }
+ }
+
+ if( rc==SQLITE_OK && p->apShm[iRegion]==0 ){
+ char *pNew = (char*)sqlite3_malloc(szRegion);
+ if( pNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(pNew, 0, szRegion);
+ p->apShm[iRegion] = pNew;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ *pp = p->apShm[iRegion];
+ }else{
+ *pp = 0;
+ }
+ }else{
+ assert( p->apShm==0 );
+ rc = p->pReal->pMethods->xShmMap(p->pReal, iRegion, szRegion, isWrite, pp);
+ }
+
+ return rc;
+}
+
+/*
+** Memory barrier.
+*/
+static void rbuVfsShmBarrier(sqlite3_file *pFile){
+ rbu_file *p = (rbu_file *)pFile;
+ p->pReal->pMethods->xShmBarrier(p->pReal);
+}
+
+/*
+** The xShmUnmap method.
+*/
+static int rbuVfsShmUnmap(sqlite3_file *pFile, int delFlag){
+ rbu_file *p = (rbu_file*)pFile;
+ int rc = SQLITE_OK;
+ int eStage = (p->pRbu ? p->pRbu->eStage : 0);
+
+ assert( p->openFlags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_TEMP_DB) );
+ if( eStage==RBU_STAGE_OAL || eStage==RBU_STAGE_MOVE ){
+ /* no-op */
+ }else{
+ /* Release the checkpointer and writer locks */
+ rbuUnlockShm(p);
+ rc = p->pReal->pMethods->xShmUnmap(p->pReal, delFlag);
+ }
+ return rc;
+}
+
+/*
+** Given that zWal points to a buffer containing a wal file name passed to
+** either the xOpen() or xAccess() VFS method, return a pointer to the
+** file-handle opened by the same database connection on the corresponding
+** database file.
+*/
+static rbu_file *rbuFindMaindb(rbu_vfs *pRbuVfs, const char *zWal){
+ rbu_file *pDb;
+ sqlite3_mutex_enter(pRbuVfs->mutex);
+ for(pDb=pRbuVfs->pMain; pDb && pDb->zWal!=zWal; pDb=pDb->pMainNext);
+ sqlite3_mutex_leave(pRbuVfs->mutex);
+ return pDb;
+}
+
+/*
+** Open an rbu file handle.
+*/
+static int rbuVfsOpen(
+ sqlite3_vfs *pVfs,
+ const char *zName,
+ sqlite3_file *pFile,
+ int flags,
+ int *pOutFlags
+){
+ static sqlite3_io_methods rbuvfs_io_methods = {
+ 2, /* iVersion */
+ rbuVfsClose, /* xClose */
+ rbuVfsRead, /* xRead */
+ rbuVfsWrite, /* xWrite */
+ rbuVfsTruncate, /* xTruncate */
+ rbuVfsSync, /* xSync */
+ rbuVfsFileSize, /* xFileSize */
+ rbuVfsLock, /* xLock */
+ rbuVfsUnlock, /* xUnlock */
+ rbuVfsCheckReservedLock, /* xCheckReservedLock */
+ rbuVfsFileControl, /* xFileControl */
+ rbuVfsSectorSize, /* xSectorSize */
+ rbuVfsDeviceCharacteristics, /* xDeviceCharacteristics */
+ rbuVfsShmMap, /* xShmMap */
+ rbuVfsShmLock, /* xShmLock */
+ rbuVfsShmBarrier, /* xShmBarrier */
+ rbuVfsShmUnmap, /* xShmUnmap */
+ 0, 0 /* xFetch, xUnfetch */
+ };
+ rbu_vfs *pRbuVfs = (rbu_vfs*)pVfs;
+ sqlite3_vfs *pRealVfs = pRbuVfs->pRealVfs;
+ rbu_file *pFd = (rbu_file *)pFile;
+ int rc = SQLITE_OK;
+ const char *zOpen = zName;
+
+ memset(pFd, 0, sizeof(rbu_file));
+ pFd->pReal = (sqlite3_file*)&pFd[1];
+ pFd->pRbuVfs = pRbuVfs;
+ pFd->openFlags = flags;
+ if( zName ){
+ if( flags & SQLITE_OPEN_MAIN_DB ){
+ /* A main database has just been opened. The following block sets
+ ** (pFd->zWal) to point to a buffer owned by SQLite that contains
+ ** the name of the *-wal file this db connection will use. SQLite
+ ** happens to pass a pointer to this buffer when using xAccess()
+ ** or xOpen() to operate on the *-wal file. */
+ int n = strlen(zName);
+ const char *z = &zName[n];
+ if( flags & SQLITE_OPEN_URI ){
+ int odd = 0;
+ while( 1 ){
+ if( z[0]==0 ){
+ odd = 1 - odd;
+ if( odd && z[1]==0 ) break;
+ }
+ z++;
+ }
+ z += 2;
+ }else{
+ while( *z==0 ) z++;
+ }
+ z += (n + 8 + 1);
+ pFd->zWal = z;
+ }
+ else if( flags & SQLITE_OPEN_WAL ){
+ rbu_file *pDb = rbuFindMaindb(pRbuVfs, zName);
+ if( pDb ){
+ if( pDb->pRbu && pDb->pRbu->eStage==RBU_STAGE_OAL ){
+ /* This call is to open a *-wal file. Intead, open the *-oal. This
+ ** code ensures that the string passed to xOpen() is terminated by a
+ ** pair of '\0' bytes in case the VFS attempts to extract a URI
+ ** parameter from it. */
+ int nCopy = strlen(zName);
+ char *zCopy = sqlite3_malloc(nCopy+2);
+ if( zCopy ){
+ memcpy(zCopy, zName, nCopy);
+ zCopy[nCopy-3] = 'o';
+ zCopy[nCopy] = '\0';
+ zCopy[nCopy+1] = '\0';
+ zOpen = (const char*)(pFd->zDel = zCopy);
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ pFd->pRbu = pDb->pRbu;
+ }
+ pDb->pWalFd = pFd;
+ }
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = pRealVfs->xOpen(pRealVfs, zOpen, pFd->pReal, flags, pOutFlags);
+ }
+ if( pFd->pReal->pMethods ){
+ /* The xOpen() operation has succeeded. Set the sqlite3_file.pMethods
+ ** pointer and, if the file is a main database file, link it into the
+ ** mutex protected linked list of all such files. */
+ pFile->pMethods = &rbuvfs_io_methods;
+ if( flags & SQLITE_OPEN_MAIN_DB ){
+ sqlite3_mutex_enter(pRbuVfs->mutex);
+ pFd->pMainNext = pRbuVfs->pMain;
+ pRbuVfs->pMain = pFd;
+ sqlite3_mutex_leave(pRbuVfs->mutex);
+ }
+ }else{
+ sqlite3_free(pFd->zDel);
+ }
+
+ return rc;
+}
+
+/*
+** Delete the file located at zPath.
+*/
+static int rbuVfsDelete(sqlite3_vfs *pVfs, const char *zPath, int dirSync){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xDelete(pRealVfs, zPath, dirSync);
+}
+
+/*
+** Test for access permissions. Return true if the requested permission
+** is available, or false otherwise.
+*/
+static int rbuVfsAccess(
+ sqlite3_vfs *pVfs,
+ const char *zPath,
+ int flags,
+ int *pResOut
+){
+ rbu_vfs *pRbuVfs = (rbu_vfs*)pVfs;
+ sqlite3_vfs *pRealVfs = pRbuVfs->pRealVfs;
+ int rc;
+
+ rc = pRealVfs->xAccess(pRealVfs, zPath, flags, pResOut);
+
+ /* If this call is to check if a *-wal file associated with an RBU target
+ ** database connection exists, and the RBU update is in RBU_STAGE_OAL,
+ ** the following special handling is activated:
+ **
+ ** a) if the *-wal file does exist, return SQLITE_CANTOPEN. This
+ ** ensures that the RBU extension never tries to update a database
+ ** in wal mode, even if the first page of the database file has
+ ** been damaged.
+ **
+ ** b) if the *-wal file does not exist, claim that it does anyway,
+ ** causing SQLite to call xOpen() to open it. This call will also
+ ** be intercepted (see the rbuVfsOpen() function) and the *-oal
+ ** file opened instead.
+ */
+ if( rc==SQLITE_OK && flags==SQLITE_ACCESS_EXISTS ){
+ rbu_file *pDb = rbuFindMaindb(pRbuVfs, zPath);
+ if( pDb && pDb->pRbu && pDb->pRbu->eStage==RBU_STAGE_OAL ){
+ if( *pResOut ){
+ rc = SQLITE_CANTOPEN;
+ }else{
+ *pResOut = 1;
+ }
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Populate buffer zOut with the full canonical pathname corresponding
+** to the pathname in zPath. zOut is guaranteed to point to a buffer
+** of at least (DEVSYM_MAX_PATHNAME+1) bytes.
+*/
+static int rbuVfsFullPathname(
+ sqlite3_vfs *pVfs,
+ const char *zPath,
+ int nOut,
+ char *zOut
+){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xFullPathname(pRealVfs, zPath, nOut, zOut);
+}
+
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+/*
+** Open the dynamic library located at zPath and return a handle.
+*/
+static void *rbuVfsDlOpen(sqlite3_vfs *pVfs, const char *zPath){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xDlOpen(pRealVfs, zPath);
+}
+
+/*
+** Populate the buffer zErrMsg (size nByte bytes) with a human readable
+** utf-8 string describing the most recent error encountered associated
+** with dynamic libraries.
+*/
+static void rbuVfsDlError(sqlite3_vfs *pVfs, int nByte, char *zErrMsg){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ pRealVfs->xDlError(pRealVfs, nByte, zErrMsg);
+}
+
+/*
+** Return a pointer to the symbol zSymbol in the dynamic library pHandle.
+*/
+static void (*rbuVfsDlSym(
+ sqlite3_vfs *pVfs,
+ void *pArg,
+ const char *zSym
+))(void){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xDlSym(pRealVfs, pArg, zSym);
+}
+
+/*
+** Close the dynamic library handle pHandle.
+*/
+static void rbuVfsDlClose(sqlite3_vfs *pVfs, void *pHandle){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ pRealVfs->xDlClose(pRealVfs, pHandle);
+}
+#endif /* SQLITE_OMIT_LOAD_EXTENSION */
+
+/*
+** Populate the buffer pointed to by zBufOut with nByte bytes of
+** random data.
+*/
+static int rbuVfsRandomness(sqlite3_vfs *pVfs, int nByte, char *zBufOut){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xRandomness(pRealVfs, nByte, zBufOut);
+}
+
+/*
+** Sleep for nMicro microseconds. Return the number of microseconds
+** actually slept.
+*/
+static int rbuVfsSleep(sqlite3_vfs *pVfs, int nMicro){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xSleep(pRealVfs, nMicro);
+}
+
+/*
+** Return the current time as a Julian Day number in *pTimeOut.
+*/
+static int rbuVfsCurrentTime(sqlite3_vfs *pVfs, double *pTimeOut){
+ sqlite3_vfs *pRealVfs = ((rbu_vfs*)pVfs)->pRealVfs;
+ return pRealVfs->xCurrentTime(pRealVfs, pTimeOut);
+}
+
+/*
+** No-op.
+*/
+static int rbuVfsGetLastError(sqlite3_vfs *pVfs, int a, char *b){
+ return 0;
+}
+
+/*
+** Deregister and destroy an RBU vfs created by an earlier call to
+** sqlite3rbu_create_vfs().
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3rbu_destroy_vfs(const char *zName){
+ sqlite3_vfs *pVfs = sqlite3_vfs_find(zName);
+ if( pVfs && pVfs->xOpen==rbuVfsOpen ){
+ sqlite3_mutex_free(((rbu_vfs*)pVfs)->mutex);
+ sqlite3_vfs_unregister(pVfs);
+ sqlite3_free(pVfs);
+ }
+}
+
+/*
+** Create an RBU VFS named zName that accesses the underlying file-system
+** via existing VFS zParent. The new object is registered as a non-default
+** VFS with SQLite before returning.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3rbu_create_vfs(const char *zName, const char *zParent){
+
+ /* Template for VFS */
+ static sqlite3_vfs vfs_template = {
+ 1, /* iVersion */
+ 0, /* szOsFile */
+ 0, /* mxPathname */
+ 0, /* pNext */
+ 0, /* zName */
+ 0, /* pAppData */
+ rbuVfsOpen, /* xOpen */
+ rbuVfsDelete, /* xDelete */
+ rbuVfsAccess, /* xAccess */
+ rbuVfsFullPathname, /* xFullPathname */
+
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+ rbuVfsDlOpen, /* xDlOpen */
+ rbuVfsDlError, /* xDlError */
+ rbuVfsDlSym, /* xDlSym */
+ rbuVfsDlClose, /* xDlClose */
+#else
+ 0, 0, 0, 0,
+#endif
+
+ rbuVfsRandomness, /* xRandomness */
+ rbuVfsSleep, /* xSleep */
+ rbuVfsCurrentTime, /* xCurrentTime */
+ rbuVfsGetLastError, /* xGetLastError */
+ 0, /* xCurrentTimeInt64 (version 2) */
+ 0, 0, 0 /* Unimplemented version 3 methods */
+ };
+
+ rbu_vfs *pNew = 0; /* Newly allocated VFS */
+ int nName;
+ int rc = SQLITE_OK;
+
+ int nByte;
+ nName = strlen(zName);
+ nByte = sizeof(rbu_vfs) + nName + 1;
+ pNew = (rbu_vfs*)sqlite3_malloc(nByte);
+ if( pNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ sqlite3_vfs *pParent; /* Parent VFS */
+ memset(pNew, 0, nByte);
+ pParent = sqlite3_vfs_find(zParent);
+ if( pParent==0 ){
+ rc = SQLITE_NOTFOUND;
+ }else{
+ char *zSpace;
+ memcpy(&pNew->base, &vfs_template, sizeof(sqlite3_vfs));
+ pNew->base.mxPathname = pParent->mxPathname;
+ pNew->base.szOsFile = sizeof(rbu_file) + pParent->szOsFile;
+ pNew->pRealVfs = pParent;
+ pNew->base.zName = (const char*)(zSpace = (char*)&pNew[1]);
+ memcpy(zSpace, zName, nName);
+
+ /* Allocate the mutex and register the new VFS (not as the default) */
+ pNew->mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_RECURSIVE);
+ if( pNew->mutex==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_vfs_register(&pNew->base, 0);
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_mutex_free(pNew->mutex);
+ sqlite3_free(pNew);
+ }
+ }
+
+ return rc;
+}
+
+
+/**************************************************************************/
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_RBU) */
+
+/************** End of sqlite3rbu.c ******************************************/
+/************** Begin file dbstat.c ******************************************/
+/*
+** 2010 July 12
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains an implementation of the "dbstat" virtual table.
+**
+** The dbstat virtual table is used to extract low-level formatting
+** information from an SQLite database in order to implement the
+** "sqlite3_analyzer" utility. See the ../tool/spaceanal.tcl script
+** for an example implementation.
+**
+** Additional information is available on the "dbstat.html" page of the
+** official SQLite documentation.
+*/
+
+/* #include "sqliteInt.h" ** Requires access to internal data structures ** */
+#if (defined(SQLITE_ENABLE_DBSTAT_VTAB) || defined(SQLITE_TEST)) \
+ && !defined(SQLITE_OMIT_VIRTUALTABLE)
+
+/*
+** Page paths:
+**
+** The value of the 'path' column describes the path taken from the
+** root-node of the b-tree structure to each page. The value of the
+** root-node path is '/'.
+**
+** The value of the path for the left-most child page of the root of
+** a b-tree is '/000/'. (Btrees store content ordered from left to right
+** so the pages to the left have smaller keys than the pages to the right.)
+** The next to left-most child of the root page is
+** '/001', and so on, each sibling page identified by a 3-digit hex
+** value. The children of the 451st left-most sibling have paths such
+** as '/1c2/000/, '/1c2/001/' etc.
+**
+** Overflow pages are specified by appending a '+' character and a
+** six-digit hexadecimal value to the path to the cell they are linked
+** from. For example, the three overflow pages in a chain linked from
+** the left-most cell of the 450th child of the root page are identified
+** by the paths:
+**
+** '/1c2/000+000000' // First page in overflow chain
+** '/1c2/000+000001' // Second page in overflow chain
+** '/1c2/000+000002' // Third page in overflow chain
+**
+** If the paths are sorted using the BINARY collation sequence, then
+** the overflow pages associated with a cell will appear earlier in the
+** sort-order than its child page:
+**
+** '/1c2/000/' // Left-most child of 451st child of root
+*/
+#define VTAB_SCHEMA \
+ "CREATE TABLE xx( " \
+ " name STRING, /* Name of table or index */" \
+ " path INTEGER, /* Path to page from root */" \
+ " pageno INTEGER, /* Page number */" \
+ " pagetype STRING, /* 'internal', 'leaf' or 'overflow' */" \
+ " ncell INTEGER, /* Cells on page (0 for overflow) */" \
+ " payload INTEGER, /* Bytes of payload on this page */" \
+ " unused INTEGER, /* Bytes of unused space on this page */" \
+ " mx_payload INTEGER, /* Largest payload size of all cells */" \
+ " pgoffset INTEGER, /* Offset of page in file */" \
+ " pgsize INTEGER, /* Size of the page */" \
+ " schema TEXT HIDDEN /* Database schema being analyzed */" \
+ ");"
+
+
+typedef struct StatTable StatTable;
+typedef struct StatCursor StatCursor;
+typedef struct StatPage StatPage;
+typedef struct StatCell StatCell;
+
+struct StatCell {
+ int nLocal; /* Bytes of local payload */
+ u32 iChildPg; /* Child node (or 0 if this is a leaf) */
+ int nOvfl; /* Entries in aOvfl[] */
+ u32 *aOvfl; /* Array of overflow page numbers */
+ int nLastOvfl; /* Bytes of payload on final overflow page */
+ int iOvfl; /* Iterates through aOvfl[] */
+};
+
+struct StatPage {
+ u32 iPgno;
+ DbPage *pPg;
+ int iCell;
+
+ char *zPath; /* Path to this page */
+
+ /* Variables populated by statDecodePage(): */
+ u8 flags; /* Copy of flags byte */
+ int nCell; /* Number of cells on page */
+ int nUnused; /* Number of unused bytes on page */
+ StatCell *aCell; /* Array of parsed cells */
+ u32 iRightChildPg; /* Right-child page number (or 0) */
+ int nMxPayload; /* Largest payload of any cell on this page */
+};
+
+struct StatCursor {
+ sqlite3_vtab_cursor base;
+ sqlite3_stmt *pStmt; /* Iterates through set of root pages */
+ int isEof; /* After pStmt has returned SQLITE_DONE */
+ int iDb; /* Schema used for this query */
+
+ StatPage aPage[32];
+ int iPage; /* Current entry in aPage[] */
+
+ /* Values to return. */
+ char *zName; /* Value of 'name' column */
+ char *zPath; /* Value of 'path' column */
+ u32 iPageno; /* Value of 'pageno' column */
+ char *zPagetype; /* Value of 'pagetype' column */
+ int nCell; /* Value of 'ncell' column */
+ int nPayload; /* Value of 'payload' column */
+ int nUnused; /* Value of 'unused' column */
+ int nMxPayload; /* Value of 'mx_payload' column */
+ i64 iOffset; /* Value of 'pgOffset' column */
+ int szPage; /* Value of 'pgSize' column */
+};
+
+struct StatTable {
+ sqlite3_vtab base;
+ sqlite3 *db;
+ int iDb; /* Index of database to analyze */
+};
+
+#ifndef get2byte
+# define get2byte(x) ((x)[0]<<8 | (x)[1])
+#endif
+
+/*
+** Connect to or create a statvfs virtual table.
+*/
+static int statConnect(
+ sqlite3 *db,
+ void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVtab,
+ char **pzErr
+){
+ StatTable *pTab = 0;
+ int rc = SQLITE_OK;
+ int iDb;
+
+ if( argc>=4 ){
+ iDb = sqlite3FindDbName(db, argv[3]);
+ if( iDb<0 ){
+ *pzErr = sqlite3_mprintf("no such database: %s", argv[3]);
+ return SQLITE_ERROR;
+ }
+ }else{
+ iDb = 0;
+ }
+ rc = sqlite3_declare_vtab(db, VTAB_SCHEMA);
+ if( rc==SQLITE_OK ){
+ pTab = (StatTable *)sqlite3_malloc64(sizeof(StatTable));
+ if( pTab==0 ) rc = SQLITE_NOMEM;
+ }
+
+ assert( rc==SQLITE_OK || pTab==0 );
+ if( rc==SQLITE_OK ){
+ memset(pTab, 0, sizeof(StatTable));
+ pTab->db = db;
+ pTab->iDb = iDb;
+ }
+
+ *ppVtab = (sqlite3_vtab*)pTab;
+ return rc;
+}
+
+/*
+** Disconnect from or destroy a statvfs virtual table.
+*/
+static int statDisconnect(sqlite3_vtab *pVtab){
+ sqlite3_free(pVtab);
+ return SQLITE_OK;
+}
+
+/*
+** There is no "best-index". This virtual table always does a linear
+** scan. However, a schema=? constraint should cause this table to
+** operate on a different database schema, so check for it.
+**
+** idxNum is normally 0, but will be 1 if a schema=? constraint exists.
+*/
+static int statBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
+ int i;
+
+ pIdxInfo->estimatedCost = 1.0e6; /* Initial cost estimate */
+
+ /* Look for a valid schema=? constraint. If found, change the idxNum to
+ ** 1 and request the value of that constraint be sent to xFilter. And
+ ** lower the cost estimate to encourage the constrained version to be
+ ** used.
+ */
+ for(i=0; i<pIdxInfo->nConstraint; i++){
+ if( pIdxInfo->aConstraint[i].usable==0 ) continue;
+ if( pIdxInfo->aConstraint[i].op!=SQLITE_INDEX_CONSTRAINT_EQ ) continue;
+ if( pIdxInfo->aConstraint[i].iColumn!=10 ) continue;
+ pIdxInfo->idxNum = 1;
+ pIdxInfo->estimatedCost = 1.0;
+ pIdxInfo->aConstraintUsage[i].argvIndex = 1;
+ pIdxInfo->aConstraintUsage[i].omit = 1;
+ break;
+ }
+
+
+ /* Records are always returned in ascending order of (name, path).
+ ** If this will satisfy the client, set the orderByConsumed flag so that
+ ** SQLite does not do an external sort.
+ */
+ if( ( pIdxInfo->nOrderBy==1
+ && pIdxInfo->aOrderBy[0].iColumn==0
+ && pIdxInfo->aOrderBy[0].desc==0
+ ) ||
+ ( pIdxInfo->nOrderBy==2
+ && pIdxInfo->aOrderBy[0].iColumn==0
+ && pIdxInfo->aOrderBy[0].desc==0
+ && pIdxInfo->aOrderBy[1].iColumn==1
+ && pIdxInfo->aOrderBy[1].desc==0
+ )
+ ){
+ pIdxInfo->orderByConsumed = 1;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Open a new statvfs cursor.
+*/
+static int statOpen(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCursor){
+ StatTable *pTab = (StatTable *)pVTab;
+ StatCursor *pCsr;
+
+ pCsr = (StatCursor *)sqlite3_malloc64(sizeof(StatCursor));
+ if( pCsr==0 ){
+ return SQLITE_NOMEM;
+ }else{
+ memset(pCsr, 0, sizeof(StatCursor));
+ pCsr->base.pVtab = pVTab;
+ pCsr->iDb = pTab->iDb;
+ }
+
+ *ppCursor = (sqlite3_vtab_cursor *)pCsr;
+ return SQLITE_OK;
+}
+
+static void statClearPage(StatPage *p){
+ int i;
+ if( p->aCell ){
+ for(i=0; i<p->nCell; i++){
+ sqlite3_free(p->aCell[i].aOvfl);
+ }
+ sqlite3_free(p->aCell);
+ }
+ sqlite3PagerUnref(p->pPg);
+ sqlite3_free(p->zPath);
+ memset(p, 0, sizeof(StatPage));
+}
+
+static void statResetCsr(StatCursor *pCsr){
+ int i;
+ sqlite3_reset(pCsr->pStmt);
+ for(i=0; i<ArraySize(pCsr->aPage); i++){
+ statClearPage(&pCsr->aPage[i]);
+ }
+ pCsr->iPage = 0;
+ sqlite3_free(pCsr->zPath);
+ pCsr->zPath = 0;
+ pCsr->isEof = 0;
+}
+
+/*
+** Close a statvfs cursor.
+*/
+static int statClose(sqlite3_vtab_cursor *pCursor){
+ StatCursor *pCsr = (StatCursor *)pCursor;
+ statResetCsr(pCsr);
+ sqlite3_finalize(pCsr->pStmt);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+static void getLocalPayload(
+ int nUsable, /* Usable bytes per page */
+ u8 flags, /* Page flags */
+ int nTotal, /* Total record (payload) size */
+ int *pnLocal /* OUT: Bytes stored locally */
+){
+ int nLocal;
+ int nMinLocal;
+ int nMaxLocal;
+
+ if( flags==0x0D ){ /* Table leaf node */
+ nMinLocal = (nUsable - 12) * 32 / 255 - 23;
+ nMaxLocal = nUsable - 35;
+ }else{ /* Index interior and leaf nodes */
+ nMinLocal = (nUsable - 12) * 32 / 255 - 23;
+ nMaxLocal = (nUsable - 12) * 64 / 255 - 23;
+ }
+
+ nLocal = nMinLocal + (nTotal - nMinLocal) % (nUsable - 4);
+ if( nLocal>nMaxLocal ) nLocal = nMinLocal;
+ *pnLocal = nLocal;
+}
+
+static int statDecodePage(Btree *pBt, StatPage *p){
+ int nUnused;
+ int iOff;
+ int nHdr;
+ int isLeaf;
+ int szPage;
+
+ u8 *aData = sqlite3PagerGetData(p->pPg);
+ u8 *aHdr = &aData[p->iPgno==1 ? 100 : 0];
+
+ p->flags = aHdr[0];
+ p->nCell = get2byte(&aHdr[3]);
+ p->nMxPayload = 0;
+
+ isLeaf = (p->flags==0x0A || p->flags==0x0D);
+ nHdr = 12 - isLeaf*4 + (p->iPgno==1)*100;
+
+ nUnused = get2byte(&aHdr[5]) - nHdr - 2*p->nCell;
+ nUnused += (int)aHdr[7];
+ iOff = get2byte(&aHdr[1]);
+ while( iOff ){
+ nUnused += get2byte(&aData[iOff+2]);
+ iOff = get2byte(&aData[iOff]);
+ }
+ p->nUnused = nUnused;
+ p->iRightChildPg = isLeaf ? 0 : sqlite3Get4byte(&aHdr[8]);
+ szPage = sqlite3BtreeGetPageSize(pBt);
+
+ if( p->nCell ){
+ int i; /* Used to iterate through cells */
+ int nUsable; /* Usable bytes per page */
+
+ sqlite3BtreeEnter(pBt);
+ nUsable = szPage - sqlite3BtreeGetReserveNoMutex(pBt);
+ sqlite3BtreeLeave(pBt);
+ p->aCell = sqlite3_malloc64((p->nCell+1) * sizeof(StatCell));
+ if( p->aCell==0 ) return SQLITE_NOMEM;
+ memset(p->aCell, 0, (p->nCell+1) * sizeof(StatCell));
+
+ for(i=0; i<p->nCell; i++){
+ StatCell *pCell = &p->aCell[i];
+
+ iOff = get2byte(&aData[nHdr+i*2]);
+ if( !isLeaf ){
+ pCell->iChildPg = sqlite3Get4byte(&aData[iOff]);
+ iOff += 4;
+ }
+ if( p->flags==0x05 ){
+ /* A table interior node. nPayload==0. */
+ }else{
+ u32 nPayload; /* Bytes of payload total (local+overflow) */
+ int nLocal; /* Bytes of payload stored locally */
+ iOff += getVarint32(&aData[iOff], nPayload);
+ if( p->flags==0x0D ){
+ u64 dummy;
+ iOff += sqlite3GetVarint(&aData[iOff], &dummy);
+ }
+ if( nPayload>(u32)p->nMxPayload ) p->nMxPayload = nPayload;
+ getLocalPayload(nUsable, p->flags, nPayload, &nLocal);
+ pCell->nLocal = nLocal;
+ assert( nLocal>=0 );
+ assert( nPayload>=(u32)nLocal );
+ assert( nLocal<=(nUsable-35) );
+ if( nPayload>(u32)nLocal ){
+ int j;
+ int nOvfl = ((nPayload - nLocal) + nUsable-4 - 1) / (nUsable - 4);
+ pCell->nLastOvfl = (nPayload-nLocal) - (nOvfl-1) * (nUsable-4);
+ pCell->nOvfl = nOvfl;
+ pCell->aOvfl = sqlite3_malloc64(sizeof(u32)*nOvfl);
+ if( pCell->aOvfl==0 ) return SQLITE_NOMEM;
+ pCell->aOvfl[0] = sqlite3Get4byte(&aData[iOff+nLocal]);
+ for(j=1; j<nOvfl; j++){
+ int rc;
+ u32 iPrev = pCell->aOvfl[j-1];
+ DbPage *pPg = 0;
+ rc = sqlite3PagerGet(sqlite3BtreePager(pBt), iPrev, &pPg, 0);
+ if( rc!=SQLITE_OK ){
+ assert( pPg==0 );
+ return rc;
+ }
+ pCell->aOvfl[j] = sqlite3Get4byte(sqlite3PagerGetData(pPg));
+ sqlite3PagerUnref(pPg);
+ }
+ }
+ }
+ }
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** Populate the pCsr->iOffset and pCsr->szPage member variables. Based on
+** the current value of pCsr->iPageno.
+*/
+static void statSizeAndOffset(StatCursor *pCsr){
+ StatTable *pTab = (StatTable *)((sqlite3_vtab_cursor *)pCsr)->pVtab;
+ Btree *pBt = pTab->db->aDb[pTab->iDb].pBt;
+ Pager *pPager = sqlite3BtreePager(pBt);
+ sqlite3_file *fd;
+ sqlite3_int64 x[2];
+
+ /* The default page size and offset */
+ pCsr->szPage = sqlite3BtreeGetPageSize(pBt);
+ pCsr->iOffset = (i64)pCsr->szPage * (pCsr->iPageno - 1);
+
+ /* If connected to a ZIPVFS backend, override the page size and
+ ** offset with actual values obtained from ZIPVFS.
+ */
+ fd = sqlite3PagerFile(pPager);
+ x[0] = pCsr->iPageno;
+ if( fd->pMethods!=0 && sqlite3OsFileControl(fd, 230440, &x)==SQLITE_OK ){
+ pCsr->iOffset = x[0];
+ pCsr->szPage = (int)x[1];
+ }
+}
+
+/*
+** Move a statvfs cursor to the next entry in the file.
+*/
+static int statNext(sqlite3_vtab_cursor *pCursor){
+ int rc;
+ int nPayload;
+ char *z;
+ StatCursor *pCsr = (StatCursor *)pCursor;
+ StatTable *pTab = (StatTable *)pCursor->pVtab;
+ Btree *pBt = pTab->db->aDb[pCsr->iDb].pBt;
+ Pager *pPager = sqlite3BtreePager(pBt);
+
+ sqlite3_free(pCsr->zPath);
+ pCsr->zPath = 0;
+
+statNextRestart:
+ if( pCsr->aPage[0].pPg==0 ){
+ rc = sqlite3_step(pCsr->pStmt);
+ if( rc==SQLITE_ROW ){
+ int nPage;
+ u32 iRoot = (u32)sqlite3_column_int64(pCsr->pStmt, 1);
+ sqlite3PagerPagecount(pPager, &nPage);
+ if( nPage==0 ){
+ pCsr->isEof = 1;
+ return sqlite3_reset(pCsr->pStmt);
+ }
+ rc = sqlite3PagerGet(pPager, iRoot, &pCsr->aPage[0].pPg, 0);
+ pCsr->aPage[0].iPgno = iRoot;
+ pCsr->aPage[0].iCell = 0;
+ pCsr->aPage[0].zPath = z = sqlite3_mprintf("/");
+ pCsr->iPage = 0;
+ if( z==0 ) rc = SQLITE_NOMEM;
+ }else{
+ pCsr->isEof = 1;
+ return sqlite3_reset(pCsr->pStmt);
+ }
+ }else{
+
+ /* Page p itself has already been visited. */
+ StatPage *p = &pCsr->aPage[pCsr->iPage];
+
+ while( p->iCell<p->nCell ){
+ StatCell *pCell = &p->aCell[p->iCell];
+ if( pCell->iOvfl<pCell->nOvfl ){
+ int nUsable;
+ sqlite3BtreeEnter(pBt);
+ nUsable = sqlite3BtreeGetPageSize(pBt) -
+ sqlite3BtreeGetReserveNoMutex(pBt);
+ sqlite3BtreeLeave(pBt);
+ pCsr->zName = (char *)sqlite3_column_text(pCsr->pStmt, 0);
+ pCsr->iPageno = pCell->aOvfl[pCell->iOvfl];
+ pCsr->zPagetype = "overflow";
+ pCsr->nCell = 0;
+ pCsr->nMxPayload = 0;
+ pCsr->zPath = z = sqlite3_mprintf(
+ "%s%.3x+%.6x", p->zPath, p->iCell, pCell->iOvfl
+ );
+ if( pCell->iOvfl<pCell->nOvfl-1 ){
+ pCsr->nUnused = 0;
+ pCsr->nPayload = nUsable - 4;
+ }else{
+ pCsr->nPayload = pCell->nLastOvfl;
+ pCsr->nUnused = nUsable - 4 - pCsr->nPayload;
+ }
+ pCell->iOvfl++;
+ statSizeAndOffset(pCsr);
+ return z==0 ? SQLITE_NOMEM : SQLITE_OK;
+ }
+ if( p->iRightChildPg ) break;
+ p->iCell++;
+ }
+
+ if( !p->iRightChildPg || p->iCell>p->nCell ){
+ statClearPage(p);
+ if( pCsr->iPage==0 ) return statNext(pCursor);
+ pCsr->iPage--;
+ goto statNextRestart; /* Tail recursion */
+ }
+ pCsr->iPage++;
+ assert( p==&pCsr->aPage[pCsr->iPage-1] );
+
+ if( p->iCell==p->nCell ){
+ p[1].iPgno = p->iRightChildPg;
+ }else{
+ p[1].iPgno = p->aCell[p->iCell].iChildPg;
+ }
+ rc = sqlite3PagerGet(pPager, p[1].iPgno, &p[1].pPg, 0);
+ p[1].iCell = 0;
+ p[1].zPath = z = sqlite3_mprintf("%s%.3x/", p->zPath, p->iCell);
+ p->iCell++;
+ if( z==0 ) rc = SQLITE_NOMEM;
+ }
+
+
+ /* Populate the StatCursor fields with the values to be returned
+ ** by the xColumn() and xRowid() methods.
+ */
+ if( rc==SQLITE_OK ){
+ int i;
+ StatPage *p = &pCsr->aPage[pCsr->iPage];
+ pCsr->zName = (char *)sqlite3_column_text(pCsr->pStmt, 0);
+ pCsr->iPageno = p->iPgno;
+
+ rc = statDecodePage(pBt, p);
+ if( rc==SQLITE_OK ){
+ statSizeAndOffset(pCsr);
+
+ switch( p->flags ){
+ case 0x05: /* table internal */
+ case 0x02: /* index internal */
+ pCsr->zPagetype = "internal";
+ break;
+ case 0x0D: /* table leaf */
+ case 0x0A: /* index leaf */
+ pCsr->zPagetype = "leaf";
+ break;
+ default:
+ pCsr->zPagetype = "corrupted";
+ break;
+ }
+ pCsr->nCell = p->nCell;
+ pCsr->nUnused = p->nUnused;
+ pCsr->nMxPayload = p->nMxPayload;
+ pCsr->zPath = z = sqlite3_mprintf("%s", p->zPath);
+ if( z==0 ) rc = SQLITE_NOMEM;
+ nPayload = 0;
+ for(i=0; i<p->nCell; i++){
+ nPayload += p->aCell[i].nLocal;
+ }
+ pCsr->nPayload = nPayload;
+ }
+ }
+
+ return rc;
+}
+
+static int statEof(sqlite3_vtab_cursor *pCursor){
+ StatCursor *pCsr = (StatCursor *)pCursor;
+ return pCsr->isEof;
+}
+
+static int statFilter(
+ sqlite3_vtab_cursor *pCursor,
+ int idxNum, const char *idxStr,
+ int argc, sqlite3_value **argv
+){
+ StatCursor *pCsr = (StatCursor *)pCursor;
+ StatTable *pTab = (StatTable*)(pCursor->pVtab);
+ char *zSql;
+ int rc = SQLITE_OK;
+ char *zMaster;
+
+ if( idxNum==1 ){
+ const char *zDbase = (const char*)sqlite3_value_text(argv[0]);
+ pCsr->iDb = sqlite3FindDbName(pTab->db, zDbase);
+ if( pCsr->iDb<0 ){
+ sqlite3_free(pCursor->pVtab->zErrMsg);
+ pCursor->pVtab->zErrMsg = sqlite3_mprintf("no such schema: %s", zDbase);
+ return pCursor->pVtab->zErrMsg ? SQLITE_ERROR : SQLITE_NOMEM;
+ }
+ }else{
+ pCsr->iDb = pTab->iDb;
+ }
+ statResetCsr(pCsr);
+ sqlite3_finalize(pCsr->pStmt);
+ pCsr->pStmt = 0;
+ zMaster = pCsr->iDb==1 ? "sqlite_temp_master" : "sqlite_master";
+ zSql = sqlite3_mprintf(
+ "SELECT 'sqlite_master' AS name, 1 AS rootpage, 'table' AS type"
+ " UNION ALL "
+ "SELECT name, rootpage, type"
+ " FROM \"%w\".%s WHERE rootpage!=0"
+ " ORDER BY name", pTab->db->aDb[pCsr->iDb].zName, zMaster);
+ if( zSql==0 ){
+ return SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(pTab->db, zSql, -1, &pCsr->pStmt, 0);
+ sqlite3_free(zSql);
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = statNext(pCursor);
+ }
+ return rc;
+}
+
+static int statColumn(
+ sqlite3_vtab_cursor *pCursor,
+ sqlite3_context *ctx,
+ int i
+){
+ StatCursor *pCsr = (StatCursor *)pCursor;
+ switch( i ){
+ case 0: /* name */
+ sqlite3_result_text(ctx, pCsr->zName, -1, SQLITE_TRANSIENT);
+ break;
+ case 1: /* path */
+ sqlite3_result_text(ctx, pCsr->zPath, -1, SQLITE_TRANSIENT);
+ break;
+ case 2: /* pageno */
+ sqlite3_result_int64(ctx, pCsr->iPageno);
+ break;
+ case 3: /* pagetype */
+ sqlite3_result_text(ctx, pCsr->zPagetype, -1, SQLITE_STATIC);
+ break;
+ case 4: /* ncell */
+ sqlite3_result_int(ctx, pCsr->nCell);
+ break;
+ case 5: /* payload */
+ sqlite3_result_int(ctx, pCsr->nPayload);
+ break;
+ case 6: /* unused */
+ sqlite3_result_int(ctx, pCsr->nUnused);
+ break;
+ case 7: /* mx_payload */
+ sqlite3_result_int(ctx, pCsr->nMxPayload);
+ break;
+ case 8: /* pgoffset */
+ sqlite3_result_int64(ctx, pCsr->iOffset);
+ break;
+ case 9: /* pgsize */
+ sqlite3_result_int(ctx, pCsr->szPage);
+ break;
+ default: { /* schema */
+ sqlite3 *db = sqlite3_context_db_handle(ctx);
+ int iDb = pCsr->iDb;
+ sqlite3_result_text(ctx, db->aDb[iDb].zName, -1, SQLITE_STATIC);
+ break;
+ }
+ }
+ return SQLITE_OK;
+}
+
+static int statRowid(sqlite3_vtab_cursor *pCursor, sqlite_int64 *pRowid){
+ StatCursor *pCsr = (StatCursor *)pCursor;
+ *pRowid = pCsr->iPageno;
+ return SQLITE_OK;
+}
+
+/*
+** Invoke this routine to register the "dbstat" virtual table module
+*/
+SQLITE_PRIVATE int sqlite3DbstatRegister(sqlite3 *db){
+ static sqlite3_module dbstat_module = {
+ 0, /* iVersion */
+ statConnect, /* xCreate */
+ statConnect, /* xConnect */
+ statBestIndex, /* xBestIndex */
+ statDisconnect, /* xDisconnect */
+ statDisconnect, /* xDestroy */
+ statOpen, /* xOpen - open a cursor */
+ statClose, /* xClose - close a cursor */
+ statFilter, /* xFilter - configure scan constraints */
+ statNext, /* xNext - advance a cursor */
+ statEof, /* xEof - check for end of scan */
+ statColumn, /* xColumn - read data */
+ statRowid, /* xRowid - read data */
+ 0, /* xUpdate */
+ 0, /* xBegin */
+ 0, /* xSync */
+ 0, /* xCommit */
+ 0, /* xRollback */
+ 0, /* xFindMethod */
+ 0, /* xRename */
+ };
+ return sqlite3_create_module(db, "dbstat", &dbstat_module, 0);
+}
+#elif defined(SQLITE_ENABLE_DBSTAT_VTAB)
+SQLITE_PRIVATE int sqlite3DbstatRegister(sqlite3 *db){ return SQLITE_OK; }
+#endif /* SQLITE_ENABLE_DBSTAT_VTAB */
+
+/************** End of dbstat.c **********************************************/
+/************** Begin file json1.c *******************************************/
+/*
+** 2015-08-12
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This SQLite extension implements JSON functions. The interface is
+** modeled after MySQL JSON functions:
+**
+** https://dev.mysql.com/doc/refman/5.7/en/json.html
+**
+** For the time being, all JSON is stored as pure text. (We might add
+** a JSONB type in the future which stores a binary encoding of JSON in
+** a BLOB, but there is no support for JSONB in the current implementation.
+** This implementation parses JSON text at 250 MB/s, so it is hard to see
+** how JSONB might improve on that.)
+*/
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_JSON1)
+#if !defined(_SQLITEINT_H_)
+/* #include "sqlite3ext.h" */
+#endif
+SQLITE_EXTENSION_INIT1
+/* #include <assert.h> */
+/* #include <string.h> */
+/* #include <stdlib.h> */
+/* #include <stdarg.h> */
+
+#define UNUSED_PARAM(X) (void)(X)
+
+#ifndef LARGEST_INT64
+# define LARGEST_INT64 (0xffffffff|(((sqlite3_int64)0x7fffffff)<<32))
+# define SMALLEST_INT64 (((sqlite3_int64)-1) - LARGEST_INT64)
+#endif
+
+/*
+** Versions of isspace(), isalnum() and isdigit() to which it is safe
+** to pass signed char values.
+*/
+#ifdef sqlite3Isdigit
+ /* Use the SQLite core versions if this routine is part of the
+ ** SQLite amalgamation */
+# define safe_isdigit(x) sqlite3Isdigit(x)
+# define safe_isalnum(x) sqlite3Isalnum(x)
+#else
+ /* Use the standard library for separate compilation */
+#include <ctype.h> /* amalgamator: keep */
+# define safe_isdigit(x) isdigit((unsigned char)(x))
+# define safe_isalnum(x) isalnum((unsigned char)(x))
+#endif
+
+/*
+** Growing our own isspace() routine this way is twice as fast as
+** the library isspace() function, resulting in a 7% overall performance
+** increase for the parser. (Ubuntu14.10 gcc 4.8.4 x64 with -Os).
+*/
+static const char jsonIsSpace[] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+};
+#define safe_isspace(x) (jsonIsSpace[(unsigned char)x])
+
+#ifndef SQLITE_AMALGAMATION
+ /* Unsigned integer types. These are already defined in the sqliteInt.h,
+ ** but the definitions need to be repeated for separate compilation. */
+ typedef sqlite3_uint64 u64;
+ typedef unsigned int u32;
+ typedef unsigned char u8;
+#endif
+
+/* Objects */
+typedef struct JsonString JsonString;
+typedef struct JsonNode JsonNode;
+typedef struct JsonParse JsonParse;
+
+/* An instance of this object represents a JSON string
+** under construction. Really, this is a generic string accumulator
+** that can be and is used to create strings other than JSON.
+*/
+struct JsonString {
+ sqlite3_context *pCtx; /* Function context - put error messages here */
+ char *zBuf; /* Append JSON content here */
+ u64 nAlloc; /* Bytes of storage available in zBuf[] */
+ u64 nUsed; /* Bytes of zBuf[] currently used */
+ u8 bStatic; /* True if zBuf is static space */
+ u8 bErr; /* True if an error has been encountered */
+ char zSpace[100]; /* Initial static space */
+};
+
+/* JSON type values
+*/
+#define JSON_NULL 0
+#define JSON_TRUE 1
+#define JSON_FALSE 2
+#define JSON_INT 3
+#define JSON_REAL 4
+#define JSON_STRING 5
+#define JSON_ARRAY 6
+#define JSON_OBJECT 7
+
+/* The "subtype" set for JSON values */
+#define JSON_SUBTYPE 74 /* Ascii for "J" */
+
+/*
+** Names of the various JSON types:
+*/
+static const char * const jsonType[] = {
+ "null", "true", "false", "integer", "real", "text", "array", "object"
+};
+
+/* Bit values for the JsonNode.jnFlag field
+*/
+#define JNODE_RAW 0x01 /* Content is raw, not JSON encoded */
+#define JNODE_ESCAPE 0x02 /* Content is text with \ escapes */
+#define JNODE_REMOVE 0x04 /* Do not output */
+#define JNODE_REPLACE 0x08 /* Replace with JsonNode.iVal */
+#define JNODE_APPEND 0x10 /* More ARRAY/OBJECT entries at u.iAppend */
+#define JNODE_LABEL 0x20 /* Is a label of an object */
+
+
+/* A single node of parsed JSON
+*/
+struct JsonNode {
+ u8 eType; /* One of the JSON_ type values */
+ u8 jnFlags; /* JNODE flags */
+ u8 iVal; /* Replacement value when JNODE_REPLACE */
+ u32 n; /* Bytes of content, or number of sub-nodes */
+ union {
+ const char *zJContent; /* Content for INT, REAL, and STRING */
+ u32 iAppend; /* More terms for ARRAY and OBJECT */
+ u32 iKey; /* Key for ARRAY objects in json_tree() */
+ } u;
+};
+
+/* A completely parsed JSON string
+*/
+struct JsonParse {
+ u32 nNode; /* Number of slots of aNode[] used */
+ u32 nAlloc; /* Number of slots of aNode[] allocated */
+ JsonNode *aNode; /* Array of nodes containing the parse */
+ const char *zJson; /* Original JSON string */
+ u32 *aUp; /* Index of parent of each node */
+ u8 oom; /* Set to true if out of memory */
+ u8 nErr; /* Number of errors seen */
+};
+
+/**************************************************************************
+** Utility routines for dealing with JsonString objects
+**************************************************************************/
+
+/* Set the JsonString object to an empty string
+*/
+static void jsonZero(JsonString *p){
+ p->zBuf = p->zSpace;
+ p->nAlloc = sizeof(p->zSpace);
+ p->nUsed = 0;
+ p->bStatic = 1;
+}
+
+/* Initialize the JsonString object
+*/
+static void jsonInit(JsonString *p, sqlite3_context *pCtx){
+ p->pCtx = pCtx;
+ p->bErr = 0;
+ jsonZero(p);
+}
+
+
+/* Free all allocated memory and reset the JsonString object back to its
+** initial state.
+*/
+static void jsonReset(JsonString *p){
+ if( !p->bStatic ) sqlite3_free(p->zBuf);
+ jsonZero(p);
+}
+
+
+/* Report an out-of-memory (OOM) condition
+*/
+static void jsonOom(JsonString *p){
+ p->bErr = 1;
+ sqlite3_result_error_nomem(p->pCtx);
+ jsonReset(p);
+}
+
+/* Enlarge pJson->zBuf so that it can hold at least N more bytes.
+** Return zero on success. Return non-zero on an OOM error
+*/
+static int jsonGrow(JsonString *p, u32 N){
+ u64 nTotal = N<p->nAlloc ? p->nAlloc*2 : p->nAlloc+N+10;
+ char *zNew;
+ if( p->bStatic ){
+ if( p->bErr ) return 1;
+ zNew = sqlite3_malloc64(nTotal);
+ if( zNew==0 ){
+ jsonOom(p);
+ return SQLITE_NOMEM;
+ }
+ memcpy(zNew, p->zBuf, (size_t)p->nUsed);
+ p->zBuf = zNew;
+ p->bStatic = 0;
+ }else{
+ zNew = sqlite3_realloc64(p->zBuf, nTotal);
+ if( zNew==0 ){
+ jsonOom(p);
+ return SQLITE_NOMEM;
+ }
+ p->zBuf = zNew;
+ }
+ p->nAlloc = nTotal;
+ return SQLITE_OK;
+}
+
+/* Append N bytes from zIn onto the end of the JsonString string.
+*/
+static void jsonAppendRaw(JsonString *p, const char *zIn, u32 N){
+ if( (N+p->nUsed >= p->nAlloc) && jsonGrow(p,N)!=0 ) return;
+ memcpy(p->zBuf+p->nUsed, zIn, N);
+ p->nUsed += N;
+}
+
+/* Append formatted text (not to exceed N bytes) to the JsonString.
+*/
+static void jsonPrintf(int N, JsonString *p, const char *zFormat, ...){
+ va_list ap;
+ if( (p->nUsed + N >= p->nAlloc) && jsonGrow(p, N) ) return;
+ va_start(ap, zFormat);
+ sqlite3_vsnprintf(N, p->zBuf+p->nUsed, zFormat, ap);
+ va_end(ap);
+ p->nUsed += (int)strlen(p->zBuf+p->nUsed);
+}
+
+/* Append a single character
+*/
+static void jsonAppendChar(JsonString *p, char c){
+ if( p->nUsed>=p->nAlloc && jsonGrow(p,1)!=0 ) return;
+ p->zBuf[p->nUsed++] = c;
+}
+
+/* Append a comma separator to the output buffer, if the previous
+** character is not '[' or '{'.
+*/
+static void jsonAppendSeparator(JsonString *p){
+ char c;
+ if( p->nUsed==0 ) return;
+ c = p->zBuf[p->nUsed-1];
+ if( c!='[' && c!='{' ) jsonAppendChar(p, ',');
+}
+
+/* Append the N-byte string in zIn to the end of the JsonString string
+** under construction. Enclose the string in "..." and escape
+** any double-quotes or backslash characters contained within the
+** string.
+*/
+static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
+ u32 i;
+ if( (N+p->nUsed+2 >= p->nAlloc) && jsonGrow(p,N+2)!=0 ) return;
+ p->zBuf[p->nUsed++] = '"';
+ for(i=0; i<N; i++){
+ char c = zIn[i];
+ if( c=='"' || c=='\\' ){
+ if( (p->nUsed+N+3-i > p->nAlloc) && jsonGrow(p,N+3-i)!=0 ) return;
+ p->zBuf[p->nUsed++] = '\\';
+ }
+ p->zBuf[p->nUsed++] = c;
+ }
+ p->zBuf[p->nUsed++] = '"';
+ assert( p->nUsed<p->nAlloc );
+}
+
+/*
+** Append a function parameter value to the JSON string under
+** construction.
+*/
+static void jsonAppendValue(
+ JsonString *p, /* Append to this JSON string */
+ sqlite3_value *pValue /* Value to append */
+){
+ switch( sqlite3_value_type(pValue) ){
+ case SQLITE_NULL: {
+ jsonAppendRaw(p, "null", 4);
+ break;
+ }
+ case SQLITE_INTEGER:
+ case SQLITE_FLOAT: {
+ const char *z = (const char*)sqlite3_value_text(pValue);
+ u32 n = (u32)sqlite3_value_bytes(pValue);
+ jsonAppendRaw(p, z, n);
+ break;
+ }
+ case SQLITE_TEXT: {
+ const char *z = (const char*)sqlite3_value_text(pValue);
+ u32 n = (u32)sqlite3_value_bytes(pValue);
+ if( sqlite3_value_subtype(pValue)==JSON_SUBTYPE ){
+ jsonAppendRaw(p, z, n);
+ }else{
+ jsonAppendString(p, z, n);
+ }
+ break;
+ }
+ default: {
+ if( p->bErr==0 ){
+ sqlite3_result_error(p->pCtx, "JSON cannot hold BLOB values", -1);
+ p->bErr = 1;
+ jsonReset(p);
+ }
+ break;
+ }
+ }
+}
+
+
+/* Make the JSON in p the result of the SQL function.
+*/
+static void jsonResult(JsonString *p){
+ if( p->bErr==0 ){
+ sqlite3_result_text64(p->pCtx, p->zBuf, p->nUsed,
+ p->bStatic ? SQLITE_TRANSIENT : sqlite3_free,
+ SQLITE_UTF8);
+ jsonZero(p);
+ }
+ assert( p->bStatic );
+}
+
+/**************************************************************************
+** Utility routines for dealing with JsonNode and JsonParse objects
+**************************************************************************/
+
+/*
+** Return the number of consecutive JsonNode slots need to represent
+** the parsed JSON at pNode. The minimum answer is 1. For ARRAY and
+** OBJECT types, the number might be larger.
+**
+** Appended elements are not counted. The value returned is the number
+** by which the JsonNode counter should increment in order to go to the
+** next peer value.
+*/
+static u32 jsonNodeSize(JsonNode *pNode){
+ return pNode->eType>=JSON_ARRAY ? pNode->n+1 : 1;
+}
+
+/*
+** Reclaim all memory allocated by a JsonParse object. But do not
+** delete the JsonParse object itself.
+*/
+static void jsonParseReset(JsonParse *pParse){
+ sqlite3_free(pParse->aNode);
+ pParse->aNode = 0;
+ pParse->nNode = 0;
+ pParse->nAlloc = 0;
+ sqlite3_free(pParse->aUp);
+ pParse->aUp = 0;
+}
+
+/*
+** Convert the JsonNode pNode into a pure JSON string and
+** append to pOut. Subsubstructure is also included. Return
+** the number of JsonNode objects that are encoded.
+*/
+static void jsonRenderNode(
+ JsonNode *pNode, /* The node to render */
+ JsonString *pOut, /* Write JSON here */
+ sqlite3_value **aReplace /* Replacement values */
+){
+ switch( pNode->eType ){
+ default: {
+ assert( pNode->eType==JSON_NULL );
+ jsonAppendRaw(pOut, "null", 4);
+ break;
+ }
+ case JSON_TRUE: {
+ jsonAppendRaw(pOut, "true", 4);
+ break;
+ }
+ case JSON_FALSE: {
+ jsonAppendRaw(pOut, "false", 5);
+ break;
+ }
+ case JSON_STRING: {
+ if( pNode->jnFlags & JNODE_RAW ){
+ jsonAppendString(pOut, pNode->u.zJContent, pNode->n);
+ break;
+ }
+ /* Fall through into the next case */
+ }
+ case JSON_REAL:
+ case JSON_INT: {
+ jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+ break;
+ }
+ case JSON_ARRAY: {
+ u32 j = 1;
+ jsonAppendChar(pOut, '[');
+ for(;;){
+ while( j<=pNode->n ){
+ if( pNode[j].jnFlags & (JNODE_REMOVE|JNODE_REPLACE) ){
+ if( pNode[j].jnFlags & JNODE_REPLACE ){
+ jsonAppendSeparator(pOut);
+ jsonAppendValue(pOut, aReplace[pNode[j].iVal]);
+ }
+ }else{
+ jsonAppendSeparator(pOut);
+ jsonRenderNode(&pNode[j], pOut, aReplace);
+ }
+ j += jsonNodeSize(&pNode[j]);
+ }
+ if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
+ pNode = &pNode[pNode->u.iAppend];
+ j = 1;
+ }
+ jsonAppendChar(pOut, ']');
+ break;
+ }
+ case JSON_OBJECT: {
+ u32 j = 1;
+ jsonAppendChar(pOut, '{');
+ for(;;){
+ while( j<=pNode->n ){
+ if( (pNode[j+1].jnFlags & JNODE_REMOVE)==0 ){
+ jsonAppendSeparator(pOut);
+ jsonRenderNode(&pNode[j], pOut, aReplace);
+ jsonAppendChar(pOut, ':');
+ if( pNode[j+1].jnFlags & JNODE_REPLACE ){
+ jsonAppendValue(pOut, aReplace[pNode[j+1].iVal]);
+ }else{
+ jsonRenderNode(&pNode[j+1], pOut, aReplace);
+ }
+ }
+ j += 1 + jsonNodeSize(&pNode[j+1]);
+ }
+ if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
+ pNode = &pNode[pNode->u.iAppend];
+ j = 1;
+ }
+ jsonAppendChar(pOut, '}');
+ break;
+ }
+ }
+}
+
+/*
+** Return a JsonNode and all its descendents as a JSON string.
+*/
+static void jsonReturnJson(
+ JsonNode *pNode, /* Node to return */
+ sqlite3_context *pCtx, /* Return value for this function */
+ sqlite3_value **aReplace /* Array of replacement values */
+){
+ JsonString s;
+ jsonInit(&s, pCtx);
+ jsonRenderNode(pNode, &s, aReplace);
+ jsonResult(&s);
+ sqlite3_result_subtype(pCtx, JSON_SUBTYPE);
+}
+
+/*
+** Make the JsonNode the return value of the function.
+*/
+static void jsonReturn(
+ JsonNode *pNode, /* Node to return */
+ sqlite3_context *pCtx, /* Return value for this function */
+ sqlite3_value **aReplace /* Array of replacement values */
+){
+ switch( pNode->eType ){
+ default: {
+ assert( pNode->eType==JSON_NULL );
+ sqlite3_result_null(pCtx);
+ break;
+ }
+ case JSON_TRUE: {
+ sqlite3_result_int(pCtx, 1);
+ break;
+ }
+ case JSON_FALSE: {
+ sqlite3_result_int(pCtx, 0);
+ break;
+ }
+ case JSON_INT: {
+ sqlite3_int64 i = 0;
+ const char *z = pNode->u.zJContent;
+ if( z[0]=='-' ){ z++; }
+ while( z[0]>='0' && z[0]<='9' ){
+ unsigned v = *(z++) - '0';
+ if( i>=LARGEST_INT64/10 ){
+ if( i>LARGEST_INT64/10 ) goto int_as_real;
+ if( z[0]>='0' && z[0]<='9' ) goto int_as_real;
+ if( v==9 ) goto int_as_real;
+ if( v==8 ){
+ if( pNode->u.zJContent[0]=='-' ){
+ sqlite3_result_int64(pCtx, SMALLEST_INT64);
+ goto int_done;
+ }else{
+ goto int_as_real;
+ }
+ }
+ }
+ i = i*10 + v;
+ }
+ if( pNode->u.zJContent[0]=='-' ){ i = -i; }
+ sqlite3_result_int64(pCtx, i);
+ int_done:
+ break;
+ int_as_real: /* fall through to real */;
+ }
+ case JSON_REAL: {
+ double r;
+#ifdef SQLITE_AMALGAMATION
+ const char *z = pNode->u.zJContent;
+ sqlite3AtoF(z, &r, sqlite3Strlen30(z), SQLITE_UTF8);
+#else
+ r = strtod(pNode->u.zJContent, 0);
+#endif
+ sqlite3_result_double(pCtx, r);
+ break;
+ }
+ case JSON_STRING: {
+#if 0 /* Never happens because JNODE_RAW is only set by json_set(),
+ ** json_insert() and json_replace() and those routines do not
+ ** call jsonReturn() */
+ if( pNode->jnFlags & JNODE_RAW ){
+ sqlite3_result_text(pCtx, pNode->u.zJContent, pNode->n,
+ SQLITE_TRANSIENT);
+ }else
+#endif
+ assert( (pNode->jnFlags & JNODE_RAW)==0 );
+ if( (pNode->jnFlags & JNODE_ESCAPE)==0 ){
+ /* JSON formatted without any backslash-escapes */
+ sqlite3_result_text(pCtx, pNode->u.zJContent+1, pNode->n-2,
+ SQLITE_TRANSIENT);
+ }else{
+ /* Translate JSON formatted string into raw text */
+ u32 i;
+ u32 n = pNode->n;
+ const char *z = pNode->u.zJContent;
+ char *zOut;
+ u32 j;
+ zOut = sqlite3_malloc( n+1 );
+ if( zOut==0 ){
+ sqlite3_result_error_nomem(pCtx);
+ break;
+ }
+ for(i=1, j=0; i<n-1; i++){
+ char c = z[i];
+ if( c!='\\' ){
+ zOut[j++] = c;
+ }else{
+ c = z[++i];
+ if( c=='u' ){
+ u32 v = 0, k;
+ for(k=0; k<4 && i<n-2; i++, k++){
+ c = z[i+1];
+ if( c>='0' && c<='9' ) v = v*16 + c - '0';
+ else if( c>='A' && c<='F' ) v = v*16 + c - 'A' + 10;
+ else if( c>='a' && c<='f' ) v = v*16 + c - 'a' + 10;
+ else break;
+ }
+ if( v==0 ) break;
+ if( v<=0x7f ){
+ zOut[j++] = (char)v;
+ }else if( v<=0x7ff ){
+ zOut[j++] = (char)(0xc0 | (v>>6));
+ zOut[j++] = 0x80 | (v&0x3f);
+ }else{
+ zOut[j++] = (char)(0xe0 | (v>>12));
+ zOut[j++] = 0x80 | ((v>>6)&0x3f);
+ zOut[j++] = 0x80 | (v&0x3f);
+ }
+ }else{
+ if( c=='b' ){
+ c = '\b';
+ }else if( c=='f' ){
+ c = '\f';
+ }else if( c=='n' ){
+ c = '\n';
+ }else if( c=='r' ){
+ c = '\r';
+ }else if( c=='t' ){
+ c = '\t';
+ }
+ zOut[j++] = c;
+ }
+ }
+ }
+ zOut[j] = 0;
+ sqlite3_result_text(pCtx, zOut, j, sqlite3_free);
+ }
+ break;
+ }
+ case JSON_ARRAY:
+ case JSON_OBJECT: {
+ jsonReturnJson(pNode, pCtx, aReplace);
+ break;
+ }
+ }
+}
+
+/* Forward reference */
+static int jsonParseAddNode(JsonParse*,u32,u32,const char*);
+
+/*
+** A macro to hint to the compiler that a function should not be
+** inlined.
+*/
+#if defined(__GNUC__)
+# define JSON_NOINLINE __attribute__((noinline))
+#elif defined(_MSC_VER) && _MSC_VER>=1310
+# define JSON_NOINLINE __declspec(noinline)
+#else
+# define JSON_NOINLINE
+#endif
+
+
+static JSON_NOINLINE int jsonParseAddNodeExpand(
+ JsonParse *pParse, /* Append the node to this object */
+ u32 eType, /* Node type */
+ u32 n, /* Content size or sub-node count */
+ const char *zContent /* Content */
+){
+ u32 nNew;
+ JsonNode *pNew;
+ assert( pParse->nNode>=pParse->nAlloc );
+ if( pParse->oom ) return -1;
+ nNew = pParse->nAlloc*2 + 10;
+ pNew = sqlite3_realloc(pParse->aNode, sizeof(JsonNode)*nNew);
+ if( pNew==0 ){
+ pParse->oom = 1;
+ return -1;
+ }
+ pParse->nAlloc = nNew;
+ pParse->aNode = pNew;
+ assert( pParse->nNode<pParse->nAlloc );
+ return jsonParseAddNode(pParse, eType, n, zContent);
+}
+
+/*
+** Create a new JsonNode instance based on the arguments and append that
+** instance to the JsonParse. Return the index in pParse->aNode[] of the
+** new node, or -1 if a memory allocation fails.
+*/
+static int jsonParseAddNode(
+ JsonParse *pParse, /* Append the node to this object */
+ u32 eType, /* Node type */
+ u32 n, /* Content size or sub-node count */
+ const char *zContent /* Content */
+){
+ JsonNode *p;
+ if( pParse->nNode>=pParse->nAlloc ){
+ return jsonParseAddNodeExpand(pParse, eType, n, zContent);
+ }
+ p = &pParse->aNode[pParse->nNode];
+ p->eType = (u8)eType;
+ p->jnFlags = 0;
+ p->iVal = 0;
+ p->n = n;
+ p->u.zJContent = zContent;
+ return pParse->nNode++;
+}
+
+/*
+** Parse a single JSON value which begins at pParse->zJson[i]. Return the
+** index of the first character past the end of the value parsed.
+**
+** Return negative for a syntax error. Special cases: return -2 if the
+** first non-whitespace character is '}' and return -3 if the first
+** non-whitespace character is ']'.
+*/
+static int jsonParseValue(JsonParse *pParse, u32 i){
+ char c;
+ u32 j;
+ int iThis;
+ int x;
+ JsonNode *pNode;
+ while( safe_isspace(pParse->zJson[i]) ){ i++; }
+ if( (c = pParse->zJson[i])=='{' ){
+ /* Parse object */
+ iThis = jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
+ if( iThis<0 ) return -1;
+ for(j=i+1;;j++){
+ while( safe_isspace(pParse->zJson[j]) ){ j++; }
+ x = jsonParseValue(pParse, j);
+ if( x<0 ){
+ if( x==(-2) && pParse->nNode==(u32)iThis+1 ) return j+1;
+ return -1;
+ }
+ if( pParse->oom ) return -1;
+ pNode = &pParse->aNode[pParse->nNode-1];
+ if( pNode->eType!=JSON_STRING ) return -1;
+ pNode->jnFlags |= JNODE_LABEL;
+ j = x;
+ while( safe_isspace(pParse->zJson[j]) ){ j++; }
+ if( pParse->zJson[j]!=':' ) return -1;
+ j++;
+ x = jsonParseValue(pParse, j);
+ if( x<0 ) return -1;
+ j = x;
+ while( safe_isspace(pParse->zJson[j]) ){ j++; }
+ c = pParse->zJson[j];
+ if( c==',' ) continue;
+ if( c!='}' ) return -1;
+ break;
+ }
+ pParse->aNode[iThis].n = pParse->nNode - (u32)iThis - 1;
+ return j+1;
+ }else if( c=='[' ){
+ /* Parse array */
+ iThis = jsonParseAddNode(pParse, JSON_ARRAY, 0, 0);
+ if( iThis<0 ) return -1;
+ for(j=i+1;;j++){
+ while( safe_isspace(pParse->zJson[j]) ){ j++; }
+ x = jsonParseValue(pParse, j);
+ if( x<0 ){
+ if( x==(-3) && pParse->nNode==(u32)iThis+1 ) return j+1;
+ return -1;
+ }
+ j = x;
+ while( safe_isspace(pParse->zJson[j]) ){ j++; }
+ c = pParse->zJson[j];
+ if( c==',' ) continue;
+ if( c!=']' ) return -1;
+ break;
+ }
+ pParse->aNode[iThis].n = pParse->nNode - (u32)iThis - 1;
+ return j+1;
+ }else if( c=='"' ){
+ /* Parse string */
+ u8 jnFlags = 0;
+ j = i+1;
+ for(;;){
+ c = pParse->zJson[j];
+ if( c==0 ) return -1;
+ if( c=='\\' ){
+ c = pParse->zJson[++j];
+ if( c==0 ) return -1;
+ jnFlags = JNODE_ESCAPE;
+ }else if( c=='"' ){
+ break;
+ }
+ j++;
+ }
+ jsonParseAddNode(pParse, JSON_STRING, j+1-i, &pParse->zJson[i]);
+ if( !pParse->oom ) pParse->aNode[pParse->nNode-1].jnFlags = jnFlags;
+ return j+1;
+ }else if( c=='n'
+ && strncmp(pParse->zJson+i,"null",4)==0
+ && !safe_isalnum(pParse->zJson[i+4]) ){
+ jsonParseAddNode(pParse, JSON_NULL, 0, 0);
+ return i+4;
+ }else if( c=='t'
+ && strncmp(pParse->zJson+i,"true",4)==0
+ && !safe_isalnum(pParse->zJson[i+4]) ){
+ jsonParseAddNode(pParse, JSON_TRUE, 0, 0);
+ return i+4;
+ }else if( c=='f'
+ && strncmp(pParse->zJson+i,"false",5)==0
+ && !safe_isalnum(pParse->zJson[i+5]) ){
+ jsonParseAddNode(pParse, JSON_FALSE, 0, 0);
+ return i+5;
+ }else if( c=='-' || (c>='0' && c<='9') ){
+ /* Parse number */
+ u8 seenDP = 0;
+ u8 seenE = 0;
+ j = i+1;
+ for(;; j++){
+ c = pParse->zJson[j];
+ if( c>='0' && c<='9' ) continue;
+ if( c=='.' ){
+ if( pParse->zJson[j-1]=='-' ) return -1;
+ if( seenDP ) return -1;
+ seenDP = 1;
+ continue;
+ }
+ if( c=='e' || c=='E' ){
+ if( pParse->zJson[j-1]<'0' ) return -1;
+ if( seenE ) return -1;
+ seenDP = seenE = 1;
+ c = pParse->zJson[j+1];
+ if( c=='+' || c=='-' ){
+ j++;
+ c = pParse->zJson[j+1];
+ }
+ if( c<'0' || c>'9' ) return -1;
+ continue;
+ }
+ break;
+ }
+ if( pParse->zJson[j-1]<'0' ) return -1;
+ jsonParseAddNode(pParse, seenDP ? JSON_REAL : JSON_INT,
+ j - i, &pParse->zJson[i]);
+ return j;
+ }else if( c=='}' ){
+ return -2; /* End of {...} */
+ }else if( c==']' ){
+ return -3; /* End of [...] */
+ }else if( c==0 ){
+ return 0; /* End of file */
+ }else{
+ return -1; /* Syntax error */
+ }
+}
+
+/*
+** Parse a complete JSON string. Return 0 on success or non-zero if there
+** are any errors. If an error occurs, free all memory associated with
+** pParse.
+**
+** pParse is uninitialized when this routine is called.
+*/
+static int jsonParse(
+ JsonParse *pParse, /* Initialize and fill this JsonParse object */
+ sqlite3_context *pCtx, /* Report errors here */
+ const char *zJson /* Input JSON text to be parsed */
+){
+ int i;
+ memset(pParse, 0, sizeof(*pParse));
+ if( zJson==0 ) return 1;
+ pParse->zJson = zJson;
+ i = jsonParseValue(pParse, 0);
+ if( pParse->oom ) i = -1;
+ if( i>0 ){
+ while( safe_isspace(zJson[i]) ) i++;
+ if( zJson[i] ) i = -1;
+ }
+ if( i<=0 ){
+ if( pCtx!=0 ){
+ if( pParse->oom ){
+ sqlite3_result_error_nomem(pCtx);
+ }else{
+ sqlite3_result_error(pCtx, "malformed JSON", -1);
+ }
+ }
+ jsonParseReset(pParse);
+ return 1;
+ }
+ return 0;
+}
+
+/* Mark node i of pParse as being a child of iParent. Call recursively
+** to fill in all the descendants of node i.
+*/
+static void jsonParseFillInParentage(JsonParse *pParse, u32 i, u32 iParent){
+ JsonNode *pNode = &pParse->aNode[i];
+ u32 j;
+ pParse->aUp[i] = iParent;
+ switch( pNode->eType ){
+ case JSON_ARRAY: {
+ for(j=1; j<=pNode->n; j += jsonNodeSize(pNode+j)){
+ jsonParseFillInParentage(pParse, i+j, i);
+ }
+ break;
+ }
+ case JSON_OBJECT: {
+ for(j=1; j<=pNode->n; j += jsonNodeSize(pNode+j+1)+1){
+ pParse->aUp[i+j] = i;
+ jsonParseFillInParentage(pParse, i+j+1, i);
+ }
+ break;
+ }
+ default: {
+ break;
+ }
+ }
+}
+
+/*
+** Compute the parentage of all nodes in a completed parse.
+*/
+static int jsonParseFindParents(JsonParse *pParse){
+ u32 *aUp;
+ assert( pParse->aUp==0 );
+ aUp = pParse->aUp = sqlite3_malloc( sizeof(u32)*pParse->nNode );
+ if( aUp==0 ){
+ pParse->oom = 1;
+ return SQLITE_NOMEM;
+ }
+ jsonParseFillInParentage(pParse, 0, 0);
+ return SQLITE_OK;
+}
+
+/*
+** Compare the OBJECT label at pNode against zKey,nKey. Return true on
+** a match.
+*/
+static int jsonLabelCompare(JsonNode *pNode, const char *zKey, u32 nKey){
+ if( pNode->jnFlags & JNODE_RAW ){
+ if( pNode->n!=nKey ) return 0;
+ return strncmp(pNode->u.zJContent, zKey, nKey)==0;
+ }else{
+ if( pNode->n!=nKey+2 ) return 0;
+ return strncmp(pNode->u.zJContent+1, zKey, nKey)==0;
+ }
+}
+
+/* forward declaration */
+static JsonNode *jsonLookupAppend(JsonParse*,const char*,int*,const char**);
+
+/*
+** Search along zPath to find the node specified. Return a pointer
+** to that node, or NULL if zPath is malformed or if there is no such
+** node.
+**
+** If pApnd!=0, then try to append new nodes to complete zPath if it is
+** possible to do so and if no existing node corresponds to zPath. If
+** new nodes are appended *pApnd is set to 1.
+*/
+static JsonNode *jsonLookupStep(
+ JsonParse *pParse, /* The JSON to search */
+ u32 iRoot, /* Begin the search at this node */
+ const char *zPath, /* The path to search */
+ int *pApnd, /* Append nodes to complete path if not NULL */
+ const char **pzErr /* Make *pzErr point to any syntax error in zPath */
+){
+ u32 i, j, nKey;
+ const char *zKey;
+ JsonNode *pRoot = &pParse->aNode[iRoot];
+ if( zPath[0]==0 ) return pRoot;
+ if( zPath[0]=='.' ){
+ if( pRoot->eType!=JSON_OBJECT ) return 0;
+ zPath++;
+ if( zPath[0]=='"' ){
+ zKey = zPath + 1;
+ for(i=1; zPath[i] && zPath[i]!='"'; i++){}
+ nKey = i-1;
+ if( zPath[i] ){
+ i++;
+ }else{
+ *pzErr = zPath;
+ return 0;
+ }
+ }else{
+ zKey = zPath;
+ for(i=0; zPath[i] && zPath[i]!='.' && zPath[i]!='['; i++){}
+ nKey = i;
+ }
+ if( nKey==0 ){
+ *pzErr = zPath;
+ return 0;
+ }
+ j = 1;
+ for(;;){
+ while( j<=pRoot->n ){
+ if( jsonLabelCompare(pRoot+j, zKey, nKey) ){
+ return jsonLookupStep(pParse, iRoot+j+1, &zPath[i], pApnd, pzErr);
+ }
+ j++;
+ j += jsonNodeSize(&pRoot[j]);
+ }
+ if( (pRoot->jnFlags & JNODE_APPEND)==0 ) break;
+ iRoot += pRoot->u.iAppend;
+ pRoot = &pParse->aNode[iRoot];
+ j = 1;
+ }
+ if( pApnd ){
+ u32 iStart, iLabel;
+ JsonNode *pNode;
+ iStart = jsonParseAddNode(pParse, JSON_OBJECT, 2, 0);
+ iLabel = jsonParseAddNode(pParse, JSON_STRING, i, zPath);
+ zPath += i;
+ pNode = jsonLookupAppend(pParse, zPath, pApnd, pzErr);
+ if( pParse->oom ) return 0;
+ if( pNode ){
+ pRoot = &pParse->aNode[iRoot];
+ pRoot->u.iAppend = iStart - iRoot;
+ pRoot->jnFlags |= JNODE_APPEND;
+ pParse->aNode[iLabel].jnFlags |= JNODE_RAW;
+ }
+ return pNode;
+ }
+ }else if( zPath[0]=='[' && safe_isdigit(zPath[1]) ){
+ if( pRoot->eType!=JSON_ARRAY ) return 0;
+ i = 0;
+ j = 1;
+ while( safe_isdigit(zPath[j]) ){
+ i = i*10 + zPath[j] - '0';
+ j++;
+ }
+ if( zPath[j]!=']' ){
+ *pzErr = zPath;
+ return 0;
+ }
+ zPath += j + 1;
+ j = 1;
+ for(;;){
+ while( j<=pRoot->n && (i>0 || (pRoot[j].jnFlags & JNODE_REMOVE)!=0) ){
+ if( (pRoot[j].jnFlags & JNODE_REMOVE)==0 ) i--;
+ j += jsonNodeSize(&pRoot[j]);
+ }
+ if( (pRoot->jnFlags & JNODE_APPEND)==0 ) break;
+ iRoot += pRoot->u.iAppend;
+ pRoot = &pParse->aNode[iRoot];
+ j = 1;
+ }
+ if( j<=pRoot->n ){
+ return jsonLookupStep(pParse, iRoot+j, zPath, pApnd, pzErr);
+ }
+ if( i==0 && pApnd ){
+ u32 iStart;
+ JsonNode *pNode;
+ iStart = jsonParseAddNode(pParse, JSON_ARRAY, 1, 0);
+ pNode = jsonLookupAppend(pParse, zPath, pApnd, pzErr);
+ if( pParse->oom ) return 0;
+ if( pNode ){
+ pRoot = &pParse->aNode[iRoot];
+ pRoot->u.iAppend = iStart - iRoot;
+ pRoot->jnFlags |= JNODE_APPEND;
+ }
+ return pNode;
+ }
+ }else{
+ *pzErr = zPath;
+ }
+ return 0;
+}
+
+/*
+** Append content to pParse that will complete zPath. Return a pointer
+** to the inserted node, or return NULL if the append fails.
+*/
+static JsonNode *jsonLookupAppend(
+ JsonParse *pParse, /* Append content to the JSON parse */
+ const char *zPath, /* Description of content to append */
+ int *pApnd, /* Set this flag to 1 */
+ const char **pzErr /* Make this point to any syntax error */
+){
+ *pApnd = 1;
+ if( zPath[0]==0 ){
+ jsonParseAddNode(pParse, JSON_NULL, 0, 0);
+ return pParse->oom ? 0 : &pParse->aNode[pParse->nNode-1];
+ }
+ if( zPath[0]=='.' ){
+ jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
+ }else if( strncmp(zPath,"[0]",3)==0 ){
+ jsonParseAddNode(pParse, JSON_ARRAY, 0, 0);
+ }else{
+ return 0;
+ }
+ if( pParse->oom ) return 0;
+ return jsonLookupStep(pParse, pParse->nNode-1, zPath, pApnd, pzErr);
+}
+
+/*
+** Return the text of a syntax error message on a JSON path. Space is
+** obtained from sqlite3_malloc().
+*/
+static char *jsonPathSyntaxError(const char *zErr){
+ return sqlite3_mprintf("JSON path error near '%q'", zErr);
+}
+
+/*
+** Do a node lookup using zPath. Return a pointer to the node on success.
+** Return NULL if not found or if there is an error.
+**
+** On an error, write an error message into pCtx and increment the
+** pParse->nErr counter.
+**
+** If pApnd!=NULL then try to append missing nodes and set *pApnd = 1 if
+** nodes are appended.
+*/
+static JsonNode *jsonLookup(
+ JsonParse *pParse, /* The JSON to search */
+ const char *zPath, /* The path to search */
+ int *pApnd, /* Append nodes to complete path if not NULL */
+ sqlite3_context *pCtx /* Report errors here, if not NULL */
+){
+ const char *zErr = 0;
+ JsonNode *pNode = 0;
+ char *zMsg;
+
+ if( zPath==0 ) return 0;
+ if( zPath[0]!='$' ){
+ zErr = zPath;
+ goto lookup_err;
+ }
+ zPath++;
+ pNode = jsonLookupStep(pParse, 0, zPath, pApnd, &zErr);
+ if( zErr==0 ) return pNode;
+
+lookup_err:
+ pParse->nErr++;
+ assert( zErr!=0 && pCtx!=0 );
+ zMsg = jsonPathSyntaxError(zErr);
+ if( zMsg ){
+ sqlite3_result_error(pCtx, zMsg, -1);
+ sqlite3_free(zMsg);
+ }else{
+ sqlite3_result_error_nomem(pCtx);
+ }
+ return 0;
+}
+
+
+/*
+** Report the wrong number of arguments for json_insert(), json_replace()
+** or json_set().
+*/
+static void jsonWrongNumArgs(
+ sqlite3_context *pCtx,
+ const char *zFuncName
+){
+ char *zMsg = sqlite3_mprintf("json_%s() needs an odd number of arguments",
+ zFuncName);
+ sqlite3_result_error(pCtx, zMsg, -1);
+ sqlite3_free(zMsg);
+}
+
+
+/****************************************************************************
+** SQL functions used for testing and debugging
+****************************************************************************/
+
+#ifdef SQLITE_DEBUG
+/*
+** The json_parse(JSON) function returns a string which describes
+** a parse of the JSON provided. Or it returns NULL if JSON is not
+** well-formed.
+*/
+static void jsonParseFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonString s; /* Output string - not real JSON */
+ JsonParse x; /* The parse */
+ u32 i;
+
+ assert( argc==1 );
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ jsonParseFindParents(&x);
+ jsonInit(&s, ctx);
+ for(i=0; i<x.nNode; i++){
+ const char *zType;
+ if( x.aNode[i].jnFlags & JNODE_LABEL ){
+ assert( x.aNode[i].eType==JSON_STRING );
+ zType = "label";
+ }else{
+ zType = jsonType[x.aNode[i].eType];
+ }
+ jsonPrintf(100, &s,"node %3u: %7s n=%-4d up=%-4d",
+ i, zType, x.aNode[i].n, x.aUp[i]);
+ if( x.aNode[i].u.zJContent!=0 ){
+ jsonAppendRaw(&s, " ", 1);
+ jsonAppendRaw(&s, x.aNode[i].u.zJContent, x.aNode[i].n);
+ }
+ jsonAppendRaw(&s, "\n", 1);
+ }
+ jsonParseReset(&x);
+ jsonResult(&s);
+}
+
+/*
+** The json_test1(JSON) function return true (1) if the input is JSON
+** text generated by another json function. It returns (0) if the input
+** is not known to be JSON.
+*/
+static void jsonTest1Func(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ UNUSED_PARAM(argc);
+ sqlite3_result_int(ctx, sqlite3_value_subtype(argv[0])==JSON_SUBTYPE);
+}
+#endif /* SQLITE_DEBUG */
+
+/****************************************************************************
+** Scalar SQL function implementations
+****************************************************************************/
+
+/*
+** Implementation of the json_array(VALUE,...) function. Return a JSON
+** array that contains all values given in arguments. Or if any argument
+** is a BLOB, throw an error.
+*/
+static void jsonArrayFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ int i;
+ JsonString jx;
+
+ jsonInit(&jx, ctx);
+ jsonAppendChar(&jx, '[');
+ for(i=0; i<argc; i++){
+ jsonAppendSeparator(&jx);
+ jsonAppendValue(&jx, argv[i]);
+ }
+ jsonAppendChar(&jx, ']');
+ jsonResult(&jx);
+ sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+}
+
+
+/*
+** json_array_length(JSON)
+** json_array_length(JSON, PATH)
+**
+** Return the number of elements in the top-level JSON array.
+** Return 0 if the input is not a well-formed JSON array.
+*/
+static void jsonArrayLengthFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ sqlite3_int64 n = 0;
+ u32 i;
+ JsonNode *pNode;
+
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ assert( x.nNode );
+ if( argc==2 ){
+ const char *zPath = (const char*)sqlite3_value_text(argv[1]);
+ pNode = jsonLookup(&x, zPath, 0, ctx);
+ }else{
+ pNode = x.aNode;
+ }
+ if( pNode==0 ){
+ x.nErr = 1;
+ }else if( pNode->eType==JSON_ARRAY ){
+ assert( (pNode->jnFlags & JNODE_APPEND)==0 );
+ for(i=1; i<=pNode->n; n++){
+ i += jsonNodeSize(&pNode[i]);
+ }
+ }
+ if( x.nErr==0 ) sqlite3_result_int64(ctx, n);
+ jsonParseReset(&x);
+}
+
+/*
+** json_extract(JSON, PATH, ...)
+**
+** Return the element described by PATH. Return NULL if there is no
+** PATH element. If there are multiple PATHs, then return a JSON array
+** with the result from each path. Throw an error if the JSON or any PATH
+** is malformed.
+*/
+static void jsonExtractFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ JsonNode *pNode;
+ const char *zPath;
+ JsonString jx;
+ int i;
+
+ if( argc<2 ) return;
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ jsonInit(&jx, ctx);
+ jsonAppendChar(&jx, '[');
+ for(i=1; i<argc; i++){
+ zPath = (const char*)sqlite3_value_text(argv[i]);
+ pNode = jsonLookup(&x, zPath, 0, ctx);
+ if( x.nErr ) break;
+ if( argc>2 ){
+ jsonAppendSeparator(&jx);
+ if( pNode ){
+ jsonRenderNode(pNode, &jx, 0);
+ }else{
+ jsonAppendRaw(&jx, "null", 4);
+ }
+ }else if( pNode ){
+ jsonReturn(pNode, ctx, 0);
+ }
+ }
+ if( argc>2 && i==argc ){
+ jsonAppendChar(&jx, ']');
+ jsonResult(&jx);
+ sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+ }
+ jsonReset(&jx);
+ jsonParseReset(&x);
+}
+
+/*
+** Implementation of the json_object(NAME,VALUE,...) function. Return a JSON
+** object that contains all name/value given in arguments. Or if any name
+** is not a string or if any value is a BLOB, throw an error.
+*/
+static void jsonObjectFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ int i;
+ JsonString jx;
+ const char *z;
+ u32 n;
+
+ if( argc&1 ){
+ sqlite3_result_error(ctx, "json_object() requires an even number "
+ "of arguments", -1);
+ return;
+ }
+ jsonInit(&jx, ctx);
+ jsonAppendChar(&jx, '{');
+ for(i=0; i<argc; i+=2){
+ if( sqlite3_value_type(argv[i])!=SQLITE_TEXT ){
+ sqlite3_result_error(ctx, "json_object() labels must be TEXT", -1);
+ jsonReset(&jx);
+ return;
+ }
+ jsonAppendSeparator(&jx);
+ z = (const char*)sqlite3_value_text(argv[i]);
+ n = (u32)sqlite3_value_bytes(argv[i]);
+ jsonAppendString(&jx, z, n);
+ jsonAppendChar(&jx, ':');
+ jsonAppendValue(&jx, argv[i+1]);
+ }
+ jsonAppendChar(&jx, '}');
+ jsonResult(&jx);
+ sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+}
+
+
+/*
+** json_remove(JSON, PATH, ...)
+**
+** Remove the named elements from JSON and return the result. malformed
+** JSON or PATH arguments result in an error.
+*/
+static void jsonRemoveFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ JsonNode *pNode;
+ const char *zPath;
+ u32 i;
+
+ if( argc<1 ) return;
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ assert( x.nNode );
+ for(i=1; i<(u32)argc; i++){
+ zPath = (const char*)sqlite3_value_text(argv[i]);
+ if( zPath==0 ) goto remove_done;
+ pNode = jsonLookup(&x, zPath, 0, ctx);
+ if( x.nErr ) goto remove_done;
+ if( pNode ) pNode->jnFlags |= JNODE_REMOVE;
+ }
+ if( (x.aNode[0].jnFlags & JNODE_REMOVE)==0 ){
+ jsonReturnJson(x.aNode, ctx, 0);
+ }
+remove_done:
+ jsonParseReset(&x);
+}
+
+/*
+** json_replace(JSON, PATH, VALUE, ...)
+**
+** Replace the value at PATH with VALUE. If PATH does not already exist,
+** this routine is a no-op. If JSON or PATH is malformed, throw an error.
+*/
+static void jsonReplaceFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ JsonNode *pNode;
+ const char *zPath;
+ u32 i;
+
+ if( argc<1 ) return;
+ if( (argc&1)==0 ) {
+ jsonWrongNumArgs(ctx, "replace");
+ return;
+ }
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ assert( x.nNode );
+ for(i=1; i<(u32)argc; i+=2){
+ zPath = (const char*)sqlite3_value_text(argv[i]);
+ pNode = jsonLookup(&x, zPath, 0, ctx);
+ if( x.nErr ) goto replace_err;
+ if( pNode ){
+ pNode->jnFlags |= (u8)JNODE_REPLACE;
+ pNode->iVal = (u8)(i+1);
+ }
+ }
+ if( x.aNode[0].jnFlags & JNODE_REPLACE ){
+ sqlite3_result_value(ctx, argv[x.aNode[0].iVal]);
+ }else{
+ jsonReturnJson(x.aNode, ctx, argv);
+ }
+replace_err:
+ jsonParseReset(&x);
+}
+
+/*
+** json_set(JSON, PATH, VALUE, ...)
+**
+** Set the value at PATH to VALUE. Create the PATH if it does not already
+** exist. Overwrite existing values that do exist.
+** If JSON or PATH is malformed, throw an error.
+**
+** json_insert(JSON, PATH, VALUE, ...)
+**
+** Create PATH and initialize it to VALUE. If PATH already exists, this
+** routine is a no-op. If JSON or PATH is malformed, throw an error.
+*/
+static void jsonSetFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ JsonNode *pNode;
+ const char *zPath;
+ u32 i;
+ int bApnd;
+ int bIsSet = *(int*)sqlite3_user_data(ctx);
+
+ if( argc<1 ) return;
+ if( (argc&1)==0 ) {
+ jsonWrongNumArgs(ctx, bIsSet ? "set" : "insert");
+ return;
+ }
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ assert( x.nNode );
+ for(i=1; i<(u32)argc; i+=2){
+ zPath = (const char*)sqlite3_value_text(argv[i]);
+ bApnd = 0;
+ pNode = jsonLookup(&x, zPath, &bApnd, ctx);
+ if( x.oom ){
+ sqlite3_result_error_nomem(ctx);
+ goto jsonSetDone;
+ }else if( x.nErr ){
+ goto jsonSetDone;
+ }else if( pNode && (bApnd || bIsSet) ){
+ pNode->jnFlags |= (u8)JNODE_REPLACE;
+ pNode->iVal = (u8)(i+1);
+ }
+ }
+ if( x.aNode[0].jnFlags & JNODE_REPLACE ){
+ sqlite3_result_value(ctx, argv[x.aNode[0].iVal]);
+ }else{
+ jsonReturnJson(x.aNode, ctx, argv);
+ }
+jsonSetDone:
+ jsonParseReset(&x);
+}
+
+/*
+** json_type(JSON)
+** json_type(JSON, PATH)
+**
+** Return the top-level "type" of a JSON string. Throw an error if
+** either the JSON or PATH inputs are not well-formed.
+*/
+static void jsonTypeFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ const char *zPath;
+ JsonNode *pNode;
+
+ if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
+ assert( x.nNode );
+ if( argc==2 ){
+ zPath = (const char*)sqlite3_value_text(argv[1]);
+ pNode = jsonLookup(&x, zPath, 0, ctx);
+ }else{
+ pNode = x.aNode;
+ }
+ if( pNode ){
+ sqlite3_result_text(ctx, jsonType[pNode->eType], -1, SQLITE_STATIC);
+ }
+ jsonParseReset(&x);
+}
+
+/*
+** json_valid(JSON)
+**
+** Return 1 if JSON is a well-formed JSON string according to RFC-7159.
+** Return 0 otherwise.
+*/
+static void jsonValidFunc(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonParse x; /* The parse */
+ int rc = 0;
+
+ UNUSED_PARAM(argc);
+ if( jsonParse(&x, 0, (const char*)sqlite3_value_text(argv[0]))==0 ){
+ rc = 1;
+ }
+ jsonParseReset(&x);
+ sqlite3_result_int(ctx, rc);
+}
+
+
+/****************************************************************************
+** Aggregate SQL function implementations
+****************************************************************************/
+/*
+** json_group_array(VALUE)
+**
+** Return a JSON array composed of all values in the aggregate.
+*/
+static void jsonArrayStep(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonString *pStr;
+ pStr = (JsonString*)sqlite3_aggregate_context(ctx, sizeof(*pStr));
+ if( pStr ){
+ if( pStr->zBuf==0 ){
+ jsonInit(pStr, ctx);
+ jsonAppendChar(pStr, '[');
+ }else{
+ jsonAppendChar(pStr, ',');
+ pStr->pCtx = ctx;
+ }
+ jsonAppendValue(pStr, argv[0]);
+ }
+}
+static void jsonArrayFinal(sqlite3_context *ctx){
+ JsonString *pStr;
+ pStr = (JsonString*)sqlite3_aggregate_context(ctx, 0);
+ if( pStr ){
+ pStr->pCtx = ctx;
+ jsonAppendChar(pStr, ']');
+ if( pStr->bErr ){
+ sqlite3_result_error_nomem(ctx);
+ assert( pStr->bStatic );
+ }else{
+ sqlite3_result_text(ctx, pStr->zBuf, pStr->nUsed,
+ pStr->bStatic ? SQLITE_TRANSIENT : sqlite3_free);
+ pStr->bStatic = 1;
+ }
+ }else{
+ sqlite3_result_text(ctx, "[]", 2, SQLITE_STATIC);
+ }
+ sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+}
+
+/*
+** json_group_obj(NAME,VALUE)
+**
+** Return a JSON object composed of all names and values in the aggregate.
+*/
+static void jsonObjectStep(
+ sqlite3_context *ctx,
+ int argc,
+ sqlite3_value **argv
+){
+ JsonString *pStr;
+ const char *z;
+ u32 n;
+ pStr = (JsonString*)sqlite3_aggregate_context(ctx, sizeof(*pStr));
+ if( pStr ){
+ if( pStr->zBuf==0 ){
+ jsonInit(pStr, ctx);
+ jsonAppendChar(pStr, '{');
+ }else{
+ jsonAppendChar(pStr, ',');
+ pStr->pCtx = ctx;
+ }
+ z = (const char*)sqlite3_value_text(argv[0]);
+ n = (u32)sqlite3_value_bytes(argv[0]);
+ jsonAppendString(pStr, z, n);
+ jsonAppendChar(pStr, ':');
+ jsonAppendValue(pStr, argv[1]);
+ }
+}
+static void jsonObjectFinal(sqlite3_context *ctx){
+ JsonString *pStr;
+ pStr = (JsonString*)sqlite3_aggregate_context(ctx, 0);
+ if( pStr ){
+ jsonAppendChar(pStr, '}');
+ if( pStr->bErr ){
+ sqlite3_result_error_nomem(ctx);
+ assert( pStr->bStatic );
+ }else{
+ sqlite3_result_text(ctx, pStr->zBuf, pStr->nUsed,
+ pStr->bStatic ? SQLITE_TRANSIENT : sqlite3_free);
+ pStr->bStatic = 1;
+ }
+ }else{
+ sqlite3_result_text(ctx, "{}", 2, SQLITE_STATIC);
+ }
+ sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+}
+
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/****************************************************************************
+** The json_each virtual table
+****************************************************************************/
+typedef struct JsonEachCursor JsonEachCursor;
+struct JsonEachCursor {
+ sqlite3_vtab_cursor base; /* Base class - must be first */
+ u32 iRowid; /* The rowid */
+ u32 iBegin; /* The first node of the scan */
+ u32 i; /* Index in sParse.aNode[] of current row */
+ u32 iEnd; /* EOF when i equals or exceeds this value */
+ u8 eType; /* Type of top-level element */
+ u8 bRecursive; /* True for json_tree(). False for json_each() */
+ char *zJson; /* Input JSON */
+ char *zRoot; /* Path by which to filter zJson */
+ JsonParse sParse; /* Parse of the input JSON */
+};
+
+/* Constructor for the json_each virtual table */
+static int jsonEachConnect(
+ sqlite3 *db,
+ void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVtab,
+ char **pzErr
+){
+ sqlite3_vtab *pNew;
+ int rc;
+
+/* Column numbers */
+#define JEACH_KEY 0
+#define JEACH_VALUE 1
+#define JEACH_TYPE 2
+#define JEACH_ATOM 3
+#define JEACH_ID 4
+#define JEACH_PARENT 5
+#define JEACH_FULLKEY 6
+#define JEACH_PATH 7
+#define JEACH_JSON 8
+#define JEACH_ROOT 9
+
+ UNUSED_PARAM(pzErr);
+ UNUSED_PARAM(argv);
+ UNUSED_PARAM(argc);
+ UNUSED_PARAM(pAux);
+ rc = sqlite3_declare_vtab(db,
+ "CREATE TABLE x(key,value,type,atom,id,parent,fullkey,path,"
+ "json HIDDEN,root HIDDEN)");
+ if( rc==SQLITE_OK ){
+ pNew = *ppVtab = sqlite3_malloc( sizeof(*pNew) );
+ if( pNew==0 ) return SQLITE_NOMEM;
+ memset(pNew, 0, sizeof(*pNew));
+ }
+ return rc;
+}
+
+/* destructor for json_each virtual table */
+static int jsonEachDisconnect(sqlite3_vtab *pVtab){
+ sqlite3_free(pVtab);
+ return SQLITE_OK;
+}
+
+/* constructor for a JsonEachCursor object for json_each(). */
+static int jsonEachOpenEach(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCursor){
+ JsonEachCursor *pCur;
+
+ UNUSED_PARAM(p);
+ pCur = sqlite3_malloc( sizeof(*pCur) );
+ if( pCur==0 ) return SQLITE_NOMEM;
+ memset(pCur, 0, sizeof(*pCur));
+ *ppCursor = &pCur->base;
+ return SQLITE_OK;
+}
+
+/* constructor for a JsonEachCursor object for json_tree(). */
+static int jsonEachOpenTree(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCursor){
+ int rc = jsonEachOpenEach(p, ppCursor);
+ if( rc==SQLITE_OK ){
+ JsonEachCursor *pCur = (JsonEachCursor*)*ppCursor;
+ pCur->bRecursive = 1;
+ }
+ return rc;
+}
+
+/* Reset a JsonEachCursor back to its original state. Free any memory
+** held. */
+static void jsonEachCursorReset(JsonEachCursor *p){
+ sqlite3_free(p->zJson);
+ sqlite3_free(p->zRoot);
+ jsonParseReset(&p->sParse);
+ p->iRowid = 0;
+ p->i = 0;
+ p->iEnd = 0;
+ p->eType = 0;
+ p->zJson = 0;
+ p->zRoot = 0;
+}
+
+/* Destructor for a jsonEachCursor object */
+static int jsonEachClose(sqlite3_vtab_cursor *cur){
+ JsonEachCursor *p = (JsonEachCursor*)cur;
+ jsonEachCursorReset(p);
+ sqlite3_free(cur);
+ return SQLITE_OK;
+}
+
+/* Return TRUE if the jsonEachCursor object has been advanced off the end
+** of the JSON object */
+static int jsonEachEof(sqlite3_vtab_cursor *cur){
+ JsonEachCursor *p = (JsonEachCursor*)cur;
+ return p->i >= p->iEnd;
+}
+
+/* Advance the cursor to the next element for json_tree() */
+static int jsonEachNext(sqlite3_vtab_cursor *cur){
+ JsonEachCursor *p = (JsonEachCursor*)cur;
+ if( p->bRecursive ){
+ if( p->sParse.aNode[p->i].jnFlags & JNODE_LABEL ) p->i++;
+ p->i++;
+ p->iRowid++;
+ if( p->i<p->iEnd ){
+ u32 iUp = p->sParse.aUp[p->i];
+ JsonNode *pUp = &p->sParse.aNode[iUp];
+ p->eType = pUp->eType;
+ if( pUp->eType==JSON_ARRAY ){
+ if( iUp==p->i-1 ){
+ pUp->u.iKey = 0;
+ }else{
+ pUp->u.iKey++;
+ }
+ }
+ }
+ }else{
+ switch( p->eType ){
+ case JSON_ARRAY: {
+ p->i += jsonNodeSize(&p->sParse.aNode[p->i]);
+ p->iRowid++;
+ break;
+ }
+ case JSON_OBJECT: {
+ p->i += 1 + jsonNodeSize(&p->sParse.aNode[p->i+1]);
+ p->iRowid++;
+ break;
+ }
+ default: {
+ p->i = p->iEnd;
+ break;
+ }
+ }
+ }
+ return SQLITE_OK;
+}
+
+/* Append the name of the path for element i to pStr
+*/
+static void jsonEachComputePath(
+ JsonEachCursor *p, /* The cursor */
+ JsonString *pStr, /* Write the path here */
+ u32 i /* Path to this element */
+){
+ JsonNode *pNode, *pUp;
+ u32 iUp;
+ if( i==0 ){
+ jsonAppendChar(pStr, '$');
+ return;
+ }
+ iUp = p->sParse.aUp[i];
+ jsonEachComputePath(p, pStr, iUp);
+ pNode = &p->sParse.aNode[i];
+ pUp = &p->sParse.aNode[iUp];
+ if( pUp->eType==JSON_ARRAY ){
+ jsonPrintf(30, pStr, "[%d]", pUp->u.iKey);
+ }else{
+ assert( pUp->eType==JSON_OBJECT );
+ if( (pNode->jnFlags & JNODE_LABEL)==0 ) pNode--;
+ assert( pNode->eType==JSON_STRING );
+ assert( pNode->jnFlags & JNODE_LABEL );
+ jsonPrintf(pNode->n+1, pStr, ".%.*s", pNode->n-2, pNode->u.zJContent+1);
+ }
+}
+
+/* Return the value of a column */
+static int jsonEachColumn(
+ sqlite3_vtab_cursor *cur, /* The cursor */
+ sqlite3_context *ctx, /* First argument to sqlite3_result_...() */
+ int i /* Which column to return */
+){
+ JsonEachCursor *p = (JsonEachCursor*)cur;
+ JsonNode *pThis = &p->sParse.aNode[p->i];
+ switch( i ){
+ case JEACH_KEY: {
+ if( p->i==0 ) break;
+ if( p->eType==JSON_OBJECT ){
+ jsonReturn(pThis, ctx, 0);
+ }else if( p->eType==JSON_ARRAY ){
+ u32 iKey;
+ if( p->bRecursive ){
+ if( p->iRowid==0 ) break;
+ iKey = p->sParse.aNode[p->sParse.aUp[p->i]].u.iKey;
+ }else{
+ iKey = p->iRowid;
+ }
+ sqlite3_result_int64(ctx, (sqlite3_int64)iKey);
+ }
+ break;
+ }
+ case JEACH_VALUE: {
+ if( pThis->jnFlags & JNODE_LABEL ) pThis++;
+ jsonReturn(pThis, ctx, 0);
+ break;
+ }
+ case JEACH_TYPE: {
+ if( pThis->jnFlags & JNODE_LABEL ) pThis++;
+ sqlite3_result_text(ctx, jsonType[pThis->eType], -1, SQLITE_STATIC);
+ break;
+ }
+ case JEACH_ATOM: {
+ if( pThis->jnFlags & JNODE_LABEL ) pThis++;
+ if( pThis->eType>=JSON_ARRAY ) break;
+ jsonReturn(pThis, ctx, 0);
+ break;
+ }
+ case JEACH_ID: {
+ sqlite3_result_int64(ctx,
+ (sqlite3_int64)p->i + ((pThis->jnFlags & JNODE_LABEL)!=0));
+ break;
+ }
+ case JEACH_PARENT: {
+ if( p->i>p->iBegin && p->bRecursive ){
+ sqlite3_result_int64(ctx, (sqlite3_int64)p->sParse.aUp[p->i]);
+ }
+ break;
+ }
+ case JEACH_FULLKEY: {
+ JsonString x;
+ jsonInit(&x, ctx);
+ if( p->bRecursive ){
+ jsonEachComputePath(p, &x, p->i);
+ }else{
+ if( p->zRoot ){
+ jsonAppendRaw(&x, p->zRoot, (int)strlen(p->zRoot));
+ }else{
+ jsonAppendChar(&x, '$');
+ }
+ if( p->eType==JSON_ARRAY ){
+ jsonPrintf(30, &x, "[%d]", p->iRowid);
+ }else{
+ jsonPrintf(pThis->n, &x, ".%.*s", pThis->n-2, pThis->u.zJContent+1);
+ }
+ }
+ jsonResult(&x);
+ break;
+ }
+ case JEACH_PATH: {
+ if( p->bRecursive ){
+ JsonString x;
+ jsonInit(&x, ctx);
+ jsonEachComputePath(p, &x, p->sParse.aUp[p->i]);
+ jsonResult(&x);
+ break;
+ }
+ /* For json_each() path and root are the same so fall through
+ ** into the root case */
+ }
+ case JEACH_ROOT: {
+ const char *zRoot = p->zRoot;
+ if( zRoot==0 ) zRoot = "$";
+ sqlite3_result_text(ctx, zRoot, -1, SQLITE_STATIC);
+ break;
+ }
+ case JEACH_JSON: {
+ assert( i==JEACH_JSON );
+ sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_STATIC);
+ break;
+ }
+ }
+ return SQLITE_OK;
+}
+
+/* Return the current rowid value */
+static int jsonEachRowid(sqlite3_vtab_cursor *cur, sqlite_int64 *pRowid){
+ JsonEachCursor *p = (JsonEachCursor*)cur;
+ *pRowid = p->iRowid;
+ return SQLITE_OK;
+}
+
+/* The query strategy is to look for an equality constraint on the json
+** column. Without such a constraint, the table cannot operate. idxNum is
+** 1 if the constraint is found, 3 if the constraint and zRoot are found,
+** and 0 otherwise.
+*/
+static int jsonEachBestIndex(
+ sqlite3_vtab *tab,
+ sqlite3_index_info *pIdxInfo
+){
+ int i;
+ int jsonIdx = -1;
+ int rootIdx = -1;
+ const struct sqlite3_index_constraint *pConstraint;
+
+ UNUSED_PARAM(tab);
+ pConstraint = pIdxInfo->aConstraint;
+ for(i=0; i<pIdxInfo->nConstraint; i++, pConstraint++){
+ if( pConstraint->usable==0 ) continue;
+ if( pConstraint->op!=SQLITE_INDEX_CONSTRAINT_EQ ) continue;
+ switch( pConstraint->iColumn ){
+ case JEACH_JSON: jsonIdx = i; break;
+ case JEACH_ROOT: rootIdx = i; break;
+ default: /* no-op */ break;
+ }
+ }
+ if( jsonIdx<0 ){
+ pIdxInfo->idxNum = 0;
+ pIdxInfo->estimatedCost = 1e99;
+ }else{
+ pIdxInfo->estimatedCost = 1.0;
+ pIdxInfo->aConstraintUsage[jsonIdx].argvIndex = 1;
+ pIdxInfo->aConstraintUsage[jsonIdx].omit = 1;
+ if( rootIdx<0 ){
+ pIdxInfo->idxNum = 1;
+ }else{
+ pIdxInfo->aConstraintUsage[rootIdx].argvIndex = 2;
+ pIdxInfo->aConstraintUsage[rootIdx].omit = 1;
+ pIdxInfo->idxNum = 3;
+ }
+ }
+ return SQLITE_OK;
+}
+
+/* Start a search on a new JSON string */
+static int jsonEachFilter(
+ sqlite3_vtab_cursor *cur,
+ int idxNum, const char *idxStr,
+ int argc, sqlite3_value **argv
+){
+ JsonEachCursor *p = (JsonEachCursor*)cur;
+ const char *z;
+ const char *zRoot = 0;
+ sqlite3_int64 n;
+
+ UNUSED_PARAM(idxStr);
+ UNUSED_PARAM(argc);
+ jsonEachCursorReset(p);
+ if( idxNum==0 ) return SQLITE_OK;
+ z = (const char*)sqlite3_value_text(argv[0]);
+ if( z==0 ) return SQLITE_OK;
+ n = sqlite3_value_bytes(argv[0]);
+ p->zJson = sqlite3_malloc64( n+1 );
+ if( p->zJson==0 ) return SQLITE_NOMEM;
+ memcpy(p->zJson, z, (size_t)n+1);
+ if( jsonParse(&p->sParse, 0, p->zJson) ){
+ int rc = SQLITE_NOMEM;
+ if( p->sParse.oom==0 ){
+ sqlite3_free(cur->pVtab->zErrMsg);
+ cur->pVtab->zErrMsg = sqlite3_mprintf("malformed JSON");
+ if( cur->pVtab->zErrMsg ) rc = SQLITE_ERROR;
+ }
+ jsonEachCursorReset(p);
+ return rc;
+ }else if( p->bRecursive && jsonParseFindParents(&p->sParse) ){
+ jsonEachCursorReset(p);
+ return SQLITE_NOMEM;
+ }else{
+ JsonNode *pNode = 0;
+ if( idxNum==3 ){
+ const char *zErr = 0;
+ zRoot = (const char*)sqlite3_value_text(argv[1]);
+ if( zRoot==0 ) return SQLITE_OK;
+ n = sqlite3_value_bytes(argv[1]);
+ p->zRoot = sqlite3_malloc64( n+1 );
+ if( p->zRoot==0 ) return SQLITE_NOMEM;
+ memcpy(p->zRoot, zRoot, (size_t)n+1);
+ if( zRoot[0]!='$' ){
+ zErr = zRoot;
+ }else{
+ pNode = jsonLookupStep(&p->sParse, 0, p->zRoot+1, 0, &zErr);
+ }
+ if( zErr ){
+ sqlite3_free(cur->pVtab->zErrMsg);
+ cur->pVtab->zErrMsg = jsonPathSyntaxError(zErr);
+ jsonEachCursorReset(p);
+ return cur->pVtab->zErrMsg ? SQLITE_ERROR : SQLITE_NOMEM;
+ }else if( pNode==0 ){
+ return SQLITE_OK;
+ }
+ }else{
+ pNode = p->sParse.aNode;
+ }
+ p->iBegin = p->i = (int)(pNode - p->sParse.aNode);
+ p->eType = pNode->eType;
+ if( p->eType>=JSON_ARRAY ){
+ pNode->u.iKey = 0;
+ p->iEnd = p->i + pNode->n + 1;
+ if( p->bRecursive ){
+ p->eType = p->sParse.aNode[p->sParse.aUp[p->i]].eType;
+ if( p->i>0 && (p->sParse.aNode[p->i-1].jnFlags & JNODE_LABEL)!=0 ){
+ p->i--;
+ }
+ }else{
+ p->i++;
+ }
+ }else{
+ p->iEnd = p->i+1;
+ }
+ }
+ return SQLITE_OK;
+}
+
+/* The methods of the json_each virtual table */
+static sqlite3_module jsonEachModule = {
+ 0, /* iVersion */
+ 0, /* xCreate */
+ jsonEachConnect, /* xConnect */
+ jsonEachBestIndex, /* xBestIndex */
+ jsonEachDisconnect, /* xDisconnect */
+ 0, /* xDestroy */
+ jsonEachOpenEach, /* xOpen - open a cursor */
+ jsonEachClose, /* xClose - close a cursor */
+ jsonEachFilter, /* xFilter - configure scan constraints */
+ jsonEachNext, /* xNext - advance a cursor */
+ jsonEachEof, /* xEof - check for end of scan */
+ jsonEachColumn, /* xColumn - read data */
+ jsonEachRowid, /* xRowid - read data */
+ 0, /* xUpdate */
+ 0, /* xBegin */
+ 0, /* xSync */
+ 0, /* xCommit */
+ 0, /* xRollback */
+ 0, /* xFindMethod */
+ 0, /* xRename */
+ 0, /* xSavepoint */
+ 0, /* xRelease */
+ 0 /* xRollbackTo */
+};
+
+/* The methods of the json_tree virtual table. */
+static sqlite3_module jsonTreeModule = {
+ 0, /* iVersion */
+ 0, /* xCreate */
+ jsonEachConnect, /* xConnect */
+ jsonEachBestIndex, /* xBestIndex */
+ jsonEachDisconnect, /* xDisconnect */
+ 0, /* xDestroy */
+ jsonEachOpenTree, /* xOpen - open a cursor */
+ jsonEachClose, /* xClose - close a cursor */
+ jsonEachFilter, /* xFilter - configure scan constraints */
+ jsonEachNext, /* xNext - advance a cursor */
+ jsonEachEof, /* xEof - check for end of scan */
+ jsonEachColumn, /* xColumn - read data */
+ jsonEachRowid, /* xRowid - read data */
+ 0, /* xUpdate */
+ 0, /* xBegin */
+ 0, /* xSync */
+ 0, /* xCommit */
+ 0, /* xRollback */
+ 0, /* xFindMethod */
+ 0, /* xRename */
+ 0, /* xSavepoint */
+ 0, /* xRelease */
+ 0 /* xRollbackTo */
+};
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
+/****************************************************************************
+** The following routines are the only publically visible identifiers in this
+** file. Call the following routines in order to register the various SQL
+** functions and the virtual table implemented by this file.
+****************************************************************************/
+
+SQLITE_PRIVATE int sqlite3Json1Init(sqlite3 *db){
+ int rc = SQLITE_OK;
+ unsigned int i;
+ static const struct {
+ const char *zName;
+ int nArg;
+ int flag;
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**);
+ } aFunc[] = {
+ { "json", 1, 0, jsonRemoveFunc },
+ { "json_array", -1, 0, jsonArrayFunc },
+ { "json_array_length", 1, 0, jsonArrayLengthFunc },
+ { "json_array_length", 2, 0, jsonArrayLengthFunc },
+ { "json_extract", -1, 0, jsonExtractFunc },
+ { "json_insert", -1, 0, jsonSetFunc },
+ { "json_object", -1, 0, jsonObjectFunc },
+ { "json_remove", -1, 0, jsonRemoveFunc },
+ { "json_replace", -1, 0, jsonReplaceFunc },
+ { "json_set", -1, 1, jsonSetFunc },
+ { "json_type", 1, 0, jsonTypeFunc },
+ { "json_type", 2, 0, jsonTypeFunc },
+ { "json_valid", 1, 0, jsonValidFunc },
+
+#if SQLITE_DEBUG
+ /* DEBUG and TESTING functions */
+ { "json_parse", 1, 0, jsonParseFunc },
+ { "json_test1", 1, 0, jsonTest1Func },
+#endif
+ };
+ static const struct {
+ const char *zName;
+ int nArg;
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**);
+ void (*xFinal)(sqlite3_context*);
+ } aAgg[] = {
+ { "json_group_array", 1, jsonArrayStep, jsonArrayFinal },
+ { "json_group_object", 2, jsonObjectStep, jsonObjectFinal },
+ };
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ static const struct {
+ const char *zName;
+ sqlite3_module *pModule;
+ } aMod[] = {
+ { "json_each", &jsonEachModule },
+ { "json_tree", &jsonTreeModule },
+ };
+#endif
+ for(i=0; i<sizeof(aFunc)/sizeof(aFunc[0]) && rc==SQLITE_OK; i++){
+ rc = sqlite3_create_function(db, aFunc[i].zName, aFunc[i].nArg,
+ SQLITE_UTF8 | SQLITE_DETERMINISTIC,
+ (void*)&aFunc[i].flag,
+ aFunc[i].xFunc, 0, 0);
+ }
+ for(i=0; i<sizeof(aAgg)/sizeof(aAgg[0]) && rc==SQLITE_OK; i++){
+ rc = sqlite3_create_function(db, aAgg[i].zName, aAgg[i].nArg,
+ SQLITE_UTF8 | SQLITE_DETERMINISTIC, 0,
+ 0, aAgg[i].xStep, aAgg[i].xFinal);
+ }
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ for(i=0; i<sizeof(aMod)/sizeof(aMod[0]) && rc==SQLITE_OK; i++){
+ rc = sqlite3_create_module(db, aMod[i].zName, aMod[i].pModule, 0);
+ }
+#endif
+ return rc;
+}
+
+
+#ifndef SQLITE_CORE
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+SQLITE_API int SQLITE_STDCALL sqlite3_json_init(
+ sqlite3 *db,
+ char **pzErrMsg,
+ const sqlite3_api_routines *pApi
+){
+ SQLITE_EXTENSION_INIT2(pApi);
+ (void)pzErrMsg; /* Unused parameter */
+ return sqlite3Json1Init(db);
+}
+#endif
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_JSON1) */
+
+/************** End of json1.c ***********************************************/
+/************** Begin file fts5.c ********************************************/
+
+
+#if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS5)
+
+#if !defined(NDEBUG) && !defined(SQLITE_DEBUG)
+# define NDEBUG 1
+#endif
+#if defined(NDEBUG) && defined(SQLITE_DEBUG)
+# undef NDEBUG
+#endif
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Interfaces to extend FTS5. Using the interfaces defined in this file,
+** FTS5 may be extended with:
+**
+** * custom tokenizers, and
+** * custom auxiliary functions.
+*/
+
+
+#ifndef _FTS5_H
+#define _FTS5_H
+
+/* #include "sqlite3.h" */
+
+#if 0
+extern "C" {
+#endif
+
+/*************************************************************************
+** CUSTOM AUXILIARY FUNCTIONS
+**
+** Virtual table implementations may overload SQL functions by implementing
+** the sqlite3_module.xFindFunction() method.
+*/
+
+typedef struct Fts5ExtensionApi Fts5ExtensionApi;
+typedef struct Fts5Context Fts5Context;
+typedef struct Fts5PhraseIter Fts5PhraseIter;
+
+typedef void (*fts5_extension_function)(
+ const Fts5ExtensionApi *pApi, /* API offered by current FTS version */
+ Fts5Context *pFts, /* First arg to pass to pApi functions */
+ sqlite3_context *pCtx, /* Context for returning result/error */
+ int nVal, /* Number of values in apVal[] array */
+ sqlite3_value **apVal /* Array of trailing arguments */
+);
+
+struct Fts5PhraseIter {
+ const unsigned char *a;
+ const unsigned char *b;
+};
+
+/*
+** EXTENSION API FUNCTIONS
+**
+** xUserData(pFts):
+** Return a copy of the context pointer the extension function was
+** registered with.
+**
+** xColumnTotalSize(pFts, iCol, pnToken):
+** If parameter iCol is less than zero, set output variable *pnToken
+** to the total number of tokens in the FTS5 table. Or, if iCol is
+** non-negative but less than the number of columns in the table, return
+** the total number of tokens in column iCol, considering all rows in
+** the FTS5 table.
+**
+** If parameter iCol is greater than or equal to the number of columns
+** in the table, SQLITE_RANGE is returned. Or, if an error occurs (e.g.
+** an OOM condition or IO error), an appropriate SQLite error code is
+** returned.
+**
+** xColumnCount(pFts):
+** Return the number of columns in the table.
+**
+** xColumnSize(pFts, iCol, pnToken):
+** If parameter iCol is less than zero, set output variable *pnToken
+** to the total number of tokens in the current row. Or, if iCol is
+** non-negative but less than the number of columns in the table, set
+** *pnToken to the number of tokens in column iCol of the current row.
+**
+** If parameter iCol is greater than or equal to the number of columns
+** in the table, SQLITE_RANGE is returned. Or, if an error occurs (e.g.
+** an OOM condition or IO error), an appropriate SQLite error code is
+** returned.
+**
+** xColumnText:
+** This function attempts to retrieve the text of column iCol of the
+** current document. If successful, (*pz) is set to point to a buffer
+** containing the text in utf-8 encoding, (*pn) is set to the size in bytes
+** (not characters) of the buffer and SQLITE_OK is returned. Otherwise,
+** if an error occurs, an SQLite error code is returned and the final values
+** of (*pz) and (*pn) are undefined.
+**
+** xPhraseCount:
+** Returns the number of phrases in the current query expression.
+**
+** xPhraseSize:
+** Returns the number of tokens in phrase iPhrase of the query. Phrases
+** are numbered starting from zero.
+**
+** xInstCount:
+** Set *pnInst to the total number of occurrences of all phrases within
+** the query within the current row. Return SQLITE_OK if successful, or
+** an error code (i.e. SQLITE_NOMEM) if an error occurs.
+**
+** xInst:
+** Query for the details of phrase match iIdx within the current row.
+** Phrase matches are numbered starting from zero, so the iIdx argument
+** should be greater than or equal to zero and smaller than the value
+** output by xInstCount().
+**
+** Returns SQLITE_OK if successful, or an error code (i.e. SQLITE_NOMEM)
+** if an error occurs.
+**
+** xRowid:
+** Returns the rowid of the current row.
+**
+** xTokenize:
+** Tokenize text using the tokenizer belonging to the FTS5 table.
+**
+** xQueryPhrase(pFts5, iPhrase, pUserData, xCallback):
+** This API function is used to query the FTS table for phrase iPhrase
+** of the current query. Specifically, a query equivalent to:
+**
+** ... FROM ftstable WHERE ftstable MATCH $p ORDER BY rowid
+**
+** with $p set to a phrase equivalent to the phrase iPhrase of the
+** current query is executed. For each row visited, the callback function
+** passed as the fourth argument is invoked. The context and API objects
+** passed to the callback function may be used to access the properties of
+** each matched row. Invoking Api.xUserData() returns a copy of the pointer
+** passed as the third argument to pUserData.
+**
+** If the callback function returns any value other than SQLITE_OK, the
+** query is abandoned and the xQueryPhrase function returns immediately.
+** If the returned value is SQLITE_DONE, xQueryPhrase returns SQLITE_OK.
+** Otherwise, the error code is propagated upwards.
+**
+** If the query runs to completion without incident, SQLITE_OK is returned.
+** Or, if some error occurs before the query completes or is aborted by
+** the callback, an SQLite error code is returned.
+**
+**
+** xSetAuxdata(pFts5, pAux, xDelete)
+**
+** Save the pointer passed as the second argument as the extension functions
+** "auxiliary data". The pointer may then be retrieved by the current or any
+** future invocation of the same fts5 extension function made as part of
+** of the same MATCH query using the xGetAuxdata() API.
+**
+** Each extension function is allocated a single auxiliary data slot for
+** each FTS query (MATCH expression). If the extension function is invoked
+** more than once for a single FTS query, then all invocations share a
+** single auxiliary data context.
+**
+** If there is already an auxiliary data pointer when this function is
+** invoked, then it is replaced by the new pointer. If an xDelete callback
+** was specified along with the original pointer, it is invoked at this
+** point.
+**
+** The xDelete callback, if one is specified, is also invoked on the
+** auxiliary data pointer after the FTS5 query has finished.
+**
+** If an error (e.g. an OOM condition) occurs within this function, an
+** the auxiliary data is set to NULL and an error code returned. If the
+** xDelete parameter was not NULL, it is invoked on the auxiliary data
+** pointer before returning.
+**
+**
+** xGetAuxdata(pFts5, bClear)
+**
+** Returns the current auxiliary data pointer for the fts5 extension
+** function. See the xSetAuxdata() method for details.
+**
+** If the bClear argument is non-zero, then the auxiliary data is cleared
+** (set to NULL) before this function returns. In this case the xDelete,
+** if any, is not invoked.
+**
+**
+** xRowCount(pFts5, pnRow)
+**
+** This function is used to retrieve the total number of rows in the table.
+** In other words, the same value that would be returned by:
+**
+** SELECT count(*) FROM ftstable;
+**
+** xPhraseFirst()
+** This function is used, along with type Fts5PhraseIter and the xPhraseNext
+** method, to iterate through all instances of a single query phrase within
+** the current row. This is the same information as is accessible via the
+** xInstCount/xInst APIs. While the xInstCount/xInst APIs are more convenient
+** to use, this API may be faster under some circumstances. To iterate
+** through instances of phrase iPhrase, use the following code:
+**
+** Fts5PhraseIter iter;
+** int iCol, iOff;
+** for(pApi->xPhraseFirst(pFts, iPhrase, &iter, &iCol, &iOff);
+** iOff>=0;
+** pApi->xPhraseNext(pFts, &iter, &iCol, &iOff)
+** ){
+** // An instance of phrase iPhrase at offset iOff of column iCol
+** }
+**
+** The Fts5PhraseIter structure is defined above. Applications should not
+** modify this structure directly - it should only be used as shown above
+** with the xPhraseFirst() and xPhraseNext() API methods.
+**
+** xPhraseNext()
+** See xPhraseFirst above.
+*/
+struct Fts5ExtensionApi {
+ int iVersion; /* Currently always set to 1 */
+
+ void *(*xUserData)(Fts5Context*);
+
+ int (*xColumnCount)(Fts5Context*);
+ int (*xRowCount)(Fts5Context*, sqlite3_int64 *pnRow);
+ int (*xColumnTotalSize)(Fts5Context*, int iCol, sqlite3_int64 *pnToken);
+
+ int (*xTokenize)(Fts5Context*,
+ const char *pText, int nText, /* Text to tokenize */
+ void *pCtx, /* Context passed to xToken() */
+ int (*xToken)(void*, int, const char*, int, int, int) /* Callback */
+ );
+
+ int (*xPhraseCount)(Fts5Context*);
+ int (*xPhraseSize)(Fts5Context*, int iPhrase);
+
+ int (*xInstCount)(Fts5Context*, int *pnInst);
+ int (*xInst)(Fts5Context*, int iIdx, int *piPhrase, int *piCol, int *piOff);
+
+ sqlite3_int64 (*xRowid)(Fts5Context*);
+ int (*xColumnText)(Fts5Context*, int iCol, const char **pz, int *pn);
+ int (*xColumnSize)(Fts5Context*, int iCol, int *pnToken);
+
+ int (*xQueryPhrase)(Fts5Context*, int iPhrase, void *pUserData,
+ int(*)(const Fts5ExtensionApi*,Fts5Context*,void*)
+ );
+ int (*xSetAuxdata)(Fts5Context*, void *pAux, void(*xDelete)(void*));
+ void *(*xGetAuxdata)(Fts5Context*, int bClear);
+
+ void (*xPhraseFirst)(Fts5Context*, int iPhrase, Fts5PhraseIter*, int*, int*);
+ void (*xPhraseNext)(Fts5Context*, Fts5PhraseIter*, int *piCol, int *piOff);
+};
+
+/*
+** CUSTOM AUXILIARY FUNCTIONS
+*************************************************************************/
+
+/*************************************************************************
+** CUSTOM TOKENIZERS
+**
+** Applications may also register custom tokenizer types. A tokenizer
+** is registered by providing fts5 with a populated instance of the
+** following structure. All structure methods must be defined, setting
+** any member of the fts5_tokenizer struct to NULL leads to undefined
+** behaviour. The structure methods are expected to function as follows:
+**
+** xCreate:
+** This function is used to allocate and inititalize a tokenizer instance.
+** A tokenizer instance is required to actually tokenize text.
+**
+** The first argument passed to this function is a copy of the (void*)
+** pointer provided by the application when the fts5_tokenizer object
+** was registered with FTS5 (the third argument to xCreateTokenizer()).
+** The second and third arguments are an array of nul-terminated strings
+** containing the tokenizer arguments, if any, specified following the
+** tokenizer name as part of the CREATE VIRTUAL TABLE statement used
+** to create the FTS5 table.
+**
+** The final argument is an output variable. If successful, (*ppOut)
+** should be set to point to the new tokenizer handle and SQLITE_OK
+** returned. If an error occurs, some value other than SQLITE_OK should
+** be returned. In this case, fts5 assumes that the final value of *ppOut
+** is undefined.
+**
+** xDelete:
+** This function is invoked to delete a tokenizer handle previously
+** allocated using xCreate(). Fts5 guarantees that this function will
+** be invoked exactly once for each successful call to xCreate().
+**
+** xTokenize:
+** This function is expected to tokenize the nText byte string indicated
+** by argument pText. pText may or may not be nul-terminated. The first
+** argument passed to this function is a pointer to an Fts5Tokenizer object
+** returned by an earlier call to xCreate().
+**
+** The second argument indicates the reason that FTS5 is requesting
+** tokenization of the supplied text. This is always one of the following
+** four values:
+**
+** <ul><li> <b>FTS5_TOKENIZE_DOCUMENT</b> - A document is being inserted into
+** or removed from the FTS table. The tokenizer is being invoked to
+** determine the set of tokens to add to (or delete from) the
+** FTS index.
+**
+** <li> <b>FTS5_TOKENIZE_QUERY</b> - A MATCH query is being executed
+** against the FTS index. The tokenizer is being called to tokenize
+** a bareword or quoted string specified as part of the query.
+**
+** <li> <b>(FTS5_TOKENIZE_QUERY | FTS5_TOKENIZE_PREFIX)</b> - Same as
+** FTS5_TOKENIZE_QUERY, except that the bareword or quoted string is
+** followed by a "*" character, indicating that the last token
+** returned by the tokenizer will be treated as a token prefix.
+**
+** <li> <b>FTS5_TOKENIZE_AUX</b> - The tokenizer is being invoked to
+** satisfy an fts5_api.xTokenize() request made by an auxiliary
+** function. Or an fts5_api.xColumnSize() request made by the same
+** on a columnsize=0 database.
+** </ul>
+**
+** For each token in the input string, the supplied callback xToken() must
+** be invoked. The first argument to it should be a copy of the pointer
+** passed as the second argument to xTokenize(). The third and fourth
+** arguments are a pointer to a buffer containing the token text, and the
+** size of the token in bytes. The 4th and 5th arguments are the byte offsets
+** of the first byte of and first byte immediately following the text from
+** which the token is derived within the input.
+**
+** The second argument passed to the xToken() callback ("tflags") should
+** normally be set to 0. The exception is if the tokenizer supports
+** synonyms. In this case see the discussion below for details.
+**
+** FTS5 assumes the xToken() callback is invoked for each token in the
+** order that they occur within the input text.
+**
+** If an xToken() callback returns any value other than SQLITE_OK, then
+** the tokenization should be abandoned and the xTokenize() method should
+** immediately return a copy of the xToken() return value. Or, if the
+** input buffer is exhausted, xTokenize() should return SQLITE_OK. Finally,
+** if an error occurs with the xTokenize() implementation itself, it
+** may abandon the tokenization and return any error code other than
+** SQLITE_OK or SQLITE_DONE.
+**
+** SYNONYM SUPPORT
+**
+** Custom tokenizers may also support synonyms. Consider a case in which a
+** user wishes to query for a phrase such as "first place". Using the
+** built-in tokenizers, the FTS5 query 'first + place' will match instances
+** of "first place" within the document set, but not alternative forms
+** such as "1st place". In some applications, it would be better to match
+** all instances of "first place" or "1st place" regardless of which form
+** the user specified in the MATCH query text.
+**
+** There are several ways to approach this in FTS5:
+**
+** <ol><li> By mapping all synonyms to a single token. In this case, the
+** In the above example, this means that the tokenizer returns the
+** same token for inputs "first" and "1st". Say that token is in
+** fact "first", so that when the user inserts the document "I won
+** 1st place" entries are added to the index for tokens "i", "won",
+** "first" and "place". If the user then queries for '1st + place',
+** the tokenizer substitutes "first" for "1st" and the query works
+** as expected.
+**
+** <li> By adding multiple synonyms for a single term to the FTS index.
+** In this case, when tokenizing query text, the tokenizer may
+** provide multiple synonyms for a single term within the document.
+** FTS5 then queries the index for each synonym individually. For
+** example, faced with the query:
+**
+** <codeblock>
+** ... MATCH 'first place'</codeblock>
+**
+** the tokenizer offers both "1st" and "first" as synonyms for the
+** first token in the MATCH query and FTS5 effectively runs a query
+** similar to:
+**
+** <codeblock>
+** ... MATCH '(first OR 1st) place'</codeblock>
+**
+** except that, for the purposes of auxiliary functions, the query
+** still appears to contain just two phrases - "(first OR 1st)"
+** being treated as a single phrase.
+**
+** <li> By adding multiple synonyms for a single term to the FTS index.
+** Using this method, when tokenizing document text, the tokenizer
+** provides multiple synonyms for each token. So that when a
+** document such as "I won first place" is tokenized, entries are
+** added to the FTS index for "i", "won", "first", "1st" and
+** "place".
+**
+** This way, even if the tokenizer does not provide synonyms
+** when tokenizing query text (it should not - to do would be
+** inefficient), it doesn't matter if the user queries for
+** 'first + place' or '1st + place', as there are entires in the
+** FTS index corresponding to both forms of the first token.
+** </ol>
+**
+** Whether it is parsing document or query text, any call to xToken that
+** specifies a <i>tflags</i> argument with the FTS5_TOKEN_COLOCATED bit
+** is considered to supply a synonym for the previous token. For example,
+** when parsing the document "I won first place", a tokenizer that supports
+** synonyms would call xToken() 5 times, as follows:
+**
+** <codeblock>
+** xToken(pCtx, 0, "i", 1, 0, 1);
+** xToken(pCtx, 0, "won", 3, 2, 5);
+** xToken(pCtx, 0, "first", 5, 6, 11);
+** xToken(pCtx, FTS5_TOKEN_COLOCATED, "1st", 3, 6, 11);
+** xToken(pCtx, 0, "place", 5, 12, 17);
+**</codeblock>
+**
+** It is an error to specify the FTS5_TOKEN_COLOCATED flag the first time
+** xToken() is called. Multiple synonyms may be specified for a single token
+** by making multiple calls to xToken(FTS5_TOKEN_COLOCATED) in sequence.
+** There is no limit to the number of synonyms that may be provided for a
+** single token.
+**
+** In many cases, method (1) above is the best approach. It does not add
+** extra data to the FTS index or require FTS5 to query for multiple terms,
+** so it is efficient in terms of disk space and query speed. However, it
+** does not support prefix queries very well. If, as suggested above, the
+** token "first" is subsituted for "1st" by the tokenizer, then the query:
+**
+** <codeblock>
+** ... MATCH '1s*'</codeblock>
+**
+** will not match documents that contain the token "1st" (as the tokenizer
+** will probably not map "1s" to any prefix of "first").
+**
+** For full prefix support, method (3) may be preferred. In this case,
+** because the index contains entries for both "first" and "1st", prefix
+** queries such as 'fi*' or '1s*' will match correctly. However, because
+** extra entries are added to the FTS index, this method uses more space
+** within the database.
+**
+** Method (2) offers a midpoint between (1) and (3). Using this method,
+** a query such as '1s*' will match documents that contain the literal
+** token "1st", but not "first" (assuming the tokenizer is not able to
+** provide synonyms for prefixes). However, a non-prefix query like '1st'
+** will match against "1st" and "first". This method does not require
+** extra disk space, as no extra entries are added to the FTS index.
+** On the other hand, it may require more CPU cycles to run MATCH queries,
+** as separate queries of the FTS index are required for each synonym.
+**
+** When using methods (2) or (3), it is important that the tokenizer only
+** provide synonyms when tokenizing document text (method (2)) or query
+** text (method (3)), not both. Doing so will not cause any errors, but is
+** inefficient.
+*/
+typedef struct Fts5Tokenizer Fts5Tokenizer;
+typedef struct fts5_tokenizer fts5_tokenizer;
+struct fts5_tokenizer {
+ int (*xCreate)(void*, const char **azArg, int nArg, Fts5Tokenizer **ppOut);
+ void (*xDelete)(Fts5Tokenizer*);
+ int (*xTokenize)(Fts5Tokenizer*,
+ void *pCtx,
+ int flags, /* Mask of FTS5_TOKENIZE_* flags */
+ const char *pText, int nText,
+ int (*xToken)(
+ void *pCtx, /* Copy of 2nd argument to xTokenize() */
+ int tflags, /* Mask of FTS5_TOKEN_* flags */
+ const char *pToken, /* Pointer to buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStart, /* Byte offset of token within input text */
+ int iEnd /* Byte offset of end of token within input text */
+ )
+ );
+};
+
+/* Flags that may be passed as the third argument to xTokenize() */
+#define FTS5_TOKENIZE_QUERY 0x0001
+#define FTS5_TOKENIZE_PREFIX 0x0002
+#define FTS5_TOKENIZE_DOCUMENT 0x0004
+#define FTS5_TOKENIZE_AUX 0x0008
+
+/* Flags that may be passed by the tokenizer implementation back to FTS5
+** as the third argument to the supplied xToken callback. */
+#define FTS5_TOKEN_COLOCATED 0x0001 /* Same position as prev. token */
+
+/*
+** END OF CUSTOM TOKENIZERS
+*************************************************************************/
+
+/*************************************************************************
+** FTS5 EXTENSION REGISTRATION API
+*/
+typedef struct fts5_api fts5_api;
+struct fts5_api {
+ int iVersion; /* Currently always set to 2 */
+
+ /* Create a new tokenizer */
+ int (*xCreateTokenizer)(
+ fts5_api *pApi,
+ const char *zName,
+ void *pContext,
+ fts5_tokenizer *pTokenizer,
+ void (*xDestroy)(void*)
+ );
+
+ /* Find an existing tokenizer */
+ int (*xFindTokenizer)(
+ fts5_api *pApi,
+ const char *zName,
+ void **ppContext,
+ fts5_tokenizer *pTokenizer
+ );
+
+ /* Create a new auxiliary function */
+ int (*xCreateFunction)(
+ fts5_api *pApi,
+ const char *zName,
+ void *pContext,
+ fts5_extension_function xFunction,
+ void (*xDestroy)(void*)
+ );
+};
+
+/*
+** END OF REGISTRATION API
+*************************************************************************/
+
+#if 0
+} /* end of the 'extern "C"' block */
+#endif
+
+#endif /* _FTS5_H */
+
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+*/
+#ifndef _FTS5INT_H
+#define _FTS5INT_H
+
+/* #include "fts5.h" */
+/* #include "sqlite3ext.h" */
+SQLITE_EXTENSION_INIT1
+
+/* #include <string.h> */
+/* #include <assert.h> */
+
+#ifndef SQLITE_AMALGAMATION
+
+typedef unsigned char u8;
+typedef unsigned int u32;
+typedef unsigned short u16;
+typedef sqlite3_int64 i64;
+typedef sqlite3_uint64 u64;
+
+#define ArraySize(x) (sizeof(x) / sizeof(x[0]))
+
+#define testcase(x)
+#define ALWAYS(x) 1
+#define NEVER(x) 0
+
+#define MIN(x,y) (((x) < (y)) ? (x) : (y))
+#define MAX(x,y) (((x) > (y)) ? (x) : (y))
+
+/*
+** Constants for the largest and smallest possible 64-bit signed integers.
+*/
+# define LARGEST_INT64 (0xffffffff|(((i64)0x7fffffff)<<32))
+# define SMALLEST_INT64 (((i64)-1) - LARGEST_INT64)
+
+#endif
+
+
+/*
+** Maximum number of prefix indexes on single FTS5 table. This must be
+** less than 32. If it is set to anything large than that, an #error
+** directive in fts5_index.c will cause the build to fail.
+*/
+#define FTS5_MAX_PREFIX_INDEXES 31
+
+#define FTS5_DEFAULT_NEARDIST 10
+#define FTS5_DEFAULT_RANK "bm25"
+
+/* Name of rank and rowid columns */
+#define FTS5_RANK_NAME "rank"
+#define FTS5_ROWID_NAME "rowid"
+
+#ifdef SQLITE_DEBUG
+# define FTS5_CORRUPT sqlite3Fts5Corrupt()
+static int sqlite3Fts5Corrupt(void);
+#else
+# define FTS5_CORRUPT SQLITE_CORRUPT_VTAB
+#endif
+
+/*
+** The assert_nc() macro is similar to the assert() macro, except that it
+** is used for assert() conditions that are true only if it can be
+** guranteed that the database is not corrupt.
+*/
+#ifdef SQLITE_DEBUG
+SQLITE_API extern int sqlite3_fts5_may_be_corrupt;
+# define assert_nc(x) assert(sqlite3_fts5_may_be_corrupt || (x))
+#else
+# define assert_nc(x) assert(x)
+#endif
+
+typedef struct Fts5Global Fts5Global;
+typedef struct Fts5Colset Fts5Colset;
+
+/* If a NEAR() clump or phrase may only match a specific set of columns,
+** then an object of the following type is used to record the set of columns.
+** Each entry in the aiCol[] array is a column that may be matched.
+**
+** This object is used by fts5_expr.c and fts5_index.c.
+*/
+struct Fts5Colset {
+ int nCol;
+ int aiCol[1];
+};
+
+
+
+/**************************************************************************
+** Interface to code in fts5_config.c. fts5_config.c contains contains code
+** to parse the arguments passed to the CREATE VIRTUAL TABLE statement.
+*/
+
+typedef struct Fts5Config Fts5Config;
+
+/*
+** An instance of the following structure encodes all information that can
+** be gleaned from the CREATE VIRTUAL TABLE statement.
+**
+** And all information loaded from the %_config table.
+**
+** nAutomerge:
+** The minimum number of segments that an auto-merge operation should
+** attempt to merge together. A value of 1 sets the object to use the
+** compile time default. Zero disables auto-merge altogether.
+**
+** zContent:
+**
+** zContentRowid:
+** The value of the content_rowid= option, if one was specified. Or
+** the string "rowid" otherwise. This text is not quoted - if it is
+** used as part of an SQL statement it needs to be quoted appropriately.
+**
+** zContentExprlist:
+**
+** pzErrmsg:
+** This exists in order to allow the fts5_index.c module to return a
+** decent error message if it encounters a file-format version it does
+** not understand.
+**
+** bColumnsize:
+** True if the %_docsize table is created.
+**
+** bPrefixIndex:
+** This is only used for debugging. If set to false, any prefix indexes
+** are ignored. This value is configured using:
+**
+** INSERT INTO tbl(tbl, rank) VALUES('prefix-index', $bPrefixIndex);
+**
+*/
+struct Fts5Config {
+ sqlite3 *db; /* Database handle */
+ char *zDb; /* Database holding FTS index (e.g. "main") */
+ char *zName; /* Name of FTS index */
+ int nCol; /* Number of columns */
+ char **azCol; /* Column names */
+ u8 *abUnindexed; /* True for unindexed columns */
+ int nPrefix; /* Number of prefix indexes */
+ int *aPrefix; /* Sizes in bytes of nPrefix prefix indexes */
+ int eContent; /* An FTS5_CONTENT value */
+ char *zContent; /* content table */
+ char *zContentRowid; /* "content_rowid=" option value */
+ int bColumnsize; /* "columnsize=" option value (dflt==1) */
+ char *zContentExprlist;
+ Fts5Tokenizer *pTok;
+ fts5_tokenizer *pTokApi;
+
+ /* Values loaded from the %_config table */
+ int iCookie; /* Incremented when %_config is modified */
+ int pgsz; /* Approximate page size used in %_data */
+ int nAutomerge; /* 'automerge' setting */
+ int nCrisisMerge; /* Maximum allowed segments per level */
+ int nHashSize; /* Bytes of memory for in-memory hash */
+ char *zRank; /* Name of rank function */
+ char *zRankArgs; /* Arguments to rank function */
+
+ /* If non-NULL, points to sqlite3_vtab.base.zErrmsg. Often NULL. */
+ char **pzErrmsg;
+
+#ifdef SQLITE_DEBUG
+ int bPrefixIndex; /* True to use prefix-indexes */
+#endif
+};
+
+/* Current expected value of %_config table 'version' field */
+#define FTS5_CURRENT_VERSION 4
+
+#define FTS5_CONTENT_NORMAL 0
+#define FTS5_CONTENT_NONE 1
+#define FTS5_CONTENT_EXTERNAL 2
+
+
+
+
+static int sqlite3Fts5ConfigParse(
+ Fts5Global*, sqlite3*, int, const char **, Fts5Config**, char**
+);
+static void sqlite3Fts5ConfigFree(Fts5Config*);
+
+static int sqlite3Fts5ConfigDeclareVtab(Fts5Config *pConfig);
+
+static int sqlite3Fts5Tokenize(
+ Fts5Config *pConfig, /* FTS5 Configuration object */
+ int flags, /* FTS5_TOKENIZE_* flags */
+ const char *pText, int nText, /* Text to tokenize */
+ void *pCtx, /* Context passed to xToken() */
+ int (*xToken)(void*, int, const char*, int, int, int) /* Callback */
+);
+
+static void sqlite3Fts5Dequote(char *z);
+
+/* Load the contents of the %_config table */
+static int sqlite3Fts5ConfigLoad(Fts5Config*, int);
+
+/* Set the value of a single config attribute */
+static int sqlite3Fts5ConfigSetValue(Fts5Config*, const char*, sqlite3_value*, int*);
+
+static int sqlite3Fts5ConfigParseRank(const char*, char**, char**);
+
+/*
+** End of interface to code in fts5_config.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_buffer.c.
+*/
+
+/*
+** Buffer object for the incremental building of string data.
+*/
+typedef struct Fts5Buffer Fts5Buffer;
+struct Fts5Buffer {
+ u8 *p;
+ int n;
+ int nSpace;
+};
+
+static int sqlite3Fts5BufferSize(int*, Fts5Buffer*, int);
+static void sqlite3Fts5BufferAppendVarint(int*, Fts5Buffer*, i64);
+static void sqlite3Fts5BufferAppendBlob(int*, Fts5Buffer*, int, const u8*);
+static void sqlite3Fts5BufferAppendString(int *, Fts5Buffer*, const char*);
+static void sqlite3Fts5BufferFree(Fts5Buffer*);
+static void sqlite3Fts5BufferZero(Fts5Buffer*);
+static void sqlite3Fts5BufferSet(int*, Fts5Buffer*, int, const u8*);
+static void sqlite3Fts5BufferAppendPrintf(int *, Fts5Buffer*, char *zFmt, ...);
+
+static char *sqlite3Fts5Mprintf(int *pRc, const char *zFmt, ...);
+
+#define fts5BufferZero(x) sqlite3Fts5BufferZero(x)
+#define fts5BufferAppendVarint(a,b,c) sqlite3Fts5BufferAppendVarint(a,b,c)
+#define fts5BufferFree(a) sqlite3Fts5BufferFree(a)
+#define fts5BufferAppendBlob(a,b,c,d) sqlite3Fts5BufferAppendBlob(a,b,c,d)
+#define fts5BufferSet(a,b,c,d) sqlite3Fts5BufferSet(a,b,c,d)
+
+#define fts5BufferGrow(pRc,pBuf,nn) ( \
+ (pBuf)->n + (nn) <= (pBuf)->nSpace ? 0 : \
+ sqlite3Fts5BufferSize((pRc),(pBuf),(nn)+(pBuf)->n) \
+)
+
+/* Write and decode big-endian 32-bit integer values */
+static void sqlite3Fts5Put32(u8*, int);
+static int sqlite3Fts5Get32(const u8*);
+
+#define FTS5_POS2COLUMN(iPos) (int)(iPos >> 32)
+#define FTS5_POS2OFFSET(iPos) (int)(iPos & 0xFFFFFFFF)
+
+typedef struct Fts5PoslistReader Fts5PoslistReader;
+struct Fts5PoslistReader {
+ /* Variables used only by sqlite3Fts5PoslistIterXXX() functions. */
+ const u8 *a; /* Position list to iterate through */
+ int n; /* Size of buffer at a[] in bytes */
+ int i; /* Current offset in a[] */
+
+ u8 bFlag; /* For client use (any custom purpose) */
+
+ /* Output variables */
+ u8 bEof; /* Set to true at EOF */
+ i64 iPos; /* (iCol<<32) + iPos */
+};
+static int sqlite3Fts5PoslistReaderInit(
+ const u8 *a, int n, /* Poslist buffer to iterate through */
+ Fts5PoslistReader *pIter /* Iterator object to initialize */
+);
+static int sqlite3Fts5PoslistReaderNext(Fts5PoslistReader*);
+
+typedef struct Fts5PoslistWriter Fts5PoslistWriter;
+struct Fts5PoslistWriter {
+ i64 iPrev;
+};
+static int sqlite3Fts5PoslistWriterAppend(Fts5Buffer*, Fts5PoslistWriter*, i64);
+
+static int sqlite3Fts5PoslistNext64(
+ const u8 *a, int n, /* Buffer containing poslist */
+ int *pi, /* IN/OUT: Offset within a[] */
+ i64 *piOff /* IN/OUT: Current offset */
+);
+
+/* Malloc utility */
+static void *sqlite3Fts5MallocZero(int *pRc, int nByte);
+static char *sqlite3Fts5Strndup(int *pRc, const char *pIn, int nIn);
+
+/* Character set tests (like isspace(), isalpha() etc.) */
+static int sqlite3Fts5IsBareword(char t);
+
+/*
+** End of interface to code in fts5_buffer.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_index.c. fts5_index.c contains contains code
+** to access the data stored in the %_data table.
+*/
+
+typedef struct Fts5Index Fts5Index;
+typedef struct Fts5IndexIter Fts5IndexIter;
+
+/*
+** Values used as part of the flags argument passed to IndexQuery().
+*/
+#define FTS5INDEX_QUERY_PREFIX 0x0001 /* Prefix query */
+#define FTS5INDEX_QUERY_DESC 0x0002 /* Docs in descending rowid order */
+#define FTS5INDEX_QUERY_TEST_NOIDX 0x0004 /* Do not use prefix index */
+#define FTS5INDEX_QUERY_SCAN 0x0008 /* Scan query (fts5vocab) */
+
+/*
+** Create/destroy an Fts5Index object.
+*/
+static int sqlite3Fts5IndexOpen(Fts5Config *pConfig, int bCreate, Fts5Index**, char**);
+static int sqlite3Fts5IndexClose(Fts5Index *p);
+
+/*
+** for(
+** sqlite3Fts5IndexQuery(p, "token", 5, 0, 0, &pIter);
+** 0==sqlite3Fts5IterEof(pIter);
+** sqlite3Fts5IterNext(pIter)
+** ){
+** i64 iRowid = sqlite3Fts5IterRowid(pIter);
+** }
+*/
+
+/*
+** Open a new iterator to iterate though all rowids that match the
+** specified token or token prefix.
+*/
+static int sqlite3Fts5IndexQuery(
+ Fts5Index *p, /* FTS index to query */
+ const char *pToken, int nToken, /* Token (or prefix) to query for */
+ int flags, /* Mask of FTS5INDEX_QUERY_X flags */
+ Fts5Colset *pColset, /* Match these columns only */
+ Fts5IndexIter **ppIter /* OUT: New iterator object */
+);
+
+/*
+** The various operations on open token or token prefix iterators opened
+** using sqlite3Fts5IndexQuery().
+*/
+static int sqlite3Fts5IterEof(Fts5IndexIter*);
+static int sqlite3Fts5IterNext(Fts5IndexIter*);
+static int sqlite3Fts5IterNextFrom(Fts5IndexIter*, i64 iMatch);
+static i64 sqlite3Fts5IterRowid(Fts5IndexIter*);
+static int sqlite3Fts5IterPoslist(Fts5IndexIter*,Fts5Colset*, const u8**, int*, i64*);
+static int sqlite3Fts5IterPoslistBuffer(Fts5IndexIter *pIter, Fts5Buffer *pBuf);
+
+/*
+** Close an iterator opened by sqlite3Fts5IndexQuery().
+*/
+static void sqlite3Fts5IterClose(Fts5IndexIter*);
+
+/*
+** This interface is used by the fts5vocab module.
+*/
+static const char *sqlite3Fts5IterTerm(Fts5IndexIter*, int*);
+static int sqlite3Fts5IterNextScan(Fts5IndexIter*);
+
+
+/*
+** Insert or remove data to or from the index. Each time a document is
+** added to or removed from the index, this function is called one or more
+** times.
+**
+** For an insert, it must be called once for each token in the new document.
+** If the operation is a delete, it must be called (at least) once for each
+** unique token in the document with an iCol value less than zero. The iPos
+** argument is ignored for a delete.
+*/
+static int sqlite3Fts5IndexWrite(
+ Fts5Index *p, /* Index to write to */
+ int iCol, /* Column token appears in (-ve -> delete) */
+ int iPos, /* Position of token within column */
+ const char *pToken, int nToken /* Token to add or remove to or from index */
+);
+
+/*
+** Indicate that subsequent calls to sqlite3Fts5IndexWrite() pertain to
+** document iDocid.
+*/
+static int sqlite3Fts5IndexBeginWrite(
+ Fts5Index *p, /* Index to write to */
+ int bDelete, /* True if current operation is a delete */
+ i64 iDocid /* Docid to add or remove data from */
+);
+
+/*
+** Flush any data stored in the in-memory hash tables to the database.
+** If the bCommit flag is true, also close any open blob handles.
+*/
+static int sqlite3Fts5IndexSync(Fts5Index *p, int bCommit);
+
+/*
+** Discard any data stored in the in-memory hash tables. Do not write it
+** to the database. Additionally, assume that the contents of the %_data
+** table may have changed on disk. So any in-memory caches of %_data
+** records must be invalidated.
+*/
+static int sqlite3Fts5IndexRollback(Fts5Index *p);
+
+/*
+** Get or set the "averages" values.
+*/
+static int sqlite3Fts5IndexGetAverages(Fts5Index *p, i64 *pnRow, i64 *anSize);
+static int sqlite3Fts5IndexSetAverages(Fts5Index *p, const u8*, int);
+
+/*
+** Functions called by the storage module as part of integrity-check.
+*/
+static u64 sqlite3Fts5IndexCksum(Fts5Config*,i64,int,int,const char*,int);
+static int sqlite3Fts5IndexIntegrityCheck(Fts5Index*, u64 cksum);
+
+/*
+** Called during virtual module initialization to register UDF
+** fts5_decode() with SQLite
+*/
+static int sqlite3Fts5IndexInit(sqlite3*);
+
+static int sqlite3Fts5IndexSetCookie(Fts5Index*, int);
+
+/*
+** Return the total number of entries read from the %_data table by
+** this connection since it was created.
+*/
+static int sqlite3Fts5IndexReads(Fts5Index *p);
+
+static int sqlite3Fts5IndexReinit(Fts5Index *p);
+static int sqlite3Fts5IndexOptimize(Fts5Index *p);
+static int sqlite3Fts5IndexMerge(Fts5Index *p, int nMerge);
+
+static int sqlite3Fts5IndexLoadConfig(Fts5Index *p);
+
+/*
+** End of interface to code in fts5_index.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_varint.c.
+*/
+static int sqlite3Fts5GetVarint32(const unsigned char *p, u32 *v);
+static int sqlite3Fts5GetVarintLen(u32 iVal);
+static u8 sqlite3Fts5GetVarint(const unsigned char*, u64*);
+static int sqlite3Fts5PutVarint(unsigned char *p, u64 v);
+
+#define fts5GetVarint32(a,b) sqlite3Fts5GetVarint32(a,(u32*)&b)
+#define fts5GetVarint sqlite3Fts5GetVarint
+
+#define fts5FastGetVarint32(a, iOff, nVal) { \
+ nVal = (a)[iOff++]; \
+ if( nVal & 0x80 ){ \
+ iOff--; \
+ iOff += fts5GetVarint32(&(a)[iOff], nVal); \
+ } \
+}
+
+
+/*
+** End of interface to code in fts5_varint.c.
+**************************************************************************/
+
+
+/**************************************************************************
+** Interface to code in fts5.c.
+*/
+
+static int sqlite3Fts5GetTokenizer(
+ Fts5Global*,
+ const char **azArg,
+ int nArg,
+ Fts5Tokenizer**,
+ fts5_tokenizer**,
+ char **pzErr
+);
+
+static Fts5Index *sqlite3Fts5IndexFromCsrid(Fts5Global*, i64, Fts5Config **);
+
+/*
+** End of interface to code in fts5.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_hash.c.
+*/
+typedef struct Fts5Hash Fts5Hash;
+
+/*
+** Create a hash table, free a hash table.
+*/
+static int sqlite3Fts5HashNew(Fts5Hash**, int *pnSize);
+static void sqlite3Fts5HashFree(Fts5Hash*);
+
+static int sqlite3Fts5HashWrite(
+ Fts5Hash*,
+ i64 iRowid, /* Rowid for this entry */
+ int iCol, /* Column token appears in (-ve -> delete) */
+ int iPos, /* Position of token within column */
+ char bByte,
+ const char *pToken, int nToken /* Token to add or remove to or from index */
+);
+
+/*
+** Empty (but do not delete) a hash table.
+*/
+static void sqlite3Fts5HashClear(Fts5Hash*);
+
+static int sqlite3Fts5HashQuery(
+ Fts5Hash*, /* Hash table to query */
+ const char *pTerm, int nTerm, /* Query term */
+ const u8 **ppDoclist, /* OUT: Pointer to doclist for pTerm */
+ int *pnDoclist /* OUT: Size of doclist in bytes */
+);
+
+static int sqlite3Fts5HashScanInit(
+ Fts5Hash*, /* Hash table to query */
+ const char *pTerm, int nTerm /* Query prefix */
+);
+static void sqlite3Fts5HashScanNext(Fts5Hash*);
+static int sqlite3Fts5HashScanEof(Fts5Hash*);
+static void sqlite3Fts5HashScanEntry(Fts5Hash *,
+ const char **pzTerm, /* OUT: term (nul-terminated) */
+ const u8 **ppDoclist, /* OUT: pointer to doclist */
+ int *pnDoclist /* OUT: size of doclist in bytes */
+);
+
+
+/*
+** End of interface to code in fts5_hash.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_storage.c. fts5_storage.c contains contains
+** code to access the data stored in the %_content and %_docsize tables.
+*/
+
+#define FTS5_STMT_SCAN_ASC 0 /* SELECT rowid, * FROM ... ORDER BY 1 ASC */
+#define FTS5_STMT_SCAN_DESC 1 /* SELECT rowid, * FROM ... ORDER BY 1 DESC */
+#define FTS5_STMT_LOOKUP 2 /* SELECT rowid, * FROM ... WHERE rowid=? */
+
+typedef struct Fts5Storage Fts5Storage;
+
+static int sqlite3Fts5StorageOpen(Fts5Config*, Fts5Index*, int, Fts5Storage**, char**);
+static int sqlite3Fts5StorageClose(Fts5Storage *p);
+static int sqlite3Fts5StorageRename(Fts5Storage*, const char *zName);
+
+static int sqlite3Fts5DropAll(Fts5Config*);
+static int sqlite3Fts5CreateTable(Fts5Config*, const char*, const char*, int, char **);
+
+static int sqlite3Fts5StorageDelete(Fts5Storage *p, i64);
+static int sqlite3Fts5StorageContentInsert(Fts5Storage *p, sqlite3_value**, i64*);
+static int sqlite3Fts5StorageIndexInsert(Fts5Storage *p, sqlite3_value**, i64);
+
+static int sqlite3Fts5StorageIntegrity(Fts5Storage *p);
+
+static int sqlite3Fts5StorageStmt(Fts5Storage *p, int eStmt, sqlite3_stmt**, char**);
+static void sqlite3Fts5StorageStmtRelease(Fts5Storage *p, int eStmt, sqlite3_stmt*);
+
+static int sqlite3Fts5StorageDocsize(Fts5Storage *p, i64 iRowid, int *aCol);
+static int sqlite3Fts5StorageSize(Fts5Storage *p, int iCol, i64 *pnAvg);
+static int sqlite3Fts5StorageRowCount(Fts5Storage *p, i64 *pnRow);
+
+static int sqlite3Fts5StorageSync(Fts5Storage *p, int bCommit);
+static int sqlite3Fts5StorageRollback(Fts5Storage *p);
+
+static int sqlite3Fts5StorageConfigValue(
+ Fts5Storage *p, const char*, sqlite3_value*, int
+);
+
+static int sqlite3Fts5StorageSpecialDelete(Fts5Storage *p, i64 iDel, sqlite3_value**);
+
+static int sqlite3Fts5StorageDeleteAll(Fts5Storage *p);
+static int sqlite3Fts5StorageRebuild(Fts5Storage *p);
+static int sqlite3Fts5StorageOptimize(Fts5Storage *p);
+static int sqlite3Fts5StorageMerge(Fts5Storage *p, int nMerge);
+
+/*
+** End of interface to code in fts5_storage.c.
+**************************************************************************/
+
+
+/**************************************************************************
+** Interface to code in fts5_expr.c.
+*/
+typedef struct Fts5Expr Fts5Expr;
+typedef struct Fts5ExprNode Fts5ExprNode;
+typedef struct Fts5Parse Fts5Parse;
+typedef struct Fts5Token Fts5Token;
+typedef struct Fts5ExprPhrase Fts5ExprPhrase;
+typedef struct Fts5ExprNearset Fts5ExprNearset;
+
+struct Fts5Token {
+ const char *p; /* Token text (not NULL terminated) */
+ int n; /* Size of buffer p in bytes */
+};
+
+/* Parse a MATCH expression. */
+static int sqlite3Fts5ExprNew(
+ Fts5Config *pConfig,
+ const char *zExpr,
+ Fts5Expr **ppNew,
+ char **pzErr
+);
+
+/*
+** for(rc = sqlite3Fts5ExprFirst(pExpr, pIdx, bDesc);
+** rc==SQLITE_OK && 0==sqlite3Fts5ExprEof(pExpr);
+** rc = sqlite3Fts5ExprNext(pExpr)
+** ){
+** // The document with rowid iRowid matches the expression!
+** i64 iRowid = sqlite3Fts5ExprRowid(pExpr);
+** }
+*/
+static int sqlite3Fts5ExprFirst(Fts5Expr*, Fts5Index *pIdx, i64 iMin, int bDesc);
+static int sqlite3Fts5ExprNext(Fts5Expr*, i64 iMax);
+static int sqlite3Fts5ExprEof(Fts5Expr*);
+static i64 sqlite3Fts5ExprRowid(Fts5Expr*);
+
+static void sqlite3Fts5ExprFree(Fts5Expr*);
+
+/* Called during startup to register a UDF with SQLite */
+static int sqlite3Fts5ExprInit(Fts5Global*, sqlite3*);
+
+static int sqlite3Fts5ExprPhraseCount(Fts5Expr*);
+static int sqlite3Fts5ExprPhraseSize(Fts5Expr*, int iPhrase);
+static int sqlite3Fts5ExprPoslist(Fts5Expr*, int, const u8 **);
+
+static int sqlite3Fts5ExprClonePhrase(Fts5Config*, Fts5Expr*, int, Fts5Expr**);
+
+/*******************************************
+** The fts5_expr.c API above this point is used by the other hand-written
+** C code in this module. The interfaces below this point are called by
+** the parser code in fts5parse.y. */
+
+static void sqlite3Fts5ParseError(Fts5Parse *pParse, const char *zFmt, ...);
+
+static Fts5ExprNode *sqlite3Fts5ParseNode(
+ Fts5Parse *pParse,
+ int eType,
+ Fts5ExprNode *pLeft,
+ Fts5ExprNode *pRight,
+ Fts5ExprNearset *pNear
+);
+
+static Fts5ExprPhrase *sqlite3Fts5ParseTerm(
+ Fts5Parse *pParse,
+ Fts5ExprPhrase *pPhrase,
+ Fts5Token *pToken,
+ int bPrefix
+);
+
+static Fts5ExprNearset *sqlite3Fts5ParseNearset(
+ Fts5Parse*,
+ Fts5ExprNearset*,
+ Fts5ExprPhrase*
+);
+
+static Fts5Colset *sqlite3Fts5ParseColset(
+ Fts5Parse*,
+ Fts5Colset*,
+ Fts5Token *
+);
+
+static void sqlite3Fts5ParsePhraseFree(Fts5ExprPhrase*);
+static void sqlite3Fts5ParseNearsetFree(Fts5ExprNearset*);
+static void sqlite3Fts5ParseNodeFree(Fts5ExprNode*);
+
+static void sqlite3Fts5ParseSetDistance(Fts5Parse*, Fts5ExprNearset*, Fts5Token*);
+static void sqlite3Fts5ParseSetColset(Fts5Parse*, Fts5ExprNearset*, Fts5Colset*);
+static void sqlite3Fts5ParseFinished(Fts5Parse *pParse, Fts5ExprNode *p);
+static void sqlite3Fts5ParseNear(Fts5Parse *pParse, Fts5Token*);
+
+/*
+** End of interface to code in fts5_expr.c.
+**************************************************************************/
+
+
+
+/**************************************************************************
+** Interface to code in fts5_aux.c.
+*/
+
+static int sqlite3Fts5AuxInit(fts5_api*);
+/*
+** End of interface to code in fts5_aux.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_tokenizer.c.
+*/
+
+static int sqlite3Fts5TokenizerInit(fts5_api*);
+/*
+** End of interface to code in fts5_tokenizer.c.
+**************************************************************************/
+
+/**************************************************************************
+** Interface to code in fts5_vocab.c.
+*/
+
+static int sqlite3Fts5VocabInit(Fts5Global*, sqlite3*);
+
+/*
+** End of interface to code in fts5_vocab.c.
+**************************************************************************/
+
+
+/**************************************************************************
+** Interface to automatically generated code in fts5_unicode2.c.
+*/
+static int sqlite3Fts5UnicodeIsalnum(int c);
+static int sqlite3Fts5UnicodeIsdiacritic(int c);
+static int sqlite3Fts5UnicodeFold(int c, int bRemoveDiacritic);
+/*
+** End of interface to code in fts5_unicode2.c.
+**************************************************************************/
+
+#endif
+
+#define FTS5_OR 1
+#define FTS5_AND 2
+#define FTS5_NOT 3
+#define FTS5_TERM 4
+#define FTS5_COLON 5
+#define FTS5_LP 6
+#define FTS5_RP 7
+#define FTS5_LCP 8
+#define FTS5_RCP 9
+#define FTS5_STRING 10
+#define FTS5_COMMA 11
+#define FTS5_PLUS 12
+#define FTS5_STAR 13
+
+/*
+** 2000-05-29
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** Driver template for the LEMON parser generator.
+**
+** The "lemon" program processes an LALR(1) input grammar file, then uses
+** this template to construct a parser. The "lemon" program inserts text
+** at each "%%" line. Also, any "P-a-r-s-e" identifer prefix (without the
+** interstitial "-" characters) contained in this template is changed into
+** the value of the %name directive from the grammar. Otherwise, the content
+** of this template is copied straight through into the generate parser
+** source file.
+**
+** The following is the concatenation of all %include directives from the
+** input grammar file:
+*/
+/* #include <stdio.h> */
+/************ Begin %include sections from the grammar ************************/
+
+/* #include "fts5Int.h" */
+/* #include "fts5parse.h" */
+
+/*
+** Disable all error recovery processing in the parser push-down
+** automaton.
+*/
+#define fts5YYNOERRORRECOVERY 1
+
+/*
+** Make fts5yytestcase() the same as testcase()
+*/
+#define fts5yytestcase(X) testcase(X)
+
+/*
+** Indicate that sqlite3ParserFree() will never be called with a null
+** pointer.
+*/
+#define fts5YYPARSEFREENOTNULL 1
+
+/*
+** Alternative datatype for the argument to the malloc() routine passed
+** into sqlite3ParserAlloc(). The default is size_t.
+*/
+#define fts5YYMALLOCARGTYPE u64
+
+/**************** End of %include directives **********************************/
+/* These constants specify the various numeric values for terminal symbols
+** in a format understandable to "makeheaders". This section is blank unless
+** "lemon" is run with the "-m" command-line option.
+***************** Begin makeheaders token definitions *************************/
+/**************** End makeheaders token definitions ***************************/
+
+/* The next sections is a series of control #defines.
+** various aspects of the generated parser.
+** fts5YYCODETYPE is the data type used to store the integer codes
+** that represent terminal and non-terminal symbols.
+** "unsigned char" is used if there are fewer than
+** 256 symbols. Larger types otherwise.
+** fts5YYNOCODE is a number of type fts5YYCODETYPE that is not used for
+** any terminal or nonterminal symbol.
+** fts5YYFALLBACK If defined, this indicates that one or more tokens
+** (also known as: "terminal symbols") have fall-back
+** values which should be used if the original symbol
+** would not parse. This permits keywords to sometimes
+** be used as identifiers, for example.
+** fts5YYACTIONTYPE is the data type used for "action codes" - numbers
+** that indicate what to do in response to the next
+** token.
+** sqlite3Fts5ParserFTS5TOKENTYPE is the data type used for minor type for terminal
+** symbols. Background: A "minor type" is a semantic
+** value associated with a terminal or non-terminal
+** symbols. For example, for an "ID" terminal symbol,
+** the minor type might be the name of the identifier.
+** Each non-terminal can have a different minor type.
+** Terminal symbols all have the same minor type, though.
+** This macros defines the minor type for terminal
+** symbols.
+** fts5YYMINORTYPE is the data type used for all minor types.
+** This is typically a union of many types, one of
+** which is sqlite3Fts5ParserFTS5TOKENTYPE. The entry in the union
+** for terminal symbols is called "fts5yy0".
+** fts5YYSTACKDEPTH is the maximum depth of the parser's stack. If
+** zero the stack is dynamically sized using realloc()
+** sqlite3Fts5ParserARG_SDECL A static variable declaration for the %extra_argument
+** sqlite3Fts5ParserARG_PDECL A parameter declaration for the %extra_argument
+** sqlite3Fts5ParserARG_STORE Code to store %extra_argument into fts5yypParser
+** sqlite3Fts5ParserARG_FETCH Code to extract %extra_argument from fts5yypParser
+** fts5YYERRORSYMBOL is the code number of the error symbol. If not
+** defined, then do no error processing.
+** fts5YYNSTATE the combined number of states.
+** fts5YYNRULE the number of rules in the grammar
+** fts5YY_MAX_SHIFT Maximum value for shift actions
+** fts5YY_MIN_SHIFTREDUCE Minimum value for shift-reduce actions
+** fts5YY_MAX_SHIFTREDUCE Maximum value for shift-reduce actions
+** fts5YY_MIN_REDUCE Maximum value for reduce actions
+** fts5YY_ERROR_ACTION The fts5yy_action[] code for syntax error
+** fts5YY_ACCEPT_ACTION The fts5yy_action[] code for accept
+** fts5YY_NO_ACTION The fts5yy_action[] code for no-op
+*/
+#ifndef INTERFACE
+# define INTERFACE 1
+#endif
+/************* Begin control #defines *****************************************/
+#define fts5YYCODETYPE unsigned char
+#define fts5YYNOCODE 27
+#define fts5YYACTIONTYPE unsigned char
+#define sqlite3Fts5ParserFTS5TOKENTYPE Fts5Token
+typedef union {
+ int fts5yyinit;
+ sqlite3Fts5ParserFTS5TOKENTYPE fts5yy0;
+ Fts5Colset* fts5yy3;
+ Fts5ExprPhrase* fts5yy11;
+ Fts5ExprNode* fts5yy18;
+ int fts5yy20;
+ Fts5ExprNearset* fts5yy26;
+} fts5YYMINORTYPE;
+#ifndef fts5YYSTACKDEPTH
+#define fts5YYSTACKDEPTH 100
+#endif
+#define sqlite3Fts5ParserARG_SDECL Fts5Parse *pParse;
+#define sqlite3Fts5ParserARG_PDECL ,Fts5Parse *pParse
+#define sqlite3Fts5ParserARG_FETCH Fts5Parse *pParse = fts5yypParser->pParse
+#define sqlite3Fts5ParserARG_STORE fts5yypParser->pParse = pParse
+#define fts5YYNSTATE 26
+#define fts5YYNRULE 24
+#define fts5YY_MAX_SHIFT 25
+#define fts5YY_MIN_SHIFTREDUCE 40
+#define fts5YY_MAX_SHIFTREDUCE 63
+#define fts5YY_MIN_REDUCE 64
+#define fts5YY_MAX_REDUCE 87
+#define fts5YY_ERROR_ACTION 88
+#define fts5YY_ACCEPT_ACTION 89
+#define fts5YY_NO_ACTION 90
+/************* End control #defines *******************************************/
+
+/* The fts5yyzerominor constant is used to initialize instances of
+** fts5YYMINORTYPE objects to zero. */
+static const fts5YYMINORTYPE fts5yyzerominor = { 0 };
+
+/* Define the fts5yytestcase() macro to be a no-op if is not already defined
+** otherwise.
+**
+** Applications can choose to define fts5yytestcase() in the %include section
+** to a macro that can assist in verifying code coverage. For production
+** code the fts5yytestcase() macro should be turned off. But it is useful
+** for testing.
+*/
+#ifndef fts5yytestcase
+# define fts5yytestcase(X)
+#endif
+
+
+/* Next are the tables used to determine what action to take based on the
+** current state and lookahead token. These tables are used to implement
+** functions that take a state number and lookahead value and return an
+** action integer.
+**
+** Suppose the action integer is N. Then the action is determined as
+** follows
+**
+** 0 <= N <= fts5YY_MAX_SHIFT Shift N. That is, push the lookahead
+** token onto the stack and goto state N.
+**
+** N between fts5YY_MIN_SHIFTREDUCE Shift to an arbitrary state then
+** and fts5YY_MAX_SHIFTREDUCE reduce by rule N-fts5YY_MIN_SHIFTREDUCE.
+**
+** N between fts5YY_MIN_REDUCE Reduce by rule N-fts5YY_MIN_REDUCE
+** and fts5YY_MAX_REDUCE
+
+** N == fts5YY_ERROR_ACTION A syntax error has occurred.
+**
+** N == fts5YY_ACCEPT_ACTION The parser accepts its input.
+**
+** N == fts5YY_NO_ACTION No such action. Denotes unused
+** slots in the fts5yy_action[] table.
+**
+** The action table is constructed as a single large table named fts5yy_action[].
+** Given state S and lookahead X, the action is computed as
+**
+** fts5yy_action[ fts5yy_shift_ofst[S] + X ]
+**
+** If the index value fts5yy_shift_ofst[S]+X is out of range or if the value
+** fts5yy_lookahead[fts5yy_shift_ofst[S]+X] is not equal to X or if fts5yy_shift_ofst[S]
+** is equal to fts5YY_SHIFT_USE_DFLT, it means that the action is not in the table
+** and that fts5yy_default[S] should be used instead.
+**
+** The formula above is for computing the action when the lookahead is
+** a terminal symbol. If the lookahead is a non-terminal (as occurs after
+** a reduce action) then the fts5yy_reduce_ofst[] array is used in place of
+** the fts5yy_shift_ofst[] array and fts5YY_REDUCE_USE_DFLT is used in place of
+** fts5YY_SHIFT_USE_DFLT.
+**
+** The following are the tables generated in this section:
+**
+** fts5yy_action[] A single table containing all actions.
+** fts5yy_lookahead[] A table containing the lookahead for each entry in
+** fts5yy_action. Used to detect hash collisions.
+** fts5yy_shift_ofst[] For each state, the offset into fts5yy_action for
+** shifting terminals.
+** fts5yy_reduce_ofst[] For each state, the offset into fts5yy_action for
+** shifting non-terminals after a reduce.
+** fts5yy_default[] Default action for each state.
+**
+*********** Begin parsing tables **********************************************/
+#define fts5YY_ACTTAB_COUNT (78)
+static const fts5YYACTIONTYPE fts5yy_action[] = {
+ /* 0 */ 89, 15, 46, 5, 48, 24, 12, 19, 23, 14,
+ /* 10 */ 46, 5, 48, 24, 20, 21, 23, 43, 46, 5,
+ /* 20 */ 48, 24, 6, 18, 23, 17, 46, 5, 48, 24,
+ /* 30 */ 75, 7, 23, 25, 46, 5, 48, 24, 62, 47,
+ /* 40 */ 23, 48, 24, 7, 11, 23, 9, 3, 4, 2,
+ /* 50 */ 62, 50, 52, 44, 64, 3, 4, 2, 49, 4,
+ /* 60 */ 2, 1, 23, 11, 16, 9, 12, 2, 10, 61,
+ /* 70 */ 53, 59, 62, 60, 22, 13, 55, 8,
+};
+static const fts5YYCODETYPE fts5yy_lookahead[] = {
+ /* 0 */ 15, 16, 17, 18, 19, 20, 10, 11, 23, 16,
+ /* 10 */ 17, 18, 19, 20, 23, 24, 23, 16, 17, 18,
+ /* 20 */ 19, 20, 22, 23, 23, 16, 17, 18, 19, 20,
+ /* 30 */ 5, 6, 23, 16, 17, 18, 19, 20, 13, 17,
+ /* 40 */ 23, 19, 20, 6, 8, 23, 10, 1, 2, 3,
+ /* 50 */ 13, 9, 10, 7, 0, 1, 2, 3, 19, 2,
+ /* 60 */ 3, 6, 23, 8, 21, 10, 10, 3, 10, 25,
+ /* 70 */ 10, 10, 13, 25, 12, 10, 7, 5,
+};
+#define fts5YY_SHIFT_USE_DFLT (-5)
+#define fts5YY_SHIFT_COUNT (25)
+#define fts5YY_SHIFT_MIN (-4)
+#define fts5YY_SHIFT_MAX (72)
+static const signed char fts5yy_shift_ofst[] = {
+ /* 0 */ 55, 55, 55, 55, 55, 36, -4, 56, 58, 25,
+ /* 10 */ 37, 60, 59, 59, 46, 54, 42, 57, 62, 61,
+ /* 20 */ 62, 69, 65, 62, 72, 64,
+};
+#define fts5YY_REDUCE_USE_DFLT (-16)
+#define fts5YY_REDUCE_COUNT (13)
+#define fts5YY_REDUCE_MIN (-15)
+#define fts5YY_REDUCE_MAX (48)
+static const signed char fts5yy_reduce_ofst[] = {
+ /* 0 */ -15, -7, 1, 9, 17, 22, -9, 0, 39, 44,
+ /* 10 */ 44, 43, 44, 48,
+};
+static const fts5YYACTIONTYPE fts5yy_default[] = {
+ /* 0 */ 88, 88, 88, 88, 88, 69, 82, 88, 88, 87,
+ /* 10 */ 87, 88, 87, 87, 88, 88, 88, 66, 80, 88,
+ /* 20 */ 81, 88, 88, 78, 88, 65,
+};
+/********** End of lemon-generated parsing tables *****************************/
+
+/* The next table maps tokens (terminal symbols) into fallback tokens.
+** If a construct like the following:
+**
+** %fallback ID X Y Z.
+**
+** appears in the grammar, then ID becomes a fallback token for X, Y,
+** and Z. Whenever one of the tokens X, Y, or Z is input to the parser
+** but it does not parse, the type of the token is changed to ID and
+** the parse is retried before an error is thrown.
+**
+** This feature can be used, for example, to cause some keywords in a language
+** to revert to identifiers if they keyword does not apply in the context where
+** it appears.
+*/
+#ifdef fts5YYFALLBACK
+static const fts5YYCODETYPE fts5yyFallback[] = {
+};
+#endif /* fts5YYFALLBACK */
+
+/* The following structure represents a single element of the
+** parser's stack. Information stored includes:
+**
+** + The state number for the parser at this level of the stack.
+**
+** + The value of the token stored at this level of the stack.
+** (In other words, the "major" token.)
+**
+** + The semantic value stored at this level of the stack. This is
+** the information used by the action routines in the grammar.
+** It is sometimes called the "minor" token.
+**
+** After the "shift" half of a SHIFTREDUCE action, the stateno field
+** actually contains the reduce action for the second half of the
+** SHIFTREDUCE.
+*/
+struct fts5yyStackEntry {
+ fts5YYACTIONTYPE stateno; /* The state-number, or reduce action in SHIFTREDUCE */
+ fts5YYCODETYPE major; /* The major token value. This is the code
+ ** number for the token at this stack level */
+ fts5YYMINORTYPE minor; /* The user-supplied minor token value. This
+ ** is the value of the token */
+};
+typedef struct fts5yyStackEntry fts5yyStackEntry;
+
+/* The state of the parser is completely contained in an instance of
+** the following structure */
+struct fts5yyParser {
+ int fts5yyidx; /* Index of top element in stack */
+#ifdef fts5YYTRACKMAXSTACKDEPTH
+ int fts5yyidxMax; /* Maximum value of fts5yyidx */
+#endif
+ int fts5yyerrcnt; /* Shifts left before out of the error */
+ sqlite3Fts5ParserARG_SDECL /* A place to hold %extra_argument */
+#if fts5YYSTACKDEPTH<=0
+ int fts5yystksz; /* Current side of the stack */
+ fts5yyStackEntry *fts5yystack; /* The parser's stack */
+#else
+ fts5yyStackEntry fts5yystack[fts5YYSTACKDEPTH]; /* The parser's stack */
+#endif
+};
+typedef struct fts5yyParser fts5yyParser;
+
+#ifndef NDEBUG
+/* #include <stdio.h> */
+static FILE *fts5yyTraceFILE = 0;
+static char *fts5yyTracePrompt = 0;
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/*
+** Turn parser tracing on by giving a stream to which to write the trace
+** and a prompt to preface each trace message. Tracing is turned off
+** by making either argument NULL
+**
+** Inputs:
+** <ul>
+** <li> A FILE* to which trace output should be written.
+** If NULL, then tracing is turned off.
+** <li> A prefix string written at the beginning of every
+** line of trace output. If NULL, then tracing is
+** turned off.
+** </ul>
+**
+** Outputs:
+** None.
+*/
+static void sqlite3Fts5ParserTrace(FILE *TraceFILE, char *zTracePrompt){
+ fts5yyTraceFILE = TraceFILE;
+ fts5yyTracePrompt = zTracePrompt;
+ if( fts5yyTraceFILE==0 ) fts5yyTracePrompt = 0;
+ else if( fts5yyTracePrompt==0 ) fts5yyTraceFILE = 0;
+}
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/* For tracing shifts, the names of all terminals and nonterminals
+** are required. The following table supplies these names */
+static const char *const fts5yyTokenName[] = {
+ "$", "OR", "AND", "NOT",
+ "TERM", "COLON", "LP", "RP",
+ "LCP", "RCP", "STRING", "COMMA",
+ "PLUS", "STAR", "error", "input",
+ "expr", "cnearset", "exprlist", "nearset",
+ "colset", "colsetlist", "nearphrases", "phrase",
+ "neardist_opt", "star_opt",
+};
+#endif /* NDEBUG */
+
+#ifndef NDEBUG
+/* For tracing reduce actions, the names of all rules are required.
+*/
+static const char *const fts5yyRuleName[] = {
+ /* 0 */ "input ::= expr",
+ /* 1 */ "expr ::= expr AND expr",
+ /* 2 */ "expr ::= expr OR expr",
+ /* 3 */ "expr ::= expr NOT expr",
+ /* 4 */ "expr ::= LP expr RP",
+ /* 5 */ "expr ::= exprlist",
+ /* 6 */ "exprlist ::= cnearset",
+ /* 7 */ "exprlist ::= exprlist cnearset",
+ /* 8 */ "cnearset ::= nearset",
+ /* 9 */ "cnearset ::= colset COLON nearset",
+ /* 10 */ "colset ::= LCP colsetlist RCP",
+ /* 11 */ "colset ::= STRING",
+ /* 12 */ "colsetlist ::= colsetlist STRING",
+ /* 13 */ "colsetlist ::= STRING",
+ /* 14 */ "nearset ::= phrase",
+ /* 15 */ "nearset ::= STRING LP nearphrases neardist_opt RP",
+ /* 16 */ "nearphrases ::= phrase",
+ /* 17 */ "nearphrases ::= nearphrases phrase",
+ /* 18 */ "neardist_opt ::=",
+ /* 19 */ "neardist_opt ::= COMMA STRING",
+ /* 20 */ "phrase ::= phrase PLUS STRING star_opt",
+ /* 21 */ "phrase ::= STRING star_opt",
+ /* 22 */ "star_opt ::= STAR",
+ /* 23 */ "star_opt ::=",
+};
+#endif /* NDEBUG */
+
+
+#if fts5YYSTACKDEPTH<=0
+/*
+** Try to increase the size of the parser stack.
+*/
+static void fts5yyGrowStack(fts5yyParser *p){
+ int newSize;
+ fts5yyStackEntry *pNew;
+
+ newSize = p->fts5yystksz*2 + 100;
+ pNew = realloc(p->fts5yystack, newSize*sizeof(pNew[0]));
+ if( pNew ){
+ p->fts5yystack = pNew;
+ p->fts5yystksz = newSize;
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sStack grows to %d entries!\n",
+ fts5yyTracePrompt, p->fts5yystksz);
+ }
+#endif
+ }
+}
+#endif
+
+/* Datatype of the argument to the memory allocated passed as the
+** second argument to sqlite3Fts5ParserAlloc() below. This can be changed by
+** putting an appropriate #define in the %include section of the input
+** grammar.
+*/
+#ifndef fts5YYMALLOCARGTYPE
+# define fts5YYMALLOCARGTYPE size_t
+#endif
+
+/*
+** This function allocates a new parser.
+** The only argument is a pointer to a function which works like
+** malloc.
+**
+** Inputs:
+** A pointer to the function used to allocate memory.
+**
+** Outputs:
+** A pointer to a parser. This pointer is used in subsequent calls
+** to sqlite3Fts5Parser and sqlite3Fts5ParserFree.
+*/
+static void *sqlite3Fts5ParserAlloc(void *(*mallocProc)(fts5YYMALLOCARGTYPE)){
+ fts5yyParser *pParser;
+ pParser = (fts5yyParser*)(*mallocProc)( (fts5YYMALLOCARGTYPE)sizeof(fts5yyParser) );
+ if( pParser ){
+ pParser->fts5yyidx = -1;
+#ifdef fts5YYTRACKMAXSTACKDEPTH
+ pParser->fts5yyidxMax = 0;
+#endif
+#if fts5YYSTACKDEPTH<=0
+ pParser->fts5yystack = NULL;
+ pParser->fts5yystksz = 0;
+ fts5yyGrowStack(pParser);
+#endif
+ }
+ return pParser;
+}
+
+/* The following function deletes the "minor type" or semantic value
+** associated with a symbol. The symbol can be either a terminal
+** or nonterminal. "fts5yymajor" is the symbol code, and "fts5yypminor" is
+** a pointer to the value to be deleted. The code used to do the
+** deletions is derived from the %destructor and/or %token_destructor
+** directives of the input grammar.
+*/
+static void fts5yy_destructor(
+ fts5yyParser *fts5yypParser, /* The parser */
+ fts5YYCODETYPE fts5yymajor, /* Type code for object to destroy */
+ fts5YYMINORTYPE *fts5yypminor /* The object to be destroyed */
+){
+ sqlite3Fts5ParserARG_FETCH;
+ switch( fts5yymajor ){
+ /* Here is inserted the actions which take place when a
+ ** terminal or non-terminal is destroyed. This can happen
+ ** when the symbol is popped from the stack during a
+ ** reduce or during error processing or when a parser is
+ ** being destroyed before it is finished parsing.
+ **
+ ** Note: during a reduce, the only symbols destroyed are those
+ ** which appear on the RHS of the rule, but which are *not* used
+ ** inside the C code.
+ */
+/********* Begin destructor definitions ***************************************/
+ case 15: /* input */
+{
+ (void)pParse;
+}
+ break;
+ case 16: /* expr */
+ case 17: /* cnearset */
+ case 18: /* exprlist */
+{
+ sqlite3Fts5ParseNodeFree((fts5yypminor->fts5yy18));
+}
+ break;
+ case 19: /* nearset */
+ case 22: /* nearphrases */
+{
+ sqlite3Fts5ParseNearsetFree((fts5yypminor->fts5yy26));
+}
+ break;
+ case 20: /* colset */
+ case 21: /* colsetlist */
+{
+ sqlite3_free((fts5yypminor->fts5yy3));
+}
+ break;
+ case 23: /* phrase */
+{
+ sqlite3Fts5ParsePhraseFree((fts5yypminor->fts5yy11));
+}
+ break;
+/********* End destructor definitions *****************************************/
+ default: break; /* If no destructor action specified: do nothing */
+ }
+}
+
+/*
+** Pop the parser's stack once.
+**
+** If there is a destructor routine associated with the token which
+** is popped from the stack, then call it.
+*/
+static void fts5yy_pop_parser_stack(fts5yyParser *pParser){
+ fts5yyStackEntry *fts5yytos;
+ assert( pParser->fts5yyidx>=0 );
+ fts5yytos = &pParser->fts5yystack[pParser->fts5yyidx--];
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sPopping %s\n",
+ fts5yyTracePrompt,
+ fts5yyTokenName[fts5yytos->major]);
+ }
+#endif
+ fts5yy_destructor(pParser, fts5yytos->major, &fts5yytos->minor);
+}
+
+/*
+** Deallocate and destroy a parser. Destructors are called for
+** all stack elements before shutting the parser down.
+**
+** If the fts5YYPARSEFREENEVERNULL macro exists (for example because it
+** is defined in a %include section of the input grammar) then it is
+** assumed that the input pointer is never NULL.
+*/
+static void sqlite3Fts5ParserFree(
+ void *p, /* The parser to be deleted */
+ void (*freeProc)(void*) /* Function used to reclaim memory */
+){
+ fts5yyParser *pParser = (fts5yyParser*)p;
+#ifndef fts5YYPARSEFREENEVERNULL
+ if( pParser==0 ) return;
+#endif
+ while( pParser->fts5yyidx>=0 ) fts5yy_pop_parser_stack(pParser);
+#if fts5YYSTACKDEPTH<=0
+ free(pParser->fts5yystack);
+#endif
+ (*freeProc)((void*)pParser);
+}
+
+/*
+** Return the peak depth of the stack for a parser.
+*/
+#ifdef fts5YYTRACKMAXSTACKDEPTH
+static int sqlite3Fts5ParserStackPeak(void *p){
+ fts5yyParser *pParser = (fts5yyParser*)p;
+ return pParser->fts5yyidxMax;
+}
+#endif
+
+/*
+** Find the appropriate action for a parser given the terminal
+** look-ahead token iLookAhead.
+*/
+static int fts5yy_find_shift_action(
+ fts5yyParser *pParser, /* The parser */
+ fts5YYCODETYPE iLookAhead /* The look-ahead token */
+){
+ int i;
+ int stateno = pParser->fts5yystack[pParser->fts5yyidx].stateno;
+
+ if( stateno>=fts5YY_MIN_REDUCE ) return stateno;
+ assert( stateno <= fts5YY_SHIFT_COUNT );
+ do{
+ i = fts5yy_shift_ofst[stateno];
+ if( i==fts5YY_SHIFT_USE_DFLT ) return fts5yy_default[stateno];
+ assert( iLookAhead!=fts5YYNOCODE );
+ i += iLookAhead;
+ if( i<0 || i>=fts5YY_ACTTAB_COUNT || fts5yy_lookahead[i]!=iLookAhead ){
+ if( iLookAhead>0 ){
+#ifdef fts5YYFALLBACK
+ fts5YYCODETYPE iFallback; /* Fallback token */
+ if( iLookAhead<sizeof(fts5yyFallback)/sizeof(fts5yyFallback[0])
+ && (iFallback = fts5yyFallback[iLookAhead])!=0 ){
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE, "%sFALLBACK %s => %s\n",
+ fts5yyTracePrompt, fts5yyTokenName[iLookAhead], fts5yyTokenName[iFallback]);
+ }
+#endif
+ assert( fts5yyFallback[iFallback]==0 ); /* Fallback loop must terminate */
+ iLookAhead = iFallback;
+ continue;
+ }
+#endif
+#ifdef fts5YYWILDCARD
+ {
+ int j = i - iLookAhead + fts5YYWILDCARD;
+ if(
+#if fts5YY_SHIFT_MIN+fts5YYWILDCARD<0
+ j>=0 &&
+#endif
+#if fts5YY_SHIFT_MAX+fts5YYWILDCARD>=fts5YY_ACTTAB_COUNT
+ j<fts5YY_ACTTAB_COUNT &&
+#endif
+ fts5yy_lookahead[j]==fts5YYWILDCARD
+ ){
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE, "%sWILDCARD %s => %s\n",
+ fts5yyTracePrompt, fts5yyTokenName[iLookAhead],
+ fts5yyTokenName[fts5YYWILDCARD]);
+ }
+#endif /* NDEBUG */
+ return fts5yy_action[j];
+ }
+ }
+#endif /* fts5YYWILDCARD */
+ }
+ return fts5yy_default[stateno];
+ }else{
+ return fts5yy_action[i];
+ }
+ }while(1);
+}
+
+/*
+** Find the appropriate action for a parser given the non-terminal
+** look-ahead token iLookAhead.
+*/
+static int fts5yy_find_reduce_action(
+ int stateno, /* Current state number */
+ fts5YYCODETYPE iLookAhead /* The look-ahead token */
+){
+ int i;
+#ifdef fts5YYERRORSYMBOL
+ if( stateno>fts5YY_REDUCE_COUNT ){
+ return fts5yy_default[stateno];
+ }
+#else
+ assert( stateno<=fts5YY_REDUCE_COUNT );
+#endif
+ i = fts5yy_reduce_ofst[stateno];
+ assert( i!=fts5YY_REDUCE_USE_DFLT );
+ assert( iLookAhead!=fts5YYNOCODE );
+ i += iLookAhead;
+#ifdef fts5YYERRORSYMBOL
+ if( i<0 || i>=fts5YY_ACTTAB_COUNT || fts5yy_lookahead[i]!=iLookAhead ){
+ return fts5yy_default[stateno];
+ }
+#else
+ assert( i>=0 && i<fts5YY_ACTTAB_COUNT );
+ assert( fts5yy_lookahead[i]==iLookAhead );
+#endif
+ return fts5yy_action[i];
+}
+
+/*
+** The following routine is called if the stack overflows.
+*/
+static void fts5yyStackOverflow(fts5yyParser *fts5yypParser, fts5YYMINORTYPE *fts5yypMinor){
+ sqlite3Fts5ParserARG_FETCH;
+ fts5yypParser->fts5yyidx--;
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sStack Overflow!\n",fts5yyTracePrompt);
+ }
+#endif
+ while( fts5yypParser->fts5yyidx>=0 ) fts5yy_pop_parser_stack(fts5yypParser);
+ /* Here code is inserted which will execute if the parser
+ ** stack every overflows */
+/******** Begin %stack_overflow code ******************************************/
+
+ assert( 0 );
+/******** End %stack_overflow code ********************************************/
+ sqlite3Fts5ParserARG_STORE; /* Suppress warning about unused %extra_argument var */
+}
+
+/*
+** Print tracing information for a SHIFT action
+*/
+#ifndef NDEBUG
+static void fts5yyTraceShift(fts5yyParser *fts5yypParser, int fts5yyNewState){
+ if( fts5yyTraceFILE ){
+ if( fts5yyNewState<fts5YYNSTATE ){
+ fprintf(fts5yyTraceFILE,"%sShift '%s', go to state %d\n",
+ fts5yyTracePrompt,fts5yyTokenName[fts5yypParser->fts5yystack[fts5yypParser->fts5yyidx].major],
+ fts5yyNewState);
+ }else{
+ fprintf(fts5yyTraceFILE,"%sShift '%s'\n",
+ fts5yyTracePrompt,fts5yyTokenName[fts5yypParser->fts5yystack[fts5yypParser->fts5yyidx].major]);
+ }
+ }
+}
+#else
+# define fts5yyTraceShift(X,Y)
+#endif
+
+/*
+** Perform a shift action.
+*/
+static void fts5yy_shift(
+ fts5yyParser *fts5yypParser, /* The parser to be shifted */
+ int fts5yyNewState, /* The new state to shift in */
+ int fts5yyMajor, /* The major token to shift in */
+ fts5YYMINORTYPE *fts5yypMinor /* Pointer to the minor token to shift in */
+){
+ fts5yyStackEntry *fts5yytos;
+ fts5yypParser->fts5yyidx++;
+#ifdef fts5YYTRACKMAXSTACKDEPTH
+ if( fts5yypParser->fts5yyidx>fts5yypParser->fts5yyidxMax ){
+ fts5yypParser->fts5yyidxMax = fts5yypParser->fts5yyidx;
+ }
+#endif
+#if fts5YYSTACKDEPTH>0
+ if( fts5yypParser->fts5yyidx>=fts5YYSTACKDEPTH ){
+ fts5yyStackOverflow(fts5yypParser, fts5yypMinor);
+ return;
+ }
+#else
+ if( fts5yypParser->fts5yyidx>=fts5yypParser->fts5yystksz ){
+ fts5yyGrowStack(fts5yypParser);
+ if( fts5yypParser->fts5yyidx>=fts5yypParser->fts5yystksz ){
+ fts5yyStackOverflow(fts5yypParser, fts5yypMinor);
+ return;
+ }
+ }
+#endif
+ fts5yytos = &fts5yypParser->fts5yystack[fts5yypParser->fts5yyidx];
+ fts5yytos->stateno = (fts5YYACTIONTYPE)fts5yyNewState;
+ fts5yytos->major = (fts5YYCODETYPE)fts5yyMajor;
+ fts5yytos->minor = *fts5yypMinor;
+ fts5yyTraceShift(fts5yypParser, fts5yyNewState);
+}
+
+/* The following table contains information about every rule that
+** is used during the reduce.
+*/
+static const struct {
+ fts5YYCODETYPE lhs; /* Symbol on the left-hand side of the rule */
+ unsigned char nrhs; /* Number of right-hand side symbols in the rule */
+} fts5yyRuleInfo[] = {
+ { 15, 1 },
+ { 16, 3 },
+ { 16, 3 },
+ { 16, 3 },
+ { 16, 3 },
+ { 16, 1 },
+ { 18, 1 },
+ { 18, 2 },
+ { 17, 1 },
+ { 17, 3 },
+ { 20, 3 },
+ { 20, 1 },
+ { 21, 2 },
+ { 21, 1 },
+ { 19, 1 },
+ { 19, 5 },
+ { 22, 1 },
+ { 22, 2 },
+ { 24, 0 },
+ { 24, 2 },
+ { 23, 4 },
+ { 23, 2 },
+ { 25, 1 },
+ { 25, 0 },
+};
+
+static void fts5yy_accept(fts5yyParser*); /* Forward Declaration */
+
+/*
+** Perform a reduce action and the shift that must immediately
+** follow the reduce.
+*/
+static void fts5yy_reduce(
+ fts5yyParser *fts5yypParser, /* The parser */
+ int fts5yyruleno /* Number of the rule by which to reduce */
+){
+ int fts5yygoto; /* The next state */
+ int fts5yyact; /* The next action */
+ fts5YYMINORTYPE fts5yygotominor; /* The LHS of the rule reduced */
+ fts5yyStackEntry *fts5yymsp; /* The top of the parser's stack */
+ int fts5yysize; /* Amount to pop the stack */
+ sqlite3Fts5ParserARG_FETCH;
+ fts5yymsp = &fts5yypParser->fts5yystack[fts5yypParser->fts5yyidx];
+#ifndef NDEBUG
+ if( fts5yyTraceFILE && fts5yyruleno>=0
+ && fts5yyruleno<(int)(sizeof(fts5yyRuleName)/sizeof(fts5yyRuleName[0])) ){
+ fts5yysize = fts5yyRuleInfo[fts5yyruleno].nrhs;
+ fprintf(fts5yyTraceFILE, "%sReduce [%s], go to state %d.\n", fts5yyTracePrompt,
+ fts5yyRuleName[fts5yyruleno], fts5yymsp[-fts5yysize].stateno);
+ }
+#endif /* NDEBUG */
+ fts5yygotominor = fts5yyzerominor;
+
+ switch( fts5yyruleno ){
+ /* Beginning here are the reduction cases. A typical example
+ ** follows:
+ ** case 0:
+ ** #line <lineno> <grammarfile>
+ ** { ... } // User supplied code
+ ** #line <lineno> <thisfile>
+ ** break;
+ */
+/********** Begin reduce actions **********************************************/
+ case 0: /* input ::= expr */
+{ sqlite3Fts5ParseFinished(pParse, fts5yymsp[0].minor.fts5yy18); }
+ break;
+ case 1: /* expr ::= expr AND expr */
+{
+ fts5yygotominor.fts5yy18 = sqlite3Fts5ParseNode(pParse, FTS5_AND, fts5yymsp[-2].minor.fts5yy18, fts5yymsp[0].minor.fts5yy18, 0);
+}
+ break;
+ case 2: /* expr ::= expr OR expr */
+{
+ fts5yygotominor.fts5yy18 = sqlite3Fts5ParseNode(pParse, FTS5_OR, fts5yymsp[-2].minor.fts5yy18, fts5yymsp[0].minor.fts5yy18, 0);
+}
+ break;
+ case 3: /* expr ::= expr NOT expr */
+{
+ fts5yygotominor.fts5yy18 = sqlite3Fts5ParseNode(pParse, FTS5_NOT, fts5yymsp[-2].minor.fts5yy18, fts5yymsp[0].minor.fts5yy18, 0);
+}
+ break;
+ case 4: /* expr ::= LP expr RP */
+{fts5yygotominor.fts5yy18 = fts5yymsp[-1].minor.fts5yy18;}
+ break;
+ case 5: /* expr ::= exprlist */
+ case 6: /* exprlist ::= cnearset */ fts5yytestcase(fts5yyruleno==6);
+{fts5yygotominor.fts5yy18 = fts5yymsp[0].minor.fts5yy18;}
+ break;
+ case 7: /* exprlist ::= exprlist cnearset */
+{
+ fts5yygotominor.fts5yy18 = sqlite3Fts5ParseNode(pParse, FTS5_AND, fts5yymsp[-1].minor.fts5yy18, fts5yymsp[0].minor.fts5yy18, 0);
+}
+ break;
+ case 8: /* cnearset ::= nearset */
+{
+ fts5yygotominor.fts5yy18 = sqlite3Fts5ParseNode(pParse, FTS5_STRING, 0, 0, fts5yymsp[0].minor.fts5yy26);
+}
+ break;
+ case 9: /* cnearset ::= colset COLON nearset */
+{
+ sqlite3Fts5ParseSetColset(pParse, fts5yymsp[0].minor.fts5yy26, fts5yymsp[-2].minor.fts5yy3);
+ fts5yygotominor.fts5yy18 = sqlite3Fts5ParseNode(pParse, FTS5_STRING, 0, 0, fts5yymsp[0].minor.fts5yy26);
+}
+ break;
+ case 10: /* colset ::= LCP colsetlist RCP */
+{ fts5yygotominor.fts5yy3 = fts5yymsp[-1].minor.fts5yy3; }
+ break;
+ case 11: /* colset ::= STRING */
+{
+ fts5yygotominor.fts5yy3 = sqlite3Fts5ParseColset(pParse, 0, &fts5yymsp[0].minor.fts5yy0);
+}
+ break;
+ case 12: /* colsetlist ::= colsetlist STRING */
+{
+ fts5yygotominor.fts5yy3 = sqlite3Fts5ParseColset(pParse, fts5yymsp[-1].minor.fts5yy3, &fts5yymsp[0].minor.fts5yy0); }
+ break;
+ case 13: /* colsetlist ::= STRING */
+{
+ fts5yygotominor.fts5yy3 = sqlite3Fts5ParseColset(pParse, 0, &fts5yymsp[0].minor.fts5yy0);
+}
+ break;
+ case 14: /* nearset ::= phrase */
+{ fts5yygotominor.fts5yy26 = sqlite3Fts5ParseNearset(pParse, 0, fts5yymsp[0].minor.fts5yy11); }
+ break;
+ case 15: /* nearset ::= STRING LP nearphrases neardist_opt RP */
+{
+ sqlite3Fts5ParseNear(pParse, &fts5yymsp[-4].minor.fts5yy0);
+ sqlite3Fts5ParseSetDistance(pParse, fts5yymsp[-2].minor.fts5yy26, &fts5yymsp[-1].minor.fts5yy0);
+ fts5yygotominor.fts5yy26 = fts5yymsp[-2].minor.fts5yy26;
+}
+ break;
+ case 16: /* nearphrases ::= phrase */
+{
+ fts5yygotominor.fts5yy26 = sqlite3Fts5ParseNearset(pParse, 0, fts5yymsp[0].minor.fts5yy11);
+}
+ break;
+ case 17: /* nearphrases ::= nearphrases phrase */
+{
+ fts5yygotominor.fts5yy26 = sqlite3Fts5ParseNearset(pParse, fts5yymsp[-1].minor.fts5yy26, fts5yymsp[0].minor.fts5yy11);
+}
+ break;
+ case 18: /* neardist_opt ::= */
+{ fts5yygotominor.fts5yy0.p = 0; fts5yygotominor.fts5yy0.n = 0; }
+ break;
+ case 19: /* neardist_opt ::= COMMA STRING */
+{ fts5yygotominor.fts5yy0 = fts5yymsp[0].minor.fts5yy0; }
+ break;
+ case 20: /* phrase ::= phrase PLUS STRING star_opt */
+{
+ fts5yygotominor.fts5yy11 = sqlite3Fts5ParseTerm(pParse, fts5yymsp[-3].minor.fts5yy11, &fts5yymsp[-1].minor.fts5yy0, fts5yymsp[0].minor.fts5yy20);
+}
+ break;
+ case 21: /* phrase ::= STRING star_opt */
+{
+ fts5yygotominor.fts5yy11 = sqlite3Fts5ParseTerm(pParse, 0, &fts5yymsp[-1].minor.fts5yy0, fts5yymsp[0].minor.fts5yy20);
+}
+ break;
+ case 22: /* star_opt ::= STAR */
+{ fts5yygotominor.fts5yy20 = 1; }
+ break;
+ case 23: /* star_opt ::= */
+{ fts5yygotominor.fts5yy20 = 0; }
+ break;
+ default:
+ break;
+/********** End reduce actions ************************************************/
+ };
+ assert( fts5yyruleno>=0 && fts5yyruleno<sizeof(fts5yyRuleInfo)/sizeof(fts5yyRuleInfo[0]) );
+ fts5yygoto = fts5yyRuleInfo[fts5yyruleno].lhs;
+ fts5yysize = fts5yyRuleInfo[fts5yyruleno].nrhs;
+ fts5yypParser->fts5yyidx -= fts5yysize;
+ fts5yyact = fts5yy_find_reduce_action(fts5yymsp[-fts5yysize].stateno,(fts5YYCODETYPE)fts5yygoto);
+ if( fts5yyact <= fts5YY_MAX_SHIFTREDUCE ){
+ if( fts5yyact>fts5YY_MAX_SHIFT ) fts5yyact += fts5YY_MIN_REDUCE - fts5YY_MIN_SHIFTREDUCE;
+ /* If the reduce action popped at least
+ ** one element off the stack, then we can push the new element back
+ ** onto the stack here, and skip the stack overflow test in fts5yy_shift().
+ ** That gives a significant speed improvement. */
+ if( fts5yysize ){
+ fts5yypParser->fts5yyidx++;
+ fts5yymsp -= fts5yysize-1;
+ fts5yymsp->stateno = (fts5YYACTIONTYPE)fts5yyact;
+ fts5yymsp->major = (fts5YYCODETYPE)fts5yygoto;
+ fts5yymsp->minor = fts5yygotominor;
+ fts5yyTraceShift(fts5yypParser, fts5yyact);
+ }else{
+ fts5yy_shift(fts5yypParser,fts5yyact,fts5yygoto,&fts5yygotominor);
+ }
+ }else{
+ assert( fts5yyact == fts5YY_ACCEPT_ACTION );
+ fts5yy_accept(fts5yypParser);
+ }
+}
+
+/*
+** The following code executes when the parse fails
+*/
+#ifndef fts5YYNOERRORRECOVERY
+static void fts5yy_parse_failed(
+ fts5yyParser *fts5yypParser /* The parser */
+){
+ sqlite3Fts5ParserARG_FETCH;
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sFail!\n",fts5yyTracePrompt);
+ }
+#endif
+ while( fts5yypParser->fts5yyidx>=0 ) fts5yy_pop_parser_stack(fts5yypParser);
+ /* Here code is inserted which will be executed whenever the
+ ** parser fails */
+/************ Begin %parse_failure code ***************************************/
+/************ End %parse_failure code *****************************************/
+ sqlite3Fts5ParserARG_STORE; /* Suppress warning about unused %extra_argument variable */
+}
+#endif /* fts5YYNOERRORRECOVERY */
+
+/*
+** The following code executes when a syntax error first occurs.
+*/
+static void fts5yy_syntax_error(
+ fts5yyParser *fts5yypParser, /* The parser */
+ int fts5yymajor, /* The major type of the error token */
+ fts5YYMINORTYPE fts5yyminor /* The minor type of the error token */
+){
+ sqlite3Fts5ParserARG_FETCH;
+#define FTS5TOKEN (fts5yyminor.fts5yy0)
+/************ Begin %syntax_error code ****************************************/
+
+ sqlite3Fts5ParseError(
+ pParse, "fts5: syntax error near \"%.*s\"",FTS5TOKEN.n,FTS5TOKEN.p
+ );
+/************ End %syntax_error code ******************************************/
+ sqlite3Fts5ParserARG_STORE; /* Suppress warning about unused %extra_argument variable */
+}
+
+/*
+** The following is executed when the parser accepts
+*/
+static void fts5yy_accept(
+ fts5yyParser *fts5yypParser /* The parser */
+){
+ sqlite3Fts5ParserARG_FETCH;
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sAccept!\n",fts5yyTracePrompt);
+ }
+#endif
+ while( fts5yypParser->fts5yyidx>=0 ) fts5yy_pop_parser_stack(fts5yypParser);
+ /* Here code is inserted which will be executed whenever the
+ ** parser accepts */
+/*********** Begin %parse_accept code *****************************************/
+/*********** End %parse_accept code *******************************************/
+ sqlite3Fts5ParserARG_STORE; /* Suppress warning about unused %extra_argument variable */
+}
+
+/* The main parser program.
+** The first argument is a pointer to a structure obtained from
+** "sqlite3Fts5ParserAlloc" which describes the current state of the parser.
+** The second argument is the major token number. The third is
+** the minor token. The fourth optional argument is whatever the
+** user wants (and specified in the grammar) and is available for
+** use by the action routines.
+**
+** Inputs:
+** <ul>
+** <li> A pointer to the parser (an opaque structure.)
+** <li> The major token number.
+** <li> The minor token number.
+** <li> An option argument of a grammar-specified type.
+** </ul>
+**
+** Outputs:
+** None.
+*/
+static void sqlite3Fts5Parser(
+ void *fts5yyp, /* The parser */
+ int fts5yymajor, /* The major token code number */
+ sqlite3Fts5ParserFTS5TOKENTYPE fts5yyminor /* The value for the token */
+ sqlite3Fts5ParserARG_PDECL /* Optional %extra_argument parameter */
+){
+ fts5YYMINORTYPE fts5yyminorunion;
+ int fts5yyact; /* The parser action. */
+#if !defined(fts5YYERRORSYMBOL) && !defined(fts5YYNOERRORRECOVERY)
+ int fts5yyendofinput; /* True if we are at the end of input */
+#endif
+#ifdef fts5YYERRORSYMBOL
+ int fts5yyerrorhit = 0; /* True if fts5yymajor has invoked an error */
+#endif
+ fts5yyParser *fts5yypParser; /* The parser */
+
+ /* (re)initialize the parser, if necessary */
+ fts5yypParser = (fts5yyParser*)fts5yyp;
+ if( fts5yypParser->fts5yyidx<0 ){
+#if fts5YYSTACKDEPTH<=0
+ if( fts5yypParser->fts5yystksz <=0 ){
+ /*memset(&fts5yyminorunion, 0, sizeof(fts5yyminorunion));*/
+ fts5yyminorunion = fts5yyzerominor;
+ fts5yyStackOverflow(fts5yypParser, &fts5yyminorunion);
+ return;
+ }
+#endif
+ fts5yypParser->fts5yyidx = 0;
+ fts5yypParser->fts5yyerrcnt = -1;
+ fts5yypParser->fts5yystack[0].stateno = 0;
+ fts5yypParser->fts5yystack[0].major = 0;
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sInitialize. Empty stack. State 0\n",
+ fts5yyTracePrompt);
+ }
+#endif
+ }
+ fts5yyminorunion.fts5yy0 = fts5yyminor;
+#if !defined(fts5YYERRORSYMBOL) && !defined(fts5YYNOERRORRECOVERY)
+ fts5yyendofinput = (fts5yymajor==0);
+#endif
+ sqlite3Fts5ParserARG_STORE;
+
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sInput '%s'\n",fts5yyTracePrompt,fts5yyTokenName[fts5yymajor]);
+ }
+#endif
+
+ do{
+ fts5yyact = fts5yy_find_shift_action(fts5yypParser,(fts5YYCODETYPE)fts5yymajor);
+ if( fts5yyact <= fts5YY_MAX_SHIFTREDUCE ){
+ if( fts5yyact > fts5YY_MAX_SHIFT ) fts5yyact += fts5YY_MIN_REDUCE - fts5YY_MIN_SHIFTREDUCE;
+ fts5yy_shift(fts5yypParser,fts5yyact,fts5yymajor,&fts5yyminorunion);
+ fts5yypParser->fts5yyerrcnt--;
+ fts5yymajor = fts5YYNOCODE;
+ }else if( fts5yyact <= fts5YY_MAX_REDUCE ){
+ fts5yy_reduce(fts5yypParser,fts5yyact-fts5YY_MIN_REDUCE);
+ }else{
+ assert( fts5yyact == fts5YY_ERROR_ACTION );
+#ifdef fts5YYERRORSYMBOL
+ int fts5yymx;
+#endif
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sSyntax Error!\n",fts5yyTracePrompt);
+ }
+#endif
+#ifdef fts5YYERRORSYMBOL
+ /* A syntax error has occurred.
+ ** The response to an error depends upon whether or not the
+ ** grammar defines an error token "ERROR".
+ **
+ ** This is what we do if the grammar does define ERROR:
+ **
+ ** * Call the %syntax_error function.
+ **
+ ** * Begin popping the stack until we enter a state where
+ ** it is legal to shift the error symbol, then shift
+ ** the error symbol.
+ **
+ ** * Set the error count to three.
+ **
+ ** * Begin accepting and shifting new tokens. No new error
+ ** processing will occur until three tokens have been
+ ** shifted successfully.
+ **
+ */
+ if( fts5yypParser->fts5yyerrcnt<0 ){
+ fts5yy_syntax_error(fts5yypParser,fts5yymajor,fts5yyminorunion);
+ }
+ fts5yymx = fts5yypParser->fts5yystack[fts5yypParser->fts5yyidx].major;
+ if( fts5yymx==fts5YYERRORSYMBOL || fts5yyerrorhit ){
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ fprintf(fts5yyTraceFILE,"%sDiscard input token %s\n",
+ fts5yyTracePrompt,fts5yyTokenName[fts5yymajor]);
+ }
+#endif
+ fts5yy_destructor(fts5yypParser, (fts5YYCODETYPE)fts5yymajor,&fts5yyminorunion);
+ fts5yymajor = fts5YYNOCODE;
+ }else{
+ while(
+ fts5yypParser->fts5yyidx >= 0 &&
+ fts5yymx != fts5YYERRORSYMBOL &&
+ (fts5yyact = fts5yy_find_reduce_action(
+ fts5yypParser->fts5yystack[fts5yypParser->fts5yyidx].stateno,
+ fts5YYERRORSYMBOL)) >= fts5YY_MIN_REDUCE
+ ){
+ fts5yy_pop_parser_stack(fts5yypParser);
+ }
+ if( fts5yypParser->fts5yyidx < 0 || fts5yymajor==0 ){
+ fts5yy_destructor(fts5yypParser,(fts5YYCODETYPE)fts5yymajor,&fts5yyminorunion);
+ fts5yy_parse_failed(fts5yypParser);
+ fts5yymajor = fts5YYNOCODE;
+ }else if( fts5yymx!=fts5YYERRORSYMBOL ){
+ fts5YYMINORTYPE u2;
+ u2.fts5YYERRSYMDT = 0;
+ fts5yy_shift(fts5yypParser,fts5yyact,fts5YYERRORSYMBOL,&u2);
+ }
+ }
+ fts5yypParser->fts5yyerrcnt = 3;
+ fts5yyerrorhit = 1;
+#elif defined(fts5YYNOERRORRECOVERY)
+ /* If the fts5YYNOERRORRECOVERY macro is defined, then do not attempt to
+ ** do any kind of error recovery. Instead, simply invoke the syntax
+ ** error routine and continue going as if nothing had happened.
+ **
+ ** Applications can set this macro (for example inside %include) if
+ ** they intend to abandon the parse upon the first syntax error seen.
+ */
+ fts5yy_syntax_error(fts5yypParser,fts5yymajor,fts5yyminorunion);
+ fts5yy_destructor(fts5yypParser,(fts5YYCODETYPE)fts5yymajor,&fts5yyminorunion);
+ fts5yymajor = fts5YYNOCODE;
+
+#else /* fts5YYERRORSYMBOL is not defined */
+ /* This is what we do if the grammar does not define ERROR:
+ **
+ ** * Report an error message, and throw away the input token.
+ **
+ ** * If the input token is $, then fail the parse.
+ **
+ ** As before, subsequent error messages are suppressed until
+ ** three input tokens have been successfully shifted.
+ */
+ if( fts5yypParser->fts5yyerrcnt<=0 ){
+ fts5yy_syntax_error(fts5yypParser,fts5yymajor,fts5yyminorunion);
+ }
+ fts5yypParser->fts5yyerrcnt = 3;
+ fts5yy_destructor(fts5yypParser,(fts5YYCODETYPE)fts5yymajor,&fts5yyminorunion);
+ if( fts5yyendofinput ){
+ fts5yy_parse_failed(fts5yypParser);
+ }
+ fts5yymajor = fts5YYNOCODE;
+#endif
+ }
+ }while( fts5yymajor!=fts5YYNOCODE && fts5yypParser->fts5yyidx>=0 );
+#ifndef NDEBUG
+ if( fts5yyTraceFILE ){
+ int i;
+ fprintf(fts5yyTraceFILE,"%sReturn. Stack=",fts5yyTracePrompt);
+ for(i=1; i<=fts5yypParser->fts5yyidx; i++)
+ fprintf(fts5yyTraceFILE,"%c%s", i==1 ? '[' : ' ',
+ fts5yyTokenName[fts5yypParser->fts5yystack[i].major]);
+ fprintf(fts5yyTraceFILE,"]\n");
+ }
+#endif
+ return;
+}
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+*/
+
+
+/* #include "fts5Int.h" */
+#include <math.h> /* amalgamator: keep */
+
+/*
+** Object used to iterate through all "coalesced phrase instances" in
+** a single column of the current row. If the phrase instances in the
+** column being considered do not overlap, this object simply iterates
+** through them. Or, if they do overlap (share one or more tokens in
+** common), each set of overlapping instances is treated as a single
+** match. See documentation for the highlight() auxiliary function for
+** details.
+**
+** Usage is:
+**
+** for(rc = fts5CInstIterNext(pApi, pFts, iCol, &iter);
+** (rc==SQLITE_OK && 0==fts5CInstIterEof(&iter);
+** rc = fts5CInstIterNext(&iter)
+** ){
+** printf("instance starts at %d, ends at %d\n", iter.iStart, iter.iEnd);
+** }
+**
+*/
+typedef struct CInstIter CInstIter;
+struct CInstIter {
+ const Fts5ExtensionApi *pApi; /* API offered by current FTS version */
+ Fts5Context *pFts; /* First arg to pass to pApi functions */
+ int iCol; /* Column to search */
+ int iInst; /* Next phrase instance index */
+ int nInst; /* Total number of phrase instances */
+
+ /* Output variables */
+ int iStart; /* First token in coalesced phrase instance */
+ int iEnd; /* Last token in coalesced phrase instance */
+};
+
+/*
+** Advance the iterator to the next coalesced phrase instance. Return
+** an SQLite error code if an error occurs, or SQLITE_OK otherwise.
+*/
+static int fts5CInstIterNext(CInstIter *pIter){
+ int rc = SQLITE_OK;
+ pIter->iStart = -1;
+ pIter->iEnd = -1;
+
+ while( rc==SQLITE_OK && pIter->iInst<pIter->nInst ){
+ int ip; int ic; int io;
+ rc = pIter->pApi->xInst(pIter->pFts, pIter->iInst, &ip, &ic, &io);
+ if( rc==SQLITE_OK ){
+ if( ic==pIter->iCol ){
+ int iEnd = io - 1 + pIter->pApi->xPhraseSize(pIter->pFts, ip);
+ if( pIter->iStart<0 ){
+ pIter->iStart = io;
+ pIter->iEnd = iEnd;
+ }else if( io<=pIter->iEnd ){
+ if( iEnd>pIter->iEnd ) pIter->iEnd = iEnd;
+ }else{
+ break;
+ }
+ }
+ pIter->iInst++;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Initialize the iterator object indicated by the final parameter to
+** iterate through coalesced phrase instances in column iCol.
+*/
+static int fts5CInstIterInit(
+ const Fts5ExtensionApi *pApi,
+ Fts5Context *pFts,
+ int iCol,
+ CInstIter *pIter
+){
+ int rc;
+
+ memset(pIter, 0, sizeof(CInstIter));
+ pIter->pApi = pApi;
+ pIter->pFts = pFts;
+ pIter->iCol = iCol;
+ rc = pApi->xInstCount(pFts, &pIter->nInst);
+
+ if( rc==SQLITE_OK ){
+ rc = fts5CInstIterNext(pIter);
+ }
+
+ return rc;
+}
+
+
+
+/*************************************************************************
+** Start of highlight() implementation.
+*/
+typedef struct HighlightContext HighlightContext;
+struct HighlightContext {
+ CInstIter iter; /* Coalesced Instance Iterator */
+ int iPos; /* Current token offset in zIn[] */
+ int iRangeStart; /* First token to include */
+ int iRangeEnd; /* If non-zero, last token to include */
+ const char *zOpen; /* Opening highlight */
+ const char *zClose; /* Closing highlight */
+ const char *zIn; /* Input text */
+ int nIn; /* Size of input text in bytes */
+ int iOff; /* Current offset within zIn[] */
+ char *zOut; /* Output value */
+};
+
+/*
+** Append text to the HighlightContext output string - p->zOut. Argument
+** z points to a buffer containing n bytes of text to append. If n is
+** negative, everything up until the first '\0' is appended to the output.
+**
+** If *pRc is set to any value other than SQLITE_OK when this function is
+** called, it is a no-op. If an error (i.e. an OOM condition) is encountered,
+** *pRc is set to an error code before returning.
+*/
+static void fts5HighlightAppend(
+ int *pRc,
+ HighlightContext *p,
+ const char *z, int n
+){
+ if( *pRc==SQLITE_OK ){
+ if( n<0 ) n = (int)strlen(z);
+ p->zOut = sqlite3_mprintf("%z%.*s", p->zOut, n, z);
+ if( p->zOut==0 ) *pRc = SQLITE_NOMEM;
+ }
+}
+
+/*
+** Tokenizer callback used by implementation of highlight() function.
+*/
+static int fts5HighlightCb(
+ void *pContext, /* Pointer to HighlightContext object */
+ int tflags, /* Mask of FTS5_TOKEN_* flags */
+ const char *pToken, /* Buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStartOff, /* Start offset of token */
+ int iEndOff /* End offset of token */
+){
+ HighlightContext *p = (HighlightContext*)pContext;
+ int rc = SQLITE_OK;
+ int iPos;
+
+ if( tflags & FTS5_TOKEN_COLOCATED ) return SQLITE_OK;
+ iPos = p->iPos++;
+
+ if( p->iRangeEnd>0 ){
+ if( iPos<p->iRangeStart || iPos>p->iRangeEnd ) return SQLITE_OK;
+ if( p->iRangeStart && iPos==p->iRangeStart ) p->iOff = iStartOff;
+ }
+
+ if( iPos==p->iter.iStart ){
+ fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iStartOff - p->iOff);
+ fts5HighlightAppend(&rc, p, p->zOpen, -1);
+ p->iOff = iStartOff;
+ }
+
+ if( iPos==p->iter.iEnd ){
+ if( p->iRangeEnd && p->iter.iStart<p->iRangeStart ){
+ fts5HighlightAppend(&rc, p, p->zOpen, -1);
+ }
+ fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
+ fts5HighlightAppend(&rc, p, p->zClose, -1);
+ p->iOff = iEndOff;
+ if( rc==SQLITE_OK ){
+ rc = fts5CInstIterNext(&p->iter);
+ }
+ }
+
+ if( p->iRangeEnd>0 && iPos==p->iRangeEnd ){
+ fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
+ p->iOff = iEndOff;
+ if( iPos<p->iter.iEnd ){
+ fts5HighlightAppend(&rc, p, p->zClose, -1);
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Implementation of highlight() function.
+*/
+static void fts5HighlightFunction(
+ const Fts5ExtensionApi *pApi, /* API offered by current FTS version */
+ Fts5Context *pFts, /* First arg to pass to pApi functions */
+ sqlite3_context *pCtx, /* Context for returning result/error */
+ int nVal, /* Number of values in apVal[] array */
+ sqlite3_value **apVal /* Array of trailing arguments */
+){
+ HighlightContext ctx;
+ int rc;
+ int iCol;
+
+ if( nVal!=3 ){
+ const char *zErr = "wrong number of arguments to function highlight()";
+ sqlite3_result_error(pCtx, zErr, -1);
+ return;
+ }
+
+ iCol = sqlite3_value_int(apVal[0]);
+ memset(&ctx, 0, sizeof(HighlightContext));
+ ctx.zOpen = (const char*)sqlite3_value_text(apVal[1]);
+ ctx.zClose = (const char*)sqlite3_value_text(apVal[2]);
+ rc = pApi->xColumnText(pFts, iCol, &ctx.zIn, &ctx.nIn);
+
+ if( ctx.zIn ){
+ if( rc==SQLITE_OK ){
+ rc = fts5CInstIterInit(pApi, pFts, iCol, &ctx.iter);
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = pApi->xTokenize(pFts, ctx.zIn, ctx.nIn, (void*)&ctx,fts5HighlightCb);
+ }
+ fts5HighlightAppend(&rc, &ctx, &ctx.zIn[ctx.iOff], ctx.nIn - ctx.iOff);
+
+ if( rc==SQLITE_OK ){
+ sqlite3_result_text(pCtx, (const char*)ctx.zOut, -1, SQLITE_TRANSIENT);
+ }
+ sqlite3_free(ctx.zOut);
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3_result_error_code(pCtx, rc);
+ }
+}
+/*
+** End of highlight() implementation.
+**************************************************************************/
+
+/*
+** Implementation of snippet() function.
+*/
+static void fts5SnippetFunction(
+ const Fts5ExtensionApi *pApi, /* API offered by current FTS version */
+ Fts5Context *pFts, /* First arg to pass to pApi functions */
+ sqlite3_context *pCtx, /* Context for returning result/error */
+ int nVal, /* Number of values in apVal[] array */
+ sqlite3_value **apVal /* Array of trailing arguments */
+){
+ HighlightContext ctx;
+ int rc = SQLITE_OK; /* Return code */
+ int iCol; /* 1st argument to snippet() */
+ const char *zEllips; /* 4th argument to snippet() */
+ int nToken; /* 5th argument to snippet() */
+ int nInst = 0; /* Number of instance matches this row */
+ int i; /* Used to iterate through instances */
+ int nPhrase; /* Number of phrases in query */
+ unsigned char *aSeen; /* Array of "seen instance" flags */
+ int iBestCol; /* Column containing best snippet */
+ int iBestStart = 0; /* First token of best snippet */
+ int iBestLast; /* Last token of best snippet */
+ int nBestScore = 0; /* Score of best snippet */
+ int nColSize = 0; /* Total size of iBestCol in tokens */
+
+ if( nVal!=5 ){
+ const char *zErr = "wrong number of arguments to function snippet()";
+ sqlite3_result_error(pCtx, zErr, -1);
+ return;
+ }
+
+ memset(&ctx, 0, sizeof(HighlightContext));
+ iCol = sqlite3_value_int(apVal[0]);
+ ctx.zOpen = (const char*)sqlite3_value_text(apVal[1]);
+ ctx.zClose = (const char*)sqlite3_value_text(apVal[2]);
+ zEllips = (const char*)sqlite3_value_text(apVal[3]);
+ nToken = sqlite3_value_int(apVal[4]);
+ iBestLast = nToken-1;
+
+ iBestCol = (iCol>=0 ? iCol : 0);
+ nPhrase = pApi->xPhraseCount(pFts);
+ aSeen = sqlite3_malloc(nPhrase);
+ if( aSeen==0 ){
+ rc = SQLITE_NOMEM;
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = pApi->xInstCount(pFts, &nInst);
+ }
+ for(i=0; rc==SQLITE_OK && i<nInst; i++){
+ int ip, iSnippetCol, iStart;
+ memset(aSeen, 0, nPhrase);
+ rc = pApi->xInst(pFts, i, &ip, &iSnippetCol, &iStart);
+ if( rc==SQLITE_OK && (iCol<0 || iSnippetCol==iCol) ){
+ int nScore = 1000;
+ int iLast = iStart - 1 + pApi->xPhraseSize(pFts, ip);
+ int j;
+ aSeen[ip] = 1;
+
+ for(j=i+1; rc==SQLITE_OK && j<nInst; j++){
+ int ic; int io; int iFinal;
+ rc = pApi->xInst(pFts, j, &ip, &ic, &io);
+ iFinal = io + pApi->xPhraseSize(pFts, ip) - 1;
+ if( rc==SQLITE_OK && ic==iSnippetCol && iLast<iStart+nToken ){
+ nScore += aSeen[ip] ? 1000 : 1;
+ aSeen[ip] = 1;
+ if( iFinal>iLast ) iLast = iFinal;
+ }
+ }
+
+ if( rc==SQLITE_OK && nScore>nBestScore ){
+ iBestCol = iSnippetCol;
+ iBestStart = iStart;
+ iBestLast = iLast;
+ nBestScore = nScore;
+ }
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = pApi->xColumnSize(pFts, iBestCol, &nColSize);
+ }
+ if( rc==SQLITE_OK ){
+ rc = pApi->xColumnText(pFts, iBestCol, &ctx.zIn, &ctx.nIn);
+ }
+ if( ctx.zIn ){
+ if( rc==SQLITE_OK ){
+ rc = fts5CInstIterInit(pApi, pFts, iBestCol, &ctx.iter);
+ }
+
+ if( (iBestStart+nToken-1)>iBestLast ){
+ iBestStart -= (iBestStart+nToken-1-iBestLast) / 2;
+ }
+ if( iBestStart+nToken>nColSize ){
+ iBestStart = nColSize - nToken;
+ }
+ if( iBestStart<0 ) iBestStart = 0;
+
+ ctx.iRangeStart = iBestStart;
+ ctx.iRangeEnd = iBestStart + nToken - 1;
+
+ if( iBestStart>0 ){
+ fts5HighlightAppend(&rc, &ctx, zEllips, -1);
+ }
+ if( rc==SQLITE_OK ){
+ rc = pApi->xTokenize(pFts, ctx.zIn, ctx.nIn, (void*)&ctx,fts5HighlightCb);
+ }
+ if( ctx.iRangeEnd>=(nColSize-1) ){
+ fts5HighlightAppend(&rc, &ctx, &ctx.zIn[ctx.iOff], ctx.nIn - ctx.iOff);
+ }else{
+ fts5HighlightAppend(&rc, &ctx, zEllips, -1);
+ }
+
+ if( rc==SQLITE_OK ){
+ sqlite3_result_text(pCtx, (const char*)ctx.zOut, -1, SQLITE_TRANSIENT);
+ }else{
+ sqlite3_result_error_code(pCtx, rc);
+ }
+ sqlite3_free(ctx.zOut);
+ }
+ sqlite3_free(aSeen);
+}
+
+/************************************************************************/
+
+/*
+** The first time the bm25() function is called for a query, an instance
+** of the following structure is allocated and populated.
+*/
+typedef struct Fts5Bm25Data Fts5Bm25Data;
+struct Fts5Bm25Data {
+ int nPhrase; /* Number of phrases in query */
+ double avgdl; /* Average number of tokens in each row */
+ double *aIDF; /* IDF for each phrase */
+ double *aFreq; /* Array used to calculate phrase freq. */
+};
+
+/*
+** Callback used by fts5Bm25GetData() to count the number of rows in the
+** table matched by each individual phrase within the query.
+*/
+static int fts5CountCb(
+ const Fts5ExtensionApi *pApi,
+ Fts5Context *pFts,
+ void *pUserData /* Pointer to sqlite3_int64 variable */
+){
+ sqlite3_int64 *pn = (sqlite3_int64*)pUserData;
+ (*pn)++;
+ return SQLITE_OK;
+}
+
+/*
+** Set *ppData to point to the Fts5Bm25Data object for the current query.
+** If the object has not already been allocated, allocate and populate it
+** now.
+*/
+static int fts5Bm25GetData(
+ const Fts5ExtensionApi *pApi,
+ Fts5Context *pFts,
+ Fts5Bm25Data **ppData /* OUT: bm25-data object for this query */
+){
+ int rc = SQLITE_OK; /* Return code */
+ Fts5Bm25Data *p; /* Object to return */
+
+ p = pApi->xGetAuxdata(pFts, 0);
+ if( p==0 ){
+ int nPhrase; /* Number of phrases in query */
+ sqlite3_int64 nRow = 0; /* Number of rows in table */
+ sqlite3_int64 nToken = 0; /* Number of tokens in table */
+ int nByte; /* Bytes of space to allocate */
+ int i;
+
+ /* Allocate the Fts5Bm25Data object */
+ nPhrase = pApi->xPhraseCount(pFts);
+ nByte = sizeof(Fts5Bm25Data) + nPhrase*2*sizeof(double);
+ p = (Fts5Bm25Data*)sqlite3_malloc(nByte);
+ if( p==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(p, 0, nByte);
+ p->nPhrase = nPhrase;
+ p->aIDF = (double*)&p[1];
+ p->aFreq = &p->aIDF[nPhrase];
+ }
+
+ /* Calculate the average document length for this FTS5 table */
+ if( rc==SQLITE_OK ) rc = pApi->xRowCount(pFts, &nRow);
+ if( rc==SQLITE_OK ) rc = pApi->xColumnTotalSize(pFts, -1, &nToken);
+ if( rc==SQLITE_OK ) p->avgdl = (double)nToken / (double)nRow;
+
+ /* Calculate an IDF for each phrase in the query */
+ for(i=0; rc==SQLITE_OK && i<nPhrase; i++){
+ sqlite3_int64 nHit = 0;
+ rc = pApi->xQueryPhrase(pFts, i, (void*)&nHit, fts5CountCb);
+ if( rc==SQLITE_OK ){
+ /* Calculate the IDF (Inverse Document Frequency) for phrase i.
+ ** This is done using the standard BM25 formula as found on wikipedia:
+ **
+ ** IDF = log( (N - nHit + 0.5) / (nHit + 0.5) )
+ **
+ ** where "N" is the total number of documents in the set and nHit
+ ** is the number that contain at least one instance of the phrase
+ ** under consideration.
+ **
+ ** The problem with this is that if (N < 2*nHit), the IDF is
+ ** negative. Which is undesirable. So the mimimum allowable IDF is
+ ** (1e-6) - roughly the same as a term that appears in just over
+ ** half of set of 5,000,000 documents. */
+ double idf = log( (nRow - nHit + 0.5) / (nHit + 0.5) );
+ if( idf<=0.0 ) idf = 1e-6;
+ p->aIDF[i] = idf;
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(p);
+ }else{
+ rc = pApi->xSetAuxdata(pFts, p, sqlite3_free);
+ }
+ if( rc!=SQLITE_OK ) p = 0;
+ }
+ *ppData = p;
+ return rc;
+}
+
+/*
+** Implementation of bm25() function.
+*/
+static void fts5Bm25Function(
+ const Fts5ExtensionApi *pApi, /* API offered by current FTS version */
+ Fts5Context *pFts, /* First arg to pass to pApi functions */
+ sqlite3_context *pCtx, /* Context for returning result/error */
+ int nVal, /* Number of values in apVal[] array */
+ sqlite3_value **apVal /* Array of trailing arguments */
+){
+ const double k1 = 1.2; /* Constant "k1" from BM25 formula */
+ const double b = 0.75; /* Constant "b" from BM25 formula */
+ int rc = SQLITE_OK; /* Error code */
+ double score = 0.0; /* SQL function return value */
+ Fts5Bm25Data *pData; /* Values allocated/calculated once only */
+ int i; /* Iterator variable */
+ int nInst = 0; /* Value returned by xInstCount() */
+ double D = 0.0; /* Total number of tokens in row */
+ double *aFreq = 0; /* Array of phrase freq. for current row */
+
+ /* Calculate the phrase frequency (symbol "f(qi,D)" in the documentation)
+ ** for each phrase in the query for the current row. */
+ rc = fts5Bm25GetData(pApi, pFts, &pData);
+ if( rc==SQLITE_OK ){
+ aFreq = pData->aFreq;
+ memset(aFreq, 0, sizeof(double) * pData->nPhrase);
+ rc = pApi->xInstCount(pFts, &nInst);
+ }
+ for(i=0; rc==SQLITE_OK && i<nInst; i++){
+ int ip; int ic; int io;
+ rc = pApi->xInst(pFts, i, &ip, &ic, &io);
+ if( rc==SQLITE_OK ){
+ double w = (nVal > ic) ? sqlite3_value_double(apVal[ic]) : 1.0;
+ aFreq[ip] += w;
+ }
+ }
+
+ /* Figure out the total size of the current row in tokens. */
+ if( rc==SQLITE_OK ){
+ int nTok;
+ rc = pApi->xColumnSize(pFts, -1, &nTok);
+ D = (double)nTok;
+ }
+
+ /* Determine the BM25 score for the current row. */
+ for(i=0; rc==SQLITE_OK && i<pData->nPhrase; i++){
+ score += pData->aIDF[i] * (
+ ( aFreq[i] * (k1 + 1.0) ) /
+ ( aFreq[i] + k1 * (1 - b + b * D / pData->avgdl) )
+ );
+ }
+
+ /* If no error has occurred, return the calculated score. Otherwise,
+ ** throw an SQL exception. */
+ if( rc==SQLITE_OK ){
+ sqlite3_result_double(pCtx, -1.0 * score);
+ }else{
+ sqlite3_result_error_code(pCtx, rc);
+ }
+}
+
+static int sqlite3Fts5AuxInit(fts5_api *pApi){
+ struct Builtin {
+ const char *zFunc; /* Function name (nul-terminated) */
+ void *pUserData; /* User-data pointer */
+ fts5_extension_function xFunc;/* Callback function */
+ void (*xDestroy)(void*); /* Destructor function */
+ } aBuiltin [] = {
+ { "snippet", 0, fts5SnippetFunction, 0 },
+ { "highlight", 0, fts5HighlightFunction, 0 },
+ { "bm25", 0, fts5Bm25Function, 0 },
+ };
+ int rc = SQLITE_OK; /* Return code */
+ int i; /* To iterate through builtin functions */
+
+ for(i=0; rc==SQLITE_OK && i<(int)ArraySize(aBuiltin); i++){
+ rc = pApi->xCreateFunction(pApi,
+ aBuiltin[i].zFunc,
+ aBuiltin[i].pUserData,
+ aBuiltin[i].xFunc,
+ aBuiltin[i].xDestroy
+ );
+ }
+
+ return rc;
+}
+
+
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+*/
+
+
+
+/* #include "fts5Int.h" */
+
+static int sqlite3Fts5BufferSize(int *pRc, Fts5Buffer *pBuf, int nByte){
+ int nNew = pBuf->nSpace ? pBuf->nSpace*2 : 64;
+ u8 *pNew;
+ while( nNew<nByte ){
+ nNew = nNew * 2;
+ }
+ pNew = sqlite3_realloc(pBuf->p, nNew);
+ if( pNew==0 ){
+ *pRc = SQLITE_NOMEM;
+ return 1;
+ }else{
+ pBuf->nSpace = nNew;
+ pBuf->p = pNew;
+ }
+ return 0;
+}
+
+
+/*
+** Encode value iVal as an SQLite varint and append it to the buffer object
+** pBuf. If an OOM error occurs, set the error code in p.
+*/
+static void sqlite3Fts5BufferAppendVarint(int *pRc, Fts5Buffer *pBuf, i64 iVal){
+ if( fts5BufferGrow(pRc, pBuf, 9) ) return;
+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iVal);
+}
+
+static void sqlite3Fts5Put32(u8 *aBuf, int iVal){
+ aBuf[0] = (iVal>>24) & 0x00FF;
+ aBuf[1] = (iVal>>16) & 0x00FF;
+ aBuf[2] = (iVal>> 8) & 0x00FF;
+ aBuf[3] = (iVal>> 0) & 0x00FF;
+}
+
+static int sqlite3Fts5Get32(const u8 *aBuf){
+ return (aBuf[0] << 24) + (aBuf[1] << 16) + (aBuf[2] << 8) + aBuf[3];
+}
+
+/*
+** Append buffer nData/pData to buffer pBuf. If an OOM error occurs, set
+** the error code in p. If an error has already occurred when this function
+** is called, it is a no-op.
+*/
+static void sqlite3Fts5BufferAppendBlob(
+ int *pRc,
+ Fts5Buffer *pBuf,
+ int nData,
+ const u8 *pData
+){
+ assert( *pRc || nData>=0 );
+ if( fts5BufferGrow(pRc, pBuf, nData) ) return;
+ memcpy(&pBuf->p[pBuf->n], pData, nData);
+ pBuf->n += nData;
+}
+
+/*
+** Append the nul-terminated string zStr to the buffer pBuf. This function
+** ensures that the byte following the buffer data is set to 0x00, even
+** though this byte is not included in the pBuf->n count.
+*/
+static void sqlite3Fts5BufferAppendString(
+ int *pRc,
+ Fts5Buffer *pBuf,
+ const char *zStr
+){
+ int nStr = (int)strlen(zStr);
+ sqlite3Fts5BufferAppendBlob(pRc, pBuf, nStr+1, (const u8*)zStr);
+ pBuf->n--;
+}
+
+/*
+** Argument zFmt is a printf() style format string. This function performs
+** the printf() style processing, then appends the results to buffer pBuf.
+**
+** Like sqlite3Fts5BufferAppendString(), this function ensures that the byte
+** following the buffer data is set to 0x00, even though this byte is not
+** included in the pBuf->n count.
+*/
+static void sqlite3Fts5BufferAppendPrintf(
+ int *pRc,
+ Fts5Buffer *pBuf,
+ char *zFmt, ...
+){
+ if( *pRc==SQLITE_OK ){
+ char *zTmp;
+ va_list ap;
+ va_start(ap, zFmt);
+ zTmp = sqlite3_vmprintf(zFmt, ap);
+ va_end(ap);
+
+ if( zTmp==0 ){
+ *pRc = SQLITE_NOMEM;
+ }else{
+ sqlite3Fts5BufferAppendString(pRc, pBuf, zTmp);
+ sqlite3_free(zTmp);
+ }
+ }
+}
+
+static char *sqlite3Fts5Mprintf(int *pRc, const char *zFmt, ...){
+ char *zRet = 0;
+ if( *pRc==SQLITE_OK ){
+ va_list ap;
+ va_start(ap, zFmt);
+ zRet = sqlite3_vmprintf(zFmt, ap);
+ va_end(ap);
+ if( zRet==0 ){
+ *pRc = SQLITE_NOMEM;
+ }
+ }
+ return zRet;
+}
+
+
+/*
+** Free any buffer allocated by pBuf. Zero the structure before returning.
+*/
+static void sqlite3Fts5BufferFree(Fts5Buffer *pBuf){
+ sqlite3_free(pBuf->p);
+ memset(pBuf, 0, sizeof(Fts5Buffer));
+}
+
+/*
+** Zero the contents of the buffer object. But do not free the associated
+** memory allocation.
+*/
+static void sqlite3Fts5BufferZero(Fts5Buffer *pBuf){
+ pBuf->n = 0;
+}
+
+/*
+** Set the buffer to contain nData/pData. If an OOM error occurs, leave an
+** the error code in p. If an error has already occurred when this function
+** is called, it is a no-op.
+*/
+static void sqlite3Fts5BufferSet(
+ int *pRc,
+ Fts5Buffer *pBuf,
+ int nData,
+ const u8 *pData
+){
+ pBuf->n = 0;
+ sqlite3Fts5BufferAppendBlob(pRc, pBuf, nData, pData);
+}
+
+static int sqlite3Fts5PoslistNext64(
+ const u8 *a, int n, /* Buffer containing poslist */
+ int *pi, /* IN/OUT: Offset within a[] */
+ i64 *piOff /* IN/OUT: Current offset */
+){
+ int i = *pi;
+ if( i>=n ){
+ /* EOF */
+ *piOff = -1;
+ return 1;
+ }else{
+ i64 iOff = *piOff;
+ int iVal;
+ fts5FastGetVarint32(a, i, iVal);
+ if( iVal==1 ){
+ fts5FastGetVarint32(a, i, iVal);
+ iOff = ((i64)iVal) << 32;
+ fts5FastGetVarint32(a, i, iVal);
+ }
+ *piOff = iOff + (iVal-2);
+ *pi = i;
+ return 0;
+ }
+}
+
+
+/*
+** Advance the iterator object passed as the only argument. Return true
+** if the iterator reaches EOF, or false otherwise.
+*/
+static int sqlite3Fts5PoslistReaderNext(Fts5PoslistReader *pIter){
+ if( sqlite3Fts5PoslistNext64(pIter->a, pIter->n, &pIter->i, &pIter->iPos) ){
+ pIter->bEof = 1;
+ }
+ return pIter->bEof;
+}
+
+static int sqlite3Fts5PoslistReaderInit(
+ const u8 *a, int n, /* Poslist buffer to iterate through */
+ Fts5PoslistReader *pIter /* Iterator object to initialize */
+){
+ memset(pIter, 0, sizeof(*pIter));
+ pIter->a = a;
+ pIter->n = n;
+ sqlite3Fts5PoslistReaderNext(pIter);
+ return pIter->bEof;
+}
+
+static int sqlite3Fts5PoslistWriterAppend(
+ Fts5Buffer *pBuf,
+ Fts5PoslistWriter *pWriter,
+ i64 iPos
+){
+ static const i64 colmask = ((i64)(0x7FFFFFFF)) << 32;
+ int rc = SQLITE_OK;
+ if( 0==fts5BufferGrow(&rc, pBuf, 5+5+5) ){
+ if( (iPos & colmask) != (pWriter->iPrev & colmask) ){
+ pBuf->p[pBuf->n++] = 1;
+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos>>32));
+ pWriter->iPrev = (iPos & colmask);
+ }
+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos-pWriter->iPrev)+2);
+ pWriter->iPrev = iPos;
+ }
+ return rc;
+}
+
+static void *sqlite3Fts5MallocZero(int *pRc, int nByte){
+ void *pRet = 0;
+ if( *pRc==SQLITE_OK ){
+ pRet = sqlite3_malloc(nByte);
+ if( pRet==0 && nByte>0 ){
+ *pRc = SQLITE_NOMEM;
+ }else{
+ memset(pRet, 0, nByte);
+ }
+ }
+ return pRet;
+}
+
+/*
+** Return a nul-terminated copy of the string indicated by pIn. If nIn
+** is non-negative, then it is the length of the string in bytes. Otherwise,
+** the length of the string is determined using strlen().
+**
+** It is the responsibility of the caller to eventually free the returned
+** buffer using sqlite3_free(). If an OOM error occurs, NULL is returned.
+*/
+static char *sqlite3Fts5Strndup(int *pRc, const char *pIn, int nIn){
+ char *zRet = 0;
+ if( *pRc==SQLITE_OK ){
+ if( nIn<0 ){
+ nIn = (int)strlen(pIn);
+ }
+ zRet = (char*)sqlite3_malloc(nIn+1);
+ if( zRet ){
+ memcpy(zRet, pIn, nIn);
+ zRet[nIn] = '\0';
+ }else{
+ *pRc = SQLITE_NOMEM;
+ }
+ }
+ return zRet;
+}
+
+
+/*
+** Return true if character 't' may be part of an FTS5 bareword, or false
+** otherwise. Characters that may be part of barewords:
+**
+** * All non-ASCII characters,
+** * The 52 upper and lower case ASCII characters, and
+** * The 10 integer ASCII characters.
+** * The underscore character "_" (0x5F).
+** * The unicode "subsitute" character (0x1A).
+*/
+static int sqlite3Fts5IsBareword(char t){
+ u8 aBareword[128] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x00 .. 0x0F */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, /* 0x10 .. 0x1F */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x20 .. 0x2F */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, /* 0x30 .. 0x3F */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 0x40 .. 0x4F */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, /* 0x50 .. 0x5F */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 0x60 .. 0x6F */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0 /* 0x70 .. 0x7F */
+ };
+
+ return (t & 0x80) || aBareword[(int)t];
+}
+
+
+
+/*
+** 2014 Jun 09
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This is an SQLite module implementing full-text search.
+*/
+
+
+
+/* #include "fts5Int.h" */
+
+#define FTS5_DEFAULT_PAGE_SIZE 4050
+#define FTS5_DEFAULT_AUTOMERGE 4
+#define FTS5_DEFAULT_CRISISMERGE 16
+#define FTS5_DEFAULT_HASHSIZE (1024*1024)
+
+/* Maximum allowed page size */
+#define FTS5_MAX_PAGE_SIZE (128*1024)
+
+static int fts5_iswhitespace(char x){
+ return (x==' ');
+}
+
+static int fts5_isopenquote(char x){
+ return (x=='"' || x=='\'' || x=='[' || x=='`');
+}
+
+/*
+** Argument pIn points to a character that is part of a nul-terminated
+** string. Return a pointer to the first character following *pIn in
+** the string that is not a white-space character.
+*/
+static const char *fts5ConfigSkipWhitespace(const char *pIn){
+ const char *p = pIn;
+ if( p ){
+ while( fts5_iswhitespace(*p) ){ p++; }
+ }
+ return p;
+}
+
+/*
+** Argument pIn points to a character that is part of a nul-terminated
+** string. Return a pointer to the first character following *pIn in
+** the string that is not a "bareword" character.
+*/
+static const char *fts5ConfigSkipBareword(const char *pIn){
+ const char *p = pIn;
+ while ( sqlite3Fts5IsBareword(*p) ) p++;
+ if( p==pIn ) p = 0;
+ return p;
+}
+
+static int fts5_isdigit(char a){
+ return (a>='0' && a<='9');
+}
+
+
+
+static const char *fts5ConfigSkipLiteral(const char *pIn){
+ const char *p = pIn;
+ switch( *p ){
+ case 'n': case 'N':
+ if( sqlite3_strnicmp("null", p, 4)==0 ){
+ p = &p[4];
+ }else{
+ p = 0;
+ }
+ break;
+
+ case 'x': case 'X':
+ p++;
+ if( *p=='\'' ){
+ p++;
+ while( (*p>='a' && *p<='f')
+ || (*p>='A' && *p<='F')
+ || (*p>='0' && *p<='9')
+ ){
+ p++;
+ }
+ if( *p=='\'' && 0==((p-pIn)%2) ){
+ p++;
+ }else{
+ p = 0;
+ }
+ }else{
+ p = 0;
+ }
+ break;
+
+ case '\'':
+ p++;
+ while( p ){
+ if( *p=='\'' ){
+ p++;
+ if( *p!='\'' ) break;
+ }
+ p++;
+ if( *p==0 ) p = 0;
+ }
+ break;
+
+ default:
+ /* maybe a number */
+ if( *p=='+' || *p=='-' ) p++;
+ while( fts5_isdigit(*p) ) p++;
+
+ /* At this point, if the literal was an integer, the parse is
+ ** finished. Or, if it is a floating point value, it may continue
+ ** with either a decimal point or an 'E' character. */
+ if( *p=='.' && fts5_isdigit(p[1]) ){
+ p += 2;
+ while( fts5_isdigit(*p) ) p++;
+ }
+ if( p==pIn ) p = 0;
+
+ break;
+ }
+
+ return p;
+}
+
+/*
+** The first character of the string pointed to by argument z is guaranteed
+** to be an open-quote character (see function fts5_isopenquote()).
+**
+** This function searches for the corresponding close-quote character within
+** the string and, if found, dequotes the string in place and adds a new
+** nul-terminator byte.
+**
+** If the close-quote is found, the value returned is the byte offset of
+** the character immediately following it. Or, if the close-quote is not
+** found, -1 is returned. If -1 is returned, the buffer is left in an
+** undefined state.
+*/
+static int fts5Dequote(char *z){
+ char q;
+ int iIn = 1;
+ int iOut = 0;
+ q = z[0];
+
+ /* Set stack variable q to the close-quote character */
+ assert( q=='[' || q=='\'' || q=='"' || q=='`' );
+ if( q=='[' ) q = ']';
+
+ while( ALWAYS(z[iIn]) ){
+ if( z[iIn]==q ){
+ if( z[iIn+1]!=q ){
+ /* Character iIn was the close quote. */
+ iIn++;
+ break;
+ }else{
+ /* Character iIn and iIn+1 form an escaped quote character. Skip
+ ** the input cursor past both and copy a single quote character
+ ** to the output buffer. */
+ iIn += 2;
+ z[iOut++] = q;
+ }
+ }else{
+ z[iOut++] = z[iIn++];
+ }
+ }
+
+ z[iOut] = '\0';
+ return iIn;
+}
+
+/*
+** Convert an SQL-style quoted string into a normal string by removing
+** the quote characters. The conversion is done in-place. If the
+** input does not begin with a quote character, then this routine
+** is a no-op.
+**
+** Examples:
+**
+** "abc" becomes abc
+** 'xyz' becomes xyz
+** [pqr] becomes pqr
+** `mno` becomes mno
+*/
+static void sqlite3Fts5Dequote(char *z){
+ char quote; /* Quote character (if any ) */
+
+ assert( 0==fts5_iswhitespace(z[0]) );
+ quote = z[0];
+ if( quote=='[' || quote=='\'' || quote=='"' || quote=='`' ){
+ fts5Dequote(z);
+ }
+}
+
+/*
+** Parse a "special" CREATE VIRTUAL TABLE directive and update
+** configuration object pConfig as appropriate.
+**
+** If successful, object pConfig is updated and SQLITE_OK returned. If
+** an error occurs, an SQLite error code is returned and an error message
+** may be left in *pzErr. It is the responsibility of the caller to
+** eventually free any such error message using sqlite3_free().
+*/
+static int fts5ConfigParseSpecial(
+ Fts5Global *pGlobal,
+ Fts5Config *pConfig, /* Configuration object to update */
+ const char *zCmd, /* Special command to parse */
+ const char *zArg, /* Argument to parse */
+ char **pzErr /* OUT: Error message */
+){
+ int rc = SQLITE_OK;
+ int nCmd = (int)strlen(zCmd);
+ if( sqlite3_strnicmp("prefix", zCmd, nCmd)==0 ){
+ const int nByte = sizeof(int) * FTS5_MAX_PREFIX_INDEXES;
+ const char *p;
+ int bFirst = 1;
+ if( pConfig->aPrefix==0 ){
+ pConfig->aPrefix = sqlite3Fts5MallocZero(&rc, nByte);
+ if( rc ) return rc;
+ }
+
+ p = zArg;
+ while( 1 ){
+ int nPre = 0;
+
+ while( p[0]==' ' ) p++;
+ if( bFirst==0 && p[0]==',' ){
+ p++;
+ while( p[0]==' ' ) p++;
+ }else if( p[0]=='\0' ){
+ break;
+ }
+ if( p[0]<'0' || p[0]>'9' ){
+ *pzErr = sqlite3_mprintf("malformed prefix=... directive");
+ rc = SQLITE_ERROR;
+ break;
+ }
+
+ if( pConfig->nPrefix==FTS5_MAX_PREFIX_INDEXES ){
+ *pzErr = sqlite3_mprintf(
+ "too many prefix indexes (max %d)", FTS5_MAX_PREFIX_INDEXES
+ );
+ rc = SQLITE_ERROR;
+ break;
+ }
+
+ while( p[0]>='0' && p[0]<='9' && nPre<1000 ){
+ nPre = nPre*10 + (p[0] - '0');
+ p++;
+ }
+
+ if( rc==SQLITE_OK && (nPre<=0 || nPre>=1000) ){
+ *pzErr = sqlite3_mprintf("prefix length out of range (max 999)");
+ rc = SQLITE_ERROR;
+ break;
+ }
+
+ pConfig->aPrefix[pConfig->nPrefix] = nPre;
+ pConfig->nPrefix++;
+ bFirst = 0;
+ }
+ assert( pConfig->nPrefix<=FTS5_MAX_PREFIX_INDEXES );
+ return rc;
+ }
+
+ if( sqlite3_strnicmp("tokenize", zCmd, nCmd)==0 ){
+ const char *p = (const char*)zArg;
+ int nArg = (int)strlen(zArg) + 1;
+ char **azArg = sqlite3Fts5MallocZero(&rc, sizeof(char*) * nArg);
+ char *pDel = sqlite3Fts5MallocZero(&rc, nArg * 2);
+ char *pSpace = pDel;
+
+ if( azArg && pSpace ){
+ if( pConfig->pTok ){
+ *pzErr = sqlite3_mprintf("multiple tokenize=... directives");
+ rc = SQLITE_ERROR;
+ }else{
+ for(nArg=0; p && *p; nArg++){
+ const char *p2 = fts5ConfigSkipWhitespace(p);
+ if( *p2=='\'' ){
+ p = fts5ConfigSkipLiteral(p2);
+ }else{
+ p = fts5ConfigSkipBareword(p2);
+ }
+ if( p ){
+ memcpy(pSpace, p2, p-p2);
+ azArg[nArg] = pSpace;
+ sqlite3Fts5Dequote(pSpace);
+ pSpace += (p - p2) + 1;
+ p = fts5ConfigSkipWhitespace(p);
+ }
+ }
+ if( p==0 ){
+ *pzErr = sqlite3_mprintf("parse error in tokenize directive");
+ rc = SQLITE_ERROR;
+ }else{
+ rc = sqlite3Fts5GetTokenizer(pGlobal,
+ (const char**)azArg, nArg, &pConfig->pTok, &pConfig->pTokApi,
+ pzErr
+ );
+ }
+ }
+ }
+
+ sqlite3_free(azArg);
+ sqlite3_free(pDel);
+ return rc;
+ }
+
+ if( sqlite3_strnicmp("content", zCmd, nCmd)==0 ){
+ if( pConfig->eContent!=FTS5_CONTENT_NORMAL ){
+ *pzErr = sqlite3_mprintf("multiple content=... directives");
+ rc = SQLITE_ERROR;
+ }else{
+ if( zArg[0] ){
+ pConfig->eContent = FTS5_CONTENT_EXTERNAL;
+ pConfig->zContent = sqlite3Fts5Mprintf(&rc, "%Q.%Q", pConfig->zDb,zArg);
+ }else{
+ pConfig->eContent = FTS5_CONTENT_NONE;
+ }
+ }
+ return rc;
+ }
+
+ if( sqlite3_strnicmp("content_rowid", zCmd, nCmd)==0 ){
+ if( pConfig->zContentRowid ){
+ *pzErr = sqlite3_mprintf("multiple content_rowid=... directives");
+ rc = SQLITE_ERROR;
+ }else{
+ pConfig->zContentRowid = sqlite3Fts5Strndup(&rc, zArg, -1);
+ }
+ return rc;
+ }
+
+ if( sqlite3_strnicmp("columnsize", zCmd, nCmd)==0 ){
+ if( (zArg[0]!='0' && zArg[0]!='1') || zArg[1]!='\0' ){
+ *pzErr = sqlite3_mprintf("malformed columnsize=... directive");
+ rc = SQLITE_ERROR;
+ }else{
+ pConfig->bColumnsize = (zArg[0]=='1');
+ }
+ return rc;
+ }
+
+ *pzErr = sqlite3_mprintf("unrecognized option: \"%.*s\"", nCmd, zCmd);
+ return SQLITE_ERROR;
+}
+
+/*
+** Allocate an instance of the default tokenizer ("simple") at
+** Fts5Config.pTokenizer. Return SQLITE_OK if successful, or an SQLite error
+** code if an error occurs.
+*/
+static int fts5ConfigDefaultTokenizer(Fts5Global *pGlobal, Fts5Config *pConfig){
+ assert( pConfig->pTok==0 && pConfig->pTokApi==0 );
+ return sqlite3Fts5GetTokenizer(
+ pGlobal, 0, 0, &pConfig->pTok, &pConfig->pTokApi, 0
+ );
+}
+
+/*
+** Gobble up the first bareword or quoted word from the input buffer zIn.
+** Return a pointer to the character immediately following the last in
+** the gobbled word if successful, or a NULL pointer otherwise (failed
+** to find close-quote character).
+**
+** Before returning, set pzOut to point to a new buffer containing a
+** nul-terminated, dequoted copy of the gobbled word. If the word was
+** quoted, *pbQuoted is also set to 1 before returning.
+**
+** If *pRc is other than SQLITE_OK when this function is called, it is
+** a no-op (NULL is returned). Otherwise, if an OOM occurs within this
+** function, *pRc is set to SQLITE_NOMEM before returning. *pRc is *not*
+** set if a parse error (failed to find close quote) occurs.
+*/
+static const char *fts5ConfigGobbleWord(
+ int *pRc, /* IN/OUT: Error code */
+ const char *zIn, /* Buffer to gobble string/bareword from */
+ char **pzOut, /* OUT: malloc'd buffer containing str/bw */
+ int *pbQuoted /* OUT: Set to true if dequoting required */
+){
+ const char *zRet = 0;
+
+ int nIn = (int)strlen(zIn);
+ char *zOut = sqlite3_malloc(nIn+1);
+
+ assert( *pRc==SQLITE_OK );
+ *pbQuoted = 0;
+ *pzOut = 0;
+
+ if( zOut==0 ){
+ *pRc = SQLITE_NOMEM;
+ }else{
+ memcpy(zOut, zIn, nIn+1);
+ if( fts5_isopenquote(zOut[0]) ){
+ int ii = fts5Dequote(zOut);
+ zRet = &zIn[ii];
+ *pbQuoted = 1;
+ }else{
+ zRet = fts5ConfigSkipBareword(zIn);
+ zOut[zRet-zIn] = '\0';
+ }
+ }
+
+ if( zRet==0 ){
+ sqlite3_free(zOut);
+ }else{
+ *pzOut = zOut;
+ }
+
+ return zRet;
+}
+
+static int fts5ConfigParseColumn(
+ Fts5Config *p,
+ char *zCol,
+ char *zArg,
+ char **pzErr
+){
+ int rc = SQLITE_OK;
+ if( 0==sqlite3_stricmp(zCol, FTS5_RANK_NAME)
+ || 0==sqlite3_stricmp(zCol, FTS5_ROWID_NAME)
+ ){
+ *pzErr = sqlite3_mprintf("reserved fts5 column name: %s", zCol);
+ rc = SQLITE_ERROR;
+ }else if( zArg ){
+ if( 0==sqlite3_stricmp(zArg, "unindexed") ){
+ p->abUnindexed[p->nCol] = 1;
+ }else{
+ *pzErr = sqlite3_mprintf("unrecognized column option: %s", zArg);
+ rc = SQLITE_ERROR;
+ }
+ }
+
+ p->azCol[p->nCol++] = zCol;
+ return rc;
+}
+
+/*
+** Populate the Fts5Config.zContentExprlist string.
+*/
+static int fts5ConfigMakeExprlist(Fts5Config *p){
+ int i;
+ int rc = SQLITE_OK;
+ Fts5Buffer buf = {0, 0, 0};
+
+ sqlite3Fts5BufferAppendPrintf(&rc, &buf, "T.%Q", p->zContentRowid);
+ if( p->eContent!=FTS5_CONTENT_NONE ){
+ for(i=0; i<p->nCol; i++){
+ if( p->eContent==FTS5_CONTENT_EXTERNAL ){
+ sqlite3Fts5BufferAppendPrintf(&rc, &buf, ", T.%Q", p->azCol[i]);
+ }else{
+ sqlite3Fts5BufferAppendPrintf(&rc, &buf, ", T.c%d", i);
+ }
+ }
+ }
+
+ assert( p->zContentExprlist==0 );
+ p->zContentExprlist = (char*)buf.p;
+ return rc;
+}
+
+/*
+** Arguments nArg/azArg contain the string arguments passed to the xCreate
+** or xConnect method of the virtual table. This function attempts to
+** allocate an instance of Fts5Config containing the results of parsing
+** those arguments.
+**
+** If successful, SQLITE_OK is returned and *ppOut is set to point to the
+** new Fts5Config object. If an error occurs, an SQLite error code is
+** returned, *ppOut is set to NULL and an error message may be left in
+** *pzErr. It is the responsibility of the caller to eventually free any
+** such error message using sqlite3_free().
+*/
+static int sqlite3Fts5ConfigParse(
+ Fts5Global *pGlobal,
+ sqlite3 *db,
+ int nArg, /* Number of arguments */
+ const char **azArg, /* Array of nArg CREATE VIRTUAL TABLE args */
+ Fts5Config **ppOut, /* OUT: Results of parse */
+ char **pzErr /* OUT: Error message */
+){
+ int rc = SQLITE_OK; /* Return code */
+ Fts5Config *pRet; /* New object to return */
+ int i;
+ int nByte;
+
+ *ppOut = pRet = (Fts5Config*)sqlite3_malloc(sizeof(Fts5Config));
+ if( pRet==0 ) return SQLITE_NOMEM;
+ memset(pRet, 0, sizeof(Fts5Config));
+ pRet->db = db;
+ pRet->iCookie = -1;
+
+ nByte = nArg * (sizeof(char*) + sizeof(u8));
+ pRet->azCol = (char**)sqlite3Fts5MallocZero(&rc, nByte);
+ pRet->abUnindexed = (u8*)&pRet->azCol[nArg];
+ pRet->zDb = sqlite3Fts5Strndup(&rc, azArg[1], -1);
+ pRet->zName = sqlite3Fts5Strndup(&rc, azArg[2], -1);
+ pRet->bColumnsize = 1;
+#ifdef SQLITE_DEBUG
+ pRet->bPrefixIndex = 1;
+#endif
+ if( rc==SQLITE_OK && sqlite3_stricmp(pRet->zName, FTS5_RANK_NAME)==0 ){
+ *pzErr = sqlite3_mprintf("reserved fts5 table name: %s", pRet->zName);
+ rc = SQLITE_ERROR;
+ }
+
+ for(i=3; rc==SQLITE_OK && i<nArg; i++){
+ const char *zOrig = azArg[i];
+ const char *z;
+ char *zOne = 0;
+ char *zTwo = 0;
+ int bOption = 0;
+ int bMustBeCol = 0;
+
+ z = fts5ConfigGobbleWord(&rc, zOrig, &zOne, &bMustBeCol);
+ z = fts5ConfigSkipWhitespace(z);
+ if( z && *z=='=' ){
+ bOption = 1;
+ z++;
+ if( bMustBeCol ) z = 0;
+ }
+ z = fts5ConfigSkipWhitespace(z);
+ if( z && z[0] ){
+ int bDummy;
+ z = fts5ConfigGobbleWord(&rc, z, &zTwo, &bDummy);
+ if( z && z[0] ) z = 0;
+ }
+
+ if( rc==SQLITE_OK ){
+ if( z==0 ){
+ *pzErr = sqlite3_mprintf("parse error in \"%s\"", zOrig);
+ rc = SQLITE_ERROR;
+ }else{
+ if( bOption ){
+ rc = fts5ConfigParseSpecial(pGlobal, pRet, zOne, zTwo?zTwo:"", pzErr);
+ }else{
+ rc = fts5ConfigParseColumn(pRet, zOne, zTwo, pzErr);
+ zOne = 0;
+ }
+ }
+ }
+
+ sqlite3_free(zOne);
+ sqlite3_free(zTwo);
+ }
+
+ /* If a tokenizer= option was successfully parsed, the tokenizer has
+ ** already been allocated. Otherwise, allocate an instance of the default
+ ** tokenizer (unicode61) now. */
+ if( rc==SQLITE_OK && pRet->pTok==0 ){
+ rc = fts5ConfigDefaultTokenizer(pGlobal, pRet);
+ }
+
+ /* If no zContent option was specified, fill in the default values. */
+ if( rc==SQLITE_OK && pRet->zContent==0 ){
+ const char *zTail = 0;
+ assert( pRet->eContent==FTS5_CONTENT_NORMAL
+ || pRet->eContent==FTS5_CONTENT_NONE
+ );
+ if( pRet->eContent==FTS5_CONTENT_NORMAL ){
+ zTail = "content";
+ }else if( pRet->bColumnsize ){
+ zTail = "docsize";
+ }
+
+ if( zTail ){
+ pRet->zContent = sqlite3Fts5Mprintf(
+ &rc, "%Q.'%q_%s'", pRet->zDb, pRet->zName, zTail
+ );
+ }
+ }
+
+ if( rc==SQLITE_OK && pRet->zContentRowid==0 ){
+ pRet->zContentRowid = sqlite3Fts5Strndup(&rc, "rowid", -1);
+ }
+
+ /* Formulate the zContentExprlist text */
+ if( rc==SQLITE_OK ){
+ rc = fts5ConfigMakeExprlist(pRet);
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3Fts5ConfigFree(pRet);
+ *ppOut = 0;
+ }
+ return rc;
+}
+
+/*
+** Free the configuration object passed as the only argument.
+*/
+static void sqlite3Fts5ConfigFree(Fts5Config *pConfig){
+ if( pConfig ){
+ int i;
+ if( pConfig->pTok ){
+ pConfig->pTokApi->xDelete(pConfig->pTok);
+ }
+ sqlite3_free(pConfig->zDb);
+ sqlite3_free(pConfig->zName);
+ for(i=0; i<pConfig->nCol; i++){
+ sqlite3_free(pConfig->azCol[i]);
+ }
+ sqlite3_free(pConfig->azCol);
+ sqlite3_free(pConfig->aPrefix);
+ sqlite3_free(pConfig->zRank);
+ sqlite3_free(pConfig->zRankArgs);
+ sqlite3_free(pConfig->zContent);
+ sqlite3_free(pConfig->zContentRowid);
+ sqlite3_free(pConfig->zContentExprlist);
+ sqlite3_free(pConfig);
+ }
+}
+
+/*
+** Call sqlite3_declare_vtab() based on the contents of the configuration
+** object passed as the only argument. Return SQLITE_OK if successful, or
+** an SQLite error code if an error occurs.
+*/
+static int sqlite3Fts5ConfigDeclareVtab(Fts5Config *pConfig){
+ int i;
+ int rc = SQLITE_OK;
+ char *zSql;
+
+ zSql = sqlite3Fts5Mprintf(&rc, "CREATE TABLE x(");
+ for(i=0; zSql && i<pConfig->nCol; i++){
+ const char *zSep = (i==0?"":", ");
+ zSql = sqlite3Fts5Mprintf(&rc, "%z%s%Q", zSql, zSep, pConfig->azCol[i]);
+ }
+ zSql = sqlite3Fts5Mprintf(&rc, "%z, %Q HIDDEN, %s HIDDEN)",
+ zSql, pConfig->zName, FTS5_RANK_NAME
+ );
+
+ assert( zSql || rc==SQLITE_NOMEM );
+ if( zSql ){
+ rc = sqlite3_declare_vtab(pConfig->db, zSql);
+ sqlite3_free(zSql);
+ }
+
+ return rc;
+}
+
+/*
+** Tokenize the text passed via the second and third arguments.
+**
+** The callback is invoked once for each token in the input text. The
+** arguments passed to it are, in order:
+**
+** void *pCtx // Copy of 4th argument to sqlite3Fts5Tokenize()
+** const char *pToken // Pointer to buffer containing token
+** int nToken // Size of token in bytes
+** int iStart // Byte offset of start of token within input text
+** int iEnd // Byte offset of end of token within input text
+** int iPos // Position of token in input (first token is 0)
+**
+** If the callback returns a non-zero value the tokenization is abandoned
+** and no further callbacks are issued.
+**
+** This function returns SQLITE_OK if successful or an SQLite error code
+** if an error occurs. If the tokenization was abandoned early because
+** the callback returned SQLITE_DONE, this is not an error and this function
+** still returns SQLITE_OK. Or, if the tokenization was abandoned early
+** because the callback returned another non-zero value, it is assumed
+** to be an SQLite error code and returned to the caller.
+*/
+static int sqlite3Fts5Tokenize(
+ Fts5Config *pConfig, /* FTS5 Configuration object */
+ int flags, /* FTS5_TOKENIZE_* flags */
+ const char *pText, int nText, /* Text to tokenize */
+ void *pCtx, /* Context passed to xToken() */
+ int (*xToken)(void*, int, const char*, int, int, int) /* Callback */
+){
+ if( pText==0 ) return SQLITE_OK;
+ return pConfig->pTokApi->xTokenize(
+ pConfig->pTok, pCtx, flags, pText, nText, xToken
+ );
+}
+
+/*
+** Argument pIn points to the first character in what is expected to be
+** a comma-separated list of SQL literals followed by a ')' character.
+** If it actually is this, return a pointer to the ')'. Otherwise, return
+** NULL to indicate a parse error.
+*/
+static const char *fts5ConfigSkipArgs(const char *pIn){
+ const char *p = pIn;
+
+ while( 1 ){
+ p = fts5ConfigSkipWhitespace(p);
+ p = fts5ConfigSkipLiteral(p);
+ p = fts5ConfigSkipWhitespace(p);
+ if( p==0 || *p==')' ) break;
+ if( *p!=',' ){
+ p = 0;
+ break;
+ }
+ p++;
+ }
+
+ return p;
+}
+
+/*
+** Parameter zIn contains a rank() function specification. The format of
+** this is:
+**
+** + Bareword (function name)
+** + Open parenthesis - "("
+** + Zero or more SQL literals in a comma separated list
+** + Close parenthesis - ")"
+*/
+static int sqlite3Fts5ConfigParseRank(
+ const char *zIn, /* Input string */
+ char **pzRank, /* OUT: Rank function name */
+ char **pzRankArgs /* OUT: Rank function arguments */
+){
+ const char *p = zIn;
+ const char *pRank;
+ char *zRank = 0;
+ char *zRankArgs = 0;
+ int rc = SQLITE_OK;
+
+ *pzRank = 0;
+ *pzRankArgs = 0;
+
+ if( p==0 ){
+ rc = SQLITE_ERROR;
+ }else{
+ p = fts5ConfigSkipWhitespace(p);
+ pRank = p;
+ p = fts5ConfigSkipBareword(p);
+
+ if( p ){
+ zRank = sqlite3Fts5MallocZero(&rc, 1 + p - pRank);
+ if( zRank ) memcpy(zRank, pRank, p-pRank);
+ }else{
+ rc = SQLITE_ERROR;
+ }
+
+ if( rc==SQLITE_OK ){
+ p = fts5ConfigSkipWhitespace(p);
+ if( *p!='(' ) rc = SQLITE_ERROR;
+ p++;
+ }
+ if( rc==SQLITE_OK ){
+ const char *pArgs;
+ p = fts5ConfigSkipWhitespace(p);
+ pArgs = p;
+ if( *p!=')' ){
+ p = fts5ConfigSkipArgs(p);
+ if( p==0 ){
+ rc = SQLITE_ERROR;
+ }else{
+ zRankArgs = sqlite3Fts5MallocZero(&rc, 1 + p - pArgs);
+ if( zRankArgs ) memcpy(zRankArgs, pArgs, p-pArgs);
+ }
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(zRank);
+ assert( zRankArgs==0 );
+ }else{
+ *pzRank = zRank;
+ *pzRankArgs = zRankArgs;
+ }
+ return rc;
+}
+
+static int sqlite3Fts5ConfigSetValue(
+ Fts5Config *pConfig,
+ const char *zKey,
+ sqlite3_value *pVal,
+ int *pbBadkey
+){
+ int rc = SQLITE_OK;
+
+ if( 0==sqlite3_stricmp(zKey, "pgsz") ){
+ int pgsz = 0;
+ if( SQLITE_INTEGER==sqlite3_value_numeric_type(pVal) ){
+ pgsz = sqlite3_value_int(pVal);
+ }
+ if( pgsz<=0 || pgsz>FTS5_MAX_PAGE_SIZE ){
+ *pbBadkey = 1;
+ }else{
+ pConfig->pgsz = pgsz;
+ }
+ }
+
+ else if( 0==sqlite3_stricmp(zKey, "hashsize") ){
+ int nHashSize = -1;
+ if( SQLITE_INTEGER==sqlite3_value_numeric_type(pVal) ){
+ nHashSize = sqlite3_value_int(pVal);
+ }
+ if( nHashSize<=0 ){
+ *pbBadkey = 1;
+ }else{
+ pConfig->nHashSize = nHashSize;
+ }
+ }
+
+ else if( 0==sqlite3_stricmp(zKey, "automerge") ){
+ int nAutomerge = -1;
+ if( SQLITE_INTEGER==sqlite3_value_numeric_type(pVal) ){
+ nAutomerge = sqlite3_value_int(pVal);
+ }
+ if( nAutomerge<0 || nAutomerge>64 ){
+ *pbBadkey = 1;
+ }else{
+ if( nAutomerge==1 ) nAutomerge = FTS5_DEFAULT_AUTOMERGE;
+ pConfig->nAutomerge = nAutomerge;
+ }
+ }
+
+ else if( 0==sqlite3_stricmp(zKey, "crisismerge") ){
+ int nCrisisMerge = -1;
+ if( SQLITE_INTEGER==sqlite3_value_numeric_type(pVal) ){
+ nCrisisMerge = sqlite3_value_int(pVal);
+ }
+ if( nCrisisMerge<0 ){
+ *pbBadkey = 1;
+ }else{
+ if( nCrisisMerge<=1 ) nCrisisMerge = FTS5_DEFAULT_CRISISMERGE;
+ pConfig->nCrisisMerge = nCrisisMerge;
+ }
+ }
+
+ else if( 0==sqlite3_stricmp(zKey, "rank") ){
+ const char *zIn = (const char*)sqlite3_value_text(pVal);
+ char *zRank;
+ char *zRankArgs;
+ rc = sqlite3Fts5ConfigParseRank(zIn, &zRank, &zRankArgs);
+ if( rc==SQLITE_OK ){
+ sqlite3_free(pConfig->zRank);
+ sqlite3_free(pConfig->zRankArgs);
+ pConfig->zRank = zRank;
+ pConfig->zRankArgs = zRankArgs;
+ }else if( rc==SQLITE_ERROR ){
+ rc = SQLITE_OK;
+ *pbBadkey = 1;
+ }
+ }else{
+ *pbBadkey = 1;
+ }
+ return rc;
+}
+
+/*
+** Load the contents of the %_config table into memory.
+*/
+static int sqlite3Fts5ConfigLoad(Fts5Config *pConfig, int iCookie){
+ const char *zSelect = "SELECT k, v FROM %Q.'%q_config'";
+ char *zSql;
+ sqlite3_stmt *p = 0;
+ int rc = SQLITE_OK;
+ int iVersion = 0;
+
+ /* Set default values */
+ pConfig->pgsz = FTS5_DEFAULT_PAGE_SIZE;
+ pConfig->nAutomerge = FTS5_DEFAULT_AUTOMERGE;
+ pConfig->nCrisisMerge = FTS5_DEFAULT_CRISISMERGE;
+ pConfig->nHashSize = FTS5_DEFAULT_HASHSIZE;
+
+ zSql = sqlite3Fts5Mprintf(&rc, zSelect, pConfig->zDb, pConfig->zName);
+ if( zSql ){
+ rc = sqlite3_prepare_v2(pConfig->db, zSql, -1, &p, 0);
+ sqlite3_free(zSql);
+ }
+
+ assert( rc==SQLITE_OK || p==0 );
+ if( rc==SQLITE_OK ){
+ while( SQLITE_ROW==sqlite3_step(p) ){
+ const char *zK = (const char*)sqlite3_column_text(p, 0);
+ sqlite3_value *pVal = sqlite3_column_value(p, 1);
+ if( 0==sqlite3_stricmp(zK, "version") ){
+ iVersion = sqlite3_value_int(pVal);
+ }else{
+ int bDummy = 0;
+ sqlite3Fts5ConfigSetValue(pConfig, zK, pVal, &bDummy);
+ }
+ }
+ rc = sqlite3_finalize(p);
+ }
+
+ if( rc==SQLITE_OK && iVersion!=FTS5_CURRENT_VERSION ){
+ rc = SQLITE_ERROR;
+ if( pConfig->pzErrmsg ){
+ assert( 0==*pConfig->pzErrmsg );
+ *pConfig->pzErrmsg = sqlite3_mprintf(
+ "invalid fts5 file format (found %d, expected %d) - run 'rebuild'",
+ iVersion, FTS5_CURRENT_VERSION
+ );
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ pConfig->iCookie = iCookie;
+ }
+ return rc;
+}
+
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+*/
+
+
+
+/* #include "fts5Int.h" */
+/* #include "fts5parse.h" */
+
+/*
+** All token types in the generated fts5parse.h file are greater than 0.
+*/
+#define FTS5_EOF 0
+
+#define FTS5_LARGEST_INT64 (0xffffffff|(((i64)0x7fffffff)<<32))
+
+typedef struct Fts5ExprTerm Fts5ExprTerm;
+
+/*
+** Functions generated by lemon from fts5parse.y.
+*/
+static void *sqlite3Fts5ParserAlloc(void *(*mallocProc)(u64));
+static void sqlite3Fts5ParserFree(void*, void (*freeProc)(void*));
+static void sqlite3Fts5Parser(void*, int, Fts5Token, Fts5Parse*);
+#ifndef NDEBUG
+/* #include <stdio.h> */
+static void sqlite3Fts5ParserTrace(FILE*, char*);
+#endif
+
+
+struct Fts5Expr {
+ Fts5Index *pIndex;
+ Fts5ExprNode *pRoot;
+ int bDesc; /* Iterate in descending rowid order */
+ int nPhrase; /* Number of phrases in expression */
+ Fts5ExprPhrase **apExprPhrase; /* Pointers to phrase objects */
+};
+
+/*
+** eType:
+** Expression node type. Always one of:
+**
+** FTS5_AND (nChild, apChild valid)
+** FTS5_OR (nChild, apChild valid)
+** FTS5_NOT (nChild, apChild valid)
+** FTS5_STRING (pNear valid)
+** FTS5_TERM (pNear valid)
+*/
+struct Fts5ExprNode {
+ int eType; /* Node type */
+ int bEof; /* True at EOF */
+ int bNomatch; /* True if entry is not a match */
+
+ i64 iRowid; /* Current rowid */
+ Fts5ExprNearset *pNear; /* For FTS5_STRING - cluster of phrases */
+
+ /* Child nodes. For a NOT node, this array always contains 2 entries. For
+ ** AND or OR nodes, it contains 2 or more entries. */
+ int nChild; /* Number of child nodes */
+ Fts5ExprNode *apChild[1]; /* Array of child nodes */
+};
+
+#define Fts5NodeIsString(p) ((p)->eType==FTS5_TERM || (p)->eType==FTS5_STRING)
+
+/*
+** An instance of the following structure represents a single search term
+** or term prefix.
+*/
+struct Fts5ExprTerm {
+ int bPrefix; /* True for a prefix term */
+ char *zTerm; /* nul-terminated term */
+ Fts5IndexIter *pIter; /* Iterator for this term */
+ Fts5ExprTerm *pSynonym; /* Pointer to first in list of synonyms */
+};
+
+/*
+** A phrase. One or more terms that must appear in a contiguous sequence
+** within a document for it to match.
+*/
+struct Fts5ExprPhrase {
+ Fts5ExprNode *pNode; /* FTS5_STRING node this phrase is part of */
+ Fts5Buffer poslist; /* Current position list */
+ int nTerm; /* Number of entries in aTerm[] */
+ Fts5ExprTerm aTerm[1]; /* Terms that make up this phrase */
+};
+
+/*
+** One or more phrases that must appear within a certain token distance of
+** each other within each matching document.
+*/
+struct Fts5ExprNearset {
+ int nNear; /* NEAR parameter */
+ Fts5Colset *pColset; /* Columns to search (NULL -> all columns) */
+ int nPhrase; /* Number of entries in aPhrase[] array */
+ Fts5ExprPhrase *apPhrase[1]; /* Array of phrase pointers */
+};
+
+
+/*
+** Parse context.
+*/
+struct Fts5Parse {
+ Fts5Config *pConfig;
+ char *zErr;
+ int rc;
+ int nPhrase; /* Size of apPhrase array */
+ Fts5ExprPhrase **apPhrase; /* Array of all phrases */
+ Fts5ExprNode *pExpr; /* Result of a successful parse */
+};
+
+static void sqlite3Fts5ParseError(Fts5Parse *pParse, const char *zFmt, ...){
+ va_list ap;
+ va_start(ap, zFmt);
+ if( pParse->rc==SQLITE_OK ){
+ pParse->zErr = sqlite3_vmprintf(zFmt, ap);
+ pParse->rc = SQLITE_ERROR;
+ }
+ va_end(ap);
+}
+
+static int fts5ExprIsspace(char t){
+ return t==' ' || t=='\t' || t=='\n' || t=='\r';
+}
+
+/*
+** Read the first token from the nul-terminated string at *pz.
+*/
+static int fts5ExprGetToken(
+ Fts5Parse *pParse,
+ const char **pz, /* IN/OUT: Pointer into buffer */
+ Fts5Token *pToken
+){
+ const char *z = *pz;
+ int tok;
+
+ /* Skip past any whitespace */
+ while( fts5ExprIsspace(*z) ) z++;
+
+ pToken->p = z;
+ pToken->n = 1;
+ switch( *z ){
+ case '(': tok = FTS5_LP; break;
+ case ')': tok = FTS5_RP; break;
+ case '{': tok = FTS5_LCP; break;
+ case '}': tok = FTS5_RCP; break;
+ case ':': tok = FTS5_COLON; break;
+ case ',': tok = FTS5_COMMA; break;
+ case '+': tok = FTS5_PLUS; break;
+ case '*': tok = FTS5_STAR; break;
+ case '\0': tok = FTS5_EOF; break;
+
+ case '"': {
+ const char *z2;
+ tok = FTS5_STRING;
+
+ for(z2=&z[1]; 1; z2++){
+ if( z2[0]=='"' ){
+ z2++;
+ if( z2[0]!='"' ) break;
+ }
+ if( z2[0]=='\0' ){
+ sqlite3Fts5ParseError(pParse, "unterminated string");
+ return FTS5_EOF;
+ }
+ }
+ pToken->n = (z2 - z);
+ break;
+ }
+
+ default: {
+ const char *z2;
+ if( sqlite3Fts5IsBareword(z[0])==0 ){
+ sqlite3Fts5ParseError(pParse, "fts5: syntax error near \"%.1s\"", z);
+ return FTS5_EOF;
+ }
+ tok = FTS5_STRING;
+ for(z2=&z[1]; sqlite3Fts5IsBareword(*z2); z2++);
+ pToken->n = (z2 - z);
+ if( pToken->n==2 && memcmp(pToken->p, "OR", 2)==0 ) tok = FTS5_OR;
+ if( pToken->n==3 && memcmp(pToken->p, "NOT", 3)==0 ) tok = FTS5_NOT;
+ if( pToken->n==3 && memcmp(pToken->p, "AND", 3)==0 ) tok = FTS5_AND;
+ break;
+ }
+ }
+
+ *pz = &pToken->p[pToken->n];
+ return tok;
+}
+
+static void *fts5ParseAlloc(u64 t){ return sqlite3_malloc((int)t); }
+static void fts5ParseFree(void *p){ sqlite3_free(p); }
+
+static int sqlite3Fts5ExprNew(
+ Fts5Config *pConfig, /* FTS5 Configuration */
+ const char *zExpr, /* Expression text */
+ Fts5Expr **ppNew,
+ char **pzErr
+){
+ Fts5Parse sParse;
+ Fts5Token token;
+ const char *z = zExpr;
+ int t; /* Next token type */
+ void *pEngine;
+ Fts5Expr *pNew;
+
+ *ppNew = 0;
+ *pzErr = 0;
+ memset(&sParse, 0, sizeof(sParse));
+ pEngine = sqlite3Fts5ParserAlloc(fts5ParseAlloc);
+ if( pEngine==0 ){ return SQLITE_NOMEM; }
+ sParse.pConfig = pConfig;
+
+ do {
+ t = fts5ExprGetToken(&sParse, &z, &token);
+ sqlite3Fts5Parser(pEngine, t, token, &sParse);
+ }while( sParse.rc==SQLITE_OK && t!=FTS5_EOF );
+ sqlite3Fts5ParserFree(pEngine, fts5ParseFree);
+
+ assert( sParse.rc!=SQLITE_OK || sParse.zErr==0 );
+ if( sParse.rc==SQLITE_OK ){
+ *ppNew = pNew = sqlite3_malloc(sizeof(Fts5Expr));
+ if( pNew==0 ){
+ sParse.rc = SQLITE_NOMEM;
+ sqlite3Fts5ParseNodeFree(sParse.pExpr);
+ }else{
+ pNew->pRoot = sParse.pExpr;
+ pNew->pIndex = 0;
+ pNew->apExprPhrase = sParse.apPhrase;
+ pNew->nPhrase = sParse.nPhrase;
+ sParse.apPhrase = 0;
+ }
+ }
+
+ sqlite3_free(sParse.apPhrase);
+ *pzErr = sParse.zErr;
+ return sParse.rc;
+}
+
+/*
+** Free the expression node object passed as the only argument.
+*/
+static void sqlite3Fts5ParseNodeFree(Fts5ExprNode *p){
+ if( p ){
+ int i;
+ for(i=0; i<p->nChild; i++){
+ sqlite3Fts5ParseNodeFree(p->apChild[i]);
+ }
+ sqlite3Fts5ParseNearsetFree(p->pNear);
+ sqlite3_free(p);
+ }
+}
+
+/*
+** Free the expression object passed as the only argument.
+*/
+static void sqlite3Fts5ExprFree(Fts5Expr *p){
+ if( p ){
+ sqlite3Fts5ParseNodeFree(p->pRoot);
+ sqlite3_free(p->apExprPhrase);
+ sqlite3_free(p);
+ }
+}
+
+/*
+** Argument pTerm must be a synonym iterator. Return the current rowid
+** that it points to.
+*/
+static i64 fts5ExprSynonymRowid(Fts5ExprTerm *pTerm, int bDesc, int *pbEof){
+ i64 iRet = 0;
+ int bRetValid = 0;
+ Fts5ExprTerm *p;
+
+ assert( pTerm->pSynonym );
+ assert( bDesc==0 || bDesc==1 );
+ for(p=pTerm; p; p=p->pSynonym){
+ if( 0==sqlite3Fts5IterEof(p->pIter) ){
+ i64 iRowid = sqlite3Fts5IterRowid(p->pIter);
+ if( bRetValid==0 || (bDesc!=(iRowid<iRet)) ){
+ iRet = iRowid;
+ bRetValid = 1;
+ }
+ }
+ }
+
+ if( pbEof && bRetValid==0 ) *pbEof = 1;
+ return iRet;
+}
+
+/*
+** Argument pTerm must be a synonym iterator.
+*/
+static int fts5ExprSynonymPoslist(
+ Fts5ExprTerm *pTerm,
+ Fts5Colset *pColset,
+ i64 iRowid,
+ int *pbDel, /* OUT: Caller should sqlite3_free(*pa) */
+ u8 **pa, int *pn
+){
+ Fts5PoslistReader aStatic[4];
+ Fts5PoslistReader *aIter = aStatic;
+ int nIter = 0;
+ int nAlloc = 4;
+ int rc = SQLITE_OK;
+ Fts5ExprTerm *p;
+
+ assert( pTerm->pSynonym );
+ for(p=pTerm; p; p=p->pSynonym){
+ Fts5IndexIter *pIter = p->pIter;
+ if( sqlite3Fts5IterEof(pIter)==0 && sqlite3Fts5IterRowid(pIter)==iRowid ){
+ const u8 *a;
+ int n;
+ i64 dummy;
+ rc = sqlite3Fts5IterPoslist(pIter, pColset, &a, &n, &dummy);
+ if( rc!=SQLITE_OK ) goto synonym_poslist_out;
+ if( nIter==nAlloc ){
+ int nByte = sizeof(Fts5PoslistReader) * nAlloc * 2;
+ Fts5PoslistReader *aNew = (Fts5PoslistReader*)sqlite3_malloc(nByte);
+ if( aNew==0 ){
+ rc = SQLITE_NOMEM;
+ goto synonym_poslist_out;
+ }
+ memcpy(aNew, aIter, sizeof(Fts5PoslistReader) * nIter);
+ nAlloc = nAlloc*2;
+ if( aIter!=aStatic ) sqlite3_free(aIter);
+ aIter = aNew;
+ }
+ sqlite3Fts5PoslistReaderInit(a, n, &aIter[nIter]);
+ assert( aIter[nIter].bEof==0 );
+ nIter++;
+ }
+ }
+
+ assert( *pbDel==0 );
+ if( nIter==1 ){
+ *pa = (u8*)aIter[0].a;
+ *pn = aIter[0].n;
+ }else{
+ Fts5PoslistWriter writer = {0};
+ Fts5Buffer buf = {0,0,0};
+ i64 iPrev = -1;
+ while( 1 ){
+ int i;
+ i64 iMin = FTS5_LARGEST_INT64;
+ for(i=0; i<nIter; i++){
+ if( aIter[i].bEof==0 ){
+ if( aIter[i].iPos==iPrev ){
+ if( sqlite3Fts5PoslistReaderNext(&aIter[i]) ) continue;
+ }
+ if( aIter[i].iPos<iMin ){
+ iMin = aIter[i].iPos;
+ }
+ }
+ }
+ if( iMin==FTS5_LARGEST_INT64 || rc!=SQLITE_OK ) break;
+ rc = sqlite3Fts5PoslistWriterAppend(&buf, &writer, iMin);
+ iPrev = iMin;
+ }
+ if( rc ){
+ sqlite3_free(buf.p);
+ }else{
+ *pa = buf.p;
+ *pn = buf.n;
+ *pbDel = 1;
+ }
+ }
+
+ synonym_poslist_out:
+ if( aIter!=aStatic ) sqlite3_free(aIter);
+ return rc;
+}
+
+
+/*
+** All individual term iterators in pPhrase are guaranteed to be valid and
+** pointing to the same rowid when this function is called. This function
+** checks if the current rowid really is a match, and if so populates
+** the pPhrase->poslist buffer accordingly. Output parameter *pbMatch
+** is set to true if this is really a match, or false otherwise.
+**
+** SQLITE_OK is returned if an error occurs, or an SQLite error code
+** otherwise. It is not considered an error code if the current rowid is
+** not a match.
+*/
+static int fts5ExprPhraseIsMatch(
+ Fts5ExprNode *pNode, /* Node pPhrase belongs to */
+ Fts5Colset *pColset, /* Restrict matches to these columns */
+ Fts5ExprPhrase *pPhrase, /* Phrase object to initialize */
+ int *pbMatch /* OUT: Set to true if really a match */
+){
+ Fts5PoslistWriter writer = {0};
+ Fts5PoslistReader aStatic[4];
+ Fts5PoslistReader *aIter = aStatic;
+ int i;
+ int rc = SQLITE_OK;
+
+ fts5BufferZero(&pPhrase->poslist);
+
+ /* If the aStatic[] array is not large enough, allocate a large array
+ ** using sqlite3_malloc(). This approach could be improved upon. */
+ if( pPhrase->nTerm>(int)ArraySize(aStatic) ){
+ int nByte = sizeof(Fts5PoslistReader) * pPhrase->nTerm;
+ aIter = (Fts5PoslistReader*)sqlite3_malloc(nByte);
+ if( !aIter ) return SQLITE_NOMEM;
+ }
+ memset(aIter, 0, sizeof(Fts5PoslistReader) * pPhrase->nTerm);
+
+ /* Initialize a term iterator for each term in the phrase */
+ for(i=0; i<pPhrase->nTerm; i++){
+ Fts5ExprTerm *pTerm = &pPhrase->aTerm[i];
+ i64 dummy;
+ int n = 0;
+ int bFlag = 0;
+ const u8 *a = 0;
+ if( pTerm->pSynonym ){
+ rc = fts5ExprSynonymPoslist(
+ pTerm, pColset, pNode->iRowid, &bFlag, (u8**)&a, &n
+ );
+ }else{
+ rc = sqlite3Fts5IterPoslist(pTerm->pIter, pColset, &a, &n, &dummy);
+ }
+ if( rc!=SQLITE_OK ) goto ismatch_out;
+ sqlite3Fts5PoslistReaderInit(a, n, &aIter[i]);
+ aIter[i].bFlag = (u8)bFlag;
+ if( aIter[i].bEof ) goto ismatch_out;
+ }
+
+ while( 1 ){
+ int bMatch;
+ i64 iPos = aIter[0].iPos;
+ do {
+ bMatch = 1;
+ for(i=0; i<pPhrase->nTerm; i++){
+ Fts5PoslistReader *pPos = &aIter[i];
+ i64 iAdj = iPos + i;
+ if( pPos->iPos!=iAdj ){
+ bMatch = 0;
+ while( pPos->iPos<iAdj ){
+ if( sqlite3Fts5PoslistReaderNext(pPos) ) goto ismatch_out;
+ }
+ if( pPos->iPos>iAdj ) iPos = pPos->iPos-i;
+ }
+ }
+ }while( bMatch==0 );
+
+ /* Append position iPos to the output */
+ rc = sqlite3Fts5PoslistWriterAppend(&pPhrase->poslist, &writer, iPos);
+ if( rc!=SQLITE_OK ) goto ismatch_out;
+
+ for(i=0; i<pPhrase->nTerm; i++){
+ if( sqlite3Fts5PoslistReaderNext(&aIter[i]) ) goto ismatch_out;
+ }
+ }
+
+ ismatch_out:
+ *pbMatch = (pPhrase->poslist.n>0);
+ for(i=0; i<pPhrase->nTerm; i++){
+ if( aIter[i].bFlag ) sqlite3_free((u8*)aIter[i].a);
+ }
+ if( aIter!=aStatic ) sqlite3_free(aIter);
+ return rc;
+}
+
+typedef struct Fts5LookaheadReader Fts5LookaheadReader;
+struct Fts5LookaheadReader {
+ const u8 *a; /* Buffer containing position list */
+ int n; /* Size of buffer a[] in bytes */
+ int i; /* Current offset in position list */
+ i64 iPos; /* Current position */
+ i64 iLookahead; /* Next position */
+};
+
+#define FTS5_LOOKAHEAD_EOF (((i64)1) << 62)
+
+static int fts5LookaheadReaderNext(Fts5LookaheadReader *p){
+ p->iPos = p->iLookahead;
+ if( sqlite3Fts5PoslistNext64(p->a, p->n, &p->i, &p->iLookahead) ){
+ p->iLookahead = FTS5_LOOKAHEAD_EOF;
+ }
+ return (p->iPos==FTS5_LOOKAHEAD_EOF);
+}
+
+static int fts5LookaheadReaderInit(
+ const u8 *a, int n, /* Buffer to read position list from */
+ Fts5LookaheadReader *p /* Iterator object to initialize */
+){
+ memset(p, 0, sizeof(Fts5LookaheadReader));
+ p->a = a;
+ p->n = n;
+ fts5LookaheadReaderNext(p);
+ return fts5LookaheadReaderNext(p);
+}
+
+#if 0
+static int fts5LookaheadReaderEof(Fts5LookaheadReader *p){
+ return (p->iPos==FTS5_LOOKAHEAD_EOF);
+}
+#endif
+
+typedef struct Fts5NearTrimmer Fts5NearTrimmer;
+struct Fts5NearTrimmer {
+ Fts5LookaheadReader reader; /* Input iterator */
+ Fts5PoslistWriter writer; /* Writer context */
+ Fts5Buffer *pOut; /* Output poslist */
+};
+
+/*
+** The near-set object passed as the first argument contains more than
+** one phrase. All phrases currently point to the same row. The
+** Fts5ExprPhrase.poslist buffers are populated accordingly. This function
+** tests if the current row contains instances of each phrase sufficiently
+** close together to meet the NEAR constraint. Non-zero is returned if it
+** does, or zero otherwise.
+**
+** If in/out parameter (*pRc) is set to other than SQLITE_OK when this
+** function is called, it is a no-op. Or, if an error (e.g. SQLITE_NOMEM)
+** occurs within this function (*pRc) is set accordingly before returning.
+** The return value is undefined in both these cases.
+**
+** If no error occurs and non-zero (a match) is returned, the position-list
+** of each phrase object is edited to contain only those entries that
+** meet the constraint before returning.
+*/
+static int fts5ExprNearIsMatch(int *pRc, Fts5ExprNearset *pNear){
+ Fts5NearTrimmer aStatic[4];
+ Fts5NearTrimmer *a = aStatic;
+ Fts5ExprPhrase **apPhrase = pNear->apPhrase;
+
+ int i;
+ int rc = *pRc;
+ int bMatch;
+
+ assert( pNear->nPhrase>1 );
+
+ /* If the aStatic[] array is not large enough, allocate a large array
+ ** using sqlite3_malloc(). This approach could be improved upon. */
+ if( pNear->nPhrase>(int)ArraySize(aStatic) ){
+ int nByte = sizeof(Fts5NearTrimmer) * pNear->nPhrase;
+ a = (Fts5NearTrimmer*)sqlite3Fts5MallocZero(&rc, nByte);
+ }else{
+ memset(aStatic, 0, sizeof(aStatic));
+ }
+ if( rc!=SQLITE_OK ){
+ *pRc = rc;
+ return 0;
+ }
+
+ /* Initialize a lookahead iterator for each phrase. After passing the
+ ** buffer and buffer size to the lookaside-reader init function, zero
+ ** the phrase poslist buffer. The new poslist for the phrase (containing
+ ** the same entries as the original with some entries removed on account
+ ** of the NEAR constraint) is written over the original even as it is
+ ** being read. This is safe as the entries for the new poslist are a
+ ** subset of the old, so it is not possible for data yet to be read to
+ ** be overwritten. */
+ for(i=0; i<pNear->nPhrase; i++){
+ Fts5Buffer *pPoslist = &apPhrase[i]->poslist;
+ fts5LookaheadReaderInit(pPoslist->p, pPoslist->n, &a[i].reader);
+ pPoslist->n = 0;
+ a[i].pOut = pPoslist;
+ }
+
+ while( 1 ){
+ int iAdv;
+ i64 iMin;
+ i64 iMax;
+
+ /* This block advances the phrase iterators until they point to a set of
+ ** entries that together comprise a match. */
+ iMax = a[0].reader.iPos;
+ do {
+ bMatch = 1;
+ for(i=0; i<pNear->nPhrase; i++){
+ Fts5LookaheadReader *pPos = &a[i].reader;
+ iMin = iMax - pNear->apPhrase[i]->nTerm - pNear->nNear;
+ if( pPos->iPos<iMin || pPos->iPos>iMax ){
+ bMatch = 0;
+ while( pPos->iPos<iMin ){
+ if( fts5LookaheadReaderNext(pPos) ) goto ismatch_out;
+ }
+ if( pPos->iPos>iMax ) iMax = pPos->iPos;
+ }
+ }
+ }while( bMatch==0 );
+
+ /* Add an entry to each output position list */
+ for(i=0; i<pNear->nPhrase; i++){
+ i64 iPos = a[i].reader.iPos;
+ Fts5PoslistWriter *pWriter = &a[i].writer;
+ if( a[i].pOut->n==0 || iPos!=pWriter->iPrev ){
+ sqlite3Fts5PoslistWriterAppend(a[i].pOut, pWriter, iPos);
+ }
+ }
+
+ iAdv = 0;
+ iMin = a[0].reader.iLookahead;
+ for(i=0; i<pNear->nPhrase; i++){
+ if( a[i].reader.iLookahead < iMin ){
+ iMin = a[i].reader.iLookahead;
+ iAdv = i;
+ }
+ }
+ if( fts5LookaheadReaderNext(&a[iAdv].reader) ) goto ismatch_out;
+ }
+
+ ismatch_out: {
+ int bRet = a[0].pOut->n>0;
+ *pRc = rc;
+ if( a!=aStatic ) sqlite3_free(a);
+ return bRet;
+ }
+}
+
+/*
+** Advance the first term iterator in the first phrase of pNear. Set output
+** variable *pbEof to true if it reaches EOF or if an error occurs.
+**
+** Return SQLITE_OK if successful, or an SQLite error code if an error
+** occurs.
+*/
+static int fts5ExprNearAdvanceFirst(
+ Fts5Expr *pExpr, /* Expression pPhrase belongs to */
+ Fts5ExprNode *pNode, /* FTS5_STRING or FTS5_TERM node */
+ int bFromValid,
+ i64 iFrom
+){
+ Fts5ExprTerm *pTerm = &pNode->pNear->apPhrase[0]->aTerm[0];
+ int rc = SQLITE_OK;
+
+ if( pTerm->pSynonym ){
+ int bEof = 1;
+ Fts5ExprTerm *p;
+
+ /* Find the firstest rowid any synonym points to. */
+ i64 iRowid = fts5ExprSynonymRowid(pTerm, pExpr->bDesc, 0);
+
+ /* Advance each iterator that currently points to iRowid. Or, if iFrom
+ ** is valid - each iterator that points to a rowid before iFrom. */
+ for(p=pTerm; p; p=p->pSynonym){
+ if( sqlite3Fts5IterEof(p->pIter)==0 ){
+ i64 ii = sqlite3Fts5IterRowid(p->pIter);
+ if( ii==iRowid
+ || (bFromValid && ii!=iFrom && (ii>iFrom)==pExpr->bDesc)
+ ){
+ if( bFromValid ){
+ rc = sqlite3Fts5IterNextFrom(p->pIter, iFrom);
+ }else{
+ rc = sqlite3Fts5IterNext(p->pIter);
+ }
+ if( rc!=SQLITE_OK ) break;
+ if( sqlite3Fts5IterEof(p->pIter)==0 ){
+ bEof = 0;
+ }
+ }else{
+ bEof = 0;
+ }
+ }
+ }
+
+ /* Set the EOF flag if either all synonym iterators are at EOF or an
+ ** error has occurred. */
+ pNode->bEof = (rc || bEof);
+ }else{
+ Fts5IndexIter *pIter = pTerm->pIter;
+
+ assert( Fts5NodeIsString(pNode) );
+ if( bFromValid ){
+ rc = sqlite3Fts5IterNextFrom(pIter, iFrom);
+ }else{
+ rc = sqlite3Fts5IterNext(pIter);
+ }
+
+ pNode->bEof = (rc || sqlite3Fts5IterEof(pIter));
+ }
+
+ return rc;
+}
+
+/*
+** Advance iterator pIter until it points to a value equal to or laster
+** than the initial value of *piLast. If this means the iterator points
+** to a value laster than *piLast, update *piLast to the new lastest value.
+**
+** If the iterator reaches EOF, set *pbEof to true before returning. If
+** an error occurs, set *pRc to an error code. If either *pbEof or *pRc
+** are set, return a non-zero value. Otherwise, return zero.
+*/
+static int fts5ExprAdvanceto(
+ Fts5IndexIter *pIter, /* Iterator to advance */
+ int bDesc, /* True if iterator is "rowid DESC" */
+ i64 *piLast, /* IN/OUT: Lastest rowid seen so far */
+ int *pRc, /* OUT: Error code */
+ int *pbEof /* OUT: Set to true if EOF */
+){
+ i64 iLast = *piLast;
+ i64 iRowid;
+
+ iRowid = sqlite3Fts5IterRowid(pIter);
+ if( (bDesc==0 && iLast>iRowid) || (bDesc && iLast<iRowid) ){
+ int rc = sqlite3Fts5IterNextFrom(pIter, iLast);
+ if( rc || sqlite3Fts5IterEof(pIter) ){
+ *pRc = rc;
+ *pbEof = 1;
+ return 1;
+ }
+ iRowid = sqlite3Fts5IterRowid(pIter);
+ assert( (bDesc==0 && iRowid>=iLast) || (bDesc==1 && iRowid<=iLast) );
+ }
+ *piLast = iRowid;
+
+ return 0;
+}
+
+static int fts5ExprSynonymAdvanceto(
+ Fts5ExprTerm *pTerm, /* Term iterator to advance */
+ int bDesc, /* True if iterator is "rowid DESC" */
+ i64 *piLast, /* IN/OUT: Lastest rowid seen so far */
+ int *pRc /* OUT: Error code */
+){
+ int rc = SQLITE_OK;
+ i64 iLast = *piLast;
+ Fts5ExprTerm *p;
+ int bEof = 0;
+
+ for(p=pTerm; rc==SQLITE_OK && p; p=p->pSynonym){
+ if( sqlite3Fts5IterEof(p->pIter)==0 ){
+ i64 iRowid = sqlite3Fts5IterRowid(p->pIter);
+ if( (bDesc==0 && iLast>iRowid) || (bDesc && iLast<iRowid) ){
+ rc = sqlite3Fts5IterNextFrom(p->pIter, iLast);
+ }
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ *pRc = rc;
+ bEof = 1;
+ }else{
+ *piLast = fts5ExprSynonymRowid(pTerm, bDesc, &bEof);
+ }
+ return bEof;
+}
+
+
+static int fts5ExprNearTest(
+ int *pRc,
+ Fts5Expr *pExpr, /* Expression that pNear is a part of */
+ Fts5ExprNode *pNode /* The "NEAR" node (FTS5_STRING) */
+){
+ Fts5ExprNearset *pNear = pNode->pNear;
+ int rc = *pRc;
+ int i;
+
+ /* Check that each phrase in the nearset matches the current row.
+ ** Populate the pPhrase->poslist buffers at the same time. If any
+ ** phrase is not a match, break out of the loop early. */
+ for(i=0; rc==SQLITE_OK && i<pNear->nPhrase; i++){
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[i];
+ if( pPhrase->nTerm>1 || pPhrase->aTerm[0].pSynonym || pNear->pColset ){
+ int bMatch = 0;
+ rc = fts5ExprPhraseIsMatch(pNode, pNear->pColset, pPhrase, &bMatch);
+ if( bMatch==0 ) break;
+ }else{
+ rc = sqlite3Fts5IterPoslistBuffer(
+ pPhrase->aTerm[0].pIter, &pPhrase->poslist
+ );
+ }
+ }
+
+ *pRc = rc;
+ if( i==pNear->nPhrase && (i==1 || fts5ExprNearIsMatch(pRc, pNear)) ){
+ return 1;
+ }
+
+ return 0;
+}
+
+static int fts5ExprTokenTest(
+ Fts5Expr *pExpr, /* Expression that pNear is a part of */
+ Fts5ExprNode *pNode /* The "NEAR" node (FTS5_TERM) */
+){
+ /* As this "NEAR" object is actually a single phrase that consists
+ ** of a single term only, grab pointers into the poslist managed by the
+ ** fts5_index.c iterator object. This is much faster than synthesizing
+ ** a new poslist the way we have to for more complicated phrase or NEAR
+ ** expressions. */
+ Fts5ExprNearset *pNear = pNode->pNear;
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[0];
+ Fts5IndexIter *pIter = pPhrase->aTerm[0].pIter;
+ Fts5Colset *pColset = pNear->pColset;
+ int rc;
+
+ assert( pNode->eType==FTS5_TERM );
+ assert( pNear->nPhrase==1 && pPhrase->nTerm==1 );
+ assert( pPhrase->aTerm[0].pSynonym==0 );
+
+ rc = sqlite3Fts5IterPoslist(pIter, pColset,
+ (const u8**)&pPhrase->poslist.p, &pPhrase->poslist.n, &pNode->iRowid
+ );
+ pNode->bNomatch = (pPhrase->poslist.n==0);
+ return rc;
+}
+
+/*
+** All individual term iterators in pNear are guaranteed to be valid when
+** this function is called. This function checks if all term iterators
+** point to the same rowid, and if not, advances them until they do.
+** If an EOF is reached before this happens, *pbEof is set to true before
+** returning.
+**
+** SQLITE_OK is returned if an error occurs, or an SQLite error code
+** otherwise. It is not considered an error code if an iterator reaches
+** EOF.
+*/
+static int fts5ExprNearNextMatch(
+ Fts5Expr *pExpr, /* Expression pPhrase belongs to */
+ Fts5ExprNode *pNode
+){
+ Fts5ExprNearset *pNear = pNode->pNear;
+ Fts5ExprPhrase *pLeft = pNear->apPhrase[0];
+ int rc = SQLITE_OK;
+ i64 iLast; /* Lastest rowid any iterator points to */
+ int i, j; /* Phrase and token index, respectively */
+ int bMatch; /* True if all terms are at the same rowid */
+ const int bDesc = pExpr->bDesc;
+
+ /* Check that this node should not be FTS5_TERM */
+ assert( pNear->nPhrase>1
+ || pNear->apPhrase[0]->nTerm>1
+ || pNear->apPhrase[0]->aTerm[0].pSynonym
+ );
+
+ /* Initialize iLast, the "lastest" rowid any iterator points to. If the
+ ** iterator skips through rowids in the default ascending order, this means
+ ** the maximum rowid. Or, if the iterator is "ORDER BY rowid DESC", then it
+ ** means the minimum rowid. */
+ if( pLeft->aTerm[0].pSynonym ){
+ iLast = fts5ExprSynonymRowid(&pLeft->aTerm[0], bDesc, 0);
+ }else{
+ iLast = sqlite3Fts5IterRowid(pLeft->aTerm[0].pIter);
+ }
+
+ do {
+ bMatch = 1;
+ for(i=0; i<pNear->nPhrase; i++){
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[i];
+ for(j=0; j<pPhrase->nTerm; j++){
+ Fts5ExprTerm *pTerm = &pPhrase->aTerm[j];
+ if( pTerm->pSynonym ){
+ i64 iRowid = fts5ExprSynonymRowid(pTerm, bDesc, 0);
+ if( iRowid==iLast ) continue;
+ bMatch = 0;
+ if( fts5ExprSynonymAdvanceto(pTerm, bDesc, &iLast, &rc) ){
+ pNode->bEof = 1;
+ return rc;
+ }
+ }else{
+ Fts5IndexIter *pIter = pPhrase->aTerm[j].pIter;
+ i64 iRowid = sqlite3Fts5IterRowid(pIter);
+ if( iRowid==iLast ) continue;
+ bMatch = 0;
+ if( fts5ExprAdvanceto(pIter, bDesc, &iLast, &rc, &pNode->bEof) ){
+ return rc;
+ }
+ }
+ }
+ }
+ }while( bMatch==0 );
+
+ pNode->iRowid = iLast;
+ pNode->bNomatch = (0==fts5ExprNearTest(&rc, pExpr, pNode));
+
+ return rc;
+}
+
+/*
+** Initialize all term iterators in the pNear object. If any term is found
+** to match no documents at all, return immediately without initializing any
+** further iterators.
+*/
+static int fts5ExprNearInitAll(
+ Fts5Expr *pExpr,
+ Fts5ExprNode *pNode
+){
+ Fts5ExprNearset *pNear = pNode->pNear;
+ int i, j;
+ int rc = SQLITE_OK;
+
+ for(i=0; rc==SQLITE_OK && i<pNear->nPhrase; i++){
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[i];
+ for(j=0; j<pPhrase->nTerm; j++){
+ Fts5ExprTerm *pTerm = &pPhrase->aTerm[j];
+ Fts5ExprTerm *p;
+ int bEof = 1;
+
+ for(p=pTerm; p && rc==SQLITE_OK; p=p->pSynonym){
+ if( p->pIter ){
+ sqlite3Fts5IterClose(p->pIter);
+ p->pIter = 0;
+ }
+ rc = sqlite3Fts5IndexQuery(
+ pExpr->pIndex, p->zTerm, (int)strlen(p->zTerm),
+ (pTerm->bPrefix ? FTS5INDEX_QUERY_PREFIX : 0) |
+ (pExpr->bDesc ? FTS5INDEX_QUERY_DESC : 0),
+ pNear->pColset,
+ &p->pIter
+ );
+ assert( rc==SQLITE_OK || p->pIter==0 );
+ if( p->pIter && 0==sqlite3Fts5IterEof(p->pIter) ){
+ bEof = 0;
+ }
+ }
+
+ if( bEof ){
+ pNode->bEof = 1;
+ return rc;
+ }
+ }
+ }
+
+ return rc;
+}
+
+/* fts5ExprNodeNext() calls fts5ExprNodeNextMatch(). And vice-versa. */
+static int fts5ExprNodeNextMatch(Fts5Expr*, Fts5ExprNode*);
+
+
+/*
+** If pExpr is an ASC iterator, this function returns a value with the
+** same sign as:
+**
+** (iLhs - iRhs)
+**
+** Otherwise, if this is a DESC iterator, the opposite is returned:
+**
+** (iRhs - iLhs)
+*/
+static int fts5RowidCmp(
+ Fts5Expr *pExpr,
+ i64 iLhs,
+ i64 iRhs
+){
+ assert( pExpr->bDesc==0 || pExpr->bDesc==1 );
+ if( pExpr->bDesc==0 ){
+ if( iLhs<iRhs ) return -1;
+ return (iLhs > iRhs);
+ }else{
+ if( iLhs>iRhs ) return -1;
+ return (iLhs < iRhs);
+ }
+}
+
+static void fts5ExprSetEof(Fts5ExprNode *pNode){
+ int i;
+ pNode->bEof = 1;
+ for(i=0; i<pNode->nChild; i++){
+ fts5ExprSetEof(pNode->apChild[i]);
+ }
+}
+
+static void fts5ExprNodeZeroPoslist(Fts5ExprNode *pNode){
+ if( pNode->eType==FTS5_STRING || pNode->eType==FTS5_TERM ){
+ Fts5ExprNearset *pNear = pNode->pNear;
+ int i;
+ for(i=0; i<pNear->nPhrase; i++){
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[i];
+ pPhrase->poslist.n = 0;
+ }
+ }else{
+ int i;
+ for(i=0; i<pNode->nChild; i++){
+ fts5ExprNodeZeroPoslist(pNode->apChild[i]);
+ }
+ }
+}
+
+
+static int fts5ExprNodeNext(Fts5Expr*, Fts5ExprNode*, int, i64);
+
+/*
+** Argument pNode is an FTS5_AND node.
+*/
+static int fts5ExprAndNextRowid(
+ Fts5Expr *pExpr, /* Expression pPhrase belongs to */
+ Fts5ExprNode *pAnd /* FTS5_AND node to advance */
+){
+ int iChild;
+ i64 iLast = pAnd->iRowid;
+ int rc = SQLITE_OK;
+ int bMatch;
+
+ assert( pAnd->bEof==0 );
+ do {
+ pAnd->bNomatch = 0;
+ bMatch = 1;
+ for(iChild=0; iChild<pAnd->nChild; iChild++){
+ Fts5ExprNode *pChild = pAnd->apChild[iChild];
+ if( 0 && pChild->eType==FTS5_STRING ){
+ /* TODO */
+ }else{
+ int cmp = fts5RowidCmp(pExpr, iLast, pChild->iRowid);
+ if( cmp>0 ){
+ /* Advance pChild until it points to iLast or laster */
+ rc = fts5ExprNodeNext(pExpr, pChild, 1, iLast);
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ }
+
+ /* If the child node is now at EOF, so is the parent AND node. Otherwise,
+ ** the child node is guaranteed to have advanced at least as far as
+ ** rowid iLast. So if it is not at exactly iLast, pChild->iRowid is the
+ ** new lastest rowid seen so far. */
+ assert( pChild->bEof || fts5RowidCmp(pExpr, iLast, pChild->iRowid)<=0 );
+ if( pChild->bEof ){
+ fts5ExprSetEof(pAnd);
+ bMatch = 1;
+ break;
+ }else if( iLast!=pChild->iRowid ){
+ bMatch = 0;
+ iLast = pChild->iRowid;
+ }
+
+ if( pChild->bNomatch ){
+ pAnd->bNomatch = 1;
+ }
+ }
+ }while( bMatch==0 );
+
+ if( pAnd->bNomatch && pAnd!=pExpr->pRoot ){
+ fts5ExprNodeZeroPoslist(pAnd);
+ }
+ pAnd->iRowid = iLast;
+ return SQLITE_OK;
+}
+
+
+/*
+** Compare the values currently indicated by the two nodes as follows:
+**
+** res = (*p1) - (*p2)
+**
+** Nodes that point to values that come later in the iteration order are
+** considered to be larger. Nodes at EOF are the largest of all.
+**
+** This means that if the iteration order is ASC, then numerically larger
+** rowids are considered larger. Or if it is the default DESC, numerically
+** smaller rowids are larger.
+*/
+static int fts5NodeCompare(
+ Fts5Expr *pExpr,
+ Fts5ExprNode *p1,
+ Fts5ExprNode *p2
+){
+ if( p2->bEof ) return -1;
+ if( p1->bEof ) return +1;
+ return fts5RowidCmp(pExpr, p1->iRowid, p2->iRowid);
+}
+
+/*
+** Advance node iterator pNode, part of expression pExpr. If argument
+** bFromValid is zero, then pNode is advanced exactly once. Or, if argument
+** bFromValid is non-zero, then pNode is advanced until it is at or past
+** rowid value iFrom. Whether "past" means "less than" or "greater than"
+** depends on whether this is an ASC or DESC iterator.
+*/
+static int fts5ExprNodeNext(
+ Fts5Expr *pExpr,
+ Fts5ExprNode *pNode,
+ int bFromValid,
+ i64 iFrom
+){
+ int rc = SQLITE_OK;
+
+ if( pNode->bEof==0 ){
+ switch( pNode->eType ){
+ case FTS5_STRING: {
+ rc = fts5ExprNearAdvanceFirst(pExpr, pNode, bFromValid, iFrom);
+ break;
+ };
+
+ case FTS5_TERM: {
+ Fts5IndexIter *pIter = pNode->pNear->apPhrase[0]->aTerm[0].pIter;
+ if( bFromValid ){
+ rc = sqlite3Fts5IterNextFrom(pIter, iFrom);
+ }else{
+ rc = sqlite3Fts5IterNext(pIter);
+ }
+ if( rc==SQLITE_OK && sqlite3Fts5IterEof(pIter)==0 ){
+ assert( rc==SQLITE_OK );
+ rc = fts5ExprTokenTest(pExpr, pNode);
+ }else{
+ pNode->bEof = 1;
+ }
+ return rc;
+ };
+
+ case FTS5_AND: {
+ Fts5ExprNode *pLeft = pNode->apChild[0];
+ rc = fts5ExprNodeNext(pExpr, pLeft, bFromValid, iFrom);
+ break;
+ }
+
+ case FTS5_OR: {
+ int i;
+ i64 iLast = pNode->iRowid;
+
+ for(i=0; rc==SQLITE_OK && i<pNode->nChild; i++){
+ Fts5ExprNode *p1 = pNode->apChild[i];
+ assert( p1->bEof || fts5RowidCmp(pExpr, p1->iRowid, iLast)>=0 );
+ if( p1->bEof==0 ){
+ if( (p1->iRowid==iLast)
+ || (bFromValid && fts5RowidCmp(pExpr, p1->iRowid, iFrom)<0)
+ ){
+ rc = fts5ExprNodeNext(pExpr, p1, bFromValid, iFrom);
+ }
+ }
+ }
+
+ break;
+ }
+
+ default: assert( pNode->eType==FTS5_NOT ); {
+ assert( pNode->nChild==2 );
+ rc = fts5ExprNodeNext(pExpr, pNode->apChild[0], bFromValid, iFrom);
+ break;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = fts5ExprNodeNextMatch(pExpr, pNode);
+ }
+ }
+
+ /* Assert that if bFromValid was true, either:
+ **
+ ** a) an error occurred, or
+ ** b) the node is now at EOF, or
+ ** c) the node is now at or past rowid iFrom.
+ */
+ assert( bFromValid==0
+ || rc!=SQLITE_OK /* a */
+ || pNode->bEof /* b */
+ || pNode->iRowid==iFrom || pExpr->bDesc==(pNode->iRowid<iFrom) /* c */
+ );
+
+ return rc;
+}
+
+
+/*
+** If pNode currently points to a match, this function returns SQLITE_OK
+** without modifying it. Otherwise, pNode is advanced until it does point
+** to a match or EOF is reached.
+*/
+static int fts5ExprNodeNextMatch(
+ Fts5Expr *pExpr, /* Expression of which pNode is a part */
+ Fts5ExprNode *pNode /* Expression node to test */
+){
+ int rc = SQLITE_OK;
+ if( pNode->bEof==0 ){
+ switch( pNode->eType ){
+
+ case FTS5_STRING: {
+ /* Advance the iterators until they all point to the same rowid */
+ rc = fts5ExprNearNextMatch(pExpr, pNode);
+ break;
+ }
+
+ case FTS5_TERM: {
+ rc = fts5ExprTokenTest(pExpr, pNode);
+ break;
+ }
+
+ case FTS5_AND: {
+ rc = fts5ExprAndNextRowid(pExpr, pNode);
+ break;
+ }
+
+ case FTS5_OR: {
+ Fts5ExprNode *pNext = pNode->apChild[0];
+ int i;
+
+ for(i=1; i<pNode->nChild; i++){
+ Fts5ExprNode *pChild = pNode->apChild[i];
+ int cmp = fts5NodeCompare(pExpr, pNext, pChild);
+ if( cmp>0 || (cmp==0 && pChild->bNomatch==0) ){
+ pNext = pChild;
+ }
+ }
+ pNode->iRowid = pNext->iRowid;
+ pNode->bEof = pNext->bEof;
+ pNode->bNomatch = pNext->bNomatch;
+ break;
+ }
+
+ default: assert( pNode->eType==FTS5_NOT ); {
+ Fts5ExprNode *p1 = pNode->apChild[0];
+ Fts5ExprNode *p2 = pNode->apChild[1];
+ assert( pNode->nChild==2 );
+
+ while( rc==SQLITE_OK && p1->bEof==0 ){
+ int cmp = fts5NodeCompare(pExpr, p1, p2);
+ if( cmp>0 ){
+ rc = fts5ExprNodeNext(pExpr, p2, 1, p1->iRowid);
+ cmp = fts5NodeCompare(pExpr, p1, p2);
+ }
+ assert( rc!=SQLITE_OK || cmp<=0 );
+ if( cmp || p2->bNomatch ) break;
+ rc = fts5ExprNodeNext(pExpr, p1, 0, 0);
+ }
+ pNode->bEof = p1->bEof;
+ pNode->iRowid = p1->iRowid;
+ break;
+ }
+ }
+ }
+ return rc;
+}
+
+
+/*
+** Set node pNode, which is part of expression pExpr, to point to the first
+** match. If there are no matches, set the Node.bEof flag to indicate EOF.
+**
+** Return an SQLite error code if an error occurs, or SQLITE_OK otherwise.
+** It is not an error if there are no matches.
+*/
+static int fts5ExprNodeFirst(Fts5Expr *pExpr, Fts5ExprNode *pNode){
+ int rc = SQLITE_OK;
+ pNode->bEof = 0;
+
+ if( Fts5NodeIsString(pNode) ){
+ /* Initialize all term iterators in the NEAR object. */
+ rc = fts5ExprNearInitAll(pExpr, pNode);
+ }else{
+ int i;
+ for(i=0; i<pNode->nChild && rc==SQLITE_OK; i++){
+ rc = fts5ExprNodeFirst(pExpr, pNode->apChild[i]);
+ }
+ pNode->iRowid = pNode->apChild[0]->iRowid;
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = fts5ExprNodeNextMatch(pExpr, pNode);
+ }
+ return rc;
+}
+
+
+/*
+** Begin iterating through the set of documents in index pIdx matched by
+** the MATCH expression passed as the first argument. If the "bDesc"
+** parameter is passed a non-zero value, iteration is in descending rowid
+** order. Or, if it is zero, in ascending order.
+**
+** If iterating in ascending rowid order (bDesc==0), the first document
+** visited is that with the smallest rowid that is larger than or equal
+** to parameter iFirst. Or, if iterating in ascending order (bDesc==1),
+** then the first document visited must have a rowid smaller than or
+** equal to iFirst.
+**
+** Return SQLITE_OK if successful, or an SQLite error code otherwise. It
+** is not considered an error if the query does not match any documents.
+*/
+static int sqlite3Fts5ExprFirst(Fts5Expr *p, Fts5Index *pIdx, i64 iFirst, int bDesc){
+ Fts5ExprNode *pRoot = p->pRoot;
+ int rc = SQLITE_OK;
+ if( pRoot ){
+ p->pIndex = pIdx;
+ p->bDesc = bDesc;
+ rc = fts5ExprNodeFirst(p, pRoot);
+
+ /* If not at EOF but the current rowid occurs earlier than iFirst in
+ ** the iteration order, move to document iFirst or later. */
+ if( pRoot->bEof==0 && fts5RowidCmp(p, pRoot->iRowid, iFirst)<0 ){
+ rc = fts5ExprNodeNext(p, pRoot, 1, iFirst);
+ }
+
+ /* If the iterator is not at a real match, skip forward until it is. */
+ while( pRoot->bNomatch && rc==SQLITE_OK && pRoot->bEof==0 ){
+ rc = fts5ExprNodeNext(p, pRoot, 0, 0);
+ }
+ }
+ return rc;
+}
+
+/*
+** Move to the next document
+**
+** Return SQLITE_OK if successful, or an SQLite error code otherwise. It
+** is not considered an error if the query does not match any documents.
+*/
+static int sqlite3Fts5ExprNext(Fts5Expr *p, i64 iLast){
+ int rc;
+ Fts5ExprNode *pRoot = p->pRoot;
+ do {
+ rc = fts5ExprNodeNext(p, pRoot, 0, 0);
+ }while( pRoot->bNomatch && pRoot->bEof==0 && rc==SQLITE_OK );
+ if( fts5RowidCmp(p, pRoot->iRowid, iLast)>0 ){
+ pRoot->bEof = 1;
+ }
+ return rc;
+}
+
+static int sqlite3Fts5ExprEof(Fts5Expr *p){
+ return (p->pRoot==0 || p->pRoot->bEof);
+}
+
+static i64 sqlite3Fts5ExprRowid(Fts5Expr *p){
+ return p->pRoot->iRowid;
+}
+
+static int fts5ParseStringFromToken(Fts5Token *pToken, char **pz){
+ int rc = SQLITE_OK;
+ *pz = sqlite3Fts5Strndup(&rc, pToken->p, pToken->n);
+ return rc;
+}
+
+/*
+** Free the phrase object passed as the only argument.
+*/
+static void fts5ExprPhraseFree(Fts5ExprPhrase *pPhrase){
+ if( pPhrase ){
+ int i;
+ for(i=0; i<pPhrase->nTerm; i++){
+ Fts5ExprTerm *pSyn;
+ Fts5ExprTerm *pNext;
+ Fts5ExprTerm *pTerm = &pPhrase->aTerm[i];
+ sqlite3_free(pTerm->zTerm);
+ sqlite3Fts5IterClose(pTerm->pIter);
+
+ for(pSyn=pTerm->pSynonym; pSyn; pSyn=pNext){
+ pNext = pSyn->pSynonym;
+ sqlite3Fts5IterClose(pSyn->pIter);
+ sqlite3_free(pSyn);
+ }
+ }
+ if( pPhrase->poslist.nSpace>0 ) fts5BufferFree(&pPhrase->poslist);
+ sqlite3_free(pPhrase);
+ }
+}
+
+/*
+** If argument pNear is NULL, then a new Fts5ExprNearset object is allocated
+** and populated with pPhrase. Or, if pNear is not NULL, phrase pPhrase is
+** appended to it and the results returned.
+**
+** If an OOM error occurs, both the pNear and pPhrase objects are freed and
+** NULL returned.
+*/
+static Fts5ExprNearset *sqlite3Fts5ParseNearset(
+ Fts5Parse *pParse, /* Parse context */
+ Fts5ExprNearset *pNear, /* Existing nearset, or NULL */
+ Fts5ExprPhrase *pPhrase /* Recently parsed phrase */
+){
+ const int SZALLOC = 8;
+ Fts5ExprNearset *pRet = 0;
+
+ if( pParse->rc==SQLITE_OK ){
+ if( pPhrase==0 ){
+ return pNear;
+ }
+ if( pNear==0 ){
+ int nByte = sizeof(Fts5ExprNearset) + SZALLOC * sizeof(Fts5ExprPhrase*);
+ pRet = sqlite3_malloc(nByte);
+ if( pRet==0 ){
+ pParse->rc = SQLITE_NOMEM;
+ }else{
+ memset(pRet, 0, nByte);
+ }
+ }else if( (pNear->nPhrase % SZALLOC)==0 ){
+ int nNew = pNear->nPhrase + SZALLOC;
+ int nByte = sizeof(Fts5ExprNearset) + nNew * sizeof(Fts5ExprPhrase*);
+
+ pRet = (Fts5ExprNearset*)sqlite3_realloc(pNear, nByte);
+ if( pRet==0 ){
+ pParse->rc = SQLITE_NOMEM;
+ }
+ }else{
+ pRet = pNear;
+ }
+ }
+
+ if( pRet==0 ){
+ assert( pParse->rc!=SQLITE_OK );
+ sqlite3Fts5ParseNearsetFree(pNear);
+ sqlite3Fts5ParsePhraseFree(pPhrase);
+ }else{
+ pRet->apPhrase[pRet->nPhrase++] = pPhrase;
+ }
+ return pRet;
+}
+
+typedef struct TokenCtx TokenCtx;
+struct TokenCtx {
+ Fts5ExprPhrase *pPhrase;
+ int rc;
+};
+
+/*
+** Callback for tokenizing terms used by ParseTerm().
+*/
+static int fts5ParseTokenize(
+ void *pContext, /* Pointer to Fts5InsertCtx object */
+ int tflags, /* Mask of FTS5_TOKEN_* flags */
+ const char *pToken, /* Buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iUnused1, /* Start offset of token */
+ int iUnused2 /* End offset of token */
+){
+ int rc = SQLITE_OK;
+ const int SZALLOC = 8;
+ TokenCtx *pCtx = (TokenCtx*)pContext;
+ Fts5ExprPhrase *pPhrase = pCtx->pPhrase;
+
+ /* If an error has already occurred, this is a no-op */
+ if( pCtx->rc!=SQLITE_OK ) return pCtx->rc;
+
+ assert( pPhrase==0 || pPhrase->nTerm>0 );
+ if( pPhrase && (tflags & FTS5_TOKEN_COLOCATED) ){
+ Fts5ExprTerm *pSyn;
+ int nByte = sizeof(Fts5ExprTerm) + nToken+1;
+ pSyn = (Fts5ExprTerm*)sqlite3_malloc(nByte);
+ if( pSyn==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(pSyn, 0, nByte);
+ pSyn->zTerm = (char*)&pSyn[1];
+ memcpy(pSyn->zTerm, pToken, nToken);
+ pSyn->pSynonym = pPhrase->aTerm[pPhrase->nTerm-1].pSynonym;
+ pPhrase->aTerm[pPhrase->nTerm-1].pSynonym = pSyn;
+ }
+ }else{
+ Fts5ExprTerm *pTerm;
+ if( pPhrase==0 || (pPhrase->nTerm % SZALLOC)==0 ){
+ Fts5ExprPhrase *pNew;
+ int nNew = SZALLOC + (pPhrase ? pPhrase->nTerm : 0);
+
+ pNew = (Fts5ExprPhrase*)sqlite3_realloc(pPhrase,
+ sizeof(Fts5ExprPhrase) + sizeof(Fts5ExprTerm) * nNew
+ );
+ if( pNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ if( pPhrase==0 ) memset(pNew, 0, sizeof(Fts5ExprPhrase));
+ pCtx->pPhrase = pPhrase = pNew;
+ pNew->nTerm = nNew - SZALLOC;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ pTerm = &pPhrase->aTerm[pPhrase->nTerm++];
+ memset(pTerm, 0, sizeof(Fts5ExprTerm));
+ pTerm->zTerm = sqlite3Fts5Strndup(&rc, pToken, nToken);
+ }
+ }
+
+ pCtx->rc = rc;
+ return rc;
+}
+
+
+/*
+** Free the phrase object passed as the only argument.
+*/
+static void sqlite3Fts5ParsePhraseFree(Fts5ExprPhrase *pPhrase){
+ fts5ExprPhraseFree(pPhrase);
+}
+
+/*
+** Free the phrase object passed as the second argument.
+*/
+static void sqlite3Fts5ParseNearsetFree(Fts5ExprNearset *pNear){
+ if( pNear ){
+ int i;
+ for(i=0; i<pNear->nPhrase; i++){
+ fts5ExprPhraseFree(pNear->apPhrase[i]);
+ }
+ sqlite3_free(pNear->pColset);
+ sqlite3_free(pNear);
+ }
+}
+
+static void sqlite3Fts5ParseFinished(Fts5Parse *pParse, Fts5ExprNode *p){
+ assert( pParse->pExpr==0 );
+ pParse->pExpr = p;
+}
+
+/*
+** This function is called by the parser to process a string token. The
+** string may or may not be quoted. In any case it is tokenized and a
+** phrase object consisting of all tokens returned.
+*/
+static Fts5ExprPhrase *sqlite3Fts5ParseTerm(
+ Fts5Parse *pParse, /* Parse context */
+ Fts5ExprPhrase *pAppend, /* Phrase to append to */
+ Fts5Token *pToken, /* String to tokenize */
+ int bPrefix /* True if there is a trailing "*" */
+){
+ Fts5Config *pConfig = pParse->pConfig;
+ TokenCtx sCtx; /* Context object passed to callback */
+ int rc; /* Tokenize return code */
+ char *z = 0;
+
+ memset(&sCtx, 0, sizeof(TokenCtx));
+ sCtx.pPhrase = pAppend;
+
+ rc = fts5ParseStringFromToken(pToken, &z);
+ if( rc==SQLITE_OK ){
+ int flags = FTS5_TOKENIZE_QUERY | (bPrefix ? FTS5_TOKENIZE_QUERY : 0);
+ int n;
+ sqlite3Fts5Dequote(z);
+ n = (int)strlen(z);
+ rc = sqlite3Fts5Tokenize(pConfig, flags, z, n, &sCtx, fts5ParseTokenize);
+ }
+ sqlite3_free(z);
+ if( rc || (rc = sCtx.rc) ){
+ pParse->rc = rc;
+ fts5ExprPhraseFree(sCtx.pPhrase);
+ sCtx.pPhrase = 0;
+ }else if( sCtx.pPhrase ){
+
+ if( pAppend==0 ){
+ if( (pParse->nPhrase % 8)==0 ){
+ int nByte = sizeof(Fts5ExprPhrase*) * (pParse->nPhrase + 8);
+ Fts5ExprPhrase **apNew;
+ apNew = (Fts5ExprPhrase**)sqlite3_realloc(pParse->apPhrase, nByte);
+ if( apNew==0 ){
+ pParse->rc = SQLITE_NOMEM;
+ fts5ExprPhraseFree(sCtx.pPhrase);
+ return 0;
+ }
+ pParse->apPhrase = apNew;
+ }
+ pParse->nPhrase++;
+ }
+
+ pParse->apPhrase[pParse->nPhrase-1] = sCtx.pPhrase;
+ assert( sCtx.pPhrase->nTerm>0 );
+ sCtx.pPhrase->aTerm[sCtx.pPhrase->nTerm-1].bPrefix = bPrefix;
+ }
+
+ return sCtx.pPhrase;
+}
+
+/*
+** Create a new FTS5 expression by cloning phrase iPhrase of the
+** expression passed as the second argument.
+*/
+static int sqlite3Fts5ExprClonePhrase(
+ Fts5Config *pConfig,
+ Fts5Expr *pExpr,
+ int iPhrase,
+ Fts5Expr **ppNew
+){
+ int rc = SQLITE_OK; /* Return code */
+ Fts5ExprPhrase *pOrig; /* The phrase extracted from pExpr */
+ int i; /* Used to iterate through phrase terms */
+
+ Fts5Expr *pNew = 0; /* Expression to return via *ppNew */
+
+ TokenCtx sCtx = {0,0}; /* Context object for fts5ParseTokenize */
+
+
+ pOrig = pExpr->apExprPhrase[iPhrase];
+
+ pNew = (Fts5Expr*)sqlite3Fts5MallocZero(&rc, sizeof(Fts5Expr));
+ if( rc==SQLITE_OK ){
+ pNew->apExprPhrase = (Fts5ExprPhrase**)sqlite3Fts5MallocZero(&rc,
+ sizeof(Fts5ExprPhrase*));
+ }
+ if( rc==SQLITE_OK ){
+ pNew->pRoot = (Fts5ExprNode*)sqlite3Fts5MallocZero(&rc,
+ sizeof(Fts5ExprNode));
+ }
+ if( rc==SQLITE_OK ){
+ pNew->pRoot->pNear = (Fts5ExprNearset*)sqlite3Fts5MallocZero(&rc,
+ sizeof(Fts5ExprNearset) + sizeof(Fts5ExprPhrase*));
+ }
+
+ for(i=0; rc==SQLITE_OK && i<pOrig->nTerm; i++){
+ int tflags = 0;
+ Fts5ExprTerm *p;
+ for(p=&pOrig->aTerm[i]; p && rc==SQLITE_OK; p=p->pSynonym){
+ const char *zTerm = p->zTerm;
+ rc = fts5ParseTokenize((void*)&sCtx, tflags, zTerm, (int)strlen(zTerm),
+ 0, 0);
+ tflags = FTS5_TOKEN_COLOCATED;
+ }
+ if( rc==SQLITE_OK ){
+ sCtx.pPhrase->aTerm[i].bPrefix = pOrig->aTerm[i].bPrefix;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ /* All the allocations succeeded. Put the expression object together. */
+ pNew->pIndex = pExpr->pIndex;
+ pNew->nPhrase = 1;
+ pNew->apExprPhrase[0] = sCtx.pPhrase;
+ pNew->pRoot->pNear->apPhrase[0] = sCtx.pPhrase;
+ pNew->pRoot->pNear->nPhrase = 1;
+ sCtx.pPhrase->pNode = pNew->pRoot;
+
+ if( pOrig->nTerm==1 && pOrig->aTerm[0].pSynonym==0 ){
+ pNew->pRoot->eType = FTS5_TERM;
+ }else{
+ pNew->pRoot->eType = FTS5_STRING;
+ }
+ }else{
+ sqlite3Fts5ExprFree(pNew);
+ fts5ExprPhraseFree(sCtx.pPhrase);
+ pNew = 0;
+ }
+
+ *ppNew = pNew;
+ return rc;
+}
+
+
+/*
+** Token pTok has appeared in a MATCH expression where the NEAR operator
+** is expected. If token pTok does not contain "NEAR", store an error
+** in the pParse object.
+*/
+static void sqlite3Fts5ParseNear(Fts5Parse *pParse, Fts5Token *pTok){
+ if( pTok->n!=4 || memcmp("NEAR", pTok->p, 4) ){
+ sqlite3Fts5ParseError(
+ pParse, "fts5: syntax error near \"%.*s\"", pTok->n, pTok->p
+ );
+ }
+}
+
+static void sqlite3Fts5ParseSetDistance(
+ Fts5Parse *pParse,
+ Fts5ExprNearset *pNear,
+ Fts5Token *p
+){
+ int nNear = 0;
+ int i;
+ if( p->n ){
+ for(i=0; i<p->n; i++){
+ char c = (char)p->p[i];
+ if( c<'0' || c>'9' ){
+ sqlite3Fts5ParseError(
+ pParse, "expected integer, got \"%.*s\"", p->n, p->p
+ );
+ return;
+ }
+ nNear = nNear * 10 + (p->p[i] - '0');
+ }
+ }else{
+ nNear = FTS5_DEFAULT_NEARDIST;
+ }
+ pNear->nNear = nNear;
+}
+
+/*
+** The second argument passed to this function may be NULL, or it may be
+** an existing Fts5Colset object. This function returns a pointer to
+** a new colset object containing the contents of (p) with new value column
+** number iCol appended.
+**
+** If an OOM error occurs, store an error code in pParse and return NULL.
+** The old colset object (if any) is not freed in this case.
+*/
+static Fts5Colset *fts5ParseColset(
+ Fts5Parse *pParse, /* Store SQLITE_NOMEM here if required */
+ Fts5Colset *p, /* Existing colset object */
+ int iCol /* New column to add to colset object */
+){
+ int nCol = p ? p->nCol : 0; /* Num. columns already in colset object */
+ Fts5Colset *pNew; /* New colset object to return */
+
+ assert( pParse->rc==SQLITE_OK );
+ assert( iCol>=0 && iCol<pParse->pConfig->nCol );
+
+ pNew = sqlite3_realloc(p, sizeof(Fts5Colset) + sizeof(int)*nCol);
+ if( pNew==0 ){
+ pParse->rc = SQLITE_NOMEM;
+ }else{
+ int *aiCol = pNew->aiCol;
+ int i, j;
+ for(i=0; i<nCol; i++){
+ if( aiCol[i]==iCol ) return pNew;
+ if( aiCol[i]>iCol ) break;
+ }
+ for(j=nCol; j>i; j--){
+ aiCol[j] = aiCol[j-1];
+ }
+ aiCol[i] = iCol;
+ pNew->nCol = nCol+1;
+
+#ifndef NDEBUG
+ /* Check that the array is in order and contains no duplicate entries. */
+ for(i=1; i<pNew->nCol; i++) assert( pNew->aiCol[i]>pNew->aiCol[i-1] );
+#endif
+ }
+
+ return pNew;
+}
+
+static Fts5Colset *sqlite3Fts5ParseColset(
+ Fts5Parse *pParse, /* Store SQLITE_NOMEM here if required */
+ Fts5Colset *pColset, /* Existing colset object */
+ Fts5Token *p
+){
+ Fts5Colset *pRet = 0;
+ int iCol;
+ char *z; /* Dequoted copy of token p */
+
+ z = sqlite3Fts5Strndup(&pParse->rc, p->p, p->n);
+ if( pParse->rc==SQLITE_OK ){
+ Fts5Config *pConfig = pParse->pConfig;
+ sqlite3Fts5Dequote(z);
+ for(iCol=0; iCol<pConfig->nCol; iCol++){
+ if( 0==sqlite3_stricmp(pConfig->azCol[iCol], z) ) break;
+ }
+ if( iCol==pConfig->nCol ){
+ sqlite3Fts5ParseError(pParse, "no such column: %s", z);
+ }else{
+ pRet = fts5ParseColset(pParse, pColset, iCol);
+ }
+ sqlite3_free(z);
+ }
+
+ if( pRet==0 ){
+ assert( pParse->rc!=SQLITE_OK );
+ sqlite3_free(pColset);
+ }
+
+ return pRet;
+}
+
+static void sqlite3Fts5ParseSetColset(
+ Fts5Parse *pParse,
+ Fts5ExprNearset *pNear,
+ Fts5Colset *pColset
+){
+ if( pNear ){
+ pNear->pColset = pColset;
+ }else{
+ sqlite3_free(pColset);
+ }
+}
+
+static void fts5ExprAddChildren(Fts5ExprNode *p, Fts5ExprNode *pSub){
+ if( p->eType!=FTS5_NOT && pSub->eType==p->eType ){
+ int nByte = sizeof(Fts5ExprNode*) * pSub->nChild;
+ memcpy(&p->apChild[p->nChild], pSub->apChild, nByte);
+ p->nChild += pSub->nChild;
+ sqlite3_free(pSub);
+ }else{
+ p->apChild[p->nChild++] = pSub;
+ }
+}
+
+/*
+** Allocate and return a new expression object. If anything goes wrong (i.e.
+** OOM error), leave an error code in pParse and return NULL.
+*/
+static Fts5ExprNode *sqlite3Fts5ParseNode(
+ Fts5Parse *pParse, /* Parse context */
+ int eType, /* FTS5_STRING, AND, OR or NOT */
+ Fts5ExprNode *pLeft, /* Left hand child expression */
+ Fts5ExprNode *pRight, /* Right hand child expression */
+ Fts5ExprNearset *pNear /* For STRING expressions, the near cluster */
+){
+ Fts5ExprNode *pRet = 0;
+
+ if( pParse->rc==SQLITE_OK ){
+ int nChild = 0; /* Number of children of returned node */
+ int nByte; /* Bytes of space to allocate for this node */
+
+ assert( (eType!=FTS5_STRING && !pNear)
+ || (eType==FTS5_STRING && !pLeft && !pRight)
+ );
+ if( eType==FTS5_STRING && pNear==0 ) return 0;
+ if( eType!=FTS5_STRING && pLeft==0 ) return pRight;
+ if( eType!=FTS5_STRING && pRight==0 ) return pLeft;
+
+ if( eType==FTS5_NOT ){
+ nChild = 2;
+ }else if( eType==FTS5_AND || eType==FTS5_OR ){
+ nChild = 2;
+ if( pLeft->eType==eType ) nChild += pLeft->nChild-1;
+ if( pRight->eType==eType ) nChild += pRight->nChild-1;
+ }
+
+ nByte = sizeof(Fts5ExprNode) + sizeof(Fts5ExprNode*)*(nChild-1);
+ pRet = (Fts5ExprNode*)sqlite3Fts5MallocZero(&pParse->rc, nByte);
+
+ if( pRet ){
+ pRet->eType = eType;
+ pRet->pNear = pNear;
+ if( eType==FTS5_STRING ){
+ int iPhrase;
+ for(iPhrase=0; iPhrase<pNear->nPhrase; iPhrase++){
+ pNear->apPhrase[iPhrase]->pNode = pRet;
+ }
+ if( pNear->nPhrase==1
+ && pNear->apPhrase[0]->nTerm==1
+ && pNear->apPhrase[0]->aTerm[0].pSynonym==0
+ ){
+ pRet->eType = FTS5_TERM;
+ }
+ }else{
+ fts5ExprAddChildren(pRet, pLeft);
+ fts5ExprAddChildren(pRet, pRight);
+ }
+ }
+ }
+
+ if( pRet==0 ){
+ assert( pParse->rc!=SQLITE_OK );
+ sqlite3Fts5ParseNodeFree(pLeft);
+ sqlite3Fts5ParseNodeFree(pRight);
+ sqlite3Fts5ParseNearsetFree(pNear);
+ }
+ return pRet;
+}
+
+static char *fts5ExprTermPrint(Fts5ExprTerm *pTerm){
+ int nByte = 0;
+ Fts5ExprTerm *p;
+ char *zQuoted;
+
+ /* Determine the maximum amount of space required. */
+ for(p=pTerm; p; p=p->pSynonym){
+ nByte += (int)strlen(pTerm->zTerm) * 2 + 3 + 2;
+ }
+ zQuoted = sqlite3_malloc(nByte);
+
+ if( zQuoted ){
+ int i = 0;
+ for(p=pTerm; p; p=p->pSynonym){
+ char *zIn = p->zTerm;
+ zQuoted[i++] = '"';
+ while( *zIn ){
+ if( *zIn=='"' ) zQuoted[i++] = '"';
+ zQuoted[i++] = *zIn++;
+ }
+ zQuoted[i++] = '"';
+ if( p->pSynonym ) zQuoted[i++] = '|';
+ }
+ if( pTerm->bPrefix ){
+ zQuoted[i++] = ' ';
+ zQuoted[i++] = '*';
+ }
+ zQuoted[i++] = '\0';
+ }
+ return zQuoted;
+}
+
+static char *fts5PrintfAppend(char *zApp, const char *zFmt, ...){
+ char *zNew;
+ va_list ap;
+ va_start(ap, zFmt);
+ zNew = sqlite3_vmprintf(zFmt, ap);
+ va_end(ap);
+ if( zApp && zNew ){
+ char *zNew2 = sqlite3_mprintf("%s%s", zApp, zNew);
+ sqlite3_free(zNew);
+ zNew = zNew2;
+ }
+ sqlite3_free(zApp);
+ return zNew;
+}
+
+/*
+** Compose a tcl-readable representation of expression pExpr. Return a
+** pointer to a buffer containing that representation. It is the
+** responsibility of the caller to at some point free the buffer using
+** sqlite3_free().
+*/
+static char *fts5ExprPrintTcl(
+ Fts5Config *pConfig,
+ const char *zNearsetCmd,
+ Fts5ExprNode *pExpr
+){
+ char *zRet = 0;
+ if( pExpr->eType==FTS5_STRING || pExpr->eType==FTS5_TERM ){
+ Fts5ExprNearset *pNear = pExpr->pNear;
+ int i;
+ int iTerm;
+
+ zRet = fts5PrintfAppend(zRet, "%s ", zNearsetCmd);
+ if( zRet==0 ) return 0;
+ if( pNear->pColset ){
+ int *aiCol = pNear->pColset->aiCol;
+ int nCol = pNear->pColset->nCol;
+ if( nCol==1 ){
+ zRet = fts5PrintfAppend(zRet, "-col %d ", aiCol[0]);
+ }else{
+ zRet = fts5PrintfAppend(zRet, "-col {%d", aiCol[0]);
+ for(i=1; i<pNear->pColset->nCol; i++){
+ zRet = fts5PrintfAppend(zRet, " %d", aiCol[i]);
+ }
+ zRet = fts5PrintfAppend(zRet, "} ");
+ }
+ if( zRet==0 ) return 0;
+ }
+
+ if( pNear->nPhrase>1 ){
+ zRet = fts5PrintfAppend(zRet, "-near %d ", pNear->nNear);
+ if( zRet==0 ) return 0;
+ }
+
+ zRet = fts5PrintfAppend(zRet, "--");
+ if( zRet==0 ) return 0;
+
+ for(i=0; i<pNear->nPhrase; i++){
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[i];
+
+ zRet = fts5PrintfAppend(zRet, " {");
+ for(iTerm=0; zRet && iTerm<pPhrase->nTerm; iTerm++){
+ char *zTerm = pPhrase->aTerm[iTerm].zTerm;
+ zRet = fts5PrintfAppend(zRet, "%s%s", iTerm==0?"":" ", zTerm);
+ }
+
+ if( zRet ) zRet = fts5PrintfAppend(zRet, "}");
+ if( zRet==0 ) return 0;
+ }
+
+ }else{
+ char const *zOp = 0;
+ int i;
+ switch( pExpr->eType ){
+ case FTS5_AND: zOp = "AND"; break;
+ case FTS5_NOT: zOp = "NOT"; break;
+ default:
+ assert( pExpr->eType==FTS5_OR );
+ zOp = "OR";
+ break;
+ }
+
+ zRet = sqlite3_mprintf("%s", zOp);
+ for(i=0; zRet && i<pExpr->nChild; i++){
+ char *z = fts5ExprPrintTcl(pConfig, zNearsetCmd, pExpr->apChild[i]);
+ if( !z ){
+ sqlite3_free(zRet);
+ zRet = 0;
+ }else{
+ zRet = fts5PrintfAppend(zRet, " [%z]", z);
+ }
+ }
+ }
+
+ return zRet;
+}
+
+static char *fts5ExprPrint(Fts5Config *pConfig, Fts5ExprNode *pExpr){
+ char *zRet = 0;
+ if( pExpr->eType==FTS5_STRING || pExpr->eType==FTS5_TERM ){
+ Fts5ExprNearset *pNear = pExpr->pNear;
+ int i;
+ int iTerm;
+
+ if( pNear->pColset ){
+ int iCol = pNear->pColset->aiCol[0];
+ zRet = fts5PrintfAppend(zRet, "%s : ", pConfig->azCol[iCol]);
+ if( zRet==0 ) return 0;
+ }
+
+ if( pNear->nPhrase>1 ){
+ zRet = fts5PrintfAppend(zRet, "NEAR(");
+ if( zRet==0 ) return 0;
+ }
+
+ for(i=0; i<pNear->nPhrase; i++){
+ Fts5ExprPhrase *pPhrase = pNear->apPhrase[i];
+ if( i!=0 ){
+ zRet = fts5PrintfAppend(zRet, " ");
+ if( zRet==0 ) return 0;
+ }
+ for(iTerm=0; iTerm<pPhrase->nTerm; iTerm++){
+ char *zTerm = fts5ExprTermPrint(&pPhrase->aTerm[iTerm]);
+ if( zTerm ){
+ zRet = fts5PrintfAppend(zRet, "%s%s", iTerm==0?"":" + ", zTerm);
+ sqlite3_free(zTerm);
+ }
+ if( zTerm==0 || zRet==0 ){
+ sqlite3_free(zRet);
+ return 0;
+ }
+ }
+ }
+
+ if( pNear->nPhrase>1 ){
+ zRet = fts5PrintfAppend(zRet, ", %d)", pNear->nNear);
+ if( zRet==0 ) return 0;
+ }
+
+ }else{
+ char const *zOp = 0;
+ int i;
+
+ switch( pExpr->eType ){
+ case FTS5_AND: zOp = " AND "; break;
+ case FTS5_NOT: zOp = " NOT "; break;
+ default:
+ assert( pExpr->eType==FTS5_OR );
+ zOp = " OR ";
+ break;
+ }
+
+ for(i=0; i<pExpr->nChild; i++){
+ char *z = fts5ExprPrint(pConfig, pExpr->apChild[i]);
+ if( z==0 ){
+ sqlite3_free(zRet);
+ zRet = 0;
+ }else{
+ int e = pExpr->apChild[i]->eType;
+ int b = (e!=FTS5_STRING && e!=FTS5_TERM);
+ zRet = fts5PrintfAppend(zRet, "%s%s%z%s",
+ (i==0 ? "" : zOp),
+ (b?"(":""), z, (b?")":"")
+ );
+ }
+ if( zRet==0 ) break;
+ }
+ }
+
+ return zRet;
+}
+
+/*
+** The implementation of user-defined scalar functions fts5_expr() (bTcl==0)
+** and fts5_expr_tcl() (bTcl!=0).
+*/
+static void fts5ExprFunction(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal, /* Function arguments */
+ int bTcl
+){
+ Fts5Global *pGlobal = (Fts5Global*)sqlite3_user_data(pCtx);
+ sqlite3 *db = sqlite3_context_db_handle(pCtx);
+ const char *zExpr = 0;
+ char *zErr = 0;
+ Fts5Expr *pExpr = 0;
+ int rc;
+ int i;
+
+ const char **azConfig; /* Array of arguments for Fts5Config */
+ const char *zNearsetCmd = "nearset";
+ int nConfig; /* Size of azConfig[] */
+ Fts5Config *pConfig = 0;
+ int iArg = 1;
+
+ if( nArg<1 ){
+ zErr = sqlite3_mprintf("wrong number of arguments to function %s",
+ bTcl ? "fts5_expr_tcl" : "fts5_expr"
+ );
+ sqlite3_result_error(pCtx, zErr, -1);
+ sqlite3_free(zErr);
+ return;
+ }
+
+ if( bTcl && nArg>1 ){
+ zNearsetCmd = (const char*)sqlite3_value_text(apVal[1]);
+ iArg = 2;
+ }
+
+ nConfig = 3 + (nArg-iArg);
+ azConfig = (const char**)sqlite3_malloc(sizeof(char*) * nConfig);
+ if( azConfig==0 ){
+ sqlite3_result_error_nomem(pCtx);
+ return;
+ }
+ azConfig[0] = 0;
+ azConfig[1] = "main";
+ azConfig[2] = "tbl";
+ for(i=3; iArg<nArg; iArg++){
+ azConfig[i++] = (const char*)sqlite3_value_text(apVal[iArg]);
+ }
+
+ zExpr = (const char*)sqlite3_value_text(apVal[0]);
+
+ rc = sqlite3Fts5ConfigParse(pGlobal, db, nConfig, azConfig, &pConfig, &zErr);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5ExprNew(pConfig, zExpr, &pExpr, &zErr);
+ }
+ if( rc==SQLITE_OK ){
+ char *zText;
+ if( pExpr->pRoot==0 ){
+ zText = sqlite3_mprintf("");
+ }else if( bTcl ){
+ zText = fts5ExprPrintTcl(pConfig, zNearsetCmd, pExpr->pRoot);
+ }else{
+ zText = fts5ExprPrint(pConfig, pExpr->pRoot);
+ }
+ if( zText==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ sqlite3_result_text(pCtx, zText, -1, SQLITE_TRANSIENT);
+ sqlite3_free(zText);
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ if( zErr ){
+ sqlite3_result_error(pCtx, zErr, -1);
+ sqlite3_free(zErr);
+ }else{
+ sqlite3_result_error_code(pCtx, rc);
+ }
+ }
+ sqlite3_free((void *)azConfig);
+ sqlite3Fts5ConfigFree(pConfig);
+ sqlite3Fts5ExprFree(pExpr);
+}
+
+static void fts5ExprFunctionHr(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal /* Function arguments */
+){
+ fts5ExprFunction(pCtx, nArg, apVal, 0);
+}
+static void fts5ExprFunctionTcl(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal /* Function arguments */
+){
+ fts5ExprFunction(pCtx, nArg, apVal, 1);
+}
+
+/*
+** The implementation of an SQLite user-defined-function that accepts a
+** single integer as an argument. If the integer is an alpha-numeric
+** unicode code point, 1 is returned. Otherwise 0.
+*/
+static void fts5ExprIsAlnum(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal /* Function arguments */
+){
+ int iCode;
+ if( nArg!=1 ){
+ sqlite3_result_error(pCtx,
+ "wrong number of arguments to function fts5_isalnum", -1
+ );
+ return;
+ }
+ iCode = sqlite3_value_int(apVal[0]);
+ sqlite3_result_int(pCtx, sqlite3Fts5UnicodeIsalnum(iCode));
+}
+
+static void fts5ExprFold(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal /* Function arguments */
+){
+ if( nArg!=1 && nArg!=2 ){
+ sqlite3_result_error(pCtx,
+ "wrong number of arguments to function fts5_fold", -1
+ );
+ }else{
+ int iCode;
+ int bRemoveDiacritics = 0;
+ iCode = sqlite3_value_int(apVal[0]);
+ if( nArg==2 ) bRemoveDiacritics = sqlite3_value_int(apVal[1]);
+ sqlite3_result_int(pCtx, sqlite3Fts5UnicodeFold(iCode, bRemoveDiacritics));
+ }
+}
+
+/*
+** This is called during initialization to register the fts5_expr() scalar
+** UDF with the SQLite handle passed as the only argument.
+*/
+static int sqlite3Fts5ExprInit(Fts5Global *pGlobal, sqlite3 *db){
+ struct Fts5ExprFunc {
+ const char *z;
+ void (*x)(sqlite3_context*,int,sqlite3_value**);
+ } aFunc[] = {
+ { "fts5_expr", fts5ExprFunctionHr },
+ { "fts5_expr_tcl", fts5ExprFunctionTcl },
+ { "fts5_isalnum", fts5ExprIsAlnum },
+ { "fts5_fold", fts5ExprFold },
+ };
+ int i;
+ int rc = SQLITE_OK;
+ void *pCtx = (void*)pGlobal;
+
+ for(i=0; rc==SQLITE_OK && i<(int)ArraySize(aFunc); i++){
+ struct Fts5ExprFunc *p = &aFunc[i];
+ rc = sqlite3_create_function(db, p->z, -1, SQLITE_UTF8, pCtx, p->x, 0, 0);
+ }
+
+ /* Avoid a warning indicating that sqlite3Fts5ParserTrace() is unused */
+#ifndef NDEBUG
+ (void)sqlite3Fts5ParserTrace;
+#endif
+
+ return rc;
+}
+
+/*
+** Return the number of phrases in expression pExpr.
+*/
+static int sqlite3Fts5ExprPhraseCount(Fts5Expr *pExpr){
+ return (pExpr ? pExpr->nPhrase : 0);
+}
+
+/*
+** Return the number of terms in the iPhrase'th phrase in pExpr.
+*/
+static int sqlite3Fts5ExprPhraseSize(Fts5Expr *pExpr, int iPhrase){
+ if( iPhrase<0 || iPhrase>=pExpr->nPhrase ) return 0;
+ return pExpr->apExprPhrase[iPhrase]->nTerm;
+}
+
+/*
+** This function is used to access the current position list for phrase
+** iPhrase.
+*/
+static int sqlite3Fts5ExprPoslist(Fts5Expr *pExpr, int iPhrase, const u8 **pa){
+ int nRet;
+ Fts5ExprPhrase *pPhrase = pExpr->apExprPhrase[iPhrase];
+ Fts5ExprNode *pNode = pPhrase->pNode;
+ if( pNode->bEof==0 && pNode->iRowid==pExpr->pRoot->iRowid ){
+ *pa = pPhrase->poslist.p;
+ nRet = pPhrase->poslist.n;
+ }else{
+ *pa = 0;
+ nRet = 0;
+ }
+ return nRet;
+}
+
+/*
+** 2014 August 11
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+*/
+
+
+
+/* #include "fts5Int.h" */
+
+typedef struct Fts5HashEntry Fts5HashEntry;
+
+/*
+** This file contains the implementation of an in-memory hash table used
+** to accumuluate "term -> doclist" content before it is flused to a level-0
+** segment.
+*/
+
+
+struct Fts5Hash {
+ int *pnByte; /* Pointer to bytes counter */
+ int nEntry; /* Number of entries currently in hash */
+ int nSlot; /* Size of aSlot[] array */
+ Fts5HashEntry *pScan; /* Current ordered scan item */
+ Fts5HashEntry **aSlot; /* Array of hash slots */
+};
+
+/*
+** Each entry in the hash table is represented by an object of the
+** following type. Each object, its key (zKey[]) and its current data
+** are stored in a single memory allocation. The position list data
+** immediately follows the key data in memory.
+**
+** The data that follows the key is in a similar, but not identical format
+** to the doclist data stored in the database. It is:
+**
+** * Rowid, as a varint
+** * Position list, without 0x00 terminator.
+** * Size of previous position list and rowid, as a 4 byte
+** big-endian integer.
+**
+** iRowidOff:
+** Offset of last rowid written to data area. Relative to first byte of
+** structure.
+**
+** nData:
+** Bytes of data written since iRowidOff.
+*/
+struct Fts5HashEntry {
+ Fts5HashEntry *pHashNext; /* Next hash entry with same hash-key */
+ Fts5HashEntry *pScanNext; /* Next entry in sorted order */
+
+ int nAlloc; /* Total size of allocation */
+ int iSzPoslist; /* Offset of space for 4-byte poslist size */
+ int nData; /* Total bytes of data (incl. structure) */
+ u8 bDel; /* Set delete-flag @ iSzPoslist */
+
+ int iCol; /* Column of last value written */
+ int iPos; /* Position of last value written */
+ i64 iRowid; /* Rowid of last value written */
+ char zKey[8]; /* Nul-terminated entry key */
+};
+
+/*
+** Size of Fts5HashEntry without the zKey[] array.
+*/
+#define FTS5_HASHENTRYSIZE (sizeof(Fts5HashEntry)-8)
+
+
+
+/*
+** Allocate a new hash table.
+*/
+static int sqlite3Fts5HashNew(Fts5Hash **ppNew, int *pnByte){
+ int rc = SQLITE_OK;
+ Fts5Hash *pNew;
+
+ *ppNew = pNew = (Fts5Hash*)sqlite3_malloc(sizeof(Fts5Hash));
+ if( pNew==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ int nByte;
+ memset(pNew, 0, sizeof(Fts5Hash));
+ pNew->pnByte = pnByte;
+
+ pNew->nSlot = 1024;
+ nByte = sizeof(Fts5HashEntry*) * pNew->nSlot;
+ pNew->aSlot = (Fts5HashEntry**)sqlite3_malloc(nByte);
+ if( pNew->aSlot==0 ){
+ sqlite3_free(pNew);
+ *ppNew = 0;
+ rc = SQLITE_NOMEM;
+ }else{
+ memset(pNew->aSlot, 0, nByte);
+ }
+ }
+ return rc;
+}
+
+/*
+** Free a hash table object.
+*/
+static void sqlite3Fts5HashFree(Fts5Hash *pHash){
+ if( pHash ){
+ sqlite3Fts5HashClear(pHash);
+ sqlite3_free(pHash->aSlot);
+ sqlite3_free(pHash);
+ }
+}
+
+/*
+** Empty (but do not delete) a hash table.
+*/
+static void sqlite3Fts5HashClear(Fts5Hash *pHash){
+ int i;
+ for(i=0; i<pHash->nSlot; i++){
+ Fts5HashEntry *pNext;
+ Fts5HashEntry *pSlot;
+ for(pSlot=pHash->aSlot[i]; pSlot; pSlot=pNext){
+ pNext = pSlot->pHashNext;
+ sqlite3_free(pSlot);
+ }
+ }
+ memset(pHash->aSlot, 0, pHash->nSlot * sizeof(Fts5HashEntry*));
+ pHash->nEntry = 0;
+}
+
+static unsigned int fts5HashKey(int nSlot, const u8 *p, int n){
+ int i;
+ unsigned int h = 13;
+ for(i=n-1; i>=0; i--){
+ h = (h << 3) ^ h ^ p[i];
+ }
+ return (h % nSlot);
+}
+
+static unsigned int fts5HashKey2(int nSlot, u8 b, const u8 *p, int n){
+ int i;
+ unsigned int h = 13;
+ for(i=n-1; i>=0; i--){
+ h = (h << 3) ^ h ^ p[i];
+ }
+ h = (h << 3) ^ h ^ b;
+ return (h % nSlot);
+}
+
+/*
+** Resize the hash table by doubling the number of slots.
+*/
+static int fts5HashResize(Fts5Hash *pHash){
+ int nNew = pHash->nSlot*2;
+ int i;
+ Fts5HashEntry **apNew;
+ Fts5HashEntry **apOld = pHash->aSlot;
+
+ apNew = (Fts5HashEntry**)sqlite3_malloc(nNew*sizeof(Fts5HashEntry*));
+ if( !apNew ) return SQLITE_NOMEM;
+ memset(apNew, 0, nNew*sizeof(Fts5HashEntry*));
+
+ for(i=0; i<pHash->nSlot; i++){
+ while( apOld[i] ){
+ int iHash;
+ Fts5HashEntry *p = apOld[i];
+ apOld[i] = p->pHashNext;
+ iHash = fts5HashKey(nNew, (u8*)p->zKey, (int)strlen(p->zKey));
+ p->pHashNext = apNew[iHash];
+ apNew[iHash] = p;
+ }
+ }
+
+ sqlite3_free(apOld);
+ pHash->nSlot = nNew;
+ pHash->aSlot = apNew;
+ return SQLITE_OK;
+}
+
+static void fts5HashAddPoslistSize(Fts5HashEntry *p){
+ if( p->iSzPoslist ){
+ u8 *pPtr = (u8*)p;
+ int nSz = (p->nData - p->iSzPoslist - 1); /* Size in bytes */
+ int nPos = nSz*2 + p->bDel; /* Value of nPos field */
+
+ assert( p->bDel==0 || p->bDel==1 );
+ if( nPos<=127 ){
+ pPtr[p->iSzPoslist] = (u8)nPos;
+ }else{
+ int nByte = sqlite3Fts5GetVarintLen((u32)nPos);
+ memmove(&pPtr[p->iSzPoslist + nByte], &pPtr[p->iSzPoslist + 1], nSz);
+ sqlite3Fts5PutVarint(&pPtr[p->iSzPoslist], nPos);
+ p->nData += (nByte-1);
+ }
+ p->bDel = 0;
+ p->iSzPoslist = 0;
+ }
+}
+
+static int sqlite3Fts5HashWrite(
+ Fts5Hash *pHash,
+ i64 iRowid, /* Rowid for this entry */
+ int iCol, /* Column token appears in (-ve -> delete) */
+ int iPos, /* Position of token within column */
+ char bByte, /* First byte of token */
+ const char *pToken, int nToken /* Token to add or remove to or from index */
+){
+ unsigned int iHash;
+ Fts5HashEntry *p;
+ u8 *pPtr;
+ int nIncr = 0; /* Amount to increment (*pHash->pnByte) by */
+
+ /* Attempt to locate an existing hash entry */
+ iHash = fts5HashKey2(pHash->nSlot, (u8)bByte, (const u8*)pToken, nToken);
+ for(p=pHash->aSlot[iHash]; p; p=p->pHashNext){
+ if( p->zKey[0]==bByte
+ && memcmp(&p->zKey[1], pToken, nToken)==0
+ && p->zKey[nToken+1]==0
+ ){
+ break;
+ }
+ }
+
+ /* If an existing hash entry cannot be found, create a new one. */
+ if( p==0 ){
+ int nByte = FTS5_HASHENTRYSIZE + (nToken+1) + 1 + 64;
+ if( nByte<128 ) nByte = 128;
+
+ if( (pHash->nEntry*2)>=pHash->nSlot ){
+ int rc = fts5HashResize(pHash);
+ if( rc!=SQLITE_OK ) return rc;
+ iHash = fts5HashKey2(pHash->nSlot, (u8)bByte, (const u8*)pToken, nToken);
+ }
+
+ p = (Fts5HashEntry*)sqlite3_malloc(nByte);
+ if( !p ) return SQLITE_NOMEM;
+ memset(p, 0, FTS5_HASHENTRYSIZE);
+ p->nAlloc = nByte;
+ p->zKey[0] = bByte;
+ memcpy(&p->zKey[1], pToken, nToken);
+ assert( iHash==fts5HashKey(pHash->nSlot, (u8*)p->zKey, nToken+1) );
+ p->zKey[nToken+1] = '\0';
+ p->nData = nToken+1 + 1 + FTS5_HASHENTRYSIZE;
+ p->nData += sqlite3Fts5PutVarint(&((u8*)p)[p->nData], iRowid);
+ p->iSzPoslist = p->nData;
+ p->nData += 1;
+ p->iRowid = iRowid;
+ p->pHashNext = pHash->aSlot[iHash];
+ pHash->aSlot[iHash] = p;
+ pHash->nEntry++;
+ nIncr += p->nData;
+ }
+
+ /* Check there is enough space to append a new entry. Worst case scenario
+ ** is:
+ **
+ ** + 9 bytes for a new rowid,
+ ** + 4 byte reserved for the "poslist size" varint.
+ ** + 1 byte for a "new column" byte,
+ ** + 3 bytes for a new column number (16-bit max) as a varint,
+ ** + 5 bytes for the new position offset (32-bit max).
+ */
+ if( (p->nAlloc - p->nData) < (9 + 4 + 1 + 3 + 5) ){
+ int nNew = p->nAlloc * 2;
+ Fts5HashEntry *pNew;
+ Fts5HashEntry **pp;
+ pNew = (Fts5HashEntry*)sqlite3_realloc(p, nNew);
+ if( pNew==0 ) return SQLITE_NOMEM;
+ pNew->nAlloc = nNew;
+ for(pp=&pHash->aSlot[iHash]; *pp!=p; pp=&(*pp)->pHashNext);
+ *pp = pNew;
+ p = pNew;
+ }
+ pPtr = (u8*)p;
+ nIncr -= p->nData;
+
+ /* If this is a new rowid, append the 4-byte size field for the previous
+ ** entry, and the new rowid for this entry. */
+ if( iRowid!=p->iRowid ){
+ fts5HashAddPoslistSize(p);
+ p->nData += sqlite3Fts5PutVarint(&pPtr[p->nData], iRowid - p->iRowid);
+ p->iSzPoslist = p->nData;
+ p->nData += 1;
+ p->iCol = 0;
+ p->iPos = 0;
+ p->iRowid = iRowid;
+ }
+
+ if( iCol>=0 ){
+ /* Append a new column value, if necessary */
+ assert( iCol>=p->iCol );
+ if( iCol!=p->iCol ){
+ pPtr[p->nData++] = 0x01;
+ p->nData += sqlite3Fts5PutVarint(&pPtr[p->nData], iCol);
+ p->iCol = iCol;
+ p->iPos = 0;
+ }
+
+ /* Append the new position offset */
+ p->nData += sqlite3Fts5PutVarint(&pPtr[p->nData], iPos - p->iPos + 2);
+ p->iPos = iPos;
+ }else{
+ /* This is a delete. Set the delete flag. */
+ p->bDel = 1;
+ }
+ nIncr += p->nData;
+
+ *pHash->pnByte += nIncr;
+ return SQLITE_OK;
+}
+
+
+/*
+** Arguments pLeft and pRight point to linked-lists of hash-entry objects,
+** each sorted in key order. This function merges the two lists into a
+** single list and returns a pointer to its first element.
+*/
+static Fts5HashEntry *fts5HashEntryMerge(
+ Fts5HashEntry *pLeft,
+ Fts5HashEntry *pRight
+){
+ Fts5HashEntry *p1 = pLeft;
+ Fts5HashEntry *p2 = pRight;
+ Fts5HashEntry *pRet = 0;
+ Fts5HashEntry **ppOut = &pRet;
+
+ while( p1 || p2 ){
+ if( p1==0 ){
+ *ppOut = p2;
+ p2 = 0;
+ }else if( p2==0 ){
+ *ppOut = p1;
+ p1 = 0;
+ }else{
+ int i = 0;
+ while( p1->zKey[i]==p2->zKey[i] ) i++;
+
+ if( ((u8)p1->zKey[i])>((u8)p2->zKey[i]) ){
+ /* p2 is smaller */
+ *ppOut = p2;
+ ppOut = &p2->pScanNext;
+ p2 = p2->pScanNext;
+ }else{
+ /* p1 is smaller */
+ *ppOut = p1;
+ ppOut = &p1->pScanNext;
+ p1 = p1->pScanNext;
+ }
+ *ppOut = 0;
+ }
+ }
+
+ return pRet;
+}
+
+/*
+** Extract all tokens from hash table iHash and link them into a list
+** in sorted order. The hash table is cleared before returning. It is
+** the responsibility of the caller to free the elements of the returned
+** list.
+*/
+static int fts5HashEntrySort(
+ Fts5Hash *pHash,
+ const char *pTerm, int nTerm, /* Query prefix, if any */
+ Fts5HashEntry **ppSorted
+){
+ const int nMergeSlot = 32;
+ Fts5HashEntry **ap;
+ Fts5HashEntry *pList;
+ int iSlot;
+ int i;
+
+ *ppSorted = 0;
+ ap = sqlite3_malloc(sizeof(Fts5HashEntry*) * nMergeSlot);
+ if( !ap ) return SQLITE_NOMEM;
+ memset(ap, 0, sizeof(Fts5HashEntry*) * nMergeSlot);
+
+ for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
+ Fts5HashEntry *pIter;
+ for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
+ if( pTerm==0 || 0==memcmp(pIter->zKey, pTerm, nTerm) ){
+ Fts5HashEntry *pEntry = pIter;
+ pEntry->pScanNext = 0;
+ for(i=0; ap[i]; i++){
+ pEntry = fts5HashEntryMerge(pEntry, ap[i]);
+ ap[i] = 0;
+ }
+ ap[i] = pEntry;
+ }
+ }
+ }
+
+ pList = 0;
+ for(i=0; i<nMergeSlot; i++){
+ pList = fts5HashEntryMerge(pList, ap[i]);
+ }
+
+ pHash->nEntry = 0;
+ sqlite3_free(ap);
+ *ppSorted = pList;
+ return SQLITE_OK;
+}
+
+/*
+** Query the hash table for a doclist associated with term pTerm/nTerm.
+*/
+static int sqlite3Fts5HashQuery(
+ Fts5Hash *pHash, /* Hash table to query */
+ const char *pTerm, int nTerm, /* Query term */
+ const u8 **ppDoclist, /* OUT: Pointer to doclist for pTerm */
+ int *pnDoclist /* OUT: Size of doclist in bytes */
+){
+ unsigned int iHash = fts5HashKey(pHash->nSlot, (const u8*)pTerm, nTerm);
+ Fts5HashEntry *p;
+
+ for(p=pHash->aSlot[iHash]; p; p=p->pHashNext){
+ if( memcmp(p->zKey, pTerm, nTerm)==0 && p->zKey[nTerm]==0 ) break;
+ }
+
+ if( p ){
+ fts5HashAddPoslistSize(p);
+ *ppDoclist = (const u8*)&p->zKey[nTerm+1];
+ *pnDoclist = p->nData - (FTS5_HASHENTRYSIZE + nTerm + 1);
+ }else{
+ *ppDoclist = 0;
+ *pnDoclist = 0;
+ }
+
+ return SQLITE_OK;
+}
+
+static int sqlite3Fts5HashScanInit(
+ Fts5Hash *p, /* Hash table to query */
+ const char *pTerm, int nTerm /* Query prefix */
+){
+ return fts5HashEntrySort(p, pTerm, nTerm, &p->pScan);
+}
+
+static void sqlite3Fts5HashScanNext(Fts5Hash *p){
+ assert( !sqlite3Fts5HashScanEof(p) );
+ p->pScan = p->pScan->pScanNext;
+}
+
+static int sqlite3Fts5HashScanEof(Fts5Hash *p){
+ return (p->pScan==0);
+}
+
+static void sqlite3Fts5HashScanEntry(
+ Fts5Hash *pHash,
+ const char **pzTerm, /* OUT: term (nul-terminated) */
+ const u8 **ppDoclist, /* OUT: pointer to doclist */
+ int *pnDoclist /* OUT: size of doclist in bytes */
+){
+ Fts5HashEntry *p;
+ if( (p = pHash->pScan) ){
+ int nTerm = (int)strlen(p->zKey);
+ fts5HashAddPoslistSize(p);
+ *pzTerm = p->zKey;
+ *ppDoclist = (const u8*)&p->zKey[nTerm+1];
+ *pnDoclist = p->nData - (FTS5_HASHENTRYSIZE + nTerm + 1);
+ }else{
+ *pzTerm = 0;
+ *ppDoclist = 0;
+ *pnDoclist = 0;
+ }
+}
+
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Low level access to the FTS index stored in the database file. The
+** routines in this file file implement all read and write access to the
+** %_data table. Other parts of the system access this functionality via
+** the interface defined in fts5Int.h.
+*/
+
+
+/* #include "fts5Int.h" */
+
+/*
+** Overview:
+**
+** The %_data table contains all the FTS indexes for an FTS5 virtual table.
+** As well as the main term index, there may be up to 31 prefix indexes.
+** The format is similar to FTS3/4, except that:
+**
+** * all segment b-tree leaf data is stored in fixed size page records
+** (e.g. 1000 bytes). A single doclist may span multiple pages. Care is
+** taken to ensure it is possible to iterate in either direction through
+** the entries in a doclist, or to seek to a specific entry within a
+** doclist, without loading it into memory.
+**
+** * large doclists that span many pages have associated "doclist index"
+** records that contain a copy of the first rowid on each page spanned by
+** the doclist. This is used to speed up seek operations, and merges of
+** large doclists with very small doclists.
+**
+** * extra fields in the "structure record" record the state of ongoing
+** incremental merge operations.
+**
+*/
+
+
+#define FTS5_OPT_WORK_UNIT 1000 /* Number of leaf pages per optimize step */
+#define FTS5_WORK_UNIT 64 /* Number of leaf pages in unit of work */
+
+#define FTS5_MIN_DLIDX_SIZE 4 /* Add dlidx if this many empty pages */
+
+#define FTS5_MAIN_PREFIX '0'
+
+#if FTS5_MAX_PREFIX_INDEXES > 31
+# error "FTS5_MAX_PREFIX_INDEXES is too large"
+#endif
+
+/*
+** Details:
+**
+** The %_data table managed by this module,
+**
+** CREATE TABLE %_data(id INTEGER PRIMARY KEY, block BLOB);
+**
+** , contains the following 5 types of records. See the comments surrounding
+** the FTS5_*_ROWID macros below for a description of how %_data rowids are
+** assigned to each fo them.
+**
+** 1. Structure Records:
+**
+** The set of segments that make up an index - the index structure - are
+** recorded in a single record within the %_data table. The record consists
+** of a single 32-bit configuration cookie value followed by a list of
+** SQLite varints. If the FTS table features more than one index (because
+** there are one or more prefix indexes), it is guaranteed that all share
+** the same cookie value.
+**
+** Immediately following the configuration cookie, the record begins with
+** three varints:
+**
+** + number of levels,
+** + total number of segments on all levels,
+** + value of write counter.
+**
+** Then, for each level from 0 to nMax:
+**
+** + number of input segments in ongoing merge.
+** + total number of segments in level.
+** + for each segment from oldest to newest:
+** + segment id (always > 0)
+** + first leaf page number (often 1, always greater than 0)
+** + final leaf page number
+**
+** 2. The Averages Record:
+**
+** A single record within the %_data table. The data is a list of varints.
+** The first value is the number of rows in the index. Then, for each column
+** from left to right, the total number of tokens in the column for all
+** rows of the table.
+**
+** 3. Segment leaves:
+**
+** TERM/DOCLIST FORMAT:
+**
+** Most of each segment leaf is taken up by term/doclist data. The
+** general format of term/doclist, starting with the first term
+** on the leaf page, is:
+**
+** varint : size of first term
+** blob: first term data
+** doclist: first doclist
+** zero-or-more {
+** varint: number of bytes in common with previous term
+** varint: number of bytes of new term data (nNew)
+** blob: nNew bytes of new term data
+** doclist: next doclist
+** }
+**
+** doclist format:
+**
+** varint: first rowid
+** poslist: first poslist
+** zero-or-more {
+** varint: rowid delta (always > 0)
+** poslist: next poslist
+** }
+**
+** poslist format:
+**
+** varint: size of poslist in bytes multiplied by 2, not including
+** this field. Plus 1 if this entry carries the "delete" flag.
+** collist: collist for column 0
+** zero-or-more {
+** 0x01 byte
+** varint: column number (I)
+** collist: collist for column I
+** }
+**
+** collist format:
+**
+** varint: first offset + 2
+** zero-or-more {
+** varint: offset delta + 2
+** }
+**
+** PAGE FORMAT
+**
+** Each leaf page begins with a 4-byte header containing 2 16-bit
+** unsigned integer fields in big-endian format. They are:
+**
+** * The byte offset of the first rowid on the page, if it exists
+** and occurs before the first term (otherwise 0).
+**
+** * The byte offset of the start of the page footer. If the page
+** footer is 0 bytes in size, then this field is the same as the
+** size of the leaf page in bytes.
+**
+** The page footer consists of a single varint for each term located
+** on the page. Each varint is the byte offset of the current term
+** within the page, delta-compressed against the previous value. In
+** other words, the first varint in the footer is the byte offset of
+** the first term, the second is the byte offset of the second less that
+** of the first, and so on.
+**
+** The term/doclist format described above is accurate if the entire
+** term/doclist data fits on a single leaf page. If this is not the case,
+** the format is changed in two ways:
+**
+** + if the first rowid on a page occurs before the first term, it
+** is stored as a literal value:
+**
+** varint: first rowid
+**
+** + the first term on each page is stored in the same way as the
+** very first term of the segment:
+**
+** varint : size of first term
+** blob: first term data
+**
+** 5. Segment doclist indexes:
+**
+** Doclist indexes are themselves b-trees, however they usually consist of
+** a single leaf record only. The format of each doclist index leaf page
+** is:
+**
+** * Flags byte. Bits are:
+** 0x01: Clear if leaf is also the root page, otherwise set.
+**
+** * Page number of fts index leaf page. As a varint.
+**
+** * First rowid on page indicated by previous field. As a varint.
+**
+** * A list of varints, one for each subsequent termless page. A
+** positive delta if the termless page contains at least one rowid,
+** or an 0x00 byte otherwise.
+**
+** Internal doclist index nodes are:
+**
+** * Flags byte. Bits are:
+** 0x01: Clear for root page, otherwise set.
+**
+** * Page number of first child page. As a varint.
+**
+** * Copy of first rowid on page indicated by previous field. As a varint.
+**
+** * A list of delta-encoded varints - the first rowid on each subsequent
+** child page.
+**
+*/
+
+/*
+** Rowids for the averages and structure records in the %_data table.
+*/
+#define FTS5_AVERAGES_ROWID 1 /* Rowid used for the averages record */
+#define FTS5_STRUCTURE_ROWID 10 /* The structure record */
+
+/*
+** Macros determining the rowids used by segment leaves and dlidx leaves
+** and nodes. All nodes and leaves are stored in the %_data table with large
+** positive rowids.
+**
+** Each segment has a unique non-zero 16-bit id.
+**
+** The rowid for each segment leaf is found by passing the segment id and
+** the leaf page number to the FTS5_SEGMENT_ROWID macro. Leaves are numbered
+** sequentially starting from 1.
+*/
+#define FTS5_DATA_ID_B 16 /* Max seg id number 65535 */
+#define FTS5_DATA_DLI_B 1 /* Doclist-index flag (1 bit) */
+#define FTS5_DATA_HEIGHT_B 5 /* Max dlidx tree height of 32 */
+#define FTS5_DATA_PAGE_B 31 /* Max page number of 2147483648 */
+
+#define fts5_dri(segid, dlidx, height, pgno) ( \
+ ((i64)(segid) << (FTS5_DATA_PAGE_B+FTS5_DATA_HEIGHT_B+FTS5_DATA_DLI_B)) + \
+ ((i64)(dlidx) << (FTS5_DATA_PAGE_B + FTS5_DATA_HEIGHT_B)) + \
+ ((i64)(height) << (FTS5_DATA_PAGE_B)) + \
+ ((i64)(pgno)) \
+)
+
+#define FTS5_SEGMENT_ROWID(segid, pgno) fts5_dri(segid, 0, 0, pgno)
+#define FTS5_DLIDX_ROWID(segid, height, pgno) fts5_dri(segid, 1, height, pgno)
+
+/*
+** Maximum segments permitted in a single index
+*/
+#define FTS5_MAX_SEGMENT 2000
+
+#ifdef SQLITE_DEBUG
+static int sqlite3Fts5Corrupt() { return SQLITE_CORRUPT_VTAB; }
+#endif
+
+
+/*
+** Each time a blob is read from the %_data table, it is padded with this
+** many zero bytes. This makes it easier to decode the various record formats
+** without overreading if the records are corrupt.
+*/
+#define FTS5_DATA_ZERO_PADDING 8
+#define FTS5_DATA_PADDING 20
+
+typedef struct Fts5Data Fts5Data;
+typedef struct Fts5DlidxIter Fts5DlidxIter;
+typedef struct Fts5DlidxLvl Fts5DlidxLvl;
+typedef struct Fts5DlidxWriter Fts5DlidxWriter;
+typedef struct Fts5PageWriter Fts5PageWriter;
+typedef struct Fts5SegIter Fts5SegIter;
+typedef struct Fts5DoclistIter Fts5DoclistIter;
+typedef struct Fts5SegWriter Fts5SegWriter;
+typedef struct Fts5Structure Fts5Structure;
+typedef struct Fts5StructureLevel Fts5StructureLevel;
+typedef struct Fts5StructureSegment Fts5StructureSegment;
+
+struct Fts5Data {
+ u8 *p; /* Pointer to buffer containing record */
+ int nn; /* Size of record in bytes */
+ int szLeaf; /* Size of leaf without page-index */
+};
+
+/*
+** One object per %_data table.
+*/
+struct Fts5Index {
+ Fts5Config *pConfig; /* Virtual table configuration */
+ char *zDataTbl; /* Name of %_data table */
+ int nWorkUnit; /* Leaf pages in a "unit" of work */
+
+ /*
+ ** Variables related to the accumulation of tokens and doclists within the
+ ** in-memory hash tables before they are flushed to disk.
+ */
+ Fts5Hash *pHash; /* Hash table for in-memory data */
+ int nPendingData; /* Current bytes of pending data */
+ i64 iWriteRowid; /* Rowid for current doc being written */
+ int bDelete; /* Current write is a delete */
+
+ /* Error state. */
+ int rc; /* Current error code */
+
+ /* State used by the fts5DataXXX() functions. */
+ sqlite3_blob *pReader; /* RO incr-blob open on %_data table */
+ sqlite3_stmt *pWriter; /* "INSERT ... %_data VALUES(?,?)" */
+ sqlite3_stmt *pDeleter; /* "DELETE FROM %_data ... id>=? AND id<=?" */
+ sqlite3_stmt *pIdxWriter; /* "INSERT ... %_idx VALUES(?,?,?,?)" */
+ sqlite3_stmt *pIdxDeleter; /* "DELETE FROM %_idx WHERE segid=? */
+ sqlite3_stmt *pIdxSelect;
+ int nRead; /* Total number of blocks read */
+};
+
+struct Fts5DoclistIter {
+ u8 *aEof; /* Pointer to 1 byte past end of doclist */
+
+ /* Output variables. aPoslist==0 at EOF */
+ i64 iRowid;
+ u8 *aPoslist;
+ int nPoslist;
+ int nSize;
+};
+
+/*
+** The contents of the "structure" record for each index are represented
+** using an Fts5Structure record in memory. Which uses instances of the
+** other Fts5StructureXXX types as components.
+*/
+struct Fts5StructureSegment {
+ int iSegid; /* Segment id */
+ int pgnoFirst; /* First leaf page number in segment */
+ int pgnoLast; /* Last leaf page number in segment */
+};
+struct Fts5StructureLevel {
+ int nMerge; /* Number of segments in incr-merge */
+ int nSeg; /* Total number of segments on level */
+ Fts5StructureSegment *aSeg; /* Array of segments. aSeg[0] is oldest. */
+};
+struct Fts5Structure {
+ int nRef; /* Object reference count */
+ u64 nWriteCounter; /* Total leaves written to level 0 */
+ int nSegment; /* Total segments in this structure */
+ int nLevel; /* Number of levels in this index */
+ Fts5StructureLevel aLevel[1]; /* Array of nLevel level objects */
+};
+
+/*
+** An object of type Fts5SegWriter is used to write to segments.
+*/
+struct Fts5PageWriter {
+ int pgno; /* Page number for this page */
+ int iPrevPgidx; /* Previous value written into pgidx */
+ Fts5Buffer buf; /* Buffer containing leaf data */
+ Fts5Buffer pgidx; /* Buffer containing page-index */
+ Fts5Buffer term; /* Buffer containing previous term on page */
+};
+struct Fts5DlidxWriter {
+ int pgno; /* Page number for this page */
+ int bPrevValid; /* True if iPrev is valid */
+ i64 iPrev; /* Previous rowid value written to page */
+ Fts5Buffer buf; /* Buffer containing page data */
+};
+struct Fts5SegWriter {
+ int iSegid; /* Segid to write to */
+ Fts5PageWriter writer; /* PageWriter object */
+ i64 iPrevRowid; /* Previous rowid written to current leaf */
+ u8 bFirstRowidInDoclist; /* True if next rowid is first in doclist */
+ u8 bFirstRowidInPage; /* True if next rowid is first in page */
+ /* TODO1: Can use (writer.pgidx.n==0) instead of bFirstTermInPage */
+ u8 bFirstTermInPage; /* True if next term will be first in leaf */
+ int nLeafWritten; /* Number of leaf pages written */
+ int nEmpty; /* Number of contiguous term-less nodes */
+
+ int nDlidx; /* Allocated size of aDlidx[] array */
+ Fts5DlidxWriter *aDlidx; /* Array of Fts5DlidxWriter objects */
+
+ /* Values to insert into the %_idx table */
+ Fts5Buffer btterm; /* Next term to insert into %_idx table */
+ int iBtPage; /* Page number corresponding to btterm */
+};
+
+typedef struct Fts5CResult Fts5CResult;
+struct Fts5CResult {
+ u16 iFirst; /* aSeg[] index of firstest iterator */
+ u8 bTermEq; /* True if the terms are equal */
+};
+
+/*
+** Object for iterating through a single segment, visiting each term/rowid
+** pair in the segment.
+**
+** pSeg:
+** The segment to iterate through.
+**
+** iLeafPgno:
+** Current leaf page number within segment.
+**
+** iLeafOffset:
+** Byte offset within the current leaf that is the first byte of the
+** position list data (one byte passed the position-list size field).
+** rowid field of the current entry. Usually this is the size field of the
+** position list data. The exception is if the rowid for the current entry
+** is the last thing on the leaf page.
+**
+** pLeaf:
+** Buffer containing current leaf page data. Set to NULL at EOF.
+**
+** iTermLeafPgno, iTermLeafOffset:
+** Leaf page number containing the last term read from the segment. And
+** the offset immediately following the term data.
+**
+** flags:
+** Mask of FTS5_SEGITER_XXX values. Interpreted as follows:
+**
+** FTS5_SEGITER_ONETERM:
+** If set, set the iterator to point to EOF after the current doclist
+** has been exhausted. Do not proceed to the next term in the segment.
+**
+** FTS5_SEGITER_REVERSE:
+** This flag is only ever set if FTS5_SEGITER_ONETERM is also set. If
+** it is set, iterate through rowid in descending order instead of the
+** default ascending order.
+**
+** iRowidOffset/nRowidOffset/aRowidOffset:
+** These are used if the FTS5_SEGITER_REVERSE flag is set.
+**
+** For each rowid on the page corresponding to the current term, the
+** corresponding aRowidOffset[] entry is set to the byte offset of the
+** start of the "position-list-size" field within the page.
+**
+** iTermIdx:
+** Index of current term on iTermLeafPgno.
+*/
+struct Fts5SegIter {
+ Fts5StructureSegment *pSeg; /* Segment to iterate through */
+ int flags; /* Mask of configuration flags */
+ int iLeafPgno; /* Current leaf page number */
+ Fts5Data *pLeaf; /* Current leaf data */
+ Fts5Data *pNextLeaf; /* Leaf page (iLeafPgno+1) */
+ int iLeafOffset; /* Byte offset within current leaf */
+
+ /* The page and offset from which the current term was read. The offset
+ ** is the offset of the first rowid in the current doclist. */
+ int iTermLeafPgno;
+ int iTermLeafOffset;
+
+ int iPgidxOff; /* Next offset in pgidx */
+ int iEndofDoclist;
+
+ /* The following are only used if the FTS5_SEGITER_REVERSE flag is set. */
+ int iRowidOffset; /* Current entry in aRowidOffset[] */
+ int nRowidOffset; /* Allocated size of aRowidOffset[] array */
+ int *aRowidOffset; /* Array of offset to rowid fields */
+
+ Fts5DlidxIter *pDlidx; /* If there is a doclist-index */
+
+ /* Variables populated based on current entry. */
+ Fts5Buffer term; /* Current term */
+ i64 iRowid; /* Current rowid */
+ int nPos; /* Number of bytes in current position list */
+ int bDel; /* True if the delete flag is set */
+};
+
+/*
+** Argument is a pointer to an Fts5Data structure that contains a
+** leaf page.
+*/
+#define ASSERT_SZLEAF_OK(x) assert( \
+ (x)->szLeaf==(x)->nn || (x)->szLeaf==fts5GetU16(&(x)->p[2]) \
+)
+
+#define FTS5_SEGITER_ONETERM 0x01
+#define FTS5_SEGITER_REVERSE 0x02
+
+
+/*
+** Argument is a pointer to an Fts5Data structure that contains a leaf
+** page. This macro evaluates to true if the leaf contains no terms, or
+** false if it contains at least one term.
+*/
+#define fts5LeafIsTermless(x) ((x)->szLeaf >= (x)->nn)
+
+#define fts5LeafTermOff(x, i) (fts5GetU16(&(x)->p[(x)->szLeaf + (i)*2]))
+
+#define fts5LeafFirstRowidOff(x) (fts5GetU16((x)->p))
+
+/*
+** Object for iterating through the merged results of one or more segments,
+** visiting each term/rowid pair in the merged data.
+**
+** nSeg is always a power of two greater than or equal to the number of
+** segments that this object is merging data from. Both the aSeg[] and
+** aFirst[] arrays are sized at nSeg entries. The aSeg[] array is padded
+** with zeroed objects - these are handled as if they were iterators opened
+** on empty segments.
+**
+** The results of comparing segments aSeg[N] and aSeg[N+1], where N is an
+** even number, is stored in aFirst[(nSeg+N)/2]. The "result" of the
+** comparison in this context is the index of the iterator that currently
+** points to the smaller term/rowid combination. Iterators at EOF are
+** considered to be greater than all other iterators.
+**
+** aFirst[1] contains the index in aSeg[] of the iterator that points to
+** the smallest key overall. aFirst[0] is unused.
+**
+** poslist:
+** Used by sqlite3Fts5IterPoslist() when the poslist needs to be buffered.
+** There is no way to tell if this is populated or not.
+*/
+struct Fts5IndexIter {
+ Fts5Index *pIndex; /* Index that owns this iterator */
+ Fts5Structure *pStruct; /* Database structure for this iterator */
+ Fts5Buffer poslist; /* Buffer containing current poslist */
+
+ int nSeg; /* Size of aSeg[] array */
+ int bRev; /* True to iterate in reverse order */
+ u8 bSkipEmpty; /* True to skip deleted entries */
+ u8 bEof; /* True at EOF */
+ u8 bFiltered; /* True if column-filter already applied */
+
+ i64 iSwitchRowid; /* Firstest rowid of other than aFirst[1] */
+ Fts5CResult *aFirst; /* Current merge state (see above) */
+ Fts5SegIter aSeg[1]; /* Array of segment iterators */
+};
+
+
+/*
+** An instance of the following type is used to iterate through the contents
+** of a doclist-index record.
+**
+** pData:
+** Record containing the doclist-index data.
+**
+** bEof:
+** Set to true once iterator has reached EOF.
+**
+** iOff:
+** Set to the current offset within record pData.
+*/
+struct Fts5DlidxLvl {
+ Fts5Data *pData; /* Data for current page of this level */
+ int iOff; /* Current offset into pData */
+ int bEof; /* At EOF already */
+ int iFirstOff; /* Used by reverse iterators */
+
+ /* Output variables */
+ int iLeafPgno; /* Page number of current leaf page */
+ i64 iRowid; /* First rowid on leaf iLeafPgno */
+};
+struct Fts5DlidxIter {
+ int nLvl;
+ int iSegid;
+ Fts5DlidxLvl aLvl[1];
+};
+
+static void fts5PutU16(u8 *aOut, u16 iVal){
+ aOut[0] = (iVal>>8);
+ aOut[1] = (iVal&0xFF);
+}
+
+static u16 fts5GetU16(const u8 *aIn){
+ return ((u16)aIn[0] << 8) + aIn[1];
+}
+
+/*
+** Allocate and return a buffer at least nByte bytes in size.
+**
+** If an OOM error is encountered, return NULL and set the error code in
+** the Fts5Index handle passed as the first argument.
+*/
+static void *fts5IdxMalloc(Fts5Index *p, int nByte){
+ return sqlite3Fts5MallocZero(&p->rc, nByte);
+}
+
+/*
+** Compare the contents of the pLeft buffer with the pRight/nRight blob.
+**
+** Return -ve if pLeft is smaller than pRight, 0 if they are equal or
+** +ve if pRight is smaller than pLeft. In other words:
+**
+** res = *pLeft - *pRight
+*/
+#ifdef SQLITE_DEBUG
+static int fts5BufferCompareBlob(
+ Fts5Buffer *pLeft, /* Left hand side of comparison */
+ const u8 *pRight, int nRight /* Right hand side of comparison */
+){
+ int nCmp = MIN(pLeft->n, nRight);
+ int res = memcmp(pLeft->p, pRight, nCmp);
+ return (res==0 ? (pLeft->n - nRight) : res);
+}
+#endif
+
+/*
+** Compare the contents of the two buffers using memcmp(). If one buffer
+** is a prefix of the other, it is considered the lesser.
+**
+** Return -ve if pLeft is smaller than pRight, 0 if they are equal or
+** +ve if pRight is smaller than pLeft. In other words:
+**
+** res = *pLeft - *pRight
+*/
+static int fts5BufferCompare(Fts5Buffer *pLeft, Fts5Buffer *pRight){
+ int nCmp = MIN(pLeft->n, pRight->n);
+ int res = memcmp(pLeft->p, pRight->p, nCmp);
+ return (res==0 ? (pLeft->n - pRight->n) : res);
+}
+
+#ifdef SQLITE_DEBUG
+static int fts5BlobCompare(
+ const u8 *pLeft, int nLeft,
+ const u8 *pRight, int nRight
+){
+ int nCmp = MIN(nLeft, nRight);
+ int res = memcmp(pLeft, pRight, nCmp);
+ return (res==0 ? (nLeft - nRight) : res);
+}
+#endif
+
+static int fts5LeafFirstTermOff(Fts5Data *pLeaf){
+ int ret;
+ fts5GetVarint32(&pLeaf->p[pLeaf->szLeaf], ret);
+ return ret;
+}
+
+/*
+** Close the read-only blob handle, if it is open.
+*/
+static void fts5CloseReader(Fts5Index *p){
+ if( p->pReader ){
+ sqlite3_blob *pReader = p->pReader;
+ p->pReader = 0;
+ sqlite3_blob_close(pReader);
+ }
+}
+
+
+/*
+** Retrieve a record from the %_data table.
+**
+** If an error occurs, NULL is returned and an error left in the
+** Fts5Index object.
+*/
+static Fts5Data *fts5DataRead(Fts5Index *p, i64 iRowid){
+ Fts5Data *pRet = 0;
+ if( p->rc==SQLITE_OK ){
+ int rc = SQLITE_OK;
+
+ if( p->pReader ){
+ /* This call may return SQLITE_ABORT if there has been a savepoint
+ ** rollback since it was last used. In this case a new blob handle
+ ** is required. */
+ sqlite3_blob *pBlob = p->pReader;
+ p->pReader = 0;
+ rc = sqlite3_blob_reopen(pBlob, iRowid);
+ assert( p->pReader==0 );
+ p->pReader = pBlob;
+ if( rc!=SQLITE_OK ){
+ fts5CloseReader(p);
+ }
+ if( rc==SQLITE_ABORT ) rc = SQLITE_OK;
+ }
+
+ /* If the blob handle is not open at this point, open it and seek
+ ** to the requested entry. */
+ if( p->pReader==0 && rc==SQLITE_OK ){
+ Fts5Config *pConfig = p->pConfig;
+ rc = sqlite3_blob_open(pConfig->db,
+ pConfig->zDb, p->zDataTbl, "block", iRowid, 0, &p->pReader
+ );
+ }
+
+ /* If either of the sqlite3_blob_open() or sqlite3_blob_reopen() calls
+ ** above returned SQLITE_ERROR, return SQLITE_CORRUPT_VTAB instead.
+ ** All the reasons those functions might return SQLITE_ERROR - missing
+ ** table, missing row, non-blob/text in block column - indicate
+ ** backing store corruption. */
+ if( rc==SQLITE_ERROR ) rc = FTS5_CORRUPT;
+
+ if( rc==SQLITE_OK ){
+ u8 *aOut = 0; /* Read blob data into this buffer */
+ int nByte = sqlite3_blob_bytes(p->pReader);
+ int nAlloc = sizeof(Fts5Data) + nByte + FTS5_DATA_PADDING;
+ pRet = (Fts5Data*)sqlite3_malloc(nAlloc);
+ if( pRet ){
+ pRet->nn = nByte;
+ aOut = pRet->p = (u8*)&pRet[1];
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_blob_read(p->pReader, aOut, nByte, 0);
+ }
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(pRet);
+ pRet = 0;
+ }else{
+ /* TODO1: Fix this */
+ pRet->szLeaf = fts5GetU16(&pRet->p[2]);
+ }
+ }
+ p->rc = rc;
+ p->nRead++;
+ }
+
+ assert( (pRet==0)==(p->rc!=SQLITE_OK) );
+ return pRet;
+}
+
+/*
+** Release a reference to data record returned by an earlier call to
+** fts5DataRead().
+*/
+static void fts5DataRelease(Fts5Data *pData){
+ sqlite3_free(pData);
+}
+
+static int fts5IndexPrepareStmt(
+ Fts5Index *p,
+ sqlite3_stmt **ppStmt,
+ char *zSql
+){
+ if( p->rc==SQLITE_OK ){
+ if( zSql ){
+ p->rc = sqlite3_prepare_v2(p->pConfig->db, zSql, -1, ppStmt, 0);
+ }else{
+ p->rc = SQLITE_NOMEM;
+ }
+ }
+ sqlite3_free(zSql);
+ return p->rc;
+}
+
+
+/*
+** INSERT OR REPLACE a record into the %_data table.
+*/
+static void fts5DataWrite(Fts5Index *p, i64 iRowid, const u8 *pData, int nData){
+ if( p->rc!=SQLITE_OK ) return;
+
+ if( p->pWriter==0 ){
+ Fts5Config *pConfig = p->pConfig;
+ fts5IndexPrepareStmt(p, &p->pWriter, sqlite3_mprintf(
+ "REPLACE INTO '%q'.'%q_data'(id, block) VALUES(?,?)",
+ pConfig->zDb, pConfig->zName
+ ));
+ if( p->rc ) return;
+ }
+
+ sqlite3_bind_int64(p->pWriter, 1, iRowid);
+ sqlite3_bind_blob(p->pWriter, 2, pData, nData, SQLITE_STATIC);
+ sqlite3_step(p->pWriter);
+ p->rc = sqlite3_reset(p->pWriter);
+}
+
+/*
+** Execute the following SQL:
+**
+** DELETE FROM %_data WHERE id BETWEEN $iFirst AND $iLast
+*/
+static void fts5DataDelete(Fts5Index *p, i64 iFirst, i64 iLast){
+ if( p->rc!=SQLITE_OK ) return;
+
+ if( p->pDeleter==0 ){
+ int rc;
+ Fts5Config *pConfig = p->pConfig;
+ char *zSql = sqlite3_mprintf(
+ "DELETE FROM '%q'.'%q_data' WHERE id>=? AND id<=?",
+ pConfig->zDb, pConfig->zName
+ );
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(pConfig->db, zSql, -1, &p->pDeleter, 0);
+ sqlite3_free(zSql);
+ }
+ if( rc!=SQLITE_OK ){
+ p->rc = rc;
+ return;
+ }
+ }
+
+ sqlite3_bind_int64(p->pDeleter, 1, iFirst);
+ sqlite3_bind_int64(p->pDeleter, 2, iLast);
+ sqlite3_step(p->pDeleter);
+ p->rc = sqlite3_reset(p->pDeleter);
+}
+
+/*
+** Remove all records associated with segment iSegid.
+*/
+static void fts5DataRemoveSegment(Fts5Index *p, int iSegid){
+ i64 iFirst = FTS5_SEGMENT_ROWID(iSegid, 0);
+ i64 iLast = FTS5_SEGMENT_ROWID(iSegid+1, 0)-1;
+ fts5DataDelete(p, iFirst, iLast);
+ if( p->pIdxDeleter==0 ){
+ Fts5Config *pConfig = p->pConfig;
+ fts5IndexPrepareStmt(p, &p->pIdxDeleter, sqlite3_mprintf(
+ "DELETE FROM '%q'.'%q_idx' WHERE segid=?",
+ pConfig->zDb, pConfig->zName
+ ));
+ }
+ if( p->rc==SQLITE_OK ){
+ sqlite3_bind_int(p->pIdxDeleter, 1, iSegid);
+ sqlite3_step(p->pIdxDeleter);
+ p->rc = sqlite3_reset(p->pIdxDeleter);
+ }
+}
+
+/*
+** Release a reference to an Fts5Structure object returned by an earlier
+** call to fts5StructureRead() or fts5StructureDecode().
+*/
+static void fts5StructureRelease(Fts5Structure *pStruct){
+ if( pStruct && 0>=(--pStruct->nRef) ){
+ int i;
+ assert( pStruct->nRef==0 );
+ for(i=0; i<pStruct->nLevel; i++){
+ sqlite3_free(pStruct->aLevel[i].aSeg);
+ }
+ sqlite3_free(pStruct);
+ }
+}
+
+static void fts5StructureRef(Fts5Structure *pStruct){
+ pStruct->nRef++;
+}
+
+/*
+** Deserialize and return the structure record currently stored in serialized
+** form within buffer pData/nData.
+**
+** The Fts5Structure.aLevel[] and each Fts5StructureLevel.aSeg[] array
+** are over-allocated by one slot. This allows the structure contents
+** to be more easily edited.
+**
+** If an error occurs, *ppOut is set to NULL and an SQLite error code
+** returned. Otherwise, *ppOut is set to point to the new object and
+** SQLITE_OK returned.
+*/
+static int fts5StructureDecode(
+ const u8 *pData, /* Buffer containing serialized structure */
+ int nData, /* Size of buffer pData in bytes */
+ int *piCookie, /* Configuration cookie value */
+ Fts5Structure **ppOut /* OUT: Deserialized object */
+){
+ int rc = SQLITE_OK;
+ int i = 0;
+ int iLvl;
+ int nLevel = 0;
+ int nSegment = 0;
+ int nByte; /* Bytes of space to allocate at pRet */
+ Fts5Structure *pRet = 0; /* Structure object to return */
+
+ /* Grab the cookie value */
+ if( piCookie ) *piCookie = sqlite3Fts5Get32(pData);
+ i = 4;
+
+ /* Read the total number of levels and segments from the start of the
+ ** structure record. */
+ i += fts5GetVarint32(&pData[i], nLevel);
+ i += fts5GetVarint32(&pData[i], nSegment);
+ nByte = (
+ sizeof(Fts5Structure) + /* Main structure */
+ sizeof(Fts5StructureLevel) * (nLevel-1) /* aLevel[] array */
+ );
+ pRet = (Fts5Structure*)sqlite3Fts5MallocZero(&rc, nByte);
+
+ if( pRet ){
+ pRet->nRef = 1;
+ pRet->nLevel = nLevel;
+ pRet->nSegment = nSegment;
+ i += sqlite3Fts5GetVarint(&pData[i], &pRet->nWriteCounter);
+
+ for(iLvl=0; rc==SQLITE_OK && iLvl<nLevel; iLvl++){
+ Fts5StructureLevel *pLvl = &pRet->aLevel[iLvl];
+ int nTotal;
+ int iSeg;
+
+ i += fts5GetVarint32(&pData[i], pLvl->nMerge);
+ i += fts5GetVarint32(&pData[i], nTotal);
+ assert( nTotal>=pLvl->nMerge );
+ pLvl->aSeg = (Fts5StructureSegment*)sqlite3Fts5MallocZero(&rc,
+ nTotal * sizeof(Fts5StructureSegment)
+ );
+
+ if( rc==SQLITE_OK ){
+ pLvl->nSeg = nTotal;
+ for(iSeg=0; iSeg<nTotal; iSeg++){
+ i += fts5GetVarint32(&pData[i], pLvl->aSeg[iSeg].iSegid);
+ i += fts5GetVarint32(&pData[i], pLvl->aSeg[iSeg].pgnoFirst);
+ i += fts5GetVarint32(&pData[i], pLvl->aSeg[iSeg].pgnoLast);
+ }
+ }else{
+ fts5StructureRelease(pRet);
+ pRet = 0;
+ }
+ }
+ }
+
+ *ppOut = pRet;
+ return rc;
+}
+
+/*
+**
+*/
+static void fts5StructureAddLevel(int *pRc, Fts5Structure **ppStruct){
+ if( *pRc==SQLITE_OK ){
+ Fts5Structure *pStruct = *ppStruct;
+ int nLevel = pStruct->nLevel;
+ int nByte = (
+ sizeof(Fts5Structure) + /* Main structure */
+ sizeof(Fts5StructureLevel) * (nLevel+1) /* aLevel[] array */
+ );
+
+ pStruct = sqlite3_realloc(pStruct, nByte);
+ if( pStruct ){
+ memset(&pStruct->aLevel[nLevel], 0, sizeof(Fts5StructureLevel));
+ pStruct->nLevel++;
+ *ppStruct = pStruct;
+ }else{
+ *pRc = SQLITE_NOMEM;
+ }
+ }
+}
+
+/*
+** Extend level iLvl so that there is room for at least nExtra more
+** segments.
+*/
+static void fts5StructureExtendLevel(
+ int *pRc,
+ Fts5Structure *pStruct,
+ int iLvl,
+ int nExtra,
+ int bInsert
+){
+ if( *pRc==SQLITE_OK ){
+ Fts5StructureLevel *pLvl = &pStruct->aLevel[iLvl];
+ Fts5StructureSegment *aNew;
+ int nByte;
+
+ nByte = (pLvl->nSeg + nExtra) * sizeof(Fts5StructureSegment);
+ aNew = sqlite3_realloc(pLvl->aSeg, nByte);
+ if( aNew ){
+ if( bInsert==0 ){
+ memset(&aNew[pLvl->nSeg], 0, sizeof(Fts5StructureSegment) * nExtra);
+ }else{
+ int nMove = pLvl->nSeg * sizeof(Fts5StructureSegment);
+ memmove(&aNew[nExtra], aNew, nMove);
+ memset(aNew, 0, sizeof(Fts5StructureSegment) * nExtra);
+ }
+ pLvl->aSeg = aNew;
+ }else{
+ *pRc = SQLITE_NOMEM;
+ }
+ }
+}
+
+/*
+** Read, deserialize and return the structure record.
+**
+** The Fts5Structure.aLevel[] and each Fts5StructureLevel.aSeg[] array
+** are over-allocated as described for function fts5StructureDecode()
+** above.
+**
+** If an error occurs, NULL is returned and an error code left in the
+** Fts5Index handle. If an error has already occurred when this function
+** is called, it is a no-op.
+*/
+static Fts5Structure *fts5StructureRead(Fts5Index *p){
+ Fts5Config *pConfig = p->pConfig;
+ Fts5Structure *pRet = 0; /* Object to return */
+ int iCookie; /* Configuration cookie */
+ Fts5Data *pData;
+
+ pData = fts5DataRead(p, FTS5_STRUCTURE_ROWID);
+ if( p->rc ) return 0;
+ /* TODO: Do we need this if the leaf-index is appended? Probably... */
+ memset(&pData->p[pData->nn], 0, FTS5_DATA_PADDING);
+ p->rc = fts5StructureDecode(pData->p, pData->nn, &iCookie, &pRet);
+ if( p->rc==SQLITE_OK && pConfig->iCookie!=iCookie ){
+ p->rc = sqlite3Fts5ConfigLoad(pConfig, iCookie);
+ }
+
+ fts5DataRelease(pData);
+ if( p->rc!=SQLITE_OK ){
+ fts5StructureRelease(pRet);
+ pRet = 0;
+ }
+ return pRet;
+}
+
+/*
+** Return the total number of segments in index structure pStruct. This
+** function is only ever used as part of assert() conditions.
+*/
+#ifdef SQLITE_DEBUG
+static int fts5StructureCountSegments(Fts5Structure *pStruct){
+ int nSegment = 0; /* Total number of segments */
+ if( pStruct ){
+ int iLvl; /* Used to iterate through levels */
+ for(iLvl=0; iLvl<pStruct->nLevel; iLvl++){
+ nSegment += pStruct->aLevel[iLvl].nSeg;
+ }
+ }
+
+ return nSegment;
+}
+#endif
+
+#define fts5BufferSafeAppendBlob(pBuf, pBlob, nBlob) { \
+ assert( (pBuf)->nSpace>=((pBuf)->n+nBlob) ); \
+ memcpy(&(pBuf)->p[(pBuf)->n], pBlob, nBlob); \
+ (pBuf)->n += nBlob; \
+}
+
+#define fts5BufferSafeAppendVarint(pBuf, iVal) { \
+ (pBuf)->n += sqlite3Fts5PutVarint(&(pBuf)->p[(pBuf)->n], (iVal)); \
+ assert( (pBuf)->nSpace>=(pBuf)->n ); \
+}
+
+
+/*
+** Serialize and store the "structure" record.
+**
+** If an error occurs, leave an error code in the Fts5Index object. If an
+** error has already occurred, this function is a no-op.
+*/
+static void fts5StructureWrite(Fts5Index *p, Fts5Structure *pStruct){
+ if( p->rc==SQLITE_OK ){
+ Fts5Buffer buf; /* Buffer to serialize record into */
+ int iLvl; /* Used to iterate through levels */
+ int iCookie; /* Cookie value to store */
+
+ assert( pStruct->nSegment==fts5StructureCountSegments(pStruct) );
+ memset(&buf, 0, sizeof(Fts5Buffer));
+
+ /* Append the current configuration cookie */
+ iCookie = p->pConfig->iCookie;
+ if( iCookie<0 ) iCookie = 0;
+
+ if( 0==sqlite3Fts5BufferSize(&p->rc, &buf, 4+9+9+9) ){
+ sqlite3Fts5Put32(buf.p, iCookie);
+ buf.n = 4;
+ fts5BufferSafeAppendVarint(&buf, pStruct->nLevel);
+ fts5BufferSafeAppendVarint(&buf, pStruct->nSegment);
+ fts5BufferSafeAppendVarint(&buf, (i64)pStruct->nWriteCounter);
+ }
+
+ for(iLvl=0; iLvl<pStruct->nLevel; iLvl++){
+ int iSeg; /* Used to iterate through segments */
+ Fts5StructureLevel *pLvl = &pStruct->aLevel[iLvl];
+ fts5BufferAppendVarint(&p->rc, &buf, pLvl->nMerge);
+ fts5BufferAppendVarint(&p->rc, &buf, pLvl->nSeg);
+ assert( pLvl->nMerge<=pLvl->nSeg );
+
+ for(iSeg=0; iSeg<pLvl->nSeg; iSeg++){
+ fts5BufferAppendVarint(&p->rc, &buf, pLvl->aSeg[iSeg].iSegid);
+ fts5BufferAppendVarint(&p->rc, &buf, pLvl->aSeg[iSeg].pgnoFirst);
+ fts5BufferAppendVarint(&p->rc, &buf, pLvl->aSeg[iSeg].pgnoLast);
+ }
+ }
+
+ fts5DataWrite(p, FTS5_STRUCTURE_ROWID, buf.p, buf.n);
+ fts5BufferFree(&buf);
+ }
+}
+
+#if 0
+static void fts5DebugStructure(int*,Fts5Buffer*,Fts5Structure*);
+static void fts5PrintStructure(const char *zCaption, Fts5Structure *pStruct){
+ int rc = SQLITE_OK;
+ Fts5Buffer buf;
+ memset(&buf, 0, sizeof(buf));
+ fts5DebugStructure(&rc, &buf, pStruct);
+ fprintf(stdout, "%s: %s\n", zCaption, buf.p);
+ fflush(stdout);
+ fts5BufferFree(&buf);
+}
+#else
+# define fts5PrintStructure(x,y)
+#endif
+
+static int fts5SegmentSize(Fts5StructureSegment *pSeg){
+ return 1 + pSeg->pgnoLast - pSeg->pgnoFirst;
+}
+
+/*
+** Return a copy of index structure pStruct. Except, promote as many
+** segments as possible to level iPromote. If an OOM occurs, NULL is
+** returned.
+*/
+static void fts5StructurePromoteTo(
+ Fts5Index *p,
+ int iPromote,
+ int szPromote,
+ Fts5Structure *pStruct
+){
+ int il, is;
+ Fts5StructureLevel *pOut = &pStruct->aLevel[iPromote];
+
+ if( pOut->nMerge==0 ){
+ for(il=iPromote+1; il<pStruct->nLevel; il++){
+ Fts5StructureLevel *pLvl = &pStruct->aLevel[il];
+ if( pLvl->nMerge ) return;
+ for(is=pLvl->nSeg-1; is>=0; is--){
+ int sz = fts5SegmentSize(&pLvl->aSeg[is]);
+ if( sz>szPromote ) return;
+ fts5StructureExtendLevel(&p->rc, pStruct, iPromote, 1, 1);
+ if( p->rc ) return;
+ memcpy(pOut->aSeg, &pLvl->aSeg[is], sizeof(Fts5StructureSegment));
+ pOut->nSeg++;
+ pLvl->nSeg--;
+ }
+ }
+ }
+}
+
+/*
+** A new segment has just been written to level iLvl of index structure
+** pStruct. This function determines if any segments should be promoted
+** as a result. Segments are promoted in two scenarios:
+**
+** a) If the segment just written is smaller than one or more segments
+** within the previous populated level, it is promoted to the previous
+** populated level.
+**
+** b) If the segment just written is larger than the newest segment on
+** the next populated level, then that segment, and any other adjacent
+** segments that are also smaller than the one just written, are
+** promoted.
+**
+** If one or more segments are promoted, the structure object is updated
+** to reflect this.
+*/
+static void fts5StructurePromote(
+ Fts5Index *p, /* FTS5 backend object */
+ int iLvl, /* Index level just updated */
+ Fts5Structure *pStruct /* Index structure */
+){
+ if( p->rc==SQLITE_OK ){
+ int iTst;
+ int iPromote = -1;
+ int szPromote = 0; /* Promote anything this size or smaller */
+ Fts5StructureSegment *pSeg; /* Segment just written */
+ int szSeg; /* Size of segment just written */
+ int nSeg = pStruct->aLevel[iLvl].nSeg;
+
+ if( nSeg==0 ) return;
+ pSeg = &pStruct->aLevel[iLvl].aSeg[pStruct->aLevel[iLvl].nSeg-1];
+ szSeg = (1 + pSeg->pgnoLast - pSeg->pgnoFirst);
+
+ /* Check for condition (a) */
+ for(iTst=iLvl-1; iTst>=0 && pStruct->aLevel[iTst].nSeg==0; iTst--);
+ if( iTst>=0 ){
+ int i;
+ int szMax = 0;
+ Fts5StructureLevel *pTst = &pStruct->aLevel[iTst];
+ assert( pTst->nMerge==0 );
+ for(i=0; i<pTst->nSeg; i++){
+ int sz = pTst->aSeg[i].pgnoLast - pTst->aSeg[i].pgnoFirst + 1;
+ if( sz>szMax ) szMax = sz;
+ }
+ if( szMax>=szSeg ){
+ /* Condition (a) is true. Promote the newest segment on level
+ ** iLvl to level iTst. */
+ iPromote = iTst;
+ szPromote = szMax;
+ }
+ }
+
+ /* If condition (a) is not met, assume (b) is true. StructurePromoteTo()
+ ** is a no-op if it is not. */
+ if( iPromote<0 ){
+ iPromote = iLvl;
+ szPromote = szSeg;
+ }
+ fts5StructurePromoteTo(p, iPromote, szPromote, pStruct);
+ }
+}
+
+
+/*
+** Advance the iterator passed as the only argument. If the end of the
+** doclist-index page is reached, return non-zero.
+*/
+static int fts5DlidxLvlNext(Fts5DlidxLvl *pLvl){
+ Fts5Data *pData = pLvl->pData;
+
+ if( pLvl->iOff==0 ){
+ assert( pLvl->bEof==0 );
+ pLvl->iOff = 1;
+ pLvl->iOff += fts5GetVarint32(&pData->p[1], pLvl->iLeafPgno);
+ pLvl->iOff += fts5GetVarint(&pData->p[pLvl->iOff], (u64*)&pLvl->iRowid);
+ pLvl->iFirstOff = pLvl->iOff;
+ }else{
+ int iOff;
+ for(iOff=pLvl->iOff; iOff<pData->nn; iOff++){
+ if( pData->p[iOff] ) break;
+ }
+
+ if( iOff<pData->nn ){
+ i64 iVal;
+ pLvl->iLeafPgno += (iOff - pLvl->iOff) + 1;
+ iOff += fts5GetVarint(&pData->p[iOff], (u64*)&iVal);
+ pLvl->iRowid += iVal;
+ pLvl->iOff = iOff;
+ }else{
+ pLvl->bEof = 1;
+ }
+ }
+
+ return pLvl->bEof;
+}
+
+/*
+** Advance the iterator passed as the only argument.
+*/
+static int fts5DlidxIterNextR(Fts5Index *p, Fts5DlidxIter *pIter, int iLvl){
+ Fts5DlidxLvl *pLvl = &pIter->aLvl[iLvl];
+
+ assert( iLvl<pIter->nLvl );
+ if( fts5DlidxLvlNext(pLvl) ){
+ if( (iLvl+1) < pIter->nLvl ){
+ fts5DlidxIterNextR(p, pIter, iLvl+1);
+ if( pLvl[1].bEof==0 ){
+ fts5DataRelease(pLvl->pData);
+ memset(pLvl, 0, sizeof(Fts5DlidxLvl));
+ pLvl->pData = fts5DataRead(p,
+ FTS5_DLIDX_ROWID(pIter->iSegid, iLvl, pLvl[1].iLeafPgno)
+ );
+ if( pLvl->pData ) fts5DlidxLvlNext(pLvl);
+ }
+ }
+ }
+
+ return pIter->aLvl[0].bEof;
+}
+static int fts5DlidxIterNext(Fts5Index *p, Fts5DlidxIter *pIter){
+ return fts5DlidxIterNextR(p, pIter, 0);
+}
+
+/*
+** The iterator passed as the first argument has the following fields set
+** as follows. This function sets up the rest of the iterator so that it
+** points to the first rowid in the doclist-index.
+**
+** pData:
+** pointer to doclist-index record,
+**
+** When this function is called pIter->iLeafPgno is the page number the
+** doclist is associated with (the one featuring the term).
+*/
+static int fts5DlidxIterFirst(Fts5DlidxIter *pIter){
+ int i;
+ for(i=0; i<pIter->nLvl; i++){
+ fts5DlidxLvlNext(&pIter->aLvl[i]);
+ }
+ return pIter->aLvl[0].bEof;
+}
+
+
+static int fts5DlidxIterEof(Fts5Index *p, Fts5DlidxIter *pIter){
+ return p->rc!=SQLITE_OK || pIter->aLvl[0].bEof;
+}
+
+static void fts5DlidxIterLast(Fts5Index *p, Fts5DlidxIter *pIter){
+ int i;
+
+ /* Advance each level to the last entry on the last page */
+ for(i=pIter->nLvl-1; p->rc==SQLITE_OK && i>=0; i--){
+ Fts5DlidxLvl *pLvl = &pIter->aLvl[i];
+ while( fts5DlidxLvlNext(pLvl)==0 );
+ pLvl->bEof = 0;
+
+ if( i>0 ){
+ Fts5DlidxLvl *pChild = &pLvl[-1];
+ fts5DataRelease(pChild->pData);
+ memset(pChild, 0, sizeof(Fts5DlidxLvl));
+ pChild->pData = fts5DataRead(p,
+ FTS5_DLIDX_ROWID(pIter->iSegid, i-1, pLvl->iLeafPgno)
+ );
+ }
+ }
+}
+
+/*
+** Move the iterator passed as the only argument to the previous entry.
+*/
+static int fts5DlidxLvlPrev(Fts5DlidxLvl *pLvl){
+ int iOff = pLvl->iOff;
+
+ assert( pLvl->bEof==0 );
+ if( iOff<=pLvl->iFirstOff ){
+ pLvl->bEof = 1;
+ }else{
+ u8 *a = pLvl->pData->p;
+ i64 iVal;
+ int iLimit;
+ int ii;
+ int nZero = 0;
+
+ /* Currently iOff points to the first byte of a varint. This block
+ ** decrements iOff until it points to the first byte of the previous
+ ** varint. Taking care not to read any memory locations that occur
+ ** before the buffer in memory. */
+ iLimit = (iOff>9 ? iOff-9 : 0);
+ for(iOff--; iOff>iLimit; iOff--){
+ if( (a[iOff-1] & 0x80)==0 ) break;
+ }
+
+ fts5GetVarint(&a[iOff], (u64*)&iVal);
+ pLvl->iRowid -= iVal;
+ pLvl->iLeafPgno--;
+
+ /* Skip backwards past any 0x00 varints. */
+ for(ii=iOff-1; ii>=pLvl->iFirstOff && a[ii]==0x00; ii--){
+ nZero++;
+ }
+ if( ii>=pLvl->iFirstOff && (a[ii] & 0x80) ){
+ /* The byte immediately before the last 0x00 byte has the 0x80 bit
+ ** set. So the last 0x00 is only a varint 0 if there are 8 more 0x80
+ ** bytes before a[ii]. */
+ int bZero = 0; /* True if last 0x00 counts */
+ if( (ii-8)>=pLvl->iFirstOff ){
+ int j;
+ for(j=1; j<=8 && (a[ii-j] & 0x80); j++);
+ bZero = (j>8);
+ }
+ if( bZero==0 ) nZero--;
+ }
+ pLvl->iLeafPgno -= nZero;
+ pLvl->iOff = iOff - nZero;
+ }
+
+ return pLvl->bEof;
+}
+
+static int fts5DlidxIterPrevR(Fts5Index *p, Fts5DlidxIter *pIter, int iLvl){
+ Fts5DlidxLvl *pLvl = &pIter->aLvl[iLvl];
+
+ assert( iLvl<pIter->nLvl );
+ if( fts5DlidxLvlPrev(pLvl) ){
+ if( (iLvl+1) < pIter->nLvl ){
+ fts5DlidxIterPrevR(p, pIter, iLvl+1);
+ if( pLvl[1].bEof==0 ){
+ fts5DataRelease(pLvl->pData);
+ memset(pLvl, 0, sizeof(Fts5DlidxLvl));
+ pLvl->pData = fts5DataRead(p,
+ FTS5_DLIDX_ROWID(pIter->iSegid, iLvl, pLvl[1].iLeafPgno)
+ );
+ if( pLvl->pData ){
+ while( fts5DlidxLvlNext(pLvl)==0 );
+ pLvl->bEof = 0;
+ }
+ }
+ }
+ }
+
+ return pIter->aLvl[0].bEof;
+}
+static int fts5DlidxIterPrev(Fts5Index *p, Fts5DlidxIter *pIter){
+ return fts5DlidxIterPrevR(p, pIter, 0);
+}
+
+/*
+** Free a doclist-index iterator object allocated by fts5DlidxIterInit().
+*/
+static void fts5DlidxIterFree(Fts5DlidxIter *pIter){
+ if( pIter ){
+ int i;
+ for(i=0; i<pIter->nLvl; i++){
+ fts5DataRelease(pIter->aLvl[i].pData);
+ }
+ sqlite3_free(pIter);
+ }
+}
+
+static Fts5DlidxIter *fts5DlidxIterInit(
+ Fts5Index *p, /* Fts5 Backend to iterate within */
+ int bRev, /* True for ORDER BY ASC */
+ int iSegid, /* Segment id */
+ int iLeafPg /* Leaf page number to load dlidx for */
+){
+ Fts5DlidxIter *pIter = 0;
+ int i;
+ int bDone = 0;
+
+ for(i=0; p->rc==SQLITE_OK && bDone==0; i++){
+ int nByte = sizeof(Fts5DlidxIter) + i * sizeof(Fts5DlidxLvl);
+ Fts5DlidxIter *pNew;
+
+ pNew = (Fts5DlidxIter*)sqlite3_realloc(pIter, nByte);
+ if( pNew==0 ){
+ p->rc = SQLITE_NOMEM;
+ }else{
+ i64 iRowid = FTS5_DLIDX_ROWID(iSegid, i, iLeafPg);
+ Fts5DlidxLvl *pLvl = &pNew->aLvl[i];
+ pIter = pNew;
+ memset(pLvl, 0, sizeof(Fts5DlidxLvl));
+ pLvl->pData = fts5DataRead(p, iRowid);
+ if( pLvl->pData && (pLvl->pData->p[0] & 0x0001)==0 ){
+ bDone = 1;
+ }
+ pIter->nLvl = i+1;
+ }
+ }
+
+ if( p->rc==SQLITE_OK ){
+ pIter->iSegid = iSegid;
+ if( bRev==0 ){
+ fts5DlidxIterFirst(pIter);
+ }else{
+ fts5DlidxIterLast(p, pIter);
+ }
+ }
+
+ if( p->rc!=SQLITE_OK ){
+ fts5DlidxIterFree(pIter);
+ pIter = 0;
+ }
+
+ return pIter;
+}
+
+static i64 fts5DlidxIterRowid(Fts5DlidxIter *pIter){
+ return pIter->aLvl[0].iRowid;
+}
+static int fts5DlidxIterPgno(Fts5DlidxIter *pIter){
+ return pIter->aLvl[0].iLeafPgno;
+}
+
+/*
+** Load the next leaf page into the segment iterator.
+*/
+static void fts5SegIterNextPage(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5SegIter *pIter /* Iterator to advance to next page */
+){
+ Fts5Data *pLeaf;
+ Fts5StructureSegment *pSeg = pIter->pSeg;
+ fts5DataRelease(pIter->pLeaf);
+ pIter->iLeafPgno++;
+ if( pIter->pNextLeaf ){
+ pIter->pLeaf = pIter->pNextLeaf;
+ pIter->pNextLeaf = 0;
+ }else if( pIter->iLeafPgno<=pSeg->pgnoLast ){
+ pIter->pLeaf = fts5DataRead(p,
+ FTS5_SEGMENT_ROWID(pSeg->iSegid, pIter->iLeafPgno)
+ );
+ }else{
+ pIter->pLeaf = 0;
+ }
+ pLeaf = pIter->pLeaf;
+
+ if( pLeaf ){
+ pIter->iPgidxOff = pLeaf->szLeaf;
+ if( fts5LeafIsTermless(pLeaf) ){
+ pIter->iEndofDoclist = pLeaf->nn+1;
+ }else{
+ pIter->iPgidxOff += fts5GetVarint32(&pLeaf->p[pIter->iPgidxOff],
+ pIter->iEndofDoclist
+ );
+ }
+ }
+}
+
+/*
+** Argument p points to a buffer containing a varint to be interpreted as a
+** position list size field. Read the varint and return the number of bytes
+** read. Before returning, set *pnSz to the number of bytes in the position
+** list, and *pbDel to true if the delete flag is set, or false otherwise.
+*/
+static int fts5GetPoslistSize(const u8 *p, int *pnSz, int *pbDel){
+ int nSz;
+ int n = 0;
+ fts5FastGetVarint32(p, n, nSz);
+ assert_nc( nSz>=0 );
+ *pnSz = nSz/2;
+ *pbDel = nSz & 0x0001;
+ return n;
+}
+
+/*
+** Fts5SegIter.iLeafOffset currently points to the first byte of a
+** position-list size field. Read the value of the field and store it
+** in the following variables:
+**
+** Fts5SegIter.nPos
+** Fts5SegIter.bDel
+**
+** Leave Fts5SegIter.iLeafOffset pointing to the first byte of the
+** position list content (if any).
+*/
+static void fts5SegIterLoadNPos(Fts5Index *p, Fts5SegIter *pIter){
+ if( p->rc==SQLITE_OK ){
+ int iOff = pIter->iLeafOffset; /* Offset to read at */
+ int nSz;
+ ASSERT_SZLEAF_OK(pIter->pLeaf);
+ fts5FastGetVarint32(pIter->pLeaf->p, iOff, nSz);
+ pIter->bDel = (nSz & 0x0001);
+ pIter->nPos = nSz>>1;
+ pIter->iLeafOffset = iOff;
+ assert_nc( pIter->nPos>=0 );
+ }
+}
+
+static void fts5SegIterLoadRowid(Fts5Index *p, Fts5SegIter *pIter){
+ u8 *a = pIter->pLeaf->p; /* Buffer to read data from */
+ int iOff = pIter->iLeafOffset;
+
+ ASSERT_SZLEAF_OK(pIter->pLeaf);
+ if( iOff>=pIter->pLeaf->szLeaf ){
+ fts5SegIterNextPage(p, pIter);
+ if( pIter->pLeaf==0 ){
+ if( p->rc==SQLITE_OK ) p->rc = FTS5_CORRUPT;
+ return;
+ }
+ iOff = 4;
+ a = pIter->pLeaf->p;
+ }
+ iOff += sqlite3Fts5GetVarint(&a[iOff], (u64*)&pIter->iRowid);
+ pIter->iLeafOffset = iOff;
+}
+
+/*
+** Fts5SegIter.iLeafOffset currently points to the first byte of the
+** "nSuffix" field of a term. Function parameter nKeep contains the value
+** of the "nPrefix" field (if there was one - it is passed 0 if this is
+** the first term in the segment).
+**
+** This function populates:
+**
+** Fts5SegIter.term
+** Fts5SegIter.rowid
+**
+** accordingly and leaves (Fts5SegIter.iLeafOffset) set to the content of
+** the first position list. The position list belonging to document
+** (Fts5SegIter.iRowid).
+*/
+static void fts5SegIterLoadTerm(Fts5Index *p, Fts5SegIter *pIter, int nKeep){
+ u8 *a = pIter->pLeaf->p; /* Buffer to read data from */
+ int iOff = pIter->iLeafOffset; /* Offset to read at */
+ int nNew; /* Bytes of new data */
+
+ iOff += fts5GetVarint32(&a[iOff], nNew);
+ pIter->term.n = nKeep;
+ fts5BufferAppendBlob(&p->rc, &pIter->term, nNew, &a[iOff]);
+ iOff += nNew;
+ pIter->iTermLeafOffset = iOff;
+ pIter->iTermLeafPgno = pIter->iLeafPgno;
+ pIter->iLeafOffset = iOff;
+
+ if( pIter->iPgidxOff>=pIter->pLeaf->nn ){
+ pIter->iEndofDoclist = pIter->pLeaf->nn+1;
+ }else{
+ int nExtra;
+ pIter->iPgidxOff += fts5GetVarint32(&a[pIter->iPgidxOff], nExtra);
+ pIter->iEndofDoclist += nExtra;
+ }
+
+ fts5SegIterLoadRowid(p, pIter);
+}
+
+/*
+** Initialize the iterator object pIter to iterate through the entries in
+** segment pSeg. The iterator is left pointing to the first entry when
+** this function returns.
+**
+** If an error occurs, Fts5Index.rc is set to an appropriate error code. If
+** an error has already occurred when this function is called, it is a no-op.
+*/
+static void fts5SegIterInit(
+ Fts5Index *p, /* FTS index object */
+ Fts5StructureSegment *pSeg, /* Description of segment */
+ Fts5SegIter *pIter /* Object to populate */
+){
+ if( pSeg->pgnoFirst==0 ){
+ /* This happens if the segment is being used as an input to an incremental
+ ** merge and all data has already been "trimmed". See function
+ ** fts5TrimSegments() for details. In this case leave the iterator empty.
+ ** The caller will see the (pIter->pLeaf==0) and assume the iterator is
+ ** at EOF already. */
+ assert( pIter->pLeaf==0 );
+ return;
+ }
+
+ if( p->rc==SQLITE_OK ){
+ memset(pIter, 0, sizeof(*pIter));
+ pIter->pSeg = pSeg;
+ pIter->iLeafPgno = pSeg->pgnoFirst-1;
+ fts5SegIterNextPage(p, pIter);
+ }
+
+ if( p->rc==SQLITE_OK ){
+ pIter->iLeafOffset = 4;
+ assert_nc( pIter->pLeaf->nn>4 );
+ assert( fts5LeafFirstTermOff(pIter->pLeaf)==4 );
+ pIter->iPgidxOff = pIter->pLeaf->szLeaf+1;
+ fts5SegIterLoadTerm(p, pIter, 0);
+ fts5SegIterLoadNPos(p, pIter);
+ }
+}
+
+/*
+** This function is only ever called on iterators created by calls to
+** Fts5IndexQuery() with the FTS5INDEX_QUERY_DESC flag set.
+**
+** The iterator is in an unusual state when this function is called: the
+** Fts5SegIter.iLeafOffset variable is set to the offset of the start of
+** the position-list size field for the first relevant rowid on the page.
+** Fts5SegIter.rowid is set, but nPos and bDel are not.
+**
+** This function advances the iterator so that it points to the last
+** relevant rowid on the page and, if necessary, initializes the
+** aRowidOffset[] and iRowidOffset variables. At this point the iterator
+** is in its regular state - Fts5SegIter.iLeafOffset points to the first
+** byte of the position list content associated with said rowid.
+*/
+static void fts5SegIterReverseInitPage(Fts5Index *p, Fts5SegIter *pIter){
+ int n = pIter->pLeaf->szLeaf;
+ int i = pIter->iLeafOffset;
+ u8 *a = pIter->pLeaf->p;
+ int iRowidOffset = 0;
+
+ if( n>pIter->iEndofDoclist ){
+ n = pIter->iEndofDoclist;
+ }
+
+ ASSERT_SZLEAF_OK(pIter->pLeaf);
+ while( 1 ){
+ i64 iDelta = 0;
+ int nPos;
+ int bDummy;
+
+ i += fts5GetPoslistSize(&a[i], &nPos, &bDummy);
+ i += nPos;
+ if( i>=n ) break;
+ i += fts5GetVarint(&a[i], (u64*)&iDelta);
+ pIter->iRowid += iDelta;
+
+ if( iRowidOffset>=pIter->nRowidOffset ){
+ int nNew = pIter->nRowidOffset + 8;
+ int *aNew = (int*)sqlite3_realloc(pIter->aRowidOffset, nNew*sizeof(int));
+ if( aNew==0 ){
+ p->rc = SQLITE_NOMEM;
+ break;
+ }
+ pIter->aRowidOffset = aNew;
+ pIter->nRowidOffset = nNew;
+ }
+
+ pIter->aRowidOffset[iRowidOffset++] = pIter->iLeafOffset;
+ pIter->iLeafOffset = i;
+ }
+ pIter->iRowidOffset = iRowidOffset;
+ fts5SegIterLoadNPos(p, pIter);
+}
+
+/*
+**
+*/
+static void fts5SegIterReverseNewPage(Fts5Index *p, Fts5SegIter *pIter){
+ assert( pIter->flags & FTS5_SEGITER_REVERSE );
+ assert( pIter->flags & FTS5_SEGITER_ONETERM );
+
+ fts5DataRelease(pIter->pLeaf);
+ pIter->pLeaf = 0;
+ while( p->rc==SQLITE_OK && pIter->iLeafPgno>pIter->iTermLeafPgno ){
+ Fts5Data *pNew;
+ pIter->iLeafPgno--;
+ pNew = fts5DataRead(p, FTS5_SEGMENT_ROWID(
+ pIter->pSeg->iSegid, pIter->iLeafPgno
+ ));
+ if( pNew ){
+ /* iTermLeafOffset may be equal to szLeaf if the term is the last
+ ** thing on the page - i.e. the first rowid is on the following page.
+ ** In this case leave pIter->pLeaf==0, this iterator is at EOF. */
+ if( pIter->iLeafPgno==pIter->iTermLeafPgno ){
+ assert( pIter->pLeaf==0 );
+ if( pIter->iTermLeafOffset<pNew->szLeaf ){
+ pIter->pLeaf = pNew;
+ pIter->iLeafOffset = pIter->iTermLeafOffset;
+ }
+ }else{
+ int iRowidOff;
+ iRowidOff = fts5LeafFirstRowidOff(pNew);
+ if( iRowidOff ){
+ pIter->pLeaf = pNew;
+ pIter->iLeafOffset = iRowidOff;
+ }
+ }
+
+ if( pIter->pLeaf ){
+ u8 *a = &pIter->pLeaf->p[pIter->iLeafOffset];
+ pIter->iLeafOffset += fts5GetVarint(a, (u64*)&pIter->iRowid);
+ break;
+ }else{
+ fts5DataRelease(pNew);
+ }
+ }
+ }
+
+ if( pIter->pLeaf ){
+ pIter->iEndofDoclist = pIter->pLeaf->nn+1;
+ fts5SegIterReverseInitPage(p, pIter);
+ }
+}
+
+/*
+** Return true if the iterator passed as the second argument currently
+** points to a delete marker. A delete marker is an entry with a 0 byte
+** position-list.
+*/
+static int fts5MultiIterIsEmpty(Fts5Index *p, Fts5IndexIter *pIter){
+ Fts5SegIter *pSeg = &pIter->aSeg[pIter->aFirst[1].iFirst];
+ return (p->rc==SQLITE_OK && pSeg->pLeaf && pSeg->nPos==0);
+}
+
+/*
+** Advance iterator pIter to the next entry.
+**
+** If an error occurs, Fts5Index.rc is set to an appropriate error code. It
+** is not considered an error if the iterator reaches EOF. If an error has
+** already occurred when this function is called, it is a no-op.
+*/
+static void fts5SegIterNext(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5SegIter *pIter, /* Iterator to advance */
+ int *pbNewTerm /* OUT: Set for new term */
+){
+ assert( pbNewTerm==0 || *pbNewTerm==0 );
+ if( p->rc==SQLITE_OK ){
+ if( pIter->flags & FTS5_SEGITER_REVERSE ){
+ assert( pIter->pNextLeaf==0 );
+ if( pIter->iRowidOffset>0 ){
+ u8 *a = pIter->pLeaf->p;
+ int iOff;
+ int nPos;
+ int bDummy;
+ i64 iDelta;
+
+ pIter->iRowidOffset--;
+ pIter->iLeafOffset = iOff = pIter->aRowidOffset[pIter->iRowidOffset];
+ iOff += fts5GetPoslistSize(&a[iOff], &nPos, &bDummy);
+ iOff += nPos;
+ fts5GetVarint(&a[iOff], (u64*)&iDelta);
+ pIter->iRowid -= iDelta;
+ fts5SegIterLoadNPos(p, pIter);
+ }else{
+ fts5SegIterReverseNewPage(p, pIter);
+ }
+ }else{
+ Fts5Data *pLeaf = pIter->pLeaf;
+ int iOff;
+ int bNewTerm = 0;
+ int nKeep = 0;
+
+ /* Search for the end of the position list within the current page. */
+ u8 *a = pLeaf->p;
+ int n = pLeaf->szLeaf;
+
+ ASSERT_SZLEAF_OK(pLeaf);
+ iOff = pIter->iLeafOffset + pIter->nPos;
+
+ if( iOff<n ){
+ /* The next entry is on the current page. */
+ assert_nc( iOff<=pIter->iEndofDoclist );
+ if( iOff>=pIter->iEndofDoclist ){
+ bNewTerm = 1;
+ if( iOff!=fts5LeafFirstTermOff(pLeaf) ){
+ iOff += fts5GetVarint32(&a[iOff], nKeep);
+ }
+ }else{
+ u64 iDelta;
+ iOff += sqlite3Fts5GetVarint(&a[iOff], &iDelta);
+ pIter->iRowid += iDelta;
+ assert_nc( iDelta>0 );
+ }
+ pIter->iLeafOffset = iOff;
+
+ }else if( pIter->pSeg==0 ){
+ const u8 *pList = 0;
+ const char *zTerm = 0;
+ int nList = 0;
+ assert( (pIter->flags & FTS5_SEGITER_ONETERM) || pbNewTerm );
+ if( 0==(pIter->flags & FTS5_SEGITER_ONETERM) ){
+ sqlite3Fts5HashScanNext(p->pHash);
+ sqlite3Fts5HashScanEntry(p->pHash, &zTerm, &pList, &nList);
+ }
+ if( pList==0 ){
+ fts5DataRelease(pIter->pLeaf);
+ pIter->pLeaf = 0;
+ }else{
+ pIter->pLeaf->p = (u8*)pList;
+ pIter->pLeaf->nn = nList;
+ pIter->pLeaf->szLeaf = nList;
+ pIter->iEndofDoclist = nList+1;
+ sqlite3Fts5BufferSet(&p->rc, &pIter->term, (int)strlen(zTerm),
+ (u8*)zTerm);
+ pIter->iLeafOffset = fts5GetVarint(pList, (u64*)&pIter->iRowid);
+ *pbNewTerm = 1;
+ }
+ }else{
+ iOff = 0;
+ /* Next entry is not on the current page */
+ while( iOff==0 ){
+ fts5SegIterNextPage(p, pIter);
+ pLeaf = pIter->pLeaf;
+ if( pLeaf==0 ) break;
+ ASSERT_SZLEAF_OK(pLeaf);
+ if( (iOff = fts5LeafFirstRowidOff(pLeaf)) && iOff<pLeaf->szLeaf ){
+ iOff += sqlite3Fts5GetVarint(&pLeaf->p[iOff], (u64*)&pIter->iRowid);
+ pIter->iLeafOffset = iOff;
+
+ if( pLeaf->nn>pLeaf->szLeaf ){
+ pIter->iPgidxOff = pLeaf->szLeaf + fts5GetVarint32(
+ &pLeaf->p[pLeaf->szLeaf], pIter->iEndofDoclist
+ );
+ }
+
+ }
+ else if( pLeaf->nn>pLeaf->szLeaf ){
+ pIter->iPgidxOff = pLeaf->szLeaf + fts5GetVarint32(
+ &pLeaf->p[pLeaf->szLeaf], iOff
+ );
+ pIter->iLeafOffset = iOff;
+ pIter->iEndofDoclist = iOff;
+ bNewTerm = 1;
+ }
+ if( iOff>=pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ return;
+ }
+ }
+ }
+
+ /* Check if the iterator is now at EOF. If so, return early. */
+ if( pIter->pLeaf ){
+ if( bNewTerm ){
+ if( pIter->flags & FTS5_SEGITER_ONETERM ){
+ fts5DataRelease(pIter->pLeaf);
+ pIter->pLeaf = 0;
+ }else{
+ fts5SegIterLoadTerm(p, pIter, nKeep);
+ fts5SegIterLoadNPos(p, pIter);
+ if( pbNewTerm ) *pbNewTerm = 1;
+ }
+ }else{
+ /* The following could be done by calling fts5SegIterLoadNPos(). But
+ ** this block is particularly performance critical, so equivalent
+ ** code is inlined. */
+ int nSz;
+ assert( p->rc==SQLITE_OK );
+ fts5FastGetVarint32(pIter->pLeaf->p, pIter->iLeafOffset, nSz);
+ pIter->bDel = (nSz & 0x0001);
+ pIter->nPos = nSz>>1;
+ assert_nc( pIter->nPos>=0 );
+ }
+ }
+ }
+ }
+}
+
+#define SWAPVAL(T, a, b) { T tmp; tmp=a; a=b; b=tmp; }
+
+/*
+** Iterator pIter currently points to the first rowid in a doclist. This
+** function sets the iterator up so that iterates in reverse order through
+** the doclist.
+*/
+static void fts5SegIterReverse(Fts5Index *p, Fts5SegIter *pIter){
+ Fts5DlidxIter *pDlidx = pIter->pDlidx;
+ Fts5Data *pLast = 0;
+ int pgnoLast = 0;
+
+ if( pDlidx ){
+ int iSegid = pIter->pSeg->iSegid;
+ pgnoLast = fts5DlidxIterPgno(pDlidx);
+ pLast = fts5DataRead(p, FTS5_SEGMENT_ROWID(iSegid, pgnoLast));
+ }else{
+ Fts5Data *pLeaf = pIter->pLeaf; /* Current leaf data */
+
+ /* Currently, Fts5SegIter.iLeafOffset points to the first byte of
+ ** position-list content for the current rowid. Back it up so that it
+ ** points to the start of the position-list size field. */
+ pIter->iLeafOffset -= sqlite3Fts5GetVarintLen(pIter->nPos*2+pIter->bDel);
+
+ /* If this condition is true then the largest rowid for the current
+ ** term may not be stored on the current page. So search forward to
+ ** see where said rowid really is. */
+ if( pIter->iEndofDoclist>=pLeaf->szLeaf ){
+ int pgno;
+ Fts5StructureSegment *pSeg = pIter->pSeg;
+
+ /* The last rowid in the doclist may not be on the current page. Search
+ ** forward to find the page containing the last rowid. */
+ for(pgno=pIter->iLeafPgno+1; !p->rc && pgno<=pSeg->pgnoLast; pgno++){
+ i64 iAbs = FTS5_SEGMENT_ROWID(pSeg->iSegid, pgno);
+ Fts5Data *pNew = fts5DataRead(p, iAbs);
+ if( pNew ){
+ int iRowid, bTermless;
+ iRowid = fts5LeafFirstRowidOff(pNew);
+ bTermless = fts5LeafIsTermless(pNew);
+ if( iRowid ){
+ SWAPVAL(Fts5Data*, pNew, pLast);
+ pgnoLast = pgno;
+ }
+ fts5DataRelease(pNew);
+ if( bTermless==0 ) break;
+ }
+ }
+ }
+ }
+
+ /* If pLast is NULL at this point, then the last rowid for this doclist
+ ** lies on the page currently indicated by the iterator. In this case
+ ** pIter->iLeafOffset is already set to point to the position-list size
+ ** field associated with the first relevant rowid on the page.
+ **
+ ** Or, if pLast is non-NULL, then it is the page that contains the last
+ ** rowid. In this case configure the iterator so that it points to the
+ ** first rowid on this page.
+ */
+ if( pLast ){
+ int iOff;
+ fts5DataRelease(pIter->pLeaf);
+ pIter->pLeaf = pLast;
+ pIter->iLeafPgno = pgnoLast;
+ iOff = fts5LeafFirstRowidOff(pLast);
+ iOff += fts5GetVarint(&pLast->p[iOff], (u64*)&pIter->iRowid);
+ pIter->iLeafOffset = iOff;
+
+ if( fts5LeafIsTermless(pLast) ){
+ pIter->iEndofDoclist = pLast->nn+1;
+ }else{
+ pIter->iEndofDoclist = fts5LeafFirstTermOff(pLast);
+ }
+
+ }
+
+ fts5SegIterReverseInitPage(p, pIter);
+}
+
+/*
+** Iterator pIter currently points to the first rowid of a doclist.
+** There is a doclist-index associated with the final term on the current
+** page. If the current term is the last term on the page, load the
+** doclist-index from disk and initialize an iterator at (pIter->pDlidx).
+*/
+static void fts5SegIterLoadDlidx(Fts5Index *p, Fts5SegIter *pIter){
+ int iSeg = pIter->pSeg->iSegid;
+ int bRev = (pIter->flags & FTS5_SEGITER_REVERSE);
+ Fts5Data *pLeaf = pIter->pLeaf; /* Current leaf data */
+
+ assert( pIter->flags & FTS5_SEGITER_ONETERM );
+ assert( pIter->pDlidx==0 );
+
+ /* Check if the current doclist ends on this page. If it does, return
+ ** early without loading the doclist-index (as it belongs to a different
+ ** term. */
+ if( pIter->iTermLeafPgno==pIter->iLeafPgno
+ && pIter->iEndofDoclist<pLeaf->szLeaf
+ ){
+ return;
+ }
+
+ pIter->pDlidx = fts5DlidxIterInit(p, bRev, iSeg, pIter->iTermLeafPgno);
+}
+
+#define fts5IndexSkipVarint(a, iOff) { \
+ int iEnd = iOff+9; \
+ while( (a[iOff++] & 0x80) && iOff<iEnd ); \
+}
+
+/*
+** The iterator object passed as the second argument currently contains
+** no valid values except for the Fts5SegIter.pLeaf member variable. This
+** function searches the leaf page for a term matching (pTerm/nTerm).
+**
+** If the specified term is found on the page, then the iterator is left
+** pointing to it. If argument bGe is zero and the term is not found,
+** the iterator is left pointing at EOF.
+**
+** If bGe is non-zero and the specified term is not found, then the
+** iterator is left pointing to the smallest term in the segment that
+** is larger than the specified term, even if this term is not on the
+** current page.
+*/
+static void fts5LeafSeek(
+ Fts5Index *p, /* Leave any error code here */
+ int bGe, /* True for a >= search */
+ Fts5SegIter *pIter, /* Iterator to seek */
+ const u8 *pTerm, int nTerm /* Term to search for */
+){
+ int iOff;
+ const u8 *a = pIter->pLeaf->p;
+ int szLeaf = pIter->pLeaf->szLeaf;
+ int n = pIter->pLeaf->nn;
+
+ int nMatch = 0;
+ int nKeep = 0;
+ int nNew = 0;
+ int iTermOff;
+ int iPgidx; /* Current offset in pgidx */
+ int bEndOfPage = 0;
+
+ assert( p->rc==SQLITE_OK );
+
+ iPgidx = szLeaf;
+ iPgidx += fts5GetVarint32(&a[iPgidx], iTermOff);
+ iOff = iTermOff;
+
+ while( 1 ){
+
+ /* Figure out how many new bytes are in this term */
+ fts5FastGetVarint32(a, iOff, nNew);
+ if( nKeep<nMatch ){
+ goto search_failed;
+ }
+
+ assert( nKeep>=nMatch );
+ if( nKeep==nMatch ){
+ int nCmp;
+ int i;
+ nCmp = MIN(nNew, nTerm-nMatch);
+ for(i=0; i<nCmp; i++){
+ if( a[iOff+i]!=pTerm[nMatch+i] ) break;
+ }
+ nMatch += i;
+
+ if( nTerm==nMatch ){
+ if( i==nNew ){
+ goto search_success;
+ }else{
+ goto search_failed;
+ }
+ }else if( i<nNew && a[iOff+i]>pTerm[nMatch] ){
+ goto search_failed;
+ }
+ }
+
+ if( iPgidx>=n ){
+ bEndOfPage = 1;
+ break;
+ }
+
+ iPgidx += fts5GetVarint32(&a[iPgidx], nKeep);
+ iTermOff += nKeep;
+ iOff = iTermOff;
+
+ /* Read the nKeep field of the next term. */
+ fts5FastGetVarint32(a, iOff, nKeep);
+ }
+
+ search_failed:
+ if( bGe==0 ){
+ fts5DataRelease(pIter->pLeaf);
+ pIter->pLeaf = 0;
+ return;
+ }else if( bEndOfPage ){
+ do {
+ fts5SegIterNextPage(p, pIter);
+ if( pIter->pLeaf==0 ) return;
+ a = pIter->pLeaf->p;
+ if( fts5LeafIsTermless(pIter->pLeaf)==0 ){
+ iPgidx = pIter->pLeaf->szLeaf;
+ iPgidx += fts5GetVarint32(&pIter->pLeaf->p[iPgidx], iOff);
+ if( iOff<4 || iOff>=pIter->pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ nKeep = 0;
+ iTermOff = iOff;
+ n = pIter->pLeaf->nn;
+ iOff += fts5GetVarint32(&a[iOff], nNew);
+ break;
+ }
+ }
+ }while( 1 );
+ }
+
+ search_success:
+
+ pIter->iLeafOffset = iOff + nNew;
+ pIter->iTermLeafOffset = pIter->iLeafOffset;
+ pIter->iTermLeafPgno = pIter->iLeafPgno;
+
+ fts5BufferSet(&p->rc, &pIter->term, nKeep, pTerm);
+ fts5BufferAppendBlob(&p->rc, &pIter->term, nNew, &a[iOff]);
+
+ if( iPgidx>=n ){
+ pIter->iEndofDoclist = pIter->pLeaf->nn+1;
+ }else{
+ int nExtra;
+ iPgidx += fts5GetVarint32(&a[iPgidx], nExtra);
+ pIter->iEndofDoclist = iTermOff + nExtra;
+ }
+ pIter->iPgidxOff = iPgidx;
+
+ fts5SegIterLoadRowid(p, pIter);
+ fts5SegIterLoadNPos(p, pIter);
+}
+
+/*
+** Initialize the object pIter to point to term pTerm/nTerm within segment
+** pSeg. If there is no such term in the index, the iterator is set to EOF.
+**
+** If an error occurs, Fts5Index.rc is set to an appropriate error code. If
+** an error has already occurred when this function is called, it is a no-op.
+*/
+static void fts5SegIterSeekInit(
+ Fts5Index *p, /* FTS5 backend */
+ Fts5Buffer *pBuf, /* Buffer to use for loading pages */
+ const u8 *pTerm, int nTerm, /* Term to seek to */
+ int flags, /* Mask of FTS5INDEX_XXX flags */
+ Fts5StructureSegment *pSeg, /* Description of segment */
+ Fts5SegIter *pIter /* Object to populate */
+){
+ int iPg = 1;
+ int bGe = (flags & FTS5INDEX_QUERY_SCAN);
+ int bDlidx = 0; /* True if there is a doclist-index */
+
+ static int nCall = 0;
+ nCall++;
+
+ assert( bGe==0 || (flags & FTS5INDEX_QUERY_DESC)==0 );
+ assert( pTerm && nTerm );
+ memset(pIter, 0, sizeof(*pIter));
+ pIter->pSeg = pSeg;
+
+ /* This block sets stack variable iPg to the leaf page number that may
+ ** contain term (pTerm/nTerm), if it is present in the segment. */
+ if( p->pIdxSelect==0 ){
+ Fts5Config *pConfig = p->pConfig;
+ fts5IndexPrepareStmt(p, &p->pIdxSelect, sqlite3_mprintf(
+ "SELECT pgno FROM '%q'.'%q_idx' WHERE "
+ "segid=? AND term<=? ORDER BY term DESC LIMIT 1",
+ pConfig->zDb, pConfig->zName
+ ));
+ }
+ if( p->rc ) return;
+ sqlite3_bind_int(p->pIdxSelect, 1, pSeg->iSegid);
+ sqlite3_bind_blob(p->pIdxSelect, 2, pTerm, nTerm, SQLITE_STATIC);
+ if( SQLITE_ROW==sqlite3_step(p->pIdxSelect) ){
+ i64 val = sqlite3_column_int(p->pIdxSelect, 0);
+ iPg = (int)(val>>1);
+ bDlidx = (val & 0x0001);
+ }
+ p->rc = sqlite3_reset(p->pIdxSelect);
+
+ if( iPg<pSeg->pgnoFirst ){
+ iPg = pSeg->pgnoFirst;
+ bDlidx = 0;
+ }
+
+ pIter->iLeafPgno = iPg - 1;
+ fts5SegIterNextPage(p, pIter);
+
+ if( pIter->pLeaf ){
+ fts5LeafSeek(p, bGe, pIter, pTerm, nTerm);
+ }
+
+ if( p->rc==SQLITE_OK && bGe==0 ){
+ pIter->flags |= FTS5_SEGITER_ONETERM;
+ if( pIter->pLeaf ){
+ if( flags & FTS5INDEX_QUERY_DESC ){
+ pIter->flags |= FTS5_SEGITER_REVERSE;
+ }
+ if( bDlidx ){
+ fts5SegIterLoadDlidx(p, pIter);
+ }
+ if( flags & FTS5INDEX_QUERY_DESC ){
+ fts5SegIterReverse(p, pIter);
+ }
+ }
+ }
+
+ /* Either:
+ **
+ ** 1) an error has occurred, or
+ ** 2) the iterator points to EOF, or
+ ** 3) the iterator points to an entry with term (pTerm/nTerm), or
+ ** 4) the FTS5INDEX_QUERY_SCAN flag was set and the iterator points
+ ** to an entry with a term greater than or equal to (pTerm/nTerm).
+ */
+ assert( p->rc!=SQLITE_OK /* 1 */
+ || pIter->pLeaf==0 /* 2 */
+ || fts5BufferCompareBlob(&pIter->term, pTerm, nTerm)==0 /* 3 */
+ || (bGe && fts5BufferCompareBlob(&pIter->term, pTerm, nTerm)>0) /* 4 */
+ );
+}
+
+/*
+** Initialize the object pIter to point to term pTerm/nTerm within the
+** in-memory hash table. If there is no such term in the hash-table, the
+** iterator is set to EOF.
+**
+** If an error occurs, Fts5Index.rc is set to an appropriate error code. If
+** an error has already occurred when this function is called, it is a no-op.
+*/
+static void fts5SegIterHashInit(
+ Fts5Index *p, /* FTS5 backend */
+ const u8 *pTerm, int nTerm, /* Term to seek to */
+ int flags, /* Mask of FTS5INDEX_XXX flags */
+ Fts5SegIter *pIter /* Object to populate */
+){
+ const u8 *pList = 0;
+ int nList = 0;
+ const u8 *z = 0;
+ int n = 0;
+
+ assert( p->pHash );
+ assert( p->rc==SQLITE_OK );
+
+ if( pTerm==0 || (flags & FTS5INDEX_QUERY_SCAN) ){
+ p->rc = sqlite3Fts5HashScanInit(p->pHash, (const char*)pTerm, nTerm);
+ sqlite3Fts5HashScanEntry(p->pHash, (const char**)&z, &pList, &nList);
+ n = (z ? (int)strlen((const char*)z) : 0);
+ }else{
+ pIter->flags |= FTS5_SEGITER_ONETERM;
+ sqlite3Fts5HashQuery(p->pHash, (const char*)pTerm, nTerm, &pList, &nList);
+ z = pTerm;
+ n = nTerm;
+ }
+
+ if( pList ){
+ Fts5Data *pLeaf;
+ sqlite3Fts5BufferSet(&p->rc, &pIter->term, n, z);
+ pLeaf = fts5IdxMalloc(p, sizeof(Fts5Data));
+ if( pLeaf==0 ) return;
+ pLeaf->p = (u8*)pList;
+ pLeaf->nn = pLeaf->szLeaf = nList;
+ pIter->pLeaf = pLeaf;
+ pIter->iLeafOffset = fts5GetVarint(pLeaf->p, (u64*)&pIter->iRowid);
+ pIter->iEndofDoclist = pLeaf->nn+1;
+
+ if( flags & FTS5INDEX_QUERY_DESC ){
+ pIter->flags |= FTS5_SEGITER_REVERSE;
+ fts5SegIterReverseInitPage(p, pIter);
+ }else{
+ fts5SegIterLoadNPos(p, pIter);
+ }
+ }
+}
+
+/*
+** Zero the iterator passed as the only argument.
+*/
+static void fts5SegIterClear(Fts5SegIter *pIter){
+ fts5BufferFree(&pIter->term);
+ fts5DataRelease(pIter->pLeaf);
+ fts5DataRelease(pIter->pNextLeaf);
+ fts5DlidxIterFree(pIter->pDlidx);
+ sqlite3_free(pIter->aRowidOffset);
+ memset(pIter, 0, sizeof(Fts5SegIter));
+}
+
+#ifdef SQLITE_DEBUG
+
+/*
+** This function is used as part of the big assert() procedure implemented by
+** fts5AssertMultiIterSetup(). It ensures that the result currently stored
+** in *pRes is the correct result of comparing the current positions of the
+** two iterators.
+*/
+static void fts5AssertComparisonResult(
+ Fts5IndexIter *pIter,
+ Fts5SegIter *p1,
+ Fts5SegIter *p2,
+ Fts5CResult *pRes
+){
+ int i1 = p1 - pIter->aSeg;
+ int i2 = p2 - pIter->aSeg;
+
+ if( p1->pLeaf || p2->pLeaf ){
+ if( p1->pLeaf==0 ){
+ assert( pRes->iFirst==i2 );
+ }else if( p2->pLeaf==0 ){
+ assert( pRes->iFirst==i1 );
+ }else{
+ int nMin = MIN(p1->term.n, p2->term.n);
+ int res = memcmp(p1->term.p, p2->term.p, nMin);
+ if( res==0 ) res = p1->term.n - p2->term.n;
+
+ if( res==0 ){
+ assert( pRes->bTermEq==1 );
+ assert( p1->iRowid!=p2->iRowid );
+ res = ((p1->iRowid > p2->iRowid)==pIter->bRev) ? -1 : 1;
+ }else{
+ assert( pRes->bTermEq==0 );
+ }
+
+ if( res<0 ){
+ assert( pRes->iFirst==i1 );
+ }else{
+ assert( pRes->iFirst==i2 );
+ }
+ }
+ }
+}
+
+/*
+** This function is a no-op unless SQLITE_DEBUG is defined when this module
+** is compiled. In that case, this function is essentially an assert()
+** statement used to verify that the contents of the pIter->aFirst[] array
+** are correct.
+*/
+static void fts5AssertMultiIterSetup(Fts5Index *p, Fts5IndexIter *pIter){
+ if( p->rc==SQLITE_OK ){
+ Fts5SegIter *pFirst = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ int i;
+
+ assert( (pFirst->pLeaf==0)==pIter->bEof );
+
+ /* Check that pIter->iSwitchRowid is set correctly. */
+ for(i=0; i<pIter->nSeg; i++){
+ Fts5SegIter *p1 = &pIter->aSeg[i];
+ assert( p1==pFirst
+ || p1->pLeaf==0
+ || fts5BufferCompare(&pFirst->term, &p1->term)
+ || p1->iRowid==pIter->iSwitchRowid
+ || (p1->iRowid<pIter->iSwitchRowid)==pIter->bRev
+ );
+ }
+
+ for(i=0; i<pIter->nSeg; i+=2){
+ Fts5SegIter *p1 = &pIter->aSeg[i];
+ Fts5SegIter *p2 = &pIter->aSeg[i+1];
+ Fts5CResult *pRes = &pIter->aFirst[(pIter->nSeg + i) / 2];
+ fts5AssertComparisonResult(pIter, p1, p2, pRes);
+ }
+
+ for(i=1; i<(pIter->nSeg / 2); i+=2){
+ Fts5SegIter *p1 = &pIter->aSeg[ pIter->aFirst[i*2].iFirst ];
+ Fts5SegIter *p2 = &pIter->aSeg[ pIter->aFirst[i*2+1].iFirst ];
+ Fts5CResult *pRes = &pIter->aFirst[i];
+ fts5AssertComparisonResult(pIter, p1, p2, pRes);
+ }
+ }
+}
+#else
+# define fts5AssertMultiIterSetup(x,y)
+#endif
+
+/*
+** Do the comparison necessary to populate pIter->aFirst[iOut].
+**
+** If the returned value is non-zero, then it is the index of an entry
+** in the pIter->aSeg[] array that is (a) not at EOF, and (b) pointing
+** to a key that is a duplicate of another, higher priority,
+** segment-iterator in the pSeg->aSeg[] array.
+*/
+static int fts5MultiIterDoCompare(Fts5IndexIter *pIter, int iOut){
+ int i1; /* Index of left-hand Fts5SegIter */
+ int i2; /* Index of right-hand Fts5SegIter */
+ int iRes;
+ Fts5SegIter *p1; /* Left-hand Fts5SegIter */
+ Fts5SegIter *p2; /* Right-hand Fts5SegIter */
+ Fts5CResult *pRes = &pIter->aFirst[iOut];
+
+ assert( iOut<pIter->nSeg && iOut>0 );
+ assert( pIter->bRev==0 || pIter->bRev==1 );
+
+ if( iOut>=(pIter->nSeg/2) ){
+ i1 = (iOut - pIter->nSeg/2) * 2;
+ i2 = i1 + 1;
+ }else{
+ i1 = pIter->aFirst[iOut*2].iFirst;
+ i2 = pIter->aFirst[iOut*2+1].iFirst;
+ }
+ p1 = &pIter->aSeg[i1];
+ p2 = &pIter->aSeg[i2];
+
+ pRes->bTermEq = 0;
+ if( p1->pLeaf==0 ){ /* If p1 is at EOF */
+ iRes = i2;
+ }else if( p2->pLeaf==0 ){ /* If p2 is at EOF */
+ iRes = i1;
+ }else{
+ int res = fts5BufferCompare(&p1->term, &p2->term);
+ if( res==0 ){
+ assert( i2>i1 );
+ assert( i2!=0 );
+ pRes->bTermEq = 1;
+ if( p1->iRowid==p2->iRowid ){
+ p1->bDel = p2->bDel;
+ return i2;
+ }
+ res = ((p1->iRowid > p2->iRowid)==pIter->bRev) ? -1 : +1;
+ }
+ assert( res!=0 );
+ if( res<0 ){
+ iRes = i1;
+ }else{
+ iRes = i2;
+ }
+ }
+
+ pRes->iFirst = (u16)iRes;
+ return 0;
+}
+
+/*
+** Move the seg-iter so that it points to the first rowid on page iLeafPgno.
+** It is an error if leaf iLeafPgno does not exist or contains no rowids.
+*/
+static void fts5SegIterGotoPage(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5SegIter *pIter, /* Iterator to advance */
+ int iLeafPgno
+){
+ assert( iLeafPgno>pIter->iLeafPgno );
+
+ if( iLeafPgno>pIter->pSeg->pgnoLast ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ fts5DataRelease(pIter->pNextLeaf);
+ pIter->pNextLeaf = 0;
+ pIter->iLeafPgno = iLeafPgno-1;
+ fts5SegIterNextPage(p, pIter);
+ assert( p->rc!=SQLITE_OK || pIter->iLeafPgno==iLeafPgno );
+
+ if( p->rc==SQLITE_OK ){
+ int iOff;
+ u8 *a = pIter->pLeaf->p;
+ int n = pIter->pLeaf->szLeaf;
+
+ iOff = fts5LeafFirstRowidOff(pIter->pLeaf);
+ if( iOff<4 || iOff>=n ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ iOff += fts5GetVarint(&a[iOff], (u64*)&pIter->iRowid);
+ pIter->iLeafOffset = iOff;
+ fts5SegIterLoadNPos(p, pIter);
+ }
+ }
+ }
+}
+
+/*
+** Advance the iterator passed as the second argument until it is at or
+** past rowid iFrom. Regardless of the value of iFrom, the iterator is
+** always advanced at least once.
+*/
+static void fts5SegIterNextFrom(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5SegIter *pIter, /* Iterator to advance */
+ i64 iMatch /* Advance iterator at least this far */
+){
+ int bRev = (pIter->flags & FTS5_SEGITER_REVERSE);
+ Fts5DlidxIter *pDlidx = pIter->pDlidx;
+ int iLeafPgno = pIter->iLeafPgno;
+ int bMove = 1;
+
+ assert( pIter->flags & FTS5_SEGITER_ONETERM );
+ assert( pIter->pDlidx );
+ assert( pIter->pLeaf );
+
+ if( bRev==0 ){
+ while( !fts5DlidxIterEof(p, pDlidx) && iMatch>fts5DlidxIterRowid(pDlidx) ){
+ iLeafPgno = fts5DlidxIterPgno(pDlidx);
+ fts5DlidxIterNext(p, pDlidx);
+ }
+ assert_nc( iLeafPgno>=pIter->iLeafPgno || p->rc );
+ if( iLeafPgno>pIter->iLeafPgno ){
+ fts5SegIterGotoPage(p, pIter, iLeafPgno);
+ bMove = 0;
+ }
+ }else{
+ assert( pIter->pNextLeaf==0 );
+ assert( iMatch<pIter->iRowid );
+ while( !fts5DlidxIterEof(p, pDlidx) && iMatch<fts5DlidxIterRowid(pDlidx) ){
+ fts5DlidxIterPrev(p, pDlidx);
+ }
+ iLeafPgno = fts5DlidxIterPgno(pDlidx);
+
+ assert( fts5DlidxIterEof(p, pDlidx) || iLeafPgno<=pIter->iLeafPgno );
+
+ if( iLeafPgno<pIter->iLeafPgno ){
+ pIter->iLeafPgno = iLeafPgno+1;
+ fts5SegIterReverseNewPage(p, pIter);
+ bMove = 0;
+ }
+ }
+
+ do{
+ if( bMove ) fts5SegIterNext(p, pIter, 0);
+ if( pIter->pLeaf==0 ) break;
+ if( bRev==0 && pIter->iRowid>=iMatch ) break;
+ if( bRev!=0 && pIter->iRowid<=iMatch ) break;
+ bMove = 1;
+ }while( p->rc==SQLITE_OK );
+}
+
+
+/*
+** Free the iterator object passed as the second argument.
+*/
+static void fts5MultiIterFree(Fts5Index *p, Fts5IndexIter *pIter){
+ if( pIter ){
+ int i;
+ for(i=0; i<pIter->nSeg; i++){
+ fts5SegIterClear(&pIter->aSeg[i]);
+ }
+ fts5StructureRelease(pIter->pStruct);
+ fts5BufferFree(&pIter->poslist);
+ sqlite3_free(pIter);
+ }
+}
+
+static void fts5MultiIterAdvanced(
+ Fts5Index *p, /* FTS5 backend to iterate within */
+ Fts5IndexIter *pIter, /* Iterator to update aFirst[] array for */
+ int iChanged, /* Index of sub-iterator just advanced */
+ int iMinset /* Minimum entry in aFirst[] to set */
+){
+ int i;
+ for(i=(pIter->nSeg+iChanged)/2; i>=iMinset && p->rc==SQLITE_OK; i=i/2){
+ int iEq;
+ if( (iEq = fts5MultiIterDoCompare(pIter, i)) ){
+ fts5SegIterNext(p, &pIter->aSeg[iEq], 0);
+ i = pIter->nSeg + iEq;
+ }
+ }
+}
+
+/*
+** Sub-iterator iChanged of iterator pIter has just been advanced. It still
+** points to the same term though - just a different rowid. This function
+** attempts to update the contents of the pIter->aFirst[] accordingly.
+** If it does so successfully, 0 is returned. Otherwise 1.
+**
+** If non-zero is returned, the caller should call fts5MultiIterAdvanced()
+** on the iterator instead. That function does the same as this one, except
+** that it deals with more complicated cases as well.
+*/
+static int fts5MultiIterAdvanceRowid(
+ Fts5Index *p, /* FTS5 backend to iterate within */
+ Fts5IndexIter *pIter, /* Iterator to update aFirst[] array for */
+ int iChanged /* Index of sub-iterator just advanced */
+){
+ Fts5SegIter *pNew = &pIter->aSeg[iChanged];
+
+ if( pNew->iRowid==pIter->iSwitchRowid
+ || (pNew->iRowid<pIter->iSwitchRowid)==pIter->bRev
+ ){
+ int i;
+ Fts5SegIter *pOther = &pIter->aSeg[iChanged ^ 0x0001];
+ pIter->iSwitchRowid = pIter->bRev ? SMALLEST_INT64 : LARGEST_INT64;
+ for(i=(pIter->nSeg+iChanged)/2; 1; i=i/2){
+ Fts5CResult *pRes = &pIter->aFirst[i];
+
+ assert( pNew->pLeaf );
+ assert( pRes->bTermEq==0 || pOther->pLeaf );
+
+ if( pRes->bTermEq ){
+ if( pNew->iRowid==pOther->iRowid ){
+ return 1;
+ }else if( (pOther->iRowid>pNew->iRowid)==pIter->bRev ){
+ pIter->iSwitchRowid = pOther->iRowid;
+ pNew = pOther;
+ }else if( (pOther->iRowid>pIter->iSwitchRowid)==pIter->bRev ){
+ pIter->iSwitchRowid = pOther->iRowid;
+ }
+ }
+ pRes->iFirst = (u16)(pNew - pIter->aSeg);
+ if( i==1 ) break;
+
+ pOther = &pIter->aSeg[ pIter->aFirst[i ^ 0x0001].iFirst ];
+ }
+ }
+
+ return 0;
+}
+
+/*
+** Set the pIter->bEof variable based on the state of the sub-iterators.
+*/
+static void fts5MultiIterSetEof(Fts5IndexIter *pIter){
+ Fts5SegIter *pSeg = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ pIter->bEof = pSeg->pLeaf==0;
+ pIter->iSwitchRowid = pSeg->iRowid;
+}
+
+/*
+** Move the iterator to the next entry.
+**
+** If an error occurs, an error code is left in Fts5Index.rc. It is not
+** considered an error if the iterator reaches EOF, or if it is already at
+** EOF when this function is called.
+*/
+static void fts5MultiIterNext(
+ Fts5Index *p,
+ Fts5IndexIter *pIter,
+ int bFrom, /* True if argument iFrom is valid */
+ i64 iFrom /* Advance at least as far as this */
+){
+ if( p->rc==SQLITE_OK ){
+ int bUseFrom = bFrom;
+ do {
+ int iFirst = pIter->aFirst[1].iFirst;
+ int bNewTerm = 0;
+ Fts5SegIter *pSeg = &pIter->aSeg[iFirst];
+ assert( p->rc==SQLITE_OK );
+ if( bUseFrom && pSeg->pDlidx ){
+ fts5SegIterNextFrom(p, pSeg, iFrom);
+ }else{
+ fts5SegIterNext(p, pSeg, &bNewTerm);
+ }
+
+ if( pSeg->pLeaf==0 || bNewTerm
+ || fts5MultiIterAdvanceRowid(p, pIter, iFirst)
+ ){
+ fts5MultiIterAdvanced(p, pIter, iFirst, 1);
+ fts5MultiIterSetEof(pIter);
+ }
+ fts5AssertMultiIterSetup(p, pIter);
+
+ bUseFrom = 0;
+ }while( pIter->bSkipEmpty && fts5MultiIterIsEmpty(p, pIter) );
+ }
+}
+
+static void fts5MultiIterNext2(
+ Fts5Index *p,
+ Fts5IndexIter *pIter,
+ int *pbNewTerm /* OUT: True if *might* be new term */
+){
+ assert( pIter->bSkipEmpty );
+ if( p->rc==SQLITE_OK ){
+ do {
+ int iFirst = pIter->aFirst[1].iFirst;
+ Fts5SegIter *pSeg = &pIter->aSeg[iFirst];
+ int bNewTerm = 0;
+
+ fts5SegIterNext(p, pSeg, &bNewTerm);
+ if( pSeg->pLeaf==0 || bNewTerm
+ || fts5MultiIterAdvanceRowid(p, pIter, iFirst)
+ ){
+ fts5MultiIterAdvanced(p, pIter, iFirst, 1);
+ fts5MultiIterSetEof(pIter);
+ *pbNewTerm = 1;
+ }else{
+ *pbNewTerm = 0;
+ }
+ fts5AssertMultiIterSetup(p, pIter);
+
+ }while( fts5MultiIterIsEmpty(p, pIter) );
+ }
+}
+
+
+static Fts5IndexIter *fts5MultiIterAlloc(
+ Fts5Index *p, /* FTS5 backend to iterate within */
+ int nSeg
+){
+ Fts5IndexIter *pNew;
+ int nSlot; /* Power of two >= nSeg */
+
+ for(nSlot=2; nSlot<nSeg; nSlot=nSlot*2);
+ pNew = fts5IdxMalloc(p,
+ sizeof(Fts5IndexIter) + /* pNew */
+ sizeof(Fts5SegIter) * (nSlot-1) + /* pNew->aSeg[] */
+ sizeof(Fts5CResult) * nSlot /* pNew->aFirst[] */
+ );
+ if( pNew ){
+ pNew->nSeg = nSlot;
+ pNew->aFirst = (Fts5CResult*)&pNew->aSeg[nSlot];
+ pNew->pIndex = p;
+ }
+ return pNew;
+}
+
+/*
+** Allocate a new Fts5IndexIter object.
+**
+** The new object will be used to iterate through data in structure pStruct.
+** If iLevel is -ve, then all data in all segments is merged. Or, if iLevel
+** is zero or greater, data from the first nSegment segments on level iLevel
+** is merged.
+**
+** The iterator initially points to the first term/rowid entry in the
+** iterated data.
+*/
+static void fts5MultiIterNew(
+ Fts5Index *p, /* FTS5 backend to iterate within */
+ Fts5Structure *pStruct, /* Structure of specific index */
+ int bSkipEmpty, /* True to ignore delete-keys */
+ int flags, /* FTS5INDEX_QUERY_XXX flags */
+ const u8 *pTerm, int nTerm, /* Term to seek to (or NULL/0) */
+ int iLevel, /* Level to iterate (-1 for all) */
+ int nSegment, /* Number of segments to merge (iLevel>=0) */
+ Fts5IndexIter **ppOut /* New object */
+){
+ int nSeg = 0; /* Number of segment-iters in use */
+ int iIter = 0; /* */
+ int iSeg; /* Used to iterate through segments */
+ Fts5Buffer buf = {0,0,0}; /* Buffer used by fts5SegIterSeekInit() */
+ Fts5StructureLevel *pLvl;
+ Fts5IndexIter *pNew;
+
+ assert( (pTerm==0 && nTerm==0) || iLevel<0 );
+
+ /* Allocate space for the new multi-seg-iterator. */
+ if( p->rc==SQLITE_OK ){
+ if( iLevel<0 ){
+ assert( pStruct->nSegment==fts5StructureCountSegments(pStruct) );
+ nSeg = pStruct->nSegment;
+ nSeg += (p->pHash ? 1 : 0);
+ }else{
+ nSeg = MIN(pStruct->aLevel[iLevel].nSeg, nSegment);
+ }
+ }
+ *ppOut = pNew = fts5MultiIterAlloc(p, nSeg);
+ if( pNew==0 ) return;
+ pNew->bRev = (0!=(flags & FTS5INDEX_QUERY_DESC));
+ pNew->bSkipEmpty = (u8)bSkipEmpty;
+ pNew->pStruct = pStruct;
+ fts5StructureRef(pStruct);
+
+ /* Initialize each of the component segment iterators. */
+ if( iLevel<0 ){
+ Fts5StructureLevel *pEnd = &pStruct->aLevel[pStruct->nLevel];
+ if( p->pHash ){
+ /* Add a segment iterator for the current contents of the hash table. */
+ Fts5SegIter *pIter = &pNew->aSeg[iIter++];
+ fts5SegIterHashInit(p, pTerm, nTerm, flags, pIter);
+ }
+ for(pLvl=&pStruct->aLevel[0]; pLvl<pEnd; pLvl++){
+ for(iSeg=pLvl->nSeg-1; iSeg>=0; iSeg--){
+ Fts5StructureSegment *pSeg = &pLvl->aSeg[iSeg];
+ Fts5SegIter *pIter = &pNew->aSeg[iIter++];
+ if( pTerm==0 ){
+ fts5SegIterInit(p, pSeg, pIter);
+ }else{
+ fts5SegIterSeekInit(p, &buf, pTerm, nTerm, flags, pSeg, pIter);
+ }
+ }
+ }
+ }else{
+ pLvl = &pStruct->aLevel[iLevel];
+ for(iSeg=nSeg-1; iSeg>=0; iSeg--){
+ fts5SegIterInit(p, &pLvl->aSeg[iSeg], &pNew->aSeg[iIter++]);
+ }
+ }
+ assert( iIter==nSeg );
+
+ /* If the above was successful, each component iterators now points
+ ** to the first entry in its segment. In this case initialize the
+ ** aFirst[] array. Or, if an error has occurred, free the iterator
+ ** object and set the output variable to NULL. */
+ if( p->rc==SQLITE_OK ){
+ for(iIter=pNew->nSeg-1; iIter>0; iIter--){
+ int iEq;
+ if( (iEq = fts5MultiIterDoCompare(pNew, iIter)) ){
+ fts5SegIterNext(p, &pNew->aSeg[iEq], 0);
+ fts5MultiIterAdvanced(p, pNew, iEq, iIter);
+ }
+ }
+ fts5MultiIterSetEof(pNew);
+ fts5AssertMultiIterSetup(p, pNew);
+
+ if( pNew->bSkipEmpty && fts5MultiIterIsEmpty(p, pNew) ){
+ fts5MultiIterNext(p, pNew, 0, 0);
+ }
+ }else{
+ fts5MultiIterFree(p, pNew);
+ *ppOut = 0;
+ }
+ fts5BufferFree(&buf);
+}
+
+/*
+** Create an Fts5IndexIter that iterates through the doclist provided
+** as the second argument.
+*/
+static void fts5MultiIterNew2(
+ Fts5Index *p, /* FTS5 backend to iterate within */
+ Fts5Data *pData, /* Doclist to iterate through */
+ int bDesc, /* True for descending rowid order */
+ Fts5IndexIter **ppOut /* New object */
+){
+ Fts5IndexIter *pNew;
+ pNew = fts5MultiIterAlloc(p, 2);
+ if( pNew ){
+ Fts5SegIter *pIter = &pNew->aSeg[1];
+
+ pNew->bFiltered = 1;
+ pIter->flags = FTS5_SEGITER_ONETERM;
+ if( pData->szLeaf>0 ){
+ pIter->pLeaf = pData;
+ pIter->iLeafOffset = fts5GetVarint(pData->p, (u64*)&pIter->iRowid);
+ pIter->iEndofDoclist = pData->nn;
+ pNew->aFirst[1].iFirst = 1;
+ if( bDesc ){
+ pNew->bRev = 1;
+ pIter->flags |= FTS5_SEGITER_REVERSE;
+ fts5SegIterReverseInitPage(p, pIter);
+ }else{
+ fts5SegIterLoadNPos(p, pIter);
+ }
+ pData = 0;
+ }else{
+ pNew->bEof = 1;
+ }
+
+ *ppOut = pNew;
+ }
+
+ fts5DataRelease(pData);
+}
+
+/*
+** Return true if the iterator is at EOF or if an error has occurred.
+** False otherwise.
+*/
+static int fts5MultiIterEof(Fts5Index *p, Fts5IndexIter *pIter){
+ assert( p->rc
+ || (pIter->aSeg[ pIter->aFirst[1].iFirst ].pLeaf==0)==pIter->bEof
+ );
+ return (p->rc || pIter->bEof);
+}
+
+/*
+** Return the rowid of the entry that the iterator currently points
+** to. If the iterator points to EOF when this function is called the
+** results are undefined.
+*/
+static i64 fts5MultiIterRowid(Fts5IndexIter *pIter){
+ assert( pIter->aSeg[ pIter->aFirst[1].iFirst ].pLeaf );
+ return pIter->aSeg[ pIter->aFirst[1].iFirst ].iRowid;
+}
+
+/*
+** Move the iterator to the next entry at or following iMatch.
+*/
+static void fts5MultiIterNextFrom(
+ Fts5Index *p,
+ Fts5IndexIter *pIter,
+ i64 iMatch
+){
+ while( 1 ){
+ i64 iRowid;
+ fts5MultiIterNext(p, pIter, 1, iMatch);
+ if( fts5MultiIterEof(p, pIter) ) break;
+ iRowid = fts5MultiIterRowid(pIter);
+ if( pIter->bRev==0 && iRowid>=iMatch ) break;
+ if( pIter->bRev!=0 && iRowid<=iMatch ) break;
+ }
+}
+
+/*
+** Return a pointer to a buffer containing the term associated with the
+** entry that the iterator currently points to.
+*/
+static const u8 *fts5MultiIterTerm(Fts5IndexIter *pIter, int *pn){
+ Fts5SegIter *p = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ *pn = p->term.n;
+ return p->term.p;
+}
+
+static void fts5ChunkIterate(
+ Fts5Index *p, /* Index object */
+ Fts5SegIter *pSeg, /* Poslist of this iterator */
+ void *pCtx, /* Context pointer for xChunk callback */
+ void (*xChunk)(Fts5Index*, void*, const u8*, int)
+){
+ int nRem = pSeg->nPos; /* Number of bytes still to come */
+ Fts5Data *pData = 0;
+ u8 *pChunk = &pSeg->pLeaf->p[pSeg->iLeafOffset];
+ int nChunk = MIN(nRem, pSeg->pLeaf->szLeaf - pSeg->iLeafOffset);
+ int pgno = pSeg->iLeafPgno;
+ int pgnoSave = 0;
+
+ if( (pSeg->flags & FTS5_SEGITER_REVERSE)==0 ){
+ pgnoSave = pgno+1;
+ }
+
+ while( 1 ){
+ xChunk(p, pCtx, pChunk, nChunk);
+ nRem -= nChunk;
+ fts5DataRelease(pData);
+ if( nRem<=0 ){
+ break;
+ }else{
+ pgno++;
+ pData = fts5DataRead(p, FTS5_SEGMENT_ROWID(pSeg->pSeg->iSegid, pgno));
+ if( pData==0 ) break;
+ pChunk = &pData->p[4];
+ nChunk = MIN(nRem, pData->szLeaf - 4);
+ if( pgno==pgnoSave ){
+ assert( pSeg->pNextLeaf==0 );
+ pSeg->pNextLeaf = pData;
+ pData = 0;
+ }
+ }
+ }
+}
+
+
+
+/*
+** Allocate a new segment-id for the structure pStruct. The new segment
+** id must be between 1 and 65335 inclusive, and must not be used by
+** any currently existing segment. If a free segment id cannot be found,
+** SQLITE_FULL is returned.
+**
+** If an error has already occurred, this function is a no-op. 0 is
+** returned in this case.
+*/
+static int fts5AllocateSegid(Fts5Index *p, Fts5Structure *pStruct){
+ int iSegid = 0;
+
+ if( p->rc==SQLITE_OK ){
+ if( pStruct->nSegment>=FTS5_MAX_SEGMENT ){
+ p->rc = SQLITE_FULL;
+ }else{
+ while( iSegid==0 ){
+ int iLvl, iSeg;
+ sqlite3_randomness(sizeof(u32), (void*)&iSegid);
+ iSegid = iSegid & ((1 << FTS5_DATA_ID_B)-1);
+ for(iLvl=0; iLvl<pStruct->nLevel; iLvl++){
+ for(iSeg=0; iSeg<pStruct->aLevel[iLvl].nSeg; iSeg++){
+ if( iSegid==pStruct->aLevel[iLvl].aSeg[iSeg].iSegid ){
+ iSegid = 0;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ return iSegid;
+}
+
+/*
+** Discard all data currently cached in the hash-tables.
+*/
+static void fts5IndexDiscardData(Fts5Index *p){
+ assert( p->pHash || p->nPendingData==0 );
+ if( p->pHash ){
+ sqlite3Fts5HashClear(p->pHash);
+ p->nPendingData = 0;
+ }
+}
+
+/*
+** Return the size of the prefix, in bytes, that buffer (nNew/pNew) shares
+** with buffer (nOld/pOld).
+*/
+static int fts5PrefixCompress(
+ int nOld, const u8 *pOld,
+ int nNew, const u8 *pNew
+){
+ int i;
+ assert( fts5BlobCompare(pOld, nOld, pNew, nNew)<0 );
+ for(i=0; i<nOld; i++){
+ if( pOld[i]!=pNew[i] ) break;
+ }
+ return i;
+}
+
+static void fts5WriteDlidxClear(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ int bFlush /* If true, write dlidx to disk */
+){
+ int i;
+ assert( bFlush==0 || (pWriter->nDlidx>0 && pWriter->aDlidx[0].buf.n>0) );
+ for(i=0; i<pWriter->nDlidx; i++){
+ Fts5DlidxWriter *pDlidx = &pWriter->aDlidx[i];
+ if( pDlidx->buf.n==0 ) break;
+ if( bFlush ){
+ assert( pDlidx->pgno!=0 );
+ fts5DataWrite(p,
+ FTS5_DLIDX_ROWID(pWriter->iSegid, i, pDlidx->pgno),
+ pDlidx->buf.p, pDlidx->buf.n
+ );
+ }
+ sqlite3Fts5BufferZero(&pDlidx->buf);
+ pDlidx->bPrevValid = 0;
+ }
+}
+
+/*
+** Grow the pWriter->aDlidx[] array to at least nLvl elements in size.
+** Any new array elements are zeroed before returning.
+*/
+static int fts5WriteDlidxGrow(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ int nLvl
+){
+ if( p->rc==SQLITE_OK && nLvl>=pWriter->nDlidx ){
+ Fts5DlidxWriter *aDlidx = (Fts5DlidxWriter*)sqlite3_realloc(
+ pWriter->aDlidx, sizeof(Fts5DlidxWriter) * nLvl
+ );
+ if( aDlidx==0 ){
+ p->rc = SQLITE_NOMEM;
+ }else{
+ int nByte = sizeof(Fts5DlidxWriter) * (nLvl - pWriter->nDlidx);
+ memset(&aDlidx[pWriter->nDlidx], 0, nByte);
+ pWriter->aDlidx = aDlidx;
+ pWriter->nDlidx = nLvl;
+ }
+ }
+ return p->rc;
+}
+
+/*
+** If the current doclist-index accumulating in pWriter->aDlidx[] is large
+** enough, flush it to disk and return 1. Otherwise discard it and return
+** zero.
+*/
+static int fts5WriteFlushDlidx(Fts5Index *p, Fts5SegWriter *pWriter){
+ int bFlag = 0;
+
+ /* If there were FTS5_MIN_DLIDX_SIZE or more empty leaf pages written
+ ** to the database, also write the doclist-index to disk. */
+ if( pWriter->aDlidx[0].buf.n>0 && pWriter->nEmpty>=FTS5_MIN_DLIDX_SIZE ){
+ bFlag = 1;
+ }
+ fts5WriteDlidxClear(p, pWriter, bFlag);
+ pWriter->nEmpty = 0;
+ return bFlag;
+}
+
+/*
+** This function is called whenever processing of the doclist for the
+** last term on leaf page (pWriter->iBtPage) is completed.
+**
+** The doclist-index for that term is currently stored in-memory within the
+** Fts5SegWriter.aDlidx[] array. If it is large enough, this function
+** writes it out to disk. Or, if it is too small to bother with, discards
+** it.
+**
+** Fts5SegWriter.btterm currently contains the first term on page iBtPage.
+*/
+static void fts5WriteFlushBtree(Fts5Index *p, Fts5SegWriter *pWriter){
+ int bFlag;
+
+ assert( pWriter->iBtPage || pWriter->nEmpty==0 );
+ if( pWriter->iBtPage==0 ) return;
+ bFlag = fts5WriteFlushDlidx(p, pWriter);
+
+ if( p->rc==SQLITE_OK ){
+ const char *z = (pWriter->btterm.n>0?(const char*)pWriter->btterm.p:"");
+ /* The following was already done in fts5WriteInit(): */
+ /* sqlite3_bind_int(p->pIdxWriter, 1, pWriter->iSegid); */
+ sqlite3_bind_blob(p->pIdxWriter, 2, z, pWriter->btterm.n, SQLITE_STATIC);
+ sqlite3_bind_int64(p->pIdxWriter, 3, bFlag + ((i64)pWriter->iBtPage<<1));
+ sqlite3_step(p->pIdxWriter);
+ p->rc = sqlite3_reset(p->pIdxWriter);
+ }
+ pWriter->iBtPage = 0;
+}
+
+/*
+** This is called once for each leaf page except the first that contains
+** at least one term. Argument (nTerm/pTerm) is the split-key - a term that
+** is larger than all terms written to earlier leaves, and equal to or
+** smaller than the first term on the new leaf.
+**
+** If an error occurs, an error code is left in Fts5Index.rc. If an error
+** has already occurred when this function is called, it is a no-op.
+*/
+static void fts5WriteBtreeTerm(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5SegWriter *pWriter, /* Writer object */
+ int nTerm, const u8 *pTerm /* First term on new page */
+){
+ fts5WriteFlushBtree(p, pWriter);
+ fts5BufferSet(&p->rc, &pWriter->btterm, nTerm, pTerm);
+ pWriter->iBtPage = pWriter->writer.pgno;
+}
+
+/*
+** This function is called when flushing a leaf page that contains no
+** terms at all to disk.
+*/
+static void fts5WriteBtreeNoTerm(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5SegWriter *pWriter /* Writer object */
+){
+ /* If there were no rowids on the leaf page either and the doclist-index
+ ** has already been started, append an 0x00 byte to it. */
+ if( pWriter->bFirstRowidInPage && pWriter->aDlidx[0].buf.n>0 ){
+ Fts5DlidxWriter *pDlidx = &pWriter->aDlidx[0];
+ assert( pDlidx->bPrevValid );
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx->buf, 0);
+ }
+
+ /* Increment the "number of sequential leaves without a term" counter. */
+ pWriter->nEmpty++;
+}
+
+static i64 fts5DlidxExtractFirstRowid(Fts5Buffer *pBuf){
+ i64 iRowid;
+ int iOff;
+
+ iOff = 1 + fts5GetVarint(&pBuf->p[1], (u64*)&iRowid);
+ fts5GetVarint(&pBuf->p[iOff], (u64*)&iRowid);
+ return iRowid;
+}
+
+/*
+** Rowid iRowid has just been appended to the current leaf page. It is the
+** first on the page. This function appends an appropriate entry to the current
+** doclist-index.
+*/
+static void fts5WriteDlidxAppend(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ i64 iRowid
+){
+ int i;
+ int bDone = 0;
+
+ for(i=0; p->rc==SQLITE_OK && bDone==0; i++){
+ i64 iVal;
+ Fts5DlidxWriter *pDlidx = &pWriter->aDlidx[i];
+
+ if( pDlidx->buf.n>=p->pConfig->pgsz ){
+ /* The current doclist-index page is full. Write it to disk and push
+ ** a copy of iRowid (which will become the first rowid on the next
+ ** doclist-index leaf page) up into the next level of the b-tree
+ ** hierarchy. If the node being flushed is currently the root node,
+ ** also push its first rowid upwards. */
+ pDlidx->buf.p[0] = 0x01; /* Not the root node */
+ fts5DataWrite(p,
+ FTS5_DLIDX_ROWID(pWriter->iSegid, i, pDlidx->pgno),
+ pDlidx->buf.p, pDlidx->buf.n
+ );
+ fts5WriteDlidxGrow(p, pWriter, i+2);
+ pDlidx = &pWriter->aDlidx[i];
+ if( p->rc==SQLITE_OK && pDlidx[1].buf.n==0 ){
+ i64 iFirst = fts5DlidxExtractFirstRowid(&pDlidx->buf);
+
+ /* This was the root node. Push its first rowid up to the new root. */
+ pDlidx[1].pgno = pDlidx->pgno;
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx[1].buf, 0);
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx[1].buf, pDlidx->pgno);
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx[1].buf, iFirst);
+ pDlidx[1].bPrevValid = 1;
+ pDlidx[1].iPrev = iFirst;
+ }
+
+ sqlite3Fts5BufferZero(&pDlidx->buf);
+ pDlidx->bPrevValid = 0;
+ pDlidx->pgno++;
+ }else{
+ bDone = 1;
+ }
+
+ if( pDlidx->bPrevValid ){
+ iVal = iRowid - pDlidx->iPrev;
+ }else{
+ i64 iPgno = (i==0 ? pWriter->writer.pgno : pDlidx[-1].pgno);
+ assert( pDlidx->buf.n==0 );
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx->buf, !bDone);
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx->buf, iPgno);
+ iVal = iRowid;
+ }
+
+ sqlite3Fts5BufferAppendVarint(&p->rc, &pDlidx->buf, iVal);
+ pDlidx->bPrevValid = 1;
+ pDlidx->iPrev = iRowid;
+ }
+}
+
+static void fts5WriteFlushLeaf(Fts5Index *p, Fts5SegWriter *pWriter){
+ static const u8 zero[] = { 0x00, 0x00, 0x00, 0x00 };
+ Fts5PageWriter *pPage = &pWriter->writer;
+ i64 iRowid;
+
+ assert( (pPage->pgidx.n==0)==(pWriter->bFirstTermInPage) );
+
+ /* Set the szLeaf header field. */
+ assert( 0==fts5GetU16(&pPage->buf.p[2]) );
+ fts5PutU16(&pPage->buf.p[2], (u16)pPage->buf.n);
+
+ if( pWriter->bFirstTermInPage ){
+ /* No term was written to this page. */
+ assert( pPage->pgidx.n==0 );
+ fts5WriteBtreeNoTerm(p, pWriter);
+ }else{
+ /* Append the pgidx to the page buffer. Set the szLeaf header field. */
+ fts5BufferAppendBlob(&p->rc, &pPage->buf, pPage->pgidx.n, pPage->pgidx.p);
+ }
+
+ /* Write the page out to disk */
+ iRowid = FTS5_SEGMENT_ROWID(pWriter->iSegid, pPage->pgno);
+ fts5DataWrite(p, iRowid, pPage->buf.p, pPage->buf.n);
+
+ /* Initialize the next page. */
+ fts5BufferZero(&pPage->buf);
+ fts5BufferZero(&pPage->pgidx);
+ fts5BufferAppendBlob(&p->rc, &pPage->buf, 4, zero);
+ pPage->iPrevPgidx = 0;
+ pPage->pgno++;
+
+ /* Increase the leaves written counter */
+ pWriter->nLeafWritten++;
+
+ /* The new leaf holds no terms or rowids */
+ pWriter->bFirstTermInPage = 1;
+ pWriter->bFirstRowidInPage = 1;
+}
+
+/*
+** Append term pTerm/nTerm to the segment being written by the writer passed
+** as the second argument.
+**
+** If an error occurs, set the Fts5Index.rc error code. If an error has
+** already occurred, this function is a no-op.
+*/
+static void fts5WriteAppendTerm(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ int nTerm, const u8 *pTerm
+){
+ int nPrefix; /* Bytes of prefix compression for term */
+ Fts5PageWriter *pPage = &pWriter->writer;
+ Fts5Buffer *pPgidx = &pWriter->writer.pgidx;
+
+ assert( p->rc==SQLITE_OK );
+ assert( pPage->buf.n>=4 );
+ assert( pPage->buf.n>4 || pWriter->bFirstTermInPage );
+
+ /* If the current leaf page is full, flush it to disk. */
+ if( (pPage->buf.n + pPgidx->n + nTerm + 2)>=p->pConfig->pgsz ){
+ if( pPage->buf.n>4 ){
+ fts5WriteFlushLeaf(p, pWriter);
+ }
+ fts5BufferGrow(&p->rc, &pPage->buf, nTerm+FTS5_DATA_PADDING);
+ }
+
+ /* TODO1: Updating pgidx here. */
+ pPgidx->n += sqlite3Fts5PutVarint(
+ &pPgidx->p[pPgidx->n], pPage->buf.n - pPage->iPrevPgidx
+ );
+ pPage->iPrevPgidx = pPage->buf.n;
+#if 0
+ fts5PutU16(&pPgidx->p[pPgidx->n], pPage->buf.n);
+ pPgidx->n += 2;
+#endif
+
+ if( pWriter->bFirstTermInPage ){
+ nPrefix = 0;
+ if( pPage->pgno!=1 ){
+ /* This is the first term on a leaf that is not the leftmost leaf in
+ ** the segment b-tree. In this case it is necessary to add a term to
+ ** the b-tree hierarchy that is (a) larger than the largest term
+ ** already written to the segment and (b) smaller than or equal to
+ ** this term. In other words, a prefix of (pTerm/nTerm) that is one
+ ** byte longer than the longest prefix (pTerm/nTerm) shares with the
+ ** previous term.
+ **
+ ** Usually, the previous term is available in pPage->term. The exception
+ ** is if this is the first term written in an incremental-merge step.
+ ** In this case the previous term is not available, so just write a
+ ** copy of (pTerm/nTerm) into the parent node. This is slightly
+ ** inefficient, but still correct. */
+ int n = nTerm;
+ if( pPage->term.n ){
+ n = 1 + fts5PrefixCompress(pPage->term.n, pPage->term.p, nTerm, pTerm);
+ }
+ fts5WriteBtreeTerm(p, pWriter, n, pTerm);
+ pPage = &pWriter->writer;
+ }
+ }else{
+ nPrefix = fts5PrefixCompress(pPage->term.n, pPage->term.p, nTerm, pTerm);
+ fts5BufferAppendVarint(&p->rc, &pPage->buf, nPrefix);
+ }
+
+ /* Append the number of bytes of new data, then the term data itself
+ ** to the page. */
+ fts5BufferAppendVarint(&p->rc, &pPage->buf, nTerm - nPrefix);
+ fts5BufferAppendBlob(&p->rc, &pPage->buf, nTerm - nPrefix, &pTerm[nPrefix]);
+
+ /* Update the Fts5PageWriter.term field. */
+ fts5BufferSet(&p->rc, &pPage->term, nTerm, pTerm);
+ pWriter->bFirstTermInPage = 0;
+
+ pWriter->bFirstRowidInPage = 0;
+ pWriter->bFirstRowidInDoclist = 1;
+
+ assert( p->rc || (pWriter->nDlidx>0 && pWriter->aDlidx[0].buf.n==0) );
+ pWriter->aDlidx[0].pgno = pPage->pgno;
+}
+
+/*
+** Append a rowid and position-list size field to the writers output.
+*/
+static void fts5WriteAppendRowid(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ i64 iRowid,
+ int nPos
+){
+ if( p->rc==SQLITE_OK ){
+ Fts5PageWriter *pPage = &pWriter->writer;
+
+ if( (pPage->buf.n + pPage->pgidx.n)>=p->pConfig->pgsz ){
+ fts5WriteFlushLeaf(p, pWriter);
+ }
+
+ /* If this is to be the first rowid written to the page, set the
+ ** rowid-pointer in the page-header. Also append a value to the dlidx
+ ** buffer, in case a doclist-index is required. */
+ if( pWriter->bFirstRowidInPage ){
+ fts5PutU16(pPage->buf.p, (u16)pPage->buf.n);
+ fts5WriteDlidxAppend(p, pWriter, iRowid);
+ }
+
+ /* Write the rowid. */
+ if( pWriter->bFirstRowidInDoclist || pWriter->bFirstRowidInPage ){
+ fts5BufferAppendVarint(&p->rc, &pPage->buf, iRowid);
+ }else{
+ assert( p->rc || iRowid>pWriter->iPrevRowid );
+ fts5BufferAppendVarint(&p->rc, &pPage->buf, iRowid - pWriter->iPrevRowid);
+ }
+ pWriter->iPrevRowid = iRowid;
+ pWriter->bFirstRowidInDoclist = 0;
+ pWriter->bFirstRowidInPage = 0;
+
+ fts5BufferAppendVarint(&p->rc, &pPage->buf, nPos);
+ }
+}
+
+static void fts5WriteAppendPoslistData(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ const u8 *aData,
+ int nData
+){
+ Fts5PageWriter *pPage = &pWriter->writer;
+ const u8 *a = aData;
+ int n = nData;
+
+ assert( p->pConfig->pgsz>0 );
+ while( p->rc==SQLITE_OK
+ && (pPage->buf.n + pPage->pgidx.n + n)>=p->pConfig->pgsz
+ ){
+ int nReq = p->pConfig->pgsz - pPage->buf.n - pPage->pgidx.n;
+ int nCopy = 0;
+ while( nCopy<nReq ){
+ i64 dummy;
+ nCopy += fts5GetVarint(&a[nCopy], (u64*)&dummy);
+ }
+ fts5BufferAppendBlob(&p->rc, &pPage->buf, nCopy, a);
+ a += nCopy;
+ n -= nCopy;
+ fts5WriteFlushLeaf(p, pWriter);
+ }
+ if( n>0 ){
+ fts5BufferAppendBlob(&p->rc, &pPage->buf, n, a);
+ }
+}
+
+/*
+** Flush any data cached by the writer object to the database. Free any
+** allocations associated with the writer.
+*/
+static void fts5WriteFinish(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter, /* Writer object */
+ int *pnLeaf /* OUT: Number of leaf pages in b-tree */
+){
+ int i;
+ Fts5PageWriter *pLeaf = &pWriter->writer;
+ if( p->rc==SQLITE_OK ){
+ assert( pLeaf->pgno>=1 );
+ if( pLeaf->buf.n>4 ){
+ fts5WriteFlushLeaf(p, pWriter);
+ }
+ *pnLeaf = pLeaf->pgno-1;
+ fts5WriteFlushBtree(p, pWriter);
+ }
+ fts5BufferFree(&pLeaf->term);
+ fts5BufferFree(&pLeaf->buf);
+ fts5BufferFree(&pLeaf->pgidx);
+ fts5BufferFree(&pWriter->btterm);
+
+ for(i=0; i<pWriter->nDlidx; i++){
+ sqlite3Fts5BufferFree(&pWriter->aDlidx[i].buf);
+ }
+ sqlite3_free(pWriter->aDlidx);
+}
+
+static void fts5WriteInit(
+ Fts5Index *p,
+ Fts5SegWriter *pWriter,
+ int iSegid
+){
+ const int nBuffer = p->pConfig->pgsz + FTS5_DATA_PADDING;
+
+ memset(pWriter, 0, sizeof(Fts5SegWriter));
+ pWriter->iSegid = iSegid;
+
+ fts5WriteDlidxGrow(p, pWriter, 1);
+ pWriter->writer.pgno = 1;
+ pWriter->bFirstTermInPage = 1;
+ pWriter->iBtPage = 1;
+
+ assert( pWriter->writer.buf.n==0 );
+ assert( pWriter->writer.pgidx.n==0 );
+
+ /* Grow the two buffers to pgsz + padding bytes in size. */
+ sqlite3Fts5BufferSize(&p->rc, &pWriter->writer.pgidx, nBuffer);
+ sqlite3Fts5BufferSize(&p->rc, &pWriter->writer.buf, nBuffer);
+
+ if( p->pIdxWriter==0 ){
+ Fts5Config *pConfig = p->pConfig;
+ fts5IndexPrepareStmt(p, &p->pIdxWriter, sqlite3_mprintf(
+ "INSERT INTO '%q'.'%q_idx'(segid,term,pgno) VALUES(?,?,?)",
+ pConfig->zDb, pConfig->zName
+ ));
+ }
+
+ if( p->rc==SQLITE_OK ){
+ /* Initialize the 4-byte leaf-page header to 0x00. */
+ memset(pWriter->writer.buf.p, 0, 4);
+ pWriter->writer.buf.n = 4;
+
+ /* Bind the current output segment id to the index-writer. This is an
+ ** optimization over binding the same value over and over as rows are
+ ** inserted into %_idx by the current writer. */
+ sqlite3_bind_int(p->pIdxWriter, 1, pWriter->iSegid);
+ }
+}
+
+/*
+** Iterator pIter was used to iterate through the input segments of on an
+** incremental merge operation. This function is called if the incremental
+** merge step has finished but the input has not been completely exhausted.
+*/
+static void fts5TrimSegments(Fts5Index *p, Fts5IndexIter *pIter){
+ int i;
+ Fts5Buffer buf;
+ memset(&buf, 0, sizeof(Fts5Buffer));
+ for(i=0; i<pIter->nSeg; i++){
+ Fts5SegIter *pSeg = &pIter->aSeg[i];
+ if( pSeg->pSeg==0 ){
+ /* no-op */
+ }else if( pSeg->pLeaf==0 ){
+ /* All keys from this input segment have been transfered to the output.
+ ** Set both the first and last page-numbers to 0 to indicate that the
+ ** segment is now empty. */
+ pSeg->pSeg->pgnoLast = 0;
+ pSeg->pSeg->pgnoFirst = 0;
+ }else{
+ int iOff = pSeg->iTermLeafOffset; /* Offset on new first leaf page */
+ i64 iLeafRowid;
+ Fts5Data *pData;
+ int iId = pSeg->pSeg->iSegid;
+ u8 aHdr[4] = {0x00, 0x00, 0x00, 0x00};
+
+ iLeafRowid = FTS5_SEGMENT_ROWID(iId, pSeg->iTermLeafPgno);
+ pData = fts5DataRead(p, iLeafRowid);
+ if( pData ){
+ fts5BufferZero(&buf);
+ fts5BufferGrow(&p->rc, &buf, pData->nn);
+ fts5BufferAppendBlob(&p->rc, &buf, sizeof(aHdr), aHdr);
+ fts5BufferAppendVarint(&p->rc, &buf, pSeg->term.n);
+ fts5BufferAppendBlob(&p->rc, &buf, pSeg->term.n, pSeg->term.p);
+ fts5BufferAppendBlob(&p->rc, &buf, pData->szLeaf-iOff, &pData->p[iOff]);
+ if( p->rc==SQLITE_OK ){
+ /* Set the szLeaf field */
+ fts5PutU16(&buf.p[2], (u16)buf.n);
+ }
+
+ /* Set up the new page-index array */
+ fts5BufferAppendVarint(&p->rc, &buf, 4);
+ if( pSeg->iLeafPgno==pSeg->iTermLeafPgno
+ && pSeg->iEndofDoclist<pData->szLeaf
+ ){
+ int nDiff = pData->szLeaf - pSeg->iEndofDoclist;
+ fts5BufferAppendVarint(&p->rc, &buf, buf.n - 1 - nDiff - 4);
+ fts5BufferAppendBlob(&p->rc, &buf,
+ pData->nn - pSeg->iPgidxOff, &pData->p[pSeg->iPgidxOff]
+ );
+ }
+
+ fts5DataRelease(pData);
+ pSeg->pSeg->pgnoFirst = pSeg->iTermLeafPgno;
+ fts5DataDelete(p, FTS5_SEGMENT_ROWID(iId, 1), iLeafRowid);
+ fts5DataWrite(p, iLeafRowid, buf.p, buf.n);
+ }
+ }
+ }
+ fts5BufferFree(&buf);
+}
+
+static void fts5MergeChunkCallback(
+ Fts5Index *p,
+ void *pCtx,
+ const u8 *pChunk, int nChunk
+){
+ Fts5SegWriter *pWriter = (Fts5SegWriter*)pCtx;
+ fts5WriteAppendPoslistData(p, pWriter, pChunk, nChunk);
+}
+
+/*
+**
+*/
+static void fts5IndexMergeLevel(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5Structure **ppStruct, /* IN/OUT: Stucture of index */
+ int iLvl, /* Level to read input from */
+ int *pnRem /* Write up to this many output leaves */
+){
+ Fts5Structure *pStruct = *ppStruct;
+ Fts5StructureLevel *pLvl = &pStruct->aLevel[iLvl];
+ Fts5StructureLevel *pLvlOut;
+ Fts5IndexIter *pIter = 0; /* Iterator to read input data */
+ int nRem = pnRem ? *pnRem : 0; /* Output leaf pages left to write */
+ int nInput; /* Number of input segments */
+ Fts5SegWriter writer; /* Writer object */
+ Fts5StructureSegment *pSeg; /* Output segment */
+ Fts5Buffer term;
+ int bOldest; /* True if the output segment is the oldest */
+
+ assert( iLvl<pStruct->nLevel );
+ assert( pLvl->nMerge<=pLvl->nSeg );
+
+ memset(&writer, 0, sizeof(Fts5SegWriter));
+ memset(&term, 0, sizeof(Fts5Buffer));
+ if( pLvl->nMerge ){
+ pLvlOut = &pStruct->aLevel[iLvl+1];
+ assert( pLvlOut->nSeg>0 );
+ nInput = pLvl->nMerge;
+ pSeg = &pLvlOut->aSeg[pLvlOut->nSeg-1];
+
+ fts5WriteInit(p, &writer, pSeg->iSegid);
+ writer.writer.pgno = pSeg->pgnoLast+1;
+ writer.iBtPage = 0;
+ }else{
+ int iSegid = fts5AllocateSegid(p, pStruct);
+
+ /* Extend the Fts5Structure object as required to ensure the output
+ ** segment exists. */
+ if( iLvl==pStruct->nLevel-1 ){
+ fts5StructureAddLevel(&p->rc, ppStruct);
+ pStruct = *ppStruct;
+ }
+ fts5StructureExtendLevel(&p->rc, pStruct, iLvl+1, 1, 0);
+ if( p->rc ) return;
+ pLvl = &pStruct->aLevel[iLvl];
+ pLvlOut = &pStruct->aLevel[iLvl+1];
+
+ fts5WriteInit(p, &writer, iSegid);
+
+ /* Add the new segment to the output level */
+ pSeg = &pLvlOut->aSeg[pLvlOut->nSeg];
+ pLvlOut->nSeg++;
+ pSeg->pgnoFirst = 1;
+ pSeg->iSegid = iSegid;
+ pStruct->nSegment++;
+
+ /* Read input from all segments in the input level */
+ nInput = pLvl->nSeg;
+ }
+ bOldest = (pLvlOut->nSeg==1 && pStruct->nLevel==iLvl+2);
+
+ assert( iLvl>=0 );
+ for(fts5MultiIterNew(p, pStruct, 0, 0, 0, 0, iLvl, nInput, &pIter);
+ fts5MultiIterEof(p, pIter)==0;
+ fts5MultiIterNext(p, pIter, 0, 0)
+ ){
+ Fts5SegIter *pSegIter = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ int nPos; /* position-list size field value */
+ int nTerm;
+ const u8 *pTerm;
+
+ /* Check for key annihilation. */
+ if( pSegIter->nPos==0 && (bOldest || pSegIter->bDel==0) ) continue;
+
+ pTerm = fts5MultiIterTerm(pIter, &nTerm);
+ if( nTerm!=term.n || memcmp(pTerm, term.p, nTerm) ){
+ if( pnRem && writer.nLeafWritten>nRem ){
+ break;
+ }
+
+ /* This is a new term. Append a term to the output segment. */
+ fts5WriteAppendTerm(p, &writer, nTerm, pTerm);
+ fts5BufferSet(&p->rc, &term, nTerm, pTerm);
+ }
+
+ /* Append the rowid to the output */
+ /* WRITEPOSLISTSIZE */
+ nPos = pSegIter->nPos*2 + pSegIter->bDel;
+ fts5WriteAppendRowid(p, &writer, fts5MultiIterRowid(pIter), nPos);
+
+ /* Append the position-list data to the output */
+ fts5ChunkIterate(p, pSegIter, (void*)&writer, fts5MergeChunkCallback);
+ }
+
+ /* Flush the last leaf page to disk. Set the output segment b-tree height
+ ** and last leaf page number at the same time. */
+ fts5WriteFinish(p, &writer, &pSeg->pgnoLast);
+
+ if( fts5MultiIterEof(p, pIter) ){
+ int i;
+
+ /* Remove the redundant segments from the %_data table */
+ for(i=0; i<nInput; i++){
+ fts5DataRemoveSegment(p, pLvl->aSeg[i].iSegid);
+ }
+
+ /* Remove the redundant segments from the input level */
+ if( pLvl->nSeg!=nInput ){
+ int nMove = (pLvl->nSeg - nInput) * sizeof(Fts5StructureSegment);
+ memmove(pLvl->aSeg, &pLvl->aSeg[nInput], nMove);
+ }
+ pStruct->nSegment -= nInput;
+ pLvl->nSeg -= nInput;
+ pLvl->nMerge = 0;
+ if( pSeg->pgnoLast==0 ){
+ pLvlOut->nSeg--;
+ pStruct->nSegment--;
+ }
+ }else{
+ assert( pSeg->pgnoLast>0 );
+ fts5TrimSegments(p, pIter);
+ pLvl->nMerge = nInput;
+ }
+
+ fts5MultiIterFree(p, pIter);
+ fts5BufferFree(&term);
+ if( pnRem ) *pnRem -= writer.nLeafWritten;
+}
+
+/*
+** Do up to nPg pages of automerge work on the index.
+*/
+static void fts5IndexMerge(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5Structure **ppStruct, /* IN/OUT: Current structure of index */
+ int nPg /* Pages of work to do */
+){
+ int nRem = nPg;
+ Fts5Structure *pStruct = *ppStruct;
+ while( nRem>0 && p->rc==SQLITE_OK ){
+ int iLvl; /* To iterate through levels */
+ int iBestLvl = 0; /* Level offering the most input segments */
+ int nBest = 0; /* Number of input segments on best level */
+
+ /* Set iBestLvl to the level to read input segments from. */
+ assert( pStruct->nLevel>0 );
+ for(iLvl=0; iLvl<pStruct->nLevel; iLvl++){
+ Fts5StructureLevel *pLvl = &pStruct->aLevel[iLvl];
+ if( pLvl->nMerge ){
+ if( pLvl->nMerge>nBest ){
+ iBestLvl = iLvl;
+ nBest = pLvl->nMerge;
+ }
+ break;
+ }
+ if( pLvl->nSeg>nBest ){
+ nBest = pLvl->nSeg;
+ iBestLvl = iLvl;
+ }
+ }
+
+ /* If nBest is still 0, then the index must be empty. */
+#ifdef SQLITE_DEBUG
+ for(iLvl=0; nBest==0 && iLvl<pStruct->nLevel; iLvl++){
+ assert( pStruct->aLevel[iLvl].nSeg==0 );
+ }
+#endif
+
+ if( nBest<p->pConfig->nAutomerge
+ && pStruct->aLevel[iBestLvl].nMerge==0
+ ){
+ break;
+ }
+ fts5IndexMergeLevel(p, &pStruct, iBestLvl, &nRem);
+ if( p->rc==SQLITE_OK && pStruct->aLevel[iBestLvl].nMerge==0 ){
+ fts5StructurePromote(p, iBestLvl+1, pStruct);
+ }
+ }
+ *ppStruct = pStruct;
+}
+
+/*
+** A total of nLeaf leaf pages of data has just been flushed to a level-0
+** segment. This function updates the write-counter accordingly and, if
+** necessary, performs incremental merge work.
+**
+** If an error occurs, set the Fts5Index.rc error code. If an error has
+** already occurred, this function is a no-op.
+*/
+static void fts5IndexAutomerge(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5Structure **ppStruct, /* IN/OUT: Current structure of index */
+ int nLeaf /* Number of output leaves just written */
+){
+ if( p->rc==SQLITE_OK && p->pConfig->nAutomerge>0 ){
+ Fts5Structure *pStruct = *ppStruct;
+ u64 nWrite; /* Initial value of write-counter */
+ int nWork; /* Number of work-quanta to perform */
+ int nRem; /* Number of leaf pages left to write */
+
+ /* Update the write-counter. While doing so, set nWork. */
+ nWrite = pStruct->nWriteCounter;
+ nWork = (int)(((nWrite + nLeaf) / p->nWorkUnit) - (nWrite / p->nWorkUnit));
+ pStruct->nWriteCounter += nLeaf;
+ nRem = (int)(p->nWorkUnit * nWork * pStruct->nLevel);
+
+ fts5IndexMerge(p, ppStruct, nRem);
+ }
+}
+
+static void fts5IndexCrisismerge(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5Structure **ppStruct /* IN/OUT: Current structure of index */
+){
+ const int nCrisis = p->pConfig->nCrisisMerge;
+ Fts5Structure *pStruct = *ppStruct;
+ int iLvl = 0;
+
+ assert( p->rc!=SQLITE_OK || pStruct->nLevel>0 );
+ while( p->rc==SQLITE_OK && pStruct->aLevel[iLvl].nSeg>=nCrisis ){
+ fts5IndexMergeLevel(p, &pStruct, iLvl, 0);
+ assert( p->rc!=SQLITE_OK || pStruct->nLevel>(iLvl+1) );
+ fts5StructurePromote(p, iLvl+1, pStruct);
+ iLvl++;
+ }
+ *ppStruct = pStruct;
+}
+
+static int fts5IndexReturn(Fts5Index *p){
+ int rc = p->rc;
+ p->rc = SQLITE_OK;
+ return rc;
+}
+
+typedef struct Fts5FlushCtx Fts5FlushCtx;
+struct Fts5FlushCtx {
+ Fts5Index *pIdx;
+ Fts5SegWriter writer;
+};
+
+/*
+** Buffer aBuf[] contains a list of varints, all small enough to fit
+** in a 32-bit integer. Return the size of the largest prefix of this
+** list nMax bytes or less in size.
+*/
+static int fts5PoslistPrefix(const u8 *aBuf, int nMax){
+ int ret;
+ u32 dummy;
+ ret = fts5GetVarint32(aBuf, dummy);
+ if( ret<nMax ){
+ while( 1 ){
+ int i = fts5GetVarint32(&aBuf[ret], dummy);
+ if( (ret + i) > nMax ) break;
+ ret += i;
+ }
+ }
+ return ret;
+}
+
+/*
+** Flush the contents of in-memory hash table iHash to a new level-0
+** segment on disk. Also update the corresponding structure record.
+**
+** If an error occurs, set the Fts5Index.rc error code. If an error has
+** already occurred, this function is a no-op.
+*/
+static void fts5FlushOneHash(Fts5Index *p){
+ Fts5Hash *pHash = p->pHash;
+ Fts5Structure *pStruct;
+ int iSegid;
+ int pgnoLast = 0; /* Last leaf page number in segment */
+
+ /* Obtain a reference to the index structure and allocate a new segment-id
+ ** for the new level-0 segment. */
+ pStruct = fts5StructureRead(p);
+ iSegid = fts5AllocateSegid(p, pStruct);
+
+ if( iSegid ){
+ const int pgsz = p->pConfig->pgsz;
+
+ Fts5StructureSegment *pSeg; /* New segment within pStruct */
+ Fts5Buffer *pBuf; /* Buffer in which to assemble leaf page */
+ Fts5Buffer *pPgidx; /* Buffer in which to assemble pgidx */
+
+ Fts5SegWriter writer;
+ fts5WriteInit(p, &writer, iSegid);
+
+ pBuf = &writer.writer.buf;
+ pPgidx = &writer.writer.pgidx;
+
+ /* fts5WriteInit() should have initialized the buffers to (most likely)
+ ** the maximum space required. */
+ assert( p->rc || pBuf->nSpace>=(pgsz + FTS5_DATA_PADDING) );
+ assert( p->rc || pPgidx->nSpace>=(pgsz + FTS5_DATA_PADDING) );
+
+ /* Begin scanning through hash table entries. This loop runs once for each
+ ** term/doclist currently stored within the hash table. */
+ if( p->rc==SQLITE_OK ){
+ p->rc = sqlite3Fts5HashScanInit(pHash, 0, 0);
+ }
+ while( p->rc==SQLITE_OK && 0==sqlite3Fts5HashScanEof(pHash) ){
+ const char *zTerm; /* Buffer containing term */
+ const u8 *pDoclist; /* Pointer to doclist for this term */
+ int nDoclist; /* Size of doclist in bytes */
+
+ /* Write the term for this entry to disk. */
+ sqlite3Fts5HashScanEntry(pHash, &zTerm, &pDoclist, &nDoclist);
+ fts5WriteAppendTerm(p, &writer, (int)strlen(zTerm), (const u8*)zTerm);
+
+ assert( writer.bFirstRowidInPage==0 );
+ if( pgsz>=(pBuf->n + pPgidx->n + nDoclist + 1) ){
+ /* The entire doclist will fit on the current leaf. */
+ fts5BufferSafeAppendBlob(pBuf, pDoclist, nDoclist);
+ }else{
+ i64 iRowid = 0;
+ i64 iDelta = 0;
+ int iOff = 0;
+
+ /* The entire doclist will not fit on this leaf. The following
+ ** loop iterates through the poslists that make up the current
+ ** doclist. */
+ while( p->rc==SQLITE_OK && iOff<nDoclist ){
+ int nPos;
+ int nCopy;
+ int bDummy;
+ iOff += fts5GetVarint(&pDoclist[iOff], (u64*)&iDelta);
+ nCopy = fts5GetPoslistSize(&pDoclist[iOff], &nPos, &bDummy);
+ nCopy += nPos;
+ iRowid += iDelta;
+
+ if( writer.bFirstRowidInPage ){
+ fts5PutU16(&pBuf->p[0], (u16)pBuf->n); /* first rowid on page */
+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowid);
+ writer.bFirstRowidInPage = 0;
+ fts5WriteDlidxAppend(p, &writer, iRowid);
+ }else{
+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iDelta);
+ }
+ assert( pBuf->n<=pBuf->nSpace );
+
+ if( (pBuf->n + pPgidx->n + nCopy) <= pgsz ){
+ /* The entire poslist will fit on the current leaf. So copy
+ ** it in one go. */
+ fts5BufferSafeAppendBlob(pBuf, &pDoclist[iOff], nCopy);
+ }else{
+ /* The entire poslist will not fit on this leaf. So it needs
+ ** to be broken into sections. The only qualification being
+ ** that each varint must be stored contiguously. */
+ const u8 *pPoslist = &pDoclist[iOff];
+ int iPos = 0;
+ while( p->rc==SQLITE_OK ){
+ int nSpace = pgsz - pBuf->n - pPgidx->n;
+ int n = 0;
+ if( (nCopy - iPos)<=nSpace ){
+ n = nCopy - iPos;
+ }else{
+ n = fts5PoslistPrefix(&pPoslist[iPos], nSpace);
+ }
+ assert( n>0 );
+ fts5BufferSafeAppendBlob(pBuf, &pPoslist[iPos], n);
+ iPos += n;
+ if( (pBuf->n + pPgidx->n)>=pgsz ){
+ fts5WriteFlushLeaf(p, &writer);
+ }
+ if( iPos>=nCopy ) break;
+ }
+ }
+ iOff += nCopy;
+ }
+ }
+
+ /* TODO2: Doclist terminator written here. */
+ /* pBuf->p[pBuf->n++] = '\0'; */
+ assert( pBuf->n<=pBuf->nSpace );
+ sqlite3Fts5HashScanNext(pHash);
+ }
+ sqlite3Fts5HashClear(pHash);
+ fts5WriteFinish(p, &writer, &pgnoLast);
+
+ /* Update the Fts5Structure. It is written back to the database by the
+ ** fts5StructureRelease() call below. */
+ if( pStruct->nLevel==0 ){
+ fts5StructureAddLevel(&p->rc, &pStruct);
+ }
+ fts5StructureExtendLevel(&p->rc, pStruct, 0, 1, 0);
+ if( p->rc==SQLITE_OK ){
+ pSeg = &pStruct->aLevel[0].aSeg[ pStruct->aLevel[0].nSeg++ ];
+ pSeg->iSegid = iSegid;
+ pSeg->pgnoFirst = 1;
+ pSeg->pgnoLast = pgnoLast;
+ pStruct->nSegment++;
+ }
+ fts5StructurePromote(p, 0, pStruct);
+ }
+
+ fts5IndexAutomerge(p, &pStruct, pgnoLast);
+ fts5IndexCrisismerge(p, &pStruct);
+ fts5StructureWrite(p, pStruct);
+ fts5StructureRelease(pStruct);
+}
+
+/*
+** Flush any data stored in the in-memory hash tables to the database.
+*/
+static void fts5IndexFlush(Fts5Index *p){
+ /* Unless it is empty, flush the hash table to disk */
+ if( p->nPendingData ){
+ assert( p->pHash );
+ p->nPendingData = 0;
+ fts5FlushOneHash(p);
+ }
+}
+
+
+static int sqlite3Fts5IndexOptimize(Fts5Index *p){
+ Fts5Structure *pStruct;
+ Fts5Structure *pNew = 0;
+ int nSeg = 0;
+
+ assert( p->rc==SQLITE_OK );
+ fts5IndexFlush(p);
+ pStruct = fts5StructureRead(p);
+
+ if( pStruct ){
+ assert( pStruct->nSegment==fts5StructureCountSegments(pStruct) );
+ nSeg = pStruct->nSegment;
+ if( nSeg>1 ){
+ int nByte = sizeof(Fts5Structure);
+ nByte += (pStruct->nLevel+1) * sizeof(Fts5StructureLevel);
+ pNew = (Fts5Structure*)sqlite3Fts5MallocZero(&p->rc, nByte);
+ }
+ }
+ if( pNew ){
+ Fts5StructureLevel *pLvl;
+ int nByte = nSeg * sizeof(Fts5StructureSegment);
+ pNew->nLevel = pStruct->nLevel+1;
+ pNew->nRef = 1;
+ pNew->nWriteCounter = pStruct->nWriteCounter;
+ pLvl = &pNew->aLevel[pStruct->nLevel];
+ pLvl->aSeg = (Fts5StructureSegment*)sqlite3Fts5MallocZero(&p->rc, nByte);
+ if( pLvl->aSeg ){
+ int iLvl, iSeg;
+ int iSegOut = 0;
+ for(iLvl=0; iLvl<pStruct->nLevel; iLvl++){
+ for(iSeg=0; iSeg<pStruct->aLevel[iLvl].nSeg; iSeg++){
+ pLvl->aSeg[iSegOut] = pStruct->aLevel[iLvl].aSeg[iSeg];
+ iSegOut++;
+ }
+ }
+ pNew->nSegment = pLvl->nSeg = nSeg;
+ }else{
+ sqlite3_free(pNew);
+ pNew = 0;
+ }
+ }
+
+ if( pNew ){
+ int iLvl = pNew->nLevel-1;
+ while( p->rc==SQLITE_OK && pNew->aLevel[iLvl].nSeg>0 ){
+ int nRem = FTS5_OPT_WORK_UNIT;
+ fts5IndexMergeLevel(p, &pNew, iLvl, &nRem);
+ }
+
+ fts5StructureWrite(p, pNew);
+ fts5StructureRelease(pNew);
+ }
+
+ fts5StructureRelease(pStruct);
+ return fts5IndexReturn(p);
+}
+
+static int sqlite3Fts5IndexMerge(Fts5Index *p, int nMerge){
+ Fts5Structure *pStruct;
+
+ pStruct = fts5StructureRead(p);
+ if( pStruct && pStruct->nLevel ){
+ fts5IndexMerge(p, &pStruct, nMerge);
+ fts5StructureWrite(p, pStruct);
+ }
+ fts5StructureRelease(pStruct);
+
+ return fts5IndexReturn(p);
+}
+
+static void fts5PoslistCallback(
+ Fts5Index *p,
+ void *pContext,
+ const u8 *pChunk, int nChunk
+){
+ assert_nc( nChunk>=0 );
+ if( nChunk>0 ){
+ fts5BufferSafeAppendBlob((Fts5Buffer*)pContext, pChunk, nChunk);
+ }
+}
+
+typedef struct PoslistCallbackCtx PoslistCallbackCtx;
+struct PoslistCallbackCtx {
+ Fts5Buffer *pBuf; /* Append to this buffer */
+ Fts5Colset *pColset; /* Restrict matches to this column */
+ int eState; /* See above */
+};
+
+/*
+** TODO: Make this more efficient!
+*/
+static int fts5IndexColsetTest(Fts5Colset *pColset, int iCol){
+ int i;
+ for(i=0; i<pColset->nCol; i++){
+ if( pColset->aiCol[i]==iCol ) return 1;
+ }
+ return 0;
+}
+
+static void fts5PoslistFilterCallback(
+ Fts5Index *p,
+ void *pContext,
+ const u8 *pChunk, int nChunk
+){
+ PoslistCallbackCtx *pCtx = (PoslistCallbackCtx*)pContext;
+ assert_nc( nChunk>=0 );
+ if( nChunk>0 ){
+ /* Search through to find the first varint with value 1. This is the
+ ** start of the next columns hits. */
+ int i = 0;
+ int iStart = 0;
+
+ if( pCtx->eState==2 ){
+ int iCol;
+ fts5FastGetVarint32(pChunk, i, iCol);
+ if( fts5IndexColsetTest(pCtx->pColset, iCol) ){
+ pCtx->eState = 1;
+ fts5BufferSafeAppendVarint(pCtx->pBuf, 1);
+ }else{
+ pCtx->eState = 0;
+ }
+ }
+
+ do {
+ while( i<nChunk && pChunk[i]!=0x01 ){
+ while( pChunk[i] & 0x80 ) i++;
+ i++;
+ }
+ if( pCtx->eState ){
+ fts5BufferSafeAppendBlob(pCtx->pBuf, &pChunk[iStart], i-iStart);
+ }
+ if( i<nChunk ){
+ int iCol;
+ iStart = i;
+ i++;
+ if( i>=nChunk ){
+ pCtx->eState = 2;
+ }else{
+ fts5FastGetVarint32(pChunk, i, iCol);
+ pCtx->eState = fts5IndexColsetTest(pCtx->pColset, iCol);
+ if( pCtx->eState ){
+ fts5BufferSafeAppendBlob(pCtx->pBuf, &pChunk[iStart], i-iStart);
+ iStart = i;
+ }
+ }
+ }
+ }while( i<nChunk );
+ }
+}
+
+/*
+** Iterator pIter currently points to a valid entry (not EOF). This
+** function appends the position list data for the current entry to
+** buffer pBuf. It does not make a copy of the position-list size
+** field.
+*/
+static void fts5SegiterPoslist(
+ Fts5Index *p,
+ Fts5SegIter *pSeg,
+ Fts5Colset *pColset,
+ Fts5Buffer *pBuf
+){
+ if( 0==fts5BufferGrow(&p->rc, pBuf, pSeg->nPos) ){
+ if( pColset==0 ){
+ fts5ChunkIterate(p, pSeg, (void*)pBuf, fts5PoslistCallback);
+ }else{
+ PoslistCallbackCtx sCtx;
+ sCtx.pBuf = pBuf;
+ sCtx.pColset = pColset;
+ sCtx.eState = fts5IndexColsetTest(pColset, 0);
+ assert( sCtx.eState==0 || sCtx.eState==1 );
+ fts5ChunkIterate(p, pSeg, (void*)&sCtx, fts5PoslistFilterCallback);
+ }
+ }
+}
+
+/*
+** IN/OUT parameter (*pa) points to a position list n bytes in size. If
+** the position list contains entries for column iCol, then (*pa) is set
+** to point to the sub-position-list for that column and the number of
+** bytes in it returned. Or, if the argument position list does not
+** contain any entries for column iCol, return 0.
+*/
+static int fts5IndexExtractCol(
+ const u8 **pa, /* IN/OUT: Pointer to poslist */
+ int n, /* IN: Size of poslist in bytes */
+ int iCol /* Column to extract from poslist */
+){
+ int iCurrent = 0; /* Anything before the first 0x01 is col 0 */
+ const u8 *p = *pa;
+ const u8 *pEnd = &p[n]; /* One byte past end of position list */
+ u8 prev = 0;
+
+ while( iCol>iCurrent ){
+ /* Advance pointer p until it points to pEnd or an 0x01 byte that is
+ ** not part of a varint */
+ while( (prev & 0x80) || *p!=0x01 ){
+ prev = *p++;
+ if( p==pEnd ) return 0;
+ }
+ *pa = p++;
+ p += fts5GetVarint32(p, iCurrent);
+ }
+ if( iCol!=iCurrent ) return 0;
+
+ /* Advance pointer p until it points to pEnd or an 0x01 byte that is
+ ** not part of a varint */
+ assert( (prev & 0x80)==0 );
+ while( p<pEnd && ((prev & 0x80) || *p!=0x01) ){
+ prev = *p++;
+ }
+ return p - (*pa);
+}
+
+
+/*
+** Iterator pMulti currently points to a valid entry (not EOF). This
+** function appends the following to buffer pBuf:
+**
+** * The varint iDelta, and
+** * the position list that currently points to, including the size field.
+**
+** If argument pColset is NULL, then the position list is filtered according
+** to pColset before being appended to the buffer. If this means there are
+** no entries in the position list, nothing is appended to the buffer (not
+** even iDelta).
+**
+** If an error occurs, an error code is left in p->rc.
+*/
+static int fts5AppendPoslist(
+ Fts5Index *p,
+ i64 iDelta,
+ Fts5IndexIter *pMulti,
+ Fts5Colset *pColset,
+ Fts5Buffer *pBuf
+){
+ if( p->rc==SQLITE_OK ){
+ Fts5SegIter *pSeg = &pMulti->aSeg[ pMulti->aFirst[1].iFirst ];
+ assert( fts5MultiIterEof(p, pMulti)==0 );
+ assert( pSeg->nPos>0 );
+ if( 0==fts5BufferGrow(&p->rc, pBuf, pSeg->nPos+9+9) ){
+
+ if( pSeg->iLeafOffset+pSeg->nPos<=pSeg->pLeaf->szLeaf
+ && (pColset==0 || pColset->nCol==1)
+ ){
+ const u8 *pPos = &pSeg->pLeaf->p[pSeg->iLeafOffset];
+ int nPos;
+ if( pColset ){
+ nPos = fts5IndexExtractCol(&pPos, pSeg->nPos, pColset->aiCol[0]);
+ if( nPos==0 ) return 1;
+ }else{
+ nPos = pSeg->nPos;
+ }
+ assert( nPos>0 );
+ fts5BufferSafeAppendVarint(pBuf, iDelta);
+ fts5BufferSafeAppendVarint(pBuf, nPos*2);
+ fts5BufferSafeAppendBlob(pBuf, pPos, nPos);
+ }else{
+ int iSv1;
+ int iSv2;
+ int iData;
+
+ /* Append iDelta */
+ iSv1 = pBuf->n;
+ fts5BufferSafeAppendVarint(pBuf, iDelta);
+
+ /* WRITEPOSLISTSIZE */
+ iSv2 = pBuf->n;
+ fts5BufferSafeAppendVarint(pBuf, pSeg->nPos*2);
+ iData = pBuf->n;
+
+ fts5SegiterPoslist(p, pSeg, pColset, pBuf);
+
+ if( pColset ){
+ int nActual = pBuf->n - iData;
+ if( nActual!=pSeg->nPos ){
+ if( nActual==0 ){
+ pBuf->n = iSv1;
+ return 1;
+ }else{
+ int nReq = sqlite3Fts5GetVarintLen((u32)(nActual*2));
+ while( iSv2<(iData-nReq) ){ pBuf->p[iSv2++] = 0x80; }
+ sqlite3Fts5PutVarint(&pBuf->p[iSv2], nActual*2);
+ }
+ }
+ }
+ }
+
+ }
+ }
+
+ return 0;
+}
+
+static void fts5DoclistIterNext(Fts5DoclistIter *pIter){
+ u8 *p = pIter->aPoslist + pIter->nSize + pIter->nPoslist;
+
+ assert( pIter->aPoslist );
+ if( p>=pIter->aEof ){
+ pIter->aPoslist = 0;
+ }else{
+ i64 iDelta;
+
+ p += fts5GetVarint(p, (u64*)&iDelta);
+ pIter->iRowid += iDelta;
+
+ /* Read position list size */
+ if( p[0] & 0x80 ){
+ int nPos;
+ pIter->nSize = fts5GetVarint32(p, nPos);
+ pIter->nPoslist = (nPos>>1);
+ }else{
+ pIter->nPoslist = ((int)(p[0])) >> 1;
+ pIter->nSize = 1;
+ }
+
+ pIter->aPoslist = p;
+ }
+}
+
+static void fts5DoclistIterInit(
+ Fts5Buffer *pBuf,
+ Fts5DoclistIter *pIter
+){
+ memset(pIter, 0, sizeof(*pIter));
+ pIter->aPoslist = pBuf->p;
+ pIter->aEof = &pBuf->p[pBuf->n];
+ fts5DoclistIterNext(pIter);
+}
+
+#if 0
+/*
+** Append a doclist to buffer pBuf.
+**
+** This function assumes that space within the buffer has already been
+** allocated.
+*/
+static void fts5MergeAppendDocid(
+ Fts5Buffer *pBuf, /* Buffer to write to */
+ i64 *piLastRowid, /* IN/OUT: Previous rowid written (if any) */
+ i64 iRowid /* Rowid to append */
+){
+ assert( pBuf->n!=0 || (*piLastRowid)==0 );
+ fts5BufferSafeAppendVarint(pBuf, iRowid - *piLastRowid);
+ *piLastRowid = iRowid;
+}
+#endif
+
+#define fts5MergeAppendDocid(pBuf, iLastRowid, iRowid) { \
+ assert( (pBuf)->n!=0 || (iLastRowid)==0 ); \
+ fts5BufferSafeAppendVarint((pBuf), (iRowid) - (iLastRowid)); \
+ (iLastRowid) = (iRowid); \
+}
+
+/*
+** Buffers p1 and p2 contain doclists. This function merges the content
+** of the two doclists together and sets buffer p1 to the result before
+** returning.
+**
+** If an error occurs, an error code is left in p->rc. If an error has
+** already occurred, this function is a no-op.
+*/
+static void fts5MergePrefixLists(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5Buffer *p1, /* First list to merge */
+ Fts5Buffer *p2 /* Second list to merge */
+){
+ if( p2->n ){
+ i64 iLastRowid = 0;
+ Fts5DoclistIter i1;
+ Fts5DoclistIter i2;
+ Fts5Buffer out;
+ Fts5Buffer tmp;
+ memset(&out, 0, sizeof(out));
+ memset(&tmp, 0, sizeof(tmp));
+
+ sqlite3Fts5BufferSize(&p->rc, &out, p1->n + p2->n);
+ fts5DoclistIterInit(p1, &i1);
+ fts5DoclistIterInit(p2, &i2);
+ while( p->rc==SQLITE_OK && (i1.aPoslist!=0 || i2.aPoslist!=0) ){
+ if( i2.aPoslist==0 || (i1.aPoslist && i1.iRowid<i2.iRowid) ){
+ /* Copy entry from i1 */
+ fts5MergeAppendDocid(&out, iLastRowid, i1.iRowid);
+ fts5BufferSafeAppendBlob(&out, i1.aPoslist, i1.nPoslist+i1.nSize);
+ fts5DoclistIterNext(&i1);
+ }
+ else if( i1.aPoslist==0 || i2.iRowid!=i1.iRowid ){
+ /* Copy entry from i2 */
+ fts5MergeAppendDocid(&out, iLastRowid, i2.iRowid);
+ fts5BufferSafeAppendBlob(&out, i2.aPoslist, i2.nPoslist+i2.nSize);
+ fts5DoclistIterNext(&i2);
+ }
+ else{
+ i64 iPos1 = 0;
+ i64 iPos2 = 0;
+ int iOff1 = 0;
+ int iOff2 = 0;
+ u8 *a1 = &i1.aPoslist[i1.nSize];
+ u8 *a2 = &i2.aPoslist[i2.nSize];
+
+ Fts5PoslistWriter writer;
+ memset(&writer, 0, sizeof(writer));
+
+ /* Merge the two position lists. */
+ fts5MergeAppendDocid(&out, iLastRowid, i2.iRowid);
+ fts5BufferZero(&tmp);
+
+ sqlite3Fts5PoslistNext64(a1, i1.nPoslist, &iOff1, &iPos1);
+ sqlite3Fts5PoslistNext64(a2, i2.nPoslist, &iOff2, &iPos2);
+
+ while( p->rc==SQLITE_OK && (iPos1>=0 || iPos2>=0) ){
+ i64 iNew;
+ if( iPos2<0 || (iPos1>=0 && iPos1<iPos2) ){
+ iNew = iPos1;
+ sqlite3Fts5PoslistNext64(a1, i1.nPoslist, &iOff1, &iPos1);
+ }else{
+ iNew = iPos2;
+ sqlite3Fts5PoslistNext64(a2, i2.nPoslist, &iOff2, &iPos2);
+ if( iPos1==iPos2 ){
+ sqlite3Fts5PoslistNext64(a1, i1.nPoslist, &iOff1,&iPos1);
+ }
+ }
+ p->rc = sqlite3Fts5PoslistWriterAppend(&tmp, &writer, iNew);
+ }
+
+ /* WRITEPOSLISTSIZE */
+ fts5BufferSafeAppendVarint(&out, tmp.n * 2);
+ fts5BufferSafeAppendBlob(&out, tmp.p, tmp.n);
+ fts5DoclistIterNext(&i1);
+ fts5DoclistIterNext(&i2);
+ }
+ }
+
+ fts5BufferSet(&p->rc, p1, out.n, out.p);
+ fts5BufferFree(&tmp);
+ fts5BufferFree(&out);
+ }
+}
+
+static void fts5BufferSwap(Fts5Buffer *p1, Fts5Buffer *p2){
+ Fts5Buffer tmp = *p1;
+ *p1 = *p2;
+ *p2 = tmp;
+}
+
+static void fts5SetupPrefixIter(
+ Fts5Index *p, /* Index to read from */
+ int bDesc, /* True for "ORDER BY rowid DESC" */
+ const u8 *pToken, /* Buffer containing prefix to match */
+ int nToken, /* Size of buffer pToken in bytes */
+ Fts5Colset *pColset, /* Restrict matches to these columns */
+ Fts5IndexIter **ppIter /* OUT: New iterator */
+){
+ Fts5Structure *pStruct;
+ Fts5Buffer *aBuf;
+ const int nBuf = 32;
+
+ aBuf = (Fts5Buffer*)fts5IdxMalloc(p, sizeof(Fts5Buffer)*nBuf);
+ pStruct = fts5StructureRead(p);
+
+ if( aBuf && pStruct ){
+ const int flags = FTS5INDEX_QUERY_SCAN;
+ int i;
+ i64 iLastRowid = 0;
+ Fts5IndexIter *p1 = 0; /* Iterator used to gather data from index */
+ Fts5Data *pData;
+ Fts5Buffer doclist;
+ int bNewTerm = 1;
+
+ memset(&doclist, 0, sizeof(doclist));
+ for(fts5MultiIterNew(p, pStruct, 1, flags, pToken, nToken, -1, 0, &p1);
+ fts5MultiIterEof(p, p1)==0;
+ fts5MultiIterNext2(p, p1, &bNewTerm)
+ ){
+ i64 iRowid = fts5MultiIterRowid(p1);
+ int nTerm;
+ const u8 *pTerm = fts5MultiIterTerm(p1, &nTerm);
+ assert_nc( memcmp(pToken, pTerm, MIN(nToken, nTerm))<=0 );
+ if( bNewTerm ){
+ if( nTerm<nToken || memcmp(pToken, pTerm, nToken) ) break;
+ }
+
+ if( doclist.n>0 && iRowid<=iLastRowid ){
+ for(i=0; p->rc==SQLITE_OK && doclist.n; i++){
+ assert( i<nBuf );
+ if( aBuf[i].n==0 ){
+ fts5BufferSwap(&doclist, &aBuf[i]);
+ fts5BufferZero(&doclist);
+ }else{
+ fts5MergePrefixLists(p, &doclist, &aBuf[i]);
+ fts5BufferZero(&aBuf[i]);
+ }
+ }
+ iLastRowid = 0;
+ }
+
+ if( !fts5AppendPoslist(p, iRowid-iLastRowid, p1, pColset, &doclist) ){
+ iLastRowid = iRowid;
+ }
+ }
+
+ for(i=0; i<nBuf; i++){
+ if( p->rc==SQLITE_OK ){
+ fts5MergePrefixLists(p, &doclist, &aBuf[i]);
+ }
+ fts5BufferFree(&aBuf[i]);
+ }
+ fts5MultiIterFree(p, p1);
+
+ pData = fts5IdxMalloc(p, sizeof(Fts5Data) + doclist.n);
+ if( pData ){
+ pData->p = (u8*)&pData[1];
+ pData->nn = pData->szLeaf = doclist.n;
+ memcpy(pData->p, doclist.p, doclist.n);
+ fts5MultiIterNew2(p, pData, bDesc, ppIter);
+ }
+ fts5BufferFree(&doclist);
+ }
+
+ fts5StructureRelease(pStruct);
+ sqlite3_free(aBuf);
+}
+
+
+/*
+** Indicate that all subsequent calls to sqlite3Fts5IndexWrite() pertain
+** to the document with rowid iRowid.
+*/
+static int sqlite3Fts5IndexBeginWrite(Fts5Index *p, int bDelete, i64 iRowid){
+ assert( p->rc==SQLITE_OK );
+
+ /* Allocate the hash table if it has not already been allocated */
+ if( p->pHash==0 ){
+ p->rc = sqlite3Fts5HashNew(&p->pHash, &p->nPendingData);
+ }
+
+ /* Flush the hash table to disk if required */
+ if( iRowid<p->iWriteRowid
+ || (iRowid==p->iWriteRowid && p->bDelete==0)
+ || (p->nPendingData > p->pConfig->nHashSize)
+ ){
+ fts5IndexFlush(p);
+ }
+
+ p->iWriteRowid = iRowid;
+ p->bDelete = bDelete;
+ return fts5IndexReturn(p);
+}
+
+/*
+** Commit data to disk.
+*/
+static int sqlite3Fts5IndexSync(Fts5Index *p, int bCommit){
+ assert( p->rc==SQLITE_OK );
+ fts5IndexFlush(p);
+ if( bCommit ) fts5CloseReader(p);
+ return fts5IndexReturn(p);
+}
+
+/*
+** Discard any data stored in the in-memory hash tables. Do not write it
+** to the database. Additionally, assume that the contents of the %_data
+** table may have changed on disk. So any in-memory caches of %_data
+** records must be invalidated.
+*/
+static int sqlite3Fts5IndexRollback(Fts5Index *p){
+ fts5CloseReader(p);
+ fts5IndexDiscardData(p);
+ assert( p->rc==SQLITE_OK );
+ return SQLITE_OK;
+}
+
+/*
+** The %_data table is completely empty when this function is called. This
+** function populates it with the initial structure objects for each index,
+** and the initial version of the "averages" record (a zero-byte blob).
+*/
+static int sqlite3Fts5IndexReinit(Fts5Index *p){
+ Fts5Structure s;
+ memset(&s, 0, sizeof(Fts5Structure));
+ fts5DataWrite(p, FTS5_AVERAGES_ROWID, (const u8*)"", 0);
+ fts5StructureWrite(p, &s);
+ return fts5IndexReturn(p);
+}
+
+/*
+** Open a new Fts5Index handle. If the bCreate argument is true, create
+** and initialize the underlying %_data table.
+**
+** If successful, set *pp to point to the new object and return SQLITE_OK.
+** Otherwise, set *pp to NULL and return an SQLite error code.
+*/
+static int sqlite3Fts5IndexOpen(
+ Fts5Config *pConfig,
+ int bCreate,
+ Fts5Index **pp,
+ char **pzErr
+){
+ int rc = SQLITE_OK;
+ Fts5Index *p; /* New object */
+
+ *pp = p = (Fts5Index*)sqlite3Fts5MallocZero(&rc, sizeof(Fts5Index));
+ if( rc==SQLITE_OK ){
+ p->pConfig = pConfig;
+ p->nWorkUnit = FTS5_WORK_UNIT;
+ p->zDataTbl = sqlite3Fts5Mprintf(&rc, "%s_data", pConfig->zName);
+ if( p->zDataTbl && bCreate ){
+ rc = sqlite3Fts5CreateTable(
+ pConfig, "data", "id INTEGER PRIMARY KEY, block BLOB", 0, pzErr
+ );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5CreateTable(pConfig, "idx",
+ "segid, term, pgno, PRIMARY KEY(segid, term)",
+ 1, pzErr
+ );
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexReinit(p);
+ }
+ }
+ }
+
+ assert( rc!=SQLITE_OK || p->rc==SQLITE_OK );
+ if( rc ){
+ sqlite3Fts5IndexClose(p);
+ *pp = 0;
+ }
+ return rc;
+}
+
+/*
+** Close a handle opened by an earlier call to sqlite3Fts5IndexOpen().
+*/
+static int sqlite3Fts5IndexClose(Fts5Index *p){
+ int rc = SQLITE_OK;
+ if( p ){
+ assert( p->pReader==0 );
+ sqlite3_finalize(p->pWriter);
+ sqlite3_finalize(p->pDeleter);
+ sqlite3_finalize(p->pIdxWriter);
+ sqlite3_finalize(p->pIdxDeleter);
+ sqlite3_finalize(p->pIdxSelect);
+ sqlite3Fts5HashFree(p->pHash);
+ sqlite3_free(p->zDataTbl);
+ sqlite3_free(p);
+ }
+ return rc;
+}
+
+/*
+** Argument p points to a buffer containing utf-8 text that is n bytes in
+** size. Return the number of bytes in the nChar character prefix of the
+** buffer, or 0 if there are less than nChar characters in total.
+*/
+static int fts5IndexCharlenToBytelen(const char *p, int nByte, int nChar){
+ int n = 0;
+ int i;
+ for(i=0; i<nChar; i++){
+ if( n>=nByte ) return 0; /* Input contains fewer than nChar chars */
+ if( (unsigned char)p[n++]>=0xc0 ){
+ while( (p[n] & 0xc0)==0x80 ) n++;
+ }
+ }
+ return n;
+}
+
+/*
+** pIn is a UTF-8 encoded string, nIn bytes in size. Return the number of
+** unicode characters in the string.
+*/
+static int fts5IndexCharlen(const char *pIn, int nIn){
+ int nChar = 0;
+ int i = 0;
+ while( i<nIn ){
+ if( (unsigned char)pIn[i++]>=0xc0 ){
+ while( i<nIn && (pIn[i] & 0xc0)==0x80 ) i++;
+ }
+ nChar++;
+ }
+ return nChar;
+}
+
+/*
+** Insert or remove data to or from the index. Each time a document is
+** added to or removed from the index, this function is called one or more
+** times.
+**
+** For an insert, it must be called once for each token in the new document.
+** If the operation is a delete, it must be called (at least) once for each
+** unique token in the document with an iCol value less than zero. The iPos
+** argument is ignored for a delete.
+*/
+static int sqlite3Fts5IndexWrite(
+ Fts5Index *p, /* Index to write to */
+ int iCol, /* Column token appears in (-ve -> delete) */
+ int iPos, /* Position of token within column */
+ const char *pToken, int nToken /* Token to add or remove to or from index */
+){
+ int i; /* Used to iterate through indexes */
+ int rc = SQLITE_OK; /* Return code */
+ Fts5Config *pConfig = p->pConfig;
+
+ assert( p->rc==SQLITE_OK );
+ assert( (iCol<0)==p->bDelete );
+
+ /* Add the entry to the main terms index. */
+ rc = sqlite3Fts5HashWrite(
+ p->pHash, p->iWriteRowid, iCol, iPos, FTS5_MAIN_PREFIX, pToken, nToken
+ );
+
+ for(i=0; i<pConfig->nPrefix && rc==SQLITE_OK; i++){
+ int nByte = fts5IndexCharlenToBytelen(pToken, nToken, pConfig->aPrefix[i]);
+ if( nByte ){
+ rc = sqlite3Fts5HashWrite(p->pHash,
+ p->iWriteRowid, iCol, iPos, (char)(FTS5_MAIN_PREFIX+i+1), pToken,
+ nByte
+ );
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Open a new iterator to iterate though all rowid that match the
+** specified token or token prefix.
+*/
+static int sqlite3Fts5IndexQuery(
+ Fts5Index *p, /* FTS index to query */
+ const char *pToken, int nToken, /* Token (or prefix) to query for */
+ int flags, /* Mask of FTS5INDEX_QUERY_X flags */
+ Fts5Colset *pColset, /* Match these columns only */
+ Fts5IndexIter **ppIter /* OUT: New iterator object */
+){
+ Fts5Config *pConfig = p->pConfig;
+ Fts5IndexIter *pRet = 0;
+ int iIdx = 0;
+ Fts5Buffer buf = {0, 0, 0};
+
+ /* If the QUERY_SCAN flag is set, all other flags must be clear. */
+ assert( (flags & FTS5INDEX_QUERY_SCAN)==0 || flags==FTS5INDEX_QUERY_SCAN );
+
+ if( sqlite3Fts5BufferSize(&p->rc, &buf, nToken+1)==0 ){
+ memcpy(&buf.p[1], pToken, nToken);
+
+#ifdef SQLITE_DEBUG
+ /* If the QUERY_TEST_NOIDX flag was specified, then this must be a
+ ** prefix-query. Instead of using a prefix-index (if one exists),
+ ** evaluate the prefix query using the main FTS index. This is used
+ ** for internal sanity checking by the integrity-check in debug
+ ** mode only. */
+ if( pConfig->bPrefixIndex==0 || (flags & FTS5INDEX_QUERY_TEST_NOIDX) ){
+ assert( flags & FTS5INDEX_QUERY_PREFIX );
+ iIdx = 1+pConfig->nPrefix;
+ }else
+#endif
+ if( flags & FTS5INDEX_QUERY_PREFIX ){
+ int nChar = fts5IndexCharlen(pToken, nToken);
+ for(iIdx=1; iIdx<=pConfig->nPrefix; iIdx++){
+ if( pConfig->aPrefix[iIdx-1]==nChar ) break;
+ }
+ }
+
+ if( iIdx<=pConfig->nPrefix ){
+ Fts5Structure *pStruct = fts5StructureRead(p);
+ buf.p[0] = (u8)(FTS5_MAIN_PREFIX + iIdx);
+ if( pStruct ){
+ fts5MultiIterNew(p, pStruct, 1, flags, buf.p, nToken+1, -1, 0, &pRet);
+ fts5StructureRelease(pStruct);
+ }
+ }else{
+ int bDesc = (flags & FTS5INDEX_QUERY_DESC)!=0;
+ buf.p[0] = FTS5_MAIN_PREFIX;
+ fts5SetupPrefixIter(p, bDesc, buf.p, nToken+1, pColset, &pRet);
+ }
+
+ if( p->rc ){
+ sqlite3Fts5IterClose(pRet);
+ pRet = 0;
+ fts5CloseReader(p);
+ }
+ *ppIter = pRet;
+ sqlite3Fts5BufferFree(&buf);
+ }
+ return fts5IndexReturn(p);
+}
+
+/*
+** Return true if the iterator passed as the only argument is at EOF.
+*/
+static int sqlite3Fts5IterEof(Fts5IndexIter *pIter){
+ assert( pIter->pIndex->rc==SQLITE_OK );
+ return pIter->bEof;
+}
+
+/*
+** Move to the next matching rowid.
+*/
+static int sqlite3Fts5IterNext(Fts5IndexIter *pIter){
+ assert( pIter->pIndex->rc==SQLITE_OK );
+ fts5MultiIterNext(pIter->pIndex, pIter, 0, 0);
+ return fts5IndexReturn(pIter->pIndex);
+}
+
+/*
+** Move to the next matching term/rowid. Used by the fts5vocab module.
+*/
+static int sqlite3Fts5IterNextScan(Fts5IndexIter *pIter){
+ Fts5Index *p = pIter->pIndex;
+
+ assert( pIter->pIndex->rc==SQLITE_OK );
+
+ fts5MultiIterNext(p, pIter, 0, 0);
+ if( p->rc==SQLITE_OK ){
+ Fts5SegIter *pSeg = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ if( pSeg->pLeaf && pSeg->term.p[0]!=FTS5_MAIN_PREFIX ){
+ fts5DataRelease(pSeg->pLeaf);
+ pSeg->pLeaf = 0;
+ pIter->bEof = 1;
+ }
+ }
+
+ return fts5IndexReturn(pIter->pIndex);
+}
+
+/*
+** Move to the next matching rowid that occurs at or after iMatch. The
+** definition of "at or after" depends on whether this iterator iterates
+** in ascending or descending rowid order.
+*/
+static int sqlite3Fts5IterNextFrom(Fts5IndexIter *pIter, i64 iMatch){
+ fts5MultiIterNextFrom(pIter->pIndex, pIter, iMatch);
+ return fts5IndexReturn(pIter->pIndex);
+}
+
+/*
+** Return the current rowid.
+*/
+static i64 sqlite3Fts5IterRowid(Fts5IndexIter *pIter){
+ return fts5MultiIterRowid(pIter);
+}
+
+/*
+** Return the current term.
+*/
+static const char *sqlite3Fts5IterTerm(Fts5IndexIter *pIter, int *pn){
+ int n;
+ const char *z = (const char*)fts5MultiIterTerm(pIter, &n);
+ *pn = n-1;
+ return &z[1];
+}
+
+
+static int fts5IndexExtractColset (
+ Fts5Colset *pColset, /* Colset to filter on */
+ const u8 *pPos, int nPos, /* Position list */
+ Fts5Buffer *pBuf /* Output buffer */
+){
+ int rc = SQLITE_OK;
+ int i;
+
+ fts5BufferZero(pBuf);
+ for(i=0; i<pColset->nCol; i++){
+ const u8 *pSub = pPos;
+ int nSub = fts5IndexExtractCol(&pSub, nPos, pColset->aiCol[i]);
+ if( nSub ){
+ fts5BufferAppendBlob(&rc, pBuf, nSub, pSub);
+ }
+ }
+ return rc;
+}
+
+
+/*
+** Return a pointer to a buffer containing a copy of the position list for
+** the current entry. Output variable *pn is set to the size of the buffer
+** in bytes before returning.
+**
+** The returned position list does not include the "number of bytes" varint
+** field that starts the position list on disk.
+*/
+static int sqlite3Fts5IterPoslist(
+ Fts5IndexIter *pIter,
+ Fts5Colset *pColset, /* Column filter (or NULL) */
+ const u8 **pp, /* OUT: Pointer to position-list data */
+ int *pn, /* OUT: Size of position-list in bytes */
+ i64 *piRowid /* OUT: Current rowid */
+){
+ Fts5SegIter *pSeg = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ assert( pIter->pIndex->rc==SQLITE_OK );
+ *piRowid = pSeg->iRowid;
+ if( pSeg->iLeafOffset+pSeg->nPos<=pSeg->pLeaf->szLeaf ){
+ u8 *pPos = &pSeg->pLeaf->p[pSeg->iLeafOffset];
+ if( pColset==0 || pIter->bFiltered ){
+ *pn = pSeg->nPos;
+ *pp = pPos;
+ }else if( pColset->nCol==1 ){
+ *pp = pPos;
+ *pn = fts5IndexExtractCol(pp, pSeg->nPos, pColset->aiCol[0]);
+ }else{
+ fts5BufferZero(&pIter->poslist);
+ fts5IndexExtractColset(pColset, pPos, pSeg->nPos, &pIter->poslist);
+ *pp = pIter->poslist.p;
+ *pn = pIter->poslist.n;
+ }
+ }else{
+ fts5BufferZero(&pIter->poslist);
+ fts5SegiterPoslist(pIter->pIndex, pSeg, pColset, &pIter->poslist);
+ *pp = pIter->poslist.p;
+ *pn = pIter->poslist.n;
+ }
+ return fts5IndexReturn(pIter->pIndex);
+}
+
+/*
+** This function is similar to sqlite3Fts5IterPoslist(), except that it
+** copies the position list into the buffer supplied as the second
+** argument.
+*/
+static int sqlite3Fts5IterPoslistBuffer(Fts5IndexIter *pIter, Fts5Buffer *pBuf){
+ Fts5Index *p = pIter->pIndex;
+ Fts5SegIter *pSeg = &pIter->aSeg[ pIter->aFirst[1].iFirst ];
+ assert( p->rc==SQLITE_OK );
+ fts5BufferZero(pBuf);
+ fts5SegiterPoslist(p, pSeg, 0, pBuf);
+ return fts5IndexReturn(p);
+}
+
+/*
+** Close an iterator opened by an earlier call to sqlite3Fts5IndexQuery().
+*/
+static void sqlite3Fts5IterClose(Fts5IndexIter *pIter){
+ if( pIter ){
+ Fts5Index *pIndex = pIter->pIndex;
+ fts5MultiIterFree(pIter->pIndex, pIter);
+ fts5CloseReader(pIndex);
+ }
+}
+
+/*
+** Read and decode the "averages" record from the database.
+**
+** Parameter anSize must point to an array of size nCol, where nCol is
+** the number of user defined columns in the FTS table.
+*/
+static int sqlite3Fts5IndexGetAverages(Fts5Index *p, i64 *pnRow, i64 *anSize){
+ int nCol = p->pConfig->nCol;
+ Fts5Data *pData;
+
+ *pnRow = 0;
+ memset(anSize, 0, sizeof(i64) * nCol);
+ pData = fts5DataRead(p, FTS5_AVERAGES_ROWID);
+ if( p->rc==SQLITE_OK && pData->nn ){
+ int i = 0;
+ int iCol;
+ i += fts5GetVarint(&pData->p[i], (u64*)pnRow);
+ for(iCol=0; i<pData->nn && iCol<nCol; iCol++){
+ i += fts5GetVarint(&pData->p[i], (u64*)&anSize[iCol]);
+ }
+ }
+
+ fts5DataRelease(pData);
+ return fts5IndexReturn(p);
+}
+
+/*
+** Replace the current "averages" record with the contents of the buffer
+** supplied as the second argument.
+*/
+static int sqlite3Fts5IndexSetAverages(Fts5Index *p, const u8 *pData, int nData){
+ assert( p->rc==SQLITE_OK );
+ fts5DataWrite(p, FTS5_AVERAGES_ROWID, pData, nData);
+ return fts5IndexReturn(p);
+}
+
+/*
+** Return the total number of blocks this module has read from the %_data
+** table since it was created.
+*/
+static int sqlite3Fts5IndexReads(Fts5Index *p){
+ return p->nRead;
+}
+
+/*
+** Set the 32-bit cookie value stored at the start of all structure
+** records to the value passed as the second argument.
+**
+** Return SQLITE_OK if successful, or an SQLite error code if an error
+** occurs.
+*/
+static int sqlite3Fts5IndexSetCookie(Fts5Index *p, int iNew){
+ int rc; /* Return code */
+ Fts5Config *pConfig = p->pConfig; /* Configuration object */
+ u8 aCookie[4]; /* Binary representation of iNew */
+ sqlite3_blob *pBlob = 0;
+
+ assert( p->rc==SQLITE_OK );
+ sqlite3Fts5Put32(aCookie, iNew);
+
+ rc = sqlite3_blob_open(pConfig->db, pConfig->zDb, p->zDataTbl,
+ "block", FTS5_STRUCTURE_ROWID, 1, &pBlob
+ );
+ if( rc==SQLITE_OK ){
+ sqlite3_blob_write(pBlob, aCookie, 4, 0);
+ rc = sqlite3_blob_close(pBlob);
+ }
+
+ return rc;
+}
+
+static int sqlite3Fts5IndexLoadConfig(Fts5Index *p){
+ Fts5Structure *pStruct;
+ pStruct = fts5StructureRead(p);
+ fts5StructureRelease(pStruct);
+ return fts5IndexReturn(p);
+}
+
+
+/*************************************************************************
+**************************************************************************
+** Below this point is the implementation of the integrity-check
+** functionality.
+*/
+
+/*
+** Return a simple checksum value based on the arguments.
+*/
+static u64 fts5IndexEntryCksum(
+ i64 iRowid,
+ int iCol,
+ int iPos,
+ int iIdx,
+ const char *pTerm,
+ int nTerm
+){
+ int i;
+ u64 ret = iRowid;
+ ret += (ret<<3) + iCol;
+ ret += (ret<<3) + iPos;
+ if( iIdx>=0 ) ret += (ret<<3) + (FTS5_MAIN_PREFIX + iIdx);
+ for(i=0; i<nTerm; i++) ret += (ret<<3) + pTerm[i];
+ return ret;
+}
+
+#ifdef SQLITE_DEBUG
+/*
+** This function is purely an internal test. It does not contribute to
+** FTS functionality, or even the integrity-check, in any way.
+**
+** Instead, it tests that the same set of pgno/rowid combinations are
+** visited regardless of whether the doclist-index identified by parameters
+** iSegid/iLeaf is iterated in forwards or reverse order.
+*/
+static void fts5TestDlidxReverse(
+ Fts5Index *p,
+ int iSegid, /* Segment id to load from */
+ int iLeaf /* Load doclist-index for this leaf */
+){
+ Fts5DlidxIter *pDlidx = 0;
+ u64 cksum1 = 13;
+ u64 cksum2 = 13;
+
+ for(pDlidx=fts5DlidxIterInit(p, 0, iSegid, iLeaf);
+ fts5DlidxIterEof(p, pDlidx)==0;
+ fts5DlidxIterNext(p, pDlidx)
+ ){
+ i64 iRowid = fts5DlidxIterRowid(pDlidx);
+ int pgno = fts5DlidxIterPgno(pDlidx);
+ assert( pgno>iLeaf );
+ cksum1 += iRowid + ((i64)pgno<<32);
+ }
+ fts5DlidxIterFree(pDlidx);
+ pDlidx = 0;
+
+ for(pDlidx=fts5DlidxIterInit(p, 1, iSegid, iLeaf);
+ fts5DlidxIterEof(p, pDlidx)==0;
+ fts5DlidxIterPrev(p, pDlidx)
+ ){
+ i64 iRowid = fts5DlidxIterRowid(pDlidx);
+ int pgno = fts5DlidxIterPgno(pDlidx);
+ assert( fts5DlidxIterPgno(pDlidx)>iLeaf );
+ cksum2 += iRowid + ((i64)pgno<<32);
+ }
+ fts5DlidxIterFree(pDlidx);
+ pDlidx = 0;
+
+ if( p->rc==SQLITE_OK && cksum1!=cksum2 ) p->rc = FTS5_CORRUPT;
+}
+
+static int fts5QueryCksum(
+ Fts5Index *p, /* Fts5 index object */
+ int iIdx,
+ const char *z, /* Index key to query for */
+ int n, /* Size of index key in bytes */
+ int flags, /* Flags for Fts5IndexQuery */
+ u64 *pCksum /* IN/OUT: Checksum value */
+){
+ u64 cksum = *pCksum;
+ Fts5IndexIter *pIdxIter = 0;
+ int rc = sqlite3Fts5IndexQuery(p, z, n, flags, 0, &pIdxIter);
+
+ while( rc==SQLITE_OK && 0==sqlite3Fts5IterEof(pIdxIter) ){
+ i64 dummy;
+ const u8 *pPos;
+ int nPos;
+ i64 rowid = sqlite3Fts5IterRowid(pIdxIter);
+ rc = sqlite3Fts5IterPoslist(pIdxIter, 0, &pPos, &nPos, &dummy);
+ if( rc==SQLITE_OK ){
+ Fts5PoslistReader sReader;
+ for(sqlite3Fts5PoslistReaderInit(pPos, nPos, &sReader);
+ sReader.bEof==0;
+ sqlite3Fts5PoslistReaderNext(&sReader)
+ ){
+ int iCol = FTS5_POS2COLUMN(sReader.iPos);
+ int iOff = FTS5_POS2OFFSET(sReader.iPos);
+ cksum ^= fts5IndexEntryCksum(rowid, iCol, iOff, iIdx, z, n);
+ }
+ rc = sqlite3Fts5IterNext(pIdxIter);
+ }
+ }
+ sqlite3Fts5IterClose(pIdxIter);
+
+ *pCksum = cksum;
+ return rc;
+}
+
+
+/*
+** This function is also purely an internal test. It does not contribute to
+** FTS functionality, or even the integrity-check, in any way.
+*/
+static void fts5TestTerm(
+ Fts5Index *p,
+ Fts5Buffer *pPrev, /* Previous term */
+ const char *z, int n, /* Possibly new term to test */
+ u64 expected,
+ u64 *pCksum
+){
+ int rc = p->rc;
+ if( pPrev->n==0 ){
+ fts5BufferSet(&rc, pPrev, n, (const u8*)z);
+ }else
+ if( rc==SQLITE_OK && (pPrev->n!=n || memcmp(pPrev->p, z, n)) ){
+ u64 cksum3 = *pCksum;
+ const char *zTerm = (const char*)&pPrev->p[1]; /* term sans prefix-byte */
+ int nTerm = pPrev->n-1; /* Size of zTerm in bytes */
+ int iIdx = (pPrev->p[0] - FTS5_MAIN_PREFIX);
+ int flags = (iIdx==0 ? 0 : FTS5INDEX_QUERY_PREFIX);
+ u64 ck1 = 0;
+ u64 ck2 = 0;
+
+ /* Check that the results returned for ASC and DESC queries are
+ ** the same. If not, call this corruption. */
+ rc = fts5QueryCksum(p, iIdx, zTerm, nTerm, flags, &ck1);
+ if( rc==SQLITE_OK ){
+ int f = flags|FTS5INDEX_QUERY_DESC;
+ rc = fts5QueryCksum(p, iIdx, zTerm, nTerm, f, &ck2);
+ }
+ if( rc==SQLITE_OK && ck1!=ck2 ) rc = FTS5_CORRUPT;
+
+ /* If this is a prefix query, check that the results returned if the
+ ** the index is disabled are the same. In both ASC and DESC order.
+ **
+ ** This check may only be performed if the hash table is empty. This
+ ** is because the hash table only supports a single scan query at
+ ** a time, and the multi-iter loop from which this function is called
+ ** is already performing such a scan. */
+ if( p->nPendingData==0 ){
+ if( iIdx>0 && rc==SQLITE_OK ){
+ int f = flags|FTS5INDEX_QUERY_TEST_NOIDX;
+ ck2 = 0;
+ rc = fts5QueryCksum(p, iIdx, zTerm, nTerm, f, &ck2);
+ if( rc==SQLITE_OK && ck1!=ck2 ) rc = FTS5_CORRUPT;
+ }
+ if( iIdx>0 && rc==SQLITE_OK ){
+ int f = flags|FTS5INDEX_QUERY_TEST_NOIDX|FTS5INDEX_QUERY_DESC;
+ ck2 = 0;
+ rc = fts5QueryCksum(p, iIdx, zTerm, nTerm, f, &ck2);
+ if( rc==SQLITE_OK && ck1!=ck2 ) rc = FTS5_CORRUPT;
+ }
+ }
+
+ cksum3 ^= ck1;
+ fts5BufferSet(&rc, pPrev, n, (const u8*)z);
+
+ if( rc==SQLITE_OK && cksum3!=expected ){
+ rc = FTS5_CORRUPT;
+ }
+ *pCksum = cksum3;
+ }
+ p->rc = rc;
+}
+
+#else
+# define fts5TestDlidxReverse(x,y,z)
+# define fts5TestTerm(u,v,w,x,y,z)
+#endif
+
+/*
+** Check that:
+**
+** 1) All leaves of pSeg between iFirst and iLast (inclusive) exist and
+** contain zero terms.
+** 2) All leaves of pSeg between iNoRowid and iLast (inclusive) exist and
+** contain zero rowids.
+*/
+static void fts5IndexIntegrityCheckEmpty(
+ Fts5Index *p,
+ Fts5StructureSegment *pSeg, /* Segment to check internal consistency */
+ int iFirst,
+ int iNoRowid,
+ int iLast
+){
+ int i;
+
+ /* Now check that the iter.nEmpty leaves following the current leaf
+ ** (a) exist and (b) contain no terms. */
+ for(i=iFirst; p->rc==SQLITE_OK && i<=iLast; i++){
+ Fts5Data *pLeaf = fts5DataRead(p, FTS5_SEGMENT_ROWID(pSeg->iSegid, i));
+ if( pLeaf ){
+ if( !fts5LeafIsTermless(pLeaf) ) p->rc = FTS5_CORRUPT;
+ if( i>=iNoRowid && 0!=fts5LeafFirstRowidOff(pLeaf) ) p->rc = FTS5_CORRUPT;
+ }
+ fts5DataRelease(pLeaf);
+ }
+}
+
+static void fts5IntegrityCheckPgidx(Fts5Index *p, Fts5Data *pLeaf){
+ int iTermOff = 0;
+ int ii;
+
+ Fts5Buffer buf1 = {0,0,0};
+ Fts5Buffer buf2 = {0,0,0};
+
+ ii = pLeaf->szLeaf;
+ while( ii<pLeaf->nn && p->rc==SQLITE_OK ){
+ int res;
+ int iOff;
+ int nIncr;
+
+ ii += fts5GetVarint32(&pLeaf->p[ii], nIncr);
+ iTermOff += nIncr;
+ iOff = iTermOff;
+
+ if( iOff>=pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ }else if( iTermOff==nIncr ){
+ int nByte;
+ iOff += fts5GetVarint32(&pLeaf->p[iOff], nByte);
+ if( (iOff+nByte)>pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ fts5BufferSet(&p->rc, &buf1, nByte, &pLeaf->p[iOff]);
+ }
+ }else{
+ int nKeep, nByte;
+ iOff += fts5GetVarint32(&pLeaf->p[iOff], nKeep);
+ iOff += fts5GetVarint32(&pLeaf->p[iOff], nByte);
+ if( nKeep>buf1.n || (iOff+nByte)>pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ buf1.n = nKeep;
+ fts5BufferAppendBlob(&p->rc, &buf1, nByte, &pLeaf->p[iOff]);
+ }
+
+ if( p->rc==SQLITE_OK ){
+ res = fts5BufferCompare(&buf1, &buf2);
+ if( res<=0 ) p->rc = FTS5_CORRUPT;
+ }
+ }
+ fts5BufferSet(&p->rc, &buf2, buf1.n, buf1.p);
+ }
+
+ fts5BufferFree(&buf1);
+ fts5BufferFree(&buf2);
+}
+
+static void fts5IndexIntegrityCheckSegment(
+ Fts5Index *p, /* FTS5 backend object */
+ Fts5StructureSegment *pSeg /* Segment to check internal consistency */
+){
+ Fts5Config *pConfig = p->pConfig;
+ sqlite3_stmt *pStmt = 0;
+ int rc2;
+ int iIdxPrevLeaf = pSeg->pgnoFirst-1;
+ int iDlidxPrevLeaf = pSeg->pgnoLast;
+
+ if( pSeg->pgnoFirst==0 ) return;
+
+ fts5IndexPrepareStmt(p, &pStmt, sqlite3_mprintf(
+ "SELECT segid, term, (pgno>>1), (pgno&1) FROM %Q.'%q_idx' WHERE segid=%d",
+ pConfig->zDb, pConfig->zName, pSeg->iSegid
+ ));
+
+ /* Iterate through the b-tree hierarchy. */
+ while( p->rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pStmt) ){
+ i64 iRow; /* Rowid for this leaf */
+ Fts5Data *pLeaf; /* Data for this leaf */
+
+ int nIdxTerm = sqlite3_column_bytes(pStmt, 1);
+ const char *zIdxTerm = (const char*)sqlite3_column_text(pStmt, 1);
+ int iIdxLeaf = sqlite3_column_int(pStmt, 2);
+ int bIdxDlidx = sqlite3_column_int(pStmt, 3);
+
+ /* If the leaf in question has already been trimmed from the segment,
+ ** ignore this b-tree entry. Otherwise, load it into memory. */
+ if( iIdxLeaf<pSeg->pgnoFirst ) continue;
+ iRow = FTS5_SEGMENT_ROWID(pSeg->iSegid, iIdxLeaf);
+ pLeaf = fts5DataRead(p, iRow);
+ if( pLeaf==0 ) break;
+
+ /* Check that the leaf contains at least one term, and that it is equal
+ ** to or larger than the split-key in zIdxTerm. Also check that if there
+ ** is also a rowid pointer within the leaf page header, it points to a
+ ** location before the term. */
+ if( pLeaf->nn<=pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ int iOff; /* Offset of first term on leaf */
+ int iRowidOff; /* Offset of first rowid on leaf */
+ int nTerm; /* Size of term on leaf in bytes */
+ int res; /* Comparison of term and split-key */
+
+ iOff = fts5LeafFirstTermOff(pLeaf);
+ iRowidOff = fts5LeafFirstRowidOff(pLeaf);
+ if( iRowidOff>=iOff ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ iOff += fts5GetVarint32(&pLeaf->p[iOff], nTerm);
+ res = memcmp(&pLeaf->p[iOff], zIdxTerm, MIN(nTerm, nIdxTerm));
+ if( res==0 ) res = nTerm - nIdxTerm;
+ if( res<0 ) p->rc = FTS5_CORRUPT;
+ }
+
+ fts5IntegrityCheckPgidx(p, pLeaf);
+ }
+ fts5DataRelease(pLeaf);
+ if( p->rc ) break;
+
+ /* Now check that the iter.nEmpty leaves following the current leaf
+ ** (a) exist and (b) contain no terms. */
+ fts5IndexIntegrityCheckEmpty(
+ p, pSeg, iIdxPrevLeaf+1, iDlidxPrevLeaf+1, iIdxLeaf-1
+ );
+ if( p->rc ) break;
+
+ /* If there is a doclist-index, check that it looks right. */
+ if( bIdxDlidx ){
+ Fts5DlidxIter *pDlidx = 0; /* For iterating through doclist index */
+ int iPrevLeaf = iIdxLeaf;
+ int iSegid = pSeg->iSegid;
+ int iPg = 0;
+ i64 iKey;
+
+ for(pDlidx=fts5DlidxIterInit(p, 0, iSegid, iIdxLeaf);
+ fts5DlidxIterEof(p, pDlidx)==0;
+ fts5DlidxIterNext(p, pDlidx)
+ ){
+
+ /* Check any rowid-less pages that occur before the current leaf. */
+ for(iPg=iPrevLeaf+1; iPg<fts5DlidxIterPgno(pDlidx); iPg++){
+ iKey = FTS5_SEGMENT_ROWID(iSegid, iPg);
+ pLeaf = fts5DataRead(p, iKey);
+ if( pLeaf ){
+ if( fts5LeafFirstRowidOff(pLeaf)!=0 ) p->rc = FTS5_CORRUPT;
+ fts5DataRelease(pLeaf);
+ }
+ }
+ iPrevLeaf = fts5DlidxIterPgno(pDlidx);
+
+ /* Check that the leaf page indicated by the iterator really does
+ ** contain the rowid suggested by the same. */
+ iKey = FTS5_SEGMENT_ROWID(iSegid, iPrevLeaf);
+ pLeaf = fts5DataRead(p, iKey);
+ if( pLeaf ){
+ i64 iRowid;
+ int iRowidOff = fts5LeafFirstRowidOff(pLeaf);
+ ASSERT_SZLEAF_OK(pLeaf);
+ if( iRowidOff>=pLeaf->szLeaf ){
+ p->rc = FTS5_CORRUPT;
+ }else{
+ fts5GetVarint(&pLeaf->p[iRowidOff], (u64*)&iRowid);
+ if( iRowid!=fts5DlidxIterRowid(pDlidx) ) p->rc = FTS5_CORRUPT;
+ }
+ fts5DataRelease(pLeaf);
+ }
+ }
+
+ iDlidxPrevLeaf = iPg;
+ fts5DlidxIterFree(pDlidx);
+ fts5TestDlidxReverse(p, iSegid, iIdxLeaf);
+ }else{
+ iDlidxPrevLeaf = pSeg->pgnoLast;
+ /* TODO: Check there is no doclist index */
+ }
+
+ iIdxPrevLeaf = iIdxLeaf;
+ }
+
+ rc2 = sqlite3_finalize(pStmt);
+ if( p->rc==SQLITE_OK ) p->rc = rc2;
+
+ /* Page iter.iLeaf must now be the rightmost leaf-page in the segment */
+#if 0
+ if( p->rc==SQLITE_OK && iter.iLeaf!=pSeg->pgnoLast ){
+ p->rc = FTS5_CORRUPT;
+ }
+#endif
+}
+
+
+/*
+** Run internal checks to ensure that the FTS index (a) is internally
+** consistent and (b) contains entries for which the XOR of the checksums
+** as calculated by fts5IndexEntryCksum() is cksum.
+**
+** Return SQLITE_CORRUPT if any of the internal checks fail, or if the
+** checksum does not match. Return SQLITE_OK if all checks pass without
+** error, or some other SQLite error code if another error (e.g. OOM)
+** occurs.
+*/
+static int sqlite3Fts5IndexIntegrityCheck(Fts5Index *p, u64 cksum){
+ u64 cksum2 = 0; /* Checksum based on contents of indexes */
+ Fts5Buffer poslist = {0,0,0}; /* Buffer used to hold a poslist */
+ Fts5IndexIter *pIter; /* Used to iterate through entire index */
+ Fts5Structure *pStruct; /* Index structure */
+
+#ifdef SQLITE_DEBUG
+ /* Used by extra internal tests only run if NDEBUG is not defined */
+ u64 cksum3 = 0; /* Checksum based on contents of indexes */
+ Fts5Buffer term = {0,0,0}; /* Buffer used to hold most recent term */
+#endif
+
+ /* Load the FTS index structure */
+ pStruct = fts5StructureRead(p);
+
+ /* Check that the internal nodes of each segment match the leaves */
+ if( pStruct ){
+ int iLvl, iSeg;
+ for(iLvl=0; iLvl<pStruct->nLevel; iLvl++){
+ for(iSeg=0; iSeg<pStruct->aLevel[iLvl].nSeg; iSeg++){
+ Fts5StructureSegment *pSeg = &pStruct->aLevel[iLvl].aSeg[iSeg];
+ fts5IndexIntegrityCheckSegment(p, pSeg);
+ }
+ }
+ }
+
+ /* The cksum argument passed to this function is a checksum calculated
+ ** based on all expected entries in the FTS index (including prefix index
+ ** entries). This block checks that a checksum calculated based on the
+ ** actual contents of FTS index is identical.
+ **
+ ** Two versions of the same checksum are calculated. The first (stack
+ ** variable cksum2) based on entries extracted from the full-text index
+ ** while doing a linear scan of each individual index in turn.
+ **
+ ** As each term visited by the linear scans, a separate query for the
+ ** same term is performed. cksum3 is calculated based on the entries
+ ** extracted by these queries.
+ */
+ for(fts5MultiIterNew(p, pStruct, 0, 0, 0, 0, -1, 0, &pIter);
+ fts5MultiIterEof(p, pIter)==0;
+ fts5MultiIterNext(p, pIter, 0, 0)
+ ){
+ int n; /* Size of term in bytes */
+ i64 iPos = 0; /* Position read from poslist */
+ int iOff = 0; /* Offset within poslist */
+ i64 iRowid = fts5MultiIterRowid(pIter);
+ char *z = (char*)fts5MultiIterTerm(pIter, &n);
+
+ /* If this is a new term, query for it. Update cksum3 with the results. */
+ fts5TestTerm(p, &term, z, n, cksum2, &cksum3);
+
+ poslist.n = 0;
+ fts5SegiterPoslist(p, &pIter->aSeg[pIter->aFirst[1].iFirst] , 0, &poslist);
+ while( 0==sqlite3Fts5PoslistNext64(poslist.p, poslist.n, &iOff, &iPos) ){
+ int iCol = FTS5_POS2COLUMN(iPos);
+ int iTokOff = FTS5_POS2OFFSET(iPos);
+ cksum2 ^= fts5IndexEntryCksum(iRowid, iCol, iTokOff, -1, z, n);
+ }
+ }
+ fts5TestTerm(p, &term, 0, 0, cksum2, &cksum3);
+
+ fts5MultiIterFree(p, pIter);
+ if( p->rc==SQLITE_OK && cksum!=cksum2 ) p->rc = FTS5_CORRUPT;
+
+ fts5StructureRelease(pStruct);
+#ifdef SQLITE_DEBUG
+ fts5BufferFree(&term);
+#endif
+ fts5BufferFree(&poslist);
+ return fts5IndexReturn(p);
+}
+
+
+/*
+** Calculate and return a checksum that is the XOR of the index entry
+** checksum of all entries that would be generated by the token specified
+** by the final 5 arguments.
+*/
+static u64 sqlite3Fts5IndexCksum(
+ Fts5Config *pConfig, /* Configuration object */
+ i64 iRowid, /* Document term appears in */
+ int iCol, /* Column term appears in */
+ int iPos, /* Position term appears in */
+ const char *pTerm, int nTerm /* Term at iPos */
+){
+ u64 ret = 0; /* Return value */
+ int iIdx; /* For iterating through indexes */
+
+ ret = fts5IndexEntryCksum(iRowid, iCol, iPos, 0, pTerm, nTerm);
+
+ for(iIdx=0; iIdx<pConfig->nPrefix; iIdx++){
+ int nByte = fts5IndexCharlenToBytelen(pTerm, nTerm, pConfig->aPrefix[iIdx]);
+ if( nByte ){
+ ret ^= fts5IndexEntryCksum(iRowid, iCol, iPos, iIdx+1, pTerm, nByte);
+ }
+ }
+
+ return ret;
+}
+
+/*************************************************************************
+**************************************************************************
+** Below this point is the implementation of the fts5_decode() scalar
+** function only.
+*/
+
+/*
+** Decode a segment-data rowid from the %_data table. This function is
+** the opposite of macro FTS5_SEGMENT_ROWID().
+*/
+static void fts5DecodeRowid(
+ i64 iRowid, /* Rowid from %_data table */
+ int *piSegid, /* OUT: Segment id */
+ int *pbDlidx, /* OUT: Dlidx flag */
+ int *piHeight, /* OUT: Height */
+ int *piPgno /* OUT: Page number */
+){
+ *piPgno = (int)(iRowid & (((i64)1 << FTS5_DATA_PAGE_B) - 1));
+ iRowid >>= FTS5_DATA_PAGE_B;
+
+ *piHeight = (int)(iRowid & (((i64)1 << FTS5_DATA_HEIGHT_B) - 1));
+ iRowid >>= FTS5_DATA_HEIGHT_B;
+
+ *pbDlidx = (int)(iRowid & 0x0001);
+ iRowid >>= FTS5_DATA_DLI_B;
+
+ *piSegid = (int)(iRowid & (((i64)1 << FTS5_DATA_ID_B) - 1));
+}
+
+static void fts5DebugRowid(int *pRc, Fts5Buffer *pBuf, i64 iKey){
+ int iSegid, iHeight, iPgno, bDlidx; /* Rowid compenents */
+ fts5DecodeRowid(iKey, &iSegid, &bDlidx, &iHeight, &iPgno);
+
+ if( iSegid==0 ){
+ if( iKey==FTS5_AVERAGES_ROWID ){
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "{averages} ");
+ }else{
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "{structure}");
+ }
+ }
+ else{
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "{%ssegid=%d h=%d pgno=%d}",
+ bDlidx ? "dlidx " : "", iSegid, iHeight, iPgno
+ );
+ }
+}
+
+static void fts5DebugStructure(
+ int *pRc, /* IN/OUT: error code */
+ Fts5Buffer *pBuf,
+ Fts5Structure *p
+){
+ int iLvl, iSeg; /* Iterate through levels, segments */
+
+ for(iLvl=0; iLvl<p->nLevel; iLvl++){
+ Fts5StructureLevel *pLvl = &p->aLevel[iLvl];
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf,
+ " {lvl=%d nMerge=%d nSeg=%d", iLvl, pLvl->nMerge, pLvl->nSeg
+ );
+ for(iSeg=0; iSeg<pLvl->nSeg; iSeg++){
+ Fts5StructureSegment *pSeg = &pLvl->aSeg[iSeg];
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " {id=%d leaves=%d..%d}",
+ pSeg->iSegid, pSeg->pgnoFirst, pSeg->pgnoLast
+ );
+ }
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "}");
+ }
+}
+
+/*
+** This is part of the fts5_decode() debugging aid.
+**
+** Arguments pBlob/nBlob contain a serialized Fts5Structure object. This
+** function appends a human-readable representation of the same object
+** to the buffer passed as the second argument.
+*/
+static void fts5DecodeStructure(
+ int *pRc, /* IN/OUT: error code */
+ Fts5Buffer *pBuf,
+ const u8 *pBlob, int nBlob
+){
+ int rc; /* Return code */
+ Fts5Structure *p = 0; /* Decoded structure object */
+
+ rc = fts5StructureDecode(pBlob, nBlob, 0, &p);
+ if( rc!=SQLITE_OK ){
+ *pRc = rc;
+ return;
+ }
+
+ fts5DebugStructure(pRc, pBuf, p);
+ fts5StructureRelease(p);
+}
+
+/*
+** This is part of the fts5_decode() debugging aid.
+**
+** Arguments pBlob/nBlob contain an "averages" record. This function
+** appends a human-readable representation of record to the buffer passed
+** as the second argument.
+*/
+static void fts5DecodeAverages(
+ int *pRc, /* IN/OUT: error code */
+ Fts5Buffer *pBuf,
+ const u8 *pBlob, int nBlob
+){
+ int i = 0;
+ const char *zSpace = "";
+
+ while( i<nBlob ){
+ u64 iVal;
+ i += sqlite3Fts5GetVarint(&pBlob[i], &iVal);
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "%s%d", zSpace, (int)iVal);
+ zSpace = " ";
+ }
+}
+
+/*
+** Buffer (a/n) is assumed to contain a list of serialized varints. Read
+** each varint and append its string representation to buffer pBuf. Return
+** after either the input buffer is exhausted or a 0 value is read.
+**
+** The return value is the number of bytes read from the input buffer.
+*/
+static int fts5DecodePoslist(int *pRc, Fts5Buffer *pBuf, const u8 *a, int n){
+ int iOff = 0;
+ while( iOff<n ){
+ int iVal;
+ iOff += fts5GetVarint32(&a[iOff], iVal);
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " %d", iVal);
+ }
+ return iOff;
+}
+
+/*
+** The start of buffer (a/n) contains the start of a doclist. The doclist
+** may or may not finish within the buffer. This function appends a text
+** representation of the part of the doclist that is present to buffer
+** pBuf.
+**
+** The return value is the number of bytes read from the input buffer.
+*/
+static int fts5DecodeDoclist(int *pRc, Fts5Buffer *pBuf, const u8 *a, int n){
+ i64 iDocid = 0;
+ int iOff = 0;
+
+ if( n>0 ){
+ iOff = sqlite3Fts5GetVarint(a, (u64*)&iDocid);
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " id=%lld", iDocid);
+ }
+ while( iOff<n ){
+ int nPos;
+ int bDel;
+ iOff += fts5GetPoslistSize(&a[iOff], &nPos, &bDel);
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " nPos=%d%s", nPos, bDel?"*":"");
+ iOff += fts5DecodePoslist(pRc, pBuf, &a[iOff], MIN(n-iOff, nPos));
+ if( iOff<n ){
+ i64 iDelta;
+ iOff += sqlite3Fts5GetVarint(&a[iOff], (u64*)&iDelta);
+ iDocid += iDelta;
+ sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " id=%lld", iDocid);
+ }
+ }
+
+ return iOff;
+}
+
+/*
+** The implementation of user-defined scalar function fts5_decode().
+*/
+static void fts5DecodeFunction(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args (always 2) */
+ sqlite3_value **apVal /* Function arguments */
+){
+ i64 iRowid; /* Rowid for record being decoded */
+ int iSegid,iHeight,iPgno,bDlidx;/* Rowid components */
+ const u8 *aBlob; int n; /* Record to decode */
+ u8 *a = 0;
+ Fts5Buffer s; /* Build up text to return here */
+ int rc = SQLITE_OK; /* Return code */
+ int nSpace = 0;
+
+ assert( nArg==2 );
+ memset(&s, 0, sizeof(Fts5Buffer));
+ iRowid = sqlite3_value_int64(apVal[0]);
+
+ /* Make a copy of the second argument (a blob) in aBlob[]. The aBlob[]
+ ** copy is followed by FTS5_DATA_ZERO_PADDING 0x00 bytes, which prevents
+ ** buffer overreads even if the record is corrupt. */
+ n = sqlite3_value_bytes(apVal[1]);
+ aBlob = sqlite3_value_blob(apVal[1]);
+ nSpace = n + FTS5_DATA_ZERO_PADDING;
+ a = (u8*)sqlite3Fts5MallocZero(&rc, nSpace);
+ if( a==0 ) goto decode_out;
+ memcpy(a, aBlob, n);
+
+
+ fts5DecodeRowid(iRowid, &iSegid, &bDlidx, &iHeight, &iPgno);
+
+ fts5DebugRowid(&rc, &s, iRowid);
+ if( bDlidx ){
+ Fts5Data dlidx;
+ Fts5DlidxLvl lvl;
+
+ dlidx.p = a;
+ dlidx.nn = n;
+
+ memset(&lvl, 0, sizeof(Fts5DlidxLvl));
+ lvl.pData = &dlidx;
+ lvl.iLeafPgno = iPgno;
+
+ for(fts5DlidxLvlNext(&lvl); lvl.bEof==0; fts5DlidxLvlNext(&lvl)){
+ sqlite3Fts5BufferAppendPrintf(&rc, &s,
+ " %d(%lld)", lvl.iLeafPgno, lvl.iRowid
+ );
+ }
+ }else if( iSegid==0 ){
+ if( iRowid==FTS5_AVERAGES_ROWID ){
+ fts5DecodeAverages(&rc, &s, a, n);
+ }else{
+ fts5DecodeStructure(&rc, &s, a, n);
+ }
+ }else{
+ Fts5Buffer term; /* Current term read from page */
+ int szLeaf; /* Offset of pgidx in a[] */
+ int iPgidxOff;
+ int iPgidxPrev = 0; /* Previous value read from pgidx */
+ int iTermOff = 0;
+ int iRowidOff = 0;
+ int iOff;
+ int nDoclist;
+
+ memset(&term, 0, sizeof(Fts5Buffer));
+
+ if( n<4 ){
+ sqlite3Fts5BufferSet(&rc, &s, 7, (const u8*)"corrupt");
+ goto decode_out;
+ }else{
+ iRowidOff = fts5GetU16(&a[0]);
+ iPgidxOff = szLeaf = fts5GetU16(&a[2]);
+ if( iPgidxOff<n ){
+ fts5GetVarint32(&a[iPgidxOff], iTermOff);
+ }
+ }
+
+ /* Decode the position list tail at the start of the page */
+ if( iRowidOff!=0 ){
+ iOff = iRowidOff;
+ }else if( iTermOff!=0 ){
+ iOff = iTermOff;
+ }else{
+ iOff = szLeaf;
+ }
+ fts5DecodePoslist(&rc, &s, &a[4], iOff-4);
+
+ /* Decode any more doclist data that appears on the page before the
+ ** first term. */
+ nDoclist = (iTermOff ? iTermOff : szLeaf) - iOff;
+ fts5DecodeDoclist(&rc, &s, &a[iOff], nDoclist);
+
+ while( iPgidxOff<n ){
+ int bFirst = (iPgidxOff==szLeaf); /* True for first term on page */
+ int nByte; /* Bytes of data */
+ int iEnd;
+
+ iPgidxOff += fts5GetVarint32(&a[iPgidxOff], nByte);
+ iPgidxPrev += nByte;
+ iOff = iPgidxPrev;
+
+ if( iPgidxOff<n ){
+ fts5GetVarint32(&a[iPgidxOff], nByte);
+ iEnd = iPgidxPrev + nByte;
+ }else{
+ iEnd = szLeaf;
+ }
+
+ if( bFirst==0 ){
+ iOff += fts5GetVarint32(&a[iOff], nByte);
+ term.n = nByte;
+ }
+ iOff += fts5GetVarint32(&a[iOff], nByte);
+ fts5BufferAppendBlob(&rc, &term, nByte, &a[iOff]);
+ iOff += nByte;
+
+ sqlite3Fts5BufferAppendPrintf(
+ &rc, &s, " term=%.*s", term.n, (const char*)term.p
+ );
+ iOff += fts5DecodeDoclist(&rc, &s, &a[iOff], iEnd-iOff);
+ }
+
+ fts5BufferFree(&term);
+ }
+
+ decode_out:
+ sqlite3_free(a);
+ if( rc==SQLITE_OK ){
+ sqlite3_result_text(pCtx, (const char*)s.p, s.n, SQLITE_TRANSIENT);
+ }else{
+ sqlite3_result_error_code(pCtx, rc);
+ }
+ fts5BufferFree(&s);
+}
+
+/*
+** The implementation of user-defined scalar function fts5_rowid().
+*/
+static void fts5RowidFunction(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args (always 2) */
+ sqlite3_value **apVal /* Function arguments */
+){
+ const char *zArg;
+ if( nArg==0 ){
+ sqlite3_result_error(pCtx, "should be: fts5_rowid(subject, ....)", -1);
+ }else{
+ zArg = (const char*)sqlite3_value_text(apVal[0]);
+ if( 0==sqlite3_stricmp(zArg, "segment") ){
+ i64 iRowid;
+ int segid, pgno;
+ if( nArg!=3 ){
+ sqlite3_result_error(pCtx,
+ "should be: fts5_rowid('segment', segid, pgno))", -1
+ );
+ }else{
+ segid = sqlite3_value_int(apVal[1]);
+ pgno = sqlite3_value_int(apVal[2]);
+ iRowid = FTS5_SEGMENT_ROWID(segid, pgno);
+ sqlite3_result_int64(pCtx, iRowid);
+ }
+ }else{
+ sqlite3_result_error(pCtx,
+ "first arg to fts5_rowid() must be 'segment'" , -1
+ );
+ }
+ }
+}
+
+/*
+** This is called as part of registering the FTS5 module with database
+** connection db. It registers several user-defined scalar functions useful
+** with FTS5.
+**
+** If successful, SQLITE_OK is returned. If an error occurs, some other
+** SQLite error code is returned instead.
+*/
+static int sqlite3Fts5IndexInit(sqlite3 *db){
+ int rc = sqlite3_create_function(
+ db, "fts5_decode", 2, SQLITE_UTF8, 0, fts5DecodeFunction, 0, 0
+ );
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_function(
+ db, "fts5_rowid", -1, SQLITE_UTF8, 0, fts5RowidFunction, 0, 0
+ );
+ }
+ return rc;
+}
+
+
+/*
+** 2014 Jun 09
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This is an SQLite module implementing full-text search.
+*/
+
+
+/* #include "fts5Int.h" */
+
+/*
+** This variable is set to false when running tests for which the on disk
+** structures should not be corrupt. Otherwise, true. If it is false, extra
+** assert() conditions in the fts5 code are activated - conditions that are
+** only true if it is guaranteed that the fts5 database is not corrupt.
+*/
+SQLITE_API int sqlite3_fts5_may_be_corrupt = 1;
+
+
+typedef struct Fts5Auxdata Fts5Auxdata;
+typedef struct Fts5Auxiliary Fts5Auxiliary;
+typedef struct Fts5Cursor Fts5Cursor;
+typedef struct Fts5Sorter Fts5Sorter;
+typedef struct Fts5Table Fts5Table;
+typedef struct Fts5TokenizerModule Fts5TokenizerModule;
+
+/*
+** NOTES ON TRANSACTIONS:
+**
+** SQLite invokes the following virtual table methods as transactions are
+** opened and closed by the user:
+**
+** xBegin(): Start of a new transaction.
+** xSync(): Initial part of two-phase commit.
+** xCommit(): Final part of two-phase commit.
+** xRollback(): Rollback the transaction.
+**
+** Anything that is required as part of a commit that may fail is performed
+** in the xSync() callback. Current versions of SQLite ignore any errors
+** returned by xCommit().
+**
+** And as sub-transactions are opened/closed:
+**
+** xSavepoint(int S): Open savepoint S.
+** xRelease(int S): Commit and close savepoint S.
+** xRollbackTo(int S): Rollback to start of savepoint S.
+**
+** During a write-transaction the fts5_index.c module may cache some data
+** in-memory. It is flushed to disk whenever xSync(), xRelease() or
+** xSavepoint() is called. And discarded whenever xRollback() or xRollbackTo()
+** is called.
+**
+** Additionally, if SQLITE_DEBUG is defined, an instance of the following
+** structure is used to record the current transaction state. This information
+** is not required, but it is used in the assert() statements executed by
+** function fts5CheckTransactionState() (see below).
+*/
+struct Fts5TransactionState {
+ int eState; /* 0==closed, 1==open, 2==synced */
+ int iSavepoint; /* Number of open savepoints (0 -> none) */
+};
+
+/*
+** A single object of this type is allocated when the FTS5 module is
+** registered with a database handle. It is used to store pointers to
+** all registered FTS5 extensions - tokenizers and auxiliary functions.
+*/
+struct Fts5Global {
+ fts5_api api; /* User visible part of object (see fts5.h) */
+ sqlite3 *db; /* Associated database connection */
+ i64 iNextId; /* Used to allocate unique cursor ids */
+ Fts5Auxiliary *pAux; /* First in list of all aux. functions */
+ Fts5TokenizerModule *pTok; /* First in list of all tokenizer modules */
+ Fts5TokenizerModule *pDfltTok; /* Default tokenizer module */
+ Fts5Cursor *pCsr; /* First in list of all open cursors */
+};
+
+/*
+** Each auxiliary function registered with the FTS5 module is represented
+** by an object of the following type. All such objects are stored as part
+** of the Fts5Global.pAux list.
+*/
+struct Fts5Auxiliary {
+ Fts5Global *pGlobal; /* Global context for this function */
+ char *zFunc; /* Function name (nul-terminated) */
+ void *pUserData; /* User-data pointer */
+ fts5_extension_function xFunc; /* Callback function */
+ void (*xDestroy)(void*); /* Destructor function */
+ Fts5Auxiliary *pNext; /* Next registered auxiliary function */
+};
+
+/*
+** Each tokenizer module registered with the FTS5 module is represented
+** by an object of the following type. All such objects are stored as part
+** of the Fts5Global.pTok list.
+*/
+struct Fts5TokenizerModule {
+ char *zName; /* Name of tokenizer */
+ void *pUserData; /* User pointer passed to xCreate() */
+ fts5_tokenizer x; /* Tokenizer functions */
+ void (*xDestroy)(void*); /* Destructor function */
+ Fts5TokenizerModule *pNext; /* Next registered tokenizer module */
+};
+
+/*
+** Virtual-table object.
+*/
+struct Fts5Table {
+ sqlite3_vtab base; /* Base class used by SQLite core */
+ Fts5Config *pConfig; /* Virtual table configuration */
+ Fts5Index *pIndex; /* Full-text index */
+ Fts5Storage *pStorage; /* Document store */
+ Fts5Global *pGlobal; /* Global (connection wide) data */
+ Fts5Cursor *pSortCsr; /* Sort data from this cursor */
+#ifdef SQLITE_DEBUG
+ struct Fts5TransactionState ts;
+#endif
+};
+
+struct Fts5MatchPhrase {
+ Fts5Buffer *pPoslist; /* Pointer to current poslist */
+ int nTerm; /* Size of phrase in terms */
+};
+
+/*
+** pStmt:
+** SELECT rowid, <fts> FROM <fts> ORDER BY +rank;
+**
+** aIdx[]:
+** There is one entry in the aIdx[] array for each phrase in the query,
+** the value of which is the offset within aPoslist[] following the last
+** byte of the position list for the corresponding phrase.
+*/
+struct Fts5Sorter {
+ sqlite3_stmt *pStmt;
+ i64 iRowid; /* Current rowid */
+ const u8 *aPoslist; /* Position lists for current row */
+ int nIdx; /* Number of entries in aIdx[] */
+ int aIdx[1]; /* Offsets into aPoslist for current row */
+};
+
+
+/*
+** Virtual-table cursor object.
+**
+** iSpecial:
+** If this is a 'special' query (refer to function fts5SpecialMatch()),
+** then this variable contains the result of the query.
+**
+** iFirstRowid, iLastRowid:
+** These variables are only used for FTS5_PLAN_MATCH cursors. Assuming the
+** cursor iterates in ascending order of rowids, iFirstRowid is the lower
+** limit of rowids to return, and iLastRowid the upper. In other words, the
+** WHERE clause in the user's query might have been:
+**
+** <tbl> MATCH <expr> AND rowid BETWEEN $iFirstRowid AND $iLastRowid
+**
+** If the cursor iterates in descending order of rowid, iFirstRowid
+** is the upper limit (i.e. the "first" rowid visited) and iLastRowid
+** the lower.
+*/
+struct Fts5Cursor {
+ sqlite3_vtab_cursor base; /* Base class used by SQLite core */
+ Fts5Cursor *pNext; /* Next cursor in Fts5Cursor.pCsr list */
+ int *aColumnSize; /* Values for xColumnSize() */
+ i64 iCsrId; /* Cursor id */
+
+ /* Zero from this point onwards on cursor reset */
+ int ePlan; /* FTS5_PLAN_XXX value */
+ int bDesc; /* True for "ORDER BY rowid DESC" queries */
+ i64 iFirstRowid; /* Return no rowids earlier than this */
+ i64 iLastRowid; /* Return no rowids later than this */
+ sqlite3_stmt *pStmt; /* Statement used to read %_content */
+ Fts5Expr *pExpr; /* Expression for MATCH queries */
+ Fts5Sorter *pSorter; /* Sorter for "ORDER BY rank" queries */
+ int csrflags; /* Mask of cursor flags (see below) */
+ i64 iSpecial; /* Result of special query */
+
+ /* "rank" function. Populated on demand from vtab.xColumn(). */
+ char *zRank; /* Custom rank function */
+ char *zRankArgs; /* Custom rank function args */
+ Fts5Auxiliary *pRank; /* Rank callback (or NULL) */
+ int nRankArg; /* Number of trailing arguments for rank() */
+ sqlite3_value **apRankArg; /* Array of trailing arguments */
+ sqlite3_stmt *pRankArgStmt; /* Origin of objects in apRankArg[] */
+
+ /* Auxiliary data storage */
+ Fts5Auxiliary *pAux; /* Currently executing extension function */
+ Fts5Auxdata *pAuxdata; /* First in linked list of saved aux-data */
+
+ /* Cache used by auxiliary functions xInst() and xInstCount() */
+ Fts5PoslistReader *aInstIter; /* One for each phrase */
+ int nInstAlloc; /* Size of aInst[] array (entries / 3) */
+ int nInstCount; /* Number of phrase instances */
+ int *aInst; /* 3 integers per phrase instance */
+};
+
+/*
+** Bits that make up the "idxNum" parameter passed indirectly by
+** xBestIndex() to xFilter().
+*/
+#define FTS5_BI_MATCH 0x0001 /* <tbl> MATCH ? */
+#define FTS5_BI_RANK 0x0002 /* rank MATCH ? */
+#define FTS5_BI_ROWID_EQ 0x0004 /* rowid == ? */
+#define FTS5_BI_ROWID_LE 0x0008 /* rowid <= ? */
+#define FTS5_BI_ROWID_GE 0x0010 /* rowid >= ? */
+
+#define FTS5_BI_ORDER_RANK 0x0020
+#define FTS5_BI_ORDER_ROWID 0x0040
+#define FTS5_BI_ORDER_DESC 0x0080
+
+/*
+** Values for Fts5Cursor.csrflags
+*/
+#define FTS5CSR_REQUIRE_CONTENT 0x01
+#define FTS5CSR_REQUIRE_DOCSIZE 0x02
+#define FTS5CSR_REQUIRE_INST 0x04
+#define FTS5CSR_EOF 0x08
+#define FTS5CSR_FREE_ZRANK 0x10
+#define FTS5CSR_REQUIRE_RESEEK 0x20
+
+#define BitFlagAllTest(x,y) (((x) & (y))==(y))
+#define BitFlagTest(x,y) (((x) & (y))!=0)
+
+
+/*
+** Macros to Set(), Clear() and Test() cursor flags.
+*/
+#define CsrFlagSet(pCsr, flag) ((pCsr)->csrflags |= (flag))
+#define CsrFlagClear(pCsr, flag) ((pCsr)->csrflags &= ~(flag))
+#define CsrFlagTest(pCsr, flag) ((pCsr)->csrflags & (flag))
+
+struct Fts5Auxdata {
+ Fts5Auxiliary *pAux; /* Extension to which this belongs */
+ void *pPtr; /* Pointer value */
+ void(*xDelete)(void*); /* Destructor */
+ Fts5Auxdata *pNext; /* Next object in linked list */
+};
+
+#ifdef SQLITE_DEBUG
+#define FTS5_BEGIN 1
+#define FTS5_SYNC 2
+#define FTS5_COMMIT 3
+#define FTS5_ROLLBACK 4
+#define FTS5_SAVEPOINT 5
+#define FTS5_RELEASE 6
+#define FTS5_ROLLBACKTO 7
+static void fts5CheckTransactionState(Fts5Table *p, int op, int iSavepoint){
+ switch( op ){
+ case FTS5_BEGIN:
+ assert( p->ts.eState==0 );
+ p->ts.eState = 1;
+ p->ts.iSavepoint = -1;
+ break;
+
+ case FTS5_SYNC:
+ assert( p->ts.eState==1 );
+ p->ts.eState = 2;
+ break;
+
+ case FTS5_COMMIT:
+ assert( p->ts.eState==2 );
+ p->ts.eState = 0;
+ break;
+
+ case FTS5_ROLLBACK:
+ assert( p->ts.eState==1 || p->ts.eState==2 || p->ts.eState==0 );
+ p->ts.eState = 0;
+ break;
+
+ case FTS5_SAVEPOINT:
+ assert( p->ts.eState==1 );
+ assert( iSavepoint>=0 );
+ assert( iSavepoint>p->ts.iSavepoint );
+ p->ts.iSavepoint = iSavepoint;
+ break;
+
+ case FTS5_RELEASE:
+ assert( p->ts.eState==1 );
+ assert( iSavepoint>=0 );
+ assert( iSavepoint<=p->ts.iSavepoint );
+ p->ts.iSavepoint = iSavepoint-1;
+ break;
+
+ case FTS5_ROLLBACKTO:
+ assert( p->ts.eState==1 );
+ assert( iSavepoint>=0 );
+ assert( iSavepoint<=p->ts.iSavepoint );
+ p->ts.iSavepoint = iSavepoint;
+ break;
+ }
+}
+#else
+# define fts5CheckTransactionState(x,y,z)
+#endif
+
+/*
+** Return true if pTab is a contentless table.
+*/
+static int fts5IsContentless(Fts5Table *pTab){
+ return pTab->pConfig->eContent==FTS5_CONTENT_NONE;
+}
+
+/*
+** Delete a virtual table handle allocated by fts5InitVtab().
+*/
+static void fts5FreeVtab(Fts5Table *pTab){
+ if( pTab ){
+ sqlite3Fts5IndexClose(pTab->pIndex);
+ sqlite3Fts5StorageClose(pTab->pStorage);
+ sqlite3Fts5ConfigFree(pTab->pConfig);
+ sqlite3_free(pTab);
+ }
+}
+
+/*
+** The xDisconnect() virtual table method.
+*/
+static int fts5DisconnectMethod(sqlite3_vtab *pVtab){
+ fts5FreeVtab((Fts5Table*)pVtab);
+ return SQLITE_OK;
+}
+
+/*
+** The xDestroy() virtual table method.
+*/
+static int fts5DestroyMethod(sqlite3_vtab *pVtab){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ int rc = sqlite3Fts5DropAll(pTab->pConfig);
+ if( rc==SQLITE_OK ){
+ fts5FreeVtab((Fts5Table*)pVtab);
+ }
+ return rc;
+}
+
+/*
+** This function is the implementation of both the xConnect and xCreate
+** methods of the FTS3 virtual table.
+**
+** The argv[] array contains the following:
+**
+** argv[0] -> module name ("fts5")
+** argv[1] -> database name
+** argv[2] -> table name
+** argv[...] -> "column name" and other module argument fields.
+*/
+static int fts5InitVtab(
+ int bCreate, /* True for xCreate, false for xConnect */
+ sqlite3 *db, /* The SQLite database connection */
+ void *pAux, /* Hash table containing tokenizers */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVTab, /* Write the resulting vtab structure here */
+ char **pzErr /* Write any error message here */
+){
+ Fts5Global *pGlobal = (Fts5Global*)pAux;
+ const char **azConfig = (const char**)argv;
+ int rc = SQLITE_OK; /* Return code */
+ Fts5Config *pConfig = 0; /* Results of parsing argc/argv */
+ Fts5Table *pTab = 0; /* New virtual table object */
+
+ /* Allocate the new vtab object and parse the configuration */
+ pTab = (Fts5Table*)sqlite3Fts5MallocZero(&rc, sizeof(Fts5Table));
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5ConfigParse(pGlobal, db, argc, azConfig, &pConfig, pzErr);
+ assert( (rc==SQLITE_OK && *pzErr==0) || pConfig==0 );
+ }
+ if( rc==SQLITE_OK ){
+ pTab->pConfig = pConfig;
+ pTab->pGlobal = pGlobal;
+ }
+
+ /* Open the index sub-system */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexOpen(pConfig, bCreate, &pTab->pIndex, pzErr);
+ }
+
+ /* Open the storage sub-system */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageOpen(
+ pConfig, pTab->pIndex, bCreate, &pTab->pStorage, pzErr
+ );
+ }
+
+ /* Call sqlite3_declare_vtab() */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5ConfigDeclareVtab(pConfig);
+ }
+
+ /* Load the initial configuration */
+ if( rc==SQLITE_OK ){
+ assert( pConfig->pzErrmsg==0 );
+ pConfig->pzErrmsg = pzErr;
+ rc = sqlite3Fts5IndexLoadConfig(pTab->pIndex);
+ sqlite3Fts5IndexRollback(pTab->pIndex);
+ pConfig->pzErrmsg = 0;
+ }
+
+ if( rc!=SQLITE_OK ){
+ fts5FreeVtab(pTab);
+ pTab = 0;
+ }else if( bCreate ){
+ fts5CheckTransactionState(pTab, FTS5_BEGIN, 0);
+ }
+ *ppVTab = (sqlite3_vtab*)pTab;
+ return rc;
+}
+
+/*
+** The xConnect() and xCreate() methods for the virtual table. All the
+** work is done in function fts5InitVtab().
+*/
+static int fts5ConnectMethod(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* Pointer to tokenizer hash table */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ return fts5InitVtab(0, db, pAux, argc, argv, ppVtab, pzErr);
+}
+static int fts5CreateMethod(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* Pointer to tokenizer hash table */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ return fts5InitVtab(1, db, pAux, argc, argv, ppVtab, pzErr);
+}
+
+/*
+** The different query plans.
+*/
+#define FTS5_PLAN_MATCH 1 /* (<tbl> MATCH ?) */
+#define FTS5_PLAN_SOURCE 2 /* A source cursor for SORTED_MATCH */
+#define FTS5_PLAN_SPECIAL 3 /* An internal query */
+#define FTS5_PLAN_SORTED_MATCH 4 /* (<tbl> MATCH ? ORDER BY rank) */
+#define FTS5_PLAN_SCAN 5 /* No usable constraint */
+#define FTS5_PLAN_ROWID 6 /* (rowid = ?) */
+
+/*
+** Set the SQLITE_INDEX_SCAN_UNIQUE flag in pIdxInfo->flags. Unless this
+** extension is currently being used by a version of SQLite too old to
+** support index-info flags. In that case this function is a no-op.
+*/
+static void fts5SetUniqueFlag(sqlite3_index_info *pIdxInfo){
+#if SQLITE_VERSION_NUMBER>=3008012
+#ifndef SQLITE_CORE
+ if( sqlite3_libversion_number()>=3008012 )
+#endif
+ {
+ pIdxInfo->idxFlags |= SQLITE_INDEX_SCAN_UNIQUE;
+ }
+#endif
+}
+
+/*
+** Implementation of the xBestIndex method for FTS5 tables. Within the
+** WHERE constraint, it searches for the following:
+**
+** 1. A MATCH constraint against the special column.
+** 2. A MATCH constraint against the "rank" column.
+** 3. An == constraint against the rowid column.
+** 4. A < or <= constraint against the rowid column.
+** 5. A > or >= constraint against the rowid column.
+**
+** Within the ORDER BY, either:
+**
+** 5. ORDER BY rank [ASC|DESC]
+** 6. ORDER BY rowid [ASC|DESC]
+**
+** Costs are assigned as follows:
+**
+** a) If an unusable MATCH operator is present in the WHERE clause, the
+** cost is unconditionally set to 1e50 (a really big number).
+**
+** a) If a MATCH operator is present, the cost depends on the other
+** constraints also present. As follows:
+**
+** * No other constraints: cost=1000.0
+** * One rowid range constraint: cost=750.0
+** * Both rowid range constraints: cost=500.0
+** * An == rowid constraint: cost=100.0
+**
+** b) Otherwise, if there is no MATCH:
+**
+** * No other constraints: cost=1000000.0
+** * One rowid range constraint: cost=750000.0
+** * Both rowid range constraints: cost=250000.0
+** * An == rowid constraint: cost=10.0
+**
+** Costs are not modified by the ORDER BY clause.
+*/
+static int fts5BestIndexMethod(sqlite3_vtab *pVTab, sqlite3_index_info *pInfo){
+ Fts5Table *pTab = (Fts5Table*)pVTab;
+ Fts5Config *pConfig = pTab->pConfig;
+ int idxFlags = 0; /* Parameter passed through to xFilter() */
+ int bHasMatch;
+ int iNext;
+ int i;
+
+ struct Constraint {
+ int op; /* Mask against sqlite3_index_constraint.op */
+ int fts5op; /* FTS5 mask for idxFlags */
+ int iCol; /* 0==rowid, 1==tbl, 2==rank */
+ int omit; /* True to omit this if found */
+ int iConsIndex; /* Index in pInfo->aConstraint[] */
+ } aConstraint[] = {
+ {SQLITE_INDEX_CONSTRAINT_MATCH|SQLITE_INDEX_CONSTRAINT_EQ,
+ FTS5_BI_MATCH, 1, 1, -1},
+ {SQLITE_INDEX_CONSTRAINT_MATCH|SQLITE_INDEX_CONSTRAINT_EQ,
+ FTS5_BI_RANK, 2, 1, -1},
+ {SQLITE_INDEX_CONSTRAINT_EQ, FTS5_BI_ROWID_EQ, 0, 0, -1},
+ {SQLITE_INDEX_CONSTRAINT_LT|SQLITE_INDEX_CONSTRAINT_LE,
+ FTS5_BI_ROWID_LE, 0, 0, -1},
+ {SQLITE_INDEX_CONSTRAINT_GT|SQLITE_INDEX_CONSTRAINT_GE,
+ FTS5_BI_ROWID_GE, 0, 0, -1},
+ };
+
+ int aColMap[3];
+ aColMap[0] = -1;
+ aColMap[1] = pConfig->nCol;
+ aColMap[2] = pConfig->nCol+1;
+
+ /* Set idxFlags flags for all WHERE clause terms that will be used. */
+ for(i=0; i<pInfo->nConstraint; i++){
+ struct sqlite3_index_constraint *p = &pInfo->aConstraint[i];
+ int j;
+ for(j=0; j<(int)ArraySize(aConstraint); j++){
+ struct Constraint *pC = &aConstraint[j];
+ if( p->iColumn==aColMap[pC->iCol] && p->op & pC->op ){
+ if( p->usable ){
+ pC->iConsIndex = i;
+ idxFlags |= pC->fts5op;
+ }else if( j==0 ){
+ /* As there exists an unusable MATCH constraint this is an
+ ** unusable plan. Set a prohibitively high cost. */
+ pInfo->estimatedCost = 1e50;
+ return SQLITE_OK;
+ }
+ }
+ }
+ }
+
+ /* Set idxFlags flags for the ORDER BY clause */
+ if( pInfo->nOrderBy==1 ){
+ int iSort = pInfo->aOrderBy[0].iColumn;
+ if( iSort==(pConfig->nCol+1) && BitFlagTest(idxFlags, FTS5_BI_MATCH) ){
+ idxFlags |= FTS5_BI_ORDER_RANK;
+ }else if( iSort==-1 ){
+ idxFlags |= FTS5_BI_ORDER_ROWID;
+ }
+ if( BitFlagTest(idxFlags, FTS5_BI_ORDER_RANK|FTS5_BI_ORDER_ROWID) ){
+ pInfo->orderByConsumed = 1;
+ if( pInfo->aOrderBy[0].desc ){
+ idxFlags |= FTS5_BI_ORDER_DESC;
+ }
+ }
+ }
+
+ /* Calculate the estimated cost based on the flags set in idxFlags. */
+ bHasMatch = BitFlagTest(idxFlags, FTS5_BI_MATCH);
+ if( BitFlagTest(idxFlags, FTS5_BI_ROWID_EQ) ){
+ pInfo->estimatedCost = bHasMatch ? 100.0 : 10.0;
+ if( bHasMatch==0 ) fts5SetUniqueFlag(pInfo);
+ }else if( BitFlagAllTest(idxFlags, FTS5_BI_ROWID_LE|FTS5_BI_ROWID_GE) ){
+ pInfo->estimatedCost = bHasMatch ? 500.0 : 250000.0;
+ }else if( BitFlagTest(idxFlags, FTS5_BI_ROWID_LE|FTS5_BI_ROWID_GE) ){
+ pInfo->estimatedCost = bHasMatch ? 750.0 : 750000.0;
+ }else{
+ pInfo->estimatedCost = bHasMatch ? 1000.0 : 1000000.0;
+ }
+
+ /* Assign argvIndex values to each constraint in use. */
+ iNext = 1;
+ for(i=0; i<(int)ArraySize(aConstraint); i++){
+ struct Constraint *pC = &aConstraint[i];
+ if( pC->iConsIndex>=0 ){
+ pInfo->aConstraintUsage[pC->iConsIndex].argvIndex = iNext++;
+ pInfo->aConstraintUsage[pC->iConsIndex].omit = (unsigned char)pC->omit;
+ }
+ }
+
+ pInfo->idxNum = idxFlags;
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of xOpen method.
+*/
+static int fts5OpenMethod(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCsr){
+ Fts5Table *pTab = (Fts5Table*)pVTab;
+ Fts5Config *pConfig = pTab->pConfig;
+ Fts5Cursor *pCsr; /* New cursor object */
+ int nByte; /* Bytes of space to allocate */
+ int rc = SQLITE_OK; /* Return code */
+
+ nByte = sizeof(Fts5Cursor) + pConfig->nCol * sizeof(int);
+ pCsr = (Fts5Cursor*)sqlite3_malloc(nByte);
+ if( pCsr ){
+ Fts5Global *pGlobal = pTab->pGlobal;
+ memset(pCsr, 0, nByte);
+ pCsr->aColumnSize = (int*)&pCsr[1];
+ pCsr->pNext = pGlobal->pCsr;
+ pGlobal->pCsr = pCsr;
+ pCsr->iCsrId = ++pGlobal->iNextId;
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ *ppCsr = (sqlite3_vtab_cursor*)pCsr;
+ return rc;
+}
+
+static int fts5StmtType(Fts5Cursor *pCsr){
+ if( pCsr->ePlan==FTS5_PLAN_SCAN ){
+ return (pCsr->bDesc) ? FTS5_STMT_SCAN_DESC : FTS5_STMT_SCAN_ASC;
+ }
+ return FTS5_STMT_LOOKUP;
+}
+
+/*
+** This function is called after the cursor passed as the only argument
+** is moved to point at a different row. It clears all cached data
+** specific to the previous row stored by the cursor object.
+*/
+static void fts5CsrNewrow(Fts5Cursor *pCsr){
+ CsrFlagSet(pCsr,
+ FTS5CSR_REQUIRE_CONTENT
+ | FTS5CSR_REQUIRE_DOCSIZE
+ | FTS5CSR_REQUIRE_INST
+ );
+}
+
+static void fts5FreeCursorComponents(Fts5Cursor *pCsr){
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ Fts5Auxdata *pData;
+ Fts5Auxdata *pNext;
+
+ sqlite3_free(pCsr->aInstIter);
+ sqlite3_free(pCsr->aInst);
+ if( pCsr->pStmt ){
+ int eStmt = fts5StmtType(pCsr);
+ sqlite3Fts5StorageStmtRelease(pTab->pStorage, eStmt, pCsr->pStmt);
+ }
+ if( pCsr->pSorter ){
+ Fts5Sorter *pSorter = pCsr->pSorter;
+ sqlite3_finalize(pSorter->pStmt);
+ sqlite3_free(pSorter);
+ }
+
+ if( pCsr->ePlan!=FTS5_PLAN_SOURCE ){
+ sqlite3Fts5ExprFree(pCsr->pExpr);
+ }
+
+ for(pData=pCsr->pAuxdata; pData; pData=pNext){
+ pNext = pData->pNext;
+ if( pData->xDelete ) pData->xDelete(pData->pPtr);
+ sqlite3_free(pData);
+ }
+
+ sqlite3_finalize(pCsr->pRankArgStmt);
+ sqlite3_free(pCsr->apRankArg);
+
+ if( CsrFlagTest(pCsr, FTS5CSR_FREE_ZRANK) ){
+ sqlite3_free(pCsr->zRank);
+ sqlite3_free(pCsr->zRankArgs);
+ }
+
+ memset(&pCsr->ePlan, 0, sizeof(Fts5Cursor) - ((u8*)&pCsr->ePlan - (u8*)pCsr));
+}
+
+
+/*
+** Close the cursor. For additional information see the documentation
+** on the xClose method of the virtual table interface.
+*/
+static int fts5CloseMethod(sqlite3_vtab_cursor *pCursor){
+ if( pCursor ){
+ Fts5Table *pTab = (Fts5Table*)(pCursor->pVtab);
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCursor;
+ Fts5Cursor **pp;
+
+ fts5FreeCursorComponents(pCsr);
+ /* Remove the cursor from the Fts5Global.pCsr list */
+ for(pp=&pTab->pGlobal->pCsr; (*pp)!=pCsr; pp=&(*pp)->pNext);
+ *pp = pCsr->pNext;
+
+ sqlite3_free(pCsr);
+ }
+ return SQLITE_OK;
+}
+
+static int fts5SorterNext(Fts5Cursor *pCsr){
+ Fts5Sorter *pSorter = pCsr->pSorter;
+ int rc;
+
+ rc = sqlite3_step(pSorter->pStmt);
+ if( rc==SQLITE_DONE ){
+ rc = SQLITE_OK;
+ CsrFlagSet(pCsr, FTS5CSR_EOF);
+ }else if( rc==SQLITE_ROW ){
+ const u8 *a;
+ const u8 *aBlob;
+ int nBlob;
+ int i;
+ int iOff = 0;
+ rc = SQLITE_OK;
+
+ pSorter->iRowid = sqlite3_column_int64(pSorter->pStmt, 0);
+ nBlob = sqlite3_column_bytes(pSorter->pStmt, 1);
+ aBlob = a = sqlite3_column_blob(pSorter->pStmt, 1);
+
+ for(i=0; i<(pSorter->nIdx-1); i++){
+ int iVal;
+ a += fts5GetVarint32(a, iVal);
+ iOff += iVal;
+ pSorter->aIdx[i] = iOff;
+ }
+ pSorter->aIdx[i] = &aBlob[nBlob] - a;
+
+ pSorter->aPoslist = a;
+ fts5CsrNewrow(pCsr);
+ }
+
+ return rc;
+}
+
+
+/*
+** Set the FTS5CSR_REQUIRE_RESEEK flag on all FTS5_PLAN_MATCH cursors
+** open on table pTab.
+*/
+static void fts5TripCursors(Fts5Table *pTab){
+ Fts5Cursor *pCsr;
+ for(pCsr=pTab->pGlobal->pCsr; pCsr; pCsr=pCsr->pNext){
+ if( pCsr->ePlan==FTS5_PLAN_MATCH
+ && pCsr->base.pVtab==(sqlite3_vtab*)pTab
+ ){
+ CsrFlagSet(pCsr, FTS5CSR_REQUIRE_RESEEK);
+ }
+ }
+}
+
+/*
+** If the REQUIRE_RESEEK flag is set on the cursor passed as the first
+** argument, close and reopen all Fts5IndexIter iterators that the cursor
+** is using. Then attempt to move the cursor to a rowid equal to or laster
+** (in the cursors sort order - ASC or DESC) than the current rowid.
+**
+** If the new rowid is not equal to the old, set output parameter *pbSkip
+** to 1 before returning. Otherwise, leave it unchanged.
+**
+** Return SQLITE_OK if successful or if no reseek was required, or an
+** error code if an error occurred.
+*/
+static int fts5CursorReseek(Fts5Cursor *pCsr, int *pbSkip){
+ int rc = SQLITE_OK;
+ assert( *pbSkip==0 );
+ if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_RESEEK) ){
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ int bDesc = pCsr->bDesc;
+ i64 iRowid = sqlite3Fts5ExprRowid(pCsr->pExpr);
+
+ rc = sqlite3Fts5ExprFirst(pCsr->pExpr, pTab->pIndex, iRowid, bDesc);
+ if( rc==SQLITE_OK && iRowid!=sqlite3Fts5ExprRowid(pCsr->pExpr) ){
+ *pbSkip = 1;
+ }
+
+ CsrFlagClear(pCsr, FTS5CSR_REQUIRE_RESEEK);
+ fts5CsrNewrow(pCsr);
+ if( sqlite3Fts5ExprEof(pCsr->pExpr) ){
+ CsrFlagSet(pCsr, FTS5CSR_EOF);
+ }
+ }
+ return rc;
+}
+
+
+/*
+** Advance the cursor to the next row in the table that matches the
+** search criteria.
+**
+** Return SQLITE_OK if nothing goes wrong. SQLITE_OK is returned
+** even if we reach end-of-file. The fts5EofMethod() will be called
+** subsequently to determine whether or not an EOF was hit.
+*/
+static int fts5NextMethod(sqlite3_vtab_cursor *pCursor){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCursor;
+ int rc = SQLITE_OK;
+
+ assert( (pCsr->ePlan<3)==
+ (pCsr->ePlan==FTS5_PLAN_MATCH || pCsr->ePlan==FTS5_PLAN_SOURCE)
+ );
+
+ if( pCsr->ePlan<3 ){
+ int bSkip = 0;
+ if( (rc = fts5CursorReseek(pCsr, &bSkip)) || bSkip ) return rc;
+ rc = sqlite3Fts5ExprNext(pCsr->pExpr, pCsr->iLastRowid);
+ if( sqlite3Fts5ExprEof(pCsr->pExpr) ){
+ CsrFlagSet(pCsr, FTS5CSR_EOF);
+ }
+ fts5CsrNewrow(pCsr);
+ }else{
+ switch( pCsr->ePlan ){
+ case FTS5_PLAN_SPECIAL: {
+ CsrFlagSet(pCsr, FTS5CSR_EOF);
+ break;
+ }
+
+ case FTS5_PLAN_SORTED_MATCH: {
+ rc = fts5SorterNext(pCsr);
+ break;
+ }
+
+ default:
+ rc = sqlite3_step(pCsr->pStmt);
+ if( rc!=SQLITE_ROW ){
+ CsrFlagSet(pCsr, FTS5CSR_EOF);
+ rc = sqlite3_reset(pCsr->pStmt);
+ }else{
+ rc = SQLITE_OK;
+ }
+ break;
+ }
+ }
+
+ return rc;
+}
+
+
+static sqlite3_stmt *fts5PrepareStatement(
+ int *pRc,
+ Fts5Config *pConfig,
+ const char *zFmt,
+ ...
+){
+ sqlite3_stmt *pRet = 0;
+ va_list ap;
+ va_start(ap, zFmt);
+
+ if( *pRc==SQLITE_OK ){
+ int rc;
+ char *zSql = sqlite3_vmprintf(zFmt, ap);
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(pConfig->db, zSql, -1, &pRet, 0);
+ if( rc!=SQLITE_OK ){
+ *pConfig->pzErrmsg = sqlite3_mprintf("%s", sqlite3_errmsg(pConfig->db));
+ }
+ sqlite3_free(zSql);
+ }
+ *pRc = rc;
+ }
+
+ va_end(ap);
+ return pRet;
+}
+
+static int fts5CursorFirstSorted(Fts5Table *pTab, Fts5Cursor *pCsr, int bDesc){
+ Fts5Config *pConfig = pTab->pConfig;
+ Fts5Sorter *pSorter;
+ int nPhrase;
+ int nByte;
+ int rc = SQLITE_OK;
+ const char *zRank = pCsr->zRank;
+ const char *zRankArgs = pCsr->zRankArgs;
+
+ nPhrase = sqlite3Fts5ExprPhraseCount(pCsr->pExpr);
+ nByte = sizeof(Fts5Sorter) + sizeof(int) * (nPhrase-1);
+ pSorter = (Fts5Sorter*)sqlite3_malloc(nByte);
+ if( pSorter==0 ) return SQLITE_NOMEM;
+ memset(pSorter, 0, nByte);
+ pSorter->nIdx = nPhrase;
+
+ /* TODO: It would be better to have some system for reusing statement
+ ** handles here, rather than preparing a new one for each query. But that
+ ** is not possible as SQLite reference counts the virtual table objects.
+ ** And since the statement required here reads from this very virtual
+ ** table, saving it creates a circular reference.
+ **
+ ** If SQLite a built-in statement cache, this wouldn't be a problem. */
+ pSorter->pStmt = fts5PrepareStatement(&rc, pConfig,
+ "SELECT rowid, rank FROM %Q.%Q ORDER BY %s(%s%s%s) %s",
+ pConfig->zDb, pConfig->zName, zRank, pConfig->zName,
+ (zRankArgs ? ", " : ""),
+ (zRankArgs ? zRankArgs : ""),
+ bDesc ? "DESC" : "ASC"
+ );
+
+ pCsr->pSorter = pSorter;
+ if( rc==SQLITE_OK ){
+ assert( pTab->pSortCsr==0 );
+ pTab->pSortCsr = pCsr;
+ rc = fts5SorterNext(pCsr);
+ pTab->pSortCsr = 0;
+ }
+
+ if( rc!=SQLITE_OK ){
+ sqlite3_finalize(pSorter->pStmt);
+ sqlite3_free(pSorter);
+ pCsr->pSorter = 0;
+ }
+
+ return rc;
+}
+
+static int fts5CursorFirst(Fts5Table *pTab, Fts5Cursor *pCsr, int bDesc){
+ int rc;
+ Fts5Expr *pExpr = pCsr->pExpr;
+ rc = sqlite3Fts5ExprFirst(pExpr, pTab->pIndex, pCsr->iFirstRowid, bDesc);
+ if( sqlite3Fts5ExprEof(pExpr) ){
+ CsrFlagSet(pCsr, FTS5CSR_EOF);
+ }
+ fts5CsrNewrow(pCsr);
+ return rc;
+}
+
+/*
+** Process a "special" query. A special query is identified as one with a
+** MATCH expression that begins with a '*' character. The remainder of
+** the text passed to the MATCH operator are used as the special query
+** parameters.
+*/
+static int fts5SpecialMatch(
+ Fts5Table *pTab,
+ Fts5Cursor *pCsr,
+ const char *zQuery
+){
+ int rc = SQLITE_OK; /* Return code */
+ const char *z = zQuery; /* Special query text */
+ int n; /* Number of bytes in text at z */
+
+ while( z[0]==' ' ) z++;
+ for(n=0; z[n] && z[n]!=' '; n++);
+
+ assert( pTab->base.zErrMsg==0 );
+ pCsr->ePlan = FTS5_PLAN_SPECIAL;
+
+ if( 0==sqlite3_strnicmp("reads", z, n) ){
+ pCsr->iSpecial = sqlite3Fts5IndexReads(pTab->pIndex);
+ }
+ else if( 0==sqlite3_strnicmp("id", z, n) ){
+ pCsr->iSpecial = pCsr->iCsrId;
+ }
+ else{
+ /* An unrecognized directive. Return an error message. */
+ pTab->base.zErrMsg = sqlite3_mprintf("unknown special query: %.*s", n, z);
+ rc = SQLITE_ERROR;
+ }
+
+ return rc;
+}
+
+/*
+** Search for an auxiliary function named zName that can be used with table
+** pTab. If one is found, return a pointer to the corresponding Fts5Auxiliary
+** structure. Otherwise, if no such function exists, return NULL.
+*/
+static Fts5Auxiliary *fts5FindAuxiliary(Fts5Table *pTab, const char *zName){
+ Fts5Auxiliary *pAux;
+
+ for(pAux=pTab->pGlobal->pAux; pAux; pAux=pAux->pNext){
+ if( sqlite3_stricmp(zName, pAux->zFunc)==0 ) return pAux;
+ }
+
+ /* No function of the specified name was found. Return 0. */
+ return 0;
+}
+
+
+static int fts5FindRankFunction(Fts5Cursor *pCsr){
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ Fts5Config *pConfig = pTab->pConfig;
+ int rc = SQLITE_OK;
+ Fts5Auxiliary *pAux = 0;
+ const char *zRank = pCsr->zRank;
+ const char *zRankArgs = pCsr->zRankArgs;
+
+ if( zRankArgs ){
+ char *zSql = sqlite3Fts5Mprintf(&rc, "SELECT %s", zRankArgs);
+ if( zSql ){
+ sqlite3_stmt *pStmt = 0;
+ rc = sqlite3_prepare_v2(pConfig->db, zSql, -1, &pStmt, 0);
+ sqlite3_free(zSql);
+ assert( rc==SQLITE_OK || pCsr->pRankArgStmt==0 );
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pStmt) ){
+ int nByte;
+ pCsr->nRankArg = sqlite3_column_count(pStmt);
+ nByte = sizeof(sqlite3_value*)*pCsr->nRankArg;
+ pCsr->apRankArg = (sqlite3_value**)sqlite3Fts5MallocZero(&rc, nByte);
+ if( rc==SQLITE_OK ){
+ int i;
+ for(i=0; i<pCsr->nRankArg; i++){
+ pCsr->apRankArg[i] = sqlite3_column_value(pStmt, i);
+ }
+ }
+ pCsr->pRankArgStmt = pStmt;
+ }else{
+ rc = sqlite3_finalize(pStmt);
+ assert( rc!=SQLITE_OK );
+ }
+ }
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ pAux = fts5FindAuxiliary(pTab, zRank);
+ if( pAux==0 ){
+ assert( pTab->base.zErrMsg==0 );
+ pTab->base.zErrMsg = sqlite3_mprintf("no such function: %s", zRank);
+ rc = SQLITE_ERROR;
+ }
+ }
+
+ pCsr->pRank = pAux;
+ return rc;
+}
+
+
+static int fts5CursorParseRank(
+ Fts5Config *pConfig,
+ Fts5Cursor *pCsr,
+ sqlite3_value *pRank
+){
+ int rc = SQLITE_OK;
+ if( pRank ){
+ const char *z = (const char*)sqlite3_value_text(pRank);
+ char *zRank = 0;
+ char *zRankArgs = 0;
+
+ if( z==0 ){
+ if( sqlite3_value_type(pRank)==SQLITE_NULL ) rc = SQLITE_ERROR;
+ }else{
+ rc = sqlite3Fts5ConfigParseRank(z, &zRank, &zRankArgs);
+ }
+ if( rc==SQLITE_OK ){
+ pCsr->zRank = zRank;
+ pCsr->zRankArgs = zRankArgs;
+ CsrFlagSet(pCsr, FTS5CSR_FREE_ZRANK);
+ }else if( rc==SQLITE_ERROR ){
+ pCsr->base.pVtab->zErrMsg = sqlite3_mprintf(
+ "parse error in rank function: %s", z
+ );
+ }
+ }else{
+ if( pConfig->zRank ){
+ pCsr->zRank = (char*)pConfig->zRank;
+ pCsr->zRankArgs = (char*)pConfig->zRankArgs;
+ }else{
+ pCsr->zRank = (char*)FTS5_DEFAULT_RANK;
+ pCsr->zRankArgs = 0;
+ }
+ }
+ return rc;
+}
+
+static i64 fts5GetRowidLimit(sqlite3_value *pVal, i64 iDefault){
+ if( pVal ){
+ int eType = sqlite3_value_numeric_type(pVal);
+ if( eType==SQLITE_INTEGER ){
+ return sqlite3_value_int64(pVal);
+ }
+ }
+ return iDefault;
+}
+
+/*
+** This is the xFilter interface for the virtual table. See
+** the virtual table xFilter method documentation for additional
+** information.
+**
+** There are three possible query strategies:
+**
+** 1. Full-text search using a MATCH operator.
+** 2. A by-rowid lookup.
+** 3. A full-table scan.
+*/
+static int fts5FilterMethod(
+ sqlite3_vtab_cursor *pCursor, /* The cursor used for this query */
+ int idxNum, /* Strategy index */
+ const char *idxStr, /* Unused */
+ int nVal, /* Number of elements in apVal */
+ sqlite3_value **apVal /* Arguments for the indexing scheme */
+){
+ Fts5Table *pTab = (Fts5Table*)(pCursor->pVtab);
+ Fts5Config *pConfig = pTab->pConfig;
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCursor;
+ int rc = SQLITE_OK; /* Error code */
+ int iVal = 0; /* Counter for apVal[] */
+ int bDesc; /* True if ORDER BY [rank|rowid] DESC */
+ int bOrderByRank; /* True if ORDER BY rank */
+ sqlite3_value *pMatch = 0; /* <tbl> MATCH ? expression (or NULL) */
+ sqlite3_value *pRank = 0; /* rank MATCH ? expression (or NULL) */
+ sqlite3_value *pRowidEq = 0; /* rowid = ? expression (or NULL) */
+ sqlite3_value *pRowidLe = 0; /* rowid <= ? expression (or NULL) */
+ sqlite3_value *pRowidGe = 0; /* rowid >= ? expression (or NULL) */
+ char **pzErrmsg = pConfig->pzErrmsg;
+
+ if( pCsr->ePlan ){
+ fts5FreeCursorComponents(pCsr);
+ memset(&pCsr->ePlan, 0, sizeof(Fts5Cursor) - ((u8*)&pCsr->ePlan-(u8*)pCsr));
+ }
+
+ assert( pCsr->pStmt==0 );
+ assert( pCsr->pExpr==0 );
+ assert( pCsr->csrflags==0 );
+ assert( pCsr->pRank==0 );
+ assert( pCsr->zRank==0 );
+ assert( pCsr->zRankArgs==0 );
+
+ assert( pzErrmsg==0 || pzErrmsg==&pTab->base.zErrMsg );
+ pConfig->pzErrmsg = &pTab->base.zErrMsg;
+
+ /* Decode the arguments passed through to this function.
+ **
+ ** Note: The following set of if(...) statements must be in the same
+ ** order as the corresponding entries in the struct at the top of
+ ** fts5BestIndexMethod(). */
+ if( BitFlagTest(idxNum, FTS5_BI_MATCH) ) pMatch = apVal[iVal++];
+ if( BitFlagTest(idxNum, FTS5_BI_RANK) ) pRank = apVal[iVal++];
+ if( BitFlagTest(idxNum, FTS5_BI_ROWID_EQ) ) pRowidEq = apVal[iVal++];
+ if( BitFlagTest(idxNum, FTS5_BI_ROWID_LE) ) pRowidLe = apVal[iVal++];
+ if( BitFlagTest(idxNum, FTS5_BI_ROWID_GE) ) pRowidGe = apVal[iVal++];
+ assert( iVal==nVal );
+ bOrderByRank = ((idxNum & FTS5_BI_ORDER_RANK) ? 1 : 0);
+ pCsr->bDesc = bDesc = ((idxNum & FTS5_BI_ORDER_DESC) ? 1 : 0);
+
+ /* Set the cursor upper and lower rowid limits. Only some strategies
+ ** actually use them. This is ok, as the xBestIndex() method leaves the
+ ** sqlite3_index_constraint.omit flag clear for range constraints
+ ** on the rowid field. */
+ if( pRowidEq ){
+ pRowidLe = pRowidGe = pRowidEq;
+ }
+ if( bDesc ){
+ pCsr->iFirstRowid = fts5GetRowidLimit(pRowidLe, LARGEST_INT64);
+ pCsr->iLastRowid = fts5GetRowidLimit(pRowidGe, SMALLEST_INT64);
+ }else{
+ pCsr->iLastRowid = fts5GetRowidLimit(pRowidLe, LARGEST_INT64);
+ pCsr->iFirstRowid = fts5GetRowidLimit(pRowidGe, SMALLEST_INT64);
+ }
+
+ if( pTab->pSortCsr ){
+ /* If pSortCsr is non-NULL, then this call is being made as part of
+ ** processing for a "... MATCH <expr> ORDER BY rank" query (ePlan is
+ ** set to FTS5_PLAN_SORTED_MATCH). pSortCsr is the cursor that will
+ ** return results to the user for this query. The current cursor
+ ** (pCursor) is used to execute the query issued by function
+ ** fts5CursorFirstSorted() above. */
+ assert( pRowidEq==0 && pRowidLe==0 && pRowidGe==0 && pRank==0 );
+ assert( nVal==0 && pMatch==0 && bOrderByRank==0 && bDesc==0 );
+ assert( pCsr->iLastRowid==LARGEST_INT64 );
+ assert( pCsr->iFirstRowid==SMALLEST_INT64 );
+ pCsr->ePlan = FTS5_PLAN_SOURCE;
+ pCsr->pExpr = pTab->pSortCsr->pExpr;
+ rc = fts5CursorFirst(pTab, pCsr, bDesc);
+ }else if( pMatch ){
+ const char *zExpr = (const char*)sqlite3_value_text(apVal[0]);
+ if( zExpr==0 ) zExpr = "";
+
+ rc = fts5CursorParseRank(pConfig, pCsr, pRank);
+ if( rc==SQLITE_OK ){
+ if( zExpr[0]=='*' ){
+ /* The user has issued a query of the form "MATCH '*...'". This
+ ** indicates that the MATCH expression is not a full text query,
+ ** but a request for an internal parameter. */
+ rc = fts5SpecialMatch(pTab, pCsr, &zExpr[1]);
+ }else{
+ char **pzErr = &pTab->base.zErrMsg;
+ rc = sqlite3Fts5ExprNew(pConfig, zExpr, &pCsr->pExpr, pzErr);
+ if( rc==SQLITE_OK ){
+ if( bOrderByRank ){
+ pCsr->ePlan = FTS5_PLAN_SORTED_MATCH;
+ rc = fts5CursorFirstSorted(pTab, pCsr, bDesc);
+ }else{
+ pCsr->ePlan = FTS5_PLAN_MATCH;
+ rc = fts5CursorFirst(pTab, pCsr, bDesc);
+ }
+ }
+ }
+ }
+ }else if( pConfig->zContent==0 ){
+ *pConfig->pzErrmsg = sqlite3_mprintf(
+ "%s: table does not support scanning", pConfig->zName
+ );
+ rc = SQLITE_ERROR;
+ }else{
+ /* This is either a full-table scan (ePlan==FTS5_PLAN_SCAN) or a lookup
+ ** by rowid (ePlan==FTS5_PLAN_ROWID). */
+ pCsr->ePlan = (pRowidEq ? FTS5_PLAN_ROWID : FTS5_PLAN_SCAN);
+ rc = sqlite3Fts5StorageStmt(
+ pTab->pStorage, fts5StmtType(pCsr), &pCsr->pStmt, &pTab->base.zErrMsg
+ );
+ if( rc==SQLITE_OK ){
+ if( pCsr->ePlan==FTS5_PLAN_ROWID ){
+ sqlite3_bind_value(pCsr->pStmt, 1, apVal[0]);
+ }else{
+ sqlite3_bind_int64(pCsr->pStmt, 1, pCsr->iFirstRowid);
+ sqlite3_bind_int64(pCsr->pStmt, 2, pCsr->iLastRowid);
+ }
+ rc = fts5NextMethod(pCursor);
+ }
+ }
+
+ pConfig->pzErrmsg = pzErrmsg;
+ return rc;
+}
+
+/*
+** This is the xEof method of the virtual table. SQLite calls this
+** routine to find out if it has reached the end of a result set.
+*/
+static int fts5EofMethod(sqlite3_vtab_cursor *pCursor){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCursor;
+ return (CsrFlagTest(pCsr, FTS5CSR_EOF) ? 1 : 0);
+}
+
+/*
+** Return the rowid that the cursor currently points to.
+*/
+static i64 fts5CursorRowid(Fts5Cursor *pCsr){
+ assert( pCsr->ePlan==FTS5_PLAN_MATCH
+ || pCsr->ePlan==FTS5_PLAN_SORTED_MATCH
+ || pCsr->ePlan==FTS5_PLAN_SOURCE
+ );
+ if( pCsr->pSorter ){
+ return pCsr->pSorter->iRowid;
+ }else{
+ return sqlite3Fts5ExprRowid(pCsr->pExpr);
+ }
+}
+
+/*
+** This is the xRowid method. The SQLite core calls this routine to
+** retrieve the rowid for the current row of the result set. fts5
+** exposes %_content.rowid as the rowid for the virtual table. The
+** rowid should be written to *pRowid.
+*/
+static int fts5RowidMethod(sqlite3_vtab_cursor *pCursor, sqlite_int64 *pRowid){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCursor;
+ int ePlan = pCsr->ePlan;
+
+ assert( CsrFlagTest(pCsr, FTS5CSR_EOF)==0 );
+ switch( ePlan ){
+ case FTS5_PLAN_SPECIAL:
+ *pRowid = 0;
+ break;
+
+ case FTS5_PLAN_SOURCE:
+ case FTS5_PLAN_MATCH:
+ case FTS5_PLAN_SORTED_MATCH:
+ *pRowid = fts5CursorRowid(pCsr);
+ break;
+
+ default:
+ *pRowid = sqlite3_column_int64(pCsr->pStmt, 0);
+ break;
+ }
+
+ return SQLITE_OK;
+}
+
+/*
+** If the cursor requires seeking (bSeekRequired flag is set), seek it.
+** Return SQLITE_OK if no error occurs, or an SQLite error code otherwise.
+**
+** If argument bErrormsg is true and an error occurs, an error message may
+** be left in sqlite3_vtab.zErrMsg.
+*/
+static int fts5SeekCursor(Fts5Cursor *pCsr, int bErrormsg){
+ int rc = SQLITE_OK;
+
+ /* If the cursor does not yet have a statement handle, obtain one now. */
+ if( pCsr->pStmt==0 ){
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ int eStmt = fts5StmtType(pCsr);
+ rc = sqlite3Fts5StorageStmt(
+ pTab->pStorage, eStmt, &pCsr->pStmt, (bErrormsg?&pTab->base.zErrMsg:0)
+ );
+ assert( rc!=SQLITE_OK || pTab->base.zErrMsg==0 );
+ assert( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_CONTENT) );
+ }
+
+ if( rc==SQLITE_OK && CsrFlagTest(pCsr, FTS5CSR_REQUIRE_CONTENT) ){
+ assert( pCsr->pExpr );
+ sqlite3_reset(pCsr->pStmt);
+ sqlite3_bind_int64(pCsr->pStmt, 1, fts5CursorRowid(pCsr));
+ rc = sqlite3_step(pCsr->pStmt);
+ if( rc==SQLITE_ROW ){
+ rc = SQLITE_OK;
+ CsrFlagClear(pCsr, FTS5CSR_REQUIRE_CONTENT);
+ }else{
+ rc = sqlite3_reset(pCsr->pStmt);
+ if( rc==SQLITE_OK ){
+ rc = FTS5_CORRUPT;
+ }
+ }
+ }
+ return rc;
+}
+
+static void fts5SetVtabError(Fts5Table *p, const char *zFormat, ...){
+ va_list ap; /* ... printf arguments */
+ va_start(ap, zFormat);
+ assert( p->base.zErrMsg==0 );
+ p->base.zErrMsg = sqlite3_vmprintf(zFormat, ap);
+ va_end(ap);
+}
+
+/*
+** This function is called to handle an FTS INSERT command. In other words,
+** an INSERT statement of the form:
+**
+** INSERT INTO fts(fts) VALUES($pCmd)
+** INSERT INTO fts(fts, rank) VALUES($pCmd, $pVal)
+**
+** Argument pVal is the value assigned to column "fts" by the INSERT
+** statement. This function returns SQLITE_OK if successful, or an SQLite
+** error code if an error occurs.
+**
+** The commands implemented by this function are documented in the "Special
+** INSERT Directives" section of the documentation. It should be updated if
+** more commands are added to this function.
+*/
+static int fts5SpecialInsert(
+ Fts5Table *pTab, /* Fts5 table object */
+ const char *zCmd, /* Text inserted into table-name column */
+ sqlite3_value *pVal /* Value inserted into rank column */
+){
+ Fts5Config *pConfig = pTab->pConfig;
+ int rc = SQLITE_OK;
+ int bError = 0;
+
+ if( 0==sqlite3_stricmp("delete-all", zCmd) ){
+ if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ fts5SetVtabError(pTab,
+ "'delete-all' may only be used with a "
+ "contentless or external content fts5 table"
+ );
+ rc = SQLITE_ERROR;
+ }else{
+ rc = sqlite3Fts5StorageDeleteAll(pTab->pStorage);
+ }
+ }else if( 0==sqlite3_stricmp("rebuild", zCmd) ){
+ if( pConfig->eContent==FTS5_CONTENT_NONE ){
+ fts5SetVtabError(pTab,
+ "'rebuild' may not be used with a contentless fts5 table"
+ );
+ rc = SQLITE_ERROR;
+ }else{
+ rc = sqlite3Fts5StorageRebuild(pTab->pStorage);
+ }
+ }else if( 0==sqlite3_stricmp("optimize", zCmd) ){
+ rc = sqlite3Fts5StorageOptimize(pTab->pStorage);
+ }else if( 0==sqlite3_stricmp("merge", zCmd) ){
+ int nMerge = sqlite3_value_int(pVal);
+ rc = sqlite3Fts5StorageMerge(pTab->pStorage, nMerge);
+ }else if( 0==sqlite3_stricmp("integrity-check", zCmd) ){
+ rc = sqlite3Fts5StorageIntegrity(pTab->pStorage);
+#ifdef SQLITE_DEBUG
+ }else if( 0==sqlite3_stricmp("prefix-index", zCmd) ){
+ pConfig->bPrefixIndex = sqlite3_value_int(pVal);
+#endif
+ }else{
+ rc = sqlite3Fts5IndexLoadConfig(pTab->pIndex);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5ConfigSetValue(pTab->pConfig, zCmd, pVal, &bError);
+ }
+ if( rc==SQLITE_OK ){
+ if( bError ){
+ rc = SQLITE_ERROR;
+ }else{
+ rc = sqlite3Fts5StorageConfigValue(pTab->pStorage, zCmd, pVal, 0);
+ }
+ }
+ }
+ return rc;
+}
+
+static int fts5SpecialDelete(
+ Fts5Table *pTab,
+ sqlite3_value **apVal,
+ sqlite3_int64 *piRowid
+){
+ int rc = SQLITE_OK;
+ int eType1 = sqlite3_value_type(apVal[1]);
+ if( eType1==SQLITE_INTEGER ){
+ sqlite3_int64 iDel = sqlite3_value_int64(apVal[1]);
+ rc = sqlite3Fts5StorageSpecialDelete(pTab->pStorage, iDel, &apVal[2]);
+ }
+ return rc;
+}
+
+static void fts5StorageInsert(
+ int *pRc,
+ Fts5Table *pTab,
+ sqlite3_value **apVal,
+ i64 *piRowid
+){
+ int rc = *pRc;
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageContentInsert(pTab->pStorage, apVal, piRowid);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageIndexInsert(pTab->pStorage, apVal, *piRowid);
+ }
+ *pRc = rc;
+}
+
+/*
+** This function is the implementation of the xUpdate callback used by
+** FTS3 virtual tables. It is invoked by SQLite each time a row is to be
+** inserted, updated or deleted.
+**
+** A delete specifies a single argument - the rowid of the row to remove.
+**
+** Update and insert operations pass:
+**
+** 1. The "old" rowid, or NULL.
+** 2. The "new" rowid.
+** 3. Values for each of the nCol matchable columns.
+** 4. Values for the two hidden columns (<tablename> and "rank").
+*/
+static int fts5UpdateMethod(
+ sqlite3_vtab *pVtab, /* Virtual table handle */
+ int nArg, /* Size of argument array */
+ sqlite3_value **apVal, /* Array of arguments */
+ sqlite_int64 *pRowid /* OUT: The affected (or effected) rowid */
+){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ Fts5Config *pConfig = pTab->pConfig;
+ int eType0; /* value_type() of apVal[0] */
+ int rc = SQLITE_OK; /* Return code */
+
+ /* A transaction must be open when this is called. */
+ assert( pTab->ts.eState==1 );
+
+ assert( pVtab->zErrMsg==0 );
+ assert( nArg==1 || nArg==(2+pConfig->nCol+2) );
+ assert( nArg==1
+ || sqlite3_value_type(apVal[1])==SQLITE_INTEGER
+ || sqlite3_value_type(apVal[1])==SQLITE_NULL
+ );
+ assert( pTab->pConfig->pzErrmsg==0 );
+ pTab->pConfig->pzErrmsg = &pTab->base.zErrMsg;
+
+ /* Put any active cursors into REQUIRE_SEEK state. */
+ fts5TripCursors(pTab);
+
+ eType0 = sqlite3_value_type(apVal[0]);
+ if( eType0==SQLITE_NULL
+ && sqlite3_value_type(apVal[2+pConfig->nCol])!=SQLITE_NULL
+ ){
+ /* A "special" INSERT op. These are handled separately. */
+ const char *z = (const char*)sqlite3_value_text(apVal[2+pConfig->nCol]);
+ if( pConfig->eContent!=FTS5_CONTENT_NORMAL
+ && 0==sqlite3_stricmp("delete", z)
+ ){
+ rc = fts5SpecialDelete(pTab, apVal, pRowid);
+ }else{
+ rc = fts5SpecialInsert(pTab, z, apVal[2 + pConfig->nCol + 1]);
+ }
+ }else{
+ /* A regular INSERT, UPDATE or DELETE statement. The trick here is that
+ ** any conflict on the rowid value must be detected before any
+ ** modifications are made to the database file. There are 4 cases:
+ **
+ ** 1) DELETE
+ ** 2) UPDATE (rowid not modified)
+ ** 3) UPDATE (rowid modified)
+ ** 4) INSERT
+ **
+ ** Cases 3 and 4 may violate the rowid constraint.
+ */
+ int eConflict = SQLITE_ABORT;
+ if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ eConflict = sqlite3_vtab_on_conflict(pConfig->db);
+ }
+
+ assert( eType0==SQLITE_INTEGER || eType0==SQLITE_NULL );
+ assert( nArg!=1 || eType0==SQLITE_INTEGER );
+
+ /* Filter out attempts to run UPDATE or DELETE on contentless tables.
+ ** This is not suported. */
+ if( eType0==SQLITE_INTEGER && fts5IsContentless(pTab) ){
+ pTab->base.zErrMsg = sqlite3_mprintf(
+ "cannot %s contentless fts5 table: %s",
+ (nArg>1 ? "UPDATE" : "DELETE from"), pConfig->zName
+ );
+ rc = SQLITE_ERROR;
+ }
+
+ /* Case 1: DELETE */
+ else if( nArg==1 ){
+ i64 iDel = sqlite3_value_int64(apVal[0]); /* Rowid to delete */
+ rc = sqlite3Fts5StorageDelete(pTab->pStorage, iDel);
+ }
+
+ /* Case 2: INSERT */
+ else if( eType0!=SQLITE_INTEGER ){
+ /* If this is a REPLACE, first remove the current entry (if any) */
+ if( eConflict==SQLITE_REPLACE
+ && sqlite3_value_type(apVal[1])==SQLITE_INTEGER
+ ){
+ i64 iNew = sqlite3_value_int64(apVal[1]); /* Rowid to delete */
+ rc = sqlite3Fts5StorageDelete(pTab->pStorage, iNew);
+ }
+ fts5StorageInsert(&rc, pTab, apVal, pRowid);
+ }
+
+ /* Case 2: UPDATE */
+ else{
+ i64 iOld = sqlite3_value_int64(apVal[0]); /* Old rowid */
+ i64 iNew = sqlite3_value_int64(apVal[1]); /* New rowid */
+ if( iOld!=iNew ){
+ if( eConflict==SQLITE_REPLACE ){
+ rc = sqlite3Fts5StorageDelete(pTab->pStorage, iOld);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageDelete(pTab->pStorage, iNew);
+ }
+ fts5StorageInsert(&rc, pTab, apVal, pRowid);
+ }else{
+ rc = sqlite3Fts5StorageContentInsert(pTab->pStorage, apVal, pRowid);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageDelete(pTab->pStorage, iOld);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageIndexInsert(pTab->pStorage, apVal, *pRowid);
+ }
+ }
+ }else{
+ rc = sqlite3Fts5StorageDelete(pTab->pStorage, iOld);
+ fts5StorageInsert(&rc, pTab, apVal, pRowid);
+ }
+ }
+ }
+
+ pTab->pConfig->pzErrmsg = 0;
+ return rc;
+}
+
+/*
+** Implementation of xSync() method.
+*/
+static int fts5SyncMethod(sqlite3_vtab *pVtab){
+ int rc;
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ fts5CheckTransactionState(pTab, FTS5_SYNC, 0);
+ pTab->pConfig->pzErrmsg = &pTab->base.zErrMsg;
+ fts5TripCursors(pTab);
+ rc = sqlite3Fts5StorageSync(pTab->pStorage, 1);
+ pTab->pConfig->pzErrmsg = 0;
+ return rc;
+}
+
+/*
+** Implementation of xBegin() method.
+*/
+static int fts5BeginMethod(sqlite3_vtab *pVtab){
+ fts5CheckTransactionState((Fts5Table*)pVtab, FTS5_BEGIN, 0);
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of xCommit() method. This is a no-op. The contents of
+** the pending-terms hash-table have already been flushed into the database
+** by fts5SyncMethod().
+*/
+static int fts5CommitMethod(sqlite3_vtab *pVtab){
+ fts5CheckTransactionState((Fts5Table*)pVtab, FTS5_COMMIT, 0);
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of xRollback(). Discard the contents of the pending-terms
+** hash-table. Any changes made to the database are reverted by SQLite.
+*/
+static int fts5RollbackMethod(sqlite3_vtab *pVtab){
+ int rc;
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ fts5CheckTransactionState(pTab, FTS5_ROLLBACK, 0);
+ rc = sqlite3Fts5StorageRollback(pTab->pStorage);
+ return rc;
+}
+
+static void *fts5ApiUserData(Fts5Context *pCtx){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ return pCsr->pAux->pUserData;
+}
+
+static int fts5ApiColumnCount(Fts5Context *pCtx){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ return ((Fts5Table*)(pCsr->base.pVtab))->pConfig->nCol;
+}
+
+static int fts5ApiColumnTotalSize(
+ Fts5Context *pCtx,
+ int iCol,
+ sqlite3_int64 *pnToken
+){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ return sqlite3Fts5StorageSize(pTab->pStorage, iCol, pnToken);
+}
+
+static int fts5ApiRowCount(Fts5Context *pCtx, i64 *pnRow){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ return sqlite3Fts5StorageRowCount(pTab->pStorage, pnRow);
+}
+
+static int fts5ApiTokenize(
+ Fts5Context *pCtx,
+ const char *pText, int nText,
+ void *pUserData,
+ int (*xToken)(void*, int, const char*, int, int, int)
+){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ return sqlite3Fts5Tokenize(
+ pTab->pConfig, FTS5_TOKENIZE_AUX, pText, nText, pUserData, xToken
+ );
+}
+
+static int fts5ApiPhraseCount(Fts5Context *pCtx){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ return sqlite3Fts5ExprPhraseCount(pCsr->pExpr);
+}
+
+static int fts5ApiPhraseSize(Fts5Context *pCtx, int iPhrase){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ return sqlite3Fts5ExprPhraseSize(pCsr->pExpr, iPhrase);
+}
+
+static int fts5CsrPoslist(Fts5Cursor *pCsr, int iPhrase, const u8 **pa){
+ int n;
+ if( pCsr->pSorter ){
+ Fts5Sorter *pSorter = pCsr->pSorter;
+ int i1 = (iPhrase==0 ? 0 : pSorter->aIdx[iPhrase-1]);
+ n = pSorter->aIdx[iPhrase] - i1;
+ *pa = &pSorter->aPoslist[i1];
+ }else{
+ n = sqlite3Fts5ExprPoslist(pCsr->pExpr, iPhrase, pa);
+ }
+ return n;
+}
+
+/*
+** Ensure that the Fts5Cursor.nInstCount and aInst[] variables are populated
+** correctly for the current view. Return SQLITE_OK if successful, or an
+** SQLite error code otherwise.
+*/
+static int fts5CacheInstArray(Fts5Cursor *pCsr){
+ int rc = SQLITE_OK;
+ Fts5PoslistReader *aIter; /* One iterator for each phrase */
+ int nIter; /* Number of iterators/phrases */
+
+ nIter = sqlite3Fts5ExprPhraseCount(pCsr->pExpr);
+ if( pCsr->aInstIter==0 ){
+ int nByte = sizeof(Fts5PoslistReader) * nIter;
+ pCsr->aInstIter = (Fts5PoslistReader*)sqlite3Fts5MallocZero(&rc, nByte);
+ }
+ aIter = pCsr->aInstIter;
+
+ if( aIter ){
+ int nInst = 0; /* Number instances seen so far */
+ int i;
+
+ /* Initialize all iterators */
+ for(i=0; i<nIter; i++){
+ const u8 *a;
+ int n = fts5CsrPoslist(pCsr, i, &a);
+ sqlite3Fts5PoslistReaderInit(a, n, &aIter[i]);
+ }
+
+ while( 1 ){
+ int *aInst;
+ int iBest = -1;
+ for(i=0; i<nIter; i++){
+ if( (aIter[i].bEof==0)
+ && (iBest<0 || aIter[i].iPos<aIter[iBest].iPos)
+ ){
+ iBest = i;
+ }
+ }
+ if( iBest<0 ) break;
+
+ nInst++;
+ if( nInst>=pCsr->nInstAlloc ){
+ pCsr->nInstAlloc = pCsr->nInstAlloc ? pCsr->nInstAlloc*2 : 32;
+ aInst = (int*)sqlite3_realloc(
+ pCsr->aInst, pCsr->nInstAlloc*sizeof(int)*3
+ );
+ if( aInst ){
+ pCsr->aInst = aInst;
+ }else{
+ rc = SQLITE_NOMEM;
+ break;
+ }
+ }
+
+ aInst = &pCsr->aInst[3 * (nInst-1)];
+ aInst[0] = iBest;
+ aInst[1] = FTS5_POS2COLUMN(aIter[iBest].iPos);
+ aInst[2] = FTS5_POS2OFFSET(aIter[iBest].iPos);
+ sqlite3Fts5PoslistReaderNext(&aIter[iBest]);
+ }
+
+ pCsr->nInstCount = nInst;
+ CsrFlagClear(pCsr, FTS5CSR_REQUIRE_INST);
+ }
+ return rc;
+}
+
+static int fts5ApiInstCount(Fts5Context *pCtx, int *pnInst){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ int rc = SQLITE_OK;
+ if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_INST)==0
+ || SQLITE_OK==(rc = fts5CacheInstArray(pCsr)) ){
+ *pnInst = pCsr->nInstCount;
+ }
+ return rc;
+}
+
+static int fts5ApiInst(
+ Fts5Context *pCtx,
+ int iIdx,
+ int *piPhrase,
+ int *piCol,
+ int *piOff
+){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ int rc = SQLITE_OK;
+ if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_INST)==0
+ || SQLITE_OK==(rc = fts5CacheInstArray(pCsr))
+ ){
+ if( iIdx<0 || iIdx>=pCsr->nInstCount ){
+ rc = SQLITE_RANGE;
+ }else{
+ *piPhrase = pCsr->aInst[iIdx*3];
+ *piCol = pCsr->aInst[iIdx*3 + 1];
+ *piOff = pCsr->aInst[iIdx*3 + 2];
+ }
+ }
+ return rc;
+}
+
+static sqlite3_int64 fts5ApiRowid(Fts5Context *pCtx){
+ return fts5CursorRowid((Fts5Cursor*)pCtx);
+}
+
+static int fts5ApiColumnText(
+ Fts5Context *pCtx,
+ int iCol,
+ const char **pz,
+ int *pn
+){
+ int rc = SQLITE_OK;
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ if( fts5IsContentless((Fts5Table*)(pCsr->base.pVtab)) ){
+ *pz = 0;
+ *pn = 0;
+ }else{
+ rc = fts5SeekCursor(pCsr, 0);
+ if( rc==SQLITE_OK ){
+ *pz = (const char*)sqlite3_column_text(pCsr->pStmt, iCol+1);
+ *pn = sqlite3_column_bytes(pCsr->pStmt, iCol+1);
+ }
+ }
+ return rc;
+}
+
+static int fts5ColumnSizeCb(
+ void *pContext, /* Pointer to int */
+ int tflags,
+ const char *pToken, /* Buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStart, /* Start offset of token */
+ int iEnd /* End offset of token */
+){
+ int *pCnt = (int*)pContext;
+ if( (tflags & FTS5_TOKEN_COLOCATED)==0 ){
+ (*pCnt)++;
+ }
+ return SQLITE_OK;
+}
+
+static int fts5ApiColumnSize(Fts5Context *pCtx, int iCol, int *pnToken){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ Fts5Config *pConfig = pTab->pConfig;
+ int rc = SQLITE_OK;
+
+ if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_DOCSIZE) ){
+ if( pConfig->bColumnsize ){
+ i64 iRowid = fts5CursorRowid(pCsr);
+ rc = sqlite3Fts5StorageDocsize(pTab->pStorage, iRowid, pCsr->aColumnSize);
+ }else if( pConfig->zContent==0 ){
+ int i;
+ for(i=0; i<pConfig->nCol; i++){
+ if( pConfig->abUnindexed[i]==0 ){
+ pCsr->aColumnSize[i] = -1;
+ }
+ }
+ }else{
+ int i;
+ for(i=0; rc==SQLITE_OK && i<pConfig->nCol; i++){
+ if( pConfig->abUnindexed[i]==0 ){
+ const char *z; int n;
+ void *p = (void*)(&pCsr->aColumnSize[i]);
+ pCsr->aColumnSize[i] = 0;
+ rc = fts5ApiColumnText(pCtx, i, &z, &n);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5Tokenize(
+ pConfig, FTS5_TOKENIZE_AUX, z, n, p, fts5ColumnSizeCb
+ );
+ }
+ }
+ }
+ }
+ CsrFlagClear(pCsr, FTS5CSR_REQUIRE_DOCSIZE);
+ }
+ if( iCol<0 ){
+ int i;
+ *pnToken = 0;
+ for(i=0; i<pConfig->nCol; i++){
+ *pnToken += pCsr->aColumnSize[i];
+ }
+ }else if( iCol<pConfig->nCol ){
+ *pnToken = pCsr->aColumnSize[iCol];
+ }else{
+ *pnToken = 0;
+ rc = SQLITE_RANGE;
+ }
+ return rc;
+}
+
+/*
+** Implementation of the xSetAuxdata() method.
+*/
+static int fts5ApiSetAuxdata(
+ Fts5Context *pCtx, /* Fts5 context */
+ void *pPtr, /* Pointer to save as auxdata */
+ void(*xDelete)(void*) /* Destructor for pPtr (or NULL) */
+){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Auxdata *pData;
+
+ /* Search through the cursors list of Fts5Auxdata objects for one that
+ ** corresponds to the currently executing auxiliary function. */
+ for(pData=pCsr->pAuxdata; pData; pData=pData->pNext){
+ if( pData->pAux==pCsr->pAux ) break;
+ }
+
+ if( pData ){
+ if( pData->xDelete ){
+ pData->xDelete(pData->pPtr);
+ }
+ }else{
+ int rc = SQLITE_OK;
+ pData = (Fts5Auxdata*)sqlite3Fts5MallocZero(&rc, sizeof(Fts5Auxdata));
+ if( pData==0 ){
+ if( xDelete ) xDelete(pPtr);
+ return rc;
+ }
+ pData->pAux = pCsr->pAux;
+ pData->pNext = pCsr->pAuxdata;
+ pCsr->pAuxdata = pData;
+ }
+
+ pData->xDelete = xDelete;
+ pData->pPtr = pPtr;
+ return SQLITE_OK;
+}
+
+static void *fts5ApiGetAuxdata(Fts5Context *pCtx, int bClear){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Auxdata *pData;
+ void *pRet = 0;
+
+ for(pData=pCsr->pAuxdata; pData; pData=pData->pNext){
+ if( pData->pAux==pCsr->pAux ) break;
+ }
+
+ if( pData ){
+ pRet = pData->pPtr;
+ if( bClear ){
+ pData->pPtr = 0;
+ pData->xDelete = 0;
+ }
+ }
+
+ return pRet;
+}
+
+static void fts5ApiPhraseNext(
+ Fts5Context *pCtx,
+ Fts5PhraseIter *pIter,
+ int *piCol, int *piOff
+){
+ if( pIter->a>=pIter->b ){
+ *piCol = -1;
+ *piOff = -1;
+ }else{
+ int iVal;
+ pIter->a += fts5GetVarint32(pIter->a, iVal);
+ if( iVal==1 ){
+ pIter->a += fts5GetVarint32(pIter->a, iVal);
+ *piCol = iVal;
+ *piOff = 0;
+ pIter->a += fts5GetVarint32(pIter->a, iVal);
+ }
+ *piOff += (iVal-2);
+ }
+}
+
+static void fts5ApiPhraseFirst(
+ Fts5Context *pCtx,
+ int iPhrase,
+ Fts5PhraseIter *pIter,
+ int *piCol, int *piOff
+){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ int n = fts5CsrPoslist(pCsr, iPhrase, &pIter->a);
+ pIter->b = &pIter->a[n];
+ *piCol = 0;
+ *piOff = 0;
+ fts5ApiPhraseNext(pCtx, pIter, piCol, piOff);
+}
+
+static int fts5ApiQueryPhrase(Fts5Context*, int, void*,
+ int(*)(const Fts5ExtensionApi*, Fts5Context*, void*)
+);
+
+static const Fts5ExtensionApi sFts5Api = {
+ 2, /* iVersion */
+ fts5ApiUserData,
+ fts5ApiColumnCount,
+ fts5ApiRowCount,
+ fts5ApiColumnTotalSize,
+ fts5ApiTokenize,
+ fts5ApiPhraseCount,
+ fts5ApiPhraseSize,
+ fts5ApiInstCount,
+ fts5ApiInst,
+ fts5ApiRowid,
+ fts5ApiColumnText,
+ fts5ApiColumnSize,
+ fts5ApiQueryPhrase,
+ fts5ApiSetAuxdata,
+ fts5ApiGetAuxdata,
+ fts5ApiPhraseFirst,
+ fts5ApiPhraseNext,
+};
+
+
+/*
+** Implementation of API function xQueryPhrase().
+*/
+static int fts5ApiQueryPhrase(
+ Fts5Context *pCtx,
+ int iPhrase,
+ void *pUserData,
+ int(*xCallback)(const Fts5ExtensionApi*, Fts5Context*, void*)
+){
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+ Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+ int rc;
+ Fts5Cursor *pNew = 0;
+
+ rc = fts5OpenMethod(pCsr->base.pVtab, (sqlite3_vtab_cursor**)&pNew);
+ if( rc==SQLITE_OK ){
+ Fts5Config *pConf = pTab->pConfig;
+ pNew->ePlan = FTS5_PLAN_MATCH;
+ pNew->iFirstRowid = SMALLEST_INT64;
+ pNew->iLastRowid = LARGEST_INT64;
+ pNew->base.pVtab = (sqlite3_vtab*)pTab;
+ rc = sqlite3Fts5ExprClonePhrase(pConf, pCsr->pExpr, iPhrase, &pNew->pExpr);
+ }
+
+ if( rc==SQLITE_OK ){
+ for(rc = fts5CursorFirst(pTab, pNew, 0);
+ rc==SQLITE_OK && CsrFlagTest(pNew, FTS5CSR_EOF)==0;
+ rc = fts5NextMethod((sqlite3_vtab_cursor*)pNew)
+ ){
+ rc = xCallback(&sFts5Api, (Fts5Context*)pNew, pUserData);
+ if( rc!=SQLITE_OK ){
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ break;
+ }
+ }
+ }
+
+ fts5CloseMethod((sqlite3_vtab_cursor*)pNew);
+ return rc;
+}
+
+static void fts5ApiInvoke(
+ Fts5Auxiliary *pAux,
+ Fts5Cursor *pCsr,
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+ assert( pCsr->pAux==0 );
+ pCsr->pAux = pAux;
+ pAux->xFunc(&sFts5Api, (Fts5Context*)pCsr, context, argc, argv);
+ pCsr->pAux = 0;
+}
+
+static Fts5Cursor *fts5CursorFromCsrid(Fts5Global *pGlobal, i64 iCsrId){
+ Fts5Cursor *pCsr;
+ for(pCsr=pGlobal->pCsr; pCsr; pCsr=pCsr->pNext){
+ if( pCsr->iCsrId==iCsrId ) break;
+ }
+ return pCsr;
+}
+
+static void fts5ApiCallback(
+ sqlite3_context *context,
+ int argc,
+ sqlite3_value **argv
+){
+
+ Fts5Auxiliary *pAux;
+ Fts5Cursor *pCsr;
+ i64 iCsrId;
+
+ assert( argc>=1 );
+ pAux = (Fts5Auxiliary*)sqlite3_user_data(context);
+ iCsrId = sqlite3_value_int64(argv[0]);
+
+ pCsr = fts5CursorFromCsrid(pAux->pGlobal, iCsrId);
+ if( pCsr==0 ){
+ char *zErr = sqlite3_mprintf("no such cursor: %lld", iCsrId);
+ sqlite3_result_error(context, zErr, -1);
+ sqlite3_free(zErr);
+ }else{
+ fts5ApiInvoke(pAux, pCsr, context, argc-1, &argv[1]);
+ }
+}
+
+
+/*
+** Given cursor id iId, return a pointer to the corresponding Fts5Index
+** object. Or NULL If the cursor id does not exist.
+**
+** If successful, set *ppConfig to point to the associated config object
+** before returning.
+*/
+static Fts5Index *sqlite3Fts5IndexFromCsrid(
+ Fts5Global *pGlobal, /* FTS5 global context for db handle */
+ i64 iCsrId, /* Id of cursor to find */
+ Fts5Config **ppConfig /* OUT: Configuration object */
+){
+ Fts5Cursor *pCsr;
+ Fts5Table *pTab;
+
+ pCsr = fts5CursorFromCsrid(pGlobal, iCsrId);
+ pTab = (Fts5Table*)pCsr->base.pVtab;
+ *ppConfig = pTab->pConfig;
+
+ return pTab->pIndex;
+}
+
+/*
+** Return a "position-list blob" corresponding to the current position of
+** cursor pCsr via sqlite3_result_blob(). A position-list blob contains
+** the current position-list for each phrase in the query associated with
+** cursor pCsr.
+**
+** A position-list blob begins with (nPhrase-1) varints, where nPhrase is
+** the number of phrases in the query. Following the varints are the
+** concatenated position lists for each phrase, in order.
+**
+** The first varint (if it exists) contains the size of the position list
+** for phrase 0. The second (same disclaimer) contains the size of position
+** list 1. And so on. There is no size field for the final position list,
+** as it can be derived from the total size of the blob.
+*/
+static int fts5PoslistBlob(sqlite3_context *pCtx, Fts5Cursor *pCsr){
+ int i;
+ int rc = SQLITE_OK;
+ int nPhrase = sqlite3Fts5ExprPhraseCount(pCsr->pExpr);
+ Fts5Buffer val;
+
+ memset(&val, 0, sizeof(Fts5Buffer));
+
+ /* Append the varints */
+ for(i=0; i<(nPhrase-1); i++){
+ const u8 *dummy;
+ int nByte = sqlite3Fts5ExprPoslist(pCsr->pExpr, i, &dummy);
+ sqlite3Fts5BufferAppendVarint(&rc, &val, nByte);
+ }
+
+ /* Append the position lists */
+ for(i=0; i<nPhrase; i++){
+ const u8 *pPoslist;
+ int nPoslist;
+ nPoslist = sqlite3Fts5ExprPoslist(pCsr->pExpr, i, &pPoslist);
+ sqlite3Fts5BufferAppendBlob(&rc, &val, nPoslist, pPoslist);
+ }
+
+ sqlite3_result_blob(pCtx, val.p, val.n, sqlite3_free);
+ return rc;
+}
+
+/*
+** This is the xColumn method, called by SQLite to request a value from
+** the row that the supplied cursor currently points to.
+*/
+static int fts5ColumnMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite3_context *pCtx, /* Context for sqlite3_result_xxx() calls */
+ int iCol /* Index of column to read value from */
+){
+ Fts5Table *pTab = (Fts5Table*)(pCursor->pVtab);
+ Fts5Config *pConfig = pTab->pConfig;
+ Fts5Cursor *pCsr = (Fts5Cursor*)pCursor;
+ int rc = SQLITE_OK;
+
+ assert( CsrFlagTest(pCsr, FTS5CSR_EOF)==0 );
+
+ if( pCsr->ePlan==FTS5_PLAN_SPECIAL ){
+ if( iCol==pConfig->nCol ){
+ sqlite3_result_int64(pCtx, pCsr->iSpecial);
+ }
+ }else
+
+ if( iCol==pConfig->nCol ){
+ /* User is requesting the value of the special column with the same name
+ ** as the table. Return the cursor integer id number. This value is only
+ ** useful in that it may be passed as the first argument to an FTS5
+ ** auxiliary function. */
+ sqlite3_result_int64(pCtx, pCsr->iCsrId);
+ }else if( iCol==pConfig->nCol+1 ){
+
+ /* The value of the "rank" column. */
+ if( pCsr->ePlan==FTS5_PLAN_SOURCE ){
+ fts5PoslistBlob(pCtx, pCsr);
+ }else if(
+ pCsr->ePlan==FTS5_PLAN_MATCH
+ || pCsr->ePlan==FTS5_PLAN_SORTED_MATCH
+ ){
+ if( pCsr->pRank || SQLITE_OK==(rc = fts5FindRankFunction(pCsr)) ){
+ fts5ApiInvoke(pCsr->pRank, pCsr, pCtx, pCsr->nRankArg, pCsr->apRankArg);
+ }
+ }
+ }else if( !fts5IsContentless(pTab) ){
+ rc = fts5SeekCursor(pCsr, 1);
+ if( rc==SQLITE_OK ){
+ sqlite3_result_value(pCtx, sqlite3_column_value(pCsr->pStmt, iCol+1));
+ }
+ }
+ return rc;
+}
+
+
+/*
+** This routine implements the xFindFunction method for the FTS3
+** virtual table.
+*/
+static int fts5FindFunctionMethod(
+ sqlite3_vtab *pVtab, /* Virtual table handle */
+ int nArg, /* Number of SQL function arguments */
+ const char *zName, /* Name of SQL function */
+ void (**pxFunc)(sqlite3_context*,int,sqlite3_value**), /* OUT: Result */
+ void **ppArg /* OUT: User data for *pxFunc */
+){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ Fts5Auxiliary *pAux;
+
+ pAux = fts5FindAuxiliary(pTab, zName);
+ if( pAux ){
+ *pxFunc = fts5ApiCallback;
+ *ppArg = (void*)pAux;
+ return 1;
+ }
+
+ /* No function of the specified name was found. Return 0. */
+ return 0;
+}
+
+/*
+** Implementation of FTS5 xRename method. Rename an fts5 table.
+*/
+static int fts5RenameMethod(
+ sqlite3_vtab *pVtab, /* Virtual table handle */
+ const char *zName /* New name of table */
+){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ return sqlite3Fts5StorageRename(pTab->pStorage, zName);
+}
+
+/*
+** The xSavepoint() method.
+**
+** Flush the contents of the pending-terms table to disk.
+*/
+static int fts5SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ fts5CheckTransactionState(pTab, FTS5_SAVEPOINT, iSavepoint);
+ fts5TripCursors(pTab);
+ return sqlite3Fts5StorageSync(pTab->pStorage, 0);
+}
+
+/*
+** The xRelease() method.
+**
+** This is a no-op.
+*/
+static int fts5ReleaseMethod(sqlite3_vtab *pVtab, int iSavepoint){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ fts5CheckTransactionState(pTab, FTS5_RELEASE, iSavepoint);
+ fts5TripCursors(pTab);
+ return sqlite3Fts5StorageSync(pTab->pStorage, 0);
+}
+
+/*
+** The xRollbackTo() method.
+**
+** Discard the contents of the pending terms table.
+*/
+static int fts5RollbackToMethod(sqlite3_vtab *pVtab, int iSavepoint){
+ Fts5Table *pTab = (Fts5Table*)pVtab;
+ fts5CheckTransactionState(pTab, FTS5_ROLLBACKTO, iSavepoint);
+ fts5TripCursors(pTab);
+ return sqlite3Fts5StorageRollback(pTab->pStorage);
+}
+
+/*
+** Register a new auxiliary function with global context pGlobal.
+*/
+static int fts5CreateAux(
+ fts5_api *pApi, /* Global context (one per db handle) */
+ const char *zName, /* Name of new function */
+ void *pUserData, /* User data for aux. function */
+ fts5_extension_function xFunc, /* Aux. function implementation */
+ void(*xDestroy)(void*) /* Destructor for pUserData */
+){
+ Fts5Global *pGlobal = (Fts5Global*)pApi;
+ int rc = sqlite3_overload_function(pGlobal->db, zName, -1);
+ if( rc==SQLITE_OK ){
+ Fts5Auxiliary *pAux;
+ int nName; /* Size of zName in bytes, including \0 */
+ int nByte; /* Bytes of space to allocate */
+
+ nName = (int)strlen(zName) + 1;
+ nByte = sizeof(Fts5Auxiliary) + nName;
+ pAux = (Fts5Auxiliary*)sqlite3_malloc(nByte);
+ if( pAux ){
+ memset(pAux, 0, nByte);
+ pAux->zFunc = (char*)&pAux[1];
+ memcpy(pAux->zFunc, zName, nName);
+ pAux->pGlobal = pGlobal;
+ pAux->pUserData = pUserData;
+ pAux->xFunc = xFunc;
+ pAux->xDestroy = xDestroy;
+ pAux->pNext = pGlobal->pAux;
+ pGlobal->pAux = pAux;
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Register a new tokenizer. This is the implementation of the
+** fts5_api.xCreateTokenizer() method.
+*/
+static int fts5CreateTokenizer(
+ fts5_api *pApi, /* Global context (one per db handle) */
+ const char *zName, /* Name of new function */
+ void *pUserData, /* User data for aux. function */
+ fts5_tokenizer *pTokenizer, /* Tokenizer implementation */
+ void(*xDestroy)(void*) /* Destructor for pUserData */
+){
+ Fts5Global *pGlobal = (Fts5Global*)pApi;
+ Fts5TokenizerModule *pNew;
+ int nName; /* Size of zName and its \0 terminator */
+ int nByte; /* Bytes of space to allocate */
+ int rc = SQLITE_OK;
+
+ nName = (int)strlen(zName) + 1;
+ nByte = sizeof(Fts5TokenizerModule) + nName;
+ pNew = (Fts5TokenizerModule*)sqlite3_malloc(nByte);
+ if( pNew ){
+ memset(pNew, 0, nByte);
+ pNew->zName = (char*)&pNew[1];
+ memcpy(pNew->zName, zName, nName);
+ pNew->pUserData = pUserData;
+ pNew->x = *pTokenizer;
+ pNew->xDestroy = xDestroy;
+ pNew->pNext = pGlobal->pTok;
+ pGlobal->pTok = pNew;
+ if( pNew->pNext==0 ){
+ pGlobal->pDfltTok = pNew;
+ }
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+
+ return rc;
+}
+
+static Fts5TokenizerModule *fts5LocateTokenizer(
+ Fts5Global *pGlobal,
+ const char *zName
+){
+ Fts5TokenizerModule *pMod = 0;
+
+ if( zName==0 ){
+ pMod = pGlobal->pDfltTok;
+ }else{
+ for(pMod=pGlobal->pTok; pMod; pMod=pMod->pNext){
+ if( sqlite3_stricmp(zName, pMod->zName)==0 ) break;
+ }
+ }
+
+ return pMod;
+}
+
+/*
+** Find a tokenizer. This is the implementation of the
+** fts5_api.xFindTokenizer() method.
+*/
+static int fts5FindTokenizer(
+ fts5_api *pApi, /* Global context (one per db handle) */
+ const char *zName, /* Name of new function */
+ void **ppUserData,
+ fts5_tokenizer *pTokenizer /* Populate this object */
+){
+ int rc = SQLITE_OK;
+ Fts5TokenizerModule *pMod;
+
+ pMod = fts5LocateTokenizer((Fts5Global*)pApi, zName);
+ if( pMod ){
+ *pTokenizer = pMod->x;
+ *ppUserData = pMod->pUserData;
+ }else{
+ memset(pTokenizer, 0, sizeof(fts5_tokenizer));
+ rc = SQLITE_ERROR;
+ }
+
+ return rc;
+}
+
+static int sqlite3Fts5GetTokenizer(
+ Fts5Global *pGlobal,
+ const char **azArg,
+ int nArg,
+ Fts5Tokenizer **ppTok,
+ fts5_tokenizer **ppTokApi,
+ char **pzErr
+){
+ Fts5TokenizerModule *pMod;
+ int rc = SQLITE_OK;
+
+ pMod = fts5LocateTokenizer(pGlobal, nArg==0 ? 0 : azArg[0]);
+ if( pMod==0 ){
+ assert( nArg>0 );
+ rc = SQLITE_ERROR;
+ *pzErr = sqlite3_mprintf("no such tokenizer: %s", azArg[0]);
+ }else{
+ rc = pMod->x.xCreate(pMod->pUserData, &azArg[1], (nArg?nArg-1:0), ppTok);
+ *ppTokApi = &pMod->x;
+ if( rc!=SQLITE_OK && pzErr ){
+ *pzErr = sqlite3_mprintf("error in tokenizer constructor");
+ }
+ }
+
+ if( rc!=SQLITE_OK ){
+ *ppTokApi = 0;
+ *ppTok = 0;
+ }
+
+ return rc;
+}
+
+static void fts5ModuleDestroy(void *pCtx){
+ Fts5TokenizerModule *pTok, *pNextTok;
+ Fts5Auxiliary *pAux, *pNextAux;
+ Fts5Global *pGlobal = (Fts5Global*)pCtx;
+
+ for(pAux=pGlobal->pAux; pAux; pAux=pNextAux){
+ pNextAux = pAux->pNext;
+ if( pAux->xDestroy ) pAux->xDestroy(pAux->pUserData);
+ sqlite3_free(pAux);
+ }
+
+ for(pTok=pGlobal->pTok; pTok; pTok=pNextTok){
+ pNextTok = pTok->pNext;
+ if( pTok->xDestroy ) pTok->xDestroy(pTok->pUserData);
+ sqlite3_free(pTok);
+ }
+
+ sqlite3_free(pGlobal);
+}
+
+static void fts5Fts5Func(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal /* Function arguments */
+){
+ Fts5Global *pGlobal = (Fts5Global*)sqlite3_user_data(pCtx);
+ char buf[8];
+ assert( nArg==0 );
+ assert( sizeof(buf)>=sizeof(pGlobal) );
+ memcpy(buf, (void*)&pGlobal, sizeof(pGlobal));
+ sqlite3_result_blob(pCtx, buf, sizeof(pGlobal), SQLITE_TRANSIENT);
+}
+
+/*
+** Implementation of fts5_source_id() function.
+*/
+static void fts5SourceIdFunc(
+ sqlite3_context *pCtx, /* Function call context */
+ int nArg, /* Number of args */
+ sqlite3_value **apVal /* Function arguments */
+){
+ assert( nArg==0 );
+ sqlite3_result_text(pCtx, "fts5: 2016-01-20 15:27:19 17efb4209f97fb4971656086b138599a91a75ff9", -1, SQLITE_TRANSIENT);
+}
+
+static int fts5Init(sqlite3 *db){
+ static const sqlite3_module fts5Mod = {
+ /* iVersion */ 2,
+ /* xCreate */ fts5CreateMethod,
+ /* xConnect */ fts5ConnectMethod,
+ /* xBestIndex */ fts5BestIndexMethod,
+ /* xDisconnect */ fts5DisconnectMethod,
+ /* xDestroy */ fts5DestroyMethod,
+ /* xOpen */ fts5OpenMethod,
+ /* xClose */ fts5CloseMethod,
+ /* xFilter */ fts5FilterMethod,
+ /* xNext */ fts5NextMethod,
+ /* xEof */ fts5EofMethod,
+ /* xColumn */ fts5ColumnMethod,
+ /* xRowid */ fts5RowidMethod,
+ /* xUpdate */ fts5UpdateMethod,
+ /* xBegin */ fts5BeginMethod,
+ /* xSync */ fts5SyncMethod,
+ /* xCommit */ fts5CommitMethod,
+ /* xRollback */ fts5RollbackMethod,
+ /* xFindFunction */ fts5FindFunctionMethod,
+ /* xRename */ fts5RenameMethod,
+ /* xSavepoint */ fts5SavepointMethod,
+ /* xRelease */ fts5ReleaseMethod,
+ /* xRollbackTo */ fts5RollbackToMethod,
+ };
+
+ int rc;
+ Fts5Global *pGlobal = 0;
+
+ pGlobal = (Fts5Global*)sqlite3_malloc(sizeof(Fts5Global));
+ if( pGlobal==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ void *p = (void*)pGlobal;
+ memset(pGlobal, 0, sizeof(Fts5Global));
+ pGlobal->db = db;
+ pGlobal->api.iVersion = 2;
+ pGlobal->api.xCreateFunction = fts5CreateAux;
+ pGlobal->api.xCreateTokenizer = fts5CreateTokenizer;
+ pGlobal->api.xFindTokenizer = fts5FindTokenizer;
+ rc = sqlite3_create_module_v2(db, "fts5", &fts5Mod, p, fts5ModuleDestroy);
+ if( rc==SQLITE_OK ) rc = sqlite3Fts5IndexInit(db);
+ if( rc==SQLITE_OK ) rc = sqlite3Fts5ExprInit(pGlobal, db);
+ if( rc==SQLITE_OK ) rc = sqlite3Fts5AuxInit(&pGlobal->api);
+ if( rc==SQLITE_OK ) rc = sqlite3Fts5TokenizerInit(&pGlobal->api);
+ if( rc==SQLITE_OK ) rc = sqlite3Fts5VocabInit(pGlobal, db);
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_function(
+ db, "fts5", 0, SQLITE_UTF8, p, fts5Fts5Func, 0, 0
+ );
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_function(
+ db, "fts5_source_id", 0, SQLITE_UTF8, p, fts5SourceIdFunc, 0, 0
+ );
+ }
+ }
+ return rc;
+}
+
+/*
+** The following functions are used to register the module with SQLite. If
+** this module is being built as part of the SQLite core (SQLITE_CORE is
+** defined), then sqlite3_open() will call sqlite3Fts5Init() directly.
+**
+** Or, if this module is being built as a loadable extension,
+** sqlite3Fts5Init() is omitted and the two standard entry points
+** sqlite3_fts_init() and sqlite3_fts5_init() defined instead.
+*/
+#ifndef SQLITE_CORE
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+SQLITE_API int SQLITE_STDCALL sqlite3_fts_init(
+ sqlite3 *db,
+ char **pzErrMsg,
+ const sqlite3_api_routines *pApi
+){
+ SQLITE_EXTENSION_INIT2(pApi);
+ (void)pzErrMsg; /* Unused parameter */
+ return fts5Init(db);
+}
+
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+SQLITE_API int SQLITE_STDCALL sqlite3_fts5_init(
+ sqlite3 *db,
+ char **pzErrMsg,
+ const sqlite3_api_routines *pApi
+){
+ SQLITE_EXTENSION_INIT2(pApi);
+ (void)pzErrMsg; /* Unused parameter */
+ return fts5Init(db);
+}
+#else
+SQLITE_PRIVATE int sqlite3Fts5Init(sqlite3 *db){
+ return fts5Init(db);
+}
+#endif
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+*/
+
+
+
+/* #include "fts5Int.h" */
+
+struct Fts5Storage {
+ Fts5Config *pConfig;
+ Fts5Index *pIndex;
+ int bTotalsValid; /* True if nTotalRow/aTotalSize[] are valid */
+ i64 nTotalRow; /* Total number of rows in FTS table */
+ i64 *aTotalSize; /* Total sizes of each column */
+ sqlite3_stmt *aStmt[11];
+};
+
+
+#if FTS5_STMT_SCAN_ASC!=0
+# error "FTS5_STMT_SCAN_ASC mismatch"
+#endif
+#if FTS5_STMT_SCAN_DESC!=1
+# error "FTS5_STMT_SCAN_DESC mismatch"
+#endif
+#if FTS5_STMT_LOOKUP!=2
+# error "FTS5_STMT_LOOKUP mismatch"
+#endif
+
+#define FTS5_STMT_INSERT_CONTENT 3
+#define FTS5_STMT_REPLACE_CONTENT 4
+#define FTS5_STMT_DELETE_CONTENT 5
+#define FTS5_STMT_REPLACE_DOCSIZE 6
+#define FTS5_STMT_DELETE_DOCSIZE 7
+#define FTS5_STMT_LOOKUP_DOCSIZE 8
+#define FTS5_STMT_REPLACE_CONFIG 9
+#define FTS5_STMT_SCAN 10
+
+/*
+** Prepare the two insert statements - Fts5Storage.pInsertContent and
+** Fts5Storage.pInsertDocsize - if they have not already been prepared.
+** Return SQLITE_OK if successful, or an SQLite error code if an error
+** occurs.
+*/
+static int fts5StorageGetStmt(
+ Fts5Storage *p, /* Storage handle */
+ int eStmt, /* FTS5_STMT_XXX constant */
+ sqlite3_stmt **ppStmt, /* OUT: Prepared statement handle */
+ char **pzErrMsg /* OUT: Error message (if any) */
+){
+ int rc = SQLITE_OK;
+
+ /* If there is no %_docsize table, there should be no requests for
+ ** statements to operate on it. */
+ assert( p->pConfig->bColumnsize || (
+ eStmt!=FTS5_STMT_REPLACE_DOCSIZE
+ && eStmt!=FTS5_STMT_DELETE_DOCSIZE
+ && eStmt!=FTS5_STMT_LOOKUP_DOCSIZE
+ ));
+
+ assert( eStmt>=0 && eStmt<ArraySize(p->aStmt) );
+ if( p->aStmt[eStmt]==0 ){
+ const char *azStmt[] = {
+ "SELECT %s FROM %s T WHERE T.%Q >= ? AND T.%Q <= ? ORDER BY T.%Q ASC",
+ "SELECT %s FROM %s T WHERE T.%Q <= ? AND T.%Q >= ? ORDER BY T.%Q DESC",
+ "SELECT %s FROM %s T WHERE T.%Q=?", /* LOOKUP */
+
+ "INSERT INTO %Q.'%q_content' VALUES(%s)", /* INSERT_CONTENT */
+ "REPLACE INTO %Q.'%q_content' VALUES(%s)", /* REPLACE_CONTENT */
+ "DELETE FROM %Q.'%q_content' WHERE id=?", /* DELETE_CONTENT */
+ "REPLACE INTO %Q.'%q_docsize' VALUES(?,?)", /* REPLACE_DOCSIZE */
+ "DELETE FROM %Q.'%q_docsize' WHERE id=?", /* DELETE_DOCSIZE */
+
+ "SELECT sz FROM %Q.'%q_docsize' WHERE id=?", /* LOOKUP_DOCSIZE */
+
+ "REPLACE INTO %Q.'%q_config' VALUES(?,?)", /* REPLACE_CONFIG */
+ "SELECT %s FROM %s AS T", /* SCAN */
+ };
+ Fts5Config *pC = p->pConfig;
+ char *zSql = 0;
+
+ switch( eStmt ){
+ case FTS5_STMT_SCAN:
+ zSql = sqlite3_mprintf(azStmt[eStmt],
+ pC->zContentExprlist, pC->zContent
+ );
+ break;
+
+ case FTS5_STMT_SCAN_ASC:
+ case FTS5_STMT_SCAN_DESC:
+ zSql = sqlite3_mprintf(azStmt[eStmt], pC->zContentExprlist,
+ pC->zContent, pC->zContentRowid, pC->zContentRowid,
+ pC->zContentRowid
+ );
+ break;
+
+ case FTS5_STMT_LOOKUP:
+ zSql = sqlite3_mprintf(azStmt[eStmt],
+ pC->zContentExprlist, pC->zContent, pC->zContentRowid
+ );
+ break;
+
+ case FTS5_STMT_INSERT_CONTENT:
+ case FTS5_STMT_REPLACE_CONTENT: {
+ int nCol = pC->nCol + 1;
+ char *zBind;
+ int i;
+
+ zBind = sqlite3_malloc(1 + nCol*2);
+ if( zBind ){
+ for(i=0; i<nCol; i++){
+ zBind[i*2] = '?';
+ zBind[i*2 + 1] = ',';
+ }
+ zBind[i*2-1] = '\0';
+ zSql = sqlite3_mprintf(azStmt[eStmt], pC->zDb, pC->zName, zBind);
+ sqlite3_free(zBind);
+ }
+ break;
+ }
+
+ default:
+ zSql = sqlite3_mprintf(azStmt[eStmt], pC->zDb, pC->zName);
+ break;
+ }
+
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_prepare_v2(pC->db, zSql, -1, &p->aStmt[eStmt], 0);
+ sqlite3_free(zSql);
+ if( rc!=SQLITE_OK && pzErrMsg ){
+ *pzErrMsg = sqlite3_mprintf("%s", sqlite3_errmsg(pC->db));
+ }
+ }
+ }
+
+ *ppStmt = p->aStmt[eStmt];
+ return rc;
+}
+
+
+static int fts5ExecPrintf(
+ sqlite3 *db,
+ char **pzErr,
+ const char *zFormat,
+ ...
+){
+ int rc;
+ va_list ap; /* ... printf arguments */
+ char *zSql;
+
+ va_start(ap, zFormat);
+ zSql = sqlite3_vmprintf(zFormat, ap);
+
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ rc = sqlite3_exec(db, zSql, 0, 0, pzErr);
+ sqlite3_free(zSql);
+ }
+
+ va_end(ap);
+ return rc;
+}
+
+/*
+** Drop all shadow tables. Return SQLITE_OK if successful or an SQLite error
+** code otherwise.
+*/
+static int sqlite3Fts5DropAll(Fts5Config *pConfig){
+ int rc = fts5ExecPrintf(pConfig->db, 0,
+ "DROP TABLE IF EXISTS %Q.'%q_data';"
+ "DROP TABLE IF EXISTS %Q.'%q_idx';"
+ "DROP TABLE IF EXISTS %Q.'%q_config';",
+ pConfig->zDb, pConfig->zName,
+ pConfig->zDb, pConfig->zName,
+ pConfig->zDb, pConfig->zName
+ );
+ if( rc==SQLITE_OK && pConfig->bColumnsize ){
+ rc = fts5ExecPrintf(pConfig->db, 0,
+ "DROP TABLE IF EXISTS %Q.'%q_docsize';",
+ pConfig->zDb, pConfig->zName
+ );
+ }
+ if( rc==SQLITE_OK && pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ rc = fts5ExecPrintf(pConfig->db, 0,
+ "DROP TABLE IF EXISTS %Q.'%q_content';",
+ pConfig->zDb, pConfig->zName
+ );
+ }
+ return rc;
+}
+
+static void fts5StorageRenameOne(
+ Fts5Config *pConfig, /* Current FTS5 configuration */
+ int *pRc, /* IN/OUT: Error code */
+ const char *zTail, /* Tail of table name e.g. "data", "config" */
+ const char *zName /* New name of FTS5 table */
+){
+ if( *pRc==SQLITE_OK ){
+ *pRc = fts5ExecPrintf(pConfig->db, 0,
+ "ALTER TABLE %Q.'%q_%s' RENAME TO '%q_%s';",
+ pConfig->zDb, pConfig->zName, zTail, zName, zTail
+ );
+ }
+}
+
+static int sqlite3Fts5StorageRename(Fts5Storage *pStorage, const char *zName){
+ Fts5Config *pConfig = pStorage->pConfig;
+ int rc = sqlite3Fts5StorageSync(pStorage, 1);
+
+ fts5StorageRenameOne(pConfig, &rc, "data", zName);
+ fts5StorageRenameOne(pConfig, &rc, "idx", zName);
+ fts5StorageRenameOne(pConfig, &rc, "config", zName);
+ if( pConfig->bColumnsize ){
+ fts5StorageRenameOne(pConfig, &rc, "docsize", zName);
+ }
+ if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ fts5StorageRenameOne(pConfig, &rc, "content", zName);
+ }
+ return rc;
+}
+
+/*
+** Create the shadow table named zPost, with definition zDefn. Return
+** SQLITE_OK if successful, or an SQLite error code otherwise.
+*/
+static int sqlite3Fts5CreateTable(
+ Fts5Config *pConfig, /* FTS5 configuration */
+ const char *zPost, /* Shadow table to create (e.g. "content") */
+ const char *zDefn, /* Columns etc. for shadow table */
+ int bWithout, /* True for without rowid */
+ char **pzErr /* OUT: Error message */
+){
+ int rc;
+ char *zErr = 0;
+
+ rc = fts5ExecPrintf(pConfig->db, &zErr, "CREATE TABLE %Q.'%q_%q'(%s)%s",
+ pConfig->zDb, pConfig->zName, zPost, zDefn, bWithout?" WITHOUT ROWID":""
+ );
+ if( zErr ){
+ *pzErr = sqlite3_mprintf(
+ "fts5: error creating shadow table %q_%s: %s",
+ pConfig->zName, zPost, zErr
+ );
+ sqlite3_free(zErr);
+ }
+
+ return rc;
+}
+
+/*
+** Open a new Fts5Index handle. If the bCreate argument is true, create
+** and initialize the underlying tables
+**
+** If successful, set *pp to point to the new object and return SQLITE_OK.
+** Otherwise, set *pp to NULL and return an SQLite error code.
+*/
+static int sqlite3Fts5StorageOpen(
+ Fts5Config *pConfig,
+ Fts5Index *pIndex,
+ int bCreate,
+ Fts5Storage **pp,
+ char **pzErr /* OUT: Error message */
+){
+ int rc = SQLITE_OK;
+ Fts5Storage *p; /* New object */
+ int nByte; /* Bytes of space to allocate */
+
+ nByte = sizeof(Fts5Storage) /* Fts5Storage object */
+ + pConfig->nCol * sizeof(i64); /* Fts5Storage.aTotalSize[] */
+ *pp = p = (Fts5Storage*)sqlite3_malloc(nByte);
+ if( !p ) return SQLITE_NOMEM;
+
+ memset(p, 0, nByte);
+ p->aTotalSize = (i64*)&p[1];
+ p->pConfig = pConfig;
+ p->pIndex = pIndex;
+
+ if( bCreate ){
+ if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ int nDefn = 32 + pConfig->nCol*10;
+ char *zDefn = sqlite3_malloc(32 + pConfig->nCol * 10);
+ if( zDefn==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ int i;
+ int iOff;
+ sqlite3_snprintf(nDefn, zDefn, "id INTEGER PRIMARY KEY");
+ iOff = (int)strlen(zDefn);
+ for(i=0; i<pConfig->nCol; i++){
+ sqlite3_snprintf(nDefn-iOff, &zDefn[iOff], ", c%d", i);
+ iOff += (int)strlen(&zDefn[iOff]);
+ }
+ rc = sqlite3Fts5CreateTable(pConfig, "content", zDefn, 0, pzErr);
+ }
+ sqlite3_free(zDefn);
+ }
+
+ if( rc==SQLITE_OK && pConfig->bColumnsize ){
+ rc = sqlite3Fts5CreateTable(
+ pConfig, "docsize", "id INTEGER PRIMARY KEY, sz BLOB", 0, pzErr
+ );
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5CreateTable(
+ pConfig, "config", "k PRIMARY KEY, v", 1, pzErr
+ );
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageConfigValue(p, "version", 0, FTS5_CURRENT_VERSION);
+ }
+ }
+
+ if( rc ){
+ sqlite3Fts5StorageClose(p);
+ *pp = 0;
+ }
+ return rc;
+}
+
+/*
+** Close a handle opened by an earlier call to sqlite3Fts5StorageOpen().
+*/
+static int sqlite3Fts5StorageClose(Fts5Storage *p){
+ int rc = SQLITE_OK;
+ if( p ){
+ int i;
+
+ /* Finalize all SQL statements */
+ for(i=0; i<(int)ArraySize(p->aStmt); i++){
+ sqlite3_finalize(p->aStmt[i]);
+ }
+
+ sqlite3_free(p);
+ }
+ return rc;
+}
+
+typedef struct Fts5InsertCtx Fts5InsertCtx;
+struct Fts5InsertCtx {
+ Fts5Storage *pStorage;
+ int iCol;
+ int szCol; /* Size of column value in tokens */
+};
+
+/*
+** Tokenization callback used when inserting tokens into the FTS index.
+*/
+static int fts5StorageInsertCallback(
+ void *pContext, /* Pointer to Fts5InsertCtx object */
+ int tflags,
+ const char *pToken, /* Buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStart, /* Start offset of token */
+ int iEnd /* End offset of token */
+){
+ Fts5InsertCtx *pCtx = (Fts5InsertCtx*)pContext;
+ Fts5Index *pIdx = pCtx->pStorage->pIndex;
+ if( (tflags & FTS5_TOKEN_COLOCATED)==0 || pCtx->szCol==0 ){
+ pCtx->szCol++;
+ }
+ return sqlite3Fts5IndexWrite(pIdx, pCtx->iCol, pCtx->szCol-1, pToken, nToken);
+}
+
+/*
+** If a row with rowid iDel is present in the %_content table, add the
+** delete-markers to the FTS index necessary to delete it. Do not actually
+** remove the %_content row at this time though.
+*/
+static int fts5StorageDeleteFromIndex(Fts5Storage *p, i64 iDel){
+ Fts5Config *pConfig = p->pConfig;
+ sqlite3_stmt *pSeek; /* SELECT to read row iDel from %_data */
+ int rc; /* Return code */
+
+ rc = fts5StorageGetStmt(p, FTS5_STMT_LOOKUP, &pSeek, 0);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ sqlite3_bind_int64(pSeek, 1, iDel);
+ if( sqlite3_step(pSeek)==SQLITE_ROW ){
+ int iCol;
+ Fts5InsertCtx ctx;
+ ctx.pStorage = p;
+ ctx.iCol = -1;
+ rc = sqlite3Fts5IndexBeginWrite(p->pIndex, 1, iDel);
+ for(iCol=1; rc==SQLITE_OK && iCol<=pConfig->nCol; iCol++){
+ if( pConfig->abUnindexed[iCol-1] ) continue;
+ ctx.szCol = 0;
+ rc = sqlite3Fts5Tokenize(pConfig,
+ FTS5_TOKENIZE_DOCUMENT,
+ (const char*)sqlite3_column_text(pSeek, iCol),
+ sqlite3_column_bytes(pSeek, iCol),
+ (void*)&ctx,
+ fts5StorageInsertCallback
+ );
+ p->aTotalSize[iCol-1] -= (i64)ctx.szCol;
+ }
+ p->nTotalRow--;
+ }
+ rc2 = sqlite3_reset(pSeek);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ return rc;
+}
+
+
+/*
+** Insert a record into the %_docsize table. Specifically, do:
+**
+** INSERT OR REPLACE INTO %_docsize(id, sz) VALUES(iRowid, pBuf);
+**
+** If there is no %_docsize table (as happens if the columnsize=0 option
+** is specified when the FTS5 table is created), this function is a no-op.
+*/
+static int fts5StorageInsertDocsize(
+ Fts5Storage *p, /* Storage module to write to */
+ i64 iRowid, /* id value */
+ Fts5Buffer *pBuf /* sz value */
+){
+ int rc = SQLITE_OK;
+ if( p->pConfig->bColumnsize ){
+ sqlite3_stmt *pReplace = 0;
+ rc = fts5StorageGetStmt(p, FTS5_STMT_REPLACE_DOCSIZE, &pReplace, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pReplace, 1, iRowid);
+ sqlite3_bind_blob(pReplace, 2, pBuf->p, pBuf->n, SQLITE_STATIC);
+ sqlite3_step(pReplace);
+ rc = sqlite3_reset(pReplace);
+ }
+ }
+ return rc;
+}
+
+/*
+** Load the contents of the "averages" record from disk into the
+** p->nTotalRow and p->aTotalSize[] variables. If successful, and if
+** argument bCache is true, set the p->bTotalsValid flag to indicate
+** that the contents of aTotalSize[] and nTotalRow are valid until
+** further notice.
+**
+** Return SQLITE_OK if successful, or an SQLite error code if an error
+** occurs.
+*/
+static int fts5StorageLoadTotals(Fts5Storage *p, int bCache){
+ int rc = SQLITE_OK;
+ if( p->bTotalsValid==0 ){
+ rc = sqlite3Fts5IndexGetAverages(p->pIndex, &p->nTotalRow, p->aTotalSize);
+ p->bTotalsValid = bCache;
+ }
+ return rc;
+}
+
+/*
+** Store the current contents of the p->nTotalRow and p->aTotalSize[]
+** variables in the "averages" record on disk.
+**
+** Return SQLITE_OK if successful, or an SQLite error code if an error
+** occurs.
+*/
+static int fts5StorageSaveTotals(Fts5Storage *p){
+ int nCol = p->pConfig->nCol;
+ int i;
+ Fts5Buffer buf;
+ int rc = SQLITE_OK;
+ memset(&buf, 0, sizeof(buf));
+
+ sqlite3Fts5BufferAppendVarint(&rc, &buf, p->nTotalRow);
+ for(i=0; i<nCol; i++){
+ sqlite3Fts5BufferAppendVarint(&rc, &buf, p->aTotalSize[i]);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexSetAverages(p->pIndex, buf.p, buf.n);
+ }
+ sqlite3_free(buf.p);
+
+ return rc;
+}
+
+/*
+** Remove a row from the FTS table.
+*/
+static int sqlite3Fts5StorageDelete(Fts5Storage *p, i64 iDel){
+ Fts5Config *pConfig = p->pConfig;
+ int rc;
+ sqlite3_stmt *pDel = 0;
+
+ rc = fts5StorageLoadTotals(p, 1);
+
+ /* Delete the index records */
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageDeleteFromIndex(p, iDel);
+ }
+
+ /* Delete the %_docsize record */
+ if( rc==SQLITE_OK && pConfig->bColumnsize ){
+ rc = fts5StorageGetStmt(p, FTS5_STMT_DELETE_DOCSIZE, &pDel, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDel, 1, iDel);
+ sqlite3_step(pDel);
+ rc = sqlite3_reset(pDel);
+ }
+ }
+
+ /* Delete the %_content record */
+ if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageGetStmt(p, FTS5_STMT_DELETE_CONTENT, &pDel, 0);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDel, 1, iDel);
+ sqlite3_step(pDel);
+ rc = sqlite3_reset(pDel);
+ }
+ }
+
+ /* Write the averages record */
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageSaveTotals(p);
+ }
+
+ return rc;
+}
+
+static int sqlite3Fts5StorageSpecialDelete(
+ Fts5Storage *p,
+ i64 iDel,
+ sqlite3_value **apVal
+){
+ Fts5Config *pConfig = p->pConfig;
+ int rc;
+ sqlite3_stmt *pDel = 0;
+
+ assert( pConfig->eContent!=FTS5_CONTENT_NORMAL );
+ rc = fts5StorageLoadTotals(p, 1);
+
+ /* Delete the index records */
+ if( rc==SQLITE_OK ){
+ int iCol;
+ Fts5InsertCtx ctx;
+ ctx.pStorage = p;
+ ctx.iCol = -1;
+
+ rc = sqlite3Fts5IndexBeginWrite(p->pIndex, 1, iDel);
+ for(iCol=0; rc==SQLITE_OK && iCol<pConfig->nCol; iCol++){
+ if( pConfig->abUnindexed[iCol] ) continue;
+ ctx.szCol = 0;
+ rc = sqlite3Fts5Tokenize(pConfig,
+ FTS5_TOKENIZE_DOCUMENT,
+ (const char*)sqlite3_value_text(apVal[iCol]),
+ sqlite3_value_bytes(apVal[iCol]),
+ (void*)&ctx,
+ fts5StorageInsertCallback
+ );
+ p->aTotalSize[iCol] -= (i64)ctx.szCol;
+ }
+ p->nTotalRow--;
+ }
+
+ /* Delete the %_docsize record */
+ if( pConfig->bColumnsize ){
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageGetStmt(p, FTS5_STMT_DELETE_DOCSIZE, &pDel, 0);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_int64(pDel, 1, iDel);
+ sqlite3_step(pDel);
+ rc = sqlite3_reset(pDel);
+ }
+ }
+
+ /* Write the averages record */
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageSaveTotals(p);
+ }
+
+ return rc;
+}
+
+/*
+** Delete all entries in the FTS5 index.
+*/
+static int sqlite3Fts5StorageDeleteAll(Fts5Storage *p){
+ Fts5Config *pConfig = p->pConfig;
+ int rc;
+
+ /* Delete the contents of the %_data and %_docsize tables. */
+ rc = fts5ExecPrintf(pConfig->db, 0,
+ "DELETE FROM %Q.'%q_data';"
+ "DELETE FROM %Q.'%q_idx';",
+ pConfig->zDb, pConfig->zName,
+ pConfig->zDb, pConfig->zName
+ );
+ if( rc==SQLITE_OK && pConfig->bColumnsize ){
+ rc = fts5ExecPrintf(pConfig->db, 0,
+ "DELETE FROM %Q.'%q_docsize';",
+ pConfig->zDb, pConfig->zName
+ );
+ }
+
+ /* Reinitialize the %_data table. This call creates the initial structure
+ ** and averages records. */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexReinit(p->pIndex);
+ }
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5StorageConfigValue(p, "version", 0, FTS5_CURRENT_VERSION);
+ }
+ return rc;
+}
+
+static int sqlite3Fts5StorageRebuild(Fts5Storage *p){
+ Fts5Buffer buf = {0,0,0};
+ Fts5Config *pConfig = p->pConfig;
+ sqlite3_stmt *pScan = 0;
+ Fts5InsertCtx ctx;
+ int rc;
+
+ memset(&ctx, 0, sizeof(Fts5InsertCtx));
+ ctx.pStorage = p;
+ rc = sqlite3Fts5StorageDeleteAll(p);
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageLoadTotals(p, 1);
+ }
+
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageGetStmt(p, FTS5_STMT_SCAN, &pScan, 0);
+ }
+
+ while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pScan) ){
+ i64 iRowid = sqlite3_column_int64(pScan, 0);
+
+ sqlite3Fts5BufferZero(&buf);
+ rc = sqlite3Fts5IndexBeginWrite(p->pIndex, 0, iRowid);
+ for(ctx.iCol=0; rc==SQLITE_OK && ctx.iCol<pConfig->nCol; ctx.iCol++){
+ ctx.szCol = 0;
+ if( pConfig->abUnindexed[ctx.iCol]==0 ){
+ rc = sqlite3Fts5Tokenize(pConfig,
+ FTS5_TOKENIZE_DOCUMENT,
+ (const char*)sqlite3_column_text(pScan, ctx.iCol+1),
+ sqlite3_column_bytes(pScan, ctx.iCol+1),
+ (void*)&ctx,
+ fts5StorageInsertCallback
+ );
+ }
+ sqlite3Fts5BufferAppendVarint(&rc, &buf, ctx.szCol);
+ p->aTotalSize[ctx.iCol] += (i64)ctx.szCol;
+ }
+ p->nTotalRow++;
+
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageInsertDocsize(p, iRowid, &buf);
+ }
+ }
+ sqlite3_free(buf.p);
+
+ /* Write the averages record */
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageSaveTotals(p);
+ }
+ return rc;
+}
+
+static int sqlite3Fts5StorageOptimize(Fts5Storage *p){
+ return sqlite3Fts5IndexOptimize(p->pIndex);
+}
+
+static int sqlite3Fts5StorageMerge(Fts5Storage *p, int nMerge){
+ return sqlite3Fts5IndexMerge(p->pIndex, nMerge);
+}
+
+/*
+** Allocate a new rowid. This is used for "external content" tables when
+** a NULL value is inserted into the rowid column. The new rowid is allocated
+** by inserting a dummy row into the %_docsize table. The dummy will be
+** overwritten later.
+**
+** If the %_docsize table does not exist, SQLITE_MISMATCH is returned. In
+** this case the user is required to provide a rowid explicitly.
+*/
+static int fts5StorageNewRowid(Fts5Storage *p, i64 *piRowid){
+ int rc = SQLITE_MISMATCH;
+ if( p->pConfig->bColumnsize ){
+ sqlite3_stmt *pReplace = 0;
+ rc = fts5StorageGetStmt(p, FTS5_STMT_REPLACE_DOCSIZE, &pReplace, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_null(pReplace, 1);
+ sqlite3_bind_null(pReplace, 2);
+ sqlite3_step(pReplace);
+ rc = sqlite3_reset(pReplace);
+ }
+ if( rc==SQLITE_OK ){
+ *piRowid = sqlite3_last_insert_rowid(p->pConfig->db);
+ }
+ }
+ return rc;
+}
+
+/*
+** Insert a new row into the FTS content table.
+*/
+static int sqlite3Fts5StorageContentInsert(
+ Fts5Storage *p,
+ sqlite3_value **apVal,
+ i64 *piRowid
+){
+ Fts5Config *pConfig = p->pConfig;
+ int rc = SQLITE_OK;
+
+ /* Insert the new row into the %_content table. */
+ if( pConfig->eContent!=FTS5_CONTENT_NORMAL ){
+ if( sqlite3_value_type(apVal[1])==SQLITE_INTEGER ){
+ *piRowid = sqlite3_value_int64(apVal[1]);
+ }else{
+ rc = fts5StorageNewRowid(p, piRowid);
+ }
+ }else{
+ sqlite3_stmt *pInsert = 0; /* Statement to write %_content table */
+ int i; /* Counter variable */
+ rc = fts5StorageGetStmt(p, FTS5_STMT_INSERT_CONTENT, &pInsert, 0);
+ for(i=1; rc==SQLITE_OK && i<=pConfig->nCol+1; i++){
+ rc = sqlite3_bind_value(pInsert, i, apVal[i]);
+ }
+ if( rc==SQLITE_OK ){
+ sqlite3_step(pInsert);
+ rc = sqlite3_reset(pInsert);
+ }
+ *piRowid = sqlite3_last_insert_rowid(pConfig->db);
+ }
+
+ return rc;
+}
+
+/*
+** Insert new entries into the FTS index and %_docsize table.
+*/
+static int sqlite3Fts5StorageIndexInsert(
+ Fts5Storage *p,
+ sqlite3_value **apVal,
+ i64 iRowid
+){
+ Fts5Config *pConfig = p->pConfig;
+ int rc = SQLITE_OK; /* Return code */
+ Fts5InsertCtx ctx; /* Tokenization callback context object */
+ Fts5Buffer buf; /* Buffer used to build up %_docsize blob */
+
+ memset(&buf, 0, sizeof(Fts5Buffer));
+ ctx.pStorage = p;
+ rc = fts5StorageLoadTotals(p, 1);
+
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexBeginWrite(p->pIndex, 0, iRowid);
+ }
+ for(ctx.iCol=0; rc==SQLITE_OK && ctx.iCol<pConfig->nCol; ctx.iCol++){
+ ctx.szCol = 0;
+ if( pConfig->abUnindexed[ctx.iCol]==0 ){
+ rc = sqlite3Fts5Tokenize(pConfig,
+ FTS5_TOKENIZE_DOCUMENT,
+ (const char*)sqlite3_value_text(apVal[ctx.iCol+2]),
+ sqlite3_value_bytes(apVal[ctx.iCol+2]),
+ (void*)&ctx,
+ fts5StorageInsertCallback
+ );
+ }
+ sqlite3Fts5BufferAppendVarint(&rc, &buf, ctx.szCol);
+ p->aTotalSize[ctx.iCol] += (i64)ctx.szCol;
+ }
+ p->nTotalRow++;
+
+ /* Write the %_docsize record */
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageInsertDocsize(p, iRowid, &buf);
+ }
+ sqlite3_free(buf.p);
+
+ /* Write the averages record */
+ if( rc==SQLITE_OK ){
+ rc = fts5StorageSaveTotals(p);
+ }
+
+ return rc;
+}
+
+static int fts5StorageCount(Fts5Storage *p, const char *zSuffix, i64 *pnRow){
+ Fts5Config *pConfig = p->pConfig;
+ char *zSql;
+ int rc;
+
+ zSql = sqlite3_mprintf("SELECT count(*) FROM %Q.'%q_%s'",
+ pConfig->zDb, pConfig->zName, zSuffix
+ );
+ if( zSql==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ sqlite3_stmt *pCnt = 0;
+ rc = sqlite3_prepare_v2(pConfig->db, zSql, -1, &pCnt, 0);
+ if( rc==SQLITE_OK ){
+ if( SQLITE_ROW==sqlite3_step(pCnt) ){
+ *pnRow = sqlite3_column_int64(pCnt, 0);
+ }
+ rc = sqlite3_finalize(pCnt);
+ }
+ }
+
+ sqlite3_free(zSql);
+ return rc;
+}
+
+/*
+** Context object used by sqlite3Fts5StorageIntegrity().
+*/
+typedef struct Fts5IntegrityCtx Fts5IntegrityCtx;
+struct Fts5IntegrityCtx {
+ i64 iRowid;
+ int iCol;
+ int szCol;
+ u64 cksum;
+ Fts5Config *pConfig;
+};
+
+/*
+** Tokenization callback used by integrity check.
+*/
+static int fts5StorageIntegrityCallback(
+ void *pContext, /* Pointer to Fts5InsertCtx object */
+ int tflags,
+ const char *pToken, /* Buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStart, /* Start offset of token */
+ int iEnd /* End offset of token */
+){
+ Fts5IntegrityCtx *pCtx = (Fts5IntegrityCtx*)pContext;
+ if( (tflags & FTS5_TOKEN_COLOCATED)==0 || pCtx->szCol==0 ){
+ pCtx->szCol++;
+ }
+ pCtx->cksum ^= sqlite3Fts5IndexCksum(
+ pCtx->pConfig, pCtx->iRowid, pCtx->iCol, pCtx->szCol-1, pToken, nToken
+ );
+ return SQLITE_OK;
+}
+
+/*
+** Check that the contents of the FTS index match that of the %_content
+** table. Return SQLITE_OK if they do, or SQLITE_CORRUPT if not. Return
+** some other SQLite error code if an error occurs while attempting to
+** determine this.
+*/
+static int sqlite3Fts5StorageIntegrity(Fts5Storage *p){
+ Fts5Config *pConfig = p->pConfig;
+ int rc; /* Return code */
+ int *aColSize; /* Array of size pConfig->nCol */
+ i64 *aTotalSize; /* Array of size pConfig->nCol */
+ Fts5IntegrityCtx ctx;
+ sqlite3_stmt *pScan;
+
+ memset(&ctx, 0, sizeof(Fts5IntegrityCtx));
+ ctx.pConfig = p->pConfig;
+ aTotalSize = (i64*)sqlite3_malloc(pConfig->nCol * (sizeof(int)+sizeof(i64)));
+ if( !aTotalSize ) return SQLITE_NOMEM;
+ aColSize = (int*)&aTotalSize[pConfig->nCol];
+ memset(aTotalSize, 0, sizeof(i64) * pConfig->nCol);
+
+ /* Generate the expected index checksum based on the contents of the
+ ** %_content table. This block stores the checksum in ctx.cksum. */
+ rc = fts5StorageGetStmt(p, FTS5_STMT_SCAN, &pScan, 0);
+ if( rc==SQLITE_OK ){
+ int rc2;
+ while( SQLITE_ROW==sqlite3_step(pScan) ){
+ int i;
+ ctx.iRowid = sqlite3_column_int64(pScan, 0);
+ ctx.szCol = 0;
+ if( pConfig->bColumnsize ){
+ rc = sqlite3Fts5StorageDocsize(p, ctx.iRowid, aColSize);
+ }
+ for(i=0; rc==SQLITE_OK && i<pConfig->nCol; i++){
+ if( pConfig->abUnindexed[i] ) continue;
+ ctx.iCol = i;
+ ctx.szCol = 0;
+ rc = sqlite3Fts5Tokenize(pConfig,
+ FTS5_TOKENIZE_DOCUMENT,
+ (const char*)sqlite3_column_text(pScan, i+1),
+ sqlite3_column_bytes(pScan, i+1),
+ (void*)&ctx,
+ fts5StorageIntegrityCallback
+ );
+ if( pConfig->bColumnsize && ctx.szCol!=aColSize[i] ){
+ rc = FTS5_CORRUPT;
+ }
+ aTotalSize[i] += ctx.szCol;
+ }
+ if( rc!=SQLITE_OK ) break;
+ }
+ rc2 = sqlite3_reset(pScan);
+ if( rc==SQLITE_OK ) rc = rc2;
+ }
+
+ /* Test that the "totals" (sometimes called "averages") record looks Ok */
+ if( rc==SQLITE_OK ){
+ int i;
+ rc = fts5StorageLoadTotals(p, 0);
+ for(i=0; rc==SQLITE_OK && i<pConfig->nCol; i++){
+ if( p->aTotalSize[i]!=aTotalSize[i] ) rc = FTS5_CORRUPT;
+ }
+ }
+
+ /* Check that the %_docsize and %_content tables contain the expected
+ ** number of rows. */
+ if( rc==SQLITE_OK && pConfig->eContent==FTS5_CONTENT_NORMAL ){
+ i64 nRow = 0;
+ rc = fts5StorageCount(p, "content", &nRow);
+ if( rc==SQLITE_OK && nRow!=p->nTotalRow ) rc = FTS5_CORRUPT;
+ }
+ if( rc==SQLITE_OK && pConfig->bColumnsize ){
+ i64 nRow = 0;
+ rc = fts5StorageCount(p, "docsize", &nRow);
+ if( rc==SQLITE_OK && nRow!=p->nTotalRow ) rc = FTS5_CORRUPT;
+ }
+
+ /* Pass the expected checksum down to the FTS index module. It will
+ ** verify, amongst other things, that it matches the checksum generated by
+ ** inspecting the index itself. */
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexIntegrityCheck(p->pIndex, ctx.cksum);
+ }
+
+ sqlite3_free(aTotalSize);
+ return rc;
+}
+
+/*
+** Obtain an SQLite statement handle that may be used to read data from the
+** %_content table.
+*/
+static int sqlite3Fts5StorageStmt(
+ Fts5Storage *p,
+ int eStmt,
+ sqlite3_stmt **pp,
+ char **pzErrMsg
+){
+ int rc;
+ assert( eStmt==FTS5_STMT_SCAN_ASC
+ || eStmt==FTS5_STMT_SCAN_DESC
+ || eStmt==FTS5_STMT_LOOKUP
+ );
+ rc = fts5StorageGetStmt(p, eStmt, pp, pzErrMsg);
+ if( rc==SQLITE_OK ){
+ assert( p->aStmt[eStmt]==*pp );
+ p->aStmt[eStmt] = 0;
+ }
+ return rc;
+}
+
+/*
+** Release an SQLite statement handle obtained via an earlier call to
+** sqlite3Fts5StorageStmt(). The eStmt parameter passed to this function
+** must match that passed to the sqlite3Fts5StorageStmt() call.
+*/
+static void sqlite3Fts5StorageStmtRelease(
+ Fts5Storage *p,
+ int eStmt,
+ sqlite3_stmt *pStmt
+){
+ assert( eStmt==FTS5_STMT_SCAN_ASC
+ || eStmt==FTS5_STMT_SCAN_DESC
+ || eStmt==FTS5_STMT_LOOKUP
+ );
+ if( p->aStmt[eStmt]==0 ){
+ sqlite3_reset(pStmt);
+ p->aStmt[eStmt] = pStmt;
+ }else{
+ sqlite3_finalize(pStmt);
+ }
+}
+
+static int fts5StorageDecodeSizeArray(
+ int *aCol, int nCol, /* Array to populate */
+ const u8 *aBlob, int nBlob /* Record to read varints from */
+){
+ int i;
+ int iOff = 0;
+ for(i=0; i<nCol; i++){
+ if( iOff>=nBlob ) return 1;
+ iOff += fts5GetVarint32(&aBlob[iOff], aCol[i]);
+ }
+ return (iOff!=nBlob);
+}
+
+/*
+** Argument aCol points to an array of integers containing one entry for
+** each table column. This function reads the %_docsize record for the
+** specified rowid and populates aCol[] with the results.
+**
+** An SQLite error code is returned if an error occurs, or SQLITE_OK
+** otherwise.
+*/
+static int sqlite3Fts5StorageDocsize(Fts5Storage *p, i64 iRowid, int *aCol){
+ int nCol = p->pConfig->nCol; /* Number of user columns in table */
+ sqlite3_stmt *pLookup = 0; /* Statement to query %_docsize */
+ int rc; /* Return Code */
+
+ assert( p->pConfig->bColumnsize );
+ rc = fts5StorageGetStmt(p, FTS5_STMT_LOOKUP_DOCSIZE, &pLookup, 0);
+ if( rc==SQLITE_OK ){
+ int bCorrupt = 1;
+ sqlite3_bind_int64(pLookup, 1, iRowid);
+ if( SQLITE_ROW==sqlite3_step(pLookup) ){
+ const u8 *aBlob = sqlite3_column_blob(pLookup, 0);
+ int nBlob = sqlite3_column_bytes(pLookup, 0);
+ if( 0==fts5StorageDecodeSizeArray(aCol, nCol, aBlob, nBlob) ){
+ bCorrupt = 0;
+ }
+ }
+ rc = sqlite3_reset(pLookup);
+ if( bCorrupt && rc==SQLITE_OK ){
+ rc = FTS5_CORRUPT;
+ }
+ }
+
+ return rc;
+}
+
+static int sqlite3Fts5StorageSize(Fts5Storage *p, int iCol, i64 *pnToken){
+ int rc = fts5StorageLoadTotals(p, 0);
+ if( rc==SQLITE_OK ){
+ *pnToken = 0;
+ if( iCol<0 ){
+ int i;
+ for(i=0; i<p->pConfig->nCol; i++){
+ *pnToken += p->aTotalSize[i];
+ }
+ }else if( iCol<p->pConfig->nCol ){
+ *pnToken = p->aTotalSize[iCol];
+ }else{
+ rc = SQLITE_RANGE;
+ }
+ }
+ return rc;
+}
+
+static int sqlite3Fts5StorageRowCount(Fts5Storage *p, i64 *pnRow){
+ int rc = fts5StorageLoadTotals(p, 0);
+ if( rc==SQLITE_OK ){
+ *pnRow = p->nTotalRow;
+ }
+ return rc;
+}
+
+/*
+** Flush any data currently held in-memory to disk.
+*/
+static int sqlite3Fts5StorageSync(Fts5Storage *p, int bCommit){
+ if( bCommit && p->bTotalsValid ){
+ int rc = fts5StorageSaveTotals(p);
+ p->bTotalsValid = 0;
+ if( rc!=SQLITE_OK ) return rc;
+ }
+ return sqlite3Fts5IndexSync(p->pIndex, bCommit);
+}
+
+static int sqlite3Fts5StorageRollback(Fts5Storage *p){
+ p->bTotalsValid = 0;
+ return sqlite3Fts5IndexRollback(p->pIndex);
+}
+
+static int sqlite3Fts5StorageConfigValue(
+ Fts5Storage *p,
+ const char *z,
+ sqlite3_value *pVal,
+ int iVal
+){
+ sqlite3_stmt *pReplace = 0;
+ int rc = fts5StorageGetStmt(p, FTS5_STMT_REPLACE_CONFIG, &pReplace, 0);
+ if( rc==SQLITE_OK ){
+ sqlite3_bind_text(pReplace, 1, z, -1, SQLITE_STATIC);
+ if( pVal ){
+ sqlite3_bind_value(pReplace, 2, pVal);
+ }else{
+ sqlite3_bind_int(pReplace, 2, iVal);
+ }
+ sqlite3_step(pReplace);
+ rc = sqlite3_reset(pReplace);
+ }
+ if( rc==SQLITE_OK && pVal ){
+ int iNew = p->pConfig->iCookie + 1;
+ rc = sqlite3Fts5IndexSetCookie(p->pIndex, iNew);
+ if( rc==SQLITE_OK ){
+ p->pConfig->iCookie = iNew;
+ }
+ }
+ return rc;
+}
+
+
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+*/
+
+
+/* #include "fts5Int.h" */
+
+/**************************************************************************
+** Start of ascii tokenizer implementation.
+*/
+
+/*
+** For tokenizers with no "unicode" modifier, the set of token characters
+** is the same as the set of ASCII range alphanumeric characters.
+*/
+static unsigned char aAsciiTokenChar[128] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x00..0x0F */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x10..0x1F */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x20..0x2F */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, /* 0x30..0x3F */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 0x40..0x4F */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, /* 0x50..0x5F */
+ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 0x60..0x6F */
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, /* 0x70..0x7F */
+};
+
+typedef struct AsciiTokenizer AsciiTokenizer;
+struct AsciiTokenizer {
+ unsigned char aTokenChar[128];
+};
+
+static void fts5AsciiAddExceptions(
+ AsciiTokenizer *p,
+ const char *zArg,
+ int bTokenChars
+){
+ int i;
+ for(i=0; zArg[i]; i++){
+ if( (zArg[i] & 0x80)==0 ){
+ p->aTokenChar[(int)zArg[i]] = (unsigned char)bTokenChars;
+ }
+ }
+}
+
+/*
+** Delete a "ascii" tokenizer.
+*/
+static void fts5AsciiDelete(Fts5Tokenizer *p){
+ sqlite3_free(p);
+}
+
+/*
+** Create an "ascii" tokenizer.
+*/
+static int fts5AsciiCreate(
+ void *pCtx,
+ const char **azArg, int nArg,
+ Fts5Tokenizer **ppOut
+){
+ int rc = SQLITE_OK;
+ AsciiTokenizer *p = 0;
+ if( nArg%2 ){
+ rc = SQLITE_ERROR;
+ }else{
+ p = sqlite3_malloc(sizeof(AsciiTokenizer));
+ if( p==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ int i;
+ memset(p, 0, sizeof(AsciiTokenizer));
+ memcpy(p->aTokenChar, aAsciiTokenChar, sizeof(aAsciiTokenChar));
+ for(i=0; rc==SQLITE_OK && i<nArg; i+=2){
+ const char *zArg = azArg[i+1];
+ if( 0==sqlite3_stricmp(azArg[i], "tokenchars") ){
+ fts5AsciiAddExceptions(p, zArg, 1);
+ }else
+ if( 0==sqlite3_stricmp(azArg[i], "separators") ){
+ fts5AsciiAddExceptions(p, zArg, 0);
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ }
+ if( rc!=SQLITE_OK ){
+ fts5AsciiDelete((Fts5Tokenizer*)p);
+ p = 0;
+ }
+ }
+ }
+
+ *ppOut = (Fts5Tokenizer*)p;
+ return rc;
+}
+
+
+static void asciiFold(char *aOut, const char *aIn, int nByte){
+ int i;
+ for(i=0; i<nByte; i++){
+ char c = aIn[i];
+ if( c>='A' && c<='Z' ) c += 32;
+ aOut[i] = c;
+ }
+}
+
+/*
+** Tokenize some text using the ascii tokenizer.
+*/
+static int fts5AsciiTokenize(
+ Fts5Tokenizer *pTokenizer,
+ void *pCtx,
+ int flags,
+ const char *pText, int nText,
+ int (*xToken)(void*, int, const char*, int nToken, int iStart, int iEnd)
+){
+ AsciiTokenizer *p = (AsciiTokenizer*)pTokenizer;
+ int rc = SQLITE_OK;
+ int ie;
+ int is = 0;
+
+ char aFold[64];
+ int nFold = sizeof(aFold);
+ char *pFold = aFold;
+ unsigned char *a = p->aTokenChar;
+
+ while( is<nText && rc==SQLITE_OK ){
+ int nByte;
+
+ /* Skip any leading divider characters. */
+ while( is<nText && ((pText[is]&0x80)==0 && a[(int)pText[is]]==0) ){
+ is++;
+ }
+ if( is==nText ) break;
+
+ /* Count the token characters */
+ ie = is+1;
+ while( ie<nText && ((pText[ie]&0x80) || a[(int)pText[ie]] ) ){
+ ie++;
+ }
+
+ /* Fold to lower case */
+ nByte = ie-is;
+ if( nByte>nFold ){
+ if( pFold!=aFold ) sqlite3_free(pFold);
+ pFold = sqlite3_malloc(nByte*2);
+ if( pFold==0 ){
+ rc = SQLITE_NOMEM;
+ break;
+ }
+ nFold = nByte*2;
+ }
+ asciiFold(pFold, &pText[is], nByte);
+
+ /* Invoke the token callback */
+ rc = xToken(pCtx, 0, pFold, nByte, is, ie);
+ is = ie+1;
+ }
+
+ if( pFold!=aFold ) sqlite3_free(pFold);
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ return rc;
+}
+
+/**************************************************************************
+** Start of unicode61 tokenizer implementation.
+*/
+
+
+/*
+** The following two macros - READ_UTF8 and WRITE_UTF8 - have been copied
+** from the sqlite3 source file utf.c. If this file is compiled as part
+** of the amalgamation, they are not required.
+*/
+#ifndef SQLITE_AMALGAMATION
+
+static const unsigned char sqlite3Utf8Trans1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x00, 0x01, 0x00, 0x00,
+};
+
+#define READ_UTF8(zIn, zTerm, c) \
+ c = *(zIn++); \
+ if( c>=0xc0 ){ \
+ c = sqlite3Utf8Trans1[c-0xc0]; \
+ while( zIn!=zTerm && (*zIn & 0xc0)==0x80 ){ \
+ c = (c<<6) + (0x3f & *(zIn++)); \
+ } \
+ if( c<0x80 \
+ || (c&0xFFFFF800)==0xD800 \
+ || (c&0xFFFFFFFE)==0xFFFE ){ c = 0xFFFD; } \
+ }
+
+
+#define WRITE_UTF8(zOut, c) { \
+ if( c<0x00080 ){ \
+ *zOut++ = (unsigned char)(c&0xFF); \
+ } \
+ else if( c<0x00800 ){ \
+ *zOut++ = 0xC0 + (unsigned char)((c>>6)&0x1F); \
+ *zOut++ = 0x80 + (unsigned char)(c & 0x3F); \
+ } \
+ else if( c<0x10000 ){ \
+ *zOut++ = 0xE0 + (unsigned char)((c>>12)&0x0F); \
+ *zOut++ = 0x80 + (unsigned char)((c>>6) & 0x3F); \
+ *zOut++ = 0x80 + (unsigned char)(c & 0x3F); \
+ }else{ \
+ *zOut++ = 0xF0 + (unsigned char)((c>>18) & 0x07); \
+ *zOut++ = 0x80 + (unsigned char)((c>>12) & 0x3F); \
+ *zOut++ = 0x80 + (unsigned char)((c>>6) & 0x3F); \
+ *zOut++ = 0x80 + (unsigned char)(c & 0x3F); \
+ } \
+}
+
+#endif /* ifndef SQLITE_AMALGAMATION */
+
+typedef struct Unicode61Tokenizer Unicode61Tokenizer;
+struct Unicode61Tokenizer {
+ unsigned char aTokenChar[128]; /* ASCII range token characters */
+ char *aFold; /* Buffer to fold text into */
+ int nFold; /* Size of aFold[] in bytes */
+ int bRemoveDiacritic; /* True if remove_diacritics=1 is set */
+ int nException;
+ int *aiException;
+};
+
+static int fts5UnicodeAddExceptions(
+ Unicode61Tokenizer *p, /* Tokenizer object */
+ const char *z, /* Characters to treat as exceptions */
+ int bTokenChars /* 1 for 'tokenchars', 0 for 'separators' */
+){
+ int rc = SQLITE_OK;
+ int n = (int)strlen(z);
+ int *aNew;
+
+ if( n>0 ){
+ aNew = (int*)sqlite3_realloc(p->aiException, (n+p->nException)*sizeof(int));
+ if( aNew ){
+ int nNew = p->nException;
+ const unsigned char *zCsr = (const unsigned char*)z;
+ const unsigned char *zTerm = (const unsigned char*)&z[n];
+ while( zCsr<zTerm ){
+ int iCode;
+ int bToken;
+ READ_UTF8(zCsr, zTerm, iCode);
+ if( iCode<128 ){
+ p->aTokenChar[iCode] = (unsigned char)bTokenChars;
+ }else{
+ bToken = sqlite3Fts5UnicodeIsalnum(iCode);
+ assert( (bToken==0 || bToken==1) );
+ assert( (bTokenChars==0 || bTokenChars==1) );
+ if( bToken!=bTokenChars && sqlite3Fts5UnicodeIsdiacritic(iCode)==0 ){
+ int i;
+ for(i=0; i<nNew; i++){
+ if( aNew[i]>iCode ) break;
+ }
+ memmove(&aNew[i+1], &aNew[i], (nNew-i)*sizeof(int));
+ aNew[i] = iCode;
+ nNew++;
+ }
+ }
+ }
+ p->aiException = aNew;
+ p->nException = nNew;
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ }
+
+ return rc;
+}
+
+/*
+** Return true if the p->aiException[] array contains the value iCode.
+*/
+static int fts5UnicodeIsException(Unicode61Tokenizer *p, int iCode){
+ if( p->nException>0 ){
+ int *a = p->aiException;
+ int iLo = 0;
+ int iHi = p->nException-1;
+
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ if( iCode==a[iTest] ){
+ return 1;
+ }else if( iCode>a[iTest] ){
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ }
+
+ return 0;
+}
+
+/*
+** Delete a "unicode61" tokenizer.
+*/
+static void fts5UnicodeDelete(Fts5Tokenizer *pTok){
+ if( pTok ){
+ Unicode61Tokenizer *p = (Unicode61Tokenizer*)pTok;
+ sqlite3_free(p->aiException);
+ sqlite3_free(p->aFold);
+ sqlite3_free(p);
+ }
+ return;
+}
+
+/*
+** Create a "unicode61" tokenizer.
+*/
+static int fts5UnicodeCreate(
+ void *pCtx,
+ const char **azArg, int nArg,
+ Fts5Tokenizer **ppOut
+){
+ int rc = SQLITE_OK; /* Return code */
+ Unicode61Tokenizer *p = 0; /* New tokenizer object */
+
+ if( nArg%2 ){
+ rc = SQLITE_ERROR;
+ }else{
+ p = (Unicode61Tokenizer*)sqlite3_malloc(sizeof(Unicode61Tokenizer));
+ if( p ){
+ int i;
+ memset(p, 0, sizeof(Unicode61Tokenizer));
+ memcpy(p->aTokenChar, aAsciiTokenChar, sizeof(aAsciiTokenChar));
+ p->bRemoveDiacritic = 1;
+ p->nFold = 64;
+ p->aFold = sqlite3_malloc(p->nFold * sizeof(char));
+ if( p->aFold==0 ){
+ rc = SQLITE_NOMEM;
+ }
+ for(i=0; rc==SQLITE_OK && i<nArg; i+=2){
+ const char *zArg = azArg[i+1];
+ if( 0==sqlite3_stricmp(azArg[i], "remove_diacritics") ){
+ if( (zArg[0]!='0' && zArg[0]!='1') || zArg[1] ){
+ rc = SQLITE_ERROR;
+ }
+ p->bRemoveDiacritic = (zArg[0]=='1');
+ }else
+ if( 0==sqlite3_stricmp(azArg[i], "tokenchars") ){
+ rc = fts5UnicodeAddExceptions(p, zArg, 1);
+ }else
+ if( 0==sqlite3_stricmp(azArg[i], "separators") ){
+ rc = fts5UnicodeAddExceptions(p, zArg, 0);
+ }else{
+ rc = SQLITE_ERROR;
+ }
+ }
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ if( rc!=SQLITE_OK ){
+ fts5UnicodeDelete((Fts5Tokenizer*)p);
+ p = 0;
+ }
+ *ppOut = (Fts5Tokenizer*)p;
+ }
+ return rc;
+}
+
+/*
+** Return true if, for the purposes of tokenizing with the tokenizer
+** passed as the first argument, codepoint iCode is considered a token
+** character (not a separator).
+*/
+static int fts5UnicodeIsAlnum(Unicode61Tokenizer *p, int iCode){
+ assert( (sqlite3Fts5UnicodeIsalnum(iCode) & 0xFFFFFFFE)==0 );
+ return sqlite3Fts5UnicodeIsalnum(iCode) ^ fts5UnicodeIsException(p, iCode);
+}
+
+static int fts5UnicodeTokenize(
+ Fts5Tokenizer *pTokenizer,
+ void *pCtx,
+ int flags,
+ const char *pText, int nText,
+ int (*xToken)(void*, int, const char*, int nToken, int iStart, int iEnd)
+){
+ Unicode61Tokenizer *p = (Unicode61Tokenizer*)pTokenizer;
+ int rc = SQLITE_OK;
+ unsigned char *a = p->aTokenChar;
+
+ unsigned char *zTerm = (unsigned char*)&pText[nText];
+ unsigned char *zCsr = (unsigned char *)pText;
+
+ /* Output buffer */
+ char *aFold = p->aFold;
+ int nFold = p->nFold;
+ const char *pEnd = &aFold[nFold-6];
+
+ /* Each iteration of this loop gobbles up a contiguous run of separators,
+ ** then the next token. */
+ while( rc==SQLITE_OK ){
+ int iCode; /* non-ASCII codepoint read from input */
+ char *zOut = aFold;
+ int is;
+ int ie;
+
+ /* Skip any separator characters. */
+ while( 1 ){
+ if( zCsr>=zTerm ) goto tokenize_done;
+ if( *zCsr & 0x80 ) {
+ /* A character outside of the ascii range. Skip past it if it is
+ ** a separator character. Or break out of the loop if it is not. */
+ is = zCsr - (unsigned char*)pText;
+ READ_UTF8(zCsr, zTerm, iCode);
+ if( fts5UnicodeIsAlnum(p, iCode) ){
+ goto non_ascii_tokenchar;
+ }
+ }else{
+ if( a[*zCsr] ){
+ is = zCsr - (unsigned char*)pText;
+ goto ascii_tokenchar;
+ }
+ zCsr++;
+ }
+ }
+
+ /* Run through the tokenchars. Fold them into the output buffer along
+ ** the way. */
+ while( zCsr<zTerm ){
+
+ /* Grow the output buffer so that there is sufficient space to fit the
+ ** largest possible utf-8 character. */
+ if( zOut>pEnd ){
+ aFold = sqlite3_malloc(nFold*2);
+ if( aFold==0 ){
+ rc = SQLITE_NOMEM;
+ goto tokenize_done;
+ }
+ zOut = &aFold[zOut - p->aFold];
+ memcpy(aFold, p->aFold, nFold);
+ sqlite3_free(p->aFold);
+ p->aFold = aFold;
+ p->nFold = nFold = nFold*2;
+ pEnd = &aFold[nFold-6];
+ }
+
+ if( *zCsr & 0x80 ){
+ /* An non-ascii-range character. Fold it into the output buffer if
+ ** it is a token character, or break out of the loop if it is not. */
+ READ_UTF8(zCsr, zTerm, iCode);
+ if( fts5UnicodeIsAlnum(p,iCode)||sqlite3Fts5UnicodeIsdiacritic(iCode) ){
+ non_ascii_tokenchar:
+ iCode = sqlite3Fts5UnicodeFold(iCode, p->bRemoveDiacritic);
+ if( iCode ) WRITE_UTF8(zOut, iCode);
+ }else{
+ break;
+ }
+ }else if( a[*zCsr]==0 ){
+ /* An ascii-range separator character. End of token. */
+ break;
+ }else{
+ ascii_tokenchar:
+ if( *zCsr>='A' && *zCsr<='Z' ){
+ *zOut++ = *zCsr + 32;
+ }else{
+ *zOut++ = *zCsr;
+ }
+ zCsr++;
+ }
+ ie = zCsr - (unsigned char*)pText;
+ }
+
+ /* Invoke the token callback */
+ rc = xToken(pCtx, 0, aFold, zOut-aFold, is, ie);
+ }
+
+ tokenize_done:
+ if( rc==SQLITE_DONE ) rc = SQLITE_OK;
+ return rc;
+}
+
+/**************************************************************************
+** Start of porter stemmer implementation.
+*/
+
+/* Any tokens larger than this (in bytes) are passed through without
+** stemming. */
+#define FTS5_PORTER_MAX_TOKEN 64
+
+typedef struct PorterTokenizer PorterTokenizer;
+struct PorterTokenizer {
+ fts5_tokenizer tokenizer; /* Parent tokenizer module */
+ Fts5Tokenizer *pTokenizer; /* Parent tokenizer instance */
+ char aBuf[FTS5_PORTER_MAX_TOKEN + 64];
+};
+
+/*
+** Delete a "porter" tokenizer.
+*/
+static void fts5PorterDelete(Fts5Tokenizer *pTok){
+ if( pTok ){
+ PorterTokenizer *p = (PorterTokenizer*)pTok;
+ if( p->pTokenizer ){
+ p->tokenizer.xDelete(p->pTokenizer);
+ }
+ sqlite3_free(p);
+ }
+}
+
+/*
+** Create a "porter" tokenizer.
+*/
+static int fts5PorterCreate(
+ void *pCtx,
+ const char **azArg, int nArg,
+ Fts5Tokenizer **ppOut
+){
+ fts5_api *pApi = (fts5_api*)pCtx;
+ int rc = SQLITE_OK;
+ PorterTokenizer *pRet;
+ void *pUserdata = 0;
+ const char *zBase = "unicode61";
+
+ if( nArg>0 ){
+ zBase = azArg[0];
+ }
+
+ pRet = (PorterTokenizer*)sqlite3_malloc(sizeof(PorterTokenizer));
+ if( pRet ){
+ memset(pRet, 0, sizeof(PorterTokenizer));
+ rc = pApi->xFindTokenizer(pApi, zBase, &pUserdata, &pRet->tokenizer);
+ }else{
+ rc = SQLITE_NOMEM;
+ }
+ if( rc==SQLITE_OK ){
+ int nArg2 = (nArg>0 ? nArg-1 : 0);
+ const char **azArg2 = (nArg2 ? &azArg[1] : 0);
+ rc = pRet->tokenizer.xCreate(pUserdata, azArg2, nArg2, &pRet->pTokenizer);
+ }
+
+ if( rc!=SQLITE_OK ){
+ fts5PorterDelete((Fts5Tokenizer*)pRet);
+ pRet = 0;
+ }
+ *ppOut = (Fts5Tokenizer*)pRet;
+ return rc;
+}
+
+typedef struct PorterContext PorterContext;
+struct PorterContext {
+ void *pCtx;
+ int (*xToken)(void*, int, const char*, int, int, int);
+ char *aBuf;
+};
+
+typedef struct PorterRule PorterRule;
+struct PorterRule {
+ const char *zSuffix;
+ int nSuffix;
+ int (*xCond)(char *zStem, int nStem);
+ const char *zOutput;
+ int nOutput;
+};
+
+#if 0
+static int fts5PorterApply(char *aBuf, int *pnBuf, PorterRule *aRule){
+ int ret = -1;
+ int nBuf = *pnBuf;
+ PorterRule *p;
+
+ for(p=aRule; p->zSuffix; p++){
+ assert( strlen(p->zSuffix)==p->nSuffix );
+ assert( strlen(p->zOutput)==p->nOutput );
+ if( nBuf<p->nSuffix ) continue;
+ if( 0==memcmp(&aBuf[nBuf - p->nSuffix], p->zSuffix, p->nSuffix) ) break;
+ }
+
+ if( p->zSuffix ){
+ int nStem = nBuf - p->nSuffix;
+ if( p->xCond==0 || p->xCond(aBuf, nStem) ){
+ memcpy(&aBuf[nStem], p->zOutput, p->nOutput);
+ *pnBuf = nStem + p->nOutput;
+ ret = p - aRule;
+ }
+ }
+
+ return ret;
+}
+#endif
+
+static int fts5PorterIsVowel(char c, int bYIsVowel){
+ return (
+ c=='a' || c=='e' || c=='i' || c=='o' || c=='u' || (bYIsVowel && c=='y')
+ );
+}
+
+static int fts5PorterGobbleVC(char *zStem, int nStem, int bPrevCons){
+ int i;
+ int bCons = bPrevCons;
+
+ /* Scan for a vowel */
+ for(i=0; i<nStem; i++){
+ if( 0==(bCons = !fts5PorterIsVowel(zStem[i], bCons)) ) break;
+ }
+
+ /* Scan for a consonent */
+ for(i++; i<nStem; i++){
+ if( (bCons = !fts5PorterIsVowel(zStem[i], bCons)) ) return i+1;
+ }
+ return 0;
+}
+
+/* porter rule condition: (m > 0) */
+static int fts5Porter_MGt0(char *zStem, int nStem){
+ return !!fts5PorterGobbleVC(zStem, nStem, 0);
+}
+
+/* porter rule condition: (m > 1) */
+static int fts5Porter_MGt1(char *zStem, int nStem){
+ int n;
+ n = fts5PorterGobbleVC(zStem, nStem, 0);
+ if( n && fts5PorterGobbleVC(&zStem[n], nStem-n, 1) ){
+ return 1;
+ }
+ return 0;
+}
+
+/* porter rule condition: (m = 1) */
+static int fts5Porter_MEq1(char *zStem, int nStem){
+ int n;
+ n = fts5PorterGobbleVC(zStem, nStem, 0);
+ if( n && 0==fts5PorterGobbleVC(&zStem[n], nStem-n, 1) ){
+ return 1;
+ }
+ return 0;
+}
+
+/* porter rule condition: (*o) */
+static int fts5Porter_Ostar(char *zStem, int nStem){
+ if( zStem[nStem-1]=='w' || zStem[nStem-1]=='x' || zStem[nStem-1]=='y' ){
+ return 0;
+ }else{
+ int i;
+ int mask = 0;
+ int bCons = 0;
+ for(i=0; i<nStem; i++){
+ bCons = !fts5PorterIsVowel(zStem[i], bCons);
+ assert( bCons==0 || bCons==1 );
+ mask = (mask << 1) + bCons;
+ }
+ return ((mask & 0x0007)==0x0005);
+ }
+}
+
+/* porter rule condition: (m > 1 and (*S or *T)) */
+static int fts5Porter_MGt1_and_S_or_T(char *zStem, int nStem){
+ assert( nStem>0 );
+ return (zStem[nStem-1]=='s' || zStem[nStem-1]=='t')
+ && fts5Porter_MGt1(zStem, nStem);
+}
+
+/* porter rule condition: (*v*) */
+static int fts5Porter_Vowel(char *zStem, int nStem){
+ int i;
+ for(i=0; i<nStem; i++){
+ if( fts5PorterIsVowel(zStem[i], i>0) ){
+ return 1;
+ }
+ }
+ return 0;
+}
+
+
+/**************************************************************************
+***************************************************************************
+** GENERATED CODE STARTS HERE (mkportersteps.tcl)
+*/
+
+static int fts5PorterStep4(char *aBuf, int *pnBuf){
+ int ret = 0;
+ int nBuf = *pnBuf;
+ switch( aBuf[nBuf-2] ){
+
+ case 'a':
+ if( nBuf>2 && 0==memcmp("al", &aBuf[nBuf-2], 2) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-2) ){
+ *pnBuf = nBuf - 2;
+ }
+ }
+ break;
+
+ case 'c':
+ if( nBuf>4 && 0==memcmp("ance", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-4) ){
+ *pnBuf = nBuf - 4;
+ }
+ }else if( nBuf>4 && 0==memcmp("ence", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-4) ){
+ *pnBuf = nBuf - 4;
+ }
+ }
+ break;
+
+ case 'e':
+ if( nBuf>2 && 0==memcmp("er", &aBuf[nBuf-2], 2) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-2) ){
+ *pnBuf = nBuf - 2;
+ }
+ }
+ break;
+
+ case 'i':
+ if( nBuf>2 && 0==memcmp("ic", &aBuf[nBuf-2], 2) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-2) ){
+ *pnBuf = nBuf - 2;
+ }
+ }
+ break;
+
+ case 'l':
+ if( nBuf>4 && 0==memcmp("able", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-4) ){
+ *pnBuf = nBuf - 4;
+ }
+ }else if( nBuf>4 && 0==memcmp("ible", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-4) ){
+ *pnBuf = nBuf - 4;
+ }
+ }
+ break;
+
+ case 'n':
+ if( nBuf>3 && 0==memcmp("ant", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }else if( nBuf>5 && 0==memcmp("ement", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-5) ){
+ *pnBuf = nBuf - 5;
+ }
+ }else if( nBuf>4 && 0==memcmp("ment", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-4) ){
+ *pnBuf = nBuf - 4;
+ }
+ }else if( nBuf>3 && 0==memcmp("ent", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ case 'o':
+ if( nBuf>3 && 0==memcmp("ion", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1_and_S_or_T(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }else if( nBuf>2 && 0==memcmp("ou", &aBuf[nBuf-2], 2) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-2) ){
+ *pnBuf = nBuf - 2;
+ }
+ }
+ break;
+
+ case 's':
+ if( nBuf>3 && 0==memcmp("ism", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ case 't':
+ if( nBuf>3 && 0==memcmp("ate", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }else if( nBuf>3 && 0==memcmp("iti", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ case 'u':
+ if( nBuf>3 && 0==memcmp("ous", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ case 'v':
+ if( nBuf>3 && 0==memcmp("ive", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ case 'z':
+ if( nBuf>3 && 0==memcmp("ize", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt1(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ }
+ return ret;
+}
+
+
+static int fts5PorterStep1B2(char *aBuf, int *pnBuf){
+ int ret = 0;
+ int nBuf = *pnBuf;
+ switch( aBuf[nBuf-2] ){
+
+ case 'a':
+ if( nBuf>2 && 0==memcmp("at", &aBuf[nBuf-2], 2) ){
+ memcpy(&aBuf[nBuf-2], "ate", 3);
+ *pnBuf = nBuf - 2 + 3;
+ ret = 1;
+ }
+ break;
+
+ case 'b':
+ if( nBuf>2 && 0==memcmp("bl", &aBuf[nBuf-2], 2) ){
+ memcpy(&aBuf[nBuf-2], "ble", 3);
+ *pnBuf = nBuf - 2 + 3;
+ ret = 1;
+ }
+ break;
+
+ case 'i':
+ if( nBuf>2 && 0==memcmp("iz", &aBuf[nBuf-2], 2) ){
+ memcpy(&aBuf[nBuf-2], "ize", 3);
+ *pnBuf = nBuf - 2 + 3;
+ ret = 1;
+ }
+ break;
+
+ }
+ return ret;
+}
+
+
+static int fts5PorterStep2(char *aBuf, int *pnBuf){
+ int ret = 0;
+ int nBuf = *pnBuf;
+ switch( aBuf[nBuf-2] ){
+
+ case 'a':
+ if( nBuf>7 && 0==memcmp("ational", &aBuf[nBuf-7], 7) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-7) ){
+ memcpy(&aBuf[nBuf-7], "ate", 3);
+ *pnBuf = nBuf - 7 + 3;
+ }
+ }else if( nBuf>6 && 0==memcmp("tional", &aBuf[nBuf-6], 6) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-6) ){
+ memcpy(&aBuf[nBuf-6], "tion", 4);
+ *pnBuf = nBuf - 6 + 4;
+ }
+ }
+ break;
+
+ case 'c':
+ if( nBuf>4 && 0==memcmp("enci", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "ence", 4);
+ *pnBuf = nBuf - 4 + 4;
+ }
+ }else if( nBuf>4 && 0==memcmp("anci", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "ance", 4);
+ *pnBuf = nBuf - 4 + 4;
+ }
+ }
+ break;
+
+ case 'e':
+ if( nBuf>4 && 0==memcmp("izer", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "ize", 3);
+ *pnBuf = nBuf - 4 + 3;
+ }
+ }
+ break;
+
+ case 'g':
+ if( nBuf>4 && 0==memcmp("logi", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "log", 3);
+ *pnBuf = nBuf - 4 + 3;
+ }
+ }
+ break;
+
+ case 'l':
+ if( nBuf>3 && 0==memcmp("bli", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-3) ){
+ memcpy(&aBuf[nBuf-3], "ble", 3);
+ *pnBuf = nBuf - 3 + 3;
+ }
+ }else if( nBuf>4 && 0==memcmp("alli", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "al", 2);
+ *pnBuf = nBuf - 4 + 2;
+ }
+ }else if( nBuf>5 && 0==memcmp("entli", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "ent", 3);
+ *pnBuf = nBuf - 5 + 3;
+ }
+ }else if( nBuf>3 && 0==memcmp("eli", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-3) ){
+ memcpy(&aBuf[nBuf-3], "e", 1);
+ *pnBuf = nBuf - 3 + 1;
+ }
+ }else if( nBuf>5 && 0==memcmp("ousli", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "ous", 3);
+ *pnBuf = nBuf - 5 + 3;
+ }
+ }
+ break;
+
+ case 'o':
+ if( nBuf>7 && 0==memcmp("ization", &aBuf[nBuf-7], 7) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-7) ){
+ memcpy(&aBuf[nBuf-7], "ize", 3);
+ *pnBuf = nBuf - 7 + 3;
+ }
+ }else if( nBuf>5 && 0==memcmp("ation", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "ate", 3);
+ *pnBuf = nBuf - 5 + 3;
+ }
+ }else if( nBuf>4 && 0==memcmp("ator", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "ate", 3);
+ *pnBuf = nBuf - 4 + 3;
+ }
+ }
+ break;
+
+ case 's':
+ if( nBuf>5 && 0==memcmp("alism", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "al", 2);
+ *pnBuf = nBuf - 5 + 2;
+ }
+ }else if( nBuf>7 && 0==memcmp("iveness", &aBuf[nBuf-7], 7) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-7) ){
+ memcpy(&aBuf[nBuf-7], "ive", 3);
+ *pnBuf = nBuf - 7 + 3;
+ }
+ }else if( nBuf>7 && 0==memcmp("fulness", &aBuf[nBuf-7], 7) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-7) ){
+ memcpy(&aBuf[nBuf-7], "ful", 3);
+ *pnBuf = nBuf - 7 + 3;
+ }
+ }else if( nBuf>7 && 0==memcmp("ousness", &aBuf[nBuf-7], 7) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-7) ){
+ memcpy(&aBuf[nBuf-7], "ous", 3);
+ *pnBuf = nBuf - 7 + 3;
+ }
+ }
+ break;
+
+ case 't':
+ if( nBuf>5 && 0==memcmp("aliti", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "al", 2);
+ *pnBuf = nBuf - 5 + 2;
+ }
+ }else if( nBuf>5 && 0==memcmp("iviti", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "ive", 3);
+ *pnBuf = nBuf - 5 + 3;
+ }
+ }else if( nBuf>6 && 0==memcmp("biliti", &aBuf[nBuf-6], 6) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-6) ){
+ memcpy(&aBuf[nBuf-6], "ble", 3);
+ *pnBuf = nBuf - 6 + 3;
+ }
+ }
+ break;
+
+ }
+ return ret;
+}
+
+
+static int fts5PorterStep3(char *aBuf, int *pnBuf){
+ int ret = 0;
+ int nBuf = *pnBuf;
+ switch( aBuf[nBuf-2] ){
+
+ case 'a':
+ if( nBuf>4 && 0==memcmp("ical", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ memcpy(&aBuf[nBuf-4], "ic", 2);
+ *pnBuf = nBuf - 4 + 2;
+ }
+ }
+ break;
+
+ case 's':
+ if( nBuf>4 && 0==memcmp("ness", &aBuf[nBuf-4], 4) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-4) ){
+ *pnBuf = nBuf - 4;
+ }
+ }
+ break;
+
+ case 't':
+ if( nBuf>5 && 0==memcmp("icate", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "ic", 2);
+ *pnBuf = nBuf - 5 + 2;
+ }
+ }else if( nBuf>5 && 0==memcmp("iciti", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "ic", 2);
+ *pnBuf = nBuf - 5 + 2;
+ }
+ }
+ break;
+
+ case 'u':
+ if( nBuf>3 && 0==memcmp("ful", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ }
+ }
+ break;
+
+ case 'v':
+ if( nBuf>5 && 0==memcmp("ative", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ *pnBuf = nBuf - 5;
+ }
+ }
+ break;
+
+ case 'z':
+ if( nBuf>5 && 0==memcmp("alize", &aBuf[nBuf-5], 5) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-5) ){
+ memcpy(&aBuf[nBuf-5], "al", 2);
+ *pnBuf = nBuf - 5 + 2;
+ }
+ }
+ break;
+
+ }
+ return ret;
+}
+
+
+static int fts5PorterStep1B(char *aBuf, int *pnBuf){
+ int ret = 0;
+ int nBuf = *pnBuf;
+ switch( aBuf[nBuf-2] ){
+
+ case 'e':
+ if( nBuf>3 && 0==memcmp("eed", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_MGt0(aBuf, nBuf-3) ){
+ memcpy(&aBuf[nBuf-3], "ee", 2);
+ *pnBuf = nBuf - 3 + 2;
+ }
+ }else if( nBuf>2 && 0==memcmp("ed", &aBuf[nBuf-2], 2) ){
+ if( fts5Porter_Vowel(aBuf, nBuf-2) ){
+ *pnBuf = nBuf - 2;
+ ret = 1;
+ }
+ }
+ break;
+
+ case 'n':
+ if( nBuf>3 && 0==memcmp("ing", &aBuf[nBuf-3], 3) ){
+ if( fts5Porter_Vowel(aBuf, nBuf-3) ){
+ *pnBuf = nBuf - 3;
+ ret = 1;
+ }
+ }
+ break;
+
+ }
+ return ret;
+}
+
+/*
+** GENERATED CODE ENDS HERE (mkportersteps.tcl)
+***************************************************************************
+**************************************************************************/
+
+static void fts5PorterStep1A(char *aBuf, int *pnBuf){
+ int nBuf = *pnBuf;
+ if( aBuf[nBuf-1]=='s' ){
+ if( aBuf[nBuf-2]=='e' ){
+ if( (nBuf>4 && aBuf[nBuf-4]=='s' && aBuf[nBuf-3]=='s')
+ || (nBuf>3 && aBuf[nBuf-3]=='i' )
+ ){
+ *pnBuf = nBuf-2;
+ }else{
+ *pnBuf = nBuf-1;
+ }
+ }
+ else if( aBuf[nBuf-2]!='s' ){
+ *pnBuf = nBuf-1;
+ }
+ }
+}
+
+static int fts5PorterCb(
+ void *pCtx,
+ int tflags,
+ const char *pToken,
+ int nToken,
+ int iStart,
+ int iEnd
+){
+ PorterContext *p = (PorterContext*)pCtx;
+
+ char *aBuf;
+ int nBuf;
+
+ if( nToken>FTS5_PORTER_MAX_TOKEN || nToken<3 ) goto pass_through;
+ aBuf = p->aBuf;
+ nBuf = nToken;
+ memcpy(aBuf, pToken, nBuf);
+
+ /* Step 1. */
+ fts5PorterStep1A(aBuf, &nBuf);
+ if( fts5PorterStep1B(aBuf, &nBuf) ){
+ if( fts5PorterStep1B2(aBuf, &nBuf)==0 ){
+ char c = aBuf[nBuf-1];
+ if( fts5PorterIsVowel(c, 0)==0
+ && c!='l' && c!='s' && c!='z' && c==aBuf[nBuf-2]
+ ){
+ nBuf--;
+ }else if( fts5Porter_MEq1(aBuf, nBuf) && fts5Porter_Ostar(aBuf, nBuf) ){
+ aBuf[nBuf++] = 'e';
+ }
+ }
+ }
+
+ /* Step 1C. */
+ if( aBuf[nBuf-1]=='y' && fts5Porter_Vowel(aBuf, nBuf-1) ){
+ aBuf[nBuf-1] = 'i';
+ }
+
+ /* Steps 2 through 4. */
+ fts5PorterStep2(aBuf, &nBuf);
+ fts5PorterStep3(aBuf, &nBuf);
+ fts5PorterStep4(aBuf, &nBuf);
+
+ /* Step 5a. */
+ assert( nBuf>0 );
+ if( aBuf[nBuf-1]=='e' ){
+ if( fts5Porter_MGt1(aBuf, nBuf-1)
+ || (fts5Porter_MEq1(aBuf, nBuf-1) && !fts5Porter_Ostar(aBuf, nBuf-1))
+ ){
+ nBuf--;
+ }
+ }
+
+ /* Step 5b. */
+ if( nBuf>1 && aBuf[nBuf-1]=='l'
+ && aBuf[nBuf-2]=='l' && fts5Porter_MGt1(aBuf, nBuf-1)
+ ){
+ nBuf--;
+ }
+
+ return p->xToken(p->pCtx, tflags, aBuf, nBuf, iStart, iEnd);
+
+ pass_through:
+ return p->xToken(p->pCtx, tflags, pToken, nToken, iStart, iEnd);
+}
+
+/*
+** Tokenize using the porter tokenizer.
+*/
+static int fts5PorterTokenize(
+ Fts5Tokenizer *pTokenizer,
+ void *pCtx,
+ int flags,
+ const char *pText, int nText,
+ int (*xToken)(void*, int, const char*, int nToken, int iStart, int iEnd)
+){
+ PorterTokenizer *p = (PorterTokenizer*)pTokenizer;
+ PorterContext sCtx;
+ sCtx.xToken = xToken;
+ sCtx.pCtx = pCtx;
+ sCtx.aBuf = p->aBuf;
+ return p->tokenizer.xTokenize(
+ p->pTokenizer, (void*)&sCtx, flags, pText, nText, fts5PorterCb
+ );
+}
+
+/*
+** Register all built-in tokenizers with FTS5.
+*/
+static int sqlite3Fts5TokenizerInit(fts5_api *pApi){
+ struct BuiltinTokenizer {
+ const char *zName;
+ fts5_tokenizer x;
+ } aBuiltin[] = {
+ { "unicode61", {fts5UnicodeCreate, fts5UnicodeDelete, fts5UnicodeTokenize}},
+ { "ascii", {fts5AsciiCreate, fts5AsciiDelete, fts5AsciiTokenize }},
+ { "porter", {fts5PorterCreate, fts5PorterDelete, fts5PorterTokenize }},
+ };
+
+ int rc = SQLITE_OK; /* Return code */
+ int i; /* To iterate through builtin functions */
+
+ for(i=0; rc==SQLITE_OK && i<(int)ArraySize(aBuiltin); i++){
+ rc = pApi->xCreateTokenizer(pApi,
+ aBuiltin[i].zName,
+ (void*)pApi,
+ &aBuiltin[i].x,
+ 0
+ );
+ }
+
+ return rc;
+}
+
+
+
+/*
+** 2012 May 25
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+*/
+
+/*
+** DO NOT EDIT THIS MACHINE GENERATED FILE.
+*/
+
+
+/* #include <assert.h> */
+
+/*
+** Return true if the argument corresponds to a unicode codepoint
+** classified as either a letter or a number. Otherwise false.
+**
+** The results are undefined if the value passed to this function
+** is less than zero.
+*/
+static int sqlite3Fts5UnicodeIsalnum(int c){
+ /* Each unsigned integer in the following array corresponds to a contiguous
+ ** range of unicode codepoints that are not either letters or numbers (i.e.
+ ** codepoints for which this function should return 0).
+ **
+ ** The most significant 22 bits in each 32-bit value contain the first
+ ** codepoint in the range. The least significant 10 bits are used to store
+ ** the size of the range (always at least 1). In other words, the value
+ ** ((C<<22) + N) represents a range of N codepoints starting with codepoint
+ ** C. It is not possible to represent a range larger than 1023 codepoints
+ ** using this format.
+ */
+ static const unsigned int aEntry[] = {
+ 0x00000030, 0x0000E807, 0x00016C06, 0x0001EC2F, 0x0002AC07,
+ 0x0002D001, 0x0002D803, 0x0002EC01, 0x0002FC01, 0x00035C01,
+ 0x0003DC01, 0x000B0804, 0x000B480E, 0x000B9407, 0x000BB401,
+ 0x000BBC81, 0x000DD401, 0x000DF801, 0x000E1002, 0x000E1C01,
+ 0x000FD801, 0x00120808, 0x00156806, 0x00162402, 0x00163C01,
+ 0x00164437, 0x0017CC02, 0x00180005, 0x00181816, 0x00187802,
+ 0x00192C15, 0x0019A804, 0x0019C001, 0x001B5001, 0x001B580F,
+ 0x001B9C07, 0x001BF402, 0x001C000E, 0x001C3C01, 0x001C4401,
+ 0x001CC01B, 0x001E980B, 0x001FAC09, 0x001FD804, 0x00205804,
+ 0x00206C09, 0x00209403, 0x0020A405, 0x0020C00F, 0x00216403,
+ 0x00217801, 0x0023901B, 0x00240004, 0x0024E803, 0x0024F812,
+ 0x00254407, 0x00258804, 0x0025C001, 0x00260403, 0x0026F001,
+ 0x0026F807, 0x00271C02, 0x00272C03, 0x00275C01, 0x00278802,
+ 0x0027C802, 0x0027E802, 0x00280403, 0x0028F001, 0x0028F805,
+ 0x00291C02, 0x00292C03, 0x00294401, 0x0029C002, 0x0029D401,
+ 0x002A0403, 0x002AF001, 0x002AF808, 0x002B1C03, 0x002B2C03,
+ 0x002B8802, 0x002BC002, 0x002C0403, 0x002CF001, 0x002CF807,
+ 0x002D1C02, 0x002D2C03, 0x002D5802, 0x002D8802, 0x002DC001,
+ 0x002E0801, 0x002EF805, 0x002F1803, 0x002F2804, 0x002F5C01,
+ 0x002FCC08, 0x00300403, 0x0030F807, 0x00311803, 0x00312804,
+ 0x00315402, 0x00318802, 0x0031FC01, 0x00320802, 0x0032F001,
+ 0x0032F807, 0x00331803, 0x00332804, 0x00335402, 0x00338802,
+ 0x00340802, 0x0034F807, 0x00351803, 0x00352804, 0x00355C01,
+ 0x00358802, 0x0035E401, 0x00360802, 0x00372801, 0x00373C06,
+ 0x00375801, 0x00376008, 0x0037C803, 0x0038C401, 0x0038D007,
+ 0x0038FC01, 0x00391C09, 0x00396802, 0x003AC401, 0x003AD006,
+ 0x003AEC02, 0x003B2006, 0x003C041F, 0x003CD00C, 0x003DC417,
+ 0x003E340B, 0x003E6424, 0x003EF80F, 0x003F380D, 0x0040AC14,
+ 0x00412806, 0x00415804, 0x00417803, 0x00418803, 0x00419C07,
+ 0x0041C404, 0x0042080C, 0x00423C01, 0x00426806, 0x0043EC01,
+ 0x004D740C, 0x004E400A, 0x00500001, 0x0059B402, 0x005A0001,
+ 0x005A6C02, 0x005BAC03, 0x005C4803, 0x005CC805, 0x005D4802,
+ 0x005DC802, 0x005ED023, 0x005F6004, 0x005F7401, 0x0060000F,
+ 0x0062A401, 0x0064800C, 0x0064C00C, 0x00650001, 0x00651002,
+ 0x0066C011, 0x00672002, 0x00677822, 0x00685C05, 0x00687802,
+ 0x0069540A, 0x0069801D, 0x0069FC01, 0x006A8007, 0x006AA006,
+ 0x006C0005, 0x006CD011, 0x006D6823, 0x006E0003, 0x006E840D,
+ 0x006F980E, 0x006FF004, 0x00709014, 0x0070EC05, 0x0071F802,
+ 0x00730008, 0x00734019, 0x0073B401, 0x0073C803, 0x00770027,
+ 0x0077F004, 0x007EF401, 0x007EFC03, 0x007F3403, 0x007F7403,
+ 0x007FB403, 0x007FF402, 0x00800065, 0x0081A806, 0x0081E805,
+ 0x00822805, 0x0082801A, 0x00834021, 0x00840002, 0x00840C04,
+ 0x00842002, 0x00845001, 0x00845803, 0x00847806, 0x00849401,
+ 0x00849C01, 0x0084A401, 0x0084B801, 0x0084E802, 0x00850005,
+ 0x00852804, 0x00853C01, 0x00864264, 0x00900027, 0x0091000B,
+ 0x0092704E, 0x00940200, 0x009C0475, 0x009E53B9, 0x00AD400A,
+ 0x00B39406, 0x00B3BC03, 0x00B3E404, 0x00B3F802, 0x00B5C001,
+ 0x00B5FC01, 0x00B7804F, 0x00B8C00C, 0x00BA001A, 0x00BA6C59,
+ 0x00BC00D6, 0x00BFC00C, 0x00C00005, 0x00C02019, 0x00C0A807,
+ 0x00C0D802, 0x00C0F403, 0x00C26404, 0x00C28001, 0x00C3EC01,
+ 0x00C64002, 0x00C6580A, 0x00C70024, 0x00C8001F, 0x00C8A81E,
+ 0x00C94001, 0x00C98020, 0x00CA2827, 0x00CB003F, 0x00CC0100,
+ 0x01370040, 0x02924037, 0x0293F802, 0x02983403, 0x0299BC10,
+ 0x029A7C01, 0x029BC008, 0x029C0017, 0x029C8002, 0x029E2402,
+ 0x02A00801, 0x02A01801, 0x02A02C01, 0x02A08C09, 0x02A0D804,
+ 0x02A1D004, 0x02A20002, 0x02A2D011, 0x02A33802, 0x02A38012,
+ 0x02A3E003, 0x02A4980A, 0x02A51C0D, 0x02A57C01, 0x02A60004,
+ 0x02A6CC1B, 0x02A77802, 0x02A8A40E, 0x02A90C01, 0x02A93002,
+ 0x02A97004, 0x02A9DC03, 0x02A9EC01, 0x02AAC001, 0x02AAC803,
+ 0x02AADC02, 0x02AAF802, 0x02AB0401, 0x02AB7802, 0x02ABAC07,
+ 0x02ABD402, 0x02AF8C0B, 0x03600001, 0x036DFC02, 0x036FFC02,
+ 0x037FFC01, 0x03EC7801, 0x03ECA401, 0x03EEC810, 0x03F4F802,
+ 0x03F7F002, 0x03F8001A, 0x03F88007, 0x03F8C023, 0x03F95013,
+ 0x03F9A004, 0x03FBFC01, 0x03FC040F, 0x03FC6807, 0x03FCEC06,
+ 0x03FD6C0B, 0x03FF8007, 0x03FFA007, 0x03FFE405, 0x04040003,
+ 0x0404DC09, 0x0405E411, 0x0406400C, 0x0407402E, 0x040E7C01,
+ 0x040F4001, 0x04215C01, 0x04247C01, 0x0424FC01, 0x04280403,
+ 0x04281402, 0x04283004, 0x0428E003, 0x0428FC01, 0x04294009,
+ 0x0429FC01, 0x042CE407, 0x04400003, 0x0440E016, 0x04420003,
+ 0x0442C012, 0x04440003, 0x04449C0E, 0x04450004, 0x04460003,
+ 0x0446CC0E, 0x04471404, 0x045AAC0D, 0x0491C004, 0x05BD442E,
+ 0x05BE3C04, 0x074000F6, 0x07440027, 0x0744A4B5, 0x07480046,
+ 0x074C0057, 0x075B0401, 0x075B6C01, 0x075BEC01, 0x075C5401,
+ 0x075CD401, 0x075D3C01, 0x075DBC01, 0x075E2401, 0x075EA401,
+ 0x075F0C01, 0x07BBC002, 0x07C0002C, 0x07C0C064, 0x07C2800F,
+ 0x07C2C40E, 0x07C3040F, 0x07C3440F, 0x07C4401F, 0x07C4C03C,
+ 0x07C5C02B, 0x07C7981D, 0x07C8402B, 0x07C90009, 0x07C94002,
+ 0x07CC0021, 0x07CCC006, 0x07CCDC46, 0x07CE0014, 0x07CE8025,
+ 0x07CF1805, 0x07CF8011, 0x07D0003F, 0x07D10001, 0x07D108B6,
+ 0x07D3E404, 0x07D4003E, 0x07D50004, 0x07D54018, 0x07D7EC46,
+ 0x07D9140B, 0x07DA0046, 0x07DC0074, 0x38000401, 0x38008060,
+ 0x380400F0,
+ };
+ static const unsigned int aAscii[4] = {
+ 0xFFFFFFFF, 0xFC00FFFF, 0xF8000001, 0xF8000001,
+ };
+
+ if( c<128 ){
+ return ( (aAscii[c >> 5] & (1 << (c & 0x001F)))==0 );
+ }else if( c<(1<<22) ){
+ unsigned int key = (((unsigned int)c)<<10) | 0x000003FF;
+ int iRes = 0;
+ int iHi = sizeof(aEntry)/sizeof(aEntry[0]) - 1;
+ int iLo = 0;
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ if( key >= aEntry[iTest] ){
+ iRes = iTest;
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ assert( aEntry[0]<key );
+ assert( key>=aEntry[iRes] );
+ return (((unsigned int)c) >= ((aEntry[iRes]>>10) + (aEntry[iRes]&0x3FF)));
+ }
+ return 1;
+}
+
+
+/*
+** If the argument is a codepoint corresponding to a lowercase letter
+** in the ASCII range with a diacritic added, return the codepoint
+** of the ASCII letter only. For example, if passed 235 - "LATIN
+** SMALL LETTER E WITH DIAERESIS" - return 65 ("LATIN SMALL LETTER
+** E"). The resuls of passing a codepoint that corresponds to an
+** uppercase letter are undefined.
+*/
+static int fts5_remove_diacritic(int c){
+ unsigned short aDia[] = {
+ 0, 1797, 1848, 1859, 1891, 1928, 1940, 1995,
+ 2024, 2040, 2060, 2110, 2168, 2206, 2264, 2286,
+ 2344, 2383, 2472, 2488, 2516, 2596, 2668, 2732,
+ 2782, 2842, 2894, 2954, 2984, 3000, 3028, 3336,
+ 3456, 3696, 3712, 3728, 3744, 3896, 3912, 3928,
+ 3968, 4008, 4040, 4106, 4138, 4170, 4202, 4234,
+ 4266, 4296, 4312, 4344, 4408, 4424, 4472, 4504,
+ 6148, 6198, 6264, 6280, 6360, 6429, 6505, 6529,
+ 61448, 61468, 61534, 61592, 61642, 61688, 61704, 61726,
+ 61784, 61800, 61836, 61880, 61914, 61948, 61998, 62122,
+ 62154, 62200, 62218, 62302, 62364, 62442, 62478, 62536,
+ 62554, 62584, 62604, 62640, 62648, 62656, 62664, 62730,
+ 62924, 63050, 63082, 63274, 63390,
+ };
+ char aChar[] = {
+ '\0', 'a', 'c', 'e', 'i', 'n', 'o', 'u', 'y', 'y', 'a', 'c',
+ 'd', 'e', 'e', 'g', 'h', 'i', 'j', 'k', 'l', 'n', 'o', 'r',
+ 's', 't', 'u', 'u', 'w', 'y', 'z', 'o', 'u', 'a', 'i', 'o',
+ 'u', 'g', 'k', 'o', 'j', 'g', 'n', 'a', 'e', 'i', 'o', 'r',
+ 'u', 's', 't', 'h', 'a', 'e', 'o', 'y', '\0', '\0', '\0', '\0',
+ '\0', '\0', '\0', '\0', 'a', 'b', 'd', 'd', 'e', 'f', 'g', 'h',
+ 'h', 'i', 'k', 'l', 'l', 'm', 'n', 'p', 'r', 'r', 's', 't',
+ 'u', 'v', 'w', 'w', 'x', 'y', 'z', 'h', 't', 'w', 'y', 'a',
+ 'e', 'i', 'o', 'u', 'y',
+ };
+
+ unsigned int key = (((unsigned int)c)<<3) | 0x00000007;
+ int iRes = 0;
+ int iHi = sizeof(aDia)/sizeof(aDia[0]) - 1;
+ int iLo = 0;
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ if( key >= aDia[iTest] ){
+ iRes = iTest;
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+ assert( key>=aDia[iRes] );
+ return ((c > (aDia[iRes]>>3) + (aDia[iRes]&0x07)) ? c : (int)aChar[iRes]);
+}
+
+
+/*
+** Return true if the argument interpreted as a unicode codepoint
+** is a diacritical modifier character.
+*/
+static int sqlite3Fts5UnicodeIsdiacritic(int c){
+ unsigned int mask0 = 0x08029FDF;
+ unsigned int mask1 = 0x000361F8;
+ if( c<768 || c>817 ) return 0;
+ return (c < 768+32) ?
+ (mask0 & (1 << (c-768))) :
+ (mask1 & (1 << (c-768-32)));
+}
+
+
+/*
+** Interpret the argument as a unicode codepoint. If the codepoint
+** is an upper case character that has a lower case equivalent,
+** return the codepoint corresponding to the lower case version.
+** Otherwise, return a copy of the argument.
+**
+** The results are undefined if the value passed to this function
+** is less than zero.
+*/
+static int sqlite3Fts5UnicodeFold(int c, int bRemoveDiacritic){
+ /* Each entry in the following array defines a rule for folding a range
+ ** of codepoints to lower case. The rule applies to a range of nRange
+ ** codepoints starting at codepoint iCode.
+ **
+ ** If the least significant bit in flags is clear, then the rule applies
+ ** to all nRange codepoints (i.e. all nRange codepoints are upper case and
+ ** need to be folded). Or, if it is set, then the rule only applies to
+ ** every second codepoint in the range, starting with codepoint C.
+ **
+ ** The 7 most significant bits in flags are an index into the aiOff[]
+ ** array. If a specific codepoint C does require folding, then its lower
+ ** case equivalent is ((C + aiOff[flags>>1]) & 0xFFFF).
+ **
+ ** The contents of this array are generated by parsing the CaseFolding.txt
+ ** file distributed as part of the "Unicode Character Database". See
+ ** http://www.unicode.org for details.
+ */
+ static const struct TableEntry {
+ unsigned short iCode;
+ unsigned char flags;
+ unsigned char nRange;
+ } aEntry[] = {
+ {65, 14, 26}, {181, 64, 1}, {192, 14, 23},
+ {216, 14, 7}, {256, 1, 48}, {306, 1, 6},
+ {313, 1, 16}, {330, 1, 46}, {376, 116, 1},
+ {377, 1, 6}, {383, 104, 1}, {385, 50, 1},
+ {386, 1, 4}, {390, 44, 1}, {391, 0, 1},
+ {393, 42, 2}, {395, 0, 1}, {398, 32, 1},
+ {399, 38, 1}, {400, 40, 1}, {401, 0, 1},
+ {403, 42, 1}, {404, 46, 1}, {406, 52, 1},
+ {407, 48, 1}, {408, 0, 1}, {412, 52, 1},
+ {413, 54, 1}, {415, 56, 1}, {416, 1, 6},
+ {422, 60, 1}, {423, 0, 1}, {425, 60, 1},
+ {428, 0, 1}, {430, 60, 1}, {431, 0, 1},
+ {433, 58, 2}, {435, 1, 4}, {439, 62, 1},
+ {440, 0, 1}, {444, 0, 1}, {452, 2, 1},
+ {453, 0, 1}, {455, 2, 1}, {456, 0, 1},
+ {458, 2, 1}, {459, 1, 18}, {478, 1, 18},
+ {497, 2, 1}, {498, 1, 4}, {502, 122, 1},
+ {503, 134, 1}, {504, 1, 40}, {544, 110, 1},
+ {546, 1, 18}, {570, 70, 1}, {571, 0, 1},
+ {573, 108, 1}, {574, 68, 1}, {577, 0, 1},
+ {579, 106, 1}, {580, 28, 1}, {581, 30, 1},
+ {582, 1, 10}, {837, 36, 1}, {880, 1, 4},
+ {886, 0, 1}, {902, 18, 1}, {904, 16, 3},
+ {908, 26, 1}, {910, 24, 2}, {913, 14, 17},
+ {931, 14, 9}, {962, 0, 1}, {975, 4, 1},
+ {976, 140, 1}, {977, 142, 1}, {981, 146, 1},
+ {982, 144, 1}, {984, 1, 24}, {1008, 136, 1},
+ {1009, 138, 1}, {1012, 130, 1}, {1013, 128, 1},
+ {1015, 0, 1}, {1017, 152, 1}, {1018, 0, 1},
+ {1021, 110, 3}, {1024, 34, 16}, {1040, 14, 32},
+ {1120, 1, 34}, {1162, 1, 54}, {1216, 6, 1},
+ {1217, 1, 14}, {1232, 1, 88}, {1329, 22, 38},
+ {4256, 66, 38}, {4295, 66, 1}, {4301, 66, 1},
+ {7680, 1, 150}, {7835, 132, 1}, {7838, 96, 1},
+ {7840, 1, 96}, {7944, 150, 8}, {7960, 150, 6},
+ {7976, 150, 8}, {7992, 150, 8}, {8008, 150, 6},
+ {8025, 151, 8}, {8040, 150, 8}, {8072, 150, 8},
+ {8088, 150, 8}, {8104, 150, 8}, {8120, 150, 2},
+ {8122, 126, 2}, {8124, 148, 1}, {8126, 100, 1},
+ {8136, 124, 4}, {8140, 148, 1}, {8152, 150, 2},
+ {8154, 120, 2}, {8168, 150, 2}, {8170, 118, 2},
+ {8172, 152, 1}, {8184, 112, 2}, {8186, 114, 2},
+ {8188, 148, 1}, {8486, 98, 1}, {8490, 92, 1},
+ {8491, 94, 1}, {8498, 12, 1}, {8544, 8, 16},
+ {8579, 0, 1}, {9398, 10, 26}, {11264, 22, 47},
+ {11360, 0, 1}, {11362, 88, 1}, {11363, 102, 1},
+ {11364, 90, 1}, {11367, 1, 6}, {11373, 84, 1},
+ {11374, 86, 1}, {11375, 80, 1}, {11376, 82, 1},
+ {11378, 0, 1}, {11381, 0, 1}, {11390, 78, 2},
+ {11392, 1, 100}, {11499, 1, 4}, {11506, 0, 1},
+ {42560, 1, 46}, {42624, 1, 24}, {42786, 1, 14},
+ {42802, 1, 62}, {42873, 1, 4}, {42877, 76, 1},
+ {42878, 1, 10}, {42891, 0, 1}, {42893, 74, 1},
+ {42896, 1, 4}, {42912, 1, 10}, {42922, 72, 1},
+ {65313, 14, 26},
+ };
+ static const unsigned short aiOff[] = {
+ 1, 2, 8, 15, 16, 26, 28, 32,
+ 37, 38, 40, 48, 63, 64, 69, 71,
+ 79, 80, 116, 202, 203, 205, 206, 207,
+ 209, 210, 211, 213, 214, 217, 218, 219,
+ 775, 7264, 10792, 10795, 23228, 23256, 30204, 54721,
+ 54753, 54754, 54756, 54787, 54793, 54809, 57153, 57274,
+ 57921, 58019, 58363, 61722, 65268, 65341, 65373, 65406,
+ 65408, 65410, 65415, 65424, 65436, 65439, 65450, 65462,
+ 65472, 65476, 65478, 65480, 65482, 65488, 65506, 65511,
+ 65514, 65521, 65527, 65528, 65529,
+ };
+
+ int ret = c;
+
+ assert( sizeof(unsigned short)==2 && sizeof(unsigned char)==1 );
+
+ if( c<128 ){
+ if( c>='A' && c<='Z' ) ret = c + ('a' - 'A');
+ }else if( c<65536 ){
+ const struct TableEntry *p;
+ int iHi = sizeof(aEntry)/sizeof(aEntry[0]) - 1;
+ int iLo = 0;
+ int iRes = -1;
+
+ assert( c>aEntry[0].iCode );
+ while( iHi>=iLo ){
+ int iTest = (iHi + iLo) / 2;
+ int cmp = (c - aEntry[iTest].iCode);
+ if( cmp>=0 ){
+ iRes = iTest;
+ iLo = iTest+1;
+ }else{
+ iHi = iTest-1;
+ }
+ }
+
+ assert( iRes>=0 && c>=aEntry[iRes].iCode );
+ p = &aEntry[iRes];
+ if( c<(p->iCode + p->nRange) && 0==(0x01 & p->flags & (p->iCode ^ c)) ){
+ ret = (c + (aiOff[p->flags>>1])) & 0x0000FFFF;
+ assert( ret>0 );
+ }
+
+ if( bRemoveDiacritic ) ret = fts5_remove_diacritic(ret);
+ }
+
+ else if( c>=66560 && c<66600 ){
+ ret = c + 40;
+ }
+
+ return ret;
+}
+
+/*
+** 2015 May 30
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Routines for varint serialization and deserialization.
+*/
+
+
+/* #include "fts5Int.h" */
+
+/*
+** This is a copy of the sqlite3GetVarint32() routine from the SQLite core.
+** Except, this version does handle the single byte case that the core
+** version depends on being handled before its function is called.
+*/
+static int sqlite3Fts5GetVarint32(const unsigned char *p, u32 *v){
+ u32 a,b;
+
+ /* The 1-byte case. Overwhelmingly the most common. */
+ a = *p;
+ /* a: p0 (unmasked) */
+ if (!(a&0x80))
+ {
+ /* Values between 0 and 127 */
+ *v = a;
+ return 1;
+ }
+
+ /* The 2-byte case */
+ p++;
+ b = *p;
+ /* b: p1 (unmasked) */
+ if (!(b&0x80))
+ {
+ /* Values between 128 and 16383 */
+ a &= 0x7f;
+ a = a<<7;
+ *v = a | b;
+ return 2;
+ }
+
+ /* The 3-byte case */
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<14 | p2 (unmasked) */
+ if (!(a&0x80))
+ {
+ /* Values between 16384 and 2097151 */
+ a &= (0x7f<<14)|(0x7f);
+ b &= 0x7f;
+ b = b<<7;
+ *v = a | b;
+ return 3;
+ }
+
+ /* A 32-bit varint is used to store size information in btrees.
+ ** Objects are rarely larger than 2MiB limit of a 3-byte varint.
+ ** A 3-byte varint is sufficient, for example, to record the size
+ ** of a 1048569-byte BLOB or string.
+ **
+ ** We only unroll the first 1-, 2-, and 3- byte cases. The very
+ ** rare larger cases can be handled by the slower 64-bit varint
+ ** routine.
+ */
+ {
+ u64 v64;
+ u8 n;
+ p -= 2;
+ n = sqlite3Fts5GetVarint(p, &v64);
+ *v = (u32)v64;
+ assert( n>3 && n<=9 );
+ return n;
+ }
+}
+
+
+/*
+** Bitmasks used by sqlite3GetVarint(). These precomputed constants
+** are defined here rather than simply putting the constant expressions
+** inline in order to work around bugs in the RVT compiler.
+**
+** SLOT_2_0 A mask for (0x7f<<14) | 0x7f
+**
+** SLOT_4_2_0 A mask for (0x7f<<28) | SLOT_2_0
+*/
+#define SLOT_2_0 0x001fc07f
+#define SLOT_4_2_0 0xf01fc07f
+
+/*
+** Read a 64-bit variable-length integer from memory starting at p[0].
+** Return the number of bytes read. The value is stored in *v.
+*/
+static u8 sqlite3Fts5GetVarint(const unsigned char *p, u64 *v){
+ u32 a,b,s;
+
+ a = *p;
+ /* a: p0 (unmasked) */
+ if (!(a&0x80))
+ {
+ *v = a;
+ return 1;
+ }
+
+ p++;
+ b = *p;
+ /* b: p1 (unmasked) */
+ if (!(b&0x80))
+ {
+ a &= 0x7f;
+ a = a<<7;
+ a |= b;
+ *v = a;
+ return 2;
+ }
+
+ /* Verify that constants are precomputed correctly */
+ assert( SLOT_2_0 == ((0x7f<<14) | (0x7f)) );
+ assert( SLOT_4_2_0 == ((0xfU<<28) | (0x7f<<14) | (0x7f)) );
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<14 | p2 (unmasked) */
+ if (!(a&0x80))
+ {
+ a &= SLOT_2_0;
+ b &= 0x7f;
+ b = b<<7;
+ a |= b;
+ *v = a;
+ return 3;
+ }
+
+ /* CSE1 from below */
+ a &= SLOT_2_0;
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p1<<14 | p3 (unmasked) */
+ if (!(b&0x80))
+ {
+ b &= SLOT_2_0;
+ /* moved CSE1 up */
+ /* a &= (0x7f<<14)|(0x7f); */
+ a = a<<7;
+ a |= b;
+ *v = a;
+ return 4;
+ }
+
+ /* a: p0<<14 | p2 (masked) */
+ /* b: p1<<14 | p3 (unmasked) */
+ /* 1:save off p0<<21 | p1<<14 | p2<<7 | p3 (masked) */
+ /* moved CSE1 up */
+ /* a &= (0x7f<<14)|(0x7f); */
+ b &= SLOT_2_0;
+ s = a;
+ /* s: p0<<14 | p2 (masked) */
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p0<<28 | p2<<14 | p4 (unmasked) */
+ if (!(a&0x80))
+ {
+ /* we can skip these cause they were (effectively) done above in calc'ing s */
+ /* a &= (0x7f<<28)|(0x7f<<14)|(0x7f); */
+ /* b &= (0x7f<<14)|(0x7f); */
+ b = b<<7;
+ a |= b;
+ s = s>>18;
+ *v = ((u64)s)<<32 | a;
+ return 5;
+ }
+
+ /* 2:save off p0<<21 | p1<<14 | p2<<7 | p3 (masked) */
+ s = s<<7;
+ s |= b;
+ /* s: p0<<21 | p1<<14 | p2<<7 | p3 (masked) */
+
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p1<<28 | p3<<14 | p5 (unmasked) */
+ if (!(b&0x80))
+ {
+ /* we can skip this cause it was (effectively) done above in calc'ing s */
+ /* b &= (0x7f<<28)|(0x7f<<14)|(0x7f); */
+ a &= SLOT_2_0;
+ a = a<<7;
+ a |= b;
+ s = s>>18;
+ *v = ((u64)s)<<32 | a;
+ return 6;
+ }
+
+ p++;
+ a = a<<14;
+ a |= *p;
+ /* a: p2<<28 | p4<<14 | p6 (unmasked) */
+ if (!(a&0x80))
+ {
+ a &= SLOT_4_2_0;
+ b &= SLOT_2_0;
+ b = b<<7;
+ a |= b;
+ s = s>>11;
+ *v = ((u64)s)<<32 | a;
+ return 7;
+ }
+
+ /* CSE2 from below */
+ a &= SLOT_2_0;
+ p++;
+ b = b<<14;
+ b |= *p;
+ /* b: p3<<28 | p5<<14 | p7 (unmasked) */
+ if (!(b&0x80))
+ {
+ b &= SLOT_4_2_0;
+ /* moved CSE2 up */
+ /* a &= (0x7f<<14)|(0x7f); */
+ a = a<<7;
+ a |= b;
+ s = s>>4;
+ *v = ((u64)s)<<32 | a;
+ return 8;
+ }
+
+ p++;
+ a = a<<15;
+ a |= *p;
+ /* a: p4<<29 | p6<<15 | p8 (unmasked) */
+
+ /* moved CSE2 up */
+ /* a &= (0x7f<<29)|(0x7f<<15)|(0xff); */
+ b &= SLOT_2_0;
+ b = b<<8;
+ a |= b;
+
+ s = s<<4;
+ b = p[-4];
+ b &= 0x7f;
+ b = b>>3;
+ s |= b;
+
+ *v = ((u64)s)<<32 | a;
+
+ return 9;
+}
+
+/*
+** The variable-length integer encoding is as follows:
+**
+** KEY:
+** A = 0xxxxxxx 7 bits of data and one flag bit
+** B = 1xxxxxxx 7 bits of data and one flag bit
+** C = xxxxxxxx 8 bits of data
+**
+** 7 bits - A
+** 14 bits - BA
+** 21 bits - BBA
+** 28 bits - BBBA
+** 35 bits - BBBBA
+** 42 bits - BBBBBA
+** 49 bits - BBBBBBA
+** 56 bits - BBBBBBBA
+** 64 bits - BBBBBBBBC
+*/
+
+#ifdef SQLITE_NOINLINE
+# define FTS5_NOINLINE SQLITE_NOINLINE
+#else
+# define FTS5_NOINLINE
+#endif
+
+/*
+** Write a 64-bit variable-length integer to memory starting at p[0].
+** The length of data write will be between 1 and 9 bytes. The number
+** of bytes written is returned.
+**
+** A variable-length integer consists of the lower 7 bits of each byte
+** for all bytes that have the 8th bit set and one byte with the 8th
+** bit clear. Except, if we get to the 9th byte, it stores the full
+** 8 bits and is the last byte.
+*/
+static int FTS5_NOINLINE fts5PutVarint64(unsigned char *p, u64 v){
+ int i, j, n;
+ u8 buf[10];
+ if( v & (((u64)0xff000000)<<32) ){
+ p[8] = (u8)v;
+ v >>= 8;
+ for(i=7; i>=0; i--){
+ p[i] = (u8)((v & 0x7f) | 0x80);
+ v >>= 7;
+ }
+ return 9;
+ }
+ n = 0;
+ do{
+ buf[n++] = (u8)((v & 0x7f) | 0x80);
+ v >>= 7;
+ }while( v!=0 );
+ buf[0] &= 0x7f;
+ assert( n<=9 );
+ for(i=0, j=n-1; j>=0; j--, i++){
+ p[i] = buf[j];
+ }
+ return n;
+}
+
+static int sqlite3Fts5PutVarint(unsigned char *p, u64 v){
+ if( v<=0x7f ){
+ p[0] = v&0x7f;
+ return 1;
+ }
+ if( v<=0x3fff ){
+ p[0] = ((v>>7)&0x7f)|0x80;
+ p[1] = v&0x7f;
+ return 2;
+ }
+ return fts5PutVarint64(p,v);
+}
+
+
+static int sqlite3Fts5GetVarintLen(u32 iVal){
+ if( iVal<(1 << 7 ) ) return 1;
+ if( iVal<(1 << 14) ) return 2;
+ if( iVal<(1 << 21) ) return 3;
+ if( iVal<(1 << 28) ) return 4;
+ return 5;
+}
+
+
+/*
+** 2015 May 08
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This is an SQLite virtual table module implementing direct access to an
+** existing FTS5 index. The module may create several different types of
+** tables:
+**
+** col:
+** CREATE TABLE vocab(term, col, doc, cnt, PRIMARY KEY(term, col));
+**
+** One row for each term/column combination. The value of $doc is set to
+** the number of fts5 rows that contain at least one instance of term
+** $term within column $col. Field $cnt is set to the total number of
+** instances of term $term in column $col (in any row of the fts5 table).
+**
+** row:
+** CREATE TABLE vocab(term, doc, cnt, PRIMARY KEY(term));
+**
+** One row for each term in the database. The value of $doc is set to
+** the number of fts5 rows that contain at least one instance of term
+** $term. Field $cnt is set to the total number of instances of term
+** $term in the database.
+*/
+
+
+/* #include "fts5Int.h" */
+
+
+typedef struct Fts5VocabTable Fts5VocabTable;
+typedef struct Fts5VocabCursor Fts5VocabCursor;
+
+struct Fts5VocabTable {
+ sqlite3_vtab base;
+ char *zFts5Tbl; /* Name of fts5 table */
+ char *zFts5Db; /* Db containing fts5 table */
+ sqlite3 *db; /* Database handle */
+ Fts5Global *pGlobal; /* FTS5 global object for this database */
+ int eType; /* FTS5_VOCAB_COL or ROW */
+};
+
+struct Fts5VocabCursor {
+ sqlite3_vtab_cursor base;
+ sqlite3_stmt *pStmt; /* Statement holding lock on pIndex */
+ Fts5Index *pIndex; /* Associated FTS5 index */
+
+ int bEof; /* True if this cursor is at EOF */
+ Fts5IndexIter *pIter; /* Term/rowid iterator object */
+
+ int nLeTerm; /* Size of zLeTerm in bytes */
+ char *zLeTerm; /* (term <= $zLeTerm) paramater, or NULL */
+
+ /* These are used by 'col' tables only */
+ Fts5Config *pConfig; /* Fts5 table configuration */
+ int iCol;
+ i64 *aCnt;
+ i64 *aDoc;
+
+ /* Output values used by 'row' and 'col' tables */
+ i64 rowid; /* This table's current rowid value */
+ Fts5Buffer term; /* Current value of 'term' column */
+};
+
+#define FTS5_VOCAB_COL 0
+#define FTS5_VOCAB_ROW 1
+
+#define FTS5_VOCAB_COL_SCHEMA "term, col, doc, cnt"
+#define FTS5_VOCAB_ROW_SCHEMA "term, doc, cnt"
+
+/*
+** Bits for the mask used as the idxNum value by xBestIndex/xFilter.
+*/
+#define FTS5_VOCAB_TERM_EQ 0x01
+#define FTS5_VOCAB_TERM_GE 0x02
+#define FTS5_VOCAB_TERM_LE 0x04
+
+
+/*
+** Translate a string containing an fts5vocab table type to an
+** FTS5_VOCAB_XXX constant. If successful, set *peType to the output
+** value and return SQLITE_OK. Otherwise, set *pzErr to an error message
+** and return SQLITE_ERROR.
+*/
+static int fts5VocabTableType(const char *zType, char **pzErr, int *peType){
+ int rc = SQLITE_OK;
+ char *zCopy = sqlite3Fts5Strndup(&rc, zType, -1);
+ if( rc==SQLITE_OK ){
+ sqlite3Fts5Dequote(zCopy);
+ if( sqlite3_stricmp(zCopy, "col")==0 ){
+ *peType = FTS5_VOCAB_COL;
+ }else
+
+ if( sqlite3_stricmp(zCopy, "row")==0 ){
+ *peType = FTS5_VOCAB_ROW;
+ }else
+ {
+ *pzErr = sqlite3_mprintf("fts5vocab: unknown table type: %Q", zCopy);
+ rc = SQLITE_ERROR;
+ }
+ sqlite3_free(zCopy);
+ }
+
+ return rc;
+}
+
+
+/*
+** The xDisconnect() virtual table method.
+*/
+static int fts5VocabDisconnectMethod(sqlite3_vtab *pVtab){
+ Fts5VocabTable *pTab = (Fts5VocabTable*)pVtab;
+ sqlite3_free(pTab);
+ return SQLITE_OK;
+}
+
+/*
+** The xDestroy() virtual table method.
+*/
+static int fts5VocabDestroyMethod(sqlite3_vtab *pVtab){
+ Fts5VocabTable *pTab = (Fts5VocabTable*)pVtab;
+ sqlite3_free(pTab);
+ return SQLITE_OK;
+}
+
+/*
+** This function is the implementation of both the xConnect and xCreate
+** methods of the FTS3 virtual table.
+**
+** The argv[] array contains the following:
+**
+** argv[0] -> module name ("fts5vocab")
+** argv[1] -> database name
+** argv[2] -> table name
+**
+** then:
+**
+** argv[3] -> name of fts5 table
+** argv[4] -> type of fts5vocab table
+**
+** or, for tables in the TEMP schema only.
+**
+** argv[3] -> name of fts5 tables database
+** argv[4] -> name of fts5 table
+** argv[5] -> type of fts5vocab table
+*/
+static int fts5VocabInitVtab(
+ sqlite3 *db, /* The SQLite database connection */
+ void *pAux, /* Pointer to Fts5Global object */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVTab, /* Write the resulting vtab structure here */
+ char **pzErr /* Write any error message here */
+){
+ const char *azSchema[] = {
+ "CREATE TABlE vocab(" FTS5_VOCAB_COL_SCHEMA ")",
+ "CREATE TABlE vocab(" FTS5_VOCAB_ROW_SCHEMA ")"
+ };
+
+ Fts5VocabTable *pRet = 0;
+ int rc = SQLITE_OK; /* Return code */
+ int bDb;
+
+ bDb = (argc==6 && strlen(argv[1])==4 && memcmp("temp", argv[1], 4)==0);
+
+ if( argc!=5 && bDb==0 ){
+ *pzErr = sqlite3_mprintf("wrong number of vtable arguments");
+ rc = SQLITE_ERROR;
+ }else{
+ int nByte; /* Bytes of space to allocate */
+ const char *zDb = bDb ? argv[3] : argv[1];
+ const char *zTab = bDb ? argv[4] : argv[3];
+ const char *zType = bDb ? argv[5] : argv[4];
+ int nDb = (int)strlen(zDb)+1;
+ int nTab = (int)strlen(zTab)+1;
+ int eType = 0;
+
+ rc = fts5VocabTableType(zType, pzErr, &eType);
+ if( rc==SQLITE_OK ){
+ assert( eType>=0 && eType<sizeof(azSchema)/sizeof(azSchema[0]) );
+ rc = sqlite3_declare_vtab(db, azSchema[eType]);
+ }
+
+ nByte = sizeof(Fts5VocabTable) + nDb + nTab;
+ pRet = sqlite3Fts5MallocZero(&rc, nByte);
+ if( pRet ){
+ pRet->pGlobal = (Fts5Global*)pAux;
+ pRet->eType = eType;
+ pRet->db = db;
+ pRet->zFts5Tbl = (char*)&pRet[1];
+ pRet->zFts5Db = &pRet->zFts5Tbl[nTab];
+ memcpy(pRet->zFts5Tbl, zTab, nTab);
+ memcpy(pRet->zFts5Db, zDb, nDb);
+ sqlite3Fts5Dequote(pRet->zFts5Tbl);
+ sqlite3Fts5Dequote(pRet->zFts5Db);
+ }
+ }
+
+ *ppVTab = (sqlite3_vtab*)pRet;
+ return rc;
+}
+
+
+/*
+** The xConnect() and xCreate() methods for the virtual table. All the
+** work is done in function fts5VocabInitVtab().
+*/
+static int fts5VocabConnectMethod(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* Pointer to tokenizer hash table */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ return fts5VocabInitVtab(db, pAux, argc, argv, ppVtab, pzErr);
+}
+static int fts5VocabCreateMethod(
+ sqlite3 *db, /* Database connection */
+ void *pAux, /* Pointer to tokenizer hash table */
+ int argc, /* Number of elements in argv array */
+ const char * const *argv, /* xCreate/xConnect argument array */
+ sqlite3_vtab **ppVtab, /* OUT: New sqlite3_vtab object */
+ char **pzErr /* OUT: sqlite3_malloc'd error message */
+){
+ return fts5VocabInitVtab(db, pAux, argc, argv, ppVtab, pzErr);
+}
+
+/*
+** Implementation of the xBestIndex method.
+*/
+static int fts5VocabBestIndexMethod(
+ sqlite3_vtab *pVTab,
+ sqlite3_index_info *pInfo
+){
+ int i;
+ int iTermEq = -1;
+ int iTermGe = -1;
+ int iTermLe = -1;
+ int idxNum = 0;
+ int nArg = 0;
+
+ for(i=0; i<pInfo->nConstraint; i++){
+ struct sqlite3_index_constraint *p = &pInfo->aConstraint[i];
+ if( p->usable==0 ) continue;
+ if( p->iColumn==0 ){ /* term column */
+ if( p->op==SQLITE_INDEX_CONSTRAINT_EQ ) iTermEq = i;
+ if( p->op==SQLITE_INDEX_CONSTRAINT_LE ) iTermLe = i;
+ if( p->op==SQLITE_INDEX_CONSTRAINT_LT ) iTermLe = i;
+ if( p->op==SQLITE_INDEX_CONSTRAINT_GE ) iTermGe = i;
+ if( p->op==SQLITE_INDEX_CONSTRAINT_GT ) iTermGe = i;
+ }
+ }
+
+ if( iTermEq>=0 ){
+ idxNum |= FTS5_VOCAB_TERM_EQ;
+ pInfo->aConstraintUsage[iTermEq].argvIndex = ++nArg;
+ pInfo->estimatedCost = 100;
+ }else{
+ pInfo->estimatedCost = 1000000;
+ if( iTermGe>=0 ){
+ idxNum |= FTS5_VOCAB_TERM_GE;
+ pInfo->aConstraintUsage[iTermGe].argvIndex = ++nArg;
+ pInfo->estimatedCost = pInfo->estimatedCost / 2;
+ }
+ if( iTermLe>=0 ){
+ idxNum |= FTS5_VOCAB_TERM_LE;
+ pInfo->aConstraintUsage[iTermLe].argvIndex = ++nArg;
+ pInfo->estimatedCost = pInfo->estimatedCost / 2;
+ }
+ }
+
+ pInfo->idxNum = idxNum;
+
+ return SQLITE_OK;
+}
+
+/*
+** Implementation of xOpen method.
+*/
+static int fts5VocabOpenMethod(
+ sqlite3_vtab *pVTab,
+ sqlite3_vtab_cursor **ppCsr
+){
+ Fts5VocabTable *pTab = (Fts5VocabTable*)pVTab;
+ Fts5Index *pIndex = 0;
+ Fts5Config *pConfig = 0;
+ Fts5VocabCursor *pCsr = 0;
+ int rc = SQLITE_OK;
+ sqlite3_stmt *pStmt = 0;
+ char *zSql = 0;
+
+ zSql = sqlite3Fts5Mprintf(&rc,
+ "SELECT t.%Q FROM %Q.%Q AS t WHERE t.%Q MATCH '*id'",
+ pTab->zFts5Tbl, pTab->zFts5Db, pTab->zFts5Tbl, pTab->zFts5Tbl
+ );
+ if( zSql ){
+ rc = sqlite3_prepare_v2(pTab->db, zSql, -1, &pStmt, 0);
+ }
+ sqlite3_free(zSql);
+ assert( rc==SQLITE_OK || pStmt==0 );
+ if( rc==SQLITE_ERROR ) rc = SQLITE_OK;
+
+ if( pStmt && sqlite3_step(pStmt)==SQLITE_ROW ){
+ i64 iId = sqlite3_column_int64(pStmt, 0);
+ pIndex = sqlite3Fts5IndexFromCsrid(pTab->pGlobal, iId, &pConfig);
+ }
+
+ if( rc==SQLITE_OK && pIndex==0 ){
+ rc = sqlite3_finalize(pStmt);
+ pStmt = 0;
+ if( rc==SQLITE_OK ){
+ pVTab->zErrMsg = sqlite3_mprintf(
+ "no such fts5 table: %s.%s", pTab->zFts5Db, pTab->zFts5Tbl
+ );
+ rc = SQLITE_ERROR;
+ }
+ }
+
+ if( rc==SQLITE_OK ){
+ int nByte = pConfig->nCol * sizeof(i64) * 2 + sizeof(Fts5VocabCursor);
+ pCsr = (Fts5VocabCursor*)sqlite3Fts5MallocZero(&rc, nByte);
+ }
+
+ if( pCsr ){
+ pCsr->pIndex = pIndex;
+ pCsr->pStmt = pStmt;
+ pCsr->pConfig = pConfig;
+ pCsr->aCnt = (i64*)&pCsr[1];
+ pCsr->aDoc = &pCsr->aCnt[pConfig->nCol];
+ }else{
+ sqlite3_finalize(pStmt);
+ }
+
+ *ppCsr = (sqlite3_vtab_cursor*)pCsr;
+ return rc;
+}
+
+static void fts5VocabResetCursor(Fts5VocabCursor *pCsr){
+ pCsr->rowid = 0;
+ sqlite3Fts5IterClose(pCsr->pIter);
+ pCsr->pIter = 0;
+ sqlite3_free(pCsr->zLeTerm);
+ pCsr->nLeTerm = -1;
+ pCsr->zLeTerm = 0;
+}
+
+/*
+** Close the cursor. For additional information see the documentation
+** on the xClose method of the virtual table interface.
+*/
+static int fts5VocabCloseMethod(sqlite3_vtab_cursor *pCursor){
+ Fts5VocabCursor *pCsr = (Fts5VocabCursor*)pCursor;
+ fts5VocabResetCursor(pCsr);
+ sqlite3Fts5BufferFree(&pCsr->term);
+ sqlite3_finalize(pCsr->pStmt);
+ sqlite3_free(pCsr);
+ return SQLITE_OK;
+}
+
+
+/*
+** Advance the cursor to the next row in the table.
+*/
+static int fts5VocabNextMethod(sqlite3_vtab_cursor *pCursor){
+ Fts5VocabCursor *pCsr = (Fts5VocabCursor*)pCursor;
+ Fts5VocabTable *pTab = (Fts5VocabTable*)pCursor->pVtab;
+ int rc = SQLITE_OK;
+ int nCol = pCsr->pConfig->nCol;
+
+ pCsr->rowid++;
+
+ if( pTab->eType==FTS5_VOCAB_COL ){
+ for(pCsr->iCol++; pCsr->iCol<nCol; pCsr->iCol++){
+ if( pCsr->aCnt[pCsr->iCol] ) break;
+ }
+ }
+
+ if( pTab->eType==FTS5_VOCAB_ROW || pCsr->iCol>=nCol ){
+ if( sqlite3Fts5IterEof(pCsr->pIter) ){
+ pCsr->bEof = 1;
+ }else{
+ const char *zTerm;
+ int nTerm;
+
+ zTerm = sqlite3Fts5IterTerm(pCsr->pIter, &nTerm);
+ if( pCsr->nLeTerm>=0 ){
+ int nCmp = MIN(nTerm, pCsr->nLeTerm);
+ int bCmp = memcmp(pCsr->zLeTerm, zTerm, nCmp);
+ if( bCmp<0 || (bCmp==0 && pCsr->nLeTerm<nTerm) ){
+ pCsr->bEof = 1;
+ return SQLITE_OK;
+ }
+ }
+
+ sqlite3Fts5BufferSet(&rc, &pCsr->term, nTerm, (const u8*)zTerm);
+ memset(pCsr->aCnt, 0, nCol * sizeof(i64));
+ memset(pCsr->aDoc, 0, nCol * sizeof(i64));
+ pCsr->iCol = 0;
+
+ assert( pTab->eType==FTS5_VOCAB_COL || pTab->eType==FTS5_VOCAB_ROW );
+ while( rc==SQLITE_OK ){
+ i64 dummy;
+ const u8 *pPos; int nPos; /* Position list */
+ i64 iPos = 0; /* 64-bit position read from poslist */
+ int iOff = 0; /* Current offset within position list */
+
+ rc = sqlite3Fts5IterPoslist(pCsr->pIter, 0, &pPos, &nPos, &dummy);
+ if( rc==SQLITE_OK ){
+ if( pTab->eType==FTS5_VOCAB_ROW ){
+ while( 0==sqlite3Fts5PoslistNext64(pPos, nPos, &iOff, &iPos) ){
+ pCsr->aCnt[0]++;
+ }
+ pCsr->aDoc[0]++;
+ }else{
+ int iCol = -1;
+ while( 0==sqlite3Fts5PoslistNext64(pPos, nPos, &iOff, &iPos) ){
+ int ii = FTS5_POS2COLUMN(iPos);
+ pCsr->aCnt[ii]++;
+ if( iCol!=ii ){
+ pCsr->aDoc[ii]++;
+ iCol = ii;
+ }
+ }
+ }
+ rc = sqlite3Fts5IterNextScan(pCsr->pIter);
+ }
+
+ if( rc==SQLITE_OK ){
+ zTerm = sqlite3Fts5IterTerm(pCsr->pIter, &nTerm);
+ if( nTerm!=pCsr->term.n || memcmp(zTerm, pCsr->term.p, nTerm) ){
+ break;
+ }
+ if( sqlite3Fts5IterEof(pCsr->pIter) ) break;
+ }
+ }
+ }
+ }
+
+ if( pCsr->bEof==0 && pTab->eType==FTS5_VOCAB_COL ){
+ while( pCsr->aCnt[pCsr->iCol]==0 ) pCsr->iCol++;
+ assert( pCsr->iCol<pCsr->pConfig->nCol );
+ }
+ return rc;
+}
+
+/*
+** This is the xFilter implementation for the virtual table.
+*/
+static int fts5VocabFilterMethod(
+ sqlite3_vtab_cursor *pCursor, /* The cursor used for this query */
+ int idxNum, /* Strategy index */
+ const char *idxStr, /* Unused */
+ int nVal, /* Number of elements in apVal */
+ sqlite3_value **apVal /* Arguments for the indexing scheme */
+){
+ Fts5VocabCursor *pCsr = (Fts5VocabCursor*)pCursor;
+ int rc = SQLITE_OK;
+
+ int iVal = 0;
+ int f = FTS5INDEX_QUERY_SCAN;
+ const char *zTerm = 0;
+ int nTerm = 0;
+
+ sqlite3_value *pEq = 0;
+ sqlite3_value *pGe = 0;
+ sqlite3_value *pLe = 0;
+
+ fts5VocabResetCursor(pCsr);
+ if( idxNum & FTS5_VOCAB_TERM_EQ ) pEq = apVal[iVal++];
+ if( idxNum & FTS5_VOCAB_TERM_GE ) pGe = apVal[iVal++];
+ if( idxNum & FTS5_VOCAB_TERM_LE ) pLe = apVal[iVal++];
+
+ if( pEq ){
+ zTerm = (const char *)sqlite3_value_text(pEq);
+ nTerm = sqlite3_value_bytes(pEq);
+ f = 0;
+ }else{
+ if( pGe ){
+ zTerm = (const char *)sqlite3_value_text(pGe);
+ nTerm = sqlite3_value_bytes(pGe);
+ }
+ if( pLe ){
+ const char *zCopy = (const char *)sqlite3_value_text(pLe);
+ pCsr->nLeTerm = sqlite3_value_bytes(pLe);
+ pCsr->zLeTerm = sqlite3_malloc(pCsr->nLeTerm+1);
+ if( pCsr->zLeTerm==0 ){
+ rc = SQLITE_NOMEM;
+ }else{
+ memcpy(pCsr->zLeTerm, zCopy, pCsr->nLeTerm+1);
+ }
+ }
+ }
+
+
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts5IndexQuery(pCsr->pIndex, zTerm, nTerm, f, 0, &pCsr->pIter);
+ }
+ if( rc==SQLITE_OK ){
+ rc = fts5VocabNextMethod(pCursor);
+ }
+
+ return rc;
+}
+
+/*
+** This is the xEof method of the virtual table. SQLite calls this
+** routine to find out if it has reached the end of a result set.
+*/
+static int fts5VocabEofMethod(sqlite3_vtab_cursor *pCursor){
+ Fts5VocabCursor *pCsr = (Fts5VocabCursor*)pCursor;
+ return pCsr->bEof;
+}
+
+static int fts5VocabColumnMethod(
+ sqlite3_vtab_cursor *pCursor, /* Cursor to retrieve value from */
+ sqlite3_context *pCtx, /* Context for sqlite3_result_xxx() calls */
+ int iCol /* Index of column to read value from */
+){
+ Fts5VocabCursor *pCsr = (Fts5VocabCursor*)pCursor;
+
+ if( iCol==0 ){
+ sqlite3_result_text(
+ pCtx, (const char*)pCsr->term.p, pCsr->term.n, SQLITE_TRANSIENT
+ );
+ }
+ else if( ((Fts5VocabTable*)(pCursor->pVtab))->eType==FTS5_VOCAB_COL ){
+ assert( iCol==1 || iCol==2 || iCol==3 );
+ if( iCol==1 ){
+ const char *z = pCsr->pConfig->azCol[pCsr->iCol];
+ sqlite3_result_text(pCtx, z, -1, SQLITE_STATIC);
+ }else if( iCol==2 ){
+ sqlite3_result_int64(pCtx, pCsr->aDoc[pCsr->iCol]);
+ }else{
+ sqlite3_result_int64(pCtx, pCsr->aCnt[pCsr->iCol]);
+ }
+ }else{
+ assert( iCol==1 || iCol==2 );
+ if( iCol==1 ){
+ sqlite3_result_int64(pCtx, pCsr->aDoc[0]);
+ }else{
+ sqlite3_result_int64(pCtx, pCsr->aCnt[0]);
+ }
+ }
+ return SQLITE_OK;
+}
+
+/*
+** This is the xRowid method. The SQLite core calls this routine to
+** retrieve the rowid for the current row of the result set. The
+** rowid should be written to *pRowid.
+*/
+static int fts5VocabRowidMethod(
+ sqlite3_vtab_cursor *pCursor,
+ sqlite_int64 *pRowid
+){
+ Fts5VocabCursor *pCsr = (Fts5VocabCursor*)pCursor;
+ *pRowid = pCsr->rowid;
+ return SQLITE_OK;
+}
+
+static int sqlite3Fts5VocabInit(Fts5Global *pGlobal, sqlite3 *db){
+ static const sqlite3_module fts5Vocab = {
+ /* iVersion */ 2,
+ /* xCreate */ fts5VocabCreateMethod,
+ /* xConnect */ fts5VocabConnectMethod,
+ /* xBestIndex */ fts5VocabBestIndexMethod,
+ /* xDisconnect */ fts5VocabDisconnectMethod,
+ /* xDestroy */ fts5VocabDestroyMethod,
+ /* xOpen */ fts5VocabOpenMethod,
+ /* xClose */ fts5VocabCloseMethod,
+ /* xFilter */ fts5VocabFilterMethod,
+ /* xNext */ fts5VocabNextMethod,
+ /* xEof */ fts5VocabEofMethod,
+ /* xColumn */ fts5VocabColumnMethod,
+ /* xRowid */ fts5VocabRowidMethod,
+ /* xUpdate */ 0,
+ /* xBegin */ 0,
+ /* xSync */ 0,
+ /* xCommit */ 0,
+ /* xRollback */ 0,
+ /* xFindFunction */ 0,
+ /* xRename */ 0,
+ /* xSavepoint */ 0,
+ /* xRelease */ 0,
+ /* xRollbackTo */ 0,
+ };
+ void *p = (void*)pGlobal;
+
+ return sqlite3_create_module_v2(db, "fts5vocab", &fts5Vocab, p, 0);
+}
+
+
+
+
+
+#endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS5) */
+
+/************** End of fts5.c ************************************************/
diff --git a/security/nss/lib/sqlite/sqlite3.h b/security/nss/lib/sqlite/sqlite3.h
new file mode 100644
index 000000000..c6d1e0f23
--- /dev/null
+++ b/security/nss/lib/sqlite/sqlite3.h
@@ -0,0 +1,8630 @@
+/*
+** 2001 September 15
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+** This header file defines the interface that the SQLite library
+** presents to client programs. If a C-function, structure, datatype,
+** or constant definition does not appear in this file, then it is
+** not a published API of SQLite, is subject to change without
+** notice, and should not be referenced by programs that use SQLite.
+**
+** Some of the definitions that are in this file are marked as
+** "experimental". Experimental interfaces are normally new
+** features recently added to SQLite. We do not anticipate changes
+** to experimental interfaces but reserve the right to make minor changes
+** if experience from use "in the wild" suggest such changes are prudent.
+**
+** The official C-language API documentation for SQLite is derived
+** from comments in this file. This file is the authoritative source
+** on how SQLite interfaces are supposed to operate.
+**
+** The name of this file under configuration management is "sqlite.h.in".
+** The makefile makes some minor changes to this file (such as inserting
+** the version number) and changes its name to "sqlite3.h" as
+** part of the build process.
+*/
+#ifndef _SQLITE3_H_
+#define _SQLITE3_H_
+#include <stdarg.h> /* Needed for the definition of va_list */
+
+/*
+** Make sure we can call this stuff from C++.
+*/
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/*
+** Provide the ability to override linkage features of the interface.
+*/
+#ifndef SQLITE_EXTERN
+# define SQLITE_EXTERN extern
+#endif
+#ifndef SQLITE_API
+# define SQLITE_API
+#endif
+#ifndef SQLITE_CDECL
+# define SQLITE_CDECL
+#endif
+#ifndef SQLITE_STDCALL
+# define SQLITE_STDCALL
+#endif
+
+/*
+** These no-op macros are used in front of interfaces to mark those
+** interfaces as either deprecated or experimental. New applications
+** should not use deprecated interfaces - they are supported for backwards
+** compatibility only. Application writers should be aware that
+** experimental interfaces are subject to change in point releases.
+**
+** These macros used to resolve to various kinds of compiler magic that
+** would generate warning messages when they were used. But that
+** compiler magic ended up generating such a flurry of bug reports
+** that we have taken it all out and gone back to using simple
+** noop macros.
+*/
+#define SQLITE_DEPRECATED
+#define SQLITE_EXPERIMENTAL
+
+/*
+** Ensure these symbols were not defined by some previous header file.
+*/
+#ifdef SQLITE_VERSION
+# undef SQLITE_VERSION
+#endif
+#ifdef SQLITE_VERSION_NUMBER
+# undef SQLITE_VERSION_NUMBER
+#endif
+
+/*
+** CAPI3REF: Compile-Time Library Version Numbers
+**
+** ^(The [SQLITE_VERSION] C preprocessor macro in the sqlite3.h header
+** evaluates to a string literal that is the SQLite version in the
+** format "X.Y.Z" where X is the major version number (always 3 for
+** SQLite3) and Y is the minor version number and Z is the release number.)^
+** ^(The [SQLITE_VERSION_NUMBER] C preprocessor macro resolves to an integer
+** with the value (X*1000000 + Y*1000 + Z) where X, Y, and Z are the same
+** numbers used in [SQLITE_VERSION].)^
+** The SQLITE_VERSION_NUMBER for any given release of SQLite will also
+** be larger than the release from which it is derived. Either Y will
+** be held constant and Z will be incremented or else Y will be incremented
+** and Z will be reset to zero.
+**
+** Since version 3.6.18, SQLite source code has been stored in the
+** <a href="http://www.fossil-scm.org/">Fossil configuration management
+** system</a>. ^The SQLITE_SOURCE_ID macro evaluates to
+** a string which identifies a particular check-in of SQLite
+** within its configuration management system. ^The SQLITE_SOURCE_ID
+** string contains the date and time of the check-in (UTC) and an SHA1
+** hash of the entire source tree.
+**
+** See also: [sqlite3_libversion()],
+** [sqlite3_libversion_number()], [sqlite3_sourceid()],
+** [sqlite_version()] and [sqlite_source_id()].
+*/
+#define SQLITE_VERSION "3.10.2"
+#define SQLITE_VERSION_NUMBER 3010002
+#define SQLITE_SOURCE_ID "2016-01-20 15:27:19 17efb4209f97fb4971656086b138599a91a75ff9"
+
+/*
+** CAPI3REF: Run-Time Library Version Numbers
+** KEYWORDS: sqlite3_version, sqlite3_sourceid
+**
+** These interfaces provide the same information as the [SQLITE_VERSION],
+** [SQLITE_VERSION_NUMBER], and [SQLITE_SOURCE_ID] C preprocessor macros
+** but are associated with the library instead of the header file. ^(Cautious
+** programmers might include assert() statements in their application to
+** verify that values returned by these interfaces match the macros in
+** the header, and thus ensure that the application is
+** compiled with matching library and header files.
+**
+** <blockquote><pre>
+** assert( sqlite3_libversion_number()==SQLITE_VERSION_NUMBER );
+** assert( strcmp(sqlite3_sourceid(),SQLITE_SOURCE_ID)==0 );
+** assert( strcmp(sqlite3_libversion(),SQLITE_VERSION)==0 );
+** </pre></blockquote>)^
+**
+** ^The sqlite3_version[] string constant contains the text of [SQLITE_VERSION]
+** macro. ^The sqlite3_libversion() function returns a pointer to the
+** to the sqlite3_version[] string constant. The sqlite3_libversion()
+** function is provided for use in DLLs since DLL users usually do not have
+** direct access to string constants within the DLL. ^The
+** sqlite3_libversion_number() function returns an integer equal to
+** [SQLITE_VERSION_NUMBER]. ^The sqlite3_sourceid() function returns
+** a pointer to a string constant whose value is the same as the
+** [SQLITE_SOURCE_ID] C preprocessor macro.
+**
+** See also: [sqlite_version()] and [sqlite_source_id()].
+*/
+SQLITE_API SQLITE_EXTERN const char sqlite3_version[];
+SQLITE_API const char *SQLITE_STDCALL sqlite3_libversion(void);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_sourceid(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_libversion_number(void);
+
+/*
+** CAPI3REF: Run-Time Library Compilation Options Diagnostics
+**
+** ^The sqlite3_compileoption_used() function returns 0 or 1
+** indicating whether the specified option was defined at
+** compile time. ^The SQLITE_ prefix may be omitted from the
+** option name passed to sqlite3_compileoption_used().
+**
+** ^The sqlite3_compileoption_get() function allows iterating
+** over the list of options that were defined at compile time by
+** returning the N-th compile time option string. ^If N is out of range,
+** sqlite3_compileoption_get() returns a NULL pointer. ^The SQLITE_
+** prefix is omitted from any strings returned by
+** sqlite3_compileoption_get().
+**
+** ^Support for the diagnostic functions sqlite3_compileoption_used()
+** and sqlite3_compileoption_get() may be omitted by specifying the
+** [SQLITE_OMIT_COMPILEOPTION_DIAGS] option at compile time.
+**
+** See also: SQL functions [sqlite_compileoption_used()] and
+** [sqlite_compileoption_get()] and the [compile_options pragma].
+*/
+#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
+SQLITE_API int SQLITE_STDCALL sqlite3_compileoption_used(const char *zOptName);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_compileoption_get(int N);
+#endif
+
+/*
+** CAPI3REF: Test To See If The Library Is Threadsafe
+**
+** ^The sqlite3_threadsafe() function returns zero if and only if
+** SQLite was compiled with mutexing code omitted due to the
+** [SQLITE_THREADSAFE] compile-time option being set to 0.
+**
+** SQLite can be compiled with or without mutexes. When
+** the [SQLITE_THREADSAFE] C preprocessor macro is 1 or 2, mutexes
+** are enabled and SQLite is threadsafe. When the
+** [SQLITE_THREADSAFE] macro is 0,
+** the mutexes are omitted. Without the mutexes, it is not safe
+** to use SQLite concurrently from more than one thread.
+**
+** Enabling mutexes incurs a measurable performance penalty.
+** So if speed is of utmost importance, it makes sense to disable
+** the mutexes. But for maximum safety, mutexes should be enabled.
+** ^The default behavior is for mutexes to be enabled.
+**
+** This interface can be used by an application to make sure that the
+** version of SQLite that it is linking against was compiled with
+** the desired setting of the [SQLITE_THREADSAFE] macro.
+**
+** This interface only reports on the compile-time mutex setting
+** of the [SQLITE_THREADSAFE] flag. If SQLite is compiled with
+** SQLITE_THREADSAFE=1 or =2 then mutexes are enabled by default but
+** can be fully or partially disabled using a call to [sqlite3_config()]
+** with the verbs [SQLITE_CONFIG_SINGLETHREAD], [SQLITE_CONFIG_MULTITHREAD],
+** or [SQLITE_CONFIG_SERIALIZED]. ^(The return value of the
+** sqlite3_threadsafe() function shows only the compile-time setting of
+** thread safety, not any run-time changes to that setting made by
+** sqlite3_config(). In other words, the return value from sqlite3_threadsafe()
+** is unchanged by calls to sqlite3_config().)^
+**
+** See the [threading mode] documentation for additional information.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_threadsafe(void);
+
+/*
+** CAPI3REF: Database Connection Handle
+** KEYWORDS: {database connection} {database connections}
+**
+** Each open SQLite database is represented by a pointer to an instance of
+** the opaque structure named "sqlite3". It is useful to think of an sqlite3
+** pointer as an object. The [sqlite3_open()], [sqlite3_open16()], and
+** [sqlite3_open_v2()] interfaces are its constructors, and [sqlite3_close()]
+** and [sqlite3_close_v2()] are its destructors. There are many other
+** interfaces (such as
+** [sqlite3_prepare_v2()], [sqlite3_create_function()], and
+** [sqlite3_busy_timeout()] to name but three) that are methods on an
+** sqlite3 object.
+*/
+typedef struct sqlite3 sqlite3;
+
+/*
+** CAPI3REF: 64-Bit Integer Types
+** KEYWORDS: sqlite_int64 sqlite_uint64
+**
+** Because there is no cross-platform way to specify 64-bit integer types
+** SQLite includes typedefs for 64-bit signed and unsigned integers.
+**
+** The sqlite3_int64 and sqlite3_uint64 are the preferred type definitions.
+** The sqlite_int64 and sqlite_uint64 types are supported for backwards
+** compatibility only.
+**
+** ^The sqlite3_int64 and sqlite_int64 types can store integer values
+** between -9223372036854775808 and +9223372036854775807 inclusive. ^The
+** sqlite3_uint64 and sqlite_uint64 types can store integer values
+** between 0 and +18446744073709551615 inclusive.
+*/
+#ifdef SQLITE_INT64_TYPE
+ typedef SQLITE_INT64_TYPE sqlite_int64;
+ typedef unsigned SQLITE_INT64_TYPE sqlite_uint64;
+#elif defined(_MSC_VER) || defined(__BORLANDC__)
+ typedef __int64 sqlite_int64;
+ typedef unsigned __int64 sqlite_uint64;
+#else
+ typedef long long int sqlite_int64;
+ typedef unsigned long long int sqlite_uint64;
+#endif
+typedef sqlite_int64 sqlite3_int64;
+typedef sqlite_uint64 sqlite3_uint64;
+
+/*
+** If compiling for a processor that lacks floating point support,
+** substitute integer for floating-point.
+*/
+#ifdef SQLITE_OMIT_FLOATING_POINT
+# define double sqlite3_int64
+#endif
+
+/*
+** CAPI3REF: Closing A Database Connection
+** DESTRUCTOR: sqlite3
+**
+** ^The sqlite3_close() and sqlite3_close_v2() routines are destructors
+** for the [sqlite3] object.
+** ^Calls to sqlite3_close() and sqlite3_close_v2() return [SQLITE_OK] if
+** the [sqlite3] object is successfully destroyed and all associated
+** resources are deallocated.
+**
+** ^If the database connection is associated with unfinalized prepared
+** statements or unfinished sqlite3_backup objects then sqlite3_close()
+** will leave the database connection open and return [SQLITE_BUSY].
+** ^If sqlite3_close_v2() is called with unfinalized prepared statements
+** and/or unfinished sqlite3_backups, then the database connection becomes
+** an unusable "zombie" which will automatically be deallocated when the
+** last prepared statement is finalized or the last sqlite3_backup is
+** finished. The sqlite3_close_v2() interface is intended for use with
+** host languages that are garbage collected, and where the order in which
+** destructors are called is arbitrary.
+**
+** Applications should [sqlite3_finalize | finalize] all [prepared statements],
+** [sqlite3_blob_close | close] all [BLOB handles], and
+** [sqlite3_backup_finish | finish] all [sqlite3_backup] objects associated
+** with the [sqlite3] object prior to attempting to close the object. ^If
+** sqlite3_close_v2() is called on a [database connection] that still has
+** outstanding [prepared statements], [BLOB handles], and/or
+** [sqlite3_backup] objects then it returns [SQLITE_OK] and the deallocation
+** of resources is deferred until all [prepared statements], [BLOB handles],
+** and [sqlite3_backup] objects are also destroyed.
+**
+** ^If an [sqlite3] object is destroyed while a transaction is open,
+** the transaction is automatically rolled back.
+**
+** The C parameter to [sqlite3_close(C)] and [sqlite3_close_v2(C)]
+** must be either a NULL
+** pointer or an [sqlite3] object pointer obtained
+** from [sqlite3_open()], [sqlite3_open16()], or
+** [sqlite3_open_v2()], and not previously closed.
+** ^Calling sqlite3_close() or sqlite3_close_v2() with a NULL pointer
+** argument is a harmless no-op.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_close(sqlite3*);
+SQLITE_API int SQLITE_STDCALL sqlite3_close_v2(sqlite3*);
+
+/*
+** The type for a callback function.
+** This is legacy and deprecated. It is included for historical
+** compatibility and is not documented.
+*/
+typedef int (*sqlite3_callback)(void*,int,char**, char**);
+
+/*
+** CAPI3REF: One-Step Query Execution Interface
+** METHOD: sqlite3
+**
+** The sqlite3_exec() interface is a convenience wrapper around
+** [sqlite3_prepare_v2()], [sqlite3_step()], and [sqlite3_finalize()],
+** that allows an application to run multiple statements of SQL
+** without having to use a lot of C code.
+**
+** ^The sqlite3_exec() interface runs zero or more UTF-8 encoded,
+** semicolon-separate SQL statements passed into its 2nd argument,
+** in the context of the [database connection] passed in as its 1st
+** argument. ^If the callback function of the 3rd argument to
+** sqlite3_exec() is not NULL, then it is invoked for each result row
+** coming out of the evaluated SQL statements. ^The 4th argument to
+** sqlite3_exec() is relayed through to the 1st argument of each
+** callback invocation. ^If the callback pointer to sqlite3_exec()
+** is NULL, then no callback is ever invoked and result rows are
+** ignored.
+**
+** ^If an error occurs while evaluating the SQL statements passed into
+** sqlite3_exec(), then execution of the current statement stops and
+** subsequent statements are skipped. ^If the 5th parameter to sqlite3_exec()
+** is not NULL then any error message is written into memory obtained
+** from [sqlite3_malloc()] and passed back through the 5th parameter.
+** To avoid memory leaks, the application should invoke [sqlite3_free()]
+** on error message strings returned through the 5th parameter of
+** of sqlite3_exec() after the error message string is no longer needed.
+** ^If the 5th parameter to sqlite3_exec() is not NULL and no errors
+** occur, then sqlite3_exec() sets the pointer in its 5th parameter to
+** NULL before returning.
+**
+** ^If an sqlite3_exec() callback returns non-zero, the sqlite3_exec()
+** routine returns SQLITE_ABORT without invoking the callback again and
+** without running any subsequent SQL statements.
+**
+** ^The 2nd argument to the sqlite3_exec() callback function is the
+** number of columns in the result. ^The 3rd argument to the sqlite3_exec()
+** callback is an array of pointers to strings obtained as if from
+** [sqlite3_column_text()], one for each column. ^If an element of a
+** result row is NULL then the corresponding string pointer for the
+** sqlite3_exec() callback is a NULL pointer. ^The 4th argument to the
+** sqlite3_exec() callback is an array of pointers to strings where each
+** entry represents the name of corresponding result column as obtained
+** from [sqlite3_column_name()].
+**
+** ^If the 2nd parameter to sqlite3_exec() is a NULL pointer, a pointer
+** to an empty string, or a pointer that contains only whitespace and/or
+** SQL comments, then no SQL statements are evaluated and the database
+** is not changed.
+**
+** Restrictions:
+**
+** <ul>
+** <li> The application must ensure that the 1st parameter to sqlite3_exec()
+** is a valid and open [database connection].
+** <li> The application must not close the [database connection] specified by
+** the 1st parameter to sqlite3_exec() while sqlite3_exec() is running.
+** <li> The application must not modify the SQL statement text passed into
+** the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running.
+** </ul>
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_exec(
+ sqlite3*, /* An open database */
+ const char *sql, /* SQL to be evaluated */
+ int (*callback)(void*,int,char**,char**), /* Callback function */
+ void *, /* 1st argument to callback */
+ char **errmsg /* Error msg written here */
+);
+
+/*
+** CAPI3REF: Result Codes
+** KEYWORDS: {result code definitions}
+**
+** Many SQLite functions return an integer result code from the set shown
+** here in order to indicate success or failure.
+**
+** New error codes may be added in future versions of SQLite.
+**
+** See also: [extended result code definitions]
+*/
+#define SQLITE_OK 0 /* Successful result */
+/* beginning-of-error-codes */
+#define SQLITE_ERROR 1 /* SQL error or missing database */
+#define SQLITE_INTERNAL 2 /* Internal logic error in SQLite */
+#define SQLITE_PERM 3 /* Access permission denied */
+#define SQLITE_ABORT 4 /* Callback routine requested an abort */
+#define SQLITE_BUSY 5 /* The database file is locked */
+#define SQLITE_LOCKED 6 /* A table in the database is locked */
+#define SQLITE_NOMEM 7 /* A malloc() failed */
+#define SQLITE_READONLY 8 /* Attempt to write a readonly database */
+#define SQLITE_INTERRUPT 9 /* Operation terminated by sqlite3_interrupt()*/
+#define SQLITE_IOERR 10 /* Some kind of disk I/O error occurred */
+#define SQLITE_CORRUPT 11 /* The database disk image is malformed */
+#define SQLITE_NOTFOUND 12 /* Unknown opcode in sqlite3_file_control() */
+#define SQLITE_FULL 13 /* Insertion failed because database is full */
+#define SQLITE_CANTOPEN 14 /* Unable to open the database file */
+#define SQLITE_PROTOCOL 15 /* Database lock protocol error */
+#define SQLITE_EMPTY 16 /* Database is empty */
+#define SQLITE_SCHEMA 17 /* The database schema changed */
+#define SQLITE_TOOBIG 18 /* String or BLOB exceeds size limit */
+#define SQLITE_CONSTRAINT 19 /* Abort due to constraint violation */
+#define SQLITE_MISMATCH 20 /* Data type mismatch */
+#define SQLITE_MISUSE 21 /* Library used incorrectly */
+#define SQLITE_NOLFS 22 /* Uses OS features not supported on host */
+#define SQLITE_AUTH 23 /* Authorization denied */
+#define SQLITE_FORMAT 24 /* Auxiliary database format error */
+#define SQLITE_RANGE 25 /* 2nd parameter to sqlite3_bind out of range */
+#define SQLITE_NOTADB 26 /* File opened that is not a database file */
+#define SQLITE_NOTICE 27 /* Notifications from sqlite3_log() */
+#define SQLITE_WARNING 28 /* Warnings from sqlite3_log() */
+#define SQLITE_ROW 100 /* sqlite3_step() has another row ready */
+#define SQLITE_DONE 101 /* sqlite3_step() has finished executing */
+/* end-of-error-codes */
+
+/*
+** CAPI3REF: Extended Result Codes
+** KEYWORDS: {extended result code definitions}
+**
+** In its default configuration, SQLite API routines return one of 30 integer
+** [result codes]. However, experience has shown that many of
+** these result codes are too coarse-grained. They do not provide as
+** much information about problems as programmers might like. In an effort to
+** address this, newer versions of SQLite (version 3.3.8 and later) include
+** support for additional result codes that provide more detailed information
+** about errors. These [extended result codes] are enabled or disabled
+** on a per database connection basis using the
+** [sqlite3_extended_result_codes()] API. Or, the extended code for
+** the most recent error can be obtained using
+** [sqlite3_extended_errcode()].
+*/
+#define SQLITE_IOERR_READ (SQLITE_IOERR | (1<<8))
+#define SQLITE_IOERR_SHORT_READ (SQLITE_IOERR | (2<<8))
+#define SQLITE_IOERR_WRITE (SQLITE_IOERR | (3<<8))
+#define SQLITE_IOERR_FSYNC (SQLITE_IOERR | (4<<8))
+#define SQLITE_IOERR_DIR_FSYNC (SQLITE_IOERR | (5<<8))
+#define SQLITE_IOERR_TRUNCATE (SQLITE_IOERR | (6<<8))
+#define SQLITE_IOERR_FSTAT (SQLITE_IOERR | (7<<8))
+#define SQLITE_IOERR_UNLOCK (SQLITE_IOERR | (8<<8))
+#define SQLITE_IOERR_RDLOCK (SQLITE_IOERR | (9<<8))
+#define SQLITE_IOERR_DELETE (SQLITE_IOERR | (10<<8))
+#define SQLITE_IOERR_BLOCKED (SQLITE_IOERR | (11<<8))
+#define SQLITE_IOERR_NOMEM (SQLITE_IOERR | (12<<8))
+#define SQLITE_IOERR_ACCESS (SQLITE_IOERR | (13<<8))
+#define SQLITE_IOERR_CHECKRESERVEDLOCK (SQLITE_IOERR | (14<<8))
+#define SQLITE_IOERR_LOCK (SQLITE_IOERR | (15<<8))
+#define SQLITE_IOERR_CLOSE (SQLITE_IOERR | (16<<8))
+#define SQLITE_IOERR_DIR_CLOSE (SQLITE_IOERR | (17<<8))
+#define SQLITE_IOERR_SHMOPEN (SQLITE_IOERR | (18<<8))
+#define SQLITE_IOERR_SHMSIZE (SQLITE_IOERR | (19<<8))
+#define SQLITE_IOERR_SHMLOCK (SQLITE_IOERR | (20<<8))
+#define SQLITE_IOERR_SHMMAP (SQLITE_IOERR | (21<<8))
+#define SQLITE_IOERR_SEEK (SQLITE_IOERR | (22<<8))
+#define SQLITE_IOERR_DELETE_NOENT (SQLITE_IOERR | (23<<8))
+#define SQLITE_IOERR_MMAP (SQLITE_IOERR | (24<<8))
+#define SQLITE_IOERR_GETTEMPPATH (SQLITE_IOERR | (25<<8))
+#define SQLITE_IOERR_CONVPATH (SQLITE_IOERR | (26<<8))
+#define SQLITE_IOERR_VNODE (SQLITE_IOERR | (27<<8))
+#define SQLITE_IOERR_AUTH (SQLITE_IOERR | (28<<8))
+#define SQLITE_LOCKED_SHAREDCACHE (SQLITE_LOCKED | (1<<8))
+#define SQLITE_BUSY_RECOVERY (SQLITE_BUSY | (1<<8))
+#define SQLITE_BUSY_SNAPSHOT (SQLITE_BUSY | (2<<8))
+#define SQLITE_CANTOPEN_NOTEMPDIR (SQLITE_CANTOPEN | (1<<8))
+#define SQLITE_CANTOPEN_ISDIR (SQLITE_CANTOPEN | (2<<8))
+#define SQLITE_CANTOPEN_FULLPATH (SQLITE_CANTOPEN | (3<<8))
+#define SQLITE_CANTOPEN_CONVPATH (SQLITE_CANTOPEN | (4<<8))
+#define SQLITE_CORRUPT_VTAB (SQLITE_CORRUPT | (1<<8))
+#define SQLITE_READONLY_RECOVERY (SQLITE_READONLY | (1<<8))
+#define SQLITE_READONLY_CANTLOCK (SQLITE_READONLY | (2<<8))
+#define SQLITE_READONLY_ROLLBACK (SQLITE_READONLY | (3<<8))
+#define SQLITE_READONLY_DBMOVED (SQLITE_READONLY | (4<<8))
+#define SQLITE_ABORT_ROLLBACK (SQLITE_ABORT | (2<<8))
+#define SQLITE_CONSTRAINT_CHECK (SQLITE_CONSTRAINT | (1<<8))
+#define SQLITE_CONSTRAINT_COMMITHOOK (SQLITE_CONSTRAINT | (2<<8))
+#define SQLITE_CONSTRAINT_FOREIGNKEY (SQLITE_CONSTRAINT | (3<<8))
+#define SQLITE_CONSTRAINT_FUNCTION (SQLITE_CONSTRAINT | (4<<8))
+#define SQLITE_CONSTRAINT_NOTNULL (SQLITE_CONSTRAINT | (5<<8))
+#define SQLITE_CONSTRAINT_PRIMARYKEY (SQLITE_CONSTRAINT | (6<<8))
+#define SQLITE_CONSTRAINT_TRIGGER (SQLITE_CONSTRAINT | (7<<8))
+#define SQLITE_CONSTRAINT_UNIQUE (SQLITE_CONSTRAINT | (8<<8))
+#define SQLITE_CONSTRAINT_VTAB (SQLITE_CONSTRAINT | (9<<8))
+#define SQLITE_CONSTRAINT_ROWID (SQLITE_CONSTRAINT |(10<<8))
+#define SQLITE_NOTICE_RECOVER_WAL (SQLITE_NOTICE | (1<<8))
+#define SQLITE_NOTICE_RECOVER_ROLLBACK (SQLITE_NOTICE | (2<<8))
+#define SQLITE_WARNING_AUTOINDEX (SQLITE_WARNING | (1<<8))
+#define SQLITE_AUTH_USER (SQLITE_AUTH | (1<<8))
+
+/*
+** CAPI3REF: Flags For File Open Operations
+**
+** These bit values are intended for use in the
+** 3rd parameter to the [sqlite3_open_v2()] interface and
+** in the 4th parameter to the [sqlite3_vfs.xOpen] method.
+*/
+#define SQLITE_OPEN_READONLY 0x00000001 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_READWRITE 0x00000002 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_CREATE 0x00000004 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_DELETEONCLOSE 0x00000008 /* VFS only */
+#define SQLITE_OPEN_EXCLUSIVE 0x00000010 /* VFS only */
+#define SQLITE_OPEN_AUTOPROXY 0x00000020 /* VFS only */
+#define SQLITE_OPEN_URI 0x00000040 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_MEMORY 0x00000080 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_MAIN_DB 0x00000100 /* VFS only */
+#define SQLITE_OPEN_TEMP_DB 0x00000200 /* VFS only */
+#define SQLITE_OPEN_TRANSIENT_DB 0x00000400 /* VFS only */
+#define SQLITE_OPEN_MAIN_JOURNAL 0x00000800 /* VFS only */
+#define SQLITE_OPEN_TEMP_JOURNAL 0x00001000 /* VFS only */
+#define SQLITE_OPEN_SUBJOURNAL 0x00002000 /* VFS only */
+#define SQLITE_OPEN_MASTER_JOURNAL 0x00004000 /* VFS only */
+#define SQLITE_OPEN_NOMUTEX 0x00008000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_FULLMUTEX 0x00010000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_SHAREDCACHE 0x00020000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_PRIVATECACHE 0x00040000 /* Ok for sqlite3_open_v2() */
+#define SQLITE_OPEN_WAL 0x00080000 /* VFS only */
+
+/* Reserved: 0x00F00000 */
+
+/*
+** CAPI3REF: Device Characteristics
+**
+** The xDeviceCharacteristics method of the [sqlite3_io_methods]
+** object returns an integer which is a vector of these
+** bit values expressing I/O characteristics of the mass storage
+** device that holds the file that the [sqlite3_io_methods]
+** refers to.
+**
+** The SQLITE_IOCAP_ATOMIC property means that all writes of
+** any size are atomic. The SQLITE_IOCAP_ATOMICnnn values
+** mean that writes of blocks that are nnn bytes in size and
+** are aligned to an address which is an integer multiple of
+** nnn are atomic. The SQLITE_IOCAP_SAFE_APPEND value means
+** that when data is appended to a file, the data is appended
+** first then the size of the file is extended, never the other
+** way around. The SQLITE_IOCAP_SEQUENTIAL property means that
+** information is written to disk in the same order as calls
+** to xWrite(). The SQLITE_IOCAP_POWERSAFE_OVERWRITE property means that
+** after reboot following a crash or power loss, the only bytes in a
+** file that were written at the application level might have changed
+** and that adjacent bytes, even bytes within the same sector are
+** guaranteed to be unchanged. The SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN
+** flag indicate that a file cannot be deleted when open. The
+** SQLITE_IOCAP_IMMUTABLE flag indicates that the file is on
+** read-only media and cannot be changed even by processes with
+** elevated privileges.
+*/
+#define SQLITE_IOCAP_ATOMIC 0x00000001
+#define SQLITE_IOCAP_ATOMIC512 0x00000002
+#define SQLITE_IOCAP_ATOMIC1K 0x00000004
+#define SQLITE_IOCAP_ATOMIC2K 0x00000008
+#define SQLITE_IOCAP_ATOMIC4K 0x00000010
+#define SQLITE_IOCAP_ATOMIC8K 0x00000020
+#define SQLITE_IOCAP_ATOMIC16K 0x00000040
+#define SQLITE_IOCAP_ATOMIC32K 0x00000080
+#define SQLITE_IOCAP_ATOMIC64K 0x00000100
+#define SQLITE_IOCAP_SAFE_APPEND 0x00000200
+#define SQLITE_IOCAP_SEQUENTIAL 0x00000400
+#define SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN 0x00000800
+#define SQLITE_IOCAP_POWERSAFE_OVERWRITE 0x00001000
+#define SQLITE_IOCAP_IMMUTABLE 0x00002000
+
+/*
+** CAPI3REF: File Locking Levels
+**
+** SQLite uses one of these integer values as the second
+** argument to calls it makes to the xLock() and xUnlock() methods
+** of an [sqlite3_io_methods] object.
+*/
+#define SQLITE_LOCK_NONE 0
+#define SQLITE_LOCK_SHARED 1
+#define SQLITE_LOCK_RESERVED 2
+#define SQLITE_LOCK_PENDING 3
+#define SQLITE_LOCK_EXCLUSIVE 4
+
+/*
+** CAPI3REF: Synchronization Type Flags
+**
+** When SQLite invokes the xSync() method of an
+** [sqlite3_io_methods] object it uses a combination of
+** these integer values as the second argument.
+**
+** When the SQLITE_SYNC_DATAONLY flag is used, it means that the
+** sync operation only needs to flush data to mass storage. Inode
+** information need not be flushed. If the lower four bits of the flag
+** equal SQLITE_SYNC_NORMAL, that means to use normal fsync() semantics.
+** If the lower four bits equal SQLITE_SYNC_FULL, that means
+** to use Mac OS X style fullsync instead of fsync().
+**
+** Do not confuse the SQLITE_SYNC_NORMAL and SQLITE_SYNC_FULL flags
+** with the [PRAGMA synchronous]=NORMAL and [PRAGMA synchronous]=FULL
+** settings. The [synchronous pragma] determines when calls to the
+** xSync VFS method occur and applies uniformly across all platforms.
+** The SQLITE_SYNC_NORMAL and SQLITE_SYNC_FULL flags determine how
+** energetic or rigorous or forceful the sync operations are and
+** only make a difference on Mac OSX for the default SQLite code.
+** (Third-party VFS implementations might also make the distinction
+** between SQLITE_SYNC_NORMAL and SQLITE_SYNC_FULL, but among the
+** operating systems natively supported by SQLite, only Mac OSX
+** cares about the difference.)
+*/
+#define SQLITE_SYNC_NORMAL 0x00002
+#define SQLITE_SYNC_FULL 0x00003
+#define SQLITE_SYNC_DATAONLY 0x00010
+
+/*
+** CAPI3REF: OS Interface Open File Handle
+**
+** An [sqlite3_file] object represents an open file in the
+** [sqlite3_vfs | OS interface layer]. Individual OS interface
+** implementations will
+** want to subclass this object by appending additional fields
+** for their own use. The pMethods entry is a pointer to an
+** [sqlite3_io_methods] object that defines methods for performing
+** I/O operations on the open file.
+*/
+typedef struct sqlite3_file sqlite3_file;
+struct sqlite3_file {
+ const struct sqlite3_io_methods *pMethods; /* Methods for an open file */
+};
+
+/*
+** CAPI3REF: OS Interface File Virtual Methods Object
+**
+** Every file opened by the [sqlite3_vfs.xOpen] method populates an
+** [sqlite3_file] object (or, more commonly, a subclass of the
+** [sqlite3_file] object) with a pointer to an instance of this object.
+** This object defines the methods used to perform various operations
+** against the open file represented by the [sqlite3_file] object.
+**
+** If the [sqlite3_vfs.xOpen] method sets the sqlite3_file.pMethods element
+** to a non-NULL pointer, then the sqlite3_io_methods.xClose method
+** may be invoked even if the [sqlite3_vfs.xOpen] reported that it failed. The
+** only way to prevent a call to xClose following a failed [sqlite3_vfs.xOpen]
+** is for the [sqlite3_vfs.xOpen] to set the sqlite3_file.pMethods element
+** to NULL.
+**
+** The flags argument to xSync may be one of [SQLITE_SYNC_NORMAL] or
+** [SQLITE_SYNC_FULL]. The first choice is the normal fsync().
+** The second choice is a Mac OS X style fullsync. The [SQLITE_SYNC_DATAONLY]
+** flag may be ORed in to indicate that only the data of the file
+** and not its inode needs to be synced.
+**
+** The integer values to xLock() and xUnlock() are one of
+** <ul>
+** <li> [SQLITE_LOCK_NONE],
+** <li> [SQLITE_LOCK_SHARED],
+** <li> [SQLITE_LOCK_RESERVED],
+** <li> [SQLITE_LOCK_PENDING], or
+** <li> [SQLITE_LOCK_EXCLUSIVE].
+** </ul>
+** xLock() increases the lock. xUnlock() decreases the lock.
+** The xCheckReservedLock() method checks whether any database connection,
+** either in this process or in some other process, is holding a RESERVED,
+** PENDING, or EXCLUSIVE lock on the file. It returns true
+** if such a lock exists and false otherwise.
+**
+** The xFileControl() method is a generic interface that allows custom
+** VFS implementations to directly control an open file using the
+** [sqlite3_file_control()] interface. The second "op" argument is an
+** integer opcode. The third argument is a generic pointer intended to
+** point to a structure that may contain arguments or space in which to
+** write return values. Potential uses for xFileControl() might be
+** functions to enable blocking locks with timeouts, to change the
+** locking strategy (for example to use dot-file locks), to inquire
+** about the status of a lock, or to break stale locks. The SQLite
+** core reserves all opcodes less than 100 for its own use.
+** A [file control opcodes | list of opcodes] less than 100 is available.
+** Applications that define a custom xFileControl method should use opcodes
+** greater than 100 to avoid conflicts. VFS implementations should
+** return [SQLITE_NOTFOUND] for file control opcodes that they do not
+** recognize.
+**
+** The xSectorSize() method returns the sector size of the
+** device that underlies the file. The sector size is the
+** minimum write that can be performed without disturbing
+** other bytes in the file. The xDeviceCharacteristics()
+** method returns a bit vector describing behaviors of the
+** underlying device:
+**
+** <ul>
+** <li> [SQLITE_IOCAP_ATOMIC]
+** <li> [SQLITE_IOCAP_ATOMIC512]
+** <li> [SQLITE_IOCAP_ATOMIC1K]
+** <li> [SQLITE_IOCAP_ATOMIC2K]
+** <li> [SQLITE_IOCAP_ATOMIC4K]
+** <li> [SQLITE_IOCAP_ATOMIC8K]
+** <li> [SQLITE_IOCAP_ATOMIC16K]
+** <li> [SQLITE_IOCAP_ATOMIC32K]
+** <li> [SQLITE_IOCAP_ATOMIC64K]
+** <li> [SQLITE_IOCAP_SAFE_APPEND]
+** <li> [SQLITE_IOCAP_SEQUENTIAL]
+** </ul>
+**
+** The SQLITE_IOCAP_ATOMIC property means that all writes of
+** any size are atomic. The SQLITE_IOCAP_ATOMICnnn values
+** mean that writes of blocks that are nnn bytes in size and
+** are aligned to an address which is an integer multiple of
+** nnn are atomic. The SQLITE_IOCAP_SAFE_APPEND value means
+** that when data is appended to a file, the data is appended
+** first then the size of the file is extended, never the other
+** way around. The SQLITE_IOCAP_SEQUENTIAL property means that
+** information is written to disk in the same order as calls
+** to xWrite().
+**
+** If xRead() returns SQLITE_IOERR_SHORT_READ it must also fill
+** in the unread portions of the buffer with zeros. A VFS that
+** fails to zero-fill short reads might seem to work. However,
+** failure to zero-fill short reads will eventually lead to
+** database corruption.
+*/
+typedef struct sqlite3_io_methods sqlite3_io_methods;
+struct sqlite3_io_methods {
+ int iVersion;
+ int (*xClose)(sqlite3_file*);
+ int (*xRead)(sqlite3_file*, void*, int iAmt, sqlite3_int64 iOfst);
+ int (*xWrite)(sqlite3_file*, const void*, int iAmt, sqlite3_int64 iOfst);
+ int (*xTruncate)(sqlite3_file*, sqlite3_int64 size);
+ int (*xSync)(sqlite3_file*, int flags);
+ int (*xFileSize)(sqlite3_file*, sqlite3_int64 *pSize);
+ int (*xLock)(sqlite3_file*, int);
+ int (*xUnlock)(sqlite3_file*, int);
+ int (*xCheckReservedLock)(sqlite3_file*, int *pResOut);
+ int (*xFileControl)(sqlite3_file*, int op, void *pArg);
+ int (*xSectorSize)(sqlite3_file*);
+ int (*xDeviceCharacteristics)(sqlite3_file*);
+ /* Methods above are valid for version 1 */
+ int (*xShmMap)(sqlite3_file*, int iPg, int pgsz, int, void volatile**);
+ int (*xShmLock)(sqlite3_file*, int offset, int n, int flags);
+ void (*xShmBarrier)(sqlite3_file*);
+ int (*xShmUnmap)(sqlite3_file*, int deleteFlag);
+ /* Methods above are valid for version 2 */
+ int (*xFetch)(sqlite3_file*, sqlite3_int64 iOfst, int iAmt, void **pp);
+ int (*xUnfetch)(sqlite3_file*, sqlite3_int64 iOfst, void *p);
+ /* Methods above are valid for version 3 */
+ /* Additional methods may be added in future releases */
+};
+
+/*
+** CAPI3REF: Standard File Control Opcodes
+** KEYWORDS: {file control opcodes} {file control opcode}
+**
+** These integer constants are opcodes for the xFileControl method
+** of the [sqlite3_io_methods] object and for the [sqlite3_file_control()]
+** interface.
+**
+** <ul>
+** <li>[[SQLITE_FCNTL_LOCKSTATE]]
+** The [SQLITE_FCNTL_LOCKSTATE] opcode is used for debugging. This
+** opcode causes the xFileControl method to write the current state of
+** the lock (one of [SQLITE_LOCK_NONE], [SQLITE_LOCK_SHARED],
+** [SQLITE_LOCK_RESERVED], [SQLITE_LOCK_PENDING], or [SQLITE_LOCK_EXCLUSIVE])
+** into an integer that the pArg argument points to. This capability
+** is used during testing and is only available when the SQLITE_TEST
+** compile-time option is used.
+**
+** <li>[[SQLITE_FCNTL_SIZE_HINT]]
+** The [SQLITE_FCNTL_SIZE_HINT] opcode is used by SQLite to give the VFS
+** layer a hint of how large the database file will grow to be during the
+** current transaction. This hint is not guaranteed to be accurate but it
+** is often close. The underlying VFS might choose to preallocate database
+** file space based on this hint in order to help writes to the database
+** file run faster.
+**
+** <li>[[SQLITE_FCNTL_CHUNK_SIZE]]
+** The [SQLITE_FCNTL_CHUNK_SIZE] opcode is used to request that the VFS
+** extends and truncates the database file in chunks of a size specified
+** by the user. The fourth argument to [sqlite3_file_control()] should
+** point to an integer (type int) containing the new chunk-size to use
+** for the nominated database. Allocating database file space in large
+** chunks (say 1MB at a time), may reduce file-system fragmentation and
+** improve performance on some systems.
+**
+** <li>[[SQLITE_FCNTL_FILE_POINTER]]
+** The [SQLITE_FCNTL_FILE_POINTER] opcode is used to obtain a pointer
+** to the [sqlite3_file] object associated with a particular database
+** connection. See also [SQLITE_FCNTL_JOURNAL_POINTER].
+**
+** <li>[[SQLITE_FCNTL_JOURNAL_POINTER]]
+** The [SQLITE_FCNTL_JOURNAL_POINTER] opcode is used to obtain a pointer
+** to the [sqlite3_file] object associated with the journal file (either
+** the [rollback journal] or the [write-ahead log]) for a particular database
+** connection. See also [SQLITE_FCNTL_FILE_POINTER].
+**
+** <li>[[SQLITE_FCNTL_SYNC_OMITTED]]
+** No longer in use.
+**
+** <li>[[SQLITE_FCNTL_SYNC]]
+** The [SQLITE_FCNTL_SYNC] opcode is generated internally by SQLite and
+** sent to the VFS immediately before the xSync method is invoked on a
+** database file descriptor. Or, if the xSync method is not invoked
+** because the user has configured SQLite with
+** [PRAGMA synchronous | PRAGMA synchronous=OFF] it is invoked in place
+** of the xSync method. In most cases, the pointer argument passed with
+** this file-control is NULL. However, if the database file is being synced
+** as part of a multi-database commit, the argument points to a nul-terminated
+** string containing the transactions master-journal file name. VFSes that
+** do not need this signal should silently ignore this opcode. Applications
+** should not call [sqlite3_file_control()] with this opcode as doing so may
+** disrupt the operation of the specialized VFSes that do require it.
+**
+** <li>[[SQLITE_FCNTL_COMMIT_PHASETWO]]
+** The [SQLITE_FCNTL_COMMIT_PHASETWO] opcode is generated internally by SQLite
+** and sent to the VFS after a transaction has been committed immediately
+** but before the database is unlocked. VFSes that do not need this signal
+** should silently ignore this opcode. Applications should not call
+** [sqlite3_file_control()] with this opcode as doing so may disrupt the
+** operation of the specialized VFSes that do require it.
+**
+** <li>[[SQLITE_FCNTL_WIN32_AV_RETRY]]
+** ^The [SQLITE_FCNTL_WIN32_AV_RETRY] opcode is used to configure automatic
+** retry counts and intervals for certain disk I/O operations for the
+** windows [VFS] in order to provide robustness in the presence of
+** anti-virus programs. By default, the windows VFS will retry file read,
+** file write, and file delete operations up to 10 times, with a delay
+** of 25 milliseconds before the first retry and with the delay increasing
+** by an additional 25 milliseconds with each subsequent retry. This
+** opcode allows these two values (10 retries and 25 milliseconds of delay)
+** to be adjusted. The values are changed for all database connections
+** within the same process. The argument is a pointer to an array of two
+** integers where the first integer i the new retry count and the second
+** integer is the delay. If either integer is negative, then the setting
+** is not changed but instead the prior value of that setting is written
+** into the array entry, allowing the current retry settings to be
+** interrogated. The zDbName parameter is ignored.
+**
+** <li>[[SQLITE_FCNTL_PERSIST_WAL]]
+** ^The [SQLITE_FCNTL_PERSIST_WAL] opcode is used to set or query the
+** persistent [WAL | Write Ahead Log] setting. By default, the auxiliary
+** write ahead log and shared memory files used for transaction control
+** are automatically deleted when the latest connection to the database
+** closes. Setting persistent WAL mode causes those files to persist after
+** close. Persisting the files is useful when other processes that do not
+** have write permission on the directory containing the database file want
+** to read the database file, as the WAL and shared memory files must exist
+** in order for the database to be readable. The fourth parameter to
+** [sqlite3_file_control()] for this opcode should be a pointer to an integer.
+** That integer is 0 to disable persistent WAL mode or 1 to enable persistent
+** WAL mode. If the integer is -1, then it is overwritten with the current
+** WAL persistence setting.
+**
+** <li>[[SQLITE_FCNTL_POWERSAFE_OVERWRITE]]
+** ^The [SQLITE_FCNTL_POWERSAFE_OVERWRITE] opcode is used to set or query the
+** persistent "powersafe-overwrite" or "PSOW" setting. The PSOW setting
+** determines the [SQLITE_IOCAP_POWERSAFE_OVERWRITE] bit of the
+** xDeviceCharacteristics methods. The fourth parameter to
+** [sqlite3_file_control()] for this opcode should be a pointer to an integer.
+** That integer is 0 to disable zero-damage mode or 1 to enable zero-damage
+** mode. If the integer is -1, then it is overwritten with the current
+** zero-damage mode setting.
+**
+** <li>[[SQLITE_FCNTL_OVERWRITE]]
+** ^The [SQLITE_FCNTL_OVERWRITE] opcode is invoked by SQLite after opening
+** a write transaction to indicate that, unless it is rolled back for some
+** reason, the entire database file will be overwritten by the current
+** transaction. This is used by VACUUM operations.
+**
+** <li>[[SQLITE_FCNTL_VFSNAME]]
+** ^The [SQLITE_FCNTL_VFSNAME] opcode can be used to obtain the names of
+** all [VFSes] in the VFS stack. The names are of all VFS shims and the
+** final bottom-level VFS are written into memory obtained from
+** [sqlite3_malloc()] and the result is stored in the char* variable
+** that the fourth parameter of [sqlite3_file_control()] points to.
+** The caller is responsible for freeing the memory when done. As with
+** all file-control actions, there is no guarantee that this will actually
+** do anything. Callers should initialize the char* variable to a NULL
+** pointer in case this file-control is not implemented. This file-control
+** is intended for diagnostic use only.
+**
+** <li>[[SQLITE_FCNTL_VFS_POINTER]]
+** ^The [SQLITE_FCNTL_VFS_POINTER] opcode finds a pointer to the top-level
+** [VFSes] currently in use. ^(The argument X in
+** sqlite3_file_control(db,SQLITE_FCNTL_VFS_POINTER,X) must be
+** of type "[sqlite3_vfs] **". This opcodes will set *X
+** to a pointer to the top-level VFS.)^
+** ^When there are multiple VFS shims in the stack, this opcode finds the
+** upper-most shim only.
+**
+** <li>[[SQLITE_FCNTL_PRAGMA]]
+** ^Whenever a [PRAGMA] statement is parsed, an [SQLITE_FCNTL_PRAGMA]
+** file control is sent to the open [sqlite3_file] object corresponding
+** to the database file to which the pragma statement refers. ^The argument
+** to the [SQLITE_FCNTL_PRAGMA] file control is an array of
+** pointers to strings (char**) in which the second element of the array
+** is the name of the pragma and the third element is the argument to the
+** pragma or NULL if the pragma has no argument. ^The handler for an
+** [SQLITE_FCNTL_PRAGMA] file control can optionally make the first element
+** of the char** argument point to a string obtained from [sqlite3_mprintf()]
+** or the equivalent and that string will become the result of the pragma or
+** the error message if the pragma fails. ^If the
+** [SQLITE_FCNTL_PRAGMA] file control returns [SQLITE_NOTFOUND], then normal
+** [PRAGMA] processing continues. ^If the [SQLITE_FCNTL_PRAGMA]
+** file control returns [SQLITE_OK], then the parser assumes that the
+** VFS has handled the PRAGMA itself and the parser generates a no-op
+** prepared statement if result string is NULL, or that returns a copy
+** of the result string if the string is non-NULL.
+** ^If the [SQLITE_FCNTL_PRAGMA] file control returns
+** any result code other than [SQLITE_OK] or [SQLITE_NOTFOUND], that means
+** that the VFS encountered an error while handling the [PRAGMA] and the
+** compilation of the PRAGMA fails with an error. ^The [SQLITE_FCNTL_PRAGMA]
+** file control occurs at the beginning of pragma statement analysis and so
+** it is able to override built-in [PRAGMA] statements.
+**
+** <li>[[SQLITE_FCNTL_BUSYHANDLER]]
+** ^The [SQLITE_FCNTL_BUSYHANDLER]
+** file-control may be invoked by SQLite on the database file handle
+** shortly after it is opened in order to provide a custom VFS with access
+** to the connections busy-handler callback. The argument is of type (void **)
+** - an array of two (void *) values. The first (void *) actually points
+** to a function of type (int (*)(void *)). In order to invoke the connections
+** busy-handler, this function should be invoked with the second (void *) in
+** the array as the only argument. If it returns non-zero, then the operation
+** should be retried. If it returns zero, the custom VFS should abandon the
+** current operation.
+**
+** <li>[[SQLITE_FCNTL_TEMPFILENAME]]
+** ^Application can invoke the [SQLITE_FCNTL_TEMPFILENAME] file-control
+** to have SQLite generate a
+** temporary filename using the same algorithm that is followed to generate
+** temporary filenames for TEMP tables and other internal uses. The
+** argument should be a char** which will be filled with the filename
+** written into memory obtained from [sqlite3_malloc()]. The caller should
+** invoke [sqlite3_free()] on the result to avoid a memory leak.
+**
+** <li>[[SQLITE_FCNTL_MMAP_SIZE]]
+** The [SQLITE_FCNTL_MMAP_SIZE] file control is used to query or set the
+** maximum number of bytes that will be used for memory-mapped I/O.
+** The argument is a pointer to a value of type sqlite3_int64 that
+** is an advisory maximum number of bytes in the file to memory map. The
+** pointer is overwritten with the old value. The limit is not changed if
+** the value originally pointed to is negative, and so the current limit
+** can be queried by passing in a pointer to a negative number. This
+** file-control is used internally to implement [PRAGMA mmap_size].
+**
+** <li>[[SQLITE_FCNTL_TRACE]]
+** The [SQLITE_FCNTL_TRACE] file control provides advisory information
+** to the VFS about what the higher layers of the SQLite stack are doing.
+** This file control is used by some VFS activity tracing [shims].
+** The argument is a zero-terminated string. Higher layers in the
+** SQLite stack may generate instances of this file control if
+** the [SQLITE_USE_FCNTL_TRACE] compile-time option is enabled.
+**
+** <li>[[SQLITE_FCNTL_HAS_MOVED]]
+** The [SQLITE_FCNTL_HAS_MOVED] file control interprets its argument as a
+** pointer to an integer and it writes a boolean into that integer depending
+** on whether or not the file has been renamed, moved, or deleted since it
+** was first opened.
+**
+** <li>[[SQLITE_FCNTL_WIN32_SET_HANDLE]]
+** The [SQLITE_FCNTL_WIN32_SET_HANDLE] opcode is used for debugging. This
+** opcode causes the xFileControl method to swap the file handle with the one
+** pointed to by the pArg argument. This capability is used during testing
+** and only needs to be supported when SQLITE_TEST is defined.
+**
+** <li>[[SQLITE_FCNTL_WAL_BLOCK]]
+** The [SQLITE_FCNTL_WAL_BLOCK] is a signal to the VFS layer that it might
+** be advantageous to block on the next WAL lock if the lock is not immediately
+** available. The WAL subsystem issues this signal during rare
+** circumstances in order to fix a problem with priority inversion.
+** Applications should <em>not</em> use this file-control.
+**
+** <li>[[SQLITE_FCNTL_ZIPVFS]]
+** The [SQLITE_FCNTL_ZIPVFS] opcode is implemented by zipvfs only. All other
+** VFS should return SQLITE_NOTFOUND for this opcode.
+**
+** <li>[[SQLITE_FCNTL_RBU]]
+** The [SQLITE_FCNTL_RBU] opcode is implemented by the special VFS used by
+** the RBU extension only. All other VFS should return SQLITE_NOTFOUND for
+** this opcode.
+** </ul>
+*/
+#define SQLITE_FCNTL_LOCKSTATE 1
+#define SQLITE_FCNTL_GET_LOCKPROXYFILE 2
+#define SQLITE_FCNTL_SET_LOCKPROXYFILE 3
+#define SQLITE_FCNTL_LAST_ERRNO 4
+#define SQLITE_FCNTL_SIZE_HINT 5
+#define SQLITE_FCNTL_CHUNK_SIZE 6
+#define SQLITE_FCNTL_FILE_POINTER 7
+#define SQLITE_FCNTL_SYNC_OMITTED 8
+#define SQLITE_FCNTL_WIN32_AV_RETRY 9
+#define SQLITE_FCNTL_PERSIST_WAL 10
+#define SQLITE_FCNTL_OVERWRITE 11
+#define SQLITE_FCNTL_VFSNAME 12
+#define SQLITE_FCNTL_POWERSAFE_OVERWRITE 13
+#define SQLITE_FCNTL_PRAGMA 14
+#define SQLITE_FCNTL_BUSYHANDLER 15
+#define SQLITE_FCNTL_TEMPFILENAME 16
+#define SQLITE_FCNTL_MMAP_SIZE 18
+#define SQLITE_FCNTL_TRACE 19
+#define SQLITE_FCNTL_HAS_MOVED 20
+#define SQLITE_FCNTL_SYNC 21
+#define SQLITE_FCNTL_COMMIT_PHASETWO 22
+#define SQLITE_FCNTL_WIN32_SET_HANDLE 23
+#define SQLITE_FCNTL_WAL_BLOCK 24
+#define SQLITE_FCNTL_ZIPVFS 25
+#define SQLITE_FCNTL_RBU 26
+#define SQLITE_FCNTL_VFS_POINTER 27
+#define SQLITE_FCNTL_JOURNAL_POINTER 28
+
+/* deprecated names */
+#define SQLITE_GET_LOCKPROXYFILE SQLITE_FCNTL_GET_LOCKPROXYFILE
+#define SQLITE_SET_LOCKPROXYFILE SQLITE_FCNTL_SET_LOCKPROXYFILE
+#define SQLITE_LAST_ERRNO SQLITE_FCNTL_LAST_ERRNO
+
+
+/*
+** CAPI3REF: Mutex Handle
+**
+** The mutex module within SQLite defines [sqlite3_mutex] to be an
+** abstract type for a mutex object. The SQLite core never looks
+** at the internal representation of an [sqlite3_mutex]. It only
+** deals with pointers to the [sqlite3_mutex] object.
+**
+** Mutexes are created using [sqlite3_mutex_alloc()].
+*/
+typedef struct sqlite3_mutex sqlite3_mutex;
+
+/*
+** CAPI3REF: OS Interface Object
+**
+** An instance of the sqlite3_vfs object defines the interface between
+** the SQLite core and the underlying operating system. The "vfs"
+** in the name of the object stands for "virtual file system". See
+** the [VFS | VFS documentation] for further information.
+**
+** The value of the iVersion field is initially 1 but may be larger in
+** future versions of SQLite. Additional fields may be appended to this
+** object when the iVersion value is increased. Note that the structure
+** of the sqlite3_vfs object changes in the transaction between
+** SQLite version 3.5.9 and 3.6.0 and yet the iVersion field was not
+** modified.
+**
+** The szOsFile field is the size of the subclassed [sqlite3_file]
+** structure used by this VFS. mxPathname is the maximum length of
+** a pathname in this VFS.
+**
+** Registered sqlite3_vfs objects are kept on a linked list formed by
+** the pNext pointer. The [sqlite3_vfs_register()]
+** and [sqlite3_vfs_unregister()] interfaces manage this list
+** in a thread-safe way. The [sqlite3_vfs_find()] interface
+** searches the list. Neither the application code nor the VFS
+** implementation should use the pNext pointer.
+**
+** The pNext field is the only field in the sqlite3_vfs
+** structure that SQLite will ever modify. SQLite will only access
+** or modify this field while holding a particular static mutex.
+** The application should never modify anything within the sqlite3_vfs
+** object once the object has been registered.
+**
+** The zName field holds the name of the VFS module. The name must
+** be unique across all VFS modules.
+**
+** [[sqlite3_vfs.xOpen]]
+** ^SQLite guarantees that the zFilename parameter to xOpen
+** is either a NULL pointer or string obtained
+** from xFullPathname() with an optional suffix added.
+** ^If a suffix is added to the zFilename parameter, it will
+** consist of a single "-" character followed by no more than
+** 11 alphanumeric and/or "-" characters.
+** ^SQLite further guarantees that
+** the string will be valid and unchanged until xClose() is
+** called. Because of the previous sentence,
+** the [sqlite3_file] can safely store a pointer to the
+** filename if it needs to remember the filename for some reason.
+** If the zFilename parameter to xOpen is a NULL pointer then xOpen
+** must invent its own temporary name for the file. ^Whenever the
+** xFilename parameter is NULL it will also be the case that the
+** flags parameter will include [SQLITE_OPEN_DELETEONCLOSE].
+**
+** The flags argument to xOpen() includes all bits set in
+** the flags argument to [sqlite3_open_v2()]. Or if [sqlite3_open()]
+** or [sqlite3_open16()] is used, then flags includes at least
+** [SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE].
+** If xOpen() opens a file read-only then it sets *pOutFlags to
+** include [SQLITE_OPEN_READONLY]. Other bits in *pOutFlags may be set.
+**
+** ^(SQLite will also add one of the following flags to the xOpen()
+** call, depending on the object being opened:
+**
+** <ul>
+** <li> [SQLITE_OPEN_MAIN_DB]
+** <li> [SQLITE_OPEN_MAIN_JOURNAL]
+** <li> [SQLITE_OPEN_TEMP_DB]
+** <li> [SQLITE_OPEN_TEMP_JOURNAL]
+** <li> [SQLITE_OPEN_TRANSIENT_DB]
+** <li> [SQLITE_OPEN_SUBJOURNAL]
+** <li> [SQLITE_OPEN_MASTER_JOURNAL]
+** <li> [SQLITE_OPEN_WAL]
+** </ul>)^
+**
+** The file I/O implementation can use the object type flags to
+** change the way it deals with files. For example, an application
+** that does not care about crash recovery or rollback might make
+** the open of a journal file a no-op. Writes to this journal would
+** also be no-ops, and any attempt to read the journal would return
+** SQLITE_IOERR. Or the implementation might recognize that a database
+** file will be doing page-aligned sector reads and writes in a random
+** order and set up its I/O subsystem accordingly.
+**
+** SQLite might also add one of the following flags to the xOpen method:
+**
+** <ul>
+** <li> [SQLITE_OPEN_DELETEONCLOSE]
+** <li> [SQLITE_OPEN_EXCLUSIVE]
+** </ul>
+**
+** The [SQLITE_OPEN_DELETEONCLOSE] flag means the file should be
+** deleted when it is closed. ^The [SQLITE_OPEN_DELETEONCLOSE]
+** will be set for TEMP databases and their journals, transient
+** databases, and subjournals.
+**
+** ^The [SQLITE_OPEN_EXCLUSIVE] flag is always used in conjunction
+** with the [SQLITE_OPEN_CREATE] flag, which are both directly
+** analogous to the O_EXCL and O_CREAT flags of the POSIX open()
+** API. The SQLITE_OPEN_EXCLUSIVE flag, when paired with the
+** SQLITE_OPEN_CREATE, is used to indicate that file should always
+** be created, and that it is an error if it already exists.
+** It is <i>not</i> used to indicate the file should be opened
+** for exclusive access.
+**
+** ^At least szOsFile bytes of memory are allocated by SQLite
+** to hold the [sqlite3_file] structure passed as the third
+** argument to xOpen. The xOpen method does not have to
+** allocate the structure; it should just fill it in. Note that
+** the xOpen method must set the sqlite3_file.pMethods to either
+** a valid [sqlite3_io_methods] object or to NULL. xOpen must do
+** this even if the open fails. SQLite expects that the sqlite3_file.pMethods
+** element will be valid after xOpen returns regardless of the success
+** or failure of the xOpen call.
+**
+** [[sqlite3_vfs.xAccess]]
+** ^The flags argument to xAccess() may be [SQLITE_ACCESS_EXISTS]
+** to test for the existence of a file, or [SQLITE_ACCESS_READWRITE] to
+** test whether a file is readable and writable, or [SQLITE_ACCESS_READ]
+** to test whether a file is at least readable. The file can be a
+** directory.
+**
+** ^SQLite will always allocate at least mxPathname+1 bytes for the
+** output buffer xFullPathname. The exact size of the output buffer
+** is also passed as a parameter to both methods. If the output buffer
+** is not large enough, [SQLITE_CANTOPEN] should be returned. Since this is
+** handled as a fatal error by SQLite, vfs implementations should endeavor
+** to prevent this by setting mxPathname to a sufficiently large value.
+**
+** The xRandomness(), xSleep(), xCurrentTime(), and xCurrentTimeInt64()
+** interfaces are not strictly a part of the filesystem, but they are
+** included in the VFS structure for completeness.
+** The xRandomness() function attempts to return nBytes bytes
+** of good-quality randomness into zOut. The return value is
+** the actual number of bytes of randomness obtained.
+** The xSleep() method causes the calling thread to sleep for at
+** least the number of microseconds given. ^The xCurrentTime()
+** method returns a Julian Day Number for the current date and time as
+** a floating point value.
+** ^The xCurrentTimeInt64() method returns, as an integer, the Julian
+** Day Number multiplied by 86400000 (the number of milliseconds in
+** a 24-hour day).
+** ^SQLite will use the xCurrentTimeInt64() method to get the current
+** date and time if that method is available (if iVersion is 2 or
+** greater and the function pointer is not NULL) and will fall back
+** to xCurrentTime() if xCurrentTimeInt64() is unavailable.
+**
+** ^The xSetSystemCall(), xGetSystemCall(), and xNestSystemCall() interfaces
+** are not used by the SQLite core. These optional interfaces are provided
+** by some VFSes to facilitate testing of the VFS code. By overriding
+** system calls with functions under its control, a test program can
+** simulate faults and error conditions that would otherwise be difficult
+** or impossible to induce. The set of system calls that can be overridden
+** varies from one VFS to another, and from one version of the same VFS to the
+** next. Applications that use these interfaces must be prepared for any
+** or all of these interfaces to be NULL or for their behavior to change
+** from one release to the next. Applications must not attempt to access
+** any of these methods if the iVersion of the VFS is less than 3.
+*/
+typedef struct sqlite3_vfs sqlite3_vfs;
+typedef void (*sqlite3_syscall_ptr)(void);
+struct sqlite3_vfs {
+ int iVersion; /* Structure version number (currently 3) */
+ int szOsFile; /* Size of subclassed sqlite3_file */
+ int mxPathname; /* Maximum file pathname length */
+ sqlite3_vfs *pNext; /* Next registered VFS */
+ const char *zName; /* Name of this virtual file system */
+ void *pAppData; /* Pointer to application-specific data */
+ int (*xOpen)(sqlite3_vfs*, const char *zName, sqlite3_file*,
+ int flags, int *pOutFlags);
+ int (*xDelete)(sqlite3_vfs*, const char *zName, int syncDir);
+ int (*xAccess)(sqlite3_vfs*, const char *zName, int flags, int *pResOut);
+ int (*xFullPathname)(sqlite3_vfs*, const char *zName, int nOut, char *zOut);
+ void *(*xDlOpen)(sqlite3_vfs*, const char *zFilename);
+ void (*xDlError)(sqlite3_vfs*, int nByte, char *zErrMsg);
+ void (*(*xDlSym)(sqlite3_vfs*,void*, const char *zSymbol))(void);
+ void (*xDlClose)(sqlite3_vfs*, void*);
+ int (*xRandomness)(sqlite3_vfs*, int nByte, char *zOut);
+ int (*xSleep)(sqlite3_vfs*, int microseconds);
+ int (*xCurrentTime)(sqlite3_vfs*, double*);
+ int (*xGetLastError)(sqlite3_vfs*, int, char *);
+ /*
+ ** The methods above are in version 1 of the sqlite_vfs object
+ ** definition. Those that follow are added in version 2 or later
+ */
+ int (*xCurrentTimeInt64)(sqlite3_vfs*, sqlite3_int64*);
+ /*
+ ** The methods above are in versions 1 and 2 of the sqlite_vfs object.
+ ** Those below are for version 3 and greater.
+ */
+ int (*xSetSystemCall)(sqlite3_vfs*, const char *zName, sqlite3_syscall_ptr);
+ sqlite3_syscall_ptr (*xGetSystemCall)(sqlite3_vfs*, const char *zName);
+ const char *(*xNextSystemCall)(sqlite3_vfs*, const char *zName);
+ /*
+ ** The methods above are in versions 1 through 3 of the sqlite_vfs object.
+ ** New fields may be appended in figure versions. The iVersion
+ ** value will increment whenever this happens.
+ */
+};
+
+/*
+** CAPI3REF: Flags for the xAccess VFS method
+**
+** These integer constants can be used as the third parameter to
+** the xAccess method of an [sqlite3_vfs] object. They determine
+** what kind of permissions the xAccess method is looking for.
+** With SQLITE_ACCESS_EXISTS, the xAccess method
+** simply checks whether the file exists.
+** With SQLITE_ACCESS_READWRITE, the xAccess method
+** checks whether the named directory is both readable and writable
+** (in other words, if files can be added, removed, and renamed within
+** the directory).
+** The SQLITE_ACCESS_READWRITE constant is currently used only by the
+** [temp_store_directory pragma], though this could change in a future
+** release of SQLite.
+** With SQLITE_ACCESS_READ, the xAccess method
+** checks whether the file is readable. The SQLITE_ACCESS_READ constant is
+** currently unused, though it might be used in a future release of
+** SQLite.
+*/
+#define SQLITE_ACCESS_EXISTS 0
+#define SQLITE_ACCESS_READWRITE 1 /* Used by PRAGMA temp_store_directory */
+#define SQLITE_ACCESS_READ 2 /* Unused */
+
+/*
+** CAPI3REF: Flags for the xShmLock VFS method
+**
+** These integer constants define the various locking operations
+** allowed by the xShmLock method of [sqlite3_io_methods]. The
+** following are the only legal combinations of flags to the
+** xShmLock method:
+**
+** <ul>
+** <li> SQLITE_SHM_LOCK | SQLITE_SHM_SHARED
+** <li> SQLITE_SHM_LOCK | SQLITE_SHM_EXCLUSIVE
+** <li> SQLITE_SHM_UNLOCK | SQLITE_SHM_SHARED
+** <li> SQLITE_SHM_UNLOCK | SQLITE_SHM_EXCLUSIVE
+** </ul>
+**
+** When unlocking, the same SHARED or EXCLUSIVE flag must be supplied as
+** was given on the corresponding lock.
+**
+** The xShmLock method can transition between unlocked and SHARED or
+** between unlocked and EXCLUSIVE. It cannot transition between SHARED
+** and EXCLUSIVE.
+*/
+#define SQLITE_SHM_UNLOCK 1
+#define SQLITE_SHM_LOCK 2
+#define SQLITE_SHM_SHARED 4
+#define SQLITE_SHM_EXCLUSIVE 8
+
+/*
+** CAPI3REF: Maximum xShmLock index
+**
+** The xShmLock method on [sqlite3_io_methods] may use values
+** between 0 and this upper bound as its "offset" argument.
+** The SQLite core will never attempt to acquire or release a
+** lock outside of this range
+*/
+#define SQLITE_SHM_NLOCK 8
+
+
+/*
+** CAPI3REF: Initialize The SQLite Library
+**
+** ^The sqlite3_initialize() routine initializes the
+** SQLite library. ^The sqlite3_shutdown() routine
+** deallocates any resources that were allocated by sqlite3_initialize().
+** These routines are designed to aid in process initialization and
+** shutdown on embedded systems. Workstation applications using
+** SQLite normally do not need to invoke either of these routines.
+**
+** A call to sqlite3_initialize() is an "effective" call if it is
+** the first time sqlite3_initialize() is invoked during the lifetime of
+** the process, or if it is the first time sqlite3_initialize() is invoked
+** following a call to sqlite3_shutdown(). ^(Only an effective call
+** of sqlite3_initialize() does any initialization. All other calls
+** are harmless no-ops.)^
+**
+** A call to sqlite3_shutdown() is an "effective" call if it is the first
+** call to sqlite3_shutdown() since the last sqlite3_initialize(). ^(Only
+** an effective call to sqlite3_shutdown() does any deinitialization.
+** All other valid calls to sqlite3_shutdown() are harmless no-ops.)^
+**
+** The sqlite3_initialize() interface is threadsafe, but sqlite3_shutdown()
+** is not. The sqlite3_shutdown() interface must only be called from a
+** single thread. All open [database connections] must be closed and all
+** other SQLite resources must be deallocated prior to invoking
+** sqlite3_shutdown().
+**
+** Among other things, ^sqlite3_initialize() will invoke
+** sqlite3_os_init(). Similarly, ^sqlite3_shutdown()
+** will invoke sqlite3_os_end().
+**
+** ^The sqlite3_initialize() routine returns [SQLITE_OK] on success.
+** ^If for some reason, sqlite3_initialize() is unable to initialize
+** the library (perhaps it is unable to allocate a needed resource such
+** as a mutex) it returns an [error code] other than [SQLITE_OK].
+**
+** ^The sqlite3_initialize() routine is called internally by many other
+** SQLite interfaces so that an application usually does not need to
+** invoke sqlite3_initialize() directly. For example, [sqlite3_open()]
+** calls sqlite3_initialize() so the SQLite library will be automatically
+** initialized when [sqlite3_open()] is called if it has not be initialized
+** already. ^However, if SQLite is compiled with the [SQLITE_OMIT_AUTOINIT]
+** compile-time option, then the automatic calls to sqlite3_initialize()
+** are omitted and the application must call sqlite3_initialize() directly
+** prior to using any other SQLite interface. For maximum portability,
+** it is recommended that applications always invoke sqlite3_initialize()
+** directly prior to using any other SQLite interface. Future releases
+** of SQLite may require this. In other words, the behavior exhibited
+** when SQLite is compiled with [SQLITE_OMIT_AUTOINIT] might become the
+** default behavior in some future release of SQLite.
+**
+** The sqlite3_os_init() routine does operating-system specific
+** initialization of the SQLite library. The sqlite3_os_end()
+** routine undoes the effect of sqlite3_os_init(). Typical tasks
+** performed by these routines include allocation or deallocation
+** of static resources, initialization of global variables,
+** setting up a default [sqlite3_vfs] module, or setting up
+** a default configuration using [sqlite3_config()].
+**
+** The application should never invoke either sqlite3_os_init()
+** or sqlite3_os_end() directly. The application should only invoke
+** sqlite3_initialize() and sqlite3_shutdown(). The sqlite3_os_init()
+** interface is called automatically by sqlite3_initialize() and
+** sqlite3_os_end() is called by sqlite3_shutdown(). Appropriate
+** implementations for sqlite3_os_init() and sqlite3_os_end()
+** are built into SQLite when it is compiled for Unix, Windows, or OS/2.
+** When [custom builds | built for other platforms]
+** (using the [SQLITE_OS_OTHER=1] compile-time
+** option) the application must supply a suitable implementation for
+** sqlite3_os_init() and sqlite3_os_end(). An application-supplied
+** implementation of sqlite3_os_init() or sqlite3_os_end()
+** must return [SQLITE_OK] on success and some other [error code] upon
+** failure.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_initialize(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_shutdown(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_os_init(void);
+SQLITE_API int SQLITE_STDCALL sqlite3_os_end(void);
+
+/*
+** CAPI3REF: Configuring The SQLite Library
+**
+** The sqlite3_config() interface is used to make global configuration
+** changes to SQLite in order to tune SQLite to the specific needs of
+** the application. The default configuration is recommended for most
+** applications and so this routine is usually not necessary. It is
+** provided to support rare applications with unusual needs.
+**
+** <b>The sqlite3_config() interface is not threadsafe. The application
+** must ensure that no other SQLite interfaces are invoked by other
+** threads while sqlite3_config() is running.</b>
+**
+** The sqlite3_config() interface
+** may only be invoked prior to library initialization using
+** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()].
+** ^If sqlite3_config() is called after [sqlite3_initialize()] and before
+** [sqlite3_shutdown()] then it will return SQLITE_MISUSE.
+** Note, however, that ^sqlite3_config() can be called as part of the
+** implementation of an application-defined [sqlite3_os_init()].
+**
+** The first argument to sqlite3_config() is an integer
+** [configuration option] that determines
+** what property of SQLite is to be configured. Subsequent arguments
+** vary depending on the [configuration option]
+** in the first argument.
+**
+** ^When a configuration option is set, sqlite3_config() returns [SQLITE_OK].
+** ^If the option is unknown or SQLite is unable to set the option
+** then this routine returns a non-zero [error code].
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_config(int, ...);
+
+/*
+** CAPI3REF: Configure database connections
+** METHOD: sqlite3
+**
+** The sqlite3_db_config() interface is used to make configuration
+** changes to a [database connection]. The interface is similar to
+** [sqlite3_config()] except that the changes apply to a single
+** [database connection] (specified in the first argument).
+**
+** The second argument to sqlite3_db_config(D,V,...) is the
+** [SQLITE_DBCONFIG_LOOKASIDE | configuration verb] - an integer code
+** that indicates what aspect of the [database connection] is being configured.
+** Subsequent arguments vary depending on the configuration verb.
+**
+** ^Calls to sqlite3_db_config() return SQLITE_OK if and only if
+** the call is considered successful.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_db_config(sqlite3*, int op, ...);
+
+/*
+** CAPI3REF: Memory Allocation Routines
+**
+** An instance of this object defines the interface between SQLite
+** and low-level memory allocation routines.
+**
+** This object is used in only one place in the SQLite interface.
+** A pointer to an instance of this object is the argument to
+** [sqlite3_config()] when the configuration option is
+** [SQLITE_CONFIG_MALLOC] or [SQLITE_CONFIG_GETMALLOC].
+** By creating an instance of this object
+** and passing it to [sqlite3_config]([SQLITE_CONFIG_MALLOC])
+** during configuration, an application can specify an alternative
+** memory allocation subsystem for SQLite to use for all of its
+** dynamic memory needs.
+**
+** Note that SQLite comes with several [built-in memory allocators]
+** that are perfectly adequate for the overwhelming majority of applications
+** and that this object is only useful to a tiny minority of applications
+** with specialized memory allocation requirements. This object is
+** also used during testing of SQLite in order to specify an alternative
+** memory allocator that simulates memory out-of-memory conditions in
+** order to verify that SQLite recovers gracefully from such
+** conditions.
+**
+** The xMalloc, xRealloc, and xFree methods must work like the
+** malloc(), realloc() and free() functions from the standard C library.
+** ^SQLite guarantees that the second argument to
+** xRealloc is always a value returned by a prior call to xRoundup.
+**
+** xSize should return the allocated size of a memory allocation
+** previously obtained from xMalloc or xRealloc. The allocated size
+** is always at least as big as the requested size but may be larger.
+**
+** The xRoundup method returns what would be the allocated size of
+** a memory allocation given a particular requested size. Most memory
+** allocators round up memory allocations at least to the next multiple
+** of 8. Some allocators round up to a larger multiple or to a power of 2.
+** Every memory allocation request coming in through [sqlite3_malloc()]
+** or [sqlite3_realloc()] first calls xRoundup. If xRoundup returns 0,
+** that causes the corresponding memory allocation to fail.
+**
+** The xInit method initializes the memory allocator. For example,
+** it might allocate any require mutexes or initialize internal data
+** structures. The xShutdown method is invoked (indirectly) by
+** [sqlite3_shutdown()] and should deallocate any resources acquired
+** by xInit. The pAppData pointer is used as the only parameter to
+** xInit and xShutdown.
+**
+** SQLite holds the [SQLITE_MUTEX_STATIC_MASTER] mutex when it invokes
+** the xInit method, so the xInit method need not be threadsafe. The
+** xShutdown method is only called from [sqlite3_shutdown()] so it does
+** not need to be threadsafe either. For all other methods, SQLite
+** holds the [SQLITE_MUTEX_STATIC_MEM] mutex as long as the
+** [SQLITE_CONFIG_MEMSTATUS] configuration option is turned on (which
+** it is by default) and so the methods are automatically serialized.
+** However, if [SQLITE_CONFIG_MEMSTATUS] is disabled, then the other
+** methods must be threadsafe or else make their own arrangements for
+** serialization.
+**
+** SQLite will never invoke xInit() more than once without an intervening
+** call to xShutdown().
+*/
+typedef struct sqlite3_mem_methods sqlite3_mem_methods;
+struct sqlite3_mem_methods {
+ void *(*xMalloc)(int); /* Memory allocation function */
+ void (*xFree)(void*); /* Free a prior allocation */
+ void *(*xRealloc)(void*,int); /* Resize an allocation */
+ int (*xSize)(void*); /* Return the size of an allocation */
+ int (*xRoundup)(int); /* Round up request size to allocation size */
+ int (*xInit)(void*); /* Initialize the memory allocator */
+ void (*xShutdown)(void*); /* Deinitialize the memory allocator */
+ void *pAppData; /* Argument to xInit() and xShutdown() */
+};
+
+/*
+** CAPI3REF: Configuration Options
+** KEYWORDS: {configuration option}
+**
+** These constants are the available integer configuration options that
+** can be passed as the first argument to the [sqlite3_config()] interface.
+**
+** New configuration options may be added in future releases of SQLite.
+** Existing configuration options might be discontinued. Applications
+** should check the return code from [sqlite3_config()] to make sure that
+** the call worked. The [sqlite3_config()] interface will return a
+** non-zero [error code] if a discontinued or unsupported configuration option
+** is invoked.
+**
+** <dl>
+** [[SQLITE_CONFIG_SINGLETHREAD]] <dt>SQLITE_CONFIG_SINGLETHREAD</dt>
+** <dd>There are no arguments to this option. ^This option sets the
+** [threading mode] to Single-thread. In other words, it disables
+** all mutexing and puts SQLite into a mode where it can only be used
+** by a single thread. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** it is not possible to change the [threading mode] from its default
+** value of Single-thread and so [sqlite3_config()] will return
+** [SQLITE_ERROR] if called with the SQLITE_CONFIG_SINGLETHREAD
+** configuration option.</dd>
+**
+** [[SQLITE_CONFIG_MULTITHREAD]] <dt>SQLITE_CONFIG_MULTITHREAD</dt>
+** <dd>There are no arguments to this option. ^This option sets the
+** [threading mode] to Multi-thread. In other words, it disables
+** mutexing on [database connection] and [prepared statement] objects.
+** The application is responsible for serializing access to
+** [database connections] and [prepared statements]. But other mutexes
+** are enabled so that SQLite will be safe to use in a multi-threaded
+** environment as long as no two threads attempt to use the same
+** [database connection] at the same time. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** it is not possible to set the Multi-thread [threading mode] and
+** [sqlite3_config()] will return [SQLITE_ERROR] if called with the
+** SQLITE_CONFIG_MULTITHREAD configuration option.</dd>
+**
+** [[SQLITE_CONFIG_SERIALIZED]] <dt>SQLITE_CONFIG_SERIALIZED</dt>
+** <dd>There are no arguments to this option. ^This option sets the
+** [threading mode] to Serialized. In other words, this option enables
+** all mutexes including the recursive
+** mutexes on [database connection] and [prepared statement] objects.
+** In this mode (which is the default when SQLite is compiled with
+** [SQLITE_THREADSAFE=1]) the SQLite library will itself serialize access
+** to [database connections] and [prepared statements] so that the
+** application is free to use the same [database connection] or the
+** same [prepared statement] in different threads at the same time.
+** ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** it is not possible to set the Serialized [threading mode] and
+** [sqlite3_config()] will return [SQLITE_ERROR] if called with the
+** SQLITE_CONFIG_SERIALIZED configuration option.</dd>
+**
+** [[SQLITE_CONFIG_MALLOC]] <dt>SQLITE_CONFIG_MALLOC</dt>
+** <dd> ^(The SQLITE_CONFIG_MALLOC option takes a single argument which is
+** a pointer to an instance of the [sqlite3_mem_methods] structure.
+** The argument specifies
+** alternative low-level memory allocation routines to be used in place of
+** the memory allocation routines built into SQLite.)^ ^SQLite makes
+** its own private copy of the content of the [sqlite3_mem_methods] structure
+** before the [sqlite3_config()] call returns.</dd>
+**
+** [[SQLITE_CONFIG_GETMALLOC]] <dt>SQLITE_CONFIG_GETMALLOC</dt>
+** <dd> ^(The SQLITE_CONFIG_GETMALLOC option takes a single argument which
+** is a pointer to an instance of the [sqlite3_mem_methods] structure.
+** The [sqlite3_mem_methods]
+** structure is filled with the currently defined memory allocation routines.)^
+** This option can be used to overload the default memory allocation
+** routines with a wrapper that simulations memory allocation failure or
+** tracks memory usage, for example. </dd>
+**
+** [[SQLITE_CONFIG_MEMSTATUS]] <dt>SQLITE_CONFIG_MEMSTATUS</dt>
+** <dd> ^The SQLITE_CONFIG_MEMSTATUS option takes single argument of type int,
+** interpreted as a boolean, which enables or disables the collection of
+** memory allocation statistics. ^(When memory allocation statistics are
+** disabled, the following SQLite interfaces become non-operational:
+** <ul>
+** <li> [sqlite3_memory_used()]
+** <li> [sqlite3_memory_highwater()]
+** <li> [sqlite3_soft_heap_limit64()]
+** <li> [sqlite3_status64()]
+** </ul>)^
+** ^Memory allocation statistics are enabled by default unless SQLite is
+** compiled with [SQLITE_DEFAULT_MEMSTATUS]=0 in which case memory
+** allocation statistics are disabled by default.
+** </dd>
+**
+** [[SQLITE_CONFIG_SCRATCH]] <dt>SQLITE_CONFIG_SCRATCH</dt>
+** <dd> ^The SQLITE_CONFIG_SCRATCH option specifies a static memory buffer
+** that SQLite can use for scratch memory. ^(There are three arguments
+** to SQLITE_CONFIG_SCRATCH: A pointer an 8-byte
+** aligned memory buffer from which the scratch allocations will be
+** drawn, the size of each scratch allocation (sz),
+** and the maximum number of scratch allocations (N).)^
+** The first argument must be a pointer to an 8-byte aligned buffer
+** of at least sz*N bytes of memory.
+** ^SQLite will not use more than one scratch buffers per thread.
+** ^SQLite will never request a scratch buffer that is more than 6
+** times the database page size.
+** ^If SQLite needs needs additional
+** scratch memory beyond what is provided by this configuration option, then
+** [sqlite3_malloc()] will be used to obtain the memory needed.<p>
+** ^When the application provides any amount of scratch memory using
+** SQLITE_CONFIG_SCRATCH, SQLite avoids unnecessary large
+** [sqlite3_malloc|heap allocations].
+** This can help [Robson proof|prevent memory allocation failures] due to heap
+** fragmentation in low-memory embedded systems.
+** </dd>
+**
+** [[SQLITE_CONFIG_PAGECACHE]] <dt>SQLITE_CONFIG_PAGECACHE</dt>
+** <dd> ^The SQLITE_CONFIG_PAGECACHE option specifies a memory pool
+** that SQLite can use for the database page cache with the default page
+** cache implementation.
+** This configuration option is a no-op if an application-define page
+** cache implementation is loaded using the [SQLITE_CONFIG_PCACHE2].
+** ^There are three arguments to SQLITE_CONFIG_PAGECACHE: A pointer to
+** 8-byte aligned memory (pMem), the size of each page cache line (sz),
+** and the number of cache lines (N).
+** The sz argument should be the size of the largest database page
+** (a power of two between 512 and 65536) plus some extra bytes for each
+** page header. ^The number of extra bytes needed by the page header
+** can be determined using [SQLITE_CONFIG_PCACHE_HDRSZ].
+** ^It is harmless, apart from the wasted memory,
+** for the sz parameter to be larger than necessary. The pMem
+** argument must be either a NULL pointer or a pointer to an 8-byte
+** aligned block of memory of at least sz*N bytes, otherwise
+** subsequent behavior is undefined.
+** ^When pMem is not NULL, SQLite will strive to use the memory provided
+** to satisfy page cache needs, falling back to [sqlite3_malloc()] if
+** a page cache line is larger than sz bytes or if all of the pMem buffer
+** is exhausted.
+** ^If pMem is NULL and N is non-zero, then each database connection
+** does an initial bulk allocation for page cache memory
+** from [sqlite3_malloc()] sufficient for N cache lines if N is positive or
+** of -1024*N bytes if N is negative, . ^If additional
+** page cache memory is needed beyond what is provided by the initial
+** allocation, then SQLite goes to [sqlite3_malloc()] separately for each
+** additional cache line. </dd>
+**
+** [[SQLITE_CONFIG_HEAP]] <dt>SQLITE_CONFIG_HEAP</dt>
+** <dd> ^The SQLITE_CONFIG_HEAP option specifies a static memory buffer
+** that SQLite will use for all of its dynamic memory allocation needs
+** beyond those provided for by [SQLITE_CONFIG_SCRATCH] and
+** [SQLITE_CONFIG_PAGECACHE].
+** ^The SQLITE_CONFIG_HEAP option is only available if SQLite is compiled
+** with either [SQLITE_ENABLE_MEMSYS3] or [SQLITE_ENABLE_MEMSYS5] and returns
+** [SQLITE_ERROR] if invoked otherwise.
+** ^There are three arguments to SQLITE_CONFIG_HEAP:
+** An 8-byte aligned pointer to the memory,
+** the number of bytes in the memory buffer, and the minimum allocation size.
+** ^If the first pointer (the memory pointer) is NULL, then SQLite reverts
+** to using its default memory allocator (the system malloc() implementation),
+** undoing any prior invocation of [SQLITE_CONFIG_MALLOC]. ^If the
+** memory pointer is not NULL then the alternative memory
+** allocator is engaged to handle all of SQLites memory allocation needs.
+** The first pointer (the memory pointer) must be aligned to an 8-byte
+** boundary or subsequent behavior of SQLite will be undefined.
+** The minimum allocation size is capped at 2**12. Reasonable values
+** for the minimum allocation size are 2**5 through 2**8.</dd>
+**
+** [[SQLITE_CONFIG_MUTEX]] <dt>SQLITE_CONFIG_MUTEX</dt>
+** <dd> ^(The SQLITE_CONFIG_MUTEX option takes a single argument which is a
+** pointer to an instance of the [sqlite3_mutex_methods] structure.
+** The argument specifies alternative low-level mutex routines to be used
+** in place the mutex routines built into SQLite.)^ ^SQLite makes a copy of
+** the content of the [sqlite3_mutex_methods] structure before the call to
+** [sqlite3_config()] returns. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** the entire mutexing subsystem is omitted from the build and hence calls to
+** [sqlite3_config()] with the SQLITE_CONFIG_MUTEX configuration option will
+** return [SQLITE_ERROR].</dd>
+**
+** [[SQLITE_CONFIG_GETMUTEX]] <dt>SQLITE_CONFIG_GETMUTEX</dt>
+** <dd> ^(The SQLITE_CONFIG_GETMUTEX option takes a single argument which
+** is a pointer to an instance of the [sqlite3_mutex_methods] structure. The
+** [sqlite3_mutex_methods]
+** structure is filled with the currently defined mutex routines.)^
+** This option can be used to overload the default mutex allocation
+** routines with a wrapper used to track mutex usage for performance
+** profiling or testing, for example. ^If SQLite is compiled with
+** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
+** the entire mutexing subsystem is omitted from the build and hence calls to
+** [sqlite3_config()] with the SQLITE_CONFIG_GETMUTEX configuration option will
+** return [SQLITE_ERROR].</dd>
+**
+** [[SQLITE_CONFIG_LOOKASIDE]] <dt>SQLITE_CONFIG_LOOKASIDE</dt>
+** <dd> ^(The SQLITE_CONFIG_LOOKASIDE option takes two arguments that determine
+** the default size of lookaside memory on each [database connection].
+** The first argument is the
+** size of each lookaside buffer slot and the second is the number of
+** slots allocated to each database connection.)^ ^(SQLITE_CONFIG_LOOKASIDE
+** sets the <i>default</i> lookaside size. The [SQLITE_DBCONFIG_LOOKASIDE]
+** option to [sqlite3_db_config()] can be used to change the lookaside
+** configuration on individual connections.)^ </dd>
+**
+** [[SQLITE_CONFIG_PCACHE2]] <dt>SQLITE_CONFIG_PCACHE2</dt>
+** <dd> ^(The SQLITE_CONFIG_PCACHE2 option takes a single argument which is
+** a pointer to an [sqlite3_pcache_methods2] object. This object specifies
+** the interface to a custom page cache implementation.)^
+** ^SQLite makes a copy of the [sqlite3_pcache_methods2] object.</dd>
+**
+** [[SQLITE_CONFIG_GETPCACHE2]] <dt>SQLITE_CONFIG_GETPCACHE2</dt>
+** <dd> ^(The SQLITE_CONFIG_GETPCACHE2 option takes a single argument which
+** is a pointer to an [sqlite3_pcache_methods2] object. SQLite copies of
+** the current page cache implementation into that object.)^ </dd>
+**
+** [[SQLITE_CONFIG_LOG]] <dt>SQLITE_CONFIG_LOG</dt>
+** <dd> The SQLITE_CONFIG_LOG option is used to configure the SQLite
+** global [error log].
+** (^The SQLITE_CONFIG_LOG option takes two arguments: a pointer to a
+** function with a call signature of void(*)(void*,int,const char*),
+** and a pointer to void. ^If the function pointer is not NULL, it is
+** invoked by [sqlite3_log()] to process each logging event. ^If the
+** function pointer is NULL, the [sqlite3_log()] interface becomes a no-op.
+** ^The void pointer that is the second argument to SQLITE_CONFIG_LOG is
+** passed through as the first parameter to the application-defined logger
+** function whenever that function is invoked. ^The second parameter to
+** the logger function is a copy of the first parameter to the corresponding
+** [sqlite3_log()] call and is intended to be a [result code] or an
+** [extended result code]. ^The third parameter passed to the logger is
+** log message after formatting via [sqlite3_snprintf()].
+** The SQLite logging interface is not reentrant; the logger function
+** supplied by the application must not invoke any SQLite interface.
+** In a multi-threaded application, the application-defined logger
+** function must be threadsafe. </dd>
+**
+** [[SQLITE_CONFIG_URI]] <dt>SQLITE_CONFIG_URI
+** <dd>^(The SQLITE_CONFIG_URI option takes a single argument of type int.
+** If non-zero, then URI handling is globally enabled. If the parameter is zero,
+** then URI handling is globally disabled.)^ ^If URI handling is globally
+** enabled, all filenames passed to [sqlite3_open()], [sqlite3_open_v2()],
+** [sqlite3_open16()] or
+** specified as part of [ATTACH] commands are interpreted as URIs, regardless
+** of whether or not the [SQLITE_OPEN_URI] flag is set when the database
+** connection is opened. ^If it is globally disabled, filenames are
+** only interpreted as URIs if the SQLITE_OPEN_URI flag is set when the
+** database connection is opened. ^(By default, URI handling is globally
+** disabled. The default value may be changed by compiling with the
+** [SQLITE_USE_URI] symbol defined.)^
+**
+** [[SQLITE_CONFIG_COVERING_INDEX_SCAN]] <dt>SQLITE_CONFIG_COVERING_INDEX_SCAN
+** <dd>^The SQLITE_CONFIG_COVERING_INDEX_SCAN option takes a single integer
+** argument which is interpreted as a boolean in order to enable or disable
+** the use of covering indices for full table scans in the query optimizer.
+** ^The default setting is determined
+** by the [SQLITE_ALLOW_COVERING_INDEX_SCAN] compile-time option, or is "on"
+** if that compile-time option is omitted.
+** The ability to disable the use of covering indices for full table scans
+** is because some incorrectly coded legacy applications might malfunction
+** when the optimization is enabled. Providing the ability to
+** disable the optimization allows the older, buggy application code to work
+** without change even with newer versions of SQLite.
+**
+** [[SQLITE_CONFIG_PCACHE]] [[SQLITE_CONFIG_GETPCACHE]]
+** <dt>SQLITE_CONFIG_PCACHE and SQLITE_CONFIG_GETPCACHE
+** <dd> These options are obsolete and should not be used by new code.
+** They are retained for backwards compatibility but are now no-ops.
+** </dd>
+**
+** [[SQLITE_CONFIG_SQLLOG]]
+** <dt>SQLITE_CONFIG_SQLLOG
+** <dd>This option is only available if sqlite is compiled with the
+** [SQLITE_ENABLE_SQLLOG] pre-processor macro defined. The first argument should
+** be a pointer to a function of type void(*)(void*,sqlite3*,const char*, int).
+** The second should be of type (void*). The callback is invoked by the library
+** in three separate circumstances, identified by the value passed as the
+** fourth parameter. If the fourth parameter is 0, then the database connection
+** passed as the second argument has just been opened. The third argument
+** points to a buffer containing the name of the main database file. If the
+** fourth parameter is 1, then the SQL statement that the third parameter
+** points to has just been executed. Or, if the fourth parameter is 2, then
+** the connection being passed as the second parameter is being closed. The
+** third parameter is passed NULL In this case. An example of using this
+** configuration option can be seen in the "test_sqllog.c" source file in
+** the canonical SQLite source tree.</dd>
+**
+** [[SQLITE_CONFIG_MMAP_SIZE]]
+** <dt>SQLITE_CONFIG_MMAP_SIZE
+** <dd>^SQLITE_CONFIG_MMAP_SIZE takes two 64-bit integer (sqlite3_int64) values
+** that are the default mmap size limit (the default setting for
+** [PRAGMA mmap_size]) and the maximum allowed mmap size limit.
+** ^The default setting can be overridden by each database connection using
+** either the [PRAGMA mmap_size] command, or by using the
+** [SQLITE_FCNTL_MMAP_SIZE] file control. ^(The maximum allowed mmap size
+** will be silently truncated if necessary so that it does not exceed the
+** compile-time maximum mmap size set by the
+** [SQLITE_MAX_MMAP_SIZE] compile-time option.)^
+** ^If either argument to this option is negative, then that argument is
+** changed to its compile-time default.
+**
+** [[SQLITE_CONFIG_WIN32_HEAPSIZE]]
+** <dt>SQLITE_CONFIG_WIN32_HEAPSIZE
+** <dd>^The SQLITE_CONFIG_WIN32_HEAPSIZE option is only available if SQLite is
+** compiled for Windows with the [SQLITE_WIN32_MALLOC] pre-processor macro
+** defined. ^SQLITE_CONFIG_WIN32_HEAPSIZE takes a 32-bit unsigned integer value
+** that specifies the maximum size of the created heap.
+**
+** [[SQLITE_CONFIG_PCACHE_HDRSZ]]
+** <dt>SQLITE_CONFIG_PCACHE_HDRSZ
+** <dd>^The SQLITE_CONFIG_PCACHE_HDRSZ option takes a single parameter which
+** is a pointer to an integer and writes into that integer the number of extra
+** bytes per page required for each page in [SQLITE_CONFIG_PAGECACHE].
+** The amount of extra space required can change depending on the compiler,
+** target platform, and SQLite version.
+**
+** [[SQLITE_CONFIG_PMASZ]]
+** <dt>SQLITE_CONFIG_PMASZ
+** <dd>^The SQLITE_CONFIG_PMASZ option takes a single parameter which
+** is an unsigned integer and sets the "Minimum PMA Size" for the multithreaded
+** sorter to that integer. The default minimum PMA Size is set by the
+** [SQLITE_SORTER_PMASZ] compile-time option. New threads are launched
+** to help with sort operations when multithreaded sorting
+** is enabled (using the [PRAGMA threads] command) and the amount of content
+** to be sorted exceeds the page size times the minimum of the
+** [PRAGMA cache_size] setting and this value.
+** </dl>
+*/
+#define SQLITE_CONFIG_SINGLETHREAD 1 /* nil */
+#define SQLITE_CONFIG_MULTITHREAD 2 /* nil */
+#define SQLITE_CONFIG_SERIALIZED 3 /* nil */
+#define SQLITE_CONFIG_MALLOC 4 /* sqlite3_mem_methods* */
+#define SQLITE_CONFIG_GETMALLOC 5 /* sqlite3_mem_methods* */
+#define SQLITE_CONFIG_SCRATCH 6 /* void*, int sz, int N */
+#define SQLITE_CONFIG_PAGECACHE 7 /* void*, int sz, int N */
+#define SQLITE_CONFIG_HEAP 8 /* void*, int nByte, int min */
+#define SQLITE_CONFIG_MEMSTATUS 9 /* boolean */
+#define SQLITE_CONFIG_MUTEX 10 /* sqlite3_mutex_methods* */
+#define SQLITE_CONFIG_GETMUTEX 11 /* sqlite3_mutex_methods* */
+/* previously SQLITE_CONFIG_CHUNKALLOC 12 which is now unused. */
+#define SQLITE_CONFIG_LOOKASIDE 13 /* int int */
+#define SQLITE_CONFIG_PCACHE 14 /* no-op */
+#define SQLITE_CONFIG_GETPCACHE 15 /* no-op */
+#define SQLITE_CONFIG_LOG 16 /* xFunc, void* */
+#define SQLITE_CONFIG_URI 17 /* int */
+#define SQLITE_CONFIG_PCACHE2 18 /* sqlite3_pcache_methods2* */
+#define SQLITE_CONFIG_GETPCACHE2 19 /* sqlite3_pcache_methods2* */
+#define SQLITE_CONFIG_COVERING_INDEX_SCAN 20 /* int */
+#define SQLITE_CONFIG_SQLLOG 21 /* xSqllog, void* */
+#define SQLITE_CONFIG_MMAP_SIZE 22 /* sqlite3_int64, sqlite3_int64 */
+#define SQLITE_CONFIG_WIN32_HEAPSIZE 23 /* int nByte */
+#define SQLITE_CONFIG_PCACHE_HDRSZ 24 /* int *psz */
+#define SQLITE_CONFIG_PMASZ 25 /* unsigned int szPma */
+
+/*
+** CAPI3REF: Database Connection Configuration Options
+**
+** These constants are the available integer configuration options that
+** can be passed as the second argument to the [sqlite3_db_config()] interface.
+**
+** New configuration options may be added in future releases of SQLite.
+** Existing configuration options might be discontinued. Applications
+** should check the return code from [sqlite3_db_config()] to make sure that
+** the call worked. ^The [sqlite3_db_config()] interface will return a
+** non-zero [error code] if a discontinued or unsupported configuration option
+** is invoked.
+**
+** <dl>
+** <dt>SQLITE_DBCONFIG_LOOKASIDE</dt>
+** <dd> ^This option takes three additional arguments that determine the
+** [lookaside memory allocator] configuration for the [database connection].
+** ^The first argument (the third parameter to [sqlite3_db_config()] is a
+** pointer to a memory buffer to use for lookaside memory.
+** ^The first argument after the SQLITE_DBCONFIG_LOOKASIDE verb
+** may be NULL in which case SQLite will allocate the
+** lookaside buffer itself using [sqlite3_malloc()]. ^The second argument is the
+** size of each lookaside buffer slot. ^The third argument is the number of
+** slots. The size of the buffer in the first argument must be greater than
+** or equal to the product of the second and third arguments. The buffer
+** must be aligned to an 8-byte boundary. ^If the second argument to
+** SQLITE_DBCONFIG_LOOKASIDE is not a multiple of 8, it is internally
+** rounded down to the next smaller multiple of 8. ^(The lookaside memory
+** configuration for a database connection can only be changed when that
+** connection is not currently using lookaside memory, or in other words
+** when the "current value" returned by
+** [sqlite3_db_status](D,[SQLITE_CONFIG_LOOKASIDE],...) is zero.
+** Any attempt to change the lookaside memory configuration when lookaside
+** memory is in use leaves the configuration unchanged and returns
+** [SQLITE_BUSY].)^</dd>
+**
+** <dt>SQLITE_DBCONFIG_ENABLE_FKEY</dt>
+** <dd> ^This option is used to enable or disable the enforcement of
+** [foreign key constraints]. There should be two additional arguments.
+** The first argument is an integer which is 0 to disable FK enforcement,
+** positive to enable FK enforcement or negative to leave FK enforcement
+** unchanged. The second parameter is a pointer to an integer into which
+** is written 0 or 1 to indicate whether FK enforcement is off or on
+** following this call. The second parameter may be a NULL pointer, in
+** which case the FK enforcement setting is not reported back. </dd>
+**
+** <dt>SQLITE_DBCONFIG_ENABLE_TRIGGER</dt>
+** <dd> ^This option is used to enable or disable [CREATE TRIGGER | triggers].
+** There should be two additional arguments.
+** The first argument is an integer which is 0 to disable triggers,
+** positive to enable triggers or negative to leave the setting unchanged.
+** The second parameter is a pointer to an integer into which
+** is written 0 or 1 to indicate whether triggers are disabled or enabled
+** following this call. The second parameter may be a NULL pointer, in
+** which case the trigger setting is not reported back. </dd>
+**
+** </dl>
+*/
+#define SQLITE_DBCONFIG_LOOKASIDE 1001 /* void* int int */
+#define SQLITE_DBCONFIG_ENABLE_FKEY 1002 /* int int* */
+#define SQLITE_DBCONFIG_ENABLE_TRIGGER 1003 /* int int* */
+
+
+/*
+** CAPI3REF: Enable Or Disable Extended Result Codes
+** METHOD: sqlite3
+**
+** ^The sqlite3_extended_result_codes() routine enables or disables the
+** [extended result codes] feature of SQLite. ^The extended result
+** codes are disabled by default for historical compatibility.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_extended_result_codes(sqlite3*, int onoff);
+
+/*
+** CAPI3REF: Last Insert Rowid
+** METHOD: sqlite3
+**
+** ^Each entry in most SQLite tables (except for [WITHOUT ROWID] tables)
+** has a unique 64-bit signed
+** integer key called the [ROWID | "rowid"]. ^The rowid is always available
+** as an undeclared column named ROWID, OID, or _ROWID_ as long as those
+** names are not also used by explicitly declared columns. ^If
+** the table has a column of type [INTEGER PRIMARY KEY] then that column
+** is another alias for the rowid.
+**
+** ^The sqlite3_last_insert_rowid(D) interface returns the [rowid] of the
+** most recent successful [INSERT] into a rowid table or [virtual table]
+** on database connection D.
+** ^Inserts into [WITHOUT ROWID] tables are not recorded.
+** ^If no successful [INSERT]s into rowid tables
+** have ever occurred on the database connection D,
+** then sqlite3_last_insert_rowid(D) returns zero.
+**
+** ^(If an [INSERT] occurs within a trigger or within a [virtual table]
+** method, then this routine will return the [rowid] of the inserted
+** row as long as the trigger or virtual table method is running.
+** But once the trigger or virtual table method ends, the value returned
+** by this routine reverts to what it was before the trigger or virtual
+** table method began.)^
+**
+** ^An [INSERT] that fails due to a constraint violation is not a
+** successful [INSERT] and does not change the value returned by this
+** routine. ^Thus INSERT OR FAIL, INSERT OR IGNORE, INSERT OR ROLLBACK,
+** and INSERT OR ABORT make no changes to the return value of this
+** routine when their insertion fails. ^(When INSERT OR REPLACE
+** encounters a constraint violation, it does not fail. The
+** INSERT continues to completion after deleting rows that caused
+** the constraint problem so INSERT OR REPLACE will always change
+** the return value of this interface.)^
+**
+** ^For the purposes of this routine, an [INSERT] is considered to
+** be successful even if it is subsequently rolled back.
+**
+** This function is accessible to SQL statements via the
+** [last_insert_rowid() SQL function].
+**
+** If a separate thread performs a new [INSERT] on the same
+** database connection while the [sqlite3_last_insert_rowid()]
+** function is running and thus changes the last insert [rowid],
+** then the value returned by [sqlite3_last_insert_rowid()] is
+** unpredictable and might not equal either the old or the new
+** last insert [rowid].
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_last_insert_rowid(sqlite3*);
+
+/*
+** CAPI3REF: Count The Number Of Rows Modified
+** METHOD: sqlite3
+**
+** ^This function returns the number of rows modified, inserted or
+** deleted by the most recently completed INSERT, UPDATE or DELETE
+** statement on the database connection specified by the only parameter.
+** ^Executing any other type of SQL statement does not modify the value
+** returned by this function.
+**
+** ^Only changes made directly by the INSERT, UPDATE or DELETE statement are
+** considered - auxiliary changes caused by [CREATE TRIGGER | triggers],
+** [foreign key actions] or [REPLACE] constraint resolution are not counted.
+**
+** Changes to a view that are intercepted by
+** [INSTEAD OF trigger | INSTEAD OF triggers] are not counted. ^The value
+** returned by sqlite3_changes() immediately after an INSERT, UPDATE or
+** DELETE statement run on a view is always zero. Only changes made to real
+** tables are counted.
+**
+** Things are more complicated if the sqlite3_changes() function is
+** executed while a trigger program is running. This may happen if the
+** program uses the [changes() SQL function], or if some other callback
+** function invokes sqlite3_changes() directly. Essentially:
+**
+** <ul>
+** <li> ^(Before entering a trigger program the value returned by
+** sqlite3_changes() function is saved. After the trigger program
+** has finished, the original value is restored.)^
+**
+** <li> ^(Within a trigger program each INSERT, UPDATE and DELETE
+** statement sets the value returned by sqlite3_changes()
+** upon completion as normal. Of course, this value will not include
+** any changes performed by sub-triggers, as the sqlite3_changes()
+** value will be saved and restored after each sub-trigger has run.)^
+** </ul>
+**
+** ^This means that if the changes() SQL function (or similar) is used
+** by the first INSERT, UPDATE or DELETE statement within a trigger, it
+** returns the value as set when the calling statement began executing.
+** ^If it is used by the second or subsequent such statement within a trigger
+** program, the value returned reflects the number of rows modified by the
+** previous INSERT, UPDATE or DELETE statement within the same trigger.
+**
+** See also the [sqlite3_total_changes()] interface, the
+** [count_changes pragma], and the [changes() SQL function].
+**
+** If a separate thread makes changes on the same database connection
+** while [sqlite3_changes()] is running then the value returned
+** is unpredictable and not meaningful.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_changes(sqlite3*);
+
+/*
+** CAPI3REF: Total Number Of Rows Modified
+** METHOD: sqlite3
+**
+** ^This function returns the total number of rows inserted, modified or
+** deleted by all [INSERT], [UPDATE] or [DELETE] statements completed
+** since the database connection was opened, including those executed as
+** part of trigger programs. ^Executing any other type of SQL statement
+** does not affect the value returned by sqlite3_total_changes().
+**
+** ^Changes made as part of [foreign key actions] are included in the
+** count, but those made as part of REPLACE constraint resolution are
+** not. ^Changes to a view that are intercepted by INSTEAD OF triggers
+** are not counted.
+**
+** See also the [sqlite3_changes()] interface, the
+** [count_changes pragma], and the [total_changes() SQL function].
+**
+** If a separate thread makes changes on the same database connection
+** while [sqlite3_total_changes()] is running then the value
+** returned is unpredictable and not meaningful.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_total_changes(sqlite3*);
+
+/*
+** CAPI3REF: Interrupt A Long-Running Query
+** METHOD: sqlite3
+**
+** ^This function causes any pending database operation to abort and
+** return at its earliest opportunity. This routine is typically
+** called in response to a user action such as pressing "Cancel"
+** or Ctrl-C where the user wants a long query operation to halt
+** immediately.
+**
+** ^It is safe to call this routine from a thread different from the
+** thread that is currently running the database operation. But it
+** is not safe to call this routine with a [database connection] that
+** is closed or might close before sqlite3_interrupt() returns.
+**
+** ^If an SQL operation is very nearly finished at the time when
+** sqlite3_interrupt() is called, then it might not have an opportunity
+** to be interrupted and might continue to completion.
+**
+** ^An SQL operation that is interrupted will return [SQLITE_INTERRUPT].
+** ^If the interrupted SQL operation is an INSERT, UPDATE, or DELETE
+** that is inside an explicit transaction, then the entire transaction
+** will be rolled back automatically.
+**
+** ^The sqlite3_interrupt(D) call is in effect until all currently running
+** SQL statements on [database connection] D complete. ^Any new SQL statements
+** that are started after the sqlite3_interrupt() call and before the
+** running statements reaches zero are interrupted as if they had been
+** running prior to the sqlite3_interrupt() call. ^New SQL statements
+** that are started after the running statement count reaches zero are
+** not effected by the sqlite3_interrupt().
+** ^A call to sqlite3_interrupt(D) that occurs when there are no running
+** SQL statements is a no-op and has no effect on SQL statements
+** that are started after the sqlite3_interrupt() call returns.
+**
+** If the database connection closes while [sqlite3_interrupt()]
+** is running then bad things will likely happen.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_interrupt(sqlite3*);
+
+/*
+** CAPI3REF: Determine If An SQL Statement Is Complete
+**
+** These routines are useful during command-line input to determine if the
+** currently entered text seems to form a complete SQL statement or
+** if additional input is needed before sending the text into
+** SQLite for parsing. ^These routines return 1 if the input string
+** appears to be a complete SQL statement. ^A statement is judged to be
+** complete if it ends with a semicolon token and is not a prefix of a
+** well-formed CREATE TRIGGER statement. ^Semicolons that are embedded within
+** string literals or quoted identifier names or comments are not
+** independent tokens (they are part of the token in which they are
+** embedded) and thus do not count as a statement terminator. ^Whitespace
+** and comments that follow the final semicolon are ignored.
+**
+** ^These routines return 0 if the statement is incomplete. ^If a
+** memory allocation fails, then SQLITE_NOMEM is returned.
+**
+** ^These routines do not parse the SQL statements thus
+** will not detect syntactically incorrect SQL.
+**
+** ^(If SQLite has not been initialized using [sqlite3_initialize()] prior
+** to invoking sqlite3_complete16() then sqlite3_initialize() is invoked
+** automatically by sqlite3_complete16(). If that initialization fails,
+** then the return value from sqlite3_complete16() will be non-zero
+** regardless of whether or not the input SQL is complete.)^
+**
+** The input to [sqlite3_complete()] must be a zero-terminated
+** UTF-8 string.
+**
+** The input to [sqlite3_complete16()] must be a zero-terminated
+** UTF-16 string in native byte order.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_complete(const char *sql);
+SQLITE_API int SQLITE_STDCALL sqlite3_complete16(const void *sql);
+
+/*
+** CAPI3REF: Register A Callback To Handle SQLITE_BUSY Errors
+** KEYWORDS: {busy-handler callback} {busy handler}
+** METHOD: sqlite3
+**
+** ^The sqlite3_busy_handler(D,X,P) routine sets a callback function X
+** that might be invoked with argument P whenever
+** an attempt is made to access a database table associated with
+** [database connection] D when another thread
+** or process has the table locked.
+** The sqlite3_busy_handler() interface is used to implement
+** [sqlite3_busy_timeout()] and [PRAGMA busy_timeout].
+**
+** ^If the busy callback is NULL, then [SQLITE_BUSY]
+** is returned immediately upon encountering the lock. ^If the busy callback
+** is not NULL, then the callback might be invoked with two arguments.
+**
+** ^The first argument to the busy handler is a copy of the void* pointer which
+** is the third argument to sqlite3_busy_handler(). ^The second argument to
+** the busy handler callback is the number of times that the busy handler has
+** been invoked previously for the same locking event. ^If the
+** busy callback returns 0, then no additional attempts are made to
+** access the database and [SQLITE_BUSY] is returned
+** to the application.
+** ^If the callback returns non-zero, then another attempt
+** is made to access the database and the cycle repeats.
+**
+** The presence of a busy handler does not guarantee that it will be invoked
+** when there is lock contention. ^If SQLite determines that invoking the busy
+** handler could result in a deadlock, it will go ahead and return [SQLITE_BUSY]
+** to the application instead of invoking the
+** busy handler.
+** Consider a scenario where one process is holding a read lock that
+** it is trying to promote to a reserved lock and
+** a second process is holding a reserved lock that it is trying
+** to promote to an exclusive lock. The first process cannot proceed
+** because it is blocked by the second and the second process cannot
+** proceed because it is blocked by the first. If both processes
+** invoke the busy handlers, neither will make any progress. Therefore,
+** SQLite returns [SQLITE_BUSY] for the first process, hoping that this
+** will induce the first process to release its read lock and allow
+** the second process to proceed.
+**
+** ^The default busy callback is NULL.
+**
+** ^(There can only be a single busy handler defined for each
+** [database connection]. Setting a new busy handler clears any
+** previously set handler.)^ ^Note that calling [sqlite3_busy_timeout()]
+** or evaluating [PRAGMA busy_timeout=N] will change the
+** busy handler and thus clear any previously set busy handler.
+**
+** The busy callback should not take any actions which modify the
+** database connection that invoked the busy handler. In other words,
+** the busy handler is not reentrant. Any such actions
+** result in undefined behavior.
+**
+** A busy handler must not close the database connection
+** or [prepared statement] that invoked the busy handler.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_busy_handler(sqlite3*, int(*)(void*,int), void*);
+
+/*
+** CAPI3REF: Set A Busy Timeout
+** METHOD: sqlite3
+**
+** ^This routine sets a [sqlite3_busy_handler | busy handler] that sleeps
+** for a specified amount of time when a table is locked. ^The handler
+** will sleep multiple times until at least "ms" milliseconds of sleeping
+** have accumulated. ^After at least "ms" milliseconds of sleeping,
+** the handler returns 0 which causes [sqlite3_step()] to return
+** [SQLITE_BUSY].
+**
+** ^Calling this routine with an argument less than or equal to zero
+** turns off all busy handlers.
+**
+** ^(There can only be a single busy handler for a particular
+** [database connection] at any given moment. If another busy handler
+** was defined (using [sqlite3_busy_handler()]) prior to calling
+** this routine, that other busy handler is cleared.)^
+**
+** See also: [PRAGMA busy_timeout]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_busy_timeout(sqlite3*, int ms);
+
+/*
+** CAPI3REF: Convenience Routines For Running Queries
+** METHOD: sqlite3
+**
+** This is a legacy interface that is preserved for backwards compatibility.
+** Use of this interface is not recommended.
+**
+** Definition: A <b>result table</b> is memory data structure created by the
+** [sqlite3_get_table()] interface. A result table records the
+** complete query results from one or more queries.
+**
+** The table conceptually has a number of rows and columns. But
+** these numbers are not part of the result table itself. These
+** numbers are obtained separately. Let N be the number of rows
+** and M be the number of columns.
+**
+** A result table is an array of pointers to zero-terminated UTF-8 strings.
+** There are (N+1)*M elements in the array. The first M pointers point
+** to zero-terminated strings that contain the names of the columns.
+** The remaining entries all point to query results. NULL values result
+** in NULL pointers. All other values are in their UTF-8 zero-terminated
+** string representation as returned by [sqlite3_column_text()].
+**
+** A result table might consist of one or more memory allocations.
+** It is not safe to pass a result table directly to [sqlite3_free()].
+** A result table should be deallocated using [sqlite3_free_table()].
+**
+** ^(As an example of the result table format, suppose a query result
+** is as follows:
+**
+** <blockquote><pre>
+** Name | Age
+** -----------------------
+** Alice | 43
+** Bob | 28
+** Cindy | 21
+** </pre></blockquote>
+**
+** There are two column (M==2) and three rows (N==3). Thus the
+** result table has 8 entries. Suppose the result table is stored
+** in an array names azResult. Then azResult holds this content:
+**
+** <blockquote><pre>
+** azResult&#91;0] = "Name";
+** azResult&#91;1] = "Age";
+** azResult&#91;2] = "Alice";
+** azResult&#91;3] = "43";
+** azResult&#91;4] = "Bob";
+** azResult&#91;5] = "28";
+** azResult&#91;6] = "Cindy";
+** azResult&#91;7] = "21";
+** </pre></blockquote>)^
+**
+** ^The sqlite3_get_table() function evaluates one or more
+** semicolon-separated SQL statements in the zero-terminated UTF-8
+** string of its 2nd parameter and returns a result table to the
+** pointer given in its 3rd parameter.
+**
+** After the application has finished with the result from sqlite3_get_table(),
+** it must pass the result table pointer to sqlite3_free_table() in order to
+** release the memory that was malloced. Because of the way the
+** [sqlite3_malloc()] happens within sqlite3_get_table(), the calling
+** function must not try to call [sqlite3_free()] directly. Only
+** [sqlite3_free_table()] is able to release the memory properly and safely.
+**
+** The sqlite3_get_table() interface is implemented as a wrapper around
+** [sqlite3_exec()]. The sqlite3_get_table() routine does not have access
+** to any internal data structures of SQLite. It uses only the public
+** interface defined here. As a consequence, errors that occur in the
+** wrapper layer outside of the internal [sqlite3_exec()] call are not
+** reflected in subsequent calls to [sqlite3_errcode()] or
+** [sqlite3_errmsg()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_get_table(
+ sqlite3 *db, /* An open database */
+ const char *zSql, /* SQL to be evaluated */
+ char ***pazResult, /* Results of the query */
+ int *pnRow, /* Number of result rows written here */
+ int *pnColumn, /* Number of result columns written here */
+ char **pzErrmsg /* Error msg written here */
+);
+SQLITE_API void SQLITE_STDCALL sqlite3_free_table(char **result);
+
+/*
+** CAPI3REF: Formatted String Printing Functions
+**
+** These routines are work-alikes of the "printf()" family of functions
+** from the standard C library.
+** These routines understand most of the common K&R formatting options,
+** plus some additional non-standard formats, detailed below.
+** Note that some of the more obscure formatting options from recent
+** C-library standards are omitted from this implementation.
+**
+** ^The sqlite3_mprintf() and sqlite3_vmprintf() routines write their
+** results into memory obtained from [sqlite3_malloc()].
+** The strings returned by these two routines should be
+** released by [sqlite3_free()]. ^Both routines return a
+** NULL pointer if [sqlite3_malloc()] is unable to allocate enough
+** memory to hold the resulting string.
+**
+** ^(The sqlite3_snprintf() routine is similar to "snprintf()" from
+** the standard C library. The result is written into the
+** buffer supplied as the second parameter whose size is given by
+** the first parameter. Note that the order of the
+** first two parameters is reversed from snprintf().)^ This is an
+** historical accident that cannot be fixed without breaking
+** backwards compatibility. ^(Note also that sqlite3_snprintf()
+** returns a pointer to its buffer instead of the number of
+** characters actually written into the buffer.)^ We admit that
+** the number of characters written would be a more useful return
+** value but we cannot change the implementation of sqlite3_snprintf()
+** now without breaking compatibility.
+**
+** ^As long as the buffer size is greater than zero, sqlite3_snprintf()
+** guarantees that the buffer is always zero-terminated. ^The first
+** parameter "n" is the total size of the buffer, including space for
+** the zero terminator. So the longest string that can be completely
+** written will be n-1 characters.
+**
+** ^The sqlite3_vsnprintf() routine is a varargs version of sqlite3_snprintf().
+**
+** These routines all implement some additional formatting
+** options that are useful for constructing SQL statements.
+** All of the usual printf() formatting options apply. In addition, there
+** is are "%q", "%Q", "%w" and "%z" options.
+**
+** ^(The %q option works like %s in that it substitutes a nul-terminated
+** string from the argument list. But %q also doubles every '\'' character.
+** %q is designed for use inside a string literal.)^ By doubling each '\''
+** character it escapes that character and allows it to be inserted into
+** the string.
+**
+** For example, assume the string variable zText contains text as follows:
+**
+** <blockquote><pre>
+** char *zText = "It's a happy day!";
+** </pre></blockquote>
+**
+** One can use this text in an SQL statement as follows:
+**
+** <blockquote><pre>
+** char *zSQL = sqlite3_mprintf("INSERT INTO table VALUES('%q')", zText);
+** sqlite3_exec(db, zSQL, 0, 0, 0);
+** sqlite3_free(zSQL);
+** </pre></blockquote>
+**
+** Because the %q format string is used, the '\'' character in zText
+** is escaped and the SQL generated is as follows:
+**
+** <blockquote><pre>
+** INSERT INTO table1 VALUES('It''s a happy day!')
+** </pre></blockquote>
+**
+** This is correct. Had we used %s instead of %q, the generated SQL
+** would have looked like this:
+**
+** <blockquote><pre>
+** INSERT INTO table1 VALUES('It's a happy day!');
+** </pre></blockquote>
+**
+** This second example is an SQL syntax error. As a general rule you should
+** always use %q instead of %s when inserting text into a string literal.
+**
+** ^(The %Q option works like %q except it also adds single quotes around
+** the outside of the total string. Additionally, if the parameter in the
+** argument list is a NULL pointer, %Q substitutes the text "NULL" (without
+** single quotes).)^ So, for example, one could say:
+**
+** <blockquote><pre>
+** char *zSQL = sqlite3_mprintf("INSERT INTO table VALUES(%Q)", zText);
+** sqlite3_exec(db, zSQL, 0, 0, 0);
+** sqlite3_free(zSQL);
+** </pre></blockquote>
+**
+** The code above will render a correct SQL statement in the zSQL
+** variable even if the zText variable is a NULL pointer.
+**
+** ^(The "%w" formatting option is like "%q" except that it expects to
+** be contained within double-quotes instead of single quotes, and it
+** escapes the double-quote character instead of the single-quote
+** character.)^ The "%w" formatting option is intended for safely inserting
+** table and column names into a constructed SQL statement.
+**
+** ^(The "%z" formatting option works like "%s" but with the
+** addition that after the string has been read and copied into
+** the result, [sqlite3_free()] is called on the input string.)^
+*/
+SQLITE_API char *SQLITE_CDECL sqlite3_mprintf(const char*,...);
+SQLITE_API char *SQLITE_STDCALL sqlite3_vmprintf(const char*, va_list);
+SQLITE_API char *SQLITE_CDECL sqlite3_snprintf(int,char*,const char*, ...);
+SQLITE_API char *SQLITE_STDCALL sqlite3_vsnprintf(int,char*,const char*, va_list);
+
+/*
+** CAPI3REF: Memory Allocation Subsystem
+**
+** The SQLite core uses these three routines for all of its own
+** internal memory allocation needs. "Core" in the previous sentence
+** does not include operating-system specific VFS implementation. The
+** Windows VFS uses native malloc() and free() for some operations.
+**
+** ^The sqlite3_malloc() routine returns a pointer to a block
+** of memory at least N bytes in length, where N is the parameter.
+** ^If sqlite3_malloc() is unable to obtain sufficient free
+** memory, it returns a NULL pointer. ^If the parameter N to
+** sqlite3_malloc() is zero or negative then sqlite3_malloc() returns
+** a NULL pointer.
+**
+** ^The sqlite3_malloc64(N) routine works just like
+** sqlite3_malloc(N) except that N is an unsigned 64-bit integer instead
+** of a signed 32-bit integer.
+**
+** ^Calling sqlite3_free() with a pointer previously returned
+** by sqlite3_malloc() or sqlite3_realloc() releases that memory so
+** that it might be reused. ^The sqlite3_free() routine is
+** a no-op if is called with a NULL pointer. Passing a NULL pointer
+** to sqlite3_free() is harmless. After being freed, memory
+** should neither be read nor written. Even reading previously freed
+** memory might result in a segmentation fault or other severe error.
+** Memory corruption, a segmentation fault, or other severe error
+** might result if sqlite3_free() is called with a non-NULL pointer that
+** was not obtained from sqlite3_malloc() or sqlite3_realloc().
+**
+** ^The sqlite3_realloc(X,N) interface attempts to resize a
+** prior memory allocation X to be at least N bytes.
+** ^If the X parameter to sqlite3_realloc(X,N)
+** is a NULL pointer then its behavior is identical to calling
+** sqlite3_malloc(N).
+** ^If the N parameter to sqlite3_realloc(X,N) is zero or
+** negative then the behavior is exactly the same as calling
+** sqlite3_free(X).
+** ^sqlite3_realloc(X,N) returns a pointer to a memory allocation
+** of at least N bytes in size or NULL if insufficient memory is available.
+** ^If M is the size of the prior allocation, then min(N,M) bytes
+** of the prior allocation are copied into the beginning of buffer returned
+** by sqlite3_realloc(X,N) and the prior allocation is freed.
+** ^If sqlite3_realloc(X,N) returns NULL and N is positive, then the
+** prior allocation is not freed.
+**
+** ^The sqlite3_realloc64(X,N) interfaces works the same as
+** sqlite3_realloc(X,N) except that N is a 64-bit unsigned integer instead
+** of a 32-bit signed integer.
+**
+** ^If X is a memory allocation previously obtained from sqlite3_malloc(),
+** sqlite3_malloc64(), sqlite3_realloc(), or sqlite3_realloc64(), then
+** sqlite3_msize(X) returns the size of that memory allocation in bytes.
+** ^The value returned by sqlite3_msize(X) might be larger than the number
+** of bytes requested when X was allocated. ^If X is a NULL pointer then
+** sqlite3_msize(X) returns zero. If X points to something that is not
+** the beginning of memory allocation, or if it points to a formerly
+** valid memory allocation that has now been freed, then the behavior
+** of sqlite3_msize(X) is undefined and possibly harmful.
+**
+** ^The memory returned by sqlite3_malloc(), sqlite3_realloc(),
+** sqlite3_malloc64(), and sqlite3_realloc64()
+** is always aligned to at least an 8 byte boundary, or to a
+** 4 byte boundary if the [SQLITE_4_BYTE_ALIGNED_MALLOC] compile-time
+** option is used.
+**
+** In SQLite version 3.5.0 and 3.5.1, it was possible to define
+** the SQLITE_OMIT_MEMORY_ALLOCATION which would cause the built-in
+** implementation of these routines to be omitted. That capability
+** is no longer provided. Only built-in memory allocators can be used.
+**
+** Prior to SQLite version 3.7.10, the Windows OS interface layer called
+** the system malloc() and free() directly when converting
+** filenames between the UTF-8 encoding used by SQLite
+** and whatever filename encoding is used by the particular Windows
+** installation. Memory allocation errors were detected, but
+** they were reported back as [SQLITE_CANTOPEN] or
+** [SQLITE_IOERR] rather than [SQLITE_NOMEM].
+**
+** The pointer arguments to [sqlite3_free()] and [sqlite3_realloc()]
+** must be either NULL or else pointers obtained from a prior
+** invocation of [sqlite3_malloc()] or [sqlite3_realloc()] that have
+** not yet been released.
+**
+** The application must not read or write any part of
+** a block of memory after it has been released using
+** [sqlite3_free()] or [sqlite3_realloc()].
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_malloc(int);
+SQLITE_API void *SQLITE_STDCALL sqlite3_malloc64(sqlite3_uint64);
+SQLITE_API void *SQLITE_STDCALL sqlite3_realloc(void*, int);
+SQLITE_API void *SQLITE_STDCALL sqlite3_realloc64(void*, sqlite3_uint64);
+SQLITE_API void SQLITE_STDCALL sqlite3_free(void*);
+SQLITE_API sqlite3_uint64 SQLITE_STDCALL sqlite3_msize(void*);
+
+/*
+** CAPI3REF: Memory Allocator Statistics
+**
+** SQLite provides these two interfaces for reporting on the status
+** of the [sqlite3_malloc()], [sqlite3_free()], and [sqlite3_realloc()]
+** routines, which form the built-in memory allocation subsystem.
+**
+** ^The [sqlite3_memory_used()] routine returns the number of bytes
+** of memory currently outstanding (malloced but not freed).
+** ^The [sqlite3_memory_highwater()] routine returns the maximum
+** value of [sqlite3_memory_used()] since the high-water mark
+** was last reset. ^The values returned by [sqlite3_memory_used()] and
+** [sqlite3_memory_highwater()] include any overhead
+** added by SQLite in its implementation of [sqlite3_malloc()],
+** but not overhead added by the any underlying system library
+** routines that [sqlite3_malloc()] may call.
+**
+** ^The memory high-water mark is reset to the current value of
+** [sqlite3_memory_used()] if and only if the parameter to
+** [sqlite3_memory_highwater()] is true. ^The value returned
+** by [sqlite3_memory_highwater(1)] is the high-water mark
+** prior to the reset.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_memory_used(void);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_memory_highwater(int resetFlag);
+
+/*
+** CAPI3REF: Pseudo-Random Number Generator
+**
+** SQLite contains a high-quality pseudo-random number generator (PRNG) used to
+** select random [ROWID | ROWIDs] when inserting new records into a table that
+** already uses the largest possible [ROWID]. The PRNG is also used for
+** the build-in random() and randomblob() SQL functions. This interface allows
+** applications to access the same PRNG for other purposes.
+**
+** ^A call to this routine stores N bytes of randomness into buffer P.
+** ^The P parameter can be a NULL pointer.
+**
+** ^If this routine has not been previously called or if the previous
+** call had N less than one or a NULL pointer for P, then the PRNG is
+** seeded using randomness obtained from the xRandomness method of
+** the default [sqlite3_vfs] object.
+** ^If the previous call to this routine had an N of 1 or more and a
+** non-NULL P then the pseudo-randomness is generated
+** internally and without recourse to the [sqlite3_vfs] xRandomness
+** method.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_randomness(int N, void *P);
+
+/*
+** CAPI3REF: Compile-Time Authorization Callbacks
+** METHOD: sqlite3
+**
+** ^This routine registers an authorizer callback with a particular
+** [database connection], supplied in the first argument.
+** ^The authorizer callback is invoked as SQL statements are being compiled
+** by [sqlite3_prepare()] or its variants [sqlite3_prepare_v2()],
+** [sqlite3_prepare16()] and [sqlite3_prepare16_v2()]. ^At various
+** points during the compilation process, as logic is being created
+** to perform various actions, the authorizer callback is invoked to
+** see if those actions are allowed. ^The authorizer callback should
+** return [SQLITE_OK] to allow the action, [SQLITE_IGNORE] to disallow the
+** specific action but allow the SQL statement to continue to be
+** compiled, or [SQLITE_DENY] to cause the entire SQL statement to be
+** rejected with an error. ^If the authorizer callback returns
+** any value other than [SQLITE_IGNORE], [SQLITE_OK], or [SQLITE_DENY]
+** then the [sqlite3_prepare_v2()] or equivalent call that triggered
+** the authorizer will fail with an error message.
+**
+** When the callback returns [SQLITE_OK], that means the operation
+** requested is ok. ^When the callback returns [SQLITE_DENY], the
+** [sqlite3_prepare_v2()] or equivalent call that triggered the
+** authorizer will fail with an error message explaining that
+** access is denied.
+**
+** ^The first parameter to the authorizer callback is a copy of the third
+** parameter to the sqlite3_set_authorizer() interface. ^The second parameter
+** to the callback is an integer [SQLITE_COPY | action code] that specifies
+** the particular action to be authorized. ^The third through sixth parameters
+** to the callback are zero-terminated strings that contain additional
+** details about the action to be authorized.
+**
+** ^If the action code is [SQLITE_READ]
+** and the callback returns [SQLITE_IGNORE] then the
+** [prepared statement] statement is constructed to substitute
+** a NULL value in place of the table column that would have
+** been read if [SQLITE_OK] had been returned. The [SQLITE_IGNORE]
+** return can be used to deny an untrusted user access to individual
+** columns of a table.
+** ^If the action code is [SQLITE_DELETE] and the callback returns
+** [SQLITE_IGNORE] then the [DELETE] operation proceeds but the
+** [truncate optimization] is disabled and all rows are deleted individually.
+**
+** An authorizer is used when [sqlite3_prepare | preparing]
+** SQL statements from an untrusted source, to ensure that the SQL statements
+** do not try to access data they are not allowed to see, or that they do not
+** try to execute malicious statements that damage the database. For
+** example, an application may allow a user to enter arbitrary
+** SQL queries for evaluation by a database. But the application does
+** not want the user to be able to make arbitrary changes to the
+** database. An authorizer could then be put in place while the
+** user-entered SQL is being [sqlite3_prepare | prepared] that
+** disallows everything except [SELECT] statements.
+**
+** Applications that need to process SQL from untrusted sources
+** might also consider lowering resource limits using [sqlite3_limit()]
+** and limiting database size using the [max_page_count] [PRAGMA]
+** in addition to using an authorizer.
+**
+** ^(Only a single authorizer can be in place on a database connection
+** at a time. Each call to sqlite3_set_authorizer overrides the
+** previous call.)^ ^Disable the authorizer by installing a NULL callback.
+** The authorizer is disabled by default.
+**
+** The authorizer callback must not do anything that will modify
+** the database connection that invoked the authorizer callback.
+** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
+** database connections for the meaning of "modify" in this paragraph.
+**
+** ^When [sqlite3_prepare_v2()] is used to prepare a statement, the
+** statement might be re-prepared during [sqlite3_step()] due to a
+** schema change. Hence, the application should ensure that the
+** correct authorizer callback remains in place during the [sqlite3_step()].
+**
+** ^Note that the authorizer callback is invoked only during
+** [sqlite3_prepare()] or its variants. Authorization is not
+** performed during statement evaluation in [sqlite3_step()], unless
+** as stated in the previous paragraph, sqlite3_step() invokes
+** sqlite3_prepare_v2() to reprepare a statement after a schema change.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_set_authorizer(
+ sqlite3*,
+ int (*xAuth)(void*,int,const char*,const char*,const char*,const char*),
+ void *pUserData
+);
+
+/*
+** CAPI3REF: Authorizer Return Codes
+**
+** The [sqlite3_set_authorizer | authorizer callback function] must
+** return either [SQLITE_OK] or one of these two constants in order
+** to signal SQLite whether or not the action is permitted. See the
+** [sqlite3_set_authorizer | authorizer documentation] for additional
+** information.
+**
+** Note that SQLITE_IGNORE is also used as a [conflict resolution mode]
+** returned from the [sqlite3_vtab_on_conflict()] interface.
+*/
+#define SQLITE_DENY 1 /* Abort the SQL statement with an error */
+#define SQLITE_IGNORE 2 /* Don't allow access, but don't generate an error */
+
+/*
+** CAPI3REF: Authorizer Action Codes
+**
+** The [sqlite3_set_authorizer()] interface registers a callback function
+** that is invoked to authorize certain SQL statement actions. The
+** second parameter to the callback is an integer code that specifies
+** what action is being authorized. These are the integer action codes that
+** the authorizer callback may be passed.
+**
+** These action code values signify what kind of operation is to be
+** authorized. The 3rd and 4th parameters to the authorization
+** callback function will be parameters or NULL depending on which of these
+** codes is used as the second parameter. ^(The 5th parameter to the
+** authorizer callback is the name of the database ("main", "temp",
+** etc.) if applicable.)^ ^The 6th parameter to the authorizer callback
+** is the name of the inner-most trigger or view that is responsible for
+** the access attempt or NULL if this access attempt is directly from
+** top-level SQL code.
+*/
+/******************************************* 3rd ************ 4th ***********/
+#define SQLITE_CREATE_INDEX 1 /* Index Name Table Name */
+#define SQLITE_CREATE_TABLE 2 /* Table Name NULL */
+#define SQLITE_CREATE_TEMP_INDEX 3 /* Index Name Table Name */
+#define SQLITE_CREATE_TEMP_TABLE 4 /* Table Name NULL */
+#define SQLITE_CREATE_TEMP_TRIGGER 5 /* Trigger Name Table Name */
+#define SQLITE_CREATE_TEMP_VIEW 6 /* View Name NULL */
+#define SQLITE_CREATE_TRIGGER 7 /* Trigger Name Table Name */
+#define SQLITE_CREATE_VIEW 8 /* View Name NULL */
+#define SQLITE_DELETE 9 /* Table Name NULL */
+#define SQLITE_DROP_INDEX 10 /* Index Name Table Name */
+#define SQLITE_DROP_TABLE 11 /* Table Name NULL */
+#define SQLITE_DROP_TEMP_INDEX 12 /* Index Name Table Name */
+#define SQLITE_DROP_TEMP_TABLE 13 /* Table Name NULL */
+#define SQLITE_DROP_TEMP_TRIGGER 14 /* Trigger Name Table Name */
+#define SQLITE_DROP_TEMP_VIEW 15 /* View Name NULL */
+#define SQLITE_DROP_TRIGGER 16 /* Trigger Name Table Name */
+#define SQLITE_DROP_VIEW 17 /* View Name NULL */
+#define SQLITE_INSERT 18 /* Table Name NULL */
+#define SQLITE_PRAGMA 19 /* Pragma Name 1st arg or NULL */
+#define SQLITE_READ 20 /* Table Name Column Name */
+#define SQLITE_SELECT 21 /* NULL NULL */
+#define SQLITE_TRANSACTION 22 /* Operation NULL */
+#define SQLITE_UPDATE 23 /* Table Name Column Name */
+#define SQLITE_ATTACH 24 /* Filename NULL */
+#define SQLITE_DETACH 25 /* Database Name NULL */
+#define SQLITE_ALTER_TABLE 26 /* Database Name Table Name */
+#define SQLITE_REINDEX 27 /* Index Name NULL */
+#define SQLITE_ANALYZE 28 /* Table Name NULL */
+#define SQLITE_CREATE_VTABLE 29 /* Table Name Module Name */
+#define SQLITE_DROP_VTABLE 30 /* Table Name Module Name */
+#define SQLITE_FUNCTION 31 /* NULL Function Name */
+#define SQLITE_SAVEPOINT 32 /* Operation Savepoint Name */
+#define SQLITE_COPY 0 /* No longer used */
+#define SQLITE_RECURSIVE 33 /* NULL NULL */
+
+/*
+** CAPI3REF: Tracing And Profiling Functions
+** METHOD: sqlite3
+**
+** These routines register callback functions that can be used for
+** tracing and profiling the execution of SQL statements.
+**
+** ^The callback function registered by sqlite3_trace() is invoked at
+** various times when an SQL statement is being run by [sqlite3_step()].
+** ^The sqlite3_trace() callback is invoked with a UTF-8 rendering of the
+** SQL statement text as the statement first begins executing.
+** ^(Additional sqlite3_trace() callbacks might occur
+** as each triggered subprogram is entered. The callbacks for triggers
+** contain a UTF-8 SQL comment that identifies the trigger.)^
+**
+** The [SQLITE_TRACE_SIZE_LIMIT] compile-time option can be used to limit
+** the length of [bound parameter] expansion in the output of sqlite3_trace().
+**
+** ^The callback function registered by sqlite3_profile() is invoked
+** as each SQL statement finishes. ^The profile callback contains
+** the original statement text and an estimate of wall-clock time
+** of how long that statement took to run. ^The profile callback
+** time is in units of nanoseconds, however the current implementation
+** is only capable of millisecond resolution so the six least significant
+** digits in the time are meaningless. Future versions of SQLite
+** might provide greater resolution on the profiler callback. The
+** sqlite3_profile() function is considered experimental and is
+** subject to change in future versions of SQLite.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_trace(sqlite3*, void(*xTrace)(void*,const char*), void*);
+SQLITE_API SQLITE_EXPERIMENTAL void *SQLITE_STDCALL sqlite3_profile(sqlite3*,
+ void(*xProfile)(void*,const char*,sqlite3_uint64), void*);
+
+/*
+** CAPI3REF: Query Progress Callbacks
+** METHOD: sqlite3
+**
+** ^The sqlite3_progress_handler(D,N,X,P) interface causes the callback
+** function X to be invoked periodically during long running calls to
+** [sqlite3_exec()], [sqlite3_step()] and [sqlite3_get_table()] for
+** database connection D. An example use for this
+** interface is to keep a GUI updated during a large query.
+**
+** ^The parameter P is passed through as the only parameter to the
+** callback function X. ^The parameter N is the approximate number of
+** [virtual machine instructions] that are evaluated between successive
+** invocations of the callback X. ^If N is less than one then the progress
+** handler is disabled.
+**
+** ^Only a single progress handler may be defined at one time per
+** [database connection]; setting a new progress handler cancels the
+** old one. ^Setting parameter X to NULL disables the progress handler.
+** ^The progress handler is also disabled by setting N to a value less
+** than 1.
+**
+** ^If the progress callback returns non-zero, the operation is
+** interrupted. This feature can be used to implement a
+** "Cancel" button on a GUI progress dialog box.
+**
+** The progress handler callback must not do anything that will modify
+** the database connection that invoked the progress handler.
+** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
+** database connections for the meaning of "modify" in this paragraph.
+**
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
+
+/*
+** CAPI3REF: Opening A New Database Connection
+** CONSTRUCTOR: sqlite3
+**
+** ^These routines open an SQLite database file as specified by the
+** filename argument. ^The filename argument is interpreted as UTF-8 for
+** sqlite3_open() and sqlite3_open_v2() and as UTF-16 in the native byte
+** order for sqlite3_open16(). ^(A [database connection] handle is usually
+** returned in *ppDb, even if an error occurs. The only exception is that
+** if SQLite is unable to allocate memory to hold the [sqlite3] object,
+** a NULL will be written into *ppDb instead of a pointer to the [sqlite3]
+** object.)^ ^(If the database is opened (and/or created) successfully, then
+** [SQLITE_OK] is returned. Otherwise an [error code] is returned.)^ ^The
+** [sqlite3_errmsg()] or [sqlite3_errmsg16()] routines can be used to obtain
+** an English language description of the error following a failure of any
+** of the sqlite3_open() routines.
+**
+** ^The default encoding will be UTF-8 for databases created using
+** sqlite3_open() or sqlite3_open_v2(). ^The default encoding for databases
+** created using sqlite3_open16() will be UTF-16 in the native byte order.
+**
+** Whether or not an error occurs when it is opened, resources
+** associated with the [database connection] handle should be released by
+** passing it to [sqlite3_close()] when it is no longer required.
+**
+** The sqlite3_open_v2() interface works like sqlite3_open()
+** except that it accepts two additional parameters for additional control
+** over the new database connection. ^(The flags parameter to
+** sqlite3_open_v2() can take one of
+** the following three values, optionally combined with the
+** [SQLITE_OPEN_NOMUTEX], [SQLITE_OPEN_FULLMUTEX], [SQLITE_OPEN_SHAREDCACHE],
+** [SQLITE_OPEN_PRIVATECACHE], and/or [SQLITE_OPEN_URI] flags:)^
+**
+** <dl>
+** ^(<dt>[SQLITE_OPEN_READONLY]</dt>
+** <dd>The database is opened in read-only mode. If the database does not
+** already exist, an error is returned.</dd>)^
+**
+** ^(<dt>[SQLITE_OPEN_READWRITE]</dt>
+** <dd>The database is opened for reading and writing if possible, or reading
+** only if the file is write protected by the operating system. In either
+** case the database must already exist, otherwise an error is returned.</dd>)^
+**
+** ^(<dt>[SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE]</dt>
+** <dd>The database is opened for reading and writing, and is created if
+** it does not already exist. This is the behavior that is always used for
+** sqlite3_open() and sqlite3_open16().</dd>)^
+** </dl>
+**
+** If the 3rd parameter to sqlite3_open_v2() is not one of the
+** combinations shown above optionally combined with other
+** [SQLITE_OPEN_READONLY | SQLITE_OPEN_* bits]
+** then the behavior is undefined.
+**
+** ^If the [SQLITE_OPEN_NOMUTEX] flag is set, then the database connection
+** opens in the multi-thread [threading mode] as long as the single-thread
+** mode has not been set at compile-time or start-time. ^If the
+** [SQLITE_OPEN_FULLMUTEX] flag is set then the database connection opens
+** in the serialized [threading mode] unless single-thread was
+** previously selected at compile-time or start-time.
+** ^The [SQLITE_OPEN_SHAREDCACHE] flag causes the database connection to be
+** eligible to use [shared cache mode], regardless of whether or not shared
+** cache is enabled using [sqlite3_enable_shared_cache()]. ^The
+** [SQLITE_OPEN_PRIVATECACHE] flag causes the database connection to not
+** participate in [shared cache mode] even if it is enabled.
+**
+** ^The fourth parameter to sqlite3_open_v2() is the name of the
+** [sqlite3_vfs] object that defines the operating system interface that
+** the new database connection should use. ^If the fourth parameter is
+** a NULL pointer then the default [sqlite3_vfs] object is used.
+**
+** ^If the filename is ":memory:", then a private, temporary in-memory database
+** is created for the connection. ^This in-memory database will vanish when
+** the database connection is closed. Future versions of SQLite might
+** make use of additional special filenames that begin with the ":" character.
+** It is recommended that when a database filename actually does begin with
+** a ":" character you should prefix the filename with a pathname such as
+** "./" to avoid ambiguity.
+**
+** ^If the filename is an empty string, then a private, temporary
+** on-disk database will be created. ^This private database will be
+** automatically deleted as soon as the database connection is closed.
+**
+** [[URI filenames in sqlite3_open()]] <h3>URI Filenames</h3>
+**
+** ^If [URI filename] interpretation is enabled, and the filename argument
+** begins with "file:", then the filename is interpreted as a URI. ^URI
+** filename interpretation is enabled if the [SQLITE_OPEN_URI] flag is
+** set in the fourth argument to sqlite3_open_v2(), or if it has
+** been enabled globally using the [SQLITE_CONFIG_URI] option with the
+** [sqlite3_config()] method or by the [SQLITE_USE_URI] compile-time option.
+** As of SQLite version 3.7.7, URI filename interpretation is turned off
+** by default, but future releases of SQLite might enable URI filename
+** interpretation by default. See "[URI filenames]" for additional
+** information.
+**
+** URI filenames are parsed according to RFC 3986. ^If the URI contains an
+** authority, then it must be either an empty string or the string
+** "localhost". ^If the authority is not an empty string or "localhost", an
+** error is returned to the caller. ^The fragment component of a URI, if
+** present, is ignored.
+**
+** ^SQLite uses the path component of the URI as the name of the disk file
+** which contains the database. ^If the path begins with a '/' character,
+** then it is interpreted as an absolute path. ^If the path does not begin
+** with a '/' (meaning that the authority section is omitted from the URI)
+** then the path is interpreted as a relative path.
+** ^(On windows, the first component of an absolute path
+** is a drive specification (e.g. "C:").)^
+**
+** [[core URI query parameters]]
+** The query component of a URI may contain parameters that are interpreted
+** either by SQLite itself, or by a [VFS | custom VFS implementation].
+** SQLite and its built-in [VFSes] interpret the
+** following query parameters:
+**
+** <ul>
+** <li> <b>vfs</b>: ^The "vfs" parameter may be used to specify the name of
+** a VFS object that provides the operating system interface that should
+** be used to access the database file on disk. ^If this option is set to
+** an empty string the default VFS object is used. ^Specifying an unknown
+** VFS is an error. ^If sqlite3_open_v2() is used and the vfs option is
+** present, then the VFS specified by the option takes precedence over
+** the value passed as the fourth parameter to sqlite3_open_v2().
+**
+** <li> <b>mode</b>: ^(The mode parameter may be set to either "ro", "rw",
+** "rwc", or "memory". Attempting to set it to any other value is
+** an error)^.
+** ^If "ro" is specified, then the database is opened for read-only
+** access, just as if the [SQLITE_OPEN_READONLY] flag had been set in the
+** third argument to sqlite3_open_v2(). ^If the mode option is set to
+** "rw", then the database is opened for read-write (but not create)
+** access, as if SQLITE_OPEN_READWRITE (but not SQLITE_OPEN_CREATE) had
+** been set. ^Value "rwc" is equivalent to setting both
+** SQLITE_OPEN_READWRITE and SQLITE_OPEN_CREATE. ^If the mode option is
+** set to "memory" then a pure [in-memory database] that never reads
+** or writes from disk is used. ^It is an error to specify a value for
+** the mode parameter that is less restrictive than that specified by
+** the flags passed in the third parameter to sqlite3_open_v2().
+**
+** <li> <b>cache</b>: ^The cache parameter may be set to either "shared" or
+** "private". ^Setting it to "shared" is equivalent to setting the
+** SQLITE_OPEN_SHAREDCACHE bit in the flags argument passed to
+** sqlite3_open_v2(). ^Setting the cache parameter to "private" is
+** equivalent to setting the SQLITE_OPEN_PRIVATECACHE bit.
+** ^If sqlite3_open_v2() is used and the "cache" parameter is present in
+** a URI filename, its value overrides any behavior requested by setting
+** SQLITE_OPEN_PRIVATECACHE or SQLITE_OPEN_SHAREDCACHE flag.
+**
+** <li> <b>psow</b>: ^The psow parameter indicates whether or not the
+** [powersafe overwrite] property does or does not apply to the
+** storage media on which the database file resides.
+**
+** <li> <b>nolock</b>: ^The nolock parameter is a boolean query parameter
+** which if set disables file locking in rollback journal modes. This
+** is useful for accessing a database on a filesystem that does not
+** support locking. Caution: Database corruption might result if two
+** or more processes write to the same database and any one of those
+** processes uses nolock=1.
+**
+** <li> <b>immutable</b>: ^The immutable parameter is a boolean query
+** parameter that indicates that the database file is stored on
+** read-only media. ^When immutable is set, SQLite assumes that the
+** database file cannot be changed, even by a process with higher
+** privilege, and so the database is opened read-only and all locking
+** and change detection is disabled. Caution: Setting the immutable
+** property on a database file that does in fact change can result
+** in incorrect query results and/or [SQLITE_CORRUPT] errors.
+** See also: [SQLITE_IOCAP_IMMUTABLE].
+**
+** </ul>
+**
+** ^Specifying an unknown parameter in the query component of a URI is not an
+** error. Future versions of SQLite might understand additional query
+** parameters. See "[query parameters with special meaning to SQLite]" for
+** additional information.
+**
+** [[URI filename examples]] <h3>URI filename examples</h3>
+**
+** <table border="1" align=center cellpadding=5>
+** <tr><th> URI filenames <th> Results
+** <tr><td> file:data.db <td>
+** Open the file "data.db" in the current directory.
+** <tr><td> file:/home/fred/data.db<br>
+** file:///home/fred/data.db <br>
+** file://localhost/home/fred/data.db <br> <td>
+** Open the database file "/home/fred/data.db".
+** <tr><td> file://darkstar/home/fred/data.db <td>
+** An error. "darkstar" is not a recognized authority.
+** <tr><td style="white-space:nowrap">
+** file:///C:/Documents%20and%20Settings/fred/Desktop/data.db
+** <td> Windows only: Open the file "data.db" on fred's desktop on drive
+** C:. Note that the %20 escaping in this example is not strictly
+** necessary - space characters can be used literally
+** in URI filenames.
+** <tr><td> file:data.db?mode=ro&cache=private <td>
+** Open file "data.db" in the current directory for read-only access.
+** Regardless of whether or not shared-cache mode is enabled by
+** default, use a private cache.
+** <tr><td> file:/home/fred/data.db?vfs=unix-dotfile <td>
+** Open file "/home/fred/data.db". Use the special VFS "unix-dotfile"
+** that uses dot-files in place of posix advisory locking.
+** <tr><td> file:data.db?mode=readonly <td>
+** An error. "readonly" is not a valid option for the "mode" parameter.
+** </table>
+**
+** ^URI hexadecimal escape sequences (%HH) are supported within the path and
+** query components of a URI. A hexadecimal escape sequence consists of a
+** percent sign - "%" - followed by exactly two hexadecimal digits
+** specifying an octet value. ^Before the path or query components of a
+** URI filename are interpreted, they are encoded using UTF-8 and all
+** hexadecimal escape sequences replaced by a single byte containing the
+** corresponding octet. If this process generates an invalid UTF-8 encoding,
+** the results are undefined.
+**
+** <b>Note to Windows users:</b> The encoding used for the filename argument
+** of sqlite3_open() and sqlite3_open_v2() must be UTF-8, not whatever
+** codepage is currently defined. Filenames containing international
+** characters must be converted to UTF-8 prior to passing them into
+** sqlite3_open() or sqlite3_open_v2().
+**
+** <b>Note to Windows Runtime users:</b> The temporary directory must be set
+** prior to calling sqlite3_open() or sqlite3_open_v2(). Otherwise, various
+** features that require the use of temporary files may fail.
+**
+** See also: [sqlite3_temp_directory]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_open(
+ const char *filename, /* Database filename (UTF-8) */
+ sqlite3 **ppDb /* OUT: SQLite db handle */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_open16(
+ const void *filename, /* Database filename (UTF-16) */
+ sqlite3 **ppDb /* OUT: SQLite db handle */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_open_v2(
+ const char *filename, /* Database filename (UTF-8) */
+ sqlite3 **ppDb, /* OUT: SQLite db handle */
+ int flags, /* Flags */
+ const char *zVfs /* Name of VFS module to use */
+);
+
+/*
+** CAPI3REF: Obtain Values For URI Parameters
+**
+** These are utility routines, useful to VFS implementations, that check
+** to see if a database file was a URI that contained a specific query
+** parameter, and if so obtains the value of that query parameter.
+**
+** If F is the database filename pointer passed into the xOpen() method of
+** a VFS implementation when the flags parameter to xOpen() has one or
+** more of the [SQLITE_OPEN_URI] or [SQLITE_OPEN_MAIN_DB] bits set and
+** P is the name of the query parameter, then
+** sqlite3_uri_parameter(F,P) returns the value of the P
+** parameter if it exists or a NULL pointer if P does not appear as a
+** query parameter on F. If P is a query parameter of F
+** has no explicit value, then sqlite3_uri_parameter(F,P) returns
+** a pointer to an empty string.
+**
+** The sqlite3_uri_boolean(F,P,B) routine assumes that P is a boolean
+** parameter and returns true (1) or false (0) according to the value
+** of P. The sqlite3_uri_boolean(F,P,B) routine returns true (1) if the
+** value of query parameter P is one of "yes", "true", or "on" in any
+** case or if the value begins with a non-zero number. The
+** sqlite3_uri_boolean(F,P,B) routines returns false (0) if the value of
+** query parameter P is one of "no", "false", or "off" in any case or
+** if the value begins with a numeric zero. If P is not a query
+** parameter on F or if the value of P is does not match any of the
+** above, then sqlite3_uri_boolean(F,P,B) returns (B!=0).
+**
+** The sqlite3_uri_int64(F,P,D) routine converts the value of P into a
+** 64-bit signed integer and returns that integer, or D if P does not
+** exist. If the value of P is something other than an integer, then
+** zero is returned.
+**
+** If F is a NULL pointer, then sqlite3_uri_parameter(F,P) returns NULL and
+** sqlite3_uri_boolean(F,P,B) returns B. If F is not a NULL pointer and
+** is not a database file pathname pointer that SQLite passed into the xOpen
+** VFS method, then the behavior of this routine is undefined and probably
+** undesirable.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_uri_parameter(const char *zFilename, const char *zParam);
+SQLITE_API int SQLITE_STDCALL sqlite3_uri_boolean(const char *zFile, const char *zParam, int bDefault);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_uri_int64(const char*, const char*, sqlite3_int64);
+
+
+/*
+** CAPI3REF: Error Codes And Messages
+** METHOD: sqlite3
+**
+** ^If the most recent sqlite3_* API call associated with
+** [database connection] D failed, then the sqlite3_errcode(D) interface
+** returns the numeric [result code] or [extended result code] for that
+** API call.
+** If the most recent API call was successful,
+** then the return value from sqlite3_errcode() is undefined.
+** ^The sqlite3_extended_errcode()
+** interface is the same except that it always returns the
+** [extended result code] even when extended result codes are
+** disabled.
+**
+** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language
+** text that describes the error, as either UTF-8 or UTF-16 respectively.
+** ^(Memory to hold the error message string is managed internally.
+** The application does not need to worry about freeing the result.
+** However, the error string might be overwritten or deallocated by
+** subsequent calls to other SQLite interface functions.)^
+**
+** ^The sqlite3_errstr() interface returns the English-language text
+** that describes the [result code], as UTF-8.
+** ^(Memory to hold the error message string is managed internally
+** and must not be freed by the application)^.
+**
+** When the serialized [threading mode] is in use, it might be the
+** case that a second error occurs on a separate thread in between
+** the time of the first error and the call to these interfaces.
+** When that happens, the second error will be reported since these
+** interfaces always report the most recent result. To avoid
+** this, each thread can obtain exclusive use of the [database connection] D
+** by invoking [sqlite3_mutex_enter]([sqlite3_db_mutex](D)) before beginning
+** to use D and invoking [sqlite3_mutex_leave]([sqlite3_db_mutex](D)) after
+** all calls to the interfaces listed here are completed.
+**
+** If an interface fails with SQLITE_MISUSE, that means the interface
+** was invoked incorrectly by the application. In that case, the
+** error code and message may or may not be set.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_errcode(sqlite3 *db);
+SQLITE_API int SQLITE_STDCALL sqlite3_extended_errcode(sqlite3 *db);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_errmsg(sqlite3*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_errmsg16(sqlite3*);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_errstr(int);
+
+/*
+** CAPI3REF: Prepared Statement Object
+** KEYWORDS: {prepared statement} {prepared statements}
+**
+** An instance of this object represents a single SQL statement that
+** has been compiled into binary form and is ready to be evaluated.
+**
+** Think of each SQL statement as a separate computer program. The
+** original SQL text is source code. A prepared statement object
+** is the compiled object code. All SQL must be converted into a
+** prepared statement before it can be run.
+**
+** The life-cycle of a prepared statement object usually goes like this:
+**
+** <ol>
+** <li> Create the prepared statement object using [sqlite3_prepare_v2()].
+** <li> Bind values to [parameters] using the sqlite3_bind_*()
+** interfaces.
+** <li> Run the SQL by calling [sqlite3_step()] one or more times.
+** <li> Reset the prepared statement using [sqlite3_reset()] then go back
+** to step 2. Do this zero or more times.
+** <li> Destroy the object using [sqlite3_finalize()].
+** </ol>
+*/
+typedef struct sqlite3_stmt sqlite3_stmt;
+
+/*
+** CAPI3REF: Run-time Limits
+** METHOD: sqlite3
+**
+** ^(This interface allows the size of various constructs to be limited
+** on a connection by connection basis. The first parameter is the
+** [database connection] whose limit is to be set or queried. The
+** second parameter is one of the [limit categories] that define a
+** class of constructs to be size limited. The third parameter is the
+** new limit for that construct.)^
+**
+** ^If the new limit is a negative number, the limit is unchanged.
+** ^(For each limit category SQLITE_LIMIT_<i>NAME</i> there is a
+** [limits | hard upper bound]
+** set at compile-time by a C preprocessor macro called
+** [limits | SQLITE_MAX_<i>NAME</i>].
+** (The "_LIMIT_" in the name is changed to "_MAX_".))^
+** ^Attempts to increase a limit above its hard upper bound are
+** silently truncated to the hard upper bound.
+**
+** ^Regardless of whether or not the limit was changed, the
+** [sqlite3_limit()] interface returns the prior value of the limit.
+** ^Hence, to find the current value of a limit without changing it,
+** simply invoke this interface with the third parameter set to -1.
+**
+** Run-time limits are intended for use in applications that manage
+** both their own internal database and also databases that are controlled
+** by untrusted external sources. An example application might be a
+** web browser that has its own databases for storing history and
+** separate databases controlled by JavaScript applications downloaded
+** off the Internet. The internal databases can be given the
+** large, default limits. Databases managed by external sources can
+** be given much smaller limits designed to prevent a denial of service
+** attack. Developers might also want to use the [sqlite3_set_authorizer()]
+** interface to further control untrusted SQL. The size of the database
+** created by an untrusted script can be contained using the
+** [max_page_count] [PRAGMA].
+**
+** New run-time limit categories may be added in future releases.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_limit(sqlite3*, int id, int newVal);
+
+/*
+** CAPI3REF: Run-Time Limit Categories
+** KEYWORDS: {limit category} {*limit categories}
+**
+** These constants define various performance limits
+** that can be lowered at run-time using [sqlite3_limit()].
+** The synopsis of the meanings of the various limits is shown below.
+** Additional information is available at [limits | Limits in SQLite].
+**
+** <dl>
+** [[SQLITE_LIMIT_LENGTH]] ^(<dt>SQLITE_LIMIT_LENGTH</dt>
+** <dd>The maximum size of any string or BLOB or table row, in bytes.<dd>)^
+**
+** [[SQLITE_LIMIT_SQL_LENGTH]] ^(<dt>SQLITE_LIMIT_SQL_LENGTH</dt>
+** <dd>The maximum length of an SQL statement, in bytes.</dd>)^
+**
+** [[SQLITE_LIMIT_COLUMN]] ^(<dt>SQLITE_LIMIT_COLUMN</dt>
+** <dd>The maximum number of columns in a table definition or in the
+** result set of a [SELECT] or the maximum number of columns in an index
+** or in an ORDER BY or GROUP BY clause.</dd>)^
+**
+** [[SQLITE_LIMIT_EXPR_DEPTH]] ^(<dt>SQLITE_LIMIT_EXPR_DEPTH</dt>
+** <dd>The maximum depth of the parse tree on any expression.</dd>)^
+**
+** [[SQLITE_LIMIT_COMPOUND_SELECT]] ^(<dt>SQLITE_LIMIT_COMPOUND_SELECT</dt>
+** <dd>The maximum number of terms in a compound SELECT statement.</dd>)^
+**
+** [[SQLITE_LIMIT_VDBE_OP]] ^(<dt>SQLITE_LIMIT_VDBE_OP</dt>
+** <dd>The maximum number of instructions in a virtual machine program
+** used to implement an SQL statement. This limit is not currently
+** enforced, though that might be added in some future release of
+** SQLite.</dd>)^
+**
+** [[SQLITE_LIMIT_FUNCTION_ARG]] ^(<dt>SQLITE_LIMIT_FUNCTION_ARG</dt>
+** <dd>The maximum number of arguments on a function.</dd>)^
+**
+** [[SQLITE_LIMIT_ATTACHED]] ^(<dt>SQLITE_LIMIT_ATTACHED</dt>
+** <dd>The maximum number of [ATTACH | attached databases].)^</dd>
+**
+** [[SQLITE_LIMIT_LIKE_PATTERN_LENGTH]]
+** ^(<dt>SQLITE_LIMIT_LIKE_PATTERN_LENGTH</dt>
+** <dd>The maximum length of the pattern argument to the [LIKE] or
+** [GLOB] operators.</dd>)^
+**
+** [[SQLITE_LIMIT_VARIABLE_NUMBER]]
+** ^(<dt>SQLITE_LIMIT_VARIABLE_NUMBER</dt>
+** <dd>The maximum index number of any [parameter] in an SQL statement.)^
+**
+** [[SQLITE_LIMIT_TRIGGER_DEPTH]] ^(<dt>SQLITE_LIMIT_TRIGGER_DEPTH</dt>
+** <dd>The maximum depth of recursion for triggers.</dd>)^
+**
+** [[SQLITE_LIMIT_WORKER_THREADS]] ^(<dt>SQLITE_LIMIT_WORKER_THREADS</dt>
+** <dd>The maximum number of auxiliary worker threads that a single
+** [prepared statement] may start.</dd>)^
+** </dl>
+*/
+#define SQLITE_LIMIT_LENGTH 0
+#define SQLITE_LIMIT_SQL_LENGTH 1
+#define SQLITE_LIMIT_COLUMN 2
+#define SQLITE_LIMIT_EXPR_DEPTH 3
+#define SQLITE_LIMIT_COMPOUND_SELECT 4
+#define SQLITE_LIMIT_VDBE_OP 5
+#define SQLITE_LIMIT_FUNCTION_ARG 6
+#define SQLITE_LIMIT_ATTACHED 7
+#define SQLITE_LIMIT_LIKE_PATTERN_LENGTH 8
+#define SQLITE_LIMIT_VARIABLE_NUMBER 9
+#define SQLITE_LIMIT_TRIGGER_DEPTH 10
+#define SQLITE_LIMIT_WORKER_THREADS 11
+
+/*
+** CAPI3REF: Compiling An SQL Statement
+** KEYWORDS: {SQL statement compiler}
+** METHOD: sqlite3
+** CONSTRUCTOR: sqlite3_stmt
+**
+** To execute an SQL query, it must first be compiled into a byte-code
+** program using one of these routines.
+**
+** The first argument, "db", is a [database connection] obtained from a
+** prior successful call to [sqlite3_open()], [sqlite3_open_v2()] or
+** [sqlite3_open16()]. The database connection must not have been closed.
+**
+** The second argument, "zSql", is the statement to be compiled, encoded
+** as either UTF-8 or UTF-16. The sqlite3_prepare() and sqlite3_prepare_v2()
+** interfaces use UTF-8, and sqlite3_prepare16() and sqlite3_prepare16_v2()
+** use UTF-16.
+**
+** ^If the nByte argument is negative, then zSql is read up to the
+** first zero terminator. ^If nByte is positive, then it is the
+** number of bytes read from zSql. ^If nByte is zero, then no prepared
+** statement is generated.
+** If the caller knows that the supplied string is nul-terminated, then
+** there is a small performance advantage to passing an nByte parameter that
+** is the number of bytes in the input string <i>including</i>
+** the nul-terminator.
+**
+** ^If pzTail is not NULL then *pzTail is made to point to the first byte
+** past the end of the first SQL statement in zSql. These routines only
+** compile the first statement in zSql, so *pzTail is left pointing to
+** what remains uncompiled.
+**
+** ^*ppStmt is left pointing to a compiled [prepared statement] that can be
+** executed using [sqlite3_step()]. ^If there is an error, *ppStmt is set
+** to NULL. ^If the input text contains no SQL (if the input is an empty
+** string or a comment) then *ppStmt is set to NULL.
+** The calling procedure is responsible for deleting the compiled
+** SQL statement using [sqlite3_finalize()] after it has finished with it.
+** ppStmt may not be NULL.
+**
+** ^On success, the sqlite3_prepare() family of routines return [SQLITE_OK];
+** otherwise an [error code] is returned.
+**
+** The sqlite3_prepare_v2() and sqlite3_prepare16_v2() interfaces are
+** recommended for all new programs. The two older interfaces are retained
+** for backwards compatibility, but their use is discouraged.
+** ^In the "v2" interfaces, the prepared statement
+** that is returned (the [sqlite3_stmt] object) contains a copy of the
+** original SQL text. This causes the [sqlite3_step()] interface to
+** behave differently in three ways:
+**
+** <ol>
+** <li>
+** ^If the database schema changes, instead of returning [SQLITE_SCHEMA] as it
+** always used to do, [sqlite3_step()] will automatically recompile the SQL
+** statement and try to run it again. As many as [SQLITE_MAX_SCHEMA_RETRY]
+** retries will occur before sqlite3_step() gives up and returns an error.
+** </li>
+**
+** <li>
+** ^When an error occurs, [sqlite3_step()] will return one of the detailed
+** [error codes] or [extended error codes]. ^The legacy behavior was that
+** [sqlite3_step()] would only return a generic [SQLITE_ERROR] result code
+** and the application would have to make a second call to [sqlite3_reset()]
+** in order to find the underlying cause of the problem. With the "v2" prepare
+** interfaces, the underlying reason for the error is returned immediately.
+** </li>
+**
+** <li>
+** ^If the specific value bound to [parameter | host parameter] in the
+** WHERE clause might influence the choice of query plan for a statement,
+** then the statement will be automatically recompiled, as if there had been
+** a schema change, on the first [sqlite3_step()] call following any change
+** to the [sqlite3_bind_text | bindings] of that [parameter].
+** ^The specific value of WHERE-clause [parameter] might influence the
+** choice of query plan if the parameter is the left-hand side of a [LIKE]
+** or [GLOB] operator or if the parameter is compared to an indexed column
+** and the [SQLITE_ENABLE_STAT3] compile-time option is enabled.
+** </li>
+** </ol>
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare(
+ sqlite3 *db, /* Database handle */
+ const char *zSql, /* SQL statement, UTF-8 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const char **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare_v2(
+ sqlite3 *db, /* Database handle */
+ const char *zSql, /* SQL statement, UTF-8 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const char **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare16(
+ sqlite3 *db, /* Database handle */
+ const void *zSql, /* SQL statement, UTF-16 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const void **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_prepare16_v2(
+ sqlite3 *db, /* Database handle */
+ const void *zSql, /* SQL statement, UTF-16 encoded */
+ int nByte, /* Maximum length of zSql in bytes. */
+ sqlite3_stmt **ppStmt, /* OUT: Statement handle */
+ const void **pzTail /* OUT: Pointer to unused portion of zSql */
+);
+
+/*
+** CAPI3REF: Retrieving Statement SQL
+** METHOD: sqlite3_stmt
+**
+** ^This interface can be used to retrieve a saved copy of the original
+** SQL text used to create a [prepared statement] if that statement was
+** compiled using either [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()].
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_sql(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Determine If An SQL Statement Writes The Database
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_stmt_readonly(X) interface returns true (non-zero) if
+** and only if the [prepared statement] X makes no direct changes to
+** the content of the database file.
+**
+** Note that [application-defined SQL functions] or
+** [virtual tables] might change the database indirectly as a side effect.
+** ^(For example, if an application defines a function "eval()" that
+** calls [sqlite3_exec()], then the following SQL statement would
+** change the database file through side-effects:
+**
+** <blockquote><pre>
+** SELECT eval('DELETE FROM t1') FROM t2;
+** </pre></blockquote>
+**
+** But because the [SELECT] statement does not change the database file
+** directly, sqlite3_stmt_readonly() would still return true.)^
+**
+** ^Transaction control statements such as [BEGIN], [COMMIT], [ROLLBACK],
+** [SAVEPOINT], and [RELEASE] cause sqlite3_stmt_readonly() to return true,
+** since the statements themselves do not actually modify the database but
+** rather they control the timing of when other statements modify the
+** database. ^The [ATTACH] and [DETACH] statements also cause
+** sqlite3_stmt_readonly() to return true since, while those statements
+** change the configuration of a database connection, they do not make
+** changes to the content of the database files on disk.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_readonly(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Determine If A Prepared Statement Has Been Reset
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_stmt_busy(S) interface returns true (non-zero) if the
+** [prepared statement] S has been stepped at least once using
+** [sqlite3_step(S)] but has neither run to completion (returned
+** [SQLITE_DONE] from [sqlite3_step(S)]) nor
+** been reset using [sqlite3_reset(S)]. ^The sqlite3_stmt_busy(S)
+** interface returns false if S is a NULL pointer. If S is not a
+** NULL pointer and is not a pointer to a valid [prepared statement]
+** object, then the behavior is undefined and probably undesirable.
+**
+** This interface can be used in combination [sqlite3_next_stmt()]
+** to locate all prepared statements associated with a database
+** connection that are in need of being reset. This can be used,
+** for example, in diagnostic routines to search for prepared
+** statements that are holding a transaction open.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_busy(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Dynamically Typed Value Object
+** KEYWORDS: {protected sqlite3_value} {unprotected sqlite3_value}
+**
+** SQLite uses the sqlite3_value object to represent all values
+** that can be stored in a database table. SQLite uses dynamic typing
+** for the values it stores. ^Values stored in sqlite3_value objects
+** can be integers, floating point values, strings, BLOBs, or NULL.
+**
+** An sqlite3_value object may be either "protected" or "unprotected".
+** Some interfaces require a protected sqlite3_value. Other interfaces
+** will accept either a protected or an unprotected sqlite3_value.
+** Every interface that accepts sqlite3_value arguments specifies
+** whether or not it requires a protected sqlite3_value. The
+** [sqlite3_value_dup()] interface can be used to construct a new
+** protected sqlite3_value from an unprotected sqlite3_value.
+**
+** The terms "protected" and "unprotected" refer to whether or not
+** a mutex is held. An internal mutex is held for a protected
+** sqlite3_value object but no mutex is held for an unprotected
+** sqlite3_value object. If SQLite is compiled to be single-threaded
+** (with [SQLITE_THREADSAFE=0] and with [sqlite3_threadsafe()] returning 0)
+** or if SQLite is run in one of reduced mutex modes
+** [SQLITE_CONFIG_SINGLETHREAD] or [SQLITE_CONFIG_MULTITHREAD]
+** then there is no distinction between protected and unprotected
+** sqlite3_value objects and they can be used interchangeably. However,
+** for maximum code portability it is recommended that applications
+** still make the distinction between protected and unprotected
+** sqlite3_value objects even when not strictly required.
+**
+** ^The sqlite3_value objects that are passed as parameters into the
+** implementation of [application-defined SQL functions] are protected.
+** ^The sqlite3_value object returned by
+** [sqlite3_column_value()] is unprotected.
+** Unprotected sqlite3_value objects may only be used with
+** [sqlite3_result_value()] and [sqlite3_bind_value()].
+** The [sqlite3_value_blob | sqlite3_value_type()] family of
+** interfaces require protected sqlite3_value objects.
+*/
+typedef struct Mem sqlite3_value;
+
+/*
+** CAPI3REF: SQL Function Context Object
+**
+** The context in which an SQL function executes is stored in an
+** sqlite3_context object. ^A pointer to an sqlite3_context object
+** is always first parameter to [application-defined SQL functions].
+** The application-defined SQL function implementation will pass this
+** pointer through into calls to [sqlite3_result_int | sqlite3_result()],
+** [sqlite3_aggregate_context()], [sqlite3_user_data()],
+** [sqlite3_context_db_handle()], [sqlite3_get_auxdata()],
+** and/or [sqlite3_set_auxdata()].
+*/
+typedef struct sqlite3_context sqlite3_context;
+
+/*
+** CAPI3REF: Binding Values To Prepared Statements
+** KEYWORDS: {host parameter} {host parameters} {host parameter name}
+** KEYWORDS: {SQL parameter} {SQL parameters} {parameter binding}
+** METHOD: sqlite3_stmt
+**
+** ^(In the SQL statement text input to [sqlite3_prepare_v2()] and its variants,
+** literals may be replaced by a [parameter] that matches one of following
+** templates:
+**
+** <ul>
+** <li> ?
+** <li> ?NNN
+** <li> :VVV
+** <li> @VVV
+** <li> $VVV
+** </ul>
+**
+** In the templates above, NNN represents an integer literal,
+** and VVV represents an alphanumeric identifier.)^ ^The values of these
+** parameters (also called "host parameter names" or "SQL parameters")
+** can be set using the sqlite3_bind_*() routines defined here.
+**
+** ^The first argument to the sqlite3_bind_*() routines is always
+** a pointer to the [sqlite3_stmt] object returned from
+** [sqlite3_prepare_v2()] or its variants.
+**
+** ^The second argument is the index of the SQL parameter to be set.
+** ^The leftmost SQL parameter has an index of 1. ^When the same named
+** SQL parameter is used more than once, second and subsequent
+** occurrences have the same index as the first occurrence.
+** ^The index for named parameters can be looked up using the
+** [sqlite3_bind_parameter_index()] API if desired. ^The index
+** for "?NNN" parameters is the value of NNN.
+** ^The NNN value must be between 1 and the [sqlite3_limit()]
+** parameter [SQLITE_LIMIT_VARIABLE_NUMBER] (default value: 999).
+**
+** ^The third argument is the value to bind to the parameter.
+** ^If the third parameter to sqlite3_bind_text() or sqlite3_bind_text16()
+** or sqlite3_bind_blob() is a NULL pointer then the fourth parameter
+** is ignored and the end result is the same as sqlite3_bind_null().
+**
+** ^(In those routines that have a fourth argument, its value is the
+** number of bytes in the parameter. To be clear: the value is the
+** number of <u>bytes</u> in the value, not the number of characters.)^
+** ^If the fourth parameter to sqlite3_bind_text() or sqlite3_bind_text16()
+** is negative, then the length of the string is
+** the number of bytes up to the first zero terminator.
+** If the fourth parameter to sqlite3_bind_blob() is negative, then
+** the behavior is undefined.
+** If a non-negative fourth parameter is provided to sqlite3_bind_text()
+** or sqlite3_bind_text16() or sqlite3_bind_text64() then
+** that parameter must be the byte offset
+** where the NUL terminator would occur assuming the string were NUL
+** terminated. If any NUL characters occur at byte offsets less than
+** the value of the fourth parameter then the resulting string value will
+** contain embedded NULs. The result of expressions involving strings
+** with embedded NULs is undefined.
+**
+** ^The fifth argument to the BLOB and string binding interfaces
+** is a destructor used to dispose of the BLOB or
+** string after SQLite has finished with it. ^The destructor is called
+** to dispose of the BLOB or string even if the call to bind API fails.
+** ^If the fifth argument is
+** the special value [SQLITE_STATIC], then SQLite assumes that the
+** information is in static, unmanaged space and does not need to be freed.
+** ^If the fifth argument has the value [SQLITE_TRANSIENT], then
+** SQLite makes its own private copy of the data immediately, before
+** the sqlite3_bind_*() routine returns.
+**
+** ^The sixth argument to sqlite3_bind_text64() must be one of
+** [SQLITE_UTF8], [SQLITE_UTF16], [SQLITE_UTF16BE], or [SQLITE_UTF16LE]
+** to specify the encoding of the text in the third parameter. If
+** the sixth argument to sqlite3_bind_text64() is not one of the
+** allowed values shown above, or if the text encoding is different
+** from the encoding specified by the sixth parameter, then the behavior
+** is undefined.
+**
+** ^The sqlite3_bind_zeroblob() routine binds a BLOB of length N that
+** is filled with zeroes. ^A zeroblob uses a fixed amount of memory
+** (just an integer to hold its size) while it is being processed.
+** Zeroblobs are intended to serve as placeholders for BLOBs whose
+** content is later written using
+** [sqlite3_blob_open | incremental BLOB I/O] routines.
+** ^A negative value for the zeroblob results in a zero-length BLOB.
+**
+** ^If any of the sqlite3_bind_*() routines are called with a NULL pointer
+** for the [prepared statement] or with a prepared statement for which
+** [sqlite3_step()] has been called more recently than [sqlite3_reset()],
+** then the call will return [SQLITE_MISUSE]. If any sqlite3_bind_()
+** routine is passed a [prepared statement] that has been finalized, the
+** result is undefined and probably harmful.
+**
+** ^Bindings are not cleared by the [sqlite3_reset()] routine.
+** ^Unbound parameters are interpreted as NULL.
+**
+** ^The sqlite3_bind_* routines return [SQLITE_OK] on success or an
+** [error code] if anything goes wrong.
+** ^[SQLITE_TOOBIG] might be returned if the size of a string or BLOB
+** exceeds limits imposed by [sqlite3_limit]([SQLITE_LIMIT_LENGTH]) or
+** [SQLITE_MAX_LENGTH].
+** ^[SQLITE_RANGE] is returned if the parameter
+** index is out of range. ^[SQLITE_NOMEM] is returned if malloc() fails.
+**
+** See also: [sqlite3_bind_parameter_count()],
+** [sqlite3_bind_parameter_name()], and [sqlite3_bind_parameter_index()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_blob(sqlite3_stmt*, int, const void*, int n, void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_blob64(sqlite3_stmt*, int, const void*, sqlite3_uint64,
+ void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_double(sqlite3_stmt*, int, double);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_int(sqlite3_stmt*, int, int);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_int64(sqlite3_stmt*, int, sqlite3_int64);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_null(sqlite3_stmt*, int);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text(sqlite3_stmt*,int,const char*,int,void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text16(sqlite3_stmt*, int, const void*, int, void(*)(void*));
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_text64(sqlite3_stmt*, int, const char*, sqlite3_uint64,
+ void(*)(void*), unsigned char encoding);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_value(sqlite3_stmt*, int, const sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_zeroblob(sqlite3_stmt*, int, int n);
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_zeroblob64(sqlite3_stmt*, int, sqlite3_uint64);
+
+/*
+** CAPI3REF: Number Of SQL Parameters
+** METHOD: sqlite3_stmt
+**
+** ^This routine can be used to find the number of [SQL parameters]
+** in a [prepared statement]. SQL parameters are tokens of the
+** form "?", "?NNN", ":AAA", "$AAA", or "@AAA" that serve as
+** placeholders for values that are [sqlite3_bind_blob | bound]
+** to the parameters at a later time.
+**
+** ^(This routine actually returns the index of the largest (rightmost)
+** parameter. For all forms except ?NNN, this will correspond to the
+** number of unique parameters. If parameters of the ?NNN form are used,
+** there may be gaps in the list.)^
+**
+** See also: [sqlite3_bind_blob|sqlite3_bind()],
+** [sqlite3_bind_parameter_name()], and
+** [sqlite3_bind_parameter_index()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_parameter_count(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Name Of A Host Parameter
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_bind_parameter_name(P,N) interface returns
+** the name of the N-th [SQL parameter] in the [prepared statement] P.
+** ^(SQL parameters of the form "?NNN" or ":AAA" or "@AAA" or "$AAA"
+** have a name which is the string "?NNN" or ":AAA" or "@AAA" or "$AAA"
+** respectively.
+** In other words, the initial ":" or "$" or "@" or "?"
+** is included as part of the name.)^
+** ^Parameters of the form "?" without a following integer have no name
+** and are referred to as "nameless" or "anonymous parameters".
+**
+** ^The first host parameter has an index of 1, not 0.
+**
+** ^If the value N is out of range or if the N-th parameter is
+** nameless, then NULL is returned. ^The returned string is
+** always in UTF-8 encoding even if the named parameter was
+** originally specified as UTF-16 in [sqlite3_prepare16()] or
+** [sqlite3_prepare16_v2()].
+**
+** See also: [sqlite3_bind_blob|sqlite3_bind()],
+** [sqlite3_bind_parameter_count()], and
+** [sqlite3_bind_parameter_index()].
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_bind_parameter_name(sqlite3_stmt*, int);
+
+/*
+** CAPI3REF: Index Of A Parameter With A Given Name
+** METHOD: sqlite3_stmt
+**
+** ^Return the index of an SQL parameter given its name. ^The
+** index value returned is suitable for use as the second
+** parameter to [sqlite3_bind_blob|sqlite3_bind()]. ^A zero
+** is returned if no matching parameter is found. ^The parameter
+** name must be given in UTF-8 even if the original statement
+** was prepared from UTF-16 text using [sqlite3_prepare16_v2()].
+**
+** See also: [sqlite3_bind_blob|sqlite3_bind()],
+** [sqlite3_bind_parameter_count()], and
+** [sqlite3_bind_parameter_name()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_bind_parameter_index(sqlite3_stmt*, const char *zName);
+
+/*
+** CAPI3REF: Reset All Bindings On A Prepared Statement
+** METHOD: sqlite3_stmt
+**
+** ^Contrary to the intuition of many, [sqlite3_reset()] does not reset
+** the [sqlite3_bind_blob | bindings] on a [prepared statement].
+** ^Use this routine to reset all host parameters to NULL.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_clear_bindings(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Number Of Columns In A Result Set
+** METHOD: sqlite3_stmt
+**
+** ^Return the number of columns in the result set returned by the
+** [prepared statement]. ^This routine returns 0 if pStmt is an SQL
+** statement that does not return data (for example an [UPDATE]).
+**
+** See also: [sqlite3_data_count()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_column_count(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Column Names In A Result Set
+** METHOD: sqlite3_stmt
+**
+** ^These routines return the name assigned to a particular column
+** in the result set of a [SELECT] statement. ^The sqlite3_column_name()
+** interface returns a pointer to a zero-terminated UTF-8 string
+** and sqlite3_column_name16() returns a pointer to a zero-terminated
+** UTF-16 string. ^The first parameter is the [prepared statement]
+** that implements the [SELECT] statement. ^The second parameter is the
+** column number. ^The leftmost column is number 0.
+**
+** ^The returned string pointer is valid until either the [prepared statement]
+** is destroyed by [sqlite3_finalize()] or until the statement is automatically
+** reprepared by the first call to [sqlite3_step()] for a particular run
+** or until the next call to
+** sqlite3_column_name() or sqlite3_column_name16() on the same column.
+**
+** ^If sqlite3_malloc() fails during the processing of either routine
+** (for example during a conversion from UTF-8 to UTF-16) then a
+** NULL pointer is returned.
+**
+** ^The name of a result column is the value of the "AS" clause for
+** that column, if there is an AS clause. If there is no AS clause
+** then the name of the column is unspecified and may change from
+** one release of SQLite to the next.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_name(sqlite3_stmt*, int N);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_name16(sqlite3_stmt*, int N);
+
+/*
+** CAPI3REF: Source Of Data In A Query Result
+** METHOD: sqlite3_stmt
+**
+** ^These routines provide a means to determine the database, table, and
+** table column that is the origin of a particular result column in
+** [SELECT] statement.
+** ^The name of the database or table or column can be returned as
+** either a UTF-8 or UTF-16 string. ^The _database_ routines return
+** the database name, the _table_ routines return the table name, and
+** the origin_ routines return the column name.
+** ^The returned string is valid until the [prepared statement] is destroyed
+** using [sqlite3_finalize()] or until the statement is automatically
+** reprepared by the first call to [sqlite3_step()] for a particular run
+** or until the same information is requested
+** again in a different encoding.
+**
+** ^The names returned are the original un-aliased names of the
+** database, table, and column.
+**
+** ^The first argument to these interfaces is a [prepared statement].
+** ^These functions return information about the Nth result column returned by
+** the statement, where N is the second function argument.
+** ^The left-most column is column 0 for these routines.
+**
+** ^If the Nth column returned by the statement is an expression or
+** subquery and is not a column value, then all of these functions return
+** NULL. ^These routine might also return NULL if a memory allocation error
+** occurs. ^Otherwise, they return the name of the attached database, table,
+** or column that query result column was extracted from.
+**
+** ^As with all other SQLite APIs, those whose names end with "16" return
+** UTF-16 encoded strings and the other functions return UTF-8.
+**
+** ^These APIs are only available if the library was compiled with the
+** [SQLITE_ENABLE_COLUMN_METADATA] C-preprocessor symbol.
+**
+** If two or more threads call one or more of these routines against the same
+** prepared statement and column at the same time then the results are
+** undefined.
+**
+** If two or more threads call one or more
+** [sqlite3_column_database_name | column metadata interfaces]
+** for the same [prepared statement] and result column
+** at the same time then the results are undefined.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_database_name(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_database_name16(sqlite3_stmt*,int);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_table_name(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_table_name16(sqlite3_stmt*,int);
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_origin_name(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_origin_name16(sqlite3_stmt*,int);
+
+/*
+** CAPI3REF: Declared Datatype Of A Query Result
+** METHOD: sqlite3_stmt
+**
+** ^(The first parameter is a [prepared statement].
+** If this statement is a [SELECT] statement and the Nth column of the
+** returned result set of that [SELECT] is a table column (not an
+** expression or subquery) then the declared type of the table
+** column is returned.)^ ^If the Nth column of the result set is an
+** expression or subquery, then a NULL pointer is returned.
+** ^The returned string is always UTF-8 encoded.
+**
+** ^(For example, given the database schema:
+**
+** CREATE TABLE t1(c1 VARIANT);
+**
+** and the following statement to be compiled:
+**
+** SELECT c1 + 1, c1 FROM t1;
+**
+** this routine would return the string "VARIANT" for the second result
+** column (i==1), and a NULL pointer for the first result column (i==0).)^
+**
+** ^SQLite uses dynamic run-time typing. ^So just because a column
+** is declared to contain a particular type does not mean that the
+** data stored in that column is of the declared type. SQLite is
+** strongly typed, but the typing is dynamic not static. ^Type
+** is associated with individual values, not with the containers
+** used to hold those values.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_column_decltype(sqlite3_stmt*,int);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_decltype16(sqlite3_stmt*,int);
+
+/*
+** CAPI3REF: Evaluate An SQL Statement
+** METHOD: sqlite3_stmt
+**
+** After a [prepared statement] has been prepared using either
+** [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()] or one of the legacy
+** interfaces [sqlite3_prepare()] or [sqlite3_prepare16()], this function
+** must be called one or more times to evaluate the statement.
+**
+** The details of the behavior of the sqlite3_step() interface depend
+** on whether the statement was prepared using the newer "v2" interface
+** [sqlite3_prepare_v2()] and [sqlite3_prepare16_v2()] or the older legacy
+** interface [sqlite3_prepare()] and [sqlite3_prepare16()]. The use of the
+** new "v2" interface is recommended for new applications but the legacy
+** interface will continue to be supported.
+**
+** ^In the legacy interface, the return value will be either [SQLITE_BUSY],
+** [SQLITE_DONE], [SQLITE_ROW], [SQLITE_ERROR], or [SQLITE_MISUSE].
+** ^With the "v2" interface, any of the other [result codes] or
+** [extended result codes] might be returned as well.
+**
+** ^[SQLITE_BUSY] means that the database engine was unable to acquire the
+** database locks it needs to do its job. ^If the statement is a [COMMIT]
+** or occurs outside of an explicit transaction, then you can retry the
+** statement. If the statement is not a [COMMIT] and occurs within an
+** explicit transaction then you should rollback the transaction before
+** continuing.
+**
+** ^[SQLITE_DONE] means that the statement has finished executing
+** successfully. sqlite3_step() should not be called again on this virtual
+** machine without first calling [sqlite3_reset()] to reset the virtual
+** machine back to its initial state.
+**
+** ^If the SQL statement being executed returns any data, then [SQLITE_ROW]
+** is returned each time a new row of data is ready for processing by the
+** caller. The values may be accessed using the [column access functions].
+** sqlite3_step() is called again to retrieve the next row of data.
+**
+** ^[SQLITE_ERROR] means that a run-time error (such as a constraint
+** violation) has occurred. sqlite3_step() should not be called again on
+** the VM. More information may be found by calling [sqlite3_errmsg()].
+** ^With the legacy interface, a more specific error code (for example,
+** [SQLITE_INTERRUPT], [SQLITE_SCHEMA], [SQLITE_CORRUPT], and so forth)
+** can be obtained by calling [sqlite3_reset()] on the
+** [prepared statement]. ^In the "v2" interface,
+** the more specific error code is returned directly by sqlite3_step().
+**
+** [SQLITE_MISUSE] means that the this routine was called inappropriately.
+** Perhaps it was called on a [prepared statement] that has
+** already been [sqlite3_finalize | finalized] or on one that had
+** previously returned [SQLITE_ERROR] or [SQLITE_DONE]. Or it could
+** be the case that the same database connection is being used by two or
+** more threads at the same moment in time.
+**
+** For all versions of SQLite up to and including 3.6.23.1, a call to
+** [sqlite3_reset()] was required after sqlite3_step() returned anything
+** other than [SQLITE_ROW] before any subsequent invocation of
+** sqlite3_step(). Failure to reset the prepared statement using
+** [sqlite3_reset()] would result in an [SQLITE_MISUSE] return from
+** sqlite3_step(). But after version 3.6.23.1, sqlite3_step() began
+** calling [sqlite3_reset()] automatically in this circumstance rather
+** than returning [SQLITE_MISUSE]. This is not considered a compatibility
+** break because any application that ever receives an SQLITE_MISUSE error
+** is broken by definition. The [SQLITE_OMIT_AUTORESET] compile-time option
+** can be used to restore the legacy behavior.
+**
+** <b>Goofy Interface Alert:</b> In the legacy interface, the sqlite3_step()
+** API always returns a generic error code, [SQLITE_ERROR], following any
+** error other than [SQLITE_BUSY] and [SQLITE_MISUSE]. You must call
+** [sqlite3_reset()] or [sqlite3_finalize()] in order to find one of the
+** specific [error codes] that better describes the error.
+** We admit that this is a goofy design. The problem has been fixed
+** with the "v2" interface. If you prepare all of your SQL statements
+** using either [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()] instead
+** of the legacy [sqlite3_prepare()] and [sqlite3_prepare16()] interfaces,
+** then the more specific [error codes] are returned directly
+** by sqlite3_step(). The use of the "v2" interface is recommended.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_step(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Number of columns in a result set
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_data_count(P) interface returns the number of columns in the
+** current row of the result set of [prepared statement] P.
+** ^If prepared statement P does not have results ready to return
+** (via calls to the [sqlite3_column_int | sqlite3_column_*()] of
+** interfaces) then sqlite3_data_count(P) returns 0.
+** ^The sqlite3_data_count(P) routine also returns 0 if P is a NULL pointer.
+** ^The sqlite3_data_count(P) routine returns 0 if the previous call to
+** [sqlite3_step](P) returned [SQLITE_DONE]. ^The sqlite3_data_count(P)
+** will return non-zero if previous call to [sqlite3_step](P) returned
+** [SQLITE_ROW], except in the case of the [PRAGMA incremental_vacuum]
+** where it always returns zero since each step of that multi-step
+** pragma returns 0 columns of data.
+**
+** See also: [sqlite3_column_count()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_data_count(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Fundamental Datatypes
+** KEYWORDS: SQLITE_TEXT
+**
+** ^(Every value in SQLite has one of five fundamental datatypes:
+**
+** <ul>
+** <li> 64-bit signed integer
+** <li> 64-bit IEEE floating point number
+** <li> string
+** <li> BLOB
+** <li> NULL
+** </ul>)^
+**
+** These constants are codes for each of those types.
+**
+** Note that the SQLITE_TEXT constant was also used in SQLite version 2
+** for a completely different meaning. Software that links against both
+** SQLite version 2 and SQLite version 3 should use SQLITE3_TEXT, not
+** SQLITE_TEXT.
+*/
+#define SQLITE_INTEGER 1
+#define SQLITE_FLOAT 2
+#define SQLITE_BLOB 4
+#define SQLITE_NULL 5
+#ifdef SQLITE_TEXT
+# undef SQLITE_TEXT
+#else
+# define SQLITE_TEXT 3
+#endif
+#define SQLITE3_TEXT 3
+
+/*
+** CAPI3REF: Result Values From A Query
+** KEYWORDS: {column access functions}
+** METHOD: sqlite3_stmt
+**
+** ^These routines return information about a single column of the current
+** result row of a query. ^In every case the first argument is a pointer
+** to the [prepared statement] that is being evaluated (the [sqlite3_stmt*]
+** that was returned from [sqlite3_prepare_v2()] or one of its variants)
+** and the second argument is the index of the column for which information
+** should be returned. ^The leftmost column of the result set has the index 0.
+** ^The number of columns in the result can be determined using
+** [sqlite3_column_count()].
+**
+** If the SQL statement does not currently point to a valid row, or if the
+** column index is out of range, the result is undefined.
+** These routines may only be called when the most recent call to
+** [sqlite3_step()] has returned [SQLITE_ROW] and neither
+** [sqlite3_reset()] nor [sqlite3_finalize()] have been called subsequently.
+** If any of these routines are called after [sqlite3_reset()] or
+** [sqlite3_finalize()] or after [sqlite3_step()] has returned
+** something other than [SQLITE_ROW], the results are undefined.
+** If [sqlite3_step()] or [sqlite3_reset()] or [sqlite3_finalize()]
+** are called from a different thread while any of these routines
+** are pending, then the results are undefined.
+**
+** ^The sqlite3_column_type() routine returns the
+** [SQLITE_INTEGER | datatype code] for the initial data type
+** of the result column. ^The returned value is one of [SQLITE_INTEGER],
+** [SQLITE_FLOAT], [SQLITE_TEXT], [SQLITE_BLOB], or [SQLITE_NULL]. The value
+** returned by sqlite3_column_type() is only meaningful if no type
+** conversions have occurred as described below. After a type conversion,
+** the value returned by sqlite3_column_type() is undefined. Future
+** versions of SQLite may change the behavior of sqlite3_column_type()
+** following a type conversion.
+**
+** ^If the result is a BLOB or UTF-8 string then the sqlite3_column_bytes()
+** routine returns the number of bytes in that BLOB or string.
+** ^If the result is a UTF-16 string, then sqlite3_column_bytes() converts
+** the string to UTF-8 and then returns the number of bytes.
+** ^If the result is a numeric value then sqlite3_column_bytes() uses
+** [sqlite3_snprintf()] to convert that value to a UTF-8 string and returns
+** the number of bytes in that string.
+** ^If the result is NULL, then sqlite3_column_bytes() returns zero.
+**
+** ^If the result is a BLOB or UTF-16 string then the sqlite3_column_bytes16()
+** routine returns the number of bytes in that BLOB or string.
+** ^If the result is a UTF-8 string, then sqlite3_column_bytes16() converts
+** the string to UTF-16 and then returns the number of bytes.
+** ^If the result is a numeric value then sqlite3_column_bytes16() uses
+** [sqlite3_snprintf()] to convert that value to a UTF-16 string and returns
+** the number of bytes in that string.
+** ^If the result is NULL, then sqlite3_column_bytes16() returns zero.
+**
+** ^The values returned by [sqlite3_column_bytes()] and
+** [sqlite3_column_bytes16()] do not include the zero terminators at the end
+** of the string. ^For clarity: the values returned by
+** [sqlite3_column_bytes()] and [sqlite3_column_bytes16()] are the number of
+** bytes in the string, not the number of characters.
+**
+** ^Strings returned by sqlite3_column_text() and sqlite3_column_text16(),
+** even empty strings, are always zero-terminated. ^The return
+** value from sqlite3_column_blob() for a zero-length BLOB is a NULL pointer.
+**
+** <b>Warning:</b> ^The object returned by [sqlite3_column_value()] is an
+** [unprotected sqlite3_value] object. In a multithreaded environment,
+** an unprotected sqlite3_value object may only be used safely with
+** [sqlite3_bind_value()] and [sqlite3_result_value()].
+** If the [unprotected sqlite3_value] object returned by
+** [sqlite3_column_value()] is used in any other way, including calls
+** to routines like [sqlite3_value_int()], [sqlite3_value_text()],
+** or [sqlite3_value_bytes()], the behavior is not threadsafe.
+**
+** These routines attempt to convert the value where appropriate. ^For
+** example, if the internal representation is FLOAT and a text result
+** is requested, [sqlite3_snprintf()] is used internally to perform the
+** conversion automatically. ^(The following table details the conversions
+** that are applied:
+**
+** <blockquote>
+** <table border="1">
+** <tr><th> Internal<br>Type <th> Requested<br>Type <th> Conversion
+**
+** <tr><td> NULL <td> INTEGER <td> Result is 0
+** <tr><td> NULL <td> FLOAT <td> Result is 0.0
+** <tr><td> NULL <td> TEXT <td> Result is a NULL pointer
+** <tr><td> NULL <td> BLOB <td> Result is a NULL pointer
+** <tr><td> INTEGER <td> FLOAT <td> Convert from integer to float
+** <tr><td> INTEGER <td> TEXT <td> ASCII rendering of the integer
+** <tr><td> INTEGER <td> BLOB <td> Same as INTEGER->TEXT
+** <tr><td> FLOAT <td> INTEGER <td> [CAST] to INTEGER
+** <tr><td> FLOAT <td> TEXT <td> ASCII rendering of the float
+** <tr><td> FLOAT <td> BLOB <td> [CAST] to BLOB
+** <tr><td> TEXT <td> INTEGER <td> [CAST] to INTEGER
+** <tr><td> TEXT <td> FLOAT <td> [CAST] to REAL
+** <tr><td> TEXT <td> BLOB <td> No change
+** <tr><td> BLOB <td> INTEGER <td> [CAST] to INTEGER
+** <tr><td> BLOB <td> FLOAT <td> [CAST] to REAL
+** <tr><td> BLOB <td> TEXT <td> Add a zero terminator if needed
+** </table>
+** </blockquote>)^
+**
+** Note that when type conversions occur, pointers returned by prior
+** calls to sqlite3_column_blob(), sqlite3_column_text(), and/or
+** sqlite3_column_text16() may be invalidated.
+** Type conversions and pointer invalidations might occur
+** in the following cases:
+**
+** <ul>
+** <li> The initial content is a BLOB and sqlite3_column_text() or
+** sqlite3_column_text16() is called. A zero-terminator might
+** need to be added to the string.</li>
+** <li> The initial content is UTF-8 text and sqlite3_column_bytes16() or
+** sqlite3_column_text16() is called. The content must be converted
+** to UTF-16.</li>
+** <li> The initial content is UTF-16 text and sqlite3_column_bytes() or
+** sqlite3_column_text() is called. The content must be converted
+** to UTF-8.</li>
+** </ul>
+**
+** ^Conversions between UTF-16be and UTF-16le are always done in place and do
+** not invalidate a prior pointer, though of course the content of the buffer
+** that the prior pointer references will have been modified. Other kinds
+** of conversion are done in place when it is possible, but sometimes they
+** are not possible and in those cases prior pointers are invalidated.
+**
+** The safest policy is to invoke these routines
+** in one of the following ways:
+**
+** <ul>
+** <li>sqlite3_column_text() followed by sqlite3_column_bytes()</li>
+** <li>sqlite3_column_blob() followed by sqlite3_column_bytes()</li>
+** <li>sqlite3_column_text16() followed by sqlite3_column_bytes16()</li>
+** </ul>
+**
+** In other words, you should call sqlite3_column_text(),
+** sqlite3_column_blob(), or sqlite3_column_text16() first to force the result
+** into the desired format, then invoke sqlite3_column_bytes() or
+** sqlite3_column_bytes16() to find the size of the result. Do not mix calls
+** to sqlite3_column_text() or sqlite3_column_blob() with calls to
+** sqlite3_column_bytes16(), and do not mix calls to sqlite3_column_text16()
+** with calls to sqlite3_column_bytes().
+**
+** ^The pointers returned are valid until a type conversion occurs as
+** described above, or until [sqlite3_step()] or [sqlite3_reset()] or
+** [sqlite3_finalize()] is called. ^The memory space used to hold strings
+** and BLOBs is freed automatically. Do <em>not</em> pass the pointers returned
+** from [sqlite3_column_blob()], [sqlite3_column_text()], etc. into
+** [sqlite3_free()].
+**
+** ^(If a memory allocation error occurs during the evaluation of any
+** of these routines, a default value is returned. The default value
+** is either the integer 0, the floating point number 0.0, or a NULL
+** pointer. Subsequent calls to [sqlite3_errcode()] will return
+** [SQLITE_NOMEM].)^
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_blob(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_bytes(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_bytes16(sqlite3_stmt*, int iCol);
+SQLITE_API double SQLITE_STDCALL sqlite3_column_double(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_int(sqlite3_stmt*, int iCol);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_column_int64(sqlite3_stmt*, int iCol);
+SQLITE_API const unsigned char *SQLITE_STDCALL sqlite3_column_text(sqlite3_stmt*, int iCol);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_column_text16(sqlite3_stmt*, int iCol);
+SQLITE_API int SQLITE_STDCALL sqlite3_column_type(sqlite3_stmt*, int iCol);
+SQLITE_API sqlite3_value *SQLITE_STDCALL sqlite3_column_value(sqlite3_stmt*, int iCol);
+
+/*
+** CAPI3REF: Destroy A Prepared Statement Object
+** DESTRUCTOR: sqlite3_stmt
+**
+** ^The sqlite3_finalize() function is called to delete a [prepared statement].
+** ^If the most recent evaluation of the statement encountered no errors
+** or if the statement is never been evaluated, then sqlite3_finalize() returns
+** SQLITE_OK. ^If the most recent evaluation of statement S failed, then
+** sqlite3_finalize(S) returns the appropriate [error code] or
+** [extended error code].
+**
+** ^The sqlite3_finalize(S) routine can be called at any point during
+** the life cycle of [prepared statement] S:
+** before statement S is ever evaluated, after
+** one or more calls to [sqlite3_reset()], or after any call
+** to [sqlite3_step()] regardless of whether or not the statement has
+** completed execution.
+**
+** ^Invoking sqlite3_finalize() on a NULL pointer is a harmless no-op.
+**
+** The application must finalize every [prepared statement] in order to avoid
+** resource leaks. It is a grievous error for the application to try to use
+** a prepared statement after it has been finalized. Any use of a prepared
+** statement after it has been finalized can result in undefined and
+** undesirable behavior such as segfaults and heap corruption.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_finalize(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Reset A Prepared Statement Object
+** METHOD: sqlite3_stmt
+**
+** The sqlite3_reset() function is called to reset a [prepared statement]
+** object back to its initial state, ready to be re-executed.
+** ^Any SQL statement variables that had values bound to them using
+** the [sqlite3_bind_blob | sqlite3_bind_*() API] retain their values.
+** Use [sqlite3_clear_bindings()] to reset the bindings.
+**
+** ^The [sqlite3_reset(S)] interface resets the [prepared statement] S
+** back to the beginning of its program.
+**
+** ^If the most recent call to [sqlite3_step(S)] for the
+** [prepared statement] S returned [SQLITE_ROW] or [SQLITE_DONE],
+** or if [sqlite3_step(S)] has never before been called on S,
+** then [sqlite3_reset(S)] returns [SQLITE_OK].
+**
+** ^If the most recent call to [sqlite3_step(S)] for the
+** [prepared statement] S indicated an error, then
+** [sqlite3_reset(S)] returns an appropriate [error code].
+**
+** ^The [sqlite3_reset(S)] interface does not change the values
+** of any [sqlite3_bind_blob|bindings] on the [prepared statement] S.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_reset(sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Create Or Redefine SQL Functions
+** KEYWORDS: {function creation routines}
+** KEYWORDS: {application-defined SQL function}
+** KEYWORDS: {application-defined SQL functions}
+** METHOD: sqlite3
+**
+** ^These functions (collectively known as "function creation routines")
+** are used to add SQL functions or aggregates or to redefine the behavior
+** of existing SQL functions or aggregates. The only differences between
+** these routines are the text encoding expected for
+** the second parameter (the name of the function being created)
+** and the presence or absence of a destructor callback for
+** the application data pointer.
+**
+** ^The first parameter is the [database connection] to which the SQL
+** function is to be added. ^If an application uses more than one database
+** connection then application-defined SQL functions must be added
+** to each database connection separately.
+**
+** ^The second parameter is the name of the SQL function to be created or
+** redefined. ^The length of the name is limited to 255 bytes in a UTF-8
+** representation, exclusive of the zero-terminator. ^Note that the name
+** length limit is in UTF-8 bytes, not characters nor UTF-16 bytes.
+** ^Any attempt to create a function with a longer name
+** will result in [SQLITE_MISUSE] being returned.
+**
+** ^The third parameter (nArg)
+** is the number of arguments that the SQL function or
+** aggregate takes. ^If this parameter is -1, then the SQL function or
+** aggregate may take any number of arguments between 0 and the limit
+** set by [sqlite3_limit]([SQLITE_LIMIT_FUNCTION_ARG]). If the third
+** parameter is less than -1 or greater than 127 then the behavior is
+** undefined.
+**
+** ^The fourth parameter, eTextRep, specifies what
+** [SQLITE_UTF8 | text encoding] this SQL function prefers for
+** its parameters. The application should set this parameter to
+** [SQLITE_UTF16LE] if the function implementation invokes
+** [sqlite3_value_text16le()] on an input, or [SQLITE_UTF16BE] if the
+** implementation invokes [sqlite3_value_text16be()] on an input, or
+** [SQLITE_UTF16] if [sqlite3_value_text16()] is used, or [SQLITE_UTF8]
+** otherwise. ^The same SQL function may be registered multiple times using
+** different preferred text encodings, with different implementations for
+** each encoding.
+** ^When multiple implementations of the same function are available, SQLite
+** will pick the one that involves the least amount of data conversion.
+**
+** ^The fourth parameter may optionally be ORed with [SQLITE_DETERMINISTIC]
+** to signal that the function will always return the same result given
+** the same inputs within a single SQL statement. Most SQL functions are
+** deterministic. The built-in [random()] SQL function is an example of a
+** function that is not deterministic. The SQLite query planner is able to
+** perform additional optimizations on deterministic functions, so use
+** of the [SQLITE_DETERMINISTIC] flag is recommended where possible.
+**
+** ^(The fifth parameter is an arbitrary pointer. The implementation of the
+** function can gain access to this pointer using [sqlite3_user_data()].)^
+**
+** ^The sixth, seventh and eighth parameters, xFunc, xStep and xFinal, are
+** pointers to C-language functions that implement the SQL function or
+** aggregate. ^A scalar SQL function requires an implementation of the xFunc
+** callback only; NULL pointers must be passed as the xStep and xFinal
+** parameters. ^An aggregate SQL function requires an implementation of xStep
+** and xFinal and NULL pointer must be passed for xFunc. ^To delete an existing
+** SQL function or aggregate, pass NULL pointers for all three function
+** callbacks.
+**
+** ^(If the ninth parameter to sqlite3_create_function_v2() is not NULL,
+** then it is destructor for the application data pointer.
+** The destructor is invoked when the function is deleted, either by being
+** overloaded or when the database connection closes.)^
+** ^The destructor is also invoked if the call to
+** sqlite3_create_function_v2() fails.
+** ^When the destructor callback of the tenth parameter is invoked, it
+** is passed a single argument which is a copy of the application data
+** pointer which was the fifth parameter to sqlite3_create_function_v2().
+**
+** ^It is permitted to register multiple implementations of the same
+** functions with the same name but with either differing numbers of
+** arguments or differing preferred text encodings. ^SQLite will use
+** the implementation that most closely matches the way in which the
+** SQL function is used. ^A function implementation with a non-negative
+** nArg parameter is a better match than a function implementation with
+** a negative nArg. ^A function where the preferred text encoding
+** matches the database encoding is a better
+** match than a function where the encoding is different.
+** ^A function where the encoding difference is between UTF16le and UTF16be
+** is a closer match than a function where the encoding difference is
+** between UTF8 and UTF16.
+**
+** ^Built-in functions may be overloaded by new application-defined functions.
+**
+** ^An application-defined function is permitted to call other
+** SQLite interfaces. However, such calls must not
+** close the database connection nor finalize or reset the prepared
+** statement in which the function is running.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function(
+ sqlite3 *db,
+ const char *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *pApp,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function16(
+ sqlite3 *db,
+ const void *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *pApp,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_function_v2(
+ sqlite3 *db,
+ const char *zFunctionName,
+ int nArg,
+ int eTextRep,
+ void *pApp,
+ void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
+ void (*xStep)(sqlite3_context*,int,sqlite3_value**),
+ void (*xFinal)(sqlite3_context*),
+ void(*xDestroy)(void*)
+);
+
+/*
+** CAPI3REF: Text Encodings
+**
+** These constant define integer codes that represent the various
+** text encodings supported by SQLite.
+*/
+#define SQLITE_UTF8 1 /* IMP: R-37514-35566 */
+#define SQLITE_UTF16LE 2 /* IMP: R-03371-37637 */
+#define SQLITE_UTF16BE 3 /* IMP: R-51971-34154 */
+#define SQLITE_UTF16 4 /* Use native byte order */
+#define SQLITE_ANY 5 /* Deprecated */
+#define SQLITE_UTF16_ALIGNED 8 /* sqlite3_create_collation only */
+
+/*
+** CAPI3REF: Function Flags
+**
+** These constants may be ORed together with the
+** [SQLITE_UTF8 | preferred text encoding] as the fourth argument
+** to [sqlite3_create_function()], [sqlite3_create_function16()], or
+** [sqlite3_create_function_v2()].
+*/
+#define SQLITE_DETERMINISTIC 0x800
+
+/*
+** CAPI3REF: Deprecated Functions
+** DEPRECATED
+**
+** These functions are [deprecated]. In order to maintain
+** backwards compatibility with older code, these functions continue
+** to be supported. However, new applications should avoid
+** the use of these functions. To encourage programmers to avoid
+** these functions, we will not explain what they do.
+*/
+#ifndef SQLITE_OMIT_DEPRECATED
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_aggregate_count(sqlite3_context*);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_expired(sqlite3_stmt*);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_transfer_bindings(sqlite3_stmt*, sqlite3_stmt*);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_global_recover(void);
+SQLITE_API SQLITE_DEPRECATED void SQLITE_STDCALL sqlite3_thread_cleanup(void);
+SQLITE_API SQLITE_DEPRECATED int SQLITE_STDCALL sqlite3_memory_alarm(void(*)(void*,sqlite3_int64,int),
+ void*,sqlite3_int64);
+#endif
+
+/*
+** CAPI3REF: Obtaining SQL Values
+** METHOD: sqlite3_value
+**
+** The C-language implementation of SQL functions and aggregates uses
+** this set of interface routines to access the parameter values on
+** the function or aggregate.
+**
+** The xFunc (for scalar functions) or xStep (for aggregates) parameters
+** to [sqlite3_create_function()] and [sqlite3_create_function16()]
+** define callbacks that implement the SQL functions and aggregates.
+** The 3rd parameter to these callbacks is an array of pointers to
+** [protected sqlite3_value] objects. There is one [sqlite3_value] object for
+** each parameter to the SQL function. These routines are used to
+** extract values from the [sqlite3_value] objects.
+**
+** These routines work only with [protected sqlite3_value] objects.
+** Any attempt to use these routines on an [unprotected sqlite3_value]
+** object results in undefined behavior.
+**
+** ^These routines work just like the corresponding [column access functions]
+** except that these routines take a single [protected sqlite3_value] object
+** pointer instead of a [sqlite3_stmt*] pointer and an integer column number.
+**
+** ^The sqlite3_value_text16() interface extracts a UTF-16 string
+** in the native byte-order of the host machine. ^The
+** sqlite3_value_text16be() and sqlite3_value_text16le() interfaces
+** extract UTF-16 strings as big-endian and little-endian respectively.
+**
+** ^(The sqlite3_value_numeric_type() interface attempts to apply
+** numeric affinity to the value. This means that an attempt is
+** made to convert the value to an integer or floating point. If
+** such a conversion is possible without loss of information (in other
+** words, if the value is a string that looks like a number)
+** then the conversion is performed. Otherwise no conversion occurs.
+** The [SQLITE_INTEGER | datatype] after conversion is returned.)^
+**
+** Please pay particular attention to the fact that the pointer returned
+** from [sqlite3_value_blob()], [sqlite3_value_text()], or
+** [sqlite3_value_text16()] can be invalidated by a subsequent call to
+** [sqlite3_value_bytes()], [sqlite3_value_bytes16()], [sqlite3_value_text()],
+** or [sqlite3_value_text16()].
+**
+** These routines must be called from the same thread as
+** the SQL function that supplied the [sqlite3_value*] parameters.
+*/
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_blob(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_bytes(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_bytes16(sqlite3_value*);
+SQLITE_API double SQLITE_STDCALL sqlite3_value_double(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_int(sqlite3_value*);
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_value_int64(sqlite3_value*);
+SQLITE_API const unsigned char *SQLITE_STDCALL sqlite3_value_text(sqlite3_value*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16(sqlite3_value*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16le(sqlite3_value*);
+SQLITE_API const void *SQLITE_STDCALL sqlite3_value_text16be(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_type(sqlite3_value*);
+SQLITE_API int SQLITE_STDCALL sqlite3_value_numeric_type(sqlite3_value*);
+
+/*
+** CAPI3REF: Finding The Subtype Of SQL Values
+** METHOD: sqlite3_value
+**
+** The sqlite3_value_subtype(V) function returns the subtype for
+** an [application-defined SQL function] argument V. The subtype
+** information can be used to pass a limited amount of context from
+** one SQL function to another. Use the [sqlite3_result_subtype()]
+** routine to set the subtype for the return value of an SQL function.
+**
+** SQLite makes no use of subtype itself. It merely passes the subtype
+** from the result of one [application-defined SQL function] into the
+** input of another.
+*/
+SQLITE_API unsigned int SQLITE_STDCALL sqlite3_value_subtype(sqlite3_value*);
+
+/*
+** CAPI3REF: Copy And Free SQL Values
+** METHOD: sqlite3_value
+**
+** ^The sqlite3_value_dup(V) interface makes a copy of the [sqlite3_value]
+** object D and returns a pointer to that copy. ^The [sqlite3_value] returned
+** is a [protected sqlite3_value] object even if the input is not.
+** ^The sqlite3_value_dup(V) interface returns NULL if V is NULL or if a
+** memory allocation fails.
+**
+** ^The sqlite3_value_free(V) interface frees an [sqlite3_value] object
+** previously obtained from [sqlite3_value_dup()]. ^If V is a NULL pointer
+** then sqlite3_value_free(V) is a harmless no-op.
+*/
+SQLITE_API sqlite3_value *SQLITE_STDCALL sqlite3_value_dup(const sqlite3_value*);
+SQLITE_API void SQLITE_STDCALL sqlite3_value_free(sqlite3_value*);
+
+/*
+** CAPI3REF: Obtain Aggregate Function Context
+** METHOD: sqlite3_context
+**
+** Implementations of aggregate SQL functions use this
+** routine to allocate memory for storing their state.
+**
+** ^The first time the sqlite3_aggregate_context(C,N) routine is called
+** for a particular aggregate function, SQLite
+** allocates N of memory, zeroes out that memory, and returns a pointer
+** to the new memory. ^On second and subsequent calls to
+** sqlite3_aggregate_context() for the same aggregate function instance,
+** the same buffer is returned. Sqlite3_aggregate_context() is normally
+** called once for each invocation of the xStep callback and then one
+** last time when the xFinal callback is invoked. ^(When no rows match
+** an aggregate query, the xStep() callback of the aggregate function
+** implementation is never called and xFinal() is called exactly once.
+** In those cases, sqlite3_aggregate_context() might be called for the
+** first time from within xFinal().)^
+**
+** ^The sqlite3_aggregate_context(C,N) routine returns a NULL pointer
+** when first called if N is less than or equal to zero or if a memory
+** allocate error occurs.
+**
+** ^(The amount of space allocated by sqlite3_aggregate_context(C,N) is
+** determined by the N parameter on first successful call. Changing the
+** value of N in subsequent call to sqlite3_aggregate_context() within
+** the same aggregate function instance will not resize the memory
+** allocation.)^ Within the xFinal callback, it is customary to set
+** N=0 in calls to sqlite3_aggregate_context(C,N) so that no
+** pointless memory allocations occur.
+**
+** ^SQLite automatically frees the memory allocated by
+** sqlite3_aggregate_context() when the aggregate query concludes.
+**
+** The first parameter must be a copy of the
+** [sqlite3_context | SQL function context] that is the first parameter
+** to the xStep or xFinal callback routine that implements the aggregate
+** function.
+**
+** This routine must be called from the same thread in which
+** the aggregate SQL function is running.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_aggregate_context(sqlite3_context*, int nBytes);
+
+/*
+** CAPI3REF: User Data For Functions
+** METHOD: sqlite3_context
+**
+** ^The sqlite3_user_data() interface returns a copy of
+** the pointer that was the pUserData parameter (the 5th parameter)
+** of the [sqlite3_create_function()]
+** and [sqlite3_create_function16()] routines that originally
+** registered the application defined function.
+**
+** This routine must be called from the same thread in which
+** the application-defined function is running.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_user_data(sqlite3_context*);
+
+/*
+** CAPI3REF: Database Connection For Functions
+** METHOD: sqlite3_context
+**
+** ^The sqlite3_context_db_handle() interface returns a copy of
+** the pointer to the [database connection] (the 1st parameter)
+** of the [sqlite3_create_function()]
+** and [sqlite3_create_function16()] routines that originally
+** registered the application defined function.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3_context_db_handle(sqlite3_context*);
+
+/*
+** CAPI3REF: Function Auxiliary Data
+** METHOD: sqlite3_context
+**
+** These functions may be used by (non-aggregate) SQL functions to
+** associate metadata with argument values. If the same value is passed to
+** multiple invocations of the same SQL function during query execution, under
+** some circumstances the associated metadata may be preserved. An example
+** of where this might be useful is in a regular-expression matching
+** function. The compiled version of the regular expression can be stored as
+** metadata associated with the pattern string.
+** Then as long as the pattern string remains the same,
+** the compiled regular expression can be reused on multiple
+** invocations of the same function.
+**
+** ^The sqlite3_get_auxdata() interface returns a pointer to the metadata
+** associated by the sqlite3_set_auxdata() function with the Nth argument
+** value to the application-defined function. ^If there is no metadata
+** associated with the function argument, this sqlite3_get_auxdata() interface
+** returns a NULL pointer.
+**
+** ^The sqlite3_set_auxdata(C,N,P,X) interface saves P as metadata for the N-th
+** argument of the application-defined function. ^Subsequent
+** calls to sqlite3_get_auxdata(C,N) return P from the most recent
+** sqlite3_set_auxdata(C,N,P,X) call if the metadata is still valid or
+** NULL if the metadata has been discarded.
+** ^After each call to sqlite3_set_auxdata(C,N,P,X) where X is not NULL,
+** SQLite will invoke the destructor function X with parameter P exactly
+** once, when the metadata is discarded.
+** SQLite is free to discard the metadata at any time, including: <ul>
+** <li> when the corresponding function parameter changes, or
+** <li> when [sqlite3_reset()] or [sqlite3_finalize()] is called for the
+** SQL statement, or
+** <li> when sqlite3_set_auxdata() is invoked again on the same parameter, or
+** <li> during the original sqlite3_set_auxdata() call when a memory
+** allocation error occurs. </ul>)^
+**
+** Note the last bullet in particular. The destructor X in
+** sqlite3_set_auxdata(C,N,P,X) might be called immediately, before the
+** sqlite3_set_auxdata() interface even returns. Hence sqlite3_set_auxdata()
+** should be called near the end of the function implementation and the
+** function implementation should not make any use of P after
+** sqlite3_set_auxdata() has been called.
+**
+** ^(In practice, metadata is preserved between function calls for
+** function parameters that are compile-time constants, including literal
+** values and [parameters] and expressions composed from the same.)^
+**
+** These routines must be called from the same thread in which
+** the SQL function is running.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_get_auxdata(sqlite3_context*, int N);
+SQLITE_API void SQLITE_STDCALL sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(void*));
+
+
+/*
+** CAPI3REF: Constants Defining Special Destructor Behavior
+**
+** These are special values for the destructor that is passed in as the
+** final argument to routines like [sqlite3_result_blob()]. ^If the destructor
+** argument is SQLITE_STATIC, it means that the content pointer is constant
+** and will never change. It does not need to be destroyed. ^The
+** SQLITE_TRANSIENT value means that the content will likely change in
+** the near future and that SQLite should make its own private copy of
+** the content before returning.
+**
+** The typedef is necessary to work around problems in certain
+** C++ compilers.
+*/
+typedef void (*sqlite3_destructor_type)(void*);
+#define SQLITE_STATIC ((sqlite3_destructor_type)0)
+#define SQLITE_TRANSIENT ((sqlite3_destructor_type)-1)
+
+/*
+** CAPI3REF: Setting The Result Of An SQL Function
+** METHOD: sqlite3_context
+**
+** These routines are used by the xFunc or xFinal callbacks that
+** implement SQL functions and aggregates. See
+** [sqlite3_create_function()] and [sqlite3_create_function16()]
+** for additional information.
+**
+** These functions work very much like the [parameter binding] family of
+** functions used to bind values to host parameters in prepared statements.
+** Refer to the [SQL parameter] documentation for additional information.
+**
+** ^The sqlite3_result_blob() interface sets the result from
+** an application-defined function to be the BLOB whose content is pointed
+** to by the second parameter and which is N bytes long where N is the
+** third parameter.
+**
+** ^The sqlite3_result_zeroblob(C,N) and sqlite3_result_zeroblob64(C,N)
+** interfaces set the result of the application-defined function to be
+** a BLOB containing all zero bytes and N bytes in size.
+**
+** ^The sqlite3_result_double() interface sets the result from
+** an application-defined function to be a floating point value specified
+** by its 2nd argument.
+**
+** ^The sqlite3_result_error() and sqlite3_result_error16() functions
+** cause the implemented SQL function to throw an exception.
+** ^SQLite uses the string pointed to by the
+** 2nd parameter of sqlite3_result_error() or sqlite3_result_error16()
+** as the text of an error message. ^SQLite interprets the error
+** message string from sqlite3_result_error() as UTF-8. ^SQLite
+** interprets the string from sqlite3_result_error16() as UTF-16 in native
+** byte order. ^If the third parameter to sqlite3_result_error()
+** or sqlite3_result_error16() is negative then SQLite takes as the error
+** message all text up through the first zero character.
+** ^If the third parameter to sqlite3_result_error() or
+** sqlite3_result_error16() is non-negative then SQLite takes that many
+** bytes (not characters) from the 2nd parameter as the error message.
+** ^The sqlite3_result_error() and sqlite3_result_error16()
+** routines make a private copy of the error message text before
+** they return. Hence, the calling function can deallocate or
+** modify the text after they return without harm.
+** ^The sqlite3_result_error_code() function changes the error code
+** returned by SQLite as a result of an error in a function. ^By default,
+** the error code is SQLITE_ERROR. ^A subsequent call to sqlite3_result_error()
+** or sqlite3_result_error16() resets the error code to SQLITE_ERROR.
+**
+** ^The sqlite3_result_error_toobig() interface causes SQLite to throw an
+** error indicating that a string or BLOB is too long to represent.
+**
+** ^The sqlite3_result_error_nomem() interface causes SQLite to throw an
+** error indicating that a memory allocation failed.
+**
+** ^The sqlite3_result_int() interface sets the return value
+** of the application-defined function to be the 32-bit signed integer
+** value given in the 2nd argument.
+** ^The sqlite3_result_int64() interface sets the return value
+** of the application-defined function to be the 64-bit signed integer
+** value given in the 2nd argument.
+**
+** ^The sqlite3_result_null() interface sets the return value
+** of the application-defined function to be NULL.
+**
+** ^The sqlite3_result_text(), sqlite3_result_text16(),
+** sqlite3_result_text16le(), and sqlite3_result_text16be() interfaces
+** set the return value of the application-defined function to be
+** a text string which is represented as UTF-8, UTF-16 native byte order,
+** UTF-16 little endian, or UTF-16 big endian, respectively.
+** ^The sqlite3_result_text64() interface sets the return value of an
+** application-defined function to be a text string in an encoding
+** specified by the fifth (and last) parameter, which must be one
+** of [SQLITE_UTF8], [SQLITE_UTF16], [SQLITE_UTF16BE], or [SQLITE_UTF16LE].
+** ^SQLite takes the text result from the application from
+** the 2nd parameter of the sqlite3_result_text* interfaces.
+** ^If the 3rd parameter to the sqlite3_result_text* interfaces
+** is negative, then SQLite takes result text from the 2nd parameter
+** through the first zero character.
+** ^If the 3rd parameter to the sqlite3_result_text* interfaces
+** is non-negative, then as many bytes (not characters) of the text
+** pointed to by the 2nd parameter are taken as the application-defined
+** function result. If the 3rd parameter is non-negative, then it
+** must be the byte offset into the string where the NUL terminator would
+** appear if the string where NUL terminated. If any NUL characters occur
+** in the string at a byte offset that is less than the value of the 3rd
+** parameter, then the resulting string will contain embedded NULs and the
+** result of expressions operating on strings with embedded NULs is undefined.
+** ^If the 4th parameter to the sqlite3_result_text* interfaces
+** or sqlite3_result_blob is a non-NULL pointer, then SQLite calls that
+** function as the destructor on the text or BLOB result when it has
+** finished using that result.
+** ^If the 4th parameter to the sqlite3_result_text* interfaces or to
+** sqlite3_result_blob is the special constant SQLITE_STATIC, then SQLite
+** assumes that the text or BLOB result is in constant space and does not
+** copy the content of the parameter nor call a destructor on the content
+** when it has finished using that result.
+** ^If the 4th parameter to the sqlite3_result_text* interfaces
+** or sqlite3_result_blob is the special constant SQLITE_TRANSIENT
+** then SQLite makes a copy of the result into space obtained from
+** from [sqlite3_malloc()] before it returns.
+**
+** ^The sqlite3_result_value() interface sets the result of
+** the application-defined function to be a copy of the
+** [unprotected sqlite3_value] object specified by the 2nd parameter. ^The
+** sqlite3_result_value() interface makes a copy of the [sqlite3_value]
+** so that the [sqlite3_value] specified in the parameter may change or
+** be deallocated after sqlite3_result_value() returns without harm.
+** ^A [protected sqlite3_value] object may always be used where an
+** [unprotected sqlite3_value] object is required, so either
+** kind of [sqlite3_value] object can be used with this interface.
+**
+** If these routines are called from within the different thread
+** than the one containing the application-defined function that received
+** the [sqlite3_context] pointer, the results are undefined.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_result_blob(sqlite3_context*, const void*, int, void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_blob64(sqlite3_context*,const void*,
+ sqlite3_uint64,void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_double(sqlite3_context*, double);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error(sqlite3_context*, const char*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error16(sqlite3_context*, const void*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_toobig(sqlite3_context*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_nomem(sqlite3_context*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_error_code(sqlite3_context*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_int(sqlite3_context*, int);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_int64(sqlite3_context*, sqlite3_int64);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_null(sqlite3_context*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text(sqlite3_context*, const char*, int, void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text64(sqlite3_context*, const char*,sqlite3_uint64,
+ void(*)(void*), unsigned char encoding);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16(sqlite3_context*, const void*, int, void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16le(sqlite3_context*, const void*, int,void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_text16be(sqlite3_context*, const void*, int,void(*)(void*));
+SQLITE_API void SQLITE_STDCALL sqlite3_result_value(sqlite3_context*, sqlite3_value*);
+SQLITE_API void SQLITE_STDCALL sqlite3_result_zeroblob(sqlite3_context*, int n);
+SQLITE_API int SQLITE_STDCALL sqlite3_result_zeroblob64(sqlite3_context*, sqlite3_uint64 n);
+
+
+/*
+** CAPI3REF: Setting The Subtype Of An SQL Function
+** METHOD: sqlite3_context
+**
+** The sqlite3_result_subtype(C,T) function causes the subtype of
+** the result from the [application-defined SQL function] with
+** [sqlite3_context] C to be the value T. Only the lower 8 bits
+** of the subtype T are preserved in current versions of SQLite;
+** higher order bits are discarded.
+** The number of subtype bytes preserved by SQLite might increase
+** in future releases of SQLite.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_result_subtype(sqlite3_context*,unsigned int);
+
+/*
+** CAPI3REF: Define New Collating Sequences
+** METHOD: sqlite3
+**
+** ^These functions add, remove, or modify a [collation] associated
+** with the [database connection] specified as the first argument.
+**
+** ^The name of the collation is a UTF-8 string
+** for sqlite3_create_collation() and sqlite3_create_collation_v2()
+** and a UTF-16 string in native byte order for sqlite3_create_collation16().
+** ^Collation names that compare equal according to [sqlite3_strnicmp()] are
+** considered to be the same name.
+**
+** ^(The third argument (eTextRep) must be one of the constants:
+** <ul>
+** <li> [SQLITE_UTF8],
+** <li> [SQLITE_UTF16LE],
+** <li> [SQLITE_UTF16BE],
+** <li> [SQLITE_UTF16], or
+** <li> [SQLITE_UTF16_ALIGNED].
+** </ul>)^
+** ^The eTextRep argument determines the encoding of strings passed
+** to the collating function callback, xCallback.
+** ^The [SQLITE_UTF16] and [SQLITE_UTF16_ALIGNED] values for eTextRep
+** force strings to be UTF16 with native byte order.
+** ^The [SQLITE_UTF16_ALIGNED] value for eTextRep forces strings to begin
+** on an even byte address.
+**
+** ^The fourth argument, pArg, is an application data pointer that is passed
+** through as the first argument to the collating function callback.
+**
+** ^The fifth argument, xCallback, is a pointer to the collating function.
+** ^Multiple collating functions can be registered using the same name but
+** with different eTextRep parameters and SQLite will use whichever
+** function requires the least amount of data transformation.
+** ^If the xCallback argument is NULL then the collating function is
+** deleted. ^When all collating functions having the same name are deleted,
+** that collation is no longer usable.
+**
+** ^The collating function callback is invoked with a copy of the pArg
+** application data pointer and with two strings in the encoding specified
+** by the eTextRep argument. The collating function must return an
+** integer that is negative, zero, or positive
+** if the first string is less than, equal to, or greater than the second,
+** respectively. A collating function must always return the same answer
+** given the same inputs. If two or more collating functions are registered
+** to the same collation name (using different eTextRep values) then all
+** must give an equivalent answer when invoked with equivalent strings.
+** The collating function must obey the following properties for all
+** strings A, B, and C:
+**
+** <ol>
+** <li> If A==B then B==A.
+** <li> If A==B and B==C then A==C.
+** <li> If A&lt;B THEN B&gt;A.
+** <li> If A&lt;B and B&lt;C then A&lt;C.
+** </ol>
+**
+** If a collating function fails any of the above constraints and that
+** collating function is registered and used, then the behavior of SQLite
+** is undefined.
+**
+** ^The sqlite3_create_collation_v2() works like sqlite3_create_collation()
+** with the addition that the xDestroy callback is invoked on pArg when
+** the collating function is deleted.
+** ^Collating functions are deleted when they are overridden by later
+** calls to the collation creation functions or when the
+** [database connection] is closed using [sqlite3_close()].
+**
+** ^The xDestroy callback is <u>not</u> called if the
+** sqlite3_create_collation_v2() function fails. Applications that invoke
+** sqlite3_create_collation_v2() with a non-NULL xDestroy argument should
+** check the return code and dispose of the application data pointer
+** themselves rather than expecting SQLite to deal with it for them.
+** This is different from every other SQLite interface. The inconsistency
+** is unfortunate but cannot be changed without breaking backwards
+** compatibility.
+**
+** See also: [sqlite3_collation_needed()] and [sqlite3_collation_needed16()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation(
+ sqlite3*,
+ const char *zName,
+ int eTextRep,
+ void *pArg,
+ int(*xCompare)(void*,int,const void*,int,const void*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation_v2(
+ sqlite3*,
+ const char *zName,
+ int eTextRep,
+ void *pArg,
+ int(*xCompare)(void*,int,const void*,int,const void*),
+ void(*xDestroy)(void*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_collation16(
+ sqlite3*,
+ const void *zName,
+ int eTextRep,
+ void *pArg,
+ int(*xCompare)(void*,int,const void*,int,const void*)
+);
+
+/*
+** CAPI3REF: Collation Needed Callbacks
+** METHOD: sqlite3
+**
+** ^To avoid having to register all collation sequences before a database
+** can be used, a single callback function may be registered with the
+** [database connection] to be invoked whenever an undefined collation
+** sequence is required.
+**
+** ^If the function is registered using the sqlite3_collation_needed() API,
+** then it is passed the names of undefined collation sequences as strings
+** encoded in UTF-8. ^If sqlite3_collation_needed16() is used,
+** the names are passed as UTF-16 in machine native byte order.
+** ^A call to either function replaces the existing collation-needed callback.
+**
+** ^(When the callback is invoked, the first argument passed is a copy
+** of the second argument to sqlite3_collation_needed() or
+** sqlite3_collation_needed16(). The second argument is the database
+** connection. The third argument is one of [SQLITE_UTF8], [SQLITE_UTF16BE],
+** or [SQLITE_UTF16LE], indicating the most desirable form of the collation
+** sequence function required. The fourth parameter is the name of the
+** required collation sequence.)^
+**
+** The callback function should register the desired collation using
+** [sqlite3_create_collation()], [sqlite3_create_collation16()], or
+** [sqlite3_create_collation_v2()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_collation_needed(
+ sqlite3*,
+ void*,
+ void(*)(void*,sqlite3*,int eTextRep,const char*)
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_collation_needed16(
+ sqlite3*,
+ void*,
+ void(*)(void*,sqlite3*,int eTextRep,const void*)
+);
+
+#ifdef SQLITE_HAS_CODEC
+/*
+** Specify the key for an encrypted database. This routine should be
+** called right after sqlite3_open().
+**
+** The code to implement this API is not available in the public release
+** of SQLite.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_key(
+ sqlite3 *db, /* Database to be rekeyed */
+ const void *pKey, int nKey /* The key */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_key_v2(
+ sqlite3 *db, /* Database to be rekeyed */
+ const char *zDbName, /* Name of the database */
+ const void *pKey, int nKey /* The key */
+);
+
+/*
+** Change the key on an open database. If the current database is not
+** encrypted, this routine will encrypt it. If pNew==0 or nNew==0, the
+** database is decrypted.
+**
+** The code to implement this API is not available in the public release
+** of SQLite.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rekey(
+ sqlite3 *db, /* Database to be rekeyed */
+ const void *pKey, int nKey /* The new key */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_rekey_v2(
+ sqlite3 *db, /* Database to be rekeyed */
+ const char *zDbName, /* Name of the database */
+ const void *pKey, int nKey /* The new key */
+);
+
+/*
+** Specify the activation key for a SEE database. Unless
+** activated, none of the SEE routines will work.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_activate_see(
+ const char *zPassPhrase /* Activation phrase */
+);
+#endif
+
+#ifdef SQLITE_ENABLE_CEROD
+/*
+** Specify the activation key for a CEROD database. Unless
+** activated, none of the CEROD routines will work.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_activate_cerod(
+ const char *zPassPhrase /* Activation phrase */
+);
+#endif
+
+/*
+** CAPI3REF: Suspend Execution For A Short Time
+**
+** The sqlite3_sleep() function causes the current thread to suspend execution
+** for at least a number of milliseconds specified in its parameter.
+**
+** If the operating system does not support sleep requests with
+** millisecond time resolution, then the time will be rounded up to
+** the nearest second. The number of milliseconds of sleep actually
+** requested from the operating system is returned.
+**
+** ^SQLite implements this interface by calling the xSleep()
+** method of the default [sqlite3_vfs] object. If the xSleep() method
+** of the default VFS is not implemented correctly, or not implemented at
+** all, then the behavior of sqlite3_sleep() may deviate from the description
+** in the previous paragraphs.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_sleep(int);
+
+/*
+** CAPI3REF: Name Of The Folder Holding Temporary Files
+**
+** ^(If this global variable is made to point to a string which is
+** the name of a folder (a.k.a. directory), then all temporary files
+** created by SQLite when using a built-in [sqlite3_vfs | VFS]
+** will be placed in that directory.)^ ^If this variable
+** is a NULL pointer, then SQLite performs a search for an appropriate
+** temporary file directory.
+**
+** Applications are strongly discouraged from using this global variable.
+** It is required to set a temporary folder on Windows Runtime (WinRT).
+** But for all other platforms, it is highly recommended that applications
+** neither read nor write this variable. This global variable is a relic
+** that exists for backwards compatibility of legacy applications and should
+** be avoided in new projects.
+**
+** It is not safe to read or modify this variable in more than one
+** thread at a time. It is not safe to read or modify this variable
+** if a [database connection] is being used at the same time in a separate
+** thread.
+** It is intended that this variable be set once
+** as part of process initialization and before any SQLite interface
+** routines have been called and that this variable remain unchanged
+** thereafter.
+**
+** ^The [temp_store_directory pragma] may modify this variable and cause
+** it to point to memory obtained from [sqlite3_malloc]. ^Furthermore,
+** the [temp_store_directory pragma] always assumes that any string
+** that this variable points to is held in memory obtained from
+** [sqlite3_malloc] and the pragma may attempt to free that memory
+** using [sqlite3_free].
+** Hence, if this variable is modified directly, either it should be
+** made NULL or made to point to memory obtained from [sqlite3_malloc]
+** or else the use of the [temp_store_directory pragma] should be avoided.
+** Except when requested by the [temp_store_directory pragma], SQLite
+** does not free the memory that sqlite3_temp_directory points to. If
+** the application wants that memory to be freed, it must do
+** so itself, taking care to only do so after all [database connection]
+** objects have been destroyed.
+**
+** <b>Note to Windows Runtime users:</b> The temporary directory must be set
+** prior to calling [sqlite3_open] or [sqlite3_open_v2]. Otherwise, various
+** features that require the use of temporary files may fail. Here is an
+** example of how to do this using C++ with the Windows Runtime:
+**
+** <blockquote><pre>
+** LPCWSTR zPath = Windows::Storage::ApplicationData::Current->
+** &nbsp; TemporaryFolder->Path->Data();
+** char zPathBuf&#91;MAX_PATH + 1&#93;;
+** memset(zPathBuf, 0, sizeof(zPathBuf));
+** WideCharToMultiByte(CP_UTF8, 0, zPath, -1, zPathBuf, sizeof(zPathBuf),
+** &nbsp; NULL, NULL);
+** sqlite3_temp_directory = sqlite3_mprintf("%s", zPathBuf);
+** </pre></blockquote>
+*/
+SQLITE_API SQLITE_EXTERN char *sqlite3_temp_directory;
+
+/*
+** CAPI3REF: Name Of The Folder Holding Database Files
+**
+** ^(If this global variable is made to point to a string which is
+** the name of a folder (a.k.a. directory), then all database files
+** specified with a relative pathname and created or accessed by
+** SQLite when using a built-in windows [sqlite3_vfs | VFS] will be assumed
+** to be relative to that directory.)^ ^If this variable is a NULL
+** pointer, then SQLite assumes that all database files specified
+** with a relative pathname are relative to the current directory
+** for the process. Only the windows VFS makes use of this global
+** variable; it is ignored by the unix VFS.
+**
+** Changing the value of this variable while a database connection is
+** open can result in a corrupt database.
+**
+** It is not safe to read or modify this variable in more than one
+** thread at a time. It is not safe to read or modify this variable
+** if a [database connection] is being used at the same time in a separate
+** thread.
+** It is intended that this variable be set once
+** as part of process initialization and before any SQLite interface
+** routines have been called and that this variable remain unchanged
+** thereafter.
+**
+** ^The [data_store_directory pragma] may modify this variable and cause
+** it to point to memory obtained from [sqlite3_malloc]. ^Furthermore,
+** the [data_store_directory pragma] always assumes that any string
+** that this variable points to is held in memory obtained from
+** [sqlite3_malloc] and the pragma may attempt to free that memory
+** using [sqlite3_free].
+** Hence, if this variable is modified directly, either it should be
+** made NULL or made to point to memory obtained from [sqlite3_malloc]
+** or else the use of the [data_store_directory pragma] should be avoided.
+*/
+SQLITE_API SQLITE_EXTERN char *sqlite3_data_directory;
+
+/*
+** CAPI3REF: Test For Auto-Commit Mode
+** KEYWORDS: {autocommit mode}
+** METHOD: sqlite3
+**
+** ^The sqlite3_get_autocommit() interface returns non-zero or
+** zero if the given database connection is or is not in autocommit mode,
+** respectively. ^Autocommit mode is on by default.
+** ^Autocommit mode is disabled by a [BEGIN] statement.
+** ^Autocommit mode is re-enabled by a [COMMIT] or [ROLLBACK].
+**
+** If certain kinds of errors occur on a statement within a multi-statement
+** transaction (errors including [SQLITE_FULL], [SQLITE_IOERR],
+** [SQLITE_NOMEM], [SQLITE_BUSY], and [SQLITE_INTERRUPT]) then the
+** transaction might be rolled back automatically. The only way to
+** find out whether SQLite automatically rolled back the transaction after
+** an error is to use this function.
+**
+** If another thread changes the autocommit status of the database
+** connection while this routine is running, then the return value
+** is undefined.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_get_autocommit(sqlite3*);
+
+/*
+** CAPI3REF: Find The Database Handle Of A Prepared Statement
+** METHOD: sqlite3_stmt
+**
+** ^The sqlite3_db_handle interface returns the [database connection] handle
+** to which a [prepared statement] belongs. ^The [database connection]
+** returned by sqlite3_db_handle is the same [database connection]
+** that was the first argument
+** to the [sqlite3_prepare_v2()] call (or its variants) that was used to
+** create the statement in the first place.
+*/
+SQLITE_API sqlite3 *SQLITE_STDCALL sqlite3_db_handle(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Return The Filename For A Database Connection
+** METHOD: sqlite3
+**
+** ^The sqlite3_db_filename(D,N) interface returns a pointer to a filename
+** associated with database N of connection D. ^The main database file
+** has the name "main". If there is no attached database N on the database
+** connection D, or if database N is a temporary or in-memory database, then
+** a NULL pointer is returned.
+**
+** ^The filename returned by this function is the output of the
+** xFullPathname method of the [VFS]. ^In other words, the filename
+** will be an absolute pathname, even if the filename used
+** to open the database originally was a URI or relative pathname.
+*/
+SQLITE_API const char *SQLITE_STDCALL sqlite3_db_filename(sqlite3 *db, const char *zDbName);
+
+/*
+** CAPI3REF: Determine if a database is read-only
+** METHOD: sqlite3
+**
+** ^The sqlite3_db_readonly(D,N) interface returns 1 if the database N
+** of connection D is read-only, 0 if it is read/write, or -1 if N is not
+** the name of a database on connection D.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_readonly(sqlite3 *db, const char *zDbName);
+
+/*
+** CAPI3REF: Find the next prepared statement
+** METHOD: sqlite3
+**
+** ^This interface returns a pointer to the next [prepared statement] after
+** pStmt associated with the [database connection] pDb. ^If pStmt is NULL
+** then this interface returns a pointer to the first prepared statement
+** associated with the database connection pDb. ^If no prepared statement
+** satisfies the conditions of this routine, it returns NULL.
+**
+** The [database connection] pointer D in a call to
+** [sqlite3_next_stmt(D,S)] must refer to an open database
+** connection and in particular must not be a NULL pointer.
+*/
+SQLITE_API sqlite3_stmt *SQLITE_STDCALL sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt);
+
+/*
+** CAPI3REF: Commit And Rollback Notification Callbacks
+** METHOD: sqlite3
+**
+** ^The sqlite3_commit_hook() interface registers a callback
+** function to be invoked whenever a transaction is [COMMIT | committed].
+** ^Any callback set by a previous call to sqlite3_commit_hook()
+** for the same database connection is overridden.
+** ^The sqlite3_rollback_hook() interface registers a callback
+** function to be invoked whenever a transaction is [ROLLBACK | rolled back].
+** ^Any callback set by a previous call to sqlite3_rollback_hook()
+** for the same database connection is overridden.
+** ^The pArg argument is passed through to the callback.
+** ^If the callback on a commit hook function returns non-zero,
+** then the commit is converted into a rollback.
+**
+** ^The sqlite3_commit_hook(D,C,P) and sqlite3_rollback_hook(D,C,P) functions
+** return the P argument from the previous call of the same function
+** on the same [database connection] D, or NULL for
+** the first call for each function on D.
+**
+** The commit and rollback hook callbacks are not reentrant.
+** The callback implementation must not do anything that will modify
+** the database connection that invoked the callback. Any actions
+** to modify the database connection must be deferred until after the
+** completion of the [sqlite3_step()] call that triggered the commit
+** or rollback hook in the first place.
+** Note that running any other SQL statements, including SELECT statements,
+** or merely calling [sqlite3_prepare_v2()] and [sqlite3_step()] will modify
+** the database connections for the meaning of "modify" in this paragraph.
+**
+** ^Registering a NULL function disables the callback.
+**
+** ^When the commit hook callback routine returns zero, the [COMMIT]
+** operation is allowed to continue normally. ^If the commit hook
+** returns non-zero, then the [COMMIT] is converted into a [ROLLBACK].
+** ^The rollback hook is invoked on a rollback that results from a commit
+** hook returning non-zero, just as it would be with any other rollback.
+**
+** ^For the purposes of this API, a transaction is said to have been
+** rolled back if an explicit "ROLLBACK" statement is executed, or
+** an error or constraint causes an implicit rollback to occur.
+** ^The rollback callback is not invoked if a transaction is
+** automatically rolled back because the database connection is closed.
+**
+** See also the [sqlite3_update_hook()] interface.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_commit_hook(sqlite3*, int(*)(void*), void*);
+SQLITE_API void *SQLITE_STDCALL sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*);
+
+/*
+** CAPI3REF: Data Change Notification Callbacks
+** METHOD: sqlite3
+**
+** ^The sqlite3_update_hook() interface registers a callback function
+** with the [database connection] identified by the first argument
+** to be invoked whenever a row is updated, inserted or deleted in
+** a rowid table.
+** ^Any callback set by a previous call to this function
+** for the same database connection is overridden.
+**
+** ^The second argument is a pointer to the function to invoke when a
+** row is updated, inserted or deleted in a rowid table.
+** ^The first argument to the callback is a copy of the third argument
+** to sqlite3_update_hook().
+** ^The second callback argument is one of [SQLITE_INSERT], [SQLITE_DELETE],
+** or [SQLITE_UPDATE], depending on the operation that caused the callback
+** to be invoked.
+** ^The third and fourth arguments to the callback contain pointers to the
+** database and table name containing the affected row.
+** ^The final callback parameter is the [rowid] of the row.
+** ^In the case of an update, this is the [rowid] after the update takes place.
+**
+** ^(The update hook is not invoked when internal system tables are
+** modified (i.e. sqlite_master and sqlite_sequence).)^
+** ^The update hook is not invoked when [WITHOUT ROWID] tables are modified.
+**
+** ^In the current implementation, the update hook
+** is not invoked when duplication rows are deleted because of an
+** [ON CONFLICT | ON CONFLICT REPLACE] clause. ^Nor is the update hook
+** invoked when rows are deleted using the [truncate optimization].
+** The exceptions defined in this paragraph might change in a future
+** release of SQLite.
+**
+** The update hook implementation must not do anything that will modify
+** the database connection that invoked the update hook. Any actions
+** to modify the database connection must be deferred until after the
+** completion of the [sqlite3_step()] call that triggered the update hook.
+** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
+** database connections for the meaning of "modify" in this paragraph.
+**
+** ^The sqlite3_update_hook(D,C,P) function
+** returns the P argument from the previous call
+** on the same [database connection] D, or NULL for
+** the first call on D.
+**
+** See also the [sqlite3_commit_hook()] and [sqlite3_rollback_hook()]
+** interfaces.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_update_hook(
+ sqlite3*,
+ void(*)(void *,int ,char const *,char const *,sqlite3_int64),
+ void*
+);
+
+/*
+** CAPI3REF: Enable Or Disable Shared Pager Cache
+**
+** ^(This routine enables or disables the sharing of the database cache
+** and schema data structures between [database connection | connections]
+** to the same database. Sharing is enabled if the argument is true
+** and disabled if the argument is false.)^
+**
+** ^Cache sharing is enabled and disabled for an entire process.
+** This is a change as of SQLite version 3.5.0. In prior versions of SQLite,
+** sharing was enabled or disabled for each thread separately.
+**
+** ^(The cache sharing mode set by this interface effects all subsequent
+** calls to [sqlite3_open()], [sqlite3_open_v2()], and [sqlite3_open16()].
+** Existing database connections continue use the sharing mode
+** that was in effect at the time they were opened.)^
+**
+** ^(This routine returns [SQLITE_OK] if shared cache was enabled or disabled
+** successfully. An [error code] is returned otherwise.)^
+**
+** ^Shared cache is disabled by default. But this might change in
+** future releases of SQLite. Applications that care about shared
+** cache setting should set it explicitly.
+**
+** Note: This method is disabled on MacOS X 10.7 and iOS version 5.0
+** and will always return SQLITE_MISUSE. On those systems,
+** shared cache mode should be enabled per-database connection via
+** [sqlite3_open_v2()] with [SQLITE_OPEN_SHAREDCACHE].
+**
+** This interface is threadsafe on processors where writing a
+** 32-bit integer is atomic.
+**
+** See Also: [SQLite Shared-Cache Mode]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_enable_shared_cache(int);
+
+/*
+** CAPI3REF: Attempt To Free Heap Memory
+**
+** ^The sqlite3_release_memory() interface attempts to free N bytes
+** of heap memory by deallocating non-essential memory allocations
+** held by the database library. Memory used to cache database
+** pages to improve performance is an example of non-essential memory.
+** ^sqlite3_release_memory() returns the number of bytes actually freed,
+** which might be more or less than the amount requested.
+** ^The sqlite3_release_memory() routine is a no-op returning zero
+** if SQLite is not compiled with [SQLITE_ENABLE_MEMORY_MANAGEMENT].
+**
+** See also: [sqlite3_db_release_memory()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_release_memory(int);
+
+/*
+** CAPI3REF: Free Memory Used By A Database Connection
+** METHOD: sqlite3
+**
+** ^The sqlite3_db_release_memory(D) interface attempts to free as much heap
+** memory as possible from database connection D. Unlike the
+** [sqlite3_release_memory()] interface, this interface is in effect even
+** when the [SQLITE_ENABLE_MEMORY_MANAGEMENT] compile-time option is
+** omitted.
+**
+** See also: [sqlite3_release_memory()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_release_memory(sqlite3*);
+
+/*
+** CAPI3REF: Impose A Limit On Heap Size
+**
+** ^The sqlite3_soft_heap_limit64() interface sets and/or queries the
+** soft limit on the amount of heap memory that may be allocated by SQLite.
+** ^SQLite strives to keep heap memory utilization below the soft heap
+** limit by reducing the number of pages held in the page cache
+** as heap memory usages approaches the limit.
+** ^The soft heap limit is "soft" because even though SQLite strives to stay
+** below the limit, it will exceed the limit rather than generate
+** an [SQLITE_NOMEM] error. In other words, the soft heap limit
+** is advisory only.
+**
+** ^The return value from sqlite3_soft_heap_limit64() is the size of
+** the soft heap limit prior to the call, or negative in the case of an
+** error. ^If the argument N is negative
+** then no change is made to the soft heap limit. Hence, the current
+** size of the soft heap limit can be determined by invoking
+** sqlite3_soft_heap_limit64() with a negative argument.
+**
+** ^If the argument N is zero then the soft heap limit is disabled.
+**
+** ^(The soft heap limit is not enforced in the current implementation
+** if one or more of following conditions are true:
+**
+** <ul>
+** <li> The soft heap limit is set to zero.
+** <li> Memory accounting is disabled using a combination of the
+** [sqlite3_config]([SQLITE_CONFIG_MEMSTATUS],...) start-time option and
+** the [SQLITE_DEFAULT_MEMSTATUS] compile-time option.
+** <li> An alternative page cache implementation is specified using
+** [sqlite3_config]([SQLITE_CONFIG_PCACHE2],...).
+** <li> The page cache allocates from its own memory pool supplied
+** by [sqlite3_config]([SQLITE_CONFIG_PAGECACHE],...) rather than
+** from the heap.
+** </ul>)^
+**
+** Beginning with SQLite version 3.7.3, the soft heap limit is enforced
+** regardless of whether or not the [SQLITE_ENABLE_MEMORY_MANAGEMENT]
+** compile-time option is invoked. With [SQLITE_ENABLE_MEMORY_MANAGEMENT],
+** the soft heap limit is enforced on every memory allocation. Without
+** [SQLITE_ENABLE_MEMORY_MANAGEMENT], the soft heap limit is only enforced
+** when memory is allocated by the page cache. Testing suggests that because
+** the page cache is the predominate memory user in SQLite, most
+** applications will achieve adequate soft heap limit enforcement without
+** the use of [SQLITE_ENABLE_MEMORY_MANAGEMENT].
+**
+** The circumstances under which SQLite will enforce the soft heap limit may
+** changes in future releases of SQLite.
+*/
+SQLITE_API sqlite3_int64 SQLITE_STDCALL sqlite3_soft_heap_limit64(sqlite3_int64 N);
+
+/*
+** CAPI3REF: Deprecated Soft Heap Limit Interface
+** DEPRECATED
+**
+** This is a deprecated version of the [sqlite3_soft_heap_limit64()]
+** interface. This routine is provided for historical compatibility
+** only. All new applications should use the
+** [sqlite3_soft_heap_limit64()] interface rather than this one.
+*/
+SQLITE_API SQLITE_DEPRECATED void SQLITE_STDCALL sqlite3_soft_heap_limit(int N);
+
+
+/*
+** CAPI3REF: Extract Metadata About A Column Of A Table
+** METHOD: sqlite3
+**
+** ^(The sqlite3_table_column_metadata(X,D,T,C,....) routine returns
+** information about column C of table T in database D
+** on [database connection] X.)^ ^The sqlite3_table_column_metadata()
+** interface returns SQLITE_OK and fills in the non-NULL pointers in
+** the final five arguments with appropriate values if the specified
+** column exists. ^The sqlite3_table_column_metadata() interface returns
+** SQLITE_ERROR and if the specified column does not exist.
+** ^If the column-name parameter to sqlite3_table_column_metadata() is a
+** NULL pointer, then this routine simply checks for the existance of the
+** table and returns SQLITE_OK if the table exists and SQLITE_ERROR if it
+** does not.
+**
+** ^The column is identified by the second, third and fourth parameters to
+** this function. ^(The second parameter is either the name of the database
+** (i.e. "main", "temp", or an attached database) containing the specified
+** table or NULL.)^ ^If it is NULL, then all attached databases are searched
+** for the table using the same algorithm used by the database engine to
+** resolve unqualified table references.
+**
+** ^The third and fourth parameters to this function are the table and column
+** name of the desired column, respectively.
+**
+** ^Metadata is returned by writing to the memory locations passed as the 5th
+** and subsequent parameters to this function. ^Any of these arguments may be
+** NULL, in which case the corresponding element of metadata is omitted.
+**
+** ^(<blockquote>
+** <table border="1">
+** <tr><th> Parameter <th> Output<br>Type <th> Description
+**
+** <tr><td> 5th <td> const char* <td> Data type
+** <tr><td> 6th <td> const char* <td> Name of default collation sequence
+** <tr><td> 7th <td> int <td> True if column has a NOT NULL constraint
+** <tr><td> 8th <td> int <td> True if column is part of the PRIMARY KEY
+** <tr><td> 9th <td> int <td> True if column is [AUTOINCREMENT]
+** </table>
+** </blockquote>)^
+**
+** ^The memory pointed to by the character pointers returned for the
+** declaration type and collation sequence is valid until the next
+** call to any SQLite API function.
+**
+** ^If the specified table is actually a view, an [error code] is returned.
+**
+** ^If the specified column is "rowid", "oid" or "_rowid_" and the table
+** is not a [WITHOUT ROWID] table and an
+** [INTEGER PRIMARY KEY] column has been explicitly declared, then the output
+** parameters are set for the explicitly declared column. ^(If there is no
+** [INTEGER PRIMARY KEY] column, then the outputs
+** for the [rowid] are set as follows:
+**
+** <pre>
+** data type: "INTEGER"
+** collation sequence: "BINARY"
+** not null: 0
+** primary key: 1
+** auto increment: 0
+** </pre>)^
+**
+** ^This function causes all database schemas to be read from disk and
+** parsed, if that has not already been done, and returns an error if
+** any errors are encountered while loading the schema.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_table_column_metadata(
+ sqlite3 *db, /* Connection handle */
+ const char *zDbName, /* Database name or NULL */
+ const char *zTableName, /* Table name */
+ const char *zColumnName, /* Column name */
+ char const **pzDataType, /* OUTPUT: Declared data type */
+ char const **pzCollSeq, /* OUTPUT: Collation sequence name */
+ int *pNotNull, /* OUTPUT: True if NOT NULL constraint exists */
+ int *pPrimaryKey, /* OUTPUT: True if column part of PK */
+ int *pAutoinc /* OUTPUT: True if column is auto-increment */
+);
+
+/*
+** CAPI3REF: Load An Extension
+** METHOD: sqlite3
+**
+** ^This interface loads an SQLite extension library from the named file.
+**
+** ^The sqlite3_load_extension() interface attempts to load an
+** [SQLite extension] library contained in the file zFile. If
+** the file cannot be loaded directly, attempts are made to load
+** with various operating-system specific extensions added.
+** So for example, if "samplelib" cannot be loaded, then names like
+** "samplelib.so" or "samplelib.dylib" or "samplelib.dll" might
+** be tried also.
+**
+** ^The entry point is zProc.
+** ^(zProc may be 0, in which case SQLite will try to come up with an
+** entry point name on its own. It first tries "sqlite3_extension_init".
+** If that does not work, it constructs a name "sqlite3_X_init" where the
+** X is consists of the lower-case equivalent of all ASCII alphabetic
+** characters in the filename from the last "/" to the first following
+** "." and omitting any initial "lib".)^
+** ^The sqlite3_load_extension() interface returns
+** [SQLITE_OK] on success and [SQLITE_ERROR] if something goes wrong.
+** ^If an error occurs and pzErrMsg is not 0, then the
+** [sqlite3_load_extension()] interface shall attempt to
+** fill *pzErrMsg with error message text stored in memory
+** obtained from [sqlite3_malloc()]. The calling function
+** should free this memory by calling [sqlite3_free()].
+**
+** ^Extension loading must be enabled using
+** [sqlite3_enable_load_extension()] prior to calling this API,
+** otherwise an error will be returned.
+**
+** See also the [load_extension() SQL function].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_load_extension(
+ sqlite3 *db, /* Load the extension into this database connection */
+ const char *zFile, /* Name of the shared library containing extension */
+ const char *zProc, /* Entry point. Derived from zFile if 0 */
+ char **pzErrMsg /* Put error message here if not 0 */
+);
+
+/*
+** CAPI3REF: Enable Or Disable Extension Loading
+** METHOD: sqlite3
+**
+** ^So as not to open security holes in older applications that are
+** unprepared to deal with [extension loading], and as a means of disabling
+** [extension loading] while evaluating user-entered SQL, the following API
+** is provided to turn the [sqlite3_load_extension()] mechanism on and off.
+**
+** ^Extension loading is off by default.
+** ^Call the sqlite3_enable_load_extension() routine with onoff==1
+** to turn extension loading on and call it with onoff==0 to turn
+** it back off again.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_enable_load_extension(sqlite3 *db, int onoff);
+
+/*
+** CAPI3REF: Automatically Load Statically Linked Extensions
+**
+** ^This interface causes the xEntryPoint() function to be invoked for
+** each new [database connection] that is created. The idea here is that
+** xEntryPoint() is the entry point for a statically linked [SQLite extension]
+** that is to be automatically loaded into all new database connections.
+**
+** ^(Even though the function prototype shows that xEntryPoint() takes
+** no arguments and returns void, SQLite invokes xEntryPoint() with three
+** arguments and expects and integer result as if the signature of the
+** entry point where as follows:
+**
+** <blockquote><pre>
+** &nbsp; int xEntryPoint(
+** &nbsp; sqlite3 *db,
+** &nbsp; const char **pzErrMsg,
+** &nbsp; const struct sqlite3_api_routines *pThunk
+** &nbsp; );
+** </pre></blockquote>)^
+**
+** If the xEntryPoint routine encounters an error, it should make *pzErrMsg
+** point to an appropriate error message (obtained from [sqlite3_mprintf()])
+** and return an appropriate [error code]. ^SQLite ensures that *pzErrMsg
+** is NULL before calling the xEntryPoint(). ^SQLite will invoke
+** [sqlite3_free()] on *pzErrMsg after xEntryPoint() returns. ^If any
+** xEntryPoint() returns an error, the [sqlite3_open()], [sqlite3_open16()],
+** or [sqlite3_open_v2()] call that provoked the xEntryPoint() will fail.
+**
+** ^Calling sqlite3_auto_extension(X) with an entry point X that is already
+** on the list of automatic extensions is a harmless no-op. ^No entry point
+** will be called more than once for each database connection that is opened.
+**
+** See also: [sqlite3_reset_auto_extension()]
+** and [sqlite3_cancel_auto_extension()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_auto_extension(void (*xEntryPoint)(void));
+
+/*
+** CAPI3REF: Cancel Automatic Extension Loading
+**
+** ^The [sqlite3_cancel_auto_extension(X)] interface unregisters the
+** initialization routine X that was registered using a prior call to
+** [sqlite3_auto_extension(X)]. ^The [sqlite3_cancel_auto_extension(X)]
+** routine returns 1 if initialization routine X was successfully
+** unregistered and it returns 0 if X was not on the list of initialization
+** routines.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_cancel_auto_extension(void (*xEntryPoint)(void));
+
+/*
+** CAPI3REF: Reset Automatic Extension Loading
+**
+** ^This interface disables all automatic extensions previously
+** registered using [sqlite3_auto_extension()].
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_reset_auto_extension(void);
+
+/*
+** The interface to the virtual-table mechanism is currently considered
+** to be experimental. The interface might change in incompatible ways.
+** If this is a problem for you, do not use the interface at this time.
+**
+** When the virtual-table mechanism stabilizes, we will declare the
+** interface fixed, support it indefinitely, and remove this comment.
+*/
+
+/*
+** Structures used by the virtual table interface
+*/
+typedef struct sqlite3_vtab sqlite3_vtab;
+typedef struct sqlite3_index_info sqlite3_index_info;
+typedef struct sqlite3_vtab_cursor sqlite3_vtab_cursor;
+typedef struct sqlite3_module sqlite3_module;
+
+/*
+** CAPI3REF: Virtual Table Object
+** KEYWORDS: sqlite3_module {virtual table module}
+**
+** This structure, sometimes called a "virtual table module",
+** defines the implementation of a [virtual tables].
+** This structure consists mostly of methods for the module.
+**
+** ^A virtual table module is created by filling in a persistent
+** instance of this structure and passing a pointer to that instance
+** to [sqlite3_create_module()] or [sqlite3_create_module_v2()].
+** ^The registration remains valid until it is replaced by a different
+** module or until the [database connection] closes. The content
+** of this structure must not change while it is registered with
+** any database connection.
+*/
+struct sqlite3_module {
+ int iVersion;
+ int (*xCreate)(sqlite3*, void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVTab, char**);
+ int (*xConnect)(sqlite3*, void *pAux,
+ int argc, const char *const*argv,
+ sqlite3_vtab **ppVTab, char**);
+ int (*xBestIndex)(sqlite3_vtab *pVTab, sqlite3_index_info*);
+ int (*xDisconnect)(sqlite3_vtab *pVTab);
+ int (*xDestroy)(sqlite3_vtab *pVTab);
+ int (*xOpen)(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCursor);
+ int (*xClose)(sqlite3_vtab_cursor*);
+ int (*xFilter)(sqlite3_vtab_cursor*, int idxNum, const char *idxStr,
+ int argc, sqlite3_value **argv);
+ int (*xNext)(sqlite3_vtab_cursor*);
+ int (*xEof)(sqlite3_vtab_cursor*);
+ int (*xColumn)(sqlite3_vtab_cursor*, sqlite3_context*, int);
+ int (*xRowid)(sqlite3_vtab_cursor*, sqlite3_int64 *pRowid);
+ int (*xUpdate)(sqlite3_vtab *, int, sqlite3_value **, sqlite3_int64 *);
+ int (*xBegin)(sqlite3_vtab *pVTab);
+ int (*xSync)(sqlite3_vtab *pVTab);
+ int (*xCommit)(sqlite3_vtab *pVTab);
+ int (*xRollback)(sqlite3_vtab *pVTab);
+ int (*xFindFunction)(sqlite3_vtab *pVtab, int nArg, const char *zName,
+ void (**pxFunc)(sqlite3_context*,int,sqlite3_value**),
+ void **ppArg);
+ int (*xRename)(sqlite3_vtab *pVtab, const char *zNew);
+ /* The methods above are in version 1 of the sqlite_module object. Those
+ ** below are for version 2 and greater. */
+ int (*xSavepoint)(sqlite3_vtab *pVTab, int);
+ int (*xRelease)(sqlite3_vtab *pVTab, int);
+ int (*xRollbackTo)(sqlite3_vtab *pVTab, int);
+};
+
+/*
+** CAPI3REF: Virtual Table Indexing Information
+** KEYWORDS: sqlite3_index_info
+**
+** The sqlite3_index_info structure and its substructures is used as part
+** of the [virtual table] interface to
+** pass information into and receive the reply from the [xBestIndex]
+** method of a [virtual table module]. The fields under **Inputs** are the
+** inputs to xBestIndex and are read-only. xBestIndex inserts its
+** results into the **Outputs** fields.
+**
+** ^(The aConstraint[] array records WHERE clause constraints of the form:
+**
+** <blockquote>column OP expr</blockquote>
+**
+** where OP is =, &lt;, &lt;=, &gt;, or &gt;=.)^ ^(The particular operator is
+** stored in aConstraint[].op using one of the
+** [SQLITE_INDEX_CONSTRAINT_EQ | SQLITE_INDEX_CONSTRAINT_ values].)^
+** ^(The index of the column is stored in
+** aConstraint[].iColumn.)^ ^(aConstraint[].usable is TRUE if the
+** expr on the right-hand side can be evaluated (and thus the constraint
+** is usable) and false if it cannot.)^
+**
+** ^The optimizer automatically inverts terms of the form "expr OP column"
+** and makes other simplifications to the WHERE clause in an attempt to
+** get as many WHERE clause terms into the form shown above as possible.
+** ^The aConstraint[] array only reports WHERE clause terms that are
+** relevant to the particular virtual table being queried.
+**
+** ^Information about the ORDER BY clause is stored in aOrderBy[].
+** ^Each term of aOrderBy records a column of the ORDER BY clause.
+**
+** The colUsed field indicates which columns of the virtual table may be
+** required by the current scan. Virtual table columns are numbered from
+** zero in the order in which they appear within the CREATE TABLE statement
+** passed to sqlite3_declare_vtab(). For the first 63 columns (columns 0-62),
+** the corresponding bit is set within the colUsed mask if the column may be
+** required by SQLite. If the table has at least 64 columns and any column
+** to the right of the first 63 is required, then bit 63 of colUsed is also
+** set. In other words, column iCol may be required if the expression
+** (colUsed & ((sqlite3_uint64)1 << (iCol>=63 ? 63 : iCol))) evaluates to
+** non-zero.
+**
+** The [xBestIndex] method must fill aConstraintUsage[] with information
+** about what parameters to pass to xFilter. ^If argvIndex>0 then
+** the right-hand side of the corresponding aConstraint[] is evaluated
+** and becomes the argvIndex-th entry in argv. ^(If aConstraintUsage[].omit
+** is true, then the constraint is assumed to be fully handled by the
+** virtual table and is not checked again by SQLite.)^
+**
+** ^The idxNum and idxPtr values are recorded and passed into the
+** [xFilter] method.
+** ^[sqlite3_free()] is used to free idxPtr if and only if
+** needToFreeIdxPtr is true.
+**
+** ^The orderByConsumed means that output from [xFilter]/[xNext] will occur in
+** the correct order to satisfy the ORDER BY clause so that no separate
+** sorting step is required.
+**
+** ^The estimatedCost value is an estimate of the cost of a particular
+** strategy. A cost of N indicates that the cost of the strategy is similar
+** to a linear scan of an SQLite table with N rows. A cost of log(N)
+** indicates that the expense of the operation is similar to that of a
+** binary search on a unique indexed field of an SQLite table with N rows.
+**
+** ^The estimatedRows value is an estimate of the number of rows that
+** will be returned by the strategy.
+**
+** The xBestIndex method may optionally populate the idxFlags field with a
+** mask of SQLITE_INDEX_SCAN_* flags. Currently there is only one such flag -
+** SQLITE_INDEX_SCAN_UNIQUE. If the xBestIndex method sets this flag, SQLite
+** assumes that the strategy may visit at most one row.
+**
+** Additionally, if xBestIndex sets the SQLITE_INDEX_SCAN_UNIQUE flag, then
+** SQLite also assumes that if a call to the xUpdate() method is made as
+** part of the same statement to delete or update a virtual table row and the
+** implementation returns SQLITE_CONSTRAINT, then there is no need to rollback
+** any database changes. In other words, if the xUpdate() returns
+** SQLITE_CONSTRAINT, the database contents must be exactly as they were
+** before xUpdate was called. By contrast, if SQLITE_INDEX_SCAN_UNIQUE is not
+** set and xUpdate returns SQLITE_CONSTRAINT, any database changes made by
+** the xUpdate method are automatically rolled back by SQLite.
+**
+** IMPORTANT: The estimatedRows field was added to the sqlite3_index_info
+** structure for SQLite version 3.8.2. If a virtual table extension is
+** used with an SQLite version earlier than 3.8.2, the results of attempting
+** to read or write the estimatedRows field are undefined (but are likely
+** to included crashing the application). The estimatedRows field should
+** therefore only be used if [sqlite3_libversion_number()] returns a
+** value greater than or equal to 3008002. Similarly, the idxFlags field
+** was added for version 3.9.0. It may therefore only be used if
+** sqlite3_libversion_number() returns a value greater than or equal to
+** 3009000.
+*/
+struct sqlite3_index_info {
+ /* Inputs */
+ int nConstraint; /* Number of entries in aConstraint */
+ struct sqlite3_index_constraint {
+ int iColumn; /* Column on left-hand side of constraint */
+ unsigned char op; /* Constraint operator */
+ unsigned char usable; /* True if this constraint is usable */
+ int iTermOffset; /* Used internally - xBestIndex should ignore */
+ } *aConstraint; /* Table of WHERE clause constraints */
+ int nOrderBy; /* Number of terms in the ORDER BY clause */
+ struct sqlite3_index_orderby {
+ int iColumn; /* Column number */
+ unsigned char desc; /* True for DESC. False for ASC. */
+ } *aOrderBy; /* The ORDER BY clause */
+ /* Outputs */
+ struct sqlite3_index_constraint_usage {
+ int argvIndex; /* if >0, constraint is part of argv to xFilter */
+ unsigned char omit; /* Do not code a test for this constraint */
+ } *aConstraintUsage;
+ int idxNum; /* Number used to identify the index */
+ char *idxStr; /* String, possibly obtained from sqlite3_malloc */
+ int needToFreeIdxStr; /* Free idxStr using sqlite3_free() if true */
+ int orderByConsumed; /* True if output is already ordered */
+ double estimatedCost; /* Estimated cost of using this index */
+ /* Fields below are only available in SQLite 3.8.2 and later */
+ sqlite3_int64 estimatedRows; /* Estimated number of rows returned */
+ /* Fields below are only available in SQLite 3.9.0 and later */
+ int idxFlags; /* Mask of SQLITE_INDEX_SCAN_* flags */
+ /* Fields below are only available in SQLite 3.10.0 and later */
+ sqlite3_uint64 colUsed; /* Input: Mask of columns used by statement */
+};
+
+/*
+** CAPI3REF: Virtual Table Scan Flags
+*/
+#define SQLITE_INDEX_SCAN_UNIQUE 1 /* Scan visits at most 1 row */
+
+/*
+** CAPI3REF: Virtual Table Constraint Operator Codes
+**
+** These macros defined the allowed values for the
+** [sqlite3_index_info].aConstraint[].op field. Each value represents
+** an operator that is part of a constraint term in the wHERE clause of
+** a query that uses a [virtual table].
+*/
+#define SQLITE_INDEX_CONSTRAINT_EQ 2
+#define SQLITE_INDEX_CONSTRAINT_GT 4
+#define SQLITE_INDEX_CONSTRAINT_LE 8
+#define SQLITE_INDEX_CONSTRAINT_LT 16
+#define SQLITE_INDEX_CONSTRAINT_GE 32
+#define SQLITE_INDEX_CONSTRAINT_MATCH 64
+#define SQLITE_INDEX_CONSTRAINT_LIKE 65
+#define SQLITE_INDEX_CONSTRAINT_GLOB 66
+#define SQLITE_INDEX_CONSTRAINT_REGEXP 67
+
+/*
+** CAPI3REF: Register A Virtual Table Implementation
+** METHOD: sqlite3
+**
+** ^These routines are used to register a new [virtual table module] name.
+** ^Module names must be registered before
+** creating a new [virtual table] using the module and before using a
+** preexisting [virtual table] for the module.
+**
+** ^The module name is registered on the [database connection] specified
+** by the first parameter. ^The name of the module is given by the
+** second parameter. ^The third parameter is a pointer to
+** the implementation of the [virtual table module]. ^The fourth
+** parameter is an arbitrary client data pointer that is passed through
+** into the [xCreate] and [xConnect] methods of the virtual table module
+** when a new virtual table is be being created or reinitialized.
+**
+** ^The sqlite3_create_module_v2() interface has a fifth parameter which
+** is a pointer to a destructor for the pClientData. ^SQLite will
+** invoke the destructor function (if it is not NULL) when SQLite
+** no longer needs the pClientData pointer. ^The destructor will also
+** be invoked if the call to sqlite3_create_module_v2() fails.
+** ^The sqlite3_create_module()
+** interface is equivalent to sqlite3_create_module_v2() with a NULL
+** destructor.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_create_module(
+ sqlite3 *db, /* SQLite connection to register module with */
+ const char *zName, /* Name of the module */
+ const sqlite3_module *p, /* Methods for the module */
+ void *pClientData /* Client data for xCreate/xConnect */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_create_module_v2(
+ sqlite3 *db, /* SQLite connection to register module with */
+ const char *zName, /* Name of the module */
+ const sqlite3_module *p, /* Methods for the module */
+ void *pClientData, /* Client data for xCreate/xConnect */
+ void(*xDestroy)(void*) /* Module destructor function */
+);
+
+/*
+** CAPI3REF: Virtual Table Instance Object
+** KEYWORDS: sqlite3_vtab
+**
+** Every [virtual table module] implementation uses a subclass
+** of this object to describe a particular instance
+** of the [virtual table]. Each subclass will
+** be tailored to the specific needs of the module implementation.
+** The purpose of this superclass is to define certain fields that are
+** common to all module implementations.
+**
+** ^Virtual tables methods can set an error message by assigning a
+** string obtained from [sqlite3_mprintf()] to zErrMsg. The method should
+** take care that any prior string is freed by a call to [sqlite3_free()]
+** prior to assigning a new string to zErrMsg. ^After the error message
+** is delivered up to the client application, the string will be automatically
+** freed by sqlite3_free() and the zErrMsg field will be zeroed.
+*/
+struct sqlite3_vtab {
+ const sqlite3_module *pModule; /* The module for this virtual table */
+ int nRef; /* Number of open cursors */
+ char *zErrMsg; /* Error message from sqlite3_mprintf() */
+ /* Virtual table implementations will typically add additional fields */
+};
+
+/*
+** CAPI3REF: Virtual Table Cursor Object
+** KEYWORDS: sqlite3_vtab_cursor {virtual table cursor}
+**
+** Every [virtual table module] implementation uses a subclass of the
+** following structure to describe cursors that point into the
+** [virtual table] and are used
+** to loop through the virtual table. Cursors are created using the
+** [sqlite3_module.xOpen | xOpen] method of the module and are destroyed
+** by the [sqlite3_module.xClose | xClose] method. Cursors are used
+** by the [xFilter], [xNext], [xEof], [xColumn], and [xRowid] methods
+** of the module. Each module implementation will define
+** the content of a cursor structure to suit its own needs.
+**
+** This superclass exists in order to define fields of the cursor that
+** are common to all implementations.
+*/
+struct sqlite3_vtab_cursor {
+ sqlite3_vtab *pVtab; /* Virtual table of this cursor */
+ /* Virtual table implementations will typically add additional fields */
+};
+
+/*
+** CAPI3REF: Declare The Schema Of A Virtual Table
+**
+** ^The [xCreate] and [xConnect] methods of a
+** [virtual table module] call this interface
+** to declare the format (the names and datatypes of the columns) of
+** the virtual tables they implement.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_declare_vtab(sqlite3*, const char *zSQL);
+
+/*
+** CAPI3REF: Overload A Function For A Virtual Table
+** METHOD: sqlite3
+**
+** ^(Virtual tables can provide alternative implementations of functions
+** using the [xFindFunction] method of the [virtual table module].
+** But global versions of those functions
+** must exist in order to be overloaded.)^
+**
+** ^(This API makes sure a global version of a function with a particular
+** name and number of parameters exists. If no such function exists
+** before this API is called, a new function is created.)^ ^The implementation
+** of the new function always causes an exception to be thrown. So
+** the new function is not good for anything by itself. Its only
+** purpose is to be a placeholder function that can be overloaded
+** by a [virtual table].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_overload_function(sqlite3*, const char *zFuncName, int nArg);
+
+/*
+** The interface to the virtual-table mechanism defined above (back up
+** to a comment remarkably similar to this one) is currently considered
+** to be experimental. The interface might change in incompatible ways.
+** If this is a problem for you, do not use the interface at this time.
+**
+** When the virtual-table mechanism stabilizes, we will declare the
+** interface fixed, support it indefinitely, and remove this comment.
+*/
+
+/*
+** CAPI3REF: A Handle To An Open BLOB
+** KEYWORDS: {BLOB handle} {BLOB handles}
+**
+** An instance of this object represents an open BLOB on which
+** [sqlite3_blob_open | incremental BLOB I/O] can be performed.
+** ^Objects of this type are created by [sqlite3_blob_open()]
+** and destroyed by [sqlite3_blob_close()].
+** ^The [sqlite3_blob_read()] and [sqlite3_blob_write()] interfaces
+** can be used to read or write small subsections of the BLOB.
+** ^The [sqlite3_blob_bytes()] interface returns the size of the BLOB in bytes.
+*/
+typedef struct sqlite3_blob sqlite3_blob;
+
+/*
+** CAPI3REF: Open A BLOB For Incremental I/O
+** METHOD: sqlite3
+** CONSTRUCTOR: sqlite3_blob
+**
+** ^(This interfaces opens a [BLOB handle | handle] to the BLOB located
+** in row iRow, column zColumn, table zTable in database zDb;
+** in other words, the same BLOB that would be selected by:
+**
+** <pre>
+** SELECT zColumn FROM zDb.zTable WHERE [rowid] = iRow;
+** </pre>)^
+**
+** ^(Parameter zDb is not the filename that contains the database, but
+** rather the symbolic name of the database. For attached databases, this is
+** the name that appears after the AS keyword in the [ATTACH] statement.
+** For the main database file, the database name is "main". For TEMP
+** tables, the database name is "temp".)^
+**
+** ^If the flags parameter is non-zero, then the BLOB is opened for read
+** and write access. ^If the flags parameter is zero, the BLOB is opened for
+** read-only access.
+**
+** ^(On success, [SQLITE_OK] is returned and the new [BLOB handle] is stored
+** in *ppBlob. Otherwise an [error code] is returned and, unless the error
+** code is SQLITE_MISUSE, *ppBlob is set to NULL.)^ ^This means that, provided
+** the API is not misused, it is always safe to call [sqlite3_blob_close()]
+** on *ppBlob after this function it returns.
+**
+** This function fails with SQLITE_ERROR if any of the following are true:
+** <ul>
+** <li> ^(Database zDb does not exist)^,
+** <li> ^(Table zTable does not exist within database zDb)^,
+** <li> ^(Table zTable is a WITHOUT ROWID table)^,
+** <li> ^(Column zColumn does not exist)^,
+** <li> ^(Row iRow is not present in the table)^,
+** <li> ^(The specified column of row iRow contains a value that is not
+** a TEXT or BLOB value)^,
+** <li> ^(Column zColumn is part of an index, PRIMARY KEY or UNIQUE
+** constraint and the blob is being opened for read/write access)^,
+** <li> ^([foreign key constraints | Foreign key constraints] are enabled,
+** column zColumn is part of a [child key] definition and the blob is
+** being opened for read/write access)^.
+** </ul>
+**
+** ^Unless it returns SQLITE_MISUSE, this function sets the
+** [database connection] error code and message accessible via
+** [sqlite3_errcode()] and [sqlite3_errmsg()] and related functions.
+**
+**
+** ^(If the row that a BLOB handle points to is modified by an
+** [UPDATE], [DELETE], or by [ON CONFLICT] side-effects
+** then the BLOB handle is marked as "expired".
+** This is true if any column of the row is changed, even a column
+** other than the one the BLOB handle is open on.)^
+** ^Calls to [sqlite3_blob_read()] and [sqlite3_blob_write()] for
+** an expired BLOB handle fail with a return code of [SQLITE_ABORT].
+** ^(Changes written into a BLOB prior to the BLOB expiring are not
+** rolled back by the expiration of the BLOB. Such changes will eventually
+** commit if the transaction continues to completion.)^
+**
+** ^Use the [sqlite3_blob_bytes()] interface to determine the size of
+** the opened blob. ^The size of a blob may not be changed by this
+** interface. Use the [UPDATE] SQL command to change the size of a
+** blob.
+**
+** ^The [sqlite3_bind_zeroblob()] and [sqlite3_result_zeroblob()] interfaces
+** and the built-in [zeroblob] SQL function may be used to create a
+** zero-filled blob to read or write using the incremental-blob interface.
+**
+** To avoid a resource leak, every open [BLOB handle] should eventually
+** be released by a call to [sqlite3_blob_close()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_open(
+ sqlite3*,
+ const char *zDb,
+ const char *zTable,
+ const char *zColumn,
+ sqlite3_int64 iRow,
+ int flags,
+ sqlite3_blob **ppBlob
+);
+
+/*
+** CAPI3REF: Move a BLOB Handle to a New Row
+** METHOD: sqlite3_blob
+**
+** ^This function is used to move an existing blob handle so that it points
+** to a different row of the same database table. ^The new row is identified
+** by the rowid value passed as the second argument. Only the row can be
+** changed. ^The database, table and column on which the blob handle is open
+** remain the same. Moving an existing blob handle to a new row can be
+** faster than closing the existing handle and opening a new one.
+**
+** ^(The new row must meet the same criteria as for [sqlite3_blob_open()] -
+** it must exist and there must be either a blob or text value stored in
+** the nominated column.)^ ^If the new row is not present in the table, or if
+** it does not contain a blob or text value, or if another error occurs, an
+** SQLite error code is returned and the blob handle is considered aborted.
+** ^All subsequent calls to [sqlite3_blob_read()], [sqlite3_blob_write()] or
+** [sqlite3_blob_reopen()] on an aborted blob handle immediately return
+** SQLITE_ABORT. ^Calling [sqlite3_blob_bytes()] on an aborted blob handle
+** always returns zero.
+**
+** ^This function sets the database handle error code and message.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_reopen(sqlite3_blob *, sqlite3_int64);
+
+/*
+** CAPI3REF: Close A BLOB Handle
+** DESTRUCTOR: sqlite3_blob
+**
+** ^This function closes an open [BLOB handle]. ^(The BLOB handle is closed
+** unconditionally. Even if this routine returns an error code, the
+** handle is still closed.)^
+**
+** ^If the blob handle being closed was opened for read-write access, and if
+** the database is in auto-commit mode and there are no other open read-write
+** blob handles or active write statements, the current transaction is
+** committed. ^If an error occurs while committing the transaction, an error
+** code is returned and the transaction rolled back.
+**
+** Calling this function with an argument that is not a NULL pointer or an
+** open blob handle results in undefined behaviour. ^Calling this routine
+** with a null pointer (such as would be returned by a failed call to
+** [sqlite3_blob_open()]) is a harmless no-op. ^Otherwise, if this function
+** is passed a valid open blob handle, the values returned by the
+** sqlite3_errcode() and sqlite3_errmsg() functions are set before returning.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_close(sqlite3_blob *);
+
+/*
+** CAPI3REF: Return The Size Of An Open BLOB
+** METHOD: sqlite3_blob
+**
+** ^Returns the size in bytes of the BLOB accessible via the
+** successfully opened [BLOB handle] in its only argument. ^The
+** incremental blob I/O routines can only read or overwriting existing
+** blob content; they cannot change the size of a blob.
+**
+** This routine only works on a [BLOB handle] which has been created
+** by a prior successful call to [sqlite3_blob_open()] and which has not
+** been closed by [sqlite3_blob_close()]. Passing any other pointer in
+** to this routine results in undefined and probably undesirable behavior.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_bytes(sqlite3_blob *);
+
+/*
+** CAPI3REF: Read Data From A BLOB Incrementally
+** METHOD: sqlite3_blob
+**
+** ^(This function is used to read data from an open [BLOB handle] into a
+** caller-supplied buffer. N bytes of data are copied into buffer Z
+** from the open BLOB, starting at offset iOffset.)^
+**
+** ^If offset iOffset is less than N bytes from the end of the BLOB,
+** [SQLITE_ERROR] is returned and no data is read. ^If N or iOffset is
+** less than zero, [SQLITE_ERROR] is returned and no data is read.
+** ^The size of the blob (and hence the maximum value of N+iOffset)
+** can be determined using the [sqlite3_blob_bytes()] interface.
+**
+** ^An attempt to read from an expired [BLOB handle] fails with an
+** error code of [SQLITE_ABORT].
+**
+** ^(On success, sqlite3_blob_read() returns SQLITE_OK.
+** Otherwise, an [error code] or an [extended error code] is returned.)^
+**
+** This routine only works on a [BLOB handle] which has been created
+** by a prior successful call to [sqlite3_blob_open()] and which has not
+** been closed by [sqlite3_blob_close()]. Passing any other pointer in
+** to this routine results in undefined and probably undesirable behavior.
+**
+** See also: [sqlite3_blob_write()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_read(sqlite3_blob *, void *Z, int N, int iOffset);
+
+/*
+** CAPI3REF: Write Data Into A BLOB Incrementally
+** METHOD: sqlite3_blob
+**
+** ^(This function is used to write data into an open [BLOB handle] from a
+** caller-supplied buffer. N bytes of data are copied from the buffer Z
+** into the open BLOB, starting at offset iOffset.)^
+**
+** ^(On success, sqlite3_blob_write() returns SQLITE_OK.
+** Otherwise, an [error code] or an [extended error code] is returned.)^
+** ^Unless SQLITE_MISUSE is returned, this function sets the
+** [database connection] error code and message accessible via
+** [sqlite3_errcode()] and [sqlite3_errmsg()] and related functions.
+**
+** ^If the [BLOB handle] passed as the first argument was not opened for
+** writing (the flags parameter to [sqlite3_blob_open()] was zero),
+** this function returns [SQLITE_READONLY].
+**
+** This function may only modify the contents of the BLOB; it is
+** not possible to increase the size of a BLOB using this API.
+** ^If offset iOffset is less than N bytes from the end of the BLOB,
+** [SQLITE_ERROR] is returned and no data is written. The size of the
+** BLOB (and hence the maximum value of N+iOffset) can be determined
+** using the [sqlite3_blob_bytes()] interface. ^If N or iOffset are less
+** than zero [SQLITE_ERROR] is returned and no data is written.
+**
+** ^An attempt to write to an expired [BLOB handle] fails with an
+** error code of [SQLITE_ABORT]. ^Writes to the BLOB that occurred
+** before the [BLOB handle] expired are not rolled back by the
+** expiration of the handle, though of course those changes might
+** have been overwritten by the statement that expired the BLOB handle
+** or by other independent statements.
+**
+** This routine only works on a [BLOB handle] which has been created
+** by a prior successful call to [sqlite3_blob_open()] and which has not
+** been closed by [sqlite3_blob_close()]. Passing any other pointer in
+** to this routine results in undefined and probably undesirable behavior.
+**
+** See also: [sqlite3_blob_read()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_blob_write(sqlite3_blob *, const void *z, int n, int iOffset);
+
+/*
+** CAPI3REF: Virtual File System Objects
+**
+** A virtual filesystem (VFS) is an [sqlite3_vfs] object
+** that SQLite uses to interact
+** with the underlying operating system. Most SQLite builds come with a
+** single default VFS that is appropriate for the host computer.
+** New VFSes can be registered and existing VFSes can be unregistered.
+** The following interfaces are provided.
+**
+** ^The sqlite3_vfs_find() interface returns a pointer to a VFS given its name.
+** ^Names are case sensitive.
+** ^Names are zero-terminated UTF-8 strings.
+** ^If there is no match, a NULL pointer is returned.
+** ^If zVfsName is NULL then the default VFS is returned.
+**
+** ^New VFSes are registered with sqlite3_vfs_register().
+** ^Each new VFS becomes the default VFS if the makeDflt flag is set.
+** ^The same VFS can be registered multiple times without injury.
+** ^To make an existing VFS into the default VFS, register it again
+** with the makeDflt flag set. If two different VFSes with the
+** same name are registered, the behavior is undefined. If a
+** VFS is registered with a name that is NULL or an empty string,
+** then the behavior is undefined.
+**
+** ^Unregister a VFS with the sqlite3_vfs_unregister() interface.
+** ^(If the default VFS is unregistered, another VFS is chosen as
+** the default. The choice for the new VFS is arbitrary.)^
+*/
+SQLITE_API sqlite3_vfs *SQLITE_STDCALL sqlite3_vfs_find(const char *zVfsName);
+SQLITE_API int SQLITE_STDCALL sqlite3_vfs_register(sqlite3_vfs*, int makeDflt);
+SQLITE_API int SQLITE_STDCALL sqlite3_vfs_unregister(sqlite3_vfs*);
+
+/*
+** CAPI3REF: Mutexes
+**
+** The SQLite core uses these routines for thread
+** synchronization. Though they are intended for internal
+** use by SQLite, code that links against SQLite is
+** permitted to use any of these routines.
+**
+** The SQLite source code contains multiple implementations
+** of these mutex routines. An appropriate implementation
+** is selected automatically at compile-time. The following
+** implementations are available in the SQLite core:
+**
+** <ul>
+** <li> SQLITE_MUTEX_PTHREADS
+** <li> SQLITE_MUTEX_W32
+** <li> SQLITE_MUTEX_NOOP
+** </ul>
+**
+** The SQLITE_MUTEX_NOOP implementation is a set of routines
+** that does no real locking and is appropriate for use in
+** a single-threaded application. The SQLITE_MUTEX_PTHREADS and
+** SQLITE_MUTEX_W32 implementations are appropriate for use on Unix
+** and Windows.
+**
+** If SQLite is compiled with the SQLITE_MUTEX_APPDEF preprocessor
+** macro defined (with "-DSQLITE_MUTEX_APPDEF=1"), then no mutex
+** implementation is included with the library. In this case the
+** application must supply a custom mutex implementation using the
+** [SQLITE_CONFIG_MUTEX] option of the sqlite3_config() function
+** before calling sqlite3_initialize() or any other public sqlite3_
+** function that calls sqlite3_initialize().
+**
+** ^The sqlite3_mutex_alloc() routine allocates a new
+** mutex and returns a pointer to it. ^The sqlite3_mutex_alloc()
+** routine returns NULL if it is unable to allocate the requested
+** mutex. The argument to sqlite3_mutex_alloc() must one of these
+** integer constants:
+**
+** <ul>
+** <li> SQLITE_MUTEX_FAST
+** <li> SQLITE_MUTEX_RECURSIVE
+** <li> SQLITE_MUTEX_STATIC_MASTER
+** <li> SQLITE_MUTEX_STATIC_MEM
+** <li> SQLITE_MUTEX_STATIC_OPEN
+** <li> SQLITE_MUTEX_STATIC_PRNG
+** <li> SQLITE_MUTEX_STATIC_LRU
+** <li> SQLITE_MUTEX_STATIC_PMEM
+** <li> SQLITE_MUTEX_STATIC_APP1
+** <li> SQLITE_MUTEX_STATIC_APP2
+** <li> SQLITE_MUTEX_STATIC_APP3
+** <li> SQLITE_MUTEX_STATIC_VFS1
+** <li> SQLITE_MUTEX_STATIC_VFS2
+** <li> SQLITE_MUTEX_STATIC_VFS3
+** </ul>
+**
+** ^The first two constants (SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE)
+** cause sqlite3_mutex_alloc() to create
+** a new mutex. ^The new mutex is recursive when SQLITE_MUTEX_RECURSIVE
+** is used but not necessarily so when SQLITE_MUTEX_FAST is used.
+** The mutex implementation does not need to make a distinction
+** between SQLITE_MUTEX_RECURSIVE and SQLITE_MUTEX_FAST if it does
+** not want to. SQLite will only request a recursive mutex in
+** cases where it really needs one. If a faster non-recursive mutex
+** implementation is available on the host platform, the mutex subsystem
+** might return such a mutex in response to SQLITE_MUTEX_FAST.
+**
+** ^The other allowed parameters to sqlite3_mutex_alloc() (anything other
+** than SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE) each return
+** a pointer to a static preexisting mutex. ^Nine static mutexes are
+** used by the current version of SQLite. Future versions of SQLite
+** may add additional static mutexes. Static mutexes are for internal
+** use by SQLite only. Applications that use SQLite mutexes should
+** use only the dynamic mutexes returned by SQLITE_MUTEX_FAST or
+** SQLITE_MUTEX_RECURSIVE.
+**
+** ^Note that if one of the dynamic mutex parameters (SQLITE_MUTEX_FAST
+** or SQLITE_MUTEX_RECURSIVE) is used then sqlite3_mutex_alloc()
+** returns a different mutex on every call. ^For the static
+** mutex types, the same mutex is returned on every call that has
+** the same type number.
+**
+** ^The sqlite3_mutex_free() routine deallocates a previously
+** allocated dynamic mutex. Attempting to deallocate a static
+** mutex results in undefined behavior.
+**
+** ^The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt
+** to enter a mutex. ^If another thread is already within the mutex,
+** sqlite3_mutex_enter() will block and sqlite3_mutex_try() will return
+** SQLITE_BUSY. ^The sqlite3_mutex_try() interface returns [SQLITE_OK]
+** upon successful entry. ^(Mutexes created using
+** SQLITE_MUTEX_RECURSIVE can be entered multiple times by the same thread.
+** In such cases, the
+** mutex must be exited an equal number of times before another thread
+** can enter.)^ If the same thread tries to enter any mutex other
+** than an SQLITE_MUTEX_RECURSIVE more than once, the behavior is undefined.
+**
+** ^(Some systems (for example, Windows 95) do not support the operation
+** implemented by sqlite3_mutex_try(). On those systems, sqlite3_mutex_try()
+** will always return SQLITE_BUSY. The SQLite core only ever uses
+** sqlite3_mutex_try() as an optimization so this is acceptable
+** behavior.)^
+**
+** ^The sqlite3_mutex_leave() routine exits a mutex that was
+** previously entered by the same thread. The behavior
+** is undefined if the mutex is not currently entered by the
+** calling thread or is not currently allocated.
+**
+** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), or
+** sqlite3_mutex_leave() is a NULL pointer, then all three routines
+** behave as no-ops.
+**
+** See also: [sqlite3_mutex_held()] and [sqlite3_mutex_notheld()].
+*/
+SQLITE_API sqlite3_mutex *SQLITE_STDCALL sqlite3_mutex_alloc(int);
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_free(sqlite3_mutex*);
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_enter(sqlite3_mutex*);
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_try(sqlite3_mutex*);
+SQLITE_API void SQLITE_STDCALL sqlite3_mutex_leave(sqlite3_mutex*);
+
+/*
+** CAPI3REF: Mutex Methods Object
+**
+** An instance of this structure defines the low-level routines
+** used to allocate and use mutexes.
+**
+** Usually, the default mutex implementations provided by SQLite are
+** sufficient, however the application has the option of substituting a custom
+** implementation for specialized deployments or systems for which SQLite
+** does not provide a suitable implementation. In this case, the application
+** creates and populates an instance of this structure to pass
+** to sqlite3_config() along with the [SQLITE_CONFIG_MUTEX] option.
+** Additionally, an instance of this structure can be used as an
+** output variable when querying the system for the current mutex
+** implementation, using the [SQLITE_CONFIG_GETMUTEX] option.
+**
+** ^The xMutexInit method defined by this structure is invoked as
+** part of system initialization by the sqlite3_initialize() function.
+** ^The xMutexInit routine is called by SQLite exactly once for each
+** effective call to [sqlite3_initialize()].
+**
+** ^The xMutexEnd method defined by this structure is invoked as
+** part of system shutdown by the sqlite3_shutdown() function. The
+** implementation of this method is expected to release all outstanding
+** resources obtained by the mutex methods implementation, especially
+** those obtained by the xMutexInit method. ^The xMutexEnd()
+** interface is invoked exactly once for each call to [sqlite3_shutdown()].
+**
+** ^(The remaining seven methods defined by this structure (xMutexAlloc,
+** xMutexFree, xMutexEnter, xMutexTry, xMutexLeave, xMutexHeld and
+** xMutexNotheld) implement the following interfaces (respectively):
+**
+** <ul>
+** <li> [sqlite3_mutex_alloc()] </li>
+** <li> [sqlite3_mutex_free()] </li>
+** <li> [sqlite3_mutex_enter()] </li>
+** <li> [sqlite3_mutex_try()] </li>
+** <li> [sqlite3_mutex_leave()] </li>
+** <li> [sqlite3_mutex_held()] </li>
+** <li> [sqlite3_mutex_notheld()] </li>
+** </ul>)^
+**
+** The only difference is that the public sqlite3_XXX functions enumerated
+** above silently ignore any invocations that pass a NULL pointer instead
+** of a valid mutex handle. The implementations of the methods defined
+** by this structure are not required to handle this case, the results
+** of passing a NULL pointer instead of a valid mutex handle are undefined
+** (i.e. it is acceptable to provide an implementation that segfaults if
+** it is passed a NULL pointer).
+**
+** The xMutexInit() method must be threadsafe. It must be harmless to
+** invoke xMutexInit() multiple times within the same process and without
+** intervening calls to xMutexEnd(). Second and subsequent calls to
+** xMutexInit() must be no-ops.
+**
+** xMutexInit() must not use SQLite memory allocation ([sqlite3_malloc()]
+** and its associates). Similarly, xMutexAlloc() must not use SQLite memory
+** allocation for a static mutex. ^However xMutexAlloc() may use SQLite
+** memory allocation for a fast or recursive mutex.
+**
+** ^SQLite will invoke the xMutexEnd() method when [sqlite3_shutdown()] is
+** called, but only if the prior call to xMutexInit returned SQLITE_OK.
+** If xMutexInit fails in any way, it is expected to clean up after itself
+** prior to returning.
+*/
+typedef struct sqlite3_mutex_methods sqlite3_mutex_methods;
+struct sqlite3_mutex_methods {
+ int (*xMutexInit)(void);
+ int (*xMutexEnd)(void);
+ sqlite3_mutex *(*xMutexAlloc)(int);
+ void (*xMutexFree)(sqlite3_mutex *);
+ void (*xMutexEnter)(sqlite3_mutex *);
+ int (*xMutexTry)(sqlite3_mutex *);
+ void (*xMutexLeave)(sqlite3_mutex *);
+ int (*xMutexHeld)(sqlite3_mutex *);
+ int (*xMutexNotheld)(sqlite3_mutex *);
+};
+
+/*
+** CAPI3REF: Mutex Verification Routines
+**
+** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routines
+** are intended for use inside assert() statements. The SQLite core
+** never uses these routines except inside an assert() and applications
+** are advised to follow the lead of the core. The SQLite core only
+** provides implementations for these routines when it is compiled
+** with the SQLITE_DEBUG flag. External mutex implementations
+** are only required to provide these routines if SQLITE_DEBUG is
+** defined and if NDEBUG is not defined.
+**
+** These routines should return true if the mutex in their argument
+** is held or not held, respectively, by the calling thread.
+**
+** The implementation is not required to provide versions of these
+** routines that actually work. If the implementation does not provide working
+** versions of these routines, it should at least provide stubs that always
+** return true so that one does not get spurious assertion failures.
+**
+** If the argument to sqlite3_mutex_held() is a NULL pointer then
+** the routine should return 1. This seems counter-intuitive since
+** clearly the mutex cannot be held if it does not exist. But
+** the reason the mutex does not exist is because the build is not
+** using mutexes. And we do not want the assert() containing the
+** call to sqlite3_mutex_held() to fail, so a non-zero return is
+** the appropriate thing to do. The sqlite3_mutex_notheld()
+** interface should also return 1 when given a NULL pointer.
+*/
+#ifndef NDEBUG
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_held(sqlite3_mutex*);
+SQLITE_API int SQLITE_STDCALL sqlite3_mutex_notheld(sqlite3_mutex*);
+#endif
+
+/*
+** CAPI3REF: Mutex Types
+**
+** The [sqlite3_mutex_alloc()] interface takes a single argument
+** which is one of these integer constants.
+**
+** The set of static mutexes may change from one SQLite release to the
+** next. Applications that override the built-in mutex logic must be
+** prepared to accommodate additional static mutexes.
+*/
+#define SQLITE_MUTEX_FAST 0
+#define SQLITE_MUTEX_RECURSIVE 1
+#define SQLITE_MUTEX_STATIC_MASTER 2
+#define SQLITE_MUTEX_STATIC_MEM 3 /* sqlite3_malloc() */
+#define SQLITE_MUTEX_STATIC_MEM2 4 /* NOT USED */
+#define SQLITE_MUTEX_STATIC_OPEN 4 /* sqlite3BtreeOpen() */
+#define SQLITE_MUTEX_STATIC_PRNG 5 /* sqlite3_random() */
+#define SQLITE_MUTEX_STATIC_LRU 6 /* lru page list */
+#define SQLITE_MUTEX_STATIC_LRU2 7 /* NOT USED */
+#define SQLITE_MUTEX_STATIC_PMEM 7 /* sqlite3PageMalloc() */
+#define SQLITE_MUTEX_STATIC_APP1 8 /* For use by application */
+#define SQLITE_MUTEX_STATIC_APP2 9 /* For use by application */
+#define SQLITE_MUTEX_STATIC_APP3 10 /* For use by application */
+#define SQLITE_MUTEX_STATIC_VFS1 11 /* For use by built-in VFS */
+#define SQLITE_MUTEX_STATIC_VFS2 12 /* For use by extension VFS */
+#define SQLITE_MUTEX_STATIC_VFS3 13 /* For use by application VFS */
+
+/*
+** CAPI3REF: Retrieve the mutex for a database connection
+** METHOD: sqlite3
+**
+** ^This interface returns a pointer the [sqlite3_mutex] object that
+** serializes access to the [database connection] given in the argument
+** when the [threading mode] is Serialized.
+** ^If the [threading mode] is Single-thread or Multi-thread then this
+** routine returns a NULL pointer.
+*/
+SQLITE_API sqlite3_mutex *SQLITE_STDCALL sqlite3_db_mutex(sqlite3*);
+
+/*
+** CAPI3REF: Low-Level Control Of Database Files
+** METHOD: sqlite3
+**
+** ^The [sqlite3_file_control()] interface makes a direct call to the
+** xFileControl method for the [sqlite3_io_methods] object associated
+** with a particular database identified by the second argument. ^The
+** name of the database is "main" for the main database or "temp" for the
+** TEMP database, or the name that appears after the AS keyword for
+** databases that are added using the [ATTACH] SQL command.
+** ^A NULL pointer can be used in place of "main" to refer to the
+** main database file.
+** ^The third and fourth parameters to this routine
+** are passed directly through to the second and third parameters of
+** the xFileControl method. ^The return value of the xFileControl
+** method becomes the return value of this routine.
+**
+** ^The SQLITE_FCNTL_FILE_POINTER value for the op parameter causes
+** a pointer to the underlying [sqlite3_file] object to be written into
+** the space pointed to by the 4th parameter. ^The SQLITE_FCNTL_FILE_POINTER
+** case is a short-circuit path which does not actually invoke the
+** underlying sqlite3_io_methods.xFileControl method.
+**
+** ^If the second parameter (zDbName) does not match the name of any
+** open database file, then SQLITE_ERROR is returned. ^This error
+** code is not remembered and will not be recalled by [sqlite3_errcode()]
+** or [sqlite3_errmsg()]. The underlying xFileControl method might
+** also return SQLITE_ERROR. There is no way to distinguish between
+** an incorrect zDbName and an SQLITE_ERROR return from the underlying
+** xFileControl method.
+**
+** See also: [SQLITE_FCNTL_LOCKSTATE]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_file_control(sqlite3*, const char *zDbName, int op, void*);
+
+/*
+** CAPI3REF: Testing Interface
+**
+** ^The sqlite3_test_control() interface is used to read out internal
+** state of SQLite and to inject faults into SQLite for testing
+** purposes. ^The first parameter is an operation code that determines
+** the number, meaning, and operation of all subsequent parameters.
+**
+** This interface is not for use by applications. It exists solely
+** for verifying the correct operation of the SQLite library. Depending
+** on how the SQLite library is compiled, this interface might not exist.
+**
+** The details of the operation codes, their meanings, the parameters
+** they take, and what they do are all subject to change without notice.
+** Unlike most of the SQLite API, this function is not guaranteed to
+** operate consistently from one release to the next.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_test_control(int op, ...);
+
+/*
+** CAPI3REF: Testing Interface Operation Codes
+**
+** These constants are the valid operation code parameters used
+** as the first argument to [sqlite3_test_control()].
+**
+** These parameters and their meanings are subject to change
+** without notice. These values are for testing purposes only.
+** Applications should not use any of these parameters or the
+** [sqlite3_test_control()] interface.
+*/
+#define SQLITE_TESTCTRL_FIRST 5
+#define SQLITE_TESTCTRL_PRNG_SAVE 5
+#define SQLITE_TESTCTRL_PRNG_RESTORE 6
+#define SQLITE_TESTCTRL_PRNG_RESET 7
+#define SQLITE_TESTCTRL_BITVEC_TEST 8
+#define SQLITE_TESTCTRL_FAULT_INSTALL 9
+#define SQLITE_TESTCTRL_BENIGN_MALLOC_HOOKS 10
+#define SQLITE_TESTCTRL_PENDING_BYTE 11
+#define SQLITE_TESTCTRL_ASSERT 12
+#define SQLITE_TESTCTRL_ALWAYS 13
+#define SQLITE_TESTCTRL_RESERVE 14
+#define SQLITE_TESTCTRL_OPTIMIZATIONS 15
+#define SQLITE_TESTCTRL_ISKEYWORD 16
+#define SQLITE_TESTCTRL_SCRATCHMALLOC 17
+#define SQLITE_TESTCTRL_LOCALTIME_FAULT 18
+#define SQLITE_TESTCTRL_EXPLAIN_STMT 19 /* NOT USED */
+#define SQLITE_TESTCTRL_NEVER_CORRUPT 20
+#define SQLITE_TESTCTRL_VDBE_COVERAGE 21
+#define SQLITE_TESTCTRL_BYTEORDER 22
+#define SQLITE_TESTCTRL_ISINIT 23
+#define SQLITE_TESTCTRL_SORTER_MMAP 24
+#define SQLITE_TESTCTRL_IMPOSTER 25
+#define SQLITE_TESTCTRL_LAST 25
+
+/*
+** CAPI3REF: SQLite Runtime Status
+**
+** ^These interfaces are used to retrieve runtime status information
+** about the performance of SQLite, and optionally to reset various
+** highwater marks. ^The first argument is an integer code for
+** the specific parameter to measure. ^(Recognized integer codes
+** are of the form [status parameters | SQLITE_STATUS_...].)^
+** ^The current value of the parameter is returned into *pCurrent.
+** ^The highest recorded value is returned in *pHighwater. ^If the
+** resetFlag is true, then the highest record value is reset after
+** *pHighwater is written. ^(Some parameters do not record the highest
+** value. For those parameters
+** nothing is written into *pHighwater and the resetFlag is ignored.)^
+** ^(Other parameters record only the highwater mark and not the current
+** value. For these latter parameters nothing is written into *pCurrent.)^
+**
+** ^The sqlite3_status() and sqlite3_status64() routines return
+** SQLITE_OK on success and a non-zero [error code] on failure.
+**
+** If either the current value or the highwater mark is too large to
+** be represented by a 32-bit integer, then the values returned by
+** sqlite3_status() are undefined.
+**
+** See also: [sqlite3_db_status()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_status(int op, int *pCurrent, int *pHighwater, int resetFlag);
+SQLITE_API int SQLITE_STDCALL sqlite3_status64(
+ int op,
+ sqlite3_int64 *pCurrent,
+ sqlite3_int64 *pHighwater,
+ int resetFlag
+);
+
+
+/*
+** CAPI3REF: Status Parameters
+** KEYWORDS: {status parameters}
+**
+** These integer constants designate various run-time status parameters
+** that can be returned by [sqlite3_status()].
+**
+** <dl>
+** [[SQLITE_STATUS_MEMORY_USED]] ^(<dt>SQLITE_STATUS_MEMORY_USED</dt>
+** <dd>This parameter is the current amount of memory checked out
+** using [sqlite3_malloc()], either directly or indirectly. The
+** figure includes calls made to [sqlite3_malloc()] by the application
+** and internal memory usage by the SQLite library. Scratch memory
+** controlled by [SQLITE_CONFIG_SCRATCH] and auxiliary page-cache
+** memory controlled by [SQLITE_CONFIG_PAGECACHE] is not included in
+** this parameter. The amount returned is the sum of the allocation
+** sizes as reported by the xSize method in [sqlite3_mem_methods].</dd>)^
+**
+** [[SQLITE_STATUS_MALLOC_SIZE]] ^(<dt>SQLITE_STATUS_MALLOC_SIZE</dt>
+** <dd>This parameter records the largest memory allocation request
+** handed to [sqlite3_malloc()] or [sqlite3_realloc()] (or their
+** internal equivalents). Only the value returned in the
+** *pHighwater parameter to [sqlite3_status()] is of interest.
+** The value written into the *pCurrent parameter is undefined.</dd>)^
+**
+** [[SQLITE_STATUS_MALLOC_COUNT]] ^(<dt>SQLITE_STATUS_MALLOC_COUNT</dt>
+** <dd>This parameter records the number of separate memory allocations
+** currently checked out.</dd>)^
+**
+** [[SQLITE_STATUS_PAGECACHE_USED]] ^(<dt>SQLITE_STATUS_PAGECACHE_USED</dt>
+** <dd>This parameter returns the number of pages used out of the
+** [pagecache memory allocator] that was configured using
+** [SQLITE_CONFIG_PAGECACHE]. The
+** value returned is in pages, not in bytes.</dd>)^
+**
+** [[SQLITE_STATUS_PAGECACHE_OVERFLOW]]
+** ^(<dt>SQLITE_STATUS_PAGECACHE_OVERFLOW</dt>
+** <dd>This parameter returns the number of bytes of page cache
+** allocation which could not be satisfied by the [SQLITE_CONFIG_PAGECACHE]
+** buffer and where forced to overflow to [sqlite3_malloc()]. The
+** returned value includes allocations that overflowed because they
+** where too large (they were larger than the "sz" parameter to
+** [SQLITE_CONFIG_PAGECACHE]) and allocations that overflowed because
+** no space was left in the page cache.</dd>)^
+**
+** [[SQLITE_STATUS_PAGECACHE_SIZE]] ^(<dt>SQLITE_STATUS_PAGECACHE_SIZE</dt>
+** <dd>This parameter records the largest memory allocation request
+** handed to [pagecache memory allocator]. Only the value returned in the
+** *pHighwater parameter to [sqlite3_status()] is of interest.
+** The value written into the *pCurrent parameter is undefined.</dd>)^
+**
+** [[SQLITE_STATUS_SCRATCH_USED]] ^(<dt>SQLITE_STATUS_SCRATCH_USED</dt>
+** <dd>This parameter returns the number of allocations used out of the
+** [scratch memory allocator] configured using
+** [SQLITE_CONFIG_SCRATCH]. The value returned is in allocations, not
+** in bytes. Since a single thread may only have one scratch allocation
+** outstanding at time, this parameter also reports the number of threads
+** using scratch memory at the same time.</dd>)^
+**
+** [[SQLITE_STATUS_SCRATCH_OVERFLOW]] ^(<dt>SQLITE_STATUS_SCRATCH_OVERFLOW</dt>
+** <dd>This parameter returns the number of bytes of scratch memory
+** allocation which could not be satisfied by the [SQLITE_CONFIG_SCRATCH]
+** buffer and where forced to overflow to [sqlite3_malloc()]. The values
+** returned include overflows because the requested allocation was too
+** larger (that is, because the requested allocation was larger than the
+** "sz" parameter to [SQLITE_CONFIG_SCRATCH]) and because no scratch buffer
+** slots were available.
+** </dd>)^
+**
+** [[SQLITE_STATUS_SCRATCH_SIZE]] ^(<dt>SQLITE_STATUS_SCRATCH_SIZE</dt>
+** <dd>This parameter records the largest memory allocation request
+** handed to [scratch memory allocator]. Only the value returned in the
+** *pHighwater parameter to [sqlite3_status()] is of interest.
+** The value written into the *pCurrent parameter is undefined.</dd>)^
+**
+** [[SQLITE_STATUS_PARSER_STACK]] ^(<dt>SQLITE_STATUS_PARSER_STACK</dt>
+** <dd>The *pHighwater parameter records the deepest parser stack.
+** The *pCurrent value is undefined. The *pHighwater value is only
+** meaningful if SQLite is compiled with [YYTRACKMAXSTACKDEPTH].</dd>)^
+** </dl>
+**
+** New status parameters may be added from time to time.
+*/
+#define SQLITE_STATUS_MEMORY_USED 0
+#define SQLITE_STATUS_PAGECACHE_USED 1
+#define SQLITE_STATUS_PAGECACHE_OVERFLOW 2
+#define SQLITE_STATUS_SCRATCH_USED 3
+#define SQLITE_STATUS_SCRATCH_OVERFLOW 4
+#define SQLITE_STATUS_MALLOC_SIZE 5
+#define SQLITE_STATUS_PARSER_STACK 6
+#define SQLITE_STATUS_PAGECACHE_SIZE 7
+#define SQLITE_STATUS_SCRATCH_SIZE 8
+#define SQLITE_STATUS_MALLOC_COUNT 9
+
+/*
+** CAPI3REF: Database Connection Status
+** METHOD: sqlite3
+**
+** ^This interface is used to retrieve runtime status information
+** about a single [database connection]. ^The first argument is the
+** database connection object to be interrogated. ^The second argument
+** is an integer constant, taken from the set of
+** [SQLITE_DBSTATUS options], that
+** determines the parameter to interrogate. The set of
+** [SQLITE_DBSTATUS options] is likely
+** to grow in future releases of SQLite.
+**
+** ^The current value of the requested parameter is written into *pCur
+** and the highest instantaneous value is written into *pHiwtr. ^If
+** the resetFlg is true, then the highest instantaneous value is
+** reset back down to the current value.
+**
+** ^The sqlite3_db_status() routine returns SQLITE_OK on success and a
+** non-zero [error code] on failure.
+**
+** See also: [sqlite3_status()] and [sqlite3_stmt_status()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int resetFlg);
+
+/*
+** CAPI3REF: Status Parameters for database connections
+** KEYWORDS: {SQLITE_DBSTATUS options}
+**
+** These constants are the available integer "verbs" that can be passed as
+** the second argument to the [sqlite3_db_status()] interface.
+**
+** New verbs may be added in future releases of SQLite. Existing verbs
+** might be discontinued. Applications should check the return code from
+** [sqlite3_db_status()] to make sure that the call worked.
+** The [sqlite3_db_status()] interface will return a non-zero error code
+** if a discontinued or unsupported verb is invoked.
+**
+** <dl>
+** [[SQLITE_DBSTATUS_LOOKASIDE_USED]] ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_USED</dt>
+** <dd>This parameter returns the number of lookaside memory slots currently
+** checked out.</dd>)^
+**
+** [[SQLITE_DBSTATUS_LOOKASIDE_HIT]] ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_HIT</dt>
+** <dd>This parameter returns the number malloc attempts that were
+** satisfied using lookaside memory. Only the high-water value is meaningful;
+** the current value is always zero.)^
+**
+** [[SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE]]
+** ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE</dt>
+** <dd>This parameter returns the number malloc attempts that might have
+** been satisfied using lookaside memory but failed due to the amount of
+** memory requested being larger than the lookaside slot size.
+** Only the high-water value is meaningful;
+** the current value is always zero.)^
+**
+** [[SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL]]
+** ^(<dt>SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL</dt>
+** <dd>This parameter returns the number malloc attempts that might have
+** been satisfied using lookaside memory but failed due to all lookaside
+** memory already being in use.
+** Only the high-water value is meaningful;
+** the current value is always zero.)^
+**
+** [[SQLITE_DBSTATUS_CACHE_USED]] ^(<dt>SQLITE_DBSTATUS_CACHE_USED</dt>
+** <dd>This parameter returns the approximate number of bytes of heap
+** memory used by all pager caches associated with the database connection.)^
+** ^The highwater mark associated with SQLITE_DBSTATUS_CACHE_USED is always 0.
+**
+** [[SQLITE_DBSTATUS_SCHEMA_USED]] ^(<dt>SQLITE_DBSTATUS_SCHEMA_USED</dt>
+** <dd>This parameter returns the approximate number of bytes of heap
+** memory used to store the schema for all databases associated
+** with the connection - main, temp, and any [ATTACH]-ed databases.)^
+** ^The full amount of memory used by the schemas is reported, even if the
+** schema memory is shared with other database connections due to
+** [shared cache mode] being enabled.
+** ^The highwater mark associated with SQLITE_DBSTATUS_SCHEMA_USED is always 0.
+**
+** [[SQLITE_DBSTATUS_STMT_USED]] ^(<dt>SQLITE_DBSTATUS_STMT_USED</dt>
+** <dd>This parameter returns the approximate number of bytes of heap
+** and lookaside memory used by all prepared statements associated with
+** the database connection.)^
+** ^The highwater mark associated with SQLITE_DBSTATUS_STMT_USED is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_CACHE_HIT]] ^(<dt>SQLITE_DBSTATUS_CACHE_HIT</dt>
+** <dd>This parameter returns the number of pager cache hits that have
+** occurred.)^ ^The highwater mark associated with SQLITE_DBSTATUS_CACHE_HIT
+** is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_CACHE_MISS]] ^(<dt>SQLITE_DBSTATUS_CACHE_MISS</dt>
+** <dd>This parameter returns the number of pager cache misses that have
+** occurred.)^ ^The highwater mark associated with SQLITE_DBSTATUS_CACHE_MISS
+** is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_CACHE_WRITE]] ^(<dt>SQLITE_DBSTATUS_CACHE_WRITE</dt>
+** <dd>This parameter returns the number of dirty cache entries that have
+** been written to disk. Specifically, the number of pages written to the
+** wal file in wal mode databases, or the number of pages written to the
+** database file in rollback mode databases. Any pages written as part of
+** transaction rollback or database recovery operations are not included.
+** If an IO or other error occurs while writing a page to disk, the effect
+** on subsequent SQLITE_DBSTATUS_CACHE_WRITE requests is undefined.)^ ^The
+** highwater mark associated with SQLITE_DBSTATUS_CACHE_WRITE is always 0.
+** </dd>
+**
+** [[SQLITE_DBSTATUS_DEFERRED_FKS]] ^(<dt>SQLITE_DBSTATUS_DEFERRED_FKS</dt>
+** <dd>This parameter returns zero for the current value if and only if
+** all foreign key constraints (deferred or immediate) have been
+** resolved.)^ ^The highwater mark is always 0.
+** </dd>
+** </dl>
+*/
+#define SQLITE_DBSTATUS_LOOKASIDE_USED 0
+#define SQLITE_DBSTATUS_CACHE_USED 1
+#define SQLITE_DBSTATUS_SCHEMA_USED 2
+#define SQLITE_DBSTATUS_STMT_USED 3
+#define SQLITE_DBSTATUS_LOOKASIDE_HIT 4
+#define SQLITE_DBSTATUS_LOOKASIDE_MISS_SIZE 5
+#define SQLITE_DBSTATUS_LOOKASIDE_MISS_FULL 6
+#define SQLITE_DBSTATUS_CACHE_HIT 7
+#define SQLITE_DBSTATUS_CACHE_MISS 8
+#define SQLITE_DBSTATUS_CACHE_WRITE 9
+#define SQLITE_DBSTATUS_DEFERRED_FKS 10
+#define SQLITE_DBSTATUS_MAX 10 /* Largest defined DBSTATUS */
+
+
+/*
+** CAPI3REF: Prepared Statement Status
+** METHOD: sqlite3_stmt
+**
+** ^(Each prepared statement maintains various
+** [SQLITE_STMTSTATUS counters] that measure the number
+** of times it has performed specific operations.)^ These counters can
+** be used to monitor the performance characteristics of the prepared
+** statements. For example, if the number of table steps greatly exceeds
+** the number of table searches or result rows, that would tend to indicate
+** that the prepared statement is using a full table scan rather than
+** an index.
+**
+** ^(This interface is used to retrieve and reset counter values from
+** a [prepared statement]. The first argument is the prepared statement
+** object to be interrogated. The second argument
+** is an integer code for a specific [SQLITE_STMTSTATUS counter]
+** to be interrogated.)^
+** ^The current value of the requested counter is returned.
+** ^If the resetFlg is true, then the counter is reset to zero after this
+** interface call returns.
+**
+** See also: [sqlite3_status()] and [sqlite3_db_status()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_status(sqlite3_stmt*, int op,int resetFlg);
+
+/*
+** CAPI3REF: Status Parameters for prepared statements
+** KEYWORDS: {SQLITE_STMTSTATUS counter} {SQLITE_STMTSTATUS counters}
+**
+** These preprocessor macros define integer codes that name counter
+** values associated with the [sqlite3_stmt_status()] interface.
+** The meanings of the various counters are as follows:
+**
+** <dl>
+** [[SQLITE_STMTSTATUS_FULLSCAN_STEP]] <dt>SQLITE_STMTSTATUS_FULLSCAN_STEP</dt>
+** <dd>^This is the number of times that SQLite has stepped forward in
+** a table as part of a full table scan. Large numbers for this counter
+** may indicate opportunities for performance improvement through
+** careful use of indices.</dd>
+**
+** [[SQLITE_STMTSTATUS_SORT]] <dt>SQLITE_STMTSTATUS_SORT</dt>
+** <dd>^This is the number of sort operations that have occurred.
+** A non-zero value in this counter may indicate an opportunity to
+** improvement performance through careful use of indices.</dd>
+**
+** [[SQLITE_STMTSTATUS_AUTOINDEX]] <dt>SQLITE_STMTSTATUS_AUTOINDEX</dt>
+** <dd>^This is the number of rows inserted into transient indices that
+** were created automatically in order to help joins run faster.
+** A non-zero value in this counter may indicate an opportunity to
+** improvement performance by adding permanent indices that do not
+** need to be reinitialized each time the statement is run.</dd>
+**
+** [[SQLITE_STMTSTATUS_VM_STEP]] <dt>SQLITE_STMTSTATUS_VM_STEP</dt>
+** <dd>^This is the number of virtual machine operations executed
+** by the prepared statement if that number is less than or equal
+** to 2147483647. The number of virtual machine operations can be
+** used as a proxy for the total work done by the prepared statement.
+** If the number of virtual machine operations exceeds 2147483647
+** then the value returned by this statement status code is undefined.
+** </dd>
+** </dl>
+*/
+#define SQLITE_STMTSTATUS_FULLSCAN_STEP 1
+#define SQLITE_STMTSTATUS_SORT 2
+#define SQLITE_STMTSTATUS_AUTOINDEX 3
+#define SQLITE_STMTSTATUS_VM_STEP 4
+
+/*
+** CAPI3REF: Custom Page Cache Object
+**
+** The sqlite3_pcache type is opaque. It is implemented by
+** the pluggable module. The SQLite core has no knowledge of
+** its size or internal structure and never deals with the
+** sqlite3_pcache object except by holding and passing pointers
+** to the object.
+**
+** See [sqlite3_pcache_methods2] for additional information.
+*/
+typedef struct sqlite3_pcache sqlite3_pcache;
+
+/*
+** CAPI3REF: Custom Page Cache Object
+**
+** The sqlite3_pcache_page object represents a single page in the
+** page cache. The page cache will allocate instances of this
+** object. Various methods of the page cache use pointers to instances
+** of this object as parameters or as their return value.
+**
+** See [sqlite3_pcache_methods2] for additional information.
+*/
+typedef struct sqlite3_pcache_page sqlite3_pcache_page;
+struct sqlite3_pcache_page {
+ void *pBuf; /* The content of the page */
+ void *pExtra; /* Extra information associated with the page */
+};
+
+/*
+** CAPI3REF: Application Defined Page Cache.
+** KEYWORDS: {page cache}
+**
+** ^(The [sqlite3_config]([SQLITE_CONFIG_PCACHE2], ...) interface can
+** register an alternative page cache implementation by passing in an
+** instance of the sqlite3_pcache_methods2 structure.)^
+** In many applications, most of the heap memory allocated by
+** SQLite is used for the page cache.
+** By implementing a
+** custom page cache using this API, an application can better control
+** the amount of memory consumed by SQLite, the way in which
+** that memory is allocated and released, and the policies used to
+** determine exactly which parts of a database file are cached and for
+** how long.
+**
+** The alternative page cache mechanism is an
+** extreme measure that is only needed by the most demanding applications.
+** The built-in page cache is recommended for most uses.
+**
+** ^(The contents of the sqlite3_pcache_methods2 structure are copied to an
+** internal buffer by SQLite within the call to [sqlite3_config]. Hence
+** the application may discard the parameter after the call to
+** [sqlite3_config()] returns.)^
+**
+** [[the xInit() page cache method]]
+** ^(The xInit() method is called once for each effective
+** call to [sqlite3_initialize()])^
+** (usually only once during the lifetime of the process). ^(The xInit()
+** method is passed a copy of the sqlite3_pcache_methods2.pArg value.)^
+** The intent of the xInit() method is to set up global data structures
+** required by the custom page cache implementation.
+** ^(If the xInit() method is NULL, then the
+** built-in default page cache is used instead of the application defined
+** page cache.)^
+**
+** [[the xShutdown() page cache method]]
+** ^The xShutdown() method is called by [sqlite3_shutdown()].
+** It can be used to clean up
+** any outstanding resources before process shutdown, if required.
+** ^The xShutdown() method may be NULL.
+**
+** ^SQLite automatically serializes calls to the xInit method,
+** so the xInit method need not be threadsafe. ^The
+** xShutdown method is only called from [sqlite3_shutdown()] so it does
+** not need to be threadsafe either. All other methods must be threadsafe
+** in multithreaded applications.
+**
+** ^SQLite will never invoke xInit() more than once without an intervening
+** call to xShutdown().
+**
+** [[the xCreate() page cache methods]]
+** ^SQLite invokes the xCreate() method to construct a new cache instance.
+** SQLite will typically create one cache instance for each open database file,
+** though this is not guaranteed. ^The
+** first parameter, szPage, is the size in bytes of the pages that must
+** be allocated by the cache. ^szPage will always a power of two. ^The
+** second parameter szExtra is a number of bytes of extra storage
+** associated with each page cache entry. ^The szExtra parameter will
+** a number less than 250. SQLite will use the
+** extra szExtra bytes on each page to store metadata about the underlying
+** database page on disk. The value passed into szExtra depends
+** on the SQLite version, the target platform, and how SQLite was compiled.
+** ^The third argument to xCreate(), bPurgeable, is true if the cache being
+** created will be used to cache database pages of a file stored on disk, or
+** false if it is used for an in-memory database. The cache implementation
+** does not have to do anything special based with the value of bPurgeable;
+** it is purely advisory. ^On a cache where bPurgeable is false, SQLite will
+** never invoke xUnpin() except to deliberately delete a page.
+** ^In other words, calls to xUnpin() on a cache with bPurgeable set to
+** false will always have the "discard" flag set to true.
+** ^Hence, a cache created with bPurgeable false will
+** never contain any unpinned pages.
+**
+** [[the xCachesize() page cache method]]
+** ^(The xCachesize() method may be called at any time by SQLite to set the
+** suggested maximum cache-size (number of pages stored by) the cache
+** instance passed as the first argument. This is the value configured using
+** the SQLite "[PRAGMA cache_size]" command.)^ As with the bPurgeable
+** parameter, the implementation is not required to do anything with this
+** value; it is advisory only.
+**
+** [[the xPagecount() page cache methods]]
+** The xPagecount() method must return the number of pages currently
+** stored in the cache, both pinned and unpinned.
+**
+** [[the xFetch() page cache methods]]
+** The xFetch() method locates a page in the cache and returns a pointer to
+** an sqlite3_pcache_page object associated with that page, or a NULL pointer.
+** The pBuf element of the returned sqlite3_pcache_page object will be a
+** pointer to a buffer of szPage bytes used to store the content of a
+** single database page. The pExtra element of sqlite3_pcache_page will be
+** a pointer to the szExtra bytes of extra storage that SQLite has requested
+** for each entry in the page cache.
+**
+** The page to be fetched is determined by the key. ^The minimum key value
+** is 1. After it has been retrieved using xFetch, the page is considered
+** to be "pinned".
+**
+** If the requested page is already in the page cache, then the page cache
+** implementation must return a pointer to the page buffer with its content
+** intact. If the requested page is not already in the cache, then the
+** cache implementation should use the value of the createFlag
+** parameter to help it determined what action to take:
+**
+** <table border=1 width=85% align=center>
+** <tr><th> createFlag <th> Behavior when page is not already in cache
+** <tr><td> 0 <td> Do not allocate a new page. Return NULL.
+** <tr><td> 1 <td> Allocate a new page if it easy and convenient to do so.
+** Otherwise return NULL.
+** <tr><td> 2 <td> Make every effort to allocate a new page. Only return
+** NULL if allocating a new page is effectively impossible.
+** </table>
+**
+** ^(SQLite will normally invoke xFetch() with a createFlag of 0 or 1. SQLite
+** will only use a createFlag of 2 after a prior call with a createFlag of 1
+** failed.)^ In between the to xFetch() calls, SQLite may
+** attempt to unpin one or more cache pages by spilling the content of
+** pinned pages to disk and synching the operating system disk cache.
+**
+** [[the xUnpin() page cache method]]
+** ^xUnpin() is called by SQLite with a pointer to a currently pinned page
+** as its second argument. If the third parameter, discard, is non-zero,
+** then the page must be evicted from the cache.
+** ^If the discard parameter is
+** zero, then the page may be discarded or retained at the discretion of
+** page cache implementation. ^The page cache implementation
+** may choose to evict unpinned pages at any time.
+**
+** The cache must not perform any reference counting. A single
+** call to xUnpin() unpins the page regardless of the number of prior calls
+** to xFetch().
+**
+** [[the xRekey() page cache methods]]
+** The xRekey() method is used to change the key value associated with the
+** page passed as the second argument. If the cache
+** previously contains an entry associated with newKey, it must be
+** discarded. ^Any prior cache entry associated with newKey is guaranteed not
+** to be pinned.
+**
+** When SQLite calls the xTruncate() method, the cache must discard all
+** existing cache entries with page numbers (keys) greater than or equal
+** to the value of the iLimit parameter passed to xTruncate(). If any
+** of these pages are pinned, they are implicitly unpinned, meaning that
+** they can be safely discarded.
+**
+** [[the xDestroy() page cache method]]
+** ^The xDestroy() method is used to delete a cache allocated by xCreate().
+** All resources associated with the specified cache should be freed. ^After
+** calling the xDestroy() method, SQLite considers the [sqlite3_pcache*]
+** handle invalid, and will not use it with any other sqlite3_pcache_methods2
+** functions.
+**
+** [[the xShrink() page cache method]]
+** ^SQLite invokes the xShrink() method when it wants the page cache to
+** free up as much of heap memory as possible. The page cache implementation
+** is not obligated to free any memory, but well-behaved implementations should
+** do their best.
+*/
+typedef struct sqlite3_pcache_methods2 sqlite3_pcache_methods2;
+struct sqlite3_pcache_methods2 {
+ int iVersion;
+ void *pArg;
+ int (*xInit)(void*);
+ void (*xShutdown)(void*);
+ sqlite3_pcache *(*xCreate)(int szPage, int szExtra, int bPurgeable);
+ void (*xCachesize)(sqlite3_pcache*, int nCachesize);
+ int (*xPagecount)(sqlite3_pcache*);
+ sqlite3_pcache_page *(*xFetch)(sqlite3_pcache*, unsigned key, int createFlag);
+ void (*xUnpin)(sqlite3_pcache*, sqlite3_pcache_page*, int discard);
+ void (*xRekey)(sqlite3_pcache*, sqlite3_pcache_page*,
+ unsigned oldKey, unsigned newKey);
+ void (*xTruncate)(sqlite3_pcache*, unsigned iLimit);
+ void (*xDestroy)(sqlite3_pcache*);
+ void (*xShrink)(sqlite3_pcache*);
+};
+
+/*
+** This is the obsolete pcache_methods object that has now been replaced
+** by sqlite3_pcache_methods2. This object is not used by SQLite. It is
+** retained in the header file for backwards compatibility only.
+*/
+typedef struct sqlite3_pcache_methods sqlite3_pcache_methods;
+struct sqlite3_pcache_methods {
+ void *pArg;
+ int (*xInit)(void*);
+ void (*xShutdown)(void*);
+ sqlite3_pcache *(*xCreate)(int szPage, int bPurgeable);
+ void (*xCachesize)(sqlite3_pcache*, int nCachesize);
+ int (*xPagecount)(sqlite3_pcache*);
+ void *(*xFetch)(sqlite3_pcache*, unsigned key, int createFlag);
+ void (*xUnpin)(sqlite3_pcache*, void*, int discard);
+ void (*xRekey)(sqlite3_pcache*, void*, unsigned oldKey, unsigned newKey);
+ void (*xTruncate)(sqlite3_pcache*, unsigned iLimit);
+ void (*xDestroy)(sqlite3_pcache*);
+};
+
+
+/*
+** CAPI3REF: Online Backup Object
+**
+** The sqlite3_backup object records state information about an ongoing
+** online backup operation. ^The sqlite3_backup object is created by
+** a call to [sqlite3_backup_init()] and is destroyed by a call to
+** [sqlite3_backup_finish()].
+**
+** See Also: [Using the SQLite Online Backup API]
+*/
+typedef struct sqlite3_backup sqlite3_backup;
+
+/*
+** CAPI3REF: Online Backup API.
+**
+** The backup API copies the content of one database into another.
+** It is useful either for creating backups of databases or
+** for copying in-memory databases to or from persistent files.
+**
+** See Also: [Using the SQLite Online Backup API]
+**
+** ^SQLite holds a write transaction open on the destination database file
+** for the duration of the backup operation.
+** ^The source database is read-locked only while it is being read;
+** it is not locked continuously for the entire backup operation.
+** ^Thus, the backup may be performed on a live source database without
+** preventing other database connections from
+** reading or writing to the source database while the backup is underway.
+**
+** ^(To perform a backup operation:
+** <ol>
+** <li><b>sqlite3_backup_init()</b> is called once to initialize the
+** backup,
+** <li><b>sqlite3_backup_step()</b> is called one or more times to transfer
+** the data between the two databases, and finally
+** <li><b>sqlite3_backup_finish()</b> is called to release all resources
+** associated with the backup operation.
+** </ol>)^
+** There should be exactly one call to sqlite3_backup_finish() for each
+** successful call to sqlite3_backup_init().
+**
+** [[sqlite3_backup_init()]] <b>sqlite3_backup_init()</b>
+**
+** ^The D and N arguments to sqlite3_backup_init(D,N,S,M) are the
+** [database connection] associated with the destination database
+** and the database name, respectively.
+** ^The database name is "main" for the main database, "temp" for the
+** temporary database, or the name specified after the AS keyword in
+** an [ATTACH] statement for an attached database.
+** ^The S and M arguments passed to
+** sqlite3_backup_init(D,N,S,M) identify the [database connection]
+** and database name of the source database, respectively.
+** ^The source and destination [database connections] (parameters S and D)
+** must be different or else sqlite3_backup_init(D,N,S,M) will fail with
+** an error.
+**
+** ^A call to sqlite3_backup_init() will fail, returning SQLITE_ERROR, if
+** there is already a read or read-write transaction open on the
+** destination database.
+**
+** ^If an error occurs within sqlite3_backup_init(D,N,S,M), then NULL is
+** returned and an error code and error message are stored in the
+** destination [database connection] D.
+** ^The error code and message for the failed call to sqlite3_backup_init()
+** can be retrieved using the [sqlite3_errcode()], [sqlite3_errmsg()], and/or
+** [sqlite3_errmsg16()] functions.
+** ^A successful call to sqlite3_backup_init() returns a pointer to an
+** [sqlite3_backup] object.
+** ^The [sqlite3_backup] object may be used with the sqlite3_backup_step() and
+** sqlite3_backup_finish() functions to perform the specified backup
+** operation.
+**
+** [[sqlite3_backup_step()]] <b>sqlite3_backup_step()</b>
+**
+** ^Function sqlite3_backup_step(B,N) will copy up to N pages between
+** the source and destination databases specified by [sqlite3_backup] object B.
+** ^If N is negative, all remaining source pages are copied.
+** ^If sqlite3_backup_step(B,N) successfully copies N pages and there
+** are still more pages to be copied, then the function returns [SQLITE_OK].
+** ^If sqlite3_backup_step(B,N) successfully finishes copying all pages
+** from source to destination, then it returns [SQLITE_DONE].
+** ^If an error occurs while running sqlite3_backup_step(B,N),
+** then an [error code] is returned. ^As well as [SQLITE_OK] and
+** [SQLITE_DONE], a call to sqlite3_backup_step() may return [SQLITE_READONLY],
+** [SQLITE_NOMEM], [SQLITE_BUSY], [SQLITE_LOCKED], or an
+** [SQLITE_IOERR_ACCESS | SQLITE_IOERR_XXX] extended error code.
+**
+** ^(The sqlite3_backup_step() might return [SQLITE_READONLY] if
+** <ol>
+** <li> the destination database was opened read-only, or
+** <li> the destination database is using write-ahead-log journaling
+** and the destination and source page sizes differ, or
+** <li> the destination database is an in-memory database and the
+** destination and source page sizes differ.
+** </ol>)^
+**
+** ^If sqlite3_backup_step() cannot obtain a required file-system lock, then
+** the [sqlite3_busy_handler | busy-handler function]
+** is invoked (if one is specified). ^If the
+** busy-handler returns non-zero before the lock is available, then
+** [SQLITE_BUSY] is returned to the caller. ^In this case the call to
+** sqlite3_backup_step() can be retried later. ^If the source
+** [database connection]
+** is being used to write to the source database when sqlite3_backup_step()
+** is called, then [SQLITE_LOCKED] is returned immediately. ^Again, in this
+** case the call to sqlite3_backup_step() can be retried later on. ^(If
+** [SQLITE_IOERR_ACCESS | SQLITE_IOERR_XXX], [SQLITE_NOMEM], or
+** [SQLITE_READONLY] is returned, then
+** there is no point in retrying the call to sqlite3_backup_step(). These
+** errors are considered fatal.)^ The application must accept
+** that the backup operation has failed and pass the backup operation handle
+** to the sqlite3_backup_finish() to release associated resources.
+**
+** ^The first call to sqlite3_backup_step() obtains an exclusive lock
+** on the destination file. ^The exclusive lock is not released until either
+** sqlite3_backup_finish() is called or the backup operation is complete
+** and sqlite3_backup_step() returns [SQLITE_DONE]. ^Every call to
+** sqlite3_backup_step() obtains a [shared lock] on the source database that
+** lasts for the duration of the sqlite3_backup_step() call.
+** ^Because the source database is not locked between calls to
+** sqlite3_backup_step(), the source database may be modified mid-way
+** through the backup process. ^If the source database is modified by an
+** external process or via a database connection other than the one being
+** used by the backup operation, then the backup will be automatically
+** restarted by the next call to sqlite3_backup_step(). ^If the source
+** database is modified by the using the same database connection as is used
+** by the backup operation, then the backup database is automatically
+** updated at the same time.
+**
+** [[sqlite3_backup_finish()]] <b>sqlite3_backup_finish()</b>
+**
+** When sqlite3_backup_step() has returned [SQLITE_DONE], or when the
+** application wishes to abandon the backup operation, the application
+** should destroy the [sqlite3_backup] by passing it to sqlite3_backup_finish().
+** ^The sqlite3_backup_finish() interfaces releases all
+** resources associated with the [sqlite3_backup] object.
+** ^If sqlite3_backup_step() has not yet returned [SQLITE_DONE], then any
+** active write-transaction on the destination database is rolled back.
+** The [sqlite3_backup] object is invalid
+** and may not be used following a call to sqlite3_backup_finish().
+**
+** ^The value returned by sqlite3_backup_finish is [SQLITE_OK] if no
+** sqlite3_backup_step() errors occurred, regardless or whether or not
+** sqlite3_backup_step() completed.
+** ^If an out-of-memory condition or IO error occurred during any prior
+** sqlite3_backup_step() call on the same [sqlite3_backup] object, then
+** sqlite3_backup_finish() returns the corresponding [error code].
+**
+** ^A return of [SQLITE_BUSY] or [SQLITE_LOCKED] from sqlite3_backup_step()
+** is not a permanent error and does not affect the return value of
+** sqlite3_backup_finish().
+**
+** [[sqlite3_backup_remaining()]] [[sqlite3_backup_pagecount()]]
+** <b>sqlite3_backup_remaining() and sqlite3_backup_pagecount()</b>
+**
+** ^The sqlite3_backup_remaining() routine returns the number of pages still
+** to be backed up at the conclusion of the most recent sqlite3_backup_step().
+** ^The sqlite3_backup_pagecount() routine returns the total number of pages
+** in the source database at the conclusion of the most recent
+** sqlite3_backup_step().
+** ^(The values returned by these functions are only updated by
+** sqlite3_backup_step(). If the source database is modified in a way that
+** changes the size of the source database or the number of pages remaining,
+** those changes are not reflected in the output of sqlite3_backup_pagecount()
+** and sqlite3_backup_remaining() until after the next
+** sqlite3_backup_step().)^
+**
+** <b>Concurrent Usage of Database Handles</b>
+**
+** ^The source [database connection] may be used by the application for other
+** purposes while a backup operation is underway or being initialized.
+** ^If SQLite is compiled and configured to support threadsafe database
+** connections, then the source database connection may be used concurrently
+** from within other threads.
+**
+** However, the application must guarantee that the destination
+** [database connection] is not passed to any other API (by any thread) after
+** sqlite3_backup_init() is called and before the corresponding call to
+** sqlite3_backup_finish(). SQLite does not currently check to see
+** if the application incorrectly accesses the destination [database connection]
+** and so no error code is reported, but the operations may malfunction
+** nevertheless. Use of the destination database connection while a
+** backup is in progress might also also cause a mutex deadlock.
+**
+** If running in [shared cache mode], the application must
+** guarantee that the shared cache used by the destination database
+** is not accessed while the backup is running. In practice this means
+** that the application must guarantee that the disk file being
+** backed up to is not accessed by any connection within the process,
+** not just the specific connection that was passed to sqlite3_backup_init().
+**
+** The [sqlite3_backup] object itself is partially threadsafe. Multiple
+** threads may safely make multiple concurrent calls to sqlite3_backup_step().
+** However, the sqlite3_backup_remaining() and sqlite3_backup_pagecount()
+** APIs are not strictly speaking threadsafe. If they are invoked at the
+** same time as another thread is invoking sqlite3_backup_step() it is
+** possible that they return invalid values.
+*/
+SQLITE_API sqlite3_backup *SQLITE_STDCALL sqlite3_backup_init(
+ sqlite3 *pDest, /* Destination database handle */
+ const char *zDestName, /* Destination database name */
+ sqlite3 *pSource, /* Source database handle */
+ const char *zSourceName /* Source database name */
+);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_step(sqlite3_backup *p, int nPage);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_finish(sqlite3_backup *p);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_remaining(sqlite3_backup *p);
+SQLITE_API int SQLITE_STDCALL sqlite3_backup_pagecount(sqlite3_backup *p);
+
+/*
+** CAPI3REF: Unlock Notification
+** METHOD: sqlite3
+**
+** ^When running in shared-cache mode, a database operation may fail with
+** an [SQLITE_LOCKED] error if the required locks on the shared-cache or
+** individual tables within the shared-cache cannot be obtained. See
+** [SQLite Shared-Cache Mode] for a description of shared-cache locking.
+** ^This API may be used to register a callback that SQLite will invoke
+** when the connection currently holding the required lock relinquishes it.
+** ^This API is only available if the library was compiled with the
+** [SQLITE_ENABLE_UNLOCK_NOTIFY] C-preprocessor symbol defined.
+**
+** See Also: [Using the SQLite Unlock Notification Feature].
+**
+** ^Shared-cache locks are released when a database connection concludes
+** its current transaction, either by committing it or rolling it back.
+**
+** ^When a connection (known as the blocked connection) fails to obtain a
+** shared-cache lock and SQLITE_LOCKED is returned to the caller, the
+** identity of the database connection (the blocking connection) that
+** has locked the required resource is stored internally. ^After an
+** application receives an SQLITE_LOCKED error, it may call the
+** sqlite3_unlock_notify() method with the blocked connection handle as
+** the first argument to register for a callback that will be invoked
+** when the blocking connections current transaction is concluded. ^The
+** callback is invoked from within the [sqlite3_step] or [sqlite3_close]
+** call that concludes the blocking connections transaction.
+**
+** ^(If sqlite3_unlock_notify() is called in a multi-threaded application,
+** there is a chance that the blocking connection will have already
+** concluded its transaction by the time sqlite3_unlock_notify() is invoked.
+** If this happens, then the specified callback is invoked immediately,
+** from within the call to sqlite3_unlock_notify().)^
+**
+** ^If the blocked connection is attempting to obtain a write-lock on a
+** shared-cache table, and more than one other connection currently holds
+** a read-lock on the same table, then SQLite arbitrarily selects one of
+** the other connections to use as the blocking connection.
+**
+** ^(There may be at most one unlock-notify callback registered by a
+** blocked connection. If sqlite3_unlock_notify() is called when the
+** blocked connection already has a registered unlock-notify callback,
+** then the new callback replaces the old.)^ ^If sqlite3_unlock_notify() is
+** called with a NULL pointer as its second argument, then any existing
+** unlock-notify callback is canceled. ^The blocked connections
+** unlock-notify callback may also be canceled by closing the blocked
+** connection using [sqlite3_close()].
+**
+** The unlock-notify callback is not reentrant. If an application invokes
+** any sqlite3_xxx API functions from within an unlock-notify callback, a
+** crash or deadlock may be the result.
+**
+** ^Unless deadlock is detected (see below), sqlite3_unlock_notify() always
+** returns SQLITE_OK.
+**
+** <b>Callback Invocation Details</b>
+**
+** When an unlock-notify callback is registered, the application provides a
+** single void* pointer that is passed to the callback when it is invoked.
+** However, the signature of the callback function allows SQLite to pass
+** it an array of void* context pointers. The first argument passed to
+** an unlock-notify callback is a pointer to an array of void* pointers,
+** and the second is the number of entries in the array.
+**
+** When a blocking connections transaction is concluded, there may be
+** more than one blocked connection that has registered for an unlock-notify
+** callback. ^If two or more such blocked connections have specified the
+** same callback function, then instead of invoking the callback function
+** multiple times, it is invoked once with the set of void* context pointers
+** specified by the blocked connections bundled together into an array.
+** This gives the application an opportunity to prioritize any actions
+** related to the set of unblocked database connections.
+**
+** <b>Deadlock Detection</b>
+**
+** Assuming that after registering for an unlock-notify callback a
+** database waits for the callback to be issued before taking any further
+** action (a reasonable assumption), then using this API may cause the
+** application to deadlock. For example, if connection X is waiting for
+** connection Y's transaction to be concluded, and similarly connection
+** Y is waiting on connection X's transaction, then neither connection
+** will proceed and the system may remain deadlocked indefinitely.
+**
+** To avoid this scenario, the sqlite3_unlock_notify() performs deadlock
+** detection. ^If a given call to sqlite3_unlock_notify() would put the
+** system in a deadlocked state, then SQLITE_LOCKED is returned and no
+** unlock-notify callback is registered. The system is said to be in
+** a deadlocked state if connection A has registered for an unlock-notify
+** callback on the conclusion of connection B's transaction, and connection
+** B has itself registered for an unlock-notify callback when connection
+** A's transaction is concluded. ^Indirect deadlock is also detected, so
+** the system is also considered to be deadlocked if connection B has
+** registered for an unlock-notify callback on the conclusion of connection
+** C's transaction, where connection C is waiting on connection A. ^Any
+** number of levels of indirection are allowed.
+**
+** <b>The "DROP TABLE" Exception</b>
+**
+** When a call to [sqlite3_step()] returns SQLITE_LOCKED, it is almost
+** always appropriate to call sqlite3_unlock_notify(). There is however,
+** one exception. When executing a "DROP TABLE" or "DROP INDEX" statement,
+** SQLite checks if there are any currently executing SELECT statements
+** that belong to the same connection. If there are, SQLITE_LOCKED is
+** returned. In this case there is no "blocking connection", so invoking
+** sqlite3_unlock_notify() results in the unlock-notify callback being
+** invoked immediately. If the application then re-attempts the "DROP TABLE"
+** or "DROP INDEX" query, an infinite loop might be the result.
+**
+** One way around this problem is to check the extended error code returned
+** by an sqlite3_step() call. ^(If there is a blocking connection, then the
+** extended error code is set to SQLITE_LOCKED_SHAREDCACHE. Otherwise, in
+** the special "DROP TABLE/INDEX" case, the extended error code is just
+** SQLITE_LOCKED.)^
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_unlock_notify(
+ sqlite3 *pBlocked, /* Waiting connection */
+ void (*xNotify)(void **apArg, int nArg), /* Callback function to invoke */
+ void *pNotifyArg /* Argument to pass to xNotify */
+);
+
+
+/*
+** CAPI3REF: String Comparison
+**
+** ^The [sqlite3_stricmp()] and [sqlite3_strnicmp()] APIs allow applications
+** and extensions to compare the contents of two buffers containing UTF-8
+** strings in a case-independent fashion, using the same definition of "case
+** independence" that SQLite uses internally when comparing identifiers.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stricmp(const char *, const char *);
+SQLITE_API int SQLITE_STDCALL sqlite3_strnicmp(const char *, const char *, int);
+
+/*
+** CAPI3REF: String Globbing
+*
+** ^The [sqlite3_strglob(P,X)] interface returns zero if and only if
+** string X matches the [GLOB] pattern P.
+** ^The definition of [GLOB] pattern matching used in
+** [sqlite3_strglob(P,X)] is the same as for the "X GLOB P" operator in the
+** SQL dialect understood by SQLite. ^The [sqlite3_strglob(P,X)] function
+** is case sensitive.
+**
+** Note that this routine returns zero on a match and non-zero if the strings
+** do not match, the same as [sqlite3_stricmp()] and [sqlite3_strnicmp()].
+**
+** See also: [sqlite3_strlike()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_strglob(const char *zGlob, const char *zStr);
+
+/*
+** CAPI3REF: String LIKE Matching
+*
+** ^The [sqlite3_strlike(P,X,E)] interface returns zero if and only if
+** string X matches the [LIKE] pattern P with escape character E.
+** ^The definition of [LIKE] pattern matching used in
+** [sqlite3_strlike(P,X,E)] is the same as for the "X LIKE P ESCAPE E"
+** operator in the SQL dialect understood by SQLite. ^For "X LIKE P" without
+** the ESCAPE clause, set the E parameter of [sqlite3_strlike(P,X,E)] to 0.
+** ^As with the LIKE operator, the [sqlite3_strlike(P,X,E)] function is case
+** insensitive - equivalent upper and lower case ASCII characters match
+** one another.
+**
+** ^The [sqlite3_strlike(P,X,E)] function matches Unicode characters, though
+** only ASCII characters are case folded.
+**
+** Note that this routine returns zero on a match and non-zero if the strings
+** do not match, the same as [sqlite3_stricmp()] and [sqlite3_strnicmp()].
+**
+** See also: [sqlite3_strglob()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_strlike(const char *zGlob, const char *zStr, unsigned int cEsc);
+
+/*
+** CAPI3REF: Error Logging Interface
+**
+** ^The [sqlite3_log()] interface writes a message into the [error log]
+** established by the [SQLITE_CONFIG_LOG] option to [sqlite3_config()].
+** ^If logging is enabled, the zFormat string and subsequent arguments are
+** used with [sqlite3_snprintf()] to generate the final output string.
+**
+** The sqlite3_log() interface is intended for use by extensions such as
+** virtual tables, collating functions, and SQL functions. While there is
+** nothing to prevent an application from calling sqlite3_log(), doing so
+** is considered bad form.
+**
+** The zFormat string must not be NULL.
+**
+** To avoid deadlocks and other threading problems, the sqlite3_log() routine
+** will not use dynamically allocated memory. The log message is stored in
+** a fixed-length buffer on the stack. If the log message is longer than
+** a few hundred characters, it will be truncated to the length of the
+** buffer.
+*/
+SQLITE_API void SQLITE_CDECL sqlite3_log(int iErrCode, const char *zFormat, ...);
+
+/*
+** CAPI3REF: Write-Ahead Log Commit Hook
+** METHOD: sqlite3
+**
+** ^The [sqlite3_wal_hook()] function is used to register a callback that
+** is invoked each time data is committed to a database in wal mode.
+**
+** ^(The callback is invoked by SQLite after the commit has taken place and
+** the associated write-lock on the database released)^, so the implementation
+** may read, write or [checkpoint] the database as required.
+**
+** ^The first parameter passed to the callback function when it is invoked
+** is a copy of the third parameter passed to sqlite3_wal_hook() when
+** registering the callback. ^The second is a copy of the database handle.
+** ^The third parameter is the name of the database that was written to -
+** either "main" or the name of an [ATTACH]-ed database. ^The fourth parameter
+** is the number of pages currently in the write-ahead log file,
+** including those that were just committed.
+**
+** The callback function should normally return [SQLITE_OK]. ^If an error
+** code is returned, that error will propagate back up through the
+** SQLite code base to cause the statement that provoked the callback
+** to report an error, though the commit will have still occurred. If the
+** callback returns [SQLITE_ROW] or [SQLITE_DONE], or if it returns a value
+** that does not correspond to any valid SQLite error code, the results
+** are undefined.
+**
+** A single database handle may have at most a single write-ahead log callback
+** registered at one time. ^Calling [sqlite3_wal_hook()] replaces any
+** previously registered write-ahead log callback. ^Note that the
+** [sqlite3_wal_autocheckpoint()] interface and the
+** [wal_autocheckpoint pragma] both invoke [sqlite3_wal_hook()] and will
+** those overwrite any prior [sqlite3_wal_hook()] settings.
+*/
+SQLITE_API void *SQLITE_STDCALL sqlite3_wal_hook(
+ sqlite3*,
+ int(*)(void *,sqlite3*,const char*,int),
+ void*
+);
+
+/*
+** CAPI3REF: Configure an auto-checkpoint
+** METHOD: sqlite3
+**
+** ^The [sqlite3_wal_autocheckpoint(D,N)] is a wrapper around
+** [sqlite3_wal_hook()] that causes any database on [database connection] D
+** to automatically [checkpoint]
+** after committing a transaction if there are N or
+** more frames in the [write-ahead log] file. ^Passing zero or
+** a negative value as the nFrame parameter disables automatic
+** checkpoints entirely.
+**
+** ^The callback registered by this function replaces any existing callback
+** registered using [sqlite3_wal_hook()]. ^Likewise, registering a callback
+** using [sqlite3_wal_hook()] disables the automatic checkpoint mechanism
+** configured by this function.
+**
+** ^The [wal_autocheckpoint pragma] can be used to invoke this interface
+** from SQL.
+**
+** ^Checkpoints initiated by this mechanism are
+** [sqlite3_wal_checkpoint_v2|PASSIVE].
+**
+** ^Every new [database connection] defaults to having the auto-checkpoint
+** enabled with a threshold of 1000 or [SQLITE_DEFAULT_WAL_AUTOCHECKPOINT]
+** pages. The use of this interface
+** is only necessary if the default setting is found to be suboptimal
+** for a particular application.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_autocheckpoint(sqlite3 *db, int N);
+
+/*
+** CAPI3REF: Checkpoint a database
+** METHOD: sqlite3
+**
+** ^(The sqlite3_wal_checkpoint(D,X) is equivalent to
+** [sqlite3_wal_checkpoint_v2](D,X,[SQLITE_CHECKPOINT_PASSIVE],0,0).)^
+**
+** In brief, sqlite3_wal_checkpoint(D,X) causes the content in the
+** [write-ahead log] for database X on [database connection] D to be
+** transferred into the database file and for the write-ahead log to
+** be reset. See the [checkpointing] documentation for addition
+** information.
+**
+** This interface used to be the only way to cause a checkpoint to
+** occur. But then the newer and more powerful [sqlite3_wal_checkpoint_v2()]
+** interface was added. This interface is retained for backwards
+** compatibility and as a convenience for applications that need to manually
+** start a callback but which do not need the full power (and corresponding
+** complication) of [sqlite3_wal_checkpoint_v2()].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_checkpoint(sqlite3 *db, const char *zDb);
+
+/*
+** CAPI3REF: Checkpoint a database
+** METHOD: sqlite3
+**
+** ^(The sqlite3_wal_checkpoint_v2(D,X,M,L,C) interface runs a checkpoint
+** operation on database X of [database connection] D in mode M. Status
+** information is written back into integers pointed to by L and C.)^
+** ^(The M parameter must be a valid [checkpoint mode]:)^
+**
+** <dl>
+** <dt>SQLITE_CHECKPOINT_PASSIVE<dd>
+** ^Checkpoint as many frames as possible without waiting for any database
+** readers or writers to finish, then sync the database file if all frames
+** in the log were checkpointed. ^The [busy-handler callback]
+** is never invoked in the SQLITE_CHECKPOINT_PASSIVE mode.
+** ^On the other hand, passive mode might leave the checkpoint unfinished
+** if there are concurrent readers or writers.
+**
+** <dt>SQLITE_CHECKPOINT_FULL<dd>
+** ^This mode blocks (it invokes the
+** [sqlite3_busy_handler|busy-handler callback]) until there is no
+** database writer and all readers are reading from the most recent database
+** snapshot. ^It then checkpoints all frames in the log file and syncs the
+** database file. ^This mode blocks new database writers while it is pending,
+** but new database readers are allowed to continue unimpeded.
+**
+** <dt>SQLITE_CHECKPOINT_RESTART<dd>
+** ^This mode works the same way as SQLITE_CHECKPOINT_FULL with the addition
+** that after checkpointing the log file it blocks (calls the
+** [busy-handler callback])
+** until all readers are reading from the database file only. ^This ensures
+** that the next writer will restart the log file from the beginning.
+** ^Like SQLITE_CHECKPOINT_FULL, this mode blocks new
+** database writer attempts while it is pending, but does not impede readers.
+**
+** <dt>SQLITE_CHECKPOINT_TRUNCATE<dd>
+** ^This mode works the same way as SQLITE_CHECKPOINT_RESTART with the
+** addition that it also truncates the log file to zero bytes just prior
+** to a successful return.
+** </dl>
+**
+** ^If pnLog is not NULL, then *pnLog is set to the total number of frames in
+** the log file or to -1 if the checkpoint could not run because
+** of an error or because the database is not in [WAL mode]. ^If pnCkpt is not
+** NULL,then *pnCkpt is set to the total number of checkpointed frames in the
+** log file (including any that were already checkpointed before the function
+** was called) or to -1 if the checkpoint could not run due to an error or
+** because the database is not in WAL mode. ^Note that upon successful
+** completion of an SQLITE_CHECKPOINT_TRUNCATE, the log file will have been
+** truncated to zero bytes and so both *pnLog and *pnCkpt will be set to zero.
+**
+** ^All calls obtain an exclusive "checkpoint" lock on the database file. ^If
+** any other process is running a checkpoint operation at the same time, the
+** lock cannot be obtained and SQLITE_BUSY is returned. ^Even if there is a
+** busy-handler configured, it will not be invoked in this case.
+**
+** ^The SQLITE_CHECKPOINT_FULL, RESTART and TRUNCATE modes also obtain the
+** exclusive "writer" lock on the database file. ^If the writer lock cannot be
+** obtained immediately, and a busy-handler is configured, it is invoked and
+** the writer lock retried until either the busy-handler returns 0 or the lock
+** is successfully obtained. ^The busy-handler is also invoked while waiting for
+** database readers as described above. ^If the busy-handler returns 0 before
+** the writer lock is obtained or while waiting for database readers, the
+** checkpoint operation proceeds from that point in the same way as
+** SQLITE_CHECKPOINT_PASSIVE - checkpointing as many frames as possible
+** without blocking any further. ^SQLITE_BUSY is returned in this case.
+**
+** ^If parameter zDb is NULL or points to a zero length string, then the
+** specified operation is attempted on all WAL databases [attached] to
+** [database connection] db. In this case the
+** values written to output parameters *pnLog and *pnCkpt are undefined. ^If
+** an SQLITE_BUSY error is encountered when processing one or more of the
+** attached WAL databases, the operation is still attempted on any remaining
+** attached databases and SQLITE_BUSY is returned at the end. ^If any other
+** error occurs while processing an attached database, processing is abandoned
+** and the error code is returned to the caller immediately. ^If no error
+** (SQLITE_BUSY or otherwise) is encountered while processing the attached
+** databases, SQLITE_OK is returned.
+**
+** ^If database zDb is the name of an attached database that is not in WAL
+** mode, SQLITE_OK is returned and both *pnLog and *pnCkpt set to -1. ^If
+** zDb is not NULL (or a zero length string) and is not the name of any
+** attached database, SQLITE_ERROR is returned to the caller.
+**
+** ^Unless it returns SQLITE_MISUSE,
+** the sqlite3_wal_checkpoint_v2() interface
+** sets the error information that is queried by
+** [sqlite3_errcode()] and [sqlite3_errmsg()].
+**
+** ^The [PRAGMA wal_checkpoint] command can be used to invoke this interface
+** from SQL.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_wal_checkpoint_v2(
+ sqlite3 *db, /* Database handle */
+ const char *zDb, /* Name of attached database (or NULL) */
+ int eMode, /* SQLITE_CHECKPOINT_* value */
+ int *pnLog, /* OUT: Size of WAL log in frames */
+ int *pnCkpt /* OUT: Total number of frames checkpointed */
+);
+
+/*
+** CAPI3REF: Checkpoint Mode Values
+** KEYWORDS: {checkpoint mode}
+**
+** These constants define all valid values for the "checkpoint mode" passed
+** as the third parameter to the [sqlite3_wal_checkpoint_v2()] interface.
+** See the [sqlite3_wal_checkpoint_v2()] documentation for details on the
+** meaning of each of these checkpoint modes.
+*/
+#define SQLITE_CHECKPOINT_PASSIVE 0 /* Do as much as possible w/o blocking */
+#define SQLITE_CHECKPOINT_FULL 1 /* Wait for writers, then checkpoint */
+#define SQLITE_CHECKPOINT_RESTART 2 /* Like FULL but wait for for readers */
+#define SQLITE_CHECKPOINT_TRUNCATE 3 /* Like RESTART but also truncate WAL */
+
+/*
+** CAPI3REF: Virtual Table Interface Configuration
+**
+** This function may be called by either the [xConnect] or [xCreate] method
+** of a [virtual table] implementation to configure
+** various facets of the virtual table interface.
+**
+** If this interface is invoked outside the context of an xConnect or
+** xCreate virtual table method then the behavior is undefined.
+**
+** At present, there is only one option that may be configured using
+** this function. (See [SQLITE_VTAB_CONSTRAINT_SUPPORT].) Further options
+** may be added in the future.
+*/
+SQLITE_API int SQLITE_CDECL sqlite3_vtab_config(sqlite3*, int op, ...);
+
+/*
+** CAPI3REF: Virtual Table Configuration Options
+**
+** These macros define the various options to the
+** [sqlite3_vtab_config()] interface that [virtual table] implementations
+** can use to customize and optimize their behavior.
+**
+** <dl>
+** <dt>SQLITE_VTAB_CONSTRAINT_SUPPORT
+** <dd>Calls of the form
+** [sqlite3_vtab_config](db,SQLITE_VTAB_CONSTRAINT_SUPPORT,X) are supported,
+** where X is an integer. If X is zero, then the [virtual table] whose
+** [xCreate] or [xConnect] method invoked [sqlite3_vtab_config()] does not
+** support constraints. In this configuration (which is the default) if
+** a call to the [xUpdate] method returns [SQLITE_CONSTRAINT], then the entire
+** statement is rolled back as if [ON CONFLICT | OR ABORT] had been
+** specified as part of the users SQL statement, regardless of the actual
+** ON CONFLICT mode specified.
+**
+** If X is non-zero, then the virtual table implementation guarantees
+** that if [xUpdate] returns [SQLITE_CONSTRAINT], it will do so before
+** any modifications to internal or persistent data structures have been made.
+** If the [ON CONFLICT] mode is ABORT, FAIL, IGNORE or ROLLBACK, SQLite
+** is able to roll back a statement or database transaction, and abandon
+** or continue processing the current SQL statement as appropriate.
+** If the ON CONFLICT mode is REPLACE and the [xUpdate] method returns
+** [SQLITE_CONSTRAINT], SQLite handles this as if the ON CONFLICT mode
+** had been ABORT.
+**
+** Virtual table implementations that are required to handle OR REPLACE
+** must do so within the [xUpdate] method. If a call to the
+** [sqlite3_vtab_on_conflict()] function indicates that the current ON
+** CONFLICT policy is REPLACE, the virtual table implementation should
+** silently replace the appropriate rows within the xUpdate callback and
+** return SQLITE_OK. Or, if this is not possible, it may return
+** SQLITE_CONSTRAINT, in which case SQLite falls back to OR ABORT
+** constraint handling.
+** </dl>
+*/
+#define SQLITE_VTAB_CONSTRAINT_SUPPORT 1
+
+/*
+** CAPI3REF: Determine The Virtual Table Conflict Policy
+**
+** This function may only be called from within a call to the [xUpdate] method
+** of a [virtual table] implementation for an INSERT or UPDATE operation. ^The
+** value returned is one of [SQLITE_ROLLBACK], [SQLITE_IGNORE], [SQLITE_FAIL],
+** [SQLITE_ABORT], or [SQLITE_REPLACE], according to the [ON CONFLICT] mode
+** of the SQL statement that triggered the call to the [xUpdate] method of the
+** [virtual table].
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_vtab_on_conflict(sqlite3 *);
+
+/*
+** CAPI3REF: Conflict resolution modes
+** KEYWORDS: {conflict resolution mode}
+**
+** These constants are returned by [sqlite3_vtab_on_conflict()] to
+** inform a [virtual table] implementation what the [ON CONFLICT] mode
+** is for the SQL statement being evaluated.
+**
+** Note that the [SQLITE_IGNORE] constant is also used as a potential
+** return value from the [sqlite3_set_authorizer()] callback and that
+** [SQLITE_ABORT] is also a [result code].
+*/
+#define SQLITE_ROLLBACK 1
+/* #define SQLITE_IGNORE 2 // Also used by sqlite3_authorizer() callback */
+#define SQLITE_FAIL 3
+/* #define SQLITE_ABORT 4 // Also an error code */
+#define SQLITE_REPLACE 5
+
+/*
+** CAPI3REF: Prepared Statement Scan Status Opcodes
+** KEYWORDS: {scanstatus options}
+**
+** The following constants can be used for the T parameter to the
+** [sqlite3_stmt_scanstatus(S,X,T,V)] interface. Each constant designates a
+** different metric for sqlite3_stmt_scanstatus() to return.
+**
+** When the value returned to V is a string, space to hold that string is
+** managed by the prepared statement S and will be automatically freed when
+** S is finalized.
+**
+** <dl>
+** [[SQLITE_SCANSTAT_NLOOP]] <dt>SQLITE_SCANSTAT_NLOOP</dt>
+** <dd>^The [sqlite3_int64] variable pointed to by the T parameter will be
+** set to the total number of times that the X-th loop has run.</dd>
+**
+** [[SQLITE_SCANSTAT_NVISIT]] <dt>SQLITE_SCANSTAT_NVISIT</dt>
+** <dd>^The [sqlite3_int64] variable pointed to by the T parameter will be set
+** to the total number of rows examined by all iterations of the X-th loop.</dd>
+**
+** [[SQLITE_SCANSTAT_EST]] <dt>SQLITE_SCANSTAT_EST</dt>
+** <dd>^The "double" variable pointed to by the T parameter will be set to the
+** query planner's estimate for the average number of rows output from each
+** iteration of the X-th loop. If the query planner's estimates was accurate,
+** then this value will approximate the quotient NVISIT/NLOOP and the
+** product of this value for all prior loops with the same SELECTID will
+** be the NLOOP value for the current loop.
+**
+** [[SQLITE_SCANSTAT_NAME]] <dt>SQLITE_SCANSTAT_NAME</dt>
+** <dd>^The "const char *" variable pointed to by the T parameter will be set
+** to a zero-terminated UTF-8 string containing the name of the index or table
+** used for the X-th loop.
+**
+** [[SQLITE_SCANSTAT_EXPLAIN]] <dt>SQLITE_SCANSTAT_EXPLAIN</dt>
+** <dd>^The "const char *" variable pointed to by the T parameter will be set
+** to a zero-terminated UTF-8 string containing the [EXPLAIN QUERY PLAN]
+** description for the X-th loop.
+**
+** [[SQLITE_SCANSTAT_SELECTID]] <dt>SQLITE_SCANSTAT_SELECT</dt>
+** <dd>^The "int" variable pointed to by the T parameter will be set to the
+** "select-id" for the X-th loop. The select-id identifies which query or
+** subquery the loop is part of. The main query has a select-id of zero.
+** The select-id is the same value as is output in the first column
+** of an [EXPLAIN QUERY PLAN] query.
+** </dl>
+*/
+#define SQLITE_SCANSTAT_NLOOP 0
+#define SQLITE_SCANSTAT_NVISIT 1
+#define SQLITE_SCANSTAT_EST 2
+#define SQLITE_SCANSTAT_NAME 3
+#define SQLITE_SCANSTAT_EXPLAIN 4
+#define SQLITE_SCANSTAT_SELECTID 5
+
+/*
+** CAPI3REF: Prepared Statement Scan Status
+** METHOD: sqlite3_stmt
+**
+** This interface returns information about the predicted and measured
+** performance for pStmt. Advanced applications can use this
+** interface to compare the predicted and the measured performance and
+** issue warnings and/or rerun [ANALYZE] if discrepancies are found.
+**
+** Since this interface is expected to be rarely used, it is only
+** available if SQLite is compiled using the [SQLITE_ENABLE_STMT_SCANSTATUS]
+** compile-time option.
+**
+** The "iScanStatusOp" parameter determines which status information to return.
+** The "iScanStatusOp" must be one of the [scanstatus options] or the behavior
+** of this interface is undefined.
+** ^The requested measurement is written into a variable pointed to by
+** the "pOut" parameter.
+** Parameter "idx" identifies the specific loop to retrieve statistics for.
+** Loops are numbered starting from zero. ^If idx is out of range - less than
+** zero or greater than or equal to the total number of loops used to implement
+** the statement - a non-zero value is returned and the variable that pOut
+** points to is unchanged.
+**
+** ^Statistics might not be available for all loops in all statements. ^In cases
+** where there exist loops with no available statistics, this function behaves
+** as if the loop did not exist - it returns non-zero and leave the variable
+** that pOut points to unchanged.
+**
+** See also: [sqlite3_stmt_scanstatus_reset()]
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_stmt_scanstatus(
+ sqlite3_stmt *pStmt, /* Prepared statement for which info desired */
+ int idx, /* Index of loop to report on */
+ int iScanStatusOp, /* Information desired. SQLITE_SCANSTAT_* */
+ void *pOut /* Result written here */
+);
+
+/*
+** CAPI3REF: Zero Scan-Status Counters
+** METHOD: sqlite3_stmt
+**
+** ^Zero all [sqlite3_stmt_scanstatus()] related event counters.
+**
+** This API is only available if the library is built with pre-processor
+** symbol [SQLITE_ENABLE_STMT_SCANSTATUS] defined.
+*/
+SQLITE_API void SQLITE_STDCALL sqlite3_stmt_scanstatus_reset(sqlite3_stmt*);
+
+/*
+** CAPI3REF: Flush caches to disk mid-transaction
+**
+** ^If a write-transaction is open on [database connection] D when the
+** [sqlite3_db_cacheflush(D)] interface invoked, any dirty
+** pages in the pager-cache that are not currently in use are written out
+** to disk. A dirty page may be in use if a database cursor created by an
+** active SQL statement is reading from it, or if it is page 1 of a database
+** file (page 1 is always "in use"). ^The [sqlite3_db_cacheflush(D)]
+** interface flushes caches for all schemas - "main", "temp", and
+** any [attached] databases.
+**
+** ^If this function needs to obtain extra database locks before dirty pages
+** can be flushed to disk, it does so. ^If those locks cannot be obtained
+** immediately and there is a busy-handler callback configured, it is invoked
+** in the usual manner. ^If the required lock still cannot be obtained, then
+** the database is skipped and an attempt made to flush any dirty pages
+** belonging to the next (if any) database. ^If any databases are skipped
+** because locks cannot be obtained, but no other error occurs, this
+** function returns SQLITE_BUSY.
+**
+** ^If any other error occurs while flushing dirty pages to disk (for
+** example an IO error or out-of-memory condition), then processing is
+** abandoned and an SQLite [error code] is returned to the caller immediately.
+**
+** ^Otherwise, if no error occurs, [sqlite3_db_cacheflush()] returns SQLITE_OK.
+**
+** ^This function does not set the database handle error code or message
+** returned by the [sqlite3_errcode()] and [sqlite3_errmsg()] functions.
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_db_cacheflush(sqlite3*);
+
+/*
+** CAPI3REF: Database Snapshot
+** KEYWORDS: {snapshot}
+** EXPERIMENTAL
+**
+** An instance of the snapshot object records the state of a [WAL mode]
+** database for some specific point in history.
+**
+** In [WAL mode], multiple [database connections] that are open on the
+** same database file can each be reading a different historical version
+** of the database file. When a [database connection] begins a read
+** transaction, that connection sees an unchanging copy of the database
+** as it existed for the point in time when the transaction first started.
+** Subsequent changes to the database from other connections are not seen
+** by the reader until a new read transaction is started.
+**
+** The sqlite3_snapshot object records state information about an historical
+** version of the database file so that it is possible to later open a new read
+** transaction that sees that historical version of the database rather than
+** the most recent version.
+**
+** The constructor for this object is [sqlite3_snapshot_get()]. The
+** [sqlite3_snapshot_open()] method causes a fresh read transaction to refer
+** to an historical snapshot (if possible). The destructor for
+** sqlite3_snapshot objects is [sqlite3_snapshot_free()].
+*/
+typedef struct sqlite3_snapshot sqlite3_snapshot;
+
+/*
+** CAPI3REF: Record A Database Snapshot
+** EXPERIMENTAL
+**
+** ^The [sqlite3_snapshot_get(D,S,P)] interface attempts to make a
+** new [sqlite3_snapshot] object that records the current state of
+** schema S in database connection D. ^On success, the
+** [sqlite3_snapshot_get(D,S,P)] interface writes a pointer to the newly
+** created [sqlite3_snapshot] object into *P and returns SQLITE_OK.
+** ^If schema S of [database connection] D is not a [WAL mode] database
+** that is in a read transaction, then [sqlite3_snapshot_get(D,S,P)]
+** leaves the *P value unchanged and returns an appropriate [error code].
+**
+** The [sqlite3_snapshot] object returned from a successful call to
+** [sqlite3_snapshot_get()] must be freed using [sqlite3_snapshot_free()]
+** to avoid a memory leak.
+**
+** The [sqlite3_snapshot_get()] interface is only available when the
+** SQLITE_ENABLE_SNAPSHOT compile-time option is used.
+*/
+SQLITE_API SQLITE_EXPERIMENTAL int SQLITE_STDCALL sqlite3_snapshot_get(
+ sqlite3 *db,
+ const char *zSchema,
+ sqlite3_snapshot **ppSnapshot
+);
+
+/*
+** CAPI3REF: Start a read transaction on an historical snapshot
+** EXPERIMENTAL
+**
+** ^The [sqlite3_snapshot_open(D,S,P)] interface attempts to move the
+** read transaction that is currently open on schema S of
+** [database connection] D so that it refers to historical [snapshot] P.
+** ^The [sqlite3_snapshot_open()] interface returns SQLITE_OK on success
+** or an appropriate [error code] if it fails.
+**
+** ^In order to succeed, a call to [sqlite3_snapshot_open(D,S,P)] must be
+** the first operation, apart from other sqlite3_snapshot_open() calls,
+** following the [BEGIN] that starts a new read transaction.
+** ^A [snapshot] will fail to open if it has been overwritten by a
+** [checkpoint].
+**
+** The [sqlite3_snapshot_open()] interface is only available when the
+** SQLITE_ENABLE_SNAPSHOT compile-time option is used.
+*/
+SQLITE_API SQLITE_EXPERIMENTAL int SQLITE_STDCALL sqlite3_snapshot_open(
+ sqlite3 *db,
+ const char *zSchema,
+ sqlite3_snapshot *pSnapshot
+);
+
+/*
+** CAPI3REF: Destroy a snapshot
+** EXPERIMENTAL
+**
+** ^The [sqlite3_snapshot_free(P)] interface destroys [sqlite3_snapshot] P.
+** The application must eventually free every [sqlite3_snapshot] object
+** using this routine to avoid a memory leak.
+**
+** The [sqlite3_snapshot_free()] interface is only available when the
+** SQLITE_ENABLE_SNAPSHOT compile-time option is used.
+*/
+SQLITE_API SQLITE_EXPERIMENTAL void SQLITE_STDCALL sqlite3_snapshot_free(sqlite3_snapshot*);
+
+/*
+** Undo the hack that converts floating point types to integer for
+** builds on processors without floating point support.
+*/
+#ifdef SQLITE_OMIT_FLOATING_POINT
+# undef double
+#endif
+
+#ifdef __cplusplus
+} /* End of the 'extern "C"' block */
+#endif
+#endif /* _SQLITE3_H_ */
+
+/*
+** 2010 August 30
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+*************************************************************************
+*/
+
+#ifndef _SQLITE3RTREE_H_
+#define _SQLITE3RTREE_H_
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct sqlite3_rtree_geometry sqlite3_rtree_geometry;
+typedef struct sqlite3_rtree_query_info sqlite3_rtree_query_info;
+
+/* The double-precision datatype used by RTree depends on the
+** SQLITE_RTREE_INT_ONLY compile-time option.
+*/
+#ifdef SQLITE_RTREE_INT_ONLY
+ typedef sqlite3_int64 sqlite3_rtree_dbl;
+#else
+ typedef double sqlite3_rtree_dbl;
+#endif
+
+/*
+** Register a geometry callback named zGeom that can be used as part of an
+** R-Tree geometry query as follows:
+**
+** SELECT ... FROM <rtree> WHERE <rtree col> MATCH $zGeom(... params ...)
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_geometry_callback(
+ sqlite3 *db,
+ const char *zGeom,
+ int (*xGeom)(sqlite3_rtree_geometry*, int, sqlite3_rtree_dbl*,int*),
+ void *pContext
+);
+
+
+/*
+** A pointer to a structure of the following type is passed as the first
+** argument to callbacks registered using rtree_geometry_callback().
+*/
+struct sqlite3_rtree_geometry {
+ void *pContext; /* Copy of pContext passed to s_r_g_c() */
+ int nParam; /* Size of array aParam[] */
+ sqlite3_rtree_dbl *aParam; /* Parameters passed to SQL geom function */
+ void *pUser; /* Callback implementation user data */
+ void (*xDelUser)(void *); /* Called by SQLite to clean up pUser */
+};
+
+/*
+** Register a 2nd-generation geometry callback named zScore that can be
+** used as part of an R-Tree geometry query as follows:
+**
+** SELECT ... FROM <rtree> WHERE <rtree col> MATCH $zQueryFunc(... params ...)
+*/
+SQLITE_API int SQLITE_STDCALL sqlite3_rtree_query_callback(
+ sqlite3 *db,
+ const char *zQueryFunc,
+ int (*xQueryFunc)(sqlite3_rtree_query_info*),
+ void *pContext,
+ void (*xDestructor)(void*)
+);
+
+
+/*
+** A pointer to a structure of the following type is passed as the
+** argument to scored geometry callback registered using
+** sqlite3_rtree_query_callback().
+**
+** Note that the first 5 fields of this structure are identical to
+** sqlite3_rtree_geometry. This structure is a subclass of
+** sqlite3_rtree_geometry.
+*/
+struct sqlite3_rtree_query_info {
+ void *pContext; /* pContext from when function registered */
+ int nParam; /* Number of function parameters */
+ sqlite3_rtree_dbl *aParam; /* value of function parameters */
+ void *pUser; /* callback can use this, if desired */
+ void (*xDelUser)(void*); /* function to free pUser */
+ sqlite3_rtree_dbl *aCoord; /* Coordinates of node or entry to check */
+ unsigned int *anQueue; /* Number of pending entries in the queue */
+ int nCoord; /* Number of coordinates */
+ int iLevel; /* Level of current node or entry */
+ int mxLevel; /* The largest iLevel value in the tree */
+ sqlite3_int64 iRowid; /* Rowid for current entry */
+ sqlite3_rtree_dbl rParentScore; /* Score of parent node */
+ int eParentWithin; /* Visibility of parent node */
+ int eWithin; /* OUT: Visiblity */
+ sqlite3_rtree_dbl rScore; /* OUT: Write the score here */
+ /* The following fields are only available in 3.8.11 and later */
+ sqlite3_value **apSqlParam; /* Original SQL values of parameters */
+};
+
+/*
+** Allowed values for sqlite3_rtree_query.eWithin and .eParentWithin.
+*/
+#define NOT_WITHIN 0 /* Object completely outside of query region */
+#define PARTLY_WITHIN 1 /* Object partially overlaps query region */
+#define FULLY_WITHIN 2 /* Object fully contained within query region */
+
+
+#ifdef __cplusplus
+} /* end of the 'extern "C"' block */
+#endif
+
+#endif /* ifndef _SQLITE3RTREE_H_ */
+
+/*
+** 2014 May 31
+**
+** The author disclaims copyright to this source code. In place of
+** a legal notice, here is a blessing:
+**
+** May you do good and not evil.
+** May you find forgiveness for yourself and forgive others.
+** May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** Interfaces to extend FTS5. Using the interfaces defined in this file,
+** FTS5 may be extended with:
+**
+** * custom tokenizers, and
+** * custom auxiliary functions.
+*/
+
+
+#ifndef _FTS5_H
+#define _FTS5_H
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*************************************************************************
+** CUSTOM AUXILIARY FUNCTIONS
+**
+** Virtual table implementations may overload SQL functions by implementing
+** the sqlite3_module.xFindFunction() method.
+*/
+
+typedef struct Fts5ExtensionApi Fts5ExtensionApi;
+typedef struct Fts5Context Fts5Context;
+typedef struct Fts5PhraseIter Fts5PhraseIter;
+
+typedef void (*fts5_extension_function)(
+ const Fts5ExtensionApi *pApi, /* API offered by current FTS version */
+ Fts5Context *pFts, /* First arg to pass to pApi functions */
+ sqlite3_context *pCtx, /* Context for returning result/error */
+ int nVal, /* Number of values in apVal[] array */
+ sqlite3_value **apVal /* Array of trailing arguments */
+);
+
+struct Fts5PhraseIter {
+ const unsigned char *a;
+ const unsigned char *b;
+};
+
+/*
+** EXTENSION API FUNCTIONS
+**
+** xUserData(pFts):
+** Return a copy of the context pointer the extension function was
+** registered with.
+**
+** xColumnTotalSize(pFts, iCol, pnToken):
+** If parameter iCol is less than zero, set output variable *pnToken
+** to the total number of tokens in the FTS5 table. Or, if iCol is
+** non-negative but less than the number of columns in the table, return
+** the total number of tokens in column iCol, considering all rows in
+** the FTS5 table.
+**
+** If parameter iCol is greater than or equal to the number of columns
+** in the table, SQLITE_RANGE is returned. Or, if an error occurs (e.g.
+** an OOM condition or IO error), an appropriate SQLite error code is
+** returned.
+**
+** xColumnCount(pFts):
+** Return the number of columns in the table.
+**
+** xColumnSize(pFts, iCol, pnToken):
+** If parameter iCol is less than zero, set output variable *pnToken
+** to the total number of tokens in the current row. Or, if iCol is
+** non-negative but less than the number of columns in the table, set
+** *pnToken to the number of tokens in column iCol of the current row.
+**
+** If parameter iCol is greater than or equal to the number of columns
+** in the table, SQLITE_RANGE is returned. Or, if an error occurs (e.g.
+** an OOM condition or IO error), an appropriate SQLite error code is
+** returned.
+**
+** xColumnText:
+** This function attempts to retrieve the text of column iCol of the
+** current document. If successful, (*pz) is set to point to a buffer
+** containing the text in utf-8 encoding, (*pn) is set to the size in bytes
+** (not characters) of the buffer and SQLITE_OK is returned. Otherwise,
+** if an error occurs, an SQLite error code is returned and the final values
+** of (*pz) and (*pn) are undefined.
+**
+** xPhraseCount:
+** Returns the number of phrases in the current query expression.
+**
+** xPhraseSize:
+** Returns the number of tokens in phrase iPhrase of the query. Phrases
+** are numbered starting from zero.
+**
+** xInstCount:
+** Set *pnInst to the total number of occurrences of all phrases within
+** the query within the current row. Return SQLITE_OK if successful, or
+** an error code (i.e. SQLITE_NOMEM) if an error occurs.
+**
+** xInst:
+** Query for the details of phrase match iIdx within the current row.
+** Phrase matches are numbered starting from zero, so the iIdx argument
+** should be greater than or equal to zero and smaller than the value
+** output by xInstCount().
+**
+** Returns SQLITE_OK if successful, or an error code (i.e. SQLITE_NOMEM)
+** if an error occurs.
+**
+** xRowid:
+** Returns the rowid of the current row.
+**
+** xTokenize:
+** Tokenize text using the tokenizer belonging to the FTS5 table.
+**
+** xQueryPhrase(pFts5, iPhrase, pUserData, xCallback):
+** This API function is used to query the FTS table for phrase iPhrase
+** of the current query. Specifically, a query equivalent to:
+**
+** ... FROM ftstable WHERE ftstable MATCH $p ORDER BY rowid
+**
+** with $p set to a phrase equivalent to the phrase iPhrase of the
+** current query is executed. For each row visited, the callback function
+** passed as the fourth argument is invoked. The context and API objects
+** passed to the callback function may be used to access the properties of
+** each matched row. Invoking Api.xUserData() returns a copy of the pointer
+** passed as the third argument to pUserData.
+**
+** If the callback function returns any value other than SQLITE_OK, the
+** query is abandoned and the xQueryPhrase function returns immediately.
+** If the returned value is SQLITE_DONE, xQueryPhrase returns SQLITE_OK.
+** Otherwise, the error code is propagated upwards.
+**
+** If the query runs to completion without incident, SQLITE_OK is returned.
+** Or, if some error occurs before the query completes or is aborted by
+** the callback, an SQLite error code is returned.
+**
+**
+** xSetAuxdata(pFts5, pAux, xDelete)
+**
+** Save the pointer passed as the second argument as the extension functions
+** "auxiliary data". The pointer may then be retrieved by the current or any
+** future invocation of the same fts5 extension function made as part of
+** of the same MATCH query using the xGetAuxdata() API.
+**
+** Each extension function is allocated a single auxiliary data slot for
+** each FTS query (MATCH expression). If the extension function is invoked
+** more than once for a single FTS query, then all invocations share a
+** single auxiliary data context.
+**
+** If there is already an auxiliary data pointer when this function is
+** invoked, then it is replaced by the new pointer. If an xDelete callback
+** was specified along with the original pointer, it is invoked at this
+** point.
+**
+** The xDelete callback, if one is specified, is also invoked on the
+** auxiliary data pointer after the FTS5 query has finished.
+**
+** If an error (e.g. an OOM condition) occurs within this function, an
+** the auxiliary data is set to NULL and an error code returned. If the
+** xDelete parameter was not NULL, it is invoked on the auxiliary data
+** pointer before returning.
+**
+**
+** xGetAuxdata(pFts5, bClear)
+**
+** Returns the current auxiliary data pointer for the fts5 extension
+** function. See the xSetAuxdata() method for details.
+**
+** If the bClear argument is non-zero, then the auxiliary data is cleared
+** (set to NULL) before this function returns. In this case the xDelete,
+** if any, is not invoked.
+**
+**
+** xRowCount(pFts5, pnRow)
+**
+** This function is used to retrieve the total number of rows in the table.
+** In other words, the same value that would be returned by:
+**
+** SELECT count(*) FROM ftstable;
+**
+** xPhraseFirst()
+** This function is used, along with type Fts5PhraseIter and the xPhraseNext
+** method, to iterate through all instances of a single query phrase within
+** the current row. This is the same information as is accessible via the
+** xInstCount/xInst APIs. While the xInstCount/xInst APIs are more convenient
+** to use, this API may be faster under some circumstances. To iterate
+** through instances of phrase iPhrase, use the following code:
+**
+** Fts5PhraseIter iter;
+** int iCol, iOff;
+** for(pApi->xPhraseFirst(pFts, iPhrase, &iter, &iCol, &iOff);
+** iOff>=0;
+** pApi->xPhraseNext(pFts, &iter, &iCol, &iOff)
+** ){
+** // An instance of phrase iPhrase at offset iOff of column iCol
+** }
+**
+** The Fts5PhraseIter structure is defined above. Applications should not
+** modify this structure directly - it should only be used as shown above
+** with the xPhraseFirst() and xPhraseNext() API methods.
+**
+** xPhraseNext()
+** See xPhraseFirst above.
+*/
+struct Fts5ExtensionApi {
+ int iVersion; /* Currently always set to 1 */
+
+ void *(*xUserData)(Fts5Context*);
+
+ int (*xColumnCount)(Fts5Context*);
+ int (*xRowCount)(Fts5Context*, sqlite3_int64 *pnRow);
+ int (*xColumnTotalSize)(Fts5Context*, int iCol, sqlite3_int64 *pnToken);
+
+ int (*xTokenize)(Fts5Context*,
+ const char *pText, int nText, /* Text to tokenize */
+ void *pCtx, /* Context passed to xToken() */
+ int (*xToken)(void*, int, const char*, int, int, int) /* Callback */
+ );
+
+ int (*xPhraseCount)(Fts5Context*);
+ int (*xPhraseSize)(Fts5Context*, int iPhrase);
+
+ int (*xInstCount)(Fts5Context*, int *pnInst);
+ int (*xInst)(Fts5Context*, int iIdx, int *piPhrase, int *piCol, int *piOff);
+
+ sqlite3_int64 (*xRowid)(Fts5Context*);
+ int (*xColumnText)(Fts5Context*, int iCol, const char **pz, int *pn);
+ int (*xColumnSize)(Fts5Context*, int iCol, int *pnToken);
+
+ int (*xQueryPhrase)(Fts5Context*, int iPhrase, void *pUserData,
+ int(*)(const Fts5ExtensionApi*,Fts5Context*,void*)
+ );
+ int (*xSetAuxdata)(Fts5Context*, void *pAux, void(*xDelete)(void*));
+ void *(*xGetAuxdata)(Fts5Context*, int bClear);
+
+ void (*xPhraseFirst)(Fts5Context*, int iPhrase, Fts5PhraseIter*, int*, int*);
+ void (*xPhraseNext)(Fts5Context*, Fts5PhraseIter*, int *piCol, int *piOff);
+};
+
+/*
+** CUSTOM AUXILIARY FUNCTIONS
+*************************************************************************/
+
+/*************************************************************************
+** CUSTOM TOKENIZERS
+**
+** Applications may also register custom tokenizer types. A tokenizer
+** is registered by providing fts5 with a populated instance of the
+** following structure. All structure methods must be defined, setting
+** any member of the fts5_tokenizer struct to NULL leads to undefined
+** behaviour. The structure methods are expected to function as follows:
+**
+** xCreate:
+** This function is used to allocate and inititalize a tokenizer instance.
+** A tokenizer instance is required to actually tokenize text.
+**
+** The first argument passed to this function is a copy of the (void*)
+** pointer provided by the application when the fts5_tokenizer object
+** was registered with FTS5 (the third argument to xCreateTokenizer()).
+** The second and third arguments are an array of nul-terminated strings
+** containing the tokenizer arguments, if any, specified following the
+** tokenizer name as part of the CREATE VIRTUAL TABLE statement used
+** to create the FTS5 table.
+**
+** The final argument is an output variable. If successful, (*ppOut)
+** should be set to point to the new tokenizer handle and SQLITE_OK
+** returned. If an error occurs, some value other than SQLITE_OK should
+** be returned. In this case, fts5 assumes that the final value of *ppOut
+** is undefined.
+**
+** xDelete:
+** This function is invoked to delete a tokenizer handle previously
+** allocated using xCreate(). Fts5 guarantees that this function will
+** be invoked exactly once for each successful call to xCreate().
+**
+** xTokenize:
+** This function is expected to tokenize the nText byte string indicated
+** by argument pText. pText may or may not be nul-terminated. The first
+** argument passed to this function is a pointer to an Fts5Tokenizer object
+** returned by an earlier call to xCreate().
+**
+** The second argument indicates the reason that FTS5 is requesting
+** tokenization of the supplied text. This is always one of the following
+** four values:
+**
+** <ul><li> <b>FTS5_TOKENIZE_DOCUMENT</b> - A document is being inserted into
+** or removed from the FTS table. The tokenizer is being invoked to
+** determine the set of tokens to add to (or delete from) the
+** FTS index.
+**
+** <li> <b>FTS5_TOKENIZE_QUERY</b> - A MATCH query is being executed
+** against the FTS index. The tokenizer is being called to tokenize
+** a bareword or quoted string specified as part of the query.
+**
+** <li> <b>(FTS5_TOKENIZE_QUERY | FTS5_TOKENIZE_PREFIX)</b> - Same as
+** FTS5_TOKENIZE_QUERY, except that the bareword or quoted string is
+** followed by a "*" character, indicating that the last token
+** returned by the tokenizer will be treated as a token prefix.
+**
+** <li> <b>FTS5_TOKENIZE_AUX</b> - The tokenizer is being invoked to
+** satisfy an fts5_api.xTokenize() request made by an auxiliary
+** function. Or an fts5_api.xColumnSize() request made by the same
+** on a columnsize=0 database.
+** </ul>
+**
+** For each token in the input string, the supplied callback xToken() must
+** be invoked. The first argument to it should be a copy of the pointer
+** passed as the second argument to xTokenize(). The third and fourth
+** arguments are a pointer to a buffer containing the token text, and the
+** size of the token in bytes. The 4th and 5th arguments are the byte offsets
+** of the first byte of and first byte immediately following the text from
+** which the token is derived within the input.
+**
+** The second argument passed to the xToken() callback ("tflags") should
+** normally be set to 0. The exception is if the tokenizer supports
+** synonyms. In this case see the discussion below for details.
+**
+** FTS5 assumes the xToken() callback is invoked for each token in the
+** order that they occur within the input text.
+**
+** If an xToken() callback returns any value other than SQLITE_OK, then
+** the tokenization should be abandoned and the xTokenize() method should
+** immediately return a copy of the xToken() return value. Or, if the
+** input buffer is exhausted, xTokenize() should return SQLITE_OK. Finally,
+** if an error occurs with the xTokenize() implementation itself, it
+** may abandon the tokenization and return any error code other than
+** SQLITE_OK or SQLITE_DONE.
+**
+** SYNONYM SUPPORT
+**
+** Custom tokenizers may also support synonyms. Consider a case in which a
+** user wishes to query for a phrase such as "first place". Using the
+** built-in tokenizers, the FTS5 query 'first + place' will match instances
+** of "first place" within the document set, but not alternative forms
+** such as "1st place". In some applications, it would be better to match
+** all instances of "first place" or "1st place" regardless of which form
+** the user specified in the MATCH query text.
+**
+** There are several ways to approach this in FTS5:
+**
+** <ol><li> By mapping all synonyms to a single token. In this case, the
+** In the above example, this means that the tokenizer returns the
+** same token for inputs "first" and "1st". Say that token is in
+** fact "first", so that when the user inserts the document "I won
+** 1st place" entries are added to the index for tokens "i", "won",
+** "first" and "place". If the user then queries for '1st + place',
+** the tokenizer substitutes "first" for "1st" and the query works
+** as expected.
+**
+** <li> By adding multiple synonyms for a single term to the FTS index.
+** In this case, when tokenizing query text, the tokenizer may
+** provide multiple synonyms for a single term within the document.
+** FTS5 then queries the index for each synonym individually. For
+** example, faced with the query:
+**
+** <codeblock>
+** ... MATCH 'first place'</codeblock>
+**
+** the tokenizer offers both "1st" and "first" as synonyms for the
+** first token in the MATCH query and FTS5 effectively runs a query
+** similar to:
+**
+** <codeblock>
+** ... MATCH '(first OR 1st) place'</codeblock>
+**
+** except that, for the purposes of auxiliary functions, the query
+** still appears to contain just two phrases - "(first OR 1st)"
+** being treated as a single phrase.
+**
+** <li> By adding multiple synonyms for a single term to the FTS index.
+** Using this method, when tokenizing document text, the tokenizer
+** provides multiple synonyms for each token. So that when a
+** document such as "I won first place" is tokenized, entries are
+** added to the FTS index for "i", "won", "first", "1st" and
+** "place".
+**
+** This way, even if the tokenizer does not provide synonyms
+** when tokenizing query text (it should not - to do would be
+** inefficient), it doesn't matter if the user queries for
+** 'first + place' or '1st + place', as there are entires in the
+** FTS index corresponding to both forms of the first token.
+** </ol>
+**
+** Whether it is parsing document or query text, any call to xToken that
+** specifies a <i>tflags</i> argument with the FTS5_TOKEN_COLOCATED bit
+** is considered to supply a synonym for the previous token. For example,
+** when parsing the document "I won first place", a tokenizer that supports
+** synonyms would call xToken() 5 times, as follows:
+**
+** <codeblock>
+** xToken(pCtx, 0, "i", 1, 0, 1);
+** xToken(pCtx, 0, "won", 3, 2, 5);
+** xToken(pCtx, 0, "first", 5, 6, 11);
+** xToken(pCtx, FTS5_TOKEN_COLOCATED, "1st", 3, 6, 11);
+** xToken(pCtx, 0, "place", 5, 12, 17);
+**</codeblock>
+**
+** It is an error to specify the FTS5_TOKEN_COLOCATED flag the first time
+** xToken() is called. Multiple synonyms may be specified for a single token
+** by making multiple calls to xToken(FTS5_TOKEN_COLOCATED) in sequence.
+** There is no limit to the number of synonyms that may be provided for a
+** single token.
+**
+** In many cases, method (1) above is the best approach. It does not add
+** extra data to the FTS index or require FTS5 to query for multiple terms,
+** so it is efficient in terms of disk space and query speed. However, it
+** does not support prefix queries very well. If, as suggested above, the
+** token "first" is subsituted for "1st" by the tokenizer, then the query:
+**
+** <codeblock>
+** ... MATCH '1s*'</codeblock>
+**
+** will not match documents that contain the token "1st" (as the tokenizer
+** will probably not map "1s" to any prefix of "first").
+**
+** For full prefix support, method (3) may be preferred. In this case,
+** because the index contains entries for both "first" and "1st", prefix
+** queries such as 'fi*' or '1s*' will match correctly. However, because
+** extra entries are added to the FTS index, this method uses more space
+** within the database.
+**
+** Method (2) offers a midpoint between (1) and (3). Using this method,
+** a query such as '1s*' will match documents that contain the literal
+** token "1st", but not "first" (assuming the tokenizer is not able to
+** provide synonyms for prefixes). However, a non-prefix query like '1st'
+** will match against "1st" and "first". This method does not require
+** extra disk space, as no extra entries are added to the FTS index.
+** On the other hand, it may require more CPU cycles to run MATCH queries,
+** as separate queries of the FTS index are required for each synonym.
+**
+** When using methods (2) or (3), it is important that the tokenizer only
+** provide synonyms when tokenizing document text (method (2)) or query
+** text (method (3)), not both. Doing so will not cause any errors, but is
+** inefficient.
+*/
+typedef struct Fts5Tokenizer Fts5Tokenizer;
+typedef struct fts5_tokenizer fts5_tokenizer;
+struct fts5_tokenizer {
+ int (*xCreate)(void*, const char **azArg, int nArg, Fts5Tokenizer **ppOut);
+ void (*xDelete)(Fts5Tokenizer*);
+ int (*xTokenize)(Fts5Tokenizer*,
+ void *pCtx,
+ int flags, /* Mask of FTS5_TOKENIZE_* flags */
+ const char *pText, int nText,
+ int (*xToken)(
+ void *pCtx, /* Copy of 2nd argument to xTokenize() */
+ int tflags, /* Mask of FTS5_TOKEN_* flags */
+ const char *pToken, /* Pointer to buffer containing token */
+ int nToken, /* Size of token in bytes */
+ int iStart, /* Byte offset of token within input text */
+ int iEnd /* Byte offset of end of token within input text */
+ )
+ );
+};
+
+/* Flags that may be passed as the third argument to xTokenize() */
+#define FTS5_TOKENIZE_QUERY 0x0001
+#define FTS5_TOKENIZE_PREFIX 0x0002
+#define FTS5_TOKENIZE_DOCUMENT 0x0004
+#define FTS5_TOKENIZE_AUX 0x0008
+
+/* Flags that may be passed by the tokenizer implementation back to FTS5
+** as the third argument to the supplied xToken callback. */
+#define FTS5_TOKEN_COLOCATED 0x0001 /* Same position as prev. token */
+
+/*
+** END OF CUSTOM TOKENIZERS
+*************************************************************************/
+
+/*************************************************************************
+** FTS5 EXTENSION REGISTRATION API
+*/
+typedef struct fts5_api fts5_api;
+struct fts5_api {
+ int iVersion; /* Currently always set to 2 */
+
+ /* Create a new tokenizer */
+ int (*xCreateTokenizer)(
+ fts5_api *pApi,
+ const char *zName,
+ void *pContext,
+ fts5_tokenizer *pTokenizer,
+ void (*xDestroy)(void*)
+ );
+
+ /* Find an existing tokenizer */
+ int (*xFindTokenizer)(
+ fts5_api *pApi,
+ const char *zName,
+ void **ppContext,
+ fts5_tokenizer *pTokenizer
+ );
+
+ /* Create a new auxiliary function */
+ int (*xCreateFunction)(
+ fts5_api *pApi,
+ const char *zName,
+ void *pContext,
+ fts5_extension_function xFunction,
+ void (*xDestroy)(void*)
+ );
+};
+
+/*
+** END OF REGISTRATION API
+*************************************************************************/
+
+#ifdef __cplusplus
+} /* end of the 'extern "C"' block */
+#endif
+
+#endif /* _FTS5_H */
+
+
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
new file mode 100644
index 000000000..24fccc590
--- /dev/null
+++ b/security/nss/lib/ssl/Makefile
@@ -0,0 +1,65 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+######################################################################
+#
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+CSRCS += win32err.c
+DEFINES += -DIN_LIBSSL
+else
+ifeq ($(OS_TARGET),OS2)
+CSRCS += os2_err.c
+else
+CSRCS += unix_err.c
+endif
+endif
+
+# Enable key logging by default in debug builds, but not opt builds.
+# Logging still needs to be enabled at runtime through env vars.
+NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
+DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
+endif
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
diff --git a/security/nss/lib/ssl/SSLerrs.h b/security/nss/lib/ssl/SSLerrs.h
new file mode 100644
index 000000000..b0319b86c
--- /dev/null
+++ b/security/nss/lib/ssl/SSLerrs.h
@@ -0,0 +1,507 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#define UNUSED_ERROR(x) ER3(SSL_ERROR_UNUSED_##x, (SSL_ERROR_BASE + x), \
+ "Unrecognized SSL error_code.")
+
+/* SSL-specific security error codes */
+/* caller must include "sslerr.h" */
+
+ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
+ "Unable to communicate securely. Peer does not support high-grade encryption.")
+
+ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
+ "Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
+
+ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
+ "Cannot communicate securely with peer: no common encryption algorithm(s).")
+
+ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
+ "Unable to find the certificate or key necessary for authentication.")
+
+ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
+ "Unable to communicate securely with peer: peers's certificate was rejected.")
+
+UNUSED_ERROR(5)
+
+ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
+ "The server has encountered bad data from the client.")
+
+ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
+ "The client has encountered bad data from the server.")
+
+ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
+ "Unsupported certificate type.")
+
+ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
+ "Peer using unsupported version of security protocol.")
+
+UNUSED_ERROR(10)
+
+ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
+ "Client authentication failed: private key in key database does not match public key in certificate database.")
+
+ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
+ "Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
+
+ER3(SSL_ERROR_POST_WARNING, SSL_ERROR_BASE + 13,
+ "Unrecognized SSL error code.")
+
+ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
+ "Peer only supports SSL version 2, which is locally disabled.")
+
+ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
+ "SSL received a record with an incorrect Message Authentication Code.")
+
+ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
+ "SSL peer reports incorrect Message Authentication Code.")
+
+ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
+ "SSL peer cannot verify your certificate.")
+
+ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
+ "SSL peer rejected your certificate as revoked.")
+
+ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
+ "SSL peer rejected your certificate as expired.")
+
+ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
+ "Cannot connect: SSL is disabled.")
+
+ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
+ "Cannot connect: SSL peer is in another FORTEZZA domain.")
+
+ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE, (SSL_ERROR_BASE + 22),
+ "An unknown SSL cipher suite has been requested.")
+
+ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED, (SSL_ERROR_BASE + 23),
+ "No cipher suites are present and enabled in this program.")
+
+ER3(SSL_ERROR_BAD_BLOCK_PADDING, (SSL_ERROR_BASE + 24),
+ "SSL received a record with bad block padding.")
+
+ER3(SSL_ERROR_RX_RECORD_TOO_LONG, (SSL_ERROR_BASE + 25),
+ "SSL received a record that exceeded the maximum permissible length.")
+
+ER3(SSL_ERROR_TX_RECORD_TOO_LONG, (SSL_ERROR_BASE + 26),
+ "SSL attempted to send a record that exceeded the maximum permissible length.")
+
+/*
+ * Received a malformed (too long or short or invalid content) SSL handshake.
+ */
+ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST, (SSL_ERROR_BASE + 27),
+ "SSL received a malformed Hello Request handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO, (SSL_ERROR_BASE + 28),
+ "SSL received a malformed Client Hello handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO, (SSL_ERROR_BASE + 29),
+ "SSL received a malformed Server Hello handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE, (SSL_ERROR_BASE + 30),
+ "SSL received a malformed Certificate handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH, (SSL_ERROR_BASE + 31),
+ "SSL received a malformed Server Key Exchange handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST, (SSL_ERROR_BASE + 32),
+ "SSL received a malformed Certificate Request handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE, (SSL_ERROR_BASE + 33),
+ "SSL received a malformed Server Hello Done handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY, (SSL_ERROR_BASE + 34),
+ "SSL received a malformed Certificate Verify handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH, (SSL_ERROR_BASE + 35),
+ "SSL received a malformed Client Key Exchange handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_FINISHED, (SSL_ERROR_BASE + 36),
+ "SSL received a malformed Finished handshake message.")
+
+/*
+ * Received a malformed (too long or short) SSL record.
+ */
+ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER, (SSL_ERROR_BASE + 37),
+ "SSL received a malformed Change Cipher Spec record.")
+
+ER3(SSL_ERROR_RX_MALFORMED_ALERT, (SSL_ERROR_BASE + 38),
+ "SSL received a malformed Alert record.")
+
+ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE, (SSL_ERROR_BASE + 39),
+ "SSL received a malformed Handshake record.")
+
+ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA, (SSL_ERROR_BASE + 40),
+ "SSL received a malformed Application Data record.")
+
+/*
+ * Received an SSL handshake that was inappropriate for the state we're in.
+ * E.g. Server received message from server, or wrong state in state machine.
+ */
+ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST, (SSL_ERROR_BASE + 41),
+ "SSL received an unexpected Hello Request handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO, (SSL_ERROR_BASE + 42),
+ "SSL received an unexpected Client Hello handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO, (SSL_ERROR_BASE + 43),
+ "SSL received an unexpected Server Hello handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE, (SSL_ERROR_BASE + 44),
+ "SSL received an unexpected Certificate handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH, (SSL_ERROR_BASE + 45),
+ "SSL received an unexpected Server Key Exchange handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST, (SSL_ERROR_BASE + 46),
+ "SSL received an unexpected Certificate Request handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE, (SSL_ERROR_BASE + 47),
+ "SSL received an unexpected Server Hello Done handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY, (SSL_ERROR_BASE + 48),
+ "SSL received an unexpected Certificate Verify handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH, (SSL_ERROR_BASE + 49),
+ "SSL received an unexpected Client Key Exchange handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED, (SSL_ERROR_BASE + 50),
+ "SSL received an unexpected Finished handshake message.")
+
+/*
+ * Received an SSL record that was inappropriate for the state we're in.
+ */
+ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER, (SSL_ERROR_BASE + 51),
+ "SSL received an unexpected Change Cipher Spec record.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_ALERT, (SSL_ERROR_BASE + 52),
+ "SSL received an unexpected Alert record.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE, (SSL_ERROR_BASE + 53),
+ "SSL received an unexpected Handshake record.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
+ "SSL received an unexpected Application Data record.")
+
+/*
+ * Received record/message with unknown discriminant.
+ */
+ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, (SSL_ERROR_BASE + 55),
+ "SSL received a record with an unknown content type.")
+
+ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE, (SSL_ERROR_BASE + 56),
+ "SSL received a handshake message with an unknown message type.")
+
+ER3(SSL_ERROR_RX_UNKNOWN_ALERT, (SSL_ERROR_BASE + 57),
+ "SSL received an alert record with an unknown alert description.")
+
+/*
+ * Received an alert reporting what we did wrong. (more alerts above)
+ */
+ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT, (SSL_ERROR_BASE + 58),
+ "SSL peer has closed this connection.")
+
+ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT, (SSL_ERROR_BASE + 59),
+ "SSL peer was not expecting a handshake message it received.")
+
+ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT, (SSL_ERROR_BASE + 60),
+ "SSL peer was unable to successfully decompress an SSL record it received.")
+
+ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT, (SSL_ERROR_BASE + 61),
+ "SSL peer was unable to negotiate an acceptable set of security parameters.")
+
+ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT, (SSL_ERROR_BASE + 62),
+ "SSL peer rejected a handshake message for unacceptable content.")
+
+ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT, (SSL_ERROR_BASE + 63),
+ "SSL peer does not support certificates of the type it received.")
+
+ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT, (SSL_ERROR_BASE + 64),
+ "SSL peer had some unspecified issue with the certificate it received.")
+
+ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE, (SSL_ERROR_BASE + 65),
+ "SSL experienced a failure of its random number generator.")
+
+ER3(SSL_ERROR_SIGN_HASHES_FAILURE, (SSL_ERROR_BASE + 66),
+ "Unable to digitally sign data required to verify your certificate.")
+
+ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE, (SSL_ERROR_BASE + 67),
+ "SSL was unable to extract the public key from the peer's certificate.")
+
+ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE, (SSL_ERROR_BASE + 68),
+ "Unspecified failure while processing SSL Server Key Exchange handshake.")
+
+ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE, (SSL_ERROR_BASE + 69),
+ "Unspecified failure while processing SSL Client Key Exchange handshake.")
+
+ER3(SSL_ERROR_ENCRYPTION_FAILURE, (SSL_ERROR_BASE + 70),
+ "Bulk data encryption algorithm failed in selected cipher suite.")
+
+ER3(SSL_ERROR_DECRYPTION_FAILURE, (SSL_ERROR_BASE + 71),
+ "Bulk data decryption algorithm failed in selected cipher suite.")
+
+ER3(SSL_ERROR_SOCKET_WRITE_FAILURE, (SSL_ERROR_BASE + 72),
+ "Attempt to write encrypted data to underlying socket failed.")
+
+ER3(SSL_ERROR_MD5_DIGEST_FAILURE, (SSL_ERROR_BASE + 73),
+ "MD5 digest function failed.")
+
+ER3(SSL_ERROR_SHA_DIGEST_FAILURE, (SSL_ERROR_BASE + 74),
+ "SHA-1 digest function failed.")
+
+ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE, (SSL_ERROR_BASE + 75),
+ "MAC computation failed.")
+
+ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE, (SSL_ERROR_BASE + 76),
+ "Failure to create Symmetric Key context.")
+
+ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE, (SSL_ERROR_BASE + 77),
+ "Failure to unwrap the Symmetric key in Client Key Exchange message.")
+
+ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED, (SSL_ERROR_BASE + 78),
+ "SSL Server attempted to use domestic-grade public key with export cipher suite.")
+
+ER3(SSL_ERROR_IV_PARAM_FAILURE, (SSL_ERROR_BASE + 79),
+ "PKCS11 code failed to translate an IV into a param.")
+
+ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE, (SSL_ERROR_BASE + 80),
+ "Failed to initialize the selected cipher suite.")
+
+ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE, (SSL_ERROR_BASE + 81),
+ "Client failed to generate session keys for SSL session.")
+
+ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG, (SSL_ERROR_BASE + 82),
+ "Server has no key for the attempted key exchange algorithm.")
+
+ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL, (SSL_ERROR_BASE + 83),
+ "PKCS#11 token was inserted or removed while operation was in progress.")
+
+ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND, (SSL_ERROR_BASE + 84),
+ "No PKCS#11 token could be found to do a required operation.")
+
+ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP, (SSL_ERROR_BASE + 85),
+ "Cannot communicate securely with peer: no common compression algorithm(s).")
+
+ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED, (SSL_ERROR_BASE + 86),
+ "Cannot perform the operation until the handshake is complete.")
+
+ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE, (SSL_ERROR_BASE + 87),
+ "Received incorrect handshakes hash values from peer.")
+
+ER3(SSL_ERROR_CERT_KEA_MISMATCH, (SSL_ERROR_BASE + 88),
+ "The certificate provided cannot be used with the selected authentication type.")
+
+ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA, (SSL_ERROR_BASE + 89),
+ "No certificate authority is trusted for SSL client authentication.")
+
+ER3(SSL_ERROR_SESSION_NOT_FOUND, (SSL_ERROR_BASE + 90),
+ "Client's SSL session ID not found in server's session cache.")
+
+ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT, (SSL_ERROR_BASE + 91),
+ "Peer was unable to decrypt an SSL record it received.")
+
+ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT, (SSL_ERROR_BASE + 92),
+ "Peer received an SSL record that was longer than is permitted.")
+
+ER3(SSL_ERROR_UNKNOWN_CA_ALERT, (SSL_ERROR_BASE + 93),
+ "Peer does not recognize and trust the CA that issued your certificate.")
+
+ER3(SSL_ERROR_ACCESS_DENIED_ALERT, (SSL_ERROR_BASE + 94),
+ "Peer received a valid certificate, but access was denied.")
+
+ER3(SSL_ERROR_DECODE_ERROR_ALERT, (SSL_ERROR_BASE + 95),
+ "Peer could not decode an SSL handshake message.")
+
+ER3(SSL_ERROR_DECRYPT_ERROR_ALERT, (SSL_ERROR_BASE + 96),
+ "Peer reports failure of signature verification or key exchange.")
+
+ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT, (SSL_ERROR_BASE + 97),
+ "Peer reports negotiation not in compliance with export regulations.")
+
+ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT, (SSL_ERROR_BASE + 98),
+ "Peer reports incompatible or unsupported protocol version.")
+
+ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT, (SSL_ERROR_BASE + 99),
+ "Server requires ciphers more secure than those supported by client.")
+
+ER3(SSL_ERROR_INTERNAL_ERROR_ALERT, (SSL_ERROR_BASE + 100),
+ "Peer reports it experienced an internal error.")
+
+ER3(SSL_ERROR_USER_CANCELED_ALERT, (SSL_ERROR_BASE + 101),
+ "Peer user canceled handshake.")
+
+ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT, (SSL_ERROR_BASE + 102),
+ "Peer does not permit renegotiation of SSL security parameters.")
+
+ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED, (SSL_ERROR_BASE + 103),
+ "SSL server cache not configured and not disabled for this socket.")
+
+ER3(SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT, (SSL_ERROR_BASE + 104),
+ "SSL peer does not support requested TLS hello extension.")
+
+ER3(SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT, (SSL_ERROR_BASE + 105),
+ "SSL peer could not obtain your certificate from the supplied URL.")
+
+ER3(SSL_ERROR_UNRECOGNIZED_NAME_ALERT, (SSL_ERROR_BASE + 106),
+ "SSL peer has no certificate for the requested DNS name.")
+
+ER3(SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT, (SSL_ERROR_BASE + 107),
+ "SSL peer was unable to get an OCSP response for its certificate.")
+
+ER3(SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT, (SSL_ERROR_BASE + 108),
+ "SSL peer reported bad certificate hash value.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 109),
+ "SSL received an unexpected New Session Ticket handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET, (SSL_ERROR_BASE + 110),
+ "SSL received a malformed New Session Ticket handshake message.")
+
+ER3(SSL_ERROR_DECOMPRESSION_FAILURE, (SSL_ERROR_BASE + 111),
+ "SSL received a compressed record that could not be decompressed.")
+
+ER3(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED, (SSL_ERROR_BASE + 112),
+ "Renegotiation is not allowed on this SSL socket.")
+
+ER3(SSL_ERROR_UNSAFE_NEGOTIATION, (SSL_ERROR_BASE + 113),
+ "Peer attempted old style (potentially vulnerable) handshake.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD, (SSL_ERROR_BASE + 114),
+ "SSL received an unexpected uncompressed record.")
+
+ER3(SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY, (SSL_ERROR_BASE + 115),
+ "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.")
+
+ER3(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, (SSL_ERROR_BASE + 116),
+ "SSL received invalid NPN extension data.")
+
+ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2, (SSL_ERROR_BASE + 117),
+ "SSL feature not supported for SSL 2.0 connections.")
+
+ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS, (SSL_ERROR_BASE + 118),
+ "SSL feature not supported for servers.")
+
+ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS, (SSL_ERROR_BASE + 119),
+ "SSL feature not supported for clients.")
+
+ER3(SSL_ERROR_INVALID_VERSION_RANGE, (SSL_ERROR_BASE + 120),
+ "SSL version range is not valid.")
+
+ER3(SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION, (SSL_ERROR_BASE + 121),
+ "SSL peer selected a cipher suite disallowed for the selected protocol version.")
+
+ER3(SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST, (SSL_ERROR_BASE + 122),
+ "SSL received a malformed Hello Verify Request handshake message.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST, (SSL_ERROR_BASE + 123),
+ "SSL received an unexpected Hello Verify Request handshake message.")
+
+ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION, (SSL_ERROR_BASE + 124),
+ "SSL feature not supported for the protocol version.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_CERT_STATUS, (SSL_ERROR_BASE + 125),
+ "SSL received an unexpected Certificate Status handshake message.")
+
+ER3(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM, (SSL_ERROR_BASE + 126),
+ "Unsupported hash algorithm used by TLS peer.")
+
+ER3(SSL_ERROR_DIGEST_FAILURE, (SSL_ERROR_BASE + 127),
+ "Digest function failed.")
+
+ER3(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM, (SSL_ERROR_BASE + 128),
+ "Incorrect signature algorithm specified in a digitally-signed element.")
+
+ER3(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK, (SSL_ERROR_BASE + 129),
+ "The next protocol negotiation extension was enabled, but the callback was cleared prior to being needed.")
+
+ER3(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL, (SSL_ERROR_BASE + 130),
+ "The server supports no protocols that the client advertises in the ALPN extension.")
+
+ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 131),
+ "The server rejected the handshake because the client downgraded to a lower "
+ "TLS version than the server supports.")
+
+ER3(SSL_ERROR_WEAK_SERVER_CERT_KEY, (SSL_ERROR_BASE + 132),
+ "The server certificate included a public key that was too weak.")
+
+ER3(SSL_ERROR_RX_SHORT_DTLS_READ, (SSL_ERROR_BASE + 133),
+ "Not enough room in buffer for DTLS record.")
+
+ER3(SSL_ERROR_NO_SUPPORTED_SIGNATURE_ALGORITHM, (SSL_ERROR_BASE + 134),
+ "No supported TLS signature algorithm was configured.")
+
+ER3(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM, (SSL_ERROR_BASE + 135),
+ "The peer used an unsupported combination of signature and hash algorithm.")
+
+ER3(SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET, (SSL_ERROR_BASE + 136),
+ "The peer tried to resume without a correct extended_master_secret extension")
+
+ER3(SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET, (SSL_ERROR_BASE + 137),
+ "The peer tried to resume with an unexpected extended_master_secret extension")
+
+ER3(SSL_ERROR_RX_MALFORMED_KEY_SHARE, (SSL_ERROR_BASE + 138),
+ "SSL received a malformed Key Share extension.")
+
+ER3(SSL_ERROR_MISSING_KEY_SHARE, (SSL_ERROR_BASE + 139),
+ "SSL expected a Key Share extension.")
+
+ER3(SSL_ERROR_RX_MALFORMED_ECDHE_KEY_SHARE, (SSL_ERROR_BASE + 140),
+ "SSL received a malformed ECDHE key share handshake extension.")
+
+ER3(SSL_ERROR_RX_MALFORMED_DHE_KEY_SHARE, (SSL_ERROR_BASE + 141),
+ "SSL received a malformed DHE key share handshake extension.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_ENCRYPTED_EXTENSIONS, (SSL_ERROR_BASE + 142),
+ "SSL received an unexpected Encrypted Extensions handshake message.")
+
+ER3(SSL_ERROR_MISSING_EXTENSION_ALERT, (SSL_ERROR_BASE + 143),
+ "SSL received a missing_extension alert.")
+
+ER3(SSL_ERROR_KEY_EXCHANGE_FAILURE, (SSL_ERROR_BASE + 144),
+ "SSL had an error performing key exchange.")
+
+ER3(SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION, (SSL_ERROR_BASE + 145),
+ "SSL received an extension that is not permitted for this version.")
+
+ER3(SSL_ERROR_RX_MALFORMED_ENCRYPTED_EXTENSIONS, (SSL_ERROR_BASE + 146),
+ "SSL received a malformed Encrypted Extensions handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_PRE_SHARED_KEY, (SSL_ERROR_BASE + 147),
+ "SSL received an invalid PreSharedKey extension.")
+
+ER3(SSL_ERROR_RX_MALFORMED_EARLY_DATA, (SSL_ERROR_BASE + 148),
+ "SSL received an invalid EarlyData extension.")
+
+ER3(SSL_ERROR_END_OF_EARLY_DATA_ALERT, (SSL_ERROR_BASE + 149),
+ "SSL received an unexpected end of early data alert.")
+
+ER3(SSL_ERROR_MISSING_ALPN_EXTENSION, (SSL_ERROR_BASE + 150),
+ "SSL didn't receive an expected ALPN extension.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_EXTENSION, (SSL_ERROR_BASE + 151),
+ "SSL received an unexpected extension.")
+
+ER3(SSL_ERROR_MISSING_SUPPORTED_GROUPS, (SSL_ERROR_BASE + 152),
+ "SSL expected a supported groups extension.")
+
+ER3(SSL_ERROR_TOO_MANY_RECORDS, (SSL_ERROR_BASE + 153),
+ "SSL sent or received too many records with the same symmetric key.")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_RETRY_REQUEST, (SSL_ERROR_BASE + 154),
+ "SSL received an unexpected Hello Retry Request handshake message.")
+
+ER3(SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST, (SSL_ERROR_BASE + 155),
+ "SSL received a malformed Hello Retry Request handshake message.")
+
+ER3(SSL_ERROR_BAD_2ND_CLIENT_HELLO, (SSL_ERROR_BASE + 156),
+ "SSL received a second Client Hello message without a usable key share.")
+
+ER3(SSL_ERROR_MISSING_SIGNATURE_ALGORITHMS_EXTENSION, (SSL_ERROR_BASE + 157),
+ "SSL expected a signature algorithms extension.")
+
+ER3(SSL_ERROR_MALFORMED_PSK_KEY_EXCHANGE_MODES, (SSL_ERROR_BASE + 158),
+ "SSL received a malformed PSK key exchange modes extension.")
+
+ER3(SSL_ERROR_MISSING_PSK_KEY_EXCHANGE_MODES, (SSL_ERROR_BASE + 159),
+ "SSL expected a missing PSK key exchange modes extension.")
diff --git a/security/nss/lib/ssl/authcert.c b/security/nss/lib/ssl/authcert.c
new file mode 100644
index 000000000..88c7c084a
--- /dev/null
+++ b/security/nss/lib/ssl/authcert.c
@@ -0,0 +1,89 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <string.h>
+#include "prerror.h"
+#include "secitem.h"
+#include "prnetdb.h"
+#include "cert.h"
+#include "nspr.h"
+#include "secder.h"
+#include "key.h"
+#include "nss.h"
+#include "ssl.h"
+#include "pk11func.h" /* for PK11_ function calls */
+
+/*
+ * This callback used by SSL to pull client sertificate upon
+ * server request
+ */
+SECStatus
+NSS_GetClientAuthData(void *arg,
+ PRFileDesc *socket,
+ struct CERTDistNamesStr *caNames,
+ struct CERTCertificateStr **pRetCert,
+ struct SECKEYPrivateKeyStr **pRetKey)
+{
+ CERTCertificate *cert = NULL;
+ SECKEYPrivateKey *privkey = NULL;
+ char *chosenNickName = (char *)arg; /* CONST */
+ void *proto_win = NULL;
+ SECStatus rv = SECFailure;
+
+ proto_win = SSL_RevealPinArg(socket);
+
+ if (chosenNickName) {
+ cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
+ chosenNickName, certUsageSSLClient,
+ PR_FALSE, proto_win);
+ if (cert) {
+ privkey = PK11_FindKeyByAnyCert(cert, proto_win);
+ if (privkey) {
+ rv = SECSuccess;
+ } else {
+ CERT_DestroyCertificate(cert);
+ }
+ }
+ } else { /* no name given, automatically find the right cert. */
+ CERTCertNicknames *names;
+ int i;
+
+ names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
+ SEC_CERT_NICKNAMES_USER, proto_win);
+ if (names != NULL) {
+ for (i = 0; i < names->numnicknames; i++) {
+ cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
+ names->nicknames[i], certUsageSSLClient,
+ PR_FALSE, proto_win);
+ if (!cert)
+ continue;
+ /* Only check unexpired certs */
+ if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) !=
+ secCertTimeValid) {
+ CERT_DestroyCertificate(cert);
+ continue;
+ }
+ rv = NSS_CmpCertChainWCANames(cert, caNames);
+ if (rv == SECSuccess) {
+ privkey =
+ PK11_FindKeyByAnyCert(cert, proto_win);
+ if (privkey)
+ break;
+ }
+ rv = SECFailure;
+ CERT_DestroyCertificate(cert);
+ }
+ CERT_FreeNicknames(names);
+ }
+ }
+ if (rv == SECSuccess) {
+ *pRetCert = cert;
+ *pRetKey = privkey;
+ }
+ return rv;
+}
diff --git a/security/nss/lib/ssl/cmpcert.c b/security/nss/lib/ssl/cmpcert.c
new file mode 100644
index 000000000..e6edbee83
--- /dev/null
+++ b/security/nss/lib/ssl/cmpcert.c
@@ -0,0 +1,89 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <string.h>
+#include "prerror.h"
+#include "secitem.h"
+#include "prnetdb.h"
+#include "cert.h"
+#include "nspr.h"
+#include "secder.h"
+#include "key.h"
+#include "nss.h"
+
+/*
+ * Look to see if any of the signers in the cert chain for "cert" are found
+ * in the list of caNames.
+ * Returns SECSuccess if so, SECFailure if not.
+ */
+SECStatus
+NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
+{
+ SECItem *caname;
+ CERTCertificate *curcert;
+ CERTCertificate *oldcert;
+ PRInt32 contentlen;
+ int j;
+ int headerlen;
+ int depth;
+ SECStatus rv;
+ SECItem issuerName;
+ SECItem compatIssuerName;
+
+ if (!cert || !caNames || !caNames->nnames || !caNames->names ||
+ !caNames->names->data)
+ return SECFailure;
+ depth = 0;
+ curcert = CERT_DupCertificate(cert);
+
+ while (curcert) {
+ issuerName = curcert->derIssuer;
+
+ /* compute an alternate issuer name for compatibility with 2.0
+ * enterprise server, which send the CA names without
+ * the outer layer of DER header
+ */
+ rv = DER_Lengths(&issuerName, &headerlen, (PRUint32 *)&contentlen);
+ if (rv == SECSuccess) {
+ compatIssuerName.data = &issuerName.data[headerlen];
+ compatIssuerName.len = issuerName.len - headerlen;
+ } else {
+ compatIssuerName.data = NULL;
+ compatIssuerName.len = 0;
+ }
+
+ for (j = 0; j < caNames->nnames; j++) {
+ caname = &caNames->names[j];
+ if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {
+ rv = SECSuccess;
+ CERT_DestroyCertificate(curcert);
+ goto done;
+ } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) {
+ rv = SECSuccess;
+ CERT_DestroyCertificate(curcert);
+ goto done;
+ }
+ }
+ if ((depth <= 20) &&
+ (SECITEM_CompareItem(&curcert->derIssuer, &curcert->derSubject) !=
+ SECEqual)) {
+ oldcert = curcert;
+ curcert = CERT_FindCertByName(curcert->dbhandle,
+ &curcert->derIssuer);
+ CERT_DestroyCertificate(oldcert);
+ depth++;
+ } else {
+ CERT_DestroyCertificate(curcert);
+ curcert = NULL;
+ }
+ }
+ rv = SECFailure;
+
+done:
+ return rv;
+}
diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk
new file mode 100644
index 000000000..339cc80df
--- /dev/null
+++ b/security/nss/lib/ssl/config.mk
@@ -0,0 +1,71 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ifdef NISCC_TEST
+DEFINES += -DNISCC_TEST
+endif
+
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/ssl.res
+RESNAME = ssl.rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -lnss3 \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+else # ! NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ $(DIST)/lib/nss3.lib \
+ $(DIST)/lib/nssutil3.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -lnss3 \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+
+ifeq ($(OS_ARCH), BeOS)
+EXTRA_SHARED_LIBS += -lbe
+endif
+
+endif
+
+ifdef NSS_SSL_ENABLE_ZLIB
+DEFINES += -DNSS_SSL_ENABLE_ZLIB
+include $(CORE_DEPTH)/coreconf/zlib.mk
+endif
+
+ifndef NSS_ENABLE_TLS_1_3
+NSS_DISABLE_TLS_1_3=1
+endif
+
+ifdef NSS_DISABLE_TLS_1_3
+DEFINES += -DNSS_DISABLE_TLS_1_3
+endif
diff --git a/security/nss/lib/ssl/dhe-param.c b/security/nss/lib/ssl/dhe-param.c
new file mode 100644
index 000000000..ad87cc4f6
--- /dev/null
+++ b/security/nss/lib/ssl/dhe-param.c
@@ -0,0 +1,418 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+static const unsigned char ff_dhe_g2[] = { 2 };
+
+static const unsigned char ff_dhe_2048_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static const ssl3DHParams ff_dhe_2048_params = {
+ ssl_grp_ffdhe_2048,
+ { siBuffer, (unsigned char *)ff_dhe_2048_p, sizeof(ff_dhe_2048_p) },
+ { siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
+};
+
+static const unsigned char ff_dhe_3072_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static const ssl3DHParams ff_dhe_3072_params = {
+ ssl_grp_ffdhe_3072,
+ { siBuffer, (unsigned char *)ff_dhe_3072_p, sizeof(ff_dhe_3072_p) },
+ { siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
+};
+
+static const unsigned char ff_dhe_4096_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
+ 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
+ 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
+ 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
+ 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
+ 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
+ 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
+ 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
+ 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
+ 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
+ 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
+ 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
+ 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
+ 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
+ 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
+ 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
+ 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static const ssl3DHParams ff_dhe_4096_params = {
+ ssl_grp_ffdhe_4096,
+ { siBuffer, (unsigned char *)ff_dhe_4096_p, sizeof(ff_dhe_4096_p) },
+ { siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
+};
+
+static const unsigned char ff_dhe_6144_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
+ 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
+ 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
+ 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
+ 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
+ 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
+ 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
+ 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
+ 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
+ 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
+ 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
+ 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
+ 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
+ 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
+ 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
+ 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
+ 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
+ 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
+ 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
+ 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
+ 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
+ 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
+ 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
+ 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
+ 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
+ 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
+ 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
+ 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
+ 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
+ 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
+ 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
+ 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
+ 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
+ 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
+ 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
+ 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
+ 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
+ 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
+ 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
+ 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
+ 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
+ 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
+ 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
+ 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
+ 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
+ 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
+ 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
+ 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
+ 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static const ssl3DHParams ff_dhe_6144_params = {
+ ssl_grp_ffdhe_6144,
+ { siBuffer, (unsigned char *)ff_dhe_6144_p, sizeof(ff_dhe_6144_p) },
+ { siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
+};
+
+static const unsigned char ff_dhe_8192_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
+ 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
+ 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
+ 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
+ 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
+ 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
+ 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
+ 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
+ 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
+ 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
+ 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
+ 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
+ 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
+ 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
+ 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
+ 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
+ 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
+ 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
+ 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
+ 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
+ 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
+ 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
+ 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
+ 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
+ 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
+ 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
+ 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
+ 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
+ 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
+ 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
+ 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
+ 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
+ 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
+ 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
+ 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
+ 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
+ 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
+ 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
+ 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
+ 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
+ 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
+ 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
+ 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
+ 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
+ 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
+ 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
+ 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
+ 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
+ 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA,
+ 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38,
+ 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64,
+ 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43,
+ 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E,
+ 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF,
+ 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29,
+ 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65,
+ 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02,
+ 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4,
+ 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82,
+ 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C,
+ 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51,
+ 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22,
+ 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74,
+ 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE,
+ 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C,
+ 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC,
+ 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B,
+ 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9,
+ 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0,
+ 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31,
+ 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57,
+ 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8,
+ 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E,
+ 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30,
+ 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E,
+ 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE,
+ 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D,
+ 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D,
+ 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E,
+ 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C,
+ 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static const ssl3DHParams ff_dhe_8192_params = {
+ ssl_grp_ffdhe_8192,
+ { siBuffer, (unsigned char *)ff_dhe_8192_p, sizeof(ff_dhe_8192_p) },
+ { siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
+};
diff --git a/security/nss/lib/ssl/dtlscon.c b/security/nss/lib/ssl/dtlscon.c
new file mode 100644
index 000000000..09ceeac23
--- /dev/null
+++ b/security/nss/lib/ssl/dtlscon.c
@@ -0,0 +1,1214 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * DTLS Protocol
+ */
+
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+
+#ifndef PR_ARRAY_SIZE
+#define PR_ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0]))
+#endif
+
+static SECStatus dtls_TransmitMessageFlight(sslSocket *ss);
+static SECStatus dtls_StartRetransmitTimer(sslSocket *ss);
+static void dtls_RetransmitTimerExpiredCb(sslSocket *ss);
+static SECStatus dtls_SendSavedWriteData(sslSocket *ss);
+static void dtls_FinishedTimerCb(sslSocket *ss);
+
+/* -28 adjusts for the IP/UDP header */
+static const PRUint16 COMMON_MTU_VALUES[] = {
+ 1500 - 28, /* Ethernet MTU */
+ 1280 - 28, /* IPv6 minimum MTU */
+ 576 - 28, /* Common assumption */
+ 256 - 28 /* We're in serious trouble now */
+};
+
+#define DTLS_COOKIE_BYTES 32
+
+/* List copied from ssl3con.c:cipherSuites */
+static const ssl3CipherSuite nonDTLSSuites[] = {
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_DHE_DSS_WITH_RC4_128_SHA,
+ TLS_ECDH_RSA_WITH_RC4_128_SHA,
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_MD5,
+ TLS_RSA_WITH_RC4_128_SHA,
+ 0 /* End of list marker */
+};
+
+/* Map back and forth between TLS and DTLS versions in wire format.
+ * Mapping table is:
+ *
+ * TLS DTLS
+ * 1.1 (0302) 1.0 (feff)
+ * 1.2 (0303) 1.2 (fefd)
+ * 1.3 (0304) 1.3 (fefc)
+ */
+SSL3ProtocolVersion
+dtls_TLSVersionToDTLSVersion(SSL3ProtocolVersion tlsv)
+{
+ if (tlsv == SSL_LIBRARY_VERSION_TLS_1_1) {
+ return SSL_LIBRARY_VERSION_DTLS_1_0_WIRE;
+ }
+ if (tlsv == SSL_LIBRARY_VERSION_TLS_1_2) {
+ return SSL_LIBRARY_VERSION_DTLS_1_2_WIRE;
+ }
+ if (tlsv == SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SSL_LIBRARY_VERSION_DTLS_1_3_WIRE;
+ }
+
+ /* Anything other than TLS 1.1 or 1.2 is an error, so return
+ * the invalid version 0xffff. */
+ return 0xffff;
+}
+
+/* Map known DTLS versions to known TLS versions.
+ * - Invalid versions (< 1.0) return a version of 0
+ * - Versions > known return a version one higher than we know of
+ * to accomodate a theoretically newer version */
+SSL3ProtocolVersion
+dtls_DTLSVersionToTLSVersion(SSL3ProtocolVersion dtlsv)
+{
+ if (MSB(dtlsv) == 0xff) {
+ return 0;
+ }
+
+ if (dtlsv == SSL_LIBRARY_VERSION_DTLS_1_0_WIRE) {
+ return SSL_LIBRARY_VERSION_TLS_1_1;
+ }
+ /* Handle the skipped version of DTLS 1.1 by returning
+ * an error. */
+ if (dtlsv == ((~0x0101) & 0xffff)) {
+ return 0;
+ }
+ if (dtlsv == SSL_LIBRARY_VERSION_DTLS_1_2_WIRE) {
+ return SSL_LIBRARY_VERSION_TLS_1_2;
+ }
+ if (dtlsv == SSL_LIBRARY_VERSION_DTLS_1_3_WIRE) {
+ return SSL_LIBRARY_VERSION_TLS_1_3;
+ }
+
+ /* Return a fictional higher version than we know of */
+ return SSL_LIBRARY_VERSION_MAX_SUPPORTED + 1;
+}
+
+/* On this socket, Disable non-DTLS cipher suites in the argument's list */
+SECStatus
+ssl3_DisableNonDTLSSuites(sslSocket *ss)
+{
+ const ssl3CipherSuite *suite;
+
+ for (suite = nonDTLSSuites; *suite; ++suite) {
+ PORT_CheckSuccess(ssl3_CipherPrefSet(ss, *suite, PR_FALSE));
+ }
+ return SECSuccess;
+}
+
+/* Allocate a DTLSQueuedMessage.
+ *
+ * Called from dtls_QueueMessage()
+ */
+static DTLSQueuedMessage *
+dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSL3ContentType type,
+ const unsigned char *data, PRUint32 len)
+{
+ DTLSQueuedMessage *msg = NULL;
+
+ msg = PORT_ZAlloc(sizeof(DTLSQueuedMessage));
+ if (!msg)
+ return NULL;
+
+ msg->data = PORT_Alloc(len);
+ if (!msg->data) {
+ PORT_Free(msg);
+ return NULL;
+ }
+ PORT_Memcpy(msg->data, data, len);
+
+ msg->len = len;
+ msg->cwSpec = cwSpec;
+ msg->type = type;
+ /* Safe if we are < 1.3, since the refct is
+ * already very high. */
+ tls13_CipherSpecAddRef(cwSpec);
+
+ return msg;
+}
+
+/*
+ * Free a handshake message
+ *
+ * Called from dtls_FreeHandshakeMessages()
+ */
+void
+dtls_FreeHandshakeMessage(DTLSQueuedMessage *msg)
+{
+ if (!msg)
+ return;
+
+ /* Safe if we are < 1.3, since the refct is
+ * already very high. */
+ tls13_CipherSpecRelease(msg->cwSpec);
+ PORT_ZFree(msg->data, msg->len);
+ PORT_Free(msg);
+}
+
+/*
+ * Free a list of handshake messages
+ *
+ * Called from:
+ * dtls_HandleHandshake()
+ * ssl3_DestroySSL3Info()
+ */
+void
+dtls_FreeHandshakeMessages(PRCList *list)
+{
+ PRCList *cur_p;
+
+ while (!PR_CLIST_IS_EMPTY(list)) {
+ cur_p = PR_LIST_TAIL(list);
+ PR_REMOVE_LINK(cur_p);
+ dtls_FreeHandshakeMessage((DTLSQueuedMessage *)cur_p);
+ }
+}
+
+/* Called by dtls_HandleHandshake() and dtls_MaybeRetransmitHandshake() if a
+ * handshake message retransmission is detected. */
+static SECStatus
+dtls_RetransmitDetected(sslSocket *ss)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->ssl3.hs.rtTimerCb == dtls_RetransmitTimerExpiredCb) {
+ /* Check to see if we retransmitted recently. If so,
+ * suppress the triggered retransmit. This avoids
+ * retransmit wars after packet loss.
+ * This is not in RFC 5346 but it should be.
+ */
+ if ((PR_IntervalNow() - ss->ssl3.hs.rtTimerStarted) >
+ (ss->ssl3.hs.rtTimeoutMs / 4)) {
+ SSL_TRC(30,
+ ("%d: SSL3[%d]: Shortcutting retransmit timer",
+ SSL_GETPID(), ss->fd));
+
+ /* Cancel the timer and call the CB,
+ * which re-arms the timer */
+ dtls_CancelTimer(ss);
+ dtls_RetransmitTimerExpiredCb(ss);
+ } else {
+ SSL_TRC(30,
+ ("%d: SSL3[%d]: Ignoring retransmission: "
+ "last retransmission %dms ago, suppressed for %dms",
+ SSL_GETPID(), ss->fd,
+ PR_IntervalNow() - ss->ssl3.hs.rtTimerStarted,
+ ss->ssl3.hs.rtTimeoutMs / 4));
+ }
+
+ } else if (ss->ssl3.hs.rtTimerCb == dtls_FinishedTimerCb) {
+ SSL_TRC(30, ("%d: SSL3[%d]: Retransmit detected in holddown",
+ SSL_GETPID(), ss->fd));
+ /* Retransmit the messages and re-arm the timer
+ * Note that we are not backing off the timer here.
+ * The spec isn't clear and my reasoning is that this
+ * may be a re-ordered packet rather than slowness,
+ * so let's be aggressive. */
+ dtls_CancelTimer(ss);
+ rv = dtls_TransmitMessageFlight(ss);
+ if (rv == SECSuccess) {
+ rv = dtls_StartHolddownTimer(ss);
+ }
+
+ } else {
+ PORT_Assert(ss->ssl3.hs.rtTimerCb == NULL);
+ /* ... and ignore it. */
+ }
+ return rv;
+}
+
+/* Called only from ssl3_HandleRecord, for each (deciphered) DTLS record.
+ * origBuf is the decrypted ssl record content and is expected to contain
+ * complete handshake records
+ * Caller must hold the handshake and RecvBuf locks.
+ *
+ * Note that this code uses msg_len for two purposes:
+ *
+ * (1) To pass the length to ssl3_HandleHandshakeMessage()
+ * (2) To carry the length of a message currently being reassembled
+ *
+ * However, unlike ssl3_HandleHandshake(), it is not used to carry
+ * the state of reassembly (i.e., whether one is in progress). That
+ * is carried in recvdHighWater and recvdFragments.
+ */
+#define OFFSET_BYTE(o) (o / 8)
+#define OFFSET_MASK(o) (1 << (o % 8))
+
+SECStatus
+dtls_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
+{
+ /* XXX OK for now.
+ * This doesn't work properly with asynchronous certificate validation.
+ * because that returns a WOULDBLOCK error. The current DTLS
+ * applications do not need asynchronous validation, but in the
+ * future we will need to add this.
+ */
+ sslBuffer buf = *origBuf;
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ while (buf.len > 0) {
+ PRUint8 type;
+ PRUint32 message_length;
+ PRUint16 message_seq;
+ PRUint32 fragment_offset;
+ PRUint32 fragment_length;
+ PRUint32 offset;
+
+ if (buf.len < 12) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ rv = SECFailure;
+ break;
+ }
+
+ /* Parse the header */
+ type = buf.buf[0];
+ message_length = (buf.buf[1] << 16) | (buf.buf[2] << 8) | buf.buf[3];
+ message_seq = (buf.buf[4] << 8) | buf.buf[5];
+ fragment_offset = (buf.buf[6] << 16) | (buf.buf[7] << 8) | buf.buf[8];
+ fragment_length = (buf.buf[9] << 16) | (buf.buf[10] << 8) | buf.buf[11];
+
+#define MAX_HANDSHAKE_MSG_LEN 0x1ffff /* 128k - 1 */
+ if (message_length > MAX_HANDSHAKE_MSG_LEN) {
+ (void)ssl3_DecodeError(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ return SECFailure;
+ }
+#undef MAX_HANDSHAKE_MSG_LEN
+
+ buf.buf += 12;
+ buf.len -= 12;
+
+ /* This fragment must be complete */
+ if (buf.len < fragment_length) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ rv = SECFailure;
+ break;
+ }
+
+ /* Sanity check the packet contents */
+ if ((fragment_length + fragment_offset) > message_length) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ rv = SECFailure;
+ break;
+ }
+
+ /* There are three ways we could not be ready for this packet.
+ *
+ * 1. It's a partial next message.
+ * 2. It's a partial or complete message beyond the next
+ * 3. It's a message we've already seen
+ *
+ * If it's the complete next message we accept it right away.
+ * This is the common case for short messages
+ */
+ if ((message_seq == ss->ssl3.hs.recvMessageSeq) &&
+ (fragment_offset == 0) &&
+ (fragment_length == message_length)) {
+ /* Complete next message. Process immediately */
+ ss->ssl3.hs.msg_type = (SSL3HandshakeType)type;
+ ss->ssl3.hs.msg_len = message_length;
+
+ /* At this point we are advancing our state machine, so
+ * we can free our last flight of messages */
+ dtls_FreeHandshakeMessages(&ss->ssl3.hs.lastMessageFlight);
+ ss->ssl3.hs.recvdHighWater = -1;
+ dtls_CancelTimer(ss);
+
+ /* Reset the timer to the initial value if the retry counter
+ * is 0, per Sec. 4.2.4.1 */
+ if (ss->ssl3.hs.rtRetries == 0) {
+ ss->ssl3.hs.rtTimeoutMs = DTLS_RETRANSMIT_INITIAL_MS;
+ }
+
+ rv = ssl3_HandleHandshakeMessage(ss, buf.buf, ss->ssl3.hs.msg_len,
+ buf.len == fragment_length);
+ if (rv == SECFailure) {
+ /* Do not attempt to process rest of messages in this record */
+ break;
+ }
+ } else {
+ if (message_seq < ss->ssl3.hs.recvMessageSeq) {
+ /* Case 3: we do an immediate retransmit if we're
+ * in a waiting state. */
+ rv = dtls_RetransmitDetected(ss);
+ break;
+ } else if (message_seq > ss->ssl3.hs.recvMessageSeq) {
+ /* Case 2
+ *
+ * Ignore this message. This means we don't handle out of
+ * order complete messages that well, but we're still
+ * compliant and this probably does not happen often
+ *
+ * XXX OK for now. Maybe do something smarter at some point?
+ */
+ } else {
+ /* Case 1
+ *
+ * Buffer the fragment for reassembly
+ */
+ /* Make room for the message */
+ if (ss->ssl3.hs.recvdHighWater == -1) {
+ PRUint32 map_length = OFFSET_BYTE(message_length) + 1;
+
+ rv = sslBuffer_Grow(&ss->ssl3.hs.msg_body, message_length);
+ if (rv != SECSuccess)
+ break;
+ /* Make room for the fragment map */
+ rv = sslBuffer_Grow(&ss->ssl3.hs.recvdFragments,
+ map_length);
+ if (rv != SECSuccess)
+ break;
+
+ /* Reset the reassembly map */
+ ss->ssl3.hs.recvdHighWater = 0;
+ PORT_Memset(ss->ssl3.hs.recvdFragments.buf, 0,
+ ss->ssl3.hs.recvdFragments.space);
+ ss->ssl3.hs.msg_type = (SSL3HandshakeType)type;
+ ss->ssl3.hs.msg_len = message_length;
+ }
+
+ /* If we have a message length mismatch, abandon the reassembly
+ * in progress and hope that the next retransmit will give us
+ * something sane
+ */
+ if (message_length != ss->ssl3.hs.msg_len) {
+ ss->ssl3.hs.recvdHighWater = -1;
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ rv = SECFailure;
+ break;
+ }
+
+ /* Now copy this fragment into the buffer */
+ PORT_Assert((fragment_offset + fragment_length) <=
+ ss->ssl3.hs.msg_body.space);
+ PORT_Memcpy(ss->ssl3.hs.msg_body.buf + fragment_offset,
+ buf.buf, fragment_length);
+
+ /* This logic is a bit tricky. We have two values for
+ * reassembly state:
+ *
+ * - recvdHighWater contains the highest contiguous number of
+ * bytes received
+ * - recvdFragments contains a bitmask of packets received
+ * above recvdHighWater
+ *
+ * This avoids having to fill in the bitmask in the common
+ * case of adjacent fragments received in sequence
+ */
+ if (fragment_offset <= (unsigned int)ss->ssl3.hs.recvdHighWater) {
+ /* Either this is the adjacent fragment or an overlapping
+ * fragment */
+ ss->ssl3.hs.recvdHighWater = fragment_offset +
+ fragment_length;
+ } else {
+ for (offset = fragment_offset;
+ offset < fragment_offset + fragment_length;
+ offset++) {
+ ss->ssl3.hs.recvdFragments.buf[OFFSET_BYTE(offset)] |=
+ OFFSET_MASK(offset);
+ }
+ }
+
+ /* Now figure out the new high water mark if appropriate */
+ for (offset = ss->ssl3.hs.recvdHighWater;
+ offset < ss->ssl3.hs.msg_len; offset++) {
+ /* Note that this loop is not efficient, since it counts
+ * bit by bit. If we have a lot of out-of-order packets,
+ * we should optimize this */
+ if (ss->ssl3.hs.recvdFragments.buf[OFFSET_BYTE(offset)] &
+ OFFSET_MASK(offset)) {
+ ss->ssl3.hs.recvdHighWater++;
+ } else {
+ break;
+ }
+ }
+
+ /* If we have all the bytes, then we are good to go */
+ if (ss->ssl3.hs.recvdHighWater == ss->ssl3.hs.msg_len) {
+ ss->ssl3.hs.recvdHighWater = -1;
+
+ rv = ssl3_HandleHandshakeMessage(
+ ss,
+ ss->ssl3.hs.msg_body.buf, ss->ssl3.hs.msg_len,
+ buf.len == fragment_length);
+ if (rv == SECFailure)
+ break; /* Skip rest of record */
+
+ /* At this point we are advancing our state machine, so
+ * we can free our last flight of messages */
+ dtls_FreeHandshakeMessages(&ss->ssl3.hs.lastMessageFlight);
+ dtls_CancelTimer(ss);
+
+ /* If there have been no retries this time, reset the
+ * timer value to the default per Section 4.2.4.1 */
+ if (ss->ssl3.hs.rtRetries == 0) {
+ ss->ssl3.hs.rtTimeoutMs = DTLS_RETRANSMIT_INITIAL_MS;
+ }
+ }
+ }
+ }
+
+ buf.buf += fragment_length;
+ buf.len -= fragment_length;
+ }
+
+ origBuf->len = 0; /* So ssl3_GatherAppDataRecord will keep looping. */
+
+ /* XXX OK for now. In future handle rv == SECWouldBlock safely in order
+ * to deal with asynchronous certificate verification */
+ return rv;
+}
+
+/* Enqueue a message (either handshake or CCS)
+ *
+ * Called from:
+ * dtls_StageHandshakeMessage()
+ * ssl3_SendChangeCipherSpecs()
+ */
+SECStatus
+dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
+ const SSL3Opaque *pIn, PRInt32 nIn)
+{
+ SECStatus rv = SECSuccess;
+ DTLSQueuedMessage *msg = NULL;
+ ssl3CipherSpec *spec;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ spec = ss->ssl3.cwSpec;
+ msg = dtls_AllocQueuedMessage(spec, type, pIn, nIn);
+
+ if (!msg) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ } else {
+ PR_APPEND_LINK(&msg->link, &ss->ssl3.hs.lastMessageFlight);
+ }
+
+ return rv;
+}
+
+/* Add DTLS handshake message to the pending queue
+ * Empty the sendBuf buffer.
+ * This function returns SECSuccess or SECFailure, never SECWouldBlock.
+ * Always set sendBuf.len to 0, even when returning SECFailure.
+ *
+ * Called from:
+ * ssl3_AppendHandshakeHeader()
+ * dtls_FlushHandshake()
+ */
+SECStatus
+dtls_StageHandshakeMessage(sslSocket *ss)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ /* This function is sometimes called when no data is actually to
+ * be staged, so just return SECSuccess. */
+ if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
+ return rv;
+
+ rv = dtls_QueueMessage(ss, content_handshake,
+ ss->sec.ci.sendBuf.buf, ss->sec.ci.sendBuf.len);
+
+ /* Whether we succeeded or failed, toss the old handshake data. */
+ ss->sec.ci.sendBuf.len = 0;
+ return rv;
+}
+
+/* Enqueue the handshake message in sendBuf (if any) and then
+ * transmit the resulting flight of handshake messages.
+ *
+ * Called from:
+ * ssl3_FlushHandshake()
+ */
+SECStatus
+dtls_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ rv = dtls_StageHandshakeMessage(ss);
+ if (rv != SECSuccess)
+ return rv;
+
+ if (!(flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
+ rv = dtls_TransmitMessageFlight(ss);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ if (!(flags & ssl_SEND_FLAG_NO_RETRANSMIT)) {
+ rv = dtls_StartRetransmitTimer(ss);
+ }
+ }
+
+ return rv;
+}
+
+/* The callback for when the retransmit timer expires
+ *
+ * Called from:
+ * dtls_CheckTimer()
+ * dtls_HandleHandshake()
+ */
+static void
+dtls_RetransmitTimerExpiredCb(sslSocket *ss)
+{
+ SECStatus rv;
+
+ ss->ssl3.hs.rtRetries++;
+
+ if (!(ss->ssl3.hs.rtRetries % 3)) {
+ /* If one of the messages was potentially greater than > MTU,
+ * then downgrade. Do this every time we have retransmitted a
+ * message twice, per RFC 6347 Sec. 4.1.1 */
+ dtls_SetMTU(ss, ss->ssl3.hs.maxMessageSent - 1);
+ }
+
+ rv = dtls_TransmitMessageFlight(ss);
+ if (rv == SECSuccess) {
+ /* Re-arm the timer */
+ ss->ssl3.hs.rtTimeoutMs *= 2;
+ if (ss->ssl3.hs.rtTimeoutMs > DTLS_RETRANSMIT_MAX_MS) {
+ ss->ssl3.hs.rtTimeoutMs = DTLS_RETRANSMIT_MAX_MS;
+ }
+
+ ss->ssl3.hs.rtTimerStarted = PR_IntervalNow();
+ ss->ssl3.hs.rtTimerCb = dtls_RetransmitTimerExpiredCb;
+
+ SSL_TRC(30,
+ ("%d: SSL3[%d]: Retransmit #%d, next in %d",
+ SSL_GETPID(), ss->fd,
+ ss->ssl3.hs.rtRetries, ss->ssl3.hs.rtTimeoutMs));
+ }
+ /* else: OK for now. In future maybe signal the stack that we couldn't
+ * transmit. For now, let the read handle any real network errors */
+}
+
+/* Transmit a flight of handshake messages, stuffing them
+ * into as few records as seems reasonable
+ *
+ * Called from:
+ * dtls_FlushHandshake()
+ * dtls_RetransmitTimerExpiredCb()
+ */
+static SECStatus
+dtls_TransmitMessageFlight(sslSocket *ss)
+{
+ SECStatus rv = SECSuccess;
+ PRCList *msg_p;
+ PRUint16 room_left = ss->ssl3.mtu;
+ PRInt32 sent;
+
+ ssl_GetXmitBufLock(ss);
+ ssl_GetSpecReadLock(ss);
+
+ /* DTLS does not buffer its handshake messages in
+ * ss->pendingBuf, but rather in the lastMessageFlight
+ * structure. This is just a sanity check that
+ * some programming error hasn't inadvertantly
+ * stuffed something in ss->pendingBuf
+ */
+ PORT_Assert(!ss->pendingBuf.len);
+ for (msg_p = PR_LIST_HEAD(&ss->ssl3.hs.lastMessageFlight);
+ msg_p != &ss->ssl3.hs.lastMessageFlight;
+ msg_p = PR_NEXT_LINK(msg_p)) {
+ DTLSQueuedMessage *msg = (DTLSQueuedMessage *)msg_p;
+
+ /* The logic here is:
+ *
+ * 1. If this is a message that will not fit into the remaining
+ * space, then flush.
+ * 2. If the message will now fit into the remaining space,
+ * encrypt, buffer, and loop.
+ * 3. If the message will not fit, then fragment.
+ *
+ * At the end of the function, flush.
+ */
+ if ((msg->len + SSL3_BUFFER_FUDGE) > room_left) {
+ /* The message will not fit into the remaining space, so flush */
+ rv = dtls_SendSavedWriteData(ss);
+ if (rv != SECSuccess)
+ break;
+
+ room_left = ss->ssl3.mtu;
+ }
+
+ if ((msg->len + SSL3_BUFFER_FUDGE) <= room_left) {
+ /* The message will fit, so encrypt and then continue with the
+ * next packet */
+ sent = ssl3_SendRecord(ss, msg->cwSpec, msg->type,
+ msg->data, msg->len,
+ ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ if (sent != msg->len) {
+ rv = SECFailure;
+ if (sent != -1) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+ break;
+ }
+
+ room_left = ss->ssl3.mtu - ss->pendingBuf.len;
+ } else {
+ /* The message will not fit, so fragment.
+ *
+ * XXX OK for now. Arrange to coalesce the last fragment
+ * of this message with the next message if possible.
+ * That would be more efficient.
+ */
+ PRUint32 fragment_offset = 0;
+ unsigned char fragment[DTLS_MAX_MTU]; /* >= than largest
+ * plausible MTU */
+
+ /* Assert that we have already flushed */
+ PORT_Assert(room_left == ss->ssl3.mtu);
+
+ /* Case 3: We now need to fragment this message
+ * DTLS only supports fragmenting handshaking messages */
+ PORT_Assert(msg->type == content_handshake);
+
+ /* The headers consume 12 bytes so the smalles possible
+ * message (i.e., an empty one) is 12 bytes
+ */
+ PORT_Assert(msg->len >= 12);
+
+ while ((fragment_offset + 12) < msg->len) {
+ PRUint32 fragment_len;
+ const unsigned char *content = msg->data + 12;
+ PRUint32 content_len = msg->len - 12;
+
+ /* The reason we use 8 here is that that's the length of
+ * the new DTLS data that we add to the header */
+ fragment_len = PR_MIN((PRUint32)room_left - (SSL3_BUFFER_FUDGE + 8),
+ content_len - fragment_offset);
+ PORT_Assert(fragment_len < DTLS_MAX_MTU - 12);
+ /* Make totally sure that we are within the buffer.
+ * Note that the only way that fragment len could get
+ * adjusted here is if
+ *
+ * (a) we are in release mode so the PORT_Assert is compiled out
+ * (b) either the MTU table is inconsistent with DTLS_MAX_MTU
+ * or ss->ssl3.mtu has become corrupt.
+ */
+ fragment_len = PR_MIN(fragment_len, DTLS_MAX_MTU - 12);
+
+ /* Construct an appropriate-sized fragment */
+ /* Type, length, sequence */
+ PORT_Memcpy(fragment, msg->data, 6);
+
+ /* Offset */
+ fragment[6] = (fragment_offset >> 16) & 0xff;
+ fragment[7] = (fragment_offset >> 8) & 0xff;
+ fragment[8] = (fragment_offset)&0xff;
+
+ /* Fragment length */
+ fragment[9] = (fragment_len >> 16) & 0xff;
+ fragment[10] = (fragment_len >> 8) & 0xff;
+ fragment[11] = (fragment_len)&0xff;
+
+ PORT_Memcpy(fragment + 12, content + fragment_offset,
+ fragment_len);
+
+ /*
+ * Send the record. We do this in two stages
+ * 1. Encrypt
+ */
+ sent = ssl3_SendRecord(ss, msg->cwSpec, msg->type,
+ fragment, fragment_len + 12,
+ ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ if (sent != (fragment_len + 12)) {
+ rv = SECFailure;
+ if (sent != -1) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+ break;
+ }
+
+ /* 2. Flush */
+ rv = dtls_SendSavedWriteData(ss);
+ if (rv != SECSuccess)
+ break;
+
+ fragment_offset += fragment_len;
+ }
+ }
+ }
+
+ /* Finally, we need to flush */
+ if (rv == SECSuccess)
+ rv = dtls_SendSavedWriteData(ss);
+
+ /* Give up the locks */
+ ssl_ReleaseSpecReadLock(ss);
+ ssl_ReleaseXmitBufLock(ss);
+
+ return rv;
+}
+
+/* Flush the data in the pendingBuf and update the max message sent
+ * so we can adjust the MTU estimate if we need to.
+ * Wrapper for ssl_SendSavedWriteData.
+ *
+ * Called from dtls_TransmitMessageFlight()
+ */
+static SECStatus
+dtls_SendSavedWriteData(sslSocket *ss)
+{
+ PRInt32 sent;
+
+ sent = ssl_SendSavedWriteData(ss);
+ if (sent < 0)
+ return SECFailure;
+
+ /* We should always have complete writes b/c datagram sockets
+ * don't really block */
+ if (ss->pendingBuf.len > 0) {
+ ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
+ return SECFailure;
+ }
+
+ /* Update the largest message sent so we can adjust the MTU
+ * estimate if necessary */
+ if (sent > ss->ssl3.hs.maxMessageSent)
+ ss->ssl3.hs.maxMessageSent = sent;
+
+ return SECSuccess;
+}
+
+static SECStatus
+dtls_StartTimer(sslSocket *ss, PRUint32 time, DTLSTimerCb cb)
+{
+ PORT_Assert(ss->ssl3.hs.rtTimerCb == NULL);
+
+ ss->ssl3.hs.rtRetries = 0;
+ ss->ssl3.hs.rtTimerStarted = PR_IntervalNow();
+ ss->ssl3.hs.rtTimeoutMs = time;
+ ss->ssl3.hs.rtTimerCb = cb;
+ return SECSuccess;
+}
+
+/* Start a timer for retransmission. */
+static SECStatus
+dtls_StartRetransmitTimer(sslSocket *ss)
+{
+ return dtls_StartTimer(ss, DTLS_RETRANSMIT_INITIAL_MS,
+ dtls_RetransmitTimerExpiredCb);
+}
+
+/* Start a timer for holding an old cipher spec. */
+SECStatus
+dtls_StartHolddownTimer(sslSocket *ss)
+{
+ return dtls_StartTimer(ss, DTLS_RETRANSMIT_FINISHED_MS,
+ dtls_FinishedTimerCb);
+}
+
+/* Cancel a pending timer
+ *
+ * Called from:
+ * dtls_HandleHandshake()
+ * dtls_CheckTimer()
+ */
+void
+dtls_CancelTimer(sslSocket *ss)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ ss->ssl3.hs.rtTimerCb = NULL;
+}
+
+/* Check the pending timer and fire the callback if it expired
+ *
+ * Called from ssl3_GatherCompleteHandshake()
+ */
+void
+dtls_CheckTimer(sslSocket *ss)
+{
+ ssl_GetSSL3HandshakeLock(ss);
+ if (!ss->ssl3.hs.rtTimerCb) {
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ return;
+ }
+
+ if ((PR_IntervalNow() - ss->ssl3.hs.rtTimerStarted) >
+ PR_MillisecondsToInterval(ss->ssl3.hs.rtTimeoutMs)) {
+ /* Timer has expired */
+ DTLSTimerCb cb = ss->ssl3.hs.rtTimerCb;
+
+ /* Cancel the timer so that we can call the CB safely */
+ dtls_CancelTimer(ss);
+
+ /* Now call the CB */
+ cb(ss);
+ }
+ ssl_ReleaseSSL3HandshakeLock(ss);
+}
+
+/* The callback to fire when the holddown timer for the Finished
+ * message expires and we can delete it
+ *
+ * Called from dtls_CheckTimer()
+ */
+static void
+dtls_FinishedTimerCb(sslSocket *ss)
+{
+ dtls_FreeHandshakeMessages(&ss->ssl3.hs.lastMessageFlight);
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ ssl3_DestroyCipherSpec(ss->ssl3.pwSpec, PR_FALSE);
+ }
+}
+
+/* Cancel the Finished hold-down timer and destroy the
+ * pending cipher spec. Note that this means that
+ * successive rehandshakes will fail if the Finished is
+ * lost.
+ *
+ * XXX OK for now. Figure out how to handle the combination
+ * of Finished lost and rehandshake
+ */
+void
+dtls_RehandshakeCleanup(sslSocket *ss)
+{
+ /* Skip this if we are handling a second ClientHello. */
+ if (ss->ssl3.hs.helloRetry) {
+ return;
+ }
+ PORT_Assert((ss->version < SSL_LIBRARY_VERSION_TLS_1_3));
+ dtls_CancelTimer(ss);
+ ssl3_DestroyCipherSpec(ss->ssl3.pwSpec, PR_FALSE);
+ ss->ssl3.hs.sendMessageSeq = 0;
+ ss->ssl3.hs.recvMessageSeq = 0;
+}
+
+/* Set the MTU to the next step less than or equal to the
+ * advertised value. Also used to downgrade the MTU by
+ * doing dtls_SetMTU(ss, biggest packet set).
+ *
+ * Passing 0 means set this to the largest MTU known
+ * (effectively resetting the PMTU backoff value).
+ *
+ * Called by:
+ * ssl3_InitState()
+ * dtls_RetransmitTimerExpiredCb()
+ */
+void
+dtls_SetMTU(sslSocket *ss, PRUint16 advertised)
+{
+ int i;
+
+ if (advertised == 0) {
+ ss->ssl3.mtu = COMMON_MTU_VALUES[0];
+ SSL_TRC(30, ("Resetting MTU to %d", ss->ssl3.mtu));
+ return;
+ }
+
+ for (i = 0; i < PR_ARRAY_SIZE(COMMON_MTU_VALUES); i++) {
+ if (COMMON_MTU_VALUES[i] <= advertised) {
+ ss->ssl3.mtu = COMMON_MTU_VALUES[i];
+ SSL_TRC(30, ("Resetting MTU to %d", ss->ssl3.mtu));
+ return;
+ }
+ }
+
+ /* Fallback */
+ ss->ssl3.mtu = COMMON_MTU_VALUES[PR_ARRAY_SIZE(COMMON_MTU_VALUES) - 1];
+ SSL_TRC(30, ("Resetting MTU to %d", ss->ssl3.mtu));
+}
+
+/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a
+ * DTLS hello_verify_request
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+SECStatus
+dtls_HandleHelloVerifyRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ int errCode = SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST;
+ SECStatus rv;
+ SSL3ProtocolVersion temp;
+ SSL3AlertDescription desc = illegal_parameter;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle hello_verify_request handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->ssl3.hs.ws != wait_server_hello) {
+ errCode = SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST;
+ desc = unexpected_message;
+ goto alert_loser;
+ }
+
+ /* The version.
+ *
+ * RFC 4347 required that you verify that the server versions
+ * match (Section 4.2.1) in the HelloVerifyRequest and the
+ * ServerHello.
+ *
+ * RFC 6347 suggests (SHOULD) that servers always use 1.0 in
+ * HelloVerifyRequest and allows the versions not to match,
+ * especially when 1.2 is being negotiated.
+ *
+ * Therefore we do not do anything to enforce a match, just
+ * read and check that this value is sane.
+ */
+ rv = ssl_ClientReadVersion(ss, &b, &length, &temp);
+ if (rv != SECSuccess) {
+ goto loser; /* alert has been sent */
+ }
+
+ /* Read the cookie.
+ * IMPORTANT: The value of ss->ssl3.hs.cookie is only valid while the
+ * HelloVerifyRequest message remains valid. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &ss->ssl3.hs.cookie, 1, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* alert has been sent */
+ }
+ if (ss->ssl3.hs.cookie.len > DTLS_COOKIE_BYTES) {
+ desc = decode_error;
+ goto alert_loser; /* malformed. */
+ }
+
+ ssl_GetXmitBufLock(ss); /*******************************/
+
+ /* Now re-send the client hello */
+ rv = ssl3_SendClientHello(ss, client_hello_retransmit);
+
+ ssl_ReleaseXmitBufLock(ss); /*******************************/
+
+ if (rv == SECSuccess)
+ return rv;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+
+loser:
+ ssl_MapLowLevelError(errCode);
+ return SECFailure;
+}
+
+/* Initialize the DTLS anti-replay window
+ *
+ * Called from:
+ * ssl3_SetupPendingCipherSpec()
+ * ssl3_InitCipherSpec()
+ */
+void
+dtls_InitRecvdRecords(DTLSRecvdRecords *records)
+{
+ PORT_Memset(records->data, 0, sizeof(records->data));
+ records->left = 0;
+ records->right = DTLS_RECVD_RECORDS_WINDOW - 1;
+}
+
+/*
+ * Has this DTLS record been received? Return values are:
+ * -1 -- out of range to the left
+ * 0 -- not received yet
+ * 1 -- replay
+ *
+ * Called from: ssl3_HandleRecord()
+ */
+int
+dtls_RecordGetRecvd(const DTLSRecvdRecords *records, sslSequenceNumber seq)
+{
+ PRUint64 offset;
+
+ /* Out of range to the left */
+ if (seq < records->left) {
+ return -1;
+ }
+
+ /* Out of range to the right; since we advance the window on
+ * receipt, that means that this packet has not been received
+ * yet */
+ if (seq > records->right)
+ return 0;
+
+ offset = seq % DTLS_RECVD_RECORDS_WINDOW;
+
+ return !!(records->data[offset / 8] & (1 << (offset % 8)));
+}
+
+/* Update the DTLS anti-replay window
+ *
+ * Called from ssl3_HandleRecord()
+ */
+void
+dtls_RecordSetRecvd(DTLSRecvdRecords *records, sslSequenceNumber seq)
+{
+ PRUint64 offset;
+
+ if (seq < records->left)
+ return;
+
+ if (seq > records->right) {
+ sslSequenceNumber new_left;
+ sslSequenceNumber new_right;
+ sslSequenceNumber right;
+
+ /* Slide to the right; this is the tricky part
+ *
+ * 1. new_top is set to have room for seq, on the
+ * next byte boundary by setting the right 8
+ * bits of seq
+ * 2. new_left is set to compensate.
+ * 3. Zero all bits between top and new_top. Since
+ * this is a ring, this zeroes everything as-yet
+ * unseen. Because we always operate on byte
+ * boundaries, we can zero one byte at a time
+ */
+ new_right = seq | 0x07;
+ new_left = (new_right - DTLS_RECVD_RECORDS_WINDOW) + 1;
+
+ if (new_right > records->right + DTLS_RECVD_RECORDS_WINDOW) {
+ PORT_Memset(records->data, 0, sizeof(records->data));
+ } else {
+ for (right = records->right + 8; right <= new_right; right += 8) {
+ offset = right % DTLS_RECVD_RECORDS_WINDOW;
+ records->data[offset / 8] = 0;
+ }
+ }
+
+ records->right = new_right;
+ records->left = new_left;
+ }
+
+ offset = seq % DTLS_RECVD_RECORDS_WINDOW;
+
+ records->data[offset / 8] |= (1 << (offset % 8));
+}
+
+SECStatus
+DTLS_GetHandshakeTimeout(PRFileDesc *socket, PRIntervalTime *timeout)
+{
+ sslSocket *ss = NULL;
+ PRIntervalTime elapsed;
+ PRIntervalTime desired;
+
+ ss = ssl_FindSocket(socket);
+
+ if (!ss)
+ return SECFailure;
+
+ if (!IS_DTLS(ss))
+ return SECFailure;
+
+ if (!ss->ssl3.hs.rtTimerCb)
+ return SECFailure;
+
+ elapsed = PR_IntervalNow() - ss->ssl3.hs.rtTimerStarted;
+ desired = PR_MillisecondsToInterval(ss->ssl3.hs.rtTimeoutMs);
+ if (elapsed > desired) {
+ /* Timer expired */
+ *timeout = PR_INTERVAL_NO_WAIT;
+ } else {
+ *timeout = desired - elapsed;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * DTLS relevance checks:
+ * Note that this code currently ignores all out-of-epoch packets,
+ * which means we lose some in the case of rehandshake +
+ * loss/reordering. Since DTLS is explicitly unreliable, this
+ * seems like a good tradeoff for implementation effort and is
+ * consistent with the guidance of RFC 6347 Sections 4.1 and 4.2.4.1.
+ *
+ * If the packet is not relevant, this function returns PR_FALSE.
+ * If the packet is relevant, this function returns PR_TRUE
+ * and sets |*seqNum| to the packet sequence number.
+ */
+PRBool
+dtls_IsRelevant(sslSocket *ss, const SSL3Ciphertext *cText,
+ PRBool *sameEpoch, PRUint64 *seqNum)
+{
+ const ssl3CipherSpec *crSpec = ss->ssl3.crSpec;
+ DTLSEpoch epoch;
+ sslSequenceNumber dtls_seq_num;
+
+ epoch = cText->seq_num >> 48;
+ *sameEpoch = crSpec->epoch == epoch;
+ if (!*sameEpoch) {
+ SSL_DBG(("%d: SSL3[%d]: dtls_IsRelevant, received packet "
+ "from irrelevant epoch %d",
+ SSL_GETPID(), ss->fd, epoch));
+ return PR_FALSE;
+ }
+
+ dtls_seq_num = cText->seq_num & RECORD_SEQ_MAX;
+ if (dtls_RecordGetRecvd(&crSpec->recvdRecords, dtls_seq_num) != 0) {
+ SSL_DBG(("%d: SSL3[%d]: dtls_IsRelevant, rejecting "
+ "potentially replayed packet",
+ SSL_GETPID(), ss->fd));
+ return PR_FALSE;
+ }
+
+ *seqNum = dtls_seq_num;
+ return PR_TRUE;
+}
+
+/* In TLS 1.3, a client that receives a retransmission of the server's first
+ * flight will reject that message and discard it (see dtls_IsRelevant() above).
+ * However, we need to trigger retransmission to prevent loss of the client's
+ * last flight from causing the connection to fail.
+ *
+ * This only triggers for a retransmitted ServerHello. Other (encrypted)
+ * handshake messages do not trigger retransmission, so we are a little more
+ * exposed to loss than is ideal.
+ *
+ * Note: This isn't an issue in earlier versions because the second-to-last
+ * flight (sent by the server) includes the Finished message, which is not
+ * dropped because it has the same epoch that the client currently expects.
+ */
+SECStatus
+dtls_MaybeRetransmitHandshake(sslSocket *ss, const SSL3Ciphertext *cText,
+ PRBool sameEpoch)
+{
+ SECStatus rv = SECSuccess;
+ DTLSEpoch messageEpoch = cText->seq_num >> 48;
+
+ /* Drop messages from other epochs if we are ignoring things. */
+ if (!sameEpoch && ss->ssl3.hs.zeroRttIgnore != ssl_0rtt_ignore_none) {
+ return SECSuccess;
+ }
+
+ if (!ss->sec.isServer && ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
+ messageEpoch == 0 && cText->type == content_handshake) {
+ ssl_GetSSL3HandshakeLock(ss);
+ if (ss->ssl3.hs.rtTimerCb == dtls_FinishedTimerCb &&
+ ss->ssl3.hs.ws == idle_handshake) {
+ rv = dtls_RetransmitDetected(ss);
+ }
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ }
+ return rv;
+}
diff --git a/security/nss/lib/ssl/exports.gyp b/security/nss/lib/ssl/exports.gyp
new file mode 100644
index 000000000..e2123af84
--- /dev/null
+++ b/security/nss/lib/ssl/exports.gyp
@@ -0,0 +1,29 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_ssl_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'preenc.h',
+ 'ssl.h',
+ 'sslerr.h',
+ 'sslproto.h',
+ 'sslt.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/ssl/manifest.mn b/security/nss/lib/ssl/manifest.mn
new file mode 100644
index 000000000..e7564edb2
--- /dev/null
+++ b/security/nss/lib/ssl/manifest.mn
@@ -0,0 +1,57 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+# DEFINES = -DTRACE
+
+EXPORTS = \
+ ssl.h \
+ sslt.h \
+ sslerr.h \
+ sslproto.h \
+ preenc.h \
+ $(NULL)
+
+MODULE = nss
+MAPFILE = $(OBJDIR)/ssl.def
+
+CSRCS = \
+ dtlscon.c \
+ prelib.c \
+ ssl3con.c \
+ ssl3gthr.c \
+ sslauth.c \
+ sslcon.c \
+ ssldef.c \
+ sslenum.c \
+ sslerr.c \
+ sslerrstrs.c \
+ sslinit.c \
+ ssl3ext.c \
+ ssl3exthandle.c \
+ sslmutex.c \
+ sslnonce.c \
+ sslreveal.c \
+ sslsecur.c \
+ sslsnce.c \
+ sslsock.c \
+ ssltrace.c \
+ sslver.c \
+ authcert.c \
+ cmpcert.c \
+ sslinfo.c \
+ ssl3ecc.c \
+ tls13con.c \
+ tls13exthandle.c \
+ tls13hkdf.c \
+ sslcert.c \
+ sslgrp.c \
+ $(NULL)
+
+LIBRARY_NAME = ssl
+LIBRARY_VERSION = 3
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/ssl/notes.txt b/security/nss/lib/ssl/notes.txt
new file mode 100644
index 000000000..7a8998a85
--- /dev/null
+++ b/security/nss/lib/ssl/notes.txt
@@ -0,0 +1,104 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+SSL's Buffers: enumerated and explained.
+
+---------------------------------------------------------------------------
+incoming:
+
+gs = ss->gather
+hs = ss->ssl3->hs
+
+gs->inbuf incoming (encrypted) ssl records are placed here,
+ and then decrypted (or copied) to gs->buf.
+
+gs->buf ssl3_HandleHandshake puts decrypted ssl records here.
+
+hs.msg_body When an incoming handshake message spans more
+ than one ssl record, the first part(s) of it are accumulated
+ here until it all arrives.
+
+hs.msgState an alternative set of pointers/lengths for gs->buf.
+ Used only when a handleHandshake function returns SECWouldBlock.
+ ssl3_HandleHandshake remembers how far it previously got by
+ using these pointers instead of gs->buf when it is called
+ after a previous SECWouldBlock return.
+
+---------------------------------------------------------------------------
+outgoing:
+
+sec = ss->sec
+ci = ss->sec->ci /* connect info */
+
+ci->sendBuf Outgoing handshake messages are appended to this buffer.
+ This buffer will then be sent as a single SSL record.
+
+sec->writeBuf outgoing ssl records are constructed here and encrypted in
+ place before being written or copied to pendingBuf.
+
+ss->pendingBuf contains outgoing ciphertext that was saved after a write
+ attempt to the socket failed, e.g. EWouldBlock.
+ Generally empty with blocking sockets (should be no incomplete
+ writes).
+
+ss->saveBuf Used only by socks code. Intended to be used to buffer
+ outgoing data until a socks handshake completes. However,
+ this buffer is always empty. There is no code to put
+ anything into it.
+
+---------------------------------------------------------------------------
+
+SECWouldBlock means that the function cannot make progress because it is
+waiting for some event OTHER THAN socket I/O completion (e.g. waiting for
+user dialog to finish). It is not the same as EWOULDBLOCK.
+
+---------------------------------------------------------------------------
+
+Rank (order) of locks
+
+recvLock ->\ firstHandshake -> recvbuf -> ssl3Handshake -> xmitbuf -> "spec"
+sendLock ->/
+
+crypto and hash Data that must be protected while turning plaintext into
+ciphertext:
+
+SSl3: (in ssl3_SendPlainText)
+ ss->ssl3 (the pointer)
+ ss->ssl3->current_write* (the pointer and the data in the spec
+ and any data referenced by the spec.
+
+ ss->sec->isServer
+ ss->sec->writebuf* (ptr & content) locked by xmitBufLock
+ "buf" locked by xmitBufLock
+
+crypto and hash data that must be protected while turning ciphertext into
+plaintext:
+
+SSL3: (in ssl3_HandleRecord )
+ ssl3->current_read* (the pointer and all data refernced)
+ ss->sec->isServer
+
+
+Data that must be protected while being used by a "writer":
+
+ss->pendingBuf.*
+ss->saveBuf.* (which is dead)
+
+in ssl3_sendPlainText
+
+ss->ssl3->current_write-> (spec)
+ss->sec->writeBuf.*
+ss->sec->isServer
+
+in SendBlock
+
+ss->sec->writeBuf.*
+ss->pendingBuf
+
+--------------------------------------------------------------------------
+
+Data variables (not const) protected by the "sslGlobalDataLock".
+Note, this really should be a reader/writer lock.
+
+cipherSuites[] ssl3con.c
diff --git a/security/nss/lib/ssl/os2_err.c b/security/nss/lib/ssl/os2_err.c
new file mode 100644
index 000000000..6e3d423f4
--- /dev/null
+++ b/security/nss/lib/ssl/os2_err.c
@@ -0,0 +1,330 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes. We would use
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * this code will continue to need to be replicated.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prerror.h"
+#include "prlog.h"
+#include <errno.h>
+
+/*
+ * Based on win32err.c
+ * OS2TODO Stub everything for now to build. HCT
+ */
+
+/* forward declaration. */
+void nss_MD_os2_map_default_error(PRInt32 err);
+
+void
+nss_MD_os2_map_opendir_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_closedir_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_readdir_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_delete_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+/* The error code for stat() is in errno. */
+void
+nss_MD_os2_map_stat_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_fstat_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_rename_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+/* The error code for access() is in errno. */
+void
+nss_MD_os2_map_access_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_mkdir_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_rmdir_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_read_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_transmitfile_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_write_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_lseek_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_fsync_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+/*
+ * For both CloseHandle() and closesocket().
+ */
+void
+nss_MD_os2_map_close_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_socket_error(PRInt32 err)
+{
+ // PR_ASSERT(err != WSANOTINITIALISED);
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_recv_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_recvfrom_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_send_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_sendto_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_accept_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
+ // case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_acceptex_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_connect_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
+ // case WSAEINVAL: prError = PR_ALREADY_INITIATED_ERROR; break;
+ // case WSAETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_bind_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_listen_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
+ // case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_shutdown_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_getsockname_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_getpeername_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_getsockopt_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_setsockopt_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_open_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_gethostname_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+/* Win32 select() only works on sockets. So in this
+** context, WSAENOTSOCK is equivalent to EBADF on Unix.
+*/
+void
+nss_MD_os2_map_select_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ // case WSAENOTSOCK: prError = PR_BAD_DESCRIPTOR_ERROR; break;
+ default:
+ nss_MD_os2_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_os2_map_lockf_error(PRInt32 err)
+{
+ nss_MD_os2_map_default_error(err);
+}
+
+void
+nss_MD_os2_map_default_error(PRInt32 err)
+{
+ PRErrorCode prError;
+
+ switch (err) {
+// case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
+// case ERROR_ACCESS_DENIED: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+// case ERROR_ALREADY_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
+// case ERROR_DISK_CORRUPT: prError = PR_IO_ERROR; break;
+// case ERROR_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
+// case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
+// case ERROR_DRIVE_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
+// case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
+// case ERROR_FILE_CORRUPT: prError = PR_IO_ERROR; break;
+// case ERROR_FILE_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
+// case ERROR_FILE_INVALID: prError = PR_BAD_DESCRIPTOR_ERROR; break;
+#if ERROR_FILE_NOT_FOUND != ENOENT
+// case ERROR_FILE_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
+#endif
+ default:
+ prError = PR_UNKNOWN_ERROR;
+ break;
+ }
+ PR_SetError(prError, err);
+}
diff --git a/security/nss/lib/ssl/os2_err.h b/security/nss/lib/ssl/os2_err.h
new file mode 100644
index 000000000..15e47411a
--- /dev/null
+++ b/security/nss/lib/ssl/os2_err.h
@@ -0,0 +1,53 @@
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes. We would use
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * This code will continue to need to be replicated.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* NSPR doesn't make these functions public, so we have to duplicate
+** them in NSS.
+*/
+
+//HCT Based on Win32err.h
+extern void nss_MD_os2_map_accept_error(PRInt32 err);
+extern void nss_MD_os2_map_acceptex_error(PRInt32 err);
+extern void nss_MD_os2_map_access_error(PRInt32 err);
+extern void nss_MD_os2_map_bind_error(PRInt32 err);
+extern void nss_MD_os2_map_close_error(PRInt32 err);
+extern void nss_MD_os2_map_closedir_error(PRInt32 err);
+extern void nss_MD_os2_map_connect_error(PRInt32 err);
+extern void nss_MD_os2_map_default_error(PRInt32 err);
+extern void nss_MD_os2_map_delete_error(PRInt32 err);
+extern void nss_MD_os2_map_fstat_error(PRInt32 err);
+extern void nss_MD_os2_map_fsync_error(PRInt32 err);
+extern void nss_MD_os2_map_gethostname_error(PRInt32 err);
+extern void nss_MD_os2_map_getpeername_error(PRInt32 err);
+extern void nss_MD_os2_map_getsockname_error(PRInt32 err);
+extern void nss_MD_os2_map_getsockopt_error(PRInt32 err);
+extern void nss_MD_os2_map_listen_error(PRInt32 err);
+extern void nss_MD_os2_map_lockf_error(PRInt32 err);
+extern void nss_MD_os2_map_lseek_error(PRInt32 err);
+extern void nss_MD_os2_map_mkdir_error(PRInt32 err);
+extern void nss_MD_os2_map_open_error(PRInt32 err);
+extern void nss_MD_os2_map_opendir_error(PRInt32 err);
+extern void nss_MD_os2_map_read_error(PRInt32 err);
+extern void nss_MD_os2_map_readdir_error(PRInt32 err);
+extern void nss_MD_os2_map_recv_error(PRInt32 err);
+extern void nss_MD_os2_map_recvfrom_error(PRInt32 err);
+extern void nss_MD_os2_map_rename_error(PRInt32 err);
+extern void nss_MD_os2_map_rmdir_error(PRInt32 err);
+extern void nss_MD_os2_map_select_error(PRInt32 err);
+extern void nss_MD_os2_map_send_error(PRInt32 err);
+extern void nss_MD_os2_map_sendto_error(PRInt32 err);
+extern void nss_MD_os2_map_setsockopt_error(PRInt32 err);
+extern void nss_MD_os2_map_shutdown_error(PRInt32 err);
+extern void nss_MD_os2_map_socket_error(PRInt32 err);
+extern void nss_MD_os2_map_stat_error(PRInt32 err);
+extern void nss_MD_os2_map_transmitfile_error(PRInt32 err);
+extern void nss_MD_os2_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/ssl/preenc.h b/security/nss/lib/ssl/preenc.h
new file mode 100644
index 000000000..bebff89e2
--- /dev/null
+++ b/security/nss/lib/ssl/preenc.h
@@ -0,0 +1,113 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
+
+/*
+ * Fortezza support is removed.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Fortezza support is removed.
+ * This file remains so that old programs will continue to compile,
+ * But this functionality is no longer supported or implemented.
+ */
+
+#include "seccomon.h"
+#include "prio.h"
+
+typedef struct PEHeaderStr PEHeader;
+
+#define PE_MIME_TYPE "application/pre-encrypted"
+
+typedef struct PEFortezzaHeaderStr PEFortezzaHeader;
+typedef struct PEFortezzaGeneratedHeaderStr PEFortezzaGeneratedHeader;
+typedef struct PEFixedKeyHeaderStr PEFixedKeyHeader;
+typedef struct PERSAKeyHeaderStr PERSAKeyHeader;
+
+struct PEFortezzaHeaderStr {
+ unsigned char key[12];
+ unsigned char iv[24];
+ unsigned char hash[20];
+ unsigned char serial[8];
+};
+
+struct PEFortezzaGeneratedHeaderStr {
+ unsigned char key[12];
+ unsigned char iv[24];
+ unsigned char hash[20];
+ unsigned char Ra[128];
+ unsigned char Y[128];
+};
+
+struct PEFixedKeyHeaderStr {
+ unsigned char pkcs11Mech[4];
+ unsigned char labelLen[2];
+ unsigned char keyIDLen[2];
+ unsigned char ivLen[2];
+ unsigned char keyLen[2];
+ unsigned char data[1];
+};
+
+struct PERSAKeyHeaderStr {
+ unsigned char pkcs11Mech[4];
+ unsigned char issuerLen[2];
+ unsigned char serialLen[2];
+ unsigned char ivLen[2];
+ unsigned char keyLen[2];
+ unsigned char data[1];
+};
+
+#define PEFIXED_Label(header) (header->data)
+#define PEFIXED_KeyID(header) (&header->data[GetInt2(header->labelLen)])
+#define PEFIXED_IV(header) (&header->data[GetInt2(header->labelLen) + \
+ GetInt2(header->keyIDLen)])
+#define PEFIXED_Key(header) (&header->data[GetInt2(header->labelLen) + \
+ GetInt2(header->keyIDLen) + \
+ GetInt2(header->keyLen)])
+#define PERSA_Issuer(header) (header->data)
+#define PERSA_Serial(header) (&header->data[GetInt2(header->issuerLen)])
+#define PERSA_IV(header) (&header->data[GetInt2(header->issuerLen) + \
+ GetInt2(header->serialLen)])
+#define PERSA_Key(header) (&header->data[GetInt2(header->issuerLen) + \
+ GetInt2(header->serialLen) + \
+ GetInt2(header->keyLen)])
+struct PEHeaderStr {
+ unsigned char magic[2];
+ unsigned char len[2];
+ unsigned char type[2];
+ unsigned char version[2];
+ union {
+ PEFortezzaHeader fortezza;
+ PEFortezzaGeneratedHeader g_fortezza;
+ PEFixedKeyHeader fixed;
+ PERSAKeyHeader rsa;
+ } u;
+};
+
+#define PE_CRYPT_INTRO_LEN 8
+#define PE_INTRO_LEN 4
+#define PE_BASE_HEADER_LEN 8
+
+#define PRE_BLOCK_SIZE 8
+
+#define GetInt2(c) ((c[0] << 8) | c[1])
+#define GetInt4(c) (((unsigned long)c[0] << 24) | ((unsigned long)c[1] << 16) | \
+ ((unsigned long)c[2] << 8) | ((unsigned long)c[3]))
+#define PutInt2(c, i) ((c[1] = (i)&0xff), (c[0] = ((i) >> 8) & 0xff))
+#define PutInt4(c, i) ((c[0] = ((i) >> 24) & 0xff), (c[1] = ((i) >> 16) & 0xff), \
+ (c[2] = ((i) >> 8) & 0xff), (c[3] = (i)&0xff))
+
+#define PRE_MAGIC 0xc0de
+#define PRE_VERSION 0x1010
+#define PRE_FORTEZZA_FILE 0x00ff
+#define PRE_FORTEZZA_STREAM 0x00f5
+#define PRE_FORTEZZA_GEN_STREAM 0x00f6
+#define PRE_FIXED_FILE 0x000f
+#define PRE_RSA_FILE 0x001f
+#define PRE_FIXED_STREAM 0x0005
+
+PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *,
+ int *headerSize);
+
+PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *,
+ int *headerSize);
diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c
new file mode 100644
index 000000000..4db9ffe69
--- /dev/null
+++ b/security/nss/lib/ssl/prelib.c
@@ -0,0 +1,34 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
+
+/*
+ * Functions used by https servers to send (download) pre-encrypted files
+ * over SSL connections that use Fortezza ciphersuites.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "ssl.h"
+#include "keyhi.h"
+#include "secitem.h"
+#include "sslimpl.h"
+#include "pkcs11t.h"
+#include "preenc.h"
+#include "pk11func.h"
+
+PEHeader *
+SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
+ int *headerSize)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+}
+
+PEHeader *
+SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
+ int *headerSize)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return NULL;
+}
diff --git a/security/nss/lib/ssl/ssl.def b/security/nss/lib/ssl/ssl.def
new file mode 100644
index 000000000..6aa8b6437
--- /dev/null
+++ b/security/nss/lib/ssl/ssl.def
@@ -0,0 +1,223 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+
+;+NSS_3.2 { # NSS 3.2 release
+;+ global:
+LIBRARY ssl3 ;-
+EXPORTS ;-
+SSL_ImplementedCiphers DATA ;
+SSL_NumImplementedCiphers DATA ;
+NSS_CmpCertChainWCANames;
+NSS_FindCertKEAType;
+NSS_GetClientAuthData;
+NSS_SetDomesticPolicy;
+NSS_SetExportPolicy;
+NSS_SetFrancePolicy;
+SSL_AuthCertificate;
+SSL_AuthCertificateHook;
+SSL_BadCertHook;
+SSL_CertDBHandleSet;
+SSL_CipherPolicyGet;
+SSL_CipherPolicySet;
+SSL_CipherPrefGet;
+SSL_CipherPrefGetDefault;
+SSL_CipherPrefSet;
+SSL_CipherPrefSetDefault;
+SSL_ClearSessionCache;
+SSL_ConfigMPServerSIDCache;
+SSL_ConfigSecureServer;
+SSL_ConfigServerSessionIDCache;
+SSL_DataPending;
+SSL_ForceHandshake;
+SSL_GetClientAuthDataHook;
+SSL_GetSessionID;
+SSL_GetStatistics;
+SSL_HandshakeCallback;
+SSL_ImportFD;
+SSL_InheritMPServerSIDCache;
+SSL_InvalidateSession;
+SSL_OptionGet;
+SSL_OptionGetDefault;
+SSL_OptionSet;
+SSL_OptionSetDefault;
+SSL_PeerCertificate;
+SSL_PreencryptedFileToStream;
+SSL_PreencryptedStreamToFile;
+SSL_ReHandshake;
+SSL_ResetHandshake;
+SSL_RestartHandshakeAfterCertReq;
+SSL_RestartHandshakeAfterServerCert;
+SSL_RevealCert;
+SSL_RevealPinArg;
+SSL_RevealURL;
+SSL_SecurityStatus;
+SSL_SetPKCS11PinArg;
+SSL_SetSockPeerID;
+SSL_SetURL;
+;+ local:
+;+*;
+;+};
+;+NSS_3.2.1 { # NSS 3.2.1 release
+;+ global:
+NSSSSL_VersionCheck;
+;+ local:
+;+*;
+;+};
+;+NSS_3.4 { # NSS 3.4 release
+;+ global:
+SSL_GetChannelInfo;
+SSL_GetCipherSuiteInfo;
+SSL_GetMaxServerCacheLocks;
+SSL_LocalCertificate;
+SSL_SetMaxServerCacheLocks;
+;+ local:
+;+*;
+;+};
+;+NSS_3.7.4 { # NSS 3.7.4 release
+;+ global:
+SSL_ShutdownServerSessionIDCache;
+;+ local:
+;+*;
+;+};
+;+NSS_3.11.4 { # NSS 3.11.4 release
+;+ global:
+SSL_ForceHandshakeWithTimeout;
+SSL_ReHandshakeWithTimeout;
+;+ local:
+;+*;
+;+};
+;+NSS_3.11.8 { # NSS 3.11.8 release
+;+ global:
+SSL_CanBypass;
+;+ local:
+;+*;
+;+};
+;+NSS_3.12.6 { # NSS 3.12.6 release
+;+ global:
+SSL_ConfigServerSessionIDCacheWithOpt;
+SSL_GetImplementedCiphers;
+SSL_GetNegotiatedHostInfo;
+SSL_GetNumImplementedCiphers;
+SSL_HandshakeNegotiatedExtension;
+SSL_ReconfigFD;
+SSL_SetTrustAnchors;
+SSL_SNISocketConfigHook;
+;+ local:
+;+*;
+;+};
+;+NSS_3.12.10 { # NSS 3.12.10 release
+;+ global:
+SSL_ConfigSecureServerWithCertChain;
+;+ local:
+;+*;
+;+};
+;+NSS_3.13 { # NSS 3.13 release
+;+ global:
+NSSSSL_GetVersion;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.13.2 { # NSS 3.13.2 release
+;+ global:
+SSL_SetNextProtoCallback;
+SSL_SetNextProtoNego;
+SSL_GetNextProto;
+SSL_AuthCertificateComplete;
+;+ local:
+;+ *;
+;+};
+;+NSS_3.14 { # NSS 3.14 release
+;+ global:
+DTLS_GetHandshakeTimeout;
+DTLS_ImportFD;
+SSL_ExportKeyingMaterial;
+SSL_VersionRangeGet;
+SSL_VersionRangeGetDefault;
+SSL_VersionRangeGetSupported;
+SSL_VersionRangeSet;
+SSL_VersionRangeSetDefault;
+SSL_GetSRTPCipher;
+SSL_SetSRTPCiphers;
+;+ local:
+;+*;
+;+};
+;+NSS_3.15 { # NSS 3.15 release
+;+ global:
+SSL_PeerStapledOCSPResponses;
+SSL_SetStapledOCSPResponses;
+;+ local:
+;+*;
+;+};
+;+NSS_3.15.4 { # NSS 3.15.4 release
+;+ global:
+SSL_PeerCertificateChain;
+SSL_RecommendedCanFalseStart;
+SSL_SetCanFalseStartCallback;
+;+ local:
+;+*;
+;+};
+;+NSS_3.20 { # NSS 3.20 release
+;+ global:
+SSL_DHEGroupPrefSet;
+SSL_EnableWeakDHEPrimeGroup;
+;+ local:
+;+*;
+;+};
+;+NSS_3.21 { # NSS 3.21 release
+;+ global:
+SSL_GetPreliminaryChannelInfo;
+SSL_SignaturePrefSet;
+SSL_SignaturePrefGet;
+SSL_SignatureMaxCount;
+;+ local:
+;+*;
+;+};
+;+NSS_3.22 { # NSS 3.22 release
+;+ global:
+SSL_PeerSignedCertTimestamps;
+SSL_SetSignedCertTimestamps;
+;+ local:
+;+*;
+;+};
+;+NSS_3.23 { # NSS 3.23 release
+;+ global:
+SSL_SetDowngradeCheckVersion;
+;+ local:
+;+*;
+;+};
+;+NSS_3.24 { # NSS 3.24 release
+;+ global:
+SSL_ConfigServerCert;
+;+ local:
+;+*;
+;+};
+;+NSS_3.27 { # NSS 3.27 release
+;+ global:
+SSL_NamedGroupConfig;
+;+ local:
+;+*;
+;+};
+;+NSS_3.28 { # NSS 3.28 release
+;+ global:
+SSL_ExportEarlyKeyingMaterial;
+SSL_SendAdditionalKeyShares;
+SSL_SignatureSchemePrefSet;
+SSL_SignatureSchemePrefGet;
+;+ local:
+;+*;
+;+};
diff --git a/security/nss/lib/ssl/ssl.gyp b/security/nss/lib/ssl/ssl.gyp
new file mode 100644
index 000000000..0306ab667
--- /dev/null
+++ b/security/nss/lib/ssl/ssl.gyp
@@ -0,0 +1,98 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'ssl',
+ 'type': 'static_library',
+ 'sources': [
+ 'authcert.c',
+ 'cmpcert.c',
+ 'dtlscon.c',
+ 'prelib.c',
+ 'ssl3con.c',
+ 'ssl3ecc.c',
+ 'ssl3ext.c',
+ 'ssl3exthandle.c',
+ 'ssl3gthr.c',
+ 'sslauth.c',
+ 'sslcert.c',
+ 'sslcon.c',
+ 'ssldef.c',
+ 'sslenum.c',
+ 'sslerr.c',
+ 'sslerrstrs.c',
+ 'sslgrp.c',
+ 'sslinfo.c',
+ 'sslinit.c',
+ 'sslmutex.c',
+ 'sslnonce.c',
+ 'sslreveal.c',
+ 'sslsecur.c',
+ 'sslsnce.c',
+ 'sslsock.c',
+ 'ssltrace.c',
+ 'sslver.c',
+ 'tls13con.c',
+ 'tls13exthandle.c',
+ 'tls13hkdf.c',
+ ],
+ 'conditions': [
+ [ 'OS=="win"', {
+ 'sources': [
+ 'win32err.c',
+ ],
+ 'defines': [
+ 'IN_LIBSSL',
+ ],
+ }, {
+ # Not Windows.
+ 'sources': [
+ 'unix_err.c'
+ ],
+ }],
+ [ 'ssl_enable_zlib==1', {
+ 'dependencies': [
+ '<(DEPTH)/lib/zlib/zlib.gyp:nss_zlib'
+ ],
+ 'defines': [
+ 'NSS_SSL_ENABLE_ZLIB',
+ ],
+ }],
+ [ 'fuzz==1', {
+ 'defines': [
+ 'UNSAFE_FUZZER_MODE',
+ ],
+ }],
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ '<(DEPTH)/lib/freebl/freebl.gyp:freebl',
+ ],
+ },
+ {
+ 'target_name': 'ssl3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'ssl',
+ '<(DEPTH)/lib/nss/nss.gyp:nss3',
+ '<(DEPTH)/lib/util/util.gyp:nssutil3',
+ ],
+ 'variables': {
+ 'mapfile': 'ssl.def'
+ }
+ }
+ ],
+ 'target_defaults': {
+ 'defines': [
+ 'NSS_ALLOW_SSLKEYLOGFILE=1'
+ ]
+ },
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h
new file mode 100644
index 000000000..9394adcca
--- /dev/null
+++ b/security/nss/lib/ssl/ssl.h
@@ -0,0 +1,1344 @@
+/*
+ * This file contains prototypes for the public SSL functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ssl_h_
+#define __ssl_h_
+
+#include "prtypes.h"
+#include "prerror.h"
+#include "prio.h"
+#include "seccomon.h"
+#include "cert.h"
+#include "keyt.h"
+
+#include "sslt.h" /* public ssl data types */
+
+#if defined(_WIN32) && !defined(IN_LIBSSL) && !defined(NSS_USE_STATIC_LIBS)
+#define SSL_IMPORT extern __declspec(dllimport)
+#else
+#define SSL_IMPORT extern
+#endif
+
+SEC_BEGIN_PROTOS
+
+/* constant table enumerating all implemented cipher suites. */
+SSL_IMPORT const PRUint16 SSL_ImplementedCiphers[];
+
+/* the same as the above, but is a function */
+SSL_IMPORT const PRUint16 *SSL_GetImplementedCiphers(void);
+
+/* number of entries in the above table. */
+SSL_IMPORT const PRUint16 SSL_NumImplementedCiphers;
+
+/* the same as the above, but is a function */
+SSL_IMPORT PRUint16 SSL_GetNumImplementedCiphers(void);
+
+/* Macro to tell which ciphers in table are SSL2 vs SSL3/TLS. */
+#define SSL_IS_SSL2_CIPHER(which) (((which)&0xfff0) == 0xff00)
+
+/*
+** Imports fd into SSL, returning a new socket. Copies SSL configuration
+** from model.
+*/
+SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
+
+/*
+** Imports fd into DTLS, returning a new socket. Copies DTLS configuration
+** from model.
+*/
+SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
+
+/*
+** Enable/disable an ssl mode
+**
+** SSL_SECURITY:
+** enable/disable use of SSL security protocol before connect
+**
+** SSL_SOCKS:
+** enable/disable use of socks before connect
+** (No longer supported).
+**
+** SSL_REQUEST_CERTIFICATE:
+** require a certificate during secure connect
+*/
+/* options */
+#define SSL_SECURITY 1 /* (on by default) */
+#define SSL_SOCKS 2 /* (off by default) */
+#define SSL_REQUEST_CERTIFICATE 3 /* (off by default) */
+#define SSL_HANDSHAKE_AS_CLIENT 5 /* force accept to hs as client */
+ /* (off by default) */
+#define SSL_HANDSHAKE_AS_SERVER 6 /* force connect to hs as server */
+ /* (off by default) */
+
+/* OBSOLETE: SSL v2 is obsolete and may be removed soon. */
+#define SSL_ENABLE_SSL2 7 /* enable ssl v2 (off by default) */
+
+/* OBSOLETE: See "SSL Version Range API" below for the replacement and a
+** description of the non-obvious semantics of using SSL_ENABLE_SSL3.
+*/
+#define SSL_ENABLE_SSL3 8 /* enable ssl v3 (on by default) */
+
+#define SSL_NO_CACHE 9 /* don't use the session cache */
+ /* (off by default) */
+#define SSL_REQUIRE_CERTIFICATE 10 /* (SSL_REQUIRE_FIRST_HANDSHAKE */
+ /* by default) */
+#define SSL_ENABLE_FDX 11 /* permit simultaneous read/write */
+ /* (off by default) */
+
+/* OBSOLETE: SSL v2 compatible hellos are not accepted by some TLS servers
+** and cannot negotiate extensions. SSL v2 is obsolete. This option may be
+** removed soon.
+*/
+#define SSL_V2_COMPATIBLE_HELLO 12 /* send v3 client hello in v2 fmt */
+ /* (off by default) */
+
+/* OBSOLETE: See "SSL Version Range API" below for the replacement and a
+** description of the non-obvious semantics of using SSL_ENABLE_TLS.
+*/
+#define SSL_ENABLE_TLS 13 /* enable TLS (on by default) */
+
+#define SSL_ROLLBACK_DETECTION 14 /* for compatibility, default: on */
+#define SSL_NO_STEP_DOWN 15 /* (unsupported, deprecated, off) */
+#define SSL_BYPASS_PKCS11 16 /* (unsupported, deprecated, off) */
+#define SSL_NO_LOCKS 17 /* Don't use locks for protection */
+#define SSL_ENABLE_SESSION_TICKETS 18 /* Enable TLS SessionTicket */
+ /* extension (off by default) */
+#define SSL_ENABLE_DEFLATE 19 /* Enable TLS compression with */
+ /* DEFLATE (off by default) */
+#define SSL_ENABLE_RENEGOTIATION 20 /* Values below (default: never) */
+#define SSL_REQUIRE_SAFE_NEGOTIATION 21 /* Peer must send Signaling */
+ /* Cipher Suite Value (SCSV) or */
+ /* Renegotiation Info (RI) */
+ /* extension in ALL handshakes. */
+ /* default: off */
+#define SSL_ENABLE_FALSE_START 22 /* Enable SSL false start (off by */
+ /* default, applies only to */
+ /* clients). False start is a */
+/* mode where an SSL client will start sending application data before
+ * verifying the server's Finished message. This means that we could end up
+ * sending data to an imposter. However, the data will be encrypted and
+ * only the true server can derive the session key. Thus, so long as the
+ * cipher isn't broken this is safe. The advantage of false start is that
+ * it saves a round trip for client-speaks-first protocols when performing a
+ * full handshake.
+ *
+ * In addition to enabling this option, the application must register a
+ * callback using the SSL_SetCanFalseStartCallback function.
+ */
+
+/* For SSL 3.0 and TLS 1.0, by default we prevent chosen plaintext attacks
+ * on SSL CBC mode cipher suites (see RFC 4346 Section F.3) by splitting
+ * non-empty application_data records into two records; the first record has
+ * only the first byte of plaintext, and the second has the rest.
+ *
+ * This only prevents the attack in the sending direction; the connection may
+ * still be vulnerable to such attacks if the peer does not implement a similar
+ * countermeasure.
+ *
+ * This protection mechanism is on by default; the default can be overridden by
+ * setting NSS_SSL_CBC_RANDOM_IV=0 in the environment prior to execution,
+ * and/or by the application setting the option SSL_CBC_RANDOM_IV to PR_FALSE.
+ *
+ * The per-record IV in TLS 1.1 and later adds one block of overhead per
+ * record, whereas this hack will add at least two blocks of overhead per
+ * record, so TLS 1.1+ will always be more efficient.
+ *
+ * Other implementations (e.g. some versions of OpenSSL, in some
+ * configurations) prevent the same attack by prepending an empty
+ * application_data record to every application_data record they send; we do
+ * not do that because some implementations cannot handle empty
+ * application_data records. Also, we only split application_data records and
+ * not other types of records, because some implementations will not accept
+ * fragmented records of some other types (e.g. some versions of NSS do not
+ * accept fragmented alerts).
+ */
+#define SSL_CBC_RANDOM_IV 23
+#define SSL_ENABLE_OCSP_STAPLING 24 /* Request OCSP stapling (client) */
+
+/* SSL_ENABLE_NPN controls whether the NPN extension is enabled for the initial
+ * handshake when application layer protocol negotiation is used.
+ * SSL_SetNextProtoCallback or SSL_SetNextProtoNego must be used to control the
+ * application layer protocol negotiation; otherwise, the NPN extension will
+ * not be negotiated. SSL_ENABLE_NPN is currently enabled by default but this
+ * may change in future versions.
+ */
+#define SSL_ENABLE_NPN 25
+
+/* SSL_ENABLE_ALPN controls whether the ALPN extension is enabled for the
+ * initial handshake when application layer protocol negotiation is used.
+ * SSL_SetNextProtoNego (not SSL_SetNextProtoCallback) must be used to control
+ * the application layer protocol negotiation; otherwise, the ALPN extension
+ * will not be negotiated. ALPN is not negotiated for renegotiation handshakes,
+ * even though the ALPN specification defines a way to use ALPN during
+ * renegotiations. SSL_ENABLE_ALPN is currently disabled by default, but this
+ * may change in future versions.
+ */
+#define SSL_ENABLE_ALPN 26
+
+/* SSL_REUSE_SERVER_ECDHE_KEY controls whether the ECDHE server key is
+ * reused for multiple handshakes or generated each time.
+ * SSL_REUSE_SERVER_ECDHE_KEY is currently enabled by default.
+ * This socket option is for ECDHE, only. It is unrelated to DHE.
+ */
+#define SSL_REUSE_SERVER_ECDHE_KEY 27
+
+#define SSL_ENABLE_FALLBACK_SCSV 28 /* Send fallback SCSV in \
+ * handshakes. */
+
+/* SSL_ENABLE_SERVER_DHE controls whether DHE is enabled for the server socket.
+ */
+#define SSL_ENABLE_SERVER_DHE 29
+
+/* Use draft-ietf-tls-session-hash. Controls whether we offer the
+ * extended_master_secret extension which, when accepted, hashes
+ * the handshake transcript into the master secret. This option is
+ * disabled by default.
+ */
+#define SSL_ENABLE_EXTENDED_MASTER_SECRET 30
+
+/* Request Signed Certificate Timestamps via TLS extension (client) */
+#define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 31
+
+/* Ordinarily, when negotiating a TLS_DHE_* cipher suite the server picks the
+ * group. draft-ietf-tls-negotiated-ff-dhe changes this to use supported_groups
+ * (formerly supported_curves) to signal which pre-defined groups are OK.
+ *
+ * This option causes an NSS client to use this extension and demand that those
+ * groups be used. A client will signal any enabled DHE groups in the
+ * supported_groups extension and reject groups that don't match what it has
+ * enabled. A server will only negotiate TLS_DHE_* cipher suites if the
+ * client includes the extension.
+ *
+ * See SSL_NamedGroupConfig() for how to control which groups are enabled.
+ *
+ * This option cannot be enabled if NSS is not compiled with ECC support.
+ */
+#define SSL_REQUIRE_DH_NAMED_GROUPS 32
+
+/* Allow 0-RTT data (for TLS 1.3).
+ *
+ * When this option is set, the server's session tickets will contain
+ * a flag indicating that it accepts 0-RTT. When resuming such a
+ * session, PR_Write() on the client will be allowed immediately after
+ * starting the handshake and PR_Read() on the server will be allowed
+ * on the server to read that data. Calls to
+ * SSL_GetPreliminaryChannelInfo() and SSL_GetNextProto()
+ * can be made used during this period to learn about the channel
+ * parameters [TODO(ekr@rtfm.com): This hasn't landed yet].
+ *
+ * The transition between the 0-RTT and 1-RTT modes is marked by the
+ * handshake callback.
+ *
+ * WARNING: 0-RTT data has different anti-replay and PFS properties than
+ * the rest of the TLS data. See [draft-ietf-tls-tls13; Section 6.2.3]
+ * for more details.
+ */
+#define SSL_ENABLE_0RTT_DATA 33
+
+#ifdef SSL_DEPRECATED_FUNCTION
+/* Old deprecated function names */
+SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
+SSL_IMPORT SECStatus SSL_EnableDefault(int option, PRBool on);
+#endif
+
+/* New function names */
+SSL_IMPORT SECStatus SSL_OptionSet(PRFileDesc *fd, PRInt32 option, PRBool on);
+SSL_IMPORT SECStatus SSL_OptionGet(PRFileDesc *fd, PRInt32 option, PRBool *on);
+SSL_IMPORT SECStatus SSL_OptionSetDefault(PRInt32 option, PRBool on);
+SSL_IMPORT SECStatus SSL_OptionGetDefault(PRInt32 option, PRBool *on);
+SSL_IMPORT SECStatus SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle);
+
+/* SSLNextProtoCallback is called during the handshake for the client, when a
+ * Next Protocol Negotiation (NPN) extension has been received from the server.
+ * |protos| and |protosLen| define a buffer which contains the server's
+ * advertisement. This data is guaranteed to be well formed per the NPN spec.
+ * |protoOut| is a buffer provided by the caller, of length 255 (the maximum
+ * allowed by the protocol). On successful return, the protocol to be announced
+ * to the server will be in |protoOut| and its length in |*protoOutLen|.
+ *
+ * The callback must return SECFailure or SECSuccess (not SECWouldBlock).
+ */
+typedef SECStatus(PR_CALLBACK *SSLNextProtoCallback)(
+ void *arg,
+ PRFileDesc *fd,
+ const unsigned char *protos,
+ unsigned int protosLen,
+ unsigned char *protoOut,
+ unsigned int *protoOutLen,
+ unsigned int protoMaxOut);
+
+/* SSL_SetNextProtoCallback sets a callback function to handle Next Protocol
+ * Negotiation. It causes a client to advertise NPN. */
+SSL_IMPORT SECStatus SSL_SetNextProtoCallback(PRFileDesc *fd,
+ SSLNextProtoCallback callback,
+ void *arg);
+
+/* SSL_SetNextProtoNego can be used as an alternative to
+ * SSL_SetNextProtoCallback. It also causes a client to advertise NPN and
+ * installs a default callback function which selects the first supported
+ * protocol in server-preference order. If no matching protocol is found it
+ * selects the first supported protocol.
+ *
+ * Using this function also allows the client to transparently support ALPN.
+ * The same set of protocols will be advertised via ALPN and, if the server
+ * uses ALPN to select a protocol, SSL_GetNextProto will return
+ * SSL_NEXT_PROTO_SELECTED as the state.
+ *
+ * Since NPN uses the first protocol as the fallback protocol, when sending an
+ * ALPN extension, the first protocol is moved to the end of the list. This
+ * indicates that the fallback protocol is the least preferred. The other
+ * protocols should be in preference order.
+ *
+ * The supported protocols are specified in |data| in wire-format (8-bit
+ * length-prefixed). For example: "\010http/1.1\006spdy/2". */
+SSL_IMPORT SECStatus SSL_SetNextProtoNego(PRFileDesc *fd,
+ const unsigned char *data,
+ unsigned int length);
+
+typedef enum SSLNextProtoState {
+ SSL_NEXT_PROTO_NO_SUPPORT = 0, /* No peer support */
+ SSL_NEXT_PROTO_NEGOTIATED = 1, /* Mutual agreement */
+ SSL_NEXT_PROTO_NO_OVERLAP = 2, /* No protocol overlap found */
+ SSL_NEXT_PROTO_SELECTED = 3, /* Server selected proto (ALPN) */
+ SSL_NEXT_PROTO_EARLY_VALUE = 4 /* We are in 0-RTT using this value. */
+} SSLNextProtoState;
+
+/* SSL_GetNextProto can be used in the HandshakeCallback or any time after
+ * a handshake to retrieve the result of the Next Protocol negotiation.
+ *
+ * The length of the negotiated protocol, if any, is written into *bufLen.
+ * If the negotiated protocol is longer than bufLenMax, then SECFailure is
+ * returned. Otherwise, the negotiated protocol, if any, is written into buf,
+ * and SECSuccess is returned. */
+SSL_IMPORT SECStatus SSL_GetNextProto(PRFileDesc *fd,
+ SSLNextProtoState *state,
+ unsigned char *buf,
+ unsigned int *bufLen,
+ unsigned int bufLenMax);
+
+/*
+** Control ciphers that SSL uses. If on is non-zero then the named cipher
+** is enabled, otherwise it is disabled.
+** The "cipher" values are defined in sslproto.h (the SSL_EN_* values).
+** EnableCipher records user preferences.
+** SetPolicy sets the policy according to the policy module.
+*/
+#ifdef SSL_DEPRECATED_FUNCTION
+/* Old deprecated function names */
+SSL_IMPORT SECStatus SSL_EnableCipher(long which, PRBool enabled);
+SSL_IMPORT SECStatus SSL_SetPolicy(long which, int policy);
+#endif
+
+/* New function names */
+SSL_IMPORT SECStatus SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 cipher, PRBool enabled);
+SSL_IMPORT SECStatus SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 cipher, PRBool *enabled);
+SSL_IMPORT SECStatus SSL_CipherPrefSetDefault(PRInt32 cipher, PRBool enabled);
+SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 cipher, PRBool *enabled);
+SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
+SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
+
+/*
+** Control for TLS signature schemes for TLS 1.2 and 1.3.
+**
+** This governs what signature schemes (or algorithms) are sent by a client in
+** the signature_algorithms extension. A client will not accept a signature
+** from a server unless it uses an enabled algorithm.
+**
+** This also governs what the server sends in the supported_signature_algorithms
+** field of a CertificateRequest.
+**
+** This changes what the server uses to sign ServerKeyExchange and
+** CertificateVerify messages. An endpoint uses the first entry from this list
+** that is compatible with both its certificate and its peer's supported
+** values.
+**
+** This configuration affects TLS 1.2, but the combination of EC group and hash
+** algorithm is interpreted loosely to be compatible with other implementations.
+** For TLS 1.2, NSS will ignore the curve group when generating or verifying
+** ECDSA signatures. For example, a P-384 ECDSA certificate is used with
+** SHA-256 if ssl_sig_ecdsa_secp256r1_sha256 is enabled.
+**
+** Omitting SHA-256 schemes from this list might be foolish. Support is
+** mandatory in TLS 1.2 and 1.3 and there might be interoperability issues.
+*/
+SSL_IMPORT SECStatus SSL_SignatureSchemePrefSet(
+ PRFileDesc *fd, const SSLSignatureScheme *schemes, unsigned int count);
+
+/* Deprecated, use SSL_SignatureSchemePrefSet() instead. */
+SSL_IMPORT SECStatus SSL_SignaturePrefSet(
+ PRFileDesc *fd, const SSLSignatureAndHashAlg *algorithms,
+ unsigned int count);
+
+/*
+** Get the currently configured signature schemes.
+**
+** The schemes are written to |schemes| but not if there are more than
+** |maxCount| values configured. The number of schemes that are in use are
+** written to |count|. This fails if |maxCount| is insufficiently large.
+*/
+SSL_IMPORT SECStatus SSL_SignatureSchemePrefGet(
+ PRFileDesc *fd, SSLSignatureScheme *algorithms, unsigned int *count,
+ unsigned int maxCount);
+
+/* Deprecated, use SSL_SignatureSchemePrefGet() instead. */
+SSL_IMPORT SECStatus SSL_SignaturePrefGet(
+ PRFileDesc *fd, SSLSignatureAndHashAlg *algorithms, unsigned int *count,
+ unsigned int maxCount);
+
+/*
+** Returns the maximum number of signature algorithms that are supported and
+** can be set or retrieved using SSL_SignatureSchemePrefSet or
+** SSL_SignatureSchemePrefGet.
+*/
+SSL_IMPORT unsigned int SSL_SignatureMaxCount();
+
+/*
+** Define custom priorities for EC and FF groups used in DH key exchange and EC
+** groups for ECDSA. This only changes the order of enabled lists (and thus
+** their priorities) and enables all groups in |groups| while disabling all other
+** groups.
+*/
+SSL_IMPORT SECStatus SSL_NamedGroupConfig(PRFileDesc *fd,
+ const SSLNamedGroup *groups,
+ unsigned int num_groups);
+
+/*
+** Configure the socket to configure additional key shares. Normally when a TLS
+** 1.3 ClientHello is sent, just one key share is included using the first
+** preference group (as set by SSL_NamedGroupConfig). If the server decides to
+** pick a different group for key exchange, it is forced to send a
+** HelloRetryRequest, which adds an entire round trip of latency.
+**
+** This function can be used to configure libssl to generate additional key
+** shares when sending a TLS 1.3 ClientHello. If |count| is set to a non-zero
+** value, then additional key shares are generated. Shares are added in the
+** preference order set in SSL_NamedGroupConfig. |count| can be set to any
+** value; NSS limits the number of shares to the number of supported groups.
+*/
+SSL_IMPORT SECStatus SSL_SendAdditionalKeyShares(PRFileDesc *fd,
+ unsigned int count);
+
+/* Deprecated: use SSL_NamedGroupConfig() instead.
+** SSL_DHEGroupPrefSet is used to configure the set of allowed/enabled DHE group
+** parameters that can be used by NSS for the given server socket.
+** The first item in the array is used as the default group, if no other
+** selection criteria can be used by NSS.
+** The set is provided as an array of identifiers as defined by SSLDHEGroupType.
+** If more than one group identifier is provided, NSS will select the one to use.
+** For example, a TLS extension sent by the client might indicate a preference.
+*/
+SSL_IMPORT SECStatus SSL_DHEGroupPrefSet(PRFileDesc *fd,
+ const SSLDHEGroupType *groups,
+ PRUint16 num_groups);
+
+/* Enable the use of a DHE group that's smaller than the library default,
+** for backwards compatibility reasons. The DH parameters will be created
+** at the time this function is called, which might take a very long time.
+** The function will block until generation is completed.
+** The intention is to enforce that fresh and safe parameters are generated
+** each time a process is started.
+** At the time this API was initially implemented, the API will enable the
+** use of 1024 bit DHE parameters. This value might get increased in future
+** versions of NSS.
+**
+** It is allowed to call this API will a NULL value for parameter fd,
+** which will prepare the global parameters that NSS will reuse for the remainder
+** of the process lifetime. This can be used early after startup of a process,
+** to avoid a delay when handling incoming client connections.
+** This preparation with a NULL for parameter fd will NOT enable the weak group
+** on sockets. The function needs to be called again for every socket that
+** should use the weak group.
+**
+** It is allowed to use this API in combination with the SSL_NamedGroupConfig API.
+** If both APIs have been called, the weakest group will be used, unless it is
+** certain that the client supports larger group parameters. The weak group will
+** be used as the default group for TLS <= 1.2, overriding the preference for
+** the first group potentially set with a call to SSL_NamedGroupConfig.
+*/
+SSL_IMPORT SECStatus SSL_EnableWeakDHEPrimeGroup(PRFileDesc *fd, PRBool enabled);
+
+/* SSL Version Range API
+**
+** This API should be used to control SSL 3.0 & TLS support instead of the
+** older SSL_Option* API; however, the SSL_Option* API MUST still be used to
+** control SSL 2.0 support. In this version of libssl, SSL 3.0 and TLS 1.0 are
+** enabled by default. Future versions of libssl may change which versions of
+** the protocol are enabled by default.
+**
+** The SSLProtocolVariant enum indicates whether the protocol is of type
+** stream or datagram. This must be provided to the functions that do not
+** take an fd. Functions which take an fd will get the variant from the fd,
+** which is typed.
+**
+** Using the new version range API in conjunction with the older
+** SSL_OptionSet-based API for controlling the enabled protocol versions may
+** cause unexpected results. Going forward, we guarantee only the following:
+**
+** SSL_OptionGet(SSL_ENABLE_TLS) will return PR_TRUE if *ANY* versions of TLS
+** are enabled.
+**
+** SSL_OptionSet(SSL_ENABLE_TLS, PR_FALSE) will disable *ALL* versions of TLS,
+** including TLS 1.0 and later.
+**
+** The above two properties provide compatibility for applications that use
+** SSL_OptionSet to implement the insecure fallback from TLS 1.x to SSL 3.0.
+**
+** SSL_OptionSet(SSL_ENABLE_TLS, PR_TRUE) will enable TLS 1.0, and may also
+** enable some later versions of TLS, if it is necessary to do so in order to
+** keep the set of enabled versions contiguous. For example, if TLS 1.2 is
+** enabled, then after SSL_OptionSet(SSL_ENABLE_TLS, PR_TRUE), TLS 1.0,
+** TLS 1.1, and TLS 1.2 will be enabled, and the call will have no effect on
+** whether SSL 3.0 is enabled. If no later versions of TLS are enabled at the
+** time SSL_OptionSet(SSL_ENABLE_TLS, PR_TRUE) is called, then no later
+** versions of TLS will be enabled by the call.
+**
+** SSL_OptionSet(SSL_ENABLE_SSL3, PR_FALSE) will disable SSL 3.0, and will not
+** change the set of TLS versions that are enabled.
+**
+** SSL_OptionSet(SSL_ENABLE_SSL3, PR_TRUE) will enable SSL 3.0, and may also
+** enable some versions of TLS if TLS 1.1 or later is enabled at the time of
+** the call, the same way SSL_OptionSet(SSL_ENABLE_TLS, PR_TRUE) works, in
+** order to keep the set of enabled versions contiguous.
+*/
+
+/* Returns, in |*vrange|, the range of SSL3/TLS versions supported for the
+** given protocol variant by the version of libssl linked-to at runtime.
+*/
+SSL_IMPORT SECStatus SSL_VersionRangeGetSupported(
+ SSLProtocolVariant protocolVariant, SSLVersionRange *vrange);
+
+/* Returns, in |*vrange|, the range of SSL3/TLS versions enabled by default
+** for the given protocol variant.
+*/
+SSL_IMPORT SECStatus SSL_VersionRangeGetDefault(
+ SSLProtocolVariant protocolVariant, SSLVersionRange *vrange);
+
+/* Sets the range of enabled-by-default SSL3/TLS versions for the given
+** protocol variant to |*vrange|.
+*/
+SSL_IMPORT SECStatus SSL_VersionRangeSetDefault(
+ SSLProtocolVariant protocolVariant, const SSLVersionRange *vrange);
+
+/* Returns, in |*vrange|, the range of enabled SSL3/TLS versions for |fd|. */
+SSL_IMPORT SECStatus SSL_VersionRangeGet(PRFileDesc *fd,
+ SSLVersionRange *vrange);
+
+/* Sets the range of enabled SSL3/TLS versions for |fd| to |*vrange|. */
+SSL_IMPORT SECStatus SSL_VersionRangeSet(PRFileDesc *fd,
+ const SSLVersionRange *vrange);
+
+/* Sets the version to check the server random against for the
+ * fallback check defined in [draft-ietf-tls-tls13-11 Section 6.3.1.1].
+ * This function is provided to allow for detection of forced downgrade
+ * attacks against client-side reconnect-and-fallback outside of TLS
+ * by setting |version| to be that of the original connection, rather
+ * than that of the new connection.
+ *
+ * The default, which can also be enabled by setting |version| to
+ * zero, is just to check against the max version in the
+ * version range (see SSL_VersionRangeSet). */
+SSL_IMPORT SECStatus SSL_SetDowngradeCheckVersion(PRFileDesc *fd,
+ PRUint16 version);
+
+/* Values for "policy" argument to SSL_CipherPolicySet */
+/* Values returned by SSL_CipherPolicyGet. */
+#define SSL_NOT_ALLOWED 0 /* or invalid or unimplemented */
+#define SSL_ALLOWED 1
+#define SSL_RESTRICTED 2 /* only with "Step-Up" certs. */
+
+/* Values for "on" with SSL_REQUIRE_CERTIFICATE. */
+#define SSL_REQUIRE_NEVER ((PRBool)0)
+#define SSL_REQUIRE_ALWAYS ((PRBool)1)
+#define SSL_REQUIRE_FIRST_HANDSHAKE ((PRBool)2)
+#define SSL_REQUIRE_NO_ERROR ((PRBool)3)
+
+/* Values for "on" with SSL_ENABLE_RENEGOTIATION */
+/* Never renegotiate at all. */
+#define SSL_RENEGOTIATE_NEVER ((PRBool)0)
+/* Renegotiate without restriction, whether or not the peer's client hello */
+/* bears the renegotiation info extension. Vulnerable, as in the past. */
+#define SSL_RENEGOTIATE_UNRESTRICTED ((PRBool)1)
+/* Only renegotiate if the peer's hello bears the TLS renegotiation_info */
+/* extension. This is safe renegotiation. */
+#define SSL_RENEGOTIATE_REQUIRES_XTN ((PRBool)2)
+/* Disallow unsafe renegotiation in server sockets only, but allow clients */
+/* to continue to renegotiate with vulnerable servers. */
+/* This value should only be used during the transition period when few */
+/* servers have been upgraded. */
+#define SSL_RENEGOTIATE_TRANSITIONAL ((PRBool)3)
+
+/*
+** Reset the handshake state for fd. This will make the complete SSL
+** handshake protocol execute from the ground up on the next i/o
+** operation.
+*/
+SSL_IMPORT SECStatus SSL_ResetHandshake(PRFileDesc *fd, PRBool asServer);
+
+/*
+** Force the handshake for fd to complete immediately. This blocks until
+** the complete SSL handshake protocol is finished.
+*/
+SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd);
+
+/*
+** Same as above, but with an I/O timeout.
+ */
+SSL_IMPORT SECStatus SSL_ForceHandshakeWithTimeout(PRFileDesc *fd,
+ PRIntervalTime timeout);
+
+/*
+** Query security status of socket. *on is set to one if security is
+** enabled. *keySize will contain the stream key size used. *issuer will
+** contain the RFC1485 verison of the name of the issuer of the
+** certificate at the other end of the connection. For a client, this is
+** the issuer of the server's certificate; for a server, this is the
+** issuer of the client's certificate (if any). Subject is the subject of
+** the other end's certificate. The pointers can be zero if the desired
+** data is not needed. All strings returned by this function are owned
+** by the caller, and need to be freed with PORT_Free.
+*/
+SSL_IMPORT SECStatus SSL_SecurityStatus(PRFileDesc *fd, int *on, char **cipher,
+ int *keySize, int *secretKeySize,
+ char **issuer, char **subject);
+
+/* Values for "on" */
+#define SSL_SECURITY_STATUS_NOOPT -1
+#define SSL_SECURITY_STATUS_OFF 0
+#define SSL_SECURITY_STATUS_ON_HIGH 1
+#define SSL_SECURITY_STATUS_ON_LOW 2
+#define SSL_SECURITY_STATUS_FORTEZZA 3 /* NO LONGER SUPPORTED */
+
+/*
+** Return the certificate for our SSL peer. If the client calls this
+** it will always return the server's certificate. If the server calls
+** this, it may return NULL if client authentication is not enabled or
+** if the client had no certificate when asked.
+** "fd" the socket "file" descriptor
+*/
+SSL_IMPORT CERTCertificate *SSL_PeerCertificate(PRFileDesc *fd);
+
+/*
+** Return the certificates presented by the SSL peer. If the SSL peer
+** did not present certificates, return NULL with the
+** SSL_ERROR_NO_CERTIFICATE error. On failure, return NULL with an error
+** code other than SSL_ERROR_NO_CERTIFICATE.
+** "fd" the socket "file" descriptor
+*/
+SSL_IMPORT CERTCertList *SSL_PeerCertificateChain(PRFileDesc *fd);
+
+/* SSL_PeerStapledOCSPResponses returns the OCSP responses that were provided
+ * by the TLS server. The return value is a pointer to an internal SECItemArray
+ * that contains the returned OCSP responses; it is only valid until the
+ * callback function that calls SSL_PeerStapledOCSPResponses returns.
+ *
+ * If no OCSP responses were given by the server then the result will be empty.
+ * If there was an error, then the result will be NULL.
+ *
+ * You must set the SSL_ENABLE_OCSP_STAPLING option to enable OCSP stapling.
+ * to be provided by a server.
+ *
+ * libssl does not do any validation of the OCSP response itself; the
+ * authenticate certificate hook is responsible for doing so. The default
+ * authenticate certificate hook, SSL_AuthCertificate, does not implement
+ * any OCSP stapling funtionality, but this may change in future versions.
+ */
+SSL_IMPORT const SECItemArray *SSL_PeerStapledOCSPResponses(PRFileDesc *fd);
+
+/* SSL_PeerSignedCertTimestamps returns the signed_certificate_timestamp
+ * extension data provided by the TLS server. The return value is a pointer
+ * to an internal SECItem that contains the returned response (as a serialized
+ * SignedCertificateTimestampList, see RFC 6962). The returned pointer is only
+ * valid until the callback function that calls SSL_PeerSignedCertTimestamps
+ * (e.g. the authenticate certificate hook, or the handshake callback) returns.
+ *
+ * If no Signed Certificate Timestamps were given by the server then the result
+ * will be empty. If there was an error, then the result will be NULL.
+ *
+ * You must set the SSL_ENABLE_SIGNED_CERT_TIMESTAMPS option to indicate support
+ * for Signed Certificate Timestamps to a server.
+ *
+ * libssl does not do any parsing or validation of the response itself.
+ */
+SSL_IMPORT const SECItem *SSL_PeerSignedCertTimestamps(PRFileDesc *fd);
+
+/* SSL_SetStapledOCSPResponses stores an array of one or multiple OCSP responses
+ * in the fd's data, which may be sent as part of a server side cert_status
+ * handshake message. Parameter |responses| is for the server certificate of
+ * the key exchange type |kea|.
+ * The function will duplicate the responses array.
+ *
+ * Deprecated: see SSL_ConfigSecureServer for details.
+ */
+SSL_IMPORT SECStatus
+SSL_SetStapledOCSPResponses(PRFileDesc *fd, const SECItemArray *responses,
+ SSLKEAType kea);
+
+/*
+ * SSL_SetSignedCertTimestamps stores serialized signed_certificate_timestamp
+ * extension data in the fd. The signed_certificate_timestamp data is sent
+ * during the handshake (if requested by the client). Parameter |scts|
+ * is for the server certificate of the key exchange type |kea|.
+ * The function will duplicate the provided data item. To clear previously
+ * set data for a given key exchange type |kea|, pass NULL to |scts|.
+ *
+ * Deprecated: see SSL_ConfigSecureServer for details.
+ */
+SSL_IMPORT SECStatus
+SSL_SetSignedCertTimestamps(PRFileDesc *fd, const SECItem *scts,
+ SSLKEAType kea);
+
+/*
+** Authenticate certificate hook. Called when a certificate comes in
+** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the
+** certificate.
+**
+** The authenticate certificate hook must return SECSuccess to indicate the
+** certificate is valid, SECFailure to indicate the certificate is invalid,
+** or SECWouldBlock if the application will authenticate the certificate
+** asynchronously. SECWouldBlock is only supported for non-blocking sockets.
+**
+** If the authenticate certificate hook returns SECFailure, then the bad cert
+** hook will be called. The bad cert handler is NEVER called if the
+** authenticate certificate hook returns SECWouldBlock. If the application
+** needs to handle and/or override a bad cert, it should do so before it
+** calls SSL_AuthCertificateComplete (modifying the error it passes to
+** SSL_AuthCertificateComplete as needed).
+**
+** See the documentation for SSL_AuthCertificateComplete for more information
+** about the asynchronous behavior that occurs when the authenticate
+** certificate hook returns SECWouldBlock.
+**
+** RFC 6066 says that clients should send the bad_certificate_status_response
+** alert when they encounter an error processing the stapled OCSP response.
+** libssl does not provide a way for the authenticate certificate hook to
+** indicate that an OCSP error (SEC_ERROR_OCSP_*) that it returns is an error
+** in the stapled OCSP response or an error in some other OCSP response.
+** Further, NSS does not provide a convenient way to control or determine
+** which OCSP response(s) were used to validate a certificate chain.
+** Consequently, the current version of libssl does not ever send the
+** bad_certificate_status_response alert. This may change in future releases.
+*/
+typedef SECStatus(PR_CALLBACK *SSLAuthCertificate)(void *arg, PRFileDesc *fd,
+ PRBool checkSig,
+ PRBool isServer);
+
+SSL_IMPORT SECStatus SSL_AuthCertificateHook(PRFileDesc *fd,
+ SSLAuthCertificate f,
+ void *arg);
+
+/* An implementation of the certificate authentication hook */
+SSL_IMPORT SECStatus SSL_AuthCertificate(void *arg, PRFileDesc *fd,
+ PRBool checkSig, PRBool isServer);
+
+/*
+ * Prototype for SSL callback to get client auth data from the application.
+ * arg - application passed argument
+ * caNames - pointer to distinguished names of CAs that the server likes
+ * pRetCert - pointer to pointer to cert, for return of cert
+ * pRetKey - pointer to key pointer, for return of key
+ */
+typedef SECStatus(PR_CALLBACK *SSLGetClientAuthData)(void *arg,
+ PRFileDesc *fd,
+ CERTDistNames *caNames,
+ CERTCertificate **pRetCert, /*return */
+ SECKEYPrivateKey **pRetKey); /* return */
+
+/*
+ * Set the client side callback for SSL to retrieve user's private key
+ * and certificate.
+ * fd - the file descriptor for the connection in question
+ * f - the application's callback that delivers the key and cert
+ * a - application specific data
+ */
+SSL_IMPORT SECStatus SSL_GetClientAuthDataHook(PRFileDesc *fd,
+ SSLGetClientAuthData f, void *a);
+
+/*
+** SNI extension processing callback function.
+** It is called when SSL socket receives SNI extension in ClientHello message.
+** Upon this callback invocation, application is responsible to reconfigure the
+** socket with the data for a particular server name.
+** There are three potential outcomes of this function invocation:
+** * application does not recognize the name or the type and wants the
+** "unrecognized_name" alert be sent to the client. In this case the callback
+** function must return SSL_SNI_SEND_ALERT status.
+** * application does not recognize the name, but wants to continue with
+** the handshake using the current socket configuration. In this case,
+** no socket reconfiguration is needed and the function should return
+** SSL_SNI_CURRENT_CONFIG_IS_USED.
+** * application recognizes the name and reconfigures the socket with
+** appropriate certs, key, etc. There are many ways to reconfigure. NSS
+** provides SSL_ReconfigFD function that can be used to update the socket
+** data from model socket. To continue with the rest of the handshake, the
+** implementation function should return an index of a name it has chosen.
+** LibSSL will ignore any SNI extension received in a ClientHello message
+** if application does not register a SSLSNISocketConfig callback.
+** Each type field of SECItem indicates the name type.
+** NOTE: currently RFC3546 defines only one name type: sni_host_name.
+** Client is allowed to send only one name per known type. LibSSL will
+** send an "unrecognized_name" alert if SNI extension name list contains more
+** then one name of a type.
+*/
+typedef PRInt32(PR_CALLBACK *SSLSNISocketConfig)(PRFileDesc *fd,
+ const SECItem *srvNameArr,
+ PRUint32 srvNameArrSize,
+ void *arg);
+
+/*
+** SSLSNISocketConfig should return an index within 0 and srvNameArrSize-1
+** when it has reconfigured the socket fd to use certs and keys, etc
+** for a specific name. There are two other allowed return values. One
+** tells libSSL to use the default cert and key. The other tells libSSL
+** to send the "unrecognized_name" alert. These values are:
+**/
+#define SSL_SNI_CURRENT_CONFIG_IS_USED -1
+#define SSL_SNI_SEND_ALERT -2
+
+/*
+** Set application implemented SNISocketConfig callback.
+*/
+SSL_IMPORT SECStatus SSL_SNISocketConfigHook(PRFileDesc *fd,
+ SSLSNISocketConfig f,
+ void *arg);
+
+/*
+** Reconfigure fd SSL socket with model socket parameters. Sets
+** server certs and keys, list of trust anchor, socket options
+** and all SSL socket call backs and parameters.
+*/
+SSL_IMPORT PRFileDesc *SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd);
+
+/*
+ * Set the client side argument for SSL to retrieve PKCS #11 pin.
+ * fd - the file descriptor for the connection in question
+ * a - pkcs11 application specific data
+ */
+SSL_IMPORT SECStatus SSL_SetPKCS11PinArg(PRFileDesc *fd, void *a);
+
+/*
+** This is a callback for dealing with server certs that are not authenticated
+** by the client. The client app can decide that it actually likes the
+** cert by some external means and restart the connection.
+**
+** The bad cert hook must return SECSuccess to override the result of the
+** authenticate certificate hook, SECFailure if the certificate should still be
+** considered invalid, or SECWouldBlock if the application will authenticate
+** the certificate asynchronously. SECWouldBlock is only supported for
+** non-blocking sockets.
+**
+** See the documentation for SSL_AuthCertificateComplete for more information
+** about the asynchronous behavior that occurs when the bad cert hook returns
+** SECWouldBlock.
+*/
+typedef SECStatus(PR_CALLBACK *SSLBadCertHandler)(void *arg, PRFileDesc *fd);
+SSL_IMPORT SECStatus SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f,
+ void *arg);
+
+/*
+** Configure SSL socket for running a secure server. Needs the
+** certificate for the server and the servers private key. The arguments
+** are copied.
+**
+** This method should be used in preference to SSL_ConfigSecureServer,
+** SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses, and
+** SSL_SetSignedCertTimestamps.
+**
+** The authentication method is determined from the certificate and private key
+** based on how libssl authenticates peers. Primarily, this uses the value of
+** the SSLAuthType enum and is derived from the type of public key in the
+** certificate. For example, different RSA certificates might be saved for
+** signing (ssl_auth_rsa_sign) and key encipherment
+** (ssl_auth_rsa_decrypt). Unique to RSA, the same certificate can be used for
+** both usages. Additional information about the authentication method is also
+** used: EC keys with different curves are separately stored.
+**
+** Only one certificate is stored for each authentication method.
+**
+** The optional |data| argument contains additional information about the
+** certificate:
+**
+** - |authType| (with a value other than ssl_auth_null) limits the
+** authentication method; this is primarily useful in limiting the use of an
+** RSA certificate to one particular key usage (either signing or key
+** encipherment) when its key usages indicate support for both.
+**
+** - |certChain| provides an explicit certificate chain, rather than relying on
+** NSS functions for finding a certificate chain.
+**
+** - |stapledOCSPResponses| provides a response for OCSP stapling.
+**
+** - |signedCertTimestamps| provides a value for the
+** signed_certificate_timestamp extension used in certificate transparency.
+**
+** The |data_len| argument provides the length of the data. This should be set
+** to |sizeof(data)|.
+**
+** This function allows an application to provide certificates with narrow key
+** usages attached to them. For instance, RSA keys can be provided that are
+** limited to signing or decryption only. Multiple EC certificates with keys on
+** different named curves can be provided.
+**
+** Unlike SSL_ConfigSecureServer(WithCertChain), this function does not accept
+** NULL for the |cert| and |key| arguments. It will replace certificates that
+** have the same type, but it cannot be used to remove certificates that have
+** already been configured.
+*/
+SSL_IMPORT SECStatus SSL_ConfigServerCert(
+ PRFileDesc *fd, CERTCertificate *cert, SECKEYPrivateKey *key,
+ const SSLExtraServerCertData *data, unsigned int data_len);
+
+/*
+** Deprecated variant of SSL_ConfigServerCert.
+**
+** This uses values from the SSLKEAType to identify the type of |key| that the
+** |cert| contains. This is incorrect, since key exchange and authentication
+** are separated in some cipher suites (in particular, ECDHE_RSA_* suites).
+**
+** Providing a |kea| parameter of ssl_kea_ecdh (or kt_ecdh) is interpreted as
+** providing both ECDH and ECDSA certificates.
+*/
+SSL_IMPORT SECStatus SSL_ConfigSecureServer(
+ PRFileDesc *fd, CERTCertificate *cert,
+ SECKEYPrivateKey *key, SSLKEAType kea);
+
+/*
+** Deprecated variant of SSL_ConfigSecureServerCert. The |data| argument to
+** SSL_ConfigSecureServerCert can be used to pass a certificate chain.
+*/
+SSL_IMPORT SECStatus
+SSL_ConfigSecureServerWithCertChain(PRFileDesc *fd, CERTCertificate *cert,
+ const CERTCertificateList *certChainOpt,
+ SECKEYPrivateKey *key, SSLKEAType kea);
+
+/*
+** Configure a secure server's session-id cache. Define the maximum number
+** of entries in the cache, the longevity of the entires, and the directory
+** where the cache files will be placed. These values can be zero, and
+** if so, the implementation will choose defaults.
+** This version of the function is for use in applications that have only one
+** process that uses the cache (even if that process has multiple threads).
+*/
+SSL_IMPORT SECStatus SSL_ConfigServerSessionIDCache(int maxCacheEntries,
+ PRUint32 timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory);
+
+/* Configure a secure server's session-id cache. Depends on value of
+ * enableMPCache, configures malti-proc or single proc cache. */
+SSL_IMPORT SECStatus SSL_ConfigServerSessionIDCacheWithOpt(
+ PRUint32 timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory,
+ int maxCacheEntries,
+ int maxCertCacheEntries,
+ int maxSrvNameCacheEntries,
+ PRBool enableMPCache);
+
+/*
+** Like SSL_ConfigServerSessionIDCache, with one important difference.
+** If the application will run multiple processes (as opposed to, or in
+** addition to multiple threads), then it must call this function, instead
+** of calling SSL_ConfigServerSessionIDCache().
+** This has nothing to do with the number of processORs, only processEs.
+** This function sets up a Server Session ID (SID) cache that is safe for
+** access by multiple processes on the same system.
+*/
+SSL_IMPORT SECStatus SSL_ConfigMPServerSIDCache(int maxCacheEntries,
+ PRUint32 timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory);
+
+/* Get and set the configured maximum number of mutexes used for the
+** server's store of SSL sessions. This value is used by the server
+** session ID cache initialization functions shown above. Note that on
+** some platforms, these mutexes are actually implemented with POSIX
+** semaphores, or with unnamed pipes. The default value varies by platform.
+** An attempt to set a too-low maximum will return an error and the
+** configured value will not be changed.
+*/
+SSL_IMPORT PRUint32 SSL_GetMaxServerCacheLocks(void);
+SSL_IMPORT SECStatus SSL_SetMaxServerCacheLocks(PRUint32 maxLocks);
+
+/* environment variable set by SSL_ConfigMPServerSIDCache, and queried by
+ * SSL_InheritMPServerSIDCache when envString is NULL.
+ */
+#define SSL_ENV_VAR_NAME "SSL_INHERITANCE"
+
+/* called in child to inherit SID Cache variables.
+ * If envString is NULL, this function will use the value of the environment
+ * variable "SSL_INHERITANCE", otherwise the string value passed in will be
+ * used.
+ */
+SSL_IMPORT SECStatus SSL_InheritMPServerSIDCache(const char *envString);
+
+/*
+** Set the callback that gets called when a TLS handshake is complete. The
+** handshake callback is called after verifying the peer's Finished message and
+** before processing incoming application data.
+**
+** For the initial handshake: If the handshake false started (see
+** SSL_ENABLE_FALSE_START), then application data may already have been sent
+** before the handshake callback is called. If we did not false start then the
+** callback will get called before any application data is sent.
+*/
+typedef void(PR_CALLBACK *SSLHandshakeCallback)(PRFileDesc *fd,
+ void *client_data);
+SSL_IMPORT SECStatus SSL_HandshakeCallback(PRFileDesc *fd,
+ SSLHandshakeCallback cb, void *client_data);
+
+/* Applications that wish to enable TLS false start must set this callback
+** function. NSS will invoke the functon to determine if a particular
+** connection should use false start or not. SECSuccess indicates that the
+** callback completed successfully, and if so *canFalseStart indicates if false
+** start can be used. If the callback does not return SECSuccess then the
+** handshake will be canceled. NSS's recommended criteria can be evaluated by
+** calling SSL_RecommendedCanFalseStart.
+**
+** If no false start callback is registered then false start will never be
+** done, even if the SSL_ENABLE_FALSE_START option is enabled.
+**/
+typedef SECStatus(PR_CALLBACK *SSLCanFalseStartCallback)(
+ PRFileDesc *fd, void *arg, PRBool *canFalseStart);
+
+SSL_IMPORT SECStatus SSL_SetCanFalseStartCallback(
+ PRFileDesc *fd, SSLCanFalseStartCallback callback, void *arg);
+
+/* This function sets *canFalseStart according to the recommended criteria for
+** false start. These criteria may change from release to release and may depend
+** on which handshake features have been negotiated and/or properties of the
+** certifciates/keys used on the connection.
+*/
+SSL_IMPORT SECStatus SSL_RecommendedCanFalseStart(PRFileDesc *fd,
+ PRBool *canFalseStart);
+
+/*
+** For the server, request a new handshake. For the client, begin a new
+** handshake. If flushCache is non-zero, the SSL3 cache entry will be
+** flushed first, ensuring that a full SSL handshake will be done.
+** If flushCache is zero, and an SSL connection is established, it will
+** do the much faster session restart handshake. This will change the
+** session keys without doing another private key operation.
+*/
+SSL_IMPORT SECStatus SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache);
+
+/*
+** Same as above, but with an I/O timeout.
+ */
+SSL_IMPORT SECStatus SSL_ReHandshakeWithTimeout(PRFileDesc *fd,
+ PRBool flushCache,
+ PRIntervalTime timeout);
+
+#ifdef SSL_DEPRECATED_FUNCTION
+/* deprecated!
+** For the server, request a new handshake. For the client, begin a new
+** handshake. Flushes SSL3 session cache entry first, ensuring that a
+** full handshake will be done.
+** This call is equivalent to SSL_ReHandshake(fd, PR_TRUE)
+*/
+SSL_IMPORT SECStatus SSL_RedoHandshake(PRFileDesc *fd);
+#endif
+
+/*
+ * Allow the application to pass a URL or hostname into the SSL library.
+ */
+SSL_IMPORT SECStatus SSL_SetURL(PRFileDesc *fd, const char *url);
+
+/*
+ * Allow an application to define a set of trust anchors for peer
+ * cert validation.
+ */
+SSL_IMPORT SECStatus SSL_SetTrustAnchors(PRFileDesc *fd, CERTCertList *list);
+
+/*
+** Return the number of bytes that SSL has waiting in internal buffers.
+** Return 0 if security is not enabled.
+*/
+SSL_IMPORT int SSL_DataPending(PRFileDesc *fd);
+
+/*
+** Invalidate the SSL session associated with fd.
+*/
+SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd);
+
+/*
+** Return a SECItem containing the SSL session ID associated with the fd.
+*/
+SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd);
+
+/*
+** Clear out the client's SSL session cache, not the server's session cache.
+*/
+SSL_IMPORT void SSL_ClearSessionCache(void);
+
+/*
+** Close the server's SSL session cache.
+*/
+SSL_IMPORT SECStatus SSL_ShutdownServerSessionIDCache(void);
+
+/*
+** Set peer information so we can correctly look up SSL session later.
+** You only have to do this if you're tunneling through a proxy.
+*/
+SSL_IMPORT SECStatus SSL_SetSockPeerID(PRFileDesc *fd, const char *peerID);
+
+/*
+** Reveal the security information for the peer.
+*/
+SSL_IMPORT CERTCertificate *SSL_RevealCert(PRFileDesc *socket);
+SSL_IMPORT void *SSL_RevealPinArg(PRFileDesc *socket);
+SSL_IMPORT char *SSL_RevealURL(PRFileDesc *socket);
+
+/* This callback may be passed to the SSL library via a call to
+ * SSL_GetClientAuthDataHook() for each SSL client socket.
+ * It will be invoked when SSL needs to know what certificate and private key
+ * (if any) to use to respond to a request for client authentication.
+ * If arg is non-NULL, it is a pointer to a NULL-terminated string containing
+ * the nickname of the cert/key pair to use.
+ * If arg is NULL, this function will search the cert and key databases for
+ * a suitable match and send it if one is found.
+ */
+SSL_IMPORT SECStatus
+NSS_GetClientAuthData(void *arg,
+ PRFileDesc *socket,
+ struct CERTDistNamesStr *caNames,
+ struct CERTCertificateStr **pRetCert,
+ struct SECKEYPrivateKeyStr **pRetKey);
+
+/*
+** Configure DTLS-SRTP (RFC 5764) cipher suite preferences.
+** Input is a list of ciphers in descending preference order and a length
+** of the list. As a side effect, this causes the use_srtp extension to be
+** negotiated.
+**
+** Invalid or unimplemented cipher suites in |ciphers| are ignored. If at
+** least one cipher suite in |ciphers| is implemented, returns SECSuccess.
+** Otherwise returns SECFailure.
+*/
+SSL_IMPORT SECStatus SSL_SetSRTPCiphers(PRFileDesc *fd,
+ const PRUint16 *ciphers,
+ unsigned int numCiphers);
+
+/*
+** Get the selected DTLS-SRTP cipher suite (if any).
+** To be called after the handshake completes.
+** Returns SECFailure if not negotiated.
+*/
+SSL_IMPORT SECStatus SSL_GetSRTPCipher(PRFileDesc *fd,
+ PRUint16 *cipher);
+
+/*
+ * Look to see if any of the signers in the cert chain for "cert" are found
+ * in the list of caNames.
+ * Returns SECSuccess if so, SECFailure if not.
+ * Used by NSS_GetClientAuthData. May be used by other callback functions.
+ */
+SSL_IMPORT SECStatus NSS_CmpCertChainWCANames(CERTCertificate *cert,
+ CERTDistNames *caNames);
+
+/* Deprecated. This reports a misleading value for certificates that might
+ * be used for signing rather than key exchange.
+ * Returns key exchange type of the keys in an SSL server certificate.
+ */
+SSL_IMPORT SSLKEAType NSS_FindCertKEAType(CERTCertificate *cert);
+
+/* Set cipher policies to a predefined Domestic (U.S.A.) policy.
+ * This essentially allows all supported ciphers.
+ */
+SSL_IMPORT SECStatus NSS_SetDomesticPolicy(void);
+
+/* Set cipher policies to a predefined Policy that is exportable from the USA
+ * according to present U.S. policies as we understand them.
+ * It is the same as NSS_SetDomesticPolicy now.
+ */
+SSL_IMPORT SECStatus NSS_SetExportPolicy(void);
+
+/* Set cipher policies to a predefined Policy that is exportable from the USA
+ * according to present U.S. policies as we understand them, and that the
+ * nation of France will permit to be imported into their country.
+ * It is the same as NSS_SetDomesticPolicy now.
+ */
+SSL_IMPORT SECStatus NSS_SetFrancePolicy(void);
+
+SSL_IMPORT SSL3Statistics *SSL_GetStatistics(void);
+
+/* Report more information than SSL_SecurityStatus.
+ * Caller supplies the info struct. This function fills it in. Caller should
+ * pass sizeof(SSLChannelInfo) as the |len| argument.
+ *
+ * The information here will be zeroed prior to details being confirmed. The
+ * details are confirmed either when a Finished message is received, or - for a
+ * client - when the second flight of messages have been sent. This function
+ * therefore produces unreliable results prior to receiving the
+ * SSLHandshakeCallback or the SSLCanFalseStartCallback.
+ */
+SSL_IMPORT SECStatus SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info,
+ PRUintn len);
+/* Get preliminary information about a channel.
+ * Caller supplies the info struct. This function fills it in. Caller should
+ * pass sizeof(SSLPreliminaryChannelInfo) as the |len| argument.
+ *
+ * This function can be called prior to handshake details being confirmed (see
+ * SSL_GetChannelInfo above for what that means). Thus, information provided by
+ * this function is available to SSLAuthCertificate, SSLGetClientAuthData,
+ * SSLSNISocketConfig, and other callbacks that might be called during the
+ * processing of the first flight of client of server handshake messages.
+ * Values are marked as being unavailable when renegotiation is initiated.
+ */
+SSL_IMPORT SECStatus
+SSL_GetPreliminaryChannelInfo(PRFileDesc *fd,
+ SSLPreliminaryChannelInfo *info,
+ PRUintn len);
+/* Get information about cipher suite with id of |cipherSuite|.
+ * Caller supplies the info struct. This function fills it in. Caller should
+ * pass sizeof(SSLCipherSuiteInfo) as the |len| argument.
+ */
+SSL_IMPORT SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite,
+ SSLCipherSuiteInfo *info, PRUintn len);
+
+/* Returnes negotiated through SNI host info. */
+SSL_IMPORT SECItem *SSL_GetNegotiatedHostInfo(PRFileDesc *fd);
+
+/* Export keying material according to RFC 5705.
+** fd must correspond to a TLS 1.0 or higher socket and out must
+** already be allocated. If hasContext is false, it uses the no-context
+** construction from the RFC and ignores the context and contextLen
+** arguments.
+*/
+SSL_IMPORT SECStatus SSL_ExportKeyingMaterial(PRFileDesc *fd,
+ const char *label,
+ unsigned int labelLen,
+ PRBool hasContext,
+ const unsigned char *context,
+ unsigned int contextLen,
+ unsigned char *out,
+ unsigned int outLen);
+
+/* Early exporters are used if 0-RTT is enabled. This is TLS 1.3 only. Note
+ * that in TLS 1.3, an empty context is equivalent to an absent context. */
+SSL_IMPORT SECStatus SSL_ExportEarlyKeyingMaterial(PRFileDesc *fd,
+ const char *label,
+ unsigned int labelLen,
+ const unsigned char *context,
+ unsigned int contextLen,
+ unsigned char *out,
+ unsigned int outLen);
+
+/*
+** Return a new reference to the certificate that was most recently sent
+** to the peer on this SSL/TLS connection, or NULL if none has been sent.
+*/
+SSL_IMPORT CERTCertificate *SSL_LocalCertificate(PRFileDesc *fd);
+
+#define SSL_CBP_SSL3 0x0001 /* (deprecated) */
+#define SSL_CBP_TLS1_0 0x0002 /* (deprecated) */
+
+/* DEPRECATED: The PKCS#11 bypass has been removed.
+** This function will now always return false. */
+SSL_IMPORT SECStatus SSL_CanBypass(CERTCertificate *cert,
+ SECKEYPrivateKey *privKey,
+ PRUint32 protocolmask,
+ PRUint16 *ciphers, int nciphers,
+ PRBool *pcanbypass, void *pwArg);
+
+/*
+** Did the handshake with the peer negotiate the given extension?
+** Output parameter valid only if function returns SECSuccess
+*/
+SSL_IMPORT SECStatus SSL_HandshakeNegotiatedExtension(PRFileDesc *socket,
+ SSLExtensionType extId,
+ PRBool *yes);
+
+/*
+** How long should we wait before retransmitting the next flight of
+** the DTLS handshake? Returns SECFailure if not DTLS or not in a
+** handshake.
+*/
+SSL_IMPORT SECStatus DTLS_GetHandshakeTimeout(PRFileDesc *socket,
+ PRIntervalTime *timeout);
+
+/*
+ * Return a boolean that indicates whether the underlying library
+ * will perform as the caller expects.
+ *
+ * The only argument is a string, which should be the version
+ * identifier of the NSS library. That string will be compared
+ * against a string that represents the actual build version of
+ * the SSL library.
+ */
+extern PRBool NSSSSL_VersionCheck(const char *importedVersion);
+
+/*
+ * Returns a const string of the SSL library version.
+ */
+extern const char *NSSSSL_GetVersion(void);
+
+/* Restart an SSL connection that was paused to do asynchronous certificate
+ * chain validation (when the auth certificate hook or bad cert handler
+ * returned SECWouldBlock).
+ *
+ * This function only works for non-blocking sockets; Do not use it for
+ * blocking sockets. Currently, this function works only for the client role of
+ * a connection; it does not work for the server role.
+ *
+ * The application must call SSL_AuthCertificateComplete with 0 as the value of
+ * the error parameter after it has successfully validated the peer's
+ * certificate, in order to continue the SSL handshake.
+ *
+ * The application may call SSL_AuthCertificateComplete with a non-zero value
+ * for error (e.g. SEC_ERROR_REVOKED_CERTIFICATE) when certificate validation
+ * fails, before it closes the connection. If the application does so, an
+ * alert corresponding to the error (e.g. certificate_revoked) will be sent to
+ * the peer. See the source code of the internal function
+ * ssl3_SendAlertForCertError for the current mapping of error to alert. This
+ * mapping may change in future versions of libssl.
+ *
+ * This function will not complete the entire handshake. The application must
+ * call SSL_ForceHandshake, PR_Recv, PR_Send, etc. after calling this function
+ * to force the handshake to complete.
+ *
+ * On the first handshake of a connection, libssl will wait for the peer's
+ * certificate to be authenticated before calling the handshake callback,
+ * sending a client certificate, sending any application data, or returning
+ * any application data to the application. On subsequent (renegotiation)
+ * handshakes, libssl will block the handshake unconditionally while the
+ * certificate is being validated.
+ *
+ * libssl may send and receive handshake messages while waiting for the
+ * application to call SSL_AuthCertificateComplete, and it may call other
+ * callbacks (e.g, the client auth data hook) before
+ * SSL_AuthCertificateComplete has been called.
+ *
+ * An application that uses this asynchronous mechanism will usually have lower
+ * handshake latency if it has to do public key operations on the certificate
+ * chain and/or CRL/OCSP/cert fetching during the authentication, especially if
+ * it does so in parallel on another thread. However, if the application can
+ * authenticate the peer's certificate quickly then it may be more efficient
+ * to use the synchronous mechanism (i.e. returning SECFailure/SECSuccess
+ * instead of SECWouldBlock from the authenticate certificate hook).
+ *
+ * Be careful about converting an application from synchronous cert validation
+ * to asynchronous certificate validation. A naive conversion is likely to
+ * result in deadlocks; e.g. the application will wait in PR_Poll for network
+ * I/O on the connection while all network I/O on the connection is blocked
+ * waiting for this function to be called.
+ *
+ * Returns SECFailure on failure, SECSuccess on success. Never returns
+ * SECWouldBlock. Note that SSL_AuthCertificateComplete will (usually) return
+ * SECSuccess; do not interpret the return value of SSL_AuthCertificateComplete
+ * as an indicator of whether it is OK to continue using the connection. For
+ * example, SSL_AuthCertificateComplete(fd, SEC_ERROR_REVOKED_CERTIFICATE) will
+ * return SECSuccess (normally), but that does not mean that the application
+ * should continue using the connection. If the application passes a non-zero
+ * value for second argument (error), or if SSL_AuthCertificateComplete returns
+ * anything other than SECSuccess, then the application should close the
+ * connection.
+ */
+SSL_IMPORT SECStatus SSL_AuthCertificateComplete(PRFileDesc *fd,
+ PRErrorCode error);
+SEC_END_PROTOS
+
+#endif /* __ssl_h_ */
diff --git a/security/nss/lib/ssl/ssl.rc b/security/nss/lib/ssl/ssl.rc
new file mode 100644
index 000000000..809a07e5f
--- /dev/null
+++ b/security/nss/lib/ssl/ssl.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nss.h"
+#include <winver.h>
+
+#define MY_LIBNAME "ssl"
+#define MY_FILEDESCRIPTION "NSS SSL Library"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if NSS_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,NSS_VBUILD
+ PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,NSS_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", NSS_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", NSS_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
new file mode 100644
index 000000000..186ce23f3
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -0,0 +1,13350 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * SSL3 Protocol
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */
+
+#include "cert.h"
+#include "ssl.h"
+#include "cryptohi.h" /* for DSAU_ stuff */
+#include "keyhi.h"
+#include "secder.h"
+#include "secitem.h"
+#include "sechash.h"
+
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "sslerr.h"
+#include "ssl3ext.h"
+#include "ssl3exthandle.h"
+#include "prtime.h"
+#include "prinrval.h"
+#include "prerror.h"
+#include "pratom.h"
+#include "prthread.h"
+#include "nss.h"
+#include "nssoptions.h"
+
+#include "pk11func.h"
+#include "secmod.h"
+#include "blapi.h"
+
+#include <stdio.h>
+#ifdef NSS_SSL_ENABLE_ZLIB
+#include "zlib.h"
+#endif
+
+#ifndef PK11_SETATTRS
+#define PK11_SETATTRS(x, id, v, l) \
+ (x)->type = (id); \
+ (x)->pValue = (v); \
+ (x)->ulValueLen = (l);
+#endif
+
+static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
+ PK11SlotInfo *serverKeySlot);
+static SECStatus ssl3_DeriveMasterSecret(sslSocket *ss, PK11SymKey *pms);
+static SECStatus ssl3_DeriveConnectionKeys(sslSocket *ss);
+static SECStatus ssl3_HandshakeFailure(sslSocket *ss);
+static SECStatus ssl3_SendCertificate(sslSocket *ss);
+static SECStatus ssl3_SendCertificateRequest(sslSocket *ss);
+static SECStatus ssl3_SendNextProto(sslSocket *ss);
+static SECStatus ssl3_SendFinished(sslSocket *ss, PRInt32 flags);
+static SECStatus ssl3_SendServerHelloDone(sslSocket *ss);
+static SECStatus ssl3_SendServerKeyExchange(sslSocket *ss);
+static SECStatus ssl3_HandleClientHelloPart2(sslSocket *ss,
+ SECItem *suites,
+ SECItem *comps,
+ sslSessionID *sid);
+static SECStatus ssl3_HandleServerHelloPart2(sslSocket *ss,
+ const SECItem *sidBytes,
+ int *retErrCode);
+static SECStatus ssl3_HandlePostHelloHandshakeMessage(sslSocket *ss,
+ SSL3Opaque *b,
+ PRUint32 length,
+ SSL3Hashes *hashesPtr);
+static SECStatus ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags);
+
+static SECStatus Null_Cipher(void *ctx, unsigned char *output, int *outputLen,
+ int maxOutputLen, const unsigned char *input,
+ int inputLen);
+
+static CK_MECHANISM_TYPE ssl3_GetHashMechanismByHashType(SSLHashType hashType);
+static CK_MECHANISM_TYPE ssl3_GetMgfMechanismByHashType(SSLHashType hash);
+PRBool ssl_IsRsaPssSignatureScheme(SSLSignatureScheme scheme);
+
+#define MAX_SEND_BUF_LENGTH 32000 /* watch for 16-bit integer overflow */
+#define MIN_SEND_BUF_LENGTH 4000
+
+/* This list of SSL3 cipher suites is sorted in descending order of
+ * precedence (desirability). It only includes cipher suites we implement.
+ * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites
+ * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c)
+ *
+ * Important: See bug 946147 before enabling, reordering, or adding any cipher
+ * suites to this list.
+ */
+/* clang-format off */
+static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
+ /* cipher_suite policy enabled isPresent */
+ /* Special TLS 1.3 suites. */
+ { TLS_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE },
+ { TLS_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE },
+ { TLS_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE },
+
+ { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around
+ * bug 946147.
+ */
+ { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+
+ { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,SSL_ALLOWED,PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+
+ { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+
+ /* RSA */
+ { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_SEED_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_RC4_128_MD5, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+
+ /* 56-bit DES "domestic" cipher suites */
+ { TLS_DHE_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_DSS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+
+ /* ciphersuites with no encryption */
+ { TLS_ECDHE_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_NULL_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_NULL_MD5, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+};
+/* clang-format on */
+
+/* This is the default supported set of signature schemes. The order of the
+ * hashes here is all that is important, since that will (sometimes) determine
+ * which hash we use. The key pair (i.e., cert) is the primary thing that
+ * determines what we use and this doesn't affect how we select key pairs. The
+ * order of signature types is based on the same rules for ordering we use for
+ * cipher suites just for consistency.
+ */
+static const SSLSignatureScheme defaultSignatureSchemes[] = {
+ ssl_sig_ecdsa_secp256r1_sha256,
+ ssl_sig_ecdsa_secp384r1_sha384,
+ ssl_sig_ecdsa_secp521r1_sha512,
+ ssl_sig_ecdsa_sha1,
+ ssl_sig_rsa_pss_sha256,
+ ssl_sig_rsa_pss_sha384,
+ ssl_sig_rsa_pss_sha512,
+ ssl_sig_rsa_pkcs1_sha256,
+ ssl_sig_rsa_pkcs1_sha384,
+ ssl_sig_rsa_pkcs1_sha512,
+ ssl_sig_rsa_pkcs1_sha1,
+ ssl_sig_dsa_sha256,
+ ssl_sig_dsa_sha384,
+ ssl_sig_dsa_sha512,
+ ssl_sig_dsa_sha1
+};
+PR_STATIC_ASSERT(PR_ARRAY_SIZE(defaultSignatureSchemes) <=
+ MAX_SIGNATURE_SCHEMES);
+
+/* Verify that SSL_ImplementedCiphers and cipherSuites are in consistent order.
+ */
+#ifdef DEBUG
+void
+ssl3_CheckCipherSuiteOrderConsistency()
+{
+ unsigned int i;
+
+ PORT_Assert(SSL_NumImplementedCiphers == PR_ARRAY_SIZE(cipherSuites));
+
+ for (i = 0; i < PR_ARRAY_SIZE(cipherSuites); ++i) {
+ PORT_Assert(SSL_ImplementedCiphers[i] == cipherSuites[i].cipher_suite);
+ }
+}
+#endif
+
+/* This list of SSL3 compression methods is sorted in descending order of
+ * precedence (desirability). It only includes compression methods we
+ * implement.
+ */
+static const SSLCompressionMethod ssl_compression_methods[] = {
+#ifdef NSS_SSL_ENABLE_ZLIB
+ ssl_compression_deflate,
+#endif
+ ssl_compression_null
+};
+
+static const unsigned int ssl_compression_method_count =
+ PR_ARRAY_SIZE(ssl_compression_methods);
+
+/* compressionEnabled returns true iff the compression algorithm is enabled
+ * for the given SSL socket. */
+static PRBool
+ssl_CompressionEnabled(sslSocket *ss, SSLCompressionMethod compression)
+{
+ SSL3ProtocolVersion version;
+
+ if (compression == ssl_compression_null) {
+ return PR_TRUE; /* Always enabled */
+ }
+ if (ss->sec.isServer) {
+ /* We can't easily check that the client didn't attempt TLS 1.3,
+ * so this will have to do. */
+ PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3);
+ version = ss->version;
+ } else {
+ version = ss->vrange.max;
+ }
+ if (version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ return PR_FALSE;
+ }
+#ifdef NSS_SSL_ENABLE_ZLIB
+ if (compression == ssl_compression_deflate) {
+ if (IS_DTLS(ss)) {
+ return PR_FALSE;
+ }
+ return ss->opt.enableDeflate;
+ }
+#endif
+ return PR_FALSE;
+}
+
+static const /*SSL3ClientCertificateType */ PRUint8 certificate_types[] = {
+ ct_RSA_sign,
+ ct_ECDSA_sign,
+ ct_DSS_sign,
+};
+
+/* This global item is used only in servers. It is is initialized by
+** SSL_ConfigSecureServer(), and is used in ssl3_SendCertificateRequest().
+*/
+CERTDistNames *ssl3_server_ca_list = NULL;
+static SSL3Statistics ssl3stats;
+
+/* Record protection algorithms, indexed by SSL3BulkCipher.
+ *
+ * The |max_records| field (|mr| below) is set to a number that is higher than
+ * recommended in some literature (esp. TLS 1.3) because we currently abort the
+ * connection when this limit is reached and we want to ensure that we only
+ * rarely hit this limit. See bug 1268745 for details.
+ */
+#define MR_MAX RECORD_SEQ_MAX /* 2^48-1 */
+#define MR_128 (0x5aULL << 28) /* For AES and similar. */
+#define MR_LOW (1ULL << 20) /* For weak ciphers. */
+/* clang-format off */
+static const ssl3BulkCipherDef bulk_cipher_defs[] = {
+ /* |--------- Lengths ---------| */
+ /* cipher calg : s : */
+ /* : e b n */
+ /* oid short_name mr : l o */
+ /* k r o t n */
+ /* e e i c a c */
+ /* y t type v k g e */
+ {cipher_null, calg_null, 0, 0, type_stream, 0, 0, 0, 0,
+ SEC_OID_NULL_CIPHER, "NULL", MR_MAX},
+ {cipher_rc4, calg_rc4, 16,16, type_stream, 0, 0, 0, 0,
+ SEC_OID_RC4, "RC4", MR_LOW},
+ {cipher_des, calg_des, 8, 8, type_block, 8, 8, 0, 0,
+ SEC_OID_DES_CBC, "DES-CBC", MR_LOW},
+ {cipher_3des, calg_3des, 24,24, type_block, 8, 8, 0, 0,
+ SEC_OID_DES_EDE3_CBC, "3DES-EDE-CBC", MR_LOW},
+ {cipher_aes_128, calg_aes, 16,16, type_block, 16,16, 0, 0,
+ SEC_OID_AES_128_CBC, "AES-128", MR_128},
+ {cipher_aes_256, calg_aes, 32,32, type_block, 16,16, 0, 0,
+ SEC_OID_AES_256_CBC, "AES-256", MR_128},
+ {cipher_camellia_128, calg_camellia, 16,16, type_block, 16,16, 0, 0,
+ SEC_OID_CAMELLIA_128_CBC, "Camellia-128", MR_128},
+ {cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0,
+ SEC_OID_CAMELLIA_256_CBC, "Camellia-256", MR_128},
+ {cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0,
+ SEC_OID_SEED_CBC, "SEED-CBC", MR_128},
+ {cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8,
+ SEC_OID_AES_128_GCM, "AES-128-GCM", MR_128},
+ {cipher_aes_256_gcm, calg_aes_gcm, 32,32, type_aead, 4, 0,16, 8,
+ SEC_OID_AES_256_GCM, "AES-256-GCM", MR_128},
+ {cipher_chacha20, calg_chacha20, 32,32, type_aead, 12, 0,16, 0,
+ SEC_OID_CHACHA20_POLY1305, "ChaCha20-Poly1305", MR_MAX},
+ {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0,
+ SEC_OID_UNKNOWN, "missing", 0U},
+};
+
+static const ssl3KEADef kea_defs[] =
+{ /* indexed by SSL3KeyExchangeAlgorithm */
+ /* kea exchKeyType signKeyType authKeyType ephemeral oid */
+ {kea_null, ssl_kea_null, nullKey, ssl_auth_null, PR_FALSE, 0},
+ {kea_rsa, ssl_kea_rsa, nullKey, ssl_auth_rsa_decrypt, PR_FALSE, SEC_OID_TLS_RSA},
+ {kea_dh_dss, ssl_kea_dh, dsaKey, ssl_auth_dsa, PR_FALSE, SEC_OID_TLS_DH_DSS},
+ {kea_dh_rsa, ssl_kea_dh, rsaKey, ssl_auth_rsa_sign, PR_FALSE, SEC_OID_TLS_DH_RSA},
+ {kea_dhe_dss, ssl_kea_dh, dsaKey, ssl_auth_dsa, PR_TRUE, SEC_OID_TLS_DHE_DSS},
+ {kea_dhe_rsa, ssl_kea_dh, rsaKey, ssl_auth_rsa_sign, PR_TRUE, SEC_OID_TLS_DHE_RSA},
+ {kea_dh_anon, ssl_kea_dh, nullKey, ssl_auth_null, PR_TRUE, SEC_OID_TLS_DH_ANON},
+ {kea_ecdh_ecdsa, ssl_kea_ecdh, nullKey, ssl_auth_ecdh_ecdsa, PR_FALSE, SEC_OID_TLS_ECDH_ECDSA},
+ {kea_ecdhe_ecdsa, ssl_kea_ecdh, ecKey, ssl_auth_ecdsa, PR_TRUE, SEC_OID_TLS_ECDHE_ECDSA},
+ {kea_ecdh_rsa, ssl_kea_ecdh, nullKey, ssl_auth_ecdh_rsa, PR_FALSE, SEC_OID_TLS_ECDH_RSA},
+ {kea_ecdhe_rsa, ssl_kea_ecdh, rsaKey, ssl_auth_rsa_sign, PR_TRUE, SEC_OID_TLS_ECDHE_RSA},
+ {kea_ecdh_anon, ssl_kea_ecdh, nullKey, ssl_auth_null, PR_TRUE, SEC_OID_TLS_ECDH_ANON},
+ {kea_ecdhe_psk, ssl_kea_ecdh_psk, nullKey, ssl_auth_psk, PR_TRUE, SEC_OID_TLS_ECDHE_PSK},
+ {kea_dhe_psk, ssl_kea_dh_psk, nullKey, ssl_auth_psk, PR_TRUE, SEC_OID_TLS_DHE_PSK},
+ {kea_tls13_any, ssl_kea_tls13_any, nullKey, ssl_auth_tls13_any, PR_TRUE, SEC_OID_TLS13_KEA_ANY},
+};
+
+/* must use ssl_LookupCipherSuiteDef to access */
+static const ssl3CipherSuiteDef cipher_suite_defs[] =
+{
+/* cipher_suite bulk_cipher_alg mac_alg key_exchange_alg prf_hash */
+/* Note that the prf_hash_alg is the hash function used by the PRF, see sslimpl.h. */
+
+ {TLS_NULL_WITH_NULL_NULL, cipher_null, mac_null, kea_null, ssl_hash_none},
+ {TLS_RSA_WITH_NULL_MD5, cipher_null, mac_md5, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_NULL_SHA256, cipher_null, hmac_sha256, kea_rsa, ssl_hash_sha256},
+ {TLS_RSA_WITH_RC4_128_MD5, cipher_rc4, mac_md5, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_DHE_DSS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ cipher_3des, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_DSS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_rsa, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ cipher_3des, mac_sha, kea_dhe_rsa, ssl_hash_none},
+
+
+/* New TLS cipher suites */
+ {TLS_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_rsa, ssl_hash_sha256},
+ {TLS_DHE_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_rsa, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_dhe_rsa, ssl_hash_sha256},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_AES_256_CBC_SHA256, cipher_aes_256, hmac_sha256, kea_rsa, ssl_hash_sha256},
+ {TLS_DHE_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_rsa, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, cipher_aes_256, hmac_sha256, kea_dhe_rsa, ssl_hash_sha256},
+ {TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, cipher_aes_256_gcm, mac_aead, kea_dhe_rsa, ssl_hash_sha384},
+
+ {TLS_RSA_WITH_SEED_CBC_SHA, cipher_seed, mac_sha, kea_rsa, ssl_hash_none},
+
+ {TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, cipher_camellia_128, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ cipher_camellia_128, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ cipher_camellia_128, mac_sha, kea_dhe_rsa, ssl_hash_none},
+ {TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, cipher_camellia_256, mac_sha, kea_rsa, ssl_hash_none},
+ {TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ cipher_camellia_256, mac_sha, kea_dhe_dss, ssl_hash_none},
+ {TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ cipher_camellia_256, mac_sha, kea_dhe_rsa, ssl_hash_none},
+
+ {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_rsa, ssl_hash_sha256},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa, ssl_hash_sha256},
+
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ecdhe_rsa, ssl_hash_sha256},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha256},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, cipher_aes_256_gcm, mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha384},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, cipher_aes_256_gcm, mac_aead, kea_ecdhe_rsa, ssl_hash_sha384},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, cipher_aes_256, hmac_sha384, kea_ecdhe_ecdsa, ssl_hash_sha384},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, cipher_aes_256, hmac_sha384, kea_ecdhe_rsa, ssl_hash_sha384},
+ {TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_dss, ssl_hash_sha256},
+ {TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_dhe_dss, ssl_hash_sha256},
+ {TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, cipher_aes_256, hmac_sha256, kea_dhe_dss, ssl_hash_sha256},
+ {TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, cipher_aes_256_gcm, mac_aead, kea_dhe_dss, ssl_hash_sha384},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, cipher_aes_256_gcm, mac_aead, kea_rsa, ssl_hash_sha384},
+
+ {TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, cipher_chacha20, mac_aead, kea_dhe_rsa, ssl_hash_sha256},
+
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, cipher_chacha20, mac_aead, kea_ecdhe_rsa, ssl_hash_sha256},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, cipher_chacha20, mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha256},
+
+ {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa, ssl_hash_none},
+ {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa, ssl_hash_none},
+ {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa, ssl_hash_none},
+ {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_ecdsa, ssl_hash_none},
+ {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_ecdsa, ssl_hash_none},
+
+ {TLS_ECDHE_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdhe_ecdsa, ssl_hash_none},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_ecdsa, ssl_hash_none},
+ {TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdhe_ecdsa, ssl_hash_none},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdhe_ecdsa, ssl_hash_none},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_ecdhe_ecdsa, ssl_hash_sha256},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdhe_ecdsa, ssl_hash_none},
+
+ {TLS_ECDH_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_rsa, ssl_hash_none},
+ {TLS_ECDH_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_rsa, ssl_hash_none},
+ {TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_rsa, ssl_hash_none},
+ {TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_rsa, ssl_hash_none},
+ {TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_rsa, ssl_hash_none},
+
+ {TLS_ECDHE_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdhe_rsa, ssl_hash_none},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_rsa, ssl_hash_none},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdhe_rsa, ssl_hash_none},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdhe_rsa, ssl_hash_none},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_ecdhe_rsa, ssl_hash_sha256},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdhe_rsa, ssl_hash_none},
+
+ {TLS_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_tls13_any, ssl_hash_sha256},
+ {TLS_CHACHA20_POLY1305_SHA256, cipher_chacha20, mac_aead, kea_tls13_any, ssl_hash_sha256},
+ {TLS_AES_256_GCM_SHA384, cipher_aes_256_gcm, mac_aead, kea_tls13_any, ssl_hash_sha384},
+};
+/* clang-format on */
+
+static const CK_MECHANISM_TYPE auth_alg_defs[] = {
+ CKM_INVALID_MECHANISM, /* ssl_auth_null */
+ CKM_RSA_PKCS, /* ssl_auth_rsa_decrypt */
+ CKM_DSA, /* ? _SHA1 */ /* ssl_auth_dsa */
+ CKM_INVALID_MECHANISM, /* ssl_auth_kea (unused) */
+ CKM_ECDSA, /* ssl_auth_ecdsa */
+ CKM_ECDH1_DERIVE, /* ssl_auth_ecdh_rsa */
+ CKM_ECDH1_DERIVE, /* ssl_auth_ecdh_ecdsa */
+ CKM_RSA_PKCS, /* ssl_auth_rsa_sign */
+ CKM_RSA_PKCS_PSS, /* ssl_auth_rsa_pss */
+ CKM_NSS_HKDF_SHA256, /* ssl_auth_psk (just check for HKDF) */
+ CKM_INVALID_MECHANISM /* ssl_auth_tls13_any */
+};
+PR_STATIC_ASSERT(PR_ARRAY_SIZE(auth_alg_defs) == ssl_auth_size);
+
+static const CK_MECHANISM_TYPE kea_alg_defs[] = {
+ CKM_INVALID_MECHANISM, /* ssl_kea_null */
+ CKM_RSA_PKCS, /* ssl_kea_rsa */
+ CKM_DH_PKCS_DERIVE, /* ssl_kea_dh */
+ CKM_INVALID_MECHANISM, /* ssl_kea_fortezza (unused) */
+ CKM_ECDH1_DERIVE, /* ssl_kea_ecdh */
+ CKM_ECDH1_DERIVE, /* ssl_kea_ecdh_psk */
+ CKM_DH_PKCS_DERIVE, /* ssl_kea_dh_psk */
+ CKM_INVALID_MECHANISM, /* ssl_kea_tls13_any */
+};
+PR_STATIC_ASSERT(PR_ARRAY_SIZE(kea_alg_defs) == ssl_kea_size);
+
+typedef struct SSLCipher2MechStr {
+ SSLCipherAlgorithm calg;
+ CK_MECHANISM_TYPE cmech;
+} SSLCipher2Mech;
+
+/* indexed by type SSLCipherAlgorithm */
+static const SSLCipher2Mech alg2Mech[] = {
+ /* calg, cmech */
+ { calg_null, (CK_MECHANISM_TYPE)0x80000000L },
+ { calg_rc4, CKM_RC4 },
+ { calg_rc2, CKM_RC2_CBC },
+ { calg_des, CKM_DES_CBC },
+ { calg_3des, CKM_DES3_CBC },
+ { calg_idea, CKM_IDEA_CBC },
+ { calg_fortezza, CKM_SKIPJACK_CBC64 },
+ { calg_aes, CKM_AES_CBC },
+ { calg_camellia, CKM_CAMELLIA_CBC },
+ { calg_seed, CKM_SEED_CBC },
+ { calg_aes_gcm, CKM_AES_GCM },
+ { calg_chacha20, CKM_NSS_CHACHA20_POLY1305 },
+ /* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */
+};
+
+#define mmech_invalid (CK_MECHANISM_TYPE)0x80000000L
+#define mmech_md5 CKM_SSL3_MD5_MAC
+#define mmech_sha CKM_SSL3_SHA1_MAC
+#define mmech_md5_hmac CKM_MD5_HMAC
+#define mmech_sha_hmac CKM_SHA_1_HMAC
+#define mmech_sha256_hmac CKM_SHA256_HMAC
+#define mmech_sha384_hmac CKM_SHA384_HMAC
+
+/* clang-format off */
+static const ssl3MACDef mac_defs[] = { /* indexed by SSL3MACAlgorithm */
+ /* pad_size is only used for SSL 3.0 MAC. See RFC 6101 Sec. 5.2.3.1. */
+ /* mac mmech pad_size mac_size */
+ { mac_null, mmech_invalid, 0, 0 , 0},
+ { mac_md5, mmech_md5, 48, MD5_LENGTH, SEC_OID_HMAC_MD5 },
+ { mac_sha, mmech_sha, 40, SHA1_LENGTH, SEC_OID_HMAC_SHA1},
+ {hmac_md5, mmech_md5_hmac, 0, MD5_LENGTH, SEC_OID_HMAC_MD5},
+ {hmac_sha, mmech_sha_hmac, 0, SHA1_LENGTH, SEC_OID_HMAC_SHA1},
+ {hmac_sha256, mmech_sha256_hmac, 0, SHA256_LENGTH, SEC_OID_HMAC_SHA256},
+ { mac_aead, mmech_invalid, 0, 0, 0 },
+ {hmac_sha384, mmech_sha384_hmac, 0, SHA384_LENGTH, SEC_OID_HMAC_SHA384}
+};
+/* clang-format on */
+
+const PRUint8 tls13_downgrade_random[] = { 0x44, 0x4F, 0x57, 0x4E,
+ 0x47, 0x52, 0x44, 0x01 };
+const PRUint8 tls12_downgrade_random[] = { 0x44, 0x4F, 0x57, 0x4E,
+ 0x47, 0x52, 0x44, 0x00 };
+PR_STATIC_ASSERT(sizeof(tls13_downgrade_random) ==
+ sizeof(tls13_downgrade_random));
+
+/* The ECCWrappedKeyInfo structure defines how various pieces of
+ * information are laid out within wrappedSymmetricWrappingkey
+ * for ECDH key exchange. Since wrappedSymmetricWrappingkey is
+ * a 512-byte buffer (see sslimpl.h), the variable length field
+ * in ECCWrappedKeyInfo can be at most (512 - 8) = 504 bytes.
+ *
+ * XXX For now, NSS only supports named elliptic curves of size 571 bits
+ * or smaller. The public value will fit within 145 bytes and EC params
+ * will fit within 12 bytes. We'll need to revisit this when NSS
+ * supports arbitrary curves.
+ */
+#define MAX_EC_WRAPPED_KEY_BUFLEN 504
+
+typedef struct ECCWrappedKeyInfoStr {
+ PRUint16 size; /* EC public key size in bits */
+ PRUint16 encodedParamLen; /* length (in bytes) of DER encoded EC params */
+ PRUint16 pubValueLen; /* length (in bytes) of EC public value */
+ PRUint16 wrappedKeyLen; /* length (in bytes) of the wrapped key */
+ PRUint8 var[MAX_EC_WRAPPED_KEY_BUFLEN]; /* this buffer contains the */
+ /* EC public-key params, the EC public value and the wrapped key */
+} ECCWrappedKeyInfo;
+
+CK_MECHANISM_TYPE
+ssl3_Alg2Mech(SSLCipherAlgorithm calg)
+{
+ PORT_Assert(alg2Mech[calg].calg == calg);
+ return alg2Mech[calg].cmech;
+}
+
+#if defined(TRACE)
+
+static char *
+ssl3_DecodeHandshakeType(int msgType)
+{
+ char *rv;
+ static char line[40];
+
+ switch (msgType) {
+ case hello_request:
+ rv = "hello_request (0)";
+ break;
+ case client_hello:
+ rv = "client_hello (1)";
+ break;
+ case server_hello:
+ rv = "server_hello (2)";
+ break;
+ case hello_verify_request:
+ rv = "hello_verify_request (3)";
+ break;
+ case new_session_ticket:
+ rv = "session_ticket (4)";
+ break;
+ case hello_retry_request:
+ rv = "hello_retry_request (6)";
+ break;
+ case encrypted_extensions:
+ rv = "encrypted_extensions (8)";
+ break;
+ case certificate:
+ rv = "certificate (11)";
+ break;
+ case server_key_exchange:
+ rv = "server_key_exchange (12)";
+ break;
+ case certificate_request:
+ rv = "certificate_request (13)";
+ break;
+ case server_hello_done:
+ rv = "server_hello_done (14)";
+ break;
+ case certificate_verify:
+ rv = "certificate_verify (15)";
+ break;
+ case client_key_exchange:
+ rv = "client_key_exchange (16)";
+ break;
+ case finished:
+ rv = "finished (20)";
+ break;
+ default:
+ sprintf(line, "*UNKNOWN* handshake type! (%d)", msgType);
+ rv = line;
+ }
+ return rv;
+}
+
+static char *
+ssl3_DecodeContentType(int msgType)
+{
+ char *rv;
+ static char line[40];
+
+ switch (msgType) {
+ case content_change_cipher_spec:
+ rv = "change_cipher_spec (20)";
+ break;
+ case content_alert:
+ rv = "alert (21)";
+ break;
+ case content_handshake:
+ rv = "handshake (22)";
+ break;
+ case content_application_data:
+ rv = "application_data (23)";
+ break;
+ default:
+ sprintf(line, "*UNKNOWN* record type! (%d)", msgType);
+ rv = line;
+ }
+ return rv;
+}
+
+#endif
+
+SSL3Statistics *
+SSL_GetStatistics(void)
+{
+ return &ssl3stats;
+}
+
+typedef struct tooLongStr {
+#if defined(IS_LITTLE_ENDIAN)
+ PRInt32 low;
+ PRInt32 high;
+#else
+ PRInt32 high;
+ PRInt32 low;
+#endif
+} tooLong;
+
+void
+SSL_AtomicIncrementLong(long *x)
+{
+ if ((sizeof *x) == sizeof(PRInt32)) {
+ PR_ATOMIC_INCREMENT((PRInt32 *)x);
+ } else {
+ tooLong *tl = (tooLong *)x;
+ if (PR_ATOMIC_INCREMENT(&tl->low) == 0)
+ PR_ATOMIC_INCREMENT(&tl->high);
+ }
+}
+
+static PRBool
+ssl3_CipherSuiteAllowedForVersionRange(
+ ssl3CipherSuite cipherSuite,
+ const SSLVersionRange *vrange)
+{
+ switch (cipherSuite) {
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+ case TLS_RSA_WITH_AES_256_CBC_SHA256:
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+ case TLS_RSA_WITH_AES_128_CBC_SHA256:
+ case TLS_RSA_WITH_AES_128_GCM_SHA256:
+ case TLS_RSA_WITH_AES_256_GCM_SHA384:
+ case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+ case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+ case TLS_RSA_WITH_NULL_SHA256:
+ case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+ case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+ case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+ case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+ case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+ case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+ case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+ case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+ case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+ case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+ case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+ return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_2 &&
+ vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
+
+ /* RFC 4492: ECC cipher suites need TLS extensions to negotiate curves and
+ * point formats.*/
+ case TLS_ECDH_ECDSA_WITH_NULL_SHA:
+ case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+ case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+ case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+ case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+ case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+ case TLS_ECDH_RSA_WITH_NULL_SHA:
+ case TLS_ECDH_RSA_WITH_RC4_128_SHA:
+ case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+ case TLS_ECDHE_RSA_WITH_NULL_SHA:
+ case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+ case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+ return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_0 &&
+ vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
+
+ case TLS_AES_128_GCM_SHA256:
+ case TLS_AES_256_GCM_SHA384:
+ case TLS_CHACHA20_POLY1305_SHA256:
+ return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_3;
+
+ default:
+ return vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
+ }
+}
+
+/* return pointer to ssl3CipherSuiteDef for suite, or NULL */
+/* XXX This does a linear search. A binary search would be better. */
+const ssl3CipherSuiteDef *
+ssl_LookupCipherSuiteDef(ssl3CipherSuite suite)
+{
+ int cipher_suite_def_len =
+ sizeof(cipher_suite_defs) / sizeof(cipher_suite_defs[0]);
+ int i;
+
+ for (i = 0; i < cipher_suite_def_len; i++) {
+ if (cipher_suite_defs[i].cipher_suite == suite)
+ return &cipher_suite_defs[i];
+ }
+ PORT_Assert(PR_FALSE); /* We should never get here. */
+ PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
+ return NULL;
+}
+
+/* Find the cipher configuration struct associate with suite */
+/* XXX This does a linear search. A binary search would be better. */
+static ssl3CipherSuiteCfg *
+ssl_LookupCipherSuiteCfgMutable(ssl3CipherSuite suite,
+ ssl3CipherSuiteCfg *suites)
+{
+ int i;
+
+ for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
+ if (suites[i].cipher_suite == suite)
+ return &suites[i];
+ }
+ /* return NULL and let the caller handle it. */
+ PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
+ return NULL;
+}
+
+const static ssl3CipherSuiteCfg *
+ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, const ssl3CipherSuiteCfg *suites)
+{
+ return ssl_LookupCipherSuiteCfgMutable(suite,
+ CONST_CAST(ssl3CipherSuiteCfg, suites));
+}
+
+static PRBool
+ssl_NamedGroupTypeEnabled(const sslSocket *ss, SSLKEAType keaType)
+{
+ unsigned int i;
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ss->namedGroupPreferences[i] &&
+ ss->namedGroupPreferences[i]->keaType == keaType) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+static PRBool
+ssl_KEAEnabled(const sslSocket *ss, SSLKEAType keaType)
+{
+ switch (keaType) {
+ case ssl_kea_rsa:
+ return PR_TRUE;
+
+ case ssl_kea_dh:
+ case ssl_kea_dh_psk: {
+ if (ss->sec.isServer && !ss->opt.enableServerDhe) {
+ return PR_FALSE;
+ }
+
+ if (ss->sec.isServer) {
+ /* If the server requires named FFDHE groups, then the client
+ * must have included an FFDHE group. peerSupportsFfdheGroups
+ * is set to true in ssl_HandleSupportedGroupsXtn(). */
+ if (ss->opt.requireDHENamedGroups &&
+ !ss->xtnData.peerSupportsFfdheGroups) {
+ return PR_FALSE;
+ }
+
+ /* We can use the weak DH group if all of these are true:
+ * 1. We don't require named groups.
+ * 2. The peer doesn't support named groups.
+ * 3. This isn't TLS 1.3.
+ * 4. The weak group is enabled. */
+ if (!ss->opt.requireDHENamedGroups &&
+ !ss->xtnData.peerSupportsFfdheGroups &&
+ ss->version < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ ss->ssl3.dheWeakGroupEnabled) {
+ return PR_TRUE;
+ }
+ } else {
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ !ss->opt.requireDHENamedGroups) {
+ /* The client enables DHE cipher suites even if no DHE groups
+ * are enabled. Only if this isn't TLS 1.3 and named groups
+ * are not required. */
+ return PR_TRUE;
+ }
+ }
+ return ssl_NamedGroupTypeEnabled(ss, ssl_kea_dh);
+ }
+
+ case ssl_kea_ecdh:
+ case ssl_kea_ecdh_psk:
+ return ssl_NamedGroupTypeEnabled(ss, ssl_kea_ecdh);
+
+ case ssl_kea_tls13_any:
+ return PR_TRUE;
+
+ case ssl_kea_fortezza:
+ default:
+ PORT_Assert(0);
+ }
+ return PR_FALSE;
+}
+
+static PRBool
+ssl_HasCert(const sslSocket *ss, SSLAuthType authType)
+{
+ PRCList *cursor;
+ if (authType == ssl_auth_null || authType == ssl_auth_psk || authType == ssl_auth_tls13_any) {
+ return PR_TRUE;
+ }
+ for (cursor = PR_NEXT_LINK(&ss->serverCerts);
+ cursor != &ss->serverCerts;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslServerCert *cert = (sslServerCert *)cursor;
+ if (cert->certType.authType != authType) {
+ continue;
+ }
+ if (!cert->serverKeyPair ||
+ !cert->serverKeyPair->privKey ||
+ !cert->serverCertChain) {
+ continue;
+ }
+ /* When called from ssl3_config_match_init(), all the EC curves will be
+ * enabled, so this will essentially do nothing (unless we implement
+ * curve configuration). However, once we have seen the
+ * supported_groups extension and this is called from config_match(),
+ * this will filter out certificates with an unsupported curve. */
+ if ((authType == ssl_auth_ecdsa ||
+ authType == ssl_auth_ecdh_ecdsa ||
+ authType == ssl_auth_ecdh_rsa) &&
+ !ssl_NamedGroupEnabled(ss, cert->certType.namedCurve)) {
+ continue;
+ }
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+const ssl3BulkCipherDef *
+ssl_GetBulkCipherDef(const ssl3CipherSuiteDef *cipher_def)
+{
+ PORT_Assert(cipher_def->bulk_cipher_alg < PR_ARRAY_SIZE(bulk_cipher_defs));
+ PORT_Assert(bulk_cipher_defs[cipher_def->bulk_cipher_alg].cipher == cipher_def->bulk_cipher_alg);
+ return &bulk_cipher_defs[cipher_def->bulk_cipher_alg];
+}
+
+/* Initialize the suite->isPresent value for config_match
+ * Returns count of enabled ciphers supported by extant tokens,
+ * regardless of policy or user preference.
+ * If this returns zero, the user cannot do SSL v3.
+ */
+int
+ssl3_config_match_init(sslSocket *ss)
+{
+ ssl3CipherSuiteCfg *suite;
+ const ssl3CipherSuiteDef *cipher_def;
+ SSLCipherAlgorithm cipher_alg;
+ CK_MECHANISM_TYPE cipher_mech;
+ SSLAuthType authType;
+ SSLKEAType keaType;
+ int i;
+ int numPresent = 0;
+ int numEnabled = 0;
+
+ PORT_Assert(ss);
+ if (!ss) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return 0;
+ }
+ if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
+ return 0;
+ }
+
+ for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
+ suite = &ss->cipherSuites[i];
+ if (suite->enabled) {
+ ++numEnabled;
+ /* We need the cipher defs to see if we have a token that can handle
+ * this cipher. It isn't part of the static definition.
+ */
+ cipher_def = ssl_LookupCipherSuiteDef(suite->cipher_suite);
+ if (!cipher_def) {
+ suite->isPresent = PR_FALSE;
+ continue;
+ }
+ cipher_alg = ssl_GetBulkCipherDef(cipher_def)->calg;
+ cipher_mech = ssl3_Alg2Mech(cipher_alg);
+
+ /* Mark the suites that are backed by real tokens, certs and keys */
+ suite->isPresent = PR_TRUE;
+
+ authType = kea_defs[cipher_def->key_exchange_alg].authKeyType;
+ if (authType != ssl_auth_null && authType != ssl_auth_tls13_any) {
+ if (ss->sec.isServer && !ssl_HasCert(ss, authType)) {
+ suite->isPresent = PR_FALSE;
+ }
+ if (!PK11_TokenExists(auth_alg_defs[authType])) {
+ suite->isPresent = PR_FALSE;
+ }
+ }
+
+ keaType = kea_defs[cipher_def->key_exchange_alg].exchKeyType;
+ if (keaType != ssl_kea_null &&
+ keaType != ssl_kea_tls13_any &&
+ !PK11_TokenExists(kea_alg_defs[keaType])) {
+ suite->isPresent = PR_FALSE;
+ }
+
+ if (cipher_alg != calg_null &&
+ !PK11_TokenExists(cipher_mech)) {
+ suite->isPresent = PR_FALSE;
+ }
+
+ if (suite->isPresent) {
+ ++numPresent;
+ }
+ }
+ }
+ PORT_Assert(numPresent > 0 || numEnabled == 0);
+ if (numPresent <= 0) {
+ PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);
+ }
+ return numPresent;
+}
+
+/* Return PR_TRUE if suite is usable. This if the suite is permitted by policy,
+ * enabled, has a certificate (as needed), has a viable key agreement method, is
+ * usable with the negotiated TLS version, and is otherwise usable. */
+static PRBool
+config_match(const ssl3CipherSuiteCfg *suite, int policy,
+ const SSLVersionRange *vrange, const sslSocket *ss)
+{
+ const ssl3CipherSuiteDef *cipher_def;
+ const ssl3KEADef *kea_def;
+
+ PORT_Assert(policy != SSL_NOT_ALLOWED);
+ if (policy == SSL_NOT_ALLOWED)
+ return PR_FALSE;
+
+ if (!suite->enabled || !suite->isPresent)
+ return PR_FALSE;
+
+ if ((suite->policy == SSL_NOT_ALLOWED) ||
+ (suite->policy > policy))
+ return PR_FALSE;
+
+ PORT_Assert(ss != NULL);
+ cipher_def = ssl_LookupCipherSuiteDef(suite->cipher_suite);
+ PORT_Assert(cipher_def != NULL);
+ kea_def = &kea_defs[cipher_def->key_exchange_alg];
+ PORT_Assert(kea_def != NULL);
+ if (!ssl_KEAEnabled(ss, kea_def->exchKeyType)) {
+ return PR_FALSE;
+ }
+
+ if (ss->sec.isServer && !ssl_HasCert(ss, kea_def->authKeyType)) {
+ return PR_FALSE;
+ }
+
+ return ssl3_CipherSuiteAllowedForVersionRange(suite->cipher_suite, vrange);
+}
+
+/* Return the number of cipher suites that are usable. */
+/* called from ssl3_SendClientHello */
+static int
+count_cipher_suites(sslSocket *ss, int policy)
+{
+ int i, count = 0;
+
+ if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
+ return 0;
+ }
+ for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
+ if (config_match(&ss->cipherSuites[i], policy, &ss->vrange, ss))
+ count++;
+ }
+ if (count <= 0) {
+ PORT_SetError(SSL_ERROR_SSL_DISABLED);
+ }
+ return count;
+}
+
+/*
+ * Null compression, mac and encryption functions
+ */
+static SECStatus
+Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
+ const unsigned char *input, int inputLen)
+{
+ if (inputLen > maxOutputLen) {
+ *outputLen = 0; /* Match PK11_CipherOp in setting outputLen */
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ *outputLen = inputLen;
+ if (input != output)
+ PORT_Memcpy(output, input, inputLen);
+ return SECSuccess;
+}
+
+/*
+ * SSL3 Utility functions
+ */
+
+/* allowLargerPeerVersion controls whether the function will select the
+ * highest enabled SSL version or fail when peerVersion is greater than the
+ * highest enabled version.
+ *
+ * If allowLargerPeerVersion is true, peerVersion is the peer's highest
+ * enabled version rather than the peer's selected version.
+ */
+SECStatus
+ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion,
+ PRBool allowLargerPeerVersion)
+{
+ if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
+ PORT_SetError(SSL_ERROR_SSL_DISABLED);
+ return SECFailure;
+ }
+
+ if (peerVersion < ss->vrange.min ||
+ (peerVersion > ss->vrange.max && !allowLargerPeerVersion)) {
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
+ return SECFailure;
+ }
+
+ ss->version = PR_MIN(peerVersion, ss->vrange.max);
+ PORT_Assert(ssl3_VersionIsSupported(ss->protocolVariant, ss->version));
+
+ return SECSuccess;
+}
+
+/* Used by the client when the server produces a version number.
+ * This reads, validates, and normalizes the value. */
+SECStatus
+ssl_ClientReadVersion(sslSocket *ss, SSL3Opaque **b, unsigned int *len,
+ SSL3ProtocolVersion *version)
+{
+ SSL3ProtocolVersion v;
+ PRInt32 temp;
+
+ temp = ssl3_ConsumeHandshakeNumber(ss, 2, b, len);
+ if (temp < 0) {
+ return SECFailure; /* alert has been sent */
+ }
+
+#ifdef TLS_1_3_DRAFT_VERSION
+ if (temp == SSL_LIBRARY_VERSION_TLS_1_3) {
+ (void)SSL3_SendAlert(ss, alert_fatal, protocol_version);
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
+ return SECFailure;
+ }
+ if (temp == tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3)) {
+ v = SSL_LIBRARY_VERSION_TLS_1_3;
+ } else {
+ v = (SSL3ProtocolVersion)temp;
+ }
+#else
+ v = (SSL3ProtocolVersion)temp;
+#endif
+
+ if (IS_DTLS(ss)) {
+ /* If this fails, we get 0 back and the next check to fails. */
+ v = dtls_DTLSVersionToTLSVersion(v);
+ }
+
+ PORT_Assert(!SSL_ALL_VERSIONS_DISABLED(&ss->vrange));
+ if (ss->vrange.min > v || ss->vrange.max < v) {
+ (void)SSL3_SendAlert(ss, alert_fatal,
+ (v > SSL_LIBRARY_VERSION_3_0) ? protocol_version
+ : handshake_failure);
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
+ return SECFailure;
+ }
+ *version = v;
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_GetNewRandom(SSL3Random *random)
+{
+ SECStatus rv;
+
+ rv = PK11_GenerateRandom(random->rand, SSL3_RANDOM_LENGTH);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
+ }
+ return rv;
+}
+
+/* Called by ssl3_SendServerKeyExchange and ssl3_SendCertificateVerify */
+SECStatus
+ssl3_SignHashes(sslSocket *ss, SSL3Hashes *hash, SECKEYPrivateKey *key,
+ SECItem *buf)
+{
+ SECStatus rv = SECFailure;
+ PRBool doDerEncode = PR_FALSE;
+ PRBool isTLS = (PRBool)(ss->ssl3.pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+ PRBool useRsaPss = ssl_IsRsaPssSignatureScheme(ss->ssl3.hs.signatureScheme);
+ SECItem hashItem;
+
+ buf->data = NULL;
+
+ switch (SECKEY_GetPrivateKeyType(key)) {
+ case rsaKey:
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ break;
+ case dsaKey:
+ doDerEncode = isTLS;
+ /* ssl_hash_none is used to specify the MD5/SHA1 concatenated hash.
+ * In that case, we use just the SHA1 part. */
+ if (hash->hashAlg == ssl_hash_none) {
+ hashItem.data = hash->u.s.sha;
+ hashItem.len = sizeof(hash->u.s.sha);
+ } else {
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ }
+ break;
+ case ecKey:
+ doDerEncode = PR_TRUE;
+ /* ssl_hash_none is used to specify the MD5/SHA1 concatenated hash.
+ * In that case, we use just the SHA1 part. */
+ if (hash->hashAlg == ssl_hash_none) {
+ hashItem.data = hash->u.s.sha;
+ hashItem.len = sizeof(hash->u.s.sha);
+ } else {
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ }
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ goto done;
+ }
+ PRINT_BUF(60, (NULL, "hash(es) to be signed", hashItem.data, hashItem.len));
+
+ if (useRsaPss || hash->hashAlg == ssl_hash_none) {
+ CK_MECHANISM_TYPE mech = PK11_MapSignKeyType(key->keyType);
+ int signatureLen = PK11_SignatureLen(key);
+
+ SECItem *params = NULL;
+ CK_RSA_PKCS_PSS_PARAMS pssParams;
+ SECItem pssParamsItem = { siBuffer,
+ (unsigned char *)&pssParams,
+ sizeof(pssParams) };
+
+ if (signatureLen <= 0) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ goto done;
+ }
+
+ buf->len = (unsigned)signatureLen;
+ buf->data = (unsigned char *)PORT_Alloc(signatureLen);
+ if (!buf->data)
+ goto done; /* error code was set. */
+
+ if (useRsaPss) {
+ pssParams.hashAlg = ssl3_GetHashMechanismByHashType(hash->hashAlg);
+ pssParams.mgf = ssl3_GetMgfMechanismByHashType(hash->hashAlg);
+ pssParams.sLen = hashItem.len;
+ params = &pssParamsItem;
+ mech = CKM_RSA_PKCS_PSS;
+ }
+
+ rv = PK11_SignWithMechanism(key, mech, params, buf, &hashItem);
+ } else {
+ SECOidTag hashOID = ssl3_HashTypeToOID(hash->hashAlg);
+ rv = SGN_Digest(key, hashOID, buf, &hashItem);
+ }
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
+ } else if (doDerEncode) {
+ SECItem derSig = { siBuffer, NULL, 0 };
+
+ /* This also works for an ECDSA signature */
+ rv = DSAU_EncodeDerSigWithLen(&derSig, buf, buf->len);
+ if (rv == SECSuccess) {
+ PORT_Free(buf->data); /* discard unencoded signature. */
+ *buf = derSig; /* give caller encoded signature. */
+ } else if (derSig.data) {
+ PORT_Free(derSig.data);
+ }
+ }
+
+ if (ss->sec.isServer) {
+ ss->sec.signatureScheme = ss->ssl3.hs.signatureScheme;
+ }
+ PRINT_BUF(60, (NULL, "signed hashes", (unsigned char *)buf->data, buf->len));
+done:
+ if (rv != SECSuccess && buf->data) {
+ PORT_Free(buf->data);
+ buf->data = NULL;
+ }
+ return rv;
+}
+
+/* Called from ssl3_HandleServerKeyExchange, ssl3_HandleCertificateVerify */
+SECStatus
+ssl3_VerifySignedHashes(sslSocket *ss, SSLSignatureScheme scheme, SSL3Hashes *hash,
+ SECItem *buf)
+{
+ SECKEYPublicKey *key;
+ SECItem *signature = NULL;
+ SECStatus rv = SECFailure;
+ SECItem hashItem;
+ SECOidTag encAlg;
+ SECOidTag hashAlg;
+ void *pwArg = ss->pkcs11PinArg;
+ PRBool isRsaPssScheme = ssl_IsRsaPssSignatureScheme(scheme);
+
+ PRINT_BUF(60, (NULL, "check signed hashes",
+ buf->data, buf->len));
+
+ key = CERT_ExtractPublicKey(ss->sec.peerCert);
+ if (key == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
+ return SECFailure;
+ }
+
+ hashAlg = ssl3_HashTypeToOID(hash->hashAlg);
+ switch (SECKEY_GetPublicKeyType(key)) {
+ case rsaKey:
+ encAlg = SEC_OID_PKCS1_RSA_ENCRYPTION;
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ if (scheme == ssl_sig_none) {
+ scheme = ssl_sig_rsa_pkcs1_sha1md5;
+ }
+ break;
+ case dsaKey:
+ encAlg = SEC_OID_ANSIX9_DSA_SIGNATURE;
+ /* ssl_hash_none is used to specify the MD5/SHA1 concatenated hash.
+ * In that case, we use just the SHA1 part. */
+ if (hash->hashAlg == ssl_hash_none) {
+ hashItem.data = hash->u.s.sha;
+ hashItem.len = sizeof(hash->u.s.sha);
+ } else {
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ }
+ /* Allow DER encoded DSA signatures in SSL 3.0 */
+ if (ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0 ||
+ buf->len != SECKEY_SignatureLen(key)) {
+ signature = DSAU_DecodeDerSigToLen(buf, SECKEY_SignatureLen(key));
+ if (!signature) {
+ PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ goto loser;
+ }
+ buf = signature;
+ }
+ if (scheme == ssl_sig_none) {
+ scheme = ssl_sig_dsa_sha1;
+ }
+ break;
+
+ case ecKey:
+ encAlg = SEC_OID_ANSIX962_EC_PUBLIC_KEY;
+ /* ssl_hash_none is used to specify the MD5/SHA1 concatenated hash.
+ * In that case, we use just the SHA1 part.
+ * ECDSA signatures always encode the integers r and s using ASN.1
+ * (unlike DSA where ASN.1 encoding is used with TLS but not with
+ * SSL3). So we can use VFY_VerifyDigestDirect for ECDSA.
+ */
+ if (hash->hashAlg == ssl_hash_none) {
+ hashAlg = SEC_OID_SHA1;
+ hashItem.data = hash->u.s.sha;
+ hashItem.len = sizeof(hash->u.s.sha);
+ } else {
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ }
+ if (scheme == ssl_sig_none) {
+ scheme = ssl_sig_ecdsa_sha1;
+ }
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+ goto loser;
+ }
+
+ PRINT_BUF(60, (NULL, "hash(es) to be verified",
+ hashItem.data, hashItem.len));
+
+ if (isRsaPssScheme ||
+ hashAlg == SEC_OID_UNKNOWN ||
+ SECKEY_GetPublicKeyType(key) == dsaKey) {
+ /* VFY_VerifyDigestDirect requires DSA signatures to be DER-encoded.
+ * DSA signatures are DER-encoded in TLS but not in SSL3 and the code
+ * above always removes the DER encoding of DSA signatures when
+ * present. Thus DSA signatures are always verified with PK11_Verify.
+ */
+ CK_MECHANISM_TYPE mech = PK11_MapSignKeyType(key->keyType);
+
+ SECItem *params = NULL;
+ CK_RSA_PKCS_PSS_PARAMS pssParams;
+ SECItem pssParamsItem = { siBuffer,
+ (unsigned char *)&pssParams,
+ sizeof(pssParams) };
+
+ if (isRsaPssScheme) {
+ pssParams.hashAlg = ssl3_GetHashMechanismByHashType(hash->hashAlg);
+ pssParams.mgf = ssl3_GetMgfMechanismByHashType(hash->hashAlg);
+ pssParams.sLen = hashItem.len;
+ params = &pssParamsItem;
+ mech = CKM_RSA_PKCS_PSS;
+ }
+
+ rv = PK11_VerifyWithMechanism(key, mech, params, buf, &hashItem, pwArg);
+ } else {
+ rv = VFY_VerifyDigestDirect(&hashItem, key, buf, encAlg, hashAlg,
+ pwArg);
+ }
+ if (signature) {
+ SECITEM_FreeItem(signature, PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ }
+ if (!ss->sec.isServer) {
+ ss->sec.signatureScheme = scheme;
+ }
+
+loser:
+ SECKEY_DestroyPublicKey(key);
+#ifdef UNSAFE_FUZZER_MODE
+ rv = SECSuccess;
+ PORT_SetError(0);
+#endif
+ return rv;
+}
+
+/* Caller must set hiLevel error code. */
+/* Called from ssl3_ComputeDHKeyHash
+ * which are called from ssl3_HandleServerKeyExchange.
+ *
+ * hashAlg: ssl_hash_none indicates the pre-1.2, MD5/SHA1 combination hash.
+ */
+SECStatus
+ssl3_ComputeCommonKeyHash(SSLHashType hashAlg,
+ PRUint8 *hashBuf, unsigned int bufLen,
+ SSL3Hashes *hashes)
+{
+ SECStatus rv;
+ SECOidTag hashOID;
+
+ if (hashAlg == ssl_hash_none) {
+ rv = PK11_HashBuf(SEC_OID_MD5, hashes->u.s.md5, hashBuf, bufLen);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ return rv;
+ }
+ rv = PK11_HashBuf(SEC_OID_SHA1, hashes->u.s.sha, hashBuf, bufLen);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return rv;
+ }
+ hashes->len = MD5_LENGTH + SHA1_LENGTH;
+ } else {
+ hashOID = ssl3_HashTypeToOID(hashAlg);
+ hashes->len = HASH_ResultLenByOidTag(hashOID);
+ if (hashes->len == 0 || hashes->len > sizeof(hashes->u.raw)) {
+ ssl_MapLowLevelError(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM);
+ return SECFailure;
+ }
+ rv = PK11_HashBuf(hashOID, hashes->u.raw, hashBuf, bufLen);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ return rv;
+ }
+ }
+ hashes->hashAlg = hashAlg;
+ return SECSuccess;
+}
+
+/* Caller must set hiLevel error code. */
+/* Called from ssl3_HandleServerKeyExchange. */
+static SECStatus
+ssl3_ComputeDHKeyHash(sslSocket *ss, SSLHashType hashAlg, SSL3Hashes *hashes,
+ SECItem dh_p, SECItem dh_g, SECItem dh_Ys, PRBool padY)
+{
+ PRUint8 *hashBuf;
+ PRUint8 *pBuf;
+ SECStatus rv = SECSuccess;
+ unsigned int bufLen, yLen;
+ PRUint8 buf[2 * SSL3_RANDOM_LENGTH + 2 + 4096 / 8 + 2 + 4096 / 8];
+
+ PORT_Assert(dh_p.data);
+ PORT_Assert(dh_g.data);
+ PORT_Assert(dh_Ys.data);
+
+ yLen = padY ? dh_p.len : dh_Ys.len;
+ bufLen = 2 * SSL3_RANDOM_LENGTH +
+ 2 + dh_p.len +
+ 2 + dh_g.len +
+ 2 + yLen;
+ if (bufLen <= sizeof buf) {
+ hashBuf = buf;
+ } else {
+ hashBuf = PORT_Alloc(bufLen);
+ if (!hashBuf) {
+ return SECFailure;
+ }
+ }
+
+ memcpy(hashBuf, &ss->ssl3.hs.client_random, SSL3_RANDOM_LENGTH);
+ pBuf = hashBuf + SSL3_RANDOM_LENGTH;
+ memcpy(pBuf, &ss->ssl3.hs.server_random, SSL3_RANDOM_LENGTH);
+ pBuf += SSL3_RANDOM_LENGTH;
+ pBuf = ssl_EncodeUintX(dh_p.len, 2, pBuf);
+ memcpy(pBuf, dh_p.data, dh_p.len);
+ pBuf += dh_p.len;
+ pBuf = ssl_EncodeUintX(dh_g.len, 2, pBuf);
+ memcpy(pBuf, dh_g.data, dh_g.len);
+ pBuf += dh_g.len;
+ pBuf = ssl_EncodeUintX(yLen, 2, pBuf);
+ if (padY && dh_p.len > dh_Ys.len) {
+ memset(pBuf, 0, dh_p.len - dh_Ys.len);
+ pBuf += dh_p.len - dh_Ys.len;
+ }
+ /* If we're padding Y, dh_Ys can't be longer than dh_p. */
+ PORT_Assert(!padY || dh_p.len >= dh_Ys.len);
+ memcpy(pBuf, dh_Ys.data, dh_Ys.len);
+ pBuf += dh_Ys.len;
+ PORT_Assert((unsigned int)(pBuf - hashBuf) == bufLen);
+
+ rv = ssl3_ComputeCommonKeyHash(hashAlg, hashBuf, bufLen, hashes);
+
+ PRINT_BUF(95, (NULL, "DHkey hash: ", hashBuf, bufLen));
+ if (rv == SECSuccess) {
+ if (hashAlg == ssl_hash_none) {
+ PRINT_BUF(95, (NULL, "DHkey hash: MD5 result",
+ hashes->u.s.md5, MD5_LENGTH));
+ PRINT_BUF(95, (NULL, "DHkey hash: SHA1 result",
+ hashes->u.s.sha, SHA1_LENGTH));
+ } else {
+ PRINT_BUF(95, (NULL, "DHkey hash: result",
+ hashes->u.raw, hashes->len));
+ }
+ }
+
+ if (hashBuf != buf && hashBuf != NULL)
+ PORT_Free(hashBuf);
+ return rv;
+}
+
+/* Called twice, only from ssl3_DestroyCipherSpec (immediately below). */
+static void
+ssl3_CleanupKeyMaterial(ssl3KeyMaterial *mat)
+{
+ if (mat->write_key != NULL) {
+ PK11_FreeSymKey(mat->write_key);
+ mat->write_key = NULL;
+ }
+ if (mat->write_mac_key != NULL) {
+ PK11_FreeSymKey(mat->write_mac_key);
+ mat->write_mac_key = NULL;
+ }
+ if (mat->write_mac_context != NULL) {
+ PK11_DestroyContext(mat->write_mac_context, PR_TRUE);
+ mat->write_mac_context = NULL;
+ }
+}
+
+/* Called from ssl3_SendChangeCipherSpecs() and
+** ssl3_HandleChangeCipherSpecs()
+** ssl3_DestroySSL3Info
+** Caller must hold SpecWriteLock.
+*/
+void
+ssl3_DestroyCipherSpec(ssl3CipherSpec *spec, PRBool freeSrvName)
+{
+ /* PORT_Assert( ss->opt.noLocks || ssl_HaveSpecWriteLock(ss)); Don't have ss! */
+ if (spec->encodeContext) {
+ PK11_DestroyContext(spec->encodeContext, PR_TRUE);
+ spec->encodeContext = NULL;
+ }
+ if (spec->decodeContext) {
+ PK11_DestroyContext(spec->decodeContext, PR_TRUE);
+ spec->decodeContext = NULL;
+ }
+ if (spec->destroyCompressContext && spec->compressContext) {
+ spec->destroyCompressContext(spec->compressContext, 1);
+ spec->compressContext = NULL;
+ }
+ if (spec->destroyDecompressContext && spec->decompressContext) {
+ spec->destroyDecompressContext(spec->decompressContext, 1);
+ spec->decompressContext = NULL;
+ }
+ if (spec->master_secret != NULL) {
+ PK11_FreeSymKey(spec->master_secret);
+ spec->master_secret = NULL;
+ }
+ spec->msItem.data = NULL;
+ spec->msItem.len = 0;
+ ssl3_CleanupKeyMaterial(&spec->client);
+ ssl3_CleanupKeyMaterial(&spec->server);
+ spec->destroyCompressContext = NULL;
+ spec->destroyDecompressContext = NULL;
+}
+
+/* Fill in the pending cipher spec with info from the selected ciphersuite.
+** This is as much initialization as we can do without having key material.
+** Called from ssl3_HandleServerHello(), ssl3_SendServerHello()
+** Caller must hold the ssl3 handshake lock.
+** Acquires & releases SpecWriteLock.
+*/
+SECStatus
+ssl3_SetupPendingCipherSpec(sslSocket *ss)
+{
+ ssl3CipherSpec *pwSpec;
+ ssl3CipherSpec *cwSpec;
+ ssl3CipherSuite suite = ss->ssl3.hs.cipher_suite;
+ SSL3MACAlgorithm mac;
+ SSL3KeyExchangeAlgorithm kea;
+ const ssl3CipherSuiteDef *suite_def;
+ PRBool isTLS;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3);
+
+ ssl_GetSpecWriteLock(ss); /*******************************/
+
+ pwSpec = ss->ssl3.pwSpec;
+ PORT_Assert(pwSpec == ss->ssl3.prSpec);
+
+ /* This hack provides maximal interoperability with SSL 3 servers. */
+ cwSpec = ss->ssl3.cwSpec;
+ if (cwSpec->mac_def->mac == mac_null) {
+ /* SSL records are not being MACed. */
+ cwSpec->version = ss->version;
+ }
+
+ pwSpec->version = ss->version;
+ isTLS = (PRBool)(pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ SSL_TRC(3, ("%d: SSL3[%d]: Set XXX Pending Cipher Suite to 0x%04x",
+ SSL_GETPID(), ss->fd, suite));
+
+ suite_def = ssl_LookupCipherSuiteDef(suite);
+ if (suite_def == NULL) {
+ ssl_ReleaseSpecWriteLock(ss);
+ return SECFailure; /* error code set by ssl_LookupCipherSuiteDef */
+ }
+
+ if (IS_DTLS(ss)) {
+ /* Double-check that we did not pick an RC4 suite */
+ PORT_Assert(suite_def->bulk_cipher_alg != cipher_rc4);
+ }
+
+ kea = suite_def->key_exchange_alg;
+ mac = suite_def->mac_alg;
+ if (mac <= ssl_mac_sha && mac != ssl_mac_null && isTLS)
+ mac += 2;
+
+ ss->ssl3.hs.suite_def = suite_def;
+ ss->ssl3.hs.kea_def = &kea_defs[kea];
+ PORT_Assert(ss->ssl3.hs.kea_def->kea == kea);
+
+ pwSpec->cipher_def = ssl_GetBulkCipherDef(suite_def);
+
+ pwSpec->mac_def = &mac_defs[mac];
+ PORT_Assert(pwSpec->mac_def->mac == mac);
+
+ pwSpec->encodeContext = NULL;
+ pwSpec->decodeContext = NULL;
+
+ pwSpec->mac_size = pwSpec->mac_def->mac_size;
+
+ pwSpec->compression_method = ss->ssl3.hs.compression;
+ pwSpec->compressContext = NULL;
+ pwSpec->decompressContext = NULL;
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ PORT_Assert(ss->ssl3.hs.kea_def->ephemeral);
+ PORT_Assert(pwSpec->cipher_def->type == type_aead);
+ }
+ ssl_ReleaseSpecWriteLock(ss); /*******************************/
+ return SECSuccess;
+}
+
+#ifdef NSS_SSL_ENABLE_ZLIB
+#define SSL3_DEFLATE_CONTEXT_SIZE sizeof(z_stream)
+
+static SECStatus
+ssl3_MapZlibError(int zlib_error)
+{
+ switch (zlib_error) {
+ case Z_OK:
+ return SECSuccess;
+ default:
+ return SECFailure;
+ }
+}
+
+static SECStatus
+ssl3_DeflateInit(void *void_context)
+{
+ z_stream *context = void_context;
+ context->zalloc = NULL;
+ context->zfree = NULL;
+ context->opaque = NULL;
+
+ return ssl3_MapZlibError(deflateInit(context, Z_DEFAULT_COMPRESSION));
+}
+
+static SECStatus
+ssl3_InflateInit(void *void_context)
+{
+ z_stream *context = void_context;
+ context->zalloc = NULL;
+ context->zfree = NULL;
+ context->opaque = NULL;
+ context->next_in = NULL;
+ context->avail_in = 0;
+
+ return ssl3_MapZlibError(inflateInit(context));
+}
+
+static SECStatus
+ssl3_DeflateCompress(void *void_context, unsigned char *out, int *out_len,
+ int maxout, const unsigned char *in, int inlen)
+{
+ z_stream *context = void_context;
+
+ if (!inlen) {
+ *out_len = 0;
+ return SECSuccess;
+ }
+
+ context->next_in = (unsigned char *)in;
+ context->avail_in = inlen;
+ context->next_out = out;
+ context->avail_out = maxout;
+ if (deflate(context, Z_SYNC_FLUSH) != Z_OK) {
+ return SECFailure;
+ }
+ if (context->avail_out == 0) {
+ /* We ran out of space! */
+ SSL_TRC(3, ("%d: SSL3[%d] Ran out of buffer while compressing",
+ SSL_GETPID()));
+ return SECFailure;
+ }
+
+ *out_len = maxout - context->avail_out;
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_DeflateDecompress(void *void_context, unsigned char *out, int *out_len,
+ int maxout, const unsigned char *in, int inlen)
+{
+ z_stream *context = void_context;
+
+ if (!inlen) {
+ *out_len = 0;
+ return SECSuccess;
+ }
+
+ context->next_in = (unsigned char *)in;
+ context->avail_in = inlen;
+ context->next_out = out;
+ context->avail_out = maxout;
+ if (inflate(context, Z_SYNC_FLUSH) != Z_OK) {
+ PORT_SetError(SSL_ERROR_DECOMPRESSION_FAILURE);
+ return SECFailure;
+ }
+
+ *out_len = maxout - context->avail_out;
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_DestroyCompressContext(void *void_context, PRBool unused)
+{
+ deflateEnd(void_context);
+ PORT_Free(void_context);
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_DestroyDecompressContext(void *void_context, PRBool unused)
+{
+ inflateEnd(void_context);
+ PORT_Free(void_context);
+ return SECSuccess;
+}
+
+#endif /* NSS_SSL_ENABLE_ZLIB */
+
+/* Initialize the compression functions and contexts for the given
+ * CipherSpec. */
+static SECStatus
+ssl3_InitCompressionContext(ssl3CipherSpec *pwSpec)
+{
+ /* Setup the compression functions */
+ switch (pwSpec->compression_method) {
+ case ssl_compression_null:
+ pwSpec->compressor = NULL;
+ pwSpec->decompressor = NULL;
+ pwSpec->compressContext = NULL;
+ pwSpec->decompressContext = NULL;
+ pwSpec->destroyCompressContext = NULL;
+ pwSpec->destroyDecompressContext = NULL;
+ break;
+#ifdef NSS_SSL_ENABLE_ZLIB
+ case ssl_compression_deflate:
+ pwSpec->compressor = ssl3_DeflateCompress;
+ pwSpec->decompressor = ssl3_DeflateDecompress;
+ pwSpec->compressContext = PORT_Alloc(SSL3_DEFLATE_CONTEXT_SIZE);
+ pwSpec->decompressContext = PORT_Alloc(SSL3_DEFLATE_CONTEXT_SIZE);
+ pwSpec->destroyCompressContext = ssl3_DestroyCompressContext;
+ pwSpec->destroyDecompressContext = ssl3_DestroyDecompressContext;
+ ssl3_DeflateInit(pwSpec->compressContext);
+ ssl3_InflateInit(pwSpec->decompressContext);
+ break;
+#endif /* NSS_SSL_ENABLE_ZLIB */
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/* This function should probably be moved to pk11wrap and be named
+ * PK11_ParamFromIVAndEffectiveKeyBits
+ */
+static SECItem *
+ssl3_ParamFromIV(CK_MECHANISM_TYPE mtype, SECItem *iv, CK_ULONG ulEffectiveBits)
+{
+ SECItem *param = PK11_ParamFromIV(mtype, iv);
+ if (param && param->data && param->len >= sizeof(CK_RC2_PARAMS)) {
+ switch (mtype) {
+ case CKM_RC2_KEY_GEN:
+ case CKM_RC2_ECB:
+ case CKM_RC2_CBC:
+ case CKM_RC2_MAC:
+ case CKM_RC2_MAC_GENERAL:
+ case CKM_RC2_CBC_PAD:
+ *(CK_RC2_PARAMS *)param->data = ulEffectiveBits;
+ default:
+ break;
+ }
+ }
+ return param;
+}
+
+/* ssl3_BuildRecordPseudoHeader writes the SSL/TLS pseudo-header (the data
+ * which is included in the MAC or AEAD additional data) to |out| and returns
+ * its length. See https://tools.ietf.org/html/rfc5246#section-6.2.3.3 for the
+ * definition of the AEAD additional data.
+ *
+ * TLS pseudo-header includes the record's version field, SSL's doesn't. Which
+ * pseudo-header defintiion to use should be decided based on the version of
+ * the protocol that was negotiated when the cipher spec became current, NOT
+ * based on the version value in the record itself, and the decision is passed
+ * to this function as the |includesVersion| argument. But, the |version|
+ * argument should be the record's version value.
+ */
+static unsigned int
+ssl3_BuildRecordPseudoHeader(unsigned char *out,
+ sslSequenceNumber seq_num,
+ SSL3ContentType type,
+ PRBool includesVersion,
+ SSL3ProtocolVersion version,
+ PRBool isDTLS,
+ int length)
+{
+ out[0] = (unsigned char)(seq_num >> 56);
+ out[1] = (unsigned char)(seq_num >> 48);
+ out[2] = (unsigned char)(seq_num >> 40);
+ out[3] = (unsigned char)(seq_num >> 32);
+ out[4] = (unsigned char)(seq_num >> 24);
+ out[5] = (unsigned char)(seq_num >> 16);
+ out[6] = (unsigned char)(seq_num >> 8);
+ out[7] = (unsigned char)(seq_num >> 0);
+ out[8] = type;
+
+ /* SSL3 MAC doesn't include the record's version field. */
+ if (!includesVersion) {
+ out[9] = MSB(length);
+ out[10] = LSB(length);
+ return 11;
+ }
+
+ /* TLS MAC and AEAD additional data include version. */
+ if (isDTLS) {
+ SSL3ProtocolVersion dtls_version;
+
+ dtls_version = dtls_TLSVersionToDTLSVersion(version);
+ out[9] = MSB(dtls_version);
+ out[10] = LSB(dtls_version);
+ } else {
+ out[9] = MSB(version);
+ out[10] = LSB(version);
+ }
+ out[11] = MSB(length);
+ out[12] = LSB(length);
+ return 13;
+}
+
+static SECStatus
+ssl3_AESGCM(ssl3KeyMaterial *keys,
+ PRBool doDecrypt,
+ unsigned char *out,
+ int *outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen,
+ const unsigned char *additionalData,
+ int additionalDataLen)
+{
+ SECItem param;
+ SECStatus rv = SECFailure;
+ unsigned char nonce[12];
+ unsigned int uOutLen;
+ CK_GCM_PARAMS gcmParams;
+
+ const int tagSize = bulk_cipher_defs[cipher_aes_128_gcm].tag_size;
+ const int explicitNonceLen =
+ bulk_cipher_defs[cipher_aes_128_gcm].explicit_nonce_size;
+
+ /* See https://tools.ietf.org/html/rfc5288#section-3 for details of how the
+ * nonce is formed. */
+ memcpy(nonce, keys->write_iv, 4);
+ if (doDecrypt) {
+ memcpy(nonce + 4, in, explicitNonceLen);
+ in += explicitNonceLen;
+ inlen -= explicitNonceLen;
+ *outlen = 0;
+ } else {
+ if (maxout < explicitNonceLen) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ /* Use the 64-bit sequence number as the explicit nonce. */
+ memcpy(nonce + 4, additionalData, explicitNonceLen);
+ memcpy(out, additionalData, explicitNonceLen);
+ out += explicitNonceLen;
+ maxout -= explicitNonceLen;
+ *outlen = explicitNonceLen;
+ }
+
+ param.type = siBuffer;
+ param.data = (unsigned char *)&gcmParams;
+ param.len = sizeof(gcmParams);
+ gcmParams.pIv = nonce;
+ gcmParams.ulIvLen = sizeof(nonce);
+ gcmParams.pAAD = (unsigned char *)additionalData; /* const cast */
+ gcmParams.ulAADLen = additionalDataLen;
+ gcmParams.ulTagBits = tagSize * 8;
+
+ if (doDecrypt) {
+ rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
+ maxout, in, inlen);
+ } else {
+ rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
+ maxout, in, inlen);
+ }
+ *outlen += (int)uOutLen;
+
+ return rv;
+}
+
+static SECStatus
+ssl3_ChaCha20Poly1305(ssl3KeyMaterial *keys, PRBool doDecrypt,
+ unsigned char *out, int *outlen, int maxout,
+ const unsigned char *in, int inlen,
+ const unsigned char *additionalData,
+ int additionalDataLen)
+{
+ size_t i;
+ SECItem param;
+ SECStatus rv = SECFailure;
+ unsigned int uOutLen;
+ unsigned char nonce[12];
+ CK_NSS_AEAD_PARAMS aeadParams;
+
+ const int tagSize = bulk_cipher_defs[cipher_chacha20].tag_size;
+
+ /* See
+ * https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04#section-2
+ * for details of how the nonce is formed. */
+ PORT_Memcpy(nonce, keys->write_iv, 12);
+
+ /* XOR the last 8 bytes of the IV with the sequence number. */
+ PORT_Assert(additionalDataLen >= 8);
+ for (i = 0; i < 8; ++i) {
+ nonce[4 + i] ^= additionalData[i];
+ }
+
+ param.type = siBuffer;
+ param.len = sizeof(aeadParams);
+ param.data = (unsigned char *)&aeadParams;
+ memset(&aeadParams, 0, sizeof(aeadParams));
+ aeadParams.pNonce = nonce;
+ aeadParams.ulNonceLen = sizeof(nonce);
+ aeadParams.pAAD = (unsigned char *)additionalData;
+ aeadParams.ulAADLen = additionalDataLen;
+ aeadParams.ulTagLen = tagSize;
+
+ if (doDecrypt) {
+ rv = PK11_Decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, &param,
+ out, &uOutLen, maxout, in, inlen);
+ } else {
+ rv = PK11_Encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, &param,
+ out, &uOutLen, maxout, in, inlen);
+ }
+ *outlen = (int)uOutLen;
+
+ return rv;
+}
+
+/* Initialize encryption and MAC contexts for pending spec.
+ * Master Secret already is derived.
+ * Caller holds Spec write lock.
+ */
+static SECStatus
+ssl3_InitPendingContexts(sslSocket *ss)
+{
+ ssl3CipherSpec *pwSpec;
+ const ssl3BulkCipherDef *cipher_def;
+ PK11Context *serverContext = NULL;
+ PK11Context *clientContext = NULL;
+ SECItem *param;
+ CK_MECHANISM_TYPE mechanism;
+ CK_MECHANISM_TYPE mac_mech;
+ CK_ULONG macLength;
+ CK_ULONG effKeyBits;
+ SECItem iv;
+ SECItem mac_param;
+ SSLCipherAlgorithm calg;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSpecWriteLock(ss));
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ pwSpec = ss->ssl3.pwSpec;
+ cipher_def = pwSpec->cipher_def;
+ macLength = pwSpec->mac_size;
+ calg = cipher_def->calg;
+ PORT_Assert(alg2Mech[calg].calg == calg);
+
+ pwSpec->client.write_mac_context = NULL;
+ pwSpec->server.write_mac_context = NULL;
+
+ if (cipher_def->type == type_aead) {
+ pwSpec->encode = NULL;
+ pwSpec->decode = NULL;
+ pwSpec->encodeContext = NULL;
+ pwSpec->decodeContext = NULL;
+ switch (calg) {
+ case calg_aes_gcm:
+ pwSpec->aead = ssl3_AESGCM;
+ break;
+ case calg_chacha20:
+ pwSpec->aead = ssl3_ChaCha20Poly1305;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return SECSuccess;
+ }
+
+ /*
+ ** Now setup the MAC contexts,
+ ** crypto contexts are setup below.
+ */
+
+ mac_mech = pwSpec->mac_def->mmech;
+ mac_param.data = (unsigned char *)&macLength;
+ mac_param.len = sizeof(macLength);
+ mac_param.type = 0;
+
+ pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
+ mac_mech, CKA_SIGN, pwSpec->client.write_mac_key, &mac_param);
+ if (pwSpec->client.write_mac_context == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
+ goto fail;
+ }
+ pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
+ mac_mech, CKA_SIGN, pwSpec->server.write_mac_key, &mac_param);
+ if (pwSpec->server.write_mac_context == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
+ goto fail;
+ }
+
+ /*
+ ** Now setup the crypto contexts.
+ */
+
+ if (calg == calg_null) {
+ pwSpec->encode = Null_Cipher;
+ pwSpec->decode = Null_Cipher;
+ return SECSuccess;
+ }
+ mechanism = ssl3_Alg2Mech(calg);
+ effKeyBits = cipher_def->key_size * BPB;
+
+ /*
+ * build the server context
+ */
+ iv.data = pwSpec->server.write_iv;
+ iv.len = cipher_def->iv_size;
+ param = ssl3_ParamFromIV(mechanism, &iv, effKeyBits);
+ if (param == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
+ goto fail;
+ }
+ serverContext = PK11_CreateContextBySymKey(mechanism,
+ (ss->sec.isServer ? CKA_ENCRYPT
+ : CKA_DECRYPT),
+ pwSpec->server.write_key, param);
+ iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
+ if (iv.data)
+ PORT_Memcpy(pwSpec->server.write_iv, iv.data, iv.len);
+ SECITEM_FreeItem(param, PR_TRUE);
+ if (serverContext == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
+ goto fail;
+ }
+
+ /*
+ * build the client context
+ */
+ iv.data = pwSpec->client.write_iv;
+ iv.len = cipher_def->iv_size;
+
+ param = ssl3_ParamFromIV(mechanism, &iv, effKeyBits);
+ if (param == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
+ goto fail;
+ }
+ clientContext = PK11_CreateContextBySymKey(mechanism,
+ (ss->sec.isServer ? CKA_DECRYPT
+ : CKA_ENCRYPT),
+ pwSpec->client.write_key, param);
+ iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
+ if (iv.data)
+ PORT_Memcpy(pwSpec->client.write_iv, iv.data, iv.len);
+ SECITEM_FreeItem(param, PR_TRUE);
+ if (clientContext == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
+ goto fail;
+ }
+ pwSpec->encode = (SSLCipher)PK11_CipherOp;
+ pwSpec->decode = (SSLCipher)PK11_CipherOp;
+
+ pwSpec->encodeContext = (ss->sec.isServer) ? serverContext : clientContext;
+ pwSpec->decodeContext = (ss->sec.isServer) ? clientContext : serverContext;
+
+ serverContext = NULL;
+ clientContext = NULL;
+
+ ssl3_InitCompressionContext(pwSpec);
+
+ return SECSuccess;
+
+fail:
+ if (serverContext != NULL)
+ PK11_DestroyContext(serverContext, PR_TRUE);
+ if (pwSpec->client.write_mac_context != NULL) {
+ PK11_DestroyContext(pwSpec->client.write_mac_context, PR_TRUE);
+ pwSpec->client.write_mac_context = NULL;
+ }
+ if (pwSpec->server.write_mac_context != NULL) {
+ PK11_DestroyContext(pwSpec->server.write_mac_context, PR_TRUE);
+ pwSpec->server.write_mac_context = NULL;
+ }
+
+ return SECFailure;
+}
+
+HASH_HashType
+ssl3_GetTls12HashType(sslSocket *ss)
+{
+ if (ss->ssl3.pwSpec->version < SSL_LIBRARY_VERSION_TLS_1_2) {
+ return HASH_AlgNULL;
+ }
+
+ switch (ss->ssl3.hs.suite_def->prf_hash) {
+ case ssl_hash_sha384:
+ return HASH_AlgSHA384;
+ case ssl_hash_sha256:
+ case ssl_hash_none:
+ /* ssl_hash_none is for pre-1.2 suites, which use SHA-256. */
+ return HASH_AlgSHA256;
+ default:
+ PORT_Assert(0);
+ }
+ return HASH_AlgSHA256;
+}
+
+/* Complete the initialization of all keys, ciphers, MACs and their contexts
+ * for the pending Cipher Spec.
+ * Called from: ssl3_SendClientKeyExchange (for Full handshake)
+ * ssl3_HandleRSAClientKeyExchange (for Full handshake)
+ * ssl3_HandleServerHello (for session restart)
+ * ssl3_HandleClientHello (for session restart)
+ * Sets error code, but caller probably should override to disambiguate.
+ * NULL pms means re-use old master_secret.
+ *
+ * If the old master secret is reused, pms is NULL and the master secret is
+ * already in pwSpec->master_secret.
+ */
+SECStatus
+ssl3_InitPendingCipherSpec(sslSocket *ss, PK11SymKey *pms)
+{
+ ssl3CipherSpec *pwSpec;
+ ssl3CipherSpec *cwSpec;
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ ssl_GetSpecWriteLock(ss); /**************************************/
+
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ pwSpec = ss->ssl3.pwSpec;
+ cwSpec = ss->ssl3.cwSpec;
+
+ if (pms || (!pwSpec->msItem.len && !pwSpec->master_secret)) {
+ rv = ssl3_DeriveMasterSecret(ss, pms);
+ if (rv != SECSuccess) {
+ goto done; /* err code set by ssl3_DeriveMasterSecret */
+ }
+ }
+ if (pwSpec->master_secret) {
+ rv = ssl3_DeriveConnectionKeys(ss);
+ if (rv == SECSuccess) {
+ rv = ssl3_InitPendingContexts(ss);
+ }
+ } else {
+ PORT_Assert(pwSpec->master_secret);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ }
+ if (rv != SECSuccess) {
+ goto done;
+ }
+
+ /* Generic behaviors -- common to all crypto methods */
+ if (!IS_DTLS(ss)) {
+ pwSpec->read_seq_num = pwSpec->write_seq_num = 0;
+ } else {
+ if (cwSpec->epoch == PR_UINT16_MAX) {
+ /* The problem here is that we have rehandshaked too many
+ * times (you are not allowed to wrap the epoch). The
+ * spec says you should be discarding the connection
+ * and start over, so not much we can do here. */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ goto done;
+ }
+ /* The sequence number has the high 16 bits as the epoch. */
+ pwSpec->epoch = cwSpec->epoch + 1;
+ pwSpec->read_seq_num = pwSpec->write_seq_num =
+ (sslSequenceNumber)pwSpec->epoch << 48;
+
+ dtls_InitRecvdRecords(&pwSpec->recvdRecords);
+ }
+
+done:
+ ssl_ReleaseSpecWriteLock(ss); /******************************/
+ if (rv != SECSuccess)
+ ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return rv;
+}
+
+/*
+ * 60 bytes is 3 times the maximum length MAC size that is supported.
+ */
+static const unsigned char mac_pad_1[60] = {
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36
+};
+static const unsigned char mac_pad_2[60] = {
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c
+};
+
+/* Called from: ssl3_SendRecord()
+** Caller must already hold the SpecReadLock. (wish we could assert that!)
+*/
+static SECStatus
+ssl3_ComputeRecordMAC(
+ ssl3CipherSpec *spec,
+ PRBool useServerMacKey,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const SSL3Opaque *input,
+ int inputLength,
+ unsigned char *outbuf,
+ unsigned int *outLength)
+{
+ const ssl3MACDef *mac_def;
+ SECStatus rv;
+
+ PRINT_BUF(95, (NULL, "frag hash1: header", header, headerLen));
+ PRINT_BUF(95, (NULL, "frag hash1: input", input, inputLength));
+
+ mac_def = spec->mac_def;
+ if (mac_def->mac == mac_null) {
+ *outLength = 0;
+ return SECSuccess;
+ }
+
+ PK11Context *mac_context =
+ (useServerMacKey ? spec->server.write_mac_context
+ : spec->client.write_mac_context);
+ rv = PK11_DigestBegin(mac_context);
+ rv |= PK11_DigestOp(mac_context, header, headerLen);
+ rv |= PK11_DigestOp(mac_context, input, inputLength);
+ rv |= PK11_DigestFinal(mac_context, outbuf, outLength, spec->mac_size);
+ PORT_Assert(rv != SECSuccess || *outLength == (unsigned)spec->mac_size);
+
+ PRINT_BUF(95, (NULL, "frag hash2: result", outbuf, *outLength));
+
+ if (rv != SECSuccess) {
+ rv = SECFailure;
+ ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
+ }
+ return rv;
+}
+
+/* Called from: ssl3_HandleRecord()
+ * Caller must already hold the SpecReadLock. (wish we could assert that!)
+ *
+ * On entry:
+ * originalLen >= inputLen >= MAC size
+*/
+static SECStatus
+ssl3_ComputeRecordMACConstantTime(
+ ssl3CipherSpec *spec,
+ PRBool useServerMacKey,
+ const unsigned char *header,
+ unsigned int headerLen,
+ const SSL3Opaque *input,
+ int inputLen,
+ int originalLen,
+ unsigned char *outbuf,
+ unsigned int *outLen)
+{
+ CK_MECHANISM_TYPE macType;
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS params;
+ SECItem param, inputItem, outputItem;
+ SECStatus rv;
+ PK11SymKey *key;
+
+ PORT_Assert(inputLen >= spec->mac_size);
+ PORT_Assert(originalLen >= inputLen);
+
+ if (spec->mac_def->mac == mac_null) {
+ *outLen = 0;
+ return SECSuccess;
+ }
+
+ macType = CKM_NSS_HMAC_CONSTANT_TIME;
+ if (spec->version == SSL_LIBRARY_VERSION_3_0) {
+ macType = CKM_NSS_SSL3_MAC_CONSTANT_TIME;
+ }
+
+ params.macAlg = spec->mac_def->mmech;
+ params.ulBodyTotalLen = originalLen;
+ params.pHeader = (unsigned char *)header; /* const cast */
+ params.ulHeaderLen = headerLen;
+
+ param.data = (unsigned char *)&params;
+ param.len = sizeof(params);
+ param.type = 0;
+
+ inputItem.data = (unsigned char *)input;
+ inputItem.len = inputLen;
+ inputItem.type = 0;
+
+ outputItem.data = outbuf;
+ outputItem.len = *outLen;
+ outputItem.type = 0;
+
+ key = spec->server.write_mac_key;
+ if (!useServerMacKey) {
+ key = spec->client.write_mac_key;
+ }
+
+ rv = PK11_SignWithSymKey(key, macType, &param, &outputItem, &inputItem);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_INVALID_ALGORITHM) {
+ /* ssl3_ComputeRecordMAC() expects the MAC to have been removed
+ * from the input length already. */
+ return ssl3_ComputeRecordMAC(spec, useServerMacKey,
+ header, headerLen,
+ input, inputLen - spec->mac_size,
+ outbuf, outLen);
+ }
+
+ *outLen = 0;
+ rv = SECFailure;
+ ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
+ return rv;
+ }
+
+ PORT_Assert(outputItem.len == (unsigned)spec->mac_size);
+ *outLen = outputItem.len;
+
+ return rv;
+}
+
+static PRBool
+ssl3_ClientAuthTokenPresent(sslSessionID *sid)
+{
+ PK11SlotInfo *slot = NULL;
+ PRBool isPresent = PR_TRUE;
+
+ /* we only care if we are doing client auth */
+ if (!sid || !sid->u.ssl3.clAuthValid) {
+ return PR_TRUE;
+ }
+
+ /* get the slot */
+ slot = SECMOD_LookupSlot(sid->u.ssl3.clAuthModuleID,
+ sid->u.ssl3.clAuthSlotID);
+ if (slot == NULL ||
+ !PK11_IsPresent(slot) ||
+ sid->u.ssl3.clAuthSeries != PK11_GetSlotSeries(slot) ||
+ sid->u.ssl3.clAuthSlotID != PK11_GetSlotID(slot) ||
+ sid->u.ssl3.clAuthModuleID != PK11_GetModuleID(slot) ||
+ (PK11_NeedLogin(slot) && !PK11_IsLoggedIn(slot, NULL))) {
+ isPresent = PR_FALSE;
+ }
+ if (slot) {
+ PK11_FreeSlot(slot);
+ }
+ return isPresent;
+}
+
+/* Caller must hold the spec read lock. */
+SECStatus
+ssl3_CompressMACEncryptRecord(ssl3CipherSpec *cwSpec,
+ PRBool isServer,
+ PRBool isDTLS,
+ PRBool capRecordVersion,
+ SSL3ContentType type,
+ const SSL3Opaque *pIn,
+ PRUint32 contentLen,
+ sslBuffer *wrBuf)
+{
+ const ssl3BulkCipherDef *cipher_def;
+ SECStatus rv;
+ PRUint32 macLen = 0;
+ PRUint32 fragLen;
+ PRUint32 p1Len, p2Len, oddLen = 0;
+ unsigned int ivLen = 0;
+ unsigned char pseudoHeader[13];
+ unsigned int pseudoHeaderLen;
+
+ cipher_def = cwSpec->cipher_def;
+
+ if (cipher_def->type == type_block &&
+ cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) {
+ /* Prepend the per-record explicit IV using technique 2b from
+ * RFC 4346 section 6.2.3.2: The IV is a cryptographically
+ * strong random number XORed with the CBC residue from the previous
+ * record.
+ */
+ ivLen = cipher_def->iv_size;
+ if (ivLen > wrBuf->space) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ rv = PK11_GenerateRandom(wrBuf->buf, ivLen);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
+ return rv;
+ }
+ rv = cwSpec->encode(cwSpec->encodeContext,
+ wrBuf->buf, /* output */
+ (int *)&wrBuf->len, /* outlen */
+ ivLen, /* max outlen */
+ wrBuf->buf, /* input */
+ ivLen); /* input len */
+ if (rv != SECSuccess || wrBuf->len != ivLen) {
+ PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ if (cwSpec->compressor) {
+ int outlen;
+ rv = cwSpec->compressor(cwSpec->compressContext, wrBuf->buf + ivLen,
+ &outlen, wrBuf->space - ivLen, pIn, contentLen);
+ if (rv != SECSuccess)
+ return rv;
+ pIn = wrBuf->buf + ivLen;
+ contentLen = outlen;
+ }
+
+ pseudoHeaderLen = ssl3_BuildRecordPseudoHeader(
+ pseudoHeader, cwSpec->write_seq_num, type,
+ cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_0, cwSpec->version,
+ isDTLS, contentLen);
+ PORT_Assert(pseudoHeaderLen <= sizeof(pseudoHeader));
+ if (cipher_def->type == type_aead) {
+ const int nonceLen = cipher_def->explicit_nonce_size;
+ const int tagLen = cipher_def->tag_size;
+
+ if (nonceLen + contentLen + tagLen > wrBuf->space) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ rv = cwSpec->aead(
+ isServer ? &cwSpec->server : &cwSpec->client,
+ PR_FALSE, /* do encrypt */
+ wrBuf->buf, /* output */
+ (int *)&wrBuf->len, /* out len */
+ wrBuf->space, /* max out */
+ pIn, contentLen, /* input */
+ pseudoHeader, pseudoHeaderLen);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE);
+ return SECFailure;
+ }
+ } else {
+ /*
+ * Add the MAC
+ */
+ rv = ssl3_ComputeRecordMAC(cwSpec, isServer, pseudoHeader,
+ pseudoHeaderLen, pIn, contentLen,
+ wrBuf->buf + ivLen + contentLen, &macLen);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
+ return SECFailure;
+ }
+ p1Len = contentLen;
+ p2Len = macLen;
+ fragLen = contentLen + macLen; /* needs to be encrypted */
+ PORT_Assert(fragLen <= MAX_FRAGMENT_LENGTH + 1024);
+
+ /*
+ * Pad the text (if we're doing a block cipher)
+ * then Encrypt it
+ */
+ if (cipher_def->type == type_block) {
+ unsigned char *pBuf;
+ int padding_length;
+ int i;
+
+ oddLen = contentLen % cipher_def->block_size;
+ /* Assume blockSize is a power of two */
+ padding_length = cipher_def->block_size - 1 - ((fragLen) & (cipher_def->block_size - 1));
+ fragLen += padding_length + 1;
+ PORT_Assert((fragLen % cipher_def->block_size) == 0);
+
+ /* Pad according to TLS rules (also acceptable to SSL3). */
+ pBuf = &wrBuf->buf[ivLen + fragLen - 1];
+ for (i = padding_length + 1; i > 0; --i) {
+ *pBuf-- = padding_length;
+ }
+ /* now, if contentLen is not a multiple of block size, fix it */
+ p2Len = fragLen - p1Len;
+ }
+ if (p1Len < 256) {
+ oddLen = p1Len;
+ p1Len = 0;
+ } else {
+ p1Len -= oddLen;
+ }
+ if (oddLen) {
+ p2Len += oddLen;
+ PORT_Assert((cipher_def->block_size < 2) ||
+ (p2Len % cipher_def->block_size) == 0);
+ memmove(wrBuf->buf + ivLen + p1Len, pIn + p1Len, oddLen);
+ }
+ if (p1Len > 0) {
+ int cipherBytesPart1 = -1;
+ rv = cwSpec->encode(cwSpec->encodeContext,
+ wrBuf->buf + ivLen, /* output */
+ &cipherBytesPart1, /* actual outlen */
+ p1Len, /* max outlen */
+ pIn,
+ p1Len); /* input, and inputlen */
+ PORT_Assert(rv == SECSuccess && cipherBytesPart1 == (int)p1Len);
+ if (rv != SECSuccess || cipherBytesPart1 != (int)p1Len) {
+ PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE);
+ return SECFailure;
+ }
+ wrBuf->len += cipherBytesPart1;
+ }
+ if (p2Len > 0) {
+ int cipherBytesPart2 = -1;
+ rv = cwSpec->encode(cwSpec->encodeContext,
+ wrBuf->buf + ivLen + p1Len,
+ &cipherBytesPart2, /* output and actual outLen */
+ p2Len, /* max outlen */
+ wrBuf->buf + ivLen + p1Len,
+ p2Len); /* input and inputLen*/
+ PORT_Assert(rv == SECSuccess && cipherBytesPart2 == (int)p2Len);
+ if (rv != SECSuccess || cipherBytesPart2 != (int)p2Len) {
+ PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE);
+ return SECFailure;
+ }
+ wrBuf->len += cipherBytesPart2;
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec,
+ PRBool capRecordVersion, SSL3ContentType type,
+ const SSL3Opaque *pIn, PRUint32 contentLen, sslBuffer *wrBuf)
+{
+ const ssl3BulkCipherDef *cipher_def = cwSpec->cipher_def;
+ PRUint16 headerLen;
+ sslBuffer protBuf;
+ SSL3ProtocolVersion version = cwSpec->version;
+ PRBool isTLS13;
+ PRUint8 *ptr = wrBuf->buf;
+ SECStatus rv;
+
+ if (ss->ssl3.hs.shortHeaders) {
+ PORT_Assert(!IS_DTLS(ss));
+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ headerLen = TLS13_RECORD_HEADER_LENGTH_SHORT;
+ } else {
+ headerLen = IS_DTLS(ss) ? DTLS_RECORD_HEADER_LENGTH : SSL3_RECORD_HEADER_LENGTH;
+ }
+ protBuf.buf = wrBuf->buf + headerLen;
+ protBuf.len = 0;
+ protBuf.space = wrBuf->space - headerLen;
+
+ PORT_Assert(cipher_def->max_records <= RECORD_SEQ_MAX);
+ if ((cwSpec->write_seq_num & RECORD_SEQ_MAX) >= cipher_def->max_records) {
+ SSL_TRC(3, ("%d: SSL[-]: write sequence number at limit 0x%0llx",
+ SSL_GETPID(), cwSpec->write_seq_num));
+ PORT_SetError(SSL_ERROR_TOO_MANY_RECORDS);
+ return SECFailure;
+ }
+
+ isTLS13 = (PRBool)(cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+
+#ifdef UNSAFE_FUZZER_MODE
+ rv = Null_Cipher(NULL, protBuf.buf, (int *)&protBuf.len, protBuf.space,
+ pIn, contentLen);
+#else
+ if (isTLS13) {
+ rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, &protBuf);
+ } else {
+ rv = ssl3_CompressMACEncryptRecord(cwSpec, ss->sec.isServer,
+ IS_DTLS(ss), capRecordVersion, type,
+ pIn, contentLen, &protBuf);
+ }
+#endif
+ if (rv != SECSuccess) {
+ return SECFailure; /* error was set */
+ }
+
+ PORT_Assert(protBuf.len <= MAX_FRAGMENT_LENGTH + (isTLS13 ? 256 : 1024));
+ wrBuf->len = protBuf.len + headerLen;
+
+ if (ss->ssl3.hs.shortHeaders) {
+ PORT_Assert(!IS_DTLS(ss)); /* Decoder not yet implemented. */
+ (void)ssl_EncodeUintX(0x8000 | protBuf.len, 2, ptr);
+ } else {
+#ifndef UNSAFE_FUZZER_MODE
+ if (isTLS13 && cipher_def->calg != ssl_calg_null) {
+ *ptr++ = content_application_data;
+ } else
+#endif
+ {
+ *ptr++ = type;
+ }
+
+ if (IS_DTLS(ss)) {
+ version = isTLS13 ? SSL_LIBRARY_VERSION_TLS_1_1 : version;
+ version = dtls_TLSVersionToDTLSVersion(version);
+
+ ptr = ssl_EncodeUintX(version, 2, ptr);
+ ptr = ssl_EncodeUintX(cwSpec->write_seq_num, 8, ptr);
+ } else {
+ if (capRecordVersion || isTLS13) {
+ version = PR_MIN(SSL_LIBRARY_VERSION_TLS_1_0, version);
+ }
+ ptr = ssl_EncodeUintX(version, 2, ptr);
+ }
+ (void)ssl_EncodeUintX(protBuf.len, 2, ptr);
+ }
+ ++cwSpec->write_seq_num;
+
+ return SECSuccess;
+}
+
+/* Process the plain text before sending it.
+ * Returns the number of bytes of plaintext that were successfully sent
+ * plus the number of bytes of plaintext that were copied into the
+ * output (write) buffer.
+ * Returns SECFailure on a hard IO error, memory error, or crypto error.
+ * Does NOT return SECWouldBlock.
+ *
+ * Notes on the use of the private ssl flags:
+ * (no private SSL flags)
+ * Attempt to make and send SSL records for all plaintext
+ * If non-blocking and a send gets WOULD_BLOCK,
+ * or if the pending (ciphertext) buffer is not empty,
+ * then buffer remaining bytes of ciphertext into pending buf,
+ * and continue to do that for all succssive records until all
+ * bytes are used.
+ * ssl_SEND_FLAG_FORCE_INTO_BUFFER
+ * As above, except this suppresses all write attempts, and forces
+ * all ciphertext into the pending ciphertext buffer.
+ * ssl_SEND_FLAG_USE_EPOCH (for DTLS)
+ * Forces the use of the provided epoch
+ * ssl_SEND_FLAG_CAP_RECORD_VERSION
+ * Caps the record layer version number of TLS ClientHello to { 3, 1 }
+ * (TLS 1.0). Some TLS 1.0 servers (which seem to use F5 BIG-IP) ignore
+ * ClientHello.client_version and use the record layer version number
+ * (TLSPlaintext.version) instead when negotiating protocol versions. In
+ * addition, if the record layer version number of ClientHello is { 3, 2 }
+ * (TLS 1.1) or higher, these servers reset the TCP connections. Lastly,
+ * some F5 BIG-IP servers hang if a record containing a ClientHello has a
+ * version greater than { 3, 1 } and a length greater than 255. Set this
+ * flag to work around such servers.
+ */
+PRInt32
+ssl3_SendRecord(sslSocket *ss,
+ ssl3CipherSpec *cwSpec, /* non-NULL for DTLS retransmits */
+ SSL3ContentType type,
+ const SSL3Opaque *pIn, /* input buffer */
+ PRInt32 nIn, /* bytes of input */
+ PRInt32 flags)
+{
+ sslBuffer *wrBuf = &ss->sec.writeBuf;
+ SECStatus rv;
+ PRInt32 totalSent = 0;
+ PRBool capRecordVersion;
+
+ SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d",
+ SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
+ nIn));
+ PRINT_BUF(50, (ss, "Send record (plain text)", pIn, nIn));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ if (ss->ssl3.fatalAlertSent) {
+ SSL_TRC(3, ("%d: SSL3[%d] Suppress write, fatal alert already sent",
+ SSL_GETPID(), ss->fd));
+ return SECFailure;
+ }
+
+ capRecordVersion = ((flags & ssl_SEND_FLAG_CAP_RECORD_VERSION) != 0);
+
+ if (capRecordVersion) {
+ /* ssl_SEND_FLAG_CAP_RECORD_VERSION can only be used with the
+ * TLS initial ClientHello. */
+ PORT_Assert(!IS_DTLS(ss));
+ PORT_Assert(!ss->firstHsDone);
+ PORT_Assert(type == content_handshake);
+ PORT_Assert(ss->ssl3.hs.ws == wait_server_hello);
+ }
+
+ if (ss->ssl3.initialized == PR_FALSE) {
+ /* This can happen on a server if the very first incoming record
+ ** looks like a defective ssl3 record (e.g. too long), and we're
+ ** trying to send an alert.
+ */
+ PR_ASSERT(type == content_alert);
+ rv = ssl3_InitState(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* ssl3_InitState has set the error code. */
+ }
+ }
+
+ /* check for Token Presence */
+ if (!ssl3_ClientAuthTokenPresent(ss->sec.ci.sid)) {
+ PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
+ return SECFailure;
+ }
+
+ while (nIn > 0) {
+ PRUint32 contentLen = PR_MIN(nIn, MAX_FRAGMENT_LENGTH);
+ unsigned int spaceNeeded;
+ unsigned int numRecords;
+
+ ssl_GetSpecReadLock(ss); /********************************/
+
+ if (nIn > 1 && ss->opt.cbcRandomIV &&
+ ss->ssl3.cwSpec->version < SSL_LIBRARY_VERSION_TLS_1_1 &&
+ type == content_application_data &&
+ ss->ssl3.cwSpec->cipher_def->type == type_block /* CBC mode */) {
+ /* We will split the first byte of the record into its own record,
+ * as explained in the documentation for SSL_CBC_RANDOM_IV in ssl.h
+ */
+ numRecords = 2;
+ } else {
+ numRecords = 1;
+ }
+
+ spaceNeeded = contentLen + (numRecords * SSL3_BUFFER_FUDGE);
+ if (ss->ssl3.cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1 &&
+ ss->ssl3.cwSpec->cipher_def->type == type_block) {
+ spaceNeeded += ss->ssl3.cwSpec->cipher_def->iv_size;
+ }
+ if (spaceNeeded > wrBuf->space) {
+ rv = sslBuffer_Grow(wrBuf, spaceNeeded);
+ if (rv != SECSuccess) {
+ SSL_DBG(("%d: SSL3[%d]: SendRecord, tried to get %d bytes",
+ SSL_GETPID(), ss->fd, spaceNeeded));
+ goto spec_locked_loser; /* sslBuffer_Grow set error code. */
+ }
+ }
+
+ if (numRecords == 2) {
+ sslBuffer secondRecord;
+ rv = ssl_ProtectRecord(ss, ss->ssl3.cwSpec, capRecordVersion, type,
+ pIn, 1, wrBuf);
+ if (rv != SECSuccess)
+ goto spec_locked_loser;
+
+ PRINT_BUF(50, (ss, "send (encrypted) record data [1/2]:",
+ wrBuf->buf, wrBuf->len));
+
+ secondRecord.buf = wrBuf->buf + wrBuf->len;
+ secondRecord.len = 0;
+ secondRecord.space = wrBuf->space - wrBuf->len;
+
+ rv = ssl_ProtectRecord(ss, ss->ssl3.cwSpec, capRecordVersion, type,
+ pIn + 1, contentLen - 1, &secondRecord);
+ if (rv == SECSuccess) {
+ PRINT_BUF(50, (ss, "send (encrypted) record data [2/2]:",
+ secondRecord.buf, secondRecord.len));
+ wrBuf->len += secondRecord.len;
+ }
+ } else {
+ if (cwSpec) {
+ /* cwSpec can only be set for retransmissions of DTLS handshake
+ * messages. */
+ PORT_Assert(IS_DTLS(ss) &&
+ (type == content_handshake ||
+ type == content_change_cipher_spec));
+ } else {
+ cwSpec = ss->ssl3.cwSpec;
+ }
+
+ rv = ssl_ProtectRecord(ss, cwSpec, !IS_DTLS(ss) && capRecordVersion,
+ type, pIn, contentLen, wrBuf);
+ if (rv == SECSuccess) {
+ PRINT_BUF(50, (ss, "send (encrypted) record data:",
+ wrBuf->buf, wrBuf->len));
+ }
+ }
+
+ spec_locked_loser:
+ ssl_ReleaseSpecReadLock(ss); /************************************/
+
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ pIn += contentLen;
+ nIn -= contentLen;
+ PORT_Assert(nIn >= 0);
+
+ /* If there's still some previously saved ciphertext,
+ * or the caller doesn't want us to send the data yet,
+ * then add all our new ciphertext to the amount previously saved.
+ */
+ if ((ss->pendingBuf.len > 0) ||
+ (flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
+
+ rv = ssl_SaveWriteData(ss, wrBuf->buf, wrBuf->len);
+ if (rv != SECSuccess) {
+ /* presumably a memory error, SEC_ERROR_NO_MEMORY */
+ return SECFailure;
+ }
+ wrBuf->len = 0; /* All cipher text is saved away. */
+
+ if (!(flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
+ PRInt32 sent;
+ ss->handshakeBegun = 1;
+ sent = ssl_SendSavedWriteData(ss);
+ if (sent < 0 && PR_GetError() != PR_WOULD_BLOCK_ERROR) {
+ ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
+ return SECFailure;
+ }
+ if (ss->pendingBuf.len) {
+ flags |= ssl_SEND_FLAG_FORCE_INTO_BUFFER;
+ }
+ }
+ } else if (wrBuf->len > 0) {
+ PRInt32 sent;
+ ss->handshakeBegun = 1;
+ sent = ssl_DefSend(ss, wrBuf->buf, wrBuf->len,
+ flags & ~ssl_SEND_FLAG_MASK);
+ if (sent < 0) {
+ if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
+ ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
+ return SECFailure;
+ }
+ /* we got PR_WOULD_BLOCK_ERROR, which means none was sent. */
+ sent = 0;
+ }
+ wrBuf->len -= sent;
+ if (wrBuf->len) {
+ if (IS_DTLS(ss)) {
+ /* DTLS just says no in this case. No buffering */
+ PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
+ return SECFailure;
+ }
+ /* now take all the remaining unsent new ciphertext and
+ * append it to the buffer of previously unsent ciphertext.
+ */
+ rv = ssl_SaveWriteData(ss, wrBuf->buf + sent, wrBuf->len);
+ if (rv != SECSuccess) {
+ /* presumably a memory error, SEC_ERROR_NO_MEMORY */
+ return SECFailure;
+ }
+ }
+ }
+ totalSent += contentLen;
+ }
+ return totalSent;
+}
+
+#define SSL3_PENDING_HIGH_WATER 1024
+
+/* Attempt to send the content of "in" in an SSL application_data record.
+ * Returns "len" or SECFailure, never SECWouldBlock, nor SECSuccess.
+ */
+int
+ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
+ PRInt32 len, PRInt32 flags)
+{
+ PRInt32 totalSent = 0;
+ PRInt32 discarded = 0;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ /* These flags for internal use only */
+ PORT_Assert(!(flags & ssl_SEND_FLAG_NO_RETRANSMIT));
+ if (len < 0 || !in) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ if (ss->pendingBuf.len > SSL3_PENDING_HIGH_WATER &&
+ !ssl_SocketIsBlocking(ss)) {
+ PORT_Assert(!ssl_SocketIsBlocking(ss));
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ return SECFailure;
+ }
+
+ if (ss->appDataBuffered && len) {
+ PORT_Assert(in[0] == (unsigned char)(ss->appDataBuffered));
+ if (in[0] != (unsigned char)(ss->appDataBuffered)) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ in++;
+ len--;
+ discarded = 1;
+ }
+ while (len > totalSent) {
+ PRInt32 sent, toSend;
+
+ if (totalSent > 0) {
+ /*
+ * The thread yield is intended to give the reader thread a
+ * chance to get some cycles while the writer thread is in
+ * the middle of a large application data write. (See
+ * Bugzilla bug 127740, comment #1.)
+ */
+ ssl_ReleaseXmitBufLock(ss);
+ PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield(); */
+ ssl_GetXmitBufLock(ss);
+ }
+ toSend = PR_MIN(len - totalSent, MAX_FRAGMENT_LENGTH);
+ /*
+ * Note that the 0 epoch is OK because flags will never require
+ * its use, as guaranteed by the PORT_Assert above.
+ */
+ sent = ssl3_SendRecord(ss, NULL, content_application_data,
+ in + totalSent, toSend, flags);
+ if (sent < 0) {
+ if (totalSent > 0 && PR_GetError() == PR_WOULD_BLOCK_ERROR) {
+ PORT_Assert(ss->lastWriteBlocked);
+ break;
+ }
+ return SECFailure; /* error code set by ssl3_SendRecord */
+ }
+ totalSent += sent;
+ if (ss->pendingBuf.len) {
+ /* must be a non-blocking socket */
+ PORT_Assert(!ssl_SocketIsBlocking(ss));
+ PORT_Assert(ss->lastWriteBlocked);
+ break;
+ }
+ }
+ if (ss->pendingBuf.len) {
+ /* Must be non-blocking. */
+ PORT_Assert(!ssl_SocketIsBlocking(ss));
+ if (totalSent > 0) {
+ ss->appDataBuffered = 0x100 | in[totalSent - 1];
+ }
+
+ totalSent = totalSent + discarded - 1;
+ if (totalSent <= 0) {
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ totalSent = SECFailure;
+ }
+ return totalSent;
+ }
+ ss->appDataBuffered = 0;
+ return totalSent + discarded;
+}
+
+/* Attempt to send buffered handshake messages.
+ * This function returns SECSuccess or SECFailure, never SECWouldBlock.
+ * Always set sendBuf.len to 0, even when returning SECFailure.
+ *
+ * Depending on whether we are doing DTLS or not, this either calls
+ *
+ * - ssl3_FlushHandshakeMessages if non-DTLS
+ * - dtls_FlushHandshakeMessages if DTLS
+ *
+ * Called from SSL3_SendAlert(), ssl3_SendChangeCipherSpecs(),
+ * ssl3_AppendHandshake(), ssl3_SendClientHello(),
+ * ssl3_SendHelloRequest(), ssl3_SendServerHelloDone(),
+ * ssl3_SendFinished(),
+ */
+SECStatus
+ssl3_FlushHandshake(sslSocket *ss, PRInt32 flags)
+{
+ if (IS_DTLS(ss)) {
+ return dtls_FlushHandshakeMessages(ss, flags);
+ } else {
+ return ssl3_FlushHandshakeMessages(ss, flags);
+ }
+}
+
+/* Attempt to send the content of sendBuf buffer in an SSL handshake record.
+ * This function returns SECSuccess or SECFailure, never SECWouldBlock.
+ * Always set sendBuf.len to 0, even when returning SECFailure.
+ *
+ * Called from ssl3_FlushHandshake
+ */
+static SECStatus
+ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags)
+{
+ static const PRInt32 allowedFlags = ssl_SEND_FLAG_FORCE_INTO_BUFFER |
+ ssl_SEND_FLAG_CAP_RECORD_VERSION;
+ PRInt32 count = -1;
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
+ return SECSuccess;
+
+ /* only these flags are allowed */
+ PORT_Assert(!(flags & ~allowedFlags));
+ if ((flags & ~allowedFlags) != 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ count = ssl3_SendRecord(ss, NULL, content_handshake,
+ ss->sec.ci.sendBuf.buf,
+ ss->sec.ci.sendBuf.len, flags);
+ if (count < 0) {
+ int err = PORT_GetError();
+ PORT_Assert(err != PR_WOULD_BLOCK_ERROR);
+ if (err == PR_WOULD_BLOCK_ERROR) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+ rv = SECFailure;
+ } else if ((unsigned int)count < ss->sec.ci.sendBuf.len) {
+ /* short write should never happen */
+ PORT_Assert((unsigned int)count >= ss->sec.ci.sendBuf.len);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ } else {
+ rv = SECSuccess;
+ }
+
+ /* Whether we succeeded or failed, toss the old handshake data. */
+ ss->sec.ci.sendBuf.len = 0;
+ return rv;
+}
+
+/*
+ * Called from ssl3_HandleAlert and from ssl3_HandleCertificate when
+ * the remote client sends a negative response to our certificate request.
+ * Returns SECFailure if the application has required client auth.
+ * SECSuccess otherwise.
+ */
+SECStatus
+ssl3_HandleNoCertificate(sslSocket *ss)
+{
+ ssl3_CleanupPeerCerts(ss);
+
+ /* If the server has required client-auth blindly but doesn't
+ * actually look at the certificate it won't know that no
+ * certificate was presented so we shutdown the socket to ensure
+ * an error. We only do this if we haven't already completed the
+ * first handshake because if we're redoing the handshake we
+ * know the server is paying attention to the certificate.
+ */
+ if ((ss->opt.requireCertificate == SSL_REQUIRE_ALWAYS) ||
+ (!ss->firstHsDone &&
+ (ss->opt.requireCertificate == SSL_REQUIRE_FIRST_HANDSHAKE))) {
+ PRFileDesc *lower;
+
+ ss->sec.uncache(ss->sec.ci.sid);
+ SSL3_SendAlert(ss, alert_fatal, bad_certificate);
+
+ lower = ss->fd->lower;
+#ifdef _WIN32
+ lower->methods->shutdown(lower, PR_SHUTDOWN_SEND);
+#else
+ lower->methods->shutdown(lower, PR_SHUTDOWN_BOTH);
+#endif
+ PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/************************************************************************
+ * Alerts
+ */
+
+/*
+** Acquires both handshake and XmitBuf locks.
+** Called from: ssl3_IllegalParameter <-
+** ssl3_HandshakeFailure <-
+** ssl3_HandleAlert <- ssl3_HandleRecord.
+** ssl3_HandleChangeCipherSpecs <- ssl3_HandleRecord
+** ssl3_ConsumeHandshakeVariable <-
+** ssl3_HandleHelloRequest <-
+** ssl3_HandleServerHello <-
+** ssl3_HandleServerKeyExchange <-
+** ssl3_HandleCertificateRequest <-
+** ssl3_HandleServerHelloDone <-
+** ssl3_HandleClientHello <-
+** ssl3_HandleV2ClientHello <-
+** ssl3_HandleCertificateVerify <-
+** ssl3_HandleClientKeyExchange <-
+** ssl3_HandleCertificate <-
+** ssl3_HandleFinished <-
+** ssl3_HandleHandshakeMessage <-
+** ssl3_HandlePostHelloHandshakeMessage <-
+** ssl3_HandleRecord <-
+**
+*/
+SECStatus
+SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
+{
+ PRUint8 bytes[2];
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send alert record, level=%d desc=%d",
+ SSL_GETPID(), ss->fd, level, desc));
+
+ bytes[0] = level;
+ bytes[1] = desc;
+
+ ssl_GetSSL3HandshakeLock(ss);
+ if (level == alert_fatal) {
+ if (!ss->opt.noCache && ss->sec.ci.sid) {
+ ss->sec.uncache(ss->sec.ci.sid);
+ }
+ }
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ if (rv == SECSuccess) {
+ PRInt32 sent;
+ sent = ssl3_SendRecord(ss, NULL, content_alert, bytes, 2,
+ (desc == no_certificate) ? ssl_SEND_FLAG_FORCE_INTO_BUFFER : 0);
+ rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
+ }
+ if (level == alert_fatal) {
+ ss->ssl3.fatalAlertSent = PR_TRUE;
+ }
+ ssl_ReleaseXmitBufLock(ss);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ return rv; /* error set by ssl3_FlushHandshake or ssl3_SendRecord */
+}
+
+/*
+ * Send illegal_parameter alert. Set generic error number.
+ */
+static SECStatus
+ssl3_IllegalParameter(sslSocket *ss)
+{
+ (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
+ : SSL_ERROR_BAD_SERVER);
+ return SECFailure;
+}
+
+/*
+ * Send handshake_Failure alert. Set generic error number.
+ */
+static SECStatus
+ssl3_HandshakeFailure(sslSocket *ss)
+{
+ (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
+ PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
+ : SSL_ERROR_BAD_SERVER);
+ return SECFailure;
+}
+
+void
+ssl3_SendAlertForCertError(sslSocket *ss, PRErrorCode errCode)
+{
+ SSL3AlertDescription desc = bad_certificate;
+ PRBool isTLS = ss->version >= SSL_LIBRARY_VERSION_3_1_TLS;
+
+ switch (errCode) {
+ case SEC_ERROR_LIBRARY_FAILURE:
+ desc = unsupported_certificate;
+ break;
+ case SEC_ERROR_EXPIRED_CERTIFICATE:
+ desc = certificate_expired;
+ break;
+ case SEC_ERROR_REVOKED_CERTIFICATE:
+ desc = certificate_revoked;
+ break;
+ case SEC_ERROR_INADEQUATE_KEY_USAGE:
+ case SEC_ERROR_INADEQUATE_CERT_TYPE:
+ desc = certificate_unknown;
+ break;
+ case SEC_ERROR_UNTRUSTED_CERT:
+ desc = isTLS ? access_denied : certificate_unknown;
+ break;
+ case SEC_ERROR_UNKNOWN_ISSUER:
+ case SEC_ERROR_UNTRUSTED_ISSUER:
+ desc = isTLS ? unknown_ca : certificate_unknown;
+ break;
+ case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
+ desc = isTLS ? unknown_ca : certificate_expired;
+ break;
+
+ case SEC_ERROR_CERT_NOT_IN_NAME_SPACE:
+ case SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID:
+ case SEC_ERROR_CA_CERT_INVALID:
+ case SEC_ERROR_BAD_SIGNATURE:
+ default:
+ desc = bad_certificate;
+ break;
+ }
+ SSL_DBG(("%d: SSL3[%d]: peer certificate is no good: error=%d",
+ SSL_GETPID(), ss->fd, errCode));
+
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+}
+
+/*
+ * Send decode_error alert. Set generic error number.
+ */
+SECStatus
+ssl3_DecodeError(sslSocket *ss)
+{
+ (void)SSL3_SendAlert(ss, alert_fatal,
+ ss->version > SSL_LIBRARY_VERSION_3_0 ? decode_error
+ : illegal_parameter);
+ PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
+ : SSL_ERROR_BAD_SERVER);
+ return SECFailure;
+}
+
+/* Called from ssl3_HandleRecord.
+** Caller must hold both RecvBuf and Handshake locks.
+*/
+static SECStatus
+ssl3_HandleAlert(sslSocket *ss, sslBuffer *buf)
+{
+ SSL3AlertLevel level;
+ SSL3AlertDescription desc;
+ int error;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle alert record", SSL_GETPID(), ss->fd));
+
+ if (buf->len != 2) {
+ (void)ssl3_DecodeError(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_ALERT);
+ return SECFailure;
+ }
+ level = (SSL3AlertLevel)buf->buf[0];
+ desc = (SSL3AlertDescription)buf->buf[1];
+ buf->len = 0;
+ SSL_TRC(5, ("%d: SSL3[%d] received alert, level = %d, description = %d",
+ SSL_GETPID(), ss->fd, level, desc));
+
+ switch (desc) {
+ case close_notify:
+ ss->recvdCloseNotify = 1;
+ error = SSL_ERROR_CLOSE_NOTIFY_ALERT;
+ break;
+ case unexpected_message:
+ error = SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT;
+ break;
+ case bad_record_mac:
+ error = SSL_ERROR_BAD_MAC_ALERT;
+ break;
+ case decryption_failed_RESERVED:
+ error = SSL_ERROR_DECRYPTION_FAILED_ALERT;
+ break;
+ case record_overflow:
+ error = SSL_ERROR_RECORD_OVERFLOW_ALERT;
+ break;
+ case decompression_failure:
+ error = SSL_ERROR_DECOMPRESSION_FAILURE_ALERT;
+ break;
+ case handshake_failure:
+ error = SSL_ERROR_HANDSHAKE_FAILURE_ALERT;
+ break;
+ case no_certificate:
+ error = SSL_ERROR_NO_CERTIFICATE;
+ break;
+ case bad_certificate:
+ error = SSL_ERROR_BAD_CERT_ALERT;
+ break;
+ case unsupported_certificate:
+ error = SSL_ERROR_UNSUPPORTED_CERT_ALERT;
+ break;
+ case certificate_revoked:
+ error = SSL_ERROR_REVOKED_CERT_ALERT;
+ break;
+ case certificate_expired:
+ error = SSL_ERROR_EXPIRED_CERT_ALERT;
+ break;
+ case certificate_unknown:
+ error = SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT;
+ break;
+ case illegal_parameter:
+ error = SSL_ERROR_ILLEGAL_PARAMETER_ALERT;
+ break;
+ case inappropriate_fallback:
+ error = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
+ break;
+
+ /* All alerts below are TLS only. */
+ case unknown_ca:
+ error = SSL_ERROR_UNKNOWN_CA_ALERT;
+ break;
+ case access_denied:
+ error = SSL_ERROR_ACCESS_DENIED_ALERT;
+ break;
+ case decode_error:
+ error = SSL_ERROR_DECODE_ERROR_ALERT;
+ break;
+ case decrypt_error:
+ error = SSL_ERROR_DECRYPT_ERROR_ALERT;
+ break;
+ case export_restriction:
+ error = SSL_ERROR_EXPORT_RESTRICTION_ALERT;
+ break;
+ case protocol_version:
+ error = SSL_ERROR_PROTOCOL_VERSION_ALERT;
+ break;
+ case insufficient_security:
+ error = SSL_ERROR_INSUFFICIENT_SECURITY_ALERT;
+ break;
+ case internal_error:
+ error = SSL_ERROR_INTERNAL_ERROR_ALERT;
+ break;
+ case user_canceled:
+ error = SSL_ERROR_USER_CANCELED_ALERT;
+ break;
+ case no_renegotiation:
+ error = SSL_ERROR_NO_RENEGOTIATION_ALERT;
+ break;
+
+ /* Alerts for TLS client hello extensions */
+ case missing_extension:
+ error = SSL_ERROR_MISSING_EXTENSION_ALERT;
+ break;
+ case unsupported_extension:
+ error = SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT;
+ break;
+ case certificate_unobtainable:
+ error = SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT;
+ break;
+ case unrecognized_name:
+ error = SSL_ERROR_UNRECOGNIZED_NAME_ALERT;
+ break;
+ case bad_certificate_status_response:
+ error = SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT;
+ break;
+ case bad_certificate_hash_value:
+ error = SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT;
+ break;
+ case end_of_early_data:
+ error = SSL_ERROR_END_OF_EARLY_DATA_ALERT;
+ break;
+ default:
+ error = SSL_ERROR_RX_UNKNOWN_ALERT;
+ break;
+ }
+ if ((ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) &&
+ (ss->ssl3.hs.ws != wait_server_hello)) {
+ /* TLS 1.3 requires all but "end of data" alerts to be
+ * treated as fatal. */
+ switch (desc) {
+ case close_notify:
+ case user_canceled:
+ case end_of_early_data:
+ break;
+ default:
+ level = alert_fatal;
+ }
+ }
+ if (level == alert_fatal) {
+ if (!ss->opt.noCache) {
+ ss->sec.uncache(ss->sec.ci.sid);
+ }
+ if ((ss->ssl3.hs.ws == wait_server_hello) &&
+ (desc == handshake_failure)) {
+ /* XXX This is a hack. We're assuming that any handshake failure
+ * XXX on the client hello is a failure to match ciphers.
+ */
+ error = SSL_ERROR_NO_CYPHER_OVERLAP;
+ }
+ PORT_SetError(error);
+ return SECFailure;
+ }
+ if (desc == end_of_early_data) {
+ return tls13_HandleEndOfEarlyData(ss);
+ }
+ if ((desc == no_certificate) && (ss->ssl3.hs.ws == wait_client_cert)) {
+ /* I'm a server. I've requested a client cert. He hasn't got one. */
+ SECStatus rv;
+
+ PORT_Assert(ss->sec.isServer);
+ ss->ssl3.hs.ws = wait_client_key;
+ rv = ssl3_HandleNoCertificate(ss);
+ return rv;
+ }
+ return SECSuccess;
+}
+
+/*
+ * Change Cipher Specs
+ * Called from ssl3_HandleServerHelloDone,
+ * ssl3_HandleClientHello,
+ * and ssl3_HandleFinished
+ *
+ * Acquires and releases spec write lock, to protect switching the current
+ * and pending write spec pointers.
+ */
+
+static SECStatus
+ssl3_SendChangeCipherSpecs(sslSocket *ss)
+{
+ PRUint8 change = change_cipher_spec_choice;
+ ssl3CipherSpec *pwSpec;
+ SECStatus rv;
+ PRInt32 sent;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send change_cipher_spec record",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by ssl3_FlushHandshake */
+ }
+ if (!IS_DTLS(ss)) {
+ sent = ssl3_SendRecord(ss, NULL, content_change_cipher_spec, &change, 1,
+ ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ if (sent < 0) {
+ return (SECStatus)sent; /* error code set by ssl3_SendRecord */
+ }
+ } else {
+ rv = dtls_QueueMessage(ss, content_change_cipher_spec, &change, 1);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ /* swap the pending and current write specs. */
+ ssl_GetSpecWriteLock(ss); /**************************************/
+ pwSpec = ss->ssl3.pwSpec;
+
+ ss->ssl3.pwSpec = ss->ssl3.cwSpec;
+ ss->ssl3.cwSpec = pwSpec;
+
+ SSL_TRC(3, ("%d: SSL3[%d] Set Current Write Cipher Suite to Pending",
+ SSL_GETPID(), ss->fd));
+
+ /* We need to free up the contexts, keys and certs ! */
+ /* If we are really through with the old cipher spec
+ * (Both the read and write sides have changed) destroy it.
+ */
+ if (ss->ssl3.prSpec == ss->ssl3.pwSpec) {
+ if (!IS_DTLS(ss)) {
+ ssl3_DestroyCipherSpec(ss->ssl3.pwSpec, PR_FALSE /*freeSrvName*/);
+ } else {
+ /* With DTLS, we need to set a holddown timer in case the final
+ * message got lost */
+ rv = dtls_StartHolddownTimer(ss);
+ }
+ }
+ ssl_ReleaseSpecWriteLock(ss); /**************************************/
+
+ return rv;
+}
+
+/* Called from ssl3_HandleRecord.
+** Caller must hold both RecvBuf and Handshake locks.
+ *
+ * Acquires and releases spec write lock, to protect switching the current
+ * and pending write spec pointers.
+*/
+static SECStatus
+ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf)
+{
+ ssl3CipherSpec *prSpec;
+ SSL3WaitState ws = ss->ssl3.hs.ws;
+ SSL3ChangeCipherSpecChoice change;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle change_cipher_spec record",
+ SSL_GETPID(), ss->fd));
+
+ if (ws != wait_change_cipher) {
+ if (IS_DTLS(ss)) {
+ /* Ignore this because it's out of order. */
+ SSL_TRC(3, ("%d: SSL3[%d]: discard out of order "
+ "DTLS change_cipher_spec",
+ SSL_GETPID(), ss->fd));
+ buf->len = 0;
+ return SECSuccess;
+ }
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER);
+ return SECFailure;
+ }
+ /* Handshake messages should not span ChangeCipherSpec. */
+ if (ss->ssl3.hs.header_bytes) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER);
+ return SECFailure;
+ }
+ if (buf->len != 1) {
+ (void)ssl3_DecodeError(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
+ return SECFailure;
+ }
+ change = (SSL3ChangeCipherSpecChoice)buf->buf[0];
+ if (change != change_cipher_spec_choice) {
+ /* illegal_parameter is correct here for both SSL3 and TLS. */
+ (void)ssl3_IllegalParameter(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
+ return SECFailure;
+ }
+ buf->len = 0;
+
+ /* Swap the pending and current read specs. */
+ ssl_GetSpecWriteLock(ss); /*************************************/
+ prSpec = ss->ssl3.prSpec;
+
+ ss->ssl3.prSpec = ss->ssl3.crSpec;
+ ss->ssl3.crSpec = prSpec;
+ ss->ssl3.hs.ws = wait_finished;
+
+ SSL_TRC(3, ("%d: SSL3[%d] Set Current Read Cipher Suite to Pending",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are really through with the old cipher prSpec
+ * (Both the read and write sides have changed) destroy it.
+ */
+ if (ss->ssl3.prSpec == ss->ssl3.pwSpec) {
+ ssl3_DestroyCipherSpec(ss->ssl3.prSpec, PR_FALSE /*freeSrvName*/);
+ }
+ ssl_ReleaseSpecWriteLock(ss); /*************************************/
+ return SECSuccess;
+}
+
+static CK_MECHANISM_TYPE
+ssl3_GetMgfMechanismByHashType(SSLHashType hash)
+{
+ switch (hash) {
+ case ssl_hash_sha256:
+ return CKG_MGF1_SHA256;
+ case ssl_hash_sha384:
+ return CKG_MGF1_SHA384;
+ case ssl_hash_sha512:
+ return CKG_MGF1_SHA512;
+ default:
+ PORT_Assert(0);
+ }
+ return CKG_MGF1_SHA256;
+}
+
+/* Function valid for >= TLS 1.2, only. */
+static CK_MECHANISM_TYPE
+ssl3_GetHashMechanismByHashType(SSLHashType hashType)
+{
+ switch (hashType) {
+ case ssl_hash_sha512:
+ return CKM_SHA512;
+ case ssl_hash_sha384:
+ return CKM_SHA384;
+ case ssl_hash_sha256:
+ case ssl_hash_none:
+ /* ssl_hash_none is for pre-1.2 suites, which use SHA-256. */
+ return CKM_SHA256;
+ case ssl_hash_sha1:
+ return CKM_SHA_1;
+ default:
+ PORT_Assert(0);
+ }
+ return CKM_SHA256;
+}
+
+/* Function valid for >= TLS 1.2, only. */
+static CK_MECHANISM_TYPE
+ssl3_GetPrfHashMechanism(sslSocket *ss)
+{
+ return ssl3_GetHashMechanismByHashType(ss->ssl3.hs.suite_def->prf_hash);
+}
+
+static SSLHashType
+ssl3_GetSuitePrfHash(sslSocket *ss)
+{
+ /* ssl_hash_none is for pre-1.2 suites, which use SHA-256. */
+ if (ss->ssl3.hs.suite_def->prf_hash == ssl_hash_none) {
+ return ssl_hash_sha256;
+ }
+ return ss->ssl3.hs.suite_def->prf_hash;
+}
+
+/* This method completes the derivation of the MS from the PMS.
+**
+** 1. Derive the MS, if possible, else return an error.
+**
+** 2. Check the version if |pms_version| is non-zero and if wrong,
+** return an error.
+**
+** 3. If |msp| is nonzero, return MS in |*msp|.
+
+** Called from:
+** ssl3_ComputeMasterSecretInt
+** tls_ComputeExtendedMasterSecretInt
+*/
+static SECStatus
+ssl3_ComputeMasterSecretFinish(sslSocket *ss,
+ CK_MECHANISM_TYPE master_derive,
+ CK_MECHANISM_TYPE key_derive,
+ CK_VERSION *pms_version,
+ SECItem *params, CK_FLAGS keyFlags,
+ PK11SymKey *pms, PK11SymKey **msp)
+{
+ PK11SymKey *ms = NULL;
+
+ ms = PK11_DeriveWithFlags(pms, master_derive,
+ params, key_derive,
+ CKA_DERIVE, 0, keyFlags);
+ if (!ms) {
+ ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return SECFailure;
+ }
+
+ if (pms_version && ss->opt.detectRollBack) {
+ SSL3ProtocolVersion client_version;
+ client_version = pms_version->major << 8 | pms_version->minor;
+
+ if (IS_DTLS(ss)) {
+ client_version = dtls_DTLSVersionToTLSVersion(client_version);
+ }
+
+ if (client_version != ss->clientHelloVersion) {
+ /* Destroy MS. Version roll-back detected. */
+ PK11_FreeSymKey(ms);
+ ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ if (msp) {
+ *msp = ms;
+ } else {
+ PK11_FreeSymKey(ms);
+ }
+
+ return SECSuccess;
+}
+
+/* Compute the ordinary (pre draft-ietf-tls-session-hash) master
+ ** secret and return it in |*msp|.
+ **
+ ** Called from: ssl3_ComputeMasterSecret
+ */
+static SECStatus
+ssl3_ComputeMasterSecretInt(sslSocket *ss, PK11SymKey *pms,
+ PK11SymKey **msp)
+{
+ ssl3CipherSpec *pwSpec = ss->ssl3.pwSpec;
+ unsigned char *cr = (unsigned char *)&ss->ssl3.hs.client_random;
+ unsigned char *sr = (unsigned char *)&ss->ssl3.hs.server_random;
+ PRBool isTLS = (PRBool)(pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+ PRBool isTLS12 =
+ (PRBool)(isTLS && pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+ /*
+ * Whenever isDH is true, we need to use CKM_TLS_MASTER_KEY_DERIVE_DH
+ * which, unlike CKM_TLS_MASTER_KEY_DERIVE, converts arbitrary size
+ * data into a 48-byte value, and does not expect to return the version.
+ */
+ PRBool isDH = (PRBool)((ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh) ||
+ (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh));
+ CK_MECHANISM_TYPE master_derive;
+ CK_MECHANISM_TYPE key_derive;
+ SECItem params;
+ CK_FLAGS keyFlags;
+ CK_VERSION pms_version;
+ CK_VERSION *pms_version_ptr = NULL;
+ /* master_params may be used as a CK_SSL3_MASTER_KEY_DERIVE_PARAMS */
+ CK_TLS12_MASTER_KEY_DERIVE_PARAMS master_params;
+ unsigned int master_params_len;
+
+ if (isTLS12) {
+ if (isDH)
+ master_derive = CKM_TLS12_MASTER_KEY_DERIVE_DH;
+ else
+ master_derive = CKM_TLS12_MASTER_KEY_DERIVE;
+ key_derive = CKM_TLS12_KEY_AND_MAC_DERIVE;
+ keyFlags = CKF_SIGN | CKF_VERIFY;
+ } else if (isTLS) {
+ if (isDH)
+ master_derive = CKM_TLS_MASTER_KEY_DERIVE_DH;
+ else
+ master_derive = CKM_TLS_MASTER_KEY_DERIVE;
+ key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
+ keyFlags = CKF_SIGN | CKF_VERIFY;
+ } else {
+ if (isDH)
+ master_derive = CKM_SSL3_MASTER_KEY_DERIVE_DH;
+ else
+ master_derive = CKM_SSL3_MASTER_KEY_DERIVE;
+ key_derive = CKM_SSL3_KEY_AND_MAC_DERIVE;
+ keyFlags = 0;
+ }
+
+ if (!isDH) {
+ pms_version_ptr = &pms_version;
+ }
+
+ master_params.pVersion = pms_version_ptr;
+ master_params.RandomInfo.pClientRandom = cr;
+ master_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
+ master_params.RandomInfo.pServerRandom = sr;
+ master_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
+ if (isTLS12) {
+ master_params.prfHashMechanism = ssl3_GetPrfHashMechanism(ss);
+ master_params_len = sizeof(CK_TLS12_MASTER_KEY_DERIVE_PARAMS);
+ } else {
+ /* prfHashMechanism is not relevant with this PRF */
+ master_params_len = sizeof(CK_SSL3_MASTER_KEY_DERIVE_PARAMS);
+ }
+
+ params.data = (unsigned char *)&master_params;
+ params.len = master_params_len;
+
+ return ssl3_ComputeMasterSecretFinish(ss, master_derive, key_derive,
+ pms_version_ptr, &params,
+ keyFlags, pms, msp);
+}
+
+/* Compute the draft-ietf-tls-session-hash master
+** secret and return it in |*msp|.
+**
+** Called from: ssl3_ComputeMasterSecret
+*/
+static SECStatus
+tls_ComputeExtendedMasterSecretInt(sslSocket *ss, PK11SymKey *pms,
+ PK11SymKey **msp)
+{
+ ssl3CipherSpec *pwSpec = ss->ssl3.pwSpec;
+ CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS extended_master_params;
+ SSL3Hashes hashes;
+ /*
+ * Determine whether to use the DH/ECDH or RSA derivation modes.
+ */
+ /*
+ * TODO(ekr@rtfm.com): Verify that the slot can handle this key expansion
+ * mode. Bug 1198298 */
+ PRBool isDH = (PRBool)((ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_dh) ||
+ (ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_ecdh));
+ CK_MECHANISM_TYPE master_derive;
+ CK_MECHANISM_TYPE key_derive;
+ SECItem params;
+ const CK_FLAGS keyFlags = CKF_SIGN | CKF_VERIFY;
+ CK_VERSION pms_version;
+ CK_VERSION *pms_version_ptr = NULL;
+ SECStatus rv;
+
+ rv = ssl3_ComputeHandshakeHashes(ss, pwSpec, &hashes, 0);
+ if (rv != SECSuccess) {
+ PORT_Assert(0); /* Should never fail */
+ ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return SECFailure;
+ }
+
+ if (isDH) {
+ master_derive = CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH;
+ } else {
+ master_derive = CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE;
+ pms_version_ptr = &pms_version;
+ }
+
+ if (pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
+ /* TLS 1.2+ */
+ extended_master_params.prfHashMechanism = ssl3_GetPrfHashMechanism(ss);
+ key_derive = CKM_TLS12_KEY_AND_MAC_DERIVE;
+ } else {
+ /* TLS < 1.2 */
+ extended_master_params.prfHashMechanism = CKM_TLS_PRF;
+ key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
+ }
+
+ extended_master_params.pVersion = pms_version_ptr;
+ extended_master_params.pSessionHash = hashes.u.raw;
+ extended_master_params.ulSessionHashLen = hashes.len;
+
+ params.data = (unsigned char *)&extended_master_params;
+ params.len = sizeof extended_master_params;
+
+ return ssl3_ComputeMasterSecretFinish(ss, master_derive, key_derive,
+ pms_version_ptr, &params,
+ keyFlags, pms, msp);
+}
+
+/* Wrapper method to compute the master secret and return it in |*msp|.
+**
+** Called from ssl3_ComputeMasterSecret
+*/
+static SECStatus
+ssl3_ComputeMasterSecret(sslSocket *ss, PK11SymKey *pms,
+ PK11SymKey **msp)
+{
+ PORT_Assert(pms != NULL);
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn)) {
+ return tls_ComputeExtendedMasterSecretInt(ss, pms, msp);
+ } else {
+ return ssl3_ComputeMasterSecretInt(ss, pms, msp);
+ }
+}
+
+/* This method uses PKCS11 to derive the MS from the PMS, where PMS
+** is a PKCS11 symkey. We call ssl3_ComputeMasterSecret to do the
+** computations and then modify the pwSpec->state as a side effect.
+**
+** This is used in all cases except the "triple bypass" with RSA key
+** exchange.
+**
+** Called from ssl3_InitPendingCipherSpec. prSpec is pwSpec.
+*/
+static SECStatus
+ssl3_DeriveMasterSecret(sslSocket *ss, PK11SymKey *pms)
+{
+ SECStatus rv;
+ PK11SymKey *ms = NULL;
+ ssl3CipherSpec *pwSpec = ss->ssl3.pwSpec;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSpecWriteLock(ss));
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ if (pms) {
+ rv = ssl3_ComputeMasterSecret(ss, pms, &ms);
+ pwSpec->master_secret = ms;
+ if (rv != SECSuccess)
+ return rv;
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Derive encryption and MAC Keys (and IVs) from master secret
+ * Sets a useful error code when returning SECFailure.
+ *
+ * Called only from ssl3_InitPendingCipherSpec(),
+ * which in turn is called from
+ * ssl3_SendRSAClientKeyExchange (for Full handshake)
+ * ssl3_SendDHClientKeyExchange (for Full handshake)
+ * ssl3_HandleClientKeyExchange (for Full handshake)
+ * ssl3_HandleServerHello (for session restart)
+ * ssl3_HandleClientHello (for session restart)
+ * Caller MUST hold the specWriteLock, and SSL3HandshakeLock.
+ * ssl3_InitPendingCipherSpec does that.
+ *
+ */
+static SECStatus
+ssl3_DeriveConnectionKeys(sslSocket *ss)
+{
+ ssl3CipherSpec *pwSpec = ss->ssl3.pwSpec;
+ unsigned char *cr = (unsigned char *)&ss->ssl3.hs.client_random;
+ unsigned char *sr = (unsigned char *)&ss->ssl3.hs.server_random;
+ PRBool isTLS = (PRBool)(pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+ PRBool isTLS12 =
+ (PRBool)(isTLS && pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+ const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def;
+ PK11SlotInfo *slot = NULL;
+ PK11SymKey *symKey = NULL;
+ void *pwArg = ss->pkcs11PinArg;
+ int keySize;
+ CK_TLS12_KEY_MAT_PARAMS key_material_params; /* may be used as a
+ * CK_SSL3_KEY_MAT_PARAMS */
+ unsigned int key_material_params_len;
+ CK_SSL3_KEY_MAT_OUT returnedKeys;
+ CK_MECHANISM_TYPE key_derive;
+ CK_MECHANISM_TYPE bulk_mechanism;
+ SSLCipherAlgorithm calg;
+ SECItem params;
+ PRBool skipKeysAndIVs = (PRBool)(cipher_def->calg == calg_null);
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSpecWriteLock(ss));
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ if (!pwSpec->master_secret) {
+ PORT_SetError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return SECFailure;
+ }
+ /*
+ * generate the key material
+ */
+ key_material_params.ulMacSizeInBits = pwSpec->mac_size * BPB;
+ key_material_params.ulKeySizeInBits = cipher_def->secret_key_size * BPB;
+ key_material_params.ulIVSizeInBits = cipher_def->iv_size * BPB;
+ if (cipher_def->type == type_block &&
+ pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) {
+ /* Block ciphers in >= TLS 1.1 use a per-record, explicit IV. */
+ key_material_params.ulIVSizeInBits = 0;
+ memset(pwSpec->client.write_iv, 0, cipher_def->iv_size);
+ memset(pwSpec->server.write_iv, 0, cipher_def->iv_size);
+ }
+
+ key_material_params.bIsExport = PR_FALSE;
+ key_material_params.RandomInfo.pClientRandom = cr;
+ key_material_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
+ key_material_params.RandomInfo.pServerRandom = sr;
+ key_material_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
+ key_material_params.pReturnedKeyMaterial = &returnedKeys;
+
+ returnedKeys.pIVClient = pwSpec->client.write_iv;
+ returnedKeys.pIVServer = pwSpec->server.write_iv;
+ keySize = cipher_def->key_size;
+
+ if (skipKeysAndIVs) {
+ keySize = 0;
+ key_material_params.ulKeySizeInBits = 0;
+ key_material_params.ulIVSizeInBits = 0;
+ returnedKeys.pIVClient = NULL;
+ returnedKeys.pIVServer = NULL;
+ }
+
+ calg = cipher_def->calg;
+ bulk_mechanism = ssl3_Alg2Mech(calg);
+
+ if (isTLS12) {
+ key_derive = CKM_TLS12_KEY_AND_MAC_DERIVE;
+ key_material_params.prfHashMechanism = ssl3_GetPrfHashMechanism(ss);
+ key_material_params_len = sizeof(CK_TLS12_KEY_MAT_PARAMS);
+ } else if (isTLS) {
+ key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
+ key_material_params_len = sizeof(CK_SSL3_KEY_MAT_PARAMS);
+ } else {
+ key_derive = CKM_SSL3_KEY_AND_MAC_DERIVE;
+ key_material_params_len = sizeof(CK_SSL3_KEY_MAT_PARAMS);
+ }
+
+ params.data = (unsigned char *)&key_material_params;
+ params.len = key_material_params_len;
+
+ /* CKM_SSL3_KEY_AND_MAC_DERIVE is defined to set ENCRYPT, DECRYPT, and
+ * DERIVE by DEFAULT */
+ symKey = PK11_Derive(pwSpec->master_secret, key_derive, &params,
+ bulk_mechanism, CKA_ENCRYPT, keySize);
+ if (!symKey) {
+ ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return SECFailure;
+ }
+ /* we really should use the actual mac'ing mechanism here, but we
+ * don't because these types are used to map keytype anyway and both
+ * mac's map to the same keytype.
+ */
+ slot = PK11_GetSlotFromKey(symKey);
+
+ PK11_FreeSlot(slot); /* slot is held until the key is freed */
+ pwSpec->client.write_mac_key =
+ PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
+ CKM_SSL3_SHA1_MAC, returnedKeys.hClientMacSecret, PR_TRUE, pwArg);
+ if (pwSpec->client.write_mac_key == NULL) {
+ goto loser; /* loser sets err */
+ }
+ pwSpec->server.write_mac_key =
+ PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
+ CKM_SSL3_SHA1_MAC, returnedKeys.hServerMacSecret, PR_TRUE, pwArg);
+ if (pwSpec->server.write_mac_key == NULL) {
+ goto loser; /* loser sets err */
+ }
+ if (!skipKeysAndIVs) {
+ pwSpec->client.write_key =
+ PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
+ bulk_mechanism, returnedKeys.hClientKey, PR_TRUE, pwArg);
+ if (pwSpec->client.write_key == NULL) {
+ goto loser; /* loser sets err */
+ }
+ pwSpec->server.write_key =
+ PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
+ bulk_mechanism, returnedKeys.hServerKey, PR_TRUE, pwArg);
+ if (pwSpec->server.write_key == NULL) {
+ goto loser; /* loser sets err */
+ }
+ }
+ PK11_FreeSymKey(symKey);
+ return SECSuccess;
+
+loser:
+ if (symKey)
+ PK11_FreeSymKey(symKey);
+ ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
+ return SECFailure;
+}
+
+/* ssl3_InitHandshakeHashes creates handshake hash contexts and hashes in
+ * buffered messages in ss->ssl3.hs.messages. Called from
+ * ssl3_NegotiateCipherSuite(), tls13_HandleClientHelloPart2(),
+ * and ssl3_HandleServerHello. */
+SECStatus
+ssl3_InitHandshakeHashes(sslSocket *ss)
+{
+ SSL_TRC(30, ("%d: SSL3[%d]: start handshake hashes", SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_unknown);
+ if (ss->version == SSL_LIBRARY_VERSION_TLS_1_2) {
+ ss->ssl3.hs.hashType = handshake_hash_record;
+ } else {
+ PORT_Assert(!ss->ssl3.hs.md5 && !ss->ssl3.hs.sha);
+ /*
+ * note: We should probably lookup an SSL3 slot for these
+ * handshake hashes in hopes that we wind up with the same slots
+ * that the master secret will wind up in ...
+ */
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* determine the hash from the prf */
+ const SECOidData *hash_oid =
+ SECOID_FindOIDByMechanism(ssl3_GetPrfHashMechanism(ss));
+
+ /* Get the PKCS #11 mechanism for the Hash from the cipher suite (prf_hash)
+ * Convert that to the OidTag. We can then use that OidTag to create our
+ * PK11Context */
+ PORT_Assert(hash_oid != NULL);
+ if (hash_oid == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ return SECFailure;
+ }
+
+ ss->ssl3.hs.sha = PK11_CreateDigestContext(hash_oid->offset);
+ if (ss->ssl3.hs.sha == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ ss->ssl3.hs.hashType = handshake_hash_single;
+
+ if (PK11_DigestBegin(ss->ssl3.hs.sha) != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ } else {
+ /* Both ss->ssl3.hs.md5 and ss->ssl3.hs.sha should be NULL or
+ * created successfully. */
+ ss->ssl3.hs.md5 = PK11_CreateDigestContext(SEC_OID_MD5);
+ if (ss->ssl3.hs.md5 == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ ss->ssl3.hs.sha = PK11_CreateDigestContext(SEC_OID_SHA1);
+ if (ss->ssl3.hs.sha == NULL) {
+ PK11_DestroyContext(ss->ssl3.hs.md5, PR_TRUE);
+ ss->ssl3.hs.md5 = NULL;
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ ss->ssl3.hs.hashType = handshake_hash_combo;
+
+ if (PK11_DigestBegin(ss->ssl3.hs.md5) != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ if (PK11_DigestBegin(ss->ssl3.hs.sha) != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ }
+ }
+
+ if (ss->ssl3.hs.hashType != handshake_hash_record &&
+ ss->ssl3.hs.messages.len > 0) {
+ if (ssl3_UpdateHandshakeHashes(ss, ss->ssl3.hs.messages.buf,
+ ss->ssl3.hs.messages.len) != SECSuccess) {
+ return SECFailure;
+ }
+ sslBuffer_Clear(&ss->ssl3.hs.messages);
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_RestartHandshakeHashes(sslSocket *ss)
+{
+ SECStatus rv = SECSuccess;
+
+ SSL_TRC(30, ("%d: SSL3[%d]: reset handshake hashes",
+ SSL_GETPID(), ss->fd));
+ ss->ssl3.hs.hashType = handshake_hash_unknown;
+ ss->ssl3.hs.messages.len = 0;
+ if (ss->ssl3.hs.md5) {
+ PK11_DestroyContext(ss->ssl3.hs.md5, PR_TRUE);
+ ss->ssl3.hs.md5 = NULL;
+ }
+ if (ss->ssl3.hs.sha) {
+ PK11_DestroyContext(ss->ssl3.hs.sha, PR_TRUE);
+ ss->ssl3.hs.sha = NULL;
+ }
+ return rv;
+}
+
+/*
+ * Handshake messages
+ */
+/* Called from ssl3_InitHandshakeHashes()
+** ssl3_AppendHandshake()
+** ssl3_HandleV2ClientHello()
+** ssl3_HandleHandshakeMessage()
+** Caller must hold the ssl3Handshake lock.
+*/
+SECStatus
+ssl3_UpdateHandshakeHashes(sslSocket *ss, const unsigned char *b, unsigned int l)
+{
+ SECStatus rv = SECSuccess;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ /* With TLS 1.3, and versions TLS.1.1 and older, we keep the hash(es)
+ * always up to date. However, we must initially buffer the handshake
+ * messages, until we know what to do.
+ * If ss->ssl3.hs.hashType != handshake_hash_unknown,
+ * it means we know what to do. We calculate (hash our input),
+ * and we stop appending to the buffer.
+ *
+ * With TLS 1.2, we always append all handshake messages,
+ * and never update the hash, because the hash function we must use for
+ * certificate_verify might be different from the hash function we use
+ * when signing other handshake hashes. */
+
+ if (ss->ssl3.hs.hashType == handshake_hash_unknown ||
+ ss->ssl3.hs.hashType == handshake_hash_record) {
+ return sslBuffer_Append(&ss->ssl3.hs.messages, b, l);
+ }
+
+ PRINT_BUF(90, (NULL, "handshake hash input:", b, l));
+
+ if (ss->ssl3.hs.hashType == handshake_hash_single) {
+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ rv = PK11_DigestOp(ss->ssl3.hs.sha, b, l);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ return rv;
+ }
+ } else if (ss->ssl3.hs.hashType == handshake_hash_combo) {
+ rv = PK11_DigestOp(ss->ssl3.hs.md5, b, l);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ return rv;
+ }
+ rv = PK11_DigestOp(ss->ssl3.hs.sha, b, l);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return rv;
+ }
+ }
+ return rv;
+}
+
+/**************************************************************************
+ * Append Handshake functions.
+ * All these functions set appropriate error codes.
+ * Most rely on ssl3_AppendHandshake to set the error code.
+ **************************************************************************/
+SECStatus
+ssl3_AppendHandshake(sslSocket *ss, const void *void_src, PRInt32 bytes)
+{
+ unsigned char *src = (unsigned char *)void_src;
+ int room = ss->sec.ci.sendBuf.space - ss->sec.ci.sendBuf.len;
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); /* protects sendBuf. */
+
+ if (!bytes)
+ return SECSuccess;
+ if (ss->sec.ci.sendBuf.space < MAX_SEND_BUF_LENGTH && room < bytes) {
+ rv = sslBuffer_Grow(&ss->sec.ci.sendBuf, PR_MAX(MIN_SEND_BUF_LENGTH,
+ PR_MIN(MAX_SEND_BUF_LENGTH, ss->sec.ci.sendBuf.len + bytes)));
+ if (rv != SECSuccess)
+ return rv; /* sslBuffer_Grow has set a memory error code. */
+ room = ss->sec.ci.sendBuf.space - ss->sec.ci.sendBuf.len;
+ }
+
+ PRINT_BUF(60, (ss, "Append to Handshake", (unsigned char *)void_src, bytes));
+ rv = ssl3_UpdateHandshakeHashes(ss, src, bytes);
+ if (rv != SECSuccess)
+ return rv; /* error code set by ssl3_UpdateHandshakeHashes */
+
+ while (bytes > room) {
+ if (room > 0)
+ PORT_Memcpy(ss->sec.ci.sendBuf.buf + ss->sec.ci.sendBuf.len, src,
+ room);
+ ss->sec.ci.sendBuf.len += room;
+ rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by ssl3_FlushHandshake */
+ }
+ bytes -= room;
+ src += room;
+ room = ss->sec.ci.sendBuf.space;
+ PORT_Assert(ss->sec.ci.sendBuf.len == 0);
+ }
+ PORT_Memcpy(ss->sec.ci.sendBuf.buf + ss->sec.ci.sendBuf.len, src, bytes);
+ ss->sec.ci.sendBuf.len += bytes;
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num, PRInt32 lenSize)
+{
+ SECStatus rv;
+ PRUint8 b[4];
+ PRUint8 *p = b;
+
+ PORT_Assert(lenSize <= 4 && lenSize > 0);
+ if (lenSize < 4 && num >= (1L << (lenSize * 8))) {
+ PORT_SetError(SSL_ERROR_TX_RECORD_TOO_LONG);
+ return SECFailure;
+ }
+
+ switch (lenSize) {
+ case 4:
+ *p++ = (num >> 24) & 0xff;
+ case 3:
+ *p++ = (num >> 16) & 0xff;
+ case 2:
+ *p++ = (num >> 8) & 0xff;
+ case 1:
+ *p = num & 0xff;
+ }
+ SSL_TRC(60, ("%d: number:", SSL_GETPID()));
+ rv = ssl3_AppendHandshake(ss, &b[0], lenSize);
+ return rv; /* error code set by AppendHandshake, if applicable. */
+}
+
+SECStatus
+ssl3_AppendHandshakeVariable(
+ sslSocket *ss, const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize)
+{
+ SECStatus rv;
+
+ PORT_Assert((bytes < (1 << 8) && lenSize == 1) ||
+ (bytes < (1L << 16) && lenSize == 2) ||
+ (bytes < (1L << 24) && lenSize == 3));
+
+ SSL_TRC(60, ("%d: append variable:", SSL_GETPID()));
+ rv = ssl3_AppendHandshakeNumber(ss, bytes, lenSize);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake, if applicable. */
+ }
+ SSL_TRC(60, ("data:"));
+ rv = ssl3_AppendHandshake(ss, src, bytes);
+ return rv; /* error code set by AppendHandshake, if applicable. */
+}
+
+SECStatus
+ssl3_AppendHandshakeHeader(sslSocket *ss, SSL3HandshakeType t, PRUint32 length)
+{
+ SECStatus rv;
+
+ /* If we already have a message in place, we need to enqueue it.
+ * This empties the buffer. This is a convenient place to call
+ * dtls_StageHandshakeMessage to mark the message boundary.
+ */
+ if (IS_DTLS(ss)) {
+ rv = dtls_StageHandshakeMessage(ss);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ SSL_TRC(30, ("%d: SSL3[%d]: append handshake header: type %s",
+ SSL_GETPID(), ss->fd, ssl3_DecodeHandshakeType(t)));
+
+ rv = ssl3_AppendHandshakeNumber(ss, t, 1);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake, if applicable. */
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, length, 3);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake, if applicable. */
+ }
+
+ if (IS_DTLS(ss)) {
+ /* Note that we make an unfragmented message here. We fragment in the
+ * transmission code, if necessary */
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.sendMessageSeq, 2);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake, if applicable. */
+ }
+ ss->ssl3.hs.sendMessageSeq++;
+
+ /* 0 is the fragment offset, because it's not fragmented yet */
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 3);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake, if applicable. */
+ }
+
+ /* Fragment length -- set to the packet length because not fragmented */
+ rv = ssl3_AppendHandshakeNumber(ss, length, 3);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake, if applicable. */
+ }
+ }
+
+ return rv; /* error code set by AppendHandshake, if applicable. */
+}
+
+/**************************************************************************
+ * Consume Handshake functions.
+ *
+ * All data used in these functions is protected by two locks,
+ * the RecvBufLock and the SSL3HandshakeLock
+ **************************************************************************/
+
+/* Read up the next "bytes" number of bytes from the (decrypted) input
+ * stream "b" (which is *length bytes long). Copy them into buffer "v".
+ * Reduces *length by bytes. Advances *b by bytes.
+ *
+ * If this function returns SECFailure, it has already sent an alert,
+ * and has set a generic error code. The caller should probably
+ * override the generic error code by setting another.
+ */
+SECStatus
+ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes, SSL3Opaque **b,
+ PRUint32 *length)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if ((PRUint32)bytes > *length) {
+ return ssl3_DecodeError(ss);
+ }
+ PORT_Memcpy(v, *b, bytes);
+ PRINT_BUF(60, (ss, "consume bytes:", *b, bytes));
+ *b += bytes;
+ *length -= bytes;
+ return SECSuccess;
+}
+
+/* Read up the next "bytes" number of bytes from the (decrypted) input
+ * stream "b" (which is *length bytes long), and interpret them as an
+ * integer in network byte order. Returns the received value.
+ * Reduces *length by bytes. Advances *b by bytes.
+ *
+ * Returns SECFailure (-1) on failure.
+ * This value is indistinguishable from the equivalent received value.
+ * Only positive numbers are to be received this way.
+ * Thus, the largest value that may be sent this way is 0x7fffffff.
+ * On error, an alert has been sent, and a generic error code has been set.
+ */
+PRInt32
+ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes, SSL3Opaque **b,
+ PRUint32 *length)
+{
+ PRUint8 *buf = *b;
+ int i;
+ PRInt32 num = 0;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(bytes <= sizeof num);
+
+ if ((PRUint32)bytes > *length) {
+ return ssl3_DecodeError(ss);
+ }
+ PRINT_BUF(60, (ss, "consume bytes:", *b, bytes));
+
+ for (i = 0; i < bytes; i++)
+ num = (num << 8) + buf[i];
+ *b += bytes;
+ *length -= bytes;
+ return num;
+}
+
+/* Read in two values from the incoming decrypted byte stream "b", which is
+ * *length bytes long. The first value is a number whose size is "bytes"
+ * bytes long. The second value is a byte-string whose size is the value
+ * of the first number received. The latter byte-string, and its length,
+ * is returned in the SECItem i.
+ *
+ * Returns SECFailure (-1) on failure.
+ * On error, an alert has been sent, and a generic error code has been set.
+ *
+ * RADICAL CHANGE for NSS 3.11. All callers of this function make copies
+ * of the data returned in the SECItem *i, so making a copy of it here
+ * is simply wasteful. So, This function now just sets SECItem *i to
+ * point to the values in the buffer **b.
+ */
+SECStatus
+ssl3_ConsumeHandshakeVariable(sslSocket *ss, SECItem *i, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length)
+{
+ PRInt32 count;
+
+ PORT_Assert(bytes <= 3);
+ i->len = 0;
+ i->data = NULL;
+ i->type = siBuffer;
+ count = ssl3_ConsumeHandshakeNumber(ss, bytes, b, length);
+ if (count < 0) { /* Can't test for SECSuccess here. */
+ return SECFailure;
+ }
+ if (count > 0) {
+ if ((PRUint32)count > *length) {
+ return ssl3_DecodeError(ss);
+ }
+ i->data = *b;
+ i->len = count;
+ *b += count;
+ *length -= count;
+ }
+ return SECSuccess;
+}
+
+/* Helper function to encode an unsigned integer into a buffer. */
+PRUint8 *
+ssl_EncodeUintX(PRUint64 value, unsigned int bytes, PRUint8 *to)
+{
+ PRUint64 encoded;
+
+ PORT_Assert(bytes > 0 && bytes <= sizeof(encoded));
+
+ encoded = PR_htonll(value);
+ memcpy(to, ((unsigned char *)(&encoded)) + (sizeof(encoded) - bytes), bytes);
+ return to + bytes;
+}
+
+/* ssl3_TLSHashAlgorithmToOID converts a TLS hash identifier into an OID value.
+ * If the hash is not recognised, SEC_OID_UNKNOWN is returned.
+ *
+ * See https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
+SECOidTag
+ssl3_HashTypeToOID(SSLHashType hashType)
+{
+ switch (hashType) {
+ case ssl_hash_sha1:
+ return SEC_OID_SHA1;
+ case ssl_hash_sha256:
+ return SEC_OID_SHA256;
+ case ssl_hash_sha384:
+ return SEC_OID_SHA384;
+ case ssl_hash_sha512:
+ return SEC_OID_SHA512;
+ default:
+ break;
+ }
+ return SEC_OID_UNKNOWN;
+}
+
+SSLHashType
+ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+ case ssl_sig_rsa_pkcs1_sha1:
+ case ssl_sig_dsa_sha1:
+ case ssl_sig_ecdsa_sha1:
+ return ssl_hash_sha1;
+ case ssl_sig_rsa_pkcs1_sha256:
+ case ssl_sig_ecdsa_secp256r1_sha256:
+ case ssl_sig_rsa_pss_sha256:
+ case ssl_sig_dsa_sha256:
+ return ssl_hash_sha256;
+ case ssl_sig_rsa_pkcs1_sha384:
+ case ssl_sig_ecdsa_secp384r1_sha384:
+ case ssl_sig_rsa_pss_sha384:
+ case ssl_sig_dsa_sha384:
+ return ssl_hash_sha384;
+ case ssl_sig_rsa_pkcs1_sha512:
+ case ssl_sig_ecdsa_secp521r1_sha512:
+ case ssl_sig_rsa_pss_sha512:
+ case ssl_sig_dsa_sha512:
+ return ssl_hash_sha512;
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ return ssl_hash_none; /* Special for TLS 1.0/1.1. */
+ case ssl_sig_none:
+ case ssl_sig_ed25519:
+ case ssl_sig_ed448:
+ break;
+ }
+ PORT_Assert(0);
+ return ssl_hash_none;
+}
+
+KeyType
+ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+ case ssl_sig_rsa_pkcs1_sha256:
+ case ssl_sig_rsa_pkcs1_sha384:
+ case ssl_sig_rsa_pkcs1_sha512:
+ case ssl_sig_rsa_pkcs1_sha1:
+ case ssl_sig_rsa_pss_sha256:
+ case ssl_sig_rsa_pss_sha384:
+ case ssl_sig_rsa_pss_sha512:
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ return rsaKey;
+ case ssl_sig_ecdsa_secp256r1_sha256:
+ case ssl_sig_ecdsa_secp384r1_sha384:
+ case ssl_sig_ecdsa_secp521r1_sha512:
+ case ssl_sig_ecdsa_sha1:
+ return ecKey;
+ case ssl_sig_dsa_sha256:
+ case ssl_sig_dsa_sha384:
+ case ssl_sig_dsa_sha512:
+ case ssl_sig_dsa_sha1:
+ return dsaKey;
+ case ssl_sig_none:
+ case ssl_sig_ed25519:
+ case ssl_sig_ed448:
+ break;
+ }
+ PORT_Assert(0);
+ return nullKey;
+}
+
+static SSLNamedGroup
+ssl_NamedGroupForSignatureScheme(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+ case ssl_sig_ecdsa_secp256r1_sha256:
+ return ssl_grp_ec_secp256r1;
+ case ssl_sig_ecdsa_secp384r1_sha384:
+ return ssl_grp_ec_secp384r1;
+ case ssl_sig_ecdsa_secp521r1_sha512:
+ return ssl_grp_ec_secp521r1;
+ default:
+ break;
+ }
+ PORT_Assert(0);
+ return 0;
+}
+
+/* Validate that the signature scheme works for the given key.
+ * If |allowSha1| is set, we allow the use of SHA-1.
+ * If |matchGroup| is set, we also check that the group and hash match. */
+static PRBool
+ssl_SignatureSchemeValidForKey(PRBool allowSha1, PRBool matchGroup,
+ KeyType keyType,
+ const sslNamedGroupDef *ecGroup,
+ SSLSignatureScheme scheme)
+{
+ if (!ssl_IsSupportedSignatureScheme(scheme)) {
+ return PR_FALSE;
+ }
+ if (keyType != ssl_SignatureSchemeToKeyType(scheme)) {
+ return PR_FALSE;
+ }
+ if (!allowSha1 && ssl_SignatureSchemeToHashType(scheme) == ssl_hash_sha1) {
+ return PR_FALSE;
+ }
+ if (keyType != ecKey) {
+ return PR_TRUE;
+ }
+ if (!ecGroup) {
+ return PR_FALSE;
+ }
+ /* If |allowSha1| is present and the scheme is ssl_sig_ecdsa_sha1, it's OK.
+ * This scheme isn't bound to a specific group. */
+ if (allowSha1 && (scheme == ssl_sig_ecdsa_sha1)) {
+ return PR_TRUE;
+ }
+ if (!matchGroup) {
+ return PR_TRUE;
+ }
+ return ecGroup->name == ssl_NamedGroupForSignatureScheme(scheme);
+}
+
+/* ssl3_CheckSignatureSchemeConsistency checks that the signature
+ * algorithm identifier in |sigAndHash| is consistent with the public key in
+ * |cert|. It also checks the hash algorithm against the configured signature
+ * algorithms. If all the tests pass, SECSuccess is returned. Otherwise,
+ * PORT_SetError is called and SECFailure is returned. */
+SECStatus
+ssl_CheckSignatureSchemeConsistency(
+ sslSocket *ss, SSLSignatureScheme scheme, CERTCertificate *cert)
+{
+ unsigned int i;
+ const sslNamedGroupDef *group = NULL;
+ SECKEYPublicKey *key;
+ KeyType keyType;
+ PRBool isTLS13 = ss->version == SSL_LIBRARY_VERSION_TLS_1_3;
+
+ key = CERT_ExtractPublicKey(cert);
+ if (key == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
+ return SECFailure;
+ }
+
+ keyType = SECKEY_GetPublicKeyType(key);
+ if (keyType == ecKey) {
+ group = ssl_ECPubKey2NamedGroup(key);
+ }
+ SECKEY_DestroyPublicKey(key);
+
+ /* If we're a client, check that the signature algorithm matches the signing
+ * key type of the cipher suite. */
+ if (!isTLS13 &&
+ !ss->sec.isServer &&
+ ss->ssl3.hs.kea_def->signKeyType != keyType) {
+ PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
+
+ /* Verify that the signature scheme matches the signing key. */
+ if (!ssl_SignatureSchemeValidForKey(!isTLS13 /* allowSha1 */,
+ isTLS13 /* matchGroup */,
+ keyType, group, scheme)) {
+ PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
+
+ for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
+ if (scheme == ss->ssl3.signatureSchemes[i]) {
+ return SECSuccess;
+ }
+ }
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
+}
+
+PRBool
+ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+ case ssl_sig_rsa_pkcs1_sha1:
+ case ssl_sig_rsa_pkcs1_sha256:
+ case ssl_sig_rsa_pkcs1_sha384:
+ case ssl_sig_rsa_pkcs1_sha512:
+ case ssl_sig_rsa_pss_sha256:
+ case ssl_sig_rsa_pss_sha384:
+ case ssl_sig_rsa_pss_sha512:
+ case ssl_sig_ecdsa_secp256r1_sha256:
+ case ssl_sig_ecdsa_secp384r1_sha384:
+ case ssl_sig_ecdsa_secp521r1_sha512:
+ case ssl_sig_dsa_sha1:
+ case ssl_sig_dsa_sha256:
+ case ssl_sig_dsa_sha384:
+ case ssl_sig_dsa_sha512:
+ case ssl_sig_ecdsa_sha1:
+ return PR_TRUE;
+
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ case ssl_sig_none:
+ case ssl_sig_ed25519:
+ case ssl_sig_ed448:
+ return PR_FALSE;
+ }
+ return PR_FALSE;
+}
+
+PRBool
+ssl_IsRsaPssSignatureScheme(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+ case ssl_sig_rsa_pss_sha256:
+ case ssl_sig_rsa_pss_sha384:
+ case ssl_sig_rsa_pss_sha512:
+ return PR_TRUE;
+
+ default:
+ return PR_FALSE;
+ }
+ return PR_FALSE;
+}
+
+/* ssl_ConsumeSignatureScheme reads a SSLSignatureScheme (formerly
+ * SignatureAndHashAlgorithm) structure from |b| and puts the resulting value
+ * into |out|. |b| and |length| are updated accordingly.
+ *
+ * See https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
+SECStatus
+ssl_ConsumeSignatureScheme(sslSocket *ss, SSL3Opaque **b,
+ PRUint32 *length, SSLSignatureScheme *out)
+{
+ PRInt32 tmp;
+
+ tmp = ssl3_ConsumeHandshakeNumber(ss, 2, b, length);
+ if (tmp < 0) {
+ return SECFailure; /* Error code set already. */
+ }
+ if (!ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
+ *out = (SSLSignatureScheme)tmp;
+ return SECSuccess;
+}
+
+/**************************************************************************
+ * end of Consume Handshake functions.
+ **************************************************************************/
+
+static SECStatus
+ssl3_ComputeHandshakeHash(unsigned char *buf, unsigned int len,
+ SSLHashType hashAlg, SSL3Hashes *hashes)
+{
+ SECStatus rv = SECFailure;
+ PK11Context *hashContext = PK11_CreateDigestContext(
+ ssl3_HashTypeToOID(hashAlg));
+
+ if (!hashContext) {
+ return rv;
+ }
+ rv = PK11_DigestBegin(hashContext);
+ if (rv == SECSuccess) {
+ rv = PK11_DigestOp(hashContext, buf, len);
+ }
+ if (rv == SECSuccess) {
+ rv = PK11_DigestFinal(hashContext, hashes->u.raw, &hashes->len,
+ sizeof(hashes->u.raw));
+ }
+ if (rv == SECSuccess) {
+ hashes->hashAlg = hashAlg;
+ }
+ PK11_DestroyContext(hashContext, PR_TRUE);
+ return rv;
+}
+
+/* Extract the hashes of handshake messages to this point.
+ * Called from ssl3_SendCertificateVerify
+ * ssl3_SendFinished
+ * ssl3_HandleHandshakeMessage
+ *
+ * Caller must hold the SSL3HandshakeLock.
+ * Caller must hold a read or write lock on the Spec R/W lock.
+ * (There is presently no way to assert on a Read lock.)
+ */
+SECStatus
+ssl3_ComputeHandshakeHashes(sslSocket *ss,
+ ssl3CipherSpec *spec, /* uses ->master_secret */
+ SSL3Hashes *hashes, /* output goes here. */
+ PRUint32 sender)
+{
+ SECStatus rv = SECSuccess;
+ PRBool isTLS = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0);
+ unsigned int outLength;
+ SSL3Opaque md5_inner[MAX_MAC_LENGTH];
+ SSL3Opaque sha_inner[MAX_MAC_LENGTH];
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ if (ss->ssl3.hs.hashType == handshake_hash_unknown) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ hashes->hashAlg = ssl_hash_none;
+
+ if (ss->ssl3.hs.hashType == handshake_hash_single) {
+ PK11Context *h;
+ unsigned int stateLen;
+ unsigned char stackBuf[1024];
+ unsigned char *stateBuf = NULL;
+
+ h = ss->ssl3.hs.sha;
+ stateBuf = PK11_SaveContextAlloc(h, stackBuf,
+ sizeof(stackBuf), &stateLen);
+ if (stateBuf == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ goto tls12_loser;
+ }
+ rv |= PK11_DigestFinal(h, hashes->u.raw, &hashes->len,
+ sizeof(hashes->u.raw));
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ rv = SECFailure;
+ goto tls12_loser;
+ }
+
+ hashes->hashAlg = ssl3_GetSuitePrfHash(ss);
+ rv = SECSuccess;
+
+ tls12_loser:
+ if (stateBuf) {
+ if (PK11_RestoreContext(h, stateBuf, stateLen) != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ rv = SECFailure;
+ }
+ if (stateBuf != stackBuf) {
+ PORT_ZFree(stateBuf, stateLen);
+ }
+ }
+ } else if (ss->ssl3.hs.hashType == handshake_hash_record) {
+ rv = ssl3_ComputeHandshakeHash(ss->ssl3.hs.messages.buf,
+ ss->ssl3.hs.messages.len,
+ ssl3_GetSuitePrfHash(ss),
+ hashes);
+ } else {
+ PK11Context *md5;
+ PK11Context *sha = NULL;
+ unsigned char *md5StateBuf = NULL;
+ unsigned char *shaStateBuf = NULL;
+ unsigned int md5StateLen, shaStateLen;
+ unsigned char md5StackBuf[256];
+ unsigned char shaStackBuf[512];
+
+ md5StateBuf = PK11_SaveContextAlloc(ss->ssl3.hs.md5, md5StackBuf,
+ sizeof md5StackBuf, &md5StateLen);
+ if (md5StateBuf == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ goto loser;
+ }
+ md5 = ss->ssl3.hs.md5;
+
+ shaStateBuf = PK11_SaveContextAlloc(ss->ssl3.hs.sha, shaStackBuf,
+ sizeof shaStackBuf, &shaStateLen);
+ if (shaStateBuf == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ goto loser;
+ }
+ sha = ss->ssl3.hs.sha;
+
+ if (!isTLS) {
+ /* compute hashes for SSL3. */
+ unsigned char s[4];
+
+ if (!spec->master_secret) {
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ s[0] = (unsigned char)(sender >> 24);
+ s[1] = (unsigned char)(sender >> 16);
+ s[2] = (unsigned char)(sender >> 8);
+ s[3] = (unsigned char)sender;
+
+ if (sender != 0) {
+ rv |= PK11_DigestOp(md5, s, 4);
+ PRINT_BUF(95, (NULL, "MD5 inner: sender", s, 4));
+ }
+
+ PRINT_BUF(95, (NULL, "MD5 inner: MAC Pad 1", mac_pad_1,
+ mac_defs[mac_md5].pad_size));
+
+ rv |= PK11_DigestKey(md5, spec->master_secret);
+ rv |= PK11_DigestOp(md5, mac_pad_1, mac_defs[mac_md5].pad_size);
+ rv |= PK11_DigestFinal(md5, md5_inner, &outLength, MD5_LENGTH);
+ PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ PRINT_BUF(95, (NULL, "MD5 inner: result", md5_inner, outLength));
+
+ if (sender != 0) {
+ rv |= PK11_DigestOp(sha, s, 4);
+ PRINT_BUF(95, (NULL, "SHA inner: sender", s, 4));
+ }
+
+ PRINT_BUF(95, (NULL, "SHA inner: MAC Pad 1", mac_pad_1,
+ mac_defs[mac_sha].pad_size));
+
+ rv |= PK11_DigestKey(sha, spec->master_secret);
+ rv |= PK11_DigestOp(sha, mac_pad_1, mac_defs[mac_sha].pad_size);
+ rv |= PK11_DigestFinal(sha, sha_inner, &outLength, SHA1_LENGTH);
+ PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ PRINT_BUF(95, (NULL, "SHA inner: result", sha_inner, outLength));
+
+ PRINT_BUF(95, (NULL, "MD5 outer: MAC Pad 2", mac_pad_2,
+ mac_defs[mac_md5].pad_size));
+ PRINT_BUF(95, (NULL, "MD5 outer: MD5 inner", md5_inner, MD5_LENGTH));
+
+ rv |= PK11_DigestBegin(md5);
+ rv |= PK11_DigestKey(md5, spec->master_secret);
+ rv |= PK11_DigestOp(md5, mac_pad_2, mac_defs[mac_md5].pad_size);
+ rv |= PK11_DigestOp(md5, md5_inner, MD5_LENGTH);
+ }
+ rv |= PK11_DigestFinal(md5, hashes->u.s.md5, &outLength, MD5_LENGTH);
+ PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ PRINT_BUF(60, (NULL, "MD5 outer: result", hashes->u.s.md5, MD5_LENGTH));
+
+ if (!isTLS) {
+ PRINT_BUF(95, (NULL, "SHA outer: MAC Pad 2", mac_pad_2,
+ mac_defs[mac_sha].pad_size));
+ PRINT_BUF(95, (NULL, "SHA outer: SHA inner", sha_inner, SHA1_LENGTH));
+
+ rv |= PK11_DigestBegin(sha);
+ rv |= PK11_DigestKey(sha, spec->master_secret);
+ rv |= PK11_DigestOp(sha, mac_pad_2, mac_defs[mac_sha].pad_size);
+ rv |= PK11_DigestOp(sha, sha_inner, SHA1_LENGTH);
+ }
+ rv |= PK11_DigestFinal(sha, hashes->u.s.sha, &outLength, SHA1_LENGTH);
+ PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ rv = SECFailure;
+ goto loser;
+ }
+
+ PRINT_BUF(60, (NULL, "SHA outer: result", hashes->u.s.sha, SHA1_LENGTH));
+
+ hashes->len = MD5_LENGTH + SHA1_LENGTH;
+ rv = SECSuccess;
+
+ loser:
+ if (md5StateBuf) {
+ if (PK11_RestoreContext(ss->ssl3.hs.md5, md5StateBuf, md5StateLen) !=
+ SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
+ rv = SECFailure;
+ }
+ if (md5StateBuf != md5StackBuf) {
+ PORT_ZFree(md5StateBuf, md5StateLen);
+ }
+ }
+ if (shaStateBuf) {
+ if (PK11_RestoreContext(ss->ssl3.hs.sha, shaStateBuf, shaStateLen) !=
+ SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ rv = SECFailure;
+ }
+ if (shaStateBuf != shaStackBuf) {
+ PORT_ZFree(shaStateBuf, shaStateLen);
+ }
+ }
+ }
+ return rv;
+}
+
+/**************************************************************************
+ * end of Handshake Hash functions.
+ * Begin Send and Handle functions for handshakes.
+ **************************************************************************/
+
+#ifdef TRACE
+#define CHTYPE(t) \
+ case client_hello_##t: \
+ return #t;
+
+static const char *
+ssl_ClientHelloTypeName(sslClientHelloType type)
+{
+ switch (type) {
+ CHTYPE(initial);
+ CHTYPE(retry);
+ CHTYPE(retransmit); /* DTLS only */
+ CHTYPE(renegotiation); /* TLS <= 1.2 only */
+ }
+ PORT_Assert(0);
+ return NULL;
+}
+#undef CHTYPE
+#endif
+
+/* Called from ssl3_HandleHelloRequest(),
+ * ssl3_RedoHandshake()
+ * ssl_BeginClientHandshake (when resuming ssl3 session)
+ * dtls_HandleHelloVerifyRequest(with resending=PR_TRUE)
+ *
+ * The |type| argument indicates what is going on here:
+ * - client_hello_initial is set for the very first ClientHello
+ * - client_hello_retry indicates that this is a second attempt after receiving
+ * a HelloRetryRequest (in TLS 1.3)
+ * - client_hello_retransmit is used in DTLS when resending
+ * - client_hello_renegotiation is used to renegotiate (in TLS <1.3)
+ */
+SECStatus
+ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
+{
+ sslSessionID *sid;
+ ssl3CipherSpec *cwSpec;
+ SECStatus rv;
+ int i;
+ int length;
+ int num_suites;
+ int actual_count = 0;
+ PRBool isTLS = PR_FALSE;
+ PRBool requestingResume = PR_FALSE, fallbackSCSV = PR_FALSE;
+ PRInt32 total_exten_len = 0;
+ unsigned paddingExtensionLen;
+ unsigned numCompressionMethods;
+ PRUint16 version;
+ PRInt32 flags;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send %s ClientHello handshake", SSL_GETPID(),
+ ss->fd, ssl_ClientHelloTypeName(type)));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ /* shouldn't get here if SSL3 is disabled, but ... */
+ if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
+ PR_NOT_REACHED("No versions of SSL 3.0 or later are enabled");
+ PORT_SetError(SSL_ERROR_SSL_DISABLED);
+ return SECFailure;
+ }
+
+ /* If we are responding to a HelloRetryRequest, don't reinitialize. We need
+ * to maintain the handshake hashes. */
+ if (ss->ssl3.hs.helloRetry) {
+ PORT_Assert(type == client_hello_retry);
+ } else {
+ rv = ssl3_InitState(ss);
+ if (rv != SECSuccess) {
+ return rv; /* ssl3_InitState has set the error code. */
+ }
+
+ rv = ssl3_RestartHandshakeHashes(ss);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ /* These must be reset every handshake. */
+ ss->ssl3.hs.sendingSCSV = PR_FALSE;
+ ss->ssl3.hs.preliminaryInfo = 0;
+ PORT_Assert(IS_DTLS(ss) || type != client_hello_retransmit);
+ SECITEM_FreeItem(&ss->ssl3.hs.newSessionTicket.ticket, PR_FALSE);
+ ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE;
+ ssl3_ResetExtensionData(&ss->xtnData);
+
+ /* How many suites does our PKCS11 support (regardless of policy)? */
+ num_suites = ssl3_config_match_init(ss);
+ if (!num_suites) {
+ return SECFailure; /* ssl3_config_match_init has set error code. */
+ }
+
+ /*
+ * During a renegotiation, ss->clientHelloVersion will be used again to
+ * work around a Windows SChannel bug. Ensure that it is still enabled.
+ */
+ if (ss->firstHsDone) {
+ PORT_Assert(type != client_hello_initial);
+ if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
+ PORT_SetError(SSL_ERROR_SSL_DISABLED);
+ return SECFailure;
+ }
+
+ if (ss->clientHelloVersion < ss->vrange.min ||
+ ss->clientHelloVersion > ss->vrange.max) {
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return SECFailure;
+ }
+ }
+
+ /* We ignore ss->sec.ci.sid here, and use ssl_Lookup because Lookup
+ * handles expired entries and other details.
+ * XXX If we've been called from ssl_BeginClientHandshake, then
+ * this lookup is duplicative and wasteful.
+ */
+ sid = (ss->opt.noCache) ? NULL
+ : ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID, ss->url);
+
+ /* We can't resume based on a different token. If the sid exists,
+ * make sure the token that holds the master secret still exists ...
+ * If we previously did client-auth, make sure that the token that holds
+ * the private key still exists, is logged in, hasn't been removed, etc.
+ */
+ if (sid) {
+ PRBool sidOK = PR_TRUE;
+ const ssl3CipherSuiteCfg *suite;
+
+ /* Check that the cipher suite we need is enabled. */
+ suite = ssl_LookupCipherSuiteCfg(sid->u.ssl3.cipherSuite,
+ ss->cipherSuites);
+ PORT_Assert(suite);
+ if (!suite || !config_match(suite, ss->ssl3.policy, &ss->vrange, ss)) {
+ sidOK = PR_FALSE;
+ }
+
+ /* Check that we can recover the master secret. */
+ if (sidOK && sid->u.ssl3.keys.msIsWrapped) {
+ PK11SlotInfo *slot = NULL;
+ if (sid->u.ssl3.masterValid) {
+ slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
+ sid->u.ssl3.masterSlotID);
+ }
+ if (slot == NULL) {
+ sidOK = PR_FALSE;
+ } else {
+ PK11SymKey *wrapKey = NULL;
+ if (!PK11_IsPresent(slot) ||
+ ((wrapKey = PK11_GetWrapKey(slot,
+ sid->u.ssl3.masterWrapIndex,
+ sid->u.ssl3.masterWrapMech,
+ sid->u.ssl3.masterWrapSeries,
+ ss->pkcs11PinArg)) == NULL)) {
+ sidOK = PR_FALSE;
+ }
+ if (wrapKey)
+ PK11_FreeSymKey(wrapKey);
+ PK11_FreeSlot(slot);
+ slot = NULL;
+ }
+ }
+ /* If we previously did client-auth, make sure that the token that
+ ** holds the private key still exists, is logged in, hasn't been
+ ** removed, etc.
+ */
+ if (sidOK && !ssl3_ClientAuthTokenPresent(sid)) {
+ sidOK = PR_FALSE;
+ }
+
+ if (sidOK) {
+ /* Set version based on the sid. */
+ if (ss->firstHsDone) {
+ /*
+ * Windows SChannel compares the client_version inside the RSA
+ * EncryptedPreMasterSecret of a renegotiation with the
+ * client_version of the initial ClientHello rather than the
+ * ClientHello in the renegotiation. To work around this bug, we
+ * continue to use the client_version used in the initial
+ * ClientHello when renegotiating.
+ *
+ * The client_version of the initial ClientHello is still
+ * available in ss->clientHelloVersion. Ensure that
+ * sid->version is bounded within
+ * [ss->vrange.min, ss->clientHelloVersion], otherwise we
+ * can't use sid.
+ */
+ if (sid->version >= ss->vrange.min &&
+ sid->version <= ss->clientHelloVersion) {
+ version = ss->clientHelloVersion;
+ } else {
+ sidOK = PR_FALSE;
+ }
+ } else {
+ /*
+ * Check sid->version is OK first.
+ * Previously, we would cap the version based on sid->version,
+ * but that prevents negotiation of a higher version if the
+ * previous session was reduced (e.g., with version fallback)
+ */
+ if (sid->version < ss->vrange.min ||
+ sid->version > ss->vrange.max) {
+ sidOK = PR_FALSE;
+ } else {
+ version = ss->vrange.max;
+ }
+ }
+ }
+
+ if (!sidOK) {
+ SSL_AtomicIncrementLong(&ssl3stats.sch_sid_cache_not_ok);
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ sid = NULL;
+ }
+ }
+
+ if (sid) {
+ requestingResume = PR_TRUE;
+ SSL_AtomicIncrementLong(&ssl3stats.sch_sid_cache_hits);
+
+ PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,
+ sid->u.ssl3.sessionIDLength));
+
+ ss->ssl3.policy = sid->u.ssl3.policy;
+ } else {
+ SSL_AtomicIncrementLong(&ssl3stats.sch_sid_cache_misses);
+
+ /*
+ * Windows SChannel compares the client_version inside the RSA
+ * EncryptedPreMasterSecret of a renegotiation with the
+ * client_version of the initial ClientHello rather than the
+ * ClientHello in the renegotiation. To work around this bug, we
+ * continue to use the client_version used in the initial
+ * ClientHello when renegotiating.
+ */
+ if (ss->firstHsDone) {
+ version = ss->clientHelloVersion;
+ } else {
+ version = ss->vrange.max;
+ }
+
+ sid = ssl3_NewSessionID(ss, PR_FALSE);
+ if (!sid) {
+ return SECFailure; /* memory error is set */
+ }
+ /* ss->version isn't set yet, but the sid needs a sane value. */
+ sid->version = version;
+ }
+
+ isTLS = (version > SSL_LIBRARY_VERSION_3_0);
+ ssl_GetSpecWriteLock(ss);
+ cwSpec = ss->ssl3.cwSpec;
+ if (cwSpec->mac_def->mac == mac_null) {
+ /* SSL records are not being MACed. */
+ cwSpec->version = version;
+ }
+ ssl_ReleaseSpecWriteLock(ss);
+
+ if (ss->sec.ci.sid != NULL) {
+ ssl_FreeSID(ss->sec.ci.sid); /* decrement ref count, free if zero */
+ }
+ ss->sec.ci.sid = sid;
+
+ /* HACK for SCSV in SSL 3.0. On initial handshake, prepend SCSV,
+ * only if TLS is disabled.
+ */
+ if (!ss->firstHsDone && !isTLS) {
+ /* Must set this before calling Hello Extension Senders,
+ * to suppress sending of empty RI extension.
+ */
+ ss->ssl3.hs.sendingSCSV = PR_TRUE;
+ }
+
+ /* When we attempt session resumption (only), we must lock the sid to
+ * prevent races with other resumption connections that receive a
+ * NewSessionTicket that will cause the ticket in the sid to be replaced.
+ * Once we've copied the session ticket into our ClientHello message, it
+ * is OK for the ticket to change, so we just need to make sure we hold
+ * the lock across the calls to ssl3_CallHelloExtensionSenders.
+ */
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Rlock(sid->u.ssl3.lock);
+ }
+
+ if (ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3 &&
+ type == client_hello_initial) {
+ rv = tls13_SetupClientHello(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ if (isTLS || (ss->firstHsDone && ss->peerRequestedProtection)) {
+ PRUint32 maxBytes = 65535; /* 2^16 - 1 */
+ PRInt32 extLen;
+
+ extLen = ssl3_CallHelloExtensionSenders(ss, PR_FALSE, maxBytes, NULL);
+ if (extLen < 0) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return SECFailure;
+ }
+ total_exten_len += extLen;
+
+ if (total_exten_len > 0)
+ total_exten_len += 2;
+ }
+
+ if (IS_DTLS(ss)) {
+ ssl3_DisableNonDTLSSuites(ss);
+ }
+
+ /* how many suites are permitted by policy and user preference? */
+ num_suites = count_cipher_suites(ss, ss->ssl3.policy);
+ if (!num_suites) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return SECFailure; /* count_cipher_suites has set error code. */
+ }
+
+ fallbackSCSV = ss->opt.enableFallbackSCSV && (!requestingResume ||
+ version < sid->version);
+ /* make room for SCSV */
+ if (ss->ssl3.hs.sendingSCSV) {
+ ++num_suites;
+ }
+ if (fallbackSCSV) {
+ ++num_suites;
+ }
+
+ /* count compression methods */
+ numCompressionMethods = 0;
+ for (i = 0; i < ssl_compression_method_count; i++) {
+ if (ssl_CompressionEnabled(ss, ssl_compression_methods[i]))
+ numCompressionMethods++;
+ }
+
+ length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH +
+ 1 + (sid->version >= SSL_LIBRARY_VERSION_TLS_1_3
+ ? 0
+ : sid->u.ssl3.sessionIDLength) +
+ 2 + num_suites * sizeof(ssl3CipherSuite) +
+ 1 + numCompressionMethods + total_exten_len;
+ if (IS_DTLS(ss)) {
+ length += 1 + ss->ssl3.hs.cookie.len;
+ }
+
+ /* A padding extension may be included to ensure that the record containing
+ * the ClientHello doesn't have a length between 256 and 511 bytes
+ * (inclusive). Initial, ClientHello records with such lengths trigger bugs
+ * in F5 devices.
+ *
+ * This is not done for DTLS, for renegotiation, or when there are no
+ * extensions. */
+ if (!IS_DTLS(ss) && isTLS && !ss->firstHsDone && total_exten_len) {
+ paddingExtensionLen = ssl3_CalculatePaddingExtensionLength(length);
+ total_exten_len += paddingExtensionLen;
+ length += paddingExtensionLen;
+ } else {
+ paddingExtensionLen = 0;
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, client_hello, length);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+
+ if (ss->firstHsDone) {
+ /* The client hello version must stay unchanged to work around
+ * the Windows SChannel bug described above. */
+ PORT_Assert(version == ss->clientHelloVersion);
+ }
+ ss->clientHelloVersion = PR_MIN(version, SSL_LIBRARY_VERSION_TLS_1_2);
+ if (IS_DTLS(ss)) {
+ PRUint16 dtlsVersion;
+
+ dtlsVersion = dtls_TLSVersionToDTLSVersion(ss->clientHelloVersion);
+ rv = ssl3_AppendHandshakeNumber(ss, dtlsVersion, 2);
+ } else {
+ rv = ssl3_AppendHandshakeNumber(ss, ss->clientHelloVersion, 2);
+ }
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+
+ /* Generate a new random if this is the first attempt. */
+ if (type == client_hello_initial) {
+ rv = ssl3_GetNewRandom(&ss->ssl3.hs.client_random);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by GetNewRandom. */
+ }
+ }
+ rv = ssl3_AppendHandshake(ss, &ss->ssl3.hs.client_random,
+ SSL3_RANDOM_LENGTH);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+
+ if (sid->version < SSL_LIBRARY_VERSION_TLS_1_3)
+ rv = ssl3_AppendHandshakeVariable(
+ ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
+ else
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 1);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+
+ if (IS_DTLS(ss)) {
+ rv = ssl3_AppendHandshakeVariable(
+ ss, ss->ssl3.hs.cookie.data, ss->ssl3.hs.cookie.len, 1);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, num_suites * sizeof(ssl3CipherSuite), 2);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+
+ if (ss->ssl3.hs.sendingSCSV) {
+ /* Add the actual SCSV */
+ rv = ssl3_AppendHandshakeNumber(ss, TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
+ sizeof(ssl3CipherSuite));
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+ actual_count++;
+ }
+ if (fallbackSCSV) {
+ rv = ssl3_AppendHandshakeNumber(ss, TLS_FALLBACK_SCSV,
+ sizeof(ssl3CipherSuite));
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+ actual_count++;
+ }
+ for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
+ ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
+ if (config_match(suite, ss->ssl3.policy, &ss->vrange, ss)) {
+ actual_count++;
+ if (actual_count > num_suites) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ /* set error card removal/insertion error */
+ PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
+ return SECFailure;
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite,
+ sizeof(ssl3CipherSuite));
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+ }
+ }
+
+ /* if cards were removed or inserted between count_cipher_suites and
+ * generating our list, detect the error here rather than send it off to
+ * the server.. */
+ if (actual_count != num_suites) {
+ /* Card removal/insertion error */
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
+ return SECFailure;
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, numCompressionMethods, 1);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+ for (i = 0; i < ssl_compression_method_count; i++) {
+ if (!ssl_CompressionEnabled(ss, ssl_compression_methods[i]))
+ continue;
+ rv = ssl3_AppendHandshakeNumber(ss, ssl_compression_methods[i], 1);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by ssl3_AppendHandshake* */
+ }
+ }
+
+ if (total_exten_len) {
+ PRUint32 maxBytes = total_exten_len - 2;
+ PRInt32 extLen;
+
+ rv = ssl3_AppendHandshakeNumber(ss, maxBytes, 2);
+ if (rv != SECSuccess) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return rv; /* err set by AppendHandshake. */
+ }
+
+ extLen = ssl3_AppendPaddingExtension(ss, paddingExtensionLen, maxBytes);
+ if (extLen < 0) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return SECFailure;
+ }
+ maxBytes -= extLen;
+
+ extLen = ssl3_CallHelloExtensionSenders(ss, PR_TRUE, maxBytes, NULL);
+ if (extLen < 0) {
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+ return SECFailure;
+ }
+ maxBytes -= extLen;
+
+ PORT_Assert(!maxBytes);
+ }
+
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+
+ if (ss->xtnData.sentSessionTicketInClientHello) {
+ SSL_AtomicIncrementLong(&ssl3stats.sch_sid_stateless_resumes);
+ }
+
+ if (ss->ssl3.hs.sendingSCSV) {
+ /* Since we sent the SCSV, pretend we sent empty RI extension. */
+ TLSExtensionData *xtnData = &ss->xtnData;
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_renegotiation_info_xtn;
+ }
+
+ flags = 0;
+ if (!ss->firstHsDone && !IS_DTLS(ss)) {
+ flags |= ssl_SEND_FLAG_CAP_RECORD_VERSION;
+ }
+ rv = ssl3_FlushHandshake(ss, flags);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by ssl3_FlushHandshake */
+ }
+
+ if (version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = tls13_MaybeDo0RTTHandshake(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code set already. */
+ }
+ }
+
+ ss->ssl3.hs.ws = wait_server_hello;
+ return SECSuccess;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered a
+ * complete ssl3 Hello Request.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleHelloRequest(sslSocket *ss)
+{
+ sslSessionID *sid = ss->sec.ci.sid;
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle hello_request handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3);
+
+ if (ss->ssl3.hs.ws == wait_server_hello)
+ return SECSuccess;
+ if (ss->ssl3.hs.ws != idle_handshake || ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
+ return SECFailure;
+ }
+ if (ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER) {
+ (void)SSL3_SendAlert(ss, alert_warning, no_renegotiation);
+ PORT_SetError(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED);
+ return SECFailure;
+ }
+
+ if (sid) {
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ ss->sec.ci.sid = NULL;
+ }
+
+ if (IS_DTLS(ss)) {
+ dtls_RehandshakeCleanup(ss);
+ }
+
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_SendClientHello(ss, client_hello_renegotiation);
+ ssl_ReleaseXmitBufLock(ss);
+
+ return rv;
+}
+
+#define UNKNOWN_WRAP_MECHANISM 0x7fffffff
+
+static const CK_MECHANISM_TYPE wrapMechanismList[SSL_NUM_WRAP_MECHS] = {
+ CKM_DES3_ECB,
+ CKM_CAST5_ECB,
+ CKM_DES_ECB,
+ CKM_KEY_WRAP_LYNKS,
+ CKM_IDEA_ECB,
+ CKM_CAST3_ECB,
+ CKM_CAST_ECB,
+ CKM_RC5_ECB,
+ CKM_RC2_ECB,
+ CKM_CDMF_ECB,
+ CKM_SKIPJACK_WRAP,
+ CKM_SKIPJACK_CBC64,
+ CKM_AES_ECB,
+ CKM_CAMELLIA_ECB,
+ CKM_SEED_ECB,
+ UNKNOWN_WRAP_MECHANISM
+};
+
+static int
+ssl_FindIndexByWrapMechanism(CK_MECHANISM_TYPE mech)
+{
+ const CK_MECHANISM_TYPE *pMech = wrapMechanismList;
+
+ while (mech != *pMech && *pMech != UNKNOWN_WRAP_MECHANISM) {
+ ++pMech;
+ }
+ return (*pMech == UNKNOWN_WRAP_MECHANISM) ? -1
+ : (pMech - wrapMechanismList);
+}
+
+static PK11SymKey *
+ssl_UnwrapSymWrappingKey(
+ SSLWrappedSymWrappingKey *pWswk,
+ SECKEYPrivateKey *svrPrivKey,
+ SSLAuthType authType,
+ CK_MECHANISM_TYPE masterWrapMech,
+ void *pwArg)
+{
+ PK11SymKey *unwrappedWrappingKey = NULL;
+ SECItem wrappedKey;
+ PK11SymKey *Ks;
+ SECKEYPublicKey pubWrapKey;
+ ECCWrappedKeyInfo *ecWrapped;
+
+ /* found the wrapping key on disk. */
+ PORT_Assert(pWswk->symWrapMechanism == masterWrapMech);
+ PORT_Assert(pWswk->authType == authType);
+ if (pWswk->symWrapMechanism != masterWrapMech ||
+ pWswk->authType != authType) {
+ goto loser;
+ }
+ wrappedKey.type = siBuffer;
+ wrappedKey.data = pWswk->wrappedSymmetricWrappingkey;
+ wrappedKey.len = pWswk->wrappedSymKeyLen;
+ PORT_Assert(wrappedKey.len <= sizeof pWswk->wrappedSymmetricWrappingkey);
+
+ switch (authType) {
+
+ case ssl_auth_rsa_decrypt:
+ case ssl_auth_rsa_sign: /* bad: see Bug 1248320 */
+ unwrappedWrappingKey =
+ PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
+ masterWrapMech, CKA_UNWRAP, 0);
+ break;
+
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ /*
+ * For ssl_auth_ecd*, we first create an EC public key based on
+ * data stored with the wrappedSymmetricWrappingkey. Next,
+ * we do an ECDH computation involving this public key and
+ * the SSL server's (long-term) EC private key. The resulting
+ * shared secret is treated the same way as Fortezza's Ks, i.e.,
+ * it is used to recover the symmetric wrapping key.
+ *
+ * The data in wrappedSymmetricWrappingkey is laid out as defined
+ * in the ECCWrappedKeyInfo structure.
+ */
+ ecWrapped = (ECCWrappedKeyInfo *)pWswk->wrappedSymmetricWrappingkey;
+
+ PORT_Assert(ecWrapped->encodedParamLen + ecWrapped->pubValueLen +
+ ecWrapped->wrappedKeyLen <=
+ MAX_EC_WRAPPED_KEY_BUFLEN);
+
+ if (ecWrapped->encodedParamLen + ecWrapped->pubValueLen +
+ ecWrapped->wrappedKeyLen >
+ MAX_EC_WRAPPED_KEY_BUFLEN) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ goto loser;
+ }
+
+ pubWrapKey.keyType = ecKey;
+ pubWrapKey.u.ec.size = ecWrapped->size;
+ pubWrapKey.u.ec.DEREncodedParams.len = ecWrapped->encodedParamLen;
+ pubWrapKey.u.ec.DEREncodedParams.data = ecWrapped->var;
+ pubWrapKey.u.ec.publicValue.len = ecWrapped->pubValueLen;
+ pubWrapKey.u.ec.publicValue.data = ecWrapped->var +
+ ecWrapped->encodedParamLen;
+
+ wrappedKey.len = ecWrapped->wrappedKeyLen;
+ wrappedKey.data = ecWrapped->var + ecWrapped->encodedParamLen +
+ ecWrapped->pubValueLen;
+
+ /* Derive Ks using ECDH */
+ Ks = PK11_PubDeriveWithKDF(svrPrivKey, &pubWrapKey, PR_FALSE, NULL,
+ NULL, CKM_ECDH1_DERIVE, masterWrapMech,
+ CKA_DERIVE, 0, CKD_NULL, NULL, NULL);
+ if (Ks == NULL) {
+ goto loser;
+ }
+
+ /* Use Ks to unwrap the wrapping key */
+ unwrappedWrappingKey = PK11_UnwrapSymKey(Ks, masterWrapMech, NULL,
+ &wrappedKey, masterWrapMech,
+ CKA_UNWRAP, 0);
+ PK11_FreeSymKey(Ks);
+
+ break;
+
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ goto loser;
+ }
+loser:
+ return unwrappedWrappingKey;
+}
+
+/* Each process sharing the server session ID cache has its own array of SymKey
+ * pointers for the symmetric wrapping keys that are used to wrap the master
+ * secrets. There is one key for each authentication type. These Symkeys
+ * correspond to the wrapped SymKeys kept in the server session cache.
+ */
+
+typedef struct {
+ PK11SymKey *symWrapKey[ssl_auth_size];
+} ssl3SymWrapKey;
+
+static PZLock *symWrapKeysLock = NULL;
+static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS];
+
+SECStatus
+ssl_FreeSymWrapKeysLock(void)
+{
+ if (symWrapKeysLock) {
+ PZ_DestroyLock(symWrapKeysLock);
+ symWrapKeysLock = NULL;
+ return SECSuccess;
+ }
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+}
+
+SECStatus
+SSL3_ShutdownServerCache(void)
+{
+ int i, j;
+
+ if (!symWrapKeysLock)
+ return SECSuccess; /* lock was never initialized */
+ PZ_Lock(symWrapKeysLock);
+ /* get rid of all symWrapKeys */
+ for (i = 0; i < SSL_NUM_WRAP_MECHS; ++i) {
+ for (j = 0; j < ssl_auth_size; ++j) {
+ PK11SymKey **pSymWrapKey;
+ pSymWrapKey = &symWrapKeys[i].symWrapKey[j];
+ if (*pSymWrapKey) {
+ PK11_FreeSymKey(*pSymWrapKey);
+ *pSymWrapKey = NULL;
+ }
+ }
+ }
+
+ PZ_Unlock(symWrapKeysLock);
+ ssl_FreeSessionCacheLocks();
+ return SECSuccess;
+}
+
+SECStatus
+ssl_InitSymWrapKeysLock(void)
+{
+ symWrapKeysLock = PZ_NewLock(nssILockOther);
+ return symWrapKeysLock ? SECSuccess : SECFailure;
+}
+
+/* Try to get wrapping key for mechanism from in-memory array.
+ * If that fails, look for one on disk.
+ * If that fails, generate a new one, put the new one on disk,
+ * Put the new key in the in-memory array.
+ *
+ * Note that this function performs some fairly inadvisable functions with
+ * certificate private keys. ECDSA keys are used with ECDH; similarly, RSA
+ * signing keys are used to encrypt. Bug 1248320.
+ */
+PK11SymKey *
+ssl3_GetWrappingKey(sslSocket *ss,
+ PK11SlotInfo *masterSecretSlot,
+ const sslServerCert *serverCert,
+ CK_MECHANISM_TYPE masterWrapMech,
+ void *pwArg)
+{
+ SSLAuthType authType;
+ SECKEYPrivateKey *svrPrivKey;
+ SECKEYPublicKey *svrPubKey = NULL;
+ PK11SymKey *unwrappedWrappingKey = NULL;
+ PK11SymKey **pSymWrapKey;
+ CK_MECHANISM_TYPE asymWrapMechanism = CKM_INVALID_MECHANISM;
+ int length;
+ int symWrapMechIndex;
+ SECStatus rv;
+ SECItem wrappedKey;
+ SSLWrappedSymWrappingKey wswk;
+ PK11SymKey *Ks = NULL;
+ SECKEYPublicKey *pubWrapKey = NULL;
+ SECKEYPrivateKey *privWrapKey = NULL;
+ ECCWrappedKeyInfo *ecWrapped;
+
+ PORT_Assert(serverCert);
+ PORT_Assert(serverCert->serverKeyPair);
+ PORT_Assert(serverCert->serverKeyPair->privKey);
+ PORT_Assert(serverCert->serverKeyPair->pubKey);
+ if (!serverCert || !serverCert->serverKeyPair ||
+ !serverCert->serverKeyPair->privKey ||
+ !serverCert->serverKeyPair->pubKey) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL; /* hmm */
+ }
+ authType = serverCert->certType.authType;
+ svrPrivKey = serverCert->serverKeyPair->privKey;
+
+ symWrapMechIndex = ssl_FindIndexByWrapMechanism(masterWrapMech);
+ PORT_Assert(symWrapMechIndex >= 0);
+ if (symWrapMechIndex < 0)
+ return NULL; /* invalid masterWrapMech. */
+
+ pSymWrapKey = &symWrapKeys[symWrapMechIndex].symWrapKey[authType];
+
+ ssl_InitSessionCacheLocks(PR_TRUE);
+
+ PZ_Lock(symWrapKeysLock);
+
+ unwrappedWrappingKey = *pSymWrapKey;
+ if (unwrappedWrappingKey != NULL) {
+ if (PK11_VerifyKeyOK(unwrappedWrappingKey)) {
+ unwrappedWrappingKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
+ goto done;
+ }
+ /* slot series has changed, so this key is no good any more. */
+ PK11_FreeSymKey(unwrappedWrappingKey);
+ *pSymWrapKey = unwrappedWrappingKey = NULL;
+ }
+
+ /* Try to get wrapped SymWrapping key out of the (disk) cache. */
+ /* Following call fills in wswk on success. */
+ if (ssl_GetWrappingKey(symWrapMechIndex, authType, &wswk)) {
+ /* found the wrapped sym wrapping key on disk. */
+ unwrappedWrappingKey =
+ ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, authType,
+ masterWrapMech, pwArg);
+ if (unwrappedWrappingKey) {
+ goto install;
+ }
+ }
+
+ if (!masterSecretSlot) /* caller doesn't want to create a new one. */
+ goto loser;
+
+ length = PK11_GetBestKeyLength(masterSecretSlot, masterWrapMech);
+ /* Zero length means fixed key length algorithm, or error.
+ * It's ambiguous.
+ */
+ unwrappedWrappingKey = PK11_KeyGen(masterSecretSlot, masterWrapMech, NULL,
+ length, pwArg);
+ if (!unwrappedWrappingKey) {
+ goto loser;
+ }
+
+ /* Prepare the buffer to receive the wrappedWrappingKey,
+ * the symmetric wrapping key wrapped using the server's pub key.
+ */
+ PORT_Memset(&wswk, 0, sizeof wswk); /* eliminate UMRs. */
+
+ svrPubKey = serverCert->serverKeyPair->pubKey;
+ wrappedKey.type = siBuffer;
+ wrappedKey.len = SECKEY_PublicKeyStrength(svrPubKey);
+ wrappedKey.data = wswk.wrappedSymmetricWrappingkey;
+
+ PORT_Assert(wrappedKey.len <= sizeof wswk.wrappedSymmetricWrappingkey);
+ if (wrappedKey.len > sizeof wswk.wrappedSymmetricWrappingkey)
+ goto loser;
+
+ /* wrap symmetric wrapping key in server's public key. */
+ switch (authType) {
+ case ssl_auth_rsa_decrypt:
+ case ssl_auth_rsa_sign: /* bad: see Bug 1248320 */
+ asymWrapMechanism = CKM_RSA_PKCS;
+ rv = PK11_PubWrapSymKey(asymWrapMechanism, svrPubKey,
+ unwrappedWrappingKey, &wrappedKey);
+ break;
+
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ /*
+ * We generate an ephemeral EC key pair. Perform an ECDH
+ * computation involving this ephemeral EC public key and
+ * the SSL server's (long-term) EC private key. The resulting
+ * shared secret is treated in the same way as Fortezza's Ks,
+ * i.e., it is used to wrap the wrapping key. To facilitate
+ * unwrapping in ssl_UnwrapWrappingKey, we also store all
+ * relevant info about the ephemeral EC public key in
+ * wswk.wrappedSymmetricWrappingkey and lay it out as
+ * described in the ECCWrappedKeyInfo structure.
+ */
+ PORT_Assert(SECKEY_GetPublicKeyType(svrPubKey) == ecKey);
+ if (SECKEY_GetPublicKeyType(svrPubKey) != ecKey) {
+ /* something is wrong in sslsecur.c if this isn't an ecKey */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ goto ec_cleanup;
+ }
+
+ privWrapKey = SECKEY_CreateECPrivateKey(
+ &svrPubKey->u.ec.DEREncodedParams, &pubWrapKey, NULL);
+ if ((privWrapKey == NULL) || (pubWrapKey == NULL)) {
+ rv = SECFailure;
+ goto ec_cleanup;
+ }
+
+ /* Set the key size in bits */
+ if (pubWrapKey->u.ec.size == 0) {
+ pubWrapKey->u.ec.size = SECKEY_PublicKeyStrengthInBits(svrPubKey);
+ }
+
+ PORT_Assert(pubWrapKey->u.ec.DEREncodedParams.len +
+ pubWrapKey->u.ec.publicValue.len <
+ MAX_EC_WRAPPED_KEY_BUFLEN);
+ if (pubWrapKey->u.ec.DEREncodedParams.len +
+ pubWrapKey->u.ec.publicValue.len >=
+ MAX_EC_WRAPPED_KEY_BUFLEN) {
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ rv = SECFailure;
+ goto ec_cleanup;
+ }
+
+ /* Derive Ks using ECDH */
+ Ks = PK11_PubDeriveWithKDF(svrPrivKey, pubWrapKey, PR_FALSE, NULL,
+ NULL, CKM_ECDH1_DERIVE, masterWrapMech,
+ CKA_DERIVE, 0, CKD_NULL, NULL, NULL);
+ if (Ks == NULL) {
+ rv = SECFailure;
+ goto ec_cleanup;
+ }
+
+ ecWrapped = (ECCWrappedKeyInfo *)(wswk.wrappedSymmetricWrappingkey);
+ ecWrapped->size = pubWrapKey->u.ec.size;
+ ecWrapped->encodedParamLen = pubWrapKey->u.ec.DEREncodedParams.len;
+ PORT_Memcpy(ecWrapped->var, pubWrapKey->u.ec.DEREncodedParams.data,
+ pubWrapKey->u.ec.DEREncodedParams.len);
+
+ ecWrapped->pubValueLen = pubWrapKey->u.ec.publicValue.len;
+ PORT_Memcpy(ecWrapped->var + ecWrapped->encodedParamLen,
+ pubWrapKey->u.ec.publicValue.data,
+ pubWrapKey->u.ec.publicValue.len);
+
+ wrappedKey.len = MAX_EC_WRAPPED_KEY_BUFLEN -
+ (ecWrapped->encodedParamLen + ecWrapped->pubValueLen);
+ wrappedKey.data = ecWrapped->var + ecWrapped->encodedParamLen +
+ ecWrapped->pubValueLen;
+
+ /* wrap symmetricWrapping key with the local Ks */
+ rv = PK11_WrapSymKey(masterWrapMech, NULL, Ks,
+ unwrappedWrappingKey, &wrappedKey);
+
+ if (rv != SECSuccess) {
+ goto ec_cleanup;
+ }
+
+ /* Write down the length of wrapped key in the buffer
+ * wswk.wrappedSymmetricWrappingkey at the appropriate offset
+ */
+ ecWrapped->wrappedKeyLen = wrappedKey.len;
+
+ ec_cleanup:
+ if (privWrapKey)
+ SECKEY_DestroyPrivateKey(privWrapKey);
+ if (pubWrapKey)
+ SECKEY_DestroyPublicKey(pubWrapKey);
+ if (Ks)
+ PK11_FreeSymKey(Ks);
+ asymWrapMechanism = masterWrapMech;
+ break;
+
+ default:
+ rv = SECFailure;
+ break;
+ }
+
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ PORT_Assert(asymWrapMechanism != CKM_INVALID_MECHANISM);
+
+ wswk.symWrapMechanism = masterWrapMech;
+ wswk.symWrapMechIndex = symWrapMechIndex;
+ wswk.asymWrapMechanism = asymWrapMechanism;
+ wswk.authType = authType;
+ wswk.wrappedSymKeyLen = wrappedKey.len;
+
+ /* put it on disk. */
+ /* If the wrapping key for this KEA type has already been set,
+ * then abandon the value we just computed and
+ * use the one we got from the disk.
+ */
+ if (ssl_SetWrappingKey(&wswk)) {
+ /* somebody beat us to it. The original contents of our wswk
+ * has been replaced with the content on disk. Now, discard
+ * the key we just created and unwrap this new one.
+ */
+ PK11_FreeSymKey(unwrappedWrappingKey);
+
+ unwrappedWrappingKey =
+ ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, authType,
+ masterWrapMech, pwArg);
+ }
+
+install:
+ if (unwrappedWrappingKey) {
+ *pSymWrapKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
+ }
+
+loser:
+done:
+ PZ_Unlock(symWrapKeysLock);
+ return unwrappedWrappingKey;
+}
+
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
+/* hexEncode hex encodes |length| bytes from |in| and writes it as |length*2|
+ * bytes to |out|. */
+static void
+hexEncode(char *out, const unsigned char *in, unsigned int length)
+{
+ static const char hextable[] = "0123456789abcdef";
+ unsigned int i;
+
+ for (i = 0; i < length; i++) {
+ *(out++) = hextable[in[i] >> 4];
+ *(out++) = hextable[in[i] & 15];
+ }
+}
+#endif
+
+/* Called from ssl3_SendClientKeyExchange(). */
+static SECStatus
+ssl3_SendRSAClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey)
+{
+ PK11SymKey *pms = NULL;
+ SECStatus rv = SECFailure;
+ SECItem enc_pms = { siBuffer, NULL, 0 };
+ PRBool isTLS;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ /* Generate the pre-master secret ... */
+ ssl_GetSpecWriteLock(ss);
+ isTLS = (PRBool)(ss->ssl3.pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ pms = ssl3_GenerateRSAPMS(ss, ss->ssl3.pwSpec, NULL);
+ ssl_ReleaseSpecWriteLock(ss);
+ if (pms == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ /* Get the wrapped (encrypted) pre-master secret, enc_pms */
+ enc_pms.len = SECKEY_PublicKeyStrength(svrPubKey);
+ enc_pms.data = (unsigned char *)PORT_Alloc(enc_pms.len);
+ if (enc_pms.data == NULL) {
+ goto loser; /* err set by PORT_Alloc */
+ }
+
+ /* wrap pre-master secret in server's public key. */
+ rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
+ if (ssl_keylog_iob) {
+ SECStatus extractRV = PK11_ExtractKeyValue(pms);
+ if (extractRV == SECSuccess) {
+ SECItem *keyData = PK11_GetKeyData(pms);
+ if (keyData && keyData->data && keyData->len) {
+#ifdef TRACE
+ if (ssl_trace >= 100) {
+ ssl_PrintBuf(ss, "Pre-Master Secret",
+ keyData->data, keyData->len);
+ }
+#endif
+ if (ssl_keylog_iob && enc_pms.len >= 8 && keyData->len == 48) {
+ /* https://developer.mozilla.org/en/NSS_Key_Log_Format */
+
+ /* There could be multiple, concurrent writers to the
+ * keylog, so we have to do everything in a single call to
+ * fwrite. */
+ char buf[4 + 8 * 2 + 1 + 48 * 2 + 1];
+
+ strcpy(buf, "RSA ");
+ hexEncode(buf + 4, enc_pms.data, 8);
+ buf[20] = ' ';
+ hexEncode(buf + 21, keyData->data, 48);
+ buf[sizeof(buf) - 1] = '\n';
+
+ fwrite(buf, sizeof(buf), 1, ssl_keylog_iob);
+ fflush(ssl_keylog_iob);
+ }
+ }
+ }
+ }
+#endif
+
+ rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
+ isTLS ? enc_pms.len + 2
+ : enc_pms.len);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by ssl3_AppendHandshake* */
+ }
+ if (isTLS) {
+ rv = ssl3_AppendHandshakeVariable(ss, enc_pms.data, enc_pms.len, 2);
+ } else {
+ rv = ssl3_AppendHandshake(ss, enc_pms.data, enc_pms.len);
+ }
+ if (rv != SECSuccess) {
+ goto loser; /* err set by ssl3_AppendHandshake* */
+ }
+
+ rv = ssl3_InitPendingCipherSpec(ss, pms);
+ PK11_FreeSymKey(pms);
+ pms = NULL;
+
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ rv = SECSuccess;
+
+loser:
+ if (enc_pms.data != NULL) {
+ PORT_Free(enc_pms.data);
+ }
+ if (pms != NULL) {
+ PK11_FreeSymKey(pms);
+ }
+ return rv;
+}
+
+/* DH shares need to be padded to the size of their prime. Some implementations
+ * require this. TLS 1.3 also requires this. */
+SECStatus
+ssl_AppendPaddedDHKeyShare(const sslSocket *ss, const SECKEYPublicKey *pubKey,
+ PRBool appendLength)
+{
+ SECStatus rv;
+ unsigned int pad = pubKey->u.dh.prime.len - pubKey->u.dh.publicValue.len;
+
+ if (appendLength) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, pubKey->u.dh.prime.len, 2);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ while (pad) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 1);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ --pad;
+ }
+ rv = ssl3_ExtAppendHandshake(ss, pubKey->u.dh.publicValue.data,
+ pubKey->u.dh.publicValue.len);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return SECSuccess;
+}
+
+/* Called from ssl3_SendClientKeyExchange(). */
+static SECStatus
+ssl3_SendDHClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey)
+{
+ PK11SymKey *pms = NULL;
+ SECStatus rv;
+ PRBool isTLS;
+ CK_MECHANISM_TYPE target;
+
+ const ssl3DHParams *params;
+ ssl3DHParams customParams;
+ const sslNamedGroupDef *groupDef;
+ static const sslNamedGroupDef customGroupDef = {
+ ssl_grp_ffdhe_custom, 0, ssl_kea_dh, SEC_OID_TLS_DHE_CUSTOM, PR_FALSE
+ };
+ sslEphemeralKeyPair *keyPair = NULL;
+ SECKEYPublicKey *pubKey;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ isTLS = (PRBool)(ss->ssl3.pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ /* Copy DH parameters from server key */
+
+ if (SECKEY_GetPublicKeyType(svrPubKey) != dhKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ return SECFailure;
+ }
+
+ /* Work out the parameters. */
+ rv = ssl_ValidateDHENamedGroup(ss, &svrPubKey->u.dh.prime,
+ &svrPubKey->u.dh.base,
+ &groupDef, &params);
+ if (rv != SECSuccess) {
+ /* If we require named groups, we will have already validated the group
+ * in ssl_HandleDHServerKeyExchange() */
+ PORT_Assert(!ss->opt.requireDHENamedGroups &&
+ !ss->xtnData.peerSupportsFfdheGroups);
+
+ customParams.name = ssl_grp_ffdhe_custom;
+ customParams.prime.data = svrPubKey->u.dh.prime.data;
+ customParams.prime.len = svrPubKey->u.dh.prime.len;
+ customParams.base.data = svrPubKey->u.dh.base.data;
+ customParams.base.len = svrPubKey->u.dh.base.len;
+ params = &customParams;
+ groupDef = &customGroupDef;
+ }
+ ss->sec.keaGroup = groupDef;
+
+ rv = ssl_CreateDHEKeyPair(groupDef, params, &keyPair);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
+ goto loser;
+ }
+ pubKey = keyPair->keys->pubKey;
+ PRINT_BUF(50, (ss, "DH public value:",
+ pubKey->u.dh.publicValue.data,
+ pubKey->u.dh.publicValue.len));
+
+ if (isTLS)
+ target = CKM_TLS_MASTER_KEY_DERIVE_DH;
+ else
+ target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
+
+ /* Determine the PMS */
+ pms = PK11_PubDerive(keyPair->keys->privKey, svrPubKey,
+ PR_FALSE, NULL, NULL, CKM_DH_PKCS_DERIVE,
+ target, CKA_DERIVE, 0, NULL);
+
+ if (pms == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ /* Note: send the DH share padded to avoid triggering bugs. */
+ rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
+ params->prime.len + 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by ssl3_AppendHandshake* */
+ }
+ rv = ssl_AppendPaddedDHKeyShare(ss, pubKey, PR_TRUE);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by ssl_AppendPaddedDHKeyShare */
+ }
+
+ rv = ssl3_InitPendingCipherSpec(ss, pms);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ PK11_FreeSymKey(pms);
+ ssl_FreeEphemeralKeyPair(keyPair);
+ return SECSuccess;
+
+loser:
+ if (pms)
+ PK11_FreeSymKey(pms);
+ if (keyPair)
+ ssl_FreeEphemeralKeyPair(keyPair);
+ return SECFailure;
+}
+
+/* Called from ssl3_HandleServerHelloDone(). */
+static SECStatus
+ssl3_SendClientKeyExchange(sslSocket *ss)
+{
+ SECKEYPublicKey *serverKey = NULL;
+ SECStatus rv = SECFailure;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send client_key_exchange handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->sec.peerKey == NULL) {
+ serverKey = CERT_ExtractPublicKey(ss->sec.peerCert);
+ if (serverKey == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
+ return SECFailure;
+ }
+ } else {
+ serverKey = ss->sec.peerKey;
+ ss->sec.peerKey = NULL; /* we're done with it now */
+ }
+
+ ss->sec.keaType = ss->ssl3.hs.kea_def->exchKeyType;
+ ss->sec.keaKeyBits = SECKEY_PublicKeyStrengthInBits(serverKey);
+
+ switch (ss->ssl3.hs.kea_def->exchKeyType) {
+ case ssl_kea_rsa:
+ rv = ssl3_SendRSAClientKeyExchange(ss, serverKey);
+ break;
+
+ case ssl_kea_dh:
+ rv = ssl3_SendDHClientKeyExchange(ss, serverKey);
+ break;
+
+ case ssl_kea_ecdh:
+ rv = ssl3_SendECDHClientKeyExchange(ss, serverKey);
+ break;
+
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ break;
+ }
+
+ SSL_TRC(3, ("%d: SSL3[%d]: DONE sending client_key_exchange",
+ SSL_GETPID(), ss->fd));
+
+ SECKEY_DestroyPublicKey(serverKey);
+ return rv; /* err code already set. */
+}
+
+SECStatus
+ssl_PickSignatureScheme(sslSocket *ss,
+ SECKEYPublicKey *pubKey,
+ SECKEYPrivateKey *privKey,
+ const SSLSignatureScheme *peerSchemes,
+ unsigned int peerSchemeCount,
+ PRBool requireSha1)
+{
+ unsigned int i, j;
+ const sslNamedGroupDef *group = NULL;
+ KeyType keyType;
+ PK11SlotInfo *slot;
+ PRBool slotDoesPss;
+ PRBool isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
+
+ /* We can't require SHA-1 in TLS 1.3. */
+ PORT_Assert(!(requireSha1 && isTLS13));
+ if (!pubKey || !privKey) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ slot = PK11_GetSlotFromPrivateKey(privKey);
+ if (!slot) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ slotDoesPss = PK11_DoesMechanism(slot, auth_alg_defs[ssl_auth_rsa_pss]);
+ PK11_FreeSlot(slot);
+
+ keyType = SECKEY_GetPublicKeyType(pubKey);
+ if (keyType == ecKey) {
+ group = ssl_ECPubKey2NamedGroup(pubKey);
+ }
+
+ /* Here we look for the first local preference that the client has
+ * indicated support for in their signature_algorithms extension. */
+ for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
+ SSLHashType hashType;
+ SECOidTag hashOID;
+ SSLSignatureScheme preferred = ss->ssl3.signatureSchemes[i];
+ PRUint32 policy;
+
+ if (!ssl_SignatureSchemeValidForKey(!isTLS13 /* allowSha1 */,
+ isTLS13 /* matchGroup */,
+ keyType, group, preferred)) {
+ continue;
+ }
+
+ /* Skip RSA-PSS schemes when the certificate's private key slot does
+ * not support this signature mechanism. */
+ if (ssl_IsRsaPssSignatureScheme(preferred) && !slotDoesPss) {
+ continue;
+ }
+
+ hashType = ssl_SignatureSchemeToHashType(preferred);
+ if (requireSha1 && (hashType != ssl_hash_sha1)) {
+ continue;
+ }
+ hashOID = ssl3_HashTypeToOID(hashType);
+ if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) &&
+ !(policy & NSS_USE_ALG_IN_SSL_KX)) {
+ /* we ignore hashes we don't support */
+ continue;
+ }
+
+ for (j = 0; j < peerSchemeCount; j++) {
+ if (peerSchemes[j] == preferred) {
+ ss->ssl3.hs.signatureScheme = preferred;
+ return SECSuccess;
+ }
+ }
+ }
+
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
+}
+
+/* ssl3_PickServerSignatureScheme selects a signature scheme for signing the
+ * handshake. Most of this is determined by the key pair we are using.
+ * Prior to TLS 1.2, the MD5/SHA1 combination is always used. With TLS 1.2, a
+ * client may advertise its support for signature and hash combinations. */
+static SECStatus
+ssl3_PickServerSignatureScheme(sslSocket *ss)
+{
+ sslKeyPair *keyPair = ss->sec.serverCert->serverKeyPair;
+ PRBool isTLS12 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_2;
+
+ if (!isTLS12 || !ssl3_ExtensionNegotiated(ss, ssl_signature_algorithms_xtn)) {
+ /* If the client didn't provide any signature_algorithms extension then
+ * we can assume that they support SHA-1: RFC5246, Section 7.4.1.4.1. */
+ switch (SECKEY_GetPublicKeyType(keyPair->pubKey)) {
+ case rsaKey:
+ if (isTLS12) {
+ ss->ssl3.hs.signatureScheme = ssl_sig_rsa_pkcs1_sha1;
+ } else {
+ ss->ssl3.hs.signatureScheme = ssl_sig_rsa_pkcs1_sha1md5;
+ }
+ break;
+ case ecKey:
+ ss->ssl3.hs.signatureScheme = ssl_sig_ecdsa_sha1;
+ break;
+ case dsaKey:
+ ss->ssl3.hs.signatureScheme = ssl_sig_dsa_sha1;
+ break;
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_KEY);
+ return SECFailure;
+ }
+ return SECSuccess;
+ }
+
+ /* Sets error code, if needed. */
+ return ssl_PickSignatureScheme(ss, keyPair->pubKey, keyPair->privKey,
+ ss->xtnData.clientSigSchemes,
+ ss->xtnData.numClientSigScheme,
+ PR_FALSE /* requireSha1 */);
+}
+
+static SECStatus
+ssl_PickClientSignatureScheme(sslSocket *ss, const SSLSignatureScheme *schemes,
+ unsigned int numSchemes)
+{
+ SECKEYPrivateKey *privKey = ss->ssl3.clientPrivateKey;
+ SECKEYPublicKey *pubKey;
+ SECStatus rv;
+
+ pubKey = CERT_ExtractPublicKey(ss->ssl3.clientCertificate);
+ PORT_Assert(pubKey);
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ (SECKEY_GetPublicKeyType(pubKey) == rsaKey ||
+ SECKEY_GetPublicKeyType(pubKey) == dsaKey) &&
+ SECKEY_PublicKeyStrengthInBits(pubKey) <= 1024) {
+ /* If the key is a 1024-bit RSA or DSA key, assume conservatively that
+ * it may be unable to sign SHA-256 hashes. This is the case for older
+ * Estonian ID cards that have 1024-bit RSA keys. In FIPS 186-2 and
+ * older, DSA key size is at most 1024 bits and the hash function must
+ * be SHA-1.
+ */
+ rv = ssl_PickSignatureScheme(ss, pubKey, privKey, schemes, numSchemes,
+ PR_TRUE /* requireSha1 */);
+ if (rv == SECSuccess) {
+ SECKEY_DestroyPublicKey(pubKey);
+ return SECSuccess;
+ }
+ /* If this fails, that's because the peer doesn't advertise SHA-1,
+ * so fall back to the full negotiation. */
+ }
+ rv = ssl_PickSignatureScheme(ss, pubKey, privKey, schemes, numSchemes,
+ PR_FALSE /* requireSha1 */);
+ SECKEY_DestroyPublicKey(pubKey);
+ return rv;
+}
+
+/* Called from ssl3_HandleServerHelloDone(). */
+static SECStatus
+ssl3_SendCertificateVerify(sslSocket *ss, SECKEYPrivateKey *privKey)
+{
+ SECStatus rv = SECFailure;
+ PRBool isTLS12;
+ SECItem buf = { siBuffer, NULL, 0 };
+ SSL3Hashes hashes;
+ unsigned int len;
+ SSLHashType hashAlg;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send certificate_verify handshake",
+ SSL_GETPID(), ss->fd));
+
+ ssl_GetSpecReadLock(ss);
+
+ if (ss->ssl3.hs.hashType == handshake_hash_record) {
+ hashAlg = ssl_SignatureSchemeToHashType(ss->ssl3.hs.signatureScheme);
+ } else {
+ /* Use ssl_hash_none to represent the MD5+SHA1 combo. */
+ hashAlg = ssl_hash_none;
+ }
+ if (ss->ssl3.hs.hashType == handshake_hash_record &&
+ hashAlg != ssl3_GetSuitePrfHash(ss)) {
+ rv = ssl3_ComputeHandshakeHash(ss->ssl3.hs.messages.buf,
+ ss->ssl3.hs.messages.len,
+ hashAlg, &hashes);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ }
+ } else {
+ rv = ssl3_ComputeHandshakeHashes(ss, ss->ssl3.pwSpec, &hashes, 0);
+ }
+ ssl_ReleaseSpecReadLock(ss);
+ if (rv != SECSuccess) {
+ goto done; /* err code was set by ssl3_ComputeHandshakeHash(es) */
+ }
+
+ isTLS12 = (PRBool)(ss->version == SSL_LIBRARY_VERSION_TLS_1_2);
+ PORT_Assert(ss->version <= SSL_LIBRARY_VERSION_TLS_1_2);
+
+ rv = ssl3_SignHashes(ss, &hashes, privKey, &buf);
+ if (rv == SECSuccess && !ss->sec.isServer) {
+ /* Remember the info about the slot that did the signing.
+ ** Later, when doing an SSL restart handshake, verify this.
+ ** These calls are mere accessors, and can't fail.
+ */
+ PK11SlotInfo *slot;
+ sslSessionID *sid = ss->sec.ci.sid;
+
+ slot = PK11_GetSlotFromPrivateKey(privKey);
+ sid->u.ssl3.clAuthSeries = PK11_GetSlotSeries(slot);
+ sid->u.ssl3.clAuthSlotID = PK11_GetSlotID(slot);
+ sid->u.ssl3.clAuthModuleID = PK11_GetModuleID(slot);
+ sid->u.ssl3.clAuthValid = PR_TRUE;
+ PK11_FreeSlot(slot);
+ }
+ if (rv != SECSuccess) {
+ goto done; /* err code was set by ssl3_SignHashes */
+ }
+
+ len = buf.len + 2 + (isTLS12 ? 2 : 0);
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate_verify, len);
+ if (rv != SECSuccess) {
+ goto done; /* error code set by AppendHandshake */
+ }
+ if (isTLS12) {
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.signatureScheme, 2);
+ if (rv != SECSuccess) {
+ goto done; /* err set by AppendHandshake. */
+ }
+ }
+ rv = ssl3_AppendHandshakeVariable(ss, buf.data, buf.len, 2);
+ if (rv != SECSuccess) {
+ goto done; /* error code set by AppendHandshake */
+ }
+
+done:
+ if (buf.data)
+ PORT_Free(buf.data);
+ return rv;
+}
+
+/* Once a cipher suite has been selected, make sure that the necessary secondary
+ * information is properly set. */
+SECStatus
+ssl3_SetCipherSuite(sslSocket *ss, ssl3CipherSuite chosenSuite,
+ PRBool initHashes)
+{
+ ss->ssl3.hs.cipher_suite = chosenSuite;
+ ss->ssl3.hs.suite_def = ssl_LookupCipherSuiteDef(chosenSuite);
+ if (!ss->ssl3.hs.suite_def) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ ss->ssl3.hs.kea_def = &kea_defs[ss->ssl3.hs.suite_def->key_exchange_alg];
+ ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_cipher_suite;
+
+ if (!initHashes) {
+ return SECSuccess;
+ }
+ /* Now we've have a cipher suite, initialize the handshake hashes. */
+ return ssl3_InitHandshakeHashes(ss);
+}
+
+/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
+ * ssl3 ServerHello message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ PRInt32 temp; /* allow for consume number failure */
+ PRBool suite_found = PR_FALSE;
+ int i;
+ int errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
+ SECStatus rv;
+ SECItem sidBytes = { siBuffer, NULL, 0 };
+ PRBool isTLS = PR_FALSE;
+ SSL3AlertDescription desc = illegal_parameter;
+#ifndef TLS_1_3_DRAFT_VERSION
+ SSL3ProtocolVersion downgradeCheckVersion;
+#endif
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->ssl3.initialized);
+
+ if (ss->ssl3.hs.ws != wait_server_hello) {
+ errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO;
+ desc = unexpected_message;
+ goto alert_loser;
+ }
+
+ /* clean up anything left from previous handshake. */
+ if (ss->ssl3.clientCertChain != NULL) {
+ CERT_DestroyCertificateList(ss->ssl3.clientCertChain);
+ ss->ssl3.clientCertChain = NULL;
+ }
+ if (ss->ssl3.clientCertificate != NULL) {
+ CERT_DestroyCertificate(ss->ssl3.clientCertificate);
+ ss->ssl3.clientCertificate = NULL;
+ }
+ if (ss->ssl3.clientPrivateKey != NULL) {
+ SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+ ss->ssl3.clientPrivateKey = NULL;
+ }
+
+ rv = ssl_ClientReadVersion(ss, &b, &length, &ss->version);
+ if (rv != SECSuccess) {
+ goto loser; /* alert has been sent */
+ }
+
+ /* We got a HelloRetryRequest, but the server didn't pick 1.3. Scream. */
+ if (ss->ssl3.hs.helloRetry && ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ desc = illegal_parameter;
+ errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
+ goto alert_loser;
+ }
+
+ /* Check that the server negotiated the same version as it did
+ * in the first handshake. This isn't really the best place for
+ * us to be getting this version number, but it's what we have.
+ * (1294697). */
+ if (ss->firstHsDone && (ss->version != ss->ssl3.crSpec->version)) {
+ desc = illegal_parameter;
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION;
+ goto alert_loser;
+ }
+ ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_version;
+ isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0);
+
+ rv = ssl3_ConsumeHandshake(
+ ss, &ss->ssl3.hs.server_random, SSL3_RANDOM_LENGTH, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* alert has been sent */
+ }
+
+#ifndef TLS_1_3_DRAFT_VERSION
+ /* Check the ServerHello.random per
+ * [draft-ietf-tls-tls13-11 Section 6.3.1.1].
+ *
+ * TLS 1.3 clients receiving a TLS 1.2 or below ServerHello MUST check
+ * that the top eight octets are not equal to either of these values.
+ * TLS 1.2 clients SHOULD also perform this check if the ServerHello
+ * indicates TLS 1.1 or below. If a match is found the client MUST
+ * abort the handshake with a fatal "illegal_parameter" alert.
+ *
+ * Disable this test during the TLS 1.3 draft version period.
+ */
+ downgradeCheckVersion = ss->ssl3.downgradeCheckVersion ? ss->ssl3.downgradeCheckVersion
+ : ss->vrange.max;
+
+ if (downgradeCheckVersion >= SSL_LIBRARY_VERSION_TLS_1_2 &&
+ downgradeCheckVersion > ss->version) {
+ /* Both sections use the same sentinel region. */
+ unsigned char *downgrade_sentinel =
+ ss->ssl3.hs.server_random.rand +
+ SSL3_RANDOM_LENGTH - sizeof(tls13_downgrade_random);
+ if (!PORT_Memcmp(downgrade_sentinel,
+ tls13_downgrade_random,
+ sizeof(tls13_downgrade_random)) ||
+ !PORT_Memcmp(downgrade_sentinel,
+ tls12_downgrade_random,
+ sizeof(tls12_downgrade_random))) {
+ desc = illegal_parameter;
+ errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
+ goto alert_loser;
+ }
+ }
+#endif
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* alert has been sent */
+ }
+ if (sidBytes.len > SSL3_SESSIONID_BYTES) {
+ if (isTLS)
+ desc = decode_error;
+ goto alert_loser; /* malformed. */
+ }
+ }
+
+ /* find selected cipher suite in our list. */
+ temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
+ if (temp < 0) {
+ goto loser; /* alert has been sent */
+ }
+ i = ssl3_config_match_init(ss);
+ PORT_Assert(i > 0);
+ if (i <= 0) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+ for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
+ ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
+ if (temp == suite->cipher_suite) {
+ SSLVersionRange vrange = { ss->version, ss->version };
+ if (!config_match(suite, ss->ssl3.policy, &vrange, ss)) {
+ /* config_match already checks whether the cipher suite is
+ * acceptable for the version, but the check is repeated here
+ * in order to give a more precise error code. */
+ if (!ssl3_CipherSuiteAllowedForVersionRange(temp, &vrange)) {
+ desc = handshake_failure;
+ errCode = SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION;
+ goto alert_loser;
+ }
+
+ break; /* failure */
+ }
+
+ suite_found = PR_TRUE;
+ break; /* success */
+ }
+ }
+ if (!suite_found) {
+ desc = handshake_failure;
+ errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
+ goto alert_loser;
+ }
+
+ rv = ssl3_SetCipherSuite(ss, (ssl3CipherSuite)temp, PR_TRUE);
+ if (rv != SECSuccess) {
+ desc = internal_error;
+ errCode = PORT_GetError();
+ goto alert_loser;
+ }
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* find selected compression method in our list. */
+ temp = ssl3_ConsumeHandshakeNumber(ss, 1, &b, &length);
+ if (temp < 0) {
+ goto loser; /* alert has been sent */
+ }
+ suite_found = PR_FALSE;
+ for (i = 0; i < ssl_compression_method_count; i++) {
+ if (temp == ssl_compression_methods[i]) {
+ if (!ssl_CompressionEnabled(ss, ssl_compression_methods[i])) {
+ break; /* failure */
+ }
+ suite_found = PR_TRUE;
+ break; /* success */
+ }
+ }
+ if (!suite_found) {
+ desc = handshake_failure;
+ errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
+ goto alert_loser;
+ }
+ ss->ssl3.hs.compression = (SSLCompressionMethod)temp;
+ } else {
+ ss->ssl3.hs.compression = ssl_compression_null;
+ }
+
+ /* Note that if !isTLS and the extra stuff is not extensions, we
+ * do NOT goto alert_loser.
+ * There are some old SSL 3.0 implementations that do send stuff
+ * after the end of the server hello, and we deliberately ignore
+ * such stuff in the interest of maximal interoperability (being
+ * "generous in what you accept").
+ * Update: Starting in NSS 3.12.6, we handle the renegotiation_info
+ * extension in SSL 3.0.
+ */
+ if (length != 0) {
+ SECItem extensions;
+ rv = ssl3_ConsumeHandshakeVariable(ss, &extensions, 2, &b, &length);
+ if (rv != SECSuccess || length != 0) {
+ if (isTLS)
+ goto alert_loser;
+ } else {
+ rv = ssl3_HandleExtensions(ss, &extensions.data,
+ &extensions.len, server_hello);
+ if (rv != SECSuccess)
+ goto alert_loser;
+ }
+ }
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = tls13_HandleServerHelloPart2(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+ } else {
+ rv = ssl3_HandleServerHelloPart2(ss, &sidBytes, &errCode);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ return SECSuccess;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+
+loser:
+ /* Clean up the temporary pointer to the handshake buffer. */
+ ss->xtnData.signedCertTimestamps.len = 0;
+ ssl_MapLowLevelError(errCode);
+ return SECFailure;
+}
+
+static SECStatus
+ssl3_HandleServerHelloPart2(sslSocket *ss, const SECItem *sidBytes,
+ int *retErrCode)
+{
+ SSL3AlertDescription desc = handshake_failure;
+ int errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
+ SECStatus rv;
+ PRBool sid_match;
+ sslSessionID *sid = ss->sec.ci.sid;
+
+ if ((ss->opt.requireSafeNegotiation ||
+ (ss->firstHsDone && (ss->peerRequestedProtection ||
+ ss->opt.enableRenegotiation ==
+ SSL_RENEGOTIATE_REQUIRES_XTN))) &&
+ !ssl3_ExtensionNegotiated(ss, ssl_renegotiation_info_xtn)) {
+ desc = handshake_failure;
+ errCode = ss->firstHsDone ? SSL_ERROR_RENEGOTIATION_NOT_ALLOWED
+ : SSL_ERROR_UNSAFE_NEGOTIATION;
+ goto alert_loser;
+ }
+
+ /* Any errors after this point are not "malformed" errors. */
+ desc = handshake_failure;
+
+ /* we need to call ssl3_SetupPendingCipherSpec here so we can check the
+ * key exchange algorithm. */
+ rv = ssl3_SetupPendingCipherSpec(ss);
+ if (rv != SECSuccess) {
+ goto alert_loser; /* error code is set. */
+ }
+
+ /* We may or may not have sent a session id, we may get one back or
+ * not and if so it may match the one we sent.
+ * Attempt to restore the master secret to see if this is so...
+ * Don't consider failure to find a matching SID an error.
+ */
+ sid_match = (PRBool)(sidBytes->len > 0 &&
+ sidBytes->len ==
+ sid->u.ssl3.sessionIDLength &&
+ !PORT_Memcmp(sid->u.ssl3.sessionID,
+ sidBytes->data, sidBytes->len));
+
+ if (sid_match) {
+ if (sid->version != ss->version ||
+ sid->u.ssl3.cipherSuite != ss->ssl3.hs.cipher_suite) {
+ errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
+ goto alert_loser;
+ }
+ do {
+ ssl3CipherSpec *pwSpec = ss->ssl3.pwSpec;
+
+ SECItem wrappedMS; /* wrapped master secret. */
+
+ /* [draft-ietf-tls-session-hash-06; Section 5.3]
+ *
+ * o If the original session did not use the "extended_master_secret"
+ * extension but the new ServerHello contains the extension, the
+ * client MUST abort the handshake.
+ */
+ if (!sid->u.ssl3.keys.extendedMasterSecretUsed &&
+ ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn)) {
+ errCode = SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET;
+ goto alert_loser;
+ }
+
+ /*
+ * o If the original session used an extended master secret but the new
+ * ServerHello does not contain the "extended_master_secret"
+ * extension, the client SHOULD abort the handshake.
+ *
+ * TODO(ekr@rtfm.com): Add option to refuse to resume when EMS is not
+ * used at all (bug 1176526).
+ */
+ if (sid->u.ssl3.keys.extendedMasterSecretUsed &&
+ !ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn)) {
+ errCode = SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET;
+ goto alert_loser;
+ }
+
+ ss->sec.authType = sid->authType;
+ ss->sec.authKeyBits = sid->authKeyBits;
+ ss->sec.keaType = sid->keaType;
+ ss->sec.keaKeyBits = sid->keaKeyBits;
+
+ if (sid->u.ssl3.keys.msIsWrapped) {
+ PK11SlotInfo *slot;
+ PK11SymKey *wrapKey; /* wrapping key */
+ CK_FLAGS keyFlags = 0;
+
+ /* unwrap master secret */
+ slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
+ sid->u.ssl3.masterSlotID);
+ if (slot == NULL) {
+ break; /* not considered an error. */
+ }
+ if (!PK11_IsPresent(slot)) {
+ PK11_FreeSlot(slot);
+ break; /* not considered an error. */
+ }
+ wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
+ sid->u.ssl3.masterWrapMech,
+ sid->u.ssl3.masterWrapSeries,
+ ss->pkcs11PinArg);
+ PK11_FreeSlot(slot);
+ if (wrapKey == NULL) {
+ break; /* not considered an error. */
+ }
+
+ if (ss->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
+ keyFlags =
+ CKF_SIGN | CKF_VERIFY;
+ }
+
+ wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
+ wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
+ pwSpec->master_secret =
+ PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech,
+ NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
+ CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
+ errCode = PORT_GetError();
+ PK11_FreeSymKey(wrapKey);
+ if (pwSpec->master_secret == NULL) {
+ break; /* errorCode set just after call to UnwrapSymKey. */
+ }
+ } else {
+ /* need to import the raw master secret to session object */
+ PK11SlotInfo *slot = PK11_GetInternalSlot();
+ wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
+ wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
+ pwSpec->master_secret =
+ PK11_ImportSymKey(slot, CKM_SSL3_MASTER_KEY_DERIVE,
+ PK11_OriginUnwrap, CKA_ENCRYPT,
+ &wrappedMS, NULL);
+ PK11_FreeSlot(slot);
+ if (pwSpec->master_secret == NULL) {
+ break;
+ }
+ }
+
+ /* Got a Match */
+ SSL_AtomicIncrementLong(&ssl3stats.hsh_sid_cache_hits);
+
+ /* If we sent a session ticket, then this is a stateless resume. */
+ if (ss->xtnData.sentSessionTicketInClientHello)
+ SSL_AtomicIncrementLong(&ssl3stats.hsh_sid_stateless_resumes);
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn))
+ ss->ssl3.hs.ws = wait_new_session_ticket;
+ else
+ ss->ssl3.hs.ws = wait_change_cipher;
+
+ ss->ssl3.hs.isResuming = PR_TRUE;
+
+ /* copy the peer cert from the SID */
+ if (sid->peerCert != NULL) {
+ ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
+ }
+
+ /* NULL value for PMS because we are reusing the old MS */
+ rv = ssl3_InitPendingCipherSpec(ss, NULL);
+ if (rv != SECSuccess) {
+ goto alert_loser; /* err code was set */
+ }
+ return SECSuccess;
+ } while (0);
+ }
+
+ if (sid_match)
+ SSL_AtomicIncrementLong(&ssl3stats.hsh_sid_cache_not_ok);
+ else
+ SSL_AtomicIncrementLong(&ssl3stats.hsh_sid_cache_misses);
+
+ /* throw the old one away */
+ sid->u.ssl3.keys.resumable = PR_FALSE;
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+
+ /* get a new sid */
+ ss->sec.ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE);
+ if (sid == NULL) {
+ goto alert_loser; /* memory error is set. */
+ }
+
+ sid->version = ss->version;
+ sid->u.ssl3.sessionIDLength = sidBytes->len;
+ if (sidBytes->len > 0) {
+ PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes->data, sidBytes->len);
+ }
+
+ sid->u.ssl3.keys.extendedMasterSecretUsed =
+ ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn);
+
+ /* Copy Signed Certificate Timestamps, if any. */
+ if (ss->xtnData.signedCertTimestamps.len) {
+ rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.signedCertTimestamps,
+ &ss->xtnData.signedCertTimestamps);
+ ss->xtnData.signedCertTimestamps.len = 0;
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ ss->ssl3.hs.isResuming = PR_FALSE;
+ if (ss->ssl3.hs.kea_def->authKeyType != ssl_auth_null) {
+ /* All current cipher suites other than those with ssl_auth_null (i.e.,
+ * (EC)DH_anon_* suites) require a certificate, so use that signal. */
+ ss->ssl3.hs.ws = wait_server_cert;
+ } else {
+ /* All the remaining cipher suites must be (EC)DH_anon_* and so
+ * must be ephemeral. Note, if we ever add PSK this might
+ * change. */
+ PORT_Assert(ss->ssl3.hs.kea_def->ephemeral);
+ ss->ssl3.hs.ws = wait_server_key;
+ }
+ return SECSuccess;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+
+loser:
+ *retErrCode = errCode;
+ return SECFailure;
+}
+
+static SECStatus
+ssl_HandleDHServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ int errCode = SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH;
+ SSL3AlertDescription desc = illegal_parameter;
+ SSLHashType hashAlg;
+ PRBool isTLS = ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0;
+ SSLSignatureScheme sigScheme;
+
+ SECItem dh_p = { siBuffer, NULL, 0 };
+ SECItem dh_g = { siBuffer, NULL, 0 };
+ SECItem dh_Ys = { siBuffer, NULL, 0 };
+ unsigned dh_p_bits;
+ unsigned dh_g_bits;
+ PRInt32 minDH;
+
+ SSL3Hashes hashes;
+ SECItem signature = { siBuffer, NULL, 0 };
+ PLArenaPool *arena = NULL;
+ SECKEYPublicKey *peerKey = NULL;
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &dh_p, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+
+ rv = NSS_OptionGet(NSS_DH_MIN_KEY_SIZE, &minDH);
+ if (rv != SECSuccess) {
+ minDH = SSL_DH_MIN_P_BITS;
+ }
+ dh_p_bits = SECKEY_BigIntegerBitLength(&dh_p);
+ if (dh_p_bits < minDH) {
+ errCode = SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY;
+ goto alert_loser;
+ }
+ rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+ /* Abort if dh_g is 0, 1, or obviously too big. */
+ dh_g_bits = SECKEY_BigIntegerBitLength(&dh_g);
+ if (dh_g_bits > dh_p_bits || dh_g_bits <= 1) {
+ goto alert_loser;
+ }
+ if (ss->opt.requireDHENamedGroups) {
+ /* If we're doing named groups, make sure it's good. */
+ rv = ssl_ValidateDHENamedGroup(ss, &dh_p, &dh_g, NULL, NULL);
+ if (rv != SECSuccess) {
+ errCode = SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY;
+ goto alert_loser;
+ }
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+ if (!ssl_IsValidDHEShare(&dh_p, &dh_Ys)) {
+ errCode = SSL_ERROR_RX_MALFORMED_DHE_KEY_SHARE;
+ goto alert_loser;
+ }
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
+ rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed or unsupported. */
+ }
+ rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme,
+ ss->sec.peerCert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
+ } else {
+ /* Use ssl_hash_none to represent the MD5+SHA1 combo. */
+ hashAlg = ssl_hash_none;
+ sigScheme = ssl_sig_none;
+ }
+ rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+ if (length != 0) {
+ if (isTLS) {
+ desc = decode_error;
+ }
+ goto alert_loser; /* malformed. */
+ }
+
+ PRINT_BUF(60, (NULL, "Server DH p", dh_p.data, dh_p.len));
+ PRINT_BUF(60, (NULL, "Server DH g", dh_g.data, dh_g.len));
+ PRINT_BUF(60, (NULL, "Server DH Ys", dh_Ys.data, dh_Ys.len));
+
+ /* failures after this point are not malformed handshakes. */
+ /* TLS: send decrypt_error if signature failed. */
+ desc = isTLS ? decrypt_error : handshake_failure;
+
+ /*
+ * Check to make sure the hash is signed by right guy.
+ */
+ rv = ssl3_ComputeDHKeyHash(ss, hashAlg, &hashes,
+ dh_p, dh_g, dh_Ys, PR_FALSE /* padY */);
+ if (rv != SECSuccess) {
+ errCode =
+ ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ goto alert_loser;
+ }
+ rv = ssl3_VerifySignedHashes(ss, sigScheme, &hashes, &signature);
+ if (rv != SECSuccess) {
+ errCode =
+ ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ goto alert_loser;
+ }
+
+ /*
+ * we really need to build a new key here because we can no longer
+ * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
+ * pkcs11 slots and ID's.
+ */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ errCode = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+
+ peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
+ if (peerKey == NULL) {
+ errCode = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+
+ peerKey->arena = arena;
+ peerKey->keyType = dhKey;
+ peerKey->pkcs11Slot = NULL;
+ peerKey->pkcs11ID = CK_INVALID_HANDLE;
+
+ if (SECITEM_CopyItem(arena, &peerKey->u.dh.prime, &dh_p) ||
+ SECITEM_CopyItem(arena, &peerKey->u.dh.base, &dh_g) ||
+ SECITEM_CopyItem(arena, &peerKey->u.dh.publicValue, &dh_Ys)) {
+ errCode = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+ ss->sec.peerKey = peerKey;
+ return SECSuccess;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ PORT_SetError(ssl_MapLowLevelError(errCode));
+ return SECFailure;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered a
+ * complete ssl3 ServerKeyExchange message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle server_key_exchange handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->ssl3.hs.ws != wait_server_key) {
+ SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
+ return SECFailure;
+ }
+
+ switch (ss->ssl3.hs.kea_def->exchKeyType) {
+ case ssl_kea_dh:
+ rv = ssl_HandleDHServerKeyExchange(ss, b, length);
+ break;
+
+ case ssl_kea_ecdh:
+ rv = ssl3_HandleECDHServerKeyExchange(ss, b, length);
+ break;
+
+ default:
+ SSL3_SendAlert(ss, alert_fatal, handshake_failure);
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+ rv = SECFailure;
+ break;
+ }
+
+ if (rv == SECSuccess) {
+ ss->ssl3.hs.ws = wait_cert_request;
+ }
+ /* All Handle*ServerKeyExchange functions set the error code. */
+ return rv;
+}
+
+typedef struct dnameNode {
+ struct dnameNode *next;
+ SECItem name;
+} dnameNode;
+
+/*
+ * Parse the ca_list structure in a CertificateRequest.
+ *
+ * Called from:
+ * ssl3_HandleCertificateRequest
+ * tls13_HandleCertificateRequest
+ */
+SECStatus
+ssl3_ParseCertificateRequestCAs(sslSocket *ss, SSL3Opaque **b, PRUint32 *length,
+ PLArenaPool *arena, CERTDistNames *ca_list)
+{
+ PRInt32 remaining;
+ int nnames = 0;
+ dnameNode *node;
+ int i;
+
+ remaining = ssl3_ConsumeHandshakeNumber(ss, 2, b, length);
+ if (remaining < 0)
+ return SECFailure; /* malformed, alert has been sent */
+
+ if ((PRUint32)remaining > *length)
+ goto alert_loser;
+
+ ca_list->head = node = PORT_ArenaZNew(arena, dnameNode);
+ if (node == NULL)
+ goto no_mem;
+
+ while (remaining > 0) {
+ PRInt32 len;
+
+ if (remaining < 2)
+ goto alert_loser; /* malformed */
+
+ node->name.len = len = ssl3_ConsumeHandshakeNumber(ss, 2, b, length);
+ if (len <= 0)
+ return SECFailure; /* malformed, alert has been sent */
+
+ remaining -= 2;
+ if (remaining < len)
+ goto alert_loser; /* malformed */
+
+ node->name.data = *b;
+ *b += len;
+ *length -= len;
+ remaining -= len;
+ nnames++;
+ if (remaining <= 0)
+ break; /* success */
+
+ node->next = PORT_ArenaZNew(arena, dnameNode);
+ node = node->next;
+ if (node == NULL)
+ goto no_mem;
+ }
+
+ ca_list->nnames = nnames;
+ ca_list->names = PORT_ArenaNewArray(arena, SECItem, nnames);
+ if (nnames > 0 && ca_list->names == NULL)
+ goto no_mem;
+
+ for (i = 0, node = (dnameNode *)ca_list->head;
+ i < nnames;
+ i++, node = node->next) {
+ ca_list->names[i] = node->name;
+ }
+
+ return SECSuccess;
+
+no_mem:
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal,
+ ss->version < SSL_LIBRARY_VERSION_TLS_1_0 ? illegal_parameter
+ : decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_REQUEST);
+ return SECFailure;
+}
+
+SECStatus
+ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
+ SSLSignatureScheme **schemesOut,
+ unsigned int *numSchemesOut,
+ unsigned char **b, unsigned int *len)
+{
+ SECStatus rv;
+ SECItem buf;
+ SSLSignatureScheme *schemes;
+ unsigned int numSchemes = 0;
+ unsigned int max;
+
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &buf, 2, b, len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ /* An empty or odd-length value is invalid. */
+ if (buf.len == 0 || (buf.len & 1) != 0) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ return SECFailure;
+ }
+
+ /* Limit the number of schemes we read. */
+ max = PR_MIN(buf.len / 2, MAX_SIGNATURE_SCHEMES);
+
+ if (arena) {
+ schemes = PORT_ArenaZNewArray(arena, SSLSignatureScheme, max);
+ } else {
+ schemes = PORT_ZNewArray(SSLSignatureScheme, max);
+ }
+ if (!schemes) {
+ ssl3_ExtSendAlert(ss, alert_fatal, internal_error);
+ return SECFailure;
+ }
+
+ for (; max; --max) {
+ PRInt32 tmp;
+ tmp = ssl3_ExtConsumeHandshakeNumber(ss, 2, &buf.data, &buf.len);
+ if (tmp < 0) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
+ schemes[numSchemes++] = (SSLSignatureScheme)tmp;
+ }
+ }
+
+ if (!numSchemes) {
+ if (!arena) {
+ PORT_Free(schemes);
+ }
+ schemes = NULL;
+ }
+
+ *schemesOut = schemes;
+ *numSchemesOut = numSchemes;
+ return SECSuccess;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 Certificate Request message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ PLArenaPool *arena = NULL;
+ PRBool isTLS = PR_FALSE;
+ PRBool isTLS12 = PR_FALSE;
+ int errCode = SSL_ERROR_RX_MALFORMED_CERT_REQUEST;
+ SECStatus rv;
+ SSL3AlertDescription desc = illegal_parameter;
+ SECItem cert_types = { siBuffer, NULL, 0 };
+ SSLSignatureScheme *signatureSchemes = NULL;
+ unsigned int signatureSchemeCount = 0;
+ CERTDistNames ca_list;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_request handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->ssl3.hs.ws != wait_cert_request) {
+ desc = unexpected_message;
+ errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
+ goto alert_loser;
+ }
+
+ PORT_Assert(ss->ssl3.clientCertChain == NULL);
+ PORT_Assert(ss->ssl3.clientCertificate == NULL);
+ PORT_Assert(ss->ssl3.clientPrivateKey == NULL);
+
+ isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
+ isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+ rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length);
+ if (rv != SECSuccess)
+ goto loser; /* malformed, alert has been sent */
+
+ arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL)
+ goto no_mem;
+
+ if (isTLS12) {
+ rv = ssl_ParseSignatureSchemes(ss, arena,
+ &signatureSchemes,
+ &signatureSchemeCount,
+ &b, &length);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_REQUEST);
+ goto loser; /* malformed, alert has been sent */
+ }
+ }
+
+ rv = ssl3_ParseCertificateRequestCAs(ss, &b, &length, arena, &ca_list);
+ if (rv != SECSuccess)
+ goto done; /* alert sent in ssl3_ParseCertificateRequestCAs */
+
+ if (length != 0)
+ goto alert_loser; /* malformed */
+
+ ss->ssl3.hs.ws = wait_hello_done;
+
+ rv = ssl3_CompleteHandleCertificateRequest(ss, signatureSchemes,
+ signatureSchemeCount, &ca_list);
+ if (rv == SECFailure) {
+ PORT_Assert(0);
+ errCode = SEC_ERROR_LIBRARY_FAILURE;
+ desc = internal_error;
+ goto alert_loser;
+ }
+ goto done;
+
+no_mem:
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto done;
+
+alert_loser:
+ if (isTLS && desc == illegal_parameter)
+ desc = decode_error;
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+loser:
+ PORT_SetError(errCode);
+ rv = SECFailure;
+done:
+ if (arena != NULL)
+ PORT_FreeArena(arena, PR_FALSE);
+ return rv;
+}
+
+SECStatus
+ssl3_CompleteHandleCertificateRequest(sslSocket *ss,
+ const SSLSignatureScheme *signatureSchemes,
+ unsigned int signatureSchemeCount,
+ CERTDistNames *ca_list)
+{
+ SECStatus rv;
+
+ if (ss->getClientAuthData != NULL) {
+ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all) ==
+ ssl_preinfo_all);
+ /* XXX Should pass cert_types and algorithms in this call!! */
+ rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg,
+ ss->fd, ca_list,
+ &ss->ssl3.clientCertificate,
+ &ss->ssl3.clientPrivateKey);
+ } else {
+ rv = SECFailure; /* force it to send a no_certificate alert */
+ }
+ switch (rv) {
+ case SECWouldBlock: /* getClientAuthData has put up a dialog box. */
+ ssl3_SetAlwaysBlock(ss);
+ break; /* not an error */
+
+ case SECSuccess:
+ /* check what the callback function returned */
+ if ((!ss->ssl3.clientCertificate) || (!ss->ssl3.clientPrivateKey)) {
+ /* we are missing either the key or cert */
+ if (ss->ssl3.clientCertificate) {
+ /* got a cert, but no key - free it */
+ CERT_DestroyCertificate(ss->ssl3.clientCertificate);
+ ss->ssl3.clientCertificate = NULL;
+ }
+ if (ss->ssl3.clientPrivateKey) {
+ /* got a key, but no cert - free it */
+ SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+ ss->ssl3.clientPrivateKey = NULL;
+ }
+ goto send_no_certificate;
+ }
+ /* Setting ssl3.clientCertChain non-NULL will cause
+ * ssl3_HandleServerHelloDone to call SendCertificate.
+ */
+ ss->ssl3.clientCertChain = CERT_CertChainFromCert(
+ ss->ssl3.clientCertificate,
+ certUsageSSLClient, PR_FALSE);
+ if (ss->ssl3.clientCertChain == NULL) {
+ CERT_DestroyCertificate(ss->ssl3.clientCertificate);
+ ss->ssl3.clientCertificate = NULL;
+ SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+ ss->ssl3.clientPrivateKey = NULL;
+ goto send_no_certificate;
+ }
+ if (ss->ssl3.hs.hashType == handshake_hash_record ||
+ ss->ssl3.hs.hashType == handshake_hash_single) {
+ rv = ssl_PickClientSignatureScheme(ss, signatureSchemes,
+ signatureSchemeCount);
+ }
+ break; /* not an error */
+
+ case SECFailure:
+ default:
+ send_no_certificate:
+ if (ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0) {
+ ss->ssl3.sendEmptyCert = PR_TRUE;
+ } else {
+ (void)SSL3_SendAlert(ss, alert_warning, no_certificate);
+ }
+ rv = SECSuccess;
+ break;
+ }
+
+ return rv;
+}
+
+static SECStatus
+ssl3_CheckFalseStart(sslSocket *ss)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(!ss->ssl3.hs.authCertificatePending);
+ PORT_Assert(!ss->ssl3.hs.canFalseStart);
+
+ if (!ss->canFalseStartCallback) {
+ SSL_TRC(3, ("%d: SSL[%d]: no false start callback so no false start",
+ SSL_GETPID(), ss->fd));
+ } else {
+ PRBool maybeFalseStart;
+ SECStatus rv;
+
+ /* An attacker can control the selected ciphersuite so we only wish to
+ * do False Start in the case that the selected ciphersuite is
+ * sufficiently strong that the attack can gain no advantage.
+ * Therefore we always require an 80-bit cipher. */
+ ssl_GetSpecReadLock(ss);
+ maybeFalseStart = ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10;
+ ssl_ReleaseSpecReadLock(ss);
+
+ if (!maybeFalseStart) {
+ SSL_TRC(3, ("%d: SSL[%d]: no false start due to weak cipher",
+ SSL_GETPID(), ss->fd));
+ } else {
+ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all) ==
+ ssl_preinfo_all);
+ rv = (ss->canFalseStartCallback)(ss->fd,
+ ss->canFalseStartCallbackData,
+ &ss->ssl3.hs.canFalseStart);
+ if (rv == SECSuccess) {
+ SSL_TRC(3, ("%d: SSL[%d]: false start callback returned %s",
+ SSL_GETPID(), ss->fd,
+ ss->ssl3.hs.canFalseStart ? "TRUE"
+ : "FALSE"));
+ } else {
+ SSL_TRC(3, ("%d: SSL[%d]: false start callback failed (%s)",
+ SSL_GETPID(), ss->fd,
+ PR_ErrorToName(PR_GetError())));
+ }
+ return rv;
+ }
+ }
+
+ ss->ssl3.hs.canFalseStart = PR_FALSE;
+ return SECSuccess;
+}
+
+PRBool
+ssl3_WaitingForServerSecondRound(sslSocket *ss)
+{
+ PRBool result;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ switch (ss->ssl3.hs.ws) {
+ case wait_new_session_ticket:
+ case wait_change_cipher:
+ case wait_finished:
+ result = PR_TRUE;
+ break;
+ default:
+ result = PR_FALSE;
+ break;
+ }
+
+ return result;
+}
+
+static SECStatus ssl3_SendClientSecondRound(sslSocket *ss);
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 Server Hello Done message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleServerHelloDone(sslSocket *ss)
+{
+ SECStatus rv;
+ SSL3WaitState ws = ss->ssl3.hs.ws;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello_done handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ /* Skipping CertificateRequest is always permitted. */
+ if (ws != wait_hello_done &&
+ ws != wait_cert_request) {
+ SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
+ return SECFailure;
+ }
+
+ rv = ssl3_SendClientSecondRound(ss);
+
+ return rv;
+}
+
+/* Called from ssl3_HandleServerHelloDone and ssl3_AuthCertificateComplete.
+ *
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_SendClientSecondRound(sslSocket *ss)
+{
+ SECStatus rv;
+ PRBool sendClientCert;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ sendClientCert = !ss->ssl3.sendEmptyCert &&
+ ss->ssl3.clientCertChain != NULL &&
+ ss->ssl3.clientPrivateKey != NULL;
+
+ /* We must wait for the server's certificate to be authenticated before
+ * sending the client certificate in order to disclosing the client
+ * certificate to an attacker that does not have a valid cert for the
+ * domain we are connecting to.
+ *
+ * XXX: We should do the same for the NPN extension, but for that we
+ * need an option to give the application the ability to leak the NPN
+ * information to get better performance.
+ *
+ * During the initial handshake on a connection, we never send/receive
+ * application data until we have authenticated the server's certificate;
+ * i.e. we have fully authenticated the handshake before using the cipher
+ * specs agreed upon for that handshake. During a renegotiation, we may
+ * continue sending and receiving application data during the handshake
+ * interleaved with the handshake records. If we were to send the client's
+ * second round for a renegotiation before the server's certificate was
+ * authenticated, then the application data sent/received after this point
+ * would be using cipher spec that hadn't been authenticated. By waiting
+ * until the server's certificate has been authenticated during
+ * renegotiations, we ensure that renegotiations have the same property
+ * as initial handshakes; i.e. we have fully authenticated the handshake
+ * before using the cipher specs agreed upon for that handshake for
+ * application data.
+ */
+ if (ss->ssl3.hs.restartTarget) {
+ PR_NOT_REACHED("unexpected ss->ssl3.hs.restartTarget");
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (ss->ssl3.hs.authCertificatePending &&
+ (sendClientCert || ss->ssl3.sendEmptyCert || ss->firstHsDone)) {
+ SSL_TRC(3, ("%d: SSL3[%p]: deferring ssl3_SendClientSecondRound because"
+ " certificate authentication is still pending.",
+ SSL_GETPID(), ss->fd));
+ ss->ssl3.hs.restartTarget = ssl3_SendClientSecondRound;
+ return SECWouldBlock;
+ }
+
+ ssl_GetXmitBufLock(ss); /*******************************/
+
+ if (ss->ssl3.sendEmptyCert) {
+ ss->ssl3.sendEmptyCert = PR_FALSE;
+ rv = ssl3_SendEmptyCertificate(ss);
+ /* Don't send verify */
+ if (rv != SECSuccess) {
+ goto loser; /* error code is set. */
+ }
+ } else if (sendClientCert) {
+ rv = ssl3_SendCertificate(ss);
+ if (rv != SECSuccess) {
+ goto loser; /* error code is set. */
+ }
+ }
+
+ rv = ssl3_SendClientKeyExchange(ss);
+ if (rv != SECSuccess) {
+ goto loser; /* err is set. */
+ }
+
+ if (sendClientCert) {
+ rv = ssl3_SendCertificateVerify(ss, ss->ssl3.clientPrivateKey);
+ SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+ ss->ssl3.clientPrivateKey = NULL;
+ if (rv != SECSuccess) {
+ goto loser; /* err is set. */
+ }
+ }
+
+ rv = ssl3_SendChangeCipherSpecs(ss);
+ if (rv != SECSuccess) {
+ goto loser; /* err code was set. */
+ }
+
+ /* This must be done after we've set ss->ssl3.cwSpec in
+ * ssl3_SendChangeCipherSpecs because SSL_GetChannelInfo uses information
+ * from cwSpec. This must be done before we call ssl3_CheckFalseStart
+ * because the false start callback (if any) may need the information from
+ * the functions that depend on this being set.
+ */
+ ss->enoughFirstHsDone = PR_TRUE;
+
+ if (!ss->firstHsDone) {
+ /* XXX: If the server's certificate hasn't been authenticated by this
+ * point, then we may be leaking this NPN message to an attacker.
+ */
+ rv = ssl3_SendNextProto(ss);
+ if (rv != SECSuccess) {
+ goto loser; /* err code was set. */
+ }
+
+ if (ss->opt.enableFalseStart) {
+ if (!ss->ssl3.hs.authCertificatePending) {
+ /* When we fix bug 589047, we will need to know whether we are
+ * false starting before we try to flush the client second
+ * round to the network. With that in mind, we purposefully
+ * call ssl3_CheckFalseStart before calling ssl3_SendFinished,
+ * which includes a call to ssl3_FlushHandshake, so that
+ * no application develops a reliance on such flushing being
+ * done before its false start callback is called.
+ */
+ ssl_ReleaseXmitBufLock(ss);
+ rv = ssl3_CheckFalseStart(ss);
+ ssl_GetXmitBufLock(ss);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ } else {
+ /* The certificate authentication and the server's Finished
+ * message are racing each other. If the certificate
+ * authentication wins, then we will try to false start in
+ * ssl3_AuthCertificateComplete.
+ */
+ SSL_TRC(3, ("%d: SSL3[%p]: deferring false start check because"
+ " certificate authentication is still pending.",
+ SSL_GETPID(), ss->fd));
+ }
+ }
+ }
+
+ rv = ssl3_SendFinished(ss, 0);
+ if (rv != SECSuccess) {
+ goto loser; /* err code was set. */
+ }
+
+ ssl_ReleaseXmitBufLock(ss); /*******************************/
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn))
+ ss->ssl3.hs.ws = wait_new_session_ticket;
+ else
+ ss->ssl3.hs.ws = wait_change_cipher;
+
+ PORT_Assert(ssl3_WaitingForServerSecondRound(ss));
+
+ return SECSuccess;
+
+loser:
+ ssl_ReleaseXmitBufLock(ss);
+ return rv;
+}
+
+/*
+ * Routines used by servers
+ */
+static SECStatus
+ssl3_SendHelloRequest(sslSocket *ss)
+{
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send hello_request handshake", SSL_GETPID(),
+ ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ rv = ssl3_AppendHandshakeHeader(ss, hello_request, 0);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake */
+ }
+ rv = ssl3_FlushHandshake(ss, 0);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by ssl3_FlushHandshake */
+ }
+ ss->ssl3.hs.ws = wait_client_hello;
+ return SECSuccess;
+}
+
+/*
+ * Called from:
+ * ssl3_HandleClientHello()
+ */
+static SECComparison
+ssl3_ServerNameCompare(const SECItem *name1, const SECItem *name2)
+{
+ if (!name1 != !name2) {
+ return SECLessThan;
+ }
+ if (!name1) {
+ return SECEqual;
+ }
+ if (name1->type != name2->type) {
+ return SECLessThan;
+ }
+ return SECITEM_CompareItem(name1, name2);
+}
+
+/* Sets memory error when returning NULL.
+ * Called from:
+ * ssl3_SendClientHello()
+ * ssl3_HandleServerHello()
+ * ssl3_HandleClientHello()
+ * ssl3_HandleV2ClientHello()
+ */
+sslSessionID *
+ssl3_NewSessionID(sslSocket *ss, PRBool is_server)
+{
+ sslSessionID *sid;
+
+ sid = PORT_ZNew(sslSessionID);
+ if (sid == NULL)
+ return sid;
+
+ if (is_server) {
+ const SECItem *srvName;
+ SECStatus rv = SECSuccess;
+
+ ssl_GetSpecReadLock(ss); /********************************/
+ srvName = &ss->ssl3.hs.srvVirtName;
+ if (srvName->len && srvName->data) {
+ rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.srvName, srvName);
+ }
+ ssl_ReleaseSpecReadLock(ss); /************************************/
+ if (rv != SECSuccess) {
+ PORT_Free(sid);
+ return NULL;
+ }
+ }
+ sid->peerID = (ss->peerID == NULL) ? NULL : PORT_Strdup(ss->peerID);
+ sid->urlSvrName = (ss->url == NULL) ? NULL : PORT_Strdup(ss->url);
+ sid->addr = ss->sec.ci.peer;
+ sid->port = ss->sec.ci.port;
+ sid->references = 1;
+ sid->cached = never_cached;
+ sid->version = ss->version;
+
+ sid->u.ssl3.keys.resumable = PR_TRUE;
+ sid->u.ssl3.policy = SSL_ALLOWED;
+ sid->u.ssl3.clientWriteKey = NULL;
+ sid->u.ssl3.serverWriteKey = NULL;
+ sid->u.ssl3.keys.extendedMasterSecretUsed = PR_FALSE;
+
+ if (is_server) {
+ SECStatus rv;
+ int pid = SSL_GETPID();
+
+ sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;
+ sid->u.ssl3.sessionID[0] = (pid >> 8) & 0xff;
+ sid->u.ssl3.sessionID[1] = pid & 0xff;
+ rv = PK11_GenerateRandom(sid->u.ssl3.sessionID + 2,
+ SSL3_SESSIONID_BYTES - 2);
+ if (rv != SECSuccess) {
+ ssl_FreeSID(sid);
+ ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
+ return NULL;
+ }
+ }
+ return sid;
+}
+
+/* Called from: ssl3_HandleClientHello, ssl3_HandleV2ClientHello */
+static SECStatus
+ssl3_SendServerHelloSequence(sslSocket *ss)
+{
+ const ssl3KEADef *kea_def;
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: begin send server_hello sequence",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ rv = ssl3_SendServerHello(ss);
+ if (rv != SECSuccess) {
+ return rv; /* err code is set. */
+ }
+ rv = ssl3_SendCertificate(ss);
+ if (rv != SECSuccess) {
+ return rv; /* error code is set. */
+ }
+ rv = ssl3_SendCertificateStatus(ss);
+ if (rv != SECSuccess) {
+ return rv; /* error code is set. */
+ }
+ /* We have to do this after the call to ssl3_SendServerHello,
+ * because kea_def is set up by ssl3_SendServerHello().
+ */
+ kea_def = ss->ssl3.hs.kea_def;
+
+ if (kea_def->ephemeral) {
+ rv = ssl3_SendServerKeyExchange(ss);
+ if (rv != SECSuccess) {
+ return rv; /* err code was set. */
+ }
+ }
+
+ if (ss->opt.requestCertificate) {
+ rv = ssl3_SendCertificateRequest(ss);
+ if (rv != SECSuccess) {
+ return rv; /* err code is set. */
+ }
+ }
+ rv = ssl3_SendServerHelloDone(ss);
+ if (rv != SECSuccess) {
+ return rv; /* err code is set. */
+ }
+
+ ss->ssl3.hs.ws = (ss->opt.requestCertificate) ? wait_client_cert
+ : wait_client_key;
+ return SECSuccess;
+}
+
+/* An empty TLS Renegotiation Info (RI) extension */
+static const PRUint8 emptyRIext[5] = { 0xff, 0x01, 0x00, 0x01, 0x00 };
+
+static PRBool
+ssl3_KEASupportsTickets(const ssl3KEADef *kea_def)
+{
+ if (kea_def->signKeyType == dsaKey) {
+ /* TODO: Fix session tickets for DSS. The server code rejects the
+ * session ticket received from the client. Bug 1174677 */
+ return PR_FALSE;
+ }
+ return PR_TRUE;
+}
+
+/* Select a cipher suite.
+**
+** NOTE: This suite selection algorithm should be the same as the one in
+** ssl3_HandleV2ClientHello().
+**
+** If TLS 1.0 is enabled, we could handle the case where the client
+** offered TLS 1.1 but offered only export cipher suites by choosing TLS
+** 1.0 and selecting one of those export cipher suites. However, a secure
+** TLS 1.1 client should not have export cipher suites enabled at all,
+** and a TLS 1.1 client should definitely not be offering *only* export
+** cipher suites. Therefore, we refuse to negotiate export cipher suites
+** with any client that indicates support for TLS 1.1 or higher when we
+** (the server) have TLS 1.1 support enabled.
+*/
+SECStatus
+ssl3_NegotiateCipherSuite(sslSocket *ss, const SECItem *suites,
+ PRBool initHashes)
+{
+ int j;
+ int i;
+
+ for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
+ ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
+ SSLVersionRange vrange = { ss->version, ss->version };
+ if (!config_match(suite, ss->ssl3.policy, &vrange, ss)) {
+ continue;
+ }
+ for (i = 0; i + 1 < suites->len; i += 2) {
+ PRUint16 suite_i = (suites->data[i] << 8) | suites->data[i + 1];
+ if (suite_i == suite->cipher_suite) {
+ return ssl3_SetCipherSuite(ss, suite_i, initHashes);
+ }
+ }
+ }
+ return SECFailure;
+}
+
+/*
+ * Call the SNI config hook.
+ *
+ * Called from:
+ * ssl3_HandleClientHello
+ * tls13_HandleClientHelloPart2
+ */
+SECStatus
+ssl3_ServerCallSNICallback(sslSocket *ss)
+{
+ int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ SSL3AlertDescription desc = illegal_parameter;
+ int ret = 0;
+
+#ifdef SSL_SNI_ALLOW_NAME_CHANGE_2HS
+#error("No longer allowed to set SSL_SNI_ALLOW_NAME_CHANGE_2HS")
+#endif
+ if (!ssl3_ExtensionNegotiated(ss, ssl_server_name_xtn)) {
+ if (ss->firstHsDone) {
+ /* Check that we don't have the name is current spec
+ * if this extension was not negotiated on the 2d hs. */
+ PRBool passed = PR_TRUE;
+ ssl_GetSpecReadLock(ss); /*******************************/
+ if (ss->ssl3.hs.srvVirtName.data) {
+ passed = PR_FALSE;
+ }
+ ssl_ReleaseSpecReadLock(ss); /***************************/
+ if (!passed) {
+ errCode = SSL_ERROR_UNRECOGNIZED_NAME_ALERT;
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+ }
+ return SECSuccess;
+ }
+
+ if (ss->sniSocketConfig)
+ do { /* not a loop */
+ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all) ==
+ ssl_preinfo_all);
+
+ ret = SSL_SNI_SEND_ALERT;
+ /* If extension is negotiated, the len of names should > 0. */
+ if (ss->xtnData.sniNameArrSize) {
+ /* Calling client callback to reconfigure the socket. */
+ ret = (SECStatus)(*ss->sniSocketConfig)(ss->fd,
+ ss->xtnData.sniNameArr,
+ ss->xtnData.sniNameArrSize,
+ ss->sniSocketConfigArg);
+ }
+ if (ret <= SSL_SNI_SEND_ALERT) {
+ /* Application does not know the name or was not able to
+ * properly reconfigure the socket. */
+ errCode = SSL_ERROR_UNRECOGNIZED_NAME_ALERT;
+ desc = unrecognized_name;
+ break;
+ } else if (ret == SSL_SNI_CURRENT_CONFIG_IS_USED) {
+ SECStatus rv = SECSuccess;
+ SECItem pwsNameBuf = { 0, NULL, 0 };
+ SECItem *pwsName = &pwsNameBuf;
+ SECItem *cwsName;
+
+ ssl_GetSpecWriteLock(ss); /*******************************/
+ cwsName = &ss->ssl3.hs.srvVirtName;
+ /* not allow name change on the 2d HS */
+ if (ss->firstHsDone) {
+ if (ssl3_ServerNameCompare(pwsName, cwsName)) {
+ ssl_ReleaseSpecWriteLock(ss); /******************/
+ errCode = SSL_ERROR_UNRECOGNIZED_NAME_ALERT;
+ desc = handshake_failure;
+ ret = SSL_SNI_SEND_ALERT;
+ break;
+ }
+ }
+ if (pwsName->data) {
+ SECITEM_FreeItem(pwsName, PR_FALSE);
+ }
+ if (cwsName->data) {
+ rv = SECITEM_CopyItem(NULL, pwsName, cwsName);
+ }
+ ssl_ReleaseSpecWriteLock(ss); /**************************/
+ if (rv != SECSuccess) {
+ errCode = SSL_ERROR_INTERNAL_ERROR_ALERT;
+ desc = internal_error;
+ ret = SSL_SNI_SEND_ALERT;
+ break;
+ }
+ } else if ((unsigned int)ret < ss->xtnData.sniNameArrSize) {
+ /* Application has configured new socket info. Lets check it
+ * and save the name. */
+ SECStatus rv;
+ SECItem *name = &ss->xtnData.sniNameArr[ret];
+ int configedCiphers;
+ SECItem *pwsName;
+
+ /* get rid of the old name and save the newly picked. */
+ /* This code is protected by ssl3HandshakeLock. */
+ ssl_GetSpecWriteLock(ss); /*******************************/
+ /* not allow name change on the 2d HS */
+ if (ss->firstHsDone) {
+ SECItem *cwsName = &ss->ssl3.hs.srvVirtName;
+ if (ssl3_ServerNameCompare(name, cwsName)) {
+ ssl_ReleaseSpecWriteLock(ss); /******************/
+ errCode = SSL_ERROR_UNRECOGNIZED_NAME_ALERT;
+ desc = handshake_failure;
+ ret = SSL_SNI_SEND_ALERT;
+ break;
+ }
+ }
+ pwsName = &ss->ssl3.hs.srvVirtName;
+ if (pwsName->data) {
+ SECITEM_FreeItem(pwsName, PR_FALSE);
+ }
+ rv = SECITEM_CopyItem(NULL, pwsName, name);
+ ssl_ReleaseSpecWriteLock(ss); /***************************/
+ if (rv != SECSuccess) {
+ errCode = SSL_ERROR_INTERNAL_ERROR_ALERT;
+ desc = internal_error;
+ ret = SSL_SNI_SEND_ALERT;
+ break;
+ }
+ configedCiphers = ssl3_config_match_init(ss);
+ if (configedCiphers <= 0) {
+ /* no ciphers are working/supported */
+ errCode = PORT_GetError();
+ desc = handshake_failure;
+ ret = SSL_SNI_SEND_ALERT;
+ break;
+ }
+ /* Need to tell the client that application has picked
+ * the name from the offered list and reconfigured the socket.
+ */
+ ssl3_RegisterExtensionSender(ss, &ss->xtnData, ssl_server_name_xtn,
+ ssl3_SendServerNameXtn);
+ } else {
+ /* Callback returned index outside of the boundary. */
+ PORT_Assert((unsigned int)ret < ss->xtnData.sniNameArrSize);
+ errCode = SSL_ERROR_INTERNAL_ERROR_ALERT;
+ desc = internal_error;
+ ret = SSL_SNI_SEND_ALERT;
+ break;
+ }
+ } while (0);
+ ssl3_FreeSniNameArray(&ss->xtnData);
+ if (ret <= SSL_SNI_SEND_ALERT) {
+ /* desc and errCode should be set. */
+ goto alert_loser;
+ }
+
+ return SECSuccess;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+ PORT_SetError(errCode);
+ return SECFailure;
+}
+
+SECStatus
+ssl3_SelectServerCert(sslSocket *ss)
+{
+ const ssl3KEADef *kea_def = ss->ssl3.hs.kea_def;
+ PRCList *cursor;
+
+ /* If the client didn't include the supported groups extension, assume just
+ * P-256 support and disable all the other ECDHE groups. This also affects
+ * ECDHE group selection, but this function is called first. */
+ if (!ssl3_ExtensionNegotiated(ss, ssl_supported_groups_xtn)) {
+ unsigned int i;
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ss->namedGroupPreferences[i] &&
+ ss->namedGroupPreferences[i]->keaType == ssl_kea_ecdh &&
+ ss->namedGroupPreferences[i]->name != ssl_grp_ec_secp256r1) {
+ ss->namedGroupPreferences[i] = NULL;
+ }
+ }
+ }
+
+ /* This picks the first certificate that has:
+ * a) the right authentication method, and
+ * b) the right named curve (EC only)
+ *
+ * We might want to do some sort of ranking here later. For now, it's all
+ * based on what order they are configured in. */
+ for (cursor = PR_NEXT_LINK(&ss->serverCerts);
+ cursor != &ss->serverCerts;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslServerCert *cert = (sslServerCert *)cursor;
+ if (cert->certType.authType != kea_def->authKeyType) {
+ continue;
+ }
+ if ((cert->certType.authType == ssl_auth_ecdsa ||
+ cert->certType.authType == ssl_auth_ecdh_rsa ||
+ cert->certType.authType == ssl_auth_ecdh_ecdsa) &&
+ !ssl_NamedGroupEnabled(ss, cert->certType.namedCurve)) {
+ continue;
+ }
+
+ /* Found one. */
+ ss->sec.serverCert = cert;
+ ss->sec.authType = cert->certType.authType;
+ ss->sec.authKeyBits = cert->serverKeyBits;
+
+ /* Don't pick a signature scheme if we aren't going to use it. */
+ if (kea_def->signKeyType == nullKey) {
+ return SECSuccess;
+ }
+ return ssl3_PickServerSignatureScheme(ss);
+ }
+
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return SECFailure;
+}
+
+/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
+ * ssl3 Client Hello message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ sslSessionID *sid = NULL;
+ PRInt32 tmp;
+ unsigned int i;
+ SECStatus rv;
+ int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ SSL3AlertDescription desc = illegal_parameter;
+ SSL3AlertLevel level = alert_fatal;
+ SSL3ProtocolVersion version;
+ TLSExtension *versionExtension;
+ SECItem sidBytes = { siBuffer, NULL, 0 };
+ SECItem cookieBytes = { siBuffer, NULL, 0 };
+ SECItem suites = { siBuffer, NULL, 0 };
+ SECItem comps = { siBuffer, NULL, 0 };
+ PRBool isTLS13;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle client_hello handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->ssl3.initialized);
+ ss->ssl3.hs.preliminaryInfo = 0;
+
+ if (!ss->sec.isServer ||
+ (ss->ssl3.hs.ws != wait_client_hello &&
+ ss->ssl3.hs.ws != idle_handshake)) {
+ desc = unexpected_message;
+ errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
+ goto alert_loser;
+ }
+ if (ss->ssl3.hs.ws == idle_handshake) {
+ /* Refuse re-handshake when we have already negotiated TLS 1.3. */
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ desc = unexpected_message;
+ errCode = SSL_ERROR_RENEGOTIATION_NOT_ALLOWED;
+ goto alert_loser;
+ }
+ if (ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER) {
+ desc = no_renegotiation;
+ level = alert_warning;
+ errCode = SSL_ERROR_RENEGOTIATION_NOT_ALLOWED;
+ goto alert_loser;
+ }
+ }
+
+ /* Get peer name of client */
+ rv = ssl_GetPeerInfo(ss);
+ if (rv != SECSuccess) {
+ return rv; /* error code is set. */
+ }
+
+ /* We might be starting session renegotiation in which case we should
+ * clear previous state.
+ */
+ ssl3_ResetExtensionData(&ss->xtnData);
+ ss->statelessResume = PR_FALSE;
+
+ if (IS_DTLS(ss)) {
+ dtls_RehandshakeCleanup(ss);
+ }
+
+ tmp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
+ if (tmp < 0)
+ goto loser; /* malformed, alert already sent */
+
+ /* Translate the version. */
+ if (IS_DTLS(ss)) {
+ ss->clientHelloVersion = version =
+ dtls_DTLSVersionToTLSVersion((SSL3ProtocolVersion)tmp);
+ } else {
+ ss->clientHelloVersion = version = (SSL3ProtocolVersion)tmp;
+ }
+
+ /* Grab the client random data. */
+ rv = ssl3_ConsumeHandshake(
+ ss, &ss->ssl3.hs.client_random, SSL3_RANDOM_LENGTH, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+
+ /* Grab the client's SID, if present. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+
+ /* Grab the client's cookie, if present. */
+ if (IS_DTLS(ss)) {
+ rv = ssl3_ConsumeHandshakeVariable(ss, &cookieBytes, 1, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+ }
+
+ /* Grab the list of cipher suites. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &suites, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+
+ /* Grab the list of compression methods. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &comps, 1, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+
+ /* Handle TLS hello extensions for SSL3 & TLS. We do not know if
+ * we are restarting a previous session until extensions have been
+ * parsed, since we might have received a SessionTicket extension.
+ * Note: we allow extensions even when negotiating SSL3 for the sake
+ * of interoperability (and backwards compatibility).
+ */
+
+ if (length) {
+ /* Get length of hello extensions */
+ PRInt32 extension_length;
+ extension_length = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
+ if (extension_length < 0) {
+ goto loser; /* alert already sent */
+ }
+ if (extension_length != length) {
+ ssl3_DecodeError(ss); /* send alert */
+ goto loser;
+ }
+
+ rv = ssl3_ParseExtensions(ss, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+ }
+
+ versionExtension = ssl3_FindExtension(ss, ssl_tls13_supported_versions_xtn);
+ if (versionExtension) {
+ rv = tls13_NegotiateVersion(ss, versionExtension);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = (errCode == SSL_ERROR_UNSUPPORTED_VERSION) ? protocol_version : illegal_parameter;
+ goto alert_loser;
+ }
+ } else {
+ /* The PR_MIN here ensures that we never negotiate 1.3 if the
+ * peer didn't offer "supported_versions". */
+ rv = ssl3_NegotiateVersion(ss,
+ PR_MIN(version,
+ SSL_LIBRARY_VERSION_TLS_1_2),
+ PR_TRUE);
+ if (rv != SECSuccess) {
+ desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version
+ : handshake_failure;
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION;
+ goto alert_loser;
+ }
+ }
+ isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
+ ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_version;
+
+ /* You can't resume TLS 1.3 like this. */
+ if (isTLS13 && sidBytes.len) {
+ goto alert_loser;
+ }
+
+ /* Generate the Server Random now so it is available
+ * when we process the ClientKeyShare in TLS 1.3 */
+ rv = ssl3_GetNewRandom(&ss->ssl3.hs.server_random);
+ if (rv != SECSuccess) {
+ errCode = SSL_ERROR_GENERATE_RANDOM_FAILURE;
+ goto loser;
+ }
+
+#ifndef TLS_1_3_DRAFT_VERSION
+ /*
+ * [draft-ietf-tls-tls13-11 Section 6.3.1.1].
+ * TLS 1.3 server implementations which respond to a ClientHello with a
+ * client_version indicating TLS 1.2 or below MUST set the last eight
+ * bytes of their Random value to the bytes:
+ *
+ * 44 4F 57 4E 47 52 44 01
+ *
+ * TLS 1.2 server implementations which respond to a ClientHello with a
+ * client_version indicating TLS 1.1 or below SHOULD set the last eight
+ * bytes of their Random value to the bytes:
+ *
+ * 44 4F 57 4E 47 52 44 00
+ *
+ * TODO(ekr@rtfm.com): Note this change was not added in the SSLv2
+ * compat processing code since that will most likely be removed before
+ * we ship the final version of TLS 1.3. Bug 1306672.
+ */
+ if (ss->vrange.max > ss->version) {
+ unsigned char *downgrade_sentinel =
+ ss->ssl3.hs.server_random.rand +
+ SSL3_RANDOM_LENGTH - sizeof(tls13_downgrade_random);
+
+ switch (ss->vrange.max) {
+ case SSL_LIBRARY_VERSION_TLS_1_3:
+ PORT_Memcpy(downgrade_sentinel,
+ tls13_downgrade_random,
+ sizeof(tls13_downgrade_random));
+ break;
+ case SSL_LIBRARY_VERSION_TLS_1_2:
+ PORT_Memcpy(downgrade_sentinel,
+ tls12_downgrade_random,
+ sizeof(tls12_downgrade_random));
+ break;
+ default:
+ /* Do not change random. */
+ break;
+ }
+ }
+#endif
+
+ /* Now parse the rest of the extensions. */
+ rv = ssl3_HandleParsedExtensions(ss, client_hello);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed */
+ }
+
+ /* If the ClientHello version is less than our maximum version, check for a
+ * TLS_FALLBACK_SCSV and reject the connection if found. */
+ if (ss->vrange.max > ss->clientHelloVersion) {
+ for (i = 0; i + 1 < suites.len; i += 2) {
+ PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
+ if (suite_i != TLS_FALLBACK_SCSV)
+ continue;
+ desc = inappropriate_fallback;
+ errCode = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
+ goto alert_loser;
+ }
+ }
+
+ /* TLS 1.3 requires that compression only include null. */
+ if (isTLS13) {
+ if (comps.len != 1 || comps.data[0] != ssl_compression_null) {
+ goto alert_loser;
+ }
+ }
+
+ if (!ssl3_ExtensionNegotiated(ss, ssl_renegotiation_info_xtn)) {
+ /* If we didn't receive an RI extension, look for the SCSV,
+ * and if found, treat it just like an empty RI extension
+ * by processing a local copy of an empty RI extension.
+ */
+ for (i = 0; i + 1 < suites.len; i += 2) {
+ PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
+ if (suite_i == TLS_EMPTY_RENEGOTIATION_INFO_SCSV) {
+ SSL3Opaque *b2 = (SSL3Opaque *)emptyRIext;
+ PRUint32 L2 = sizeof emptyRIext;
+ (void)ssl3_HandleExtensions(ss, &b2, &L2, client_hello);
+ break;
+ }
+ }
+ }
+ /* This is a second check for TLS 1.3 and re-handshake to stop us
+ * from re-handshake up to TLS 1.3, so it happens after version
+ * negotiation. */
+ if (ss->firstHsDone && ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ desc = unexpected_message;
+ errCode = SSL_ERROR_RENEGOTIATION_NOT_ALLOWED;
+ goto alert_loser;
+ }
+ if (ss->firstHsDone &&
+ (ss->opt.enableRenegotiation == SSL_RENEGOTIATE_REQUIRES_XTN ||
+ ss->opt.enableRenegotiation == SSL_RENEGOTIATE_TRANSITIONAL) &&
+ !ssl3_ExtensionNegotiated(ss, ssl_renegotiation_info_xtn)) {
+ desc = no_renegotiation;
+ level = alert_warning;
+ errCode = SSL_ERROR_RENEGOTIATION_NOT_ALLOWED;
+ goto alert_loser;
+ }
+ if ((ss->opt.requireSafeNegotiation ||
+ (ss->firstHsDone && ss->peerRequestedProtection)) &&
+ !ssl3_ExtensionNegotiated(ss, ssl_renegotiation_info_xtn)) {
+ desc = handshake_failure;
+ errCode = SSL_ERROR_UNSAFE_NEGOTIATION;
+ goto alert_loser;
+ }
+
+ /* We do stateful resumes only if we are in TLS < 1.3 and
+ * either of the following conditions are satisfied:
+ * (1) the client does not support the session ticket extension, or
+ * (2) the client support the session ticket extension, but sent an
+ * empty ticket.
+ */
+ if ((ss->version < SSL_LIBRARY_VERSION_TLS_1_3) &&
+ (!ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn) ||
+ ss->xtnData.emptySessionTicket)) {
+ if (sidBytes.len > 0 && !ss->opt.noCache) {
+ SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
+ SSL_GETPID(), ss->fd, ss->sec.ci.peer.pr_s6_addr32[0],
+ ss->sec.ci.peer.pr_s6_addr32[1],
+ ss->sec.ci.peer.pr_s6_addr32[2],
+ ss->sec.ci.peer.pr_s6_addr32[3]));
+ if (ssl_sid_lookup) {
+ sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sidBytes.data,
+ sidBytes.len, ss->dbHandle);
+ } else {
+ errCode = SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED;
+ goto loser;
+ }
+ }
+ } else if (ss->statelessResume) {
+ /* Fill in the client's session ID if doing a stateless resume.
+ * (When doing stateless resumes, server echos client's SessionID.)
+ * This branch also handles TLS 1.3 resumption-PSK.
+ */
+ sid = ss->sec.ci.sid;
+ PORT_Assert(sid != NULL); /* Should have already been filled in.*/
+
+ if (sidBytes.len > 0 && sidBytes.len <= SSL3_SESSIONID_BYTES) {
+ sid->u.ssl3.sessionIDLength = sidBytes.len;
+ PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data,
+ sidBytes.len);
+ sid->u.ssl3.sessionIDLength = sidBytes.len;
+ } else {
+ sid->u.ssl3.sessionIDLength = 0;
+ }
+ ss->sec.ci.sid = NULL;
+ }
+
+ /* Free a potentially leftover session ID from a previous handshake. */
+ if (ss->sec.ci.sid) {
+ ssl_FreeSID(ss->sec.ci.sid);
+ ss->sec.ci.sid = NULL;
+ }
+
+ if (sid != NULL) {
+ /* We've found a session cache entry for this client.
+ * Now, if we're going to require a client-auth cert,
+ * and we don't already have this client's cert in the session cache,
+ * and this is the first handshake on this connection (not a redo),
+ * then drop this old cache entry and start a new session.
+ */
+ if ((sid->peerCert == NULL) && ss->opt.requestCertificate &&
+ ((ss->opt.requireCertificate == SSL_REQUIRE_ALWAYS) ||
+ (ss->opt.requireCertificate == SSL_REQUIRE_NO_ERROR) ||
+ ((ss->opt.requireCertificate == SSL_REQUIRE_FIRST_HANDSHAKE) &&
+ !ss->firstHsDone))) {
+
+ SSL_AtomicIncrementLong(&ssl3stats.hch_sid_cache_not_ok);
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ sid = NULL;
+ }
+ }
+
+ if (IS_DTLS(ss)) {
+ ssl3_DisableNonDTLSSuites(ss);
+ }
+
+#ifdef PARANOID
+ /* Look for a matching cipher suite. */
+ j = ssl3_config_match_init(ss);
+ if (j <= 0) { /* no ciphers are working/supported by PK11 */
+ errCode = PORT_GetError(); /* error code is already set. */
+ goto alert_loser;
+ }
+#endif
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = tls13_HandleClientHelloPart2(ss, &suites, sid);
+ } else {
+ rv = ssl3_HandleClientHelloPart2(ss, &suites, &comps, sid);
+ }
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+ return SECSuccess;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, level, desc);
+/* FALLTHRU */
+loser:
+ PORT_SetError(errCode);
+ return SECFailure;
+}
+
+static SECStatus
+ssl3_HandleClientHelloPart2(sslSocket *ss,
+ SECItem *suites,
+ SECItem *comps,
+ sslSessionID *sid)
+{
+ PRBool haveSpecWriteLock = PR_FALSE;
+ PRBool haveXmitBufLock = PR_FALSE;
+ int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ SSL3AlertDescription desc = illegal_parameter;
+ SECStatus rv;
+ unsigned int i;
+ int j;
+
+ /* If we already have a session for this client, be sure to pick the
+ ** same cipher suite and compression method we picked before.
+ ** This is not a loop, despite appearances.
+ */
+ if (sid)
+ do {
+ ssl3CipherSuiteCfg *suite;
+#ifdef PARANOID
+ SSLVersionRange vrange = { ss->version, ss->version };
+#endif
+
+ /* Check that the cached compression method is still enabled. */
+ if (!ssl_CompressionEnabled(ss, sid->u.ssl3.compression))
+ break;
+
+ /* Check that the cached compression method is in the client's list */
+ for (i = 0; i < comps->len; i++) {
+ if (comps->data[i] == sid->u.ssl3.compression)
+ break;
+ }
+ if (i == comps->len)
+ break;
+
+ suite = ss->cipherSuites;
+ /* Find the entry for the cipher suite used in the cached session. */
+ for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) {
+ if (suite->cipher_suite == sid->u.ssl3.cipherSuite)
+ break;
+ }
+ PORT_Assert(j > 0);
+ if (j <= 0)
+ break;
+#ifdef PARANOID
+ /* Double check that the cached cipher suite is still enabled,
+ * implemented, and allowed by policy. Might have been disabled.
+ * The product policy won't change during the process lifetime.
+ * Implemented ("isPresent") shouldn't change for servers.
+ */
+ if (!config_match(suite, ss->ssl3.policy, &vrange, ss))
+ break;
+#else
+ if (!suite->enabled)
+ break;
+#endif
+ /* Double check that the cached cipher suite is in the client's
+ * list. If it isn't, fall through and start a new session. */
+ for (i = 0; i + 1 < suites->len; i += 2) {
+ PRUint16 suite_i = (suites->data[i] << 8) | suites->data[i + 1];
+ if (suite_i == suite->cipher_suite) {
+ rv = ssl3_SetCipherSuite(ss, suite_i, PR_TRUE);
+ if (rv != SECSuccess) {
+ desc = internal_error;
+ errCode = PORT_GetError();
+ goto alert_loser;
+ }
+
+ /* Use the cached compression method. */
+ ss->ssl3.hs.compression =
+ sid->u.ssl3.compression;
+ goto compression_found;
+ }
+ }
+ } while (0);
+/* START A NEW SESSION */
+
+#ifndef PARANOID
+ /* Look for a matching cipher suite. */
+ j = ssl3_config_match_init(ss);
+ if (j <= 0) { /* no ciphers are working/supported by PK11 */
+ desc = internal_error;
+ errCode = PORT_GetError(); /* error code is already set. */
+ goto alert_loser;
+ }
+#endif
+
+ rv = ssl3_NegotiateCipherSuite(ss, suites, PR_TRUE);
+ if (rv != SECSuccess) {
+ desc = handshake_failure;
+ errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
+ goto alert_loser;
+ }
+
+ /* Select a compression algorithm. */
+ for (i = 0; i < comps->len; i++) {
+ SSLCompressionMethod method = (SSLCompressionMethod)comps->data[i];
+ if (!ssl_CompressionEnabled(ss, method))
+ continue;
+ for (j = 0; j < ssl_compression_method_count; j++) {
+ if (method == ssl_compression_methods[j]) {
+ ss->ssl3.hs.compression = ssl_compression_methods[j];
+ goto compression_found;
+ }
+ }
+ }
+ errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
+ /* null compression must be supported */
+ goto alert_loser;
+
+compression_found:
+ suites->data = NULL;
+ comps->data = NULL;
+
+ /* If there are any failures while processing the old sid,
+ * we don't consider them to be errors. Instead, We just behave
+ * as if the client had sent us no sid to begin with, and make a new one.
+ * The exception here is attempts to resume extended_master_secret
+ * sessions without the extension, which causes an alert.
+ */
+ if (sid != NULL)
+ do {
+ ssl3CipherSpec *pwSpec;
+ SECItem wrappedMS; /* wrapped key */
+ const sslServerCert *serverCert;
+
+ if (sid->version != ss->version ||
+ sid->u.ssl3.cipherSuite != ss->ssl3.hs.cipher_suite ||
+ sid->u.ssl3.compression != ss->ssl3.hs.compression) {
+ break; /* not an error */
+ }
+
+ serverCert = ssl_FindServerCert(ss, &sid->certType);
+ if (!serverCert || !serverCert->serverCert) {
+ /* A compatible certificate must not have been configured. It
+ * might not be the same certificate, but we only find that out
+ * when the ticket fails to decrypt. */
+ break;
+ }
+
+ /* [draft-ietf-tls-session-hash-06; Section 5.3]
+ * o If the original session did not use the "extended_master_secret"
+ * extension but the new ClientHello contains the extension, then the
+ * server MUST NOT perform the abbreviated handshake. Instead, it
+ * SHOULD continue with a full handshake (as described in
+ * Section 5.2) to negotiate a new session.
+ *
+ * o If the original session used the "extended_master_secret"
+ * extension but the new ClientHello does not contain the extension,
+ * the server MUST abort the abbreviated handshake.
+ */
+ if (ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn)) {
+ if (!sid->u.ssl3.keys.extendedMasterSecretUsed) {
+ break; /* not an error */
+ }
+ } else {
+ if (sid->u.ssl3.keys.extendedMasterSecretUsed) {
+ /* Note: we do not destroy the session */
+ desc = handshake_failure;
+ errCode = SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET;
+ goto alert_loser;
+ }
+ }
+
+ if (ss->sec.ci.sid) {
+ ss->sec.uncache(ss->sec.ci.sid);
+ PORT_Assert(ss->sec.ci.sid != sid); /* should be impossible, but ... */
+ if (ss->sec.ci.sid != sid) {
+ ssl_FreeSID(ss->sec.ci.sid);
+ }
+ ss->sec.ci.sid = NULL;
+ }
+ /* we need to resurrect the master secret.... */
+
+ ssl_GetSpecWriteLock(ss);
+ haveSpecWriteLock = PR_TRUE;
+ pwSpec = ss->ssl3.pwSpec;
+ if (sid->u.ssl3.keys.msIsWrapped) {
+ PK11SymKey *wrapKey; /* wrapping key */
+ CK_FLAGS keyFlags = 0;
+
+ wrapKey = ssl3_GetWrappingKey(ss, NULL, serverCert,
+ sid->u.ssl3.masterWrapMech,
+ ss->pkcs11PinArg);
+ if (!wrapKey) {
+ /* we have a SID cache entry, but no wrapping key for it??? */
+ break;
+ }
+
+ if (ss->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
+ keyFlags = CKF_SIGN | CKF_VERIFY;
+ }
+
+ wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
+ wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
+
+ /* unwrap the master secret. */
+ pwSpec->master_secret =
+ PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech,
+ NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
+ CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
+ PK11_FreeSymKey(wrapKey);
+ if (pwSpec->master_secret == NULL) {
+ break; /* not an error */
+ }
+ } else {
+ /* need to import the raw master secret to session object */
+ PK11SlotInfo *slot;
+ wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
+ wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
+ slot = PK11_GetInternalSlot();
+ pwSpec->master_secret =
+ PK11_ImportSymKey(slot, CKM_SSL3_MASTER_KEY_DERIVE,
+ PK11_OriginUnwrap, CKA_ENCRYPT, &wrappedMS,
+ NULL);
+ PK11_FreeSlot(slot);
+ if (pwSpec->master_secret == NULL) {
+ break; /* not an error */
+ }
+ }
+ ss->sec.ci.sid = sid;
+ if (sid->peerCert != NULL) {
+ ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
+ }
+
+ /*
+ * Old SID passed all tests, so resume this old session.
+ *
+ * XXX make sure compression still matches
+ */
+ SSL_AtomicIncrementLong(&ssl3stats.hch_sid_cache_hits);
+ if (ss->statelessResume)
+ SSL_AtomicIncrementLong(&ssl3stats.hch_sid_stateless_resumes);
+ ss->ssl3.hs.isResuming = PR_TRUE;
+
+ ss->sec.authType = sid->authType;
+ ss->sec.authKeyBits = sid->authKeyBits;
+ ss->sec.keaType = sid->keaType;
+ ss->sec.keaKeyBits = sid->keaKeyBits;
+
+ /* server sids don't remember the server cert we previously sent,
+ ** but they do remember the slot we originally used, so we
+ ** can locate it again, provided that the current ssl socket
+ ** has had its server certs configured the same as the previous one.
+ */
+ ss->sec.serverCert = serverCert;
+ ss->sec.localCert = CERT_DupCertificate(serverCert->serverCert);
+
+ /* Copy cached name in to pending spec */
+ if (sid != NULL &&
+ sid->version > SSL_LIBRARY_VERSION_3_0 &&
+ sid->u.ssl3.srvName.len && sid->u.ssl3.srvName.data) {
+ /* Set server name from sid */
+ SECItem *sidName = &sid->u.ssl3.srvName;
+ SECItem *pwsName = &ss->ssl3.hs.srvVirtName;
+ if (pwsName->data) {
+ SECITEM_FreeItem(pwsName, PR_FALSE);
+ }
+ rv = SECITEM_CopyItem(NULL, pwsName, sidName);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = internal_error;
+ goto alert_loser;
+ }
+ }
+
+ /* Clean up sni name array */
+ ssl3_FreeSniNameArray(&ss->xtnData);
+
+ ssl_GetXmitBufLock(ss);
+ haveXmitBufLock = PR_TRUE;
+
+ rv = ssl3_SendServerHello(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ if (haveSpecWriteLock) {
+ ssl_ReleaseSpecWriteLock(ss);
+ haveSpecWriteLock = PR_FALSE;
+ }
+
+ /* NULL value for PMS because we are re-using the old MS */
+ rv = ssl3_InitPendingCipherSpec(ss, NULL);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ rv = ssl3_SendChangeCipherSpecs(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+ rv = ssl3_SendFinished(ss, 0);
+ ss->ssl3.hs.ws = wait_change_cipher;
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ if (haveXmitBufLock) {
+ ssl_ReleaseXmitBufLock(ss);
+ }
+
+ return SECSuccess;
+ } while (0);
+
+ if (haveSpecWriteLock) {
+ ssl_ReleaseSpecWriteLock(ss);
+ haveSpecWriteLock = PR_FALSE;
+ }
+
+ if (sid) { /* we had a sid, but it's no longer valid, free it */
+ SSL_AtomicIncrementLong(&ssl3stats.hch_sid_cache_not_ok);
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ sid = NULL;
+ }
+ SSL_AtomicIncrementLong(&ssl3stats.hch_sid_cache_misses);
+
+ /* We only send a session ticket extension if the client supports
+ * the extension and we are unable to resume.
+ *
+ * TODO: send a session ticket if performing a stateful
+ * resumption. (As per RFC4507, a server may issue a session
+ * ticket while doing a (stateless or stateful) session resume,
+ * but OpenSSL-0.9.8g does not accept session tickets while
+ * resuming.)
+ */
+ if (ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn) &&
+ ssl3_KEASupportsTickets(ss->ssl3.hs.kea_def)) {
+ ssl3_RegisterExtensionSender(ss, &ss->xtnData,
+ ssl_session_ticket_xtn,
+ ssl3_SendSessionTicketXtn);
+ }
+
+ rv = ssl3_ServerCallSNICallback(ss);
+ if (rv != SECSuccess) {
+ /* The alert has already been sent. */
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ rv = ssl3_SelectServerCert(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+
+ sid = ssl3_NewSessionID(ss, PR_TRUE);
+ if (sid == NULL) {
+ errCode = PORT_GetError();
+ goto loser; /* memory error is set. */
+ }
+ ss->sec.ci.sid = sid;
+
+ sid->u.ssl3.keys.extendedMasterSecretUsed =
+ ssl3_ExtensionNegotiated(ss, ssl_extended_master_secret_xtn);
+ ss->ssl3.hs.isResuming = PR_FALSE;
+
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_SendServerHelloSequence(ss);
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+
+ if (haveXmitBufLock) {
+ ssl_ReleaseXmitBufLock(ss);
+ }
+
+ return SECSuccess;
+
+alert_loser:
+ if (haveSpecWriteLock) {
+ ssl_ReleaseSpecWriteLock(ss);
+ haveSpecWriteLock = PR_FALSE;
+ }
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+/* FALLTHRU */
+loser:
+ if (sid && sid != ss->sec.ci.sid) {
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ }
+
+ if (haveSpecWriteLock) {
+ ssl_ReleaseSpecWriteLock(ss);
+ }
+
+ if (haveXmitBufLock) {
+ ssl_ReleaseXmitBufLock(ss);
+ }
+
+ PORT_SetError(errCode);
+ return SECFailure;
+}
+
+/*
+ * ssl3_HandleV2ClientHello is used when a V2 formatted hello comes
+ * in asking to use the V3 handshake.
+ */
+SECStatus
+ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length,
+ PRUint8 padding)
+{
+ sslSessionID *sid = NULL;
+ unsigned char *suites;
+ unsigned char *random;
+ SSL3ProtocolVersion version;
+ SECStatus rv;
+ int i;
+ int j;
+ int sid_length;
+ int suite_length;
+ int rand_length;
+ int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ SSL3AlertDescription desc = handshake_failure;
+ unsigned int total = SSL_HL_CLIENT_HELLO_HBYTES;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle v2 client_hello", SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ ssl_GetSSL3HandshakeLock(ss);
+
+ ssl3_ResetExtensionData(&ss->xtnData);
+
+ version = (buffer[1] << 8) | buffer[2];
+ if (version < SSL_LIBRARY_VERSION_3_0) {
+ goto loser;
+ }
+
+ rv = ssl3_InitState(ss);
+ if (rv != SECSuccess) {
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ return rv; /* ssl3_InitState has set the error code. */
+ }
+ rv = ssl3_RestartHandshakeHashes(ss);
+ if (rv != SECSuccess) {
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ return rv;
+ }
+
+ if (ss->ssl3.hs.ws != wait_client_hello) {
+ desc = unexpected_message;
+ errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
+ goto alert_loser;
+ }
+
+ total += suite_length = (buffer[3] << 8) | buffer[4];
+ total += sid_length = (buffer[5] << 8) | buffer[6];
+ total += rand_length = (buffer[7] << 8) | buffer[8];
+ total += padding;
+ ss->clientHelloVersion = version;
+
+ if (version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* [draft-ietf-tls-tls-11; C.3] forbids sending a TLS 1.3
+ * ClientHello using the backwards-compatible format. */
+ desc = illegal_parameter;
+ errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ goto alert_loser;
+ }
+
+ rv = ssl3_NegotiateVersion(ss, version, PR_TRUE);
+ if (rv != SECSuccess) {
+ /* send back which ever alert client will understand. */
+ desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version
+ : handshake_failure;
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION;
+ goto alert_loser;
+ }
+ ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_version;
+
+ /* if we get a non-zero SID, just ignore it. */
+ if (length != total) {
+ SSL_DBG(("%d: SSL3[%d]: bad v2 client hello message, len=%d should=%d",
+ SSL_GETPID(), ss->fd, length, total));
+ desc = illegal_parameter;
+ errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ goto alert_loser;
+ }
+
+ suites = buffer + SSL_HL_CLIENT_HELLO_HBYTES;
+ random = suites + suite_length + sid_length;
+
+ if (rand_length < SSL_MIN_CHALLENGE_BYTES ||
+ rand_length > SSL_MAX_CHALLENGE_BYTES) {
+ desc = illegal_parameter;
+ errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
+ goto alert_loser;
+ }
+
+ PORT_Assert(SSL_MAX_CHALLENGE_BYTES == SSL3_RANDOM_LENGTH);
+
+ PORT_Memset(&ss->ssl3.hs.client_random, 0, SSL3_RANDOM_LENGTH);
+ PORT_Memcpy(
+ &ss->ssl3.hs.client_random.rand[SSL3_RANDOM_LENGTH - rand_length],
+ random, rand_length);
+
+ PRINT_BUF(60, (ss, "client random:", &ss->ssl3.hs.client_random.rand[0],
+ SSL3_RANDOM_LENGTH));
+ i = ssl3_config_match_init(ss);
+ if (i <= 0) {
+ errCode = PORT_GetError(); /* error code is already set. */
+ goto alert_loser;
+ }
+
+ /* Select a cipher suite.
+ **
+ ** NOTE: This suite selection algorithm should be the same as the one in
+ ** ssl3_HandleClientHello().
+ **
+ ** See the comments about export cipher suites in ssl3_HandleClientHello().
+ */
+ for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
+ ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
+ SSLVersionRange vrange = { ss->version, ss->version };
+ if (!config_match(suite, ss->ssl3.policy, &vrange, ss)) {
+ continue;
+ }
+ for (i = 0; i + 2 < suite_length; i += 3) {
+ PRUint32 suite_i = (suites[i] << 16) | (suites[i + 1] << 8) | suites[i + 2];
+ if (suite_i == suite->cipher_suite) {
+ rv = ssl3_SetCipherSuite(ss, suite_i, PR_TRUE);
+ if (rv != SECSuccess) {
+ desc = internal_error;
+ errCode = PORT_GetError();
+ goto alert_loser;
+ }
+ goto suite_found;
+ }
+ }
+ }
+ errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
+ goto alert_loser;
+
+suite_found:
+
+ /* If the ClientHello version is less than our maximum version, check for a
+ * TLS_FALLBACK_SCSV and reject the connection if found. */
+ if (ss->vrange.max > ss->clientHelloVersion) {
+ for (i = 0; i + 2 < suite_length; i += 3) {
+ PRUint16 suite_i = (suites[i] << 16) | (suites[i + 1] << 8) | suites[i + 2];
+ if (suite_i == TLS_FALLBACK_SCSV) {
+ desc = inappropriate_fallback;
+ errCode = SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT;
+ goto alert_loser;
+ }
+ }
+ }
+
+ /* Look for the SCSV, and if found, treat it just like an empty RI
+ * extension by processing a local copy of an empty RI extension.
+ */
+ for (i = 0; i + 2 < suite_length; i += 3) {
+ PRUint32 suite_i = (suites[i] << 16) | (suites[i + 1] << 8) | suites[i + 2];
+ if (suite_i == TLS_EMPTY_RENEGOTIATION_INFO_SCSV) {
+ SSL3Opaque *b2 = (SSL3Opaque *)emptyRIext;
+ PRUint32 L2 = sizeof emptyRIext;
+ (void)ssl3_HandleExtensions(ss, &b2, &L2, client_hello);
+ break;
+ }
+ }
+
+ if (ss->opt.requireSafeNegotiation &&
+ !ssl3_ExtensionNegotiated(ss, ssl_renegotiation_info_xtn)) {
+ desc = handshake_failure;
+ errCode = SSL_ERROR_UNSAFE_NEGOTIATION;
+ goto alert_loser;
+ }
+
+ ss->ssl3.hs.compression = ssl_compression_null;
+
+ rv = ssl3_SelectServerCert(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+
+ /* we don't even search for a cache hit here. It's just a miss. */
+ SSL_AtomicIncrementLong(&ssl3stats.hch_sid_cache_misses);
+ sid = ssl3_NewSessionID(ss, PR_TRUE);
+ if (sid == NULL) {
+ errCode = PORT_GetError();
+ goto loser; /* memory error is set. */
+ }
+ ss->sec.ci.sid = sid;
+ /* do not worry about memory leak of sid since it now belongs to ci */
+
+ /* We have to update the handshake hashes before we can send stuff */
+ rv = ssl3_UpdateHandshakeHashes(ss, buffer, length);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_SendServerHelloSequence(ss);
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ return SECSuccess;
+
+alert_loser:
+ SSL3_SendAlert(ss, alert_fatal, desc);
+loser:
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ PORT_SetError(errCode);
+ return SECFailure;
+}
+
+/* The negotiated version number has been already placed in ss->version.
+**
+** Called from: ssl3_HandleClientHello (resuming session),
+** ssl3_SendServerHelloSequence <- ssl3_HandleClientHello (new session),
+** ssl3_SendServerHelloSequence <- ssl3_HandleV2ClientHello (new session)
+*/
+SECStatus
+ssl3_SendServerHello(sslSocket *ss)
+{
+ sslSessionID *sid;
+ SECStatus rv;
+ PRUint32 maxBytes = 65535;
+ PRUint32 length;
+ PRInt32 extensions_len = 0;
+ SSL3ProtocolVersion version;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send server_hello handshake", SSL_GETPID(),
+ ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ PORT_Assert(MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0));
+ if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return SECFailure;
+ }
+
+ sid = ss->sec.ci.sid;
+
+ extensions_len = ssl3_CallHelloExtensionSenders(
+ ss, PR_FALSE, maxBytes, &ss->xtnData.serverHelloSenders[0]);
+ if (extensions_len > 0)
+ extensions_len += 2; /* Add sizeof total extension length */
+
+ /* TLS 1.3 doesn't use the session_id or compression_method
+ * fields in the ServerHello. */
+ length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH;
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ length += 1 + ((sid == NULL) ? 0 : sid->u.ssl3.sessionIDLength);
+ }
+ length += sizeof(ssl3CipherSuite);
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ length += 1; /* Compression */
+ }
+ length += extensions_len;
+
+ rv = ssl3_AppendHandshakeHeader(ss, server_hello, length);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+
+ if (IS_DTLS(ss) && ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ version = dtls_TLSVersionToDTLSVersion(ss->version);
+ } else {
+ version = tls13_EncodeDraftVersion(ss->version);
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, version, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ /* Random already generated in ssl3_HandleClientHello */
+ rv = ssl3_AppendHandshake(
+ ss, &ss->ssl3.hs.server_random, SSL3_RANDOM_LENGTH);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ if (sid) {
+ rv = ssl3_AppendHandshakeVariable(
+ ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
+ } else {
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 1);
+ }
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.cipher_suite, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.compression, 1);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+ if (extensions_len) {
+ PRInt32 sent_len;
+
+ extensions_len -= 2;
+ rv = ssl3_AppendHandshakeNumber(ss, extensions_len, 2);
+ if (rv != SECSuccess)
+ return rv; /* err set by ssl3_AppendHandshakeNumber */
+ sent_len = ssl3_CallHelloExtensionSenders(ss, PR_TRUE, extensions_len,
+ &ss->xtnData.serverHelloSenders[0]);
+ PORT_Assert(sent_len == extensions_len);
+ if (sent_len != extensions_len) {
+ if (sent_len >= 0)
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = ssl3_SetupPendingCipherSpec(ss);
+ if (rv != SECSuccess) {
+ return rv; /* err set by ssl3_SetupPendingCipherSpec */
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+ssl_CreateDHEKeyPair(const sslNamedGroupDef *groupDef,
+ const ssl3DHParams *params,
+ sslEphemeralKeyPair **keyPair)
+{
+ SECKEYDHParams dhParam;
+ SECKEYPublicKey *pubKey = NULL; /* Ephemeral DH key */
+ SECKEYPrivateKey *privKey = NULL; /* Ephemeral DH key */
+ sslEphemeralKeyPair *pair;
+
+ dhParam.prime.data = params->prime.data;
+ dhParam.prime.len = params->prime.len;
+ dhParam.base.data = params->base.data;
+ dhParam.base.len = params->base.len;
+
+ PRINT_BUF(60, (NULL, "Server DH p", dhParam.prime.data,
+ dhParam.prime.len));
+ PRINT_BUF(60, (NULL, "Server DH g", dhParam.base.data,
+ dhParam.base.len));
+
+ /* Generate ephemeral DH keypair */
+ privKey = SECKEY_CreateDHPrivateKey(&dhParam, &pubKey, NULL);
+ if (!privKey || !pubKey) {
+ ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
+ return SECFailure;
+ }
+
+ pair = ssl_NewEphemeralKeyPair(groupDef, privKey, pubKey);
+ if (!pair) {
+ SECKEY_DestroyPrivateKey(privKey);
+ SECKEY_DestroyPublicKey(pubKey);
+
+ return SECFailure;
+ }
+
+ *keyPair = pair;
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_SendDHServerKeyExchange(sslSocket *ss)
+{
+ const ssl3KEADef *kea_def = ss->ssl3.hs.kea_def;
+ SECStatus rv = SECFailure;
+ int length;
+ SECItem signed_hash = { siBuffer, NULL, 0 };
+ SSL3Hashes hashes;
+ SSLHashType hashAlg;
+
+ const ssl3DHParams *params;
+ sslEphemeralKeyPair *keyPair;
+ SECKEYPublicKey *pubKey;
+ SECKEYPrivateKey *certPrivateKey;
+ const sslNamedGroupDef *groupDef;
+
+ if (kea_def->kea != kea_dhe_dss && kea_def->kea != kea_dhe_rsa) {
+ /* TODO: Support DH_anon. It might be sufficient to drop the signature.
+ See bug 1170510. */
+ PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ return SECFailure;
+ }
+
+ rv = ssl_SelectDHEGroup(ss, &groupDef);
+ if (rv == SECFailure) {
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return SECFailure;
+ }
+ ss->sec.keaGroup = groupDef;
+
+ params = ssl_GetDHEParams(groupDef);
+ rv = ssl_CreateDHEKeyPair(groupDef, params, &keyPair);
+ if (rv == SECFailure) {
+ ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
+ return SECFailure;
+ }
+ PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
+
+ if (ss->ssl3.pwSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) {
+ hashAlg = ssl_SignatureSchemeToHashType(ss->ssl3.hs.signatureScheme);
+ } else {
+ /* Use ssl_hash_none to represent the MD5+SHA1 combo. */
+ hashAlg = ssl_hash_none;
+ }
+
+ pubKey = keyPair->keys->pubKey;
+ PRINT_BUF(50, (ss, "DH public value:",
+ pubKey->u.dh.publicValue.data,
+ pubKey->u.dh.publicValue.len));
+ rv = ssl3_ComputeDHKeyHash(ss, hashAlg, &hashes,
+ pubKey->u.dh.prime,
+ pubKey->u.dh.base,
+ pubKey->u.dh.publicValue,
+ PR_TRUE /* padY */);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ certPrivateKey = ss->sec.serverCert->serverKeyPair->privKey;
+ rv = ssl3_SignHashes(ss, &hashes, certPrivateKey, &signed_hash);
+ if (rv != SECSuccess) {
+ goto loser; /* ssl3_SignHashes has set err. */
+ }
+
+ length = 2 + pubKey->u.dh.prime.len +
+ 2 + pubKey->u.dh.base.len +
+ 2 + pubKey->u.dh.prime.len +
+ 2 + signed_hash.len;
+
+ if (ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
+ length += 2;
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.dh.prime.data,
+ pubKey->u.dh.prime.len, 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.dh.base.data,
+ pubKey->u.dh.base.len, 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl_AppendPaddedDHKeyShare(ss, pubKey, PR_TRUE);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ if (ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.signatureScheme, 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
+ signed_hash.len, 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+ PORT_Free(signed_hash.data);
+ return SECSuccess;
+
+loser:
+ if (signed_hash.data)
+ PORT_Free(signed_hash.data);
+ return SECFailure;
+}
+
+static SECStatus
+ssl3_SendServerKeyExchange(sslSocket *ss)
+{
+ const ssl3KEADef *kea_def = ss->ssl3.hs.kea_def;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send server_key_exchange handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ switch (kea_def->exchKeyType) {
+ case ssl_kea_dh: {
+ return ssl3_SendDHServerKeyExchange(ss);
+ }
+
+ case ssl_kea_ecdh: {
+ return ssl3_SendECDHServerKeyExchange(ss);
+ }
+
+ case ssl_kea_rsa:
+ case ssl_kea_null:
+ default:
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ break;
+ }
+
+ return SECFailure;
+}
+
+SECStatus
+ssl3_EncodeSigAlgs(const sslSocket *ss, PRUint8 *buf, unsigned maxLen, PRUint32 *len)
+{
+ unsigned int i;
+ PRUint8 *p = buf;
+
+ PORT_Assert(maxLen >= ss->ssl3.signatureSchemeCount * 2);
+ if (maxLen < ss->ssl3.signatureSchemeCount * 2) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
+ PRUint32 policy = 0;
+ SSLHashType hashType = ssl_SignatureSchemeToHashType(
+ ss->ssl3.signatureSchemes[i]);
+ SECOidTag hashOID = ssl3_HashTypeToOID(hashType);
+
+ /* Skip RSA-PSS schemes if there are no tokens to verify them. */
+ if (ssl_IsRsaPssSignatureScheme(ss->ssl3.signatureSchemes[i]) &&
+ !PK11_TokenExists(auth_alg_defs[ssl_auth_rsa_pss])) {
+ continue;
+ }
+
+ if ((NSS_GetAlgorithmPolicy(hashOID, &policy) != SECSuccess) ||
+ (policy & NSS_USE_ALG_IN_SSL_KX)) {
+ p = ssl_EncodeUintX((PRUint32)ss->ssl3.signatureSchemes[i], 2, p);
+ }
+ }
+
+ if (p == buf) {
+ PORT_SetError(SSL_ERROR_NO_SUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
+ *len = p - buf;
+ return SECSuccess;
+}
+
+void
+ssl3_GetCertificateRequestCAs(sslSocket *ss, int *calen, SECItem **names,
+ int *nnames)
+{
+ SECItem *name;
+ CERTDistNames *ca_list;
+ int i;
+
+ *calen = 0;
+ *names = NULL;
+ *nnames = 0;
+
+ /* ssl3.ca_list is initialized to NULL, and never changed. */
+ ca_list = ss->ssl3.ca_list;
+ if (!ca_list) {
+ ca_list = ssl3_server_ca_list;
+ }
+
+ if (ca_list != NULL) {
+ *names = ca_list->names;
+ *nnames = ca_list->nnames;
+ }
+
+ for (i = 0, name = *names; i < *nnames; i++, name++) {
+ *calen += 2 + name->len;
+ }
+}
+
+static SECStatus
+ssl3_SendCertificateRequest(sslSocket *ss)
+{
+ PRBool isTLS12;
+ const PRUint8 *certTypes;
+ SECStatus rv;
+ int length;
+ SECItem *names;
+ int calen;
+ int nnames;
+ SECItem *name;
+ int i;
+ int certTypesLength;
+ PRUint8 sigAlgs[MAX_SIGNATURE_SCHEMES * 2];
+ unsigned int sigAlgsLength = 0;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send certificate_request handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ isTLS12 = (PRBool)(ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+
+ ssl3_GetCertificateRequestCAs(ss, &calen, &names, &nnames);
+ certTypes = certificate_types;
+ certTypesLength = sizeof certificate_types;
+
+ length = 1 + certTypesLength + 2 + calen;
+ if (isTLS12) {
+ rv = ssl3_EncodeSigAlgs(ss, sigAlgs, sizeof(sigAlgs), &sigAlgsLength);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ length += 2 + sigAlgsLength;
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_AppendHandshakeVariable(ss, certTypes, certTypesLength, 1);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ if (isTLS12) {
+ rv = ssl3_AppendHandshakeVariable(ss, sigAlgs, sigAlgsLength, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, calen, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ for (i = 0, name = names; i < nnames; i++, name++) {
+ rv = ssl3_AppendHandshakeVariable(ss, name->data, name->len, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_SendServerHelloDone(sslSocket *ss)
+{
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send server_hello_done handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ rv = ssl3_AppendHandshakeHeader(ss, server_hello_done, 0);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_FlushHandshake(ss, 0);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by ssl3_FlushHandshake */
+ }
+ return SECSuccess;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 Certificate Verify message
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ SSL3Hashes *hashes)
+{
+ SECItem signed_hash = { siBuffer, NULL, 0 };
+ SECStatus rv;
+ int errCode = SSL_ERROR_RX_MALFORMED_CERT_VERIFY;
+ SSL3AlertDescription desc = handshake_failure;
+ PRBool isTLS;
+ SSLSignatureScheme sigScheme;
+ SSLHashType hashAlg;
+ SSL3Hashes localHashes;
+ SSL3Hashes *hashesForVerify = NULL;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_verify handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ /* TLS 1.3 is handled by tls13_HandleCertificateVerify */
+ PORT_Assert(ss->ssl3.prSpec->version <= SSL_LIBRARY_VERSION_TLS_1_2);
+
+ isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ if (ss->ssl3.hs.ws != wait_cert_verify) {
+ desc = unexpected_message;
+ errCode = SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY;
+ goto alert_loser;
+ }
+
+ if (!hashes) {
+ PORT_Assert(0);
+ desc = internal_error;
+ errCode = SEC_ERROR_LIBRARY_FAILURE;
+ goto alert_loser;
+ }
+
+ if (ss->ssl3.hs.hashType == handshake_hash_record) {
+ rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed or unsupported. */
+ }
+ rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme,
+ ss->sec.peerCert);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = decrypt_error;
+ goto alert_loser;
+ }
+
+ hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
+
+ /* Read from the message buffer, but we need to use only up to the end
+ * of the previous handshake message. The length of the transcript up to
+ * that point is saved in |hashes->u.transcriptLen|. */
+ rv = ssl3_ComputeHandshakeHash(ss->ssl3.hs.messages.buf,
+ hashes->u.transcriptLen,
+ hashAlg, &localHashes);
+
+ if (rv == SECSuccess) {
+ hashesForVerify = &localHashes;
+ } else {
+ errCode = SSL_ERROR_DIGEST_FAILURE;
+ desc = decrypt_error;
+ goto alert_loser;
+ }
+ } else {
+ hashesForVerify = hashes;
+ sigScheme = ssl_sig_none;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &signed_hash, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+
+ /* XXX verify that the key & kea match */
+ rv = ssl3_VerifySignedHashes(ss, sigScheme, hashesForVerify, &signed_hash);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ desc = isTLS ? decrypt_error : handshake_failure;
+ goto alert_loser;
+ }
+
+ signed_hash.data = NULL;
+
+ if (length != 0) {
+ desc = isTLS ? decode_error : illegal_parameter;
+ goto alert_loser; /* malformed */
+ }
+ ss->ssl3.hs.ws = wait_change_cipher;
+ return SECSuccess;
+
+alert_loser:
+ SSL3_SendAlert(ss, alert_fatal, desc);
+loser:
+ PORT_SetError(errCode);
+ return SECFailure;
+}
+
+/* find a slot that is able to generate a PMS and wrap it with RSA.
+ * Then generate and return the PMS.
+ * If the serverKeySlot parameter is non-null, this function will use
+ * that slot to do the job, otherwise it will find a slot.
+ *
+ * Called from ssl3_DeriveConnectionKeys() (above)
+ * ssl3_SendRSAClientKeyExchange() (above)
+ * ssl3_HandleRSAClientKeyExchange() (below)
+ * Caller must hold the SpecWriteLock, the SSL3HandshakeLock
+ */
+static PK11SymKey *
+ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
+ PK11SlotInfo *serverKeySlot)
+{
+ PK11SymKey *pms = NULL;
+ PK11SlotInfo *slot = serverKeySlot;
+ void *pwArg = ss->pkcs11PinArg;
+ SECItem param;
+ CK_VERSION version;
+ CK_MECHANISM_TYPE mechanism_array[3];
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (slot == NULL) {
+ SSLCipherAlgorithm calg;
+ /* The specReadLock would suffice here, but we cannot assert on
+ ** read locks. Also, all the callers who call with a non-null
+ ** slot already hold the SpecWriteLock.
+ */
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSpecWriteLock(ss));
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ calg = spec->cipher_def->calg;
+
+ /* First get an appropriate slot. */
+ mechanism_array[0] = CKM_SSL3_PRE_MASTER_KEY_GEN;
+ mechanism_array[1] = CKM_RSA_PKCS;
+ mechanism_array[2] = ssl3_Alg2Mech(calg);
+
+ slot = PK11_GetBestSlotMultiple(mechanism_array, 3, pwArg);
+ if (slot == NULL) {
+ /* can't find a slot with all three, find a slot with the minimum */
+ slot = PK11_GetBestSlotMultiple(mechanism_array, 2, pwArg);
+ if (slot == NULL) {
+ PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
+ return pms; /* which is NULL */
+ }
+ }
+ }
+
+ /* Generate the pre-master secret ... */
+ if (IS_DTLS(ss)) {
+ SSL3ProtocolVersion temp;
+
+ temp = dtls_TLSVersionToDTLSVersion(ss->clientHelloVersion);
+ version.major = MSB(temp);
+ version.minor = LSB(temp);
+ } else {
+ version.major = MSB(ss->clientHelloVersion);
+ version.minor = LSB(ss->clientHelloVersion);
+ }
+
+ param.data = (unsigned char *)&version;
+ param.len = sizeof version;
+
+ pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN, &param, 0, pwArg);
+ if (!serverKeySlot)
+ PK11_FreeSlot(slot);
+ if (pms == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ }
+ return pms;
+}
+
+/* Note: The Bleichenbacher attack on PKCS#1 necessitates that we NEVER
+ * return any indication of failure of the Client Key Exchange message,
+ * where that failure is caused by the content of the client's message.
+ * This function must not return SECFailure for any reason that is directly
+ * or indirectly caused by the content of the client's encrypted PMS.
+ * We must not send an alert and also not drop the connection.
+ * Instead, we generate a random PMS. This will cause a failure
+ * in the processing the finished message, which is exactly where
+ * the failure must occur.
+ *
+ * Called from ssl3_HandleClientKeyExchange
+ */
+static SECStatus
+ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
+ SSL3Opaque *b,
+ PRUint32 length,
+ sslKeyPair *serverKeyPair)
+{
+ SECStatus rv;
+ SECItem enc_pms;
+ PK11SymKey *tmpPms[2] = { NULL, NULL };
+ PK11SlotInfo *slot;
+ int useFauxPms = 0;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
+
+ enc_pms.data = b;
+ enc_pms.len = length;
+
+ if (ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
+ PRInt32 kLen;
+ kLen = ssl3_ConsumeHandshakeNumber(ss, 2, &enc_pms.data, &enc_pms.len);
+ if (kLen < 0) {
+ PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ return SECFailure;
+ }
+ if ((unsigned)kLen < enc_pms.len) {
+ enc_pms.len = kLen;
+ }
+ }
+
+#define currentPms tmpPms[!useFauxPms]
+#define unusedPms tmpPms[useFauxPms]
+#define realPms tmpPms[1]
+#define fauxPms tmpPms[0]
+
+ /*
+ * Get as close to algorithm 2 from RFC 5246; Section 7.4.7.1
+ * as we can within the constraints of the PKCS#11 interface.
+ *
+ * 1. Unconditionally generate a bogus PMS (what RFC 5246
+ * calls R).
+ * 2. Attempt the RSA decryption to recover the PMS (what
+ * RFC 5246 calls M).
+ * 3. Set PMS = (M == NULL) ? R : M
+ * 4. Use ssl3_ComputeMasterSecret(PMS) to attempt to derive
+ * the MS from PMS. This includes performing the version
+ * check and length check.
+ * 5. If either the initial RSA decryption failed or
+ * ssl3_ComputeMasterSecret(PMS) failed, then discard
+ * M and set PMS = R. Else, discard R and set PMS = M.
+ *
+ * We do two derivations here because we can't rely on having
+ * a function that only performs the PMS version and length
+ * check. The only redundant cost is that this runs the PRF,
+ * which isn't necessary here.
+ */
+
+ /* Generate the bogus PMS (R) */
+ slot = PK11_GetSlotFromPrivateKey(serverKeyPair->privKey);
+ if (!slot) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ if (!PK11_DoesMechanism(slot, CKM_SSL3_MASTER_KEY_DERIVE)) {
+ PK11_FreeSlot(slot);
+ slot = PK11_GetBestSlot(CKM_SSL3_MASTER_KEY_DERIVE, NULL);
+ if (!slot) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ ssl_GetSpecWriteLock(ss);
+ fauxPms = ssl3_GenerateRSAPMS(ss, ss->ssl3.prSpec, slot);
+ ssl_ReleaseSpecWriteLock(ss);
+ PK11_FreeSlot(slot);
+
+ if (fauxPms == NULL) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ return SECFailure;
+ }
+
+ /*
+ * unwrap pms out of the incoming buffer
+ * Note: CKM_SSL3_MASTER_KEY_DERIVE is NOT the mechanism used to do
+ * the unwrap. Rather, it is the mechanism with which the
+ * unwrapped pms will be used.
+ */
+ realPms = PK11_PubUnwrapSymKey(serverKeyPair->privKey, &enc_pms,
+ CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
+ /* Temporarily use the PMS if unwrapping the real PMS fails. */
+ useFauxPms |= (realPms == NULL);
+
+ /* Attempt to derive the MS from the PMS. This is the only way to
+ * check the version field in the RSA PMS. If this fails, we
+ * then use the faux PMS in place of the PMS. Note that this
+ * operation should never fail if we are using the faux PMS
+ * since it is correctly formatted. */
+ rv = ssl3_ComputeMasterSecret(ss, currentPms, NULL);
+
+ /* If we succeeded, then select the true PMS and discard the
+ * FPMS. Else, select the FPMS and select the true PMS */
+ useFauxPms |= (rv != SECSuccess);
+
+ if (unusedPms) {
+ PK11_FreeSymKey(unusedPms);
+ }
+
+ /* This step will derive the MS from the PMS, among other things. */
+ rv = ssl3_InitPendingCipherSpec(ss, currentPms);
+ PK11_FreeSymKey(currentPms);
+
+ if (rv != SECSuccess) {
+ (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
+ return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
+ }
+
+#undef currentPms
+#undef unusedPms
+#undef realPms
+#undef fauxPms
+
+ return SECSuccess;
+}
+
+static SECStatus
+ssl3_HandleDHClientKeyExchange(sslSocket *ss,
+ SSL3Opaque *b,
+ PRUint32 length,
+ sslKeyPair *serverKeyPair)
+{
+ PK11SymKey *pms;
+ SECStatus rv;
+ SECKEYPublicKey clntPubKey;
+ CK_MECHANISM_TYPE target;
+ PRBool isTLS;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ clntPubKey.keyType = dhKey;
+ clntPubKey.u.dh.prime.len = serverKeyPair->pubKey->u.dh.prime.len;
+ clntPubKey.u.dh.prime.data = serverKeyPair->pubKey->u.dh.prime.data;
+ clntPubKey.u.dh.base.len = serverKeyPair->pubKey->u.dh.base.len;
+ clntPubKey.u.dh.base.data = serverKeyPair->pubKey->u.dh.base.data;
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &clntPubKey.u.dh.publicValue,
+ 2, &b, &length);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (!ssl_IsValidDHEShare(&serverKeyPair->pubKey->u.dh.prime,
+ &clntPubKey.u.dh.publicValue)) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_DHE_KEY_SHARE);
+ return SECFailure;
+ }
+
+ isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ if (isTLS)
+ target = CKM_TLS_MASTER_KEY_DERIVE_DH;
+ else
+ target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
+
+ /* Determine the PMS */
+ pms = PK11_PubDerive(serverKeyPair->privKey, &clntPubKey, PR_FALSE, NULL, NULL,
+ CKM_DH_PKCS_DERIVE, target, CKA_DERIVE, 0, NULL);
+ if (pms == NULL) {
+ ssl_FreeEphemeralKeyPairs(ss);
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ return SECFailure;
+ }
+
+ rv = ssl3_InitPendingCipherSpec(ss, pms);
+ PK11_FreeSymKey(pms);
+ ssl_FreeEphemeralKeyPairs(ss);
+ return rv;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 ClientKeyExchange message from the remote client
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ sslKeyPair *serverKeyPair = NULL;
+ SECStatus rv;
+ const ssl3KEADef *kea_def;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle client_key_exchange handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->ssl3.hs.ws != wait_client_key) {
+ SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
+ return SECFailure;
+ }
+
+ kea_def = ss->ssl3.hs.kea_def;
+
+ if (kea_def->ephemeral) {
+ sslEphemeralKeyPair *keyPair;
+ /* There should be exactly one pair. */
+ PORT_Assert(!PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+ PORT_Assert(PR_PREV_LINK(&ss->ephemeralKeyPairs) ==
+ PR_NEXT_LINK(&ss->ephemeralKeyPairs));
+ keyPair = (sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+ serverKeyPair = keyPair->keys;
+ ss->sec.keaKeyBits =
+ SECKEY_PublicKeyStrengthInBits(serverKeyPair->pubKey);
+ } else {
+ serverKeyPair = ss->sec.serverCert->serverKeyPair;
+ ss->sec.keaKeyBits = ss->sec.serverCert->serverKeyBits;
+ }
+
+ if (!serverKeyPair) {
+ SSL3_SendAlert(ss, alert_fatal, handshake_failure);
+ PORT_SetError(SSL_ERROR_NO_SERVER_KEY_FOR_ALG);
+ return SECFailure;
+ }
+ PORT_Assert(serverKeyPair->pubKey);
+ PORT_Assert(serverKeyPair->privKey);
+
+ ss->sec.keaType = kea_def->exchKeyType;
+
+ switch (kea_def->exchKeyType) {
+ case ssl_kea_rsa:
+ rv = ssl3_HandleRSAClientKeyExchange(ss, b, length, serverKeyPair);
+ break;
+
+ case ssl_kea_dh:
+ rv = ssl3_HandleDHClientKeyExchange(ss, b, length, serverKeyPair);
+ break;
+
+ case ssl_kea_ecdh:
+ rv = ssl3_HandleECDHClientKeyExchange(ss, b, length, serverKeyPair);
+ break;
+
+ default:
+ (void)ssl3_HandshakeFailure(ss);
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+ return SECFailure;
+ }
+ ssl_FreeEphemeralKeyPairs(ss);
+ if (rv == SECSuccess) {
+ ss->ssl3.hs.ws = ss->sec.peerCert ? wait_cert_verify : wait_change_cipher;
+ } else {
+ /* PORT_SetError has been called by all the Handle*ClientKeyExchange
+ * functions above. However, not all error paths result in an alert, so
+ * this ensures that the server knows about the error. Note that if an
+ * alert was already sent, SSL3_SendAlert() is a noop. */
+ PRErrorCode errCode = PORT_GetError();
+ (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
+ PORT_SetError(errCode);
+ }
+ return rv;
+}
+
+/* This is TLS's equivalent of sending a no_certificate alert. */
+SECStatus
+ssl3_SendEmptyCertificate(sslSocket *ss)
+{
+ SECStatus rv;
+ unsigned int len = 0;
+ PRBool isTLS13 = PR_FALSE;
+ const SECItem *context;
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ PORT_Assert(ss->ssl3.hs.certificateRequest);
+ context = &ss->ssl3.hs.certificateRequest->context;
+ len = context->len + 1;
+ isTLS13 = PR_TRUE;
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate, len + 3);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ if (isTLS13) {
+ rv = ssl3_AppendHandshakeVariable(ss, context->data, context->len, 1);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ return ssl3_AppendHandshakeNumber(ss, 0, 3);
+}
+
+/*
+ * NewSessionTicket
+ * Called from ssl3_HandleFinished
+ */
+static SECStatus
+ssl3_SendNewSessionTicket(sslSocket *ss)
+{
+ SECItem ticket = { 0, NULL, 0 };
+ SECStatus rv;
+ NewSessionTicket nticket = { 0 };
+
+ rv = ssl3_EncodeSessionTicket(ss, &nticket, &ticket);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Serialize the handshake message. Length =
+ * lifetime (4) + ticket length (2) + ticket. */
+ rv = ssl3_AppendHandshakeHeader(ss, new_session_ticket,
+ 4 + 2 + ticket.len);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* This is a fixed value. */
+ rv = ssl3_AppendHandshakeNumber(ss, TLS_EX_SESS_TICKET_LIFETIME_HINT, 4);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Encode the ticket. */
+ rv = ssl3_AppendHandshakeVariable(ss, ticket.data, ticket.len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = SECSuccess;
+
+loser:
+ if (ticket.data) {
+ SECITEM_FreeItem(&ticket, PR_FALSE);
+ }
+ return rv;
+}
+
+static SECStatus
+ssl3_HandleNewSessionTicket(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ SECItem ticketData;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle session_ticket handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ PORT_Assert(!ss->ssl3.hs.newSessionTicket.ticket.data);
+ PORT_Assert(!ss->ssl3.hs.receivedNewSessionTicket);
+
+ if (ss->ssl3.hs.ws != wait_new_session_ticket) {
+ SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET);
+ return SECFailure;
+ }
+
+ /* RFC5077 Section 3.3: "The client MUST NOT treat the ticket as valid
+ * until it has verified the server's Finished message." See the comment in
+ * ssl3_FinishHandshake for more details.
+ */
+ ss->ssl3.hs.newSessionTicket.received_timestamp = ssl_Time();
+ if (length < 4) {
+ (void)SSL3_SendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET);
+ return SECFailure;
+ }
+ ss->ssl3.hs.newSessionTicket.ticket_lifetime_hint =
+ (PRUint32)ssl3_ConsumeHandshakeNumber(ss, 4, &b, &length);
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &ticketData, 2, &b, &length);
+ if (rv != SECSuccess || length != 0) {
+ (void)SSL3_SendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET);
+ return SECFailure; /* malformed */
+ }
+ /* If the server sent a zero-length ticket, ignore it and keep the
+ * existing ticket. */
+ if (ticketData.len != 0) {
+ rv = SECITEM_CopyItem(NULL, &ss->ssl3.hs.newSessionTicket.ticket,
+ &ticketData);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ ss->ssl3.hs.receivedNewSessionTicket = PR_TRUE;
+ }
+
+ ss->ssl3.hs.ws = wait_change_cipher;
+ return SECSuccess;
+}
+
+#ifdef NISCC_TEST
+static PRInt32 connNum = 0;
+
+static SECStatus
+get_fake_cert(SECItem *pCertItem, int *pIndex)
+{
+ PRFileDesc *cf;
+ char *testdir;
+ char *startat;
+ char *stopat;
+ const char *extension;
+ int fileNum;
+ PRInt32 numBytes = 0;
+ PRStatus prStatus;
+ PRFileInfo info;
+ char cfn[100];
+
+ pCertItem->data = 0;
+ if ((testdir = PR_GetEnvSecure("NISCC_TEST")) == NULL) {
+ return SECSuccess;
+ }
+ *pIndex = (NULL != strstr(testdir, "root"));
+ extension = (strstr(testdir, "simple") ? "" : ".der");
+ fileNum = PR_ATOMIC_INCREMENT(&connNum) - 1;
+ if ((startat = PR_GetEnvSecure("START_AT")) != NULL) {
+ fileNum += atoi(startat);
+ }
+ if ((stopat = PR_GetEnvSecure("STOP_AT")) != NULL &&
+ fileNum >= atoi(stopat)) {
+ *pIndex = -1;
+ return SECSuccess;
+ }
+ sprintf(cfn, "%s/%08d%s", testdir, fileNum, extension);
+ cf = PR_Open(cfn, PR_RDONLY, 0);
+ if (!cf) {
+ goto loser;
+ }
+ prStatus = PR_GetOpenFileInfo(cf, &info);
+ if (prStatus != PR_SUCCESS) {
+ PR_Close(cf);
+ goto loser;
+ }
+ pCertItem = SECITEM_AllocItem(NULL, pCertItem, info.size);
+ if (pCertItem) {
+ numBytes = PR_Read(cf, pCertItem->data, info.size);
+ }
+ PR_Close(cf);
+ if (numBytes != info.size) {
+ SECITEM_FreeItem(pCertItem, PR_FALSE);
+ PORT_SetError(SEC_ERROR_IO);
+ goto loser;
+ }
+ fprintf(stderr, "using %s\n", cfn);
+ return SECSuccess;
+
+loser:
+ fprintf(stderr, "failed to use %s\n", cfn);
+ *pIndex = -1;
+ return SECFailure;
+}
+#endif
+
+/*
+ * Used by both client and server.
+ * Called from HandleServerHelloDone and from SendServerHelloSequence.
+ */
+static SECStatus
+ssl3_SendCertificate(sslSocket *ss)
+{
+ SECStatus rv;
+ CERTCertificateList *certChain;
+ int certChainLen = 0;
+ int i;
+#ifdef NISCC_TEST
+ SECItem fakeCert;
+ int ndex = -1;
+#endif
+ PRBool isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
+ SECItem context = { siBuffer, NULL, 0 };
+ unsigned int contextLen = 0;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send certificate handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->sec.localCert)
+ CERT_DestroyCertificate(ss->sec.localCert);
+ if (ss->sec.isServer) {
+ /* A server certificate is selected in ssl3_HandleClientHello. */
+ PORT_Assert(ss->sec.serverCert);
+
+ certChain = ss->sec.serverCert->serverCertChain;
+ ss->sec.localCert = CERT_DupCertificate(ss->sec.serverCert->serverCert);
+ } else {
+ certChain = ss->ssl3.clientCertChain;
+ ss->sec.localCert = CERT_DupCertificate(ss->ssl3.clientCertificate);
+ }
+
+#ifdef NISCC_TEST
+ rv = get_fake_cert(&fakeCert, &ndex);
+#endif
+
+ if (isTLS13) {
+ contextLen = 1; /* Size of the context length */
+ if (!ss->sec.isServer) {
+ PORT_Assert(ss->ssl3.hs.certificateRequest);
+ context = ss->ssl3.hs.certificateRequest->context;
+ contextLen += context.len;
+ }
+ }
+ if (certChain) {
+ for (i = 0; i < certChain->len; i++) {
+#ifdef NISCC_TEST
+ if (fakeCert.len > 0 && i == ndex) {
+ certChainLen += fakeCert.len + 3;
+ } else {
+ certChainLen += certChain->certs[i].len + 3;
+ }
+#else
+ certChainLen += certChain->certs[i].len + 3;
+#endif
+ }
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate,
+ contextLen + certChainLen + 3);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+
+ if (isTLS13) {
+ rv = ssl3_AppendHandshakeVariable(ss, context.data,
+ context.len, 1);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, certChainLen, 3);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ if (certChain) {
+ for (i = 0; i < certChain->len; i++) {
+#ifdef NISCC_TEST
+ if (fakeCert.len > 0 && i == ndex) {
+ rv = ssl3_AppendHandshakeVariable(ss, fakeCert.data,
+ fakeCert.len, 3);
+ SECITEM_FreeItem(&fakeCert, PR_FALSE);
+ } else {
+ rv = ssl3_AppendHandshakeVariable(ss, certChain->certs[i].data,
+ certChain->certs[i].len, 3);
+ }
+#else
+ rv = ssl3_AppendHandshakeVariable(ss, certChain->certs[i].data,
+ certChain->certs[i].len, 3);
+#endif
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * Used by server only.
+ * single-stapling, send only a single cert status
+ */
+SECStatus
+ssl3_SendCertificateStatus(sslSocket *ss)
+{
+ SECStatus rv;
+ int len = 0;
+ SECItemArray *statusToSend = NULL;
+ const sslServerCert *serverCert;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send certificate status handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->sec.isServer);
+
+ if (!ssl3_ExtensionNegotiated(ss, ssl_cert_status_xtn))
+ return SECSuccess;
+
+ /* Use certStatus based on the cert being used. */
+ serverCert = ss->sec.serverCert;
+ if (serverCert->certStatusArray && serverCert->certStatusArray->len) {
+ statusToSend = serverCert->certStatusArray;
+ }
+ if (!statusToSend)
+ return SECSuccess;
+
+ /* Use the array's first item only (single stapling) */
+ len = 1 + statusToSend->items[0].len + 3;
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate_status, len);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, 1 /*ocsp*/, 1);
+ if (rv != SECSuccess)
+ return rv; /* err set by AppendHandshake. */
+
+ rv = ssl3_AppendHandshakeVariable(ss,
+ statusToSend->items[0].data,
+ statusToSend->items[0].len,
+ 3);
+ if (rv != SECSuccess)
+ return rv; /* err set by AppendHandshake. */
+
+ return SECSuccess;
+}
+
+/* This is used to delete the CA certificates in the peer certificate chain
+ * from the cert database after they've been validated.
+ */
+void
+ssl3_CleanupPeerCerts(sslSocket *ss)
+{
+ PLArenaPool *arena = ss->ssl3.peerCertArena;
+ ssl3CertNode *certs = (ssl3CertNode *)ss->ssl3.peerCertChain;
+
+ for (; certs; certs = certs->next) {
+ CERT_DestroyCertificate(certs->cert);
+ }
+ if (arena)
+ PORT_FreeArena(arena, PR_FALSE);
+ ss->ssl3.peerCertArena = NULL;
+ ss->ssl3.peerCertChain = NULL;
+
+ if (ss->sec.peerCert != NULL) {
+ if (ss->sec.peerKey) {
+ SECKEY_DestroyPublicKey(ss->sec.peerKey);
+ ss->sec.peerKey = NULL;
+ }
+ CERT_DestroyCertificate(ss->sec.peerCert);
+ ss->sec.peerCert = NULL;
+ }
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 CertificateStatus message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleCertificateStatus(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+
+ if (ss->ssl3.hs.ws != wait_certificate_status) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_STATUS);
+ return SECFailure;
+ }
+
+ rv = ssl_ReadCertificateStatus(ss, b, length);
+ if (rv != SECSuccess) {
+ return SECFailure; /* code already set */
+ }
+
+ return ssl3_AuthCertificate(ss);
+}
+
+SECStatus
+ssl_ReadCertificateStatus(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ PRInt32 status, len;
+
+ PORT_Assert(!ss->sec.isServer);
+
+ /* Consume the CertificateStatusType enum */
+ status = ssl3_ConsumeHandshakeNumber(ss, 1, &b, &length);
+ if (status != 1 /* ocsp */) {
+ ssl3_DecodeError(ss); /* sets error code */
+ return SECFailure;
+ }
+
+ len = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
+ if (len != length) {
+ ssl3_DecodeError(ss); /* sets error code */
+ return SECFailure;
+ }
+
+#define MAX_CERTSTATUS_LEN 0x1ffff /* 128k - 1 */
+ if (length > MAX_CERTSTATUS_LEN) {
+ ssl3_DecodeError(ss); /* sets error code */
+ return SECFailure;
+ }
+#undef MAX_CERTSTATUS_LEN
+
+ /* Array size 1, because we currently implement single-stapling only */
+ SECITEM_AllocArray(NULL, &ss->sec.ci.sid->peerCertStatus, 1);
+ if (!ss->sec.ci.sid->peerCertStatus.items)
+ return SECFailure; /* code already set */
+
+ ss->sec.ci.sid->peerCertStatus.items[0].data = PORT_Alloc(length);
+
+ if (!ss->sec.ci.sid->peerCertStatus.items[0].data) {
+ SECITEM_FreeArray(&ss->sec.ci.sid->peerCertStatus, PR_FALSE);
+ return SECFailure; /* code already set */
+ }
+
+ PORT_Memcpy(ss->sec.ci.sid->peerCertStatus.items[0].data, b, length);
+ ss->sec.ci.sid->peerCertStatus.items[0].len = length;
+ ss->sec.ci.sid->peerCertStatus.items[0].type = siBuffer;
+ return SECSuccess;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 Certificate message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SSL_TRC(3, ("%d: SSL3[%d]: handle certificate handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if ((ss->sec.isServer && ss->ssl3.hs.ws != wait_client_cert) ||
+ (!ss->sec.isServer && ss->ssl3.hs.ws != wait_server_cert)) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE);
+ return SECFailure;
+ }
+
+ return ssl3_CompleteHandleCertificate(ss, b, length);
+}
+
+/* Called from ssl3_HandleCertificate
+ */
+SECStatus
+ssl3_CompleteHandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ ssl3CertNode *c;
+ ssl3CertNode *lastCert = NULL;
+ PRInt32 remaining = 0;
+ PRInt32 size;
+ SECStatus rv;
+ PRBool isServer = ss->sec.isServer;
+ PRBool isTLS;
+ SSL3AlertDescription desc;
+ int errCode = SSL_ERROR_RX_MALFORMED_CERTIFICATE;
+ SECItem certItem;
+
+ ssl3_CleanupPeerCerts(ss);
+ isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ /* It is reported that some TLS client sends a Certificate message
+ ** with a zero-length message body. We'll treat that case like a
+ ** normal no_certificates message to maximize interoperability.
+ */
+ if (length) {
+ remaining = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
+ if (remaining < 0)
+ goto loser; /* fatal alert already sent by ConsumeHandshake. */
+ if ((PRUint32)remaining > length)
+ goto decode_loser;
+ }
+
+ if (!remaining) {
+ if (!(isTLS && isServer)) {
+ desc = bad_certificate;
+ goto alert_loser;
+ }
+ /* This is TLS's version of a no_certificate alert. */
+ /* I'm a server. I've requested a client cert. He hasn't got one. */
+ rv = ssl3_HandleNoCertificate(ss);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ goto loser;
+ }
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ ss->ssl3.hs.ws = wait_client_key;
+ } else {
+ TLS13_SET_HS_STATE(ss, wait_finished);
+ }
+ return SECSuccess;
+ }
+
+ ss->ssl3.peerCertArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (ss->ssl3.peerCertArena == NULL) {
+ goto loser; /* don't send alerts on memory errors */
+ }
+
+ /* First get the peer cert. */
+ remaining -= 3;
+ if (remaining < 0)
+ goto decode_loser;
+
+ size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
+ if (size <= 0)
+ goto loser; /* fatal alert already sent by ConsumeHandshake. */
+
+ if (remaining < size)
+ goto decode_loser;
+
+ certItem.data = b;
+ certItem.len = size;
+ b += size;
+ length -= size;
+ remaining -= size;
+
+ ss->sec.peerCert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
+ PR_FALSE, PR_TRUE);
+ if (ss->sec.peerCert == NULL) {
+ /* We should report an alert if the cert was bad, but not if the
+ * problem was just some local problem, like memory error.
+ */
+ goto ambiguous_err;
+ }
+
+ /* Now get all of the CA certs. */
+ while (remaining > 0) {
+ remaining -= 3;
+ if (remaining < 0)
+ goto decode_loser;
+
+ size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
+ if (size <= 0)
+ goto loser; /* fatal alert already sent by ConsumeHandshake. */
+
+ if (remaining < size)
+ goto decode_loser;
+
+ certItem.data = b;
+ certItem.len = size;
+ b += size;
+ length -= size;
+ remaining -= size;
+
+ c = PORT_ArenaNew(ss->ssl3.peerCertArena, ssl3CertNode);
+ if (c == NULL) {
+ goto loser; /* don't send alerts on memory errors */
+ }
+
+ c->cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
+ PR_FALSE, PR_TRUE);
+ if (c->cert == NULL) {
+ goto ambiguous_err;
+ }
+
+ c->next = NULL;
+ if (lastCert) {
+ lastCert->next = c;
+ } else {
+ ss->ssl3.peerCertChain = c;
+ }
+ lastCert = c;
+ }
+
+ if (remaining != 0)
+ goto decode_loser;
+
+ SECKEY_UpdateCertPQG(ss->sec.peerCert);
+
+ if (!isServer &&
+ ss->version < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ ssl3_ExtensionNegotiated(ss, ssl_cert_status_xtn)) {
+ ss->ssl3.hs.ws = wait_certificate_status;
+ rv = SECSuccess;
+ } else {
+ rv = ssl3_AuthCertificate(ss); /* sets ss->ssl3.hs.ws */
+ }
+
+ return rv;
+
+ambiguous_err:
+ errCode = PORT_GetError();
+ switch (errCode) {
+ case PR_OUT_OF_MEMORY_ERROR:
+ case SEC_ERROR_BAD_DATABASE:
+ case SEC_ERROR_NO_MEMORY:
+ if (isTLS) {
+ desc = internal_error;
+ goto alert_loser;
+ }
+ goto loser;
+ }
+ ssl3_SendAlertForCertError(ss, errCode);
+ goto loser;
+
+decode_loser:
+ desc = isTLS ? decode_error : bad_certificate;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+
+loser:
+ (void)ssl_MapLowLevelError(errCode);
+ return SECFailure;
+}
+
+SECStatus
+ssl3_AuthCertificate(sslSocket *ss)
+{
+ SECStatus rv;
+ PRBool isServer = ss->sec.isServer;
+ int errCode;
+
+ ss->ssl3.hs.authCertificatePending = PR_FALSE;
+
+ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all) ==
+ ssl_preinfo_all);
+ /*
+ * Ask caller-supplied callback function to validate cert chain.
+ */
+ rv = (SECStatus)(*ss->authCertificate)(ss->authCertificateArg, ss->fd,
+ PR_TRUE, isServer);
+ if (rv != SECSuccess) {
+ errCode = PORT_GetError();
+ if (rv != SECWouldBlock) {
+ if (ss->handleBadCert) {
+ rv = (*ss->handleBadCert)(ss->badCertArg, ss->fd);
+ }
+ }
+
+ if (rv == SECWouldBlock) {
+ if (ss->sec.isServer) {
+ errCode = SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS;
+ goto loser;
+ }
+
+ ss->ssl3.hs.authCertificatePending = PR_TRUE;
+ rv = SECSuccess;
+ }
+
+ if (rv != SECSuccess) {
+ ssl3_SendAlertForCertError(ss, errCode);
+ goto loser;
+ }
+ }
+
+ ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
+
+ if (!ss->sec.isServer) {
+ CERTCertificate *cert = ss->sec.peerCert;
+
+ /* set the server authentication type and size from the value
+ ** in the cert. */
+ SECKEYPublicKey *pubKey = CERT_ExtractPublicKey(cert);
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* These are filled in in tls13_HandleCertificateVerify and
+ * tls13_HandleServerKeyShare. */
+ ss->sec.authType = ss->ssl3.hs.kea_def->authKeyType;
+ ss->sec.keaType = ss->ssl3.hs.kea_def->exchKeyType;
+ }
+ if (pubKey) {
+ KeyType pubKeyType;
+ PRInt32 minKey;
+ /* This partly fixes Bug 124230 and may cause problems for
+ * callers which depend on the old (wrong) behavior. */
+ ss->sec.authKeyBits = SECKEY_PublicKeyStrengthInBits(pubKey);
+ pubKeyType = SECKEY_GetPublicKeyType(pubKey);
+ minKey = ss->sec.authKeyBits;
+ switch (pubKeyType) {
+ case rsaKey:
+ case rsaPssKey:
+ case rsaOaepKey:
+ rv =
+ NSS_OptionGet(NSS_RSA_MIN_KEY_SIZE, &minKey);
+ if (rv !=
+ SECSuccess) {
+ minKey =
+ SSL_RSA_MIN_MODULUS_BITS;
+ }
+ break;
+ case dsaKey:
+ rv =
+ NSS_OptionGet(NSS_DSA_MIN_KEY_SIZE, &minKey);
+ if (rv !=
+ SECSuccess) {
+ minKey =
+ SSL_DSA_MIN_P_BITS;
+ }
+ break;
+ case dhKey:
+ rv =
+ NSS_OptionGet(NSS_DH_MIN_KEY_SIZE, &minKey);
+ if (rv !=
+ SECSuccess) {
+ minKey =
+ SSL_DH_MIN_P_BITS;
+ }
+ break;
+ default:
+ break;
+ }
+
+ /* Too small: not good enough. Send a fatal alert. */
+ /* We aren't checking EC here on the understanding that we only
+ * support curves we like, a decision that might need revisiting. */
+ if (ss->sec.authKeyBits < minKey) {
+ PORT_SetError(SSL_ERROR_WEAK_SERVER_CERT_KEY);
+ (void)SSL3_SendAlert(ss, alert_fatal,
+ ss->version >= SSL_LIBRARY_VERSION_TLS_1_0
+ ? insufficient_security
+ : illegal_parameter);
+ SECKEY_DestroyPublicKey(pubKey);
+ return SECFailure;
+ }
+ SECKEY_DestroyPublicKey(pubKey);
+ pubKey = NULL;
+ }
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ TLS13_SET_HS_STATE(ss, wait_cert_verify);
+ } else {
+ /* Ephemeral suites require ServerKeyExchange. */
+ if (ss->ssl3.hs.kea_def->ephemeral) {
+ /* require server_key_exchange */
+ ss->ssl3.hs.ws = wait_server_key;
+ } else {
+ /* disallow server_key_exchange */
+ ss->ssl3.hs.ws = wait_cert_request;
+ /* This is static RSA key exchange so set the key exchange
+ * details to compensate for that. */
+ ss->sec.keaKeyBits = ss->sec.authKeyBits;
+ ss->sec.signatureScheme = ssl_sig_none;
+ ss->sec.keaGroup = NULL;
+ }
+ }
+ } else {
+ /* Server */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ ss->ssl3.hs.ws = wait_client_key;
+ } else {
+ TLS13_SET_HS_STATE(ss, wait_cert_verify);
+ }
+ }
+
+ PORT_Assert(rv == SECSuccess);
+ if (rv != SECSuccess) {
+ errCode = SEC_ERROR_LIBRARY_FAILURE;
+ goto loser;
+ }
+
+ return SECSuccess;
+
+loser:
+ (void)ssl_MapLowLevelError(errCode);
+ return SECFailure;
+}
+
+static SECStatus ssl3_FinishHandshake(sslSocket *ss);
+
+static SECStatus
+ssl3_AlwaysFail(sslSocket *ss)
+{
+ PORT_SetError(PR_INVALID_STATE_ERROR);
+ return SECFailure;
+}
+
+/* Caller must hold 1stHandshakeLock.
+*/
+SECStatus
+ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
+{
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+
+ if (ss->sec.isServer) {
+ PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS);
+ return SECFailure;
+ }
+
+ ssl_GetRecvBufLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ if (!ss->ssl3.hs.authCertificatePending) {
+ PORT_SetError(PR_INVALID_STATE_ERROR);
+ rv = SECFailure;
+ goto done;
+ }
+
+ ss->ssl3.hs.authCertificatePending = PR_FALSE;
+
+ if (error != 0) {
+ ss->ssl3.hs.restartTarget = ssl3_AlwaysFail;
+ ssl3_SendAlertForCertError(ss, error);
+ rv = SECSuccess;
+ } else if (ss->ssl3.hs.restartTarget != NULL) {
+ sslRestartTarget target = ss->ssl3.hs.restartTarget;
+ ss->ssl3.hs.restartTarget = NULL;
+
+ if (target == ssl3_FinishHandshake) {
+ SSL_TRC(3, ("%d: SSL3[%p]: certificate authentication lost the race"
+ " with peer's finished message",
+ SSL_GETPID(), ss->fd));
+ }
+
+ rv = target(ss);
+ /* Even if we blocked here, we have accomplished enough to claim
+ * success. Any remaining work will be taken care of by subsequent
+ * calls to SSL_ForceHandshake/PR_Send/PR_Read/etc.
+ */
+ if (rv == SECWouldBlock) {
+ rv = SECSuccess;
+ }
+ } else {
+ SSL_TRC(3, ("%d: SSL3[%p]: certificate authentication won the race with"
+ " peer's finished message",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(!ss->ssl3.hs.isResuming);
+ PORT_Assert(ss->ssl3.hs.ws != idle_handshake);
+
+ if (ss->opt.enableFalseStart &&
+ !ss->firstHsDone &&
+ !ss->ssl3.hs.isResuming &&
+ ssl3_WaitingForServerSecondRound(ss)) {
+ /* ssl3_SendClientSecondRound deferred the false start check because
+ * certificate authentication was pending, so we do it now if we still
+ * haven't received all of the server's second round yet.
+ */
+ rv = ssl3_CheckFalseStart(ss);
+ } else {
+ rv = SECSuccess;
+ }
+ }
+
+done:
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_ReleaseRecvBufLock(ss);
+
+ return rv;
+}
+
+static SECStatus
+ssl3_ComputeTLSFinished(sslSocket *ss, ssl3CipherSpec *spec,
+ PRBool isServer,
+ const SSL3Hashes *hashes,
+ TLSFinished *tlsFinished)
+{
+ SECStatus rv;
+ CK_TLS_MAC_PARAMS tls_mac_params;
+ SECItem param = { siBuffer, NULL, 0 };
+ PK11Context *prf_context;
+ unsigned int retLen;
+
+ if (!spec->master_secret) {
+ const char *label = isServer ? "server finished" : "client finished";
+ unsigned int len = 15;
+ HASH_HashType hashType = ssl3_GetTls12HashType(ss);
+ return ssl3_TLSPRFWithMasterSecret(spec, label, len, hashes->u.raw,
+ hashes->len, tlsFinished->verify_data,
+ sizeof tlsFinished->verify_data, hashType);
+ }
+
+ if (spec->version < SSL_LIBRARY_VERSION_TLS_1_2) {
+ tls_mac_params.prfMechanism = CKM_TLS_PRF;
+ } else {
+ tls_mac_params.prfMechanism = ssl3_GetPrfHashMechanism(ss);
+ }
+ tls_mac_params.ulMacLength = 12;
+ tls_mac_params.ulServerOrClient = isServer ? 1 : 2;
+ param.data = (unsigned char *)&tls_mac_params;
+ param.len = sizeof(tls_mac_params);
+ prf_context = PK11_CreateContextBySymKey(CKM_TLS_MAC, CKA_SIGN,
+ spec->master_secret, &param);
+ if (!prf_context)
+ return SECFailure;
+
+ rv = PK11_DigestBegin(prf_context);
+ rv |= PK11_DigestOp(prf_context, hashes->u.raw, hashes->len);
+ rv |= PK11_DigestFinal(prf_context, tlsFinished->verify_data, &retLen,
+ sizeof tlsFinished->verify_data);
+ PORT_Assert(rv != SECSuccess || retLen == sizeof tlsFinished->verify_data);
+
+ PK11_DestroyContext(prf_context, PR_TRUE);
+
+ return rv;
+}
+
+/* The calling function must acquire and release the appropriate
+ * lock (e.g., ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for
+ * ss->ssl3.crSpec).
+ */
+SECStatus
+ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, const char *label,
+ unsigned int labelLen, const unsigned char *val, unsigned int valLen,
+ unsigned char *out, unsigned int outLen, HASH_HashType tls12HashType)
+{
+ SECStatus rv = SECSuccess;
+
+ if (spec->master_secret) {
+ SECItem param = { siBuffer, NULL, 0 };
+ CK_MECHANISM_TYPE mech = CKM_TLS_PRF_GENERAL;
+ PK11Context *prf_context;
+ unsigned int retLen;
+
+ if (spec->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
+ mech = CKM_NSS_TLS_PRF_GENERAL_SHA256;
+ }
+ prf_context = PK11_CreateContextBySymKey(mech, CKA_SIGN,
+ spec->master_secret, &param);
+ if (!prf_context)
+ return SECFailure;
+
+ rv = PK11_DigestBegin(prf_context);
+ rv |= PK11_DigestOp(prf_context, (unsigned char *)label, labelLen);
+ rv |= PK11_DigestOp(prf_context, val, valLen);
+ rv |= PK11_DigestFinal(prf_context, out, &retLen, outLen);
+ PORT_Assert(rv != SECSuccess || retLen == outLen);
+
+ PK11_DestroyContext(prf_context, PR_TRUE);
+ } else {
+ PORT_Assert(spec->master_secret);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/* called from ssl3_SendClientSecondRound
+ * ssl3_HandleFinished
+ */
+static SECStatus
+ssl3_SendNextProto(sslSocket *ss)
+{
+ SECStatus rv;
+ int padding_len;
+ static const unsigned char padding[32] = { 0 };
+
+ if (ss->xtnData.nextProto.len == 0 ||
+ ss->xtnData.nextProtoState == SSL_NEXT_PROTO_SELECTED) {
+ return SECSuccess;
+ }
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ padding_len = 32 - ((ss->xtnData.nextProto.len + 2) % 32);
+
+ rv = ssl3_AppendHandshakeHeader(ss, next_proto, ss->xtnData.nextProto.len +
+ 2 +
+ padding_len);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshakeHeader */
+ }
+ rv = ssl3_AppendHandshakeVariable(ss, ss->xtnData.nextProto.data,
+ ss->xtnData.nextProto.len, 1);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake */
+ }
+ rv = ssl3_AppendHandshakeVariable(ss, padding, padding_len, 1);
+ if (rv != SECSuccess) {
+ return rv; /* error code set by AppendHandshake */
+ }
+ return rv;
+}
+
+/* called from ssl3_SendFinished
+ *
+ * This function is simply a debugging aid and therefore does not return a
+ * SECStatus. */
+static void
+ssl3_RecordKeyLog(sslSocket *ss)
+{
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
+ SECStatus rv;
+ SECItem *keyData;
+ char buf[14 /* "CLIENT_RANDOM " */ +
+ SSL3_RANDOM_LENGTH * 2 /* client_random */ +
+ 1 /* " " */ +
+ 48 * 2 /* master secret */ +
+ 1 /* new line */];
+ unsigned int j;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (!ssl_keylog_iob)
+ return;
+
+ rv = PK11_ExtractKeyValue(ss->ssl3.cwSpec->master_secret);
+ if (rv != SECSuccess)
+ return;
+
+ ssl_GetSpecReadLock(ss);
+
+ /* keyData does not need to be freed. */
+ keyData = PK11_GetKeyData(ss->ssl3.cwSpec->master_secret);
+ if (!keyData || !keyData->data || keyData->len != 48) {
+ ssl_ReleaseSpecReadLock(ss);
+ return;
+ }
+
+ /* https://developer.mozilla.org/en/NSS_Key_Log_Format */
+
+ /* There could be multiple, concurrent writers to the
+ * keylog, so we have to do everything in a single call to
+ * fwrite. */
+
+ memcpy(buf, "CLIENT_RANDOM ", 14);
+ j = 14;
+ hexEncode(buf + j, ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH);
+ j += SSL3_RANDOM_LENGTH * 2;
+ buf[j++] = ' ';
+ hexEncode(buf + j, keyData->data, 48);
+ j += 48 * 2;
+ buf[j++] = '\n';
+
+ PORT_Assert(j == sizeof(buf));
+
+ ssl_ReleaseSpecReadLock(ss);
+
+ if (fwrite(buf, sizeof(buf), 1, ssl_keylog_iob) != 1)
+ return;
+ fflush(ssl_keylog_iob);
+ return;
+#endif
+}
+
+/* called from ssl3_SendClientSecondRound
+ * ssl3_HandleClientHello
+ * ssl3_HandleFinished
+ */
+static SECStatus
+ssl3_SendFinished(sslSocket *ss, PRInt32 flags)
+{
+ ssl3CipherSpec *cwSpec;
+ PRBool isTLS;
+ PRBool isServer = ss->sec.isServer;
+ SECStatus rv;
+ SSL3Sender sender = isServer ? sender_server : sender_client;
+ SSL3Hashes hashes;
+ TLSFinished tlsFinished;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send finished handshake", SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ ssl_GetSpecReadLock(ss);
+ cwSpec = ss->ssl3.cwSpec;
+ isTLS = (PRBool)(cwSpec->version > SSL_LIBRARY_VERSION_3_0);
+ rv = ssl3_ComputeHandshakeHashes(ss, cwSpec, &hashes, sender);
+ if (isTLS && rv == SECSuccess) {
+ rv = ssl3_ComputeTLSFinished(ss, cwSpec, isServer, &hashes, &tlsFinished);
+ }
+ ssl_ReleaseSpecReadLock(ss);
+ if (rv != SECSuccess) {
+ goto fail; /* err code was set by ssl3_ComputeHandshakeHashes */
+ }
+
+ if (isTLS) {
+ if (isServer)
+ ss->ssl3.hs.finishedMsgs.tFinished[1] = tlsFinished;
+ else
+ ss->ssl3.hs.finishedMsgs.tFinished[0] = tlsFinished;
+ ss->ssl3.hs.finishedBytes = sizeof tlsFinished;
+ rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof tlsFinished);
+ if (rv != SECSuccess)
+ goto fail; /* err set by AppendHandshake. */
+ rv = ssl3_AppendHandshake(ss, &tlsFinished, sizeof tlsFinished);
+ if (rv != SECSuccess)
+ goto fail; /* err set by AppendHandshake. */
+ } else {
+ if (isServer)
+ ss->ssl3.hs.finishedMsgs.sFinished[1] = hashes.u.s;
+ else
+ ss->ssl3.hs.finishedMsgs.sFinished[0] = hashes.u.s;
+ PORT_Assert(hashes.len == sizeof hashes.u.s);
+ ss->ssl3.hs.finishedBytes = sizeof hashes.u.s;
+ rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof hashes.u.s);
+ if (rv != SECSuccess)
+ goto fail; /* err set by AppendHandshake. */
+ rv = ssl3_AppendHandshake(ss, &hashes.u.s, sizeof hashes.u.s);
+ if (rv != SECSuccess)
+ goto fail; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_FlushHandshake(ss, flags);
+ if (rv != SECSuccess) {
+ goto fail; /* error code set by ssl3_FlushHandshake */
+ }
+
+ ssl3_RecordKeyLog(ss);
+
+ return SECSuccess;
+
+fail:
+ return rv;
+}
+
+/* wrap the master secret, and put it into the SID.
+ * Caller holds the Spec read lock.
+ */
+SECStatus
+ssl3_CacheWrappedMasterSecret(sslSocket *ss, sslSessionID *sid,
+ ssl3CipherSpec *spec, SSLAuthType authType)
+{
+ PK11SymKey *wrappingKey = NULL;
+ PK11SlotInfo *symKeySlot;
+ void *pwArg = ss->pkcs11PinArg;
+ SECStatus rv = SECFailure;
+ PRBool isServer = ss->sec.isServer;
+ CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;
+
+ symKeySlot = PK11_GetSlotFromKey(spec->master_secret);
+ if (!isServer) {
+ int wrapKeyIndex;
+ int incarnation;
+
+ /* these next few functions are mere accessors and don't fail. */
+ sid->u.ssl3.masterWrapIndex = wrapKeyIndex =
+ PK11_GetCurrentWrapIndex(symKeySlot);
+ PORT_Assert(wrapKeyIndex == 0); /* array has only one entry! */
+
+ sid->u.ssl3.masterWrapSeries = incarnation =
+ PK11_GetSlotSeries(symKeySlot);
+ sid->u.ssl3.masterSlotID = PK11_GetSlotID(symKeySlot);
+ sid->u.ssl3.masterModuleID = PK11_GetModuleID(symKeySlot);
+ sid->u.ssl3.masterValid = PR_TRUE;
+ /* Get the default wrapping key, for wrapping the master secret before
+ * placing it in the SID cache entry. */
+ wrappingKey = PK11_GetWrapKey(symKeySlot, wrapKeyIndex,
+ CKM_INVALID_MECHANISM, incarnation,
+ pwArg);
+ if (wrappingKey) {
+ mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
+ } else {
+ int keyLength;
+ /* if the wrappingKey doesn't exist, attempt to create it.
+ * Note: we intentionally ignore errors here. If we cannot
+ * generate a wrapping key, it is not fatal to this SSL connection,
+ * but we will not be able to restart this session.
+ */
+ mechanism = PK11_GetBestWrapMechanism(symKeySlot);
+ keyLength = PK11_GetBestKeyLength(symKeySlot, mechanism);
+ /* Zero length means fixed key length algorithm, or error.
+ * It's ambiguous.
+ */
+ wrappingKey = PK11_KeyGen(symKeySlot, mechanism, NULL,
+ keyLength, pwArg);
+ if (wrappingKey) {
+ PK11_SetWrapKey(symKeySlot, wrapKeyIndex, wrappingKey);
+ }
+ }
+ } else {
+ /* server socket using session cache. */
+ mechanism = PK11_GetBestWrapMechanism(symKeySlot);
+ if (mechanism != CKM_INVALID_MECHANISM) {
+ wrappingKey =
+ ssl3_GetWrappingKey(ss, symKeySlot, ss->sec.serverCert,
+ mechanism, pwArg);
+ if (wrappingKey) {
+ mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
+ }
+ }
+ }
+
+ sid->u.ssl3.masterWrapMech = mechanism;
+ PK11_FreeSlot(symKeySlot);
+
+ if (wrappingKey) {
+ SECItem wmsItem;
+
+ wmsItem.data = sid->u.ssl3.keys.wrapped_master_secret;
+ wmsItem.len = sizeof sid->u.ssl3.keys.wrapped_master_secret;
+ rv = PK11_WrapSymKey(mechanism, NULL, wrappingKey,
+ spec->master_secret, &wmsItem);
+ /* rv is examined below. */
+ sid->u.ssl3.keys.wrapped_master_secret_len = wmsItem.len;
+ PK11_FreeSymKey(wrappingKey);
+ }
+ return rv;
+}
+
+/* Called from ssl3_HandlePostHelloHandshakeMessage() when it has deciphered
+ * a complete ssl3 Finished message from the peer.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes)
+{
+ sslSessionID *sid = ss->sec.ci.sid;
+ SECStatus rv = SECSuccess;
+ PRBool isServer = ss->sec.isServer;
+ PRBool isTLS;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle finished handshake",
+ SSL_GETPID(), ss->fd));
+
+ if (ss->ssl3.hs.ws != wait_finished) {
+ SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_FINISHED);
+ return SECFailure;
+ }
+
+ if (!hashes) {
+ PORT_Assert(0);
+ SSL3_SendAlert(ss, alert_fatal, internal_error);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ isTLS = (PRBool)(ss->ssl3.crSpec->version > SSL_LIBRARY_VERSION_3_0);
+ if (isTLS) {
+ TLSFinished tlsFinished;
+
+ if (length != sizeof(tlsFinished)) {
+#ifndef UNSAFE_FUZZER_MODE
+ (void)SSL3_SendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
+ return SECFailure;
+#endif
+ }
+ rv = ssl3_ComputeTLSFinished(ss, ss->ssl3.crSpec, !isServer,
+ hashes, &tlsFinished);
+ if (!isServer)
+ ss->ssl3.hs.finishedMsgs.tFinished[1] = tlsFinished;
+ else
+ ss->ssl3.hs.finishedMsgs.tFinished[0] = tlsFinished;
+ ss->ssl3.hs.finishedBytes = sizeof(tlsFinished);
+ if (rv != SECSuccess ||
+ 0 != NSS_SecureMemcmp(&tlsFinished, b,
+ PR_MIN(length, ss->ssl3.hs.finishedBytes))) {
+#ifndef UNSAFE_FUZZER_MODE
+ (void)SSL3_SendAlert(ss, alert_fatal, decrypt_error);
+ PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ return SECFailure;
+#endif
+ }
+ } else {
+ if (length != sizeof(SSL3Finished)) {
+ (void)ssl3_IllegalParameter(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
+ return SECFailure;
+ }
+
+ if (!isServer)
+ ss->ssl3.hs.finishedMsgs.sFinished[1] = hashes->u.s;
+ else
+ ss->ssl3.hs.finishedMsgs.sFinished[0] = hashes->u.s;
+ PORT_Assert(hashes->len == sizeof hashes->u.s);
+ ss->ssl3.hs.finishedBytes = sizeof hashes->u.s;
+ if (0 != NSS_SecureMemcmp(&hashes->u.s, b, length)) {
+ (void)ssl3_HandshakeFailure(ss);
+ PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ return SECFailure;
+ }
+ }
+
+ ssl_GetXmitBufLock(ss); /*************************************/
+
+ if ((isServer && !ss->ssl3.hs.isResuming) ||
+ (!isServer && ss->ssl3.hs.isResuming)) {
+ PRInt32 flags = 0;
+
+ /* Send a NewSessionTicket message if the client sent us
+ * either an empty session ticket, or one that did not verify.
+ * (Note that if either of these conditions was met, then the
+ * server has sent a SessionTicket extension in the
+ * ServerHello message.)
+ */
+ if (isServer && !ss->ssl3.hs.isResuming &&
+ ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn) &&
+ ssl3_KEASupportsTickets(ss->ssl3.hs.kea_def)) {
+ /* RFC 5077 Section 3.3: "In the case of a full handshake, the
+ * server MUST verify the client's Finished message before sending
+ * the ticket." Presumably, this also means that the client's
+ * certificate, if any, must be verified beforehand too.
+ */
+ rv = ssl3_SendNewSessionTicket(ss);
+ if (rv != SECSuccess) {
+ goto xmit_loser;
+ }
+ }
+
+ rv = ssl3_SendChangeCipherSpecs(ss);
+ if (rv != SECSuccess) {
+ goto xmit_loser; /* err is set. */
+ }
+ /* If this thread is in SSL_SecureSend (trying to write some data)
+ ** then set the ssl_SEND_FLAG_FORCE_INTO_BUFFER flag, so that the
+ ** last two handshake messages (change cipher spec and finished)
+ ** will be sent in the same send/write call as the application data.
+ */
+ if (ss->writerThread == PR_GetCurrentThread()) {
+ flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER;
+ }
+
+ if (!isServer && !ss->firstHsDone) {
+ rv = ssl3_SendNextProto(ss);
+ if (rv != SECSuccess) {
+ goto xmit_loser; /* err code was set. */
+ }
+ }
+
+ if (IS_DTLS(ss)) {
+ flags |= ssl_SEND_FLAG_NO_RETRANSMIT;
+ }
+
+ rv = ssl3_SendFinished(ss, flags);
+ if (rv != SECSuccess) {
+ goto xmit_loser; /* err is set. */
+ }
+ }
+
+xmit_loser:
+ ssl_ReleaseXmitBufLock(ss); /*************************************/
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ if (sid->cached == never_cached && !ss->opt.noCache) {
+ rv = ssl3_FillInCachedSID(ss, sid);
+
+ /* If the wrap failed, we don't cache the sid.
+ * The connection continues normally however.
+ */
+ ss->ssl3.hs.cacheSID = rv == SECSuccess;
+ }
+
+ if (ss->ssl3.hs.authCertificatePending) {
+ if (ss->ssl3.hs.restartTarget) {
+ PR_NOT_REACHED("ssl3_HandleFinished: unexpected restartTarget");
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ ss->ssl3.hs.restartTarget = ssl3_FinishHandshake;
+ return SECWouldBlock;
+ }
+
+ rv = ssl3_FinishHandshake(ss);
+ return rv;
+}
+
+SECStatus
+ssl3_FillInCachedSID(sslSocket *ss, sslSessionID *sid)
+{
+ SECStatus rv;
+
+ /* fill in the sid */
+ sid->u.ssl3.cipherSuite = ss->ssl3.hs.cipher_suite;
+ sid->u.ssl3.compression = ss->ssl3.hs.compression;
+ sid->u.ssl3.policy = ss->ssl3.policy;
+ sid->version = ss->version;
+ sid->authType = ss->sec.authType;
+ sid->authKeyBits = ss->sec.authKeyBits;
+ sid->keaType = ss->sec.keaType;
+ sid->keaKeyBits = ss->sec.keaKeyBits;
+ sid->lastAccessTime = sid->creationTime = ssl_Time();
+ sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
+ sid->localCert = CERT_DupCertificate(ss->sec.localCert);
+ if (ss->sec.isServer) {
+ memcpy(&sid->certType, &ss->sec.serverCert->certType, sizeof(sid->certType));
+ } else {
+ sid->certType.authType = ssl_auth_null;
+ }
+
+ if (ss->xtnData.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT &&
+ ss->xtnData.nextProto.data) {
+ if (SECITEM_CopyItem(
+ NULL, &sid->u.ssl3.alpnSelection, &ss->xtnData.nextProto) != SECSuccess) {
+ return SECFailure; /* error already set. */
+ }
+ }
+
+ ssl_GetSpecReadLock(ss); /*************************************/
+
+ /* Copy the master secret (wrapped or unwrapped) into the sid */
+ if (ss->ssl3.crSpec->msItem.len && ss->ssl3.crSpec->msItem.data) {
+ sid->u.ssl3.keys.wrapped_master_secret_len =
+ ss->ssl3.crSpec->msItem.len;
+ memcpy(sid->u.ssl3.keys.wrapped_master_secret,
+ ss->ssl3.crSpec->msItem.data, ss->ssl3.crSpec->msItem.len);
+ sid->u.ssl3.masterValid = PR_TRUE;
+ sid->u.ssl3.keys.msIsWrapped = PR_FALSE;
+ rv = SECSuccess;
+ } else {
+ rv = ssl3_CacheWrappedMasterSecret(ss, ss->sec.ci.sid,
+ ss->ssl3.crSpec,
+ ss->ssl3.hs.kea_def->authKeyType);
+ sid->u.ssl3.keys.msIsWrapped = PR_TRUE;
+ }
+ ssl_ReleaseSpecReadLock(ss); /*************************************/
+
+ return rv;
+}
+
+/* The return type is SECStatus instead of void because this function needs
+ * to have type sslRestartTarget.
+ */
+SECStatus
+ssl3_FinishHandshake(sslSocket *ss)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->ssl3.hs.restartTarget == NULL);
+
+ /* The first handshake is now completed. */
+ ss->handshake = NULL;
+
+ /* RFC 5077 Section 3.3: "The client MUST NOT treat the ticket as valid
+ * until it has verified the server's Finished message." When the server
+ * sends a NewSessionTicket in a resumption handshake, we must wait until
+ * the handshake is finished (we have verified the server's Finished
+ * AND the server's certificate) before we update the ticket in the sid.
+ *
+ * This must be done before we call ss->sec.cache(ss->sec.ci.sid)
+ * because CacheSID requires the session ticket to already be set, and also
+ * because of the lazy lock creation scheme used by CacheSID and
+ * ssl3_SetSIDSessionTicket.
+ */
+ if (ss->ssl3.hs.receivedNewSessionTicket) {
+ PORT_Assert(!ss->sec.isServer);
+ ssl3_SetSIDSessionTicket(ss->sec.ci.sid, &ss->ssl3.hs.newSessionTicket);
+ /* The sid took over the ticket data */
+ PORT_Assert(!ss->ssl3.hs.newSessionTicket.ticket.data);
+ ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE;
+ }
+
+ if (ss->ssl3.hs.cacheSID) {
+ PORT_Assert(ss->sec.ci.sid->cached == never_cached);
+ ss->sec.cache(ss->sec.ci.sid);
+ ss->ssl3.hs.cacheSID = PR_FALSE;
+ }
+
+ ss->ssl3.hs.canFalseStart = PR_FALSE; /* False Start phase is complete */
+ ss->ssl3.hs.ws = idle_handshake;
+
+ ssl_FinishHandshake(ss);
+
+ return SECSuccess;
+}
+
+/* Called from ssl3_HandleHandshake() when it has gathered a complete ssl3
+ * hanshake message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+SECStatus
+ssl3_HandleHandshakeMessage(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ PRBool endOfRecord)
+{
+ SECStatus rv = SECSuccess;
+ SSL3HandshakeType type = ss->ssl3.hs.msg_type;
+ SSL3Hashes hashes; /* computed hashes are put here. */
+ SSL3Hashes *hashesPtr = NULL; /* Set when hashes are computed */
+ PRUint8 hdr[4];
+ PRUint8 dtlsData[8];
+ PRBool computeHashes = PR_FALSE;
+ PRUint16 epoch;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ /*
+ * We have to compute the hashes before we update them with the
+ * current message.
+ */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ if ((type == finished) && (ss->ssl3.hs.ws == wait_finished)) {
+ computeHashes = PR_TRUE;
+ } else if ((type == certificate_verify) && (ss->ssl3.hs.ws == wait_cert_verify)) {
+ if (ss->ssl3.hs.hashType == handshake_hash_record) {
+ /* We cannot compute the hash yet. We must wait until we have
+ * decoded the certificate_verify message in
+ * ssl3_HandleCertificateVerify, which will tell us which
+ * hash function we must use.
+ *
+ * (ssl3_HandleCertificateVerify cannot simply look at the
+ * buffer length itself, because at the time we reach it,
+ * additional handshake messages will have been added to the
+ * buffer, e.g. the certificate_verify message itself.)
+ *
+ * Therefore, we use SSL3Hashes.u.transcriptLen to save how much
+ * data there is and read directly from ss->ssl3.hs.messages
+ * when calculating the hashes.
+ *
+ * ssl3_HandleCertificateVerify will detect
+ * hashType == handshake_hash_record
+ * and use that information to calculate the hash.
+ */
+ hashes.u.transcriptLen = ss->ssl3.hs.messages.len;
+ hashesPtr = &hashes;
+ } else {
+ computeHashes = PR_TRUE;
+ }
+ }
+ } else {
+ if (type == certificate_verify) {
+ computeHashes = TLS13_IN_HS_STATE(ss, wait_cert_verify);
+ } else if (type == finished) {
+ computeHashes =
+ TLS13_IN_HS_STATE(ss, wait_cert_request, wait_finished);
+ }
+ }
+
+ ssl_GetSpecReadLock(ss); /************************************/
+ if (computeHashes) {
+ SSL3Sender sender = (SSL3Sender)0;
+ ssl3CipherSpec *rSpec = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 ? ss->ssl3.crSpec
+ : ss->ssl3.prSpec;
+
+ if (type == finished) {
+ sender = ss->sec.isServer ? sender_client : sender_server;
+ rSpec = ss->ssl3.crSpec;
+ }
+ rv = ssl3_ComputeHandshakeHashes(ss, rSpec, &hashes, sender);
+ if (rv == SECSuccess) {
+ hashesPtr = &hashes;
+ }
+ }
+ ssl_ReleaseSpecReadLock(ss); /************************************/
+ if (rv != SECSuccess) {
+ return rv; /* error code was set by ssl3_ComputeHandshakeHashes*/
+ }
+ SSL_TRC(30, ("%d: SSL3[%d]: handle handshake message: %s", SSL_GETPID(),
+ ss->fd, ssl3_DecodeHandshakeType(ss->ssl3.hs.msg_type)));
+
+ hdr[0] = (PRUint8)ss->ssl3.hs.msg_type;
+ hdr[1] = (PRUint8)(length >> 16);
+ hdr[2] = (PRUint8)(length >> 8);
+ hdr[3] = (PRUint8)(length);
+
+ /* Start new handshake hashes when we start a new handshake. Unless this is
+ * TLS 1.3 and we sent a HelloRetryRequest. */
+ if (ss->ssl3.hs.msg_type == client_hello && !ss->ssl3.hs.helloRetry) {
+ rv = ssl3_RestartHandshakeHashes(ss);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ /* We should not include hello_request and hello_verify_request messages
+ * in the handshake hashes */
+ if ((ss->ssl3.hs.msg_type != hello_request) &&
+ (ss->ssl3.hs.msg_type != hello_verify_request)) {
+ rv = ssl3_UpdateHandshakeHashes(ss, (unsigned char *)hdr, 4);
+ if (rv != SECSuccess)
+ return rv; /* err code already set. */
+
+ /* Extra data to simulate a complete DTLS handshake fragment */
+ if (IS_DTLS(ss)) {
+ /* Sequence number */
+ dtlsData[0] = MSB(ss->ssl3.hs.recvMessageSeq);
+ dtlsData[1] = LSB(ss->ssl3.hs.recvMessageSeq);
+
+ /* Fragment offset */
+ dtlsData[2] = 0;
+ dtlsData[3] = 0;
+ dtlsData[4] = 0;
+
+ /* Fragment length */
+ dtlsData[5] = (PRUint8)(length >> 16);
+ dtlsData[6] = (PRUint8)(length >> 8);
+ dtlsData[7] = (PRUint8)(length);
+
+ rv = ssl3_UpdateHandshakeHashes(ss, (unsigned char *)dtlsData,
+ sizeof(dtlsData));
+ if (rv != SECSuccess)
+ return rv; /* err code already set. */
+ }
+
+ /* The message body */
+ rv = ssl3_UpdateHandshakeHashes(ss, b, length);
+ if (rv != SECSuccess)
+ return rv; /* err code already set. */
+ }
+
+ PORT_SetError(0); /* each message starts with no error. */
+
+ if (ss->ssl3.hs.ws == wait_certificate_status &&
+ ss->ssl3.hs.msg_type != certificate_status) {
+ /* If we negotiated the certificate_status extension then we deferred
+ * certificate validation until we get the CertificateStatus messsage.
+ * But the CertificateStatus message is optional. If the server did
+ * not send it then we need to validate the certificate now. If the
+ * server does send the CertificateStatus message then we will
+ * authenticate the certificate in ssl3_HandleCertificateStatus.
+ */
+ rv = ssl3_AuthCertificate(ss); /* sets ss->ssl3.hs.ws */
+ PORT_Assert(rv != SECWouldBlock);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ epoch = ss->ssl3.crSpec->epoch;
+ switch (ss->ssl3.hs.msg_type) {
+ case client_hello:
+ if (!ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO);
+ return SECFailure;
+ }
+ rv = ssl3_HandleClientHello(ss, b, length);
+ break;
+ case server_hello:
+ if (ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO);
+ return SECFailure;
+ }
+ rv = ssl3_HandleServerHello(ss, b, length);
+ break;
+ default:
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = ssl3_HandlePostHelloHandshakeMessage(ss, b, length, hashesPtr);
+ } else {
+ rv = tls13_HandlePostHelloHandshakeMessage(ss, b, length,
+ hashesPtr);
+ }
+ break;
+ }
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
+ (epoch != ss->ssl3.crSpec->epoch) && !endOfRecord) {
+ /* If we changed read cipher states, there must not be any
+ * data in the input queue. */
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE);
+ return SECFailure;
+ }
+
+ if (IS_DTLS(ss) && (rv != SECFailure)) {
+ /* Increment the expected sequence number */
+ ss->ssl3.hs.recvMessageSeq++;
+ }
+ return rv;
+}
+
+static SECStatus
+ssl3_HandlePostHelloHandshakeMessage(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length, SSL3Hashes *hashesPtr)
+{
+ SECStatus rv;
+ PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3);
+
+ switch (ss->ssl3.hs.msg_type) {
+ case hello_request:
+ if (length != 0) {
+ (void)ssl3_DecodeError(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST);
+ return SECFailure;
+ }
+ if (ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
+ return SECFailure;
+ }
+ rv = ssl3_HandleHelloRequest(ss);
+ break;
+
+ case hello_retry_request:
+ /* This arrives here because - as a client - we haven't received a
+ * final decision on the version from the server. */
+ rv = tls13_HandleHelloRetryRequest(ss, b, length);
+ break;
+
+ case hello_verify_request:
+ if (!IS_DTLS(ss) || ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST);
+ return SECFailure;
+ }
+ rv = dtls_HandleHelloVerifyRequest(ss, b, length);
+ break;
+ case certificate:
+ rv = ssl3_HandleCertificate(ss, b, length);
+ break;
+ case certificate_status:
+ rv = ssl3_HandleCertificateStatus(ss, b, length);
+ break;
+ case server_key_exchange:
+ if (ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
+ return SECFailure;
+ }
+ rv = ssl3_HandleServerKeyExchange(ss, b, length);
+ break;
+ case certificate_request:
+ if (ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST);
+ return SECFailure;
+ }
+ rv = ssl3_HandleCertificateRequest(ss, b, length);
+ break;
+ case server_hello_done:
+ if (length != 0) {
+ (void)ssl3_DecodeError(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_DONE);
+ return SECFailure;
+ }
+ if (ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
+ return SECFailure;
+ }
+ rv = ssl3_HandleServerHelloDone(ss);
+ break;
+ case certificate_verify:
+ if (!ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY);
+ return SECFailure;
+ }
+ rv = ssl3_HandleCertificateVerify(ss, b, length, hashesPtr);
+ break;
+ case client_key_exchange:
+ if (!ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
+ return SECFailure;
+ }
+ rv = ssl3_HandleClientKeyExchange(ss, b, length);
+ break;
+ case new_session_ticket:
+ if (ss->sec.isServer) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET);
+ return SECFailure;
+ }
+ rv = ssl3_HandleNewSessionTicket(ss, b, length);
+ break;
+ case finished:
+ rv = ssl3_HandleFinished(ss, b, length, hashesPtr);
+ break;
+ default:
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNKNOWN_HANDSHAKE);
+ rv = SECFailure;
+ }
+
+ return rv;
+}
+
+/* Called only from ssl3_HandleRecord, for each (deciphered) ssl3 record.
+ * origBuf is the decrypted ssl record content.
+ * Caller must hold the handshake and RecvBuf locks.
+ */
+static SECStatus
+ssl3_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
+{
+ /*
+ * There may be a partial handshake message already in the handshake
+ * state. The incoming buffer may contain another portion, or a
+ * complete message or several messages followed by another portion.
+ *
+ * Each message is made contiguous before being passed to the actual
+ * message parser.
+ */
+ sslBuffer *buf = &ss->ssl3.hs.msgState; /* do not lose the original buffer pointer */
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (buf->buf == NULL) {
+ *buf = *origBuf;
+ }
+ while (buf->len > 0) {
+ if (ss->ssl3.hs.header_bytes < 4) {
+ PRUint8 t;
+ t = *(buf->buf++);
+ buf->len--;
+ if (ss->ssl3.hs.header_bytes++ == 0)
+ ss->ssl3.hs.msg_type = (SSL3HandshakeType)t;
+ else
+ ss->ssl3.hs.msg_len = (ss->ssl3.hs.msg_len << 8) + t;
+ if (ss->ssl3.hs.header_bytes < 4)
+ continue;
+
+#define MAX_HANDSHAKE_MSG_LEN 0x1ffff /* 128k - 1 */
+ if (ss->ssl3.hs.msg_len > MAX_HANDSHAKE_MSG_LEN) {
+ (void)ssl3_DecodeError(ss);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ return SECFailure;
+ }
+#undef MAX_HANDSHAKE_MSG_LEN
+
+ /* If msg_len is zero, be sure we fall through,
+ ** even if buf->len is zero.
+ */
+ if (ss->ssl3.hs.msg_len > 0)
+ continue;
+ }
+
+ /*
+ * Header has been gathered and there is at least one byte of new
+ * data available for this message. If it can be done right out
+ * of the original buffer, then use it from there.
+ */
+ if (ss->ssl3.hs.msg_body.len == 0 && buf->len >= ss->ssl3.hs.msg_len) {
+ /* handle it from input buffer */
+ rv = ssl3_HandleHandshakeMessage(ss, buf->buf, ss->ssl3.hs.msg_len,
+ buf->len == ss->ssl3.hs.msg_len);
+ if (rv == SECFailure) {
+ /* This test wants to fall through on either
+ * SECSuccess or SECWouldBlock.
+ * ssl3_HandleHandshakeMessage MUST set the error code.
+ */
+ return rv;
+ }
+ buf->buf += ss->ssl3.hs.msg_len;
+ buf->len -= ss->ssl3.hs.msg_len;
+ ss->ssl3.hs.msg_len = 0;
+ ss->ssl3.hs.header_bytes = 0;
+ if (rv != SECSuccess) { /* return if SECWouldBlock. */
+ return rv;
+ }
+ } else {
+ /* must be copied to msg_body and dealt with from there */
+ unsigned int bytes;
+
+ PORT_Assert(ss->ssl3.hs.msg_body.len < ss->ssl3.hs.msg_len);
+ bytes = PR_MIN(buf->len, ss->ssl3.hs.msg_len - ss->ssl3.hs.msg_body.len);
+
+ /* Grow the buffer if needed */
+ rv = sslBuffer_Grow(&ss->ssl3.hs.msg_body, ss->ssl3.hs.msg_len);
+ if (rv != SECSuccess) {
+ /* sslBuffer_Grow has set a memory error code. */
+ return SECFailure;
+ }
+
+ PORT_Memcpy(ss->ssl3.hs.msg_body.buf + ss->ssl3.hs.msg_body.len,
+ buf->buf, bytes);
+ ss->ssl3.hs.msg_body.len += bytes;
+ buf->buf += bytes;
+ buf->len -= bytes;
+
+ PORT_Assert(ss->ssl3.hs.msg_body.len <= ss->ssl3.hs.msg_len);
+
+ /* if we have a whole message, do it */
+ if (ss->ssl3.hs.msg_body.len == ss->ssl3.hs.msg_len) {
+ rv = ssl3_HandleHandshakeMessage(
+ ss, ss->ssl3.hs.msg_body.buf, ss->ssl3.hs.msg_len,
+ buf->len == 0);
+ if (rv == SECFailure) {
+ /* This test wants to fall through on either
+ * SECSuccess or SECWouldBlock.
+ * ssl3_HandleHandshakeMessage MUST set error code.
+ */
+ return rv;
+ }
+ ss->ssl3.hs.msg_body.len = 0;
+ ss->ssl3.hs.msg_len = 0;
+ ss->ssl3.hs.header_bytes = 0;
+ if (rv != SECSuccess) { /* return if SECWouldBlock. */
+ return rv;
+ }
+ } else {
+ PORT_Assert(buf->len == 0);
+ break;
+ }
+ }
+ } /* end loop */
+
+ origBuf->len = 0; /* So ssl3_GatherAppDataRecord will keep looping. */
+ buf->buf = NULL; /* not a leak. */
+ return SECSuccess;
+}
+
+/* These macros return the given value with the MSB copied to all the other
+ * bits. They use the fact that arithmetic shift shifts-in the sign bit.
+ * However, this is not ensured by the C standard so you may need to replace
+ * them with something else for odd compilers. */
+#define DUPLICATE_MSB_TO_ALL(x) ((unsigned)((int)(x) >> (sizeof(int) * 8 - 1)))
+#define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned char)(DUPLICATE_MSB_TO_ALL(x)))
+
+/* SECStatusToMask returns, in constant time, a mask value of all ones if
+ * rv == SECSuccess. Otherwise it returns zero. */
+static unsigned int
+SECStatusToMask(SECStatus rv)
+{
+ unsigned int good;
+ /* rv ^ SECSuccess is zero iff rv == SECSuccess. Subtracting one results
+ * in the MSB being set to one iff it was zero before. */
+ good = rv ^ SECSuccess;
+ good--;
+ return DUPLICATE_MSB_TO_ALL(good);
+}
+
+/* ssl_ConstantTimeGE returns 0xff if a>=b and 0x00 otherwise. */
+static unsigned char
+ssl_ConstantTimeGE(unsigned int a, unsigned int b)
+{
+ a -= b;
+ return DUPLICATE_MSB_TO_ALL(~a);
+}
+
+/* ssl_ConstantTimeEQ8 returns 0xff if a==b and 0x00 otherwise. */
+static unsigned char
+ssl_ConstantTimeEQ8(unsigned char a, unsigned char b)
+{
+ unsigned int c = a ^ b;
+ c--;
+ return DUPLICATE_MSB_TO_ALL_8(c);
+}
+
+/* ssl_constantTimeSelect return a if mask is 0xFF and b if mask is 0x00 */
+static unsigned char
+ssl_constantTimeSelect(unsigned char mask, unsigned char a, unsigned char b)
+{
+ return (mask & a) | (~mask & b);
+}
+
+static SECStatus
+ssl_RemoveSSLv3CBCPadding(sslBuffer *plaintext,
+ unsigned int blockSize,
+ unsigned int macSize)
+{
+ unsigned int paddingLength, good, t;
+ const unsigned int overhead = 1 /* padding length byte */ + macSize;
+
+ /* These lengths are all public so we can test them in non-constant
+ * time. */
+ if (overhead > plaintext->len) {
+ return SECFailure;
+ }
+
+ paddingLength = plaintext->buf[plaintext->len - 1];
+ /* SSLv3 padding bytes are random and cannot be checked. */
+ t = plaintext->len;
+ t -= paddingLength + overhead;
+ /* If len >= paddingLength+overhead then the MSB of t is zero. */
+ good = DUPLICATE_MSB_TO_ALL(~t);
+ /* SSLv3 requires that the padding is minimal. */
+ t = blockSize - (paddingLength + 1);
+ good &= DUPLICATE_MSB_TO_ALL(~t);
+ plaintext->len -= good & (paddingLength + 1);
+ return (good & SECSuccess) | (~good & SECFailure);
+}
+
+SECStatus
+ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize)
+{
+ unsigned int paddingLength, good, t, toCheck, i;
+ const unsigned int overhead = 1 /* padding length byte */ + macSize;
+
+ /* These lengths are all public so we can test them in non-constant
+ * time. */
+ if (overhead > plaintext->len) {
+ return SECFailure;
+ }
+
+ paddingLength = plaintext->buf[plaintext->len - 1];
+ t = plaintext->len;
+ t -= paddingLength + overhead;
+ /* If len >= paddingLength+overhead then the MSB of t is zero. */
+ good = DUPLICATE_MSB_TO_ALL(~t);
+
+ /* The padding consists of a length byte at the end of the record and then
+ * that many bytes of padding, all with the same value as the length byte.
+ * Thus, with the length byte included, there are paddingLength+1 bytes of
+ * padding.
+ *
+ * We can't check just |paddingLength+1| bytes because that leaks
+ * decrypted information. Therefore we always have to check the maximum
+ * amount of padding possible. (Again, the length of the record is
+ * public information so we can use it.) */
+ toCheck = 256; /* maximum amount of padding + 1. */
+ if (toCheck > plaintext->len) {
+ toCheck = plaintext->len;
+ }
+
+ for (i = 0; i < toCheck; i++) {
+ unsigned int t = paddingLength - i;
+ /* If i <= paddingLength then the MSB of t is zero and mask is
+ * 0xff. Otherwise, mask is 0. */
+ unsigned char mask = DUPLICATE_MSB_TO_ALL(~t);
+ unsigned char b = plaintext->buf[plaintext->len - 1 - i];
+ /* The final |paddingLength+1| bytes should all have the value
+ * |paddingLength|. Therefore the XOR should be zero. */
+ good &= ~(mask & (paddingLength ^ b));
+ }
+
+ /* If any of the final |paddingLength+1| bytes had the wrong value,
+ * one or more of the lower eight bits of |good| will be cleared. We
+ * AND the bottom 8 bits together and duplicate the result to all the
+ * bits. */
+ good &= good >> 4;
+ good &= good >> 2;
+ good &= good >> 1;
+ good <<= sizeof(good) * 8 - 1;
+ good = DUPLICATE_MSB_TO_ALL(good);
+
+ plaintext->len -= good & (paddingLength + 1);
+ return (good & SECSuccess) | (~good & SECFailure);
+}
+
+/* On entry:
+ * originalLength >= macSize
+ * macSize <= MAX_MAC_LENGTH
+ * plaintext->len >= macSize
+ */
+static void
+ssl_CBCExtractMAC(sslBuffer *plaintext,
+ unsigned int originalLength,
+ SSL3Opaque *out,
+ unsigned int macSize)
+{
+ unsigned char rotatedMac[MAX_MAC_LENGTH];
+ /* macEnd is the index of |plaintext->buf| just after the end of the
+ * MAC. */
+ unsigned macEnd = plaintext->len;
+ unsigned macStart = macEnd - macSize;
+ /* scanStart contains the number of bytes that we can ignore because
+ * the MAC's position can only vary by 255 bytes. */
+ unsigned scanStart = 0;
+ unsigned i, j;
+ unsigned char rotateOffset;
+
+ if (originalLength > macSize + 255 + 1) {
+ scanStart = originalLength - (macSize + 255 + 1);
+ }
+
+ /* We want to compute
+ * rotateOffset = (macStart - scanStart) % macSize
+ * But the time to compute this varies based on the amount of padding. Thus
+ * we explicitely handle all mac sizes with (hopefully) constant time modulo
+ * using Barrett reduction:
+ * q := (rotateOffset * m) >> k
+ * rotateOffset -= q * n
+ * if (n <= rotateOffset) rotateOffset -= n
+ */
+ rotateOffset = macStart - scanStart;
+ /* rotateOffset < 255 + 1 + 48 = 304 */
+ if (macSize == 16) {
+ rotateOffset &= 15;
+ } else if (macSize == 20) {
+ /*
+ * Correctness: rotateOffset * ( 1/20 - 25/2^9 ) < 1
+ * with rotateOffset <= 853
+ */
+ unsigned q = (rotateOffset * 25) >> 9;
+ rotateOffset -= q * 20;
+ rotateOffset -= ssl_constantTimeSelect(ssl_ConstantTimeGE(rotateOffset, 20),
+ 20, 0);
+ } else if (macSize == 32) {
+ rotateOffset &= 31;
+ } else if (macSize == 48) {
+ /*
+ * Correctness: rotateOffset * ( 1/48 - 10/2^9 ) < 1
+ * with rotateOffset < 768
+ */
+ unsigned q = (rotateOffset * 10) >> 9;
+ rotateOffset -= q * 48;
+ rotateOffset -= ssl_constantTimeSelect(ssl_ConstantTimeGE(rotateOffset, 48),
+ 48, 0);
+ } else {
+ /*
+ * SHA384 (macSize == 48) is the largest we support. We should never
+ * get here.
+ */
+ PORT_Assert(0);
+ rotateOffset = rotateOffset % macSize;
+ }
+
+ memset(rotatedMac, 0, macSize);
+ for (i = scanStart; i < originalLength;) {
+ for (j = 0; j < macSize && i < originalLength; i++, j++) {
+ unsigned char macStarted = ssl_ConstantTimeGE(i, macStart);
+ unsigned char macEnded = ssl_ConstantTimeGE(i, macEnd);
+ unsigned char b = 0;
+ b = plaintext->buf[i];
+ rotatedMac[j] |= b & macStarted & ~macEnded;
+ }
+ }
+
+ /* Now rotate the MAC. If we knew that the MAC fit into a CPU cache line
+ * we could line-align |rotatedMac| and rotate in place. */
+ memset(out, 0, macSize);
+ rotateOffset = macSize - rotateOffset;
+ rotateOffset = ssl_constantTimeSelect(ssl_ConstantTimeGE(rotateOffset, macSize),
+ 0, rotateOffset);
+ for (i = 0; i < macSize; i++) {
+ for (j = 0; j < macSize; j++) {
+ out[j] |= rotatedMac[i] & ssl_ConstantTimeEQ8(j, rotateOffset);
+ }
+ rotateOffset++;
+ rotateOffset = ssl_constantTimeSelect(ssl_ConstantTimeGE(rotateOffset, macSize),
+ 0, rotateOffset);
+ }
+}
+
+/* Unprotect an SSL3 record and leave the result in plaintext.
+ *
+ * If SECFailure is returned, we:
+ * 1. Set |*alert| to the alert to be sent.
+ * 2. Call PORT_SetError() with an appropriate code.
+ *
+ * Called by ssl3_HandleRecord. Caller must hold the spec read lock.
+ * Therefore, we MUST not call SSL3_SendAlert().
+ *
+ */
+static SECStatus
+ssl3_UnprotectRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *plaintext,
+ SSL3AlertDescription *alert)
+{
+ ssl3CipherSpec *crSpec = ss->ssl3.crSpec;
+ const ssl3BulkCipherDef *cipher_def = crSpec->cipher_def;
+ PRBool isTLS;
+ unsigned int good;
+ unsigned int ivLen = 0;
+ SSL3ContentType rType;
+ unsigned int minLength;
+ unsigned int originalLen = 0;
+ unsigned char header[13];
+ unsigned int headerLen;
+ SSL3Opaque hash[MAX_MAC_LENGTH];
+ SSL3Opaque givenHashBuf[MAX_MAC_LENGTH];
+ SSL3Opaque *givenHash;
+ unsigned int hashBytes = MAX_MAC_LENGTH + 1;
+ SECStatus rv;
+
+ good = ~0U;
+ minLength = crSpec->mac_size;
+ if (cipher_def->type == type_block) {
+ /* CBC records have a padding length byte at the end. */
+ minLength++;
+ if (crSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) {
+ /* With >= TLS 1.1, CBC records have an explicit IV. */
+ minLength += cipher_def->iv_size;
+ }
+ } else if (cipher_def->type == type_aead) {
+ minLength = cipher_def->explicit_nonce_size + cipher_def->tag_size;
+ }
+
+ /* We can perform this test in variable time because the record's total
+ * length and the ciphersuite are both public knowledge. */
+ if (cText->buf->len < minLength) {
+ goto decrypt_loser;
+ }
+
+ if (cipher_def->type == type_block &&
+ crSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) {
+ /* Consume the per-record explicit IV. RFC 4346 Section 6.2.3.2 states
+ * "The receiver decrypts the entire GenericBlockCipher structure and
+ * then discards the first cipher block corresponding to the IV
+ * component." Instead, we decrypt the first cipher block and then
+ * discard it before decrypting the rest.
+ */
+ SSL3Opaque iv[MAX_IV_LENGTH];
+ int decoded;
+
+ ivLen = cipher_def->iv_size;
+ if (ivLen < 8 || ivLen > sizeof(iv)) {
+ *alert = internal_error;
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ PRINT_BUF(80, (ss, "IV (ciphertext):", cText->buf->buf, ivLen));
+
+ /* The decryption result is garbage, but since we just throw away
+ * the block it doesn't matter. The decryption of the next block
+ * depends only on the ciphertext of the IV block.
+ */
+ rv = crSpec->decode(crSpec->decodeContext, iv, &decoded,
+ sizeof(iv), cText->buf->buf, ivLen);
+
+ good &= SECStatusToMask(rv);
+ }
+
+ PRINT_BUF(80, (ss, "ciphertext:", cText->buf->buf + ivLen,
+ cText->buf->len - ivLen));
+
+ isTLS = (PRBool)(crSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ if (isTLS && cText->buf->len - ivLen > (MAX_FRAGMENT_LENGTH + 2048)) {
+ *alert = record_overflow;
+ PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
+ return SECFailure;
+ }
+
+ rType = cText->type;
+ if (cipher_def->type == type_aead) {
+ /* XXX For many AEAD ciphers, the plaintext is shorter than the
+ * ciphertext by a fixed byte count, but it is not true in general.
+ * Each AEAD cipher should provide a function that returns the
+ * plaintext length for a given ciphertext. */
+ unsigned int decryptedLen =
+ cText->buf->len - cipher_def->explicit_nonce_size -
+ cipher_def->tag_size;
+ headerLen = ssl3_BuildRecordPseudoHeader(
+ header, IS_DTLS(ss) ? cText->seq_num : crSpec->read_seq_num,
+ rType, isTLS, cText->version, IS_DTLS(ss), decryptedLen);
+ PORT_Assert(headerLen <= sizeof(header));
+ rv = crSpec->aead(
+ ss->sec.isServer ? &crSpec->client : &crSpec->server,
+ PR_TRUE, /* do decrypt */
+ plaintext->buf, /* out */
+ (int *)&plaintext->len, /* outlen */
+ plaintext->space, /* maxout */
+ cText->buf->buf, /* in */
+ cText->buf->len, /* inlen */
+ header, headerLen);
+ if (rv != SECSuccess) {
+ good = 0;
+ }
+ } else {
+ if (cipher_def->type == type_block &&
+ ((cText->buf->len - ivLen) % cipher_def->block_size) != 0) {
+ goto decrypt_loser;
+ }
+
+ /* decrypt from cText buf to plaintext. */
+ rv = crSpec->decode(
+ crSpec->decodeContext, plaintext->buf, (int *)&plaintext->len,
+ plaintext->space, cText->buf->buf + ivLen, cText->buf->len - ivLen);
+ if (rv != SECSuccess) {
+ goto decrypt_loser;
+ }
+
+ PRINT_BUF(80, (ss, "cleartext:", plaintext->buf, plaintext->len));
+
+ originalLen = plaintext->len;
+
+ /* If it's a block cipher, check and strip the padding. */
+ if (cipher_def->type == type_block) {
+ const unsigned int blockSize = cipher_def->block_size;
+ const unsigned int macSize = crSpec->mac_size;
+
+ if (!isTLS) {
+ good &= SECStatusToMask(ssl_RemoveSSLv3CBCPadding(
+ plaintext, blockSize, macSize));
+ } else {
+ good &= SECStatusToMask(ssl_RemoveTLSCBCPadding(
+ plaintext, macSize));
+ }
+ }
+
+ /* compute the MAC */
+ headerLen = ssl3_BuildRecordPseudoHeader(
+ header, IS_DTLS(ss) ? cText->seq_num : crSpec->read_seq_num,
+ rType, isTLS, cText->version, IS_DTLS(ss),
+ plaintext->len - crSpec->mac_size);
+ PORT_Assert(headerLen <= sizeof(header));
+ if (cipher_def->type == type_block) {
+ rv = ssl3_ComputeRecordMACConstantTime(
+ crSpec, (PRBool)(!ss->sec.isServer), header, headerLen,
+ plaintext->buf, plaintext->len, originalLen,
+ hash, &hashBytes);
+
+ ssl_CBCExtractMAC(plaintext, originalLen, givenHashBuf,
+ crSpec->mac_size);
+ givenHash = givenHashBuf;
+
+ /* plaintext->len will always have enough space to remove the MAC
+ * because in ssl_Remove{SSLv3|TLS}CBCPadding we only adjust
+ * plaintext->len if the result has enough space for the MAC and we
+ * tested the unadjusted size against minLength, above. */
+ plaintext->len -= crSpec->mac_size;
+ } else {
+ /* This is safe because we checked the minLength above. */
+ plaintext->len -= crSpec->mac_size;
+
+ rv = ssl3_ComputeRecordMAC(
+ crSpec, (PRBool)(!ss->sec.isServer), header, headerLen,
+ plaintext->buf, plaintext->len, hash, &hashBytes);
+
+ /* We can read the MAC directly from the record because its location
+ * is public when a stream cipher is used. */
+ givenHash = plaintext->buf + plaintext->len;
+ }
+
+ good &= SECStatusToMask(rv);
+
+ if (hashBytes != (unsigned)crSpec->mac_size ||
+ NSS_SecureMemcmp(givenHash, hash, crSpec->mac_size) != 0) {
+ /* We're allowed to leak whether or not the MAC check was correct */
+ good = 0;
+ }
+ }
+
+ if (good == 0) {
+ decrypt_loser:
+ /* always log mac error, in case attacker can read server logs. */
+ PORT_SetError(SSL_ERROR_BAD_MAC_READ);
+ *alert = bad_record_mac;
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* if cText is non-null, then decipher, check MAC, and decompress the
+ * SSL record from cText->buf (typically gs->inbuf)
+ * into databuf (typically gs->buf), and any previous contents of databuf
+ * is lost. Then handle databuf according to its SSL record type,
+ * unless it's an application record.
+ *
+ * If cText is NULL, then the ciphertext has previously been deciphered and
+ * checked, and is already sitting in databuf. It is processed as an SSL
+ * Handshake message.
+ *
+ * DOES NOT process the decrypted/decompressed application data.
+ * On return, databuf contains the decrypted/decompressed record.
+ *
+ * Called from ssl3_GatherCompleteHandshake
+ * ssl3_RestartHandshakeAfterCertReq
+ *
+ * Caller must hold the RecvBufLock.
+ *
+ * This function aquires and releases the SSL3Handshake Lock, holding the
+ * lock around any calls to functions that handle records other than
+ * Application Data records.
+ */
+SECStatus
+ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf)
+{
+ SECStatus rv;
+ PRBool isTLS;
+ sslSequenceNumber seq_num = 0;
+ ssl3CipherSpec *crSpec;
+ SSL3ContentType rType;
+ sslBuffer *plaintext;
+ sslBuffer temp_buf;
+ SSL3AlertDescription alert = internal_error;
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ if (!ss->ssl3.initialized) {
+ ssl_GetSSL3HandshakeLock(ss);
+ rv = ssl3_InitState(ss);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ if (rv != SECSuccess) {
+ return rv; /* ssl3_InitState has set the error code. */
+ }
+ }
+
+ /* check for Token Presence */
+ if (!ssl3_ClientAuthTokenPresent(ss->sec.ci.sid)) {
+ PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
+ return SECFailure;
+ }
+
+ /* cText is NULL when we're called from ssl3_RestartHandshakeAfterXXX().
+ * This implies that databuf holds a previously deciphered SSL Handshake
+ * message.
+ */
+ if (cText == NULL) {
+ SSL_DBG(("%d: SSL3[%d]: HandleRecord, resuming handshake",
+ SSL_GETPID(), ss->fd));
+ rType = content_handshake;
+ goto process_it;
+ }
+
+ ssl_GetSpecReadLock(ss); /******************************************/
+ crSpec = ss->ssl3.crSpec;
+ isTLS = (PRBool)(crSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ if (IS_DTLS(ss)) {
+ PRBool sameEpoch;
+ if (!dtls_IsRelevant(ss, cText, &sameEpoch, &seq_num)) {
+ ssl_ReleaseSpecReadLock(ss); /*****************************/
+ databuf->len = 0; /* Needed to ensure data not left around */
+
+ /* Maybe retransmit if needed. */
+ return dtls_MaybeRetransmitHandshake(ss, cText, sameEpoch);
+ }
+ } else {
+ seq_num = crSpec->read_seq_num + 1;
+ }
+ if (seq_num >= crSpec->cipher_def->max_records) {
+ ssl_ReleaseSpecReadLock(ss); /*****************************/
+ SSL_TRC(3, ("%d: SSL[%d]: read sequence number at limit 0x%0llx",
+ SSL_GETPID(), ss->fd, seq_num));
+ PORT_SetError(SSL_ERROR_TOO_MANY_RECORDS);
+ return SECFailure;
+ }
+
+ /* If we will be decompressing the buffer we need to decrypt somewhere
+ * other than into databuf */
+ if (crSpec->decompressor) {
+ temp_buf.buf = NULL;
+ temp_buf.space = 0;
+ plaintext = &temp_buf;
+ } else {
+ plaintext = databuf;
+ }
+
+ plaintext->len = 0; /* filled in by Unprotect call below. */
+ if (plaintext->space < MAX_FRAGMENT_LENGTH) {
+ rv = sslBuffer_Grow(plaintext, MAX_FRAGMENT_LENGTH + 2048);
+ if (rv != SECSuccess) {
+ ssl_ReleaseSpecReadLock(ss); /*************************/
+ SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes",
+ SSL_GETPID(), ss->fd, MAX_FRAGMENT_LENGTH + 2048));
+ /* sslBuffer_Grow has set a memory error code. */
+ /* Perhaps we should send an alert. (but we have no memory!) */
+ return SECFailure;
+ }
+ }
+
+ /* We're waiting for another ClientHello, which will appear unencrypted.
+ * Use the content type to tell whether this is should be discarded.
+ *
+ * XXX If we decide to remove the content type from encrypted records, this
+ * will become much more difficult to manage. */
+ if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr &&
+ cText->type == content_application_data) {
+ ssl_ReleaseSpecReadLock(ss); /*****************************/
+ PORT_Assert(ss->ssl3.hs.ws == wait_client_hello);
+ databuf->len = 0;
+ return SECSuccess;
+ }
+
+#ifdef UNSAFE_FUZZER_MODE
+ rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len,
+ plaintext->space, cText->buf->buf, cText->buf->len);
+#else
+ /* IMPORTANT: Unprotect functions MUST NOT send alerts
+ * because we still hold the spec read lock. Instead, if they
+ * return SECFailure, they set *alert to the alert to be sent. */
+ if (crSpec->version < SSL_LIBRARY_VERSION_TLS_1_3 ||
+ crSpec->cipher_def->calg == ssl_calg_null) {
+ /* Unencrypted TLS 1.3 records use the pre-TLS 1.3 format. */
+ rv = ssl3_UnprotectRecord(ss, cText, plaintext, &alert);
+ } else {
+ rv = tls13_UnprotectRecord(ss, cText, plaintext, &alert);
+ }
+#endif
+
+ if (rv != SECSuccess) {
+ ssl_ReleaseSpecReadLock(ss); /***************************/
+
+ SSL_DBG(("%d: SSL3[%d]: decryption failed", SSL_GETPID(), ss->fd));
+
+ if (IS_DTLS(ss) ||
+ (ss->sec.isServer &&
+ ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_trial)) {
+ /* Silently drop the packet */
+ databuf->len = 0; /* Needed to ensure data not left around */
+ return SECSuccess;
+ } else {
+ int errCode = PORT_GetError();
+ SSL3_SendAlert(ss, alert_fatal, alert);
+ /* Reset the error code in case SSL3_SendAlert called
+ * PORT_SetError(). */
+ PORT_SetError(errCode);
+ return SECFailure;
+ }
+ }
+
+ /* SECSuccess */
+ crSpec->read_seq_num = seq_num;
+ if (IS_DTLS(ss)) {
+ dtls_RecordSetRecvd(&crSpec->recvdRecords, seq_num);
+ }
+
+ ssl_ReleaseSpecReadLock(ss); /*****************************************/
+
+ /*
+ * The decrypted data is now in plaintext.
+ */
+ rType = cText->type; /* This must go after decryption because TLS 1.3
+ * has encrypted content types. */
+
+ /* possibly decompress the record. If we aren't using compression then
+ * plaintext == databuf and so the uncompressed data is already in
+ * databuf. */
+ if (crSpec->decompressor) {
+ if (databuf->space < plaintext->len + SSL3_COMPRESSION_MAX_EXPANSION) {
+ rv = sslBuffer_Grow(
+ databuf, plaintext->len + SSL3_COMPRESSION_MAX_EXPANSION);
+ if (rv != SECSuccess) {
+ SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes",
+ SSL_GETPID(), ss->fd,
+ plaintext->len +
+ SSL3_COMPRESSION_MAX_EXPANSION));
+ /* sslBuffer_Grow has set a memory error code. */
+ /* Perhaps we should send an alert. (but we have no memory!) */
+ PORT_Free(plaintext->buf);
+ return SECFailure;
+ }
+ }
+
+ rv = crSpec->decompressor(crSpec->decompressContext,
+ databuf->buf,
+ (int *)&databuf->len,
+ databuf->space,
+ plaintext->buf,
+ plaintext->len);
+
+ if (rv != SECSuccess) {
+ int err = ssl_MapLowLevelError(SSL_ERROR_DECOMPRESSION_FAILURE);
+ SSL3_SendAlert(ss, alert_fatal,
+ isTLS ? decompression_failure
+ : bad_record_mac);
+
+ /* There appears to be a bug with (at least) Apache + OpenSSL where
+ * resumed SSLv3 connections don't actually use compression. See
+ * comments 93-95 of
+ * https://bugzilla.mozilla.org/show_bug.cgi?id=275744
+ *
+ * So, if we get a decompression error, and the record appears to
+ * be already uncompressed, then we return a more specific error
+ * code to hopefully save somebody some debugging time in the
+ * future.
+ */
+ if (plaintext->len >= 4) {
+ unsigned int len = ((unsigned int)plaintext->buf[1] << 16) |
+ ((unsigned int)plaintext->buf[2] << 8) |
+ (unsigned int)plaintext->buf[3];
+ if (len == plaintext->len - 4) {
+ /* This appears to be uncompressed already */
+ err = SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD;
+ }
+ }
+
+ PORT_Free(plaintext->buf);
+ PORT_SetError(err);
+ return SECFailure;
+ }
+
+ PORT_Free(plaintext->buf);
+ }
+
+ /*
+ ** Having completed the decompression, check the length again.
+ */
+ if (isTLS && databuf->len > (MAX_FRAGMENT_LENGTH + 1024)) {
+ SSL3_SendAlert(ss, alert_fatal, record_overflow);
+ PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
+ return SECFailure;
+ }
+
+ /* Application data records are processed by the caller of this
+ ** function, not by this function.
+ */
+ if (rType == content_application_data) {
+ if (ss->firstHsDone)
+ return SECSuccess;
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
+ ss->sec.isServer &&
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) {
+ return tls13_HandleEarlyApplicationData(ss, databuf);
+ }
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA);
+ return SECFailure;
+ }
+
+/* It's a record that must be handled by ssl itself, not the application.
+ */
+process_it:
+ /* XXX Get the xmit lock here. Odds are very high that we'll be xmiting
+ * data ang getting the xmit lock here prevents deadlocks.
+ */
+ ssl_GetSSL3HandshakeLock(ss);
+
+ /* All the functions called in this switch MUST set error code if
+ ** they return SECFailure or SECWouldBlock.
+ */
+ switch (rType) {
+ case content_change_cipher_spec:
+ rv = ssl3_HandleChangeCipherSpecs(ss, databuf);
+ break;
+ case content_alert:
+ rv = ssl3_HandleAlert(ss, databuf);
+ break;
+ case content_handshake:
+ if (!IS_DTLS(ss)) {
+ rv = ssl3_HandleHandshake(ss, databuf);
+ } else {
+ rv = dtls_HandleHandshake(ss, databuf);
+ }
+ break;
+ /*
+ case content_application_data is handled before this switch
+ */
+ default:
+ SSL_DBG(("%d: SSL3[%d]: bogus content type=%d",
+ SSL_GETPID(), ss->fd, cText->type));
+ PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE);
+ ssl3_DecodeError(ss);
+ rv = SECFailure;
+ break;
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ return rv;
+}
+
+/*
+ * Initialization functions
+ */
+
+void
+ssl_InitSecState(sslSecurityInfo *sec)
+{
+ sec->authType = ssl_auth_null;
+ sec->authKeyBits = 0;
+ sec->signatureScheme = ssl_sig_none;
+ sec->keaType = ssl_kea_null;
+ sec->keaKeyBits = 0;
+ sec->keaGroup = NULL;
+}
+
+/* Called from ssl3_InitState, immediately below. */
+/* Caller must hold the SpecWriteLock. */
+void
+ssl3_InitCipherSpec(ssl3CipherSpec *spec)
+{
+ spec->cipher_def = &bulk_cipher_defs[cipher_null];
+ PORT_Assert(spec->cipher_def->cipher == cipher_null);
+ spec->mac_def = &mac_defs[mac_null];
+ PORT_Assert(spec->mac_def->mac == mac_null);
+ spec->encode = Null_Cipher;
+ spec->decode = Null_Cipher;
+ spec->compressor = NULL;
+ spec->decompressor = NULL;
+ spec->destroyCompressContext = NULL;
+ spec->destroyDecompressContext = NULL;
+ spec->mac_size = 0;
+ spec->master_secret = NULL;
+
+ spec->msItem.data = NULL;
+ spec->msItem.len = 0;
+
+ spec->client.write_key = NULL;
+ spec->client.write_mac_key = NULL;
+ spec->client.write_mac_context = NULL;
+
+ spec->server.write_key = NULL;
+ spec->server.write_mac_key = NULL;
+ spec->server.write_mac_context = NULL;
+
+ spec->write_seq_num = 0;
+ spec->read_seq_num = 0;
+ spec->epoch = 0;
+
+ spec->refCt = 128; /* Arbitrarily high number to prevent
+ * non-TLS 1.3 cipherSpecs from being
+ * GCed. This will be overwritten with
+ * a valid refCt for TLS 1.3. */
+ dtls_InitRecvdRecords(&spec->recvdRecords);
+}
+
+/* Called from: ssl3_SendRecord
+** ssl3_SendClientHello()
+** ssl3_HandleV2ClientHello()
+** ssl3_HandleRecord()
+**
+** This function should perhaps acquire and release the SpecWriteLock.
+**
+**
+*/
+SECStatus
+ssl3_InitState(sslSocket *ss)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->ssl3.initialized)
+ return SECSuccess; /* Function should be idempotent */
+
+ ss->ssl3.policy = SSL_ALLOWED;
+
+ ssl_InitSecState(&ss->sec);
+
+ ssl_GetSpecWriteLock(ss);
+ ss->ssl3.crSpec = ss->ssl3.cwSpec = &ss->ssl3.specs[0];
+ ss->ssl3.prSpec = ss->ssl3.pwSpec = &ss->ssl3.specs[1];
+ ssl3_InitCipherSpec(ss->ssl3.crSpec);
+ ssl3_InitCipherSpec(ss->ssl3.prSpec);
+ ss->ssl3.crSpec->version = ss->ssl3.prSpec->version = ss->vrange.max;
+ ssl_ReleaseSpecWriteLock(ss);
+
+ ss->ssl3.hs.sendingSCSV = PR_FALSE;
+ ss->ssl3.hs.preliminaryInfo = 0;
+ ss->ssl3.hs.ws = (ss->sec.isServer) ? wait_client_hello : wait_server_hello;
+
+ ssl3_ResetExtensionData(&ss->xtnData);
+ PR_INIT_CLIST(&ss->ssl3.hs.remoteExtensions);
+ if (IS_DTLS(ss)) {
+ ss->ssl3.hs.sendMessageSeq = 0;
+ ss->ssl3.hs.recvMessageSeq = 0;
+ ss->ssl3.hs.rtTimeoutMs = DTLS_RETRANSMIT_INITIAL_MS;
+ ss->ssl3.hs.rtRetries = 0;
+ ss->ssl3.hs.recvdHighWater = -1;
+ PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight);
+ dtls_SetMTU(ss, 0); /* Set the MTU to the highest plateau */
+ }
+
+ ss->ssl3.hs.currentSecret = NULL;
+ ss->ssl3.hs.resumptionMasterSecret = NULL;
+ ss->ssl3.hs.dheSecret = NULL;
+ ss->ssl3.hs.pskBinderKey = NULL;
+ ss->ssl3.hs.clientEarlyTrafficSecret = NULL;
+ ss->ssl3.hs.clientHsTrafficSecret = NULL;
+ ss->ssl3.hs.serverHsTrafficSecret = NULL;
+ ss->ssl3.hs.clientTrafficSecret = NULL;
+ ss->ssl3.hs.serverTrafficSecret = NULL;
+ ss->ssl3.hs.certificateRequest = NULL;
+ PR_INIT_CLIST(&ss->ssl3.hs.cipherSpecs);
+
+ PORT_Assert(!ss->ssl3.hs.messages.buf && !ss->ssl3.hs.messages.space);
+ ss->ssl3.hs.messages.buf = NULL;
+ ss->ssl3.hs.messages.space = 0;
+
+ ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE;
+ PORT_Memset(&ss->ssl3.hs.newSessionTicket, 0,
+ sizeof(ss->ssl3.hs.newSessionTicket));
+
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_none;
+
+ ssl_FilterSupportedGroups(ss);
+
+ ss->ssl3.initialized = PR_TRUE;
+ return SECSuccess;
+}
+
+/* record the export policy for this cipher suite */
+SECStatus
+ssl3_SetPolicy(ssl3CipherSuite which, int policy)
+{
+ ssl3CipherSuiteCfg *suite;
+
+ suite = ssl_LookupCipherSuiteCfgMutable(which, cipherSuites);
+ if (suite == NULL) {
+ return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
+ }
+ suite->policy = policy;
+
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *oPolicy)
+{
+ const ssl3CipherSuiteCfg *suite;
+ PRInt32 policy;
+ SECStatus rv;
+
+ suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
+ if (suite) {
+ policy = suite->policy;
+ rv = SECSuccess;
+ } else {
+ policy = SSL_NOT_ALLOWED;
+ rv = SECFailure; /* err code was set by Lookup. */
+ }
+ *oPolicy = policy;
+ return rv;
+}
+
+/* record the user preference for this suite */
+SECStatus
+ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled)
+{
+ ssl3CipherSuiteCfg *suite;
+
+ suite = ssl_LookupCipherSuiteCfgMutable(which, cipherSuites);
+ if (suite == NULL) {
+ return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
+ }
+ suite->enabled = enabled;
+ return SECSuccess;
+}
+
+/* return the user preference for this suite */
+SECStatus
+ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *enabled)
+{
+ const ssl3CipherSuiteCfg *suite;
+ PRBool pref;
+ SECStatus rv;
+
+ suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
+ if (suite) {
+ pref = suite->enabled;
+ rv = SECSuccess;
+ } else {
+ pref = SSL_NOT_ALLOWED;
+ rv = SECFailure; /* err code was set by Lookup. */
+ }
+ *enabled = pref;
+ return rv;
+}
+
+SECStatus
+ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool enabled)
+{
+ ssl3CipherSuiteCfg *suite;
+
+ suite = ssl_LookupCipherSuiteCfgMutable(which, ss->cipherSuites);
+ if (suite == NULL) {
+ return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
+ }
+ suite->enabled = enabled;
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_CipherPrefGet(const sslSocket *ss, ssl3CipherSuite which, PRBool *enabled)
+{
+ const ssl3CipherSuiteCfg *suite;
+ PRBool pref;
+ SECStatus rv;
+
+ suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
+ if (suite) {
+ pref = suite->enabled;
+ rv = SECSuccess;
+ } else {
+ pref = SSL_NOT_ALLOWED;
+ rv = SECFailure; /* err code was set by Lookup. */
+ }
+ *enabled = pref;
+ return rv;
+}
+
+SECStatus
+SSL_SignatureSchemePrefSet(PRFileDesc *fd, const SSLSignatureScheme *schemes,
+ unsigned int count)
+{
+ sslSocket *ss;
+ unsigned int i;
+ unsigned int supported = 0;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SignatureSchemePrefSet",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!count) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ for (i = 0; i < count; ++i) {
+ if (ssl_IsSupportedSignatureScheme(schemes[i])) {
+ ++supported;
+ }
+ }
+ /* We don't check for duplicates, so it's possible to get too many. */
+ if (supported > MAX_SIGNATURE_SCHEMES) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ss->ssl3.signatureSchemeCount = 0;
+ for (i = 0; i < count; ++i) {
+ if (!ssl_IsSupportedSignatureScheme(schemes[i])) {
+ SSL_DBG(("%d: SSL[%d]: invalid signature scheme %d ignored",
+ SSL_GETPID(), fd, schemes[i]));
+ continue;
+ }
+
+ ss->ssl3.signatureSchemes[ss->ssl3.signatureSchemeCount++] = schemes[i];
+ }
+
+ if (ss->ssl3.signatureSchemeCount == 0) {
+ PORT_SetError(SSL_ERROR_NO_SUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+SSL_SignaturePrefSet(PRFileDesc *fd, const SSLSignatureAndHashAlg *algorithms,
+ unsigned int count)
+{
+ SSLSignatureScheme schemes[MAX_SIGNATURE_SCHEMES];
+ unsigned int i;
+
+ count = PR_MIN(PR_ARRAY_SIZE(schemes), count);
+ for (i = 0; i < count; ++i) {
+ schemes[i] = (algorithms[i].hashAlg << 8) | algorithms[i].sigAlg;
+ }
+ return SSL_SignatureSchemePrefSet(fd, schemes, count);
+}
+
+SECStatus
+SSL_SignatureSchemePrefGet(PRFileDesc *fd, SSLSignatureScheme *schemes,
+ unsigned int *count, unsigned int maxCount)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SignatureSchemePrefGet",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!schemes || !count ||
+ maxCount < ss->ssl3.signatureSchemeCount) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ PORT_Memcpy(schemes, ss->ssl3.signatureSchemes,
+ ss->ssl3.signatureSchemeCount * sizeof(SSLSignatureScheme));
+ *count = ss->ssl3.signatureSchemeCount;
+ return SECSuccess;
+}
+
+SECStatus
+SSL_SignaturePrefGet(PRFileDesc *fd, SSLSignatureAndHashAlg *algorithms,
+ unsigned int *count, unsigned int maxCount)
+{
+ sslSocket *ss;
+ unsigned int i;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SignaturePrefGet",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!algorithms || !count ||
+ maxCount < ss->ssl3.signatureSchemeCount) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
+ algorithms[i].hashAlg = (ss->ssl3.signatureSchemes[i] >> 8) & 0xff;
+ algorithms[i].sigAlg = ss->ssl3.signatureSchemes[i] & 0xff;
+ }
+ *count = ss->ssl3.signatureSchemeCount;
+ return SECSuccess;
+}
+
+unsigned int
+SSL_SignatureMaxCount()
+{
+ return MAX_SIGNATURE_SCHEMES;
+}
+
+/* copy global default policy into socket. */
+void
+ssl3_InitSocketPolicy(sslSocket *ss)
+{
+ PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof(cipherSuites));
+ PORT_Memcpy(ss->ssl3.signatureSchemes, defaultSignatureSchemes,
+ sizeof(defaultSignatureSchemes));
+ ss->ssl3.signatureSchemeCount = PR_ARRAY_SIZE(defaultSignatureSchemes);
+}
+
+/*
+** If ssl3 socket has completed the first handshake, and is in idle state,
+** then start a new handshake.
+** If flushCache is true, the SID cache will be flushed first, forcing a
+** "Full" handshake (not a session restart handshake), to be done.
+**
+** called from SSL_RedoHandshake(), which already holds the handshake locks.
+*/
+SECStatus
+ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache)
+{
+ sslSessionID *sid = ss->sec.ci.sid;
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (!ss->firstHsDone ||
+ (ss->ssl3.initialized && (ss->ssl3.hs.ws != idle_handshake))) {
+ PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED);
+ return SECFailure;
+ }
+
+ if (IS_DTLS(ss)) {
+ dtls_RehandshakeCleanup(ss);
+ }
+
+ if (ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER ||
+ ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ PORT_SetError(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED);
+ return SECFailure;
+ }
+ if (sid && flushCache) {
+ ss->sec.uncache(sid); /* remove it from whichever cache it's in. */
+ ssl_FreeSID(sid); /* dec ref count and free if zero. */
+ ss->sec.ci.sid = NULL;
+ }
+
+ ssl_GetXmitBufLock(ss); /**************************************/
+
+ /* start off a new handshake. */
+ if (ss->sec.isServer) {
+ rv = ssl3_SendHelloRequest(ss);
+ } else {
+ rv = ssl3_SendClientHello(ss, client_hello_renegotiation);
+ }
+
+ ssl_ReleaseXmitBufLock(ss); /**************************************/
+ return rv;
+}
+
+/* Called from ssl_DestroySocketContents() in sslsock.c */
+void
+ssl3_DestroySSL3Info(sslSocket *ss)
+{
+
+ if (ss->ssl3.clientCertificate != NULL)
+ CERT_DestroyCertificate(ss->ssl3.clientCertificate);
+
+ if (ss->ssl3.clientPrivateKey != NULL)
+ SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+
+ if (ss->ssl3.peerCertArena != NULL)
+ ssl3_CleanupPeerCerts(ss);
+
+ if (ss->ssl3.clientCertChain != NULL) {
+ CERT_DestroyCertificateList(ss->ssl3.clientCertChain);
+ ss->ssl3.clientCertChain = NULL;
+ }
+ if (ss->ssl3.ca_list) {
+ CERT_FreeDistNames(ss->ssl3.ca_list);
+ }
+
+ /* clean up handshake */
+ if (ss->ssl3.hs.md5) {
+ PK11_DestroyContext(ss->ssl3.hs.md5, PR_TRUE);
+ }
+ if (ss->ssl3.hs.sha) {
+ PK11_DestroyContext(ss->ssl3.hs.sha, PR_TRUE);
+ }
+ if (ss->ssl3.hs.messages.buf) {
+ sslBuffer_Clear(&ss->ssl3.hs.messages);
+ }
+
+ /* free the SSL3Buffer (msg_body) */
+ PORT_Free(ss->ssl3.hs.msg_body.buf);
+
+ SECITEM_FreeItem(&ss->ssl3.hs.newSessionTicket.ticket, PR_FALSE);
+ SECITEM_FreeItem(&ss->ssl3.hs.srvVirtName, PR_FALSE);
+
+ if (ss->ssl3.hs.certificateRequest) {
+ PORT_FreeArena(ss->ssl3.hs.certificateRequest->arena, PR_FALSE);
+ ss->ssl3.hs.certificateRequest = NULL;
+ }
+
+ /* free up the CipherSpecs */
+ ssl3_DestroyCipherSpec(&ss->ssl3.specs[0], PR_TRUE /*freeSrvName*/);
+ ssl3_DestroyCipherSpec(&ss->ssl3.specs[1], PR_TRUE /*freeSrvName*/);
+
+ /* Destroy the DTLS data */
+ if (IS_DTLS(ss)) {
+ dtls_FreeHandshakeMessages(&ss->ssl3.hs.lastMessageFlight);
+ if (ss->ssl3.hs.recvdFragments.buf) {
+ PORT_Free(ss->ssl3.hs.recvdFragments.buf);
+ }
+ }
+
+ /* Destroy remote extensions */
+ ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
+ ssl3_ResetExtensionData(&ss->xtnData);
+
+ /* Destroy TLS 1.3 cipher specs */
+ tls13_DestroyCipherSpecs(&ss->ssl3.hs.cipherSpecs);
+
+ /* Destroy TLS 1.3 keys */
+ if (ss->ssl3.hs.currentSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.currentSecret);
+ if (ss->ssl3.hs.resumptionMasterSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.resumptionMasterSecret);
+ if (ss->ssl3.hs.dheSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.dheSecret);
+ if (ss->ssl3.hs.pskBinderKey)
+ PK11_FreeSymKey(ss->ssl3.hs.pskBinderKey);
+ if (ss->ssl3.hs.clientEarlyTrafficSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.clientEarlyTrafficSecret);
+ if (ss->ssl3.hs.clientHsTrafficSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.clientHsTrafficSecret);
+ if (ss->ssl3.hs.serverHsTrafficSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.serverHsTrafficSecret);
+ if (ss->ssl3.hs.clientTrafficSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.clientTrafficSecret);
+ if (ss->ssl3.hs.serverTrafficSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.serverTrafficSecret);
+ if (ss->ssl3.hs.earlyExporterSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.earlyExporterSecret);
+ if (ss->ssl3.hs.exporterSecret)
+ PK11_FreeSymKey(ss->ssl3.hs.exporterSecret);
+
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_none;
+ /* Destroy TLS 1.3 buffered early data. */
+ tls13_DestroyEarlyData(&ss->ssl3.hs.bufferedEarlyData);
+
+ ss->ssl3.initialized = PR_FALSE;
+}
+
+#define MAP_NULL(x) (((x) != 0) ? (x) : SEC_OID_NULL_CIPHER)
+
+SECStatus
+ssl3_ApplyNSSPolicy(void)
+{
+ unsigned i;
+ SECStatus rv;
+ PRUint32 policy = 0;
+
+ rv = NSS_GetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, &policy);
+ if (rv != SECSuccess || !(policy & NSS_USE_POLICY_IN_SSL)) {
+ return SECSuccess; /* do nothing */
+ }
+
+ /* disable every ciphersuite */
+ for (i = 1; i < PR_ARRAY_SIZE(cipher_suite_defs); ++i) {
+ const ssl3CipherSuiteDef *suite = &cipher_suite_defs[i];
+ SECOidTag policyOid;
+
+ policyOid = MAP_NULL(kea_defs[suite->key_exchange_alg].oid);
+ rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
+ if (rv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL_KX)) {
+ ssl_CipherPrefSetDefault(suite->cipher_suite, PR_FALSE);
+ ssl_CipherPolicySet(suite->cipher_suite, SSL_NOT_ALLOWED);
+ continue;
+ }
+
+ policyOid = MAP_NULL(ssl_GetBulkCipherDef(suite)->oid);
+ rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
+ if (rv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL)) {
+ ssl_CipherPrefSetDefault(suite->cipher_suite, PR_FALSE);
+ ssl_CipherPolicySet(suite->cipher_suite, SSL_NOT_ALLOWED);
+ continue;
+ }
+
+ if (ssl_GetBulkCipherDef(suite)->type != type_aead) {
+ policyOid = MAP_NULL(mac_defs[suite->mac_alg].oid);
+ rv = NSS_GetAlgorithmPolicy(policyOid, &policy);
+ if (rv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL)) {
+ ssl_CipherPrefSetDefault(suite->cipher_suite, PR_FALSE);
+ ssl_CipherPolicySet(suite->cipher_suite,
+ SSL_NOT_ALLOWED);
+ continue;
+ }
+ }
+ }
+
+ rv = ssl3_ConstrainRangeByPolicy();
+
+ return rv;
+}
+
+/* End of ssl3con.c */
diff --git a/security/nss/lib/ssl/ssl3ecc.c b/security/nss/lib/ssl/ssl3ecc.c
new file mode 100644
index 000000000..9f2f4d621
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3ecc.c
@@ -0,0 +1,1009 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * SSL3 Protocol
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* ECC code moved here from ssl3con.c */
+
+#include "cert.h"
+#include "ssl.h"
+#include "cryptohi.h" /* for DSAU_ stuff */
+#include "keyhi.h"
+#include "secder.h"
+#include "secitem.h"
+
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "sslerr.h"
+#include "ssl3ext.h"
+#include "prtime.h"
+#include "prinrval.h"
+#include "prerror.h"
+#include "pratom.h"
+#include "prthread.h"
+#include "prinit.h"
+
+#include "pk11func.h"
+#include "secmod.h"
+
+#include <stdio.h>
+
+#ifndef PK11_SETATTRS
+#define PK11_SETATTRS(x, id, v, l) \
+ (x)->type = (id); \
+ (x)->pValue = (v); \
+ (x)->ulValueLen = (l);
+#endif
+
+SECStatus
+ssl_NamedGroup2ECParams(PLArenaPool *arena, const sslNamedGroupDef *ecGroup,
+ SECKEYECParams *params)
+{
+ SECOidData *oidData = NULL;
+
+ if (!params) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!ecGroup || ecGroup->keaType != ssl_kea_ecdh ||
+ (oidData = SECOID_FindOIDByTag(ecGroup->oidTag)) == NULL) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+ return SECFailure;
+ }
+
+ if (SECITEM_AllocItem(arena, params, (2 + oidData->oid.len)) == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ /*
+ * params->data needs to contain the ASN encoding of an object ID (OID)
+ * representing the named curve. The actual OID is in
+ * oidData->oid.data so we simply prepend 0x06 and OID length
+ */
+ params->data[0] = SEC_ASN1_OBJECT_ID;
+ params->data[1] = oidData->oid.len;
+ memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);
+
+ return SECSuccess;
+}
+
+const sslNamedGroupDef *
+ssl_ECPubKey2NamedGroup(const SECKEYPublicKey *pubKey)
+{
+ SECItem oid = { siBuffer, NULL, 0 };
+ SECOidData *oidData = NULL;
+ PRUint32 policyFlags = 0;
+ unsigned int i;
+ const SECKEYECParams *params;
+
+ if (pubKey->keyType != ecKey) {
+ PORT_Assert(0);
+ return NULL;
+ }
+
+ params = &pubKey->u.ec.DEREncodedParams;
+
+ /*
+ * params->data needs to contain the ASN encoding of an object ID (OID)
+ * representing a named curve. Here, we strip away everything
+ * before the actual OID and use the OID to look up a named curve.
+ */
+ if (params->data[0] != SEC_ASN1_OBJECT_ID)
+ return NULL;
+ oid.len = params->len - 2;
+ oid.data = params->data + 2;
+ if ((oidData = SECOID_FindOID(&oid)) == NULL)
+ return NULL;
+ if ((NSS_GetAlgorithmPolicy(oidData->offset, &policyFlags) ==
+ SECSuccess) &&
+ !(policyFlags & NSS_USE_ALG_IN_SSL_KX)) {
+ return NULL;
+ }
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ssl_named_groups[i].oidTag == oidData->offset) {
+ return &ssl_named_groups[i];
+ }
+ }
+
+ return NULL;
+}
+
+/* Caller must set hiLevel error code. */
+static SECStatus
+ssl3_ComputeECDHKeyHash(SSLHashType hashAlg,
+ SECItem ec_params, SECItem server_ecpoint,
+ SSL3Random *client_rand, SSL3Random *server_rand,
+ SSL3Hashes *hashes)
+{
+ PRUint8 *hashBuf;
+ PRUint8 *pBuf;
+ SECStatus rv = SECSuccess;
+ unsigned int bufLen;
+ /*
+ * We only support named curves (the appropriate checks are made before this
+ * method is called) so ec_params takes up only two bytes. ECPoint needs to
+ * fit in 256 bytes because the spec says the length must fit in one byte.
+ */
+ PRUint8 buf[2 * SSL3_RANDOM_LENGTH + 2 + 1 + 256];
+
+ bufLen = 2 * SSL3_RANDOM_LENGTH + ec_params.len + 1 + server_ecpoint.len;
+ if (bufLen <= sizeof buf) {
+ hashBuf = buf;
+ } else {
+ hashBuf = PORT_Alloc(bufLen);
+ if (!hashBuf) {
+ return SECFailure;
+ }
+ }
+
+ memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH);
+ pBuf = hashBuf + SSL3_RANDOM_LENGTH;
+ memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
+ pBuf += SSL3_RANDOM_LENGTH;
+ memcpy(pBuf, ec_params.data, ec_params.len);
+ pBuf += ec_params.len;
+ pBuf[0] = (PRUint8)(server_ecpoint.len);
+ pBuf += 1;
+ memcpy(pBuf, server_ecpoint.data, server_ecpoint.len);
+ pBuf += server_ecpoint.len;
+ PORT_Assert((unsigned int)(pBuf - hashBuf) == bufLen);
+
+ rv = ssl3_ComputeCommonKeyHash(hashAlg, hashBuf, bufLen, hashes);
+
+ PRINT_BUF(95, (NULL, "ECDHkey hash: ", hashBuf, bufLen));
+ PRINT_BUF(95, (NULL, "ECDHkey hash: MD5 result",
+ hashes->u.s.md5, MD5_LENGTH));
+ PRINT_BUF(95, (NULL, "ECDHkey hash: SHA1 result",
+ hashes->u.s.sha, SHA1_LENGTH));
+
+ if (hashBuf != buf)
+ PORT_Free(hashBuf);
+ return rv;
+}
+
+/* Called from ssl3_SendClientKeyExchange(). */
+SECStatus
+ssl3_SendECDHClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey)
+{
+ PK11SymKey *pms = NULL;
+ SECStatus rv = SECFailure;
+ PRBool isTLS, isTLS12;
+ CK_MECHANISM_TYPE target;
+ const sslNamedGroupDef *groupDef;
+ sslEphemeralKeyPair *keyPair = NULL;
+ SECKEYPublicKey *pubKey;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ isTLS = (PRBool)(ss->ssl3.pwSpec->version > SSL_LIBRARY_VERSION_3_0);
+ isTLS12 = (PRBool)(ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+
+ /* Generate ephemeral EC keypair */
+ if (svrPubKey->keyType != ecKey) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ goto loser;
+ }
+ groupDef = ssl_ECPubKey2NamedGroup(svrPubKey);
+ if (!groupDef) {
+ PORT_SetError(SEC_ERROR_BAD_KEY);
+ goto loser;
+ }
+ ss->sec.keaGroup = groupDef;
+ rv = ssl_CreateECDHEphemeralKeyPair(ss, groupDef, &keyPair);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
+ goto loser;
+ }
+
+ pubKey = keyPair->keys->pubKey;
+ PRINT_BUF(50, (ss, "ECDH public value:",
+ pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len));
+
+ if (isTLS12) {
+ target = CKM_TLS12_MASTER_KEY_DERIVE_DH;
+ } else if (isTLS) {
+ target = CKM_TLS_MASTER_KEY_DERIVE_DH;
+ } else {
+ target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
+ }
+
+ /* Determine the PMS */
+ pms = PK11_PubDeriveWithKDF(keyPair->keys->privKey, svrPubKey,
+ PR_FALSE, NULL, NULL, CKM_ECDH1_DERIVE, target,
+ CKA_DERIVE, 0, CKD_NULL, NULL, NULL);
+
+ if (pms == NULL) {
+ (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
+ pubKey->u.ec.publicValue.len + 1);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by ssl3_AppendHandshake* */
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len, 1);
+
+ if (rv != SECSuccess) {
+ goto loser; /* err set by ssl3_AppendHandshake* */
+ }
+
+ rv = ssl3_InitPendingCipherSpec(ss, pms);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ PK11_FreeSymKey(pms);
+ ssl_FreeEphemeralKeyPair(keyPair);
+ return SECSuccess;
+
+loser:
+ if (pms)
+ PK11_FreeSymKey(pms);
+ if (keyPair)
+ ssl_FreeEphemeralKeyPair(keyPair);
+ return SECFailure;
+}
+
+/* This function returns the size of the key_exchange field in
+ * the KeyShareEntry structure, i.e.:
+ * opaque point <1..2^8-1>; */
+unsigned int
+tls13_SizeOfECDHEKeyShareKEX(const SECKEYPublicKey *pubKey)
+{
+ PORT_Assert(pubKey->keyType == ecKey);
+ return pubKey->u.ec.publicValue.len;
+}
+
+/* This function encodes the key_exchange field in
+ * the KeyShareEntry structure. */
+SECStatus
+tls13_EncodeECDHEKeyShareKEX(const sslSocket *ss, const SECKEYPublicKey *pubKey)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(pubKey->keyType == ecKey);
+
+ return ssl3_ExtAppendHandshake(ss, pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len);
+}
+
+/*
+** Called from ssl3_HandleClientKeyExchange()
+*/
+SECStatus
+ssl3_HandleECDHClientKeyExchange(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length,
+ sslKeyPair *serverKeyPair)
+{
+ PK11SymKey *pms;
+ SECStatus rv;
+ SECKEYPublicKey clntPubKey;
+ CK_MECHANISM_TYPE target;
+ PRBool isTLS, isTLS12;
+ int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ clntPubKey.keyType = ecKey;
+ clntPubKey.u.ec.DEREncodedParams.len =
+ serverKeyPair->pubKey->u.ec.DEREncodedParams.len;
+ clntPubKey.u.ec.DEREncodedParams.data =
+ serverKeyPair->pubKey->u.ec.DEREncodedParams.data;
+ clntPubKey.u.ec.encoding = ECPoint_Undefined;
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &clntPubKey.u.ec.publicValue,
+ 1, &b, &length);
+ if (rv != SECSuccess) {
+ PORT_SetError(errCode);
+ return SECFailure;
+ }
+
+ /* we have to catch the case when the client's public key has length 0. */
+ if (!clntPubKey.u.ec.publicValue.len) {
+ (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(errCode);
+ return SECFailure;
+ }
+
+ isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
+ isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+
+ if (isTLS12) {
+ target = CKM_TLS12_MASTER_KEY_DERIVE_DH;
+ } else if (isTLS) {
+ target = CKM_TLS_MASTER_KEY_DERIVE_DH;
+ } else {
+ target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
+ }
+
+ /* Determine the PMS */
+ pms = PK11_PubDeriveWithKDF(serverKeyPair->privKey, &clntPubKey,
+ PR_FALSE, NULL, NULL,
+ CKM_ECDH1_DERIVE, target, CKA_DERIVE, 0,
+ CKD_NULL, NULL, NULL);
+
+ if (pms == NULL) {
+ /* last gasp. */
+ errCode = ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
+ PORT_SetError(errCode);
+ return SECFailure;
+ }
+
+ rv = ssl3_InitPendingCipherSpec(ss, pms);
+ PK11_FreeSymKey(pms);
+ if (rv != SECSuccess) {
+ /* error code set by ssl3_InitPendingCipherSpec */
+ return SECFailure;
+ }
+ ss->sec.keaGroup = ssl_ECPubKey2NamedGroup(&clntPubKey);
+ return SECSuccess;
+}
+
+/*
+** Take an encoded key share and make a public key out of it.
+*/
+SECStatus
+ssl_ImportECDHKeyShare(sslSocket *ss, SECKEYPublicKey *peerKey,
+ SSL3Opaque *b, PRUint32 length,
+ const sslNamedGroupDef *ecGroup)
+{
+ SECStatus rv;
+ SECItem ecPoint = { siBuffer, NULL, 0 };
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (!length) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_ECDHE_KEY_SHARE);
+ return SECFailure;
+ }
+
+ /* Fail if the ec point uses compressed representation */
+ if (b[0] != EC_POINT_FORM_UNCOMPRESSED &&
+ ecGroup->name != ssl_grp_ec_curve25519) {
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM);
+ return SECFailure;
+ }
+
+ peerKey->keyType = ecKey;
+ /* Set up the encoded params */
+ rv = ssl_NamedGroup2ECParams(peerKey->arena, ecGroup,
+ &peerKey->u.ec.DEREncodedParams);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_RX_MALFORMED_ECDHE_KEY_SHARE);
+ return SECFailure;
+ }
+ peerKey->u.ec.encoding = ECPoint_Undefined;
+
+ /* copy publicValue in peerKey */
+ ecPoint.data = b;
+ ecPoint.len = length;
+
+ rv = SECITEM_CopyItem(peerKey->arena, &peerKey->u.ec.publicValue, &ecPoint);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+const sslNamedGroupDef *
+ssl_GetECGroupWithStrength(sslSocket *ss, unsigned int requiredECCbits)
+{
+ int i;
+
+ PORT_Assert(ss);
+
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ const sslNamedGroupDef *group = ss->namedGroupPreferences[i];
+ if (group && group->keaType == ssl_kea_ecdh &&
+ group->bits >= requiredECCbits) {
+ return group;
+ }
+ }
+
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return NULL;
+}
+
+/* Find the "weakest link". Get the strength of the signature and symmetric
+ * keys and choose a curve based on the weakest of those two. */
+const sslNamedGroupDef *
+ssl_GetECGroupForServerSocket(sslSocket *ss)
+{
+ const sslServerCert *cert = ss->sec.serverCert;
+ unsigned int certKeySize;
+ const ssl3BulkCipherDef *bulkCipher;
+ unsigned int requiredECCbits;
+
+ PORT_Assert(cert);
+ if (!cert || !cert->serverKeyPair || !cert->serverKeyPair->pubKey) {
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return NULL;
+ }
+
+ if (cert->certType.authType == ssl_auth_rsa_sign) {
+ certKeySize = SECKEY_PublicKeyStrengthInBits(cert->serverKeyPair->pubKey);
+ certKeySize =
+ SSL_RSASTRENGTH_TO_ECSTRENGTH(certKeySize);
+ } else if (cert->certType.authType == ssl_auth_ecdsa ||
+ cert->certType.authType == ssl_auth_ecdh_rsa ||
+ cert->certType.authType == ssl_auth_ecdh_ecdsa) {
+ const sslNamedGroupDef *groupDef = cert->certType.namedCurve;
+
+ /* We won't select a certificate unless the named curve has been
+ * negotiated (or supported_curves was absent), double check that. */
+ PORT_Assert(groupDef->keaType == ssl_kea_ecdh);
+ PORT_Assert(ssl_NamedGroupEnabled(ss, groupDef));
+ if (!ssl_NamedGroupEnabled(ss, groupDef)) {
+ return NULL;
+ }
+ certKeySize = groupDef->bits;
+ } else {
+ PORT_Assert(0);
+ return NULL;
+ }
+ bulkCipher = ssl_GetBulkCipherDef(ss->ssl3.hs.suite_def);
+ requiredECCbits = bulkCipher->key_size * BPB * 2;
+ PORT_Assert(requiredECCbits ||
+ ss->ssl3.hs.suite_def->bulk_cipher_alg == cipher_null);
+ if (requiredECCbits > certKeySize) {
+ requiredECCbits = certKeySize;
+ }
+
+ return ssl_GetECGroupWithStrength(ss, requiredECCbits);
+}
+
+/* Create an ECDHE key pair for a given curve */
+SECStatus
+ssl_CreateECDHEphemeralKeyPair(const sslSocket *ss,
+ const sslNamedGroupDef *ecGroup,
+ sslEphemeralKeyPair **keyPair)
+{
+ SECKEYPrivateKey *privKey = NULL;
+ SECKEYPublicKey *pubKey = NULL;
+ SECKEYECParams ecParams = { siBuffer, NULL, 0 };
+ sslEphemeralKeyPair *pair;
+
+ if (ssl_NamedGroup2ECParams(NULL, ecGroup, &ecParams) != SECSuccess) {
+ return SECFailure;
+ }
+ privKey = SECKEY_CreateECPrivateKey(&ecParams, &pubKey, ss->pkcs11PinArg);
+ SECITEM_FreeItem(&ecParams, PR_FALSE);
+
+ if (!privKey || !pubKey ||
+ !(pair = ssl_NewEphemeralKeyPair(ecGroup, privKey, pubKey))) {
+ if (privKey) {
+ SECKEY_DestroyPrivateKey(privKey);
+ }
+ if (pubKey) {
+ SECKEY_DestroyPublicKey(pubKey);
+ }
+ ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
+ return SECFailure;
+ }
+
+ *keyPair = pair;
+ SSL_TRC(50, ("%d: SSL[%d]: Create ECDH ephemeral key %d",
+ SSL_GETPID(), ss ? ss->fd : NULL, ecGroup->name));
+ PRINT_BUF(50, (ss, "Public Key", pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len));
+#ifdef TRACE
+ if (ssl_trace >= 50) {
+ SECItem d = { siBuffer, NULL, 0 };
+ SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, privKey,
+ CKA_VALUE, &d);
+ if (rv == SECSuccess) {
+ PRINT_BUF(50, (ss, "Private Key", d.data, d.len));
+ SECITEM_FreeItem(&d, PR_FALSE);
+ } else {
+ SSL_TRC(50, ("Error extracting private key"));
+ }
+ }
+#endif
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_HandleECDHServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ PLArenaPool *arena = NULL;
+ SECKEYPublicKey *peerKey = NULL;
+ PRBool isTLS;
+ SECStatus rv;
+ int errCode = SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH;
+ SSL3AlertDescription desc = illegal_parameter;
+ SSL3Hashes hashes;
+ SECItem signature = { siBuffer, NULL, 0 };
+ SSLHashType hashAlg;
+ SSLSignatureScheme sigScheme;
+
+ SECItem ec_params = { siBuffer, NULL, 0 };
+ SECItem ec_point = { siBuffer, NULL, 0 };
+ unsigned char paramBuf[3];
+ const sslNamedGroupDef *ecGroup;
+
+ isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
+
+ ec_params.len = sizeof paramBuf;
+ ec_params.data = paramBuf;
+ rv = ssl3_ConsumeHandshake(ss, ec_params.data, ec_params.len, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+
+ /* Fail if the curve is not a named curve */
+ if (ec_params.data[0] != ec_type_named) {
+ errCode = SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+ ecGroup = ssl_LookupNamedGroup(ec_params.data[1] << 8 | ec_params.data[2]);
+ if (!ecGroup || ecGroup->keaType != ssl_kea_ecdh) {
+ errCode = SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &ec_point, 1, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+
+ /* Fail if the provided point has length 0. */
+ if (!ec_point.len) {
+ /* desc and errCode are initialized already */
+ goto alert_loser;
+ }
+
+ /* Fail if the ec point is not uncompressed for any curve that's not 25519. */
+ if (ecGroup->name != ssl_grp_ec_curve25519 &&
+ ec_point.data[0] != EC_POINT_FORM_UNCOMPRESSED) {
+ errCode = SEC_ERROR_UNSUPPORTED_EC_POINT_FORM;
+ desc = handshake_failure;
+ goto alert_loser;
+ }
+
+ PORT_Assert(ss->ssl3.prSpec->version <= SSL_LIBRARY_VERSION_TLS_1_2);
+ if (ss->ssl3.prSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) {
+ rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed or unsupported. */
+ }
+ rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme,
+ ss->sec.peerCert);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
+ } else {
+ /* Use ssl_hash_none to represent the MD5+SHA1 combo. */
+ hashAlg = ssl_hash_none;
+ sigScheme = ssl_sig_none;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
+ if (rv != SECSuccess) {
+ goto loser; /* malformed. */
+ }
+
+ if (length != 0) {
+ if (isTLS)
+ desc = decode_error;
+ goto alert_loser; /* malformed. */
+ }
+
+ PRINT_BUF(60, (NULL, "Server EC params", ec_params.data, ec_params.len));
+ PRINT_BUF(60, (NULL, "Server EC point", ec_point.data, ec_point.len));
+
+ /* failures after this point are not malformed handshakes. */
+ /* TLS: send decrypt_error if signature failed. */
+ desc = isTLS ? decrypt_error : handshake_failure;
+
+ /*
+ * check to make sure the hash is signed by right guy
+ */
+ rv = ssl3_ComputeECDHKeyHash(hashAlg, ec_params, ec_point,
+ &ss->ssl3.hs.client_random,
+ &ss->ssl3.hs.server_random,
+ &hashes);
+
+ if (rv != SECSuccess) {
+ errCode =
+ ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ goto alert_loser;
+ }
+ rv = ssl3_VerifySignedHashes(ss, sigScheme, &hashes, &signature);
+ if (rv != SECSuccess) {
+ errCode =
+ ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ goto alert_loser;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ errCode = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+
+ peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
+ if (peerKey == NULL) {
+ errCode = SEC_ERROR_NO_MEMORY;
+ goto loser;
+ }
+ peerKey->arena = arena;
+
+ /* create public key from point data */
+ rv = ssl_ImportECDHKeyShare(ss, peerKey, ec_point.data, ec_point.len,
+ ecGroup);
+ if (rv != SECSuccess) {
+ /* error code is set */
+ desc = handshake_failure;
+ errCode = PORT_GetError();
+ goto alert_loser;
+ }
+ peerKey->pkcs11Slot = NULL;
+ peerKey->pkcs11ID = CK_INVALID_HANDLE;
+
+ ss->sec.peerKey = peerKey;
+ return SECSuccess;
+
+alert_loser:
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+loser:
+ if (arena) {
+ PORT_FreeArena(arena, PR_FALSE);
+ }
+ PORT_SetError(errCode);
+ return SECFailure;
+}
+
+SECStatus
+ssl3_SendECDHServerKeyExchange(sslSocket *ss)
+{
+ SECStatus rv = SECFailure;
+ int length;
+ PRBool isTLS12;
+ SECItem signed_hash = { siBuffer, NULL, 0 };
+ SSLHashType hashAlg;
+ SSL3Hashes hashes;
+
+ SECItem ec_params = { siBuffer, NULL, 0 };
+ unsigned char paramBuf[3];
+ const sslNamedGroupDef *ecGroup;
+ sslEphemeralKeyPair *keyPair;
+ SECKEYPublicKey *pubKey;
+
+ /* Generate ephemeral ECDH key pair and send the public key */
+ ecGroup = ssl_GetECGroupForServerSocket(ss);
+ if (!ecGroup) {
+ goto loser;
+ }
+
+ PORT_Assert(PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+ if (ss->opt.reuseServerECDHEKey) {
+ rv = ssl_CreateStaticECDHEKey(ss, ecGroup);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ keyPair = (sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+ } else {
+ rv = ssl_CreateECDHEphemeralKeyPair(ss, ecGroup, &keyPair);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
+ }
+
+ PORT_Assert(keyPair);
+ if (!keyPair) {
+ PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ return SECFailure;
+ }
+
+ ec_params.len = sizeof(paramBuf);
+ ec_params.data = paramBuf;
+ PORT_Assert(keyPair->group);
+ PORT_Assert(keyPair->group->keaType == ssl_kea_ecdh);
+ ec_params.data[0] = ec_type_named;
+ ec_params.data[1] = keyPair->group->name >> 8;
+ ec_params.data[2] = keyPair->group->name & 0xff;
+
+ pubKey = keyPair->keys->pubKey;
+ if (ss->ssl3.pwSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) {
+ hashAlg = ssl_SignatureSchemeToHashType(ss->ssl3.hs.signatureScheme);
+ } else {
+ /* Use ssl_hash_none to represent the MD5+SHA1 combo. */
+ hashAlg = ssl_hash_none;
+ }
+ rv = ssl3_ComputeECDHKeyHash(hashAlg, ec_params,
+ pubKey->u.ec.publicValue,
+ &ss->ssl3.hs.client_random,
+ &ss->ssl3.hs.server_random,
+ &hashes);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+
+ isTLS12 = (PRBool)(ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
+
+ rv = ssl3_SignHashes(ss, &hashes,
+ ss->sec.serverCert->serverKeyPair->privKey, &signed_hash);
+ if (rv != SECSuccess) {
+ goto loser; /* ssl3_SignHashes has set err. */
+ }
+
+ length = ec_params.len +
+ 1 + pubKey->u.ec.publicValue.len +
+ (isTLS12 ? 2 : 0) + 2 + signed_hash.len;
+
+ rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl3_AppendHandshake(ss, ec_params.data, ec_params.len);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.ec.publicValue.data,
+ pubKey->u.ec.publicValue.len, 1);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ if (isTLS12) {
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.signatureScheme, 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
+ signed_hash.len, 2);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by AppendHandshake. */
+ }
+
+ PORT_Free(signed_hash.data);
+ return SECSuccess;
+
+loser:
+ if (signed_hash.data != NULL)
+ PORT_Free(signed_hash.data);
+ return SECFailure;
+}
+
+/* List of all ECC cipher suites */
+static const ssl3CipherSuite ssl_all_ec_suites[] = {
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA,
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ TLS_ECDHE_RSA_WITH_NULL_SHA,
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_NULL_SHA,
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDH_RSA_WITH_NULL_SHA,
+ TLS_ECDH_RSA_WITH_RC4_128_SHA,
+ 0 /* end of list marker */
+};
+
+static const ssl3CipherSuite ssl_dhe_suites[] = {
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS_DHE_DSS_WITH_RC4_128_SHA,
+ TLS_DHE_RSA_WITH_DES_CBC_SHA,
+ TLS_DHE_DSS_WITH_DES_CBC_SHA,
+ 0
+};
+
+/* Order(N^2). Yuk. */
+static PRBool
+ssl_IsSuiteEnabled(const sslSocket *ss, const ssl3CipherSuite *list)
+{
+ const ssl3CipherSuite *suite;
+
+ for (suite = list; *suite; ++suite) {
+ PRBool enabled = PR_FALSE;
+ SECStatus rv = ssl3_CipherPrefGet(ss, *suite, &enabled);
+
+ PORT_Assert(rv == SECSuccess); /* else is coding error */
+ if (rv == SECSuccess && enabled)
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+/* Ask: is ANY ECC cipher suite enabled on this socket? */
+PRBool
+ssl_IsECCEnabled(const sslSocket *ss)
+{
+ PK11SlotInfo *slot;
+
+ /* make sure we can do ECC */
+ slot = PK11_GetBestSlot(CKM_ECDH1_DERIVE, ss->pkcs11PinArg);
+ if (!slot) {
+ return PR_FALSE;
+ }
+ PK11_FreeSlot(slot);
+
+ /* make sure an ECC cipher is enabled */
+ return ssl_IsSuiteEnabled(ss, ssl_all_ec_suites);
+}
+
+PRBool
+ssl_IsDHEEnabled(const sslSocket *ss)
+{
+ return ssl_IsSuiteEnabled(ss, ssl_dhe_suites);
+}
+
+/* Send our Supported Groups extension. */
+PRInt32
+ssl_SendSupportedGroupsXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ unsigned char enabledGroups[64];
+ unsigned int enabledGroupsLen = 0;
+ unsigned int i;
+ PRBool ec;
+ PRBool ff = PR_FALSE;
+
+ if (!ss)
+ return 0;
+
+ /* We only send FF supported groups if we require DH named groups
+ * or if TLS 1.3 is a possibility. */
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3) {
+ ec = ssl_IsECCEnabled(ss);
+ if (ss->opt.requireDHENamedGroups) {
+ ff = ssl_IsDHEEnabled(ss);
+ }
+ if (!ec && !ff)
+ return 0;
+ } else {
+ ec = ff = PR_TRUE;
+ }
+
+ PORT_Assert(sizeof(enabledGroups) > SSL_NAMED_GROUP_COUNT * 2);
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ const sslNamedGroupDef *group = ss->namedGroupPreferences[i];
+ if (!group) {
+ continue;
+ }
+ if (group->keaType == ssl_kea_ecdh && !ec) {
+ continue;
+ }
+ if (group->keaType == ssl_kea_dh && !ff) {
+ continue;
+ }
+
+ if (append) {
+ (void)ssl_EncodeUintX(group->name, 2, &enabledGroups[enabledGroupsLen]);
+ }
+ enabledGroupsLen += 2;
+ }
+
+ if (enabledGroupsLen == 0) {
+ return 0;
+ }
+
+ extension_length =
+ 2 /* extension type */ +
+ 2 /* extension length */ +
+ 2 /* enabled groups length */ +
+ enabledGroupsLen;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_supported_groups_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess)
+ return -1;
+ rv = ssl3_ExtAppendHandshakeVariable(ss, enabledGroups,
+ enabledGroupsLen, 2);
+ if (rv != SECSuccess)
+ return -1;
+ if (!ss->sec.isServer) {
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_supported_groups_xtn;
+ }
+ }
+ return extension_length;
+}
+
+/* Send our "canned" (precompiled) Supported Point Formats extension,
+ * which says that we only support uncompressed points.
+ */
+PRInt32
+ssl3_SendSupportedPointFormatsXtn(
+ const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ static const PRUint8 ecPtFmt[6] = {
+ 0, 11, /* Extension type */
+ 0, 2, /* octets that follow */
+ 1, /* octets that follow */
+ 0 /* uncompressed type only */
+ };
+
+ /* No point in doing this unless we have a socket that supports ECC.
+ * Similarly, no point if we are going to do TLS 1.3 only or we have already
+ * picked TLS 1.3 (server) given that it doesn't use point formats. */
+ if (!ss || !ssl_IsECCEnabled(ss) ||
+ ss->vrange.min >= SSL_LIBRARY_VERSION_TLS_1_3 ||
+ (ss->sec.isServer && ss->version >= SSL_LIBRARY_VERSION_TLS_1_3))
+ return 0;
+ if (append && maxBytes >= (sizeof ecPtFmt)) {
+ SECStatus rv = ssl3_ExtAppendHandshake(ss, ecPtFmt, (sizeof ecPtFmt));
+ if (rv != SECSuccess)
+ return -1;
+ if (!ss->sec.isServer) {
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_ec_point_formats_xtn;
+ }
+ }
+ return sizeof(ecPtFmt);
+}
diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c
new file mode 100644
index 000000000..0da41be12
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3ext.c
@@ -0,0 +1,530 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * SSL3 Protocol
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* TLS extension code moved here from ssl3ecc.c */
+
+#include "nssrenam.h"
+#include "nss.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "ssl3exthandle.h"
+#include "tls13exthandle.h"
+
+/* Table of handlers for received TLS hello extensions, one per extension.
+ * In the second generation, this table will be dynamic, and functions
+ * will be registered here.
+ */
+/* This table is used by the server, to handle client hello extensions. */
+static const ssl3ExtensionHandler clientHelloHandlers[] = {
+ { ssl_server_name_xtn, &ssl3_HandleServerNameXtn },
+ { ssl_supported_groups_xtn, &ssl_HandleSupportedGroupsXtn },
+ { ssl_ec_point_formats_xtn, &ssl3_HandleSupportedPointFormatsXtn },
+ { ssl_session_ticket_xtn, &ssl3_ServerHandleSessionTicketXtn },
+ { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
+ { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn },
+ { ssl_app_layer_protocol_xtn, &ssl3_ServerHandleAppProtoXtn },
+ { ssl_use_srtp_xtn, &ssl3_ServerHandleUseSRTPXtn },
+ { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn },
+ { ssl_signature_algorithms_xtn, &ssl3_ServerHandleSigAlgsXtn },
+ { ssl_extended_master_secret_xtn, &ssl3_HandleExtendedMasterSecretXtn },
+ { ssl_signed_cert_timestamp_xtn, &ssl3_ServerHandleSignedCertTimestampXtn },
+ { ssl_tls13_key_share_xtn, &tls13_ServerHandleKeyShareXtn },
+ { ssl_tls13_pre_shared_key_xtn, &tls13_ServerHandlePreSharedKeyXtn },
+ { ssl_tls13_early_data_xtn, &tls13_ServerHandleEarlyDataXtn },
+ { ssl_tls13_psk_key_exchange_modes_xtn,
+ &tls13_ServerHandlePskKeyExchangeModesXtn },
+ { ssl_tls13_short_header_xtn, &tls13_HandleShortHeaderXtn },
+ { -1, NULL }
+};
+
+/* These two tables are used by the client, to handle server hello
+ * extensions. */
+static const ssl3ExtensionHandler serverHelloHandlersTLS[] = {
+ { ssl_server_name_xtn, &ssl3_HandleServerNameXtn },
+ /* TODO: add a handler for ssl_ec_point_formats_xtn */
+ { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn },
+ { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
+ { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn },
+ { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn },
+ { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn },
+ { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
+ { ssl_extended_master_secret_xtn, &ssl3_HandleExtendedMasterSecretXtn },
+ { ssl_signed_cert_timestamp_xtn, &ssl3_ClientHandleSignedCertTimestampXtn },
+ { ssl_tls13_key_share_xtn, &tls13_ClientHandleKeyShareXtn },
+ { ssl_tls13_pre_shared_key_xtn, &tls13_ClientHandlePreSharedKeyXtn },
+ { ssl_tls13_early_data_xtn, &tls13_ClientHandleEarlyDataXtn },
+ { ssl_tls13_short_header_xtn, &tls13_HandleShortHeaderXtn },
+ { -1, NULL }
+};
+
+static const ssl3ExtensionHandler helloRetryRequestHandlers[] = {
+ { ssl_tls13_key_share_xtn, tls13_ClientHandleKeyShareXtnHrr },
+ { ssl_tls13_cookie_xtn, tls13_ClientHandleHrrCookie },
+ { -1, NULL }
+};
+
+static const ssl3ExtensionHandler serverHelloHandlersSSL3[] = {
+ { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
+ { -1, NULL }
+};
+
+static const ssl3ExtensionHandler newSessionTicketHandlers[] = {
+ { ssl_tls13_ticket_early_data_info_xtn,
+ &tls13_ClientHandleTicketEarlyDataInfoXtn },
+ { -1, NULL }
+};
+
+/* This table is used by the client to handle server certificates in TLS 1.3 */
+static const ssl3ExtensionHandler serverCertificateHandlers[] = {
+ { ssl_signed_cert_timestamp_xtn, &ssl3_ClientHandleSignedCertTimestampXtn },
+ { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
+ { -1, NULL }
+};
+
+/* Tables of functions to format TLS hello extensions, one function per
+ * extension.
+ * These static tables are for the formatting of client hello extensions.
+ * The server's table of hello senders is dynamic, in the socket struct,
+ * and sender functions are registered there.
+ * NB: the order of these extensions can have an impact on compatibility. Some
+ * servers (e.g. Tomcat) will terminate the connection if the last extension in
+ * the client hello is empty (for example, the extended master secret
+ * extension, if it were listed last). See bug 1243641.
+ */
+static const ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] =
+ {
+ { ssl_server_name_xtn, &ssl3_SendServerNameXtn },
+ { ssl_extended_master_secret_xtn, &ssl3_SendExtendedMasterSecretXtn },
+ { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn },
+ { ssl_supported_groups_xtn, &ssl_SendSupportedGroupsXtn },
+ { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn },
+ { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn },
+ { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn },
+ { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn },
+ { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn },
+ { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },
+ { ssl_signed_cert_timestamp_xtn, &ssl3_ClientSendSignedCertTimestampXtn },
+ { ssl_tls13_key_share_xtn, &tls13_ClientSendKeyShareXtn },
+ { ssl_tls13_early_data_xtn, &tls13_ClientSendEarlyDataXtn },
+ /* Some servers (e.g. WebSphere Application Server 7.0 and Tomcat) will
+ * time out or terminate the connection if the last extension in the
+ * client hello is empty. They are not intolerant of TLS 1.2, so list
+ * signature_algorithms at the end. See bug 1243641. */
+ { ssl_tls13_supported_versions_xtn, &tls13_ClientSendSupportedVersionsXtn },
+ { ssl_tls13_short_header_xtn, &tls13_SendShortHeaderXtn },
+ { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
+ { ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn },
+ { ssl_tls13_psk_key_exchange_modes_xtn,
+ &tls13_ClientSendPskKeyExchangeModesXtn },
+ /* The pre_shared_key extension MUST be last. */
+ { ssl_tls13_pre_shared_key_xtn, &tls13_ClientSendPreSharedKeyXtn },
+ /* any extra entries will appear as { 0, NULL } */
+ };
+
+static const ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = {
+ { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }
+ /* any extra entries will appear as { 0, NULL } */
+};
+
+static PRBool
+arrayContainsExtension(const PRUint16 *array, PRUint32 len, PRUint16 ex_type)
+{
+ unsigned int i;
+ for (i = 0; i < len; i++) {
+ if (ex_type == array[i])
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+PRBool
+ssl3_ExtensionNegotiated(const sslSocket *ss, PRUint16 ex_type)
+{
+ const TLSExtensionData *xtnData = &ss->xtnData;
+ return arrayContainsExtension(xtnData->negotiated,
+ xtnData->numNegotiated, ex_type);
+}
+
+PRBool
+ssl3_ClientExtensionAdvertised(const sslSocket *ss, PRUint16 ex_type)
+{
+ const TLSExtensionData *xtnData = &ss->xtnData;
+ return arrayContainsExtension(xtnData->advertised,
+ xtnData->numAdvertised, ex_type);
+}
+
+/* Go through hello extensions in |b| and deserialize
+ * them into the list in |ss->ssl3.hs.remoteExtensions|.
+ * The only checking we do in this point is for duplicates.
+ *
+ * IMPORTANT: This list just contains pointers to the incoming
+ * buffer so they can only be used during ClientHello processing.
+ */
+SECStatus
+ssl3_ParseExtensions(sslSocket *ss, SSL3Opaque **b, PRUint32 *length)
+{
+ /* Clean out the extensions list. */
+ ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
+
+ while (*length) {
+ SECStatus rv;
+ PRInt32 extension_type;
+ SECItem extension_data = { siBuffer, NULL, 0 };
+ TLSExtension *extension;
+ PRCList *cursor;
+
+ /* Get the extension's type field */
+ extension_type = ssl3_ConsumeHandshakeNumber(ss, 2, b, length);
+ if (extension_type < 0) { /* failure to decode extension_type */
+ return SECFailure; /* alert already sent */
+ }
+
+ SSL_TRC(10, ("%d: SSL3[%d]: parsing extension %d",
+ SSL_GETPID(), ss->fd, extension_type));
+ /* Check whether an extension has been sent multiple times. */
+ for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
+ cursor != &ss->ssl3.hs.remoteExtensions;
+ cursor = PR_NEXT_LINK(cursor)) {
+ if (((TLSExtension *)cursor)->type == extension_type) {
+ (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_EXTENSION);
+ return SECFailure;
+ }
+ }
+
+ /* Get the data for this extension, so we can pass it or skip it. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &extension_data, 2, b, length);
+ if (rv != SECSuccess) {
+ return rv; /* alert already sent */
+ }
+
+ extension = PORT_ZNew(TLSExtension);
+ if (!extension) {
+ return SECFailure;
+ }
+
+ extension->type = (PRUint16)extension_type;
+ extension->data = extension_data;
+ PR_APPEND_LINK(&extension->link, &ss->ssl3.hs.remoteExtensions);
+ }
+
+ return SECSuccess;
+}
+
+TLSExtension *
+ssl3_FindExtension(sslSocket *ss, SSLExtensionType extension_type)
+{
+ PRCList *cursor;
+
+ for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
+ cursor != &ss->ssl3.hs.remoteExtensions;
+ cursor = PR_NEXT_LINK(cursor)) {
+ TLSExtension *extension = (TLSExtension *)cursor;
+
+ if (extension->type == extension_type) {
+ return extension;
+ }
+ }
+
+ return NULL;
+}
+
+/* Go through the hello extensions in |ss->ssl3.hs.remoteExtensions|.
+ * For each one, find the extension handler in the table, and
+ * if present, invoke that handler.
+ * Servers ignore any extensions with unknown extension types.
+ * Clients reject any extensions with unadvertised extension types
+ *
+ * In TLS >= 1.3, the client checks that extensions appear in the
+ * right phase.
+ */
+SECStatus
+ssl3_HandleParsedExtensions(sslSocket *ss,
+ SSL3HandshakeType handshakeMessage)
+{
+ const ssl3ExtensionHandler *handlers;
+ PRBool isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
+ PRCList *cursor;
+
+ switch (handshakeMessage) {
+ case client_hello:
+ handlers = clientHelloHandlers;
+ break;
+ case new_session_ticket:
+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ handlers = newSessionTicketHandlers;
+ break;
+ case hello_retry_request:
+ handlers = helloRetryRequestHandlers;
+ break;
+ case encrypted_extensions:
+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ /* fall through */
+ case server_hello:
+ if (ss->version > SSL_LIBRARY_VERSION_3_0) {
+ handlers = serverHelloHandlersTLS;
+ } else {
+ handlers = serverHelloHandlersSSL3;
+ }
+ break;
+ case certificate:
+ PORT_Assert(!ss->sec.isServer);
+ handlers = serverCertificateHandlers;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0);
+ return SECFailure;
+ }
+
+ for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
+ cursor != &ss->ssl3.hs.remoteExtensions;
+ cursor = PR_NEXT_LINK(cursor)) {
+ TLSExtension *extension = (TLSExtension *)cursor;
+ const ssl3ExtensionHandler *handler;
+
+ /* Check whether the server sent an extension which was not advertised
+ * in the ClientHello */
+ if (!ss->sec.isServer &&
+ !ssl3_ClientExtensionAdvertised(ss, extension->type) &&
+ (handshakeMessage != new_session_ticket) &&
+ (extension->type != ssl_tls13_cookie_xtn)) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unsupported_extension);
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_EXTENSION);
+ return SECFailure;
+ }
+
+ /* Check that this is a legal extension in TLS 1.3 */
+ if (isTLS13 && !tls13_ExtensionAllowed(extension->type, handshakeMessage)) {
+ if (handshakeMessage == client_hello) {
+ /* Skip extensions not used in TLS 1.3 */
+ continue;
+ }
+ tls13_FatalError(ss, SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION,
+ unsupported_extension);
+ return SECFailure;
+ }
+
+ /* Special check for this being the last extension if it's
+ * PreSharedKey */
+ if (ss->sec.isServer && isTLS13 &&
+ (extension->type == ssl_tls13_pre_shared_key_xtn) &&
+ (PR_NEXT_LINK(cursor) != &ss->ssl3.hs.remoteExtensions)) {
+ tls13_FatalError(ss,
+ SSL_ERROR_RX_MALFORMED_CLIENT_HELLO,
+ illegal_parameter);
+ return SECFailure;
+ }
+
+ /* find extension_type in table of Hello Extension Handlers */
+ for (handler = handlers; handler->ex_type >= 0; handler++) {
+ /* if found, call this handler */
+ if (handler->ex_type == extension->type) {
+ SECStatus rv;
+
+ rv = (*handler->ex_handler)(ss, &ss->xtnData,
+ (PRUint16)extension->type,
+ &extension->data);
+ if (rv != SECSuccess) {
+ if (!ss->ssl3.fatalAlertSent) {
+ /* send a generic alert if the handler didn't already */
+ (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
+ }
+ return SECFailure;
+ }
+ }
+ }
+ }
+ return SECSuccess;
+}
+
+/* Syntactic sugar around ssl3_ParseExtensions and
+ * ssl3_HandleParsedExtensions. */
+SECStatus
+ssl3_HandleExtensions(sslSocket *ss,
+ SSL3Opaque **b, PRUint32 *length,
+ SSL3HandshakeType handshakeMessage)
+{
+ SECStatus rv;
+
+ rv = ssl3_ParseExtensions(ss, b, length);
+ if (rv != SECSuccess)
+ return rv;
+
+ rv = ssl3_HandleParsedExtensions(ss, handshakeMessage);
+ if (rv != SECSuccess)
+ return rv;
+
+ ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
+ return SECSuccess;
+}
+
+/* Add a callback function to the table of senders of server hello extensions.
+ */
+SECStatus
+ssl3_RegisterExtensionSender(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ ssl3HelloExtensionSenderFunc cb)
+{
+ int i;
+ ssl3HelloExtensionSender *sender;
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ sender = &xtnData->serverHelloSenders[0];
+ } else {
+ if (tls13_ExtensionAllowed(ex_type, server_hello)) {
+ PORT_Assert(!tls13_ExtensionAllowed(ex_type, encrypted_extensions));
+ sender = &xtnData->serverHelloSenders[0];
+ } else if (tls13_ExtensionAllowed(ex_type, certificate)) {
+ sender = &xtnData->certificateSenders[0];
+ } else {
+ PORT_Assert(tls13_ExtensionAllowed(ex_type, encrypted_extensions));
+ sender = &xtnData->encryptedExtensionsSenders[0];
+ }
+ }
+ for (i = 0; i < SSL_MAX_EXTENSIONS; ++i, ++sender) {
+ if (!sender->ex_sender) {
+ sender->ex_type = ex_type;
+ sender->ex_sender = cb;
+ return SECSuccess;
+ }
+ /* detect duplicate senders */
+ PORT_Assert(sender->ex_type != ex_type);
+ if (sender->ex_type == ex_type) {
+ /* duplicate */
+ break;
+ }
+ }
+ PORT_Assert(i < SSL_MAX_EXTENSIONS); /* table needs to grow */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+}
+
+/* call each of the extension senders and return the accumulated length */
+PRInt32
+ssl3_CallHelloExtensionSenders(sslSocket *ss, PRBool append, PRUint32 maxBytes,
+ const ssl3HelloExtensionSender *sender)
+{
+ PRInt32 total_exten_len = 0;
+ int i;
+
+ if (!sender) {
+ if (ss->vrange.max > SSL_LIBRARY_VERSION_3_0) {
+ sender = &clientHelloSendersTLS[0];
+ } else {
+ sender = &clientHelloSendersSSL3[0];
+ }
+ }
+
+ for (i = 0; i < SSL_MAX_EXTENSIONS; ++i, ++sender) {
+ if (sender->ex_sender) {
+ PRInt32 extLen = (*sender->ex_sender)(ss, &ss->xtnData, append, maxBytes);
+ if (extLen < 0)
+ return -1;
+ maxBytes -= extLen;
+ total_exten_len += extLen;
+ }
+ }
+ return total_exten_len;
+}
+
+void
+ssl3_DestroyRemoteExtensions(PRCList *list)
+{
+ PRCList *cur_p;
+
+ while (!PR_CLIST_IS_EMPTY(list)) {
+ cur_p = PR_LIST_TAIL(list);
+ PR_REMOVE_LINK(cur_p);
+ PORT_Free(cur_p);
+ }
+}
+
+/* Initialize the extension data block. */
+void
+ssl3_InitExtensionData(TLSExtensionData *xtnData)
+{
+ /* Set things up to the right starting state. */
+ PORT_Memset(xtnData, 0, sizeof(*xtnData));
+ xtnData->peerSupportsFfdheGroups = PR_FALSE;
+ PR_INIT_CLIST(&xtnData->remoteKeyShares);
+}
+
+/* Free everything that has been allocated and then reset back to
+ * the starting state. */
+void
+ssl3_ResetExtensionData(TLSExtensionData *xtnData)
+{
+ /* Clean up. */
+ ssl3_FreeSniNameArray(xtnData);
+ PORT_Free(xtnData->clientSigSchemes);
+ SECITEM_FreeItem(&xtnData->nextProto, PR_FALSE);
+ tls13_DestroyKeyShares(&xtnData->remoteKeyShares);
+
+ /* Now reinit. */
+ ssl3_InitExtensionData(xtnData);
+}
+
+/* Thunks to let extension handlers operate on const sslSocket* objects. */
+SECStatus
+ssl3_ExtAppendHandshake(const sslSocket *ss, const void *void_src,
+ PRInt32 bytes)
+{
+ return ssl3_AppendHandshake((sslSocket *)ss, void_src, bytes);
+}
+
+SECStatus
+ssl3_ExtAppendHandshakeNumber(const sslSocket *ss, PRInt32 num,
+ PRInt32 lenSize)
+{
+ return ssl3_AppendHandshakeNumber((sslSocket *)ss, num, lenSize);
+}
+
+SECStatus
+ssl3_ExtAppendHandshakeVariable(const sslSocket *ss,
+ const SSL3Opaque *src, PRInt32 bytes,
+ PRInt32 lenSize)
+{
+ return ssl3_AppendHandshakeVariable((sslSocket *)ss, src, bytes, lenSize);
+}
+
+void
+ssl3_ExtSendAlert(const sslSocket *ss, SSL3AlertLevel level,
+ SSL3AlertDescription desc)
+{
+ (void)SSL3_SendAlert((sslSocket *)ss, level, desc);
+}
+
+void
+ssl3_ExtDecodeError(const sslSocket *ss)
+{
+ (void)ssl3_DecodeError((sslSocket *)ss);
+}
+
+SECStatus
+ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length)
+{
+ return ssl3_ConsumeHandshake((sslSocket *)ss, v, bytes, b, length);
+}
+
+PRInt32
+ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length)
+{
+ return ssl3_ConsumeHandshakeNumber((sslSocket *)ss, bytes, b, length);
+}
+
+SECStatus
+ssl3_ExtConsumeHandshakeVariable(const sslSocket *ss, SECItem *i,
+ PRInt32 bytes, SSL3Opaque **b,
+ PRUint32 *length)
+{
+ return ssl3_ConsumeHandshakeVariable((sslSocket *)ss, i, bytes, b, length);
+}
diff --git a/security/nss/lib/ssl/ssl3ext.h b/security/nss/lib/ssl/ssl3ext.h
new file mode 100644
index 000000000..f93ad65bd
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3ext.h
@@ -0,0 +1,156 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ssl3ext_h_
+#define __ssl3ext_h_
+
+typedef enum {
+ sni_nametype_hostname
+} SNINameType;
+typedef struct TLSExtensionDataStr TLSExtensionData;
+
+/* registerable callback function that either appends extension to buffer
+ * or returns length of data that it would have appended.
+ */
+typedef PRInt32 (*ssl3HelloExtensionSenderFunc)(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+
+/* registerable callback function that handles a received extension,
+ * of the given type.
+ */
+typedef SECStatus (*ssl3ExtensionHandlerFunc)(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+
+/* row in a table of hello extension senders */
+typedef struct {
+ PRInt32 ex_type;
+ ssl3HelloExtensionSenderFunc ex_sender;
+} ssl3HelloExtensionSender;
+
+/* row in a table of hello extension handlers */
+typedef struct {
+ PRInt32 ex_type;
+ ssl3ExtensionHandlerFunc ex_handler;
+} ssl3ExtensionHandler;
+
+struct TLSExtensionDataStr {
+ /* registered callbacks that send server hello extensions */
+ ssl3HelloExtensionSender serverHelloSenders[SSL_MAX_EXTENSIONS];
+ ssl3HelloExtensionSender encryptedExtensionsSenders[SSL_MAX_EXTENSIONS];
+ ssl3HelloExtensionSender certificateSenders[SSL_MAX_EXTENSIONS];
+
+ /* Keep track of the extensions that are negotiated. */
+ PRUint16 numAdvertised;
+ PRUint16 numNegotiated;
+ PRUint16 advertised[SSL_MAX_EXTENSIONS];
+ PRUint16 negotiated[SSL_MAX_EXTENSIONS];
+
+ /* SessionTicket Extension related data. */
+ PRBool ticketTimestampVerified;
+ PRBool emptySessionTicket;
+ PRBool sentSessionTicketInClientHello;
+ SECItem psk_ke_modes;
+ PRUint32 max_early_data_size;
+
+ /* SNI Extension related data
+ * Names data is not coppied from the input buffer. It can not be
+ * used outside the scope where input buffer is defined and that
+ * is beyond ssl3_HandleClientHello function. */
+ SECItem *sniNameArr;
+ PRUint32 sniNameArrSize;
+
+ /* Signed Certificate Timestamps extracted from the TLS extension.
+ * (client only).
+ * This container holds a temporary pointer to the extension data,
+ * until a session structure (the sec.ci.sid of an sslSocket) is setup
+ * that can hold a permanent copy of the data
+ * (in sec.ci.sid.u.ssl3.signedCertTimestamps).
+ * The data pointed to by this structure is neither explicitly allocated
+ * nor copied: the pointer points to the handshake message buffer and is
+ * only valid in the scope of ssl3_HandleServerHello.
+ */
+ SECItem signedCertTimestamps;
+
+ PRBool peerSupportsFfdheGroups; /* if the peer supports named ffdhe groups */
+
+ /* clientSigAndHash contains the contents of the signature_algorithms
+ * extension (if any) from the client. This is only valid for TLS 1.2
+ * or later. */
+ SSLSignatureScheme *clientSigSchemes;
+ unsigned int numClientSigScheme;
+
+ /* In a client: if the server supports Next Protocol Negotiation, then
+ * this is the protocol that was negotiated.
+ */
+ SECItem nextProto;
+ SSLNextProtoState nextProtoState;
+
+ PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */
+
+ SECItem pskBinder; /* The PSK binder for the first PSK (TLS 1.3) */
+ unsigned long pskBinderPrefixLen; /* The length of the binder input. */
+ PRCList remoteKeyShares; /* The other side's public keys (TLS 1.3) */
+};
+
+typedef struct TLSExtensionStr {
+ PRCList link; /* The linked list link */
+ PRUint16 type; /* Extension type */
+ SECItem data; /* Pointers into the handshake data. */
+} TLSExtension;
+
+SECStatus ssl3_HandleExtensions(sslSocket *ss,
+ SSL3Opaque **b, PRUint32 *length,
+ SSL3HandshakeType handshakeMessage);
+SECStatus ssl3_ParseExtensions(sslSocket *ss,
+ SSL3Opaque **b, PRUint32 *length);
+SECStatus ssl3_HandleParsedExtensions(sslSocket *ss,
+ SSL3HandshakeType handshakeMessage);
+TLSExtension *ssl3_FindExtension(sslSocket *ss,
+ SSLExtensionType extension_type);
+void ssl3_DestroyRemoteExtensions(PRCList *list);
+void ssl3_InitExtensionData(TLSExtensionData *xtnData);
+void ssl3_ResetExtensionData(TLSExtensionData *xtnData);
+
+PRBool ssl3_ExtensionNegotiated(const sslSocket *ss, PRUint16 ex_type);
+PRBool ssl3_ClientExtensionAdvertised(const sslSocket *ss, PRUint16 ex_type);
+
+SECStatus ssl3_RegisterExtensionSender(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ ssl3HelloExtensionSenderFunc cb);
+PRInt32 ssl3_CallHelloExtensionSenders(sslSocket *ss, PRBool append, PRUint32 maxBytes,
+ const ssl3HelloExtensionSender *sender);
+
+unsigned int ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength);
+PRInt32 ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen,
+ PRUint32 maxBytes);
+
+/* Thunks to let us operate on const sslSocket* objects. */
+SECStatus ssl3_ExtAppendHandshake(const sslSocket *ss, const void *void_src,
+ PRInt32 bytes);
+SECStatus ssl3_ExtAppendHandshakeNumber(const sslSocket *ss, PRInt32 num,
+ PRInt32 lenSize);
+SECStatus ssl3_ExtAppendHandshakeVariable(const sslSocket *ss,
+ const SSL3Opaque *src, PRInt32 bytes,
+ PRInt32 lenSize);
+void ssl3_ExtSendAlert(const sslSocket *ss, SSL3AlertLevel level,
+ SSL3AlertDescription desc);
+void ssl3_ExtDecodeError(const sslSocket *ss);
+SECStatus ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length);
+PRInt32 ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length);
+SECStatus ssl3_ExtConsumeHandshakeVariable(const sslSocket *ss, SECItem *i,
+ PRInt32 bytes, SSL3Opaque **b,
+ PRUint32 *length);
+
+#endif
diff --git a/security/nss/lib/ssl/ssl3exthandle.c b/security/nss/lib/ssl/ssl3exthandle.c
new file mode 100644
index 000000000..2a80e2690
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3exthandle.c
@@ -0,0 +1,2579 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssrenam.h"
+#include "nss.h"
+#include "ssl.h"
+#include "sslproto.h"
+#include "sslimpl.h"
+#include "pk11pub.h"
+#include "blapit.h"
+#include "prinit.h"
+#include "ssl3ext.h"
+#include "ssl3exthandle.h"
+#include "tls13exthandle.h" /* For tls13_ServerSendStatusRequestXtn. */
+
+static unsigned char key_name[SESS_TICKET_KEY_NAME_LEN];
+static PK11SymKey *session_ticket_enc_key = NULL;
+static PK11SymKey *session_ticket_mac_key = NULL;
+
+static PRCallOnceType generate_session_keys_once;
+
+static SECStatus ssl3_ParseEncryptedSessionTicket(sslSocket *ss,
+ SECItem *data, EncryptedSessionTicket *enc_session_ticket);
+static SECStatus ssl3_AppendToItem(SECItem *item, const unsigned char *buf,
+ PRUint32 bytes);
+static SECStatus ssl3_ConsumeFromItem(SECItem *item, unsigned char **buf, PRUint32 bytes);
+static SECStatus ssl3_AppendNumberToItem(SECItem *item, PRUint32 num,
+ PRInt32 lenSize);
+static SECStatus ssl3_GetSessionTicketKeys(sslSocket *ss,
+ PK11SymKey **aes_key, PK11SymKey **mac_key);
+static SECStatus ssl3_ConsumeFromItem(SECItem *item, unsigned char **buf, PRUint32 bytes);
+
+/*
+ * Write bytes. Using this function means the SECItem structure
+ * cannot be freed. The caller is expected to call this function
+ * on a shallow copy of the structure.
+ */
+static SECStatus
+ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes)
+{
+ if (bytes > item->len)
+ return SECFailure;
+
+ PORT_Memcpy(item->data, buf, bytes);
+ item->data += bytes;
+ item->len -= bytes;
+ return SECSuccess;
+}
+
+/*
+ * Write a number in network byte order. Using this function means the
+ * SECItem structure cannot be freed. The caller is expected to call
+ * this function on a shallow copy of the structure.
+ */
+static SECStatus
+ssl3_AppendNumberToItem(SECItem *item, PRUint32 num, PRInt32 lenSize)
+{
+ SECStatus rv;
+ PRUint8 b[4];
+ PRUint8 *p = b;
+
+ switch (lenSize) {
+ case 4:
+ *p++ = (PRUint8)(num >> 24);
+ case 3:
+ *p++ = (PRUint8)(num >> 16);
+ case 2:
+ *p++ = (PRUint8)(num >> 8);
+ case 1:
+ *p = (PRUint8)num;
+ }
+ rv = ssl3_AppendToItem(item, &b[0], lenSize);
+ return rv;
+}
+
+SECStatus
+ssl3_SessionTicketShutdown(void *appData, void *nssData)
+{
+ if (session_ticket_enc_key) {
+ PK11_FreeSymKey(session_ticket_enc_key);
+ session_ticket_enc_key = NULL;
+ }
+ if (session_ticket_mac_key) {
+ PK11_FreeSymKey(session_ticket_mac_key);
+ session_ticket_mac_key = NULL;
+ }
+ PORT_Memset(&generate_session_keys_once, 0,
+ sizeof(generate_session_keys_once));
+ return SECSuccess;
+}
+
+static PRStatus
+ssl3_GenerateSessionTicketKeys(void *data)
+{
+ SECStatus rv;
+ sslSocket *ss = (sslSocket *)data;
+ sslServerCertType certType = { ssl_auth_rsa_decrypt, NULL };
+ const sslServerCert *sc;
+ SECKEYPrivateKey *svrPrivKey;
+ SECKEYPublicKey *svrPubKey;
+
+ sc = ssl_FindServerCert(ss, &certType);
+ if (!sc || !sc->serverKeyPair) {
+ SSL_DBG(("%d: SSL[%d]: No ssl_auth_rsa_decrypt cert and key pair",
+ SSL_GETPID(), ss->fd));
+ goto loser;
+ }
+ svrPrivKey = sc->serverKeyPair->privKey;
+ svrPubKey = sc->serverKeyPair->pubKey;
+ if (svrPrivKey == NULL || svrPubKey == NULL) {
+ SSL_DBG(("%d: SSL[%d]: Pub or priv key(s) is NULL.",
+ SSL_GETPID(), ss->fd));
+ goto loser;
+ }
+
+ /* Get a copy of the session keys from shared memory. */
+ PORT_Memcpy(key_name, SESS_TICKET_KEY_NAME_PREFIX,
+ sizeof(SESS_TICKET_KEY_NAME_PREFIX));
+ if (!ssl_GetSessionTicketKeys(svrPrivKey, svrPubKey, ss->pkcs11PinArg,
+ &key_name[SESS_TICKET_KEY_NAME_PREFIX_LEN],
+ &session_ticket_enc_key, &session_ticket_mac_key))
+ return PR_FAILURE;
+
+ rv = NSS_RegisterShutdown(ssl3_SessionTicketShutdown, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+
+ return PR_SUCCESS;
+
+loser:
+ ssl3_SessionTicketShutdown(NULL, NULL);
+ return PR_FAILURE;
+}
+
+static SECStatus
+ssl3_GetSessionTicketKeys(sslSocket *ss, PK11SymKey **aes_key,
+ PK11SymKey **mac_key)
+{
+ if (PR_CallOnceWithArg(&generate_session_keys_once,
+ ssl3_GenerateSessionTicketKeys, ss) !=
+ PR_SUCCESS)
+ return SECFailure;
+
+ if (session_ticket_enc_key == NULL ||
+ session_ticket_mac_key == NULL)
+ return SECFailure;
+
+ *aes_key = session_ticket_enc_key;
+ *mac_key = session_ticket_mac_key;
+ return SECSuccess;
+}
+
+/* Format an SNI extension, using the name from the socket's URL,
+ * unless that name is a dotted decimal string.
+ * Used by client and server.
+ */
+PRInt32
+ssl3_SendServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ SECStatus rv;
+ if (!ss)
+ return 0;
+ if (!ss->sec.isServer) {
+ PRUint32 len;
+ PRNetAddr netAddr;
+
+ /* must have a hostname */
+ if (!ss->url || !ss->url[0])
+ return 0;
+ /* must not be an IPv4 or IPv6 address */
+ if (PR_SUCCESS == PR_StringToNetAddr(ss->url, &netAddr)) {
+ /* is an IP address (v4 or v6) */
+ return 0;
+ }
+ len = PORT_Strlen(ss->url);
+ if (append && maxBytes >= len + 9) {
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_server_name_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* length of extension_data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, len + 5, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* length of server_name_list */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, len + 3, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* Name Type (sni_host_name) */
+ rv = ssl3_ExtAppendHandshake(ss, "\0", 1);
+ if (rv != SECSuccess)
+ return -1;
+ /* HostName (length and value) */
+ rv = ssl3_ExtAppendHandshakeVariable(ss, (PRUint8 *)ss->url, len, 2);
+ if (rv != SECSuccess)
+ return -1;
+ if (!ss->sec.isServer) {
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_server_name_xtn;
+ }
+ }
+ return len + 9;
+ }
+ /* Server side */
+ if (append && maxBytes >= 4) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_server_name_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* length of extension_data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+ return 4;
+}
+
+/* Handle an incoming SNI extension. */
+SECStatus
+ssl3_HandleServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECItem *names = NULL;
+ PRInt32 listLenBytes = 0;
+
+ if (!ss->sec.isServer) {
+ return SECSuccess; /* ignore extension */
+ }
+
+ /* Server side - consume client data and register server sender. */
+ /* do not parse the data if don't have user extension handling function. */
+ if (!ss->sniSocketConfig) {
+ return SECSuccess;
+ }
+
+ /* length of server_name_list */
+ listLenBytes = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (listLenBytes < 0) {
+ goto loser; /* alert already sent */
+ }
+ if (listLenBytes == 0 || listLenBytes != data->len) {
+ goto alert_loser;
+ }
+
+ /* Read ServerNameList. */
+ while (data->len > 0) {
+ SECItem tmp;
+ SECStatus rv;
+ PRInt32 type;
+
+ /* Read Name Type. */
+ type = ssl3_ExtConsumeHandshakeNumber(ss, 1, &data->data, &data->len);
+ if (type < 0) { /* i.e., SECFailure cast to PRint32 */
+ /* alert sent in ConsumeHandshakeNumber */
+ goto loser;
+ }
+
+ /* Read ServerName (length and value). */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &tmp, 2, &data->data, &data->len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Record the value for host_name(0). */
+ if (type == sni_nametype_hostname) {
+ /* Fail if we encounter a second host_name entry. */
+ if (names) {
+ goto alert_loser;
+ }
+
+ /* Create an array for the only supported NameType. */
+ names = PORT_ZNewArray(SECItem, 1);
+ if (!names) {
+ goto loser;
+ }
+
+ /* Copy ServerName into the array. */
+ if (SECITEM_CopyItem(NULL, &names[0], &tmp) != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* Even if we don't support NameTypes other than host_name at the
+ * moment, we continue parsing the whole list to check its validity.
+ * We do not check for duplicate entries with NameType != host_name(0).
+ */
+ }
+ if (names) {
+ /* Free old and set the new data. */
+ ssl3_FreeSniNameArray(xtnData);
+ xtnData->sniNameArr = names;
+ xtnData->sniNameArrSize = 1;
+ xtnData->negotiated[xtnData->numNegotiated++] = ssl_server_name_xtn;
+ }
+ return SECSuccess;
+
+alert_loser:
+ ssl3_ExtDecodeError(ss);
+loser:
+ if (names) {
+ PORT_Free(names);
+ }
+ return SECFailure;
+}
+
+/* Frees a given xtnData->sniNameArr and its elements. */
+void
+ssl3_FreeSniNameArray(TLSExtensionData *xtnData)
+{
+ PRUint32 i;
+
+ if (!xtnData->sniNameArr) {
+ return;
+ }
+
+ for (i = 0; i < xtnData->sniNameArrSize; i++) {
+ SECITEM_FreeItem(&xtnData->sniNameArr[i], PR_FALSE);
+ }
+
+ PORT_Free(xtnData->sniNameArr);
+ xtnData->sniNameArr = NULL;
+ xtnData->sniNameArrSize = 0;
+}
+
+/* Called by both clients and servers.
+ * Clients sends a filled in session ticket if one is available, and otherwise
+ * sends an empty ticket. Servers always send empty tickets.
+ */
+PRInt32
+ssl3_SendSessionTicketXtn(
+ const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ NewSessionTicket *session_ticket = NULL;
+ sslSessionID *sid = ss->sec.ci.sid;
+
+ /* Never send an extension with a ticket for TLS 1.3, but
+ * OK to send the empty one in case the server does 1.2. */
+ if (sid->cached == in_client_cache &&
+ sid->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ return 0;
+ }
+
+ /* Ignore the SessionTicket extension if processing is disabled. */
+ if (!ss->opt.enableSessionTickets)
+ return 0;
+
+ /* Empty extension length = extension_type (2-bytes) +
+ * length(extension_data) (2-bytes)
+ */
+ extension_length = 4;
+
+ /* If we are a client then send a session ticket if one is availble.
+ * Servers that support the extension and are willing to negotiate the
+ * the extension always respond with an empty extension.
+ */
+ if (!ss->sec.isServer) {
+ /* The caller must be holding sid->u.ssl3.lock for reading. We cannot
+ * just acquire and release the lock within this function because the
+ * caller will call this function twice, and we need the inputs to be
+ * consistent between the two calls. Note that currently the caller
+ * will only be holding the lock when we are the client and when we're
+ * attempting to resume an existing session.
+ */
+
+ session_ticket = &sid->u.ssl3.locked.sessionTicket;
+ if (session_ticket->ticket.data) {
+ if (xtnData->ticketTimestampVerified) {
+ extension_length += session_ticket->ticket.len;
+ } else if (!append &&
+ (session_ticket->ticket_lifetime_hint == 0 ||
+ (session_ticket->ticket_lifetime_hint +
+ session_ticket->received_timestamp >
+ ssl_Time()))) {
+ extension_length += session_ticket->ticket.len;
+ xtnData->ticketTimestampVerified = PR_TRUE;
+ }
+ }
+ }
+
+ if (maxBytes < (PRUint32)extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+ if (append) {
+ SECStatus rv;
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_session_ticket_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ if (session_ticket && session_ticket->ticket.data &&
+ xtnData->ticketTimestampVerified) {
+ rv = ssl3_ExtAppendHandshakeVariable(ss, session_ticket->ticket.data,
+ session_ticket->ticket.len, 2);
+ xtnData->ticketTimestampVerified = PR_FALSE;
+ xtnData->sentSessionTicketInClientHello = PR_TRUE;
+ } else {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ }
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (!ss->sec.isServer) {
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_session_ticket_xtn;
+ }
+ }
+ return extension_length;
+
+loser:
+ xtnData->ticketTimestampVerified = PR_FALSE;
+ return -1;
+}
+
+static SECStatus
+ssl3_ParseEncryptedSessionTicket(sslSocket *ss, SECItem *data,
+ EncryptedSessionTicket *enc_session_ticket)
+{
+ if (ssl3_ConsumeFromItem(data, &enc_session_ticket->key_name,
+ SESS_TICKET_KEY_NAME_LEN) !=
+ SECSuccess)
+ return SECFailure;
+ if (ssl3_ConsumeFromItem(data, &enc_session_ticket->iv,
+ AES_BLOCK_SIZE) !=
+ SECSuccess)
+ return SECFailure;
+ if (ssl3_ConsumeHandshakeVariable(ss, &enc_session_ticket->encrypted_state,
+ 2, &data->data, &data->len) !=
+ SECSuccess)
+ return SECFailure;
+ if (ssl3_ConsumeFromItem(data, &enc_session_ticket->mac,
+ TLS_EX_SESS_TICKET_MAC_LENGTH) !=
+ SECSuccess)
+ return SECFailure;
+ if (data->len != 0) /* Make sure that we have consumed all bytes. */
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/* handle an incoming Next Protocol Negotiation extension. */
+SECStatus
+ssl3_ServerHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ if (ss->firstHsDone || data->len != 0) {
+ /* Clients MUST send an empty NPN extension, if any. */
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
+ return SECFailure;
+ }
+
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ /* TODO: server side NPN support would require calling
+ * ssl3_RegisterServerHelloExtensionSender here in order to echo the
+ * extension back to the client. */
+
+ return SECSuccess;
+}
+
+/* ssl3_ValidateNextProtoNego checks that the given block of data is valid: none
+ * of the lengths may be 0 and the sum of the lengths must equal the length of
+ * the block. */
+SECStatus
+ssl3_ValidateNextProtoNego(const unsigned char *data, unsigned int length)
+{
+ unsigned int offset = 0;
+
+ while (offset < length) {
+ unsigned int newOffset = offset + 1 + (unsigned int)data[offset];
+ /* Reject embedded nulls to protect against buggy applications that
+ * store protocol identifiers in null-terminated strings.
+ */
+ if (newOffset > length || data[offset] == 0) {
+ return SECFailure;
+ }
+ offset = newOffset;
+ }
+
+ return SECSuccess;
+}
+
+/* protocol selection handler for ALPN (server side) and NPN (client side) */
+static SECStatus
+ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ unsigned char resultBuffer[255];
+ SECItem result = { siBuffer, resultBuffer, 0 };
+
+ rv = ssl3_ValidateNextProtoNego(data->data, data->len);
+ if (rv != SECSuccess) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
+ return rv;
+ }
+
+ PORT_Assert(ss->nextProtoCallback);
+ /* For ALPN, the cipher suite isn't selected yet. Note that extensions
+ * sometimes affect what cipher suite is selected, e.g., for ECC. */
+ PORT_Assert((ss->ssl3.hs.preliminaryInfo &
+ ssl_preinfo_all & ~ssl_preinfo_cipher_suite) ==
+ (ssl_preinfo_all & ~ssl_preinfo_cipher_suite));
+ rv = ss->nextProtoCallback(ss->nextProtoArg, ss->fd, data->data, data->len,
+ result.data, &result.len, sizeof(resultBuffer));
+ if (rv != SECSuccess) {
+ /* Expect callback to call PORT_SetError() */
+ ssl3_ExtSendAlert(ss, alert_fatal, internal_error);
+ return SECFailure;
+ }
+
+ /* If the callback wrote more than allowed to |result| it has corrupted our
+ * stack. */
+ if (result.len > sizeof(resultBuffer)) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ /* TODO: crash */
+ return SECFailure;
+ }
+
+ SECITEM_FreeItem(&xtnData->nextProto, PR_FALSE);
+
+ if (ex_type == ssl_app_layer_protocol_xtn &&
+ xtnData->nextProtoState != SSL_NEXT_PROTO_NEGOTIATED) {
+ /* The callback might say OK, but then it picks a default value - one
+ * that was not listed. That's OK for NPN, but not ALPN. */
+ ssl3_ExtSendAlert(ss, alert_fatal, no_application_protocol);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL);
+ return SECFailure;
+ }
+
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ return SECITEM_CopyItem(NULL, &xtnData->nextProto, &result);
+}
+
+/* handle an incoming ALPN extension at the server */
+SECStatus
+ssl3_ServerHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ int count;
+ SECStatus rv;
+
+ /* We expressly don't want to allow ALPN on renegotiation,
+ * despite it being permitted by the spec. */
+ if (ss->firstHsDone || data->len == 0) {
+ /* Clients MUST send a non-empty ALPN extension. */
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
+ return SECFailure;
+ }
+
+ /* Unlike NPN, ALPN has extra redundant length information so that
+ * the extension is the same in both ClientHello and ServerHello. */
+ count = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (count != data->len) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+
+ if (!ss->nextProtoCallback) {
+ /* we're not configured for it */
+ return SECSuccess;
+ }
+
+ rv = ssl3_SelectAppProtocol(ss, xtnData, ex_type, data);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ /* prepare to send back a response, if we negotiated */
+ if (xtnData->nextProtoState == SSL_NEXT_PROTO_NEGOTIATED) {
+ rv = ssl3_RegisterExtensionSender(
+ ss, xtnData, ex_type, ssl3_ServerSendAppProtoXtn);
+ if (rv != SECSuccess) {
+ ssl3_ExtSendAlert(ss, alert_fatal, internal_error);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return rv;
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_ClientHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ PORT_Assert(!ss->firstHsDone);
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_app_layer_protocol_xtn)) {
+ /* If the server negotiated ALPN then it has already told us what
+ * protocol to use, so it doesn't make sense for us to try to negotiate
+ * a different one by sending the NPN handshake message. However, if
+ * we've negotiated NPN then we're required to send the NPN handshake
+ * message. Thus, these two extensions cannot both be negotiated on the
+ * same connection. */
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_BAD_SERVER);
+ return SECFailure;
+ }
+
+ /* We should only get this call if we sent the extension, so
+ * ss->nextProtoCallback needs to be non-NULL. However, it is possible
+ * that an application erroneously cleared the callback between the time
+ * we sent the ClientHello and now. */
+ if (!ss->nextProtoCallback) {
+ PORT_Assert(0);
+ ssl3_ExtSendAlert(ss, alert_fatal, internal_error);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK);
+ return SECFailure;
+ }
+
+ return ssl3_SelectAppProtocol(ss, xtnData, ex_type, data);
+}
+
+SECStatus
+ssl3_ClientHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ PRInt32 list_len;
+ SECItem protocol_name;
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /* The extension data from the server has the following format:
+ * uint16 name_list_len;
+ * uint8 len; // where len >= 1
+ * uint8 protocol_name[len]; */
+ if (data->len < 4 || data->len > 2 + 1 + 255) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
+ return SECFailure;
+ }
+
+ list_len = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ /* The list has to be the entire extension. */
+ if (list_len != data->len) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
+ return SECFailure;
+ }
+
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &protocol_name, 1,
+ &data->data, &data->len);
+ /* The list must have exactly one value. */
+ if (rv != SECSuccess || data->len != 0) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
+ return SECFailure;
+ }
+
+ SECITEM_FreeItem(&xtnData->nextProto, PR_FALSE);
+ xtnData->nextProtoState = SSL_NEXT_PROTO_SELECTED;
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ return SECITEM_CopyItem(NULL, &xtnData->nextProto, &protocol_name);
+}
+
+PRInt32
+ssl3_ClientSendNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+
+ /* Renegotiations do not send this extension. */
+ if (!ss->opt.enableNPN || !ss->nextProtoCallback || ss->firstHsDone) {
+ return 0;
+ }
+
+ extension_length = 4;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ return 0;
+ }
+ if (append) {
+ SECStatus rv;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_next_proto_nego_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_next_proto_nego_xtn;
+ }
+
+ return extension_length;
+
+loser:
+ return -1;
+}
+
+PRInt32
+ssl3_ClientSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ unsigned char *alpn_protos = NULL;
+
+ /* Renegotiations do not send this extension. */
+ if (!ss->opt.enableALPN || !ss->opt.nextProtoNego.data || ss->firstHsDone) {
+ return 0;
+ }
+
+ extension_length = 2 /* extension type */ + 2 /* extension length */ +
+ 2 /* protocol name list length */ +
+ ss->opt.nextProtoNego.len;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ return 0;
+ }
+ if (append) {
+ /* NPN requires that the client's fallback protocol is first in the
+ * list. However, ALPN sends protocols in preference order. So we
+ * allocate a buffer and move the first protocol to the end of the
+ * list. */
+ SECStatus rv;
+ const unsigned int len = ss->opt.nextProtoNego.len;
+
+ alpn_protos = PORT_Alloc(len);
+ if (alpn_protos == NULL) {
+ return SECFailure;
+ }
+ if (len > 0) {
+ /* Each protocol string is prefixed with a single byte length. */
+ unsigned int i = ss->opt.nextProtoNego.data[0] + 1;
+ if (i <= len) {
+ memcpy(alpn_protos, &ss->opt.nextProtoNego.data[i], len - i);
+ memcpy(alpn_protos + len - i, ss->opt.nextProtoNego.data, i);
+ } else {
+ /* This seems to be invalid data so we'll send as-is. */
+ memcpy(alpn_protos, ss->opt.nextProtoNego.data, len);
+ }
+ }
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_app_layer_protocol_xtn, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = ssl3_ExtAppendHandshakeVariable(ss, alpn_protos, len, 2);
+ PORT_Free(alpn_protos);
+ alpn_protos = NULL;
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_app_layer_protocol_xtn;
+ }
+
+ return extension_length;
+
+loser:
+ if (alpn_protos) {
+ PORT_Free(alpn_protos);
+ }
+ return -1;
+}
+
+PRInt32
+ssl3_ServerSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+
+ /* we're in over our heads if any of these fail */
+ PORT_Assert(ss->opt.enableALPN);
+ PORT_Assert(xtnData->nextProto.data);
+ PORT_Assert(xtnData->nextProto.len > 0);
+ PORT_Assert(xtnData->nextProtoState == SSL_NEXT_PROTO_NEGOTIATED);
+ PORT_Assert(!ss->firstHsDone);
+
+ extension_length = 2 /* extension type */ + 2 /* extension length */ +
+ 2 /* protocol name list */ + 1 /* name length */ +
+ xtnData->nextProto.len;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ return 0;
+ }
+ if (append) {
+ SECStatus rv;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_app_layer_protocol_xtn, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ rv = ssl3_ExtAppendHandshakeNumber(ss, xtnData->nextProto.len + 1, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ rv = ssl3_ExtAppendHandshakeVariable(ss, xtnData->nextProto.data,
+ xtnData->nextProto.len, 1);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ }
+
+ return extension_length;
+}
+
+SECStatus
+ssl3_ServerHandleStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ ssl3HelloExtensionSenderFunc sender;
+
+ PORT_Assert(ss->sec.isServer);
+
+ /* remember that we got this extension. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ sender = tls13_ServerSendStatusRequestXtn;
+ } else {
+ sender = ssl3_ServerSendStatusRequestXtn;
+ }
+ return ssl3_RegisterExtensionSender(ss, xtnData, ex_type, sender);
+}
+
+PRInt32
+ssl3_ServerSendStatusRequestXtn(
+ const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ const sslServerCert *serverCert = ss->sec.serverCert;
+ SECStatus rv;
+
+ if (!serverCert->certStatusArray ||
+ !serverCert->certStatusArray->len) {
+ return 0;
+ }
+
+ extension_length = 2 + 2;
+ if (maxBytes < (PRUint32)extension_length) {
+ return 0;
+ }
+ if (append) {
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_cert_status_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* length of extension_data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* The certificate status data is sent in ssl3_SendCertificateStatus. */
+ }
+
+ return extension_length;
+}
+
+/* ssl3_ClientSendStatusRequestXtn builds the status_request extension on the
+ * client side. See RFC 6066 section 8. */
+PRInt32
+ssl3_ClientSendStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+
+ if (!ss->opt.enableOCSPStapling)
+ return 0;
+
+ /* extension_type (2-bytes) +
+ * length(extension_data) (2-bytes) +
+ * status_type (1) +
+ * responder_id_list length (2) +
+ * request_extensions length (2)
+ */
+ extension_length = 9;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+ if (append) {
+ SECStatus rv;
+
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_cert_status_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess)
+ return -1;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 1 /* status_type ocsp */, 1);
+ if (rv != SECSuccess)
+ return -1;
+ /* A zero length responder_id_list means that the responders are
+ * implicitly known to the server. */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* A zero length request_extensions means that there are no extensions.
+ * Specifically, we don't set the id-pkix-ocsp-nonce extension. This
+ * means that the server can replay a cached OCSP response to us. */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ xtnData->advertised[xtnData->numAdvertised++] = ssl_cert_status_xtn;
+ }
+ return extension_length;
+}
+
+SECStatus
+ssl3_ClientHandleStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ /* In TLS 1.3, the extension carries the OCSP response. */
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ SECStatus rv;
+ rv = ssl_ReadCertificateStatus(CONST_CAST(sslSocket, ss),
+ data->data, data->len);
+ if (rv != SECSuccess) {
+ return SECFailure; /* code already set */
+ }
+ } else if (data->len != 0) {
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ return SECFailure;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ return SECSuccess;
+}
+
+/*
+ * Called from ssl3_SendNewSessionTicket, tls13_SendNewSessionTicket
+ */
+SECStatus
+ssl3_EncodeSessionTicket(sslSocket *ss,
+ const NewSessionTicket *ticket,
+ SECItem *ticket_data)
+{
+ PRUint32 i;
+ SECStatus rv;
+ SECItem plaintext;
+ SECItem plaintext_item = { 0, NULL, 0 };
+ SECItem ciphertext = { 0, NULL, 0 };
+ PRUint32 ciphertext_length;
+ SECItem ticket_buf = { 0, NULL, 0 };
+ SECItem ticket_tmp = { 0, NULL, 0 };
+ SECItem macParam = { 0, NULL, 0 };
+ PRBool ms_is_wrapped;
+ unsigned char wrapped_ms[SSL3_MASTER_SECRET_LENGTH];
+ SECItem ms_item = { 0, NULL, 0 };
+ PRUint32 padding_length;
+ PRUint32 ticket_length;
+ PRUint32 cert_length = 0;
+ PRUint8 length_buf[4];
+ PRUint32 now;
+ PK11SymKey *aes_key = NULL;
+ PK11SymKey *mac_key = NULL;
+ CK_MECHANISM_TYPE cipherMech = CKM_AES_CBC;
+ PK11Context *aes_ctx;
+ CK_MECHANISM_TYPE macMech = CKM_SHA256_HMAC;
+ PK11Context *hmac_ctx = NULL;
+ unsigned char computed_mac[TLS_EX_SESS_TICKET_MAC_LENGTH];
+ unsigned int computed_mac_length;
+ unsigned char iv[AES_BLOCK_SIZE];
+ SECItem ivItem;
+ SECItem *srvName = NULL;
+ PRUint32 srvNameLen = 0;
+ CK_MECHANISM_TYPE msWrapMech = 0; /* dummy default value,
+ * must be >= 0 */
+ ssl3CipherSpec *spec;
+ const sslServerCertType *certType;
+ SECItem alpnSelection = { siBuffer, NULL, 0 };
+
+ SSL_TRC(3, ("%d: SSL3[%d]: send session_ticket handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->opt.requestCertificate && ss->sec.ci.sid->peerCert) {
+ cert_length = 3 + ss->sec.ci.sid->peerCert->derCert.len;
+ }
+
+ /* Get IV and encryption keys */
+ ivItem.data = iv;
+ ivItem.len = sizeof(iv);
+ rv = PK11_GenerateRandom(iv, sizeof(iv));
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_GetSessionTicketKeys(ss, &aes_key, &mac_key);
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ spec = ss->ssl3.cwSpec;
+ } else {
+ spec = ss->ssl3.pwSpec;
+ }
+ if (spec->msItem.len && spec->msItem.data) {
+ /* The master secret is available unwrapped. */
+ ms_item.data = spec->msItem.data;
+ ms_item.len = spec->msItem.len;
+ ms_is_wrapped = PR_FALSE;
+ } else {
+ /* Extract the master secret wrapped. */
+ sslSessionID sid;
+ PORT_Memset(&sid, 0, sizeof(sslSessionID));
+
+ rv = ssl3_CacheWrappedMasterSecret(ss, &sid, spec,
+ ss->ssl3.hs.kea_def->authKeyType);
+ if (rv == SECSuccess) {
+ if (sid.u.ssl3.keys.wrapped_master_secret_len > sizeof(wrapped_ms))
+ goto loser;
+ memcpy(wrapped_ms, sid.u.ssl3.keys.wrapped_master_secret,
+ sid.u.ssl3.keys.wrapped_master_secret_len);
+ ms_item.data = wrapped_ms;
+ ms_item.len = sid.u.ssl3.keys.wrapped_master_secret_len;
+ msWrapMech = sid.u.ssl3.masterWrapMech;
+ } else {
+ /* TODO: else send an empty ticket. */
+ goto loser;
+ }
+ ms_is_wrapped = PR_TRUE;
+ }
+ /* Prep to send negotiated name */
+ srvName = &ss->sec.ci.sid->u.ssl3.srvName;
+ if (srvName->data && srvName->len) {
+ srvNameLen = 2 + srvName->len; /* len bytes + name len */
+ }
+
+ if (ss->xtnData.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT &&
+ ss->xtnData.nextProto.data) {
+ alpnSelection = ss->xtnData.nextProto;
+ }
+
+ ciphertext_length =
+ sizeof(PRUint16) /* ticket_version */
+ + sizeof(SSL3ProtocolVersion) /* ssl_version */
+ + sizeof(ssl3CipherSuite) /* ciphersuite */
+ + 1 /* compression */
+ + 10 /* cipher spec parameters */
+ + 1 /* certType arguments */
+ + 1 /* SessionTicket.ms_is_wrapped */
+ + 4 /* msWrapMech */
+ + 2 /* master_secret.length */
+ + ms_item.len /* master_secret */
+ + 1 /* client_auth_type */
+ + cert_length /* cert */
+ + 1 /* server name type */
+ + srvNameLen /* name len + length field */
+ + 1 /* extendedMasterSecretUsed */
+ + sizeof(ticket->ticket_lifetime_hint) /* ticket lifetime hint */
+ + sizeof(ticket->flags) /* ticket flags */
+ + 1 + alpnSelection.len; /* npn value + length field. */
+ padding_length = AES_BLOCK_SIZE -
+ (ciphertext_length %
+ AES_BLOCK_SIZE);
+ ciphertext_length += padding_length;
+
+ if (SECITEM_AllocItem(NULL, &plaintext_item, ciphertext_length) == NULL)
+ goto loser;
+
+ plaintext = plaintext_item;
+
+ /* ticket_version */
+ rv = ssl3_AppendNumberToItem(&plaintext, TLS_EX_SESS_TICKET_VERSION,
+ sizeof(PRUint16));
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* ssl_version */
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->version,
+ sizeof(SSL3ProtocolVersion));
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* ciphersuite */
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->ssl3.hs.cipher_suite,
+ sizeof(ssl3CipherSuite));
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* compression */
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->ssl3.hs.compression, 1);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* cipher spec parameters */
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->sec.authType, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->sec.authKeyBits, 4);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->sec.keaType, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendNumberToItem(&plaintext, ss->sec.keaKeyBits, 4);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* certificate type */
+ certType = &ss->sec.serverCert->certType;
+ PORT_Assert(certType->authType == ss->sec.authType);
+ switch (ss->sec.authType) {
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ PORT_Assert(certType->namedCurve);
+ PORT_Assert(certType->namedCurve->keaType == ssl_kea_ecdh);
+ /* EC curves only use the second of the two bytes. */
+ PORT_Assert(certType->namedCurve->name < 256);
+ rv = ssl3_AppendNumberToItem(&plaintext,
+ certType->namedCurve->name, 1);
+ break;
+ default:
+ rv = ssl3_AppendNumberToItem(&plaintext, 0, 1);
+ break;
+ }
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* master_secret */
+ rv = ssl3_AppendNumberToItem(&plaintext, ms_is_wrapped, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendNumberToItem(&plaintext, msWrapMech, 4);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendNumberToItem(&plaintext, ms_item.len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendToItem(&plaintext, ms_item.data, ms_item.len);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* client_identity */
+ if (ss->opt.requestCertificate && ss->sec.ci.sid->peerCert) {
+ rv = ssl3_AppendNumberToItem(&plaintext, CLIENT_AUTH_CERTIFICATE, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendNumberToItem(&plaintext,
+ ss->sec.ci.sid->peerCert->derCert.len, 3);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendToItem(&plaintext,
+ ss->sec.ci.sid->peerCert->derCert.data,
+ ss->sec.ci.sid->peerCert->derCert.len);
+ if (rv != SECSuccess)
+ goto loser;
+ } else {
+ rv = ssl3_AppendNumberToItem(&plaintext, 0, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ /* timestamp */
+ now = ssl_Time();
+ rv = ssl3_AppendNumberToItem(&plaintext, now,
+ sizeof(ticket->ticket_lifetime_hint));
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (srvNameLen) {
+ /* Name Type (sni_host_name) */
+ rv = ssl3_AppendNumberToItem(&plaintext, srvName->type, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ /* HostName (length and value) */
+ rv = ssl3_AppendNumberToItem(&plaintext, srvName->len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_AppendToItem(&plaintext, srvName->data, srvName->len);
+ if (rv != SECSuccess)
+ goto loser;
+ } else {
+ /* No Name */
+ rv = ssl3_AppendNumberToItem(&plaintext, (char)TLS_STE_NO_SERVER_NAME, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ /* extendedMasterSecretUsed */
+ rv = ssl3_AppendNumberToItem(
+ &plaintext, ss->sec.ci.sid->u.ssl3.keys.extendedMasterSecretUsed, 1);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Flags */
+ rv = ssl3_AppendNumberToItem(&plaintext, ticket->flags,
+ sizeof(ticket->flags));
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* NPN value. */
+ PORT_Assert(alpnSelection.len < 256);
+ rv = ssl3_AppendNumberToItem(&plaintext, alpnSelection.len, 1);
+ if (rv != SECSuccess)
+ goto loser;
+ if (alpnSelection.len) {
+ rv = ssl3_AppendToItem(&plaintext, alpnSelection.data, alpnSelection.len);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ PORT_Assert(plaintext.len == padding_length);
+ for (i = 0; i < padding_length; i++)
+ plaintext.data[i] = (unsigned char)padding_length;
+
+ if (SECITEM_AllocItem(NULL, &ciphertext, ciphertext_length) == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Generate encrypted portion of ticket. */
+ PORT_Assert(aes_key);
+ aes_ctx = PK11_CreateContextBySymKey(cipherMech, CKA_ENCRYPT, aes_key, &ivItem);
+ if (!aes_ctx)
+ goto loser;
+
+ rv = PK11_CipherOp(aes_ctx, ciphertext.data,
+ (int *)&ciphertext.len, ciphertext.len,
+ plaintext_item.data, plaintext_item.len);
+ PK11_Finalize(aes_ctx);
+ PK11_DestroyContext(aes_ctx, PR_TRUE);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Convert ciphertext length to network order. */
+ length_buf[0] = (ciphertext.len >> 8) & 0xff;
+ length_buf[1] = (ciphertext.len) & 0xff;
+
+ /* Compute MAC. */
+ PORT_Assert(mac_key);
+ hmac_ctx = PK11_CreateContextBySymKey(macMech, CKA_SIGN, mac_key, &macParam);
+ if (!hmac_ctx)
+ goto loser;
+
+ rv = PK11_DigestBegin(hmac_ctx);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = PK11_DigestOp(hmac_ctx, key_name, SESS_TICKET_KEY_NAME_LEN);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = PK11_DigestOp(hmac_ctx, iv, sizeof(iv));
+ if (rv != SECSuccess)
+ goto loser;
+ rv = PK11_DigestOp(hmac_ctx, (unsigned char *)length_buf, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = PK11_DigestOp(hmac_ctx, ciphertext.data, ciphertext.len);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = PK11_DigestFinal(hmac_ctx, computed_mac,
+ &computed_mac_length, sizeof(computed_mac));
+ if (rv != SECSuccess)
+ goto loser;
+
+ ticket_length =
+ +SESS_TICKET_KEY_NAME_LEN /* key_name */
+ + AES_BLOCK_SIZE /* iv */
+ + 2 /* length field for NewSessionTicket.ticket.encrypted_state */
+ + ciphertext_length /* encrypted_state */
+ + TLS_EX_SESS_TICKET_MAC_LENGTH; /* mac */
+
+ if (SECITEM_AllocItem(NULL, &ticket_buf, ticket_length) == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ ticket_tmp = ticket_buf; /* Shallow copy because AppendToItem is
+ * destructive. */
+
+ rv = ssl3_AppendToItem(&ticket_tmp, key_name, SESS_TICKET_KEY_NAME_LEN);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_AppendToItem(&ticket_tmp, iv, sizeof(iv));
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_AppendNumberToItem(&ticket_tmp, ciphertext.len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_AppendToItem(&ticket_tmp, ciphertext.data, ciphertext.len);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_AppendToItem(&ticket_tmp, computed_mac, computed_mac_length);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Give ownership of memory to caller. */
+ *ticket_data = ticket_buf;
+ ticket_buf.data = NULL;
+
+loser:
+ if (hmac_ctx) {
+ PK11_DestroyContext(hmac_ctx, PR_TRUE);
+ }
+ if (plaintext_item.data) {
+ SECITEM_FreeItem(&plaintext_item, PR_FALSE);
+ }
+ if (ciphertext.data) {
+ SECITEM_FreeItem(&ciphertext, PR_FALSE);
+ }
+ if (ticket_buf.data) {
+ SECITEM_FreeItem(&ticket_buf, PR_FALSE);
+ }
+
+ return rv;
+}
+
+/* When a client receives a SessionTicket extension a NewSessionTicket
+ * message is expected during the handshake.
+ */
+SECStatus
+ssl3_ClientHandleSessionTicketXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ if (data->len != 0) {
+ return SECSuccess; /* Ignore the extension. */
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ return SECSuccess;
+}
+
+/* Generic ticket processing code, common to TLS 1.0-1.2 and
+ * TLS 1.3. */
+SECStatus
+ssl3_ProcessSessionTicketCommon(sslSocket *ss, SECItem *data)
+{
+ SECStatus rv;
+ SECItem *decrypted_state = NULL;
+ SessionTicket *parsed_session_ticket = NULL;
+ sslSessionID *sid = NULL;
+ SSL3Statistics *ssl3stats;
+ PRUint32 i;
+ SECItem extension_data;
+ EncryptedSessionTicket enc_session_ticket;
+ unsigned char computed_mac[TLS_EX_SESS_TICKET_MAC_LENGTH];
+ unsigned int computed_mac_length;
+ PK11SymKey *aes_key = NULL;
+ PK11SymKey *mac_key = NULL;
+ PK11Context *hmac_ctx;
+ CK_MECHANISM_TYPE macMech = CKM_SHA256_HMAC;
+ PK11Context *aes_ctx;
+ CK_MECHANISM_TYPE cipherMech = CKM_AES_CBC;
+ unsigned char *padding;
+ PRUint32 padding_length;
+ unsigned char *buffer;
+ unsigned int buffer_len;
+ PRInt32 temp;
+ SECItem cert_item;
+ PRInt8 nameType = TLS_STE_NO_SERVER_NAME;
+ SECItem macParam = { siBuffer, NULL, 0 };
+ SECItem alpn_item;
+ SECItem ivItem;
+
+ /* Turn off stateless session resumption if the client sends a
+ * SessionTicket extension, even if the extension turns out to be
+ * malformed (ss->sec.ci.sid is non-NULL when doing session
+ * renegotiation.)
+ */
+ if (ss->sec.ci.sid != NULL) {
+ ss->sec.uncache(ss->sec.ci.sid);
+ ssl_FreeSID(ss->sec.ci.sid);
+ ss->sec.ci.sid = NULL;
+ }
+
+ extension_data.data = data->data; /* Keep a copy for future use. */
+ extension_data.len = data->len;
+
+ if (ssl3_ParseEncryptedSessionTicket(ss, data, &enc_session_ticket) !=
+ SECSuccess) {
+ return SECSuccess; /* Pretend it isn't there */
+ }
+
+ /* Get session ticket keys. */
+ rv = ssl3_GetSessionTicketKeys(ss, &aes_key, &mac_key);
+ if (rv != SECSuccess) {
+ SSL_DBG(("%d: SSL[%d]: Unable to get/generate session ticket keys.",
+ SSL_GETPID(), ss->fd));
+ goto loser;
+ }
+
+ /* If the ticket sent by the client was generated under a key different
+ * from the one we have, bypass ticket processing.
+ */
+ if (PORT_Memcmp(enc_session_ticket.key_name, key_name,
+ SESS_TICKET_KEY_NAME_LEN) != 0) {
+ SSL_DBG(("%d: SSL[%d]: Session ticket key_name sent mismatch.",
+ SSL_GETPID(), ss->fd));
+ goto no_ticket;
+ }
+
+ /* Verify the MAC on the ticket. MAC verification may also
+ * fail if the MAC key has been recently refreshed.
+ */
+ PORT_Assert(mac_key);
+ hmac_ctx = PK11_CreateContextBySymKey(macMech, CKA_SIGN, mac_key, &macParam);
+ if (!hmac_ctx) {
+ SSL_DBG(("%d: SSL[%d]: Unable to create HMAC context: %d.",
+ SSL_GETPID(), ss->fd, PORT_GetError()));
+ goto no_ticket;
+ } else {
+ SSL_DBG(("%d: SSL[%d]: Successfully created HMAC context.",
+ SSL_GETPID(), ss->fd));
+ }
+ rv = PK11_DigestBegin(hmac_ctx);
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(hmac_ctx, PR_TRUE);
+ goto no_ticket;
+ }
+ rv = PK11_DigestOp(hmac_ctx, extension_data.data,
+ extension_data.len -
+ TLS_EX_SESS_TICKET_MAC_LENGTH);
+ if (rv != SECSuccess) {
+ PK11_DestroyContext(hmac_ctx, PR_TRUE);
+ goto no_ticket;
+ }
+ rv = PK11_DigestFinal(hmac_ctx, computed_mac,
+ &computed_mac_length, sizeof(computed_mac));
+ PK11_DestroyContext(hmac_ctx, PR_TRUE);
+ if (rv != SECSuccess)
+ goto no_ticket;
+
+ if (NSS_SecureMemcmp(computed_mac, enc_session_ticket.mac,
+ computed_mac_length) !=
+ 0) {
+ SSL_DBG(("%d: SSL[%d]: Session ticket MAC mismatch.",
+ SSL_GETPID(), ss->fd));
+ goto no_ticket;
+ }
+
+ /* We ignore key_name for now.
+ * This is ok as MAC verification succeeded.
+ */
+
+ /* Decrypt the ticket. */
+
+ /* Plaintext is shorter than the ciphertext due to padding. */
+ decrypted_state = SECITEM_AllocItem(NULL, NULL,
+ enc_session_ticket.encrypted_state.len);
+
+ PORT_Assert(aes_key);
+ ivItem.data = enc_session_ticket.iv;
+ ivItem.len = AES_BLOCK_SIZE;
+ aes_ctx = PK11_CreateContextBySymKey(cipherMech, CKA_DECRYPT,
+ aes_key, &ivItem);
+ if (!aes_ctx) {
+ SSL_DBG(("%d: SSL[%d]: Unable to create AES context.",
+ SSL_GETPID(), ss->fd));
+ goto no_ticket;
+ }
+
+ rv = PK11_CipherOp(aes_ctx, decrypted_state->data,
+ (int *)&decrypted_state->len, decrypted_state->len,
+ enc_session_ticket.encrypted_state.data,
+ enc_session_ticket.encrypted_state.len);
+ PK11_Finalize(aes_ctx);
+ PK11_DestroyContext(aes_ctx, PR_TRUE);
+ if (rv != SECSuccess)
+ goto no_ticket;
+
+ /* Check padding. */
+ padding_length =
+ (PRUint32)decrypted_state->data[decrypted_state->len - 1];
+ if (padding_length == 0 || padding_length > AES_BLOCK_SIZE)
+ goto no_ticket;
+
+ padding = &decrypted_state->data[decrypted_state->len - padding_length];
+ for (i = 0; i < padding_length; i++, padding++) {
+ if (padding_length != (PRUint32)*padding)
+ goto no_ticket;
+ }
+
+ /* Deserialize session state. */
+ buffer = decrypted_state->data;
+ buffer_len = decrypted_state->len;
+
+ parsed_session_ticket = PORT_ZAlloc(sizeof(SessionTicket));
+ if (parsed_session_ticket == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Read ticket_version and reject if the version is wrong */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 2, &buffer, &buffer_len);
+ if (temp != TLS_EX_SESS_TICKET_VERSION)
+ goto no_ticket;
+
+ parsed_session_ticket->ticket_version = (SSL3ProtocolVersion)temp;
+
+ /* Read SSLVersion. */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 2, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->ssl_version = (SSL3ProtocolVersion)temp;
+
+ /* Read cipher_suite. */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 2, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->cipher_suite = (ssl3CipherSuite)temp;
+
+ /* Read compression_method. */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->compression_method = (SSLCompressionMethod)temp;
+
+ /* Read cipher spec parameters. */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->authType = (SSLAuthType)temp;
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 4, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->authKeyBits = (PRUint32)temp;
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->keaType = (SSLKEAType)temp;
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 4, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->keaKeyBits = (PRUint32)temp;
+
+ /* Read certificate slot */
+ parsed_session_ticket->certType.authType = parsed_session_ticket->authType;
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ switch (parsed_session_ticket->authType) {
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa: {
+ const sslNamedGroupDef *group =
+ ssl_LookupNamedGroup((SSLNamedGroup)temp);
+ if (!group || group->keaType != ssl_kea_ecdh) {
+ goto no_ticket;
+ }
+ parsed_session_ticket->certType.namedCurve = group;
+ } break;
+ default:
+ break;
+ }
+
+ /* Read wrapped master_secret. */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->ms_is_wrapped = (PRBool)temp;
+
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 4, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->msWrapMech = (CK_MECHANISM_TYPE)temp;
+
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 2, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->ms_length = (PRUint16)temp;
+ if (parsed_session_ticket->ms_length == 0 || /* sanity check MS. */
+ parsed_session_ticket->ms_length >
+ sizeof(parsed_session_ticket->master_secret))
+ goto no_ticket;
+
+ /* Allow for the wrapped master secret to be longer. */
+ if (buffer_len < parsed_session_ticket->ms_length)
+ goto no_ticket;
+ PORT_Memcpy(parsed_session_ticket->master_secret, buffer,
+ parsed_session_ticket->ms_length);
+ buffer += parsed_session_ticket->ms_length;
+ buffer_len -= parsed_session_ticket->ms_length;
+
+ /* Read client_identity */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->client_identity.client_auth_type =
+ (ClientAuthenticationType)temp;
+ switch (parsed_session_ticket->client_identity.client_auth_type) {
+ case CLIENT_AUTH_ANONYMOUS:
+ break;
+ case CLIENT_AUTH_CERTIFICATE:
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &cert_item, 3,
+ &buffer, &buffer_len);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ rv = SECITEM_CopyItem(NULL, &parsed_session_ticket->peer_cert,
+ &cert_item);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ break;
+ default:
+ goto no_ticket;
+ }
+ /* Read timestamp. */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 4, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ parsed_session_ticket->timestamp = (PRUint32)temp;
+
+ /* Read server name */
+ nameType =
+ ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (nameType != TLS_STE_NO_SERVER_NAME) {
+ SECItem name_item;
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &name_item, 2, &buffer,
+ &buffer_len);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ rv = SECITEM_CopyItem(NULL, &parsed_session_ticket->srvName,
+ &name_item);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ parsed_session_ticket->srvName.type = nameType;
+ }
+
+ /* Read extendedMasterSecretUsed */
+ temp = ssl3_ExtConsumeHandshakeNumber(ss, 1, &buffer, &buffer_len);
+ if (temp < 0)
+ goto no_ticket;
+ PORT_Assert(temp == PR_TRUE || temp == PR_FALSE);
+ parsed_session_ticket->extendedMasterSecretUsed = (PRBool)temp;
+
+ rv = ssl3_ExtConsumeHandshake(ss, &parsed_session_ticket->flags, 4,
+ &buffer, &buffer_len);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ parsed_session_ticket->flags = PR_ntohl(parsed_session_ticket->flags);
+
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &alpn_item, 1, &buffer, &buffer_len);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ if (alpn_item.len != 0) {
+ rv = SECITEM_CopyItem(NULL, &parsed_session_ticket->alpnSelection,
+ &alpn_item);
+ if (rv != SECSuccess)
+ goto no_ticket;
+ if (alpn_item.len >= 256)
+ goto no_ticket;
+ }
+
+ /* Done parsing. Check that all bytes have been consumed. */
+ if (buffer_len != padding_length)
+ goto no_ticket;
+
+ /* Use the ticket if it has not expired, otherwise free the allocated
+ * memory since the ticket is of no use.
+ */
+ if (parsed_session_ticket->timestamp != 0 &&
+ parsed_session_ticket->timestamp +
+ TLS_EX_SESS_TICKET_LIFETIME_HINT >
+ ssl_Time()) {
+
+ sid = ssl3_NewSessionID(ss, PR_TRUE);
+ if (sid == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+
+ /* Copy over parameters. */
+ sid->version = parsed_session_ticket->ssl_version;
+ sid->u.ssl3.cipherSuite = parsed_session_ticket->cipher_suite;
+ sid->u.ssl3.compression = parsed_session_ticket->compression_method;
+ sid->authType = parsed_session_ticket->authType;
+ sid->authKeyBits = parsed_session_ticket->authKeyBits;
+ sid->keaType = parsed_session_ticket->keaType;
+ sid->keaKeyBits = parsed_session_ticket->keaKeyBits;
+ memcpy(&sid->certType, &parsed_session_ticket->certType,
+ sizeof(sslServerCertType));
+
+ if (SECITEM_CopyItem(NULL, &sid->u.ssl3.locked.sessionTicket.ticket,
+ &extension_data) != SECSuccess)
+ goto no_ticket;
+ sid->u.ssl3.locked.sessionTicket.flags = parsed_session_ticket->flags;
+
+ if (parsed_session_ticket->ms_length >
+ sizeof(sid->u.ssl3.keys.wrapped_master_secret))
+ goto no_ticket;
+ PORT_Memcpy(sid->u.ssl3.keys.wrapped_master_secret,
+ parsed_session_ticket->master_secret,
+ parsed_session_ticket->ms_length);
+ sid->u.ssl3.keys.wrapped_master_secret_len =
+ parsed_session_ticket->ms_length;
+ sid->u.ssl3.masterWrapMech = parsed_session_ticket->msWrapMech;
+ sid->u.ssl3.keys.msIsWrapped =
+ parsed_session_ticket->ms_is_wrapped;
+ sid->u.ssl3.masterValid = PR_TRUE;
+ sid->u.ssl3.keys.resumable = PR_TRUE;
+ sid->u.ssl3.keys.extendedMasterSecretUsed = parsed_session_ticket->extendedMasterSecretUsed;
+
+ /* Copy over client cert from session ticket if there is one. */
+ if (parsed_session_ticket->peer_cert.data != NULL) {
+ if (sid->peerCert != NULL)
+ CERT_DestroyCertificate(sid->peerCert);
+ sid->peerCert = CERT_NewTempCertificate(ss->dbHandle,
+ &parsed_session_ticket->peer_cert, NULL, PR_FALSE, PR_TRUE);
+ if (sid->peerCert == NULL) {
+ rv = SECFailure;
+ goto loser;
+ }
+ }
+ if (parsed_session_ticket->srvName.data != NULL) {
+ if (sid->u.ssl3.srvName.data) {
+ SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE);
+ }
+ sid->u.ssl3.srvName = parsed_session_ticket->srvName;
+ }
+ if (parsed_session_ticket->alpnSelection.data != NULL) {
+ sid->u.ssl3.alpnSelection = parsed_session_ticket->alpnSelection;
+ /* So we don't free below. */
+ parsed_session_ticket->alpnSelection.data = NULL;
+ }
+ ss->statelessResume = PR_TRUE;
+ ss->sec.ci.sid = sid;
+ }
+
+ if (0) {
+ no_ticket:
+ SSL_DBG(("%d: SSL[%d]: Session ticket parsing failed.",
+ SSL_GETPID(), ss->fd));
+ ssl3stats = SSL_GetStatistics();
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_ticket_parse_failures);
+ }
+ rv = SECSuccess;
+
+loser:
+ /* ss->sec.ci.sid == sid if it did NOT come here via goto statement
+ * in that case do not free sid
+ */
+ if (sid && (ss->sec.ci.sid != sid)) {
+ ssl_FreeSID(sid);
+ sid = NULL;
+ }
+ if (decrypted_state != NULL) {
+ SECITEM_FreeItem(decrypted_state, PR_TRUE);
+ decrypted_state = NULL;
+ }
+
+ if (parsed_session_ticket != NULL) {
+ if (parsed_session_ticket->peer_cert.data) {
+ SECITEM_FreeItem(&parsed_session_ticket->peer_cert, PR_FALSE);
+ }
+ if (parsed_session_ticket->alpnSelection.data) {
+ SECITEM_FreeItem(&parsed_session_ticket->alpnSelection, PR_FALSE);
+ }
+ PORT_ZFree(parsed_session_ticket, sizeof(SessionTicket));
+ }
+
+ return rv;
+}
+
+SECStatus
+ssl3_ServerHandleSessionTicketXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+
+ /* Ignore the SessionTicket extension if processing is disabled. */
+ if (!ss->opt.enableSessionTickets) {
+ return SECSuccess;
+ }
+
+ /* If we are doing TLS 1.3, then ignore this. */
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ /* Parse the received ticket sent in by the client. We are
+ * lenient about some parse errors, falling back to a fullshake
+ * instead of terminating the current connection.
+ */
+ if (data->len == 0) {
+ xtnData->emptySessionTicket = PR_TRUE;
+ return SECSuccess;
+ }
+
+ return ssl3_ProcessSessionTicketCommon(CONST_CAST(sslSocket, ss), data);
+}
+
+/*
+ * Read bytes. Using this function means the SECItem structure
+ * cannot be freed. The caller is expected to call this function
+ * on a shallow copy of the structure.
+ */
+static SECStatus
+ssl3_ConsumeFromItem(SECItem *item, unsigned char **buf, PRUint32 bytes)
+{
+ if (bytes > item->len)
+ return SECFailure;
+
+ *buf = item->data;
+ item->data += bytes;
+ item->len -= bytes;
+ return SECSuccess;
+}
+
+/* Extension format:
+ * Extension number: 2 bytes
+ * Extension length: 2 bytes
+ * Verify Data Length: 1 byte
+ * Verify Data (TLS): 12 bytes (client) or 24 bytes (server)
+ * Verify Data (SSL): 36 bytes (client) or 72 bytes (server)
+ */
+PRInt32
+ssl3_SendRenegotiationInfoXtn(
+ const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 len = 0;
+ PRInt32 needed;
+
+ /* In draft-ietf-tls-renegotiation-03, it is NOT RECOMMENDED to send
+ * both the SCSV and the empty RI, so when we send SCSV in
+ * the initial handshake, we don't also send RI.
+ */
+ if (!ss || ss->ssl3.hs.sendingSCSV)
+ return 0;
+ if (ss->firstHsDone) {
+ len = ss->sec.isServer ? ss->ssl3.hs.finishedBytes * 2
+ : ss->ssl3.hs.finishedBytes;
+ }
+ needed = 5 + len;
+ if (maxBytes < (PRUint32)needed) {
+ return 0;
+ }
+ if (append) {
+ SECStatus rv;
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_renegotiation_info_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* length of extension_data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, len + 1, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* verify_Data from previous Finished message(s) */
+ rv = ssl3_ExtAppendHandshakeVariable(ss,
+ ss->ssl3.hs.finishedMsgs.data, len, 1);
+ if (rv != SECSuccess)
+ return -1;
+ if (!ss->sec.isServer) {
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_renegotiation_info_xtn;
+ }
+ }
+ return needed;
+}
+
+/* This function runs in both the client and server. */
+SECStatus
+ssl3_HandleRenegotiationInfoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv = SECSuccess;
+ PRUint32 len = 0;
+
+ if (ss->firstHsDone) {
+ len = ss->sec.isServer ? ss->ssl3.hs.finishedBytes
+ : ss->ssl3.hs.finishedBytes * 2;
+ }
+ if (data->len != 1 + len || data->data[0] != len) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+ if (len && NSS_SecureMemcmp(ss->ssl3.hs.finishedMsgs.data,
+ data->data + 1, len)) {
+ ssl3_ExtSendAlert(ss, alert_fatal, handshake_failure);
+ PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ return SECFailure;
+ }
+ /* remember that we got this extension and it was correct. */
+ CONST_CAST(sslSocket, ss)
+ ->peerRequestedProtection = 1;
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ if (ss->sec.isServer) {
+ /* prepare to send back the appropriate response */
+ rv = ssl3_RegisterExtensionSender(ss, xtnData, ex_type,
+ ssl3_SendRenegotiationInfoXtn);
+ }
+ return rv;
+}
+
+PRInt32
+ssl3_ClientSendUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes)
+{
+ PRUint32 ext_data_len;
+ PRInt16 i;
+ SECStatus rv;
+
+ if (!ss)
+ return 0;
+
+ if (!IS_DTLS(ss) || !ss->ssl3.dtlsSRTPCipherCount)
+ return 0; /* Not relevant */
+
+ ext_data_len = 2 + 2 * ss->ssl3.dtlsSRTPCipherCount + 1;
+
+ if (append && maxBytes >= 4 + ext_data_len) {
+ /* Extension type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_use_srtp_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* Length of extension data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ext_data_len, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* Length of the SRTP cipher list */
+ rv = ssl3_ExtAppendHandshakeNumber(ss,
+ 2 * ss->ssl3.dtlsSRTPCipherCount,
+ 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* The SRTP ciphers */
+ for (i = 0; i < ss->ssl3.dtlsSRTPCipherCount; i++) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss,
+ ss->ssl3.dtlsSRTPCiphers[i],
+ 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+ /* Empty MKI value */
+ ssl3_ExtAppendHandshakeVariable(ss, NULL, 0, 1);
+
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_use_srtp_xtn;
+ }
+
+ return 4 + ext_data_len;
+}
+
+PRInt32
+ssl3_ServerSendUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes)
+{
+ SECStatus rv;
+
+ /* Server side */
+ if (!append || maxBytes < 9) {
+ return 9;
+ }
+
+ /* Extension type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_use_srtp_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* Length of extension data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 5, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* Length of the SRTP cipher list */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 2, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* The selected cipher */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, xtnData->dtlsSRTPCipherSuite, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* Empty MKI value */
+ ssl3_ExtAppendHandshakeVariable(ss, NULL, 0, 1);
+
+ return 9;
+}
+
+SECStatus
+ssl3_ClientHandleUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ SECItem ciphers = { siBuffer, NULL, 0 };
+ PRUint16 i;
+ PRUint16 cipher = 0;
+ PRBool found = PR_FALSE;
+ SECItem litem;
+
+ if (!data->data || !data->len) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+
+ /* Get the cipher list */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &ciphers, 2,
+ &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure; /* fatal alert already sent */
+ }
+ /* Now check that the server has picked just 1 (i.e., len = 2) */
+ if (ciphers.len != 2) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+
+ /* Get the selected cipher */
+ cipher = (ciphers.data[0] << 8) | ciphers.data[1];
+
+ /* Now check that this is one of the ciphers we offered */
+ for (i = 0; i < ss->ssl3.dtlsSRTPCipherCount; i++) {
+ if (cipher == ss->ssl3.dtlsSRTPCiphers[i]) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+
+ if (!found) {
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ return SECFailure;
+ }
+
+ /* Get the srtp_mki value */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &litem, 1,
+ &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure; /* alert already sent */
+ }
+
+ /* We didn't offer an MKI, so this must be 0 length */
+ if (litem.len != 0) {
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ return SECFailure;
+ }
+
+ /* extra trailing bytes */
+ if (data->len != 0) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+
+ /* OK, this looks fine. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ssl_use_srtp_xtn;
+ xtnData->dtlsSRTPCipherSuite = cipher;
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_ServerHandleUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ SECItem ciphers = { siBuffer, NULL, 0 };
+ PRUint16 i;
+ unsigned int j;
+ PRUint16 cipher = 0;
+ PRBool found = PR_FALSE;
+ SECItem litem;
+
+ if (!IS_DTLS(ss) || !ss->ssl3.dtlsSRTPCipherCount) {
+ /* Ignore the extension if we aren't doing DTLS or no DTLS-SRTP
+ * preferences have been set. */
+ return SECSuccess;
+ }
+
+ if (!data->data || data->len < 5) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+
+ /* Get the cipher list */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &ciphers, 2,
+ &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure; /* alert already sent */
+ }
+ /* Check that the list is even length */
+ if (ciphers.len % 2) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+
+ /* Walk through the offered list and pick the most preferred of our
+ * ciphers, if any */
+ for (i = 0; !found && i < ss->ssl3.dtlsSRTPCipherCount; i++) {
+ for (j = 0; j + 1 < ciphers.len; j += 2) {
+ cipher = (ciphers.data[j] << 8) | ciphers.data[j + 1];
+ if (cipher == ss->ssl3.dtlsSRTPCiphers[i]) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+ }
+
+ /* Get the srtp_mki value */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &litem, 1, &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (data->len != 0) {
+ ssl3_ExtDecodeError(ss); /* trailing bytes */
+ return SECFailure;
+ }
+
+ /* Now figure out what to do */
+ if (!found) {
+ /* No matching ciphers, pretend we don't support use_srtp */
+ return SECSuccess;
+ }
+
+ /* OK, we have a valid cipher and we've selected it */
+ xtnData->dtlsSRTPCipherSuite = cipher;
+ xtnData->negotiated[xtnData->numNegotiated++] = ssl_use_srtp_xtn;
+
+ return ssl3_RegisterExtensionSender(ss, xtnData,
+ ssl_use_srtp_xtn,
+ ssl3_ServerSendUseSRTPXtn);
+}
+
+/* ssl3_ServerHandleSigAlgsXtn handles the signature_algorithms extension
+ * from a client.
+ * See https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
+SECStatus
+ssl3_ServerHandleSigAlgsXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+
+ /* Ignore this extension if we aren't doing TLS 1.2 or greater. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_2) {
+ return SECSuccess;
+ }
+
+ if (xtnData->clientSigSchemes) {
+ PORT_Free(xtnData->clientSigSchemes);
+ xtnData->clientSigSchemes = NULL;
+ }
+ rv = ssl_ParseSignatureSchemes(ss, NULL,
+ &xtnData->clientSigSchemes,
+ &xtnData->numClientSigScheme,
+ &data->data, &data->len);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+ return SECFailure;
+ }
+ /* Check for trailing data. */
+ if (data->len != 0) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+ return SECFailure;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ return SECSuccess;
+}
+
+/* ssl3_ClientSendSigAlgsXtn sends the signature_algorithm extension for TLS
+ * 1.2 ClientHellos. */
+PRInt32
+ssl3_ClientSendSigAlgsXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ PRUint8 buf[MAX_SIGNATURE_SCHEMES * 2];
+ PRUint32 len;
+ SECStatus rv;
+
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_2) {
+ return 0;
+ }
+
+ rv = ssl3_EncodeSigAlgs(ss, buf, sizeof(buf), &len);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+
+ extension_length =
+ 2 /* extension type */ +
+ 2 /* extension length */ +
+ 2 /* supported_signature_algorithms length */ +
+ len;
+
+ if (maxBytes < extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_signature_algorithms_xtn, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ rv = ssl3_ExtAppendHandshakeNumber(ss, len + 2, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+
+ rv = ssl3_ExtAppendHandshakeVariable(ss, buf, len, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_signature_algorithms_xtn;
+ }
+
+ return extension_length;
+}
+
+/* Takes the size of the ClientHello, less the record header, and determines how
+ * much padding is required. */
+unsigned int
+ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength)
+{
+ unsigned int recordLength = 1 /* handshake message type */ +
+ 3 /* handshake message length */ +
+ clientHelloLength;
+ unsigned int extensionLength;
+
+ if (recordLength < 256 || recordLength >= 512) {
+ return 0;
+ }
+
+ extensionLength = 512 - recordLength;
+ /* Extensions take at least four bytes to encode. Always include at least
+ * one byte of data if including the extension. Some servers (e.g.
+ * WebSphere Application Server 7.0 and Tomcat) will time out or terminate
+ * the connection if the last extension in the client hello is empty. */
+ if (extensionLength < 4 + 1) {
+ extensionLength = 4 + 1;
+ }
+
+ return extensionLength;
+}
+
+/* ssl3_AppendPaddingExtension possibly adds an extension which ensures that a
+ * ClientHello record is either < 256 bytes or is >= 512 bytes. This ensures
+ * that we don't trigger bugs in F5 products. */
+PRInt32
+ssl3_AppendPaddingExtension(sslSocket *ss, unsigned int extensionLen,
+ PRUint32 maxBytes)
+{
+ unsigned int paddingLen = extensionLen - 4;
+ static unsigned char padding[252];
+
+ if (extensionLen == 0) {
+ return 0;
+ }
+
+ if (extensionLen > maxBytes ||
+ !paddingLen ||
+ paddingLen > sizeof(padding)) {
+ PORT_Assert(0);
+ return -1;
+ }
+
+ if (SECSuccess != ssl3_ExtAppendHandshakeNumber(ss, ssl_padding_xtn, 2))
+ return -1;
+ if (SECSuccess != ssl3_ExtAppendHandshakeVariable(ss, padding, paddingLen, 2))
+ return -1;
+
+ return extensionLen;
+}
+
+PRInt32
+ssl3_SendExtendedMasterSecretXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+
+ if (!ss->opt.enableExtendedMS) {
+ return 0;
+ }
+
+ /* Always send the extension in this function, since the
+ * client always sends it and this function is only called on
+ * the server if we negotiated the extension. */
+ extension_length = 4; /* Type + length (0) */
+ if (maxBytes < extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_extended_master_secret_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_extended_master_secret_xtn;
+ }
+
+ return extension_length;
+
+loser:
+ return -1;
+}
+
+SECStatus
+ssl3_HandleExtendedMasterSecretXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_0) {
+ return SECSuccess;
+ }
+
+ if (!ss->opt.enableExtendedMS) {
+ return SECSuccess;
+ }
+
+ if (data->len != 0) {
+ SSL_TRC(30, ("%d: SSL3[%d]: Bogus extended master secret extension",
+ SSL_GETPID(), ss->fd));
+ return SECFailure;
+ }
+
+ SSL_DBG(("%d: SSL[%d]: Negotiated extended master secret extension.",
+ SSL_GETPID(), ss->fd));
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ if (ss->sec.isServer) {
+ return ssl3_RegisterExtensionSender(
+ ss, xtnData, ex_type, ssl3_SendExtendedMasterSecretXtn);
+ }
+ return SECSuccess;
+}
+
+/* ssl3_ClientSendSignedCertTimestampXtn sends the signed_certificate_timestamp
+ * extension for TLS ClientHellos. */
+PRInt32
+ssl3_ClientSendSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length = 2 /* extension_type */ +
+ 2 /* length(extension_data) */;
+
+ /* Only send the extension if processing is enabled. */
+ if (!ss->opt.enableSignedCertTimestamps)
+ return 0;
+
+ if (append && maxBytes >= extension_length) {
+ SECStatus rv;
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss,
+ ssl_signed_cert_timestamp_xtn,
+ 2);
+ if (rv != SECSuccess)
+ goto loser;
+ /* zero length */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_signed_cert_timestamp_xtn;
+ } else if (maxBytes < extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ return extension_length;
+loser:
+ return -1;
+}
+
+SECStatus
+ssl3_ClientHandleSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ /* We do not yet know whether we'll be resuming a session or creating
+ * a new one, so we keep a pointer to the data in the TLSExtensionData
+ * structure. This pointer is only valid in the scope of
+ * ssl3_HandleServerHello, and, if not resuming a session, the data is
+ * copied once a new session structure has been set up.
+ * All parsing is currently left to the application and we accept
+ * everything, including empty data.
+ */
+ SECItem *scts = &xtnData->signedCertTimestamps;
+ PORT_Assert(!scts->data && !scts->len);
+
+ if (!data->len) {
+ /* Empty extension data: RFC 6962 mandates non-empty contents. */
+ return SECFailure;
+ }
+ *scts = *data;
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ return SECSuccess;
+}
+
+PRInt32
+ssl3_ServerSendSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ const SECItem *scts = &ss->sec.serverCert->signedCertTimestamps;
+
+ if (!scts->len) {
+ /* No timestamps to send */
+ return 0;
+ }
+
+ extension_length = 2 /* extension_type */ +
+ 2 /* length(extension_data) */ +
+ scts->len;
+
+ if (maxBytes < extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+ if (append) {
+ SECStatus rv;
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss,
+ ssl_signed_cert_timestamp_xtn,
+ 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ /* extension_data */
+ rv = ssl3_ExtAppendHandshakeVariable(ss, scts->data, scts->len, 2);
+ if (rv != SECSuccess) {
+ return -1;
+ }
+ }
+
+ return extension_length;
+}
+
+SECStatus
+ssl3_ServerHandleSignedCertTimestampXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data)
+{
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+ PORT_Assert(ss->sec.isServer);
+ return ssl3_RegisterExtensionSender(
+ ss, xtnData, ex_type, ssl3_ServerSendSignedCertTimestampXtn);
+}
+
+/* Just make sure that the remote client supports uncompressed points,
+ * Since that is all we support. Disable ECC cipher suites if it doesn't.
+ */
+SECStatus
+ssl3_HandleSupportedPointFormatsXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data)
+{
+ int i;
+
+ if (data->len < 2 || data->len > 255 || !data->data ||
+ data->len != (unsigned int)data->data[0] + 1) {
+ ssl3_ExtDecodeError(ss);
+ return SECFailure;
+ }
+ for (i = data->len; --i > 0;) {
+ if (data->data[i] == 0) {
+ /* indicate that we should send a reply */
+ SECStatus rv;
+ rv = ssl3_RegisterExtensionSender(ss, xtnData, ex_type,
+ &ssl3_SendSupportedPointFormatsXtn);
+ return rv;
+ }
+ }
+
+ /* Poor client doesn't support uncompressed points. */
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ return SECFailure;
+}
+
+static SECStatus
+ssl_UpdateSupportedGroups(sslSocket *ss, SECItem *data)
+{
+ PRInt32 list_len;
+ unsigned int i;
+ const sslNamedGroupDef *enabled[SSL_NAMED_GROUP_COUNT] = { 0 };
+ PORT_Assert(SSL_NAMED_GROUP_COUNT == PR_ARRAY_SIZE(enabled));
+
+ if (!data->data || data->len < 4) {
+ (void)ssl3_DecodeError(ss);
+ return SECFailure;
+ }
+
+ /* get the length of elliptic_curve_list */
+ list_len = ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (list_len < 0 || data->len != list_len || (data->len % 2) != 0) {
+ (void)ssl3_DecodeError(ss);
+ return SECFailure;
+ }
+
+ /* disable all groups and remember the enabled groups */
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ enabled[i] = ss->namedGroupPreferences[i];
+ ss->namedGroupPreferences[i] = NULL;
+ }
+
+ /* Read groups from data and enable if in |enabled| */
+ while (data->len) {
+ const sslNamedGroupDef *group;
+ PRInt32 curve_name =
+ ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (curve_name < 0) {
+ return SECFailure; /* fatal alert already sent */
+ }
+ group = ssl_LookupNamedGroup(curve_name);
+ if (group) {
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (enabled[i] && group == enabled[i]) {
+ ss->namedGroupPreferences[i] = enabled[i];
+ break;
+ }
+ }
+ }
+
+ /* "Codepoints in the NamedCurve registry with a high byte of 0x01 (that
+ * is, between 256 and 511 inclusive) are set aside for FFDHE groups,"
+ * -- https://tools.ietf.org/html/draft-ietf-tls-negotiated-ff-dhe-10
+ */
+ if ((curve_name & 0xff00) == 0x0100) {
+ ss->xtnData.peerSupportsFfdheGroups = PR_TRUE;
+ }
+ }
+
+ /* Note: if ss->opt.requireDHENamedGroups is set, we disable DHE cipher
+ * suites, but we do that in ssl3_config_match(). */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ !ss->opt.requireDHENamedGroups && !ss->xtnData.peerSupportsFfdheGroups) {
+ /* If we don't require that DHE use named groups, and no FFDHE was
+ * included, we pretend that they support all the FFDHE groups we do. */
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (enabled[i] && enabled[i]->keaType == ssl_kea_dh) {
+ ss->namedGroupPreferences[i] = enabled[i];
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+/* Ensure that the curve in our server cert is one of the ones supported
+ * by the remote client, and disable all ECC cipher suites if not.
+ */
+SECStatus
+ssl_HandleSupportedGroupsXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+
+ rv = ssl_UpdateSupportedGroups(CONST_CAST(sslSocket, ss), data);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /* TLS 1.3 permits the server to send this extension so make it so. */
+ if (ss->sec.isServer && ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ rv = ssl3_RegisterExtensionSender(ss, xtnData, ex_type,
+ &ssl_SendSupportedGroupsXtn);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error already set. */
+ }
+ }
+
+ /* Remember that we negotiated this extension. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/ssl3exthandle.h b/security/nss/lib/ssl/ssl3exthandle.h
new file mode 100644
index 000000000..65223d6fd
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3exthandle.h
@@ -0,0 +1,95 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ssl3exthandle_h_
+#define __ssl3exthandle_h_
+
+PRInt32 ssl3_SendRenegotiationInfoXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+SECStatus ssl3_HandleRenegotiationInfoXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ClientHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ClientHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ServerHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ServerHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+PRInt32 ssl3_ClientSendNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+PRInt32 ssl3_ClientSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+PRInt32 ssl3_ServerSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+PRInt32 ssl3_ClientSendUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+PRInt32 ssl3_ServerSendUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+SECStatus ssl3_ClientHandleUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+SECStatus ssl3_ServerHandleUseSRTPXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+PRInt32 ssl3_ServerSendStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+SECStatus ssl3_ServerHandleStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ClientHandleStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+PRInt32 ssl3_ClientSendStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+PRInt32 ssl3_ClientSendSigAlgsXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+SECStatus ssl3_ServerHandleSigAlgsXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+
+PRInt32 ssl3_ClientSendSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+SECStatus ssl3_ClientHandleSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+PRInt32 ssl3_ServerSendSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+SECStatus ssl3_ServerHandleSignedCertTimestampXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+PRInt32 ssl3_SendExtendedMasterSecretXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+SECStatus ssl3_HandleExtendedMasterSecretXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+SECStatus ssl3_ProcessSessionTicketCommon(sslSocket *ss, SECItem *data);
+PRInt32 ssl3_SendServerNameXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+SECStatus ssl3_HandleServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl_HandleSupportedGroupsXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_HandleSupportedPointFormatsXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ClientHandleSessionTicketXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+SECStatus ssl3_ServerHandleSessionTicketXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+PRInt32 ssl3_SendSessionTicketXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+
+PRInt32 ssl_SendSupportedGroupsXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+PRInt32 ssl3_SendSupportedPointFormatsXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+#endif
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
new file mode 100644
index 000000000..2bcc1d0aa
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3gthr.c
@@ -0,0 +1,573 @@
+/*
+ * Gather (Read) entire SSL3 records from socket into buffer.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "ssl3prot.h"
+
+struct ssl2GatherStr {
+ /* true when ssl3_GatherData encounters an SSLv2 handshake */
+ PRBool isV2;
+
+ /* number of bytes of padding appended to the message content */
+ PRUint8 padding;
+};
+
+typedef struct ssl2GatherStr ssl2Gather;
+
+/* Caller should hold RecvBufLock. */
+SECStatus
+ssl3_InitGather(sslGather *gs)
+{
+ SECStatus status;
+
+ gs->state = GS_INIT;
+ gs->writeOffset = 0;
+ gs->readOffset = 0;
+ gs->dtlsPacketOffset = 0;
+ gs->dtlsPacket.len = 0;
+ status = sslBuffer_Grow(&gs->buf, 4096);
+ return status;
+}
+
+/* Caller must hold RecvBufLock. */
+void
+ssl3_DestroyGather(sslGather *gs)
+{
+ if (gs) { /* the PORT_*Free functions check for NULL pointers. */
+ PORT_ZFree(gs->buf.buf, gs->buf.space);
+ PORT_Free(gs->inbuf.buf);
+ PORT_Free(gs->dtlsPacket.buf);
+ }
+}
+
+/* Checks whether a given buffer is likely an SSLv3 record header. */
+PRBool
+ssl3_isLikelyV3Hello(const unsigned char *buf)
+{
+ /* Even if this was a V2 record header we couldn't possibly parse it
+ * correctly as the second bit denotes a vaguely-defined security escape. */
+ if (buf[0] & 0x40) {
+ return PR_TRUE;
+ }
+
+ /* Check for a typical V3 record header. */
+ return (PRBool)(buf[0] >= content_change_cipher_spec &&
+ buf[0] <= content_application_data &&
+ buf[1] == MSB(SSL_LIBRARY_VERSION_3_0));
+}
+
+/*
+ * Attempt to read in an entire SSL3 record.
+ * Blocks here for blocking sockets, otherwise returns -1 with
+ * PR_WOULD_BLOCK_ERROR when socket would block.
+ *
+ * returns 1 if received a complete SSL3 record.
+ * returns 0 if recv returns EOF
+ * returns -1 if recv returns < 0
+ * (The error value may have already been set to PR_WOULD_BLOCK_ERROR)
+ *
+ * Caller must hold the recv buf lock.
+ *
+ * The Gather state machine has 3 states: GS_INIT, GS_HEADER, GS_DATA.
+ * GS_HEADER: waiting for the 5-byte SSL3 record header to come in.
+ * GS_DATA: waiting for the body of the SSL3 record to come in.
+ *
+ * This loop returns when either
+ * (a) an error or EOF occurs,
+ * (b) PR_WOULD_BLOCK_ERROR,
+ * (c) data (entire SSL3 record) has been received.
+ */
+static int
+ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags, ssl2Gather *ssl2gs)
+{
+ unsigned char *bp;
+ unsigned char *lbp;
+ int nb;
+ int err;
+ int rv = 1;
+ PRUint8 v2HdrLength = 0;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ if (gs->state == GS_INIT) {
+ gs->state = GS_HEADER;
+ gs->remainder = ss->ssl3.hs.shortHeaders ? 2 : 5;
+ gs->offset = 0;
+ gs->writeOffset = 0;
+ gs->readOffset = 0;
+ gs->inbuf.len = 0;
+ }
+
+ lbp = gs->inbuf.buf;
+ for (;;) {
+ SSL_TRC(30, ("%d: SSL3[%d]: gather state %d (need %d more)",
+ SSL_GETPID(), ss->fd, gs->state, gs->remainder));
+ bp = ((gs->state != GS_HEADER) ? lbp : gs->hdr) + gs->offset;
+ nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
+
+ if (nb > 0) {
+ PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
+ } else if (nb == 0) {
+ /* EOF */
+ SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
+ rv = 0;
+ break;
+ } else /* if (nb < 0) */ {
+ SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
+ PR_GetError()));
+ rv = SECFailure;
+ break;
+ }
+
+ PORT_Assert((unsigned int)nb <= gs->remainder);
+ if ((unsigned int)nb > gs->remainder) {
+ /* ssl_DefRecv is misbehaving! this error is fatal to SSL. */
+ gs->state = GS_INIT; /* so we don't crash next time */
+ rv = SECFailure;
+ break;
+ }
+
+ gs->offset += nb;
+ gs->remainder -= nb;
+ if (gs->state == GS_DATA)
+ gs->inbuf.len += nb;
+
+ /* if there's more to go, read some more. */
+ if (gs->remainder > 0) {
+ continue;
+ }
+
+ /* have received entire record header, or entire record. */
+ switch (gs->state) {
+ case GS_HEADER:
+ /* Check for SSLv2 handshakes. Always assume SSLv3 on clients,
+ * support SSLv2 handshakes only when ssl2gs != NULL. */
+ if (!ssl2gs || ssl3_isLikelyV3Hello(gs->hdr)) {
+ /* Should have a non-SSLv2 record header in gs->hdr. Extract
+ * the length of the following encrypted data, and then
+ * read in the rest of the record into gs->inbuf. */
+ if (ss->ssl3.hs.shortHeaders) {
+ PRUint16 len = (gs->hdr[0] << 8) | gs->hdr[1];
+ if (!(len & 0x8000)) {
+ SSL_DBG(("%d: SSL3[%d]: incorrectly formatted header"));
+ SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
+ gs->state = GS_INIT;
+ PORT_SetError(SSL_ERROR_BAD_MAC_READ);
+ return SECFailure;
+ }
+ gs->remainder = len & ~0x8000;
+ } else {
+ gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4];
+ }
+ } else {
+ /* Probably an SSLv2 record header. No need to handle any
+ * security escapes (gs->hdr[0] & 0x40) as we wouldn't get
+ * here if one was set. See ssl3_isLikelyV3Hello(). */
+ gs->remainder = ((gs->hdr[0] & 0x7f) << 8) | gs->hdr[1];
+ ssl2gs->isV2 = PR_TRUE;
+ v2HdrLength = 2;
+
+ /* Is it a 3-byte header with padding? */
+ if (!(gs->hdr[0] & 0x80)) {
+ ssl2gs->padding = gs->hdr[2];
+ v2HdrLength++;
+ }
+ }
+
+ /* This is the max length for an encrypted SSLv3+ fragment. */
+ if (!v2HdrLength &&
+ gs->remainder > (MAX_FRAGMENT_LENGTH + 2048)) {
+ SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ gs->state = GS_INIT;
+ PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
+ return SECFailure;
+ }
+
+ gs->state = GS_DATA;
+ gs->offset = 0;
+ gs->inbuf.len = 0;
+
+ if (gs->remainder > gs->inbuf.space) {
+ err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
+ if (err) { /* realloc has set error code to no mem. */
+ return err;
+ }
+ lbp = gs->inbuf.buf;
+ }
+
+ /* When we encounter an SSLv2 hello we've read 2 or 3 bytes too
+ * many into the gs->hdr[] buffer. Copy them over into inbuf so
+ * that we can properly process the hello record later. */
+ if (v2HdrLength) {
+ gs->inbuf.len = 5 - v2HdrLength;
+ PORT_Memcpy(lbp, gs->hdr + v2HdrLength, gs->inbuf.len);
+ gs->remainder -= gs->inbuf.len;
+ lbp += gs->inbuf.len;
+ }
+
+ break; /* End this case. Continue around the loop. */
+
+ case GS_DATA:
+ /*
+ ** SSL3 record has been completely received.
+ */
+ SSL_TRC(10, ("%d: SSL[%d]: got record of %d bytes",
+ SSL_GETPID(), ss->fd, gs->inbuf.len));
+ gs->state = GS_INIT;
+ return 1;
+ }
+ }
+
+ return rv;
+}
+
+/*
+ * Read in an entire DTLS record.
+ *
+ * Blocks here for blocking sockets, otherwise returns -1 with
+ * PR_WOULD_BLOCK_ERROR when socket would block.
+ *
+ * This is simpler than SSL because we are reading on a datagram socket
+ * and datagrams must contain >=1 complete records.
+ *
+ * returns 1 if received a complete DTLS record.
+ * returns 0 if recv returns EOF
+ * returns -1 if recv returns < 0
+ * (The error value may have already been set to PR_WOULD_BLOCK_ERROR)
+ *
+ * Caller must hold the recv buf lock.
+ *
+ * This loop returns when either
+ * (a) an error or EOF occurs,
+ * (b) PR_WOULD_BLOCK_ERROR,
+ * (c) data (entire DTLS record) has been received.
+ */
+static int
+dtls_GatherData(sslSocket *ss, sslGather *gs, int flags)
+{
+ int nb;
+ int err;
+ int rv = 1;
+
+ SSL_TRC(30, ("dtls_GatherData"));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ gs->state = GS_HEADER;
+ gs->offset = 0;
+
+ if (gs->dtlsPacketOffset == gs->dtlsPacket.len) { /* No data left */
+ gs->dtlsPacketOffset = 0;
+ gs->dtlsPacket.len = 0;
+
+ /* Resize to the maximum possible size so we can fit a full datagram */
+ /* This is the max fragment length for an encrypted fragment
+ ** plus the size of the record header.
+ ** This magic constant is copied from ssl3_GatherData, with 5 changed
+ ** to 13 (the size of the record header).
+ */
+ if (gs->dtlsPacket.space < MAX_FRAGMENT_LENGTH + 2048 + 13) {
+ err = sslBuffer_Grow(&gs->dtlsPacket,
+ MAX_FRAGMENT_LENGTH + 2048 + 13);
+ if (err) { /* realloc has set error code to no mem. */
+ return err;
+ }
+ }
+
+ /* recv() needs to read a full datagram at a time */
+ nb = ssl_DefRecv(ss, gs->dtlsPacket.buf, gs->dtlsPacket.space, flags);
+
+ if (nb > 0) {
+ PRINT_BUF(60, (ss, "raw gather data:", gs->dtlsPacket.buf, nb));
+ } else if (nb == 0) {
+ /* EOF */
+ SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
+ rv = 0;
+ return rv;
+ } else /* if (nb < 0) */ {
+ SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
+ PR_GetError()));
+ rv = SECFailure;
+ return rv;
+ }
+
+ gs->dtlsPacket.len = nb;
+ }
+
+ /* At this point we should have >=1 complete records lined up in
+ * dtlsPacket. Read off the header.
+ */
+ if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < 13) {
+ SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet "
+ "too short to contain header",
+ SSL_GETPID(), ss->fd));
+ PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
+ gs->dtlsPacketOffset = 0;
+ gs->dtlsPacket.len = 0;
+ rv = SECFailure;
+ return rv;
+ }
+ memcpy(gs->hdr, gs->dtlsPacket.buf + gs->dtlsPacketOffset, 13);
+ gs->dtlsPacketOffset += 13;
+
+ /* Have received SSL3 record header in gs->hdr. */
+ gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12];
+
+ if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < gs->remainder) {
+ SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet too short "
+ "to contain rest of body",
+ SSL_GETPID(), ss->fd));
+ PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
+ gs->dtlsPacketOffset = 0;
+ gs->dtlsPacket.len = 0;
+ rv = SECFailure;
+ return rv;
+ }
+
+ /* OK, we have at least one complete packet, copy into inbuf */
+ if (gs->remainder > gs->inbuf.space) {
+ err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
+ if (err) { /* realloc has set error code to no mem. */
+ return err;
+ }
+ }
+
+ memcpy(gs->inbuf.buf, gs->dtlsPacket.buf + gs->dtlsPacketOffset,
+ gs->remainder);
+ gs->inbuf.len = gs->remainder;
+ gs->offset = gs->remainder;
+ gs->dtlsPacketOffset += gs->remainder;
+ gs->state = GS_INIT;
+
+ return 1;
+}
+
+/* Gather in a record and when complete, Handle that record.
+ * Repeat this until the handshake is complete,
+ * or until application data is available.
+ *
+ * Returns 1 when the handshake is completed without error, or
+ * application data is available.
+ * Returns 0 if ssl3_GatherData hits EOF.
+ * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
+ * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
+ *
+ * Called from ssl_GatherRecord1stHandshake in sslcon.c,
+ * and from SSL_ForceHandshake in sslsecur.c
+ * and from ssl3_GatherAppDataRecord below (<- DoRecv in sslsecur.c).
+ *
+ * Caller must hold the recv buf lock.
+ */
+int
+ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
+{
+ int rv;
+ SSL3Ciphertext cText;
+ PRBool keepGoing = PR_TRUE;
+
+ SSL_TRC(30, ("ssl3_GatherCompleteHandshake"));
+
+ /* ssl3_HandleRecord may end up eventually calling ssl_FinishHandshake,
+ * which requires the 1stHandshakeLock, which must be acquired before the
+ * RecvBufLock.
+ */
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ do {
+ PRBool handleRecordNow = PR_FALSE;
+
+ ssl_GetSSL3HandshakeLock(ss);
+
+ /* Without this, we may end up wrongly reporting
+ * SSL_ERROR_RX_UNEXPECTED_* errors if we receive any records from the
+ * peer while we are waiting to be restarted.
+ */
+ if (ss->ssl3.hs.restartTarget) {
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ return (int)SECFailure;
+ }
+
+ /* Treat an empty msgState like a NULL msgState. (Most of the time
+ * when ssl3_HandleHandshake returns SECWouldBlock, it leaves
+ * behind a non-NULL but zero-length msgState).
+ * Test: async_cert_restart_server_sends_hello_request_first_in_separate_record
+ */
+ if (ss->ssl3.hs.msgState.buf) {
+ if (ss->ssl3.hs.msgState.len == 0) {
+ ss->ssl3.hs.msgState.buf = NULL;
+ } else {
+ handleRecordNow = PR_TRUE;
+ }
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+
+ if (handleRecordNow) {
+ /* ssl3_HandleHandshake previously returned SECWouldBlock and the
+ * as-yet-unprocessed plaintext of that previous handshake record.
+ * We need to process it now before we overwrite it with the next
+ * handshake record.
+ */
+ rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
+ } else {
+ /* State for SSLv2 client hello support. */
+ ssl2Gather ssl2gs = { PR_FALSE, 0 };
+ ssl2Gather *ssl2gs_ptr = NULL;
+
+ /* If we're a server and waiting for a client hello, accept v2. */
+ if (ss->sec.isServer && ss->ssl3.hs.ws == wait_client_hello) {
+ ssl2gs_ptr = &ssl2gs;
+ }
+
+ /* bring in the next sslv3 record. */
+ if (ss->recvdCloseNotify) {
+ /* RFC 5246 Section 7.2.1:
+ * Any data received after a closure alert is ignored.
+ */
+ return 0;
+ }
+
+ if (!IS_DTLS(ss)) {
+ /* If we're a server waiting for a ClientHello then pass
+ * ssl2gs to support SSLv2 ClientHello messages. */
+ rv = ssl3_GatherData(ss, &ss->gs, flags, ssl2gs_ptr);
+ } else {
+ rv = dtls_GatherData(ss, &ss->gs, flags);
+
+ /* If we got a would block error, that means that no data was
+ * available, so we check the timer to see if it's time to
+ * retransmit */
+ if (rv == SECFailure &&
+ (PORT_GetError() == PR_WOULD_BLOCK_ERROR)) {
+ dtls_CheckTimer(ss);
+ /* Restore the error in case something succeeded */
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ }
+ }
+
+ if (rv <= 0) {
+ return rv;
+ }
+
+ if (ssl2gs.isV2) {
+ rv = ssl3_HandleV2ClientHello(ss, ss->gs.inbuf.buf,
+ ss->gs.inbuf.len,
+ ssl2gs.padding);
+ if (rv < 0) {
+ return rv;
+ }
+ } else {
+ /* decipher it, and handle it if it's a handshake.
+ * If it's application data, ss->gs.buf will not be empty upon return.
+ * If it's a change cipher spec, alert, or handshake message,
+ * ss->gs.buf.len will be 0 when ssl3_HandleRecord returns SECSuccess.
+ */
+ if (ss->ssl3.hs.shortHeaders) {
+ cText.type = content_application_data;
+ cText.version = SSL_LIBRARY_VERSION_TLS_1_0;
+ } else {
+ cText.type = (SSL3ContentType)ss->gs.hdr[0];
+ cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
+ }
+
+ if (IS_DTLS(ss)) {
+ sslSequenceNumber seq_num;
+
+ cText.version = dtls_DTLSVersionToTLSVersion(cText.version);
+ /* DTLS sequence number */
+ PORT_Memcpy(&seq_num, &ss->gs.hdr[3], sizeof(seq_num));
+ cText.seq_num = PR_ntohll(seq_num);
+ }
+
+ cText.buf = &ss->gs.inbuf;
+ rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
+ }
+ }
+ if (rv < 0) {
+ return ss->recvdCloseNotify ? 0 : rv;
+ }
+ if (ss->gs.buf.len > 0) {
+ /* We have application data to return to the application. This
+ * prioritizes returning application data to the application over
+ * completing any renegotiation handshake we may be doing.
+ */
+ PORT_Assert(ss->firstHsDone);
+ PORT_Assert(cText.type == content_application_data);
+ break;
+ }
+
+ PORT_Assert(keepGoing);
+ ssl_GetSSL3HandshakeLock(ss);
+ if (ss->ssl3.hs.ws == idle_handshake) {
+ /* We are done with the current handshake so stop trying to
+ * handshake. Note that it would be safe to test ss->firstHsDone
+ * instead of ss->ssl3.hs.ws. By testing ss->ssl3.hs.ws instead,
+ * we prioritize completing a renegotiation handshake over sending
+ * application data.
+ */
+ PORT_Assert(ss->firstHsDone);
+ PORT_Assert(!ss->ssl3.hs.canFalseStart);
+ keepGoing = PR_FALSE;
+ } else if (ss->ssl3.hs.canFalseStart) {
+ /* Prioritize sending application data over trying to complete
+ * the handshake if we're false starting.
+ *
+ * If we were to do this check at the beginning of the loop instead
+ * of here, then this function would become be a no-op after
+ * receiving the ServerHelloDone in the false start case, and we
+ * would never complete the handshake.
+ */
+ PORT_Assert(!ss->firstHsDone);
+
+ if (ssl3_WaitingForServerSecondRound(ss)) {
+ keepGoing = PR_FALSE;
+ } else {
+ ss->ssl3.hs.canFalseStart = PR_FALSE;
+ }
+ }
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ } while (keepGoing);
+
+ /* Service the DTLS timer so that the holddown timer eventually fires. */
+ if (IS_DTLS(ss)) {
+ dtls_CheckTimer(ss);
+ }
+ ss->gs.readOffset = 0;
+ ss->gs.writeOffset = ss->gs.buf.len;
+ return 1;
+}
+
+/* Repeatedly gather in a record and when complete, Handle that record.
+ * Repeat this until some application data is received.
+ *
+ * Returns 1 when application data is available.
+ * Returns 0 if ssl3_GatherData hits EOF.
+ * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
+ * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
+ *
+ * Called from DoRecv in sslsecur.c
+ * Caller must hold the recv buf lock.
+ */
+int
+ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
+{
+ int rv;
+
+ /* ssl3_GatherCompleteHandshake requires both of these locks. */
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ do {
+ rv = ssl3_GatherCompleteHandshake(ss, flags);
+ } while (rv > 0 && ss->gs.buf.len == 0);
+
+ return rv;
+}
diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h
new file mode 100644
index 000000000..35c7e547d
--- /dev/null
+++ b/security/nss/lib/ssl/ssl3prot.h
@@ -0,0 +1,331 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* Private header file of libSSL.
+ * Various and sundry protocol constants. DON'T CHANGE THESE. These
+ * values are defined by the SSL 3.0 protocol specification.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ssl3proto_h_
+#define __ssl3proto_h_
+
+typedef PRUint8 SSL3Opaque;
+
+typedef PRUint16 SSL3ProtocolVersion;
+/* version numbers are defined in sslproto.h */
+
+/* The TLS 1.3 draft version. Used to avoid negotiating
+ * between incompatible pre-standard TLS 1.3 drafts.
+ * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
+#define TLS_1_3_DRAFT_VERSION 18
+
+typedef PRUint16 ssl3CipherSuite;
+/* The cipher suites are defined in sslproto.h */
+
+#define MAX_CERT_TYPES 10
+#define MAX_COMPRESSION_METHODS 10
+#define MAX_MAC_LENGTH 64
+#define MAX_PADDING_LENGTH 64
+#define MAX_KEY_LENGTH 64
+#define EXPORT_KEY_LENGTH 5
+#define SSL3_RANDOM_LENGTH 32
+
+#define SSL3_RECORD_HEADER_LENGTH 5
+#define TLS13_RECORD_HEADER_LENGTH_SHORT 2
+
+/* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */
+#define DTLS_RECORD_HEADER_LENGTH 13
+
+#define MAX_FRAGMENT_LENGTH 16384
+
+typedef enum {
+ content_change_cipher_spec = 20,
+ content_alert = 21,
+ content_handshake = 22,
+ content_application_data = 23
+} SSL3ContentType;
+
+typedef struct {
+ SSL3ContentType type;
+ SSL3ProtocolVersion version;
+ PRUint16 length;
+ SECItem fragment;
+} SSL3Plaintext;
+
+typedef struct {
+ SSL3ContentType type;
+ SSL3ProtocolVersion version;
+ PRUint16 length;
+ SECItem fragment;
+} SSL3Compressed;
+
+typedef struct {
+ SECItem content;
+ SSL3Opaque MAC[MAX_MAC_LENGTH];
+} SSL3GenericStreamCipher;
+
+typedef struct {
+ SECItem content;
+ SSL3Opaque MAC[MAX_MAC_LENGTH];
+ PRUint8 padding[MAX_PADDING_LENGTH];
+ PRUint8 padding_length;
+} SSL3GenericBlockCipher;
+
+typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
+
+typedef struct {
+ SSL3ChangeCipherSpecChoice choice;
+} SSL3ChangeCipherSpec;
+
+typedef enum { alert_warning = 1,
+ alert_fatal = 2 } SSL3AlertLevel;
+
+typedef enum {
+ close_notify = 0,
+ end_of_early_data = 1, /* TLS 1.3 */
+ unexpected_message = 10,
+ bad_record_mac = 20,
+ decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */
+ record_overflow = 22, /* TLS only */
+ decompression_failure = 30,
+ handshake_failure = 40,
+ no_certificate = 41, /* SSL3 only, NOT TLS */
+ bad_certificate = 42,
+ unsupported_certificate = 43,
+ certificate_revoked = 44,
+ certificate_expired = 45,
+ certificate_unknown = 46,
+ illegal_parameter = 47,
+
+ /* All alerts below are TLS only. */
+ unknown_ca = 48,
+ access_denied = 49,
+ decode_error = 50,
+ decrypt_error = 51,
+ export_restriction = 60,
+ protocol_version = 70,
+ insufficient_security = 71,
+ internal_error = 80,
+ inappropriate_fallback = 86, /* could also be sent for SSLv3 */
+ user_canceled = 90,
+ no_renegotiation = 100,
+
+ /* Alerts for client hello extensions */
+ missing_extension = 109,
+ unsupported_extension = 110,
+ certificate_unobtainable = 111,
+ unrecognized_name = 112,
+ bad_certificate_status_response = 113,
+ bad_certificate_hash_value = 114,
+ no_application_protocol = 120,
+
+ /* invalid alert */
+ no_alert = 256
+} SSL3AlertDescription;
+
+typedef struct {
+ SSL3AlertLevel level;
+ SSL3AlertDescription description;
+} SSL3Alert;
+
+typedef enum {
+ hello_request = 0,
+ client_hello = 1,
+ server_hello = 2,
+ hello_verify_request = 3,
+ new_session_ticket = 4,
+ hello_retry_request = 6,
+ encrypted_extensions = 8,
+ certificate = 11,
+ server_key_exchange = 12,
+ certificate_request = 13,
+ server_hello_done = 14,
+ certificate_verify = 15,
+ client_key_exchange = 16,
+ finished = 20,
+ certificate_status = 22,
+ next_proto = 67
+} SSL3HandshakeType;
+
+typedef struct {
+ PRUint8 empty;
+} SSL3HelloRequest;
+
+typedef struct {
+ SSL3Opaque rand[SSL3_RANDOM_LENGTH];
+} SSL3Random;
+
+typedef struct {
+ SSL3Opaque id[32];
+ PRUint8 length;
+} SSL3SessionID;
+
+typedef struct {
+ SSL3ProtocolVersion client_version;
+ SSL3Random random;
+ SSL3SessionID session_id;
+ SECItem cipher_suites;
+ PRUint8 cm_count;
+ SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
+} SSL3ClientHello;
+
+typedef struct {
+ SSL3ProtocolVersion server_version;
+ SSL3Random random;
+ SSL3SessionID session_id;
+ ssl3CipherSuite cipher_suite;
+ SSLCompressionMethod compression_method;
+} SSL3ServerHello;
+
+typedef struct {
+ SECItem list;
+} SSL3Certificate;
+
+/* SSL3SignType moved to ssl.h */
+
+/* The SSL key exchange method used */
+typedef enum {
+ kea_null,
+ kea_rsa,
+ kea_dh_dss,
+ kea_dh_rsa,
+ kea_dhe_dss,
+ kea_dhe_rsa,
+ kea_dh_anon,
+ kea_ecdh_ecdsa,
+ kea_ecdhe_ecdsa,
+ kea_ecdh_rsa,
+ kea_ecdhe_rsa,
+ kea_ecdh_anon,
+ kea_ecdhe_psk,
+ kea_dhe_psk,
+ kea_tls13_any,
+} SSL3KeyExchangeAlgorithm;
+
+typedef struct {
+ SECItem modulus;
+ SECItem exponent;
+} SSL3ServerRSAParams;
+
+typedef struct {
+ SECItem p;
+ SECItem g;
+ SECItem Ys;
+} SSL3ServerDHParams;
+
+typedef struct {
+ union {
+ SSL3ServerDHParams dh;
+ SSL3ServerRSAParams rsa;
+ } u;
+} SSL3ServerParams;
+
+/* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS
+ * prior to 1.2. */
+typedef struct {
+ PRUint8 md5[16];
+ PRUint8 sha[20];
+} SSL3HashesIndividually;
+
+/* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw|
+ * which, if |hashAlg==ssl_hash_none| is also a SSL3HashesIndividually
+ * struct. */
+typedef struct {
+ unsigned int len;
+ SSLHashType hashAlg;
+ union {
+ PRUint8 raw[64];
+ SSL3HashesIndividually s;
+ unsigned int transcriptLen;
+ } u;
+} SSL3Hashes;
+
+typedef struct {
+ union {
+ SSL3Opaque anonymous;
+ SSL3Hashes certified;
+ } u;
+} SSL3ServerKeyExchange;
+
+typedef enum {
+ ct_RSA_sign = 1,
+ ct_DSS_sign = 2,
+ ct_RSA_fixed_DH = 3,
+ ct_DSS_fixed_DH = 4,
+ ct_RSA_ephemeral_DH = 5,
+ ct_DSS_ephemeral_DH = 6,
+ ct_ECDSA_sign = 64,
+ ct_RSA_fixed_ECDH = 65,
+ ct_ECDSA_fixed_ECDH = 66
+
+} SSL3ClientCertificateType;
+
+typedef struct {
+ SSL3Opaque client_version[2];
+ SSL3Opaque random[46];
+} SSL3RSAPreMasterSecret;
+
+typedef SSL3Opaque SSL3MasterSecret[48];
+
+typedef enum {
+ sender_client = 0x434c4e54,
+ sender_server = 0x53525652
+} SSL3Sender;
+
+typedef SSL3HashesIndividually SSL3Finished;
+
+typedef struct {
+ SSL3Opaque verify_data[12];
+} TLSFinished;
+
+/*
+ * TLS extension related data structures and constants.
+ */
+
+/* SessionTicket extension related data structures. */
+
+/* NewSessionTicket handshake message. */
+typedef struct {
+ PRUint32 received_timestamp;
+ PRUint32 ticket_lifetime_hint;
+ PRUint32 flags;
+ PRUint32 ticket_age_add;
+ PRUint32 max_early_data_size;
+ SECItem ticket;
+} NewSessionTicket;
+
+typedef enum {
+ tls13_psk_ke = 0,
+ tls13_psk_dh_ke = 1
+} TLS13PskKEModes;
+
+typedef enum {
+ CLIENT_AUTH_ANONYMOUS = 0,
+ CLIENT_AUTH_CERTIFICATE = 1
+} ClientAuthenticationType;
+
+typedef struct {
+ ClientAuthenticationType client_auth_type;
+ union {
+ SSL3Opaque *certificate_list;
+ } identity;
+} ClientIdentity;
+
+#define SESS_TICKET_KEY_NAME_LEN 16
+#define SESS_TICKET_KEY_NAME_PREFIX "NSS!"
+#define SESS_TICKET_KEY_NAME_PREFIX_LEN 4
+#define SESS_TICKET_KEY_VAR_NAME_LEN 12
+
+typedef struct {
+ unsigned char *key_name;
+ unsigned char *iv;
+ SECItem encrypted_state;
+ unsigned char *mac;
+} EncryptedSessionTicket;
+
+#define TLS_EX_SESS_TICKET_MAC_LENGTH 32
+
+#define TLS_STE_NO_SERVER_NAME -1
+
+#endif /* __ssl3proto_h_ */
diff --git a/security/nss/lib/ssl/sslauth.c b/security/nss/lib/ssl/sslauth.c
new file mode 100644
index 000000000..5b5f672f0
--- /dev/null
+++ b/security/nss/lib/ssl/sslauth.c
@@ -0,0 +1,292 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "cert.h"
+#include "secitem.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "pk11func.h"
+#include "ocsp.h"
+
+/* NEED LOCKS IN HERE. */
+CERTCertificate *
+SSL_PeerCertificate(PRFileDesc *fd)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
+ SSL_GETPID(), fd));
+ return 0;
+ }
+ if (ss->opt.useSecurity && ss->sec.peerCert) {
+ return CERT_DupCertificate(ss->sec.peerCert);
+ }
+ return 0;
+}
+
+/* NEED LOCKS IN HERE. */
+CERTCertList *
+SSL_PeerCertificateChain(PRFileDesc *fd)
+{
+ sslSocket *ss;
+ CERTCertList *chain = NULL;
+ CERTCertificate *cert;
+ ssl3CertNode *cur;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificateChain",
+ SSL_GETPID(), fd));
+ return NULL;
+ }
+ if (!ss->opt.useSecurity || !ss->sec.peerCert) {
+ PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
+ return NULL;
+ }
+ chain = CERT_NewCertList();
+ if (!chain) {
+ return NULL;
+ }
+ cert = CERT_DupCertificate(ss->sec.peerCert);
+ if (CERT_AddCertToListTail(chain, cert) != SECSuccess) {
+ goto loser;
+ }
+ for (cur = ss->ssl3.peerCertChain; cur; cur = cur->next) {
+ cert = CERT_DupCertificate(cur->cert);
+ if (CERT_AddCertToListTail(chain, cert) != SECSuccess) {
+ goto loser;
+ }
+ }
+ return chain;
+
+loser:
+ CERT_DestroyCertList(chain);
+ return NULL;
+}
+
+/* NEED LOCKS IN HERE. */
+CERTCertificate *
+SSL_LocalCertificate(PRFileDesc *fd)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
+ SSL_GETPID(), fd));
+ return NULL;
+ }
+ if (ss->opt.useSecurity) {
+ if (ss->sec.localCert) {
+ return CERT_DupCertificate(ss->sec.localCert);
+ }
+ if (ss->sec.ci.sid && ss->sec.ci.sid->localCert) {
+ return CERT_DupCertificate(ss->sec.ci.sid->localCert);
+ }
+ }
+ return NULL;
+}
+
+/* NEED LOCKS IN HERE. */
+SECStatus
+SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
+ char **ip, char **sp)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SecurityStatus",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (cp)
+ *cp = 0;
+ if (kp0)
+ *kp0 = 0;
+ if (kp1)
+ *kp1 = 0;
+ if (ip)
+ *ip = 0;
+ if (sp)
+ *sp = 0;
+ if (op) {
+ *op = SSL_SECURITY_STATUS_OFF;
+ }
+
+ if (ss->opt.useSecurity && ss->enoughFirstHsDone) {
+ const ssl3BulkCipherDef *bulkCipherDef;
+ PRBool isDes = PR_FALSE;
+
+ bulkCipherDef = ssl_GetBulkCipherDef(ss->ssl3.hs.suite_def);
+ if (cp) {
+ *cp = PORT_Strdup(bulkCipherDef->short_name);
+ }
+ if (PORT_Strstr(bulkCipherDef->short_name, "DES")) {
+ isDes = PR_TRUE;
+ }
+
+ if (kp0) {
+ *kp0 = bulkCipherDef->key_size * 8;
+ if (isDes)
+ *kp0 = (*kp0 * 7) / 8;
+ }
+ if (kp1) {
+ *kp1 = bulkCipherDef->secret_key_size * 8;
+ if (isDes)
+ *kp1 = (*kp1 * 7) / 8;
+ }
+ if (op) {
+ if (bulkCipherDef->key_size == 0) {
+ *op = SSL_SECURITY_STATUS_OFF;
+ } else if (bulkCipherDef->secret_key_size * 8 < 90) {
+ *op = SSL_SECURITY_STATUS_ON_LOW;
+ } else {
+ *op = SSL_SECURITY_STATUS_ON_HIGH;
+ }
+ }
+
+ if (ip || sp) {
+ CERTCertificate *cert;
+
+ cert = ss->sec.peerCert;
+ if (cert) {
+ if (ip) {
+ *ip = CERT_NameToAscii(&cert->issuer);
+ }
+ if (sp) {
+ *sp = CERT_NameToAscii(&cert->subject);
+ }
+ } else {
+ if (ip) {
+ *ip = PORT_Strdup("no certificate");
+ }
+ if (sp) {
+ *sp = PORT_Strdup("no certificate");
+ }
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+/************************************************************************/
+
+/* NEED LOCKS IN HERE. */
+SECStatus
+SSL_AuthCertificateHook(PRFileDesc *s, SSLAuthCertificate func, void *arg)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(s);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in AuthCertificateHook",
+ SSL_GETPID(), s));
+ return SECFailure;
+ }
+
+ ss->authCertificate = func;
+ ss->authCertificateArg = arg;
+
+ return SECSuccess;
+}
+
+/* NEED LOCKS IN HERE. */
+SECStatus
+SSL_GetClientAuthDataHook(PRFileDesc *s, SSLGetClientAuthData func,
+ void *arg)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(s);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
+ SSL_GETPID(), s));
+ return SECFailure;
+ }
+
+ ss->getClientAuthData = func;
+ ss->getClientAuthDataArg = arg;
+ return SECSuccess;
+}
+
+/* NEED LOCKS IN HERE. */
+SECStatus
+SSL_SetPKCS11PinArg(PRFileDesc *s, void *arg)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(s);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
+ SSL_GETPID(), s));
+ return SECFailure;
+ }
+
+ ss->pkcs11PinArg = arg;
+ return SECSuccess;
+}
+
+/* This is the "default" authCert callback function. It is called when a
+ * certificate message is received from the peer and the local application
+ * has not registered an authCert callback function.
+ */
+SECStatus
+SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
+{
+ SECStatus rv;
+ CERTCertDBHandle *handle;
+ sslSocket *ss;
+ SECCertUsage certUsage;
+ const char *hostname = NULL;
+ PRTime now = PR_Now();
+ SECItemArray *certStatusArray;
+
+ ss = ssl_FindSocket(fd);
+ PORT_Assert(ss != NULL);
+ if (!ss) {
+ return SECFailure;
+ }
+
+ handle = (CERTCertDBHandle *)arg;
+ certStatusArray = &ss->sec.ci.sid->peerCertStatus;
+
+ if (certStatusArray->len) {
+ PORT_SetError(0);
+ if (CERT_CacheOCSPResponseFromSideChannel(handle, ss->sec.peerCert, now,
+ &certStatusArray->items[0],
+ ss->pkcs11PinArg) !=
+ SECSuccess) {
+ PORT_Assert(PR_GetError() != 0);
+ }
+ }
+
+ /* this may seem backwards, but isn't. */
+ certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
+
+ rv = CERT_VerifyCert(handle, ss->sec.peerCert, checkSig, certUsage,
+ now, ss->pkcs11PinArg, NULL);
+
+ if (rv != SECSuccess || isServer)
+ return rv;
+
+ /* cert is OK. This is the client side of an SSL connection.
+ * Now check the name field in the cert against the desired hostname.
+ * NB: This is our only defense against Man-In-The-Middle (MITM) attacks!
+ */
+ hostname = ss->url;
+ if (hostname && hostname[0])
+ rv = CERT_VerifyCertName(ss->sec.peerCert, hostname);
+ else
+ rv = SECFailure;
+ if (rv != SECSuccess)
+ PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
+
+ return rv;
+}
diff --git a/security/nss/lib/ssl/sslcert.c b/security/nss/lib/ssl/sslcert.c
new file mode 100644
index 000000000..ea524552d
--- /dev/null
+++ b/security/nss/lib/ssl/sslcert.c
@@ -0,0 +1,992 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * SSL server certificate configuration functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ssl.h"
+#include "sslimpl.h"
+#include "secoid.h" /* for SECOID_GetAlgorithmTag */
+#include "pk11func.h" /* for PK11_ReferenceSlot */
+#include "nss.h" /* for NSS_RegisterShutdown */
+#include "prinit.h" /* for PR_CallOnceWithArg */
+
+static const PRCallOnceType pristineCallOnce;
+static PRCallOnceType setupServerCAListOnce;
+
+static SECStatus
+serverCAListShutdown(void *appData, void *nssData)
+{
+ PORT_Assert(ssl3_server_ca_list);
+ if (ssl3_server_ca_list) {
+ CERT_FreeDistNames(ssl3_server_ca_list);
+ ssl3_server_ca_list = NULL;
+ }
+ setupServerCAListOnce = pristineCallOnce;
+ return SECSuccess;
+}
+
+static PRStatus
+serverCAListSetup(void *arg)
+{
+ CERTCertDBHandle *dbHandle = (CERTCertDBHandle *)arg;
+ SECStatus rv = NSS_RegisterShutdown(serverCAListShutdown, NULL);
+ PORT_Assert(SECSuccess == rv);
+ if (SECSuccess == rv) {
+ ssl3_server_ca_list = CERT_GetSSLCACerts(dbHandle);
+ return PR_SUCCESS;
+ }
+ return PR_FAILURE;
+}
+
+sslServerCert *
+ssl_NewServerCert(const sslServerCertType *certType)
+{
+ sslServerCert *sc = PORT_ZNew(sslServerCert);
+ if (!sc) {
+ return NULL;
+ }
+ memcpy(&sc->certType, certType, sizeof(sc->certType));
+ sc->serverCert = NULL;
+ sc->serverCertChain = NULL;
+ sc->certStatusArray = NULL;
+ sc->signedCertTimestamps.len = 0;
+ return sc;
+}
+
+sslServerCert *
+ssl_CopyServerCert(const sslServerCert *oc)
+{
+ sslServerCert *sc;
+
+ sc = ssl_NewServerCert(&oc->certType);
+ if (!sc) {
+ return NULL;
+ }
+
+ if (oc->serverCert && oc->serverCertChain) {
+ sc->serverCert = CERT_DupCertificate(oc->serverCert);
+ if (!sc->serverCert)
+ goto loser;
+ sc->serverCertChain = CERT_DupCertList(oc->serverCertChain);
+ if (!sc->serverCertChain)
+ goto loser;
+ } else {
+ sc->serverCert = NULL;
+ sc->serverCertChain = NULL;
+ }
+
+ if (oc->serverKeyPair) {
+ sc->serverKeyPair = ssl_GetKeyPairRef(oc->serverKeyPair);
+ if (!sc->serverKeyPair)
+ goto loser;
+ } else {
+ sc->serverKeyPair = NULL;
+ }
+ sc->serverKeyBits = oc->serverKeyBits;
+
+ if (oc->certStatusArray) {
+ sc->certStatusArray = SECITEM_DupArray(NULL, oc->certStatusArray);
+ if (!sc->certStatusArray)
+ goto loser;
+ } else {
+ sc->certStatusArray = NULL;
+ }
+
+ if (SECITEM_CopyItem(NULL, &sc->signedCertTimestamps,
+ &oc->signedCertTimestamps) != SECSuccess)
+ goto loser;
+ return sc;
+loser:
+ ssl_FreeServerCert(sc);
+ return NULL;
+}
+
+void
+ssl_FreeServerCert(sslServerCert *sc)
+{
+ if (!sc) {
+ return;
+ }
+
+ if (sc->serverCert) {
+ CERT_DestroyCertificate(sc->serverCert);
+ }
+ if (sc->serverCertChain) {
+ CERT_DestroyCertificateList(sc->serverCertChain);
+ }
+ if (sc->serverKeyPair) {
+ ssl_FreeKeyPair(sc->serverKeyPair);
+ }
+ if (sc->certStatusArray) {
+ SECITEM_FreeArray(sc->certStatusArray, PR_TRUE);
+ }
+ if (sc->signedCertTimestamps.len) {
+ SECITEM_FreeItem(&sc->signedCertTimestamps, PR_FALSE);
+ }
+ PORT_ZFree(sc, sizeof(*sc));
+}
+
+sslServerCert *
+ssl_FindServerCert(const sslSocket *ss,
+ const sslServerCertType *certType)
+{
+ PRCList *cursor;
+
+ for (cursor = PR_NEXT_LINK(&ss->serverCerts);
+ cursor != &ss->serverCerts;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslServerCert *cert = (sslServerCert *)cursor;
+ if (cert->certType.authType != certType->authType) {
+ continue;
+ }
+ switch (cert->certType.authType) {
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ /* Note: For deprecated APIs, we need to be able to find and
+ match a slot with any named curve. */
+ if (certType->namedCurve &&
+ cert->certType.namedCurve != certType->namedCurve) {
+ continue;
+ }
+ break;
+ default:
+ break;
+ }
+ return cert;
+ }
+ return NULL;
+}
+
+sslServerCert *
+ssl_FindServerCertByAuthType(const sslSocket *ss, SSLAuthType authType)
+{
+ sslServerCertType certType;
+ certType.authType = authType;
+ /* Setting the named curve to NULL ensures that all EC certificates
+ * are matched when searching for this slot. */
+ certType.namedCurve = NULL;
+ return ssl_FindServerCert(ss, &certType);
+}
+
+SECStatus
+ssl_OneTimeCertSetup(sslSocket *ss, const sslServerCert *sc)
+{
+ if (PR_SUCCESS != PR_CallOnceWithArg(&setupServerCAListOnce,
+ &serverCAListSetup,
+ (void *)(ss->dbHandle))) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* Determine which slot a certificate fits into. SSLAuthType is known, but
+ * extra information needs to be worked out from the cert and key. */
+static void
+ssl_PopulateCertType(sslServerCertType *certType, SSLAuthType authType,
+ CERTCertificate *cert, sslKeyPair *keyPair)
+{
+ certType->authType = authType;
+ switch (authType) {
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ certType->namedCurve = ssl_ECPubKey2NamedGroup(keyPair->pubKey);
+ break;
+ default:
+ break;
+ }
+}
+
+static SECStatus
+ssl_PopulateServerCert(sslServerCert *sc, CERTCertificate *cert,
+ const CERTCertificateList *certChain)
+{
+ if (sc->serverCert) {
+ CERT_DestroyCertificate(sc->serverCert);
+ }
+ if (sc->serverCertChain) {
+ CERT_DestroyCertificateList(sc->serverCertChain);
+ }
+
+ if (!cert) {
+ sc->serverCert = NULL;
+ sc->serverCertChain = NULL;
+ return SECSuccess;
+ }
+
+ sc->serverCert = CERT_DupCertificate(cert);
+ if (certChain) {
+ sc->serverCertChain = CERT_DupCertList(certChain);
+ } else {
+ sc->serverCertChain =
+ CERT_CertChainFromCert(sc->serverCert, certUsageSSLServer,
+ PR_TRUE);
+ }
+ return sc->serverCertChain ? SECSuccess : SECFailure;
+}
+
+static SECStatus
+ssl_PopulateKeyPair(sslServerCert *sc, sslKeyPair *keyPair)
+{
+ /* Copy over the key pair. */
+ if (sc->serverKeyPair) {
+ ssl_FreeKeyPair(sc->serverKeyPair);
+ }
+ if (keyPair) {
+ /* Get the size of the cert's public key, and remember it. */
+ sc->serverKeyBits = SECKEY_PublicKeyStrengthInBits(keyPair->pubKey);
+ if (sc->serverKeyBits == 0) {
+ return SECFailure;
+ }
+
+ SECKEY_CacheStaticFlags(keyPair->privKey);
+ sc->serverKeyPair = ssl_GetKeyPairRef(keyPair);
+ } else {
+ sc->serverKeyPair = NULL;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+ssl_PopulateOCSPResponses(sslServerCert *sc,
+ const SECItemArray *stapledOCSPResponses)
+{
+ if (sc->certStatusArray) {
+ SECITEM_FreeArray(sc->certStatusArray, PR_TRUE);
+ }
+ if (stapledOCSPResponses) {
+ sc->certStatusArray = SECITEM_DupArray(NULL, stapledOCSPResponses);
+ return sc->certStatusArray ? SECSuccess : SECFailure;
+ } else {
+ sc->certStatusArray = NULL;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+ssl_PopulateSignedCertTimestamps(sslServerCert *sc,
+ const SECItem *signedCertTimestamps)
+{
+ if (sc->signedCertTimestamps.len) {
+ SECITEM_FreeItem(&sc->signedCertTimestamps, PR_FALSE);
+ }
+ if (signedCertTimestamps && signedCertTimestamps->len) {
+ return SECITEM_CopyItem(NULL, &sc->signedCertTimestamps,
+ signedCertTimestamps);
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+ssl_ConfigCert(sslSocket *ss, CERTCertificate *cert,
+ sslKeyPair *keyPair, const SSLExtraServerCertData *data)
+{
+ sslServerCert *oldsc;
+ sslServerCertType certType;
+ SECStatus rv;
+ sslServerCert *sc = NULL;
+ int error_code = SEC_ERROR_NO_MEMORY;
+
+ PORT_Assert(cert);
+ PORT_Assert(keyPair);
+ PORT_Assert(data);
+ PORT_Assert(data->authType != ssl_auth_null);
+
+ if (!cert || !keyPair || !data || data->authType == ssl_auth_null) {
+ error_code = SEC_ERROR_INVALID_ARGS;
+ goto loser;
+ }
+
+ ssl_PopulateCertType(&certType, data->authType, cert, keyPair);
+
+ /* Delete any existing certificate that matches this one, since we can only
+ * use one certificate of a given type. */
+ oldsc = ssl_FindServerCert(ss, &certType);
+ if (oldsc) {
+ PR_REMOVE_LINK(&oldsc->link);
+ ssl_FreeServerCert(oldsc);
+ }
+ sc = ssl_NewServerCert(&certType);
+ if (!sc) {
+ goto loser;
+ }
+
+ rv = ssl_PopulateServerCert(sc, cert, data->certChain);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = ssl_PopulateKeyPair(sc, keyPair);
+ if (rv != SECSuccess) {
+ error_code = SEC_ERROR_INVALID_ARGS;
+ goto loser;
+ }
+ rv = ssl_PopulateOCSPResponses(sc, data->stapledOCSPResponses);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = ssl_PopulateSignedCertTimestamps(sc, data->signedCertTimestamps);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PR_APPEND_LINK(&sc->link, &ss->serverCerts);
+
+ /* This one-time setup depends on having the certificate in place. */
+ rv = ssl_OneTimeCertSetup(ss, sc);
+ if (rv != SECSuccess) {
+ PR_REMOVE_LINK(&sc->link);
+ error_code = PORT_GetError();
+ goto loser;
+ }
+ return SECSuccess;
+
+loser:
+ if (sc) {
+ ssl_FreeServerCert(sc);
+ }
+ /* This is the only way any of the calls above can fail, except the one time
+ * setup, which doesn't land here. */
+ PORT_SetError(error_code);
+ return SECFailure;
+}
+
+static SSLAuthType
+ssl_GetEcdhAuthType(CERTCertificate *cert)
+{
+ SECOidTag sigTag = SECOID_GetAlgorithmTag(&cert->signature);
+ switch (sigTag) {
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ return ssl_auth_ecdh_rsa;
+ case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+ case SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST:
+ case SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST:
+ return ssl_auth_ecdh_ecdsa;
+ default:
+ return ssl_auth_null;
+ }
+}
+
+/* This function examines the key usages of the given RSA-PKCS1 certificate
+ * and configures one or multiple server certificates based on that data.
+ *
+ * If the data argument contains an authType value other than ssl_auth_null,
+ * then only that slot will be used. If that choice is invalid,
+ * then this will fail. */
+static SECStatus
+ssl_ConfigRsaPkcs1CertByUsage(sslSocket *ss, CERTCertificate *cert,
+ sslKeyPair *keyPair,
+ SSLExtraServerCertData *data)
+{
+ SECStatus rv = SECFailure;
+
+ PRBool ku_sig = (PRBool)(cert->keyUsage & KU_DIGITAL_SIGNATURE);
+ PRBool ku_enc = (PRBool)(cert->keyUsage & KU_KEY_ENCIPHERMENT);
+
+ if ((data->authType == ssl_auth_rsa_sign && ku_sig) ||
+ (data->authType == ssl_auth_rsa_pss && ku_sig) ||
+ (data->authType == ssl_auth_rsa_decrypt && ku_enc)) {
+ return ssl_ConfigCert(ss, cert, keyPair, data);
+ }
+
+ if (data->authType != ssl_auth_null || !(ku_sig || ku_enc)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (ku_sig) {
+ data->authType = ssl_auth_rsa_sign;
+ rv = ssl_ConfigCert(ss, cert, keyPair, data);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ /* This certificate is RSA, assume that it's also PSS. */
+ data->authType = ssl_auth_rsa_pss;
+ rv = ssl_ConfigCert(ss, cert, keyPair, data);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ if (ku_enc) {
+ /* If ku_sig=true we configure signature and encryption slots with the
+ * same cert. This is bad form, but there are enough dual-usage RSA
+ * certs that we can't really break by limiting this to one type. */
+ data->authType = ssl_auth_rsa_decrypt;
+ rv = ssl_ConfigCert(ss, cert, keyPair, data);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ return rv;
+}
+
+/* This function examines the type of certificate and its key usage and
+ * configures a certificate based on that information. For some certificates
+ * this can mean that multiple server certificates are configured.
+ *
+ * If the data argument contains an authType value other than ssl_auth_null,
+ * then only that slot will be used. If that choice is invalid,
+ * then this will fail. */
+static SECStatus
+ssl_ConfigCertByUsage(sslSocket *ss, CERTCertificate *cert,
+ sslKeyPair *keyPair, const SSLExtraServerCertData *data)
+{
+ SECStatus rv = SECFailure;
+ SSLExtraServerCertData arg;
+ SECOidTag tag;
+
+ PORT_Assert(data);
+ /* Take a (shallow) copy so that we can play with it */
+ memcpy(&arg, data, sizeof(arg));
+
+ tag = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
+ switch (tag) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ return ssl_ConfigRsaPkcs1CertByUsage(ss, cert, keyPair, &arg);
+
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ if (cert->keyUsage & KU_DIGITAL_SIGNATURE) {
+ arg.authType = ssl_auth_rsa_pss;
+ }
+ break;
+
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ if (cert->keyUsage & KU_DIGITAL_SIGNATURE) {
+ arg.authType = ssl_auth_dsa;
+ }
+ break;
+
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ if (cert->keyUsage & KU_KEY_ENCIPHERMENT) {
+ if ((cert->keyUsage & KU_DIGITAL_SIGNATURE) &&
+ arg.authType == ssl_auth_null) {
+ /* See above regarding bad practice. */
+ arg.authType = ssl_auth_ecdsa;
+ rv = ssl_ConfigCert(ss, cert, keyPair, &arg);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+
+ arg.authType = ssl_GetEcdhAuthType(cert);
+ } else if (cert->keyUsage & KU_DIGITAL_SIGNATURE) {
+ arg.authType = ssl_auth_ecdsa;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ /* Check that we successfully picked an authType */
+ if (arg.authType == ssl_auth_null) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ /* |data->authType| has to either agree or be ssl_auth_null. */
+ if (data && data->authType != ssl_auth_null &&
+ data->authType != arg.authType) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return ssl_ConfigCert(ss, cert, keyPair, &arg);
+}
+
+/* This function adopts pubKey and destroys it if things go wrong. */
+static sslKeyPair *
+ssl_MakeKeyPairForCert(SECKEYPrivateKey *key, SECKEYPublicKey *pubKey)
+{
+ sslKeyPair *keyPair = NULL;
+ SECKEYPrivateKey *privKeyCopy = NULL;
+ PK11SlotInfo *bestSlot;
+
+ if (key->pkcs11Slot) {
+ bestSlot = PK11_ReferenceSlot(key->pkcs11Slot);
+ if (bestSlot) {
+ privKeyCopy = PK11_CopyTokenPrivKeyToSessionPrivKey(bestSlot, key);
+ PK11_FreeSlot(bestSlot);
+ }
+ }
+ if (!privKeyCopy) {
+ CK_MECHANISM_TYPE keyMech = PK11_MapSignKeyType(key->keyType);
+ /* XXX Maybe should be bestSlotMultiple? */
+ bestSlot = PK11_GetBestSlot(keyMech, NULL /* wincx */);
+ if (bestSlot) {
+ privKeyCopy = PK11_CopyTokenPrivKeyToSessionPrivKey(bestSlot, key);
+ PK11_FreeSlot(bestSlot);
+ }
+ }
+ if (!privKeyCopy) {
+ privKeyCopy = SECKEY_CopyPrivateKey(key);
+ }
+ if (privKeyCopy) {
+ keyPair = ssl_NewKeyPair(privKeyCopy, pubKey);
+ }
+ if (!keyPair) {
+ if (privKeyCopy) {
+ SECKEY_DestroyPrivateKey(privKeyCopy);
+ }
+ /* We adopted the public key, so we're responsible. */
+ if (pubKey) {
+ SECKEY_DestroyPublicKey(pubKey);
+ }
+ }
+ return keyPair;
+}
+
+/* Configure a certificate and private key.
+ *
+ * This function examines the certificate and key to determine which slot (or
+ * slots) to place the information in. As long as certificates are different
+ * (based on having different values of sslServerCertType), then this function
+ * can be called multiple times and the certificates will all be remembered.
+ */
+SECStatus
+SSL_ConfigServerCert(PRFileDesc *fd, CERTCertificate *cert,
+ SECKEYPrivateKey *key,
+ const SSLExtraServerCertData *data, unsigned int data_len)
+{
+ sslSocket *ss;
+ SECKEYPublicKey *pubKey;
+ sslKeyPair *keyPair;
+ SECStatus rv;
+ SSLExtraServerCertData dataCopy = {
+ ssl_auth_null, NULL, NULL, NULL
+ };
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ return SECFailure;
+ }
+
+ if (!cert || !key) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (data) {
+ if (data_len > sizeof(dataCopy)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ PORT_Memcpy(&dataCopy, data, data_len);
+ }
+
+ pubKey = CERT_ExtractPublicKey(cert);
+ if (!pubKey) {
+ return SECFailure;
+ }
+
+ keyPair = ssl_MakeKeyPairForCert(key, pubKey);
+ if (!keyPair) {
+ /* pubKey is adopted by ssl_MakeKeyPairForCert() */
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ rv = ssl_ConfigCertByUsage(ss, cert, keyPair, &dataCopy);
+ ssl_FreeKeyPair(keyPair);
+ return rv;
+}
+
+/*******************************************************************/
+/* Deprecated functions.
+ *
+ * The remainder of this file contains deprecated functions for server
+ * certificate configuration. These configure certificates incorrectly, but in
+ * a way that allows old code to continue working without change. All these
+ * functions create certificate slots based on SSLKEAType values. Some values
+ * of SSLKEAType cause multiple certificates to be configured.
+ */
+
+SECStatus
+SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert,
+ SECKEYPrivateKey *key, SSLKEAType kea)
+{
+ return SSL_ConfigSecureServerWithCertChain(fd, cert, NULL, key, kea);
+}
+
+/* This implements a limited check that is consistent with the checks performed
+ * by older versions of NSS. This is less rigorous than the checks in
+ * ssl_ConfigCertByUsage(), only checking against the type of key and ignoring
+ * things like usage. */
+static PRBool
+ssl_CertSuitableForAuthType(CERTCertificate *cert, SSLAuthType authType)
+{
+ SECOidTag tag = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
+ switch (authType) {
+ case ssl_auth_rsa_decrypt:
+ case ssl_auth_rsa_sign:
+ return tag == SEC_OID_X500_RSA_ENCRYPTION ||
+ tag == SEC_OID_PKCS1_RSA_ENCRYPTION;
+ case ssl_auth_dsa:
+ return tag == SEC_OID_ANSIX9_DSA_SIGNATURE;
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ return tag == SEC_OID_ANSIX962_EC_PUBLIC_KEY;
+ case ssl_auth_null:
+ case ssl_auth_kea:
+ case ssl_auth_rsa_pss: /* not supported with deprecated APIs */
+ return PR_FALSE;
+ default:
+ PORT_Assert(0);
+ return PR_FALSE;
+ }
+}
+
+/* This finds an existing server cert slot and unlinks it, or it makes a new
+ * server cert slot of the right type. */
+static sslServerCert *
+ssl_FindOrMakeCertType(sslSocket *ss, SSLAuthType authType)
+{
+ sslServerCert *sc;
+ sslServerCertType certType;
+
+ certType.authType = authType;
+ /* Setting the named curve to NULL ensures that all EC certificates
+ * are matched when searching for this slot. */
+ certType.namedCurve = NULL;
+ sc = ssl_FindServerCert(ss, &certType);
+ if (sc) {
+ PR_REMOVE_LINK(&sc->link);
+ return sc;
+ }
+
+ return ssl_NewServerCert(&certType);
+}
+
+static void
+ssl_RemoveCertAndKeyByAuthType(sslSocket *ss, SSLAuthType authType)
+{
+ sslServerCert *sc;
+
+ sc = ssl_FindServerCertByAuthType(ss, authType);
+ if (sc) {
+ (void)ssl_PopulateServerCert(sc, NULL, NULL);
+ (void)ssl_PopulateKeyPair(sc, NULL);
+ /* Leave the entry linked here because the old API expects that. There
+ * might be OCSP stapling values or signed certificate timestamps still
+ * present that will subsequently be used. */
+ /* For ECC certificates, also leave the namedCurve parameter on the slot
+ * unchanged; the value will be updated when a key is added. */
+ }
+}
+
+static SECStatus
+ssl_AddCertAndKeyByAuthType(sslSocket *ss, SSLAuthType authType,
+ CERTCertificate *cert,
+ const CERTCertificateList *certChainOpt,
+ sslKeyPair *keyPair)
+{
+ sslServerCert *sc;
+ SECStatus rv;
+
+ if (!ssl_CertSuitableForAuthType(cert, authType)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ sc = ssl_FindOrMakeCertType(ss, authType);
+ if (!sc) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = ssl_PopulateKeyPair(sc, keyPair);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ /* Now that we have a key pair, update the details of the slot. Many of the
+ * legacy functions create a slot with a namedCurve of NULL, which
+ * makes the slot unusable; this corrects that. */
+ ssl_PopulateCertType(&sc->certType, authType, cert, keyPair);
+ rv = ssl_PopulateServerCert(sc, cert, certChainOpt);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+ PR_APPEND_LINK(&sc->link, &ss->serverCerts);
+ return ssl_OneTimeCertSetup(ss, sc);
+loser:
+ ssl_FreeServerCert(sc);
+ return SECFailure;
+}
+
+static SECStatus
+ssl_AddCertsByKEA(sslSocket *ss, CERTCertificate *cert,
+ const CERTCertificateList *certChainOpt,
+ SECKEYPrivateKey *key, SSLKEAType certType)
+{
+ SECKEYPublicKey *pubKey;
+ sslKeyPair *keyPair;
+ SECStatus rv;
+
+ pubKey = CERT_ExtractPublicKey(cert);
+ if (!pubKey) {
+ return SECFailure;
+ }
+
+ keyPair = ssl_MakeKeyPairForCert(key, pubKey);
+ if (!keyPair) {
+ /* Note: pubKey is adopted or freed by ssl_MakeKeyPairForCert()
+ * depending on whether it succeeds or not. */
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ switch (certType) {
+ case ssl_kea_rsa:
+ rv = ssl_AddCertAndKeyByAuthType(ss, ssl_auth_rsa_decrypt,
+ cert, certChainOpt, keyPair);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = ssl_AddCertAndKeyByAuthType(ss, ssl_auth_rsa_sign,
+ cert, certChainOpt, keyPair);
+ break;
+
+ case ssl_kea_dh:
+ rv = ssl_AddCertAndKeyByAuthType(ss, ssl_auth_dsa,
+ cert, certChainOpt, keyPair);
+ break;
+
+ case ssl_kea_ecdh:
+ rv = ssl_AddCertAndKeyByAuthType(ss, ssl_auth_ecdsa,
+ cert, certChainOpt, keyPair);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = ssl_AddCertAndKeyByAuthType(ss, ssl_GetEcdhAuthType(cert),
+ cert, certChainOpt, keyPair);
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+
+ ssl_FreeKeyPair(keyPair);
+ return rv;
+}
+
+/* Public deprecated function */
+SECStatus
+SSL_ConfigSecureServerWithCertChain(PRFileDesc *fd, CERTCertificate *cert,
+ const CERTCertificateList *certChainOpt,
+ SECKEYPrivateKey *key, SSLKEAType certType)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ return SECFailure;
+ }
+
+ if (!cert != !key) { /* Configure both, or neither */
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!cert) {
+ switch (certType) {
+ case ssl_kea_rsa:
+ ssl_RemoveCertAndKeyByAuthType(ss, ssl_auth_rsa_decrypt);
+ ssl_RemoveCertAndKeyByAuthType(ss, ssl_auth_rsa_sign);
+ break;
+
+ case ssl_kea_dh:
+ ssl_RemoveCertAndKeyByAuthType(ss, ssl_auth_dsa);
+ break;
+
+ case ssl_kea_ecdh:
+ ssl_RemoveCertAndKeyByAuthType(ss, ssl_auth_ecdsa);
+ ssl_RemoveCertAndKeyByAuthType(ss, ssl_auth_ecdh_rsa);
+ ssl_RemoveCertAndKeyByAuthType(ss, ssl_auth_ecdh_ecdsa);
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return SECSuccess;
+ }
+
+ return ssl_AddCertsByKEA(ss, cert, certChainOpt, key, certType);
+}
+
+static SECStatus
+ssl_SetOCSPResponsesInSlot(sslSocket *ss, SSLAuthType authType,
+ const SECItemArray *responses)
+{
+ sslServerCert *sc;
+ SECStatus rv;
+
+ sc = ssl_FindOrMakeCertType(ss, authType);
+ if (!sc) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = ssl_PopulateOCSPResponses(sc, responses);
+ if (rv == SECSuccess) {
+ PR_APPEND_LINK(&sc->link, &ss->serverCerts);
+ } else {
+ ssl_FreeServerCert(sc);
+ }
+ return rv;
+}
+
+/* Public deprecated function */
+SECStatus
+SSL_SetStapledOCSPResponses(PRFileDesc *fd, const SECItemArray *responses,
+ SSLKEAType certType)
+{
+ sslSocket *ss;
+ SECStatus rv;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetStapledOCSPResponses",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ switch (certType) {
+ case ssl_kea_rsa:
+ rv = ssl_SetOCSPResponsesInSlot(ss, ssl_auth_rsa_decrypt, responses);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ return ssl_SetOCSPResponsesInSlot(ss, ssl_auth_rsa_sign, responses);
+
+ case ssl_kea_dh:
+ return ssl_SetOCSPResponsesInSlot(ss, ssl_auth_dsa, responses);
+
+ case ssl_kea_ecdh:
+ rv = ssl_SetOCSPResponsesInSlot(ss, ssl_auth_ecdsa, responses);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = ssl_SetOCSPResponsesInSlot(ss, ssl_auth_ecdh_rsa, responses);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ return ssl_SetOCSPResponsesInSlot(ss, ssl_auth_ecdh_ecdsa, responses);
+
+ default:
+ SSL_DBG(("%d: SSL[%d]: invalid cert type in SSL_SetStapledOCSPResponses",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+}
+
+static SECStatus
+ssl_SetSignedTimestampsInSlot(sslSocket *ss, SSLAuthType authType,
+ const SECItem *scts)
+{
+ sslServerCert *sc;
+ SECStatus rv;
+
+ sc = ssl_FindOrMakeCertType(ss, authType);
+ if (!sc) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ rv = ssl_PopulateSignedCertTimestamps(sc, scts);
+ if (rv == SECSuccess) {
+ PR_APPEND_LINK(&sc->link, &ss->serverCerts);
+ } else {
+ ssl_FreeServerCert(sc);
+ }
+ return rv;
+}
+
+/* Public deprecated function */
+SECStatus
+SSL_SetSignedCertTimestamps(PRFileDesc *fd, const SECItem *scts,
+ SSLKEAType certType)
+{
+ sslSocket *ss;
+ SECStatus rv;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetSignedCertTimestamps",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ switch (certType) {
+ case ssl_kea_rsa:
+ rv = ssl_SetSignedTimestampsInSlot(ss, ssl_auth_rsa_decrypt, scts);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ return ssl_SetSignedTimestampsInSlot(ss, ssl_auth_rsa_sign, scts);
+
+ case ssl_kea_dh:
+ return ssl_SetSignedTimestampsInSlot(ss, ssl_auth_dsa, scts);
+
+ case ssl_kea_ecdh:
+ rv = ssl_SetSignedTimestampsInSlot(ss, ssl_auth_ecdsa, scts);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = ssl_SetSignedTimestampsInSlot(ss, ssl_auth_ecdh_rsa, scts);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ return ssl_SetSignedTimestampsInSlot(ss, ssl_auth_ecdh_ecdsa, scts);
+
+ default:
+ SSL_DBG(("%d: SSL[%d]: invalid cert type in SSL_SetSignedCertTimestamps",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+}
+
+/* Public deprecated function. */
+SSLKEAType
+NSS_FindCertKEAType(CERTCertificate *cert)
+{
+ int tag;
+
+ if (!cert)
+ return ssl_kea_null;
+
+ tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
+ switch (tag) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ return ssl_kea_rsa;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE: /* hah, signature, not a key? */
+ case SEC_OID_X942_DIFFIE_HELMAN_KEY:
+ return ssl_kea_dh;
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ return ssl_kea_ecdh;
+ default:
+ return ssl_kea_null;
+ }
+}
diff --git a/security/nss/lib/ssl/sslcert.h b/security/nss/lib/ssl/sslcert.h
new file mode 100644
index 000000000..052c7d6db
--- /dev/null
+++ b/security/nss/lib/ssl/sslcert.h
@@ -0,0 +1,59 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __sslcert_h_
+#define __sslcert_h_
+
+#include "cert.h"
+#include "secitem.h"
+#include "keyhi.h"
+
+/* The following struct identifies a single slot into which a certificate can be
+** loaded. The authType field determines the basic slot, then additional
+** parameters further narrow the slot.
+**
+** An EC key (ssl_auth_ecdsa or ssl_auth_ecdh_*) is assigned to a slot based on
+** the named curve of the key.
+*/
+typedef struct sslServerCertTypeStr {
+ SSLAuthType authType;
+ /* For ssl_auth_ecdsa and ssl_auth_ecdh_*. This is only the named curve
+ * of the end-entity certificate key. The keys in other certificates in
+ * the chain aren't directly relevant to the operation of TLS (though it
+ * might make certificate validation difficult, libssl doesn't care). */
+ const sslNamedGroupDef *namedCurve;
+} sslServerCertType;
+
+typedef struct sslServerCertStr {
+ PRCList link; /* The linked list link */
+
+ sslServerCertType certType; /* The certificate slot this occupies */
+
+ /* Configuration state for server sockets */
+ CERTCertificate *serverCert;
+ CERTCertificateList *serverCertChain;
+ sslKeyPair *serverKeyPair;
+ unsigned int serverKeyBits;
+ /* Each certificate needs its own status. */
+ SECItemArray *certStatusArray;
+ /* Serialized signed certificate timestamps to be sent to the client
+ ** in a TLS extension (server only). Each certificate needs its own
+ ** timestamps item.
+ */
+ SECItem signedCertTimestamps;
+} sslServerCert;
+
+extern sslServerCert *ssl_NewServerCert(const sslServerCertType *slot);
+extern sslServerCert *ssl_CopyServerCert(const sslServerCert *oc);
+extern sslServerCert *ssl_FindServerCert(const sslSocket *ss,
+ const sslServerCertType *slot);
+extern sslServerCert *ssl_FindServerCertByAuthType(const sslSocket *ss,
+ SSLAuthType authType);
+extern void ssl_FreeServerCert(sslServerCert *sc);
+
+#endif /* __sslcert_h_ */
diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c
new file mode 100644
index 000000000..448170640
--- /dev/null
+++ b/security/nss/lib/ssl/sslcon.c
@@ -0,0 +1,264 @@
+/*
+ * Basic SSL handshake functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssrenam.h"
+#include "cert.h"
+#include "secitem.h"
+#include "sechash.h"
+#include "cryptohi.h" /* for SGN_ funcs */
+#include "keyhi.h" /* for SECKEY_ high level functions. */
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "ssl3prot.h"
+#include "sslerr.h"
+#include "pk11func.h"
+#include "prinit.h"
+#include "prtime.h" /* for PR_Now() */
+
+/*
+** Put a string tag in the library so that we can examine an executable
+** and see what kind of security it supports.
+*/
+const char *ssl_version = "SECURITY_VERSION:"
+ " +us"
+ " +export"
+#ifdef TRACE
+ " +trace"
+#endif
+#ifdef DEBUG
+ " +debug"
+#endif
+ ;
+
+/***********************************************************************
+ * Gathers in and handles records/messages until either the handshake is
+ * complete or application data is available.
+ *
+ * Called from ssl_Do1stHandshake() via function pointer ss->handshake.
+ * Caller must hold handshake lock.
+ * This function acquires and releases the RecvBufLock.
+ *
+ * returns SECSuccess for success.
+ * returns SECWouldBlock when that value is returned by
+ * ssl3_GatherCompleteHandshake().
+ * returns SECFailure on all other errors.
+ *
+ * The gather functions called by ssl_GatherRecord1stHandshake are expected
+ * to return values interpreted as follows:
+ * 1 : the function completed without error.
+ * 0 : the function read EOF.
+ * -1 : read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
+ * -2 : the function wants ssl_GatherRecord1stHandshake to be called again
+ * immediately, by ssl_Do1stHandshake.
+ *
+ * This code is similar to, and easily confused with, DoRecv() in sslsecur.c
+ *
+ * This function is called from ssl_Do1stHandshake().
+ * The following functions put ssl_GatherRecord1stHandshake into ss->handshake:
+ * ssl_BeginClientHandshake
+ * ssl3_RestartHandshakeAfterCertReq
+ * ssl3_RestartHandshakeAfterServerCert
+ * ssl_BeginServerHandshake
+ */
+SECStatus
+ssl_GatherRecord1stHandshake(sslSocket *ss)
+{
+ int rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+
+ ssl_GetRecvBufLock(ss);
+
+ /* Wait for handshake to complete, or application data to arrive. */
+ rv = ssl3_GatherCompleteHandshake(ss, 0);
+ SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d",
+ SSL_GETPID(), ss->fd, rv));
+
+ ssl_ReleaseRecvBufLock(ss);
+
+ if (rv <= 0) {
+ if (rv == SECWouldBlock) {
+ /* Progress is blocked waiting for callback completion. */
+ SSL_TRC(10, ("%d: SSL[%d]: handshake blocked (need %d)",
+ SSL_GETPID(), ss->fd, ss->gs.remainder));
+ return SECWouldBlock;
+ }
+ if (rv == 0) {
+ /* EOF. Loser */
+ PORT_SetError(PR_END_OF_FILE_ERROR);
+ }
+ return SECFailure; /* rv is < 0 here. */
+ }
+
+ ss->handshake = NULL;
+ return SECSuccess;
+}
+
+/* This function is called at the beginning of a handshake to ensure that at
+ * least one SSL/TLS version is enabled. */
+static SECStatus
+ssl_CheckConfigSanity(sslSocket *ss)
+{
+ if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
+ SSL_DBG(("%d: SSL[%d]: Can't handshake! all versions disabled.",
+ SSL_GETPID(), ss->fd));
+ PORT_SetError(SSL_ERROR_SSL_DISABLED);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* Sends out the initial client Hello message on the connection.
+ * Acquires and releases the socket's xmitBufLock.
+ */
+SECStatus
+ssl_BeginClientHandshake(sslSocket *ss)
+{
+ sslSessionID *sid;
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+
+ ss->sec.isServer = PR_FALSE;
+ ssl_ChooseSessionIDProcs(&ss->sec);
+
+ rv = ssl_CheckConfigSanity(ss);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Get peer name of server */
+ rv = ssl_GetPeerInfo(ss);
+ if (rv < 0) {
+#ifdef HPUX11
+ /*
+ * On some HP-UX B.11.00 systems, getpeername() occasionally
+ * fails with ENOTCONN after a successful completion of
+ * non-blocking connect. I found that if we do a write()
+ * and then retry getpeername(), it will work.
+ */
+ if (PR_GetError() == PR_NOT_CONNECTED_ERROR) {
+ char dummy;
+ (void)PR_Write(ss->fd->lower, &dummy, 0);
+ rv = ssl_GetPeerInfo(ss);
+ if (rv < 0) {
+ goto loser;
+ }
+ }
+#else
+ goto loser;
+#endif
+ }
+
+ SSL_TRC(3, ("%d: SSL[%d]: sending client-hello", SSL_GETPID(), ss->fd));
+
+ /* Try to find server in our session-id cache */
+ if (ss->opt.noCache) {
+ sid = NULL;
+ } else {
+ sid = ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID,
+ ss->url);
+ }
+ if (sid) {
+ if (sid->version >= ss->vrange.min && sid->version <= ss->vrange.max) {
+ PORT_Assert(!ss->sec.localCert);
+ ss->sec.localCert = CERT_DupCertificate(sid->localCert);
+ } else {
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ sid = NULL;
+ }
+ }
+ if (!sid) {
+ sid = PORT_ZNew(sslSessionID);
+ if (!sid) {
+ goto loser;
+ }
+ sid->references = 1;
+ sid->cached = never_cached;
+ sid->addr = ss->sec.ci.peer;
+ sid->port = ss->sec.ci.port;
+ if (ss->peerID != NULL) {
+ sid->peerID = PORT_Strdup(ss->peerID);
+ }
+ if (ss->url != NULL) {
+ sid->urlSvrName = PORT_Strdup(ss->url);
+ }
+ }
+ ss->sec.ci.sid = sid;
+
+ PORT_Assert(sid != NULL);
+
+ ss->gs.state = GS_INIT;
+ ss->handshake = ssl_GatherRecord1stHandshake;
+
+ /* ssl3_SendClientHello will override this if it succeeds. */
+ ss->version = SSL_LIBRARY_VERSION_3_0;
+
+ ssl_GetSSL3HandshakeLock(ss);
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_SendClientHello(ss, client_hello_initial);
+ ssl_ReleaseXmitBufLock(ss);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+
+ return rv;
+
+loser:
+ return SECFailure;
+}
+
+SECStatus
+ssl_BeginServerHandshake(sslSocket *ss)
+{
+ SECStatus rv;
+
+ ss->sec.isServer = PR_TRUE;
+ ss->ssl3.hs.ws = wait_client_hello;
+ ssl_ChooseSessionIDProcs(&ss->sec);
+
+ rv = ssl_CheckConfigSanity(ss);
+ if (rv != SECSuccess)
+ goto loser;
+
+ ss->handshake = ssl_GatherRecord1stHandshake;
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+/* This function doesn't really belong in this file.
+** It's here to keep AIX compilers from optimizing it away,
+** and not including it in the DSO.
+*/
+
+#include "nss.h"
+extern const char __nss_ssl_version[];
+
+PRBool
+NSSSSL_VersionCheck(const char *importedVersion)
+{
+#define NSS_VERSION_VARIABLE __nss_ssl_version
+#include "verref.h"
+
+ /*
+ * This is the secret handshake algorithm.
+ *
+ * This release has a simple version compatibility
+ * check algorithm. This release is not backward
+ * compatible with previous major releases. It is
+ * not compatible with future major, minor, or
+ * patch releases.
+ */
+ return NSS_VersionCheck(importedVersion);
+}
+
+const char *
+NSSSSL_GetVersion(void)
+{
+ return NSS_VERSION;
+}
diff --git a/security/nss/lib/ssl/ssldef.c b/security/nss/lib/ssl/ssldef.c
new file mode 100644
index 000000000..77a744cc7
--- /dev/null
+++ b/security/nss/lib/ssl/ssldef.c
@@ -0,0 +1,224 @@
+/*
+ * "Default" SSLSocket methods, used by sockets that do neither SSL nor socks.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "ssl.h"
+#include "sslimpl.h"
+
+#if defined(WIN32)
+#define MAP_ERROR(from, to) \
+ if (err == from) { \
+ PORT_SetError(to); \
+ }
+#define DEFINE_ERROR PRErrorCode err = PR_GetError();
+#else
+#define MAP_ERROR(from, to)
+#define DEFINE_ERROR
+#endif
+
+int
+ssl_DefConnect(sslSocket *ss, const PRNetAddr *sa)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->connect(lower, sa, ss->cTimeout);
+ return rv;
+}
+
+int
+ssl_DefBind(sslSocket *ss, const PRNetAddr *addr)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->bind(lower, addr);
+ return rv;
+}
+
+int
+ssl_DefListen(sslSocket *ss, int backlog)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->listen(lower, backlog);
+ return rv;
+}
+
+int
+ssl_DefShutdown(sslSocket *ss, int how)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->shutdown(lower, how);
+ return rv;
+}
+
+int
+ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->recv(lower, (void *)buf, len, flags, ss->rTimeout);
+ if (rv < 0) {
+ DEFINE_ERROR
+ MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
+ } else if (rv > len) {
+ PORT_Assert(rv <= len);
+ PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+/* Default (unencrypted) send.
+ * For blocking sockets, always returns len or SECFailure, no short writes.
+ * For non-blocking sockets:
+ * Returns positive count if any data was written, else returns SECFailure.
+ * Short writes may occur. Does not return SECWouldBlock.
+ */
+int
+ssl_DefSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int sent = 0;
+
+#if NSS_DISABLE_NAGLE_DELAYS
+ /* Although this is overkill, we disable Nagle delays completely for
+ ** SSL sockets.
+ */
+ if (ss->opt.useSecurity && !ss->delayDisabled) {
+ ssl_EnableNagleDelay(ss, PR_FALSE); /* ignore error */
+ ss->delayDisabled = 1;
+ }
+#endif
+ do {
+ int rv = lower->methods->send(lower, (const void *)(buf + sent),
+ len - sent, flags, ss->wTimeout);
+ if (rv < 0) {
+ PRErrorCode err = PR_GetError();
+ if (err == PR_WOULD_BLOCK_ERROR) {
+ ss->lastWriteBlocked = 1;
+ return sent ? sent : SECFailure;
+ }
+ ss->lastWriteBlocked = 0;
+ MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
+ /* Loser */
+ return rv;
+ }
+ sent += rv;
+
+ if (IS_DTLS(ss) && (len > sent)) {
+ /* We got a partial write so just return it */
+ return sent;
+ }
+ } while (len > sent);
+ ss->lastWriteBlocked = 0;
+ return sent;
+}
+
+int
+ssl_DefRead(sslSocket *ss, unsigned char *buf, int len)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->read(lower, (void *)buf, len);
+ if (rv < 0) {
+ DEFINE_ERROR
+ MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
+ }
+ return rv;
+}
+
+int
+ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int sent = 0;
+
+ do {
+ int rv = lower->methods->write(lower, (const void *)(buf + sent),
+ len - sent);
+ if (rv < 0) {
+ PRErrorCode err = PR_GetError();
+ if (err == PR_WOULD_BLOCK_ERROR) {
+ ss->lastWriteBlocked = 1;
+ return sent ? sent : SECFailure;
+ }
+ ss->lastWriteBlocked = 0;
+ MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
+ /* Loser */
+ return rv;
+ }
+ sent += rv;
+ } while (len > sent);
+ ss->lastWriteBlocked = 0;
+ return sent;
+}
+
+int
+ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->getpeername(lower, name);
+ return rv;
+}
+
+int
+ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name)
+{
+ PRFileDesc *lower = ss->fd->lower;
+ int rv;
+
+ rv = lower->methods->getsockname(lower, name);
+ return rv;
+}
+
+int
+ssl_DefClose(sslSocket *ss)
+{
+ PRFileDesc *fd;
+ PRFileDesc *popped;
+ int rv;
+
+ fd = ss->fd;
+
+ /* First, remove the SSL layer PRFileDesc from the socket's stack,
+ ** then invoke the SSL layer's PRFileDesc destructor.
+ ** This must happen before the next layer down is closed.
+ */
+ PORT_Assert(fd->higher == NULL);
+ if (fd->higher) {
+ PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
+ return SECFailure;
+ }
+ ss->fd = NULL;
+
+ /* PR_PopIOLayer will swap the contents of the top two PRFileDescs on
+ ** the stack, and then remove the second one. This way, the address
+ ** of the PRFileDesc on the top of the stack doesn't change.
+ */
+ popped = PR_PopIOLayer(fd, PR_TOP_IO_LAYER);
+ popped->dtor(popped);
+
+ /* fd is now the PRFileDesc for the next layer down.
+ ** Now close the underlying socket.
+ */
+ rv = fd->methods->close(fd);
+
+ ssl_FreeSocket(ss);
+
+ SSL_TRC(5, ("%d: SSL[%d]: closing, rv=%d errno=%d",
+ SSL_GETPID(), fd, rv, PORT_GetError()));
+ return rv;
+}
diff --git a/security/nss/lib/ssl/sslenum.c b/security/nss/lib/ssl/sslenum.c
new file mode 100644
index 000000000..b5272d4a8
--- /dev/null
+++ b/security/nss/lib/ssl/sslenum.c
@@ -0,0 +1,157 @@
+/*
+ * Table enumerating all implemented cipher suites
+ * Part of public API.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ssl.h"
+#include "sslproto.h"
+
+/*
+ * The ordering of cipher suites in this table must match the ordering in
+ * the cipherSuites table in ssl3con.c.
+ *
+ * If new ECC cipher suites are added, also update the ssl3CipherSuite arrays
+ * in ssl3ecc.c.
+ *
+ * Finally, update the ssl_V3_SUITES_IMPLEMENTED macro in sslimpl.h.
+ *
+ * The ordering is as follows:
+ * * No-encryption cipher suites last
+ * * Export/weak/obsolete cipher suites before no-encryption cipher suites
+ * * Order by key exchange algorithm: ECDHE, then DHE, then ECDH, RSA.
+ * * Within key agreement sections, prefer AEAD over non-AEAD cipher suites.
+ * * Within AEAD sections, order by symmetric encryption algorithm which
+ * integrates message authentication algorithm: AES-128-GCM, then
+ * ChaCha20-Poly1305, then AES-256-GCM,
+ * * Within non-AEAD sections, order by symmetric encryption algorithm:
+ * AES-128, then Camellia-128, then AES-256, then Camellia-256, then SEED,
+ * then FIPS-3DES, then 3DES, then RC4. AES is commonly accepted as a
+ * strong cipher internationally, and is often hardware-accelerated.
+ * Camellia also has wide international support across standards
+ * organizations. SEED is only recommended by the Korean government. 3DES
+ * only provides 112 bits of security. RC4 is now deprecated or forbidden
+ * by many standards organizations.
+ * * Within non-AEAD symmetric algorithm sections, order by message
+ * authentication algorithm: HMAC-SHA256, then HMAC-SHA384, then HMAC-SHA1,
+ * then HMAC-MD5.
+ * * Within symmetric algorithm sections, order by message authentication
+ * algorithm: GCM, then HMAC-SHA1, then HMAC-SHA256, then HMAC-MD5.
+ * * Within message authentication algorithm sections, order by asymmetric
+ * signature algorithm: ECDSA, then RSA, then DSS.
+ * * As a special case, the PSK ciphers, which are only enabled when
+ * TLS 1.3 PSK-resumption is in use, come first.
+ *
+ * Exception: Because some servers ignore the high-order byte of the cipher
+ * suite ID, we must be careful about adding cipher suites with IDs larger
+ * than 0x00ff; see bug 946147. For these broken servers, the first three
+ * cipher suites, with the MSB zeroed, look like:
+ * TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F }
+ * TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }
+ * TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 }
+ * The broken server only supports the third and fourth ones and will select
+ * the third one.
+ */
+const PRUint16 SSL_ImplementedCiphers[] = {
+ TLS_AES_128_GCM_SHA256,
+ TLS_CHACHA20_POLY1305_SHA256,
+ TLS_AES_256_GCM_SHA384,
+
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before
+ * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.
+ */
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS_DHE_DSS_WITH_RC4_128_SHA,
+
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDH_RSA_WITH_RC4_128_SHA,
+
+ TLS_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_RSA_WITH_AES_128_CBC_SHA,
+ TLS_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS_RSA_WITH_AES_256_CBC_SHA,
+ TLS_RSA_WITH_AES_256_CBC_SHA256,
+ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS_RSA_WITH_SEED_CBC_SHA,
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_RSA_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_MD5,
+
+ /* 56-bit DES "domestic" cipher suites */
+ TLS_DHE_RSA_WITH_DES_CBC_SHA,
+ TLS_DHE_DSS_WITH_DES_CBC_SHA,
+ TLS_RSA_WITH_DES_CBC_SHA,
+
+ /* ciphersuites with no encryption */
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA,
+ TLS_ECDHE_RSA_WITH_NULL_SHA,
+ TLS_ECDH_RSA_WITH_NULL_SHA,
+ TLS_ECDH_ECDSA_WITH_NULL_SHA,
+ TLS_RSA_WITH_NULL_SHA,
+ TLS_RSA_WITH_NULL_SHA256,
+ TLS_RSA_WITH_NULL_MD5,
+
+ 0
+};
+
+const PRUint16 SSL_NumImplementedCiphers =
+ (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
+
+const PRUint16*
+SSL_GetImplementedCiphers(void)
+{
+ return SSL_ImplementedCiphers;
+}
+
+PRUint16
+SSL_GetNumImplementedCiphers(void)
+{
+ return SSL_NumImplementedCiphers;
+}
diff --git a/security/nss/lib/ssl/sslerr.c b/security/nss/lib/ssl/sslerr.c
new file mode 100644
index 000000000..edb941257
--- /dev/null
+++ b/security/nss/lib/ssl/sslerr.c
@@ -0,0 +1,41 @@
+/*
+ * Function to set error code only when meaningful error has not already
+ * been set.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prerror.h"
+#include "secerr.h"
+#include "sslerr.h"
+#include "seccomon.h"
+
+/* look at the current value of PR_GetError, and evaluate it to see
+ * if it is meaningful or meaningless (out of context).
+ * If it is meaningless, replace it with the hiLevelError.
+ * Returns the chosen error value.
+ */
+int
+ssl_MapLowLevelError(int hiLevelError)
+{
+ int oldErr = PORT_GetError();
+
+ switch (oldErr) {
+
+ case 0:
+ case PR_IO_ERROR:
+ case SEC_ERROR_IO:
+ case SEC_ERROR_BAD_DATA:
+ case SEC_ERROR_LIBRARY_FAILURE:
+ case SEC_ERROR_EXTENSION_NOT_FOUND:
+ case SSL_ERROR_BAD_CLIENT:
+ case SSL_ERROR_BAD_SERVER:
+ case SSL_ERROR_SESSION_NOT_FOUND:
+ PORT_SetError(hiLevelError);
+ return hiLevelError;
+
+ default: /* leave the majority of error codes alone. */
+ return oldErr;
+ }
+}
diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h
new file mode 100644
index 000000000..751c33541
--- /dev/null
+++ b/security/nss/lib/ssl/sslerr.h
@@ -0,0 +1,253 @@
+/*
+ * Enumeration of all SSL-specific error codes.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef __SSL_ERR_H_
+#define __SSL_ERR_H_
+
+/* clang-format off */
+
+#define SSL_ERROR_BASE (-0x3000)
+#define SSL_ERROR_LIMIT (SSL_ERROR_BASE + 1000)
+
+#define IS_SSL_ERROR(code) \
+ (((code) >= SSL_ERROR_BASE) && ((code) < SSL_ERROR_LIMIT))
+
+#ifndef NO_SECURITY_ERROR_ENUM
+typedef enum {
+ SSL_ERROR_EXPORT_ONLY_SERVER = (SSL_ERROR_BASE + 0),
+ /* error 0 is obsolete */
+ SSL_ERROR_US_ONLY_SERVER = (SSL_ERROR_BASE + 1),
+ /* error 1 is obsolete */
+ SSL_ERROR_NO_CYPHER_OVERLAP = (SSL_ERROR_BASE + 2),
+ /*
+ * Received an alert reporting what we did wrong. (more alerts below)
+ */
+ SSL_ERROR_NO_CERTIFICATE /*_ALERT */ = (SSL_ERROR_BASE + 3),
+ SSL_ERROR_BAD_CERTIFICATE = (SSL_ERROR_BASE + 4),
+ /* error 4 is obsolete */
+ SSL_ERROR_UNUSED_5 = (SSL_ERROR_BASE + 5),
+ /* error 5 is obsolete */
+ SSL_ERROR_BAD_CLIENT = (SSL_ERROR_BASE + 6),
+ SSL_ERROR_BAD_SERVER = (SSL_ERROR_BASE + 7),
+ SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = (SSL_ERROR_BASE + 8),
+ /* error 8 is obsolete */
+ SSL_ERROR_UNSUPPORTED_VERSION = (SSL_ERROR_BASE + 9),
+ SSL_ERROR_UNUSED_10 = (SSL_ERROR_BASE + 10),
+ /* error 10 is obsolete */
+ SSL_ERROR_WRONG_CERTIFICATE = (SSL_ERROR_BASE + 11),
+ /* error 11 is obsolete */
+ SSL_ERROR_BAD_CERT_DOMAIN = (SSL_ERROR_BASE + 12),
+ SSL_ERROR_POST_WARNING = (SSL_ERROR_BASE + 13),
+ /* error 13 is obsolete */
+ SSL_ERROR_SSL2_DISABLED = (SSL_ERROR_BASE + 14),
+ /* error 14 is obsolete */
+ SSL_ERROR_BAD_MAC_READ = (SSL_ERROR_BASE + 15),
+ /*
+ * Received an alert reporting what we did wrong.
+ * (two more alerts above, and many more below)
+ */
+ SSL_ERROR_BAD_MAC_ALERT = (SSL_ERROR_BASE + 16),
+ SSL_ERROR_BAD_CERT_ALERT = (SSL_ERROR_BASE + 17),
+ SSL_ERROR_REVOKED_CERT_ALERT = (SSL_ERROR_BASE + 18),
+ SSL_ERROR_EXPIRED_CERT_ALERT = (SSL_ERROR_BASE + 19),
+
+ SSL_ERROR_SSL_DISABLED = (SSL_ERROR_BASE + 20),
+ SSL_ERROR_FORTEZZA_PQG = (SSL_ERROR_BASE + 21),
+ /* error 21 is obsolete */
+ SSL_ERROR_UNKNOWN_CIPHER_SUITE = (SSL_ERROR_BASE + 22),
+ SSL_ERROR_NO_CIPHERS_SUPPORTED = (SSL_ERROR_BASE + 23),
+ SSL_ERROR_BAD_BLOCK_PADDING = (SSL_ERROR_BASE + 24),
+ SSL_ERROR_RX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 25),
+ SSL_ERROR_TX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 26),
+ /*
+ * Received a malformed (too long or short) SSL handshake.
+ */
+ SSL_ERROR_RX_MALFORMED_HELLO_REQUEST = (SSL_ERROR_BASE + 27),
+ SSL_ERROR_RX_MALFORMED_CLIENT_HELLO = (SSL_ERROR_BASE + 28),
+ SSL_ERROR_RX_MALFORMED_SERVER_HELLO = (SSL_ERROR_BASE + 29),
+ SSL_ERROR_RX_MALFORMED_CERTIFICATE = (SSL_ERROR_BASE + 30),
+ SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 31),
+ SSL_ERROR_RX_MALFORMED_CERT_REQUEST = (SSL_ERROR_BASE + 32),
+ SSL_ERROR_RX_MALFORMED_HELLO_DONE = (SSL_ERROR_BASE + 33),
+ SSL_ERROR_RX_MALFORMED_CERT_VERIFY = (SSL_ERROR_BASE + 34),
+ SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 35),
+ SSL_ERROR_RX_MALFORMED_FINISHED = (SSL_ERROR_BASE + 36),
+ /*
+ * Received a malformed (too long or short) SSL record.
+ */
+ SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER = (SSL_ERROR_BASE + 37),
+ SSL_ERROR_RX_MALFORMED_ALERT = (SSL_ERROR_BASE + 38),
+ SSL_ERROR_RX_MALFORMED_HANDSHAKE = (SSL_ERROR_BASE + 39),
+ SSL_ERROR_RX_MALFORMED_APPLICATION_DATA = (SSL_ERROR_BASE + 40),
+ /*
+ * Received an SSL handshake that was inappropriate for the state we're in.
+ * E.g. Server received message from server, or wrong state in state machine.
+ */
+ SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST = (SSL_ERROR_BASE + 41),
+ SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO = (SSL_ERROR_BASE + 42),
+ SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO = (SSL_ERROR_BASE + 43),
+ SSL_ERROR_RX_UNEXPECTED_CERTIFICATE = (SSL_ERROR_BASE + 44),
+ SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 45),
+ SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST = (SSL_ERROR_BASE + 46),
+ SSL_ERROR_RX_UNEXPECTED_HELLO_DONE = (SSL_ERROR_BASE + 47),
+ SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY = (SSL_ERROR_BASE + 48),
+ SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 49),
+ SSL_ERROR_RX_UNEXPECTED_FINISHED = (SSL_ERROR_BASE + 50),
+ /*
+ * Received an SSL record that was inappropriate for the state we're in.
+ */
+ SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER = (SSL_ERROR_BASE + 51),
+ SSL_ERROR_RX_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 52),
+ SSL_ERROR_RX_UNEXPECTED_HANDSHAKE = (SSL_ERROR_BASE + 53),
+ SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA = (SSL_ERROR_BASE + 54),
+ /*
+ * Received record/message with unknown discriminant.
+ */
+ SSL_ERROR_RX_UNKNOWN_RECORD_TYPE = (SSL_ERROR_BASE + 55),
+ SSL_ERROR_RX_UNKNOWN_HANDSHAKE = (SSL_ERROR_BASE + 56),
+ SSL_ERROR_RX_UNKNOWN_ALERT = (SSL_ERROR_BASE + 57),
+ /*
+ * Received an alert reporting what we did wrong. (more alerts above)
+ */
+ SSL_ERROR_CLOSE_NOTIFY_ALERT = (SSL_ERROR_BASE + 58),
+ SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 59),
+ SSL_ERROR_DECOMPRESSION_FAILURE_ALERT = (SSL_ERROR_BASE + 60),
+ SSL_ERROR_HANDSHAKE_FAILURE_ALERT = (SSL_ERROR_BASE + 61),
+ SSL_ERROR_ILLEGAL_PARAMETER_ALERT = (SSL_ERROR_BASE + 62),
+ SSL_ERROR_UNSUPPORTED_CERT_ALERT = (SSL_ERROR_BASE + 63),
+ SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT = (SSL_ERROR_BASE + 64),
+
+ SSL_ERROR_GENERATE_RANDOM_FAILURE = (SSL_ERROR_BASE + 65),
+ SSL_ERROR_SIGN_HASHES_FAILURE = (SSL_ERROR_BASE + 66),
+ SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE = (SSL_ERROR_BASE + 67),
+ SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 68),
+ SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 69),
+
+ SSL_ERROR_ENCRYPTION_FAILURE = (SSL_ERROR_BASE + 70),
+ SSL_ERROR_DECRYPTION_FAILURE = (SSL_ERROR_BASE + 71),
+ /* error 71 is obsolete */
+ SSL_ERROR_SOCKET_WRITE_FAILURE = (SSL_ERROR_BASE + 72),
+
+ SSL_ERROR_MD5_DIGEST_FAILURE = (SSL_ERROR_BASE + 73),
+ SSL_ERROR_SHA_DIGEST_FAILURE = (SSL_ERROR_BASE + 74),
+ SSL_ERROR_MAC_COMPUTATION_FAILURE = (SSL_ERROR_BASE + 75),
+ SSL_ERROR_SYM_KEY_CONTEXT_FAILURE = (SSL_ERROR_BASE + 76),
+ SSL_ERROR_SYM_KEY_UNWRAP_FAILURE = (SSL_ERROR_BASE + 77),
+ SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED = (SSL_ERROR_BASE + 78),
+ /* error 78 is obsolete */
+ SSL_ERROR_IV_PARAM_FAILURE = (SSL_ERROR_BASE + 79),
+ SSL_ERROR_INIT_CIPHER_SUITE_FAILURE = (SSL_ERROR_BASE + 80),
+ SSL_ERROR_SESSION_KEY_GEN_FAILURE = (SSL_ERROR_BASE + 81),
+ SSL_ERROR_NO_SERVER_KEY_FOR_ALG = (SSL_ERROR_BASE + 82),
+ SSL_ERROR_TOKEN_INSERTION_REMOVAL = (SSL_ERROR_BASE + 83),
+ SSL_ERROR_TOKEN_SLOT_NOT_FOUND = (SSL_ERROR_BASE + 84),
+ SSL_ERROR_NO_COMPRESSION_OVERLAP = (SSL_ERROR_BASE + 85),
+ SSL_ERROR_HANDSHAKE_NOT_COMPLETED = (SSL_ERROR_BASE + 86),
+ SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE = (SSL_ERROR_BASE + 87),
+ SSL_ERROR_CERT_KEA_MISMATCH = (SSL_ERROR_BASE + 88),
+ SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA = (SSL_ERROR_BASE + 89),
+ /* error 89 is obsolete */
+ SSL_ERROR_SESSION_NOT_FOUND = (SSL_ERROR_BASE + 90),
+
+ SSL_ERROR_DECRYPTION_FAILED_ALERT = (SSL_ERROR_BASE + 91),
+ SSL_ERROR_RECORD_OVERFLOW_ALERT = (SSL_ERROR_BASE + 92),
+ SSL_ERROR_UNKNOWN_CA_ALERT = (SSL_ERROR_BASE + 93),
+ SSL_ERROR_ACCESS_DENIED_ALERT = (SSL_ERROR_BASE + 94),
+ SSL_ERROR_DECODE_ERROR_ALERT = (SSL_ERROR_BASE + 95),
+ SSL_ERROR_DECRYPT_ERROR_ALERT = (SSL_ERROR_BASE + 96),
+ SSL_ERROR_EXPORT_RESTRICTION_ALERT = (SSL_ERROR_BASE + 97),
+ SSL_ERROR_PROTOCOL_VERSION_ALERT = (SSL_ERROR_BASE + 98),
+ SSL_ERROR_INSUFFICIENT_SECURITY_ALERT = (SSL_ERROR_BASE + 99),
+ SSL_ERROR_INTERNAL_ERROR_ALERT = (SSL_ERROR_BASE + 100),
+ SSL_ERROR_USER_CANCELED_ALERT = (SSL_ERROR_BASE + 101),
+ SSL_ERROR_NO_RENEGOTIATION_ALERT = (SSL_ERROR_BASE + 102),
+
+ SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED = (SSL_ERROR_BASE + 103),
+
+ SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT = (SSL_ERROR_BASE + 104),
+ SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT = (SSL_ERROR_BASE + 105),
+ SSL_ERROR_UNRECOGNIZED_NAME_ALERT = (SSL_ERROR_BASE + 106),
+ SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT = (SSL_ERROR_BASE + 107),
+ SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT = (SSL_ERROR_BASE + 108),
+
+ SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 109),
+ SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 110),
+
+ SSL_ERROR_DECOMPRESSION_FAILURE = (SSL_ERROR_BASE + 111),
+ SSL_ERROR_RENEGOTIATION_NOT_ALLOWED = (SSL_ERROR_BASE + 112),
+ SSL_ERROR_UNSAFE_NEGOTIATION = (SSL_ERROR_BASE + 113),
+
+ SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD = (SSL_ERROR_BASE + 114),
+
+ SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY = (SSL_ERROR_BASE + 115),
+
+ SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID = (SSL_ERROR_BASE + 116),
+
+ SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2 = (SSL_ERROR_BASE + 117),
+ /* error 117 is obsolete */
+ SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS = (SSL_ERROR_BASE + 118),
+ SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS = (SSL_ERROR_BASE + 119),
+
+ SSL_ERROR_INVALID_VERSION_RANGE = (SSL_ERROR_BASE + 120),
+ SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION = (SSL_ERROR_BASE + 121),
+
+ SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST = (SSL_ERROR_BASE + 122),
+ SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST = (SSL_ERROR_BASE + 123),
+
+ SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION = (SSL_ERROR_BASE + 124),
+
+ SSL_ERROR_RX_UNEXPECTED_CERT_STATUS = (SSL_ERROR_BASE + 125),
+
+ SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM = (SSL_ERROR_BASE + 126),
+ SSL_ERROR_DIGEST_FAILURE = (SSL_ERROR_BASE + 127),
+ SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE + 128),
+
+ SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK = (SSL_ERROR_BASE + 129),
+ SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL = (SSL_ERROR_BASE + 130),
+
+ SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT = (SSL_ERROR_BASE + 131),
+
+ SSL_ERROR_WEAK_SERVER_CERT_KEY = (SSL_ERROR_BASE + 132),
+
+ SSL_ERROR_RX_SHORT_DTLS_READ = (SSL_ERROR_BASE + 133),
+
+ SSL_ERROR_NO_SUPPORTED_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE + 134),
+ SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE + 135),
+
+ SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET = (SSL_ERROR_BASE + 136),
+ SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET = (SSL_ERROR_BASE + 137),
+
+ SSL_ERROR_RX_MALFORMED_KEY_SHARE = (SSL_ERROR_BASE + 138),
+ SSL_ERROR_MISSING_KEY_SHARE = (SSL_ERROR_BASE + 139),
+ SSL_ERROR_RX_MALFORMED_ECDHE_KEY_SHARE = (SSL_ERROR_BASE + 140),
+ SSL_ERROR_RX_MALFORMED_DHE_KEY_SHARE = (SSL_ERROR_BASE + 141),
+
+ SSL_ERROR_RX_UNEXPECTED_ENCRYPTED_EXTENSIONS = (SSL_ERROR_BASE + 142),
+ SSL_ERROR_MISSING_EXTENSION_ALERT = (SSL_ERROR_BASE + 143),
+
+ SSL_ERROR_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 144),
+ SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION = (SSL_ERROR_BASE + 145),
+ SSL_ERROR_RX_MALFORMED_ENCRYPTED_EXTENSIONS = (SSL_ERROR_BASE + 146),
+ SSL_ERROR_MALFORMED_PRE_SHARED_KEY = (SSL_ERROR_BASE + 147),
+ SSL_ERROR_MALFORMED_EARLY_DATA = (SSL_ERROR_BASE + 148),
+ SSL_ERROR_END_OF_EARLY_DATA_ALERT = (SSL_ERROR_BASE + 149),
+ SSL_ERROR_MISSING_ALPN_EXTENSION = (SSL_ERROR_BASE + 150),
+ SSL_ERROR_RX_UNEXPECTED_EXTENSION = (SSL_ERROR_BASE + 151),
+ SSL_ERROR_MISSING_SUPPORTED_GROUPS_EXTENSION = (SSL_ERROR_BASE + 152),
+ SSL_ERROR_TOO_MANY_RECORDS = (SSL_ERROR_BASE + 153),
+ SSL_ERROR_RX_UNEXPECTED_HELLO_RETRY_REQUEST = (SSL_ERROR_BASE + 154),
+ SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST = (SSL_ERROR_BASE + 155),
+ SSL_ERROR_BAD_2ND_CLIENT_HELLO = (SSL_ERROR_BASE + 156),
+ SSL_ERROR_MISSING_SIGNATURE_ALGORITHMS_EXTENSION = (SSL_ERROR_BASE + 157),
+ SSL_ERROR_MALFORMED_PSK_KEY_EXCHANGE_MODES = (SSL_ERROR_BASE + 158),
+ SSL_ERROR_MISSING_PSK_KEY_EXCHANGE_MODES = (SSL_ERROR_BASE + 159),
+ SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
+} SSLErrorCodes;
+#endif /* NO_SECURITY_ERROR_ENUM */
+
+/* clang-format on */
+
+#endif /* __SSL_ERR_H_ */
diff --git a/security/nss/lib/ssl/sslerrstrs.c b/security/nss/lib/ssl/sslerrstrs.c
new file mode 100644
index 000000000..4e3db6d73
--- /dev/null
+++ b/security/nss/lib/ssl/sslerrstrs.c
@@ -0,0 +1,36 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "prerror.h"
+#include "sslerr.h"
+#include "prinit.h"
+#include "nssutil.h"
+#include "ssl.h"
+
+#define ER3(name, value, str) { #name, str },
+
+static const struct PRErrorMessage ssltext[] = {
+#include "SSLerrs.h"
+ { 0, 0 }
+};
+
+static const struct PRErrorTable ssl_et = {
+ ssltext, "sslerr", SSL_ERROR_BASE,
+ (sizeof ssltext) / (sizeof ssltext[0])
+};
+
+static PRStatus
+ssl_InitializePRErrorTableOnce(void)
+{
+ return PR_ErrorInstallTable(&ssl_et);
+}
+
+static PRCallOnceType once;
+
+SECStatus
+ssl_InitializePRErrorTable(void)
+{
+ return (PR_SUCCESS == PR_CallOnce(&once, ssl_InitializePRErrorTableOnce))
+ ? SECSuccess
+ : SECFailure;
+}
diff --git a/security/nss/lib/ssl/sslgrp.c b/security/nss/lib/ssl/sslgrp.c
new file mode 100644
index 000000000..eb53ad381
--- /dev/null
+++ b/security/nss/lib/ssl/sslgrp.c
@@ -0,0 +1,164 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file contains prototypes for the public SSL functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nss.h"
+#include "pk11func.h"
+#include "ssl.h"
+#include "sslimpl.h"
+
+struct {
+ sslEphemeralKeyPair *keyPair;
+ PRCallOnceType once;
+} gECDHEKeyPairs[SSL_NAMED_GROUP_COUNT];
+
+typedef struct sslSocketAndGroupArgStr {
+ const sslNamedGroupDef *group;
+ const sslSocket *ss;
+} sslSocketAndGroupArg;
+
+/* Function to clear out the ECDHE keys. */
+static SECStatus
+ssl_CleanupECDHEKeys(void *appData, void *nssData)
+{
+ unsigned int i;
+
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; i++) {
+ if (gECDHEKeyPairs[i].keyPair) {
+ ssl_FreeEphemeralKeyPair(gECDHEKeyPairs[i].keyPair);
+ }
+ }
+ memset(gECDHEKeyPairs, 0, sizeof(gECDHEKeyPairs));
+ return SECSuccess;
+}
+
+/* Only run the cleanup once. */
+static PRCallOnceType cleanupECDHEKeysOnce;
+static PRStatus
+ssl_SetupCleanupECDHEKeysOnce(void)
+{
+ SECStatus rv = NSS_RegisterShutdown(ssl_CleanupECDHEKeys, NULL);
+ return (rv != SECSuccess) ? PR_FAILURE : PR_SUCCESS;
+}
+
+/* This creates a key pair for each of the supported EC groups. If that works,
+ * we assume that the token supports that group. Since this is relatively
+ * expensive, this is only done for the first socket that is used. That means
+ * that if tokens are added or removed, then this will not pick up any changes.
+ */
+static PRStatus
+ssl_CreateStaticECDHEKeyPair(void *arg)
+{
+ const sslSocketAndGroupArg *typed_arg = (sslSocketAndGroupArg *)arg;
+ const sslNamedGroupDef *group = typed_arg->group;
+ const sslSocket *ss = typed_arg->ss;
+ unsigned int i = group - ssl_named_groups;
+ SECStatus rv;
+
+ PORT_Assert(group->keaType == ssl_kea_ecdh);
+ PORT_Assert(i < SSL_NAMED_GROUP_COUNT);
+ rv = ssl_CreateECDHEphemeralKeyPair(ss, group,
+ &gECDHEKeyPairs[i].keyPair);
+ if (rv != SECSuccess) {
+ gECDHEKeyPairs[i].keyPair = NULL;
+ SSL_TRC(5, ("%d: SSL[-]: disabling group %d",
+ SSL_GETPID(), group->name));
+ }
+
+ return PR_SUCCESS;
+}
+
+void
+ssl_FilterSupportedGroups(sslSocket *ss)
+{
+ unsigned int i;
+ PRStatus prv;
+ sslSocketAndGroupArg arg = { NULL, ss };
+
+ prv = PR_CallOnce(&cleanupECDHEKeysOnce, ssl_SetupCleanupECDHEKeysOnce);
+ PORT_Assert(prv == PR_SUCCESS);
+ if (prv != PR_SUCCESS) {
+ return;
+ }
+
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ PRUint32 policy;
+ SECStatus srv;
+ unsigned int index;
+ const sslNamedGroupDef *group = ss->namedGroupPreferences[i];
+ if (!group) {
+ continue;
+ }
+
+ srv = NSS_GetAlgorithmPolicy(group->oidTag, &policy);
+ if (srv == SECSuccess && !(policy & NSS_USE_ALG_IN_SSL_KX)) {
+ ss->namedGroupPreferences[i] = NULL;
+ continue;
+ }
+
+ if (group->assumeSupported) {
+ continue;
+ }
+
+ /* For EC groups, we have to test that a key pair can be created. This
+ * is gross, and expensive, so only do it once. */
+ index = group - ssl_named_groups;
+ PORT_Assert(index < SSL_NAMED_GROUP_COUNT);
+
+ arg.group = group;
+ prv = PR_CallOnceWithArg(&gECDHEKeyPairs[index].once,
+ ssl_CreateStaticECDHEKeyPair,
+ (void *)&arg);
+ PORT_Assert(prv == PR_SUCCESS);
+ if (prv != PR_SUCCESS) {
+ continue;
+ }
+
+ if (!gECDHEKeyPairs[index].keyPair) {
+ ss->namedGroupPreferences[i] = NULL;
+ }
+ }
+}
+
+/*
+ * Creates the static "ephemeral" public and private ECDH keys used by server in
+ * ECDHE_RSA and ECDHE_ECDSA handshakes when we reuse the same key.
+ */
+SECStatus
+ssl_CreateStaticECDHEKey(sslSocket *ss, const sslNamedGroupDef *ecGroup)
+{
+ sslEphemeralKeyPair *keyPair;
+ /* We index gECDHEKeyPairs by the named group. Pointer arithmetic! */
+ unsigned int index = ecGroup - ssl_named_groups;
+ PRStatus prv;
+ sslSocketAndGroupArg arg = { ecGroup, ss };
+
+ prv = PR_CallOnceWithArg(&gECDHEKeyPairs[index].once,
+ ssl_CreateStaticECDHEKeyPair,
+ (void *)&arg);
+ PORT_Assert(prv == PR_SUCCESS);
+ if (prv != PR_SUCCESS) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ keyPair = gECDHEKeyPairs[index].keyPair;
+ if (!keyPair) {
+ /* Attempting to use a key pair for an unsupported group. */
+ PORT_Assert(keyPair);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ keyPair = ssl_CopyEphemeralKeyPair(keyPair);
+ if (!keyPair)
+ return SECFailure;
+
+ PORT_Assert(PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+ PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
new file mode 100644
index 000000000..09c37832a
--- /dev/null
+++ b/security/nss/lib/ssl/sslimpl.h
@@ -0,0 +1,1872 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL and should be the first thing included by
+ * any SSL implementation file.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __sslimpl_h_
+#define __sslimpl_h_
+
+#ifdef DEBUG
+#undef NDEBUG
+#else
+#undef NDEBUG
+#define NDEBUG
+#endif
+#include "secport.h"
+#include "secerr.h"
+#include "sslerr.h"
+#include "ssl3prot.h"
+#include "hasht.h"
+#include "nssilock.h"
+#include "pkcs11t.h"
+#if defined(XP_UNIX) || defined(XP_BEOS)
+#include "unistd.h"
+#endif
+#include "nssrwlk.h"
+#include "prthread.h"
+#include "prclist.h"
+#include "private/pprthred.h"
+
+#include "sslt.h" /* for some formerly private types, now public */
+
+typedef struct sslSocketStr sslSocket;
+
+#include "ssl3ext.h"
+
+/* to make some of these old enums public without namespace pollution,
+** it was necessary to prepend ssl_ to the names.
+** These #defines preserve compatibility with the old code here in libssl.
+*/
+typedef SSLMACAlgorithm SSL3MACAlgorithm;
+
+#define calg_null ssl_calg_null
+#define calg_rc4 ssl_calg_rc4
+#define calg_rc2 ssl_calg_rc2
+#define calg_des ssl_calg_des
+#define calg_3des ssl_calg_3des
+#define calg_idea ssl_calg_idea
+#define calg_fortezza ssl_calg_fortezza /* deprecated, must preserve */
+#define calg_aes ssl_calg_aes
+#define calg_camellia ssl_calg_camellia
+#define calg_seed ssl_calg_seed
+#define calg_aes_gcm ssl_calg_aes_gcm
+#define calg_chacha20 ssl_calg_chacha20
+
+#define mac_null ssl_mac_null
+#define mac_md5 ssl_mac_md5
+#define mac_sha ssl_mac_sha
+#define hmac_md5 ssl_hmac_md5
+#define hmac_sha ssl_hmac_sha
+#define hmac_sha256 ssl_hmac_sha256
+#define hmac_sha384 ssl_hmac_sha384
+#define mac_aead ssl_mac_aead
+
+#if defined(DEBUG) || defined(TRACE)
+#ifdef __cplusplus
+#define Debug 1
+#else
+extern int Debug;
+#endif
+#else
+#undef Debug
+#endif
+
+#if defined(DEBUG) && !defined(TRACE) && !defined(NISCC_TEST)
+#define TRACE
+#endif
+
+#ifdef TRACE
+#define SSL_TRC(a, b) \
+ if (ssl_trace >= (a)) \
+ ssl_Trace b
+#define PRINT_BUF(a, b) \
+ if (ssl_trace >= (a)) \
+ ssl_PrintBuf b
+#define PRINT_KEY(a, b) \
+ if (ssl_trace >= (a)) \
+ ssl_PrintKey b
+#else
+#define SSL_TRC(a, b)
+#define PRINT_BUF(a, b)
+#define PRINT_KEY(a, b)
+#endif
+
+#ifdef DEBUG
+#define SSL_DBG(b) \
+ if (ssl_debug) \
+ ssl_Trace b
+#else
+#define SSL_DBG(b)
+#endif
+
+#define LSB(x) ((unsigned char)((x)&0xff))
+#define MSB(x) ((unsigned char)(((unsigned)(x)) >> 8))
+
+#define CONST_CAST(T, X) ((T *)(X))
+
+/************************************************************************/
+
+typedef enum { SSLAppOpRead = 0,
+ SSLAppOpWrite,
+ SSLAppOpRDWR,
+ SSLAppOpPost,
+ SSLAppOpHeader
+} SSLAppOperation;
+
+#define SSL3_SESSIONID_BYTES 32
+
+#define SSL_MIN_CHALLENGE_BYTES 16
+#define SSL_MAX_CHALLENGE_BYTES 32
+
+#define SSL3_MASTER_SECRET_LENGTH 48
+
+/* number of wrap mechanisms potentially used to wrap master secrets. */
+#define SSL_NUM_WRAP_MECHS 16
+
+/* This makes the cert cache entry exactly 4k. */
+#define SSL_MAX_CACHED_CERT_LEN 4060
+
+#ifndef BPB
+#define BPB 8 /* Bits Per Byte */
+#endif
+
+/* The default value from RFC 4347 is 1s, which is too slow. */
+#define DTLS_RETRANSMIT_INITIAL_MS 50
+/* The maximum time to wait between retransmissions. */
+#define DTLS_RETRANSMIT_MAX_MS 10000
+/* Time to wait in FINISHED state for retransmissions. */
+#define DTLS_RETRANSMIT_FINISHED_MS 30000
+
+/* default number of entries in namedGroupPreferences */
+#define SSL_NAMED_GROUP_COUNT 31
+
+/* Types and names of elliptic curves used in TLS */
+typedef enum {
+ ec_type_explicitPrime = 1, /* not supported */
+ ec_type_explicitChar2Curve = 2, /* not supported */
+ ec_type_named = 3
+} ECType;
+
+typedef enum {
+ ticket_allow_early_data = 1,
+ ticket_allow_psk_ke = 2,
+ ticket_allow_psk_dhe_ke = 4,
+ ticket_allow_psk_auth = 8,
+ ticket_allow_psk_sign_auth = 16
+} TLS13SessionTicketFlags;
+
+typedef struct {
+ /* The name is the value that is encoded on the wire in TLS. */
+ SSLNamedGroup name;
+ /* The number of bits in the group. */
+ unsigned int bits;
+ /* The key exchange algorithm this group provides. */
+ SSLKEAType keaType;
+ /* The OID that identifies the group to PKCS11. This also determines
+ * whether the group is enabled in policy. */
+ SECOidTag oidTag;
+ /* Assume that the group is always supported. */
+ PRBool assumeSupported;
+} sslNamedGroupDef;
+
+typedef struct sslBufferStr sslBuffer;
+typedef struct sslConnectInfoStr sslConnectInfo;
+typedef struct sslGatherStr sslGather;
+typedef struct sslSecurityInfoStr sslSecurityInfo;
+typedef struct sslSessionIDStr sslSessionID;
+typedef struct sslSocketOpsStr sslSocketOps;
+
+typedef struct ssl3StateStr ssl3State;
+typedef struct ssl3CertNodeStr ssl3CertNode;
+typedef struct ssl3BulkCipherDefStr ssl3BulkCipherDef;
+typedef struct ssl3MACDefStr ssl3MACDef;
+typedef struct sslKeyPairStr sslKeyPair;
+typedef struct ssl3DHParamsStr ssl3DHParams;
+
+struct ssl3CertNodeStr {
+ struct ssl3CertNodeStr *next;
+ CERTCertificate *cert;
+};
+
+typedef SECStatus (*sslHandshakeFunc)(sslSocket *ss);
+
+typedef void (*sslSessionIDCacheFunc)(sslSessionID *sid);
+typedef void (*sslSessionIDUncacheFunc)(sslSessionID *sid);
+typedef sslSessionID *(*sslSessionIDLookupFunc)(const PRIPv6Addr *addr,
+ unsigned char *sid,
+ unsigned int sidLen,
+ CERTCertDBHandle *dbHandle);
+
+/* Socket ops */
+struct sslSocketOpsStr {
+ int (*connect)(sslSocket *, const PRNetAddr *);
+ PRFileDesc *(*accept)(sslSocket *, PRNetAddr *);
+ int (*bind)(sslSocket *, const PRNetAddr *);
+ int (*listen)(sslSocket *, int);
+ int (*shutdown)(sslSocket *, int);
+ int (*close)(sslSocket *);
+
+ int (*recv)(sslSocket *, unsigned char *, int, int);
+
+ /* points to the higher-layer send func, e.g. ssl_SecureSend. */
+ int (*send)(sslSocket *, const unsigned char *, int, int);
+ int (*read)(sslSocket *, unsigned char *, int);
+ int (*write)(sslSocket *, const unsigned char *, int);
+
+ int (*getpeername)(sslSocket *, PRNetAddr *);
+ int (*getsockname)(sslSocket *, PRNetAddr *);
+};
+
+/* Flags interpreted by ssl send functions. */
+#define ssl_SEND_FLAG_FORCE_INTO_BUFFER 0x40000000
+#define ssl_SEND_FLAG_NO_BUFFER 0x20000000
+#define ssl_SEND_FLAG_NO_RETRANSMIT 0x08000000 /* DTLS only */
+#define ssl_SEND_FLAG_CAP_RECORD_VERSION \
+ 0x04000000 /* TLS only */
+#define ssl_SEND_FLAG_MASK 0x7f000000
+
+/*
+** A buffer object.
+*/
+struct sslBufferStr {
+ unsigned char *buf;
+ unsigned int len;
+ unsigned int space;
+};
+
+/*
+** SSL3 cipher suite policy and preference struct.
+*/
+typedef struct {
+#if !defined(_WIN32)
+ unsigned int cipher_suite : 16;
+ unsigned int policy : 8;
+ unsigned int enabled : 1;
+ unsigned int isPresent : 1;
+#else
+ ssl3CipherSuite cipher_suite;
+ PRUint8 policy;
+ unsigned char enabled : 1;
+ unsigned char isPresent : 1;
+#endif
+} ssl3CipherSuiteCfg;
+
+#define ssl_V3_SUITES_IMPLEMENTED 71
+
+#define MAX_DTLS_SRTP_CIPHER_SUITES 4
+
+/* MAX_SIGNATURE_SCHEMES allows for all the values we support. */
+#define MAX_SIGNATURE_SCHEMES 15
+
+typedef struct sslOptionsStr {
+ /* If SSL_SetNextProtoNego has been called, then this contains the
+ * list of supported protocols. */
+ SECItem nextProtoNego;
+
+ unsigned int useSecurity : 1;
+ unsigned int useSocks : 1;
+ unsigned int requestCertificate : 1;
+ unsigned int requireCertificate : 2;
+ unsigned int handshakeAsClient : 1;
+ unsigned int handshakeAsServer : 1;
+ unsigned int noCache : 1;
+ unsigned int fdx : 1;
+ unsigned int detectRollBack : 1;
+ unsigned int noLocks : 1;
+ unsigned int enableSessionTickets : 1;
+ unsigned int enableDeflate : 1;
+ unsigned int enableRenegotiation : 2;
+ unsigned int requireSafeNegotiation : 1;
+ unsigned int enableFalseStart : 1;
+ unsigned int cbcRandomIV : 1;
+ unsigned int enableOCSPStapling : 1;
+ unsigned int enableNPN : 1;
+ unsigned int enableALPN : 1;
+ unsigned int reuseServerECDHEKey : 1;
+ unsigned int enableFallbackSCSV : 1;
+ unsigned int enableServerDhe : 1;
+ unsigned int enableExtendedMS : 1;
+ unsigned int enableSignedCertTimestamps : 1;
+ unsigned int requireDHENamedGroups : 1;
+ unsigned int enable0RttData : 1;
+ unsigned int enableShortHeaders : 1;
+} sslOptions;
+
+typedef enum { sslHandshakingUndetermined = 0,
+ sslHandshakingAsClient,
+ sslHandshakingAsServer
+} sslHandshakingType;
+
+#define SSL_LOCK_RANK_SPEC 255
+
+/* These are the valid values for shutdownHow.
+** These values are each 1 greater than the NSPR values, and the code
+** depends on that relation to efficiently convert PR_SHUTDOWN values
+** into ssl_SHUTDOWN values. These values use one bit for read, and
+** another bit for write, and can be used as bitmasks.
+*/
+#define ssl_SHUTDOWN_NONE 0 /* NOT shutdown at all */
+#define ssl_SHUTDOWN_RCV 1 /* PR_SHUTDOWN_RCV +1 */
+#define ssl_SHUTDOWN_SEND 2 /* PR_SHUTDOWN_SEND +1 */
+#define ssl_SHUTDOWN_BOTH 3 /* PR_SHUTDOWN_BOTH +1 */
+
+/*
+** A gather object. Used to read some data until a count has been
+** satisfied. Primarily for support of async sockets.
+** Everything in here is protected by the recvBufLock.
+*/
+struct sslGatherStr {
+ int state; /* see GS_ values below. */
+
+ /* "buf" holds received plaintext SSL records, after decrypt and MAC check.
+ * recv'd ciphertext records are put in inbuf (see below), then decrypted
+ * into buf.
+ */
+ sslBuffer buf; /*recvBufLock*/
+
+ /* number of bytes previously read into hdr or inbuf.
+ ** (offset - writeOffset) is the number of ciphertext bytes read in but
+ ** not yet deciphered.
+ */
+ unsigned int offset;
+
+ /* number of bytes to read in next call to ssl_DefRecv (recv) */
+ unsigned int remainder;
+
+ /* DoRecv uses the next two values to extract application data.
+ ** The difference between writeOffset and readOffset is the amount of
+ ** data available to the application. Note that the actual offset of
+ ** the data in "buf" is recordOffset (above), not readOffset.
+ ** In the current implementation, this is made available before the
+ ** MAC is checked!!
+ */
+ unsigned int readOffset; /* Spot where DATA reader (e.g. application
+ ** or handshake code) will read next.
+ ** Always zero for SSl3 application data.
+ */
+ /* offset in buf/inbuf/hdr into which new data will be read from socket. */
+ unsigned int writeOffset;
+
+ /* Buffer for ssl3 to read (encrypted) data from the socket */
+ sslBuffer inbuf; /*recvBufLock*/
+
+ /* The ssl[23]_GatherData functions read data into this buffer, rather
+ ** than into buf or inbuf, while in the GS_HEADER state.
+ ** The portion of the SSL record header put here always comes off the wire
+ ** as plaintext, never ciphertext.
+ ** For SSL3/TLS, the plaintext portion is 5 bytes long. For DTLS it is 13.
+ */
+ unsigned char hdr[13];
+
+ /* Buffer for DTLS data read off the wire as a single datagram */
+ sslBuffer dtlsPacket;
+
+ /* the start of the buffered DTLS record in dtlsPacket */
+ unsigned int dtlsPacketOffset;
+};
+
+/* sslGather.state */
+#define GS_INIT 0
+#define GS_HEADER 1
+#define GS_DATA 2
+
+/*
+** ssl3State and CipherSpec structs
+*/
+
+/* The SSL bulk cipher definition */
+typedef enum {
+ cipher_null,
+ cipher_rc4,
+ cipher_des,
+ cipher_3des,
+ cipher_aes_128,
+ cipher_aes_256,
+ cipher_camellia_128,
+ cipher_camellia_256,
+ cipher_seed,
+ cipher_aes_128_gcm,
+ cipher_aes_256_gcm,
+ cipher_chacha20,
+ cipher_missing /* reserved for no such supported cipher */
+ /* This enum must match ssl3_cipherName[] in ssl3con.c. */
+} SSL3BulkCipher;
+
+typedef enum { type_stream,
+ type_block,
+ type_aead } CipherType;
+
+#define MAX_IV_LENGTH 24
+
+typedef PRUint64 sslSequenceNumber;
+typedef PRUint16 DTLSEpoch;
+
+typedef void (*DTLSTimerCb)(sslSocket *);
+
+typedef struct {
+ SSL3Opaque wrapped_master_secret[48];
+ PRUint16 wrapped_master_secret_len;
+ PRUint8 msIsWrapped;
+ PRUint8 resumable;
+ PRUint8 extendedMasterSecretUsed;
+} ssl3SidKeys; /* 52 bytes */
+
+typedef struct {
+ PK11SymKey *write_key;
+ PK11SymKey *write_mac_key;
+ PK11Context *write_mac_context;
+ SECItem write_key_item;
+ SECItem write_iv_item;
+ SECItem write_mac_key_item;
+ SSL3Opaque write_iv[MAX_IV_LENGTH];
+} ssl3KeyMaterial;
+
+typedef SECStatus (*SSLCipher)(void *context,
+ unsigned char *out,
+ int *outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen);
+typedef SECStatus (*SSLAEADCipher)(
+ ssl3KeyMaterial *keys,
+ PRBool doDecrypt,
+ unsigned char *out,
+ int *outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen,
+ const unsigned char *additionalData,
+ int additionalDataLen);
+typedef SECStatus (*SSLCompressor)(void *context,
+ unsigned char *out,
+ int *outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen);
+typedef SECStatus (*SSLDestroy)(void *context, PRBool freeit);
+
+/* The DTLS anti-replay window in number of packets. Defined here because we
+ * need it in the cipher spec. Note that this is a ring buffer but left and
+ * right represent the true window, with modular arithmetic used to map them
+ * onto the buffer.
+ */
+#define DTLS_RECVD_RECORDS_WINDOW 1024
+#define RECORD_SEQ_MAX ((1ULL << 48) - 1)
+PR_STATIC_ASSERT(DTLS_RECVD_RECORDS_WINDOW % 8 == 0);
+
+typedef struct DTLSRecvdRecordsStr {
+ unsigned char data[DTLS_RECVD_RECORDS_WINDOW / 8];
+ sslSequenceNumber left;
+ sslSequenceNumber right;
+} DTLSRecvdRecords;
+
+/*
+** These are the "specs" in the "ssl3" struct.
+** Access to the pointers to these specs, and all the specs' contents
+** (direct and indirect) is protected by the reader/writer lock ss->specLock.
+*/
+typedef struct {
+ PRCList link;
+ const ssl3BulkCipherDef *cipher_def;
+ const ssl3MACDef *mac_def;
+ SSLCompressionMethod compression_method;
+ int mac_size;
+ SSLCipher encode;
+ SSLCipher decode;
+ SSLAEADCipher aead;
+ void *encodeContext;
+ void *decodeContext;
+ SSLCompressor compressor; /* Don't name these fields compress */
+ SSLCompressor decompressor; /* and uncompress because zconf.h */
+ /* may define them as macros. */
+ SSLDestroy destroyCompressContext;
+ void *compressContext;
+ SSLDestroy destroyDecompressContext;
+ void *decompressContext;
+ PK11SymKey *master_secret;
+ sslSequenceNumber write_seq_num;
+ sslSequenceNumber read_seq_num;
+ SSL3ProtocolVersion version;
+ ssl3KeyMaterial client;
+ ssl3KeyMaterial server;
+ SECItem msItem;
+ DTLSEpoch epoch;
+ DTLSRecvdRecords recvdRecords;
+
+ PRUint8 refCt;
+ const char *phase;
+} ssl3CipherSpec;
+
+typedef enum { never_cached,
+ in_client_cache,
+ in_server_cache,
+ invalid_cache /* no longer in any cache. */
+} Cached;
+
+#include "sslcert.h"
+
+struct sslSessionIDStr {
+ /* The global cache lock must be held when accessing these members when the
+ * sid is in any cache.
+ */
+ sslSessionID *next; /* chain used for client sockets, only */
+ Cached cached;
+ int references;
+ PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
+
+ /* The rest of the members, except for the members of u.ssl3.locked, may
+ * be modified only when the sid is not in any cache.
+ */
+
+ CERTCertificate *peerCert;
+ SECItemArray peerCertStatus; /* client only */
+ const char *peerID; /* client only */
+ const char *urlSvrName; /* client only */
+ sslServerCertType certType;
+ CERTCertificate *localCert;
+
+ PRIPv6Addr addr;
+ PRUint16 port;
+
+ SSL3ProtocolVersion version;
+
+ PRUint32 creationTime; /* seconds since Jan 1, 1970 */
+ PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
+
+ SSLAuthType authType;
+ PRUint32 authKeyBits;
+ SSLKEAType keaType;
+ PRUint32 keaKeyBits;
+
+ union {
+ struct {
+ /* values that are copied into the server's on-disk SID cache. */
+ PRUint8 sessionIDLength;
+ SSL3Opaque sessionID[SSL3_SESSIONID_BYTES];
+
+ ssl3CipherSuite cipherSuite;
+ SSLCompressionMethod compression;
+ int policy;
+ ssl3SidKeys keys;
+ /* mechanism used to wrap master secret */
+ CK_MECHANISM_TYPE masterWrapMech;
+
+ /* The following values are NOT restored from the server's on-disk
+ * session cache, but are restored from the client's cache.
+ */
+ PK11SymKey *clientWriteKey;
+ PK11SymKey *serverWriteKey;
+
+ /* The following values pertain to the slot that wrapped the
+ ** master secret. (used only in client)
+ */
+ SECMODModuleID masterModuleID;
+ /* what module wrapped the master secret */
+ CK_SLOT_ID masterSlotID;
+ PRUint16 masterWrapIndex;
+ /* what's the key index for the wrapping key */
+ PRUint16 masterWrapSeries;
+ /* keep track of the slot series, so we don't
+ * accidently try to use new keys after the
+ * card gets removed and replaced.*/
+
+ /* The following values pertain to the slot that did the signature
+ ** for client auth. (used only in client)
+ */
+ SECMODModuleID clAuthModuleID;
+ CK_SLOT_ID clAuthSlotID;
+ PRUint16 clAuthSeries;
+
+ char masterValid;
+ char clAuthValid;
+
+ SECItem srvName;
+
+ /* Signed certificate timestamps received in a TLS extension.
+ ** (used only in client).
+ */
+ SECItem signedCertTimestamps;
+
+ /* The NPN/ALPN value negotiated in the original connection.
+ * Used for TLS 1.3. */
+ SECItem alpnSelection;
+
+ /* This lock is lazily initialized by CacheSID when a sid is first
+ * cached. Before then, there is no need to lock anything because
+ * the sid isn't being shared by anything.
+ */
+ PRRWLock *lock;
+
+ /* The lock must be held while reading or writing these members
+ * because they change while the sid is cached.
+ */
+ struct {
+ /* The session ticket, if we have one, is sent as an extension
+ * in the ClientHello message. This field is used only by
+ * clients. It is protected by lock when lock is non-null
+ * (after the sid has been added to the client session cache).
+ */
+ NewSessionTicket sessionTicket;
+ } locked;
+ } ssl3;
+ } u;
+};
+
+typedef struct ssl3CipherSuiteDefStr {
+ ssl3CipherSuite cipher_suite;
+ SSL3BulkCipher bulk_cipher_alg;
+ SSL3MACAlgorithm mac_alg;
+ SSL3KeyExchangeAlgorithm key_exchange_alg;
+ SSLHashType prf_hash;
+} ssl3CipherSuiteDef;
+
+/*
+** There are tables of these, all const.
+*/
+typedef struct {
+ /* An identifier for this struct. */
+ SSL3KeyExchangeAlgorithm kea;
+ /* The type of key exchange used by the cipher suite. */
+ SSLKEAType exchKeyType;
+ /* If the cipher suite uses a signature, the type of key used in the
+ * signature. */
+ KeyType signKeyType;
+ /* In most cases, cipher suites depend on their signature type for
+ * authentication, ECDH certificates being the exception. */
+ SSLAuthType authKeyType;
+ /* True if the key exchange for the suite is ephemeral. Or to be more
+ * precise: true if the ServerKeyExchange message is always required. */
+ PRBool ephemeral;
+ /* An OID describing the key exchange */
+ SECOidTag oid;
+} ssl3KEADef;
+
+/*
+** There are tables of these, all const.
+*/
+struct ssl3BulkCipherDefStr {
+ SSL3BulkCipher cipher;
+ SSLCipherAlgorithm calg;
+ unsigned int key_size;
+ unsigned int secret_key_size;
+ CipherType type;
+ unsigned int iv_size;
+ unsigned int block_size;
+ unsigned int tag_size; /* for AEAD ciphers. */
+ unsigned int explicit_nonce_size; /* for AEAD ciphers. */
+ SECOidTag oid;
+ const char *short_name;
+ /* The maximum number of records that can be sent/received with the same
+ * symmetric key before the connection will be terminated. */
+ PRUint64 max_records;
+};
+
+/*
+** There are tables of these, all const.
+*/
+struct ssl3MACDefStr {
+ SSL3MACAlgorithm mac;
+ CK_MECHANISM_TYPE mmech;
+ int pad_size;
+ int mac_size;
+ SECOidTag oid;
+};
+
+typedef enum {
+ ssl_0rtt_none, /* 0-RTT not present */
+ ssl_0rtt_sent, /* 0-RTT sent (no decision yet) */
+ ssl_0rtt_accepted, /* 0-RTT sent and accepted */
+ ssl_0rtt_ignored, /* 0-RTT sent but rejected/ignored */
+ ssl_0rtt_done /* 0-RTT accepted, but finished */
+} sslZeroRttState;
+
+typedef enum {
+ ssl_0rtt_ignore_none, /* not ignoring */
+ ssl_0rtt_ignore_trial, /* ignoring with trial decryption */
+ ssl_0rtt_ignore_hrr /* ignoring until ClientHello (due to HRR) */
+} sslZeroRttIgnore;
+
+typedef enum {
+ idle_handshake,
+ wait_client_hello,
+ wait_client_cert,
+ wait_client_key,
+ wait_cert_verify,
+ wait_change_cipher,
+ wait_finished,
+ wait_server_hello,
+ wait_certificate_status,
+ wait_server_cert,
+ wait_server_key,
+ wait_cert_request,
+ wait_hello_done,
+ wait_new_session_ticket,
+ wait_encrypted_extensions,
+ wait_invalid /* Invalid value. There is no handshake message "invalid". */
+} SSL3WaitState;
+
+typedef enum {
+ client_hello_initial, /* The first attempt. */
+ client_hello_retry, /* If we receive HelloRetryRequest. */
+ client_hello_retransmit, /* In DTLS, if we receive HelloVerifyRequest. */
+ client_hello_renegotiation /* A renegotiation attempt. */
+} sslClientHelloType;
+
+typedef struct SessionTicketDataStr SessionTicketData;
+
+typedef SECStatus (*sslRestartTarget)(sslSocket *);
+
+/*
+** A DTLS queued message (potentially to be retransmitted)
+*/
+typedef struct DTLSQueuedMessageStr {
+ PRCList link; /* The linked list link */
+ ssl3CipherSpec *cwSpec; /* The cipher spec to use, null for none */
+ SSL3ContentType type; /* The message type */
+ unsigned char *data; /* The data */
+ PRUint16 len; /* The data length */
+} DTLSQueuedMessage;
+
+typedef struct TLS13KeyShareEntryStr {
+ PRCList link; /* The linked list link */
+ const sslNamedGroupDef *group; /* The group for the entry */
+ SECItem key_exchange; /* The share itself */
+} TLS13KeyShareEntry;
+
+typedef struct TLS13EarlyDataStr {
+ PRCList link; /* The linked list link */
+ SECItem data; /* The data */
+} TLS13EarlyData;
+
+typedef enum {
+ handshake_hash_unknown = 0,
+ handshake_hash_combo = 1, /* The MD5/SHA-1 combination */
+ handshake_hash_single = 2, /* A single hash */
+ handshake_hash_record
+} SSL3HandshakeHashType;
+
+/* This holds state for TLS 1.3 CertificateRequest handling. */
+typedef struct TLS13CertificateRequestStr {
+ PLArenaPool *arena;
+ SECItem context;
+ SSLSignatureScheme *signatureSchemes;
+ unsigned int signatureSchemeCount;
+ CERTDistNames ca_list;
+} TLS13CertificateRequest;
+
+/*
+** This is the "hs" member of the "ssl3" struct.
+** This entire struct is protected by ssl3HandshakeLock
+*/
+typedef struct SSL3HandshakeStateStr {
+ SSL3Random server_random;
+ SSL3Random client_random;
+ SSL3WaitState ws; /* May also contain SSL3WaitState | 0x80 for TLS 1.3 */
+
+ /* This group of members is used for handshake running hashes. */
+ SSL3HandshakeHashType hashType;
+ sslBuffer messages; /* Accumulated handshake messages */
+ /* PKCS #11 mode:
+ * SSL 3.0 - TLS 1.1 use both |md5| and |sha|. |md5| is used for MD5 and
+ * |sha| for SHA-1.
+ * TLS 1.2 and later use only |sha|, for SHA-256. */
+ PK11Context *md5;
+ PK11Context *sha;
+ SSLSignatureScheme signatureScheme;
+ const ssl3KEADef *kea_def;
+ ssl3CipherSuite cipher_suite;
+ const ssl3CipherSuiteDef *suite_def;
+ SSLCompressionMethod compression;
+ sslBuffer msg_body; /* protected by recvBufLock */
+ /* partial handshake message from record layer */
+ unsigned int header_bytes;
+ /* number of bytes consumed from handshake */
+ /* message for message type and header length */
+ SSL3HandshakeType msg_type;
+ unsigned long msg_len;
+ PRBool isResuming; /* we are resuming (not used in TLS 1.3) */
+ PRBool sendingSCSV; /* instead of empty RI */
+ sslBuffer msgState; /* current state for handshake messages*/
+ /* protected by recvBufLock */
+
+ /* The session ticket received in a NewSessionTicket message is temporarily
+ * stored in newSessionTicket until the handshake is finished; then it is
+ * moved to the sid.
+ */
+ PRBool receivedNewSessionTicket;
+ NewSessionTicket newSessionTicket;
+
+ PRUint16 finishedBytes; /* size of single finished below */
+ union {
+ TLSFinished tFinished[2]; /* client, then server */
+ SSL3Finished sFinished[2];
+ SSL3Opaque data[72];
+ } finishedMsgs;
+
+ PRBool authCertificatePending;
+ /* Which function should SSL_RestartHandshake* call if we're blocked?
+ * One of NULL, ssl3_SendClientSecondRound, ssl3_FinishHandshake,
+ * or ssl3_AlwaysFail */
+ sslRestartTarget restartTarget;
+ /* Shared state between ssl3_HandleFinished and ssl3_FinishHandshake */
+ PRBool cacheSID;
+
+ PRBool canFalseStart; /* Can/did we False Start */
+ /* Which preliminaryinfo values have been set. */
+ PRUint32 preliminaryInfo;
+
+ /* Parsed extensions */
+ PRCList remoteExtensions; /* Parsed incoming extensions */
+
+ /* This group of values is used for DTLS */
+ PRUint16 sendMessageSeq; /* The sending message sequence
+ * number */
+ PRCList lastMessageFlight; /* The last message flight we
+ * sent */
+ PRUint16 maxMessageSent; /* The largest message we sent */
+ PRUint16 recvMessageSeq; /* The receiving message sequence
+ * number */
+ sslBuffer recvdFragments; /* The fragments we have received in
+ * a bitmask */
+ PRInt32 recvdHighWater; /* The high water mark for fragments
+ * received. -1 means no reassembly
+ * in progress. */
+ SECItem cookie; /* The Hello(Retry|Verify)Request cookie. */
+ PRIntervalTime rtTimerStarted; /* When the timer was started */
+ DTLSTimerCb rtTimerCb; /* The function to call on expiry */
+ PRUint32 rtTimeoutMs; /* The length of the current timeout
+ * used for backoff (in ms) */
+ PRUint32 rtRetries; /* The retry counter */
+ SECItem srvVirtName; /* for server: name that was negotiated
+ * with a client. For client - is
+ * always set to NULL.*/
+
+ /* This group of values is used for TLS 1.3 and above */
+ PK11SymKey *currentSecret; /* The secret down the "left hand side"
+ * of the TLS 1.3 key schedule. */
+ PK11SymKey *resumptionMasterSecret; /* The resumption PSK. */
+ PK11SymKey *dheSecret; /* The (EC)DHE shared secret. */
+ PK11SymKey *pskBinderKey; /* Used to compute the PSK binder. */
+ PK11SymKey *clientEarlyTrafficSecret; /* The secret we use for 0-RTT. */
+ PK11SymKey *clientHsTrafficSecret; /* The source keys for handshake */
+ PK11SymKey *serverHsTrafficSecret; /* traffic keys. */
+ PK11SymKey *clientTrafficSecret; /* The source keys for application */
+ PK11SymKey *serverTrafficSecret; /* traffic keys */
+ PK11SymKey *earlyExporterSecret; /* for 0-RTT exporters */
+ PK11SymKey *exporterSecret; /* for exporters */
+ /* The certificate request from the server. */
+ TLS13CertificateRequest *certificateRequest;
+ PRCList cipherSpecs; /* The cipher specs in the sequence they
+ * will be applied. */
+ ssl3CipherSpec *nullSpec; /* In case 0-RTT is rejected. */
+ sslZeroRttState zeroRttState; /* Are we doing a 0-RTT handshake? */
+ sslZeroRttIgnore zeroRttIgnore; /* Are we ignoring 0-RTT? */
+ ssl3CipherSuite zeroRttSuite; /* The cipher suite we used for 0-RTT. */
+ PRCList bufferedEarlyData; /* Buffered TLS 1.3 early data
+ * on server.*/
+ PRBool helloRetry; /* True if HelloRetryRequest has been sent
+ * or received. */
+ ssl3KEADef kea_def_mutable; /* Used to hold the writable kea_def
+ * we use for TLS 1.3 */
+ PRBool shortHeaders; /* Assigned if we are doing short headers. */
+} SSL3HandshakeState;
+
+/*
+** This is the "ssl3" struct, as in "ss->ssl3".
+** note:
+** usually, crSpec == cwSpec and prSpec == pwSpec.
+** Sometimes, crSpec == pwSpec and prSpec == cwSpec.
+** But there are never more than 2 actual specs.
+** No spec must ever be modified if either "current" pointer points to it.
+*/
+struct ssl3StateStr {
+
+ /*
+ ** The following Specs and Spec pointers must be protected using the
+ ** Spec Lock.
+ */
+ ssl3CipherSpec *crSpec; /* current read spec. */
+ ssl3CipherSpec *prSpec; /* pending read spec. */
+ ssl3CipherSpec *cwSpec; /* current write spec. */
+ ssl3CipherSpec *pwSpec; /* pending write spec. */
+
+ CERTCertificate *clientCertificate; /* used by client */
+ SECKEYPrivateKey *clientPrivateKey; /* used by client */
+ CERTCertificateList *clientCertChain; /* used by client */
+ PRBool sendEmptyCert; /* used by client */
+
+ int policy;
+ /* This says what cipher suites we can do, and should
+ * be either SSL_ALLOWED or SSL_RESTRICTED
+ */
+ PLArenaPool *peerCertArena;
+ /* These are used to keep track of the peer CA */
+ void *peerCertChain;
+ /* chain while we are trying to validate it. */
+ CERTDistNames *ca_list;
+ /* used by server. trusted CAs for this socket. */
+ PRBool initialized;
+ SSL3HandshakeState hs;
+ ssl3CipherSpec specs[2]; /* one is current, one is pending. */
+
+ PRUint16 mtu; /* Our estimate of the MTU */
+
+ /* DTLS-SRTP cipher suite preferences (if any) */
+ PRUint16 dtlsSRTPCiphers[MAX_DTLS_SRTP_CIPHER_SUITES];
+ PRUint16 dtlsSRTPCipherCount;
+ PRBool fatalAlertSent;
+ PRBool dheWeakGroupEnabled; /* used by server */
+ const sslNamedGroupDef *dhePreferredGroup;
+
+ /* TLS 1.2 introduces separate signature algorithm negotiation.
+ * TLS 1.3 combined signature and hash into a single enum.
+ * This is our preference order. */
+ SSLSignatureScheme signatureSchemes[MAX_SIGNATURE_SCHEMES];
+ unsigned int signatureSchemeCount;
+
+ /* The version to check if we fell back from our highest version
+ * of TLS. Default is 0 in which case we check against the maximum
+ * configured version for this socket. Used only on the client. */
+ SSL3ProtocolVersion downgradeCheckVersion;
+};
+
+/* Ethernet MTU but without subtracting the headers,
+ * so slightly larger than expected */
+#define DTLS_MAX_MTU 1500U
+#define IS_DTLS(ss) (ss->protocolVariant == ssl_variant_datagram)
+
+typedef struct {
+ SSL3ContentType type;
+ SSL3ProtocolVersion version;
+ sslSequenceNumber seq_num; /* DTLS only */
+ sslBuffer *buf;
+} SSL3Ciphertext;
+
+struct sslKeyPairStr {
+ SECKEYPrivateKey *privKey;
+ SECKEYPublicKey *pubKey;
+ PRInt32 refCount; /* use PR_Atomic calls for this. */
+};
+
+typedef struct {
+ PRCList link;
+ const sslNamedGroupDef *group;
+ sslKeyPair *keys;
+} sslEphemeralKeyPair;
+
+struct ssl3DHParamsStr {
+ SSLNamedGroup name;
+ SECItem prime; /* p */
+ SECItem base; /* g */
+};
+
+typedef struct SSLWrappedSymWrappingKeyStr {
+ SSL3Opaque wrappedSymmetricWrappingkey[512];
+ CK_MECHANISM_TYPE symWrapMechanism;
+ /* unwrapped symmetric wrapping key uses this mechanism */
+ CK_MECHANISM_TYPE asymWrapMechanism;
+ /* mechanism used to wrap the SymmetricWrappingKey using
+ * server's public and/or private keys. */
+ SSLAuthType authType; /* type of keys used to wrap SymWrapKey*/
+ PRInt32 symWrapMechIndex;
+ PRUint16 wrappedSymKeyLen;
+} SSLWrappedSymWrappingKey;
+
+typedef struct SessionTicketStr {
+ PRUint16 ticket_version;
+ SSL3ProtocolVersion ssl_version;
+ ssl3CipherSuite cipher_suite;
+ SSLCompressionMethod compression_method;
+ SSLAuthType authType;
+ PRUint32 authKeyBits;
+ SSLKEAType keaType;
+ PRUint32 keaKeyBits;
+ sslServerCertType certType;
+ /*
+ * msWrapMech contains a meaningful value only if ms_is_wrapped is true.
+ */
+ PRUint8 ms_is_wrapped;
+ CK_MECHANISM_TYPE msWrapMech;
+ PRUint16 ms_length;
+ SSL3Opaque master_secret[48];
+ PRBool extendedMasterSecretUsed;
+ ClientIdentity client_identity;
+ SECItem peer_cert;
+ PRUint32 timestamp;
+ PRUint32 flags;
+ SECItem srvName; /* negotiated server name */
+ SECItem alpnSelection;
+} SessionTicket;
+
+/*
+ * SSL2 buffers used in SSL3.
+ * writeBuf in the SecurityInfo maintained by sslsecur.c is used
+ * to hold the data just about to be passed to the kernel
+ * sendBuf in the ConnectInfo maintained by sslcon.c is used
+ * to hold handshake messages as they are accumulated
+ */
+
+/*
+** This is "ci", as in "ss->sec.ci".
+**
+** Protection: All the variables in here are protected by
+** firstHandshakeLock AND ssl3HandshakeLock
+*/
+struct sslConnectInfoStr {
+ /* outgoing handshakes appended to this. */
+ sslBuffer sendBuf; /*xmitBufLock*/
+
+ PRIPv6Addr peer;
+ unsigned short port;
+
+ sslSessionID *sid;
+};
+
+/* Note: The entire content of this struct and whatever it points to gets
+ * blown away by SSL_ResetHandshake(). This is "sec" as in "ss->sec".
+ *
+ * Unless otherwise specified below, the contents of this struct are
+ * protected by firstHandshakeLock AND ssl3HandshakeLock.
+ */
+struct sslSecurityInfoStr {
+
+#define SSL_ROLE(ss) (ss->sec.isServer ? "server" : "client")
+
+ PRBool isServer;
+ sslBuffer writeBuf; /*xmitBufLock*/
+
+ CERTCertificate *localCert;
+ CERTCertificate *peerCert;
+ SECKEYPublicKey *peerKey;
+
+ SSLAuthType authType;
+ PRUint32 authKeyBits;
+ SSLSignatureScheme signatureScheme;
+ SSLKEAType keaType;
+ PRUint32 keaKeyBits;
+ const sslNamedGroupDef *keaGroup;
+ /* The selected certificate (for servers only). */
+ const sslServerCert *serverCert;
+
+ /*
+ ** Procs used for SID cache (nonce) management.
+ ** Different implementations exist for clients/servers
+ ** The lookup proc is only used for servers. Baloney!
+ */
+ sslSessionIDCacheFunc cache;
+ sslSessionIDUncacheFunc uncache;
+
+ /* These are used during a connection handshake */
+ sslConnectInfo ci;
+};
+
+/*
+** SSL Socket struct
+**
+** Protection: XXX
+*/
+struct sslSocketStr {
+ PRFileDesc *fd;
+
+ /* Pointer to operations vector for this socket */
+ const sslSocketOps *ops;
+
+ /* SSL socket options */
+ sslOptions opt;
+ /* Enabled version range */
+ SSLVersionRange vrange;
+
+ /* State flags */
+ unsigned long clientAuthRequested;
+ unsigned long delayDisabled; /* Nagle delay disabled */
+ unsigned long firstHsDone; /* first handshake is complete. */
+ unsigned long enoughFirstHsDone; /* enough of the first handshake is
+ * done for callbacks to be able to
+ * retrieve channel security
+ * parameters from the SSL socket. */
+ unsigned long handshakeBegun;
+ unsigned long lastWriteBlocked;
+ unsigned long recvdCloseNotify; /* received SSL EOF. */
+ unsigned long TCPconnected;
+ unsigned long appDataBuffered;
+ unsigned long peerRequestedProtection; /* from old renegotiation */
+
+ /* version of the protocol to use */
+ SSL3ProtocolVersion version;
+ SSL3ProtocolVersion clientHelloVersion; /* version sent in client hello. */
+
+ sslSecurityInfo sec; /* not a pointer any more */
+
+ /* protected by firstHandshakeLock AND ssl3HandshakeLock. */
+ const char *url;
+
+ sslHandshakeFunc handshake; /*firstHandshakeLock*/
+
+ /* the following variable is only used with socks or other proxies. */
+ char *peerID; /* String uniquely identifies target server. */
+
+ /* ECDHE and DHE keys: In TLS 1.3, we might have to maintain multiple of
+ * these on the client side. The server inserts a single value into this
+ * list for all versions. */
+ PRCList /*<sslEphemeralKeyPair>*/ ephemeralKeyPairs;
+
+ /* Callbacks */
+ SSLAuthCertificate authCertificate;
+ void *authCertificateArg;
+ SSLGetClientAuthData getClientAuthData;
+ void *getClientAuthDataArg;
+ SSLSNISocketConfig sniSocketConfig;
+ void *sniSocketConfigArg;
+ SSLBadCertHandler handleBadCert;
+ void *badCertArg;
+ SSLHandshakeCallback handshakeCallback;
+ void *handshakeCallbackData;
+ SSLCanFalseStartCallback canFalseStartCallback;
+ void *canFalseStartCallbackData;
+ void *pkcs11PinArg;
+ SSLNextProtoCallback nextProtoCallback;
+ void *nextProtoArg;
+
+ PRIntervalTime rTimeout; /* timeout for NSPR I/O */
+ PRIntervalTime wTimeout; /* timeout for NSPR I/O */
+ PRIntervalTime cTimeout; /* timeout for NSPR I/O */
+
+ PZLock *recvLock; /* lock against multiple reader threads. */
+ PZLock *sendLock; /* lock against multiple sender threads. */
+
+ PZMonitor *recvBufLock; /* locks low level recv buffers. */
+ PZMonitor *xmitBufLock; /* locks low level xmit buffers. */
+
+ /* Only one thread may operate on the socket until the initial handshake
+ ** is complete. This Monitor ensures that. Since SSL2 handshake is
+ ** only done once, this is also effectively the SSL2 handshake lock.
+ */
+ PZMonitor *firstHandshakeLock;
+
+ /* This monitor protects the ssl3 handshake state machine data.
+ ** Only one thread (reader or writer) may be in the ssl3 handshake state
+ ** machine at any time. */
+ PZMonitor *ssl3HandshakeLock;
+
+ /* reader/writer lock, protects the secret data needed to encrypt and MAC
+ ** outgoing records, and to decrypt and MAC check incoming ciphertext
+ ** records. */
+ NSSRWLock *specLock;
+
+ /* handle to perm cert db (and implicitly to the temp cert db) used
+ ** with this socket.
+ */
+ CERTCertDBHandle *dbHandle;
+
+ PRThread *writerThread; /* thread holds SSL_LOCK_WRITER lock */
+
+ PRUint16 shutdownHow; /* See ssl_SHUTDOWN defines below. */
+
+ sslHandshakingType handshaking;
+
+ /* Gather object used for gathering data */
+ sslGather gs; /*recvBufLock*/
+
+ sslBuffer saveBuf; /*xmitBufLock*/
+ sslBuffer pendingBuf; /*xmitBufLock*/
+
+ /* Configuration state for server sockets */
+ /* One server cert and key for each authentication type. */
+ PRCList /* <sslServerCert> */ serverCerts;
+
+ ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED];
+
+ /* A list of groups that are sorted according to user preferences pointing
+ * to entries of ssl_named_groups. By default this list contains pointers
+ * to all elements in ssl_named_groups in the default order.
+ * This list also determines which groups are enabled. This
+ * starts with all being enabled and can be modified either by negotiation
+ * (in which case groups not supported by a peer are masked off), or by
+ * calling SSL_DHEGroupPrefSet().
+ * Note that renegotiation will ignore groups that were disabled in the
+ * first handshake.
+ */
+ const sslNamedGroupDef *namedGroupPreferences[SSL_NAMED_GROUP_COUNT];
+ /* The number of additional shares to generate for the TLS 1.3 ClientHello */
+ unsigned int additionalShares;
+
+ /* SSL3 state info. Formerly was a pointer */
+ ssl3State ssl3;
+
+ /*
+ * TLS extension related data.
+ */
+ /* True when the current session is a stateless resume. */
+ PRBool statelessResume;
+ TLSExtensionData xtnData;
+
+ /* Whether we are doing stream or datagram mode */
+ SSLProtocolVariant protocolVariant;
+};
+
+/* All the global data items declared here should be protected using the
+** ssl_global_data_lock, which is a reader/writer lock.
+*/
+extern NSSRWLock *ssl_global_data_lock;
+extern char ssl_debug;
+extern char ssl_trace;
+extern FILE *ssl_trace_iob;
+extern FILE *ssl_keylog_iob;
+extern CERTDistNames *ssl3_server_ca_list;
+extern PRUint32 ssl_sid_timeout;
+extern PRUint32 ssl3_sid_timeout;
+
+extern const char *const ssl3_cipherName[];
+
+extern sslSessionIDLookupFunc ssl_sid_lookup;
+extern sslSessionIDCacheFunc ssl_sid_cache;
+extern sslSessionIDUncacheFunc ssl_sid_uncache;
+
+extern const sslNamedGroupDef ssl_named_groups[];
+
+/************************************************************************/
+
+SEC_BEGIN_PROTOS
+
+/* Internal initialization and installation of the SSL error tables */
+extern SECStatus ssl_Init(void);
+extern SECStatus ssl_InitializePRErrorTable(void);
+
+/* Implementation of ops for default (non socks, non secure) case */
+extern int ssl_DefConnect(sslSocket *ss, const PRNetAddr *addr);
+extern PRFileDesc *ssl_DefAccept(sslSocket *ss, PRNetAddr *addr);
+extern int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr);
+extern int ssl_DefListen(sslSocket *ss, int backlog);
+extern int ssl_DefShutdown(sslSocket *ss, int how);
+extern int ssl_DefClose(sslSocket *ss);
+extern int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
+extern int ssl_DefSend(sslSocket *ss, const unsigned char *buf,
+ int len, int flags);
+extern int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len);
+extern int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len);
+extern int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name);
+extern int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name);
+extern int ssl_DefGetsockopt(sslSocket *ss, PRSockOption optname,
+ void *optval, PRInt32 *optlen);
+extern int ssl_DefSetsockopt(sslSocket *ss, PRSockOption optname,
+ const void *optval, PRInt32 optlen);
+
+/* Implementation of ops for socks only case */
+extern int ssl_SocksConnect(sslSocket *ss, const PRNetAddr *addr);
+extern PRFileDesc *ssl_SocksAccept(sslSocket *ss, PRNetAddr *addr);
+extern int ssl_SocksBind(sslSocket *ss, const PRNetAddr *addr);
+extern int ssl_SocksListen(sslSocket *ss, int backlog);
+extern int ssl_SocksGetsockname(sslSocket *ss, PRNetAddr *name);
+extern int ssl_SocksRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
+extern int ssl_SocksSend(sslSocket *ss, const unsigned char *buf,
+ int len, int flags);
+extern int ssl_SocksRead(sslSocket *ss, unsigned char *buf, int len);
+extern int ssl_SocksWrite(sslSocket *ss, const unsigned char *buf, int len);
+
+/* Implementation of ops for secure only case */
+extern int ssl_SecureConnect(sslSocket *ss, const PRNetAddr *addr);
+extern PRFileDesc *ssl_SecureAccept(sslSocket *ss, PRNetAddr *addr);
+extern int ssl_SecureRecv(sslSocket *ss, unsigned char *buf,
+ int len, int flags);
+extern int ssl_SecureSend(sslSocket *ss, const unsigned char *buf,
+ int len, int flags);
+extern int ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len);
+extern int ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len);
+extern int ssl_SecureShutdown(sslSocket *ss, int how);
+extern int ssl_SecureClose(sslSocket *ss);
+
+/* Implementation of ops for secure socks case */
+extern int ssl_SecureSocksConnect(sslSocket *ss, const PRNetAddr *addr);
+extern PRFileDesc *ssl_SecureSocksAccept(sslSocket *ss, PRNetAddr *addr);
+extern PRFileDesc *ssl_FindTop(sslSocket *ss);
+
+/* Gather funcs. */
+extern sslGather *ssl_NewGather(void);
+extern SECStatus ssl3_InitGather(sslGather *gs);
+extern void ssl3_DestroyGather(sslGather *gs);
+extern SECStatus ssl_GatherRecord1stHandshake(sslSocket *ss);
+
+extern SECStatus ssl_CreateSecurityInfo(sslSocket *ss);
+extern SECStatus ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os);
+extern void ssl_ResetSecurityInfo(sslSecurityInfo *sec, PRBool doMemset);
+extern void ssl_DestroySecurityInfo(sslSecurityInfo *sec);
+
+extern void ssl_PrintBuf(const sslSocket *ss, const char *msg, const void *cp,
+ int len);
+extern void ssl_PrintKey(const sslSocket *ss, const char *msg, PK11SymKey *key);
+
+extern int ssl_SendSavedWriteData(sslSocket *ss);
+extern SECStatus ssl_SaveWriteData(sslSocket *ss,
+ const void *p, unsigned int l);
+extern SECStatus ssl_BeginClientHandshake(sslSocket *ss);
+extern SECStatus ssl_BeginServerHandshake(sslSocket *ss);
+extern int ssl_Do1stHandshake(sslSocket *ss);
+
+extern SECStatus sslBuffer_Grow(sslBuffer *b, unsigned int newLen);
+extern SECStatus sslBuffer_Append(sslBuffer *b, const void *data,
+ unsigned int len);
+extern void sslBuffer_Clear(sslBuffer *b);
+
+extern void ssl_ChooseSessionIDProcs(sslSecurityInfo *sec);
+
+extern void ssl3_InitCipherSpec(ssl3CipherSpec *spec);
+extern sslSessionID *ssl3_NewSessionID(sslSocket *ss, PRBool is_server);
+extern sslSessionID *ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port,
+ const char *peerID, const char *urlSvrName);
+extern void ssl_FreeSID(sslSessionID *sid);
+
+extern int ssl3_SendApplicationData(sslSocket *ss, const PRUint8 *in,
+ int len, int flags);
+
+extern PRBool ssl_FdIsBlocking(PRFileDesc *fd);
+
+extern PRBool ssl_SocketIsBlocking(sslSocket *ss);
+
+extern void ssl3_SetAlwaysBlock(sslSocket *ss);
+
+extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
+
+extern void ssl_FinishHandshake(sslSocket *ss);
+
+extern SECStatus ssl_CipherPolicySet(PRInt32 which, PRInt32 policy);
+
+extern SECStatus ssl_CipherPrefSetDefault(PRInt32 which, PRBool enabled);
+
+extern SECStatus ssl3_ConstrainRangeByPolicy(void);
+
+extern SECStatus ssl3_InitState(sslSocket *ss);
+extern SECStatus ssl3_RestartHandshakeHashes(sslSocket *ss);
+extern SECStatus ssl3_UpdateHandshakeHashes(sslSocket *ss,
+ const unsigned char *b,
+ unsigned int l);
+
+/* Returns PR_TRUE if we are still waiting for the server to complete its
+ * response to our client second round. Once we've received the Finished from
+ * the server then there is no need to check false start.
+ */
+extern PRBool ssl3_WaitingForServerSecondRound(sslSocket *ss);
+
+extern PRInt32 ssl3_SendRecord(sslSocket *ss, ssl3CipherSpec *cwSpec,
+ SSL3ContentType type,
+ const SSL3Opaque *pIn, PRInt32 nIn,
+ PRInt32 flags);
+
+#ifdef NSS_SSL_ENABLE_ZLIB
+/*
+ * The DEFLATE algorithm can result in an expansion of 0.1% + 12 bytes. For a
+ * maximum TLS record payload of 2**14 bytes, that's 29 bytes.
+ */
+#define SSL3_COMPRESSION_MAX_EXPANSION 29
+#else /* !NSS_SSL_ENABLE_ZLIB */
+#define SSL3_COMPRESSION_MAX_EXPANSION 0
+#endif
+
+/*
+ * make sure there is room in the write buffer for padding and
+ * other compression and cryptographic expansions.
+ */
+#define SSL3_BUFFER_FUDGE 100 + SSL3_COMPRESSION_MAX_EXPANSION
+
+#define SSL_LOCK_READER(ss) \
+ if (ss->recvLock) \
+ PZ_Lock(ss->recvLock)
+#define SSL_UNLOCK_READER(ss) \
+ if (ss->recvLock) \
+ PZ_Unlock(ss->recvLock)
+#define SSL_LOCK_WRITER(ss) \
+ if (ss->sendLock) \
+ PZ_Lock(ss->sendLock)
+#define SSL_UNLOCK_WRITER(ss) \
+ if (ss->sendLock) \
+ PZ_Unlock(ss->sendLock)
+
+/* firstHandshakeLock -> recvBufLock */
+#define ssl_Get1stHandshakeLock(ss) \
+ { \
+ if (!ss->opt.noLocks) { \
+ PORT_Assert(PZ_InMonitor((ss)->firstHandshakeLock) || \
+ !ssl_HaveRecvBufLock(ss)); \
+ PZ_EnterMonitor((ss)->firstHandshakeLock); \
+ } \
+ }
+#define ssl_Release1stHandshakeLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ PZ_ExitMonitor((ss)->firstHandshakeLock); \
+ }
+#define ssl_Have1stHandshakeLock(ss) \
+ (PZ_InMonitor((ss)->firstHandshakeLock))
+
+/* ssl3HandshakeLock -> xmitBufLock */
+#define ssl_GetSSL3HandshakeLock(ss) \
+ { \
+ if (!ss->opt.noLocks) { \
+ PORT_Assert(!ssl_HaveXmitBufLock(ss)); \
+ PZ_EnterMonitor((ss)->ssl3HandshakeLock); \
+ } \
+ }
+#define ssl_ReleaseSSL3HandshakeLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ PZ_ExitMonitor((ss)->ssl3HandshakeLock); \
+ }
+#define ssl_HaveSSL3HandshakeLock(ss) \
+ (PZ_InMonitor((ss)->ssl3HandshakeLock))
+
+#define ssl_GetSpecReadLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ NSSRWLock_LockRead((ss)->specLock); \
+ }
+#define ssl_ReleaseSpecReadLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ NSSRWLock_UnlockRead((ss)->specLock); \
+ }
+/* NSSRWLock_HaveReadLock is not exported so there's no
+ * ssl_HaveSpecReadLock macro. */
+
+#define ssl_GetSpecWriteLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ NSSRWLock_LockWrite((ss)->specLock); \
+ }
+#define ssl_ReleaseSpecWriteLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ NSSRWLock_UnlockWrite((ss)->specLock); \
+ }
+#define ssl_HaveSpecWriteLock(ss) \
+ (NSSRWLock_HaveWriteLock((ss)->specLock))
+
+/* recvBufLock -> ssl3HandshakeLock -> xmitBufLock */
+#define ssl_GetRecvBufLock(ss) \
+ { \
+ if (!ss->opt.noLocks) { \
+ PORT_Assert(!ssl_HaveSSL3HandshakeLock(ss)); \
+ PORT_Assert(!ssl_HaveXmitBufLock(ss)); \
+ PZ_EnterMonitor((ss)->recvBufLock); \
+ } \
+ }
+#define ssl_ReleaseRecvBufLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ PZ_ExitMonitor((ss)->recvBufLock); \
+ }
+#define ssl_HaveRecvBufLock(ss) \
+ (PZ_InMonitor((ss)->recvBufLock))
+
+/* xmitBufLock -> specLock */
+#define ssl_GetXmitBufLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ PZ_EnterMonitor((ss)->xmitBufLock); \
+ }
+#define ssl_ReleaseXmitBufLock(ss) \
+ { \
+ if (!ss->opt.noLocks) \
+ PZ_ExitMonitor((ss)->xmitBufLock); \
+ }
+#define ssl_HaveXmitBufLock(ss) \
+ (PZ_InMonitor((ss)->xmitBufLock))
+
+/* Placeholder value used in version ranges when SSL 3.0 and all
+ * versions of TLS are disabled.
+ */
+#define SSL_LIBRARY_VERSION_NONE 0
+
+/* SSL_LIBRARY_VERSION_MAX_SUPPORTED is the maximum version that this version
+ * of libssl supports. Applications should use SSL_VersionRangeGetSupported at
+ * runtime to determine which versions are supported by the version of libssl
+ * in use.
+ */
+#ifndef NSS_DISABLE_TLS_1_3
+#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_3
+#else
+#define SSL_LIBRARY_VERSION_MAX_SUPPORTED SSL_LIBRARY_VERSION_TLS_1_2
+#endif
+
+#define SSL_ALL_VERSIONS_DISABLED(vrange) \
+ ((vrange)->min == SSL_LIBRARY_VERSION_NONE)
+
+extern PRBool ssl3_VersionIsSupported(SSLProtocolVariant protocolVariant,
+ SSL3ProtocolVersion version);
+
+/* These functions are called from secnav, even though they're "private". */
+
+extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss,
+ CERTCertificate *cert,
+ SECKEYPrivateKey *key,
+ CERTCertificateList *certChain);
+extern sslSocket *ssl_FindSocket(PRFileDesc *fd);
+extern void ssl_FreeSocket(struct sslSocketStr *ssl);
+extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level,
+ SSL3AlertDescription desc);
+extern SECStatus ssl3_DecodeError(sslSocket *ss);
+
+extern SECStatus ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error);
+
+/*
+ * for dealing with SSL 3.0 clients sending SSL 2.0 format hellos
+ */
+extern SECStatus ssl3_HandleV2ClientHello(
+ sslSocket *ss, unsigned char *buffer, int length, PRUint8 padding);
+
+SECStatus ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type);
+
+/*
+ * input into the SSL3 machinery from the actualy network reading code
+ */
+SECStatus ssl3_HandleRecord(
+ sslSocket *ss, SSL3Ciphertext *cipher, sslBuffer *out);
+SECStatus ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize);
+
+int ssl3_GatherAppDataRecord(sslSocket *ss, int flags);
+int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags);
+
+/* Create a new ref counted key pair object from two keys. */
+extern sslKeyPair *ssl_NewKeyPair(SECKEYPrivateKey *privKey,
+ SECKEYPublicKey *pubKey);
+
+/* get a new reference (bump ref count) to an ssl3KeyPair. */
+extern sslKeyPair *ssl_GetKeyPairRef(sslKeyPair *keyPair);
+
+/* Decrement keypair's ref count and free if zero. */
+extern void ssl_FreeKeyPair(sslKeyPair *keyPair);
+
+extern sslEphemeralKeyPair *ssl_NewEphemeralKeyPair(
+ const sslNamedGroupDef *group,
+ SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey);
+extern sslEphemeralKeyPair *ssl_CopyEphemeralKeyPair(
+ sslEphemeralKeyPair *keyPair);
+extern void ssl_FreeEphemeralKeyPair(sslEphemeralKeyPair *keyPair);
+extern sslEphemeralKeyPair *ssl_LookupEphemeralKeyPair(
+ sslSocket *ss, const sslNamedGroupDef *groupDef);
+extern PRBool ssl_HaveEphemeralKeyPair(const sslSocket *ss,
+ const sslNamedGroupDef *groupDef);
+extern void ssl_FreeEphemeralKeyPairs(sslSocket *ss);
+
+extern SECStatus ssl_AppendPaddedDHKeyShare(const sslSocket *ss,
+ const SECKEYPublicKey *pubKey,
+ PRBool appendLength);
+extern const ssl3DHParams *ssl_GetDHEParams(const sslNamedGroupDef *groupDef);
+extern SECStatus ssl_SelectDHEGroup(sslSocket *ss,
+ const sslNamedGroupDef **groupDef);
+extern SECStatus ssl_CreateDHEKeyPair(const sslNamedGroupDef *groupDef,
+ const ssl3DHParams *params,
+ sslEphemeralKeyPair **keyPair);
+extern PRBool ssl_IsValidDHEShare(const SECItem *dh_p, const SECItem *dh_Ys);
+extern SECStatus ssl_ValidateDHENamedGroup(sslSocket *ss,
+ const SECItem *dh_p,
+ const SECItem *dh_g,
+ const sslNamedGroupDef **groupDef,
+ const ssl3DHParams **dhParams);
+
+extern PRBool ssl_IsECCEnabled(const sslSocket *ss);
+extern PRBool ssl_IsDHEEnabled(const sslSocket *ss);
+
+/* Macro for finding a curve equivalent in strength to RSA key's */
+#define SSL_RSASTRENGTH_TO_ECSTRENGTH(s) \
+ ((s <= 1024) ? 160 \
+ : ((s <= 2048) ? 224 \
+ : ((s <= 3072) ? 256 \
+ : ((s <= 7168) ? 384 \
+ : 521))))
+
+extern const sslNamedGroupDef *ssl_LookupNamedGroup(SSLNamedGroup group);
+extern PRBool ssl_NamedGroupEnabled(const sslSocket *ss, const sslNamedGroupDef *group);
+extern SECStatus ssl_NamedGroup2ECParams(PLArenaPool *arena,
+ const sslNamedGroupDef *curve,
+ SECKEYECParams *params);
+extern const sslNamedGroupDef *ssl_ECPubKey2NamedGroup(
+ const SECKEYPublicKey *pubKey);
+
+extern const sslNamedGroupDef *ssl_GetECGroupForServerSocket(sslSocket *ss);
+extern void ssl_FilterSupportedGroups(sslSocket *ss);
+
+extern SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool on);
+extern SECStatus ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *on);
+
+extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool on);
+extern SECStatus ssl3_CipherPrefGet(const sslSocket *ss, ssl3CipherSuite which, PRBool *on);
+
+extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy);
+extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy);
+
+extern void ssl3_InitSocketPolicy(sslSocket *ss);
+
+extern SECStatus ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache);
+extern SECStatus ssl3_HandleHandshakeMessage(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length,
+ PRBool endOfRecord);
+
+extern void ssl3_DestroySSL3Info(sslSocket *ss);
+
+extern SECStatus ssl_ClientReadVersion(sslSocket *ss, SSL3Opaque **b,
+ PRUint32 *length,
+ SSL3ProtocolVersion *version);
+extern SECStatus ssl3_NegotiateVersion(sslSocket *ss,
+ SSL3ProtocolVersion peerVersion,
+ PRBool allowLargerPeerVersion);
+
+extern SECStatus ssl_GetPeerInfo(sslSocket *ss);
+
+/* ECDH functions */
+extern SECStatus ssl3_SendECDHClientKeyExchange(sslSocket *ss,
+ SECKEYPublicKey *svrPubKey);
+extern SECStatus ssl3_HandleECDHServerKeyExchange(sslSocket *ss,
+ SSL3Opaque *b, PRUint32 length);
+extern SECStatus ssl3_HandleECDHClientKeyExchange(sslSocket *ss,
+ SSL3Opaque *b, PRUint32 length,
+ sslKeyPair *serverKeys);
+extern SECStatus ssl3_SendECDHServerKeyExchange(sslSocket *ss);
+extern SECStatus ssl_ImportECDHKeyShare(
+ sslSocket *ss, SECKEYPublicKey *peerKey,
+ SSL3Opaque *b, PRUint32 length, const sslNamedGroupDef *curve);
+unsigned int tls13_SizeOfECDHEKeyShareKEX(const SECKEYPublicKey *pubKey);
+SECStatus tls13_EncodeECDHEKeyShareKEX(const sslSocket *ss,
+ const SECKEYPublicKey *pubKey);
+
+extern SECStatus ssl3_ComputeCommonKeyHash(SSLHashType hashAlg,
+ PRUint8 *hashBuf,
+ unsigned int bufLen,
+ SSL3Hashes *hashes);
+extern void ssl3_DestroyCipherSpec(ssl3CipherSpec *spec, PRBool freeSrvName);
+extern SECStatus ssl3_InitPendingCipherSpec(sslSocket *ss, PK11SymKey *pms);
+extern SECStatus ssl3_AppendHandshake(sslSocket *ss, const void *void_src,
+ PRInt32 bytes);
+extern SECStatus ssl3_AppendHandshakeHeader(sslSocket *ss,
+ SSL3HandshakeType t, PRUint32 length);
+extern SECStatus ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num,
+ PRInt32 lenSize);
+extern SECStatus ssl3_AppendHandshakeVariable(sslSocket *ss,
+ const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize);
+extern SECStatus ssl3_AppendSignatureAndHashAlgorithm(
+ sslSocket *ss, const SSLSignatureAndHashAlg *sigAndHash);
+extern SECStatus ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length);
+extern PRInt32 ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes,
+ SSL3Opaque **b, PRUint32 *length);
+extern SECStatus ssl3_ConsumeHandshakeVariable(sslSocket *ss, SECItem *i,
+ PRInt32 bytes, SSL3Opaque **b,
+ PRUint32 *length);
+extern PRUint8 *ssl_EncodeUintX(PRUint64 value, unsigned int bytes,
+ PRUint8 *to);
+extern PRBool ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme);
+extern SECStatus ssl_CheckSignatureSchemeConsistency(
+ sslSocket *ss, SSLSignatureScheme scheme, CERTCertificate *cert);
+extern SECStatus ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
+ SSLSignatureScheme **schemesOut,
+ unsigned int *numSchemesOut,
+ unsigned char **b,
+ unsigned int *len);
+extern SECStatus ssl_ConsumeSignatureScheme(
+ sslSocket *ss, SSL3Opaque **b, PRUint32 *length, SSLSignatureScheme *out);
+extern SECStatus ssl3_SignHashes(sslSocket *ss, SSL3Hashes *hash,
+ SECKEYPrivateKey *key, SECItem *buf);
+extern SECStatus ssl3_VerifySignedHashes(sslSocket *ss, SSLSignatureScheme scheme,
+ SSL3Hashes *hash, SECItem *buf);
+extern SECStatus ssl3_CacheWrappedMasterSecret(
+ sslSocket *ss, sslSessionID *sid,
+ ssl3CipherSpec *spec, SSLAuthType authType);
+extern void ssl3_FreeSniNameArray(TLSExtensionData *xtnData);
+
+/* Hello Extension related routines. */
+extern void ssl3_SetSIDSessionTicket(sslSessionID *sid,
+ /*in/out*/ NewSessionTicket *session_ticket);
+SECStatus ssl3_EncodeSessionTicket(sslSocket *ss,
+ const NewSessionTicket *ticket_input,
+ SECItem *ticket_data);
+extern PRBool ssl_GetSessionTicketKeys(SECKEYPrivateKey *svrPrivKey,
+ SECKEYPublicKey *svrPubKey, void *pwArg,
+ unsigned char *keyName, PK11SymKey **aesKey,
+ PK11SymKey **macKey);
+extern SECStatus ssl3_SessionTicketShutdown(void *appData, void *nssData);
+
+/* Tell clients to consider tickets valid for this long. */
+#define TLS_EX_SESS_TICKET_LIFETIME_HINT (2 * 24 * 60 * 60) /* 2 days */
+#define TLS_EX_SESS_TICKET_VERSION (0x0103)
+
+extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char *data,
+ unsigned int length);
+
+/* Construct a new NSPR socket for the app to use */
+extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd);
+extern void ssl_FreePRSocket(PRFileDesc *fd);
+
+/* Internal config function so SSL3 can initialize the present state of
+ * various ciphers */
+extern int ssl3_config_match_init(sslSocket *);
+
+/* calls for accessing wrapping keys across processes. */
+extern PRBool
+ssl_GetWrappingKey(PRInt32 symWrapMechIndex, SSLAuthType authType,
+ SSLWrappedSymWrappingKey *wswk);
+
+/* The caller passes in the new value it wants
+ * to set. This code tests the wrapped sym key entry in the file on disk.
+ * If it is uninitialized, this function writes the caller's value into
+ * the disk entry, and returns false.
+ * Otherwise, it overwrites the caller's wswk with the value obtained from
+ * the disk, and returns PR_TRUE.
+ * This is all done while holding the locks/semaphores necessary to make
+ * the operation atomic.
+ */
+extern PRBool
+ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk);
+
+/* get rid of the symmetric wrapping key references. */
+extern SECStatus SSL3_ShutdownServerCache(void);
+
+extern SECStatus ssl_InitSymWrapKeysLock(void);
+
+extern SECStatus ssl_FreeSymWrapKeysLock(void);
+
+extern SECStatus ssl_InitSessionCacheLocks(PRBool lazyInit);
+
+extern SECStatus ssl_FreeSessionCacheLocks(void);
+
+/**************** DTLS-specific functions **************/
+extern void dtls_FreeHandshakeMessage(DTLSQueuedMessage *msg);
+extern void dtls_FreeHandshakeMessages(PRCList *lst);
+
+extern SECStatus dtls_HandleHandshake(sslSocket *ss, sslBuffer *origBuf);
+extern SECStatus dtls_HandleHelloVerifyRequest(sslSocket *ss,
+ SSL3Opaque *b, PRUint32 length);
+extern SECStatus dtls_StageHandshakeMessage(sslSocket *ss);
+extern SECStatus dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
+ const SSL3Opaque *pIn, PRInt32 nIn);
+extern SECStatus dtls_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags);
+SECStatus ssl3_DisableNonDTLSSuites(sslSocket *ss);
+extern SECStatus dtls_StartHolddownTimer(sslSocket *ss);
+extern void dtls_CheckTimer(sslSocket *ss);
+extern void dtls_CancelTimer(sslSocket *ss);
+extern void dtls_SetMTU(sslSocket *ss, PRUint16 advertised);
+extern void dtls_InitRecvdRecords(DTLSRecvdRecords *records);
+extern int dtls_RecordGetRecvd(const DTLSRecvdRecords *records,
+ sslSequenceNumber seq);
+extern void dtls_RecordSetRecvd(DTLSRecvdRecords *records,
+ sslSequenceNumber seq);
+extern void dtls_RehandshakeCleanup(sslSocket *ss);
+extern SSL3ProtocolVersion
+dtls_TLSVersionToDTLSVersion(SSL3ProtocolVersion tlsv);
+extern SSL3ProtocolVersion
+dtls_DTLSVersionToTLSVersion(SSL3ProtocolVersion dtlsv);
+extern PRBool dtls_IsRelevant(sslSocket *ss, const SSL3Ciphertext *cText,
+ PRBool *sameEpoch, PRUint64 *seqNum);
+extern SECStatus dtls_MaybeRetransmitHandshake(sslSocket *ss,
+ const SSL3Ciphertext *cText,
+ PRBool sameEpoch);
+
+CK_MECHANISM_TYPE ssl3_Alg2Mech(SSLCipherAlgorithm calg);
+SECStatus ssl3_NegotiateCipherSuite(sslSocket *ss, const SECItem *suites,
+ PRBool initHashes);
+SECStatus ssl3_InitHandshakeHashes(sslSocket *ss);
+SECStatus ssl3_ServerCallSNICallback(sslSocket *ss);
+SECStatus ssl3_SetupPendingCipherSpec(sslSocket *ss);
+SECStatus ssl3_FlushHandshake(sslSocket *ss, PRInt32 flags);
+SECStatus ssl3_CompleteHandleCertificate(sslSocket *ss,
+ SSL3Opaque *b, PRUint32 length);
+void ssl3_SendAlertForCertError(sslSocket *ss, PRErrorCode errCode);
+SECStatus ssl3_HandleNoCertificate(sslSocket *ss);
+SECStatus ssl3_SendEmptyCertificate(sslSocket *ss);
+void ssl3_CleanupPeerCerts(sslSocket *ss);
+SECStatus ssl3_SendCertificateStatus(sslSocket *ss);
+SECStatus ssl3_AuthCertificate(sslSocket *ss);
+SECStatus ssl_ReadCertificateStatus(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length);
+SECStatus ssl3_EncodeSigAlgs(const sslSocket *ss, PRUint8 *buf,
+ unsigned maxLen, PRUint32 *len);
+void ssl3_GetCertificateRequestCAs(sslSocket *ss, int *calenp, SECItem **namesp,
+ int *nnamesp);
+SECStatus ssl3_ParseCertificateRequestCAs(sslSocket *ss, SSL3Opaque **b,
+ PRUint32 *length, PLArenaPool *arena,
+ CERTDistNames *ca_list);
+SECStatus ssl3_CompleteHandleCertificateRequest(
+ sslSocket *ss, const SSLSignatureScheme *signatureSchemes,
+ unsigned int signatureSchemeCount, CERTDistNames *ca_list);
+SECStatus ssl3_SendServerHello(sslSocket *ss);
+SECStatus ssl3_ComputeHandshakeHashes(sslSocket *ss,
+ ssl3CipherSpec *spec,
+ SSL3Hashes *hashes,
+ PRUint32 sender);
+SECStatus ssl_CreateECDHEphemeralKeyPair(const sslSocket *ss,
+ const sslNamedGroupDef *ecGroup,
+ sslEphemeralKeyPair **keyPair);
+SECStatus ssl_CreateStaticECDHEKey(sslSocket *ss,
+ const sslNamedGroupDef *ecGroup);
+SECStatus ssl3_FlushHandshake(sslSocket *ss, PRInt32 flags);
+PK11SymKey *ssl3_GetWrappingKey(sslSocket *ss,
+ PK11SlotInfo *masterSecretSlot,
+ const sslServerCert *serverCert,
+ CK_MECHANISM_TYPE masterWrapMech,
+ void *pwArg);
+SECStatus ssl3_FillInCachedSID(sslSocket *ss, sslSessionID *sid);
+const ssl3CipherSuiteDef *ssl_LookupCipherSuiteDef(ssl3CipherSuite suite);
+const ssl3BulkCipherDef *
+ssl_GetBulkCipherDef(const ssl3CipherSuiteDef *cipher_def);
+SECStatus ssl3_SelectServerCert(sslSocket *ss);
+SECStatus ssl_PickSignatureScheme(sslSocket *ss,
+ SECKEYPublicKey *pubKey,
+ SECKEYPrivateKey *privKey,
+ const SSLSignatureScheme *peerSchemes,
+ unsigned int peerSchemeCount,
+ PRBool requireSha1);
+SECOidTag ssl3_HashTypeToOID(SSLHashType hashType);
+SSLHashType ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme);
+KeyType ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme);
+
+SECStatus ssl3_SetCipherSuite(sslSocket *ss, ssl3CipherSuite chosenSuite,
+ PRBool initHashes);
+
+/* Pull in TLS 1.3 functions */
+#include "tls13con.h"
+
+/********************** misc calls *********************/
+
+#ifdef DEBUG
+extern void ssl3_CheckCipherSuiteOrderConsistency();
+#endif
+
+extern int ssl_MapLowLevelError(int hiLevelError);
+
+extern PRUint32 ssl_Time(void);
+
+extern void SSL_AtomicIncrementLong(long *x);
+
+SECStatus ssl3_ApplyNSSPolicy(void);
+
+extern HASH_HashType
+ssl3_GetTls12HashType(sslSocket *ss);
+
+extern SECStatus
+ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec,
+ const char *label, unsigned int labelLen,
+ const unsigned char *val, unsigned int valLen,
+ unsigned char *out, unsigned int outLen,
+ HASH_HashType tls12HashType);
+
+#ifdef TRACE
+#define SSL_TRACE(msg) ssl_Trace msg
+#else
+#define SSL_TRACE(msg)
+#endif
+
+void ssl_Trace(const char *format, ...);
+
+SEC_END_PROTOS
+
+#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
+#define SSL_GETPID getpid
+#elif defined(WIN32)
+extern int __cdecl _getpid(void);
+#define SSL_GETPID _getpid
+#else
+#define SSL_GETPID() 0
+#endif
+
+#endif /* __sslimpl_h_ */
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
new file mode 100644
index 000000000..665109d65
--- /dev/null
+++ b/security/nss/lib/ssl/sslinfo.c
@@ -0,0 +1,493 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "tls13hkdf.h"
+
+static const char *
+ssl_GetCompressionMethodName(SSLCompressionMethod compression)
+{
+ switch (compression) {
+ case ssl_compression_null:
+ return "NULL";
+#ifdef NSS_ENABLE_ZLIB
+ case ssl_compression_deflate:
+ return "DEFLATE";
+#endif
+ default:
+ return "???";
+ }
+}
+
+SECStatus
+SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
+{
+ sslSocket *ss;
+ SSLChannelInfo inf;
+ sslSessionID *sid;
+
+ /* Check if we can properly return the length of data written and that
+ * we're not asked to return more information than we know how to provide.
+ */
+ if (!info || len < sizeof inf.length || len > sizeof inf) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ memset(&inf, 0, sizeof inf);
+ inf.length = PR_MIN(sizeof inf, len);
+
+ if (ss->opt.useSecurity && ss->enoughFirstHsDone) {
+ sid = ss->sec.ci.sid;
+ inf.protocolVersion = ss->version;
+ inf.authKeyBits = ss->sec.authKeyBits;
+ inf.keaKeyBits = ss->sec.keaKeyBits;
+ if (ss->ssl3.initialized) {
+ SSLCipherSuiteInfo cinfo;
+ SECStatus rv;
+
+ ssl_GetSpecReadLock(ss);
+ /* XXX The cipher suite should be in the specs and this
+ * function should get it from cwSpec rather than from the "hs".
+ * See bug 275744 comment 69 and bug 766137.
+ */
+ inf.cipherSuite = ss->ssl3.hs.cipher_suite;
+ inf.compressionMethod = ss->ssl3.cwSpec->compression_method;
+ ssl_ReleaseSpecReadLock(ss);
+ inf.compressionMethodName =
+ ssl_GetCompressionMethodName(inf.compressionMethod);
+
+ /* Fill in the cipher details from the cipher suite. */
+ rv = SSL_GetCipherSuiteInfo(inf.cipherSuite,
+ &cinfo, sizeof(cinfo));
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code already set. */
+ }
+ inf.symCipher = cinfo.symCipher;
+ inf.macAlgorithm = cinfo.macAlgorithm;
+ /* Get these fromm |ss->sec| because that is accurate
+ * even with TLS 1.3 disaggregated cipher suites. */
+ inf.keaType = ss->sec.keaType;
+ inf.keaGroup = ss->sec.keaGroup ? ss->sec.keaGroup->name : ssl_grp_none;
+ inf.keaKeyBits = ss->sec.keaKeyBits;
+ inf.authType = ss->sec.authType;
+ inf.authKeyBits = ss->sec.authKeyBits;
+ inf.signatureScheme = ss->sec.signatureScheme;
+ }
+ if (sid) {
+ unsigned int sidLen;
+
+ inf.creationTime = sid->creationTime;
+ inf.lastAccessTime = sid->lastAccessTime;
+ inf.expirationTime = sid->expirationTime;
+ inf.extendedMasterSecretUsed =
+ (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 ||
+ sid->u.ssl3.keys.extendedMasterSecretUsed)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ inf.earlyDataAccepted =
+ (ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_done);
+ sidLen = sid->u.ssl3.sessionIDLength;
+ sidLen = PR_MIN(sidLen, sizeof inf.sessionID);
+ inf.sessionIDLength = sidLen;
+ memcpy(inf.sessionID, sid->u.ssl3.sessionID, sidLen);
+ }
+ }
+
+ memcpy(info, &inf, inf.length);
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_GetPreliminaryChannelInfo(PRFileDesc *fd,
+ SSLPreliminaryChannelInfo *info,
+ PRUintn len)
+{
+ sslSocket *ss;
+ SSLPreliminaryChannelInfo inf;
+
+ /* Check if we can properly return the length of data written and that
+ * we're not asked to return more information than we know how to provide.
+ */
+ if (!info || len < sizeof inf.length || len > sizeof inf) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetPreliminaryChannelInfo",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ memset(&inf, 0, sizeof(inf));
+ inf.length = PR_MIN(sizeof(inf), len);
+
+ inf.valuesSet = ss->ssl3.hs.preliminaryInfo;
+ inf.protocolVersion = ss->version;
+ inf.cipherSuite = ss->ssl3.hs.cipher_suite;
+
+ memcpy(info, &inf, inf.length);
+ return SECSuccess;
+}
+
+/* name */
+#define CS_(x) x, #x
+#define CS(x) CS_(TLS_##x)
+
+/* legacy values for authAlgorithm */
+#define S_DSA "DSA", ssl_auth_dsa
+/* S_RSA is incorrect for signature-based suites */
+/* ECDH suites incorrectly report S_RSA or S_ECDSA */
+#define S_RSA "RSA", ssl_auth_rsa_decrypt
+#define S_ECDSA "ECDSA", ssl_auth_ecdsa
+#define S_PSK "PSK", ssl_auth_psk
+#define S_ANY "TLS 1.3", ssl_auth_tls13_any
+
+/* real authentication algorithm */
+#define A_DSA ssl_auth_dsa
+#define A_RSAD ssl_auth_rsa_decrypt
+#define A_RSAS ssl_auth_rsa_sign
+#define A_ECDSA ssl_auth_ecdsa
+#define A_ECDH_R ssl_auth_ecdh_rsa
+#define A_ECDH_E ssl_auth_ecdh_ecdsa
+#define A_PSK ssl_auth_psk
+/* Report ssl_auth_null for export suites that can't decide between
+ * ssl_auth_rsa_sign and ssl_auth_rsa_decrypt. */
+#define A_EXP ssl_auth_null
+#define A_ANY ssl_auth_tls13_any
+
+/* key exchange */
+#define K_DHE "DHE", ssl_kea_dh
+#define K_RSA "RSA", ssl_kea_rsa
+#define K_KEA "KEA", ssl_kea_kea
+#define K_ECDH "ECDH", ssl_kea_ecdh
+#define K_ECDHE "ECDHE", ssl_kea_ecdh
+#define K_ECDHE_PSK "ECDHE-PSK", ssl_kea_ecdh_psk
+#define K_DHE_PSK "DHE-PSK", ssl_kea_dh_psk
+#define K_ANY "TLS 1.3", ssl_kea_tls13_any
+
+/* record protection cipher */
+#define C_SEED "SEED", calg_seed
+#define C_CAMELLIA "CAMELLIA", calg_camellia
+#define C_AES "AES", calg_aes
+#define C_RC4 "RC4", calg_rc4
+#define C_RC2 "RC2", calg_rc2
+#define C_DES "DES", calg_des
+#define C_3DES "3DES", calg_3des
+#define C_NULL "NULL", calg_null
+#define C_SJ "SKIPJACK", calg_sj
+#define C_AESGCM "AES-GCM", calg_aes_gcm
+#define C_CHACHA20 "CHACHA20POLY1305", calg_chacha20
+
+/* "block cipher" sizes */
+#define B_256 256, 256, 256
+#define B_128 128, 128, 128
+#define B_3DES 192, 156, 112
+#define B_SJ 96, 80, 80
+#define B_DES 64, 56, 56
+#define B_56 128, 56, 56
+#define B_40 128, 40, 40
+#define B_0 0, 0, 0
+
+/* "mac algorithm" and size */
+#define M_AEAD_128 "AEAD", ssl_mac_aead, 128
+#define M_SHA384 "SHA384", ssl_hmac_sha384, 384
+#define M_SHA256 "SHA256", ssl_hmac_sha256, 256
+#define M_SHA "SHA1", ssl_mac_sha, 160
+#define M_MD5 "MD5", ssl_mac_md5, 128
+#define M_NULL "NULL", ssl_mac_null, 0
+
+/* flags: FIPS, exportable, nonstandard, reserved */
+#define F_FIPS_STD 1, 0, 0, 0
+#define F_FIPS_NSTD 1, 0, 1, 0
+#define F_NFIPS_STD 0, 0, 0, 0
+#define F_NFIPS_NSTD 0, 0, 1, 0 /* i.e., trash */
+#define F_EXPORT 0, 1, 0, 0 /* i.e., trash */
+
+static const SSLCipherSuiteInfo suiteInfo[] = {
+ /* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */
+ { 0, CS_(TLS_AES_128_GCM_SHA256), S_ANY, K_ANY, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_ANY },
+ { 0, CS_(TLS_CHACHA20_POLY1305_SHA256), S_ANY, K_ANY, C_CHACHA20, B_256, M_AEAD_128, F_NFIPS_STD, A_ANY },
+ { 0, CS_(TLS_AES_256_GCM_SHA384), S_ANY, K_ANY, C_AESGCM, B_256, M_AEAD_128, F_NFIPS_STD, A_ANY },
+
+ { 0, CS(RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_RSA, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_RSAD },
+ { 0, CS(DHE_RSA_WITH_CHACHA20_POLY1305_SHA256), S_RSA, K_DHE, C_CHACHA20, B_256, M_AEAD_128, F_NFIPS_STD, A_RSAS },
+
+ { 0, CS(DHE_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_RSAS },
+ { 0, CS(DHE_DSS_WITH_CAMELLIA_256_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_DSA },
+ { 0, CS(DHE_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_DHE, C_AES, B_256, M_SHA256, F_FIPS_STD, A_RSAS },
+ { 0, CS(DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAS },
+ { 0, CS(DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_DSA },
+ { 0, CS(DHE_DSS_WITH_AES_256_CBC_SHA256), S_DSA, K_DHE, C_AES, B_256, M_SHA256, F_FIPS_STD, A_DSA },
+ { 0, CS(RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_RSA, C_AES, B_256, M_SHA256, F_FIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAD },
+
+ { 0, CS(DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_RSAS },
+ { 0, CS(DHE_DSS_WITH_CAMELLIA_128_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_DSA },
+ { 0, CS(DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_DSA },
+ { 0, CS(DHE_RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_DHE, C_AES, B_128, M_SHA256, F_FIPS_STD, A_RSAS },
+ { 0, CS(DHE_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_DHE, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_RSAS },
+ { 0, CS(DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA, F_FIPS_STD, A_RSAS },
+ { 0, CS(DHE_DSS_WITH_AES_128_GCM_SHA256), S_DSA, K_DHE, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_DSA },
+ { 0, CS(DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, F_FIPS_STD, A_DSA },
+ { 0, CS(DHE_DSS_WITH_AES_128_CBC_SHA256), S_DSA, K_DHE, C_AES, B_128, M_SHA256, F_FIPS_STD, A_DSA },
+ { 0, CS(RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED, B_128, M_SHA, F_FIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, F_NFIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_RSA, C_AES, B_128, M_SHA256, F_FIPS_STD, A_RSAD },
+ { 0, CS(RSA_WITH_AES_128_CBC_SHA), S_RSA, K_RSA, C_AES, B_128, M_SHA, F_FIPS_STD, A_RSAD },
+
+ { 0, CS(DHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_DHE, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_RSAS },
+ { 0, CS(DHE_DSS_WITH_3DES_EDE_CBC_SHA), S_DSA, K_DHE, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_DSA },
+ { 0, CS(RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_RSAD },
+
+ { 0, CS(DHE_RSA_WITH_DES_CBC_SHA), S_RSA, K_DHE, C_DES, B_DES, M_SHA, F_NFIPS_STD, A_RSAS },
+ { 0, CS(DHE_DSS_WITH_DES_CBC_SHA), S_DSA, K_DHE, C_DES, B_DES, M_SHA, F_NFIPS_STD, A_DSA },
+ { 0, CS(RSA_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, F_NFIPS_STD, A_RSAD },
+
+ { 0, CS(RSA_WITH_NULL_SHA256), S_RSA, K_RSA, C_NULL, B_0, M_SHA256, F_EXPORT, A_RSAD },
+ { 0, CS(RSA_WITH_NULL_SHA), S_RSA, K_RSA, C_NULL, B_0, M_SHA, F_EXPORT, A_RSAD },
+ { 0, CS(RSA_WITH_NULL_MD5), S_RSA, K_RSA, C_NULL, B_0, M_MD5, F_EXPORT, A_RSAD },
+
+ /* ECC cipher suites */
+ { 0, CS(ECDHE_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_ECDHE, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), S_ECDSA, K_ECDHE, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDH_ECDSA_WITH_NULL_SHA), S_ECDSA, K_ECDH, C_NULL, B_0, M_SHA, F_NFIPS_STD, A_ECDH_E },
+ { 0, CS(ECDH_ECDSA_WITH_RC4_128_SHA), S_ECDSA, K_ECDH, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_ECDH_E },
+ { 0, CS(ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA), S_ECDSA, K_ECDH, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_ECDH_E },
+ { 0, CS(ECDH_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDH, C_AES, B_128, M_SHA, F_FIPS_STD, A_ECDH_E },
+ { 0, CS(ECDH_ECDSA_WITH_AES_256_CBC_SHA), S_ECDSA, K_ECDH, C_AES, B_256, M_SHA, F_FIPS_STD, A_ECDH_E },
+
+ { 0, CS(ECDHE_ECDSA_WITH_NULL_SHA), S_ECDSA, K_ECDHE, C_NULL, B_0, M_SHA, F_NFIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_RC4_128_SHA), S_ECDSA, K_ECDHE, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA), S_ECDSA, K_ECDHE, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_AES_128_CBC_SHA256), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA256, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_AES_256_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256), S_ECDSA, K_ECDHE, C_CHACHA20, B_256, M_AEAD_128, F_NFIPS_STD, A_ECDSA },
+
+ { 0, CS(ECDH_RSA_WITH_NULL_SHA), S_RSA, K_ECDH, C_NULL, B_0, M_SHA, F_NFIPS_STD, A_ECDH_R },
+ { 0, CS(ECDH_RSA_WITH_RC4_128_SHA), S_RSA, K_ECDH, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_ECDH_R },
+ { 0, CS(ECDH_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_ECDH, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_ECDH_R },
+ { 0, CS(ECDH_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_ECDH, C_AES, B_128, M_SHA, F_FIPS_STD, A_ECDH_R },
+ { 0, CS(ECDH_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_ECDH, C_AES, B_256, M_SHA, F_FIPS_STD, A_ECDH_R },
+
+ { 0, CS(ECDHE_RSA_WITH_NULL_SHA), S_RSA, K_ECDHE, C_NULL, B_0, M_SHA, F_NFIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_RC4_128_SHA), S_RSA, K_ECDHE, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_ECDHE, C_3DES, B_3DES, M_SHA, F_FIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_ECDHE, C_AES, B_128, M_SHA, F_FIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_ECDHE, C_AES, B_128, M_SHA256, F_FIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_ECDHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256), S_RSA, K_ECDHE, C_CHACHA20, B_256, M_AEAD_128, F_NFIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_RSA_WITH_AES_256_CBC_SHA384), S_RSA, K_ECDHE, C_AES, B_256, M_SHA384, F_FIPS_STD, A_RSAS },
+ { 0, CS(ECDHE_ECDSA_WITH_AES_256_CBC_SHA384), S_ECDSA, K_ECDHE, C_AES, B_256, M_SHA384, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_ECDSA_WITH_AES_256_GCM_SHA384), S_ECDSA, K_ECDHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_ECDSA },
+ { 0, CS(ECDHE_RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_ECDHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAS },
+
+ { 0, CS(DHE_DSS_WITH_AES_256_GCM_SHA384), S_DSA, K_DHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_DSA },
+ { 0, CS(DHE_RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_DHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAS },
+ { 0, CS(RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_RSA, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAD },
+};
+
+#define NUM_SUITEINFOS ((sizeof suiteInfo) / (sizeof suiteInfo[0]))
+
+SECStatus
+SSL_GetCipherSuiteInfo(PRUint16 cipherSuite,
+ SSLCipherSuiteInfo *info, PRUintn len)
+{
+ unsigned int i;
+
+ /* Check if we can properly return the length of data written and that
+ * we're not asked to return more information than we know how to provide.
+ */
+ if (!info || len < sizeof suiteInfo[0].length ||
+ len > sizeof suiteInfo[0]) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ len = PR_MIN(len, sizeof suiteInfo[0]);
+ for (i = 0; i < NUM_SUITEINFOS; i++) {
+ if (suiteInfo[i].cipherSuite == cipherSuite) {
+ memcpy(info, &suiteInfo[i], len);
+ info->length = len;
+ return SECSuccess;
+ }
+ }
+
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+}
+
+SECItem *
+SSL_GetNegotiatedHostInfo(PRFileDesc *fd)
+{
+ SECItem *sniName = NULL;
+ sslSocket *ss;
+ char *name = NULL;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNegotiatedHostInfo",
+ SSL_GETPID(), fd));
+ return NULL;
+ }
+
+ if (ss->sec.isServer) {
+ if (ss->version > SSL_LIBRARY_VERSION_3_0 &&
+ ss->ssl3.initialized) { /* TLS */
+ SECItem *crsName;
+ ssl_GetSpecReadLock(ss); /*********************************/
+ crsName = &ss->ssl3.hs.srvVirtName;
+ if (crsName->data) {
+ sniName = SECITEM_DupItem(crsName);
+ }
+ ssl_ReleaseSpecReadLock(ss); /*----------------------------*/
+ }
+ return sniName;
+ }
+ name = SSL_RevealURL(fd);
+ if (name) {
+ sniName = PORT_ZNew(SECItem);
+ if (!sniName) {
+ PORT_Free(name);
+ return NULL;
+ }
+ sniName->data = (void *)name;
+ sniName->len = PORT_Strlen(name);
+ }
+ return sniName;
+}
+
+static SECStatus
+tls13_Exporter(sslSocket *ss, PK11SymKey *secret,
+ const char *label, unsigned int labelLen,
+ const unsigned char *context, unsigned int contextLen,
+ unsigned char *out, unsigned int outLen)
+{
+ if (!secret) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return tls13_HkdfExpandLabelRaw(secret,
+ tls13_GetHash(ss),
+ context, contextLen,
+ label, labelLen,
+ out, outLen);
+}
+
+SECStatus
+SSL_ExportKeyingMaterial(PRFileDesc *fd,
+ const char *label, unsigned int labelLen,
+ PRBool hasContext,
+ const unsigned char *context, unsigned int contextLen,
+ unsigned char *out, unsigned int outLen)
+{
+ sslSocket *ss;
+ unsigned char *val = NULL;
+ unsigned int valLen, i;
+ SECStatus rv = SECFailure;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in ExportKeyingMaterial",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!label || !labelLen || !out || !outLen ||
+ (hasContext && (!context || !contextLen))) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ return tls13_Exporter(ss, ss->ssl3.hs.exporterSecret,
+ label, labelLen,
+ context, hasContext ? contextLen : 0,
+ out, outLen);
+ }
+
+ /* construct PRF arguments */
+ valLen = SSL3_RANDOM_LENGTH * 2;
+ if (hasContext) {
+ valLen += 2 /* PRUint16 length */ + contextLen;
+ }
+ val = PORT_Alloc(valLen);
+ if (!val) {
+ return SECFailure;
+ }
+ i = 0;
+ PORT_Memcpy(val + i, &ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH);
+ i += SSL3_RANDOM_LENGTH;
+ PORT_Memcpy(val + i, &ss->ssl3.hs.server_random.rand, SSL3_RANDOM_LENGTH);
+ i += SSL3_RANDOM_LENGTH;
+ if (hasContext) {
+ val[i++] = contextLen >> 8;
+ val[i++] = contextLen;
+ PORT_Memcpy(val + i, context, contextLen);
+ i += contextLen;
+ }
+ PORT_Assert(i == valLen);
+
+ /* Allow TLS keying material to be exported sooner, when the master
+ * secret is available and we have sent ChangeCipherSpec.
+ */
+ ssl_GetSpecReadLock(ss);
+ if (!ss->ssl3.cwSpec->master_secret && !ss->ssl3.cwSpec->msItem.len) {
+ PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED);
+ rv = SECFailure;
+ } else {
+ HASH_HashType ht = ssl3_GetTls12HashType(ss);
+ rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val,
+ valLen, out, outLen, ht);
+ }
+ ssl_ReleaseSpecReadLock(ss);
+
+ PORT_ZFree(val, valLen);
+ return rv;
+}
+
+SECStatus
+SSL_ExportEarlyKeyingMaterial(PRFileDesc *fd,
+ const char *label, unsigned int labelLen,
+ const unsigned char *context,
+ unsigned int contextLen,
+ unsigned char *out, unsigned int outLen)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_ExportEarlyKeyingMaterial",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!label || !labelLen || !out || !outLen ||
+ (!context && contextLen)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return tls13_Exporter(ss, ss->ssl3.hs.earlyExporterSecret,
+ label, labelLen, context, contextLen,
+ out, outLen);
+}
diff --git a/security/nss/lib/ssl/sslinit.c b/security/nss/lib/ssl/sslinit.c
new file mode 100644
index 000000000..0f38c0b57
--- /dev/null
+++ b/security/nss/lib/ssl/sslinit.c
@@ -0,0 +1,59 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prtypes.h"
+#include "prinit.h"
+#include "seccomon.h"
+#include "secerr.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+
+static int ssl_isInited = 0;
+static PRCallOnceType ssl_init = { 0 };
+
+PRStatus
+ssl_InitCallOnce(void *arg)
+{
+ int *error = (int *)arg;
+ SECStatus rv;
+
+ rv = ssl_InitializePRErrorTable();
+ if (rv != SECSuccess) {
+ *error = SEC_ERROR_NO_MEMORY;
+ return PR_FAILURE;
+ }
+#ifdef DEBUG
+ ssl3_CheckCipherSuiteOrderConsistency();
+#endif
+
+ rv = ssl3_ApplyNSSPolicy();
+ if (rv != SECSuccess) {
+ *error = PORT_GetError();
+ return PR_FAILURE;
+ }
+ return PR_SUCCESS;
+}
+
+SECStatus
+ssl_Init(void)
+{
+ PRStatus nrv;
+
+ /* short circuit test if we are already inited */
+ if (!ssl_isInited) {
+ int error;
+ /* only do this once at init time, block all others until we are done */
+ nrv = PR_CallOnceWithArg(&ssl_init, ssl_InitCallOnce, &error);
+ if (nrv != PR_SUCCESS) {
+ PORT_SetError(error);
+ return SECFailure;
+ }
+ ssl_isInited = 1;
+ }
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/sslmutex.c b/security/nss/lib/ssl/sslmutex.c
new file mode 100644
index 000000000..560a9e823
--- /dev/null
+++ b/security/nss/lib/ssl/sslmutex.c
@@ -0,0 +1,658 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "seccomon.h"
+/* This ifdef should match the one in sslsnce.c */
+#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_OS2) || defined(XP_BEOS)
+
+#include "sslmutex.h"
+#include "prerr.h"
+
+static SECStatus
+single_process_sslMutex_Init(sslMutex* pMutex)
+{
+ PR_ASSERT(pMutex != 0 && pMutex->u.sslLock == 0);
+
+ pMutex->u.sslLock = PR_NewLock();
+ if (!pMutex->u.sslLock) {
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static SECStatus
+single_process_sslMutex_Destroy(sslMutex* pMutex)
+{
+ PR_ASSERT(pMutex != 0);
+ PR_ASSERT(pMutex->u.sslLock != 0);
+ if (!pMutex->u.sslLock) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ PR_DestroyLock(pMutex->u.sslLock);
+ return SECSuccess;
+}
+
+static SECStatus
+single_process_sslMutex_Unlock(sslMutex* pMutex)
+{
+ PR_ASSERT(pMutex != 0);
+ PR_ASSERT(pMutex->u.sslLock != 0);
+ if (!pMutex->u.sslLock) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ PR_Unlock(pMutex->u.sslLock);
+ return SECSuccess;
+}
+
+static SECStatus
+single_process_sslMutex_Lock(sslMutex* pMutex)
+{
+ PR_ASSERT(pMutex != 0);
+ PR_ASSERT(pMutex->u.sslLock != 0);
+ if (!pMutex->u.sslLock) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ PR_Lock(pMutex->u.sslLock);
+ return SECSuccess;
+}
+
+#if defined(LINUX) || defined(AIX) || defined(BEOS) || defined(BSDI) || (defined(NETBSD) && __NetBSD_Version__ < 500000000) || defined(OPENBSD)
+
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include "unix_err.h"
+#include "pratom.h"
+
+#define SSL_MUTEX_MAGIC 0xfeedfd
+#define NONBLOCKING_POSTS 1 /* maybe this is faster */
+
+#if NONBLOCKING_POSTS
+
+#ifndef FNONBLOCK
+#define FNONBLOCK O_NONBLOCK
+#endif
+
+static int
+setNonBlocking(int fd, int nonBlocking)
+{
+ int flags;
+ int err;
+
+ flags = fcntl(fd, F_GETFL, 0);
+ if (0 > flags)
+ return flags;
+ if (nonBlocking)
+ flags |= FNONBLOCK;
+ else
+ flags &= ~FNONBLOCK;
+ err = fcntl(fd, F_SETFL, flags);
+ return err;
+}
+#endif
+
+SECStatus
+sslMutex_Init(sslMutex* pMutex, int shared)
+{
+ int err;
+ PR_ASSERT(pMutex);
+ pMutex->isMultiProcess = (PRBool)(shared != 0);
+ if (!shared) {
+ return single_process_sslMutex_Init(pMutex);
+ }
+ pMutex->u.pipeStr.mPipes[0] = -1;
+ pMutex->u.pipeStr.mPipes[1] = -1;
+ pMutex->u.pipeStr.mPipes[2] = -1;
+ pMutex->u.pipeStr.nWaiters = 0;
+
+ err = pipe(pMutex->u.pipeStr.mPipes);
+ if (err) {
+ nss_MD_unix_map_default_error(errno);
+ return err;
+ }
+#if NONBLOCKING_POSTS
+ err = setNonBlocking(pMutex->u.pipeStr.mPipes[1], 1);
+ if (err)
+ goto loser;
+#endif
+
+ pMutex->u.pipeStr.mPipes[2] = SSL_MUTEX_MAGIC;
+
+#if defined(LINUX) && defined(i386)
+ /* Pipe starts out empty */
+ return SECSuccess;
+#else
+ /* Pipe starts with one byte. */
+ return sslMutex_Unlock(pMutex);
+#endif
+
+loser:
+ nss_MD_unix_map_default_error(errno);
+ close(pMutex->u.pipeStr.mPipes[0]);
+ close(pMutex->u.pipeStr.mPipes[1]);
+ return SECFailure;
+}
+
+SECStatus
+sslMutex_Destroy(sslMutex* pMutex, PRBool processLocal)
+{
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Destroy(pMutex);
+ }
+ if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ close(pMutex->u.pipeStr.mPipes[0]);
+ close(pMutex->u.pipeStr.mPipes[1]);
+
+ if (processLocal) {
+ return SECSuccess;
+ }
+
+ pMutex->u.pipeStr.mPipes[0] = -1;
+ pMutex->u.pipeStr.mPipes[1] = -1;
+ pMutex->u.pipeStr.mPipes[2] = -1;
+ pMutex->u.pipeStr.nWaiters = 0;
+
+ return SECSuccess;
+}
+
+#if defined(LINUX) && defined(i386)
+/* No memory barrier needed for this platform */
+
+/* nWaiters includes the holder of the lock (if any) and the number
+** threads waiting for it. After incrementing nWaiters, if the count
+** is exactly 1, then you have the lock and may proceed. If the
+** count is greater than 1, then you must wait on the pipe.
+*/
+
+SECStatus
+sslMutex_Unlock(sslMutex* pMutex)
+{
+ PRInt32 newValue;
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Unlock(pMutex);
+ }
+
+ if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ /* Do Memory Barrier here. */
+ newValue = PR_ATOMIC_DECREMENT(&pMutex->u.pipeStr.nWaiters);
+ if (newValue > 0) {
+ int cc;
+ char c = 1;
+ do {
+ cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
+ } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
+ if (cc != 1) {
+ if (cc < 0)
+ nss_MD_unix_map_default_error(errno);
+ else
+ PORT_SetError(PR_UNKNOWN_ERROR);
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+SECStatus
+sslMutex_Lock(sslMutex* pMutex)
+{
+ PRInt32 newValue;
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Lock(pMutex);
+ }
+
+ if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ newValue = PR_ATOMIC_INCREMENT(&pMutex->u.pipeStr.nWaiters);
+ /* Do Memory Barrier here. */
+ if (newValue > 1) {
+ int cc;
+ char c;
+ do {
+ cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
+ } while (cc < 0 && errno == EINTR);
+ if (cc != 1) {
+ if (cc < 0)
+ nss_MD_unix_map_default_error(errno);
+ else
+ PORT_SetError(PR_UNKNOWN_ERROR);
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+#else
+
+/* Using Atomic operations requires the use of a memory barrier instruction
+** on PowerPC, Sparc, and Alpha. NSPR's PR_Atomic functions do not perform
+** them, and NSPR does not provide a function that does them (e.g. PR_Barrier).
+** So, we don't use them on those platforms.
+*/
+
+SECStatus
+sslMutex_Unlock(sslMutex* pMutex)
+{
+ int cc;
+ char c = 1;
+
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Unlock(pMutex);
+ }
+
+ if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ do {
+ cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
+ } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
+ if (cc != 1) {
+ if (cc < 0)
+ nss_MD_unix_map_default_error(errno);
+ else
+ PORT_SetError(PR_UNKNOWN_ERROR);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+sslMutex_Lock(sslMutex* pMutex)
+{
+ int cc;
+ char c;
+
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Lock(pMutex);
+ }
+
+ if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ do {
+ cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
+ } while (cc < 0 && errno == EINTR);
+ if (cc != 1) {
+ if (cc < 0)
+ nss_MD_unix_map_default_error(errno);
+ else
+ PORT_SetError(PR_UNKNOWN_ERROR);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+#endif
+
+#elif defined(WIN32)
+
+#include "win32err.h"
+
+/* on Windows, we need to find the optimal type of locking mechanism to use
+ for the sslMutex.
+
+ There are 3 cases :
+ 1) single-process, use a PRLock, as for all other platforms
+ 2) Win95 multi-process, use a Win32 mutex
+ 3) on WINNT multi-process, use a PRLock + a Win32 mutex
+
+*/
+
+#ifdef WINNT
+
+SECStatus
+sslMutex_2LevelInit(sslMutex *sem)
+{
+ /* the following adds a PRLock to sslMutex . This is done in each
+ process of a multi-process server and is only needed on WINNT, if
+ using fibers. We can't tell if native threads or fibers are used, so
+ we always do it on WINNT
+ */
+ PR_ASSERT(sem);
+ if (sem) {
+ /* we need to reset the sslLock in the children or the single_process init
+ function below will assert */
+ sem->u.sslLock = NULL;
+ }
+ return single_process_sslMutex_Init(sem);
+}
+
+static SECStatus
+sslMutex_2LevelDestroy(sslMutex *sem)
+{
+ return single_process_sslMutex_Destroy(sem);
+}
+
+#endif
+
+SECStatus
+sslMutex_Init(sslMutex *pMutex, int shared)
+{
+#ifdef WINNT
+ SECStatus retvalue;
+#endif
+ HANDLE hMutex;
+ SECURITY_ATTRIBUTES attributes =
+ { sizeof(SECURITY_ATTRIBUTES), NULL, TRUE };
+
+ PR_ASSERT(pMutex != 0 && (pMutex->u.sslMutx == 0 ||
+ pMutex->u.sslMutx ==
+ INVALID_HANDLE_VALUE));
+
+ pMutex->isMultiProcess = (PRBool)(shared != 0);
+
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Init(pMutex);
+ }
+
+#ifdef WINNT
+ /* we need a lock on WINNT for fibers in the parent process */
+ retvalue = sslMutex_2LevelInit(pMutex);
+ if (SECSuccess != retvalue)
+ return SECFailure;
+#endif
+
+ if (!pMutex || ((hMutex = pMutex->u.sslMutx) != 0 &&
+ hMutex !=
+ INVALID_HANDLE_VALUE)) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ attributes.bInheritHandle = (shared ? TRUE : FALSE);
+ hMutex = CreateMutex(&attributes, FALSE, NULL);
+ if (hMutex == NULL) {
+ hMutex = INVALID_HANDLE_VALUE;
+ nss_MD_win32_map_default_error(GetLastError());
+ return SECFailure;
+ }
+ pMutex->u.sslMutx = hMutex;
+ return SECSuccess;
+}
+
+SECStatus
+sslMutex_Destroy(sslMutex *pMutex, PRBool processLocal)
+{
+ HANDLE hMutex;
+ int rv;
+ int retvalue = SECSuccess;
+
+ PR_ASSERT(pMutex != 0);
+ if (!pMutex) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Destroy(pMutex);
+ }
+
+/* multi-process mode */
+#ifdef WINNT
+ /* on NT, get rid of the PRLock used for fibers within a process */
+ retvalue = sslMutex_2LevelDestroy(pMutex);
+#endif
+
+ PR_ASSERT(pMutex->u.sslMutx != 0 &&
+ pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
+ if ((hMutex = pMutex->u.sslMutx) == 0 || hMutex == INVALID_HANDLE_VALUE) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ rv = CloseHandle(hMutex); /* ignore error */
+ if (!processLocal && rv) {
+ pMutex->u.sslMutx = hMutex = INVALID_HANDLE_VALUE;
+ }
+ if (!rv) {
+ nss_MD_win32_map_default_error(GetLastError());
+ retvalue = SECFailure;
+ }
+ return retvalue;
+}
+
+int
+sslMutex_Unlock(sslMutex *pMutex)
+{
+ BOOL success = FALSE;
+ HANDLE hMutex;
+
+ PR_ASSERT(pMutex != 0);
+ if (!pMutex) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Unlock(pMutex);
+ }
+
+ PR_ASSERT(pMutex->u.sslMutx != 0 &&
+ pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
+ if ((hMutex = pMutex->u.sslMutx) == 0 || hMutex == INVALID_HANDLE_VALUE) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+ success = ReleaseMutex(hMutex);
+ if (!success) {
+ nss_MD_win32_map_default_error(GetLastError());
+ return SECFailure;
+ }
+#ifdef WINNT
+ return single_process_sslMutex_Unlock(pMutex);
+/* release PRLock for other fibers in the process */
+#else
+ return SECSuccess;
+#endif
+}
+
+int
+sslMutex_Lock(sslMutex *pMutex)
+{
+ HANDLE hMutex;
+ DWORD event;
+ DWORD lastError;
+ SECStatus rv;
+ SECStatus retvalue = SECSuccess;
+
+ PR_ASSERT(pMutex != 0);
+ if (!pMutex) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure;
+ }
+
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Lock(pMutex);
+ }
+#ifdef WINNT
+ /* lock first to preserve from other threads/fibers in the same process */
+ retvalue = single_process_sslMutex_Lock(pMutex);
+#endif
+ PR_ASSERT(pMutex->u.sslMutx != 0 &&
+ pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
+ if ((hMutex = pMutex->u.sslMutx) == 0 || hMutex == INVALID_HANDLE_VALUE) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return SECFailure; /* what else ? */
+ }
+ /* acquire the mutex to be the only owner accross all other processes */
+ event = WaitForSingleObject(hMutex, INFINITE);
+ switch (event) {
+ case WAIT_OBJECT_0:
+ case WAIT_ABANDONED:
+ rv = SECSuccess;
+ break;
+
+ case WAIT_TIMEOUT:
+#if defined(WAIT_IO_COMPLETION)
+ case WAIT_IO_COMPLETION:
+#endif
+ default: /* should never happen. nothing we can do. */
+ PR_ASSERT(!("WaitForSingleObject returned invalid value."));
+ PORT_SetError(PR_UNKNOWN_ERROR);
+ rv = SECFailure;
+ break;
+
+ case WAIT_FAILED: /* failure returns this */
+ rv = SECFailure;
+ lastError = GetLastError(); /* for debugging */
+ nss_MD_win32_map_default_error(lastError);
+ break;
+ }
+
+ if (!(SECSuccess == retvalue && SECSuccess == rv)) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+#elif defined(XP_UNIX) && !defined(DARWIN)
+
+#include <errno.h>
+#include "unix_err.h"
+
+SECStatus
+sslMutex_Init(sslMutex* pMutex, int shared)
+{
+ int rv;
+ PR_ASSERT(pMutex);
+ pMutex->isMultiProcess = (PRBool)(shared != 0);
+ if (!shared) {
+ return single_process_sslMutex_Init(pMutex);
+ }
+ do {
+ rv = sem_init(&pMutex->u.sem, shared, 1);
+ } while (rv < 0 && errno == EINTR);
+ if (rv < 0) {
+ nss_MD_unix_map_default_error(errno);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+sslMutex_Destroy(sslMutex* pMutex, PRBool processLocal)
+{
+ int rv;
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Destroy(pMutex);
+ }
+
+ /* semaphores are global resources. See SEM_DESTROY(3) man page */
+ if (processLocal) {
+ return SECSuccess;
+ }
+ do {
+ rv = sem_destroy(&pMutex->u.sem);
+ } while (rv < 0 && errno == EINTR);
+ if (rv < 0) {
+ nss_MD_unix_map_default_error(errno);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+sslMutex_Unlock(sslMutex* pMutex)
+{
+ int rv;
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Unlock(pMutex);
+ }
+ do {
+ rv = sem_post(&pMutex->u.sem);
+ } while (rv < 0 && errno == EINTR);
+ if (rv < 0) {
+ nss_MD_unix_map_default_error(errno);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+sslMutex_Lock(sslMutex* pMutex)
+{
+ int rv;
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Lock(pMutex);
+ }
+ do {
+ rv = sem_wait(&pMutex->u.sem);
+ } while (rv < 0 && errno == EINTR);
+ if (rv < 0) {
+ nss_MD_unix_map_default_error(errno);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+#else
+
+SECStatus
+sslMutex_Init(sslMutex* pMutex, int shared)
+{
+ PR_ASSERT(pMutex);
+ pMutex->isMultiProcess = (PRBool)(shared != 0);
+ if (!shared) {
+ return single_process_sslMutex_Init(pMutex);
+ }
+ PORT_Assert(!("sslMutex_Init not implemented for multi-process applications !"));
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+SECStatus
+sslMutex_Destroy(sslMutex* pMutex, PRBool processLocal)
+{
+ PR_ASSERT(pMutex);
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Destroy(pMutex);
+ }
+ PORT_Assert(!("sslMutex_Destroy not implemented for multi-process applications !"));
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+SECStatus
+sslMutex_Unlock(sslMutex* pMutex)
+{
+ PR_ASSERT(pMutex);
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Unlock(pMutex);
+ }
+ PORT_Assert(!("sslMutex_Unlock not implemented for multi-process applications !"));
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+SECStatus
+sslMutex_Lock(sslMutex* pMutex)
+{
+ PR_ASSERT(pMutex);
+ if (PR_FALSE == pMutex->isMultiProcess) {
+ return single_process_sslMutex_Lock(pMutex);
+ }
+ PORT_Assert(!("sslMutex_Lock not implemented for multi-process applications !"));
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return SECFailure;
+}
+
+#endif
+
+#endif
diff --git a/security/nss/lib/ssl/sslmutex.h b/security/nss/lib/ssl/sslmutex.h
new file mode 100644
index 000000000..7611148ad
--- /dev/null
+++ b/security/nss/lib/ssl/sslmutex.h
@@ -0,0 +1,128 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef __SSLMUTEX_H_
+#define __SSLMUTEX_H_ 1
+
+/* What SSL really wants is portable process-shared unnamed mutexes in
+ * shared memory, that have the property that if the process that holds
+ * them dies, they are released automatically, and that (unlike fcntl
+ * record locking) lock to the thread, not to the process.
+ * NSPR doesn't provide that.
+ * Windows has mutexes that meet that description, but they're not portable.
+ * POSIX mutexes are not automatically released when the holder dies,
+ * and other processes/threads cannot release the mutex on behalf of the
+ * dead holder.
+ * POSIX semaphores can be used to accomplish this on systems that implement
+ * process-shared unnamed POSIX semaphores, because a watchdog thread can
+ * discover and release semaphores that were held by a dead process.
+ * On systems that do not support process-shared POSIX unnamed semaphores,
+ * they can be emulated using pipes.
+ * The performance cost of doing that is not yet measured.
+ *
+ * So, this API looks a lot like POSIX pthread mutexes.
+ */
+
+#include "prtypes.h"
+#include "prlock.h"
+
+#if defined(NETBSD)
+#include <sys/param.h> /* for __NetBSD_Version__ */
+#endif
+
+#if defined(WIN32)
+
+#include <wtypes.h>
+
+typedef struct {
+ PRBool isMultiProcess;
+#ifdef WINNT
+ /* on WINNT we need both the PRLock and the Win32 mutex for fibers */
+ struct {
+#else
+ union {
+#endif
+ PRLock *sslLock;
+ HANDLE sslMutx;
+ } u;
+} sslMutex;
+
+typedef int sslPID;
+
+#elif defined(LINUX) || defined(AIX) || defined(BEOS) || defined(BSDI) || (defined(NETBSD) && __NetBSD_Version__ < 500000000) || defined(OPENBSD)
+
+#include <sys/types.h>
+#include "prtypes.h"
+
+typedef struct {
+ PRBool isMultiProcess;
+ union {
+ PRLock *sslLock;
+ struct {
+ int mPipes[3];
+ PRInt32 nWaiters;
+ } pipeStr;
+ } u;
+} sslMutex;
+typedef pid_t sslPID;
+
+/* other types of unix, except OS X */
+#elif defined(XP_UNIX) && !defined(DARWIN)
+
+#include <sys/types.h> /* for pid_t */
+#include <semaphore.h> /* for sem_t, and sem_* functions */
+
+typedef struct {
+ PRBool isMultiProcess;
+ union {
+ PRLock *sslLock;
+ sem_t sem;
+ } u;
+} sslMutex;
+
+typedef pid_t sslPID;
+
+#else /* no support for cross-process locking */
+
+/* what platform is this ?? */
+
+typedef struct {
+ PRBool isMultiProcess;
+ union {
+ PRLock *sslLock;
+ /* include cross-process locking mechanism here */
+ } u;
+} sslMutex;
+
+#ifdef DARWIN
+typedef pid_t sslPID;
+#else
+typedef int sslPID;
+#endif
+
+#endif
+
+#include "seccomon.h"
+
+SEC_BEGIN_PROTOS
+
+extern SECStatus sslMutex_Init(sslMutex *sem, int shared);
+
+/* If processLocal is set to true, then just free resources which are *only* associated
+ * with the current process. Leave any shared resources (including the state of
+ * shared memory) intact. */
+extern SECStatus sslMutex_Destroy(sslMutex *sem, PRBool processLocal);
+
+extern SECStatus sslMutex_Unlock(sslMutex *sem);
+
+extern SECStatus sslMutex_Lock(sslMutex *sem);
+
+#ifdef WINNT
+
+extern SECStatus sslMutex_2LevelInit(sslMutex *sem);
+
+#endif
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
new file mode 100644
index 000000000..91cc87040
--- /dev/null
+++ b/security/nss/lib/ssl/sslnonce.c
@@ -0,0 +1,495 @@
+/*
+ * This file implements the CLIENT Session ID cache.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "pk11pub.h"
+#include "secitem.h"
+#include "ssl.h"
+#include "nss.h"
+
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "nssilock.h"
+#if defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)
+#include <time.h>
+#endif
+
+PRUint32 ssl_sid_timeout = 100;
+PRUint32 ssl3_sid_timeout = 86400L; /* 24 hours */
+
+static sslSessionID *cache = NULL;
+static PZLock *cacheLock = NULL;
+
+/* sids can be in one of 4 states:
+ *
+ * never_cached, created, but not yet put into cache.
+ * in_client_cache, in the client cache's linked list.
+ * in_server_cache, entry came from the server's cache file.
+ * invalid_cache has been removed from the cache.
+ */
+
+#define LOCK_CACHE lock_cache()
+#define UNLOCK_CACHE PZ_Unlock(cacheLock)
+
+static SECStatus
+ssl_InitClientSessionCacheLock(void)
+{
+ cacheLock = PZ_NewLock(nssILockCache);
+ return cacheLock ? SECSuccess : SECFailure;
+}
+
+static SECStatus
+ssl_FreeClientSessionCacheLock(void)
+{
+ if (cacheLock) {
+ PZ_DestroyLock(cacheLock);
+ cacheLock = NULL;
+ return SECSuccess;
+ }
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+}
+
+static PRBool LocksInitializedEarly = PR_FALSE;
+
+static SECStatus
+FreeSessionCacheLocks()
+{
+ SECStatus rv1, rv2;
+ rv1 = ssl_FreeSymWrapKeysLock();
+ rv2 = ssl_FreeClientSessionCacheLock();
+ if ((SECSuccess == rv1) && (SECSuccess == rv2)) {
+ return SECSuccess;
+ }
+ return SECFailure;
+}
+
+static SECStatus
+InitSessionCacheLocks(void)
+{
+ SECStatus rv1, rv2;
+ PRErrorCode rc;
+ rv1 = ssl_InitSymWrapKeysLock();
+ rv2 = ssl_InitClientSessionCacheLock();
+ if ((SECSuccess == rv1) && (SECSuccess == rv2)) {
+ return SECSuccess;
+ }
+ rc = PORT_GetError();
+ FreeSessionCacheLocks();
+ PORT_SetError(rc);
+ return SECFailure;
+}
+
+/* free the session cache locks if they were initialized early */
+SECStatus
+ssl_FreeSessionCacheLocks()
+{
+ PORT_Assert(PR_TRUE == LocksInitializedEarly);
+ if (!LocksInitializedEarly) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+ FreeSessionCacheLocks();
+ LocksInitializedEarly = PR_FALSE;
+ return SECSuccess;
+}
+
+static PRCallOnceType lockOnce;
+
+/* free the session cache locks if they were initialized lazily */
+static SECStatus
+ssl_ShutdownLocks(void *appData, void *nssData)
+{
+ PORT_Assert(PR_FALSE == LocksInitializedEarly);
+ if (LocksInitializedEarly) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ FreeSessionCacheLocks();
+ memset(&lockOnce, 0, sizeof(lockOnce));
+ return SECSuccess;
+}
+
+static PRStatus
+initSessionCacheLocksLazily(void)
+{
+ SECStatus rv = InitSessionCacheLocks();
+ if (SECSuccess != rv) {
+ return PR_FAILURE;
+ }
+ rv = NSS_RegisterShutdown(ssl_ShutdownLocks, NULL);
+ PORT_Assert(SECSuccess == rv);
+ if (SECSuccess != rv) {
+ return PR_FAILURE;
+ }
+ return PR_SUCCESS;
+}
+
+/* lazyInit means that the call is not happening during a 1-time
+ * initialization function, but rather during dynamic, lazy initialization
+ */
+SECStatus
+ssl_InitSessionCacheLocks(PRBool lazyInit)
+{
+ if (LocksInitializedEarly) {
+ return SECSuccess;
+ }
+
+ if (lazyInit) {
+ return (PR_SUCCESS ==
+ PR_CallOnce(&lockOnce, initSessionCacheLocksLazily))
+ ? SECSuccess
+ : SECFailure;
+ }
+
+ if (SECSuccess == InitSessionCacheLocks()) {
+ LocksInitializedEarly = PR_TRUE;
+ return SECSuccess;
+ }
+
+ return SECFailure;
+}
+
+static void
+lock_cache(void)
+{
+ ssl_InitSessionCacheLocks(PR_TRUE);
+ PZ_Lock(cacheLock);
+}
+
+/* BEWARE: This function gets called for both client and server SIDs !!
+ * If the unreferenced sid is not in the cache, Free sid and its contents.
+ */
+static void
+ssl_DestroySID(sslSessionID *sid)
+{
+ SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached));
+ PORT_Assert(sid->references == 0);
+ PORT_Assert(sid->cached != in_client_cache);
+
+ if (sid->u.ssl3.locked.sessionTicket.ticket.data) {
+ SECITEM_FreeItem(&sid->u.ssl3.locked.sessionTicket.ticket,
+ PR_FALSE);
+ }
+ if (sid->u.ssl3.srvName.data) {
+ SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE);
+ }
+ if (sid->u.ssl3.signedCertTimestamps.data) {
+ SECITEM_FreeItem(&sid->u.ssl3.signedCertTimestamps, PR_FALSE);
+ }
+
+ if (sid->u.ssl3.lock) {
+ PR_DestroyRWLock(sid->u.ssl3.lock);
+ }
+
+ if (sid->peerID != NULL)
+ PORT_Free((void *)sid->peerID); /* CONST */
+
+ if (sid->urlSvrName != NULL)
+ PORT_Free((void *)sid->urlSvrName); /* CONST */
+
+ if (sid->peerCert) {
+ CERT_DestroyCertificate(sid->peerCert);
+ }
+ if (sid->peerCertStatus.items) {
+ SECITEM_FreeArray(&sid->peerCertStatus, PR_FALSE);
+ }
+
+ if (sid->localCert) {
+ CERT_DestroyCertificate(sid->localCert);
+ }
+
+ SECITEM_FreeItem(&sid->u.ssl3.alpnSelection, PR_FALSE);
+
+ PORT_ZFree(sid, sizeof(sslSessionID));
+}
+
+/* BEWARE: This function gets called for both client and server SIDs !!
+ * Decrement reference count, and
+ * free sid if ref count is zero, and sid is not in the cache.
+ * Does NOT remove from the cache first.
+ * If the sid is still in the cache, it is left there until next time
+ * the cache list is traversed.
+ */
+static void
+ssl_FreeLockedSID(sslSessionID *sid)
+{
+ PORT_Assert(sid->references >= 1);
+ if (--sid->references == 0) {
+ ssl_DestroySID(sid);
+ }
+}
+
+/* BEWARE: This function gets called for both client and server SIDs !!
+ * Decrement reference count, and
+ * free sid if ref count is zero, and sid is not in the cache.
+ * Does NOT remove from the cache first.
+ * These locks are necessary because the sid _might_ be in the cache list.
+ */
+void
+ssl_FreeSID(sslSessionID *sid)
+{
+ LOCK_CACHE;
+ ssl_FreeLockedSID(sid);
+ UNLOCK_CACHE;
+}
+
+/************************************************************************/
+
+/*
+** Lookup sid entry in cache by Address, port, and peerID string.
+** If found, Increment reference count, and return pointer to caller.
+** If it has timed out or ref count is zero, remove from list and free it.
+*/
+
+sslSessionID *
+ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, const char *peerID,
+ const char *urlSvrName)
+{
+ sslSessionID **sidp;
+ sslSessionID *sid;
+ PRUint32 now;
+
+ if (!urlSvrName)
+ return NULL;
+ now = ssl_Time();
+ LOCK_CACHE;
+ sidp = &cache;
+ while ((sid = *sidp) != 0) {
+ PORT_Assert(sid->cached == in_client_cache);
+ PORT_Assert(sid->references >= 1);
+
+ SSL_TRC(8, ("SSL: Lookup1: sid=0x%x", sid));
+
+ if (sid->expirationTime < now) {
+ /*
+ ** This session-id timed out.
+ ** Don't even care who it belongs to, blow it out of our cache.
+ */
+ SSL_TRC(7, ("SSL: lookup1, throwing sid out, age=%d refs=%d",
+ now - sid->creationTime, sid->references));
+
+ *sidp = sid->next; /* delink it from the list. */
+ sid->cached = invalid_cache; /* mark not on list. */
+ ssl_FreeLockedSID(sid); /* drop ref count, free. */
+ } else if (!memcmp(&sid->addr, addr, sizeof(PRIPv6Addr)) && /* server IP addr matches */
+ (sid->port == port) && /* server port matches */
+ /* proxy (peerID) matches */
+ (((peerID == NULL) && (sid->peerID == NULL)) ||
+ ((peerID != NULL) && (sid->peerID != NULL) &&
+ PORT_Strcmp(sid->peerID, peerID) == 0)) &&
+ /* is cacheable */
+ (sid->u.ssl3.keys.resumable) &&
+ /* server hostname matches. */
+ (sid->urlSvrName != NULL) &&
+ (0 == PORT_Strcmp(urlSvrName, sid->urlSvrName))) {
+ /* Hit */
+ sid->lastAccessTime = now;
+ sid->references++;
+ break;
+ } else {
+ sidp = &sid->next;
+ }
+ }
+ UNLOCK_CACHE;
+ return sid;
+}
+
+/*
+** Add an sid to the cache or return a previously cached entry to the cache.
+** Although this is static, it is called via ss->sec.cache().
+*/
+static void
+CacheSID(sslSessionID *sid)
+{
+ PRUint32 expirationPeriod;
+
+ PORT_Assert(sid->cached == never_cached);
+
+ SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
+ "time=%x cached=%d",
+ sid, sid->cached, sid->addr.pr_s6_addr32[0],
+ sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2],
+ sid->addr.pr_s6_addr32[3], sid->port, sid->creationTime,
+ sid->cached));
+
+ if (!sid->urlSvrName) {
+ /* don't cache this SID because it can never be matched */
+ return;
+ }
+
+ if (sid->u.ssl3.sessionIDLength == 0 &&
+ sid->u.ssl3.locked.sessionTicket.ticket.data == NULL)
+ return;
+
+ /* Client generates the SessionID if this was a stateless resume. */
+ if (sid->u.ssl3.sessionIDLength == 0) {
+ SECStatus rv;
+ rv = PK11_GenerateRandom(sid->u.ssl3.sessionID,
+ SSL3_SESSIONID_BYTES);
+ if (rv != SECSuccess)
+ return;
+ sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;
+ }
+ expirationPeriod = ssl3_sid_timeout;
+ PRINT_BUF(8, (0, "sessionID:",
+ sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength));
+
+ sid->u.ssl3.lock = PR_NewRWLock(PR_RWLOCK_RANK_NONE, NULL);
+ if (!sid->u.ssl3.lock) {
+ return;
+ }
+ PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
+ if (!sid->creationTime)
+ sid->lastAccessTime = sid->creationTime = ssl_Time();
+ if (!sid->expirationTime)
+ sid->expirationTime = sid->creationTime + expirationPeriod;
+
+ /*
+ * Put sid into the cache. Bump reference count to indicate that
+ * cache is holding a reference. Uncache will reduce the cache
+ * reference.
+ */
+ LOCK_CACHE;
+ sid->references++;
+ sid->cached = in_client_cache;
+ sid->next = cache;
+ cache = sid;
+ UNLOCK_CACHE;
+}
+
+/*
+ * If sid "zap" is in the cache,
+ * removes sid from cache, and decrements reference count.
+ * Caller must hold cache lock.
+ */
+static void
+UncacheSID(sslSessionID *zap)
+{
+ sslSessionID **sidp = &cache;
+ sslSessionID *sid;
+
+ if (zap->cached != in_client_cache) {
+ return;
+ }
+
+ SSL_TRC(8, ("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
+ "time=%x cipherSuite=%d",
+ zap, zap->cached, zap->addr.pr_s6_addr32[0],
+ zap->addr.pr_s6_addr32[1], zap->addr.pr_s6_addr32[2],
+ zap->addr.pr_s6_addr32[3], zap->port, zap->creationTime,
+ zap->u.ssl3.cipherSuite));
+
+ /* See if it's in the cache, if so nuke it */
+ while ((sid = *sidp) != 0) {
+ if (sid == zap) {
+ /*
+ ** Bingo. Reduce reference count by one so that when
+ ** everyone is done with the sid we can free it up.
+ */
+ *sidp = zap->next;
+ zap->cached = invalid_cache;
+ ssl_FreeLockedSID(zap);
+ return;
+ }
+ sidp = &sid->next;
+ }
+}
+
+/* If sid "zap" is in the cache,
+ * removes sid from cache, and decrements reference count.
+ * Although this function is static, it is called externally via
+ * ss->sec.uncache().
+ */
+static void
+LockAndUncacheSID(sslSessionID *zap)
+{
+ LOCK_CACHE;
+ UncacheSID(zap);
+ UNLOCK_CACHE;
+}
+
+/* choose client or server cache functions for this sslsocket. */
+void
+ssl_ChooseSessionIDProcs(sslSecurityInfo *sec)
+{
+ if (sec->isServer) {
+ sec->cache = ssl_sid_cache;
+ sec->uncache = ssl_sid_uncache;
+ } else {
+ sec->cache = CacheSID;
+ sec->uncache = LockAndUncacheSID;
+ }
+}
+
+/* wipe out the entire client session cache. */
+void
+SSL_ClearSessionCache(void)
+{
+ LOCK_CACHE;
+ while (cache != NULL)
+ UncacheSID(cache);
+ UNLOCK_CACHE;
+}
+
+/* returns an unsigned int containing the number of seconds in PR_Now() */
+PRUint32
+ssl_Time(void)
+{
+#ifdef UNSAFE_FUZZER_MODE
+ return 1234;
+#endif
+
+ PRUint32 myTime;
+#if defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)
+ myTime = time(NULL); /* accurate until the year 2038. */
+#else
+ /* portable, but possibly slower */
+ PRTime now;
+ PRInt64 ll;
+
+ now = PR_Now();
+ LL_I2L(ll, 1000000L);
+ LL_DIV(now, now, ll);
+ LL_L2UI(myTime, now);
+#endif
+ return myTime;
+}
+
+void
+ssl3_SetSIDSessionTicket(sslSessionID *sid,
+ /*in/out*/ NewSessionTicket *newSessionTicket)
+{
+ PORT_Assert(sid);
+ PORT_Assert(newSessionTicket);
+ PORT_Assert(newSessionTicket->ticket.data);
+ PORT_Assert(newSessionTicket->ticket.len != 0);
+
+ /* if sid->u.ssl3.lock, we are updating an existing entry that is already
+ * cached or was once cached, so we need to acquire and release the write
+ * lock. Otherwise, this is a new session that isn't shared with anything
+ * yet, so no locking is needed.
+ */
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Wlock(sid->u.ssl3.lock);
+ if (sid->u.ssl3.locked.sessionTicket.ticket.data) {
+ SECITEM_FreeItem(&sid->u.ssl3.locked.sessionTicket.ticket,
+ PR_FALSE);
+ }
+ }
+
+ PORT_Assert(!sid->u.ssl3.locked.sessionTicket.ticket.data);
+
+ /* Do a shallow copy, moving the ticket data. */
+ sid->u.ssl3.locked.sessionTicket = *newSessionTicket;
+ newSessionTicket->ticket.data = NULL;
+ newSessionTicket->ticket.len = 0;
+
+ if (sid->u.ssl3.lock) {
+ PR_RWLock_Unlock(sid->u.ssl3.lock);
+ }
+}
diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h
new file mode 100644
index 000000000..70daea0a1
--- /dev/null
+++ b/security/nss/lib/ssl/sslproto.h
@@ -0,0 +1,294 @@
+/*
+ * Various and sundry protocol constants. DON'T CHANGE THESE. These values
+ * are mostly defined by the SSL3 or TLS protocol specifications.
+ * Cipher kinds and ciphersuites are part of the public API.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __sslproto_h_
+#define __sslproto_h_
+
+/* clang-format off */
+
+/* All versions less than 3_0 are treated as SSL version 2 */
+#define SSL_LIBRARY_VERSION_2 0x0002
+#define SSL_LIBRARY_VERSION_3_0 0x0300
+#define SSL_LIBRARY_VERSION_TLS_1_0 0x0301
+#define SSL_LIBRARY_VERSION_TLS_1_1 0x0302
+#define SSL_LIBRARY_VERSION_TLS_1_2 0x0303
+#define SSL_LIBRARY_VERSION_TLS_1_3 0x0304
+
+/* Note: this is the internal format, not the wire format */
+#define SSL_LIBRARY_VERSION_DTLS_1_0 SSL_LIBRARY_VERSION_TLS_1_1
+#define SSL_LIBRARY_VERSION_DTLS_1_2 SSL_LIBRARY_VERSION_TLS_1_2
+#define SSL_LIBRARY_VERSION_DTLS_1_3 SSL_LIBRARY_VERSION_TLS_1_3
+
+/* deprecated old name */
+#define SSL_LIBRARY_VERSION_3_1_TLS SSL_LIBRARY_VERSION_TLS_1_0
+
+/* The DTLS versions used in the spec */
+#define SSL_LIBRARY_VERSION_DTLS_1_0_WIRE ((~0x0100) & 0xffff)
+#define SSL_LIBRARY_VERSION_DTLS_1_2_WIRE ((~0x0102) & 0xffff)
+#define SSL_LIBRARY_VERSION_DTLS_1_3_WIRE SSL_LIBRARY_VERSION_DTLS_1_3
+
+/* Certificate types */
+#define SSL_CT_X509_CERTIFICATE 0x01
+#if 0 /* XXX Not implemented yet */
+#define SSL_PKCS6_CERTIFICATE 0x02
+#endif
+#define SSL_AT_MD5_WITH_RSA_ENCRYPTION 0x01
+
+/* Error codes */
+#define SSL_PE_NO_CYPHERS 0x0001
+#define SSL_PE_NO_CERTIFICATE 0x0002
+#define SSL_PE_BAD_CERTIFICATE 0x0004
+#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
+
+/* Deprecated SSL 3.0 & libssl names replaced by IANA-registered TLS names. */
+#ifndef SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES
+#define SSL_NULL_WITH_NULL_NULL TLS_NULL_WITH_NULL_NULL
+#define SSL_RSA_WITH_NULL_MD5 TLS_RSA_WITH_NULL_MD5
+#define SSL_RSA_WITH_NULL_SHA TLS_RSA_WITH_NULL_SHA
+#define SSL_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_MD5
+#define SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_SHA
+#define SSL_RSA_WITH_IDEA_CBC_SHA TLS_RSA_WITH_IDEA_CBC_SHA
+#define SSL_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA
+#define SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA
+#define SSL_DH_DSS_WITH_DES_CBC_SHA TLS_DH_DSS_WITH_DES_CBC_SHA
+#define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
+#define SSL_DH_RSA_WITH_DES_CBC_SHA TLS_DH_RSA_WITH_DES_CBC_SHA
+#define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
+#define SSL_DHE_DSS_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA
+#define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
+#define SSL_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_WITH_DES_CBC_SHA
+#define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+#define SSL_DH_ANON_WITH_RC4_128_MD5 TLS_DH_anon_WITH_RC4_128_MD5
+#define SSL_DH_ANON_WITH_DES_CBC_SHA TLS_DH_anon_WITH_DES_CBC_SHA
+#define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
+#define TLS_DH_ANON_WITH_AES_128_CBC_SHA TLS_DH_anon_WITH_AES_128_CBC_SHA
+#define TLS_DH_ANON_WITH_AES_256_CBC_SHA TLS_DH_anon_WITH_AES_256_CBC_SHA
+#define TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
+#define TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
+#endif
+
+#define TLS_NULL_WITH_NULL_NULL 0x0000
+
+#define TLS_RSA_WITH_NULL_MD5 0x0001
+#define TLS_RSA_WITH_NULL_SHA 0x0002
+#define TLS_RSA_WITH_RC4_128_MD5 0x0004
+#define TLS_RSA_WITH_RC4_128_SHA 0x0005
+#define TLS_RSA_WITH_IDEA_CBC_SHA 0x0007
+#define TLS_RSA_WITH_DES_CBC_SHA 0x0009
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000a
+
+#define TLS_DH_DSS_WITH_DES_CBC_SHA 0x000c
+#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000d
+#define TLS_DH_RSA_WITH_DES_CBC_SHA 0x000f
+#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010
+
+#define TLS_DHE_DSS_WITH_DES_CBC_SHA 0x0012
+#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016
+
+#define TLS_DH_anon_WITH_RC4_128_MD5 0x0018
+#define TLS_DH_anon_WITH_DES_CBC_SHA 0x001a
+#define TLS_DH_anon_WITH_3DES_EDE_CBC_SHA 0x001b
+
+#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033
+#define TLS_DH_anon_WITH_AES_128_CBC_SHA 0x0034
+
+#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039
+#define TLS_DH_anon_WITH_AES_256_CBC_SHA 0x003A
+#define TLS_RSA_WITH_NULL_SHA256 0x003B
+#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C
+#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D
+
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 0x0040
+#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0041
+#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0042
+#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0043
+#define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0044
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0045
+#define TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA 0x0046
+
+#define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 0x006A
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B
+
+#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0084
+#define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0085
+#define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0086
+#define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0087
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0088
+#define TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA 0x0089
+
+#define TLS_RSA_WITH_SEED_CBC_SHA 0x0096
+
+#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C
+#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D
+#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009F
+#define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2
+#define TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 0x00A3
+
+/* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client.
+ * Must NEVER be chosen by server. SSL 3.0 server acknowledges by sending
+ * back an empty Renegotiation Info (RI) server hello extension.
+ */
+#define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF
+
+/* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates that a
+ * handshake is the result of TLS version fallback.
+ */
+#define TLS_FALLBACK_SCSV 0x5600
+
+/* Cipher Suite Values starting with 0xC000 are defined in informational
+ * RFCs.
+ */
+#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
+#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
+#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
+#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
+#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
+
+#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
+#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
+#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
+#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
+#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
+
+#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
+#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
+#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
+#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
+#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
+
+#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
+#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
+#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
+
+#define TLS_ECDH_anon_WITH_NULL_SHA 0xC015
+#define TLS_ECDH_anon_WITH_RC4_128_SHA 0xC016
+#define TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 0xC017
+#define TLS_ECDH_anon_WITH_AES_128_CBC_SHA 0xC018
+#define TLS_ECDH_anon_WITH_AES_256_CBC_SHA 0xC019
+
+#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
+#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
+
+#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
+#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
+#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
+#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
+#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
+
+/* draft-ietf-tls-chacha20-poly1305-04 */
+#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8
+#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9
+#define TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA
+
+/* Special TLS 1.3 cipher suites that really just specify AEAD */
+#define TLS_AES_128_GCM_SHA256 0x1301
+#define TLS_AES_256_GCM_SHA384 0x1302
+#define TLS_CHACHA20_POLY1305_SHA256 0x1303
+
+/* PSK cipher suites. NSS doesn't actually support these, but we
+ * exposed them when TLS 1.3 used them so we need to keep them
+ * in the API. */
+#define TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC
+#define TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD
+#define TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 0xD001
+#define TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 0xD002
+#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0x00AA /* RFC 5487 */
+#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0x00AB /* RFC 5487 */
+
+/* DTLS-SRTP cipher suites from RFC 5764 */
+/* If you modify this, also modify MAX_DTLS_SRTP_CIPHER_SUITES in sslimpl.h */
+#define SRTP_AES128_CM_HMAC_SHA1_80 0x0001
+#define SRTP_AES128_CM_HMAC_SHA1_32 0x0002
+#define SRTP_NULL_HMAC_SHA1_80 0x0005
+#define SRTP_NULL_HMAC_SHA1_32 0x0006
+
+/* DO NOT USE. (deprecated, will be removed) */
+#define SSL_HL_ERROR_HBYTES 3
+#define SSL_HL_CLIENT_HELLO_HBYTES 9
+#define SSL_HL_CLIENT_MASTER_KEY_HBYTES 10
+#define SSL_HL_CLIENT_FINISHED_HBYTES 1
+#define SSL_HL_SERVER_HELLO_HBYTES 11
+#define SSL_HL_SERVER_VERIFY_HBYTES 1
+#define SSL_HL_SERVER_FINISHED_HBYTES 1
+#define SSL_HL_REQUEST_CERTIFICATE_HBYTES 2
+#define SSL_HL_CLIENT_CERTIFICATE_HBYTES 6
+#define SSL_MT_ERROR 0
+#define SSL_MT_CLIENT_HELLO 1
+#define SSL_MT_CLIENT_MASTER_KEY 2
+#define SSL_MT_CLIENT_FINISHED 3
+#define SSL_MT_SERVER_HELLO 4
+#define SSL_MT_SERVER_VERIFY 5
+#define SSL_MT_SERVER_FINISHED 6
+#define SSL_MT_REQUEST_CERTIFICATE 7
+#define SSL_MT_CLIENT_CERTIFICATE 8
+#define SSL_CK_RC4_128_WITH_MD5 0x01
+#define SSL_CK_RC4_128_EXPORT40_WITH_MD5 0x02
+#define SSL_CK_RC2_128_CBC_WITH_MD5 0x03
+#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x04
+#define SSL_CK_IDEA_128_CBC_WITH_MD5 0x05
+#define SSL_CK_DES_64_CBC_WITH_MD5 0x06
+#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5 0x07
+#define SSL_EN_RC4_128_WITH_MD5 0xFF01
+#define SSL_EN_RC4_128_EXPORT40_WITH_MD5 0xFF02
+#define SSL_EN_RC2_128_CBC_WITH_MD5 0xFF03
+#define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 0xFF04
+#define SSL_EN_IDEA_128_CBC_WITH_MD5 0xFF05
+#define SSL_EN_DES_64_CBC_WITH_MD5 0xFF06
+#define SSL_EN_DES_192_EDE3_CBC_WITH_MD5 0xFF07
+#define TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0003
+#define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006
+#define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008
+#define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x0062
+#define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA 0x0064
+#define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014
+#define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000e
+#define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063
+#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065
+#define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000b
+#define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011
+#define TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 0x0017
+#define TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA 0x0019
+#define SSL_FORTEZZA_DMS_WITH_NULL_SHA 0x001c
+#define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA 0x001d
+#define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA 0x001e
+#define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0
+#define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1
+#define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff
+#define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe
+#define SSL_RSA_EXPORT_WITH_RC4_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5
+#define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
+#define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
+#define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
+#define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
+#define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
+#define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
+#define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
+#define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5 TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
+
+/* clang-format on */
+
+#endif /* __sslproto_h_ */
diff --git a/security/nss/lib/ssl/sslreveal.c b/security/nss/lib/ssl/sslreveal.c
new file mode 100644
index 000000000..4c124a1dc
--- /dev/null
+++ b/security/nss/lib/ssl/sslreveal.c
@@ -0,0 +1,110 @@
+/*
+ * Accessor functions for SSLSocket private members.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "cert.h"
+#include "ssl.h"
+#include "certt.h"
+#include "sslimpl.h"
+
+/* given PRFileDesc, returns a copy of certificate associated with the socket
+ * the caller should delete the cert when done with SSL_DestroyCertificate
+ */
+CERTCertificate *
+SSL_RevealCert(PRFileDesc *fd)
+{
+ CERTCertificate *cert = NULL;
+ sslSocket *sslsocket = NULL;
+
+ sslsocket = ssl_FindSocket(fd);
+
+ /* CERT_DupCertificate increases reference count and returns pointer to
+ * the same cert
+ */
+ if (sslsocket && sslsocket->sec.peerCert)
+ cert = CERT_DupCertificate(sslsocket->sec.peerCert);
+
+ return cert;
+}
+
+/* given PRFileDesc, returns a pointer to PinArg associated with the socket
+ */
+void *
+SSL_RevealPinArg(PRFileDesc *fd)
+{
+ sslSocket *sslsocket = NULL;
+ void *PinArg = NULL;
+
+ sslsocket = ssl_FindSocket(fd);
+
+ /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
+ if (sslsocket)
+ PinArg = sslsocket->pkcs11PinArg;
+
+ return PinArg;
+}
+
+/* given PRFileDesc, returns a pointer to the URL associated with the socket
+ * the caller should free url when done
+ */
+char *
+SSL_RevealURL(PRFileDesc *fd)
+{
+ sslSocket *sslsocket = NULL;
+ char *url = NULL;
+
+ sslsocket = ssl_FindSocket(fd);
+
+ if (sslsocket && sslsocket->url)
+ url = PL_strdup(sslsocket->url);
+
+ return url;
+}
+
+/* given PRFileDesc, returns status information related to extensions
+ * negotiated with peer during the handshake.
+ */
+
+SECStatus
+SSL_HandshakeNegotiatedExtension(PRFileDesc *socket,
+ SSLExtensionType extId,
+ PRBool *pYes)
+{
+ /* some decisions derived from SSL_GetChannelInfo */
+ sslSocket *sslsocket = NULL;
+
+ if (!pYes) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ sslsocket = ssl_FindSocket(socket);
+ if (!sslsocket) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeNegotiatedExtension",
+ SSL_GETPID(), socket));
+ return SECFailure;
+ }
+
+ *pYes = PR_FALSE;
+
+ /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
+ if (sslsocket->opt.useSecurity) {
+ if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
+ /* now we know this socket went through ssl3_InitState() and
+ * ss->xtnData got initialized, which is the only member accessed by
+ * ssl3_ExtensionNegotiated();
+ * Member xtnData appears to get accessed in functions that handle
+ * the handshake (hello messages and extension sending),
+ * therefore the handshake lock should be sufficient.
+ */
+ ssl_GetSSL3HandshakeLock(sslsocket);
+ *pYes = ssl3_ExtensionNegotiated(sslsocket, extId);
+ ssl_ReleaseSSL3HandshakeLock(sslsocket);
+ }
+ }
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c
new file mode 100644
index 000000000..eecf44396
--- /dev/null
+++ b/security/nss/lib/ssl/sslsecur.c
@@ -0,0 +1,1235 @@
+/*
+ * Various SSL functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "cert.h"
+#include "secitem.h"
+#include "keyhi.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "secoid.h" /* for SECOID_GetALgorithmTag */
+#include "pk11func.h" /* for PK11_GenerateRandom */
+#include "nss.h" /* for NSS_RegisterShutdown */
+#include "prinit.h" /* for PR_CallOnceWithArg */
+
+/* Returns a SECStatus: SECSuccess or SECFailure, NOT SECWouldBlock.
+ *
+ * Currently, the list of functions called through ss->handshake is:
+ *
+ * In sslsocks.c:
+ * SocksGatherRecord
+ * SocksHandleReply
+ * SocksStartGather
+ *
+ * In sslcon.c:
+ * ssl_GatherRecord1stHandshake
+ * ssl_BeginClientHandshake
+ * ssl_BeginServerHandshake
+ *
+ * The ss->handshake function returns SECWouldBlock if it was returned by
+ * one of the callback functions, via one of these paths:
+ *
+ * - ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() ->
+ * ssl3_HandleRecord() -> ssl3_HandleHandshake() ->
+ * ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificate() ->
+ * ss->handleBadCert()
+ *
+ * - ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() ->
+ * ssl3_HandleRecord() -> ssl3_HandleHandshake() ->
+ * ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificateRequest() ->
+ * ss->getClientAuthData()
+ *
+ * Called from: SSL_ForceHandshake (below),
+ * ssl_SecureRecv (below) and
+ * ssl_SecureSend (below)
+ * from: WaitForResponse in sslsocks.c
+ * ssl_SocksRecv in sslsocks.c
+ * ssl_SocksSend in sslsocks.c
+ *
+ * Caller must hold the (write) handshakeLock.
+ */
+int
+ssl_Do1stHandshake(sslSocket *ss)
+{
+ int rv = SECSuccess;
+
+ while (ss->handshake && rv == SECSuccess) {
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || !ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || !ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || !ssl_HaveSSL3HandshakeLock(ss));
+
+ rv = (*ss->handshake)(ss);
+ };
+
+ PORT_Assert(ss->opt.noLocks || !ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || !ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || !ssl_HaveSSL3HandshakeLock(ss));
+
+ if (rv == SECWouldBlock) {
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+void
+ssl_FinishHandshake(sslSocket *ss)
+{
+ PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+
+ SSL_TRC(3, ("%d: SSL[%d]: handshake is completed", SSL_GETPID(), ss->fd));
+
+ ss->firstHsDone = PR_TRUE;
+ ss->enoughFirstHsDone = PR_TRUE;
+ ss->gs.writeOffset = 0;
+ ss->gs.readOffset = 0;
+
+ if (ss->handshakeCallback) {
+ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all) ==
+ ssl_preinfo_all);
+ (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
+ }
+
+ ssl_FreeEphemeralKeyPairs(ss);
+}
+
+/*
+ * Handshake function that blocks. Used to force a
+ * retry on a connection on the next read/write.
+ */
+static SECStatus
+ssl3_AlwaysBlock(sslSocket *ss)
+{
+ PORT_SetError(PR_WOULD_BLOCK_ERROR); /* perhaps redundant. */
+ return SECWouldBlock;
+}
+
+/*
+ * set the initial handshake state machine to block
+ */
+void
+ssl3_SetAlwaysBlock(sslSocket *ss)
+{
+ if (!ss->firstHsDone) {
+ ss->handshake = ssl3_AlwaysBlock;
+ }
+}
+
+static SECStatus
+ssl_SetTimeout(PRFileDesc *fd, PRIntervalTime timeout)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SetTimeout", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ SSL_LOCK_READER(ss);
+ ss->rTimeout = timeout;
+ if (ss->opt.fdx) {
+ SSL_LOCK_WRITER(ss);
+ }
+ ss->wTimeout = timeout;
+ if (ss->opt.fdx) {
+ SSL_UNLOCK_WRITER(ss);
+ }
+ SSL_UNLOCK_READER(ss);
+ return SECSuccess;
+}
+
+/* Acquires and releases HandshakeLock.
+*/
+SECStatus
+SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
+{
+ sslSocket *ss;
+ SECStatus status;
+ PRNetAddr addr;
+
+ ss = ssl_FindSocket(s);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in ResetHandshake", SSL_GETPID(), s));
+ return SECFailure;
+ }
+
+ /* Don't waste my time */
+ if (!ss->opt.useSecurity)
+ return SECSuccess;
+
+ SSL_LOCK_READER(ss);
+ SSL_LOCK_WRITER(ss);
+
+ /* Reset handshake state */
+ ssl_Get1stHandshakeLock(ss);
+
+ ss->firstHsDone = PR_FALSE;
+ ss->enoughFirstHsDone = PR_FALSE;
+ if (asServer) {
+ ss->handshake = ssl_BeginServerHandshake;
+ ss->handshaking = sslHandshakingAsServer;
+ } else {
+ ss->handshake = ssl_BeginClientHandshake;
+ ss->handshaking = sslHandshakingAsClient;
+ }
+
+ ssl_GetRecvBufLock(ss);
+ status = ssl3_InitGather(&ss->gs);
+ ssl_ReleaseRecvBufLock(ss);
+ if (status != SECSuccess)
+ goto loser;
+
+ ssl_GetSSL3HandshakeLock(ss);
+ ss->ssl3.hs.canFalseStart = PR_FALSE;
+ ss->ssl3.hs.restartTarget = NULL;
+
+ /*
+ ** Blow away old security state and get a fresh setup.
+ */
+ ssl_GetXmitBufLock(ss);
+ ssl_ResetSecurityInfo(&ss->sec, PR_TRUE);
+ status = ssl_CreateSecurityInfo(ss);
+ ssl_ReleaseXmitBufLock(ss);
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
+ ssl3_ResetExtensionData(&ss->xtnData);
+
+ if (!ss->TCPconnected)
+ ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
+
+loser:
+ SSL_UNLOCK_WRITER(ss);
+ SSL_UNLOCK_READER(ss);
+
+ return status;
+}
+
+/* For SSLv2, does nothing but return an error.
+** For SSLv3, flushes SID cache entry (if requested),
+** and then starts new client hello or hello request.
+** Acquires and releases HandshakeLock.
+*/
+SECStatus
+SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
+{
+ sslSocket *ss;
+ SECStatus rv;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!ss->opt.useSecurity)
+ return SECSuccess;
+
+ ssl_Get1stHandshakeLock(ss);
+
+ ssl_GetSSL3HandshakeLock(ss);
+ rv = ssl3_RedoHandshake(ss, flushCache); /* force full handshake. */
+ ssl_ReleaseSSL3HandshakeLock(ss);
+
+ ssl_Release1stHandshakeLock(ss);
+
+ return rv;
+}
+
+/*
+** Same as above, but with an I/O timeout.
+ */
+SSL_IMPORT SECStatus
+SSL_ReHandshakeWithTimeout(PRFileDesc *fd,
+ PRBool flushCache,
+ PRIntervalTime timeout)
+{
+ if (SECSuccess != ssl_SetTimeout(fd, timeout)) {
+ return SECFailure;
+ }
+ return SSL_ReHandshake(fd, flushCache);
+}
+
+SECStatus
+SSL_RedoHandshake(PRFileDesc *fd)
+{
+ return SSL_ReHandshake(fd, PR_TRUE);
+}
+
+/* Register an application callback to be called when SSL handshake completes.
+** Acquires and releases HandshakeLock.
+*/
+SECStatus
+SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
+ void *client_data)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!ss->opt.useSecurity) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ ss->handshakeCallback = cb;
+ ss->handshakeCallbackData = client_data;
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return SECSuccess;
+}
+
+/* Register an application callback to be called when false start may happen.
+** Acquires and releases HandshakeLock.
+*/
+SECStatus
+SSL_SetCanFalseStartCallback(PRFileDesc *fd, SSLCanFalseStartCallback cb,
+ void *arg)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCanFalseStartCallback",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!ss->opt.useSecurity) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ ss->canFalseStartCallback = cb;
+ ss->canFalseStartCallbackData = arg;
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_RecommendedCanFalseStart(PRFileDesc *fd, PRBool *canFalseStart)
+{
+ sslSocket *ss;
+
+ *canFalseStart = PR_FALSE;
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_RecommendedCanFalseStart",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!ss->ssl3.initialized) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Require a forward-secret key exchange. */
+ *canFalseStart = ss->ssl3.hs.kea_def->kea == kea_dhe_dss ||
+ ss->ssl3.hs.kea_def->kea == kea_dhe_rsa ||
+ ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
+ ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa;
+
+ return SECSuccess;
+}
+
+/* Try to make progress on an SSL handshake by attempting to read the
+** next handshake from the peer, and sending any responses.
+** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK if it cannot
+** read the next handshake from the underlying socket.
+** Returns when handshake is complete, or application data has
+** arrived that must be taken by application before handshake can continue,
+** or a fatal error occurs.
+** Application should use handshake completion callback to tell which.
+*/
+SECStatus
+SSL_ForceHandshake(PRFileDesc *fd)
+{
+ sslSocket *ss;
+ SECStatus rv = SECFailure;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in ForceHandshake",
+ SSL_GETPID(), fd));
+ return rv;
+ }
+
+ /* Don't waste my time */
+ if (!ss->opt.useSecurity)
+ return SECSuccess;
+
+ if (!ssl_SocketIsBlocking(ss)) {
+ ssl_GetXmitBufLock(ss);
+ if (ss->pendingBuf.len != 0) {
+ int sent = ssl_SendSavedWriteData(ss);
+ if ((sent < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
+ ssl_ReleaseXmitBufLock(ss);
+ return SECFailure;
+ }
+ }
+ ssl_ReleaseXmitBufLock(ss);
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+
+ if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
+ int gatherResult;
+
+ ssl_GetRecvBufLock(ss);
+ gatherResult = ssl3_GatherCompleteHandshake(ss, 0);
+ ssl_ReleaseRecvBufLock(ss);
+ if (gatherResult > 0) {
+ rv = SECSuccess;
+ } else if (gatherResult == 0) {
+ PORT_SetError(PR_END_OF_FILE_ERROR);
+ } else if (gatherResult == SECWouldBlock) {
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ }
+ } else {
+ PORT_Assert(!ss->firstHsDone);
+ rv = ssl_Do1stHandshake(ss);
+ }
+
+ ssl_Release1stHandshakeLock(ss);
+
+ return rv;
+}
+
+/*
+ ** Same as above, but with an I/O timeout.
+ */
+SSL_IMPORT SECStatus
+SSL_ForceHandshakeWithTimeout(PRFileDesc *fd,
+ PRIntervalTime timeout)
+{
+ if (SECSuccess != ssl_SetTimeout(fd, timeout)) {
+ return SECFailure;
+ }
+ return SSL_ForceHandshake(fd);
+}
+
+/************************************************************************/
+
+/*
+** Grow a buffer to hold newLen bytes of data.
+** Called for both recv buffers and xmit buffers.
+** Caller must hold xmitBufLock or recvBufLock, as appropriate.
+*/
+SECStatus
+sslBuffer_Grow(sslBuffer *b, unsigned int newLen)
+{
+ newLen = PR_MAX(newLen, MAX_FRAGMENT_LENGTH + 2048);
+ if (newLen > b->space) {
+ unsigned char *newBuf;
+ if (b->buf) {
+ newBuf = (unsigned char *)PORT_Realloc(b->buf, newLen);
+ } else {
+ newBuf = (unsigned char *)PORT_Alloc(newLen);
+ }
+ if (!newBuf) {
+ return SECFailure;
+ }
+ SSL_TRC(10, ("%d: SSL: grow buffer from %d to %d",
+ SSL_GETPID(), b->space, newLen));
+ b->buf = newBuf;
+ b->space = newLen;
+ }
+ return SECSuccess;
+}
+
+SECStatus
+sslBuffer_Append(sslBuffer *b, const void *data, unsigned int len)
+{
+ unsigned int newLen = b->len + len;
+ SECStatus rv;
+
+ rv = sslBuffer_Grow(b, newLen);
+ if (rv != SECSuccess)
+ return rv;
+ PORT_Memcpy(b->buf + b->len, data, len);
+ b->len += len;
+ return SECSuccess;
+}
+
+void
+sslBuffer_Clear(sslBuffer *b)
+{
+ if (b->len > 0) {
+ PORT_Free(b->buf);
+ b->buf = NULL;
+ b->len = 0;
+ b->space = 0;
+ }
+}
+
+/*
+** Save away write data that is trying to be written before the security
+** handshake has been completed. When the handshake is completed, we will
+** flush this data out.
+** Caller must hold xmitBufLock
+*/
+SECStatus
+ssl_SaveWriteData(sslSocket *ss, const void *data, unsigned int len)
+{
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ rv = sslBuffer_Append(&ss->pendingBuf, data, len);
+ SSL_TRC(5, ("%d: SSL[%d]: saving %u bytes of data (%u total saved so far)",
+ SSL_GETPID(), ss->fd, len, ss->pendingBuf.len));
+ return rv;
+}
+
+/*
+** Send saved write data. This will flush out data sent prior to a
+** complete security handshake. Hopefully there won't be too much of it.
+** Returns count of the bytes sent, NOT a SECStatus.
+** Caller must hold xmitBufLock
+*/
+int
+ssl_SendSavedWriteData(sslSocket *ss)
+{
+ int rv = 0;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ if (ss->pendingBuf.len != 0) {
+ SSL_TRC(5, ("%d: SSL[%d]: sending %d bytes of saved data",
+ SSL_GETPID(), ss->fd, ss->pendingBuf.len));
+ rv = ssl_DefSend(ss, ss->pendingBuf.buf, ss->pendingBuf.len, 0);
+ if (rv < 0) {
+ return rv;
+ }
+ ss->pendingBuf.len -= rv;
+ if (ss->pendingBuf.len > 0 && rv > 0) {
+ /* UGH !! This shifts the whole buffer down by copying it */
+ PORT_Memmove(ss->pendingBuf.buf, ss->pendingBuf.buf + rv,
+ ss->pendingBuf.len);
+ }
+ }
+ return rv;
+}
+
+/************************************************************************/
+
+/*
+** Receive some application data on a socket. Reads SSL records from the input
+** stream, decrypts them and then copies them to the output buffer.
+** Called from ssl_SecureRecv() below.
+**
+** Caller does NOT hold 1stHandshakeLock because that handshake is over.
+** Caller doesn't call this until initial handshake is complete.
+** The call to ssl3_GatherAppDataRecord may encounter handshake
+** messages from a subsequent handshake.
+**
+** This code is similar to, and easily confused with,
+** ssl_GatherRecord1stHandshake() in sslcon.c
+*/
+static int
+DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
+{
+ int rv;
+ int amount;
+ int available;
+
+ /* ssl3_GatherAppDataRecord may call ssl_FinishHandshake, which needs the
+ * 1stHandshakeLock. */
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetRecvBufLock(ss);
+
+ available = ss->gs.writeOffset - ss->gs.readOffset;
+ if (available == 0) {
+ /* Wait for application data to arrive. */
+ rv = ssl3_GatherAppDataRecord(ss, 0);
+ if (rv <= 0) {
+ if (rv == 0) {
+ /* EOF */
+ SSL_TRC(10, ("%d: SSL[%d]: ssl_recv EOF",
+ SSL_GETPID(), ss->fd));
+ goto done;
+ }
+ if ((rv != SECWouldBlock) &&
+ (PR_GetError() != PR_WOULD_BLOCK_ERROR)) {
+ /* Some random error */
+ goto done;
+ }
+
+ /*
+ ** Gather record is blocked waiting for more record data to
+ ** arrive. Try to process what we have already received
+ */
+ } else {
+ /* Gather record has finished getting a complete record */
+ }
+
+ /* See if any clear data is now available */
+ available = ss->gs.writeOffset - ss->gs.readOffset;
+ if (available == 0) {
+ /*
+ ** No partial data is available. Force error code to
+ ** EWOULDBLOCK so that caller will try again later. Note
+ ** that the error code is probably EWOULDBLOCK already,
+ ** but if it isn't (for example, if we received a zero
+ ** length record) then this will force it to be correct.
+ */
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ rv = SECFailure;
+ goto done;
+ }
+ SSL_TRC(30, ("%d: SSL[%d]: partial data ready, available=%d",
+ SSL_GETPID(), ss->fd, available));
+ }
+
+ if (IS_DTLS(ss) && (len < available)) {
+ /* DTLS does not allow you to do partial reads */
+ SSL_TRC(30, ("%d: SSL[%d]: DTLS short read. len=%d available=%d",
+ SSL_GETPID(), ss->fd, len, available));
+ ss->gs.readOffset += available;
+ PORT_SetError(SSL_ERROR_RX_SHORT_DTLS_READ);
+ rv = SECFailure;
+ goto done;
+ }
+
+ /* Dole out clear data to reader */
+ amount = PR_MIN(len, available);
+ PORT_Memcpy(out, ss->gs.buf.buf + ss->gs.readOffset, amount);
+ if (!(flags & PR_MSG_PEEK)) {
+ ss->gs.readOffset += amount;
+ }
+ PORT_Assert(ss->gs.readOffset <= ss->gs.writeOffset);
+ rv = amount;
+
+ SSL_TRC(30, ("%d: SSL[%d]: amount=%d available=%d",
+ SSL_GETPID(), ss->fd, amount, available));
+ PRINT_BUF(4, (ss, "DoRecv receiving plaintext:", out, amount));
+
+done:
+ ssl_ReleaseRecvBufLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+ return rv;
+}
+
+/************************************************************************/
+
+SECStatus
+ssl_CreateSecurityInfo(sslSocket *ss)
+{
+ SECStatus status;
+
+ ssl_GetXmitBufLock(ss);
+ status = sslBuffer_Grow(&ss->sec.writeBuf, 4096);
+ ssl_ReleaseXmitBufLock(ss);
+
+ return status;
+}
+
+SECStatus
+ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os)
+{
+ ss->sec.isServer = os->sec.isServer;
+
+ ss->sec.peerCert = CERT_DupCertificate(os->sec.peerCert);
+ if (os->sec.peerCert && !ss->sec.peerCert)
+ goto loser;
+
+ ss->sec.cache = os->sec.cache;
+ ss->sec.uncache = os->sec.uncache;
+
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+/* Reset sec back to its initial state.
+** Caller holds any relevant locks.
+*/
+void
+ssl_ResetSecurityInfo(sslSecurityInfo *sec, PRBool doMemset)
+{
+ if (sec->localCert) {
+ CERT_DestroyCertificate(sec->localCert);
+ sec->localCert = NULL;
+ }
+ if (sec->peerCert) {
+ CERT_DestroyCertificate(sec->peerCert);
+ sec->peerCert = NULL;
+ }
+ if (sec->peerKey) {
+ SECKEY_DestroyPublicKey(sec->peerKey);
+ sec->peerKey = NULL;
+ }
+
+ /* cleanup the ci */
+ if (sec->ci.sid != NULL) {
+ ssl_FreeSID(sec->ci.sid);
+ }
+ PORT_ZFree(sec->ci.sendBuf.buf, sec->ci.sendBuf.space);
+ if (doMemset) {
+ memset(&sec->ci, 0, sizeof sec->ci);
+ }
+}
+
+/*
+** Called from SSL_ResetHandshake (above), and
+** from ssl_FreeSocket in sslsock.c
+** Caller should hold relevant locks (e.g. XmitBufLock)
+*/
+void
+ssl_DestroySecurityInfo(sslSecurityInfo *sec)
+{
+ ssl_ResetSecurityInfo(sec, PR_FALSE);
+
+ PORT_ZFree(sec->writeBuf.buf, sec->writeBuf.space);
+ sec->writeBuf.buf = 0;
+
+ memset(sec, 0, sizeof *sec);
+}
+
+/************************************************************************/
+
+int
+ssl_SecureConnect(sslSocket *ss, const PRNetAddr *sa)
+{
+ PRFileDesc *osfd = ss->fd->lower;
+ int rv;
+
+ if (ss->opt.handshakeAsServer) {
+ ss->handshake = ssl_BeginServerHandshake;
+ ss->handshaking = sslHandshakingAsServer;
+ } else {
+ ss->handshake = ssl_BeginClientHandshake;
+ ss->handshaking = sslHandshakingAsClient;
+ }
+
+ /* connect to server */
+ rv = osfd->methods->connect(osfd, sa, ss->cTimeout);
+ if (rv == PR_SUCCESS) {
+ ss->TCPconnected = 1;
+ } else {
+ int err = PR_GetError();
+ SSL_DBG(("%d: SSL[%d]: connect failed, errno=%d",
+ SSL_GETPID(), ss->fd, err));
+ if (err == PR_IS_CONNECTED_ERROR) {
+ ss->TCPconnected = 1;
+ }
+ }
+
+ SSL_TRC(5, ("%d: SSL[%d]: secure connect completed, rv == %d",
+ SSL_GETPID(), ss->fd, rv));
+ return rv;
+}
+
+/*
+ * The TLS 1.2 RFC 5246, Section 7.2.1 says:
+ *
+ * Unless some other fatal alert has been transmitted, each party is
+ * required to send a close_notify alert before closing the write side
+ * of the connection. The other party MUST respond with a close_notify
+ * alert of its own and close down the connection immediately,
+ * discarding any pending writes. It is not required for the initiator
+ * of the close to wait for the responding close_notify alert before
+ * closing the read side of the connection.
+ *
+ * The second sentence requires that we send a close_notify alert when we
+ * have received a close_notify alert. In practice, all SSL implementations
+ * close the socket immediately after sending a close_notify alert (which is
+ * allowed by the third sentence), so responding with a close_notify alert
+ * would result in a write failure with the ECONNRESET error. This is why
+ * we don't respond with a close_notify alert.
+ *
+ * Also, in the unlikely event that the TCP pipe is full and the peer stops
+ * reading, the SSL3_SendAlert call in ssl_SecureClose and ssl_SecureShutdown
+ * may block indefinitely in blocking mode, and may fail (without retrying)
+ * in non-blocking mode.
+ */
+
+int
+ssl_SecureClose(sslSocket *ss)
+{
+ int rv;
+
+ if (!(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
+ ss->firstHsDone &&
+ !ss->recvdCloseNotify &&
+ ss->ssl3.initialized) {
+
+ /* We don't want the final alert to be Nagle delayed. */
+ if (!ss->delayDisabled) {
+ ssl_EnableNagleDelay(ss, PR_FALSE);
+ ss->delayDisabled = 1;
+ }
+
+ (void)SSL3_SendAlert(ss, alert_warning, close_notify);
+ }
+ rv = ssl_DefClose(ss);
+ return rv;
+}
+
+/* Caller handles all locking */
+int
+ssl_SecureShutdown(sslSocket *ss, int nsprHow)
+{
+ PRFileDesc *osfd = ss->fd->lower;
+ int rv;
+ PRIntn sslHow = nsprHow + 1;
+
+ if ((unsigned)nsprHow > PR_SHUTDOWN_BOTH) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return PR_FAILURE;
+ }
+
+ if ((sslHow & ssl_SHUTDOWN_SEND) != 0 &&
+ !(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
+ ss->firstHsDone &&
+ !ss->recvdCloseNotify &&
+ ss->ssl3.initialized) {
+
+ (void)SSL3_SendAlert(ss, alert_warning, close_notify);
+ }
+
+ rv = osfd->methods->shutdown(osfd, nsprHow);
+
+ ss->shutdownHow |= sslHow;
+
+ return rv;
+}
+
+/************************************************************************/
+
+int
+ssl_SecureRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
+{
+ int rv = 0;
+
+ if (ss->shutdownHow & ssl_SHUTDOWN_RCV) {
+ PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
+ return PR_FAILURE;
+ }
+ if (flags & ~PR_MSG_PEEK) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return PR_FAILURE;
+ }
+
+ if (!ssl_SocketIsBlocking(ss) && !ss->opt.fdx) {
+ ssl_GetXmitBufLock(ss);
+ if (ss->pendingBuf.len != 0) {
+ rv = ssl_SendSavedWriteData(ss);
+ if ((rv < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
+ ssl_ReleaseXmitBufLock(ss);
+ return SECFailure;
+ }
+ }
+ ssl_ReleaseXmitBufLock(ss);
+ }
+
+ rv = 0;
+ if (!PR_CLIST_IS_EMPTY(&ss->ssl3.hs.bufferedEarlyData)) {
+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ return tls13_Read0RttData(ss, buf, len);
+ }
+
+ /* If any of these is non-zero, the initial handshake is not done. */
+ if (!ss->firstHsDone) {
+ ssl_Get1stHandshakeLock(ss);
+ if (ss->handshake) {
+ rv = ssl_Do1stHandshake(ss);
+ }
+ ssl_Release1stHandshakeLock(ss);
+ }
+ if (rv < 0) {
+ return rv;
+ }
+
+ if (len == 0)
+ return 0;
+
+ rv = DoRecv(ss, (unsigned char *)buf, len, flags);
+ SSL_TRC(2, ("%d: SSL[%d]: recving %d bytes securely (errno=%d)",
+ SSL_GETPID(), ss->fd, rv, PORT_GetError()));
+ return rv;
+}
+
+int
+ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
+{
+ return ssl_SecureRecv(ss, buf, len, 0);
+}
+
+/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
+int
+ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
+{
+ int rv = 0;
+
+ SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
+ SSL_GETPID(), ss->fd, len));
+
+ if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
+ PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
+ rv = PR_FAILURE;
+ goto done;
+ }
+ if (flags) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ rv = PR_FAILURE;
+ goto done;
+ }
+
+ ssl_GetXmitBufLock(ss);
+ if (ss->pendingBuf.len != 0) {
+ PORT_Assert(ss->pendingBuf.len > 0);
+ rv = ssl_SendSavedWriteData(ss);
+ if (rv >= 0 && ss->pendingBuf.len != 0) {
+ PORT_Assert(ss->pendingBuf.len > 0);
+ PORT_SetError(PR_WOULD_BLOCK_ERROR);
+ rv = SECFailure;
+ }
+ }
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv < 0) {
+ goto done;
+ }
+
+ if (len > 0)
+ ss->writerThread = PR_GetCurrentThread();
+
+ /* Check to see if we can write even though we're not finished.
+ *
+ * Case 1: False start
+ * Case 2: TLS 1.3 0-RTT
+ */
+ if (!ss->firstHsDone) {
+ PRBool falseStart = PR_FALSE;
+ ssl_Get1stHandshakeLock(ss);
+ if (ss->opt.enableFalseStart ||
+ (ss->opt.enable0RttData && !ss->sec.isServer)) {
+ ssl_GetSSL3HandshakeLock(ss);
+ /* The client can sometimes send before the handshake is fully
+ * complete. In TLS 1.2: false start; in TLS 1.3: 0-RTT. */
+ falseStart = ss->ssl3.hs.canFalseStart ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_sent ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted;
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ }
+ if (!falseStart && ss->handshake) {
+ rv = ssl_Do1stHandshake(ss);
+ }
+ ssl_Release1stHandshakeLock(ss);
+ }
+ if (rv < 0) {
+ ss->writerThread = NULL;
+ goto done;
+ }
+
+ /* Check for zero length writes after we do housekeeping so we make forward
+ * progress.
+ */
+ if (len == 0) {
+ rv = 0;
+ goto done;
+ }
+ PORT_Assert(buf != NULL);
+ if (!buf) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ rv = PR_FAILURE;
+ goto done;
+ }
+
+ if (!ss->firstHsDone) {
+#ifdef DEBUG
+ ssl_GetSSL3HandshakeLock(ss);
+ PORT_Assert(!ss->sec.isServer &&
+ (ss->ssl3.hs.canFalseStart ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_sent ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted));
+ ssl_ReleaseSSL3HandshakeLock(ss);
+#endif
+ SSL_TRC(3, ("%d: SSL[%d]: SecureSend: sending data due to false start",
+ SSL_GETPID(), ss->fd));
+ }
+
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_SendApplicationData(ss, buf, len, flags);
+ ssl_ReleaseXmitBufLock(ss);
+ ss->writerThread = NULL;
+done:
+ if (rv < 0) {
+ SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count, error %d",
+ SSL_GETPID(), ss->fd, rv, PORT_GetError()));
+ } else {
+ SSL_TRC(2, ("%d: SSL[%d]: SecureSend: returning %d count",
+ SSL_GETPID(), ss->fd, rv));
+ }
+ return rv;
+}
+
+int
+ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len)
+{
+ return ssl_SecureSend(ss, buf, len, 0);
+}
+
+SECStatus
+SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f, void *arg)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSLBadCertHook",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ ss->handleBadCert = f;
+ ss->badCertArg = arg;
+
+ return SECSuccess;
+}
+
+/*
+ * Allow the application to pass the url or hostname into the SSL library
+ * so that we can do some checking on it. It will be used for the value in
+ * SNI extension of client hello message.
+ */
+SECStatus
+SSL_SetURL(PRFileDesc *fd, const char *url)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ SECStatus rv = SECSuccess;
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSLSetURL",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ if (ss->url) {
+ PORT_Free((void *)ss->url); /* CONST */
+ }
+
+ ss->url = (const char *)PORT_Strdup(url);
+ if (ss->url == NULL) {
+ rv = SECFailure;
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return rv;
+}
+
+/*
+ * Allow the application to pass the set of trust anchors
+ */
+SECStatus
+SSL_SetTrustAnchors(PRFileDesc *fd, CERTCertList *certList)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ CERTDistNames *names = NULL;
+
+ if (!certList) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetTrustAnchors",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ names = CERT_DistNamesFromCertList(certList);
+ if (names == NULL) {
+ return SECFailure;
+ }
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+ if (ss->ssl3.ca_list) {
+ CERT_FreeDistNames(ss->ssl3.ca_list);
+ }
+ ss->ssl3.ca_list = names;
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return SECSuccess;
+}
+
+/*
+** Returns Negative number on error, zero or greater on success.
+** Returns the amount of data immediately available to be read.
+*/
+int
+SSL_DataPending(PRFileDesc *fd)
+{
+ sslSocket *ss;
+ int rv = 0;
+
+ ss = ssl_FindSocket(fd);
+
+ if (ss && ss->opt.useSecurity) {
+ ssl_GetRecvBufLock(ss);
+ rv = ss->gs.writeOffset - ss->gs.readOffset;
+ ssl_ReleaseRecvBufLock(ss);
+ }
+
+ return rv;
+}
+
+SECStatus
+SSL_InvalidateSession(PRFileDesc *fd)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ SECStatus rv = SECFailure;
+
+ if (ss) {
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ if (ss->sec.ci.sid) {
+ ss->sec.uncache(ss->sec.ci.sid);
+ rv = SECSuccess;
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+ }
+ return rv;
+}
+
+SECItem *
+SSL_GetSessionID(PRFileDesc *fd)
+{
+ sslSocket *ss;
+ SECItem *item = NULL;
+
+ ss = ssl_FindSocket(fd);
+ if (ss) {
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ if (ss->opt.useSecurity && ss->firstHsDone && ss->sec.ci.sid) {
+ item = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (item) {
+ sslSessionID *sid = ss->sec.ci.sid;
+ item->len = sid->u.ssl3.sessionIDLength;
+ item->data = (unsigned char *)PORT_Alloc(item->len);
+ PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
+ }
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+ }
+ return item;
+}
+
+SECStatus
+SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss)
+ return SECFailure;
+ if (!dbHandle) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ ss->dbHandle = dbHandle;
+ return SECSuccess;
+}
+
+/* DO NOT USE. This function was exported in ssl.def with the wrong signature;
+ * this implementation exists to maintain link-time compatibility.
+ */
+int
+SSL_RestartHandshakeAfterCertReq(sslSocket *ss,
+ CERTCertificate *cert,
+ SECKEYPrivateKey *key,
+ CERTCertificateList *certChain)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return -1;
+}
+
+/* DO NOT USE. This function was exported in ssl.def with the wrong signature;
+ * this implementation exists to maintain link-time compatibility.
+ */
+int
+SSL_RestartHandshakeAfterServerCert(sslSocket *ss)
+{
+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
+ return -1;
+}
+
+/* See documentation in ssl.h */
+SECStatus
+SSL_AuthCertificateComplete(PRFileDesc *fd, PRErrorCode error)
+{
+ SECStatus rv;
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_AuthCertificateComplete",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+
+ if (!ss->ssl3.initialized) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ } else {
+ rv = ssl3_AuthCertificateComplete(ss, error);
+ }
+
+ ssl_Release1stHandshakeLock(ss);
+
+ return rv;
+}
+
+/* For more info see ssl.h */
+SECStatus
+SSL_SNISocketConfigHook(PRFileDesc *fd, SSLSNISocketConfig func,
+ void *arg)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SNISocketConfigHook",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ ss->sniSocketConfig = func;
+ ss->sniSocketConfigArg = arg;
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c
new file mode 100644
index 000000000..4a4005c2d
--- /dev/null
+++ b/security/nss/lib/ssl/sslsnce.c
@@ -0,0 +1,1990 @@
+/* This file implements the SERVER Session ID cache.
+ * NOTE: The contents of this file are NOT used by the client.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server
+ * cache sids!
+ *
+ * About record locking among different server processes:
+ *
+ * All processes that are part of the same conceptual server (serving on
+ * the same address and port) MUST share a common SSL session cache.
+ * This code makes the content of the shared cache accessible to all
+ * processes on the same "server". This code works on Unix and Win32 only.
+ *
+ * We use NSPR anonymous shared memory and move data to & from shared memory.
+ * We must do explicit locking of the records for all reads and writes.
+ * The set of Cache entries are divided up into "sets" of 128 entries.
+ * Each set is protected by a lock. There may be one or more sets protected
+ * by each lock. That is, locks to sets are 1:N.
+ * There is one lock for the entire cert cache.
+ * There is one lock for the set of wrapped sym wrap keys.
+ *
+ * The anonymous shared memory is laid out as if it were declared like this:
+ *
+ * struct {
+ * cacheDescriptor desc;
+ * sidCacheLock sidCacheLocks[ numSIDCacheLocks];
+ * sidCacheLock keyCacheLock;
+ * sidCacheLock certCacheLock;
+ * sidCacheSet sidCacheSets[ numSIDCacheSets ];
+ * sidCacheEntry sidCacheData[ numSIDCacheEntries];
+ * certCacheEntry certCacheData[numCertCacheEntries];
+ * SSLWrappedSymWrappingKey keyCacheData[ssl_auth_size][SSL_NUM_WRAP_MECHS];
+ * PRUint8 keyNameSuffix[SESS_TICKET_KEY_VAR_NAME_LEN]
+ * encKeyCacheEntry ticketEncKey; // Wrapped
+ * encKeyCacheEntry ticketMacKey; // Wrapped
+ * PRBool ticketKeysValid;
+ * sidCacheLock srvNameCacheLock;
+ * srvNameCacheEntry srvNameData[ numSrvNameCacheEntries ];
+ * } cacheMemCacheData;
+ */
+#include "seccomon.h"
+
+#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_OS2) || defined(XP_BEOS)
+
+#include "cert.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "pk11func.h"
+#include "base64.h"
+#include "keyhi.h"
+#include "blapit.h"
+#include "sechash.h"
+
+#include <stdio.h>
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+
+#include <syslog.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <signal.h>
+#include "unix_err.h"
+
+#else
+
+#ifdef XP_WIN32
+#include <wtypes.h>
+#include "win32err.h"
+#endif
+
+#endif
+#include <sys/types.h>
+
+#include "nspr.h"
+#include "sslmutex.h"
+
+/*
+** Format of a cache entry in the shared memory.
+*/
+struct sidCacheEntryStr {
+ /* 16 */ PRIPv6Addr addr; /* client's IP address */
+ /* 4 */ PRUint32 creationTime;
+ /* 4 */ PRUint32 lastAccessTime;
+ /* 4 */ PRUint32 expirationTime;
+ /* 2 */ PRUint16 version;
+ /* 1 */ PRUint8 valid;
+ /* 1 */ PRUint8 sessionIDLength;
+ /* 32 */ PRUint8 sessionID[SSL3_SESSIONID_BYTES];
+ /* 2 */ PRUint16 authType;
+ /* 2 */ PRUint16 authKeyBits;
+ /* 2 */ PRUint16 keaType;
+ /* 2 */ PRUint16 keaKeyBits;
+ /* 72 - common header total */
+
+ union {
+ struct {
+ /* 2 */ ssl3CipherSuite cipherSuite;
+ /* 2 */ PRUint16 compression; /* SSLCompressionMethod */
+
+ /* 54 */ ssl3SidKeys keys; /* keys, wrapped as needed. */
+
+ /* 4 */ PRUint32 masterWrapMech;
+ /* 4 */ PRInt32 certIndex;
+ /* 4 */ PRInt32 srvNameIndex;
+ /* 32 */ PRUint8 srvNameHash[SHA256_LENGTH]; /* SHA256 name hash */
+ /* 2 */ PRUint16 certTypeArgs;
+/*104 */} ssl3;
+
+/* force sizeof(sidCacheEntry) to be a multiple of cache line size */
+struct {
+ /*120 */ PRUint8 filler[120]; /* 72+120==192, a multiple of 16 */
+} forceSize;
+ } u;
+};
+typedef struct sidCacheEntryStr sidCacheEntry;
+
+/* The length of this struct is supposed to be a power of 2, e.g. 4KB */
+struct certCacheEntryStr {
+ PRUint16 certLength; /* 2 */
+ PRUint16 sessionIDLength; /* 2 */
+ PRUint8 sessionID[SSL3_SESSIONID_BYTES]; /* 32 */
+ PRUint8 cert[SSL_MAX_CACHED_CERT_LEN]; /* 4060 */
+}; /* total 4096 */
+typedef struct certCacheEntryStr certCacheEntry;
+
+struct sidCacheLockStr {
+ PRUint32 timeStamp;
+ sslMutex mutex;
+ sslPID pid;
+};
+typedef struct sidCacheLockStr sidCacheLock;
+
+struct sidCacheSetStr {
+ PRIntn next;
+};
+typedef struct sidCacheSetStr sidCacheSet;
+
+struct encKeyCacheEntryStr {
+ PRUint8 bytes[512];
+ PRInt32 length;
+};
+typedef struct encKeyCacheEntryStr encKeyCacheEntry;
+
+#define SSL_MAX_DNS_HOST_NAME 1024
+
+struct srvNameCacheEntryStr {
+ PRUint16 type; /* 2 */
+ PRUint16 nameLen; /* 2 */
+ PRUint8 name[SSL_MAX_DNS_HOST_NAME + 12]; /* 1034 */
+ PRUint8 nameHash[SHA256_LENGTH]; /* 32 */
+ /* 1072 */
+};
+typedef struct srvNameCacheEntryStr srvNameCacheEntry;
+
+struct cacheDescStr {
+
+ PRUint32 cacheMemSize;
+
+ PRUint32 numSIDCacheLocks;
+ PRUint32 numSIDCacheSets;
+ PRUint32 numSIDCacheSetsPerLock;
+
+ PRUint32 numSIDCacheEntries;
+ PRUint32 sidCacheSize;
+
+ PRUint32 numCertCacheEntries;
+ PRUint32 certCacheSize;
+
+ PRUint32 numKeyCacheEntries;
+ PRUint32 keyCacheSize;
+
+ PRUint32 numSrvNameCacheEntries;
+ PRUint32 srvNameCacheSize;
+
+ PRUint32 ssl3Timeout;
+
+ PRUint32 numSIDCacheLocksInitialized;
+
+ /* These values are volatile, and are accessed through sharedCache-> */
+ PRUint32 nextCertCacheEntry; /* certCacheLock protects */
+ PRBool stopPolling;
+ PRBool everInherited;
+
+ /* The private copies of these values are pointers into shared mem */
+ /* The copies of these values in shared memory are merely offsets */
+ sidCacheLock *sidCacheLocks;
+ sidCacheLock *keyCacheLock;
+ sidCacheLock *certCacheLock;
+ sidCacheLock *srvNameCacheLock;
+ sidCacheSet *sidCacheSets;
+ sidCacheEntry *sidCacheData;
+ certCacheEntry *certCacheData;
+ SSLWrappedSymWrappingKey *keyCacheData;
+ PRUint8 *ticketKeyNameSuffix;
+ encKeyCacheEntry *ticketEncKey;
+ encKeyCacheEntry *ticketMacKey;
+ PRUint32 *ticketKeysValid;
+ srvNameCacheEntry *srvNameCacheData;
+
+ /* Only the private copies of these pointers are valid */
+ char *cacheMem;
+ struct cacheDescStr *sharedCache; /* shared copy of this struct */
+ PRFileMap *cacheMemMap;
+ PRThread *poller;
+ PRUint32 mutexTimeout;
+ PRBool shared;
+};
+typedef struct cacheDescStr cacheDesc;
+
+static cacheDesc globalCache;
+
+static const char envVarName[] = { SSL_ENV_VAR_NAME };
+
+static PRBool isMultiProcess = PR_FALSE;
+
+#define DEF_SID_CACHE_ENTRIES 10000
+#define DEF_CERT_CACHE_ENTRIES 250
+#define MIN_CERT_CACHE_ENTRIES 125 /* the effective size in old releases. */
+#define DEF_KEY_CACHE_ENTRIES 250
+#define DEF_NAME_CACHE_ENTRIES 1000
+
+#define SID_CACHE_ENTRIES_PER_SET 128
+#define SID_ALIGNMENT 16
+
+#define DEF_SSL3_TIMEOUT 86400L /* 24 hours */
+#define MAX_SSL3_TIMEOUT 86400L /* 24 hours */
+#define MIN_SSL3_TIMEOUT 5 /* seconds */
+
+#if defined(AIX) || defined(LINUX) || defined(NETBSD) || defined(OPENBSD)
+#define MAX_SID_CACHE_LOCKS 8 /* two FDs per lock */
+#elif defined(OSF1)
+#define MAX_SID_CACHE_LOCKS 16 /* one FD per lock */
+#else
+#define MAX_SID_CACHE_LOCKS 256
+#endif
+
+#define SID_HOWMANY(val, size) (((val) + ((size)-1)) / (size))
+#define SID_ROUNDUP(val, size) ((size)*SID_HOWMANY((val), (size)))
+
+static sslPID myPid;
+static PRUint32 ssl_max_sid_cache_locks = MAX_SID_CACHE_LOCKS;
+
+/* forward static function declarations */
+static PRUint32 SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s,
+ unsigned nl);
+static SECStatus LaunchLockPoller(cacheDesc *cache);
+static SECStatus StopLockPoller(cacheDesc *cache);
+
+struct inheritanceStr {
+ PRUint32 cacheMemSize;
+ PRUint32 fmStrLen;
+};
+
+typedef struct inheritanceStr inheritance;
+
+#if defined(_WIN32) || defined(XP_OS2)
+
+#define DEFAULT_CACHE_DIRECTORY "\\temp"
+
+#endif /* _win32 */
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+
+#define DEFAULT_CACHE_DIRECTORY "/tmp"
+
+#endif /* XP_UNIX || XP_BEOS */
+
+/************************************************************************/
+
+static PRUint32
+LockSidCacheLock(sidCacheLock *lock, PRUint32 now)
+{
+ SECStatus rv = sslMutex_Lock(&lock->mutex);
+ if (rv != SECSuccess)
+ return 0;
+ if (!now)
+ now = ssl_Time();
+ lock->timeStamp = now;
+ lock->pid = myPid;
+ return now;
+}
+
+static SECStatus
+UnlockSidCacheLock(sidCacheLock *lock)
+{
+ SECStatus rv;
+
+ lock->pid = 0;
+ rv = sslMutex_Unlock(&lock->mutex);
+ return rv;
+}
+
+/* returns the value of ssl_Time on success, zero on failure. */
+static PRUint32
+LockSet(cacheDesc *cache, PRUint32 set, PRUint32 now)
+{
+ PRUint32 lockNum = set % cache->numSIDCacheLocks;
+ sidCacheLock *lock = cache->sidCacheLocks + lockNum;
+
+ return LockSidCacheLock(lock, now);
+}
+
+static SECStatus
+UnlockSet(cacheDesc *cache, PRUint32 set)
+{
+ PRUint32 lockNum = set % cache->numSIDCacheLocks;
+ sidCacheLock *lock = cache->sidCacheLocks + lockNum;
+
+ return UnlockSidCacheLock(lock);
+}
+
+/************************************************************************/
+
+/* Put a certificate in the cache. Update the cert index in the sce.
+*/
+static PRUint32
+CacheCert(cacheDesc *cache, CERTCertificate *cert, sidCacheEntry *sce)
+{
+ PRUint32 now;
+ certCacheEntry cce;
+
+ if ((cert->derCert.len > SSL_MAX_CACHED_CERT_LEN) ||
+ (cert->derCert.len <= 0) ||
+ (cert->derCert.data == NULL)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return 0;
+ }
+
+ cce.sessionIDLength = sce->sessionIDLength;
+ PORT_Memcpy(cce.sessionID, sce->sessionID, cce.sessionIDLength);
+
+ cce.certLength = cert->derCert.len;
+ PORT_Memcpy(cce.cert, cert->derCert.data, cce.certLength);
+
+ /* get lock on cert cache */
+ now = LockSidCacheLock(cache->certCacheLock, 0);
+ if (now) {
+
+ /* Find where to place the next cert cache entry. */
+ cacheDesc *sharedCache = cache->sharedCache;
+ PRUint32 ndx = sharedCache->nextCertCacheEntry;
+
+ /* write the entry */
+ cache->certCacheData[ndx] = cce;
+
+ /* remember where we put it. */
+ sce->u.ssl3.certIndex = ndx;
+
+ /* update the "next" cache entry index */
+ sharedCache->nextCertCacheEntry =
+ (ndx + 1) % cache->numCertCacheEntries;
+
+ UnlockSidCacheLock(cache->certCacheLock);
+ }
+ return now;
+}
+
+/* Server configuration hash tables need to account the SECITEM.type
+ * field as well. These functions accomplish that. */
+static PLHashNumber
+Get32BitNameHash(const SECItem *name)
+{
+ PLHashNumber rv = SECITEM_Hash(name);
+
+ PRUint8 *rvc = (PRUint8 *)&rv;
+ rvc[name->len % sizeof(rv)] ^= name->type;
+
+ return rv;
+}
+
+/* Put a name in the cache. Update the cert index in the sce.
+*/
+static PRUint32
+CacheSrvName(cacheDesc *cache, SECItem *name, sidCacheEntry *sce)
+{
+ PRUint32 now;
+ PRUint32 ndx;
+ srvNameCacheEntry snce;
+
+ if (!name || name->len <= 0 ||
+ name->len > SSL_MAX_DNS_HOST_NAME) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return 0;
+ }
+
+ snce.type = name->type;
+ snce.nameLen = name->len;
+ PORT_Memcpy(snce.name, name->data, snce.nameLen);
+ HASH_HashBuf(HASH_AlgSHA256, snce.nameHash, name->data, name->len);
+
+ /* get index of the next name */
+ ndx = Get32BitNameHash(name);
+ /* get lock on cert cache */
+ now = LockSidCacheLock(cache->srvNameCacheLock, 0);
+ if (now) {
+ if (cache->numSrvNameCacheEntries > 0) {
+ /* Fit the index into array */
+ ndx %= cache->numSrvNameCacheEntries;
+ /* write the entry */
+ cache->srvNameCacheData[ndx] = snce;
+ /* remember where we put it. */
+ sce->u.ssl3.srvNameIndex = ndx;
+ /* Copy hash into sid hash */
+ PORT_Memcpy(sce->u.ssl3.srvNameHash, snce.nameHash, SHA256_LENGTH);
+ }
+ UnlockSidCacheLock(cache->srvNameCacheLock);
+ }
+ return now;
+}
+
+/*
+** Convert local SID to shared memory one
+*/
+static void
+ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
+{
+ to->valid = 1;
+ to->version = from->version;
+ to->addr = from->addr;
+ to->creationTime = from->creationTime;
+ to->lastAccessTime = from->lastAccessTime;
+ to->expirationTime = from->expirationTime;
+ to->authType = from->authType;
+ to->authKeyBits = from->authKeyBits;
+ to->keaType = from->keaType;
+ to->keaKeyBits = from->keaKeyBits;
+
+ to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
+ to->u.ssl3.compression = (PRUint16)from->u.ssl3.compression;
+ to->u.ssl3.keys = from->u.ssl3.keys;
+ to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
+ to->sessionIDLength = from->u.ssl3.sessionIDLength;
+ to->u.ssl3.certIndex = -1;
+ to->u.ssl3.srvNameIndex = -1;
+ PORT_Memcpy(to->sessionID, from->u.ssl3.sessionID,
+ to->sessionIDLength);
+ to->u.ssl3.certTypeArgs = 0U;
+ switch (from->authType) {
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ PORT_Assert(from->certType.namedCurve);
+ to->u.ssl3.certTypeArgs =
+ (PRUint16)from->certType.namedCurve->name;
+ break;
+ default:
+ break;
+ }
+
+ SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x "
+ "cipherSuite=%d",
+ myPid, to->creationTime, to->addr.pr_s6_addr32[0],
+ to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
+ to->addr.pr_s6_addr32[3], to->u.ssl3.cipherSuite));
+}
+
+/*
+** Convert shared memory cache-entry to local memory based one
+** This is only called from ServerSessionIDLookup().
+*/
+static sslSessionID *
+ConvertToSID(sidCacheEntry *from,
+ certCacheEntry *pcce,
+ srvNameCacheEntry *psnce,
+ CERTCertDBHandle *dbHandle)
+{
+ sslSessionID *to;
+
+ to = PORT_ZNew(sslSessionID);
+ if (!to) {
+ return 0;
+ }
+
+ to->u.ssl3.sessionIDLength = from->sessionIDLength;
+ to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
+ to->u.ssl3.compression = (SSLCompressionMethod)from->u.ssl3.compression;
+ to->u.ssl3.keys = from->u.ssl3.keys;
+ to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
+ if (from->u.ssl3.srvNameIndex != -1 && psnce) {
+ SECItem name;
+ SECStatus rv;
+ name.type = psnce->type;
+ name.len = psnce->nameLen;
+ name.data = psnce->name;
+ rv = SECITEM_CopyItem(NULL, &to->u.ssl3.srvName, &name);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ PORT_Memcpy(to->u.ssl3.sessionID, from->sessionID, from->sessionIDLength);
+
+ /* the portions of the SID that are only restored on the client
+ * are set to invalid values on the server.
+ */
+ to->u.ssl3.clientWriteKey = NULL;
+ to->u.ssl3.serverWriteKey = NULL;
+
+ to->urlSvrName = NULL;
+
+ to->u.ssl3.masterModuleID = (SECMODModuleID)-1; /* invalid value */
+ to->u.ssl3.masterSlotID = (CK_SLOT_ID)-1; /* invalid value */
+ to->u.ssl3.masterWrapIndex = 0;
+ to->u.ssl3.masterWrapSeries = 0;
+ to->u.ssl3.masterValid = PR_FALSE;
+
+ to->u.ssl3.clAuthModuleID = (SECMODModuleID)-1; /* invalid value */
+ to->u.ssl3.clAuthSlotID = (CK_SLOT_ID)-1; /* invalid value */
+ to->u.ssl3.clAuthSeries = 0;
+ to->u.ssl3.clAuthValid = PR_FALSE;
+
+ if (from->u.ssl3.certIndex != -1 && pcce) {
+ SECItem derCert;
+
+ derCert.len = pcce->certLength;
+ derCert.data = pcce->cert;
+
+ to->peerCert = CERT_NewTempCertificate(dbHandle, &derCert, NULL,
+ PR_FALSE, PR_TRUE);
+ if (to->peerCert == NULL)
+ goto loser;
+ }
+ to->certType.authType = from->authType;
+ switch (from->authType) {
+ case ssl_auth_ecdsa:
+ case ssl_auth_ecdh_rsa:
+ case ssl_auth_ecdh_ecdsa:
+ to->certType.namedCurve =
+ ssl_LookupNamedGroup((SSLNamedGroup)from->u.ssl3.certTypeArgs);
+ break;
+ default:
+ break;
+ }
+
+ to->version = from->version;
+ to->creationTime = from->creationTime;
+ to->lastAccessTime = from->lastAccessTime;
+ to->expirationTime = from->expirationTime;
+ to->cached = in_server_cache;
+ to->addr = from->addr;
+ to->references = 1;
+ to->authType = from->authType;
+ to->authKeyBits = from->authKeyBits;
+ to->keaType = from->keaType;
+ to->keaKeyBits = from->keaKeyBits;
+
+ return to;
+
+loser:
+ if (to) {
+ SECITEM_FreeItem(&to->u.ssl3.srvName, PR_FALSE);
+ PORT_Free(to);
+ }
+ return NULL;
+}
+
+/*
+** Perform some mumbo jumbo on the ip-address and the session-id value to
+** compute a hash value.
+*/
+static PRUint32
+SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl)
+{
+ PRUint32 rv;
+ PRUint32 x[8];
+
+ memset(x, 0, sizeof x);
+ if (nl > sizeof x)
+ nl = sizeof x;
+ memcpy(x, s, nl);
+
+ rv = (addr->pr_s6_addr32[0] ^ addr->pr_s6_addr32[1] ^
+ addr->pr_s6_addr32[2] ^ addr->pr_s6_addr32[3] ^
+ x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4] ^ x[5] ^ x[6] ^ x[7]) %
+ cache->numSIDCacheSets;
+ return rv;
+}
+
+/*
+** Look something up in the cache. This will invalidate old entries
+** in the process. Caller has locked the cache set!
+** Returns PR_TRUE if found a valid match. PR_FALSE otherwise.
+*/
+static sidCacheEntry *
+FindSID(cacheDesc *cache, PRUint32 setNum, PRUint32 now,
+ const PRIPv6Addr *addr, unsigned char *sessionID,
+ unsigned sessionIDLength)
+{
+ PRUint32 ndx = cache->sidCacheSets[setNum].next;
+ int i;
+
+ sidCacheEntry *set = cache->sidCacheData +
+ (setNum * SID_CACHE_ENTRIES_PER_SET);
+
+ for (i = SID_CACHE_ENTRIES_PER_SET; i > 0; --i) {
+ sidCacheEntry *sce;
+
+ ndx = (ndx - 1) % SID_CACHE_ENTRIES_PER_SET;
+ sce = set + ndx;
+
+ if (!sce->valid)
+ continue;
+
+ if (now > sce->expirationTime) {
+ /* SessionID has timed out. Invalidate the entry. */
+ SSL_TRC(7, ("%d: timed out sid entry addr=%08x%08x%08x%08x now=%x "
+ "time+=%x",
+ myPid, sce->addr.pr_s6_addr32[0],
+ sce->addr.pr_s6_addr32[1], sce->addr.pr_s6_addr32[2],
+ sce->addr.pr_s6_addr32[3], now,
+ sce->expirationTime));
+ sce->valid = 0;
+ continue;
+ }
+
+ /*
+ ** Next, examine specific session-id/addr data to see if the cache
+ ** entry matches our addr+session-id value
+ */
+ if (sessionIDLength == sce->sessionIDLength &&
+ !memcmp(&sce->addr, addr, sizeof(PRIPv6Addr)) &&
+ !memcmp(sce->sessionID, sessionID, sessionIDLength)) {
+ /* Found it */
+ return sce;
+ }
+ }
+
+ PORT_SetError(SSL_ERROR_SESSION_NOT_FOUND);
+ return NULL;
+}
+
+/************************************************************************/
+
+/* This is the primary function for finding entries in the server's sid cache.
+ * Although it is static, this function is called via the global function
+ * pointer ssl_sid_lookup.
+ */
+static sslSessionID *
+ServerSessionIDLookup(const PRIPv6Addr *addr,
+ unsigned char *sessionID,
+ unsigned int sessionIDLength,
+ CERTCertDBHandle *dbHandle)
+{
+ sslSessionID *sid = 0;
+ sidCacheEntry *psce;
+ certCacheEntry *pcce = 0;
+ srvNameCacheEntry *psnce = 0;
+ cacheDesc *cache = &globalCache;
+ PRUint32 now;
+ PRUint32 set;
+ PRInt32 cndx;
+ sidCacheEntry sce;
+ certCacheEntry cce;
+ srvNameCacheEntry snce;
+
+ set = SIDindex(cache, addr, sessionID, sessionIDLength);
+ now = LockSet(cache, set, 0);
+ if (!now)
+ return NULL;
+
+ psce = FindSID(cache, set, now, addr, sessionID, sessionIDLength);
+ if (psce) {
+ if ((cndx = psce->u.ssl3.certIndex) != -1) {
+ PRUint32 gotLock = LockSidCacheLock(cache->certCacheLock, now);
+ if (gotLock) {
+ pcce = &cache->certCacheData[cndx];
+
+ /* See if the cert's session ID matches the sce cache. */
+ if ((pcce->sessionIDLength == psce->sessionIDLength) &&
+ !PORT_Memcmp(pcce->sessionID, psce->sessionID,
+ pcce->sessionIDLength)) {
+ cce = *pcce;
+ } else {
+ /* The cert doesen't match the SID cache entry,
+ ** so invalidate the SID cache entry.
+ */
+ psce->valid = 0;
+ psce = 0;
+ pcce = 0;
+ }
+ UnlockSidCacheLock(cache->certCacheLock);
+ } else {
+ /* what the ??. Didn't get the cert cache lock.
+ ** Don't invalidate the SID cache entry, but don't find it.
+ */
+ PORT_Assert(!("Didn't get cert Cache Lock!"));
+ psce = 0;
+ pcce = 0;
+ }
+ }
+ if (psce && ((cndx = psce->u.ssl3.srvNameIndex) != -1)) {
+ PRUint32 gotLock = LockSidCacheLock(cache->srvNameCacheLock,
+ now);
+ if (gotLock) {
+ psnce = &cache->srvNameCacheData[cndx];
+
+ if (!PORT_Memcmp(psnce->nameHash, psce->u.ssl3.srvNameHash,
+ SHA256_LENGTH)) {
+ snce = *psnce;
+ } else {
+ /* The name doesen't match the SID cache entry,
+ ** so invalidate the SID cache entry.
+ */
+ psce->valid = 0;
+ psce = 0;
+ psnce = 0;
+ }
+ UnlockSidCacheLock(cache->srvNameCacheLock);
+ } else {
+ /* what the ??. Didn't get the cert cache lock.
+ ** Don't invalidate the SID cache entry, but don't find it.
+ */
+ PORT_Assert(!("Didn't get name Cache Lock!"));
+ psce = 0;
+ psnce = 0;
+ }
+ }
+ if (psce) {
+ psce->lastAccessTime = now;
+ sce = *psce; /* grab a copy while holding the lock */
+ }
+ }
+ UnlockSet(cache, set);
+ if (psce) {
+ /* sce conains a copy of the cache entry.
+ ** Convert shared memory format to local format
+ */
+ sid = ConvertToSID(&sce, pcce ? &cce : 0, psnce ? &snce : 0, dbHandle);
+ }
+ return sid;
+}
+
+/*
+** Place a sid into the cache, if it isn't already there.
+*/
+static void
+ServerSessionIDCache(sslSessionID *sid)
+{
+ sidCacheEntry sce;
+ PRUint32 now = 0;
+ cacheDesc *cache = &globalCache;
+
+ if (sid->u.ssl3.sessionIDLength == 0) {
+ return;
+ }
+
+ if (sid->cached == never_cached || sid->cached == invalid_cache) {
+ PRUint32 set;
+ SECItem *name;
+
+ PORT_Assert(sid->creationTime != 0);
+ if (!sid->creationTime)
+ sid->lastAccessTime = sid->creationTime = ssl_Time();
+ /* override caller's expiration time, which uses client timeout
+ * duration, not server timeout duration.
+ */
+ sid->expirationTime = sid->creationTime + cache->ssl3Timeout;
+ SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
+ "cipherSuite=%d",
+ myPid, sid->cached,
+ sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
+ sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
+ sid->creationTime, sid->u.ssl3.cipherSuite));
+ PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID,
+ sid->u.ssl3.sessionIDLength));
+
+ ConvertFromSID(&sce, sid);
+
+ name = &sid->u.ssl3.srvName;
+ if (name->len && name->data) {
+ now = CacheSrvName(cache, name, &sce);
+ }
+ if (sid->peerCert != NULL) {
+ now = CacheCert(cache, sid->peerCert, &sce);
+ }
+
+ set = SIDindex(cache, &sce.addr, sce.sessionID, sce.sessionIDLength);
+ now = LockSet(cache, set, now);
+ if (now) {
+ PRUint32 next = cache->sidCacheSets[set].next;
+ PRUint32 ndx = set * SID_CACHE_ENTRIES_PER_SET + next;
+
+ /* Write out new cache entry */
+ cache->sidCacheData[ndx] = sce;
+
+ cache->sidCacheSets[set].next =
+ (next + 1) % SID_CACHE_ENTRIES_PER_SET;
+
+ UnlockSet(cache, set);
+ sid->cached = in_server_cache;
+ }
+ }
+}
+
+/*
+** Although this is static, it is called from ssl via global function pointer
+** ssl_sid_uncache. This invalidates the referenced cache entry.
+*/
+static void
+ServerSessionIDUncache(sslSessionID *sid)
+{
+ cacheDesc *cache = &globalCache;
+ PRUint8 *sessionID;
+ unsigned int sessionIDLength;
+ PRErrorCode err;
+ PRUint32 set;
+ PRUint32 now;
+ sidCacheEntry *psce;
+
+ if (sid == NULL)
+ return;
+
+ /* Uncaching a SID should never change the error code.
+ ** So save it here and restore it before exiting.
+ */
+ err = PR_GetError();
+
+ sessionID = sid->u.ssl3.sessionID;
+ sessionIDLength = sid->u.ssl3.sessionIDLength;
+ SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
+ "cipherSuite=%d",
+ myPid, sid->cached,
+ sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
+ sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
+ sid->creationTime, sid->u.ssl3.cipherSuite));
+ PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
+ set = SIDindex(cache, &sid->addr, sessionID, sessionIDLength);
+ now = LockSet(cache, set, 0);
+ if (now) {
+ psce = FindSID(cache, set, now, &sid->addr, sessionID, sessionIDLength);
+ if (psce) {
+ psce->valid = 0;
+ }
+ UnlockSet(cache, set);
+ }
+ sid->cached = invalid_cache;
+ PORT_SetError(err);
+}
+
+#ifdef XP_OS2
+
+#define INCL_DOSPROCESS
+#include <os2.h>
+
+long
+gettid(void)
+{
+ PTIB ptib;
+ PPIB ppib;
+ DosGetInfoBlocks(&ptib, &ppib);
+ return ((long)ptib->tib_ordinal); /* thread id */
+}
+#endif
+
+static void
+CloseCache(cacheDesc *cache)
+{
+ int locks_initialized = cache->numSIDCacheLocksInitialized;
+
+ if (cache->cacheMem) {
+ if (cache->sharedCache) {
+ sidCacheLock *pLock = cache->sidCacheLocks;
+ for (; locks_initialized > 0; --locks_initialized, ++pLock) {
+ /* If everInherited is true, this shared cache was (and may
+ ** still be) in use by multiple processes. We do not wish to
+ ** destroy the mutexes while they are still in use, but we do
+ ** want to free mutex resources associated with this process.
+ */
+ sslMutex_Destroy(&pLock->mutex,
+ cache->sharedCache->everInherited);
+ }
+ }
+ if (cache->shared) {
+ PR_MemUnmap(cache->cacheMem, cache->cacheMemSize);
+ } else {
+ PORT_Free(cache->cacheMem);
+ }
+ cache->cacheMem = NULL;
+ }
+ if (cache->cacheMemMap) {
+ PR_CloseFileMap(cache->cacheMemMap);
+ cache->cacheMemMap = NULL;
+ }
+ memset(cache, 0, sizeof *cache);
+}
+
+static SECStatus
+InitCache(cacheDesc *cache, int maxCacheEntries, int maxCertCacheEntries,
+ int maxSrvNameCacheEntries, PRUint32 ssl3_timeout,
+ const char *directory, PRBool shared)
+{
+ ptrdiff_t ptr;
+ sidCacheLock *pLock;
+ char *cacheMem;
+ PRFileMap *cacheMemMap;
+ char *cfn = NULL; /* cache file name */
+ int locks_initialized = 0;
+ int locks_to_initialize = 0;
+ PRUint32 init_time;
+
+ if ((!cache) || (maxCacheEntries < 0) || (!directory)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (cache->cacheMem) {
+ /* Already done */
+ return SECSuccess;
+ }
+
+ /* make sure loser can clean up properly */
+ cache->shared = shared;
+ cache->cacheMem = cacheMem = NULL;
+ cache->cacheMemMap = cacheMemMap = NULL;
+ cache->sharedCache = (cacheDesc *)0;
+
+ cache->numSIDCacheLocksInitialized = 0;
+ cache->nextCertCacheEntry = 0;
+ cache->stopPolling = PR_FALSE;
+ cache->everInherited = PR_FALSE;
+ cache->poller = NULL;
+ cache->mutexTimeout = 0;
+
+ cache->numSIDCacheEntries = maxCacheEntries ? maxCacheEntries
+ : DEF_SID_CACHE_ENTRIES;
+ cache->numSIDCacheSets =
+ SID_HOWMANY(cache->numSIDCacheEntries, SID_CACHE_ENTRIES_PER_SET);
+
+ cache->numSIDCacheEntries =
+ cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET;
+
+ cache->numSIDCacheLocks =
+ PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks);
+
+ cache->numSIDCacheSetsPerLock =
+ SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks);
+
+ cache->numCertCacheEntries = (maxCertCacheEntries > 0) ? maxCertCacheEntries
+ : 0;
+ cache->numSrvNameCacheEntries = (maxSrvNameCacheEntries >= 0) ? maxSrvNameCacheEntries
+ : DEF_NAME_CACHE_ENTRIES;
+
+ /* compute size of shared memory, and offsets of all pointers */
+ ptr = 0;
+ cache->cacheMem = (char *)ptr;
+ ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT);
+
+ cache->sidCacheLocks = (sidCacheLock *)ptr;
+ cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
+ cache->certCacheLock = cache->keyCacheLock + 1;
+ cache->srvNameCacheLock = cache->certCacheLock + 1;
+ ptr = (ptrdiff_t)(cache->srvNameCacheLock + 1);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->sidCacheSets = (sidCacheSet *)ptr;
+ ptr = (ptrdiff_t)(cache->sidCacheSets + cache->numSIDCacheSets);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->sidCacheData = (sidCacheEntry *)ptr;
+ ptr = (ptrdiff_t)(cache->sidCacheData + cache->numSIDCacheEntries);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->certCacheData = (certCacheEntry *)ptr;
+ cache->sidCacheSize =
+ (char *)cache->certCacheData - (char *)cache->sidCacheData;
+
+ if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES) {
+ /* This is really a poor way to computer this! */
+ cache->numCertCacheEntries = cache->sidCacheSize / sizeof(certCacheEntry);
+ if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES)
+ cache->numCertCacheEntries = MIN_CERT_CACHE_ENTRIES;
+ }
+ ptr = (ptrdiff_t)(cache->certCacheData + cache->numCertCacheEntries);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->keyCacheData = (SSLWrappedSymWrappingKey *)ptr;
+ cache->certCacheSize =
+ (char *)cache->keyCacheData - (char *)cache->certCacheData;
+
+ cache->numKeyCacheEntries = ssl_auth_size * SSL_NUM_WRAP_MECHS;
+ ptr = (ptrdiff_t)(cache->keyCacheData + cache->numKeyCacheEntries);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->keyCacheSize = (char *)ptr - (char *)cache->keyCacheData;
+
+ cache->ticketKeyNameSuffix = (PRUint8 *)ptr;
+ ptr = (ptrdiff_t)(cache->ticketKeyNameSuffix +
+ SESS_TICKET_KEY_VAR_NAME_LEN);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->ticketEncKey = (encKeyCacheEntry *)ptr;
+ ptr = (ptrdiff_t)(cache->ticketEncKey + 1);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->ticketMacKey = (encKeyCacheEntry *)ptr;
+ ptr = (ptrdiff_t)(cache->ticketMacKey + 1);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->ticketKeysValid = (PRUint32 *)ptr;
+ ptr = (ptrdiff_t)(cache->ticketKeysValid + 1);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->srvNameCacheData = (srvNameCacheEntry *)ptr;
+ cache->srvNameCacheSize =
+ cache->numSrvNameCacheEntries * sizeof(srvNameCacheEntry);
+ ptr = (ptrdiff_t)(cache->srvNameCacheData + cache->numSrvNameCacheEntries);
+ ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
+
+ cache->cacheMemSize = ptr;
+
+ if (ssl3_timeout) {
+ if (ssl3_timeout > MAX_SSL3_TIMEOUT) {
+ ssl3_timeout = MAX_SSL3_TIMEOUT;
+ }
+ if (ssl3_timeout < MIN_SSL3_TIMEOUT) {
+ ssl3_timeout = MIN_SSL3_TIMEOUT;
+ }
+ cache->ssl3Timeout = ssl3_timeout;
+ } else {
+ cache->ssl3Timeout = DEF_SSL3_TIMEOUT;
+ }
+
+ if (shared) {
+/* Create file names */
+#if defined(XP_UNIX) || defined(XP_BEOS)
+ /* there's some confusion here about whether PR_OpenAnonFileMap wants
+ ** a directory name or a file name for its first argument.
+ cfn = PR_smprintf("%s/.sslsvrcache.%d", directory, myPid);
+ */
+ cfn = PR_smprintf("%s", directory);
+#elif defined(XP_WIN32)
+ cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
+ GetCurrentThreadId());
+#elif defined(XP_OS2)
+ cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
+ gettid());
+#else
+#error "Don't know how to create file name for this platform!"
+#endif
+ if (!cfn) {
+ goto loser;
+ }
+
+ /* Create cache */
+ cacheMemMap = PR_OpenAnonFileMap(cfn, cache->cacheMemSize,
+ PR_PROT_READWRITE);
+
+ PR_smprintf_free(cfn);
+ if (!cacheMemMap) {
+ goto loser;
+ }
+
+ cacheMem = PR_MemMap(cacheMemMap, 0, cache->cacheMemSize);
+ } else {
+ cacheMem = PORT_Alloc(cache->cacheMemSize);
+ }
+
+ if (!cacheMem) {
+ goto loser;
+ }
+
+ /* Initialize shared memory. This may not be necessary on all platforms */
+ memset(cacheMem, 0, cache->cacheMemSize);
+
+ /* Copy cache descriptor header into shared memory */
+ memcpy(cacheMem, cache, sizeof *cache);
+
+ /* save private copies of these values */
+ cache->cacheMemMap = cacheMemMap;
+ cache->cacheMem = cacheMem;
+ cache->sharedCache = (cacheDesc *)cacheMem;
+
+ /* Fix pointers in our private copy of cache descriptor to point to
+ ** spaces in shared memory
+ */
+ cache->sidCacheLocks = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->sidCacheLocks);
+ cache->keyCacheLock = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->keyCacheLock);
+ cache->certCacheLock = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->certCacheLock);
+ cache->srvNameCacheLock = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->srvNameCacheLock);
+ cache->sidCacheSets = (sidCacheSet *)(cache->cacheMem + (ptrdiff_t)cache->sidCacheSets);
+ cache->sidCacheData = (sidCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->sidCacheData);
+ cache->certCacheData = (certCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->certCacheData);
+ cache->keyCacheData = (SSLWrappedSymWrappingKey *)(cache->cacheMem + (ptrdiff_t)cache->keyCacheData);
+ cache->ticketKeyNameSuffix = (PRUint8 *)(cache->cacheMem + (ptrdiff_t)cache->ticketKeyNameSuffix);
+ cache->ticketEncKey = (encKeyCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->ticketEncKey);
+ cache->ticketMacKey = (encKeyCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->ticketMacKey);
+ cache->ticketKeysValid = (PRUint32 *)(cache->cacheMem + (ptrdiff_t)cache->ticketKeysValid);
+ cache->srvNameCacheData = (srvNameCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->srvNameCacheData);
+
+ /* initialize the locks */
+ init_time = ssl_Time();
+ pLock = cache->sidCacheLocks;
+ for (locks_to_initialize = cache->numSIDCacheLocks + 3;
+ locks_initialized < locks_to_initialize;
+ ++locks_initialized, ++pLock) {
+
+ SECStatus err = sslMutex_Init(&pLock->mutex, shared);
+ if (err) {
+ cache->numSIDCacheLocksInitialized = locks_initialized;
+ goto loser;
+ }
+ pLock->timeStamp = init_time;
+ pLock->pid = 0;
+ }
+ cache->numSIDCacheLocksInitialized = locks_initialized;
+
+ return SECSuccess;
+
+loser:
+ CloseCache(cache);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+}
+
+PRUint32
+SSL_GetMaxServerCacheLocks(void)
+{
+ return ssl_max_sid_cache_locks + 2;
+ /* The extra two are the cert cache lock and the key cache lock. */
+}
+
+SECStatus
+SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
+{
+ /* Minimum is 1 sid cache lock, 1 cert cache lock and 1 key cache lock.
+ ** We'd like to test for a maximum value, but not all platforms' header
+ ** files provide a symbol or function or other means of determining
+ ** the maximum, other than trial and error.
+ */
+ if (maxLocks < 3) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ ssl_max_sid_cache_locks = maxLocks - 2;
+ /* The extra two are the cert cache lock and the key cache lock. */
+ return SECSuccess;
+}
+
+static SECStatus
+ssl_ConfigServerSessionIDCacheInstanceWithOpt(cacheDesc *cache,
+ PRUint32 ssl3_timeout,
+ const char *directory,
+ PRBool shared,
+ int maxCacheEntries,
+ int maxCertCacheEntries,
+ int maxSrvNameCacheEntries)
+{
+ SECStatus rv;
+
+ PORT_Assert(sizeof(sidCacheEntry) == 192);
+ PORT_Assert(sizeof(certCacheEntry) == 4096);
+ PORT_Assert(sizeof(srvNameCacheEntry) == 1072);
+
+ rv = ssl_Init();
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ myPid = SSL_GETPID();
+ if (!directory) {
+ directory = DEFAULT_CACHE_DIRECTORY;
+ }
+ rv = InitCache(cache, maxCacheEntries, maxCertCacheEntries,
+ maxSrvNameCacheEntries, ssl3_timeout, directory, shared);
+ if (rv) {
+ return SECFailure;
+ }
+
+ ssl_sid_lookup = ServerSessionIDLookup;
+ ssl_sid_cache = ServerSessionIDCache;
+ ssl_sid_uncache = ServerSessionIDUncache;
+ return SECSuccess;
+}
+
+SECStatus
+SSL_ConfigServerSessionIDCacheInstance(cacheDesc *cache,
+ int maxCacheEntries,
+ PRUint32 ssl2_timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory, PRBool shared)
+{
+ return ssl_ConfigServerSessionIDCacheInstanceWithOpt(cache,
+ ssl3_timeout,
+ directory,
+ shared,
+ maxCacheEntries,
+ -1, -1);
+}
+
+SECStatus
+SSL_ConfigServerSessionIDCache(int maxCacheEntries,
+ PRUint32 ssl2_timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory)
+{
+ ssl_InitSessionCacheLocks(PR_FALSE);
+ return SSL_ConfigServerSessionIDCacheInstance(&globalCache,
+ maxCacheEntries, ssl2_timeout, ssl3_timeout, directory, PR_FALSE);
+}
+
+SECStatus
+SSL_ShutdownServerSessionIDCacheInstance(cacheDesc *cache)
+{
+ CloseCache(cache);
+ return SECSuccess;
+}
+
+SECStatus
+SSL_ShutdownServerSessionIDCache(void)
+{
+#if defined(XP_UNIX) || defined(XP_BEOS)
+ /* Stop the thread that polls cache for expired locks on Unix */
+ StopLockPoller(&globalCache);
+#endif
+ SSL3_ShutdownServerCache();
+ return SSL_ShutdownServerSessionIDCacheInstance(&globalCache);
+}
+
+/* Use this function, instead of SSL_ConfigServerSessionIDCache,
+ * if the cache will be shared by multiple processes.
+ */
+static SECStatus
+ssl_ConfigMPServerSIDCacheWithOpt(PRUint32 ssl3_timeout,
+ const char *directory,
+ int maxCacheEntries,
+ int maxCertCacheEntries,
+ int maxSrvNameCacheEntries)
+{
+ char *envValue;
+ char *inhValue;
+ cacheDesc *cache = &globalCache;
+ PRUint32 fmStrLen;
+ SECStatus result;
+ PRStatus prStatus;
+ SECStatus putEnvFailed;
+ inheritance inherit;
+ char fmString[PR_FILEMAP_STRING_BUFSIZE];
+
+ isMultiProcess = PR_TRUE;
+ result = ssl_ConfigServerSessionIDCacheInstanceWithOpt(cache,
+ ssl3_timeout, directory, PR_TRUE,
+ maxCacheEntries, maxCacheEntries, maxSrvNameCacheEntries);
+ if (result != SECSuccess)
+ return result;
+
+ prStatus = PR_ExportFileMapAsString(cache->cacheMemMap,
+ sizeof fmString, fmString);
+ if ((prStatus != PR_SUCCESS) || !(fmStrLen = strlen(fmString))) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ inherit.cacheMemSize = cache->cacheMemSize;
+ inherit.fmStrLen = fmStrLen;
+
+ inhValue = BTOA_DataToAscii((unsigned char *)&inherit, sizeof inherit);
+ if (!inhValue || !strlen(inhValue)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ envValue = PR_smprintf("%s,%s", inhValue, fmString);
+ if (!envValue || !strlen(envValue)) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ PORT_Free(inhValue);
+
+ putEnvFailed = (SECStatus)NSS_PutEnv(envVarName, envValue);
+ PR_smprintf_free(envValue);
+ if (putEnvFailed) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ result = SECFailure;
+ }
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+ /* Launch thread to poll cache for expired locks on Unix */
+ LaunchLockPoller(cache);
+#endif
+ return result;
+}
+
+/* Use this function, instead of SSL_ConfigServerSessionIDCache,
+ * if the cache will be shared by multiple processes.
+ */
+SECStatus
+SSL_ConfigMPServerSIDCache(int maxCacheEntries,
+ PRUint32 ssl2_timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory)
+{
+ return ssl_ConfigMPServerSIDCacheWithOpt(ssl3_timeout,
+ directory,
+ maxCacheEntries,
+ -1, -1);
+}
+
+SECStatus
+SSL_ConfigServerSessionIDCacheWithOpt(
+ PRUint32 ssl2_timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory,
+ int maxCacheEntries,
+ int maxCertCacheEntries,
+ int maxSrvNameCacheEntries,
+ PRBool enableMPCache)
+{
+ if (!enableMPCache) {
+ ssl_InitSessionCacheLocks(PR_FALSE);
+ return ssl_ConfigServerSessionIDCacheInstanceWithOpt(&globalCache,
+ ssl3_timeout, directory, PR_FALSE,
+ maxCacheEntries, maxCertCacheEntries, maxSrvNameCacheEntries);
+ } else {
+ return ssl_ConfigMPServerSIDCacheWithOpt(ssl3_timeout, directory,
+ maxCacheEntries, maxCertCacheEntries, maxSrvNameCacheEntries);
+ }
+}
+
+SECStatus
+SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char *envString)
+{
+ unsigned char *decoString = NULL;
+ char *fmString = NULL;
+ char *myEnvString = NULL;
+ unsigned int decoLen;
+ inheritance inherit;
+ cacheDesc my;
+#ifdef WINNT
+ sidCacheLock *newLocks;
+ int locks_initialized = 0;
+ int locks_to_initialize = 0;
+#endif
+ SECStatus status = ssl_Init();
+
+ if (status != SECSuccess) {
+ return status;
+ }
+
+ myPid = SSL_GETPID();
+
+ /* If this child was created by fork(), and not by exec() on unix,
+ ** then isMultiProcess will already be set.
+ ** If not, we'll set it below.
+ */
+ if (isMultiProcess) {
+ if (cache && cache->sharedCache) {
+ cache->sharedCache->everInherited = PR_TRUE;
+ }
+ return SECSuccess; /* already done. */
+ }
+
+ ssl_InitSessionCacheLocks(PR_FALSE);
+
+ ssl_sid_lookup = ServerSessionIDLookup;
+ ssl_sid_cache = ServerSessionIDCache;
+ ssl_sid_uncache = ServerSessionIDUncache;
+
+ if (!envString) {
+ envString = PR_GetEnvSecure(envVarName);
+ if (!envString) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ }
+ myEnvString = PORT_Strdup(envString);
+ if (!myEnvString)
+ return SECFailure;
+ fmString = strchr(myEnvString, ',');
+ if (!fmString)
+ goto loser;
+ *fmString++ = 0;
+
+ decoString = ATOB_AsciiToData(myEnvString, &decoLen);
+ if (!decoString) {
+ goto loser;
+ }
+ if (decoLen != sizeof inherit) {
+ goto loser;
+ }
+
+ PORT_Memcpy(&inherit, decoString, sizeof inherit);
+
+ if (strlen(fmString) != inherit.fmStrLen) {
+ goto loser;
+ }
+
+ memset(cache, 0, sizeof *cache);
+ cache->cacheMemSize = inherit.cacheMemSize;
+
+ /* Create cache */
+ cache->cacheMemMap = PR_ImportFileMapFromString(fmString);
+ if (!cache->cacheMemMap) {
+ goto loser;
+ }
+ cache->cacheMem = PR_MemMap(cache->cacheMemMap, 0, cache->cacheMemSize);
+ if (!cache->cacheMem) {
+ goto loser;
+ }
+ cache->sharedCache = (cacheDesc *)cache->cacheMem;
+
+ if (cache->sharedCache->cacheMemSize != cache->cacheMemSize) {
+ goto loser;
+ }
+
+ /* We're now going to overwrite the local cache instance with the
+ ** shared copy of the cache struct, then update several values in
+ ** the local cache using the values for cache->cacheMemMap and
+ ** cache->cacheMem computed just above. So, we copy cache into
+ ** the automatic variable "my", to preserve the variables while
+ ** cache is overwritten.
+ */
+ my = *cache; /* save values computed above. */
+ memcpy(cache, cache->sharedCache, sizeof *cache); /* overwrite */
+
+ /* Fix pointers in our private copy of cache descriptor to point to
+ ** spaces in shared memory, whose address is now in "my".
+ */
+ cache->sidCacheLocks = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->sidCacheLocks);
+ cache->keyCacheLock = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->keyCacheLock);
+ cache->certCacheLock = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->certCacheLock);
+ cache->srvNameCacheLock = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->srvNameCacheLock);
+ cache->sidCacheSets = (sidCacheSet *)(my.cacheMem + (ptrdiff_t)cache->sidCacheSets);
+ cache->sidCacheData = (sidCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->sidCacheData);
+ cache->certCacheData = (certCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->certCacheData);
+ cache->keyCacheData = (SSLWrappedSymWrappingKey *)(my.cacheMem + (ptrdiff_t)cache->keyCacheData);
+ cache->ticketKeyNameSuffix = (PRUint8 *)(my.cacheMem + (ptrdiff_t)cache->ticketKeyNameSuffix);
+ cache->ticketEncKey = (encKeyCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->ticketEncKey);
+ cache->ticketMacKey = (encKeyCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->ticketMacKey);
+ cache->ticketKeysValid = (PRUint32 *)(my.cacheMem + (ptrdiff_t)cache->ticketKeysValid);
+ cache->srvNameCacheData = (srvNameCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->srvNameCacheData);
+
+ cache->cacheMemMap = my.cacheMemMap;
+ cache->cacheMem = my.cacheMem;
+ cache->sharedCache = (cacheDesc *)cache->cacheMem;
+
+#ifdef WINNT
+ /* On Windows NT we need to "fix" the sidCacheLocks here to support fibers
+ ** When NT fibers are used in a multi-process server, a second level of
+ ** locking is needed to prevent a deadlock, in case a fiber acquires the
+ ** cross-process mutex, yields, and another fiber is later scheduled on
+ ** the same native thread and tries to acquire the cross-process mutex.
+ ** We do this by using a PRLock in the sslMutex. However, it is stored in
+ ** shared memory as part of sidCacheLocks, and we don't want to overwrite
+ ** the PRLock of the parent process. So we need to make new, private
+ ** copies of sidCacheLocks before modifying the sslMutex with our own
+ ** PRLock
+ */
+
+ /* note from jpierre : this should be free'd in child processes when
+ ** a function is added to delete the SSL session cache in the future.
+ */
+ locks_to_initialize = cache->numSIDCacheLocks + 3;
+ newLocks = PORT_NewArray(sidCacheLock, locks_to_initialize);
+ if (!newLocks)
+ goto loser;
+ /* copy the old locks */
+ memcpy(newLocks, cache->sidCacheLocks,
+ locks_to_initialize * sizeof(sidCacheLock));
+ cache->sidCacheLocks = newLocks;
+ /* fix the locks */
+ for (; locks_initialized < locks_to_initialize; ++locks_initialized) {
+ /* now, make a local PRLock in this sslMutex for this child process */
+ SECStatus err;
+ err = sslMutex_2LevelInit(&newLocks[locks_initialized].mutex);
+ if (err != SECSuccess) {
+ cache->numSIDCacheLocksInitialized = locks_initialized;
+ goto loser;
+ }
+ }
+ cache->numSIDCacheLocksInitialized = locks_initialized;
+
+ /* also fix the key and cert cache which use the last 2 lock entries */
+ cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
+ cache->certCacheLock = cache->keyCacheLock + 1;
+ cache->srvNameCacheLock = cache->certCacheLock + 1;
+#endif
+
+ PORT_Free(myEnvString);
+ PORT_Free(decoString);
+
+ /* mark that we have inherited this. */
+ cache->sharedCache->everInherited = PR_TRUE;
+ isMultiProcess = PR_TRUE;
+
+ return SECSuccess;
+
+loser:
+ PORT_Free(myEnvString);
+ if (decoString)
+ PORT_Free(decoString);
+ CloseCache(cache);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+}
+
+SECStatus
+SSL_InheritMPServerSIDCache(const char *envString)
+{
+ return SSL_InheritMPServerSIDCacheInstance(&globalCache, envString);
+}
+
+#if defined(XP_UNIX) || defined(XP_BEOS)
+
+#define SID_LOCK_EXPIRATION_TIMEOUT 30 /* seconds */
+
+static void
+LockPoller(void *arg)
+{
+ cacheDesc *cache = (cacheDesc *)arg;
+ cacheDesc *sharedCache = cache->sharedCache;
+ sidCacheLock *pLock;
+ PRIntervalTime timeout;
+ PRUint32 now;
+ PRUint32 then;
+ int locks_polled = 0;
+ int locks_to_poll = cache->numSIDCacheLocks + 2;
+ PRUint32 expiration = cache->mutexTimeout;
+
+ timeout = PR_SecondsToInterval(expiration);
+ while (!sharedCache->stopPolling) {
+ PR_Sleep(timeout);
+ if (sharedCache->stopPolling)
+ break;
+
+ now = ssl_Time();
+ then = now - expiration;
+ for (pLock = cache->sidCacheLocks, locks_polled = 0;
+ locks_to_poll > locks_polled && !sharedCache->stopPolling;
+ ++locks_polled, ++pLock) {
+ pid_t pid;
+
+ if (pLock->timeStamp < then &&
+ pLock->timeStamp != 0 &&
+ (pid = pLock->pid) != 0) {
+
+ /* maybe we should try the lock? */
+ int result = kill(pid, 0);
+ if (result < 0 && errno == ESRCH) {
+ SECStatus rv;
+ /* No process exists by that pid any more.
+ ** Treat this mutex as abandoned.
+ */
+ pLock->timeStamp = now;
+ pLock->pid = 0;
+ rv = sslMutex_Unlock(&pLock->mutex);
+ if (rv != SECSuccess) {
+ /* Now what? */
+ }
+ }
+ }
+ } /* end of loop over locks */
+ } /* end of entire polling loop */
+}
+
+/* Launch thread to poll cache for expired locks */
+static SECStatus
+LaunchLockPoller(cacheDesc *cache)
+{
+ const char *timeoutString;
+ PRThread *pollerThread;
+
+ cache->mutexTimeout = SID_LOCK_EXPIRATION_TIMEOUT;
+ timeoutString = PR_GetEnvSecure("NSS_SSL_SERVER_CACHE_MUTEX_TIMEOUT");
+ if (timeoutString) {
+ long newTime = strtol(timeoutString, 0, 0);
+ if (newTime == 0)
+ return SECSuccess; /* application doesn't want poller thread */
+ if (newTime > 0)
+ cache->mutexTimeout = (PRUint32)newTime;
+ /* if error (newTime < 0) ignore it and use default */
+ }
+
+ pollerThread =
+ PR_CreateThread(PR_USER_THREAD, LockPoller, cache, PR_PRIORITY_NORMAL,
+ PR_GLOBAL_THREAD, PR_JOINABLE_THREAD, 0);
+ if (!pollerThread) {
+ return SECFailure;
+ }
+ cache->poller = pollerThread;
+ return SECSuccess;
+}
+
+/* Stop the thread that polls cache for expired locks */
+static SECStatus
+StopLockPoller(cacheDesc *cache)
+{
+ if (!cache->poller) {
+ return SECSuccess;
+ }
+ cache->sharedCache->stopPolling = PR_TRUE;
+ if (PR_Interrupt(cache->poller) != PR_SUCCESS) {
+ return SECFailure;
+ }
+ if (PR_JoinThread(cache->poller) != PR_SUCCESS) {
+ return SECFailure;
+ }
+ cache->poller = NULL;
+ return SECSuccess;
+}
+#endif
+
+/************************************************************************
+ * Code dealing with shared wrapped symmetric wrapping keys below *
+ ************************************************************************/
+
+/* If now is zero, it implies that the lock is not held, and must be
+** aquired here.
+*/
+static PRBool
+getSvrWrappingKey(PRInt32 symWrapMechIndex,
+ SSLAuthType authType,
+ SSLWrappedSymWrappingKey *wswk,
+ cacheDesc *cache,
+ PRUint32 lockTime)
+{
+ PRUint32 ndx = (authType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
+ SSLWrappedSymWrappingKey *pwswk = cache->keyCacheData + ndx;
+ PRUint32 now = 0;
+ PRBool rv = PR_FALSE;
+
+ if (!cache->cacheMem) { /* cache is uninitialized */
+ PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
+ return rv;
+ }
+ if (!lockTime) {
+ lockTime = now = LockSidCacheLock(cache->keyCacheLock, now);
+ if (!lockTime) {
+ return rv;
+ }
+ }
+ if (pwswk->authType == authType &&
+ pwswk->symWrapMechIndex == symWrapMechIndex &&
+ pwswk->wrappedSymKeyLen != 0) {
+ *wswk = *pwswk;
+ rv = PR_TRUE;
+ }
+ if (now) {
+ UnlockSidCacheLock(cache->keyCacheLock);
+ }
+ return rv;
+}
+
+PRBool
+ssl_GetWrappingKey(PRInt32 symWrapMechIndex,
+ SSLAuthType authType,
+ SSLWrappedSymWrappingKey *wswk)
+{
+ PRBool rv;
+
+ PORT_Assert((unsigned)authType < ssl_auth_size);
+ PORT_Assert((unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
+ if ((unsigned)authType < ssl_auth_size &&
+ (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS) {
+ rv = getSvrWrappingKey(symWrapMechIndex, authType, wswk,
+ &globalCache, 0);
+ } else {
+ rv = PR_FALSE;
+ }
+
+ return rv;
+}
+
+/* Wrap and cache a session ticket key. */
+static PRBool
+WrapTicketKey(SECKEYPublicKey *svrPubKey, PK11SymKey *symKey,
+ const char *keyName, encKeyCacheEntry *cacheEntry)
+{
+ SECItem wrappedKey = { siBuffer, NULL, 0 };
+
+ wrappedKey.len = SECKEY_PublicKeyStrength(svrPubKey);
+ PORT_Assert(wrappedKey.len <= sizeof(cacheEntry->bytes));
+ if (wrappedKey.len > sizeof(cacheEntry->bytes))
+ return PR_FALSE;
+ wrappedKey.data = cacheEntry->bytes;
+
+ if (PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, symKey, &wrappedKey) !=
+ SECSuccess) {
+ SSL_DBG(("%d: SSL[%s]: Unable to wrap session ticket %s.",
+ SSL_GETPID(), "unknown", keyName));
+ return PR_FALSE;
+ }
+ cacheEntry->length = wrappedKey.len;
+ return PR_TRUE;
+}
+
+static PRBool
+GenerateTicketKeys(void *pwArg, unsigned char *keyName, PK11SymKey **aesKey,
+ PK11SymKey **macKey)
+{
+ PK11SlotInfo *slot;
+ CK_MECHANISM_TYPE mechanismArray[2];
+ PK11SymKey *aesKeyTmp = NULL;
+ PK11SymKey *macKeyTmp = NULL;
+ cacheDesc *cache = &globalCache;
+ PRUint8 ticketKeyNameSuffixLocal[SESS_TICKET_KEY_VAR_NAME_LEN];
+ PRUint8 *ticketKeyNameSuffix;
+
+ if (!cache->cacheMem) {
+ /* cache is not initalized. Use stack buffer */
+ ticketKeyNameSuffix = ticketKeyNameSuffixLocal;
+ } else {
+ ticketKeyNameSuffix = cache->ticketKeyNameSuffix;
+ }
+
+ if (PK11_GenerateRandom(ticketKeyNameSuffix,
+ SESS_TICKET_KEY_VAR_NAME_LEN) !=
+ SECSuccess) {
+ SSL_DBG(("%d: SSL[%s]: Unable to generate random key name bytes.",
+ SSL_GETPID(), "unknown"));
+ goto loser;
+ }
+
+ mechanismArray[0] = CKM_AES_CBC;
+ mechanismArray[1] = CKM_SHA256_HMAC;
+
+ slot = PK11_GetBestSlotMultiple(mechanismArray, 2, pwArg);
+ if (slot) {
+ aesKeyTmp = PK11_KeyGen(slot, mechanismArray[0], NULL,
+ AES_256_KEY_LENGTH, pwArg);
+ macKeyTmp = PK11_KeyGen(slot, mechanismArray[1], NULL,
+ SHA256_LENGTH, pwArg);
+ PK11_FreeSlot(slot);
+ }
+
+ if (aesKeyTmp == NULL || macKeyTmp == NULL) {
+ SSL_DBG(("%d: SSL[%s]: Unable to generate session ticket keys.",
+ SSL_GETPID(), "unknown"));
+ goto loser;
+ }
+ PORT_Memcpy(keyName, ticketKeyNameSuffix, SESS_TICKET_KEY_VAR_NAME_LEN);
+ *aesKey = aesKeyTmp;
+ *macKey = macKeyTmp;
+ return PR_TRUE;
+
+loser:
+ if (aesKeyTmp)
+ PK11_FreeSymKey(aesKeyTmp);
+ if (macKeyTmp)
+ PK11_FreeSymKey(macKeyTmp);
+ return PR_FALSE;
+}
+
+static PRBool
+GenerateAndWrapTicketKeys(SECKEYPublicKey *svrPubKey, void *pwArg,
+ unsigned char *keyName, PK11SymKey **aesKey,
+ PK11SymKey **macKey)
+{
+ PK11SymKey *aesKeyTmp = NULL;
+ PK11SymKey *macKeyTmp = NULL;
+ cacheDesc *cache = &globalCache;
+
+ if (!GenerateTicketKeys(pwArg, keyName, &aesKeyTmp, &macKeyTmp)) {
+ goto loser;
+ }
+
+ if (cache->cacheMem) {
+ /* Export the keys to the shared cache in wrapped form. */
+ if (!WrapTicketKey(svrPubKey, aesKeyTmp, "enc key", cache->ticketEncKey))
+ goto loser;
+ if (!WrapTicketKey(svrPubKey, macKeyTmp, "mac key", cache->ticketMacKey))
+ goto loser;
+ }
+ *aesKey = aesKeyTmp;
+ *macKey = macKeyTmp;
+ return PR_TRUE;
+
+loser:
+ if (aesKeyTmp)
+ PK11_FreeSymKey(aesKeyTmp);
+ if (macKeyTmp)
+ PK11_FreeSymKey(macKeyTmp);
+ return PR_FALSE;
+}
+
+static PRBool
+UnwrapCachedTicketKeys(SECKEYPrivateKey *svrPrivKey, unsigned char *keyName,
+ PK11SymKey **aesKey, PK11SymKey **macKey)
+{
+ SECItem wrappedKey = { siBuffer, NULL, 0 };
+ PK11SymKey *aesKeyTmp = NULL;
+ PK11SymKey *macKeyTmp = NULL;
+ cacheDesc *cache = &globalCache;
+
+ wrappedKey.data = cache->ticketEncKey->bytes;
+ wrappedKey.len = cache->ticketEncKey->length;
+ PORT_Assert(wrappedKey.len <= sizeof(cache->ticketEncKey->bytes));
+ aesKeyTmp = PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
+ CKM_AES_CBC, CKA_DECRYPT, 0);
+
+ wrappedKey.data = cache->ticketMacKey->bytes;
+ wrappedKey.len = cache->ticketMacKey->length;
+ PORT_Assert(wrappedKey.len <= sizeof(cache->ticketMacKey->bytes));
+ macKeyTmp = PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
+ CKM_SHA256_HMAC, CKA_SIGN, 0);
+
+ if (aesKeyTmp == NULL || macKeyTmp == NULL) {
+ SSL_DBG(("%d: SSL[%s]: Unable to unwrap session ticket keys.",
+ SSL_GETPID(), "unknown"));
+ goto loser;
+ }
+ SSL_DBG(("%d: SSL[%s]: Successfully unwrapped session ticket keys.",
+ SSL_GETPID(), "unknown"));
+
+ PORT_Memcpy(keyName, cache->ticketKeyNameSuffix,
+ SESS_TICKET_KEY_VAR_NAME_LEN);
+ *aesKey = aesKeyTmp;
+ *macKey = macKeyTmp;
+ return PR_TRUE;
+
+loser:
+ if (aesKeyTmp)
+ PK11_FreeSymKey(aesKeyTmp);
+ if (macKeyTmp)
+ PK11_FreeSymKey(macKeyTmp);
+ return PR_FALSE;
+}
+
+PRBool
+ssl_GetSessionTicketKeys(SECKEYPrivateKey *svrPrivKey,
+ SECKEYPublicKey *svrPubKey, void *pwArg,
+ unsigned char *keyName, PK11SymKey **aesKey,
+ PK11SymKey **macKey)
+{
+ PRUint32 now = 0;
+ PRBool rv = PR_FALSE;
+ PRBool keysGenerated = PR_FALSE;
+ cacheDesc *cache = &globalCache;
+
+ if (!cache->cacheMem) {
+ /* cache is uninitialized. Generate keys and return them
+ * without caching. */
+ return GenerateTicketKeys(pwArg, keyName, aesKey, macKey);
+ }
+
+ now = LockSidCacheLock(cache->keyCacheLock, now);
+ if (!now)
+ return rv;
+
+ if (!*(cache->ticketKeysValid)) {
+ /* Keys do not exist, create them. */
+ if (!GenerateAndWrapTicketKeys(svrPubKey, pwArg, keyName,
+ aesKey, macKey))
+ goto loser;
+ keysGenerated = PR_TRUE;
+ *(cache->ticketKeysValid) = 1;
+ }
+
+ rv = PR_TRUE;
+
+loser:
+ UnlockSidCacheLock(cache->keyCacheLock);
+ if (rv && !keysGenerated)
+ rv = UnwrapCachedTicketKeys(svrPrivKey, keyName, aesKey, macKey);
+ return rv;
+}
+
+/* The caller passes in the new value it wants
+ * to set. This code tests the wrapped sym key entry in the shared memory.
+ * If it is uninitialized, this function writes the caller's value into
+ * the disk entry, and returns false.
+ * Otherwise, it overwrites the caller's wswk with the value obtained from
+ * the disk, and returns PR_TRUE.
+ * This is all done while holding the locks/mutexes necessary to make
+ * the operation atomic.
+ */
+PRBool
+ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
+{
+ cacheDesc *cache = &globalCache;
+ PRBool rv = PR_FALSE;
+ SSLAuthType authType = wswk->authType;
+ /* type of keys used to wrap SymWrapKey*/
+ PRInt32 symWrapMechIndex = wswk->symWrapMechIndex;
+ PRUint32 ndx;
+ PRUint32 now = 0;
+ SSLWrappedSymWrappingKey myWswk;
+
+ if (!cache->cacheMem) { /* cache is uninitialized */
+ PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
+ return 0;
+ }
+
+ PORT_Assert((unsigned)authType < ssl_auth_size);
+ if ((unsigned)authType >= ssl_auth_size)
+ return 0;
+
+ PORT_Assert((unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
+ if ((unsigned)symWrapMechIndex >= SSL_NUM_WRAP_MECHS)
+ return 0;
+
+ ndx = (authType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
+ PORT_Memset(&myWswk, 0, sizeof myWswk); /* eliminate UMRs. */
+
+ now = LockSidCacheLock(cache->keyCacheLock, now);
+ if (now) {
+ rv = getSvrWrappingKey(wswk->symWrapMechIndex, wswk->authType,
+ &myWswk, cache, now);
+ if (rv) {
+ /* we found it on disk, copy it out to the caller. */
+ PORT_Memcpy(wswk, &myWswk, sizeof *wswk);
+ } else {
+ /* Wasn't on disk, and we're still holding the lock, so write it. */
+ cache->keyCacheData[ndx] = *wswk;
+ }
+ UnlockSidCacheLock(cache->keyCacheLock);
+ }
+ return rv;
+}
+
+#else /* MAC version or other platform */
+
+#include "seccomon.h"
+#include "cert.h"
+#include "ssl.h"
+#include "sslimpl.h"
+
+SECStatus
+SSL_ConfigServerSessionIDCache(int maxCacheEntries,
+ PRUint32 ssl2_timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory)
+{
+ PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigServerSessionIDCache)");
+ return SECFailure;
+}
+
+SECStatus
+SSL_ConfigMPServerSIDCache(int maxCacheEntries,
+ PRUint32 ssl2_timeout,
+ PRUint32 ssl3_timeout,
+ const char *directory)
+{
+ PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigMPServerSIDCache)");
+ return SECFailure;
+}
+
+SECStatus
+SSL_InheritMPServerSIDCache(const char *envString)
+{
+ PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_InheritMPServerSIDCache)");
+ return SECFailure;
+}
+
+PRBool
+ssl_GetWrappingKey(PRInt32 symWrapMechIndex,
+ SSLAuthType authType,
+ SSLWrappedSymWrappingKey *wswk)
+{
+ PRBool rv = PR_FALSE;
+ PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_GetWrappingKey)");
+ return rv;
+}
+
+/* This is a kind of test-and-set. The caller passes in the new value it wants
+ * to set. This code tests the wrapped sym key entry in the shared memory.
+ * If it is uninitialized, this function writes the caller's value into
+ * the disk entry, and returns false.
+ * Otherwise, it overwrites the caller's wswk with the value obtained from
+ * the disk, and returns PR_TRUE.
+ * This is all done while holding the locks/mutexes necessary to make
+ * the operation atomic.
+ */
+PRBool
+ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
+{
+ PRBool rv = PR_FALSE;
+ PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_SetWrappingKey)");
+ return rv;
+}
+
+PRUint32
+SSL_GetMaxServerCacheLocks(void)
+{
+ PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_GetMaxServerCacheLocks)");
+ return -1;
+}
+
+SECStatus
+SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
+{
+ PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_SetMaxServerCacheLocks)");
+ return SECFailure;
+}
+
+#endif /* XP_UNIX || XP_WIN32 */
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
new file mode 100644
index 000000000..f089c75e0
--- /dev/null
+++ b/security/nss/lib/ssl/sslsock.c
@@ -0,0 +1,3742 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * vtables (and methods that call through them) for the 4 types of
+ * SSLSockets supported. Only one type is still supported.
+ * Various other functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "seccomon.h"
+#include "cert.h"
+#include "keyhi.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "nspr.h"
+#include "private/pprio.h"
+#include "nss.h"
+#include "pk11pqg.h"
+
+static const sslSocketOps ssl_default_ops = { /* No SSL. */
+ ssl_DefConnect,
+ NULL,
+ ssl_DefBind,
+ ssl_DefListen,
+ ssl_DefShutdown,
+ ssl_DefClose,
+ ssl_DefRecv,
+ ssl_DefSend,
+ ssl_DefRead,
+ ssl_DefWrite,
+ ssl_DefGetpeername,
+ ssl_DefGetsockname
+};
+
+static const sslSocketOps ssl_secure_ops = { /* SSL. */
+ ssl_SecureConnect,
+ NULL,
+ ssl_DefBind,
+ ssl_DefListen,
+ ssl_SecureShutdown,
+ ssl_SecureClose,
+ ssl_SecureRecv,
+ ssl_SecureSend,
+ ssl_SecureRead,
+ ssl_SecureWrite,
+ ssl_DefGetpeername,
+ ssl_DefGetsockname
+};
+
+/*
+** default settings for socket enables
+*/
+static sslOptions ssl_defaults = {
+ { siBuffer, NULL, 0 }, /* nextProtoNego */
+ PR_TRUE, /* useSecurity */
+ PR_FALSE, /* useSocks */
+ PR_FALSE, /* requestCertificate */
+ 2, /* requireCertificate */
+ PR_FALSE, /* handshakeAsClient */
+ PR_FALSE, /* handshakeAsServer */
+ PR_FALSE, /* noCache */
+ PR_FALSE, /* fdx */
+ PR_TRUE, /* detectRollBack */
+ PR_FALSE, /* noLocks */
+ PR_FALSE, /* enableSessionTickets */
+ PR_FALSE, /* enableDeflate */
+ 2, /* enableRenegotiation (default: requires extension) */
+ PR_FALSE, /* requireSafeNegotiation */
+ PR_FALSE, /* enableFalseStart */
+ PR_TRUE, /* cbcRandomIV */
+ PR_FALSE, /* enableOCSPStapling */
+ PR_FALSE, /* enableNPN */
+ PR_TRUE, /* enableALPN */
+ PR_TRUE, /* reuseServerECDHEKey */
+ PR_FALSE, /* enableFallbackSCSV */
+ PR_TRUE, /* enableServerDhe */
+ PR_FALSE, /* enableExtendedMS */
+ PR_FALSE, /* enableSignedCertTimestamps */
+ PR_FALSE, /* requireDHENamedGroups */
+ PR_FALSE, /* enable0RttData */
+#ifdef NSS_ENABLE_TLS13_SHORT_HEADERS
+ PR_TRUE /* enableShortHeaders */
+#else
+ PR_FALSE /* enableShortHeaders */
+#endif
+};
+
+/*
+ * default range of enabled SSL/TLS protocols
+ */
+static SSLVersionRange versions_defaults_stream = {
+ SSL_LIBRARY_VERSION_TLS_1_0,
+ SSL_LIBRARY_VERSION_TLS_1_2
+};
+
+static SSLVersionRange versions_defaults_datagram = {
+ SSL_LIBRARY_VERSION_TLS_1_1,
+ SSL_LIBRARY_VERSION_TLS_1_2
+};
+
+#define VERSIONS_DEFAULTS(variant) \
+ (variant == ssl_variant_stream ? &versions_defaults_stream : &versions_defaults_datagram)
+#define VERSIONS_POLICY_MIN(variant) \
+ (variant == ssl_variant_stream ? NSS_TLS_VERSION_MIN_POLICY : NSS_DTLS_VERSION_MIN_POLICY)
+#define VERSIONS_POLICY_MAX(variant) \
+ (variant == ssl_variant_stream ? NSS_TLS_VERSION_MAX_POLICY : NSS_DTLS_VERSION_MAX_POLICY)
+
+sslSessionIDLookupFunc ssl_sid_lookup;
+sslSessionIDCacheFunc ssl_sid_cache;
+sslSessionIDUncacheFunc ssl_sid_uncache;
+
+static PRBool ssl_inited = PR_FALSE;
+static PRDescIdentity ssl_layer_id;
+
+PRBool locksEverDisabled; /* implicitly PR_FALSE */
+PRBool ssl_force_locks; /* implicitly PR_FALSE */
+int ssl_lock_readers = 1; /* default true. */
+char ssl_debug;
+char ssl_trace;
+FILE *ssl_trace_iob;
+
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
+FILE *ssl_keylog_iob;
+#endif
+
+char lockStatus[] = "Locks are ENABLED. ";
+#define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */
+
+/* SRTP_NULL_HMAC_SHA1_80 and SRTP_NULL_HMAC_SHA1_32 are not implemented. */
+static const PRUint16 srtpCiphers[] = {
+ SRTP_AES128_CM_HMAC_SHA1_80,
+ SRTP_AES128_CM_HMAC_SHA1_32,
+ 0
+};
+
+/* This list is in preference order. Note that while some smaller groups appear
+ * early in the list, smaller groups are generally ignored when iterating
+ * through this list. ffdhe_custom must not appear in this list. */
+#define ECGROUP(name, size, oid, assumeSupported) \
+ { \
+ ssl_grp_ec_##name, size, ssl_kea_ecdh, \
+ SEC_OID_SECG_EC_##oid, assumeSupported \
+ }
+#define FFGROUP(size) \
+ { \
+ ssl_grp_ffdhe_##size, size, ssl_kea_dh, \
+ SEC_OID_TLS_FFDHE_##size, PR_TRUE \
+ }
+
+const sslNamedGroupDef ssl_named_groups[] = {
+ /* Note that 256 for 25519 is a lie, but we only use it for checking bit
+ * security and expect 256 bits there (not 255). */
+ { ssl_grp_ec_curve25519, 256, ssl_kea_ecdh, SEC_OID_CURVE25519, PR_TRUE },
+ ECGROUP(secp256r1, 256, SECP256R1, PR_TRUE),
+ ECGROUP(secp384r1, 384, SECP384R1, PR_TRUE),
+ ECGROUP(secp521r1, 521, SECP521R1, PR_TRUE),
+ FFGROUP(2048),
+ FFGROUP(3072),
+ FFGROUP(4096),
+ FFGROUP(6144),
+ FFGROUP(8192),
+ ECGROUP(secp192r1, 192, SECP192R1, PR_FALSE),
+ ECGROUP(secp160r2, 160, SECP160R2, PR_FALSE),
+ ECGROUP(secp160k1, 160, SECP160K1, PR_FALSE),
+ ECGROUP(secp160r1, 160, SECP160R1, PR_FALSE),
+ ECGROUP(sect163k1, 163, SECT163K1, PR_FALSE),
+ ECGROUP(sect163r1, 163, SECT163R1, PR_FALSE),
+ ECGROUP(sect163r2, 163, SECT163R2, PR_FALSE),
+ ECGROUP(secp192k1, 192, SECP192K1, PR_FALSE),
+ ECGROUP(sect193r1, 193, SECT193R1, PR_FALSE),
+ ECGROUP(sect193r2, 193, SECT193R2, PR_FALSE),
+ ECGROUP(secp224r1, 224, SECP224R1, PR_FALSE),
+ ECGROUP(secp224k1, 224, SECP224K1, PR_FALSE),
+ ECGROUP(sect233k1, 233, SECT233K1, PR_FALSE),
+ ECGROUP(sect233r1, 233, SECT233R1, PR_FALSE),
+ ECGROUP(sect239k1, 239, SECT239K1, PR_FALSE),
+ ECGROUP(secp256k1, 256, SECP256K1, PR_FALSE),
+ ECGROUP(sect283k1, 283, SECT283K1, PR_FALSE),
+ ECGROUP(sect283r1, 283, SECT283R1, PR_FALSE),
+ ECGROUP(sect409k1, 409, SECT409K1, PR_FALSE),
+ ECGROUP(sect409r1, 409, SECT409R1, PR_FALSE),
+ ECGROUP(sect571k1, 571, SECT571K1, PR_FALSE),
+ ECGROUP(sect571r1, 571, SECT571R1, PR_FALSE),
+};
+PR_STATIC_ASSERT(SSL_NAMED_GROUP_COUNT == PR_ARRAY_SIZE(ssl_named_groups));
+
+#undef ECGROUP
+#undef FFGROUP
+
+/* forward declarations. */
+static sslSocket *ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant variant);
+static SECStatus ssl_MakeLocks(sslSocket *ss);
+static void ssl_SetDefaultsFromEnvironment(void);
+static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack,
+ PRDescIdentity id);
+
+/************************************************************************/
+
+/*
+** Lookup a socket structure from a file descriptor.
+** Only functions called through the PRIOMethods table should use this.
+** Other app-callable functions should use ssl_FindSocket.
+*/
+static sslSocket *
+ssl_GetPrivate(PRFileDesc *fd)
+{
+ sslSocket *ss;
+
+ PORT_Assert(fd != NULL);
+ PORT_Assert(fd->methods->file_type == PR_DESC_LAYERED);
+ PORT_Assert(fd->identity == ssl_layer_id);
+
+ if (fd->methods->file_type != PR_DESC_LAYERED ||
+ fd->identity != ssl_layer_id) {
+ PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
+ return NULL;
+ }
+
+ ss = (sslSocket *)fd->secret;
+ /* Set ss->fd lazily. We can't rely on the value of ss->fd set by
+ * ssl_PushIOLayer because another PR_PushIOLayer call will switch the
+ * contents of the PRFileDesc pointed by ss->fd and the new layer.
+ * See bug 807250.
+ */
+ ss->fd = fd;
+ return ss;
+}
+
+/* This function tries to find the SSL layer in the stack.
+ * It searches for the first SSL layer at or below the argument fd,
+ * and failing that, it searches for the nearest SSL layer above the
+ * argument fd. It returns the private sslSocket from the found layer.
+ */
+sslSocket *
+ssl_FindSocket(PRFileDesc *fd)
+{
+ PRFileDesc *layer;
+ sslSocket *ss;
+
+ PORT_Assert(fd != NULL);
+ PORT_Assert(ssl_layer_id != 0);
+
+ layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
+ if (layer == NULL) {
+ PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
+ return NULL;
+ }
+
+ ss = (sslSocket *)layer->secret;
+ /* Set ss->fd lazily. We can't rely on the value of ss->fd set by
+ * ssl_PushIOLayer because another PR_PushIOLayer call will switch the
+ * contents of the PRFileDesc pointed by ss->fd and the new layer.
+ * See bug 807250.
+ */
+ ss->fd = layer;
+ return ss;
+}
+
+static sslSocket *
+ssl_DupSocket(sslSocket *os)
+{
+ sslSocket *ss;
+ SECStatus rv;
+
+ ss = ssl_NewSocket((PRBool)(!os->opt.noLocks), os->protocolVariant);
+ if (!ss) {
+ return NULL;
+ }
+
+ ss->opt = os->opt;
+ ss->opt.useSocks = PR_FALSE;
+ rv = SECITEM_CopyItem(NULL, &ss->opt.nextProtoNego, &os->opt.nextProtoNego);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ ss->vrange = os->vrange;
+
+ ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID);
+ ss->url = !os->url ? NULL : PORT_Strdup(os->url);
+
+ ss->ops = os->ops;
+ ss->rTimeout = os->rTimeout;
+ ss->wTimeout = os->wTimeout;
+ ss->cTimeout = os->cTimeout;
+ ss->dbHandle = os->dbHandle;
+
+ /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */
+ PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites);
+ PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, os->ssl3.dtlsSRTPCiphers,
+ sizeof(PRUint16) * os->ssl3.dtlsSRTPCipherCount);
+ ss->ssl3.dtlsSRTPCipherCount = os->ssl3.dtlsSRTPCipherCount;
+ PORT_Memcpy(ss->ssl3.signatureSchemes, os->ssl3.signatureSchemes,
+ sizeof(ss->ssl3.signatureSchemes[0]) *
+ os->ssl3.signatureSchemeCount);
+ ss->ssl3.signatureSchemeCount = os->ssl3.signatureSchemeCount;
+ ss->ssl3.downgradeCheckVersion = os->ssl3.downgradeCheckVersion;
+
+ ss->ssl3.dheWeakGroupEnabled = os->ssl3.dheWeakGroupEnabled;
+
+ if (ss->opt.useSecurity) {
+ PRCList *cursor;
+ for (cursor = PR_NEXT_LINK(&os->serverCerts);
+ cursor != &os->serverCerts;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslServerCert *sc = ssl_CopyServerCert((sslServerCert *)cursor);
+ if (!sc)
+ goto loser;
+ PR_APPEND_LINK(&sc->link, &ss->serverCerts);
+ }
+
+ PR_INIT_CLIST(&ss->ephemeralKeyPairs);
+ for (cursor = PR_NEXT_LINK(&os->ephemeralKeyPairs);
+ cursor != &os->ephemeralKeyPairs;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslEphemeralKeyPair *okp = (sslEphemeralKeyPair *)cursor;
+ sslEphemeralKeyPair *skp = ssl_CopyEphemeralKeyPair(okp);
+ if (!skp)
+ goto loser;
+ PR_APPEND_LINK(&skp->link, &ss->ephemeralKeyPairs);
+ }
+
+ /*
+ * XXX the preceding CERT_ and SECKEY_ functions can fail and return NULL.
+ * XXX We should detect this, and not just march on with NULL pointers.
+ */
+ ss->authCertificate = os->authCertificate;
+ ss->authCertificateArg = os->authCertificateArg;
+ ss->getClientAuthData = os->getClientAuthData;
+ ss->getClientAuthDataArg = os->getClientAuthDataArg;
+ ss->sniSocketConfig = os->sniSocketConfig;
+ ss->sniSocketConfigArg = os->sniSocketConfigArg;
+ ss->handleBadCert = os->handleBadCert;
+ ss->badCertArg = os->badCertArg;
+ ss->handshakeCallback = os->handshakeCallback;
+ ss->handshakeCallbackData = os->handshakeCallbackData;
+ ss->canFalseStartCallback = os->canFalseStartCallback;
+ ss->canFalseStartCallbackData = os->canFalseStartCallbackData;
+ ss->pkcs11PinArg = os->pkcs11PinArg;
+ ss->nextProtoCallback = os->nextProtoCallback;
+ ss->nextProtoArg = os->nextProtoArg;
+ PORT_Memcpy((void *)ss->namedGroupPreferences,
+ os->namedGroupPreferences,
+ sizeof(ss->namedGroupPreferences));
+ ss->additionalShares = os->additionalShares;
+
+ /* Create security data */
+ rv = ssl_CopySecurityInfo(ss, os);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ return ss;
+
+loser:
+ ssl_FreeSocket(ss);
+ return NULL;
+}
+
+static void
+ssl_DestroyLocks(sslSocket *ss)
+{
+ /* Destroy locks. */
+ if (ss->firstHandshakeLock) {
+ PZ_DestroyMonitor(ss->firstHandshakeLock);
+ ss->firstHandshakeLock = NULL;
+ }
+ if (ss->ssl3HandshakeLock) {
+ PZ_DestroyMonitor(ss->ssl3HandshakeLock);
+ ss->ssl3HandshakeLock = NULL;
+ }
+ if (ss->specLock) {
+ NSSRWLock_Destroy(ss->specLock);
+ ss->specLock = NULL;
+ }
+
+ if (ss->recvLock) {
+ PZ_DestroyLock(ss->recvLock);
+ ss->recvLock = NULL;
+ }
+ if (ss->sendLock) {
+ PZ_DestroyLock(ss->sendLock);
+ ss->sendLock = NULL;
+ }
+ if (ss->xmitBufLock) {
+ PZ_DestroyMonitor(ss->xmitBufLock);
+ ss->xmitBufLock = NULL;
+ }
+ if (ss->recvBufLock) {
+ PZ_DestroyMonitor(ss->recvBufLock);
+ ss->recvBufLock = NULL;
+ }
+}
+
+/* Caller holds any relevant locks */
+static void
+ssl_DestroySocketContents(sslSocket *ss)
+{
+ PRCList *cursor;
+
+ /* Free up socket */
+ ssl_DestroySecurityInfo(&ss->sec);
+
+ ssl3_DestroySSL3Info(ss);
+
+ PORT_Free(ss->saveBuf.buf);
+ PORT_Free(ss->pendingBuf.buf);
+ ssl3_DestroyGather(&ss->gs);
+
+ if (ss->peerID != NULL)
+ PORT_Free(ss->peerID);
+ if (ss->url != NULL)
+ PORT_Free((void *)ss->url); /* CONST */
+
+ /* Clean up server certificates and sundries. */
+ while (!PR_CLIST_IS_EMPTY(&ss->serverCerts)) {
+ cursor = PR_LIST_TAIL(&ss->serverCerts);
+ PR_REMOVE_LINK(cursor);
+ ssl_FreeServerCert((sslServerCert *)cursor);
+ }
+ ssl_FreeEphemeralKeyPairs(ss);
+ SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE);
+ ssl3_FreeSniNameArray(&ss->xtnData);
+}
+
+/*
+ * free an sslSocket struct, and all the stuff that hangs off of it
+ */
+void
+ssl_FreeSocket(sslSocket *ss)
+{
+ /* Get every lock you can imagine!
+ ** Caller already holds these:
+ ** SSL_LOCK_READER(ss);
+ ** SSL_LOCK_WRITER(ss);
+ */
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetRecvBufLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+ ssl_GetXmitBufLock(ss);
+ ssl_GetSpecWriteLock(ss);
+
+ ssl_DestroySocketContents(ss);
+
+ /* Release all the locks acquired above. */
+ SSL_UNLOCK_READER(ss);
+ SSL_UNLOCK_WRITER(ss);
+ ssl_Release1stHandshakeLock(ss);
+ ssl_ReleaseRecvBufLock(ss);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_ReleaseXmitBufLock(ss);
+ ssl_ReleaseSpecWriteLock(ss);
+
+ ssl_DestroyLocks(ss);
+
+#ifdef DEBUG
+ PORT_Memset(ss, 0x1f, sizeof *ss);
+#endif
+ PORT_Free(ss);
+ return;
+}
+
+/************************************************************************/
+SECStatus
+ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled)
+{
+ PRFileDesc *osfd = ss->fd->lower;
+ SECStatus rv = SECFailure;
+ PRSocketOptionData opt;
+
+ opt.option = PR_SockOpt_NoDelay;
+ opt.value.no_delay = (PRBool)!enabled;
+
+ if (osfd->methods->setsocketoption) {
+ rv = (SECStatus)osfd->methods->setsocketoption(osfd, &opt);
+ } else {
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ }
+
+ return rv;
+}
+
+static void
+ssl_ChooseOps(sslSocket *ss)
+{
+ ss->ops = ss->opt.useSecurity ? &ssl_secure_ops : &ssl_default_ops;
+}
+
+/* Called from SSL_Enable (immediately below) */
+static SECStatus
+PrepareSocket(sslSocket *ss)
+{
+ SECStatus rv = SECSuccess;
+
+ ssl_ChooseOps(ss);
+ return rv;
+}
+
+SECStatus
+SSL_Enable(PRFileDesc *fd, int which, PRBool on)
+{
+ return SSL_OptionSet(fd, which, on);
+}
+
+static PRBool ssl_VersionIsSupportedByPolicy(
+ SSLProtocolVariant protocolVariant, SSL3ProtocolVersion version);
+
+/* Implements the semantics for SSL_OptionSet(SSL_ENABLE_TLS, on) described in
+ * ssl.h in the section "SSL version range setting API".
+ */
+static void
+ssl_EnableTLS(SSLVersionRange *vrange, PRBool on)
+{
+ if (on) {
+ /* don't turn it on if tls1.0 disallowed by by policy */
+ if (!ssl_VersionIsSupportedByPolicy(ssl_variant_stream,
+ SSL_LIBRARY_VERSION_TLS_1_0)) {
+ return;
+ }
+ }
+ if (SSL_ALL_VERSIONS_DISABLED(vrange)) {
+ if (on) {
+ vrange->min = SSL_LIBRARY_VERSION_TLS_1_0;
+ vrange->max = SSL_LIBRARY_VERSION_TLS_1_0;
+ } /* else don't change anything */
+ return;
+ }
+
+ if (on) {
+ /* Expand the range of enabled version to include TLS 1.0 */
+ vrange->min = PR_MIN(vrange->min, SSL_LIBRARY_VERSION_TLS_1_0);
+ vrange->max = PR_MAX(vrange->max, SSL_LIBRARY_VERSION_TLS_1_0);
+ } else {
+ /* Disable all TLS versions, leaving only SSL 3.0 if it was enabled */
+ if (vrange->min == SSL_LIBRARY_VERSION_3_0) {
+ vrange->max = SSL_LIBRARY_VERSION_3_0;
+ } else {
+ /* Only TLS was enabled, so now no versions are. */
+ vrange->min = SSL_LIBRARY_VERSION_NONE;
+ vrange->max = SSL_LIBRARY_VERSION_NONE;
+ }
+ }
+}
+
+/* Implements the semantics for SSL_OptionSet(SSL_ENABLE_SSL3, on) described in
+ * ssl.h in the section "SSL version range setting API".
+ */
+static void
+ssl_EnableSSL3(SSLVersionRange *vrange, PRBool on)
+{
+ if (on) {
+ /* don't turn it on if ssl3 disallowed by by policy */
+ if (!ssl_VersionIsSupportedByPolicy(ssl_variant_stream,
+ SSL_LIBRARY_VERSION_3_0)) {
+ return;
+ }
+ }
+ if (SSL_ALL_VERSIONS_DISABLED(vrange)) {
+ if (on) {
+ vrange->min = SSL_LIBRARY_VERSION_3_0;
+ vrange->max = SSL_LIBRARY_VERSION_3_0;
+ } /* else don't change anything */
+ return;
+ }
+
+ if (on) {
+ /* Expand the range of enabled versions to include SSL 3.0. We know
+ * SSL 3.0 or some version of TLS is already enabled at this point, so
+ * we don't need to change vrange->max.
+ */
+ vrange->min = SSL_LIBRARY_VERSION_3_0;
+ } else {
+ /* Disable SSL 3.0, leaving TLS unaffected. */
+ if (vrange->max > SSL_LIBRARY_VERSION_3_0) {
+ vrange->min = PR_MAX(vrange->min, SSL_LIBRARY_VERSION_TLS_1_0);
+ } else {
+ /* Only SSL 3.0 was enabled, so now no versions are. */
+ vrange->min = SSL_LIBRARY_VERSION_NONE;
+ vrange->max = SSL_LIBRARY_VERSION_NONE;
+ }
+ }
+}
+
+SECStatus
+SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ SECStatus rv = SECSuccess;
+ PRBool holdingLocks;
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ holdingLocks = (!ss->opt.noLocks);
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ switch (which) {
+ case SSL_SOCKS:
+ ss->opt.useSocks = PR_FALSE;
+ rv = PrepareSocket(ss);
+ if (on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ break;
+
+ case SSL_SECURITY:
+ ss->opt.useSecurity = on;
+ rv = PrepareSocket(ss);
+ break;
+
+ case SSL_REQUEST_CERTIFICATE:
+ ss->opt.requestCertificate = on;
+ break;
+
+ case SSL_REQUIRE_CERTIFICATE:
+ ss->opt.requireCertificate = on;
+ break;
+
+ case SSL_HANDSHAKE_AS_CLIENT:
+ if (ss->opt.handshakeAsServer && on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+ ss->opt.handshakeAsClient = on;
+ break;
+
+ case SSL_HANDSHAKE_AS_SERVER:
+ if (ss->opt.handshakeAsClient && on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+ ss->opt.handshakeAsServer = on;
+ break;
+
+ case SSL_ENABLE_TLS:
+ if (IS_DTLS(ss)) {
+ if (on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure; /* not allowed */
+ }
+ break;
+ }
+ ssl_EnableTLS(&ss->vrange, on);
+ break;
+
+ case SSL_ENABLE_SSL3:
+ if (IS_DTLS(ss)) {
+ if (on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure; /* not allowed */
+ }
+ break;
+ }
+ ssl_EnableSSL3(&ss->vrange, on);
+ break;
+
+ case SSL_ENABLE_SSL2:
+ case SSL_V2_COMPATIBLE_HELLO:
+ /* We no longer support SSL v2.
+ * However, if an old application requests to disable SSL v2,
+ * we shouldn't fail.
+ */
+ if (on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ break;
+
+ case SSL_NO_CACHE:
+ ss->opt.noCache = on;
+ break;
+
+ case SSL_ENABLE_FDX:
+ if (on && ss->opt.noLocks) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ ss->opt.fdx = on;
+ break;
+
+ case SSL_ROLLBACK_DETECTION:
+ ss->opt.detectRollBack = on;
+ break;
+
+ case SSL_NO_STEP_DOWN:
+ break;
+
+ case SSL_BYPASS_PKCS11:
+ break;
+
+ case SSL_NO_LOCKS:
+ if (on && ss->opt.fdx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ if (on && ssl_force_locks)
+ on = PR_FALSE; /* silent override */
+ ss->opt.noLocks = on;
+ if (on) {
+ locksEverDisabled = PR_TRUE;
+ strcpy(lockStatus + LOCKSTATUS_OFFSET, "DISABLED.");
+ } else if (!holdingLocks) {
+ rv = ssl_MakeLocks(ss);
+ if (rv != SECSuccess) {
+ ss->opt.noLocks = PR_TRUE;
+ }
+ }
+ break;
+
+ case SSL_ENABLE_SESSION_TICKETS:
+ ss->opt.enableSessionTickets = on;
+ break;
+
+ case SSL_ENABLE_DEFLATE:
+ ss->opt.enableDeflate = on;
+ break;
+
+ case SSL_ENABLE_RENEGOTIATION:
+ if (IS_DTLS(ss) && on != SSL_RENEGOTIATE_NEVER) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ break;
+ }
+ ss->opt.enableRenegotiation = on;
+ break;
+
+ case SSL_REQUIRE_SAFE_NEGOTIATION:
+ ss->opt.requireSafeNegotiation = on;
+ break;
+
+ case SSL_ENABLE_FALSE_START:
+ ss->opt.enableFalseStart = on;
+ break;
+
+ case SSL_CBC_RANDOM_IV:
+ ss->opt.cbcRandomIV = on;
+ break;
+
+ case SSL_ENABLE_OCSP_STAPLING:
+ ss->opt.enableOCSPStapling = on;
+ break;
+
+ case SSL_ENABLE_NPN:
+ break;
+
+ case SSL_ENABLE_ALPN:
+ ss->opt.enableALPN = on;
+ break;
+
+ case SSL_REUSE_SERVER_ECDHE_KEY:
+ ss->opt.reuseServerECDHEKey = on;
+ break;
+
+ case SSL_ENABLE_FALLBACK_SCSV:
+ ss->opt.enableFallbackSCSV = on;
+ break;
+
+ case SSL_ENABLE_SERVER_DHE:
+ ss->opt.enableServerDhe = on;
+ break;
+
+ case SSL_ENABLE_EXTENDED_MASTER_SECRET:
+ ss->opt.enableExtendedMS = on;
+ break;
+
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
+ ss->opt.enableSignedCertTimestamps = on;
+ break;
+
+ case SSL_REQUIRE_DH_NAMED_GROUPS:
+ ss->opt.requireDHENamedGroups = on;
+ break;
+
+ case SSL_ENABLE_0RTT_DATA:
+ ss->opt.enable0RttData = on;
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+
+ /* We can't use the macros for releasing the locks here,
+ * because ss->opt.noLocks might have changed just above.
+ * We must release these locks (monitors) here, if we aquired them above,
+ * regardless of the current value of ss->opt.noLocks.
+ */
+ if (holdingLocks) {
+ PZ_ExitMonitor((ss)->ssl3HandshakeLock);
+ PZ_ExitMonitor((ss)->firstHandshakeLock);
+ }
+
+ return rv;
+}
+
+SECStatus
+SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ SECStatus rv = SECSuccess;
+ PRBool on = PR_FALSE;
+
+ if (!pOn) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
+ *pOn = PR_FALSE;
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ switch (which) {
+ case SSL_SOCKS:
+ on = PR_FALSE;
+ break;
+ case SSL_SECURITY:
+ on = ss->opt.useSecurity;
+ break;
+ case SSL_REQUEST_CERTIFICATE:
+ on = ss->opt.requestCertificate;
+ break;
+ case SSL_REQUIRE_CERTIFICATE:
+ on = ss->opt.requireCertificate;
+ break;
+ case SSL_HANDSHAKE_AS_CLIENT:
+ on = ss->opt.handshakeAsClient;
+ break;
+ case SSL_HANDSHAKE_AS_SERVER:
+ on = ss->opt.handshakeAsServer;
+ break;
+ case SSL_ENABLE_TLS:
+ on = ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_0;
+ break;
+ case SSL_ENABLE_SSL3:
+ on = ss->vrange.min == SSL_LIBRARY_VERSION_3_0;
+ break;
+ case SSL_ENABLE_SSL2:
+ case SSL_V2_COMPATIBLE_HELLO:
+ on = PR_FALSE;
+ break;
+ case SSL_NO_CACHE:
+ on = ss->opt.noCache;
+ break;
+ case SSL_ENABLE_FDX:
+ on = ss->opt.fdx;
+ break;
+ case SSL_ROLLBACK_DETECTION:
+ on = ss->opt.detectRollBack;
+ break;
+ case SSL_NO_STEP_DOWN:
+ on = PR_FALSE;
+ break;
+ case SSL_BYPASS_PKCS11:
+ on = PR_FALSE;
+ break;
+ case SSL_NO_LOCKS:
+ on = ss->opt.noLocks;
+ break;
+ case SSL_ENABLE_SESSION_TICKETS:
+ on = ss->opt.enableSessionTickets;
+ break;
+ case SSL_ENABLE_DEFLATE:
+ on = ss->opt.enableDeflate;
+ break;
+ case SSL_ENABLE_RENEGOTIATION:
+ on = ss->opt.enableRenegotiation;
+ break;
+ case SSL_REQUIRE_SAFE_NEGOTIATION:
+ on = ss->opt.requireSafeNegotiation;
+ break;
+ case SSL_ENABLE_FALSE_START:
+ on = ss->opt.enableFalseStart;
+ break;
+ case SSL_CBC_RANDOM_IV:
+ on = ss->opt.cbcRandomIV;
+ break;
+ case SSL_ENABLE_OCSP_STAPLING:
+ on = ss->opt.enableOCSPStapling;
+ break;
+ case SSL_ENABLE_NPN:
+ on = ss->opt.enableNPN;
+ break;
+ case SSL_ENABLE_ALPN:
+ on = ss->opt.enableALPN;
+ break;
+ case SSL_REUSE_SERVER_ECDHE_KEY:
+ on = ss->opt.reuseServerECDHEKey;
+ break;
+ case SSL_ENABLE_FALLBACK_SCSV:
+ on = ss->opt.enableFallbackSCSV;
+ break;
+ case SSL_ENABLE_SERVER_DHE:
+ on = ss->opt.enableServerDhe;
+ break;
+ case SSL_ENABLE_EXTENDED_MASTER_SECRET:
+ on = ss->opt.enableExtendedMS;
+ break;
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
+ on = ss->opt.enableSignedCertTimestamps;
+ break;
+ case SSL_REQUIRE_DH_NAMED_GROUPS:
+ on = ss->opt.requireDHENamedGroups;
+ break;
+ case SSL_ENABLE_0RTT_DATA:
+ on = ss->opt.enable0RttData;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ *pOn = on;
+ return rv;
+}
+
+SECStatus
+SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
+{
+ SECStatus rv = SECSuccess;
+ PRBool on = PR_FALSE;
+
+ if (!pOn) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ssl_SetDefaultsFromEnvironment();
+
+ switch (which) {
+ case SSL_SOCKS:
+ on = PR_FALSE;
+ break;
+ case SSL_SECURITY:
+ on = ssl_defaults.useSecurity;
+ break;
+ case SSL_REQUEST_CERTIFICATE:
+ on = ssl_defaults.requestCertificate;
+ break;
+ case SSL_REQUIRE_CERTIFICATE:
+ on = ssl_defaults.requireCertificate;
+ break;
+ case SSL_HANDSHAKE_AS_CLIENT:
+ on = ssl_defaults.handshakeAsClient;
+ break;
+ case SSL_HANDSHAKE_AS_SERVER:
+ on = ssl_defaults.handshakeAsServer;
+ break;
+ case SSL_ENABLE_TLS:
+ on = versions_defaults_stream.max >= SSL_LIBRARY_VERSION_TLS_1_0;
+ break;
+ case SSL_ENABLE_SSL3:
+ on = versions_defaults_stream.min == SSL_LIBRARY_VERSION_3_0;
+ break;
+ case SSL_ENABLE_SSL2:
+ case SSL_V2_COMPATIBLE_HELLO:
+ on = PR_FALSE;
+ break;
+ case SSL_NO_CACHE:
+ on = ssl_defaults.noCache;
+ break;
+ case SSL_ENABLE_FDX:
+ on = ssl_defaults.fdx;
+ break;
+ case SSL_ROLLBACK_DETECTION:
+ on = ssl_defaults.detectRollBack;
+ break;
+ case SSL_NO_STEP_DOWN:
+ on = PR_FALSE;
+ break;
+ case SSL_BYPASS_PKCS11:
+ on = PR_FALSE;
+ break;
+ case SSL_NO_LOCKS:
+ on = ssl_defaults.noLocks;
+ break;
+ case SSL_ENABLE_SESSION_TICKETS:
+ on = ssl_defaults.enableSessionTickets;
+ break;
+ case SSL_ENABLE_DEFLATE:
+ on = ssl_defaults.enableDeflate;
+ break;
+ case SSL_ENABLE_RENEGOTIATION:
+ on = ssl_defaults.enableRenegotiation;
+ break;
+ case SSL_REQUIRE_SAFE_NEGOTIATION:
+ on = ssl_defaults.requireSafeNegotiation;
+ break;
+ case SSL_ENABLE_FALSE_START:
+ on = ssl_defaults.enableFalseStart;
+ break;
+ case SSL_CBC_RANDOM_IV:
+ on = ssl_defaults.cbcRandomIV;
+ break;
+ case SSL_ENABLE_OCSP_STAPLING:
+ on = ssl_defaults.enableOCSPStapling;
+ break;
+ case SSL_ENABLE_NPN:
+ on = ssl_defaults.enableNPN;
+ break;
+ case SSL_ENABLE_ALPN:
+ on = ssl_defaults.enableALPN;
+ break;
+ case SSL_REUSE_SERVER_ECDHE_KEY:
+ on = ssl_defaults.reuseServerECDHEKey;
+ break;
+ case SSL_ENABLE_FALLBACK_SCSV:
+ on = ssl_defaults.enableFallbackSCSV;
+ break;
+ case SSL_ENABLE_SERVER_DHE:
+ on = ssl_defaults.enableServerDhe;
+ break;
+ case SSL_ENABLE_EXTENDED_MASTER_SECRET:
+ on = ssl_defaults.enableExtendedMS;
+ break;
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
+ on = ssl_defaults.enableSignedCertTimestamps;
+ break;
+ case SSL_ENABLE_0RTT_DATA:
+ on = ssl_defaults.enable0RttData;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+
+ *pOn = on;
+ return rv;
+}
+
+/* XXX Use Global Lock to protect this stuff. */
+SECStatus
+SSL_EnableDefault(int which, PRBool on)
+{
+ return SSL_OptionSetDefault(which, on);
+}
+
+SECStatus
+SSL_OptionSetDefault(PRInt32 which, PRBool on)
+{
+ SECStatus status = ssl_Init();
+
+ if (status != SECSuccess) {
+ return status;
+ }
+
+ ssl_SetDefaultsFromEnvironment();
+
+ switch (which) {
+ case SSL_SOCKS:
+ ssl_defaults.useSocks = PR_FALSE;
+ if (on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ break;
+
+ case SSL_SECURITY:
+ ssl_defaults.useSecurity = on;
+ break;
+
+ case SSL_REQUEST_CERTIFICATE:
+ ssl_defaults.requestCertificate = on;
+ break;
+
+ case SSL_REQUIRE_CERTIFICATE:
+ ssl_defaults.requireCertificate = on;
+ break;
+
+ case SSL_HANDSHAKE_AS_CLIENT:
+ if (ssl_defaults.handshakeAsServer && on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ ssl_defaults.handshakeAsClient = on;
+ break;
+
+ case SSL_HANDSHAKE_AS_SERVER:
+ if (ssl_defaults.handshakeAsClient && on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ ssl_defaults.handshakeAsServer = on;
+ break;
+
+ case SSL_ENABLE_TLS:
+ ssl_EnableTLS(&versions_defaults_stream, on);
+ break;
+
+ case SSL_ENABLE_SSL3:
+ ssl_EnableSSL3(&versions_defaults_stream, on);
+ break;
+
+ case SSL_ENABLE_SSL2:
+ case SSL_V2_COMPATIBLE_HELLO:
+ /* We no longer support SSL v2.
+ * However, if an old application requests to disable SSL v2,
+ * we shouldn't fail.
+ */
+ if (on) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ break;
+
+ case SSL_NO_CACHE:
+ ssl_defaults.noCache = on;
+ break;
+
+ case SSL_ENABLE_FDX:
+ if (on && ssl_defaults.noLocks) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ ssl_defaults.fdx = on;
+ break;
+
+ case SSL_ROLLBACK_DETECTION:
+ ssl_defaults.detectRollBack = on;
+ break;
+
+ case SSL_NO_STEP_DOWN:
+ break;
+
+ case SSL_BYPASS_PKCS11:
+ break;
+
+ case SSL_NO_LOCKS:
+ if (on && ssl_defaults.fdx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (on && ssl_force_locks)
+ on = PR_FALSE; /* silent override */
+ ssl_defaults.noLocks = on;
+ if (on) {
+ locksEverDisabled = PR_TRUE;
+ strcpy(lockStatus + LOCKSTATUS_OFFSET, "DISABLED.");
+ }
+ break;
+
+ case SSL_ENABLE_SESSION_TICKETS:
+ ssl_defaults.enableSessionTickets = on;
+ break;
+
+ case SSL_ENABLE_DEFLATE:
+ ssl_defaults.enableDeflate = on;
+ break;
+
+ case SSL_ENABLE_RENEGOTIATION:
+ ssl_defaults.enableRenegotiation = on;
+ break;
+
+ case SSL_REQUIRE_SAFE_NEGOTIATION:
+ ssl_defaults.requireSafeNegotiation = on;
+ break;
+
+ case SSL_ENABLE_FALSE_START:
+ ssl_defaults.enableFalseStart = on;
+ break;
+
+ case SSL_CBC_RANDOM_IV:
+ ssl_defaults.cbcRandomIV = on;
+ break;
+
+ case SSL_ENABLE_OCSP_STAPLING:
+ ssl_defaults.enableOCSPStapling = on;
+ break;
+
+ case SSL_ENABLE_NPN:
+ break;
+
+ case SSL_ENABLE_ALPN:
+ ssl_defaults.enableALPN = on;
+ break;
+
+ case SSL_REUSE_SERVER_ECDHE_KEY:
+ ssl_defaults.reuseServerECDHEKey = on;
+ break;
+
+ case SSL_ENABLE_FALLBACK_SCSV:
+ ssl_defaults.enableFallbackSCSV = on;
+ break;
+
+ case SSL_ENABLE_SERVER_DHE:
+ ssl_defaults.enableServerDhe = on;
+ break;
+
+ case SSL_ENABLE_EXTENDED_MASTER_SECRET:
+ ssl_defaults.enableExtendedMS = on;
+ break;
+
+ case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS:
+ ssl_defaults.enableSignedCertTimestamps = on;
+ break;
+
+ case SSL_ENABLE_0RTT_DATA:
+ ssl_defaults.enable0RttData = on;
+ break;
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* function tells us if the cipher suite is one that we no longer support. */
+static PRBool
+ssl_IsRemovedCipherSuite(PRInt32 suite)
+{
+ switch (suite) {
+ case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
+ case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:
+ case SSL_FORTEZZA_DMS_WITH_RC4_128_SHA:
+ return PR_TRUE;
+ default:
+ return PR_FALSE;
+ }
+}
+
+/* Part of the public NSS API.
+ * Since this is a global (not per-socket) setting, we cannot use the
+ * HandshakeLock to protect this. Probably want a global lock.
+ */
+SECStatus
+SSL_SetPolicy(long which, int policy)
+{
+ if (ssl_IsRemovedCipherSuite(which))
+ return SECSuccess;
+ return SSL_CipherPolicySet(which, policy);
+}
+
+SECStatus
+ssl_CipherPolicySet(PRInt32 which, PRInt32 policy)
+{
+ SECStatus rv = SECSuccess;
+
+ if (ssl_IsRemovedCipherSuite(which)) {
+ rv = SECSuccess;
+ } else {
+ rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy);
+ }
+ return rv;
+}
+SECStatus
+SSL_CipherPolicySet(PRInt32 which, PRInt32 policy)
+{
+ SECStatus rv = ssl_Init();
+
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return ssl_CipherPolicySet(which, policy);
+}
+
+SECStatus
+SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy)
+{
+ SECStatus rv;
+
+ if (!oPolicy) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (ssl_IsRemovedCipherSuite(which)) {
+ *oPolicy = SSL_NOT_ALLOWED;
+ rv = SECSuccess;
+ } else {
+ rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy);
+ }
+ return rv;
+}
+
+/* Part of the public NSS API.
+ * Since this is a global (not per-socket) setting, we cannot use the
+ * HandshakeLock to protect this. Probably want a global lock.
+ * These changes have no effect on any sslSockets already created.
+ */
+SECStatus
+SSL_EnableCipher(long which, PRBool enabled)
+{
+ if (ssl_IsRemovedCipherSuite(which))
+ return SECSuccess;
+ return SSL_CipherPrefSetDefault(which, enabled);
+}
+
+SECStatus
+ssl_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
+{
+ if (ssl_IsRemovedCipherSuite(which))
+ return SECSuccess;
+ return ssl3_CipherPrefSetDefault((ssl3CipherSuite)which, enabled);
+}
+
+SECStatus
+SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
+{
+ SECStatus rv = ssl_Init();
+
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return ssl_CipherPrefSetDefault(which, enabled);
+}
+
+SECStatus
+SSL_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
+{
+ SECStatus rv;
+
+ if (!enabled) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (ssl_IsRemovedCipherSuite(which)) {
+ *enabled = PR_FALSE;
+ rv = SECSuccess;
+ } else {
+ rv = ssl3_CipherPrefGetDefault((ssl3CipherSuite)which, enabled);
+ }
+ return rv;
+}
+
+SECStatus
+SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ if (ssl_IsRemovedCipherSuite(which))
+ return SECSuccess;
+ return ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
+}
+
+SECStatus
+SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
+{
+ SECStatus rv;
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!enabled) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
+ *enabled = PR_FALSE;
+ return SECFailure;
+ }
+ if (ssl_IsRemovedCipherSuite(which)) {
+ *enabled = PR_FALSE;
+ rv = SECSuccess;
+ } else {
+ rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled);
+ }
+ return rv;
+}
+
+SECStatus
+NSS_SetDomesticPolicy(void)
+{
+ SECStatus status = SECSuccess;
+ const PRUint16 *cipher;
+ SECStatus rv;
+ PRUint32 policy;
+
+ /* If we've already defined some policy oids, skip changing them */
+ rv = NSS_GetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, &policy);
+ if ((rv == SECSuccess) && (policy & NSS_USE_POLICY_IN_SSL)) {
+ return ssl_Init(); /* make sure the policies have bee loaded */
+ }
+
+ for (cipher = SSL_ImplementedCiphers; *cipher != 0; ++cipher) {
+ status = SSL_SetPolicy(*cipher, SSL_ALLOWED);
+ if (status != SECSuccess)
+ break;
+ }
+ return status;
+}
+
+SECStatus
+NSS_SetExportPolicy(void)
+{
+ return NSS_SetDomesticPolicy();
+}
+
+SECStatus
+NSS_SetFrancePolicy(void)
+{
+ return NSS_SetDomesticPolicy();
+}
+
+SECStatus
+SSL_NamedGroupConfig(PRFileDesc *fd, const SSLNamedGroup *groups,
+ unsigned int numGroups)
+{
+ unsigned int i;
+ unsigned int j = 0;
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return SECFailure;
+ }
+
+ if (!groups) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (numGroups > SSL_NAMED_GROUP_COUNT) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ memset((void *)ss->namedGroupPreferences, 0,
+ sizeof(ss->namedGroupPreferences));
+ for (i = 0; i < numGroups; ++i) {
+ const sslNamedGroupDef *groupDef = ssl_LookupNamedGroup(groups[i]);
+ if (!ssl_NamedGroupEnabled(ss, groupDef)) {
+ ss->namedGroupPreferences[j++] = groupDef;
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_DHEGroupPrefSet(PRFileDesc *fd, const SSLDHEGroupType *groups,
+ PRUint16 num_groups)
+{
+ sslSocket *ss;
+ const SSLDHEGroupType *list;
+ unsigned int count;
+ int i, k, j;
+ const sslNamedGroupDef *enabled[SSL_NAMED_GROUP_COUNT] = { 0 };
+ static const SSLDHEGroupType default_dhe_groups[] = {
+ ssl_ff_dhe_2048_group
+ };
+
+ if ((num_groups && !groups) || (!num_groups && groups) ||
+ num_groups > SSL_NAMED_GROUP_COUNT) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_DHEGroupPrefSet", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (groups) {
+ list = groups;
+ count = num_groups;
+ } else {
+ list = default_dhe_groups;
+ count = PR_ARRAY_SIZE(default_dhe_groups);
+ }
+
+ /* save enabled ec groups and clear ss->namedGroupPreferences */
+ k = 0;
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ss->namedGroupPreferences[i] &&
+ ss->namedGroupPreferences[i]->keaType != ssl_kea_dh) {
+ enabled[k++] = ss->namedGroupPreferences[i];
+ }
+ ss->namedGroupPreferences[i] = NULL;
+ }
+
+ ss->ssl3.dhePreferredGroup = NULL;
+ for (i = 0; i < count; ++i) {
+ PRBool duplicate = PR_FALSE;
+ SSLNamedGroup name;
+ const sslNamedGroupDef *groupDef;
+ switch (list[i]) {
+ case ssl_ff_dhe_2048_group:
+ name = ssl_grp_ffdhe_2048;
+ break;
+ case ssl_ff_dhe_3072_group:
+ name = ssl_grp_ffdhe_3072;
+ break;
+ case ssl_ff_dhe_4096_group:
+ name = ssl_grp_ffdhe_4096;
+ break;
+ case ssl_ff_dhe_6144_group:
+ name = ssl_grp_ffdhe_6144;
+ break;
+ case ssl_ff_dhe_8192_group:
+ name = ssl_grp_ffdhe_8192;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ groupDef = ssl_LookupNamedGroup(name);
+ PORT_Assert(groupDef);
+ if (!ss->ssl3.dhePreferredGroup) {
+ ss->ssl3.dhePreferredGroup = groupDef;
+ }
+ PORT_Assert(k < SSL_NAMED_GROUP_COUNT);
+ for (j = 0; j < k; ++j) {
+ /* skip duplicates */
+ if (enabled[j] == groupDef) {
+ duplicate = PR_TRUE;
+ break;
+ }
+ }
+ if (!duplicate) {
+ enabled[k++] = groupDef;
+ }
+ }
+ for (i = 0; i < k; ++i) {
+ ss->namedGroupPreferences[i] = enabled[i];
+ }
+
+ return SECSuccess;
+}
+
+PRCallOnceType gWeakDHParamsRegisterOnce;
+int gWeakDHParamsRegisterError;
+
+PRCallOnceType gWeakDHParamsOnce;
+int gWeakDHParamsError;
+/* As our code allocates type PQGParams, we'll keep it around,
+ * even though we only make use of it's parameters through gWeakDHParam. */
+static PQGParams *gWeakParamsPQG;
+static ssl3DHParams *gWeakDHParams;
+#define WEAK_DHE_SIZE 1024
+
+static PRStatus
+ssl3_CreateWeakDHParams(void)
+{
+ PQGVerify *vfy;
+ SECStatus rv, passed;
+
+ PORT_Assert(!gWeakDHParams && !gWeakParamsPQG);
+
+ rv = PK11_PQG_ParamGenV2(WEAK_DHE_SIZE, 160, 64 /*maximum seed that will work*/,
+ &gWeakParamsPQG, &vfy);
+ if (rv != SECSuccess) {
+ gWeakDHParamsError = PORT_GetError();
+ return PR_FAILURE;
+ }
+
+ rv = PK11_PQG_VerifyParams(gWeakParamsPQG, vfy, &passed);
+ if (rv != SECSuccess || passed != SECSuccess) {
+ SSL_DBG(("%d: PK11_PQG_VerifyParams failed in ssl3_CreateWeakDHParams",
+ SSL_GETPID()));
+ gWeakDHParamsError = PORT_GetError();
+ return PR_FAILURE;
+ }
+
+ gWeakDHParams = PORT_ArenaNew(gWeakParamsPQG->arena, ssl3DHParams);
+ if (!gWeakDHParams) {
+ gWeakDHParamsError = PORT_GetError();
+ return PR_FAILURE;
+ }
+
+ gWeakDHParams->name = ssl_grp_ffdhe_custom;
+ gWeakDHParams->prime.data = gWeakParamsPQG->prime.data;
+ gWeakDHParams->prime.len = gWeakParamsPQG->prime.len;
+ gWeakDHParams->base.data = gWeakParamsPQG->base.data;
+ gWeakDHParams->base.len = gWeakParamsPQG->base.len;
+
+ PK11_PQG_DestroyVerify(vfy);
+ return PR_SUCCESS;
+}
+
+static SECStatus
+ssl3_WeakDHParamsShutdown(void *appData, void *nssData)
+{
+ if (gWeakParamsPQG) {
+ PK11_PQG_DestroyParams(gWeakParamsPQG);
+ gWeakParamsPQG = NULL;
+ gWeakDHParams = NULL;
+ }
+ return SECSuccess;
+}
+
+static PRStatus
+ssl3_WeakDHParamsRegisterShutdown(void)
+{
+ SECStatus rv;
+ rv = NSS_RegisterShutdown(ssl3_WeakDHParamsShutdown, NULL);
+ if (rv != SECSuccess) {
+ gWeakDHParamsRegisterError = PORT_GetError();
+ }
+ return (PRStatus)rv;
+}
+
+/* global init strategy inspired by ssl3_CreateECDHEphemeralKeys */
+SECStatus
+SSL_EnableWeakDHEPrimeGroup(PRFileDesc *fd, PRBool enabled)
+{
+ sslSocket *ss;
+ PRStatus status;
+
+ if (enabled) {
+ status = PR_CallOnce(&gWeakDHParamsRegisterOnce,
+ ssl3_WeakDHParamsRegisterShutdown);
+ if (status != PR_SUCCESS) {
+ PORT_SetError(gWeakDHParamsRegisterError);
+ return SECFailure;
+ }
+
+ status = PR_CallOnce(&gWeakDHParamsOnce, ssl3_CreateWeakDHParams);
+ if (status != PR_SUCCESS) {
+ PORT_SetError(gWeakDHParamsError);
+ return SECFailure;
+ }
+ }
+
+ if (!fd)
+ return SECSuccess;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_DHEGroupPrefSet", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ ss->ssl3.dheWeakGroupEnabled = enabled;
+ return SECSuccess;
+}
+
+#include "dhe-param.c"
+
+const ssl3DHParams *
+ssl_GetDHEParams(const sslNamedGroupDef *groupDef)
+{
+ switch (groupDef->name) {
+ case ssl_grp_ffdhe_2048:
+ return &ff_dhe_2048_params;
+ case ssl_grp_ffdhe_3072:
+ return &ff_dhe_3072_params;
+ case ssl_grp_ffdhe_4096:
+ return &ff_dhe_4096_params;
+ case ssl_grp_ffdhe_6144:
+ return &ff_dhe_6144_params;
+ case ssl_grp_ffdhe_8192:
+ return &ff_dhe_8192_params;
+ case ssl_grp_ffdhe_custom:
+ PORT_Assert(gWeakDHParams);
+ return gWeakDHParams;
+ default:
+ PORT_Assert(0);
+ }
+ return NULL;
+}
+
+/* This validates dh_Ys against the group prime. */
+PRBool
+ssl_IsValidDHEShare(const SECItem *dh_p, const SECItem *dh_Ys)
+{
+ unsigned int size_p = SECKEY_BigIntegerBitLength(dh_p);
+ unsigned int size_y = SECKEY_BigIntegerBitLength(dh_Ys);
+ unsigned int commonPart;
+ int cmp;
+
+ if (dh_p->len == 0 || dh_Ys->len == 0) {
+ return PR_FALSE;
+ }
+ /* Check that the prime is at least odd. */
+ if ((dh_p->data[dh_p->len - 1] & 0x01) == 0) {
+ return PR_FALSE;
+ }
+ /* dh_Ys can't be 1, or bigger than dh_p. */
+ if (size_y <= 1 || size_y > size_p) {
+ return PR_FALSE;
+ }
+ /* If dh_Ys is shorter, then it's definitely smaller than p-1. */
+ if (size_y < size_p) {
+ return PR_TRUE;
+ }
+
+ /* Compare the common part of each, minus the final octet. */
+ commonPart = (size_p + 7) / 8;
+ PORT_Assert(commonPart <= dh_Ys->len);
+ PORT_Assert(commonPart <= dh_p->len);
+ cmp = PORT_Memcmp(dh_Ys->data + dh_Ys->len - commonPart,
+ dh_p->data + dh_p->len - commonPart, commonPart - 1);
+ if (cmp < 0) {
+ return PR_TRUE;
+ }
+ if (cmp > 0) {
+ return PR_FALSE;
+ }
+
+ /* The last octet of the prime is the only thing that is different and that
+ * has to be two greater than the share, otherwise we have Ys == p - 1,
+ * and that means small subgroups. */
+ if (dh_Ys->data[dh_Ys->len - 1] >= (dh_p->data[dh_p->len - 1] - 1)) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+/* Checks that the provided DH parameters match those in one of the named groups
+ * that we have enabled. The groups are defined in dhe-param.c and are those
+ * defined in Appendix A of draft-ietf-tls-negotiated-ff-dhe.
+ *
+ * |groupDef| and |dhParams| are optional outparams that identify the group and
+ * its parameters respectively (if this is successful). */
+SECStatus
+ssl_ValidateDHENamedGroup(sslSocket *ss,
+ const SECItem *dh_p,
+ const SECItem *dh_g,
+ const sslNamedGroupDef **groupDef,
+ const ssl3DHParams **dhParams)
+{
+ unsigned int i;
+
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ const ssl3DHParams *params;
+ if (!ss->namedGroupPreferences[i]) {
+ continue;
+ }
+ if (ss->namedGroupPreferences[i]->keaType != ssl_kea_dh) {
+ continue;
+ }
+
+ params = ssl_GetDHEParams(ss->namedGroupPreferences[i]);
+ PORT_Assert(params);
+ if (SECITEM_ItemsAreEqual(&params->prime, dh_p)) {
+ if (!SECITEM_ItemsAreEqual(&params->base, dh_g)) {
+ return SECFailure;
+ }
+ if (groupDef)
+ *groupDef = ss->namedGroupPreferences[i];
+ if (dhParams)
+ *dhParams = params;
+ return SECSuccess;
+ }
+ }
+
+ return SECFailure;
+}
+
+/* Ensure DH parameters have been selected. This just picks the first enabled
+ * FFDHE group in ssl_named_groups, or the weak one if it was enabled. */
+SECStatus
+ssl_SelectDHEGroup(sslSocket *ss, const sslNamedGroupDef **groupDef)
+{
+ unsigned int i;
+ static const sslNamedGroupDef weak_group_def = {
+ ssl_grp_ffdhe_custom, WEAK_DHE_SIZE, ssl_kea_dh,
+ SEC_OID_TLS_DHE_CUSTOM, PR_TRUE
+ };
+
+ /* Only select weak groups in TLS 1.2 and earlier, but not if the client has
+ * indicated that it supports an FFDHE named group. */
+ if (ss->ssl3.dheWeakGroupEnabled &&
+ ss->version < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ !ss->xtnData.peerSupportsFfdheGroups) {
+ *groupDef = &weak_group_def;
+ return SECSuccess;
+ }
+ if (ss->ssl3.dhePreferredGroup &&
+ ssl_NamedGroupEnabled(ss, ss->ssl3.dhePreferredGroup)) {
+ *groupDef = ss->ssl3.dhePreferredGroup;
+ return SECSuccess;
+ }
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ss->namedGroupPreferences[i] &&
+ ss->namedGroupPreferences[i]->keaType == ssl_kea_dh) {
+ *groupDef = ss->namedGroupPreferences[i];
+ return SECSuccess;
+ }
+ }
+
+ *groupDef = NULL;
+ PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
+ return SECFailure;
+}
+
+/* LOCKS ??? XXX */
+static PRFileDesc *
+ssl_ImportFD(PRFileDesc *model, PRFileDesc *fd, SSLProtocolVariant variant)
+{
+ sslSocket *ns = NULL;
+ PRStatus rv;
+ PRNetAddr addr;
+ SECStatus status = ssl_Init();
+
+ if (status != SECSuccess) {
+ return NULL;
+ }
+
+ if (model == NULL) {
+ /* Just create a default socket if we're given NULL for the model */
+ ns = ssl_NewSocket((PRBool)(!ssl_defaults.noLocks), variant);
+ } else {
+ sslSocket *ss = ssl_FindSocket(model);
+ if (ss == NULL || ss->protocolVariant != variant) {
+ SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD",
+ SSL_GETPID(), model));
+ return NULL;
+ }
+ ns = ssl_DupSocket(ss);
+ }
+ if (ns == NULL)
+ return NULL;
+
+ rv = ssl_PushIOLayer(ns, fd, PR_TOP_IO_LAYER);
+ if (rv != PR_SUCCESS) {
+ ssl_FreeSocket(ns);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+#if defined(DEBUG) || defined(FORCE_PR_ASSERT)
+ {
+ sslSocket *ss = ssl_FindSocket(fd);
+ PORT_Assert(ss == ns);
+ }
+#endif
+ ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
+ return fd;
+}
+
+PRFileDesc *
+SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
+{
+ return ssl_ImportFD(model, fd, ssl_variant_stream);
+}
+
+PRFileDesc *
+DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd)
+{
+ return ssl_ImportFD(model, fd, ssl_variant_datagram);
+}
+
+/* SSL_SetNextProtoCallback is used to select an application protocol
+ * for ALPN and NPN. For ALPN, this runs on the server; for NPN it
+ * runs on the client. */
+/* Note: The ALPN version doesn't allow for the use of a default, setting a
+ * status of SSL_NEXT_PROTO_NO_OVERLAP is treated as a failure. */
+SECStatus
+SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback,
+ void *arg)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoCallback", SSL_GETPID(),
+ fd));
+ return SECFailure;
+ }
+
+ ssl_GetSSL3HandshakeLock(ss);
+ ss->nextProtoCallback = callback;
+ ss->nextProtoArg = arg;
+ ssl_ReleaseSSL3HandshakeLock(ss);
+
+ return SECSuccess;
+}
+
+/* ssl_NextProtoNegoCallback is set as an ALPN/NPN callback when
+ * SSL_SetNextProtoNego is used.
+ */
+static SECStatus
+ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd,
+ const unsigned char *protos, unsigned int protos_len,
+ unsigned char *protoOut, unsigned int *protoOutLen,
+ unsigned int protoMaxLen)
+{
+ unsigned int i, j;
+ const unsigned char *result;
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in ssl_NextProtoNegoCallback",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ /* For each protocol in server preference, see if we support it. */
+ for (i = 0; i < protos_len;) {
+ for (j = 0; j < ss->opt.nextProtoNego.len;) {
+ if (protos[i] == ss->opt.nextProtoNego.data[j] &&
+ PORT_Memcmp(&protos[i + 1], &ss->opt.nextProtoNego.data[j + 1],
+ protos[i]) == 0) {
+ /* We found a match. */
+ ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NEGOTIATED;
+ result = &protos[i];
+ goto found;
+ }
+ j += 1 + (unsigned int)ss->opt.nextProtoNego.data[j];
+ }
+ i += 1 + (unsigned int)protos[i];
+ }
+
+ /* The other side supports the extension, and either doesn't have any
+ * protocols configured, or none of its options match ours. In this case we
+ * request our favoured protocol. */
+ /* This will be treated as a failure for ALPN. */
+ ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_OVERLAP;
+ result = ss->opt.nextProtoNego.data;
+
+found:
+ if (protoMaxLen < result[0]) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ memcpy(protoOut, result + 1, result[0]);
+ *protoOutLen = result[0];
+ return SECSuccess;
+}
+
+SECStatus
+SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data,
+ unsigned int length)
+{
+ sslSocket *ss;
+ SECStatus rv;
+ SECItem dataItem = { siBuffer, (unsigned char *)data, length };
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetNextProtoNego",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (ssl3_ValidateNextProtoNego(data, length) != SECSuccess)
+ return SECFailure;
+
+ ssl_GetSSL3HandshakeLock(ss);
+ SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE);
+ rv = SECITEM_CopyItem(NULL, &ss->opt.nextProtoNego, &dataItem);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+
+ if (rv != SECSuccess)
+ return rv;
+
+ return SSL_SetNextProtoCallback(fd, ssl_NextProtoNegoCallback, NULL);
+}
+
+SECStatus
+SSL_GetNextProto(PRFileDesc *fd, SSLNextProtoState *state, unsigned char *buf,
+ unsigned int *bufLen, unsigned int bufLenMax)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNextProto", SSL_GETPID(),
+ fd));
+ return SECFailure;
+ }
+
+ if (!state || !buf || !bufLen) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ *state = ss->xtnData.nextProtoState;
+
+ if (ss->xtnData.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT &&
+ ss->xtnData.nextProto.data) {
+ if (ss->xtnData.nextProto.len > bufLenMax) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+ PORT_Memcpy(buf, ss->xtnData.nextProto.data, ss->xtnData.nextProto.len);
+ *bufLen = ss->xtnData.nextProto.len;
+ } else {
+ *bufLen = 0;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_SetSRTPCiphers(PRFileDesc *fd,
+ const PRUint16 *ciphers,
+ unsigned int numCiphers)
+{
+ sslSocket *ss;
+ unsigned int i;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss || !IS_DTLS(ss)) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetSRTPCiphers",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (numCiphers > MAX_DTLS_SRTP_CIPHER_SUITES) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ss->ssl3.dtlsSRTPCipherCount = 0;
+ for (i = 0; i < numCiphers; i++) {
+ const PRUint16 *srtpCipher = srtpCiphers;
+
+ while (*srtpCipher) {
+ if (ciphers[i] == *srtpCipher)
+ break;
+ srtpCipher++;
+ }
+ if (*srtpCipher) {
+ ss->ssl3.dtlsSRTPCiphers[ss->ssl3.dtlsSRTPCipherCount++] =
+ ciphers[i];
+ } else {
+ SSL_DBG(("%d: SSL[%d]: invalid or unimplemented SRTP cipher "
+ "suite specified: 0x%04hx",
+ SSL_GETPID(), fd,
+ ciphers[i]));
+ }
+ }
+
+ if (ss->ssl3.dtlsSRTPCipherCount == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_GetSRTPCipher(PRFileDesc *fd, PRUint16 *cipher)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetSRTPCipher",
+ SSL_GETPID(), fd));
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!ss->xtnData.dtlsSRTPCipherSuite) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ *cipher = ss->xtnData.dtlsSRTPCipherSuite;
+ return SECSuccess;
+}
+
+PRFileDesc *
+SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd)
+{
+ sslSocket *sm = NULL, *ss = NULL;
+ PRCList *cursor;
+
+ if (model == NULL) {
+ PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
+ return NULL;
+ }
+ sm = ssl_FindSocket(model);
+ if (sm == NULL) {
+ SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ReconfigFD",
+ SSL_GETPID(), model));
+ return NULL;
+ }
+ ss = ssl_FindSocket(fd);
+ PORT_Assert(ss);
+ if (ss == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ ss->opt = sm->opt;
+ ss->vrange = sm->vrange;
+ PORT_Memcpy(ss->cipherSuites, sm->cipherSuites, sizeof sm->cipherSuites);
+ PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, sm->ssl3.dtlsSRTPCiphers,
+ sizeof(PRUint16) * sm->ssl3.dtlsSRTPCipherCount);
+ ss->ssl3.dtlsSRTPCipherCount = sm->ssl3.dtlsSRTPCipherCount;
+ PORT_Memcpy(ss->ssl3.signatureSchemes, sm->ssl3.signatureSchemes,
+ sizeof(ss->ssl3.signatureSchemes[0]) *
+ sm->ssl3.signatureSchemeCount);
+ ss->ssl3.signatureSchemeCount = sm->ssl3.signatureSchemeCount;
+ ss->ssl3.downgradeCheckVersion = sm->ssl3.downgradeCheckVersion;
+
+ if (!ss->opt.useSecurity) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+ while (!PR_CLIST_IS_EMPTY(&ss->serverCerts)) {
+ cursor = PR_LIST_TAIL(&ss->serverCerts);
+ PR_REMOVE_LINK(cursor);
+ ssl_FreeServerCert((sslServerCert *)cursor);
+ }
+ for (cursor = PR_NEXT_LINK(&sm->serverCerts);
+ cursor != &sm->serverCerts;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslServerCert *sc = ssl_CopyServerCert((sslServerCert *)cursor);
+ if (!sc)
+ return NULL;
+ PR_APPEND_LINK(&sc->link, &ss->serverCerts);
+ }
+
+ ssl_FreeEphemeralKeyPairs(ss);
+ for (cursor = PR_NEXT_LINK(&sm->ephemeralKeyPairs);
+ cursor != &sm->ephemeralKeyPairs;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslEphemeralKeyPair *mkp = (sslEphemeralKeyPair *)cursor;
+ sslEphemeralKeyPair *skp = ssl_CopyEphemeralKeyPair(mkp);
+ if (!skp)
+ return NULL;
+ PR_APPEND_LINK(&skp->link, &ss->ephemeralKeyPairs);
+ }
+ PORT_Memcpy((void *)ss->namedGroupPreferences,
+ sm->namedGroupPreferences,
+ sizeof(ss->namedGroupPreferences));
+ ss->additionalShares = sm->additionalShares;
+
+ /* copy trust anchor names */
+ if (sm->ssl3.ca_list) {
+ if (ss->ssl3.ca_list) {
+ CERT_FreeDistNames(ss->ssl3.ca_list);
+ }
+ ss->ssl3.ca_list = CERT_DupDistNames(sm->ssl3.ca_list);
+ if (!ss->ssl3.ca_list) {
+ return NULL;
+ }
+ }
+
+ if (sm->authCertificate)
+ ss->authCertificate = sm->authCertificate;
+ if (sm->authCertificateArg)
+ ss->authCertificateArg = sm->authCertificateArg;
+ if (sm->getClientAuthData)
+ ss->getClientAuthData = sm->getClientAuthData;
+ if (sm->getClientAuthDataArg)
+ ss->getClientAuthDataArg = sm->getClientAuthDataArg;
+ if (sm->sniSocketConfig)
+ ss->sniSocketConfig = sm->sniSocketConfig;
+ if (sm->sniSocketConfigArg)
+ ss->sniSocketConfigArg = sm->sniSocketConfigArg;
+ if (sm->handleBadCert)
+ ss->handleBadCert = sm->handleBadCert;
+ if (sm->badCertArg)
+ ss->badCertArg = sm->badCertArg;
+ if (sm->handshakeCallback)
+ ss->handshakeCallback = sm->handshakeCallback;
+ if (sm->handshakeCallbackData)
+ ss->handshakeCallbackData = sm->handshakeCallbackData;
+ if (sm->pkcs11PinArg)
+ ss->pkcs11PinArg = sm->pkcs11PinArg;
+ return fd;
+}
+
+/*
+ * Get the user supplied range
+ */
+static SECStatus
+ssl3_GetRangePolicy(SSLProtocolVariant protocolVariant, SSLVersionRange *prange)
+{
+ SECStatus rv;
+ PRUint32 policy;
+ PRInt32 option;
+
+ /* only use policy constraints if we've set the apply ssl policy bit */
+ rv = NSS_GetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, &policy);
+ if ((rv != SECSuccess) || !(policy & NSS_USE_POLICY_IN_SSL)) {
+ return SECFailure;
+ }
+ rv = NSS_OptionGet(VERSIONS_POLICY_MIN(protocolVariant), &option);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ prange->min = (PRUint16)option;
+ rv = NSS_OptionGet(VERSIONS_POLICY_MAX(protocolVariant), &option);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ prange->max = (PRUint16)option;
+ if (prange->max < prange->min) {
+ return SECFailure; /* don't accept an invalid policy */
+ }
+ return SECSuccess;
+}
+
+/*
+ * Constrain a single protocol variant's range based on the user policy
+ */
+static SECStatus
+ssl3_ConstrainVariantRangeByPolicy(SSLProtocolVariant protocolVariant)
+{
+ SSLVersionRange vrange;
+ SSLVersionRange pvrange;
+ SECStatus rv;
+
+ vrange = *VERSIONS_DEFAULTS(protocolVariant);
+ rv = ssl3_GetRangePolicy(protocolVariant, &pvrange);
+ if (rv != SECSuccess) {
+ return SECSuccess; /* we don't have any policy */
+ }
+ vrange.min = PR_MAX(vrange.min, pvrange.min);
+ vrange.max = PR_MIN(vrange.max, pvrange.max);
+ if (vrange.max >= vrange.min) {
+ *VERSIONS_DEFAULTS(protocolVariant) = vrange;
+ } else {
+ /* there was no overlap, turn off range altogether */
+ pvrange.min = pvrange.max = SSL_LIBRARY_VERSION_NONE;
+ *VERSIONS_DEFAULTS(protocolVariant) = pvrange;
+ }
+ return SECSuccess;
+}
+
+static PRBool
+ssl_VersionIsSupportedByPolicy(SSLProtocolVariant protocolVariant,
+ SSL3ProtocolVersion version)
+{
+ SSLVersionRange pvrange;
+ SECStatus rv;
+
+ rv = ssl3_GetRangePolicy(protocolVariant, &pvrange);
+ if (rv == SECSuccess) {
+ if ((version > pvrange.max) || (version < pvrange.min)) {
+ return PR_FALSE; /* disallowed by policy */
+ }
+ }
+ return PR_TRUE;
+}
+
+/*
+ * This is called at SSL init time to constrain the existing range based
+ * on user supplied policy.
+ */
+SECStatus
+ssl3_ConstrainRangeByPolicy(void)
+{
+ SECStatus rv;
+ rv = ssl3_ConstrainVariantRangeByPolicy(ssl_variant_stream);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ rv = ssl3_ConstrainVariantRangeByPolicy(ssl_variant_datagram);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ return SECSuccess;
+}
+
+PRBool
+ssl3_VersionIsSupported(SSLProtocolVariant protocolVariant,
+ SSL3ProtocolVersion version)
+{
+ if (!ssl_VersionIsSupportedByPolicy(protocolVariant, version)) {
+ return PR_FALSE;
+ }
+ switch (protocolVariant) {
+ case ssl_variant_stream:
+ return (version >= SSL_LIBRARY_VERSION_3_0 &&
+ version <= SSL_LIBRARY_VERSION_MAX_SUPPORTED);
+ case ssl_variant_datagram:
+ return (version >= SSL_LIBRARY_VERSION_TLS_1_1 &&
+ version <= SSL_LIBRARY_VERSION_MAX_SUPPORTED);
+ default:
+ /* Can't get here */
+ PORT_Assert(PR_FALSE);
+ return PR_FALSE;
+ }
+}
+
+/* Returns PR_TRUE if the given version range is valid and
+** fully supported; otherwise, returns PR_FALSE.
+*/
+static PRBool
+ssl3_VersionRangeIsValid(SSLProtocolVariant protocolVariant,
+ const SSLVersionRange *vrange)
+{
+ return vrange &&
+ vrange->min <= vrange->max &&
+ ssl3_VersionIsSupported(protocolVariant, vrange->min) &&
+ ssl3_VersionIsSupported(protocolVariant, vrange->max) &&
+ (vrange->min > SSL_LIBRARY_VERSION_3_0 ||
+ vrange->max < SSL_LIBRARY_VERSION_TLS_1_3);
+}
+
+const SECItem *
+SSL_PeerSignedCertTimestamps(PRFileDesc *fd)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_PeerSignedCertTimestamps",
+ SSL_GETPID(), fd));
+ return NULL;
+ }
+
+ if (!ss->sec.ci.sid) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return NULL;
+ }
+
+ return &ss->sec.ci.sid->u.ssl3.signedCertTimestamps;
+}
+
+SECStatus
+SSL_VersionRangeGetSupported(SSLProtocolVariant protocolVariant,
+ SSLVersionRange *vrange)
+{
+ if (!vrange) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ switch (protocolVariant) {
+ case ssl_variant_stream:
+ vrange->min = SSL_LIBRARY_VERSION_3_0;
+ vrange->max = SSL_LIBRARY_VERSION_MAX_SUPPORTED;
+ // We don't allow SSLv3 and TLSv1.3 together.
+ if (vrange->max == SSL_LIBRARY_VERSION_TLS_1_3) {
+ vrange->min = SSL_LIBRARY_VERSION_TLS_1_0;
+ }
+ break;
+ case ssl_variant_datagram:
+ vrange->min = SSL_LIBRARY_VERSION_TLS_1_1;
+ vrange->max = SSL_LIBRARY_VERSION_MAX_SUPPORTED;
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_VersionRangeGetDefault(SSLProtocolVariant protocolVariant,
+ SSLVersionRange *vrange)
+{
+ if ((protocolVariant != ssl_variant_stream &&
+ protocolVariant != ssl_variant_datagram) ||
+ !vrange) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ *vrange = *VERSIONS_DEFAULTS(protocolVariant);
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_VersionRangeSetDefault(SSLProtocolVariant protocolVariant,
+ const SSLVersionRange *vrange)
+{
+ if (!ssl3_VersionRangeIsValid(protocolVariant, vrange)) {
+ PORT_SetError(SSL_ERROR_INVALID_VERSION_RANGE);
+ return SECFailure;
+ }
+
+ *VERSIONS_DEFAULTS(protocolVariant) = *vrange;
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_VersionRangeGet(PRFileDesc *fd, SSLVersionRange *vrange)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_VersionRangeGet",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!vrange) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ *vrange = ss->vrange;
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_VersionRangeSet(PRFileDesc *fd, const SSLVersionRange *vrange)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_VersionRangeSet",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (!ssl3_VersionRangeIsValid(ss->protocolVariant, vrange)) {
+ PORT_SetError(SSL_ERROR_INVALID_VERSION_RANGE);
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ if (ss->ssl3.downgradeCheckVersion &&
+ ss->vrange.max > ss->ssl3.downgradeCheckVersion) {
+ PORT_SetError(SSL_ERROR_INVALID_VERSION_RANGE);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+ return SECFailure;
+ }
+
+ ss->vrange = *vrange;
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return SECSuccess;
+}
+
+SECStatus
+SSL_SetDowngradeCheckVersion(PRFileDesc *fd, PRUint16 version)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ SECStatus rv = SECFailure;
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetDowngradeCheckVersion",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (version && !ssl3_VersionIsSupported(ss->protocolVariant, version)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ if (version && version < ss->vrange.max) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ ss->ssl3.downgradeCheckVersion = version;
+ rv = SECSuccess;
+
+loser:
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+
+ return rv;
+}
+
+const SECItemArray *
+SSL_PeerStapledOCSPResponses(PRFileDesc *fd)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_PeerStapledOCSPResponses",
+ SSL_GETPID(), fd));
+ return NULL;
+ }
+
+ if (!ss->sec.ci.sid) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return NULL;
+ }
+
+ return &ss->sec.ci.sid->peerCertStatus;
+}
+
+/************************************************************************/
+/* The following functions are the TOP LEVEL SSL functions.
+** They all get called through the NSPRIOMethods table below.
+*/
+
+static PRFileDesc *PR_CALLBACK
+ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout)
+{
+ sslSocket *ss;
+ sslSocket *ns = NULL;
+ PRFileDesc *newfd = NULL;
+ PRFileDesc *osfd;
+ PRStatus status;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in accept", SSL_GETPID(), fd));
+ return NULL;
+ }
+
+ /* IF this is a listen socket, there shouldn't be any I/O going on */
+ SSL_LOCK_READER(ss);
+ SSL_LOCK_WRITER(ss);
+ ssl_Get1stHandshakeLock(ss);
+ ssl_GetSSL3HandshakeLock(ss);
+
+ ss->cTimeout = timeout;
+
+ osfd = ss->fd->lower;
+
+ /* First accept connection */
+ newfd = osfd->methods->accept(osfd, sockaddr, timeout);
+ if (newfd == NULL) {
+ SSL_DBG(("%d: SSL[%d]: accept failed, errno=%d",
+ SSL_GETPID(), ss->fd, PORT_GetError()));
+ } else {
+ /* Create ssl module */
+ ns = ssl_DupSocket(ss);
+ }
+
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ ssl_Release1stHandshakeLock(ss);
+ SSL_UNLOCK_WRITER(ss);
+ SSL_UNLOCK_READER(ss); /* ss isn't used below here. */
+
+ if (ns == NULL)
+ goto loser;
+
+ /* push ssl module onto the new socket */
+ status = ssl_PushIOLayer(ns, newfd, PR_TOP_IO_LAYER);
+ if (status != PR_SUCCESS)
+ goto loser;
+
+ /* Now start server connection handshake with client.
+ ** Don't need locks here because nobody else has a reference to ns yet.
+ */
+ if (ns->opt.useSecurity) {
+ if (ns->opt.handshakeAsClient) {
+ ns->handshake = ssl_BeginClientHandshake;
+ ss->handshaking = sslHandshakingAsClient;
+ } else {
+ ns->handshake = ssl_BeginServerHandshake;
+ ss->handshaking = sslHandshakingAsServer;
+ }
+ }
+ ns->TCPconnected = 1;
+ return newfd;
+
+loser:
+ if (ns != NULL)
+ ssl_FreeSocket(ns);
+ if (newfd != NULL)
+ PR_Close(newfd);
+ return NULL;
+}
+
+static PRStatus PR_CALLBACK
+ssl_Connect(PRFileDesc *fd, const PRNetAddr *sockaddr, PRIntervalTime timeout)
+{
+ sslSocket *ss;
+ PRStatus rv;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in connect", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+
+ /* IF this is a listen socket, there shouldn't be any I/O going on */
+ SSL_LOCK_READER(ss);
+ SSL_LOCK_WRITER(ss);
+
+ ss->cTimeout = timeout;
+ rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr);
+
+ SSL_UNLOCK_WRITER(ss);
+ SSL_UNLOCK_READER(ss);
+
+ return rv;
+}
+
+static PRStatus PR_CALLBACK
+ssl_Bind(PRFileDesc *fd, const PRNetAddr *addr)
+{
+ sslSocket *ss = ssl_GetPrivate(fd);
+ PRStatus rv;
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in bind", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+ SSL_LOCK_READER(ss);
+ SSL_LOCK_WRITER(ss);
+
+ rv = (PRStatus)(*ss->ops->bind)(ss, addr);
+
+ SSL_UNLOCK_WRITER(ss);
+ SSL_UNLOCK_READER(ss);
+ return rv;
+}
+
+static PRStatus PR_CALLBACK
+ssl_Listen(PRFileDesc *fd, PRIntn backlog)
+{
+ sslSocket *ss = ssl_GetPrivate(fd);
+ PRStatus rv;
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in listen", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+ SSL_LOCK_READER(ss);
+ SSL_LOCK_WRITER(ss);
+
+ rv = (PRStatus)(*ss->ops->listen)(ss, backlog);
+
+ SSL_UNLOCK_WRITER(ss);
+ SSL_UNLOCK_READER(ss);
+ return rv;
+}
+
+static PRStatus PR_CALLBACK
+ssl_Shutdown(PRFileDesc *fd, PRIntn how)
+{
+ sslSocket *ss = ssl_GetPrivate(fd);
+ PRStatus rv;
+
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in shutdown", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+ if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
+ SSL_LOCK_READER(ss);
+ }
+ if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
+ SSL_LOCK_WRITER(ss);
+ }
+
+ rv = (PRStatus)(*ss->ops->shutdown)(ss, how);
+
+ if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
+ SSL_UNLOCK_WRITER(ss);
+ }
+ if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
+ SSL_UNLOCK_READER(ss);
+ }
+ return rv;
+}
+
+static PRStatus PR_CALLBACK
+ssl_Close(PRFileDesc *fd)
+{
+ sslSocket *ss;
+ PRStatus rv;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in close", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+
+ /* There must not be any I/O going on */
+ SSL_LOCK_READER(ss);
+ SSL_LOCK_WRITER(ss);
+
+ /* By the time this function returns,
+ ** ss is an invalid pointer, and the locks to which it points have
+ ** been unlocked and freed. So, this is the ONE PLACE in all of SSL
+ ** where the LOCK calls and the corresponding UNLOCK calls are not in
+ ** the same function scope. The unlock calls are in ssl_FreeSocket().
+ */
+ rv = (PRStatus)(*ss->ops->close)(ss);
+
+ return rv;
+}
+
+static int PR_CALLBACK
+ssl_Recv(PRFileDesc *fd, void *buf, PRInt32 len, PRIntn flags,
+ PRIntervalTime timeout)
+{
+ sslSocket *ss;
+ int rv;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in recv", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ SSL_LOCK_READER(ss);
+ ss->rTimeout = timeout;
+ if (!ss->opt.fdx)
+ ss->wTimeout = timeout;
+ rv = (*ss->ops->recv)(ss, (unsigned char *)buf, len, flags);
+ SSL_UNLOCK_READER(ss);
+ return rv;
+}
+
+static int PR_CALLBACK
+ssl_Send(PRFileDesc *fd, const void *buf, PRInt32 len, PRIntn flags,
+ PRIntervalTime timeout)
+{
+ sslSocket *ss;
+ int rv;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in send", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ SSL_LOCK_WRITER(ss);
+ ss->wTimeout = timeout;
+ if (!ss->opt.fdx)
+ ss->rTimeout = timeout;
+ rv = (*ss->ops->send)(ss, (const unsigned char *)buf, len, flags);
+ SSL_UNLOCK_WRITER(ss);
+ return rv;
+}
+
+static int PR_CALLBACK
+ssl_Read(PRFileDesc *fd, void *buf, PRInt32 len)
+{
+ sslSocket *ss;
+ int rv;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in read", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ SSL_LOCK_READER(ss);
+ ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
+ if (!ss->opt.fdx)
+ ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
+ rv = (*ss->ops->read)(ss, (unsigned char *)buf, len);
+ SSL_UNLOCK_READER(ss);
+ return rv;
+}
+
+static int PR_CALLBACK
+ssl_Write(PRFileDesc *fd, const void *buf, PRInt32 len)
+{
+ sslSocket *ss;
+ int rv;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in write", SSL_GETPID(), fd));
+ return SECFailure;
+ }
+ SSL_LOCK_WRITER(ss);
+ ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
+ if (!ss->opt.fdx)
+ ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
+ rv = (*ss->ops->write)(ss, (const unsigned char *)buf, len);
+ SSL_UNLOCK_WRITER(ss);
+ return rv;
+}
+
+static PRStatus PR_CALLBACK
+ssl_GetPeerName(PRFileDesc *fd, PRNetAddr *addr)
+{
+ sslSocket *ss;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in getpeername", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+ return (PRStatus)(*ss->ops->getpeername)(ss, addr);
+}
+
+/*
+*/
+SECStatus
+ssl_GetPeerInfo(sslSocket *ss)
+{
+ PRFileDesc *osfd;
+ int rv;
+ PRNetAddr sin;
+
+ osfd = ss->fd->lower;
+
+ PORT_Memset(&sin, 0, sizeof(sin));
+ rv = osfd->methods->getpeername(osfd, &sin);
+ if (rv < 0) {
+ return SECFailure;
+ }
+ ss->TCPconnected = 1;
+ if (sin.inet.family == PR_AF_INET) {
+ PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ss->sec.ci.peer);
+ ss->sec.ci.port = sin.inet.port;
+ } else if (sin.ipv6.family == PR_AF_INET6) {
+ ss->sec.ci.peer = sin.ipv6.ip;
+ ss->sec.ci.port = sin.ipv6.port;
+ } else {
+ PORT_SetError(PR_ADDRESS_NOT_SUPPORTED_ERROR);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+static PRStatus PR_CALLBACK
+ssl_GetSockName(PRFileDesc *fd, PRNetAddr *name)
+{
+ sslSocket *ss;
+
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in getsockname", SSL_GETPID(), fd));
+ return PR_FAILURE;
+ }
+ return (PRStatus)(*ss->ops->getsockname)(ss, name);
+}
+
+SECStatus
+SSL_SetSockPeerID(PRFileDesc *fd, const char *peerID)
+{
+ sslSocket *ss;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetSockPeerID",
+ SSL_GETPID(), fd));
+ return SECFailure;
+ }
+
+ if (ss->peerID) {
+ PORT_Free(ss->peerID);
+ ss->peerID = NULL;
+ }
+ if (peerID)
+ ss->peerID = PORT_Strdup(peerID);
+ return (ss->peerID || !peerID) ? SECSuccess : SECFailure;
+}
+
+#define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ)
+
+static PRInt16 PR_CALLBACK
+ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
+{
+ sslSocket *ss;
+ PRInt16 new_flags = how_flags; /* should select on these flags. */
+ PRNetAddr addr;
+
+ *p_out_flags = 0;
+ ss = ssl_GetPrivate(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_Poll",
+ SSL_GETPID(), fd));
+ return 0; /* don't poll on this socket */
+ }
+
+ if (ss->opt.useSecurity &&
+ ss->handshaking != sslHandshakingUndetermined &&
+ !ss->firstHsDone &&
+ (how_flags & PR_POLL_RW)) {
+ if (!ss->TCPconnected) {
+ ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
+ }
+ /* If it's not connected, then presumably the application is polling
+ ** on read or write appropriately, so don't change it.
+ */
+ if (ss->TCPconnected) {
+ if (!ss->handshakeBegun) {
+ /* If the handshake has not begun, poll on read or write
+ ** based on the local application's role in the handshake,
+ ** not based on what the application requested.
+ */
+ new_flags &= ~PR_POLL_RW;
+ if (ss->handshaking == sslHandshakingAsClient) {
+ new_flags |= PR_POLL_WRITE;
+ } else { /* handshaking as server */
+ new_flags |= PR_POLL_READ;
+ }
+ } else
+ /* First handshake is in progress */
+ if (ss->lastWriteBlocked) {
+ if (new_flags & PR_POLL_READ) {
+ /* The caller is waiting for data to be received,
+ ** but the initial handshake is blocked on write, or the
+ ** client's first handshake record has not been written.
+ ** The code should select on write, not read.
+ */
+ new_flags ^= PR_POLL_READ; /* don't select on read. */
+ new_flags |= PR_POLL_WRITE; /* do select on write. */
+ }
+ } else if (new_flags & PR_POLL_WRITE) {
+ /* The caller is trying to write, but the handshake is
+ ** blocked waiting for data to read, and the first
+ ** handshake has been sent. So do NOT to poll on write
+ ** unless we did false start.
+ */
+ if (!ss->ssl3.hs.canFalseStart) {
+ new_flags ^= PR_POLL_WRITE; /* don't select on write. */
+ }
+ new_flags |= PR_POLL_READ; /* do select on read. */
+ }
+ }
+ } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
+ *p_out_flags = PR_POLL_READ; /* it's ready already. */
+ return new_flags;
+ } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) &&
+ (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */
+ new_flags |= PR_POLL_WRITE; /* also select on write. */
+ }
+
+ if (ss->ssl3.hs.restartTarget != NULL) {
+ /* Read and write will block until the asynchronous callback completes
+ * (e.g. until SSL_AuthCertificateComplete is called), so don't tell
+ * the caller to poll the socket unless there is pending write data.
+ */
+ if (ss->lastWriteBlocked && ss->pendingBuf.len != 0) {
+ /* Ignore any newly-received data on the socket, but do wait for
+ * the socket to become writable again. Here, it is OK for an error
+ * to be detected, because our logic for sending pending write data
+ * will allow us to report the error to the caller without the risk
+ * of the application spinning.
+ */
+ new_flags &= (PR_POLL_WRITE | PR_POLL_EXCEPT);
+ } else {
+ /* Unfortunately, clearing new_flags will make it impossible for
+ * the application to detect errors that it would otherwise be
+ * able to detect with PR_POLL_EXCEPT, until the asynchronous
+ * callback completes. However, we must clear all the flags to
+ * prevent the application from spinning (alternating between
+ * calling PR_Poll that would return PR_POLL_EXCEPT, and send/recv
+ * which won't actually report the I/O error while we are waiting
+ * for the asynchronous callback to complete).
+ */
+ new_flags = 0;
+ }
+ }
+
+ if (new_flags && (fd->lower->methods->poll != NULL)) {
+ PRInt16 lower_out_flags = 0;
+ PRInt16 lower_new_flags;
+ lower_new_flags = fd->lower->methods->poll(fd->lower, new_flags,
+ &lower_out_flags);
+ if ((lower_new_flags & lower_out_flags) && (how_flags != new_flags)) {
+ PRInt16 out_flags = lower_out_flags & ~PR_POLL_RW;
+ if (lower_out_flags & PR_POLL_READ)
+ out_flags |= PR_POLL_WRITE;
+ if (lower_out_flags & PR_POLL_WRITE)
+ out_flags |= PR_POLL_READ;
+ *p_out_flags = out_flags;
+ new_flags = how_flags;
+ } else {
+ *p_out_flags = lower_out_flags;
+ new_flags = lower_new_flags;
+ }
+ }
+
+ return new_flags;
+}
+
+static PRInt32 PR_CALLBACK
+ssl_TransmitFile(PRFileDesc *sd, PRFileDesc *fd,
+ const void *headers, PRInt32 hlen,
+ PRTransmitFileFlags flags, PRIntervalTime timeout)
+{
+ PRSendFileData sfd;
+
+ sfd.fd = fd;
+ sfd.file_offset = 0;
+ sfd.file_nbytes = 0;
+ sfd.header = headers;
+ sfd.hlen = hlen;
+ sfd.trailer = NULL;
+ sfd.tlen = 0;
+
+ return sd->methods->sendfile(sd, &sfd, flags, timeout);
+}
+
+PRBool
+ssl_FdIsBlocking(PRFileDesc *fd)
+{
+ PRSocketOptionData opt;
+ PRStatus status;
+
+ opt.option = PR_SockOpt_Nonblocking;
+ opt.value.non_blocking = PR_FALSE;
+ status = PR_GetSocketOption(fd, &opt);
+ if (status != PR_SUCCESS)
+ return PR_FALSE;
+ return (PRBool)!opt.value.non_blocking;
+}
+
+PRBool
+ssl_SocketIsBlocking(sslSocket *ss)
+{
+ return ssl_FdIsBlocking(ss->fd);
+}
+
+PRInt32 sslFirstBufSize = 8 * 1024;
+PRInt32 sslCopyLimit = 1024;
+
+static PRInt32 PR_CALLBACK
+ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors,
+ PRIntervalTime timeout)
+{
+ PRInt32 i;
+ PRInt32 bufLen;
+ PRInt32 left;
+ PRInt32 rv;
+ PRInt32 sent = 0;
+ const PRInt32 first_len = sslFirstBufSize;
+ const PRInt32 limit = sslCopyLimit;
+ PRBool blocking;
+ PRIOVec myIov;
+ char buf[MAX_FRAGMENT_LENGTH];
+
+ if (vectors < 0) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return -1;
+ }
+ if (vectors > PR_MAX_IOVECTOR_SIZE) {
+ PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
+ return -1;
+ }
+ for (i = 0; i < vectors; i++) {
+ if (iov[i].iov_len < 0) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return -1;
+ }
+ }
+ blocking = ssl_FdIsBlocking(fd);
+
+#define K16 sizeof(buf)
+#define KILL_VECTORS \
+ while (vectors && !iov->iov_len) { \
+ ++iov; \
+ --vectors; \
+ }
+#define GET_VECTOR \
+ do { \
+ myIov = *iov++; \
+ --vectors; \
+ KILL_VECTORS \
+ } while (0)
+#define HANDLE_ERR(rv, len) \
+ if (rv != len) { \
+ if (rv < 0) { \
+ if (!blocking && \
+ (PR_GetError() == PR_WOULD_BLOCK_ERROR) && \
+ (sent > 0)) { \
+ return sent; \
+ } else { \
+ return -1; \
+ } \
+ } \
+ /* Only a nonblocking socket can have partial sends */ \
+ PR_ASSERT(!blocking); \
+ return sent + rv; \
+ }
+#define SEND(bfr, len) \
+ do { \
+ rv = ssl_Send(fd, bfr, len, 0, timeout); \
+ HANDLE_ERR(rv, len) \
+ sent += len; \
+ } while (0)
+
+ /* Make sure the first write is at least 8 KB, if possible. */
+ KILL_VECTORS
+ if (!vectors)
+ return ssl_Send(fd, 0, 0, 0, timeout);
+ GET_VECTOR;
+ if (!vectors) {
+ return ssl_Send(fd, myIov.iov_base, myIov.iov_len, 0, timeout);
+ }
+ if (myIov.iov_len < first_len) {
+ PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
+ bufLen = myIov.iov_len;
+ left = first_len - bufLen;
+ while (vectors && left) {
+ int toCopy;
+ GET_VECTOR;
+ toCopy = PR_MIN(left, myIov.iov_len);
+ PORT_Memcpy(buf + bufLen, myIov.iov_base, toCopy);
+ bufLen += toCopy;
+ left -= toCopy;
+ myIov.iov_base += toCopy;
+ myIov.iov_len -= toCopy;
+ }
+ SEND(buf, bufLen);
+ }
+
+ while (vectors || myIov.iov_len) {
+ PRInt32 addLen;
+ if (!myIov.iov_len) {
+ GET_VECTOR;
+ }
+ while (myIov.iov_len >= K16) {
+ SEND(myIov.iov_base, K16);
+ myIov.iov_base += K16;
+ myIov.iov_len -= K16;
+ }
+ if (!myIov.iov_len)
+ continue;
+
+ if (!vectors || myIov.iov_len > limit) {
+ addLen = 0;
+ } else if ((addLen = iov->iov_len % K16) + myIov.iov_len <= limit) {
+ /* Addlen is already computed. */;
+ } else if (vectors > 1 &&
+ iov[1].iov_len % K16 + addLen + myIov.iov_len <= 2 * limit) {
+ addLen = limit - myIov.iov_len;
+ } else
+ addLen = 0;
+
+ if (!addLen) {
+ SEND(myIov.iov_base, myIov.iov_len);
+ myIov.iov_len = 0;
+ continue;
+ }
+ PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
+ bufLen = myIov.iov_len;
+ do {
+ GET_VECTOR;
+ PORT_Memcpy(buf + bufLen, myIov.iov_base, addLen);
+ myIov.iov_base += addLen;
+ myIov.iov_len -= addLen;
+ bufLen += addLen;
+
+ left = PR_MIN(limit, K16 - bufLen);
+ if (!vectors /* no more left */
+ || myIov.iov_len > 0 /* we didn't use that one all up */
+ || bufLen >= K16 /* it's full. */) {
+ addLen = 0;
+ } else if ((addLen = iov->iov_len % K16) <= left) {
+ /* Addlen is already computed. */;
+ } else if (vectors > 1 &&
+ iov[1].iov_len % K16 + addLen <= left + limit) {
+ addLen = left;
+ } else
+ addLen = 0;
+
+ } while (addLen);
+ SEND(buf, bufLen);
+ }
+ return sent;
+}
+
+/*
+ * These functions aren't implemented.
+ */
+
+static PRInt32 PR_CALLBACK
+ssl_Available(PRFileDesc *fd)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return SECFailure;
+}
+
+static PRInt64 PR_CALLBACK
+ssl_Available64(PRFileDesc *fd)
+{
+ PRInt64 res;
+
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ LL_I2L(res, -1L);
+ return res;
+}
+
+static PRStatus PR_CALLBACK
+ssl_FSync(PRFileDesc *fd)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return PR_FAILURE;
+}
+
+static PRInt32 PR_CALLBACK
+ssl_Seek(PRFileDesc *fd, PRInt32 offset, PRSeekWhence how)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return SECFailure;
+}
+
+static PRInt64 PR_CALLBACK
+ssl_Seek64(PRFileDesc *fd, PRInt64 offset, PRSeekWhence how)
+{
+ PRInt64 res;
+
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ LL_I2L(res, -1L);
+ return res;
+}
+
+static PRStatus PR_CALLBACK
+ssl_FileInfo(PRFileDesc *fd, PRFileInfo *info)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return PR_FAILURE;
+}
+
+static PRStatus PR_CALLBACK
+ssl_FileInfo64(PRFileDesc *fd, PRFileInfo64 *info)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return PR_FAILURE;
+}
+
+static PRInt32 PR_CALLBACK
+ssl_RecvFrom(PRFileDesc *fd, void *buf, PRInt32 amount, PRIntn flags,
+ PRNetAddr *addr, PRIntervalTime timeout)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return SECFailure;
+}
+
+static PRInt32 PR_CALLBACK
+ssl_SendTo(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags,
+ const PRNetAddr *addr, PRIntervalTime timeout)
+{
+ PORT_Assert(0);
+ PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
+ return SECFailure;
+}
+
+static const PRIOMethods ssl_methods = {
+ PR_DESC_LAYERED,
+ ssl_Close, /* close */
+ ssl_Read, /* read */
+ ssl_Write, /* write */
+ ssl_Available, /* available */
+ ssl_Available64, /* available64 */
+ ssl_FSync, /* fsync */
+ ssl_Seek, /* seek */
+ ssl_Seek64, /* seek64 */
+ ssl_FileInfo, /* fileInfo */
+ ssl_FileInfo64, /* fileInfo64 */
+ ssl_WriteV, /* writev */
+ ssl_Connect, /* connect */
+ ssl_Accept, /* accept */
+ ssl_Bind, /* bind */
+ ssl_Listen, /* listen */
+ ssl_Shutdown, /* shutdown */
+ ssl_Recv, /* recv */
+ ssl_Send, /* send */
+ ssl_RecvFrom, /* recvfrom */
+ ssl_SendTo, /* sendto */
+ ssl_Poll, /* poll */
+ PR_EmulateAcceptRead, /* acceptread */
+ ssl_TransmitFile, /* transmitfile */
+ ssl_GetSockName, /* getsockname */
+ ssl_GetPeerName, /* getpeername */
+ NULL, /* getsockopt OBSOLETE */
+ NULL, /* setsockopt OBSOLETE */
+ NULL, /* getsocketoption */
+ NULL, /* setsocketoption */
+ PR_EmulateSendFile, /* Send a (partial) file with header/trailer*/
+ NULL, /* reserved for future use */
+ NULL, /* reserved for future use */
+ NULL, /* reserved for future use */
+ NULL, /* reserved for future use */
+ NULL /* reserved for future use */
+};
+
+static PRIOMethods combined_methods;
+
+static void
+ssl_SetupIOMethods(void)
+{
+ PRIOMethods *new_methods = &combined_methods;
+ const PRIOMethods *nspr_methods = PR_GetDefaultIOMethods();
+ const PRIOMethods *my_methods = &ssl_methods;
+
+ *new_methods = *nspr_methods;
+
+ new_methods->file_type = my_methods->file_type;
+ new_methods->close = my_methods->close;
+ new_methods->read = my_methods->read;
+ new_methods->write = my_methods->write;
+ new_methods->available = my_methods->available;
+ new_methods->available64 = my_methods->available64;
+ new_methods->fsync = my_methods->fsync;
+ new_methods->seek = my_methods->seek;
+ new_methods->seek64 = my_methods->seek64;
+ new_methods->fileInfo = my_methods->fileInfo;
+ new_methods->fileInfo64 = my_methods->fileInfo64;
+ new_methods->writev = my_methods->writev;
+ new_methods->connect = my_methods->connect;
+ new_methods->accept = my_methods->accept;
+ new_methods->bind = my_methods->bind;
+ new_methods->listen = my_methods->listen;
+ new_methods->shutdown = my_methods->shutdown;
+ new_methods->recv = my_methods->recv;
+ new_methods->send = my_methods->send;
+ new_methods->recvfrom = my_methods->recvfrom;
+ new_methods->sendto = my_methods->sendto;
+ new_methods->poll = my_methods->poll;
+ new_methods->acceptread = my_methods->acceptread;
+ new_methods->transmitfile = my_methods->transmitfile;
+ new_methods->getsockname = my_methods->getsockname;
+ new_methods->getpeername = my_methods->getpeername;
+ /* new_methods->getsocketoption = my_methods->getsocketoption; */
+ /* new_methods->setsocketoption = my_methods->setsocketoption; */
+ new_methods->sendfile = my_methods->sendfile;
+}
+
+static PRCallOnceType initIoLayerOnce;
+
+static PRStatus
+ssl_InitIOLayer(void)
+{
+ ssl_layer_id = PR_GetUniqueIdentity("SSL");
+ ssl_SetupIOMethods();
+ ssl_inited = PR_TRUE;
+ return PR_SUCCESS;
+}
+
+static PRStatus
+ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, PRDescIdentity id)
+{
+ PRFileDesc *layer = NULL;
+ PRStatus status;
+
+ if (!ssl_inited) {
+ status = PR_CallOnce(&initIoLayerOnce, &ssl_InitIOLayer);
+ if (status != PR_SUCCESS)
+ goto loser;
+ }
+
+ if (ns == NULL)
+ goto loser;
+
+ layer = PR_CreateIOLayerStub(ssl_layer_id, &combined_methods);
+ if (layer == NULL)
+ goto loser;
+ layer->secret = (PRFilePrivate *)ns;
+
+ /* Here, "stack" points to the PRFileDesc on the top of the stack.
+ ** "layer" points to a new FD that is to be inserted into the stack.
+ ** If layer is being pushed onto the top of the stack, then
+ ** PR_PushIOLayer switches the contents of stack and layer, and then
+ ** puts stack on top of layer, so that after it is done, the top of
+ ** stack is the same "stack" as it was before, and layer is now the
+ ** FD for the former top of stack.
+ ** After this call, stack always points to the top PRFD on the stack.
+ ** If this function fails, the contents of stack and layer are as
+ ** they were before the call.
+ */
+ status = PR_PushIOLayer(stack, id, layer);
+ if (status != PR_SUCCESS)
+ goto loser;
+
+ ns->fd = (id == PR_TOP_IO_LAYER) ? stack : layer;
+ return PR_SUCCESS;
+
+loser:
+ if (layer) {
+ layer->dtor(layer); /* free layer */
+ }
+ return PR_FAILURE;
+}
+
+/* if this fails, caller must destroy socket. */
+static SECStatus
+ssl_MakeLocks(sslSocket *ss)
+{
+ ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL);
+ if (!ss->firstHandshakeLock)
+ goto loser;
+ ss->ssl3HandshakeLock = PZ_NewMonitor(nssILockSSL);
+ if (!ss->ssl3HandshakeLock)
+ goto loser;
+ ss->specLock = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
+ if (!ss->specLock)
+ goto loser;
+ ss->recvBufLock = PZ_NewMonitor(nssILockSSL);
+ if (!ss->recvBufLock)
+ goto loser;
+ ss->xmitBufLock = PZ_NewMonitor(nssILockSSL);
+ if (!ss->xmitBufLock)
+ goto loser;
+ ss->writerThread = NULL;
+ if (ssl_lock_readers) {
+ ss->recvLock = PZ_NewLock(nssILockSSL);
+ if (!ss->recvLock)
+ goto loser;
+ ss->sendLock = PZ_NewLock(nssILockSSL);
+ if (!ss->sendLock)
+ goto loser;
+ }
+ return SECSuccess;
+loser:
+ ssl_DestroyLocks(ss);
+ return SECFailure;
+}
+
+#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS)
+#define NSS_HAVE_GETENV 1
+#endif
+
+#define LOWER(x) (x | 0x20) /* cheap ToLower function ignores LOCALE */
+
+static void
+ssl_SetDefaultsFromEnvironment(void)
+{
+#if defined(NSS_HAVE_GETENV)
+ static int firsttime = 1;
+
+ if (firsttime) {
+ char *ev;
+ firsttime = 0;
+#ifdef DEBUG
+ ev = PR_GetEnvSecure("SSLDEBUGFILE");
+ if (ev && ev[0]) {
+ ssl_trace_iob = fopen(ev, "w");
+ }
+ if (!ssl_trace_iob) {
+ ssl_trace_iob = stderr;
+ }
+#ifdef TRACE
+ ev = PR_GetEnvSecure("SSLTRACE");
+ if (ev && ev[0]) {
+ ssl_trace = atoi(ev);
+ SSL_TRACE(("SSL: tracing set to %d", ssl_trace));
+ }
+#endif /* TRACE */
+ ev = PR_GetEnvSecure("SSLDEBUG");
+ if (ev && ev[0]) {
+ ssl_debug = atoi(ev);
+ SSL_TRACE(("SSL: debugging set to %d", ssl_debug));
+ }
+#endif /* DEBUG */
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
+ ev = PR_GetEnvSecure("SSLKEYLOGFILE");
+ if (ev && ev[0]) {
+ ssl_keylog_iob = fopen(ev, "a");
+ if (!ssl_keylog_iob) {
+ SSL_TRACE(("SSL: failed to open key log file"));
+ } else {
+ if (ftell(ssl_keylog_iob) == 0) {
+ fputs("# SSL/TLS secrets log file, generated by NSS\n",
+ ssl_keylog_iob);
+ }
+ SSL_TRACE(("SSL: logging SSL/TLS secrets to %s", ev));
+ }
+ }
+#endif
+ ev = PR_GetEnvSecure("SSLFORCELOCKS");
+ if (ev && ev[0] == '1') {
+ ssl_force_locks = PR_TRUE;
+ ssl_defaults.noLocks = 0;
+ strcpy(lockStatus + LOCKSTATUS_OFFSET, "FORCED. ");
+ SSL_TRACE(("SSL: force_locks set to %d", ssl_force_locks));
+ }
+ ev = PR_GetEnvSecure("NSS_SSL_ENABLE_RENEGOTIATION");
+ if (ev) {
+ if (ev[0] == '1' || LOWER(ev[0]) == 'u')
+ ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_UNRESTRICTED;
+ else if (ev[0] == '0' || LOWER(ev[0]) == 'n')
+ ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_NEVER;
+ else if (ev[0] == '2' || LOWER(ev[0]) == 'r')
+ ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN;
+ else if (ev[0] == '3' || LOWER(ev[0]) == 't')
+ ssl_defaults.enableRenegotiation = SSL_RENEGOTIATE_TRANSITIONAL;
+ SSL_TRACE(("SSL: enableRenegotiation set to %d",
+ ssl_defaults.enableRenegotiation));
+ }
+ ev = PR_GetEnvSecure("NSS_SSL_REQUIRE_SAFE_NEGOTIATION");
+ if (ev && ev[0] == '1') {
+ ssl_defaults.requireSafeNegotiation = PR_TRUE;
+ SSL_TRACE(("SSL: requireSafeNegotiation set to %d",
+ PR_TRUE));
+ }
+ ev = PR_GetEnvSecure("NSS_SSL_CBC_RANDOM_IV");
+ if (ev && ev[0] == '0') {
+ ssl_defaults.cbcRandomIV = PR_FALSE;
+ SSL_TRACE(("SSL: cbcRandomIV set to 0"));
+ }
+ }
+#endif /* NSS_HAVE_GETENV */
+}
+
+const sslNamedGroupDef *
+ssl_LookupNamedGroup(SSLNamedGroup group)
+{
+ unsigned int i;
+
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ssl_named_groups[i].name == group) {
+ return &ssl_named_groups[i];
+ }
+ }
+ return NULL;
+}
+
+PRBool
+ssl_NamedGroupEnabled(const sslSocket *ss, const sslNamedGroupDef *groupDef)
+{
+ unsigned int i;
+
+ if (!groupDef) {
+ return PR_FALSE;
+ }
+
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ if (ss->namedGroupPreferences[i] &&
+ ss->namedGroupPreferences[i] == groupDef) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+/* Returns a reference counted object that contains a key pair.
+ * Or NULL on failure. Initial ref count is 1.
+ * Uses the keys in the pair as input. Adopts the keys given.
+ */
+sslKeyPair *
+ssl_NewKeyPair(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey)
+{
+ sslKeyPair *pair;
+
+ if (!privKey || !pubKey) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return NULL;
+ }
+ pair = PORT_ZNew(sslKeyPair);
+ if (!pair)
+ return NULL; /* error code is set. */
+ pair->privKey = privKey;
+ pair->pubKey = pubKey;
+ pair->refCount = 1;
+ return pair; /* success */
+}
+
+sslKeyPair *
+ssl_GetKeyPairRef(sslKeyPair *keyPair)
+{
+ PR_ATOMIC_INCREMENT(&keyPair->refCount);
+ return keyPair;
+}
+
+void
+ssl_FreeKeyPair(sslKeyPair *keyPair)
+{
+ PRInt32 newCount = PR_ATOMIC_DECREMENT(&keyPair->refCount);
+ if (!newCount) {
+ SECKEY_DestroyPrivateKey(keyPair->privKey);
+ SECKEY_DestroyPublicKey(keyPair->pubKey);
+ PORT_Free(keyPair);
+ }
+}
+
+/* Ephemeral key handling. */
+sslEphemeralKeyPair *
+ssl_NewEphemeralKeyPair(const sslNamedGroupDef *group,
+ SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey)
+{
+ sslKeyPair *keys;
+ sslEphemeralKeyPair *pair;
+
+ if (!group) {
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
+ return NULL;
+ }
+
+ keys = ssl_NewKeyPair(privKey, pubKey);
+ if (!keys) {
+ return NULL;
+ }
+
+ pair = PORT_ZNew(sslEphemeralKeyPair);
+ if (!pair) {
+ ssl_FreeKeyPair(keys);
+ return NULL; /* error already set */
+ }
+
+ PR_INIT_CLIST(&pair->link);
+ pair->group = group;
+ pair->keys = keys;
+
+ return pair;
+}
+
+sslEphemeralKeyPair *
+ssl_CopyEphemeralKeyPair(sslEphemeralKeyPair *keyPair)
+{
+ sslEphemeralKeyPair *pair;
+
+ pair = PORT_ZNew(sslEphemeralKeyPair);
+ if (!pair) {
+ return NULL; /* error already set */
+ }
+
+ PR_INIT_CLIST(&pair->link);
+ pair->group = keyPair->group;
+ pair->keys = ssl_GetKeyPairRef(keyPair->keys);
+
+ return pair;
+}
+
+void
+ssl_FreeEphemeralKeyPair(sslEphemeralKeyPair *keyPair)
+{
+ ssl_FreeKeyPair(keyPair->keys);
+ PR_REMOVE_LINK(&keyPair->link);
+ PORT_Free(keyPair);
+}
+
+PRBool
+ssl_HaveEphemeralKeyPair(const sslSocket *ss, const sslNamedGroupDef *groupDef)
+{
+ return ssl_LookupEphemeralKeyPair((sslSocket *)ss, groupDef) != NULL;
+}
+
+sslEphemeralKeyPair *
+ssl_LookupEphemeralKeyPair(sslSocket *ss, const sslNamedGroupDef *groupDef)
+{
+ PRCList *cursor;
+ for (cursor = PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+ cursor != &ss->ephemeralKeyPairs;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslEphemeralKeyPair *keyPair = (sslEphemeralKeyPair *)cursor;
+ if (keyPair->group == groupDef) {
+ return keyPair;
+ }
+ }
+ return NULL;
+}
+
+void
+ssl_FreeEphemeralKeyPairs(sslSocket *ss)
+{
+ while (!PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs)) {
+ PRCList *cursor = PR_LIST_TAIL(&ss->ephemeralKeyPairs);
+ ssl_FreeEphemeralKeyPair((sslEphemeralKeyPair *)cursor);
+ }
+}
+
+/*
+** Create a newsocket structure for a file descriptor.
+*/
+static sslSocket *
+ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protocolVariant)
+{
+ SECStatus rv;
+ sslSocket *ss;
+ int i;
+
+ ssl_SetDefaultsFromEnvironment();
+
+ if (ssl_force_locks)
+ makeLocks = PR_TRUE;
+
+ /* Make a new socket and get it ready */
+ ss = (sslSocket *)PORT_ZAlloc(sizeof(sslSocket));
+ if (!ss) {
+ return NULL;
+ }
+ ss->opt = ssl_defaults;
+ if (protocolVariant == ssl_variant_datagram) {
+ ss->opt.enableRenegotiation = SSL_RENEGOTIATE_NEVER;
+ }
+ ss->opt.useSocks = PR_FALSE;
+ ss->opt.noLocks = !makeLocks;
+ ss->vrange = *VERSIONS_DEFAULTS(protocolVariant);
+ ss->protocolVariant = protocolVariant;
+
+ ss->peerID = NULL;
+ ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
+ ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
+ ss->cTimeout = PR_INTERVAL_NO_TIMEOUT;
+ ss->url = NULL;
+
+ PR_INIT_CLIST(&ss->serverCerts);
+ PR_INIT_CLIST(&ss->ephemeralKeyPairs);
+
+ ss->dbHandle = CERT_GetDefaultCertDB();
+
+ /* Provide default implementation of hooks */
+ ss->authCertificate = SSL_AuthCertificate;
+ ss->authCertificateArg = (void *)ss->dbHandle;
+ ss->sniSocketConfig = NULL;
+ ss->sniSocketConfigArg = NULL;
+ ss->getClientAuthData = NULL;
+ ss->handleBadCert = NULL;
+ ss->badCertArg = NULL;
+ ss->pkcs11PinArg = NULL;
+
+ ssl_ChooseOps(ss);
+ ssl3_InitSocketPolicy(ss);
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ ss->namedGroupPreferences[i] = &ssl_named_groups[i];
+ }
+ ss->additionalShares = 0;
+ PR_INIT_CLIST(&ss->ssl3.hs.remoteExtensions);
+ PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight);
+ PR_INIT_CLIST(&ss->ssl3.hs.cipherSpecs);
+ PR_INIT_CLIST(&ss->ssl3.hs.bufferedEarlyData);
+ ssl3_InitExtensionData(&ss->xtnData);
+ if (makeLocks) {
+ rv = ssl_MakeLocks(ss);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+ rv = ssl_CreateSecurityInfo(ss);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_InitGather(&ss->gs);
+ if (rv != SECSuccess)
+ goto loser;
+ return ss;
+
+loser:
+ ssl_DestroySocketContents(ss);
+ ssl_DestroyLocks(ss);
+ PORT_Free(ss);
+ return NULL;
+}
+
+/**
+ * DEPRECATED: Will always return false.
+ */
+SECStatus
+SSL_CanBypass(CERTCertificate *cert, SECKEYPrivateKey *srvPrivkey,
+ PRUint32 protocolmask, PRUint16 *ciphersuites, int nsuites,
+ PRBool *pcanbypass, void *pwArg)
+{
+ if (!pcanbypass) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ *pcanbypass = PR_FALSE;
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h
new file mode 100644
index 000000000..506b78d64
--- /dev/null
+++ b/security/nss/lib/ssl/sslt.h
@@ -0,0 +1,415 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file contains prototypes for the public SSL functions.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __sslt_h_
+#define __sslt_h_
+
+#include "prtypes.h"
+#include "secitem.h"
+#include "certt.h"
+
+typedef struct SSL3StatisticsStr {
+ /* statistics from ssl3_SendClientHello (sch) */
+ long sch_sid_cache_hits;
+ long sch_sid_cache_misses;
+ long sch_sid_cache_not_ok;
+
+ /* statistics from ssl3_HandleServerHello (hsh) */
+ long hsh_sid_cache_hits;
+ long hsh_sid_cache_misses;
+ long hsh_sid_cache_not_ok;
+
+ /* statistics from ssl3_HandleClientHello (hch) */
+ long hch_sid_cache_hits;
+ long hch_sid_cache_misses;
+ long hch_sid_cache_not_ok;
+
+ /* statistics related to stateless resume */
+ long sch_sid_stateless_resumes;
+ long hsh_sid_stateless_resumes;
+ long hch_sid_stateless_resumes;
+ long hch_sid_ticket_parse_failures;
+} SSL3Statistics;
+
+/* Key Exchange algorithm values */
+typedef enum {
+ ssl_kea_null = 0,
+ ssl_kea_rsa = 1,
+ ssl_kea_dh = 2,
+ ssl_kea_fortezza = 3, /* deprecated, now unused */
+ ssl_kea_ecdh = 4,
+ ssl_kea_ecdh_psk = 5,
+ ssl_kea_dh_psk = 6,
+ ssl_kea_tls13_any = 7,
+ ssl_kea_size /* number of ssl_kea_ algorithms */
+} SSLKEAType;
+
+/* The following defines are for backwards compatibility.
+** They will be removed in a forthcoming release to reduce namespace pollution.
+** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
+** soon.
+*/
+#define kt_null ssl_kea_null
+#define kt_rsa ssl_kea_rsa
+#define kt_dh ssl_kea_dh
+#define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */
+#define kt_ecdh ssl_kea_ecdh
+#define kt_kea_size ssl_kea_size
+
+/* Values of this enum match the SignatureAlgorithm enum from
+ * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
+typedef enum {
+ ssl_sign_null = 0, /* "anonymous" in TLS */
+ ssl_sign_rsa = 1,
+ ssl_sign_dsa = 2,
+ ssl_sign_ecdsa = 3
+} SSLSignType;
+
+/* Values of this enum match the HashAlgorithm enum from
+ * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
+typedef enum {
+ /* ssl_hash_none is used internally to mean the pre-1.2 combination of MD5
+ * and SHA1. The other values are only used in TLS 1.2. */
+ ssl_hash_none = 0,
+ ssl_hash_md5 = 1,
+ ssl_hash_sha1 = 2,
+ ssl_hash_sha224 = 3,
+ ssl_hash_sha256 = 4,
+ ssl_hash_sha384 = 5,
+ ssl_hash_sha512 = 6
+} SSLHashType;
+
+/* Deprecated */
+typedef struct SSLSignatureAndHashAlgStr {
+ SSLHashType hashAlg;
+ SSLSignType sigAlg;
+} SSLSignatureAndHashAlg;
+
+typedef enum {
+ ssl_sig_none = 0,
+ ssl_sig_rsa_pkcs1_sha1 = 0x0201,
+ ssl_sig_rsa_pkcs1_sha256 = 0x0401,
+ ssl_sig_rsa_pkcs1_sha384 = 0x0501,
+ ssl_sig_rsa_pkcs1_sha512 = 0x0601,
+ /* For ECDSA, the pairing of the hash with a specific curve is only enforced
+ * in TLS 1.3; in TLS 1.2 any curve can be used with each of these. */
+ ssl_sig_ecdsa_secp256r1_sha256 = 0x0403,
+ ssl_sig_ecdsa_secp384r1_sha384 = 0x0503,
+ ssl_sig_ecdsa_secp521r1_sha512 = 0x0603,
+ ssl_sig_rsa_pss_sha256 = 0x0804,
+ ssl_sig_rsa_pss_sha384 = 0x0805,
+ ssl_sig_rsa_pss_sha512 = 0x0806,
+ ssl_sig_ed25519 = 0x0807,
+ ssl_sig_ed448 = 0x0808,
+
+ ssl_sig_dsa_sha1 = 0x0202,
+ ssl_sig_dsa_sha256 = 0x0402,
+ ssl_sig_dsa_sha384 = 0x0502,
+ ssl_sig_dsa_sha512 = 0x0602,
+ ssl_sig_ecdsa_sha1 = 0x0203,
+
+ /* The following value (which can't be used in the protocol), represents
+ * the RSA signature using SHA-1 and MD5 that is used in TLS 1.0 and 1.1.
+ * This is reported as a signature scheme when TLS 1.0 or 1.1 is used.
+ * This should not be passed to SSL_SignatureSchemePrefSet(); this
+ * signature scheme is always used and cannot be disabled. */
+ ssl_sig_rsa_pkcs1_sha1md5 = 0x10101,
+} SSLSignatureScheme;
+
+/*
+** SSLAuthType describes the type of key that is used to authenticate a
+** connection. That is, the type of key in the end-entity certificate.
+*/
+typedef enum {
+ ssl_auth_null = 0,
+ ssl_auth_rsa_decrypt = 1, /* static RSA */
+ ssl_auth_dsa = 2,
+ ssl_auth_kea = 3, /* unused */
+ ssl_auth_ecdsa = 4,
+ ssl_auth_ecdh_rsa = 5, /* ECDH cert with an RSA signature */
+ ssl_auth_ecdh_ecdsa = 6, /* ECDH cert with an ECDSA signature */
+ ssl_auth_rsa_sign = 7, /* RSA PKCS#1.5 signing */
+ ssl_auth_rsa_pss = 8,
+ ssl_auth_psk = 9,
+ ssl_auth_tls13_any = 10,
+ ssl_auth_size /* number of authentication types */
+} SSLAuthType;
+
+/* This is defined for backward compatibility reasons */
+#define ssl_auth_rsa ssl_auth_rsa_decrypt
+
+typedef enum {
+ ssl_calg_null = 0,
+ ssl_calg_rc4 = 1,
+ ssl_calg_rc2 = 2,
+ ssl_calg_des = 3,
+ ssl_calg_3des = 4,
+ ssl_calg_idea = 5,
+ ssl_calg_fortezza = 6, /* deprecated, now unused */
+ ssl_calg_aes = 7,
+ ssl_calg_camellia = 8,
+ ssl_calg_seed = 9,
+ ssl_calg_aes_gcm = 10,
+ ssl_calg_chacha20 = 11
+} SSLCipherAlgorithm;
+
+typedef enum {
+ ssl_mac_null = 0,
+ ssl_mac_md5 = 1,
+ ssl_mac_sha = 2,
+ ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */
+ ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */
+ ssl_hmac_sha256 = 5,
+ ssl_mac_aead = 6,
+ ssl_hmac_sha384 = 7
+} SSLMACAlgorithm;
+
+typedef enum {
+ ssl_compression_null = 0,
+ ssl_compression_deflate = 1 /* RFC 3749 */
+} SSLCompressionMethod;
+
+typedef enum {
+ ssl_grp_ec_sect163k1 = 1,
+ ssl_grp_ec_sect163r1 = 2,
+ ssl_grp_ec_sect163r2 = 3,
+ ssl_grp_ec_sect193r1 = 4,
+ ssl_grp_ec_sect193r2 = 5,
+ ssl_grp_ec_sect233k1 = 6,
+ ssl_grp_ec_sect233r1 = 7,
+ ssl_grp_ec_sect239k1 = 8,
+ ssl_grp_ec_sect283k1 = 9,
+ ssl_grp_ec_sect283r1 = 10,
+ ssl_grp_ec_sect409k1 = 11,
+ ssl_grp_ec_sect409r1 = 12,
+ ssl_grp_ec_sect571k1 = 13,
+ ssl_grp_ec_sect571r1 = 14,
+ ssl_grp_ec_secp160k1 = 15,
+ ssl_grp_ec_secp160r1 = 16,
+ ssl_grp_ec_secp160r2 = 17,
+ ssl_grp_ec_secp192k1 = 18,
+ ssl_grp_ec_secp192r1 = 19,
+ ssl_grp_ec_secp224k1 = 20,
+ ssl_grp_ec_secp224r1 = 21,
+ ssl_grp_ec_secp256k1 = 22,
+ ssl_grp_ec_secp256r1 = 23,
+ ssl_grp_ec_secp384r1 = 24,
+ ssl_grp_ec_secp521r1 = 25,
+ ssl_grp_ec_curve25519 = 29, /* RFC4492 */
+ ssl_grp_ffdhe_2048 = 256, /* RFC7919 */
+ ssl_grp_ffdhe_3072 = 257,
+ ssl_grp_ffdhe_4096 = 258,
+ ssl_grp_ffdhe_6144 = 259,
+ ssl_grp_ffdhe_8192 = 260,
+ ssl_grp_none = 65537, /* special value */
+ ssl_grp_ffdhe_custom = 65538 /* special value */
+} SSLNamedGroup;
+
+typedef struct SSLExtraServerCertDataStr {
+ /* When this struct is passed to SSL_ConfigServerCert, and authType is set
+ * to a value other than ssl_auth_null, this limits the use of the key to
+ * the type defined; otherwise, the certificate is configured for all
+ * compatible types. */
+ SSLAuthType authType;
+ /* The remainder of the certificate chain. */
+ const CERTCertificateList* certChain;
+ /* A set of one or more stapled OCSP responses for the certificate. This is
+ * used to generate the OCSP stapling answer provided by the server. */
+ const SECItemArray* stapledOCSPResponses;
+ /* A serialized sign_certificate_timestamp extension, used to answer
+ * requests from clients for this data. */
+ const SECItem* signedCertTimestamps;
+} SSLExtraServerCertData;
+
+typedef struct SSLChannelInfoStr {
+ /* On return, SSL_GetChannelInfo sets |length| to the smaller of
+ * the |len| argument and the length of the struct used by NSS.
+ * Callers must ensure the application uses a version of NSS that
+ * isn't older than the version used at compile time. */
+ PRUint32 length;
+ PRUint16 protocolVersion;
+ PRUint16 cipherSuite;
+
+ /* server authentication info */
+ PRUint32 authKeyBits;
+
+ /* key exchange algorithm info */
+ PRUint32 keaKeyBits;
+
+ /* session info */
+ PRUint32 creationTime; /* seconds since Jan 1, 1970 */
+ PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
+ PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
+ PRUint32 sessionIDLength; /* up to 32 */
+ PRUint8 sessionID[32];
+
+ /* The following fields are added in NSS 3.12.5. */
+
+ /* compression method info */
+ const char* compressionMethodName;
+ SSLCompressionMethod compressionMethod;
+
+ /* The following fields are added in NSS 3.21.
+ * This field only has meaning in TLS < 1.3 and will be set to
+ * PR_FALSE in TLS 1.3.
+ */
+ PRBool extendedMasterSecretUsed;
+
+ /* The following fields were added in NSS 3.25.
+ * This field only has meaning in TLS >= 1.3, and indicates on the
+ * client side that the server accepted early (0-RTT) data.
+ */
+ PRBool earlyDataAccepted;
+
+ /* The following fields were added in NSS 3.28. */
+ /* These fields have the same meaning as in SSLCipherSuiteInfo. */
+ SSLKEAType keaType;
+ SSLNamedGroup keaGroup;
+ SSLCipherAlgorithm symCipher;
+ SSLMACAlgorithm macAlgorithm;
+ SSLAuthType authType;
+ SSLSignatureScheme signatureScheme;
+
+ /* When adding new fields to this structure, please document the
+ * NSS version in which they were added. */
+} SSLChannelInfo;
+
+/* Preliminary channel info */
+#define ssl_preinfo_version (1U << 0)
+#define ssl_preinfo_cipher_suite (1U << 1)
+#define ssl_preinfo_all (ssl_preinfo_version | ssl_preinfo_cipher_suite)
+
+typedef struct SSLPreliminaryChannelInfoStr {
+ /* On return, SSL_GetPreliminaryChannelInfo sets |length| to the smaller of
+ * the |len| argument and the length of the struct used by NSS.
+ * Callers must ensure the application uses a version of NSS that
+ * isn't older than the version used at compile time. */
+ PRUint32 length;
+ /* A bitfield over SSLPreliminaryValueSet that describes which
+ * preliminary values are set (see ssl_preinfo_*). */
+ PRUint32 valuesSet;
+ /* Protocol version: test (valuesSet & ssl_preinfo_version) */
+ PRUint16 protocolVersion;
+ /* Cipher suite: test (valuesSet & ssl_preinfo_cipher_suite) */
+ PRUint16 cipherSuite;
+
+ /* When adding new fields to this structure, please document the
+ * NSS version in which they were added. */
+} SSLPreliminaryChannelInfo;
+
+typedef struct SSLCipherSuiteInfoStr {
+ /* On return, SSL_GetCipherSuitelInfo sets |length| to the smaller of
+ * the |len| argument and the length of the struct used by NSS.
+ * Callers must ensure the application uses a version of NSS that
+ * isn't older than the version used at compile time. */
+ PRUint16 length;
+ PRUint16 cipherSuite;
+
+ /* Cipher Suite Name */
+ const char* cipherSuiteName;
+
+ /* server authentication info */
+ const char* authAlgorithmName;
+ SSLAuthType authAlgorithm; /* deprecated, use |authType| */
+
+ /* key exchange algorithm info */
+ const char* keaTypeName;
+ SSLKEAType keaType;
+
+ /* symmetric encryption info */
+ const char* symCipherName;
+ SSLCipherAlgorithm symCipher;
+ PRUint16 symKeyBits;
+ PRUint16 symKeySpace;
+ PRUint16 effectiveKeyBits;
+
+ /* MAC info */
+ /* AEAD ciphers don't have a MAC. For an AEAD cipher, macAlgorithmName
+ * is "AEAD", macAlgorithm is ssl_mac_aead, and macBits is the length in
+ * bits of the authentication tag. */
+ const char* macAlgorithmName;
+ SSLMACAlgorithm macAlgorithm;
+ PRUint16 macBits;
+
+ PRUintn isFIPS : 1;
+ PRUintn isExportable : 1; /* deprecated, don't use */
+ PRUintn nonStandard : 1;
+ PRUintn reservedBits : 29;
+
+ /* The following fields were added in NSS 3.24. */
+ /* This reports the correct authentication type for the cipher suite, use
+ * this instead of |authAlgorithm|. */
+ SSLAuthType authType;
+
+ /* When adding new fields to this structure, please document the
+ * NSS version in which they were added. */
+} SSLCipherSuiteInfo;
+
+typedef enum {
+ ssl_variant_stream = 0,
+ ssl_variant_datagram = 1
+} SSLProtocolVariant;
+
+typedef struct SSLVersionRangeStr {
+ PRUint16 min;
+ PRUint16 max;
+} SSLVersionRange;
+
+typedef enum {
+ SSL_sni_host_name = 0,
+ SSL_sni_type_total
+} SSLSniNameType;
+
+/* Supported extensions. */
+/* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */
+typedef enum {
+ ssl_server_name_xtn = 0,
+ ssl_cert_status_xtn = 5,
+ ssl_supported_groups_xtn = 10,
+ ssl_ec_point_formats_xtn = 11,
+ ssl_signature_algorithms_xtn = 13,
+ ssl_use_srtp_xtn = 14,
+ ssl_app_layer_protocol_xtn = 16,
+ /* signed_certificate_timestamp extension, RFC 6962 */
+ ssl_signed_cert_timestamp_xtn = 18,
+ ssl_padding_xtn = 21,
+ ssl_extended_master_secret_xtn = 23,
+ ssl_session_ticket_xtn = 35,
+ ssl_tls13_key_share_xtn = 40,
+ ssl_tls13_pre_shared_key_xtn = 41,
+ ssl_tls13_early_data_xtn = 42,
+ ssl_tls13_supported_versions_xtn = 43,
+ ssl_tls13_cookie_xtn = 44,
+ ssl_tls13_psk_key_exchange_modes_xtn = 45,
+ ssl_tls13_ticket_early_data_info_xtn = 46,
+ ssl_next_proto_nego_xtn = 13172,
+ ssl_renegotiation_info_xtn = 0xff01,
+ ssl_tls13_short_header_xtn = 0xff03
+} SSLExtensionType;
+
+/* This is the old name for the supported_groups extensions. */
+#define ssl_elliptic_curves_xtn ssl_supported_groups_xtn
+
+/* SSL_MAX_EXTENSIONS doesn't include ssl_padding_xtn. It includes the maximum
+ * number of extensions that are supported for any single message type. That
+ * is, a ClientHello; ServerHello and TLS 1.3 NewSessionTicket and
+ * HelloRetryRequest extensions are smaller. */
+#define SSL_MAX_EXTENSIONS 19
+
+/* Deprecated */
+typedef enum {
+ ssl_dhe_group_none = 0,
+ ssl_ff_dhe_2048_group = 1,
+ ssl_ff_dhe_3072_group = 2,
+ ssl_ff_dhe_4096_group = 3,
+ ssl_ff_dhe_6144_group = 4,
+ ssl_ff_dhe_8192_group = 5,
+ ssl_dhe_group_max
+} SSLDHEGroupType;
+
+#endif /* __sslt_h_ */
diff --git a/security/nss/lib/ssl/ssltrace.c b/security/nss/lib/ssl/ssltrace.c
new file mode 100644
index 000000000..b1fdde790
--- /dev/null
+++ b/security/nss/lib/ssl/ssltrace.c
@@ -0,0 +1,114 @@
+/*
+ * Functions to trace SSL protocol behavior in DEBUG builds.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include <stdarg.h>
+#include "cert.h"
+#include "pk11func.h"
+#include "ssl.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "prprf.h"
+
+#if defined(DEBUG) || defined(TRACE)
+static const char *hex = "0123456789abcdef";
+
+static const char printable[257] = {
+ "................" /* 0x */
+ "................" /* 1x */
+ " !\"#$%&'()*+,-./" /* 2x */
+ "0123456789:;<=>?" /* 3x */
+ "@ABCDEFGHIJKLMNO" /* 4x */
+ "PQRSTUVWXYZ[\\]^_" /* 5x */
+ "`abcdefghijklmno" /* 6x */
+ "pqrstuvwxyz{|}~." /* 7x */
+ "................" /* 8x */
+ "................" /* 9x */
+ "................" /* ax */
+ "................" /* bx */
+ "................" /* cx */
+ "................" /* dx */
+ "................" /* ex */
+ "................" /* fx */
+};
+
+void
+ssl_PrintBuf(const sslSocket *ss, const char *msg, const void *vp, int len)
+{
+ const unsigned char *cp = (const unsigned char *)vp;
+ char buf[80];
+ char *bp;
+ char *ap;
+
+ if (ss) {
+ SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,
+ msg, len));
+ } else {
+ SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));
+ }
+
+ if (!cp) {
+ SSL_TRACE((" <NULL>"));
+ return;
+ }
+
+ memset(buf, ' ', sizeof buf);
+ bp = buf;
+ ap = buf + 50;
+ while (--len >= 0) {
+ unsigned char ch = *cp++;
+ *bp++ = hex[(ch >> 4) & 0xf];
+ *bp++ = hex[ch & 0xf];
+ *bp++ = ' ';
+ *ap++ = printable[ch];
+ if (ap - buf >= 66) {
+ *ap = 0;
+ SSL_TRACE((" %s", buf));
+ memset(buf, ' ', sizeof buf);
+ bp = buf;
+ ap = buf + 50;
+ }
+ }
+ if (bp > buf) {
+ *ap = 0;
+ SSL_TRACE((" %s", buf));
+ }
+}
+
+void
+ssl_Trace(const char *format, ...)
+{
+ char buf[2000];
+ va_list args;
+
+ if (ssl_trace_iob) {
+ va_start(args, format);
+ PR_vsnprintf(buf, sizeof(buf), format, args);
+ va_end(args);
+
+ fputs(buf, ssl_trace_iob);
+ fputs("\n", ssl_trace_iob);
+ }
+}
+
+void
+ssl_PrintKey(const sslSocket *ss, const char *msg, PK11SymKey *key)
+{
+ SECStatus rv;
+ SECItem *rawkey;
+
+ rv = PK11_ExtractKeyValue(key);
+ if (rv != SECSuccess) {
+ ssl_Trace("Could not extract key for %s", msg);
+ return;
+ }
+ rawkey = PK11_GetKeyData(key);
+ if (!rawkey) {
+ ssl_Trace("Could not extract key for %s", msg);
+ return;
+ }
+ ssl_PrintBuf(ss, msg, rawkey->data, rawkey->len);
+}
+#endif
diff --git a/security/nss/lib/ssl/sslver.c b/security/nss/lib/ssl/sslver.c
new file mode 100644
index 000000000..666e25922
--- /dev/null
+++ b/security/nss/lib/ssl/sslver.c
@@ -0,0 +1,18 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Library identity and versioning */
+
+#include "nss.h"
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_ssl_version[] = "Version: NSS " NSS_VERSION _DEBUG_STRING;
diff --git a/security/nss/lib/ssl/tls13con.c b/security/nss/lib/ssl/tls13con.c
new file mode 100644
index 000000000..c6a584748
--- /dev/null
+++ b/security/nss/lib/ssl/tls13con.c
@@ -0,0 +1,4512 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * TLS 1.3 Protocol
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "stdarg.h"
+#include "cert.h"
+#include "ssl.h"
+#include "keyhi.h"
+#include "pk11func.h"
+#include "prerr.h"
+#include "secitem.h"
+#include "secmod.h"
+#include "sslimpl.h"
+#include "sslproto.h"
+#include "sslerr.h"
+#include "tls13hkdf.h"
+#include "tls13con.h"
+#include "tls13exthandle.h"
+
+typedef enum {
+ TrafficKeyEarlyApplicationData,
+ TrafficKeyHandshake,
+ TrafficKeyApplicationData
+} TrafficKeyType;
+
+typedef enum {
+ CipherSpecRead,
+ CipherSpecWrite,
+} CipherSpecDirection;
+
+static SECStatus tls13_SetCipherSpec(sslSocket *ss, TrafficKeyType type,
+ CipherSpecDirection install,
+ PRBool deleteSecret);
+static SECStatus tls13_AESGCM(
+ ssl3KeyMaterial *keys,
+ PRBool doDecrypt,
+ unsigned char *out, int *outlen, int maxout,
+ const unsigned char *in, int inlen,
+ const unsigned char *additionalData, int additionalDataLen);
+static SECStatus tls13_ChaCha20Poly1305(
+ ssl3KeyMaterial *keys,
+ PRBool doDecrypt,
+ unsigned char *out, int *outlen, int maxout,
+ const unsigned char *in, int inlen,
+ const unsigned char *additionalData, int additionalDataLen);
+static SECStatus tls13_SendServerHelloSequence(sslSocket *ss);
+static SECStatus tls13_SendEncryptedExtensions(sslSocket *ss);
+static void tls13_SetKeyExchangeType(sslSocket *ss, const sslNamedGroupDef *group);
+static SECStatus tls13_HandleClientKeyShare(sslSocket *ss,
+ TLS13KeyShareEntry *peerShare);
+static SECStatus tls13_SendHelloRetryRequest(sslSocket *ss,
+ const sslNamedGroupDef *selectedGroup);
+
+static SECStatus tls13_HandleServerKeyShare(sslSocket *ss);
+static SECStatus tls13_HandleEncryptedExtensions(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length);
+static SECStatus tls13_SendCertificate(sslSocket *ss);
+static SECStatus tls13_HandleCertificate(
+ sslSocket *ss, SSL3Opaque *b, PRUint32 length);
+static SECStatus tls13_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length);
+static SECStatus
+tls13_SendCertificateVerify(sslSocket *ss, SECKEYPrivateKey *privKey);
+static SECStatus tls13_HandleCertificateVerify(
+ sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ SSL3Hashes *hashes);
+static SECStatus tls13_RecoverWrappedSharedSecret(sslSocket *ss,
+ sslSessionID *sid);
+static SECStatus
+tls13_DeriveSecret(sslSocket *ss, PK11SymKey *key,
+ const char *prefix,
+ const char *suffix,
+ const SSL3Hashes *hashes,
+ PK11SymKey **dest);
+static void tls13_SetNullCipherSpec(sslSocket *ss, ssl3CipherSpec **specp);
+static SECStatus tls13_SendEndOfEarlyData(sslSocket *ss);
+static SECStatus tls13_SendFinished(sslSocket *ss, PK11SymKey *baseKey);
+static SECStatus tls13_ComputePskBinderHash(sslSocket *ss,
+ unsigned long prefixLength,
+ SSL3Hashes *hashes);
+static SECStatus tls13_VerifyFinished(sslSocket *ss, SSL3HandshakeType message,
+ PK11SymKey *secret,
+ SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes);
+static SECStatus tls13_ClientHandleFinished(sslSocket *ss,
+ SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes);
+static SECStatus tls13_ServerHandleFinished(sslSocket *ss,
+ SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes);
+static SECStatus tls13_HandleNewSessionTicket(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length);
+static SECStatus tls13_ComputeHandshakeHashes(sslSocket *ss,
+ SSL3Hashes *hashes);
+static SECStatus tls13_ComputeEarlySecrets(sslSocket *ss);
+static SECStatus tls13_ComputeHandshakeSecrets(sslSocket *ss);
+static SECStatus tls13_ComputeApplicationSecrets(sslSocket *ss);
+static SECStatus tls13_ComputeFinalSecrets(sslSocket *ss);
+static SECStatus tls13_ComputeFinished(
+ sslSocket *ss, PK11SymKey *baseKey, const SSL3Hashes *hashes,
+ PRBool sending, PRUint8 *output, unsigned int *outputLen,
+ unsigned int maxOutputLen);
+static SECStatus tls13_SendClientSecondRound(sslSocket *ss);
+static SECStatus tls13_FinishHandshake(sslSocket *ss);
+
+const char kHkdfLabelClient[] = "client";
+const char kHkdfLabelServer[] = "server";
+const char kHkdfLabelPskBinderKey[] = "resumption psk binder key";
+const char kHkdfLabelEarlyTrafficSecret[] = "early traffic secret";
+const char kHkdfLabelEarlyExporterSecret[] = "early exporter master secret";
+const char kHkdfLabelHandshakeTrafficSecret[] = "handshake traffic secret";
+const char kHkdfLabelApplicationTrafficSecret[] = "application traffic secret";
+const char kHkdfLabelFinishedSecret[] = "finished";
+const char kHkdfLabelResumptionMasterSecret[] = "resumption master secret";
+const char kHkdfLabelExporterMasterSecret[] = "exporter master secret";
+const char kHkdfPurposeKey[] = "key";
+const char kHkdfPurposeIv[] = "iv";
+
+#define TRAFFIC_SECRET(ss, dir, name) ((ss->sec.isServer ^ \
+ (dir == CipherSpecWrite)) \
+ ? ss->ssl3.hs.client##name \
+ : ss->ssl3.hs.server##name)
+
+const SSL3ProtocolVersion kTlsRecordVersion = SSL_LIBRARY_VERSION_TLS_1_0;
+const SSL3ProtocolVersion kDtlsRecordVersion = SSL_LIBRARY_VERSION_TLS_1_1;
+
+/* Belt and suspenders in case we ever add a TLS 1.4. */
+PR_STATIC_ASSERT(SSL_LIBRARY_VERSION_MAX_SUPPORTED <=
+ SSL_LIBRARY_VERSION_TLS_1_3);
+
+/* Use this instead of FATAL_ERROR when an alert isn't possible. */
+#define LOG_ERROR(ss, prError) \
+ do { \
+ SSL_TRC(3, ("%d: TLS13[%d]: fatal error %d in %s (%s:%d)", \
+ SSL_GETPID(), ss->fd, prError, __func__, __FILE__, __LINE__)); \
+ PORT_SetError(prError); \
+ } while (0)
+
+/* Log an error and generate an alert because something is irreparably wrong. */
+#define FATAL_ERROR(ss, prError, desc) \
+ do { \
+ LOG_ERROR(ss, prError); \
+ tls13_FatalError(ss, prError, desc); \
+ } while (0)
+
+void
+tls13_FatalError(sslSocket *ss, PRErrorCode prError, SSL3AlertDescription desc)
+{
+ PORT_Assert(desc != internal_error); /* These should never happen */
+ (void)SSL3_SendAlert(ss, alert_fatal, desc);
+ PORT_SetError(prError);
+}
+
+#ifdef TRACE
+#define STATE_CASE(a) \
+ case a: \
+ return #a
+static char *
+tls13_HandshakeState(SSL3WaitState st)
+{
+ switch (st) {
+ STATE_CASE(wait_client_hello);
+ STATE_CASE(wait_client_cert);
+ STATE_CASE(wait_cert_verify);
+ STATE_CASE(wait_finished);
+ STATE_CASE(wait_server_hello);
+ STATE_CASE(wait_server_cert);
+ STATE_CASE(wait_cert_request);
+ STATE_CASE(wait_encrypted_extensions);
+ STATE_CASE(idle_handshake);
+ default:
+ break;
+ }
+ PORT_Assert(0);
+ return "unknown";
+}
+#endif
+
+#define TLS13_WAIT_STATE_MASK 0x80
+
+#define TLS13_BASE_WAIT_STATE(ws) (ws & ~TLS13_WAIT_STATE_MASK)
+/* We don't mask idle_handshake because other parts of the code use it*/
+#define TLS13_WAIT_STATE(ws) (((ws == idle_handshake) || (ws == wait_server_hello)) ? ws : ws | TLS13_WAIT_STATE_MASK)
+#define TLS13_CHECK_HS_STATE(ss, err, ...) \
+ tls13_CheckHsState(ss, err, #err, __func__, __FILE__, __LINE__, \
+ __VA_ARGS__, \
+ wait_invalid)
+void
+tls13_SetHsState(sslSocket *ss, SSL3WaitState ws,
+ const char *func, const char *file, int line)
+{
+#ifdef TRACE
+ const char *new_state_name =
+ tls13_HandshakeState(ws);
+
+ SSL_TRC(3, ("%d: TLS13[%d]: %s state change from %s->%s in %s (%s:%d)",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss),
+ tls13_HandshakeState(TLS13_BASE_WAIT_STATE(ss->ssl3.hs.ws)),
+ new_state_name,
+ func, file, line));
+#endif
+
+ ss->ssl3.hs.ws = TLS13_WAIT_STATE(ws);
+}
+
+static PRBool
+tls13_InHsStateV(sslSocket *ss, va_list ap)
+{
+ SSL3WaitState ws;
+
+ while ((ws = va_arg(ap, SSL3WaitState)) != wait_invalid) {
+ if (TLS13_WAIT_STATE(ws) == ss->ssl3.hs.ws) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+PRBool
+tls13_InHsState(sslSocket *ss, ...)
+{
+ PRBool found;
+ va_list ap;
+
+ va_start(ap, ss);
+ found = tls13_InHsStateV(ss, ap);
+ va_end(ap);
+
+ return found;
+}
+
+static SECStatus
+tls13_CheckHsState(sslSocket *ss, int err, const char *error_name,
+ const char *func, const char *file, int line,
+ ...)
+{
+ va_list ap;
+ va_start(ap, line);
+ if (tls13_InHsStateV(ss, ap)) {
+ va_end(ap);
+ return SECSuccess;
+ }
+ va_end(ap);
+
+ SSL_TRC(3, ("%d: TLS13[%d]: error %s state is (%s) at %s (%s:%d)",
+ SSL_GETPID(), ss->fd,
+ error_name,
+ tls13_HandshakeState(TLS13_BASE_WAIT_STATE(ss->ssl3.hs.ws)),
+ func, file, line));
+ tls13_FatalError(ss, err, unexpected_message);
+ return SECFailure;
+}
+
+SSLHashType
+tls13_GetHashForCipherSuite(ssl3CipherSuite suite)
+{
+ const ssl3CipherSuiteDef *cipherDef =
+ ssl_LookupCipherSuiteDef(suite);
+ PORT_Assert(cipherDef);
+ if (!cipherDef) {
+ return ssl_hash_none;
+ }
+ return cipherDef->prf_hash;
+}
+
+SSLHashType
+tls13_GetHash(const sslSocket *ss)
+{
+ /* All TLS 1.3 cipher suites must have an explict PRF hash. */
+ PORT_Assert(ss->ssl3.hs.suite_def->prf_hash != ssl_hash_none);
+ return ss->ssl3.hs.suite_def->prf_hash;
+}
+
+unsigned int
+tls13_GetHashSizeForHash(SSLHashType hash)
+{
+ switch (hash) {
+ case ssl_hash_sha256:
+ return 32;
+ case ssl_hash_sha384:
+ return 48;
+ default:
+ PORT_Assert(0);
+ }
+ return 32;
+}
+
+unsigned int
+tls13_GetHashSize(const sslSocket *ss)
+{
+ return tls13_GetHashSizeForHash(tls13_GetHash(ss));
+}
+
+static CK_MECHANISM_TYPE
+tls13_GetHkdfMechanismForHash(SSLHashType hash)
+{
+ switch (hash) {
+ case ssl_hash_sha256:
+ return CKM_NSS_HKDF_SHA256;
+ case ssl_hash_sha384:
+ return CKM_NSS_HKDF_SHA384;
+ default:
+ PORT_Assert(0);
+ }
+ return CKM_NSS_HKDF_SHA256;
+}
+
+CK_MECHANISM_TYPE
+tls13_GetHkdfMechanism(sslSocket *ss)
+{
+ return tls13_GetHkdfMechanismForHash(tls13_GetHash(ss));
+}
+
+static CK_MECHANISM_TYPE
+tls13_GetHmacMechanism(sslSocket *ss)
+{
+ switch (tls13_GetHash(ss)) {
+ case ssl_hash_sha256:
+ return CKM_SHA256_HMAC;
+ case ssl_hash_sha384:
+ return CKM_SHA384_HMAC;
+ default:
+ PORT_Assert(0);
+ }
+ return CKM_SHA256_HMAC;
+}
+
+SECStatus
+tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef)
+{
+ SECStatus rv;
+ sslEphemeralKeyPair *keyPair = NULL;
+ const ssl3DHParams *params;
+
+ PORT_Assert(groupDef);
+ switch (groupDef->keaType) {
+ case ssl_kea_ecdh:
+ rv = ssl_CreateECDHEphemeralKeyPair(ss, groupDef, &keyPair);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ break;
+ case ssl_kea_dh:
+ params = ssl_GetDHEParams(groupDef);
+ PORT_Assert(params->name != ssl_grp_ffdhe_custom);
+ rv = ssl_CreateDHEKeyPair(groupDef, params, &keyPair);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ break;
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
+ return rv;
+}
+
+SECStatus
+SSL_SendAdditionalKeyShares(PRFileDesc *fd, unsigned int count)
+{
+ sslSocket *ss = ssl_FindSocket(fd);
+ if (!ss) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ss->additionalShares = count;
+ return SECSuccess;
+}
+
+/*
+ * Generate shares for ECDHE and FFDHE. This picks the first enabled group of
+ * the requisite type and creates a share for that.
+ *
+ * Called from ssl3_SendClientHello.
+ */
+SECStatus
+tls13_SetupClientHello(sslSocket *ss)
+{
+ unsigned int i;
+ SSL3Statistics *ssl3stats = SSL_GetStatistics();
+ NewSessionTicket *session_ticket = NULL;
+ sslSessionID *sid = ss->sec.ci.sid;
+ unsigned int numShares = 0;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+
+ /* Select the first enabled group.
+ * TODO(ekr@rtfm.com): be smarter about offering the group
+ * that the other side negotiated if we are resuming. */
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ SECStatus rv;
+ if (!ss->namedGroupPreferences[i]) {
+ continue;
+ }
+ rv = tls13_CreateKeyShare(ss, ss->namedGroupPreferences[i]);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ if (++numShares > ss->additionalShares) {
+ break;
+ }
+ }
+
+ if (PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs)) {
+ PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);
+ return SECFailure;
+ }
+
+ /* Below here checks if we can do stateless resumption. */
+ if (sid->cached == never_cached ||
+ sid->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ /* The caller must be holding sid->u.ssl3.lock for reading. */
+ session_ticket = &sid->u.ssl3.locked.sessionTicket;
+ PORT_Assert(session_ticket && session_ticket->ticket.data);
+
+ if (session_ticket->ticket_lifetime_hint == 0 ||
+ (session_ticket->ticket_lifetime_hint +
+ session_ticket->received_timestamp >
+ ssl_Time())) {
+ ss->statelessResume = PR_TRUE;
+ }
+
+ if (ss->statelessResume) {
+ SECStatus rv;
+
+ PORT_Assert(ss->sec.ci.sid);
+ rv = tls13_RecoverWrappedSharedSecret(ss, ss->sec.ci.sid);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ SSL_AtomicIncrementLong(&ssl3stats->sch_sid_cache_not_ok);
+ ss->sec.uncache(ss->sec.ci.sid);
+ ssl_FreeSID(ss->sec.ci.sid);
+ ss->sec.ci.sid = NULL;
+ return SECFailure;
+ }
+
+ rv = ssl3_SetCipherSuite(ss, ss->sec.ci.sid->u.ssl3.cipherSuite, PR_FALSE);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, PORT_GetError(), internal_error);
+ return SECFailure;
+ }
+
+ rv = tls13_ComputeEarlySecrets(ss);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ImportDHEKeyShare(sslSocket *ss, SECKEYPublicKey *peerKey,
+ SSL3Opaque *b, PRUint32 length,
+ SECKEYPublicKey *pubKey)
+{
+ SECStatus rv;
+ SECItem publicValue = { siBuffer, NULL, 0 };
+
+ publicValue.data = b;
+ publicValue.len = length;
+ if (!ssl_IsValidDHEShare(&pubKey->u.dh.prime, &publicValue)) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_DHE_KEY_SHARE);
+ return SECFailure;
+ }
+
+ peerKey->keyType = dhKey;
+ rv = SECITEM_CopyItem(peerKey->arena, &peerKey->u.dh.prime,
+ &pubKey->u.dh.prime);
+ if (rv != SECSuccess)
+ return SECFailure;
+ rv = SECITEM_CopyItem(peerKey->arena, &peerKey->u.dh.base,
+ &pubKey->u.dh.base);
+ if (rv != SECSuccess)
+ return SECFailure;
+ rv = SECITEM_CopyItem(peerKey->arena, &peerKey->u.dh.publicValue,
+ &publicValue);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_HandleKeyShare(sslSocket *ss,
+ TLS13KeyShareEntry *entry,
+ sslKeyPair *keyPair)
+{
+ PORTCheapArenaPool arena;
+ SECKEYPublicKey *peerKey;
+ CK_MECHANISM_TYPE mechanism;
+ PRErrorCode errorCode;
+ SECStatus rv;
+
+ PORT_InitCheapArena(&arena, DER_DEFAULT_CHUNKSIZE);
+ peerKey = PORT_ArenaZNew(&arena.arena, SECKEYPublicKey);
+ if (peerKey == NULL) {
+ goto loser;
+ }
+ peerKey->arena = &arena.arena;
+ peerKey->pkcs11Slot = NULL;
+ peerKey->pkcs11ID = CK_INVALID_HANDLE;
+
+ switch (entry->group->keaType) {
+ case ssl_kea_ecdh:
+ rv = ssl_ImportECDHKeyShare(ss, peerKey,
+ entry->key_exchange.data,
+ entry->key_exchange.len,
+ entry->group);
+ mechanism = CKM_ECDH1_DERIVE;
+ break;
+ case ssl_kea_dh:
+ rv = tls13_ImportDHEKeyShare(ss, peerKey,
+ entry->key_exchange.data,
+ entry->key_exchange.len,
+ keyPair->pubKey);
+ mechanism = CKM_DH_PKCS_DERIVE;
+ break;
+ default:
+ PORT_Assert(0);
+ goto loser;
+ }
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ ss->ssl3.hs.dheSecret = PK11_PubDeriveWithKDF(
+ keyPair->privKey, peerKey, PR_FALSE, NULL, NULL, mechanism,
+ tls13_GetHkdfMechanism(ss), CKA_DERIVE, 0, CKD_NULL, NULL, NULL);
+ if (!ss->ssl3.hs.dheSecret) {
+ ssl_MapLowLevelError(SSL_ERROR_KEY_EXCHANGE_FAILURE);
+ goto loser;
+ }
+ PORT_DestroyCheapArena(&arena);
+ return SECSuccess;
+
+loser:
+ PORT_DestroyCheapArena(&arena);
+ errorCode = PORT_GetError(); /* don't overwrite the error code */
+ tls13_FatalError(ss, errorCode, illegal_parameter);
+ return SECFailure;
+}
+
+SECStatus
+tls13_HandlePostHelloHandshakeMessage(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length, SSL3Hashes *hashesPtr)
+{
+ if (ss->sec.isServer && ss->ssl3.hs.zeroRttIgnore != ssl_0rtt_ignore_none) {
+ SSL_TRC(3, ("%d: TLS13[%d]: %s successfully decrypted handshake after"
+ "failed 0-RTT",
+ SSL_GETPID(), ss->fd));
+ ss->ssl3.hs.zeroRttIgnore = ssl_0rtt_ignore_none;
+ }
+
+ /* TODO(ekr@rtfm.com): Would it be better to check all the states here? */
+ switch (ss->ssl3.hs.msg_type) {
+ case certificate:
+ return tls13_HandleCertificate(ss, b, length);
+
+ case certificate_request:
+ return tls13_HandleCertificateRequest(ss, b, length);
+
+ case certificate_verify:
+ if (!hashesPtr) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY, unexpected_message);
+ return SECFailure;
+ }
+ return tls13_HandleCertificateVerify(ss, b, length, hashesPtr);
+
+ case encrypted_extensions:
+ return tls13_HandleEncryptedExtensions(ss, b, length);
+
+ case new_session_ticket:
+ return tls13_HandleNewSessionTicket(ss, b, length);
+
+ case finished:
+ if (!hashesPtr) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_UNEXPECTED_FINISHED, unexpected_message);
+ return SECFailure;
+ }
+ if (ss->sec.isServer) {
+ return tls13_ServerHandleFinished(ss, b, length, hashesPtr);
+ } else {
+ return tls13_ClientHandleFinished(ss, b, length, hashesPtr);
+ }
+
+ default:
+ FATAL_ERROR(ss, SSL_ERROR_RX_UNKNOWN_HANDSHAKE, unexpected_message);
+ return SECFailure;
+ }
+
+ PORT_Assert(0); /* Unreached */
+ return SECFailure;
+}
+
+static SECStatus
+tls13_RecoverWrappedSharedSecret(sslSocket *ss, sslSessionID *sid)
+{
+ PK11SymKey *wrapKey; /* wrapping key */
+ SECItem wrappedMS = { siBuffer, NULL, 0 };
+ SSLHashType hashType;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: recovering static secret (%s)",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss)));
+ if (!sid->u.ssl3.keys.msIsWrapped) {
+ PORT_Assert(0); /* I think this can't happen. */
+ return SECFailure;
+ }
+
+ /* Now find the hash used as the PRF for the previous handshake. */
+ hashType = tls13_GetHashForCipherSuite(sid->u.ssl3.cipherSuite);
+
+ /* If we are the server, we compute the wrapping key, but if we
+ * are the client, it's coordinates are stored with the ticket. */
+ if (ss->sec.isServer) {
+ const sslServerCert *serverCert;
+
+ serverCert = ssl_FindServerCert(ss, &sid->certType);
+ PORT_Assert(serverCert);
+ wrapKey = ssl3_GetWrappingKey(ss, NULL, serverCert,
+ sid->u.ssl3.masterWrapMech,
+ ss->pkcs11PinArg);
+ } else {
+ PK11SlotInfo *slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
+ sid->u.ssl3.masterSlotID);
+ if (!slot)
+ return SECFailure;
+
+ wrapKey = PK11_GetWrapKey(slot,
+ sid->u.ssl3.masterWrapIndex,
+ sid->u.ssl3.masterWrapMech,
+ sid->u.ssl3.masterWrapSeries,
+ ss->pkcs11PinArg);
+ PK11_FreeSlot(slot);
+ }
+ if (!wrapKey) {
+ return SECFailure;
+ }
+
+ wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
+ wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
+
+ /* unwrap the "master secret" which is actually RMS. */
+ ss->ssl3.hs.resumptionMasterSecret = PK11_UnwrapSymKeyWithFlags(
+ wrapKey, sid->u.ssl3.masterWrapMech,
+ NULL, &wrappedMS,
+ CKM_SSL3_MASTER_KEY_DERIVE,
+ CKA_DERIVE,
+ tls13_GetHashSizeForHash(hashType),
+ CKF_SIGN | CKF_VERIFY);
+ PK11_FreeSymKey(wrapKey);
+ if (!ss->ssl3.hs.resumptionMasterSecret) {
+ return SECFailure;
+ }
+
+ PRINT_KEY(50, (ss, "Recovered RMS", ss->ssl3.hs.resumptionMasterSecret));
+
+ return SECSuccess;
+}
+
+/* Key Derivation Functions.
+ *
+ * Below is the key schedule from [draft-ietf-tls-tls13].
+ *
+ * * The relevant functions from this file are indicated by tls13_Foo().
+ * 0
+ * |
+ * v
+ * PSK -> HKDF-Extract
+ * |
+ * v
+ * Early Secret ---> Derive-Secret(., "client early traffic secret",
+ * | ClientHello)
+ * | = client_early_traffic_secret
+ * v
+ * (EC)DHE -> HKDF-Extract
+ * |
+ * v
+ * Handshake Secret
+ * |
+ * +---------> Derive-Secret(., "client handshake traffic secret",
+ * | ClientHello...ServerHello)
+ * | = client_handshake_traffic_secret
+ * |
+ * +---------> Derive-Secret(., "server handshake traffic secret",
+ * | ClientHello...ServerHello)
+ * | = server_handshake_traffic_secret
+ * |
+ * v
+ * 0 -> HKDF-Extract
+ * |
+ * v
+ * Master Secret
+ * |
+ * +---------> Derive-Secret(., "client application traffic secret",
+ * | ClientHello...Server Finished)
+ * | = client_traffic_secret_0
+ * |
+ * +---------> Derive-Secret(., "server application traffic secret",
+ * | ClientHello...Server Finished)
+ * | = server_traffic_secret_0
+ * |
+ * +---------> Derive-Secret(., "exporter master secret",
+ * | ClientHello...Client Finished)
+ * | = exporter_secret
+ * |
+ * +---------> Derive-Secret(., "resumption master secret",
+ * ClientHello...Client Finished)
+ * = resumption_secret
+ *
+ */
+
+static SECStatus
+tls13_ComputeEarlySecrets(sslSocket *ss)
+{
+ SECStatus rv = SECSuccess;
+
+ SSL_TRC(5, ("%d: TLS13[%d]: compute early secrets (%s)",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss)));
+
+ /* Extract off the resumptionMasterSecret (if present), else pass the NULL
+ * resumptionMasterSecret which will be internally translated to zeroes. */
+ PORT_Assert(!ss->ssl3.hs.currentSecret);
+ rv = tls13_HkdfExtract(NULL, ss->ssl3.hs.resumptionMasterSecret,
+ tls13_GetHash(ss), &ss->ssl3.hs.currentSecret);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ PORT_Assert(ss->statelessResume == (ss->ssl3.hs.resumptionMasterSecret != NULL));
+ if (ss->statelessResume) {
+ PRUint8 buf[1] = { 0 };
+ SSL3Hashes hashes;
+
+ PK11_FreeSymKey(ss->ssl3.hs.resumptionMasterSecret);
+ ss->ssl3.hs.resumptionMasterSecret = NULL;
+
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(tls13_GetHash(ss)),
+ hashes.u.raw, buf, 0);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+ hashes.len = tls13_GetHashSize(ss);
+
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ NULL, kHkdfLabelPskBinderKey, &hashes,
+ &ss->ssl3.hs.pskBinderKey);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ NULL, kHkdfLabelEarlyExporterSecret,
+ &hashes, &ss->ssl3.hs.earlyExporterSecret);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ } else {
+ PORT_Assert(!ss->ssl3.hs.resumptionMasterSecret);
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ComputeHandshakeSecrets(sslSocket *ss)
+{
+ SECStatus rv;
+ PK11SymKey *newSecret = NULL;
+
+ SSL_TRC(5, ("%d: TLS13[%d]: compute handshake secrets (%s)",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss)));
+
+ /* First update |currentSecret| to add |dheSecret|, if any. */
+ PORT_Assert(ss->ssl3.hs.currentSecret);
+ PORT_Assert(ss->ssl3.hs.dheSecret);
+ rv = tls13_HkdfExtract(ss->ssl3.hs.currentSecret, ss->ssl3.hs.dheSecret,
+ tls13_GetHash(ss), &newSecret);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return rv;
+ }
+ PK11_FreeSymKey(ss->ssl3.hs.dheSecret);
+ ss->ssl3.hs.dheSecret = NULL;
+ PK11_FreeSymKey(ss->ssl3.hs.currentSecret);
+ ss->ssl3.hs.currentSecret = newSecret;
+
+ /* Now compute |*HsTrafficSecret| */
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ kHkdfLabelClient,
+ kHkdfLabelHandshakeTrafficSecret, NULL,
+ &ss->ssl3.hs.clientHsTrafficSecret);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return rv;
+ }
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ kHkdfLabelServer,
+ kHkdfLabelHandshakeTrafficSecret, NULL,
+ &ss->ssl3.hs.serverHsTrafficSecret);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return rv;
+ }
+
+ SSL_TRC(5, ("%d: TLS13[%d]: compute master secret (%s)",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss)));
+
+ /* Crank HKDF forward to make master secret, which we
+ * stuff in current secret. */
+ rv = tls13_HkdfExtract(ss->ssl3.hs.currentSecret,
+ NULL,
+ tls13_GetHash(ss),
+ &newSecret);
+
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ PK11_FreeSymKey(ss->ssl3.hs.currentSecret);
+ ss->ssl3.hs.currentSecret = newSecret;
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ComputeApplicationSecrets(sslSocket *ss)
+{
+ SECStatus rv;
+
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ kHkdfLabelClient,
+ kHkdfLabelApplicationTrafficSecret,
+ NULL,
+ &ss->ssl3.hs.clientTrafficSecret);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ kHkdfLabelServer,
+ kHkdfLabelApplicationTrafficSecret,
+ NULL,
+ &ss->ssl3.hs.serverTrafficSecret);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ NULL, kHkdfLabelExporterMasterSecret,
+ NULL, &ss->ssl3.hs.exporterSecret);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ComputeFinalSecrets(sslSocket *ss)
+{
+ SECStatus rv;
+ PK11SymKey *resumptionMasterSecret = NULL;
+
+ PORT_Assert(!ss->ssl3.crSpec->master_secret);
+ PORT_Assert(!ss->ssl3.cwSpec->master_secret);
+
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ NULL, kHkdfLabelResumptionMasterSecret,
+ NULL, &resumptionMasterSecret);
+ PK11_FreeSymKey(ss->ssl3.hs.currentSecret);
+ ss->ssl3.hs.currentSecret = NULL;
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* This is pretty gross. TLS 1.3 uses a number of master secrets:
+ * The master secret to generate the keys and then the resumption
+ * master secret for future connections. To make this work without
+ * refactoring too much of the SSLv3 code, we store the RMS in
+ * |crSpec->master_secret| and |cwSpec->master_secret|.
+ */
+ ss->ssl3.crSpec->master_secret = resumptionMasterSecret;
+ ss->ssl3.cwSpec->master_secret =
+ PK11_ReferenceSymKey(ss->ssl3.crSpec->master_secret);
+
+ return SECSuccess;
+}
+
+static void
+tls13_RestoreCipherInfo(sslSocket *ss, sslSessionID *sid)
+{
+ /* Set these to match the cached value.
+ * TODO(ekr@rtfm.com): Make a version with the "true" values.
+ * Bug 1256137.
+ */
+ ss->sec.authType = sid->authType;
+ ss->sec.authKeyBits = sid->authKeyBits;
+}
+
+/* Check whether resumption-PSK is allowed. */
+static PRBool
+tls13_CanResume(sslSocket *ss, const sslSessionID *sid)
+{
+ const sslServerCert *sc;
+
+ if (!sid) {
+ return PR_FALSE;
+ }
+
+ if (sid->version != ss->version) {
+ return PR_FALSE;
+ }
+
+ if (tls13_GetHashForCipherSuite(sid->u.ssl3.cipherSuite) != tls13_GetHashForCipherSuite(ss->ssl3.hs.cipher_suite)) {
+ return PR_FALSE;
+ }
+
+ /* Server sids don't remember the server cert we previously sent, but they
+ * do remember the type of certificate we originally used, so we can locate
+ * it again, provided that the current ssl socket has had its server certs
+ * configured the same as the previous one. */
+ sc = ssl_FindServerCert(ss, &sid->certType);
+ if (!sc || !sc->serverCert) {
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
+static PRBool
+tls13_AlpnTagAllowed(const sslSocket *ss, const SECItem *tag)
+{
+ const unsigned char *data = ss->opt.nextProtoNego.data;
+ unsigned int length = ss->opt.nextProtoNego.len;
+ unsigned int offset = 0;
+
+ if (!tag->len)
+ return PR_TRUE;
+
+ while (offset < length) {
+ unsigned int taglen = (unsigned int)data[offset];
+ if ((taglen == tag->len) &&
+ !PORT_Memcmp(data + offset + 1, tag->data, tag->len))
+ return PR_TRUE;
+ offset += 1 + taglen;
+ }
+
+ return PR_FALSE;
+}
+
+static PRBool
+tls13_CanNegotiateZeroRtt(sslSocket *ss, const sslSessionID *sid)
+{
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_sent);
+
+ if (!sid)
+ return PR_FALSE;
+ PORT_Assert(ss->statelessResume);
+ if (!ss->statelessResume)
+ return PR_FALSE;
+ if (ss->ssl3.hs.cipher_suite != sid->u.ssl3.cipherSuite)
+ return PR_FALSE;
+ if (!ss->opt.enable0RttData)
+ return PR_FALSE;
+ if (!(sid->u.ssl3.locked.sessionTicket.flags & ticket_allow_early_data))
+ return PR_FALSE;
+ if (SECITEM_CompareItem(&ss->xtnData.nextProto,
+ &sid->u.ssl3.alpnSelection) != 0)
+ return PR_FALSE;
+
+ return PR_TRUE;
+}
+
+/* Called from tls13_HandleClientHelloPart2 to update the state of 0-RTT handling.
+ *
+ * 0-RTT is only permitted if:
+ * 1. The early data extension was present.
+ * 2. We are resuming a session.
+ * 3. The 0-RTT option is set.
+ * 4. The ticket allowed 0-RTT.
+ * 5. We negotiated the same ALPN value as in the ticket.
+ */
+static void
+tls13_NegotiateZeroRtt(sslSocket *ss, const sslSessionID *sid)
+{
+ SSL_TRC(3, ("%d: TLS13[%d]: negotiate 0-RTT %p",
+ SSL_GETPID(), ss->fd, sid));
+
+ /* tls13_ServerHandleEarlyDataXtn sets this to ssl_0rtt_sent, so this will
+ * be ssl_0rtt_none unless early_data is present. */
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_none) {
+ return;
+ }
+
+ /* If we rejected 0-RTT on the first ClientHello, then we can just say that
+ * there is no 0-RTT for the second. We shouldn't get any more. Reset the
+ * ignore state so that we treat decryption failure normally. */
+ if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr) {
+ PORT_Assert(ss->ssl3.hs.helloRetry);
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_none;
+ ss->ssl3.hs.zeroRttIgnore = ssl_0rtt_ignore_none;
+ return;
+ }
+
+ if (!tls13_CanNegotiateZeroRtt(ss, sid)) {
+ SSL_TRC(3, ("%d: TLS13[%d]: ignore 0-RTT",
+ SSL_GETPID(), ss->fd));
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_ignored;
+ ss->ssl3.hs.zeroRttIgnore = ssl_0rtt_ignore_trial;
+ return;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: enable 0-RTT",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->statelessResume);
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_accepted;
+ ss->ssl3.hs.zeroRttIgnore = ssl_0rtt_ignore_none;
+}
+
+/* Check if the offered group is acceptable. */
+static PRBool
+tls13_isGroupAcceptable(const sslNamedGroupDef *offered,
+ const sslNamedGroupDef *preferredGroup)
+{
+ /* We accept epsilon (e) bits around the offered group size. */
+ const unsigned int e = 2;
+
+ PORT_Assert(offered);
+ PORT_Assert(preferredGroup);
+
+ if (offered->bits >= preferredGroup->bits - e &&
+ offered->bits <= preferredGroup->bits + e) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
+
+/* Find remote key share for given group and return it.
+ * Returns NULL if no key share is found. */
+static TLS13KeyShareEntry *
+tls13_FindKeyShareEntry(sslSocket *ss, const sslNamedGroupDef *group)
+{
+ PRCList *cur_p = PR_NEXT_LINK(&ss->xtnData.remoteKeyShares);
+ while (cur_p != &ss->xtnData.remoteKeyShares) {
+ TLS13KeyShareEntry *offer = (TLS13KeyShareEntry *)cur_p;
+ if (offer->group == group) {
+ return offer;
+ }
+ cur_p = PR_NEXT_LINK(cur_p);
+ }
+ return NULL;
+}
+
+static SECStatus
+tls13_NegotiateKeyExchange(sslSocket *ss, TLS13KeyShareEntry **clientShare)
+{
+ unsigned int index;
+ TLS13KeyShareEntry *entry = NULL;
+ const sslNamedGroupDef *preferredGroup = NULL;
+
+ /* We insist on DHE. */
+ if (ss->statelessResume) {
+ if (!ssl3_ExtensionNegotiated(ss, ssl_tls13_psk_key_exchange_modes_xtn)) {
+ FATAL_ERROR(ss, SSL_ERROR_MISSING_PSK_KEY_EXCHANGE_MODES,
+ missing_extension);
+ return SECFailure;
+ }
+ if (!memchr(ss->xtnData.psk_ke_modes.data, tls13_psk_dh_ke,
+ ss->xtnData.psk_ke_modes.len)) {
+ SSL_TRC(3, ("%d: TLS13[%d]: client offered PSK without DH",
+ SSL_GETPID(), ss->fd));
+ ss->statelessResume = PR_FALSE;
+ }
+ }
+
+ /* Now figure out which key share we like the best out of the
+ * mutually supported groups, regardless of what the client offered
+ * for key shares.
+ */
+ if (!ssl3_ExtensionNegotiated(ss, ssl_supported_groups_xtn)) {
+ FATAL_ERROR(ss, SSL_ERROR_MISSING_SUPPORTED_GROUPS_EXTENSION,
+ missing_extension);
+ return SECFailure;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: selected KE = %s",
+ SSL_GETPID(), ss->fd, ss->statelessResume ? "PSK + (EC)DHE" : "(EC)DHE"));
+
+ /* Find the preferred group and an according client key share available. */
+ for (index = 0; index < SSL_NAMED_GROUP_COUNT; ++index) {
+ /* Continue to the next group if this one is not enabled. */
+ if (!ss->namedGroupPreferences[index]) {
+ /* There's a gap in the preferred groups list. Assume this is a group
+ * that's not supported by the client but preferred by the server. */
+ if (preferredGroup) {
+ entry = NULL;
+ break;
+ }
+ continue;
+ }
+
+ /* Check if the client sent a key share for this group. */
+ entry = tls13_FindKeyShareEntry(ss, ss->namedGroupPreferences[index]);
+
+ if (preferredGroup) {
+ /* We already found our preferred group but the group didn't have a share. */
+ if (entry) {
+ /* The client sent a key share with group ss->namedGroupPreferences[index] */
+ if (tls13_isGroupAcceptable(ss->namedGroupPreferences[index],
+ preferredGroup)) {
+ /* This is not the preferred group, but it's acceptable */
+ preferredGroup = ss->namedGroupPreferences[index];
+ } else {
+ /* The proposed group is not acceptable. */
+ entry = NULL;
+ }
+ }
+ break;
+ } else {
+ /* The first enabled group is the preferred group. */
+ preferredGroup = ss->namedGroupPreferences[index];
+ if (entry) {
+ break;
+ }
+ }
+ }
+
+ if (!preferredGroup) {
+ FATAL_ERROR(ss, SSL_ERROR_NO_CYPHER_OVERLAP, handshake_failure);
+ return SECFailure;
+ }
+ SSL_TRC(3, ("%d: TLS13[%d]: group = %d", SSL_GETPID(), ss->fd,
+ preferredGroup->name));
+
+ if (!entry) {
+ return tls13_SendHelloRetryRequest(ss, preferredGroup);
+ }
+
+ PORT_Assert(preferredGroup == entry->group);
+ *clientShare = entry;
+
+ return SECSuccess;
+}
+
+SECStatus
+tls13_SelectServerCert(sslSocket *ss)
+{
+ PRCList *cursor;
+ SECStatus rv;
+
+ if (!ssl3_ExtensionNegotiated(ss, ssl_signature_algorithms_xtn)) {
+ FATAL_ERROR(ss, SSL_ERROR_MISSING_SIGNATURE_ALGORITHMS_EXTENSION,
+ missing_extension);
+ return SECFailure;
+ }
+
+ /* This picks the first certificate that has:
+ * a) the right authentication method, and
+ * b) the right named curve (EC only)
+ *
+ * We might want to do some sort of ranking here later. For now, it's all
+ * based on what order they are configured in. */
+ for (cursor = PR_NEXT_LINK(&ss->serverCerts);
+ cursor != &ss->serverCerts;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslServerCert *cert = (sslServerCert *)cursor;
+
+ if (cert->certType.authType == ssl_auth_rsa_pss ||
+ cert->certType.authType == ssl_auth_rsa_decrypt) {
+ continue;
+ }
+
+ rv = ssl_PickSignatureScheme(ss,
+ cert->serverKeyPair->pubKey,
+ cert->serverKeyPair->privKey,
+ ss->xtnData.clientSigSchemes,
+ ss->xtnData.numClientSigScheme,
+ PR_FALSE);
+ if (rv == SECSuccess) {
+ /* Found one. */
+ ss->sec.serverCert = cert;
+ ss->sec.authType = cert->certType.authType;
+ ss->ssl3.hs.kea_def_mutable.authKeyType = cert->certType.authType;
+ ss->sec.authKeyBits = cert->serverKeyBits;
+ return SECSuccess;
+ }
+ }
+
+ FATAL_ERROR(ss, SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM,
+ handshake_failure);
+ return SECFailure;
+}
+
+static SECStatus
+tls13_NegotiateAuthentication(sslSocket *ss)
+{
+ SECStatus rv;
+
+ if (ss->statelessResume) {
+ SSL_TRC(3, ("%d: TLS13[%d]: selected PSK authentication",
+ SSL_GETPID(), ss->fd));
+ ss->ssl3.hs.signatureScheme = ssl_sig_none;
+ ss->ssl3.hs.kea_def_mutable.authKeyType = ssl_auth_psk;
+ return SECSuccess;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: selected certificate authentication",
+ SSL_GETPID(), ss->fd));
+ /* We've now established that we need to sign.... */
+ rv = tls13_SelectServerCert(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ ss->ssl3.hs.kea_def_mutable.authKeyType =
+ ss->sec.serverCert->certType.authType;
+ return SECSuccess;
+}
+
+/* Called from ssl3_HandleClientHello after we have parsed the
+ * ClientHello and are sure that we are going to do TLS 1.3
+ * or fail. */
+SECStatus
+tls13_HandleClientHelloPart2(sslSocket *ss,
+ const SECItem *suites,
+ sslSessionID *sid)
+{
+ SECStatus rv;
+ SSL3Statistics *ssl3stats = SSL_GetStatistics();
+ TLS13KeyShareEntry *clientShare = NULL;
+ int j;
+ ssl3CipherSuite previousCipherSuite;
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_tls13_early_data_xtn)) {
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_sent;
+
+ if (IS_DTLS(ss)) {
+ /* Save the null spec, which we should be currently reading. We will
+ * use this when 0-RTT sending is over. */
+ ssl_GetSpecReadLock(ss);
+ ss->ssl3.hs.nullSpec = ss->ssl3.crSpec;
+ tls13_CipherSpecAddRef(ss->ssl3.hs.nullSpec);
+ PORT_Assert(ss->ssl3.hs.nullSpec->cipher_def->cipher == cipher_null);
+ ssl_ReleaseSpecReadLock(ss);
+ }
+ }
+
+#ifndef PARANOID
+ /* Look for a matching cipher suite. */
+ j = ssl3_config_match_init(ss);
+ if (j <= 0) { /* no ciphers are working/supported by PK11 */
+ FATAL_ERROR(ss, PORT_GetError(), internal_error);
+ goto loser;
+ }
+#endif
+
+ previousCipherSuite = ss->ssl3.hs.cipher_suite;
+ rv = ssl3_NegotiateCipherSuite(ss, suites, PR_FALSE);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_NO_CYPHER_OVERLAP, handshake_failure);
+ goto loser;
+ }
+ /* If we are going around again, then we should make sure that the cipher
+ * suite selection doesn't change. That's a sign of client shennanigans. */
+ if (ss->ssl3.hs.helloRetry &&
+ ss->ssl3.hs.cipher_suite != previousCipherSuite) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CLIENT_HELLO, handshake_failure);
+ goto loser;
+ }
+
+ /* Now create a synthetic kea_def that we can tweak. */
+ ss->ssl3.hs.kea_def_mutable = *ss->ssl3.hs.kea_def;
+ ss->ssl3.hs.kea_def = &ss->ssl3.hs.kea_def_mutable;
+
+ /* Note: We call this quite a bit earlier than with TLS 1.2 and
+ * before. */
+ rv = ssl3_ServerCallSNICallback(ss);
+ if (rv != SECSuccess) {
+ goto loser; /* An alert has already been sent. */
+ }
+
+ /* Check if we could in principle resume. */
+ if (ss->statelessResume) {
+ PORT_Assert(sid);
+ if (!sid) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+ if (!tls13_CanResume(ss, sid)) {
+ ss->statelessResume = PR_FALSE;
+ }
+ }
+
+ /* Select key exchange. */
+ rv = tls13_NegotiateKeyExchange(ss, &clientShare);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* If we didn't find a client key share, we have to retry. */
+ if (!clientShare) {
+ if (sid) { /* Free the sid. */
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ }
+ PORT_Assert(ss->ssl3.hs.helloRetry);
+ return SECSuccess;
+ }
+
+ /* Select the authentication (this is also handshake shape). */
+ rv = tls13_NegotiateAuthentication(ss);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (ss->statelessResume) {
+ /* We are now committed to trying to resume. */
+ PORT_Assert(sid);
+
+ /* Check that the negotiated SNI and the cached SNI match. */
+ if (SECITEM_CompareItem(&sid->u.ssl3.srvName,
+ &ss->ssl3.hs.srvVirtName) != SECEqual) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CLIENT_HELLO,
+ handshake_failure);
+ goto loser;
+ }
+
+ rv = tls13_RecoverWrappedSharedSecret(ss, sid);
+ if (rv != SECSuccess) {
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_cache_not_ok);
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+ tls13_RestoreCipherInfo(ss, sid);
+
+ ss->sec.serverCert = ssl_FindServerCert(ss, &sid->certType);
+ PORT_Assert(ss->sec.serverCert);
+ ss->sec.localCert = CERT_DupCertificate(ss->sec.serverCert->serverCert);
+ if (sid->peerCert != NULL) {
+ ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
+ }
+ ssl3_RegisterExtensionSender(
+ ss, &ss->xtnData,
+ ssl_tls13_pre_shared_key_xtn, tls13_ServerSendPreSharedKeyXtn);
+
+ tls13_NegotiateZeroRtt(ss, sid);
+ } else {
+ if (sid) { /* we had a sid, but it's no longer valid, free it */
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_cache_not_ok);
+ if (ss->sec.uncache)
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ sid = NULL;
+ }
+ tls13_NegotiateZeroRtt(ss, NULL);
+ }
+
+ /* Need to compute early secrets. */
+ rv = tls13_ComputeEarlySecrets(ss);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ /* Now that we have the binder key check the binder. */
+ if (ss->statelessResume) {
+ SSL3Hashes hashes;
+
+ rv = tls13_ComputePskBinderHash(ss, ss->xtnData.pskBinderPrefixLen,
+ &hashes);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+
+ rv = tls13_VerifyFinished(ss, client_hello,
+ ss->ssl3.hs.pskBinderKey,
+ ss->xtnData.pskBinder.data,
+ ss->xtnData.pskBinder.len,
+ &hashes);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* This needs to go after we verify the psk binder. */
+ rv = ssl3_InitHandshakeHashes(ss);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* If this is TLS 1.3 we are expecting a ClientKeyShare
+ * extension. Missing/absent extension cause failure
+ * below. */
+ rv = tls13_HandleClientKeyShare(ss, clientShare);
+ if (rv != SECSuccess) {
+ goto loser; /* An alert was sent already. */
+ }
+
+ /* From this point we are either committed to resumption, or not. */
+ if (ss->statelessResume) {
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_cache_hits);
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_stateless_resumes);
+ } else {
+ if (sid) {
+ /* We had a sid, but it's no longer valid, free it. */
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_cache_not_ok);
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ } else {
+ SSL_AtomicIncrementLong(&ssl3stats->hch_sid_cache_misses);
+ }
+
+ sid = ssl3_NewSessionID(ss, PR_TRUE);
+ if (!sid) {
+ FATAL_ERROR(ss, PORT_GetError(), internal_error);
+ return SECFailure;
+ }
+ }
+ /* Take ownership of the session. */
+ ss->sec.ci.sid = sid;
+ sid = NULL;
+
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) {
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ kHkdfLabelClient,
+ kHkdfLabelEarlyTrafficSecret,
+ NULL, /* Current running hash. */
+ &ss->ssl3.hs.clientEarlyTrafficSecret);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+ }
+
+ ssl_GetXmitBufLock(ss);
+ rv = tls13_SendServerHelloSequence(ss);
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, PORT_GetError(), handshake_failure);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+
+loser:
+ if (sid) {
+ ss->sec.uncache(sid);
+ ssl_FreeSID(sid);
+ }
+ return SECFailure;
+}
+
+static SECStatus
+tls13_SendHelloRetryRequest(sslSocket *ss, const sslNamedGroupDef *selectedGroup)
+{
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send hello retry request handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ /* We asked already, but made no progress. */
+ if (ss->ssl3.hs.helloRetry) {
+ FATAL_ERROR(ss, SSL_ERROR_BAD_2ND_CLIENT_HELLO, illegal_parameter);
+ return SECFailure;
+ }
+
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_AppendHandshakeHeader(ss, hello_retry_request,
+ 2 + /* version */
+ 2 + /* extension length */
+ 2 + /* group extension id */
+ 2 + /* group extension length */
+ 2 /* group */);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+
+ rv = ssl3_AppendHandshakeNumber(
+ ss, tls13_EncodeDraftVersion(ss->version), 2);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+
+ /* Length of extensions. */
+ rv = ssl3_AppendHandshakeNumber(ss, 2 + 2 + 2, 2);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+
+ /* Key share extension - currently the only reason we send this. */
+ rv = ssl3_AppendHandshakeNumber(ss, ssl_tls13_key_share_xtn, 2);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+ /* Key share extension length. */
+ rv = ssl3_AppendHandshakeNumber(ss, 2, 2);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, selectedGroup->name, 2);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ goto loser;
+ }
+
+ rv = ssl3_FlushHandshake(ss, 0);
+ if (rv != SECSuccess) {
+ goto loser; /* error code set by ssl3_FlushHandshake */
+ }
+ ssl_ReleaseXmitBufLock(ss);
+
+ ss->ssl3.hs.helloRetry = PR_TRUE;
+
+ /* We received early data but have to ignore it because we sent a retry. */
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent) {
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_ignored;
+ ss->ssl3.hs.zeroRttIgnore = ssl_0rtt_ignore_hrr;
+ }
+
+ return SECSuccess;
+
+loser:
+ ssl_ReleaseXmitBufLock(ss);
+ return SECFailure;
+}
+
+/* Called from tls13_HandleClientHello.
+ *
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+
+static SECStatus
+tls13_HandleClientKeyShare(sslSocket *ss, TLS13KeyShareEntry *peerShare)
+{
+ SECStatus rv;
+ sslEphemeralKeyPair *keyPair; /* ours */
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle client_key_share handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(peerShare);
+
+ tls13_SetKeyExchangeType(ss, peerShare->group);
+
+ /* Generate our key */
+ rv = tls13_CreateKeyShare(ss, peerShare->group);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ /* We should have exactly one key share. */
+ PORT_Assert(!PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+ PORT_Assert(PR_PREV_LINK(&ss->ephemeralKeyPairs) ==
+ PR_NEXT_LINK(&ss->ephemeralKeyPairs));
+
+ keyPair = ((sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs));
+ ss->sec.keaKeyBits = SECKEY_PublicKeyStrengthInBits(keyPair->keys->pubKey);
+
+ /* Register the sender */
+ rv = ssl3_RegisterExtensionSender(ss, &ss->xtnData, ssl_tls13_key_share_xtn,
+ tls13_ServerSendKeyShareXtn);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code set already. */
+ }
+
+ rv = tls13_HandleKeyShare(ss, peerShare, keyPair->keys);
+ return rv; /* Error code set already. */
+}
+
+/*
+ * [draft-ietf-tls-tls13-11] Section 6.3.3.2
+ *
+ * opaque DistinguishedName<1..2^16-1>;
+ *
+ * struct {
+ * opaque certificate_extension_oid<1..2^8-1>;
+ * opaque certificate_extension_values<0..2^16-1>;
+ * } CertificateExtension;
+ *
+ * struct {
+ * opaque certificate_request_context<0..2^8-1>;
+ * SignatureAndHashAlgorithm
+ * supported_signature_algorithms<2..2^16-2>;
+ * DistinguishedName certificate_authorities<0..2^16-1>;
+ * CertificateExtension certificate_extensions<0..2^16-1>;
+ * } CertificateRequest;
+ */
+static SECStatus
+tls13_SendCertificateRequest(sslSocket *ss)
+{
+ SECStatus rv;
+ int calen;
+ SECItem *names;
+ int nnames;
+ SECItem *name;
+ int i;
+ PRUint8 sigSchemes[MAX_SIGNATURE_SCHEMES * 2];
+ unsigned int sigSchemesLength = 0;
+ int length;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: begin send certificate_request",
+ SSL_GETPID(), ss->fd));
+
+ rv = ssl3_EncodeSigAlgs(ss, sigSchemes, sizeof(sigSchemes),
+ &sigSchemesLength);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ ssl3_GetCertificateRequestCAs(ss, &calen, &names, &nnames);
+ length = 1 + 0 /* length byte for empty request context */ +
+ 2 + sigSchemesLength + 2 + calen + 2;
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 1);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_AppendHandshakeVariable(ss, sigSchemes, sigSchemesLength, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, calen, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ for (i = 0, name = names; i < nnames; i++, name++) {
+ rv = ssl3_AppendHandshakeVariable(ss, name->data, name->len, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess) {
+ return rv; /* err set by AppendHandshake. */
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+tls13_HandleHelloRetryRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ PRInt32 tmp;
+ SSL3ProtocolVersion version;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle hello retry request",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_UNEXPECTED_HELLO_RETRY_REQUEST,
+ unexpected_message);
+ return SECFailure;
+ }
+
+ /* Client only. */
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_HELLO_RETRY_REQUEST,
+ wait_server_hello);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Fool me once, shame on you; fool me twice... */
+ if (ss->ssl3.hs.helloRetry) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_UNEXPECTED_HELLO_RETRY_REQUEST,
+ unexpected_message);
+ return SECFailure;
+ }
+
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent) {
+ /* Oh well, back to the start. */
+ tls13_SetNullCipherSpec(ss, &ss->ssl3.cwSpec);
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_ignored;
+ } else {
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_none);
+ }
+
+ /* Version. */
+ rv = ssl_ClientReadVersion(ss, &b, &length, &version);
+ if (rv != SECSuccess) {
+ return SECFailure; /* alert already sent */
+ }
+ if (version > ss->vrange.max || version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST,
+ protocol_version);
+ return SECFailure;
+ }
+
+ /* Extensions. */
+ tmp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
+ if (tmp < 0) {
+ return SECFailure; /* error code already set */
+ }
+ /* Extensions must be non-empty and use the remainder of the message.
+ * This means that a HelloRetryRequest cannot be a no-op: we must have an
+ * extension, it must be one that we understand and recognize as being valid
+ * for HelloRetryRequest, and all the extensions we permit cause us to
+ * modify our ClientHello in some way. */
+ if (!tmp || tmp != length) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST,
+ decode_error);
+ return SECFailure;
+ }
+
+ rv = ssl3_HandleExtensions(ss, &b, &length, hello_retry_request);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code set below */
+ }
+
+ ss->ssl3.hs.helloRetry = PR_TRUE;
+
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_SendClientHello(ss, client_hello_retry);
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ TLS13CertificateRequest *certRequest = NULL;
+ SECItem context = { siBuffer, NULL, 0 };
+ PLArenaPool *arena;
+ PRInt32 extensionsLength;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle certificate_request sequence",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ /* Client */
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST,
+ wait_cert_request);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ PORT_Assert(ss->ssl3.clientCertChain == NULL);
+ PORT_Assert(ss->ssl3.clientCertificate == NULL);
+ PORT_Assert(ss->ssl3.clientPrivateKey == NULL);
+ PORT_Assert(ss->ssl3.hs.certificateRequest == NULL);
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &context, 1, &b, &length);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* We don't support post-handshake client auth, the certificate request
+ * context must always be null. */
+ if (context.len > 0) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERT_REQUEST, illegal_parameter);
+ goto loser;
+ }
+
+ certRequest = PORT_ArenaZNew(arena, TLS13CertificateRequest);
+ if (!certRequest)
+ goto loser;
+ certRequest->arena = arena;
+ certRequest->ca_list.arena = arena;
+
+ rv = ssl_ParseSignatureSchemes(ss, arena,
+ &certRequest->signatureSchemes,
+ &certRequest->signatureSchemeCount,
+ &b, &length);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERT_REQUEST,
+ decode_error);
+ goto loser;
+ }
+
+ rv = ssl3_ParseCertificateRequestCAs(ss, &b, &length, arena,
+ &certRequest->ca_list);
+ if (rv != SECSuccess)
+ goto loser; /* alert already sent */
+
+ /* Verify that the extensions length is correct. */
+ extensionsLength = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
+ if (extensionsLength < 0) {
+ goto loser; /* alert already sent */
+ }
+ if (extensionsLength != length) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERT_REQUEST,
+ illegal_parameter);
+ goto loser;
+ }
+
+ rv = SECITEM_CopyItem(arena, &certRequest->context, &context);
+ if (rv != SECSuccess)
+ goto loser;
+
+ TLS13_SET_HS_STATE(ss, wait_server_cert);
+ ss->ssl3.hs.certificateRequest = certRequest;
+
+ return SECSuccess;
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ return SECFailure;
+}
+
+static SECStatus
+tls13_SendEncryptedServerSequence(sslSocket *ss)
+{
+ SECStatus rv;
+
+ rv = tls13_ComputeHandshakeSecrets(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyHandshake,
+ CipherSpecWrite, PR_FALSE);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ ss->ssl3.hs.shortHeaders = ssl3_ExtensionNegotiated(
+ ss, ssl_tls13_short_header_xtn);
+
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) {
+ rv = ssl3_RegisterExtensionSender(ss, &ss->xtnData, ssl_tls13_early_data_xtn,
+ tls13_ServerSendEarlyDataXtn);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code set already. */
+ }
+ }
+
+ rv = tls13_SendEncryptedExtensions(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+
+ if (ss->opt.requestCertificate) {
+ rv = tls13_SendCertificateRequest(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+ }
+ if (ss->ssl3.hs.signatureScheme != ssl_sig_none) {
+ SECKEYPrivateKey *svrPrivKey;
+
+ rv = tls13_SendCertificate(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+
+ svrPrivKey = ss->sec.serverCert->serverKeyPair->privKey;
+ rv = tls13_SendCertificateVerify(ss, svrPrivKey);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err code is set. */
+ }
+ }
+
+ rv = tls13_SendFinished(ss, ss->ssl3.hs.serverHsTrafficSecret);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+
+ return SECSuccess;
+}
+
+/* Called from: ssl3_HandleClientHello */
+static SECStatus
+tls13_SendServerHelloSequence(sslSocket *ss)
+{
+ SECStatus rv;
+ PRErrorCode err = 0;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: begin send server_hello sequence",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ rv = ssl3_SendServerHello(ss);
+ if (rv != SECSuccess) {
+ return rv; /* err code is set. */
+ }
+
+ rv = tls13_SendEncryptedServerSequence(ss);
+ if (rv != SECSuccess) {
+ err = PORT_GetError();
+ }
+ /* Even if we get an error, since the ServerHello was successfully
+ * serialized, we should give it a chance to reach the network. This gives
+ * the client a chance to perform the key exchange and decrypt the alert
+ * we're about to send. */
+ rv |= ssl3_FlushHandshake(ss, 0);
+ if (rv != SECSuccess) {
+ if (err) {
+ PORT_SetError(err);
+ }
+ return SECFailure;
+ }
+
+ /* Compute the rest of the secrets except for the resumption
+ * and exporter secret. */
+ rv = tls13_ComputeApplicationSecrets(ss);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, PORT_GetError());
+ return SECFailure;
+ }
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyApplicationData,
+ CipherSpecWrite, PR_FALSE);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) {
+ rv = tls13_SetCipherSpec(ss,
+ TrafficKeyEarlyApplicationData,
+ CipherSpecRead, PR_TRUE);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ } else {
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_none ||
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_ignored);
+
+ rv = tls13_SetCipherSpec(ss,
+ TrafficKeyHandshake,
+ CipherSpecRead, PR_FALSE);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ TLS13_SET_HS_STATE(ss,
+ ss->opt.requestCertificate ? wait_client_cert
+ : wait_finished);
+ return SECSuccess;
+}
+
+SECStatus
+tls13_HandleServerHelloPart2(sslSocket *ss)
+{
+ SECStatus rv;
+ sslSessionID *sid = ss->sec.ci.sid;
+ SSL3Statistics *ssl3stats = SSL_GetStatistics();
+
+ if (ssl3_ExtensionNegotiated(ss, ssl_tls13_pre_shared_key_xtn)) {
+ PORT_Assert(ss->statelessResume);
+ } else {
+ if (ss->ssl3.hs.currentSecret) {
+ PORT_Assert(ss->statelessResume);
+ PK11_FreeSymKey(ss->ssl3.hs.currentSecret);
+ ss->ssl3.hs.currentSecret = NULL;
+ }
+ ss->statelessResume = PR_FALSE;
+ }
+
+ if (ss->statelessResume) {
+ if (tls13_GetHash(ss) !=
+ tls13_GetHashForCipherSuite(sid->u.ssl3.cipherSuite)) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO,
+ illegal_parameter);
+ return SECFailure;
+ }
+ }
+
+ /* Now create a synthetic kea_def that we can tweak. */
+ ss->ssl3.hs.kea_def_mutable = *ss->ssl3.hs.kea_def;
+ ss->ssl3.hs.kea_def = &ss->ssl3.hs.kea_def_mutable;
+
+ if (ss->statelessResume) {
+ /* PSK */
+ ss->ssl3.hs.kea_def_mutable.authKeyType = ssl_auth_psk;
+ tls13_RestoreCipherInfo(ss, sid);
+ if (sid->peerCert) {
+ ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
+ }
+
+ SSL_AtomicIncrementLong(&ssl3stats->hsh_sid_cache_hits);
+ SSL_AtomicIncrementLong(&ssl3stats->hsh_sid_stateless_resumes);
+ } else {
+ /* !PSK */
+ if (ssl3_ClientExtensionAdvertised(ss, ssl_tls13_pre_shared_key_xtn)) {
+ SSL_AtomicIncrementLong(&ssl3stats->hsh_sid_cache_misses);
+ }
+ if (sid->cached == in_client_cache) {
+ /* If we tried to resume and failed, let's not try again. */
+ ss->sec.uncache(sid);
+ }
+ }
+
+ if (!ss->ssl3.hs.currentSecret) {
+ PORT_Assert(!ss->statelessResume);
+
+ /* If we don't already have the Early Secret we need to make it
+ * now. */
+ rv = tls13_ComputeEarlySecrets(ss);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+ }
+
+ /* Discard current SID and make a new one, though it may eventually
+ * end up looking a lot like the old one.
+ */
+ ssl_FreeSID(sid);
+ ss->sec.ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE);
+ if (sid == NULL) {
+ FATAL_ERROR(ss, PORT_GetError(), internal_error);
+ return SECFailure;
+ }
+ if (ss->statelessResume) {
+ PORT_Assert(ss->sec.peerCert);
+ sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
+ }
+ sid->version = ss->version;
+
+ rv = tls13_HandleServerKeyShare(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = tls13_ComputeHandshakeSecrets(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+
+ ss->ssl3.hs.shortHeaders = ssl3_ExtensionNegotiated(
+ ss, ssl_tls13_short_header_xtn);
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyHandshake,
+ CipherSpecRead, PR_FALSE);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_INIT_CIPHER_SUITE_FAILURE, internal_error);
+ return SECFailure;
+ }
+ TLS13_SET_HS_STATE(ss, wait_encrypted_extensions);
+
+ return SECSuccess;
+}
+
+static void
+tls13_SetKeyExchangeType(sslSocket *ss, const sslNamedGroupDef *group)
+{
+ ss->sec.keaGroup = group;
+ switch (group->keaType) {
+ /* Note: These overwrite on resumption.... so if you start with ECDH
+ * and resume with DH, we report DH. That's fine, since no answer
+ * is really right. */
+ case ssl_kea_ecdh:
+ ss->ssl3.hs.kea_def_mutable.exchKeyType =
+ ss->statelessResume ? ssl_kea_ecdh_psk : ssl_kea_ecdh;
+ ss->sec.keaType = ssl_kea_ecdh;
+ break;
+ case ssl_kea_dh:
+ ss->ssl3.hs.kea_def_mutable.exchKeyType =
+ ss->statelessResume ? ssl_kea_dh_psk : ssl_kea_dh;
+ ss->sec.keaType = ssl_kea_dh;
+ break;
+ default:
+ PORT_Assert(0);
+ }
+}
+
+/*
+ * Called from ssl3_HandleServerHello.
+ *
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+tls13_HandleServerKeyShare(sslSocket *ss)
+{
+ SECStatus rv;
+ TLS13KeyShareEntry *entry;
+ sslEphemeralKeyPair *keyPair;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle server_key_share handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ /* This list should have one entry. */
+ if (PR_CLIST_IS_EMPTY(&ss->xtnData.remoteKeyShares)) {
+ FATAL_ERROR(ss, SSL_ERROR_MISSING_KEY_SHARE, missing_extension);
+ return SECFailure;
+ }
+
+ entry = (TLS13KeyShareEntry *)PR_NEXT_LINK(&ss->xtnData.remoteKeyShares);
+ PORT_Assert(PR_NEXT_LINK(&entry->link) == &ss->xtnData.remoteKeyShares);
+
+ /* Now get our matching key. */
+ keyPair = ssl_LookupEphemeralKeyPair(ss, entry->group);
+ if (!keyPair) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_KEY_SHARE, illegal_parameter);
+ return SECFailure;
+ }
+
+ PORT_Assert(ssl_NamedGroupEnabled(ss, entry->group));
+
+ rv = tls13_HandleKeyShare(ss, entry, keyPair->keys);
+ if (rv != SECSuccess)
+ return SECFailure; /* Error code set by caller. */
+
+ tls13_SetKeyExchangeType(ss, entry->group);
+ ss->sec.keaKeyBits = SECKEY_PublicKeyStrengthInBits(keyPair->keys->pubKey);
+
+ return SECSuccess;
+}
+
+/*
+ * opaque ASN1Cert<1..2^24-1>;
+ *
+ * struct {
+ * ASN1Cert cert_data;
+ * Extension extensions<0..2^16-1>;
+ * } CertificateEntry;
+ *
+ * struct {
+ * opaque certificate_request_context<0..2^8-1>;
+ * CertificateEntry certificate_list<0..2^24-1>;
+ * } Certificate;
+ */
+static SECStatus
+tls13_SendCertificate(sslSocket *ss)
+{
+ SECStatus rv;
+ CERTCertificateList *certChain;
+ int certChainLen = 0;
+ int i;
+ SECItem context = { siBuffer, NULL, 0 };
+ PRInt32 extensionsLen = 0;
+ PRUint32 maxBytes = 65535;
+
+ SSL_TRC(3, ("%d: TLS1.3[%d]: send certificate handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->sec.isServer) {
+ PORT_Assert(!ss->sec.localCert);
+ /* A server certificate is selected in tls13_SelectServerCert(). */
+ PORT_Assert(ss->sec.serverCert);
+
+ certChain = ss->sec.serverCert->serverCertChain;
+ ss->sec.localCert = CERT_DupCertificate(ss->sec.serverCert->serverCert);
+ } else {
+ if (ss->sec.localCert)
+ CERT_DestroyCertificate(ss->sec.localCert);
+
+ certChain = ss->ssl3.clientCertChain;
+ ss->sec.localCert = CERT_DupCertificate(ss->ssl3.clientCertificate);
+ }
+
+ /* Get the extensions length. This only applies to the leaf cert,
+ * because we don't yet send extensions for non-leaf certs. */
+ extensionsLen = ssl3_CallHelloExtensionSenders(
+ ss, PR_FALSE, maxBytes, &ss->xtnData.certificateSenders[0]);
+
+ if (!ss->sec.isServer) {
+ PORT_Assert(ss->ssl3.hs.certificateRequest);
+ context = ss->ssl3.hs.certificateRequest->context;
+ }
+ if (certChain) {
+ for (i = 0; i < certChain->len; i++) {
+ certChainLen +=
+ 3 + certChain->certs[i].len + /* cert length + cert */
+ 2 + (!i ? extensionsLen : 0); /* extensions length + extensions */
+ }
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate,
+ 1 + context.len +
+ 3 + certChainLen);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, context.data,
+ context.len, 1);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err set by AppendHandshake. */
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, certChainLen, 3);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err set by AppendHandshake. */
+ }
+ if (certChain) {
+ for (i = 0; i < certChain->len; i++) {
+ PRInt32 sentLen;
+
+ rv = ssl3_AppendHandshakeVariable(ss, certChain->certs[i].data,
+ certChain->certs[i].len, 3);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err set by AppendHandshake. */
+ }
+
+ if (i) {
+ /* Not end-entity. */
+ rv = ssl3_AppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err set by AppendHandshake. */
+ }
+ continue;
+ }
+
+ /* End-entity, send extensions. */
+ rv = ssl3_AppendHandshakeNumber(ss, extensionsLen, 2);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err set by AppendHandshake. */
+ }
+
+ sentLen = ssl3_CallHelloExtensionSenders(
+ ss, PR_TRUE, extensionsLen,
+ &ss->xtnData.certificateSenders[0]);
+ PORT_Assert(sentLen == extensionsLen);
+ if (sentLen != extensionsLen) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ }
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_HandleCertificateEntry(sslSocket *ss, SECItem *data, PRBool first,
+ CERTCertificate **certp)
+{
+ SECStatus rv;
+ SECItem certData;
+ SECItem extensionsData;
+ CERTCertificate *cert = NULL;
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &certData,
+ 3, &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &extensionsData,
+ 2, &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Parse all the extensions. */
+ if (first && !ss->sec.isServer) {
+ rv = ssl3_HandleExtensions(ss, &extensionsData.data,
+ &extensionsData.len,
+ certificate);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* TODO(ekr@rtfm.com): Copy out SCTs. Bug 1315727. */
+ }
+
+ cert = CERT_NewTempCertificate(ss->dbHandle, &certData, NULL,
+ PR_FALSE, PR_TRUE);
+
+ if (!cert) {
+ PRErrorCode errCode = PORT_GetError();
+ switch (errCode) {
+ case PR_OUT_OF_MEMORY_ERROR:
+ case SEC_ERROR_BAD_DATABASE:
+ case SEC_ERROR_NO_MEMORY:
+ FATAL_ERROR(ss, errCode, internal_error);
+ return SECFailure;
+ default:
+ ssl3_SendAlertForCertError(ss, errCode);
+ return SECFailure;
+ }
+ }
+
+ *certp = cert;
+
+ return SECSuccess;
+}
+
+/* Called from tls13_CompleteHandleHandshakeMessage() when it has deciphered a complete
+ * tls13 Certificate message.
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+static SECStatus
+tls13_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ SECItem context = { siBuffer, NULL, 0 };
+ SECItem certList;
+ PRBool first = PR_TRUE;
+ ssl3CertNode *lastCert = NULL;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle certificate handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ if (ss->sec.isServer) {
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_CERTIFICATE,
+ wait_client_cert);
+ } else {
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_CERTIFICATE,
+ wait_cert_request, wait_server_cert);
+ }
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /* Process the context string */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &context, 1, &b, &length);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ if (context.len) {
+ /* The context string MUST be empty */
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERTIFICATE, illegal_parameter);
+ return SECFailure;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &certList, 3, &b, &length);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ if (length) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERTIFICATE, illegal_parameter);
+ return SECFailure;
+ }
+
+ if (!certList.len) {
+ if (!ss->sec.isServer) {
+ /* Servers always need to send some cert. */
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERTIFICATE, bad_certificate);
+ return SECFailure;
+ } else {
+ /* This is TLS's version of a no_certificate alert. */
+ /* I'm a server. I've requested a client cert. He hasn't got one. */
+ rv = ssl3_HandleNoCertificate(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ TLS13_SET_HS_STATE(ss, wait_finished);
+ return SECSuccess;
+ }
+ }
+
+ /* Now clean up. */
+ ssl3_CleanupPeerCerts(ss);
+ ss->ssl3.peerCertArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (ss->ssl3.peerCertArena == NULL) {
+ FATAL_ERROR(ss, SEC_ERROR_NO_MEMORY, internal_error);
+ return SECFailure;
+ }
+
+ while (certList.len) {
+ CERTCertificate *cert;
+
+ rv = tls13_HandleCertificateEntry(ss, &certList, first,
+ &cert);
+ if (rv != SECSuccess) {
+ ss->xtnData.signedCertTimestamps.len = 0;
+ return SECFailure;
+ }
+
+ if (first) {
+ ss->sec.peerCert = cert;
+
+ if (ss->xtnData.signedCertTimestamps.len) {
+ sslSessionID *sid = ss->sec.ci.sid;
+ rv = SECITEM_CopyItem(NULL, &sid->u.ssl3.signedCertTimestamps,
+ &ss->xtnData.signedCertTimestamps);
+ ss->xtnData.signedCertTimestamps.len = 0;
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_NO_MEMORY, internal_error);
+ return SECFailure;
+ }
+ }
+ } else {
+ ssl3CertNode *c = PORT_ArenaNew(ss->ssl3.peerCertArena,
+ ssl3CertNode);
+ if (!c) {
+ FATAL_ERROR(ss, SEC_ERROR_NO_MEMORY, internal_error);
+ return SECFailure;
+ }
+ c->cert = cert;
+ c->next = NULL;
+
+ if (lastCert) {
+ lastCert->next = c;
+ } else {
+ ss->ssl3.peerCertChain = c;
+ }
+ lastCert = c;
+ }
+
+ first = PR_FALSE;
+ }
+ SECKEY_UpdateCertPQG(ss->sec.peerCert);
+
+ return ssl3_AuthCertificate(ss); /* sets ss->ssl3.hs.ws */
+}
+
+void
+tls13_CipherSpecAddRef(ssl3CipherSpec *spec)
+{
+ ++spec->refCt;
+ SSL_TRC(10, ("%d: TLS13[-]: Increment ref ct for spec %d. new ct = %d",
+ SSL_GETPID(), spec, spec->refCt));
+}
+
+/* This function is never called on a spec which is on the
+ * cipherSpecs list. */
+void
+tls13_CipherSpecRelease(ssl3CipherSpec *spec)
+{
+ PORT_Assert(spec->refCt > 0);
+ --spec->refCt;
+ SSL_TRC(10, ("%d: TLS13[-]: decrement refct for spec %d. phase=%s new ct = %d",
+ SSL_GETPID(), spec, spec->phase, spec->refCt));
+ if (!spec->refCt) {
+ SSL_TRC(10, ("%d: TLS13[-]: Freeing spec %d. phase=%s",
+ SSL_GETPID(), spec, spec->phase));
+ PR_REMOVE_LINK(&spec->link);
+ ssl3_DestroyCipherSpec(spec, PR_TRUE);
+ PORT_Free(spec);
+ }
+}
+
+/* Add context to the hash functions as described in
+ [draft-ietf-tls-tls13; Section 4.9.1] */
+SECStatus
+tls13_AddContextToHashes(sslSocket *ss, const SSL3Hashes *hashes,
+ SSLHashType algorithm, PRBool sending,
+ SSL3Hashes *tbsHash)
+{
+ SECStatus rv = SECSuccess;
+ PK11Context *ctx;
+ const unsigned char context_padding[] = {
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ };
+
+ const char *client_cert_verify_string = "TLS 1.3, client CertificateVerify";
+ const char *server_cert_verify_string = "TLS 1.3, server CertificateVerify";
+ const char *context_string = (sending ^ ss->sec.isServer) ? client_cert_verify_string
+ : server_cert_verify_string;
+ unsigned int hashlength;
+
+ /* Double check that we are doing the same hash.*/
+ PORT_Assert(hashes->len == tls13_GetHashSize(ss));
+
+ ctx = PK11_CreateDigestContext(ssl3_HashTypeToOID(algorithm));
+ if (!ctx) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ goto loser;
+ }
+
+ PORT_Assert(SECFailure);
+ PORT_Assert(!SECSuccess);
+
+ PRINT_BUF(50, (ss, "TLS 1.3 hash without context", hashes->u.raw, hashes->len));
+ PRINT_BUF(50, (ss, "Context string", context_string, strlen(context_string)));
+ rv |= PK11_DigestBegin(ctx);
+ rv |= PK11_DigestOp(ctx, context_padding, sizeof(context_padding));
+ rv |= PK11_DigestOp(ctx, (unsigned char *)context_string,
+ strlen(context_string) + 1); /* +1 includes the terminating 0 */
+ rv |= PK11_DigestOp(ctx, hashes->u.raw, hashes->len);
+ /* Update the hash in-place */
+ rv |= PK11_DigestFinal(ctx, tbsHash->u.raw, &hashlength, sizeof(tbsHash->u.raw));
+ PK11_DestroyContext(ctx, PR_TRUE);
+ PRINT_BUF(50, (ss, "TLS 1.3 hash with context", tbsHash->u.raw, hashlength));
+
+ tbsHash->len = hashlength;
+ tbsHash->hashAlg = algorithm;
+
+ if (rv) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ goto loser;
+ }
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+/*
+ * Derive-Secret(Secret, Label, Messages) =
+ * HKDF-Expand-Label(Secret, Label,
+ * Hash(Messages) + Hash(resumption_context), L))
+ */
+static SECStatus
+tls13_DeriveSecret(sslSocket *ss, PK11SymKey *key,
+ const char *prefix,
+ const char *suffix,
+ const SSL3Hashes *hashes,
+ PK11SymKey **dest)
+{
+ SECStatus rv;
+ SSL3Hashes hashesTmp;
+ char buf[100];
+ const char *label;
+
+ if (prefix) {
+ if ((strlen(prefix) + strlen(suffix) + 2) > sizeof(buf)) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ (void)PR_snprintf(buf, sizeof(buf), "%s %s",
+ prefix, suffix);
+ label = buf;
+ } else {
+ label = suffix;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: deriving secret '%s'",
+ SSL_GETPID(), ss->fd, label));
+ if (!hashes) {
+ rv = tls13_ComputeHandshakeHashes(ss, &hashesTmp);
+ if (rv != SECSuccess) {
+ PORT_Assert(0); /* Should never fail */
+ ssl_MapLowLevelError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ hashes = &hashesTmp;
+ }
+
+ rv = tls13_HkdfExpandLabel(key, tls13_GetHash(ss),
+ hashes->u.raw, hashes->len,
+ label, strlen(label),
+ tls13_GetHkdfMechanism(ss),
+ tls13_GetHashSize(ss), dest);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/* Derive traffic keys for the next cipher spec in the queue. */
+static SECStatus
+tls13_DeriveTrafficKeys(sslSocket *ss, ssl3CipherSpec *spec,
+ TrafficKeyType type,
+ CipherSpecDirection direction,
+ PRBool deleteSecret)
+{
+ size_t keySize = spec->cipher_def->key_size;
+ size_t ivSize = spec->cipher_def->iv_size +
+ spec->cipher_def->explicit_nonce_size; /* This isn't always going to
+ * work, but it does for
+ * AES-GCM */
+ CK_MECHANISM_TYPE bulkAlgorithm = ssl3_Alg2Mech(spec->cipher_def->calg);
+ PK11SymKey **prkp = NULL;
+ PK11SymKey *prk = NULL;
+ PRBool clientKey;
+ ssl3KeyMaterial *target;
+ const char *phase;
+ SECStatus rv;
+ /* These labels are just used for debugging. */
+ static const char kHkdfPhaseEarlyApplicationDataKeys[] = "early application data";
+ static const char kHkdfPhaseHandshakeKeys[] = "handshake data";
+ static const char kHkdfPhaseApplicationDataKeys[] = "application data";
+
+ if (ss->sec.isServer ^ (direction == CipherSpecWrite)) {
+ clientKey = PR_TRUE;
+ target = &spec->client;
+ } else {
+ clientKey = PR_FALSE;
+ target = &spec->server;
+ }
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ switch (type) {
+ case TrafficKeyEarlyApplicationData:
+ PORT_Assert(clientKey);
+ phase = kHkdfPhaseEarlyApplicationDataKeys;
+ prkp = &ss->ssl3.hs.clientEarlyTrafficSecret;
+ break;
+ case TrafficKeyHandshake:
+ phase = kHkdfPhaseHandshakeKeys;
+ prkp = clientKey ? &ss->ssl3.hs.clientHsTrafficSecret : &ss->ssl3.hs.serverHsTrafficSecret;
+ break;
+ case TrafficKeyApplicationData:
+ phase = kHkdfPhaseApplicationDataKeys;
+ prkp = clientKey ? &ss->ssl3.hs.clientTrafficSecret : &ss->ssl3.hs.serverTrafficSecret;
+ break;
+ default:
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0);
+ return SECFailure;
+ }
+ PORT_Assert(prkp != NULL);
+ prk = *prkp;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: deriving %s traffic keys phase='%s'",
+ SSL_GETPID(), ss->fd,
+ (direction == CipherSpecWrite) ? "write" : "read", phase));
+ PORT_Assert(phase);
+ spec->phase = phase;
+
+ rv = tls13_HkdfExpandLabel(prk, tls13_GetHash(ss),
+ NULL, 0,
+ kHkdfPurposeKey, strlen(kHkdfPurposeKey),
+ bulkAlgorithm, keySize,
+ &target->write_key);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0);
+ goto loser;
+ }
+
+ rv = tls13_HkdfExpandLabelRaw(prk, tls13_GetHash(ss),
+ NULL, 0,
+ kHkdfPurposeIv, strlen(kHkdfPurposeIv),
+ target->write_iv, ivSize);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0);
+ goto loser;
+ }
+
+ if (deleteSecret) {
+ PK11_FreeSymKey(prk);
+ *prkp = NULL;
+ }
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+static SECStatus
+tls13_SetupPendingCipherSpec(sslSocket *ss)
+{
+ ssl3CipherSpec *pSpec;
+ ssl3CipherSuite suite = ss->ssl3.hs.cipher_suite;
+ const ssl3BulkCipherDef *bulk = ssl_GetBulkCipherDef(
+ ssl_LookupCipherSuiteDef(suite));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ ssl_GetSpecWriteLock(ss); /*******************************/
+
+ pSpec = ss->ssl3.pwSpec;
+ /* Version isn't set when we send 0-RTT data. */
+ pSpec->version = PR_MAX(SSL_LIBRARY_VERSION_TLS_1_3, ss->version);
+
+ SSL_TRC(3, ("%d: TLS13[%d]: Set Pending Cipher Suite to 0x%04x",
+ SSL_GETPID(), ss->fd, suite));
+ pSpec->cipher_def = bulk;
+
+ ssl_ReleaseSpecWriteLock(ss); /*******************************/
+ return SECSuccess;
+}
+
+/* Install a new cipher spec for this direction. */
+static SECStatus
+tls13_SetCipherSpec(sslSocket *ss, TrafficKeyType type,
+ CipherSpecDirection direction, PRBool deleteSecret)
+{
+ SECStatus rv;
+ ssl3CipherSpec *spec = NULL;
+ ssl3CipherSpec **specp = (direction == CipherSpecRead) ? &ss->ssl3.crSpec : &ss->ssl3.cwSpec;
+ /* Flush out old handshake data. */
+ ssl_GetXmitBufLock(ss);
+ rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Create the new spec. */
+ spec = PORT_ZNew(ssl3CipherSpec);
+ if (!spec) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ spec->refCt = 1;
+ PR_APPEND_LINK(&spec->link, &ss->ssl3.hs.cipherSpecs);
+ ss->ssl3.pwSpec = ss->ssl3.prSpec = spec;
+
+ rv = tls13_SetupPendingCipherSpec(ss);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ switch (spec->cipher_def->calg) {
+ case calg_aes_gcm:
+ spec->aead = tls13_AESGCM;
+ break;
+ case calg_chacha20:
+ spec->aead = tls13_ChaCha20Poly1305;
+ break;
+ default:
+ PORT_Assert(0);
+ return SECFailure;
+ break;
+ }
+
+ rv = tls13_DeriveTrafficKeys(ss, spec, type, direction,
+ deleteSecret);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* We use the epoch for cipher suite identification, so increment
+ * it in both TLS and DTLS. */
+ if ((*specp)->epoch == PR_UINT16_MAX) {
+ return SECFailure;
+ }
+ spec->epoch = (*specp)->epoch + 1;
+
+ if (!IS_DTLS(ss)) {
+ spec->read_seq_num = spec->write_seq_num = 0;
+ } else {
+ /* The sequence number has the high 16 bits as the epoch. */
+ spec->read_seq_num = spec->write_seq_num =
+ (sslSequenceNumber)spec->epoch << 48;
+
+ dtls_InitRecvdRecords(&spec->recvdRecords);
+ }
+
+ /* Now that we've set almost everything up, finally cut over. */
+ ssl_GetSpecWriteLock(ss);
+ tls13_CipherSpecRelease(*specp); /* May delete old cipher. */
+ *specp = spec; /* Overwrite. */
+ ssl_ReleaseSpecWriteLock(ss);
+
+ SSL_TRC(3, ("%d: TLS13[%d]: %s installed key for phase='%s'.%d dir=%s",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss),
+ spec->phase, spec->epoch,
+ direction == CipherSpecRead ? "read" : "write"));
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ComputeHandshakeHashes(sslSocket *ss,
+ SSL3Hashes *hashes)
+{
+ SECStatus rv;
+ PK11Context *ctx = NULL;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ if (ss->ssl3.hs.hashType == handshake_hash_unknown) {
+ /* Backup: if we haven't done any hashing, then hash now.
+ * This happens when we are doing 0-RTT on the client. */
+ ctx = PK11_CreateDigestContext(ssl3_HashTypeToOID(tls13_GetHash(ss)));
+ if (!ctx) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return SECFailure;
+ }
+
+ if (PK11_DigestBegin(ctx) != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ goto loser;
+ }
+
+ PRINT_BUF(10, (NULL, "Handshake hash computed over saved messages",
+ ss->ssl3.hs.messages.buf,
+ ss->ssl3.hs.messages.len));
+
+ if (PK11_DigestOp(ctx,
+ ss->ssl3.hs.messages.buf,
+ ss->ssl3.hs.messages.len) != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ goto loser;
+ }
+ } else {
+ ctx = PK11_CloneContext(ss->ssl3.hs.sha);
+ if (!ctx) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ rv = PK11_DigestFinal(ctx, hashes->u.raw,
+ &hashes->len,
+ sizeof(hashes->u.raw));
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_DIGEST_FAILURE);
+ goto loser;
+ }
+ PORT_Assert(hashes->len == tls13_GetHashSize(ss));
+ PK11_DestroyContext(ctx, PR_TRUE);
+
+ return SECSuccess;
+
+loser:
+ PK11_DestroyContext(ctx, PR_TRUE);
+ return SECFailure;
+}
+
+void
+tls13_DestroyKeyShareEntry(TLS13KeyShareEntry *offer)
+{
+ SECITEM_ZfreeItem(&offer->key_exchange, PR_FALSE);
+ PORT_ZFree(offer, sizeof(*offer));
+}
+
+void
+tls13_DestroyKeyShares(PRCList *list)
+{
+ PRCList *cur_p;
+
+ /* The list must be initialized. */
+ PORT_Assert(PR_LIST_HEAD(list));
+
+ while (!PR_CLIST_IS_EMPTY(list)) {
+ cur_p = PR_LIST_TAIL(list);
+ PR_REMOVE_LINK(cur_p);
+ tls13_DestroyKeyShareEntry((TLS13KeyShareEntry *)cur_p);
+ }
+}
+
+void
+tls13_DestroyEarlyData(PRCList *list)
+{
+ PRCList *cur_p;
+
+ while (!PR_CLIST_IS_EMPTY(list)) {
+ TLS13EarlyData *msg;
+
+ cur_p = PR_LIST_TAIL(list);
+ msg = (TLS13EarlyData *)cur_p;
+
+ PR_REMOVE_LINK(cur_p);
+ SECITEM_ZfreeItem(&msg->data, PR_FALSE);
+ PORT_ZFree(msg, sizeof(*msg));
+ }
+}
+
+void
+tls13_DestroyCipherSpecs(PRCList *list)
+{
+ PRCList *cur_p;
+
+ while (!PR_CLIST_IS_EMPTY(list)) {
+ cur_p = PR_LIST_TAIL(list);
+ PR_REMOVE_LINK(cur_p);
+ ssl3_DestroyCipherSpec((ssl3CipherSpec *)cur_p, PR_FALSE);
+ PORT_Free(cur_p);
+ }
+}
+
+/* draft-ietf-tls-tls13 Section 5.2.2 specifies the following
+ * nonce algorithm:
+ *
+ * The length of the per-record nonce (iv_length) is set to max(8 bytes,
+ * N_MIN) for the AEAD algorithm (see [RFC5116] Section 4). An AEAD
+ * algorithm where N_MAX is less than 8 bytes MUST NOT be used with TLS.
+ * The per-record nonce for the AEAD construction is formed as follows:
+ *
+ * 1. The 64-bit record sequence number is padded to the left with
+ * zeroes to iv_length.
+ *
+ * 2. The padded sequence number is XORed with the static
+ * client_write_iv or server_write_iv, depending on the role.
+ *
+ * The resulting quantity (of length iv_length) is used as the per-
+ * record nonce.
+ *
+ * Existing suites have the same nonce size: N_MIN = N_MAX = 12 bytes
+ *
+ * See RFC 5288 and https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04#section-2
+ */
+static void
+tls13_WriteNonce(ssl3KeyMaterial *keys,
+ const unsigned char *seqNumBuf, unsigned int seqNumLen,
+ unsigned char *nonce, unsigned int nonceLen)
+{
+ size_t i;
+
+ PORT_Assert(nonceLen == 12);
+ memcpy(nonce, keys->write_iv, 12);
+
+ /* XOR the last 8 bytes of the IV with the sequence number. */
+ PORT_Assert(seqNumLen == 8);
+ for (i = 0; i < 8; ++i) {
+ nonce[4 + i] ^= seqNumBuf[i];
+ }
+}
+
+/* Implement the SSLAEADCipher interface defined in sslimpl.h.
+ *
+ * That interface takes the additional data (see below) and reinterprets that as
+ * a sequence number. In TLS 1.3 there is no additional data so this value is
+ * just the encoded sequence number.
+ */
+static SECStatus
+tls13_AEAD(ssl3KeyMaterial *keys, PRBool doDecrypt,
+ unsigned char *out, int *outlen, int maxout,
+ const unsigned char *in, int inlen,
+ CK_MECHANISM_TYPE mechanism,
+ unsigned char *aeadParams, unsigned int aeadParamLength)
+{
+ SECStatus rv;
+ unsigned int uOutLen = 0;
+ SECItem param = {
+ siBuffer, aeadParams, aeadParamLength
+ };
+
+ if (doDecrypt) {
+ rv = PK11_Decrypt(keys->write_key, mechanism, &param,
+ out, &uOutLen, maxout, in, inlen);
+ } else {
+ rv = PK11_Encrypt(keys->write_key, mechanism, &param,
+ out, &uOutLen, maxout, in, inlen);
+ }
+ *outlen = (int)uOutLen;
+
+ return rv;
+}
+
+static SECStatus
+tls13_AESGCM(ssl3KeyMaterial *keys,
+ PRBool doDecrypt,
+ unsigned char *out,
+ int *outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen,
+ const unsigned char *additionalData,
+ int additionalDataLen)
+{
+ CK_GCM_PARAMS gcmParams;
+ unsigned char nonce[12];
+
+ memset(&gcmParams, 0, sizeof(gcmParams));
+ gcmParams.pIv = nonce;
+ gcmParams.ulIvLen = sizeof(nonce);
+ gcmParams.pAAD = NULL;
+ gcmParams.ulAADLen = 0;
+ gcmParams.ulTagBits = 128; /* GCM measures tag length in bits. */
+
+ tls13_WriteNonce(keys, additionalData, additionalDataLen,
+ nonce, sizeof(nonce));
+ return tls13_AEAD(keys, doDecrypt, out, outlen, maxout, in, inlen,
+ CKM_AES_GCM,
+ (unsigned char *)&gcmParams, sizeof(gcmParams));
+}
+
+static SECStatus
+tls13_ChaCha20Poly1305(ssl3KeyMaterial *keys, PRBool doDecrypt,
+ unsigned char *out, int *outlen, int maxout,
+ const unsigned char *in, int inlen,
+ const unsigned char *additionalData,
+ int additionalDataLen)
+{
+ CK_NSS_AEAD_PARAMS aeadParams;
+ unsigned char nonce[12];
+
+ memset(&aeadParams, 0, sizeof(aeadParams));
+ aeadParams.pNonce = nonce;
+ aeadParams.ulNonceLen = sizeof(nonce);
+ aeadParams.pAAD = NULL; /* No AAD in TLS 1.3. */
+ aeadParams.ulAADLen = 0;
+ aeadParams.ulTagLen = 16; /* The Poly1305 tag is 16 octets. */
+
+ tls13_WriteNonce(keys, additionalData, additionalDataLen,
+ nonce, sizeof(nonce));
+ return tls13_AEAD(keys, doDecrypt, out, outlen, maxout, in, inlen,
+ CKM_NSS_CHACHA20_POLY1305,
+ (unsigned char *)&aeadParams, sizeof(aeadParams));
+}
+
+static SECStatus
+tls13_HandleEncryptedExtensions(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ PRInt32 innerLength;
+ SECItem oldNpn = { siBuffer, NULL, 0 };
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle encrypted extensions",
+ SSL_GETPID(), ss->fd));
+
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_ENCRYPTED_EXTENSIONS,
+ wait_encrypted_extensions);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ innerLength = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
+ if (innerLength < 0) {
+ return SECFailure; /* Alert already sent. */
+ }
+ if (innerLength != length) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_ENCRYPTED_EXTENSIONS,
+ illegal_parameter);
+ return SECFailure;
+ }
+
+ /* If we are doing 0-RTT, then we already have an NPN value. Stash
+ * it for comparison. */
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent &&
+ ss->xtnData.nextProtoState == SSL_NEXT_PROTO_EARLY_VALUE) {
+ oldNpn = ss->xtnData.nextProto;
+ ss->xtnData.nextProto.data = NULL;
+ ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_SUPPORT;
+ }
+ rv = ssl3_HandleExtensions(ss, &b, &length, encrypted_extensions);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code set below */
+ }
+
+ /* We can only get here if we offered 0-RTT. */
+ if (ssl3_ExtensionNegotiated(ss, ssl_tls13_early_data_xtn)) {
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_sent);
+ if (!ss->statelessResume) {
+ /* Illegal to accept 0-RTT without also accepting PSK. */
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_ENCRYPTED_EXTENSIONS,
+ illegal_parameter);
+ }
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_accepted;
+
+ /* Check that the server negotiated the same ALPN (if any). */
+ if (SECITEM_CompareItem(&oldNpn, &ss->xtnData.nextProto)) {
+ SECITEM_FreeItem(&oldNpn, PR_FALSE);
+ FATAL_ERROR(ss, SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID,
+ illegal_parameter);
+ return SECFailure;
+ }
+ /* Check that the server negotiated the same cipher suite. */
+ if (ss->ssl3.hs.cipher_suite != ss->ssl3.hs.zeroRttSuite) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_ENCRYPTED_EXTENSIONS,
+ illegal_parameter);
+ return SECFailure;
+ }
+ } else if (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent) {
+ /* Though we sent 0-RTT, the early_data extension wasn't present so the
+ * state is unmodified; the server must have rejected 0-RTT. */
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_ignored;
+ ss->ssl3.hs.zeroRttIgnore = ssl_0rtt_ignore_trial;
+ } else {
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_none ||
+ (ss->ssl3.hs.helloRetry &&
+ ss->ssl3.hs.zeroRttState == ssl_0rtt_ignored));
+ }
+
+ SECITEM_FreeItem(&oldNpn, PR_FALSE);
+ if (ss->ssl3.hs.kea_def->authKeyType == ssl_auth_psk) {
+ TLS13_SET_HS_STATE(ss, wait_finished);
+ } else {
+ TLS13_SET_HS_STATE(ss, wait_cert_request);
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_SendEncryptedExtensions(sslSocket *ss)
+{
+ SECStatus rv;
+ PRInt32 extensions_len = 0;
+ PRInt32 sent_len = 0;
+ PRUint32 maxBytes = 65535;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send encrypted extensions handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ extensions_len = ssl3_CallHelloExtensionSenders(
+ ss, PR_FALSE, maxBytes, &ss->xtnData.encryptedExtensionsSenders[0]);
+
+ rv = ssl3_AppendHandshakeHeader(ss, encrypted_extensions,
+ extensions_len + 2);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ rv = ssl3_AppendHandshakeNumber(ss, extensions_len, 2);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ sent_len = ssl3_CallHelloExtensionSenders(
+ ss, PR_TRUE, extensions_len,
+ &ss->xtnData.encryptedExtensionsSenders[0]);
+ PORT_Assert(sent_len == extensions_len);
+ if (sent_len != extensions_len) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(sent_len == 0);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+tls13_SendCertificateVerify(sslSocket *ss, SECKEYPrivateKey *privKey)
+{
+ SECStatus rv = SECFailure;
+ SECItem buf = { siBuffer, NULL, 0 };
+ unsigned int len;
+ SSLHashType hashAlg;
+ SSL3Hashes hash;
+ SSL3Hashes tbsHash; /* The hash "to be signed". */
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send certificate_verify handshake",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_single);
+ rv = tls13_ComputeHandshakeHashes(ss, &hash);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* We should have picked a signature scheme when we received a
+ * CertificateRequest, or when we picked a server certificate. */
+ PORT_Assert(ss->ssl3.hs.signatureScheme != ssl_sig_none);
+ if (ss->ssl3.hs.signatureScheme == ssl_sig_none) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ hashAlg = ssl_SignatureSchemeToHashType(ss->ssl3.hs.signatureScheme);
+ rv = tls13_AddContextToHashes(ss, &hash, hashAlg,
+ PR_TRUE, &tbsHash);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ rv = ssl3_SignHashes(ss, &tbsHash, privKey, &buf);
+ if (rv == SECSuccess && !ss->sec.isServer) {
+ /* Remember the info about the slot that did the signing.
+ * Later, when doing an SSL restart handshake, verify this.
+ * These calls are mere accessors, and can't fail.
+ */
+ PK11SlotInfo *slot;
+ sslSessionID *sid = ss->sec.ci.sid;
+
+ slot = PK11_GetSlotFromPrivateKey(privKey);
+ sid->u.ssl3.clAuthSeries = PK11_GetSlotSeries(slot);
+ sid->u.ssl3.clAuthSlotID = PK11_GetSlotID(slot);
+ sid->u.ssl3.clAuthModuleID = PK11_GetModuleID(slot);
+ sid->u.ssl3.clAuthValid = PR_TRUE;
+ PK11_FreeSlot(slot);
+ }
+ if (rv != SECSuccess) {
+ goto done; /* err code was set by ssl3_SignHashes */
+ }
+
+ len = buf.len + 2 + 2;
+
+ rv = ssl3_AppendHandshakeHeader(ss, certificate_verify, len);
+ if (rv != SECSuccess) {
+ goto done; /* error code set by AppendHandshake */
+ }
+
+ rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3.hs.signatureScheme, 2);
+ if (rv != SECSuccess) {
+ goto done; /* err set by AppendHandshakeNumber */
+ }
+
+ rv = ssl3_AppendHandshakeVariable(ss, buf.data, buf.len, 2);
+ if (rv != SECSuccess) {
+ goto done; /* error code set by AppendHandshake */
+ }
+
+done:
+ /* For parity with the allocation functions, which don't use
+ * SECITEM_AllocItem(). */
+ if (buf.data)
+ PORT_Free(buf.data);
+ return rv;
+}
+
+/* Called from tls13_CompleteHandleHandshakeMessage() when it has deciphered a complete
+ * tls13 CertificateVerify message
+ * Caller must hold Handshake and RecvBuf locks.
+ */
+SECStatus
+tls13_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ SSL3Hashes *hashes)
+{
+ SECItem signed_hash = { siBuffer, NULL, 0 };
+ SECStatus rv;
+ SSLSignatureScheme sigScheme;
+ SSLHashType hashAlg;
+ SSL3Hashes tbsHash;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle certificate_verify handshake",
+ SSL_GETPID(), ss->fd));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY,
+ wait_cert_verify);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ PORT_Assert(hashes);
+
+ rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_VERIFY);
+ return SECFailure;
+ }
+
+ rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme, ss->sec.peerCert);
+ if (rv != SECSuccess) {
+ /* Error set already */
+ return SECFailure;
+ }
+ hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
+
+ rv = tls13_AddContextToHashes(ss, hashes, hashAlg, PR_FALSE, &tbsHash);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_DIGEST_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &signed_hash, 2, &b, &length);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_VERIFY);
+ return SECFailure;
+ }
+
+ if (length != 0) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERT_VERIFY, decode_error);
+ return SECFailure;
+ }
+
+ rv = ssl3_VerifySignedHashes(ss, sigScheme, &tbsHash, &signed_hash);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, PORT_GetError(), decrypt_error);
+ return SECFailure;
+ }
+
+ /* Set the auth type. */
+ if (!ss->sec.isServer) {
+ switch (ssl_SignatureSchemeToKeyType(sigScheme)) {
+ case rsaKey:
+ ss->sec.authType = ssl_auth_rsa_sign;
+ break;
+ case ecKey:
+ ss->sec.authType = ssl_auth_ecdsa;
+ break;
+ default:
+ PORT_Assert(PR_FALSE);
+ }
+ }
+
+ /* Request a client certificate now if one was requested. */
+ if (ss->ssl3.hs.certificateRequest) {
+ TLS13CertificateRequest *req = ss->ssl3.hs.certificateRequest;
+
+ PORT_Assert(!ss->sec.isServer);
+ rv = ssl3_CompleteHandleCertificateRequest(ss, req->signatureSchemes,
+ req->signatureSchemeCount,
+ &req->ca_list);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return rv;
+ }
+ }
+
+ TLS13_SET_HS_STATE(ss, wait_finished);
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ComputePskBinderHash(sslSocket *ss, unsigned long prefixLength,
+ SSL3Hashes *hashes)
+{
+ SECStatus rv;
+
+ PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_unknown);
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(prefixLength <= ss->ssl3.hs.messages.len);
+
+ PRINT_BUF(10, (NULL, "Handshake hash computed over ClientHello prefix",
+ ss->ssl3.hs.messages.buf, prefixLength));
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(tls13_GetHash(ss)),
+ hashes->u.raw,
+ ss->ssl3.hs.messages.buf, prefixLength);
+ if (rv != SECSuccess) {
+ ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
+ goto loser;
+ }
+ hashes->len = tls13_GetHashSize(ss);
+
+ PRINT_BUF(10, (NULL, "PSK Binder hash",
+ hashes->u.raw, hashes->len));
+
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+/* Compute the PSK Binder This is kind of sneaky.*/
+SECStatus
+tls13_ComputePskBinder(sslSocket *ss, PRBool sending,
+ unsigned int prefixLength,
+ PRUint8 *output, unsigned int *outputLen,
+ unsigned int maxOutputLen)
+{
+ SSL3Hashes hashes;
+ SECStatus rv;
+
+ rv = tls13_ComputePskBinderHash(ss, prefixLength, &hashes);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ return tls13_ComputeFinished(ss, ss->ssl3.hs.pskBinderKey, &hashes,
+ sending, output, outputLen, maxOutputLen);
+}
+
+static SECStatus
+tls13_ComputeFinished(sslSocket *ss, PK11SymKey *baseKey,
+ const SSL3Hashes *hashes,
+ PRBool sending, PRUint8 *output, unsigned int *outputLen,
+ unsigned int maxOutputLen)
+{
+ SECStatus rv;
+ PK11Context *hmacCtx = NULL;
+ CK_MECHANISM_TYPE macAlg = tls13_GetHmacMechanism(ss);
+ SECItem param = { siBuffer, NULL, 0 };
+ unsigned int outputLenUint;
+ const char *label = kHkdfLabelFinishedSecret;
+ PK11SymKey *secret = NULL;
+
+ PORT_Assert(baseKey);
+ SSL_TRC(3, ("%d: TLS13[%d]: %s calculate finished",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss)));
+ PRINT_BUF(50, (ss, "Handshake hash", hashes->u.raw, hashes->len));
+
+ /* Now derive the appropriate finished secret from the base secret. */
+ rv = tls13_HkdfExpandLabel(baseKey,
+ tls13_GetHash(ss),
+ NULL, 0,
+ label, strlen(label),
+ tls13_GetHmacMechanism(ss),
+ tls13_GetHashSize(ss), &secret);
+ if (rv != SECSuccess) {
+ goto abort;
+ }
+
+ PORT_Assert(hashes->len == tls13_GetHashSize(ss));
+ hmacCtx = PK11_CreateContextBySymKey(macAlg, CKA_SIGN,
+ secret, &param);
+ if (!hmacCtx) {
+ goto abort;
+ }
+
+ rv = PK11_DigestBegin(hmacCtx);
+ if (rv != SECSuccess)
+ goto abort;
+
+ rv = PK11_DigestOp(hmacCtx, hashes->u.raw, hashes->len);
+ if (rv != SECSuccess)
+ goto abort;
+
+ PORT_Assert(maxOutputLen >= tls13_GetHashSize(ss));
+ rv = PK11_DigestFinal(hmacCtx, output, &outputLenUint, maxOutputLen);
+ if (rv != SECSuccess)
+ goto abort;
+ *outputLen = outputLenUint;
+
+ PK11_FreeSymKey(secret);
+ PK11_DestroyContext(hmacCtx, PR_TRUE);
+ return SECSuccess;
+
+abort:
+ if (secret) {
+ PK11_FreeSymKey(secret);
+ }
+
+ if (hmacCtx) {
+ PK11_DestroyContext(hmacCtx, PR_TRUE);
+ }
+
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+}
+
+static SECStatus
+tls13_SendFinished(sslSocket *ss, PK11SymKey *baseKey)
+{
+ SECStatus rv;
+ PRUint8 finishedBuf[TLS13_MAX_FINISHED_SIZE];
+ unsigned int finishedLen;
+ SSL3Hashes hashes;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send finished handshake", SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ rv = tls13_ComputeHandshakeHashes(ss, &hashes);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ ssl_GetSpecReadLock(ss);
+ rv = tls13_ComputeFinished(ss, baseKey, &hashes, PR_TRUE,
+ finishedBuf, &finishedLen, sizeof(finishedBuf));
+ ssl_ReleaseSpecReadLock(ss);
+ if (rv != SECSuccess) {
+ LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ rv = ssl3_AppendHandshakeHeader(ss, finished, finishedLen);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code already set. */
+ }
+
+ rv = ssl3_AppendHandshake(ss, finishedBuf, finishedLen);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code already set. */
+ }
+
+ /* TODO(ekr@rtfm.com): Record key log */
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_VerifyFinished(sslSocket *ss, SSL3HandshakeType message,
+ PK11SymKey *secret,
+ SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes)
+{
+ SECStatus rv;
+ PRUint8 finishedBuf[TLS13_MAX_FINISHED_SIZE];
+ unsigned int finishedLen;
+
+ if (!hashes) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ rv = tls13_ComputeFinished(ss, secret, hashes, PR_FALSE,
+ finishedBuf, &finishedLen, sizeof(finishedBuf));
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ if (length != finishedLen) {
+#ifndef UNSAFE_FUZZER_MODE
+ FATAL_ERROR(ss, message == finished ? SSL_ERROR_RX_MALFORMED_FINISHED : SSL_ERROR_RX_MALFORMED_CLIENT_HELLO, illegal_parameter);
+ return SECFailure;
+#endif
+ }
+
+ if (NSS_SecureMemcmp(b, finishedBuf, finishedLen) != 0) {
+#ifndef UNSAFE_FUZZER_MODE
+ FATAL_ERROR(ss, SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE,
+ decrypt_error);
+ return SECFailure;
+#endif
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ClientHandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes)
+{
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: TLS13[%d]: client handle finished handshake",
+ SSL_GETPID(), ss->fd));
+
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_FINISHED,
+ wait_finished);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ rv = tls13_VerifyFinished(ss, finished,
+ ss->ssl3.hs.serverHsTrafficSecret,
+ b, length, hashes);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ return tls13_SendClientSecondRound(ss);
+}
+
+static SECStatus
+tls13_ServerHandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
+ const SSL3Hashes *hashes)
+{
+ SECStatus rv;
+ PK11SymKey *secret;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ SSL_TRC(3, ("%d: TLS13[%d]: server handle finished handshake",
+ SSL_GETPID(), ss->fd));
+
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_FINISHED, wait_finished);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (TLS13_IN_HS_STATE(ss, wait_finished)) {
+ secret = ss->ssl3.hs.clientHsTrafficSecret;
+ } else {
+ secret = ss->ssl3.hs.clientEarlyTrafficSecret;
+ }
+
+ rv = tls13_VerifyFinished(ss, finished, secret, b, length, hashes);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyApplicationData,
+ CipherSpecRead, PR_TRUE);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ rv = tls13_FinishHandshake(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code and alerts handled below */
+ }
+ ssl_GetXmitBufLock(ss);
+ if (ss->opt.enableSessionTickets) {
+ rv = tls13_SendNewSessionTicket(ss);
+ if (rv != SECSuccess) {
+ ssl_ReleaseXmitBufLock(ss);
+ return SECFailure; /* Error code and alerts handled below */
+ }
+ rv = ssl3_FlushHandshake(ss, 0);
+ }
+ ssl_ReleaseXmitBufLock(ss);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_FinishHandshake(sslSocket *ss)
+{
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+ PORT_Assert(ss->ssl3.hs.restartTarget == NULL);
+
+ rv = tls13_ComputeFinalSecrets(ss);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /* The first handshake is now completed. */
+ ss->handshake = NULL;
+
+ /* Don't need this. */
+ PK11_FreeSymKey(ss->ssl3.hs.clientHsTrafficSecret);
+ ss->ssl3.hs.clientHsTrafficSecret = NULL;
+ PK11_FreeSymKey(ss->ssl3.hs.serverHsTrafficSecret);
+ ss->ssl3.hs.serverHsTrafficSecret = NULL;
+
+ TLS13_SET_HS_STATE(ss, idle_handshake);
+
+ ssl_FinishHandshake(ss);
+
+ return SECSuccess;
+}
+
+/* Do the parts of sending the client's second round that require
+ * the XmitBuf lock. */
+static SECStatus
+tls13_SendClientSecondFlight(sslSocket *ss, PRBool sendClientCert,
+ SSL3AlertDescription *sendAlert)
+{
+ SECStatus rv;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
+
+ *sendAlert = internal_error;
+
+ if (ss->ssl3.sendEmptyCert) {
+ ss->ssl3.sendEmptyCert = PR_FALSE;
+ rv = ssl3_SendEmptyCertificate(ss);
+ /* Don't send verify */
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+ } else if (sendClientCert) {
+ rv = tls13_SendCertificate(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* error code is set. */
+ }
+ }
+ if (ss->ssl3.hs.certificateRequest) {
+ PORT_FreeArena(ss->ssl3.hs.certificateRequest->arena, PR_FALSE);
+ ss->ssl3.hs.certificateRequest = NULL;
+ }
+
+ if (sendClientCert) {
+ rv = tls13_SendCertificateVerify(ss, ss->ssl3.clientPrivateKey);
+ SECKEY_DestroyPrivateKey(ss->ssl3.clientPrivateKey);
+ ss->ssl3.clientPrivateKey = NULL;
+ if (rv != SECSuccess) {
+ return SECFailure; /* err is set. */
+ }
+ }
+
+ rv = tls13_SendFinished(ss, ss->ssl3.hs.clientHsTrafficSecret);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err code was set. */
+ }
+ rv = ssl3_FlushHandshake(ss, IS_DTLS(ss) ? ssl_SEND_FLAG_NO_RETRANSMIT : 0);
+ if (rv != SECSuccess) {
+ /* No point in sending an alert here because we're not going to
+ * be able to send it if we couldn't flush the handshake. */
+ *sendAlert = no_alert;
+ return SECFailure;
+ }
+
+ rv = dtls_StartHolddownTimer(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* err code was set. */
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_SendClientSecondRound(sslSocket *ss)
+{
+ SECStatus rv;
+ PRBool sendClientCert;
+ SSL3AlertDescription sendAlert = no_alert;
+
+ PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
+ PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
+
+ sendClientCert = !ss->ssl3.sendEmptyCert &&
+ ss->ssl3.clientCertChain != NULL &&
+ ss->ssl3.clientPrivateKey != NULL;
+
+ /* Defer client authentication sending if we are still waiting for server
+ * authentication. This avoids unnecessary disclosure of client credentials
+ * to an unauthenticated server.
+ */
+ if (ss->ssl3.hs.restartTarget) {
+ PR_NOT_REACHED("unexpected ss->ssl3.hs.restartTarget");
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ if (ss->ssl3.hs.authCertificatePending) {
+ SSL_TRC(3, ("%d: TLS13[%d]: deferring ssl3_SendClientSecondRound because"
+ " certificate authentication is still pending.",
+ SSL_GETPID(), ss->fd));
+ ss->ssl3.hs.restartTarget = tls13_SendClientSecondRound;
+ return SECWouldBlock;
+ }
+
+ if (ss->ssl3.hs.zeroRttState != ssl_0rtt_none) {
+ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) {
+ rv = tls13_SendEndOfEarlyData(ss);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code already set. */
+ }
+ }
+ if (IS_DTLS(ss) && !ss->ssl3.hs.helloRetry) {
+ /* Reset the counters so that the next epoch isn't set
+ * incorrectly. */
+ tls13_SetNullCipherSpec(ss, &ss->ssl3.cwSpec);
+ }
+ }
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyHandshake,
+ CipherSpecWrite, PR_FALSE);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_INIT_CIPHER_SUITE_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ rv = tls13_ComputeApplicationSecrets(ss);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyApplicationData,
+ CipherSpecRead, PR_FALSE);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ ssl_GetXmitBufLock(ss); /*******************************/
+ rv = tls13_SendClientSecondFlight(ss, sendClientCert, &sendAlert);
+ ssl_ReleaseXmitBufLock(ss); /*******************************/
+ if (rv != SECSuccess) {
+ if (sendAlert != no_alert) {
+ FATAL_ERROR(ss, PORT_GetError(), sendAlert);
+ } else {
+ LOG_ERROR(ss, PORT_GetError());
+ }
+ return SECFailure;
+ }
+ rv = tls13_SetCipherSpec(ss, TrafficKeyApplicationData,
+ CipherSpecWrite, PR_TRUE);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /* The handshake is now finished */
+ return tls13_FinishHandshake(ss);
+}
+
+/*
+ * enum { (65535) } TicketExtensionType;
+ *
+ * struct {
+ * TicketExtensionType extension_type;
+ * opaque extension_data<0..2^16-1>;
+ * } TicketExtension;
+ *
+ * struct {
+ * uint32 ticket_lifetime;
+ * uint32 ticket_age_add;
+ * opaque ticket<1..2^16-1>;
+ * TicketExtension extensions<0..2^16-2>;
+ * } NewSessionTicket;
+ */
+
+#define MAX_EARLY_DATA_SIZE (2 << 16) /* Arbitrary limit. */
+
+SECStatus
+tls13_SendNewSessionTicket(sslSocket *ss)
+{
+ PRUint16 message_length;
+ SECItem ticket_data = { 0, NULL, 0 };
+ SECStatus rv;
+ NewSessionTicket ticket = { 0 };
+ PRUint32 max_early_data_size_len = 0;
+ ticket.flags = 0;
+ if (ss->opt.enable0RttData) {
+ ticket.flags |= ticket_allow_early_data;
+ max_early_data_size_len = 8; /* type + len + value. */
+ }
+ ticket.ticket_lifetime_hint = TLS_EX_SESS_TICKET_LIFETIME_HINT;
+
+ rv = ssl3_EncodeSessionTicket(ss, &ticket, &ticket_data);
+ if (rv != SECSuccess)
+ goto loser;
+
+ message_length =
+ 4 + /* lifetime */
+ 4 + /* ticket_age_add */
+ 2 + max_early_data_size_len + /* max_early_data_size_len */
+ 2 + /* ticket length */
+ ticket_data.len;
+
+ rv = ssl3_AppendHandshakeHeader(ss, new_session_ticket,
+ message_length);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* This is a fixed value. */
+ rv = ssl3_AppendHandshakeNumber(ss, TLS_EX_SESS_TICKET_LIFETIME_HINT, 4);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* The ticket age obfuscator. */
+ rv = PK11_GenerateRandom((PRUint8 *)&ticket.ticket_age_add,
+ sizeof(ticket.ticket_age_add));
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_AppendHandshakeNumber(ss, ticket.ticket_age_add, 4);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Encode the ticket. */
+ rv = ssl3_AppendHandshakeVariable(
+ ss, ticket_data.data, ticket_data.len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Extensions. */
+ rv = ssl3_AppendHandshakeNumber(ss, max_early_data_size_len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ if (max_early_data_size_len) {
+ rv = ssl3_AppendHandshakeNumber(
+ ss, ssl_tls13_ticket_early_data_info_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Length */
+ rv = ssl3_AppendHandshakeNumber(ss, 4, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_AppendHandshakeNumber(ss, MAX_EARLY_DATA_SIZE, 4);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ SECITEM_FreeItem(&ticket_data, PR_FALSE);
+ return SECSuccess;
+
+loser:
+ if (ticket_data.data) {
+ SECITEM_FreeItem(&ticket_data, PR_FALSE);
+ }
+ return SECFailure;
+}
+
+static SECStatus
+tls13_HandleNewSessionTicket(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
+{
+ SECStatus rv;
+ PRInt32 tmp;
+ PRUint32 utmp;
+ NewSessionTicket ticket = { 0 };
+ SECItem data;
+ SECItem ticket_data;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle new session ticket message",
+ SSL_GETPID(), ss->fd));
+
+ rv = TLS13_CHECK_HS_STATE(ss, SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET,
+ idle_handshake);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ if (!ss->firstHsDone || ss->sec.isServer) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET,
+ unexpected_message);
+ return SECFailure;
+ }
+
+ ticket.received_timestamp = ssl_Time();
+ tmp = ssl3_ConsumeHandshakeNumber(ss, 4, &b, &length);
+ if (tmp < 0) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET,
+ decode_error);
+ return SECFailure;
+ }
+ ticket.ticket_lifetime_hint = (PRUint32)tmp;
+ ticket.ticket.type = siBuffer;
+
+ rv = ssl3_ConsumeHandshake(ss, &utmp, sizeof(utmp),
+ &b, &length);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET);
+ return SECFailure;
+ }
+ ticket.ticket_age_add = PR_ntohl(utmp);
+
+ /* Get the ticket value. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &ticket_data, 2, &b, &length);
+ if (rv != SECSuccess || !ticket_data.len) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET,
+ decode_error);
+ return SECFailure;
+ }
+
+ /* Parse extensions. */
+ rv = ssl3_ConsumeHandshakeVariable(ss, &data, 2, &b, &length);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET,
+ decode_error);
+ return SECFailure;
+ }
+
+ rv = ssl3_HandleExtensions(ss, &data.data,
+ &data.len, new_session_ticket);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET,
+ decode_error);
+ return SECFailure;
+ }
+ if (ss->xtnData.max_early_data_size) {
+ ticket.flags |= ticket_allow_early_data;
+ ticket.max_early_data_size = ss->xtnData.max_early_data_size;
+ }
+
+ if (length != 0) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET,
+ decode_error);
+ return SECFailure;
+ }
+
+ if (!ss->opt.noCache) {
+ PORT_Assert(ss->sec.ci.sid);
+ rv = SECITEM_CopyItem(NULL, &ticket.ticket, &ticket_data);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_NO_MEMORY, internal_error);
+ return SECFailure;
+ }
+ PRINT_BUF(50, (ss, "Caching session ticket",
+ ticket.ticket.data,
+ ticket.ticket.len));
+
+ /* Replace a previous session ticket when
+ * we receive a second NewSessionTicket message. */
+ if (ss->sec.ci.sid->cached == in_client_cache) {
+ /* Create a new session ID. */
+ sslSessionID *sid = ssl3_NewSessionID(ss, PR_FALSE);
+ if (!sid) {
+ return SECFailure;
+ }
+
+ /* Copy over the peerCert. */
+ PORT_Assert(ss->sec.ci.sid->peerCert);
+ sid->peerCert = CERT_DupCertificate(ss->sec.ci.sid->peerCert);
+ if (!sid->peerCert) {
+ ssl_FreeSID(sid);
+ return SECFailure;
+ }
+
+ /* Destroy the old SID. */
+ ss->sec.uncache(ss->sec.ci.sid);
+ ssl_FreeSID(ss->sec.ci.sid);
+ ss->sec.ci.sid = sid;
+ }
+
+ ssl3_SetSIDSessionTicket(ss->sec.ci.sid, &ticket);
+ PORT_Assert(!ticket.ticket.data);
+
+ rv = ssl3_FillInCachedSID(ss, ss->sec.ci.sid);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ /* Cache the session. */
+ ss->sec.cache(ss->sec.ci.sid);
+ }
+
+ return SECSuccess;
+}
+
+typedef enum {
+ ExtensionNotUsed,
+ ExtensionClientOnly,
+ ExtensionSendClear,
+ ExtensionSendClearOrHrr,
+ ExtensionSendHrr,
+ ExtensionSendEncrypted,
+ ExtensionSendCertificate,
+ ExtensionNewSessionTicket
+} Tls13ExtensionStatus;
+
+static const struct {
+ PRUint16 ex_value;
+ Tls13ExtensionStatus status;
+} KnownExtensions[] = {
+ { ssl_server_name_xtn, ExtensionSendEncrypted },
+ { ssl_supported_groups_xtn, ExtensionSendEncrypted },
+ { ssl_ec_point_formats_xtn, ExtensionNotUsed },
+ { ssl_signature_algorithms_xtn, ExtensionClientOnly },
+ { ssl_use_srtp_xtn, ExtensionSendEncrypted },
+ { ssl_app_layer_protocol_xtn, ExtensionSendEncrypted },
+ { ssl_padding_xtn, ExtensionNotUsed },
+ { ssl_extended_master_secret_xtn, ExtensionNotUsed },
+ { ssl_session_ticket_xtn, ExtensionClientOnly },
+ { ssl_tls13_key_share_xtn, ExtensionSendClearOrHrr },
+ { ssl_tls13_pre_shared_key_xtn, ExtensionSendClear },
+ { ssl_tls13_early_data_xtn, ExtensionSendEncrypted },
+ { ssl_next_proto_nego_xtn, ExtensionNotUsed },
+ { ssl_renegotiation_info_xtn, ExtensionNotUsed },
+ { ssl_signed_cert_timestamp_xtn, ExtensionSendCertificate },
+ { ssl_cert_status_xtn, ExtensionSendCertificate },
+ { ssl_tls13_ticket_early_data_info_xtn, ExtensionNewSessionTicket },
+ { ssl_tls13_cookie_xtn, ExtensionSendHrr },
+ { ssl_tls13_short_header_xtn, ExtensionSendClear }
+};
+
+PRBool
+tls13_ExtensionAllowed(PRUint16 extension, SSL3HandshakeType message)
+{
+ unsigned int i;
+
+ PORT_Assert((message == client_hello) ||
+ (message == server_hello) ||
+ (message == hello_retry_request) ||
+ (message == encrypted_extensions) ||
+ (message == new_session_ticket) ||
+ (message == certificate));
+
+ for (i = 0; i < PR_ARRAY_SIZE(KnownExtensions); i++) {
+ if (KnownExtensions[i].ex_value == extension)
+ break;
+ }
+ if (i == PR_ARRAY_SIZE(KnownExtensions)) {
+ /* We have never heard of this extension which is OK
+ * in client_hello and new_session_ticket. */
+ return (message == client_hello) ||
+ (message == new_session_ticket);
+ }
+
+ switch (KnownExtensions[i].status) {
+ case ExtensionNotUsed:
+ return PR_FALSE;
+ case ExtensionClientOnly:
+ return message == client_hello;
+ case ExtensionSendClear:
+ return message == client_hello ||
+ message == server_hello;
+ case ExtensionSendClearOrHrr:
+ return message == client_hello ||
+ message == server_hello ||
+ message == hello_retry_request;
+ case ExtensionSendHrr:
+ return message == client_hello ||
+ message == hello_retry_request;
+ case ExtensionSendEncrypted:
+ return message == client_hello ||
+ message == encrypted_extensions;
+ case ExtensionNewSessionTicket:
+ return message == new_session_ticket;
+ case ExtensionSendCertificate:
+ return message == client_hello ||
+ message == certificate;
+ }
+
+ PORT_Assert(0);
+
+ /* Not reached */
+ return PR_TRUE;
+}
+
+/* TLS 1.3 doesn't actually have additional data but the aead function
+ * signature overloads additional data to carry the record sequence
+ * number and that's what we put here. The TLS 1.3 AEAD functions
+ * just use this input as the sequence number and not as additional
+ * data. */
+static void
+tls13_FormatAdditionalData(PRUint8 *aad, unsigned int length,
+ sslSequenceNumber seqNum)
+{
+ PRUint8 *ptr = aad;
+
+ PORT_Assert(length == 8);
+ ptr = ssl_EncodeUintX(seqNum, 8, ptr);
+ PORT_Assert((ptr - aad) == length);
+}
+
+SECStatus
+tls13_ProtectRecord(sslSocket *ss,
+ ssl3CipherSpec *cwSpec,
+ SSL3ContentType type,
+ const SSL3Opaque *pIn,
+ PRUint32 contentLen,
+ sslBuffer *wrBuf)
+{
+ const ssl3BulkCipherDef *cipher_def = cwSpec->cipher_def;
+ const int tagLen = cipher_def->tag_size;
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: spec=%d (%s) protect record 0x%0llx len=%u",
+ SSL_GETPID(), ss->fd, cwSpec, cwSpec->phase,
+ cwSpec->write_seq_num, contentLen));
+
+ if (contentLen + 1 + tagLen > wrBuf->space) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /* Copy the data into the wrBuf. We're going to encrypt in-place
+ * in the AEAD branch anyway */
+ PORT_Memcpy(wrBuf->buf, pIn, contentLen);
+
+ if (cipher_def->calg == ssl_calg_null) {
+ /* Shortcut for plaintext */
+ wrBuf->len = contentLen;
+ } else {
+ PRUint8 aad[8];
+ PORT_Assert(cipher_def->type == type_aead);
+
+ /* Add the content type at the end. */
+ wrBuf->buf[contentLen] = type;
+
+ tls13_FormatAdditionalData(aad, sizeof(aad), cwSpec->write_seq_num);
+ rv = cwSpec->aead(
+ ss->sec.isServer ? &cwSpec->server : &cwSpec->client,
+ PR_FALSE, /* do encrypt */
+ wrBuf->buf, /* output */
+ (int *)&wrBuf->len, /* out len */
+ wrBuf->space, /* max out */
+ wrBuf->buf, contentLen + 1, /* input */
+ aad, sizeof(aad));
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE);
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/* Unprotect a TLS 1.3 record and leave the result in plaintext.
+ *
+ * Called by ssl3_HandleRecord. Caller must hold the spec read lock.
+ * Therefore, we MUST not call SSL3_SendAlert().
+ *
+ * If SECFailure is returned, we:
+ * 1. Set |*alert| to the alert to be sent.
+ * 2. Call PORT_SetError() witn an appropriate code.
+ */
+SECStatus
+tls13_UnprotectRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *plaintext,
+ SSL3AlertDescription *alert)
+{
+ ssl3CipherSpec *crSpec = ss->ssl3.crSpec;
+ const ssl3BulkCipherDef *cipher_def = crSpec->cipher_def;
+ PRUint8 aad[8];
+ SECStatus rv;
+
+ *alert = bad_record_mac; /* Default alert for most issues. */
+
+ SSL_TRC(3, ("%d: TLS13[%d]: spec=%d (%s) unprotect record 0x%0llx len=%u",
+ SSL_GETPID(), ss->fd, crSpec, crSpec->phase,
+ crSpec->read_seq_num, cText->buf->len));
+
+ /* We can perform this test in variable time because the record's total
+ * length and the ciphersuite are both public knowledge. */
+ if (cText->buf->len < cipher_def->tag_size) {
+ SSL_TRC(3,
+ ("%d: TLS13[%d]: record too short to contain valid AEAD data",
+ SSL_GETPID(), ss->fd));
+ PORT_SetError(SSL_ERROR_BAD_MAC_READ);
+ return SECFailure;
+ }
+
+ /* Verify that the content type is right, even though we overwrite it. */
+ if (cText->type != content_application_data) {
+ SSL_TRC(3,
+ ("%d: TLS13[%d]: record has invalid exterior content type=%d",
+ SSL_GETPID(), ss->fd, cText->type));
+ /* Do we need a better error here? */
+ PORT_SetError(SSL_ERROR_BAD_MAC_READ);
+ return SECFailure;
+ }
+
+ /* Check the version number in the record */
+ if ((IS_DTLS(ss) && cText->version != kDtlsRecordVersion) ||
+ (!IS_DTLS(ss) && cText->version != kTlsRecordVersion)) {
+ /* Do we need a better error here? */
+ SSL_TRC(3,
+ ("%d: TLS13[%d]: record has bogus version",
+ SSL_GETPID(), ss->fd));
+ return SECFailure;
+ }
+
+ /* Decrypt */
+ PORT_Assert(cipher_def->type == type_aead);
+ tls13_FormatAdditionalData(aad, sizeof(aad),
+ IS_DTLS(ss) ? cText->seq_num
+ : crSpec->read_seq_num);
+ rv = crSpec->aead(
+ ss->sec.isServer ? &crSpec->client : &crSpec->server,
+ PR_TRUE, /* do decrypt */
+ plaintext->buf, /* out */
+ (int *)&plaintext->len, /* outlen */
+ plaintext->space, /* maxout */
+ cText->buf->buf, /* in */
+ cText->buf->len, /* inlen */
+ aad, sizeof(aad));
+ if (rv != SECSuccess) {
+ SSL_TRC(3,
+ ("%d: TLS13[%d]: record has bogus MAC",
+ SSL_GETPID(), ss->fd));
+ PORT_SetError(SSL_ERROR_BAD_MAC_READ);
+ return SECFailure;
+ }
+
+ /* The record is right-padded with 0s, followed by the true
+ * content type, so read from the right until we receive a
+ * nonzero byte. */
+ while (plaintext->len > 0 && !(plaintext->buf[plaintext->len - 1])) {
+ --plaintext->len;
+ }
+
+ /* Bogus padding. */
+ if (plaintext->len < 1) {
+ SSL_TRC(3,
+ ("%d: TLS13[%d]: empty record",
+ SSL_GETPID(), ss->fd, cText->type));
+ /* It's safe to report this specifically because it happened
+ * after the MAC has been verified. */
+ PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
+ return SECFailure;
+ }
+
+ /* Record the type. */
+ cText->type = plaintext->buf[plaintext->len - 1];
+ --plaintext->len;
+
+ SSL_TRC(10,
+ ("%d: TLS13[%d]: %s received record of length=%d type=%d",
+ SSL_GETPID(), ss->fd, SSL_ROLE(ss),
+ plaintext->len, cText->type));
+
+ return SECSuccess;
+}
+
+/* 0-RTT is only permitted if:
+ *
+ * 1. We are doing TLS 1.3
+ * 2. This isn't a second ClientHello (in response to HelloRetryRequest)
+ * 3. The 0-RTT option is set.
+ * 4. We have a valid ticket.
+ * 5. The server is willing to accept 0-RTT.
+ * 6. We have not changed our ALPN settings to disallow the ALPN tag
+ * in the ticket.
+ *
+ * Called from tls13_ClientSendEarlyDataXtn().
+ */
+PRBool
+tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid)
+{
+ /* We checked that the cipher suite was still allowed back in
+ * ssl3_SendClientHello. */
+ if (sid->version < SSL_LIBRARY_VERSION_TLS_1_3)
+ return PR_FALSE;
+ if (ss->ssl3.hs.helloRetry)
+ return PR_FALSE;
+ if (!ss->opt.enable0RttData)
+ return PR_FALSE;
+ if (!ss->statelessResume)
+ return PR_FALSE;
+ if ((sid->u.ssl3.locked.sessionTicket.flags & ticket_allow_early_data) == 0)
+ return PR_FALSE;
+ return tls13_AlpnTagAllowed(ss, &sid->u.ssl3.alpnSelection);
+}
+
+SECStatus
+tls13_MaybeDo0RTTHandshake(sslSocket *ss)
+{
+ SECStatus rv;
+
+ /* Don't do anything if there is no early_data xtn, which means we're
+ * not doing early data. */
+ if (!ssl3_ClientExtensionAdvertised(ss, ssl_tls13_early_data_xtn)) {
+ return SECSuccess;
+ }
+
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_sent;
+ ss->ssl3.hs.zeroRttSuite = ss->ssl3.hs.cipher_suite;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: in 0-RTT mode", SSL_GETPID(), ss->fd));
+
+ /* Set the ALPN data as if it was negotiated. We check in the ServerHello
+ * handler that the server negotiates the same value. */
+ if (ss->sec.ci.sid->u.ssl3.alpnSelection.len) {
+ ss->xtnData.nextProtoState = SSL_NEXT_PROTO_EARLY_VALUE;
+ rv = SECITEM_CopyItem(NULL, &ss->xtnData.nextProto,
+ &ss->sec.ci.sid->u.ssl3.alpnSelection);
+ if (rv != SECSuccess)
+ return rv;
+ }
+
+ /* Null spec... */
+ ssl_GetSpecReadLock(ss);
+ ss->ssl3.hs.nullSpec = ss->ssl3.cwSpec;
+ tls13_CipherSpecAddRef(ss->ssl3.hs.nullSpec);
+ ssl_ReleaseSpecReadLock(ss);
+
+ /* Cipher suite already set in tls13_SetupClientHello. */
+ ss->ssl3.hs.preliminaryInfo = 0; /* TODO(ekr@rtfm.com) Fill this in.
+ * bug 1281255. */
+
+ rv = tls13_DeriveSecret(ss, ss->ssl3.hs.currentSecret,
+ kHkdfLabelClient,
+ kHkdfLabelEarlyTrafficSecret,
+ NULL,
+ &ss->ssl3.hs.clientEarlyTrafficSecret);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyEarlyApplicationData,
+ CipherSpecWrite, PR_TRUE);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+
+ return SECSuccess;
+}
+
+PRInt32
+tls13_Read0RttData(sslSocket *ss, void *buf, PRInt32 len)
+{
+ TLS13EarlyData *msg;
+
+ PORT_Assert(!PR_CLIST_IS_EMPTY(&ss->ssl3.hs.bufferedEarlyData));
+ msg = (TLS13EarlyData *)PR_NEXT_LINK(&ss->ssl3.hs.bufferedEarlyData);
+
+ PR_REMOVE_LINK(&msg->link);
+ if (msg->data.len > len) {
+ PORT_SetError(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
+ return SECFailure;
+ }
+ len = msg->data.len;
+
+ PORT_Memcpy(buf, msg->data.data, msg->data.len);
+ SECITEM_ZfreeItem(&msg->data, PR_FALSE);
+ PORT_ZFree(msg, sizeof(*msg));
+
+ return len;
+}
+
+/* 0-RTT data will be followed by a different cipher spec; this resets the
+ * current spec to the null spec so that the following state can be set as
+ * though 0-RTT didn't happen. TODO: work out if this is the best plan. */
+static void
+tls13_SetNullCipherSpec(sslSocket *ss, ssl3CipherSpec **specp)
+{
+ PORT_Assert(ss->ssl3.hs.nullSpec);
+
+ ssl_GetSpecWriteLock(ss);
+ tls13_CipherSpecRelease(*specp);
+ *specp = ss->ssl3.hs.nullSpec;
+ ssl_ReleaseSpecWriteLock(ss);
+ ss->ssl3.hs.nullSpec = NULL;
+}
+
+static SECStatus
+tls13_SendEndOfEarlyData(sslSocket *ss)
+{
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send end_of_early_data extension",
+ SSL_GETPID(), ss->fd));
+
+ rv = SSL3_SendAlert(ss, alert_warning, end_of_early_data);
+ if (rv != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_done;
+ return SECSuccess;
+}
+
+SECStatus
+tls13_HandleEndOfEarlyData(sslSocket *ss)
+{
+ SECStatus rv;
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3 ||
+ ss->ssl3.hs.zeroRttState != ssl_0rtt_accepted) {
+ (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+ PORT_SetError(SSL_ERROR_END_OF_EARLY_DATA_ALERT);
+ return SECFailure;
+ }
+
+ PORT_Assert(TLS13_IN_HS_STATE(ss, ss->opt.requestCertificate ? wait_client_cert : wait_finished));
+
+ if (IS_DTLS(ss)) {
+ /* Reset the cipher spec so that the epoch counter is properly reset. */
+ tls13_SetNullCipherSpec(ss, &ss->ssl3.crSpec);
+ }
+
+ rv = tls13_SetCipherSpec(ss, TrafficKeyHandshake,
+ CipherSpecRead, PR_FALSE);
+ if (rv != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ ss->ssl3.hs.zeroRttState = ssl_0rtt_done;
+ return SECSuccess;
+}
+
+SECStatus
+tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf)
+{
+ TLS13EarlyData *ed;
+ SECItem it = { siBuffer, NULL, 0 };
+
+ PORT_Assert(ss->sec.isServer);
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted);
+ if (ss->ssl3.hs.zeroRttState != ssl_0rtt_accepted) {
+ /* Belt and suspenders. */
+ FATAL_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE, internal_error);
+ return SECFailure;
+ }
+
+ PRINT_BUF(3, (NULL, "Received early application data",
+ origBuf->buf, origBuf->len));
+ ed = PORT_ZNew(TLS13EarlyData);
+ if (!ed) {
+ FATAL_ERROR(ss, SEC_ERROR_NO_MEMORY, internal_error);
+ return SECFailure;
+ }
+ it.data = origBuf->buf;
+ it.len = origBuf->len;
+ if (SECITEM_CopyItem(NULL, &ed->data, &it) != SECSuccess) {
+ FATAL_ERROR(ss, SEC_ERROR_NO_MEMORY, internal_error);
+ return SECFailure;
+ }
+ PR_APPEND_LINK(&ed->link, &ss->ssl3.hs.bufferedEarlyData);
+
+ origBuf->len = 0; /* So ssl3_GatherAppDataRecord will keep looping. */
+
+ return SECSuccess;
+}
+
+PRUint16
+tls13_EncodeDraftVersion(SSL3ProtocolVersion version)
+{
+#ifdef TLS_1_3_DRAFT_VERSION
+ if (version == SSL_LIBRARY_VERSION_TLS_1_3) {
+ return 0x7f00 | TLS_1_3_DRAFT_VERSION;
+ }
+#endif
+ return (PRUint16)version;
+}
+
+/* Pick the highest version we support that is also advertised. */
+SECStatus
+tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supported_versions)
+{
+ PRUint16 version;
+ /* Make a copy so we're nondestructive*/
+ SECItem data = supported_versions->data;
+ SECItem versions;
+ SECStatus rv;
+
+ rv = ssl3_ConsumeHandshakeVariable(ss, &versions, 1,
+ &data.data, &data.len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ if (data.len || !versions.len || (versions.len & 1)) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CLIENT_HELLO, illegal_parameter);
+ return SECFailure;
+ }
+ for (version = ss->vrange.max; version >= ss->vrange.min; --version) {
+ PRUint16 wire = tls13_EncodeDraftVersion(version);
+ unsigned long offset;
+
+ for (offset = 0; offset < versions.len; offset += 2) {
+ PRUint16 supported =
+ (versions.data[offset] << 8) | versions.data[offset + 1];
+ if (supported == wire) {
+ ss->version = version;
+ return SECSuccess;
+ }
+ }
+ }
+
+ FATAL_ERROR(ss, SSL_ERROR_UNSUPPORTED_VERSION, protocol_version);
+ return SECFailure;
+}
diff --git a/security/nss/lib/ssl/tls13con.h b/security/nss/lib/ssl/tls13con.h
new file mode 100644
index 000000000..c39c62a69
--- /dev/null
+++ b/security/nss/lib/ssl/tls13con.h
@@ -0,0 +1,88 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __tls13con_h_
+#define __tls13con_h_
+
+typedef enum {
+ StaticSharedSecret,
+ EphemeralSharedSecret
+} SharedSecretType;
+
+#define TLS13_MAX_FINISHED_SIZE 64
+
+SECStatus tls13_UnprotectRecord(
+ sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *plaintext,
+ SSL3AlertDescription *alert);
+
+#if defined(WIN32)
+#define __func__ __FUNCTION__
+#endif
+
+void tls13_SetHsState(sslSocket *ss, SSL3WaitState ws,
+ const char *func, const char *file, int line);
+#define TLS13_SET_HS_STATE(ss, ws) \
+ tls13_SetHsState(ss, ws, __func__, __FILE__, __LINE__)
+
+/* Return PR_TRUE if the socket is in one of the given states, else return
+ * PR_FALSE. Only call the macro not the function, because the trailing
+ * wait_invalid is needed to terminate the argument list. */
+PRBool tls13_InHsState(sslSocket *ss, ...);
+#define TLS13_IN_HS_STATE(ss, ...) \
+ tls13_InHsState(ss, __VA_ARGS__, wait_invalid)
+
+SSLHashType tls13_GetHashForCipherSuite(ssl3CipherSuite suite);
+SSLHashType tls13_GetHash(const sslSocket *ss);
+unsigned int tls13_GetHashSizeForHash(SSLHashType hash);
+unsigned int tls13_GetHashSize(const sslSocket *ss);
+CK_MECHANISM_TYPE tls13_GetHkdfMechanism(sslSocket *ss);
+void tls13_FatalError(sslSocket *ss, PRErrorCode prError,
+ SSL3AlertDescription desc);
+SECStatus tls13_SetupClientHello(sslSocket *ss);
+SECStatus tls13_MaybeDo0RTTHandshake(sslSocket *ss);
+PRBool tls13_AllowPskCipher(const sslSocket *ss,
+ const ssl3CipherSuiteDef *cipher_def);
+PRBool tls13_PskSuiteEnabled(sslSocket *ss);
+SECStatus tls13_ComputePskBinder(sslSocket *ss, PRBool sending,
+ unsigned int prefixLength,
+ PRUint8 *output, unsigned int *outputLen,
+ unsigned int maxOutputLen);
+SECStatus tls13_HandleClientHelloPart2(sslSocket *ss,
+ const SECItem *suites,
+ sslSessionID *sid);
+SECStatus tls13_HandleServerHelloPart2(sslSocket *ss);
+SECStatus tls13_HandlePostHelloHandshakeMessage(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length,
+ SSL3Hashes *hashesPtr);
+SECStatus tls13_HandleHelloRetryRequest(sslSocket *ss, SSL3Opaque *b,
+ PRUint32 length);
+void tls13_DestroyKeyShareEntry(TLS13KeyShareEntry *entry);
+void tls13_DestroyKeyShares(PRCList *list);
+SECStatus tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef);
+void tls13_DestroyEarlyData(PRCList *list);
+void tls13_CipherSpecAddRef(ssl3CipherSpec *spec);
+void tls13_CipherSpecRelease(ssl3CipherSpec *spec);
+void tls13_DestroyCipherSpecs(PRCList *list);
+PRBool tls13_ExtensionAllowed(PRUint16 extension, SSL3HandshakeType message);
+SECStatus tls13_ProtectRecord(sslSocket *ss,
+ ssl3CipherSpec *cwSpec,
+ SSL3ContentType type,
+ const SSL3Opaque *pIn,
+ PRUint32 contentLen,
+ sslBuffer *wrBuf);
+PRInt32 tls13_Read0RttData(sslSocket *ss, void *buf, PRInt32 len);
+SECStatus tls13_HandleEndOfEarlyData(sslSocket *ss);
+SECStatus tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf);
+PRBool tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid);
+PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version);
+PRUint16 tls13_DecodeDraftVersion(PRUint16 version);
+SECStatus tls13_NegotiateVersion(sslSocket *ss,
+ const TLSExtension *supported_versions);
+SECStatus tls13_SendNewSessionTicket(sslSocket *ss);
+
+#endif /* __tls13con_h_ */
diff --git a/security/nss/lib/ssl/tls13exthandle.c b/security/nss/lib/ssl/tls13exthandle.c
new file mode 100644
index 000000000..be93b97db
--- /dev/null
+++ b/security/nss/lib/ssl/tls13exthandle.c
@@ -0,0 +1,1169 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssrenam.h"
+#include "nss.h"
+#include "ssl.h"
+#include "sslproto.h"
+#include "sslimpl.h"
+#include "pk11pub.h"
+#include "ssl3ext.h"
+#include "ssl3exthandle.h"
+#include "tls13exthandle.h"
+
+PRInt32
+tls13_ServerSendStatusRequestXtn(
+ const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ const sslServerCert *serverCert = ss->sec.serverCert;
+ const SECItem *item;
+ SECStatus rv;
+
+ if (!serverCert->certStatusArray ||
+ !serverCert->certStatusArray->len) {
+ return 0;
+ }
+
+ item = &serverCert->certStatusArray->items[0];
+
+ /* Only send the first entry. */
+ extension_length = 2 + 2 + 1 /* status_type */ + 3 + item->len;
+ if (maxBytes < (PRUint32)extension_length) {
+ return 0;
+ }
+ if (append) {
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_cert_status_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* length of extension_data */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess)
+ return -1;
+ /* status_type == ocsp */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 1 /*ocsp*/, 1);
+ if (rv != SECSuccess)
+ return rv; /* err set by AppendHandshake. */
+ /* opaque OCSPResponse<1..2^24-1> */
+ rv = ssl3_ExtAppendHandshakeVariable(ss, item->data, item->len, 3);
+ if (rv != SECSuccess)
+ return rv; /* err set by AppendHandshake. */
+ }
+
+ return extension_length;
+}
+
+/*
+ * [draft-ietf-tls-tls13-11] Section 6.3.2.3.
+ *
+ * struct {
+ * NamedGroup group;
+ * opaque key_exchange<1..2^16-1>;
+ * } KeyShareEntry;
+ *
+ * struct {
+ * select (role) {
+ * case client:
+ * KeyShareEntry client_shares<4..2^16-1>;
+ *
+ * case server:
+ * KeyShareEntry server_share;
+ * }
+ * } KeyShare;
+ *
+ * DH is Section 6.3.2.3.1.
+ *
+ * opaque dh_Y<1..2^16-1>;
+ *
+ * ECDH is Section 6.3.2.3.2.
+ *
+ * opaque point <1..2^8-1>;
+ */
+static PRUint32
+tls13_SizeOfKeyShareEntry(const SECKEYPublicKey *pubKey)
+{
+ /* Size = NamedGroup(2) + length(2) + opaque<?> share */
+ switch (pubKey->keyType) {
+ case ecKey:
+ return 2 + 2 + pubKey->u.ec.publicValue.len;
+ case dhKey:
+ return 2 + 2 + pubKey->u.dh.prime.len;
+ default:
+ PORT_Assert(0);
+ }
+ return 0;
+}
+
+static PRUint32
+tls13_SizeOfClientKeyShareExtension(const sslSocket *ss)
+{
+ PRCList *cursor;
+ /* Size is: extension(2) + extension_len(2) + client_shares(2) */
+ PRUint32 size = 2 + 2 + 2;
+ for (cursor = PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+ cursor != &ss->ephemeralKeyPairs;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslEphemeralKeyPair *keyPair = (sslEphemeralKeyPair *)cursor;
+ size += tls13_SizeOfKeyShareEntry(keyPair->keys->pubKey);
+ }
+ return size;
+}
+
+static SECStatus
+tls13_EncodeKeyShareEntry(const sslSocket *ss, const sslEphemeralKeyPair *keyPair)
+{
+ SECStatus rv;
+ SECKEYPublicKey *pubKey = keyPair->keys->pubKey;
+ unsigned int size = tls13_SizeOfKeyShareEntry(pubKey);
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, keyPair->group->name, 2);
+ if (rv != SECSuccess)
+ return rv;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, size - 4, 2);
+ if (rv != SECSuccess)
+ return rv;
+
+ switch (pubKey->keyType) {
+ case ecKey:
+ rv = tls13_EncodeECDHEKeyShareKEX(ss, pubKey);
+ break;
+ case dhKey:
+ rv = ssl_AppendPaddedDHKeyShare(ss, pubKey, PR_FALSE);
+ break;
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ break;
+ }
+
+ return rv;
+}
+
+PRInt32
+tls13_ClientSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRUint32 extension_length;
+
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return 0;
+ }
+
+ /* Optimistically try to send an ECDHE key using the
+ * preexisting key (in future will be keys) */
+ SSL_TRC(3, ("%d: TLS13[%d]: send client key share xtn",
+ SSL_GETPID(), ss->fd));
+
+ extension_length = tls13_SizeOfClientKeyShareExtension(ss);
+ if (maxBytes < extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+ PRCList *cursor;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_key_share_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* The extension length */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* The length of KeyShares */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 6, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ for (cursor = PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+ cursor != &ss->ephemeralKeyPairs;
+ cursor = PR_NEXT_LINK(cursor)) {
+ sslEphemeralKeyPair *keyPair = (sslEphemeralKeyPair *)cursor;
+ rv = tls13_EncodeKeyShareEntry(ss, keyPair);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_tls13_key_share_xtn;
+ }
+
+ return extension_length;
+
+loser:
+ return -1;
+}
+
+static SECStatus
+tls13_HandleKeyShareEntry(const sslSocket *ss, TLSExtensionData *xtnData, SECItem *data)
+{
+ SECStatus rv;
+ PRInt32 group;
+ const sslNamedGroupDef *groupDef;
+ TLS13KeyShareEntry *ks = NULL;
+ SECItem share = { siBuffer, NULL, 0 };
+
+ group = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (group < 0) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
+ goto loser;
+ }
+ groupDef = ssl_LookupNamedGroup(group);
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &share, 2, &data->data,
+ &data->len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* If the group is disabled, continue. */
+ if (!groupDef) {
+ return SECSuccess;
+ }
+
+ ks = PORT_ZNew(TLS13KeyShareEntry);
+ if (!ks)
+ goto loser;
+ ks->group = groupDef;
+
+ rv = SECITEM_CopyItem(NULL, &ks->key_exchange, &share);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PR_APPEND_LINK(&ks->link, &xtnData->remoteKeyShares);
+ return SECSuccess;
+
+loser:
+ if (ks)
+ tls13_DestroyKeyShareEntry(ks);
+ return SECFailure;
+}
+/* Handle an incoming KeyShare extension at the client and copy to
+ * |xtnData->remoteKeyShares| for future use. The key
+ * share is processed in tls13_HandleServerKeyShare(). */
+SECStatus
+tls13_ClientHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ PORT_Assert(PR_CLIST_IS_EMPTY(&xtnData->remoteKeyShares));
+
+ PORT_Assert(!ss->sec.isServer);
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* This can't happen because the extension processing
+ * code filters out TLS 1.3 extensions when not in
+ * TLS 1.3 mode. */
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle key_share extension",
+ SSL_GETPID(), ss->fd));
+
+ rv = tls13_HandleKeyShareEntry(ss, xtnData, data);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
+ return SECFailure;
+ }
+
+ if (data->len) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+tls13_ClientHandleKeyShareXtnHrr(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ PRInt32 tmp;
+ const sslNamedGroupDef *group;
+
+ PORT_Assert(!ss->sec.isServer);
+ PORT_Assert(ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3);
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle key_share extension in HRR",
+ SSL_GETPID(), ss->fd));
+
+ tmp = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (tmp < 0) {
+ return SECFailure; /* error code already set */
+ }
+ if (data->len) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST);
+ return SECFailure;
+ }
+
+ group = ssl_LookupNamedGroup((SSLNamedGroup)tmp);
+ /* If the group is not enabled, or we already have a share for the
+ * requested group, abort. */
+ if (!ssl_NamedGroupEnabled(ss, group) ||
+ ssl_HaveEphemeralKeyPair(ss, group)) {
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST);
+ return SECFailure;
+ }
+
+ /* Now delete all the key shares per [draft-ietf-tls-tls13 S 4.1.2] */
+ ssl_FreeEphemeralKeyPairs(CONST_CAST(sslSocket, ss));
+
+ /* And replace with our new share. */
+ rv = tls13_CreateKeyShare(CONST_CAST(sslSocket, ss), group);
+ if (rv != SECSuccess) {
+ ssl3_ExtSendAlert(ss, alert_fatal, internal_error);
+ PORT_SetError(SEC_ERROR_KEYGEN_FAIL);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+/* Handle an incoming KeyShare extension at the server and copy to
+ * |xtnData->remoteKeyShares| for future use. The key
+ * share is processed in tls13_HandleClientKeyShare(). */
+SECStatus
+tls13_ServerHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+ PRInt32 length;
+
+ PORT_Assert(ss->sec.isServer);
+ PORT_Assert(PR_CLIST_IS_EMPTY(&xtnData->remoteKeyShares));
+
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle key_share extension",
+ SSL_GETPID(), ss->fd));
+
+ /* Redundant length because of TLS encoding (this vector consumes
+ * the entire extension.) */
+ length = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data,
+ &data->len);
+ if (length < 0)
+ goto loser;
+ if (length != data->len) {
+ /* Check for consistency */
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
+ goto loser;
+ }
+
+ while (data->len) {
+ rv = tls13_HandleKeyShareEntry(ss, xtnData, data);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ /* Check that the client only offered one share if this is
+ * after HRR. */
+ if (ss->ssl3.hs.helloRetry) {
+ if (PR_PREV_LINK(&xtnData->remoteKeyShares) !=
+ PR_NEXT_LINK(&xtnData->remoteKeyShares)) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+ goto loser;
+ }
+ }
+
+ return SECSuccess;
+
+loser:
+ tls13_DestroyKeyShares(&xtnData->remoteKeyShares);
+ return SECFailure;
+}
+
+PRInt32
+tls13_ServerSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRUint32 extension_length;
+ PRUint32 entry_length;
+ SECStatus rv;
+ sslEphemeralKeyPair *keyPair;
+
+ /* There should be exactly one key share. */
+ PORT_Assert(!PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+ PORT_Assert(PR_PREV_LINK(&ss->ephemeralKeyPairs) ==
+ PR_NEXT_LINK(&ss->ephemeralKeyPairs));
+
+ keyPair = (sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+
+ entry_length = tls13_SizeOfKeyShareEntry(keyPair->keys->pubKey);
+ extension_length = 2 + 2 + entry_length; /* Type + length + entry_length */
+ if (maxBytes < extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_key_share_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, entry_length, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ rv = tls13_EncodeKeyShareEntry(ss, keyPair);
+ if (rv != SECSuccess)
+ goto loser;
+ }
+
+ return extension_length;
+
+loser:
+ return -1;
+}
+
+/* Called by clients.
+ *
+ * struct {
+ * opaque identity<0..2^16-1>;
+ * uint32 obfuscated_ticket_age;
+ * } PskIdentity;
+ *
+ * opaque PskBinderEntry<32..255>;
+ *
+ * struct {
+ * select (Handshake.msg_type) {
+ * case client_hello:
+ * PskIdentity identities<6..2^16-1>;
+ * PskBinderEntry binders<33..2^16-1>;
+ *
+ * case server_hello:
+ * uint16 selected_identity;
+ * };
+ *
+ * } PreSharedKeyExtension;
+
+ * Presently the only way to get a PSK is by resumption, so this is
+ * really a ticket label and there will be at most one.
+ */
+PRInt32
+tls13_ClientSendPreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length;
+ PRInt32 identities_length;
+ PRInt32 binders_length;
+ NewSessionTicket *session_ticket;
+
+ /* We only set statelessResume on the client in TLS 1.3 code. */
+ if (!ss->statelessResume)
+ return 0;
+
+ PORT_Assert(ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3);
+
+ /* The length computations are simplified by the fact that there
+ * is just one ticket at most. */
+ session_ticket = &ss->sec.ci.sid->u.ssl3.locked.sessionTicket;
+ identities_length =
+ 2 + /* vector length */
+ 2 + session_ticket->ticket.len + /* identity length + ticket len */
+ 4; /* obfuscated_ticket_age */
+ binders_length =
+ 2 + /* vector length */
+ 1 + tls13_GetHashSizeForHash(
+ tls13_GetHashForCipherSuite(ss->sec.ci.sid->u.ssl3.cipherSuite));
+ extension_length =
+ 2 + 2 + /* Type + length */
+ identities_length + binders_length;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+ PRUint32 age;
+ unsigned int prefixLength;
+ PRUint8 binder[TLS13_MAX_FINISHED_SIZE];
+ unsigned int binderLen;
+
+ /* extension_type */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_pre_shared_key_xtn, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_length - 4, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, identities_length - 2, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_ExtAppendHandshakeVariable(ss, session_ticket->ticket.data,
+ session_ticket->ticket.len, 2);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Obfuscated age. */
+ age = ssl_Time() - session_ticket->received_timestamp;
+ age += session_ticket->ticket_age_add;
+ rv = ssl3_ExtAppendHandshakeNumber(ss, age, 4);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* Now the binders. */
+ prefixLength = ss->ssl3.hs.messages.len;
+ rv = tls13_ComputePskBinder(CONST_CAST(sslSocket, ss), PR_TRUE,
+ prefixLength, binder, &binderLen,
+ sizeof(binder));
+ if (rv != SECSuccess)
+ goto loser;
+ PORT_Assert(binderLen == tls13_GetHashSize(ss));
+ rv = ssl3_ExtAppendHandshakeNumber(ss, binders_length - 2, 2);
+ if (rv != SECSuccess)
+ goto loser;
+ rv = ssl3_ExtAppendHandshakeVariable(ss,
+ binder, binderLen, 1);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PRINT_BUF(50, (ss, "Sending PreSharedKey value",
+ session_ticket->ticket.data,
+ session_ticket->ticket.len));
+
+ xtnData->sentSessionTicketInClientHello = PR_TRUE;
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_tls13_pre_shared_key_xtn;
+ }
+ return extension_length;
+
+loser:
+ xtnData->ticketTimestampVerified = PR_FALSE;
+ return -1;
+}
+
+/* Handle a TLS 1.3 PreSharedKey Extension. We only accept PSKs
+ * that contain session tickets. */
+SECStatus
+tls13_ServerHandlePreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ SECItem inner;
+ SECStatus rv;
+ unsigned int numIdentities = 0;
+ unsigned int numBinders = 0;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle pre_shared_key extension",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ /* Parse the identities list. */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss,
+ &inner, 2, &data->data, &data->len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ while (inner.len) {
+ SECItem label;
+ PRUint32 utmp;
+
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &label, 2,
+ &inner.data, &inner.len);
+ if (rv != SECSuccess)
+ return rv;
+ if (!label.len) {
+ goto alert_loser;
+ }
+
+ /* Read and discard session ticket age. Bug 1295163 */
+ rv = ssl3_ExtConsumeHandshake(ss, &utmp, 4,
+ &inner.data, &inner.len);
+ if (rv != SECSuccess)
+ return rv;
+
+ if (!numIdentities) {
+ PRINT_BUF(50, (ss, "Handling PreSharedKey value",
+ label.data, label.len));
+ rv = ssl3_ProcessSessionTicketCommon(
+ CONST_CAST(sslSocket, ss), &label);
+ /* This only happens if we have an internal error, not
+ * a malformed ticket. Bogus tickets just don't resume
+ * and return SECSuccess. */
+ if (rv != SECSuccess)
+ return SECFailure;
+ }
+ ++numIdentities;
+ }
+
+ xtnData->pskBinderPrefixLen = ss->ssl3.hs.messages.len - data->len;
+
+ /* Parse the binders list. */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss,
+ &inner, 2, &data->data, &data->len);
+ if (rv != SECSuccess)
+ return SECFailure;
+ if (data->len) {
+ goto alert_loser;
+ }
+
+ while (inner.len) {
+ SECItem binder;
+ rv = ssl3_ExtConsumeHandshakeVariable(ss, &binder, 1,
+ &inner.data, &inner.len);
+ if (rv != SECSuccess)
+ return rv;
+ if (binder.len < 32) {
+ goto alert_loser;
+ }
+
+ if (!numBinders) {
+ xtnData->pskBinder = binder;
+ }
+ ++numBinders;
+ }
+
+ if (numBinders != numIdentities)
+ goto alert_loser;
+
+ /* Keep track of negotiated extensions. Note that this does not
+ * mean we are resuming. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ return SECSuccess;
+
+alert_loser:
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
+ PORT_SetError(SSL_ERROR_MALFORMED_PRE_SHARED_KEY);
+ return SECFailure;
+}
+
+PRInt32
+tls13_ServerSendPreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extension_length =
+ 2 + 2 + 2; /* type + len + index */
+ SECStatus rv;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_pre_shared_key_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 2, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ /* We only process the first session ticket the client sends,
+ * so the index is always 0. */
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+
+ return extension_length;
+}
+
+/* Handle a TLS 1.3 PreSharedKey Extension. We only accept PSKs
+ * that contain session tickets. */
+SECStatus
+tls13_ClientHandlePreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ PRInt32 index;
+
+ SSL_TRC(3, ("%d: SSL3[%d]: handle pre_shared_key extension",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ index = ssl3_ExtConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
+ if (index < 0)
+ return SECFailure;
+
+ /* This should be the end of the extension. */
+ if (data->len) {
+ PORT_SetError(SSL_ERROR_MALFORMED_PRE_SHARED_KEY);
+ return SECFailure;
+ }
+
+ /* We only sent one PSK label so index must be equal to 0 */
+ if (index) {
+ PORT_SetError(SSL_ERROR_MALFORMED_PRE_SHARED_KEY);
+ return SECFailure;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ return SECSuccess;
+}
+
+/*
+ * struct { } EarlyDataIndication;
+ */
+PRInt32
+tls13_ClientSendEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ SECStatus rv;
+ PRInt32 extension_length;
+
+ if (!tls13_ClientAllow0Rtt(ss, ss->sec.ci.sid))
+ return 0;
+
+ /* type + length */
+ extension_length = 2 + 2;
+
+ if (maxBytes < (PRUint32)extension_length) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_early_data_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_tls13_early_data_xtn;
+
+ return extension_length;
+}
+
+SECStatus
+tls13_ServerHandleEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ SSL_TRC(3, ("%d: TLS13[%d]: handle early_data extension",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ if (data->len) {
+ PORT_SetError(SSL_ERROR_MALFORMED_EARLY_DATA);
+ return SECFailure;
+ }
+
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ return SECSuccess;
+}
+
+/* This is only registered if we are sending it. */
+PRInt32
+tls13_ServerSendEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes)
+{
+ SSL_TRC(3, ("%d: TLS13[%d]: send early_data extension",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted);
+ if (maxBytes < 4) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_early_data_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+
+ return 4;
+}
+
+/* This will only be called if we also offered the extension. */
+SECStatus
+tls13_ClientHandleEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ SSL_TRC(3, ("%d: TLS13[%d]: handle early_data extension",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ PORT_SetError(SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION);
+ return SECFailure;
+ }
+
+ if (data->len) {
+ PORT_SetError(SSL_ERROR_MALFORMED_EARLY_DATA);
+ return SECFailure;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ return SECSuccess;
+}
+
+SECStatus
+tls13_ClientHandleTicketEarlyDataInfoXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ PRUint32 utmp;
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle early_data_info extension",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ PORT_SetError(SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION);
+ return SECFailure;
+ }
+
+ rv = ssl3_ExtConsumeHandshake(ss, &utmp, sizeof(utmp),
+ &data->data, &data->len);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET);
+ return SECFailure;
+ }
+ if (data->len) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET);
+ return SECFailure;
+ }
+
+ xtnData->max_early_data_size = PR_ntohl(utmp);
+
+ return SECSuccess;
+}
+
+/*
+ * struct {
+ * ProtocolVersion versions<2..254>;
+ * } SupportedVersions;
+ */
+PRInt32
+tls13_ClientSendSupportedVersionsXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes)
+{
+ PRInt32 extensions_len;
+ PRUint16 version;
+ SECStatus rv;
+
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return 0;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send supported_versions extension",
+ SSL_GETPID(), ss->fd));
+
+ /* Extension type, extension len fiels, vector len field,
+ * length of the values. */
+ extensions_len = 2 + 2 + 1 +
+ 2 * (ss->vrange.max - ss->vrange.min + 1);
+
+ if (maxBytes < (PRUint32)extensions_len) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_supported_versions_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extensions_len - 4, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extensions_len - 5, 1);
+ if (rv != SECSuccess)
+ return -1;
+
+ for (version = ss->vrange.max; version >= ss->vrange.min; --version) {
+ rv = ssl3_ExtAppendHandshakeNumber(
+ ss, tls13_EncodeDraftVersion(version), 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+ }
+
+ return extensions_len;
+}
+
+/*
+ * struct {
+ * opaque cookie<1..2^16-1>;
+ * } Cookie;
+ */
+SECStatus
+tls13_ClientHandleHrrCookie(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle cookie extension",
+ SSL_GETPID(), ss->fd));
+
+ PORT_Assert(ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3);
+
+ /* IMPORTANT: this is only valid while the HelloRetryRequest is still valid. */
+ rv = ssl3_ExtConsumeHandshakeVariable(
+ ss, &CONST_CAST(sslSocket, ss)->ssl3.hs.cookie, 2,
+ &data->data, &data->len);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST);
+ return SECFailure;
+ }
+ if (!ss->ssl3.hs.cookie.len || data->len) {
+ ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+PRInt32
+tls13_ClientSendHrrCookieXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append, PRUint32 maxBytes)
+{
+ PRInt32 extension_len;
+
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3 ||
+ !ss->ssl3.hs.cookie.len) {
+ return 0;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send cookie extension", SSL_GETPID(), ss->fd));
+
+ /* Extension type, length, cookie length, cookie value. */
+ extension_len = 2 + 2 + 2 + ss->ssl3.hs.cookie.len;
+
+ if (maxBytes < (PRUint32)extension_len) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_cookie_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_len - 4, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeVariable(ss, ss->ssl3.hs.cookie.data,
+ ss->ssl3.hs.cookie.len, 2);
+ if (rv != SECSuccess)
+ return -1;
+ }
+ return extension_len;
+}
+
+/*
+ * enum { psk_ke(0), psk_dhe_ke(1), (255) } PskKeyExchangeMode;
+ *
+ * struct {
+ * PskKeyExchangeMode ke_modes<1..255>;
+ * } PskKeyExchangeModes;
+ */
+PRInt32
+tls13_ClientSendPskKeyExchangeModesXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes)
+{
+ static const PRUint8 ke_modes[] = { tls13_psk_dh_ke };
+ static const unsigned long ke_modes_len = sizeof(ke_modes);
+ PRInt32 extension_len;
+
+ if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3 ||
+ ss->opt.noCache) {
+ return 0;
+ }
+
+ extension_len =
+ 2 + 2 + /* Type + length */
+ 1 + ke_modes_len; /* key exchange modes vector */
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send psk key exchange modes extension",
+ SSL_GETPID(), ss->fd));
+
+ if (maxBytes < (PRUint32)extension_len) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv = ssl3_ExtAppendHandshakeNumber(
+ ss, ssl_tls13_psk_key_exchange_modes_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, extension_len - 4, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeVariable(
+ ss, ke_modes, ke_modes_len, 1);
+ if (rv != SECSuccess)
+ return -1;
+ }
+ return extension_len;
+}
+
+SECStatus
+tls13_ServerHandlePskKeyExchangeModesXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data)
+{
+ SECStatus rv;
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: handle PSK key exchange modes extension",
+ SSL_GETPID(), ss->fd));
+
+ /* IMPORTANT: We aren't copying these values, just setting pointers.
+ * They will only be valid as long as the ClientHello is in memory. */
+ rv = ssl3_ExtConsumeHandshakeVariable(ss,
+ &xtnData->psk_ke_modes, 1,
+ &data->data, &data->len);
+ if (rv != SECSuccess)
+ return rv;
+ if (!xtnData->psk_ke_modes.len || data->len) {
+ PORT_SetError(SSL_ERROR_MALFORMED_PSK_KEY_EXCHANGE_MODES);
+ return SECFailure;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ return SECSuccess;
+}
+
+PRInt32
+tls13_SendShortHeaderXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes)
+{
+ PRUint32 extension_len = 2 + 2; /* Type + length (0). */
+
+ if (!ss->opt.enableShortHeaders) {
+ return 0;
+ }
+
+ /* Presently this is incompatible with 0-RTT. We will fix if
+ * it becomes more than an experiment. */
+ if (ss->opt.enable0RttData) {
+ return 0;
+ }
+
+ if (IS_DTLS(ss)) {
+ return 0;
+ }
+
+ SSL_TRC(3, ("%d: TLS13[%d]: send short_header extension",
+ SSL_GETPID(), ss->fd));
+
+ if (maxBytes < extension_len) {
+ PORT_Assert(0);
+ return 0;
+ }
+
+ if (append) {
+ SECStatus rv;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, ssl_tls13_short_header_xtn, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ rv = ssl3_ExtAppendHandshakeNumber(ss, 0, 2);
+ if (rv != SECSuccess)
+ return -1;
+
+ xtnData->advertised[xtnData->numAdvertised++] =
+ ssl_tls13_short_header_xtn;
+ }
+
+ return extension_len;
+}
+
+SECStatus
+tls13_HandleShortHeaderXtn(
+ const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data)
+{
+ SSL_TRC(3, ("%d: TLS13[%d]: handle early_data extension",
+ SSL_GETPID(), ss->fd));
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ /* Presently this is incompatible with 0-RTT. We will fix if
+ * it becomes more than an experiment. */
+ if (ss->opt.enable0RttData) {
+ return SECSuccess;
+ }
+
+ if (IS_DTLS(ss)) {
+ PORT_SetError(SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION);
+ return SECFailure;
+ }
+
+ if (data->len) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
+ return SECFailure;
+ }
+
+ if (!ss->opt.enableShortHeaders) {
+ /* Ignore. */
+ return SECSuccess;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] = ex_type;
+
+ if (ss->sec.isServer) {
+ SECStatus rv;
+
+ rv = ssl3_RegisterExtensionSender(ss, xtnData,
+ ssl_tls13_short_header_xtn,
+ tls13_SendShortHeaderXtn);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/tls13exthandle.h b/security/nss/lib/ssl/tls13exthandle.h
new file mode 100644
index 000000000..b798c6b55
--- /dev/null
+++ b/security/nss/lib/ssl/tls13exthandle.h
@@ -0,0 +1,74 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __tls13exthandle_h_
+#define __tls13exthandle_h_
+
+PRInt32 tls13_ServerSendStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+PRInt32 tls13_ClientSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+SECStatus tls13_ClientHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+SECStatus tls13_ClientHandleKeyShareXtnHrr(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+SECStatus tls13_ServerHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+PRInt32 tls13_ServerSendKeyShareXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+PRInt32 tls13_ClientSendPreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRBool append,
+ PRUint32 maxBytes);
+SECStatus tls13_ServerHandlePreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+SECStatus tls13_ClientHandlePreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRUint16 ex_type,
+ SECItem *data);
+PRInt32 tls13_ServerSendPreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+PRInt32 tls13_ClientSendEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+SECStatus tls13_ServerHandleEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+SECStatus tls13_ClientHandleEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+PRInt32 tls13_ServerSendEarlyDataXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+SECStatus tls13_ClientHandleTicketEarlyDataInfoXtn(
+ const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+PRInt32 tls13_ClientSendSupportedVersionsXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+SECStatus tls13_ClientHandleHrrCookie(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+PRInt32 tls13_ClientSendHrrCookieXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ PRBool append,
+ PRUint32 maxBytes);
+PRInt32 tls13_ClientSendPskKeyExchangeModesXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+SECStatus tls13_ServerHandlePskKeyExchangeModesXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRUint16 ex_type, SECItem *data);
+PRInt32 tls13_SendShortHeaderXtn(const sslSocket *ss,
+ TLSExtensionData *xtnData,
+ PRBool append, PRUint32 maxBytes);
+SECStatus tls13_HandleShortHeaderXtn(
+ const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 ex_type,
+ SECItem *data);
+
+#endif
diff --git a/security/nss/lib/ssl/tls13hkdf.c b/security/nss/lib/ssl/tls13hkdf.c
new file mode 100644
index 000000000..7e69bb882
--- /dev/null
+++ b/security/nss/lib/ssl/tls13hkdf.c
@@ -0,0 +1,270 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * TLS 1.3 Protocol
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "keyhi.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "ssl.h"
+#include "sslt.h"
+#include "sslerr.h"
+#include "sslimpl.h"
+
+/* This table contains the mapping between TLS hash identifiers and the
+ * PKCS#11 identifiers */
+static const struct {
+ SSLHashType hash;
+ CK_MECHANISM_TYPE pkcs11Mech;
+ unsigned int hashSize;
+} kTlsHkdfInfo[] = {
+ { ssl_hash_none, 0, 0 },
+ { ssl_hash_md5, 0, 0 },
+ { ssl_hash_sha1, 0, 0 },
+ { ssl_hash_sha224, 0 },
+ { ssl_hash_sha256, CKM_NSS_HKDF_SHA256, 32 },
+ { ssl_hash_sha384, CKM_NSS_HKDF_SHA384, 48 },
+ { ssl_hash_sha512, CKM_NSS_HKDF_SHA512, 64 }
+};
+
+SECStatus
+tls13_HkdfExtract(PK11SymKey *ikm1, PK11SymKey *ikm2in, SSLHashType baseHash,
+ PK11SymKey **prkp)
+{
+ CK_NSS_HKDFParams params;
+ SECItem paramsi;
+ SECStatus rv;
+ SECItem *salt;
+ PK11SymKey *prk;
+ static const PRUint8 zeroKeyBuf[HASH_LENGTH_MAX];
+ PK11SymKey *zeroKey = NULL;
+ PK11SlotInfo *slot = NULL;
+ PK11SymKey *ikm2;
+
+ params.bExtract = CK_TRUE;
+ params.bExpand = CK_FALSE;
+ params.pInfo = NULL;
+ params.ulInfoLen = 0UL;
+
+ if (ikm1) {
+ /* TODO(ekr@rtfm.com): This violates the PKCS#11 key boundary
+ * but is imposed on us by the present HKDF interface. */
+ rv = PK11_ExtractKeyValue(ikm1);
+ if (rv != SECSuccess)
+ return rv;
+
+ salt = PK11_GetKeyData(ikm1);
+ if (!salt)
+ return SECFailure;
+
+ params.pSalt = salt->data;
+ params.ulSaltLen = salt->len;
+ PORT_Assert(salt->len > 0);
+ } else {
+ /* Per documentation for CKM_NSS_HKDF_*:
+ *
+ * If the optional salt is given, it is used; otherwise, the salt is
+ * set to a sequence of zeros equal in length to the HMAC output.
+ */
+ params.pSalt = NULL;
+ params.ulSaltLen = 0UL;
+ }
+ paramsi.data = (unsigned char *)&params;
+ paramsi.len = sizeof(params);
+
+ PORT_Assert(kTlsHkdfInfo[baseHash].pkcs11Mech);
+ PORT_Assert(kTlsHkdfInfo[baseHash].hashSize);
+ PORT_Assert(kTlsHkdfInfo[baseHash].hash == baseHash);
+
+ /* A zero ikm2 is a key of hash-length 0s. */
+ if (!ikm2in) {
+ SECItem zeroItem = {
+ siBuffer,
+ (unsigned char *)zeroKeyBuf,
+ kTlsHkdfInfo[baseHash].hashSize
+ };
+ slot = PK11_GetInternalSlot();
+ if (!slot) {
+ return SECFailure;
+ }
+ zeroKey = PK11_ImportSymKey(slot,
+ kTlsHkdfInfo[baseHash].pkcs11Mech,
+ PK11_OriginUnwrap,
+ CKA_DERIVE, &zeroItem, NULL);
+ if (!zeroKey)
+ return SECFailure;
+ ikm2 = zeroKey;
+ } else {
+ ikm2 = ikm2in;
+ }
+ PORT_Assert(ikm2);
+
+ PRINT_BUF(50, (NULL, "HKDF Extract: IKM1/Salt", params.pSalt, params.ulSaltLen));
+ PRINT_KEY(50, (NULL, "HKDF Extract: IKM2", ikm2));
+
+ prk = PK11_Derive(ikm2, kTlsHkdfInfo[baseHash].pkcs11Mech,
+ &paramsi, kTlsHkdfInfo[baseHash].pkcs11Mech,
+ CKA_DERIVE, kTlsHkdfInfo[baseHash].hashSize);
+ if (zeroKey)
+ PK11_FreeSymKey(zeroKey);
+ if (slot)
+ PK11_FreeSlot(slot);
+ if (!prk)
+ return SECFailure;
+
+ PRINT_KEY(50, (NULL, "HKDF Extract", prk));
+ *prkp = prk;
+
+ return SECSuccess;
+}
+
+SECStatus
+tls13_HkdfExpandLabel(PK11SymKey *prk, SSLHashType baseHash,
+ const PRUint8 *handshakeHash, unsigned int handshakeHashLen,
+ const char *label, unsigned int labelLen,
+ CK_MECHANISM_TYPE algorithm, unsigned int keySize,
+ PK11SymKey **keyp)
+{
+ CK_NSS_HKDFParams params;
+ SECItem paramsi = { siBuffer, NULL, 0 };
+ /* Size of info array needs to be big enough to hold the maximum Prefix,
+ * Label, plus HandshakeHash. If it's ever to small, the code will abort.
+ */
+ PRUint8 info[256];
+ PRUint8 *ptr = info;
+ unsigned int infoLen;
+ PK11SymKey *derived;
+ const char *kLabelPrefix = "TLS 1.3, ";
+ const unsigned int kLabelPrefixLen = strlen(kLabelPrefix);
+
+ if (handshakeHash) {
+ if (handshakeHashLen > 255) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ } else {
+ PORT_Assert(!handshakeHashLen);
+ }
+
+ /*
+ * [draft-ietf-tls-tls13-11] Section 7.1:
+ *
+ * HKDF-Expand-Label(Secret, Label, HashValue, Length) =
+ * HKDF-Expand(Secret, HkdfLabel, Length)
+ *
+ * Where HkdfLabel is specified as:
+ *
+ * struct HkdfLabel {
+ * uint16 length;
+ * opaque label<9..255>;
+ * opaque hash_value<0..255>;
+ * };
+ *
+ * Where:
+ * - HkdfLabel.length is Length
+ * - HkdfLabel.hash_value is HashValue.
+ * - HkdfLabel.label is "TLS 1.3, " + Label
+ *
+ */
+ infoLen = 2 + 1 + kLabelPrefixLen + labelLen + 1 + handshakeHashLen;
+ if (infoLen > sizeof(info)) {
+ PORT_Assert(0);
+ goto abort;
+ }
+
+ ptr = ssl_EncodeUintX(keySize, 2, ptr);
+ ptr = ssl_EncodeUintX(labelLen + kLabelPrefixLen, 1, ptr);
+ PORT_Memcpy(ptr, kLabelPrefix, kLabelPrefixLen);
+ ptr += kLabelPrefixLen;
+ PORT_Memcpy(ptr, label, labelLen);
+ ptr += labelLen;
+ ptr = ssl_EncodeUintX(handshakeHashLen, 1, ptr);
+ if (handshakeHash) {
+ PORT_Memcpy(ptr, handshakeHash, handshakeHashLen);
+ ptr += handshakeHashLen;
+ }
+ PORT_Assert((ptr - info) == infoLen);
+
+ params.bExtract = CK_FALSE;
+ params.bExpand = CK_TRUE;
+ params.pInfo = info;
+ params.ulInfoLen = infoLen;
+ paramsi.data = (unsigned char *)&params;
+ paramsi.len = sizeof(params);
+
+ derived = PK11_DeriveWithFlags(prk, kTlsHkdfInfo[baseHash].pkcs11Mech,
+ &paramsi, algorithm,
+ CKA_DERIVE, keySize,
+ CKF_SIGN | CKF_VERIFY);
+ if (!derived)
+ return SECFailure;
+
+ *keyp = derived;
+
+#ifdef TRACE
+ if (ssl_trace >= 10) {
+ /* Make sure the label is null terminated. */
+ char labelStr[100];
+ PORT_Memcpy(labelStr, label, labelLen);
+ labelStr[labelLen] = 0;
+ SSL_TRC(50, ("HKDF Expand: label=[TLS 1.3, ] + '%s',requested length=%d",
+ labelStr, keySize));
+ }
+ PRINT_KEY(50, (NULL, "PRK", prk));
+ PRINT_BUF(50, (NULL, "Hash", handshakeHash, handshakeHashLen));
+ PRINT_BUF(50, (NULL, "Info", info, infoLen));
+ PRINT_KEY(50, (NULL, "Derived key", derived));
+#endif
+
+ return SECSuccess;
+
+abort:
+ PORT_SetError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
+ return SECFailure;
+}
+
+SECStatus
+tls13_HkdfExpandLabelRaw(PK11SymKey *prk, SSLHashType baseHash,
+ const PRUint8 *handshakeHash, unsigned int handshakeHashLen,
+ const char *label, unsigned int labelLen,
+ unsigned char *output, unsigned int outputLen)
+{
+ PK11SymKey *derived = NULL;
+ SECItem *rawkey;
+ SECStatus rv;
+
+ rv = tls13_HkdfExpandLabel(prk, baseHash, handshakeHash, handshakeHashLen,
+ label, labelLen,
+ kTlsHkdfInfo[baseHash].pkcs11Mech, outputLen,
+ &derived);
+ if (rv != SECSuccess || !derived) {
+ goto abort;
+ }
+
+ rv = PK11_ExtractKeyValue(derived);
+ if (rv != SECSuccess) {
+ goto abort;
+ }
+
+ rawkey = PK11_GetKeyData(derived);
+ if (!rawkey) {
+ goto abort;
+ }
+
+ PORT_Assert(rawkey->len == outputLen);
+ memcpy(output, rawkey->data, outputLen);
+ PK11_FreeSymKey(derived);
+
+ return SECSuccess;
+
+abort:
+ if (derived) {
+ PK11_FreeSymKey(derived);
+ }
+ PORT_SetError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
+ return SECFailure;
+}
diff --git a/security/nss/lib/ssl/tls13hkdf.h b/security/nss/lib/ssl/tls13hkdf.h
new file mode 100644
index 000000000..78347a11d
--- /dev/null
+++ b/security/nss/lib/ssl/tls13hkdf.h
@@ -0,0 +1,38 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __tls13hkdf_h_
+#define __tls13hkdf_h_
+
+#include "keyhi.h"
+#include "sslt.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+SECStatus tls13_HkdfExtract(
+ PK11SymKey *ikm1, PK11SymKey *ikm2, SSLHashType baseHash,
+ PK11SymKey **prkp);
+SECStatus tls13_HkdfExpandLabelRaw(
+ PK11SymKey *prk, SSLHashType baseHash,
+ const PRUint8 *handshakeHash, unsigned int handshakeHashLen,
+ const char *label, unsigned int labelLen,
+ unsigned char *output, unsigned int outputLen);
+SECStatus tls13_HkdfExpandLabel(
+ PK11SymKey *prk, SSLHashType baseHash,
+ const PRUint8 *handshakeHash, unsigned int handshakeHashLen,
+ const char *label, unsigned int labelLen,
+ CK_MECHANISM_TYPE algorithm, unsigned int keySize,
+ PK11SymKey **keyp);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/security/nss/lib/ssl/unix_err.c b/security/nss/lib/ssl/unix_err.c
new file mode 100644
index 000000000..d4390b8c7
--- /dev/null
+++ b/security/nss/lib/ssl/unix_err.c
@@ -0,0 +1,837 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes. We would use
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * this code will continue to need to be replicated.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#if 0
+#include "primpl.h"
+#else
+#define _PR_POLL_AVAILABLE 1
+#include "prerror.h"
+#endif
+
+#if defined(__bsdi__) || defined(NTO) || defined(DARWIN) || defined(BEOS)
+#undef _PR_POLL_AVAILABLE
+#endif
+
+#if defined(_PR_POLL_AVAILABLE)
+#include <poll.h>
+#endif
+#include <errno.h>
+
+/* forward declarations. */
+void nss_MD_unix_map_default_error(int err);
+
+void
+nss_MD_unix_map_opendir_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_closedir_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_readdir_error(int err)
+{
+ PRErrorCode prError;
+
+ switch (err) {
+ case ENOENT:
+ prError = PR_NO_MORE_FILES_ERROR;
+ break;
+#ifdef EOVERFLOW
+ case EOVERFLOW:
+ prError = PR_IO_ERROR;
+ break;
+#endif
+ case EINVAL:
+ prError = PR_IO_ERROR;
+ break;
+ case ENXIO:
+ prError = PR_IO_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_unlink_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EPERM:
+ prError = PR_IS_DIRECTORY_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_stat_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_fstat_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_rename_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EEXIST:
+ prError = PR_DIRECTORY_NOT_EMPTY_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_access_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_mkdir_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_rmdir_error(int err)
+{
+ PRErrorCode prError;
+
+ switch (err) {
+ case EEXIST:
+ prError = PR_DIRECTORY_NOT_EMPTY_ERROR;
+ break;
+ case EINVAL:
+ prError = PR_DIRECTORY_NOT_EMPTY_ERROR;
+ break;
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_read_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_INVALID_METHOD_ERROR;
+ break;
+ case ENXIO:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_write_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_INVALID_METHOD_ERROR;
+ break;
+ case ENXIO:
+ prError = PR_INVALID_METHOD_ERROR;
+ break;
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_lseek_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_fsync_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ case EINVAL:
+ prError = PR_INVALID_METHOD_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_close_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_socket_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_socketavailable_error(int err)
+{
+ PR_SetError(PR_BAD_DESCRIPTOR_ERROR, err);
+}
+
+void
+nss_MD_unix_map_recv_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_recvfrom_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_send_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_sendto_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_writev_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_accept_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ENODEV:
+ prError = PR_NOT_TCP_SOCKET_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_connect_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EACCES:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+#if defined(UNIXWARE) || defined(SNI) || defined(NEC)
+ /*
+ * On some platforms, if we connect to a port on the local host
+ * (the loopback address) that no process is listening on, we get
+ * EIO instead of ECONNREFUSED.
+ */
+ case EIO:
+ prError = PR_CONNECT_REFUSED_ERROR;
+ break;
+#endif
+ case ELOOP:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case ENOENT:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case ENXIO:
+ prError = PR_IO_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_bind_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR;
+ break;
+ /*
+ * UNIX domain sockets are not supported in NSPR
+ */
+ case EIO:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case EISDIR:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case ELOOP:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case ENOENT:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case ENOTDIR:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case EROFS:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_listen_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_shutdown_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_socketpair_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_getsockname_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_getpeername_error(int err)
+{
+ PRErrorCode prError;
+
+ switch (err) {
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_getsockopt_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_BUFFER_OVERFLOW_ERROR;
+ break;
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_setsockopt_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_BUFFER_OVERFLOW_ERROR;
+ break;
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_open_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EAGAIN:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case EBUSY:
+ prError = PR_IO_ERROR;
+ break;
+ case ENODEV:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+ case ENOMEM:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case ETIMEDOUT:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_mmap_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EAGAIN:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case EMFILE:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case ENODEV:
+ prError = PR_OPERATION_NOT_SUPPORTED_ERROR;
+ break;
+ case ENXIO:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_gethostname_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+void
+nss_MD_unix_map_select_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+
+#ifdef _PR_POLL_AVAILABLE
+void
+nss_MD_unix_map_poll_error(int err)
+{
+ PRErrorCode prError;
+
+ switch (err) {
+ case EAGAIN:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_poll_revents_error(int err)
+{
+ if (err & POLLNVAL)
+ PR_SetError(PR_BAD_DESCRIPTOR_ERROR, EBADF);
+ else if (err & POLLHUP)
+ PR_SetError(PR_CONNECT_RESET_ERROR, EPIPE);
+ else if (err & POLLERR)
+ PR_SetError(PR_IO_ERROR, EIO);
+ else
+ PR_SetError(PR_UNKNOWN_ERROR, err);
+}
+#endif /* _PR_POLL_AVAILABLE */
+
+void
+nss_MD_unix_map_flock_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EINVAL:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+ case EWOULDBLOCK:
+ prError = PR_FILE_IS_LOCKED_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_unix_map_lockf_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EACCES:
+ prError = PR_FILE_IS_LOCKED_ERROR;
+ break;
+ case EDEADLK:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ default:
+ nss_MD_unix_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+#ifdef HPUX11
+void
+nss_MD_hpux_map_sendfile_error(int err)
+{
+ nss_MD_unix_map_default_error(err);
+}
+#endif /* HPUX11 */
+
+void
+nss_MD_unix_map_default_error(int err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case EACCES:
+ prError = PR_NO_ACCESS_RIGHTS_ERROR;
+ break;
+ case EADDRINUSE:
+ prError = PR_ADDRESS_IN_USE_ERROR;
+ break;
+ case EADDRNOTAVAIL:
+ prError = PR_ADDRESS_NOT_AVAILABLE_ERROR;
+ break;
+ case EAFNOSUPPORT:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case EAGAIN:
+ prError = PR_WOULD_BLOCK_ERROR;
+ break;
+/*
+ * On QNX and Neutrino, EALREADY is defined as EBUSY.
+ */
+#if EALREADY != EBUSY
+ case EALREADY:
+ prError = PR_ALREADY_INITIATED_ERROR;
+ break;
+#endif
+ case EBADF:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+#ifdef EBADMSG
+ case EBADMSG:
+ prError = PR_IO_ERROR;
+ break;
+#endif
+ case EBUSY:
+ prError = PR_FILESYSTEM_MOUNTED_ERROR;
+ break;
+ case ECONNREFUSED:
+ prError = PR_CONNECT_REFUSED_ERROR;
+ break;
+ case ECONNRESET:
+ prError = PR_CONNECT_RESET_ERROR;
+ break;
+ case EDEADLK:
+ prError = PR_DEADLOCK_ERROR;
+ break;
+#ifdef EDIRCORRUPTED
+ case EDIRCORRUPTED:
+ prError = PR_DIRECTORY_CORRUPTED_ERROR;
+ break;
+#endif
+#ifdef EDQUOT
+ case EDQUOT:
+ prError = PR_NO_DEVICE_SPACE_ERROR;
+ break;
+#endif
+ case EEXIST:
+ prError = PR_FILE_EXISTS_ERROR;
+ break;
+ case EFAULT:
+ prError = PR_ACCESS_FAULT_ERROR;
+ break;
+ case EFBIG:
+ prError = PR_FILE_TOO_BIG_ERROR;
+ break;
+ case EINPROGRESS:
+ prError = PR_IN_PROGRESS_ERROR;
+ break;
+ case EINTR:
+ prError = PR_PENDING_INTERRUPT_ERROR;
+ break;
+ case EINVAL:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case EIO:
+ prError = PR_IO_ERROR;
+ break;
+ case EISCONN:
+ prError = PR_IS_CONNECTED_ERROR;
+ break;
+ case EISDIR:
+ prError = PR_IS_DIRECTORY_ERROR;
+ break;
+ case ELOOP:
+ prError = PR_LOOP_ERROR;
+ break;
+ case EMFILE:
+ prError = PR_PROC_DESC_TABLE_FULL_ERROR;
+ break;
+ case EMLINK:
+ prError = PR_MAX_DIRECTORY_ENTRIES_ERROR;
+ break;
+ case EMSGSIZE:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+#ifdef EMULTIHOP
+ case EMULTIHOP:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+#endif
+ case ENAMETOOLONG:
+ prError = PR_NAME_TOO_LONG_ERROR;
+ break;
+ case ENETUNREACH:
+ prError = PR_NETWORK_UNREACHABLE_ERROR;
+ break;
+ case ENFILE:
+ prError = PR_SYS_DESC_TABLE_FULL_ERROR;
+ break;
+#if !defined(SCO)
+ case ENOBUFS:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+#endif
+ case ENODEV:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+ case ENOENT:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+ case ENOLCK:
+ prError = PR_FILE_IS_LOCKED_ERROR;
+ break;
+#ifdef ENOLINK
+ case ENOLINK:
+ prError = PR_REMOTE_FILE_ERROR;
+ break;
+#endif
+ case ENOMEM:
+ prError = PR_OUT_OF_MEMORY_ERROR;
+ break;
+ case ENOPROTOOPT:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case ENOSPC:
+ prError = PR_NO_DEVICE_SPACE_ERROR;
+ break;
+#ifdef ENOSR
+ case ENOSR:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+#endif
+ case ENOTCONN:
+ prError = PR_NOT_CONNECTED_ERROR;
+ break;
+ case ENOTDIR:
+ prError = PR_NOT_DIRECTORY_ERROR;
+ break;
+ case ENOTSOCK:
+ prError = PR_NOT_SOCKET_ERROR;
+ break;
+ case ENXIO:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+ case EOPNOTSUPP:
+ prError = PR_NOT_TCP_SOCKET_ERROR;
+ break;
+#ifdef EOVERFLOW
+ case EOVERFLOW:
+ prError = PR_BUFFER_OVERFLOW_ERROR;
+ break;
+#endif
+ case EPERM:
+ prError = PR_NO_ACCESS_RIGHTS_ERROR;
+ break;
+ case EPIPE:
+ prError = PR_CONNECT_RESET_ERROR;
+ break;
+#ifdef EPROTO
+ case EPROTO:
+ prError = PR_IO_ERROR;
+ break;
+#endif
+ case EPROTONOSUPPORT:
+ prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR;
+ break;
+ case EPROTOTYPE:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case ERANGE:
+ prError = PR_INVALID_METHOD_ERROR;
+ break;
+ case EROFS:
+ prError = PR_READ_ONLY_FILESYSTEM_ERROR;
+ break;
+ case ESPIPE:
+ prError = PR_INVALID_METHOD_ERROR;
+ break;
+ case ETIMEDOUT:
+ prError = PR_IO_TIMEOUT_ERROR;
+ break;
+#if EWOULDBLOCK != EAGAIN
+ case EWOULDBLOCK:
+ prError = PR_WOULD_BLOCK_ERROR;
+ break;
+#endif
+ case EXDEV:
+ prError = PR_NOT_SAME_DEVICE_ERROR;
+ break;
+
+ default:
+ prError = PR_UNKNOWN_ERROR;
+ break;
+ }
+ PR_SetError(prError, err);
+}
diff --git a/security/nss/lib/ssl/unix_err.h b/security/nss/lib/ssl/unix_err.h
new file mode 100644
index 000000000..5d7d547bf
--- /dev/null
+++ b/security/nss/lib/ssl/unix_err.h
@@ -0,0 +1,57 @@
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes. We would use
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * this code will continue to need to be replicated.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* NSPR doesn't make these functions public, so we have to duplicate
+** them in NSS.
+*/
+extern void nss_MD_hpux_map_sendfile_error(int err);
+extern void nss_MD_unix_map_accept_error(int err);
+extern void nss_MD_unix_map_access_error(int err);
+extern void nss_MD_unix_map_bind_error(int err);
+extern void nss_MD_unix_map_close_error(int err);
+extern void nss_MD_unix_map_closedir_error(int err);
+extern void nss_MD_unix_map_connect_error(int err);
+extern void nss_MD_unix_map_default_error(int err);
+extern void nss_MD_unix_map_flock_error(int err);
+extern void nss_MD_unix_map_fstat_error(int err);
+extern void nss_MD_unix_map_fsync_error(int err);
+extern void nss_MD_unix_map_gethostname_error(int err);
+extern void nss_MD_unix_map_getpeername_error(int err);
+extern void nss_MD_unix_map_getsockname_error(int err);
+extern void nss_MD_unix_map_getsockopt_error(int err);
+extern void nss_MD_unix_map_listen_error(int err);
+extern void nss_MD_unix_map_lockf_error(int err);
+extern void nss_MD_unix_map_lseek_error(int err);
+extern void nss_MD_unix_map_mkdir_error(int err);
+extern void nss_MD_unix_map_mmap_error(int err);
+extern void nss_MD_unix_map_open_error(int err);
+extern void nss_MD_unix_map_opendir_error(int err);
+extern void nss_MD_unix_map_poll_error(int err);
+extern void nss_MD_unix_map_poll_revents_error(int err);
+extern void nss_MD_unix_map_read_error(int err);
+extern void nss_MD_unix_map_readdir_error(int err);
+extern void nss_MD_unix_map_recv_error(int err);
+extern void nss_MD_unix_map_recvfrom_error(int err);
+extern void nss_MD_unix_map_rename_error(int err);
+extern void nss_MD_unix_map_rmdir_error(int err);
+extern void nss_MD_unix_map_select_error(int err);
+extern void nss_MD_unix_map_send_error(int err);
+extern void nss_MD_unix_map_sendto_error(int err);
+extern void nss_MD_unix_map_setsockopt_error(int err);
+extern void nss_MD_unix_map_shutdown_error(int err);
+extern void nss_MD_unix_map_socket_error(int err);
+extern void nss_MD_unix_map_socketavailable_error(int err);
+extern void nss_MD_unix_map_socketpair_error(int err);
+extern void nss_MD_unix_map_stat_error(int err);
+extern void nss_MD_unix_map_unlink_error(int err);
+extern void nss_MD_unix_map_write_error(int err);
+extern void nss_MD_unix_map_writev_error(int err);
diff --git a/security/nss/lib/ssl/win32err.c b/security/nss/lib/ssl/win32err.c
new file mode 100644
index 000000000..caa12b956
--- /dev/null
+++ b/security/nss/lib/ssl/win32err.c
@@ -0,0 +1,550 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes. We would use
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * this code will continue to need to be replicated.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prerror.h"
+#include "prlog.h"
+#include <errno.h>
+#include <windows.h>
+
+/*
+ * On Win32, we map three kinds of error codes:
+ * - GetLastError(): for Win32 functions
+ * - WSAGetLastError(): for Winsock functions
+ * - errno: for standard C library functions
+ *
+ * We do not check for WSAEINPROGRESS and WSAEINTR because we do not
+ * use blocking Winsock 1.1 calls.
+ *
+ * Except for the 'socket' call, we do not check for WSAEINITIALISED.
+ * It is assumed that if Winsock is not initialized, that fact will
+ * be detected at the time we create new sockets.
+ */
+
+/* forward declaration. */
+void nss_MD_win32_map_default_error(PRInt32 err);
+
+void
+nss_MD_win32_map_opendir_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_closedir_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_readdir_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_delete_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+/* The error code for stat() is in errno. */
+void
+nss_MD_win32_map_stat_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_fstat_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_rename_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+/* The error code for access() is in errno. */
+void
+nss_MD_win32_map_access_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_mkdir_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_rmdir_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_read_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_transmitfile_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_write_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_lseek_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_fsync_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+/*
+ * For both CloseHandle() and closesocket().
+ */
+void
+nss_MD_win32_map_close_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_socket_error(PRInt32 err)
+{
+ PR_ASSERT(err != WSANOTINITIALISED);
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_recv_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_recvfrom_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_send_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEMSGSIZE:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_sendto_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEMSGSIZE:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_accept_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEOPNOTSUPP:
+ prError = PR_NOT_TCP_SOCKET_ERROR;
+ break;
+ case WSAEINVAL:
+ prError = PR_INVALID_STATE_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_acceptex_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_connect_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEWOULDBLOCK:
+ prError = PR_IN_PROGRESS_ERROR;
+ break;
+ case WSAEINVAL:
+ prError = PR_ALREADY_INITIATED_ERROR;
+ break;
+ case WSAETIMEDOUT:
+ prError = PR_IO_TIMEOUT_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_bind_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEINVAL:
+ prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_listen_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEOPNOTSUPP:
+ prError = PR_NOT_TCP_SOCKET_ERROR;
+ break;
+ case WSAEINVAL:
+ prError = PR_INVALID_STATE_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_shutdown_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_getsockname_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAEINVAL:
+ prError = PR_INVALID_STATE_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_getpeername_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_getsockopt_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_setsockopt_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_open_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_gethostname_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+/* Win32 select() only works on sockets. So in this
+** context, WSAENOTSOCK is equivalent to EBADF on Unix.
+*/
+void
+nss_MD_win32_map_select_error(PRInt32 err)
+{
+ PRErrorCode prError;
+ switch (err) {
+ case WSAENOTSOCK:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+ default:
+ nss_MD_win32_map_default_error(err);
+ return;
+ }
+ PR_SetError(prError, err);
+}
+
+void
+nss_MD_win32_map_lockf_error(PRInt32 err)
+{
+ nss_MD_win32_map_default_error(err);
+}
+
+void
+nss_MD_win32_map_default_error(PRInt32 err)
+{
+ PRErrorCode prError;
+
+ switch (err) {
+ case EACCES:
+ prError = PR_NO_ACCESS_RIGHTS_ERROR;
+ break;
+ case ENOENT:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+ case ERROR_ACCESS_DENIED:
+ prError = PR_NO_ACCESS_RIGHTS_ERROR;
+ break;
+ case ERROR_ALREADY_EXISTS:
+ prError = PR_FILE_EXISTS_ERROR;
+ break;
+ case ERROR_DISK_CORRUPT:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_DISK_FULL:
+ prError = PR_NO_DEVICE_SPACE_ERROR;
+ break;
+ case ERROR_DISK_OPERATION_FAILED:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_DRIVE_LOCKED:
+ prError = PR_FILE_IS_LOCKED_ERROR;
+ break;
+ case ERROR_FILENAME_EXCED_RANGE:
+ prError = PR_NAME_TOO_LONG_ERROR;
+ break;
+ case ERROR_FILE_CORRUPT:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_FILE_EXISTS:
+ prError = PR_FILE_EXISTS_ERROR;
+ break;
+ case ERROR_FILE_INVALID:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+#if ERROR_FILE_NOT_FOUND != ENOENT
+ case ERROR_FILE_NOT_FOUND:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+#endif
+ case ERROR_HANDLE_DISK_FULL:
+ prError = PR_NO_DEVICE_SPACE_ERROR;
+ break;
+ case ERROR_INVALID_ADDRESS:
+ prError = PR_ACCESS_FAULT_ERROR;
+ break;
+ case ERROR_INVALID_HANDLE:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+ case ERROR_INVALID_NAME:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case ERROR_INVALID_PARAMETER:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case ERROR_INVALID_USER_BUFFER:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case ERROR_LOCKED:
+ prError = PR_FILE_IS_LOCKED_ERROR;
+ break;
+ case ERROR_NETNAME_DELETED:
+ prError = PR_CONNECT_RESET_ERROR;
+ break;
+ case ERROR_NOACCESS:
+ prError = PR_ACCESS_FAULT_ERROR;
+ break;
+ case ERROR_NOT_ENOUGH_MEMORY:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case ERROR_NOT_ENOUGH_QUOTA:
+ prError = PR_OUT_OF_MEMORY_ERROR;
+ break;
+ case ERROR_NOT_READY:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_NO_MORE_FILES:
+ prError = PR_NO_MORE_FILES_ERROR;
+ break;
+ case ERROR_OPEN_FAILED:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_OPEN_FILES:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_OUTOFMEMORY:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case ERROR_PATH_BUSY:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_PATH_NOT_FOUND:
+ prError = PR_FILE_NOT_FOUND_ERROR;
+ break;
+ case ERROR_SEEK_ON_DEVICE:
+ prError = PR_IO_ERROR;
+ break;
+ case ERROR_SHARING_VIOLATION:
+ prError = PR_FILE_IS_BUSY_ERROR;
+ break;
+ case ERROR_STACK_OVERFLOW:
+ prError = PR_ACCESS_FAULT_ERROR;
+ break;
+ case ERROR_TOO_MANY_OPEN_FILES:
+ prError = PR_SYS_DESC_TABLE_FULL_ERROR;
+ break;
+ case ERROR_WRITE_PROTECT:
+ prError = PR_NO_ACCESS_RIGHTS_ERROR;
+ break;
+ case WSAEACCES:
+ prError = PR_NO_ACCESS_RIGHTS_ERROR;
+ break;
+ case WSAEADDRINUSE:
+ prError = PR_ADDRESS_IN_USE_ERROR;
+ break;
+ case WSAEADDRNOTAVAIL:
+ prError = PR_ADDRESS_NOT_AVAILABLE_ERROR;
+ break;
+ case WSAEAFNOSUPPORT:
+ prError = PR_ADDRESS_NOT_SUPPORTED_ERROR;
+ break;
+ case WSAEALREADY:
+ prError = PR_ALREADY_INITIATED_ERROR;
+ break;
+ case WSAEBADF:
+ prError = PR_BAD_DESCRIPTOR_ERROR;
+ break;
+ case WSAECONNABORTED:
+ prError = PR_CONNECT_ABORTED_ERROR;
+ break;
+ case WSAECONNREFUSED:
+ prError = PR_CONNECT_REFUSED_ERROR;
+ break;
+ case WSAECONNRESET:
+ prError = PR_CONNECT_RESET_ERROR;
+ break;
+ case WSAEDESTADDRREQ:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case WSAEFAULT:
+ prError = PR_ACCESS_FAULT_ERROR;
+ break;
+ case WSAEHOSTUNREACH:
+ prError = PR_HOST_UNREACHABLE_ERROR;
+ break;
+ case WSAEINVAL:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case WSAEISCONN:
+ prError = PR_IS_CONNECTED_ERROR;
+ break;
+ case WSAEMFILE:
+ prError = PR_PROC_DESC_TABLE_FULL_ERROR;
+ break;
+ case WSAEMSGSIZE:
+ prError = PR_BUFFER_OVERFLOW_ERROR;
+ break;
+ case WSAENETDOWN:
+ prError = PR_NETWORK_DOWN_ERROR;
+ break;
+ case WSAENETRESET:
+ prError = PR_CONNECT_ABORTED_ERROR;
+ break;
+ case WSAENETUNREACH:
+ prError = PR_NETWORK_UNREACHABLE_ERROR;
+ break;
+ case WSAENOBUFS:
+ prError = PR_INSUFFICIENT_RESOURCES_ERROR;
+ break;
+ case WSAENOPROTOOPT:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case WSAENOTCONN:
+ prError = PR_NOT_CONNECTED_ERROR;
+ break;
+ case WSAENOTSOCK:
+ prError = PR_NOT_SOCKET_ERROR;
+ break;
+ case WSAEOPNOTSUPP:
+ prError = PR_OPERATION_NOT_SUPPORTED_ERROR;
+ break;
+ case WSAEPROTONOSUPPORT:
+ prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR;
+ break;
+ case WSAEPROTOTYPE:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case WSAESHUTDOWN:
+ prError = PR_SOCKET_SHUTDOWN_ERROR;
+ break;
+ case WSAESOCKTNOSUPPORT:
+ prError = PR_INVALID_ARGUMENT_ERROR;
+ break;
+ case WSAETIMEDOUT:
+ prError = PR_CONNECT_ABORTED_ERROR;
+ break;
+ case WSAEWOULDBLOCK:
+ prError = PR_WOULD_BLOCK_ERROR;
+ break;
+ default:
+ prError = PR_UNKNOWN_ERROR;
+ break;
+ }
+ PR_SetError(prError, err);
+}
diff --git a/security/nss/lib/ssl/win32err.h b/security/nss/lib/ssl/win32err.h
new file mode 100644
index 000000000..a69884906
--- /dev/null
+++ b/security/nss/lib/ssl/win32err.h
@@ -0,0 +1,51 @@
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes. We would use
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * This code will continue to need to be replicated.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* NSPR doesn't make these functions public, so we have to duplicate
+** them in NSS.
+*/
+extern void nss_MD_win32_map_accept_error(PRInt32 err);
+extern void nss_MD_win32_map_acceptex_error(PRInt32 err);
+extern void nss_MD_win32_map_access_error(PRInt32 err);
+extern void nss_MD_win32_map_bind_error(PRInt32 err);
+extern void nss_MD_win32_map_close_error(PRInt32 err);
+extern void nss_MD_win32_map_closedir_error(PRInt32 err);
+extern void nss_MD_win32_map_connect_error(PRInt32 err);
+extern void nss_MD_win32_map_default_error(PRInt32 err);
+extern void nss_MD_win32_map_delete_error(PRInt32 err);
+extern void nss_MD_win32_map_fstat_error(PRInt32 err);
+extern void nss_MD_win32_map_fsync_error(PRInt32 err);
+extern void nss_MD_win32_map_gethostname_error(PRInt32 err);
+extern void nss_MD_win32_map_getpeername_error(PRInt32 err);
+extern void nss_MD_win32_map_getsockname_error(PRInt32 err);
+extern void nss_MD_win32_map_getsockopt_error(PRInt32 err);
+extern void nss_MD_win32_map_listen_error(PRInt32 err);
+extern void nss_MD_win32_map_lockf_error(PRInt32 err);
+extern void nss_MD_win32_map_lseek_error(PRInt32 err);
+extern void nss_MD_win32_map_mkdir_error(PRInt32 err);
+extern void nss_MD_win32_map_open_error(PRInt32 err);
+extern void nss_MD_win32_map_opendir_error(PRInt32 err);
+extern void nss_MD_win32_map_read_error(PRInt32 err);
+extern void nss_MD_win32_map_readdir_error(PRInt32 err);
+extern void nss_MD_win32_map_recv_error(PRInt32 err);
+extern void nss_MD_win32_map_recvfrom_error(PRInt32 err);
+extern void nss_MD_win32_map_rename_error(PRInt32 err);
+extern void nss_MD_win32_map_rmdir_error(PRInt32 err);
+extern void nss_MD_win32_map_select_error(PRInt32 err);
+extern void nss_MD_win32_map_send_error(PRInt32 err);
+extern void nss_MD_win32_map_sendto_error(PRInt32 err);
+extern void nss_MD_win32_map_setsockopt_error(PRInt32 err);
+extern void nss_MD_win32_map_shutdown_error(PRInt32 err);
+extern void nss_MD_win32_map_socket_error(PRInt32 err);
+extern void nss_MD_win32_map_stat_error(PRInt32 err);
+extern void nss_MD_win32_map_transmitfile_error(PRInt32 err);
+extern void nss_MD_win32_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/sysinit/Makefile b/security/nss/lib/sysinit/Makefile
new file mode 100644
index 000000000..fe59954df
--- /dev/null
+++ b/security/nss/lib/sysinit/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+#include ../platlibs.mk
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+#include ../platrules.mk
+
diff --git a/security/nss/lib/sysinit/config.mk b/security/nss/lib/sysinit/config.mk
new file mode 100644
index 000000000..037641b11
--- /dev/null
+++ b/security/nss/lib/sysinit/config.mk
@@ -0,0 +1,80 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/$(LIBRARY_NAME).res
+RESNAME = $(LIBRARY_NAME).rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4\
+ $(NULL)
+else # ! NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ $(DIST)/lib/nssutil3.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
+# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSSUTIL_LIB_DIR) \
+ -lnssutil3 \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+
+endif
+
+
+# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
+
+ifeq ($(OS_TARGET),SunOS)
+ifeq ($(BUILD_SUN_PKG), 1)
+# The -R '$ORIGIN' linker option instructs this library to search for its
+# dependencies in the same directory where it resides.
+ifeq ($(USE_64), 1)
+MKSHLIB += -R '$$ORIGIN:/usr/lib/mps/secv1/64:/usr/lib/mps/64'
+else
+MKSHLIB += -R '$$ORIGIN:/usr/lib/mps/secv1:/usr/lib/mps'
+endif
+else
+MKSHLIB += -R '$$ORIGIN'
+endif
+endif
+
+ifeq ($(OS_ARCH), HP-UX)
+ifneq ($(OS_TEST), ia64)
+# pa-risc
+ifeq ($(USE_64), 1)
+MKSHLIB += +b '$$ORIGIN'
+endif
+endif
+endif
diff --git a/security/nss/lib/sysinit/manifest.mn b/security/nss/lib/sysinit/manifest.mn
new file mode 100644
index 000000000..822f4fcbd
--- /dev/null
+++ b/security/nss/lib/sysinit/manifest.mn
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+# MODULE public and private header directories are implicitly REQUIRED.
+MODULE = nss
+
+CSRCS = nsssysinit.c
+
+LIBRARY_NAME = nsssysinit
+#LIBRARY_VERSION = 3
+
diff --git a/security/nss/lib/sysinit/nsssysinit.c b/security/nss/lib/sysinit/nsssysinit.c
new file mode 100644
index 000000000..39e2ad7a1
--- /dev/null
+++ b/security/nss/lib/sysinit/nsssysinit.c
@@ -0,0 +1,403 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "seccomon.h"
+#include "prio.h"
+#include "prprf.h"
+#include "plhash.h"
+#include "prenv.h"
+
+/*
+ * The following provides a default example for operating systems to set up
+ * and manage applications loading NSS on their OS globally.
+ *
+ * This code hooks in to the system pkcs11.txt, which controls all the loading
+ * of pkcs11 modules common to all applications.
+ */
+
+/*
+ * OS Specific function to get where the NSS user database should reside.
+ */
+
+#ifdef XP_UNIX
+#include <unistd.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+static int
+testdir(char *dir)
+{
+ struct stat buf;
+ memset(&buf, 0, sizeof(buf));
+
+ if (stat(dir, &buf) < 0) {
+ return 0;
+ }
+
+ return S_ISDIR(buf.st_mode);
+}
+
+#define NSS_USER_PATH1 "/.pki"
+#define NSS_USER_PATH2 "/nssdb"
+static char *
+getUserDB(void)
+{
+ char *userdir = PR_GetEnvSecure("HOME");
+ char *nssdir = NULL;
+
+ if (userdir == NULL) {
+ return NULL;
+ }
+
+ nssdir = PORT_Alloc(strlen(userdir) + sizeof(NSS_USER_PATH1) + sizeof(NSS_USER_PATH2));
+ if (nssdir == NULL) {
+ return NULL;
+ }
+ PORT_Strcpy(nssdir, userdir);
+ /* verify it exists */
+ if (!testdir(nssdir)) {
+ PORT_Free(nssdir);
+ return NULL;
+ }
+ PORT_Strcat(nssdir, NSS_USER_PATH1);
+ if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
+ PORT_Free(nssdir);
+ return NULL;
+ }
+ PORT_Strcat(nssdir, NSS_USER_PATH2);
+ if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
+ PORT_Free(nssdir);
+ return NULL;
+ }
+ return nssdir;
+}
+
+#define NSS_DEFAULT_SYSTEM "/etc/pki/nssdb"
+static char *
+getSystemDB(void)
+{
+ return PORT_Strdup(NSS_DEFAULT_SYSTEM);
+}
+
+static PRBool
+userIsRoot()
+{
+ /* this works for linux and all unixes that we know off
+ though it isn't stated as such in POSIX documentation */
+ return getuid() == 0;
+}
+
+static PRBool
+userCanModifySystemDB()
+{
+ return (access(NSS_DEFAULT_SYSTEM, W_OK) == 0);
+}
+
+#else
+#ifdef XP_WIN
+static char *
+getUserDB(void)
+{
+ /* use the registry to find the user's NSS_DIR. if no entry exists, create
+ * one in the users Appdir location */
+ return NULL;
+}
+
+static char *
+getSystemDB(void)
+{
+ /* use the registry to find the system's NSS_DIR. if no entry exists, create
+ * one based on the windows system data area */
+ return NULL;
+}
+
+static PRBool
+userIsRoot()
+{
+ /* use the registry to find if the user is the system administrator. */
+ return PR_FALSE;
+}
+
+static PRBool
+userCanModifySystemDB()
+{
+ /* use the registry to find if the user has administrative privilege
+ * to modify the system's nss database. */
+ return PR_FALSE;
+}
+
+#else
+#error "Need to write getUserDB, SystemDB, userIsRoot, and userCanModifySystemDB functions"
+#endif
+#endif
+
+static PRBool
+getFIPSEnv(void)
+{
+ char *fipsEnv = PR_GetEnvSecure("NSS_FIPS");
+ if (!fipsEnv) {
+ return PR_FALSE;
+ }
+ if ((strcasecmp(fipsEnv, "fips") == 0) ||
+ (strcasecmp(fipsEnv, "true") == 0) ||
+ (strcasecmp(fipsEnv, "on") == 0) ||
+ (strcasecmp(fipsEnv, "1") == 0)) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+#ifdef XP_LINUX
+
+static PRBool
+getFIPSMode(void)
+{
+ FILE *f;
+ char d;
+ size_t size;
+
+ f = fopen("/proc/sys/crypto/fips_enabled", "r");
+ if (!f) {
+ /* if we don't have a proc flag, fall back to the
+ * environment variable */
+ return getFIPSEnv();
+ }
+
+ size = fread(&d, 1, 1, f);
+ fclose(f);
+ if (size != 1)
+ return PR_FALSE;
+ if (d != '1')
+ return PR_FALSE;
+ return PR_TRUE;
+}
+
+#else
+static PRBool
+getFIPSMode(void)
+{
+ return getFIPSEnv();
+}
+#endif
+
+#define NSS_DEFAULT_FLAGS "flags=readonly"
+
+/* configuration flags according to
+ * https://developer.mozilla.org/en/PKCS11_Module_Specs
+ * As stated there the slotParams start with a slot name which is a slotID
+ * Slots 1 through 3 are reserved for the nss internal modules as follows:
+ * 1 for crypto operations slot non-fips,
+ * 2 for the key slot, and
+ * 3 for the crypto operations slot fips
+ */
+#define CIPHER_ORDER_FLAGS "cipherOrder=100"
+#define SLOT_FLAGS \
+ "[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM" \
+ " askpw=any timeout=30 ]"
+
+static const char *nssDefaultFlags =
+ CIPHER_ORDER_FLAGS " slotParams={0x00000001=" SLOT_FLAGS " } ";
+
+static const char *nssDefaultFIPSFlags =
+ CIPHER_ORDER_FLAGS " slotParams={0x00000003=" SLOT_FLAGS " } ";
+
+/*
+ * This function builds the list of databases and modules to load, and sets
+ * their configuration. For the sample we have a fixed set.
+ * 1. We load the user's home nss database.
+ * 2. We load the user's custom PKCS #11 modules.
+ * 3. We load the system nss database readonly.
+ *
+ * Any space allocated in get_list must be freed in release_list.
+ * This function can use whatever information is available to the application.
+ * it is running in the process of the application for which it is making
+ * decisions, so it's possible to acquire the application name as part of
+ * the decision making process.
+ *
+ */
+static char **
+get_list(char *filename, char *stripped_parameters)
+{
+ char **module_list = PORT_ZNewArray(char *, 5);
+ char *userdb, *sysdb;
+ int isFIPS = getFIPSMode();
+ const char *nssflags = isFIPS ? nssDefaultFIPSFlags : nssDefaultFlags;
+ int next = 0;
+
+ /* can't get any space */
+ if (module_list == NULL) {
+ return NULL;
+ }
+
+ sysdb = getSystemDB();
+ userdb = getUserDB();
+
+ /* Don't open root's user DB */
+ if (userdb != NULL && !userIsRoot()) {
+ /* return a list of databases to open. First the user Database */
+ module_list[next++] = PR_smprintf(
+ "library= "
+ "module=\"NSS User database\" "
+ "parameters=\"configdir='sql:%s' %s tokenDescription='NSS user database'\" "
+ "NSS=\"trustOrder=75 %sflags=internal%s\"",
+ userdb, stripped_parameters, nssflags,
+ isFIPS ? ",FIPS" : "");
+
+ /* now open the user's defined PKCS #11 modules */
+ /* skip the local user DB entry */
+ module_list[next++] = PR_smprintf(
+ "library= "
+ "module=\"NSS User database\" "
+ "parameters=\"configdir='sql:%s' %s\" "
+ "NSS=\"flags=internal,moduleDBOnly,defaultModDB,skipFirst\"",
+ userdb, stripped_parameters);
+ }
+
+ /* now the system database (always read only unless it's root) */
+ if (sysdb) {
+ const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
+ module_list[next++] = PR_smprintf(
+ "library= "
+ "module=\"NSS system database\" "
+ "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
+ "NSS=\"trustOrder=80 %sflags=internal,critical\"",
+ sysdb, readonly, nssflags);
+ }
+
+ /* that was the last module */
+ module_list[next] = 0;
+
+ PORT_Free(userdb);
+ PORT_Free(sysdb);
+
+ return module_list;
+}
+
+static char **
+release_list(char **arg)
+{
+ static char *success = "Success";
+ int next;
+
+ for (next = 0; arg[next]; next++) {
+ free(arg[next]);
+ }
+ PORT_Free(arg);
+ return &success;
+}
+
+#include "utilpars.h"
+
+#define TARGET_SPEC_COPY(new, start, end) \
+ if (end > start) { \
+ int _cnt = end - start; \
+ PORT_Memcpy(new, start, _cnt); \
+ new += _cnt; \
+ }
+
+/*
+ * According the strcpy man page:
+ *
+ * The strings may not overlap, and the destination string dest must be
+ * large enough to receive the copy.
+ *
+ * This implementation allows target to overlap with src.
+ * It does not allow the src to overlap the target.
+ * example: overlapstrcpy(string, string+4) is fine
+ * overlapstrcpy(string+4, string) is not.
+ */
+static void
+overlapstrcpy(char *target, char *src)
+{
+ while (*src) {
+ *target++ = *src++;
+ }
+ *target = 0;
+}
+
+/* determine what options the user was trying to open this database with */
+/* filename is the directory pointed to by configdir= */
+/* stripped is the rest of the parameters with configdir= stripped out */
+static SECStatus
+parse_parameters(const char *parameters, char **filename, char **stripped)
+{
+ const char *sourcePrev;
+ const char *sourceCurr;
+ char *targetCurr;
+ char *newStripped;
+ *filename = NULL;
+ *stripped = NULL;
+
+ newStripped = PORT_Alloc(PORT_Strlen(parameters) + 2);
+ targetCurr = newStripped;
+ sourcePrev = parameters;
+ sourceCurr = NSSUTIL_ArgStrip(parameters);
+ TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr);
+
+ while (*sourceCurr) {
+ int next;
+ sourcePrev = sourceCurr;
+ NSSUTIL_HANDLE_STRING_ARG(sourceCurr, *filename, "configdir=",
+ sourcePrev = sourceCurr;)
+ NSSUTIL_HANDLE_FINAL_ARG(sourceCurr);
+ TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr);
+ }
+ *targetCurr = 0;
+ if (*filename == NULL) {
+ PORT_Free(newStripped);
+ return SECFailure;
+ }
+ /* strip off any directives from the filename */
+ if (strncmp("sql:", *filename, 4) == 0) {
+ overlapstrcpy(*filename, (*filename) + 4);
+ } else if (strncmp("dbm:", *filename, 4) == 0) {
+ overlapstrcpy(*filename, (*filename) + 4);
+ } else if (strncmp("extern:", *filename, 7) == 0) {
+ overlapstrcpy(*filename, (*filename) + 7);
+ }
+ *stripped = newStripped;
+ return SECSuccess;
+}
+
+/* entry point */
+char **
+NSS_ReturnModuleSpecData(unsigned long function, char *parameters, void *args)
+{
+ char *filename = NULL;
+ char *stripped = NULL;
+ char **retString = NULL;
+ SECStatus rv;
+
+ rv = parse_parameters(parameters, &filename, &stripped);
+ if (rv != SECSuccess) {
+ /* use defaults */
+ filename = getSystemDB();
+ if (!filename) {
+ return NULL;
+ }
+ stripped = PORT_Strdup(NSS_DEFAULT_FLAGS);
+ if (!stripped) {
+ free(filename);
+ return NULL;
+ }
+ }
+ switch (function) {
+ case SECMOD_MODULE_DB_FUNCTION_FIND:
+ retString = get_list(filename, stripped);
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_RELEASE:
+ retString = release_list((char **)args);
+ break;
+ /* can't add or delete from this module DB */
+ case SECMOD_MODULE_DB_FUNCTION_ADD:
+ case SECMOD_MODULE_DB_FUNCTION_DEL:
+ retString = NULL;
+ break;
+ default:
+ retString = NULL;
+ break;
+ }
+
+ PORT_Free(filename);
+ PORT_Free(stripped);
+ return retString;
+}
diff --git a/security/nss/lib/sysinit/sysinit.gyp b/security/nss/lib/sysinit/sysinit.gyp
new file mode 100644
index 000000000..e961325f6
--- /dev/null
+++ b/security/nss/lib/sysinit/sysinit.gyp
@@ -0,0 +1,31 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nsssysinit_static',
+ 'type': 'static_library',
+ 'sources': [
+ 'nsssysinit.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ '<(DEPTH)/lib/util/util.gyp:nssutil3'
+ ]
+ },
+ {
+ 'target_name': 'nsssysinit',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'nsssysinit_static'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/util/Makefile b/security/nss/lib/util/Makefile
new file mode 100644
index 000000000..97ec9345e
--- /dev/null
+++ b/security/nss/lib/util/Makefile
@@ -0,0 +1,50 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+# include $(CORE_DEPTH)/coreconf/arch.mk
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+export:: private_export
diff --git a/security/nss/lib/util/SECerrs.h b/security/nss/lib/util/SECerrs.h
new file mode 100644
index 000000000..6d6f1b868
--- /dev/null
+++ b/security/nss/lib/util/SECerrs.h
@@ -0,0 +1,551 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* General security error codes */
+/* Caller must #include "secerr.h" */
+
+ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
+ "An I/O error occurred during security authorization.")
+
+ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
+ "security library failure.")
+
+ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
+ "security library: received bad data.")
+
+ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
+ "security library: output length error.")
+
+ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
+ "security library has experienced an input length error.")
+
+ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
+ "security library: invalid arguments.")
+
+ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
+ "security library: invalid algorithm.")
+
+ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
+ "security library: invalid AVA.")
+
+ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
+ "Improperly formatted time string.")
+
+ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
+ "security library: improperly formatted DER-encoded message.")
+
+ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
+ "Peer's certificate has an invalid signature.")
+
+ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
+ "Peer's Certificate has expired.")
+
+ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
+ "Peer's Certificate has been revoked.")
+
+ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
+ "Peer's Certificate issuer is not recognized.")
+
+ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
+ "Peer's public key is invalid.")
+
+ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
+ "The security password entered is incorrect.")
+
+ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
+ "New password entered incorrectly. Please try again.")
+
+ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
+ "security library: no nodelock.")
+
+ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
+ "security library: bad database.")
+
+ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
+ "security library: memory allocation failure.")
+
+ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
+ "Peer's certificate issuer has been marked as not trusted by the user.")
+
+ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
+ "Peer's certificate has been marked as not trusted by the user.")
+
+ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
+ "Certificate already exists in your database.")
+
+ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
+ "Downloaded certificate's name duplicates one already in your database.")
+
+ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
+ "Error adding certificate to database.")
+
+ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
+ "Error refiling the key for this certificate.")
+
+ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
+ "The private key for this certificate cannot be found in key database")
+
+ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
+ "This certificate is valid.")
+
+ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
+ "This certificate is not valid.")
+
+ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
+ "Cert Library: No Response")
+
+ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
+ "The certificate issuer's certificate has expired. Check your system date and time.")
+
+ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
+ "The CRL for the certificate's issuer has expired. Update it or check your system date and time.")
+
+ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
+ "The CRL for the certificate's issuer has an invalid signature.")
+
+ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
+ "New CRL has an invalid format.")
+
+ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
+ "Certificate extension value is invalid.")
+
+ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
+ "Certificate extension not found.")
+
+ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
+ "Issuer certificate is invalid.")
+
+ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
+ "Certificate path length constraint is invalid.")
+
+ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
+ "Certificate usages field is invalid.")
+
+ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
+ "**Internal ONLY module**")
+
+ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
+ "The key does not support the requested operation.")
+
+ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
+ "Certificate contains unknown critical extension.")
+
+ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
+ "New CRL is not later than the current one.")
+
+ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
+ "Not encrypted or signed: you do not yet have an email certificate.")
+
+ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
+ "Not encrypted: you do not have certificates for each of the recipients.")
+
+ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
+ "Cannot decrypt: you are not a recipient, or matching certificate and \
+private key not found.")
+
+ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
+ "Cannot decrypt: key encryption algorithm does not match your certificate.")
+
+ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
+ "Signature verification failed: no signer found, too many signers found, \
+or improper or corrupted data.")
+
+ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
+ "Unsupported or unknown key algorithm.")
+
+ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
+ "Cannot decrypt: encrypted using a disallowed algorithm or key size.")
+
+/* Fortezza Alerts */
+ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
+ "Fortezza card has not been properly initialized. \
+Please remove it and return it to your issuer.")
+
+ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
+ "No Fortezza cards Found")
+
+ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
+ "No Fortezza card selected")
+
+ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
+ "Please select a personality to get more info on")
+
+ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
+ "Personality not found")
+
+ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
+ "No more information on that Personality")
+
+ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
+ "Invalid Pin")
+
+ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
+ "Couldn't initialize Fortezza personalities.")
+/* end fortezza alerts. */
+
+ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
+ "No KRL for this site's certificate has been found.")
+
+ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
+ "The KRL for this site's certificate has expired.")
+
+ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
+ "The KRL for this site's certificate has an invalid signature.")
+
+ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
+ "The key for this site's certificate has been revoked.")
+
+ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
+ "New KRL has an invalid format.")
+
+ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
+ "security library: need random data.")
+
+ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
+ "security library: no security module can perform the requested operation.")
+
+ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
+ "The security card or token does not exist, needs to be initialized, or has been removed.")
+
+ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
+ "security library: read-only database.")
+
+ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
+ "No slot or token was selected.")
+
+ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
+ "A certificate with the same nickname already exists.")
+
+ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
+ "A key with the same nickname already exists.")
+
+ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
+ "error while creating safe object")
+
+ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
+ "error while creating baggage object")
+
+ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
+ "Couldn't remove the principal")
+
+ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
+ "Couldn't delete the privilege")
+
+ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
+ "This principal doesn't have a certificate")
+
+ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
+ "Required algorithm is not allowed.")
+
+ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
+ "Error attempting to export certificates.")
+
+ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
+ "Error attempting to import certificates.")
+
+ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
+ "Unable to import. Decoding error. File not valid.")
+
+ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
+ "Unable to import. Invalid MAC. Incorrect password or corrupt file.")
+
+ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
+ "Unable to import. MAC algorithm not supported.")
+
+ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE, (SEC_ERROR_BASE + 81),
+ "Unable to import. Only password integrity and privacy modes supported.")
+
+ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
+ "Unable to import. File structure is corrupt.")
+
+ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
+ "Unable to import. Encryption algorithm not supported.")
+
+ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
+ "Unable to import. File version not supported.")
+
+ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT, (SEC_ERROR_BASE + 85),
+ "Unable to import. Incorrect privacy password.")
+
+ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
+ "Unable to import. Same nickname already exists in database.")
+
+ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
+ "The user pressed cancel.")
+
+ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
+ "Not imported, already in database.")
+
+ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
+ "Message not sent.")
+
+ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
+ "Certificate key usage inadequate for attempted operation.")
+
+ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
+ "Certificate type not approved for application.")
+
+ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
+ "Address in signing certificate does not match address in message headers.")
+
+ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
+ "Unable to import. Error attempting to import private key.")
+
+ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
+ "Unable to import. Error attempting to import certificate chain.")
+
+ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
+ "Unable to export. Unable to locate certificate or key by nickname.")
+
+ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
+ "Unable to export. Private Key could not be located and exported.")
+
+ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
+ "Unable to export. Unable to write the export file.")
+
+ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
+ "Unable to import. Unable to read the import file.")
+
+ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
+ "Unable to export. Key database corrupt or deleted.")
+
+ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
+ "Unable to generate public/private key pair.")
+
+ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
+ "Password entered is invalid. Please pick a different one.")
+
+ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
+ "Old password entered incorrectly. Please try again.")
+
+ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
+ "Certificate nickname already in use.")
+
+ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
+ "Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
+
+ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, (SEC_ERROR_BASE + 105),
+ "A sensitive key cannot be moved to the slot where it is needed.")
+
+ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
+ "Invalid module name.")
+
+ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
+ "Invalid module path/filename")
+
+ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
+ "Unable to add module")
+
+ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
+ "Unable to delete module")
+
+ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
+ "New KRL is not later than the current one.")
+
+ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
+ "New CKL has different issuer than current CKL. Delete current CKL.")
+
+ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
+ "The Certifying Authority for this certificate is not permitted to issue a \
+certificate with this name.")
+
+ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
+ "The key revocation list for this certificate is not yet valid.")
+
+ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
+ "The certificate revocation list for this certificate is not yet valid.")
+
+ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
+ "The requested certificate could not be found.")
+
+ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
+ "The signer's certificate could not be found.")
+
+ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
+ "The location for the certificate status server has invalid format.")
+
+ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
+ "The OCSP response cannot be fully decoded; it is of an unknown type.")
+
+ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
+ "The OCSP server returned unexpected/invalid HTTP data.")
+
+ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
+ "The OCSP server found the request to be corrupted or improperly formed.")
+
+ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
+ "The OCSP server experienced an internal error.")
+
+ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
+ "The OCSP server suggests trying again later.")
+
+ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
+ "The OCSP server requires a signature on this request.")
+
+ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
+ "The OCSP server has refused this request as unauthorized.")
+
+ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
+ "The OCSP server returned an unrecognizable status.")
+
+ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
+ "The OCSP server has no status for the certificate.")
+
+ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
+ "You must enable OCSP before performing this operation.")
+
+ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
+ "You must set the OCSP default responder before performing this operation.")
+
+ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
+ "The response from the OCSP server was corrupted or improperly formed.")
+
+ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
+ "The signer of the OCSP response is not authorized to give status for \
+this certificate.")
+
+ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
+ "The OCSP response is not yet valid (contains a date in the future).")
+
+ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
+ "The OCSP response contains out-of-date information.")
+
+ER3(SEC_ERROR_DIGEST_NOT_FOUND, (SEC_ERROR_BASE + 133),
+ "The CMS or PKCS #7 Digest was not found in signed message.")
+
+ER3(SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE, (SEC_ERROR_BASE + 134),
+ "The CMS or PKCS #7 Message type is unsupported.")
+
+ER3(SEC_ERROR_MODULE_STUCK, (SEC_ERROR_BASE + 135),
+ "PKCS #11 module could not be removed because it is still in use.")
+
+ER3(SEC_ERROR_BAD_TEMPLATE, (SEC_ERROR_BASE + 136),
+ "Could not decode ASN.1 data. Specified template was invalid.")
+
+ER3(SEC_ERROR_CRL_NOT_FOUND, (SEC_ERROR_BASE + 137),
+ "No matching CRL was found.")
+
+ER3(SEC_ERROR_REUSED_ISSUER_AND_SERIAL, (SEC_ERROR_BASE + 138),
+ "You are attempting to import a cert with the same issuer/serial as \
+an existing cert, but that is not the same cert.")
+
+ER3(SEC_ERROR_BUSY, (SEC_ERROR_BASE + 139),
+ "NSS could not shutdown. Objects are still in use.")
+
+ER3(SEC_ERROR_EXTRA_INPUT, (SEC_ERROR_BASE + 140),
+ "DER-encoded message contained extra unused data.")
+
+ER3(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE, (SEC_ERROR_BASE + 141),
+ "Unsupported elliptic curve.")
+
+ER3(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM, (SEC_ERROR_BASE + 142),
+ "Unsupported elliptic curve point form.")
+
+ER3(SEC_ERROR_UNRECOGNIZED_OID, (SEC_ERROR_BASE + 143),
+ "Unrecognized Object Identifier.")
+
+ER3(SEC_ERROR_OCSP_INVALID_SIGNING_CERT, (SEC_ERROR_BASE + 144),
+ "Invalid OCSP signing certificate in OCSP response.")
+
+ER3(SEC_ERROR_REVOKED_CERTIFICATE_CRL, (SEC_ERROR_BASE + 145),
+ "Certificate is revoked in issuer's certificate revocation list.")
+
+ER3(SEC_ERROR_REVOKED_CERTIFICATE_OCSP, (SEC_ERROR_BASE + 146),
+ "Issuer's OCSP responder reports certificate is revoked.")
+
+ER3(SEC_ERROR_CRL_INVALID_VERSION, (SEC_ERROR_BASE + 147),
+ "Issuer's Certificate Revocation List has an unknown version number.")
+
+ER3(SEC_ERROR_CRL_V1_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 148),
+ "Issuer's V1 Certificate Revocation List has a critical extension.")
+
+ER3(SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 149),
+ "Issuer's V2 Certificate Revocation List has an unknown critical extension.")
+
+ER3(SEC_ERROR_UNKNOWN_OBJECT_TYPE, (SEC_ERROR_BASE + 150),
+ "Unknown object type specified.")
+
+ER3(SEC_ERROR_INCOMPATIBLE_PKCS11, (SEC_ERROR_BASE + 151),
+ "PKCS #11 driver violates the spec in an incompatible way.")
+
+ER3(SEC_ERROR_NO_EVENT, (SEC_ERROR_BASE + 152),
+ "No new slot event is available at this time.")
+
+ER3(SEC_ERROR_CRL_ALREADY_EXISTS, (SEC_ERROR_BASE + 153),
+ "CRL already exists.")
+
+ER3(SEC_ERROR_NOT_INITIALIZED, (SEC_ERROR_BASE + 154),
+ "NSS is not initialized.")
+
+ER3(SEC_ERROR_TOKEN_NOT_LOGGED_IN, (SEC_ERROR_BASE + 155),
+ "The operation failed because the PKCS#11 token is not logged in.")
+
+ER3(SEC_ERROR_OCSP_RESPONDER_CERT_INVALID, (SEC_ERROR_BASE + 156),
+ "Configured OCSP responder's certificate is invalid.")
+
+ER3(SEC_ERROR_OCSP_BAD_SIGNATURE, (SEC_ERROR_BASE + 157),
+ "OCSP response has an invalid signature.")
+
+ER3(SEC_ERROR_OUT_OF_SEARCH_LIMITS, (SEC_ERROR_BASE + 158),
+ "Cert validation search is out of search limits")
+
+ER3(SEC_ERROR_INVALID_POLICY_MAPPING, (SEC_ERROR_BASE + 159),
+ "Policy mapping contains anypolicy")
+
+ER3(SEC_ERROR_POLICY_VALIDATION_FAILED, (SEC_ERROR_BASE + 160),
+ "Cert chain fails policy validation")
+
+ER3(SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE, (SEC_ERROR_BASE + 161),
+ "Unknown location type in cert AIA extension")
+
+ER3(SEC_ERROR_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 162),
+ "Server returned bad HTTP response")
+
+ER3(SEC_ERROR_BAD_LDAP_RESPONSE, (SEC_ERROR_BASE + 163),
+ "Server returned bad LDAP response")
+
+ER3(SEC_ERROR_FAILED_TO_ENCODE_DATA, (SEC_ERROR_BASE + 164),
+ "Failed to encode data with ASN1 encoder")
+
+ER3(SEC_ERROR_BAD_INFO_ACCESS_LOCATION, (SEC_ERROR_BASE + 165),
+ "Bad information access location in cert extension")
+
+ER3(SEC_ERROR_LIBPKIX_INTERNAL, (SEC_ERROR_BASE + 166),
+ "Libpkix internal error occurred during cert validation.")
+
+ER3(SEC_ERROR_PKCS11_GENERAL_ERROR, (SEC_ERROR_BASE + 167),
+ "A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred.")
+
+ER3(SEC_ERROR_PKCS11_FUNCTION_FAILED, (SEC_ERROR_BASE + 168),
+ "A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed. Trying the same operation again might succeed.")
+
+ER3(SEC_ERROR_PKCS11_DEVICE_ERROR, (SEC_ERROR_BASE + 169),
+ "A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot.")
+
+ER3(SEC_ERROR_BAD_INFO_ACCESS_METHOD, (SEC_ERROR_BASE + 170),
+ "Unknown information access method in certificate extension.")
+
+ER3(SEC_ERROR_CRL_IMPORT_FAILED, (SEC_ERROR_BASE + 171),
+ "Error attempting to import a CRL.")
+
+ER3(SEC_ERROR_EXPIRED_PASSWORD, (SEC_ERROR_BASE + 172),
+ "The password expired.")
+
+ER3(SEC_ERROR_LOCKED_PASSWORD, (SEC_ERROR_BASE + 173),
+ "The password is locked.")
+
+ER3(SEC_ERROR_UNKNOWN_PKCS11_ERROR, (SEC_ERROR_BASE + 174),
+ "Unknown PKCS #11 error.")
+
+ER3(SEC_ERROR_BAD_CRL_DP_URL, (SEC_ERROR_BASE + 175),
+ "Invalid or unsupported URL in CRL distribution point name.")
+
+ER3(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, (SEC_ERROR_BASE + 176),
+ "The certificate was signed using a signature algorithm that is disabled because it is not secure.")
+
+ER3(SEC_ERROR_LEGACY_DATABASE, (SEC_ERROR_BASE + 177),
+ "The certificate/key database is in an old, unsupported format.")
+
+ER3(SEC_ERROR_APPLICATION_CALLBACK_ERROR, (SEC_ERROR_BASE + 178),
+ "The certificate was rejected by extra checks in the application.")
diff --git a/security/nss/lib/util/base64.h b/security/nss/lib/util/base64.h
new file mode 100644
index 000000000..ddc2db600
--- /dev/null
+++ b/security/nss/lib/util/base64.h
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * base64.h - prototypes for base64 encoding/decoding
+ * Note: These functions are deprecated; see nssb64.h for new routines.
+ */
+#ifndef _BASE64_H_
+#define _BASE64_H_
+
+#include "utilrename.h"
+#include "seccomon.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+** Return an PORT_Alloc'd ascii string which is the base64 encoded
+** version of the input string.
+*/
+extern char *BTOA_DataToAscii(const unsigned char *data, unsigned int len);
+
+/*
+** Return an PORT_Alloc'd string which is the base64 decoded version
+** of the input string; set *lenp to the length of the returned data.
+*/
+extern unsigned char *ATOB_AsciiToData(const char *string, unsigned int *lenp);
+
+/*
+** Convert from ascii to binary encoding of an item.
+*/
+extern SECStatus ATOB_ConvertAsciiToItem(SECItem *binary_item, const char *ascii);
+
+/*
+** Convert from binary encoding of an item to ascii.
+*/
+extern char *BTOA_ConvertItemToAscii(SECItem *binary_item);
+
+SEC_END_PROTOS
+
+#endif /* _BASE64_H_ */
diff --git a/security/nss/lib/util/ciferfam.h b/security/nss/lib/util/ciferfam.h
new file mode 100644
index 000000000..559e92f1d
--- /dev/null
+++ b/security/nss/lib/util/ciferfam.h
@@ -0,0 +1,59 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * ciferfam.h - cipher familie IDs used for configuring ciphers for export
+ * control
+ */
+
+#ifndef _CIFERFAM_H_
+#define _CIFERFAM_H_
+
+#include "utilrename.h"
+/* Cipher Suite "Families" */
+#define CIPHER_FAMILY_PKCS12 "PKCS12"
+#define CIPHER_FAMILY_SMIME "SMIME"
+#define CIPHER_FAMILY_SSL2 "SSLv2" /* deprecated */
+#define CIPHER_FAMILY_SSL3 "SSLv3"
+#define CIPHER_FAMILY_SSL "SSL"
+#define CIPHER_FAMILY_ALL ""
+#define CIPHER_FAMILY_UNKNOWN "UNKNOWN"
+
+#define CIPHER_FAMILYID_MASK 0xFFFF0000L
+#define CIPHER_FAMILYID_SSL 0x00000000L
+#define CIPHER_FAMILYID_SMIME 0x00010000L
+#define CIPHER_FAMILYID_PKCS12 0x00020000L
+
+/* SMIME "Cipher Suites" */
+/*
+ * Note that it is assumed that the cipher number itself can be used
+ * as a bit position in a mask, and that mask is currently 32 bits wide.
+ * So, if you want to add a cipher that is greater than 0037, secmime.c
+ * needs to be made smarter at the same time.
+ */
+#define SMIME_RC2_CBC_40 (CIPHER_FAMILYID_SMIME | 0001)
+#define SMIME_RC2_CBC_64 (CIPHER_FAMILYID_SMIME | 0002)
+#define SMIME_RC2_CBC_128 (CIPHER_FAMILYID_SMIME | 0003)
+#define SMIME_DES_CBC_56 (CIPHER_FAMILYID_SMIME | 0011)
+#define SMIME_DES_EDE3_168 (CIPHER_FAMILYID_SMIME | 0012)
+#define SMIME_AES_CBC_128 (CIPHER_FAMILYID_SMIME | 0013)
+#define SMIME_AES_CBC_256 (CIPHER_FAMILYID_SMIME | 0014)
+#define SMIME_RC5PAD_64_16_40 (CIPHER_FAMILYID_SMIME | 0021)
+#define SMIME_RC5PAD_64_16_64 (CIPHER_FAMILYID_SMIME | 0022)
+#define SMIME_RC5PAD_64_16_128 (CIPHER_FAMILYID_SMIME | 0023)
+#define SMIME_FORTEZZA (CIPHER_FAMILYID_SMIME | 0031)
+
+/* PKCS12 "Cipher Suites" */
+
+#define PKCS12_RC2_CBC_40 (CIPHER_FAMILYID_PKCS12 | 0001)
+#define PKCS12_RC2_CBC_128 (CIPHER_FAMILYID_PKCS12 | 0002)
+#define PKCS12_RC4_40 (CIPHER_FAMILYID_PKCS12 | 0011)
+#define PKCS12_RC4_128 (CIPHER_FAMILYID_PKCS12 | 0012)
+#define PKCS12_DES_56 (CIPHER_FAMILYID_PKCS12 | 0021)
+#define PKCS12_DES_EDE3_168 (CIPHER_FAMILYID_PKCS12 | 0022)
+
+/* SMIME version numbers are negative, to avoid colliding with SSL versions */
+#define SMIME_LIBRARY_VERSION_1_0 -0x0100
+
+#endif /* _CIFERFAM_H_ */
diff --git a/security/nss/lib/util/config.mk b/security/nss/lib/util/config.mk
new file mode 100644
index 000000000..a3e720218
--- /dev/null
+++ b/security/nss/lib/util/config.mk
@@ -0,0 +1,45 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# can't do this in manifest.mn because OS_TARGET isn't defined there.
+ifeq (,$(filter-out WIN%,$(OS_TARGET)))
+
+# don't want the 32 in the shared library name
+SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
+
+RES = $(OBJDIR)/$(LIBRARY_NAME).res
+RESNAME = $(LIBRARY_NAME).rc
+
+ifdef NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4\
+ $(NULL)
+else # ! NS_USE_GCC
+EXTRA_SHARED_LIBS += \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
+ $(NULL)
+endif # NS_USE_GCC
+
+else
+
+# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
+# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
+EXTRA_SHARED_LIBS += \
+ -L$(DIST)/lib \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+
+endif
+
diff --git a/security/nss/lib/util/derdec.c b/security/nss/lib/util/derdec.c
new file mode 100644
index 000000000..2e3312b23
--- /dev/null
+++ b/security/nss/lib/util/derdec.c
@@ -0,0 +1,189 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secder.h"
+#include "secerr.h"
+
+static PRUint32
+der_indefinite_length(unsigned char *buf, unsigned char *end)
+{
+ PRUint32 len, ret, dataLen;
+ unsigned char tag, lenCode;
+ int dataLenLen;
+
+ len = 0;
+ while (1) {
+ if ((buf + 2) > end) {
+ return (0);
+ }
+
+ tag = *buf++;
+ lenCode = *buf++;
+ len += 2;
+
+ if ((tag == 0) && (lenCode == 0)) {
+ return (len);
+ }
+
+ if (lenCode == 0x80) { /* indefinite length */
+ ret = der_indefinite_length(buf, end); /* recurse to find length */
+ if (ret == 0)
+ return 0;
+ len += ret;
+ buf += ret;
+ } else { /* definite length */
+ if (lenCode & 0x80) {
+ /* Length of data is in multibyte format */
+ dataLenLen = lenCode & 0x7f;
+ switch (dataLenLen) {
+ case 1:
+ dataLen = buf[0];
+ break;
+ case 2:
+ dataLen = (buf[0] << 8) | buf[1];
+ break;
+ case 3:
+ dataLen = ((unsigned long)buf[0] << 16) | (buf[1] << 8) | buf[2];
+ break;
+ case 4:
+ dataLen = ((unsigned long)buf[0] << 24) |
+ ((unsigned long)buf[1] << 16) | (buf[2] << 8) | buf[3];
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+ } else {
+ /* Length of data is in single byte */
+ dataLen = lenCode;
+ dataLenLen = 0;
+ }
+
+ /* skip this item */
+ buf = buf + dataLenLen + dataLen;
+ len = len + dataLenLen + dataLen;
+ }
+ }
+}
+
+/*
+** Capture the next thing in the buffer.
+** Returns the length of the header and the length of the contents.
+*/
+static SECStatus
+der_capture(unsigned char *buf, unsigned char *end,
+ int *header_len_p, PRUint32 *contents_len_p)
+{
+ unsigned char *bp;
+ unsigned char whole_tag;
+ PRUint32 contents_len;
+ int tag_number;
+
+ if ((buf + 2) > end) {
+ *header_len_p = 0;
+ *contents_len_p = 0;
+ if (buf == end)
+ return SECSuccess;
+ return SECFailure;
+ }
+
+ bp = buf;
+
+ /* Get tag and verify that it is ok. */
+ whole_tag = *bp++;
+ tag_number = whole_tag & DER_TAGNUM_MASK;
+
+ /*
+ * XXX This code does not (yet) handle the high-tag-number form!
+ */
+ if (tag_number == DER_HIGH_TAG_NUMBER) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+
+ if ((whole_tag & DER_CLASS_MASK) == DER_UNIVERSAL) {
+ /* Check that the universal tag number is one we implement. */
+ switch (tag_number) {
+ case DER_BOOLEAN:
+ case DER_INTEGER:
+ case DER_BIT_STRING:
+ case DER_OCTET_STRING:
+ case DER_NULL:
+ case DER_OBJECT_ID:
+ case DER_SEQUENCE:
+ case DER_SET:
+ case DER_PRINTABLE_STRING:
+ case DER_T61_STRING:
+ case DER_IA5_STRING:
+ case DER_VISIBLE_STRING:
+ case DER_UTC_TIME:
+ case 0: /* end-of-contents tag */
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+ }
+
+ /*
+ * Get first byte of length code (might contain entire length, might not).
+ */
+ contents_len = *bp++;
+
+ /*
+ * If the high bit is set, then the length is in multibyte format,
+ * or the thing has an indefinite-length.
+ */
+ if (contents_len & 0x80) {
+ int bytes_of_encoded_len;
+
+ bytes_of_encoded_len = contents_len & 0x7f;
+ contents_len = 0;
+
+ switch (bytes_of_encoded_len) {
+ case 4:
+ contents_len |= *bp++;
+ contents_len <<= 8;
+ /* fallthru */
+ case 3:
+ contents_len |= *bp++;
+ contents_len <<= 8;
+ /* fallthru */
+ case 2:
+ contents_len |= *bp++;
+ contents_len <<= 8;
+ /* fallthru */
+ case 1:
+ contents_len |= *bp++;
+ break;
+
+ case 0:
+ contents_len = der_indefinite_length(bp, end);
+ if (contents_len)
+ break;
+ /* fallthru */
+ default:
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+ }
+
+ if ((bp + contents_len) > end) {
+ /* Ran past end of buffer */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+
+ *header_len_p = (int)(bp - buf);
+ *contents_len_p = contents_len;
+
+ return SECSuccess;
+}
+
+SECStatus
+DER_Lengths(SECItem *item, int *header_len_p, PRUint32 *contents_len_p)
+{
+ return (der_capture(item->data, &item->data[item->len], header_len_p,
+ contents_len_p));
+}
diff --git a/security/nss/lib/util/derenc.c b/security/nss/lib/util/derenc.c
new file mode 100644
index 000000000..da9fc4e64
--- /dev/null
+++ b/security/nss/lib/util/derenc.c
@@ -0,0 +1,460 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secder.h"
+#include "secerr.h"
+
+#if 0
+/*
+ * Generic templates for individual/simple items.
+ */
+
+DERTemplate SECAnyTemplate[] = {
+ { DER_ANY,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECBitStringTemplate[] = {
+ { DER_BIT_STRING,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECBooleanTemplate[] = {
+ { DER_BOOLEAN,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECIA5StringTemplate[] = {
+ { DER_IA5_STRING,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECIntegerTemplate[] = {
+ { DER_INTEGER,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECNullTemplate[] = {
+ { DER_NULL,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECObjectIDTemplate[] = {
+ { DER_OBJECT_ID,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECOctetStringTemplate[] = {
+ { DER_OCTET_STRING,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECPrintableStringTemplate[] = {
+ { DER_PRINTABLE_STRING,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECT61StringTemplate[] = {
+ { DER_T61_STRING,
+ 0, NULL, sizeof(SECItem) }
+};
+
+DERTemplate SECUTCTimeTemplate[] = {
+ { DER_UTC_TIME,
+ 0, NULL, sizeof(SECItem) }
+};
+
+#endif
+
+static int
+header_length(DERTemplate *dtemplate, PRUint32 contents_len)
+{
+ PRUint32 len;
+ unsigned long encode_kind, under_kind;
+ PRBool explicit, optional, universal;
+
+ encode_kind = dtemplate->kind;
+
+ explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
+ optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
+ universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ PORT_Assert(!(explicit && universal)); /* bad templates */
+
+ if (encode_kind & DER_POINTER) {
+ if (dtemplate->sub != NULL) {
+ under_kind = dtemplate->sub->kind;
+ if (universal) {
+ encode_kind = under_kind;
+ }
+ } else if (universal) {
+ under_kind = encode_kind & ~DER_POINTER;
+ } else {
+ under_kind = dtemplate->arg;
+ }
+ } else if (encode_kind & DER_INLINE) {
+ PORT_Assert(dtemplate->sub != NULL);
+ under_kind = dtemplate->sub->kind;
+ if (universal) {
+ encode_kind = under_kind;
+ }
+ } else if (universal) {
+ under_kind = encode_kind;
+ } else {
+ under_kind = dtemplate->arg;
+ }
+
+ /* This is only used in decoding; it plays no part in encoding. */
+ if (under_kind & DER_DERPTR)
+ return 0;
+
+ /* No header at all for an "empty" optional. */
+ if ((contents_len == 0) && optional)
+ return 0;
+
+ /* And no header for a full DER_ANY. */
+ if (encode_kind & DER_ANY)
+ return 0;
+
+ /*
+ * The common case: one octet for identifier and as many octets
+ * as necessary to hold the content length.
+ */
+ len = 1 + DER_LengthLength(contents_len);
+
+ /* Account for the explicit wrapper, if necessary. */
+ if (explicit) {
+#if 0 /* \
+ * Well, I was trying to do something useful, but these \
+ * assertions are too restrictive on valid templates. \
+ * I wanted to make sure that the top-level "kind" of \
+ * a template does not also specify DER_EXPLICIT, which \
+ * should only modify a component field. Maybe later \
+ * I can figure out a better way to detect such a problem, \
+ * but for now I must remove these checks altogether. \
+ */
+ /*
+ * This modifier applies only to components of a set or sequence;
+ * it should never be used on a set/sequence itself -- confirm.
+ */
+ PORT_Assert (under_kind != DER_SEQUENCE);
+ PORT_Assert (under_kind != DER_SET);
+#endif
+
+ len += 1 + DER_LengthLength(len + contents_len);
+ }
+
+ return len;
+}
+
+static PRUint32
+contents_length(DERTemplate *dtemplate, void *src)
+{
+ PRUint32 len;
+ unsigned long encode_kind, under_kind;
+ PRBool universal;
+
+ PORT_Assert(src != NULL);
+
+ encode_kind = dtemplate->kind;
+
+ universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
+ ? PR_TRUE
+ : PR_FALSE;
+ encode_kind &= ~DER_OPTIONAL;
+
+ if (encode_kind & DER_POINTER) {
+ src = *(void **)src;
+ if (src == NULL) {
+ return 0;
+ }
+ if (dtemplate->sub != NULL) {
+ dtemplate = dtemplate->sub;
+ under_kind = dtemplate->kind;
+ src = (void *)((char *)src + dtemplate->offset);
+ } else if (universal) {
+ under_kind = encode_kind & ~DER_POINTER;
+ } else {
+ under_kind = dtemplate->arg;
+ }
+ } else if (encode_kind & DER_INLINE) {
+ PORT_Assert(dtemplate->sub != NULL);
+ dtemplate = dtemplate->sub;
+ under_kind = dtemplate->kind;
+ src = (void *)((char *)src + dtemplate->offset);
+ } else if (universal) {
+ under_kind = encode_kind;
+ } else {
+ under_kind = dtemplate->arg;
+ }
+
+ /* Having any of these bits is not expected here... */
+ PORT_Assert((under_kind & (DER_EXPLICIT | DER_INLINE | DER_OPTIONAL | DER_POINTER | DER_SKIP)) == 0);
+
+ /* This is only used in decoding; it plays no part in encoding. */
+ if (under_kind & DER_DERPTR)
+ return 0;
+
+ if (under_kind & DER_INDEFINITE) {
+ PRUint32 sub_len;
+ void **indp = *(void ***)src;
+
+ if (indp == NULL)
+ return 0;
+
+ len = 0;
+ under_kind &= ~DER_INDEFINITE;
+
+ if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
+ DERTemplate *tmpt = dtemplate->sub;
+ PORT_Assert(tmpt != NULL);
+
+ for (; *indp != NULL; indp++) {
+ void *sub_src = (void *)((char *)(*indp) + tmpt->offset);
+ sub_len = contents_length(tmpt, sub_src);
+ len += sub_len + header_length(tmpt, sub_len);
+ }
+ } else {
+ /*
+ * XXX Lisa is not sure this code (for handling, for example,
+ * DER_INDEFINITE | DER_OCTET_STRING) is right.
+ */
+ for (; *indp != NULL; indp++) {
+ SECItem *item = (SECItem *)(*indp);
+ sub_len = item->len;
+ if (under_kind == DER_BIT_STRING) {
+ sub_len = (sub_len + 7) >> 3;
+ /* bit string contents involve an extra octet */
+ if (sub_len)
+ sub_len++;
+ }
+ if (under_kind != DER_ANY)
+ len += 1 + DER_LengthLength(sub_len);
+ }
+ }
+
+ return len;
+ }
+
+ switch (under_kind) {
+ case DER_SEQUENCE:
+ case DER_SET: {
+ DERTemplate *tmpt;
+ void *sub_src;
+ PRUint32 sub_len;
+
+ len = 0;
+ for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
+ sub_src = (void *)((char *)src + tmpt->offset);
+ sub_len = contents_length(tmpt, sub_src);
+ len += sub_len + header_length(tmpt, sub_len);
+ }
+ } break;
+
+ case DER_BIT_STRING:
+ len = (((SECItem *)src)->len + 7) >> 3;
+ /* bit string contents involve an extra octet */
+ if (len)
+ len++;
+ break;
+
+ default:
+ len = ((SECItem *)src)->len;
+ break;
+ }
+
+ return len;
+}
+
+static unsigned char *
+der_encode(unsigned char *buf, DERTemplate *dtemplate, void *src)
+{
+ int header_len;
+ PRUint32 contents_len;
+ unsigned long encode_kind, under_kind;
+ PRBool explicit, universal;
+
+ /*
+ * First figure out how long the encoding will be. Do this by
+ * traversing the template from top to bottom and accumulating
+ * the length of each leaf item.
+ */
+ contents_len = contents_length(dtemplate, src);
+ header_len = header_length(dtemplate, contents_len);
+
+ /*
+ * Enough smarts was involved already, so that if both the
+ * header and the contents have a length of zero, then we
+ * are not doing any encoding for this element.
+ */
+ if (header_len == 0 && contents_len == 0)
+ return buf;
+
+ encode_kind = dtemplate->kind;
+
+ explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~DER_OPTIONAL;
+ universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ if (encode_kind & DER_POINTER) {
+ if (contents_len) {
+ src = *(void **)src;
+ PORT_Assert(src != NULL);
+ }
+ if (dtemplate->sub != NULL) {
+ dtemplate = dtemplate->sub;
+ under_kind = dtemplate->kind;
+ if (universal) {
+ encode_kind = under_kind;
+ }
+ src = (void *)((char *)src + dtemplate->offset);
+ } else if (universal) {
+ under_kind = encode_kind & ~DER_POINTER;
+ } else {
+ under_kind = dtemplate->arg;
+ }
+ } else if (encode_kind & DER_INLINE) {
+ dtemplate = dtemplate->sub;
+ under_kind = dtemplate->kind;
+ if (universal) {
+ encode_kind = under_kind;
+ }
+ src = (void *)((char *)src + dtemplate->offset);
+ } else if (universal) {
+ under_kind = encode_kind;
+ } else {
+ under_kind = dtemplate->arg;
+ }
+
+ if (explicit) {
+ buf = DER_StoreHeader(buf, encode_kind,
+ (1 + DER_LengthLength(contents_len) + contents_len));
+ encode_kind = under_kind;
+ }
+
+ if ((encode_kind & DER_ANY) == 0) { /* DER_ANY already contains header */
+ buf = DER_StoreHeader(buf, encode_kind, contents_len);
+ }
+
+ /* If no real contents to encode, then we are done. */
+ if (contents_len == 0)
+ return buf;
+
+ if (under_kind & DER_INDEFINITE) {
+ void **indp;
+
+ indp = *(void ***)src;
+ PORT_Assert(indp != NULL);
+
+ under_kind &= ~DER_INDEFINITE;
+ if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
+ DERTemplate *tmpt = dtemplate->sub;
+ PORT_Assert(tmpt != NULL);
+ for (; *indp != NULL; indp++) {
+ void *sub_src = (void *)((char *)(*indp) + tmpt->offset);
+ buf = der_encode(buf, tmpt, sub_src);
+ }
+ } else {
+ for (; *indp != NULL; indp++) {
+ SECItem *item;
+ int sub_len;
+
+ item = (SECItem *)(*indp);
+ sub_len = item->len;
+ if (under_kind == DER_BIT_STRING) {
+ if (sub_len) {
+ int rem;
+
+ sub_len = (sub_len + 7) >> 3;
+ buf = DER_StoreHeader(buf, under_kind, sub_len + 1);
+ rem = (sub_len << 3) - item->len;
+ *buf++ = rem; /* remaining bits */
+ } else {
+ buf = DER_StoreHeader(buf, under_kind, 0);
+ }
+ } else if (under_kind != DER_ANY) {
+ buf = DER_StoreHeader(buf, under_kind, sub_len);
+ }
+ PORT_Memcpy(buf, item->data, sub_len);
+ buf += sub_len;
+ }
+ }
+ return buf;
+ }
+
+ switch (under_kind) {
+ case DER_SEQUENCE:
+ case DER_SET: {
+ DERTemplate *tmpt;
+ void *sub_src;
+
+ for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
+ sub_src = (void *)((char *)src + tmpt->offset);
+ buf = der_encode(buf, tmpt, sub_src);
+ }
+ } break;
+
+ case DER_BIT_STRING: {
+ SECItem *item;
+ int rem;
+
+ /*
+ * The contents length includes our extra octet; subtract
+ * it off so we just have the real string length there.
+ */
+ contents_len--;
+ item = (SECItem *)src;
+ PORT_Assert(contents_len == ((item->len + 7) >> 3));
+ rem = (contents_len << 3) - item->len;
+ *buf++ = rem; /* remaining bits */
+ PORT_Memcpy(buf, item->data, contents_len);
+ buf += contents_len;
+ } break;
+
+ default: {
+ SECItem *item;
+
+ item = (SECItem *)src;
+ PORT_Assert(contents_len == item->len);
+ PORT_Memcpy(buf, item->data, contents_len);
+ buf += contents_len;
+ } break;
+ }
+
+ return buf;
+}
+
+SECStatus
+DER_Encode(PLArenaPool *arena, SECItem *dest, DERTemplate *dtemplate, void *src)
+{
+ unsigned int contents_len, header_len;
+
+ src = (void **)((char *)src + dtemplate->offset);
+
+ /*
+ * First figure out how long the encoding will be. Do this by
+ * traversing the template from top to bottom and accumulating
+ * the length of each leaf item.
+ */
+ contents_len = contents_length(dtemplate, src);
+ header_len = header_length(dtemplate, contents_len);
+
+ dest->len = contents_len + header_len;
+
+ /* Allocate storage to hold the encoding */
+ dest->data = (unsigned char *)PORT_ArenaAlloc(arena, dest->len);
+ if (dest->data == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ /* Now encode into the buffer */
+ (void)der_encode(dest->data, dtemplate, src);
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/util/dersubr.c b/security/nss/lib/util/dersubr.c
new file mode 100644
index 000000000..03d070ab2
--- /dev/null
+++ b/security/nss/lib/util/dersubr.c
@@ -0,0 +1,249 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secder.h"
+#include <limits.h>
+#include "secerr.h"
+
+int
+DER_LengthLength(PRUint32 len)
+{
+ if (len > 127) {
+ if (len > 255) {
+ if (len > 65535L) {
+ if (len > 16777215L) {
+ return 5;
+ } else {
+ return 4;
+ }
+ } else {
+ return 3;
+ }
+ } else {
+ return 2;
+ }
+ } else {
+ return 1;
+ }
+}
+
+unsigned char *
+DER_StoreHeader(unsigned char *buf, unsigned int code, PRUint32 len)
+{
+ unsigned char b[4];
+
+ b[0] = (unsigned char)(len >> 24);
+ b[1] = (unsigned char)(len >> 16);
+ b[2] = (unsigned char)(len >> 8);
+ b[3] = (unsigned char)len;
+ if ((code & DER_TAGNUM_MASK) == DER_SET || (code & DER_TAGNUM_MASK) == DER_SEQUENCE)
+ code |= DER_CONSTRUCTED;
+ *buf++ = code;
+ if (len > 127) {
+ if (len > 255) {
+ if (len > 65535) {
+ if (len > 16777215) {
+ *buf++ = 0x84;
+ *buf++ = b[0];
+ *buf++ = b[1];
+ *buf++ = b[2];
+ *buf++ = b[3];
+ } else {
+ *buf++ = 0x83;
+ *buf++ = b[1];
+ *buf++ = b[2];
+ *buf++ = b[3];
+ }
+ } else {
+ *buf++ = 0x82;
+ *buf++ = b[2];
+ *buf++ = b[3];
+ }
+ } else {
+ *buf++ = 0x81;
+ *buf++ = b[3];
+ }
+ } else {
+ *buf++ = b[3];
+ }
+ return buf;
+}
+
+/*
+ * XXX This should be rewritten, generalized, to take a long instead
+ * of a PRInt32.
+ */
+SECStatus
+DER_SetInteger(PLArenaPool *arena, SECItem *it, PRInt32 i)
+{
+ unsigned char bb[4];
+ unsigned len;
+
+ bb[0] = (unsigned char)(i >> 24);
+ bb[1] = (unsigned char)(i >> 16);
+ bb[2] = (unsigned char)(i >> 8);
+ bb[3] = (unsigned char)(i);
+
+ /*
+ ** Small integers are encoded in a single byte. Larger integers
+ ** require progressively more space.
+ */
+ if (i < -128) {
+ if (i < -32768L) {
+ if (i < -8388608L) {
+ len = 4;
+ } else {
+ len = 3;
+ }
+ } else {
+ len = 2;
+ }
+ } else if (i > 127) {
+ if (i > 32767L) {
+ if (i > 8388607L) {
+ len = 4;
+ } else {
+ len = 3;
+ }
+ } else {
+ len = 2;
+ }
+ } else {
+ len = 1;
+ }
+ it->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ if (!it->data) {
+ return SECFailure;
+ }
+ it->len = len;
+ PORT_Memcpy(it->data, bb + (4 - len), len);
+ return SECSuccess;
+}
+
+/*
+ * XXX This should be rewritten, generalized, to take an unsigned long instead
+ * of a PRUint32.
+ */
+SECStatus
+DER_SetUInteger(PLArenaPool *arena, SECItem *it, PRUint32 ui)
+{
+ unsigned char bb[5];
+ int len;
+
+ bb[0] = 0;
+ bb[1] = (unsigned char)(ui >> 24);
+ bb[2] = (unsigned char)(ui >> 16);
+ bb[3] = (unsigned char)(ui >> 8);
+ bb[4] = (unsigned char)(ui);
+
+ /*
+ ** Small integers are encoded in a single byte. Larger integers
+ ** require progressively more space.
+ */
+ if (ui > 0x7f) {
+ if (ui > 0x7fff) {
+ if (ui > 0x7fffffL) {
+ if (ui >= 0x80000000L) {
+ len = 5;
+ } else {
+ len = 4;
+ }
+ } else {
+ len = 3;
+ }
+ } else {
+ len = 2;
+ }
+ } else {
+ len = 1;
+ }
+
+ it->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ if (it->data == NULL) {
+ return SECFailure;
+ }
+
+ it->len = len;
+ PORT_Memcpy(it->data, bb + (sizeof(bb) - len), len);
+
+ return SECSuccess;
+}
+
+/*
+** Convert a der encoded *signed* integer into a machine integral value.
+** If an underflow/overflow occurs, sets error code and returns min/max.
+*/
+long
+DER_GetInteger(const SECItem *it)
+{
+ unsigned long ival;
+ PRBool negative;
+ unsigned int len = it->len;
+ unsigned char *cp = it->data;
+ size_t lsize = sizeof(ival);
+
+ PORT_Assert(len);
+ if (!len) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return 0;
+ }
+
+ negative = (PRBool)(*cp & 0x80);
+ ival = negative ? ~0 : 0;
+
+ /* Ignore leading zeros/ones. */
+ while (len && *cp == (unsigned char)ival) {
+ len--;
+ cp++;
+ }
+
+ /* Check for overflow/underflow. */
+ if (len > lsize || (len == lsize && (*cp & 0x80) != negative)) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return negative ? LONG_MIN : LONG_MAX;
+ }
+
+ while (len--) {
+ ival <<= 8;
+ ival |= *cp++;
+ }
+
+ return ival;
+}
+
+/*
+** Convert a der encoded *unsigned* integer into a machine integral value.
+** If an overflow occurs, sets error code and returns max.
+*/
+unsigned long
+DER_GetUInteger(SECItem *it)
+{
+ unsigned long ival = 0;
+ unsigned len = it->len;
+ unsigned char *cp = it->data;
+ unsigned long overflow = 0xffUL << ((sizeof(ival) - 1) * 8);
+
+ PORT_Assert(len);
+ if (!len) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return 0;
+ }
+
+ /* Cannot put a negative value into an unsigned container. */
+ if (*cp & 0x80) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return 0;
+ }
+
+ while (len) {
+ if (ival & overflow) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return ULONG_MAX;
+ }
+ ival = ival << 8;
+ ival |= *cp++;
+ --len;
+ }
+ return ival;
+}
diff --git a/security/nss/lib/util/dertime.c b/security/nss/lib/util/dertime.c
new file mode 100644
index 000000000..f58fc18b4
--- /dev/null
+++ b/security/nss/lib/util/dertime.c
@@ -0,0 +1,310 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prtypes.h"
+#include "prtime.h"
+#include "secder.h"
+#include "prlong.h"
+#include "secerr.h"
+
+#define HIDIGIT(v) (((v) / 10) + '0')
+#define LODIGIT(v) (((v) % 10) + '0')
+
+#define ISDIGIT(dig) (((dig) >= '0') && ((dig) <= '9'))
+#define CAPTURE(var, p, label) \
+ { \
+ if (!ISDIGIT((p)[0]) || !ISDIGIT((p)[1])) \
+ goto label; \
+ (var) = ((p)[0] - '0') * 10 + ((p)[1] - '0'); \
+ p += 2; \
+ }
+
+static const PRTime January1st1 = PR_INT64(0xff23400100d44000);
+static const PRTime January1st1950 = PR_INT64(0xfffdc1f8793da000);
+static const PRTime January1st2050 = PR_INT64(0x0008f81e1b098000);
+static const PRTime January1st10000 = PR_INT64(0x0384440ccc736000);
+
+/* gmttime must contains UTC time in micro-seconds unit */
+SECStatus
+DER_TimeToUTCTimeArena(PLArenaPool *arenaOpt, SECItem *dst, PRTime gmttime)
+{
+ PRExplodedTime printableTime;
+ unsigned char *d;
+
+ if ((gmttime < January1st1950) || (gmttime >= January1st2050)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ dst->len = 13;
+ if (arenaOpt) {
+ dst->data = d = (unsigned char *)PORT_ArenaAlloc(arenaOpt, dst->len);
+ } else {
+ dst->data = d = (unsigned char *)PORT_Alloc(dst->len);
+ }
+ dst->type = siUTCTime;
+ if (!d) {
+ return SECFailure;
+ }
+
+ /* Convert a PRTime to a printable format. */
+ PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
+
+ /* The month in UTC time is base one */
+ printableTime.tm_month++;
+
+ /* remove the century since it's added to the tm_year by the
+ PR_ExplodeTime routine, but is not needed for UTC time */
+ printableTime.tm_year %= 100;
+
+ d[0] = HIDIGIT(printableTime.tm_year);
+ d[1] = LODIGIT(printableTime.tm_year);
+ d[2] = HIDIGIT(printableTime.tm_month);
+ d[3] = LODIGIT(printableTime.tm_month);
+ d[4] = HIDIGIT(printableTime.tm_mday);
+ d[5] = LODIGIT(printableTime.tm_mday);
+ d[6] = HIDIGIT(printableTime.tm_hour);
+ d[7] = LODIGIT(printableTime.tm_hour);
+ d[8] = HIDIGIT(printableTime.tm_min);
+ d[9] = LODIGIT(printableTime.tm_min);
+ d[10] = HIDIGIT(printableTime.tm_sec);
+ d[11] = LODIGIT(printableTime.tm_sec);
+ d[12] = 'Z';
+ return SECSuccess;
+}
+
+SECStatus
+DER_TimeToUTCTime(SECItem *dst, PRTime gmttime)
+{
+ return DER_TimeToUTCTimeArena(NULL, dst, gmttime);
+}
+
+static SECStatus /* forward */
+ der_TimeStringToTime(PRTime *dst, const char *string, int generalized,
+ const char **endptr);
+
+#define GEN_STRING 2 /* TimeString is a GeneralizedTime */
+#define UTC_STRING 0 /* TimeString is a UTCTime */
+
+/* The caller of DER_AsciiToItem MUST ENSURE that either
+** a) "string" points to a null-terminated ASCII string, or
+** b) "string" points to a buffer containing a valid UTCTime,
+** whether null terminated or not, or
+** c) "string" contains at least 19 characters, with or without null char.
+** otherwise, this function may UMR and/or crash.
+** It suffices to ensure that the input "string" is at least 17 bytes long.
+*/
+SECStatus
+DER_AsciiToTime(PRTime *dst, const char *string)
+{
+ return der_TimeStringToTime(dst, string, UTC_STRING, NULL);
+}
+
+SECStatus
+DER_UTCTimeToTime(PRTime *dst, const SECItem *time)
+{
+ /* Minimum valid UTCTime is yymmddhhmmZ which is 11 bytes.
+ ** Maximum valid UTCTime is yymmddhhmmss+0000 which is 17 bytes.
+ ** 20 should be large enough for all valid encoded times.
+ */
+ unsigned int i;
+ char localBuf[20];
+ const char *end = NULL;
+ SECStatus rv;
+
+ if (!time || !time->data || time->len < 11 || time->len > 17) {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+ }
+
+ for (i = 0; i < time->len; i++) {
+ if (time->data[i] == '\0') {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+ }
+ localBuf[i] = time->data[i];
+ }
+ localBuf[i] = '\0';
+
+ rv = der_TimeStringToTime(dst, localBuf, UTC_STRING, &end);
+ if (rv == SECSuccess && *end != '\0') {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+ }
+ return rv;
+}
+
+/*
+ gmttime must contains UTC time in micro-seconds unit.
+ Note: the caller should make sure that Generalized time
+ should only be used for certifiate validities after the
+ year 2049. Otherwise, UTC time should be used. This routine
+ does not check this case, since it can be used to encode
+ certificate extension, which does not have this restriction.
+ */
+SECStatus
+DER_TimeToGeneralizedTimeArena(PLArenaPool *arenaOpt, SECItem *dst, PRTime gmttime)
+{
+ PRExplodedTime printableTime;
+ unsigned char *d;
+
+ if ((gmttime < January1st1) || (gmttime >= January1st10000)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ dst->len = 15;
+ if (arenaOpt) {
+ dst->data = d = (unsigned char *)PORT_ArenaAlloc(arenaOpt, dst->len);
+ } else {
+ dst->data = d = (unsigned char *)PORT_Alloc(dst->len);
+ }
+ dst->type = siGeneralizedTime;
+ if (!d) {
+ return SECFailure;
+ }
+
+ /* Convert a PRTime to a printable format. */
+ PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
+
+ /* The month in Generalized time is base one */
+ printableTime.tm_month++;
+
+ d[0] = (printableTime.tm_year / 1000) + '0';
+ d[1] = ((printableTime.tm_year % 1000) / 100) + '0';
+ d[2] = ((printableTime.tm_year % 100) / 10) + '0';
+ d[3] = (printableTime.tm_year % 10) + '0';
+ d[4] = HIDIGIT(printableTime.tm_month);
+ d[5] = LODIGIT(printableTime.tm_month);
+ d[6] = HIDIGIT(printableTime.tm_mday);
+ d[7] = LODIGIT(printableTime.tm_mday);
+ d[8] = HIDIGIT(printableTime.tm_hour);
+ d[9] = LODIGIT(printableTime.tm_hour);
+ d[10] = HIDIGIT(printableTime.tm_min);
+ d[11] = LODIGIT(printableTime.tm_min);
+ d[12] = HIDIGIT(printableTime.tm_sec);
+ d[13] = LODIGIT(printableTime.tm_sec);
+ d[14] = 'Z';
+ return SECSuccess;
+}
+
+SECStatus
+DER_TimeToGeneralizedTime(SECItem *dst, PRTime gmttime)
+{
+ return DER_TimeToGeneralizedTimeArena(NULL, dst, gmttime);
+}
+
+SECStatus
+DER_GeneralizedTimeToTime(PRTime *dst, const SECItem *time)
+{
+ /* Minimum valid GeneralizedTime is ccyymmddhhmmZ which is 13 bytes.
+ ** Maximum valid GeneralizedTime is ccyymmddhhmmss+0000 which is 19 bytes.
+ ** 20 should be large enough for all valid encoded times.
+ */
+ unsigned int i;
+ char localBuf[20];
+ const char *end = NULL;
+ SECStatus rv;
+
+ if (!time || !time->data || time->len < 13 || time->len > 19) {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+ }
+
+ for (i = 0; i < time->len; i++) {
+ if (time->data[i] == '\0') {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+ }
+ localBuf[i] = time->data[i];
+ }
+ localBuf[i] = '\0';
+
+ rv = der_TimeStringToTime(dst, localBuf, GEN_STRING, &end);
+ if (rv == SECSuccess && *end != '\0') {
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+ }
+ return rv;
+}
+
+static SECStatus
+der_TimeStringToTime(PRTime *dst, const char *string, int generalized,
+ const char **endptr)
+{
+ PRExplodedTime genTime;
+ long hourOff = 0, minOff = 0;
+ PRUint16 century;
+ char signum;
+
+ if (string == NULL || dst == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* Verify time is formatted properly and capture information */
+ memset(&genTime, 0, sizeof genTime);
+
+ if (generalized == UTC_STRING) {
+ CAPTURE(genTime.tm_year, string, loser);
+ century = (genTime.tm_year < 50) ? 20 : 19;
+ } else {
+ CAPTURE(century, string, loser);
+ CAPTURE(genTime.tm_year, string, loser);
+ }
+ genTime.tm_year += century * 100;
+
+ CAPTURE(genTime.tm_month, string, loser);
+ if ((genTime.tm_month == 0) || (genTime.tm_month > 12))
+ goto loser;
+
+ /* NSPR month base is 0 */
+ --genTime.tm_month;
+
+ CAPTURE(genTime.tm_mday, string, loser);
+ if ((genTime.tm_mday == 0) || (genTime.tm_mday > 31))
+ goto loser;
+
+ CAPTURE(genTime.tm_hour, string, loser);
+ if (genTime.tm_hour > 23)
+ goto loser;
+
+ CAPTURE(genTime.tm_min, string, loser);
+ if (genTime.tm_min > 59)
+ goto loser;
+
+ if (ISDIGIT(string[0])) {
+ CAPTURE(genTime.tm_sec, string, loser);
+ if (genTime.tm_sec > 59)
+ goto loser;
+ }
+ signum = *string++;
+ if (signum == '+' || signum == '-') {
+ CAPTURE(hourOff, string, loser);
+ if (hourOff > 23)
+ goto loser;
+ CAPTURE(minOff, string, loser);
+ if (minOff > 59)
+ goto loser;
+ if (signum == '-') {
+ hourOff = -hourOff;
+ minOff = -minOff;
+ }
+ } else if (signum != 'Z') {
+ goto loser;
+ }
+
+ if (endptr)
+ *endptr = string;
+
+ /* Convert the GMT offset to seconds and save it in genTime
+ * for the implode time call.
+ */
+ genTime.tm_params.tp_gmt_offset = (PRInt32)((hourOff * 60L + minOff) * 60L);
+ *dst = PR_ImplodeTime(&genTime);
+ return SECSuccess;
+
+loser:
+ PORT_SetError(SEC_ERROR_INVALID_TIME);
+ return SECFailure;
+}
diff --git a/security/nss/lib/util/eccutil.h b/security/nss/lib/util/eccutil.h
new file mode 100644
index 000000000..8c627e18b
--- /dev/null
+++ b/security/nss/lib/util/eccutil.h
@@ -0,0 +1,15 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _FREEBL_H_
+#define _FREEBL_H_
+
+/* deprecated */
+typedef enum {
+ ECPoint_Uncompressed,
+ ECPoint_XOnly,
+ ECPoint_Undefined
+} ECPointEncoding;
+
+#endif /* _FREEBL_H_ */
diff --git a/security/nss/lib/util/errstrs.c b/security/nss/lib/util/errstrs.c
new file mode 100644
index 000000000..138ee3958
--- /dev/null
+++ b/security/nss/lib/util/errstrs.c
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "prerror.h"
+#include "secerr.h"
+#include "secport.h"
+#include "prinit.h"
+#include "prprf.h"
+#include "prtypes.h"
+#include "prlog.h"
+#include "plstr.h"
+#include "nssutil.h"
+#include <string.h>
+
+#define ER3(name, value, str) { #name, str },
+
+static const struct PRErrorMessage sectext[] = {
+#include "SECerrs.h"
+ { 0, 0 }
+};
+
+static const struct PRErrorTable sec_et = {
+ sectext, "secerrstrings", SEC_ERROR_BASE,
+ (sizeof sectext) / (sizeof sectext[0])
+};
+
+static PRStatus
+nss_InitializePRErrorTableOnce(void)
+{
+ return PR_ErrorInstallTable(&sec_et);
+}
+
+static PRCallOnceType once;
+
+SECStatus
+NSS_InitializePRErrorTable(void)
+{
+ return (PR_SUCCESS == PR_CallOnce(&once, nss_InitializePRErrorTableOnce))
+ ? SECSuccess
+ : SECFailure;
+}
diff --git a/security/nss/lib/util/exports.gyp b/security/nss/lib/util/exports.gyp
new file mode 100644
index 000000000..eb220d2db
--- /dev/null
+++ b/security/nss/lib/util/exports.gyp
@@ -0,0 +1,67 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_util_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'base64.h',
+ 'ciferfam.h',
+ 'eccutil.h',
+ 'hasht.h',
+ 'nssb64.h',
+ 'nssb64t.h',
+ 'nssilckt.h',
+ 'nssilock.h',
+ 'nsslocks.h',
+ 'nssrwlk.h',
+ 'nssrwlkt.h',
+ 'nssutil.h',
+ 'pkcs11.h',
+ 'pkcs11f.h',
+ 'pkcs11n.h',
+ 'pkcs11p.h',
+ 'pkcs11t.h',
+ 'pkcs11u.h',
+ 'pkcs1sig.h',
+ 'portreg.h',
+ 'secasn1.h',
+ 'secasn1t.h',
+ 'seccomon.h',
+ 'secder.h',
+ 'secdert.h',
+ 'secdig.h',
+ 'secdigt.h',
+ 'secerr.h',
+ 'secitem.h',
+ 'secoid.h',
+ 'secoidt.h',
+ 'secport.h',
+ 'utilmodt.h',
+ 'utilpars.h',
+ 'utilparst.h',
+ 'utilrename.h'
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)'
+ },
+ {
+ 'files': [
+ 'templates.c',
+ 'verref.h'
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
diff --git a/security/nss/lib/util/hasht.h b/security/nss/lib/util/hasht.h
new file mode 100644
index 000000000..536d34c3d
--- /dev/null
+++ b/security/nss/lib/util/hasht.h
@@ -0,0 +1,63 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _HASHT_H_
+#define _HASHT_H_
+
+#include "prtypes.h"
+
+/* Opaque objects */
+typedef struct SECHashObjectStr SECHashObject;
+typedef struct HASHContextStr HASHContext;
+
+/*
+ * The hash functions the security library supports
+ * NOTE the order must match the definition of SECHashObjects[]!
+ */
+typedef enum {
+ HASH_AlgNULL = 0,
+ HASH_AlgMD2 = 1,
+ HASH_AlgMD5 = 2,
+ HASH_AlgSHA1 = 3,
+ HASH_AlgSHA256 = 4,
+ HASH_AlgSHA384 = 5,
+ HASH_AlgSHA512 = 6,
+ HASH_AlgSHA224 = 7,
+ HASH_AlgTOTAL
+} HASH_HashType;
+
+/*
+ * Number of bytes each hash algorithm produces
+ */
+#define MD2_LENGTH 16
+#define MD5_LENGTH 16
+#define SHA1_LENGTH 20
+#define SHA224_LENGTH 28
+#define SHA256_LENGTH 32
+#define SHA384_LENGTH 48
+#define SHA512_LENGTH 64
+#define HASH_LENGTH_MAX SHA512_LENGTH
+
+/*
+ * Structure to hold hash computation info and routines
+ */
+struct SECHashObjectStr {
+ unsigned int length; /* hash output length (in bytes) */
+ void *(*create)(void);
+ void *(*clone)(void *);
+ void (*destroy)(void *, PRBool);
+ void (*begin)(void *);
+ void (*update)(void *, const unsigned char *, unsigned int);
+ void (*end)(void *, unsigned char *, unsigned int *, unsigned int);
+ unsigned int blocklength; /* hash input block size (in bytes) */
+ HASH_HashType type;
+ void (*end_raw)(void *, unsigned char *, unsigned int *, unsigned int);
+};
+
+struct HASHContextStr {
+ const struct SECHashObjectStr *hashobj;
+ void *hash_context;
+};
+
+#endif /* _HASHT_H_ */
diff --git a/security/nss/lib/util/manifest.mn b/security/nss/lib/util/manifest.mn
new file mode 100644
index 000000000..f0a9fd0f2
--- /dev/null
+++ b/security/nss/lib/util/manifest.mn
@@ -0,0 +1,90 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+
+EXPORTS = \
+ base64.h \
+ ciferfam.h \
+ eccutil.h \
+ hasht.h \
+ nssb64.h \
+ nssb64t.h \
+ nsslocks.h \
+ nssilock.h \
+ nssilckt.h \
+ nssrwlk.h \
+ nssrwlkt.h \
+ nssutil.h \
+ pkcs11.h \
+ pkcs11f.h \
+ pkcs11p.h \
+ pkcs11t.h \
+ pkcs11n.h \
+ pkcs11u.h \
+ pkcs1sig.h \
+ portreg.h \
+ secasn1.h \
+ secasn1t.h \
+ seccomon.h \
+ secder.h \
+ secdert.h \
+ secdig.h \
+ secdigt.h \
+ secitem.h \
+ secoid.h \
+ secoidt.h \
+ secport.h \
+ secerr.h \
+ utilmodt.h \
+ utilrename.h \
+ utilpars.h \
+ utilparst.h \
+ $(NULL)
+
+PRIVATE_EXPORTS = \
+ verref.h \
+ templates.c \
+ $(NULL)
+
+CSRCS = \
+ quickder.c \
+ secdig.c \
+ derdec.c \
+ derenc.c \
+ dersubr.c \
+ dertime.c \
+ errstrs.c \
+ nssb64d.c \
+ nssb64e.c \
+ nssrwlk.c \
+ nssilock.c \
+ oidstring.c \
+ pkcs1sig.c \
+ portreg.c \
+ secalgid.c \
+ secasn1d.c \
+ secasn1e.c \
+ secasn1u.c \
+ secitem.c \
+ secload.c \
+ secoid.c \
+ sectime.c \
+ secport.c \
+ templates.c \
+ utf8.c \
+ utilmod.c \
+ utilpars.c \
+ $(NULL)
+
+MODULE = nss
+
+# don't duplicate module name in REQUIRES
+MAPFILE = $(OBJDIR)/nssutil.def
+
+LIBRARY_NAME = nssutil
+LIBRARY_VERSION = 3
+
+# This part of the code, including all sub-dirs, can be optimized for size
+export ALLOW_OPT_CODE_SIZE = 1
diff --git a/security/nss/lib/util/nssb64.h b/security/nss/lib/util/nssb64.h
new file mode 100644
index 000000000..7882c3b2d
--- /dev/null
+++ b/security/nss/lib/util/nssb64.h
@@ -0,0 +1,94 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Public prototypes for base64 encoding/decoding.
+ */
+#ifndef _NSSB64_H_
+#define _NSSB64_H_
+
+#include "utilrename.h"
+#include "seccomon.h"
+#include "nssb64t.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+ * Functions to start a base64 decoding/encoding context.
+ */
+
+extern NSSBase64Decoder *
+NSSBase64Decoder_Create(PRInt32 (*output_fn)(void *, const unsigned char *,
+ PRInt32),
+ void *output_arg);
+
+extern NSSBase64Encoder *
+NSSBase64Encoder_Create(PRInt32 (*output_fn)(void *, const char *, PRInt32),
+ void *output_arg);
+
+/*
+ * Push data through the decoder/encoder, causing the output_fn (provided
+ * to Create) to be called with the decoded/encoded data.
+ */
+
+extern SECStatus
+NSSBase64Decoder_Update(NSSBase64Decoder *data, const char *buffer,
+ PRUint32 size);
+
+extern SECStatus
+NSSBase64Encoder_Update(NSSBase64Encoder *data, const unsigned char *buffer,
+ PRUint32 size);
+
+/*
+ * When you're done processing, call this to close the context.
+ * If "abort_p" is false, then calling this may cause the output_fn
+ * to be called one last time (as the last buffered data is flushed out).
+ */
+
+extern SECStatus
+NSSBase64Decoder_Destroy(NSSBase64Decoder *data, PRBool abort_p);
+
+extern SECStatus
+NSSBase64Encoder_Destroy(NSSBase64Encoder *data, PRBool abort_p);
+
+/*
+ * Perform base64 decoding from an ascii string "inStr" to an Item.
+ * The length of the input must be provided as "inLen". The Item
+ * may be provided (as "outItemOpt"); you can also pass in a NULL
+ * and the Item will be allocated for you.
+ *
+ * In any case, the data within the Item will be allocated for you.
+ * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
+ * If "arenaOpt" is NULL, standard allocation (heap) will be used and
+ * you will want to free the result via SECITEM_FreeItem.
+ *
+ * Return value is NULL on error, the Item (allocated or provided) otherwise.
+ */
+extern SECItem *
+NSSBase64_DecodeBuffer(PLArenaPool *arenaOpt, SECItem *outItemOpt,
+ const char *inStr, unsigned int inLen);
+
+/*
+ * Perform base64 encoding of binary data "inItem" to an ascii string.
+ * The output buffer may be provided (as "outStrOpt"); you can also pass
+ * in a NULL and the buffer will be allocated for you. The result will
+ * be null-terminated, and if the buffer is provided, "maxOutLen" must
+ * specify the maximum length of the buffer and will be checked to
+ * supply sufficient space space for the encoded result. (If "outStrOpt"
+ * is NULL, "maxOutLen" is ignored.)
+ *
+ * If "outStrOpt" is NULL, allocation will happen out of the passed-in
+ * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
+ * will be used.
+ *
+ * Return value is NULL on error, the output buffer (allocated or provided)
+ * otherwise.
+ */
+extern char *
+NSSBase64_EncodeItem(PLArenaPool *arenaOpt, char *outStrOpt,
+ unsigned int maxOutLen, SECItem *inItem);
+
+SEC_END_PROTOS
+
+#endif /* _NSSB64_H_ */
diff --git a/security/nss/lib/util/nssb64d.c b/security/nss/lib/util/nssb64d.c
new file mode 100644
index 000000000..ceb0b8ca6
--- /dev/null
+++ b/security/nss/lib/util/nssb64d.c
@@ -0,0 +1,822 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Base64 decoding (ascii to binary).
+ */
+
+#include "nssb64.h"
+#include "nspr.h"
+#include "secitem.h"
+#include "secerr.h"
+
+/*
+ * XXX We want this basic support to go into NSPR (the PL part).
+ * Until that can happen, the PL interface is going to be kept entirely
+ * internal here -- all static functions and opaque data structures.
+ * When someone can get it moved over into NSPR, that should be done:
+ * - giving everything names that are accepted by the NSPR module owners
+ * (though I tried to choose ones that would work without modification)
+ * - exporting the functions (remove static declarations and add
+ * to nssutil.def as necessary)
+ * - put prototypes into appropriate header file (probably replacing
+ * the entire current lib/libc/include/plbase64.h in NSPR)
+ * along with a typedef for the context structure (which should be
+ * kept opaque -- definition in the source file only, but typedef
+ * ala "typedef struct PLBase64FooStr PLBase64Foo;" in header file)
+ * - modify anything else as necessary to conform to NSPR required style
+ * (I looked but found no formatting guide to follow)
+ *
+ * You will want to move over everything from here down to the comment
+ * which says "XXX End of base64 decoding code to be moved into NSPR",
+ * into a new file in NSPR.
+ */
+
+/*
+ **************************************************************
+ * XXX Beginning of base64 decoding code to be moved into NSPR.
+ */
+
+/*
+ * This typedef would belong in the NSPR header file (i.e. plbase64.h).
+ */
+typedef struct PLBase64DecoderStr PLBase64Decoder;
+
+/*
+ * The following implementation of base64 decoding was based on code
+ * found in libmime (specifically, in mimeenc.c). It has been adapted to
+ * use PR types and naming as well as to provide other necessary semantics
+ * (like buffer-in/buffer-out in addition to "streaming" without undue
+ * performance hit of extra copying if you made the buffer versions
+ * use the output_fn). It also incorporates some aspects of the current
+ * NSPR base64 decoding code. As such, you may find similarities to
+ * both of those implementations. I tried to use names that reflected
+ * the original code when possible. For this reason you may find some
+ * inconsistencies -- libmime used lots of "in" and "out" whereas the
+ * NSPR version uses "src" and "dest"; sometimes I changed one to the other
+ * and sometimes I left them when I thought the subroutines were at least
+ * self-consistent.
+ */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * Opaque object used by the decoder to store state.
+ */
+struct PLBase64DecoderStr {
+ /* Current token (or portion, if token_size < 4) being decoded. */
+ unsigned char token[4];
+ int token_size;
+
+ /*
+ * Where to write the decoded data (used when streaming, not when
+ * doing all in-memory (buffer) operations).
+ *
+ * Note that this definition is chosen to be compatible with PR_Write.
+ */
+ PRInt32 (*output_fn)(void *output_arg, const unsigned char *buf,
+ PRInt32 size);
+ void *output_arg;
+
+ /*
+ * Where the decoded output goes -- either temporarily (in the streaming
+ * case, staged here before it goes to the output function) or what will
+ * be the entire buffered result for users of the buffer version.
+ */
+ unsigned char *output_buffer;
+ PRUint32 output_buflen; /* the total length of allocated buffer */
+ PRUint32 output_length; /* the length that is currently populated */
+};
+
+PR_END_EXTERN_C
+
+/*
+ * Table to convert an ascii "code" to its corresponding binary value.
+ * For ease of use, the binary values in the table are the actual values
+ * PLUS ONE. This is so that the special value of zero can denote an
+ * invalid mapping; that was much easier than trying to fill in the other
+ * values with some value other than zero, and to check for it.
+ * Just remember to SUBTRACT ONE when using the value retrieved.
+ */
+static unsigned char base64_codetovaluep1[256] = {
+ /* 0: */ 0, 0, 0, 0, 0, 0, 0, 0,
+ /* 8: */ 0, 0, 0, 0, 0, 0, 0, 0,
+ /* 16: */ 0, 0, 0, 0, 0, 0, 0, 0,
+ /* 24: */ 0, 0, 0, 0, 0, 0, 0, 0,
+ /* 32: */ 0, 0, 0, 0, 0, 0, 0, 0,
+ /* 40: */ 0, 0, 0, 63, 0, 0, 0, 64,
+ /* 48: */ 53, 54, 55, 56, 57, 58, 59, 60,
+ /* 56: */ 61, 62, 0, 0, 0, 0, 0, 0,
+ /* 64: */ 0, 1, 2, 3, 4, 5, 6, 7,
+ /* 72: */ 8, 9, 10, 11, 12, 13, 14, 15,
+ /* 80: */ 16, 17, 18, 19, 20, 21, 22, 23,
+ /* 88: */ 24, 25, 26, 0, 0, 0, 0, 0,
+ /* 96: */ 0, 27, 28, 29, 30, 31, 32, 33,
+ /* 104: */ 34, 35, 36, 37, 38, 39, 40, 41,
+ /* 112: */ 42, 43, 44, 45, 46, 47, 48, 49,
+ /* 120: */ 50, 51, 52, 0, 0, 0, 0, 0,
+ /* 128: */ 0, 0, 0, 0, 0, 0, 0, 0
+ /* and rest are all zero as well */
+};
+
+#define B64_PAD '='
+
+/*
+ * Reads 4; writes 3 (known, or expected, to have no trailing padding).
+ * Returns bytes written; -1 on error (unexpected character).
+ */
+static int
+pl_base64_decode_4to3(const unsigned char *in, unsigned char *out)
+{
+ int j;
+ PRUint32 num = 0;
+ unsigned char bits;
+
+ for (j = 0; j < 4; j++) {
+ bits = base64_codetovaluep1[in[j]];
+ if (bits == 0)
+ return -1;
+ num = (num << 6) | (bits - 1);
+ }
+
+ out[0] = (unsigned char)(num >> 16);
+ out[1] = (unsigned char)((num >> 8) & 0xFF);
+ out[2] = (unsigned char)(num & 0xFF);
+
+ return 3;
+}
+
+/*
+ * Reads 3; writes 2 (caller already confirmed EOF or trailing padding).
+ * Returns bytes written; -1 on error (unexpected character).
+ */
+static int
+pl_base64_decode_3to2(const unsigned char *in, unsigned char *out)
+{
+ PRUint32 num = 0;
+ unsigned char bits1, bits2, bits3;
+
+ bits1 = base64_codetovaluep1[in[0]];
+ bits2 = base64_codetovaluep1[in[1]];
+ bits3 = base64_codetovaluep1[in[2]];
+
+ if ((bits1 == 0) || (bits2 == 0) || (bits3 == 0))
+ return -1;
+
+ num = ((PRUint32)(bits1 - 1)) << 10;
+ num |= ((PRUint32)(bits2 - 1)) << 4;
+ num |= ((PRUint32)(bits3 - 1)) >> 2;
+
+ out[0] = (unsigned char)(num >> 8);
+ out[1] = (unsigned char)(num & 0xFF);
+
+ return 2;
+}
+
+/*
+ * Reads 2; writes 1 (caller already confirmed EOF or trailing padding).
+ * Returns bytes written; -1 on error (unexpected character).
+ */
+static int
+pl_base64_decode_2to1(const unsigned char *in, unsigned char *out)
+{
+ PRUint32 num = 0;
+ unsigned char bits1, bits2;
+
+ bits1 = base64_codetovaluep1[in[0]];
+ bits2 = base64_codetovaluep1[in[1]];
+
+ if ((bits1 == 0) || (bits2 == 0))
+ return -1;
+
+ num = ((PRUint32)(bits1 - 1)) << 2;
+ num |= ((PRUint32)(bits2 - 1)) >> 4;
+
+ out[0] = (unsigned char)num;
+
+ return 1;
+}
+
+/*
+ * Reads 4; writes 0-3. Returns bytes written or -1 on error.
+ * (Writes less than 3 only at (presumed) EOF.)
+ */
+static int
+pl_base64_decode_token(const unsigned char *in, unsigned char *out)
+{
+ if (in[3] != B64_PAD)
+ return pl_base64_decode_4to3(in, out);
+
+ if (in[2] == B64_PAD)
+ return pl_base64_decode_2to1(in, out);
+
+ return pl_base64_decode_3to2(in, out);
+}
+
+static PRStatus
+pl_base64_decode_buffer(PLBase64Decoder *data, const unsigned char *in,
+ PRUint32 length)
+{
+ unsigned char *out = data->output_buffer;
+ unsigned char *token = data->token;
+ int i, n = 0;
+
+ i = data->token_size;
+ data->token_size = 0;
+
+ while (length > 0) {
+ while (i < 4 && length > 0) {
+ /*
+ * XXX Note that the following simply ignores any unexpected
+ * characters. This is exactly what the original code in
+ * libmime did, and I am leaving it. We certainly want to skip
+ * over whitespace (we must); this does much more than that.
+ * I am not confident changing it, and I don't want to slow
+ * the processing down doing more complicated checking, but
+ * someone else might have different ideas in the future.
+ */
+ if (base64_codetovaluep1[*in] > 0 || *in == B64_PAD)
+ token[i++] = *in;
+ in++;
+ length--;
+ }
+
+ if (i < 4) {
+ /* Didn't get enough for a complete token. */
+ data->token_size = i;
+ break;
+ }
+ i = 0;
+
+ PR_ASSERT((out - data->output_buffer + 3) <= data->output_buflen);
+
+ /*
+ * Assume we are not at the end; the following function only works
+ * for an internal token (no trailing padding characters) but is
+ * faster that way. If it hits an invalid character (padding) it
+ * will return an error; we break out of the loop and try again
+ * calling the routine that will handle a final token.
+ * Note that we intentionally do it this way rather than explicitly
+ * add a check for padding here (because that would just slow down
+ * the normal case) nor do we rely on checking whether we have more
+ * input to process (because that would also slow it down but also
+ * because we want to allow trailing garbage, especially white space
+ * and cannot tell that without read-ahead, also a slow proposition).
+ * Whew. Understand?
+ */
+ n = pl_base64_decode_4to3(token, out);
+ if (n < 0)
+ break;
+
+ /* Advance "out" by the number of bytes just written to it. */
+ out += n;
+ n = 0;
+ }
+
+ /*
+ * See big comment above, before call to pl_base64_decode_4to3.
+ * Here we check if we error'd out of loop, and allow for the case
+ * that we are processing the last interesting token. If the routine
+ * which should handle padding characters also fails, then we just
+ * have bad input and give up.
+ */
+ if (n < 0) {
+ n = pl_base64_decode_token(token, out);
+ if (n < 0)
+ return PR_FAILURE;
+
+ out += n;
+ }
+
+ /*
+ * As explained above, we can get here with more input remaining, but
+ * it should be all characters we do not care about (i.e. would be
+ * ignored when transferring from "in" to "token" in loop above,
+ * except here we choose to ignore extraneous pad characters, too).
+ * Swallow it, performing that check. If we find more characters that
+ * we would expect to decode, something is wrong.
+ */
+ while (length > 0) {
+ if (base64_codetovaluep1[*in] > 0)
+ return PR_FAILURE;
+ in++;
+ length--;
+ }
+
+ /* Record the length of decoded data we have left in output_buffer. */
+ data->output_length = (PRUint32)(out - data->output_buffer);
+ return PR_SUCCESS;
+}
+
+/*
+ * Flush any remaining buffered characters. Given well-formed input,
+ * this will have nothing to do. If the input was missing the padding
+ * characters at the end, though, there could be 1-3 characters left
+ * behind -- we will tolerate that by adding the padding for them.
+ */
+static PRStatus
+pl_base64_decode_flush(PLBase64Decoder *data)
+{
+ int count;
+
+ /*
+ * If no remaining characters, or all are padding (also not well-formed
+ * input, but again, be tolerant), then nothing more to do. (And, that
+ * is considered successful.)
+ */
+ if (data->token_size == 0 || data->token[0] == B64_PAD)
+ return PR_SUCCESS;
+
+ /*
+ * Assume we have all the interesting input except for some expected
+ * padding characters. Add them and decode the resulting token.
+ */
+ while (data->token_size < 4)
+ data->token[data->token_size++] = B64_PAD;
+
+ data->token_size = 0; /* so a subsequent flush call is a no-op */
+
+ count = pl_base64_decode_token(data->token,
+ data->output_buffer + data->output_length);
+ if (count < 0)
+ return PR_FAILURE;
+
+ /*
+ * If there is an output function, call it with this last bit of data.
+ * Otherwise we are doing all buffered output, and the decoded bytes
+ * are now there, we just need to reflect that in the length.
+ */
+ if (data->output_fn != NULL) {
+ PRInt32 output_result;
+
+ PR_ASSERT(data->output_length == 0);
+ output_result = data->output_fn(data->output_arg,
+ data->output_buffer,
+ (PRInt32)count);
+ if (output_result < 0)
+ return PR_FAILURE;
+ } else {
+ data->output_length += count;
+ }
+
+ return PR_SUCCESS;
+}
+
+/*
+ * The maximum space needed to hold the output of the decoder given
+ * input data of length "size".
+ */
+static PRUint32
+PL_Base64MaxDecodedLength(PRUint32 size)
+{
+ return size * 0.75;
+}
+
+/*
+ * A distinct internal creation function for the buffer version to use.
+ * (It does not want to specify an output_fn, and we want the normal
+ * Create function to require that.) If more common initialization
+ * of the decoding context needs to be done, it should be done *here*.
+ */
+static PLBase64Decoder *
+pl_base64_create_decoder(void)
+{
+ return PR_NEWZAP(PLBase64Decoder);
+}
+
+/*
+ * Function to start a base64 decoding context.
+ * An "output_fn" is required; the "output_arg" parameter to that is optional.
+ */
+static PLBase64Decoder *
+PL_CreateBase64Decoder(PRInt32 (*output_fn)(void *, const unsigned char *,
+ PRInt32),
+ void *output_arg)
+{
+ PLBase64Decoder *data;
+
+ if (output_fn == NULL) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return NULL;
+ }
+
+ data = pl_base64_create_decoder();
+ if (data != NULL) {
+ data->output_fn = output_fn;
+ data->output_arg = output_arg;
+ }
+ return data;
+}
+
+/*
+ * Push data through the decoder, causing the output_fn (provided to Create)
+ * to be called with the decoded data.
+ */
+static PRStatus
+PL_UpdateBase64Decoder(PLBase64Decoder *data, const char *buffer,
+ PRUint32 size)
+{
+ PRUint32 need_length;
+ PRStatus status;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL || buffer == NULL || size == 0) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return PR_FAILURE;
+ }
+
+ /*
+ * How much space could this update need for decoding?
+ */
+ need_length = PL_Base64MaxDecodedLength(size + data->token_size);
+
+ /*
+ * Make sure we have at least that much. If not, (re-)allocate.
+ */
+ if (need_length > data->output_buflen) {
+ unsigned char *output_buffer = data->output_buffer;
+
+ if (output_buffer != NULL)
+ output_buffer = (unsigned char *)PR_Realloc(output_buffer,
+ need_length);
+ else
+ output_buffer = (unsigned char *)PR_Malloc(need_length);
+
+ if (output_buffer == NULL)
+ return PR_FAILURE;
+
+ data->output_buffer = output_buffer;
+ data->output_buflen = need_length;
+ }
+
+ /* There should not have been any leftover output data in the buffer. */
+ PR_ASSERT(data->output_length == 0);
+ data->output_length = 0;
+
+ status = pl_base64_decode_buffer(data, (const unsigned char *)buffer,
+ size);
+
+ /* Now that we have some decoded data, write it. */
+ if (status == PR_SUCCESS && data->output_length > 0) {
+ PRInt32 output_result;
+
+ PR_ASSERT(data->output_fn != NULL);
+ output_result = data->output_fn(data->output_arg,
+ data->output_buffer,
+ (PRInt32)data->output_length);
+ if (output_result < 0)
+ status = PR_FAILURE;
+ }
+
+ data->output_length = 0;
+ return status;
+}
+
+/*
+ * When you're done decoding, call this to free the data. If "abort_p"
+ * is false, then calling this may cause the output_fn to be called
+ * one last time (as the last buffered data is flushed out).
+ */
+static PRStatus
+PL_DestroyBase64Decoder(PLBase64Decoder *data, PRBool abort_p)
+{
+ PRStatus status = PR_SUCCESS;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return PR_FAILURE;
+ }
+
+ /* Flush out the last few buffered characters. */
+ if (!abort_p)
+ status = pl_base64_decode_flush(data);
+
+ if (data->output_buffer != NULL)
+ PR_Free(data->output_buffer);
+ PR_Free(data);
+
+ return status;
+}
+
+/*
+ * Perform base64 decoding from an input buffer to an output buffer.
+ * The output buffer can be provided (as "dest"); you can also pass in
+ * a NULL and this function will allocate a buffer large enough for you,
+ * and return it. If you do provide the output buffer, you must also
+ * provide the maximum length of that buffer (as "maxdestlen").
+ * The actual decoded length of output will be returned to you in
+ * "output_destlen".
+ *
+ * Return value is NULL on error, the output buffer (allocated or provided)
+ * otherwise.
+ */
+static unsigned char *
+PL_Base64DecodeBuffer(const char *src, PRUint32 srclen, unsigned char *dest,
+ PRUint32 maxdestlen, PRUint32 *output_destlen)
+{
+ PRUint32 need_length;
+ unsigned char *output_buffer = NULL;
+ PLBase64Decoder *data = NULL;
+ PRStatus status;
+
+ PR_ASSERT(srclen > 0);
+ if (srclen == 0) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return NULL;
+ }
+
+ /*
+ * How much space could we possibly need for decoding this input?
+ */
+ need_length = PL_Base64MaxDecodedLength(srclen);
+
+ /*
+ * Make sure we have at least that much, if output buffer provided.
+ * If no output buffer provided, then we allocate that much.
+ */
+ if (dest != NULL) {
+ PR_ASSERT(maxdestlen >= need_length);
+ if (maxdestlen < need_length) {
+ PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
+ goto loser;
+ }
+ output_buffer = dest;
+ } else {
+ output_buffer = (unsigned char *)PR_Malloc(need_length);
+ if (output_buffer == NULL)
+ goto loser;
+ maxdestlen = need_length;
+ }
+
+ data = pl_base64_create_decoder();
+ if (data == NULL)
+ goto loser;
+
+ data->output_buflen = maxdestlen;
+ data->output_buffer = output_buffer;
+
+ status = pl_base64_decode_buffer(data, (const unsigned char *)src,
+ srclen);
+
+ /*
+ * We do not wait for Destroy to flush, because Destroy will also
+ * get rid of our decoder context, which we need to look at first!
+ */
+ if (status == PR_SUCCESS)
+ status = pl_base64_decode_flush(data);
+
+ /* Must clear this or Destroy will free it. */
+ data->output_buffer = NULL;
+
+ if (status == PR_SUCCESS) {
+ *output_destlen = data->output_length;
+ status = PL_DestroyBase64Decoder(data, PR_FALSE);
+ data = NULL;
+ if (status == PR_FAILURE)
+ goto loser;
+ return output_buffer;
+ }
+
+loser:
+ if (dest == NULL && output_buffer != NULL)
+ PR_Free(output_buffer);
+ if (data != NULL)
+ (void)PL_DestroyBase64Decoder(data, PR_TRUE);
+ return NULL;
+}
+
+/*
+ * XXX End of base64 decoding code to be moved into NSPR.
+ ********************************************************
+ */
+
+/*
+ * This is the beginning of the NSS cover functions. These will
+ * provide the interface we want to expose as NSS-ish. For example,
+ * they will operate on our Items, do any special handling or checking
+ * we want to do, etc.
+ */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * A boring cover structure for now. Perhaps someday it will include
+ * some more interesting fields.
+ */
+struct NSSBase64DecoderStr {
+ PLBase64Decoder *pl_data;
+};
+
+PR_END_EXTERN_C
+
+/*
+ * Function to start a base64 decoding context.
+ */
+NSSBase64Decoder *
+NSSBase64Decoder_Create(PRInt32 (*output_fn)(void *, const unsigned char *,
+ PRInt32),
+ void *output_arg)
+{
+ PLBase64Decoder *pl_data;
+ NSSBase64Decoder *nss_data;
+
+ nss_data = PORT_ZNew(NSSBase64Decoder);
+ if (nss_data == NULL)
+ return NULL;
+
+ pl_data = PL_CreateBase64Decoder(output_fn, output_arg);
+ if (pl_data == NULL) {
+ PORT_Free(nss_data);
+ return NULL;
+ }
+
+ nss_data->pl_data = pl_data;
+ return nss_data;
+}
+
+/*
+ * Push data through the decoder, causing the output_fn (provided to Create)
+ * to be called with the decoded data.
+ */
+SECStatus
+NSSBase64Decoder_Update(NSSBase64Decoder *data, const char *buffer,
+ PRUint32 size)
+{
+ PRStatus pr_status;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ pr_status = PL_UpdateBase64Decoder(data->pl_data, buffer, size);
+ if (pr_status == PR_FAILURE)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * When you're done decoding, call this to free the data. If "abort_p"
+ * is false, then calling this may cause the output_fn to be called
+ * one last time (as the last buffered data is flushed out).
+ */
+SECStatus
+NSSBase64Decoder_Destroy(NSSBase64Decoder *data, PRBool abort_p)
+{
+ PRStatus pr_status;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ pr_status = PL_DestroyBase64Decoder(data->pl_data, abort_p);
+
+ PORT_Free(data);
+
+ if (pr_status == PR_FAILURE)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * Perform base64 decoding from an ascii string "inStr" to an Item.
+ * The length of the input must be provided as "inLen". The Item
+ * may be provided (as "outItemOpt"); you can also pass in a NULL
+ * and the Item will be allocated for you.
+ *
+ * In any case, the data within the Item will be allocated for you.
+ * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
+ * If "arenaOpt" is NULL, standard allocation (heap) will be used and
+ * you will want to free the result via SECITEM_FreeItem.
+ *
+ * Return value is NULL on error, the Item (allocated or provided) otherwise.
+ */
+SECItem *
+NSSBase64_DecodeBuffer(PLArenaPool *arenaOpt, SECItem *outItemOpt,
+ const char *inStr, unsigned int inLen)
+{
+ SECItem *out_item = NULL;
+ PRUint32 max_out_len = 0;
+ PRUint32 out_len;
+ void *mark = NULL;
+ unsigned char *dummy;
+
+ if ((outItemOpt != NULL && outItemOpt->data != NULL) || inLen == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (arenaOpt != NULL)
+ mark = PORT_ArenaMark(arenaOpt);
+
+ max_out_len = PL_Base64MaxDecodedLength(inLen);
+ out_item = SECITEM_AllocItem(arenaOpt, outItemOpt, max_out_len);
+ if (out_item == NULL) {
+ if (arenaOpt != NULL)
+ PORT_ArenaRelease(arenaOpt, mark);
+ return NULL;
+ }
+
+ dummy = PL_Base64DecodeBuffer(inStr, inLen, out_item->data,
+ max_out_len, &out_len);
+ if (dummy == NULL) {
+ if (arenaOpt != NULL) {
+ PORT_ArenaRelease(arenaOpt, mark);
+ if (outItemOpt != NULL) {
+ outItemOpt->data = NULL;
+ outItemOpt->len = 0;
+ }
+ } else {
+ SECITEM_FreeItem(out_item,
+ (outItemOpt == NULL) ? PR_TRUE : PR_FALSE);
+ }
+ return NULL;
+ }
+
+ if (arenaOpt != NULL)
+ PORT_ArenaUnmark(arenaOpt, mark);
+ out_item->len = out_len;
+ return out_item;
+}
+
+/*
+ * XXX Everything below is deprecated. If you add new stuff, put it
+ * *above*, not below.
+ */
+
+/*
+ * XXX The following "ATOB" functions are provided for backward compatibility
+ * with current code. They should be considered strongly deprecated.
+ * When we can convert all our code over to using the new NSSBase64Decoder_
+ * functions defined above, we should get rid of these altogether. (Remove
+ * protoypes from base64.h as well -- actually, remove that file completely).
+ * If someone thinks either of these functions provides such a very useful
+ * interface (though, as shown, the same functionality can already be
+ * obtained by calling NSSBase64_DecodeBuffer directly), fine -- but then
+ * that API should be provided with a nice new NSSFoo name and using
+ * appropriate types, etc.
+ */
+
+#include "base64.h"
+
+/*
+** Return an PORT_Alloc'd string which is the base64 decoded version
+** of the input string; set *lenp to the length of the returned data.
+*/
+unsigned char *
+ATOB_AsciiToData(const char *string, unsigned int *lenp)
+{
+ SECItem binary_item, *dummy;
+
+ binary_item.data = NULL;
+ binary_item.len = 0;
+
+ dummy = NSSBase64_DecodeBuffer(NULL, &binary_item, string,
+ (PRUint32)PORT_Strlen(string));
+ if (dummy == NULL)
+ return NULL;
+
+ PORT_Assert(dummy == &binary_item);
+
+ *lenp = dummy->len;
+ return dummy->data;
+}
+
+/*
+** Convert from ascii to binary encoding of an item.
+*/
+SECStatus
+ATOB_ConvertAsciiToItem(SECItem *binary_item, const char *ascii)
+{
+ SECItem *dummy;
+
+ if (binary_item == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /*
+ * XXX Would prefer to assert here if data is non-null (actually,
+ * don't need to, just let NSSBase64_DecodeBuffer do it), so as to
+ * to catch unintended memory leaks, but callers are not clean in
+ * this respect so we need to explicitly clear here to avoid the
+ * assert in NSSBase64_DecodeBuffer.
+ */
+ binary_item->data = NULL;
+ binary_item->len = 0;
+
+ dummy = NSSBase64_DecodeBuffer(NULL, binary_item, ascii,
+ (PRUint32)PORT_Strlen(ascii));
+
+ if (dummy == NULL)
+ return SECFailure;
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/util/nssb64e.c b/security/nss/lib/util/nssb64e.c
new file mode 100644
index 000000000..18b01ddac
--- /dev/null
+++ b/security/nss/lib/util/nssb64e.c
@@ -0,0 +1,734 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Base64 encoding (binary to ascii).
+ */
+
+#include "nssb64.h"
+#include "nspr.h"
+#include "secitem.h"
+#include "secerr.h"
+
+/*
+ * XXX See the big comment at the top of nssb64d.c about moving the
+ * bulk of this code over into NSPR (the PL part). It all applies
+ * here but I didn't want to duplicate it, to avoid divergence problems.
+ */
+
+/*
+ **************************************************************
+ * XXX Beginning of base64 encoding code to be moved into NSPR.
+ */
+
+struct PLBase64EncodeStateStr {
+ unsigned chunks;
+ unsigned saved;
+ unsigned char buf[3];
+};
+
+/*
+ * This typedef would belong in the NSPR header file (i.e. plbase64.h).
+ */
+typedef struct PLBase64EncoderStr PLBase64Encoder;
+
+/*
+ * The following implementation of base64 encoding was based on code
+ * found in libmime (specifically, in mimeenc.c). It has been adapted to
+ * use PR types and naming as well as to provide other necessary semantics
+ * (like buffer-in/buffer-out in addition to "streaming" without undue
+ * performance hit of extra copying if you made the buffer versions
+ * use the output_fn). It also incorporates some aspects of the current
+ * NSPR base64 encoding code. As such, you may find similarities to
+ * both of those implementations. I tried to use names that reflected
+ * the original code when possible. For this reason you may find some
+ * inconsistencies -- libmime used lots of "in" and "out" whereas the
+ * NSPR version uses "src" and "dest"; sometimes I changed one to the other
+ * and sometimes I left them when I thought the subroutines were at least
+ * self-consistent.
+ */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * Opaque object used by the encoder to store state.
+ */
+struct PLBase64EncoderStr {
+ /*
+ * The one or two bytes pending. (We need 3 to create a "token",
+ * and hold the leftovers here. in_buffer_count is *only* ever
+ * 0, 1, or 2.
+ */
+ unsigned char in_buffer[2];
+ int in_buffer_count;
+
+ /*
+ * If the caller wants linebreaks added, line_length specifies
+ * where they come out. It must be a multiple of 4; if the caller
+ * provides one that isn't, we round it down to the nearest
+ * multiple of 4.
+ *
+ * The value of current_column counts how many characters have been
+ * added since the last linebreaks (or since the beginning, on the
+ * first line). It is also always a multiple of 4; it is unused when
+ * line_length is 0.
+ */
+ PRUint32 line_length;
+ PRUint32 current_column;
+
+ /*
+ * Where to write the encoded data (used when streaming, not when
+ * doing all in-memory (buffer) operations).
+ *
+ * Note that this definition is chosen to be compatible with PR_Write.
+ */
+ PRInt32 (*output_fn)(void *output_arg, const char *buf, PRInt32 size);
+ void *output_arg;
+
+ /*
+ * Where the encoded output goes -- either temporarily (in the streaming
+ * case, staged here before it goes to the output function) or what will
+ * be the entire buffered result for users of the buffer version.
+ */
+ char *output_buffer;
+ PRUint32 output_buflen; /* the total length of allocated buffer */
+ PRUint32 output_length; /* the length that is currently populated */
+};
+
+PR_END_EXTERN_C
+
+/*
+ * Table to convert a binary value to its corresponding ascii "code".
+ */
+static unsigned char base64_valuetocode[64] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+
+#define B64_PAD '='
+#define B64_CR '\r'
+#define B64_LF '\n'
+
+static PRStatus
+pl_base64_encode_buffer(PLBase64Encoder *data, const unsigned char *in,
+ PRUint32 size)
+{
+ const unsigned char *end = in + size;
+ char *out = data->output_buffer + data->output_length;
+ unsigned int i = data->in_buffer_count;
+ PRUint32 n = 0;
+ int off;
+ PRUint32 output_threshold;
+
+ /* If this input buffer is too small, wait until next time. */
+ if (size < (3 - i)) {
+ data->in_buffer[i++] = in[0];
+ if (size > 1)
+ data->in_buffer[i++] = in[1];
+ PR_ASSERT(i < 3);
+ data->in_buffer_count = i;
+ return PR_SUCCESS;
+ }
+
+ /* If there are bytes that were put back last time, take them now. */
+ if (i > 0) {
+ n = data->in_buffer[0];
+ if (i > 1)
+ n = (n << 8) | data->in_buffer[1];
+ data->in_buffer_count = 0;
+ }
+
+ /* If our total is not a multiple of three, put one or two bytes back. */
+ off = (size + i) % 3;
+ if (off > 0) {
+ size -= off;
+ data->in_buffer[0] = in[size];
+ if (off > 1)
+ data->in_buffer[1] = in[size + 1];
+ data->in_buffer_count = off;
+ end -= off;
+ }
+
+ output_threshold = data->output_buflen - 3;
+
+ /*
+ * Populate the output buffer with base64 data, one line (or buffer)
+ * at a time.
+ */
+ while (in < end) {
+ int j, k;
+
+ while (i < 3) {
+ n = (n << 8) | *in++;
+ i++;
+ }
+ i = 0;
+
+ if (data->line_length > 0) {
+ if (data->current_column >= data->line_length) {
+ data->current_column = 0;
+ *out++ = B64_CR;
+ *out++ = B64_LF;
+ data->output_length += 2;
+ }
+ data->current_column += 4; /* the bytes we are about to add */
+ }
+
+ for (j = 18; j >= 0; j -= 6) {
+ k = (n >> j) & 0x3F;
+ *out++ = base64_valuetocode[k];
+ }
+ n = 0;
+ data->output_length += 4;
+
+ if (data->output_length >= output_threshold) {
+ PR_ASSERT(data->output_length <= data->output_buflen);
+ if (data->output_fn != NULL) {
+ PRInt32 output_result;
+
+ output_result = data->output_fn(data->output_arg,
+ data->output_buffer,
+ (PRInt32)data->output_length);
+ if (output_result < 0)
+ return PR_FAILURE;
+
+ out = data->output_buffer;
+ data->output_length = 0;
+ } else {
+ /*
+ * Check that we are about to exit the loop. (Since we
+ * are over the threshold, there isn't enough room in the
+ * output buffer for another trip around.)
+ */
+ PR_ASSERT(in == end);
+ if (in < end) {
+ PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
+ return PR_FAILURE;
+ }
+ }
+ }
+ }
+
+ return PR_SUCCESS;
+}
+
+static PRStatus
+pl_base64_encode_flush(PLBase64Encoder *data)
+{
+ int i = data->in_buffer_count;
+
+ if (i == 0 && data->output_length == 0)
+ return PR_SUCCESS;
+
+ if (i > 0) {
+ char *out = data->output_buffer + data->output_length;
+ PRUint32 n;
+ int j, k;
+
+ n = ((PRUint32)data->in_buffer[0]) << 16;
+ if (i > 1)
+ n |= ((PRUint32)data->in_buffer[1] << 8);
+
+ data->in_buffer_count = 0;
+
+ if (data->line_length > 0) {
+ if (data->current_column >= data->line_length) {
+ data->current_column = 0;
+ *out++ = B64_CR;
+ *out++ = B64_LF;
+ data->output_length += 2;
+ }
+ }
+
+ /*
+ * This will fill in more than we really have data for, but the
+ * valid parts will end up in the correct position and the extras
+ * will be over-written with pad characters below.
+ */
+ for (j = 18; j >= 0; j -= 6) {
+ k = (n >> j) & 0x3F;
+ *out++ = base64_valuetocode[k];
+ }
+
+ /* Pad with equal-signs. */
+ if (i == 1)
+ out[-2] = B64_PAD;
+ out[-1] = B64_PAD;
+
+ data->output_length += 4;
+ }
+
+ if (data->output_fn != NULL) {
+ PRInt32 output_result;
+
+ output_result = data->output_fn(data->output_arg, data->output_buffer,
+ (PRInt32)data->output_length);
+ data->output_length = 0;
+
+ if (output_result < 0)
+ return PR_FAILURE;
+ }
+
+ return PR_SUCCESS;
+}
+
+/*
+ * The maximum space needed to hold the output of the encoder given input
+ * data of length "size", and allowing for CRLF added at least every
+ * line_length bytes (we will add it at nearest lower multiple of 4).
+ * There is no trailing CRLF.
+ */
+static PRUint32
+PL_Base64MaxEncodedLength(PRUint32 size, PRUint32 line_length)
+{
+ PRUint32 tokens, tokens_per_line, full_lines, line_break_chars, remainder;
+
+ /* This is the maximum length we support. */
+ if (size > 0x3fffffff) {
+ return 0;
+ }
+
+ tokens = (size + 2) / 3;
+
+ if (line_length == 0) {
+ return tokens * 4;
+ }
+
+ if (line_length < 4) { /* too small! */
+ line_length = 4;
+ }
+
+ tokens_per_line = line_length / 4;
+ full_lines = tokens / tokens_per_line;
+ remainder = (tokens - (full_lines * tokens_per_line)) * 4;
+ line_break_chars = full_lines * 2;
+ if (remainder == 0) {
+ line_break_chars -= 2;
+ }
+
+ return (full_lines * tokens_per_line * 4) + line_break_chars + remainder;
+}
+
+/*
+ * A distinct internal creation function for the buffer version to use.
+ * (It does not want to specify an output_fn, and we want the normal
+ * Create function to require that.) All common initialization of the
+ * encoding context should be done *here*.
+ *
+ * Save "line_length", rounded down to nearest multiple of 4 (if not
+ * already even multiple). Allocate output_buffer, if not provided --
+ * based on given size if specified, otherwise based on line_length.
+ */
+static PLBase64Encoder *
+pl_base64_create_encoder(PRUint32 line_length, char *output_buffer,
+ PRUint32 output_buflen)
+{
+ PLBase64Encoder *data;
+ PRUint32 line_tokens;
+
+ data = PR_NEWZAP(PLBase64Encoder);
+ if (data == NULL)
+ return NULL;
+
+ if (line_length > 0 && line_length < 4) /* too small! */
+ line_length = 4;
+
+ line_tokens = line_length / 4;
+ data->line_length = line_tokens * 4;
+
+ if (output_buffer == NULL) {
+ if (output_buflen == 0) {
+ if (data->line_length > 0) /* need to include room for CRLF */
+ output_buflen = data->line_length + 2;
+ else
+ output_buflen = 64; /* XXX what is a good size? */
+ }
+
+ output_buffer = (char *)PR_Malloc(output_buflen);
+ if (output_buffer == NULL) {
+ PR_Free(data);
+ return NULL;
+ }
+ }
+
+ data->output_buffer = output_buffer;
+ data->output_buflen = output_buflen;
+ return data;
+}
+
+/*
+ * Function to start a base64 encoding context.
+ * An "output_fn" is required; the "output_arg" parameter to that is optional.
+ * If linebreaks in the encoded output are desired, "line_length" specifies
+ * where to place them -- it will be rounded down to the nearest multiple of 4
+ * (if it is not already an even multiple of 4). If it is zero, no linebreaks
+ * will be added. (FYI, a linebreak is CRLF -- two characters.)
+ */
+static PLBase64Encoder *
+PL_CreateBase64Encoder(PRInt32 (*output_fn)(void *, const char *, PRInt32),
+ void *output_arg, PRUint32 line_length)
+{
+ PLBase64Encoder *data;
+
+ if (output_fn == NULL) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return NULL;
+ }
+
+ data = pl_base64_create_encoder(line_length, NULL, 0);
+ if (data == NULL)
+ return NULL;
+
+ data->output_fn = output_fn;
+ data->output_arg = output_arg;
+
+ return data;
+}
+
+/*
+ * Push data through the encoder, causing the output_fn (provided to Create)
+ * to be called with the encoded data.
+ */
+static PRStatus
+PL_UpdateBase64Encoder(PLBase64Encoder *data, const unsigned char *buffer,
+ PRUint32 size)
+{
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL || buffer == NULL || size == 0) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return PR_FAILURE;
+ }
+
+ return pl_base64_encode_buffer(data, buffer, size);
+}
+
+/*
+ * When you're done encoding, call this to free the data. If "abort_p"
+ * is false, then calling this may cause the output_fn to be called
+ * one last time (as the last buffered data is flushed out).
+ */
+static PRStatus
+PL_DestroyBase64Encoder(PLBase64Encoder *data, PRBool abort_p)
+{
+ PRStatus status = PR_SUCCESS;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return PR_FAILURE;
+ }
+
+ /* Flush out the last few buffered characters. */
+ if (!abort_p)
+ status = pl_base64_encode_flush(data);
+
+ if (data->output_buffer != NULL)
+ PR_Free(data->output_buffer);
+ PR_Free(data);
+
+ return status;
+}
+
+/*
+ * Perform base64 encoding from an input buffer to an output buffer.
+ * The output buffer can be provided (as "dest"); you can also pass in
+ * a NULL and this function will allocate a buffer large enough for you,
+ * and return it. If you do provide the output buffer, you must also
+ * provide the maximum length of that buffer (as "maxdestlen").
+ * The actual encoded length of output will be returned to you in
+ * "output_destlen".
+ *
+ * If linebreaks in the encoded output are desired, "line_length" specifies
+ * where to place them -- it will be rounded down to the nearest multiple of 4
+ * (if it is not already an even multiple of 4). If it is zero, no linebreaks
+ * will be added. (FYI, a linebreak is CRLF -- two characters.)
+ *
+ * Return value is NULL on error, the output buffer (allocated or provided)
+ * otherwise.
+ */
+static char *
+PL_Base64EncodeBuffer(const unsigned char *src, PRUint32 srclen,
+ PRUint32 line_length, char *dest, PRUint32 maxdestlen,
+ PRUint32 *output_destlen)
+{
+ PRUint32 need_length;
+ PLBase64Encoder *data = NULL;
+ PRStatus status;
+
+ PR_ASSERT(srclen > 0);
+ if (srclen == 0) {
+ return dest;
+ }
+
+ /*
+ * How much space could we possibly need for encoding this input?
+ */
+ need_length = PL_Base64MaxEncodedLength(srclen, line_length);
+ if (need_length == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ /*
+ * Make sure we have at least that much, if output buffer provided.
+ */
+ if (dest != NULL) {
+ PR_ASSERT(maxdestlen >= need_length);
+ if (maxdestlen < need_length) {
+ PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
+ return NULL;
+ }
+ } else {
+ maxdestlen = need_length;
+ }
+
+ data = pl_base64_create_encoder(line_length, dest, maxdestlen);
+ if (data == NULL)
+ return NULL;
+
+ status = pl_base64_encode_buffer(data, src, srclen);
+
+ /*
+ * We do not wait for Destroy to flush, because Destroy will also
+ * get rid of our encoder context, which we need to look at first!
+ */
+ if (status == PR_SUCCESS)
+ status = pl_base64_encode_flush(data);
+
+ if (status != PR_SUCCESS) {
+ (void)PL_DestroyBase64Encoder(data, PR_TRUE);
+ return NULL;
+ }
+
+ dest = data->output_buffer;
+
+ /* Must clear this or Destroy will free it. */
+ data->output_buffer = NULL;
+
+ *output_destlen = data->output_length;
+ status = PL_DestroyBase64Encoder(data, PR_FALSE);
+ if (status == PR_FAILURE) {
+ PR_Free(dest);
+ return NULL;
+ }
+
+ return dest;
+}
+
+/*
+ * XXX End of base64 encoding code to be moved into NSPR.
+ ********************************************************
+ */
+
+/*
+ * This is the beginning of the NSS cover functions. These will
+ * provide the interface we want to expose as NSS-ish. For example,
+ * they will operate on our Items, do any special handling or checking
+ * we want to do, etc.
+ */
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * A boring cover structure for now. Perhaps someday it will include
+ * some more interesting fields.
+ */
+struct NSSBase64EncoderStr {
+ PLBase64Encoder *pl_data;
+};
+
+PR_END_EXTERN_C
+
+/*
+ * Function to start a base64 encoding context.
+ */
+NSSBase64Encoder *
+NSSBase64Encoder_Create(PRInt32 (*output_fn)(void *, const char *, PRInt32),
+ void *output_arg)
+{
+ PLBase64Encoder *pl_data;
+ NSSBase64Encoder *nss_data;
+
+ nss_data = PORT_ZNew(NSSBase64Encoder);
+ if (nss_data == NULL)
+ return NULL;
+
+ pl_data = PL_CreateBase64Encoder(output_fn, output_arg, 64);
+ if (pl_data == NULL) {
+ PORT_Free(nss_data);
+ return NULL;
+ }
+
+ nss_data->pl_data = pl_data;
+ return nss_data;
+}
+
+/*
+ * Push data through the encoder, causing the output_fn (provided to Create)
+ * to be called with the encoded data.
+ */
+SECStatus
+NSSBase64Encoder_Update(NSSBase64Encoder *data, const unsigned char *buffer,
+ PRUint32 size)
+{
+ PRStatus pr_status;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ pr_status = PL_UpdateBase64Encoder(data->pl_data, buffer, size);
+ if (pr_status == PR_FAILURE)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * When you're done encoding, call this to free the data. If "abort_p"
+ * is false, then calling this may cause the output_fn to be called
+ * one last time (as the last buffered data is flushed out).
+ */
+SECStatus
+NSSBase64Encoder_Destroy(NSSBase64Encoder *data, PRBool abort_p)
+{
+ PRStatus pr_status;
+
+ /* XXX Should we do argument checking only in debug build? */
+ if (data == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ pr_status = PL_DestroyBase64Encoder(data->pl_data, abort_p);
+
+ PORT_Free(data);
+
+ if (pr_status == PR_FAILURE)
+ return SECFailure;
+
+ return SECSuccess;
+}
+
+/*
+ * Perform base64 encoding of binary data "inItem" to an ascii string.
+ * The output buffer may be provided (as "outStrOpt"); you can also pass
+ * in a NULL and the buffer will be allocated for you. The result will
+ * be null-terminated, and if the buffer is provided, "maxOutLen" must
+ * specify the maximum length of the buffer and will be checked to
+ * supply sufficient space space for the encoded result. (If "outStrOpt"
+ * is NULL, "maxOutLen" is ignored.)
+ *
+ * If "outStrOpt" is NULL, allocation will happen out of the passed-in
+ * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
+ * will be used.
+ *
+ * Return value is NULL on error, the output buffer (allocated or provided)
+ * otherwise.
+ */
+char *
+NSSBase64_EncodeItem(PLArenaPool *arenaOpt, char *outStrOpt,
+ unsigned int maxOutLen, SECItem *inItem)
+{
+ char *out_string = outStrOpt;
+ PRUint32 max_out_len;
+ PRUint32 out_len = 0;
+ void *mark = NULL;
+ char *dummy;
+
+ PORT_Assert(inItem != NULL && inItem->data != NULL && inItem->len != 0);
+ if (inItem == NULL || inItem->data == NULL || inItem->len == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ max_out_len = PL_Base64MaxEncodedLength(inItem->len, 64);
+ if (max_out_len == 0) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (arenaOpt != NULL)
+ mark = PORT_ArenaMark(arenaOpt);
+
+ if (out_string == NULL) {
+ if (arenaOpt != NULL)
+ out_string = PORT_ArenaAlloc(arenaOpt, max_out_len + 1);
+ else
+ out_string = PORT_Alloc(max_out_len + 1);
+
+ if (out_string == NULL) {
+ if (arenaOpt != NULL)
+ PORT_ArenaRelease(arenaOpt, mark);
+ return NULL;
+ }
+ } else {
+ if ((max_out_len + 1) > maxOutLen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return NULL;
+ }
+ max_out_len = maxOutLen;
+ }
+
+ dummy = PL_Base64EncodeBuffer(inItem->data, inItem->len, 64,
+ out_string, max_out_len, &out_len);
+ if (dummy == NULL) {
+ if (arenaOpt != NULL) {
+ PORT_ArenaRelease(arenaOpt, mark);
+ } else {
+ PORT_Free(out_string);
+ }
+ return NULL;
+ }
+
+ if (arenaOpt != NULL)
+ PORT_ArenaUnmark(arenaOpt, mark);
+
+ out_string[out_len] = '\0';
+ return out_string;
+}
+
+/*
+ * XXX Everything below is deprecated. If you add new stuff, put it
+ * *above*, not below.
+ */
+
+/*
+ * XXX The following "BTOA" functions are provided for backward compatibility
+ * with current code. They should be considered strongly deprecated.
+ * When we can convert all our code over to using the new NSSBase64Encoder_
+ * functions defined above, we should get rid of these altogether. (Remove
+ * protoypes from base64.h as well -- actually, remove that file completely).
+ * If someone thinks either of these functions provides such a very useful
+ * interface (though, as shown, the same functionality can already be
+ * obtained by calling NSSBase64_EncodeItem directly), fine -- but then
+ * that API should be provided with a nice new NSSFoo name and using
+ * appropriate types, etc.
+ */
+
+#include "base64.h"
+
+/*
+** Return an PORT_Alloc'd ascii string which is the base64 encoded
+** version of the input string.
+*/
+char *
+BTOA_DataToAscii(const unsigned char *data, unsigned int len)
+{
+ SECItem binary_item;
+
+ binary_item.data = (unsigned char *)data;
+ binary_item.len = len;
+
+ return NSSBase64_EncodeItem(NULL, NULL, 0, &binary_item);
+}
+
+/*
+** Convert from binary encoding of an item to ascii.
+*/
+char *
+BTOA_ConvertItemToAscii(SECItem *binary_item)
+{
+ return NSSBase64_EncodeItem(NULL, NULL, 0, binary_item);
+}
diff --git a/security/nss/lib/util/nssb64t.h b/security/nss/lib/util/nssb64t.h
new file mode 100644
index 000000000..75e7877bc
--- /dev/null
+++ b/security/nss/lib/util/nssb64t.h
@@ -0,0 +1,15 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Public data structures for base64 encoding/decoding.
+ */
+#ifndef _NSSB64T_H_
+#define _NSSB64T_H_
+
+#include "utilrename.h"
+typedef struct NSSBase64DecoderStr NSSBase64Decoder;
+typedef struct NSSBase64EncoderStr NSSBase64Encoder;
+
+#endif /* _NSSB64T_H_ */
diff --git a/security/nss/lib/util/nssilckt.h b/security/nss/lib/util/nssilckt.h
new file mode 100644
index 000000000..417f96f67
--- /dev/null
+++ b/security/nss/lib/util/nssilckt.h
@@ -0,0 +1,191 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+** nssilock.h - Instrumented locking functions for NSS
+**
+** Description:
+** nssilock provides instrumentation for locks and monitors in
+** the NSS libraries. The instrumentation, when enabled, causes
+** each call to the instrumented function to record data about
+** the call to an external file. The external file
+** subsequently used to extract performance data and other
+** statistical information about the operation of locks used in
+** the nss library.
+**
+** To enable compilation with instrumentation, build NSS with
+** the compile time switch NEED_NSS_ILOCK defined.
+**
+** say: "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
+**
+** At runtime, to enable recording from nssilock, one or more
+** environment variables must be set. For each nssILockType to
+** be recorded, an environment variable of the form NSS_ILOCK_x
+** must be set to 1. For example:
+**
+** set NSS_ILOCK_Cert=1
+**
+** nssilock uses PRLOG is used to record to trace data. The
+** PRLogModule name associated with nssilock data is: "nssilock".
+** To enable recording of nssilock data you will need to set the
+** environment variable NSPR_LOG_MODULES to enable
+** recording for the nssilock log module. Similarly, you will
+** need to set the environment variable NSPR_LOG_FILE to specify
+** the filename to receive the recorded data. See prlog.h for usage.
+** Example:
+**
+** export NSPR_LOG_MODULES=nssilock:6
+** export NSPR_LOG_FILE=xxxLogfile
+**
+** Operation:
+** nssilock wraps calls to NSPR's PZLock and PZMonitor functions
+** with similarly named functions: PZ_NewLock(), etc. When NSS is
+** built with lock instrumentation enabled, the PZ* functions are
+** compiled into NSS; when lock instrumentation is disabled,
+** calls to PZ* functions are directly mapped to PR* functions
+** and the instrumentation arguments to the PZ* functions are
+** compiled away.
+**
+**
+** File Format:
+** The format of the external file is implementation
+** dependent. Where NSPR's PR_LOG() function is used, the file
+** contains data defined for PR_LOG() plus the data written by
+** the wrapped function. On some platforms and under some
+** circumstances, platform dependent logging or
+** instrumentation probes may be used. In any case, the
+** relevant data provided by the lock instrumentation is:
+**
+** lockType, func, address, duration, line, file [heldTime]
+**
+** where:
+**
+** lockType: a character representation of nssILockType for the
+** call. e.g. ... "cert"
+**
+** func: the function doing the tracing. e.g. "NewLock"
+**
+** address: address of the instrumented lock or monitor
+**
+** duration: is how long was spent in the instrumented function,
+** in PRIntervalTime "ticks".
+**
+** line: the line number within the calling function
+**
+** file: the file from which the call was made
+**
+** heldTime: how long the lock/monitor was held. field
+** present only for PZ_Unlock() and PZ_ExitMonitor().
+**
+** Design Notes:
+** The design for lock instrumentation was influenced by the
+** need to gather performance data on NSS 3.x. It is intended
+** that the effort to modify NSS to use lock instrumentation
+** be minimized. Existing calls to locking functions need only
+** have their names changed to the instrumentation function
+** names.
+**
+** Private NSS Interface:
+** nssilock.h defines a private interface for use by NSS.
+** nssilock.h is experimental in nature and is subject to
+** change or revocation without notice. ... Don't mess with
+** it.
+**
+*/
+
+/*
+ * $Id:
+ */
+
+#ifndef _NSSILCKT_H_
+#define _NSSILCKT_H_
+
+#include "utilrename.h"
+#include "prtypes.h"
+#include "prmon.h"
+#include "prlock.h"
+#include "prcvar.h"
+
+typedef enum {
+ nssILockArena = 0,
+ nssILockSession = 1,
+ nssILockObject = 2,
+ nssILockRefLock = 3,
+ nssILockCert = 4,
+ nssILockCertDB = 5,
+ nssILockDBM = 6,
+ nssILockCache = 7,
+ nssILockSSL = 8,
+ nssILockList = 9,
+ nssILockSlot = 10,
+ nssILockFreelist = 11,
+ nssILockOID = 12,
+ nssILockAttribute = 13,
+ nssILockPK11cxt = 14, /* pk11context */
+ nssILockRWLock = 15,
+ nssILockOther = 16,
+ nssILockSelfServ = 17,
+ nssILockKeyDB = 18,
+ nssILockLast /* don't use this one! */
+} nssILockType;
+
+/*
+** conditionally compile in nssilock features
+*/
+#if defined(NEED_NSS_ILOCK)
+
+/*
+** Declare operation type enumerator
+** enumerations identify the function being performed
+*/
+typedef enum {
+ FlushTT = 0,
+ NewLock = 1,
+ Lock = 2,
+ Unlock = 3,
+ DestroyLock = 4,
+ NewCondVar = 5,
+ WaitCondVar = 6,
+ NotifyCondVar = 7,
+ NotifyAllCondVar = 8,
+ DestroyCondVar = 9,
+ NewMonitor = 10,
+ EnterMonitor = 11,
+ ExitMonitor = 12,
+ Notify = 13,
+ NotifyAll = 14,
+ Wait = 15,
+ DestroyMonitor = 16
+} nssILockOp;
+
+/*
+** Declare the trace record
+*/
+struct pzTrace_s {
+ PRUint32 threadID; /* PR_GetThreadID() */
+ nssILockOp op; /* operation being performed */
+ nssILockType ltype; /* lock type identifier */
+ PRIntervalTime callTime; /* time spent in function */
+ PRIntervalTime heldTime; /* lock held time, or -1 */
+ void *lock; /* address of lock structure */
+ PRIntn line; /* line number */
+ char file[24]; /* filename */
+};
+
+/*
+** declare opaque types. See: nssilock.c
+*/
+typedef struct pzlock_s PZLock;
+typedef struct pzcondvar_s PZCondVar;
+typedef struct pzmonitor_s PZMonitor;
+
+#else /* NEED_NSS_ILOCK */
+
+#define PZLock PRLock
+#define PZCondVar PRCondVar
+#define PZMonitor PRMonitor
+
+#endif /* NEED_NSS_ILOCK */
+
+#endif /* _NSSILCKT_H_ */
diff --git a/security/nss/lib/util/nssilock.c b/security/nss/lib/util/nssilock.c
new file mode 100644
index 000000000..d76720942
--- /dev/null
+++ b/security/nss/lib/util/nssilock.c
@@ -0,0 +1,479 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * nssilock.c - NSS lock instrumentation wrapper functions
+ *
+ * NOTE - These are not public interfaces
+ *
+ * Implementation Notes:
+ * I've tried to make the instrumentation relatively non-intrusive.
+ * To do this, I have used a single PR_LOG() call in each
+ * instrumented function. There's room for improvement.
+ *
+ *
+ */
+
+#include "prinit.h"
+#include "prerror.h"
+#include "prlock.h"
+#include "prmem.h"
+#include "prenv.h"
+#include "prcvar.h"
+#include "prio.h"
+
+#if defined(NEED_NSS_ILOCK)
+#include "prlog.h"
+#include "nssilock.h"
+
+/*
+** Declare the instrumented PZLock
+*/
+struct pzlock_s {
+ PRLock *lock; /* the PZLock to be instrumented */
+ PRIntervalTime time; /* timestamp when the lock was aquired */
+ nssILockType ltype;
+};
+
+/*
+** Declare the instrumented PZMonitor
+*/
+struct pzmonitor_s {
+ PRMonitor *mon; /* the PZMonitor to be instrumented */
+ PRIntervalTime time; /* timestamp when the monitor was aquired */
+ nssILockType ltype;
+};
+
+/*
+** Declare the instrumented PZCondVar
+*/
+struct pzcondvar_s {
+ PRCondVar *cvar; /* the PZCondVar to be instrumented */
+ nssILockType ltype;
+};
+
+/*
+** Define a CallOnce type to ensure serialized self-initialization
+*/
+static PRCallOnceType coNssILock; /* CallOnce type */
+static PRIntn nssILockInitialized; /* initialization done when 1 */
+static PRLogModuleInfo *nssILog; /* Log instrumentation to this handle */
+
+#define NUM_TT_ENTRIES 6000000
+static PRInt32 traceIndex = -1; /* index into trace table */
+static struct pzTrace_s *tt; /* pointer to trace table */
+static PRInt32 ttBufSize = (NUM_TT_ENTRIES * sizeof(struct pzTrace_s));
+static PRCondVar *ttCVar;
+static PRLock *ttLock;
+static PRFileDesc *ttfd; /* trace table file */
+
+/*
+** Vtrace() -- Trace events, write events to external media
+**
+** Vtrace() records traced events in an in-memory trace table
+** when the trace table fills, Vtrace writes the entire table
+** to a file.
+**
+** data can be lost!
+**
+*/
+static void
+Vtrace(
+ nssILockOp op,
+ nssILockType ltype,
+ PRIntervalTime callTime,
+ PRIntervalTime heldTime,
+ void *lock,
+ PRIntn line,
+ char *file)
+{
+ PRInt32 idx;
+ struct pzTrace_s *tp;
+
+RetryTrace:
+ idx = PR_ATOMIC_INCREMENT(&traceIndex);
+ while (NUM_TT_ENTRIES <= idx || op == FlushTT) {
+ if (NUM_TT_ENTRIES == idx || op == FlushTT) {
+ int writeSize = idx * sizeof(struct pzTrace_s);
+ PR_Lock(ttLock);
+ PR_Write(ttfd, tt, writeSize);
+ traceIndex = -1;
+ PR_NotifyAllCondVar(ttCVar);
+ PR_Unlock(ttLock);
+ goto RetryTrace;
+ } else {
+ PR_Lock(ttLock);
+ while (NUM_TT_ENTRIES < idx)
+ PR_WaitCondVar(ttCVar, PR_INTERVAL_NO_WAIT);
+ PR_Unlock(ttLock);
+ goto RetryTrace;
+ }
+ } /* end while() */
+
+ /* create the trace entry */
+ tp = tt + idx;
+ tp->threadID = PR_GetThreadID(PR_GetCurrentThread());
+ tp->op = op;
+ tp->ltype = ltype;
+ tp->callTime = callTime;
+ tp->heldTime = heldTime;
+ tp->lock = lock;
+ tp->line = line;
+ strcpy(tp->file, file);
+ return;
+} /* --- end Vtrace() --- */
+
+/*
+** pz_TraceFlush() -- Force trace table write to file
+**
+*/
+extern void
+pz_TraceFlush(void)
+{
+ Vtrace(FlushTT, nssILockSelfServ, 0, 0, NULL, 0, "");
+ return;
+} /* --- end pz_TraceFlush() --- */
+
+/*
+** nssILockInit() -- Initialization for nssilock
+**
+** This function is called from the CallOnce mechanism.
+*/
+static PRStatus
+nssILockInit(void)
+{
+ int i;
+ nssILockInitialized = 1;
+
+ /* new log module */
+ nssILog = PR_NewLogModule("nssilock");
+ if (NULL == nssILog) {
+ return (PR_FAILURE);
+ }
+
+ tt = PR_Calloc(NUM_TT_ENTRIES, sizeof(struct pzTrace_s));
+ if (NULL == tt) {
+ fprintf(stderr, "nssilock: can't allocate trace table\n");
+ exit(1);
+ }
+
+ ttfd = PR_Open("xxxTTLog", PR_CREATE_FILE | PR_WRONLY, 0666);
+ if (NULL == ttfd) {
+ fprintf(stderr, "Oh Drat! Can't open 'xxxTTLog'\n");
+ exit(1);
+ }
+
+ ttLock = PR_NewLock();
+ ttCVar = PR_NewCondVar(ttLock);
+
+ return (PR_SUCCESS);
+} /* --- end nssILockInit() --- */
+
+extern PZLock *
+pz_NewLock(
+ nssILockType ltype,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PZLock *lock;
+
+ /* Self Initialize the nssILock feature */
+ if (!nssILockInitialized) {
+ rc = PR_CallOnce(&coNssILock, nssILockInit);
+ if (PR_FAILURE == rc) {
+ PR_SetError(PR_UNKNOWN_ERROR, 0);
+ return (NULL);
+ }
+ }
+
+ lock = PR_NEWZAP(PZLock);
+ if (NULL != lock) {
+ lock->ltype = ltype;
+ lock->lock = PR_NewLock();
+ if (NULL == lock->lock) {
+ PR_DELETE(lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ Vtrace(NewLock, ltype, 0, 0, lock, line, file);
+ return (lock);
+} /* --- end pz_NewLock() --- */
+
+extern void
+pz_Lock(
+ PZLock *lock,
+ char *file,
+ PRIntn line)
+{
+ PRIntervalTime callTime;
+
+ callTime = PR_IntervalNow();
+ PR_Lock(lock->lock);
+ lock->time = PR_IntervalNow();
+ callTime = lock->time - callTime;
+
+ Vtrace(Lock, lock->ltype, callTime, 0, lock, line, file);
+ return;
+} /* --- end pz_Lock() --- */
+
+extern PRStatus
+pz_Unlock(
+ PZLock *lock,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PRIntervalTime callTime, now, heldTime;
+
+ callTime = PR_IntervalNow();
+ rc = PR_Unlock(lock->lock);
+ now = PR_IntervalNow();
+ callTime = now - callTime;
+ heldTime = now - lock->time;
+ Vtrace(Unlock, lock->ltype, callTime, heldTime, lock, line, file);
+ return (rc);
+} /* --- end pz_Unlock() --- */
+
+extern void
+pz_DestroyLock(
+ PZLock *lock,
+ char *file,
+ PRIntn line)
+{
+ Vtrace(DestroyLock, lock->ltype, 0, 0, lock, line, file);
+ PR_DestroyLock(lock->lock);
+ PR_DELETE(lock);
+ return;
+} /* --- end pz_DestroyLock() --- */
+
+extern PZCondVar *
+pz_NewCondVar(
+ PZLock *lock,
+ char *file,
+ PRIntn line)
+{
+ PZCondVar *cvar;
+
+ cvar = PR_NEWZAP(PZCondVar);
+ if (NULL == cvar) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ } else {
+ cvar->ltype = lock->ltype;
+ cvar->cvar = PR_NewCondVar(lock->lock);
+ if (NULL == cvar->cvar) {
+ PR_DELETE(cvar);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ }
+ Vtrace(NewCondVar, lock->ltype, 0, 0, cvar, line, file);
+ return (cvar);
+} /* --- end pz_NewCondVar() --- */
+
+extern void
+pz_DestroyCondVar(
+ PZCondVar *cvar,
+ char *file,
+ PRIntn line)
+{
+ Vtrace(DestroyCondVar, cvar->ltype, 0, 0, cvar, line, file);
+ PR_DestroyCondVar(cvar->cvar);
+ PR_DELETE(cvar);
+} /* --- end pz_DestroyCondVar() --- */
+
+extern PRStatus
+pz_WaitCondVar(
+ PZCondVar *cvar,
+ PRIntervalTime timeout,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PRIntervalTime callTime;
+
+ callTime = PR_IntervalNow();
+ rc = PR_WaitCondVar(cvar->cvar, timeout);
+ callTime = PR_IntervalNow() - callTime;
+
+ Vtrace(WaitCondVar, cvar->ltype, callTime, 0, cvar, line, file);
+ return (rc);
+} /* --- end pz_WaitCondVar() --- */
+
+extern PRStatus
+pz_NotifyCondVar(
+ PZCondVar *cvar,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+
+ rc = PR_NotifyCondVar(cvar->cvar);
+
+ Vtrace(NotifyCondVar, cvar->ltype, 0, 0, cvar, line, file);
+ return (rc);
+} /* --- end pz_NotifyCondVar() --- */
+
+extern PRStatus
+pz_NotifyAllCondVar(
+ PZCondVar *cvar,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+
+ rc = PR_NotifyAllCondVar(cvar->cvar);
+
+ Vtrace(NotifyAllCondVar, cvar->ltype, 0, 0, cvar, line, file);
+ return (rc);
+} /* --- end pz_NotifyAllCondVar() --- */
+
+extern PZMonitor *
+pz_NewMonitor(
+ nssILockType ltype,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PZMonitor *mon;
+
+ /* Self Initialize the nssILock feature */
+ if (!nssILockInitialized) {
+ rc = PR_CallOnce(&coNssILock, nssILockInit);
+ if (PR_FAILURE == rc) {
+ PR_SetError(PR_UNKNOWN_ERROR, 0);
+ return (NULL);
+ }
+ }
+
+ mon = PR_NEWZAP(PZMonitor);
+ if (NULL != mon) {
+ mon->ltype = ltype;
+ mon->mon = PR_NewMonitor();
+ if (NULL == mon->mon) {
+ PR_DELETE(mon);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ Vtrace(NewMonitor, ltype, 0, 0, mon, line, file);
+ return (mon);
+} /* --- end pz_NewMonitor() --- */
+
+extern void
+pz_DestroyMonitor(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line)
+{
+ Vtrace(DestroyMonitor, mon->ltype, 0, 0, mon, line, file);
+ PR_DestroyMonitor(mon->mon);
+ PR_DELETE(mon);
+ return;
+} /* --- end pz_DestroyMonitor() --- */
+
+extern void
+pz_EnterMonitor(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line)
+{
+ PRIntervalTime callTime, now;
+
+ callTime = PR_IntervalNow();
+ PR_EnterMonitor(mon->mon);
+ now = PR_IntervalNow();
+ callTime = now - callTime;
+ if (PR_GetMonitorEntryCount(mon->mon) == 1) {
+ mon->time = now;
+ }
+ Vtrace(EnterMonitor, mon->ltype, callTime, 0, mon, line, file);
+ return;
+} /* --- end pz_EnterMonitor() --- */
+
+extern PRStatus
+pz_ExitMonitor(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PRIntervalTime callTime, now, heldTime;
+ PRIntn mec = PR_GetMonitorEntryCount(mon->mon);
+
+ heldTime = (PRIntervalTime)-1;
+ callTime = PR_IntervalNow();
+ rc = PR_ExitMonitor(mon->mon);
+ now = PR_IntervalNow();
+ callTime = now - callTime;
+ if (mec == 1)
+ heldTime = now - mon->time;
+ Vtrace(ExitMonitor, mon->ltype, callTime, heldTime, mon, line, file);
+ return (rc);
+} /* --- end pz_ExitMonitor() --- */
+
+extern PRIntn
+pz_GetMonitorEntryCount(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line)
+{
+ return (PR_GetMonitorEntryCount(mon->mon));
+} /* --- end pz_GetMonitorEntryCount() --- */
+
+extern PRStatus
+pz_Wait(
+ PZMonitor *mon,
+ PRIntervalTime ticks,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PRIntervalTime callTime;
+
+ callTime = PR_IntervalNow();
+ rc = PR_Wait(mon->mon, ticks);
+ callTime = PR_IntervalNow() - callTime;
+ Vtrace(Wait, mon->ltype, callTime, 0, mon, line, file);
+ return (rc);
+} /* --- end pz_Wait() --- */
+
+extern PRStatus
+pz_Notify(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PRIntervalTime callTime;
+
+ callTime = PR_IntervalNow();
+ rc = PR_Notify(mon->mon);
+ callTime = PR_IntervalNow() - callTime;
+ Vtrace(Notify, mon->ltype, callTime, 0, mon, line, file);
+ return (rc);
+} /* --- end pz_Notify() --- */
+
+extern PRStatus
+pz_NotifyAll(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line)
+{
+ PRStatus rc;
+ PRIntervalTime callTime;
+
+ callTime = PR_IntervalNow();
+ rc = PR_NotifyAll(mon->mon);
+ callTime = PR_IntervalNow() - callTime;
+ Vtrace(NotifyAll, mon->ltype, callTime, 0, mon, line, file);
+ return (rc);
+} /* --- end pz_NotifyAll() --- */
+
+#endif /* NEED_NSS_ILOCK */
+/* --- end nssilock.c --------------------------------- */
diff --git a/security/nss/lib/util/nssilock.h b/security/nss/lib/util/nssilock.h
new file mode 100644
index 000000000..01f666a79
--- /dev/null
+++ b/security/nss/lib/util/nssilock.h
@@ -0,0 +1,267 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+** nssilock.h - Instrumented locking functions for NSS
+**
+** Description:
+** nssilock provides instrumentation for locks and monitors in
+** the NSS libraries. The instrumentation, when enabled, causes
+** each call to the instrumented function to record data about
+** the call to an external file. The external file
+** subsequently used to extract performance data and other
+** statistical information about the operation of locks used in
+** the nss library.
+**
+** To enable compilation with instrumentation, build NSS with
+** the compile time switch NEED_NSS_ILOCK defined.
+**
+** say: "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
+**
+** At runtime, to enable recording from nssilock, one or more
+** environment variables must be set. For each nssILockType to
+** be recorded, an environment variable of the form NSS_ILOCK_x
+** must be set to 1. For example:
+**
+** set NSS_ILOCK_Cert=1
+**
+** nssilock uses PRLOG is used to record to trace data. The
+** PRLogModule name associated with nssilock data is: "nssilock".
+** To enable recording of nssilock data you will need to set the
+** environment variable NSPR_LOG_MODULES to enable
+** recording for the nssilock log module. Similarly, you will
+** need to set the environment variable NSPR_LOG_FILE to specify
+** the filename to receive the recorded data. See prlog.h for usage.
+** Example:
+**
+** export NSPR_LOG_MODULES=nssilock:6
+** export NSPR_LOG_FILE=xxxLogfile
+**
+** Operation:
+** nssilock wraps calls to NSPR's PZLock and PZMonitor functions
+** with similarly named functions: PZ_NewLock(), etc. When NSS is
+** built with lock instrumentation enabled, the PZ* functions are
+** compiled into NSS; when lock instrumentation is disabled,
+** calls to PZ* functions are directly mapped to PR* functions
+** and the instrumentation arguments to the PZ* functions are
+** compiled away.
+**
+**
+** File Format:
+** The format of the external file is implementation
+** dependent. Where NSPR's PR_LOG() function is used, the file
+** contains data defined for PR_LOG() plus the data written by
+** the wrapped function. On some platforms and under some
+** circumstances, platform dependent logging or
+** instrumentation probes may be used. In any case, the
+** relevant data provided by the lock instrumentation is:
+**
+** lockType, func, address, duration, line, file [heldTime]
+**
+** where:
+**
+** lockType: a character representation of nssILockType for the
+** call. e.g. ... "cert"
+**
+** func: the function doing the tracing. e.g. "NewLock"
+**
+** address: address of the instrumented lock or monitor
+**
+** duration: is how long was spent in the instrumented function,
+** in PRIntervalTime "ticks".
+**
+** line: the line number within the calling function
+**
+** file: the file from which the call was made
+**
+** heldTime: how long the lock/monitor was held. field
+** present only for PZ_Unlock() and PZ_ExitMonitor().
+**
+** Design Notes:
+** The design for lock instrumentation was influenced by the
+** need to gather performance data on NSS 3.x. It is intended
+** that the effort to modify NSS to use lock instrumentation
+** be minimized. Existing calls to locking functions need only
+** have their names changed to the instrumentation function
+** names.
+**
+** Private NSS Interface:
+** nssilock.h defines a private interface for use by NSS.
+** nssilock.h is experimental in nature and is subject to
+** change or revocation without notice. ... Don't mess with
+** it.
+**
+*/
+
+/*
+ * $Id:
+ */
+
+#ifndef _NSSILOCK_H_
+#define _NSSILOCK_H_
+
+#include "utilrename.h"
+#include "prtypes.h"
+#include "prmon.h"
+#include "prlock.h"
+#include "prcvar.h"
+
+#include "nssilckt.h"
+
+PR_BEGIN_EXTERN_C
+
+#if defined(NEED_NSS_ILOCK)
+
+#define PZ_NewLock(t) pz_NewLock((t), __FILE__, __LINE__)
+extern PZLock *
+pz_NewLock(
+ nssILockType ltype,
+ char *file,
+ PRIntn line);
+
+#define PZ_Lock(k) pz_Lock((k), __FILE__, __LINE__)
+extern void
+pz_Lock(
+ PZLock *lock,
+ char *file,
+ PRIntn line);
+
+#define PZ_Unlock(k) pz_Unlock((k), __FILE__, __LINE__)
+extern PRStatus
+pz_Unlock(
+ PZLock *lock,
+ char *file,
+ PRIntn line);
+
+#define PZ_DestroyLock(k) pz_DestroyLock((k), __FILE__, __LINE__)
+extern void
+pz_DestroyLock(
+ PZLock *lock,
+ char *file,
+ PRIntn line);
+
+#define PZ_NewCondVar(l) pz_NewCondVar((l), __FILE__, __LINE__)
+extern PZCondVar *
+pz_NewCondVar(
+ PZLock *lock,
+ char *file,
+ PRIntn line);
+
+#define PZ_DestroyCondVar(v) pz_DestroyCondVar((v), __FILE__, __LINE__)
+extern void
+pz_DestroyCondVar(
+ PZCondVar *cvar,
+ char *file,
+ PRIntn line);
+
+#define PZ_WaitCondVar(v, t) pz_WaitCondVar((v), (t), __FILE__, __LINE__)
+extern PRStatus
+pz_WaitCondVar(
+ PZCondVar *cvar,
+ PRIntervalTime timeout,
+ char *file,
+ PRIntn line);
+
+#define PZ_NotifyCondVar(v) pz_NotifyCondVar((v), __FILE__, __LINE__)
+extern PRStatus
+pz_NotifyCondVar(
+ PZCondVar *cvar,
+ char *file,
+ PRIntn line);
+
+#define PZ_NotifyAllCondVar(v) pz_NotifyAllCondVar((v), __FILE__, __LINE__)
+extern PRStatus
+pz_NotifyAllCondVar(
+ PZCondVar *cvar,
+ char *file,
+ PRIntn line);
+
+#define PZ_NewMonitor(t) pz_NewMonitor((t), __FILE__, __LINE__)
+extern PZMonitor *
+pz_NewMonitor(
+ nssILockType ltype,
+ char *file,
+ PRIntn line);
+
+#define PZ_DestroyMonitor(m) pz_DestroyMonitor((m), __FILE__, __LINE__)
+extern void
+pz_DestroyMonitor(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line);
+
+#define PZ_EnterMonitor(m) pz_EnterMonitor((m), __FILE__, __LINE__)
+extern void
+pz_EnterMonitor(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line);
+
+#define PZ_ExitMonitor(m) pz_ExitMonitor((m), __FILE__, __LINE__)
+extern PRStatus
+pz_ExitMonitor(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line);
+
+#define PZ_InMonitor(m) (PZ_GetMonitorEntryCount(m) > 0)
+#define PZ_GetMonitorEntryCount(m) pz_GetMonitorEntryCount((m), __FILE__, __LINE__)
+extern PRIntn
+pz_GetMonitorEntryCount(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line);
+
+#define PZ_Wait(m, i) pz_Wait((m), ((i)), __FILE__, __LINE__)
+extern PRStatus
+pz_Wait(
+ PZMonitor *mon,
+ PRIntervalTime ticks,
+ char *file,
+ PRIntn line);
+
+#define PZ_Notify(m) pz_Notify((m), __FILE__, __LINE__)
+extern PRStatus
+pz_Notify(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line);
+
+#define PZ_NotifyAll(m) pz_NotifyAll((m), __FILE__, __LINE__)
+extern PRStatus
+pz_NotifyAll(
+ PZMonitor *mon,
+ char *file,
+ PRIntn line);
+
+#define PZ_TraceFlush() pz_TraceFlush()
+extern void pz_TraceFlush(void);
+
+#else /* NEED_NSS_ILOCK */
+
+#define PZ_NewLock(t) PR_NewLock()
+#define PZ_DestroyLock(k) PR_DestroyLock((k))
+#define PZ_Lock(k) PR_Lock((k))
+#define PZ_Unlock(k) PR_Unlock((k))
+
+#define PZ_NewCondVar(l) PR_NewCondVar((l))
+#define PZ_DestroyCondVar(v) PR_DestroyCondVar((v))
+#define PZ_WaitCondVar(v, t) PR_WaitCondVar((v), (t))
+#define PZ_NotifyCondVar(v) PR_NotifyCondVar((v))
+#define PZ_NotifyAllCondVar(v) PR_NotifyAllCondVar((v))
+
+#define PZ_NewMonitor(t) PR_NewMonitor()
+#define PZ_DestroyMonitor(m) PR_DestroyMonitor((m))
+#define PZ_EnterMonitor(m) PR_EnterMonitor((m))
+#define PZ_ExitMonitor(m) PR_ExitMonitor((m))
+#define PZ_InMonitor(m) PR_InMonitor((m))
+#define PZ_Wait(m, t) PR_Wait(((m)), ((t)))
+#define PZ_Notify(m) PR_Notify((m))
+#define PZ_NotifyAll(m) PR_Notify((m))
+#define PZ_TraceFlush() /* nothing */
+
+#endif /* NEED_NSS_ILOCK */
+
+PR_END_EXTERN_C
+#endif /* _NSSILOCK_H_ */
diff --git a/security/nss/lib/util/nsslocks.h b/security/nss/lib/util/nsslocks.h
new file mode 100644
index 000000000..6098f56a4
--- /dev/null
+++ b/security/nss/lib/util/nsslocks.h
@@ -0,0 +1,10 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * nsslocks.h - threadsafe functions to initialize lock pointers.
+ *
+ * NOTE - The interfaces formerly in this header were private and are now all
+ * obsolete.
+ */
diff --git a/security/nss/lib/util/nssrwlk.c b/security/nss/lib/util/nssrwlk.c
new file mode 100644
index 000000000..dbaeca24b
--- /dev/null
+++ b/security/nss/lib/util/nssrwlk.c
@@ -0,0 +1,448 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssrwlk.h"
+#include "nspr.h"
+
+PR_BEGIN_EXTERN_C
+
+/*
+ * Reader-writer lock
+ */
+struct nssRWLockStr {
+ PZLock *rw_lock;
+ char *rw_name; /* lock name */
+ PRUint32 rw_rank; /* rank of the lock */
+ PRInt32 rw_writer_locks; /* == 0, if unlocked */
+ PRInt32 rw_reader_locks; /* == 0, if unlocked */
+ /* > 0 , # of read locks */
+ PRUint32 rw_waiting_readers; /* number of waiting readers */
+ PRUint32 rw_waiting_writers; /* number of waiting writers */
+ PZCondVar *rw_reader_waitq; /* cvar for readers */
+ PZCondVar *rw_writer_waitq; /* cvar for writers */
+ PRThread *rw_owner; /* lock owner for write-lock */
+ /* Non-null if write lock held. */
+};
+
+PR_END_EXTERN_C
+
+#include <string.h>
+
+#ifdef DEBUG_RANK_ORDER
+#define NSS_RWLOCK_RANK_ORDER_DEBUG /* enable deadlock detection using \
+ rank-order for locks \
+ */
+#endif
+
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+
+static PRUintn nss_thread_rwlock_initialized;
+static PRUintn nss_thread_rwlock; /* TPD key for lock stack */
+static PRUintn nss_thread_rwlock_alloc_failed;
+
+#define _NSS_RWLOCK_RANK_ORDER_LIMIT 10
+
+typedef struct thread_rwlock_stack {
+ PRInt32 trs_index; /* top of stack */
+ NSSRWLock *trs_stack[_NSS_RWLOCK_RANK_ORDER_LIMIT]; /* stack of lock
+ pointers */
+} thread_rwlock_stack;
+
+/* forward static declarations. */
+static PRUint32 nssRWLock_GetThreadRank(PRThread *me);
+static void nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock);
+static void nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock);
+static void nssRWLock_ReleaseLockStack(void *lock_stack);
+
+#endif
+
+#define UNTIL(x) while (!(x))
+
+/*
+ * Reader/Writer Locks
+ */
+
+/*
+ * NSSRWLock_New
+ * Create a reader-writer lock, with the given lock rank and lock name
+ *
+ */
+
+NSSRWLock *
+NSSRWLock_New(PRUint32 lock_rank, const char *lock_name)
+{
+ NSSRWLock *rwlock;
+
+ rwlock = PR_NEWZAP(NSSRWLock);
+ if (rwlock == NULL)
+ return NULL;
+
+ rwlock->rw_lock = PZ_NewLock(nssILockRWLock);
+ if (rwlock->rw_lock == NULL) {
+ goto loser;
+ }
+ rwlock->rw_reader_waitq = PZ_NewCondVar(rwlock->rw_lock);
+ if (rwlock->rw_reader_waitq == NULL) {
+ goto loser;
+ }
+ rwlock->rw_writer_waitq = PZ_NewCondVar(rwlock->rw_lock);
+ if (rwlock->rw_writer_waitq == NULL) {
+ goto loser;
+ }
+ if (lock_name != NULL) {
+ rwlock->rw_name = (char *)PR_Malloc((PRUint32)strlen(lock_name) + 1);
+ if (rwlock->rw_name == NULL) {
+ goto loser;
+ }
+ strcpy(rwlock->rw_name, lock_name);
+ } else {
+ rwlock->rw_name = NULL;
+ }
+ rwlock->rw_rank = lock_rank;
+ rwlock->rw_waiting_readers = 0;
+ rwlock->rw_waiting_writers = 0;
+ rwlock->rw_reader_locks = 0;
+ rwlock->rw_writer_locks = 0;
+
+ return rwlock;
+
+loser:
+ NSSRWLock_Destroy(rwlock);
+ return (NULL);
+}
+
+/*
+** Destroy the given RWLock "lock".
+*/
+void
+NSSRWLock_Destroy(NSSRWLock *rwlock)
+{
+ PR_ASSERT(rwlock != NULL);
+ PR_ASSERT(rwlock->rw_waiting_readers == 0);
+
+ /* XXX Shouldn't we lock the PZLock before destroying this?? */
+
+ if (rwlock->rw_name)
+ PR_Free(rwlock->rw_name);
+ if (rwlock->rw_reader_waitq)
+ PZ_DestroyCondVar(rwlock->rw_reader_waitq);
+ if (rwlock->rw_writer_waitq)
+ PZ_DestroyCondVar(rwlock->rw_writer_waitq);
+ if (rwlock->rw_lock)
+ PZ_DestroyLock(rwlock->rw_lock);
+ PR_DELETE(rwlock);
+}
+
+/*
+** Read-lock the RWLock.
+*/
+void
+NSSRWLock_LockRead(NSSRWLock *rwlock)
+{
+ PRThread *me = PR_GetCurrentThread();
+
+ PZ_Lock(rwlock->rw_lock);
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+
+ /*
+ * assert that rank ordering is not violated; the rank of 'rwlock' should
+ * be equal to or greater than the highest rank of all the locks held by
+ * the thread.
+ */
+ PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
+ (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
+#endif
+ /*
+ * wait if write-locked or if a writer is waiting; preference for writers
+ */
+ UNTIL((rwlock->rw_owner == me) || /* I own it, or */
+ ((rwlock->rw_owner == NULL) && /* no-one owns it, and */
+ (rwlock->rw_waiting_writers == 0)))
+ { /* no-one is waiting to own */
+
+ rwlock->rw_waiting_readers++;
+ PZ_WaitCondVar(rwlock->rw_reader_waitq, PR_INTERVAL_NO_TIMEOUT);
+ rwlock->rw_waiting_readers--;
+ }
+ rwlock->rw_reader_locks++; /* Increment read-lock count */
+
+ PZ_Unlock(rwlock->rw_lock);
+
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+ nssRWLock_SetThreadRank(me, rwlock); /* update thread's lock rank */
+#endif
+}
+
+/* Unlock a Read lock held on this RW lock.
+*/
+void
+NSSRWLock_UnlockRead(NSSRWLock *rwlock)
+{
+ PZ_Lock(rwlock->rw_lock);
+
+ PR_ASSERT(rwlock->rw_reader_locks > 0); /* lock must be read locked */
+
+ if ((rwlock->rw_reader_locks > 0) && /* caller isn't screwey */
+ (--rwlock->rw_reader_locks == 0) && /* not read locked any more */
+ (rwlock->rw_owner == NULL) && /* not write locked */
+ (rwlock->rw_waiting_writers > 0)) { /* someone's waiting. */
+
+ PZ_NotifyCondVar(rwlock->rw_writer_waitq); /* wake him up. */
+ }
+
+ PZ_Unlock(rwlock->rw_lock);
+
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+ /*
+ * update thread's lock rank
+ */
+ nssRWLock_UnsetThreadRank(me, rwlock);
+#endif
+ return;
+}
+
+/*
+** Write-lock the RWLock.
+*/
+void
+NSSRWLock_LockWrite(NSSRWLock *rwlock)
+{
+ PRThread *me = PR_GetCurrentThread();
+
+ PZ_Lock(rwlock->rw_lock);
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+ /*
+ * assert that rank ordering is not violated; the rank of 'rwlock' should
+ * be equal to or greater than the highest rank of all the locks held by
+ * the thread.
+ */
+ PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
+ (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
+#endif
+ /*
+ * wait if read locked or write locked.
+ */
+ PR_ASSERT(rwlock->rw_reader_locks >= 0);
+ PR_ASSERT(me != NULL);
+
+ UNTIL((rwlock->rw_owner == me) || /* I own write lock, or */
+ ((rwlock->rw_owner == NULL) && /* no writer and */
+ (rwlock->rw_reader_locks == 0)))
+ { /* no readers, either. */
+
+ rwlock->rw_waiting_writers++;
+ PZ_WaitCondVar(rwlock->rw_writer_waitq, PR_INTERVAL_NO_TIMEOUT);
+ rwlock->rw_waiting_writers--;
+ PR_ASSERT(rwlock->rw_reader_locks >= 0);
+ }
+
+ PR_ASSERT(rwlock->rw_reader_locks == 0);
+ /*
+ * apply write lock
+ */
+ rwlock->rw_owner = me;
+ rwlock->rw_writer_locks++; /* Increment write-lock count */
+
+ PZ_Unlock(rwlock->rw_lock);
+
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+ /*
+ * update thread's lock rank
+ */
+ nssRWLock_SetThreadRank(me, rwlock);
+#endif
+}
+
+/* Unlock a Read lock held on this RW lock.
+*/
+void
+NSSRWLock_UnlockWrite(NSSRWLock *rwlock)
+{
+ PRThread *me = PR_GetCurrentThread();
+
+ PZ_Lock(rwlock->rw_lock);
+ PR_ASSERT(rwlock->rw_owner == me); /* lock must be write-locked by me. */
+ PR_ASSERT(rwlock->rw_writer_locks > 0); /* lock must be write locked */
+
+ if (rwlock->rw_owner == me && /* I own it, and */
+ rwlock->rw_writer_locks > 0 && /* I own it, and */
+ --rwlock->rw_writer_locks == 0) { /* I'm all done with it */
+
+ rwlock->rw_owner = NULL; /* I don't own it any more. */
+
+ /* Give preference to waiting writers. */
+ if (rwlock->rw_waiting_writers > 0) {
+ if (rwlock->rw_reader_locks == 0)
+ PZ_NotifyCondVar(rwlock->rw_writer_waitq);
+ } else if (rwlock->rw_waiting_readers > 0) {
+ PZ_NotifyAllCondVar(rwlock->rw_reader_waitq);
+ }
+ }
+ PZ_Unlock(rwlock->rw_lock);
+
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+ /*
+ * update thread's lock rank
+ */
+ nssRWLock_UnsetThreadRank(me, rwlock);
+#endif
+ return;
+}
+
+/* This is primarily for debugging, i.e. for inclusion in ASSERT calls. */
+PRBool
+NSSRWLock_HaveWriteLock(NSSRWLock *rwlock)
+{
+ PRBool ownWriteLock;
+ PRThread *me = PR_GetCurrentThread();
+
+/* This lock call isn't really necessary.
+ ** If this thread is the owner, that fact cannot change during this call,
+ ** because this thread is in this call.
+ ** If this thread is NOT the owner, the owner could change, but it
+ ** could not become this thread.
+ */
+#if UNNECESSARY
+ PZ_Lock(rwlock->rw_lock);
+#endif
+ ownWriteLock = (PRBool)(me == rwlock->rw_owner);
+#if UNNECESSARY
+ PZ_Unlock(rwlock->rw_lock);
+#endif
+ return ownWriteLock;
+}
+
+#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
+
+/*
+ * nssRWLock_SetThreadRank
+ * Set a thread's lock rank, which is the highest of the ranks of all
+ * the locks held by the thread. Pointers to the locks are added to a
+ * per-thread list, which is anchored off a thread-private data key.
+ */
+
+static void
+nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock)
+{
+ thread_rwlock_stack *lock_stack;
+ PRStatus rv;
+
+ /*
+ * allocated thread-private-data for rwlock list, if not already allocated
+ */
+ if (!nss_thread_rwlock_initialized) {
+ /*
+ * allocate tpd, only if not failed already
+ */
+ if (!nss_thread_rwlock_alloc_failed) {
+ if (PR_NewThreadPrivateIndex(&nss_thread_rwlock,
+ nssRWLock_ReleaseLockStack) == PR_FAILURE) {
+ nss_thread_rwlock_alloc_failed = 1;
+ return;
+ }
+ } else
+ return;
+ }
+ /*
+ * allocate a lock stack
+ */
+ if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL) {
+ lock_stack = (thread_rwlock_stack *)
+ PR_CALLOC(1 * sizeof(thread_rwlock_stack));
+ if (lock_stack) {
+ rv = PR_SetThreadPrivate(nss_thread_rwlock, lock_stack);
+ if (rv == PR_FAILURE) {
+ PR_DELETE(lock_stack);
+ nss_thread_rwlock_alloc_failed = 1;
+ return;
+ }
+ } else {
+ nss_thread_rwlock_alloc_failed = 1;
+ return;
+ }
+ }
+ /*
+ * add rwlock to lock stack, if limit is not exceeded
+ */
+ if (lock_stack) {
+ if (lock_stack->trs_index < _NSS_RWLOCK_RANK_ORDER_LIMIT)
+ lock_stack->trs_stack[lock_stack->trs_index++] = rwlock;
+ }
+ nss_thread_rwlock_initialized = 1;
+}
+
+static void
+nssRWLock_ReleaseLockStack(void *lock_stack)
+{
+ PR_ASSERT(lock_stack);
+ PR_DELETE(lock_stack);
+}
+
+/*
+ * nssRWLock_GetThreadRank
+ *
+ * return thread's lock rank. If thread-private-data for the lock
+ * stack is not allocated, return NSS_RWLOCK_RANK_NONE.
+ */
+
+static PRUint32
+nssRWLock_GetThreadRank(PRThread *me)
+{
+ thread_rwlock_stack *lock_stack;
+
+ if (nss_thread_rwlock_initialized) {
+ if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL)
+ return (NSS_RWLOCK_RANK_NONE);
+ else
+ return (lock_stack->trs_stack[lock_stack->trs_index - 1]->rw_rank);
+
+ } else
+ return (NSS_RWLOCK_RANK_NONE);
+}
+
+/*
+ * nssRWLock_UnsetThreadRank
+ *
+ * remove the rwlock from the lock stack. Since locks may not be
+ * unlocked in a FIFO order, the entire lock stack is searched.
+ */
+
+static void
+nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock)
+{
+ thread_rwlock_stack *lock_stack;
+ int new_index = 0, index, done = 0;
+
+ if (!nss_thread_rwlock_initialized)
+ return;
+
+ lock_stack = PR_GetThreadPrivate(nss_thread_rwlock);
+
+ PR_ASSERT(lock_stack != NULL);
+
+ index = lock_stack->trs_index - 1;
+ while (index-- >= 0) {
+ if ((lock_stack->trs_stack[index] == rwlock) && !done) {
+ /*
+ * reset the slot for rwlock
+ */
+ lock_stack->trs_stack[index] = NULL;
+ done = 1;
+ }
+ /*
+ * search for the lowest-numbered empty slot, above which there are
+ * no non-empty slots
+ */
+ if ((lock_stack->trs_stack[index] != NULL) && !new_index)
+ new_index = index + 1;
+ if (done && new_index)
+ break;
+ }
+ /*
+ * set top of stack to highest numbered empty slot
+ */
+ lock_stack->trs_index = new_index;
+}
+
+#endif /* NSS_RWLOCK_RANK_ORDER_DEBUG */
diff --git a/security/nss/lib/util/nssrwlk.h b/security/nss/lib/util/nssrwlk.h
new file mode 100644
index 000000000..2ae693122
--- /dev/null
+++ b/security/nss/lib/util/nssrwlk.h
@@ -0,0 +1,132 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+** File: nsrwlock.h
+** Description: API to basic reader-writer lock functions of NSS.
+** These are re-entrant reader writer locks; that is,
+** If I hold the write lock, I can ask for it and get it again.
+** If I hold the write lock, I can also ask for and get a read lock.
+** I can then release the locks in any order (read or write).
+** I must release each lock type as many times as I acquired it.
+** Otherwise, these are normal reader/writer locks.
+**
+** For deadlock detection, locks should be ranked, and no lock may be aquired
+** while I hold a lock of higher rank number.
+** If you don't want that feature, always use NSS_RWLOCK_RANK_NONE.
+** Lock name is for debugging, and is optional (may be NULL)
+**/
+
+#ifndef nssrwlk_h___
+#define nssrwlk_h___
+
+#include "utilrename.h"
+#include "prtypes.h"
+#include "nssrwlkt.h"
+
+#define NSS_RWLOCK_RANK_NONE 0
+
+/* SEC_BEGIN_PROTOS */
+PR_BEGIN_EXTERN_C
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_New
+** DESCRIPTION:
+** Returns a pointer to a newly created reader-writer lock object.
+** INPUTS: Lock rank
+** Lock name
+** OUTPUTS: void
+** RETURN: NSSRWLock*
+** If the lock cannot be created because of resource constraints, NULL
+** is returned.
+**
+***********************************************************************/
+extern NSSRWLock *NSSRWLock_New(PRUint32 lock_rank, const char *lock_name);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_AtomicCreate
+** DESCRIPTION:
+** Given the address of a NULL pointer to a NSSRWLock,
+** atomically initializes that pointer to a newly created NSSRWLock.
+** Returns the value placed into that pointer, or NULL.
+**
+** INPUTS: address of NSRWLock pointer
+** Lock rank
+** Lock name
+** OUTPUTS: NSSRWLock*
+** RETURN: NSSRWLock*
+** If the lock cannot be created because of resource constraints,
+** the pointer will be left NULL.
+**
+***********************************************************************/
+extern NSSRWLock *
+nssRWLock_AtomicCreate(NSSRWLock **prwlock,
+ PRUint32 lock_rank,
+ const char *lock_name);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_Destroy
+** DESCRIPTION:
+** Destroys a given RW lock object.
+** INPUTS: NSSRWLock *lock - Lock to be freed.
+** OUTPUTS: void
+** RETURN: None
+***********************************************************************/
+extern void NSSRWLock_Destroy(NSSRWLock *lock);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_LockRead
+** DESCRIPTION:
+** Apply a read lock (non-exclusive) on a RWLock
+** INPUTS: NSSRWLock *lock - Lock to be read-locked.
+** OUTPUTS: void
+** RETURN: None
+***********************************************************************/
+extern void NSSRWLock_LockRead(NSSRWLock *lock);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_LockWrite
+** DESCRIPTION:
+** Apply a write lock (exclusive) on a RWLock
+** INPUTS: NSSRWLock *lock - Lock to write-locked.
+** OUTPUTS: void
+** RETURN: None
+***********************************************************************/
+extern void NSSRWLock_LockWrite(NSSRWLock *lock);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_UnlockRead
+** DESCRIPTION:
+** Release a Read lock. Unlocking an unlocked lock has undefined results.
+** INPUTS: NSSRWLock *lock - Lock to unlocked.
+** OUTPUTS: void
+** RETURN: void
+***********************************************************************/
+extern void NSSRWLock_UnlockRead(NSSRWLock *lock);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_UnlockWrite
+** DESCRIPTION:
+** Release a Write lock. Unlocking an unlocked lock has undefined results.
+** INPUTS: NSSRWLock *lock - Lock to unlocked.
+** OUTPUTS: void
+** RETURN: void
+***********************************************************************/
+extern void NSSRWLock_UnlockWrite(NSSRWLock *lock);
+
+/***********************************************************************
+** FUNCTION: NSSRWLock_HaveWriteLock
+** DESCRIPTION:
+** Tells caller whether the current thread holds the write lock, or not.
+** INPUTS: NSSRWLock *lock - Lock to test.
+** OUTPUTS: void
+** RETURN: PRBool PR_TRUE IFF the current thread holds the write lock.
+***********************************************************************/
+
+extern PRBool NSSRWLock_HaveWriteLock(NSSRWLock *rwlock);
+
+/* SEC_END_PROTOS */
+PR_END_EXTERN_C
+
+#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/nssrwlkt.h b/security/nss/lib/util/nssrwlkt.h
new file mode 100644
index 000000000..50a4112ed
--- /dev/null
+++ b/security/nss/lib/util/nssrwlkt.h
@@ -0,0 +1,19 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef nssrwlkt_h___
+#define nssrwlkt_h___
+
+#include "utilrename.h"
+#include "nssilock.h"
+/*
+ * NSSRWLock --
+ *
+ * The reader writer lock, NSSRWLock, is an opaque object to the clients
+ * of NSS. All routines operate on a pointer to this opaque entity.
+ */
+
+typedef struct nssRWLockStr NSSRWLock;
+
+#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/nssutil.def b/security/nss/lib/util/nssutil.def
new file mode 100644
index 000000000..e4a65726b
--- /dev/null
+++ b/security/nss/lib/util/nssutil.def
@@ -0,0 +1,292 @@
+;+#
+;+# This Source Code Form is subject to the terms of the Mozilla Public
+;+# License, v. 2.0. If a copy of the MPL was not distributed with this
+;+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;+#
+;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
+;+# 1. For all unix platforms, the string ";-" means "remove this line"
+;+# 2. For all unix platforms, the string " DATA " will be removed from any
+;+# line on which it occurs.
+;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
+;+# On AIX, lines containing ";+" will be removed.
+;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
+;+# 5. For all unix platforms, after the above processing has taken place,
+;+# all characters after the first ";" on the line will be removed.
+;+# And for AIX, the first ";" will also be removed.
+;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
+;+# directives are hidden behind ";", ";+", and ";-"
+;+NSSUTIL_3.12 { # NSS Utilities 3.12 release
+;+ global:
+LIBRARY nssutil3 ;-
+EXPORTS ;-
+ATOB_AsciiToData_Util;
+ATOB_ConvertAsciiToItem_Util;
+BTOA_ConvertItemToAscii_Util;
+BTOA_DataToAscii_Util;
+CERT_GenTime2FormattedAscii_Util;
+DER_AsciiToTime_Util;
+DER_DecodeTimeChoice_Util;
+DER_Encode_Util;
+DER_EncodeTimeChoice_Util;
+DER_GeneralizedDayToAscii_Util;
+DER_GeneralizedTimeToTime_Util;
+DER_GetInteger_Util;
+DER_GetUInteger;
+DER_LengthLength;
+DER_Lengths_Util;
+DER_SetUInteger;
+DER_StoreHeader;
+DER_TimeChoiceDayToAscii_Util;
+DER_TimeToGeneralizedTime_Util;
+DER_TimeToGeneralizedTimeArena_Util;
+DER_TimeToUTCTime_Util;
+DER_UTCDayToAscii_Util;
+DER_UTCTimeToAscii_Util;
+DER_UTCTimeToTime_Util;
+NSS_PutEnv_Util;
+NSSBase64_DecodeBuffer_Util;
+NSSBase64_EncodeItem_Util;
+NSSBase64Decoder_Create_Util;
+NSSBase64Decoder_Destroy_Util;
+NSSBase64Decoder_Update_Util;
+NSSBase64Encoder_Create_Util;
+NSSBase64Encoder_Destroy_Util;
+NSSBase64Encoder_Update_Util;
+NSSRWLock_Destroy_Util;
+NSSRWLock_HaveWriteLock_Util;
+NSSRWLock_LockRead_Util;
+NSSRWLock_LockWrite_Util;
+NSSRWLock_New_Util;
+NSSRWLock_UnlockRead_Util;
+NSSRWLock_UnlockWrite_Util;
+PORT_Alloc_Util;
+PORT_ArenaAlloc_Util;
+PORT_ArenaGrow_Util;
+PORT_ArenaMark_Util;
+PORT_ArenaRelease_Util;
+PORT_ArenaStrdup_Util;
+PORT_ArenaUnmark_Util;
+PORT_ArenaZAlloc_Util;
+PORT_Free_Util;
+PORT_FreeArena_Util;
+PORT_GetError_Util;
+PORT_ISO88591_UTF8Conversion;
+PORT_NewArena_Util;
+PORT_Realloc_Util;
+PORT_RegExpCaseSearch;
+PORT_RegExpValid;
+PORT_SetError_Util;
+PORT_SetUCS2_ASCIIConversionFunction_Util;
+PORT_SetUCS2_UTF8ConversionFunction_Util;
+PORT_SetUCS4_UTF8ConversionFunction_Util;
+PORT_Strdup_Util;
+PORT_UCS2_ASCIIConversion_Util;
+PORT_UCS2_UTF8Conversion_Util;
+PORT_UCS4_UTF8Conversion;
+PORT_ZAlloc_Util;
+PORT_ZFree_Util;
+SEC_ASN1Decode_Util;
+SEC_ASN1DecodeInteger_Util;
+SEC_ASN1DecodeItem_Util;
+SEC_ASN1DecoderAbort_Util;
+SEC_ASN1DecoderClearFilterProc_Util;
+SEC_ASN1DecoderClearNotifyProc_Util;
+SEC_ASN1DecoderFinish_Util;
+SEC_ASN1DecoderSetFilterProc_Util;
+SEC_ASN1DecoderSetNotifyProc_Util;
+SEC_ASN1DecoderStart_Util;
+SEC_ASN1DecoderUpdate_Util;
+SEC_ASN1Encode_Util;
+SEC_ASN1EncodeInteger_Util;
+SEC_ASN1EncodeItem_Util;
+SEC_ASN1EncoderAbort_Util;
+SEC_ASN1EncoderClearNotifyProc_Util;
+SEC_ASN1EncoderClearStreaming_Util;
+SEC_ASN1EncoderClearTakeFromBuf_Util;
+SEC_ASN1EncoderFinish_Util;
+SEC_ASN1EncoderSetNotifyProc_Util;
+SEC_ASN1EncoderSetStreaming_Util;
+SEC_ASN1EncoderSetTakeFromBuf_Util;
+SEC_ASN1EncoderStart_Util;
+SEC_ASN1EncoderUpdate_Util;
+SEC_ASN1EncodeUnsignedInteger_Util;
+SEC_ASN1LengthLength_Util;
+SEC_QuickDERDecodeItem_Util;
+SEC_StringToOID;
+SECITEM_AllocItem_Util;
+SECITEM_ArenaDupItem_Util;
+SECITEM_CompareItem_Util;
+SECITEM_CopyItem_Util;
+SECITEM_DupItem_Util;
+SECITEM_FreeItem_Util;
+SECITEM_Hash;
+SECITEM_HashCompare;
+SECITEM_ItemsAreEqual_Util;
+SECITEM_ZfreeItem_Util;
+SECOID_AddEntry_Util;
+SECOID_CompareAlgorithmID_Util;
+SECOID_CopyAlgorithmID_Util;
+SECOID_DestroyAlgorithmID_Util;
+SECOID_FindOID_Util;
+SECOID_FindOIDByMechanism;
+SECOID_FindOIDByTag_Util;
+SECOID_FindOIDTag_Util;
+SECOID_FindOIDTagDescription_Util;
+SECOID_GetAlgorithmTag_Util;
+SECOID_Init;
+SECOID_KnownCertExtenOID;
+SECOID_SetAlgorithmID_Util;
+SECOID_Shutdown;
+SGN_CompareDigestInfo_Util;
+SGN_CopyDigestInfo_Util;
+SGN_CreateDigestInfo_Util;
+SGN_DecodeDigestInfo;
+SGN_DestroyDigestInfo_Util;
+;+#
+;+# Data objects
+;+#
+;+# Don't export these DATA symbols on Windows because they don't work right.
+;+# Use the SEC_ASN1_GET / SEC_ASN1_SUB / SEC_ASN1_XTRN macros to access them.
+;;SEC_AnyTemplate_Util DATA ;
+;;SEC_BitStringTemplate_Util DATA ;
+;;SEC_BMPStringTemplate_Util DATA ;
+;;SEC_BooleanTemplate_Util DATA ;
+;;SEC_EnumeratedTemplate DATA ;
+;;SEC_GeneralizedTimeTemplate_Util DATA ;
+;;SEC_IA5StringTemplate_Util DATA ;
+;;SEC_IntegerTemplate_Util DATA ;
+;;SEC_NullTemplate_Util DATA ;
+;;SEC_ObjectIDTemplate_Util DATA ;
+;;SEC_OctetStringTemplate_Util DATA ;
+;;SEC_PointerToAnyTemplate_Util DATA ;
+;;SEC_PointerToEnumeratedTemplate DATA ;
+;;SEC_PointerToGeneralizedTimeTemplate DATA ;
+;;SEC_PointerToOctetStringTemplate_Util DATA ;
+;;SEC_PrintableStringTemplate DATA ;
+;;SEC_SequenceOfAnyTemplate DATA ;
+;;SEC_SequenceOfObjectIDTemplate DATA ;
+;;SEC_SetOfAnyTemplate_Util DATA ;
+;;SEC_SkipTemplate DATA ;
+;;SEC_T61StringTemplate DATA ;
+;;SEC_UniversalStringTemplate DATA ;
+;;SEC_UTF8StringTemplate_Util DATA ;
+;;SECOID_AlgorithmIDTemplate_Util DATA ;
+;;sgn_DigestInfoTemplate_Util DATA ;
+NSS_Get_SEC_AnyTemplate_Util;
+NSS_Get_SEC_BitStringTemplate_Util;
+NSS_Get_SEC_BMPStringTemplate_Util;
+NSS_Get_SEC_BooleanTemplate_Util;
+NSS_Get_SEC_EnumeratedTemplate;
+NSS_Get_SEC_GeneralizedTimeTemplate_Util;
+NSS_Get_SEC_IA5StringTemplate_Util;
+NSS_Get_SEC_IntegerTemplate_Util;
+NSS_Get_SEC_NullTemplate_Util;
+NSS_Get_SEC_ObjectIDTemplate_Util;
+NSS_Get_SEC_OctetStringTemplate_Util;
+NSS_Get_SEC_PointerToAnyTemplate_Util;
+NSS_Get_SEC_PointerToEnumeratedTemplate;
+NSS_Get_SEC_PointerToGeneralizedTimeTemplate;
+NSS_Get_SEC_PointerToOctetStringTemplate_Util;
+NSS_Get_SEC_PrintableStringTemplate;
+NSS_Get_SEC_SequenceOfAnyTemplate;
+NSS_Get_SEC_SequenceOfObjectIDTemplate;
+NSS_Get_SEC_SetOfAnyTemplate_Util;
+NSS_Get_SEC_SkipTemplate;
+NSS_Get_SEC_T61StringTemplate;
+NSS_Get_SEC_UniversalStringTemplate;
+NSS_Get_SEC_UTF8StringTemplate_Util;
+NSS_Get_SECOID_AlgorithmIDTemplate_Util;
+NSS_Get_sgn_DigestInfoTemplate_Util;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.12.3 { # NSS Utilities 3.12.3 release
+;+ global:
+NSS_GetAlgorithmPolicy;
+NSS_SetAlgorithmPolicy;
+SECITEM_ReallocItem;
+UTIL_SetForkState;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.12.5 { # NSS Utilities 3.12.5 release
+;+ global:
+NSS_SecureMemcmp;
+PORT_LoadLibraryFromOrigin;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.12.7 { # NSS Utilities 3.12.7 release
+;+ global:
+PORT_RegExpSearch;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.13 { # NSS Utilities 3.13 release
+;+ global:
+NSSUTIL_GetVersion;
+NSS_InitializePRErrorTable;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.14 { # NSS Utilities 3.14 release
+;+ global:
+;+# private exports for softoken
+_NSSUTIL_GetSecmodName;
+_NSSUTIL_EvaluateConfigDir;
+;+# public exports
+NSSUTIL_ArgDecodeNumber;
+NSSUTIL_ArgFetchValue;
+NSSUTIL_ArgGetParamValue;
+NSSUTIL_ArgGetLabel;
+NSSUTIL_ArgHasFlag;
+NSSUTIL_ArgIsBlank;
+NSSUTIL_ArgParseCipherFlags;
+NSSUTIL_ArgParseModuleSpec;
+NSSUTIL_ArgParseSlotFlags;
+NSSUTIL_ArgParseSlotInfo;
+NSSUTIL_ArgReadLong;
+NSSUTIL_ArgSkipParameter;
+NSSUTIL_ArgStrip;
+NSSUTIL_DoModuleDBFunction;
+NSSUTIL_DoubleEscape;
+NSSUTIL_DoubleEscapeSize;
+NSSUTIL_Escape;
+NSSUTIL_EscapeSize;
+NSSUTIL_MkModuleSpec;
+NSSUTIL_MkNSSString;
+NSSUTIL_MkSlotString;
+NSSUTIL_Quote;
+NSSUTIL_QuoteSize;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.15 { # NSS Utilities 3.15 release
+;+ global:
+SECITEM_AllocArray;
+SECITEM_DupArray;
+SECITEM_FreeArray;
+SECITEM_ReallocItemV2;
+SECITEM_ZfreeArray;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.17.1 { # NSS Utilities 3.17.1 release
+;+ global:
+_SGN_VerifyPKCS1DigestInfo;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.21 { # NSS Utilities 3.21 release
+;+ global:
+NSSUTIL_ArgParseModuleSpecEx;
+;+ local:
+;+ *;
+;+};
+;+NSSUTIL_3.24 { # NSS Utilities 3.24 release
+;+ global:
+PORT_InitCheapArena;
+PORT_DestroyCheapArena;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h
new file mode 100644
index 000000000..bf1feae6e
--- /dev/null
+++ b/security/nss/lib/util/nssutil.h
@@ -0,0 +1,41 @@
+/*
+ * NSS utility functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __nssutil_h_
+#define __nssutil_h_
+
+#ifndef RC_INVOKED
+#include "seccomon.h"
+#endif
+
+/*
+ * NSS utilities's major version, minor version, patch level, build number,
+ * and whether this is a beta release.
+ *
+ * The format of the version string should be
+ * "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
+ */
+#define NSSUTIL_VERSION "3.28.6"
+#define NSSUTIL_VMAJOR 3
+#define NSSUTIL_VMINOR 28
+#define NSSUTIL_VPATCH 6
+#define NSSUTIL_VBUILD 0
+#define NSSUTIL_BETA PR_FALSE
+
+SEC_BEGIN_PROTOS
+
+/*
+ * Returns a const string of the UTIL library version.
+ */
+extern const char *NSSUTIL_GetVersion(void);
+
+extern SECStatus
+NSS_InitializePRErrorTable(void);
+
+SEC_END_PROTOS
+
+#endif /* __nssutil_h_ */
diff --git a/security/nss/lib/util/nssutil.rc b/security/nss/lib/util/nssutil.rc
new file mode 100644
index 000000000..65d4e68b2
--- /dev/null
+++ b/security/nss/lib/util/nssutil.rc
@@ -0,0 +1,68 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nssutil.h"
+#include <winver.h>
+
+#define MY_LIBNAME "nssutil"
+#define MY_FILEDESCRIPTION "NSS Utility Library"
+
+#define STRINGIZE(x) #x
+#define STRINGIZE2(x) STRINGIZE(x)
+#define NSSUTIL_VMAJOR_STR STRINGIZE2(NSSUTIL_VMAJOR)
+
+#ifdef _DEBUG
+#define MY_DEBUG_STR " (debug)"
+#define MY_FILEFLAGS_1 VS_FF_DEBUG
+#else
+#define MY_DEBUG_STR ""
+#define MY_FILEFLAGS_1 0x0L
+#endif
+#if NSSUTIL_BETA
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
+#else
+#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
+#endif
+
+#ifdef WINNT
+#define MY_FILEOS VOS_NT_WINDOWS32
+#else
+#define MY_FILEOS VOS__WINDOWS32
+#endif
+
+#define MY_INTERNAL_NAME MY_LIBNAME NSSUTIL_VMAJOR_STR
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version-information resource
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION NSSUTIL_VMAJOR,NSSUTIL_VMINOR,NSSUTIL_VPATCH,NSSUTIL_VBUILD
+ PRODUCTVERSION NSSUTIL_VMAJOR,NSSUTIL_VMINOR,NSSUTIL_VPATCH,NSSUTIL_VBUILD
+ FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
+ FILEFLAGS MY_FILEFLAGS_2
+ FILEOS MY_FILEOS
+ FILETYPE VFT_DLL
+ FILESUBTYPE 0x0L // not used
+
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040904B0" // Lang=US English, CharSet=Unicode
+ BEGIN
+ VALUE "CompanyName", "Mozilla Foundation\0"
+ VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
+ VALUE "FileVersion", NSSUTIL_VERSION "\0"
+ VALUE "InternalName", MY_INTERNAL_NAME "\0"
+ VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
+ VALUE "ProductName", "Network Security Services\0"
+ VALUE "ProductVersion", NSSUTIL_VERSION "\0"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x409, 1200
+ END
+END
diff --git a/security/nss/lib/util/oidstring.c b/security/nss/lib/util/oidstring.c
new file mode 100644
index 000000000..58c8be1c4
--- /dev/null
+++ b/security/nss/lib/util/oidstring.c
@@ -0,0 +1,114 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <string.h>
+#include "secitem.h"
+#include "secport.h"
+#include "secerr.h"
+
+/* if to->data is not NULL, and to->len is large enough to hold the result,
+ * then the resultant OID will be copyed into to->data, and to->len will be
+ * changed to show the actual OID length.
+ * Otherwise, memory for the OID will be allocated (from the caller's
+ * PLArenaPool, if pool is non-NULL) and to->data will receive the address
+ * of the allocated data, and to->len will receive the OID length.
+ * The original value of to->data is not freed when a new buffer is allocated.
+ *
+ * The input string may begin with "OID." and this still be ignored.
+ * The length of the input string is given in len. If len == 0, then
+ * len will be computed as strlen(from), meaning it must be NUL terminated.
+ * It is an error if from == NULL, or if *from == '\0'.
+ */
+
+SECStatus
+SEC_StringToOID(PLArenaPool *pool, SECItem *to, const char *from, PRUint32 len)
+{
+ PRUint32 decimal_numbers = 0;
+ PRUint32 result_bytes = 0;
+ SECStatus rv;
+ PRUint8 result[1024];
+
+ static const PRUint32 max_decimal = (0xffffffff / 10);
+ static const char OIDstring[] = { "OID." };
+
+ if (!from || !to) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ if (!len) {
+ len = PL_strlen(from);
+ }
+ if (len >= 4 && !PL_strncasecmp(from, OIDstring, 4)) {
+ from += 4; /* skip leading "OID." if present */
+ len -= 4;
+ }
+ if (!len) {
+ bad_data:
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ do {
+ PRUint32 decimal = 0;
+ while (len > 0 && isdigit(*from)) {
+ PRUint32 addend = (*from++ - '0');
+ --len;
+ if (decimal > max_decimal) /* overflow */
+ goto bad_data;
+ decimal = (decimal * 10) + addend;
+ if (decimal < addend) /* overflow */
+ goto bad_data;
+ }
+ if (len != 0 && *from != '.') {
+ goto bad_data;
+ }
+ if (decimal_numbers == 0) {
+ if (decimal > 2)
+ goto bad_data;
+ result[0] = decimal * 40;
+ result_bytes = 1;
+ } else if (decimal_numbers == 1) {
+ if (decimal > 40)
+ goto bad_data;
+ result[0] += decimal;
+ } else {
+ /* encode the decimal number, */
+ PRUint8 *rp;
+ PRUint32 num_bytes = 0;
+ PRUint32 tmp = decimal;
+ while (tmp) {
+ num_bytes++;
+ tmp >>= 7;
+ }
+ if (!num_bytes)
+ ++num_bytes; /* use one byte for a zero value */
+ if (num_bytes + result_bytes > sizeof result)
+ goto bad_data;
+ tmp = num_bytes;
+ rp = result + result_bytes - 1;
+ rp[tmp] = (PRUint8)(decimal & 0x7f);
+ decimal >>= 7;
+ while (--tmp > 0) {
+ rp[tmp] = (PRUint8)(decimal | 0x80);
+ decimal >>= 7;
+ }
+ result_bytes += num_bytes;
+ }
+ ++decimal_numbers;
+ if (len > 0) { /* skip trailing '.' */
+ ++from;
+ --len;
+ }
+ } while (len > 0);
+ /* now result contains result_bytes of data */
+ if (to->data && to->len >= result_bytes) {
+ PORT_Memcpy(to->data, result, to->len = result_bytes);
+ rv = SECSuccess;
+ } else {
+ SECItem result_item = { siBuffer, NULL, 0 };
+ result_item.data = result;
+ result_item.len = result_bytes;
+ rv = SECITEM_CopyItem(pool, to, &result_item);
+ }
+ return rv;
+}
diff --git a/security/nss/lib/util/pkcs11.h b/security/nss/lib/util/pkcs11.h
new file mode 100644
index 000000000..bd9812613
--- /dev/null
+++ b/security/nss/lib/util/pkcs11.h
@@ -0,0 +1,252 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
+ * is granted provided that it is identified as "RSA Security In.c Public-Key
+ * Cryptography Standards (PKCS)" in all material mentioning or referencing
+ * this document.
+ *
+ * The latest version of this header can be found at:
+ * http://www.rsalabs.com/pkcs/pkcs-11/index.html
+ */
+#ifndef _PKCS11_H_
+#define _PKCS11_H_ 1
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Before including this file (pkcs11.h) (or pkcs11t.h by
+ * itself), 6 platform-specific macros must be defined. These
+ * macros are described below, and typical definitions for them
+ * are also given. Be advised that these definitions can depend
+ * on both the platform and the compiler used (and possibly also
+ * on whether a PKCS #11 library is linked statically or
+ * dynamically).
+ *
+ * In addition to defining these 6 macros, the packing convention
+ * for PKCS #11 structures should be set. The PKCS #11
+ * convention on packing is that structures should be 1-byte
+ * aligned.
+ *
+ * In a Win32 environment, this might be done by using the
+ * following preprocessor directive before including pkcs11.h
+ * or pkcs11t.h:
+ *
+ * #pragma pack(push, cryptoki, 1)
+ *
+ * and using the following preprocessor directive after including
+ * pkcs11.h or pkcs11t.h:
+ *
+ * #pragma pack(pop, cryptoki)
+ *
+ * In a UNIX environment, you're on your own here. You might
+ * not need to do anything.
+ *
+ *
+ * Now for the macros:
+ *
+ *
+ * 1. CK_PTR: The indirection string for making a pointer to an
+ * object. It can be used like this:
+ *
+ * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
+ *
+ * In a Win32 environment, it might be defined by
+ *
+ * #define CK_PTR *
+ *
+ * In a UNIX environment, it might be defined by
+ *
+ * #define CK_PTR *
+ *
+ *
+ * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
+ * an exportable PKCS #11 library function definition out of a
+ * return type and a function name. It should be used in the
+ * following fashion to define the exposed PKCS #11 functions in
+ * a PKCS #11 library:
+ *
+ * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
+ * CK_VOID_PTR pReserved
+ * )
+ * {
+ * ...
+ * }
+ *
+ * For defining a function in a Win32 PKCS #11 .dll, it might be
+ * defined by
+ *
+ * #define CK_DEFINE_FUNCTION(returnType, name) \
+ * returnType __declspec(dllexport) name
+ *
+ * In a UNIX environment, it might be defined by
+ *
+ * #define CK_DEFINE_FUNCTION(returnType, name) \
+ * returnType name
+ *
+ *
+ * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
+ * an importable PKCS #11 library function declaration out of a
+ * return type and a function name. It should be used in the
+ * following fashion:
+ *
+ * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
+ * CK_VOID_PTR pReserved
+ * );
+ *
+ * For declaring a function in a Win32 PKCS #11 .dll, it might
+ * be defined by
+ *
+ * #define CK_DECLARE_FUNCTION(returnType, name) \
+ * returnType __declspec(dllimport) name
+ *
+ * In a UNIX environment, it might be defined by
+ *
+ * #define CK_DECLARE_FUNCTION(returnType, name) \
+ * returnType name
+ *
+ *
+ * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
+ * which makes a PKCS #11 API function pointer declaration or
+ * function pointer type declaration out of a return type and a
+ * function name. It should be used in the following fashion:
+ *
+ * // Define funcPtr to be a pointer to a PKCS #11 API function
+ * // taking arguments args and returning CK_RV.
+ * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
+ *
+ * or
+ *
+ * // Define funcPtrType to be the type of a pointer to a
+ * // PKCS #11 API function taking arguments args and returning
+ * // CK_RV, and then define funcPtr to be a variable of type
+ * // funcPtrType.
+ * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
+ * funcPtrType funcPtr;
+ *
+ * For accessing functions in a Win32 PKCS #11 .dll, in might be
+ * defined by
+ *
+ * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
+ * returnType __declspec(dllimport) (* name)
+ *
+ * In a UNIX environment, it might be defined by
+ *
+ * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
+ * returnType (* name)
+ *
+ *
+ * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
+ * a function pointer type for an application callback out of
+ * a return type for the callback and a name for the callback.
+ * It should be used in the following fashion:
+ *
+ * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
+ *
+ * to declare a function pointer, myCallback, to a callback
+ * which takes arguments args and returns a CK_RV. It can also
+ * be used like this:
+ *
+ * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
+ * myCallbackType myCallback;
+ *
+ * In a Win32 environment, it might be defined by
+ *
+ * #define CK_CALLBACK_FUNCTION(returnType, name) \
+ * returnType (* name)
+ *
+ * In a UNIX environment, it might be defined by
+ *
+ * #define CK_CALLBACK_FUNCTION(returnType, name) \
+ * returnType (* name)
+ *
+ *
+ * 6. NULL_PTR: This macro is the value of a NULL pointer.
+ *
+ * In any ANSI/ISO C environment (and in many others as well),
+ * this should be defined by
+ *
+ * #ifndef NULL_PTR
+ * #define NULL_PTR 0
+ * #endif
+ */
+
+/* All the various PKCS #11 types and #define'd values are in the
+ * file pkcs11t.h. */
+#include "pkcs11t.h"
+
+#define __PASTE(x, y) x##y
+
+/* packing defines */
+#include "pkcs11p.h"
+/* ==============================================================
+ * Define the "extern" form of all the entry points.
+ * ==============================================================
+ */
+
+#define CK_NEED_ARG_LIST 1
+#define CK_PKCS11_FUNCTION_INFO(name) \
+ CK_DECLARE_FUNCTION(CK_RV, name)
+
+/* pkcs11f.h has all the information about the PKCS #11
+ * function prototypes. */
+#include "pkcs11f.h"
+
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+/* ==============================================================
+ * Define the typedef form of all the entry points. That is, for
+ * each PKCS #11 function C_XXX, define a type CK_C_XXX which is
+ * a pointer to that kind of function.
+ * ==============================================================
+ */
+
+#define CK_NEED_ARG_LIST 1
+#define CK_PKCS11_FUNCTION_INFO(name) \
+ typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_, name))
+
+/* pkcs11f.h has all the information about the PKCS #11
+ * function prototypes. */
+#include "pkcs11f.h"
+
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+/* ==============================================================
+ * Define structed vector of entry points. A CK_FUNCTION_LIST
+ * contains a CK_VERSION indicating a library's PKCS #11 version
+ * and then a whole slew of function pointers to the routines in
+ * the library. This type was declared, but not defined, in
+ * pkcs11t.h.
+ * ==============================================================
+ */
+
+#define CK_PKCS11_FUNCTION_INFO(name) \
+ __PASTE(CK_, name) \
+ name;
+
+struct CK_FUNCTION_LIST {
+
+ CK_VERSION version; /* PKCS #11 version */
+
+/* Pile all the function pointers into the CK_FUNCTION_LIST. */
+/* pkcs11f.h has all the information about the PKCS #11
+ * function prototypes. */
+#include "pkcs11f.h"
+};
+
+#undef CK_PKCS11_FUNCTION_INFO
+
+#undef __PASTE
+
+/* unpack */
+#include "pkcs11u.h"
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/security/nss/lib/util/pkcs11f.h b/security/nss/lib/util/pkcs11f.h
new file mode 100644
index 000000000..e79e1259d
--- /dev/null
+++ b/security/nss/lib/util/pkcs11f.h
@@ -0,0 +1,812 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
+ * is granted provided that it is identified as "RSA Security In.c Public-Key
+ * Cryptography Standards (PKCS)" in all material mentioning or referencing
+ * this document.
+ */
+/* This function contains pretty much everything about all the */
+/* PKCS #11 function prototypes. Because this information is */
+/* used for more than just declaring function prototypes, the */
+/* order of the functions appearing herein is important, and */
+/* should not be altered. */
+
+/* General-purpose */
+
+/* C_Initialize initializes the PKCS #11 library. */
+CK_PKCS11_FUNCTION_INFO(C_Initialize)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
+ * cast to CK_C_INITIALIZE_ARGS_PTR
+ * and dereferenced */
+ );
+#endif
+
+/* C_Finalize indicates that an application is done with the
+ * PKCS #11 library. */
+CK_PKCS11_FUNCTION_INFO(C_Finalize)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
+ );
+#endif
+
+/* C_GetInfo returns general information about PKCS #11. */
+CK_PKCS11_FUNCTION_INFO(C_GetInfo)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_INFO_PTR pInfo /* location that receives information */
+ );
+#endif
+
+/* C_GetFunctionList returns the function list. */
+CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
+ * function list */
+ );
+#endif
+
+/* Slot and token management */
+
+/* C_GetSlotList obtains a list of slots in the system. */
+CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_BBOOL tokenPresent, /* only slots with tokens? */
+ CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
+ CK_ULONG_PTR pulCount /* receives number of slots */
+ );
+#endif
+
+/* C_GetSlotInfo obtains information about a particular slot in
+ * the system. */
+CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SLOT_ID slotID, /* the ID of the slot */
+ CK_SLOT_INFO_PTR pInfo /* receives the slot information */
+ );
+#endif
+
+/* C_GetTokenInfo obtains information about a particular token
+ * in the system. */
+CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SLOT_ID slotID, /* ID of the token's slot */
+ CK_TOKEN_INFO_PTR pInfo /* receives the token information */
+ );
+#endif
+
+/* C_GetMechanismList obtains a list of mechanism types
+ * supported by a token. */
+CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SLOT_ID slotID, /* ID of token's slot */
+ CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
+ CK_ULONG_PTR pulCount /* gets # of mechs. */
+ );
+#endif
+
+/* C_GetMechanismInfo obtains information about a particular
+ * mechanism possibly supported by a token. */
+CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SLOT_ID slotID, /* ID of the token's slot */
+ CK_MECHANISM_TYPE type, /* type of mechanism */
+ CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
+ );
+#endif
+
+/* C_InitToken initializes a token. */
+CK_PKCS11_FUNCTION_INFO(C_InitToken)
+#ifdef CK_NEED_ARG_LIST
+/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
+(
+ CK_SLOT_ID slotID, /* ID of the token's slot */
+ CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
+ CK_ULONG ulPinLen, /* length in bytes of the PIN */
+ CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
+ );
+#endif
+
+/* C_InitPIN initializes the normal user's PIN. */
+CK_PKCS11_FUNCTION_INFO(C_InitPIN)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
+ CK_ULONG ulPinLen /* length in bytes of the PIN */
+ );
+#endif
+
+/* C_SetPIN modifies the PIN of the user who is logged in. */
+CK_PKCS11_FUNCTION_INFO(C_SetPIN)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
+ CK_ULONG ulOldLen, /* length of the old PIN */
+ CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
+ CK_ULONG ulNewLen /* length of the new PIN */
+ );
+#endif
+
+/* Session management */
+
+/* C_OpenSession opens a session between an application and a
+ * token. */
+CK_PKCS11_FUNCTION_INFO(C_OpenSession)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SLOT_ID slotID, /* the slot's ID */
+ CK_FLAGS flags, /* from CK_SESSION_INFO */
+ CK_VOID_PTR pApplication, /* passed to callback */
+ CK_NOTIFY Notify, /* callback function */
+ CK_SESSION_HANDLE_PTR phSession /* gets session handle */
+ );
+#endif
+
+/* C_CloseSession closes a session between an application and a
+ * token. */
+CK_PKCS11_FUNCTION_INFO(C_CloseSession)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession /* the session's handle */
+ );
+#endif
+
+/* C_CloseAllSessions closes all sessions with a token. */
+CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SLOT_ID slotID /* the token's slot */
+ );
+#endif
+
+/* C_GetSessionInfo obtains information about the session. */
+CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_SESSION_INFO_PTR pInfo /* receives session info */
+ );
+#endif
+
+/* C_GetOperationState obtains the state of the cryptographic operation
+ * in a session. */
+CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pOperationState, /* gets state */
+ CK_ULONG_PTR pulOperationStateLen /* gets state length */
+ );
+#endif
+
+/* C_SetOperationState restores the state of the cryptographic
+ * operation in a session. */
+CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pOperationState, /* holds state */
+ CK_ULONG ulOperationStateLen, /* holds state length */
+ CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
+ CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
+ );
+#endif
+
+/* C_Login logs a user into a token. */
+CK_PKCS11_FUNCTION_INFO(C_Login)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_USER_TYPE userType, /* the user type */
+ CK_UTF8CHAR_PTR pPin, /* the user's PIN */
+ CK_ULONG ulPinLen /* the length of the PIN */
+ );
+#endif
+
+/* C_Logout logs a user out from a token. */
+CK_PKCS11_FUNCTION_INFO(C_Logout)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession /* the session's handle */
+ );
+#endif
+
+/* Object management */
+
+/* C_CreateObject creates a new object. */
+CK_PKCS11_FUNCTION_INFO(C_CreateObject)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
+ CK_ULONG ulCount, /* attributes in template */
+ CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
+ );
+#endif
+
+/* C_CopyObject copies an object, creating a new object for the
+ * copy. */
+CK_PKCS11_FUNCTION_INFO(C_CopyObject)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_OBJECT_HANDLE hObject, /* the object's handle */
+ CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
+ CK_ULONG ulCount, /* attributes in template */
+ CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
+ );
+#endif
+
+/* C_DestroyObject destroys an object. */
+CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_OBJECT_HANDLE hObject /* the object's handle */
+ );
+#endif
+
+/* C_GetObjectSize gets the size of an object in bytes. */
+CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_OBJECT_HANDLE hObject, /* the object's handle */
+ CK_ULONG_PTR pulSize /* receives size of object */
+ );
+#endif
+
+/* C_GetAttributeValue obtains the value of one or more object
+ * attributes. */
+CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_OBJECT_HANDLE hObject, /* the object's handle */
+ CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
+ CK_ULONG ulCount /* attributes in template */
+ );
+#endif
+
+/* C_SetAttributeValue modifies the value of one or more object
+ * attributes */
+CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_OBJECT_HANDLE hObject, /* the object's handle */
+ CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
+ CK_ULONG ulCount /* attributes in template */
+ );
+#endif
+
+/* C_FindObjectsInit initializes a search for token and session
+ * objects that match a template. */
+CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
+ CK_ULONG ulCount /* attrs in search template */
+ );
+#endif
+
+/* C_FindObjects continues a search for token and session
+ * objects that match a template, obtaining additional object
+ * handles. */
+CK_PKCS11_FUNCTION_INFO(C_FindObjects)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
+ CK_ULONG ulMaxObjectCount, /* max handles to get */
+ CK_ULONG_PTR pulObjectCount /* actual # returned */
+ );
+#endif
+
+/* C_FindObjectsFinal finishes a search for token and session
+ * objects. */
+CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession /* the session's handle */
+ );
+#endif
+
+/* Encryption and decryption */
+
+/* C_EncryptInit initializes an encryption operation. */
+CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
+ CK_OBJECT_HANDLE hKey /* handle of encryption key */
+ );
+#endif
+
+/* C_Encrypt encrypts single-part data. */
+CK_PKCS11_FUNCTION_INFO(C_Encrypt)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pData, /* the plaintext data */
+ CK_ULONG ulDataLen, /* bytes of plaintext */
+ CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
+ CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
+ );
+#endif
+
+/* C_EncryptUpdate continues a multiple-part encryption
+ * operation. */
+CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pPart, /* the plaintext data */
+ CK_ULONG ulPartLen, /* plaintext data len */
+ CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
+ CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
+ );
+#endif
+
+/* C_EncryptFinal finishes a multiple-part encryption
+ * operation. */
+CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session handle */
+ CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
+ CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
+ );
+#endif
+
+/* C_DecryptInit initializes a decryption operation. */
+CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
+ CK_OBJECT_HANDLE hKey /* handle of decryption key */
+ );
+#endif
+
+/* C_Decrypt decrypts encrypted data in a single part. */
+CK_PKCS11_FUNCTION_INFO(C_Decrypt)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pEncryptedData, /* ciphertext */
+ CK_ULONG ulEncryptedDataLen, /* ciphertext length */
+ CK_BYTE_PTR pData, /* gets plaintext */
+ CK_ULONG_PTR pulDataLen /* gets p-text size */
+ );
+#endif
+
+/* C_DecryptUpdate continues a multiple-part decryption
+ * operation. */
+CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pEncryptedPart, /* encrypted data */
+ CK_ULONG ulEncryptedPartLen, /* input length */
+ CK_BYTE_PTR pPart, /* gets plaintext */
+ CK_ULONG_PTR pulPartLen /* p-text size */
+ );
+#endif
+
+/* C_DecryptFinal finishes a multiple-part decryption
+ * operation. */
+CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pLastPart, /* gets plaintext */
+ CK_ULONG_PTR pulLastPartLen /* p-text size */
+ );
+#endif
+
+/* Message digesting */
+
+/* C_DigestInit initializes a message-digesting operation. */
+CK_PKCS11_FUNCTION_INFO(C_DigestInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
+ );
+#endif
+
+/* C_Digest digests data in a single part. */
+CK_PKCS11_FUNCTION_INFO(C_Digest)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pData, /* data to be digested */
+ CK_ULONG ulDataLen, /* bytes of data to digest */
+ CK_BYTE_PTR pDigest, /* gets the message digest */
+ CK_ULONG_PTR pulDigestLen /* gets digest length */
+ );
+#endif
+
+/* C_DigestUpdate continues a multiple-part message-digesting
+ * operation. */
+CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pPart, /* data to be digested */
+ CK_ULONG ulPartLen /* bytes of data to be digested */
+ );
+#endif
+
+/* C_DigestKey continues a multi-part message-digesting
+ * operation, by digesting the value of a secret key as part of
+ * the data already digested. */
+CK_PKCS11_FUNCTION_INFO(C_DigestKey)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_OBJECT_HANDLE hKey /* secret key to digest */
+ );
+#endif
+
+/* C_DigestFinal finishes a multiple-part message-digesting
+ * operation. */
+CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pDigest, /* gets the message digest */
+ CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
+ );
+#endif
+
+/* Signing and MACing */
+
+/* C_SignInit initializes a signature (private key encryption)
+ * operation, where the signature is (will be) an appendix to
+ * the data, and plaintext cannot be recovered from the
+ *signature. */
+CK_PKCS11_FUNCTION_INFO(C_SignInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
+ CK_OBJECT_HANDLE hKey /* handle of signature key */
+ );
+#endif
+
+/* C_Sign signs (encrypts with private key) data in a single
+ * part, where the signature is (will be) an appendix to the
+ * data, and plaintext cannot be recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_Sign)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pData, /* the data to sign */
+ CK_ULONG ulDataLen, /* count of bytes to sign */
+ CK_BYTE_PTR pSignature, /* gets the signature */
+ CK_ULONG_PTR pulSignatureLen /* gets signature length */
+ );
+#endif
+
+/* C_SignUpdate continues a multiple-part signature operation,
+ * where the signature is (will be) an appendix to the data,
+ * and plaintext cannot be recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pPart, /* the data to sign */
+ CK_ULONG ulPartLen /* count of bytes to sign */
+ );
+#endif
+
+/* C_SignFinal finishes a multiple-part signature operation,
+ * returning the signature. */
+CK_PKCS11_FUNCTION_INFO(C_SignFinal)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pSignature, /* gets the signature */
+ CK_ULONG_PTR pulSignatureLen /* gets signature length */
+ );
+#endif
+
+/* C_SignRecoverInit initializes a signature operation, where
+ * the data can be recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
+ CK_OBJECT_HANDLE hKey /* handle of the signature key */
+ );
+#endif
+
+/* C_SignRecover signs data in a single operation, where the
+ * data can be recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_SignRecover)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pData, /* the data to sign */
+ CK_ULONG ulDataLen, /* count of bytes to sign */
+ CK_BYTE_PTR pSignature, /* gets the signature */
+ CK_ULONG_PTR pulSignatureLen /* gets signature length */
+ );
+#endif
+
+/* Verifying signatures and MACs */
+
+/* C_VerifyInit initializes a verification operation, where the
+ * signature is an appendix to the data, and plaintext cannot
+ * cannot be recovered from the signature (e.g. DSA). */
+CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
+ CK_OBJECT_HANDLE hKey /* verification key */
+ );
+#endif
+
+/* C_Verify verifies a signature in a single-part operation,
+ * where the signature is an appendix to the data, and plaintext
+ * cannot be recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_Verify)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pData, /* signed data */
+ CK_ULONG ulDataLen, /* length of signed data */
+ CK_BYTE_PTR pSignature, /* signature */
+ CK_ULONG ulSignatureLen /* signature length*/
+ );
+#endif
+
+/* C_VerifyUpdate continues a multiple-part verification
+ * operation, where the signature is an appendix to the data,
+ * and plaintext cannot be recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pPart, /* signed data */
+ CK_ULONG ulPartLen /* length of signed data */
+ );
+#endif
+
+/* C_VerifyFinal finishes a multiple-part verification
+ * operation, checking the signature. */
+CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pSignature, /* signature to verify */
+ CK_ULONG ulSignatureLen /* signature length */
+ );
+#endif
+
+/* C_VerifyRecoverInit initializes a signature verification
+ * operation, where the data is recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
+ CK_OBJECT_HANDLE hKey /* verification key */
+ );
+#endif
+
+/* C_VerifyRecover verifies a signature in a single-part
+ * operation, where the data is recovered from the signature. */
+CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pSignature, /* signature to verify */
+ CK_ULONG ulSignatureLen, /* signature length */
+ CK_BYTE_PTR pData, /* gets signed data */
+ CK_ULONG_PTR pulDataLen /* gets signed data len */
+ );
+#endif
+
+/* Dual-function cryptographic operations */
+
+/* C_DigestEncryptUpdate continues a multiple-part digesting
+ * and encryption operation. */
+CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pPart, /* the plaintext data */
+ CK_ULONG ulPartLen, /* plaintext length */
+ CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
+ CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
+ );
+#endif
+
+/* C_DecryptDigestUpdate continues a multiple-part decryption and
+ * digesting operation. */
+CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pEncryptedPart, /* ciphertext */
+ CK_ULONG ulEncryptedPartLen, /* ciphertext length */
+ CK_BYTE_PTR pPart, /* gets plaintext */
+ CK_ULONG_PTR pulPartLen /* gets plaintext len */
+ );
+#endif
+
+/* C_SignEncryptUpdate continues a multiple-part signing and
+ * encryption operation. */
+CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pPart, /* the plaintext data */
+ CK_ULONG ulPartLen, /* plaintext length */
+ CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
+ CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
+ );
+#endif
+
+/* C_DecryptVerifyUpdate continues a multiple-part decryption and
+ * verify operation. */
+CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_BYTE_PTR pEncryptedPart, /* ciphertext */
+ CK_ULONG ulEncryptedPartLen, /* ciphertext length */
+ CK_BYTE_PTR pPart, /* gets plaintext */
+ CK_ULONG_PTR pulPartLen /* gets p-text length */
+ );
+#endif
+
+/* Key management */
+
+/* C_GenerateKey generates a secret key, creating a new key
+ * object. */
+CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* key generation mech. */
+ CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
+ CK_ULONG ulCount, /* # of attrs in template */
+ CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
+ );
+#endif
+
+/* C_GenerateKeyPair generates a public-key/private-key pair,
+ * creating new key objects. */
+CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session handle */
+ CK_MECHANISM_PTR pMechanism, /* key-gen mech. */
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */
+ CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */
+ CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */
+ CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */
+ CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */
+ );
+#endif
+
+/* C_WrapKey wraps (i.e., encrypts) a key. */
+CK_PKCS11_FUNCTION_INFO(C_WrapKey)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
+ CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
+ CK_OBJECT_HANDLE hKey, /* key to be wrapped */
+ CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
+ CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
+ );
+#endif
+
+/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
+ * key object. */
+CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
+ CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
+ CK_BYTE_PTR pWrappedKey, /* the wrapped key */
+ CK_ULONG ulWrappedKeyLen, /* wrapped key len */
+ CK_ATTRIBUTE_PTR pTemplate, /* new key template */
+ CK_ULONG ulAttributeCount, /* template length */
+ CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
+ );
+#endif
+
+/* C_DeriveKey derives a key from a base key, creating a new key
+ * object. */
+CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* session's handle */
+ CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
+ CK_OBJECT_HANDLE hBaseKey, /* base key */
+ CK_ATTRIBUTE_PTR pTemplate, /* new key template */
+ CK_ULONG ulAttributeCount, /* template length */
+ CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
+ );
+#endif
+
+/* Random number generation */
+
+/* C_SeedRandom mixes additional seed material into the token's
+ * random number generator. */
+CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR pSeed, /* the seed material */
+ CK_ULONG ulSeedLen /* length of seed material */
+ );
+#endif
+
+/* C_GenerateRandom generates random data. */
+CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_BYTE_PTR RandomData, /* receives the random data */
+ CK_ULONG ulRandomLen /* # of bytes to generate */
+ );
+#endif
+
+/* Parallel function management */
+
+/* C_GetFunctionStatus is a legacy function; it obtains an
+ * updated status of a function running in parallel with an
+ * application. */
+CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession /* the session's handle */
+ );
+#endif
+
+/* C_CancelFunction is a legacy function; it cancels a function
+ * running in parallel. */
+CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_SESSION_HANDLE hSession /* the session's handle */
+ );
+#endif
+
+/* Functions added in for PKCS #11 Version 2.01 or later */
+
+/* C_WaitForSlotEvent waits for a slot event (token insertion,
+ * removal, etc.) to occur. */
+CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
+#ifdef CK_NEED_ARG_LIST
+(
+ CK_FLAGS flags, /* blocking/nonblocking flag */
+ CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
+ CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
+ );
+#endif
diff --git a/security/nss/lib/util/pkcs11n.h b/security/nss/lib/util/pkcs11n.h
new file mode 100644
index 000000000..ebb812222
--- /dev/null
+++ b/security/nss/lib/util/pkcs11n.h
@@ -0,0 +1,501 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _PKCS11N_H_
+#define _PKCS11N_H_
+
+/*
+ * pkcs11n.h
+ *
+ * This file contains the NSS-specific type definitions for Cryptoki
+ * (PKCS#11).
+ */
+
+/*
+ * NSSCK_VENDOR_NSS
+ *
+ * Cryptoki reserves the high half of all the number spaces for
+ * vendor-defined use. I'd like to keep all of our NSS-
+ * specific values together, but not in the oh-so-obvious
+ * 0x80000001, 0x80000002, etc. area. So I've picked an offset,
+ * and constructed values for the beginnings of our spaces.
+ *
+ * Note that some "historical" Netscape values don't fall within
+ * this range.
+ */
+#define NSSCK_VENDOR_NSS 0x4E534350 /* NSCP */
+
+/*
+ * NSS-defined object classes
+ *
+ */
+#define CKO_NSS (CKO_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+#define CKO_NSS_CRL (CKO_NSS + 1)
+#define CKO_NSS_SMIME (CKO_NSS + 2)
+#define CKO_NSS_TRUST (CKO_NSS + 3)
+#define CKO_NSS_BUILTIN_ROOT_LIST (CKO_NSS + 4)
+#define CKO_NSS_NEWSLOT (CKO_NSS + 5)
+#define CKO_NSS_DELSLOT (CKO_NSS + 6)
+
+/*
+ * NSS-defined key types
+ *
+ */
+#define CKK_NSS (CKK_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+#define CKK_NSS_PKCS8 (CKK_NSS + 1)
+
+#define CKK_NSS_JPAKE_ROUND1 (CKK_NSS + 2)
+#define CKK_NSS_JPAKE_ROUND2 (CKK_NSS + 3)
+
+#define CKK_NSS_CHACHA20 (CKK_NSS + 4)
+
+/*
+ * NSS-defined certificate types
+ *
+ */
+#define CKC_NSS (CKC_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+/* FAKE PKCS #11 defines */
+#define CKA_DIGEST 0x81000000L
+#define CKA_FLAGS_ONLY 0 /* CKA_CLASS */
+
+/*
+ * NSS-defined object attributes
+ *
+ */
+#define CKA_NSS (CKA_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+#define CKA_NSS_URL (CKA_NSS + 1)
+#define CKA_NSS_EMAIL (CKA_NSS + 2)
+#define CKA_NSS_SMIME_INFO (CKA_NSS + 3)
+#define CKA_NSS_SMIME_TIMESTAMP (CKA_NSS + 4)
+#define CKA_NSS_PKCS8_SALT (CKA_NSS + 5)
+#define CKA_NSS_PASSWORD_CHECK (CKA_NSS + 6)
+#define CKA_NSS_EXPIRES (CKA_NSS + 7)
+#define CKA_NSS_KRL (CKA_NSS + 8)
+
+#define CKA_NSS_PQG_COUNTER (CKA_NSS + 20)
+#define CKA_NSS_PQG_SEED (CKA_NSS + 21)
+#define CKA_NSS_PQG_H (CKA_NSS + 22)
+#define CKA_NSS_PQG_SEED_BITS (CKA_NSS + 23)
+#define CKA_NSS_MODULE_SPEC (CKA_NSS + 24)
+#define CKA_NSS_OVERRIDE_EXTENSIONS (CKA_NSS + 25)
+
+#define CKA_NSS_JPAKE_SIGNERID (CKA_NSS + 26)
+#define CKA_NSS_JPAKE_PEERID (CKA_NSS + 27)
+#define CKA_NSS_JPAKE_GX1 (CKA_NSS + 28)
+#define CKA_NSS_JPAKE_GX2 (CKA_NSS + 29)
+#define CKA_NSS_JPAKE_GX3 (CKA_NSS + 30)
+#define CKA_NSS_JPAKE_GX4 (CKA_NSS + 31)
+#define CKA_NSS_JPAKE_X2 (CKA_NSS + 32)
+#define CKA_NSS_JPAKE_X2S (CKA_NSS + 33)
+
+/*
+ * Trust attributes:
+ *
+ * If trust goes standard, these probably will too. So I'll
+ * put them all in one place.
+ */
+
+#define CKA_TRUST (CKA_NSS + 0x2000)
+
+/* "Usage" key information */
+#define CKA_TRUST_DIGITAL_SIGNATURE (CKA_TRUST + 1)
+#define CKA_TRUST_NON_REPUDIATION (CKA_TRUST + 2)
+#define CKA_TRUST_KEY_ENCIPHERMENT (CKA_TRUST + 3)
+#define CKA_TRUST_DATA_ENCIPHERMENT (CKA_TRUST + 4)
+#define CKA_TRUST_KEY_AGREEMENT (CKA_TRUST + 5)
+#define CKA_TRUST_KEY_CERT_SIGN (CKA_TRUST + 6)
+#define CKA_TRUST_CRL_SIGN (CKA_TRUST + 7)
+
+/* "Purpose" trust information */
+#define CKA_TRUST_SERVER_AUTH (CKA_TRUST + 8)
+#define CKA_TRUST_CLIENT_AUTH (CKA_TRUST + 9)
+#define CKA_TRUST_CODE_SIGNING (CKA_TRUST + 10)
+#define CKA_TRUST_EMAIL_PROTECTION (CKA_TRUST + 11)
+#define CKA_TRUST_IPSEC_END_SYSTEM (CKA_TRUST + 12)
+#define CKA_TRUST_IPSEC_TUNNEL (CKA_TRUST + 13)
+#define CKA_TRUST_IPSEC_USER (CKA_TRUST + 14)
+#define CKA_TRUST_TIME_STAMPING (CKA_TRUST + 15)
+#define CKA_TRUST_STEP_UP_APPROVED (CKA_TRUST + 16)
+
+#define CKA_CERT_SHA1_HASH (CKA_TRUST + 100)
+#define CKA_CERT_MD5_HASH (CKA_TRUST + 101)
+
+/* NSS trust stuff */
+
+/* HISTORICAL: define used to pass in the database key for DSA private keys */
+#define CKA_NETSCAPE_DB 0xD5A0DB00L
+#define CKA_NETSCAPE_TRUST 0x80000001L
+
+/* FAKE PKCS #11 defines */
+#define CKM_FAKE_RANDOM 0x80000efeUL
+#define CKM_INVALID_MECHANISM 0xffffffffUL
+
+/*
+ * NSS-defined crypto mechanisms
+ *
+ */
+#define CKM_NSS (CKM_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+#define CKM_NSS_AES_KEY_WRAP (CKM_NSS + 1)
+#define CKM_NSS_AES_KEY_WRAP_PAD (CKM_NSS + 2)
+
+/* HKDF key derivation mechanisms. See CK_NSS_HKDFParams for documentation. */
+#define CKM_NSS_HKDF_SHA1 (CKM_NSS + 3)
+#define CKM_NSS_HKDF_SHA256 (CKM_NSS + 4)
+#define CKM_NSS_HKDF_SHA384 (CKM_NSS + 5)
+#define CKM_NSS_HKDF_SHA512 (CKM_NSS + 6)
+
+/* J-PAKE round 1 key generation mechanisms.
+ *
+ * Required template attributes: CKA_PRIME, CKA_SUBPRIME, CKA_BASE,
+ * CKA_NSS_JPAKE_SIGNERID
+ * Output key type: CKK_NSS_JPAKE_ROUND1
+ * Output key class: CKO_PRIVATE_KEY
+ * Parameter type: CK_NSS_JPAKERound1Params
+ *
+ */
+#define CKM_NSS_JPAKE_ROUND1_SHA1 (CKM_NSS + 7)
+#define CKM_NSS_JPAKE_ROUND1_SHA256 (CKM_NSS + 8)
+#define CKM_NSS_JPAKE_ROUND1_SHA384 (CKM_NSS + 9)
+#define CKM_NSS_JPAKE_ROUND1_SHA512 (CKM_NSS + 10)
+
+/* J-PAKE round 2 key derivation mechanisms.
+ *
+ * Required template attributes: CKA_NSS_JPAKE_PEERID
+ * Input key type: CKK_NSS_JPAKE_ROUND1
+ * Output key type: CKK_NSS_JPAKE_ROUND2
+ * Output key class: CKO_PRIVATE_KEY
+ * Parameter type: CK_NSS_JPAKERound2Params
+ */
+#define CKM_NSS_JPAKE_ROUND2_SHA1 (CKM_NSS + 11)
+#define CKM_NSS_JPAKE_ROUND2_SHA256 (CKM_NSS + 12)
+#define CKM_NSS_JPAKE_ROUND2_SHA384 (CKM_NSS + 13)
+#define CKM_NSS_JPAKE_ROUND2_SHA512 (CKM_NSS + 14)
+
+/* J-PAKE final key material derivation mechanisms
+ *
+ * Input key type: CKK_NSS_JPAKE_ROUND2
+ * Output key type: CKK_GENERIC_SECRET
+ * Output key class: CKO_SECRET_KEY
+ * Parameter type: CK_NSS_JPAKEFinalParams
+ *
+ * You must apply a KDF (e.g. CKM_NSS_HKDF_*) to resultant keying material
+ * to get a key with uniformly distributed bits.
+ */
+#define CKM_NSS_JPAKE_FINAL_SHA1 (CKM_NSS + 15)
+#define CKM_NSS_JPAKE_FINAL_SHA256 (CKM_NSS + 16)
+#define CKM_NSS_JPAKE_FINAL_SHA384 (CKM_NSS + 17)
+#define CKM_NSS_JPAKE_FINAL_SHA512 (CKM_NSS + 18)
+
+/* Constant-time MAC mechanisms:
+ *
+ * These operations verify a padded, MAC-then-encrypt block of data in
+ * constant-time. Because of the order of operations, the padding bytes are not
+ * protected by the MAC. However, disclosing the value of the padding bytes
+ * gives an attacker the ability to decrypt ciphertexts. Such disclosure can be
+ * as subtle as taking slightly less time to perform the MAC when the padding
+ * is one byte longer. See https://www.isg.rhul.ac.uk/tls/
+ *
+ * CKM_NSS_HMAC_CONSTANT_TIME: performs an HMAC authentication.
+ * CKM_NSS_SSL3_MAC_CONSTANT_TIME: performs an authentication with SSLv3 MAC.
+ *
+ * Parameter type: CK_NSS_MAC_CONSTANT_TIME_PARAMS
+ */
+#define CKM_NSS_HMAC_CONSTANT_TIME (CKM_NSS + 19)
+#define CKM_NSS_SSL3_MAC_CONSTANT_TIME (CKM_NSS + 20)
+
+/* TLS 1.2 mechanisms */
+#define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21)
+#define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22)
+#define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23)
+#define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24)
+
+/* TLS extended master secret derivation */
+#define CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE (CKM_NSS + 25)
+#define CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH (CKM_NSS + 26)
+
+#define CKM_NSS_CHACHA20_KEY_GEN (CKM_NSS + 27)
+#define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 28)
+
+/*
+ * HISTORICAL:
+ * Do not attempt to use these. They are only used by NETSCAPE's internal
+ * PKCS #11 interface. Most of these are place holders for other mechanism
+ * and will change in the future.
+ */
+#define CKM_NETSCAPE_PBE_SHA1_DES_CBC 0x80000002UL
+#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC 0x80000003UL
+#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC 0x80000004UL
+#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC 0x80000005UL
+#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 0x80000006UL
+#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 0x80000007UL
+#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC 0x80000008UL
+#define CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN 0x80000009UL
+#define CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN 0x8000000aUL
+#define CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN 0x8000000bUL
+
+#define CKM_TLS_PRF_GENERAL 0x80000373UL
+
+typedef struct CK_NSS_JPAKEPublicValue {
+ CK_BYTE *pGX;
+ CK_ULONG ulGXLen;
+ CK_BYTE *pGV;
+ CK_ULONG ulGVLen;
+ CK_BYTE *pR;
+ CK_ULONG ulRLen;
+} CK_NSS_JPAKEPublicValue;
+
+typedef struct CK_NSS_JPAKERound1Params {
+ CK_NSS_JPAKEPublicValue gx1; /* out */
+ CK_NSS_JPAKEPublicValue gx2; /* out */
+} CK_NSS_JPAKERound1Params;
+
+typedef struct CK_NSS_JPAKERound2Params {
+ CK_BYTE *pSharedKey; /* in */
+ CK_ULONG ulSharedKeyLen; /* in */
+ CK_NSS_JPAKEPublicValue gx3; /* in */
+ CK_NSS_JPAKEPublicValue gx4; /* in */
+ CK_NSS_JPAKEPublicValue A; /* out */
+} CK_NSS_JPAKERound2Params;
+
+typedef struct CK_NSS_JPAKEFinalParams {
+ CK_NSS_JPAKEPublicValue B; /* in */
+} CK_NSS_JPAKEFinalParams;
+
+/* macAlg: the MAC algorithm to use. This determines the hash function used in
+ * the HMAC/SSLv3 MAC calculations.
+ * ulBodyTotalLen: the total length of the data, including padding bytes and
+ * padding length.
+ * pHeader: points to a block of data that contains additional data to
+ * authenticate. For TLS this includes the sequence number etc. For SSLv3,
+ * this also includes the initial padding bytes.
+ *
+ * NOTE: the softoken's implementation of CKM_NSS_HMAC_CONSTANT_TIME and
+ * CKM_NSS_SSL3_MAC_CONSTANT_TIME requires that the sum of ulBodyTotalLen
+ * and ulHeaderLen be much smaller than 2^32 / 8 bytes because it uses an
+ * unsigned int variable to represent the length in bits. This should not
+ * be a problem because the SSL/TLS protocol limits the size of an SSL
+ * record to something considerably less than 2^32 bytes.
+ */
+typedef struct CK_NSS_MAC_CONSTANT_TIME_PARAMS {
+ CK_MECHANISM_TYPE macAlg; /* in */
+ CK_ULONG ulBodyTotalLen; /* in */
+ CK_BYTE *pHeader; /* in */
+ CK_ULONG ulHeaderLen; /* in */
+} CK_NSS_MAC_CONSTANT_TIME_PARAMS;
+
+typedef struct CK_NSS_AEAD_PARAMS {
+ CK_BYTE_PTR pNonce;
+ CK_ULONG ulNonceLen;
+ CK_BYTE_PTR pAAD;
+ CK_ULONG ulAADLen;
+ CK_ULONG ulTagLen;
+} CK_NSS_AEAD_PARAMS;
+
+/*
+ * NSS-defined return values
+ *
+ */
+#define CKR_NSS (CKM_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+#define CKR_NSS_CERTDB_FAILED (CKR_NSS + 1)
+#define CKR_NSS_KEYDB_FAILED (CKR_NSS + 2)
+
+/* Mandatory parameter for the CKM_NSS_HKDF_* key deriviation mechanisms.
+ See RFC 5869.
+
+ bExtract: If set, HKDF-Extract will be applied to the input key. If
+ the optional salt is given, it is used; otherwise, the salt is
+ set to a sequence of zeros equal in length to the HMAC output.
+ If bExpand is not set, then the key template given to
+ C_DeriveKey must indicate an output key size less than or equal
+ to the output size of the HMAC.
+
+ bExpand: If set, HKDF-Expand will be applied to the input key (if
+ bExtract is not set) or to the result of HKDF-Extract (if
+ bExtract is set). Any info given in the optional pInfo field will
+ be included in the calculation.
+
+ The size of the output key must be specified in the template passed to
+ C_DeriveKey.
+*/
+typedef struct CK_NSS_HKDFParams {
+ CK_BBOOL bExtract;
+ CK_BYTE_PTR pSalt;
+ CK_ULONG ulSaltLen;
+ CK_BBOOL bExpand;
+ CK_BYTE_PTR pInfo;
+ CK_ULONG ulInfoLen;
+} CK_NSS_HKDFParams;
+
+/*
+ * Parameter for the TLS extended master secret key derivation mechanisms:
+ *
+ * * CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE
+ * * CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH
+ *
+ * For the TLS 1.2 PRF, the prfHashMechanism parameter determines the hash
+ * function used. For earlier versions of the PRF, set the prfHashMechanism
+ * value to CKM_TLS_PRF.
+ *
+ * The session hash input is expected to be the output of the same hash
+ * function as the PRF uses (as required by draft-ietf-tls-session-hash). So
+ * the ulSessionHashLen member must be equal the output length of the hash
+ * function specified by the prfHashMechanism member (or, for pre-TLS 1.2 PRF,
+ * the length of concatenated MD5 and SHA-1 digests).
+ *
+ */
+typedef struct CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS {
+ CK_MECHANISM_TYPE prfHashMechanism;
+ CK_BYTE_PTR pSessionHash;
+ CK_ULONG ulSessionHashLen;
+ CK_VERSION_PTR pVersion;
+} CK_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_PARAMS;
+
+/*
+ * Trust info
+ *
+ * This isn't part of the Cryptoki standard (yet), so I'm putting
+ * all the definitions here. Some of this would move to nssckt.h
+ * if trust info were made part of the standard. In view of this
+ * possibility, I'm putting my (NSS) values in the NSS
+ * vendor space, like everything else.
+ */
+
+typedef CK_ULONG CK_TRUST;
+
+/* The following trust types are defined: */
+#define CKT_VENDOR_DEFINED 0x80000000
+
+#define CKT_NSS (CKT_VENDOR_DEFINED | NSSCK_VENDOR_NSS)
+
+/* If trust goes standard, these'll probably drop out of vendor space. */
+#define CKT_NSS_TRUSTED (CKT_NSS + 1)
+#define CKT_NSS_TRUSTED_DELEGATOR (CKT_NSS + 2)
+#define CKT_NSS_MUST_VERIFY_TRUST (CKT_NSS + 3)
+#define CKT_NSS_NOT_TRUSTED (CKT_NSS + 10)
+#define CKT_NSS_TRUST_UNKNOWN (CKT_NSS + 5) /* default */
+
+/*
+ * These may well remain NSS-specific; I'm only using them
+ * to cache resolution data.
+ */
+#define CKT_NSS_VALID_DELEGATOR (CKT_NSS + 11)
+
+/*
+ * old definitions. They still exist, but the plain meaning of the
+ * labels have never been accurate to what was really implemented.
+ * The new labels correctly reflect what the values effectively mean.
+ */
+#if defined(__GNUC__) && (__GNUC__ > 3)
+/* make GCC warn when we use these #defines */
+/*
+ * This is really painful because GCC doesn't allow us to mark random
+ * #defines as deprecated. We can only mark the following:
+ * functions, variables, and types.
+ * const variables will create extra storage for everyone including this
+ * header file, so it's undesirable.
+ * functions could be inlined to prevent storage creation, but will fail
+ * when constant values are expected (like switch statements).
+ * enum types do not seem to pay attention to the deprecated attribute.
+ *
+ * That leaves typedefs. We declare new types that we then deprecate, then
+ * cast the resulting value to the deprecated type in the #define, thus
+ * producting the warning when the #define is used.
+ */
+#if (__GNUC__ == 4) && (__GNUC_MINOR__ < 5)
+/* The mac doesn't like the friendlier deprecate messages. I'm assuming this
+ * is a gcc version issue rather than mac or ppc specific */
+typedef CK_TRUST __CKT_NSS_UNTRUSTED __attribute__((deprecated));
+typedef CK_TRUST __CKT_NSS_VALID __attribute__((deprecated));
+typedef CK_TRUST __CKT_NSS_MUST_VERIFY __attribute__((deprecated));
+#else
+/* when possible, get a full deprecation warning. This works on gcc 4.5
+ * it may work on earlier versions of gcc */
+typedef CK_TRUST __CKT_NSS_UNTRUSTED __attribute__((deprecated("CKT_NSS_UNTRUSTED really means CKT_NSS_MUST_VERIFY_TRUST")));
+typedef CK_TRUST __CKT_NSS_VALID __attribute__((deprecated("CKT_NSS_VALID really means CKT_NSS_NOT_TRUSTED")));
+typedef CK_TRUST __CKT_NSS_MUST_VERIFY __attribute__((deprecated("CKT_NSS_MUST_VERIFY really functions as CKT_NSS_TRUST_UNKNOWN")));
+#endif
+#define CKT_NSS_UNTRUSTED ((__CKT_NSS_UNTRUSTED)CKT_NSS_MUST_VERIFY_TRUST)
+#define CKT_NSS_VALID ((__CKT_NSS_VALID)CKT_NSS_NOT_TRUSTED)
+/* keep the old value for compatibility reasons*/
+#define CKT_NSS_MUST_VERIFY ((__CKT_NSS_MUST_VERIFY)(CKT_NSS + 4))
+#else
+#ifdef _WIN32
+/* This magic gets the windows compiler to give us a deprecation
+ * warning */
+#pragma deprecated(CKT_NSS_UNTRUSTED, CKT_NSS_MUST_VERIFY, CKT_NSS_VALID)
+#endif
+/* CKT_NSS_UNTRUSTED really means CKT_NSS_MUST_VERIFY_TRUST */
+#define CKT_NSS_UNTRUSTED CKT_NSS_MUST_VERIFY_TRUST
+/* CKT_NSS_VALID really means CKT_NSS_NOT_TRUSTED */
+#define CKT_NSS_VALID CKT_NSS_NOT_TRUSTED
+/* CKT_NSS_MUST_VERIFY was always treated as CKT_NSS_TRUST_UNKNOWN */
+#define CKT_NSS_MUST_VERIFY (CKT_NSS + 4) /*really means trust unknown*/
+#endif
+
+/* don't leave old programs in a lurch just yet, give them the old NETSCAPE
+ * synonym */
+#define CKO_NETSCAPE_CRL CKO_NSS_CRL
+#define CKO_NETSCAPE_SMIME CKO_NSS_SMIME
+#define CKO_NETSCAPE_TRUST CKO_NSS_TRUST
+#define CKO_NETSCAPE_BUILTIN_ROOT_LIST CKO_NSS_BUILTIN_ROOT_LIST
+#define CKO_NETSCAPE_NEWSLOT CKO_NSS_NEWSLOT
+#define CKO_NETSCAPE_DELSLOT CKO_NSS_DELSLOT
+#define CKK_NETSCAPE_PKCS8 CKK_NSS_PKCS8
+#define CKA_NETSCAPE_URL CKA_NSS_URL
+#define CKA_NETSCAPE_EMAIL CKA_NSS_EMAIL
+#define CKA_NETSCAPE_SMIME_INFO CKA_NSS_SMIME_INFO
+#define CKA_NETSCAPE_SMIME_TIMESTAMP CKA_NSS_SMIME_TIMESTAMP
+#define CKA_NETSCAPE_PKCS8_SALT CKA_NSS_PKCS8_SALT
+#define CKA_NETSCAPE_PASSWORD_CHECK CKA_NSS_PASSWORD_CHECK
+#define CKA_NETSCAPE_EXPIRES CKA_NSS_EXPIRES
+#define CKA_NETSCAPE_KRL CKA_NSS_KRL
+#define CKA_NETSCAPE_PQG_COUNTER CKA_NSS_PQG_COUNTER
+#define CKA_NETSCAPE_PQG_SEED CKA_NSS_PQG_SEED
+#define CKA_NETSCAPE_PQG_H CKA_NSS_PQG_H
+#define CKA_NETSCAPE_PQG_SEED_BITS CKA_NSS_PQG_SEED_BITS
+#define CKA_NETSCAPE_MODULE_SPEC CKA_NSS_MODULE_SPEC
+#define CKM_NETSCAPE_AES_KEY_WRAP CKM_NSS_AES_KEY_WRAP
+#define CKM_NETSCAPE_AES_KEY_WRAP_PAD CKM_NSS_AES_KEY_WRAP_PAD
+#define CKR_NETSCAPE_CERTDB_FAILED CKR_NSS_CERTDB_FAILED
+#define CKR_NETSCAPE_KEYDB_FAILED CKR_NSS_KEYDB_FAILED
+
+#define CKT_NETSCAPE_TRUSTED CKT_NSS_TRUSTED
+#define CKT_NETSCAPE_TRUSTED_DELEGATOR CKT_NSS_TRUSTED_DELEGATOR
+#define CKT_NETSCAPE_UNTRUSTED CKT_NSS_UNTRUSTED
+#define CKT_NETSCAPE_MUST_VERIFY CKT_NSS_MUST_VERIFY
+#define CKT_NETSCAPE_TRUST_UNKNOWN CKT_NSS_TRUST_UNKNOWN
+#define CKT_NETSCAPE_VALID CKT_NSS_VALID
+#define CKT_NETSCAPE_VALID_DELEGATOR CKT_NSS_VALID_DELEGATOR
+
+/*
+ * These are not really PKCS #11 values specifically. They are the 'loadable'
+ * module spec NSS uses. The are available for others to use as well, but not
+ * part of the formal PKCS #11 spec.
+ *
+ * The function 'FIND' returns an array of PKCS #11 initialization strings
+ * The function 'ADD' takes a PKCS #11 initialization string and stores it.
+ * The function 'DEL' takes a 'name= library=' value and deletes the associated
+ * string.
+ * The function 'RELEASE' frees the array returned by 'FIND'
+ */
+#define SECMOD_MODULE_DB_FUNCTION_FIND 0
+#define SECMOD_MODULE_DB_FUNCTION_ADD 1
+#define SECMOD_MODULE_DB_FUNCTION_DEL 2
+#define SECMOD_MODULE_DB_FUNCTION_RELEASE 3
+typedef char **(PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
+ char *parameters, void *moduleSpec);
+
+/* softoken slot ID's */
+#define SFTK_MIN_USER_SLOT_ID 4
+#define SFTK_MAX_USER_SLOT_ID 100
+#define SFTK_MIN_FIPS_USER_SLOT_ID 101
+#define SFTK_MAX_FIPS_USER_SLOT_ID 127
+
+#endif /* _PKCS11N_H_ */
diff --git a/security/nss/lib/util/pkcs11p.h b/security/nss/lib/util/pkcs11p.h
new file mode 100644
index 000000000..2e904ee50
--- /dev/null
+++ b/security/nss/lib/util/pkcs11p.h
@@ -0,0 +1,21 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
+ * is granted provided that it is identified as "RSA Security Inc. Public-Key
+ * Cryptography Standards (PKCS)" in all material mentioning or referencing
+ * this document.
+ */
+/* these data types are platform/implementation dependent. */
+/*
+ * Packing was removed from the shipped RSA header files, even
+ * though it's still needed. put in a central file to help merging..
+ */
+
+#if defined(_WIN32)
+#ifdef _MSC_VER
+#pragma warning(disable : 4103)
+#endif
+#pragma pack(push, cryptoki, 1)
+#endif
diff --git a/security/nss/lib/util/pkcs11t.h b/security/nss/lib/util/pkcs11t.h
new file mode 100644
index 000000000..c945f314e
--- /dev/null
+++ b/security/nss/lib/util/pkcs11t.h
@@ -0,0 +1,1800 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/* License to copy and use this software is granted provided that it is
+ * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
+ * (Cryptoki)" in all material mentioning or referencing this software.
+
+ * License is also granted to make and use derivative works provided that
+ * such works are identified as "derived from the RSA Security Inc. PKCS #11
+ * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
+ * referencing the derived work.
+
+ * RSA Security Inc. makes no representations concerning either the
+ * merchantability of this software or the suitability of this software for
+ * any particular purpose. It is provided "as is" without express or implied
+ * warranty of any kind.
+ */
+
+#ifndef _PKCS11T_H_
+#define _PKCS11T_H_ 1
+
+#define CK_TRUE 1
+#define CK_FALSE 0
+
+#include "prtypes.h"
+
+#define CK_PTR *
+#define CK_NULL_PTR 0
+#define CK_CALLBACK_FUNCTION(rtype, func) rtype(PR_CALLBACK *func)
+#define CK_DECLARE_FUNCTION(rtype, func) extern rtype func
+#define CK_DECLARE_FUNCTION_POINTER(rtype, func) rtype(PR_CALLBACK *func)
+
+#define CK_INVALID_SESSION 0
+
+/* an unsigned 8-bit value */
+typedef unsigned char CK_BYTE;
+
+/* an unsigned 8-bit character */
+typedef CK_BYTE CK_CHAR;
+
+/* an 8-bit UTF-8 character */
+typedef CK_BYTE CK_UTF8CHAR;
+
+/* a BYTE-sized Boolean flag */
+typedef CK_BYTE CK_BBOOL;
+
+/* an unsigned value, at least 32 bits long */
+typedef unsigned long int CK_ULONG;
+
+/* a signed value, the same size as a CK_ULONG */
+/* CK_LONG is new for v2.0 */
+typedef long int CK_LONG;
+
+/* at least 32 bits; each bit is a Boolean flag */
+typedef CK_ULONG CK_FLAGS;
+
+/* some special values for certain CK_ULONG variables */
+#define CK_UNAVAILABLE_INFORMATION (~0UL)
+#define CK_EFFECTIVELY_INFINITE 0
+
+typedef CK_BYTE CK_PTR CK_BYTE_PTR;
+typedef CK_CHAR CK_PTR CK_CHAR_PTR;
+typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
+typedef CK_ULONG CK_PTR CK_ULONG_PTR;
+typedef void CK_PTR CK_VOID_PTR;
+
+/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
+typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
+
+/* The following value is always invalid if used as a session */
+/* handle or object handle */
+#define CK_INVALID_HANDLE 0
+
+/* pack */
+#include "pkcs11p.h"
+
+typedef struct CK_VERSION {
+ CK_BYTE major; /* integer portion of version number */
+ CK_BYTE minor; /* 1/100ths portion of version number */
+} CK_VERSION;
+
+typedef CK_VERSION CK_PTR CK_VERSION_PTR;
+
+typedef struct CK_INFO {
+ /* manufacturerID and libraryDecription have been changed from
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */
+ CK_VERSION cryptokiVersion; /* PKCS #11 interface ver */
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */
+ CK_FLAGS flags; /* must be zero */
+
+ /* libraryDescription and libraryVersion are new for v2.0 */
+ CK_UTF8CHAR libraryDescription[32]; /* blank padded */
+ CK_VERSION libraryVersion; /* version of library */
+} CK_INFO;
+
+typedef CK_INFO CK_PTR CK_INFO_PTR;
+
+/* CK_NOTIFICATION enumerates the types of notifications that
+ * PKCS #11 provides to an application */
+/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
+ * for v2.0 */
+typedef CK_ULONG CK_NOTIFICATION;
+#define CKN_SURRENDER 0
+
+typedef CK_ULONG CK_SLOT_ID;
+
+typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
+
+/* CK_SLOT_INFO provides information about a slot */
+typedef struct CK_SLOT_INFO {
+ /* slotDescription and manufacturerID have been changed from
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */
+ CK_UTF8CHAR slotDescription[64]; /* blank padded */
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */
+ CK_FLAGS flags;
+
+ /* hardwareVersion and firmwareVersion are new for v2.0 */
+ CK_VERSION hardwareVersion; /* version of hardware */
+ CK_VERSION firmwareVersion; /* version of firmware */
+} CK_SLOT_INFO;
+
+/* flags: bit flags that provide capabilities of the slot
+ * Bit Flag Mask Meaning
+ */
+#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
+#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
+#define CKF_HW_SLOT 0x00000004 /* hardware slot */
+
+typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
+
+/* CK_TOKEN_INFO provides information about a token */
+typedef struct CK_TOKEN_INFO {
+ /* label, manufacturerID, and model have been changed from
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */
+ CK_UTF8CHAR label[32]; /* blank padded */
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */
+ CK_UTF8CHAR model[16]; /* blank padded */
+ CK_CHAR serialNumber[16]; /* blank padded */
+ CK_FLAGS flags; /* see below */
+
+ /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
+ * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
+ * changed from CK_USHORT to CK_ULONG for v2.0 */
+ CK_ULONG ulMaxSessionCount; /* max open sessions */
+ CK_ULONG ulSessionCount; /* sess. now open */
+ CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
+ CK_ULONG ulRwSessionCount; /* R/W sess. now open */
+ CK_ULONG ulMaxPinLen; /* in bytes */
+ CK_ULONG ulMinPinLen; /* in bytes */
+ CK_ULONG ulTotalPublicMemory; /* in bytes */
+ CK_ULONG ulFreePublicMemory; /* in bytes */
+ CK_ULONG ulTotalPrivateMemory; /* in bytes */
+ CK_ULONG ulFreePrivateMemory; /* in bytes */
+
+ /* hardwareVersion, firmwareVersion, and time are new for
+ * v2.0 */
+ CK_VERSION hardwareVersion; /* version of hardware */
+ CK_VERSION firmwareVersion; /* version of firmware */
+ CK_CHAR utcTime[16]; /* time */
+} CK_TOKEN_INFO;
+
+/* The flags parameter is defined as follows:
+ * Bit Flag Mask Meaning
+ */
+#define CKF_RNG 0x00000001 /* has random # \
+ * generator */
+#define CKF_WRITE_PROTECTED 0x00000002 /* token is \
+ * write- \
+ * protected */
+#define CKF_LOGIN_REQUIRED 0x00000004 /* user must \
+ * login */
+#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's \
+ * PIN is set */
+
+/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
+ * that means that *every* time the state of cryptographic
+ * operations of a session is successfully saved, all keys
+ * needed to continue those operations are stored in the state */
+#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
+
+/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
+ * that the token has some sort of clock. The time on that
+ * clock is returned in the token info structure */
+#define CKF_CLOCK_ON_TOKEN 0x00000040
+
+/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
+ * set, that means that there is some way for the user to login
+ * without sending a PIN through the PKCS #11 library itself */
+#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
+
+/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
+ * that means that a single session with the token can perform
+ * dual simultaneous cryptographic operations (digest and
+ * encrypt; decrypt and digest; sign and encrypt; and decrypt
+ * and sign) */
+#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
+
+/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
+ * token has been initialized using C_InitializeToken or an
+ * equivalent mechanism outside the scope of PKCS #11.
+ * Calling C_InitializeToken when this flag is set will cause
+ * the token to be reinitialized. */
+#define CKF_TOKEN_INITIALIZED 0x00000400
+
+/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
+ * true, the token supports secondary authentication for
+ * private key objects. This flag is deprecated in v2.11 and
+ onwards. */
+#define CKF_SECONDARY_AUTHENTICATION 0x00000800
+
+/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
+ * incorrect user login PIN has been entered at least once
+ * since the last successful authentication. */
+#define CKF_USER_PIN_COUNT_LOW 0x00010000
+
+/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
+ * supplying an incorrect user PIN will it to become locked. */
+#define CKF_USER_PIN_FINAL_TRY 0x00020000
+
+/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
+ * user PIN has been locked. User login to the token is not
+ * possible. */
+#define CKF_USER_PIN_LOCKED 0x00040000
+
+/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
+ * the user PIN value is the default value set by token
+ * initialization or manufacturing, or the PIN has been
+ * expired by the card. */
+#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
+
+/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
+ * incorrect SO login PIN has been entered at least once since
+ * the last successful authentication. */
+#define CKF_SO_PIN_COUNT_LOW 0x00100000
+
+/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
+ * supplying an incorrect SO PIN will it to become locked. */
+#define CKF_SO_PIN_FINAL_TRY 0x00200000
+
+/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
+ * PIN has been locked. SO login to the token is not possible.
+ */
+#define CKF_SO_PIN_LOCKED 0x00400000
+
+/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
+ * the SO PIN value is the default value set by token
+ * initialization or manufacturing, or the PIN has been
+ * expired by the card. */
+#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
+
+typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
+
+/* CK_SESSION_HANDLE is a PKCS #11-assigned value that
+ * identifies a session */
+typedef CK_ULONG CK_SESSION_HANDLE;
+
+typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
+
+/* CK_USER_TYPE enumerates the types of PKCS #11 users */
+/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
+ * v2.0 */
+typedef CK_ULONG CK_USER_TYPE;
+/* Security Officer */
+#define CKU_SO 0
+/* Normal user */
+#define CKU_USER 1
+/* Context specific (added in v2.20) */
+#define CKU_CONTEXT_SPECIFIC 2
+
+/* CK_STATE enumerates the session states */
+/* CK_STATE has been changed from an enum to a CK_ULONG for
+ * v2.0 */
+typedef CK_ULONG CK_STATE;
+#define CKS_RO_PUBLIC_SESSION 0
+#define CKS_RO_USER_FUNCTIONS 1
+#define CKS_RW_PUBLIC_SESSION 2
+#define CKS_RW_USER_FUNCTIONS 3
+#define CKS_RW_SO_FUNCTIONS 4
+
+/* CK_SESSION_INFO provides information about a session */
+typedef struct CK_SESSION_INFO {
+ CK_SLOT_ID slotID;
+ CK_STATE state;
+ CK_FLAGS flags; /* see below */
+
+ /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
+ * v2.0 */
+ CK_ULONG ulDeviceError; /* device-dependent error code */
+} CK_SESSION_INFO;
+
+/* The flags are defined in the following table:
+ * Bit Flag Mask Meaning
+ */
+#define CKF_RW_SESSION 0x00000002 /* session is r/w */
+#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
+
+typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
+
+/* CK_OBJECT_HANDLE is a token-specific identifier for an
+ * object */
+typedef CK_ULONG CK_OBJECT_HANDLE;
+
+typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
+
+/* CK_OBJECT_CLASS is a value that identifies the classes (or
+ * types) of objects that PKCS #11 recognizes. It is defined
+ * as follows: */
+/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
+ * v2.0 */
+typedef CK_ULONG CK_OBJECT_CLASS;
+
+/* The following classes of objects are defined: */
+/* CKO_HW_FEATURE is new for v2.10 */
+/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
+/* CKO_MECHANISM is new for v2.20 */
+#define CKO_DATA 0x00000000
+#define CKO_CERTIFICATE 0x00000001
+#define CKO_PUBLIC_KEY 0x00000002
+#define CKO_PRIVATE_KEY 0x00000003
+#define CKO_SECRET_KEY 0x00000004
+#define CKO_HW_FEATURE 0x00000005
+#define CKO_DOMAIN_PARAMETERS 0x00000006
+#define CKO_MECHANISM 0x00000007
+#define CKO_VENDOR_DEFINED 0x80000000
+
+typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
+
+/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
+ * value that identifies the hardware feature type of an object
+ * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
+typedef CK_ULONG CK_HW_FEATURE_TYPE;
+
+/* The following hardware feature types are defined */
+/* CKH_USER_INTERFACE is new for v2.20 */
+#define CKH_MONOTONIC_COUNTER 0x00000001
+#define CKH_CLOCK 0x00000002
+#define CKH_USER_INTERFACE 0x00000003
+#define CKH_VENDOR_DEFINED 0x80000000
+
+/* CK_KEY_TYPE is a value that identifies a key type */
+/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
+typedef CK_ULONG CK_KEY_TYPE;
+
+/* the following key types are defined: */
+#define CKK_RSA 0x00000000
+#define CKK_DSA 0x00000001
+#define CKK_DH 0x00000002
+
+/* CKK_ECDSA and CKK_KEA are new for v2.0 */
+/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
+#define CKK_ECDSA 0x00000003
+#define CKK_EC 0x00000003
+#define CKK_X9_42_DH 0x00000004
+#define CKK_KEA 0x00000005
+
+#define CKK_GENERIC_SECRET 0x00000010
+#define CKK_RC2 0x00000011
+#define CKK_RC4 0x00000012
+#define CKK_DES 0x00000013
+#define CKK_DES2 0x00000014
+#define CKK_DES3 0x00000015
+
+/* all these key types are new for v2.0 */
+#define CKK_CAST 0x00000016
+#define CKK_CAST3 0x00000017
+/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
+#define CKK_CAST5 0x00000018
+#define CKK_CAST128 0x00000018
+#define CKK_RC5 0x00000019
+#define CKK_IDEA 0x0000001A
+#define CKK_SKIPJACK 0x0000001B
+#define CKK_BATON 0x0000001C
+#define CKK_JUNIPER 0x0000001D
+#define CKK_CDMF 0x0000001E
+#define CKK_AES 0x0000001F
+
+/* BlowFish and TwoFish are new for v2.20 */
+#define CKK_BLOWFISH 0x00000020
+#define CKK_TWOFISH 0x00000021
+
+/* Camellia is proposed for v2.20 Amendment 3 */
+#define CKK_CAMELLIA 0x00000025
+
+#define CKK_SEED 0x00000026
+
+#define CKK_VENDOR_DEFINED 0x80000000
+
+/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
+ * type */
+/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
+ * for v2.0 */
+typedef CK_ULONG CK_CERTIFICATE_TYPE;
+
+/* The following certificate types are defined: */
+/* CKC_X_509_ATTR_CERT is new for v2.10 */
+/* CKC_WTLS is new for v2.20 */
+#define CKC_X_509 0x00000000
+#define CKC_X_509_ATTR_CERT 0x00000001
+#define CKC_WTLS 0x00000002
+#define CKC_VENDOR_DEFINED 0x80000000
+
+/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
+ * type */
+/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
+ * v2.0 */
+typedef CK_ULONG CK_ATTRIBUTE_TYPE;
+
+/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
+ consists of an array of values. */
+#define CKF_ARRAY_ATTRIBUTE 0x40000000
+
+/* The following attribute types are defined: */
+#define CKA_CLASS 0x00000000
+#define CKA_TOKEN 0x00000001
+#define CKA_PRIVATE 0x00000002
+#define CKA_LABEL 0x00000003
+#define CKA_APPLICATION 0x00000010
+#define CKA_VALUE 0x00000011
+
+/* CKA_OBJECT_ID is new for v2.10 */
+#define CKA_OBJECT_ID 0x00000012
+
+#define CKA_CERTIFICATE_TYPE 0x00000080
+#define CKA_ISSUER 0x00000081
+#define CKA_SERIAL_NUMBER 0x00000082
+
+/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
+ * for v2.10 */
+#define CKA_AC_ISSUER 0x00000083
+#define CKA_OWNER 0x00000084
+#define CKA_ATTR_TYPES 0x00000085
+
+/* CKA_TRUSTED is new for v2.11 */
+#define CKA_TRUSTED 0x00000086
+
+/* CKA_CERTIFICATE_CATEGORY ...
+ * CKA_CHECK_VALUE are new for v2.20 */
+#define CKA_CERTIFICATE_CATEGORY 0x00000087
+#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088
+#define CKA_URL 0x00000089
+#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A
+#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B
+#define CKA_CHECK_VALUE 0x00000090
+
+#define CKA_KEY_TYPE 0x00000100
+#define CKA_SUBJECT 0x00000101
+#define CKA_ID 0x00000102
+#define CKA_SENSITIVE 0x00000103
+#define CKA_ENCRYPT 0x00000104
+#define CKA_DECRYPT 0x00000105
+#define CKA_WRAP 0x00000106
+#define CKA_UNWRAP 0x00000107
+#define CKA_SIGN 0x00000108
+#define CKA_SIGN_RECOVER 0x00000109
+#define CKA_VERIFY 0x0000010A
+#define CKA_VERIFY_RECOVER 0x0000010B
+#define CKA_DERIVE 0x0000010C
+#define CKA_START_DATE 0x00000110
+#define CKA_END_DATE 0x00000111
+#define CKA_MODULUS 0x00000120
+#define CKA_MODULUS_BITS 0x00000121
+#define CKA_PUBLIC_EXPONENT 0x00000122
+#define CKA_PRIVATE_EXPONENT 0x00000123
+#define CKA_PRIME_1 0x00000124
+#define CKA_PRIME_2 0x00000125
+#define CKA_EXPONENT_1 0x00000126
+#define CKA_EXPONENT_2 0x00000127
+#define CKA_COEFFICIENT 0x00000128
+#define CKA_PRIME 0x00000130
+#define CKA_SUBPRIME 0x00000131
+#define CKA_BASE 0x00000132
+
+/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
+#define CKA_PRIME_BITS 0x00000133
+#define CKA_SUBPRIME_BITS 0x00000134
+#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
+/* (To retain backwards-compatibility) */
+
+#define CKA_VALUE_BITS 0x00000160
+#define CKA_VALUE_LEN 0x00000161
+
+/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
+ * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
+ * and CKA_EC_POINT are new for v2.0 */
+#define CKA_EXTRACTABLE 0x00000162
+#define CKA_LOCAL 0x00000163
+#define CKA_NEVER_EXTRACTABLE 0x00000164
+#define CKA_ALWAYS_SENSITIVE 0x00000165
+
+/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
+#define CKA_KEY_GEN_MECHANISM 0x00000166
+
+#define CKA_MODIFIABLE 0x00000170
+
+/* CKA_ECDSA_PARAMS is deprecated in v2.11,
+ * CKA_EC_PARAMS is preferred. */
+#define CKA_ECDSA_PARAMS 0x00000180
+#define CKA_EC_PARAMS 0x00000180
+
+#define CKA_EC_POINT 0x00000181
+
+/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
+ * are new for v2.10. Deprecated in v2.11 and onwards. */
+#define CKA_SECONDARY_AUTH 0x00000200
+#define CKA_AUTH_PIN_FLAGS 0x00000201
+
+/* CKA_ALWAYS_AUTHENTICATE ...
+ * CKA_UNWRAP_TEMPLATE are new for v2.20 */
+#define CKA_ALWAYS_AUTHENTICATE 0x00000202
+
+#define CKA_WRAP_WITH_TRUSTED 0x00000210
+#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x00000211)
+#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x00000212)
+
+/* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
+ * are new for v2.10 */
+#define CKA_HW_FEATURE_TYPE 0x00000300
+#define CKA_RESET_ON_INIT 0x00000301
+#define CKA_HAS_RESET 0x00000302
+
+/* The following attributes are new for v2.20 */
+#define CKA_PIXEL_X 0x00000400
+#define CKA_PIXEL_Y 0x00000401
+#define CKA_RESOLUTION 0x00000402
+#define CKA_CHAR_ROWS 0x00000403
+#define CKA_CHAR_COLUMNS 0x00000404
+#define CKA_COLOR 0x00000405
+#define CKA_BITS_PER_PIXEL 0x00000406
+#define CKA_CHAR_SETS 0x00000480
+#define CKA_ENCODING_METHODS 0x00000481
+#define CKA_MIME_TYPES 0x00000482
+#define CKA_MECHANISM_TYPE 0x00000500
+#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501
+#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502
+#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503
+#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x00000600)
+
+#define CKA_VENDOR_DEFINED 0x80000000
+
+/* CK_ATTRIBUTE is a structure that includes the type, length
+ * and value of an attribute */
+typedef struct CK_ATTRIBUTE {
+ CK_ATTRIBUTE_TYPE type;
+ CK_VOID_PTR pValue;
+
+ /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
+ CK_ULONG ulValueLen; /* in bytes */
+} CK_ATTRIBUTE;
+
+typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
+
+/* CK_DATE is a structure that defines a date */
+typedef struct CK_DATE {
+ CK_CHAR year[4]; /* the year ("1900" - "9999") */
+ CK_CHAR month[2]; /* the month ("01" - "12") */
+ CK_CHAR day[2]; /* the day ("01" - "31") */
+} CK_DATE;
+
+/* CK_MECHANISM_TYPE is a value that identifies a mechanism
+ * type */
+/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
+ * v2.0 */
+typedef CK_ULONG CK_MECHANISM_TYPE;
+
+/* the following mechanism types are defined: */
+#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
+#define CKM_RSA_PKCS 0x00000001
+#define CKM_RSA_9796 0x00000002
+#define CKM_RSA_X_509 0x00000003
+
+/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
+ * are new for v2.0. They are mechanisms which hash and sign */
+#define CKM_MD2_RSA_PKCS 0x00000004
+#define CKM_MD5_RSA_PKCS 0x00000005
+#define CKM_SHA1_RSA_PKCS 0x00000006
+
+/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
+ * CKM_RSA_PKCS_OAEP are new for v2.10 */
+#define CKM_RIPEMD128_RSA_PKCS 0x00000007
+#define CKM_RIPEMD160_RSA_PKCS 0x00000008
+#define CKM_RSA_PKCS_OAEP 0x00000009
+
+/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
+ * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
+#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
+#define CKM_RSA_X9_31 0x0000000B
+#define CKM_SHA1_RSA_X9_31 0x0000000C
+#define CKM_RSA_PKCS_PSS 0x0000000D
+#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
+
+#define CKM_DSA_KEY_PAIR_GEN 0x00000010
+#define CKM_DSA 0x00000011
+#define CKM_DSA_SHA1 0x00000012
+#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
+#define CKM_DH_PKCS_DERIVE 0x00000021
+
+/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
+ * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
+ * v2.11 */
+#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
+#define CKM_X9_42_DH_DERIVE 0x00000031
+#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
+#define CKM_X9_42_MQV_DERIVE 0x00000033
+
+/* CKM_SHA256/384/512 are new for v2.20 */
+#define CKM_SHA256_RSA_PKCS 0x00000040
+#define CKM_SHA384_RSA_PKCS 0x00000041
+#define CKM_SHA512_RSA_PKCS 0x00000042
+#define CKM_SHA256_RSA_PKCS_PSS 0x00000043
+#define CKM_SHA384_RSA_PKCS_PSS 0x00000044
+#define CKM_SHA512_RSA_PKCS_PSS 0x00000045
+
+/* CKM_SHA224 new for v2.20 amendment 3 */
+#define CKM_SHA224_RSA_PKCS 0x00000046
+#define CKM_SHA224_RSA_PKCS_PSS 0x00000047
+
+#define CKM_RC2_KEY_GEN 0x00000100
+#define CKM_RC2_ECB 0x00000101
+#define CKM_RC2_CBC 0x00000102
+#define CKM_RC2_MAC 0x00000103
+
+/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
+#define CKM_RC2_MAC_GENERAL 0x00000104
+#define CKM_RC2_CBC_PAD 0x00000105
+
+#define CKM_RC4_KEY_GEN 0x00000110
+#define CKM_RC4 0x00000111
+#define CKM_DES_KEY_GEN 0x00000120
+#define CKM_DES_ECB 0x00000121
+#define CKM_DES_CBC 0x00000122
+#define CKM_DES_MAC 0x00000123
+
+/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
+#define CKM_DES_MAC_GENERAL 0x00000124
+#define CKM_DES_CBC_PAD 0x00000125
+
+#define CKM_DES2_KEY_GEN 0x00000130
+#define CKM_DES3_KEY_GEN 0x00000131
+#define CKM_DES3_ECB 0x00000132
+#define CKM_DES3_CBC 0x00000133
+#define CKM_DES3_MAC 0x00000134
+
+/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
+ * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
+ * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
+#define CKM_DES3_MAC_GENERAL 0x00000135
+#define CKM_DES3_CBC_PAD 0x00000136
+#define CKM_CDMF_KEY_GEN 0x00000140
+#define CKM_CDMF_ECB 0x00000141
+#define CKM_CDMF_CBC 0x00000142
+#define CKM_CDMF_MAC 0x00000143
+#define CKM_CDMF_MAC_GENERAL 0x00000144
+#define CKM_CDMF_CBC_PAD 0x00000145
+
+/* the following four DES mechanisms are new for v2.20 */
+#define CKM_DES_OFB64 0x00000150
+#define CKM_DES_OFB8 0x00000151
+#define CKM_DES_CFB64 0x00000152
+#define CKM_DES_CFB8 0x00000153
+
+#define CKM_MD2 0x00000200
+
+/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
+#define CKM_MD2_HMAC 0x00000201
+#define CKM_MD2_HMAC_GENERAL 0x00000202
+
+#define CKM_MD5 0x00000210
+
+/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
+#define CKM_MD5_HMAC 0x00000211
+#define CKM_MD5_HMAC_GENERAL 0x00000212
+
+#define CKM_SHA_1 0x00000220
+
+/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
+#define CKM_SHA_1_HMAC 0x00000221
+#define CKM_SHA_1_HMAC_GENERAL 0x00000222
+
+/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
+ * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
+ * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
+#define CKM_RIPEMD128 0x00000230
+#define CKM_RIPEMD128_HMAC 0x00000231
+#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
+#define CKM_RIPEMD160 0x00000240
+#define CKM_RIPEMD160_HMAC 0x00000241
+#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
+
+/* CKM_SHA256/384/512 are new for v2.20 */
+#define CKM_SHA256 0x00000250
+#define CKM_SHA256_HMAC 0x00000251
+#define CKM_SHA256_HMAC_GENERAL 0x00000252
+#define CKM_SHA384 0x00000260
+#define CKM_SHA384_HMAC 0x00000261
+#define CKM_SHA384_HMAC_GENERAL 0x00000262
+#define CKM_SHA512 0x00000270
+#define CKM_SHA512_HMAC 0x00000271
+#define CKM_SHA512_HMAC_GENERAL 0x00000272
+
+/* CKM_SHA224 new for v2.20 amendment 3 */
+#define CKM_SHA224 0x00000255
+#define CKM_SHA224_HMAC 0x00000256
+#define CKM_SHA224_HMAC_GENERAL 0x00000257
+
+/* All of the following mechanisms are new for v2.0 */
+/* Note that CAST128 and CAST5 are the same algorithm */
+#define CKM_CAST_KEY_GEN 0x00000300
+#define CKM_CAST_ECB 0x00000301
+#define CKM_CAST_CBC 0x00000302
+#define CKM_CAST_MAC 0x00000303
+#define CKM_CAST_MAC_GENERAL 0x00000304
+#define CKM_CAST_CBC_PAD 0x00000305
+#define CKM_CAST3_KEY_GEN 0x00000310
+#define CKM_CAST3_ECB 0x00000311
+#define CKM_CAST3_CBC 0x00000312
+#define CKM_CAST3_MAC 0x00000313
+#define CKM_CAST3_MAC_GENERAL 0x00000314
+#define CKM_CAST3_CBC_PAD 0x00000315
+#define CKM_CAST5_KEY_GEN 0x00000320
+#define CKM_CAST128_KEY_GEN 0x00000320
+#define CKM_CAST5_ECB 0x00000321
+#define CKM_CAST128_ECB 0x00000321
+#define CKM_CAST5_CBC 0x00000322
+#define CKM_CAST128_CBC 0x00000322
+#define CKM_CAST5_MAC 0x00000323
+#define CKM_CAST128_MAC 0x00000323
+#define CKM_CAST5_MAC_GENERAL 0x00000324
+#define CKM_CAST128_MAC_GENERAL 0x00000324
+#define CKM_CAST5_CBC_PAD 0x00000325
+#define CKM_CAST128_CBC_PAD 0x00000325
+#define CKM_RC5_KEY_GEN 0x00000330
+#define CKM_RC5_ECB 0x00000331
+#define CKM_RC5_CBC 0x00000332
+#define CKM_RC5_MAC 0x00000333
+#define CKM_RC5_MAC_GENERAL 0x00000334
+#define CKM_RC5_CBC_PAD 0x00000335
+#define CKM_IDEA_KEY_GEN 0x00000340
+#define CKM_IDEA_ECB 0x00000341
+#define CKM_IDEA_CBC 0x00000342
+#define CKM_IDEA_MAC 0x00000343
+#define CKM_IDEA_MAC_GENERAL 0x00000344
+#define CKM_IDEA_CBC_PAD 0x00000345
+#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
+#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
+#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
+#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
+#define CKM_XOR_BASE_AND_DATA 0x00000364
+#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
+#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
+#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
+#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
+
+/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
+ * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
+ * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
+#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
+#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
+#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
+#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
+#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
+
+/* CKM_TLS_PRF is new for v2.20 */
+#define CKM_TLS_PRF 0x00000378
+
+#define CKM_SSL3_MD5_MAC 0x00000380
+#define CKM_SSL3_SHA1_MAC 0x00000381
+#define CKM_MD5_KEY_DERIVATION 0x00000390
+#define CKM_MD2_KEY_DERIVATION 0x00000391
+#define CKM_SHA1_KEY_DERIVATION 0x00000392
+
+/* CKM_SHA256/384/512 are new for v2.20 */
+#define CKM_SHA256_KEY_DERIVATION 0x00000393
+#define CKM_SHA384_KEY_DERIVATION 0x00000394
+#define CKM_SHA512_KEY_DERIVATION 0x00000395
+
+/* CKM_SHA224 new for v2.20 amendment 3 */
+#define CKM_SHA224_KEY_DERIVATION 0x00000396
+
+#define CKM_PBE_MD2_DES_CBC 0x000003A0
+#define CKM_PBE_MD5_DES_CBC 0x000003A1
+#define CKM_PBE_MD5_CAST_CBC 0x000003A2
+#define CKM_PBE_MD5_CAST3_CBC 0x000003A3
+#define CKM_PBE_MD5_CAST5_CBC 0x000003A4
+#define CKM_PBE_MD5_CAST128_CBC 0x000003A4
+#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
+#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
+#define CKM_PBE_SHA1_RC4_128 0x000003A6
+#define CKM_PBE_SHA1_RC4_40 0x000003A7
+#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
+#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
+#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
+#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
+
+/* CKM_PKCS5_PBKD2 is new for v2.10 */
+#define CKM_PKCS5_PBKD2 0x000003B0
+
+#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
+
+/* WTLS mechanisms are new for v2.20 */
+#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0
+#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1
+#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2
+#define CKM_WTLS_PRF 0x000003D3
+#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4
+#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5
+
+/* TLS 1.2 mechanisms are new for v2.40 */
+#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0
+#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1
+#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2
+#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3
+#define CKM_TLS12_MAC 0x000003E4
+#define CKM_TLS_MAC 0x000003E4
+#define CKM_TLS_KDF 0x000003E5
+
+#define CKM_KEY_WRAP_LYNKS 0x00000400
+#define CKM_KEY_WRAP_SET_OAEP 0x00000401
+
+/* CKM_CMS_SIG is new for v2.20 */
+#define CKM_CMS_SIG 0x00000500
+
+/* Fortezza mechanisms */
+#define CKM_SKIPJACK_KEY_GEN 0x00001000
+#define CKM_SKIPJACK_ECB64 0x00001001
+#define CKM_SKIPJACK_CBC64 0x00001002
+#define CKM_SKIPJACK_OFB64 0x00001003
+#define CKM_SKIPJACK_CFB64 0x00001004
+#define CKM_SKIPJACK_CFB32 0x00001005
+#define CKM_SKIPJACK_CFB16 0x00001006
+#define CKM_SKIPJACK_CFB8 0x00001007
+#define CKM_SKIPJACK_WRAP 0x00001008
+#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
+#define CKM_SKIPJACK_RELAYX 0x0000100a
+#define CKM_KEA_KEY_PAIR_GEN 0x00001010
+#define CKM_KEA_KEY_DERIVE 0x00001011
+#define CKM_FORTEZZA_TIMESTAMP 0x00001020
+#define CKM_BATON_KEY_GEN 0x00001030
+#define CKM_BATON_ECB128 0x00001031
+#define CKM_BATON_ECB96 0x00001032
+#define CKM_BATON_CBC128 0x00001033
+#define CKM_BATON_COUNTER 0x00001034
+#define CKM_BATON_SHUFFLE 0x00001035
+#define CKM_BATON_WRAP 0x00001036
+
+/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
+ * CKM_EC_KEY_PAIR_GEN is preferred */
+#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
+#define CKM_EC_KEY_PAIR_GEN 0x00001040
+
+#define CKM_ECDSA 0x00001041
+#define CKM_ECDSA_SHA1 0x00001042
+
+/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
+ * are new for v2.11 */
+#define CKM_ECDH1_DERIVE 0x00001050
+#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
+#define CKM_ECMQV_DERIVE 0x00001052
+
+#define CKM_JUNIPER_KEY_GEN 0x00001060
+#define CKM_JUNIPER_ECB128 0x00001061
+#define CKM_JUNIPER_CBC128 0x00001062
+#define CKM_JUNIPER_COUNTER 0x00001063
+#define CKM_JUNIPER_SHUFFLE 0x00001064
+#define CKM_JUNIPER_WRAP 0x00001065
+#define CKM_FASTHASH 0x00001070
+
+/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
+ * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
+ * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
+ * new for v2.11 */
+#define CKM_AES_KEY_GEN 0x00001080
+#define CKM_AES_ECB 0x00001081
+#define CKM_AES_CBC 0x00001082
+#define CKM_AES_MAC 0x00001083
+#define CKM_AES_MAC_GENERAL 0x00001084
+#define CKM_AES_CBC_PAD 0x00001085
+/* new for v2.20 amendment 3 */
+#define CKM_AES_CTR 0x00001086
+/* new for v2.30 */
+#define CKM_AES_GCM 0x00001087
+#define CKM_AES_CCM 0x00001088
+#define CKM_AES_CTS 0x00001089
+
+/* BlowFish and TwoFish are new for v2.20 */
+#define CKM_BLOWFISH_KEY_GEN 0x00001090
+#define CKM_BLOWFISH_CBC 0x00001091
+#define CKM_TWOFISH_KEY_GEN 0x00001092
+#define CKM_TWOFISH_CBC 0x00001093
+
+/* Camellia is proposed for v2.20 Amendment 3 */
+#define CKM_CAMELLIA_KEY_GEN 0x00000550
+#define CKM_CAMELLIA_ECB 0x00000551
+#define CKM_CAMELLIA_CBC 0x00000552
+#define CKM_CAMELLIA_MAC 0x00000553
+#define CKM_CAMELLIA_MAC_GENERAL 0x00000554
+#define CKM_CAMELLIA_CBC_PAD 0x00000555
+#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556
+#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557
+
+#define CKM_SEED_KEY_GEN 0x00000650
+#define CKM_SEED_ECB 0x00000651
+#define CKM_SEED_CBC 0x00000652
+#define CKM_SEED_MAC 0x00000653
+#define CKM_SEED_MAC_GENERAL 0x00000654
+#define CKM_SEED_CBC_PAD 0x00000655
+#define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656
+#define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657
+
+/* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */
+#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100
+#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101
+#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102
+#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103
+#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104
+#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105
+
+#define CKM_DSA_PARAMETER_GEN 0x00002000
+#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
+#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
+
+#define CKM_VENDOR_DEFINED 0x80000000
+
+typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
+
+/* CK_MECHANISM is a structure that specifies a particular
+ * mechanism */
+typedef struct CK_MECHANISM {
+ CK_MECHANISM_TYPE mechanism;
+ CK_VOID_PTR pParameter;
+
+ /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
+ * v2.0 */
+ CK_ULONG ulParameterLen; /* in bytes */
+} CK_MECHANISM;
+
+typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
+
+/* CK_MECHANISM_INFO provides information about a particular
+ * mechanism */
+typedef struct CK_MECHANISM_INFO {
+ CK_ULONG ulMinKeySize;
+ CK_ULONG ulMaxKeySize;
+ CK_FLAGS flags;
+} CK_MECHANISM_INFO;
+
+/* The flags are defined as follows:
+ * Bit Flag Mask Meaning */
+#define CKF_HW 0x00000001 /* performed by HW */
+
+/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
+ * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
+ * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
+ * and CKF_DERIVE are new for v2.0. They specify whether or not
+ * a mechanism can be used for a particular task */
+#define CKF_ENCRYPT 0x00000100
+#define CKF_DECRYPT 0x00000200
+#define CKF_DIGEST 0x00000400
+#define CKF_SIGN 0x00000800
+#define CKF_SIGN_RECOVER 0x00001000
+#define CKF_VERIFY 0x00002000
+#define CKF_VERIFY_RECOVER 0x00004000
+#define CKF_GENERATE 0x00008000
+#define CKF_GENERATE_KEY_PAIR 0x00010000
+#define CKF_WRAP 0x00020000
+#define CKF_UNWRAP 0x00040000
+#define CKF_DERIVE 0x00080000
+
+/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
+ * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
+ * describe a token's EC capabilities not available in mechanism
+ * information. */
+#define CKF_EC_F_P 0x00100000
+#define CKF_EC_F_2M 0x00200000
+#define CKF_EC_ECPARAMETERS 0x00400000
+#define CKF_EC_NAMEDCURVE 0x00800000
+#define CKF_EC_UNCOMPRESS 0x01000000
+#define CKF_EC_COMPRESS 0x02000000
+
+#define CKF_EXTENSION 0x80000000 /* FALSE for this version */
+
+typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
+
+/* CK_RV is a value that identifies the return value of a
+ * PKCS #11 function */
+/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
+typedef CK_ULONG CK_RV;
+
+#define CKR_OK 0x00000000
+#define CKR_CANCEL 0x00000001
+#define CKR_HOST_MEMORY 0x00000002
+#define CKR_SLOT_ID_INVALID 0x00000003
+
+/* CKR_FLAGS_INVALID was removed for v2.0 */
+
+/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
+#define CKR_GENERAL_ERROR 0x00000005
+#define CKR_FUNCTION_FAILED 0x00000006
+
+/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
+ * and CKR_CANT_LOCK are new for v2.01 */
+#define CKR_ARGUMENTS_BAD 0x00000007
+#define CKR_NO_EVENT 0x00000008
+#define CKR_NEED_TO_CREATE_THREADS 0x00000009
+#define CKR_CANT_LOCK 0x0000000A
+
+#define CKR_ATTRIBUTE_READ_ONLY 0x00000010
+#define CKR_ATTRIBUTE_SENSITIVE 0x00000011
+#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
+#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
+#define CKR_DATA_INVALID 0x00000020
+#define CKR_DATA_LEN_RANGE 0x00000021
+#define CKR_DEVICE_ERROR 0x00000030
+#define CKR_DEVICE_MEMORY 0x00000031
+#define CKR_DEVICE_REMOVED 0x00000032
+#define CKR_ENCRYPTED_DATA_INVALID 0x00000040
+#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
+#define CKR_FUNCTION_CANCELED 0x00000050
+#define CKR_FUNCTION_NOT_PARALLEL 0x00000051
+
+/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
+#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
+
+#define CKR_KEY_HANDLE_INVALID 0x00000060
+
+/* CKR_KEY_SENSITIVE was removed for v2.0 */
+
+#define CKR_KEY_SIZE_RANGE 0x00000062
+#define CKR_KEY_TYPE_INCONSISTENT 0x00000063
+
+/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
+ * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
+ * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
+ * v2.0 */
+#define CKR_KEY_NOT_NEEDED 0x00000064
+#define CKR_KEY_CHANGED 0x00000065
+#define CKR_KEY_NEEDED 0x00000066
+#define CKR_KEY_INDIGESTIBLE 0x00000067
+#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
+#define CKR_KEY_NOT_WRAPPABLE 0x00000069
+#define CKR_KEY_UNEXTRACTABLE 0x0000006A
+
+#define CKR_MECHANISM_INVALID 0x00000070
+#define CKR_MECHANISM_PARAM_INVALID 0x00000071
+
+/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
+ * were removed for v2.0 */
+#define CKR_OBJECT_HANDLE_INVALID 0x00000082
+#define CKR_OPERATION_ACTIVE 0x00000090
+#define CKR_OPERATION_NOT_INITIALIZED 0x00000091
+#define CKR_PIN_INCORRECT 0x000000A0
+#define CKR_PIN_INVALID 0x000000A1
+#define CKR_PIN_LEN_RANGE 0x000000A2
+
+/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
+#define CKR_PIN_EXPIRED 0x000000A3
+#define CKR_PIN_LOCKED 0x000000A4
+
+#define CKR_SESSION_CLOSED 0x000000B0
+#define CKR_SESSION_COUNT 0x000000B1
+#define CKR_SESSION_HANDLE_INVALID 0x000000B3
+#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
+#define CKR_SESSION_READ_ONLY 0x000000B5
+#define CKR_SESSION_EXISTS 0x000000B6
+
+/* CKR_SESSION_READ_ONLY_EXISTS and
+ * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
+#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
+#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
+
+#define CKR_SIGNATURE_INVALID 0x000000C0
+#define CKR_SIGNATURE_LEN_RANGE 0x000000C1
+#define CKR_TEMPLATE_INCOMPLETE 0x000000D0
+#define CKR_TEMPLATE_INCONSISTENT 0x000000D1
+#define CKR_TOKEN_NOT_PRESENT 0x000000E0
+#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
+#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
+#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
+#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
+#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
+#define CKR_USER_ALREADY_LOGGED_IN 0x00000100
+#define CKR_USER_NOT_LOGGED_IN 0x00000101
+#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
+#define CKR_USER_TYPE_INVALID 0x00000103
+
+/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
+ * are new to v2.01 */
+#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
+#define CKR_USER_TOO_MANY_TYPES 0x00000105
+
+#define CKR_WRAPPED_KEY_INVALID 0x00000110
+#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
+#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
+#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
+#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
+#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
+
+/* These are new to v2.0 */
+#define CKR_RANDOM_NO_RNG 0x00000121
+
+/* These are new to v2.11 */
+#define CKR_DOMAIN_PARAMS_INVALID 0x00000130
+
+/* These are new to v2.0 */
+#define CKR_BUFFER_TOO_SMALL 0x00000150
+#define CKR_SAVED_STATE_INVALID 0x00000160
+#define CKR_INFORMATION_SENSITIVE 0x00000170
+#define CKR_STATE_UNSAVEABLE 0x00000180
+
+/* These are new to v2.01 */
+#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
+#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
+#define CKR_MUTEX_BAD 0x000001A0
+#define CKR_MUTEX_NOT_LOCKED 0x000001A1
+
+/* This is new to v2.20 */
+#define CKR_FUNCTION_REJECTED 0x00000200
+
+#define CKR_VENDOR_DEFINED 0x80000000
+
+/* CK_NOTIFY is an application callback that processes events */
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
+ CK_SESSION_HANDLE hSession, /* the session's handle */
+ CK_NOTIFICATION event,
+ CK_VOID_PTR pApplication /* passed to C_OpenSession */
+ );
+
+/* CK_FUNCTION_LIST is a structure holding a PKCS #11 spec
+ * version and pointers of appropriate types to all the
+ * PKCS #11 functions */
+/* CK_FUNCTION_LIST is new for v2.0 */
+typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
+
+typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
+
+typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
+
+/* CK_CREATEMUTEX is an application callback for creating a
+ * mutex object */
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
+ CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
+ );
+
+/* CK_DESTROYMUTEX is an application callback for destroying a
+ * mutex object */
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
+ CK_VOID_PTR pMutex /* pointer to mutex */
+ );
+
+/* CK_LOCKMUTEX is an application callback for locking a mutex */
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
+ CK_VOID_PTR pMutex /* pointer to mutex */
+ );
+
+/* CK_UNLOCKMUTEX is an application callback for unlocking a
+ * mutex */
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
+ CK_VOID_PTR pMutex /* pointer to mutex */
+ );
+
+/* CK_C_INITIALIZE_ARGS provides the optional arguments to
+ * C_Initialize */
+typedef struct CK_C_INITIALIZE_ARGS {
+ CK_CREATEMUTEX CreateMutex;
+ CK_DESTROYMUTEX DestroyMutex;
+ CK_LOCKMUTEX LockMutex;
+ CK_UNLOCKMUTEX UnlockMutex;
+ CK_FLAGS flags;
+ /* The official PKCS #11 spec does not have a 'LibraryParameters' field, but
+ * a reserved field. NSS needs a way to pass instance-specific information
+ * to the library (like where to find its config files, etc). This
+ * information is usually provided by the installer and passed uninterpreted
+ * by NSS to the library, though NSS does know the specifics of the softoken
+ * version of this parameter. Most compliant PKCS#11 modules expect this
+ * parameter to be NULL, and will return CKR_ARGUMENTS_BAD from
+ * C_Initialize if Library parameters is supplied. */
+ CK_CHAR_PTR *LibraryParameters;
+ /* This field is only present if the LibraryParameters is not NULL. It must
+ * be NULL in all cases */
+ CK_VOID_PTR pReserved;
+} CK_C_INITIALIZE_ARGS;
+
+/* flags: bit flags that provide capabilities of the slot
+ * Bit Flag Mask Meaning
+ */
+#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
+#define CKF_OS_LOCKING_OK 0x00000002
+
+typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
+
+/* additional flags for parameters to functions */
+
+/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
+#define CKF_DONT_BLOCK 1
+
+/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
+ * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
+ * Generation Function (MGF) applied to a message block when
+ * formatting a message block for the PKCS #1 OAEP encryption
+ * scheme. */
+typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
+
+typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
+
+/* The following MGFs are defined */
+/* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512
+ * are new for v2.20 */
+#define CKG_MGF1_SHA1 0x00000001
+#define CKG_MGF1_SHA256 0x00000002
+#define CKG_MGF1_SHA384 0x00000003
+#define CKG_MGF1_SHA512 0x00000004
+
+/* v2.20 amendment 3 */
+#define CKG_MGF1_SHA224 0x00000005
+
+/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
+ * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
+ * of the encoding parameter when formatting a message block
+ * for the PKCS #1 OAEP encryption scheme. */
+typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
+
+typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
+
+/* The following encoding parameter sources are defined */
+#define CKZ_DATA_SPECIFIED 0x00000001
+
+/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
+ * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
+ * CKM_RSA_PKCS_OAEP mechanism. */
+typedef struct CK_RSA_PKCS_OAEP_PARAMS {
+ CK_MECHANISM_TYPE hashAlg;
+ CK_RSA_PKCS_MGF_TYPE mgf;
+ CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
+ CK_VOID_PTR pSourceData;
+ CK_ULONG ulSourceDataLen;
+} CK_RSA_PKCS_OAEP_PARAMS;
+
+typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
+
+/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
+ * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
+ * CKM_RSA_PKCS_PSS mechanism(s). */
+typedef struct CK_RSA_PKCS_PSS_PARAMS {
+ CK_MECHANISM_TYPE hashAlg;
+ CK_RSA_PKCS_MGF_TYPE mgf;
+ CK_ULONG sLen;
+} CK_RSA_PKCS_PSS_PARAMS;
+
+typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
+
+/* CK_EC_KDF_TYPE is new for v2.11. */
+typedef CK_ULONG CK_EC_KDF_TYPE;
+
+/* The following EC Key Derivation Functions are defined */
+#define CKD_NULL 0x00000001
+#define CKD_SHA1_KDF 0x00000002
+#define CKD_SHA224_KDF 0x00000005
+#define CKD_SHA256_KDF 0x00000006
+#define CKD_SHA384_KDF 0x00000007
+#define CKD_SHA512_KDF 0x00000008
+
+/* CK_ECDH1_DERIVE_PARAMS is new for v2.11.
+ * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
+ * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
+ * where each party contributes one key pair.
+ */
+typedef struct CK_ECDH1_DERIVE_PARAMS {
+ CK_EC_KDF_TYPE kdf;
+ CK_ULONG ulSharedDataLen;
+ CK_BYTE_PTR pSharedData;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+} CK_ECDH1_DERIVE_PARAMS;
+
+typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
+
+/* CK_ECDH2_DERIVE_PARAMS is new for v2.11.
+ * CK_ECDH2_DERIVE_PARAMS provides the parameters to the
+ * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */
+typedef struct CK_ECDH2_DERIVE_PARAMS {
+ CK_EC_KDF_TYPE kdf;
+ CK_ULONG ulSharedDataLen;
+ CK_BYTE_PTR pSharedData;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+ CK_ULONG ulPrivateDataLen;
+ CK_OBJECT_HANDLE hPrivateData;
+ CK_ULONG ulPublicDataLen2;
+ CK_BYTE_PTR pPublicData2;
+} CK_ECDH2_DERIVE_PARAMS;
+
+typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;
+
+typedef struct CK_ECMQV_DERIVE_PARAMS {
+ CK_EC_KDF_TYPE kdf;
+ CK_ULONG ulSharedDataLen;
+ CK_BYTE_PTR pSharedData;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+ CK_ULONG ulPrivateDataLen;
+ CK_OBJECT_HANDLE hPrivateData;
+ CK_ULONG ulPublicDataLen2;
+ CK_BYTE_PTR pPublicData2;
+ CK_OBJECT_HANDLE publicKey;
+} CK_ECMQV_DERIVE_PARAMS;
+
+typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;
+
+/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
+ * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */
+typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
+typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
+
+/* The following X9.42 DH key derivation functions are defined
+ (besides CKD_NULL already defined : */
+#define CKD_SHA1_KDF_ASN1 0x00000003
+#define CKD_SHA1_KDF_CONCATENATE 0x00000004
+
+/* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.
+ * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
+ * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
+ * contributes one key pair */
+typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
+ CK_X9_42_DH_KDF_TYPE kdf;
+ CK_ULONG ulOtherInfoLen;
+ CK_BYTE_PTR pOtherInfo;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+} CK_X9_42_DH1_DERIVE_PARAMS;
+
+typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
+
+/* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.
+ * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
+ * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
+ * mechanisms, where each party contributes two key pairs */
+typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
+ CK_X9_42_DH_KDF_TYPE kdf;
+ CK_ULONG ulOtherInfoLen;
+ CK_BYTE_PTR pOtherInfo;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+ CK_ULONG ulPrivateDataLen;
+ CK_OBJECT_HANDLE hPrivateData;
+ CK_ULONG ulPublicDataLen2;
+ CK_BYTE_PTR pPublicData2;
+} CK_X9_42_DH2_DERIVE_PARAMS;
+
+typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
+
+typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
+ CK_X9_42_DH_KDF_TYPE kdf;
+ CK_ULONG ulOtherInfoLen;
+ CK_BYTE_PTR pOtherInfo;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+ CK_ULONG ulPrivateDataLen;
+ CK_OBJECT_HANDLE hPrivateData;
+ CK_ULONG ulPublicDataLen2;
+ CK_BYTE_PTR pPublicData2;
+ CK_OBJECT_HANDLE publicKey;
+} CK_X9_42_MQV_DERIVE_PARAMS;
+
+typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;
+
+/* CK_KEA_DERIVE_PARAMS provides the parameters to the
+ * CKM_KEA_DERIVE mechanism */
+/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
+typedef struct CK_KEA_DERIVE_PARAMS {
+ CK_BBOOL isSender;
+ CK_ULONG ulRandomLen;
+ CK_BYTE_PTR pRandomA;
+ CK_BYTE_PTR pRandomB;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+} CK_KEA_DERIVE_PARAMS;
+
+typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
+
+/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
+ * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
+ * holds the effective keysize */
+typedef CK_ULONG CK_RC2_PARAMS;
+
+typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
+
+/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
+ * mechanism */
+typedef struct CK_RC2_CBC_PARAMS {
+ /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
+ * v2.0 */
+ CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
+
+ CK_BYTE iv[8]; /* IV for CBC mode */
+} CK_RC2_CBC_PARAMS;
+
+typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
+
+/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
+ * CKM_RC2_MAC_GENERAL mechanism */
+/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
+typedef struct CK_RC2_MAC_GENERAL_PARAMS {
+ CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
+ CK_ULONG ulMacLength; /* Length of MAC in bytes */
+} CK_RC2_MAC_GENERAL_PARAMS;
+
+typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR
+ CK_RC2_MAC_GENERAL_PARAMS_PTR;
+
+/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
+ * CKM_RC5_MAC mechanisms */
+/* CK_RC5_PARAMS is new for v2.0 */
+typedef struct CK_RC5_PARAMS {
+ CK_ULONG ulWordsize; /* wordsize in bits */
+ CK_ULONG ulRounds; /* number of rounds */
+} CK_RC5_PARAMS;
+
+typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
+
+/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
+ * mechanism */
+/* CK_RC5_CBC_PARAMS is new for v2.0 */
+typedef struct CK_RC5_CBC_PARAMS {
+ CK_ULONG ulWordsize; /* wordsize in bits */
+ CK_ULONG ulRounds; /* number of rounds */
+ CK_BYTE_PTR pIv; /* pointer to IV */
+ CK_ULONG ulIvLen; /* length of IV in bytes */
+} CK_RC5_CBC_PARAMS;
+
+typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
+
+/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
+ * CKM_RC5_MAC_GENERAL mechanism */
+/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
+typedef struct CK_RC5_MAC_GENERAL_PARAMS {
+ CK_ULONG ulWordsize; /* wordsize in bits */
+ CK_ULONG ulRounds; /* number of rounds */
+ CK_ULONG ulMacLength; /* Length of MAC in bytes */
+} CK_RC5_MAC_GENERAL_PARAMS;
+
+typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR
+ CK_RC5_MAC_GENERAL_PARAMS_PTR;
+
+/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
+ * ciphers' MAC_GENERAL mechanisms. Its value is the length of
+ * the MAC */
+/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
+typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
+
+typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
+
+/* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */
+typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
+ CK_BYTE iv[8];
+ CK_BYTE_PTR pData;
+ CK_ULONG length;
+} CK_DES_CBC_ENCRYPT_DATA_PARAMS;
+
+typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
+
+typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
+ CK_BYTE iv[16];
+ CK_BYTE_PTR pData;
+ CK_ULONG length;
+} CK_AES_CBC_ENCRYPT_DATA_PARAMS;
+
+typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
+
+/* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
+typedef struct CK_AES_CTR_PARAMS {
+ CK_ULONG ulCounterBits;
+ CK_BYTE cb[16];
+} CK_AES_CTR_PARAMS;
+
+typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
+
+/* CK_GCM_PARAMS is new for version 2.30 */
+typedef struct CK_GCM_PARAMS {
+ CK_BYTE_PTR pIv;
+ CK_ULONG ulIvLen;
+ CK_BYTE_PTR pAAD;
+ CK_ULONG ulAADLen;
+ CK_ULONG ulTagBits;
+} CK_GCM_PARAMS;
+
+typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR;
+
+/* CK_CCM_PARAMS is new for version 2.30 */
+typedef struct CK_CCM_PARAMS {
+ CK_ULONG ulDataLen;
+ CK_BYTE_PTR pNonce;
+ CK_ULONG ulNonceLen;
+ CK_BYTE_PTR pAAD;
+ CK_ULONG ulAADLen;
+ CK_ULONG ulMACLen;
+} CK_CCM_PARAMS;
+
+typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR;
+
+/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
+ * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
+/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
+typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
+ CK_ULONG ulPasswordLen;
+ CK_BYTE_PTR pPassword;
+ CK_ULONG ulPublicDataLen;
+ CK_BYTE_PTR pPublicData;
+ CK_ULONG ulPAndGLen;
+ CK_ULONG ulQLen;
+ CK_ULONG ulRandomLen;
+ CK_BYTE_PTR pRandomA;
+ CK_BYTE_PTR pPrimeP;
+ CK_BYTE_PTR pBaseG;
+ CK_BYTE_PTR pSubprimeQ;
+} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
+
+typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR
+ CK_SKIPJACK_PRIVATE_WRAP_PTR;
+
+/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
+ * CKM_SKIPJACK_RELAYX mechanism */
+/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
+typedef struct CK_SKIPJACK_RELAYX_PARAMS {
+ CK_ULONG ulOldWrappedXLen;
+ CK_BYTE_PTR pOldWrappedX;
+ CK_ULONG ulOldPasswordLen;
+ CK_BYTE_PTR pOldPassword;
+ CK_ULONG ulOldPublicDataLen;
+ CK_BYTE_PTR pOldPublicData;
+ CK_ULONG ulOldRandomLen;
+ CK_BYTE_PTR pOldRandomA;
+ CK_ULONG ulNewPasswordLen;
+ CK_BYTE_PTR pNewPassword;
+ CK_ULONG ulNewPublicDataLen;
+ CK_BYTE_PTR pNewPublicData;
+ CK_ULONG ulNewRandomLen;
+ CK_BYTE_PTR pNewRandomA;
+} CK_SKIPJACK_RELAYX_PARAMS;
+
+typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR
+ CK_SKIPJACK_RELAYX_PARAMS_PTR;
+
+typedef struct CK_PBE_PARAMS {
+ CK_BYTE_PTR pInitVector;
+ CK_UTF8CHAR_PTR pPassword;
+ CK_ULONG ulPasswordLen;
+ CK_BYTE_PTR pSalt;
+ CK_ULONG ulSaltLen;
+ CK_ULONG ulIteration;
+} CK_PBE_PARAMS;
+
+typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
+
+/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
+ * CKM_KEY_WRAP_SET_OAEP mechanism */
+/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
+typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
+ CK_BYTE bBC; /* block contents byte */
+ CK_BYTE_PTR pX; /* extra data */
+ CK_ULONG ulXLen; /* length of extra data in bytes */
+} CK_KEY_WRAP_SET_OAEP_PARAMS;
+
+typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR
+ CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
+
+typedef struct CK_SSL3_RANDOM_DATA {
+ CK_BYTE_PTR pClientRandom;
+ CK_ULONG ulClientRandomLen;
+ CK_BYTE_PTR pServerRandom;
+ CK_ULONG ulServerRandomLen;
+} CK_SSL3_RANDOM_DATA;
+
+typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
+ CK_SSL3_RANDOM_DATA RandomInfo;
+ CK_VERSION_PTR pVersion;
+} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
+
+typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR
+ CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
+
+typedef struct CK_SSL3_KEY_MAT_OUT {
+ CK_OBJECT_HANDLE hClientMacSecret;
+ CK_OBJECT_HANDLE hServerMacSecret;
+ CK_OBJECT_HANDLE hClientKey;
+ CK_OBJECT_HANDLE hServerKey;
+ CK_BYTE_PTR pIVClient;
+ CK_BYTE_PTR pIVServer;
+} CK_SSL3_KEY_MAT_OUT;
+
+typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
+
+typedef struct CK_SSL3_KEY_MAT_PARAMS {
+ CK_ULONG ulMacSizeInBits;
+ CK_ULONG ulKeySizeInBits;
+ CK_ULONG ulIVSizeInBits;
+ CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */
+ CK_SSL3_RANDOM_DATA RandomInfo;
+ CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
+} CK_SSL3_KEY_MAT_PARAMS;
+
+typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
+
+/* CK_TLS_PRF_PARAMS is new for version 2.20 */
+typedef struct CK_TLS_PRF_PARAMS {
+ CK_BYTE_PTR pSeed;
+ CK_ULONG ulSeedLen;
+ CK_BYTE_PTR pLabel;
+ CK_ULONG ulLabelLen;
+ CK_BYTE_PTR pOutput;
+ CK_ULONG_PTR pulOutputLen;
+} CK_TLS_PRF_PARAMS;
+
+typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR;
+
+/* TLS 1.2 is new for version 2.40 */
+typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS {
+ CK_SSL3_RANDOM_DATA RandomInfo;
+ CK_VERSION_PTR pVersion;
+ CK_MECHANISM_TYPE prfHashMechanism;
+} CK_TLS12_MASTER_KEY_DERIVE_PARAMS;
+
+typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR
+ CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR;
+
+typedef struct CK_TLS12_KEY_MAT_PARAMS {
+ CK_ULONG ulMacSizeInBits;
+ CK_ULONG ulKeySizeInBits;
+ CK_ULONG ulIVSizeInBits;
+ CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */
+ CK_SSL3_RANDOM_DATA RandomInfo;
+ CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
+ CK_MECHANISM_TYPE prfHashMechanism;
+} CK_TLS12_KEY_MAT_PARAMS;
+
+typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR;
+
+typedef struct CK_TLS_KDF_PARAMS {
+ CK_MECHANISM_TYPE prfMechanism;
+ CK_BYTE_PTR pLabel;
+ CK_ULONG ulLabelLength;
+ CK_SSL3_RANDOM_DATA RandomInfo;
+ CK_BYTE_PTR pContextData;
+ CK_ULONG ulContextDataLength;
+} CK_TLS_KDF_PARAMS;
+
+typedef struct CK_TLS_MAC_PARAMS {
+ CK_MECHANISM_TYPE prfMechanism;
+ CK_ULONG ulMacLength;
+ CK_ULONG ulServerOrClient;
+} CK_TLS_MAC_PARAMS;
+
+typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR;
+
+/* WTLS is new for version 2.20 */
+typedef struct CK_WTLS_RANDOM_DATA {
+ CK_BYTE_PTR pClientRandom;
+ CK_ULONG ulClientRandomLen;
+ CK_BYTE_PTR pServerRandom;
+ CK_ULONG ulServerRandomLen;
+} CK_WTLS_RANDOM_DATA;
+
+typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;
+
+typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
+ CK_MECHANISM_TYPE DigestMechanism;
+ CK_WTLS_RANDOM_DATA RandomInfo;
+ CK_BYTE_PTR pVersion;
+} CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
+
+typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR
+ CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;
+
+typedef struct CK_WTLS_PRF_PARAMS {
+ CK_MECHANISM_TYPE DigestMechanism;
+ CK_BYTE_PTR pSeed;
+ CK_ULONG ulSeedLen;
+ CK_BYTE_PTR pLabel;
+ CK_ULONG ulLabelLen;
+ CK_BYTE_PTR pOutput;
+ CK_ULONG_PTR pulOutputLen;
+} CK_WTLS_PRF_PARAMS;
+
+typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;
+
+typedef struct CK_WTLS_KEY_MAT_OUT {
+ CK_OBJECT_HANDLE hMacSecret;
+ CK_OBJECT_HANDLE hKey;
+ CK_BYTE_PTR pIV;
+} CK_WTLS_KEY_MAT_OUT;
+
+typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;
+
+typedef struct CK_WTLS_KEY_MAT_PARAMS {
+ CK_MECHANISM_TYPE DigestMechanism;
+ CK_ULONG ulMacSizeInBits;
+ CK_ULONG ulKeySizeInBits;
+ CK_ULONG ulIVSizeInBits;
+ CK_ULONG ulSequenceNumber;
+ CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */
+ CK_WTLS_RANDOM_DATA RandomInfo;
+ CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
+} CK_WTLS_KEY_MAT_PARAMS;
+
+typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;
+
+/* CMS is new for version 2.20 */
+typedef struct CK_CMS_SIG_PARAMS {
+ CK_OBJECT_HANDLE certificateHandle;
+ CK_MECHANISM_PTR pSigningMechanism;
+ CK_MECHANISM_PTR pDigestMechanism;
+ CK_UTF8CHAR_PTR pContentType;
+ CK_BYTE_PTR pRequestedAttributes;
+ CK_ULONG ulRequestedAttributesLen;
+ CK_BYTE_PTR pRequiredAttributes;
+ CK_ULONG ulRequiredAttributesLen;
+} CK_CMS_SIG_PARAMS;
+
+typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;
+
+typedef struct CK_KEY_DERIVATION_STRING_DATA {
+ CK_BYTE_PTR pData;
+ CK_ULONG ulLen;
+} CK_KEY_DERIVATION_STRING_DATA;
+
+typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR
+ CK_KEY_DERIVATION_STRING_DATA_PTR;
+
+/* The CK_EXTRACT_PARAMS is used for the
+ * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
+ * of the base key should be used as the first bit of the
+ * derived key */
+/* CK_EXTRACT_PARAMS is new for v2.0 */
+typedef CK_ULONG CK_EXTRACT_PARAMS;
+
+typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
+
+/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
+ * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
+ * indicate the Pseudo-Random Function (PRF) used to generate
+ * key bits using PKCS #5 PBKDF2. */
+typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
+
+typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
+
+/* The following PRFs are defined in PKCS #5 v2.1. */
+#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
+#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002
+#define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003
+#define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004
+#define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005
+#define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006
+#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007
+#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008
+
+/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.
+ * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
+ * source of the salt value when deriving a key using PKCS #5
+ * PBKDF2. */
+typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
+
+typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
+
+/* The following salt value sources are defined in PKCS #5 v2.0. */
+#define CKZ_SALT_SPECIFIED 0x00000001
+
+/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
+ * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
+ * parameters to the CKM_PKCS5_PBKD2 mechanism. */
+typedef struct CK_PKCS5_PBKD2_PARAMS {
+ CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
+ CK_VOID_PTR pSaltSourceData;
+ CK_ULONG ulSaltSourceDataLen;
+ CK_ULONG iterations;
+ CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
+ CK_VOID_PTR pPrfData;
+ CK_ULONG ulPrfDataLen;
+ CK_UTF8CHAR_PTR pPassword;
+ CK_ULONG_PTR ulPasswordLen;
+} CK_PKCS5_PBKD2_PARAMS;
+
+typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
+
+/* NSS Specific defines */
+
+/* defines that have been deprecated in 2.20, but maintained in our
+ * header file for backward compatibility */
+#define CKO_KG_PARAMETERS CKO_DOMAIN_PARAMETERS
+#define CKF_EC_FP CKF_EC_F_P
+/* new in v2.11 deprecated by 2.20 */
+#define CKR_KEY_PARAMS_INVALID 0x0000006B
+
+/* stuff that for historic reasons is in this header file but should have
+ * been in pkcs11n.h */
+#define CKK_INVALID_KEY_TYPE 0xffffffff
+
+#include "pkcs11n.h"
+
+/* undo packing */
+#include "pkcs11u.h"
+
+#endif
diff --git a/security/nss/lib/util/pkcs11u.h b/security/nss/lib/util/pkcs11u.h
new file mode 100644
index 000000000..be949bcd4
--- /dev/null
+++ b/security/nss/lib/util/pkcs11u.h
@@ -0,0 +1,19 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
+ * is granted provided that it is identified as "RSA Security Inc. Public-Key
+ * Cryptography Standards (PKCS)" in all material mentioning or referencing
+ * this document.
+ */
+/*
+ * reset any packing set by pkcs11p.h
+ */
+
+#if defined(_WIN32)
+#ifdef _MSC_VER
+#pragma warning(disable : 4103)
+#endif
+#pragma pack(pop, cryptoki)
+#endif
diff --git a/security/nss/lib/util/pkcs1sig.c b/security/nss/lib/util/pkcs1sig.c
new file mode 100644
index 000000000..502119aa5
--- /dev/null
+++ b/security/nss/lib/util/pkcs1sig.c
@@ -0,0 +1,169 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include "pkcs1sig.h"
+#include "hasht.h"
+#include "secerr.h"
+#include "secasn1t.h"
+#include "secoid.h"
+
+typedef struct pkcs1PrefixStr pkcs1Prefix;
+struct pkcs1PrefixStr {
+ unsigned int len;
+ PRUint8 *data;
+};
+
+typedef struct pkcs1PrefixesStr pkcs1Prefixes;
+struct pkcs1PrefixesStr {
+ unsigned int digestLen;
+ pkcs1Prefix prefixWithParams;
+ pkcs1Prefix prefixWithoutParams;
+};
+
+/* The value for SGN_PKCS1_DIGESTINFO_MAX_PREFIX_LEN_EXCLUDING_OID is based on
+ * the possible prefix encodings as explained below.
+ */
+#define MAX_PREFIX_LEN_EXCLUDING_OID 10
+
+static SECStatus
+encodePrefix(const SECOidData *hashOid, unsigned int digestLen,
+ pkcs1Prefix *prefix, PRBool withParams)
+{
+ /* with params coding is:
+ * Sequence (2 bytes) {
+ * Sequence (2 bytes) {
+ * Oid (2 bytes) {
+ * Oid value (derOid->oid.len)
+ * }
+ * NULL (2 bytes)
+ * }
+ * OCTECT (2 bytes);
+ *
+ * without params coding is:
+ * Sequence (2 bytes) {
+ * Sequence (2 bytes) {
+ * Oid (2 bytes) {
+ * Oid value (derOid->oid.len)
+ * }
+ * }
+ * OCTECT (2 bytes);
+ */
+
+ unsigned int innerSeqLen = 2 + hashOid->oid.len;
+ unsigned int outerSeqLen = 2 + innerSeqLen + 2 + digestLen;
+ unsigned int extra = 0;
+
+ if (withParams) {
+ innerSeqLen += 2;
+ outerSeqLen += 2;
+ extra = 2;
+ }
+
+ if (innerSeqLen >= 128 ||
+ outerSeqLen >= 128 ||
+ (outerSeqLen + 2 - digestLen) >
+ (MAX_PREFIX_LEN_EXCLUDING_OID + hashOid->oid.len)) {
+ /* this is actually a library failure, It shouldn't happen */
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ prefix->len = 6 + hashOid->oid.len + extra + 2;
+ prefix->data = PORT_Alloc(prefix->len);
+ if (!prefix->data) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ prefix->data[0] = SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED;
+ prefix->data[1] = outerSeqLen;
+ prefix->data[2] = SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED;
+ prefix->data[3] = innerSeqLen;
+ prefix->data[4] = SEC_ASN1_OBJECT_ID;
+ prefix->data[5] = hashOid->oid.len;
+ PORT_Memcpy(&prefix->data[6], hashOid->oid.data, hashOid->oid.len);
+ if (withParams) {
+ prefix->data[6 + hashOid->oid.len] = SEC_ASN1_NULL;
+ prefix->data[6 + hashOid->oid.len + 1] = 0;
+ }
+ prefix->data[6 + hashOid->oid.len + extra] = SEC_ASN1_OCTET_STRING;
+ prefix->data[6 + hashOid->oid.len + extra + 1] = digestLen;
+
+ return SECSuccess;
+}
+
+SECStatus
+_SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg,
+ const SECItem *digest,
+ const SECItem *dataRecoveredFromSignature,
+ PRBool unsafeAllowMissingParameters)
+{
+ SECOidData *hashOid;
+ pkcs1Prefixes pp;
+ const pkcs1Prefix *expectedPrefix;
+ SECStatus rv, rv2, rv3;
+
+ if (!digest || !digest->data ||
+ !dataRecoveredFromSignature || !dataRecoveredFromSignature->data) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ hashOid = SECOID_FindOIDByTag(digestAlg);
+ if (hashOid == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ pp.digestLen = digest->len;
+ pp.prefixWithParams.data = NULL;
+ pp.prefixWithoutParams.data = NULL;
+
+ rv2 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithParams, PR_TRUE);
+ rv3 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithoutParams, PR_FALSE);
+
+ rv = SECSuccess;
+ if (rv2 != SECSuccess || rv3 != SECSuccess) {
+ rv = SECFailure;
+ }
+
+ if (rv == SECSuccess) {
+ /* We don't attempt to avoid timing attacks on these comparisons because
+ * signature verification is a public key operation, not a private key
+ * operation.
+ */
+
+ if (dataRecoveredFromSignature->len ==
+ pp.prefixWithParams.len + pp.digestLen) {
+ expectedPrefix = &pp.prefixWithParams;
+ } else if (unsafeAllowMissingParameters &&
+ dataRecoveredFromSignature->len ==
+ pp.prefixWithoutParams.len + pp.digestLen) {
+ expectedPrefix = &pp.prefixWithoutParams;
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ }
+ }
+
+ if (rv == SECSuccess) {
+ if (memcmp(dataRecoveredFromSignature->data, expectedPrefix->data,
+ expectedPrefix->len) ||
+ memcmp(dataRecoveredFromSignature->data + expectedPrefix->len,
+ digest->data, digest->len)) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ }
+ }
+
+ if (pp.prefixWithParams.data) {
+ PORT_Free(pp.prefixWithParams.data);
+ }
+ if (pp.prefixWithoutParams.data) {
+ PORT_Free(pp.prefixWithoutParams.data);
+ }
+
+ return rv;
+}
diff --git a/security/nss/lib/util/pkcs1sig.h b/security/nss/lib/util/pkcs1sig.h
new file mode 100644
index 000000000..7c52b1575
--- /dev/null
+++ b/security/nss/lib/util/pkcs1sig.h
@@ -0,0 +1,30 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef _PKCS1SIG_H_
+#define _PKCS1SIG_H_
+
+#include "hasht.h"
+#include "seccomon.h"
+#include "secoidt.h"
+
+/* SGN_VerifyPKCS1DigestInfo verifies that the length of the digest is correct
+ * for the given algorithm, then verifies that the recovered data from the
+ * PKCS#1 signature is a properly-formatted DigestInfo that identifies the
+ * given digest algorithm, then verifies that the digest in the DigestInfo
+ * matches the given digest.
+ *
+ * dataRecoveredFromSignature must be the result of calling PK11_VerifyRecover
+ * or equivalent.
+ *
+ * If unsafeAllowMissingParameters is true (not recommended), then a DigestInfo
+ * without the mandatory ASN.1 NULL parameter will also be accepted.
+ */
+SECStatus _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg,
+ const SECItem* digest,
+ const SECItem* dataRecoveredFromSignature,
+ PRBool unsafeAllowMissingParameters);
+
+#endif /* _PKCS1SIG_H_ */
diff --git a/security/nss/lib/util/portreg.c b/security/nss/lib/util/portreg.c
new file mode 100644
index 000000000..bf77672f0
--- /dev/null
+++ b/security/nss/lib/util/portreg.c
@@ -0,0 +1,375 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * shexp.c: shell-like wildcard match routines
+ *
+ * See shexp.h for public documentation.
+ */
+
+#include "seccomon.h"
+#include "portreg.h"
+
+/* ----------------------------- shexp_valid ------------------------------ */
+
+static int
+_valid_subexp(const char *exp, char stop1, char stop2)
+{
+ register int x;
+ int nsc = 0; /* Number of special characters */
+ int np; /* Number of pipe characters in union */
+ int tld = 0; /* Number of tilde characters */
+
+ for (x = 0; exp[x] && (exp[x] != stop1) && (exp[x] != stop2); ++x) {
+ switch (exp[x]) {
+ case '~':
+ if (tld) /* at most one exclusion */
+ return INVALID_SXP;
+ if (stop1) /* no exclusions within unions */
+ return INVALID_SXP;
+ if (!exp[x + 1]) /* exclusion cannot be last character */
+ return INVALID_SXP;
+ if (!x) /* exclusion cannot be first character */
+ return INVALID_SXP;
+ ++tld;
+ /* fall through */
+ case '*':
+ case '?':
+ case '$':
+ ++nsc;
+ break;
+ case '[':
+ ++nsc;
+ if ((!exp[++x]) || (exp[x] == ']'))
+ return INVALID_SXP;
+ for (; exp[x] && (exp[x] != ']'); ++x) {
+ if (exp[x] == '\\' && !exp[++x])
+ return INVALID_SXP;
+ }
+ if (!exp[x])
+ return INVALID_SXP;
+ break;
+ case '(':
+ ++nsc;
+ if (stop1) /* no nested unions */
+ return INVALID_SXP;
+ np = -1;
+ do {
+ int t = _valid_subexp(&exp[++x], ')', '|');
+ if (t == 0 || t == INVALID_SXP)
+ return INVALID_SXP;
+ x += t;
+ if (!exp[x])
+ return INVALID_SXP;
+ ++np;
+ } while (exp[x] == '|');
+ if (np < 1) /* must be at least one pipe */
+ return INVALID_SXP;
+ break;
+ case ')':
+ case '|':
+ case ']':
+ return INVALID_SXP;
+ case '\\':
+ ++nsc;
+ if (!exp[++x])
+ return INVALID_SXP;
+ break;
+ default:
+ break;
+ }
+ }
+ if ((!stop1) && (!nsc)) /* must be at least one special character */
+ return NON_SXP;
+ return ((exp[x] == stop1 || exp[x] == stop2) ? x : INVALID_SXP);
+}
+
+int
+PORT_RegExpValid(const char *exp)
+{
+ int x;
+
+ x = _valid_subexp(exp, '\0', '\0');
+ return (x < 0 ? x : VALID_SXP);
+}
+
+/* ----------------------------- shexp_match ----------------------------- */
+
+#define MATCH 0
+#define NOMATCH 1
+#define ABORTED -1
+
+static int
+_shexp_match(const char *str, const char *exp, PRBool case_insensitive,
+ unsigned int level);
+
+/* Count characters until we reach a NUL character or either of the
+ * two delimiter characters, stop1 or stop2. If we encounter a bracketed
+ * expression, look only for NUL or ']' inside it. Do not look for stop1
+ * or stop2 inside it. Return ABORTED if bracketed expression is unterminated.
+ * Handle all escaping.
+ * Return index in input string of first stop found, or ABORTED if not found.
+ * If "dest" is non-NULL, copy counted characters to it and NUL terminate.
+ */
+static int
+_scan_and_copy(const char *exp, char stop1, char stop2, char *dest)
+{
+ register int sx; /* source index */
+ register char cc;
+
+ for (sx = 0; (cc = exp[sx]) && cc != stop1 && cc != stop2; sx++) {
+ if (cc == '\\') {
+ if (!exp[++sx])
+ return ABORTED; /* should be impossible */
+ } else if (cc == '[') {
+ while ((cc = exp[++sx]) && cc != ']') {
+ if (cc == '\\' && !exp[++sx])
+ return ABORTED;
+ }
+ if (!cc)
+ return ABORTED; /* should be impossible */
+ }
+ }
+ if (dest && sx) {
+ /* Copy all but the closing delimiter. */
+ memcpy(dest, exp, sx);
+ dest[sx] = 0;
+ }
+ return cc ? sx : ABORTED; /* index of closing delimiter */
+}
+
+/* On input, exp[0] is the opening parenthesis of a union.
+ * See if any of the alternatives in the union matches as a pattern.
+ * The strategy is to take each of the alternatives, in turn, and append
+ * the rest of the expression (after the closing ')' that marks the end of
+ * this union) to that alternative, and then see if the resultant expression
+ * matches the input string. Repeat this until some alternative matches,
+ * or we have an abort.
+ */
+static int
+_handle_union(const char *str, const char *exp, PRBool case_insensitive,
+ unsigned int level)
+{
+ register int sx; /* source index */
+ int cp; /* source index of closing parenthesis */
+ int count;
+ int ret = NOMATCH;
+ char *e2;
+
+ /* Find the closing parenthesis that ends this union in the expression */
+ cp = _scan_and_copy(exp, ')', '\0', NULL);
+ if (cp == ABORTED || cp < 4) /* must be at least "(a|b" before ')' */
+ return ABORTED;
+ ++cp; /* now index of char after closing parenthesis */
+ e2 = (char *)PORT_Alloc(1 + strlen(exp));
+ if (!e2)
+ return ABORTED;
+ for (sx = 1;; ++sx) {
+ /* Here, exp[sx] is one character past the preceding '(' or '|'. */
+ /* Copy everything up to the next delimiter to e2 */
+ count = _scan_and_copy(exp + sx, ')', '|', e2);
+ if (count == ABORTED || !count) {
+ ret = ABORTED;
+ break;
+ }
+ sx += count;
+ /* Append everything after closing parenthesis to e2. This is safe. */
+ strcpy(e2 + count, exp + cp);
+ ret = _shexp_match(str, e2, case_insensitive, level + 1);
+ if (ret != NOMATCH || !exp[sx] || exp[sx] == ')')
+ break;
+ }
+ PORT_Free(e2);
+ if (sx < 2)
+ ret = ABORTED;
+ return ret;
+}
+
+/* returns 1 if val is in range from start..end, case insensitive. */
+static int
+_is_char_in_range(int start, int end, int val)
+{
+ char map[256];
+ memset(map, 0, sizeof map);
+ while (start <= end)
+ map[tolower(start++)] = 1;
+ return map[tolower(val)];
+}
+
+static int
+_shexp_match(const char *str, const char *exp, PRBool case_insensitive,
+ unsigned int level)
+{
+ register int x; /* input string index */
+ register int y; /* expression index */
+ int ret, neg;
+
+ if (level > 20) /* Don't let the stack get too deep. */
+ return ABORTED;
+ for (x = 0, y = 0; exp[y]; ++y, ++x) {
+ if ((!str[x]) && (exp[y] != '$') && (exp[y] != '*')) {
+ return NOMATCH;
+ }
+ switch (exp[y]) {
+ case '$':
+ if (str[x])
+ return NOMATCH;
+ --x; /* we don't want loop to increment x */
+ break;
+ case '*':
+ while (exp[++y] == '*') {
+ }
+ if (!exp[y])
+ return MATCH;
+ while (str[x]) {
+ ret = _shexp_match(&str[x++], &exp[y], case_insensitive,
+ level + 1);
+ switch (ret) {
+ case NOMATCH:
+ continue;
+ case ABORTED:
+ return ABORTED;
+ default:
+ return MATCH;
+ }
+ }
+ if ((exp[y] == '$') && (exp[y + 1] == '\0') && (!str[x]))
+ return MATCH;
+ else
+ return NOMATCH;
+ case '[': {
+ int start, end = 0, i;
+ neg = ((exp[++y] == '^') && (exp[y + 1] != ']'));
+ if (neg)
+ ++y;
+ i = y;
+ start = (unsigned char)(exp[i++]);
+ if (start == '\\')
+ start = (unsigned char)(exp[i++]);
+ if (isalnum(start) && exp[i++] == '-') {
+ end = (unsigned char)(exp[i++]);
+ if (end == '\\')
+ end = (unsigned char)(exp[i++]);
+ }
+ if (isalnum(end) && exp[i] == ']') {
+ /* This is a range form: a-b */
+ int val = (unsigned char)(str[x]);
+ if (end < start) { /* swap them */
+ start ^= end;
+ end ^= start;
+ start ^= end;
+ }
+ if (case_insensitive && isalpha(val)) {
+ val = _is_char_in_range(start, end, val);
+ if (neg == val)
+ return NOMATCH;
+ } else if (neg != ((val < start) || (val > end))) {
+ return NOMATCH;
+ }
+ y = i;
+ } else {
+ /* Not range form */
+ int matched = 0;
+ for (; exp[y] != ']'; y++) {
+ if (exp[y] == '\\')
+ ++y;
+ if (case_insensitive) {
+ matched |= (toupper(str[x]) == toupper(exp[y]));
+ } else {
+ matched |= (str[x] == exp[y]);
+ }
+ }
+ if (neg == matched)
+ return NOMATCH;
+ }
+ } break;
+ case '(':
+ if (!exp[y + 1])
+ return ABORTED;
+ return _handle_union(&str[x], &exp[y], case_insensitive, level);
+ case '?':
+ break;
+ case '|':
+ case ']':
+ case ')':
+ return ABORTED;
+ case '\\':
+ ++y;
+ /* fall through */
+ default:
+ if (case_insensitive) {
+ if (toupper(str[x]) != toupper(exp[y]))
+ return NOMATCH;
+ } else {
+ if (str[x] != exp[y])
+ return NOMATCH;
+ }
+ break;
+ }
+ }
+ return (str[x] ? NOMATCH : MATCH);
+}
+
+static int
+port_RegExpMatch(const char *str, const char *xp, PRBool case_insensitive)
+{
+ char *exp = 0;
+ int x, ret = MATCH;
+
+ if (!strchr(xp, '~'))
+ return _shexp_match(str, xp, case_insensitive, 0);
+
+ exp = PORT_Strdup(xp);
+ if (!exp)
+ return NOMATCH;
+
+ x = _scan_and_copy(exp, '~', '\0', NULL);
+ if (x != ABORTED && exp[x] == '~') {
+ exp[x++] = '\0';
+ ret = _shexp_match(str, &exp[x], case_insensitive, 0);
+ switch (ret) {
+ case NOMATCH:
+ ret = MATCH;
+ break;
+ case MATCH:
+ ret = NOMATCH;
+ break;
+ default:
+ break;
+ }
+ }
+ if (ret == MATCH)
+ ret = _shexp_match(str, exp, case_insensitive, 0);
+
+ PORT_Free(exp);
+ return ret;
+}
+
+/* ------------------------------ shexp_cmp ------------------------------- */
+
+int
+PORT_RegExpSearch(const char *str, const char *exp)
+{
+ switch (PORT_RegExpValid(exp)) {
+ case INVALID_SXP:
+ return -1;
+ case NON_SXP:
+ return (strcmp(exp, str) ? 1 : 0);
+ default:
+ return port_RegExpMatch(str, exp, PR_FALSE);
+ }
+}
+
+int
+PORT_RegExpCaseSearch(const char *str, const char *exp)
+{
+ switch (PORT_RegExpValid(exp)) {
+ case INVALID_SXP:
+ return -1;
+ case NON_SXP:
+ return (PORT_Strcasecmp(exp, str) ? 1 : 0);
+ default:
+ return port_RegExpMatch(str, exp, PR_TRUE);
+ }
+}
diff --git a/security/nss/lib/util/portreg.h b/security/nss/lib/util/portreg.h
new file mode 100644
index 000000000..14bd9e766
--- /dev/null
+++ b/security/nss/lib/util/portreg.h
@@ -0,0 +1,81 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * shexp.h: Defines and prototypes for shell exp. match routines
+ *
+ * This routine will match a string with a shell expression. The expressions
+ * accepted are based loosely on the expressions accepted by zsh.
+ *
+ * o * matches anything
+ * o ? matches one character
+ * o \ will escape a special character
+ * o $ matches the end of the string
+ * Bracketed expressions:
+ * o [abc] matches one occurence of a, b, or c.
+ * o [^abc] matches any character except a, b, or c.
+ * To be matched between [ and ], these characters must be escaped: \ ]
+ * No other characters need be escaped between brackets.
+ * Unnecessary escaping is permitted.
+ * o [a-z] matches any character between a and z, inclusive.
+ * The two range-definition characters must be alphanumeric ASCII.
+ * If one is upper case and the other is lower case, then the ASCII
+ * non-alphanumeric characters between Z and a will also be in range.
+ * o [^a-z] matches any character except those between a and z, inclusive.
+ * These forms cannot be combined, e.g [a-gp-z] does not work.
+ * o Exclusions:
+ * As a top level, outter-most expression only, the expression
+ * foo~bar will match the expression foo, provided it does not also
+ * match the expression bar. Either expression or both may be a union.
+ * Except between brackets, any unescaped ~ is an exclusion.
+ * At most one exclusion is permitted.
+ * Exclusions cannot be nested (contain other exclusions).
+ * example: *~abc will match any string except abc
+ * o Unions:
+ * (foo|bar) will match either the expression foo, or the expression bar.
+ * At least one '|' separator is required. More are permitted.
+ * Expressions inside unions may not include unions or exclusions.
+ * Inside a union, to be matched and not treated as a special character,
+ * these characters must be escaped: \ ( | ) [ ~ except when they occur
+ * inside a bracketed expression, where only \ and ] require escaping.
+ *
+ * The public interface to these routines is documented below.
+ *
+ */
+
+#ifndef SHEXP_H
+#define SHEXP_H
+
+#include "utilrename.h"
+/*
+ * Requires that the macro MALLOC be set to a "safe" malloc that will
+ * exit if no memory is available.
+ */
+
+/* --------------------------- Public routines ---------------------------- */
+
+/*
+ * shexp_valid takes a shell expression exp as input. It returns:
+ *
+ * NON_SXP if exp is a standard string
+ * INVALID_SXP if exp is a shell expression, but invalid
+ * VALID_SXP if exp is a valid shell expression
+ */
+
+#define NON_SXP -1
+#define INVALID_SXP -2
+#define VALID_SXP 1
+
+SEC_BEGIN_PROTOS
+
+extern int PORT_RegExpValid(const char *exp);
+
+extern int PORT_RegExpSearch(const char *str, const char *exp);
+
+/* same as above but uses case insensitive search */
+extern int PORT_RegExpCaseSearch(const char *str, const char *exp);
+
+SEC_END_PROTOS
+
+#endif
diff --git a/security/nss/lib/util/quickder.c b/security/nss/lib/util/quickder.c
new file mode 100644
index 000000000..49ff14d55
--- /dev/null
+++ b/security/nss/lib/util/quickder.c
@@ -0,0 +1,819 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ Optimized ASN.1 DER decoder
+*/
+
+#include "secerr.h"
+#include "secasn1.h" /* for SEC_ASN1GetSubtemplate */
+#include "secitem.h"
+
+/*
+ * simple definite-length ASN.1 decoder
+ */
+
+static unsigned char*
+definite_length_decoder(const unsigned char* buf,
+ const unsigned int buf_length,
+ unsigned int* out_data_length,
+ PRBool includeTag)
+{
+ unsigned char tag;
+ unsigned int used_length = 0;
+ unsigned int data_length = 0;
+ unsigned char length_field_len = 0;
+ unsigned char byte;
+ unsigned int i;
+
+ if (used_length >= buf_length) {
+ /* Tag field was not found! */
+ return NULL;
+ }
+ tag = buf[used_length++];
+
+ if (tag == 0) {
+ /* End-of-contents octects should not be present in DER because
+ DER doesn't use the indefinite length form. */
+ return NULL;
+ }
+
+ if ((tag & 0x1F) == 0x1F) {
+ /* High tag number (a tag number > 30) is not supported */
+ return NULL;
+ }
+
+ if (used_length >= buf_length) {
+ /* Length field was not found! */
+ return NULL;
+ }
+ byte = buf[used_length++];
+
+ if (!(byte & 0x80)) {
+ /* Short form: The high bit is not set. */
+ data_length = byte; /* clarity; we're returning a 32-bit int. */
+ } else {
+ /* Long form. Extract the field length */
+ length_field_len = byte & 0x7F;
+ if (length_field_len == 0) {
+ /* DER doesn't use the indefinite length form. */
+ return NULL;
+ }
+
+ if (length_field_len > sizeof(data_length)) {
+ /* We don't support an extended length field longer than
+ 4 bytes (2^32) */
+ return NULL;
+ }
+
+ if (length_field_len > (buf_length - used_length)) {
+ /* Extended length field was not found */
+ return NULL;
+ }
+
+ /* Iterate across the extended length field */
+ for (i = 0; i < length_field_len; i++) {
+ byte = buf[used_length++];
+ data_length = (data_length << 8) | byte;
+
+ if (i == 0) {
+ PRBool too_long = PR_FALSE;
+ if (length_field_len == 1) {
+ too_long = ((byte & 0x80) == 0); /* Short form suffices */
+ } else {
+ too_long = (byte == 0); /* This zero byte can be omitted */
+ }
+ if (too_long) {
+ /* The length is longer than needed. */
+ return NULL;
+ }
+ }
+ }
+ }
+
+ if (data_length > (buf_length - used_length)) {
+ /* The decoded length exceeds the available buffer */
+ return NULL;
+ }
+
+ if (includeTag) {
+ data_length += used_length;
+ }
+
+ *out_data_length = data_length;
+ return ((unsigned char*)buf + (includeTag ? 0 : used_length));
+}
+
+static SECStatus
+GetItem(SECItem* src, SECItem* dest, PRBool includeTag)
+{
+ if ((!src) || (!dest) || (!src->data && src->len)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!src->len) {
+ /* reaching the end of the buffer is not an error */
+ dest->data = NULL;
+ dest->len = 0;
+ return SECSuccess;
+ }
+
+ dest->data = definite_length_decoder(src->data, src->len, &dest->len,
+ includeTag);
+ if (dest->data == NULL) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ return SECFailure;
+ }
+ src->len -= (int)(dest->data - src->data) + dest->len;
+ src->data = dest->data + dest->len;
+ return SECSuccess;
+}
+
+/* check if the actual component's type matches the type in the template */
+
+static SECStatus
+MatchComponentType(const SEC_ASN1Template* templateEntry,
+ SECItem* item, PRBool* match, void* dest)
+{
+ unsigned long kind = 0;
+ unsigned char tag = 0;
+
+ if ((!item) || (!item->data && item->len) || (!templateEntry) || (!match)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!item->len) {
+ *match = PR_FALSE;
+ return SECSuccess;
+ }
+
+ kind = templateEntry->kind;
+ tag = *(unsigned char*)item->data;
+
+ if (((kind & SEC_ASN1_INLINE) ||
+ (kind & SEC_ASN1_POINTER)) &&
+ (0 == (kind & SEC_ASN1_TAG_MASK))) {
+ /* These cases are special because the template's "kind" does not
+ give us the information for the ASN.1 tag of the next item. It can
+ only be figured out from the subtemplate. */
+ if (!(kind & SEC_ASN1_OPTIONAL)) {
+ /* This is a required component. If there is a type mismatch,
+ the decoding of the subtemplate will fail, so assume this
+ is a match at the parent level and let it fail later. This
+ avoids a redundant check in matching cases */
+ *match = PR_TRUE;
+ return SECSuccess;
+ } else {
+ /* optional component. This is the hard case. Now we need to
+ look at the subtemplate to get the expected kind */
+ const SEC_ASN1Template* subTemplate =
+ SEC_ASN1GetSubtemplate(templateEntry, dest, PR_FALSE);
+ if (!subTemplate) {
+ PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
+ return SECFailure;
+ }
+ if ((subTemplate->kind & SEC_ASN1_INLINE) ||
+ (subTemplate->kind & SEC_ASN1_POINTER)) {
+ /* disallow nesting SEC_ASN1_POINTER and SEC_ASN1_INLINE,
+ otherwise you may get a false positive due to the recursion
+ optimization above that always matches the type if the
+ component is required . Nesting these should never be
+ required, so that no one should miss this ability */
+ PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
+ return SECFailure;
+ }
+ return MatchComponentType(subTemplate, item, match,
+ (void*)((char*)dest + templateEntry->offset));
+ }
+ }
+
+ if (kind & SEC_ASN1_CHOICE) {
+ /* we need to check the component's tag against each choice's tag */
+ /* XXX it would be nice to save the index of the choice here so that
+ DecodeChoice wouldn't have to do this again. However, due to the
+ recursivity of MatchComponentType, we don't know if we are in a
+ required or optional component, so we can't write anywhere in
+ the destination within this function */
+ unsigned choiceIndex = 1;
+ const SEC_ASN1Template* choiceEntry;
+ while ((choiceEntry = &templateEntry[choiceIndex++]) && (choiceEntry->kind)) {
+ if ((SECSuccess == MatchComponentType(choiceEntry, item, match,
+ (void*)((char*)dest + choiceEntry->offset))) &&
+ (PR_TRUE == *match)) {
+ return SECSuccess;
+ }
+ }
+ /* no match, caller must decide if this is BAD DER, or not. */
+ *match = PR_FALSE;
+ return SECSuccess;
+ }
+
+ if (kind & SEC_ASN1_ANY) {
+ /* SEC_ASN1_ANY always matches */
+ *match = PR_TRUE;
+ return SECSuccess;
+ }
+
+ if ((0 == ((unsigned char)kind & SEC_ASN1_TAGNUM_MASK)) &&
+ (!(kind & SEC_ASN1_EXPLICIT)) &&
+ (((kind & SEC_ASN1_SAVE) ||
+ (kind & SEC_ASN1_SKIP)) &&
+ (!(kind & SEC_ASN1_OPTIONAL)))) {
+ /* when saving or skipping a required component, a type is not
+ required in the template. This is for legacy support of
+ SEC_ASN1_SAVE and SEC_ASN1_SKIP only. XXX I would like to
+ deprecate these usages and always require a type, as this
+ disables type checking, and effectively forbids us from
+ transparently ignoring optional components we aren't aware of */
+ *match = PR_TRUE;
+ return SECSuccess;
+ }
+
+ /* first, do a class check */
+ if ((tag & SEC_ASN1_CLASS_MASK) !=
+ (((unsigned char)kind) & SEC_ASN1_CLASS_MASK)) {
+ /* this is only to help debugging of the decoder in case of problems */
+ /* unsigned char tagclass = tag & SEC_ASN1_CLASS_MASK; */
+ /* unsigned char expectedclass = (unsigned char)kind & SEC_ASN1_CLASS_MASK; */
+ *match = PR_FALSE;
+ return SECSuccess;
+ }
+
+ /* now do a tag check */
+ if (((unsigned char)kind & SEC_ASN1_TAGNUM_MASK) !=
+ (tag & SEC_ASN1_TAGNUM_MASK)) {
+ *match = PR_FALSE;
+ return SECSuccess;
+ }
+
+ /* now, do a method check. This depends on the class */
+ switch (tag & SEC_ASN1_CLASS_MASK) {
+ case SEC_ASN1_UNIVERSAL:
+ /* For types of the SEC_ASN1_UNIVERSAL class, we know which must be
+ primitive or constructed based on the tag */
+ switch (tag & SEC_ASN1_TAGNUM_MASK) {
+ case SEC_ASN1_SEQUENCE:
+ case SEC_ASN1_SET:
+ case SEC_ASN1_EMBEDDED_PDV:
+ /* this component must be a constructed type */
+ /* XXX add any new universal constructed type here */
+ if (tag & SEC_ASN1_CONSTRUCTED) {
+ *match = PR_TRUE;
+ return SECSuccess;
+ }
+ break;
+
+ default:
+ /* this component must be a primitive type */
+ if (!(tag & SEC_ASN1_CONSTRUCTED)) {
+ *match = PR_TRUE;
+ return SECSuccess;
+ }
+ break;
+ }
+ break;
+
+ default:
+ /* for all other classes, we check the method based on the template */
+ if ((unsigned char)(kind & SEC_ASN1_METHOD_MASK) ==
+ (tag & SEC_ASN1_METHOD_MASK)) {
+ *match = PR_TRUE;
+ return SECSuccess;
+ }
+ /* method does not match between template and component */
+ break;
+ }
+
+ *match = PR_FALSE;
+ return SECSuccess;
+}
+
+#ifdef DEBUG
+
+static SECStatus
+CheckSequenceTemplate(const SEC_ASN1Template* sequenceTemplate)
+{
+ SECStatus rv = SECSuccess;
+ const SEC_ASN1Template* sequenceEntry = NULL;
+ unsigned long seqIndex = 0;
+ unsigned long lastEntryIndex = 0;
+ unsigned long ambiguityIndex = 0;
+ PRBool foundAmbiguity = PR_FALSE;
+
+ do {
+ sequenceEntry = &sequenceTemplate[seqIndex++];
+ if (sequenceEntry->kind) {
+ /* ensure that we don't have an optional component of SEC_ASN1_ANY
+ in the middle of the sequence, since we could not handle it */
+ /* XXX this function needs to dig into the subtemplates to find
+ the next tag */
+ if ((PR_FALSE == foundAmbiguity) &&
+ (sequenceEntry->kind & SEC_ASN1_OPTIONAL) &&
+ (sequenceEntry->kind & SEC_ASN1_ANY)) {
+ foundAmbiguity = PR_TRUE;
+ ambiguityIndex = seqIndex - 1;
+ }
+ }
+ } while (sequenceEntry->kind);
+
+ lastEntryIndex = seqIndex - 2;
+
+ if (PR_FALSE != foundAmbiguity) {
+ if (ambiguityIndex < lastEntryIndex) {
+ /* ambiguity can only be tolerated on the last entry */
+ PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
+ rv = SECFailure;
+ }
+ }
+
+ /* XXX also enforce ASN.1 requirement that tags be
+ distinct for consecutive optional components */
+
+ return rv;
+}
+
+#endif
+
+static SECStatus DecodeItem(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena, PRBool checkTag);
+
+static SECStatus
+DecodeSequence(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena)
+{
+ SECStatus rv = SECSuccess;
+ SECItem source;
+ SECItem sequence;
+ const SEC_ASN1Template* sequenceTemplate = &(templateEntry[1]);
+ const SEC_ASN1Template* sequenceEntry = NULL;
+ unsigned long seqindex = 0;
+
+#ifdef DEBUG
+ /* for a sequence, we need to validate the template. */
+ rv = CheckSequenceTemplate(sequenceTemplate);
+#endif
+
+ source = *src;
+
+ /* get the sequence */
+ if (SECSuccess == rv) {
+ rv = GetItem(&source, &sequence, PR_FALSE);
+ }
+
+ /* process it */
+ if (SECSuccess == rv)
+ do {
+ sequenceEntry = &sequenceTemplate[seqindex++];
+ if ((sequenceEntry && sequenceEntry->kind) &&
+ (sequenceEntry->kind != SEC_ASN1_SKIP_REST)) {
+ rv = DecodeItem(dest, sequenceEntry, &sequence, arena, PR_TRUE);
+ }
+ } while ((SECSuccess == rv) &&
+ (sequenceEntry->kind &&
+ sequenceEntry->kind != SEC_ASN1_SKIP_REST));
+ /* we should have consumed all the bytes in the sequence by now
+ unless the caller doesn't care about the rest of the sequence */
+ if (SECSuccess == rv && sequence.len &&
+ sequenceEntry && sequenceEntry->kind != SEC_ASN1_SKIP_REST) {
+ /* it isn't 100% clear whether this is a bad DER or a bad template.
+ The problem is that logically, they don't match - there is extra
+ data in the DER that the template doesn't know about */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ }
+
+ return rv;
+}
+
+static SECStatus
+DecodeInline(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena, PRBool checkTag)
+{
+ const SEC_ASN1Template* inlineTemplate =
+ SEC_ASN1GetSubtemplate(templateEntry, dest, PR_FALSE);
+ return DecodeItem((void*)((char*)dest + templateEntry->offset),
+ inlineTemplate, src, arena, checkTag);
+}
+
+static SECStatus
+DecodePointer(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena, PRBool checkTag)
+{
+ const SEC_ASN1Template* ptrTemplate =
+ SEC_ASN1GetSubtemplate(templateEntry, dest, PR_FALSE);
+ void* subdata = PORT_ArenaZAlloc(arena, ptrTemplate->size);
+ *(void**)((char*)dest + templateEntry->offset) = subdata;
+ if (subdata) {
+ return DecodeItem(subdata, ptrTemplate, src, arena, checkTag);
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+}
+
+static SECStatus
+DecodeImplicit(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena)
+{
+ if (templateEntry->kind & SEC_ASN1_POINTER) {
+ return DecodePointer((void*)((char*)dest),
+ templateEntry, src, arena, PR_FALSE);
+ } else {
+ return DecodeInline((void*)((char*)dest),
+ templateEntry, src, arena, PR_FALSE);
+ }
+}
+
+static SECStatus
+DecodeChoice(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena)
+{
+ SECStatus rv = SECSuccess;
+ SECItem choice;
+ const SEC_ASN1Template* choiceTemplate = &(templateEntry[1]);
+ const SEC_ASN1Template* choiceEntry = NULL;
+ unsigned long choiceindex = 0;
+
+ /* XXX for a choice component, we should validate the template to make
+ sure the tags are distinct, in debug builds. This hasn't been
+ implemented yet */
+ /* rv = CheckChoiceTemplate(sequenceTemplate); */
+
+ /* process it */
+ do {
+ choice = *src;
+ choiceEntry = &choiceTemplate[choiceindex++];
+ if (choiceEntry->kind) {
+ rv = DecodeItem(dest, choiceEntry, &choice, arena, PR_TRUE);
+ }
+ } while ((SECFailure == rv) && (choiceEntry->kind));
+
+ if (SECFailure == rv) {
+ /* the component didn't match any of the choices */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ } else {
+ /* set the type in the union here */
+ int* which = (int*)((char*)dest + templateEntry->offset);
+ *which = (int)choiceEntry->size;
+ }
+
+ /* we should have consumed all the bytes by now */
+ /* fail if we have not */
+ if (SECSuccess == rv && choice.len) {
+ /* there is extra data that isn't listed in the template */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ }
+ return rv;
+}
+
+static SECStatus
+DecodeGroup(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena)
+{
+ SECStatus rv = SECSuccess;
+ SECItem source;
+ SECItem group;
+ PRUint32 totalEntries = 0;
+ PRUint32 entryIndex = 0;
+ void** entries = NULL;
+
+ const SEC_ASN1Template* subTemplate =
+ SEC_ASN1GetSubtemplate(templateEntry, dest, PR_FALSE);
+
+ source = *src;
+
+ /* get the group */
+ if (SECSuccess == rv) {
+ rv = GetItem(&source, &group, PR_FALSE);
+ }
+
+ /* XXX we should check the subtemplate in debug builds */
+ if (SECSuccess == rv) {
+ /* first, count the number of entries. Benchmarking showed that this
+ counting pass is more efficient than trying to allocate entries as
+ we read the DER, even if allocating many entries at a time
+ */
+ SECItem counter = group;
+ do {
+ SECItem anitem;
+ rv = GetItem(&counter, &anitem, PR_TRUE);
+ if (SECSuccess == rv && (anitem.len)) {
+ totalEntries++;
+ }
+ } while ((SECSuccess == rv) && (counter.len));
+
+ if (SECSuccess == rv) {
+ /* allocate room for pointer array and entries */
+ /* we want to allocate the array even if there is 0 entry */
+ entries = (void**)PORT_ArenaZAlloc(arena, sizeof(void*) *
+ (totalEntries + 1) + /* the extra one is for NULL termination */
+ subTemplate->size * totalEntries);
+
+ if (entries) {
+ entries[totalEntries] = NULL; /* terminate the array */
+ } else {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ rv = SECFailure;
+ }
+ if (SECSuccess == rv) {
+ void* entriesData = (unsigned char*)entries + (unsigned long)(sizeof(void*) * (totalEntries + 1));
+ /* and fix the pointers in the array */
+ PRUint32 entriesIndex = 0;
+ for (entriesIndex = 0; entriesIndex < totalEntries; entriesIndex++) {
+ entries[entriesIndex] =
+ (char*)entriesData + (subTemplate->size * entriesIndex);
+ }
+ }
+ }
+ }
+
+ if (SECSuccess == rv && totalEntries)
+ do {
+ if (!(entryIndex < totalEntries)) {
+ rv = SECFailure;
+ break;
+ }
+ rv = DecodeItem(entries[entryIndex++], subTemplate, &group, arena, PR_TRUE);
+ } while ((SECSuccess == rv) && (group.len));
+ /* we should be at the end of the set by now */
+ /* save the entries where requested */
+ memcpy(((char*)dest + templateEntry->offset), &entries, sizeof(void**));
+
+ return rv;
+}
+
+static SECStatus
+DecodeExplicit(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena)
+{
+ SECStatus rv = SECSuccess;
+ SECItem subItem;
+ SECItem constructed = *src;
+
+ rv = GetItem(&constructed, &subItem, PR_FALSE);
+
+ if (SECSuccess == rv) {
+ if (templateEntry->kind & SEC_ASN1_POINTER) {
+ rv = DecodePointer(dest, templateEntry, &subItem, arena, PR_TRUE);
+ } else {
+ rv = DecodeInline(dest, templateEntry, &subItem, arena, PR_TRUE);
+ }
+ }
+
+ return rv;
+}
+
+/* new decoder implementation. This is a recursive function */
+
+static SECStatus
+DecodeItem(void* dest,
+ const SEC_ASN1Template* templateEntry,
+ SECItem* src, PLArenaPool* arena, PRBool checkTag)
+{
+ SECStatus rv = SECSuccess;
+ SECItem temp;
+ SECItem mark = { siBuffer, NULL, 0 };
+ PRBool pop = PR_FALSE;
+ PRBool decode = PR_TRUE;
+ PRBool save = PR_FALSE;
+ unsigned long kind;
+ PRBool match = PR_TRUE;
+
+ PR_ASSERT(src && dest && templateEntry && arena);
+#if 0
+ if (!src || !dest || !templateEntry || !arena)
+ {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+#endif
+
+ if (SECSuccess == rv) {
+ /* do the template validation */
+ kind = templateEntry->kind;
+ if (!kind) {
+ PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
+ rv = SECFailure;
+ }
+ }
+
+ if (SECSuccess == rv) {
+#ifdef DEBUG
+ if (kind & SEC_ASN1_DEBUG_BREAK) {
+ /* when debugging the decoder or a template that fails to
+ decode, put SEC_ASN1_DEBUG in the component that gives you
+ trouble. The decoder will then get to this block and assert.
+ If you want to debug the rest of the code, you can set a
+ breakpoint and set dontassert to PR_TRUE, which will let
+ you skip over the assert and continue the debugging session
+ past it. */
+ PRBool dontassert = PR_FALSE;
+ PR_ASSERT(dontassert); /* set bkpoint here & set dontassert*/
+ }
+#endif
+
+ if ((kind & SEC_ASN1_SKIP) ||
+ (kind & SEC_ASN1_SAVE)) {
+ /* if skipping or saving this component, don't decode it */
+ decode = PR_FALSE;
+ }
+
+ if (kind & (SEC_ASN1_SAVE | SEC_ASN1_OPTIONAL)) {
+ /* if saving this component, or if it is optional, we may not want to
+ move past it, so save the position in case we have to rewind */
+ mark = *src;
+ if (kind & SEC_ASN1_SAVE) {
+ save = PR_TRUE;
+ if (0 == (kind & SEC_ASN1_SKIP)) {
+ /* we will for sure have to rewind when saving this
+ component and not skipping it. This is true for all
+ legacy uses of SEC_ASN1_SAVE where the following entry
+ in the template would causes the same component to be
+ processed again */
+ pop = PR_TRUE;
+ }
+ }
+ }
+
+ rv = GetItem(src, &temp, PR_TRUE);
+ }
+
+ if (SECSuccess == rv) {
+ /* now check if the component matches what we expect in the template */
+
+ if (PR_TRUE == checkTag)
+
+ {
+ rv = MatchComponentType(templateEntry, &temp, &match, dest);
+ }
+
+ if ((SECSuccess == rv) && (PR_TRUE != match)) {
+ if (kind & SEC_ASN1_OPTIONAL) {
+
+ /* the optional component is missing. This is not fatal. */
+ /* Rewind, don't decode, and don't save */
+ pop = PR_TRUE;
+ decode = PR_FALSE;
+ save = PR_FALSE;
+ } else {
+ /* a required component is missing. abort */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ }
+ }
+ }
+
+ if ((SECSuccess == rv) && (PR_TRUE == decode)) {
+ /* the order of processing here is is the tricky part */
+ /* we start with our special cases */
+ /* first, check the component class */
+ if (kind & SEC_ASN1_INLINE) {
+ /* decode inline template */
+ rv = DecodeInline(dest, templateEntry, &temp, arena, PR_TRUE);
+ }
+
+ else if (kind & SEC_ASN1_EXPLICIT) {
+ rv = DecodeExplicit(dest, templateEntry, &temp, arena);
+ } else if ((SEC_ASN1_UNIVERSAL != (kind & SEC_ASN1_CLASS_MASK)) &&
+
+ (!(kind & SEC_ASN1_EXPLICIT))) {
+
+ /* decode implicitly tagged components */
+ rv = DecodeImplicit(dest, templateEntry, &temp, arena);
+ } else if (kind & SEC_ASN1_POINTER) {
+ rv = DecodePointer(dest, templateEntry, &temp, arena, PR_TRUE);
+ } else if (kind & SEC_ASN1_CHOICE) {
+ rv = DecodeChoice(dest, templateEntry, &temp, arena);
+ } else if (kind & SEC_ASN1_ANY) {
+ /* catch-all ANY type, don't decode */
+ save = PR_TRUE;
+ if (kind & SEC_ASN1_INNER) {
+ /* skip the tag and length */
+ SECItem newtemp = temp;
+ rv = GetItem(&newtemp, &temp, PR_FALSE);
+ }
+ } else if (kind & SEC_ASN1_GROUP) {
+ if ((SEC_ASN1_SEQUENCE == (kind & SEC_ASN1_TAGNUM_MASK)) ||
+ (SEC_ASN1_SET == (kind & SEC_ASN1_TAGNUM_MASK))) {
+ rv = DecodeGroup(dest, templateEntry, &temp, arena);
+ } else {
+ /* a group can only be a SET OF or SEQUENCE OF */
+ PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
+ rv = SECFailure;
+ }
+ } else if (SEC_ASN1_SEQUENCE == (kind & SEC_ASN1_TAGNUM_MASK)) {
+ /* plain SEQUENCE */
+ rv = DecodeSequence(dest, templateEntry, &temp, arena);
+ } else {
+ /* handle all other types as "save" */
+ /* we should only get here for primitive universal types */
+ SECItem newtemp = temp;
+ rv = GetItem(&newtemp, &temp, PR_FALSE);
+ save = PR_TRUE;
+ if ((SECSuccess == rv) &&
+ SEC_ASN1_UNIVERSAL == (kind & SEC_ASN1_CLASS_MASK)) {
+ unsigned long tagnum = kind & SEC_ASN1_TAGNUM_MASK;
+ if (temp.len == 0 && (tagnum == SEC_ASN1_BOOLEAN ||
+ tagnum == SEC_ASN1_INTEGER ||
+ tagnum == SEC_ASN1_BIT_STRING ||
+ tagnum == SEC_ASN1_OBJECT_ID ||
+ tagnum == SEC_ASN1_ENUMERATED ||
+ tagnum == SEC_ASN1_UTC_TIME ||
+ tagnum == SEC_ASN1_GENERALIZED_TIME)) {
+ /* these types MUST have at least one content octet */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ } else
+ switch (tagnum) {
+ /* special cases of primitive types */
+ case SEC_ASN1_INTEGER: {
+ /* remove leading zeroes if the caller requested
+ siUnsignedInteger
+ This is to allow RSA key operations to work */
+ SECItem* destItem = (SECItem*)((char*)dest +
+ templateEntry->offset);
+ if (destItem && (siUnsignedInteger == destItem->type)) {
+ while (temp.len > 1 && temp.data[0] == 0) { /* leading 0 */
+ temp.data++;
+ temp.len--;
+ }
+ }
+ break;
+ }
+
+ case SEC_ASN1_BIT_STRING: {
+ /* change the length in the SECItem to be the number
+ of bits */
+ temp.len = (temp.len - 1) * 8 - (temp.data[0] & 0x7);
+ temp.data++;
+ break;
+ }
+
+ default: {
+ break;
+ }
+ }
+ }
+ }
+ }
+
+ if ((SECSuccess == rv) && (PR_TRUE == save)) {
+ SECItem* destItem = (SECItem*)((char*)dest + templateEntry->offset);
+ if (destItem) {
+ /* we leave the type alone in the destination SECItem.
+ If part of the destination was allocated by the decoder, in
+ cases of POINTER, SET OF and SEQUENCE OF, then type is set to
+ siBuffer due to the use of PORT_ArenaZAlloc*/
+ destItem->data = temp.len ? temp.data : NULL;
+ destItem->len = temp.len;
+ } else {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+ }
+
+ if (PR_TRUE == pop) {
+ /* we don't want to move ahead, so restore the position */
+ *src = mark;
+ }
+ return rv;
+}
+
+/* the function below is the public one */
+
+SECStatus
+SEC_QuickDERDecodeItem(PLArenaPool* arena, void* dest,
+ const SEC_ASN1Template* templateEntry,
+ const SECItem* src)
+{
+ SECStatus rv = SECSuccess;
+ SECItem newsrc;
+
+ if (!arena || !templateEntry || !src) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ rv = SECFailure;
+ }
+
+ if (SECSuccess == rv) {
+ newsrc = *src;
+ rv = DecodeItem(dest, templateEntry, &newsrc, arena, PR_TRUE);
+ if (SECSuccess == rv && newsrc.len) {
+ rv = SECFailure;
+ PORT_SetError(SEC_ERROR_EXTRA_INPUT);
+ }
+ }
+
+ return rv;
+}
diff --git a/security/nss/lib/util/secalgid.c b/security/nss/lib/util/secalgid.c
new file mode 100644
index 000000000..718bb03ea
--- /dev/null
+++ b/security/nss/lib/util/secalgid.c
@@ -0,0 +1,129 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secoid.h"
+#include "secder.h" /* XXX remove this when remove the DERTemplate */
+#include "secasn1.h"
+#include "secitem.h"
+#include "secerr.h"
+
+SECOidTag
+SECOID_GetAlgorithmTag(const SECAlgorithmID *id)
+{
+ if (id == NULL || id->algorithm.data == NULL)
+ return SEC_OID_UNKNOWN;
+
+ return SECOID_FindOIDTag(&(id->algorithm));
+}
+
+SECStatus
+SECOID_SetAlgorithmID(PLArenaPool *arena, SECAlgorithmID *id, SECOidTag which,
+ SECItem *params)
+{
+ SECOidData *oiddata;
+ PRBool add_null_param;
+
+ oiddata = SECOID_FindOIDByTag(which);
+ if (!oiddata) {
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return SECFailure;
+ }
+
+ if (SECITEM_CopyItem(arena, &id->algorithm, &oiddata->oid))
+ return SECFailure;
+
+ switch (which) {
+ case SEC_OID_MD2:
+ case SEC_OID_MD4:
+ case SEC_OID_MD5:
+ case SEC_OID_SHA1:
+ case SEC_OID_SHA224:
+ case SEC_OID_SHA256:
+ case SEC_OID_SHA384:
+ case SEC_OID_SHA512:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+ add_null_param = PR_TRUE;
+ break;
+ default:
+ add_null_param = PR_FALSE;
+ break;
+ }
+
+ if (params) {
+ /*
+ * I am specifically *not* enforcing the following assertion
+ * (by following it up with an error and a return of failure)
+ * because I do not want to introduce any change in the current
+ * behavior. But I do want for us to notice if the following is
+ * ever true, because I do not think it should be so and probably
+ * signifies an error/bug somewhere.
+ */
+ PORT_Assert(!add_null_param || (params->len == 2 && params->data[0] == SEC_ASN1_NULL && params->data[1] == 0));
+ if (SECITEM_CopyItem(arena, &id->parameters, params)) {
+ return SECFailure;
+ }
+ } else {
+ /*
+ * Again, this is not considered an error. But if we assume
+ * that nobody tries to set the parameters field themselves
+ * (but always uses this routine to do that), then we should
+ * not hit the following assertion. Unless they forgot to zero
+ * the structure, which could also be a bad (and wrong) thing.
+ */
+ PORT_Assert(id->parameters.data == NULL);
+
+ if (add_null_param) {
+ (void)SECITEM_AllocItem(arena, &id->parameters, 2);
+ if (id->parameters.data == NULL) {
+ return SECFailure;
+ }
+ id->parameters.data[0] = SEC_ASN1_NULL;
+ id->parameters.data[1] = 0;
+ }
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SECOID_CopyAlgorithmID(PLArenaPool *arena, SECAlgorithmID *to,
+ const SECAlgorithmID *from)
+{
+ SECStatus rv;
+
+ rv = SECITEM_CopyItem(arena, &to->algorithm, &from->algorithm);
+ if (rv)
+ return rv;
+ rv = SECITEM_CopyItem(arena, &to->parameters, &from->parameters);
+ return rv;
+}
+
+void
+SECOID_DestroyAlgorithmID(SECAlgorithmID *algid, PRBool freeit)
+{
+ SECITEM_FreeItem(&algid->parameters, PR_FALSE);
+ SECITEM_FreeItem(&algid->algorithm, PR_FALSE);
+ if (freeit == PR_TRUE)
+ PORT_Free(algid);
+}
+
+SECComparison
+SECOID_CompareAlgorithmID(SECAlgorithmID *a, SECAlgorithmID *b)
+{
+ SECComparison rv;
+
+ rv = SECITEM_CompareItem(&a->algorithm, &b->algorithm);
+ if (rv)
+ return rv;
+ rv = SECITEM_CompareItem(&a->parameters, &b->parameters);
+ return rv;
+}
diff --git a/security/nss/lib/util/secasn1.h b/security/nss/lib/util/secasn1.h
new file mode 100644
index 000000000..b6292cd3b
--- /dev/null
+++ b/security/nss/lib/util/secasn1.h
@@ -0,0 +1,291 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
+ * Encoding Rules). The routines are found in and used extensively by the
+ * security library, but exported for other use.
+ */
+
+#ifndef _SECASN1_H_
+#define _SECASN1_H_
+
+#include "utilrename.h"
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secasn1t.h"
+
+/************************************************************************/
+SEC_BEGIN_PROTOS
+
+/*
+ * XXX These function prototypes need full, explanatory comments.
+ */
+
+/*
+** Decoding.
+*/
+
+extern SEC_ASN1DecoderContext *SEC_ASN1DecoderStart(PLArenaPool *pool,
+ void *dest,
+ const SEC_ASN1Template *t);
+
+/* XXX char or unsigned char? */
+extern SECStatus SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
+ const char *buf,
+ unsigned long len);
+
+extern SECStatus SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx);
+
+/* Higher level code detected an error, abort the rest of the processing */
+extern void SEC_ASN1DecoderAbort(SEC_ASN1DecoderContext *cx, int error);
+
+extern void SEC_ASN1DecoderSetFilterProc(SEC_ASN1DecoderContext *cx,
+ SEC_ASN1WriteProc fn,
+ void *arg, PRBool no_store);
+
+extern void SEC_ASN1DecoderClearFilterProc(SEC_ASN1DecoderContext *cx);
+
+extern void SEC_ASN1DecoderSetNotifyProc(SEC_ASN1DecoderContext *cx,
+ SEC_ASN1NotifyProc fn,
+ void *arg);
+
+extern void SEC_ASN1DecoderClearNotifyProc(SEC_ASN1DecoderContext *cx);
+
+extern SECStatus SEC_ASN1Decode(PLArenaPool *pool, void *dest,
+ const SEC_ASN1Template *t,
+ const char *buf, long len);
+
+/* Both classic ASN.1 and QuickDER have a feature that removes leading zeroes
+ out of SEC_ASN1_INTEGER if the caller sets siUnsignedInteger in the type
+ field of the target SECItem prior to calling the decoder. Otherwise, the
+ type field is ignored and untouched. For SECItem that are dynamically
+ allocated (from POINTER, SET OF, SEQUENCE OF) the decoder sets the type
+ field to siBuffer. */
+
+extern SECStatus SEC_ASN1DecodeItem(PLArenaPool *pool, void *dest,
+ const SEC_ASN1Template *t,
+ const SECItem *src);
+
+extern SECStatus SEC_QuickDERDecodeItem(PLArenaPool *arena, void *dest,
+ const SEC_ASN1Template *templateEntry,
+ const SECItem *src);
+
+/*
+** Encoding.
+*/
+
+extern SEC_ASN1EncoderContext *SEC_ASN1EncoderStart(const void *src,
+ const SEC_ASN1Template *t,
+ SEC_ASN1WriteProc fn,
+ void *output_arg);
+
+/* XXX char or unsigned char? */
+extern SECStatus SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
+ const char *buf,
+ unsigned long len);
+
+extern void SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx);
+
+/* Higher level code detected an error, abort the rest of the processing */
+extern void SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error);
+
+extern void SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
+ SEC_ASN1NotifyProc fn,
+ void *arg);
+
+extern void SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx);
+
+extern void SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx);
+
+extern void SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx);
+
+extern void sec_ASN1EncoderSetDER(SEC_ASN1EncoderContext *cx);
+
+extern void sec_ASN1EncoderClearDER(SEC_ASN1EncoderContext *cx);
+
+extern void SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx);
+
+extern void SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx);
+
+extern SECStatus SEC_ASN1Encode(const void *src, const SEC_ASN1Template *t,
+ SEC_ASN1WriteProc output_proc,
+ void *output_arg);
+
+/*
+ * If both pool and dest are NULL, the caller should free the returned SECItem
+ * with a SECITEM_FreeItem(..., PR_TRUE) call. If pool is NULL but dest is
+ * not NULL, the caller should free the data buffer pointed to by dest with a
+ * SECITEM_FreeItem(dest, PR_FALSE) or PORT_Free(dest->data) call.
+ */
+extern SECItem *SEC_ASN1EncodeItem(PLArenaPool *pool, SECItem *dest,
+ const void *src, const SEC_ASN1Template *t);
+
+extern SECItem *SEC_ASN1EncodeInteger(PLArenaPool *pool,
+ SECItem *dest, long value);
+
+extern SECItem *SEC_ASN1EncodeUnsignedInteger(PLArenaPool *pool,
+ SECItem *dest,
+ unsigned long value);
+
+extern SECStatus SEC_ASN1DecodeInteger(SECItem *src,
+ unsigned long *value);
+
+/*
+** Utilities.
+*/
+
+/*
+ * We have a length that needs to be encoded; how many bytes will the
+ * encoding take?
+ */
+extern int SEC_ASN1LengthLength(unsigned long len);
+
+/* encode the length and return the number of bytes we encoded. Buffer
+ * must be pre allocated */
+extern int SEC_ASN1EncodeLength(unsigned char *buf, int value);
+
+/*
+ * Find the appropriate subtemplate for the given template.
+ * This may involve calling a "chooser" function, or it may just
+ * be right there. In either case, it is expected to *have* a
+ * subtemplate; this is asserted in debug builds (in non-debug
+ * builds, NULL will be returned).
+ *
+ * "thing" is a pointer to the structure being encoded/decoded
+ * "encoding", when true, means that we are in the process of encoding
+ * (as opposed to in the process of decoding)
+ */
+extern const SEC_ASN1Template *
+SEC_ASN1GetSubtemplate(const SEC_ASN1Template *inTemplate, void *thing,
+ PRBool encoding);
+
+/* whether the template is for a primitive type or a choice of
+ * primitive types
+ */
+extern PRBool SEC_ASN1IsTemplateSimple(const SEC_ASN1Template *theTemplate);
+
+/************************************************************************/
+
+/*
+ * Generic Templates
+ * One for each of the simple types, plus a special one for ANY, plus:
+ * - a pointer to each one of those
+ * - a set of each one of those
+ * - a sequence of each one of those
+ *
+ * Note that these are alphabetical (case insensitive); please add new
+ * ones in the appropriate place.
+ */
+
+extern const SEC_ASN1Template SEC_AnyTemplate[];
+extern const SEC_ASN1Template SEC_BitStringTemplate[];
+extern const SEC_ASN1Template SEC_BMPStringTemplate[];
+extern const SEC_ASN1Template SEC_BooleanTemplate[];
+extern const SEC_ASN1Template SEC_EnumeratedTemplate[];
+extern const SEC_ASN1Template SEC_GeneralizedTimeTemplate[];
+extern const SEC_ASN1Template SEC_IA5StringTemplate[];
+extern const SEC_ASN1Template SEC_IntegerTemplate[];
+extern const SEC_ASN1Template SEC_NullTemplate[];
+extern const SEC_ASN1Template SEC_ObjectIDTemplate[];
+extern const SEC_ASN1Template SEC_OctetStringTemplate[];
+extern const SEC_ASN1Template SEC_PrintableStringTemplate[];
+extern const SEC_ASN1Template SEC_T61StringTemplate[];
+extern const SEC_ASN1Template SEC_UniversalStringTemplate[];
+extern const SEC_ASN1Template SEC_UTCTimeTemplate[];
+extern const SEC_ASN1Template SEC_UTF8StringTemplate[];
+extern const SEC_ASN1Template SEC_VisibleStringTemplate[];
+
+extern const SEC_ASN1Template SEC_PointerToAnyTemplate[];
+extern const SEC_ASN1Template SEC_PointerToBitStringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToBMPStringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToBooleanTemplate[];
+extern const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[];
+extern const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[];
+extern const SEC_ASN1Template SEC_PointerToIA5StringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToIntegerTemplate[];
+extern const SEC_ASN1Template SEC_PointerToNullTemplate[];
+extern const SEC_ASN1Template SEC_PointerToObjectIDTemplate[];
+extern const SEC_ASN1Template SEC_PointerToOctetStringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToT61StringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[];
+extern const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[];
+extern const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[];
+
+extern const SEC_ASN1Template SEC_SequenceOfAnyTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfNullTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[];
+extern const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[];
+
+extern const SEC_ASN1Template SEC_SetOfAnyTemplate[];
+extern const SEC_ASN1Template SEC_SetOfBitStringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfBMPStringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfBooleanTemplate[];
+extern const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[];
+extern const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[];
+extern const SEC_ASN1Template SEC_SetOfIA5StringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfIntegerTemplate[];
+extern const SEC_ASN1Template SEC_SetOfNullTemplate[];
+extern const SEC_ASN1Template SEC_SetOfObjectIDTemplate[];
+extern const SEC_ASN1Template SEC_SetOfOctetStringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfT61StringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[];
+extern const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[];
+extern const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[];
+
+/*
+ * Template for skipping a subitem; this only makes sense when decoding.
+ */
+extern const SEC_ASN1Template SEC_SkipTemplate[];
+
+/* These functions simply return the address of the above-declared templates.
+** This is necessary for Windows DLLs. Sigh.
+*/
+SEC_ASN1_CHOOSER_DECLARE(SEC_AnyTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_BMPStringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_BooleanTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_BitStringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_GeneralizedTimeTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_IA5StringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_IntegerTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_NullTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_ObjectIDTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_OctetStringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_UTCTimeTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_UTF8StringTemplate)
+
+SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToAnyTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToOctetStringTemplate)
+
+SEC_ASN1_CHOOSER_DECLARE(SEC_SetOfAnyTemplate)
+
+SEC_ASN1_CHOOSER_DECLARE(SEC_EnumeratedTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToEnumeratedTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_SequenceOfAnyTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_SequenceOfObjectIDTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_SkipTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_UniversalStringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_PrintableStringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_T61StringTemplate)
+SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToGeneralizedTimeTemplate)
+SEC_END_PROTOS
+#endif /* _SECASN1_H_ */
diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c
new file mode 100644
index 000000000..797640dc4
--- /dev/null
+++ b/security/nss/lib/util/secasn1d.c
@@ -0,0 +1,3373 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support for DEcoding ASN.1 data based on BER/DER (Basic/Distinguished
+ * Encoding Rules).
+ */
+
+/* #define DEBUG_ASN1D_STATES 1 */
+
+#ifdef DEBUG_ASN1D_STATES
+#include <stdio.h>
+#define PR_Assert sec_asn1d_Assert
+#endif
+
+#include <limits.h>
+
+#include "secasn1.h"
+#include "secerr.h"
+
+typedef enum {
+ beforeIdentifier,
+ duringIdentifier,
+ afterIdentifier,
+ beforeLength,
+ duringLength,
+ afterLength,
+ beforeBitString,
+ duringBitString,
+ duringConstructedString,
+ duringGroup,
+ duringLeaf,
+ duringSaveEncoding,
+ duringSequence,
+ afterConstructedString,
+ afterGroup,
+ afterExplicit,
+ afterImplicit,
+ afterInline,
+ afterPointer,
+ afterSaveEncoding,
+ beforeEndOfContents,
+ duringEndOfContents,
+ afterEndOfContents,
+ beforeChoice,
+ duringChoice,
+ afterChoice,
+ notInUse
+} sec_asn1d_parse_place;
+
+#ifdef DEBUG_ASN1D_STATES
+static const char *const place_names[] = {
+ "beforeIdentifier",
+ "duringIdentifier",
+ "afterIdentifier",
+ "beforeLength",
+ "duringLength",
+ "afterLength",
+ "beforeBitString",
+ "duringBitString",
+ "duringConstructedString",
+ "duringGroup",
+ "duringLeaf",
+ "duringSaveEncoding",
+ "duringSequence",
+ "afterConstructedString",
+ "afterGroup",
+ "afterExplicit",
+ "afterImplicit",
+ "afterInline",
+ "afterPointer",
+ "afterSaveEncoding",
+ "beforeEndOfContents",
+ "duringEndOfContents",
+ "afterEndOfContents",
+ "beforeChoice",
+ "duringChoice",
+ "afterChoice",
+ "notInUse"
+};
+
+static const char *const class_names[] = {
+ "UNIVERSAL",
+ "APPLICATION",
+ "CONTEXT_SPECIFIC",
+ "PRIVATE"
+};
+
+static const char *const method_names[] = { "PRIMITIVE", "CONSTRUCTED" };
+
+static const char *const type_names[] = {
+ "END_OF_CONTENTS",
+ "BOOLEAN",
+ "INTEGER",
+ "BIT_STRING",
+ "OCTET_STRING",
+ "NULL",
+ "OBJECT_ID",
+ "OBJECT_DESCRIPTOR",
+ "(type 08)",
+ "REAL",
+ "ENUMERATED",
+ "EMBEDDED",
+ "UTF8_STRING",
+ "(type 0d)",
+ "(type 0e)",
+ "(type 0f)",
+ "SEQUENCE",
+ "SET",
+ "NUMERIC_STRING",
+ "PRINTABLE_STRING",
+ "T61_STRING",
+ "VIDEOTEXT_STRING",
+ "IA5_STRING",
+ "UTC_TIME",
+ "GENERALIZED_TIME",
+ "GRAPHIC_STRING",
+ "VISIBLE_STRING",
+ "GENERAL_STRING",
+ "UNIVERSAL_STRING",
+ "(type 1d)",
+ "BMP_STRING",
+ "HIGH_TAG_VALUE"
+};
+
+static const char *const flag_names[] = {
+ /* flags, right to left */
+ "OPTIONAL",
+ "EXPLICIT",
+ "ANY",
+ "INLINE",
+ "POINTER",
+ "GROUP",
+ "DYNAMIC",
+ "SKIP",
+ "INNER",
+ "SAVE",
+ "", /* decoder ignores "MAY_STREAM", */
+ "SKIP_REST",
+ "CHOICE",
+ "NO_STREAM",
+ "DEBUG_BREAK",
+ "unknown 08",
+ "unknown 10",
+ "unknown 20",
+ "unknown 40",
+ "unknown 80"
+};
+
+static int /* bool */
+ formatKind(unsigned long kind, char *buf)
+{
+ int i;
+ unsigned long k = kind & SEC_ASN1_TAGNUM_MASK;
+ unsigned long notag = kind & (SEC_ASN1_CHOICE | SEC_ASN1_POINTER |
+ SEC_ASN1_INLINE | SEC_ASN1_ANY | SEC_ASN1_SAVE);
+
+ buf[0] = 0;
+ if ((kind & SEC_ASN1_CLASS_MASK) != SEC_ASN1_UNIVERSAL) {
+ sprintf(buf, " %s", class_names[(kind & SEC_ASN1_CLASS_MASK) >> 6]);
+ buf += strlen(buf);
+ }
+ if (kind & SEC_ASN1_METHOD_MASK) {
+ sprintf(buf, " %s", method_names[1]);
+ buf += strlen(buf);
+ }
+ if ((kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) {
+ if (k || !notag) {
+ sprintf(buf, " %s", type_names[k]);
+ if ((k == SEC_ASN1_SET || k == SEC_ASN1_SEQUENCE) &&
+ (kind & SEC_ASN1_GROUP)) {
+ buf += strlen(buf);
+ sprintf(buf, "_OF");
+ }
+ }
+ } else {
+ sprintf(buf, " [%d]", k);
+ }
+ buf += strlen(buf);
+
+ for (k = kind >> 8, i = 0; k; k >>= 1, ++i) {
+ if (k & 1) {
+ sprintf(buf, " %s", flag_names[i]);
+ buf += strlen(buf);
+ }
+ }
+ return notag != 0;
+}
+
+#endif /* DEBUG_ASN1D_STATES */
+
+typedef enum {
+ allDone,
+ decodeError,
+ keepGoing,
+ needBytes
+} sec_asn1d_parse_status;
+
+struct subitem {
+ const void *data;
+ unsigned long len; /* only used for substrings */
+ struct subitem *next;
+};
+
+typedef struct sec_asn1d_state_struct {
+ SEC_ASN1DecoderContext *top;
+ const SEC_ASN1Template *theTemplate;
+ void *dest;
+
+ void *our_mark; /* free on completion */
+
+ struct sec_asn1d_state_struct *parent; /* aka prev */
+ struct sec_asn1d_state_struct *child; /* aka next */
+
+ sec_asn1d_parse_place place;
+
+ /*
+ * XXX explain the next fields as clearly as possible...
+ */
+ unsigned char found_tag_modifiers;
+ unsigned char expect_tag_modifiers;
+ unsigned long check_tag_mask;
+ unsigned long found_tag_number;
+ unsigned long expect_tag_number;
+ unsigned long underlying_kind;
+
+ unsigned long contents_length;
+ unsigned long pending;
+ unsigned long consumed;
+
+ int depth;
+
+ /*
+ * Bit strings have their length adjusted -- the first octet of the
+ * contents contains a value between 0 and 7 which says how many bits
+ * at the end of the octets are not actually part of the bit string;
+ * when parsing bit strings we put that value here because we need it
+ * later, for adjustment of the length (when the whole string is done).
+ */
+ unsigned int bit_string_unused_bits;
+
+ /*
+ * The following are used for indefinite-length constructed strings.
+ */
+ struct subitem *subitems_head;
+ struct subitem *subitems_tail;
+
+ PRPackedBool
+ allocate, /* when true, need to allocate the destination */
+ endofcontents, /* this state ended up parsing end-of-contents octets */
+ explicit, /* we are handling an explicit header */
+ indefinite, /* the current item has indefinite-length encoding */
+ missing, /* an optional field that was not present */
+ optional, /* the template says this field may be omitted */
+ substring; /* this is a substring of a constructed string */
+
+} sec_asn1d_state;
+
+#define IS_HIGH_TAG_NUMBER(n) ((n) == SEC_ASN1_HIGH_TAG_NUMBER)
+#define LAST_TAG_NUMBER_BYTE(b) (((b)&0x80) == 0)
+#define TAG_NUMBER_BITS 7
+#define TAG_NUMBER_MASK 0x7f
+
+#define LENGTH_IS_SHORT_FORM(b) (((b)&0x80) == 0)
+#define LONG_FORM_LENGTH(b) ((b)&0x7f)
+
+#define HIGH_BITS(field, cnt) ((field) >> ((sizeof(field) * 8) - (cnt)))
+
+/*
+ * An "outsider" will have an opaque pointer to this, created by calling
+ * SEC_ASN1DecoderStart(). It will be passed back in to all subsequent
+ * calls to SEC_ASN1DecoderUpdate(), and when done it is passed to
+ * SEC_ASN1DecoderFinish().
+ */
+struct sec_DecoderContext_struct {
+ PLArenaPool *our_pool; /* for our internal allocs */
+ PLArenaPool *their_pool; /* for destination structure allocs */
+#ifdef SEC_ASN1D_FREE_ON_ERROR /* \
+ * XXX see comment below (by same \
+ * ifdef) that explains why this \
+ * does not work (need more smarts \
+ * in order to free back to mark) \
+ */
+ /*
+ * XXX how to make their_mark work in the case where they do NOT
+ * give us a pool pointer?
+ */
+ void *their_mark; /* free on error */
+#endif
+
+ sec_asn1d_state *current;
+ sec_asn1d_parse_status status;
+
+ SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
+ void *notify_arg; /* argument to notify_proc */
+ PRBool during_notify; /* true during call to notify_proc */
+
+ SEC_ASN1WriteProc filter_proc; /* pass field bytes to this */
+ void *filter_arg; /* argument to that function */
+ PRBool filter_only; /* do not allocate/store fields */
+};
+
+/*
+ * XXX this is a fairly generic function that may belong elsewhere
+ */
+static void *
+sec_asn1d_alloc(PLArenaPool *poolp, unsigned long len)
+{
+ void *thing;
+
+ if (poolp != NULL) {
+ /*
+ * Allocate from the pool.
+ */
+ thing = PORT_ArenaAlloc(poolp, len);
+ } else {
+ /*
+ * Allocate generically.
+ */
+ thing = PORT_Alloc(len);
+ }
+
+ return thing;
+}
+
+/*
+ * XXX this is a fairly generic function that may belong elsewhere
+ */
+static void *
+sec_asn1d_zalloc(PLArenaPool *poolp, unsigned long len)
+{
+ void *thing;
+
+ thing = sec_asn1d_alloc(poolp, len);
+ if (thing != NULL)
+ PORT_Memset(thing, 0, len);
+ return thing;
+}
+
+static sec_asn1d_state *
+sec_asn1d_push_state(SEC_ASN1DecoderContext *cx,
+ const SEC_ASN1Template *theTemplate,
+ void *dest, PRBool new_depth)
+{
+ sec_asn1d_state *state, *new_state;
+
+ state = cx->current;
+
+ PORT_Assert(state == NULL || state->child == NULL);
+
+ if (state != NULL) {
+ PORT_Assert(state->our_mark == NULL);
+ state->our_mark = PORT_ArenaMark(cx->our_pool);
+ }
+
+ new_state = (sec_asn1d_state *)sec_asn1d_zalloc(cx->our_pool,
+ sizeof(*new_state));
+ if (new_state == NULL) {
+ goto loser;
+ }
+
+ new_state->top = cx;
+ new_state->parent = state;
+ new_state->theTemplate = theTemplate;
+ new_state->place = notInUse;
+ if (dest != NULL)
+ new_state->dest = (char *)dest + theTemplate->offset;
+
+ if (state != NULL) {
+ new_state->depth = state->depth;
+ if (new_depth) {
+ if (++new_state->depth > SEC_ASN1D_MAX_DEPTH) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ goto loser;
+ }
+ }
+ state->child = new_state;
+ }
+
+ cx->current = new_state;
+ return new_state;
+
+loser:
+ cx->status = decodeError;
+ if (state != NULL) {
+ PORT_ArenaRelease(cx->our_pool, state->our_mark);
+ state->our_mark = NULL;
+ }
+ return NULL;
+}
+
+static void
+sec_asn1d_scrub_state(sec_asn1d_state *state)
+{
+ /*
+ * Some default "scrubbing".
+ * XXX right set of initializations?
+ */
+ state->place = beforeIdentifier;
+ state->endofcontents = PR_FALSE;
+ state->indefinite = PR_FALSE;
+ state->missing = PR_FALSE;
+ PORT_Assert(state->consumed == 0);
+}
+
+static void
+sec_asn1d_notify_before(SEC_ASN1DecoderContext *cx, void *dest, int depth)
+{
+ if (cx->notify_proc == NULL)
+ return;
+
+ cx->during_notify = PR_TRUE;
+ (*cx->notify_proc)(cx->notify_arg, PR_TRUE, dest, depth);
+ cx->during_notify = PR_FALSE;
+}
+
+static void
+sec_asn1d_notify_after(SEC_ASN1DecoderContext *cx, void *dest, int depth)
+{
+ if (cx->notify_proc == NULL)
+ return;
+
+ cx->during_notify = PR_TRUE;
+ (*cx->notify_proc)(cx->notify_arg, PR_FALSE, dest, depth);
+ cx->during_notify = PR_FALSE;
+}
+
+static sec_asn1d_state *
+sec_asn1d_init_state_based_on_template(sec_asn1d_state *state)
+{
+ PRBool explicit, optional, universal;
+ unsigned char expect_tag_modifiers;
+ unsigned long encode_kind, under_kind;
+ unsigned long check_tag_mask, expect_tag_number;
+
+ /* XXX Check that both of these tests are really needed/appropriate. */
+ if (state == NULL || state->top->status == decodeError)
+ return state;
+
+ encode_kind = state->theTemplate->kind;
+
+ if (encode_kind & SEC_ASN1_SAVE) {
+ /*
+ * This is a "magic" field that saves away all bytes, allowing
+ * the immediately following field to still be decoded from this
+ * same spot -- sort of a fork.
+ */
+ /* check that there are no extraneous bits */
+ PORT_Assert(encode_kind == SEC_ASN1_SAVE);
+ if (state->top->filter_only) {
+ /*
+ * If we are not storing, then we do not do the SAVE field
+ * at all. Just move ahead to the "real" field instead,
+ * doing the appropriate notify calls before and after.
+ */
+ sec_asn1d_notify_after(state->top, state->dest, state->depth);
+ /*
+ * Since we are not storing, allow for our current dest value
+ * to be NULL. (This might not actually occur, but right now I
+ * cannot convince myself one way or the other.) If it is NULL,
+ * assume that our parent dest can help us out.
+ */
+ if (state->dest == NULL)
+ state->dest = state->parent->dest;
+ else
+ state->dest = (char *)state->dest - state->theTemplate->offset;
+ state->theTemplate++;
+ if (state->dest != NULL)
+ state->dest = (char *)state->dest + state->theTemplate->offset;
+ sec_asn1d_notify_before(state->top, state->dest, state->depth);
+ encode_kind = state->theTemplate->kind;
+ PORT_Assert((encode_kind & SEC_ASN1_SAVE) == 0);
+ } else {
+ sec_asn1d_scrub_state(state);
+ state->place = duringSaveEncoding;
+ state = sec_asn1d_push_state(state->top, SEC_AnyTemplate,
+ state->dest, PR_FALSE);
+ if (state != NULL)
+ state = sec_asn1d_init_state_based_on_template(state);
+ return state;
+ }
+ }
+
+ universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_EXPLICIT;
+
+ optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_OPTIONAL;
+
+ PORT_Assert(!(explicit && universal)); /* bad templates */
+
+ encode_kind &= ~SEC_ASN1_DYNAMIC;
+ encode_kind &= ~SEC_ASN1_MAY_STREAM;
+
+ if (encode_kind & SEC_ASN1_CHOICE) {
+#if 0 /* XXX remove? */
+ sec_asn1d_state *child = sec_asn1d_push_state(state->top, state->theTemplate, state->dest, PR_FALSE);
+ if ((sec_asn1d_state *)NULL == child) {
+ return (sec_asn1d_state *)NULL;
+ }
+
+ child->allocate = state->allocate;
+ child->place = beforeChoice;
+ return child;
+#else
+ state->place = beforeChoice;
+ return state;
+#endif
+ }
+
+ if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal && !explicit)) {
+ const SEC_ASN1Template *subt;
+ void *dest;
+ PRBool child_allocate;
+
+ PORT_Assert((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
+
+ sec_asn1d_scrub_state(state);
+ child_allocate = PR_FALSE;
+
+ if (encode_kind & SEC_ASN1_POINTER) {
+ /*
+ * A POINTER means we need to allocate the destination for
+ * this field. But, since it may also be an optional field,
+ * we defer the allocation until later; we just record that
+ * it needs to be done.
+ *
+ * There are two possible scenarios here -- one is just a
+ * plain POINTER (kind of like INLINE, except with allocation)
+ * and the other is an implicitly-tagged POINTER. We don't
+ * need to do anything special here for the two cases, but
+ * since the template definition can be tricky, we do check
+ * that there are no extraneous bits set in encode_kind.
+ *
+ * XXX The same conditions which assert should set an error.
+ */
+ if (universal) {
+ /*
+ * "universal" means this entry is a standalone POINTER;
+ * there should be no other bits set in encode_kind.
+ */
+ PORT_Assert(encode_kind == SEC_ASN1_POINTER);
+ } else {
+ /*
+ * If we get here we have an implicitly-tagged field
+ * that needs to be put into a POINTER. The subtemplate
+ * will determine how to decode the field, but encode_kind
+ * describes the (implicit) tag we are looking for.
+ * The non-tag bits of encode_kind will be ignored by
+ * the code below; none of them should be set, however,
+ * except for the POINTER bit itself -- so check that.
+ */
+ PORT_Assert((encode_kind & ~SEC_ASN1_TAG_MASK) == SEC_ASN1_POINTER);
+ }
+ if (!state->top->filter_only)
+ child_allocate = PR_TRUE;
+ dest = NULL;
+ state->place = afterPointer;
+ } else {
+ dest = state->dest;
+ if (encode_kind & SEC_ASN1_INLINE) {
+ /* check that there are no extraneous bits */
+ PORT_Assert(encode_kind == SEC_ASN1_INLINE && !optional);
+ state->place = afterInline;
+ } else {
+ state->place = afterImplicit;
+ }
+ }
+
+ state->optional = optional;
+ subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->dest, PR_FALSE);
+ state = sec_asn1d_push_state(state->top, subt, dest, PR_FALSE);
+ if (state == NULL)
+ return NULL;
+
+ state->allocate = child_allocate;
+
+ if (universal) {
+ state = sec_asn1d_init_state_based_on_template(state);
+ if (state != NULL) {
+ /*
+ * If this field is optional, we need to record that on
+ * the pushed child so it won't fail if the field isn't
+ * found. I can't think of a way that this new state
+ * could already have optional set (which we would wipe
+ * out below if our local optional is not set) -- but
+ * just to be sure, assert that it isn't set.
+ */
+ PORT_Assert(!state->optional);
+ state->optional = optional;
+ }
+ return state;
+ }
+
+ under_kind = state->theTemplate->kind;
+ under_kind &= ~SEC_ASN1_MAY_STREAM;
+ } else if (explicit) {
+ /*
+ * For explicit, we only need to match the encoding tag next,
+ * then we will push another state to handle the entire inner
+ * part. In this case, there is no underlying kind which plays
+ * any part in the determination of the outer, explicit tag.
+ * So we just set under_kind to 0, which is not a valid tag,
+ * and the rest of the tag matching stuff should be okay.
+ */
+ under_kind = 0;
+ } else {
+ /*
+ * Nothing special; the underlying kind and the given encoding
+ * information are the same.
+ */
+ under_kind = encode_kind;
+ }
+
+ /* XXX is this the right set of bits to test here? */
+ PORT_Assert((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
+
+ if (encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) {
+ PORT_Assert(encode_kind == under_kind);
+ if (encode_kind & SEC_ASN1_SKIP) {
+ PORT_Assert(!optional);
+ PORT_Assert(encode_kind == SEC_ASN1_SKIP);
+ state->dest = NULL;
+ }
+ check_tag_mask = 0;
+ expect_tag_modifiers = 0;
+ expect_tag_number = 0;
+ } else {
+ check_tag_mask = SEC_ASN1_TAG_MASK;
+ expect_tag_modifiers = (unsigned char)encode_kind & SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK;
+ /*
+ * XXX This assumes only single-octet identifiers. To handle
+ * the HIGH TAG form we would need to do some more work, especially
+ * in how to specify them in the template, because right now we
+ * do not provide a way to specify more *tag* bits in encode_kind.
+ */
+ expect_tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
+
+ switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
+ case SEC_ASN1_SET:
+ /*
+ * XXX A plain old SET (as opposed to a SET OF) is not implemented.
+ * If it ever is, remove this assert...
+ */
+ PORT_Assert((under_kind & SEC_ASN1_GROUP) != 0);
+ /* fallthru */
+ case SEC_ASN1_SEQUENCE:
+ expect_tag_modifiers |= SEC_ASN1_CONSTRUCTED;
+ break;
+ case SEC_ASN1_BIT_STRING:
+ case SEC_ASN1_BMP_STRING:
+ case SEC_ASN1_GENERALIZED_TIME:
+ case SEC_ASN1_IA5_STRING:
+ case SEC_ASN1_OCTET_STRING:
+ case SEC_ASN1_PRINTABLE_STRING:
+ case SEC_ASN1_T61_STRING:
+ case SEC_ASN1_UNIVERSAL_STRING:
+ case SEC_ASN1_UTC_TIME:
+ case SEC_ASN1_UTF8_STRING:
+ case SEC_ASN1_VISIBLE_STRING:
+ check_tag_mask &= ~SEC_ASN1_CONSTRUCTED;
+ break;
+ }
+ }
+
+ state->check_tag_mask = check_tag_mask;
+ state->expect_tag_modifiers = expect_tag_modifiers;
+ state->expect_tag_number = expect_tag_number;
+ state->underlying_kind = under_kind;
+ state->explicit = explicit;
+ state->optional = optional;
+
+ sec_asn1d_scrub_state(state);
+
+ return state;
+}
+
+static sec_asn1d_state *
+sec_asn1d_get_enclosing_construct(sec_asn1d_state *state)
+{
+ for (state = state->parent; state; state = state->parent) {
+ sec_asn1d_parse_place place = state->place;
+ if (place != afterImplicit &&
+ place != afterPointer &&
+ place != afterInline &&
+ place != afterSaveEncoding &&
+ place != duringSaveEncoding &&
+ place != duringChoice) {
+
+ /* we've walked up the stack to a state that represents
+ ** the enclosing construct.
+ */
+ break;
+ }
+ }
+ return state;
+}
+
+static PRBool
+sec_asn1d_parent_allows_EOC(sec_asn1d_state *state)
+{
+ /* get state of enclosing construct. */
+ state = sec_asn1d_get_enclosing_construct(state);
+ if (state) {
+ sec_asn1d_parse_place place = state->place;
+ /* Is it one of the types that permits an unexpected EOC? */
+ int eoc_permitted =
+ (place == duringGroup ||
+ place == duringConstructedString ||
+ state->child->optional);
+ return (state->indefinite && eoc_permitted) ? PR_TRUE : PR_FALSE;
+ }
+ return PR_FALSE;
+}
+
+static unsigned long
+sec_asn1d_parse_identifier(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ unsigned char byte;
+ unsigned char tag_number;
+
+ PORT_Assert(state->place == beforeIdentifier);
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ byte = (unsigned char)*buf;
+#ifdef DEBUG_ASN1D_STATES
+ {
+ char kindBuf[256];
+ formatKind(byte, kindBuf);
+ printf("Found tag %02x %s\n", byte, kindBuf);
+ }
+#endif
+ tag_number = byte & SEC_ASN1_TAGNUM_MASK;
+
+ if (IS_HIGH_TAG_NUMBER(tag_number)) {
+ state->place = duringIdentifier;
+ state->found_tag_number = 0;
+ /*
+ * Actually, we have no idea how many bytes are pending, but we
+ * do know that it is at least 1. That is all we know; we have
+ * to look at each byte to know if there is another, etc.
+ */
+ state->pending = 1;
+ } else {
+ if (byte == 0 && sec_asn1d_parent_allows_EOC(state)) {
+ /*
+ * Our parent has indefinite-length encoding, and the
+ * entire tag found is 0, so it seems that we have hit the
+ * end-of-contents octets. To handle this, we just change
+ * our state to that which expects to get the bytes of the
+ * end-of-contents octets and let that code re-read this byte
+ * so that our categorization of field types is correct.
+ * After that, our parent will then deal with everything else.
+ */
+ state->place = duringEndOfContents;
+ state->pending = 2;
+ state->found_tag_number = 0;
+ state->found_tag_modifiers = 0;
+ /*
+ * We might be an optional field that is, as we now find out,
+ * missing. Give our parent a clue that this happened.
+ */
+ if (state->optional)
+ state->missing = PR_TRUE;
+ return 0;
+ }
+ state->place = afterIdentifier;
+ state->found_tag_number = tag_number;
+ }
+ state->found_tag_modifiers = byte & ~SEC_ASN1_TAGNUM_MASK;
+
+ return 1;
+}
+
+static unsigned long
+sec_asn1d_parse_more_identifier(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ unsigned char byte;
+ int count;
+
+ PORT_Assert(state->pending == 1);
+ PORT_Assert(state->place == duringIdentifier);
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ count = 0;
+
+ while (len && state->pending) {
+ if (HIGH_BITS(state->found_tag_number, TAG_NUMBER_BITS) != 0) {
+ /*
+ * The given high tag number overflows our container;
+ * just give up. This is not likely to *ever* happen.
+ */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+
+ state->found_tag_number <<= TAG_NUMBER_BITS;
+
+ byte = (unsigned char)buf[count++];
+ state->found_tag_number |= (byte & TAG_NUMBER_MASK);
+
+ len--;
+ if (LAST_TAG_NUMBER_BYTE(byte))
+ state->pending = 0;
+ }
+
+ if (state->pending == 0)
+ state->place = afterIdentifier;
+
+ return count;
+}
+
+static void
+sec_asn1d_confirm_identifier(sec_asn1d_state *state)
+{
+ PRBool match;
+
+ PORT_Assert(state->place == afterIdentifier);
+
+ match = (PRBool)(((state->found_tag_modifiers & state->check_tag_mask) == state->expect_tag_modifiers) && ((state->found_tag_number & state->check_tag_mask) == state->expect_tag_number));
+ if (match) {
+ state->place = beforeLength;
+ } else {
+ if (state->optional) {
+ state->missing = PR_TRUE;
+ state->place = afterEndOfContents;
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ }
+ }
+}
+
+static unsigned long
+sec_asn1d_parse_length(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ unsigned char byte;
+
+ PORT_Assert(state->place == beforeLength);
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ /*
+ * The default/likely outcome. It may get adjusted below.
+ */
+ state->place = afterLength;
+
+ byte = (unsigned char)*buf;
+
+ if (LENGTH_IS_SHORT_FORM(byte)) {
+ state->contents_length = byte;
+ } else {
+ state->contents_length = 0;
+ state->pending = LONG_FORM_LENGTH(byte);
+ if (state->pending == 0) {
+ state->indefinite = PR_TRUE;
+ } else {
+ state->place = duringLength;
+ }
+ }
+
+ /* If we're parsing an ANY, SKIP, or SAVE template, and
+ ** the object being saved is definite length encoded and constructed,
+ ** there's no point in decoding that construct's members.
+ ** So, just forget it's constructed and treat it as primitive.
+ ** (SAVE appears as an ANY at this point)
+ */
+ if (!state->indefinite &&
+ (state->underlying_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP))) {
+ state->found_tag_modifiers &= ~SEC_ASN1_CONSTRUCTED;
+ }
+
+ return 1;
+}
+
+static unsigned long
+sec_asn1d_parse_more_length(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ int count;
+
+ PORT_Assert(state->pending > 0);
+ PORT_Assert(state->place == duringLength);
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ count = 0;
+
+ while (len && state->pending) {
+ if (HIGH_BITS(state->contents_length, 9) != 0) {
+ /*
+ * The given full content length overflows our container;
+ * just give up.
+ */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+
+ state->contents_length <<= 8;
+ state->contents_length |= (unsigned char)buf[count++];
+
+ len--;
+ state->pending--;
+ }
+
+ if (state->pending == 0)
+ state->place = afterLength;
+
+ return count;
+}
+
+/*
+ * Helper function for sec_asn1d_prepare_for_contents.
+ * Checks that a value representing a number of bytes consumed can be
+ * subtracted from a remaining length. If so, returns PR_TRUE.
+ * Otherwise, sets the error SEC_ERROR_BAD_DER, indicates that there was a
+ * decoding error in the given SEC_ASN1DecoderContext, and returns PR_FALSE.
+ */
+static PRBool
+sec_asn1d_check_and_subtract_length(unsigned long *remaining,
+ unsigned long consumed,
+ SEC_ASN1DecoderContext *cx)
+{
+ PORT_Assert(remaining);
+ PORT_Assert(cx);
+ if (!remaining || !cx) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ cx->status = decodeError;
+ return PR_FALSE;
+ }
+ if (*remaining < consumed) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ cx->status = decodeError;
+ return PR_FALSE;
+ }
+ *remaining -= consumed;
+ return PR_TRUE;
+}
+
+static void
+sec_asn1d_prepare_for_contents(sec_asn1d_state *state)
+{
+ SECItem *item;
+ PLArenaPool *poolp;
+ unsigned long alloc_len;
+ sec_asn1d_state *parent;
+
+#ifdef DEBUG_ASN1D_STATES
+ {
+ printf("Found Length %d %s\n", state->contents_length,
+ state->indefinite ? "indefinite" : "");
+ }
+#endif
+
+ /**
+ * The maximum length for a child element should be constrained to the
+ * length remaining in the first definite length element in the ancestor
+ * stack. If there is no definite length element in the ancestor stack,
+ * there's nothing to constrain the length of the child, so there's no
+ * further processing necessary.
+ *
+ * It's necessary to walk the ancestor stack, because it's possible to have
+ * definite length children that are part of an indefinite length element,
+ * which is itself part of an indefinite length element, and which is
+ * ultimately part of a definite length element. A simple example of this
+ * would be the handling of constructed OCTET STRINGs in BER encoding.
+ *
+ * This algorithm finds the first definite length element in the ancestor
+ * stack, if any, and if so, ensures that the length of the child element
+ * is consistent with the number of bytes remaining in the constraining
+ * ancestor element (that is, after accounting for any other sibling
+ * elements that may have been read).
+ *
+ * It's slightly complicated by the need to account both for integer
+ * underflow and overflow, as well as ensure that for indefinite length
+ * encodings, there's also enough space for the End-of-Contents (EOC)
+ * octets (Tag = 0x00, Length = 0x00, or two bytes).
+ */
+
+ /* Determine the maximum length available for this element by finding the
+ * first definite length ancestor, if any. */
+ parent = sec_asn1d_get_enclosing_construct(state);
+ while (parent && parent->indefinite) {
+ parent = sec_asn1d_get_enclosing_construct(parent);
+ }
+ /* If parent is null, state is either the outermost state / at the top of
+ * the stack, or the outermost state uses indefinite length encoding. In
+ * these cases, there's nothing external to constrain this element, so
+ * there's nothing to check. */
+ if (parent) {
+ unsigned long remaining = parent->pending;
+ parent = state;
+ do {
+ if (!sec_asn1d_check_and_subtract_length(
+ &remaining, parent->consumed, state->top) ||
+ /* If parent->indefinite is true, parent->contents_length is
+ * zero and this is a no-op. */
+ !sec_asn1d_check_and_subtract_length(
+ &remaining, parent->contents_length, state->top) ||
+ /* If parent->indefinite is true, then ensure there is enough
+ * space for an EOC tag of 2 bytes. */
+ (parent->indefinite && !sec_asn1d_check_and_subtract_length(&remaining, 2, state->top))) {
+ /* This element is larger than its enclosing element, which is
+ * invalid. */
+ return;
+ }
+ } while ((parent = sec_asn1d_get_enclosing_construct(parent)) &&
+ parent->indefinite);
+ }
+
+ /*
+ * XXX I cannot decide if this allocation should exclude the case
+ * where state->endofcontents is true -- figure it out!
+ */
+ if (state->allocate) {
+ void *dest;
+
+ PORT_Assert(state->dest == NULL);
+ /*
+ * We are handling a POINTER or a member of a GROUP, and need to
+ * allocate for the data structure.
+ */
+ dest = sec_asn1d_zalloc(state->top->their_pool,
+ state->theTemplate->size);
+ if (dest == NULL) {
+ state->top->status = decodeError;
+ return;
+ }
+ state->dest = (char *)dest + state->theTemplate->offset;
+
+ /*
+ * For a member of a GROUP, our parent will later put the
+ * pointer wherever it belongs. But for a POINTER, we need
+ * to record the destination now, in case notify or filter
+ * procs need access to it -- they cannot find it otherwise,
+ * until it is too late (for one-pass processing).
+ */
+ if (state->parent->place == afterPointer) {
+ void **placep;
+
+ placep = state->parent->dest;
+ *placep = dest;
+ }
+ }
+
+ /*
+ * Remember, length may be indefinite here! In that case,
+ * both contents_length and pending will be zero.
+ */
+ state->pending = state->contents_length;
+
+ /*
+ * An EXPLICIT is nothing but an outer header, which we have
+ * already parsed and accepted. Now we need to do the inner
+ * header and its contents.
+ */
+ if (state->explicit) {
+ state->place = afterExplicit;
+ state = sec_asn1d_push_state(state->top,
+ SEC_ASN1GetSubtemplate(state->theTemplate,
+ state->dest,
+ PR_FALSE),
+ state->dest, PR_TRUE);
+ if (state != NULL) {
+ (void)sec_asn1d_init_state_based_on_template(state);
+ }
+ return;
+ }
+
+ /*
+ * For GROUP (SET OF, SEQUENCE OF), even if we know the length here
+ * we cannot tell how many items we will end up with ... so push a
+ * state that can keep track of "children" (the individual members
+ * of the group; we will allocate as we go and put them all together
+ * at the end.
+ */
+ if (state->underlying_kind & SEC_ASN1_GROUP) {
+ /* XXX If this assertion holds (should be able to confirm it via
+ * inspection, too) then move this code into the switch statement
+ * below under cases SET_OF and SEQUENCE_OF; it will be cleaner.
+ */
+ PORT_Assert(state->underlying_kind == SEC_ASN1_SET_OF || state->underlying_kind == SEC_ASN1_SEQUENCE_OF || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF | SEC_ASN1_DYNAMIC) || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF | SEC_ASN1_DYNAMIC));
+ if (state->contents_length != 0 || state->indefinite) {
+ const SEC_ASN1Template *subt;
+
+ state->place = duringGroup;
+ subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->dest,
+ PR_FALSE);
+ state = sec_asn1d_push_state(state->top, subt, NULL, PR_TRUE);
+ if (state != NULL) {
+ if (!state->top->filter_only)
+ state->allocate = PR_TRUE; /* XXX propogate this? */
+ /*
+ * Do the "before" field notification for next in group.
+ */
+ sec_asn1d_notify_before(state->top, state->dest, state->depth);
+ (void)sec_asn1d_init_state_based_on_template(state);
+ }
+ } else {
+ /*
+ * A group of zero; we are done.
+ * Set state to afterGroup and let that code plant the NULL.
+ */
+ state->place = afterGroup;
+ }
+ return;
+ }
+
+ switch (state->underlying_kind) {
+ case SEC_ASN1_SEQUENCE:
+ /*
+ * We need to push a child to handle the individual fields.
+ */
+ state->place = duringSequence;
+ state = sec_asn1d_push_state(state->top, state->theTemplate + 1,
+ state->dest, PR_TRUE);
+ if (state != NULL) {
+ /*
+ * Do the "before" field notification.
+ */
+ sec_asn1d_notify_before(state->top, state->dest, state->depth);
+ (void)sec_asn1d_init_state_based_on_template(state);
+ }
+ break;
+
+ case SEC_ASN1_SET: /* XXX SET is not really implemented */
+ /*
+ * XXX A plain SET requires special handling; scanning of a
+ * template to see where a field should go (because by definition,
+ * they are not in any particular order, and you have to look at
+ * each tag to disambiguate what the field is). We may never
+ * implement this because in practice, it seems to be unused.
+ */
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_BAD_DER); /* XXX */
+ state->top->status = decodeError;
+ break;
+
+ case SEC_ASN1_NULL:
+ /*
+ * The NULL type, by definition, is "nothing", content length of zero.
+ * An indefinite-length encoding is not alloweed.
+ */
+ if (state->contents_length || state->indefinite) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ break;
+ }
+ if (state->dest != NULL) {
+ item = (SECItem *)(state->dest);
+ item->data = NULL;
+ item->len = 0;
+ }
+ state->place = afterEndOfContents;
+ break;
+
+ case SEC_ASN1_BMP_STRING:
+ /* Error if length is not divisable by 2 */
+ if (state->contents_length % 2) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ break;
+ }
+ /* otherwise, handle as other string types */
+ goto regular_string_type;
+
+ case SEC_ASN1_UNIVERSAL_STRING:
+ /* Error if length is not divisable by 4 */
+ if (state->contents_length % 4) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ break;
+ }
+ /* otherwise, handle as other string types */
+ goto regular_string_type;
+
+ case SEC_ASN1_SKIP:
+ case SEC_ASN1_ANY:
+ case SEC_ASN1_ANY_CONTENTS:
+ /*
+ * These are not (necessarily) strings, but they need nearly
+ * identical handling (especially when we need to deal with
+ * constructed sub-pieces), so we pretend they are.
+ */
+ /* fallthru */
+ regular_string_type:
+ case SEC_ASN1_BIT_STRING:
+ case SEC_ASN1_IA5_STRING:
+ case SEC_ASN1_OCTET_STRING:
+ case SEC_ASN1_PRINTABLE_STRING:
+ case SEC_ASN1_T61_STRING:
+ case SEC_ASN1_UTC_TIME:
+ case SEC_ASN1_UTF8_STRING:
+ case SEC_ASN1_VISIBLE_STRING:
+ /*
+ * We are allocating for a primitive or a constructed string.
+ * If it is a constructed string, it may also be indefinite-length.
+ * If it is primitive, the length can (legally) be zero.
+ * Our first order of business is to allocate the memory for
+ * the string, if we can (if we know the length).
+ */
+ item = (SECItem *)(state->dest);
+
+ /*
+ * If the item is a definite-length constructed string, then
+ * the contents_length is actually larger than what we need
+ * (because it also counts each intermediate header which we
+ * will be throwing away as we go), but it is a perfectly good
+ * upper bound that we just allocate anyway, and then concat
+ * as we go; we end up wasting a few extra bytes but save a
+ * whole other copy.
+ */
+ alloc_len = state->contents_length;
+ poolp = NULL; /* quiet compiler warnings about unused... */
+
+ if (item == NULL || state->top->filter_only) {
+ if (item != NULL) {
+ item->data = NULL;
+ item->len = 0;
+ }
+ alloc_len = 0;
+ } else if (state->substring) {
+ /*
+ * If we are a substring of a constructed string, then we may
+ * not have to allocate anything (because our parent, the
+ * actual constructed string, did it for us). If we are a
+ * substring and we *do* have to allocate, that means our
+ * parent is an indefinite-length, so we allocate from our pool;
+ * later our parent will copy our string into the aggregated
+ * whole and free our pool allocation.
+ */
+ if (item->data == NULL) {
+ PORT_Assert(item->len == 0);
+ poolp = state->top->our_pool;
+ } else {
+ alloc_len = 0;
+ }
+ } else {
+ item->len = 0;
+ item->data = NULL;
+ poolp = state->top->their_pool;
+ }
+
+ if (alloc_len || ((!state->indefinite) && (state->subitems_head != NULL))) {
+ struct subitem *subitem;
+ int len;
+
+ PORT_Assert(item);
+ if (!item) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+ PORT_Assert(item->len == 0 && item->data == NULL);
+ /*
+ * Check for and handle an ANY which has stashed aside the
+ * header (identifier and length) bytes for us to include
+ * in the saved contents.
+ */
+ if (state->subitems_head != NULL) {
+ PORT_Assert(state->underlying_kind == SEC_ASN1_ANY);
+ for (subitem = state->subitems_head;
+ subitem != NULL; subitem = subitem->next)
+ alloc_len += subitem->len;
+ }
+
+ item->data = (unsigned char *)sec_asn1d_zalloc(poolp, alloc_len);
+ if (item->data == NULL) {
+ state->top->status = decodeError;
+ break;
+ }
+
+ len = 0;
+ for (subitem = state->subitems_head;
+ subitem != NULL; subitem = subitem->next) {
+ PORT_Memcpy(item->data + len, subitem->data, subitem->len);
+ len += subitem->len;
+ }
+ item->len = len;
+
+ /*
+ * Because we use arenas and have a mark set, we later free
+ * everything we have allocated, so this does *not* present
+ * a memory leak (it is just temporarily left dangling).
+ */
+ state->subitems_head = state->subitems_tail = NULL;
+ }
+
+ if (state->contents_length == 0 && (!state->indefinite)) {
+ /*
+ * A zero-length simple or constructed string; we are done.
+ */
+ state->place = afterEndOfContents;
+ } else if (state->found_tag_modifiers & SEC_ASN1_CONSTRUCTED) {
+ const SEC_ASN1Template *sub;
+
+ switch (state->underlying_kind) {
+ case SEC_ASN1_ANY:
+ case SEC_ASN1_ANY_CONTENTS:
+ sub = SEC_AnyTemplate;
+ break;
+ case SEC_ASN1_BIT_STRING:
+ sub = SEC_BitStringTemplate;
+ break;
+ case SEC_ASN1_BMP_STRING:
+ sub = SEC_BMPStringTemplate;
+ break;
+ case SEC_ASN1_GENERALIZED_TIME:
+ sub = SEC_GeneralizedTimeTemplate;
+ break;
+ case SEC_ASN1_IA5_STRING:
+ sub = SEC_IA5StringTemplate;
+ break;
+ case SEC_ASN1_OCTET_STRING:
+ sub = SEC_OctetStringTemplate;
+ break;
+ case SEC_ASN1_PRINTABLE_STRING:
+ sub = SEC_PrintableStringTemplate;
+ break;
+ case SEC_ASN1_T61_STRING:
+ sub = SEC_T61StringTemplate;
+ break;
+ case SEC_ASN1_UNIVERSAL_STRING:
+ sub = SEC_UniversalStringTemplate;
+ break;
+ case SEC_ASN1_UTC_TIME:
+ sub = SEC_UTCTimeTemplate;
+ break;
+ case SEC_ASN1_UTF8_STRING:
+ sub = SEC_UTF8StringTemplate;
+ break;
+ case SEC_ASN1_VISIBLE_STRING:
+ sub = SEC_VisibleStringTemplate;
+ break;
+ case SEC_ASN1_SKIP:
+ sub = SEC_SkipTemplate;
+ break;
+ default: /* redundant given outer switch cases, but */
+ PORT_Assert(0); /* the compiler does not seem to know that, */
+ sub = NULL; /* so just do enough to quiet it. */
+ break;
+ }
+
+ state->place = duringConstructedString;
+ state = sec_asn1d_push_state(state->top, sub, item, PR_TRUE);
+ if (state != NULL) {
+ state->substring = PR_TRUE; /* XXX propogate? */
+ (void)sec_asn1d_init_state_based_on_template(state);
+ }
+ } else if (state->indefinite) {
+ /*
+ * An indefinite-length string *must* be constructed!
+ */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ } else {
+ /*
+ * A non-zero-length simple string.
+ */
+ if (state->underlying_kind == SEC_ASN1_BIT_STRING)
+ state->place = beforeBitString;
+ else
+ state->place = duringLeaf;
+ }
+ break;
+
+ default:
+ /*
+ * We are allocating for a simple leaf item.
+ */
+ if (state->contents_length) {
+ if (state->dest != NULL) {
+ item = (SECItem *)(state->dest);
+ item->len = 0;
+ if (state->top->filter_only) {
+ item->data = NULL;
+ } else {
+ item->data = (unsigned char *)
+ sec_asn1d_zalloc(state->top->their_pool,
+ state->contents_length);
+ if (item->data == NULL) {
+ state->top->status = decodeError;
+ return;
+ }
+ }
+ }
+ state->place = duringLeaf;
+ } else {
+ /*
+ * An indefinite-length or zero-length item is not allowed.
+ * (All legal cases of such were handled above.)
+ */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ }
+ }
+}
+
+static void
+sec_asn1d_free_child(sec_asn1d_state *state, PRBool error)
+{
+ if (state->child != NULL) {
+ PORT_Assert(error || state->child->consumed == 0);
+ PORT_Assert(state->our_mark != NULL);
+ PORT_ArenaZRelease(state->top->our_pool, state->our_mark);
+ if (error && state->top->their_pool == NULL) {
+ /*
+ * XXX We need to free anything allocated.
+ * At this point, we failed in the middle of decoding. But we
+ * can't free the data we previously allocated with PR_Malloc
+ * unless we keep track of every pointer. So instead we have a
+ * memory leak when decoding fails half-way, unless an arena is
+ * used. See bug 95311 .
+ */
+ }
+ state->child = NULL;
+ state->our_mark = NULL;
+ } else {
+ /*
+ * It is important that we do not leave a mark unreleased/unmarked.
+ * But I do not think we should ever have one set in this case, only
+ * if we had a child (handled above). So check for that. If this
+ * assertion should ever get hit, then we probably need to add code
+ * here to release back to our_mark (and then set our_mark to NULL).
+ */
+ PORT_Assert(state->our_mark == NULL);
+ }
+ state->place = beforeEndOfContents;
+}
+
+/* We have just saved an entire encoded ASN.1 object (type) for a SAVE
+** template, and now in the next template, we are going to decode that
+** saved data by calling SEC_ASN1DecoderUpdate recursively.
+** If that recursive call fails with needBytes, it is a fatal error,
+** because the encoded object should have been complete.
+** If that recursive call fails with decodeError, it will have already
+** cleaned up the state stack, so we must bail out quickly.
+**
+** These checks of the status returned by the recursive call are now
+** done in the caller of this function, immediately after it returns.
+*/
+static void
+sec_asn1d_reuse_encoding(sec_asn1d_state *state)
+{
+ sec_asn1d_state *child;
+ unsigned long consumed;
+ SECItem *item;
+ void *dest;
+
+ child = state->child;
+ PORT_Assert(child != NULL);
+
+ consumed = child->consumed;
+ child->consumed = 0;
+
+ item = (SECItem *)(state->dest);
+ PORT_Assert(item != NULL);
+
+ PORT_Assert(item->len == consumed);
+
+ /*
+ * Free any grandchild.
+ */
+ sec_asn1d_free_child(child, PR_FALSE);
+
+ /*
+ * Notify after the SAVE field.
+ */
+ sec_asn1d_notify_after(state->top, state->dest, state->depth);
+
+ /*
+ * Adjust to get new dest and move forward.
+ */
+ dest = (char *)state->dest - state->theTemplate->offset;
+ state->theTemplate++;
+ child->dest = (char *)dest + state->theTemplate->offset;
+ child->theTemplate = state->theTemplate;
+
+ /*
+ * Notify before the "real" field.
+ */
+ PORT_Assert(state->depth == child->depth);
+ sec_asn1d_notify_before(state->top, child->dest, child->depth);
+
+ /*
+ * This will tell DecoderUpdate to return when it is done.
+ */
+ state->place = afterSaveEncoding;
+
+ /*
+ * We already have a child; "push" it by making it current.
+ */
+ state->top->current = child;
+
+ /*
+ * And initialize it so it is ready to parse.
+ */
+ (void)sec_asn1d_init_state_based_on_template(child);
+
+ /*
+ * Now parse that out of our data.
+ */
+ if (SEC_ASN1DecoderUpdate(state->top,
+ (char *)item->data, item->len) != SECSuccess)
+ return;
+ if (state->top->status == needBytes) {
+ return;
+ }
+
+ PORT_Assert(state->top->current == state);
+ PORT_Assert(state->child == child);
+
+ /*
+ * That should have consumed what we consumed before.
+ */
+ PORT_Assert(consumed == child->consumed);
+ child->consumed = 0;
+
+ /*
+ * Done.
+ */
+ state->consumed += consumed;
+ child->place = notInUse;
+ state->place = afterEndOfContents;
+}
+
+static unsigned long
+sec_asn1d_parse_leaf(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ SECItem *item;
+ unsigned long bufLen;
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ if (state->pending < len)
+ len = state->pending;
+
+ bufLen = len;
+
+ item = (SECItem *)(state->dest);
+ if (item != NULL && item->data != NULL) {
+ unsigned long offset;
+ /* Strip leading zeroes when target is unsigned integer */
+ if (state->underlying_kind == SEC_ASN1_INTEGER && /* INTEGER */
+ item->len == 0 && /* MSB */
+ item->type == siUnsignedInteger) /* unsigned */
+ {
+ while (len > 1 && buf[0] == 0) { /* leading 0 */
+ buf++;
+ len--;
+ }
+ }
+ offset = item->len;
+ if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
+ // The previous bit string must have no unused bits.
+ if (item->len & 0x7) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+ // If this is a bit string, the length is bits, not bytes.
+ offset = item->len >> 3;
+ }
+ if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
+ unsigned long len_in_bits;
+ // Protect against overflow during the bytes-to-bits conversion.
+ if (len >= (ULONG_MAX >> 3) + 1) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+ len_in_bits = (len << 3) - state->bit_string_unused_bits;
+ // Protect against overflow when computing the total length in bits.
+ if (UINT_MAX - item->len < len_in_bits) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+ item->len += len_in_bits;
+ } else {
+ if (UINT_MAX - item->len < len) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+ item->len += len;
+ }
+ PORT_Memcpy(item->data + offset, buf, len);
+ }
+ state->pending -= bufLen;
+ if (state->pending == 0)
+ state->place = beforeEndOfContents;
+
+ return bufLen;
+}
+
+static unsigned long
+sec_asn1d_parse_bit_string(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ unsigned char byte;
+
+ /*PORT_Assert (state->pending > 0); */
+ PORT_Assert(state->place == beforeBitString);
+
+ if (state->pending == 0) {
+ if (state->dest != NULL) {
+ SECItem *item = (SECItem *)(state->dest);
+ item->data = NULL;
+ item->len = 0;
+ state->place = beforeEndOfContents;
+ return 0;
+ }
+ }
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ byte = (unsigned char)*buf;
+ if (byte > 7) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+
+ state->bit_string_unused_bits = byte;
+ state->place = duringBitString;
+ state->pending -= 1;
+
+ return 1;
+}
+
+static unsigned long
+sec_asn1d_parse_more_bit_string(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ PORT_Assert(state->place == duringBitString);
+ if (state->pending == 0) {
+ /* An empty bit string with some unused bits is invalid. */
+ if (state->bit_string_unused_bits) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ } else {
+ /* An empty bit string with no unused bits is OK. */
+ state->place = beforeEndOfContents;
+ }
+ return 0;
+ }
+
+ len = sec_asn1d_parse_leaf(state, buf, len);
+ return len;
+}
+
+/*
+ * XXX All callers should be looking at return value to detect
+ * out-of-memory errors (and stop!).
+ */
+static struct subitem *
+sec_asn1d_add_to_subitems(sec_asn1d_state *state,
+ const void *data, unsigned long len,
+ PRBool copy_data)
+{
+ struct subitem *thing;
+
+ thing = (struct subitem *)sec_asn1d_zalloc(state->top->our_pool,
+ sizeof(struct subitem));
+ if (thing == NULL) {
+ state->top->status = decodeError;
+ return NULL;
+ }
+
+ if (copy_data) {
+ void *copy;
+ copy = sec_asn1d_alloc(state->top->our_pool, len);
+ if (copy == NULL) {
+ state->top->status = decodeError;
+ if (!state->top->our_pool)
+ PORT_Free(thing);
+ return NULL;
+ }
+ PORT_Memcpy(copy, data, len);
+ thing->data = copy;
+ } else {
+ thing->data = data;
+ }
+ thing->len = len;
+ thing->next = NULL;
+
+ if (state->subitems_head == NULL) {
+ PORT_Assert(state->subitems_tail == NULL);
+ state->subitems_head = state->subitems_tail = thing;
+ } else {
+ state->subitems_tail->next = thing;
+ state->subitems_tail = thing;
+ }
+
+ return thing;
+}
+
+static void
+sec_asn1d_record_any_header(sec_asn1d_state *state,
+ const char *buf,
+ unsigned long len)
+{
+ SECItem *item;
+
+ item = (SECItem *)(state->dest);
+ if (item != NULL && item->data != NULL) {
+ PORT_Assert(state->substring);
+ PORT_Memcpy(item->data + item->len, buf, len);
+ item->len += len;
+ } else {
+ sec_asn1d_add_to_subitems(state, buf, len, PR_TRUE);
+ }
+}
+
+/*
+ * We are moving along through the substrings of a constructed string,
+ * and have just finished parsing one -- we need to save our child data
+ * (if the child was not already writing directly into the destination)
+ * and then move forward by one.
+ *
+ * We also have to detect when we are done:
+ * - a definite-length encoding stops when our pending value hits 0
+ * - an indefinite-length encoding stops when our child is empty
+ * (which means it was the end-of-contents octets)
+ */
+static void
+sec_asn1d_next_substring(sec_asn1d_state *state)
+{
+ sec_asn1d_state *child;
+ SECItem *item;
+ unsigned long child_consumed;
+ PRBool done;
+
+ PORT_Assert(state->place == duringConstructedString);
+ PORT_Assert(state->child != NULL);
+
+ child = state->child;
+
+ child_consumed = child->consumed;
+ child->consumed = 0;
+ state->consumed += child_consumed;
+
+ done = PR_FALSE;
+
+ if (state->pending) {
+ PORT_Assert(!state->indefinite);
+ if (child_consumed > state->pending) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+
+ state->pending -= child_consumed;
+ if (state->pending == 0)
+ done = PR_TRUE;
+ } else {
+ PRBool preallocatedString;
+ sec_asn1d_state *temp_state;
+ PORT_Assert(state->indefinite);
+
+ item = (SECItem *)(child->dest);
+
+ /**
+ * At this point, there's three states at play:
+ * child: The element that was just parsed
+ * state: The currently processed element
+ * 'parent' (aka state->parent): The enclosing construct
+ * of state, or NULL if this is the top-most element.
+ *
+ * This state handles both substrings of a constructed string AND
+ * child elements of items whose template type was that of
+ * SEC_ASN1_ANY, SEC_ASN1_SAVE, SEC_ASN1_ANY_CONTENTS, SEC_ASN1_SKIP
+ * template, as described in sec_asn1d_prepare_for_contents. For
+ * brevity, these will be referred to as 'string' and 'any' types.
+ *
+ * This leads to the following possibilities:
+ * 1: This element is an indefinite length string, part of a
+ * definite length string.
+ * 2: This element is an indefinite length string, part of an
+ * indefinite length string.
+ * 3: This element is an indefinite length any, part of a
+ * definite length any.
+ * 4: This element is an indefinite length any, part of an
+ * indefinite length any.
+ * 5: This element is an indefinite length any and does not
+ * meet any of the above criteria. Note that this would include
+ * an indefinite length string type matching an indefinite
+ * length any template.
+ *
+ * In Cases #1 and #3, the definite length 'parent' element will
+ * have allocated state->dest based on the parent elements definite
+ * size. During the processing of 'child', sec_asn1d_parse_leaf will
+ * have copied the (string, any) data directly into the offset of
+ * dest, as appropriate, so there's no need for this class to still
+ * store the child - it's already been processed.
+ *
+ * In Cases #2 and #4, dest will be set to the parent element's dest,
+ * but dest->data will not have been allocated yet, due to the
+ * indefinite length encoding. In this situation, it's necessary to
+ * hold onto child (and all other children) until the EOC, at which
+ * point, it becomes possible to compute 'state's overall length. Once
+ * 'state' has a computed length, this can then be fed to 'parent' (via
+ * this state), and then 'parent' can similarly compute the length of
+ * all of its children up to the EOC, which will ultimately transit to
+ * sec_asn1d_concat_substrings, determine the overall size needed,
+ * allocate, and copy the contents (of all of parent's children, which
+ * would include 'state', just as 'state' will have copied all of its
+ * children via sec_asn1d_concat_substrings)
+ *
+ * The final case, Case #5, will manifest in that item->data and
+ * item->len will be NULL/0, respectively, since this element was
+ * indefinite-length encoded. In that case, both the tag and length will
+ * already exist in state's subitems, via sec_asn1d_record_any_header,
+ * and so the contents (aka 'child') should be added to that list of
+ * items to concatenate in sec_asn1d_concat_substrings once the EOC
+ * is encountered.
+ *
+ * To distinguish #2/#4 from #1/#3, it's sufficient to walk the ancestor
+ * tree. If the current type is a string type, then the enclosing
+ * construct will be that same type (#1/#2). If the current type is an
+ * any type, then the enclosing construct is either an any type (#3/#4)
+ * or some other type (#5). Since this is BER, this nesting relationship
+ * between 'state' and 'parent' may go through several levels of
+ * constructed encoding, so continue walking the ancestor chain until a
+ * clear determination can be made.
+ *
+ * The variable preallocatedString is used to indicate Case #1/#3,
+ * indicating an in-place copy has already occurred, and Cases #2, #4,
+ * and #5 all have the same behaviour of adding a new substring.
+ */
+ preallocatedString = PR_FALSE;
+ temp_state = state;
+ while (temp_state && item == temp_state->dest && temp_state->indefinite) {
+ sec_asn1d_state *parent = sec_asn1d_get_enclosing_construct(temp_state);
+ if (!parent || parent->underlying_kind != temp_state->underlying_kind) {
+ /* Case #5 - Either this is a top-level construct or it is part
+ * of some other element (e.g. a SEQUENCE), in which case, a
+ * new item should be allocated. */
+ break;
+ }
+ if (!parent->indefinite) {
+ /* Cases #1 / #3 - A definite length ancestor exists, for which
+ * this is a substring that has already copied into dest. */
+ preallocatedString = PR_TRUE;
+ break;
+ }
+ if (!parent->substring) {
+ /* Cases #2 / #4 - If the parent is not a substring, but is
+ * indefinite, then there's nothing further up that may have
+ * preallocated dest, thus child will not have already
+ * been copied in place, therefore it's necessary to save child
+ * as a subitem. */
+ break;
+ }
+ temp_state = parent;
+ }
+ if (item != NULL && item->data != NULL && !preallocatedString) {
+ /*
+ * Save the string away for later concatenation.
+ */
+ PORT_Assert(item->data != NULL);
+ sec_asn1d_add_to_subitems(state, item->data, item->len, PR_FALSE);
+ /*
+ * Clear the child item for the next round.
+ */
+ item->data = NULL;
+ item->len = 0;
+ }
+
+ /*
+ * If our child was just our end-of-contents octets, we are done.
+ */
+ if (child->endofcontents)
+ done = PR_TRUE;
+ }
+
+ /*
+ * Stop or do the next one.
+ */
+ if (done) {
+ child->place = notInUse;
+ state->place = afterConstructedString;
+ } else {
+ sec_asn1d_scrub_state(child);
+ state->top->current = child;
+ }
+}
+
+/*
+ * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
+ */
+static void
+sec_asn1d_next_in_group(sec_asn1d_state *state)
+{
+ sec_asn1d_state *child;
+ unsigned long child_consumed;
+
+ PORT_Assert(state->place == duringGroup);
+ PORT_Assert(state->child != NULL);
+
+ child = state->child;
+
+ child_consumed = child->consumed;
+ child->consumed = 0;
+ state->consumed += child_consumed;
+
+ /*
+ * If our child was just our end-of-contents octets, we are done.
+ */
+ if (child->endofcontents) {
+ /* XXX I removed the PORT_Assert (child->dest == NULL) because there
+ * was a bug in that a template that was a sequence of which also had
+ * a child of a sequence of, in an indefinite group was not working
+ * properly. This fix seems to work, (added the if statement below),
+ * and nothing appears broken, but I am putting this note here just
+ * in case. */
+ /*
+ * XXX No matter how many times I read that comment,
+ * I cannot figure out what case he was fixing. I believe what he
+ * did was deliberate, so I am loathe to touch it. I need to
+ * understand how it could ever be that child->dest != NULL but
+ * child->endofcontents is true, and why it is important to check
+ * that state->subitems_head is NULL. This really needs to be
+ * figured out, as I am not sure if the following code should be
+ * compensating for "offset", as is done a little farther below
+ * in the more normal case.
+ */
+ PORT_Assert(state->indefinite);
+ PORT_Assert(state->pending == 0);
+ if (child->dest && !state->subitems_head) {
+ sec_asn1d_add_to_subitems(state, child->dest, 0, PR_FALSE);
+ child->dest = NULL;
+ }
+
+ child->place = notInUse;
+ state->place = afterGroup;
+ return;
+ }
+
+ /*
+ * Do the "after" field notification for next in group.
+ */
+ sec_asn1d_notify_after(state->top, child->dest, child->depth);
+
+ /*
+ * Save it away (unless we are not storing).
+ */
+ if (child->dest != NULL) {
+ void *dest;
+
+ dest = child->dest;
+ dest = (char *)dest - child->theTemplate->offset;
+ sec_asn1d_add_to_subitems(state, dest, 0, PR_FALSE);
+ child->dest = NULL;
+ }
+
+ /*
+ * Account for those bytes; see if we are done.
+ */
+ if (state->pending) {
+ PORT_Assert(!state->indefinite);
+ if (child_consumed > state->pending) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+
+ state->pending -= child_consumed;
+ if (state->pending == 0) {
+ child->place = notInUse;
+ state->place = afterGroup;
+ return;
+ }
+ }
+
+ /*
+ * Do the "before" field notification for next item in group.
+ */
+ sec_asn1d_notify_before(state->top, child->dest, child->depth);
+
+ /*
+ * Now we do the next one.
+ */
+ sec_asn1d_scrub_state(child);
+
+ /* Initialize child state from the template */
+ sec_asn1d_init_state_based_on_template(child);
+
+ state->top->current = child;
+}
+
+/*
+ * We are moving along through a sequence; move forward by one,
+ * (detecting end-of-sequence when it happens).
+ * XXX The handling of "missing" is ugly. Fix it.
+ */
+static void
+sec_asn1d_next_in_sequence(sec_asn1d_state *state)
+{
+ sec_asn1d_state *child;
+ unsigned long child_consumed;
+ PRBool child_missing;
+
+ PORT_Assert(state->place == duringSequence);
+ PORT_Assert(state->child != NULL);
+
+ child = state->child;
+
+ /*
+ * Do the "after" field notification.
+ */
+ sec_asn1d_notify_after(state->top, child->dest, child->depth);
+
+ child_missing = (PRBool)child->missing;
+ child_consumed = child->consumed;
+ child->consumed = 0;
+
+ /*
+ * Take care of accounting.
+ */
+ if (child_missing) {
+ PORT_Assert(child->optional);
+ } else {
+ state->consumed += child_consumed;
+ /*
+ * Free any grandchild.
+ */
+ sec_asn1d_free_child(child, PR_FALSE);
+ if (state->pending) {
+ PORT_Assert(!state->indefinite);
+ if (child_consumed > state->pending) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+ state->pending -= child_consumed;
+ if (state->pending == 0) {
+ child->theTemplate++;
+ while (child->theTemplate->kind != 0) {
+ if ((child->theTemplate->kind & SEC_ASN1_OPTIONAL) == 0) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+ child->theTemplate++;
+ }
+ child->place = notInUse;
+ state->place = afterEndOfContents;
+ return;
+ }
+ }
+ }
+
+ /*
+ * Move forward.
+ */
+ child->theTemplate++;
+ if (child->theTemplate->kind == 0) {
+ /*
+ * We are done with this sequence.
+ */
+ child->place = notInUse;
+ if (state->pending) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ } else if (child_missing) {
+ /*
+ * We got to the end, but have a child that started parsing
+ * and ended up "missing". The only legitimate reason for
+ * this is that we had one or more optional fields at the
+ * end of our sequence, and we were encoded indefinite-length,
+ * so when we went looking for those optional fields we
+ * found our end-of-contents octets instead.
+ * (Yes, this is ugly; dunno a better way to handle it.)
+ * So, first confirm the situation, and then mark that we
+ * are done.
+ */
+ if (state->indefinite && child->endofcontents) {
+ PORT_Assert(child_consumed == 2);
+ if (child_consumed != 2) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ } else {
+ state->consumed += child_consumed;
+ state->place = afterEndOfContents;
+ }
+ } else {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ }
+ } else {
+ /*
+ * We have to finish out, maybe reading end-of-contents octets;
+ * let the normal logic do the right thing.
+ */
+ state->place = beforeEndOfContents;
+ }
+ } else {
+ unsigned char child_found_tag_modifiers = 0;
+ unsigned long child_found_tag_number = 0;
+
+ /*
+ * Reset state and push.
+ */
+ if (state->dest != NULL)
+ child->dest = (char *)state->dest + child->theTemplate->offset;
+
+ /*
+ * Do the "before" field notification.
+ */
+ sec_asn1d_notify_before(state->top, child->dest, child->depth);
+
+ if (child_missing) { /* if previous child was missing, copy the tag data we already have */
+ child_found_tag_modifiers = child->found_tag_modifiers;
+ child_found_tag_number = child->found_tag_number;
+ }
+ state->top->current = child;
+ child = sec_asn1d_init_state_based_on_template(child);
+ if (child_missing && child) {
+ child->place = afterIdentifier;
+ child->found_tag_modifiers = child_found_tag_modifiers;
+ child->found_tag_number = child_found_tag_number;
+ child->consumed = child_consumed;
+ if (child->underlying_kind == SEC_ASN1_ANY && !child->top->filter_only) {
+ /*
+ * If the new field is an ANY, and we are storing, then
+ * we need to save the tag out. We would have done this
+ * already in the normal case, but since we were looking
+ * for an optional field, and we did not find it, we only
+ * now realize we need to save the tag.
+ */
+ unsigned char identifier;
+
+ /*
+ * Check that we did not end up with a high tag; for that
+ * we need to re-encode the tag into multiple bytes in order
+ * to store it back to look like what we parsed originally.
+ * In practice this does not happen, but for completeness
+ * sake it should probably be made to work at some point.
+ */
+ PORT_Assert(child_found_tag_number < SEC_ASN1_HIGH_TAG_NUMBER);
+ identifier = (unsigned char)(child_found_tag_modifiers | child_found_tag_number);
+ sec_asn1d_record_any_header(child, (char *)&identifier, 1);
+ }
+ }
+ }
+}
+
+static void
+sec_asn1d_concat_substrings(sec_asn1d_state *state)
+{
+ PORT_Assert(state->place == afterConstructedString);
+
+ if (state->subitems_head != NULL) {
+ struct subitem *substring;
+ unsigned long alloc_len, item_len;
+ unsigned char *where;
+ SECItem *item;
+ PRBool is_bit_string;
+
+ item_len = 0;
+ is_bit_string = (state->underlying_kind == SEC_ASN1_BIT_STRING)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ substring = state->subitems_head;
+ while (substring != NULL) {
+ /*
+ * All bit-string substrings except the last one should be
+ * a clean multiple of 8 bits.
+ */
+ if (is_bit_string && (substring->next != NULL) && (substring->len & 0x7)) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+ item_len += substring->len;
+ substring = substring->next;
+ }
+
+ if (is_bit_string) {
+ alloc_len = ((item_len + 7) >> 3);
+ } else {
+ /*
+ * Add 2 for the end-of-contents octets of an indefinite-length
+ * ANY that is *not* also an INNER. Because we zero-allocate
+ * below, all we need to do is increase the length here.
+ */
+ if (state->underlying_kind == SEC_ASN1_ANY && state->indefinite)
+ item_len += 2;
+ alloc_len = item_len;
+ }
+
+ item = (SECItem *)(state->dest);
+ PORT_Assert(item != NULL);
+ PORT_Assert(item->data == NULL);
+ item->data = (unsigned char *)sec_asn1d_zalloc(state->top->their_pool,
+ alloc_len);
+ if (item->data == NULL) {
+ state->top->status = decodeError;
+ return;
+ }
+ item->len = item_len;
+
+ where = item->data;
+ substring = state->subitems_head;
+ while (substring != NULL) {
+ if (is_bit_string)
+ item_len = (substring->len + 7) >> 3;
+ else
+ item_len = substring->len;
+ PORT_Memcpy(where, substring->data, item_len);
+ where += item_len;
+ substring = substring->next;
+ }
+
+ /*
+ * Because we use arenas and have a mark set, we later free
+ * everything we have allocated, so this does *not* present
+ * a memory leak (it is just temporarily left dangling).
+ */
+ state->subitems_head = state->subitems_tail = NULL;
+ }
+
+ state->place = afterEndOfContents;
+}
+
+static void
+sec_asn1d_concat_group(sec_asn1d_state *state)
+{
+ const void ***placep;
+
+ PORT_Assert(state->place == afterGroup);
+
+ placep = (const void ***)state->dest;
+ PORT_Assert(state->subitems_head == NULL || placep != NULL);
+ if (placep != NULL) {
+ struct subitem *item;
+ const void **group;
+ int count;
+
+ count = 0;
+ item = state->subitems_head;
+ while (item != NULL) {
+ PORT_Assert(item->next != NULL || item == state->subitems_tail);
+ count++;
+ item = item->next;
+ }
+
+ group = (const void **)sec_asn1d_zalloc(state->top->their_pool,
+ (count + 1) * (sizeof(void *)));
+ if (group == NULL) {
+ state->top->status = decodeError;
+ return;
+ }
+
+ *placep = group;
+
+ item = state->subitems_head;
+ while (item != NULL) {
+ *group++ = item->data;
+ item = item->next;
+ }
+ *group = NULL;
+
+ /*
+ * Because we use arenas and have a mark set, we later free
+ * everything we have allocated, so this does *not* present
+ * a memory leak (it is just temporarily left dangling).
+ */
+ state->subitems_head = state->subitems_tail = NULL;
+ }
+
+ state->place = afterEndOfContents;
+}
+
+/*
+ * For those states that push a child to handle a subtemplate,
+ * "absorb" that child (transfer necessary information).
+ */
+static void
+sec_asn1d_absorb_child(sec_asn1d_state *state)
+{
+ /*
+ * There is absolutely supposed to be a child there.
+ */
+ PORT_Assert(state->child != NULL);
+
+ /*
+ * Inherit the missing status of our child, and do the ugly
+ * backing-up if necessary.
+ */
+ state->missing = state->child->missing;
+ if (state->missing) {
+ state->found_tag_number = state->child->found_tag_number;
+ state->found_tag_modifiers = state->child->found_tag_modifiers;
+ state->endofcontents = state->child->endofcontents;
+ }
+
+ /*
+ * Add in number of bytes consumed by child.
+ * (Only EXPLICIT should have already consumed bytes itself.)
+ */
+ PORT_Assert(state->place == afterExplicit || state->consumed == 0);
+ state->consumed += state->child->consumed;
+
+ /*
+ * Subtract from bytes pending; this only applies to a definite-length
+ * EXPLICIT field.
+ */
+ if (state->pending) {
+ PORT_Assert(!state->indefinite);
+ PORT_Assert(state->place == afterExplicit);
+
+ /*
+ * If we had a definite-length explicit, then what the child
+ * consumed should be what was left pending.
+ */
+ if (state->pending != state->child->consumed) {
+ if (state->pending < state->child->consumed) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return;
+ }
+ /*
+ * Okay, this is a hack. It *should* be an error whether
+ * pending is too big or too small, but it turns out that
+ * we had a bug in our *old* DER encoder that ended up
+ * counting an explicit header twice in the case where
+ * the underlying type was an ANY. So, because we cannot
+ * prevent receiving these (our own certificate server can
+ * send them to us), we need to be lenient and accept them.
+ * To do so, we need to pretend as if we read all of the
+ * bytes that the header said we would find, even though
+ * we actually came up short.
+ */
+ state->consumed += (state->pending - state->child->consumed);
+ }
+ state->pending = 0;
+ }
+
+ /*
+ * Indicate that we are done with child.
+ */
+ state->child->consumed = 0;
+
+ /*
+ * And move on to final state.
+ * (Technically everybody could move to afterEndOfContents except
+ * for an indefinite-length EXPLICIT; for simplicity though we assert
+ * that but let the end-of-contents code do the real determination.)
+ */
+ PORT_Assert(state->place == afterExplicit || (!state->indefinite));
+ state->place = beforeEndOfContents;
+}
+
+static void
+sec_asn1d_prepare_for_end_of_contents(sec_asn1d_state *state)
+{
+ PORT_Assert(state->place == beforeEndOfContents);
+
+ if (state->indefinite) {
+ state->place = duringEndOfContents;
+ state->pending = 2;
+ } else {
+ state->place = afterEndOfContents;
+ }
+}
+
+static unsigned long
+sec_asn1d_parse_end_of_contents(sec_asn1d_state *state,
+ const char *buf, unsigned long len)
+{
+ unsigned int i;
+
+ PORT_Assert(state->pending <= 2);
+ PORT_Assert(state->place == duringEndOfContents);
+
+ if (len == 0) {
+ state->top->status = needBytes;
+ return 0;
+ }
+
+ if (state->pending < len)
+ len = state->pending;
+
+ for (i = 0; i < len; i++) {
+ if (buf[i] != 0) {
+ /*
+ * We expect to find only zeros; if not, just give up.
+ */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return 0;
+ }
+ }
+
+ state->pending -= len;
+
+ if (state->pending == 0) {
+ state->place = afterEndOfContents;
+ state->endofcontents = PR_TRUE;
+ }
+
+ return len;
+}
+
+static void
+sec_asn1d_pop_state(sec_asn1d_state *state)
+{
+#if 0 /* XXX I think this should always be handled explicitly by parent? */
+ /*
+ * Account for our child.
+ */
+ if (state->child != NULL) {
+ state->consumed += state->child->consumed;
+ if (state->pending) {
+ PORT_Assert (!state->indefinite);
+ if (state->child->consumed > state->pending) {
+ PORT_SetError (SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ } else {
+ state->pending -= state->child->consumed;
+ }
+ }
+ state->child->consumed = 0;
+ }
+#endif /* XXX */
+
+ /*
+ * Free our child.
+ */
+ sec_asn1d_free_child(state, PR_FALSE);
+
+ /*
+ * Just make my parent be the current state. It will then clean
+ * up after me and free me (or reuse me).
+ */
+ state->top->current = state->parent;
+}
+
+static sec_asn1d_state *
+sec_asn1d_before_choice(sec_asn1d_state *state)
+{
+ sec_asn1d_state *child;
+
+ if (state->allocate) {
+ void *dest;
+
+ dest = sec_asn1d_zalloc(state->top->their_pool, state->theTemplate->size);
+ if ((void *)NULL == dest) {
+ state->top->status = decodeError;
+ return (sec_asn1d_state *)NULL;
+ }
+
+ state->dest = (char *)dest + state->theTemplate->offset;
+ }
+
+ child = sec_asn1d_push_state(state->top, state->theTemplate + 1,
+ (char *)state->dest - state->theTemplate->offset,
+ PR_FALSE);
+ if ((sec_asn1d_state *)NULL == child) {
+ return (sec_asn1d_state *)NULL;
+ }
+
+ sec_asn1d_scrub_state(child);
+ child = sec_asn1d_init_state_based_on_template(child);
+ if ((sec_asn1d_state *)NULL == child) {
+ return (sec_asn1d_state *)NULL;
+ }
+
+ child->optional = PR_TRUE;
+
+ state->place = duringChoice;
+
+ return child;
+}
+
+static sec_asn1d_state *
+sec_asn1d_during_choice(sec_asn1d_state *state)
+{
+ sec_asn1d_state *child = state->child;
+
+ PORT_Assert((sec_asn1d_state *)NULL != child);
+
+ if (child->missing) {
+ unsigned char child_found_tag_modifiers = 0;
+ unsigned long child_found_tag_number = 0;
+ void *dest;
+
+ state->consumed += child->consumed;
+
+ if (child->endofcontents) {
+ /* This choice is probably the first item in a GROUP
+ ** (e.g. SET_OF) that was indefinite-length encoded.
+ ** We're actually at the end of that GROUP.
+ ** We look up the stack to be sure that we find
+ ** a state with indefinite length encoding before we
+ ** find a state (like a SEQUENCE) that is definite.
+ */
+ child->place = notInUse;
+ state->place = afterChoice;
+ state->endofcontents = PR_TRUE; /* propagate this up */
+ if (sec_asn1d_parent_allows_EOC(state))
+ return state;
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return NULL;
+ }
+
+ dest = (char *)child->dest - child->theTemplate->offset;
+ child->theTemplate++;
+
+ if (0 == child->theTemplate->kind) {
+ /* Ran out of choices */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return (sec_asn1d_state *)NULL;
+ }
+ child->dest = (char *)dest + child->theTemplate->offset;
+
+ /* cargo'd from next_in_sequence innards */
+ if (state->pending) {
+ PORT_Assert(!state->indefinite);
+ if (child->consumed > state->pending) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return NULL;
+ }
+ state->pending -= child->consumed;
+ if (0 == state->pending) {
+ /* XXX uh.. not sure if I should have stopped this
+ * from happening before. */
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ state->top->status = decodeError;
+ return (sec_asn1d_state *)NULL;
+ }
+ }
+
+ child->consumed = 0;
+ sec_asn1d_scrub_state(child);
+
+ /* move it on top again */
+ state->top->current = child;
+
+ child_found_tag_modifiers = child->found_tag_modifiers;
+ child_found_tag_number = child->found_tag_number;
+
+ child = sec_asn1d_init_state_based_on_template(child);
+ if ((sec_asn1d_state *)NULL == child) {
+ return (sec_asn1d_state *)NULL;
+ }
+
+ /* copy our findings to the new top */
+ child->found_tag_modifiers = child_found_tag_modifiers;
+ child->found_tag_number = child_found_tag_number;
+
+ child->optional = PR_TRUE;
+ child->place = afterIdentifier;
+
+ return child;
+ }
+ if ((void *)NULL != state->dest) {
+ /* Store the enum */
+ int *which = (int *)state->dest;
+ *which = (int)child->theTemplate->size;
+ }
+
+ child->place = notInUse;
+
+ state->place = afterChoice;
+ return state;
+}
+
+static void
+sec_asn1d_after_choice(sec_asn1d_state *state)
+{
+ state->consumed += state->child->consumed;
+ state->child->consumed = 0;
+ state->place = afterEndOfContents;
+ sec_asn1d_pop_state(state);
+}
+
+unsigned long
+sec_asn1d_uinteger(SECItem *src)
+{
+ unsigned long value;
+ int len;
+
+ if (src->len > 5 || (src->len > 4 && src->data[0] == 0))
+ return 0;
+
+ value = 0;
+ len = src->len;
+ while (len) {
+ value <<= 8;
+ value |= src->data[--len];
+ }
+ return value;
+}
+
+SECStatus
+SEC_ASN1DecodeInteger(SECItem *src, unsigned long *value)
+{
+ unsigned long v;
+ unsigned int i;
+
+ if (src == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (src->len > sizeof(unsigned long)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (src->data == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (src->data[0] & 0x80)
+ v = -1; /* signed and negative - start with all 1's */
+ else
+ v = 0;
+
+ for (i = 0; i < src->len; i++) {
+ /* shift in next byte */
+ v <<= 8;
+ v |= src->data[i];
+ }
+ *value = v;
+ return SECSuccess;
+}
+
+#ifdef DEBUG_ASN1D_STATES
+static void
+dump_states(SEC_ASN1DecoderContext *cx)
+{
+ sec_asn1d_state *state;
+ char kindBuf[256];
+
+ for (state = cx->current; state->parent; state = state->parent) {
+ ;
+ }
+
+ for (; state; state = state->child) {
+ int i;
+ for (i = 0; i < state->depth; i++) {
+ printf(" ");
+ }
+
+ i = formatKind(state->theTemplate->kind, kindBuf);
+ printf("%s: tmpl %08x, kind%s",
+ (state == cx->current) ? "STATE" : "State",
+ state->theTemplate,
+ kindBuf);
+ printf(" %s", (state->place >= 0 && state->place <= notInUse)
+ ? place_names[state->place]
+ : "(undefined)");
+ if (!i)
+ printf(", expect 0x%02x",
+ state->expect_tag_number | state->expect_tag_modifiers);
+
+ printf("%s%s%s %d\n",
+ state->indefinite ? ", indef" : "",
+ state->missing ? ", miss" : "",
+ state->endofcontents ? ", EOC" : "",
+ state->pending);
+ }
+
+ return;
+}
+#endif /* DEBUG_ASN1D_STATES */
+
+SECStatus
+SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
+ const char *buf, unsigned long len)
+{
+ sec_asn1d_state *state = NULL;
+ unsigned long consumed;
+ SEC_ASN1EncodingPart what;
+ sec_asn1d_state *stateEnd = cx->current;
+
+ if (cx->status == needBytes)
+ cx->status = keepGoing;
+
+ while (cx->status == keepGoing) {
+ state = cx->current;
+ what = SEC_ASN1_Contents;
+ consumed = 0;
+#ifdef DEBUG_ASN1D_STATES
+ printf("\nPLACE = %s, next byte = 0x%02x, %08x[%d]\n",
+ (state->place >= 0 && state->place <= notInUse) ? place_names[state->place] : "(undefined)",
+ (unsigned int)((unsigned char *)buf)[consumed],
+ buf, consumed);
+ dump_states(cx);
+#endif /* DEBUG_ASN1D_STATES */
+ switch (state->place) {
+ case beforeIdentifier:
+ consumed = sec_asn1d_parse_identifier(state, buf, len);
+ what = SEC_ASN1_Identifier;
+ break;
+ case duringIdentifier:
+ consumed = sec_asn1d_parse_more_identifier(state, buf, len);
+ what = SEC_ASN1_Identifier;
+ break;
+ case afterIdentifier:
+ sec_asn1d_confirm_identifier(state);
+ break;
+ case beforeLength:
+ consumed = sec_asn1d_parse_length(state, buf, len);
+ what = SEC_ASN1_Length;
+ break;
+ case duringLength:
+ consumed = sec_asn1d_parse_more_length(state, buf, len);
+ what = SEC_ASN1_Length;
+ break;
+ case afterLength:
+ sec_asn1d_prepare_for_contents(state);
+ break;
+ case beforeBitString:
+ consumed = sec_asn1d_parse_bit_string(state, buf, len);
+ break;
+ case duringBitString:
+ consumed = sec_asn1d_parse_more_bit_string(state, buf, len);
+ break;
+ case duringConstructedString:
+ sec_asn1d_next_substring(state);
+ break;
+ case duringGroup:
+ sec_asn1d_next_in_group(state);
+ break;
+ case duringLeaf:
+ consumed = sec_asn1d_parse_leaf(state, buf, len);
+ break;
+ case duringSaveEncoding:
+ sec_asn1d_reuse_encoding(state);
+ if (cx->status == decodeError) {
+ /* recursive call has already popped all states from stack.
+ ** Bail out quickly.
+ */
+ return SECFailure;
+ }
+ if (cx->status == needBytes) {
+ /* recursive call wanted more data. Fatal. Clean up below. */
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ cx->status = decodeError;
+ }
+ break;
+ case duringSequence:
+ sec_asn1d_next_in_sequence(state);
+ break;
+ case afterConstructedString:
+ sec_asn1d_concat_substrings(state);
+ break;
+ case afterExplicit:
+ case afterImplicit:
+ case afterInline:
+ case afterPointer:
+ sec_asn1d_absorb_child(state);
+ break;
+ case afterGroup:
+ sec_asn1d_concat_group(state);
+ break;
+ case afterSaveEncoding:
+ /* SEC_ASN1DecoderUpdate has called itself recursively to
+ ** decode SAVEd encoded data, and now is done decoding that.
+ ** Return to the calling copy of SEC_ASN1DecoderUpdate.
+ */
+ return SECSuccess;
+ case beforeEndOfContents:
+ sec_asn1d_prepare_for_end_of_contents(state);
+ break;
+ case duringEndOfContents:
+ consumed = sec_asn1d_parse_end_of_contents(state, buf, len);
+ what = SEC_ASN1_EndOfContents;
+ break;
+ case afterEndOfContents:
+ sec_asn1d_pop_state(state);
+ break;
+ case beforeChoice:
+ state = sec_asn1d_before_choice(state);
+ break;
+ case duringChoice:
+ state = sec_asn1d_during_choice(state);
+ break;
+ case afterChoice:
+ sec_asn1d_after_choice(state);
+ break;
+ case notInUse:
+ default:
+ /* This is not an error, but rather a plain old BUG! */
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ cx->status = decodeError;
+ break;
+ }
+
+ if (cx->status == decodeError)
+ break;
+
+ /* We should not consume more than we have. */
+ PORT_Assert(consumed <= len);
+ if (consumed > len) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ cx->status = decodeError;
+ break;
+ }
+
+ /* It might have changed, so we have to update our local copy. */
+ state = cx->current;
+
+ /* If it is NULL, we have popped all the way to the top. */
+ if (state == NULL) {
+ PORT_Assert(consumed == 0);
+#if 0 /* XXX I want this here, but it seems that we have situations (like \
+ * downloading a pkcs7 cert chain from some issuers) that give us a \
+ * length which is greater than the entire encoding. So, we cannot \
+ * have this be an error. \
+ */
+ if (len > 0) {
+ PORT_SetError (SEC_ERROR_BAD_DER);
+ cx->status = decodeError;
+ } else
+#endif
+ cx->status = allDone;
+ break;
+ } else if (state->theTemplate->kind == SEC_ASN1_SKIP_REST) {
+ cx->status = allDone;
+ break;
+ }
+
+ if (consumed == 0)
+ continue;
+
+ /*
+ * The following check is specifically looking for an ANY
+ * that is *not* also an INNER, because we need to save aside
+ * all bytes in that case -- the contents parts will get
+ * handled like all other contents, and the end-of-contents
+ * bytes are added by the concat code, but the outer header
+ * bytes need to get saved too, so we do them explicitly here.
+ */
+ if (state->underlying_kind == SEC_ASN1_ANY && !cx->filter_only && (what == SEC_ASN1_Identifier || what == SEC_ASN1_Length)) {
+ sec_asn1d_record_any_header(state, buf, consumed);
+ }
+
+ /*
+ * We had some number of good, accepted bytes. If the caller
+ * has registered to see them, pass them along.
+ */
+ if (state->top->filter_proc != NULL) {
+ int depth;
+
+ depth = state->depth;
+ if (what == SEC_ASN1_EndOfContents && !state->indefinite) {
+ PORT_Assert(state->parent != NULL && state->parent->indefinite);
+ depth--;
+ PORT_Assert(depth == state->parent->depth);
+ }
+ (*state->top->filter_proc)(state->top->filter_arg,
+ buf, consumed, depth, what);
+ }
+
+ state->consumed += consumed;
+ buf += consumed;
+ len -= consumed;
+ }
+
+ if (cx->status == decodeError) {
+ while (state != NULL && stateEnd->parent != state) {
+ sec_asn1d_free_child(state, PR_TRUE);
+ state = state->parent;
+ }
+#ifdef SEC_ASN1D_FREE_ON_ERROR /* \
+ * XXX This does not work because we can \
+ * end up leaving behind dangling pointers \
+ * to stuff that was allocated. In order \
+ * to make this really work (which would \
+ * be a good thing, I think), we need to \
+ * keep track of every place/pointer that \
+ * was allocated and make sure to NULL it \
+ * out before we then free back to the mark. \
+ */
+ if (cx->their_pool != NULL) {
+ PORT_Assert(cx->their_mark != NULL);
+ PORT_ArenaRelease(cx->their_pool, cx->their_mark);
+ cx->their_mark = NULL;
+ }
+#endif
+ return SECFailure;
+ }
+
+#if 0 /* XXX This is what I want, but cannot have because it seems we \
+ * have situations (like when downloading a pkcs7 cert chain from \
+ * some issuers) that give us a total length which is greater than \
+ * the entire encoding. So, we have to allow allDone to have a \
+ * remaining length greater than zero. I wanted to catch internal \
+ * bugs with this, noticing when we do not have the right length. \
+ * Oh well. \
+ */
+ PORT_Assert (len == 0
+ && (cx->status == needBytes || cx->status == allDone));
+#else
+ PORT_Assert((len == 0 && cx->status == needBytes) || cx->status == allDone);
+#endif
+ return SECSuccess;
+}
+
+SECStatus
+SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx)
+{
+ SECStatus rv;
+
+ if (cx->status == needBytes) {
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
+ } else {
+ rv = SECSuccess;
+ }
+
+ /*
+ * XXX anything else that needs to be finished?
+ */
+
+ PORT_FreeArena(cx->our_pool, PR_TRUE);
+
+ return rv;
+}
+
+SEC_ASN1DecoderContext *
+SEC_ASN1DecoderStart(PLArenaPool *their_pool, void *dest,
+ const SEC_ASN1Template *theTemplate)
+{
+ PLArenaPool *our_pool;
+ SEC_ASN1DecoderContext *cx;
+
+ our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (our_pool == NULL)
+ return NULL;
+
+ cx = (SEC_ASN1DecoderContext *)PORT_ArenaZAlloc(our_pool, sizeof(*cx));
+ if (cx == NULL) {
+ PORT_FreeArena(our_pool, PR_FALSE);
+ return NULL;
+ }
+
+ cx->our_pool = our_pool;
+ if (their_pool != NULL) {
+ cx->their_pool = their_pool;
+#ifdef SEC_ASN1D_FREE_ON_ERROR
+ cx->their_mark = PORT_ArenaMark(their_pool);
+#endif
+ }
+
+ cx->status = needBytes;
+
+ if (sec_asn1d_push_state(cx, theTemplate, dest, PR_FALSE) == NULL || sec_asn1d_init_state_based_on_template(cx->current) == NULL) {
+ /*
+ * Trouble initializing (probably due to failed allocations)
+ * requires that we just give up.
+ */
+ PORT_FreeArena(our_pool, PR_FALSE);
+ return NULL;
+ }
+
+ return cx;
+}
+
+void
+SEC_ASN1DecoderSetFilterProc(SEC_ASN1DecoderContext *cx,
+ SEC_ASN1WriteProc fn, void *arg,
+ PRBool only)
+{
+ /* check that we are "between" fields here */
+ PORT_Assert(cx->during_notify);
+
+ cx->filter_proc = fn;
+ cx->filter_arg = arg;
+ cx->filter_only = only;
+}
+
+void
+SEC_ASN1DecoderClearFilterProc(SEC_ASN1DecoderContext *cx)
+{
+ /* check that we are "between" fields here */
+ PORT_Assert(cx->during_notify);
+
+ cx->filter_proc = NULL;
+ cx->filter_arg = NULL;
+ cx->filter_only = PR_FALSE;
+}
+
+void
+SEC_ASN1DecoderSetNotifyProc(SEC_ASN1DecoderContext *cx,
+ SEC_ASN1NotifyProc fn, void *arg)
+{
+ cx->notify_proc = fn;
+ cx->notify_arg = arg;
+}
+
+void
+SEC_ASN1DecoderClearNotifyProc(SEC_ASN1DecoderContext *cx)
+{
+ cx->notify_proc = NULL;
+ cx->notify_arg = NULL; /* not necessary; just being clean */
+}
+
+void
+SEC_ASN1DecoderAbort(SEC_ASN1DecoderContext *cx, int error)
+{
+ PORT_Assert(cx);
+ PORT_SetError(error);
+ cx->status = decodeError;
+}
+
+SECStatus
+SEC_ASN1Decode(PLArenaPool *poolp, void *dest,
+ const SEC_ASN1Template *theTemplate,
+ const char *buf, long len)
+{
+ SEC_ASN1DecoderContext *dcx;
+ SECStatus urv, frv;
+
+ dcx = SEC_ASN1DecoderStart(poolp, dest, theTemplate);
+ if (dcx == NULL)
+ return SECFailure;
+
+ urv = SEC_ASN1DecoderUpdate(dcx, buf, len);
+ frv = SEC_ASN1DecoderFinish(dcx);
+
+ if (urv != SECSuccess)
+ return urv;
+
+ return frv;
+}
+
+SECStatus
+SEC_ASN1DecodeItem(PLArenaPool *poolp, void *dest,
+ const SEC_ASN1Template *theTemplate,
+ const SECItem *src)
+{
+ return SEC_ASN1Decode(poolp, dest, theTemplate,
+ (const char *)src->data, src->len);
+}
+
+#ifdef DEBUG_ASN1D_STATES
+void
+sec_asn1d_Assert(const char *s, const char *file, PRIntn ln)
+{
+ printf("Assertion failed, \"%s\", file %s, line %d\n", s, file, ln);
+ fflush(stdout);
+}
+#endif
+
+/*
+ * Generic templates for individual/simple items and pointers to
+ * and sets of same.
+ *
+ * If you need to add a new one, please note the following:
+ * - For each new basic type you should add *four* templates:
+ * one plain, one PointerTo, one SequenceOf and one SetOf.
+ * - If the new type can be constructed (meaning, it is a
+ * *string* type according to BER/DER rules), then you should
+ * or-in SEC_ASN1_MAY_STREAM to the type in the basic template.
+ * See the definition of the OctetString template for an example.
+ * - It may not be obvious, but these are in *alphabetical*
+ * order based on the SEC_ASN1_XXX name; so put new ones in
+ * the appropriate place.
+ */
+
+const SEC_ASN1Template SEC_SequenceOfAnyTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_PointerToBitStringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_BitStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_BitStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfBitStringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_BitStringTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToBMPStringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_BMPStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_BMPStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfBMPStringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_BMPStringTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToBooleanTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_BooleanTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_BooleanTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfBooleanTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_BooleanTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_EnumeratedTemplate[] = {
+ { SEC_ASN1_ENUMERATED, 0, NULL, sizeof(SECItem) }
+};
+
+const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_EnumeratedTemplate }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_EnumeratedTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_EnumeratedTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_GeneralizedTimeTemplate }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_GeneralizedTimeTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_GeneralizedTimeTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToIA5StringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_IA5StringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_IA5StringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfIA5StringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_IA5StringTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToIntegerTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_IntegerTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_IntegerTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfIntegerTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_IntegerTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToNullTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_NullTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfNullTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_NullTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfNullTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_NullTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToObjectIDTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_ObjectIDTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_ObjectIDTemplate }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_SetOfObjectIDTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_ObjectIDTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_OctetStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfOctetStringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_OctetStringTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_PrintableStringTemplate[] = {
+ { SEC_ASN1_PRINTABLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_PrintableStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_PrintableStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_PrintableStringTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_T61StringTemplate[] = {
+ { SEC_ASN1_T61_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_PointerToT61StringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_T61StringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_T61StringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfT61StringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_T61StringTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_UniversalStringTemplate[] = {
+ { SEC_ASN1_UNIVERSAL_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_UniversalStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_UniversalStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_UniversalStringTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_UTCTimeTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTCTimeTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_UTCTimeTemplate }
+};
+
+const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_UTF8StringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTF8StringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_UTF8StringTemplate }
+};
+
+#endif
+
+const SEC_ASN1Template SEC_VisibleStringTemplate[] = {
+ { SEC_ASN1_VISIBLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+#if 0
+
+const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_VisibleStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[] = {
+ { SEC_ASN1_SEQUENCE_OF, 0, SEC_VisibleStringTemplate }
+};
+
+const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_VisibleStringTemplate }
+};
+
+#endif
+
+/*
+ * Template for skipping a subitem.
+ *
+ * Note that it only makes sense to use this for decoding (when you want
+ * to decode something where you are only interested in one or two of
+ * the fields); you cannot encode a SKIP!
+ */
+const SEC_ASN1Template SEC_SkipTemplate[] = {
+ { SEC_ASN1_SKIP }
+};
+
+/* These functions simply return the address of the above-declared templates.
+** This is necessary for Windows DLLs. Sigh.
+*/
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_EnumeratedTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToEnumeratedTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SequenceOfAnyTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SequenceOfObjectIDTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SkipTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UniversalStringTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PrintableStringTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_T61StringTemplate)
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToGeneralizedTimeTemplate)
diff --git a/security/nss/lib/util/secasn1e.c b/security/nss/lib/util/secasn1e.c
new file mode 100644
index 000000000..fb3feef52
--- /dev/null
+++ b/security/nss/lib/util/secasn1e.c
@@ -0,0 +1,1568 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished
+ * Encoding Rules).
+ */
+
+#include "secasn1.h"
+
+typedef enum {
+ beforeHeader,
+ duringContents,
+ duringGroup,
+ duringSequence,
+ afterContents,
+ afterImplicit,
+ afterInline,
+ afterPointer,
+ afterChoice,
+ notInUse
+} sec_asn1e_parse_place;
+
+typedef enum {
+ allDone,
+ encodeError,
+ keepGoing,
+ needBytes
+} sec_asn1e_parse_status;
+
+typedef enum {
+ hdr_normal = 0, /* encode header normally */
+ hdr_any = 1, /* header already encoded in content */
+ hdr_decoder = 2, /* template only used by decoder. skip it. */
+ hdr_optional = 3, /* optional component, to be omitted */
+ hdr_placeholder = 4 /* place holder for from_buf content */
+} sec_asn1e_hdr_encoding;
+
+typedef struct sec_asn1e_state_struct {
+ SEC_ASN1EncoderContext *top;
+ const SEC_ASN1Template *theTemplate;
+ void *src;
+
+ struct sec_asn1e_state_struct *parent; /* aka prev */
+ struct sec_asn1e_state_struct *child; /* aka next */
+
+ sec_asn1e_parse_place place; /* where we are in encoding process */
+
+ /*
+ * XXX explain the next fields as clearly as possible...
+ */
+ unsigned char tag_modifiers;
+ unsigned char tag_number;
+ unsigned long underlying_kind;
+
+ int depth;
+
+ PRBool isExplicit, /* we are handling an isExplicit header */
+ indefinite, /* need end-of-contents */
+ is_string, /* encoding a simple string or an ANY */
+ may_stream, /* when streaming, do indefinite encoding */
+ optional, /* omit field if it has no contents */
+ disallowStreaming; /* disallow streaming in all sub-templates */
+} sec_asn1e_state;
+
+/*
+ * An "outsider" will have an opaque pointer to this, created by calling
+ * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent
+ * calls to SEC_ASN1EncoderUpdate() and related routines, and when done
+ * it is passed to SEC_ASN1EncoderFinish().
+ */
+struct sec_EncoderContext_struct {
+ PLArenaPool *our_pool; /* for our internal allocs */
+
+ sec_asn1e_state *current;
+ sec_asn1e_parse_status status;
+
+ PRBool streaming;
+ PRBool from_buf;
+
+ SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
+ void *notify_arg; /* argument to notify_proc */
+ PRBool during_notify; /* true during call to notify_proc */
+
+ SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */
+ void *output_arg; /* argument to that function */
+};
+
+static sec_asn1e_state *
+sec_asn1e_push_state(SEC_ASN1EncoderContext *cx,
+ const SEC_ASN1Template *theTemplate,
+ const void *src, PRBool new_depth)
+{
+ sec_asn1e_state *state, *new_state;
+
+ state = cx->current;
+
+ new_state = (sec_asn1e_state *)PORT_ArenaZAlloc(cx->our_pool,
+ sizeof(*new_state));
+ if (new_state == NULL) {
+ cx->status = encodeError;
+ return NULL;
+ }
+
+ new_state->top = cx;
+ new_state->parent = state;
+ new_state->theTemplate = theTemplate;
+ new_state->place = notInUse;
+ if (src != NULL)
+ new_state->src = (char *)src + theTemplate->offset;
+
+ if (state != NULL) {
+ new_state->depth = state->depth;
+ if (new_depth)
+ new_state->depth++;
+ state->child = new_state;
+ }
+
+ cx->current = new_state;
+ return new_state;
+}
+
+static void
+sec_asn1e_scrub_state(sec_asn1e_state *state)
+{
+ /*
+ * Some default "scrubbing".
+ * XXX right set of initializations?
+ */
+ state->place = beforeHeader;
+ state->indefinite = PR_FALSE;
+}
+
+static void
+sec_asn1e_notify_before(SEC_ASN1EncoderContext *cx, void *src, int depth)
+{
+ if (cx->notify_proc == NULL)
+ return;
+
+ cx->during_notify = PR_TRUE;
+ (*cx->notify_proc)(cx->notify_arg, PR_TRUE, src, depth);
+ cx->during_notify = PR_FALSE;
+}
+
+static void
+sec_asn1e_notify_after(SEC_ASN1EncoderContext *cx, void *src, int depth)
+{
+ if (cx->notify_proc == NULL)
+ return;
+
+ cx->during_notify = PR_TRUE;
+ (*cx->notify_proc)(cx->notify_arg, PR_FALSE, src, depth);
+ cx->during_notify = PR_FALSE;
+}
+
+static sec_asn1e_state *
+sec_asn1e_init_state_based_on_template(sec_asn1e_state *state)
+{
+ PRBool isExplicit, is_string, may_stream, optional, universal;
+ PRBool disallowStreaming;
+ unsigned char tag_modifiers;
+ unsigned long encode_kind, under_kind;
+ unsigned long tag_number;
+ PRBool isInline = PR_FALSE;
+
+ encode_kind = state->theTemplate->kind;
+
+ universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_EXPLICIT;
+
+ optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_OPTIONAL;
+
+ PORT_Assert(!(isExplicit && universal)); /* bad templates */
+
+ may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_MAY_STREAM;
+
+ disallowStreaming = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_NO_STREAM;
+
+ /* Just clear this to get it out of the way; we do not need it here */
+ encode_kind &= ~SEC_ASN1_DYNAMIC;
+
+ if (encode_kind & SEC_ASN1_CHOICE) {
+ under_kind = SEC_ASN1_CHOICE;
+ } else if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) ||
+ (!universal && !isExplicit)) {
+ const SEC_ASN1Template *subt;
+ void *src = NULL;
+
+ PORT_Assert((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
+
+ sec_asn1e_scrub_state(state);
+
+ if (encode_kind & SEC_ASN1_POINTER) {
+ src = *(void **)state->src;
+ state->place = afterPointer;
+
+ if (src == NULL) {
+ /*
+ * If this is optional, but NULL, then the field does
+ * not need to be encoded. In this case we are done;
+ * we do not want to push a subtemplate.
+ */
+ if (optional)
+ return state;
+
+ /*
+ * XXX this is an error; need to figure out
+ * how to handle this
+ */
+ }
+ } else {
+ src = state->src;
+ if (encode_kind & SEC_ASN1_INLINE) {
+ /* check that there are no extraneous bits */
+ /* PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); */
+ state->place = afterInline;
+ isInline = PR_TRUE;
+ } else {
+ /*
+ * Save the tag modifiers and tag number here before moving
+ * on to the next state in case this is a member of a
+ * SEQUENCE OF
+ */
+ state->tag_modifiers = (unsigned char)(encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK));
+ state->tag_number = (unsigned char)(encode_kind & SEC_ASN1_TAGNUM_MASK);
+
+ state->place = afterImplicit;
+ state->optional = optional;
+ }
+ }
+
+ subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE);
+ if (isInline && optional) {
+ /* we only handle a very limited set of optional inline cases at
+ this time */
+ if (PR_FALSE != SEC_ASN1IsTemplateSimple(subt)) {
+ /* we now know that the target is a SECItem*, so we can check
+ if the source contains one */
+ SECItem *target = (SECItem *)state->src;
+ if (!target || !target->data || !target->len) {
+ /* no valid data to encode subtemplate */
+ return state;
+ }
+ } else {
+ PORT_Assert(0); /* complex templates are not handled as
+ inline optional */
+ }
+ }
+ state = sec_asn1e_push_state(state->top, subt, src, PR_FALSE);
+ if (state == NULL)
+ return state;
+
+ if (universal) {
+ /*
+ * This is a POINTER or INLINE; just init based on that
+ * and we are done.
+ */
+ return sec_asn1e_init_state_based_on_template(state);
+ }
+
+ /*
+ * This is an implicit, non-universal (meaning, application-private
+ * or context-specific) field. This results in a "magic" tag but
+ * encoding based on the underlying type. We pushed a new state
+ * that is based on the subtemplate (the underlying type), but
+ * now we will sort of alias it to give it some of our properties
+ * (tag, optional status, etc.).
+ *
+ * NB: ALL the following flags in the subtemplate are disallowed
+ * and/or ignored: EXPLICIT, OPTIONAL, INNER, INLINE, POINTER.
+ */
+
+ under_kind = state->theTemplate->kind;
+ if ((under_kind & SEC_ASN1_MAY_STREAM) && !disallowStreaming) {
+ may_stream = PR_TRUE;
+ }
+ under_kind &= ~(SEC_ASN1_MAY_STREAM | SEC_ASN1_DYNAMIC);
+ } else {
+ under_kind = encode_kind;
+ }
+
+/*
+ * Sanity check that there are no unwanted bits marked in under_kind.
+ * These bits were either removed above (after we recorded them) or
+ * they simply should not be found (signalling a bad/broken template).
+ * XXX is this the right set of bits to test here? (i.e. need to add
+ * or remove any?)
+ */
+#define UNEXPECTED_FLAGS \
+ (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_SKIP | SEC_ASN1_INNER | \
+ SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_INLINE | SEC_ASN1_POINTER)
+
+ PORT_Assert((under_kind & UNEXPECTED_FLAGS) == 0);
+ under_kind &= ~UNEXPECTED_FLAGS;
+#undef UNEXPECTED_FLAGS
+
+ if (encode_kind & SEC_ASN1_ANY) {
+ PORT_Assert(encode_kind == under_kind);
+ tag_modifiers = 0;
+ tag_number = 0;
+ is_string = PR_TRUE;
+ } else {
+ tag_modifiers = (unsigned char)(encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK));
+ /*
+ * XXX This assumes only single-octet identifiers. To handle
+ * the HIGH TAG form we would need to do some more work, especially
+ * in how to specify them in the template, because right now we
+ * do not provide a way to specify more *tag* bits in encode_kind.
+ */
+ tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
+
+ is_string = PR_FALSE;
+ switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
+ case SEC_ASN1_SET:
+ /*
+ * XXX A plain old SET (as opposed to a SET OF) is not implemented.
+ * If it ever is, remove this assert...
+ */
+ PORT_Assert((under_kind & SEC_ASN1_GROUP) != 0);
+ /* fallthru */
+ case SEC_ASN1_SEQUENCE:
+ tag_modifiers |= SEC_ASN1_CONSTRUCTED;
+ break;
+ case SEC_ASN1_BIT_STRING:
+ case SEC_ASN1_BMP_STRING:
+ case SEC_ASN1_GENERALIZED_TIME:
+ case SEC_ASN1_IA5_STRING:
+ case SEC_ASN1_OCTET_STRING:
+ case SEC_ASN1_PRINTABLE_STRING:
+ case SEC_ASN1_T61_STRING:
+ case SEC_ASN1_UNIVERSAL_STRING:
+ case SEC_ASN1_UTC_TIME:
+ case SEC_ASN1_UTF8_STRING:
+ case SEC_ASN1_VISIBLE_STRING:
+ /*
+ * We do not yet know if we will be constructing the string,
+ * so we have to wait to do this final tag modification.
+ */
+ is_string = PR_TRUE;
+ break;
+ }
+ }
+
+ state->tag_modifiers = tag_modifiers;
+ state->tag_number = (unsigned char)tag_number;
+ state->underlying_kind = under_kind;
+ state->isExplicit = isExplicit;
+ state->may_stream = may_stream;
+ state->is_string = is_string;
+ state->optional = optional;
+ state->disallowStreaming = disallowStreaming;
+
+ sec_asn1e_scrub_state(state);
+
+ return state;
+}
+
+static void
+sec_asn1e_write_part(sec_asn1e_state *state,
+ const char *buf, unsigned long len,
+ SEC_ASN1EncodingPart part)
+{
+ SEC_ASN1EncoderContext *cx;
+
+ cx = state->top;
+ (*cx->output_proc)(cx->output_arg, buf, len, state->depth, part);
+}
+
+/*
+ * XXX This assumes only single-octet identifiers. To handle
+ * the HIGH TAG form we would need to modify this interface and
+ * teach it to properly encode the special form.
+ */
+static void
+sec_asn1e_write_identifier_bytes(sec_asn1e_state *state, unsigned char value)
+{
+ char byte;
+
+ byte = (char)value;
+ sec_asn1e_write_part(state, &byte, 1, SEC_ASN1_Identifier);
+}
+
+int
+SEC_ASN1EncodeLength(unsigned char *buf, int value)
+{
+ int lenlen;
+
+ lenlen = SEC_ASN1LengthLength(value);
+ if (lenlen == 1) {
+ buf[0] = value;
+ } else {
+ int i;
+
+ i = lenlen - 1;
+ buf[0] = 0x80 | i;
+ while (i) {
+ buf[i--] = value;
+ value >>= 8;
+ }
+ PORT_Assert(value == 0);
+ }
+ return lenlen;
+}
+
+static void
+sec_asn1e_write_length_bytes(sec_asn1e_state *state, unsigned long value,
+ PRBool indefinite)
+{
+ int lenlen;
+ unsigned char buf[sizeof(unsigned long) + 1];
+
+ if (indefinite) {
+ PORT_Assert(value == 0);
+ buf[0] = 0x80;
+ lenlen = 1;
+ } else {
+ lenlen = SEC_ASN1EncodeLength(buf, value);
+ }
+
+ sec_asn1e_write_part(state, (char *)buf, lenlen, SEC_ASN1_Length);
+}
+
+static void
+sec_asn1e_write_contents_bytes(sec_asn1e_state *state,
+ const char *buf, unsigned long len)
+{
+ sec_asn1e_write_part(state, buf, len, SEC_ASN1_Contents);
+}
+
+static void
+sec_asn1e_write_end_of_contents_bytes(sec_asn1e_state *state)
+{
+ const char eoc[2] = { 0, 0 };
+
+ sec_asn1e_write_part(state, eoc, 2, SEC_ASN1_EndOfContents);
+}
+
+static int
+sec_asn1e_which_choice(
+ void *src,
+ const SEC_ASN1Template *theTemplate)
+{
+ int rv;
+ unsigned int which = *(unsigned int *)src;
+
+ for (rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++) {
+ if (which == theTemplate->size) {
+ return rv;
+ }
+ }
+
+ return 0;
+}
+
+static unsigned long
+sec_asn1e_contents_length(const SEC_ASN1Template *theTemplate, void *src,
+ PRBool disallowStreaming, PRBool insideIndefinite,
+ sec_asn1e_hdr_encoding *pHdrException)
+{
+ unsigned long encode_kind, underlying_kind;
+ PRBool isExplicit, optional, universal, may_stream;
+ unsigned long len;
+
+ /*
+ * This function currently calculates the length in all cases
+ * except the following: when writing out the contents of a
+ * template that belongs to a state where it was a sub-template
+ * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the
+ * optional bit set. The information that the parent is optional
+ * and that we should return the length of 0 when that length is
+ * present since that means the optional field is no longer present.
+ * So we add the disallowStreaming flag which is passed in when
+ * writing the contents, but for all recursive calls to
+ * sec_asn1e_contents_length, we pass PR_FALSE, because this
+ * function correctly calculates the length for children templates
+ * from that point on. Confused yet? At least you didn't have
+ * to figure it out. ;) -javi
+ */
+ encode_kind = theTemplate->kind;
+
+ universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
+ ? PR_TRUE
+ : PR_FALSE;
+
+ isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_EXPLICIT;
+
+ optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_OPTIONAL;
+
+ PORT_Assert(!(isExplicit && universal)); /* bad templates */
+
+ may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
+ encode_kind &= ~SEC_ASN1_MAY_STREAM;
+
+ /* Just clear this to get it out of the way; we do not need it here */
+ encode_kind &= ~SEC_ASN1_DYNAMIC;
+
+ if (encode_kind & SEC_ASN1_NO_STREAM) {
+ disallowStreaming = PR_TRUE;
+ }
+ encode_kind &= ~SEC_ASN1_NO_STREAM;
+
+ if (encode_kind & SEC_ASN1_CHOICE) {
+ void *src2;
+ int indx = sec_asn1e_which_choice(src, theTemplate);
+ if (0 == indx) {
+ /* XXX set an error? "choice not found" */
+ /* state->top->status = encodeError; */
+ return 0;
+ }
+
+ src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);
+
+ return sec_asn1e_contents_length(&theTemplate[indx], src2,
+ disallowStreaming, insideIndefinite,
+ pHdrException);
+ }
+
+ if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) {
+ /* XXX any bits we want to disallow (PORT_Assert against) here? */
+ theTemplate = SEC_ASN1GetSubtemplate(theTemplate, src, PR_TRUE);
+ if (encode_kind & SEC_ASN1_POINTER) {
+ src = *(void **)src;
+ if (src == NULL) {
+ *pHdrException = optional ? hdr_optional : hdr_normal;
+ return 0;
+ }
+ } else if (encode_kind & SEC_ASN1_INLINE) {
+ /* check that there are no extraneous bits */
+ if (optional) {
+ if (PR_FALSE != SEC_ASN1IsTemplateSimple(theTemplate)) {
+ /* we now know that the target is a SECItem*, so we can check
+ if the source contains one */
+ SECItem *target = (SECItem *)src;
+ if (!target || !target->data || !target->len) {
+ /* no valid data to encode subtemplate */
+ *pHdrException = hdr_optional;
+ return 0;
+ }
+ } else {
+ PORT_Assert(0); /* complex templates not handled as inline
+ optional */
+ }
+ }
+ }
+
+ src = (char *)src + theTemplate->offset;
+
+ /* recurse to find the length of the subtemplate */
+ len = sec_asn1e_contents_length(theTemplate, src, disallowStreaming,
+ insideIndefinite, pHdrException);
+ if (len == 0 && optional) {
+ *pHdrException = hdr_optional;
+ } else if (isExplicit) {
+ if (*pHdrException == hdr_any) {
+ /* *we* do not want to add in a header,
+ ** but our caller still does.
+ */
+ *pHdrException = hdr_normal;
+ } else if (*pHdrException == hdr_normal) {
+ /* if the inner content exists, our length is
+ * len(identifier) + len(length) + len(innercontent)
+ * XXX we currently assume len(identifier) == 1;
+ * to support a high-tag-number this would need to be smarter.
+ */
+ len += 1 + SEC_ASN1LengthLength(len);
+ }
+ }
+ return len;
+ }
+ underlying_kind = encode_kind;
+
+ /* This is only used in decoding; it plays no part in encoding. */
+ if (underlying_kind & SEC_ASN1_SAVE) {
+ /* check that there are no extraneous bits */
+ PORT_Assert(underlying_kind == SEC_ASN1_SAVE);
+ *pHdrException = hdr_decoder;
+ return 0;
+ }
+
+#define UNEXPECTED_FLAGS \
+ (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_INLINE | SEC_ASN1_POINTER | \
+ SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_SAVE | SEC_ASN1_SKIP)
+
+ /* Having any of these bits is not expected here... */
+ PORT_Assert((underlying_kind & UNEXPECTED_FLAGS) == 0);
+ underlying_kind &= ~UNEXPECTED_FLAGS;
+#undef UNEXPECTED_FLAGS
+
+ if (underlying_kind & SEC_ASN1_CHOICE) {
+ void *src2;
+ int indx = sec_asn1e_which_choice(src, theTemplate);
+ if (0 == indx) {
+ /* XXX set an error? "choice not found" */
+ /* state->top->status = encodeError; */
+ return 0;
+ }
+
+ src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);
+ len = sec_asn1e_contents_length(&theTemplate[indx], src2,
+ disallowStreaming, insideIndefinite,
+ pHdrException);
+ } else {
+ switch (underlying_kind) {
+ case SEC_ASN1_SEQUENCE_OF:
+ case SEC_ASN1_SET_OF: {
+ const SEC_ASN1Template *tmpt;
+ void *sub_src;
+ unsigned long sub_len;
+ void **group;
+
+ len = 0;
+
+ group = *(void ***)src;
+ if (group == NULL)
+ break;
+
+ tmpt = SEC_ASN1GetSubtemplate(theTemplate, src, PR_TRUE);
+
+ for (; *group != NULL; group++) {
+ sub_src = (char *)(*group) + tmpt->offset;
+ sub_len = sec_asn1e_contents_length(tmpt, sub_src,
+ disallowStreaming,
+ insideIndefinite,
+ pHdrException);
+ len += sub_len;
+ /*
+ * XXX The 1 below is the presumed length of the identifier;
+ * to support a high-tag-number this would need to be smarter.
+ */
+ if (*pHdrException == hdr_normal)
+ len += 1 + SEC_ASN1LengthLength(sub_len);
+ }
+ } break;
+
+ case SEC_ASN1_SEQUENCE:
+ case SEC_ASN1_SET: {
+ const SEC_ASN1Template *tmpt;
+ void *sub_src;
+ unsigned long sub_len;
+
+ len = 0;
+ for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) {
+ sub_src = (char *)src + tmpt->offset;
+ sub_len = sec_asn1e_contents_length(tmpt, sub_src,
+ disallowStreaming,
+ insideIndefinite,
+ pHdrException);
+ len += sub_len;
+ /*
+ * XXX The 1 below is the presumed length of the identifier;
+ * to support a high-tag-number this would need to be smarter.
+ */
+ if (*pHdrException == hdr_normal)
+ len += 1 + SEC_ASN1LengthLength(sub_len);
+ }
+ } break;
+
+ case SEC_ASN1_BIT_STRING:
+ /* convert bit length to byte */
+ len = (((SECItem *)src)->len + 7) >> 3;
+ /* bit string contents involve an extra octet */
+ if (len)
+ len++;
+ break;
+
+ case SEC_ASN1_INTEGER:
+ /* ASN.1 INTEGERs are signed.
+ * If the source is an unsigned integer, the encoder will need
+ * to handle the conversion here.
+ */
+ {
+ unsigned char *buf = ((SECItem *)src)->data;
+ SECItemType integerType = ((SECItem *)src)->type;
+ len = ((SECItem *)src)->len;
+ while (len > 0) {
+ if (*buf != 0) {
+ if (*buf & 0x80 && integerType == siUnsignedInteger) {
+ len++; /* leading zero needed to make number signed */
+ }
+ break; /* reached beginning of number */
+ }
+ if (len == 1) {
+ break; /* the number 0 */
+ }
+ if (buf[1] & 0x80) {
+ break; /* leading zero already present */
+ }
+ /* extraneous leading zero, keep going */
+ buf++;
+ len--;
+ }
+ }
+ break;
+
+ default:
+ len = ((SECItem *)src)->len;
+ break;
+ } /* end switch */
+
+#ifndef WHAT_PROBLEM_DOES_THIS_SOLVE
+ /* if we're streaming, we may have a secitem w/len 0 as placeholder */
+ if (!len && insideIndefinite && may_stream && !disallowStreaming) {
+ len = 1;
+ }
+#endif
+ } /* end else */
+
+ if (len == 0 && optional)
+ *pHdrException = hdr_optional;
+ else if (underlying_kind == SEC_ASN1_ANY)
+ *pHdrException = hdr_any;
+ else
+ *pHdrException = hdr_normal;
+
+ return len;
+}
+
+static void
+sec_asn1e_write_header(sec_asn1e_state *state)
+{
+ unsigned long contents_length;
+ unsigned char tag_number, tag_modifiers;
+ sec_asn1e_hdr_encoding hdrException = hdr_normal;
+ PRBool indefinite = PR_FALSE;
+
+ PORT_Assert(state->place == beforeHeader);
+
+ tag_number = state->tag_number;
+ tag_modifiers = state->tag_modifiers;
+
+ if (state->underlying_kind == SEC_ASN1_ANY) {
+ state->place = duringContents;
+ return;
+ }
+
+ if (state->underlying_kind & SEC_ASN1_CHOICE) {
+ int indx = sec_asn1e_which_choice(state->src, state->theTemplate);
+ if (0 == indx) {
+ /* XXX set an error? "choice not found" */
+ state->top->status = encodeError;
+ return;
+ }
+ state->place = afterChoice;
+ state = sec_asn1e_push_state(state->top, &state->theTemplate[indx],
+ (char *)state->src - state->theTemplate->offset,
+ PR_TRUE);
+ if (state) {
+ /*
+ * Do the "before" field notification.
+ */
+ sec_asn1e_notify_before(state->top, state->src, state->depth);
+ (void)sec_asn1e_init_state_based_on_template(state);
+ }
+ return;
+ }
+
+ /* The !isString test below is apparently intended to ensure that all
+ ** constructed types receive indefinite length encoding.
+ */
+ indefinite = (PRBool)(state->top->streaming && state->may_stream &&
+ (state->top->from_buf || !state->is_string));
+
+ /*
+ * If we are doing a definite-length encoding, first we have to
+ * walk the data structure to calculate the entire contents length.
+ * If we are doing an indefinite-length encoding, we still need to
+ * know if the contents is:
+ * optional and to be omitted, or
+ * an ANY (header is pre-encoded), or
+ * a SAVE or some other kind of template used only by the decoder.
+ * So, we call this function either way.
+ */
+ contents_length = sec_asn1e_contents_length(state->theTemplate,
+ state->src,
+ state->disallowStreaming,
+ indefinite,
+ &hdrException);
+ /*
+ * We might be told explicitly not to put out a header.
+ * But it can also be the case, via a pushed subtemplate, that
+ * sec_asn1e_contents_length could not know that this field is
+ * really optional. So check for that explicitly, too.
+ */
+ if (hdrException != hdr_normal ||
+ (contents_length == 0 && state->optional)) {
+ state->place = afterContents;
+ if (state->top->streaming &&
+ state->may_stream &&
+ state->top->from_buf) {
+ /* we did not find an optional indefinite string, so we
+ * don't encode it. However, if TakeFromBuf is on, we stop
+ * here anyway to give our caller a chance to intercept at the
+ * same point where we would stop if the field were present.
+ */
+ state->top->status = needBytes;
+ }
+ return;
+ }
+
+ if (indefinite) {
+ /*
+ * We need to put out an indefinite-length encoding.
+ * The only universal types that can be constructed are SETs,
+ * SEQUENCEs, and strings; so check that it is one of those,
+ * or that it is not universal (e.g. context-specific).
+ */
+ state->indefinite = PR_TRUE;
+ PORT_Assert((tag_number == SEC_ASN1_SET) || (tag_number == SEC_ASN1_SEQUENCE) || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0) || state->is_string);
+ tag_modifiers |= SEC_ASN1_CONSTRUCTED;
+ contents_length = 0;
+ }
+
+ sec_asn1e_write_identifier_bytes(state,
+ (unsigned char)(tag_number | tag_modifiers));
+ sec_asn1e_write_length_bytes(state, contents_length, state->indefinite);
+
+ if (contents_length == 0 && !state->indefinite) {
+ /*
+ * If no real contents to encode, then we are done with this field.
+ */
+ state->place = afterContents;
+ return;
+ }
+
+ /*
+ * An EXPLICIT is nothing but an outer header, which we have already
+ * written. Now we need to do the inner header and contents.
+ */
+ if (state->isExplicit) {
+ const SEC_ASN1Template *subt =
+ SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE);
+ state->place = afterContents;
+ state = sec_asn1e_push_state(state->top, subt, state->src, PR_TRUE);
+ if (state != NULL) {
+ (void)sec_asn1e_init_state_based_on_template(state);
+ }
+ return;
+ }
+
+ switch (state->underlying_kind) {
+ case SEC_ASN1_SET_OF:
+ case SEC_ASN1_SEQUENCE_OF:
+ /*
+ * We need to push a child to handle each member.
+ */
+ {
+ void **group;
+ const SEC_ASN1Template *subt;
+
+ group = *(void ***)state->src;
+ if (group == NULL || *group == NULL) {
+ /*
+ * Group is empty; we are done.
+ */
+ state->place = afterContents;
+ return;
+ }
+ state->place = duringGroup;
+ subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->src,
+ PR_TRUE);
+ state = sec_asn1e_push_state(state->top, subt, *group, PR_TRUE);
+ if (state != NULL) {
+ (void)sec_asn1e_init_state_based_on_template(state);
+ }
+ }
+ break;
+
+ case SEC_ASN1_SEQUENCE:
+ case SEC_ASN1_SET:
+ /*
+ * We need to push a child to handle the individual fields.
+ */
+ state->place = duringSequence;
+ state = sec_asn1e_push_state(state->top, state->theTemplate + 1,
+ state->src, PR_TRUE);
+ if (state != NULL) {
+ /*
+ * Do the "before" field notification.
+ */
+ sec_asn1e_notify_before(state->top, state->src, state->depth);
+ (void)sec_asn1e_init_state_based_on_template(state);
+ }
+ break;
+
+ default:
+ /*
+ * I think we do not need to do anything else.
+ * XXX Correct?
+ */
+ state->place = duringContents;
+ break;
+ }
+}
+
+static void
+sec_asn1e_write_contents_from_buf(sec_asn1e_state *state,
+ const char *buf, unsigned long len)
+{
+ PORT_Assert(state->place == duringContents);
+ PORT_Assert(state->top->from_buf);
+ PORT_Assert(state->may_stream && !state->disallowStreaming);
+
+ /*
+ * Probably they just turned on "take from buf", but have not
+ * yet given us any bytes. If there is nothing in the buffer
+ * then we have nothing to do but return and wait.
+ */
+ if (buf == NULL || len == 0) {
+ state->top->status = needBytes;
+ return;
+ }
+ /*
+ * We are streaming, reading from a passed-in buffer.
+ * This means we are encoding a simple string or an ANY.
+ * For the former, we need to put out a substring, with its
+ * own identifier and length. For an ANY, we just write it
+ * out as is (our caller is required to ensure that it
+ * is a properly encoded entity).
+ */
+ PORT_Assert(state->is_string); /* includes ANY */
+ if (state->underlying_kind != SEC_ASN1_ANY) {
+ unsigned char identifier;
+
+ /*
+ * Create the identifier based on underlying_kind. We cannot
+ * use tag_number and tag_modifiers because this can be an
+ * implicitly encoded field. In that case, the underlying
+ * substrings *are* encoded with their real tag.
+ */
+ identifier = (unsigned char)(state->underlying_kind & SEC_ASN1_TAG_MASK);
+ /*
+ * The underlying kind should just be a simple string; there
+ * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set.
+ */
+ PORT_Assert((identifier & SEC_ASN1_TAGNUM_MASK) == identifier);
+ /*
+ * Write out the tag and length for the substring.
+ */
+ sec_asn1e_write_identifier_bytes(state, identifier);
+ if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
+ char byte;
+ /*
+ * Assume we have a length in bytes but we need to output
+ * a proper bit string. This interface only works for bit
+ * strings that are full multiples of 8. If support for
+ * real, variable length bit strings is needed then the
+ * caller will have to know to pass in a bit length instead
+ * of a byte length and then this code will have to
+ * perform the encoding necessary (length written is length
+ * in bytes plus 1, and the first octet of string is the
+ * number of bits remaining between the end of the bit
+ * string and the next byte boundary).
+ */
+ sec_asn1e_write_length_bytes(state, len + 1, PR_FALSE);
+ byte = 0;
+ sec_asn1e_write_contents_bytes(state, &byte, 1);
+ } else {
+ sec_asn1e_write_length_bytes(state, len, PR_FALSE);
+ }
+ }
+ sec_asn1e_write_contents_bytes(state, buf, len);
+ state->top->status = needBytes;
+}
+
+static void
+sec_asn1e_write_contents(sec_asn1e_state *state)
+{
+ unsigned long len = 0;
+
+ PORT_Assert(state->place == duringContents);
+
+ switch (state->underlying_kind) {
+ case SEC_ASN1_SET:
+ case SEC_ASN1_SEQUENCE:
+ PORT_Assert(0);
+ break;
+
+ case SEC_ASN1_BIT_STRING: {
+ SECItem *item;
+ char rem;
+
+ item = (SECItem *)state->src;
+ len = (item->len + 7) >> 3;
+ rem = (unsigned char)((len << 3) - item->len); /* remaining bits */
+ sec_asn1e_write_contents_bytes(state, &rem, 1);
+ sec_asn1e_write_contents_bytes(state, (char *)item->data, len);
+ } break;
+
+ case SEC_ASN1_BMP_STRING:
+ /* The number of bytes must be divisable by 2 */
+ if ((((SECItem *)state->src)->len) % 2) {
+ SEC_ASN1EncoderContext *cx;
+
+ cx = state->top;
+ cx->status = encodeError;
+ break;
+ }
+ /* otherwise, fall through to write the content */
+ goto process_string;
+
+ case SEC_ASN1_UNIVERSAL_STRING:
+ /* The number of bytes must be divisable by 4 */
+ if ((((SECItem *)state->src)->len) % 4) {
+ SEC_ASN1EncoderContext *cx;
+
+ cx = state->top;
+ cx->status = encodeError;
+ break;
+ }
+ /* otherwise, fall through to write the content */
+ goto process_string;
+
+ case SEC_ASN1_INTEGER:
+ /* ASN.1 INTEGERs are signed. If the source is an unsigned
+ * integer, the encoder will need to handle the conversion here.
+ */
+ {
+ unsigned int blen;
+ unsigned char *buf;
+ SECItemType integerType;
+ blen = ((SECItem *)state->src)->len;
+ buf = ((SECItem *)state->src)->data;
+ integerType = ((SECItem *)state->src)->type;
+ while (blen > 0) {
+ if (*buf & 0x80 && integerType == siUnsignedInteger) {
+ char zero = 0; /* write a leading 0 */
+ sec_asn1e_write_contents_bytes(state, &zero, 1);
+ /* and then the remaining buffer */
+ sec_asn1e_write_contents_bytes(state,
+ (char *)buf, blen);
+ break;
+ }
+ /* Check three possibilities:
+ * 1. No leading zeros, msb of MSB is not 1;
+ * 2. The number is zero itself;
+ * 3. Encoding a signed integer with a leading zero,
+ * keep the zero so that the number is positive.
+ */
+ if (*buf != 0 ||
+ blen == 1 ||
+ (buf[1] & 0x80 && integerType != siUnsignedInteger)) {
+ sec_asn1e_write_contents_bytes(state,
+ (char *)buf, blen);
+ break;
+ }
+ /* byte is 0, continue */
+ buf++;
+ blen--;
+ }
+ }
+ /* done with this content */
+ break;
+
+ process_string:
+ default: {
+ SECItem *item;
+
+ item = (SECItem *)state->src;
+ sec_asn1e_write_contents_bytes(state, (char *)item->data,
+ item->len);
+ } break;
+ }
+ state->place = afterContents;
+}
+
+/*
+ * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
+ */
+static void
+sec_asn1e_next_in_group(sec_asn1e_state *state)
+{
+ sec_asn1e_state *child;
+ void **group;
+ void *member;
+
+ PORT_Assert(state->place == duringGroup);
+ PORT_Assert(state->child != NULL);
+
+ child = state->child;
+
+ group = *(void ***)state->src;
+
+ /*
+ * Find placement of current item.
+ */
+ member = (char *)(state->child->src) - child->theTemplate->offset;
+ while (*group != member)
+ group++;
+
+ /*
+ * Move forward to next item.
+ */
+ group++;
+ if (*group == NULL) {
+ /*
+ * That was our last one; we are done now.
+ */
+ child->place = notInUse;
+ state->place = afterContents;
+ return;
+ }
+ child->src = (char *)(*group) + child->theTemplate->offset;
+
+ /*
+ * Re-"push" child.
+ */
+ sec_asn1e_scrub_state(child);
+ state->top->current = child;
+}
+
+/*
+ * We are moving along through a sequence; move forward by one,
+ * (detecting end-of-sequence when it happens).
+ */
+static void
+sec_asn1e_next_in_sequence(sec_asn1e_state *state)
+{
+ sec_asn1e_state *child;
+
+ PORT_Assert(state->place == duringSequence);
+ PORT_Assert(state->child != NULL);
+
+ child = state->child;
+
+ /*
+ * Do the "after" field notification.
+ */
+ sec_asn1e_notify_after(state->top, child->src, child->depth);
+
+ /*
+ * Move forward.
+ */
+ child->theTemplate++;
+ if (child->theTemplate->kind == 0) {
+ /*
+ * We are done with this sequence.
+ */
+ child->place = notInUse;
+ state->place = afterContents;
+ return;
+ }
+
+ /*
+ * Reset state and push.
+ */
+
+ child->src = (char *)state->src + child->theTemplate->offset;
+
+ /*
+ * Do the "before" field notification.
+ */
+ sec_asn1e_notify_before(state->top, child->src, child->depth);
+
+ state->top->current = child;
+ (void)sec_asn1e_init_state_based_on_template(child);
+}
+
+static void
+sec_asn1e_after_contents(sec_asn1e_state *state)
+{
+ PORT_Assert(state->place == afterContents);
+
+ if (state->indefinite)
+ sec_asn1e_write_end_of_contents_bytes(state);
+
+ /*
+ * Just make my parent be the current state. It will then clean
+ * up after me and free me (or reuse me).
+ */
+ state->top->current = state->parent;
+}
+
+/*
+ * This function is called whether or not we are streaming; if we
+ * *are* streaming, our caller can also instruct us to take bytes
+ * from the passed-in buffer (at buf, for length len, which is likely
+ * bytes but could even mean bits if the current field is a bit string).
+ * If we have been so instructed, we will gobble up bytes from there
+ * (rather than from our src structure) and output them, and then
+ * we will just return, expecting to be called again -- either with
+ * more bytes or after our caller has instructed us that we are done
+ * (for now) with the buffer.
+ */
+SECStatus
+SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
+ const char *buf, unsigned long len)
+{
+ sec_asn1e_state *state;
+
+ if (cx->status == needBytes) {
+ cx->status = keepGoing;
+ }
+
+ while (cx->status == keepGoing) {
+ state = cx->current;
+ switch (state->place) {
+ case beforeHeader:
+ sec_asn1e_write_header(state);
+ break;
+ case duringContents:
+ if (cx->from_buf)
+ sec_asn1e_write_contents_from_buf(state, buf, len);
+ else
+ sec_asn1e_write_contents(state);
+ break;
+ case duringGroup:
+ sec_asn1e_next_in_group(state);
+ break;
+ case duringSequence:
+ sec_asn1e_next_in_sequence(state);
+ break;
+ case afterContents:
+ sec_asn1e_after_contents(state);
+ break;
+ case afterImplicit:
+ case afterInline:
+ case afterPointer:
+ case afterChoice:
+ /*
+ * These states are more documentation than anything.
+ * They just need to force a pop.
+ */
+ PORT_Assert(!state->indefinite);
+ state->place = afterContents;
+ break;
+ case notInUse:
+ default:
+ /* This is not an error, but rather a plain old BUG! */
+ PORT_Assert(0);
+ cx->status = encodeError;
+ break;
+ }
+
+ if (cx->status == encodeError)
+ break;
+
+ /* It might have changed, so we have to update our local copy. */
+ state = cx->current;
+
+ /* If it is NULL, we have popped all the way to the top. */
+ if (state == NULL) {
+ cx->status = allDone;
+ break;
+ }
+ }
+
+ if (cx->status == encodeError) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+void
+SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx)
+{
+ /*
+ * XXX anything else that needs to be finished?
+ */
+
+ PORT_FreeArena(cx->our_pool, PR_FALSE);
+}
+
+SEC_ASN1EncoderContext *
+SEC_ASN1EncoderStart(const void *src, const SEC_ASN1Template *theTemplate,
+ SEC_ASN1WriteProc output_proc, void *output_arg)
+{
+ PLArenaPool *our_pool;
+ SEC_ASN1EncoderContext *cx;
+
+ our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (our_pool == NULL)
+ return NULL;
+
+ cx = (SEC_ASN1EncoderContext *)PORT_ArenaZAlloc(our_pool, sizeof(*cx));
+ if (cx == NULL) {
+ PORT_FreeArena(our_pool, PR_FALSE);
+ return NULL;
+ }
+
+ cx->our_pool = our_pool;
+ cx->output_proc = output_proc;
+ cx->output_arg = output_arg;
+
+ cx->status = keepGoing;
+
+ if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL ||
+ sec_asn1e_init_state_based_on_template(cx->current) == NULL) {
+ /*
+ * Trouble initializing (probably due to failed allocations)
+ * requires that we just give up.
+ */
+ PORT_FreeArena(our_pool, PR_FALSE);
+ return NULL;
+ }
+
+ return cx;
+}
+
+/*
+ * XXX Do we need a FilterProc, too?
+ */
+
+void
+SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
+ SEC_ASN1NotifyProc fn, void *arg)
+{
+ cx->notify_proc = fn;
+ cx->notify_arg = arg;
+}
+
+void
+SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx)
+{
+ cx->notify_proc = NULL;
+ cx->notify_arg = NULL; /* not necessary; just being clean */
+}
+
+void
+SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error)
+{
+ PORT_Assert(cx);
+ PORT_SetError(error);
+ cx->status = encodeError;
+}
+
+void
+SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx)
+{
+ /* XXX is there a way to check that we are "between" fields here? */
+
+ cx->streaming = PR_TRUE;
+}
+
+void
+SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx)
+{
+ /* XXX is there a way to check that we are "between" fields here? */
+
+ cx->streaming = PR_FALSE;
+}
+
+void
+SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx)
+{
+ /*
+ * XXX is there a way to check that we are "between" fields here? this
+ * needs to include a check for being in between groups of items in
+ * a SET_OF or SEQUENCE_OF.
+ */
+ PORT_Assert(cx->streaming);
+
+ cx->from_buf = PR_TRUE;
+}
+
+void
+SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx)
+{
+ /* we should actually be taking from buf *now* */
+ PORT_Assert(cx->from_buf);
+ if (!cx->from_buf) /* if not, just do nothing */
+ return;
+
+ cx->from_buf = PR_FALSE;
+
+ if (cx->status == needBytes) {
+ cx->status = keepGoing;
+ cx->current->place = afterContents;
+ }
+}
+
+SECStatus
+SEC_ASN1Encode(const void *src, const SEC_ASN1Template *theTemplate,
+ SEC_ASN1WriteProc output_proc, void *output_arg)
+{
+ SEC_ASN1EncoderContext *ecx;
+ SECStatus rv;
+
+ ecx = SEC_ASN1EncoderStart(src, theTemplate, output_proc, output_arg);
+ if (ecx == NULL)
+ return SECFailure;
+
+ rv = SEC_ASN1EncoderUpdate(ecx, NULL, 0);
+
+ SEC_ASN1EncoderFinish(ecx);
+ return rv;
+}
+
+/*
+ * XXX depth and data_kind are unused; is there a PC way to silence warnings?
+ * (I mean "politically correct", not anything to do with intel/win platform)
+ */
+static void
+sec_asn1e_encode_item_count(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ unsigned long *count;
+
+ count = (unsigned long *)arg;
+ PORT_Assert(count != NULL);
+
+ *count += len;
+}
+
+/* XXX depth and data_kind are unused; is there a PC way to silence warnings? */
+static void
+sec_asn1e_encode_item_store(void *arg, const char *buf, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind)
+{
+ SECItem *dest;
+
+ dest = (SECItem *)arg;
+ PORT_Assert(dest != NULL);
+
+ if (len > 0) {
+ PORT_Memcpy(dest->data + dest->len, buf, len);
+ dest->len += len;
+ }
+}
+
+/*
+ * Allocate an entire SECItem, or just the data part of it, to hold
+ * "len" bytes of stuff. Allocate from the given pool, if specified,
+ * otherwise just do a vanilla PORT_Alloc.
+ *
+ * XXX This seems like a reasonable general-purpose function (for SECITEM_)?
+ */
+static SECItem *
+sec_asn1e_allocate_item(PLArenaPool *poolp, SECItem *dest, unsigned long len)
+{
+ if (poolp != NULL) {
+ void *release;
+
+ release = PORT_ArenaMark(poolp);
+ if (dest == NULL)
+ dest = (SECItem *)PORT_ArenaAlloc(poolp, sizeof(SECItem));
+ if (dest != NULL) {
+ dest->data = (unsigned char *)PORT_ArenaAlloc(poolp, len);
+ if (dest->data == NULL) {
+ dest = NULL;
+ }
+ }
+ if (dest == NULL) {
+ /* one or both allocations failed; release everything */
+ PORT_ArenaRelease(poolp, release);
+ } else {
+ /* everything okay; unmark the arena */
+ PORT_ArenaUnmark(poolp, release);
+ }
+ } else {
+ SECItem *indest;
+
+ indest = dest;
+ if (dest == NULL)
+ dest = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (dest != NULL) {
+ dest->type = siBuffer;
+ dest->data = (unsigned char *)PORT_Alloc(len);
+ if (dest->data == NULL) {
+ if (indest == NULL)
+ PORT_Free(dest);
+ dest = NULL;
+ }
+ }
+ }
+
+ return dest;
+}
+
+SECItem *
+SEC_ASN1EncodeItem(PLArenaPool *poolp, SECItem *dest, const void *src,
+ const SEC_ASN1Template *theTemplate)
+{
+ unsigned long encoding_length;
+ SECStatus rv;
+
+ PORT_Assert(dest == NULL || dest->data == NULL);
+
+ encoding_length = 0;
+ rv = SEC_ASN1Encode(src, theTemplate,
+ sec_asn1e_encode_item_count, &encoding_length);
+ if (rv != SECSuccess)
+ return NULL;
+
+ dest = sec_asn1e_allocate_item(poolp, dest, encoding_length);
+ if (dest == NULL)
+ return NULL;
+
+ /* XXX necessary? This really just checks for a bug in the allocate fn */
+ PORT_Assert(dest->data != NULL);
+ if (dest->data == NULL)
+ return NULL;
+
+ dest->len = 0;
+ (void)SEC_ASN1Encode(src, theTemplate, sec_asn1e_encode_item_store, dest);
+
+ PORT_Assert(encoding_length == dest->len);
+ return dest;
+}
+
+static SECItem *
+sec_asn1e_integer(PLArenaPool *poolp, SECItem *dest, unsigned long value,
+ PRBool is_unsigned)
+{
+ unsigned long copy;
+ unsigned char sign;
+ int len = 0;
+
+ /*
+ * Determine the length of the encoded value (minimum of 1).
+ */
+ copy = value;
+ do {
+ len++;
+ sign = (unsigned char)(copy & 0x80);
+ copy >>= 8;
+ } while (copy);
+
+ /*
+ * If 'value' is non-negative, and the high bit of the last
+ * byte we counted was set, we need to add one to the length so
+ * we put a high-order zero byte in the encoding.
+ */
+ if (sign && (is_unsigned || (long)value >= 0))
+ len++;
+
+ /*
+ * Allocate the item (if necessary) and the data pointer within.
+ */
+ dest = sec_asn1e_allocate_item(poolp, dest, len);
+ if (dest == NULL)
+ return NULL;
+
+ /*
+ * Store the value, byte by byte, in the item.
+ */
+ dest->len = len;
+ while (len) {
+ dest->data[--len] = (unsigned char)value;
+ value >>= 8;
+ }
+ PORT_Assert(value == 0);
+
+ return dest;
+}
+
+SECItem *
+SEC_ASN1EncodeInteger(PLArenaPool *poolp, SECItem *dest, long value)
+{
+ return sec_asn1e_integer(poolp, dest, (unsigned long)value, PR_FALSE);
+}
+
+SECItem *
+SEC_ASN1EncodeUnsignedInteger(PLArenaPool *poolp,
+ SECItem *dest, unsigned long value)
+{
+ return sec_asn1e_integer(poolp, dest, value, PR_TRUE);
+}
diff --git a/security/nss/lib/util/secasn1t.h b/security/nss/lib/util/secasn1t.h
new file mode 100644
index 000000000..0d1a6aea0
--- /dev/null
+++ b/security/nss/lib/util/secasn1t.h
@@ -0,0 +1,267 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Types for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
+ * Encoding Rules).
+ */
+
+#ifndef _SECASN1T_H_
+#define _SECASN1T_H_
+
+#include "utilrename.h"
+
+/*
+** An array of these structures defines a BER/DER encoding for an object.
+**
+** The array usually starts with a dummy entry whose kind is SEC_ASN1_SEQUENCE;
+** such an array is terminated with an entry where kind == 0. (An array
+** which consists of a single component does not require a second dummy
+** entry -- the array is only searched as long as previous component(s)
+** instruct it.)
+*/
+typedef struct sec_ASN1Template_struct {
+ /*
+ ** Kind of item being decoded/encoded, including tags and modifiers.
+ */
+ unsigned long kind;
+
+ /*
+ ** The value is the offset from the base of the structure to the
+ ** field that holds the value being decoded/encoded.
+ */
+ unsigned long offset;
+
+ /*
+ ** When kind suggests it (SEC_ASN1_POINTER, SEC_ASN1_GROUP, SEC_ASN1_INLINE,
+ ** or a component that is *not* a SEC_ASN1_UNIVERSAL), this points to
+ ** a sub-template for nested encoding/decoding,
+ ** OR, iff SEC_ASN1_DYNAMIC is set, then this is a pointer to a pointer
+ ** to a function which will return the appropriate template when called
+ ** at runtime. NOTE! that explicit level of indirection, which is
+ ** necessary because ANSI does not allow you to store a function
+ ** pointer directly as a "void *" so we must store it separately and
+ ** dereference it to get at the function pointer itself.
+ */
+ const void *sub;
+
+ /*
+ ** In the first element of a template array, the value is the size
+ ** of the structure to allocate when this template is being referenced
+ ** by another template via SEC_ASN1_POINTER or SEC_ASN1_GROUP.
+ ** In all other cases, the value is ignored.
+ */
+ unsigned int size;
+} SEC_ASN1Template;
+
+/* default size used for allocation of encoding/decoding stuff */
+/* XXX what is the best value here? */
+#define SEC_ASN1_DEFAULT_ARENA_SIZE (2048)
+
+/*
+** BER/DER values for ASN.1 identifier octets.
+*/
+#define SEC_ASN1_TAG_MASK 0xff
+
+/*
+ * BER/DER universal type tag numbers.
+ * The values are defined by the X.208 standard; do not change them!
+ * NOTE: if you add anything to this list, you must add code to secasn1d.c
+ * to accept the tag, and probably also to secasn1e.c to encode it.
+ * XXX It appears some have been added recently without being added to
+ * the code; so need to go through the list now and double-check them all.
+ * (Look especially at those added in revision 1.10.)
+ */
+#define SEC_ASN1_TAGNUM_MASK 0x1f
+#define SEC_ASN1_BOOLEAN 0x01
+#define SEC_ASN1_INTEGER 0x02
+#define SEC_ASN1_BIT_STRING 0x03
+#define SEC_ASN1_OCTET_STRING 0x04
+#define SEC_ASN1_NULL 0x05
+#define SEC_ASN1_OBJECT_ID 0x06
+#define SEC_ASN1_OBJECT_DESCRIPTOR 0x07
+/* External type and instance-of type 0x08 */
+#define SEC_ASN1_REAL 0x09
+#define SEC_ASN1_ENUMERATED 0x0a
+#define SEC_ASN1_EMBEDDED_PDV 0x0b
+#define SEC_ASN1_UTF8_STRING 0x0c
+/* 0x0d */
+/* 0x0e */
+/* 0x0f */
+#define SEC_ASN1_SEQUENCE 0x10
+#define SEC_ASN1_SET 0x11
+#define SEC_ASN1_NUMERIC_STRING 0x12
+#define SEC_ASN1_PRINTABLE_STRING 0x13
+#define SEC_ASN1_T61_STRING 0x14
+#define SEC_ASN1_VIDEOTEX_STRING 0x15
+#define SEC_ASN1_IA5_STRING 0x16
+#define SEC_ASN1_UTC_TIME 0x17
+#define SEC_ASN1_GENERALIZED_TIME 0x18
+#define SEC_ASN1_GRAPHIC_STRING 0x19
+#define SEC_ASN1_VISIBLE_STRING 0x1a
+#define SEC_ASN1_GENERAL_STRING 0x1b
+#define SEC_ASN1_UNIVERSAL_STRING 0x1c
+/* 0x1d */
+#define SEC_ASN1_BMP_STRING 0x1e
+#define SEC_ASN1_HIGH_TAG_NUMBER 0x1f
+#define SEC_ASN1_TELETEX_STRING SEC_ASN1_T61_STRING
+
+/*
+** Modifiers to type tags. These are also specified by a/the
+** standard, and must not be changed.
+*/
+
+#define SEC_ASN1_METHOD_MASK 0x20
+#define SEC_ASN1_PRIMITIVE 0x00
+#define SEC_ASN1_CONSTRUCTED 0x20
+
+#define SEC_ASN1_CLASS_MASK 0xc0
+#define SEC_ASN1_UNIVERSAL 0x00
+#define SEC_ASN1_APPLICATION 0x40
+#define SEC_ASN1_CONTEXT_SPECIFIC 0x80
+#define SEC_ASN1_PRIVATE 0xc0
+
+/*
+** Our additions, used for templates.
+** These are not defined by any standard; the values are used internally only.
+** Just be careful to keep them out of the low 8 bits.
+** XXX finish comments
+*/
+#define SEC_ASN1_OPTIONAL 0x00100
+#define SEC_ASN1_EXPLICIT 0x00200
+#define SEC_ASN1_ANY 0x00400
+#define SEC_ASN1_INLINE 0x00800
+#define SEC_ASN1_POINTER 0x01000
+#define SEC_ASN1_GROUP 0x02000 /* with SET or SEQUENCE means \
+ * SET OF or SEQUENCE OF */
+#define SEC_ASN1_DYNAMIC 0x04000 /* subtemplate is found by calling \
+ * a function at runtime */
+#define SEC_ASN1_SKIP 0x08000 /* skip a field; only for decoding */
+#define SEC_ASN1_INNER 0x10000 /* with ANY means capture the \
+ * contents only (not the id, len, \
+ * or eoc); only for decoding */
+#define SEC_ASN1_SAVE 0x20000 /* stash away the encoded bytes first; \
+ * only for decoding */
+#define SEC_ASN1_MAY_STREAM 0x40000 /* field or one of its sub-fields may \
+ * stream in and so should encode as \
+ * indefinite-length when streaming \
+ * has been indicated; only for \
+ * encoding */
+#define SEC_ASN1_SKIP_REST 0x80000 /* skip all following fields; \
+ only for decoding */
+#define SEC_ASN1_CHOICE 0x100000 /* pick one from a template */
+#define SEC_ASN1_NO_STREAM 0X200000 /* This entry will not stream \
+ even if the sub-template says \
+ streaming is possible. Helps \
+ to solve ambiguities with potential \
+ streaming entries that are \
+ optional */
+#define SEC_ASN1_DEBUG_BREAK 0X400000 /* put this in your template and the \
+ decoder will assert when it \
+ processes it. Only for use with \
+ SEC_QuickDERDecodeItem */
+
+/* Shorthand/Aliases */
+#define SEC_ASN1_SEQUENCE_OF (SEC_ASN1_GROUP | SEC_ASN1_SEQUENCE)
+#define SEC_ASN1_SET_OF (SEC_ASN1_GROUP | SEC_ASN1_SET)
+#define SEC_ASN1_ANY_CONTENTS (SEC_ASN1_ANY | SEC_ASN1_INNER)
+
+/* Maximum depth of nested SEQUENCEs and SETs */
+#define SEC_ASN1D_MAX_DEPTH 32
+
+/*
+** Function used for SEC_ASN1_DYNAMIC.
+** "arg" is a pointer to the structure being encoded/decoded
+** "enc", when true, means that we are encoding (false means decoding)
+*/
+typedef const SEC_ASN1Template *SEC_ASN1TemplateChooser(void *arg, PRBool enc);
+typedef SEC_ASN1TemplateChooser *SEC_ASN1TemplateChooserPtr;
+
+#if defined(_WIN32) || defined(ANDROID)
+#define SEC_ASN1_GET(x) NSS_Get_##x(NULL, PR_FALSE)
+#define SEC_ASN1_SUB(x) &p_NSS_Get_##x
+#define SEC_ASN1_XTRN SEC_ASN1_DYNAMIC
+#define SEC_ASN1_MKSUB(x) \
+ static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x;
+#else
+#define SEC_ASN1_GET(x) x
+#define SEC_ASN1_SUB(x) x
+#define SEC_ASN1_XTRN 0
+#define SEC_ASN1_MKSUB(x)
+#endif
+
+#define SEC_ASN1_CHOOSER_DECLARE(x) \
+ extern const SEC_ASN1Template *NSS_Get_##x(void *arg, PRBool enc);
+
+#define SEC_ASN1_CHOOSER_IMPLEMENT(x) \
+ const SEC_ASN1Template *NSS_Get_##x(void *arg, PRBool enc) \
+ { \
+ return x; \
+ }
+
+/*
+** Opaque object used by the decoder to store state.
+*/
+typedef struct sec_DecoderContext_struct SEC_ASN1DecoderContext;
+
+/*
+** Opaque object used by the encoder to store state.
+*/
+typedef struct sec_EncoderContext_struct SEC_ASN1EncoderContext;
+
+/*
+ * This is used to describe to a filter function the bytes that are
+ * being passed to it. This is only useful when the filter is an "outer"
+ * one, meaning it expects to get *all* of the bytes not just the
+ * contents octets.
+ */
+typedef enum {
+ SEC_ASN1_Identifier = 0,
+ SEC_ASN1_Length = 1,
+ SEC_ASN1_Contents = 2,
+ SEC_ASN1_EndOfContents = 3
+} SEC_ASN1EncodingPart;
+
+/*
+ * Type of the function pointer used either for decoding or encoding,
+ * when doing anything "funny" (e.g. manipulating the data stream)
+ */
+typedef void (*SEC_ASN1NotifyProc)(void *arg, PRBool before,
+ void *dest, int real_depth);
+
+/*
+ * Type of the function pointer used for grabbing encoded bytes.
+ * This can be used during either encoding or decoding, as follows...
+ *
+ * When decoding, this can be used to filter the encoded bytes as they
+ * are parsed. This is what you would do if you wanted to process the data
+ * along the way (like to decrypt it, or to perform a hash on it in order
+ * to do a signature check later). See SEC_ASN1DecoderSetFilterProc().
+ * When processing only part of the encoded bytes is desired, you "watch"
+ * for the field(s) you are interested in with a "notify proc" (see
+ * SEC_ASN1DecoderSetNotifyProc()) and for even finer granularity (e.g. to
+ * ignore all by the contents bytes) you pay attention to the "data_kind"
+ * parameter.
+ *
+ * When encoding, this is the specification for the output function which
+ * will receive the bytes as they are encoded. The output function can
+ * perform any postprocessing necessary (like hashing (some of) the data
+ * to create a digest that gets included at the end) as well as shoving
+ * the data off wherever it needs to go. (In order to "tune" any processing,
+ * you can set a "notify proc" as described above in the decoding case.)
+ *
+ * The parameters:
+ * - "arg" is an opaque pointer that you provided at the same time you
+ * specified a function of this type
+ * - "data" is a buffer of length "len", containing the encoded bytes
+ * - "depth" is how deep in a nested encoding we are (it is not usually
+ * valuable, but can be useful sometimes so I included it)
+ * - "data_kind" tells you if these bytes are part of the ASN.1 encoded
+ * octets for identifier, length, contents, or end-of-contents
+ */
+typedef void (*SEC_ASN1WriteProc)(void *arg,
+ const char *data, unsigned long len,
+ int depth, SEC_ASN1EncodingPart data_kind);
+
+#endif /* _SECASN1T_H_ */
diff --git a/security/nss/lib/util/secasn1u.c b/security/nss/lib/util/secasn1u.c
new file mode 100644
index 000000000..7d086fb0d
--- /dev/null
+++ b/security/nss/lib/util/secasn1u.c
@@ -0,0 +1,94 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Utility routines to complement the ASN.1 encoding and decoding functions.
+ */
+
+#include "secasn1.h"
+
+/*
+ * We have a length that needs to be encoded; how many bytes will the
+ * encoding take?
+ *
+ * The rules are that 0 - 0x7f takes one byte (the length itself is the
+ * entire encoding); everything else takes one plus the number of bytes
+ * in the length.
+ */
+int
+SEC_ASN1LengthLength(unsigned long len)
+{
+ int lenlen = 1;
+
+ if (len > 0x7f) {
+ do {
+ lenlen++;
+ len >>= 8;
+ } while (len);
+ }
+
+ return lenlen;
+}
+
+/*
+ * XXX Move over (and rewrite as appropriate) the rest of the
+ * stuff in dersubr.c!
+ */
+
+/*
+ * Find the appropriate subtemplate for the given template.
+ * This may involve calling a "chooser" function, or it may just
+ * be right there. In either case, it is expected to *have* a
+ * subtemplate; this is asserted in debug builds (in non-debug
+ * builds, NULL will be returned).
+ *
+ * "thing" is a pointer to the structure being encoded/decoded
+ * "encoding", when true, means that we are in the process of encoding
+ * (as opposed to in the process of decoding)
+ */
+const SEC_ASN1Template *
+SEC_ASN1GetSubtemplate(const SEC_ASN1Template *theTemplate, void *thing,
+ PRBool encoding)
+{
+ const SEC_ASN1Template *subt = NULL;
+
+ PORT_Assert(theTemplate->sub != NULL);
+ if (theTemplate->sub != NULL) {
+ if (theTemplate->kind & SEC_ASN1_DYNAMIC) {
+ SEC_ASN1TemplateChooserPtr chooserp;
+
+ chooserp = *(SEC_ASN1TemplateChooserPtr *)theTemplate->sub;
+ if (chooserp) {
+ if (thing != NULL)
+ thing = (char *)thing - theTemplate->offset;
+ subt = (*chooserp)(thing, encoding);
+ }
+ } else {
+ subt = (SEC_ASN1Template *)theTemplate->sub;
+ }
+ }
+ return subt;
+}
+
+PRBool
+SEC_ASN1IsTemplateSimple(const SEC_ASN1Template *theTemplate)
+{
+ if (!theTemplate) {
+ return PR_TRUE; /* it doesn't get any simpler than NULL */
+ }
+ /* only templates made of one primitive type or a choice of primitive
+ types are considered simple */
+ if (!(theTemplate->kind & (~SEC_ASN1_TAGNUM_MASK))) {
+ return PR_TRUE; /* primitive type */
+ }
+ if (!(theTemplate->kind & SEC_ASN1_CHOICE)) {
+ return PR_FALSE; /* no choice means not simple */
+ }
+ while (++theTemplate && theTemplate->kind) {
+ if (theTemplate->kind & (~SEC_ASN1_TAGNUM_MASK)) {
+ return PR_FALSE; /* complex type */
+ }
+ }
+ return PR_TRUE; /* choice of primitive types */
+}
diff --git a/security/nss/lib/util/seccomon.h b/security/nss/lib/util/seccomon.h
new file mode 100644
index 000000000..edd5c5329
--- /dev/null
+++ b/security/nss/lib/util/seccomon.h
@@ -0,0 +1,91 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * seccomon.h - common data structures for security libraries
+ *
+ * This file should have lowest-common-denominator datastructures
+ * for security libraries. It should not be dependent on any other
+ * headers, and should not require linking with any libraries.
+ */
+
+#ifndef _SECCOMMON_H_
+#define _SECCOMMON_H_
+
+#include "utilrename.h"
+#include "prtypes.h"
+
+#ifdef __cplusplus
+#define SEC_BEGIN_PROTOS extern "C" {
+#define SEC_END_PROTOS }
+#else
+#define SEC_BEGIN_PROTOS
+#define SEC_END_PROTOS
+#endif
+
+#include "secport.h"
+
+typedef enum {
+ siBuffer = 0,
+ siClearDataBuffer = 1,
+ siCipherDataBuffer = 2,
+ siDERCertBuffer = 3,
+ siEncodedCertBuffer = 4,
+ siDERNameBuffer = 5,
+ siEncodedNameBuffer = 6,
+ siAsciiNameString = 7,
+ siAsciiString = 8,
+ siDEROID = 9,
+ siUnsignedInteger = 10,
+ siUTCTime = 11,
+ siGeneralizedTime = 12,
+ siVisibleString = 13,
+ siUTF8String = 14,
+ siBMPString = 15
+} SECItemType;
+
+typedef struct SECItemStr SECItem;
+
+struct SECItemStr {
+ SECItemType type;
+ unsigned char *data;
+ unsigned int len;
+};
+
+typedef struct SECItemArrayStr SECItemArray;
+
+struct SECItemArrayStr {
+ SECItem *items;
+ unsigned int len;
+};
+
+/*
+** A status code. Status's are used by procedures that return status
+** values. Again the motivation is so that a compiler can generate
+** warnings when return values are wrong. Correct testing of status codes:
+**
+** SECStatus rv;
+** rv = some_function (some_argument);
+** if (rv != SECSuccess)
+** do_an_error_thing();
+**
+*/
+typedef enum _SECStatus {
+ SECWouldBlock = -2,
+ SECFailure = -1,
+ SECSuccess = 0
+} SECStatus;
+
+/*
+** A comparison code. Used for procedures that return comparision
+** values. Again the motivation is so that a compiler can generate
+** warnings when return values are wrong.
+*/
+typedef enum _SECComparison {
+ SECLessThan = -1,
+ SECEqual = 0,
+ SECGreaterThan = 1
+} SECComparison;
+
+#endif /* _SECCOMMON_H_ */
diff --git a/security/nss/lib/util/secder.h b/security/nss/lib/util/secder.h
new file mode 100644
index 000000000..dbc35807d
--- /dev/null
+++ b/security/nss/lib/util/secder.h
@@ -0,0 +1,172 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECDER_H_
+#define _SECDER_H_
+
+#include "utilrename.h"
+
+/*
+ * secder.h - public data structures and prototypes for the DER encoding and
+ * decoding utilities library
+ */
+
+#include <time.h>
+
+#include "plarena.h"
+#include "prlong.h"
+
+#include "seccomon.h"
+#include "secdert.h"
+#include "prtime.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+** Encode a data structure into DER.
+** "dest" will be filled in (and memory allocated) to hold the der
+** encoded structure in "src"
+** "t" is a template structure which defines the shape of the
+** stored data
+** "src" is a pointer to the structure that will be encoded
+*/
+extern SECStatus DER_Encode(PLArenaPool *arena, SECItem *dest, DERTemplate *t,
+ void *src);
+
+extern SECStatus DER_Lengths(SECItem *item, int *header_len_p,
+ PRUint32 *contents_len_p);
+
+/*
+** Lower level der subroutine that stores the standard header into "to".
+** The header is of variable length, based on encodingLen.
+** The return value is the new value of "to" after skipping over the header.
+** "to" is where the header will be stored
+** "code" is the der code to write
+** "encodingLen" is the number of bytes of data that will follow
+** the header
+*/
+extern unsigned char *DER_StoreHeader(unsigned char *to, unsigned int code,
+ PRUint32 encodingLen);
+
+/*
+** Return the number of bytes it will take to hold a der encoded length.
+*/
+extern int DER_LengthLength(PRUint32 len);
+
+/*
+** Store a der encoded *signed* integer (whose value is "src") into "dst".
+** XXX This should really be enhanced to take a long.
+*/
+extern SECStatus DER_SetInteger(PLArenaPool *arena, SECItem *dst, PRInt32 src);
+
+/*
+** Store a der encoded *unsigned* integer (whose value is "src") into "dst".
+** XXX This should really be enhanced to take an unsigned long.
+*/
+extern SECStatus DER_SetUInteger(PLArenaPool *arena, SECItem *dst, PRUint32 src);
+
+/*
+** Decode a der encoded *signed* integer that is stored in "src".
+** If "-1" is returned, then the caller should check the error in
+** XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
+*/
+extern long DER_GetInteger(const SECItem *src);
+
+/*
+** Decode a der encoded *unsigned* integer that is stored in "src".
+** If the ULONG_MAX is returned, then the caller should check the error
+** in XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
+*/
+extern unsigned long DER_GetUInteger(SECItem *src);
+
+/*
+** Convert an NSPR time value to a der encoded time value.
+** "result" is the der encoded time (memory is allocated)
+** "time" is the NSPR time value (Since Jan 1st, 1970).
+** time must be on or after January 1, 1950, and
+** before January 1, 2050
+** The caller is responsible for freeing up the buffer which
+** result->data points to upon a successful operation.
+*/
+extern SECStatus DER_TimeToUTCTime(SECItem *result, PRTime time);
+extern SECStatus DER_TimeToUTCTimeArena(PLArenaPool *arenaOpt,
+ SECItem *dst, PRTime gmttime);
+
+/*
+** Convert an ascii encoded time value (according to DER rules) into
+** an NSPR time value.
+** "result" the resulting NSPR time
+** "string" the der notation ascii value to decode
+*/
+extern SECStatus DER_AsciiToTime(PRTime *result, const char *string);
+
+/*
+** Same as DER_AsciiToTime except takes an SECItem instead of a string
+*/
+extern SECStatus DER_UTCTimeToTime(PRTime *result, const SECItem *time);
+
+/*
+** Convert a DER encoded UTC time to an ascii time representation
+** "utctime" is the DER encoded UTC time to be converted. The
+** caller is responsible for deallocating the returned buffer.
+*/
+extern char *DER_UTCTimeToAscii(SECItem *utcTime);
+
+/*
+** Convert a DER encoded UTC time to an ascii time representation, but only
+** include the day, not the time.
+** "utctime" is the DER encoded UTC time to be converted.
+** The caller is responsible for deallocating the returned buffer.
+*/
+extern char *DER_UTCDayToAscii(SECItem *utctime);
+/* same thing for DER encoded GeneralizedTime */
+extern char *DER_GeneralizedDayToAscii(SECItem *gentime);
+/* same thing for either DER UTCTime or GeneralizedTime */
+extern char *DER_TimeChoiceDayToAscii(SECItem *timechoice);
+
+/*
+** Convert a PRTime to a DER encoded Generalized time
+** gmttime must be on or after January 1, year 1 and
+** before January 1, 10000.
+*/
+extern SECStatus DER_TimeToGeneralizedTime(SECItem *dst, PRTime gmttime);
+extern SECStatus DER_TimeToGeneralizedTimeArena(PLArenaPool *arenaOpt,
+ SECItem *dst, PRTime gmttime);
+
+/*
+** Convert a DER encoded Generalized time value into an NSPR time value.
+** "dst" the resulting NSPR time
+** "string" the der notation ascii value to decode
+*/
+extern SECStatus DER_GeneralizedTimeToTime(PRTime *dst, const SECItem *time);
+
+/*
+** Convert from a PRTime UTC time value to a formatted ascii value. The
+** caller is responsible for deallocating the returned buffer.
+*/
+extern char *CERT_UTCTime2FormattedAscii(PRTime utcTime, char *format);
+#define CERT_GeneralizedTime2FormattedAscii CERT_UTCTime2FormattedAscii
+
+/*
+** Convert from a PRTime Generalized time value to a formatted ascii value. The
+** caller is responsible for deallocating the returned buffer.
+*/
+extern char *CERT_GenTime2FormattedAscii(PRTime genTime, char *format);
+
+/*
+** decode a SECItem containing either a SEC_ASN1_GENERALIZED_TIME
+** or a SEC_ASN1_UTC_TIME
+*/
+
+extern SECStatus DER_DecodeTimeChoice(PRTime *output, const SECItem *input);
+
+/* encode a PRTime to an ASN.1 DER SECItem containing either a
+ SEC_ASN1_GENERALIZED_TIME or a SEC_ASN1_UTC_TIME */
+
+extern SECStatus DER_EncodeTimeChoice(PLArenaPool *arena, SECItem *output,
+ PRTime input);
+
+SEC_END_PROTOS
+
+#endif /* _SECDER_H_ */
diff --git a/security/nss/lib/util/secdert.h b/security/nss/lib/util/secdert.h
new file mode 100644
index 000000000..de67eafe1
--- /dev/null
+++ b/security/nss/lib/util/secdert.h
@@ -0,0 +1,129 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECDERT_H_
+#define _SECDERT_H_
+/*
+ * secdert.h - public data structures for the DER encoding and
+ * decoding utilities library
+ */
+
+#include "utilrename.h"
+#include "seccomon.h"
+
+typedef struct DERTemplateStr DERTemplate;
+
+/*
+** An array of these structures defines an encoding for an object using DER.
+** The array usually starts with a dummy entry whose kind is DER_SEQUENCE;
+** such an array is terminated with an entry where kind == 0. (An array
+** which consists of a single component does not require a second dummy
+** entry -- the array is only searched as long as previous component(s)
+** instruct it.)
+*/
+struct DERTemplateStr {
+ /*
+ ** Kind of item being decoded/encoded, including tags and modifiers.
+ */
+ unsigned long kind;
+
+ /*
+ ** Offset from base of structure to field that holds the value
+ ** being decoded/encoded.
+ */
+ unsigned int offset;
+
+ /*
+ ** When kind suggests it (DER_POINTER, DER_INDEFINITE, DER_INLINE),
+ ** this points to a sub-template for nested encoding/decoding.
+ */
+ DERTemplate *sub;
+
+ /*
+ ** Argument value, dependent on "kind" and/or template placement
+ ** within an array of templates:
+ ** - In the first element of a template array, the value is the
+ ** size of the structure to allocate when this template is being
+ ** referenced by another template via DER_POINTER or DER_INDEFINITE.
+ ** - In a component of a DER_SET or DER_SEQUENCE which is *not* a
+ ** DER_UNIVERSAL type (that is, it has a class tag for either
+ ** DER_APPLICATION, DER_CONTEXT_SPECIFIC, or DER_PRIVATE), the
+ ** value is the underlying type of item being decoded/encoded.
+ */
+ unsigned long arg;
+};
+
+/************************************************************************/
+
+/* default chunksize for arenas used for DER stuff */
+#define DER_DEFAULT_CHUNKSIZE (2048)
+
+/*
+** BER/DER values for ASN.1 identifier octets.
+*/
+#define DER_TAG_MASK 0xff
+
+/*
+ * BER/DER universal type tag numbers.
+ * The values are defined by the X.208 standard; do not change them!
+ * NOTE: if you add anything to this list, you must add code to derdec.c
+ * to accept the tag, and probably also to derenc.c to encode it.
+ */
+#define DER_TAGNUM_MASK 0x1f
+#define DER_BOOLEAN 0x01
+#define DER_INTEGER 0x02
+#define DER_BIT_STRING 0x03
+#define DER_OCTET_STRING 0x04
+#define DER_NULL 0x05
+#define DER_OBJECT_ID 0x06
+#define DER_SEQUENCE 0x10
+#define DER_SET 0x11
+#define DER_PRINTABLE_STRING 0x13
+#define DER_T61_STRING 0x14
+#define DER_IA5_STRING 0x16
+#define DER_UTC_TIME 0x17
+#define DER_VISIBLE_STRING 0x1a
+#define DER_HIGH_TAG_NUMBER 0x1f
+
+/*
+** Modifiers to type tags. These are also specified by a/the
+** standard, and must not be changed.
+*/
+
+#define DER_METHOD_MASK 0x20
+#define DER_PRIMITIVE 0x00
+#define DER_CONSTRUCTED 0x20
+
+#define DER_CLASS_MASK 0xc0
+#define DER_UNIVERSAL 0x00
+#define DER_APPLICATION 0x40
+#define DER_CONTEXT_SPECIFIC 0x80
+#define DER_PRIVATE 0xc0
+
+/*
+** Our additions, used for templates.
+** These are not defined by any standard; the values are used internally only.
+** Just be careful to keep them out of the low 8 bits.
+*/
+#define DER_OPTIONAL 0x00100
+#define DER_EXPLICIT 0x00200
+#define DER_ANY 0x00400
+#define DER_INLINE 0x00800
+#define DER_POINTER 0x01000
+#define DER_INDEFINITE 0x02000
+#define DER_DERPTR 0x04000
+#define DER_SKIP 0x08000
+#define DER_FORCE 0x10000
+#define DER_OUTER 0x40000 /* for DER_DERPTR */
+
+/*
+** Macro to convert der decoded bit string into a decoded octet
+** string. All it needs to do is fiddle with the length code.
+*/
+#define DER_ConvertBitString(item) \
+ { \
+ (item)->len = ((item)->len + 7) >> 3; \
+ }
+
+#endif /* _SECDERT_H_ */
diff --git a/security/nss/lib/util/secdig.c b/security/nss/lib/util/secdig.c
new file mode 100644
index 000000000..f4deec54b
--- /dev/null
+++ b/security/nss/lib/util/secdig.c
@@ -0,0 +1,182 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "secdig.h"
+
+#include "secoid.h"
+#include "secasn1.h"
+#include "secerr.h"
+
+/*
+ * XXX Want to have a SGN_DecodeDigestInfo, like:
+ * SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
+ * that creates a pool and allocates from it and decodes didata into
+ * the newly allocated DigestInfo structure. Then fix secvfy.c (it
+ * will no longer need an arena itself) to call this and then call
+ * DestroyDigestInfo when it is done, then can remove the old template
+ * above and keep our new template static and "hidden".
+ */
+
+/*
+ * XXX It might be nice to combine the following two functions (create
+ * and encode). I think that is all anybody ever wants to do anyway.
+ */
+
+SECItem *
+SGN_EncodeDigestInfo(PLArenaPool *poolp, SECItem *dest, SGNDigestInfo *diginfo)
+{
+ return SEC_ASN1EncodeItem(poolp, dest, diginfo, sgn_DigestInfoTemplate);
+}
+
+SGNDigestInfo *
+SGN_CreateDigestInfo(SECOidTag algorithm, const unsigned char *sig,
+ unsigned len)
+{
+ SGNDigestInfo *di;
+ SECStatus rv;
+ PLArenaPool *arena;
+ SECItem *null_param;
+ SECItem dummy_value;
+
+ switch (algorithm) {
+ case SEC_OID_MD2:
+ case SEC_OID_MD5:
+ case SEC_OID_SHA1:
+ case SEC_OID_SHA224:
+ case SEC_OID_SHA256:
+ case SEC_OID_SHA384:
+ case SEC_OID_SHA512:
+ break;
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+ return NULL;
+ }
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ return NULL;
+ }
+
+ di = (SGNDigestInfo *)PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
+ if (di == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ di->arena = arena;
+
+ /*
+ * PKCS #1 specifies that the AlgorithmID must have a NULL parameter
+ * (as opposed to no parameter at all).
+ */
+ dummy_value.data = NULL;
+ dummy_value.len = 0;
+ null_param = SEC_ASN1EncodeItem(NULL, NULL, &dummy_value, SEC_NullTemplate);
+ if (null_param == NULL) {
+ goto loser;
+ }
+
+ rv = SECOID_SetAlgorithmID(arena, &di->digestAlgorithm, algorithm,
+ null_param);
+
+ SECITEM_FreeItem(null_param, PR_TRUE);
+
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ di->digest.data = (unsigned char *)PORT_ArenaAlloc(arena, len);
+ if (di->digest.data == NULL) {
+ goto loser;
+ }
+
+ di->digest.len = len;
+ PORT_Memcpy(di->digest.data, sig, len);
+ return di;
+
+loser:
+ SGN_DestroyDigestInfo(di);
+ return NULL;
+}
+
+SGNDigestInfo *
+SGN_DecodeDigestInfo(SECItem *didata)
+{
+ PLArenaPool *arena;
+ SGNDigestInfo *di;
+ SECStatus rv = SECFailure;
+ SECItem diCopy = { siBuffer, NULL, 0 };
+
+ arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
+ if (arena == NULL)
+ return NULL;
+
+ rv = SECITEM_CopyItem(arena, &diCopy, didata);
+ if (rv != SECSuccess) {
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+
+ di = (SGNDigestInfo *)PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
+ if (di != NULL) {
+ di->arena = arena;
+ rv = SEC_QuickDERDecodeItem(arena, di, sgn_DigestInfoTemplate, &diCopy);
+ }
+
+ if ((di == NULL) || (rv != SECSuccess)) {
+ PORT_FreeArena(arena, PR_FALSE);
+ di = NULL;
+ }
+
+ return di;
+}
+
+void
+SGN_DestroyDigestInfo(SGNDigestInfo *di)
+{
+ if (di && di->arena) {
+ PORT_FreeArena(di->arena, PR_FALSE);
+ }
+
+ return;
+}
+
+SECStatus
+SGN_CopyDigestInfo(PLArenaPool *poolp, SGNDigestInfo *a, SGNDigestInfo *b)
+{
+ SECStatus rv;
+ void *mark;
+
+ if ((poolp == NULL) || (a == NULL) || (b == NULL))
+ return SECFailure;
+
+ mark = PORT_ArenaMark(poolp);
+ a->arena = poolp;
+ rv = SECOID_CopyAlgorithmID(poolp, &a->digestAlgorithm,
+ &b->digestAlgorithm);
+ if (rv == SECSuccess)
+ rv = SECITEM_CopyItem(poolp, &a->digest, &b->digest);
+
+ if (rv != SECSuccess) {
+ PORT_ArenaRelease(poolp, mark);
+ } else {
+ PORT_ArenaUnmark(poolp, mark);
+ }
+
+ return rv;
+}
+
+SECComparison
+SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b)
+{
+ SECComparison rv;
+
+ /* Check signature algorithm's */
+ rv = SECOID_CompareAlgorithmID(&a->digestAlgorithm, &b->digestAlgorithm);
+ if (rv)
+ return rv;
+
+ /* Compare signature block length's */
+ rv = SECITEM_CompareItem(&a->digest, &b->digest);
+ return rv;
+}
diff --git a/security/nss/lib/util/secdig.h b/security/nss/lib/util/secdig.h
new file mode 100644
index 000000000..1531bf10b
--- /dev/null
+++ b/security/nss/lib/util/secdig.h
@@ -0,0 +1,100 @@
+/*
+ * secdig.h - public prototypes for digest-info functions
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECDIG_H_
+#define _SECDIG_H_
+
+#include "utilrename.h"
+#include "secdigt.h"
+
+#include "seccomon.h"
+#include "secasn1t.h"
+#include "secdert.h"
+
+SEC_BEGIN_PROTOS
+
+extern const SEC_ASN1Template sgn_DigestInfoTemplate[];
+
+SEC_ASN1_CHOOSER_DECLARE(sgn_DigestInfoTemplate)
+
+/****************************************/
+/*
+** Digest-info functions
+*/
+
+/*
+** Create a new digest-info object
+** "algorithm" one of SEC_OID_MD2, SEC_OID_MD5, or SEC_OID_SHA1
+** "sig" the raw signature data (from MD2 or MD5)
+** "sigLen" the length of the signature data
+**
+** NOTE: this is a low level routine used to prepare some data for PKCS#1
+** digital signature formatting.
+**
+** XXX It might be nice to combine the create and encode functions.
+** I think that is all anybody ever wants to do anyway.
+*/
+extern SGNDigestInfo *SGN_CreateDigestInfo(SECOidTag algorithm,
+ const unsigned char *sig,
+ unsigned int sigLen);
+
+/*
+** Destroy a digest-info object
+*/
+extern void SGN_DestroyDigestInfo(SGNDigestInfo *info);
+
+/*
+** Encode a digest-info object
+** "poolp" is where to allocate the result from; it can be NULL in
+** which case generic heap allocation (XP_ALLOC) will be used
+** "dest" is where to store the result; it can be NULL, in which case
+** it will be allocated (from poolp or heap, as explained above)
+** "diginfo" is the object to be encoded
+** The return value is NULL if any error occurred, otherwise it is the
+** resulting SECItem (either allocated or the same as the "dest" parameter).
+**
+** XXX It might be nice to combine the create and encode functions.
+** I think that is all anybody ever wants to do anyway.
+*/
+extern SECItem *SGN_EncodeDigestInfo(PLArenaPool *poolp, SECItem *dest,
+ SGNDigestInfo *diginfo);
+
+/*
+** Decode a DER encoded digest info objct.
+** didata is thr source of the encoded digest.
+** The return value is NULL if an error occurs. Otherwise, a
+** digest info object which is allocated within it's own
+** pool is returned. The digest info should be deleted
+** by later calling SGN_DestroyDigestInfo.
+*/
+extern SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
+
+/*
+** Copy digest info.
+** poolp is the arena to which the digest will be copied.
+** a is the destination digest, it must be non-NULL.
+** b is the source digest
+** This function is for copying digests. It allows digests
+** to be copied into a specified pool. If the digest is in
+** the same pool as other data, you do not want to delete
+** the digest by calling SGN_DestroyDigestInfo.
+** A return value of SECFailure indicates an error. A return
+** of SECSuccess indicates no error occurred.
+*/
+extern SECStatus SGN_CopyDigestInfo(PLArenaPool *poolp,
+ SGNDigestInfo *a,
+ SGNDigestInfo *b);
+
+/*
+** Compare two digest-info objects, returning the difference between
+** them.
+*/
+extern SECComparison SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b);
+
+SEC_END_PROTOS
+
+#endif /* _SECDIG_H_ */
diff --git a/security/nss/lib/util/secdigt.h b/security/nss/lib/util/secdigt.h
new file mode 100644
index 000000000..455343467
--- /dev/null
+++ b/security/nss/lib/util/secdigt.h
@@ -0,0 +1,26 @@
+/*
+ * secdigt.h - public data structures for digest-info objects
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECDIGT_H_
+#define _SECDIGT_H_
+
+#include "utilrename.h"
+#include "plarena.h"
+#include "secoidt.h"
+#include "secitem.h"
+
+/*
+** A PKCS#1 digest-info object
+*/
+struct SGNDigestInfoStr {
+ PLArenaPool* arena;
+ SECAlgorithmID digestAlgorithm;
+ SECItem digest;
+};
+typedef struct SGNDigestInfoStr SGNDigestInfo;
+
+#endif /* _SECDIGT_H_ */
diff --git a/security/nss/lib/util/secerr.h b/security/nss/lib/util/secerr.h
new file mode 100644
index 000000000..4fe1d8e38
--- /dev/null
+++ b/security/nss/lib/util/secerr.h
@@ -0,0 +1,218 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __SEC_ERR_H_
+#define __SEC_ERR_H_
+
+#include "utilrename.h"
+
+#define SEC_ERROR_BASE (-0x2000)
+#define SEC_ERROR_LIMIT (SEC_ERROR_BASE + 1000)
+
+#define IS_SEC_ERROR(code) \
+ (((code) >= SEC_ERROR_BASE) && ((code) < SEC_ERROR_LIMIT))
+
+#ifndef NO_SECURITY_ERROR_ENUM
+typedef enum {
+ SEC_ERROR_IO = SEC_ERROR_BASE + 0,
+ SEC_ERROR_LIBRARY_FAILURE = SEC_ERROR_BASE + 1,
+ SEC_ERROR_BAD_DATA = SEC_ERROR_BASE + 2,
+ SEC_ERROR_OUTPUT_LEN = SEC_ERROR_BASE + 3,
+ SEC_ERROR_INPUT_LEN = SEC_ERROR_BASE + 4,
+ SEC_ERROR_INVALID_ARGS = SEC_ERROR_BASE + 5,
+ SEC_ERROR_INVALID_ALGORITHM = SEC_ERROR_BASE + 6,
+ SEC_ERROR_INVALID_AVA = SEC_ERROR_BASE + 7,
+ SEC_ERROR_INVALID_TIME = SEC_ERROR_BASE + 8,
+ SEC_ERROR_BAD_DER = SEC_ERROR_BASE + 9,
+ SEC_ERROR_BAD_SIGNATURE = SEC_ERROR_BASE + 10,
+ SEC_ERROR_EXPIRED_CERTIFICATE = SEC_ERROR_BASE + 11,
+ SEC_ERROR_REVOKED_CERTIFICATE = SEC_ERROR_BASE + 12,
+ SEC_ERROR_UNKNOWN_ISSUER = SEC_ERROR_BASE + 13,
+ SEC_ERROR_BAD_KEY = SEC_ERROR_BASE + 14,
+ SEC_ERROR_BAD_PASSWORD = SEC_ERROR_BASE + 15,
+ SEC_ERROR_RETRY_PASSWORD = SEC_ERROR_BASE + 16,
+ SEC_ERROR_NO_NODELOCK = SEC_ERROR_BASE + 17,
+ SEC_ERROR_BAD_DATABASE = SEC_ERROR_BASE + 18,
+ SEC_ERROR_NO_MEMORY = SEC_ERROR_BASE + 19,
+ SEC_ERROR_UNTRUSTED_ISSUER = SEC_ERROR_BASE + 20,
+ SEC_ERROR_UNTRUSTED_CERT = SEC_ERROR_BASE + 21,
+ SEC_ERROR_DUPLICATE_CERT = (SEC_ERROR_BASE + 22),
+ SEC_ERROR_DUPLICATE_CERT_NAME = (SEC_ERROR_BASE + 23),
+ SEC_ERROR_ADDING_CERT = (SEC_ERROR_BASE + 24),
+ SEC_ERROR_FILING_KEY = (SEC_ERROR_BASE + 25),
+ SEC_ERROR_NO_KEY = (SEC_ERROR_BASE + 26),
+ SEC_ERROR_CERT_VALID = (SEC_ERROR_BASE + 27),
+ SEC_ERROR_CERT_NOT_VALID = (SEC_ERROR_BASE + 28),
+ SEC_ERROR_CERT_NO_RESPONSE = (SEC_ERROR_BASE + 29),
+ SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE = (SEC_ERROR_BASE + 30),
+ SEC_ERROR_CRL_EXPIRED = (SEC_ERROR_BASE + 31),
+ SEC_ERROR_CRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 32),
+ SEC_ERROR_CRL_INVALID = (SEC_ERROR_BASE + 33),
+ SEC_ERROR_EXTENSION_VALUE_INVALID = (SEC_ERROR_BASE + 34),
+ SEC_ERROR_EXTENSION_NOT_FOUND = (SEC_ERROR_BASE + 35),
+ SEC_ERROR_CA_CERT_INVALID = (SEC_ERROR_BASE + 36),
+ SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID = (SEC_ERROR_BASE + 37),
+ SEC_ERROR_CERT_USAGES_INVALID = (SEC_ERROR_BASE + 38),
+ SEC_INTERNAL_ONLY = (SEC_ERROR_BASE + 39),
+ SEC_ERROR_INVALID_KEY = (SEC_ERROR_BASE + 40),
+ SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 41),
+ SEC_ERROR_OLD_CRL = (SEC_ERROR_BASE + 42),
+ SEC_ERROR_NO_EMAIL_CERT = (SEC_ERROR_BASE + 43),
+ SEC_ERROR_NO_RECIPIENT_CERTS_QUERY = (SEC_ERROR_BASE + 44),
+ SEC_ERROR_NOT_A_RECIPIENT = (SEC_ERROR_BASE + 45),
+ SEC_ERROR_PKCS7_KEYALG_MISMATCH = (SEC_ERROR_BASE + 46),
+ SEC_ERROR_PKCS7_BAD_SIGNATURE = (SEC_ERROR_BASE + 47),
+ SEC_ERROR_UNSUPPORTED_KEYALG = (SEC_ERROR_BASE + 48),
+ SEC_ERROR_DECRYPTION_DISALLOWED = (SEC_ERROR_BASE + 49),
+ /* Fortezza Alerts */
+ XP_SEC_FORTEZZA_BAD_CARD = (SEC_ERROR_BASE + 50),
+ XP_SEC_FORTEZZA_NO_CARD = (SEC_ERROR_BASE + 51),
+ XP_SEC_FORTEZZA_NONE_SELECTED = (SEC_ERROR_BASE + 52),
+ XP_SEC_FORTEZZA_MORE_INFO = (SEC_ERROR_BASE + 53),
+ XP_SEC_FORTEZZA_PERSON_NOT_FOUND = (SEC_ERROR_BASE + 54),
+ XP_SEC_FORTEZZA_NO_MORE_INFO = (SEC_ERROR_BASE + 55),
+ XP_SEC_FORTEZZA_BAD_PIN = (SEC_ERROR_BASE + 56),
+ XP_SEC_FORTEZZA_PERSON_ERROR = (SEC_ERROR_BASE + 57),
+ SEC_ERROR_NO_KRL = (SEC_ERROR_BASE + 58),
+ SEC_ERROR_KRL_EXPIRED = (SEC_ERROR_BASE + 59),
+ SEC_ERROR_KRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 60),
+ SEC_ERROR_REVOKED_KEY = (SEC_ERROR_BASE + 61),
+ SEC_ERROR_KRL_INVALID = (SEC_ERROR_BASE + 62),
+ SEC_ERROR_NEED_RANDOM = (SEC_ERROR_BASE + 63),
+ SEC_ERROR_NO_MODULE = (SEC_ERROR_BASE + 64),
+ SEC_ERROR_NO_TOKEN = (SEC_ERROR_BASE + 65),
+ SEC_ERROR_READ_ONLY = (SEC_ERROR_BASE + 66),
+ SEC_ERROR_NO_SLOT_SELECTED = (SEC_ERROR_BASE + 67),
+ SEC_ERROR_CERT_NICKNAME_COLLISION = (SEC_ERROR_BASE + 68),
+ SEC_ERROR_KEY_NICKNAME_COLLISION = (SEC_ERROR_BASE + 69),
+ SEC_ERROR_SAFE_NOT_CREATED = (SEC_ERROR_BASE + 70),
+ SEC_ERROR_BAGGAGE_NOT_CREATED = (SEC_ERROR_BASE + 71),
+ XP_JAVA_REMOVE_PRINCIPAL_ERROR = (SEC_ERROR_BASE + 72),
+ XP_JAVA_DELETE_PRIVILEGE_ERROR = (SEC_ERROR_BASE + 73),
+ XP_JAVA_CERT_NOT_EXISTS_ERROR = (SEC_ERROR_BASE + 74),
+ SEC_ERROR_BAD_EXPORT_ALGORITHM = (SEC_ERROR_BASE + 75),
+ SEC_ERROR_EXPORTING_CERTIFICATES = (SEC_ERROR_BASE + 76),
+ SEC_ERROR_IMPORTING_CERTIFICATES = (SEC_ERROR_BASE + 77),
+ SEC_ERROR_PKCS12_DECODING_PFX = (SEC_ERROR_BASE + 78),
+ SEC_ERROR_PKCS12_INVALID_MAC = (SEC_ERROR_BASE + 79),
+ SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM = (SEC_ERROR_BASE + 80),
+ SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE = (SEC_ERROR_BASE + 81),
+ SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE = (SEC_ERROR_BASE + 82),
+ SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM = (SEC_ERROR_BASE + 83),
+ SEC_ERROR_PKCS12_UNSUPPORTED_VERSION = (SEC_ERROR_BASE + 84),
+ SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT = (SEC_ERROR_BASE + 85),
+ SEC_ERROR_PKCS12_CERT_COLLISION = (SEC_ERROR_BASE + 86),
+ SEC_ERROR_USER_CANCELLED = (SEC_ERROR_BASE + 87),
+ SEC_ERROR_PKCS12_DUPLICATE_DATA = (SEC_ERROR_BASE + 88),
+ SEC_ERROR_MESSAGE_SEND_ABORTED = (SEC_ERROR_BASE + 89),
+ SEC_ERROR_INADEQUATE_KEY_USAGE = (SEC_ERROR_BASE + 90),
+ SEC_ERROR_INADEQUATE_CERT_TYPE = (SEC_ERROR_BASE + 91),
+ SEC_ERROR_CERT_ADDR_MISMATCH = (SEC_ERROR_BASE + 92),
+ SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY = (SEC_ERROR_BASE + 93),
+ SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN = (SEC_ERROR_BASE + 94),
+ SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME = (SEC_ERROR_BASE + 95),
+ SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY = (SEC_ERROR_BASE + 96),
+ SEC_ERROR_PKCS12_UNABLE_TO_WRITE = (SEC_ERROR_BASE + 97),
+ SEC_ERROR_PKCS12_UNABLE_TO_READ = (SEC_ERROR_BASE + 98),
+ SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED = (SEC_ERROR_BASE + 99),
+ SEC_ERROR_KEYGEN_FAIL = (SEC_ERROR_BASE + 100),
+ SEC_ERROR_INVALID_PASSWORD = (SEC_ERROR_BASE + 101),
+ SEC_ERROR_RETRY_OLD_PASSWORD = (SEC_ERROR_BASE + 102),
+ SEC_ERROR_BAD_NICKNAME = (SEC_ERROR_BASE + 103),
+ SEC_ERROR_NOT_FORTEZZA_ISSUER = (SEC_ERROR_BASE + 104),
+ SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY = (SEC_ERROR_BASE + 105),
+ SEC_ERROR_JS_INVALID_MODULE_NAME = (SEC_ERROR_BASE + 106),
+ SEC_ERROR_JS_INVALID_DLL = (SEC_ERROR_BASE + 107),
+ SEC_ERROR_JS_ADD_MOD_FAILURE = (SEC_ERROR_BASE + 108),
+ SEC_ERROR_JS_DEL_MOD_FAILURE = (SEC_ERROR_BASE + 109),
+ SEC_ERROR_OLD_KRL = (SEC_ERROR_BASE + 110),
+ SEC_ERROR_CKL_CONFLICT = (SEC_ERROR_BASE + 111),
+ SEC_ERROR_CERT_NOT_IN_NAME_SPACE = (SEC_ERROR_BASE + 112),
+ SEC_ERROR_KRL_NOT_YET_VALID = (SEC_ERROR_BASE + 113),
+ SEC_ERROR_CRL_NOT_YET_VALID = (SEC_ERROR_BASE + 114),
+ SEC_ERROR_UNKNOWN_CERT = (SEC_ERROR_BASE + 115),
+ SEC_ERROR_UNKNOWN_SIGNER = (SEC_ERROR_BASE + 116),
+ SEC_ERROR_CERT_BAD_ACCESS_LOCATION = (SEC_ERROR_BASE + 117),
+ SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE = (SEC_ERROR_BASE + 118),
+ SEC_ERROR_OCSP_BAD_HTTP_RESPONSE = (SEC_ERROR_BASE + 119),
+ SEC_ERROR_OCSP_MALFORMED_REQUEST = (SEC_ERROR_BASE + 120),
+ SEC_ERROR_OCSP_SERVER_ERROR = (SEC_ERROR_BASE + 121),
+ SEC_ERROR_OCSP_TRY_SERVER_LATER = (SEC_ERROR_BASE + 122),
+ SEC_ERROR_OCSP_REQUEST_NEEDS_SIG = (SEC_ERROR_BASE + 123),
+ SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST = (SEC_ERROR_BASE + 124),
+ SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS = (SEC_ERROR_BASE + 125),
+ SEC_ERROR_OCSP_UNKNOWN_CERT = (SEC_ERROR_BASE + 126),
+ SEC_ERROR_OCSP_NOT_ENABLED = (SEC_ERROR_BASE + 127),
+ SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER = (SEC_ERROR_BASE + 128),
+ SEC_ERROR_OCSP_MALFORMED_RESPONSE = (SEC_ERROR_BASE + 129),
+ SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE = (SEC_ERROR_BASE + 130),
+ SEC_ERROR_OCSP_FUTURE_RESPONSE = (SEC_ERROR_BASE + 131),
+ SEC_ERROR_OCSP_OLD_RESPONSE = (SEC_ERROR_BASE + 132),
+ /* smime stuff */
+ SEC_ERROR_DIGEST_NOT_FOUND = (SEC_ERROR_BASE + 133),
+ SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE = (SEC_ERROR_BASE + 134),
+ SEC_ERROR_MODULE_STUCK = (SEC_ERROR_BASE + 135),
+ SEC_ERROR_BAD_TEMPLATE = (SEC_ERROR_BASE + 136),
+ SEC_ERROR_CRL_NOT_FOUND = (SEC_ERROR_BASE + 137),
+ SEC_ERROR_REUSED_ISSUER_AND_SERIAL = (SEC_ERROR_BASE + 138),
+ SEC_ERROR_BUSY = (SEC_ERROR_BASE + 139),
+ SEC_ERROR_EXTRA_INPUT = (SEC_ERROR_BASE + 140),
+ /* error codes used by elliptic curve code */
+ SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE = (SEC_ERROR_BASE + 141),
+ SEC_ERROR_UNSUPPORTED_EC_POINT_FORM = (SEC_ERROR_BASE + 142),
+ SEC_ERROR_UNRECOGNIZED_OID = (SEC_ERROR_BASE + 143),
+ SEC_ERROR_OCSP_INVALID_SIGNING_CERT = (SEC_ERROR_BASE + 144),
+ /* new revocation errors */
+ SEC_ERROR_REVOKED_CERTIFICATE_CRL = (SEC_ERROR_BASE + 145),
+ SEC_ERROR_REVOKED_CERTIFICATE_OCSP = (SEC_ERROR_BASE + 146),
+ SEC_ERROR_CRL_INVALID_VERSION = (SEC_ERROR_BASE + 147),
+ SEC_ERROR_CRL_V1_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 148),
+ SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 149),
+ SEC_ERROR_UNKNOWN_OBJECT_TYPE = (SEC_ERROR_BASE + 150),
+ SEC_ERROR_INCOMPATIBLE_PKCS11 = (SEC_ERROR_BASE + 151),
+ SEC_ERROR_NO_EVENT = (SEC_ERROR_BASE + 152),
+ SEC_ERROR_CRL_ALREADY_EXISTS = (SEC_ERROR_BASE + 153),
+ SEC_ERROR_NOT_INITIALIZED = (SEC_ERROR_BASE + 154),
+ SEC_ERROR_TOKEN_NOT_LOGGED_IN = (SEC_ERROR_BASE + 155),
+ SEC_ERROR_OCSP_RESPONDER_CERT_INVALID = (SEC_ERROR_BASE + 156),
+ SEC_ERROR_OCSP_BAD_SIGNATURE = (SEC_ERROR_BASE + 157),
+
+ SEC_ERROR_OUT_OF_SEARCH_LIMITS = (SEC_ERROR_BASE + 158),
+ SEC_ERROR_INVALID_POLICY_MAPPING = (SEC_ERROR_BASE + 159),
+ SEC_ERROR_POLICY_VALIDATION_FAILED = (SEC_ERROR_BASE + 160),
+ /* No longer used. Unknown AIA location types are now silently ignored. */
+ SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE = (SEC_ERROR_BASE + 161),
+ SEC_ERROR_BAD_HTTP_RESPONSE = (SEC_ERROR_BASE + 162),
+ SEC_ERROR_BAD_LDAP_RESPONSE = (SEC_ERROR_BASE + 163),
+ SEC_ERROR_FAILED_TO_ENCODE_DATA = (SEC_ERROR_BASE + 164),
+ SEC_ERROR_BAD_INFO_ACCESS_LOCATION = (SEC_ERROR_BASE + 165),
+
+ SEC_ERROR_LIBPKIX_INTERNAL = (SEC_ERROR_BASE + 166),
+
+ SEC_ERROR_PKCS11_GENERAL_ERROR = (SEC_ERROR_BASE + 167),
+ SEC_ERROR_PKCS11_FUNCTION_FAILED = (SEC_ERROR_BASE + 168),
+ SEC_ERROR_PKCS11_DEVICE_ERROR = (SEC_ERROR_BASE + 169),
+
+ SEC_ERROR_BAD_INFO_ACCESS_METHOD = (SEC_ERROR_BASE + 170),
+ SEC_ERROR_CRL_IMPORT_FAILED = (SEC_ERROR_BASE + 171),
+
+ SEC_ERROR_EXPIRED_PASSWORD = (SEC_ERROR_BASE + 172),
+ SEC_ERROR_LOCKED_PASSWORD = (SEC_ERROR_BASE + 173),
+
+ SEC_ERROR_UNKNOWN_PKCS11_ERROR = (SEC_ERROR_BASE + 174),
+
+ SEC_ERROR_BAD_CRL_DP_URL = (SEC_ERROR_BASE + 175),
+
+ SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED = (SEC_ERROR_BASE + 176),
+
+ SEC_ERROR_LEGACY_DATABASE = (SEC_ERROR_BASE + 177),
+
+ SEC_ERROR_APPLICATION_CALLBACK_ERROR = (SEC_ERROR_BASE + 178),
+
+ /* Add new error codes above here. */
+ SEC_ERROR_END_OF_LIST
+} SECErrorCodes;
+#endif /* NO_SECURITY_ERROR_ENUM */
+
+#endif /* __SEC_ERR_H_ */
diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c
new file mode 100644
index 000000000..22c5b1f6e
--- /dev/null
+++ b/security/nss/lib/util/secitem.c
@@ -0,0 +1,487 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Support routines for SECItem data structure.
+ */
+
+#include "seccomon.h"
+#include "secitem.h"
+#include "secerr.h"
+#include "secport.h"
+
+SECItem *
+SECITEM_AllocItem(PLArenaPool *arena, SECItem *item, unsigned int len)
+{
+ SECItem *result = NULL;
+ void *mark = NULL;
+
+ if (arena != NULL) {
+ mark = PORT_ArenaMark(arena);
+ }
+
+ if (item == NULL) {
+ if (arena != NULL) {
+ result = PORT_ArenaZAlloc(arena, sizeof(SECItem));
+ } else {
+ result = PORT_ZAlloc(sizeof(SECItem));
+ }
+ if (result == NULL) {
+ goto loser;
+ }
+ } else {
+ PORT_Assert(item->data == NULL);
+ result = item;
+ }
+
+ result->len = len;
+ if (len) {
+ if (arena != NULL) {
+ result->data = PORT_ArenaAlloc(arena, len);
+ } else {
+ result->data = PORT_Alloc(len);
+ }
+ if (result->data == NULL) {
+ goto loser;
+ }
+ } else {
+ result->data = NULL;
+ }
+
+ if (mark) {
+ PORT_ArenaUnmark(arena, mark);
+ }
+ return (result);
+
+loser:
+ if (arena != NULL) {
+ if (mark) {
+ PORT_ArenaRelease(arena, mark);
+ }
+ if (item != NULL) {
+ item->data = NULL;
+ item->len = 0;
+ }
+ } else {
+ if (result != NULL) {
+ SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE);
+ }
+ /*
+ * If item is not NULL, the above has set item->data and
+ * item->len to 0.
+ */
+ }
+ return (NULL);
+}
+
+SECStatus
+SECITEM_ReallocItem(PLArenaPool *arena, SECItem *item, unsigned int oldlen,
+ unsigned int newlen)
+{
+ PORT_Assert(item != NULL);
+ if (item == NULL) {
+ /* XXX Set error. But to what? */
+ return SECFailure;
+ }
+
+ /*
+ * If no old length, degenerate to just plain alloc.
+ */
+ if (oldlen == 0) {
+ PORT_Assert(item->data == NULL || item->len == 0);
+ if (newlen == 0) {
+ /* Nothing to do. Weird, but not a failure. */
+ return SECSuccess;
+ }
+ item->len = newlen;
+ if (arena != NULL) {
+ item->data = PORT_ArenaAlloc(arena, newlen);
+ } else {
+ item->data = PORT_Alloc(newlen);
+ }
+ } else {
+ if (arena != NULL) {
+ item->data = PORT_ArenaGrow(arena, item->data, oldlen, newlen);
+ } else {
+ item->data = PORT_Realloc(item->data, newlen);
+ }
+ }
+
+ if (item->data == NULL) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+SECITEM_ReallocItemV2(PLArenaPool *arena, SECItem *item, unsigned int newlen)
+{
+ unsigned char *newdata = NULL;
+
+ PORT_Assert(item);
+ if (!item) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (item->len == newlen) {
+ return SECSuccess;
+ }
+
+ if (!newlen) {
+ if (!arena) {
+ PORT_Free(item->data);
+ }
+ item->data = NULL;
+ item->len = 0;
+ return SECSuccess;
+ }
+
+ if (!item->data) {
+ /* allocate fresh block of memory */
+ PORT_Assert(!item->len);
+ if (arena) {
+ newdata = PORT_ArenaAlloc(arena, newlen);
+ } else {
+ newdata = PORT_Alloc(newlen);
+ }
+ } else {
+ /* reallocate or adjust existing block of memory */
+ if (arena) {
+ if (item->len > newlen) {
+ /* There's no need to realloc a shorter block from the arena,
+ * because it would result in using even more memory!
+ * Therefore we'll continue to use the old block and
+ * set the item to the shorter size.
+ */
+ item->len = newlen;
+ return SECSuccess;
+ }
+ newdata = PORT_ArenaGrow(arena, item->data, item->len, newlen);
+ } else {
+ newdata = PORT_Realloc(item->data, newlen);
+ }
+ }
+
+ if (!newdata) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ item->len = newlen;
+ item->data = newdata;
+ return SECSuccess;
+}
+
+SECComparison
+SECITEM_CompareItem(const SECItem *a, const SECItem *b)
+{
+ unsigned m;
+ int rv;
+
+ if (a == b)
+ return SECEqual;
+ if (!a || !a->len || !a->data)
+ return (!b || !b->len || !b->data) ? SECEqual : SECLessThan;
+ if (!b || !b->len || !b->data)
+ return SECGreaterThan;
+
+ m = ((a->len < b->len) ? a->len : b->len);
+
+ rv = PORT_Memcmp(a->data, b->data, m);
+ if (rv) {
+ return rv < 0 ? SECLessThan : SECGreaterThan;
+ }
+ if (a->len < b->len) {
+ return SECLessThan;
+ }
+ if (a->len == b->len) {
+ return SECEqual;
+ }
+ return SECGreaterThan;
+}
+
+PRBool
+SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b)
+{
+ if (a->len != b->len)
+ return PR_FALSE;
+ if (!a->len)
+ return PR_TRUE;
+ if (!a->data || !b->data) {
+ /* avoid null pointer crash. */
+ return (PRBool)(a->data == b->data);
+ }
+ return (PRBool)!PORT_Memcmp(a->data, b->data, a->len);
+}
+
+SECItem *
+SECITEM_DupItem(const SECItem *from)
+{
+ return SECITEM_ArenaDupItem(NULL, from);
+}
+
+SECItem *
+SECITEM_ArenaDupItem(PLArenaPool *arena, const SECItem *from)
+{
+ SECItem *to;
+
+ if (from == NULL) {
+ return (NULL);
+ }
+
+ if (arena != NULL) {
+ to = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
+ } else {
+ to = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ }
+ if (to == NULL) {
+ return (NULL);
+ }
+
+ if (arena != NULL) {
+ to->data = (unsigned char *)PORT_ArenaAlloc(arena, from->len);
+ } else {
+ to->data = (unsigned char *)PORT_Alloc(from->len);
+ }
+ if (to->data == NULL) {
+ PORT_Free(to);
+ return (NULL);
+ }
+
+ to->len = from->len;
+ to->type = from->type;
+ if (to->len) {
+ PORT_Memcpy(to->data, from->data, to->len);
+ }
+
+ return (to);
+}
+
+SECStatus
+SECITEM_CopyItem(PLArenaPool *arena, SECItem *to, const SECItem *from)
+{
+ to->type = from->type;
+ if (from->data && from->len) {
+ if (arena) {
+ to->data = (unsigned char *)PORT_ArenaAlloc(arena, from->len);
+ } else {
+ to->data = (unsigned char *)PORT_Alloc(from->len);
+ }
+
+ if (!to->data) {
+ return SECFailure;
+ }
+ PORT_Memcpy(to->data, from->data, from->len);
+ to->len = from->len;
+ } else {
+ /*
+ * If from->data is NULL but from->len is nonzero, this function
+ * will succeed. Is this right?
+ */
+ to->data = 0;
+ to->len = 0;
+ }
+ return SECSuccess;
+}
+
+void
+SECITEM_FreeItem(SECItem *zap, PRBool freeit)
+{
+ if (zap) {
+ PORT_Free(zap->data);
+ zap->data = 0;
+ zap->len = 0;
+ if (freeit) {
+ PORT_Free(zap);
+ }
+ }
+}
+
+void
+SECITEM_ZfreeItem(SECItem *zap, PRBool freeit)
+{
+ if (zap) {
+ PORT_ZFree(zap->data, zap->len);
+ zap->data = 0;
+ zap->len = 0;
+ if (freeit) {
+ PORT_ZFree(zap, sizeof(SECItem));
+ }
+ }
+}
+/* these reroutines were taken from pkix oid.c, which is supposed to
+ * replace this file some day */
+/*
+ * This is the hash function. We simply XOR the encoded form with
+ * itself in sizeof(PLHashNumber)-byte chunks. Improving this
+ * routine is left as an excercise for the more mathematically
+ * inclined student.
+ */
+PLHashNumber PR_CALLBACK
+SECITEM_Hash(const void *key)
+{
+ const SECItem *item = (const SECItem *)key;
+ PLHashNumber rv = 0;
+
+ PRUint8 *data = (PRUint8 *)item->data;
+ PRUint32 i;
+ PRUint8 *rvc = (PRUint8 *)&rv;
+
+ for (i = 0; i < item->len; i++) {
+ rvc[i % sizeof(rv)] ^= *data;
+ data++;
+ }
+
+ return rv;
+}
+
+/*
+ * This is the key-compare function. It simply does a lexical
+ * comparison on the item data. This does not result in
+ * quite the same ordering as the "sequence of numbers" order,
+ * but heck it's only used internally by the hash table anyway.
+ */
+PRIntn PR_CALLBACK
+SECITEM_HashCompare(const void *k1, const void *k2)
+{
+ const SECItem *i1 = (const SECItem *)k1;
+ const SECItem *i2 = (const SECItem *)k2;
+
+ return SECITEM_ItemsAreEqual(i1, i2);
+}
+
+SECItemArray *
+SECITEM_AllocArray(PLArenaPool *arena, SECItemArray *array, unsigned int len)
+{
+ SECItemArray *result = NULL;
+ void *mark = NULL;
+
+ if (array != NULL && array->items != NULL) {
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+
+ if (arena != NULL) {
+ mark = PORT_ArenaMark(arena);
+ }
+
+ if (array == NULL) {
+ if (arena != NULL) {
+ result = PORT_ArenaZAlloc(arena, sizeof(SECItemArray));
+ } else {
+ result = PORT_ZAlloc(sizeof(SECItemArray));
+ }
+ if (result == NULL) {
+ goto loser;
+ }
+ } else {
+ result = array;
+ }
+
+ result->len = len;
+ if (len) {
+ if (arena != NULL) {
+ result->items = PORT_ArenaZNewArray(arena, SECItem, len);
+ } else {
+ result->items = PORT_ZNewArray(SECItem, len);
+ }
+ if (result->items == NULL) {
+ goto loser;
+ }
+ } else {
+ result->items = NULL;
+ }
+
+ if (mark) {
+ PORT_ArenaUnmark(arena, mark);
+ }
+ return result;
+
+loser:
+ if (arena != NULL) {
+ if (mark) {
+ PORT_ArenaRelease(arena, mark);
+ }
+ } else {
+ if (result != NULL && array == NULL) {
+ PORT_Free(result);
+ }
+ }
+ if (array != NULL) {
+ array->items = NULL;
+ array->len = 0;
+ }
+ return NULL;
+}
+
+static void
+secitem_FreeArray(SECItemArray *array, PRBool zero_items, PRBool freeit)
+{
+ unsigned int i;
+
+ if (!array || !array->len || !array->items)
+ return;
+
+ for (i = 0; i < array->len; ++i) {
+ SECItem *item = &array->items[i];
+
+ if (item->data) {
+ if (zero_items) {
+ SECITEM_ZfreeItem(item, PR_FALSE);
+ } else {
+ SECITEM_FreeItem(item, PR_FALSE);
+ }
+ }
+ }
+ PORT_Free(array->items);
+ array->items = NULL;
+ array->len = 0;
+
+ if (freeit)
+ PORT_Free(array);
+}
+
+void
+SECITEM_FreeArray(SECItemArray *array, PRBool freeit)
+{
+ secitem_FreeArray(array, PR_FALSE, freeit);
+}
+
+void
+SECITEM_ZfreeArray(SECItemArray *array, PRBool freeit)
+{
+ secitem_FreeArray(array, PR_TRUE, freeit);
+}
+
+SECItemArray *
+SECITEM_DupArray(PLArenaPool *arena, const SECItemArray *from)
+{
+ SECItemArray *result;
+ unsigned int i;
+
+ /* Require a "from" array.
+ * Reject an inconsistent "from" array with NULL data and nonzero length.
+ * However, allow a "from" array of zero length.
+ */
+ if (!from || (!from->items && from->len))
+ return NULL;
+
+ result = SECITEM_AllocArray(arena, NULL, from->len);
+ if (!result)
+ return NULL;
+
+ for (i = 0; i < from->len; ++i) {
+ SECStatus rv = SECITEM_CopyItem(arena,
+ &result->items[i], &from->items[i]);
+ if (rv != SECSuccess) {
+ SECITEM_ZfreeArray(result, PR_TRUE);
+ return NULL;
+ }
+ }
+
+ return result;
+}
diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h
new file mode 100644
index 000000000..5b9d0e174
--- /dev/null
+++ b/security/nss/lib/util/secitem.h
@@ -0,0 +1,118 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECITEM_H_
+#define _SECITEM_H_
+
+#include "utilrename.h"
+
+/*
+ * secitem.h - public data structures and prototypes for handling
+ * SECItems
+ */
+
+#include "plarena.h"
+#include "plhash.h"
+#include "seccomon.h"
+
+SEC_BEGIN_PROTOS
+
+/*
+** Allocate an item. If "arena" is not NULL, then allocate from there,
+** otherwise allocate from the heap. If "item" is not NULL, allocate
+** only the data buffer for the item, not the item itself. If "len" is
+** 0, do not allocate the data buffer for the item; simply set the data
+** field to NULL and the len field to 0. The item structure is allocated
+** zero-filled; the data buffer is not zeroed. The caller is responsible
+** for initializing the type field of the item.
+**
+** The resulting item is returned; NULL if any error occurs.
+**
+** XXX This probably should take a SECItemType, but since that is mostly
+** unused and our improved APIs (aka Stan) are looming, I left it out.
+*/
+extern SECItem *SECITEM_AllocItem(PLArenaPool *arena, SECItem *item,
+ unsigned int len);
+
+/*
+** This is a legacy function containing bugs. It doesn't update item->len,
+** and it has other issues as described in bug 298649 and bug 298938.
+** However, the function is kept unchanged for consumers that might depend
+** on the broken behaviour. New code should call SECITEM_ReallocItemV2.
+**
+** Reallocate the data for the specified "item". If "arena" is not NULL,
+** then reallocate from there, otherwise reallocate from the heap.
+** In the case where oldlen is 0, the data is allocated (not reallocated).
+** In any case, "item" is expected to be a valid SECItem pointer;
+** SECFailure is returned if it is not. If the allocation succeeds,
+** SECSuccess is returned.
+*/
+extern SECStatus SECITEM_ReallocItem(/* deprecated function */
+ PLArenaPool *arena, SECItem *item,
+ unsigned int oldlen, unsigned int newlen);
+
+/*
+** Reallocate the data for the specified "item". If "arena" is not NULL,
+** then reallocate from there, otherwise reallocate from the heap.
+** If item->data is NULL, the data is allocated (not reallocated).
+** In any case, "item" is expected to be a valid SECItem pointer;
+** SECFailure is returned if it is not, and the item will remain unchanged.
+** If the allocation succeeds, the item is updated and SECSuccess is returned.
+ */
+extern SECStatus SECITEM_ReallocItemV2(PLArenaPool *arena, SECItem *item,
+ unsigned int newlen);
+
+/*
+** Compare two items returning the difference between them.
+*/
+extern SECComparison SECITEM_CompareItem(const SECItem *a, const SECItem *b);
+
+/*
+** Compare two items -- if they are the same, return true; otherwise false.
+*/
+extern PRBool SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b);
+
+/*
+** Copy "from" to "to"
+*/
+extern SECStatus SECITEM_CopyItem(PLArenaPool *arena, SECItem *to,
+ const SECItem *from);
+
+/*
+** Allocate an item and copy "from" into it.
+*/
+extern SECItem *SECITEM_DupItem(const SECItem *from);
+
+/*
+** Allocate an item and copy "from" into it. The item itself and the
+** data it points to are both allocated from the arena. If arena is
+** NULL, this function is equivalent to SECITEM_DupItem.
+*/
+extern SECItem *SECITEM_ArenaDupItem(PLArenaPool *arena, const SECItem *from);
+
+/*
+** Free "zap". If freeit is PR_TRUE then "zap" itself is freed.
+*/
+extern void SECITEM_FreeItem(SECItem *zap, PRBool freeit);
+
+/*
+** Zero and then free "zap". If freeit is PR_TRUE then "zap" itself is freed.
+*/
+extern void SECITEM_ZfreeItem(SECItem *zap, PRBool freeit);
+
+PLHashNumber PR_CALLBACK SECITEM_Hash(const void *key);
+
+PRIntn PR_CALLBACK SECITEM_HashCompare(const void *k1, const void *k2);
+
+extern SECItemArray *SECITEM_AllocArray(PLArenaPool *arena,
+ SECItemArray *array,
+ unsigned int len);
+extern SECItemArray *SECITEM_DupArray(PLArenaPool *arena,
+ const SECItemArray *from);
+extern void SECITEM_FreeArray(SECItemArray *array, PRBool freeit);
+extern void SECITEM_ZfreeArray(SECItemArray *array, PRBool freeit);
+
+SEC_END_PROTOS
+
+#endif /* _SECITEM_H_ */
diff --git a/security/nss/lib/util/secload.c b/security/nss/lib/util/secload.c
new file mode 100644
index 000000000..12efd2f75
--- /dev/null
+++ b/security/nss/lib/util/secload.c
@@ -0,0 +1,182 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secport.h"
+#include "nspr.h"
+
+#ifdef XP_UNIX
+#include <unistd.h>
+#define BL_MAXSYMLINKS 20
+
+/*
+ * If 'link' is a symbolic link, this function follows the symbolic links
+ * and returns the pathname of the ultimate source of the symbolic links.
+ * If 'link' is not a symbolic link, this function returns NULL.
+ * The caller should call PR_Free to free the string returned by this
+ * function.
+ */
+static char*
+loader_GetOriginalPathname(const char* link)
+{
+ char* resolved = NULL;
+ char* input = NULL;
+ PRUint32 iterations = 0;
+ PRInt32 len = 0, retlen = 0;
+ if (!link) {
+ PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
+ return NULL;
+ }
+ len = PR_MAX(1024, strlen(link) + 1);
+ resolved = PR_Malloc(len);
+ input = PR_Malloc(len);
+ if (!resolved || !input) {
+ if (resolved) {
+ PR_Free(resolved);
+ }
+ if (input) {
+ PR_Free(input);
+ }
+ return NULL;
+ }
+ strcpy(input, link);
+ while ((iterations++ < BL_MAXSYMLINKS) &&
+ ((retlen = readlink(input, resolved, len - 1)) > 0)) {
+ char* tmp = input;
+ resolved[retlen] = '\0'; /* NULL termination */
+ input = resolved;
+ resolved = tmp;
+ }
+ PR_Free(resolved);
+ if (iterations == 1 && retlen < 0) {
+ PR_Free(input);
+ input = NULL;
+ }
+ return input;
+}
+#endif /* XP_UNIX */
+
+/*
+ * Load the library with the file name 'name' residing in the same
+ * directory as the reference library, whose pathname is 'referencePath'.
+ */
+static PRLibrary*
+loader_LoadLibInReferenceDir(const char* referencePath, const char* name)
+{
+ PRLibrary* dlh = NULL;
+ char* fullName = NULL;
+ char* c;
+ PRLibSpec libSpec;
+
+ /* Remove the trailing filename from referencePath and add the new one */
+ c = strrchr(referencePath, PR_GetDirectorySeparator());
+ if (c) {
+ size_t referencePathSize = 1 + c - referencePath;
+ fullName = (char*)PORT_Alloc(strlen(name) + referencePathSize + 1);
+ if (fullName) {
+ memcpy(fullName, referencePath, referencePathSize);
+ strcpy(fullName + referencePathSize, name);
+#ifdef DEBUG_LOADER
+ PR_fprintf(PR_STDOUT, "\nAttempting to load fully-qualified %s\n",
+ fullName);
+#endif
+ libSpec.type = PR_LibSpec_Pathname;
+ libSpec.value.pathname = fullName;
+ dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL
+#ifdef PR_LD_ALT_SEARCH_PATH
+ /* allow library's dependencies to be found in the same directory
+ * on Windows even if PATH is not set. Requires NSPR 4.8.1 . */
+ | PR_LD_ALT_SEARCH_PATH
+#endif
+ );
+ PORT_Free(fullName);
+ }
+ }
+ return dlh;
+}
+
+/*
+ * Load a shared library called "newShLibName" in the same directory as
+ * a shared library that is already loaded, called existingShLibName.
+ * A pointer to a static function in that shared library,
+ * staticShLibFunc, is required.
+ *
+ * existingShLibName:
+ * The file name of the shared library that shall be used as the
+ * "reference library". The loader will attempt to load the requested
+ * library from the same directory as the reference library.
+ *
+ * staticShLibFunc:
+ * Pointer to a static function in the "reference library".
+ *
+ * newShLibName:
+ * The simple file name of the new shared library to be loaded.
+ *
+ * We use PR_GetLibraryFilePathname to get the pathname of the loaded
+ * shared lib that contains this function, and then do a
+ * PR_LoadLibraryWithFlags with an absolute pathname for the shared
+ * library to be loaded.
+ *
+ * On Windows, the "alternate search path" strategy is employed, if available.
+ * On Unix, if existingShLibName is a symbolic link, and no link exists for the
+ * new library, the original link will be resolved, and the new library loaded
+ * from the resolved location.
+ *
+ * If the new shared library is not found in the same location as the reference
+ * library, it will then be loaded from the normal system library path.
+ *
+ */
+
+PRLibrary*
+PORT_LoadLibraryFromOrigin(const char* existingShLibName,
+ PRFuncPtr staticShLibFunc,
+ const char* newShLibName)
+{
+ PRLibrary* lib = NULL;
+ char* fullPath = NULL;
+ PRLibSpec libSpec;
+
+ /* Get the pathname for existingShLibName, e.g. /usr/lib/libnss3.so
+ * PR_GetLibraryFilePathname works with either the base library name or a
+ * function pointer, depending on the platform.
+ * We require the address of a function in the "reference library",
+ * provided by the caller. To avoid getting the address of the stub/thunk
+ * of an exported function by accident, use the address of a static
+ * function rather than an exported function.
+ */
+ fullPath = PR_GetLibraryFilePathname(existingShLibName,
+ staticShLibFunc);
+
+ if (fullPath) {
+ lib = loader_LoadLibInReferenceDir(fullPath, newShLibName);
+#ifdef XP_UNIX
+ if (!lib) {
+ /*
+ * If fullPath is a symbolic link, resolve the symbolic
+ * link and try again.
+ */
+ char* originalfullPath = loader_GetOriginalPathname(fullPath);
+ if (originalfullPath) {
+ PR_Free(fullPath);
+ fullPath = originalfullPath;
+ lib = loader_LoadLibInReferenceDir(fullPath, newShLibName);
+ }
+ }
+#endif
+ PR_Free(fullPath);
+ }
+ if (!lib) {
+#ifdef DEBUG_LOADER
+ PR_fprintf(PR_STDOUT, "\nAttempting to load %s\n", newShLibName);
+#endif
+ libSpec.type = PR_LibSpec_Pathname;
+ libSpec.value.pathname = newShLibName;
+ lib = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
+ }
+ if (NULL == lib) {
+#ifdef DEBUG_LOADER
+ PR_fprintf(PR_STDOUT, "\nLoading failed : %s.\n", newShLibName);
+#endif
+ }
+ return lib;
+}
diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c
new file mode 100644
index 000000000..da03b7c06
--- /dev/null
+++ b/security/nss/lib/util/secoid.c
@@ -0,0 +1,2306 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secoid.h"
+#include "pkcs11t.h"
+#include "secitem.h"
+#include "secerr.h"
+#include "prenv.h"
+#include "plhash.h"
+#include "nssrwlk.h"
+#include "nssutil.h"
+
+/* Library identity and versioning */
+
+#if defined(DEBUG)
+#define _DEBUG_STRING " (debug)"
+#else
+#define _DEBUG_STRING ""
+#endif
+
+/*
+ * Version information
+ */
+const char __nss_util_version[] = "Version: NSS " NSSUTIL_VERSION _DEBUG_STRING;
+
+/* MISSI Mosaic Object ID space */
+/* USGov algorithm OID space: { 2 16 840 1 101 } */
+#define USGOV 0x60, 0x86, 0x48, 0x01, 0x65
+#define MISSI USGOV, 0x02, 0x01, 0x01
+#define MISSI_OLD_KEA_DSS MISSI, 0x0c
+#define MISSI_OLD_DSS MISSI, 0x02
+#define MISSI_KEA_DSS MISSI, 0x14
+#define MISSI_DSS MISSI, 0x13
+#define MISSI_KEA MISSI, 0x0a
+#define MISSI_ALT_KEA MISSI, 0x16
+
+#define NISTALGS USGOV, 3, 4
+#define AES NISTALGS, 1
+#define SHAXXX NISTALGS, 2
+#define DSA2 NISTALGS, 3
+
+/**
+ ** The Netscape OID space is allocated by Terry Hayes. If you need
+ ** a piece of the space, contact him at thayes@netscape.com.
+ **/
+
+/* Netscape Communications Corporation Object ID space */
+/* { 2 16 840 1 113730 } */
+#define NETSCAPE_OID 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42
+#define NETSCAPE_CERT_EXT NETSCAPE_OID, 0x01
+#define NETSCAPE_DATA_TYPE NETSCAPE_OID, 0x02
+/* netscape directory oid - owned by Mark Smith (mcs@netscape.com) */
+#define NETSCAPE_DIRECTORY NETSCAPE_OID, 0x03
+#define NETSCAPE_POLICY NETSCAPE_OID, 0x04
+#define NETSCAPE_CERT_SERVER NETSCAPE_OID, 0x05
+#define NETSCAPE_ALGS NETSCAPE_OID, 0x06 /* algorithm OIDs */
+#define NETSCAPE_NAME_COMPONENTS NETSCAPE_OID, 0x07
+
+#define NETSCAPE_CERT_EXT_AIA NETSCAPE_CERT_EXT, 0x10
+#define NETSCAPE_CERT_SERVER_CRMF NETSCAPE_CERT_SERVER, 0x01
+
+/* these are old and should go away soon */
+#define OLD_NETSCAPE 0x60, 0x86, 0x48, 0xd8, 0x6a
+#define NS_CERT_EXT OLD_NETSCAPE, 0x01
+#define NS_FILE_TYPE OLD_NETSCAPE, 0x02
+#define NS_IMAGE_TYPE OLD_NETSCAPE, 0x03
+
+/* RSA OID name space */
+#define RSADSI 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d
+#define PKCS RSADSI, 0x01
+#define DIGEST RSADSI, 0x02
+#define CIPHER RSADSI, 0x03
+#define PKCS1 PKCS, 0x01
+#define PKCS5 PKCS, 0x05
+#define PKCS7 PKCS, 0x07
+#define PKCS9 PKCS, 0x09
+#define PKCS12 PKCS, 0x0c
+
+/* Other OID name spaces */
+#define ALGORITHM 0x2b, 0x0e, 0x03, 0x02
+#define X500 0x55
+#define X520_ATTRIBUTE_TYPE X500, 0x04
+#define X500_ALG X500, 0x08
+#define X500_ALG_ENCRYPTION X500_ALG, 0x01
+
+/** X.509 v3 Extension OID
+ ** {joint-iso-ccitt (2) ds(5) 29}
+ **/
+#define ID_CE_OID X500, 0x1d
+
+#define RFC1274_ATTR_TYPE 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x1
+/* #define RFC2247_ATTR_TYPE 0x09, 0x92, 0x26, 0xf5, 0x98, 0x1e, 0x64, 0x1 this is WRONG! */
+
+/* PKCS #12 name spaces */
+#define PKCS12_MODE_IDS PKCS12, 0x01
+#define PKCS12_ESPVK_IDS PKCS12, 0x02
+#define PKCS12_BAG_IDS PKCS12, 0x03
+#define PKCS12_CERT_BAG_IDS PKCS12, 0x04
+#define PKCS12_OIDS PKCS12, 0x05
+#define PKCS12_PBE_IDS PKCS12_OIDS, 0x01
+#define PKCS12_ENVELOPING_IDS PKCS12_OIDS, 0x02
+#define PKCS12_SIGNATURE_IDS PKCS12_OIDS, 0x03
+#define PKCS12_V2_PBE_IDS PKCS12, 0x01
+#define PKCS9_CERT_TYPES PKCS9, 0x16
+#define PKCS9_CRL_TYPES PKCS9, 0x17
+#define PKCS9_SMIME_IDS PKCS9, 0x10
+#define PKCS9_SMIME_ATTRS PKCS9_SMIME_IDS, 2
+#define PKCS9_SMIME_ALGS PKCS9_SMIME_IDS, 3
+#define PKCS12_VERSION1 PKCS12, 0x0a
+#define PKCS12_V1_BAG_IDS PKCS12_VERSION1, 1
+
+/* for DSA algorithm */
+/* { iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) } */
+#define ANSI_X9_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x38, 0x4
+
+/* for DH algorithm */
+/* { iso(1) member-body(2) us(840) x9-57(10046) number-type(2) } */
+/* need real OID person to look at this, copied the above line
+ * and added 6 to second to last value (and changed '4' to '2' */
+#define ANSI_X942_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x3e, 0x2
+
+#define VERISIGN 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45
+
+#define PKIX 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07
+#define PKIX_CERT_EXTENSIONS PKIX, 1
+#define PKIX_POLICY_QUALIFIERS PKIX, 2
+#define PKIX_KEY_USAGE PKIX, 3
+#define PKIX_ACCESS_DESCRIPTION PKIX, 0x30
+#define PKIX_OCSP PKIX_ACCESS_DESCRIPTION, 1
+#define PKIX_CA_ISSUERS PKIX_ACCESS_DESCRIPTION, 2
+
+#define PKIX_ID_PKIP PKIX, 5
+#define PKIX_ID_REGCTRL PKIX_ID_PKIP, 1
+#define PKIX_ID_REGINFO PKIX_ID_PKIP, 2
+
+/* Microsoft Object ID space */
+/* { 1.3.6.1.4.1.311 } */
+#define MICROSOFT_OID 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0x37
+#define EV_NAME_ATTRIBUTE MICROSOFT_OID, 60, 2, 1
+
+/* Microsoft Crypto 2.0 ID space */
+/* { 1.3.6.1.4.1.311.10 } */
+#define MS_CRYPTO_20 MICROSOFT_OID, 10
+/* Microsoft Crypto 2.0 Extended Key Usage ID space */
+/* { 1.3.6.1.4.1.311.10.3 } */
+#define MS_CRYPTO_EKU MS_CRYPTO_20, 3
+
+#define CERTICOM_OID 0x2b, 0x81, 0x04
+#define SECG_OID CERTICOM_OID, 0x00
+
+#define ANSI_X962_OID 0x2a, 0x86, 0x48, 0xce, 0x3d
+#define ANSI_X962_CURVE_OID ANSI_X962_OID, 0x03
+#define ANSI_X962_GF2m_OID ANSI_X962_CURVE_OID, 0x00
+#define ANSI_X962_GFp_OID ANSI_X962_CURVE_OID, 0x01
+#define ANSI_X962_SIGNATURE_OID ANSI_X962_OID, 0x04
+#define ANSI_X962_SPECIFY_OID ANSI_X962_SIGNATURE_OID, 0x03
+
+/* for Camellia: iso(1) member-body(2) jisc(392)
+ * mitsubishi(200011) isl(61) security(1) algorithm(1)
+ */
+#define MITSUBISHI_ALG 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01
+#define CAMELLIA_ENCRYPT_OID MITSUBISHI_ALG, 1
+#define CAMELLIA_WRAP_OID MITSUBISHI_ALG, 3
+
+/* For IDEA: 1.3.6.1.4.1.188.7.1.1
+ */
+#define ASCOM_OID 0x2b, 0x6, 0x1, 0x4, 0x1, 0xbc
+#define ASCOM_IDEA_ALG ASCOM_OID, 0x7, 0x1, 0x1
+
+/* for SEED : iso(1) member-body(2) korea(410)
+ * kisa(200004) algorithm(1)
+ */
+#define SEED_OID 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01
+
+#define CONST_OID static const unsigned char
+
+CONST_OID md2[] = { DIGEST, 0x02 };
+CONST_OID md4[] = { DIGEST, 0x04 };
+CONST_OID md5[] = { DIGEST, 0x05 };
+CONST_OID hmac_sha1[] = { DIGEST, 7 };
+CONST_OID hmac_sha224[] = { DIGEST, 8 };
+CONST_OID hmac_sha256[] = { DIGEST, 9 };
+CONST_OID hmac_sha384[] = { DIGEST, 10 };
+CONST_OID hmac_sha512[] = { DIGEST, 11 };
+
+CONST_OID rc2cbc[] = { CIPHER, 0x02 };
+CONST_OID rc4[] = { CIPHER, 0x04 };
+CONST_OID desede3cbc[] = { CIPHER, 0x07 };
+CONST_OID rc5cbcpad[] = { CIPHER, 0x09 };
+
+CONST_OID desecb[] = { ALGORITHM, 0x06 };
+CONST_OID descbc[] = { ALGORITHM, 0x07 };
+CONST_OID desofb[] = { ALGORITHM, 0x08 };
+CONST_OID descfb[] = { ALGORITHM, 0x09 };
+CONST_OID desmac[] = { ALGORITHM, 0x0a };
+CONST_OID sdn702DSASignature[] = { ALGORITHM, 0x0c };
+CONST_OID isoSHAWithRSASignature[] = { ALGORITHM, 0x0f };
+CONST_OID desede[] = { ALGORITHM, 0x11 };
+CONST_OID sha1[] = { ALGORITHM, 0x1a };
+CONST_OID bogusDSASignaturewithSHA1Digest[] = { ALGORITHM, 0x1b };
+CONST_OID isoSHA1WithRSASignature[] = { ALGORITHM, 0x1d };
+
+CONST_OID pkcs1RSAEncryption[] = { PKCS1, 0x01 };
+CONST_OID pkcs1MD2WithRSAEncryption[] = { PKCS1, 0x02 };
+CONST_OID pkcs1MD4WithRSAEncryption[] = { PKCS1, 0x03 };
+CONST_OID pkcs1MD5WithRSAEncryption[] = { PKCS1, 0x04 };
+CONST_OID pkcs1SHA1WithRSAEncryption[] = { PKCS1, 0x05 };
+CONST_OID pkcs1RSAOAEPEncryption[] = { PKCS1, 0x07 };
+CONST_OID pkcs1MGF1[] = { PKCS1, 0x08 };
+CONST_OID pkcs1PSpecified[] = { PKCS1, 0x09 };
+CONST_OID pkcs1RSAPSSSignature[] = { PKCS1, 10 };
+CONST_OID pkcs1SHA256WithRSAEncryption[] = { PKCS1, 11 };
+CONST_OID pkcs1SHA384WithRSAEncryption[] = { PKCS1, 12 };
+CONST_OID pkcs1SHA512WithRSAEncryption[] = { PKCS1, 13 };
+CONST_OID pkcs1SHA224WithRSAEncryption[] = { PKCS1, 14 };
+
+CONST_OID pkcs5PbeWithMD2AndDEScbc[] = { PKCS5, 0x01 };
+CONST_OID pkcs5PbeWithMD5AndDEScbc[] = { PKCS5, 0x03 };
+CONST_OID pkcs5PbeWithSha1AndDEScbc[] = { PKCS5, 0x0a };
+CONST_OID pkcs5Pbkdf2[] = { PKCS5, 12 };
+CONST_OID pkcs5Pbes2[] = { PKCS5, 13 };
+CONST_OID pkcs5Pbmac1[] = { PKCS5, 14 };
+
+CONST_OID pkcs7[] = { PKCS7 };
+CONST_OID pkcs7Data[] = { PKCS7, 0x01 };
+CONST_OID pkcs7SignedData[] = { PKCS7, 0x02 };
+CONST_OID pkcs7EnvelopedData[] = { PKCS7, 0x03 };
+CONST_OID pkcs7SignedEnvelopedData[] = { PKCS7, 0x04 };
+CONST_OID pkcs7DigestedData[] = { PKCS7, 0x05 };
+CONST_OID pkcs7EncryptedData[] = { PKCS7, 0x06 };
+
+CONST_OID pkcs9EmailAddress[] = { PKCS9, 0x01 };
+CONST_OID pkcs9UnstructuredName[] = { PKCS9, 0x02 };
+CONST_OID pkcs9ContentType[] = { PKCS9, 0x03 };
+CONST_OID pkcs9MessageDigest[] = { PKCS9, 0x04 };
+CONST_OID pkcs9SigningTime[] = { PKCS9, 0x05 };
+CONST_OID pkcs9CounterSignature[] = { PKCS9, 0x06 };
+CONST_OID pkcs9ChallengePassword[] = { PKCS9, 0x07 };
+CONST_OID pkcs9UnstructuredAddress[] = { PKCS9, 0x08 };
+CONST_OID pkcs9ExtendedCertificateAttributes[] = { PKCS9, 0x09 };
+CONST_OID pkcs9ExtensionRequest[] = { PKCS9, 14 };
+CONST_OID pkcs9SMIMECapabilities[] = { PKCS9, 15 };
+CONST_OID pkcs9FriendlyName[] = { PKCS9, 20 };
+CONST_OID pkcs9LocalKeyID[] = { PKCS9, 21 };
+
+CONST_OID pkcs9X509Certificate[] = { PKCS9_CERT_TYPES, 1 };
+CONST_OID pkcs9SDSICertificate[] = { PKCS9_CERT_TYPES, 2 };
+CONST_OID pkcs9X509CRL[] = { PKCS9_CRL_TYPES, 1 };
+
+/* RFC2630 (CMS) OIDs */
+CONST_OID cmsESDH[] = { PKCS9_SMIME_ALGS, 5 };
+CONST_OID cms3DESwrap[] = { PKCS9_SMIME_ALGS, 6 };
+CONST_OID cmsRC2wrap[] = { PKCS9_SMIME_ALGS, 7 };
+
+/* RFC2633 SMIME message attributes */
+CONST_OID smimeEncryptionKeyPreference[] = { PKCS9_SMIME_ATTRS, 11 };
+CONST_OID ms_smimeEncryptionKeyPreference[] = { MICROSOFT_OID, 0x10, 0x4 };
+
+CONST_OID x520CommonName[] = { X520_ATTRIBUTE_TYPE, 3 };
+CONST_OID x520SurName[] = { X520_ATTRIBUTE_TYPE, 4 };
+CONST_OID x520SerialNumber[] = { X520_ATTRIBUTE_TYPE, 5 };
+CONST_OID x520CountryName[] = { X520_ATTRIBUTE_TYPE, 6 };
+CONST_OID x520LocalityName[] = { X520_ATTRIBUTE_TYPE, 7 };
+CONST_OID x520StateOrProvinceName[] = { X520_ATTRIBUTE_TYPE, 8 };
+CONST_OID x520StreetAddress[] = { X520_ATTRIBUTE_TYPE, 9 };
+CONST_OID x520OrgName[] = { X520_ATTRIBUTE_TYPE, 10 };
+CONST_OID x520OrgUnitName[] = { X520_ATTRIBUTE_TYPE, 11 };
+CONST_OID x520Title[] = { X520_ATTRIBUTE_TYPE, 12 };
+CONST_OID x520BusinessCategory[] = { X520_ATTRIBUTE_TYPE, 15 };
+CONST_OID x520PostalAddress[] = { X520_ATTRIBUTE_TYPE, 16 };
+CONST_OID x520PostalCode[] = { X520_ATTRIBUTE_TYPE, 17 };
+CONST_OID x520PostOfficeBox[] = { X520_ATTRIBUTE_TYPE, 18 };
+CONST_OID x520Name[] = { X520_ATTRIBUTE_TYPE, 41 };
+CONST_OID x520GivenName[] = { X520_ATTRIBUTE_TYPE, 42 };
+CONST_OID x520Initials[] = { X520_ATTRIBUTE_TYPE, 43 };
+CONST_OID x520GenerationQualifier[] = { X520_ATTRIBUTE_TYPE, 44 };
+CONST_OID x520DnQualifier[] = { X520_ATTRIBUTE_TYPE, 46 };
+CONST_OID x520HouseIdentifier[] = { X520_ATTRIBUTE_TYPE, 51 };
+CONST_OID x520Pseudonym[] = { X520_ATTRIBUTE_TYPE, 65 };
+
+CONST_OID nsTypeGIF[] = { NETSCAPE_DATA_TYPE, 0x01 };
+CONST_OID nsTypeJPEG[] = { NETSCAPE_DATA_TYPE, 0x02 };
+CONST_OID nsTypeURL[] = { NETSCAPE_DATA_TYPE, 0x03 };
+CONST_OID nsTypeHTML[] = { NETSCAPE_DATA_TYPE, 0x04 };
+CONST_OID nsTypeCertSeq[] = { NETSCAPE_DATA_TYPE, 0x05 };
+
+CONST_OID missiCertKEADSSOld[] = { MISSI_OLD_KEA_DSS };
+CONST_OID missiCertDSSOld[] = { MISSI_OLD_DSS };
+CONST_OID missiCertKEADSS[] = { MISSI_KEA_DSS };
+CONST_OID missiCertDSS[] = { MISSI_DSS };
+CONST_OID missiCertKEA[] = { MISSI_KEA };
+CONST_OID missiCertAltKEA[] = { MISSI_ALT_KEA };
+CONST_OID x500RSAEncryption[] = { X500_ALG_ENCRYPTION, 0x01 };
+
+/* added for alg 1485 */
+CONST_OID rfc1274Uid[] = { RFC1274_ATTR_TYPE, 1 };
+CONST_OID rfc1274Mail[] = { RFC1274_ATTR_TYPE, 3 };
+CONST_OID rfc2247DomainComponent[] = { RFC1274_ATTR_TYPE, 25 };
+
+/* Netscape private certificate extensions */
+CONST_OID nsCertExtNetscapeOK[] = { NS_CERT_EXT, 1 };
+CONST_OID nsCertExtIssuerLogo[] = { NS_CERT_EXT, 2 };
+CONST_OID nsCertExtSubjectLogo[] = { NS_CERT_EXT, 3 };
+CONST_OID nsExtCertType[] = { NETSCAPE_CERT_EXT, 0x01 };
+CONST_OID nsExtBaseURL[] = { NETSCAPE_CERT_EXT, 0x02 };
+CONST_OID nsExtRevocationURL[] = { NETSCAPE_CERT_EXT, 0x03 };
+CONST_OID nsExtCARevocationURL[] = { NETSCAPE_CERT_EXT, 0x04 };
+CONST_OID nsExtCACRLURL[] = { NETSCAPE_CERT_EXT, 0x05 };
+CONST_OID nsExtCACertURL[] = { NETSCAPE_CERT_EXT, 0x06 };
+CONST_OID nsExtCertRenewalURL[] = { NETSCAPE_CERT_EXT, 0x07 };
+CONST_OID nsExtCAPolicyURL[] = { NETSCAPE_CERT_EXT, 0x08 };
+CONST_OID nsExtHomepageURL[] = { NETSCAPE_CERT_EXT, 0x09 };
+CONST_OID nsExtEntityLogo[] = { NETSCAPE_CERT_EXT, 0x0a };
+CONST_OID nsExtUserPicture[] = { NETSCAPE_CERT_EXT, 0x0b };
+CONST_OID nsExtSSLServerName[] = { NETSCAPE_CERT_EXT, 0x0c };
+CONST_OID nsExtComment[] = { NETSCAPE_CERT_EXT, 0x0d };
+
+/* the following 2 extensions are defined for and used by Cartman(NSM) */
+CONST_OID nsExtLostPasswordURL[] = { NETSCAPE_CERT_EXT, 0x0e };
+CONST_OID nsExtCertRenewalTime[] = { NETSCAPE_CERT_EXT, 0x0f };
+
+CONST_OID nsExtAIACertRenewal[] = { NETSCAPE_CERT_EXT_AIA, 0x01 };
+CONST_OID nsExtCertScopeOfUse[] = { NETSCAPE_CERT_EXT, 0x11 };
+/* Reserved Netscape (2 16 840 1 113730 1 18) = { NETSCAPE_CERT_EXT, 0x12 }; */
+
+/* Netscape policy values */
+CONST_OID nsKeyUsageGovtApproved[] = { NETSCAPE_POLICY, 0x01 };
+
+/* Netscape other name types */
+CONST_OID netscapeNickname[] = { NETSCAPE_NAME_COMPONENTS, 0x01 };
+CONST_OID netscapeAOLScreenname[] = { NETSCAPE_NAME_COMPONENTS, 0x02 };
+
+/* OIDs needed for cert server */
+CONST_OID netscapeRecoveryRequest[] = { NETSCAPE_CERT_SERVER_CRMF, 0x01 };
+
+/* Standard x.509 v3 Certificate & CRL Extensions */
+CONST_OID x509SubjectDirectoryAttr[] = { ID_CE_OID, 9 };
+CONST_OID x509SubjectKeyID[] = { ID_CE_OID, 14 };
+CONST_OID x509KeyUsage[] = { ID_CE_OID, 15 };
+CONST_OID x509PrivateKeyUsagePeriod[] = { ID_CE_OID, 16 };
+CONST_OID x509SubjectAltName[] = { ID_CE_OID, 17 };
+CONST_OID x509IssuerAltName[] = { ID_CE_OID, 18 };
+CONST_OID x509BasicConstraints[] = { ID_CE_OID, 19 };
+CONST_OID x509CRLNumber[] = { ID_CE_OID, 20 };
+CONST_OID x509ReasonCode[] = { ID_CE_OID, 21 };
+CONST_OID x509HoldInstructionCode[] = { ID_CE_OID, 23 };
+CONST_OID x509InvalidDate[] = { ID_CE_OID, 24 };
+CONST_OID x509DeltaCRLIndicator[] = { ID_CE_OID, 27 };
+CONST_OID x509IssuingDistributionPoint[] = { ID_CE_OID, 28 };
+CONST_OID x509CertIssuer[] = { ID_CE_OID, 29 };
+CONST_OID x509NameConstraints[] = { ID_CE_OID, 30 };
+CONST_OID x509CRLDistPoints[] = { ID_CE_OID, 31 };
+CONST_OID x509CertificatePolicies[] = { ID_CE_OID, 32 };
+CONST_OID x509PolicyMappings[] = { ID_CE_OID, 33 };
+CONST_OID x509AuthKeyID[] = { ID_CE_OID, 35 };
+CONST_OID x509PolicyConstraints[] = { ID_CE_OID, 36 };
+CONST_OID x509ExtKeyUsage[] = { ID_CE_OID, 37 };
+CONST_OID x509FreshestCRL[] = { ID_CE_OID, 46 };
+CONST_OID x509InhibitAnyPolicy[] = { ID_CE_OID, 54 };
+
+CONST_OID x509CertificatePoliciesAnyPolicy[] = { ID_CE_OID, 32, 0 };
+
+CONST_OID x509AuthInfoAccess[] = { PKIX_CERT_EXTENSIONS, 1 };
+CONST_OID x509SubjectInfoAccess[] = { PKIX_CERT_EXTENSIONS, 11 };
+
+CONST_OID x509SIATimeStamping[] = { PKIX_ACCESS_DESCRIPTION, 0x03 };
+CONST_OID x509SIACaRepository[] = { PKIX_ACCESS_DESCRIPTION, 0x05 };
+
+/* pkcs 12 additions */
+CONST_OID pkcs12[] = { PKCS12 };
+CONST_OID pkcs12ModeIDs[] = { PKCS12_MODE_IDS };
+CONST_OID pkcs12ESPVKIDs[] = { PKCS12_ESPVK_IDS };
+CONST_OID pkcs12BagIDs[] = { PKCS12_BAG_IDS };
+CONST_OID pkcs12CertBagIDs[] = { PKCS12_CERT_BAG_IDS };
+CONST_OID pkcs12OIDs[] = { PKCS12_OIDS };
+CONST_OID pkcs12PBEIDs[] = { PKCS12_PBE_IDS };
+CONST_OID pkcs12EnvelopingIDs[] = { PKCS12_ENVELOPING_IDS };
+CONST_OID pkcs12SignatureIDs[] = { PKCS12_SIGNATURE_IDS };
+CONST_OID pkcs12PKCS8KeyShrouding[] = { PKCS12_ESPVK_IDS, 0x01 };
+CONST_OID pkcs12KeyBagID[] = { PKCS12_BAG_IDS, 0x01 };
+CONST_OID pkcs12CertAndCRLBagID[] = { PKCS12_BAG_IDS, 0x02 };
+CONST_OID pkcs12SecretBagID[] = { PKCS12_BAG_IDS, 0x03 };
+CONST_OID pkcs12X509CertCRLBag[] = { PKCS12_CERT_BAG_IDS, 0x01 };
+CONST_OID pkcs12SDSICertBag[] = { PKCS12_CERT_BAG_IDS, 0x02 };
+CONST_OID pkcs12PBEWithSha1And128BitRC4[] = { PKCS12_PBE_IDS, 0x01 };
+CONST_OID pkcs12PBEWithSha1And40BitRC4[] = { PKCS12_PBE_IDS, 0x02 };
+CONST_OID pkcs12PBEWithSha1AndTripleDESCBC[] = { PKCS12_PBE_IDS, 0x03 };
+CONST_OID pkcs12PBEWithSha1And128BitRC2CBC[] = { PKCS12_PBE_IDS, 0x04 };
+CONST_OID pkcs12PBEWithSha1And40BitRC2CBC[] = { PKCS12_PBE_IDS, 0x05 };
+CONST_OID pkcs12RSAEncryptionWith128BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x01 };
+CONST_OID pkcs12RSAEncryptionWith40BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x02 };
+CONST_OID pkcs12RSAEncryptionWithTripleDES[] = { PKCS12_ENVELOPING_IDS, 0x03 };
+CONST_OID pkcs12RSASignatureWithSHA1Digest[] = { PKCS12_SIGNATURE_IDS, 0x01 };
+
+/* pkcs 12 version 1.0 ids */
+CONST_OID pkcs12V2PBEWithSha1And128BitRC4[] = { PKCS12_V2_PBE_IDS, 0x01 };
+CONST_OID pkcs12V2PBEWithSha1And40BitRC4[] = { PKCS12_V2_PBE_IDS, 0x02 };
+CONST_OID pkcs12V2PBEWithSha1And3KeyTripleDEScbc[] = { PKCS12_V2_PBE_IDS, 0x03 };
+CONST_OID pkcs12V2PBEWithSha1And2KeyTripleDEScbc[] = { PKCS12_V2_PBE_IDS, 0x04 };
+CONST_OID pkcs12V2PBEWithSha1And128BitRC2cbc[] = { PKCS12_V2_PBE_IDS, 0x05 };
+CONST_OID pkcs12V2PBEWithSha1And40BitRC2cbc[] = { PKCS12_V2_PBE_IDS, 0x06 };
+
+CONST_OID pkcs12SafeContentsID[] = { PKCS12_BAG_IDS, 0x04 };
+CONST_OID pkcs12PKCS8ShroudedKeyBagID[] = { PKCS12_BAG_IDS, 0x05 };
+
+CONST_OID pkcs12V1KeyBag[] = { PKCS12_V1_BAG_IDS, 0x01 };
+CONST_OID pkcs12V1PKCS8ShroudedKeyBag[] = { PKCS12_V1_BAG_IDS, 0x02 };
+CONST_OID pkcs12V1CertBag[] = { PKCS12_V1_BAG_IDS, 0x03 };
+CONST_OID pkcs12V1CRLBag[] = { PKCS12_V1_BAG_IDS, 0x04 };
+CONST_OID pkcs12V1SecretBag[] = { PKCS12_V1_BAG_IDS, 0x05 };
+CONST_OID pkcs12V1SafeContentsBag[] = { PKCS12_V1_BAG_IDS, 0x06 };
+
+/* The following encoding is INCORRECT, but correcting it would create a
+ * duplicate OID in the table. So, we will leave it alone.
+ */
+CONST_OID pkcs12KeyUsageAttr[] = { 2, 5, 29, 15 };
+
+CONST_OID ansix9DSASignature[] = { ANSI_X9_ALGORITHM, 0x01 };
+CONST_OID ansix9DSASignaturewithSHA1Digest[] = { ANSI_X9_ALGORITHM, 0x03 };
+CONST_OID nistDSASignaturewithSHA224Digest[] = { DSA2, 0x01 };
+CONST_OID nistDSASignaturewithSHA256Digest[] = { DSA2, 0x02 };
+
+/* verisign OIDs */
+CONST_OID verisignUserNotices[] = { VERISIGN, 1, 7, 1, 1 };
+
+/* pkix OIDs */
+CONST_OID pkixCPSPointerQualifier[] = { PKIX_POLICY_QUALIFIERS, 1 };
+CONST_OID pkixUserNoticeQualifier[] = { PKIX_POLICY_QUALIFIERS, 2 };
+
+CONST_OID pkixOCSP[] = { PKIX_OCSP };
+CONST_OID pkixOCSPBasicResponse[] = { PKIX_OCSP, 1 };
+CONST_OID pkixOCSPNonce[] = { PKIX_OCSP, 2 };
+CONST_OID pkixOCSPCRL[] = { PKIX_OCSP, 3 };
+CONST_OID pkixOCSPResponse[] = { PKIX_OCSP, 4 };
+CONST_OID pkixOCSPNoCheck[] = { PKIX_OCSP, 5 };
+CONST_OID pkixOCSPArchiveCutoff[] = { PKIX_OCSP, 6 };
+CONST_OID pkixOCSPServiceLocator[] = { PKIX_OCSP, 7 };
+
+CONST_OID pkixCAIssuers[] = { PKIX_CA_ISSUERS };
+
+CONST_OID pkixRegCtrlRegToken[] = { PKIX_ID_REGCTRL, 1 };
+CONST_OID pkixRegCtrlAuthenticator[] = { PKIX_ID_REGCTRL, 2 };
+CONST_OID pkixRegCtrlPKIPubInfo[] = { PKIX_ID_REGCTRL, 3 };
+CONST_OID pkixRegCtrlPKIArchOptions[] = { PKIX_ID_REGCTRL, 4 };
+CONST_OID pkixRegCtrlOldCertID[] = { PKIX_ID_REGCTRL, 5 };
+CONST_OID pkixRegCtrlProtEncKey[] = { PKIX_ID_REGCTRL, 6 };
+CONST_OID pkixRegInfoUTF8Pairs[] = { PKIX_ID_REGINFO, 1 };
+CONST_OID pkixRegInfoCertReq[] = { PKIX_ID_REGINFO, 2 };
+
+CONST_OID pkixExtendedKeyUsageServerAuth[] = { PKIX_KEY_USAGE, 1 };
+CONST_OID pkixExtendedKeyUsageClientAuth[] = { PKIX_KEY_USAGE, 2 };
+CONST_OID pkixExtendedKeyUsageCodeSign[] = { PKIX_KEY_USAGE, 3 };
+CONST_OID pkixExtendedKeyUsageEMailProtect[] = { PKIX_KEY_USAGE, 4 };
+CONST_OID pkixExtendedKeyUsageTimeStamp[] = { PKIX_KEY_USAGE, 8 };
+CONST_OID pkixOCSPResponderExtendedKeyUsage[] = { PKIX_KEY_USAGE, 9 };
+CONST_OID msExtendedKeyUsageTrustListSigning[] = { MS_CRYPTO_EKU, 1 };
+
+/* OIDs for Netscape defined algorithms */
+CONST_OID netscapeSMimeKEA[] = { NETSCAPE_ALGS, 0x01 };
+
+/* Fortezza algorithm OIDs */
+CONST_OID skipjackCBC[] = { MISSI, 0x04 };
+CONST_OID dhPublicKey[] = { ANSI_X942_ALGORITHM, 0x1 };
+
+CONST_OID idea_CBC[] = { ASCOM_IDEA_ALG, 2 };
+CONST_OID aes128_GCM[] = { AES, 0x6 };
+CONST_OID aes192_GCM[] = { AES, 0x1a };
+CONST_OID aes256_GCM[] = { AES, 0x2e };
+CONST_OID aes128_ECB[] = { AES, 1 };
+CONST_OID aes128_CBC[] = { AES, 2 };
+#ifdef DEFINE_ALL_AES_CIPHERS
+CONST_OID aes128_OFB[] = { AES, 3 };
+CONST_OID aes128_CFB[] = { AES, 4 };
+#endif
+CONST_OID aes128_KEY_WRAP[] = { AES, 5 };
+
+CONST_OID aes192_ECB[] = { AES, 21 };
+CONST_OID aes192_CBC[] = { AES, 22 };
+#ifdef DEFINE_ALL_AES_CIPHERS
+CONST_OID aes192_OFB[] = { AES, 23 };
+CONST_OID aes192_CFB[] = { AES, 24 };
+#endif
+CONST_OID aes192_KEY_WRAP[] = { AES, 25 };
+
+CONST_OID aes256_ECB[] = { AES, 41 };
+CONST_OID aes256_CBC[] = { AES, 42 };
+#ifdef DEFINE_ALL_AES_CIPHERS
+CONST_OID aes256_OFB[] = { AES, 43 };
+CONST_OID aes256_CFB[] = { AES, 44 };
+#endif
+CONST_OID aes256_KEY_WRAP[] = { AES, 45 };
+
+CONST_OID camellia128_CBC[] = { CAMELLIA_ENCRYPT_OID, 2 };
+CONST_OID camellia192_CBC[] = { CAMELLIA_ENCRYPT_OID, 3 };
+CONST_OID camellia256_CBC[] = { CAMELLIA_ENCRYPT_OID, 4 };
+
+CONST_OID sha256[] = { SHAXXX, 1 };
+CONST_OID sha384[] = { SHAXXX, 2 };
+CONST_OID sha512[] = { SHAXXX, 3 };
+CONST_OID sha224[] = { SHAXXX, 4 };
+
+CONST_OID ansix962ECPublicKey[] = { ANSI_X962_OID, 0x02, 0x01 };
+CONST_OID ansix962SignaturewithSHA1Digest[] = { ANSI_X962_SIGNATURE_OID, 0x01 };
+CONST_OID ansix962SignatureRecommended[] = { ANSI_X962_SIGNATURE_OID, 0x02 };
+CONST_OID ansix962SignatureSpecified[] = { ANSI_X962_SPECIFY_OID };
+CONST_OID ansix962SignaturewithSHA224Digest[] = { ANSI_X962_SPECIFY_OID, 0x01 };
+CONST_OID ansix962SignaturewithSHA256Digest[] = { ANSI_X962_SPECIFY_OID, 0x02 };
+CONST_OID ansix962SignaturewithSHA384Digest[] = { ANSI_X962_SPECIFY_OID, 0x03 };
+CONST_OID ansix962SignaturewithSHA512Digest[] = { ANSI_X962_SPECIFY_OID, 0x04 };
+
+/* ANSI X9.62 prime curve OIDs */
+/* NOTE: prime192v1 is the same as secp192r1, prime256v1 is the
+ * same as secp256r1
+ */
+CONST_OID ansiX962prime192v1[] = { ANSI_X962_GFp_OID, 0x01 }; /* unsupported by freebl */
+CONST_OID ansiX962prime192v2[] = { ANSI_X962_GFp_OID, 0x02 }; /* unsupported by freebl */
+CONST_OID ansiX962prime192v3[] = { ANSI_X962_GFp_OID, 0x03 }; /* unsupported by freebl */
+CONST_OID ansiX962prime239v1[] = { ANSI_X962_GFp_OID, 0x04 }; /* unsupported by freebl */
+CONST_OID ansiX962prime239v2[] = { ANSI_X962_GFp_OID, 0x05 }; /* unsupported by freebl */
+CONST_OID ansiX962prime239v3[] = { ANSI_X962_GFp_OID, 0x06 }; /* unsupported by freebl */
+CONST_OID ansiX962prime256v1[] = { ANSI_X962_GFp_OID, 0x07 };
+
+/* SECG prime curve OIDs */
+CONST_OID secgECsecp112r1[] = { SECG_OID, 0x06 }; /* unsupported by freebl */
+CONST_OID secgECsecp112r2[] = { SECG_OID, 0x07 }; /* unsupported by freebl */
+CONST_OID secgECsecp128r1[] = { SECG_OID, 0x1c }; /* unsupported by freebl */
+CONST_OID secgECsecp128r2[] = { SECG_OID, 0x1d }; /* unsupported by freebl */
+CONST_OID secgECsecp160k1[] = { SECG_OID, 0x09 }; /* unsupported by freebl */
+CONST_OID secgECsecp160r1[] = { SECG_OID, 0x08 }; /* unsupported by freebl */
+CONST_OID secgECsecp160r2[] = { SECG_OID, 0x1e }; /* unsupported by freebl */
+CONST_OID secgECsecp192k1[] = { SECG_OID, 0x1f }; /* unsupported by freebl */
+CONST_OID secgECsecp224k1[] = { SECG_OID, 0x20 }; /* unsupported by freebl */
+CONST_OID secgECsecp224r1[] = { SECG_OID, 0x21 }; /* unsupported by freebl */
+CONST_OID secgECsecp256k1[] = { SECG_OID, 0x0a }; /* unsupported by freebl */
+CONST_OID secgECsecp384r1[] = { SECG_OID, 0x22 };
+CONST_OID secgECsecp521r1[] = { SECG_OID, 0x23 };
+
+/* ANSI X9.62 characteristic two curve OIDs */
+CONST_OID ansiX962c2pnb163v1[] = { ANSI_X962_GF2m_OID, 0x01 }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb163v2[] = { ANSI_X962_GF2m_OID, 0x02 }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb163v3[] = { ANSI_X962_GF2m_OID, 0x03 }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb176v1[] = { ANSI_X962_GF2m_OID, 0x04 }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb191v1[] = { ANSI_X962_GF2m_OID, 0x05 }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb191v2[] = { ANSI_X962_GF2m_OID, 0x06 }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb191v3[] = { ANSI_X962_GF2m_OID, 0x07 }; /* unsupported by freebl */
+CONST_OID ansiX962c2onb191v4[] = { ANSI_X962_GF2m_OID, 0x08 }; /* unsupported by freebl */
+CONST_OID ansiX962c2onb191v5[] = { ANSI_X962_GF2m_OID, 0x09 }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb208w1[] = { ANSI_X962_GF2m_OID, 0x0a }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb239v1[] = { ANSI_X962_GF2m_OID, 0x0b }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb239v2[] = { ANSI_X962_GF2m_OID, 0x0c }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb239v3[] = { ANSI_X962_GF2m_OID, 0x0d }; /* unsupported by freebl */
+CONST_OID ansiX962c2onb239v4[] = { ANSI_X962_GF2m_OID, 0x0e }; /* unsupported by freebl */
+CONST_OID ansiX962c2onb239v5[] = { ANSI_X962_GF2m_OID, 0x0f }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb272w1[] = { ANSI_X962_GF2m_OID, 0x10 }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb304w1[] = { ANSI_X962_GF2m_OID, 0x11 }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb359v1[] = { ANSI_X962_GF2m_OID, 0x12 }; /* unsupported by freebl */
+CONST_OID ansiX962c2pnb368w1[] = { ANSI_X962_GF2m_OID, 0x13 }; /* unsupported by freebl */
+CONST_OID ansiX962c2tnb431r1[] = { ANSI_X962_GF2m_OID, 0x14 }; /* unsupported by freebl */
+
+/* SECG characterisitic two curve OIDs */
+CONST_OID secgECsect113r1[] = { SECG_OID, 0x04 }; /* unsupported by freebl */
+CONST_OID secgECsect113r2[] = { SECG_OID, 0x05 }; /* unsupported by freebl */
+CONST_OID secgECsect131r1[] = { SECG_OID, 0x16 }; /* unsupported by freebl */
+CONST_OID secgECsect131r2[] = { SECG_OID, 0x17 }; /* unsupported by freebl */
+CONST_OID secgECsect163k1[] = { SECG_OID, 0x01 }; /* unsupported by freebl */
+CONST_OID secgECsect163r1[] = { SECG_OID, 0x02 }; /* unsupported by freebl */
+CONST_OID secgECsect163r2[] = { SECG_OID, 0x0f }; /* unsupported by freebl */
+CONST_OID secgECsect193r1[] = { SECG_OID, 0x18 }; /* unsupported by freebl */
+CONST_OID secgECsect193r2[] = { SECG_OID, 0x19 }; /* unsupported by freebl */
+CONST_OID secgECsect233k1[] = { SECG_OID, 0x1a }; /* unsupported by freebl */
+CONST_OID secgECsect233r1[] = { SECG_OID, 0x1b }; /* unsupported by freebl */
+CONST_OID secgECsect239k1[] = { SECG_OID, 0x03 }; /* unsupported by freebl */
+CONST_OID secgECsect283k1[] = { SECG_OID, 0x10 }; /* unsupported by freebl */
+CONST_OID secgECsect283r1[] = { SECG_OID, 0x11 }; /* unsupported by freebl */
+CONST_OID secgECsect409k1[] = { SECG_OID, 0x24 }; /* unsupported by freebl */
+CONST_OID secgECsect409r1[] = { SECG_OID, 0x25 }; /* unsupported by freebl */
+CONST_OID secgECsect571k1[] = { SECG_OID, 0x26 }; /* unsupported by freebl */
+CONST_OID secgECsect571r1[] = { SECG_OID, 0x27 }; /* unsupported by freebl */
+
+CONST_OID seed_CBC[] = { SEED_OID, 4 };
+
+CONST_OID evIncorporationLocality[] = { EV_NAME_ATTRIBUTE, 1 };
+CONST_OID evIncorporationState[] = { EV_NAME_ATTRIBUTE, 2 };
+CONST_OID evIncorporationCountry[] = { EV_NAME_ATTRIBUTE, 3 };
+
+/* https://tools.ietf.org/html/draft-josefsson-pkix-newcurves-01
+ * 1.3.6.1.4.1.11591.15.1
+ */
+CONST_OID curve25519[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01 };
+
+#define OI(x) \
+ { \
+ siDEROID, (unsigned char *)x, sizeof x \
+ }
+#ifndef SECOID_NO_STRINGS
+#define OD(oid, tag, desc, mech, ext) \
+ { \
+ OI(oid) \
+ , tag, desc, mech, ext \
+ }
+#define ODE(tag, desc, mech, ext) \
+ { \
+ { siDEROID, NULL, 0 }, tag, desc, mech, ext \
+ }
+#else
+#define OD(oid, tag, desc, mech, ext) \
+ { \
+ OI(oid) \
+ , tag, 0, mech, ext \
+ }
+#define ODE(tag, desc, mech, ext) \
+ { \
+ { siDEROID, NULL, 0 }, tag, 0, mech, ext \
+ }
+#endif
+
+#if defined(NSS_ALLOW_UNSUPPORTED_CRITICAL)
+#define FAKE_SUPPORTED_CERT_EXTENSION SUPPORTED_CERT_EXTENSION
+#else
+#define FAKE_SUPPORTED_CERT_EXTENSION UNSUPPORTED_CERT_EXTENSION
+#endif
+
+/*
+ * NOTE: the order of these entries must mach the SECOidTag enum in secoidt.h!
+ */
+const static SECOidData oids[SEC_OID_TOTAL] = {
+ { { siDEROID, NULL, 0 }, SEC_OID_UNKNOWN, "Unknown OID", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION },
+ OD(md2, SEC_OID_MD2, "MD2", CKM_MD2, INVALID_CERT_EXTENSION),
+ OD(md4, SEC_OID_MD4,
+ "MD4", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(md5, SEC_OID_MD5, "MD5", CKM_MD5, INVALID_CERT_EXTENSION),
+ OD(sha1, SEC_OID_SHA1, "SHA-1", CKM_SHA_1, INVALID_CERT_EXTENSION),
+ OD(rc2cbc, SEC_OID_RC2_CBC,
+ "RC2-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION),
+ OD(rc4, SEC_OID_RC4, "RC4", CKM_RC4, INVALID_CERT_EXTENSION),
+ OD(desede3cbc, SEC_OID_DES_EDE3_CBC,
+ "DES-EDE3-CBC", CKM_DES3_CBC, INVALID_CERT_EXTENSION),
+ OD(rc5cbcpad, SEC_OID_RC5_CBC_PAD,
+ "RC5-CBCPad", CKM_RC5_CBC, INVALID_CERT_EXTENSION),
+ OD(desecb, SEC_OID_DES_ECB,
+ "DES-ECB", CKM_DES_ECB, INVALID_CERT_EXTENSION),
+ OD(descbc, SEC_OID_DES_CBC,
+ "DES-CBC", CKM_DES_CBC, INVALID_CERT_EXTENSION),
+ OD(desofb, SEC_OID_DES_OFB,
+ "DES-OFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(descfb, SEC_OID_DES_CFB,
+ "DES-CFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(desmac, SEC_OID_DES_MAC,
+ "DES-MAC", CKM_DES_MAC, INVALID_CERT_EXTENSION),
+ OD(desede, SEC_OID_DES_EDE,
+ "DES-EDE", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(isoSHAWithRSASignature, SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE,
+ "ISO SHA with RSA Signature",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs1RSAEncryption, SEC_OID_PKCS1_RSA_ENCRYPTION,
+ "PKCS #1 RSA Encryption", CKM_RSA_PKCS, INVALID_CERT_EXTENSION),
+
+ /* the following Signing mechanisms should get new CKM_ values when
+ * values for CKM_RSA_WITH_MDX and CKM_RSA_WITH_SHA_1 get defined in
+ * PKCS #11.
+ */
+ OD(pkcs1MD2WithRSAEncryption, SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION,
+ "PKCS #1 MD2 With RSA Encryption", CKM_MD2_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+ OD(pkcs1MD4WithRSAEncryption, SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION,
+ "PKCS #1 MD4 With RSA Encryption",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs1MD5WithRSAEncryption, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,
+ "PKCS #1 MD5 With RSA Encryption", CKM_MD5_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+ OD(pkcs1SHA1WithRSAEncryption, SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION,
+ "PKCS #1 SHA-1 With RSA Encryption", CKM_SHA1_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+
+ OD(pkcs5PbeWithMD2AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC,
+ "PKCS #5 Password Based Encryption with MD2 and DES-CBC",
+ CKM_PBE_MD2_DES_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs5PbeWithMD5AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC,
+ "PKCS #5 Password Based Encryption with MD5 and DES-CBC",
+ CKM_PBE_MD5_DES_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs5PbeWithSha1AndDEScbc, SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
+ "PKCS #5 Password Based Encryption with SHA-1 and DES-CBC",
+ CKM_NETSCAPE_PBE_SHA1_DES_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs7, SEC_OID_PKCS7,
+ "PKCS #7", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs7Data, SEC_OID_PKCS7_DATA,
+ "PKCS #7 Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs7SignedData, SEC_OID_PKCS7_SIGNED_DATA,
+ "PKCS #7 Signed Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs7EnvelopedData, SEC_OID_PKCS7_ENVELOPED_DATA,
+ "PKCS #7 Enveloped Data",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs7SignedEnvelopedData, SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA,
+ "PKCS #7 Signed And Enveloped Data",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs7DigestedData, SEC_OID_PKCS7_DIGESTED_DATA,
+ "PKCS #7 Digested Data",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs7EncryptedData, SEC_OID_PKCS7_ENCRYPTED_DATA,
+ "PKCS #7 Encrypted Data",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9EmailAddress, SEC_OID_PKCS9_EMAIL_ADDRESS,
+ "PKCS #9 Email Address",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9UnstructuredName, SEC_OID_PKCS9_UNSTRUCTURED_NAME,
+ "PKCS #9 Unstructured Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9ContentType, SEC_OID_PKCS9_CONTENT_TYPE,
+ "PKCS #9 Content Type",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9MessageDigest, SEC_OID_PKCS9_MESSAGE_DIGEST,
+ "PKCS #9 Message Digest",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9SigningTime, SEC_OID_PKCS9_SIGNING_TIME,
+ "PKCS #9 Signing Time",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9CounterSignature, SEC_OID_PKCS9_COUNTER_SIGNATURE,
+ "PKCS #9 Counter Signature",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9ChallengePassword, SEC_OID_PKCS9_CHALLENGE_PASSWORD,
+ "PKCS #9 Challenge Password",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9UnstructuredAddress, SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS,
+ "PKCS #9 Unstructured Address",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9ExtendedCertificateAttributes,
+ SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES,
+ "PKCS #9 Extended Certificate Attributes",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9SMIMECapabilities, SEC_OID_PKCS9_SMIME_CAPABILITIES,
+ "PKCS #9 S/MIME Capabilities",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520CommonName, SEC_OID_AVA_COMMON_NAME,
+ "X520 Common Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520CountryName, SEC_OID_AVA_COUNTRY_NAME,
+ "X520 Country Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520LocalityName, SEC_OID_AVA_LOCALITY,
+ "X520 Locality Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520StateOrProvinceName, SEC_OID_AVA_STATE_OR_PROVINCE,
+ "X520 State Or Province Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520OrgName, SEC_OID_AVA_ORGANIZATION_NAME,
+ "X520 Organization Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520OrgUnitName, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME,
+ "X520 Organizational Unit Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520DnQualifier, SEC_OID_AVA_DN_QUALIFIER,
+ "X520 DN Qualifier", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(rfc2247DomainComponent, SEC_OID_AVA_DC,
+ "RFC 2247 Domain Component",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(nsTypeGIF, SEC_OID_NS_TYPE_GIF,
+ "GIF", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(nsTypeJPEG, SEC_OID_NS_TYPE_JPEG,
+ "JPEG", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(nsTypeURL, SEC_OID_NS_TYPE_URL,
+ "URL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(nsTypeHTML, SEC_OID_NS_TYPE_HTML,
+ "HTML", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(nsTypeCertSeq, SEC_OID_NS_TYPE_CERT_SEQUENCE,
+ "Certificate Sequence",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(missiCertKEADSSOld, SEC_OID_MISSI_KEA_DSS_OLD,
+ "MISSI KEA and DSS Algorithm (Old)",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(missiCertDSSOld, SEC_OID_MISSI_DSS_OLD,
+ "MISSI DSS Algorithm (Old)",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(missiCertKEADSS, SEC_OID_MISSI_KEA_DSS,
+ "MISSI KEA and DSS Algorithm",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(missiCertDSS, SEC_OID_MISSI_DSS,
+ "MISSI DSS Algorithm",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(missiCertKEA, SEC_OID_MISSI_KEA,
+ "MISSI KEA Algorithm",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(missiCertAltKEA, SEC_OID_MISSI_ALT_KEA,
+ "MISSI Alternate KEA Algorithm",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* Netscape private extensions */
+ OD(nsCertExtNetscapeOK, SEC_OID_NS_CERT_EXT_NETSCAPE_OK,
+ "Netscape says this cert is OK",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsCertExtIssuerLogo, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
+ "Certificate Issuer Logo",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsCertExtSubjectLogo, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
+ "Certificate Subject Logo",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtCertType, SEC_OID_NS_CERT_EXT_CERT_TYPE,
+ "Certificate Type",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtBaseURL, SEC_OID_NS_CERT_EXT_BASE_URL,
+ "Certificate Extension Base URL",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtRevocationURL, SEC_OID_NS_CERT_EXT_REVOCATION_URL,
+ "Certificate Revocation URL",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtCARevocationURL, SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL,
+ "Certificate Authority Revocation URL",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtCACRLURL, SEC_OID_NS_CERT_EXT_CA_CRL_URL,
+ "Certificate Authority CRL Download URL",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtCACertURL, SEC_OID_NS_CERT_EXT_CA_CERT_URL,
+ "Certificate Authority Certificate Download URL",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtCertRenewalURL, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL,
+ "Certificate Renewal URL",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtCAPolicyURL, SEC_OID_NS_CERT_EXT_CA_POLICY_URL,
+ "Certificate Authority Policy URL",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtHomepageURL, SEC_OID_NS_CERT_EXT_HOMEPAGE_URL,
+ "Certificate Homepage URL",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtEntityLogo, SEC_OID_NS_CERT_EXT_ENTITY_LOGO,
+ "Certificate Entity Logo",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtUserPicture, SEC_OID_NS_CERT_EXT_USER_PICTURE,
+ "Certificate User Picture",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtSSLServerName, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME,
+ "Certificate SSL Server Name",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(nsExtComment, SEC_OID_NS_CERT_EXT_COMMENT,
+ "Certificate Comment",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtLostPasswordURL, SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL,
+ "Lost Password URL",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsExtCertRenewalTime, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME,
+ "Certificate Renewal Time",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(nsKeyUsageGovtApproved, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED,
+ "Strong Crypto Export Approved",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+
+ /* x.509 v3 certificate extensions */
+ OD(x509SubjectDirectoryAttr, SEC_OID_X509_SUBJECT_DIRECTORY_ATTR,
+ "Certificate Subject Directory Attributes",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(x509SubjectKeyID, SEC_OID_X509_SUBJECT_KEY_ID,
+ "Certificate Subject Key ID",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509KeyUsage, SEC_OID_X509_KEY_USAGE,
+ "Certificate Key Usage",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509PrivateKeyUsagePeriod, SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD,
+ "Certificate Private Key Usage Period",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(x509SubjectAltName, SEC_OID_X509_SUBJECT_ALT_NAME,
+ "Certificate Subject Alt Name",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509IssuerAltName, SEC_OID_X509_ISSUER_ALT_NAME,
+ "Certificate Issuer Alt Name",
+ CKM_INVALID_MECHANISM, FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509BasicConstraints, SEC_OID_X509_BASIC_CONSTRAINTS,
+ "Certificate Basic Constraints",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509NameConstraints, SEC_OID_X509_NAME_CONSTRAINTS,
+ "Certificate Name Constraints",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509CRLDistPoints, SEC_OID_X509_CRL_DIST_POINTS,
+ "CRL Distribution Points",
+ CKM_INVALID_MECHANISM, FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509CertificatePolicies, SEC_OID_X509_CERTIFICATE_POLICIES,
+ "Certificate Policies",
+ CKM_INVALID_MECHANISM, FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509PolicyMappings, SEC_OID_X509_POLICY_MAPPINGS,
+ "Certificate Policy Mappings",
+ CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
+ OD(x509PolicyConstraints, SEC_OID_X509_POLICY_CONSTRAINTS,
+ "Certificate Policy Constraints",
+ CKM_INVALID_MECHANISM, FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509AuthKeyID, SEC_OID_X509_AUTH_KEY_ID,
+ "Certificate Authority Key Identifier",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509ExtKeyUsage, SEC_OID_X509_EXT_KEY_USAGE,
+ "Extended Key Usage",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509AuthInfoAccess, SEC_OID_X509_AUTH_INFO_ACCESS,
+ "Authority Information Access",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+
+ /* x.509 v3 CRL extensions */
+ OD(x509CRLNumber, SEC_OID_X509_CRL_NUMBER,
+ "CRL Number", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509ReasonCode, SEC_OID_X509_REASON_CODE,
+ "CRL reason code", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(x509InvalidDate, SEC_OID_X509_INVALID_DATE,
+ "Invalid Date", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+
+ OD(x500RSAEncryption, SEC_OID_X500_RSA_ENCRYPTION,
+ "X500 RSA Encryption", CKM_RSA_X_509, INVALID_CERT_EXTENSION),
+
+ /* added for alg 1485 */
+ OD(rfc1274Uid, SEC_OID_RFC1274_UID,
+ "RFC1274 User Id", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(rfc1274Mail, SEC_OID_RFC1274_MAIL,
+ "RFC1274 E-mail Address",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* pkcs 12 additions */
+ OD(pkcs12, SEC_OID_PKCS12,
+ "PKCS #12", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12ModeIDs, SEC_OID_PKCS12_MODE_IDS,
+ "PKCS #12 Mode IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12ESPVKIDs, SEC_OID_PKCS12_ESPVK_IDS,
+ "PKCS #12 ESPVK IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12BagIDs, SEC_OID_PKCS12_BAG_IDS,
+ "PKCS #12 Bag IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12CertBagIDs, SEC_OID_PKCS12_CERT_BAG_IDS,
+ "PKCS #12 Cert Bag IDs",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12OIDs, SEC_OID_PKCS12_OIDS,
+ "PKCS #12 OIDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12PBEIDs, SEC_OID_PKCS12_PBE_IDS,
+ "PKCS #12 PBE IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12SignatureIDs, SEC_OID_PKCS12_SIGNATURE_IDS,
+ "PKCS #12 Signature IDs",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12EnvelopingIDs, SEC_OID_PKCS12_ENVELOPING_IDS,
+ "PKCS #12 Enveloping IDs",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12PKCS8KeyShrouding, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING,
+ "PKCS #12 Key Shrouding",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12KeyBagID, SEC_OID_PKCS12_KEY_BAG_ID,
+ "PKCS #12 Key Bag ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12CertAndCRLBagID, SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
+ "PKCS #12 Cert And CRL Bag ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12SecretBagID, SEC_OID_PKCS12_SECRET_BAG_ID,
+ "PKCS #12 Secret Bag ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12X509CertCRLBag, SEC_OID_PKCS12_X509_CERT_CRL_BAG,
+ "PKCS #12 X509 Cert CRL Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12SDSICertBag, SEC_OID_PKCS12_SDSI_CERT_BAG,
+ "PKCS #12 SDSI Cert Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12PBEWithSha1And128BitRC4,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4,
+ "PKCS #12 PBE With SHA-1 and 128 Bit RC4",
+ CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4, INVALID_CERT_EXTENSION),
+ OD(pkcs12PBEWithSha1And40BitRC4,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4,
+ "PKCS #12 PBE With SHA-1 and 40 Bit RC4",
+ CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4, INVALID_CERT_EXTENSION),
+ OD(pkcs12PBEWithSha1AndTripleDESCBC,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC,
+ "PKCS #12 PBE With SHA-1 and Triple DES-CBC",
+ CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12PBEWithSha1And128BitRC2CBC,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
+ "PKCS #12 PBE With SHA-1 and 128 Bit RC2 CBC",
+ CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12PBEWithSha1And40BitRC2CBC,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
+ "PKCS #12 PBE With SHA-1 and 40 Bit RC2 CBC",
+ CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12RSAEncryptionWith128BitRC4,
+ SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4,
+ "PKCS #12 RSA Encryption with 128 Bit RC4",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12RSAEncryptionWith40BitRC4,
+ SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4,
+ "PKCS #12 RSA Encryption with 40 Bit RC4",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12RSAEncryptionWithTripleDES,
+ SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES,
+ "PKCS #12 RSA Encryption with Triple DES",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12RSASignatureWithSHA1Digest,
+ SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST,
+ "PKCS #12 RSA Encryption with Triple DES",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* DSA signatures */
+ OD(ansix9DSASignature, SEC_OID_ANSIX9_DSA_SIGNATURE,
+ "ANSI X9.57 DSA Signature", CKM_DSA, INVALID_CERT_EXTENSION),
+ OD(ansix9DSASignaturewithSHA1Digest,
+ SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST,
+ "ANSI X9.57 DSA Signature with SHA-1 Digest",
+ CKM_DSA_SHA1, INVALID_CERT_EXTENSION),
+ OD(bogusDSASignaturewithSHA1Digest,
+ SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST,
+ "FORTEZZA DSA Signature with SHA-1 Digest",
+ CKM_DSA_SHA1, INVALID_CERT_EXTENSION),
+
+ /* verisign oids */
+ OD(verisignUserNotices, SEC_OID_VERISIGN_USER_NOTICES,
+ "Verisign User Notices",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* pkix oids */
+ OD(pkixCPSPointerQualifier, SEC_OID_PKIX_CPS_POINTER_QUALIFIER,
+ "PKIX CPS Pointer Qualifier",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixUserNoticeQualifier, SEC_OID_PKIX_USER_NOTICE_QUALIFIER,
+ "PKIX User Notice Qualifier",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(pkixOCSP, SEC_OID_PKIX_OCSP,
+ "PKIX Online Certificate Status Protocol",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPBasicResponse, SEC_OID_PKIX_OCSP_BASIC_RESPONSE,
+ "OCSP Basic Response", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPNonce, SEC_OID_PKIX_OCSP_NONCE,
+ "OCSP Nonce Extension", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPCRL, SEC_OID_PKIX_OCSP_CRL,
+ "OCSP CRL Reference Extension",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPResponse, SEC_OID_PKIX_OCSP_RESPONSE,
+ "OCSP Response Types Extension",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPNoCheck, SEC_OID_PKIX_OCSP_NO_CHECK,
+ "OCSP No Check Extension",
+ CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION),
+ OD(pkixOCSPArchiveCutoff, SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF,
+ "OCSP Archive Cutoff Extension",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPServiceLocator, SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
+ "OCSP Service Locator Extension",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(pkixRegCtrlRegToken, SEC_OID_PKIX_REGCTRL_REGTOKEN,
+ "PKIX CRMF Registration Control, Registration Token",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegCtrlAuthenticator, SEC_OID_PKIX_REGCTRL_AUTHENTICATOR,
+ "PKIX CRMF Registration Control, Registration Authenticator",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegCtrlPKIPubInfo, SEC_OID_PKIX_REGCTRL_PKIPUBINFO,
+ "PKIX CRMF Registration Control, PKI Publication Info",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegCtrlPKIArchOptions,
+ SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
+ "PKIX CRMF Registration Control, PKI Archive Options",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegCtrlOldCertID, SEC_OID_PKIX_REGCTRL_OLD_CERT_ID,
+ "PKIX CRMF Registration Control, Old Certificate ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegCtrlProtEncKey, SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY,
+ "PKIX CRMF Registration Control, Protocol Encryption Key",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegInfoUTF8Pairs, SEC_OID_PKIX_REGINFO_UTF8_PAIRS,
+ "PKIX CRMF Registration Info, UTF8 Pairs",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixRegInfoCertReq, SEC_OID_PKIX_REGINFO_CERT_REQUEST,
+ "PKIX CRMF Registration Info, Certificate Request",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixExtendedKeyUsageServerAuth,
+ SEC_OID_EXT_KEY_USAGE_SERVER_AUTH,
+ "TLS Web Server Authentication Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixExtendedKeyUsageClientAuth,
+ SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH,
+ "TLS Web Client Authentication Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixExtendedKeyUsageCodeSign, SEC_OID_EXT_KEY_USAGE_CODE_SIGN,
+ "Code Signing Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixExtendedKeyUsageEMailProtect,
+ SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT,
+ "E-Mail Protection Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixExtendedKeyUsageTimeStamp,
+ SEC_OID_EXT_KEY_USAGE_TIME_STAMP,
+ "Time Stamping Certifcate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixOCSPResponderExtendedKeyUsage, SEC_OID_OCSP_RESPONDER,
+ "OCSP Responder Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* Netscape Algorithm OIDs */
+
+ OD(netscapeSMimeKEA, SEC_OID_NETSCAPE_SMIME_KEA,
+ "Netscape S/MIME KEA", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* Skipjack OID -- ### mwelch temporary */
+ OD(skipjackCBC, SEC_OID_FORTEZZA_SKIPJACK,
+ "Skipjack CBC64", CKM_SKIPJACK_CBC64, INVALID_CERT_EXTENSION),
+
+ /* pkcs12 v2 oids */
+ OD(pkcs12V2PBEWithSha1And128BitRC4,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4,
+ "PKCS #12 V2 PBE With SHA-1 And 128 Bit RC4",
+ CKM_PBE_SHA1_RC4_128, INVALID_CERT_EXTENSION),
+ OD(pkcs12V2PBEWithSha1And40BitRC4,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4,
+ "PKCS #12 V2 PBE With SHA-1 And 40 Bit RC4",
+ CKM_PBE_SHA1_RC4_40, INVALID_CERT_EXTENSION),
+ OD(pkcs12V2PBEWithSha1And3KeyTripleDEScbc,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
+ "PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC",
+ CKM_PBE_SHA1_DES3_EDE_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12V2PBEWithSha1And2KeyTripleDEScbc,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC,
+ "PKCS #12 V2 PBE With SHA-1 And 2KEY Triple DES-CBC",
+ CKM_PBE_SHA1_DES2_EDE_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12V2PBEWithSha1And128BitRC2cbc,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
+ "PKCS #12 V2 PBE With SHA-1 And 128 Bit RC2 CBC",
+ CKM_PBE_SHA1_RC2_128_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12V2PBEWithSha1And40BitRC2cbc,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
+ "PKCS #12 V2 PBE With SHA-1 And 40 Bit RC2 CBC",
+ CKM_PBE_SHA1_RC2_40_CBC, INVALID_CERT_EXTENSION),
+ OD(pkcs12SafeContentsID, SEC_OID_PKCS12_SAFE_CONTENTS_ID,
+ "PKCS #12 Safe Contents ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12PKCS8ShroudedKeyBagID,
+ SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID,
+ "PKCS #12 Safe Contents ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12V1KeyBag, SEC_OID_PKCS12_V1_KEY_BAG_ID,
+ "PKCS #12 V1 Key Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12V1PKCS8ShroudedKeyBag,
+ SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID,
+ "PKCS #12 V1 PKCS8 Shrouded Key Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12V1CertBag, SEC_OID_PKCS12_V1_CERT_BAG_ID,
+ "PKCS #12 V1 Cert Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12V1CRLBag, SEC_OID_PKCS12_V1_CRL_BAG_ID,
+ "PKCS #12 V1 CRL Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12V1SecretBag, SEC_OID_PKCS12_V1_SECRET_BAG_ID,
+ "PKCS #12 V1 Secret Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12V1SafeContentsBag, SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
+ "PKCS #12 V1 Safe Contents Bag",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(pkcs9X509Certificate, SEC_OID_PKCS9_X509_CERT,
+ "PKCS #9 X509 Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9SDSICertificate, SEC_OID_PKCS9_SDSI_CERT,
+ "PKCS #9 SDSI Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9X509CRL, SEC_OID_PKCS9_X509_CRL,
+ "PKCS #9 X509 CRL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9FriendlyName, SEC_OID_PKCS9_FRIENDLY_NAME,
+ "PKCS #9 Friendly Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9LocalKeyID, SEC_OID_PKCS9_LOCAL_KEY_ID,
+ "PKCS #9 Local Key ID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs12KeyUsageAttr, SEC_OID_BOGUS_KEY_USAGE,
+ "Bogus Key Usage", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(dhPublicKey, SEC_OID_X942_DIFFIE_HELMAN_KEY,
+ "Diffie-Helman Public Key", CKM_DH_PKCS_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(netscapeNickname, SEC_OID_NETSCAPE_NICKNAME,
+ "Netscape Nickname", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* Cert Server specific OIDs */
+ OD(netscapeRecoveryRequest, SEC_OID_NETSCAPE_RECOVERY_REQUEST,
+ "Recovery Request OID",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(nsExtAIACertRenewal, SEC_OID_CERT_RENEWAL_LOCATOR,
+ "Certificate Renewal Locator OID", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ OD(nsExtCertScopeOfUse, SEC_OID_NS_CERT_EXT_SCOPE_OF_USE,
+ "Certificate Scope-of-Use Extension", CKM_INVALID_MECHANISM,
+ SUPPORTED_CERT_EXTENSION),
+
+ /* CMS stuff */
+ OD(cmsESDH, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN,
+ "Ephemeral-Static Diffie-Hellman", CKM_INVALID_MECHANISM /* XXX */,
+ INVALID_CERT_EXTENSION),
+ OD(cms3DESwrap, SEC_OID_CMS_3DES_KEY_WRAP,
+ "CMS Triple DES Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
+ INVALID_CERT_EXTENSION),
+ OD(cmsRC2wrap, SEC_OID_CMS_RC2_KEY_WRAP,
+ "CMS RC2 Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
+ INVALID_CERT_EXTENSION),
+ OD(smimeEncryptionKeyPreference, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE,
+ "S/MIME Encryption Key Preference",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* AES algorithm OIDs */
+ OD(aes128_ECB, SEC_OID_AES_128_ECB,
+ "AES-128-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION),
+ OD(aes128_CBC, SEC_OID_AES_128_CBC,
+ "AES-128-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION),
+ OD(aes192_ECB, SEC_OID_AES_192_ECB,
+ "AES-192-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION),
+ OD(aes192_CBC, SEC_OID_AES_192_CBC,
+ "AES-192-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION),
+ OD(aes256_ECB, SEC_OID_AES_256_ECB,
+ "AES-256-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION),
+ OD(aes256_CBC, SEC_OID_AES_256_CBC,
+ "AES-256-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION),
+
+ /* More bogus DSA OIDs */
+ OD(sdn702DSASignature, SEC_OID_SDN702_DSA_SIGNATURE,
+ "SDN.702 DSA Signature", CKM_DSA_SHA1, INVALID_CERT_EXTENSION),
+
+ OD(ms_smimeEncryptionKeyPreference,
+ SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE,
+ "Microsoft S/MIME Encryption Key Preference",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(sha256, SEC_OID_SHA256, "SHA-256", CKM_SHA256, INVALID_CERT_EXTENSION),
+ OD(sha384, SEC_OID_SHA384, "SHA-384", CKM_SHA384, INVALID_CERT_EXTENSION),
+ OD(sha512, SEC_OID_SHA512, "SHA-512", CKM_SHA512, INVALID_CERT_EXTENSION),
+
+ OD(pkcs1SHA256WithRSAEncryption, SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION,
+ "PKCS #1 SHA-256 With RSA Encryption", CKM_SHA256_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+ OD(pkcs1SHA384WithRSAEncryption, SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION,
+ "PKCS #1 SHA-384 With RSA Encryption", CKM_SHA384_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+ OD(pkcs1SHA512WithRSAEncryption, SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION,
+ "PKCS #1 SHA-512 With RSA Encryption", CKM_SHA512_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+
+ OD(aes128_KEY_WRAP, SEC_OID_AES_128_KEY_WRAP,
+ "AES-128 Key Wrap", CKM_NSS_AES_KEY_WRAP, INVALID_CERT_EXTENSION),
+ OD(aes192_KEY_WRAP, SEC_OID_AES_192_KEY_WRAP,
+ "AES-192 Key Wrap", CKM_NSS_AES_KEY_WRAP, INVALID_CERT_EXTENSION),
+ OD(aes256_KEY_WRAP, SEC_OID_AES_256_KEY_WRAP,
+ "AES-256 Key Wrap", CKM_NSS_AES_KEY_WRAP, INVALID_CERT_EXTENSION),
+
+ /* Elliptic Curve Cryptography (ECC) OIDs */
+ OD(ansix962ECPublicKey, SEC_OID_ANSIX962_EC_PUBLIC_KEY,
+ "X9.62 elliptic curve public key", CKM_ECDH1_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(ansix962SignaturewithSHA1Digest,
+ SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE,
+ "X9.62 ECDSA signature with SHA-1", CKM_ECDSA_SHA1,
+ INVALID_CERT_EXTENSION),
+
+ /* Named curves */
+ /* NOTE: Only P256, P384, P521, and 25519 are supported by softoken.
+ * Using other curves requires an appropriate token. */
+
+ /* ANSI X9.62 named elliptic curves (prime field) */
+ OD(ansiX962prime192v1, SEC_OID_ANSIX962_EC_PRIME192V1,
+ "ANSI X9.62 elliptic curve prime192v1 (aka secp192r1, NIST P-192)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962prime192v2, SEC_OID_ANSIX962_EC_PRIME192V2,
+ "ANSI X9.62 elliptic curve prime192v2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962prime192v3, SEC_OID_ANSIX962_EC_PRIME192V3,
+ "ANSI X9.62 elliptic curve prime192v3",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962prime239v1, SEC_OID_ANSIX962_EC_PRIME239V1,
+ "ANSI X9.62 elliptic curve prime239v1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962prime239v2, SEC_OID_ANSIX962_EC_PRIME239V2,
+ "ANSI X9.62 elliptic curve prime239v2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962prime239v3, SEC_OID_ANSIX962_EC_PRIME239V3,
+ "ANSI X9.62 elliptic curve prime239v3",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962prime256v1, SEC_OID_ANSIX962_EC_PRIME256V1,
+ "ANSI X9.62 elliptic curve prime256v1 (aka secp256r1, NIST P-256)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ /* SECG named elliptic curves (prime field) */
+ OD(secgECsecp112r1, SEC_OID_SECG_EC_SECP112R1,
+ "SECG elliptic curve secp112r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp112r2, SEC_OID_SECG_EC_SECP112R2,
+ "SECG elliptic curve secp112r2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp128r1, SEC_OID_SECG_EC_SECP128R1,
+ "SECG elliptic curve secp128r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp128r2, SEC_OID_SECG_EC_SECP128R2,
+ "SECG elliptic curve secp128r2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp160k1, SEC_OID_SECG_EC_SECP160K1,
+ "SECG elliptic curve secp160k1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp160r1, SEC_OID_SECG_EC_SECP160R1,
+ "SECG elliptic curve secp160r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp160r2, SEC_OID_SECG_EC_SECP160R2,
+ "SECG elliptic curve secp160r2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp192k1, SEC_OID_SECG_EC_SECP192K1,
+ "SECG elliptic curve secp192k1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp224k1, SEC_OID_SECG_EC_SECP224K1,
+ "SECG elliptic curve secp224k1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp224r1, SEC_OID_SECG_EC_SECP224R1,
+ "SECG elliptic curve secp224r1 (aka NIST P-224)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp256k1, SEC_OID_SECG_EC_SECP256K1,
+ "SECG elliptic curve secp256k1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp384r1, SEC_OID_SECG_EC_SECP384R1,
+ "SECG elliptic curve secp384r1 (aka NIST P-384)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsecp521r1, SEC_OID_SECG_EC_SECP521R1,
+ "SECG elliptic curve secp521r1 (aka NIST P-521)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ /* ANSI X9.62 named elliptic curves (characteristic two field) */
+ OD(ansiX962c2pnb163v1, SEC_OID_ANSIX962_EC_C2PNB163V1,
+ "ANSI X9.62 elliptic curve c2pnb163v1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb163v2, SEC_OID_ANSIX962_EC_C2PNB163V2,
+ "ANSI X9.62 elliptic curve c2pnb163v2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb163v3, SEC_OID_ANSIX962_EC_C2PNB163V3,
+ "ANSI X9.62 elliptic curve c2pnb163v3",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb176v1, SEC_OID_ANSIX962_EC_C2PNB176V1,
+ "ANSI X9.62 elliptic curve c2pnb176v1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb191v1, SEC_OID_ANSIX962_EC_C2TNB191V1,
+ "ANSI X9.62 elliptic curve c2tnb191v1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb191v2, SEC_OID_ANSIX962_EC_C2TNB191V2,
+ "ANSI X9.62 elliptic curve c2tnb191v2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb191v3, SEC_OID_ANSIX962_EC_C2TNB191V3,
+ "ANSI X9.62 elliptic curve c2tnb191v3",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2onb191v4, SEC_OID_ANSIX962_EC_C2ONB191V4,
+ "ANSI X9.62 elliptic curve c2onb191v4",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2onb191v5, SEC_OID_ANSIX962_EC_C2ONB191V5,
+ "ANSI X9.62 elliptic curve c2onb191v5",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb208w1, SEC_OID_ANSIX962_EC_C2PNB208W1,
+ "ANSI X9.62 elliptic curve c2pnb208w1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb239v1, SEC_OID_ANSIX962_EC_C2TNB239V1,
+ "ANSI X9.62 elliptic curve c2tnb239v1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb239v2, SEC_OID_ANSIX962_EC_C2TNB239V2,
+ "ANSI X9.62 elliptic curve c2tnb239v2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb239v3, SEC_OID_ANSIX962_EC_C2TNB239V3,
+ "ANSI X9.62 elliptic curve c2tnb239v3",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2onb239v4, SEC_OID_ANSIX962_EC_C2ONB239V4,
+ "ANSI X9.62 elliptic curve c2onb239v4",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2onb239v5, SEC_OID_ANSIX962_EC_C2ONB239V5,
+ "ANSI X9.62 elliptic curve c2onb239v5",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb272w1, SEC_OID_ANSIX962_EC_C2PNB272W1,
+ "ANSI X9.62 elliptic curve c2pnb272w1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb304w1, SEC_OID_ANSIX962_EC_C2PNB304W1,
+ "ANSI X9.62 elliptic curve c2pnb304w1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb359v1, SEC_OID_ANSIX962_EC_C2TNB359V1,
+ "ANSI X9.62 elliptic curve c2tnb359v1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2pnb368w1, SEC_OID_ANSIX962_EC_C2PNB368W1,
+ "ANSI X9.62 elliptic curve c2pnb368w1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansiX962c2tnb431r1, SEC_OID_ANSIX962_EC_C2TNB431R1,
+ "ANSI X9.62 elliptic curve c2tnb431r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ /* SECG named elliptic curves (characterisitic two field) */
+ OD(secgECsect113r1, SEC_OID_SECG_EC_SECT113R1,
+ "SECG elliptic curve sect113r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect113r2, SEC_OID_SECG_EC_SECT113R2,
+ "SECG elliptic curve sect113r2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect131r1, SEC_OID_SECG_EC_SECT131R1,
+ "SECG elliptic curve sect131r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect131r2, SEC_OID_SECG_EC_SECT131R2,
+ "SECG elliptic curve sect131r2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect163k1, SEC_OID_SECG_EC_SECT163K1,
+ "SECG elliptic curve sect163k1 (aka NIST K-163)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect163r1, SEC_OID_SECG_EC_SECT163R1,
+ "SECG elliptic curve sect163r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect163r2, SEC_OID_SECG_EC_SECT163R2,
+ "SECG elliptic curve sect163r2 (aka NIST B-163)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect193r1, SEC_OID_SECG_EC_SECT193R1,
+ "SECG elliptic curve sect193r1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect193r2, SEC_OID_SECG_EC_SECT193R2,
+ "SECG elliptic curve sect193r2",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect233k1, SEC_OID_SECG_EC_SECT233K1,
+ "SECG elliptic curve sect233k1 (aka NIST K-233)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect233r1, SEC_OID_SECG_EC_SECT233R1,
+ "SECG elliptic curve sect233r1 (aka NIST B-233)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect239k1, SEC_OID_SECG_EC_SECT239K1,
+ "SECG elliptic curve sect239k1",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect283k1, SEC_OID_SECG_EC_SECT283K1,
+ "SECG elliptic curve sect283k1 (aka NIST K-283)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect283r1, SEC_OID_SECG_EC_SECT283R1,
+ "SECG elliptic curve sect283r1 (aka NIST B-283)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect409k1, SEC_OID_SECG_EC_SECT409K1,
+ "SECG elliptic curve sect409k1 (aka NIST K-409)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect409r1, SEC_OID_SECG_EC_SECT409R1,
+ "SECG elliptic curve sect409r1 (aka NIST B-409)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect571k1, SEC_OID_SECG_EC_SECT571K1,
+ "SECG elliptic curve sect571k1 (aka NIST K-571)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(secgECsect571r1, SEC_OID_SECG_EC_SECT571R1,
+ "SECG elliptic curve sect571r1 (aka NIST B-571)",
+ CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ OD(netscapeAOLScreenname, SEC_OID_NETSCAPE_AOLSCREENNAME,
+ "AOL Screenname", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ OD(x520SurName, SEC_OID_AVA_SURNAME,
+ "X520 Title", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520SerialNumber, SEC_OID_AVA_SERIAL_NUMBER,
+ "X520 Serial Number", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520StreetAddress, SEC_OID_AVA_STREET_ADDRESS,
+ "X520 Street Address", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520Title, SEC_OID_AVA_TITLE,
+ "X520 Title", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520PostalAddress, SEC_OID_AVA_POSTAL_ADDRESS,
+ "X520 Postal Address", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520PostalCode, SEC_OID_AVA_POSTAL_CODE,
+ "X520 Postal Code", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520PostOfficeBox, SEC_OID_AVA_POST_OFFICE_BOX,
+ "X520 Post Office Box", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520GivenName, SEC_OID_AVA_GIVEN_NAME,
+ "X520 Given Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520Initials, SEC_OID_AVA_INITIALS,
+ "X520 Initials", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520GenerationQualifier, SEC_OID_AVA_GENERATION_QUALIFIER,
+ "X520 Generation Qualifier",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520HouseIdentifier, SEC_OID_AVA_HOUSE_IDENTIFIER,
+ "X520 House Identifier",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520Pseudonym, SEC_OID_AVA_PSEUDONYM,
+ "X520 Pseudonym", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* More OIDs */
+ OD(pkixCAIssuers, SEC_OID_PKIX_CA_ISSUERS,
+ "PKIX CA issuers access method",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs9ExtensionRequest, SEC_OID_PKCS9_EXTENSION_REQUEST,
+ "PKCS #9 Extension Request",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* more ECC Signature Oids */
+ OD(ansix962SignatureRecommended,
+ SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST,
+ "X9.62 ECDSA signature with recommended digest", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansix962SignatureSpecified,
+ SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST,
+ "X9.62 ECDSA signature with specified digest", CKM_ECDSA,
+ INVALID_CERT_EXTENSION),
+ OD(ansix962SignaturewithSHA224Digest,
+ SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE,
+ "X9.62 ECDSA signature with SHA224", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansix962SignaturewithSHA256Digest,
+ SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE,
+ "X9.62 ECDSA signature with SHA256", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansix962SignaturewithSHA384Digest,
+ SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE,
+ "X9.62 ECDSA signature with SHA384", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(ansix962SignaturewithSHA512Digest,
+ SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE,
+ "X9.62 ECDSA signature with SHA512", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ /* More id-ce and id-pe OIDs from RFC 3280 */
+ OD(x509HoldInstructionCode, SEC_OID_X509_HOLD_INSTRUCTION_CODE,
+ "CRL Hold Instruction Code", CKM_INVALID_MECHANISM,
+ UNSUPPORTED_CERT_EXTENSION),
+ OD(x509DeltaCRLIndicator, SEC_OID_X509_DELTA_CRL_INDICATOR,
+ "Delta CRL Indicator", CKM_INVALID_MECHANISM,
+ FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509IssuingDistributionPoint, SEC_OID_X509_ISSUING_DISTRIBUTION_POINT,
+ "Issuing Distribution Point", CKM_INVALID_MECHANISM,
+ FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509CertIssuer, SEC_OID_X509_CERT_ISSUER,
+ "Certificate Issuer Extension", CKM_INVALID_MECHANISM,
+ FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509FreshestCRL, SEC_OID_X509_FRESHEST_CRL,
+ "Freshest CRL", CKM_INVALID_MECHANISM,
+ UNSUPPORTED_CERT_EXTENSION),
+ OD(x509InhibitAnyPolicy, SEC_OID_X509_INHIBIT_ANY_POLICY,
+ "Inhibit Any Policy", CKM_INVALID_MECHANISM,
+ FAKE_SUPPORTED_CERT_EXTENSION),
+ OD(x509SubjectInfoAccess, SEC_OID_X509_SUBJECT_INFO_ACCESS,
+ "Subject Info Access", CKM_INVALID_MECHANISM,
+ UNSUPPORTED_CERT_EXTENSION),
+
+ /* Camellia algorithm OIDs */
+ OD(camellia128_CBC, SEC_OID_CAMELLIA_128_CBC,
+ "CAMELLIA-128-CBC", CKM_CAMELLIA_CBC, INVALID_CERT_EXTENSION),
+ OD(camellia192_CBC, SEC_OID_CAMELLIA_192_CBC,
+ "CAMELLIA-192-CBC", CKM_CAMELLIA_CBC, INVALID_CERT_EXTENSION),
+ OD(camellia256_CBC, SEC_OID_CAMELLIA_256_CBC,
+ "CAMELLIA-256-CBC", CKM_CAMELLIA_CBC, INVALID_CERT_EXTENSION),
+
+ /* PKCS 5 v2 OIDS */
+ OD(pkcs5Pbkdf2, SEC_OID_PKCS5_PBKDF2,
+ "PKCS #5 Password Based Key Dervive Function v2 ",
+ CKM_PKCS5_PBKD2, INVALID_CERT_EXTENSION),
+ OD(pkcs5Pbes2, SEC_OID_PKCS5_PBES2,
+ "PKCS #5 Password Based Encryption v2 ",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkcs5Pbmac1, SEC_OID_PKCS5_PBMAC1,
+ "PKCS #5 Password Based Authentication v1 ",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(hmac_sha1, SEC_OID_HMAC_SHA1, "HMAC SHA-1",
+ CKM_SHA_1_HMAC, INVALID_CERT_EXTENSION),
+ OD(hmac_sha224, SEC_OID_HMAC_SHA224, "HMAC SHA-224",
+ CKM_SHA224_HMAC, INVALID_CERT_EXTENSION),
+ OD(hmac_sha256, SEC_OID_HMAC_SHA256, "HMAC SHA-256",
+ CKM_SHA256_HMAC, INVALID_CERT_EXTENSION),
+ OD(hmac_sha384, SEC_OID_HMAC_SHA384, "HMAC SHA-384",
+ CKM_SHA384_HMAC, INVALID_CERT_EXTENSION),
+ OD(hmac_sha512, SEC_OID_HMAC_SHA512, "HMAC SHA-512",
+ CKM_SHA512_HMAC, INVALID_CERT_EXTENSION),
+
+ /* SIA extension OIDs */
+ OD(x509SIATimeStamping, SEC_OID_PKIX_TIMESTAMPING,
+ "SIA Time Stamping", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+ OD(x509SIACaRepository, SEC_OID_PKIX_CA_REPOSITORY,
+ "SIA CA Repository", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ OD(isoSHA1WithRSASignature, SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE,
+ "ISO SHA-1 with RSA Signature",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ /* SEED algorithm OIDs */
+ OD(seed_CBC, SEC_OID_SEED_CBC,
+ "SEED-CBC", CKM_SEED_CBC, INVALID_CERT_EXTENSION),
+
+ OD(x509CertificatePoliciesAnyPolicy, SEC_OID_X509_ANY_POLICY,
+ "Certificate Policies AnyPolicy",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(pkcs1RSAOAEPEncryption, SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION,
+ "PKCS #1 RSA-OAEP Encryption", CKM_RSA_PKCS_OAEP,
+ INVALID_CERT_EXTENSION),
+
+ OD(pkcs1MGF1, SEC_OID_PKCS1_MGF1,
+ "PKCS #1 MGF1 Mask Generation Function", CKM_INVALID_MECHANISM,
+ INVALID_CERT_EXTENSION),
+
+ OD(pkcs1PSpecified, SEC_OID_PKCS1_PSPECIFIED,
+ "PKCS #1 RSA-OAEP Explicitly Specified Encoding Parameters",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(pkcs1RSAPSSSignature, SEC_OID_PKCS1_RSA_PSS_SIGNATURE,
+ "PKCS #1 RSA-PSS Signature", CKM_RSA_PKCS_PSS,
+ INVALID_CERT_EXTENSION),
+
+ OD(pkcs1SHA224WithRSAEncryption, SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION,
+ "PKCS #1 SHA-224 With RSA Encryption", CKM_SHA224_RSA_PKCS,
+ INVALID_CERT_EXTENSION),
+
+ OD(sha224, SEC_OID_SHA224, "SHA-224", CKM_SHA224, INVALID_CERT_EXTENSION),
+
+ OD(evIncorporationLocality, SEC_OID_EV_INCORPORATION_LOCALITY,
+ "Jurisdiction of Incorporation Locality Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(evIncorporationState, SEC_OID_EV_INCORPORATION_STATE,
+ "Jurisdiction of Incorporation State Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(evIncorporationCountry, SEC_OID_EV_INCORPORATION_COUNTRY,
+ "Jurisdiction of Incorporation Country Name",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520BusinessCategory, SEC_OID_BUSINESS_CATEGORY,
+ "Business Category",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(nistDSASignaturewithSHA224Digest,
+ SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST,
+ "DSA with SHA-224 Signature",
+ CKM_INVALID_MECHANISM /* not yet defined */, INVALID_CERT_EXTENSION),
+ OD(nistDSASignaturewithSHA256Digest,
+ SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST,
+ "DSA with SHA-256 Signature",
+ CKM_INVALID_MECHANISM /* not yet defined */, INVALID_CERT_EXTENSION),
+ OD(msExtendedKeyUsageTrustListSigning,
+ SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING,
+ "Microsoft Trust List Signing",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(x520Name, SEC_OID_AVA_NAME,
+ "X520 Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(aes128_GCM, SEC_OID_AES_128_GCM,
+ "AES-128-GCM", CKM_AES_GCM, INVALID_CERT_EXTENSION),
+ OD(aes192_GCM, SEC_OID_AES_192_GCM,
+ "AES-192-GCM", CKM_AES_GCM, INVALID_CERT_EXTENSION),
+ OD(aes256_GCM, SEC_OID_AES_256_GCM,
+ "AES-256-GCM", CKM_AES_GCM, INVALID_CERT_EXTENSION),
+ OD(idea_CBC, SEC_OID_IDEA_CBC,
+ "IDEA_CBC", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ ODE(SEC_OID_RC2_40_CBC,
+ "RC2-40-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_DES_40_CBC,
+ "DES-40-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_RC4_40,
+ "RC4-40", CKM_RC4, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_RC4_56,
+ "RC4-56", CKM_RC4, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_NULL_CIPHER,
+ "NULL cipher", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_HMAC_MD5,
+ "HMAC-MD5", CKM_MD5_HMAC, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_RSA,
+ "TLS RSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DHE_RSA,
+ "TLS DHE-RSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DHE_DSS,
+ "TLS DHE-DSS key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DH_RSA,
+ "TLS DH-RSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DH_DSS,
+ "TLS DH-DSS key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DH_ANON,
+ "TLS DH-ANON key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_ECDHE_ECDSA,
+ "TLS ECDHE-ECDSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_ECDHE_RSA,
+ "TLS ECDHE-RSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_ECDH_ECDSA,
+ "TLS ECDH-ECDSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_ECDH_RSA,
+ "TLS ECDH-RSA key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_ECDH_ANON,
+ "TLS ECDH-ANON key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_RSA_EXPORT,
+ "TLS RSA-EXPORT key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DHE_RSA_EXPORT,
+ "TLS DHE-RSA-EXPORT key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DHE_DSS_EXPORT,
+ "TLS DHE-DSS-EXPORT key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DH_RSA_EXPORT,
+ "TLS DH-RSA-EXPORT key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DH_DSS_EXPORT,
+ "TLS DH-DSS-EXPORT key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DH_ANON_EXPORT,
+ "TLS DH-ANON-EXPORT key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_APPLY_SSL_POLICY,
+ "Apply SSL policy (pseudo-OID)", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_CHACHA20_POLY1305,
+ "ChaCha20-Poly1305", CKM_NSS_CHACHA20_POLY1305, INVALID_CERT_EXTENSION),
+
+ ODE(SEC_OID_TLS_ECDHE_PSK,
+ "TLS ECHDE-PSK key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DHE_PSK,
+ "TLS DHE-PSK key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ ODE(SEC_OID_TLS_FFDHE_2048,
+ "TLS FFDHE 2048-bit key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_FFDHE_3072,
+ "TLS FFDHE 3072-bit key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_FFDHE_4096,
+ "TLS FFDHE 4096-bit key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_FFDHE_6144,
+ "TLS FFDHE 6144-bit key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_FFDHE_8192,
+ "TLS FFDHE 8192-bit key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS_DHE_CUSTOM,
+ "TLS DHE custom group key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(curve25519, SEC_OID_CURVE25519,
+ "Curve25519", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_TLS13_KEA_ANY,
+ "TLS 1.3 fake key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+};
+
+/* PRIVATE EXTENDED SECOID Table
+ * This table is private. Its structure is opaque to the outside.
+ * It is indexed by the same SECOidTag as the oids table above.
+ * Every member of this struct must have accessor functions (set, get)
+ * and those functions must operate by value, not by reference.
+ * The addresses of the contents of this table must not be exposed
+ * by the accessor functions.
+ */
+typedef struct privXOidStr {
+ PRUint32 notPolicyFlags; /* ones complement of policy flags */
+} privXOid;
+
+static privXOid xOids[SEC_OID_TOTAL];
+
+/*
+ * now the dynamic table. The dynamic table gets build at init time.
+ * and conceivably gets modified if the user loads new crypto modules.
+ * All this static data, and the allocated data to which it points,
+ * is protected by a global reader/writer lock.
+ * The c language guarantees that global and static data that is not
+ * explicitly initialized will be initialized with zeros. If we
+ * initialize it with zeros, the data goes into the initialized data
+ * secment, and increases the size of the library. By leaving it
+ * uninitialized, it is allocated in BSS, and does NOT increase the
+ * library size.
+ */
+
+typedef struct dynXOidStr {
+ SECOidData data;
+ privXOid priv;
+} dynXOid;
+
+static NSSRWLock *dynOidLock;
+static PLArenaPool *dynOidPool;
+static PLHashTable *dynOidHash;
+static dynXOid **dynOidTable; /* not in the pool */
+static int dynOidEntriesAllocated;
+static int dynOidEntriesUsed;
+
+/* Creates NSSRWLock and dynOidPool at initialization time.
+*/
+static SECStatus
+secoid_InitDynOidData(void)
+{
+ SECStatus rv = SECSuccess;
+
+ dynOidLock = NSSRWLock_New(1, "dynamic OID data");
+ if (!dynOidLock) {
+ return SECFailure; /* Error code should already be set. */
+ }
+ dynOidPool = PORT_NewArena(2048);
+ if (!dynOidPool) {
+ rv = SECFailure /* Error code should already be set. */;
+ }
+ return rv;
+}
+
+/* Add oidData to hash table. Caller holds write lock dynOidLock. */
+static SECStatus
+secoid_HashDynamicOiddata(const SECOidData *oid)
+{
+ PLHashEntry *entry;
+
+ if (!dynOidHash) {
+ dynOidHash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
+ PL_CompareValues, NULL, NULL);
+ if (!dynOidHash) {
+ return SECFailure;
+ }
+ }
+
+ entry = PL_HashTableAdd(dynOidHash, &oid->oid, (void *)oid);
+ return entry ? SECSuccess : SECFailure;
+}
+
+/*
+ * Lookup a Dynamic OID. Dynamic OID's still change slowly, so it's
+ * cheaper to rehash the table when it changes than it is to do the loop
+ * each time.
+ */
+static SECOidData *
+secoid_FindDynamic(const SECItem *key)
+{
+ SECOidData *ret = NULL;
+
+ if (dynOidHash) {
+ NSSRWLock_LockRead(dynOidLock);
+ if (dynOidHash) { /* must check it again with lock held. */
+ ret = (SECOidData *)PL_HashTableLookup(dynOidHash, key);
+ }
+ NSSRWLock_UnlockRead(dynOidLock);
+ }
+ if (ret == NULL) {
+ PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID);
+ }
+ return ret;
+}
+
+static dynXOid *
+secoid_FindDynamicByTag(SECOidTag tagnum)
+{
+ dynXOid *dxo = NULL;
+ int tagNumDiff;
+
+ if (tagnum < SEC_OID_TOTAL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+ tagNumDiff = tagnum - SEC_OID_TOTAL;
+
+ if (dynOidTable) {
+ NSSRWLock_LockRead(dynOidLock);
+ if (dynOidTable != NULL && /* must check it again with lock held. */
+ tagNumDiff < dynOidEntriesUsed) {
+ dxo = dynOidTable[tagNumDiff];
+ }
+ NSSRWLock_UnlockRead(dynOidLock);
+ }
+ if (dxo == NULL) {
+ PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID);
+ }
+ return dxo;
+}
+
+/*
+ * This routine is thread safe now.
+ */
+SECOidTag
+SECOID_AddEntry(const SECOidData *src)
+{
+ SECOidData *dst;
+ dynXOid **table;
+ SECOidTag ret = SEC_OID_UNKNOWN;
+ SECStatus rv;
+ int tableEntries;
+ int used;
+
+ if (!src || !src->oid.data || !src->oid.len ||
+ !src->desc || !strlen(src->desc)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return ret;
+ }
+ if (src->supportedExtension != INVALID_CERT_EXTENSION &&
+ src->supportedExtension != UNSUPPORTED_CERT_EXTENSION &&
+ src->supportedExtension != SUPPORTED_CERT_EXTENSION) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return ret;
+ }
+
+ if (!dynOidPool || !dynOidLock) {
+ PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ return ret;
+ }
+
+ NSSRWLock_LockWrite(dynOidLock);
+
+ /* We've just acquired the write lock, and now we call FindOIDTag
+ ** which will acquire and release the read lock. NSSRWLock has been
+ ** designed to allow this very case without deadlock. This approach
+ ** makes the test for the presence of the OID, and the subsequent
+ ** addition of the OID to the table a single atomic write operation.
+ */
+ ret = SECOID_FindOIDTag(&src->oid);
+ if (ret != SEC_OID_UNKNOWN) {
+ /* we could return an error here, but I chose not to do that.
+ ** This way, if we add an OID to the shared library's built in
+ ** list of OIDs in some future release, and that OID is the same
+ ** as some OID that a program has been adding, the program will
+ ** not suddenly stop working.
+ */
+ goto done;
+ }
+
+ table = dynOidTable;
+ tableEntries = dynOidEntriesAllocated;
+ used = dynOidEntriesUsed;
+
+ if (used + 1 > tableEntries) {
+ dynXOid **newTable;
+ int newTableEntries = tableEntries + 16;
+
+ newTable = (dynXOid **)PORT_Realloc(table,
+ newTableEntries * sizeof(dynXOid *));
+ if (newTable == NULL) {
+ goto done;
+ }
+ dynOidTable = table = newTable;
+ dynOidEntriesAllocated = tableEntries = newTableEntries;
+ }
+
+ /* copy oid structure */
+ dst = (SECOidData *)PORT_ArenaZNew(dynOidPool, dynXOid);
+ if (!dst) {
+ goto done;
+ }
+ rv = SECITEM_CopyItem(dynOidPool, &dst->oid, &src->oid);
+ if (rv != SECSuccess) {
+ goto done;
+ }
+ dst->desc = PORT_ArenaStrdup(dynOidPool, src->desc);
+ if (!dst->desc) {
+ goto done;
+ }
+ dst->offset = (SECOidTag)(used + SEC_OID_TOTAL);
+ dst->mechanism = src->mechanism;
+ dst->supportedExtension = src->supportedExtension;
+
+ rv = secoid_HashDynamicOiddata(dst);
+ if (rv == SECSuccess) {
+ table[used++] = (dynXOid *)dst;
+ dynOidEntriesUsed = used;
+ ret = dst->offset;
+ }
+done:
+ NSSRWLock_UnlockWrite(dynOidLock);
+ return ret;
+}
+
+/* normal static table processing */
+static PLHashTable *oidhash = NULL;
+static PLHashTable *oidmechhash = NULL;
+
+static PLHashNumber
+secoid_HashNumber(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+#define DEF_FLAGS (NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SSL_KX)
+static void
+handleHashAlgSupport(char *envVal)
+{
+ char *myVal = PORT_Strdup(envVal); /* Get a copy we can alter */
+ char *arg = myVal;
+
+ while (arg && *arg) {
+ char *nextArg = PL_strpbrk(arg, ";");
+ PRUint32 notEnable;
+
+ if (nextArg) {
+ while (*nextArg == ';') {
+ *nextArg++ = '\0';
+ }
+ }
+ notEnable = (*arg == '-') ? (DEF_FLAGS) : 0;
+ if ((*arg == '+' || *arg == '-') && *++arg) {
+ int i;
+
+ for (i = 1; i < SEC_OID_TOTAL; i++) {
+ if (oids[i].desc && strstr(arg, oids[i].desc)) {
+ xOids[i].notPolicyFlags = notEnable |
+ (xOids[i].notPolicyFlags & ~(DEF_FLAGS));
+ }
+ }
+ }
+ arg = nextArg;
+ }
+ PORT_Free(myVal); /* can handle NULL argument OK */
+}
+
+SECStatus
+SECOID_Init(void)
+{
+ PLHashEntry *entry;
+ const SECOidData *oid;
+ int i;
+ char *envVal;
+
+#define NSS_VERSION_VARIABLE __nss_util_version
+#include "verref.h"
+
+ if (oidhash) {
+ return SECSuccess; /* already initialized */
+ }
+
+ if (!PR_GetEnvSecure("NSS_ALLOW_WEAK_SIGNATURE_ALG")) {
+ /* initialize any policy flags that are disabled by default */
+ xOids[SEC_OID_MD2].notPolicyFlags = ~0;
+ xOids[SEC_OID_MD4].notPolicyFlags = ~0;
+ xOids[SEC_OID_MD5].notPolicyFlags = ~0;
+ xOids[SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION].notPolicyFlags = ~0;
+ xOids[SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION].notPolicyFlags = ~0;
+ xOids[SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION].notPolicyFlags = ~0;
+ xOids[SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC].notPolicyFlags = ~0;
+ xOids[SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC].notPolicyFlags = ~0;
+ }
+
+ /* turn off NSS_USE_POLICY_IN_SSL by default */
+ xOids[SEC_OID_APPLY_SSL_POLICY].notPolicyFlags = NSS_USE_POLICY_IN_SSL;
+
+ envVal = PR_GetEnvSecure("NSS_HASH_ALG_SUPPORT");
+ if (envVal)
+ handleHashAlgSupport(envVal);
+
+ if (secoid_InitDynOidData() != SECSuccess) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0); /* this function should never fail */
+ return SECFailure;
+ }
+
+ oidhash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
+ PL_CompareValues, NULL, NULL);
+ oidmechhash = PL_NewHashTable(0, secoid_HashNumber, PL_CompareValues,
+ PL_CompareValues, NULL, NULL);
+
+ if (!oidhash || !oidmechhash) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0); /*This function should never fail. */
+ return (SECFailure);
+ }
+
+ for (i = 0; i < SEC_OID_TOTAL; i++) {
+ oid = &oids[i];
+
+ PORT_Assert(oid->offset == i);
+
+ entry = PL_HashTableAdd(oidhash, &oid->oid, (void *)oid);
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0); /*This function should never fail. */
+ return (SECFailure);
+ }
+
+ if (oid->mechanism != CKM_INVALID_MECHANISM) {
+ entry = PL_HashTableAdd(oidmechhash,
+ (void *)oid->mechanism, (void *)oid);
+ if (entry == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ PORT_Assert(0); /* This function should never fail. */
+ return (SECFailure);
+ }
+ }
+ }
+
+ PORT_Assert(i == SEC_OID_TOTAL);
+
+ return (SECSuccess);
+}
+
+SECOidData *
+SECOID_FindOIDByMechanism(unsigned long mechanism)
+{
+ SECOidData *ret;
+
+ PR_ASSERT(oidhash != NULL);
+
+ ret = PL_HashTableLookupConst(oidmechhash, (void *)mechanism);
+ if (ret == NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ }
+
+ return (ret);
+}
+
+SECOidData *
+SECOID_FindOID(const SECItem *oid)
+{
+ SECOidData *ret;
+
+ PR_ASSERT(oidhash != NULL);
+
+ ret = PL_HashTableLookupConst(oidhash, oid);
+ if (ret == NULL) {
+ ret = secoid_FindDynamic(oid);
+ if (ret == NULL) {
+ PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID);
+ }
+ }
+
+ return (ret);
+}
+
+SECOidTag
+SECOID_FindOIDTag(const SECItem *oid)
+{
+ SECOidData *oiddata;
+
+ oiddata = SECOID_FindOID(oid);
+ if (oiddata == NULL)
+ return SEC_OID_UNKNOWN;
+
+ return oiddata->offset;
+}
+
+/* This really should return const. */
+SECOidData *
+SECOID_FindOIDByTag(SECOidTag tagnum)
+{
+ if (tagnum >= SEC_OID_TOTAL) {
+ return (SECOidData *)secoid_FindDynamicByTag(tagnum);
+ }
+
+ PORT_Assert((unsigned int)tagnum < SEC_OID_TOTAL);
+ return (SECOidData *)(&oids[tagnum]);
+}
+
+PRBool
+SECOID_KnownCertExtenOID(SECItem *extenOid)
+{
+ SECOidData *oidData;
+
+ oidData = SECOID_FindOID(extenOid);
+ if (oidData == (SECOidData *)NULL)
+ return (PR_FALSE);
+ return ((oidData->supportedExtension == SUPPORTED_CERT_EXTENSION) ? PR_TRUE : PR_FALSE);
+}
+
+const char *
+SECOID_FindOIDTagDescription(SECOidTag tagnum)
+{
+ const SECOidData *oidData = SECOID_FindOIDByTag(tagnum);
+ return oidData ? oidData->desc : 0;
+}
+
+/* --------- opaque extended OID table accessor functions ---------------*/
+/*
+ * Any of these functions may return SECSuccess or SECFailure with the error
+ * code set to SEC_ERROR_UNKNOWN_OBJECT_TYPE if the SECOidTag is out of range.
+ */
+
+static privXOid *
+secoid_FindXOidByTag(SECOidTag tagnum)
+{
+ if (tagnum >= SEC_OID_TOTAL) {
+ dynXOid *dxo = secoid_FindDynamicByTag(tagnum);
+ return (dxo ? &dxo->priv : NULL);
+ }
+
+ PORT_Assert((unsigned int)tagnum < SEC_OID_TOTAL);
+ return &xOids[tagnum];
+}
+
+/* The Get function outputs the 32-bit value associated with the SECOidTag.
+ * Flags bits are the NSS_USE_ALG_ #defines in "secoidt.h".
+ * Default value for any algorithm is 0xffffffff (enabled for all purposes).
+ * No value is output if function returns SECFailure.
+ */
+SECStatus
+NSS_GetAlgorithmPolicy(SECOidTag tag, PRUint32 *pValue)
+{
+ privXOid *pxo = secoid_FindXOidByTag(tag);
+ if (!pxo)
+ return SECFailure;
+ if (!pValue) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+ *pValue = ~(pxo->notPolicyFlags);
+ return SECSuccess;
+}
+
+/* The Set function modifies the stored value according to the following
+ * algorithm:
+ * policy[tag] = (policy[tag] & ~clearBits) | setBits;
+ */
+SECStatus
+NSS_SetAlgorithmPolicy(SECOidTag tag, PRUint32 setBits, PRUint32 clearBits)
+{
+ privXOid *pxo = secoid_FindXOidByTag(tag);
+ PRUint32 policyFlags;
+ if (!pxo)
+ return SECFailure;
+ /* The stored policy flags are the ones complement of the flags as
+ * seen by the user. This is not atomic, but these changes should
+ * be done rarely, e.g. at initialization time.
+ */
+ policyFlags = ~(pxo->notPolicyFlags);
+ policyFlags = (policyFlags & ~clearBits) | setBits;
+ pxo->notPolicyFlags = ~policyFlags;
+ return SECSuccess;
+}
+
+/* --------- END OF opaque extended OID table accessor functions ---------*/
+
+/* for now, this is only used in a single place, so it can remain static */
+static PRBool parentForkedAfterC_Initialize;
+
+#define SKIP_AFTER_FORK(x) \
+ if (!parentForkedAfterC_Initialize) \
+ x
+
+/*
+ * free up the oid tables.
+ */
+SECStatus
+SECOID_Shutdown(void)
+{
+ if (oidhash) {
+ PL_HashTableDestroy(oidhash);
+ oidhash = NULL;
+ }
+ if (oidmechhash) {
+ PL_HashTableDestroy(oidmechhash);
+ oidmechhash = NULL;
+ }
+ /* Have to handle the case where the lock was created, but
+ ** the pool wasn't.
+ ** I'm not going to attempt to create the lock, just to protect
+ ** the destruction of data that probably isn't initialized anyway.
+ */
+ if (dynOidLock) {
+ SKIP_AFTER_FORK(NSSRWLock_LockWrite(dynOidLock));
+ if (dynOidHash) {
+ PL_HashTableDestroy(dynOidHash);
+ dynOidHash = NULL;
+ }
+ if (dynOidPool) {
+ PORT_FreeArena(dynOidPool, PR_FALSE);
+ dynOidPool = NULL;
+ }
+ if (dynOidTable) {
+ PORT_Free(dynOidTable);
+ dynOidTable = NULL;
+ }
+ dynOidEntriesAllocated = 0;
+ dynOidEntriesUsed = 0;
+
+ SKIP_AFTER_FORK(NSSRWLock_UnlockWrite(dynOidLock));
+ SKIP_AFTER_FORK(NSSRWLock_Destroy(dynOidLock));
+ dynOidLock = NULL;
+ } else {
+ /* Since dynOidLock doesn't exist, then all the data it protects
+ ** should be uninitialized. We'll check that (in DEBUG builds),
+ ** and then make sure it is so, in case NSS is reinitialized.
+ */
+ PORT_Assert(!dynOidHash && !dynOidPool && !dynOidTable &&
+ !dynOidEntriesAllocated && !dynOidEntriesUsed);
+ dynOidHash = NULL;
+ dynOidPool = NULL;
+ dynOidTable = NULL;
+ dynOidEntriesAllocated = 0;
+ dynOidEntriesUsed = 0;
+ }
+ memset(xOids, 0, sizeof xOids);
+ return SECSuccess;
+}
+
+void
+UTIL_SetForkState(PRBool forked)
+{
+ parentForkedAfterC_Initialize = forked;
+}
+
+const char *
+NSSUTIL_GetVersion(void)
+{
+ return NSSUTIL_VERSION;
+}
diff --git a/security/nss/lib/util/secoid.h b/security/nss/lib/util/secoid.h
new file mode 100644
index 000000000..e6eaa8ce9
--- /dev/null
+++ b/security/nss/lib/util/secoid.h
@@ -0,0 +1,140 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECOID_H_
+#define _SECOID_H_
+
+#include "utilrename.h"
+
+/*
+ * secoid.h - public data structures and prototypes for ASN.1 OID functions
+ */
+
+#include "plarena.h"
+
+#include "seccomon.h"
+#include "secoidt.h"
+#include "secasn1t.h"
+
+SEC_BEGIN_PROTOS
+
+extern const SEC_ASN1Template SECOID_AlgorithmIDTemplate[];
+
+/* This functions simply returns the address of the above-declared template. */
+SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate)
+
+/*
+ * OID handling routines
+ */
+extern SECOidData *SECOID_FindOID(const SECItem *oid);
+extern SECOidTag SECOID_FindOIDTag(const SECItem *oid);
+extern SECOidData *SECOID_FindOIDByTag(SECOidTag tagnum);
+extern SECOidData *SECOID_FindOIDByMechanism(unsigned long mechanism);
+
+/****************************************/
+/*
+** Algorithm id handling operations
+*/
+
+/*
+** Fill in an algorithm-ID object given a tag and some parameters.
+** "aid" where the DER encoded algorithm info is stored (memory
+** is allocated)
+** "tag" the tag number defining the algorithm
+** "params" if not NULL, the parameters to go with the algorithm
+*/
+extern SECStatus SECOID_SetAlgorithmID(PLArenaPool *arena, SECAlgorithmID *aid,
+ SECOidTag tag, SECItem *params);
+
+/*
+** Copy the "src" object to "dest". Memory is allocated in "dest" for
+** each of the appropriate sub-objects. Memory in "dest" is not freed
+** before memory is allocated (use SECOID_DestroyAlgorithmID(dest, PR_FALSE)
+** to do that).
+*/
+extern SECStatus SECOID_CopyAlgorithmID(PLArenaPool *arena, SECAlgorithmID *dest,
+ const SECAlgorithmID *src);
+
+/*
+** Get the tag number for the given algorithm-id object.
+*/
+extern SECOidTag SECOID_GetAlgorithmTag(const SECAlgorithmID *aid);
+
+/*
+** Destroy an algorithm-id object.
+** "aid" the certificate-request to destroy
+** "freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void SECOID_DestroyAlgorithmID(SECAlgorithmID *aid, PRBool freeit);
+
+/*
+** Compare two algorithm-id objects, returning the difference between
+** them.
+*/
+extern SECComparison SECOID_CompareAlgorithmID(SECAlgorithmID *a,
+ SECAlgorithmID *b);
+
+extern PRBool SECOID_KnownCertExtenOID(SECItem *extenOid);
+
+/* Given a tag number, return a string describing it.
+ */
+extern const char *SECOID_FindOIDTagDescription(SECOidTag tagnum);
+
+/* Add a dynamic SECOidData to the dynamic OID table.
+** Routine copies the src entry, and returns the new SECOidTag.
+** Returns SEC_OID_INVALID if failed to add for some reason.
+*/
+extern SECOidTag SECOID_AddEntry(const SECOidData *src);
+
+/*
+ * initialize the oid data structures.
+ */
+extern SECStatus SECOID_Init(void);
+
+/*
+ * free up the oid data structures.
+ */
+extern SECStatus SECOID_Shutdown(void);
+
+/* if to->data is not NULL, and to->len is large enough to hold the result,
+ * then the resultant OID will be copyed into to->data, and to->len will be
+ * changed to show the actual OID length.
+ * Otherwise, memory for the OID will be allocated (from the caller's
+ * PLArenaPool, if pool is non-NULL) and to->data will receive the address
+ * of the allocated data, and to->len will receive the OID length.
+ * The original value of to->data is not freed when a new buffer is allocated.
+ *
+ * The input string may begin with "OID." and this still be ignored.
+ * The length of the input string is given in len. If len == 0, then
+ * len will be computed as strlen(from), meaning it must be NUL terminated.
+ * It is an error if from == NULL, or if *from == '\0'.
+ */
+extern SECStatus SEC_StringToOID(PLArenaPool *pool, SECItem *to,
+ const char *from, PRUint32 len);
+
+extern void UTIL_SetForkState(PRBool forked);
+
+/*
+ * Accessor functions for new opaque extended SECOID table.
+ * Any of these functions may return SECSuccess or SECFailure with the error
+ * code set to SEC_ERROR_UNKNOWN_OBJECT_TYPE if the SECOidTag is out of range.
+ */
+
+/* The Get function outputs the 32-bit value associated with the SECOidTag.
+ * Flags bits are the NSS_USE_ALG_ #defines in "secoidt.h".
+ * Default value for any algorithm is 0xffffffff (enabled for all purposes).
+ * No value is output if function returns SECFailure.
+ */
+extern SECStatus NSS_GetAlgorithmPolicy(SECOidTag tag, PRUint32 *pValue);
+
+/* The Set function modifies the stored value according to the following
+ * algorithm:
+ * policy[tag] = (policy[tag] & ~clearBits) | setBits;
+ */
+extern SECStatus
+NSS_SetAlgorithmPolicy(SECOidTag tag, PRUint32 setBits, PRUint32 clearBits);
+
+SEC_END_PROTOS
+
+#endif /* _SECOID_H_ */
diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h
new file mode 100644
index 000000000..0a40f29fd
--- /dev/null
+++ b/security/nss/lib/util/secoidt.h
@@ -0,0 +1,540 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECOIDT_H_
+#define _SECOIDT_H_
+
+#include "utilrename.h"
+
+/*
+ * secoidt.h - public data structures for ASN.1 OID functions
+ */
+
+#include "secitem.h"
+
+typedef struct SECOidDataStr SECOidData;
+typedef struct SECAlgorithmIDStr SECAlgorithmID;
+
+/*
+** An X.500 algorithm identifier
+*/
+struct SECAlgorithmIDStr {
+ SECItem algorithm;
+ SECItem parameters;
+};
+
+/*
+ * Misc object IDs - these numbers are for convenient handling.
+ * They are mapped into real object IDs
+ *
+ * NOTE: the order of these entries must mach the array "oids" of SECOidData
+ * in util/secoid.c.
+ */
+typedef enum {
+ SEC_OID_UNKNOWN = 0,
+ SEC_OID_MD2 = 1,
+ SEC_OID_MD4 = 2,
+ SEC_OID_MD5 = 3,
+ SEC_OID_SHA1 = 4,
+ SEC_OID_RC2_CBC = 5,
+ SEC_OID_RC4 = 6,
+ SEC_OID_DES_EDE3_CBC = 7,
+ SEC_OID_RC5_CBC_PAD = 8,
+ SEC_OID_DES_ECB = 9,
+ SEC_OID_DES_CBC = 10,
+ SEC_OID_DES_OFB = 11,
+ SEC_OID_DES_CFB = 12,
+ SEC_OID_DES_MAC = 13,
+ SEC_OID_DES_EDE = 14,
+ SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE = 15,
+ SEC_OID_PKCS1_RSA_ENCRYPTION = 16,
+ SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = 17,
+ SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = 18,
+ SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = 19,
+ SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = 20,
+ SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = 21,
+ SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = 22,
+ SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = 23,
+ SEC_OID_PKCS7 = 24,
+ SEC_OID_PKCS7_DATA = 25,
+ SEC_OID_PKCS7_SIGNED_DATA = 26,
+ SEC_OID_PKCS7_ENVELOPED_DATA = 27,
+ SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA = 28,
+ SEC_OID_PKCS7_DIGESTED_DATA = 29,
+ SEC_OID_PKCS7_ENCRYPTED_DATA = 30,
+ SEC_OID_PKCS9_EMAIL_ADDRESS = 31,
+ SEC_OID_PKCS9_UNSTRUCTURED_NAME = 32,
+ SEC_OID_PKCS9_CONTENT_TYPE = 33,
+ SEC_OID_PKCS9_MESSAGE_DIGEST = 34,
+ SEC_OID_PKCS9_SIGNING_TIME = 35,
+ SEC_OID_PKCS9_COUNTER_SIGNATURE = 36,
+ SEC_OID_PKCS9_CHALLENGE_PASSWORD = 37,
+ SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS = 38,
+ SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = 39,
+ SEC_OID_PKCS9_SMIME_CAPABILITIES = 40,
+ SEC_OID_AVA_COMMON_NAME = 41,
+ SEC_OID_AVA_COUNTRY_NAME = 42,
+ SEC_OID_AVA_LOCALITY = 43,
+ SEC_OID_AVA_STATE_OR_PROVINCE = 44,
+ SEC_OID_AVA_ORGANIZATION_NAME = 45,
+ SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME = 46,
+ SEC_OID_AVA_DN_QUALIFIER = 47,
+ SEC_OID_AVA_DC = 48,
+
+ SEC_OID_NS_TYPE_GIF = 49,
+ SEC_OID_NS_TYPE_JPEG = 50,
+ SEC_OID_NS_TYPE_URL = 51,
+ SEC_OID_NS_TYPE_HTML = 52,
+ SEC_OID_NS_TYPE_CERT_SEQUENCE = 53,
+ SEC_OID_MISSI_KEA_DSS_OLD = 54,
+ SEC_OID_MISSI_DSS_OLD = 55,
+ SEC_OID_MISSI_KEA_DSS = 56,
+ SEC_OID_MISSI_DSS = 57,
+ SEC_OID_MISSI_KEA = 58,
+ SEC_OID_MISSI_ALT_KEA = 59,
+
+ /* Netscape private certificate extensions */
+ SEC_OID_NS_CERT_EXT_NETSCAPE_OK = 60,
+ SEC_OID_NS_CERT_EXT_ISSUER_LOGO = 61,
+ SEC_OID_NS_CERT_EXT_SUBJECT_LOGO = 62,
+ SEC_OID_NS_CERT_EXT_CERT_TYPE = 63,
+ SEC_OID_NS_CERT_EXT_BASE_URL = 64,
+ SEC_OID_NS_CERT_EXT_REVOCATION_URL = 65,
+ SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL = 66,
+ SEC_OID_NS_CERT_EXT_CA_CRL_URL = 67,
+ SEC_OID_NS_CERT_EXT_CA_CERT_URL = 68,
+ SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL = 69,
+ SEC_OID_NS_CERT_EXT_CA_POLICY_URL = 70,
+ SEC_OID_NS_CERT_EXT_HOMEPAGE_URL = 71,
+ SEC_OID_NS_CERT_EXT_ENTITY_LOGO = 72,
+ SEC_OID_NS_CERT_EXT_USER_PICTURE = 73,
+ SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME = 74,
+ SEC_OID_NS_CERT_EXT_COMMENT = 75,
+ SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL = 76,
+ SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME = 77,
+ SEC_OID_NS_KEY_USAGE_GOVT_APPROVED = 78,
+
+ /* x.509 v3 Extensions */
+ SEC_OID_X509_SUBJECT_DIRECTORY_ATTR = 79,
+ SEC_OID_X509_SUBJECT_KEY_ID = 80,
+ SEC_OID_X509_KEY_USAGE = 81,
+ SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD = 82,
+ SEC_OID_X509_SUBJECT_ALT_NAME = 83,
+ SEC_OID_X509_ISSUER_ALT_NAME = 84,
+ SEC_OID_X509_BASIC_CONSTRAINTS = 85,
+ SEC_OID_X509_NAME_CONSTRAINTS = 86,
+ SEC_OID_X509_CRL_DIST_POINTS = 87,
+ SEC_OID_X509_CERTIFICATE_POLICIES = 88,
+ SEC_OID_X509_POLICY_MAPPINGS = 89,
+ SEC_OID_X509_POLICY_CONSTRAINTS = 90,
+ SEC_OID_X509_AUTH_KEY_ID = 91,
+ SEC_OID_X509_EXT_KEY_USAGE = 92,
+ SEC_OID_X509_AUTH_INFO_ACCESS = 93,
+
+ SEC_OID_X509_CRL_NUMBER = 94,
+ SEC_OID_X509_REASON_CODE = 95,
+ SEC_OID_X509_INVALID_DATE = 96,
+ /* End of x.509 v3 Extensions */
+
+ SEC_OID_X500_RSA_ENCRYPTION = 97,
+
+ /* alg 1485 additions */
+ SEC_OID_RFC1274_UID = 98,
+ SEC_OID_RFC1274_MAIL = 99,
+
+ /* PKCS 12 additions */
+ SEC_OID_PKCS12 = 100,
+ SEC_OID_PKCS12_MODE_IDS = 101,
+ SEC_OID_PKCS12_ESPVK_IDS = 102,
+ SEC_OID_PKCS12_BAG_IDS = 103,
+ SEC_OID_PKCS12_CERT_BAG_IDS = 104,
+ SEC_OID_PKCS12_OIDS = 105,
+ SEC_OID_PKCS12_PBE_IDS = 106,
+ SEC_OID_PKCS12_SIGNATURE_IDS = 107,
+ SEC_OID_PKCS12_ENVELOPING_IDS = 108,
+ /* SEC_OID_PKCS12_OFFLINE_TRANSPORT_MODE,
+ SEC_OID_PKCS12_ONLINE_TRANSPORT_MODE, */
+ SEC_OID_PKCS12_PKCS8_KEY_SHROUDING = 109,
+ SEC_OID_PKCS12_KEY_BAG_ID = 110,
+ SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID = 111,
+ SEC_OID_PKCS12_SECRET_BAG_ID = 112,
+ SEC_OID_PKCS12_X509_CERT_CRL_BAG = 113,
+ SEC_OID_PKCS12_SDSI_CERT_BAG = 114,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = 115,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = 116,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC = 117,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 118,
+ SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 119,
+ SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 = 120,
+ SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 = 121,
+ SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES = 122,
+ SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST = 123,
+ /* end of PKCS 12 additions */
+
+ /* DSA signatures */
+ SEC_OID_ANSIX9_DSA_SIGNATURE = 124,
+ SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = 125,
+ SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = 126,
+
+ /* Verisign OIDs */
+ SEC_OID_VERISIGN_USER_NOTICES = 127,
+
+ /* PKIX OIDs */
+ SEC_OID_PKIX_CPS_POINTER_QUALIFIER = 128,
+ SEC_OID_PKIX_USER_NOTICE_QUALIFIER = 129,
+ SEC_OID_PKIX_OCSP = 130,
+ SEC_OID_PKIX_OCSP_BASIC_RESPONSE = 131,
+ SEC_OID_PKIX_OCSP_NONCE = 132,
+ SEC_OID_PKIX_OCSP_CRL = 133,
+ SEC_OID_PKIX_OCSP_RESPONSE = 134,
+ SEC_OID_PKIX_OCSP_NO_CHECK = 135,
+ SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF = 136,
+ SEC_OID_PKIX_OCSP_SERVICE_LOCATOR = 137,
+ SEC_OID_PKIX_REGCTRL_REGTOKEN = 138,
+ SEC_OID_PKIX_REGCTRL_AUTHENTICATOR = 139,
+ SEC_OID_PKIX_REGCTRL_PKIPUBINFO = 140,
+ SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = 141,
+ SEC_OID_PKIX_REGCTRL_OLD_CERT_ID = 142,
+ SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = 143,
+ SEC_OID_PKIX_REGINFO_UTF8_PAIRS = 144,
+ SEC_OID_PKIX_REGINFO_CERT_REQUEST = 145,
+ SEC_OID_EXT_KEY_USAGE_SERVER_AUTH = 146,
+ SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH = 147,
+ SEC_OID_EXT_KEY_USAGE_CODE_SIGN = 148,
+ SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT = 149,
+ SEC_OID_EXT_KEY_USAGE_TIME_STAMP = 150,
+ SEC_OID_OCSP_RESPONDER = 151,
+
+ /* Netscape Algorithm OIDs */
+ SEC_OID_NETSCAPE_SMIME_KEA = 152,
+
+ /* Skipjack OID -- ### mwelch temporary */
+ SEC_OID_FORTEZZA_SKIPJACK = 153,
+
+ /* PKCS 12 V2 oids */
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 = 154,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 = 155,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC = 156,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC = 157,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 158,
+ SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 159,
+ SEC_OID_PKCS12_SAFE_CONTENTS_ID = 160,
+ SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID = 161,
+
+ SEC_OID_PKCS12_V1_KEY_BAG_ID = 162,
+ SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID = 163,
+ SEC_OID_PKCS12_V1_CERT_BAG_ID = 164,
+ SEC_OID_PKCS12_V1_CRL_BAG_ID = 165,
+ SEC_OID_PKCS12_V1_SECRET_BAG_ID = 166,
+ SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID = 167,
+ SEC_OID_PKCS9_X509_CERT = 168,
+ SEC_OID_PKCS9_SDSI_CERT = 169,
+ SEC_OID_PKCS9_X509_CRL = 170,
+ SEC_OID_PKCS9_FRIENDLY_NAME = 171,
+ SEC_OID_PKCS9_LOCAL_KEY_ID = 172,
+ SEC_OID_BOGUS_KEY_USAGE = 173,
+
+ /*Diffe Helman OIDS */
+ SEC_OID_X942_DIFFIE_HELMAN_KEY = 174,
+
+ /* Netscape other name types */
+ /* SEC_OID_NETSCAPE_NICKNAME is an otherName field of type IA5String
+ * in the subjectAltName certificate extension. NSS dropped support
+ * for SEC_OID_NETSCAPE_NICKNAME in NSS 3.13. */
+ SEC_OID_NETSCAPE_NICKNAME = 175,
+
+ /* Cert Server OIDS */
+ SEC_OID_NETSCAPE_RECOVERY_REQUEST = 176,
+
+ /* New PSM certificate management OIDs */
+ SEC_OID_CERT_RENEWAL_LOCATOR = 177,
+ SEC_OID_NS_CERT_EXT_SCOPE_OF_USE = 178,
+
+ /* CMS (RFC2630) OIDs */
+ SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = 179,
+ SEC_OID_CMS_3DES_KEY_WRAP = 180,
+ SEC_OID_CMS_RC2_KEY_WRAP = 181,
+
+ /* SMIME attributes */
+ SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE = 182,
+
+ /* AES OIDs */
+ SEC_OID_AES_128_ECB = 183,
+ SEC_OID_AES_128_CBC = 184,
+ SEC_OID_AES_192_ECB = 185,
+ SEC_OID_AES_192_CBC = 186,
+ SEC_OID_AES_256_ECB = 187,
+ SEC_OID_AES_256_CBC = 188,
+
+ SEC_OID_SDN702_DSA_SIGNATURE = 189,
+
+ SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE = 190,
+
+ SEC_OID_SHA256 = 191,
+ SEC_OID_SHA384 = 192,
+ SEC_OID_SHA512 = 193,
+
+ SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION = 194,
+ SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION = 195,
+ SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION = 196,
+
+ SEC_OID_AES_128_KEY_WRAP = 197,
+ SEC_OID_AES_192_KEY_WRAP = 198,
+ SEC_OID_AES_256_KEY_WRAP = 199,
+
+ /* Elliptic Curve Cryptography (ECC) OIDs */
+ SEC_OID_ANSIX962_EC_PUBLIC_KEY = 200,
+ SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE = 201,
+
+#define SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST \
+ SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE
+
+ /* ANSI X9.62 named elliptic curves (prime field) */
+ SEC_OID_ANSIX962_EC_PRIME192V1 = 202,
+ SEC_OID_ANSIX962_EC_PRIME192V2 = 203,
+ SEC_OID_ANSIX962_EC_PRIME192V3 = 204,
+ SEC_OID_ANSIX962_EC_PRIME239V1 = 205,
+ SEC_OID_ANSIX962_EC_PRIME239V2 = 206,
+ SEC_OID_ANSIX962_EC_PRIME239V3 = 207,
+ SEC_OID_ANSIX962_EC_PRIME256V1 = 208,
+
+ /* SECG named elliptic curves (prime field) */
+ SEC_OID_SECG_EC_SECP112R1 = 209,
+ SEC_OID_SECG_EC_SECP112R2 = 210,
+ SEC_OID_SECG_EC_SECP128R1 = 211,
+ SEC_OID_SECG_EC_SECP128R2 = 212,
+ SEC_OID_SECG_EC_SECP160K1 = 213,
+ SEC_OID_SECG_EC_SECP160R1 = 214,
+ SEC_OID_SECG_EC_SECP160R2 = 215,
+ SEC_OID_SECG_EC_SECP192K1 = 216,
+ /* SEC_OID_SECG_EC_SECP192R1 is SEC_OID_ANSIX962_EC_PRIME192V1 */
+ SEC_OID_SECG_EC_SECP224K1 = 217,
+ SEC_OID_SECG_EC_SECP224R1 = 218,
+ SEC_OID_SECG_EC_SECP256K1 = 219,
+ /* SEC_OID_SECG_EC_SECP256R1 is SEC_OID_ANSIX962_EC_PRIME256V1 */
+ SEC_OID_SECG_EC_SECP384R1 = 220,
+ SEC_OID_SECG_EC_SECP521R1 = 221,
+
+ /* ANSI X9.62 named elliptic curves (characteristic two field) */
+ SEC_OID_ANSIX962_EC_C2PNB163V1 = 222,
+ SEC_OID_ANSIX962_EC_C2PNB163V2 = 223,
+ SEC_OID_ANSIX962_EC_C2PNB163V3 = 224,
+ SEC_OID_ANSIX962_EC_C2PNB176V1 = 225,
+ SEC_OID_ANSIX962_EC_C2TNB191V1 = 226,
+ SEC_OID_ANSIX962_EC_C2TNB191V2 = 227,
+ SEC_OID_ANSIX962_EC_C2TNB191V3 = 228,
+ SEC_OID_ANSIX962_EC_C2ONB191V4 = 229,
+ SEC_OID_ANSIX962_EC_C2ONB191V5 = 230,
+ SEC_OID_ANSIX962_EC_C2PNB208W1 = 231,
+ SEC_OID_ANSIX962_EC_C2TNB239V1 = 232,
+ SEC_OID_ANSIX962_EC_C2TNB239V2 = 233,
+ SEC_OID_ANSIX962_EC_C2TNB239V3 = 234,
+ SEC_OID_ANSIX962_EC_C2ONB239V4 = 235,
+ SEC_OID_ANSIX962_EC_C2ONB239V5 = 236,
+ SEC_OID_ANSIX962_EC_C2PNB272W1 = 237,
+ SEC_OID_ANSIX962_EC_C2PNB304W1 = 238,
+ SEC_OID_ANSIX962_EC_C2TNB359V1 = 239,
+ SEC_OID_ANSIX962_EC_C2PNB368W1 = 240,
+ SEC_OID_ANSIX962_EC_C2TNB431R1 = 241,
+
+ /* SECG named elliptic curves (characteristic two field) */
+ SEC_OID_SECG_EC_SECT113R1 = 242,
+ SEC_OID_SECG_EC_SECT113R2 = 243,
+ SEC_OID_SECG_EC_SECT131R1 = 244,
+ SEC_OID_SECG_EC_SECT131R2 = 245,
+ SEC_OID_SECG_EC_SECT163K1 = 246,
+ SEC_OID_SECG_EC_SECT163R1 = 247,
+ SEC_OID_SECG_EC_SECT163R2 = 248,
+ SEC_OID_SECG_EC_SECT193R1 = 249,
+ SEC_OID_SECG_EC_SECT193R2 = 250,
+ SEC_OID_SECG_EC_SECT233K1 = 251,
+ SEC_OID_SECG_EC_SECT233R1 = 252,
+ SEC_OID_SECG_EC_SECT239K1 = 253,
+ SEC_OID_SECG_EC_SECT283K1 = 254,
+ SEC_OID_SECG_EC_SECT283R1 = 255,
+ SEC_OID_SECG_EC_SECT409K1 = 256,
+ SEC_OID_SECG_EC_SECT409R1 = 257,
+ SEC_OID_SECG_EC_SECT571K1 = 258,
+ SEC_OID_SECG_EC_SECT571R1 = 259,
+
+ SEC_OID_NETSCAPE_AOLSCREENNAME = 260,
+
+ SEC_OID_AVA_SURNAME = 261,
+ SEC_OID_AVA_SERIAL_NUMBER = 262,
+ SEC_OID_AVA_STREET_ADDRESS = 263,
+ SEC_OID_AVA_TITLE = 264,
+ SEC_OID_AVA_POSTAL_ADDRESS = 265,
+ SEC_OID_AVA_POSTAL_CODE = 266,
+ SEC_OID_AVA_POST_OFFICE_BOX = 267,
+ SEC_OID_AVA_GIVEN_NAME = 268,
+ SEC_OID_AVA_INITIALS = 269,
+ SEC_OID_AVA_GENERATION_QUALIFIER = 270,
+ SEC_OID_AVA_HOUSE_IDENTIFIER = 271,
+ SEC_OID_AVA_PSEUDONYM = 272,
+
+ /* More OIDs */
+ SEC_OID_PKIX_CA_ISSUERS = 273,
+ SEC_OID_PKCS9_EXTENSION_REQUEST = 274,
+
+ /* new EC Signature oids */
+ SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST = 275,
+ SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST = 276,
+ SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE = 277,
+ SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE = 278,
+ SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE = 279,
+ SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE = 280,
+
+ /* More id-ce and id-pe OIDs from RFC 3280 */
+ SEC_OID_X509_HOLD_INSTRUCTION_CODE = 281,
+ SEC_OID_X509_DELTA_CRL_INDICATOR = 282,
+ SEC_OID_X509_ISSUING_DISTRIBUTION_POINT = 283,
+ SEC_OID_X509_CERT_ISSUER = 284,
+ SEC_OID_X509_FRESHEST_CRL = 285,
+ SEC_OID_X509_INHIBIT_ANY_POLICY = 286,
+ SEC_OID_X509_SUBJECT_INFO_ACCESS = 287,
+
+ /* Camellia OIDs (RFC3657)*/
+ SEC_OID_CAMELLIA_128_CBC = 288,
+ SEC_OID_CAMELLIA_192_CBC = 289,
+ SEC_OID_CAMELLIA_256_CBC = 290,
+
+ /* PKCS 5 V2 OIDS */
+ SEC_OID_PKCS5_PBKDF2 = 291,
+ SEC_OID_PKCS5_PBES2 = 292,
+ SEC_OID_PKCS5_PBMAC1 = 293,
+ SEC_OID_HMAC_SHA1 = 294,
+ SEC_OID_HMAC_SHA224 = 295,
+ SEC_OID_HMAC_SHA256 = 296,
+ SEC_OID_HMAC_SHA384 = 297,
+ SEC_OID_HMAC_SHA512 = 298,
+
+ SEC_OID_PKIX_TIMESTAMPING = 299,
+ SEC_OID_PKIX_CA_REPOSITORY = 300,
+
+ SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE = 301,
+
+ SEC_OID_SEED_CBC = 302,
+
+ SEC_OID_X509_ANY_POLICY = 303,
+
+ SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION = 304,
+ SEC_OID_PKCS1_MGF1 = 305,
+ SEC_OID_PKCS1_PSPECIFIED = 306,
+ SEC_OID_PKCS1_RSA_PSS_SIGNATURE = 307,
+ SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION = 308,
+
+ SEC_OID_SHA224 = 309,
+
+ SEC_OID_EV_INCORPORATION_LOCALITY = 310,
+ SEC_OID_EV_INCORPORATION_STATE = 311,
+ SEC_OID_EV_INCORPORATION_COUNTRY = 312,
+ SEC_OID_BUSINESS_CATEGORY = 313,
+
+ SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST = 314,
+ SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST = 315,
+
+ /* Microsoft Trust List Signing
+ * szOID_KP_CTL_USAGE_SIGNING
+ * where KP stands for Key Purpose
+ */
+ SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING = 316,
+
+ /* The 'name' attribute type in X.520 */
+ SEC_OID_AVA_NAME = 317,
+
+ SEC_OID_AES_128_GCM = 318,
+ SEC_OID_AES_192_GCM = 319,
+ SEC_OID_AES_256_GCM = 320,
+ SEC_OID_IDEA_CBC = 321,
+
+ /* pseudo - OIDs */
+
+ SEC_OID_RC2_40_CBC = 322,
+ SEC_OID_DES_40_CBC = 323,
+ SEC_OID_RC4_40 = 324,
+ SEC_OID_RC4_56 = 325,
+ SEC_OID_NULL_CIPHER = 326,
+
+ SEC_OID_HMAC_MD5 = 327,
+
+ SEC_OID_TLS_RSA = 328,
+ SEC_OID_TLS_DHE_RSA = 329,
+ SEC_OID_TLS_DHE_DSS = 330,
+ SEC_OID_TLS_DH_RSA = 331,
+ SEC_OID_TLS_DH_DSS = 332,
+ SEC_OID_TLS_DH_ANON = 333,
+ SEC_OID_TLS_ECDHE_ECDSA = 334,
+ SEC_OID_TLS_ECDHE_RSA = 335,
+ SEC_OID_TLS_ECDH_ECDSA = 336,
+ SEC_OID_TLS_ECDH_RSA = 337,
+ SEC_OID_TLS_ECDH_ANON = 338,
+ SEC_OID_TLS_RSA_EXPORT = 339,
+
+ SEC_OID_TLS_DHE_RSA_EXPORT = 340,
+ SEC_OID_TLS_DHE_DSS_EXPORT = 341,
+ SEC_OID_TLS_DH_RSA_EXPORT = 342,
+ SEC_OID_TLS_DH_DSS_EXPORT = 343,
+ SEC_OID_TLS_DH_ANON_EXPORT = 344,
+ SEC_OID_APPLY_SSL_POLICY = 345,
+
+ SEC_OID_CHACHA20_POLY1305 = 346,
+
+ SEC_OID_TLS_ECDHE_PSK = 347,
+ SEC_OID_TLS_DHE_PSK = 348,
+
+ SEC_OID_TLS_FFDHE_2048 = 349,
+ SEC_OID_TLS_FFDHE_3072 = 350,
+ SEC_OID_TLS_FFDHE_4096 = 351,
+ SEC_OID_TLS_FFDHE_6144 = 352,
+ SEC_OID_TLS_FFDHE_8192 = 353,
+ SEC_OID_TLS_DHE_CUSTOM = 354,
+
+ SEC_OID_CURVE25519 = 355,
+
+ SEC_OID_TLS13_KEA_ANY = 356,
+
+ SEC_OID_TOTAL
+} SECOidTag;
+
+#define SEC_OID_SECG_EC_SECP192R1 SEC_OID_ANSIX962_EC_PRIME192V1
+#define SEC_OID_SECG_EC_SECP256R1 SEC_OID_ANSIX962_EC_PRIME256V1
+#define SEC_OID_PKCS12_KEY_USAGE SEC_OID_X509_KEY_USAGE
+
+/* fake OID for DSS sign/verify */
+#define SEC_OID_SHA SEC_OID_MISS_DSS
+
+typedef enum {
+ INVALID_CERT_EXTENSION = 0,
+ UNSUPPORTED_CERT_EXTENSION = 1,
+ SUPPORTED_CERT_EXTENSION = 2
+} SECSupportExtenTag;
+
+struct SECOidDataStr {
+ SECItem oid;
+ SECOidTag offset;
+ const char* desc;
+ unsigned long mechanism;
+ SECSupportExtenTag supportedExtension;
+ /* only used for x.509 v3 extensions, so
+ that we can print the names of those
+ extensions that we don't even support */
+};
+
+/* New Opaque extended OID table API.
+ * These are algorithm policy Flags, used with functions
+ * NSS_SetAlgorithmPolicy & NSS_GetAlgorithmPolicy.
+ */
+#define NSS_USE_ALG_IN_CERT_SIGNATURE 0x00000001 /* CRLs and OCSP, too */
+#define NSS_USE_ALG_IN_CMS_SIGNATURE 0x00000002 /* used in S/MIME */
+#define NSS_USE_ALG_IN_SSL_KX 0x00000004 /* used in SSL key exchange */
+#define NSS_USE_ALG_IN_SSL 0x00000008 /* used in SSL record protocol */
+#define NSS_USE_POLICY_IN_SSL 0x00000010 /* enable policy in SSL protocol */
+#define NSS_USE_ALG_RESERVED 0xfffffffc /* may be used in future */
+
+/* Code MUST NOT SET or CLEAR reserved bits, and must NOT depend on them
+ * being all zeros or having any other known value. The reserved bits
+ * must be ignored.
+ */
+
+#endif /* _SECOIDT_H_ */
diff --git a/security/nss/lib/util/secplcy.c b/security/nss/lib/util/secplcy.c
new file mode 100644
index 000000000..0c784d055
--- /dev/null
+++ b/security/nss/lib/util/secplcy.c
@@ -0,0 +1,83 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "secplcy.h"
+#include "prmem.h"
+
+SECCipherFind *
+sec_CipherFindInit(PRBool onlyAllowed,
+ secCPStruct *policy,
+ long *ciphers)
+{
+ SECCipherFind *find = PR_NEWZAP(SECCipherFind);
+ if (find) {
+ find->policy = policy;
+ find->ciphers = ciphers;
+ find->onlyAllowed = onlyAllowed;
+ find->index = -1;
+ }
+ return find;
+}
+
+long
+sec_CipherFindNext(SECCipherFind *find)
+{
+ char *policy;
+ long rv = -1;
+ secCPStruct *policies = (secCPStruct *)find->policy;
+ long *ciphers = (long *)find->ciphers;
+ long numCiphers = policies->num_ciphers;
+
+ find->index++;
+ while ((find->index < numCiphers) && (rv == -1)) {
+ /* Translate index to cipher. */
+ rv = ciphers[find->index];
+
+ /* If we're only looking for allowed ciphers, and if this
+ cipher isn't allowed, loop around.*/
+ if (find->onlyAllowed) {
+ /* Find the appropriate policy flag. */
+ policy = (&(policies->begin_ciphers)) + find->index + 1;
+
+ /* If this cipher isn't allowed by policy, continue. */
+ if (!(*policy)) {
+ rv = -1;
+ find->index++;
+ }
+ }
+ }
+
+ return rv;
+}
+
+char
+sec_IsCipherAllowed(long cipher, secCPStruct *policies,
+ long *ciphers)
+{
+ char result = SEC_CIPHER_NOT_ALLOWED; /* our default answer */
+ long numCiphers = policies->num_ciphers;
+ char *policy;
+ int i;
+
+ /* Convert the cipher number into a policy flag location. */
+ for (i = 0, policy = (&(policies->begin_ciphers) + 1);
+ i < numCiphers;
+ i++, policy++) {
+ if (cipher == ciphers[i])
+ break;
+ }
+
+ if (i < numCiphers) {
+ /* Found the cipher, get the policy value. */
+ result = *policy;
+ }
+
+ return result;
+}
+
+void
+sec_CipherFindEnd(SECCipherFind *find)
+{
+ PR_FREEIF(find);
+}
diff --git a/security/nss/lib/util/secplcy.h b/security/nss/lib/util/secplcy.h
new file mode 100644
index 000000000..6a85e03f1
--- /dev/null
+++ b/security/nss/lib/util/secplcy.h
@@ -0,0 +1,104 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __secplcy_h__
+#define __secplcy_h__
+
+#include "utilrename.h"
+
+#include "prtypes.h"
+
+/*
+** Cipher policy enforcement. This code isn't very pretty, but it accomplishes
+** the purpose of obscuring policy information from potential fortifiers. :-)
+**
+** The following routines are generic and intended for anywhere where cipher
+** policy enforcement is to be done, e.g. SSL and PKCS7&12.
+*/
+
+#define SEC_CIPHER_NOT_ALLOWED 0
+#define SEC_CIPHER_ALLOWED 1
+#define SEC_CIPHER_RESTRICTED 2 /* cipher is allowed in limited cases \
+ e.g. step-up */
+
+/* The length of the header string for each cipher table.
+ (It's the same regardless of whether we're using md5 strings or not.) */
+#define SEC_POLICY_HEADER_LENGTH 48
+
+/* If we're testing policy stuff, we may want to use the plaintext version */
+#define SEC_POLICY_USE_MD5_STRINGS 1
+
+#define SEC_POLICY_THIS_IS_THE \
+ "\x2a\x3a\x51\xbf\x2f\x71\xb7\x73\xaa\xca\x6b\x57\x70\xcd\xc8\x9f"
+#define SEC_POLICY_STRING_FOR_THE \
+ "\x97\x15\xe2\x70\xd2\x8a\xde\xa9\xe7\xa7\x6a\xe2\x83\xe5\xb1\xf6"
+#define SEC_POLICY_SSL_TAIL \
+ "\x70\x16\x25\xc0\x2a\xb2\x4a\xca\xb6\x67\xb1\x89\x20\xdf\x87\xca"
+#define SEC_POLICY_SMIME_TAIL \
+ "\xdf\xd4\xe7\x2a\xeb\xc4\x1b\xb5\xd8\xe5\xe0\x2a\x16\x9f\xc4\xb9"
+#define SEC_POLICY_PKCS12_TAIL \
+ "\x1c\xf8\xa4\x85\x4a\xc6\x8a\xfe\xe6\xca\x03\x72\x50\x1c\xe2\xc8"
+
+#if defined(SEC_POLICY_USE_MD5_STRINGS)
+
+/* We're not testing.
+ Use md5 checksums of the strings. */
+
+#define SEC_POLICY_SSL_HEADER \
+ SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SSL_TAIL
+
+#define SEC_POLICY_SMIME_HEADER \
+ SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SMIME_TAIL
+
+#define SEC_POLICY_PKCS12_HEADER \
+ SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_PKCS12_TAIL
+
+#else
+
+/* We're testing.
+ Use plaintext versions of the strings, for testing purposes. */
+#define SEC_POLICY_SSL_HEADER \
+ "This is the string for the SSL policy table. "
+#define SEC_POLICY_SMIME_HEADER \
+ "This is the string for the PKCS7 policy table. "
+#define SEC_POLICY_PKCS12_HEADER \
+ "This is the string for the PKCS12 policy table. "
+
+#endif
+
+/* Local cipher tables have to have these members at the top. */
+typedef struct _sec_cp_struct {
+ char policy_string[SEC_POLICY_HEADER_LENGTH];
+ long unused; /* placeholder for max keybits in pkcs12 struct */
+ char num_ciphers;
+ char begin_ciphers;
+ /* cipher policy settings follow. each is a char. */
+} secCPStruct;
+
+struct SECCipherFindStr {
+ /* (policy) and (ciphers) are opaque to the outside world */
+ void *policy;
+ void *ciphers;
+ long index;
+ PRBool onlyAllowed;
+};
+
+typedef struct SECCipherFindStr SECCipherFind;
+
+SEC_BEGIN_PROTOS
+
+SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
+ secCPStruct *policy,
+ long *ciphers);
+
+long sec_CipherFindNext(SECCipherFind *find);
+
+char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
+ long *ciphers);
+
+void sec_CipherFindEnd(SECCipherFind *find);
+
+SEC_END_PROTOS
+
+#endif /* __SECPLCY_H__ */
diff --git a/security/nss/lib/util/secport.c b/security/nss/lib/util/secport.c
new file mode 100644
index 000000000..0eea0cda0
--- /dev/null
+++ b/security/nss/lib/util/secport.c
@@ -0,0 +1,732 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * secport.c - portability interfaces for security libraries
+ *
+ * This file abstracts out libc functionality that libsec depends on
+ *
+ * NOTE - These are not public interfaces
+ */
+
+#include "seccomon.h"
+#include "prmem.h"
+#include "prerror.h"
+#include "plarena.h"
+#include "secerr.h"
+#include "prmon.h"
+#include "nssilock.h"
+#include "secport.h"
+#include "prenv.h"
+#include "prinit.h"
+
+#ifdef DEBUG
+#define THREADMARK
+#endif /* DEBUG */
+
+#ifdef THREADMARK
+#include "prthread.h"
+#endif /* THREADMARK */
+
+#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
+#include <stdlib.h>
+#else
+#include "wtypes.h"
+#endif
+
+#define SET_ERROR_CODE /* place holder for code to set PR error code. */
+
+#ifdef THREADMARK
+typedef struct threadmark_mark_str {
+ struct threadmark_mark_str *next;
+ void *mark;
+} threadmark_mark;
+
+#endif /* THREADMARK */
+
+/* The value of this magic must change each time PORTArenaPool changes. */
+#define ARENAPOOL_MAGIC 0xB8AC9BDF
+
+#define CHEAP_ARENAPOOL_MAGIC 0x3F16BB09
+
+typedef struct PORTArenaPool_str {
+ PLArenaPool arena;
+ PRUint32 magic;
+ PRLock *lock;
+#ifdef THREADMARK
+ PRThread *marking_thread;
+ threadmark_mark *first_mark;
+#endif
+} PORTArenaPool;
+
+/* locations for registering Unicode conversion functions.
+ * XXX is this the appropriate location? or should they be
+ * moved to client/server specific locations?
+ */
+PORTCharConversionFunc ucs4Utf8ConvertFunc;
+PORTCharConversionFunc ucs2Utf8ConvertFunc;
+PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
+
+/* NSPR memory allocation functions (PR_Malloc, PR_Calloc, and PR_Realloc)
+ * use the PRUint32 type for the size parameter. Before we pass a size_t or
+ * unsigned long size to these functions, we need to ensure it is <= half of
+ * the maximum PRUint32 value to avoid truncation and catch a negative size.
+ */
+#define MAX_SIZE (PR_UINT32_MAX >> 1)
+
+void *
+PORT_Alloc(size_t bytes)
+{
+ void *rv = NULL;
+
+ if (bytes <= MAX_SIZE) {
+ /* Always allocate a non-zero amount of bytes */
+ rv = PR_Malloc(bytes ? bytes : 1);
+ }
+ if (!rv) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ return rv;
+}
+
+void *
+PORT_Realloc(void *oldptr, size_t bytes)
+{
+ void *rv = NULL;
+
+ if (bytes <= MAX_SIZE) {
+ rv = PR_Realloc(oldptr, bytes);
+ }
+ if (!rv) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ return rv;
+}
+
+void *
+PORT_ZAlloc(size_t bytes)
+{
+ void *rv = NULL;
+
+ if (bytes <= MAX_SIZE) {
+ /* Always allocate a non-zero amount of bytes */
+ rv = PR_Calloc(1, bytes ? bytes : 1);
+ }
+ if (!rv) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+ return rv;
+}
+
+void
+PORT_Free(void *ptr)
+{
+ if (ptr) {
+ PR_Free(ptr);
+ }
+}
+
+void
+PORT_ZFree(void *ptr, size_t len)
+{
+ if (ptr) {
+ memset(ptr, 0, len);
+ PR_Free(ptr);
+ }
+}
+
+char *
+PORT_Strdup(const char *str)
+{
+ size_t len = PORT_Strlen(str) + 1;
+ char *newstr;
+
+ newstr = (char *)PORT_Alloc(len);
+ if (newstr) {
+ PORT_Memcpy(newstr, str, len);
+ }
+ return newstr;
+}
+
+void
+PORT_SetError(int value)
+{
+#ifdef DEBUG_jp96085
+ PORT_Assert(value != SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
+#endif
+ PR_SetError(value, 0);
+ return;
+}
+
+int
+PORT_GetError(void)
+{
+ return (PR_GetError());
+}
+
+/********************* Arena code follows *****************************
+ * ArenaPools are like heaps. The memory in them consists of large blocks,
+ * called arenas, which are allocated from the/a system heap. Inside an
+ * ArenaPool, the arenas are organized as if they were in a stack. Newly
+ * allocated arenas are "pushed" on that stack. When you attempt to
+ * allocate memory from an ArenaPool, the code first looks to see if there
+ * is enough unused space in the top arena on the stack to satisfy your
+ * request, and if so, your request is satisfied from that arena.
+ * Otherwise, a new arena is allocated (or taken from NSPR's list of freed
+ * arenas) and pushed on to the stack. The new arena is always big enough
+ * to satisfy the request, and is also at least a minimum size that is
+ * established at the time that the ArenaPool is created.
+ *
+ * The ArenaMark function returns the address of a marker in the arena at
+ * the top of the arena stack. It is the address of the place in the arena
+ * on the top of the arena stack from which the next block of memory will
+ * be allocated. Each ArenaPool has its own separate stack, and hence
+ * marks are only relevant to the ArenaPool from which they are gotten.
+ * Marks may be nested. That is, a thread can get a mark, and then get
+ * another mark.
+ *
+ * It is intended that all the marks in an ArenaPool may only be owned by a
+ * single thread. In DEBUG builds, this is enforced. In non-DEBUG builds,
+ * it is not. In DEBUG builds, when a thread gets a mark from an
+ * ArenaPool, no other thread may acquire a mark in that ArenaPool while
+ * that mark exists, that is, until that mark is unmarked or released.
+ * Therefore, it is important that every mark be unmarked or released when
+ * the creating thread has no further need for exclusive ownership of the
+ * right to manage the ArenaPool.
+ *
+ * The ArenaUnmark function discards the ArenaMark at the address given,
+ * and all marks nested inside that mark (that is, acquired from that same
+ * ArenaPool while that mark existed). It is an error for a thread other
+ * than the mark's creator to try to unmark it. When a thread has unmarked
+ * all its marks from an ArenaPool, then another thread is able to set
+ * marks in that ArenaPool. ArenaUnmark does not deallocate (or "pop") any
+ * memory allocated from the ArenaPool since the mark was created.
+ *
+ * ArenaRelease "pops" the stack back to the mark, deallocating all the
+ * memory allocated from the arenas in the ArenaPool since that mark was
+ * created, and removing any arenas from the ArenaPool that have no
+ * remaining active allocations when that is done. It implicitly releases
+ * any marks nested inside the mark being explicitly released. It is the
+ * only operation, other than destroying the arenapool, that potentially
+ * reduces the number of arenas on the stack. Otherwise, the stack grows
+ * until the arenapool is destroyed, at which point all the arenas are
+ * freed or returned to a "free arena list", depending on their sizes.
+ */
+PLArenaPool *
+PORT_NewArena(unsigned long chunksize)
+{
+ PORTArenaPool *pool;
+
+ if (chunksize > MAX_SIZE) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+ pool = PORT_ZNew(PORTArenaPool);
+ if (!pool) {
+ return NULL;
+ }
+ pool->magic = ARENAPOOL_MAGIC;
+ pool->lock = PZ_NewLock(nssILockArena);
+ if (!pool->lock) {
+ PORT_Free(pool);
+ return NULL;
+ }
+ PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
+ return (&pool->arena);
+}
+
+void
+PORT_InitCheapArena(PORTCheapArenaPool *pool, unsigned long chunksize)
+{
+ pool->magic = CHEAP_ARENAPOOL_MAGIC;
+ PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
+}
+
+void *
+PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
+{
+ void *p = NULL;
+
+ PORTArenaPool *pool = (PORTArenaPool *)arena;
+
+ if (size <= 0) {
+ size = 1;
+ }
+
+ if (size > MAX_SIZE) {
+ /* you lose. */
+ } else
+ /* Is it one of ours? Assume so and check the magic */
+ if (ARENAPOOL_MAGIC == pool->magic) {
+ PZ_Lock(pool->lock);
+#ifdef THREADMARK
+ /* Most likely one of ours. Is there a thread id? */
+ if (pool->marking_thread &&
+ pool->marking_thread != PR_GetCurrentThread()) {
+ /* Another thread holds a mark in this arena */
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_Assert(0);
+ return NULL;
+ } /* tid != null */
+#endif /* THREADMARK */
+ PL_ARENA_ALLOCATE(p, arena, size);
+ PZ_Unlock(pool->lock);
+ } else {
+ PL_ARENA_ALLOCATE(p, arena, size);
+ }
+
+ if (!p) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ }
+
+ return (p);
+}
+
+void *
+PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
+{
+ void *p;
+
+ if (size <= 0)
+ size = 1;
+
+ p = PORT_ArenaAlloc(arena, size);
+
+ if (p) {
+ PORT_Memset(p, 0, size);
+ }
+
+ return (p);
+}
+
+static PRCallOnceType setupUseFreeListOnce;
+static PRBool useFreeList;
+
+static PRStatus
+SetupUseFreeList(void)
+{
+ useFreeList = (PR_GetEnvSecure("NSS_DISABLE_ARENA_FREE_LIST") == NULL);
+ return PR_SUCCESS;
+}
+
+/*
+ * If zero is true, zeroize the arena memory before freeing it.
+ */
+void
+PORT_FreeArena(PLArenaPool *arena, PRBool zero)
+{
+ PORTArenaPool *pool = (PORTArenaPool *)arena;
+ PRLock *lock = (PRLock *)0;
+ size_t len = sizeof *arena;
+
+ if (!pool)
+ return;
+ if (ARENAPOOL_MAGIC == pool->magic) {
+ len = sizeof *pool;
+ lock = pool->lock;
+ PZ_Lock(lock);
+ }
+ if (zero) {
+ PL_ClearArenaPool(arena, 0);
+ }
+ (void)PR_CallOnce(&setupUseFreeListOnce, &SetupUseFreeList);
+ if (useFreeList) {
+ PL_FreeArenaPool(arena);
+ } else {
+ PL_FinishArenaPool(arena);
+ }
+ PORT_ZFree(arena, len);
+ if (lock) {
+ PZ_Unlock(lock);
+ PZ_DestroyLock(lock);
+ }
+}
+
+void
+PORT_DestroyCheapArena(PORTCheapArenaPool *pool)
+{
+ (void)PR_CallOnce(&setupUseFreeListOnce, &SetupUseFreeList);
+ if (useFreeList) {
+ PL_FreeArenaPool(&pool->arena);
+ } else {
+ PL_FinishArenaPool(&pool->arena);
+ }
+}
+
+void *
+PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
+{
+ PORTArenaPool *pool = (PORTArenaPool *)arena;
+ PORT_Assert(newsize >= oldsize);
+
+ if (newsize > MAX_SIZE) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ if (ARENAPOOL_MAGIC == pool->magic) {
+ PZ_Lock(pool->lock);
+ /* Do we do a THREADMARK check here? */
+ PL_ARENA_GROW(ptr, arena, oldsize, (newsize - oldsize));
+ PZ_Unlock(pool->lock);
+ } else {
+ PL_ARENA_GROW(ptr, arena, oldsize, (newsize - oldsize));
+ }
+
+ return (ptr);
+}
+
+void *
+PORT_ArenaMark(PLArenaPool *arena)
+{
+ void *result;
+
+ PORTArenaPool *pool = (PORTArenaPool *)arena;
+ if (ARENAPOOL_MAGIC == pool->magic) {
+ PZ_Lock(pool->lock);
+#ifdef THREADMARK
+ {
+ threadmark_mark *tm, **pw;
+ PRThread *currentThread = PR_GetCurrentThread();
+
+ if (!pool->marking_thread) {
+ /* First mark */
+ pool->marking_thread = currentThread;
+ } else if (currentThread != pool->marking_thread) {
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_Assert(0);
+ return NULL;
+ }
+
+ result = PL_ARENA_MARK(arena);
+ PL_ARENA_ALLOCATE(tm, arena, sizeof(threadmark_mark));
+ if (!tm) {
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return NULL;
+ }
+
+ tm->mark = result;
+ tm->next = (threadmark_mark *)NULL;
+
+ pw = &pool->first_mark;
+ while (*pw) {
+ pw = &(*pw)->next;
+ }
+
+ *pw = tm;
+ }
+#else /* THREADMARK */
+ result = PL_ARENA_MARK(arena);
+#endif /* THREADMARK */
+ PZ_Unlock(pool->lock);
+ } else {
+ /* a "pure" NSPR arena */
+ result = PL_ARENA_MARK(arena);
+ }
+ return result;
+}
+
+/*
+ * This function accesses the internals of PLArena, which is why it needs
+ * to use the NSPR internal macro PL_MAKE_MEM_UNDEFINED before the memset
+ * calls.
+ *
+ * We should move this function to NSPR as PL_ClearArenaAfterMark or add
+ * a PL_ARENA_CLEAR_AND_RELEASE macro.
+ *
+ * TODO: remove the #ifdef PL_MAKE_MEM_UNDEFINED tests when NSPR 4.10+ is
+ * widely available.
+ */
+static void
+port_ArenaZeroAfterMark(PLArenaPool *arena, void *mark)
+{
+ PLArena *a = arena->current;
+ if (a->base <= (PRUword)mark && (PRUword)mark <= a->avail) {
+/* fast path: mark falls in the current arena */
+#ifdef PL_MAKE_MEM_UNDEFINED
+ PL_MAKE_MEM_UNDEFINED(mark, a->avail - (PRUword)mark);
+#endif
+ memset(mark, 0, a->avail - (PRUword)mark);
+ } else {
+ /* slow path: need to find the arena that mark falls in */
+ for (a = arena->first.next; a; a = a->next) {
+ PR_ASSERT(a->base <= a->avail && a->avail <= a->limit);
+ if (a->base <= (PRUword)mark && (PRUword)mark <= a->avail) {
+#ifdef PL_MAKE_MEM_UNDEFINED
+ PL_MAKE_MEM_UNDEFINED(mark, a->avail - (PRUword)mark);
+#endif
+ memset(mark, 0, a->avail - (PRUword)mark);
+ a = a->next;
+ break;
+ }
+ }
+ for (; a; a = a->next) {
+ PR_ASSERT(a->base <= a->avail && a->avail <= a->limit);
+#ifdef PL_MAKE_MEM_UNDEFINED
+ PL_MAKE_MEM_UNDEFINED((void *)a->base, a->avail - a->base);
+#endif
+ memset((void *)a->base, 0, a->avail - a->base);
+ }
+ }
+}
+
+static void
+port_ArenaRelease(PLArenaPool *arena, void *mark, PRBool zero)
+{
+ PORTArenaPool *pool = (PORTArenaPool *)arena;
+ if (ARENAPOOL_MAGIC == pool->magic) {
+ PZ_Lock(pool->lock);
+#ifdef THREADMARK
+ {
+ threadmark_mark **pw;
+
+ if (PR_GetCurrentThread() != pool->marking_thread) {
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_Assert(0);
+ return /* no error indication available */;
+ }
+
+ pw = &pool->first_mark;
+ while (*pw && (mark != (*pw)->mark)) {
+ pw = &(*pw)->next;
+ }
+
+ if (!*pw) {
+ /* bad mark */
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_Assert(0);
+ return /* no error indication available */;
+ }
+
+ *pw = (threadmark_mark *)NULL;
+
+ if (zero) {
+ port_ArenaZeroAfterMark(arena, mark);
+ }
+ PL_ARENA_RELEASE(arena, mark);
+
+ if (!pool->first_mark) {
+ pool->marking_thread = (PRThread *)NULL;
+ }
+ }
+#else /* THREADMARK */
+ if (zero) {
+ port_ArenaZeroAfterMark(arena, mark);
+ }
+ PL_ARENA_RELEASE(arena, mark);
+#endif /* THREADMARK */
+ PZ_Unlock(pool->lock);
+ } else {
+ if (zero) {
+ port_ArenaZeroAfterMark(arena, mark);
+ }
+ PL_ARENA_RELEASE(arena, mark);
+ }
+}
+
+void
+PORT_ArenaRelease(PLArenaPool *arena, void *mark)
+{
+ port_ArenaRelease(arena, mark, PR_FALSE);
+}
+
+/*
+ * Zeroize the arena memory before releasing it.
+ */
+void
+PORT_ArenaZRelease(PLArenaPool *arena, void *mark)
+{
+ port_ArenaRelease(arena, mark, PR_TRUE);
+}
+
+void
+PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
+{
+#ifdef THREADMARK
+ PORTArenaPool *pool = (PORTArenaPool *)arena;
+ if (ARENAPOOL_MAGIC == pool->magic) {
+ threadmark_mark **pw;
+
+ PZ_Lock(pool->lock);
+
+ if (PR_GetCurrentThread() != pool->marking_thread) {
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_Assert(0);
+ return /* no error indication available */;
+ }
+
+ pw = &pool->first_mark;
+ while (((threadmark_mark *)NULL != *pw) && (mark != (*pw)->mark)) {
+ pw = &(*pw)->next;
+ }
+
+ if ((threadmark_mark *)NULL == *pw) {
+ /* bad mark */
+ PZ_Unlock(pool->lock);
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ PORT_Assert(0);
+ return /* no error indication available */;
+ }
+
+ *pw = (threadmark_mark *)NULL;
+
+ if (!pool->first_mark) {
+ pool->marking_thread = (PRThread *)NULL;
+ }
+
+ PZ_Unlock(pool->lock);
+ }
+#endif /* THREADMARK */
+}
+
+char *
+PORT_ArenaStrdup(PLArenaPool *arena, const char *str)
+{
+ int len = PORT_Strlen(str) + 1;
+ char *newstr;
+
+ newstr = (char *)PORT_ArenaAlloc(arena, len);
+ if (newstr) {
+ PORT_Memcpy(newstr, str, len);
+ }
+ return newstr;
+}
+
+/********************** end of arena functions ***********************/
+
+/****************** unicode conversion functions ***********************/
+/*
+ * NOTE: These conversion functions all assume that the multibyte
+ * characters are going to be in NETWORK BYTE ORDER, not host byte
+ * order. This is because the only time we deal with UCS-2 and UCS-4
+ * are when the data was received from or is going to be sent out
+ * over the wire (in, e.g. certificates).
+ */
+
+void
+PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
+{
+ ucs4Utf8ConvertFunc = convFunc;
+}
+
+void
+PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc)
+{
+ ucs2AsciiConvertFunc = convFunc;
+}
+
+void
+PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
+{
+ ucs2Utf8ConvertFunc = convFunc;
+}
+
+PRBool
+PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen)
+{
+ if (!ucs4Utf8ConvertFunc) {
+ return sec_port_ucs4_utf8_conversion_function(toUnicode,
+ inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
+ }
+
+ return (*ucs4Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
+ maxOutBufLen, outBufLen);
+}
+
+PRBool
+PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen)
+{
+ if (!ucs2Utf8ConvertFunc) {
+ return sec_port_ucs2_utf8_conversion_function(toUnicode,
+ inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
+ }
+
+ return (*ucs2Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
+ maxOutBufLen, outBufLen);
+}
+
+PRBool
+PORT_ISO88591_UTF8Conversion(const unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen)
+{
+ return sec_port_iso88591_utf8_conversion_function(inBuf, inBufLen,
+ outBuf, maxOutBufLen, outBufLen);
+}
+
+PRBool
+PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen,
+ PRBool swapBytes)
+{
+ if (!ucs2AsciiConvertFunc) {
+ return PR_FALSE;
+ }
+
+ return (*ucs2AsciiConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
+ maxOutBufLen, outBufLen, swapBytes);
+}
+
+/* Portable putenv. Creates/replaces an environment variable of the form
+ * envVarName=envValue
+ */
+int
+NSS_PutEnv(const char *envVarName, const char *envValue)
+{
+ SECStatus result = SECSuccess;
+ char *encoded;
+ int putEnvFailed;
+#ifdef _WIN32
+ PRBool setOK;
+
+ setOK = SetEnvironmentVariable(envVarName, envValue);
+ if (!setOK) {
+ SET_ERROR_CODE
+ return SECFailure;
+ }
+#endif
+
+ encoded = (char *)PORT_ZAlloc(strlen(envVarName) + 2 + strlen(envValue));
+ strcpy(encoded, envVarName);
+ strcat(encoded, "=");
+ strcat(encoded, envValue);
+
+ putEnvFailed = putenv(encoded); /* adopt. */
+ if (putEnvFailed) {
+ SET_ERROR_CODE
+ result = SECFailure;
+ PORT_Free(encoded);
+ }
+ return result;
+}
+
+/*
+ * Perform a constant-time compare of two memory regions. The return value is
+ * 0 if the memory regions are equal and non-zero otherwise.
+ */
+int
+NSS_SecureMemcmp(const void *ia, const void *ib, size_t n)
+{
+ const unsigned char *a = (const unsigned char *)ia;
+ const unsigned char *b = (const unsigned char *)ib;
+ size_t i;
+ unsigned char r = 0;
+
+ for (i = 0; i < n; ++i) {
+ r |= *a++ ^ *b++;
+ }
+
+ return r;
+}
diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h
new file mode 100644
index 000000000..0f4b08f33
--- /dev/null
+++ b/security/nss/lib/util/secport.h
@@ -0,0 +1,287 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * secport.h - portability interfaces for security libraries
+ */
+
+#ifndef _SECPORT_H_
+#define _SECPORT_H_
+
+#include "utilrename.h"
+#include "prlink.h"
+
+/*
+ * define XP_WIN, XP_BEOS, or XP_UNIX, in case they are not defined
+ * by anyone else
+ */
+#ifdef _WINDOWS
+#ifndef XP_WIN
+#define XP_WIN
+#endif
+#if defined(_WIN32) || defined(WIN32)
+#ifndef XP_WIN32
+#define XP_WIN32
+#endif
+#endif
+#endif
+
+#ifdef __BEOS__
+#ifndef XP_BEOS
+#define XP_BEOS
+#endif
+#endif
+
+#ifdef unix
+#ifndef XP_UNIX
+#define XP_UNIX
+#endif
+#endif
+
+#include <sys/types.h>
+
+#include <ctype.h>
+#include <string.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include "prtypes.h"
+#include "prlog.h" /* for PR_ASSERT */
+#include "plarena.h"
+#include "plstr.h"
+
+/*
+ * HACK for NSS 2.8 to allow Admin to compile without source changes.
+ */
+#ifndef SEC_BEGIN_PROTOS
+#include "seccomon.h"
+#endif
+
+/*
+ * The PORT_*Arena* function signatures mostly involve PLArenaPool* arguments.
+ * But this is misleading! It's not actually safe to use vanilla PLArenaPools
+ * with them. There are two "subclasses" of PLArenaPool that should be used
+ * instead.
+ *
+ * - PORTArenaPool (defined in secport.c): this "subclass" is always
+ * heap-allocated and uses a (heap-allocated) lock to protect all accesses.
+ * Use PORT_NewArena() and PORT_FreeArena() to create and destroy
+ * PORTArenaPools.
+ *
+ * - PORTCheapArenaPool (defined here): this "subclass" can be stack-allocated
+ * and does not use a lock to protect accesses. This makes it cheaper but
+ * less general. It is best used for arena pools that (a) are hot, (b) have
+ * lifetimes bounded within a single function, and (c) don't need locking.
+ * Use PORT_InitArena() and PORT_DestroyArena() to initialize and finalize
+ * PORTCheapArenaPools.
+ *
+ * All the other PORT_Arena* functions will operate safely with either
+ * subclass.
+ */
+typedef struct PORTCheapArenaPool_str {
+ PLArenaPool arena;
+ PRUint32 magic; /* This is used to distinguish the two subclasses. */
+} PORTCheapArenaPool;
+
+SEC_BEGIN_PROTOS
+
+extern void *PORT_Alloc(size_t len);
+extern void *PORT_Realloc(void *old, size_t len);
+extern void *PORT_ZAlloc(size_t len);
+extern void PORT_Free(void *ptr);
+extern void PORT_ZFree(void *ptr, size_t len);
+extern char *PORT_Strdup(const char *s);
+extern void PORT_SetError(int value);
+extern int PORT_GetError(void);
+
+/* These functions are for use with PORTArenaPools. */
+extern PLArenaPool *PORT_NewArena(unsigned long chunksize);
+extern void PORT_FreeArena(PLArenaPool *arena, PRBool zero);
+
+/* These functions are for use with PORTCheapArenaPools. */
+extern void PORT_InitCheapArena(PORTCheapArenaPool *arena,
+ unsigned long chunksize);
+extern void PORT_DestroyCheapArena(PORTCheapArenaPool *arena);
+
+/* These functions work with both kinds of arena pool. */
+extern void *PORT_ArenaAlloc(PLArenaPool *arena, size_t size);
+extern void *PORT_ArenaZAlloc(PLArenaPool *arena, size_t size);
+extern void *PORT_ArenaGrow(PLArenaPool *arena, void *ptr,
+ size_t oldsize, size_t newsize);
+extern void *PORT_ArenaMark(PLArenaPool *arena);
+extern void PORT_ArenaRelease(PLArenaPool *arena, void *mark);
+extern void PORT_ArenaZRelease(PLArenaPool *arena, void *mark);
+extern void PORT_ArenaUnmark(PLArenaPool *arena, void *mark);
+extern char *PORT_ArenaStrdup(PLArenaPool *arena, const char *str);
+
+SEC_END_PROTOS
+
+#define PORT_Assert PR_ASSERT
+/* This runs a function that should return SECSuccess.
+ * Intended for NSS internal use only.
+ * The return value is asserted in a debug build, otherwise it is ignored.
+ * This is no substitute for proper error handling. It is OK only if you
+ * have ensured that the function cannot fail by other means such as checking
+ * prerequisites. In that case this can be used as a safeguard against
+ * unexpected changes in a function.
+ */
+#ifdef DEBUG
+#define PORT_CheckSuccess(f) PR_ASSERT((f) == SECSuccess)
+#else
+#define PORT_CheckSuccess(f) (f)
+#endif
+#define PORT_ZNew(type) (type *)PORT_ZAlloc(sizeof(type))
+#define PORT_New(type) (type *)PORT_Alloc(sizeof(type))
+#define PORT_ArenaNew(poolp, type) \
+ (type *)PORT_ArenaAlloc(poolp, sizeof(type))
+#define PORT_ArenaZNew(poolp, type) \
+ (type *)PORT_ArenaZAlloc(poolp, sizeof(type))
+#define PORT_NewArray(type, num) \
+ (type *)PORT_Alloc(sizeof(type) * (num))
+#define PORT_ZNewArray(type, num) \
+ (type *)PORT_ZAlloc(sizeof(type) * (num))
+#define PORT_ArenaNewArray(poolp, type, num) \
+ (type *)PORT_ArenaAlloc(poolp, sizeof(type) * (num))
+#define PORT_ArenaZNewArray(poolp, type, num) \
+ (type *)PORT_ArenaZAlloc(poolp, sizeof(type) * (num))
+
+/* Please, keep these defines sorted alphabetically. Thanks! */
+
+#define PORT_Atoi(buff) (int)strtol(buff, NULL, 10)
+
+/* Returns a UTF-8 encoded constant error string for err.
+ * Returns NULL if initialization of the error tables fails
+ * due to insufficient memory.
+ *
+ * This string must not be modified by the application.
+ */
+#define PORT_ErrorToString(err) PR_ErrorToString((err), PR_LANGUAGE_I_DEFAULT)
+
+#define PORT_ErrorToName PR_ErrorToName
+
+#define PORT_Memcmp memcmp
+#define PORT_Memcpy memcpy
+#ifndef SUNOS4
+#define PORT_Memmove memmove
+#else /*SUNOS4*/
+#define PORT_Memmove(s, ct, n) bcopy((ct), (s), (n))
+#endif /*SUNOS4*/
+#define PORT_Memset memset
+
+#define PORT_Strcasecmp PL_strcasecmp
+#define PORT_Strcat strcat
+#define PORT_Strchr strchr
+#define PORT_Strrchr strrchr
+#define PORT_Strcmp strcmp
+#define PORT_Strcpy strcpy
+#define PORT_Strlen(s) strlen(s)
+#define PORT_Strncasecmp PL_strncasecmp
+#define PORT_Strncat strncat
+#define PORT_Strncmp strncmp
+#define PORT_Strncpy strncpy
+#define PORT_Strpbrk strpbrk
+#define PORT_Strstr strstr
+#define PORT_Strtok strtok
+
+#define PORT_Tolower tolower
+
+typedef PRBool(PR_CALLBACK *PORTCharConversionWSwapFunc)(PRBool toUnicode,
+ unsigned char *inBuf, unsigned int inBufLen,
+ unsigned char *outBuf, unsigned int maxOutBufLen,
+ unsigned int *outBufLen, PRBool swapBytes);
+
+typedef PRBool(PR_CALLBACK *PORTCharConversionFunc)(PRBool toUnicode,
+ unsigned char *inBuf, unsigned int inBufLen,
+ unsigned char *outBuf, unsigned int maxOutBufLen,
+ unsigned int *outBufLen);
+
+SEC_BEGIN_PROTOS
+
+void PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
+void PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc);
+PRBool PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen);
+PRBool PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen,
+ PRBool swapBytes);
+void PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
+PRBool PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen);
+
+/* One-way conversion from ISO-8859-1 to UTF-8 */
+PRBool PORT_ISO88591_UTF8Conversion(const unsigned char *inBuf,
+ unsigned int inBufLen, unsigned char *outBuf,
+ unsigned int maxOutBufLen, unsigned int *outBufLen);
+
+extern PRBool
+sec_port_ucs4_utf8_conversion_function(
+ PRBool toUnicode,
+ unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen);
+
+extern PRBool
+sec_port_ucs2_utf8_conversion_function(
+ PRBool toUnicode,
+ unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen);
+
+/* One-way conversion from ISO-8859-1 to UTF-8 */
+extern PRBool
+sec_port_iso88591_utf8_conversion_function(
+ const unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen);
+
+extern int NSS_PutEnv(const char *envVarName, const char *envValue);
+
+extern int NSS_SecureMemcmp(const void *a, const void *b, size_t n);
+
+/*
+ * Load a shared library called "newShLibName" in the same directory as
+ * a shared library that is already loaded, called existingShLibName.
+ * A pointer to a static function in that shared library,
+ * staticShLibFunc, is required.
+ *
+ * existingShLibName:
+ * The file name of the shared library that shall be used as the
+ * "reference library". The loader will attempt to load the requested
+ * library from the same directory as the reference library.
+ *
+ * staticShLibFunc:
+ * Pointer to a static function in the "reference library".
+ *
+ * newShLibName:
+ * The simple file name of the new shared library to be loaded.
+ *
+ * We use PR_GetLibraryFilePathname to get the pathname of the loaded
+ * shared lib that contains this function, and then do a
+ * PR_LoadLibraryWithFlags with an absolute pathname for the shared
+ * library to be loaded.
+ *
+ * On Windows, the "alternate search path" strategy is employed, if available.
+ * On Unix, if existingShLibName is a symbolic link, and no link exists for the
+ * new library, the original link will be resolved, and the new library loaded
+ * from the resolved location.
+ *
+ * If the new shared library is not found in the same location as the reference
+ * library, it will then be loaded from the normal system library path.
+ */
+PRLibrary *
+PORT_LoadLibraryFromOrigin(const char *existingShLibName,
+ PRFuncPtr staticShLibFunc,
+ const char *newShLibName);
+
+SEC_END_PROTOS
+
+#endif /* _SECPORT_H_ */
diff --git a/security/nss/lib/util/sectime.c b/security/nss/lib/util/sectime.c
new file mode 100644
index 000000000..11ee5ffeb
--- /dev/null
+++ b/security/nss/lib/util/sectime.c
@@ -0,0 +1,163 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "prtime.h"
+#include "secder.h"
+#include "secitem.h"
+#include "secerr.h"
+
+static char *DecodeUTCTime2FormattedAscii(SECItem *utcTimeDER, char *format);
+static char *DecodeGeneralizedTime2FormattedAscii(SECItem *generalizedTimeDER, char *format);
+
+/* convert DER utc time to ascii time string */
+char *
+DER_UTCTimeToAscii(SECItem *utcTime)
+{
+ return (DecodeUTCTime2FormattedAscii(utcTime, "%a %b %d %H:%M:%S %Y"));
+}
+
+/* convert DER utc time to ascii time string, only include day, not time */
+char *
+DER_UTCDayToAscii(SECItem *utctime)
+{
+ return (DecodeUTCTime2FormattedAscii(utctime, "%a %b %d, %Y"));
+}
+
+/* convert DER generalized time to ascii time string, only include day,
+ not time */
+char *
+DER_GeneralizedDayToAscii(SECItem *gentime)
+{
+ return (DecodeGeneralizedTime2FormattedAscii(gentime, "%a %b %d, %Y"));
+}
+
+/* convert DER generalized or UTC time to ascii time string, only include
+ day, not time */
+char *
+DER_TimeChoiceDayToAscii(SECItem *timechoice)
+{
+ switch (timechoice->type) {
+
+ case siUTCTime:
+ return DER_UTCDayToAscii(timechoice);
+
+ case siGeneralizedTime:
+ return DER_GeneralizedDayToAscii(timechoice);
+
+ default:
+ PORT_Assert(0);
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return NULL;
+ }
+}
+
+char *
+CERT_UTCTime2FormattedAscii(PRTime utcTime, char *format)
+{
+ PRExplodedTime printableTime;
+ char *timeString;
+
+ /* Converse time to local time and decompose it into components */
+ PR_ExplodeTime(utcTime, PR_LocalTimeParameters, &printableTime);
+
+ timeString = (char *)PORT_Alloc(256);
+
+ if (timeString) {
+ if (!PR_FormatTime(timeString, 256, format, &printableTime)) {
+ PORT_Free(timeString);
+ timeString = NULL;
+ }
+ }
+
+ return (timeString);
+}
+
+char *
+CERT_GenTime2FormattedAscii(PRTime genTime, char *format)
+{
+ PRExplodedTime printableTime;
+ char *timeString;
+
+ /* Decompose time into components */
+ PR_ExplodeTime(genTime, PR_GMTParameters, &printableTime);
+
+ timeString = (char *)PORT_Alloc(256);
+
+ if (timeString) {
+ if (!PR_FormatTime(timeString, 256, format, &printableTime)) {
+ PORT_Free(timeString);
+ timeString = NULL;
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ }
+ }
+
+ return (timeString);
+}
+
+/* convert DER utc time to ascii time string, The format of the time string
+ depends on the input "format"
+ */
+static char *
+DecodeUTCTime2FormattedAscii(SECItem *utcTimeDER, char *format)
+{
+ PRTime utcTime;
+ int rv;
+
+ rv = DER_UTCTimeToTime(&utcTime, utcTimeDER);
+ if (rv) {
+ return (NULL);
+ }
+ return (CERT_UTCTime2FormattedAscii(utcTime, format));
+}
+
+/* convert DER utc time to ascii time string, The format of the time string
+ depends on the input "format"
+ */
+static char *
+DecodeGeneralizedTime2FormattedAscii(SECItem *generalizedTimeDER, char *format)
+{
+ PRTime generalizedTime;
+ int rv;
+
+ rv = DER_GeneralizedTimeToTime(&generalizedTime, generalizedTimeDER);
+ if (rv) {
+ return (NULL);
+ }
+ return (CERT_GeneralizedTime2FormattedAscii(generalizedTime, format));
+}
+
+/* decode a SECItem containing either a SEC_ASN1_GENERALIZED_TIME
+ or a SEC_ASN1_UTC_TIME */
+
+SECStatus
+DER_DecodeTimeChoice(PRTime *output, const SECItem *input)
+{
+ switch (input->type) {
+ case siGeneralizedTime:
+ return DER_GeneralizedTimeToTime(output, input);
+
+ case siUTCTime:
+ return DER_UTCTimeToTime(output, input);
+
+ default:
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ PORT_Assert(0);
+ return SECFailure;
+ }
+}
+
+/* encode a PRTime to an ASN.1 DER SECItem containing either a
+ SEC_ASN1_GENERALIZED_TIME or a SEC_ASN1_UTC_TIME */
+
+SECStatus
+DER_EncodeTimeChoice(PLArenaPool *arena, SECItem *output, PRTime input)
+{
+ SECStatus rv;
+
+ rv = DER_TimeToUTCTimeArena(arena, output, input);
+ if (rv == SECSuccess || PORT_GetError() != SEC_ERROR_INVALID_ARGS) {
+ return rv;
+ }
+ return DER_TimeToGeneralizedTimeArena(arena, output, input);
+}
diff --git a/security/nss/lib/util/templates.c b/security/nss/lib/util/templates.c
new file mode 100644
index 000000000..6118aeeba
--- /dev/null
+++ b/security/nss/lib/util/templates.c
@@ -0,0 +1,136 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Templates that are compiled and exported from both libnss3 and libnssutil3.
+ * They have to be, because they were previously exported from libnss3, and
+ * there is no way to create data forwarder symbols on Unix.
+ *
+ * Please do not add to this file. New shared templates should be exported
+ * from libnssutil3 only.
+ *
+ */
+
+#include "utilrename.h"
+#include "secasn1.h"
+#include "secder.h"
+#include "secoid.h"
+#include "secdig.h"
+
+const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SECAlgorithmID) },
+ { SEC_ASN1_OBJECT_ID,
+ offsetof(SECAlgorithmID, algorithm) },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
+ offsetof(SECAlgorithmID, parameters) },
+ { 0 }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SECOID_AlgorithmIDTemplate)
+
+const SEC_ASN1Template SEC_AnyTemplate[] = {
+ { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_AnyTemplate)
+
+const SEC_ASN1Template SEC_BMPStringTemplate[] = {
+ { SEC_ASN1_BMP_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BMPStringTemplate)
+
+const SEC_ASN1Template SEC_BitStringTemplate[] = {
+ { SEC_ASN1_BIT_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BitStringTemplate)
+
+const SEC_ASN1Template SEC_BooleanTemplate[] = {
+ { SEC_ASN1_BOOLEAN, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BooleanTemplate)
+
+const SEC_ASN1Template SEC_GeneralizedTimeTemplate[] = {
+ { SEC_ASN1_GENERALIZED_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_GeneralizedTimeTemplate)
+
+const SEC_ASN1Template SEC_IA5StringTemplate[] = {
+ { SEC_ASN1_IA5_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IA5StringTemplate)
+
+const SEC_ASN1Template SEC_IntegerTemplate[] = {
+ { SEC_ASN1_INTEGER, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IntegerTemplate)
+
+const SEC_ASN1Template SEC_NullTemplate[] = {
+ { SEC_ASN1_NULL, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_NullTemplate)
+
+const SEC_ASN1Template SEC_ObjectIDTemplate[] = {
+ { SEC_ASN1_OBJECT_ID, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_ObjectIDTemplate)
+
+const SEC_ASN1Template SEC_OctetStringTemplate[] = {
+ { SEC_ASN1_OCTET_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_OctetStringTemplate)
+
+const SEC_ASN1Template SEC_PointerToAnyTemplate[] = {
+ { SEC_ASN1_POINTER, 0, SEC_AnyTemplate }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToAnyTemplate)
+
+const SEC_ASN1Template SEC_PointerToOctetStringTemplate[] = {
+ { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, SEC_OctetStringTemplate }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToOctetStringTemplate)
+
+const SEC_ASN1Template SEC_SetOfAnyTemplate[] = {
+ { SEC_ASN1_SET_OF, 0, SEC_AnyTemplate }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SetOfAnyTemplate)
+
+const SEC_ASN1Template SEC_UTCTimeTemplate[] = {
+ { SEC_ASN1_UTC_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTCTimeTemplate)
+
+const SEC_ASN1Template SEC_UTF8StringTemplate[] = {
+ { SEC_ASN1_UTF8_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTF8StringTemplate)
+
+/* XXX See comment below about SGN_DecodeDigestInfo -- keep this static! */
+/* XXX Changed from static -- need to change name? */
+const SEC_ASN1Template sgn_DigestInfoTemplate[] = {
+ { SEC_ASN1_SEQUENCE,
+ 0, NULL, sizeof(SGNDigestInfo) },
+ { SEC_ASN1_INLINE,
+ offsetof(SGNDigestInfo, digestAlgorithm),
+ SECOID_AlgorithmIDTemplate },
+ { SEC_ASN1_OCTET_STRING,
+ offsetof(SGNDigestInfo, digest) },
+ { 0 }
+};
+
+SEC_ASN1_CHOOSER_IMPLEMENT(sgn_DigestInfoTemplate)
diff --git a/security/nss/lib/util/utf8.c b/security/nss/lib/util/utf8.c
new file mode 100644
index 000000000..7bdd71482
--- /dev/null
+++ b/security/nss/lib/util/utf8.c
@@ -0,0 +1,445 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "seccomon.h"
+#include "secport.h"
+
+/*
+ * From RFC 2044:
+ *
+ * UCS-4 range (hex.) UTF-8 octet sequence (binary)
+ * 0000 0000-0000 007F 0xxxxxxx
+ * 0000 0080-0000 07FF 110xxxxx 10xxxxxx
+ * 0000 0800-0000 FFFF 1110xxxx 10xxxxxx 10xxxxxx
+ * 0001 0000-001F FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * 0020 0000-03FF FFFF 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * 0400 0000-7FFF FFFF 1111110x 10xxxxxx ... 10xxxxxx
+ */
+
+/*
+ * From http://www.imc.org/draft-hoffman-utf16
+ *
+ * For U on [0x00010000,0x0010FFFF]: Let U' = U - 0x00010000
+ *
+ * U' = yyyyyyyyyyxxxxxxxxxx
+ * W1 = 110110yyyyyyyyyy
+ * W2 = 110111xxxxxxxxxx
+ */
+
+/*
+ * This code is assuming NETWORK BYTE ORDER for the 16- and 32-bit
+ * character values. If you wish to use this code for working with
+ * host byte order values, define the following:
+ *
+ * #if IS_BIG_ENDIAN
+ * #define L_0 0
+ * #define L_1 1
+ * #define L_2 2
+ * #define L_3 3
+ * #define H_0 0
+ * #define H_1 1
+ * #else / * not everyone has elif * /
+ * #if IS_LITTLE_ENDIAN
+ * #define L_0 3
+ * #define L_1 2
+ * #define L_2 1
+ * #define L_3 0
+ * #define H_0 1
+ * #define H_1 0
+ * #else
+ * #error "PDP and NUXI support deferred"
+ * #endif / * IS_LITTLE_ENDIAN * /
+ * #endif / * IS_BIG_ENDIAN * /
+ */
+
+#define L_0 0
+#define L_1 1
+#define L_2 2
+#define L_3 3
+#define H_0 0
+#define H_1 1
+
+#define BAD_UTF8 ((PRUint32)-1)
+
+/*
+ * Parse a single UTF-8 character per the spec. in section 3.9 (D36)
+ * of Unicode 4.0.0.
+ *
+ * Parameters:
+ * index - Points to the byte offset in inBuf of character to read. On success,
+ * updated to the offset of the following character.
+ * inBuf - Input buffer, UTF-8 encoded
+ * inbufLen - Length of input buffer, in bytes.
+ *
+ * Returns:
+ * Success - The UCS4 encoded character
+ * Failure - BAD_UTF8
+ */
+static PRUint32
+sec_port_read_utf8(unsigned int *index, unsigned char *inBuf, unsigned int inBufLen)
+{
+ PRUint32 result;
+ unsigned int i = *index;
+ int bytes_left;
+ PRUint32 min_value;
+
+ PORT_Assert(i < inBufLen);
+
+ if ((inBuf[i] & 0x80) == 0x00) {
+ result = inBuf[i++];
+ bytes_left = 0;
+ min_value = 0;
+ } else if ((inBuf[i] & 0xE0) == 0xC0) {
+ result = inBuf[i++] & 0x1F;
+ bytes_left = 1;
+ min_value = 0x80;
+ } else if ((inBuf[i] & 0xF0) == 0xE0) {
+ result = inBuf[i++] & 0x0F;
+ bytes_left = 2;
+ min_value = 0x800;
+ } else if ((inBuf[i] & 0xF8) == 0xF0) {
+ result = inBuf[i++] & 0x07;
+ bytes_left = 3;
+ min_value = 0x10000;
+ } else {
+ return BAD_UTF8;
+ }
+
+ while (bytes_left--) {
+ if (i >= inBufLen || (inBuf[i] & 0xC0) != 0x80)
+ return BAD_UTF8;
+ result = (result << 6) | (inBuf[i++] & 0x3F);
+ }
+
+ /* Check for overlong sequences, surrogates, and outside unicode range */
+ if (result < min_value || (result & 0xFFFFF800) == 0xD800 || result > 0x10FFFF) {
+ return BAD_UTF8;
+ }
+
+ *index = i;
+ return result;
+}
+
+PRBool
+sec_port_ucs4_utf8_conversion_function(
+ PRBool toUnicode,
+ unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen)
+{
+ PORT_Assert((unsigned int *)NULL != outBufLen);
+
+ if (toUnicode) {
+ unsigned int i, len = 0;
+
+ for (i = 0; i < inBufLen;) {
+ if ((inBuf[i] & 0x80) == 0x00)
+ i += 1;
+ else if ((inBuf[i] & 0xE0) == 0xC0)
+ i += 2;
+ else if ((inBuf[i] & 0xF0) == 0xE0)
+ i += 3;
+ else if ((inBuf[i] & 0xF8) == 0xF0)
+ i += 4;
+ else
+ return PR_FALSE;
+
+ len += 4;
+ }
+
+ if (len > maxOutBufLen) {
+ *outBufLen = len;
+ return PR_FALSE;
+ }
+
+ len = 0;
+
+ for (i = 0; i < inBufLen;) {
+ PRUint32 ucs4 = sec_port_read_utf8(&i, inBuf, inBufLen);
+
+ if (ucs4 == BAD_UTF8)
+ return PR_FALSE;
+
+ outBuf[len + L_0] = 0x00;
+ outBuf[len + L_1] = (unsigned char)(ucs4 >> 16);
+ outBuf[len + L_2] = (unsigned char)(ucs4 >> 8);
+ outBuf[len + L_3] = (unsigned char)ucs4;
+
+ len += 4;
+ }
+
+ *outBufLen = len;
+ return PR_TRUE;
+ } else {
+ unsigned int i, len = 0;
+ PORT_Assert((inBufLen % 4) == 0);
+ if ((inBufLen % 4) != 0) {
+ *outBufLen = 0;
+ return PR_FALSE;
+ }
+
+ for (i = 0; i < inBufLen; i += 4) {
+ if ((inBuf[i + L_0] > 0x00) || (inBuf[i + L_1] > 0x10)) {
+ *outBufLen = 0;
+ return PR_FALSE;
+ } else if (inBuf[i + L_1] >= 0x01)
+ len += 4;
+ else if (inBuf[i + L_2] >= 0x08)
+ len += 3;
+ else if ((inBuf[i + L_2] > 0x00) || (inBuf[i + L_3] >= 0x80))
+ len += 2;
+ else
+ len += 1;
+ }
+
+ if (len > maxOutBufLen) {
+ *outBufLen = len;
+ return PR_FALSE;
+ }
+
+ len = 0;
+
+ for (i = 0; i < inBufLen; i += 4) {
+ if (inBuf[i + L_1] >= 0x01) {
+ /* 0001 0000-001F FFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
+ /* 00000000 000abcde fghijklm nopqrstu ->
+ 11110abc 10defghi 10jklmno 10pqrstu */
+
+ outBuf[len + 0] = 0xF0 | ((inBuf[i + L_1] & 0x1C) >> 2);
+ outBuf[len + 1] = 0x80 | ((inBuf[i + L_1] & 0x03) << 4) | ((inBuf[i + L_2] & 0xF0) >> 4);
+ outBuf[len + 2] = 0x80 | ((inBuf[i + L_2] & 0x0F) << 2) | ((inBuf[i + L_3] & 0xC0) >> 6);
+ outBuf[len + 3] = 0x80 | ((inBuf[i + L_3] & 0x3F) >> 0);
+
+ len += 4;
+ } else if (inBuf[i + L_2] >= 0x08) {
+ /* 0000 0800-0000 FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
+ /* 00000000 00000000 abcdefgh ijklmnop ->
+ 1110abcd 10efghij 10klmnop */
+
+ outBuf[len + 0] = 0xE0 | ((inBuf[i + L_2] & 0xF0) >> 4);
+ outBuf[len + 1] = 0x80 | ((inBuf[i + L_2] & 0x0F) << 2) | ((inBuf[i + L_3] & 0xC0) >> 6);
+ outBuf[len + 2] = 0x80 | ((inBuf[i + L_3] & 0x3F) >> 0);
+
+ len += 3;
+ } else if ((inBuf[i + L_2] > 0x00) || (inBuf[i + L_3] >= 0x80)) {
+ /* 0000 0080-0000 07FF -> 110xxxxx 10xxxxxx */
+ /* 00000000 00000000 00000abc defghijk ->
+ 110abcde 10fghijk */
+
+ outBuf[len + 0] = 0xC0 | ((inBuf[i + L_2] & 0x07) << 2) | ((inBuf[i + L_3] & 0xC0) >> 6);
+ outBuf[len + 1] = 0x80 | ((inBuf[i + L_3] & 0x3F) >> 0);
+
+ len += 2;
+ } else {
+ /* 0000 0000-0000 007F -> 0xxxxxx */
+ /* 00000000 00000000 00000000 0abcdefg ->
+ 0abcdefg */
+
+ outBuf[len + 0] = (inBuf[i + L_3] & 0x7F);
+
+ len += 1;
+ }
+ }
+
+ *outBufLen = len;
+ return PR_TRUE;
+ }
+}
+
+PRBool
+sec_port_ucs2_utf8_conversion_function(
+ PRBool toUnicode,
+ unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen)
+{
+ PORT_Assert((unsigned int *)NULL != outBufLen);
+
+ if (toUnicode) {
+ unsigned int i, len = 0;
+
+ for (i = 0; i < inBufLen;) {
+ if ((inBuf[i] & 0x80) == 0x00) {
+ i += 1;
+ len += 2;
+ } else if ((inBuf[i] & 0xE0) == 0xC0) {
+ i += 2;
+ len += 2;
+ } else if ((inBuf[i] & 0xF0) == 0xE0) {
+ i += 3;
+ len += 2;
+ } else if ((inBuf[i] & 0xF8) == 0xF0) {
+ i += 4;
+ len += 4;
+ } else
+ return PR_FALSE;
+ }
+
+ if (len > maxOutBufLen) {
+ *outBufLen = len;
+ return PR_FALSE;
+ }
+
+ len = 0;
+
+ for (i = 0; i < inBufLen;) {
+ PRUint32 ucs4 = sec_port_read_utf8(&i, inBuf, inBufLen);
+
+ if (ucs4 == BAD_UTF8)
+ return PR_FALSE;
+
+ if (ucs4 < 0x10000) {
+ outBuf[len + H_0] = (unsigned char)(ucs4 >> 8);
+ outBuf[len + H_1] = (unsigned char)ucs4;
+ len += 2;
+ } else {
+ ucs4 -= 0x10000;
+ outBuf[len + 0 + H_0] = (unsigned char)(0xD8 | ((ucs4 >> 18) & 0x3));
+ outBuf[len + 0 + H_1] = (unsigned char)(ucs4 >> 10);
+ outBuf[len + 2 + H_0] = (unsigned char)(0xDC | ((ucs4 >> 8) & 0x3));
+ outBuf[len + 2 + H_1] = (unsigned char)ucs4;
+ len += 4;
+ }
+ }
+
+ *outBufLen = len;
+ return PR_TRUE;
+ } else {
+ unsigned int i, len = 0;
+ PORT_Assert((inBufLen % 2) == 0);
+ if ((inBufLen % 2) != 0) {
+ *outBufLen = 0;
+ return PR_FALSE;
+ }
+
+ for (i = 0; i < inBufLen; i += 2) {
+ if ((inBuf[i + H_0] == 0x00) && ((inBuf[i + H_1] & 0x80) == 0x00))
+ len += 1;
+ else if (inBuf[i + H_0] < 0x08)
+ len += 2;
+ else if (((inBuf[i + H_0] & 0xFC) == 0xD8)) {
+ if (((inBufLen - i) > 2) && ((inBuf[i + 2 + H_0] & 0xFC) == 0xDC)) {
+ i += 2;
+ len += 4;
+ } else {
+ return PR_FALSE;
+ }
+ } else if ((inBuf[i + H_0] & 0xFC) == 0xDC) {
+ return PR_FALSE;
+ } else {
+ len += 3;
+ }
+ }
+
+ if (len > maxOutBufLen) {
+ *outBufLen = len;
+ return PR_FALSE;
+ }
+
+ len = 0;
+
+ for (i = 0; i < inBufLen; i += 2) {
+ if ((inBuf[i + H_0] == 0x00) && ((inBuf[i + H_1] & 0x80) == 0x00)) {
+ /* 0000-007F -> 0xxxxxx */
+ /* 00000000 0abcdefg -> 0abcdefg */
+
+ outBuf[len] = inBuf[i + H_1] & 0x7F;
+
+ len += 1;
+ } else if (inBuf[i + H_0] < 0x08) {
+ /* 0080-07FF -> 110xxxxx 10xxxxxx */
+ /* 00000abc defghijk -> 110abcde 10fghijk */
+
+ outBuf[len + 0] = 0xC0 | ((inBuf[i + H_0] & 0x07) << 2) | ((inBuf[i + H_1] & 0xC0) >> 6);
+ outBuf[len + 1] = 0x80 | ((inBuf[i + H_1] & 0x3F) >> 0);
+
+ len += 2;
+ } else if ((inBuf[i + H_0] & 0xFC) == 0xD8) {
+ int abcde, BCDE;
+
+ PORT_Assert(((inBufLen - i) > 2) && ((inBuf[i + 2 + H_0] & 0xFC) == 0xDC));
+
+ /* D800-DBFF DC00-DFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
+ /* 110110BC DEfghijk 110111lm nopqrstu ->
+ { Let abcde = BCDE + 1 }
+ 11110abc 10defghi 10jklmno 10pqrstu */
+
+ BCDE = ((inBuf[i + H_0] & 0x03) << 2) | ((inBuf[i + H_1] & 0xC0) >> 6);
+ abcde = BCDE + 1;
+
+ outBuf[len + 0] = 0xF0 | ((abcde & 0x1C) >> 2);
+ outBuf[len + 1] = 0x80 | ((abcde & 0x03) << 4) | ((inBuf[i + 0 + H_1] & 0x3C) >> 2);
+ outBuf[len + 2] = 0x80 | ((inBuf[i + 0 + H_1] & 0x03) << 4) | ((inBuf[i + 2 + H_0] & 0x03) << 2) | ((inBuf[i + 2 + H_1] & 0xC0) >> 6);
+ outBuf[len + 3] = 0x80 | ((inBuf[i + 2 + H_1] & 0x3F) >> 0);
+
+ i += 2;
+ len += 4;
+ } else {
+ /* 0800-FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
+ /* abcdefgh ijklmnop -> 1110abcd 10efghij 10klmnop */
+
+ outBuf[len + 0] = 0xE0 | ((inBuf[i + H_0] & 0xF0) >> 4);
+ outBuf[len + 1] = 0x80 | ((inBuf[i + H_0] & 0x0F) << 2) | ((inBuf[i + H_1] & 0xC0) >> 6);
+ outBuf[len + 2] = 0x80 | ((inBuf[i + H_1] & 0x3F) >> 0);
+
+ len += 3;
+ }
+ }
+
+ *outBufLen = len;
+ return PR_TRUE;
+ }
+}
+
+PRBool
+sec_port_iso88591_utf8_conversion_function(
+ const unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen)
+{
+ unsigned int i, len = 0;
+
+ PORT_Assert((unsigned int *)NULL != outBufLen);
+
+ for (i = 0; i < inBufLen; i++) {
+ if ((inBuf[i] & 0x80) == 0x00)
+ len += 1;
+ else
+ len += 2;
+ }
+
+ if (len > maxOutBufLen) {
+ *outBufLen = len;
+ return PR_FALSE;
+ }
+
+ len = 0;
+
+ for (i = 0; i < inBufLen; i++) {
+ if ((inBuf[i] & 0x80) == 0x00) {
+ /* 00-7F -> 0xxxxxxx */
+ /* 0abcdefg -> 0abcdefg */
+
+ outBuf[len] = inBuf[i];
+ len += 1;
+ } else {
+ /* 80-FF <- 110xxxxx 10xxxxxx */
+ /* 00000000 abcdefgh -> 110000ab 10cdefgh */
+
+ outBuf[len + 0] = 0xC0 | ((inBuf[i] & 0xC0) >> 6);
+ outBuf[len + 1] = 0x80 | ((inBuf[i] & 0x3F) >> 0);
+
+ len += 2;
+ }
+ }
+
+ *outBufLen = len;
+ return PR_TRUE;
+}
diff --git a/security/nss/lib/util/util.gyp b/security/nss/lib/util/util.gyp
new file mode 100644
index 000000000..9f3a74b18
--- /dev/null
+++ b/security/nss/lib/util/util.gyp
@@ -0,0 +1,59 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nssutil',
+ 'type': 'static_library',
+ 'sources': [
+ 'derdec.c',
+ 'derenc.c',
+ 'dersubr.c',
+ 'dertime.c',
+ 'errstrs.c',
+ 'nssb64d.c',
+ 'nssb64e.c',
+ 'nssilock.c',
+ 'nssrwlk.c',
+ 'oidstring.c',
+ 'pkcs1sig.c',
+ 'portreg.c',
+ 'quickder.c',
+ 'secalgid.c',
+ 'secasn1d.c',
+ 'secasn1e.c',
+ 'secasn1u.c',
+ 'secdig.c',
+ 'secitem.c',
+ 'secload.c',
+ 'secoid.c',
+ 'secport.c',
+ 'sectime.c',
+ 'templates.c',
+ 'utf8.c',
+ 'utilmod.c',
+ 'utilpars.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ },
+ {
+ 'target_name': 'nssutil3',
+ 'type': 'shared_library',
+ 'dependencies': [
+ 'nssutil'
+ ],
+ 'variables': {
+ 'mapfile': 'nssutil.def'
+ }
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
diff --git a/security/nss/lib/util/utilmod.c b/security/nss/lib/util/utilmod.c
new file mode 100644
index 000000000..e05680675
--- /dev/null
+++ b/security/nss/lib/util/utilmod.c
@@ -0,0 +1,765 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. For the rest of NSS, only one kind of database handle exists:
+ *
+ * SFTKDBHandle
+ *
+ * There is one SFTKDBHandle for each key database and one for each cert
+ * database. These databases are opened as associated pairs, one pair per
+ * slot. SFTKDBHandles are reference counted objects.
+ *
+ * Each SFTKDBHandle points to a low level database handle (SDB). This handle
+ * represents the underlying physical database. These objects are not
+ * reference counted, and are 'owned' by their respective SFTKDBHandles.
+ */
+
+#include "prprf.h"
+#include "prsystem.h"
+#include "secport.h"
+#include "utilpars.h"
+#include "secerr.h"
+
+#if defined(_WIN32)
+#include <io.h>
+#endif
+#ifdef XP_UNIX
+#include <unistd.h>
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#if defined(_WIN32)
+#define os_open _open
+#define os_fdopen _fdopen
+#define os_stat _stat
+#define os_truncate_open_flags _O_CREAT | _O_RDWR | _O_TRUNC
+#define os_append_open_flags _O_CREAT | _O_RDWR | _O_APPEND
+#define os_open_permissions_type int
+#define os_open_permissions_default _S_IREAD | _S_IWRITE
+#define os_stat_type struct _stat
+#else
+#define os_open open
+#define os_fdopen fdopen
+#define os_stat stat
+#define os_truncate_open_flags O_CREAT | O_RDWR | O_TRUNC
+#define os_append_open_flags O_CREAT | O_RDWR | O_APPEND
+#define os_open_permissions_type mode_t
+#define os_open_permissions_default 0600
+#define os_stat_type struct stat
+#endif
+
+/****************************************************************
+ *
+ * Secmod database.
+ *
+ * The new secmod database is simply a text file with each of the module
+ * entries in the following form:
+ *
+ * #
+ * # This is a comment The next line is the library to load
+ * library=libmypkcs11.so
+ * name="My PKCS#11 module"
+ * params="my library's param string"
+ * nss="NSS parameters"
+ * other="parameters for other libraries and applications"
+ *
+ * library=libmynextpk11.so
+ * name="My other PKCS#11 module"
+ */
+
+/*
+ * Smart string cat functions. Automatically manage the memory.
+ * The first parameter is the destination string. If it's null, we
+ * allocate memory for it. If it's not, we reallocate memory
+ * so the the concanenated string fits.
+ */
+static char *
+nssutil_DupnCat(char *baseString, const char *str, int str_len)
+{
+ int baseStringLen = baseString ? PORT_Strlen(baseString) : 0;
+ int len = baseStringLen + 1;
+ char *newString;
+
+ len += str_len;
+ newString = (char *)PORT_Realloc(baseString, len);
+ if (newString == NULL) {
+ PORT_Free(baseString);
+ return NULL;
+ }
+ PORT_Memcpy(&newString[baseStringLen], str, str_len);
+ newString[len - 1] = 0;
+ return newString;
+}
+
+/* Same as nssutil_DupnCat except it concatenates the full string, not a
+ * partial one */
+static char *
+nssutil_DupCat(char *baseString, const char *str)
+{
+ return nssutil_DupnCat(baseString, str, PORT_Strlen(str));
+}
+
+/* function to free up all the memory associated with a null terminated
+ * array of module specs */
+static SECStatus
+nssutil_releaseSpecList(char **moduleSpecList)
+{
+ if (moduleSpecList) {
+ char **index;
+ for (index = moduleSpecList; *index; index++) {
+ PORT_Free(*index);
+ }
+ PORT_Free(moduleSpecList);
+ }
+ return SECSuccess;
+}
+
+#define SECMOD_STEP 10
+static SECStatus
+nssutil_growList(char ***pModuleList, int *useCount, int last)
+{
+ char **newModuleList;
+
+ *useCount += SECMOD_STEP;
+ newModuleList = (char **)PORT_Realloc(*pModuleList,
+ *useCount * sizeof(char *));
+ if (newModuleList == NULL) {
+ return SECFailure;
+ }
+ PORT_Memset(&newModuleList[last], 0, sizeof(char *) * SECMOD_STEP);
+ *pModuleList = newModuleList;
+ return SECSuccess;
+}
+
+static char *
+_NSSUTIL_GetOldSecmodName(const char *dbname, const char *filename)
+{
+ char *file = NULL;
+ char *dirPath = PORT_Strdup(dbname);
+ char *sep;
+
+ sep = PORT_Strrchr(dirPath, *NSSUTIL_PATH_SEPARATOR);
+#ifdef _WIN32
+ if (!sep) {
+ /* utilparst.h defines NSSUTIL_PATH_SEPARATOR as "/" for all
+ * platforms. */
+ sep = PORT_Strrchr(dirPath, '\\');
+ }
+#endif
+ if (sep) {
+ *sep = 0;
+ file = PR_smprintf("%s" NSSUTIL_PATH_SEPARATOR "%s", dirPath, filename);
+ } else {
+ file = PR_smprintf("%s", filename);
+ }
+ PORT_Free(dirPath);
+ return file;
+}
+
+static SECStatus nssutil_AddSecmodDBEntry(const char *appName,
+ const char *filename,
+ const char *dbname,
+ const char *module, PRBool rw);
+
+enum lfopen_mode { lfopen_truncate,
+ lfopen_append };
+
+FILE *
+lfopen(const char *name, enum lfopen_mode om, os_open_permissions_type open_perms)
+{
+ int fd;
+ FILE *file;
+
+ fd = os_open(name,
+ (om == lfopen_truncate) ? os_truncate_open_flags : os_append_open_flags,
+ open_perms);
+ if (fd < 0) {
+ return NULL;
+ }
+ file = os_fdopen(fd, (om == lfopen_truncate) ? "w+" : "a+");
+ if (!file) {
+ close(fd);
+ }
+ /* file inherits fd */
+ return file;
+}
+
+#define MAX_LINE_LENGTH 2048
+
+/*
+ * Read all the existing modules in out of the file.
+ */
+static char **
+nssutil_ReadSecmodDB(const char *appName,
+ const char *filename, const char *dbname,
+ char *params, PRBool rw)
+{
+ FILE *fd = NULL;
+ char **moduleList = NULL;
+ int moduleCount = 1;
+ int useCount = SECMOD_STEP;
+ char line[MAX_LINE_LENGTH];
+ PRBool internal = PR_FALSE;
+ PRBool skipParams = PR_FALSE;
+ char *moduleString = NULL;
+ char *paramsValue = NULL;
+ PRBool failed = PR_TRUE;
+
+ moduleList = (char **)PORT_ZAlloc(useCount * sizeof(char *));
+ if (moduleList == NULL)
+ return NULL;
+
+ if (dbname == NULL) {
+ goto return_default;
+ }
+
+ /* do we really want to use streams here */
+ fd = fopen(dbname, "r");
+ if (fd == NULL)
+ goto done;
+
+ /*
+ * the following loop takes line separated config lines and collapses
+ * the lines to a single string, escaping and quoting as necessary.
+ */
+ /* loop state variables */
+ moduleString = NULL; /* current concatenated string */
+ internal = PR_FALSE; /* is this an internal module */
+ skipParams = PR_FALSE; /* did we find an override parameter block*/
+ paramsValue = NULL; /* the current parameter block value */
+ while (fgets(line, sizeof(line), fd) != NULL) {
+ int len = PORT_Strlen(line);
+
+ /* remove the ending newline */
+ if (len && line[len - 1] == '\n') {
+ len--;
+ line[len] = 0;
+ }
+ if (*line == '#') {
+ continue;
+ }
+ if (*line != 0) {
+ /*
+ * The PKCS #11 group standard assumes blocks of strings
+ * separated by new lines, clumped by new lines. Internally
+ * we take strings separated by spaces, so we may need to escape
+ * certain spaces.
+ */
+ char *value = PORT_Strchr(line, '=');
+
+ /* there is no value, write out the stanza as is */
+ if (value == NULL || value[1] == 0) {
+ if (moduleString) {
+ moduleString = nssutil_DupnCat(moduleString, " ", 1);
+ if (moduleString == NULL)
+ goto loser;
+ }
+ moduleString = nssutil_DupCat(moduleString, line);
+ if (moduleString == NULL)
+ goto loser;
+ /* value is already quoted, just write it out */
+ } else if (value[1] == '"') {
+ if (moduleString) {
+ moduleString = nssutil_DupnCat(moduleString, " ", 1);
+ if (moduleString == NULL)
+ goto loser;
+ }
+ moduleString = nssutil_DupCat(moduleString, line);
+ if (moduleString == NULL)
+ goto loser;
+ /* we have an override parameter section, remember that
+ * we found this (see following comment about why this
+ * is necessary). */
+ if (PORT_Strncasecmp(line, "parameters", 10) == 0) {
+ skipParams = PR_TRUE;
+ }
+ /*
+ * The internal token always overrides it's parameter block
+ * from the passed in parameters, so wait until then end
+ * before we include the parameter block in case we need to
+ * override it. NOTE: if the parameter block is quoted with ("),
+ * this override does not happen. This allows you to override
+ * the application's parameter configuration.
+ *
+ * parameter block state is controlled by the following variables:
+ * skipParams - Bool : set to true of we have an override param
+ * block (all other blocks, either implicit or explicit are
+ * ignored).
+ * paramsValue - char * : pointer to the current param block. In
+ * the absence of overrides, paramsValue is set to the first
+ * parameter block we find. All subsequent blocks are ignored.
+ * When we find an internal token, the application passed
+ * parameters take precident.
+ */
+ } else if (PORT_Strncasecmp(line, "parameters", 10) == 0) {
+ /* already have parameters */
+ if (paramsValue) {
+ continue;
+ }
+ paramsValue = NSSUTIL_Quote(&value[1], '"');
+ if (paramsValue == NULL)
+ goto loser;
+ continue;
+ } else {
+ /* may need to quote */
+ char *newLine;
+ if (moduleString) {
+ moduleString = nssutil_DupnCat(moduleString, " ", 1);
+ if (moduleString == NULL)
+ goto loser;
+ }
+ moduleString = nssutil_DupnCat(moduleString, line, value - line + 1);
+ if (moduleString == NULL)
+ goto loser;
+ newLine = NSSUTIL_Quote(&value[1], '"');
+ if (newLine == NULL)
+ goto loser;
+ moduleString = nssutil_DupCat(moduleString, newLine);
+ PORT_Free(newLine);
+ if (moduleString == NULL)
+ goto loser;
+ }
+
+ /* check to see if it's internal? */
+ if (PORT_Strncasecmp(line, "NSS=", 4) == 0) {
+ /* This should be case insensitive! reviewers make
+ * me fix it if it's not */
+ if (PORT_Strstr(line, "internal")) {
+ internal = PR_TRUE;
+ /* override the parameters */
+ if (paramsValue) {
+ PORT_Free(paramsValue);
+ }
+ paramsValue = NSSUTIL_Quote(params, '"');
+ }
+ }
+ continue;
+ }
+ if ((moduleString == NULL) || (*moduleString == 0)) {
+ continue;
+ }
+
+ /*
+ * if we are here, we have found a complete stanza. Now write out
+ * any param section we may have found.
+ */
+ if (paramsValue) {
+ /* we had an override */
+ if (!skipParams) {
+ moduleString = nssutil_DupnCat(moduleString, " parameters=", 12);
+ if (moduleString == NULL)
+ goto loser;
+ moduleString = nssutil_DupCat(moduleString, paramsValue);
+ if (moduleString == NULL)
+ goto loser;
+ }
+ PORT_Free(paramsValue);
+ paramsValue = NULL;
+ }
+
+ if ((moduleCount + 1) >= useCount) {
+ SECStatus rv;
+ rv = nssutil_growList(&moduleList, &useCount, moduleCount + 1);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ if (internal) {
+ moduleList[0] = moduleString;
+ } else {
+ moduleList[moduleCount] = moduleString;
+ moduleCount++;
+ }
+ moduleString = NULL;
+ internal = PR_FALSE;
+ skipParams = PR_FALSE;
+ }
+
+ if (moduleString) {
+ PORT_Free(moduleString);
+ moduleString = NULL;
+ }
+done:
+ /* if we couldn't open a pkcs11 database, look for the old one */
+ if (fd == NULL) {
+ char *olddbname = _NSSUTIL_GetOldSecmodName(dbname, filename);
+ PRStatus status;
+
+ /* couldn't get the old name */
+ if (!olddbname) {
+ goto bail;
+ }
+
+ /* old one exists */
+ status = PR_Access(olddbname, PR_ACCESS_EXISTS);
+ if (status == PR_SUCCESS) {
+ PR_smprintf_free(olddbname);
+ PORT_ZFree(moduleList, useCount * sizeof(char *));
+ PORT_SetError(SEC_ERROR_LEGACY_DATABASE);
+ return NULL;
+ }
+
+ bail:
+ if (olddbname) {
+ PR_smprintf_free(olddbname);
+ }
+ }
+
+return_default:
+
+ if (!moduleList[0]) {
+ char *newParams;
+ moduleString = PORT_Strdup(NSSUTIL_DEFAULT_INTERNAL_INIT1);
+ newParams = NSSUTIL_Quote(params, '"');
+ if (newParams == NULL)
+ goto loser;
+ moduleString = nssutil_DupCat(moduleString, newParams);
+ PORT_Free(newParams);
+ if (moduleString == NULL)
+ goto loser;
+ moduleString = nssutil_DupCat(moduleString,
+ NSSUTIL_DEFAULT_INTERNAL_INIT2);
+ if (moduleString == NULL)
+ goto loser;
+ moduleString = nssutil_DupCat(moduleString,
+ NSSUTIL_DEFAULT_SFTKN_FLAGS);
+ if (moduleString == NULL)
+ goto loser;
+ moduleString = nssutil_DupCat(moduleString,
+ NSSUTIL_DEFAULT_INTERNAL_INIT3);
+ if (moduleString == NULL)
+ goto loser;
+ moduleList[0] = moduleString;
+ moduleString = NULL;
+ }
+ failed = PR_FALSE;
+
+loser:
+ /*
+ * cleanup
+ */
+ /* deal with trust cert db here */
+ if (moduleString) {
+ PORT_Free(moduleString);
+ moduleString = NULL;
+ }
+ if (paramsValue) {
+ PORT_Free(paramsValue);
+ paramsValue = NULL;
+ }
+ if (failed || (moduleList[0] == NULL)) {
+ /* This is wrong! FIXME */
+ nssutil_releaseSpecList(moduleList);
+ moduleList = NULL;
+ failed = PR_TRUE;
+ }
+ if (fd != NULL) {
+ fclose(fd);
+ } else if (!failed && rw) {
+ /* update our internal module */
+ nssutil_AddSecmodDBEntry(appName, filename, dbname, moduleList[0], rw);
+ }
+ return moduleList;
+}
+
+static SECStatus
+nssutil_ReleaseSecmodDBData(const char *appName,
+ const char *filename, const char *dbname,
+ char **moduleSpecList, PRBool rw)
+{
+ if (moduleSpecList) {
+ nssutil_releaseSpecList(moduleSpecList);
+ }
+ return SECSuccess;
+}
+
+/*
+ * Delete a module from the Data Base
+ */
+static SECStatus
+nssutil_DeleteSecmodDBEntry(const char *appName,
+ const char *filename,
+ const char *dbname,
+ const char *args,
+ PRBool rw)
+{
+ /* SHDB_FIXME implement */
+ os_stat_type stat_existing;
+ os_open_permissions_type file_mode;
+ FILE *fd = NULL;
+ FILE *fd2 = NULL;
+ char line[MAX_LINE_LENGTH];
+ char *dbname2 = NULL;
+ char *block = NULL;
+ char *name = NULL;
+ char *lib = NULL;
+ int name_len = 0, lib_len = 0;
+ PRBool skip = PR_FALSE;
+ PRBool found = PR_FALSE;
+
+ if (dbname == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ if (!rw) {
+ PORT_SetError(SEC_ERROR_READ_ONLY);
+ return SECFailure;
+ }
+
+ dbname2 = PORT_Strdup(dbname);
+ if (dbname2 == NULL)
+ goto loser;
+ dbname2[strlen(dbname) - 1]++;
+
+ /* get the permissions of the existing file, or use the default */
+ if (!os_stat(dbname, &stat_existing)) {
+ file_mode = stat_existing.st_mode;
+ } else {
+ file_mode = os_open_permissions_default;
+ }
+
+ /* do we really want to use streams here */
+ fd = fopen(dbname, "r");
+ if (fd == NULL)
+ goto loser;
+
+ fd2 = lfopen(dbname2, lfopen_truncate, file_mode);
+
+ if (fd2 == NULL)
+ goto loser;
+
+ name = NSSUTIL_ArgGetParamValue("name", args);
+ if (name) {
+ name_len = PORT_Strlen(name);
+ }
+ lib = NSSUTIL_ArgGetParamValue("library", args);
+ if (lib) {
+ lib_len = PORT_Strlen(lib);
+ }
+
+ /*
+ * the following loop takes line separated config files and collapses
+ * the lines to a single string, escaping and quoting as necessary.
+ */
+ /* loop state variables */
+ block = NULL;
+ skip = PR_FALSE;
+ while (fgets(line, sizeof(line), fd) != NULL) {
+ /* If we are processing a block (we haven't hit a blank line yet */
+ if (*line != '\n') {
+ /* skip means we are in the middle of a block we are deleting */
+ if (skip) {
+ continue;
+ }
+ /* if we haven't found the block yet, check to see if this block
+ * matches our requirements */
+ if (!found && ((name && (PORT_Strncasecmp(line, "name=", 5) == 0) &&
+ (PORT_Strncmp(line + 5, name, name_len) == 0)) ||
+ (lib && (PORT_Strncasecmp(line, "library=", 8) == 0) &&
+ (PORT_Strncmp(line + 8, lib, lib_len) == 0)))) {
+
+ /* yup, we don't need to save any more data, */
+ PORT_Free(block);
+ block = NULL;
+ /* we don't need to collect more of this block */
+ skip = PR_TRUE;
+ /* we don't need to continue searching for the block */
+ found = PR_TRUE;
+ continue;
+ }
+ /* not our match, continue to collect data in this block */
+ block = nssutil_DupCat(block, line);
+ continue;
+ }
+ /* we've collected a block of data that wasn't the module we were
+ * looking for, write it out */
+ if (block) {
+ fwrite(block, PORT_Strlen(block), 1, fd2);
+ PORT_Free(block);
+ block = NULL;
+ }
+ /* If we didn't just delete the this block, keep the blank line */
+ if (!skip) {
+ fputs(line, fd2);
+ }
+ /* we are definately not in a deleted block anymore */
+ skip = PR_FALSE;
+ }
+ fclose(fd);
+ fclose(fd2);
+ if (found) {
+ /* rename dbname2 to dbname */
+ PR_Delete(dbname);
+ PR_Rename(dbname2, dbname);
+ } else {
+ PR_Delete(dbname2);
+ }
+ PORT_Free(dbname2);
+ PORT_Free(lib);
+ PORT_Free(name);
+ PORT_Free(block);
+ return SECSuccess;
+
+loser:
+ if (fd != NULL) {
+ fclose(fd);
+ }
+ if (fd2 != NULL) {
+ fclose(fd2);
+ }
+ if (dbname2) {
+ PR_Delete(dbname2);
+ PORT_Free(dbname2);
+ }
+ PORT_Free(lib);
+ PORT_Free(name);
+ return SECFailure;
+}
+
+/*
+ * Add a module to the Data base
+ */
+static SECStatus
+nssutil_AddSecmodDBEntry(const char *appName,
+ const char *filename, const char *dbname,
+ const char *module, PRBool rw)
+{
+ os_stat_type stat_existing;
+ os_open_permissions_type file_mode;
+ FILE *fd = NULL;
+ char *block = NULL;
+ PRBool libFound = PR_FALSE;
+
+ if (dbname == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* can't write to a read only module */
+ if (!rw) {
+ PORT_SetError(SEC_ERROR_READ_ONLY);
+ return SECFailure;
+ }
+
+ /* remove the previous version if it exists */
+ (void)nssutil_DeleteSecmodDBEntry(appName, filename, dbname, module, rw);
+
+ /* get the permissions of the existing file, or use the default */
+ if (!os_stat(dbname, &stat_existing)) {
+ file_mode = stat_existing.st_mode;
+ } else {
+ file_mode = os_open_permissions_default;
+ }
+
+ fd = lfopen(dbname, lfopen_append, file_mode);
+ if (fd == NULL) {
+ return SECFailure;
+ }
+ module = NSSUTIL_ArgStrip(module);
+ while (*module) {
+ int count;
+ char *keyEnd = PORT_Strchr(module, '=');
+ char *value;
+
+ if (PORT_Strncmp(module, "library=", 8) == 0) {
+ libFound = PR_TRUE;
+ }
+ if (keyEnd == NULL) {
+ block = nssutil_DupCat(block, module);
+ break;
+ }
+ block = nssutil_DupnCat(block, module, keyEnd - module + 1);
+ if (block == NULL) {
+ goto loser;
+ }
+ value = NSSUTIL_ArgFetchValue(&keyEnd[1], &count);
+ if (value) {
+ block = nssutil_DupCat(block, NSSUTIL_ArgStrip(value));
+ PORT_Free(value);
+ }
+ if (block == NULL) {
+ goto loser;
+ }
+ block = nssutil_DupnCat(block, "\n", 1);
+ module = keyEnd + 1 + count;
+ module = NSSUTIL_ArgStrip(module);
+ }
+ if (block) {
+ if (!libFound) {
+ fprintf(fd, "library=\n");
+ }
+ fwrite(block, PORT_Strlen(block), 1, fd);
+ fprintf(fd, "\n");
+ PORT_Free(block);
+ block = NULL;
+ }
+ fclose(fd);
+ return SECSuccess;
+
+loser:
+ PORT_Free(block);
+ fclose(fd);
+ return SECFailure;
+}
+
+char **
+NSSUTIL_DoModuleDBFunction(unsigned long function, char *parameters, void *args)
+{
+ char *secmod = NULL;
+ char *appName = NULL;
+ char *filename = NULL;
+ NSSDBType dbType = NSS_DB_TYPE_NONE;
+ PRBool rw;
+ static char *success = "Success";
+ char **rvstr = NULL;
+
+ secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName,
+ &filename, &rw);
+ if ((dbType == NSS_DB_TYPE_LEGACY) ||
+ (dbType == NSS_DB_TYPE_MULTIACCESS)) {
+ /* we can't handle the old database, only softoken can */
+ PORT_SetError(SEC_ERROR_LEGACY_DATABASE);
+ rvstr = NULL;
+ goto done;
+ }
+
+ switch (function) {
+ case SECMOD_MODULE_DB_FUNCTION_FIND:
+ rvstr = nssutil_ReadSecmodDB(appName, filename,
+ secmod, (char *)parameters, rw);
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_ADD:
+ rvstr = (nssutil_AddSecmodDBEntry(appName, filename,
+ secmod, (char *)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_DEL:
+ rvstr = (nssutil_DeleteSecmodDBEntry(appName, filename,
+ secmod, (char *)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_RELEASE:
+ rvstr = (nssutil_ReleaseSecmodDBData(appName, filename,
+ secmod, (char **)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ }
+done:
+ if (secmod)
+ PR_smprintf_free(secmod);
+ if (appName)
+ PORT_Free(appName);
+ if (filename)
+ PORT_Free(filename);
+ return rvstr;
+}
diff --git a/security/nss/lib/util/utilmodt.h b/security/nss/lib/util/utilmodt.h
new file mode 100644
index 000000000..e1555f37f
--- /dev/null
+++ b/security/nss/lib/util/utilmodt.h
@@ -0,0 +1,43 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _UTILMODT_H_
+#define _UTILMODT_H_ 1
+
+/*
+ * these are SECMOD flags that would normally be in secmodt.h, but are needed
+ * for the parser in util. Fort this reason we preserve the SECMOD names.
+ */
+#define SECMOD_RSA_FLAG 0x00000001L
+#define SECMOD_DSA_FLAG 0x00000002L
+#define SECMOD_RC2_FLAG 0x00000004L
+#define SECMOD_RC4_FLAG 0x00000008L
+#define SECMOD_DES_FLAG 0x00000010L
+#define SECMOD_DH_FLAG 0x00000020L
+#define SECMOD_FORTEZZA_FLAG 0x00000040L
+#define SECMOD_RC5_FLAG 0x00000080L
+#define SECMOD_SHA1_FLAG 0x00000100L
+#define SECMOD_MD5_FLAG 0x00000200L
+#define SECMOD_MD2_FLAG 0x00000400L
+#define SECMOD_SSL_FLAG 0x00000800L
+#define SECMOD_TLS_FLAG 0x00001000L
+#define SECMOD_AES_FLAG 0x00002000L
+#define SECMOD_SHA256_FLAG 0x00004000L /* also for SHA224 */
+#define SECMOD_SHA512_FLAG 0x00008000L /* also for SHA384 */
+#define SECMOD_CAMELLIA_FLAG 0x00010000L /* = PUBLIC_MECH_CAMELLIA_FLAG */
+#define SECMOD_SEED_FLAG 0x00020000L
+#define SECMOD_ECC_FLAG 0x00040000L
+/* reserved bit for future, do not use */
+#define SECMOD_RESERVED_FLAG 0X08000000L
+#define SECMOD_FRIENDLY_FLAG 0x10000000L
+#define SECMOD_RANDOM_FLAG 0x80000000L
+
+#define PK11_OWN_PW_DEFAULTS 0x20000000L
+#define PK11_DISABLE_FLAG 0x40000000L
+
+/* need to make SECMOD and PK11 prefixes consistent. */
+#define SECMOD_OWN_PW_DEFAULTS PK11_OWN_PW_DEFAULTS
+#define SECMOD_DISABLE_FLAG PK11_DISABLE_FLAG
+
+#endif /* _UTILMODT_H_ */
diff --git a/security/nss/lib/util/utilpars.c b/security/nss/lib/util/utilpars.c
new file mode 100644
index 000000000..7116d26f3
--- /dev/null
+++ b/security/nss/lib/util/utilpars.c
@@ -0,0 +1,1231 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * The following code handles the storage of PKCS 11 modules used by the
+ * NSS. This file is written to abstract away how the modules are
+ * stored so we can decide that later.
+ */
+#include "secport.h"
+#include "prprf.h"
+#include "prenv.h"
+#include "utilpars.h"
+#include "utilmodt.h"
+
+/*
+ * return the expected matching quote value for the one specified
+ */
+PRBool
+NSSUTIL_ArgGetPair(char c)
+{
+ switch (c) {
+ case '\'':
+ return c;
+ case '\"':
+ return c;
+ case '<':
+ return '>';
+ case '{':
+ return '}';
+ case '[':
+ return ']';
+ case '(':
+ return ')';
+ default:
+ break;
+ }
+ return ' ';
+}
+
+PRBool
+NSSUTIL_ArgIsBlank(char c)
+{
+ return isspace((unsigned char)c);
+}
+
+PRBool
+NSSUTIL_ArgIsEscape(char c)
+{
+ return c == '\\';
+}
+
+PRBool
+NSSUTIL_ArgIsQuote(char c)
+{
+ switch (c) {
+ case '\'':
+ case '\"':
+ case '<':
+ case '{': /* } end curly to keep vi bracket matching working */
+ case '(': /* ) */
+ case '[': /* ] */
+ return PR_TRUE;
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+const char *
+NSSUTIL_ArgStrip(const char *c)
+{
+ while (*c && NSSUTIL_ArgIsBlank(*c))
+ c++;
+ return c;
+}
+
+/*
+ * find the end of the current tag/value pair. string should be pointing just
+ * after the equal sign. Handles quoted characters.
+ */
+const char *
+NSSUTIL_ArgFindEnd(const char *string)
+{
+ char endChar = ' ';
+ PRBool lastEscape = PR_FALSE;
+
+ if (NSSUTIL_ArgIsQuote(*string)) {
+ endChar = NSSUTIL_ArgGetPair(*string);
+ string++;
+ }
+
+ for (; *string; string++) {
+ if (lastEscape) {
+ lastEscape = PR_FALSE;
+ continue;
+ }
+ if (NSSUTIL_ArgIsEscape(*string) && !lastEscape) {
+ lastEscape = PR_TRUE;
+ continue;
+ }
+ if ((endChar == ' ') && NSSUTIL_ArgIsBlank(*string))
+ break;
+ if (*string == endChar) {
+ break;
+ }
+ }
+
+ return string;
+}
+
+/*
+ * get the value pointed to by string. string should be pointing just beyond
+ * the equal sign.
+ */
+char *
+NSSUTIL_ArgFetchValue(const char *string, int *pcount)
+{
+ const char *end = NSSUTIL_ArgFindEnd(string);
+ char *retString, *copyString;
+ PRBool lastEscape = PR_FALSE;
+ int len;
+
+ len = end - string;
+ if (len == 0) {
+ *pcount = 0;
+ return NULL;
+ }
+
+ copyString = retString = (char *)PORT_Alloc(len + 1);
+
+ if (*end)
+ len++;
+ *pcount = len;
+ if (retString == NULL)
+ return NULL;
+
+ if (NSSUTIL_ArgIsQuote(*string))
+ string++;
+ for (; string < end; string++) {
+ if (NSSUTIL_ArgIsEscape(*string) && !lastEscape) {
+ lastEscape = PR_TRUE;
+ continue;
+ }
+ lastEscape = PR_FALSE;
+ *copyString++ = *string;
+ }
+ *copyString = 0;
+ return retString;
+}
+
+/*
+ * point to the next parameter in string
+ */
+const char *
+NSSUTIL_ArgSkipParameter(const char *string)
+{
+ const char *end;
+ /* look for the end of the <name>= */
+ for (; *string; string++) {
+ if (*string == '=') {
+ string++;
+ break;
+ }
+ if (NSSUTIL_ArgIsBlank(*string))
+ return (string);
+ }
+
+ end = NSSUTIL_ArgFindEnd(string);
+ if (*end)
+ end++;
+ return end;
+}
+
+/*
+ * get the value from that tag value pair.
+ */
+char *
+NSSUTIL_ArgGetParamValue(const char *paramName, const char *parameters)
+{
+ char searchValue[256];
+ int paramLen = strlen(paramName);
+ char *returnValue = NULL;
+ int next;
+
+ if ((parameters == NULL) || (*parameters == 0))
+ return NULL;
+
+ PORT_Assert(paramLen + 2 < sizeof(searchValue));
+
+ PORT_Strcpy(searchValue, paramName);
+ PORT_Strcat(searchValue, "=");
+ while (*parameters) {
+ if (PORT_Strncasecmp(parameters, searchValue, paramLen + 1) == 0) {
+ parameters += paramLen + 1;
+ returnValue = NSSUTIL_ArgFetchValue(parameters, &next);
+ break;
+ } else {
+ parameters = NSSUTIL_ArgSkipParameter(parameters);
+ }
+ parameters = NSSUTIL_ArgStrip(parameters);
+ }
+ return returnValue;
+}
+
+/*
+ * find the next flag in the parameter list
+ */
+const char *
+NSSUTIL_ArgNextFlag(const char *flags)
+{
+ for (; *flags; flags++) {
+ if (*flags == ',') {
+ flags++;
+ break;
+ }
+ }
+ return flags;
+}
+
+/*
+ * return true if the flag is set in the label parameter.
+ */
+PRBool
+NSSUTIL_ArgHasFlag(const char *label, const char *flag, const char *parameters)
+{
+ char *flags;
+ const char *index;
+ int len = strlen(flag);
+ PRBool found = PR_FALSE;
+
+ flags = NSSUTIL_ArgGetParamValue(label, parameters);
+ if (flags == NULL)
+ return PR_FALSE;
+
+ for (index = flags; *index; index = NSSUTIL_ArgNextFlag(index)) {
+ if (PORT_Strncasecmp(index, flag, len) == 0) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+ PORT_Free(flags);
+ return found;
+}
+
+/*
+ * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
+ */
+long
+NSSUTIL_ArgDecodeNumber(const char *num)
+{
+ int radix = 10;
+ unsigned long value = 0;
+ long retValue = 0;
+ int sign = 1;
+ int digit;
+
+ if (num == NULL)
+ return retValue;
+
+ num = NSSUTIL_ArgStrip(num);
+
+ if (*num == '-') {
+ sign = -1;
+ num++;
+ }
+
+ if (*num == '0') {
+ radix = 8;
+ num++;
+ if ((*num == 'x') || (*num == 'X')) {
+ radix = 16;
+ num++;
+ }
+ }
+
+ for (; *num; num++) {
+ if (isdigit(*num)) {
+ digit = *num - '0';
+ } else if ((*num >= 'a') && (*num <= 'f')) {
+ digit = *num - 'a' + 10;
+ } else if ((*num >= 'A') && (*num <= 'F')) {
+ digit = *num - 'A' + 10;
+ } else {
+ break;
+ }
+ if (digit >= radix)
+ break;
+ value = value * radix + digit;
+ }
+
+ retValue = ((int)value) * sign;
+ return retValue;
+}
+
+/*
+ * parameters are tag value pairs. This function returns the tag or label (the
+ * value before the equal size.
+ */
+char *
+NSSUTIL_ArgGetLabel(const char *inString, int *next)
+{
+ char *name = NULL;
+ const char *string;
+ int len;
+
+ /* look for the end of the <label>= */
+ for (string = inString; *string; string++) {
+ if (*string == '=') {
+ break;
+ }
+ if (NSSUTIL_ArgIsBlank(*string))
+ break;
+ }
+
+ len = string - inString;
+
+ *next = len;
+ if (*string == '=')
+ (*next) += 1;
+ if (len > 0) {
+ name = PORT_Alloc(len + 1);
+ PORT_Strncpy(name, inString, len);
+ name[len] = 0;
+ }
+ return name;
+}
+
+/*
+ * read an argument at a Long integer
+ */
+long
+NSSUTIL_ArgReadLong(const char *label, const char *params,
+ long defValue, PRBool *isdefault)
+{
+ char *value;
+ long retValue;
+ if (isdefault)
+ *isdefault = PR_FALSE;
+
+ value = NSSUTIL_ArgGetParamValue(label, params);
+ if (value == NULL) {
+ if (isdefault)
+ *isdefault = PR_TRUE;
+ return defValue;
+ }
+ retValue = NSSUTIL_ArgDecodeNumber(value);
+ if (value)
+ PORT_Free(value);
+
+ return retValue;
+}
+
+/*
+ * prepare a string to be quoted with 'quote' marks. We do that by adding
+ * appropriate escapes.
+ */
+static int
+nssutil_escapeQuotesSize(const char *string, char quote, PRBool addquotes)
+{
+ int escapes = 0, size = 0;
+ const char *src;
+
+ size = addquotes ? 2 : 0;
+ for (src = string; *src; src++) {
+ if ((*src == quote) || (*src == '\\'))
+ escapes++;
+ size++;
+ }
+ return size + escapes + 1;
+}
+
+static char *
+nssutil_escapeQuotes(const char *string, char quote, PRBool addquotes)
+{
+ char *newString = 0;
+ int size = 0;
+ const char *src;
+ char *dest;
+
+ size = nssutil_escapeQuotesSize(string, quote, addquotes);
+
+ dest = newString = PORT_ZAlloc(size);
+ if (newString == NULL) {
+ return NULL;
+ }
+
+ if (addquotes)
+ *dest++ = quote;
+ for (src = string; *src; src++, dest++) {
+ if ((*src == '\\') || (*src == quote)) {
+ *dest++ = '\\';
+ }
+ *dest = *src;
+ }
+ if (addquotes)
+ *dest = quote;
+
+ return newString;
+}
+
+int
+NSSUTIL_EscapeSize(const char *string, char quote)
+{
+ return nssutil_escapeQuotesSize(string, quote, PR_FALSE);
+}
+
+char *
+NSSUTIL_Escape(const char *string, char quote)
+{
+ return nssutil_escapeQuotes(string, quote, PR_FALSE);
+}
+
+int
+NSSUTIL_QuoteSize(const char *string, char quote)
+{
+ return nssutil_escapeQuotesSize(string, quote, PR_TRUE);
+}
+
+char *
+NSSUTIL_Quote(const char *string, char quote)
+{
+ return nssutil_escapeQuotes(string, quote, PR_TRUE);
+}
+
+int
+NSSUTIL_DoubleEscapeSize(const char *string, char quote1, char quote2)
+{
+ int escapes = 0, size = 0;
+ const char *src;
+ for (src = string; *src; src++) {
+ if (*src == '\\')
+ escapes += 3; /* \\\\ */
+ if (*src == quote1)
+ escapes += 2; /* \\quote1 */
+ if (*src == quote2)
+ escapes++; /* \quote2 */
+ size++;
+ }
+
+ return escapes + size + 1;
+}
+
+char *
+NSSUTIL_DoubleEscape(const char *string, char quote1, char quote2)
+{
+ char *round1 = NULL;
+ char *retValue = NULL;
+ if (string == NULL) {
+ goto done;
+ }
+ round1 = nssutil_escapeQuotes(string, quote1, PR_FALSE);
+ if (round1) {
+ retValue = nssutil_escapeQuotes(round1, quote2, PR_FALSE);
+ PORT_Free(round1);
+ }
+
+done:
+ if (retValue == NULL) {
+ retValue = PORT_Strdup("");
+ }
+ return retValue;
+}
+
+/************************************************************************
+ * These functions are used in contructing strings.
+ * NOTE: they will always return a string, but sometimes it will return
+ * a specific NULL string. These strings must be freed with util_freePair.
+ */
+
+/* string to return on error... */
+static char *nssutil_nullString = "";
+
+static char *
+nssutil_formatValue(PLArenaPool *arena, char *value, char quote)
+{
+ char *vp, *vp2, *retval;
+ int size = 0, escapes = 0;
+
+ for (vp = value; *vp; vp++) {
+ if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE))
+ escapes++;
+ size++;
+ }
+ if (arena) {
+ retval = PORT_ArenaZAlloc(arena, size + escapes + 1);
+ } else {
+ retval = PORT_ZAlloc(size + escapes + 1);
+ }
+ if (retval == NULL)
+ return NULL;
+ vp2 = retval;
+ for (vp = value; *vp; vp++) {
+ if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE))
+ *vp2++ = NSSUTIL_ARG_ESCAPE;
+ *vp2++ = *vp;
+ }
+ return retval;
+}
+
+static PRBool
+nssutil_argHasChar(char *v, char c)
+{
+ for (; *v; v++) {
+ if (*v == c)
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+static PRBool
+nssutil_argHasBlanks(char *v)
+{
+ for (; *v; v++) {
+ if (NSSUTIL_ArgIsBlank(*v))
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+static char *
+nssutil_formatPair(char *name, char *value, char quote)
+{
+ char openQuote = quote;
+ char closeQuote = NSSUTIL_ArgGetPair(quote);
+ char *newValue = NULL;
+ char *returnValue;
+ PRBool need_quote = PR_FALSE;
+
+ if (!value || (*value == 0))
+ return nssutil_nullString;
+
+ if (nssutil_argHasBlanks(value) || NSSUTIL_ArgIsQuote(value[0]))
+ need_quote = PR_TRUE;
+
+ if ((need_quote && nssutil_argHasChar(value, closeQuote)) || nssutil_argHasChar(value, NSSUTIL_ARG_ESCAPE)) {
+ value = newValue = nssutil_formatValue(NULL, value, quote);
+ if (newValue == NULL)
+ return nssutil_nullString;
+ }
+ if (need_quote) {
+ returnValue = PR_smprintf("%s=%c%s%c", name, openQuote, value, closeQuote);
+ } else {
+ returnValue = PR_smprintf("%s=%s", name, value);
+ }
+ if (returnValue == NULL)
+ returnValue = nssutil_nullString;
+
+ if (newValue)
+ PORT_Free(newValue);
+
+ return returnValue;
+}
+
+static char *
+nssutil_formatIntPair(char *name, unsigned long value,
+ unsigned long def)
+{
+ char *returnValue;
+
+ if (value == def)
+ return nssutil_nullString;
+
+ returnValue = PR_smprintf("%s=%d", name, value);
+
+ return returnValue;
+}
+
+static void
+nssutil_freePair(char *pair)
+{
+ if (pair && pair != nssutil_nullString) {
+ PR_smprintf_free(pair);
+ }
+}
+
+/************************************************************************
+ * Parse the Slot specific parameters in the NSS params.
+ */
+
+struct nssutilArgSlotFlagTable {
+ char *name;
+ int len;
+ unsigned long value;
+};
+
+#define NSSUTIL_ARG_ENTRY(arg, flag) \
+ { \
+ #arg, sizeof(#arg) - 1, flag \
+ }
+static struct nssutilArgSlotFlagTable nssutil_argSlotFlagTable[] = {
+ NSSUTIL_ARG_ENTRY(RSA, SECMOD_RSA_FLAG),
+ NSSUTIL_ARG_ENTRY(DSA, SECMOD_RSA_FLAG),
+ NSSUTIL_ARG_ENTRY(RC2, SECMOD_RC4_FLAG),
+ NSSUTIL_ARG_ENTRY(RC4, SECMOD_RC2_FLAG),
+ NSSUTIL_ARG_ENTRY(DES, SECMOD_DES_FLAG),
+ NSSUTIL_ARG_ENTRY(DH, SECMOD_DH_FLAG),
+ NSSUTIL_ARG_ENTRY(FORTEZZA, SECMOD_FORTEZZA_FLAG),
+ NSSUTIL_ARG_ENTRY(RC5, SECMOD_RC5_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA1, SECMOD_SHA1_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA256, SECMOD_SHA256_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA512, SECMOD_SHA512_FLAG),
+ NSSUTIL_ARG_ENTRY(MD5, SECMOD_MD5_FLAG),
+ NSSUTIL_ARG_ENTRY(MD2, SECMOD_MD2_FLAG),
+ NSSUTIL_ARG_ENTRY(SSL, SECMOD_SSL_FLAG),
+ NSSUTIL_ARG_ENTRY(TLS, SECMOD_TLS_FLAG),
+ NSSUTIL_ARG_ENTRY(AES, SECMOD_AES_FLAG),
+ NSSUTIL_ARG_ENTRY(Camellia, SECMOD_CAMELLIA_FLAG),
+ NSSUTIL_ARG_ENTRY(SEED, SECMOD_SEED_FLAG),
+ NSSUTIL_ARG_ENTRY(PublicCerts, SECMOD_FRIENDLY_FLAG),
+ NSSUTIL_ARG_ENTRY(RANDOM, SECMOD_RANDOM_FLAG),
+ NSSUTIL_ARG_ENTRY(Disable, SECMOD_DISABLE_FLAG),
+};
+
+static int nssutil_argSlotFlagTableSize =
+ sizeof(nssutil_argSlotFlagTable) / sizeof(nssutil_argSlotFlagTable[0]);
+
+/* turn the slot flags into a bit mask */
+unsigned long
+NSSUTIL_ArgParseSlotFlags(const char *label, const char *params)
+{
+ char *flags;
+ const char *index;
+ unsigned long retValue = 0;
+ int i;
+ PRBool all = PR_FALSE;
+
+ flags = NSSUTIL_ArgGetParamValue(label, params);
+ if (flags == NULL)
+ return 0;
+
+ if (PORT_Strcasecmp(flags, "all") == 0)
+ all = PR_TRUE;
+
+ for (index = flags; *index; index = NSSUTIL_ArgNextFlag(index)) {
+ for (i = 0; i < nssutil_argSlotFlagTableSize; i++) {
+ if (all ||
+ (PORT_Strncasecmp(index, nssutil_argSlotFlagTable[i].name,
+ nssutil_argSlotFlagTable[i].len) == 0)) {
+ retValue |= nssutil_argSlotFlagTable[i].value;
+ }
+ }
+ }
+ PORT_Free(flags);
+ return retValue;
+}
+
+/* parse a single slot specific parameter */
+static void
+nssutil_argDecodeSingleSlotInfo(char *name, char *params,
+ struct NSSUTILPreSlotInfoStr *slotInfo)
+{
+ char *askpw;
+
+ slotInfo->slotID = NSSUTIL_ArgDecodeNumber(name);
+ slotInfo->defaultFlags = NSSUTIL_ArgParseSlotFlags("slotFlags", params);
+ slotInfo->timeout = NSSUTIL_ArgReadLong("timeout", params, 0, NULL);
+
+ askpw = NSSUTIL_ArgGetParamValue("askpw", params);
+ slotInfo->askpw = 0;
+
+ if (askpw) {
+ if (PORT_Strcasecmp(askpw, "every") == 0) {
+ slotInfo->askpw = -1;
+ } else if (PORT_Strcasecmp(askpw, "timeout") == 0) {
+ slotInfo->askpw = 1;
+ }
+ PORT_Free(askpw);
+ slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
+ }
+ slotInfo->hasRootCerts = NSSUTIL_ArgHasFlag("rootFlags", "hasRootCerts",
+ params);
+ slotInfo->hasRootTrust = NSSUTIL_ArgHasFlag("rootFlags", "hasRootTrust",
+ params);
+}
+
+/* parse all the slot specific parameters. */
+struct NSSUTILPreSlotInfoStr *
+NSSUTIL_ArgParseSlotInfo(PLArenaPool *arena, const char *slotParams,
+ int *retCount)
+{
+ const char *slotIndex;
+ struct NSSUTILPreSlotInfoStr *slotInfo = NULL;
+ int i = 0, count = 0, next;
+
+ *retCount = 0;
+ if ((slotParams == NULL) || (*slotParams == 0))
+ return NULL;
+
+ /* first count the number of slots */
+ for (slotIndex = NSSUTIL_ArgStrip(slotParams); *slotIndex;
+ slotIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(slotIndex))) {
+ count++;
+ }
+
+ /* get the data structures */
+ if (arena) {
+ slotInfo = PORT_ArenaZNewArray(arena,
+ struct NSSUTILPreSlotInfoStr, count);
+ } else {
+ slotInfo = PORT_ZNewArray(struct NSSUTILPreSlotInfoStr, count);
+ }
+ if (slotInfo == NULL)
+ return NULL;
+
+ for (slotIndex = NSSUTIL_ArgStrip(slotParams), i = 0;
+ *slotIndex && i < count;) {
+ char *name;
+ name = NSSUTIL_ArgGetLabel(slotIndex, &next);
+ slotIndex += next;
+
+ if (!NSSUTIL_ArgIsBlank(*slotIndex)) {
+ char *args = NSSUTIL_ArgFetchValue(slotIndex, &next);
+ slotIndex += next;
+ if (args) {
+ nssutil_argDecodeSingleSlotInfo(name, args, &slotInfo[i]);
+ i++;
+ PORT_Free(args);
+ }
+ }
+ if (name)
+ PORT_Free(name);
+ slotIndex = NSSUTIL_ArgStrip(slotIndex);
+ }
+ *retCount = i;
+ return slotInfo;
+}
+
+/************************************************************************
+ * make a new slot specific parameter
+ */
+/* first make the slot flags */
+static char *
+nssutil_mkSlotFlags(unsigned long defaultFlags)
+{
+ char *flags = NULL;
+ unsigned int i;
+ int j;
+
+ for (i = 0; i < sizeof(defaultFlags) * 8; i++) {
+ if (defaultFlags & (1UL << i)) {
+ char *string = NULL;
+
+ for (j = 0; j < nssutil_argSlotFlagTableSize; j++) {
+ if (nssutil_argSlotFlagTable[j].value == (1UL << i)) {
+ string = nssutil_argSlotFlagTable[j].name;
+ break;
+ }
+ }
+ if (string) {
+ if (flags) {
+ char *tmp;
+ tmp = PR_smprintf("%s,%s", flags, string);
+ PR_smprintf_free(flags);
+ flags = tmp;
+ } else {
+ flags = PR_smprintf("%s", string);
+ }
+ }
+ }
+ }
+
+ return flags;
+}
+
+/* now make the root flags */
+#define NSSUTIL_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts") + sizeof("hasRootTrust")
+static char *
+nssutil_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
+{
+ char *flags = (char *)PORT_ZAlloc(NSSUTIL_MAX_ROOT_FLAG_SIZE);
+ PRBool first = PR_TRUE;
+
+ PORT_Memset(flags, 0, NSSUTIL_MAX_ROOT_FLAG_SIZE);
+ if (hasRootCerts) {
+ PORT_Strcat(flags, "hasRootCerts");
+ first = PR_FALSE;
+ }
+ if (hasRootTrust) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "hasRootTrust");
+ }
+ return flags;
+}
+
+/* now make a full slot string */
+char *
+NSSUTIL_MkSlotString(unsigned long slotID, unsigned long defaultFlags,
+ unsigned long timeout, unsigned char askpw_in,
+ PRBool hasRootCerts, PRBool hasRootTrust)
+{
+ char *askpw, *flags, *rootFlags, *slotString;
+ char *flagPair, *rootFlagsPair;
+
+ switch (askpw_in) {
+ case 0xff:
+ askpw = "every";
+ break;
+ case 1:
+ askpw = "timeout";
+ break;
+ default:
+ askpw = "any";
+ break;
+ }
+ flags = nssutil_mkSlotFlags(defaultFlags);
+ rootFlags = nssutil_mkRootFlags(hasRootCerts, hasRootTrust);
+ flagPair = nssutil_formatPair("slotFlags", flags, '\'');
+ rootFlagsPair = nssutil_formatPair("rootFlags", rootFlags, '\'');
+ if (flags)
+ PR_smprintf_free(flags);
+ if (rootFlags)
+ PORT_Free(rootFlags);
+ if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
+ slotString = PR_smprintf("0x%08lx=[%s askpw=%s timeout=%d %s]",
+ (PRUint32)slotID, flagPair, askpw, timeout,
+ rootFlagsPair);
+ } else {
+ slotString = PR_smprintf("0x%08lx=[%s %s]",
+ (PRUint32)slotID, flagPair, rootFlagsPair);
+ }
+ nssutil_freePair(flagPair);
+ nssutil_freePair(rootFlagsPair);
+ return slotString;
+}
+
+/************************************************************************
+ * Parse Full module specs into: library, commonName, module parameters,
+ * and NSS specifi parameters.
+ */
+SECStatus
+NSSUTIL_ArgParseModuleSpecEx(const char *modulespec, char **lib, char **mod,
+ char **parameters, char **nss,
+ char **config)
+{
+ int next;
+ modulespec = NSSUTIL_ArgStrip(modulespec);
+
+ *lib = *mod = *parameters = *nss = *config = 0;
+
+ while (*modulespec) {
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *lib, "library=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *mod, "name=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *parameters, "parameters=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *nss, "nss=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *config, "config=", ;)
+ NSSUTIL_HANDLE_FINAL_ARG(modulespec)
+ }
+ return SECSuccess;
+}
+
+/************************************************************************
+ * Parse Full module specs into: library, commonName, module parameters,
+ * and NSS specifi parameters.
+ */
+SECStatus
+NSSUTIL_ArgParseModuleSpec(const char *modulespec, char **lib, char **mod,
+ char **parameters, char **nss)
+{
+ int next;
+ modulespec = NSSUTIL_ArgStrip(modulespec);
+
+ *lib = *mod = *parameters = *nss = 0;
+
+ while (*modulespec) {
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *lib, "library=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *mod, "name=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *parameters, "parameters=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(modulespec, *nss, "nss=", ;)
+ NSSUTIL_HANDLE_FINAL_ARG(modulespec)
+ }
+ return SECSuccess;
+}
+
+/************************************************************************
+ * make a new module spec from it's components */
+char *
+NSSUTIL_MkModuleSpecEx(char *dllName, char *commonName, char *parameters,
+ char *NSS,
+ char *config)
+{
+ char *moduleSpec;
+ char *lib, *name, *param, *nss, *conf;
+
+ /*
+ * now the final spec
+ */
+ lib = nssutil_formatPair("library", dllName, '\"');
+ name = nssutil_formatPair("name", commonName, '\"');
+ param = nssutil_formatPair("parameters", parameters, '\"');
+ nss = nssutil_formatPair("NSS", NSS, '\"');
+ if (config) {
+ conf = nssutil_formatPair("config", config, '\"');
+ moduleSpec = PR_smprintf("%s %s %s %s %s", lib, name, param, nss, conf);
+ nssutil_freePair(conf);
+ } else {
+ moduleSpec = PR_smprintf("%s %s %s %s", lib, name, param, nss);
+ }
+ nssutil_freePair(lib);
+ nssutil_freePair(name);
+ nssutil_freePair(param);
+ nssutil_freePair(nss);
+ return (moduleSpec);
+}
+
+/************************************************************************
+ * make a new module spec from it's components */
+char *
+NSSUTIL_MkModuleSpec(char *dllName, char *commonName, char *parameters,
+ char *NSS)
+{
+ return NSSUTIL_MkModuleSpecEx(dllName, commonName, parameters, NSS, NULL);
+}
+
+#define NSSUTIL_ARG_FORTEZZA_FLAG "FORTEZZA"
+/******************************************************************************
+ * Parse the cipher flags from the NSS parameter
+ */
+void
+NSSUTIL_ArgParseCipherFlags(unsigned long *newCiphers, const char *cipherList)
+{
+ newCiphers[0] = newCiphers[1] = 0;
+ if ((cipherList == NULL) || (*cipherList == 0))
+ return;
+
+ for (; *cipherList; cipherList = NSSUTIL_ArgNextFlag(cipherList)) {
+ if (PORT_Strncasecmp(cipherList, NSSUTIL_ARG_FORTEZZA_FLAG,
+ sizeof(NSSUTIL_ARG_FORTEZZA_FLAG) - 1) == 0) {
+ newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
+ }
+
+ /* add additional flags here as necessary */
+ /* direct bit mapping escape */
+ if (*cipherList == 0) {
+ if (cipherList[1] == 'l') {
+ newCiphers[1] |= atoi(&cipherList[2]);
+ } else {
+ newCiphers[0] |= atoi(&cipherList[2]);
+ }
+ }
+ }
+}
+
+/*********************************************************************
+ * make NSS parameter...
+ */
+/* First make NSS specific flags */
+#define MAX_FLAG_SIZE sizeof("internal") + sizeof("FIPS") + sizeof("moduleDB") + \
+ sizeof("moduleDBOnly") + sizeof("critical")
+static char *
+nssutil_mkNSSFlags(PRBool internal, PRBool isFIPS,
+ PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
+{
+ char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
+ PRBool first = PR_TRUE;
+
+ PORT_Memset(flags, 0, MAX_FLAG_SIZE);
+ if (internal) {
+ PORT_Strcat(flags, "internal");
+ first = PR_FALSE;
+ }
+ if (isFIPS) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "FIPS");
+ first = PR_FALSE;
+ }
+ if (isModuleDB) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "moduleDB");
+ first = PR_FALSE;
+ }
+ if (isModuleDBOnly) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "moduleDBOnly");
+ first = PR_FALSE;
+ }
+ if (isCritical) {
+ if (!first)
+ PORT_Strcat(flags, ",");
+ PORT_Strcat(flags, "critical");
+ }
+ return flags;
+}
+
+/* construct the NSS cipher flags */
+static char *
+nssutil_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
+{
+ char *cipher = NULL;
+ unsigned int i;
+
+ for (i = 0; i < sizeof(ssl0) * 8; i++) {
+ if (ssl0 & (1UL << i)) {
+ char *string;
+ if ((1UL << i) == SECMOD_FORTEZZA_FLAG) {
+ string = PR_smprintf("%s", NSSUTIL_ARG_FORTEZZA_FLAG);
+ } else {
+ string = PR_smprintf("0h0x%08lx", 1UL << i);
+ }
+ if (cipher) {
+ char *tmp;
+ tmp = PR_smprintf("%s,%s", cipher, string);
+ PR_smprintf_free(cipher);
+ PR_smprintf_free(string);
+ cipher = tmp;
+ } else {
+ cipher = string;
+ }
+ }
+ }
+ for (i = 0; i < sizeof(ssl0) * 8; i++) {
+ if (ssl1 & (1UL << i)) {
+ if (cipher) {
+ char *tmp;
+ tmp = PR_smprintf("%s,0l0x%08lx", cipher, 1UL << i);
+ PR_smprintf_free(cipher);
+ cipher = tmp;
+ } else {
+ cipher = PR_smprintf("0l0x%08lx", 1UL << i);
+ }
+ }
+ }
+
+ return cipher;
+}
+
+/* Assemble a full NSS string. */
+char *
+NSSUTIL_MkNSSString(char **slotStrings, int slotCount, PRBool internal,
+ PRBool isFIPS, PRBool isModuleDB, PRBool isModuleDBOnly,
+ PRBool isCritical, unsigned long trustOrder,
+ unsigned long cipherOrder, unsigned long ssl0, unsigned long ssl1)
+{
+ int slotLen, i;
+ char *slotParams, *ciphers, *nss, *nssFlags;
+ const char *tmp;
+ char *trustOrderPair, *cipherOrderPair, *slotPair, *cipherPair, *flagPair;
+
+ /* now let's build up the string
+ * first the slot infos
+ */
+ slotLen = 0;
+ for (i = 0; i < (int)slotCount; i++) {
+ slotLen += PORT_Strlen(slotStrings[i]) + 1;
+ }
+ slotLen += 1; /* space for the final NULL */
+
+ slotParams = (char *)PORT_ZAlloc(slotLen);
+ PORT_Memset(slotParams, 0, slotLen);
+ for (i = 0; i < (int)slotCount; i++) {
+ PORT_Strcat(slotParams, slotStrings[i]);
+ PORT_Strcat(slotParams, " ");
+ PR_smprintf_free(slotStrings[i]);
+ slotStrings[i] = NULL;
+ }
+
+ /*
+ * now the NSS structure
+ */
+ nssFlags = nssutil_mkNSSFlags(internal, isFIPS, isModuleDB, isModuleDBOnly,
+ isCritical);
+ /* for now only the internal module is critical */
+ ciphers = nssutil_mkCipherFlags(ssl0, ssl1);
+
+ trustOrderPair = nssutil_formatIntPair("trustOrder", trustOrder,
+ NSSUTIL_DEFAULT_TRUST_ORDER);
+ cipherOrderPair = nssutil_formatIntPair("cipherOrder", cipherOrder,
+ NSSUTIL_DEFAULT_CIPHER_ORDER);
+ slotPair = nssutil_formatPair("slotParams", slotParams, '{'); /* } */
+ if (slotParams)
+ PORT_Free(slotParams);
+ cipherPair = nssutil_formatPair("ciphers", ciphers, '\'');
+ if (ciphers)
+ PR_smprintf_free(ciphers);
+ flagPair = nssutil_formatPair("Flags", nssFlags, '\'');
+ if (nssFlags)
+ PORT_Free(nssFlags);
+ nss = PR_smprintf("%s %s %s %s %s", trustOrderPair,
+ cipherOrderPair, slotPair, cipherPair, flagPair);
+ nssutil_freePair(trustOrderPair);
+ nssutil_freePair(cipherOrderPair);
+ nssutil_freePair(slotPair);
+ nssutil_freePair(cipherPair);
+ nssutil_freePair(flagPair);
+ tmp = NSSUTIL_ArgStrip(nss);
+ if (*tmp == '\0') {
+ PR_smprintf_free(nss);
+ nss = NULL;
+ }
+ return nss;
+}
+
+/*****************************************************************************
+ *
+ * Private calls for use by softoken and utilmod.c
+ */
+
+#define SQLDB "sql:"
+#define EXTERNDB "extern:"
+#define LEGACY "dbm:"
+#define MULTIACCESS "multiaccess:"
+#define SECMOD_DB "secmod.db"
+const char *
+_NSSUTIL_EvaluateConfigDir(const char *configdir,
+ NSSDBType *pdbType, char **appName)
+{
+ NSSDBType dbType;
+ PRBool checkEnvDefaultDB = PR_FALSE;
+ *appName = NULL;
+/* force the default */
+#ifdef NSS_DISABLE_DBM
+ dbType = NSS_DB_TYPE_SQL;
+#else
+ dbType = NSS_DB_TYPE_LEGACY;
+#endif
+ if (configdir == NULL) {
+ checkEnvDefaultDB = PR_TRUE;
+ } else if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS) - 1) == 0) {
+ char *cdir;
+ dbType = NSS_DB_TYPE_MULTIACCESS;
+
+ *appName = PORT_Strdup(configdir + sizeof(MULTIACCESS) - 1);
+ if (*appName == NULL) {
+ return configdir;
+ }
+ cdir = *appName;
+ while (*cdir && *cdir != ':') {
+ cdir++;
+ }
+ if (*cdir == ':') {
+ *cdir = 0;
+ cdir++;
+ }
+ configdir = cdir;
+ } else if (PORT_Strncmp(configdir, SQLDB, sizeof(SQLDB) - 1) == 0) {
+ dbType = NSS_DB_TYPE_SQL;
+ configdir = configdir + sizeof(SQLDB) - 1;
+ } else if (PORT_Strncmp(configdir, EXTERNDB, sizeof(EXTERNDB) - 1) == 0) {
+ dbType = NSS_DB_TYPE_EXTERN;
+ configdir = configdir + sizeof(EXTERNDB) - 1;
+ } else if (PORT_Strncmp(configdir, LEGACY, sizeof(LEGACY) - 1) == 0) {
+ dbType = NSS_DB_TYPE_LEGACY;
+ configdir = configdir + sizeof(LEGACY) - 1;
+ } else {
+ checkEnvDefaultDB = PR_TRUE;
+ }
+
+ /* look up the default from the environment */
+ if (checkEnvDefaultDB) {
+ char *defaultType = PR_GetEnvSecure("NSS_DEFAULT_DB_TYPE");
+ if (defaultType != NULL) {
+ if (PORT_Strncmp(defaultType, SQLDB, sizeof(SQLDB) - 2) == 0) {
+ dbType = NSS_DB_TYPE_SQL;
+ } else if (PORT_Strncmp(defaultType, EXTERNDB, sizeof(EXTERNDB) - 2) == 0) {
+ dbType = NSS_DB_TYPE_EXTERN;
+ } else if (PORT_Strncmp(defaultType, LEGACY, sizeof(LEGACY) - 2) == 0) {
+ dbType = NSS_DB_TYPE_LEGACY;
+ }
+ }
+ }
+ /* if the caller has already set a type, don't change it */
+ if (*pdbType == NSS_DB_TYPE_NONE) {
+ *pdbType = dbType;
+ }
+ return configdir;
+}
+
+char *
+_NSSUTIL_GetSecmodName(const char *param, NSSDBType *dbType, char **appName,
+ char **filename, PRBool *rw)
+{
+ int next;
+ char *configdir = NULL;
+ char *secmodName = NULL;
+ char *value = NULL;
+ const char *save_params = param;
+ const char *lconfigdir;
+ PRBool noModDB = PR_FALSE;
+ param = NSSUTIL_ArgStrip(param);
+
+ while (*param) {
+ NSSUTIL_HANDLE_STRING_ARG(param, configdir, "configDir=", ;)
+ NSSUTIL_HANDLE_STRING_ARG(param, secmodName, "secmod=", ;)
+ NSSUTIL_HANDLE_FINAL_ARG(param)
+ }
+
+ *rw = PR_TRUE;
+ if (NSSUTIL_ArgHasFlag("flags", "readOnly", save_params)) {
+ *rw = PR_FALSE;
+ }
+
+ if (!secmodName || *secmodName == '\0') {
+ if (secmodName)
+ PORT_Free(secmodName);
+ secmodName = PORT_Strdup(SECMOD_DB);
+ }
+
+ *filename = secmodName;
+ lconfigdir = _NSSUTIL_EvaluateConfigDir(configdir, dbType, appName);
+
+ if (NSSUTIL_ArgHasFlag("flags", "noModDB", save_params)) {
+ /* there isn't a module db, don't load the legacy support */
+ noModDB = PR_TRUE;
+ *dbType = NSS_DB_TYPE_SQL;
+ PORT_Free(*filename);
+ *filename = NULL;
+ *rw = PR_FALSE;
+ }
+
+ /* only use the renamed secmod for legacy databases */
+ if ((*dbType != NSS_DB_TYPE_LEGACY) &&
+ (*dbType != NSS_DB_TYPE_MULTIACCESS) &&
+ !NSSUTIL_ArgHasFlag("flags", "forceSecmodChoice", save_params)) {
+ secmodName = "pkcs11.txt";
+ }
+
+ if (noModDB) {
+ value = NULL;
+ } else if (lconfigdir && lconfigdir[0] != '\0') {
+ value = PR_smprintf("%s" NSSUTIL_PATH_SEPARATOR "%s",
+ lconfigdir, secmodName);
+ } else {
+ value = PR_smprintf("%s", secmodName);
+ }
+ if (configdir)
+ PORT_Free(configdir);
+ return value;
+}
diff --git a/security/nss/lib/util/utilpars.h b/security/nss/lib/util/utilpars.h
new file mode 100644
index 000000000..70767263a
--- /dev/null
+++ b/security/nss/lib/util/utilpars.h
@@ -0,0 +1,63 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _UTILPARS_H_
+#define _UTILPARS_H_ 1
+
+#include "utilparst.h"
+#include "plarena.h"
+
+/* handle a module db request */
+char **NSSUTIL_DoModuleDBFunction(unsigned long function, char *parameters, void *args);
+
+/* parsing functions */
+char *NSSUTIL_ArgFetchValue(const char *string, int *pcount);
+const char *NSSUTIL_ArgStrip(const char *c);
+char *NSSUTIL_ArgGetParamValue(const char *paramName, const char *parameters);
+const char *NSSUTIL_ArgSkipParameter(const char *string);
+char *NSSUTIL_ArgGetLabel(const char *inString, int *next);
+long NSSUTIL_ArgDecodeNumber(const char *num);
+PRBool NSSUTIL_ArgIsBlank(char c);
+PRBool NSSUTIL_ArgHasFlag(const char *label, const char *flag,
+ const char *parameters);
+long NSSUTIL_ArgReadLong(const char *label, const char *params, long defValue,
+ PRBool *isdefault);
+
+/* quoting functions */
+int NSSUTIL_EscapeSize(const char *string, char quote);
+char *NSSUTIL_Escape(const char *string, char quote);
+int NSSUTIL_QuoteSize(const char *string, char quote);
+char *NSSUTIL_Quote(const char *string, char quote);
+int NSSUTIL_DoubleEscapeSize(const char *string, char quote1, char quote2);
+char *NSSUTIL_DoubleEscape(const char *string, char quote1, char quote2);
+
+unsigned long NSSUTIL_ArgParseSlotFlags(const char *label, const char *params);
+struct NSSUTILPreSlotInfoStr *NSSUTIL_ArgParseSlotInfo(PLArenaPool *arena,
+ const char *slotParams, int *retCount);
+char *NSSUTIL_MkSlotString(unsigned long slotID, unsigned long defaultFlags,
+ unsigned long timeout, unsigned char askpw_in,
+ PRBool hasRootCerts, PRBool hasRootTrust);
+SECStatus NSSUTIL_ArgParseModuleSpec(const char *modulespec, char **lib,
+ char **mod, char **parameters, char **nss);
+SECStatus NSSUTIL_ArgParseModuleSpecEx(const char *modulespec, char **lib,
+ char **mod, char **parameters, char **nss, char **config);
+char *NSSUTIL_MkModuleSpec(char *dllName, char *commonName,
+ char *parameters, char *NSS);
+char *NSSUTIL_MkModuleSpecEx(char *dllName, char *commonName,
+ char *parameters, char *NSS, char *config);
+void NSSUTIL_ArgParseCipherFlags(unsigned long *newCiphers,
+ const char *cipherList);
+char *NSSUTIL_MkNSSString(char **slotStrings, int slotCount, PRBool internal,
+ PRBool isFIPS, PRBool isModuleDB, PRBool isModuleDBOnly,
+ PRBool isCritical, unsigned long trustOrder,
+ unsigned long cipherOrder, unsigned long ssl0, unsigned long ssl1);
+
+/*
+ * private functions for softoken.
+ */
+char *_NSSUTIL_GetSecmodName(const char *param, NSSDBType *dbType,
+ char **appName, char **filename, PRBool *rw);
+const char *_NSSUTIL_EvaluateConfigDir(const char *configdir, NSSDBType *dbType, char **app);
+
+#endif /* _UTILPARS_H_ */
diff --git a/security/nss/lib/util/utilparst.h b/security/nss/lib/util/utilparst.h
new file mode 100644
index 000000000..f2148e6e3
--- /dev/null
+++ b/security/nss/lib/util/utilparst.h
@@ -0,0 +1,78 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef UTILPARS_T_H
+#define UTILPARS_T_H 1
+#include "pkcs11t.h"
+
+/*
+ * macros to handle parsing strings of blank sparated arguments.
+ * Several NSSUTIL_HANDLE_STRING() macros should be places one after another with no intervening
+ * code. The first ones have precedence over the later ones. The last Macro should be
+ * NSSUTIL_HANDLE_FINAL_ARG.
+ *
+ * param is the input parameters. On exit param will point to the next parameter to parse. If the
+ * last paramter has been returned, param points to a null byte (*param = '0');
+ * target is the location to store any data aquired from the parameter. Caller is responsible to free this data.
+ * value is the string value of the parameter.
+ * command is any commands you need to run to help process the parameter's data.
+ */
+#define NSSUTIL_HANDLE_STRING_ARG(param, target, value, command) \
+ if (PORT_Strncasecmp(param, value, sizeof(value) - 1) == 0) { \
+ param += sizeof(value) - 1; \
+ if (target) \
+ PORT_Free(target); \
+ target = NSSUTIL_ArgFetchValue(param, &next); \
+ param += next; \
+ command; \
+ } else
+
+#define NSSUTIL_HANDLE_FINAL_ARG(param) \
+ { \
+ param = NSSUTIL_ArgSkipParameter(param); \
+ } \
+ param = NSSUTIL_ArgStrip(param);
+
+#define NSSUTIL_PATH_SEPARATOR "/"
+
+/* default module configuration strings */
+#define NSSUTIL_DEFAULT_INTERNAL_INIT1 \
+ "library= name=\"NSS Internal PKCS #11 Module\" parameters="
+#define NSSUTIL_DEFAULT_INTERNAL_INIT2 \
+ " NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={"
+#define NSSUTIL_DEFAULT_INTERNAL_INIT3 \
+ " askpw=any timeout=30})\""
+#define NSSUTIL_DEFAULT_SFTKN_FLAGS \
+ "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]"
+
+#define NSSUTIL_DEFAULT_CIPHER_ORDER 0
+#define NSSUTIL_DEFAULT_TRUST_ORDER 50
+#define NSSUTIL_ARG_ESCAPE '\\'
+
+/* hold slot default flags until we initialize a slot. This structure is only
+ * useful between the time we define a module (either by hand or from the
+ * database) and the time the module is loaded. Not reference counted */
+struct NSSUTILPreSlotInfoStr {
+ CK_SLOT_ID slotID; /* slot these flags are for */
+ unsigned long defaultFlags; /* bit mask of default implementation this slot
+ * provides */
+ int askpw; /* slot specific password bits */
+ long timeout; /* slot specific timeout value */
+ char hasRootCerts; /* is this the root cert PKCS #11 module? */
+ char hasRootTrust; /* is this the root cert PKCS #11 module? */
+ int reserved0[2];
+ void *reserved1[2];
+};
+
+/*
+ * private functions for softoken.
+ */
+typedef enum {
+ NSS_DB_TYPE_NONE = 0,
+ NSS_DB_TYPE_SQL,
+ NSS_DB_TYPE_EXTERN,
+ NSS_DB_TYPE_LEGACY,
+ NSS_DB_TYPE_MULTIACCESS
+} NSSDBType;
+
+#endif /* UTILPARS_T_H */
diff --git a/security/nss/lib/util/utilrename.h b/security/nss/lib/util/utilrename.h
new file mode 100644
index 000000000..1aea3d284
--- /dev/null
+++ b/security/nss/lib/util/utilrename.h
@@ -0,0 +1,162 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * utilrename.h - rename symbols moved from libnss3 to libnssutil3
+ *
+ */
+
+#ifndef _LIBUTIL_H_
+#define _LIBUTIL_H_ _LIBUTIL_H__Util
+
+#ifdef USE_UTIL_DIRECTLY
+
+/* functions moved from libnss3 */
+#define ATOB_AsciiToData ATOB_AsciiToData_Util
+#define ATOB_ConvertAsciiToItem ATOB_ConvertAsciiToItem_Util
+#define BTOA_ConvertItemToAscii BTOA_ConvertItemToAscii_Util
+#define BTOA_DataToAscii BTOA_DataToAscii_Util
+#define CERT_GenTime2FormattedAscii CERT_GenTime2FormattedAscii_Util
+#define DER_AsciiToTime DER_AsciiToTime_Util
+#define DER_DecodeTimeChoice DER_DecodeTimeChoice_Util
+#define DER_Encode DER_Encode_Util
+#define DER_EncodeTimeChoice DER_EncodeTimeChoice_Util
+#define DER_GeneralizedDayToAscii DER_GeneralizedDayToAscii_Util
+#define DER_GeneralizedTimeToTime DER_GeneralizedTimeToTime_Util
+#define DER_GetInteger DER_GetInteger_Util
+#define DER_Lengths DER_Lengths_Util
+#define DER_TimeChoiceDayToAscii DER_TimeChoiceDayToAscii_Util
+#define DER_TimeToGeneralizedTime DER_TimeToGeneralizedTime_Util
+#define DER_TimeToGeneralizedTimeArena DER_TimeToGeneralizedTimeArena_Util
+#define DER_TimeToUTCTime DER_TimeToUTCTime_Util
+#define DER_UTCDayToAscii DER_UTCDayToAscii_Util
+#define DER_UTCTimeToAscii DER_UTCTimeToAscii_Util
+#define DER_UTCTimeToTime DER_UTCTimeToTime_Util
+#define NSS_PutEnv NSS_PutEnv_Util
+#define NSSBase64_DecodeBuffer NSSBase64_DecodeBuffer_Util
+#define NSSBase64_EncodeItem NSSBase64_EncodeItem_Util
+#define NSSBase64Decoder_Create NSSBase64Decoder_Create_Util
+#define NSSBase64Decoder_Destroy NSSBase64Decoder_Destroy_Util
+#define NSSBase64Decoder_Update NSSBase64Decoder_Update_Util
+#define NSSBase64Encoder_Create NSSBase64Encoder_Create_Util
+#define NSSBase64Encoder_Destroy NSSBase64Encoder_Destroy_Util
+#define NSSBase64Encoder_Update NSSBase64Encoder_Update_Util
+#define NSSRWLock_Destroy NSSRWLock_Destroy_Util
+#define NSSRWLock_HaveWriteLock NSSRWLock_HaveWriteLock_Util
+#define NSSRWLock_LockRead NSSRWLock_LockRead_Util
+#define NSSRWLock_LockWrite NSSRWLock_LockWrite_Util
+#define NSSRWLock_New NSSRWLock_New_Util
+#define NSSRWLock_UnlockRead NSSRWLock_UnlockRead_Util
+#define NSSRWLock_UnlockWrite NSSRWLock_UnlockWrite_Util
+#define PORT_Alloc PORT_Alloc_Util
+#define PORT_ArenaAlloc PORT_ArenaAlloc_Util
+#define PORT_ArenaGrow PORT_ArenaGrow_Util
+#define PORT_ArenaMark PORT_ArenaMark_Util
+#define PORT_ArenaRelease PORT_ArenaRelease_Util
+#define PORT_ArenaStrdup PORT_ArenaStrdup_Util
+#define PORT_ArenaUnmark PORT_ArenaUnmark_Util
+#define PORT_ArenaZAlloc PORT_ArenaZAlloc_Util
+#define PORT_Free PORT_Free_Util
+#define PORT_FreeArena PORT_FreeArena_Util
+#define PORT_GetError PORT_GetError_Util
+#define PORT_NewArena PORT_NewArena_Util
+#define PORT_Realloc PORT_Realloc_Util
+#define PORT_SetError PORT_SetError_Util
+#define PORT_SetUCS2_ASCIIConversionFunction PORT_SetUCS2_ASCIIConversionFunction_Util
+#define PORT_SetUCS2_UTF8ConversionFunction PORT_SetUCS2_UTF8ConversionFunction_Util
+#define PORT_SetUCS4_UTF8ConversionFunction PORT_SetUCS4_UTF8ConversionFunction_Util
+#define PORT_Strdup PORT_Strdup_Util
+#define PORT_UCS2_ASCIIConversion PORT_UCS2_ASCIIConversion_Util
+#define PORT_UCS2_UTF8Conversion PORT_UCS2_UTF8Conversion_Util
+#define PORT_ZAlloc PORT_ZAlloc_Util
+#define PORT_ZFree PORT_ZFree_Util
+#define SEC_ASN1Decode SEC_ASN1Decode_Util
+#define SEC_ASN1DecodeInteger SEC_ASN1DecodeInteger_Util
+#define SEC_ASN1DecodeItem SEC_ASN1DecodeItem_Util
+#define SEC_ASN1DecoderAbort SEC_ASN1DecoderAbort_Util
+#define SEC_ASN1DecoderClearFilterProc SEC_ASN1DecoderClearFilterProc_Util
+#define SEC_ASN1DecoderClearNotifyProc SEC_ASN1DecoderClearNotifyProc_Util
+#define SEC_ASN1DecoderFinish SEC_ASN1DecoderFinish_Util
+#define SEC_ASN1DecoderSetFilterProc SEC_ASN1DecoderSetFilterProc_Util
+#define SEC_ASN1DecoderSetNotifyProc SEC_ASN1DecoderSetNotifyProc_Util
+#define SEC_ASN1DecoderStart SEC_ASN1DecoderStart_Util
+#define SEC_ASN1DecoderUpdate SEC_ASN1DecoderUpdate_Util
+#define SEC_ASN1Encode SEC_ASN1Encode_Util
+#define SEC_ASN1EncodeInteger SEC_ASN1EncodeInteger_Util
+#define SEC_ASN1EncodeItem SEC_ASN1EncodeItem_Util
+#define SEC_ASN1EncoderAbort SEC_ASN1EncoderAbort_Util
+#define SEC_ASN1EncoderClearNotifyProc SEC_ASN1EncoderClearNotifyProc_Util
+#define SEC_ASN1EncoderClearStreaming SEC_ASN1EncoderClearStreaming_Util
+#define SEC_ASN1EncoderClearTakeFromBuf SEC_ASN1EncoderClearTakeFromBuf_Util
+#define SEC_ASN1EncoderFinish SEC_ASN1EncoderFinish_Util
+#define SEC_ASN1EncoderSetNotifyProc SEC_ASN1EncoderSetNotifyProc_Util
+#define SEC_ASN1EncoderSetStreaming SEC_ASN1EncoderSetStreaming_Util
+#define SEC_ASN1EncoderSetTakeFromBuf SEC_ASN1EncoderSetTakeFromBuf_Util
+#define SEC_ASN1EncoderStart SEC_ASN1EncoderStart_Util
+#define SEC_ASN1EncoderUpdate SEC_ASN1EncoderUpdate_Util
+#define SEC_ASN1EncodeUnsignedInteger SEC_ASN1EncodeUnsignedInteger_Util
+#define SEC_ASN1LengthLength SEC_ASN1LengthLength_Util
+#define SEC_QuickDERDecodeItem SEC_QuickDERDecodeItem_Util
+#define SECITEM_AllocItem SECITEM_AllocItem_Util
+#define SECITEM_ArenaDupItem SECITEM_ArenaDupItem_Util
+#define SECITEM_CompareItem SECITEM_CompareItem_Util
+#define SECITEM_CopyItem SECITEM_CopyItem_Util
+#define SECITEM_DupItem SECITEM_DupItem_Util
+#define SECITEM_FreeItem SECITEM_FreeItem_Util
+#define SECITEM_ItemsAreEqual SECITEM_ItemsAreEqual_Util
+#define SECITEM_ZfreeItem SECITEM_ZfreeItem_Util
+#define SECOID_AddEntry SECOID_AddEntry_Util
+#define SECOID_CompareAlgorithmID SECOID_CompareAlgorithmID_Util
+#define SECOID_CopyAlgorithmID SECOID_CopyAlgorithmID_Util
+#define SECOID_DestroyAlgorithmID SECOID_DestroyAlgorithmID_Util
+#define SECOID_FindOID SECOID_FindOID_Util
+#define SECOID_FindOIDByTag SECOID_FindOIDByTag_Util
+#define SECOID_FindOIDTag SECOID_FindOIDTag_Util
+#define SECOID_FindOIDTagDescription SECOID_FindOIDTagDescription_Util
+#define SECOID_GetAlgorithmTag SECOID_GetAlgorithmTag_Util
+#define SECOID_SetAlgorithmID SECOID_SetAlgorithmID_Util
+#define SGN_CompareDigestInfo SGN_CompareDigestInfo_Util
+#define SGN_CopyDigestInfo SGN_CopyDigestInfo_Util
+#define SGN_CreateDigestInfo SGN_CreateDigestInfo_Util
+#define SGN_DestroyDigestInfo SGN_DestroyDigestInfo_Util
+
+/* templates moved from libnss3 */
+#define NSS_Get_SEC_AnyTemplate NSS_Get_SEC_AnyTemplate_Util
+#define NSS_Get_SEC_BitStringTemplate NSS_Get_SEC_BitStringTemplate_Util
+#define NSS_Get_SEC_BMPStringTemplate NSS_Get_SEC_BMPStringTemplate_Util
+#define NSS_Get_SEC_BooleanTemplate NSS_Get_SEC_BooleanTemplate_Util
+#define NSS_Get_SEC_GeneralizedTimeTemplate NSS_Get_SEC_GeneralizedTimeTemplate_Util
+#define NSS_Get_SEC_IA5StringTemplate NSS_Get_SEC_IA5StringTemplate_Util
+#define NSS_Get_SEC_IntegerTemplate NSS_Get_SEC_IntegerTemplate_Util
+#define NSS_Get_SEC_NullTemplate NSS_Get_SEC_NullTemplate_Util
+#define NSS_Get_SEC_ObjectIDTemplate NSS_Get_SEC_ObjectIDTemplate_Util
+#define NSS_Get_SEC_OctetStringTemplate NSS_Get_SEC_OctetStringTemplate_Util
+#define NSS_Get_SEC_PointerToAnyTemplate NSS_Get_SEC_PointerToAnyTemplate_Util
+#define NSS_Get_SEC_PointerToOctetStringTemplate NSS_Get_SEC_PointerToOctetStringTemplate_Util
+#define NSS_Get_SEC_SetOfAnyTemplate NSS_Get_SEC_SetOfAnyTemplate_Util
+#define NSS_Get_SEC_UTCTimeTemplate NSS_Get_SEC_UTCTimeTemplate_Util
+#define NSS_Get_SEC_UTF8StringTemplate NSS_Get_SEC_UTF8StringTemplate_Util
+#define NSS_Get_SECOID_AlgorithmIDTemplate NSS_Get_SECOID_AlgorithmIDTemplate_Util
+#define NSS_Get_sgn_DigestInfoTemplate NSS_Get_sgn_DigestInfoTemplate_Util
+#define SEC_AnyTemplate SEC_AnyTemplate_Util
+#define SEC_BitStringTemplate SEC_BitStringTemplate_Util
+#define SEC_BMPStringTemplate SEC_BMPStringTemplate_Util
+#define SEC_BooleanTemplate SEC_BooleanTemplate_Util
+#define SEC_GeneralizedTimeTemplate SEC_GeneralizedTimeTemplate_Util
+#define SEC_IA5StringTemplate SEC_IA5StringTemplate_Util
+#define SEC_IntegerTemplate SEC_IntegerTemplate_Util
+#define SEC_NullTemplate SEC_NullTemplate_Util
+#define SEC_ObjectIDTemplate SEC_ObjectIDTemplate_Util
+#define SEC_OctetStringTemplate SEC_OctetStringTemplate_Util
+#define SEC_PointerToAnyTemplate SEC_PointerToAnyTemplate_Util
+#define SEC_PointerToOctetStringTemplate SEC_PointerToOctetStringTemplate_Util
+#define SEC_SetOfAnyTemplate SEC_SetOfAnyTemplate_Util
+#define SEC_UTCTimeTemplate SEC_UTCTimeTemplate_Util
+#define SEC_UTF8StringTemplate SEC_UTF8StringTemplate_Util
+#define SECOID_AlgorithmIDTemplate SECOID_AlgorithmIDTemplate_Util
+#define sgn_DigestInfoTemplate sgn_DigestInfoTemplate_Util
+
+#endif /* USE_UTIL_DIRECTLY */
+
+#endif /* _LIBUTIL_H_ */
diff --git a/security/nss/lib/util/verref.h b/security/nss/lib/util/verref.h
new file mode 100644
index 000000000..efbcb031c
--- /dev/null
+++ b/security/nss/lib/util/verref.h
@@ -0,0 +1,43 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This header is used inline in a function to ensure that a version string
+ * symbol is linked in and not optimized out. A volatile reference is added to
+ * the variable identified by NSS_VERSION_VARIABLE.
+ *
+ * Use this as follows:
+ *
+ * #define NSS_VERSION_VARIABLE __nss_ssl_version
+ * #include "verref.h"
+ */
+
+/* Suppress unused variable warnings. */
+#ifdef _MSC_VER
+#pragma warning(push)
+#pragma warning(disable : 4101)
+#endif
+/* This works for both gcc and clang */
+#if defined(__GNUC__) && !defined(NSS_NO_GCC48)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wunused-variable"
+#endif
+
+#ifndef NSS_VERSION_VARIABLE
+#error NSS_VERSION_VARIABLE must be set before including "verref.h"
+#endif
+{
+ extern const char NSS_VERSION_VARIABLE[];
+#if defined(__GNUC__)
+ __attribute__((unused))
+#endif
+ volatile const char _nss_version_c = NSS_VERSION_VARIABLE[0];
+}
+#undef NSS_VERSION_VARIABLE
+
+#ifdef _MSC_VER
+#pragma warning(pop)
+#endif
+#if defined(__GNUC__) && !defined(NSS_NO_GCC48)
+#pragma GCC diagnostic pop
+#endif
diff --git a/security/nss/lib/zlib/Makefile b/security/nss/lib/zlib/Makefile
new file mode 100644
index 000000000..183294f86
--- /dev/null
+++ b/security/nss/lib/zlib/Makefile
@@ -0,0 +1,55 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include config.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+export:: private_export
+
+test: $(PROGRAMS)
+ @cd $(OBJDIR); \
+ if echo hello world | ./minigzip | ./minigzip -d && ./example; then \
+ echo ' *** zlib test OK ***'; \
+ else \
+ echo ' *** zlib test FAILED ***'; false; \
+ fi
+ -@rm -f foo.gz
diff --git a/security/nss/lib/zlib/README b/security/nss/lib/zlib/README
new file mode 100644
index 000000000..d4219bf88
--- /dev/null
+++ b/security/nss/lib/zlib/README
@@ -0,0 +1,115 @@
+ZLIB DATA COMPRESSION LIBRARY
+
+zlib 1.2.5 is a general purpose data compression library. All the code is
+thread safe. The data format used by the zlib library is described by RFCs
+(Request for Comments) 1950 to 1952 in the files
+http://www.ietf.org/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate format)
+and rfc1952.txt (gzip format).
+
+All functions of the compression library are documented in the file zlib.h
+(volunteer to write man pages welcome, contact zlib@gzip.org). A usage example
+of the library is given in the file example.c which also tests that the library
+is working correctly. Another example is given in the file minigzip.c. The
+compression library itself is composed of all source files except example.c and
+minigzip.c.
+
+To compile all files and run the test program, follow the instructions given at
+the top of Makefile.in. In short "./configure; make test", and if that goes
+well, "make install" should work for most flavors of Unix. For Windows, use one
+of the special makefiles in win32/ or contrib/vstudio/ . For VMS, use
+make_vms.com.
+
+Questions about zlib should be sent to <zlib@gzip.org>, or to Gilles Vollant
+<info@winimage.com> for the Windows DLL version. The zlib home page is
+http://zlib.net/ . Before reporting a problem, please check this site to
+verify that you have the latest version of zlib; otherwise get the latest
+version and check whether the problem still exists or not.
+
+PLEASE read the zlib FAQ http://zlib.net/zlib_faq.html before asking for help.
+
+Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997
+issue of Dr. Dobb's Journal; a copy of the article is available at
+http://marknelson.us/1997/01/01/zlib-engine/ .
+
+The changes made in version 1.2.5 are documented in the file ChangeLog.
+
+Unsupported third party contributions are provided in directory contrib/ .
+
+zlib is available in Java using the java.util.zip package, documented at
+http://java.sun.com/developer/technicalArticles/Programming/compression/ .
+
+A Perl interface to zlib written by Paul Marquess <pmqs@cpan.org> is available
+at CPAN (Comprehensive Perl Archive Network) sites, including
+http://search.cpan.org/~pmqs/IO-Compress-Zlib/ .
+
+A Python interface to zlib written by A.M. Kuchling <amk@amk.ca> is
+available in Python 1.5 and later versions, see
+http://www.python.org/doc/lib/module-zlib.html .
+
+zlib is built into tcl: http://wiki.tcl.tk/4610 .
+
+An experimental package to read and write files in .zip format, written on top
+of zlib by Gilles Vollant <info@winimage.com>, is available in the
+contrib/minizip directory of zlib.
+
+
+Notes for some targets:
+
+- For Windows DLL versions, please see win32/DLL_FAQ.txt
+
+- For 64-bit Irix, deflate.c must be compiled without any optimization. With
+ -O, one libpng test fails. The test works in 32 bit mode (with the -n32
+ compiler flag). The compiler bug has been reported to SGI.
+
+- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1 it works
+ when compiled with cc.
+
+- On Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1 is
+ necessary to get gzprintf working correctly. This is done by configure.
+
+- zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works with
+ other compilers. Use "make test" to check your compiler.
+
+- gzdopen is not supported on RISCOS or BEOS.
+
+- For PalmOs, see http://palmzlib.sourceforge.net/
+
+
+Acknowledgments:
+
+ The deflate format used by zlib was defined by Phil Katz. The deflate and
+ zlib specifications were written by L. Peter Deutsch. Thanks to all the
+ people who reported problems and suggested various improvements in zlib; they
+ are too numerous to cite here.
+
+Copyright notice:
+
+ (C) 1995-2010 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup@gzip.org madler@alumni.caltech.edu
+
+If you use the zlib library in a product, we would appreciate *not* receiving
+lengthy legal documents to sign. The sources are provided for free but without
+warranty of any kind. The library has been entirely written by Jean-loup
+Gailly and Mark Adler; it does not include third-party code.
+
+If you redistribute modified sources, we would appreciate that you include in
+the file ChangeLog history information documenting your changes. Please read
+the FAQ for more information on the distribution of modified source versions.
diff --git a/security/nss/lib/zlib/README.nss b/security/nss/lib/zlib/README.nss
new file mode 100644
index 000000000..58ad213a0
--- /dev/null
+++ b/security/nss/lib/zlib/README.nss
@@ -0,0 +1,18 @@
+zlib data compression library
+
+URL: http://zlib.net/
+Version: 1.2.5
+License: zlib License
+License File: http://zlib.net/zlib_license.html
+
+Description:
+
+NSS uses zlib in libSSL (for the DEFLATE compression method), modutil, and
+signtool.
+
+Local Modifications:
+
+- patches/prune-zlib.sh: run this shell script to remove unneeded files
+ from the zlib distribution.
+- patches/msvc-vsnprintf.patch: define HAVE_VSNPRINTF for Visual C++ 2008
+ (9.0) and later.
diff --git a/security/nss/lib/zlib/adler32.c b/security/nss/lib/zlib/adler32.c
new file mode 100644
index 000000000..65ad6a5ad
--- /dev/null
+++ b/security/nss/lib/zlib/adler32.c
@@ -0,0 +1,169 @@
+/* adler32.c -- compute the Adler-32 checksum of a data stream
+ * Copyright (C) 1995-2007 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zutil.h"
+
+#define local static
+
+local uLong adler32_combine_(uLong adler1, uLong adler2, z_off64_t len2);
+
+#define BASE 65521UL /* largest prime smaller than 65536 */
+#define NMAX 5552
+/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
+
+#define DO1(buf,i) {adler += (buf)[i]; sum2 += adler;}
+#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
+#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
+#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
+#define DO16(buf) DO8(buf,0); DO8(buf,8);
+
+/* use NO_DIVIDE if your processor does not do division in hardware */
+#ifdef NO_DIVIDE
+# define MOD(a) \
+ do { \
+ if (a >= (BASE << 16)) a -= (BASE << 16); \
+ if (a >= (BASE << 15)) a -= (BASE << 15); \
+ if (a >= (BASE << 14)) a -= (BASE << 14); \
+ if (a >= (BASE << 13)) a -= (BASE << 13); \
+ if (a >= (BASE << 12)) a -= (BASE << 12); \
+ if (a >= (BASE << 11)) a -= (BASE << 11); \
+ if (a >= (BASE << 10)) a -= (BASE << 10); \
+ if (a >= (BASE << 9)) a -= (BASE << 9); \
+ if (a >= (BASE << 8)) a -= (BASE << 8); \
+ if (a >= (BASE << 7)) a -= (BASE << 7); \
+ if (a >= (BASE << 6)) a -= (BASE << 6); \
+ if (a >= (BASE << 5)) a -= (BASE << 5); \
+ if (a >= (BASE << 4)) a -= (BASE << 4); \
+ if (a >= (BASE << 3)) a -= (BASE << 3); \
+ if (a >= (BASE << 2)) a -= (BASE << 2); \
+ if (a >= (BASE << 1)) a -= (BASE << 1); \
+ if (a >= BASE) a -= BASE; \
+ } while (0)
+# define MOD4(a) \
+ do { \
+ if (a >= (BASE << 4)) a -= (BASE << 4); \
+ if (a >= (BASE << 3)) a -= (BASE << 3); \
+ if (a >= (BASE << 2)) a -= (BASE << 2); \
+ if (a >= (BASE << 1)) a -= (BASE << 1); \
+ if (a >= BASE) a -= BASE; \
+ } while (0)
+#else
+# define MOD(a) a %= BASE
+# define MOD4(a) a %= BASE
+#endif
+
+/* ========================================================================= */
+uLong ZEXPORT adler32(adler, buf, len)
+ uLong adler;
+ const Bytef *buf;
+ uInt len;
+{
+ unsigned long sum2;
+ unsigned n;
+
+ /* split Adler-32 into component sums */
+ sum2 = (adler >> 16) & 0xffff;
+ adler &= 0xffff;
+
+ /* in case user likes doing a byte at a time, keep it fast */
+ if (len == 1) {
+ adler += buf[0];
+ if (adler >= BASE)
+ adler -= BASE;
+ sum2 += adler;
+ if (sum2 >= BASE)
+ sum2 -= BASE;
+ return adler | (sum2 << 16);
+ }
+
+ /* initial Adler-32 value (deferred check for len == 1 speed) */
+ if (buf == Z_NULL)
+ return 1L;
+
+ /* in case short lengths are provided, keep it somewhat fast */
+ if (len < 16) {
+ while (len--) {
+ adler += *buf++;
+ sum2 += adler;
+ }
+ if (adler >= BASE)
+ adler -= BASE;
+ MOD4(sum2); /* only added so many BASE's */
+ return adler | (sum2 << 16);
+ }
+
+ /* do length NMAX blocks -- requires just one modulo operation */
+ while (len >= NMAX) {
+ len -= NMAX;
+ n = NMAX / 16; /* NMAX is divisible by 16 */
+ do {
+ DO16(buf); /* 16 sums unrolled */
+ buf += 16;
+ } while (--n);
+ MOD(adler);
+ MOD(sum2);
+ }
+
+ /* do remaining bytes (less than NMAX, still just one modulo) */
+ if (len) { /* avoid modulos if none remaining */
+ while (len >= 16) {
+ len -= 16;
+ DO16(buf);
+ buf += 16;
+ }
+ while (len--) {
+ adler += *buf++;
+ sum2 += adler;
+ }
+ MOD(adler);
+ MOD(sum2);
+ }
+
+ /* return recombined sums */
+ return adler | (sum2 << 16);
+}
+
+/* ========================================================================= */
+local uLong adler32_combine_(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off64_t len2;
+{
+ unsigned long sum1;
+ unsigned long sum2;
+ unsigned rem;
+
+ /* the derivation of this formula is left as an exercise for the reader */
+ rem = (unsigned)(len2 % BASE);
+ sum1 = adler1 & 0xffff;
+ sum2 = rem * sum1;
+ MOD(sum2);
+ sum1 += (adler2 & 0xffff) + BASE - 1;
+ sum2 += ((adler1 >> 16) & 0xffff) + ((adler2 >> 16) & 0xffff) + BASE - rem;
+ if (sum1 >= BASE) sum1 -= BASE;
+ if (sum1 >= BASE) sum1 -= BASE;
+ if (sum2 >= (BASE << 1)) sum2 -= (BASE << 1);
+ if (sum2 >= BASE) sum2 -= BASE;
+ return sum1 | (sum2 << 16);
+}
+
+/* ========================================================================= */
+uLong ZEXPORT adler32_combine(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off_t len2;
+{
+ return adler32_combine_(adler1, adler2, len2);
+}
+
+uLong ZEXPORT adler32_combine64(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off64_t len2;
+{
+ return adler32_combine_(adler1, adler2, len2);
+}
diff --git a/security/nss/lib/zlib/compress.c b/security/nss/lib/zlib/compress.c
new file mode 100644
index 000000000..ea4dfbe9d
--- /dev/null
+++ b/security/nss/lib/zlib/compress.c
@@ -0,0 +1,80 @@
+/* compress.c -- compress a memory buffer
+ * Copyright (C) 1995-2005 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#define ZLIB_INTERNAL
+#include "zlib.h"
+
+/* ===========================================================================
+ Compresses the source buffer into the destination buffer. The level
+ parameter has the same meaning as in deflateInit. sourceLen is the byte
+ length of the source buffer. Upon entry, destLen is the total size of the
+ destination buffer, which must be at least 0.1% larger than sourceLen plus
+ 12 bytes. Upon exit, destLen is the actual size of the compressed buffer.
+
+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
+ Z_STREAM_ERROR if the level parameter is invalid.
+*/
+int ZEXPORT compress2 (dest, destLen, source, sourceLen, level)
+ Bytef *dest;
+ uLongf *destLen;
+ const Bytef *source;
+ uLong sourceLen;
+ int level;
+{
+ z_stream stream;
+ int err;
+
+ stream.next_in = (Bytef*)source;
+ stream.avail_in = (uInt)sourceLen;
+#ifdef MAXSEG_64K
+ /* Check for source > 64K on 16-bit machine: */
+ if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
+#endif
+ stream.next_out = dest;
+ stream.avail_out = (uInt)*destLen;
+ if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
+
+ stream.zalloc = (alloc_func)0;
+ stream.zfree = (free_func)0;
+ stream.opaque = (voidpf)0;
+
+ err = deflateInit(&stream, level);
+ if (err != Z_OK) return err;
+
+ err = deflate(&stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ deflateEnd(&stream);
+ return err == Z_OK ? Z_BUF_ERROR : err;
+ }
+ *destLen = stream.total_out;
+
+ err = deflateEnd(&stream);
+ return err;
+}
+
+/* ===========================================================================
+ */
+int ZEXPORT compress (dest, destLen, source, sourceLen)
+ Bytef *dest;
+ uLongf *destLen;
+ const Bytef *source;
+ uLong sourceLen;
+{
+ return compress2(dest, destLen, source, sourceLen, Z_DEFAULT_COMPRESSION);
+}
+
+/* ===========================================================================
+ If the default memLevel or windowBits for deflateInit() is changed, then
+ this function needs to be updated.
+ */
+uLong ZEXPORT compressBound (sourceLen)
+ uLong sourceLen;
+{
+ return sourceLen + (sourceLen >> 12) + (sourceLen >> 14) +
+ (sourceLen >> 25) + 13;
+}
diff --git a/security/nss/lib/zlib/config.mk b/security/nss/lib/zlib/config.mk
new file mode 100644
index 000000000..696be5d4c
--- /dev/null
+++ b/security/nss/lib/zlib/config.mk
@@ -0,0 +1,20 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# Override TARGETS variable so that only static libraries
+# are specifed as dependencies within rules.mk.
+#
+
+TARGETS = $(LIBRARY) $(PROGRAMS)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PROGRAM =
+
+EXTRA_LIBS = $(LIBRARY)
+
+ifeq ($(OS_TARGET),Linux)
+DEFINES += -DHAVE_UNISTD_H
+endif
diff --git a/security/nss/lib/zlib/crc32.c b/security/nss/lib/zlib/crc32.c
new file mode 100644
index 000000000..91be372d2
--- /dev/null
+++ b/security/nss/lib/zlib/crc32.c
@@ -0,0 +1,442 @@
+/* crc32.c -- compute the CRC-32 of a data stream
+ * Copyright (C) 1995-2006, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ *
+ * Thanks to Rodney Brown <rbrown64@csc.com.au> for his contribution of faster
+ * CRC methods: exclusive-oring 32 bits of data at a time, and pre-computing
+ * tables for updating the shift register in one step with three exclusive-ors
+ * instead of four steps with four exclusive-ors. This results in about a
+ * factor of two increase in speed on a Power PC G4 (PPC7455) using gcc -O3.
+ */
+
+/* @(#) $Id$ */
+
+/*
+ Note on the use of DYNAMIC_CRC_TABLE: there is no mutex or semaphore
+ protection on the static variables used to control the first-use generation
+ of the crc tables. Therefore, if you #define DYNAMIC_CRC_TABLE, you should
+ first call get_crc_table() to initialize the tables before allowing more than
+ one thread to use crc32().
+ */
+
+#ifdef MAKECRCH
+# include <stdio.h>
+# ifndef DYNAMIC_CRC_TABLE
+# define DYNAMIC_CRC_TABLE
+# endif /* !DYNAMIC_CRC_TABLE */
+#endif /* MAKECRCH */
+
+#include "zutil.h" /* for STDC and FAR definitions */
+
+#define local static
+
+/* Find a four-byte integer type for crc32_little() and crc32_big(). */
+#ifndef NOBYFOUR
+# ifdef STDC /* need ANSI C limits.h to determine sizes */
+# include <limits.h>
+# define BYFOUR
+# if (UINT_MAX == 0xffffffffUL)
+ typedef unsigned int u4;
+# else
+# if (ULONG_MAX == 0xffffffffUL)
+ typedef unsigned long u4;
+# else
+# if (USHRT_MAX == 0xffffffffUL)
+ typedef unsigned short u4;
+# else
+# undef BYFOUR /* can't find a four-byte integer type! */
+# endif
+# endif
+# endif
+# endif /* STDC */
+#endif /* !NOBYFOUR */
+
+/* Definitions for doing the crc four data bytes at a time. */
+#ifdef BYFOUR
+# define REV(w) ((((w)>>24)&0xff)+(((w)>>8)&0xff00)+ \
+ (((w)&0xff00)<<8)+(((w)&0xff)<<24))
+ local unsigned long crc32_little OF((unsigned long,
+ const unsigned char FAR *, unsigned));
+ local unsigned long crc32_big OF((unsigned long,
+ const unsigned char FAR *, unsigned));
+# define TBLS 8
+#else
+# define TBLS 1
+#endif /* BYFOUR */
+
+/* Local functions for crc concatenation */
+local unsigned long gf2_matrix_times OF((unsigned long *mat,
+ unsigned long vec));
+local void gf2_matrix_square OF((unsigned long *square, unsigned long *mat));
+local uLong crc32_combine_(uLong crc1, uLong crc2, z_off64_t len2);
+
+
+#ifdef DYNAMIC_CRC_TABLE
+
+local volatile int crc_table_empty = 1;
+local unsigned long FAR crc_table[TBLS][256];
+local void make_crc_table OF((void));
+#ifdef MAKECRCH
+ local void write_table OF((FILE *, const unsigned long FAR *));
+#endif /* MAKECRCH */
+/*
+ Generate tables for a byte-wise 32-bit CRC calculation on the polynomial:
+ x^32+x^26+x^23+x^22+x^16+x^12+x^11+x^10+x^8+x^7+x^5+x^4+x^2+x+1.
+
+ Polynomials over GF(2) are represented in binary, one bit per coefficient,
+ with the lowest powers in the most significant bit. Then adding polynomials
+ is just exclusive-or, and multiplying a polynomial by x is a right shift by
+ one. If we call the above polynomial p, and represent a byte as the
+ polynomial q, also with the lowest power in the most significant bit (so the
+ byte 0xb1 is the polynomial x^7+x^3+x+1), then the CRC is (q*x^32) mod p,
+ where a mod b means the remainder after dividing a by b.
+
+ This calculation is done using the shift-register method of multiplying and
+ taking the remainder. The register is initialized to zero, and for each
+ incoming bit, x^32 is added mod p to the register if the bit is a one (where
+ x^32 mod p is p+x^32 = x^26+...+1), and the register is multiplied mod p by
+ x (which is shifting right by one and adding x^32 mod p if the bit shifted
+ out is a one). We start with the highest power (least significant bit) of
+ q and repeat for all eight bits of q.
+
+ The first table is simply the CRC of all possible eight bit values. This is
+ all the information needed to generate CRCs on data a byte at a time for all
+ combinations of CRC register values and incoming bytes. The remaining tables
+ allow for word-at-a-time CRC calculation for both big-endian and little-
+ endian machines, where a word is four bytes.
+*/
+local void make_crc_table()
+{
+ unsigned long c;
+ int n, k;
+ unsigned long poly; /* polynomial exclusive-or pattern */
+ /* terms of polynomial defining this crc (except x^32): */
+ static volatile int first = 1; /* flag to limit concurrent making */
+ static const unsigned char p[] = {0,1,2,4,5,7,8,10,11,12,16,22,23,26};
+
+ /* See if another task is already doing this (not thread-safe, but better
+ than nothing -- significantly reduces duration of vulnerability in
+ case the advice about DYNAMIC_CRC_TABLE is ignored) */
+ if (first) {
+ first = 0;
+
+ /* make exclusive-or pattern from polynomial (0xedb88320UL) */
+ poly = 0UL;
+ for (n = 0; n < sizeof(p)/sizeof(unsigned char); n++)
+ poly |= 1UL << (31 - p[n]);
+
+ /* generate a crc for every 8-bit value */
+ for (n = 0; n < 256; n++) {
+ c = (unsigned long)n;
+ for (k = 0; k < 8; k++)
+ c = c & 1 ? poly ^ (c >> 1) : c >> 1;
+ crc_table[0][n] = c;
+ }
+
+#ifdef BYFOUR
+ /* generate crc for each value followed by one, two, and three zeros,
+ and then the byte reversal of those as well as the first table */
+ for (n = 0; n < 256; n++) {
+ c = crc_table[0][n];
+ crc_table[4][n] = REV(c);
+ for (k = 1; k < 4; k++) {
+ c = crc_table[0][c & 0xff] ^ (c >> 8);
+ crc_table[k][n] = c;
+ crc_table[k + 4][n] = REV(c);
+ }
+ }
+#endif /* BYFOUR */
+
+ crc_table_empty = 0;
+ }
+ else { /* not first */
+ /* wait for the other guy to finish (not efficient, but rare) */
+ while (crc_table_empty)
+ ;
+ }
+
+#ifdef MAKECRCH
+ /* write out CRC tables to crc32.h */
+ {
+ FILE *out;
+
+ out = fopen("crc32.h", "w");
+ if (out == NULL) return;
+ fprintf(out, "/* crc32.h -- tables for rapid CRC calculation\n");
+ fprintf(out, " * Generated automatically by crc32.c\n */\n\n");
+ fprintf(out, "local const unsigned long FAR ");
+ fprintf(out, "crc_table[TBLS][256] =\n{\n {\n");
+ write_table(out, crc_table[0]);
+# ifdef BYFOUR
+ fprintf(out, "#ifdef BYFOUR\n");
+ for (k = 1; k < 8; k++) {
+ fprintf(out, " },\n {\n");
+ write_table(out, crc_table[k]);
+ }
+ fprintf(out, "#endif\n");
+# endif /* BYFOUR */
+ fprintf(out, " }\n};\n");
+ fclose(out);
+ }
+#endif /* MAKECRCH */
+}
+
+#ifdef MAKECRCH
+local void write_table(out, table)
+ FILE *out;
+ const unsigned long FAR *table;
+{
+ int n;
+
+ for (n = 0; n < 256; n++)
+ fprintf(out, "%s0x%08lxUL%s", n % 5 ? "" : " ", table[n],
+ n == 255 ? "\n" : (n % 5 == 4 ? ",\n" : ", "));
+}
+#endif /* MAKECRCH */
+
+#else /* !DYNAMIC_CRC_TABLE */
+/* ========================================================================
+ * Tables of CRC-32s of all single-byte values, made by make_crc_table().
+ */
+#include "crc32.h"
+#endif /* DYNAMIC_CRC_TABLE */
+
+/* =========================================================================
+ * This function can be used by asm versions of crc32()
+ */
+const unsigned long FAR * ZEXPORT get_crc_table()
+{
+#ifdef DYNAMIC_CRC_TABLE
+ if (crc_table_empty)
+ make_crc_table();
+#endif /* DYNAMIC_CRC_TABLE */
+ return (const unsigned long FAR *)crc_table;
+}
+
+/* ========================================================================= */
+#define DO1 crc = crc_table[0][((int)crc ^ (*buf++)) & 0xff] ^ (crc >> 8)
+#define DO8 DO1; DO1; DO1; DO1; DO1; DO1; DO1; DO1
+
+/* ========================================================================= */
+unsigned long ZEXPORT crc32(crc, buf, len)
+ unsigned long crc;
+ const unsigned char FAR *buf;
+ uInt len;
+{
+ if (buf == Z_NULL) return 0UL;
+
+#ifdef DYNAMIC_CRC_TABLE
+ if (crc_table_empty)
+ make_crc_table();
+#endif /* DYNAMIC_CRC_TABLE */
+
+#ifdef BYFOUR
+ if (sizeof(void *) == sizeof(ptrdiff_t)) {
+ u4 endian;
+
+ endian = 1;
+ if (*((unsigned char *)(&endian)))
+ return crc32_little(crc, buf, len);
+ else
+ return crc32_big(crc, buf, len);
+ }
+#endif /* BYFOUR */
+ crc = crc ^ 0xffffffffUL;
+ while (len >= 8) {
+ DO8;
+ len -= 8;
+ }
+ if (len) do {
+ DO1;
+ } while (--len);
+ return crc ^ 0xffffffffUL;
+}
+
+#ifdef BYFOUR
+
+/* ========================================================================= */
+#define DOLIT4 c ^= *buf4++; \
+ c = crc_table[3][c & 0xff] ^ crc_table[2][(c >> 8) & 0xff] ^ \
+ crc_table[1][(c >> 16) & 0xff] ^ crc_table[0][c >> 24]
+#define DOLIT32 DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4; DOLIT4
+
+/* ========================================================================= */
+local unsigned long crc32_little(crc, buf, len)
+ unsigned long crc;
+ const unsigned char FAR *buf;
+ unsigned len;
+{
+ register u4 c;
+ register const u4 FAR *buf4;
+
+ c = (u4)crc;
+ c = ~c;
+ while (len && ((ptrdiff_t)buf & 3)) {
+ c = crc_table[0][(c ^ *buf++) & 0xff] ^ (c >> 8);
+ len--;
+ }
+
+ buf4 = (const u4 FAR *)(const void FAR *)buf;
+ while (len >= 32) {
+ DOLIT32;
+ len -= 32;
+ }
+ while (len >= 4) {
+ DOLIT4;
+ len -= 4;
+ }
+ buf = (const unsigned char FAR *)buf4;
+
+ if (len) do {
+ c = crc_table[0][(c ^ *buf++) & 0xff] ^ (c >> 8);
+ } while (--len);
+ c = ~c;
+ return (unsigned long)c;
+}
+
+/* ========================================================================= */
+#define DOBIG4 c ^= *++buf4; \
+ c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \
+ crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24]
+#define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4
+
+/* ========================================================================= */
+local unsigned long crc32_big(crc, buf, len)
+ unsigned long crc;
+ const unsigned char FAR *buf;
+ unsigned len;
+{
+ register u4 c;
+ register const u4 FAR *buf4;
+
+ c = REV((u4)crc);
+ c = ~c;
+ while (len && ((ptrdiff_t)buf & 3)) {
+ c = crc_table[4][(c >> 24) ^ *buf++] ^ (c << 8);
+ len--;
+ }
+
+ buf4 = (const u4 FAR *)(const void FAR *)buf;
+ buf4--;
+ while (len >= 32) {
+ DOBIG32;
+ len -= 32;
+ }
+ while (len >= 4) {
+ DOBIG4;
+ len -= 4;
+ }
+ buf4++;
+ buf = (const unsigned char FAR *)buf4;
+
+ if (len) do {
+ c = crc_table[4][(c >> 24) ^ *buf++] ^ (c << 8);
+ } while (--len);
+ c = ~c;
+ return (unsigned long)(REV(c));
+}
+
+#endif /* BYFOUR */
+
+#define GF2_DIM 32 /* dimension of GF(2) vectors (length of CRC) */
+
+/* ========================================================================= */
+local unsigned long gf2_matrix_times(mat, vec)
+ unsigned long *mat;
+ unsigned long vec;
+{
+ unsigned long sum;
+
+ sum = 0;
+ while (vec) {
+ if (vec & 1)
+ sum ^= *mat;
+ vec >>= 1;
+ mat++;
+ }
+ return sum;
+}
+
+/* ========================================================================= */
+local void gf2_matrix_square(square, mat)
+ unsigned long *square;
+ unsigned long *mat;
+{
+ int n;
+
+ for (n = 0; n < GF2_DIM; n++)
+ square[n] = gf2_matrix_times(mat, mat[n]);
+}
+
+/* ========================================================================= */
+local uLong crc32_combine_(crc1, crc2, len2)
+ uLong crc1;
+ uLong crc2;
+ z_off64_t len2;
+{
+ int n;
+ unsigned long row;
+ unsigned long even[GF2_DIM]; /* even-power-of-two zeros operator */
+ unsigned long odd[GF2_DIM]; /* odd-power-of-two zeros operator */
+
+ /* degenerate case (also disallow negative lengths) */
+ if (len2 <= 0)
+ return crc1;
+
+ /* put operator for one zero bit in odd */
+ odd[0] = 0xedb88320UL; /* CRC-32 polynomial */
+ row = 1;
+ for (n = 1; n < GF2_DIM; n++) {
+ odd[n] = row;
+ row <<= 1;
+ }
+
+ /* put operator for two zero bits in even */
+ gf2_matrix_square(even, odd);
+
+ /* put operator for four zero bits in odd */
+ gf2_matrix_square(odd, even);
+
+ /* apply len2 zeros to crc1 (first square will put the operator for one
+ zero byte, eight zero bits, in even) */
+ do {
+ /* apply zeros operator for this bit of len2 */
+ gf2_matrix_square(even, odd);
+ if (len2 & 1)
+ crc1 = gf2_matrix_times(even, crc1);
+ len2 >>= 1;
+
+ /* if no more bits set, then done */
+ if (len2 == 0)
+ break;
+
+ /* another iteration of the loop with odd and even swapped */
+ gf2_matrix_square(odd, even);
+ if (len2 & 1)
+ crc1 = gf2_matrix_times(odd, crc1);
+ len2 >>= 1;
+
+ /* if no more bits set, then done */
+ } while (len2 != 0);
+
+ /* return combined crc */
+ crc1 ^= crc2;
+ return crc1;
+}
+
+/* ========================================================================= */
+uLong ZEXPORT crc32_combine(crc1, crc2, len2)
+ uLong crc1;
+ uLong crc2;
+ z_off_t len2;
+{
+ return crc32_combine_(crc1, crc2, len2);
+}
+
+uLong ZEXPORT crc32_combine64(crc1, crc2, len2)
+ uLong crc1;
+ uLong crc2;
+ z_off64_t len2;
+{
+ return crc32_combine_(crc1, crc2, len2);
+}
diff --git a/security/nss/lib/zlib/crc32.h b/security/nss/lib/zlib/crc32.h
new file mode 100644
index 000000000..7156a5a73
--- /dev/null
+++ b/security/nss/lib/zlib/crc32.h
@@ -0,0 +1,445 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* crc32.h -- tables for rapid CRC calculation
+ * Generated automatically by crc32.c
+ */
+
+local const unsigned long FAR crc_table[TBLS][256] =
+{
+ {
+ 0x00000000UL, 0x77073096UL, 0xee0e612cUL, 0x990951baUL, 0x076dc419UL,
+ 0x706af48fUL, 0xe963a535UL, 0x9e6495a3UL, 0x0edb8832UL, 0x79dcb8a4UL,
+ 0xe0d5e91eUL, 0x97d2d988UL, 0x09b64c2bUL, 0x7eb17cbdUL, 0xe7b82d07UL,
+ 0x90bf1d91UL, 0x1db71064UL, 0x6ab020f2UL, 0xf3b97148UL, 0x84be41deUL,
+ 0x1adad47dUL, 0x6ddde4ebUL, 0xf4d4b551UL, 0x83d385c7UL, 0x136c9856UL,
+ 0x646ba8c0UL, 0xfd62f97aUL, 0x8a65c9ecUL, 0x14015c4fUL, 0x63066cd9UL,
+ 0xfa0f3d63UL, 0x8d080df5UL, 0x3b6e20c8UL, 0x4c69105eUL, 0xd56041e4UL,
+ 0xa2677172UL, 0x3c03e4d1UL, 0x4b04d447UL, 0xd20d85fdUL, 0xa50ab56bUL,
+ 0x35b5a8faUL, 0x42b2986cUL, 0xdbbbc9d6UL, 0xacbcf940UL, 0x32d86ce3UL,
+ 0x45df5c75UL, 0xdcd60dcfUL, 0xabd13d59UL, 0x26d930acUL, 0x51de003aUL,
+ 0xc8d75180UL, 0xbfd06116UL, 0x21b4f4b5UL, 0x56b3c423UL, 0xcfba9599UL,
+ 0xb8bda50fUL, 0x2802b89eUL, 0x5f058808UL, 0xc60cd9b2UL, 0xb10be924UL,
+ 0x2f6f7c87UL, 0x58684c11UL, 0xc1611dabUL, 0xb6662d3dUL, 0x76dc4190UL,
+ 0x01db7106UL, 0x98d220bcUL, 0xefd5102aUL, 0x71b18589UL, 0x06b6b51fUL,
+ 0x9fbfe4a5UL, 0xe8b8d433UL, 0x7807c9a2UL, 0x0f00f934UL, 0x9609a88eUL,
+ 0xe10e9818UL, 0x7f6a0dbbUL, 0x086d3d2dUL, 0x91646c97UL, 0xe6635c01UL,
+ 0x6b6b51f4UL, 0x1c6c6162UL, 0x856530d8UL, 0xf262004eUL, 0x6c0695edUL,
+ 0x1b01a57bUL, 0x8208f4c1UL, 0xf50fc457UL, 0x65b0d9c6UL, 0x12b7e950UL,
+ 0x8bbeb8eaUL, 0xfcb9887cUL, 0x62dd1ddfUL, 0x15da2d49UL, 0x8cd37cf3UL,
+ 0xfbd44c65UL, 0x4db26158UL, 0x3ab551ceUL, 0xa3bc0074UL, 0xd4bb30e2UL,
+ 0x4adfa541UL, 0x3dd895d7UL, 0xa4d1c46dUL, 0xd3d6f4fbUL, 0x4369e96aUL,
+ 0x346ed9fcUL, 0xad678846UL, 0xda60b8d0UL, 0x44042d73UL, 0x33031de5UL,
+ 0xaa0a4c5fUL, 0xdd0d7cc9UL, 0x5005713cUL, 0x270241aaUL, 0xbe0b1010UL,
+ 0xc90c2086UL, 0x5768b525UL, 0x206f85b3UL, 0xb966d409UL, 0xce61e49fUL,
+ 0x5edef90eUL, 0x29d9c998UL, 0xb0d09822UL, 0xc7d7a8b4UL, 0x59b33d17UL,
+ 0x2eb40d81UL, 0xb7bd5c3bUL, 0xc0ba6cadUL, 0xedb88320UL, 0x9abfb3b6UL,
+ 0x03b6e20cUL, 0x74b1d29aUL, 0xead54739UL, 0x9dd277afUL, 0x04db2615UL,
+ 0x73dc1683UL, 0xe3630b12UL, 0x94643b84UL, 0x0d6d6a3eUL, 0x7a6a5aa8UL,
+ 0xe40ecf0bUL, 0x9309ff9dUL, 0x0a00ae27UL, 0x7d079eb1UL, 0xf00f9344UL,
+ 0x8708a3d2UL, 0x1e01f268UL, 0x6906c2feUL, 0xf762575dUL, 0x806567cbUL,
+ 0x196c3671UL, 0x6e6b06e7UL, 0xfed41b76UL, 0x89d32be0UL, 0x10da7a5aUL,
+ 0x67dd4accUL, 0xf9b9df6fUL, 0x8ebeeff9UL, 0x17b7be43UL, 0x60b08ed5UL,
+ 0xd6d6a3e8UL, 0xa1d1937eUL, 0x38d8c2c4UL, 0x4fdff252UL, 0xd1bb67f1UL,
+ 0xa6bc5767UL, 0x3fb506ddUL, 0x48b2364bUL, 0xd80d2bdaUL, 0xaf0a1b4cUL,
+ 0x36034af6UL, 0x41047a60UL, 0xdf60efc3UL, 0xa867df55UL, 0x316e8eefUL,
+ 0x4669be79UL, 0xcb61b38cUL, 0xbc66831aUL, 0x256fd2a0UL, 0x5268e236UL,
+ 0xcc0c7795UL, 0xbb0b4703UL, 0x220216b9UL, 0x5505262fUL, 0xc5ba3bbeUL,
+ 0xb2bd0b28UL, 0x2bb45a92UL, 0x5cb36a04UL, 0xc2d7ffa7UL, 0xb5d0cf31UL,
+ 0x2cd99e8bUL, 0x5bdeae1dUL, 0x9b64c2b0UL, 0xec63f226UL, 0x756aa39cUL,
+ 0x026d930aUL, 0x9c0906a9UL, 0xeb0e363fUL, 0x72076785UL, 0x05005713UL,
+ 0x95bf4a82UL, 0xe2b87a14UL, 0x7bb12baeUL, 0x0cb61b38UL, 0x92d28e9bUL,
+ 0xe5d5be0dUL, 0x7cdcefb7UL, 0x0bdbdf21UL, 0x86d3d2d4UL, 0xf1d4e242UL,
+ 0x68ddb3f8UL, 0x1fda836eUL, 0x81be16cdUL, 0xf6b9265bUL, 0x6fb077e1UL,
+ 0x18b74777UL, 0x88085ae6UL, 0xff0f6a70UL, 0x66063bcaUL, 0x11010b5cUL,
+ 0x8f659effUL, 0xf862ae69UL, 0x616bffd3UL, 0x166ccf45UL, 0xa00ae278UL,
+ 0xd70dd2eeUL, 0x4e048354UL, 0x3903b3c2UL, 0xa7672661UL, 0xd06016f7UL,
+ 0x4969474dUL, 0x3e6e77dbUL, 0xaed16a4aUL, 0xd9d65adcUL, 0x40df0b66UL,
+ 0x37d83bf0UL, 0xa9bcae53UL, 0xdebb9ec5UL, 0x47b2cf7fUL, 0x30b5ffe9UL,
+ 0xbdbdf21cUL, 0xcabac28aUL, 0x53b39330UL, 0x24b4a3a6UL, 0xbad03605UL,
+ 0xcdd70693UL, 0x54de5729UL, 0x23d967bfUL, 0xb3667a2eUL, 0xc4614ab8UL,
+ 0x5d681b02UL, 0x2a6f2b94UL, 0xb40bbe37UL, 0xc30c8ea1UL, 0x5a05df1bUL,
+ 0x2d02ef8dUL
+#ifdef BYFOUR
+ },
+ {
+ 0x00000000UL, 0x191b3141UL, 0x32366282UL, 0x2b2d53c3UL, 0x646cc504UL,
+ 0x7d77f445UL, 0x565aa786UL, 0x4f4196c7UL, 0xc8d98a08UL, 0xd1c2bb49UL,
+ 0xfaefe88aUL, 0xe3f4d9cbUL, 0xacb54f0cUL, 0xb5ae7e4dUL, 0x9e832d8eUL,
+ 0x87981ccfUL, 0x4ac21251UL, 0x53d92310UL, 0x78f470d3UL, 0x61ef4192UL,
+ 0x2eaed755UL, 0x37b5e614UL, 0x1c98b5d7UL, 0x05838496UL, 0x821b9859UL,
+ 0x9b00a918UL, 0xb02dfadbUL, 0xa936cb9aUL, 0xe6775d5dUL, 0xff6c6c1cUL,
+ 0xd4413fdfUL, 0xcd5a0e9eUL, 0x958424a2UL, 0x8c9f15e3UL, 0xa7b24620UL,
+ 0xbea97761UL, 0xf1e8e1a6UL, 0xe8f3d0e7UL, 0xc3de8324UL, 0xdac5b265UL,
+ 0x5d5daeaaUL, 0x44469febUL, 0x6f6bcc28UL, 0x7670fd69UL, 0x39316baeUL,
+ 0x202a5aefUL, 0x0b07092cUL, 0x121c386dUL, 0xdf4636f3UL, 0xc65d07b2UL,
+ 0xed705471UL, 0xf46b6530UL, 0xbb2af3f7UL, 0xa231c2b6UL, 0x891c9175UL,
+ 0x9007a034UL, 0x179fbcfbUL, 0x0e848dbaUL, 0x25a9de79UL, 0x3cb2ef38UL,
+ 0x73f379ffUL, 0x6ae848beUL, 0x41c51b7dUL, 0x58de2a3cUL, 0xf0794f05UL,
+ 0xe9627e44UL, 0xc24f2d87UL, 0xdb541cc6UL, 0x94158a01UL, 0x8d0ebb40UL,
+ 0xa623e883UL, 0xbf38d9c2UL, 0x38a0c50dUL, 0x21bbf44cUL, 0x0a96a78fUL,
+ 0x138d96ceUL, 0x5ccc0009UL, 0x45d73148UL, 0x6efa628bUL, 0x77e153caUL,
+ 0xbabb5d54UL, 0xa3a06c15UL, 0x888d3fd6UL, 0x91960e97UL, 0xded79850UL,
+ 0xc7cca911UL, 0xece1fad2UL, 0xf5facb93UL, 0x7262d75cUL, 0x6b79e61dUL,
+ 0x4054b5deUL, 0x594f849fUL, 0x160e1258UL, 0x0f152319UL, 0x243870daUL,
+ 0x3d23419bUL, 0x65fd6ba7UL, 0x7ce65ae6UL, 0x57cb0925UL, 0x4ed03864UL,
+ 0x0191aea3UL, 0x188a9fe2UL, 0x33a7cc21UL, 0x2abcfd60UL, 0xad24e1afUL,
+ 0xb43fd0eeUL, 0x9f12832dUL, 0x8609b26cUL, 0xc94824abUL, 0xd05315eaUL,
+ 0xfb7e4629UL, 0xe2657768UL, 0x2f3f79f6UL, 0x362448b7UL, 0x1d091b74UL,
+ 0x04122a35UL, 0x4b53bcf2UL, 0x52488db3UL, 0x7965de70UL, 0x607eef31UL,
+ 0xe7e6f3feUL, 0xfefdc2bfUL, 0xd5d0917cUL, 0xcccba03dUL, 0x838a36faUL,
+ 0x9a9107bbUL, 0xb1bc5478UL, 0xa8a76539UL, 0x3b83984bUL, 0x2298a90aUL,
+ 0x09b5fac9UL, 0x10aecb88UL, 0x5fef5d4fUL, 0x46f46c0eUL, 0x6dd93fcdUL,
+ 0x74c20e8cUL, 0xf35a1243UL, 0xea412302UL, 0xc16c70c1UL, 0xd8774180UL,
+ 0x9736d747UL, 0x8e2de606UL, 0xa500b5c5UL, 0xbc1b8484UL, 0x71418a1aUL,
+ 0x685abb5bUL, 0x4377e898UL, 0x5a6cd9d9UL, 0x152d4f1eUL, 0x0c367e5fUL,
+ 0x271b2d9cUL, 0x3e001cddUL, 0xb9980012UL, 0xa0833153UL, 0x8bae6290UL,
+ 0x92b553d1UL, 0xddf4c516UL, 0xc4eff457UL, 0xefc2a794UL, 0xf6d996d5UL,
+ 0xae07bce9UL, 0xb71c8da8UL, 0x9c31de6bUL, 0x852aef2aUL, 0xca6b79edUL,
+ 0xd37048acUL, 0xf85d1b6fUL, 0xe1462a2eUL, 0x66de36e1UL, 0x7fc507a0UL,
+ 0x54e85463UL, 0x4df36522UL, 0x02b2f3e5UL, 0x1ba9c2a4UL, 0x30849167UL,
+ 0x299fa026UL, 0xe4c5aeb8UL, 0xfdde9ff9UL, 0xd6f3cc3aUL, 0xcfe8fd7bUL,
+ 0x80a96bbcUL, 0x99b25afdUL, 0xb29f093eUL, 0xab84387fUL, 0x2c1c24b0UL,
+ 0x350715f1UL, 0x1e2a4632UL, 0x07317773UL, 0x4870e1b4UL, 0x516bd0f5UL,
+ 0x7a468336UL, 0x635db277UL, 0xcbfad74eUL, 0xd2e1e60fUL, 0xf9ccb5ccUL,
+ 0xe0d7848dUL, 0xaf96124aUL, 0xb68d230bUL, 0x9da070c8UL, 0x84bb4189UL,
+ 0x03235d46UL, 0x1a386c07UL, 0x31153fc4UL, 0x280e0e85UL, 0x674f9842UL,
+ 0x7e54a903UL, 0x5579fac0UL, 0x4c62cb81UL, 0x8138c51fUL, 0x9823f45eUL,
+ 0xb30ea79dUL, 0xaa1596dcUL, 0xe554001bUL, 0xfc4f315aUL, 0xd7626299UL,
+ 0xce7953d8UL, 0x49e14f17UL, 0x50fa7e56UL, 0x7bd72d95UL, 0x62cc1cd4UL,
+ 0x2d8d8a13UL, 0x3496bb52UL, 0x1fbbe891UL, 0x06a0d9d0UL, 0x5e7ef3ecUL,
+ 0x4765c2adUL, 0x6c48916eUL, 0x7553a02fUL, 0x3a1236e8UL, 0x230907a9UL,
+ 0x0824546aUL, 0x113f652bUL, 0x96a779e4UL, 0x8fbc48a5UL, 0xa4911b66UL,
+ 0xbd8a2a27UL, 0xf2cbbce0UL, 0xebd08da1UL, 0xc0fdde62UL, 0xd9e6ef23UL,
+ 0x14bce1bdUL, 0x0da7d0fcUL, 0x268a833fUL, 0x3f91b27eUL, 0x70d024b9UL,
+ 0x69cb15f8UL, 0x42e6463bUL, 0x5bfd777aUL, 0xdc656bb5UL, 0xc57e5af4UL,
+ 0xee530937UL, 0xf7483876UL, 0xb809aeb1UL, 0xa1129ff0UL, 0x8a3fcc33UL,
+ 0x9324fd72UL
+ },
+ {
+ 0x00000000UL, 0x01c26a37UL, 0x0384d46eUL, 0x0246be59UL, 0x0709a8dcUL,
+ 0x06cbc2ebUL, 0x048d7cb2UL, 0x054f1685UL, 0x0e1351b8UL, 0x0fd13b8fUL,
+ 0x0d9785d6UL, 0x0c55efe1UL, 0x091af964UL, 0x08d89353UL, 0x0a9e2d0aUL,
+ 0x0b5c473dUL, 0x1c26a370UL, 0x1de4c947UL, 0x1fa2771eUL, 0x1e601d29UL,
+ 0x1b2f0bacUL, 0x1aed619bUL, 0x18abdfc2UL, 0x1969b5f5UL, 0x1235f2c8UL,
+ 0x13f798ffUL, 0x11b126a6UL, 0x10734c91UL, 0x153c5a14UL, 0x14fe3023UL,
+ 0x16b88e7aUL, 0x177ae44dUL, 0x384d46e0UL, 0x398f2cd7UL, 0x3bc9928eUL,
+ 0x3a0bf8b9UL, 0x3f44ee3cUL, 0x3e86840bUL, 0x3cc03a52UL, 0x3d025065UL,
+ 0x365e1758UL, 0x379c7d6fUL, 0x35dac336UL, 0x3418a901UL, 0x3157bf84UL,
+ 0x3095d5b3UL, 0x32d36beaUL, 0x331101ddUL, 0x246be590UL, 0x25a98fa7UL,
+ 0x27ef31feUL, 0x262d5bc9UL, 0x23624d4cUL, 0x22a0277bUL, 0x20e69922UL,
+ 0x2124f315UL, 0x2a78b428UL, 0x2bbade1fUL, 0x29fc6046UL, 0x283e0a71UL,
+ 0x2d711cf4UL, 0x2cb376c3UL, 0x2ef5c89aUL, 0x2f37a2adUL, 0x709a8dc0UL,
+ 0x7158e7f7UL, 0x731e59aeUL, 0x72dc3399UL, 0x7793251cUL, 0x76514f2bUL,
+ 0x7417f172UL, 0x75d59b45UL, 0x7e89dc78UL, 0x7f4bb64fUL, 0x7d0d0816UL,
+ 0x7ccf6221UL, 0x798074a4UL, 0x78421e93UL, 0x7a04a0caUL, 0x7bc6cafdUL,
+ 0x6cbc2eb0UL, 0x6d7e4487UL, 0x6f38fadeUL, 0x6efa90e9UL, 0x6bb5866cUL,
+ 0x6a77ec5bUL, 0x68315202UL, 0x69f33835UL, 0x62af7f08UL, 0x636d153fUL,
+ 0x612bab66UL, 0x60e9c151UL, 0x65a6d7d4UL, 0x6464bde3UL, 0x662203baUL,
+ 0x67e0698dUL, 0x48d7cb20UL, 0x4915a117UL, 0x4b531f4eUL, 0x4a917579UL,
+ 0x4fde63fcUL, 0x4e1c09cbUL, 0x4c5ab792UL, 0x4d98dda5UL, 0x46c49a98UL,
+ 0x4706f0afUL, 0x45404ef6UL, 0x448224c1UL, 0x41cd3244UL, 0x400f5873UL,
+ 0x4249e62aUL, 0x438b8c1dUL, 0x54f16850UL, 0x55330267UL, 0x5775bc3eUL,
+ 0x56b7d609UL, 0x53f8c08cUL, 0x523aaabbUL, 0x507c14e2UL, 0x51be7ed5UL,
+ 0x5ae239e8UL, 0x5b2053dfUL, 0x5966ed86UL, 0x58a487b1UL, 0x5deb9134UL,
+ 0x5c29fb03UL, 0x5e6f455aUL, 0x5fad2f6dUL, 0xe1351b80UL, 0xe0f771b7UL,
+ 0xe2b1cfeeUL, 0xe373a5d9UL, 0xe63cb35cUL, 0xe7fed96bUL, 0xe5b86732UL,
+ 0xe47a0d05UL, 0xef264a38UL, 0xeee4200fUL, 0xeca29e56UL, 0xed60f461UL,
+ 0xe82fe2e4UL, 0xe9ed88d3UL, 0xebab368aUL, 0xea695cbdUL, 0xfd13b8f0UL,
+ 0xfcd1d2c7UL, 0xfe976c9eUL, 0xff5506a9UL, 0xfa1a102cUL, 0xfbd87a1bUL,
+ 0xf99ec442UL, 0xf85cae75UL, 0xf300e948UL, 0xf2c2837fUL, 0xf0843d26UL,
+ 0xf1465711UL, 0xf4094194UL, 0xf5cb2ba3UL, 0xf78d95faUL, 0xf64fffcdUL,
+ 0xd9785d60UL, 0xd8ba3757UL, 0xdafc890eUL, 0xdb3ee339UL, 0xde71f5bcUL,
+ 0xdfb39f8bUL, 0xddf521d2UL, 0xdc374be5UL, 0xd76b0cd8UL, 0xd6a966efUL,
+ 0xd4efd8b6UL, 0xd52db281UL, 0xd062a404UL, 0xd1a0ce33UL, 0xd3e6706aUL,
+ 0xd2241a5dUL, 0xc55efe10UL, 0xc49c9427UL, 0xc6da2a7eUL, 0xc7184049UL,
+ 0xc25756ccUL, 0xc3953cfbUL, 0xc1d382a2UL, 0xc011e895UL, 0xcb4dafa8UL,
+ 0xca8fc59fUL, 0xc8c97bc6UL, 0xc90b11f1UL, 0xcc440774UL, 0xcd866d43UL,
+ 0xcfc0d31aUL, 0xce02b92dUL, 0x91af9640UL, 0x906dfc77UL, 0x922b422eUL,
+ 0x93e92819UL, 0x96a63e9cUL, 0x976454abUL, 0x9522eaf2UL, 0x94e080c5UL,
+ 0x9fbcc7f8UL, 0x9e7eadcfUL, 0x9c381396UL, 0x9dfa79a1UL, 0x98b56f24UL,
+ 0x99770513UL, 0x9b31bb4aUL, 0x9af3d17dUL, 0x8d893530UL, 0x8c4b5f07UL,
+ 0x8e0de15eUL, 0x8fcf8b69UL, 0x8a809decUL, 0x8b42f7dbUL, 0x89044982UL,
+ 0x88c623b5UL, 0x839a6488UL, 0x82580ebfUL, 0x801eb0e6UL, 0x81dcdad1UL,
+ 0x8493cc54UL, 0x8551a663UL, 0x8717183aUL, 0x86d5720dUL, 0xa9e2d0a0UL,
+ 0xa820ba97UL, 0xaa6604ceUL, 0xaba46ef9UL, 0xaeeb787cUL, 0xaf29124bUL,
+ 0xad6fac12UL, 0xacadc625UL, 0xa7f18118UL, 0xa633eb2fUL, 0xa4755576UL,
+ 0xa5b73f41UL, 0xa0f829c4UL, 0xa13a43f3UL, 0xa37cfdaaUL, 0xa2be979dUL,
+ 0xb5c473d0UL, 0xb40619e7UL, 0xb640a7beUL, 0xb782cd89UL, 0xb2cddb0cUL,
+ 0xb30fb13bUL, 0xb1490f62UL, 0xb08b6555UL, 0xbbd72268UL, 0xba15485fUL,
+ 0xb853f606UL, 0xb9919c31UL, 0xbcde8ab4UL, 0xbd1ce083UL, 0xbf5a5edaUL,
+ 0xbe9834edUL
+ },
+ {
+ 0x00000000UL, 0xb8bc6765UL, 0xaa09c88bUL, 0x12b5afeeUL, 0x8f629757UL,
+ 0x37def032UL, 0x256b5fdcUL, 0x9dd738b9UL, 0xc5b428efUL, 0x7d084f8aUL,
+ 0x6fbde064UL, 0xd7018701UL, 0x4ad6bfb8UL, 0xf26ad8ddUL, 0xe0df7733UL,
+ 0x58631056UL, 0x5019579fUL, 0xe8a530faUL, 0xfa109f14UL, 0x42acf871UL,
+ 0xdf7bc0c8UL, 0x67c7a7adUL, 0x75720843UL, 0xcdce6f26UL, 0x95ad7f70UL,
+ 0x2d111815UL, 0x3fa4b7fbUL, 0x8718d09eUL, 0x1acfe827UL, 0xa2738f42UL,
+ 0xb0c620acUL, 0x087a47c9UL, 0xa032af3eUL, 0x188ec85bUL, 0x0a3b67b5UL,
+ 0xb28700d0UL, 0x2f503869UL, 0x97ec5f0cUL, 0x8559f0e2UL, 0x3de59787UL,
+ 0x658687d1UL, 0xdd3ae0b4UL, 0xcf8f4f5aUL, 0x7733283fUL, 0xeae41086UL,
+ 0x525877e3UL, 0x40edd80dUL, 0xf851bf68UL, 0xf02bf8a1UL, 0x48979fc4UL,
+ 0x5a22302aUL, 0xe29e574fUL, 0x7f496ff6UL, 0xc7f50893UL, 0xd540a77dUL,
+ 0x6dfcc018UL, 0x359fd04eUL, 0x8d23b72bUL, 0x9f9618c5UL, 0x272a7fa0UL,
+ 0xbafd4719UL, 0x0241207cUL, 0x10f48f92UL, 0xa848e8f7UL, 0x9b14583dUL,
+ 0x23a83f58UL, 0x311d90b6UL, 0x89a1f7d3UL, 0x1476cf6aUL, 0xaccaa80fUL,
+ 0xbe7f07e1UL, 0x06c36084UL, 0x5ea070d2UL, 0xe61c17b7UL, 0xf4a9b859UL,
+ 0x4c15df3cUL, 0xd1c2e785UL, 0x697e80e0UL, 0x7bcb2f0eUL, 0xc377486bUL,
+ 0xcb0d0fa2UL, 0x73b168c7UL, 0x6104c729UL, 0xd9b8a04cUL, 0x446f98f5UL,
+ 0xfcd3ff90UL, 0xee66507eUL, 0x56da371bUL, 0x0eb9274dUL, 0xb6054028UL,
+ 0xa4b0efc6UL, 0x1c0c88a3UL, 0x81dbb01aUL, 0x3967d77fUL, 0x2bd27891UL,
+ 0x936e1ff4UL, 0x3b26f703UL, 0x839a9066UL, 0x912f3f88UL, 0x299358edUL,
+ 0xb4446054UL, 0x0cf80731UL, 0x1e4da8dfUL, 0xa6f1cfbaUL, 0xfe92dfecUL,
+ 0x462eb889UL, 0x549b1767UL, 0xec277002UL, 0x71f048bbUL, 0xc94c2fdeUL,
+ 0xdbf98030UL, 0x6345e755UL, 0x6b3fa09cUL, 0xd383c7f9UL, 0xc1366817UL,
+ 0x798a0f72UL, 0xe45d37cbUL, 0x5ce150aeUL, 0x4e54ff40UL, 0xf6e89825UL,
+ 0xae8b8873UL, 0x1637ef16UL, 0x048240f8UL, 0xbc3e279dUL, 0x21e91f24UL,
+ 0x99557841UL, 0x8be0d7afUL, 0x335cb0caUL, 0xed59b63bUL, 0x55e5d15eUL,
+ 0x47507eb0UL, 0xffec19d5UL, 0x623b216cUL, 0xda874609UL, 0xc832e9e7UL,
+ 0x708e8e82UL, 0x28ed9ed4UL, 0x9051f9b1UL, 0x82e4565fUL, 0x3a58313aUL,
+ 0xa78f0983UL, 0x1f336ee6UL, 0x0d86c108UL, 0xb53aa66dUL, 0xbd40e1a4UL,
+ 0x05fc86c1UL, 0x1749292fUL, 0xaff54e4aUL, 0x322276f3UL, 0x8a9e1196UL,
+ 0x982bbe78UL, 0x2097d91dUL, 0x78f4c94bUL, 0xc048ae2eUL, 0xd2fd01c0UL,
+ 0x6a4166a5UL, 0xf7965e1cUL, 0x4f2a3979UL, 0x5d9f9697UL, 0xe523f1f2UL,
+ 0x4d6b1905UL, 0xf5d77e60UL, 0xe762d18eUL, 0x5fdeb6ebUL, 0xc2098e52UL,
+ 0x7ab5e937UL, 0x680046d9UL, 0xd0bc21bcUL, 0x88df31eaUL, 0x3063568fUL,
+ 0x22d6f961UL, 0x9a6a9e04UL, 0x07bda6bdUL, 0xbf01c1d8UL, 0xadb46e36UL,
+ 0x15080953UL, 0x1d724e9aUL, 0xa5ce29ffUL, 0xb77b8611UL, 0x0fc7e174UL,
+ 0x9210d9cdUL, 0x2aacbea8UL, 0x38191146UL, 0x80a57623UL, 0xd8c66675UL,
+ 0x607a0110UL, 0x72cfaefeUL, 0xca73c99bUL, 0x57a4f122UL, 0xef189647UL,
+ 0xfdad39a9UL, 0x45115eccUL, 0x764dee06UL, 0xcef18963UL, 0xdc44268dUL,
+ 0x64f841e8UL, 0xf92f7951UL, 0x41931e34UL, 0x5326b1daUL, 0xeb9ad6bfUL,
+ 0xb3f9c6e9UL, 0x0b45a18cUL, 0x19f00e62UL, 0xa14c6907UL, 0x3c9b51beUL,
+ 0x842736dbUL, 0x96929935UL, 0x2e2efe50UL, 0x2654b999UL, 0x9ee8defcUL,
+ 0x8c5d7112UL, 0x34e11677UL, 0xa9362eceUL, 0x118a49abUL, 0x033fe645UL,
+ 0xbb838120UL, 0xe3e09176UL, 0x5b5cf613UL, 0x49e959fdUL, 0xf1553e98UL,
+ 0x6c820621UL, 0xd43e6144UL, 0xc68bceaaUL, 0x7e37a9cfUL, 0xd67f4138UL,
+ 0x6ec3265dUL, 0x7c7689b3UL, 0xc4caeed6UL, 0x591dd66fUL, 0xe1a1b10aUL,
+ 0xf3141ee4UL, 0x4ba87981UL, 0x13cb69d7UL, 0xab770eb2UL, 0xb9c2a15cUL,
+ 0x017ec639UL, 0x9ca9fe80UL, 0x241599e5UL, 0x36a0360bUL, 0x8e1c516eUL,
+ 0x866616a7UL, 0x3eda71c2UL, 0x2c6fde2cUL, 0x94d3b949UL, 0x090481f0UL,
+ 0xb1b8e695UL, 0xa30d497bUL, 0x1bb12e1eUL, 0x43d23e48UL, 0xfb6e592dUL,
+ 0xe9dbf6c3UL, 0x516791a6UL, 0xccb0a91fUL, 0x740cce7aUL, 0x66b96194UL,
+ 0xde0506f1UL
+ },
+ {
+ 0x00000000UL, 0x96300777UL, 0x2c610eeeUL, 0xba510999UL, 0x19c46d07UL,
+ 0x8ff46a70UL, 0x35a563e9UL, 0xa395649eUL, 0x3288db0eUL, 0xa4b8dc79UL,
+ 0x1ee9d5e0UL, 0x88d9d297UL, 0x2b4cb609UL, 0xbd7cb17eUL, 0x072db8e7UL,
+ 0x911dbf90UL, 0x6410b71dUL, 0xf220b06aUL, 0x4871b9f3UL, 0xde41be84UL,
+ 0x7dd4da1aUL, 0xebe4dd6dUL, 0x51b5d4f4UL, 0xc785d383UL, 0x56986c13UL,
+ 0xc0a86b64UL, 0x7af962fdUL, 0xecc9658aUL, 0x4f5c0114UL, 0xd96c0663UL,
+ 0x633d0ffaUL, 0xf50d088dUL, 0xc8206e3bUL, 0x5e10694cUL, 0xe44160d5UL,
+ 0x727167a2UL, 0xd1e4033cUL, 0x47d4044bUL, 0xfd850dd2UL, 0x6bb50aa5UL,
+ 0xfaa8b535UL, 0x6c98b242UL, 0xd6c9bbdbUL, 0x40f9bcacUL, 0xe36cd832UL,
+ 0x755cdf45UL, 0xcf0dd6dcUL, 0x593dd1abUL, 0xac30d926UL, 0x3a00de51UL,
+ 0x8051d7c8UL, 0x1661d0bfUL, 0xb5f4b421UL, 0x23c4b356UL, 0x9995bacfUL,
+ 0x0fa5bdb8UL, 0x9eb80228UL, 0x0888055fUL, 0xb2d90cc6UL, 0x24e90bb1UL,
+ 0x877c6f2fUL, 0x114c6858UL, 0xab1d61c1UL, 0x3d2d66b6UL, 0x9041dc76UL,
+ 0x0671db01UL, 0xbc20d298UL, 0x2a10d5efUL, 0x8985b171UL, 0x1fb5b606UL,
+ 0xa5e4bf9fUL, 0x33d4b8e8UL, 0xa2c90778UL, 0x34f9000fUL, 0x8ea80996UL,
+ 0x18980ee1UL, 0xbb0d6a7fUL, 0x2d3d6d08UL, 0x976c6491UL, 0x015c63e6UL,
+ 0xf4516b6bUL, 0x62616c1cUL, 0xd8306585UL, 0x4e0062f2UL, 0xed95066cUL,
+ 0x7ba5011bUL, 0xc1f40882UL, 0x57c40ff5UL, 0xc6d9b065UL, 0x50e9b712UL,
+ 0xeab8be8bUL, 0x7c88b9fcUL, 0xdf1ddd62UL, 0x492dda15UL, 0xf37cd38cUL,
+ 0x654cd4fbUL, 0x5861b24dUL, 0xce51b53aUL, 0x7400bca3UL, 0xe230bbd4UL,
+ 0x41a5df4aUL, 0xd795d83dUL, 0x6dc4d1a4UL, 0xfbf4d6d3UL, 0x6ae96943UL,
+ 0xfcd96e34UL, 0x468867adUL, 0xd0b860daUL, 0x732d0444UL, 0xe51d0333UL,
+ 0x5f4c0aaaUL, 0xc97c0dddUL, 0x3c710550UL, 0xaa410227UL, 0x10100bbeUL,
+ 0x86200cc9UL, 0x25b56857UL, 0xb3856f20UL, 0x09d466b9UL, 0x9fe461ceUL,
+ 0x0ef9de5eUL, 0x98c9d929UL, 0x2298d0b0UL, 0xb4a8d7c7UL, 0x173db359UL,
+ 0x810db42eUL, 0x3b5cbdb7UL, 0xad6cbac0UL, 0x2083b8edUL, 0xb6b3bf9aUL,
+ 0x0ce2b603UL, 0x9ad2b174UL, 0x3947d5eaUL, 0xaf77d29dUL, 0x1526db04UL,
+ 0x8316dc73UL, 0x120b63e3UL, 0x843b6494UL, 0x3e6a6d0dUL, 0xa85a6a7aUL,
+ 0x0bcf0ee4UL, 0x9dff0993UL, 0x27ae000aUL, 0xb19e077dUL, 0x44930ff0UL,
+ 0xd2a30887UL, 0x68f2011eUL, 0xfec20669UL, 0x5d5762f7UL, 0xcb676580UL,
+ 0x71366c19UL, 0xe7066b6eUL, 0x761bd4feUL, 0xe02bd389UL, 0x5a7ada10UL,
+ 0xcc4add67UL, 0x6fdfb9f9UL, 0xf9efbe8eUL, 0x43beb717UL, 0xd58eb060UL,
+ 0xe8a3d6d6UL, 0x7e93d1a1UL, 0xc4c2d838UL, 0x52f2df4fUL, 0xf167bbd1UL,
+ 0x6757bca6UL, 0xdd06b53fUL, 0x4b36b248UL, 0xda2b0dd8UL, 0x4c1b0aafUL,
+ 0xf64a0336UL, 0x607a0441UL, 0xc3ef60dfUL, 0x55df67a8UL, 0xef8e6e31UL,
+ 0x79be6946UL, 0x8cb361cbUL, 0x1a8366bcUL, 0xa0d26f25UL, 0x36e26852UL,
+ 0x95770cccUL, 0x03470bbbUL, 0xb9160222UL, 0x2f260555UL, 0xbe3bbac5UL,
+ 0x280bbdb2UL, 0x925ab42bUL, 0x046ab35cUL, 0xa7ffd7c2UL, 0x31cfd0b5UL,
+ 0x8b9ed92cUL, 0x1daede5bUL, 0xb0c2649bUL, 0x26f263ecUL, 0x9ca36a75UL,
+ 0x0a936d02UL, 0xa906099cUL, 0x3f360eebUL, 0x85670772UL, 0x13570005UL,
+ 0x824abf95UL, 0x147ab8e2UL, 0xae2bb17bUL, 0x381bb60cUL, 0x9b8ed292UL,
+ 0x0dbed5e5UL, 0xb7efdc7cUL, 0x21dfdb0bUL, 0xd4d2d386UL, 0x42e2d4f1UL,
+ 0xf8b3dd68UL, 0x6e83da1fUL, 0xcd16be81UL, 0x5b26b9f6UL, 0xe177b06fUL,
+ 0x7747b718UL, 0xe65a0888UL, 0x706a0fffUL, 0xca3b0666UL, 0x5c0b0111UL,
+ 0xff9e658fUL, 0x69ae62f8UL, 0xd3ff6b61UL, 0x45cf6c16UL, 0x78e20aa0UL,
+ 0xeed20dd7UL, 0x5483044eUL, 0xc2b30339UL, 0x612667a7UL, 0xf71660d0UL,
+ 0x4d476949UL, 0xdb776e3eUL, 0x4a6ad1aeUL, 0xdc5ad6d9UL, 0x660bdf40UL,
+ 0xf03bd837UL, 0x53aebca9UL, 0xc59ebbdeUL, 0x7fcfb247UL, 0xe9ffb530UL,
+ 0x1cf2bdbdUL, 0x8ac2bacaUL, 0x3093b353UL, 0xa6a3b424UL, 0x0536d0baUL,
+ 0x9306d7cdUL, 0x2957de54UL, 0xbf67d923UL, 0x2e7a66b3UL, 0xb84a61c4UL,
+ 0x021b685dUL, 0x942b6f2aUL, 0x37be0bb4UL, 0xa18e0cc3UL, 0x1bdf055aUL,
+ 0x8def022dUL
+ },
+ {
+ 0x00000000UL, 0x41311b19UL, 0x82623632UL, 0xc3532d2bUL, 0x04c56c64UL,
+ 0x45f4777dUL, 0x86a75a56UL, 0xc796414fUL, 0x088ad9c8UL, 0x49bbc2d1UL,
+ 0x8ae8effaUL, 0xcbd9f4e3UL, 0x0c4fb5acUL, 0x4d7eaeb5UL, 0x8e2d839eUL,
+ 0xcf1c9887UL, 0x5112c24aUL, 0x1023d953UL, 0xd370f478UL, 0x9241ef61UL,
+ 0x55d7ae2eUL, 0x14e6b537UL, 0xd7b5981cUL, 0x96848305UL, 0x59981b82UL,
+ 0x18a9009bUL, 0xdbfa2db0UL, 0x9acb36a9UL, 0x5d5d77e6UL, 0x1c6c6cffUL,
+ 0xdf3f41d4UL, 0x9e0e5acdUL, 0xa2248495UL, 0xe3159f8cUL, 0x2046b2a7UL,
+ 0x6177a9beUL, 0xa6e1e8f1UL, 0xe7d0f3e8UL, 0x2483dec3UL, 0x65b2c5daUL,
+ 0xaaae5d5dUL, 0xeb9f4644UL, 0x28cc6b6fUL, 0x69fd7076UL, 0xae6b3139UL,
+ 0xef5a2a20UL, 0x2c09070bUL, 0x6d381c12UL, 0xf33646dfUL, 0xb2075dc6UL,
+ 0x715470edUL, 0x30656bf4UL, 0xf7f32abbUL, 0xb6c231a2UL, 0x75911c89UL,
+ 0x34a00790UL, 0xfbbc9f17UL, 0xba8d840eUL, 0x79dea925UL, 0x38efb23cUL,
+ 0xff79f373UL, 0xbe48e86aUL, 0x7d1bc541UL, 0x3c2ade58UL, 0x054f79f0UL,
+ 0x447e62e9UL, 0x872d4fc2UL, 0xc61c54dbUL, 0x018a1594UL, 0x40bb0e8dUL,
+ 0x83e823a6UL, 0xc2d938bfUL, 0x0dc5a038UL, 0x4cf4bb21UL, 0x8fa7960aUL,
+ 0xce968d13UL, 0x0900cc5cUL, 0x4831d745UL, 0x8b62fa6eUL, 0xca53e177UL,
+ 0x545dbbbaUL, 0x156ca0a3UL, 0xd63f8d88UL, 0x970e9691UL, 0x5098d7deUL,
+ 0x11a9ccc7UL, 0xd2fae1ecUL, 0x93cbfaf5UL, 0x5cd76272UL, 0x1de6796bUL,
+ 0xdeb55440UL, 0x9f844f59UL, 0x58120e16UL, 0x1923150fUL, 0xda703824UL,
+ 0x9b41233dUL, 0xa76bfd65UL, 0xe65ae67cUL, 0x2509cb57UL, 0x6438d04eUL,
+ 0xa3ae9101UL, 0xe29f8a18UL, 0x21cca733UL, 0x60fdbc2aUL, 0xafe124adUL,
+ 0xeed03fb4UL, 0x2d83129fUL, 0x6cb20986UL, 0xab2448c9UL, 0xea1553d0UL,
+ 0x29467efbUL, 0x687765e2UL, 0xf6793f2fUL, 0xb7482436UL, 0x741b091dUL,
+ 0x352a1204UL, 0xf2bc534bUL, 0xb38d4852UL, 0x70de6579UL, 0x31ef7e60UL,
+ 0xfef3e6e7UL, 0xbfc2fdfeUL, 0x7c91d0d5UL, 0x3da0cbccUL, 0xfa368a83UL,
+ 0xbb07919aUL, 0x7854bcb1UL, 0x3965a7a8UL, 0x4b98833bUL, 0x0aa99822UL,
+ 0xc9fab509UL, 0x88cbae10UL, 0x4f5def5fUL, 0x0e6cf446UL, 0xcd3fd96dUL,
+ 0x8c0ec274UL, 0x43125af3UL, 0x022341eaUL, 0xc1706cc1UL, 0x804177d8UL,
+ 0x47d73697UL, 0x06e62d8eUL, 0xc5b500a5UL, 0x84841bbcUL, 0x1a8a4171UL,
+ 0x5bbb5a68UL, 0x98e87743UL, 0xd9d96c5aUL, 0x1e4f2d15UL, 0x5f7e360cUL,
+ 0x9c2d1b27UL, 0xdd1c003eUL, 0x120098b9UL, 0x533183a0UL, 0x9062ae8bUL,
+ 0xd153b592UL, 0x16c5f4ddUL, 0x57f4efc4UL, 0x94a7c2efUL, 0xd596d9f6UL,
+ 0xe9bc07aeUL, 0xa88d1cb7UL, 0x6bde319cUL, 0x2aef2a85UL, 0xed796bcaUL,
+ 0xac4870d3UL, 0x6f1b5df8UL, 0x2e2a46e1UL, 0xe136de66UL, 0xa007c57fUL,
+ 0x6354e854UL, 0x2265f34dUL, 0xe5f3b202UL, 0xa4c2a91bUL, 0x67918430UL,
+ 0x26a09f29UL, 0xb8aec5e4UL, 0xf99fdefdUL, 0x3accf3d6UL, 0x7bfde8cfUL,
+ 0xbc6ba980UL, 0xfd5ab299UL, 0x3e099fb2UL, 0x7f3884abUL, 0xb0241c2cUL,
+ 0xf1150735UL, 0x32462a1eUL, 0x73773107UL, 0xb4e17048UL, 0xf5d06b51UL,
+ 0x3683467aUL, 0x77b25d63UL, 0x4ed7facbUL, 0x0fe6e1d2UL, 0xccb5ccf9UL,
+ 0x8d84d7e0UL, 0x4a1296afUL, 0x0b238db6UL, 0xc870a09dUL, 0x8941bb84UL,
+ 0x465d2303UL, 0x076c381aUL, 0xc43f1531UL, 0x850e0e28UL, 0x42984f67UL,
+ 0x03a9547eUL, 0xc0fa7955UL, 0x81cb624cUL, 0x1fc53881UL, 0x5ef42398UL,
+ 0x9da70eb3UL, 0xdc9615aaUL, 0x1b0054e5UL, 0x5a314ffcUL, 0x996262d7UL,
+ 0xd85379ceUL, 0x174fe149UL, 0x567efa50UL, 0x952dd77bUL, 0xd41ccc62UL,
+ 0x138a8d2dUL, 0x52bb9634UL, 0x91e8bb1fUL, 0xd0d9a006UL, 0xecf37e5eUL,
+ 0xadc26547UL, 0x6e91486cUL, 0x2fa05375UL, 0xe836123aUL, 0xa9070923UL,
+ 0x6a542408UL, 0x2b653f11UL, 0xe479a796UL, 0xa548bc8fUL, 0x661b91a4UL,
+ 0x272a8abdUL, 0xe0bccbf2UL, 0xa18dd0ebUL, 0x62defdc0UL, 0x23efe6d9UL,
+ 0xbde1bc14UL, 0xfcd0a70dUL, 0x3f838a26UL, 0x7eb2913fUL, 0xb924d070UL,
+ 0xf815cb69UL, 0x3b46e642UL, 0x7a77fd5bUL, 0xb56b65dcUL, 0xf45a7ec5UL,
+ 0x370953eeUL, 0x763848f7UL, 0xb1ae09b8UL, 0xf09f12a1UL, 0x33cc3f8aUL,
+ 0x72fd2493UL
+ },
+ {
+ 0x00000000UL, 0x376ac201UL, 0x6ed48403UL, 0x59be4602UL, 0xdca80907UL,
+ 0xebc2cb06UL, 0xb27c8d04UL, 0x85164f05UL, 0xb851130eUL, 0x8f3bd10fUL,
+ 0xd685970dUL, 0xe1ef550cUL, 0x64f91a09UL, 0x5393d808UL, 0x0a2d9e0aUL,
+ 0x3d475c0bUL, 0x70a3261cUL, 0x47c9e41dUL, 0x1e77a21fUL, 0x291d601eUL,
+ 0xac0b2f1bUL, 0x9b61ed1aUL, 0xc2dfab18UL, 0xf5b56919UL, 0xc8f23512UL,
+ 0xff98f713UL, 0xa626b111UL, 0x914c7310UL, 0x145a3c15UL, 0x2330fe14UL,
+ 0x7a8eb816UL, 0x4de47a17UL, 0xe0464d38UL, 0xd72c8f39UL, 0x8e92c93bUL,
+ 0xb9f80b3aUL, 0x3cee443fUL, 0x0b84863eUL, 0x523ac03cUL, 0x6550023dUL,
+ 0x58175e36UL, 0x6f7d9c37UL, 0x36c3da35UL, 0x01a91834UL, 0x84bf5731UL,
+ 0xb3d59530UL, 0xea6bd332UL, 0xdd011133UL, 0x90e56b24UL, 0xa78fa925UL,
+ 0xfe31ef27UL, 0xc95b2d26UL, 0x4c4d6223UL, 0x7b27a022UL, 0x2299e620UL,
+ 0x15f32421UL, 0x28b4782aUL, 0x1fdeba2bUL, 0x4660fc29UL, 0x710a3e28UL,
+ 0xf41c712dUL, 0xc376b32cUL, 0x9ac8f52eUL, 0xada2372fUL, 0xc08d9a70UL,
+ 0xf7e75871UL, 0xae591e73UL, 0x9933dc72UL, 0x1c259377UL, 0x2b4f5176UL,
+ 0x72f11774UL, 0x459bd575UL, 0x78dc897eUL, 0x4fb64b7fUL, 0x16080d7dUL,
+ 0x2162cf7cUL, 0xa4748079UL, 0x931e4278UL, 0xcaa0047aUL, 0xfdcac67bUL,
+ 0xb02ebc6cUL, 0x87447e6dUL, 0xdefa386fUL, 0xe990fa6eUL, 0x6c86b56bUL,
+ 0x5bec776aUL, 0x02523168UL, 0x3538f369UL, 0x087faf62UL, 0x3f156d63UL,
+ 0x66ab2b61UL, 0x51c1e960UL, 0xd4d7a665UL, 0xe3bd6464UL, 0xba032266UL,
+ 0x8d69e067UL, 0x20cbd748UL, 0x17a11549UL, 0x4e1f534bUL, 0x7975914aUL,
+ 0xfc63de4fUL, 0xcb091c4eUL, 0x92b75a4cUL, 0xa5dd984dUL, 0x989ac446UL,
+ 0xaff00647UL, 0xf64e4045UL, 0xc1248244UL, 0x4432cd41UL, 0x73580f40UL,
+ 0x2ae64942UL, 0x1d8c8b43UL, 0x5068f154UL, 0x67023355UL, 0x3ebc7557UL,
+ 0x09d6b756UL, 0x8cc0f853UL, 0xbbaa3a52UL, 0xe2147c50UL, 0xd57ebe51UL,
+ 0xe839e25aUL, 0xdf53205bUL, 0x86ed6659UL, 0xb187a458UL, 0x3491eb5dUL,
+ 0x03fb295cUL, 0x5a456f5eUL, 0x6d2fad5fUL, 0x801b35e1UL, 0xb771f7e0UL,
+ 0xeecfb1e2UL, 0xd9a573e3UL, 0x5cb33ce6UL, 0x6bd9fee7UL, 0x3267b8e5UL,
+ 0x050d7ae4UL, 0x384a26efUL, 0x0f20e4eeUL, 0x569ea2ecUL, 0x61f460edUL,
+ 0xe4e22fe8UL, 0xd388ede9UL, 0x8a36abebUL, 0xbd5c69eaUL, 0xf0b813fdUL,
+ 0xc7d2d1fcUL, 0x9e6c97feUL, 0xa90655ffUL, 0x2c101afaUL, 0x1b7ad8fbUL,
+ 0x42c49ef9UL, 0x75ae5cf8UL, 0x48e900f3UL, 0x7f83c2f2UL, 0x263d84f0UL,
+ 0x115746f1UL, 0x944109f4UL, 0xa32bcbf5UL, 0xfa958df7UL, 0xcdff4ff6UL,
+ 0x605d78d9UL, 0x5737bad8UL, 0x0e89fcdaUL, 0x39e33edbUL, 0xbcf571deUL,
+ 0x8b9fb3dfUL, 0xd221f5ddUL, 0xe54b37dcUL, 0xd80c6bd7UL, 0xef66a9d6UL,
+ 0xb6d8efd4UL, 0x81b22dd5UL, 0x04a462d0UL, 0x33cea0d1UL, 0x6a70e6d3UL,
+ 0x5d1a24d2UL, 0x10fe5ec5UL, 0x27949cc4UL, 0x7e2adac6UL, 0x494018c7UL,
+ 0xcc5657c2UL, 0xfb3c95c3UL, 0xa282d3c1UL, 0x95e811c0UL, 0xa8af4dcbUL,
+ 0x9fc58fcaUL, 0xc67bc9c8UL, 0xf1110bc9UL, 0x740744ccUL, 0x436d86cdUL,
+ 0x1ad3c0cfUL, 0x2db902ceUL, 0x4096af91UL, 0x77fc6d90UL, 0x2e422b92UL,
+ 0x1928e993UL, 0x9c3ea696UL, 0xab546497UL, 0xf2ea2295UL, 0xc580e094UL,
+ 0xf8c7bc9fUL, 0xcfad7e9eUL, 0x9613389cUL, 0xa179fa9dUL, 0x246fb598UL,
+ 0x13057799UL, 0x4abb319bUL, 0x7dd1f39aUL, 0x3035898dUL, 0x075f4b8cUL,
+ 0x5ee10d8eUL, 0x698bcf8fUL, 0xec9d808aUL, 0xdbf7428bUL, 0x82490489UL,
+ 0xb523c688UL, 0x88649a83UL, 0xbf0e5882UL, 0xe6b01e80UL, 0xd1dadc81UL,
+ 0x54cc9384UL, 0x63a65185UL, 0x3a181787UL, 0x0d72d586UL, 0xa0d0e2a9UL,
+ 0x97ba20a8UL, 0xce0466aaUL, 0xf96ea4abUL, 0x7c78ebaeUL, 0x4b1229afUL,
+ 0x12ac6fadUL, 0x25c6adacUL, 0x1881f1a7UL, 0x2feb33a6UL, 0x765575a4UL,
+ 0x413fb7a5UL, 0xc429f8a0UL, 0xf3433aa1UL, 0xaafd7ca3UL, 0x9d97bea2UL,
+ 0xd073c4b5UL, 0xe71906b4UL, 0xbea740b6UL, 0x89cd82b7UL, 0x0cdbcdb2UL,
+ 0x3bb10fb3UL, 0x620f49b1UL, 0x55658bb0UL, 0x6822d7bbUL, 0x5f4815baUL,
+ 0x06f653b8UL, 0x319c91b9UL, 0xb48adebcUL, 0x83e01cbdUL, 0xda5e5abfUL,
+ 0xed3498beUL
+ },
+ {
+ 0x00000000UL, 0x6567bcb8UL, 0x8bc809aaUL, 0xeeafb512UL, 0x5797628fUL,
+ 0x32f0de37UL, 0xdc5f6b25UL, 0xb938d79dUL, 0xef28b4c5UL, 0x8a4f087dUL,
+ 0x64e0bd6fUL, 0x018701d7UL, 0xb8bfd64aUL, 0xddd86af2UL, 0x3377dfe0UL,
+ 0x56106358UL, 0x9f571950UL, 0xfa30a5e8UL, 0x149f10faUL, 0x71f8ac42UL,
+ 0xc8c07bdfUL, 0xada7c767UL, 0x43087275UL, 0x266fcecdUL, 0x707fad95UL,
+ 0x1518112dUL, 0xfbb7a43fUL, 0x9ed01887UL, 0x27e8cf1aUL, 0x428f73a2UL,
+ 0xac20c6b0UL, 0xc9477a08UL, 0x3eaf32a0UL, 0x5bc88e18UL, 0xb5673b0aUL,
+ 0xd00087b2UL, 0x6938502fUL, 0x0c5fec97UL, 0xe2f05985UL, 0x8797e53dUL,
+ 0xd1878665UL, 0xb4e03addUL, 0x5a4f8fcfUL, 0x3f283377UL, 0x8610e4eaUL,
+ 0xe3775852UL, 0x0dd8ed40UL, 0x68bf51f8UL, 0xa1f82bf0UL, 0xc49f9748UL,
+ 0x2a30225aUL, 0x4f579ee2UL, 0xf66f497fUL, 0x9308f5c7UL, 0x7da740d5UL,
+ 0x18c0fc6dUL, 0x4ed09f35UL, 0x2bb7238dUL, 0xc518969fUL, 0xa07f2a27UL,
+ 0x1947fdbaUL, 0x7c204102UL, 0x928ff410UL, 0xf7e848a8UL, 0x3d58149bUL,
+ 0x583fa823UL, 0xb6901d31UL, 0xd3f7a189UL, 0x6acf7614UL, 0x0fa8caacUL,
+ 0xe1077fbeUL, 0x8460c306UL, 0xd270a05eUL, 0xb7171ce6UL, 0x59b8a9f4UL,
+ 0x3cdf154cUL, 0x85e7c2d1UL, 0xe0807e69UL, 0x0e2fcb7bUL, 0x6b4877c3UL,
+ 0xa20f0dcbUL, 0xc768b173UL, 0x29c70461UL, 0x4ca0b8d9UL, 0xf5986f44UL,
+ 0x90ffd3fcUL, 0x7e5066eeUL, 0x1b37da56UL, 0x4d27b90eUL, 0x284005b6UL,
+ 0xc6efb0a4UL, 0xa3880c1cUL, 0x1ab0db81UL, 0x7fd76739UL, 0x9178d22bUL,
+ 0xf41f6e93UL, 0x03f7263bUL, 0x66909a83UL, 0x883f2f91UL, 0xed589329UL,
+ 0x546044b4UL, 0x3107f80cUL, 0xdfa84d1eUL, 0xbacff1a6UL, 0xecdf92feUL,
+ 0x89b82e46UL, 0x67179b54UL, 0x027027ecUL, 0xbb48f071UL, 0xde2f4cc9UL,
+ 0x3080f9dbUL, 0x55e74563UL, 0x9ca03f6bUL, 0xf9c783d3UL, 0x176836c1UL,
+ 0x720f8a79UL, 0xcb375de4UL, 0xae50e15cUL, 0x40ff544eUL, 0x2598e8f6UL,
+ 0x73888baeUL, 0x16ef3716UL, 0xf8408204UL, 0x9d273ebcUL, 0x241fe921UL,
+ 0x41785599UL, 0xafd7e08bUL, 0xcab05c33UL, 0x3bb659edUL, 0x5ed1e555UL,
+ 0xb07e5047UL, 0xd519ecffUL, 0x6c213b62UL, 0x094687daUL, 0xe7e932c8UL,
+ 0x828e8e70UL, 0xd49eed28UL, 0xb1f95190UL, 0x5f56e482UL, 0x3a31583aUL,
+ 0x83098fa7UL, 0xe66e331fUL, 0x08c1860dUL, 0x6da63ab5UL, 0xa4e140bdUL,
+ 0xc186fc05UL, 0x2f294917UL, 0x4a4ef5afUL, 0xf3762232UL, 0x96119e8aUL,
+ 0x78be2b98UL, 0x1dd99720UL, 0x4bc9f478UL, 0x2eae48c0UL, 0xc001fdd2UL,
+ 0xa566416aUL, 0x1c5e96f7UL, 0x79392a4fUL, 0x97969f5dUL, 0xf2f123e5UL,
+ 0x05196b4dUL, 0x607ed7f5UL, 0x8ed162e7UL, 0xebb6de5fUL, 0x528e09c2UL,
+ 0x37e9b57aUL, 0xd9460068UL, 0xbc21bcd0UL, 0xea31df88UL, 0x8f566330UL,
+ 0x61f9d622UL, 0x049e6a9aUL, 0xbda6bd07UL, 0xd8c101bfUL, 0x366eb4adUL,
+ 0x53090815UL, 0x9a4e721dUL, 0xff29cea5UL, 0x11867bb7UL, 0x74e1c70fUL,
+ 0xcdd91092UL, 0xa8beac2aUL, 0x46111938UL, 0x2376a580UL, 0x7566c6d8UL,
+ 0x10017a60UL, 0xfeaecf72UL, 0x9bc973caUL, 0x22f1a457UL, 0x479618efUL,
+ 0xa939adfdUL, 0xcc5e1145UL, 0x06ee4d76UL, 0x6389f1ceUL, 0x8d2644dcUL,
+ 0xe841f864UL, 0x51792ff9UL, 0x341e9341UL, 0xdab12653UL, 0xbfd69aebUL,
+ 0xe9c6f9b3UL, 0x8ca1450bUL, 0x620ef019UL, 0x07694ca1UL, 0xbe519b3cUL,
+ 0xdb362784UL, 0x35999296UL, 0x50fe2e2eUL, 0x99b95426UL, 0xfcdee89eUL,
+ 0x12715d8cUL, 0x7716e134UL, 0xce2e36a9UL, 0xab498a11UL, 0x45e63f03UL,
+ 0x208183bbUL, 0x7691e0e3UL, 0x13f65c5bUL, 0xfd59e949UL, 0x983e55f1UL,
+ 0x2106826cUL, 0x44613ed4UL, 0xaace8bc6UL, 0xcfa9377eUL, 0x38417fd6UL,
+ 0x5d26c36eUL, 0xb389767cUL, 0xd6eecac4UL, 0x6fd61d59UL, 0x0ab1a1e1UL,
+ 0xe41e14f3UL, 0x8179a84bUL, 0xd769cb13UL, 0xb20e77abUL, 0x5ca1c2b9UL,
+ 0x39c67e01UL, 0x80fea99cUL, 0xe5991524UL, 0x0b36a036UL, 0x6e511c8eUL,
+ 0xa7166686UL, 0xc271da3eUL, 0x2cde6f2cUL, 0x49b9d394UL, 0xf0810409UL,
+ 0x95e6b8b1UL, 0x7b490da3UL, 0x1e2eb11bUL, 0x483ed243UL, 0x2d596efbUL,
+ 0xc3f6dbe9UL, 0xa6916751UL, 0x1fa9b0ccUL, 0x7ace0c74UL, 0x9461b966UL,
+ 0xf10605deUL
+#endif
+ }
+};
diff --git a/security/nss/lib/zlib/deflate.c b/security/nss/lib/zlib/deflate.c
new file mode 100644
index 000000000..5c4022f3d
--- /dev/null
+++ b/security/nss/lib/zlib/deflate.c
@@ -0,0 +1,1834 @@
+/* deflate.c -- compress data using the deflation algorithm
+ * Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * ALGORITHM
+ *
+ * The "deflation" process depends on being able to identify portions
+ * of the input text which are identical to earlier input (within a
+ * sliding window trailing behind the input currently being processed).
+ *
+ * The most straightforward technique turns out to be the fastest for
+ * most input files: try all possible matches and select the longest.
+ * The key feature of this algorithm is that insertions into the string
+ * dictionary are very simple and thus fast, and deletions are avoided
+ * completely. Insertions are performed at each input character, whereas
+ * string matches are performed only when the previous match ends. So it
+ * is preferable to spend more time in matches to allow very fast string
+ * insertions and avoid deletions. The matching algorithm for small
+ * strings is inspired from that of Rabin & Karp. A brute force approach
+ * is used to find longer strings when a small match has been found.
+ * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
+ * (by Leonid Broukhis).
+ * A previous version of this file used a more sophisticated algorithm
+ * (by Fiala and Greene) which is guaranteed to run in linear amortized
+ * time, but has a larger average cost, uses more memory and is patented.
+ * However the F&G algorithm may be faster for some highly redundant
+ * files if the parameter max_chain_length (described below) is too large.
+ *
+ * ACKNOWLEDGEMENTS
+ *
+ * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
+ * I found it in 'freeze' written by Leonid Broukhis.
+ * Thanks to many people for bug reports and testing.
+ *
+ * REFERENCES
+ *
+ * Deutsch, L.P.,"DEFLATE Compressed Data Format Specification".
+ * Available in http://www.ietf.org/rfc/rfc1951.txt
+ *
+ * A description of the Rabin and Karp algorithm is given in the book
+ * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
+ *
+ * Fiala,E.R., and Greene,D.H.
+ * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
+ *
+ */
+
+/* @(#) $Id$ */
+
+#include "deflate.h"
+
+const char deflate_copyright[] =
+ " deflate 1.2.5 Copyright 1995-2010 Jean-loup Gailly and Mark Adler ";
+/*
+ If you use the zlib library in a product, an acknowledgment is welcome
+ in the documentation of your product. If for some reason you cannot
+ include such an acknowledgment, I would appreciate that you keep this
+ copyright string in the executable of your product.
+ */
+
+/* ===========================================================================
+ * Function prototypes.
+ */
+typedef enum {
+ need_more, /* block not completed, need more input or more output */
+ block_done, /* block flush performed */
+ finish_started, /* finish started, need only more output at next deflate */
+ finish_done /* finish done, accept no more input or output */
+} block_state;
+
+typedef block_state (*compress_func) OF((deflate_state *s, int flush));
+/* Compression function. Returns the block state after the call. */
+
+local void fill_window OF((deflate_state *s));
+local block_state deflate_stored OF((deflate_state *s, int flush));
+local block_state deflate_fast OF((deflate_state *s, int flush));
+#ifndef FASTEST
+local block_state deflate_slow OF((deflate_state *s, int flush));
+#endif
+local block_state deflate_rle OF((deflate_state *s, int flush));
+local block_state deflate_huff OF((deflate_state *s, int flush));
+local void lm_init OF((deflate_state *s));
+local void putShortMSB OF((deflate_state *s, uInt b));
+local void flush_pending OF((z_streamp strm));
+local int read_buf OF((z_streamp strm, Bytef *buf, unsigned size));
+#ifdef ASMV
+ void match_init OF((void)); /* asm code initialization */
+ uInt longest_match OF((deflate_state *s, IPos cur_match));
+#else
+local uInt longest_match OF((deflate_state *s, IPos cur_match));
+#endif
+
+#ifdef DEBUG
+local void check_match OF((deflate_state *s, IPos start, IPos match,
+ int length));
+#endif
+
+/* ===========================================================================
+ * Local data
+ */
+
+#define NIL 0
+/* Tail of hash chains */
+
+#ifndef TOO_FAR
+# define TOO_FAR 4096
+#endif
+/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
+
+/* Values for max_lazy_match, good_match and max_chain_length, depending on
+ * the desired pack level (0..9). The values given below have been tuned to
+ * exclude worst case performance for pathological files. Better values may be
+ * found for specific files.
+ */
+typedef struct config_s {
+ ush good_length; /* reduce lazy search above this match length */
+ ush max_lazy; /* do not perform lazy search above this match length */
+ ush nice_length; /* quit search above this match length */
+ ush max_chain;
+ compress_func func;
+} config;
+
+#ifdef FASTEST
+local const config configuration_table[2] = {
+/* good lazy nice chain */
+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
+/* 1 */ {4, 4, 8, 4, deflate_fast}}; /* max speed, no lazy matches */
+#else
+local const config configuration_table[10] = {
+/* good lazy nice chain */
+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
+/* 1 */ {4, 4, 8, 4, deflate_fast}, /* max speed, no lazy matches */
+/* 2 */ {4, 5, 16, 8, deflate_fast},
+/* 3 */ {4, 6, 32, 32, deflate_fast},
+
+/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
+/* 5 */ {8, 16, 32, 32, deflate_slow},
+/* 6 */ {8, 16, 128, 128, deflate_slow},
+/* 7 */ {8, 32, 128, 256, deflate_slow},
+/* 8 */ {32, 128, 258, 1024, deflate_slow},
+/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* max compression */
+#endif
+
+/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
+ * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
+ * meaning.
+ */
+
+#define EQUAL 0
+/* result of memcmp for equal strings */
+
+#ifndef NO_DUMMY_DECL
+struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
+#endif
+
+/* ===========================================================================
+ * Update a hash value with the given input byte
+ * IN assertion: all calls to to UPDATE_HASH are made with consecutive
+ * input characters, so that a running hash key can be computed from the
+ * previous key instead of complete recalculation each time.
+ */
+#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
+
+
+/* ===========================================================================
+ * Insert string str in the dictionary and set match_head to the previous head
+ * of the hash chain (the most recent string with same hash key). Return
+ * the previous length of the hash chain.
+ * If this file is compiled with -DFASTEST, the compression level is forced
+ * to 1, and no hash chains are maintained.
+ * IN assertion: all calls to to INSERT_STRING are made with consecutive
+ * input characters and the first MIN_MATCH bytes of str are valid
+ * (except for the last MIN_MATCH-1 bytes of the input file).
+ */
+#ifdef FASTEST
+#define INSERT_STRING(s, str, match_head) \
+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
+ match_head = s->head[s->ins_h], \
+ s->head[s->ins_h] = (Pos)(str))
+#else
+#define INSERT_STRING(s, str, match_head) \
+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
+ match_head = s->prev[(str) & s->w_mask] = s->head[s->ins_h], \
+ s->head[s->ins_h] = (Pos)(str))
+#endif
+
+/* ===========================================================================
+ * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
+ * prev[] will be initialized on the fly.
+ */
+#define CLEAR_HASH(s) \
+ s->head[s->hash_size-1] = NIL; \
+ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
+
+/* ========================================================================= */
+int ZEXPORT deflateInit_(strm, level, version, stream_size)
+ z_streamp strm;
+ int level;
+ const char *version;
+ int stream_size;
+{
+ return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
+ Z_DEFAULT_STRATEGY, version, stream_size);
+ /* To do: ignore strm->next_in if we use it as window */
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ version, stream_size)
+ z_streamp strm;
+ int level;
+ int method;
+ int windowBits;
+ int memLevel;
+ int strategy;
+ const char *version;
+ int stream_size;
+{
+ deflate_state *s;
+ int wrap = 1;
+ static const char my_version[] = ZLIB_VERSION;
+
+ ushf *overlay;
+ /* We overlay pending_buf and d_buf+l_buf. This works since the average
+ * output size for (length,distance) codes is <= 24 bits.
+ */
+
+ if (version == Z_NULL || version[0] != my_version[0] ||
+ stream_size != sizeof(z_stream)) {
+ return Z_VERSION_ERROR;
+ }
+ if (strm == Z_NULL) return Z_STREAM_ERROR;
+
+ strm->msg = Z_NULL;
+ if (strm->zalloc == (alloc_func)0) {
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+ }
+ if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+
+#ifdef FASTEST
+ if (level != 0) level = 1;
+#else
+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
+#endif
+
+ if (windowBits < 0) { /* suppress zlib wrapper */
+ wrap = 0;
+ windowBits = -windowBits;
+ }
+#ifdef GZIP
+ else if (windowBits > 15) {
+ wrap = 2; /* write gzip wrapper instead */
+ windowBits -= 16;
+ }
+#endif
+ if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
+ windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
+ strategy < 0 || strategy > Z_FIXED) {
+ return Z_STREAM_ERROR;
+ }
+ if (windowBits == 8) windowBits = 9; /* until 256-byte window bug fixed */
+ s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
+ if (s == Z_NULL) return Z_MEM_ERROR;
+ strm->state = (struct internal_state FAR *)s;
+ s->strm = strm;
+
+ s->wrap = wrap;
+ s->gzhead = Z_NULL;
+ s->w_bits = windowBits;
+ s->w_size = 1 << s->w_bits;
+ s->w_mask = s->w_size - 1;
+
+ s->hash_bits = memLevel + 7;
+ s->hash_size = 1 << s->hash_bits;
+ s->hash_mask = s->hash_size - 1;
+ s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
+
+ s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
+ s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
+ s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
+
+ s->high_water = 0; /* nothing written to s->window yet */
+
+ s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
+
+ overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
+ s->pending_buf = (uchf *) overlay;
+ s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
+
+ if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
+ s->pending_buf == Z_NULL) {
+ s->status = FINISH_STATE;
+ strm->msg = (char*)ERR_MSG(Z_MEM_ERROR);
+ deflateEnd (strm);
+ return Z_MEM_ERROR;
+ }
+ s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
+ s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
+
+ s->level = level;
+ s->strategy = strategy;
+ s->method = (Byte)method;
+
+ return deflateReset(strm);
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength)
+ z_streamp strm;
+ const Bytef *dictionary;
+ uInt dictLength;
+{
+ deflate_state *s;
+ uInt length = dictLength;
+ uInt n;
+ IPos hash_head = 0;
+
+ if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
+ strm->state->wrap == 2 ||
+ (strm->state->wrap == 1 && strm->state->status != INIT_STATE))
+ return Z_STREAM_ERROR;
+
+ s = strm->state;
+ if (s->wrap)
+ strm->adler = adler32(strm->adler, dictionary, dictLength);
+
+ if (length < MIN_MATCH) return Z_OK;
+ if (length > s->w_size) {
+ length = s->w_size;
+ dictionary += dictLength - length; /* use the tail of the dictionary */
+ }
+ zmemcpy(s->window, dictionary, length);
+ s->strstart = length;
+ s->block_start = (long)length;
+
+ /* Insert all strings in the hash table (except for the last two bytes).
+ * s->lookahead stays null, so s->ins_h will be recomputed at the next
+ * call of fill_window.
+ */
+ s->ins_h = s->window[0];
+ UPDATE_HASH(s, s->ins_h, s->window[1]);
+ for (n = 0; n <= length - MIN_MATCH; n++) {
+ INSERT_STRING(s, n, hash_head);
+ }
+ if (hash_head) hash_head = 0; /* to make compiler happy */
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateReset (strm)
+ z_streamp strm;
+{
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL ||
+ strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0) {
+ return Z_STREAM_ERROR;
+ }
+
+ strm->total_in = strm->total_out = 0;
+ strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
+ strm->data_type = Z_UNKNOWN;
+
+ s = (deflate_state *)strm->state;
+ s->pending = 0;
+ s->pending_out = s->pending_buf;
+
+ if (s->wrap < 0) {
+ s->wrap = -s->wrap; /* was made negative by deflate(..., Z_FINISH); */
+ }
+ s->status = s->wrap ? INIT_STATE : BUSY_STATE;
+ strm->adler =
+#ifdef GZIP
+ s->wrap == 2 ? crc32(0L, Z_NULL, 0) :
+#endif
+ adler32(0L, Z_NULL, 0);
+ s->last_flush = Z_NO_FLUSH;
+
+ _tr_init(s);
+ lm_init(s);
+
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateSetHeader (strm, head)
+ z_streamp strm;
+ gz_headerp head;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ if (strm->state->wrap != 2) return Z_STREAM_ERROR;
+ strm->state->gzhead = head;
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflatePrime (strm, bits, value)
+ z_streamp strm;
+ int bits;
+ int value;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ strm->state->bi_valid = bits;
+ strm->state->bi_buf = (ush)(value & ((1 << bits) - 1));
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateParams(strm, level, strategy)
+ z_streamp strm;
+ int level;
+ int strategy;
+{
+ deflate_state *s;
+ compress_func func;
+ int err = Z_OK;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+
+#ifdef FASTEST
+ if (level != 0) level = 1;
+#else
+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
+#endif
+ if (level < 0 || level > 9 || strategy < 0 || strategy > Z_FIXED) {
+ return Z_STREAM_ERROR;
+ }
+ func = configuration_table[s->level].func;
+
+ if ((strategy != s->strategy || func != configuration_table[level].func) &&
+ strm->total_in != 0) {
+ /* Flush the last buffer: */
+ err = deflate(strm, Z_BLOCK);
+ }
+ if (s->level != level) {
+ s->level = level;
+ s->max_lazy_match = configuration_table[level].max_lazy;
+ s->good_match = configuration_table[level].good_length;
+ s->nice_match = configuration_table[level].nice_length;
+ s->max_chain_length = configuration_table[level].max_chain;
+ }
+ s->strategy = strategy;
+ return err;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateTune(strm, good_length, max_lazy, nice_length, max_chain)
+ z_streamp strm;
+ int good_length;
+ int max_lazy;
+ int nice_length;
+ int max_chain;
+{
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+ s->good_match = good_length;
+ s->max_lazy_match = max_lazy;
+ s->nice_match = nice_length;
+ s->max_chain_length = max_chain;
+ return Z_OK;
+}
+
+/* =========================================================================
+ * For the default windowBits of 15 and memLevel of 8, this function returns
+ * a close to exact, as well as small, upper bound on the compressed size.
+ * They are coded as constants here for a reason--if the #define's are
+ * changed, then this function needs to be changed as well. The return
+ * value for 15 and 8 only works for those exact settings.
+ *
+ * For any setting other than those defaults for windowBits and memLevel,
+ * the value returned is a conservative worst case for the maximum expansion
+ * resulting from using fixed blocks instead of stored blocks, which deflate
+ * can emit on compressed data for some combinations of the parameters.
+ *
+ * This function could be more sophisticated to provide closer upper bounds for
+ * every combination of windowBits and memLevel. But even the conservative
+ * upper bound of about 14% expansion does not seem onerous for output buffer
+ * allocation.
+ */
+uLong ZEXPORT deflateBound(strm, sourceLen)
+ z_streamp strm;
+ uLong sourceLen;
+{
+ deflate_state *s;
+ uLong complen, wraplen;
+ Bytef *str;
+
+ /* conservative upper bound for compressed data */
+ complen = sourceLen +
+ ((sourceLen + 7) >> 3) + ((sourceLen + 63) >> 6) + 5;
+
+ /* if can't get parameters, return conservative bound plus zlib wrapper */
+ if (strm == Z_NULL || strm->state == Z_NULL)
+ return complen + 6;
+
+ /* compute wrapper length */
+ s = strm->state;
+ switch (s->wrap) {
+ case 0: /* raw deflate */
+ wraplen = 0;
+ break;
+ case 1: /* zlib wrapper */
+ wraplen = 6 + (s->strstart ? 4 : 0);
+ break;
+ case 2: /* gzip wrapper */
+ wraplen = 18;
+ if (s->gzhead != Z_NULL) { /* user-supplied gzip header */
+ if (s->gzhead->extra != Z_NULL)
+ wraplen += 2 + s->gzhead->extra_len;
+ str = s->gzhead->name;
+ if (str != Z_NULL)
+ do {
+ wraplen++;
+ } while (*str++);
+ str = s->gzhead->comment;
+ if (str != Z_NULL)
+ do {
+ wraplen++;
+ } while (*str++);
+ if (s->gzhead->hcrc)
+ wraplen += 2;
+ }
+ break;
+ default: /* for compiler happiness */
+ wraplen = 6;
+ }
+
+ /* if not default parameters, return conservative bound */
+ if (s->w_bits != 15 || s->hash_bits != 8 + 7)
+ return complen + wraplen;
+
+ /* default settings: return tight bound for that case */
+ return sourceLen + (sourceLen >> 12) + (sourceLen >> 14) +
+ (sourceLen >> 25) + 13 - 6 + wraplen;
+}
+
+/* =========================================================================
+ * Put a short in the pending buffer. The 16-bit value is put in MSB order.
+ * IN assertion: the stream state is correct and there is enough room in
+ * pending_buf.
+ */
+local void putShortMSB (s, b)
+ deflate_state *s;
+ uInt b;
+{
+ put_byte(s, (Byte)(b >> 8));
+ put_byte(s, (Byte)(b & 0xff));
+}
+
+/* =========================================================================
+ * Flush as much pending output as possible. All deflate() output goes
+ * through this function so some applications may wish to modify it
+ * to avoid allocating a large strm->next_out buffer and copying into it.
+ * (See also read_buf()).
+ */
+local void flush_pending(strm)
+ z_streamp strm;
+{
+ unsigned len = strm->state->pending;
+
+ if (len > strm->avail_out) len = strm->avail_out;
+ if (len == 0) return;
+
+ zmemcpy(strm->next_out, strm->state->pending_out, len);
+ strm->next_out += len;
+ strm->state->pending_out += len;
+ strm->total_out += len;
+ strm->avail_out -= len;
+ strm->state->pending -= len;
+ if (strm->state->pending == 0) {
+ strm->state->pending_out = strm->state->pending_buf;
+ }
+}
+
+/* ========================================================================= */
+int ZEXPORT deflate (strm, flush)
+ z_streamp strm;
+ int flush;
+{
+ int old_flush; /* value of flush param for previous deflate call */
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL ||
+ flush > Z_BLOCK || flush < 0) {
+ return Z_STREAM_ERROR;
+ }
+ s = strm->state;
+
+ if (strm->next_out == Z_NULL ||
+ (strm->next_in == Z_NULL && strm->avail_in != 0) ||
+ (s->status == FINISH_STATE && flush != Z_FINISH)) {
+ ERR_RETURN(strm, Z_STREAM_ERROR);
+ }
+ if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
+
+ s->strm = strm; /* just in case */
+ old_flush = s->last_flush;
+ s->last_flush = flush;
+
+ /* Write the header */
+ if (s->status == INIT_STATE) {
+#ifdef GZIP
+ if (s->wrap == 2) {
+ strm->adler = crc32(0L, Z_NULL, 0);
+ put_byte(s, 31);
+ put_byte(s, 139);
+ put_byte(s, 8);
+ if (s->gzhead == Z_NULL) {
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, s->level == 9 ? 2 :
+ (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ?
+ 4 : 0));
+ put_byte(s, OS_CODE);
+ s->status = BUSY_STATE;
+ }
+ else {
+ put_byte(s, (s->gzhead->text ? 1 : 0) +
+ (s->gzhead->hcrc ? 2 : 0) +
+ (s->gzhead->extra == Z_NULL ? 0 : 4) +
+ (s->gzhead->name == Z_NULL ? 0 : 8) +
+ (s->gzhead->comment == Z_NULL ? 0 : 16)
+ );
+ put_byte(s, (Byte)(s->gzhead->time & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 8) & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 16) & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 24) & 0xff));
+ put_byte(s, s->level == 9 ? 2 :
+ (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ?
+ 4 : 0));
+ put_byte(s, s->gzhead->os & 0xff);
+ if (s->gzhead->extra != Z_NULL) {
+ put_byte(s, s->gzhead->extra_len & 0xff);
+ put_byte(s, (s->gzhead->extra_len >> 8) & 0xff);
+ }
+ if (s->gzhead->hcrc)
+ strm->adler = crc32(strm->adler, s->pending_buf,
+ s->pending);
+ s->gzindex = 0;
+ s->status = EXTRA_STATE;
+ }
+ }
+ else
+#endif
+ {
+ uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
+ uInt level_flags;
+
+ if (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2)
+ level_flags = 0;
+ else if (s->level < 6)
+ level_flags = 1;
+ else if (s->level == 6)
+ level_flags = 2;
+ else
+ level_flags = 3;
+ header |= (level_flags << 6);
+ if (s->strstart != 0) header |= PRESET_DICT;
+ header += 31 - (header % 31);
+
+ s->status = BUSY_STATE;
+ putShortMSB(s, header);
+
+ /* Save the adler32 of the preset dictionary: */
+ if (s->strstart != 0) {
+ putShortMSB(s, (uInt)(strm->adler >> 16));
+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
+ }
+ strm->adler = adler32(0L, Z_NULL, 0);
+ }
+ }
+#ifdef GZIP
+ if (s->status == EXTRA_STATE) {
+ if (s->gzhead->extra != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+
+ while (s->gzindex < (s->gzhead->extra_len & 0xffff)) {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size)
+ break;
+ }
+ put_byte(s, s->gzhead->extra[s->gzindex]);
+ s->gzindex++;
+ }
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (s->gzindex == s->gzhead->extra_len) {
+ s->gzindex = 0;
+ s->status = NAME_STATE;
+ }
+ }
+ else
+ s->status = NAME_STATE;
+ }
+ if (s->status == NAME_STATE) {
+ if (s->gzhead->name != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+ int val;
+
+ do {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size) {
+ val = 1;
+ break;
+ }
+ }
+ val = s->gzhead->name[s->gzindex++];
+ put_byte(s, val);
+ } while (val != 0);
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (val == 0) {
+ s->gzindex = 0;
+ s->status = COMMENT_STATE;
+ }
+ }
+ else
+ s->status = COMMENT_STATE;
+ }
+ if (s->status == COMMENT_STATE) {
+ if (s->gzhead->comment != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+ int val;
+
+ do {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size) {
+ val = 1;
+ break;
+ }
+ }
+ val = s->gzhead->comment[s->gzindex++];
+ put_byte(s, val);
+ } while (val != 0);
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (val == 0)
+ s->status = HCRC_STATE;
+ }
+ else
+ s->status = HCRC_STATE;
+ }
+ if (s->status == HCRC_STATE) {
+ if (s->gzhead->hcrc) {
+ if (s->pending + 2 > s->pending_buf_size)
+ flush_pending(strm);
+ if (s->pending + 2 <= s->pending_buf_size) {
+ put_byte(s, (Byte)(strm->adler & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 8) & 0xff));
+ strm->adler = crc32(0L, Z_NULL, 0);
+ s->status = BUSY_STATE;
+ }
+ }
+ else
+ s->status = BUSY_STATE;
+ }
+#endif
+
+ /* Flush as much pending output as possible */
+ if (s->pending != 0) {
+ flush_pending(strm);
+ if (strm->avail_out == 0) {
+ /* Since avail_out is 0, deflate will be called again with
+ * more output space, but possibly with both pending and
+ * avail_in equal to zero. There won't be anything to do,
+ * but this is not an error situation so make sure we
+ * return OK instead of BUF_ERROR at next call of deflate:
+ */
+ s->last_flush = -1;
+ return Z_OK;
+ }
+
+ /* Make sure there is something to do and avoid duplicate consecutive
+ * flushes. For repeated and useless calls with Z_FINISH, we keep
+ * returning Z_STREAM_END instead of Z_BUF_ERROR.
+ */
+ } else if (strm->avail_in == 0 && flush <= old_flush &&
+ flush != Z_FINISH) {
+ ERR_RETURN(strm, Z_BUF_ERROR);
+ }
+
+ /* User must not provide more input after the first FINISH: */
+ if (s->status == FINISH_STATE && strm->avail_in != 0) {
+ ERR_RETURN(strm, Z_BUF_ERROR);
+ }
+
+ /* Start a new block or continue the current one.
+ */
+ if (strm->avail_in != 0 || s->lookahead != 0 ||
+ (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
+ block_state bstate;
+
+ bstate = s->strategy == Z_HUFFMAN_ONLY ? deflate_huff(s, flush) :
+ (s->strategy == Z_RLE ? deflate_rle(s, flush) :
+ (*(configuration_table[s->level].func))(s, flush));
+
+ if (bstate == finish_started || bstate == finish_done) {
+ s->status = FINISH_STATE;
+ }
+ if (bstate == need_more || bstate == finish_started) {
+ if (strm->avail_out == 0) {
+ s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
+ }
+ return Z_OK;
+ /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
+ * of deflate should use the same flush parameter to make sure
+ * that the flush is complete. So we don't have to output an
+ * empty block here, this will be done at next call. This also
+ * ensures that for a very small output buffer, we emit at most
+ * one empty block.
+ */
+ }
+ if (bstate == block_done) {
+ if (flush == Z_PARTIAL_FLUSH) {
+ _tr_align(s);
+ } else if (flush != Z_BLOCK) { /* FULL_FLUSH or SYNC_FLUSH */
+ _tr_stored_block(s, (char*)0, 0L, 0);
+ /* For a full flush, this empty block will be recognized
+ * as a special marker by inflate_sync().
+ */
+ if (flush == Z_FULL_FLUSH) {
+ CLEAR_HASH(s); /* forget history */
+ if (s->lookahead == 0) {
+ s->strstart = 0;
+ s->block_start = 0L;
+ }
+ }
+ }
+ flush_pending(strm);
+ if (strm->avail_out == 0) {
+ s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
+ return Z_OK;
+ }
+ }
+ }
+ Assert(strm->avail_out > 0, "bug2");
+
+ if (flush != Z_FINISH) return Z_OK;
+ if (s->wrap <= 0) return Z_STREAM_END;
+
+ /* Write the trailer */
+#ifdef GZIP
+ if (s->wrap == 2) {
+ put_byte(s, (Byte)(strm->adler & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 8) & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 16) & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 24) & 0xff));
+ put_byte(s, (Byte)(strm->total_in & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 8) & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 16) & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 24) & 0xff));
+ }
+ else
+#endif
+ {
+ putShortMSB(s, (uInt)(strm->adler >> 16));
+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
+ }
+ flush_pending(strm);
+ /* If avail_out is zero, the application will call deflate again
+ * to flush the rest.
+ */
+ if (s->wrap > 0) s->wrap = -s->wrap; /* write the trailer only once! */
+ return s->pending != 0 ? Z_OK : Z_STREAM_END;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateEnd (strm)
+ z_streamp strm;
+{
+ int status;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+
+ status = strm->state->status;
+ if (status != INIT_STATE &&
+ status != EXTRA_STATE &&
+ status != NAME_STATE &&
+ status != COMMENT_STATE &&
+ status != HCRC_STATE &&
+ status != BUSY_STATE &&
+ status != FINISH_STATE) {
+ return Z_STREAM_ERROR;
+ }
+
+ /* Deallocate in reverse order of allocations: */
+ TRY_FREE(strm, strm->state->pending_buf);
+ TRY_FREE(strm, strm->state->head);
+ TRY_FREE(strm, strm->state->prev);
+ TRY_FREE(strm, strm->state->window);
+
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+
+ return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
+}
+
+/* =========================================================================
+ * Copy the source state to the destination state.
+ * To simplify the source, this is not supported for 16-bit MSDOS (which
+ * doesn't have enough memory anyway to duplicate compression states).
+ */
+int ZEXPORT deflateCopy (dest, source)
+ z_streamp dest;
+ z_streamp source;
+{
+#ifdef MAXSEG_64K
+ return Z_STREAM_ERROR;
+#else
+ deflate_state *ds;
+ deflate_state *ss;
+ ushf *overlay;
+
+
+ if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
+ return Z_STREAM_ERROR;
+ }
+
+ ss = source->state;
+
+ zmemcpy(dest, source, sizeof(z_stream));
+
+ ds = (deflate_state *) ZALLOC(dest, 1, sizeof(deflate_state));
+ if (ds == Z_NULL) return Z_MEM_ERROR;
+ dest->state = (struct internal_state FAR *) ds;
+ zmemcpy(ds, ss, sizeof(deflate_state));
+ ds->strm = dest;
+
+ ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
+ ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
+ ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
+ overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
+ ds->pending_buf = (uchf *) overlay;
+
+ if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
+ ds->pending_buf == Z_NULL) {
+ deflateEnd (dest);
+ return Z_MEM_ERROR;
+ }
+ /* following zmemcpy do not work for 16-bit MSDOS */
+ zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
+ zmemcpy(ds->prev, ss->prev, ds->w_size * sizeof(Pos));
+ zmemcpy(ds->head, ss->head, ds->hash_size * sizeof(Pos));
+ zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
+
+ ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
+ ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
+ ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
+
+ ds->l_desc.dyn_tree = ds->dyn_ltree;
+ ds->d_desc.dyn_tree = ds->dyn_dtree;
+ ds->bl_desc.dyn_tree = ds->bl_tree;
+
+ return Z_OK;
+#endif /* MAXSEG_64K */
+}
+
+/* ===========================================================================
+ * Read a new buffer from the current input stream, update the adler32
+ * and total number of bytes read. All deflate() input goes through
+ * this function so some applications may wish to modify it to avoid
+ * allocating a large strm->next_in buffer and copying from it.
+ * (See also flush_pending()).
+ */
+local int read_buf(strm, buf, size)
+ z_streamp strm;
+ Bytef *buf;
+ unsigned size;
+{
+ unsigned len = strm->avail_in;
+
+ if (len > size) len = size;
+ if (len == 0) return 0;
+
+ strm->avail_in -= len;
+
+ if (strm->state->wrap == 1) {
+ strm->adler = adler32(strm->adler, strm->next_in, len);
+ }
+#ifdef GZIP
+ else if (strm->state->wrap == 2) {
+ strm->adler = crc32(strm->adler, strm->next_in, len);
+ }
+#endif
+ zmemcpy(buf, strm->next_in, len);
+ strm->next_in += len;
+ strm->total_in += len;
+
+ return (int)len;
+}
+
+/* ===========================================================================
+ * Initialize the "longest match" routines for a new zlib stream
+ */
+local void lm_init (s)
+ deflate_state *s;
+{
+ s->window_size = (ulg)2L*s->w_size;
+
+ CLEAR_HASH(s);
+
+ /* Set the default configuration parameters:
+ */
+ s->max_lazy_match = configuration_table[s->level].max_lazy;
+ s->good_match = configuration_table[s->level].good_length;
+ s->nice_match = configuration_table[s->level].nice_length;
+ s->max_chain_length = configuration_table[s->level].max_chain;
+
+ s->strstart = 0;
+ s->block_start = 0L;
+ s->lookahead = 0;
+ s->match_length = s->prev_length = MIN_MATCH-1;
+ s->match_available = 0;
+ s->ins_h = 0;
+#ifndef FASTEST
+#ifdef ASMV
+ match_init(); /* initialize the asm code */
+#endif
+#endif
+}
+
+#ifndef FASTEST
+/* ===========================================================================
+ * Set match_start to the longest match starting at the given string and
+ * return its length. Matches shorter or equal to prev_length are discarded,
+ * in which case the result is equal to prev_length and match_start is
+ * garbage.
+ * IN assertions: cur_match is the head of the hash chain for the current
+ * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
+ * OUT assertion: the match length is not greater than s->lookahead.
+ */
+#ifndef ASMV
+/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
+ * match.S. The code will be functionally equivalent.
+ */
+local uInt longest_match(s, cur_match)
+ deflate_state *s;
+ IPos cur_match; /* current match */
+{
+ unsigned chain_length = s->max_chain_length;/* max hash chain length */
+ register Bytef *scan = s->window + s->strstart; /* current string */
+ register Bytef *match; /* matched string */
+ register int len; /* length of current match */
+ int best_len = s->prev_length; /* best match length so far */
+ int nice_match = s->nice_match; /* stop if match long enough */
+ IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
+ s->strstart - (IPos)MAX_DIST(s) : NIL;
+ /* Stop when cur_match becomes <= limit. To simplify the code,
+ * we prevent matches with the string of window index 0.
+ */
+ Posf *prev = s->prev;
+ uInt wmask = s->w_mask;
+
+#ifdef UNALIGNED_OK
+ /* Compare two bytes at a time. Note: this is not always beneficial.
+ * Try with and without -DUNALIGNED_OK to check.
+ */
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
+ register ush scan_start = *(ushf*)scan;
+ register ush scan_end = *(ushf*)(scan+best_len-1);
+#else
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
+ register Byte scan_end1 = scan[best_len-1];
+ register Byte scan_end = scan[best_len];
+#endif
+
+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+ * It is easy to get rid of this optimization if necessary.
+ */
+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
+
+ /* Do not waste too much time if we already have a good match: */
+ if (s->prev_length >= s->good_match) {
+ chain_length >>= 2;
+ }
+ /* Do not look for matches beyond the end of the input. This is necessary
+ * to make deflate deterministic.
+ */
+ if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
+
+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
+
+ do {
+ Assert(cur_match < s->strstart, "no future");
+ match = s->window + cur_match;
+
+ /* Skip to next match if the match length cannot increase
+ * or if the match length is less than 2. Note that the checks below
+ * for insufficient lookahead only occur occasionally for performance
+ * reasons. Therefore uninitialized memory will be accessed, and
+ * conditional jumps will be made that depend on those values.
+ * However the length of the match is limited to the lookahead, so
+ * the output of deflate is not affected by the uninitialized values.
+ */
+#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
+ /* This code assumes sizeof(unsigned short) == 2. Do not use
+ * UNALIGNED_OK if your compiler uses a different size.
+ */
+ if (*(ushf*)(match+best_len-1) != scan_end ||
+ *(ushf*)match != scan_start) continue;
+
+ /* It is not necessary to compare scan[2] and match[2] since they are
+ * always equal when the other bytes match, given that the hash keys
+ * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
+ * strstart+3, +5, ... up to strstart+257. We check for insufficient
+ * lookahead only every 4th comparison; the 128th check will be made
+ * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
+ * necessary to put more guard bytes at the end of the window, or
+ * to check more often for insufficient lookahead.
+ */
+ Assert(scan[2] == match[2], "scan[2]?");
+ scan++, match++;
+ do {
+ } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ scan < strend);
+ /* The funny "do {}" generates better code on most compilers */
+
+ /* Here, scan <= window+strstart+257 */
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+ if (*scan == *match) scan++;
+
+ len = (MAX_MATCH - 1) - (int)(strend-scan);
+ scan = strend - (MAX_MATCH-1);
+
+#else /* UNALIGNED_OK */
+
+ if (match[best_len] != scan_end ||
+ match[best_len-1] != scan_end1 ||
+ *match != *scan ||
+ *++match != scan[1]) continue;
+
+ /* The check at best_len-1 can be removed because it will be made
+ * again later. (This heuristic is not always a win.)
+ * It is not necessary to compare scan[2] and match[2] since they
+ * are always equal when the other bytes match, given that
+ * the hash keys are equal and that HASH_BITS >= 8.
+ */
+ scan += 2, match++;
+ Assert(*scan == *match, "match[2]?");
+
+ /* We check for insufficient lookahead only every 8th comparison;
+ * the 256th check will be made at strstart+258.
+ */
+ do {
+ } while (*++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ scan < strend);
+
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+
+ len = MAX_MATCH - (int)(strend - scan);
+ scan = strend - MAX_MATCH;
+
+#endif /* UNALIGNED_OK */
+
+ if (len > best_len) {
+ s->match_start = cur_match;
+ best_len = len;
+ if (len >= nice_match) break;
+#ifdef UNALIGNED_OK
+ scan_end = *(ushf*)(scan+best_len-1);
+#else
+ scan_end1 = scan[best_len-1];
+ scan_end = scan[best_len];
+#endif
+ }
+ } while ((cur_match = prev[cur_match & wmask]) > limit
+ && --chain_length != 0);
+
+ if ((uInt)best_len <= s->lookahead) return (uInt)best_len;
+ return s->lookahead;
+}
+#endif /* ASMV */
+
+#else /* FASTEST */
+
+/* ---------------------------------------------------------------------------
+ * Optimized version for FASTEST only
+ */
+local uInt longest_match(s, cur_match)
+ deflate_state *s;
+ IPos cur_match; /* current match */
+{
+ register Bytef *scan = s->window + s->strstart; /* current string */
+ register Bytef *match; /* matched string */
+ register int len; /* length of current match */
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
+
+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+ * It is easy to get rid of this optimization if necessary.
+ */
+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
+
+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
+
+ Assert(cur_match < s->strstart, "no future");
+
+ match = s->window + cur_match;
+
+ /* Return failure if the match length is less than 2:
+ */
+ if (match[0] != scan[0] || match[1] != scan[1]) return MIN_MATCH-1;
+
+ /* The check at best_len-1 can be removed because it will be made
+ * again later. (This heuristic is not always a win.)
+ * It is not necessary to compare scan[2] and match[2] since they
+ * are always equal when the other bytes match, given that
+ * the hash keys are equal and that HASH_BITS >= 8.
+ */
+ scan += 2, match += 2;
+ Assert(*scan == *match, "match[2]?");
+
+ /* We check for insufficient lookahead only every 8th comparison;
+ * the 256th check will be made at strstart+258.
+ */
+ do {
+ } while (*++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ scan < strend);
+
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+
+ len = MAX_MATCH - (int)(strend - scan);
+
+ if (len < MIN_MATCH) return MIN_MATCH - 1;
+
+ s->match_start = cur_match;
+ return (uInt)len <= s->lookahead ? (uInt)len : s->lookahead;
+}
+
+#endif /* FASTEST */
+
+#ifdef DEBUG
+/* ===========================================================================
+ * Check that the match at match_start is indeed a match.
+ */
+local void check_match(s, start, match, length)
+ deflate_state *s;
+ IPos start, match;
+ int length;
+{
+ /* check that the match is indeed a match */
+ if (zmemcmp(s->window + match,
+ s->window + start, length) != EQUAL) {
+ fprintf(stderr, " start %u, match %u, length %d\n",
+ start, match, length);
+ do {
+ fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
+ } while (--length != 0);
+ z_error("invalid match");
+ }
+ if (z_verbose > 1) {
+ fprintf(stderr,"\\[%d,%d]", start-match, length);
+ do { putc(s->window[start++], stderr); } while (--length != 0);
+ }
+}
+#else
+# define check_match(s, start, match, length)
+#endif /* DEBUG */
+
+/* ===========================================================================
+ * Fill the window when the lookahead becomes insufficient.
+ * Updates strstart and lookahead.
+ *
+ * IN assertion: lookahead < MIN_LOOKAHEAD
+ * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
+ * At least one byte has been read, or avail_in == 0; reads are
+ * performed for at least two bytes (required for the zip translate_eol
+ * option -- not supported here).
+ */
+local void fill_window(s)
+ deflate_state *s;
+{
+ register unsigned n, m;
+ register Posf *p;
+ unsigned more; /* Amount of free space at the end of the window. */
+ uInt wsize = s->w_size;
+
+ do {
+ more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
+
+ /* Deal with !@#$% 64K limit: */
+ if (sizeof(int) <= 2) {
+ if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
+ more = wsize;
+
+ } else if (more == (unsigned)(-1)) {
+ /* Very unlikely, but possible on 16 bit machine if
+ * strstart == 0 && lookahead == 1 (input done a byte at time)
+ */
+ more--;
+ }
+ }
+
+ /* If the window is almost full and there is insufficient lookahead,
+ * move the upper half to the lower one to make room in the upper half.
+ */
+ if (s->strstart >= wsize+MAX_DIST(s)) {
+
+ zmemcpy(s->window, s->window+wsize, (unsigned)wsize);
+ s->match_start -= wsize;
+ s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
+ s->block_start -= (long) wsize;
+
+ /* Slide the hash table (could be avoided with 32 bit values
+ at the expense of memory usage). We slide even when level == 0
+ to keep the hash table consistent if we switch back to level > 0
+ later. (Using level 0 permanently is not an optimal usage of
+ zlib, so we don't care about this pathological case.)
+ */
+ n = s->hash_size;
+ p = &s->head[n];
+ do {
+ m = *--p;
+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
+ } while (--n);
+
+ n = wsize;
+#ifndef FASTEST
+ p = &s->prev[n];
+ do {
+ m = *--p;
+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
+ /* If n is not on any hash chain, prev[n] is garbage but
+ * its value will never be used.
+ */
+ } while (--n);
+#endif
+ more += wsize;
+ }
+ if (s->strm->avail_in == 0) return;
+
+ /* If there was no sliding:
+ * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
+ * more == window_size - lookahead - strstart
+ * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
+ * => more >= window_size - 2*WSIZE + 2
+ * In the BIG_MEM or MMAP case (not yet supported),
+ * window_size == input_size + MIN_LOOKAHEAD &&
+ * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
+ * Otherwise, window_size == 2*WSIZE so more >= 2.
+ * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
+ */
+ Assert(more >= 2, "more < 2");
+
+ n = read_buf(s->strm, s->window + s->strstart + s->lookahead, more);
+ s->lookahead += n;
+
+ /* Initialize the hash value now that we have some input: */
+ if (s->lookahead >= MIN_MATCH) {
+ s->ins_h = s->window[s->strstart];
+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
+#if MIN_MATCH != 3
+ Call UPDATE_HASH() MIN_MATCH-3 more times
+#endif
+ }
+ /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
+ * but this is not important since only literal bytes will be emitted.
+ */
+
+ } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
+
+ /* If the WIN_INIT bytes after the end of the current data have never been
+ * written, then zero those bytes in order to avoid memory check reports of
+ * the use of uninitialized (or uninitialised as Julian writes) bytes by
+ * the longest match routines. Update the high water mark for the next
+ * time through here. WIN_INIT is set to MAX_MATCH since the longest match
+ * routines allow scanning to strstart + MAX_MATCH, ignoring lookahead.
+ */
+ if (s->high_water < s->window_size) {
+ ulg curr = s->strstart + (ulg)(s->lookahead);
+ ulg init;
+
+ if (s->high_water < curr) {
+ /* Previous high water mark below current data -- zero WIN_INIT
+ * bytes or up to end of window, whichever is less.
+ */
+ init = s->window_size - curr;
+ if (init > WIN_INIT)
+ init = WIN_INIT;
+ zmemzero(s->window + curr, (unsigned)init);
+ s->high_water = curr + init;
+ }
+ else if (s->high_water < (ulg)curr + WIN_INIT) {
+ /* High water mark at or above current data, but below current data
+ * plus WIN_INIT -- zero out to current data plus WIN_INIT, or up
+ * to end of window, whichever is less.
+ */
+ init = (ulg)curr + WIN_INIT - s->high_water;
+ if (init > s->window_size - s->high_water)
+ init = s->window_size - s->high_water;
+ zmemzero(s->window + s->high_water, (unsigned)init);
+ s->high_water += init;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Flush the current block, with given end-of-file flag.
+ * IN assertion: strstart is set to the end of the current match.
+ */
+#define FLUSH_BLOCK_ONLY(s, last) { \
+ _tr_flush_block(s, (s->block_start >= 0L ? \
+ (charf *)&s->window[(unsigned)s->block_start] : \
+ (charf *)Z_NULL), \
+ (ulg)((long)s->strstart - s->block_start), \
+ (last)); \
+ s->block_start = s->strstart; \
+ flush_pending(s->strm); \
+ Tracev((stderr,"[FLUSH]")); \
+}
+
+/* Same but force premature exit if necessary. */
+#define FLUSH_BLOCK(s, last) { \
+ FLUSH_BLOCK_ONLY(s, last); \
+ if (s->strm->avail_out == 0) return (last) ? finish_started : need_more; \
+}
+
+/* ===========================================================================
+ * Copy without compression as much as possible from the input stream, return
+ * the current block state.
+ * This function does not insert new strings in the dictionary since
+ * uncompressible data is probably not useful. This function is used
+ * only for the level=0 compression option.
+ * NOTE: this function should be optimized to avoid extra copying from
+ * window to pending_buf.
+ */
+local block_state deflate_stored(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ /* Stored blocks are limited to 0xffff bytes, pending_buf is limited
+ * to pending_buf_size, and each stored block has a 5 byte header:
+ */
+ ulg max_block_size = 0xffff;
+ ulg max_start;
+
+ if (max_block_size > s->pending_buf_size - 5) {
+ max_block_size = s->pending_buf_size - 5;
+ }
+
+ /* Copy as much as possible from input to output: */
+ for (;;) {
+ /* Fill the window as much as possible: */
+ if (s->lookahead <= 1) {
+
+ Assert(s->strstart < s->w_size+MAX_DIST(s) ||
+ s->block_start >= (long)s->w_size, "slide too late");
+
+ fill_window(s);
+ if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
+
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+ Assert(s->block_start >= 0L, "block gone");
+
+ s->strstart += s->lookahead;
+ s->lookahead = 0;
+
+ /* Emit a stored block if pending_buf will be full: */
+ max_start = s->block_start + max_block_size;
+ if (s->strstart == 0 || (ulg)s->strstart >= max_start) {
+ /* strstart == 0 is possible when wraparound on 16-bit machine */
+ s->lookahead = (uInt)(s->strstart - max_start);
+ s->strstart = (uInt)max_start;
+ FLUSH_BLOCK(s, 0);
+ }
+ /* Flush if we may have to slide, otherwise block_start may become
+ * negative and the data will be gone:
+ */
+ if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
+ FLUSH_BLOCK(s, 0);
+ }
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+
+/* ===========================================================================
+ * Compress as much as possible from the input stream, return the current
+ * block state.
+ * This function does not perform lazy evaluation of matches and inserts
+ * new strings in the dictionary only for unmatched strings or for short
+ * matches. It is used only for the fast compression options.
+ */
+local block_state deflate_fast(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ IPos hash_head; /* head of the hash chain */
+ int bflush; /* set if current block must be flushed */
+
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the next match, plus MIN_MATCH bytes to insert the
+ * string following the next match.
+ */
+ if (s->lookahead < MIN_LOOKAHEAD) {
+ fill_window(s);
+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* Insert the string window[strstart .. strstart+2] in the
+ * dictionary, and set hash_head to the head of the hash chain:
+ */
+ hash_head = NIL;
+ if (s->lookahead >= MIN_MATCH) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+
+ /* Find the longest match, discarding those <= prev_length.
+ * At this point we have always match_length < MIN_MATCH
+ */
+ if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
+ /* To simplify the code, we prevent matches with the string
+ * of window index 0 (in particular we have to avoid a match
+ * of the string with itself at the start of the input file).
+ */
+ s->match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+ }
+ if (s->match_length >= MIN_MATCH) {
+ check_match(s, s->strstart, s->match_start, s->match_length);
+
+ _tr_tally_dist(s, s->strstart - s->match_start,
+ s->match_length - MIN_MATCH, bflush);
+
+ s->lookahead -= s->match_length;
+
+ /* Insert new strings in the hash table only if the match length
+ * is not too large. This saves time but degrades compression.
+ */
+#ifndef FASTEST
+ if (s->match_length <= s->max_insert_length &&
+ s->lookahead >= MIN_MATCH) {
+ s->match_length--; /* string at strstart already in table */
+ do {
+ s->strstart++;
+ INSERT_STRING(s, s->strstart, hash_head);
+ /* strstart never exceeds WSIZE-MAX_MATCH, so there are
+ * always MIN_MATCH bytes ahead.
+ */
+ } while (--s->match_length != 0);
+ s->strstart++;
+ } else
+#endif
+ {
+ s->strstart += s->match_length;
+ s->match_length = 0;
+ s->ins_h = s->window[s->strstart];
+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
+#if MIN_MATCH != 3
+ Call UPDATE_HASH() MIN_MATCH-3 more times
+#endif
+ /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
+ * matter since it will be recomputed at next deflate call.
+ */
+ }
+ } else {
+ /* No match, output a literal byte */
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ }
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+
+#ifndef FASTEST
+/* ===========================================================================
+ * Same as above, but achieves better compression. We use a lazy
+ * evaluation for matches: a match is finally adopted only if there is
+ * no better match at the next window position.
+ */
+local block_state deflate_slow(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ IPos hash_head; /* head of hash chain */
+ int bflush; /* set if current block must be flushed */
+
+ /* Process the input block. */
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the next match, plus MIN_MATCH bytes to insert the
+ * string following the next match.
+ */
+ if (s->lookahead < MIN_LOOKAHEAD) {
+ fill_window(s);
+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* Insert the string window[strstart .. strstart+2] in the
+ * dictionary, and set hash_head to the head of the hash chain:
+ */
+ hash_head = NIL;
+ if (s->lookahead >= MIN_MATCH) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+
+ /* Find the longest match, discarding those <= prev_length.
+ */
+ s->prev_length = s->match_length, s->prev_match = s->match_start;
+ s->match_length = MIN_MATCH-1;
+
+ if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
+ s->strstart - hash_head <= MAX_DIST(s)) {
+ /* To simplify the code, we prevent matches with the string
+ * of window index 0 (in particular we have to avoid a match
+ * of the string with itself at the start of the input file).
+ */
+ s->match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+
+ if (s->match_length <= 5 && (s->strategy == Z_FILTERED
+#if TOO_FAR <= 32767
+ || (s->match_length == MIN_MATCH &&
+ s->strstart - s->match_start > TOO_FAR)
+#endif
+ )) {
+
+ /* If prev_match is also MIN_MATCH, match_start is garbage
+ * but we will ignore the current match anyway.
+ */
+ s->match_length = MIN_MATCH-1;
+ }
+ }
+ /* If there was a match at the previous step and the current
+ * match is not better, output the previous match:
+ */
+ if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
+ uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
+ /* Do not insert strings in hash table beyond this. */
+
+ check_match(s, s->strstart-1, s->prev_match, s->prev_length);
+
+ _tr_tally_dist(s, s->strstart -1 - s->prev_match,
+ s->prev_length - MIN_MATCH, bflush);
+
+ /* Insert in hash table all strings up to the end of the match.
+ * strstart-1 and strstart are already inserted. If there is not
+ * enough lookahead, the last two strings are not inserted in
+ * the hash table.
+ */
+ s->lookahead -= s->prev_length-1;
+ s->prev_length -= 2;
+ do {
+ if (++s->strstart <= max_insert) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+ } while (--s->prev_length != 0);
+ s->match_available = 0;
+ s->match_length = MIN_MATCH-1;
+ s->strstart++;
+
+ if (bflush) FLUSH_BLOCK(s, 0);
+
+ } else if (s->match_available) {
+ /* If there was no match at the previous position, output a
+ * single literal. If there was a match but the current match
+ * is longer, truncate the previous match to a single literal.
+ */
+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
+ if (bflush) {
+ FLUSH_BLOCK_ONLY(s, 0);
+ }
+ s->strstart++;
+ s->lookahead--;
+ if (s->strm->avail_out == 0) return need_more;
+ } else {
+ /* There is no previous match to compare with, wait for
+ * the next step to decide.
+ */
+ s->match_available = 1;
+ s->strstart++;
+ s->lookahead--;
+ }
+ }
+ Assert (flush != Z_NO_FLUSH, "no flush?");
+ if (s->match_available) {
+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
+ s->match_available = 0;
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+#endif /* FASTEST */
+
+/* ===========================================================================
+ * For Z_RLE, simply look for runs of bytes, generate matches only of distance
+ * one. Do not maintain a hash table. (It will be regenerated if this run of
+ * deflate switches away from Z_RLE.)
+ */
+local block_state deflate_rle(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ int bflush; /* set if current block must be flushed */
+ uInt prev; /* byte at distance one to match */
+ Bytef *scan, *strend; /* scan goes up to strend for length of run */
+
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the longest encodable run.
+ */
+ if (s->lookahead < MAX_MATCH) {
+ fill_window(s);
+ if (s->lookahead < MAX_MATCH && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* See how many times the previous byte repeats */
+ s->match_length = 0;
+ if (s->lookahead >= MIN_MATCH && s->strstart > 0) {
+ scan = s->window + s->strstart - 1;
+ prev = *scan;
+ if (prev == *++scan && prev == *++scan && prev == *++scan) {
+ strend = s->window + s->strstart + MAX_MATCH;
+ do {
+ } while (prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ scan < strend);
+ s->match_length = MAX_MATCH - (int)(strend - scan);
+ if (s->match_length > s->lookahead)
+ s->match_length = s->lookahead;
+ }
+ }
+
+ /* Emit match if have run of MIN_MATCH or longer, else emit literal */
+ if (s->match_length >= MIN_MATCH) {
+ check_match(s, s->strstart, s->strstart - 1, s->match_length);
+
+ _tr_tally_dist(s, 1, s->match_length - MIN_MATCH, bflush);
+
+ s->lookahead -= s->match_length;
+ s->strstart += s->match_length;
+ s->match_length = 0;
+ } else {
+ /* No match, output a literal byte */
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ }
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
+
+/* ===========================================================================
+ * For Z_HUFFMAN_ONLY, do not look for matches. Do not maintain a hash table.
+ * (It will be regenerated if this run of deflate switches away from Huffman.)
+ */
+local block_state deflate_huff(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ int bflush; /* set if current block must be flushed */
+
+ for (;;) {
+ /* Make sure that we have a literal to write. */
+ if (s->lookahead == 0) {
+ fill_window(s);
+ if (s->lookahead == 0) {
+ if (flush == Z_NO_FLUSH)
+ return need_more;
+ break; /* flush the current block */
+ }
+ }
+
+ /* Output a literal byte */
+ s->match_length = 0;
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ FLUSH_BLOCK(s, flush == Z_FINISH);
+ return flush == Z_FINISH ? finish_done : block_done;
+}
diff --git a/security/nss/lib/zlib/deflate.h b/security/nss/lib/zlib/deflate.h
new file mode 100644
index 000000000..cbf0d1ea5
--- /dev/null
+++ b/security/nss/lib/zlib/deflate.h
@@ -0,0 +1,342 @@
+/* deflate.h -- internal compression state
+ * Copyright (C) 1995-2010 Jean-loup Gailly
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* @(#) $Id$ */
+
+#ifndef DEFLATE_H
+#define DEFLATE_H
+
+#include "zutil.h"
+
+/* define NO_GZIP when compiling if you want to disable gzip header and
+ trailer creation by deflate(). NO_GZIP would be used to avoid linking in
+ the crc code when it is not needed. For shared libraries, gzip encoding
+ should be left enabled. */
+#ifndef NO_GZIP
+# define GZIP
+#endif
+
+/* ===========================================================================
+ * Internal compression state.
+ */
+
+#define LENGTH_CODES 29
+/* number of length codes, not counting the special END_BLOCK code */
+
+#define LITERALS 256
+/* number of literal bytes 0..255 */
+
+#define L_CODES (LITERALS+1+LENGTH_CODES)
+/* number of Literal or Length codes, including the END_BLOCK code */
+
+#define D_CODES 30
+/* number of distance codes */
+
+#define BL_CODES 19
+/* number of codes used to transfer the bit lengths */
+
+#define HEAP_SIZE (2*L_CODES+1)
+/* maximum heap size */
+
+#define MAX_BITS 15
+/* All codes must not exceed MAX_BITS bits */
+
+#define INIT_STATE 42
+#define EXTRA_STATE 69
+#define NAME_STATE 73
+#define COMMENT_STATE 91
+#define HCRC_STATE 103
+#define BUSY_STATE 113
+#define FINISH_STATE 666
+/* Stream status */
+
+
+/* Data structure describing a single value and its code string. */
+typedef struct ct_data_s {
+ union {
+ ush freq; /* frequency count */
+ ush code; /* bit string */
+ } fc;
+ union {
+ ush dad; /* father node in Huffman tree */
+ ush len; /* length of bit string */
+ } dl;
+} FAR ct_data;
+
+#define Freq fc.freq
+#define Code fc.code
+#define Dad dl.dad
+#define Len dl.len
+
+typedef struct static_tree_desc_s static_tree_desc;
+
+typedef struct tree_desc_s {
+ ct_data *dyn_tree; /* the dynamic tree */
+ int max_code; /* largest code with non zero frequency */
+ static_tree_desc *stat_desc; /* the corresponding static tree */
+} FAR tree_desc;
+
+typedef ush Pos;
+typedef Pos FAR Posf;
+typedef unsigned IPos;
+
+/* A Pos is an index in the character window. We use short instead of int to
+ * save space in the various tables. IPos is used only for parameter passing.
+ */
+
+typedef struct internal_state {
+ z_streamp strm; /* pointer back to this zlib stream */
+ int status; /* as the name implies */
+ Bytef *pending_buf; /* output still pending */
+ ulg pending_buf_size; /* size of pending_buf */
+ Bytef *pending_out; /* next pending byte to output to the stream */
+ uInt pending; /* nb of bytes in the pending buffer */
+ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */
+ gz_headerp gzhead; /* gzip header information to write */
+ uInt gzindex; /* where in extra, name, or comment */
+ Byte method; /* STORED (for zip only) or DEFLATED */
+ int last_flush; /* value of flush param for previous deflate call */
+
+ /* used by deflate.c: */
+
+ uInt w_size; /* LZ77 window size (32K by default) */
+ uInt w_bits; /* log2(w_size) (8..16) */
+ uInt w_mask; /* w_size - 1 */
+
+ Bytef *window;
+ /* Sliding window. Input bytes are read into the second half of the window,
+ * and move to the first half later to keep a dictionary of at least wSize
+ * bytes. With this organization, matches are limited to a distance of
+ * wSize-MAX_MATCH bytes, but this ensures that IO is always
+ * performed with a length multiple of the block size. Also, it limits
+ * the window size to 64K, which is quite useful on MSDOS.
+ * To do: use the user input buffer as sliding window.
+ */
+
+ ulg window_size;
+ /* Actual size of window: 2*wSize, except when the user input buffer
+ * is directly used as sliding window.
+ */
+
+ Posf *prev;
+ /* Link to older string with same hash index. To limit the size of this
+ * array to 64K, this link is maintained only for the last 32K strings.
+ * An index in this array is thus a window index modulo 32K.
+ */
+
+ Posf *head; /* Heads of the hash chains or NIL. */
+
+ uInt ins_h; /* hash index of string to be inserted */
+ uInt hash_size; /* number of elements in hash table */
+ uInt hash_bits; /* log2(hash_size) */
+ uInt hash_mask; /* hash_size-1 */
+
+ uInt hash_shift;
+ /* Number of bits by which ins_h must be shifted at each input
+ * step. It must be such that after MIN_MATCH steps, the oldest
+ * byte no longer takes part in the hash key, that is:
+ * hash_shift * MIN_MATCH >= hash_bits
+ */
+
+ long block_start;
+ /* Window position at the beginning of the current output block. Gets
+ * negative when the window is moved backwards.
+ */
+
+ uInt match_length; /* length of best match */
+ IPos prev_match; /* previous match */
+ int match_available; /* set if previous match exists */
+ uInt strstart; /* start of string to insert */
+ uInt match_start; /* start of matching string */
+ uInt lookahead; /* number of valid bytes ahead in window */
+
+ uInt prev_length;
+ /* Length of the best match at previous step. Matches not greater than this
+ * are discarded. This is used in the lazy match evaluation.
+ */
+
+ uInt max_chain_length;
+ /* To speed up deflation, hash chains are never searched beyond this
+ * length. A higher limit improves compression ratio but degrades the
+ * speed.
+ */
+
+ uInt max_lazy_match;
+ /* Attempt to find a better match only when the current match is strictly
+ * smaller than this value. This mechanism is used only for compression
+ * levels >= 4.
+ */
+# define max_insert_length max_lazy_match
+ /* Insert new strings in the hash table only if the match length is not
+ * greater than this length. This saves time but degrades compression.
+ * max_insert_length is used only for compression levels <= 3.
+ */
+
+ int level; /* compression level (1..9) */
+ int strategy; /* favor or force Huffman coding*/
+
+ uInt good_match;
+ /* Use a faster search when the previous match is longer than this */
+
+ int nice_match; /* Stop searching when current match exceeds this */
+
+ /* used by trees.c: */
+ /* Didn't use ct_data typedef below to supress compiler warning */
+ struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
+ struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
+ struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
+
+ struct tree_desc_s l_desc; /* desc. for literal tree */
+ struct tree_desc_s d_desc; /* desc. for distance tree */
+ struct tree_desc_s bl_desc; /* desc. for bit length tree */
+
+ ush bl_count[MAX_BITS+1];
+ /* number of codes at each bit length for an optimal tree */
+
+ int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
+ int heap_len; /* number of elements in the heap */
+ int heap_max; /* element of largest frequency */
+ /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
+ * The same heap array is used to build all trees.
+ */
+
+ uch depth[2*L_CODES+1];
+ /* Depth of each subtree used as tie breaker for trees of equal frequency
+ */
+
+ uchf *l_buf; /* buffer for literals or lengths */
+
+ uInt lit_bufsize;
+ /* Size of match buffer for literals/lengths. There are 4 reasons for
+ * limiting lit_bufsize to 64K:
+ * - frequencies can be kept in 16 bit counters
+ * - if compression is not successful for the first block, all input
+ * data is still in the window so we can still emit a stored block even
+ * when input comes from standard input. (This can also be done for
+ * all blocks if lit_bufsize is not greater than 32K.)
+ * - if compression is not successful for a file smaller than 64K, we can
+ * even emit a stored file instead of a stored block (saving 5 bytes).
+ * This is applicable only for zip (not gzip or zlib).
+ * - creating new Huffman trees less frequently may not provide fast
+ * adaptation to changes in the input data statistics. (Take for
+ * example a binary file with poorly compressible code followed by
+ * a highly compressible string table.) Smaller buffer sizes give
+ * fast adaptation but have of course the overhead of transmitting
+ * trees more frequently.
+ * - I can't count above 4
+ */
+
+ uInt last_lit; /* running index in l_buf */
+
+ ushf *d_buf;
+ /* Buffer for distances. To simplify the code, d_buf and l_buf have
+ * the same number of elements. To use different lengths, an extra flag
+ * array would be necessary.
+ */
+
+ ulg opt_len; /* bit length of current block with optimal trees */
+ ulg static_len; /* bit length of current block with static trees */
+ uInt matches; /* number of string matches in current block */
+ int last_eob_len; /* bit length of EOB code for last block */
+
+#ifdef DEBUG
+ ulg compressed_len; /* total bit length of compressed file mod 2^32 */
+ ulg bits_sent; /* bit length of compressed data sent mod 2^32 */
+#endif
+
+ ush bi_buf;
+ /* Output buffer. bits are inserted starting at the bottom (least
+ * significant bits).
+ */
+ int bi_valid;
+ /* Number of valid bits in bi_buf. All bits above the last valid bit
+ * are always zero.
+ */
+
+ ulg high_water;
+ /* High water mark offset in window for initialized bytes -- bytes above
+ * this are set to zero in order to avoid memory check warnings when
+ * longest match routines access bytes past the input. This is then
+ * updated to the new high water mark.
+ */
+
+} FAR deflate_state;
+
+/* Output a byte on the stream.
+ * IN assertion: there is enough room in pending_buf.
+ */
+#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
+
+
+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
+/* Minimum amount of lookahead, except at the end of the input file.
+ * See deflate.c for comments about the MIN_MATCH+1.
+ */
+
+#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
+/* In order to simplify the code, particularly on 16 bit machines, match
+ * distances are limited to MAX_DIST instead of WSIZE.
+ */
+
+#define WIN_INIT MAX_MATCH
+/* Number of bytes after end of data in window to initialize in order to avoid
+ memory checker errors from longest match routines */
+
+ /* in trees.c */
+void ZLIB_INTERNAL _tr_init OF((deflate_state *s));
+int ZLIB_INTERNAL _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
+void ZLIB_INTERNAL _tr_flush_block OF((deflate_state *s, charf *buf,
+ ulg stored_len, int last));
+void ZLIB_INTERNAL _tr_align OF((deflate_state *s));
+void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
+ ulg stored_len, int last));
+
+#define d_code(dist) \
+ ((dist) < 256 ? _dist_code[dist] : _dist_code[256+((dist)>>7)])
+/* Mapping from a distance to a distance code. dist is the distance - 1 and
+ * must not have side effects. _dist_code[256] and _dist_code[257] are never
+ * used.
+ */
+
+#ifndef DEBUG
+/* Inline versions of _tr_tally for speed: */
+
+#if defined(GEN_TREES_H) || !defined(STDC)
+ extern uch ZLIB_INTERNAL _length_code[];
+ extern uch ZLIB_INTERNAL _dist_code[];
+#else
+ extern const uch ZLIB_INTERNAL _length_code[];
+ extern const uch ZLIB_INTERNAL _dist_code[];
+#endif
+
+# define _tr_tally_lit(s, c, flush) \
+ { uch cc = (c); \
+ s->d_buf[s->last_lit] = 0; \
+ s->l_buf[s->last_lit++] = cc; \
+ s->dyn_ltree[cc].Freq++; \
+ flush = (s->last_lit == s->lit_bufsize-1); \
+ }
+# define _tr_tally_dist(s, distance, length, flush) \
+ { uch len = (length); \
+ ush dist = (distance); \
+ s->d_buf[s->last_lit] = dist; \
+ s->l_buf[s->last_lit++] = len; \
+ dist--; \
+ s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
+ s->dyn_dtree[d_code(dist)].Freq++; \
+ flush = (s->last_lit == s->lit_bufsize-1); \
+ }
+#else
+# define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
+# define _tr_tally_dist(s, distance, length, flush) \
+ flush = _tr_tally(s, distance, length)
+#endif
+
+#endif /* DEFLATE_H */
diff --git a/security/nss/lib/zlib/example.c b/security/nss/lib/zlib/example.c
new file mode 100644
index 000000000..604736f15
--- /dev/null
+++ b/security/nss/lib/zlib/example.c
@@ -0,0 +1,565 @@
+/* example.c -- usage example of the zlib compression library
+ * Copyright (C) 1995-2006 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zlib.h"
+#include <stdio.h>
+
+#ifdef STDC
+# include <string.h>
+# include <stdlib.h>
+#endif
+
+#if defined(VMS) || defined(RISCOS)
+# define TESTFILE "foo-gz"
+#else
+# define TESTFILE "foo.gz"
+#endif
+
+#define CHECK_ERR(err, msg) { \
+ if (err != Z_OK) { \
+ fprintf(stderr, "%s error: %d\n", msg, err); \
+ exit(1); \
+ } \
+}
+
+const char hello[] = "hello, hello!";
+/* "hello world" would be more standard, but the repeated "hello"
+ * stresses the compression code better, sorry...
+ */
+
+const char dictionary[] = "hello";
+uLong dictId; /* Adler32 value of the dictionary */
+
+void test_compress OF((Byte *compr, uLong comprLen,
+ Byte *uncompr, uLong uncomprLen));
+void test_gzio OF((const char *fname,
+ Byte *uncompr, uLong uncomprLen));
+void test_deflate OF((Byte *compr, uLong comprLen));
+void test_inflate OF((Byte *compr, uLong comprLen,
+ Byte *uncompr, uLong uncomprLen));
+void test_large_deflate OF((Byte *compr, uLong comprLen,
+ Byte *uncompr, uLong uncomprLen));
+void test_large_inflate OF((Byte *compr, uLong comprLen,
+ Byte *uncompr, uLong uncomprLen));
+void test_flush OF((Byte *compr, uLong *comprLen));
+void test_sync OF((Byte *compr, uLong comprLen,
+ Byte *uncompr, uLong uncomprLen));
+void test_dict_deflate OF((Byte *compr, uLong comprLen));
+void test_dict_inflate OF((Byte *compr, uLong comprLen,
+ Byte *uncompr, uLong uncomprLen));
+int main OF((int argc, char *argv[]));
+
+/* ===========================================================================
+ * Test compress() and uncompress()
+ */
+void test_compress(compr, comprLen, uncompr, uncomprLen)
+ Byte *compr, *uncompr;
+ uLong comprLen, uncomprLen;
+{
+ int err;
+ uLong len = (uLong)strlen(hello)+1;
+
+ err = compress(compr, &comprLen, (const Bytef*)hello, len);
+ CHECK_ERR(err, "compress");
+
+ strcpy((char*)uncompr, "garbage");
+
+ err = uncompress(uncompr, &uncomprLen, compr, comprLen);
+ CHECK_ERR(err, "uncompress");
+
+ if (strcmp((char*)uncompr, hello)) {
+ fprintf(stderr, "bad uncompress\n");
+ exit(1);
+ } else {
+ printf("uncompress(): %s\n", (char *)uncompr);
+ }
+}
+
+/* ===========================================================================
+ * Test read/write of .gz files
+ */
+void test_gzio(fname, uncompr, uncomprLen)
+ const char *fname; /* compressed file name */
+ Byte *uncompr;
+ uLong uncomprLen;
+{
+#ifdef NO_GZCOMPRESS
+ fprintf(stderr, "NO_GZCOMPRESS -- gz* functions cannot compress\n");
+#else
+ int err;
+ int len = (int)strlen(hello)+1;
+ gzFile file;
+ z_off_t pos;
+
+ file = gzopen(fname, "wb");
+ if (file == NULL) {
+ fprintf(stderr, "gzopen error\n");
+ exit(1);
+ }
+ gzputc(file, 'h');
+ if (gzputs(file, "ello") != 4) {
+ fprintf(stderr, "gzputs err: %s\n", gzerror(file, &err));
+ exit(1);
+ }
+ if (gzprintf(file, ", %s!", "hello") != 8) {
+ fprintf(stderr, "gzprintf err: %s\n", gzerror(file, &err));
+ exit(1);
+ }
+ gzseek(file, 1L, SEEK_CUR); /* add one zero byte */
+ gzclose(file);
+
+ file = gzopen(fname, "rb");
+ if (file == NULL) {
+ fprintf(stderr, "gzopen error\n");
+ exit(1);
+ }
+ strcpy((char*)uncompr, "garbage");
+
+ if (gzread(file, uncompr, (unsigned)uncomprLen) != len) {
+ fprintf(stderr, "gzread err: %s\n", gzerror(file, &err));
+ exit(1);
+ }
+ if (strcmp((char*)uncompr, hello)) {
+ fprintf(stderr, "bad gzread: %s\n", (char*)uncompr);
+ exit(1);
+ } else {
+ printf("gzread(): %s\n", (char*)uncompr);
+ }
+
+ pos = gzseek(file, -8L, SEEK_CUR);
+ if (pos != 6 || gztell(file) != pos) {
+ fprintf(stderr, "gzseek error, pos=%ld, gztell=%ld\n",
+ (long)pos, (long)gztell(file));
+ exit(1);
+ }
+
+ if (gzgetc(file) != ' ') {
+ fprintf(stderr, "gzgetc error\n");
+ exit(1);
+ }
+
+ if (gzungetc(' ', file) != ' ') {
+ fprintf(stderr, "gzungetc error\n");
+ exit(1);
+ }
+
+ gzgets(file, (char*)uncompr, (int)uncomprLen);
+ if (strlen((char*)uncompr) != 7) { /* " hello!" */
+ fprintf(stderr, "gzgets err after gzseek: %s\n", gzerror(file, &err));
+ exit(1);
+ }
+ if (strcmp((char*)uncompr, hello + 6)) {
+ fprintf(stderr, "bad gzgets after gzseek\n");
+ exit(1);
+ } else {
+ printf("gzgets() after gzseek: %s\n", (char*)uncompr);
+ }
+
+ gzclose(file);
+#endif
+}
+
+/* ===========================================================================
+ * Test deflate() with small buffers
+ */
+void test_deflate(compr, comprLen)
+ Byte *compr;
+ uLong comprLen;
+{
+ z_stream c_stream; /* compression stream */
+ int err;
+ uLong len = (uLong)strlen(hello)+1;
+
+ c_stream.zalloc = (alloc_func)0;
+ c_stream.zfree = (free_func)0;
+ c_stream.opaque = (voidpf)0;
+
+ err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
+ CHECK_ERR(err, "deflateInit");
+
+ c_stream.next_in = (Bytef*)hello;
+ c_stream.next_out = compr;
+
+ while (c_stream.total_in != len && c_stream.total_out < comprLen) {
+ c_stream.avail_in = c_stream.avail_out = 1; /* force small buffers */
+ err = deflate(&c_stream, Z_NO_FLUSH);
+ CHECK_ERR(err, "deflate");
+ }
+ /* Finish the stream, still forcing small buffers: */
+ for (;;) {
+ c_stream.avail_out = 1;
+ err = deflate(&c_stream, Z_FINISH);
+ if (err == Z_STREAM_END) break;
+ CHECK_ERR(err, "deflate");
+ }
+
+ err = deflateEnd(&c_stream);
+ CHECK_ERR(err, "deflateEnd");
+}
+
+/* ===========================================================================
+ * Test inflate() with small buffers
+ */
+void test_inflate(compr, comprLen, uncompr, uncomprLen)
+ Byte *compr, *uncompr;
+ uLong comprLen, uncomprLen;
+{
+ int err;
+ z_stream d_stream; /* decompression stream */
+
+ strcpy((char*)uncompr, "garbage");
+
+ d_stream.zalloc = (alloc_func)0;
+ d_stream.zfree = (free_func)0;
+ d_stream.opaque = (voidpf)0;
+
+ d_stream.next_in = compr;
+ d_stream.avail_in = 0;
+ d_stream.next_out = uncompr;
+
+ err = inflateInit(&d_stream);
+ CHECK_ERR(err, "inflateInit");
+
+ while (d_stream.total_out < uncomprLen && d_stream.total_in < comprLen) {
+ d_stream.avail_in = d_stream.avail_out = 1; /* force small buffers */
+ err = inflate(&d_stream, Z_NO_FLUSH);
+ if (err == Z_STREAM_END) break;
+ CHECK_ERR(err, "inflate");
+ }
+
+ err = inflateEnd(&d_stream);
+ CHECK_ERR(err, "inflateEnd");
+
+ if (strcmp((char*)uncompr, hello)) {
+ fprintf(stderr, "bad inflate\n");
+ exit(1);
+ } else {
+ printf("inflate(): %s\n", (char *)uncompr);
+ }
+}
+
+/* ===========================================================================
+ * Test deflate() with large buffers and dynamic change of compression level
+ */
+void test_large_deflate(compr, comprLen, uncompr, uncomprLen)
+ Byte *compr, *uncompr;
+ uLong comprLen, uncomprLen;
+{
+ z_stream c_stream; /* compression stream */
+ int err;
+
+ c_stream.zalloc = (alloc_func)0;
+ c_stream.zfree = (free_func)0;
+ c_stream.opaque = (voidpf)0;
+
+ err = deflateInit(&c_stream, Z_BEST_SPEED);
+ CHECK_ERR(err, "deflateInit");
+
+ c_stream.next_out = compr;
+ c_stream.avail_out = (uInt)comprLen;
+
+ /* At this point, uncompr is still mostly zeroes, so it should compress
+ * very well:
+ */
+ c_stream.next_in = uncompr;
+ c_stream.avail_in = (uInt)uncomprLen;
+ err = deflate(&c_stream, Z_NO_FLUSH);
+ CHECK_ERR(err, "deflate");
+ if (c_stream.avail_in != 0) {
+ fprintf(stderr, "deflate not greedy\n");
+ exit(1);
+ }
+
+ /* Feed in already compressed data and switch to no compression: */
+ deflateParams(&c_stream, Z_NO_COMPRESSION, Z_DEFAULT_STRATEGY);
+ c_stream.next_in = compr;
+ c_stream.avail_in = (uInt)comprLen/2;
+ err = deflate(&c_stream, Z_NO_FLUSH);
+ CHECK_ERR(err, "deflate");
+
+ /* Switch back to compressing mode: */
+ deflateParams(&c_stream, Z_BEST_COMPRESSION, Z_FILTERED);
+ c_stream.next_in = uncompr;
+ c_stream.avail_in = (uInt)uncomprLen;
+ err = deflate(&c_stream, Z_NO_FLUSH);
+ CHECK_ERR(err, "deflate");
+
+ err = deflate(&c_stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ fprintf(stderr, "deflate should report Z_STREAM_END\n");
+ exit(1);
+ }
+ err = deflateEnd(&c_stream);
+ CHECK_ERR(err, "deflateEnd");
+}
+
+/* ===========================================================================
+ * Test inflate() with large buffers
+ */
+void test_large_inflate(compr, comprLen, uncompr, uncomprLen)
+ Byte *compr, *uncompr;
+ uLong comprLen, uncomprLen;
+{
+ int err;
+ z_stream d_stream; /* decompression stream */
+
+ strcpy((char*)uncompr, "garbage");
+
+ d_stream.zalloc = (alloc_func)0;
+ d_stream.zfree = (free_func)0;
+ d_stream.opaque = (voidpf)0;
+
+ d_stream.next_in = compr;
+ d_stream.avail_in = (uInt)comprLen;
+
+ err = inflateInit(&d_stream);
+ CHECK_ERR(err, "inflateInit");
+
+ for (;;) {
+ d_stream.next_out = uncompr; /* discard the output */
+ d_stream.avail_out = (uInt)uncomprLen;
+ err = inflate(&d_stream, Z_NO_FLUSH);
+ if (err == Z_STREAM_END) break;
+ CHECK_ERR(err, "large inflate");
+ }
+
+ err = inflateEnd(&d_stream);
+ CHECK_ERR(err, "inflateEnd");
+
+ if (d_stream.total_out != 2*uncomprLen + comprLen/2) {
+ fprintf(stderr, "bad large inflate: %ld\n", d_stream.total_out);
+ exit(1);
+ } else {
+ printf("large_inflate(): OK\n");
+ }
+}
+
+/* ===========================================================================
+ * Test deflate() with full flush
+ */
+void test_flush(compr, comprLen)
+ Byte *compr;
+ uLong *comprLen;
+{
+ z_stream c_stream; /* compression stream */
+ int err;
+ uInt len = (uInt)strlen(hello)+1;
+
+ c_stream.zalloc = (alloc_func)0;
+ c_stream.zfree = (free_func)0;
+ c_stream.opaque = (voidpf)0;
+
+ err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
+ CHECK_ERR(err, "deflateInit");
+
+ c_stream.next_in = (Bytef*)hello;
+ c_stream.next_out = compr;
+ c_stream.avail_in = 3;
+ c_stream.avail_out = (uInt)*comprLen;
+ err = deflate(&c_stream, Z_FULL_FLUSH);
+ CHECK_ERR(err, "deflate");
+
+ compr[3]++; /* force an error in first compressed block */
+ c_stream.avail_in = len - 3;
+
+ err = deflate(&c_stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ CHECK_ERR(err, "deflate");
+ }
+ err = deflateEnd(&c_stream);
+ CHECK_ERR(err, "deflateEnd");
+
+ *comprLen = c_stream.total_out;
+}
+
+/* ===========================================================================
+ * Test inflateSync()
+ */
+void test_sync(compr, comprLen, uncompr, uncomprLen)
+ Byte *compr, *uncompr;
+ uLong comprLen, uncomprLen;
+{
+ int err;
+ z_stream d_stream; /* decompression stream */
+
+ strcpy((char*)uncompr, "garbage");
+
+ d_stream.zalloc = (alloc_func)0;
+ d_stream.zfree = (free_func)0;
+ d_stream.opaque = (voidpf)0;
+
+ d_stream.next_in = compr;
+ d_stream.avail_in = 2; /* just read the zlib header */
+
+ err = inflateInit(&d_stream);
+ CHECK_ERR(err, "inflateInit");
+
+ d_stream.next_out = uncompr;
+ d_stream.avail_out = (uInt)uncomprLen;
+
+ inflate(&d_stream, Z_NO_FLUSH);
+ CHECK_ERR(err, "inflate");
+
+ d_stream.avail_in = (uInt)comprLen-2; /* read all compressed data */
+ err = inflateSync(&d_stream); /* but skip the damaged part */
+ CHECK_ERR(err, "inflateSync");
+
+ err = inflate(&d_stream, Z_FINISH);
+ if (err != Z_DATA_ERROR) {
+ fprintf(stderr, "inflate should report DATA_ERROR\n");
+ /* Because of incorrect adler32 */
+ exit(1);
+ }
+ err = inflateEnd(&d_stream);
+ CHECK_ERR(err, "inflateEnd");
+
+ printf("after inflateSync(): hel%s\n", (char *)uncompr);
+}
+
+/* ===========================================================================
+ * Test deflate() with preset dictionary
+ */
+void test_dict_deflate(compr, comprLen)
+ Byte *compr;
+ uLong comprLen;
+{
+ z_stream c_stream; /* compression stream */
+ int err;
+
+ c_stream.zalloc = (alloc_func)0;
+ c_stream.zfree = (free_func)0;
+ c_stream.opaque = (voidpf)0;
+
+ err = deflateInit(&c_stream, Z_BEST_COMPRESSION);
+ CHECK_ERR(err, "deflateInit");
+
+ err = deflateSetDictionary(&c_stream,
+ (const Bytef*)dictionary, sizeof(dictionary));
+ CHECK_ERR(err, "deflateSetDictionary");
+
+ dictId = c_stream.adler;
+ c_stream.next_out = compr;
+ c_stream.avail_out = (uInt)comprLen;
+
+ c_stream.next_in = (Bytef*)hello;
+ c_stream.avail_in = (uInt)strlen(hello)+1;
+
+ err = deflate(&c_stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ fprintf(stderr, "deflate should report Z_STREAM_END\n");
+ exit(1);
+ }
+ err = deflateEnd(&c_stream);
+ CHECK_ERR(err, "deflateEnd");
+}
+
+/* ===========================================================================
+ * Test inflate() with a preset dictionary
+ */
+void test_dict_inflate(compr, comprLen, uncompr, uncomprLen)
+ Byte *compr, *uncompr;
+ uLong comprLen, uncomprLen;
+{
+ int err;
+ z_stream d_stream; /* decompression stream */
+
+ strcpy((char*)uncompr, "garbage");
+
+ d_stream.zalloc = (alloc_func)0;
+ d_stream.zfree = (free_func)0;
+ d_stream.opaque = (voidpf)0;
+
+ d_stream.next_in = compr;
+ d_stream.avail_in = (uInt)comprLen;
+
+ err = inflateInit(&d_stream);
+ CHECK_ERR(err, "inflateInit");
+
+ d_stream.next_out = uncompr;
+ d_stream.avail_out = (uInt)uncomprLen;
+
+ for (;;) {
+ err = inflate(&d_stream, Z_NO_FLUSH);
+ if (err == Z_STREAM_END) break;
+ if (err == Z_NEED_DICT) {
+ if (d_stream.adler != dictId) {
+ fprintf(stderr, "unexpected dictionary");
+ exit(1);
+ }
+ err = inflateSetDictionary(&d_stream, (const Bytef*)dictionary,
+ sizeof(dictionary));
+ }
+ CHECK_ERR(err, "inflate with dict");
+ }
+
+ err = inflateEnd(&d_stream);
+ CHECK_ERR(err, "inflateEnd");
+
+ if (strcmp((char*)uncompr, hello)) {
+ fprintf(stderr, "bad inflate with dict\n");
+ exit(1);
+ } else {
+ printf("inflate with dictionary: %s\n", (char *)uncompr);
+ }
+}
+
+/* ===========================================================================
+ * Usage: example [output.gz [input.gz]]
+ */
+
+int main(argc, argv)
+ int argc;
+ char *argv[];
+{
+ Byte *compr, *uncompr;
+ uLong comprLen = 10000*sizeof(int); /* don't overflow on MSDOS */
+ uLong uncomprLen = comprLen;
+ static const char* myVersion = ZLIB_VERSION;
+
+ if (zlibVersion()[0] != myVersion[0]) {
+ fprintf(stderr, "incompatible zlib version\n");
+ exit(1);
+
+ } else if (strcmp(zlibVersion(), ZLIB_VERSION) != 0) {
+ fprintf(stderr, "warning: different zlib version\n");
+ }
+
+ printf("zlib version %s = 0x%04x, compile flags = 0x%lx\n",
+ ZLIB_VERSION, ZLIB_VERNUM, zlibCompileFlags());
+
+ compr = (Byte*)calloc((uInt)comprLen, 1);
+ uncompr = (Byte*)calloc((uInt)uncomprLen, 1);
+ /* compr and uncompr are cleared to avoid reading uninitialized
+ * data and to ensure that uncompr compresses well.
+ */
+ if (compr == Z_NULL || uncompr == Z_NULL) {
+ printf("out of memory\n");
+ exit(1);
+ }
+ test_compress(compr, comprLen, uncompr, uncomprLen);
+
+ test_gzio((argc > 1 ? argv[1] : TESTFILE),
+ uncompr, uncomprLen);
+
+ test_deflate(compr, comprLen);
+ test_inflate(compr, comprLen, uncompr, uncomprLen);
+
+ test_large_deflate(compr, comprLen, uncompr, uncomprLen);
+ test_large_inflate(compr, comprLen, uncompr, uncomprLen);
+
+ test_flush(compr, &comprLen);
+ test_sync(compr, comprLen, uncompr, uncomprLen);
+ comprLen = uncomprLen;
+
+ test_dict_deflate(compr, comprLen);
+ test_dict_inflate(compr, comprLen, uncompr, uncomprLen);
+
+ free(compr);
+ free(uncompr);
+
+ return 0;
+}
diff --git a/security/nss/lib/zlib/exports.gyp b/security/nss/lib/zlib/exports.gyp
new file mode 100644
index 000000000..b55721818
--- /dev/null
+++ b/security/nss/lib/zlib/exports.gyp
@@ -0,0 +1,33 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'variables': {
+ 'module': 'nss',
+ },
+ 'conditions': [
+ ['use_system_zlib==1', {
+ 'targets': [{
+ 'target_name': 'lib_zlib_exports',
+ 'type': 'none',
+ }],
+ }, {
+ 'targets': [{
+ 'target_name': 'lib_zlib_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'zlib.h',
+ 'zconf.h',
+ ],
+ 'destination': '<(nss_private_dist_dir)/<(module)'
+ }
+ ]
+ }],
+ }],
+ ],
+}
diff --git a/security/nss/lib/zlib/gzclose.c b/security/nss/lib/zlib/gzclose.c
new file mode 100644
index 000000000..caeb99a31
--- /dev/null
+++ b/security/nss/lib/zlib/gzclose.c
@@ -0,0 +1,25 @@
+/* gzclose.c -- zlib gzclose() function
+ * Copyright (C) 2004, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+/* gzclose() is in a separate file so that it is linked in only if it is used.
+ That way the other gzclose functions can be used instead to avoid linking in
+ unneeded compression or decompression routines. */
+int ZEXPORT gzclose(file)
+ gzFile file;
+{
+#ifndef NO_GZCOMPRESS
+ gz_statep state;
+
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+
+ return state->mode == GZ_READ ? gzclose_r(file) : gzclose_w(file);
+#else
+ return gzclose_r(file);
+#endif
+}
diff --git a/security/nss/lib/zlib/gzguts.h b/security/nss/lib/zlib/gzguts.h
new file mode 100644
index 000000000..0f8fb79f8
--- /dev/null
+++ b/security/nss/lib/zlib/gzguts.h
@@ -0,0 +1,132 @@
+/* gzguts.h -- zlib internal header definitions for gz* operations
+ * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#ifdef _LARGEFILE64_SOURCE
+# ifndef _LARGEFILE_SOURCE
+# define _LARGEFILE_SOURCE 1
+# endif
+# ifdef _FILE_OFFSET_BITS
+# undef _FILE_OFFSET_BITS
+# endif
+#endif
+
+#if ((__GNUC__-0) * 10 + __GNUC_MINOR__-0 >= 33) && !defined(NO_VIZ)
+# define ZLIB_INTERNAL __attribute__((visibility ("hidden")))
+#else
+# define ZLIB_INTERNAL
+#endif
+
+#include <stdio.h>
+#include "zlib.h"
+#ifdef STDC
+# include <string.h>
+# include <stdlib.h>
+# include <limits.h>
+#endif
+#include <fcntl.h>
+
+#ifdef NO_DEFLATE /* for compatibility with old definition */
+# define NO_GZCOMPRESS
+#endif
+
+#ifdef _MSC_VER
+# include <io.h>
+# define vsnprintf _vsnprintf
+#endif
+
+#ifndef local
+# define local static
+#endif
+/* compile with -Dlocal if your debugger can't find static symbols */
+
+/* gz* functions always use library allocation functions */
+#ifndef STDC
+ extern voidp malloc OF((uInt size));
+ extern void free OF((voidpf ptr));
+#endif
+
+/* get errno and strerror definition */
+#if defined UNDER_CE
+# include <windows.h>
+# define zstrerror() gz_strwinerror((DWORD)GetLastError())
+#else
+# ifdef STDC
+# include <errno.h>
+# define zstrerror() strerror(errno)
+# else
+# define zstrerror() "stdio error (consult errno)"
+# endif
+#endif
+
+/* provide prototypes for these when building zlib without LFS */
+#if !defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off64_t ZEXPORT gzseek64 OF((gzFile, z_off64_t, int));
+ ZEXTERN z_off64_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off64_t ZEXPORT gzoffset64 OF((gzFile));
+#endif
+
+/* default i/o buffer size -- double this for output when reading */
+#define GZBUFSIZE 8192
+
+/* gzip modes, also provide a little integrity check on the passed structure */
+#define GZ_NONE 0
+#define GZ_READ 7247
+#define GZ_WRITE 31153
+#define GZ_APPEND 1 /* mode set to GZ_WRITE after the file is opened */
+
+/* values for gz_state how */
+#define LOOK 0 /* look for a gzip header */
+#define COPY 1 /* copy input directly */
+#define GZIP 2 /* decompress a gzip stream */
+
+/* internal gzip file state data structure */
+typedef struct {
+ /* used for both reading and writing */
+ int mode; /* see gzip modes above */
+ int fd; /* file descriptor */
+ char *path; /* path or fd for error messages */
+ z_off64_t pos; /* current position in uncompressed data */
+ unsigned size; /* buffer size, zero if not allocated yet */
+ unsigned want; /* requested buffer size, default is GZBUFSIZE */
+ unsigned char *in; /* input buffer */
+ unsigned char *out; /* output buffer (double-sized when reading) */
+ unsigned char *next; /* next output data to deliver or write */
+ /* just for reading */
+ unsigned have; /* amount of output data unused at next */
+ int eof; /* true if end of input file reached */
+ z_off64_t start; /* where the gzip data started, for rewinding */
+ z_off64_t raw; /* where the raw data started, for seeking */
+ int how; /* 0: get header, 1: copy, 2: decompress */
+ int direct; /* true if last read direct, false if gzip */
+ /* just for writing */
+ int level; /* compression level */
+ int strategy; /* compression strategy */
+ /* seek request */
+ z_off64_t skip; /* amount to skip (already rewound if backwards) */
+ int seek; /* true if seek request pending */
+ /* error information */
+ int err; /* error code */
+ char *msg; /* error message */
+ /* zlib inflate or deflate stream */
+ z_stream strm; /* stream structure in-place (not a pointer) */
+} gz_state;
+typedef gz_state FAR *gz_statep;
+
+/* shared functions */
+void ZLIB_INTERNAL gz_error OF((gz_statep, int, const char *));
+#if defined UNDER_CE
+char ZLIB_INTERNAL *gz_strwinerror OF((DWORD error));
+#endif
+
+/* GT_OFF(x), where x is an unsigned value, is true if x > maximum z_off64_t
+ value -- needed when comparing unsigned to z_off64_t, which is signed
+ (possible z_off64_t types off_t, off64_t, and long are all signed) */
+#ifdef INT_MAX
+# define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > INT_MAX)
+#else
+unsigned ZLIB_INTERNAL gz_intmax OF((void));
+# define GT_OFF(x) (sizeof(int) == sizeof(z_off64_t) && (x) > gz_intmax())
+#endif
diff --git a/security/nss/lib/zlib/gzlib.c b/security/nss/lib/zlib/gzlib.c
new file mode 100644
index 000000000..603e60ed5
--- /dev/null
+++ b/security/nss/lib/zlib/gzlib.c
@@ -0,0 +1,537 @@
+/* gzlib.c -- zlib functions common to reading and writing gzip files
+ * Copyright (C) 2004, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+# define LSEEK lseek64
+#else
+# define LSEEK lseek
+#endif
+
+/* Local functions */
+local void gz_reset OF((gz_statep));
+local gzFile gz_open OF((const char *, int, const char *));
+
+#if defined UNDER_CE
+
+/* Map the Windows error number in ERROR to a locale-dependent error message
+ string and return a pointer to it. Typically, the values for ERROR come
+ from GetLastError.
+
+ The string pointed to shall not be modified by the application, but may be
+ overwritten by a subsequent call to gz_strwinerror
+
+ The gz_strwinerror function does not change the current setting of
+ GetLastError. */
+char ZLIB_INTERNAL *gz_strwinerror (error)
+ DWORD error;
+{
+ static char buf[1024];
+
+ wchar_t *msgbuf;
+ DWORD lasterr = GetLastError();
+ DWORD chars = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM
+ | FORMAT_MESSAGE_ALLOCATE_BUFFER,
+ NULL,
+ error,
+ 0, /* Default language */
+ (LPVOID)&msgbuf,
+ 0,
+ NULL);
+ if (chars != 0) {
+ /* If there is an \r\n appended, zap it. */
+ if (chars >= 2
+ && msgbuf[chars - 2] == '\r' && msgbuf[chars - 1] == '\n') {
+ chars -= 2;
+ msgbuf[chars] = 0;
+ }
+
+ if (chars > sizeof (buf) - 1) {
+ chars = sizeof (buf) - 1;
+ msgbuf[chars] = 0;
+ }
+
+ wcstombs(buf, msgbuf, chars + 1);
+ LocalFree(msgbuf);
+ }
+ else {
+ sprintf(buf, "unknown win32 error (%ld)", error);
+ }
+
+ SetLastError(lasterr);
+ return buf;
+}
+
+#endif /* UNDER_CE */
+
+/* Reset gzip file state */
+local void gz_reset(state)
+ gz_statep state;
+{
+ if (state->mode == GZ_READ) { /* for reading ... */
+ state->have = 0; /* no output data available */
+ state->eof = 0; /* not at end of file */
+ state->how = LOOK; /* look for gzip header */
+ state->direct = 1; /* default for empty file */
+ }
+ state->seek = 0; /* no seek request pending */
+ gz_error(state, Z_OK, NULL); /* clear error */
+ state->pos = 0; /* no uncompressed data yet */
+ state->strm.avail_in = 0; /* no input data yet */
+}
+
+/* Open a gzip file either by name or file descriptor. */
+local gzFile gz_open(path, fd, mode)
+ const char *path;
+ int fd;
+ const char *mode;
+{
+ gz_statep state;
+
+ /* allocate gzFile structure to return */
+ state = malloc(sizeof(gz_state));
+ if (state == NULL)
+ return NULL;
+ state->size = 0; /* no buffers allocated yet */
+ state->want = GZBUFSIZE; /* requested buffer size */
+ state->msg = NULL; /* no error message yet */
+
+ /* interpret mode */
+ state->mode = GZ_NONE;
+ state->level = Z_DEFAULT_COMPRESSION;
+ state->strategy = Z_DEFAULT_STRATEGY;
+ while (*mode) {
+ if (*mode >= '0' && *mode <= '9')
+ state->level = *mode - '0';
+ else
+ switch (*mode) {
+ case 'r':
+ state->mode = GZ_READ;
+ break;
+#ifndef NO_GZCOMPRESS
+ case 'w':
+ state->mode = GZ_WRITE;
+ break;
+ case 'a':
+ state->mode = GZ_APPEND;
+ break;
+#endif
+ case '+': /* can't read and write at the same time */
+ free(state);
+ return NULL;
+ case 'b': /* ignore -- will request binary anyway */
+ break;
+ case 'f':
+ state->strategy = Z_FILTERED;
+ break;
+ case 'h':
+ state->strategy = Z_HUFFMAN_ONLY;
+ break;
+ case 'R':
+ state->strategy = Z_RLE;
+ break;
+ case 'F':
+ state->strategy = Z_FIXED;
+ default: /* could consider as an error, but just ignore */
+ ;
+ }
+ mode++;
+ }
+
+ /* must provide an "r", "w", or "a" */
+ if (state->mode == GZ_NONE) {
+ free(state);
+ return NULL;
+ }
+
+ /* save the path name for error messages */
+ state->path = malloc(strlen(path) + 1);
+ if (state->path == NULL) {
+ free(state);
+ return NULL;
+ }
+ strcpy(state->path, path);
+
+ /* open the file with the appropriate mode (or just use fd) */
+ state->fd = fd != -1 ? fd :
+ open(path,
+#ifdef O_LARGEFILE
+ O_LARGEFILE |
+#endif
+#ifdef O_BINARY
+ O_BINARY |
+#endif
+ (state->mode == GZ_READ ?
+ O_RDONLY :
+ (O_WRONLY | O_CREAT | (
+ state->mode == GZ_WRITE ?
+ O_TRUNC :
+ O_APPEND))),
+ 0666);
+ if (state->fd == -1) {
+ free(state->path);
+ free(state);
+ return NULL;
+ }
+ if (state->mode == GZ_APPEND)
+ state->mode = GZ_WRITE; /* simplify later checks */
+
+ /* save the current position for rewinding (only if reading) */
+ if (state->mode == GZ_READ) {
+ state->start = LSEEK(state->fd, 0, SEEK_CUR);
+ if (state->start == -1) state->start = 0;
+ }
+
+ /* initialize stream */
+ gz_reset(state);
+
+ /* return stream */
+ return (gzFile)state;
+}
+
+/* -- see zlib.h -- */
+gzFile ZEXPORT gzopen(path, mode)
+ const char *path;
+ const char *mode;
+{
+ return gz_open(path, -1, mode);
+}
+
+/* -- see zlib.h -- */
+gzFile ZEXPORT gzopen64(path, mode)
+ const char *path;
+ const char *mode;
+{
+ return gz_open(path, -1, mode);
+}
+
+/* -- see zlib.h -- */
+gzFile ZEXPORT gzdopen(fd, mode)
+ int fd;
+ const char *mode;
+{
+ char *path; /* identifier for error messages */
+ gzFile gz;
+
+ if (fd == -1 || (path = malloc(7 + 3 * sizeof(int))) == NULL)
+ return NULL;
+ sprintf(path, "<fd:%d>", fd); /* for debugging */
+ gz = gz_open(path, fd, mode);
+ free(path);
+ return gz;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzbuffer(file, size)
+ gzFile file;
+ unsigned size;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* make sure we haven't already allocated memory */
+ if (state->size != 0)
+ return -1;
+
+ /* check and set requested size */
+ if (size == 0)
+ return -1;
+ state->want = size;
+ return 0;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzrewind(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* back up and start over */
+ if (LSEEK(state->fd, state->start, SEEK_SET) == -1)
+ return -1;
+ gz_reset(state);
+ return 0;
+}
+
+/* -- see zlib.h -- */
+z_off64_t ZEXPORT gzseek64(file, offset, whence)
+ gzFile file;
+ z_off64_t offset;
+ int whence;
+{
+ unsigned n;
+ z_off64_t ret;
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* check that there's no error */
+ if (state->err != Z_OK)
+ return -1;
+
+ /* can only seek from start or relative to current position */
+ if (whence != SEEK_SET && whence != SEEK_CUR)
+ return -1;
+
+ /* normalize offset to a SEEK_CUR specification */
+ if (whence == SEEK_SET)
+ offset -= state->pos;
+ else if (state->seek)
+ offset += state->skip;
+ state->seek = 0;
+
+ /* if within raw area while reading, just go there */
+ if (state->mode == GZ_READ && state->how == COPY &&
+ state->pos + offset >= state->raw) {
+ ret = LSEEK(state->fd, offset - state->have, SEEK_CUR);
+ if (ret == -1)
+ return -1;
+ state->have = 0;
+ state->eof = 0;
+ state->seek = 0;
+ gz_error(state, Z_OK, NULL);
+ state->strm.avail_in = 0;
+ state->pos += offset;
+ return state->pos;
+ }
+
+ /* calculate skip amount, rewinding if needed for back seek when reading */
+ if (offset < 0) {
+ if (state->mode != GZ_READ) /* writing -- can't go backwards */
+ return -1;
+ offset += state->pos;
+ if (offset < 0) /* before start of file! */
+ return -1;
+ if (gzrewind(file) == -1) /* rewind, then skip to offset */
+ return -1;
+ }
+
+ /* if reading, skip what's in output buffer (one less gzgetc() check) */
+ if (state->mode == GZ_READ) {
+ n = GT_OFF(state->have) || (z_off64_t)state->have > offset ?
+ (unsigned)offset : state->have;
+ state->have -= n;
+ state->next += n;
+ state->pos += n;
+ offset -= n;
+ }
+
+ /* request skip (if not zero) */
+ if (offset) {
+ state->seek = 1;
+ state->skip = offset;
+ }
+ return state->pos + offset;
+}
+
+/* -- see zlib.h -- */
+z_off_t ZEXPORT gzseek(file, offset, whence)
+ gzFile file;
+ z_off_t offset;
+ int whence;
+{
+ z_off64_t ret;
+
+ ret = gzseek64(file, (z_off64_t)offset, whence);
+ return ret == (z_off_t)ret ? (z_off_t)ret : -1;
+}
+
+/* -- see zlib.h -- */
+z_off64_t ZEXPORT gztell64(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* return position */
+ return state->pos + (state->seek ? state->skip : 0);
+}
+
+/* -- see zlib.h -- */
+z_off_t ZEXPORT gztell(file)
+ gzFile file;
+{
+ z_off64_t ret;
+
+ ret = gztell64(file);
+ return ret == (z_off_t)ret ? (z_off_t)ret : -1;
+}
+
+/* -- see zlib.h -- */
+z_off64_t ZEXPORT gzoffset64(file)
+ gzFile file;
+{
+ z_off64_t offset;
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return -1;
+
+ /* compute and return effective offset in file */
+ offset = LSEEK(state->fd, 0, SEEK_CUR);
+ if (offset == -1)
+ return -1;
+ if (state->mode == GZ_READ) /* reading */
+ offset -= state->strm.avail_in; /* don't count buffered input */
+ return offset;
+}
+
+/* -- see zlib.h -- */
+z_off_t ZEXPORT gzoffset(file)
+ gzFile file;
+{
+ z_off64_t ret;
+
+ ret = gzoffset64(file);
+ return ret == (z_off_t)ret ? (z_off_t)ret : -1;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzeof(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return 0;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return 0;
+
+ /* return end-of-file state */
+ return state->mode == GZ_READ ?
+ (state->eof && state->strm.avail_in == 0 && state->have == 0) : 0;
+}
+
+/* -- see zlib.h -- */
+const char * ZEXPORT gzerror(file, errnum)
+ gzFile file;
+ int *errnum;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return NULL;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return NULL;
+
+ /* return error information */
+ if (errnum != NULL)
+ *errnum = state->err;
+ return state->msg == NULL ? "" : state->msg;
+}
+
+/* -- see zlib.h -- */
+void ZEXPORT gzclearerr(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure and check integrity */
+ if (file == NULL)
+ return;
+ state = (gz_statep)file;
+ if (state->mode != GZ_READ && state->mode != GZ_WRITE)
+ return;
+
+ /* clear error and end-of-file */
+ if (state->mode == GZ_READ)
+ state->eof = 0;
+ gz_error(state, Z_OK, NULL);
+}
+
+/* Create an error message in allocated memory and set state->err and
+ state->msg accordingly. Free any previous error message already there. Do
+ not try to free or allocate space if the error is Z_MEM_ERROR (out of
+ memory). Simply save the error message as a static string. If there is an
+ allocation failure constructing the error message, then convert the error to
+ out of memory. */
+void ZLIB_INTERNAL gz_error(state, err, msg)
+ gz_statep state;
+ int err;
+ const char *msg;
+{
+ /* free previously allocated message and clear */
+ if (state->msg != NULL) {
+ if (state->err != Z_MEM_ERROR)
+ free(state->msg);
+ state->msg = NULL;
+ }
+
+ /* set error code, and if no message, then done */
+ state->err = err;
+ if (msg == NULL)
+ return;
+
+ /* for an out of memory error, save as static string */
+ if (err == Z_MEM_ERROR) {
+ state->msg = (char *)msg;
+ return;
+ }
+
+ /* construct error message with path */
+ if ((state->msg = malloc(strlen(state->path) + strlen(msg) + 3)) == NULL) {
+ state->err = Z_MEM_ERROR;
+ state->msg = (char *)"out of memory";
+ return;
+ }
+ strcpy(state->msg, state->path);
+ strcat(state->msg, ": ");
+ strcat(state->msg, msg);
+ return;
+}
+
+#ifndef INT_MAX
+/* portably return maximum value for an int (when limits.h presumed not
+ available) -- we need to do this to cover cases where 2's complement not
+ used, since C standard permits 1's complement and sign-bit representations,
+ otherwise we could just use ((unsigned)-1) >> 1 */
+unsigned ZLIB_INTERNAL gz_intmax()
+{
+ unsigned p, q;
+
+ p = 1;
+ do {
+ q = p;
+ p <<= 1;
+ p++;
+ } while (p > q);
+ return q >> 1;
+}
+#endif
diff --git a/security/nss/lib/zlib/gzread.c b/security/nss/lib/zlib/gzread.c
new file mode 100644
index 000000000..548201ab0
--- /dev/null
+++ b/security/nss/lib/zlib/gzread.c
@@ -0,0 +1,653 @@
+/* gzread.c -- zlib functions for reading gzip files
+ * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+/* Local functions */
+local int gz_load OF((gz_statep, unsigned char *, unsigned, unsigned *));
+local int gz_avail OF((gz_statep));
+local int gz_next4 OF((gz_statep, unsigned long *));
+local int gz_head OF((gz_statep));
+local int gz_decomp OF((gz_statep));
+local int gz_make OF((gz_statep));
+local int gz_skip OF((gz_statep, z_off64_t));
+
+/* Use read() to load a buffer -- return -1 on error, otherwise 0. Read from
+ state->fd, and update state->eof, state->err, and state->msg as appropriate.
+ This function needs to loop on read(), since read() is not guaranteed to
+ read the number of bytes requested, depending on the type of descriptor. */
+local int gz_load(state, buf, len, have)
+ gz_statep state;
+ unsigned char *buf;
+ unsigned len;
+ unsigned *have;
+{
+ int ret;
+
+ *have = 0;
+ do {
+ ret = read(state->fd, buf + *have, len - *have);
+ if (ret <= 0)
+ break;
+ *have += ret;
+ } while (*have < len);
+ if (ret < 0) {
+ gz_error(state, Z_ERRNO, zstrerror());
+ return -1;
+ }
+ if (ret == 0)
+ state->eof = 1;
+ return 0;
+}
+
+/* Load up input buffer and set eof flag if last data loaded -- return -1 on
+ error, 0 otherwise. Note that the eof flag is set when the end of the input
+ file is reached, even though there may be unused data in the buffer. Once
+ that data has been used, no more attempts will be made to read the file.
+ gz_avail() assumes that strm->avail_in == 0. */
+local int gz_avail(state)
+ gz_statep state;
+{
+ z_streamp strm = &(state->strm);
+
+ if (state->err != Z_OK)
+ return -1;
+ if (state->eof == 0) {
+ if (gz_load(state, state->in, state->size,
+ (unsigned *)&(strm->avail_in)) == -1)
+ return -1;
+ strm->next_in = state->in;
+ }
+ return 0;
+}
+
+/* Get next byte from input, or -1 if end or error. */
+#define NEXT() ((strm->avail_in == 0 && gz_avail(state) == -1) ? -1 : \
+ (strm->avail_in == 0 ? -1 : \
+ (strm->avail_in--, *(strm->next_in)++)))
+
+/* Get a four-byte little-endian integer and return 0 on success and the value
+ in *ret. Otherwise -1 is returned and *ret is not modified. */
+local int gz_next4(state, ret)
+ gz_statep state;
+ unsigned long *ret;
+{
+ int ch;
+ unsigned long val;
+ z_streamp strm = &(state->strm);
+
+ val = NEXT();
+ val += (unsigned)NEXT() << 8;
+ val += (unsigned long)NEXT() << 16;
+ ch = NEXT();
+ if (ch == -1)
+ return -1;
+ val += (unsigned long)ch << 24;
+ *ret = val;
+ return 0;
+}
+
+/* Look for gzip header, set up for inflate or copy. state->have must be zero.
+ If this is the first time in, allocate required memory. state->how will be
+ left unchanged if there is no more input data available, will be set to COPY
+ if there is no gzip header and direct copying will be performed, or it will
+ be set to GZIP for decompression, and the gzip header will be skipped so
+ that the next available input data is the raw deflate stream. If direct
+ copying, then leftover input data from the input buffer will be copied to
+ the output buffer. In that case, all further file reads will be directly to
+ either the output buffer or a user buffer. If decompressing, the inflate
+ state and the check value will be initialized. gz_head() will return 0 on
+ success or -1 on failure. Failures may include read errors or gzip header
+ errors. */
+local int gz_head(state)
+ gz_statep state;
+{
+ z_streamp strm = &(state->strm);
+ int flags;
+ unsigned len;
+
+ /* allocate read buffers and inflate memory */
+ if (state->size == 0) {
+ /* allocate buffers */
+ state->in = malloc(state->want);
+ state->out = malloc(state->want << 1);
+ if (state->in == NULL || state->out == NULL) {
+ if (state->out != NULL)
+ free(state->out);
+ if (state->in != NULL)
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+ state->size = state->want;
+
+ /* allocate inflate memory */
+ state->strm.zalloc = Z_NULL;
+ state->strm.zfree = Z_NULL;
+ state->strm.opaque = Z_NULL;
+ state->strm.avail_in = 0;
+ state->strm.next_in = Z_NULL;
+ if (inflateInit2(&(state->strm), -15) != Z_OK) { /* raw inflate */
+ free(state->out);
+ free(state->in);
+ state->size = 0;
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+ }
+
+ /* get some data in the input buffer */
+ if (strm->avail_in == 0) {
+ if (gz_avail(state) == -1)
+ return -1;
+ if (strm->avail_in == 0)
+ return 0;
+ }
+
+ /* look for the gzip magic header bytes 31 and 139 */
+ if (strm->next_in[0] == 31) {
+ strm->avail_in--;
+ strm->next_in++;
+ if (strm->avail_in == 0 && gz_avail(state) == -1)
+ return -1;
+ if (strm->avail_in && strm->next_in[0] == 139) {
+ /* we have a gzip header, woo hoo! */
+ strm->avail_in--;
+ strm->next_in++;
+
+ /* skip rest of header */
+ if (NEXT() != 8) { /* compression method */
+ gz_error(state, Z_DATA_ERROR, "unknown compression method");
+ return -1;
+ }
+ flags = NEXT();
+ if (flags & 0xe0) { /* reserved flag bits */
+ gz_error(state, Z_DATA_ERROR, "unknown header flags set");
+ return -1;
+ }
+ NEXT(); /* modification time */
+ NEXT();
+ NEXT();
+ NEXT();
+ NEXT(); /* extra flags */
+ NEXT(); /* operating system */
+ if (flags & 4) { /* extra field */
+ len = (unsigned)NEXT();
+ len += (unsigned)NEXT() << 8;
+ while (len--)
+ if (NEXT() < 0)
+ break;
+ }
+ if (flags & 8) /* file name */
+ while (NEXT() > 0)
+ ;
+ if (flags & 16) /* comment */
+ while (NEXT() > 0)
+ ;
+ if (flags & 2) { /* header crc */
+ NEXT();
+ NEXT();
+ }
+ /* an unexpected end of file is not checked for here -- it will be
+ noticed on the first request for uncompressed data */
+
+ /* set up for decompression */
+ inflateReset(strm);
+ strm->adler = crc32(0L, Z_NULL, 0);
+ state->how = GZIP;
+ state->direct = 0;
+ return 0;
+ }
+ else {
+ /* not a gzip file -- save first byte (31) and fall to raw i/o */
+ state->out[0] = 31;
+ state->have = 1;
+ }
+ }
+
+ /* doing raw i/o, save start of raw data for seeking, copy any leftover
+ input to output -- this assumes that the output buffer is larger than
+ the input buffer, which also assures space for gzungetc() */
+ state->raw = state->pos;
+ state->next = state->out;
+ if (strm->avail_in) {
+ memcpy(state->next + state->have, strm->next_in, strm->avail_in);
+ state->have += strm->avail_in;
+ strm->avail_in = 0;
+ }
+ state->how = COPY;
+ state->direct = 1;
+ return 0;
+}
+
+/* Decompress from input to the provided next_out and avail_out in the state.
+ If the end of the compressed data is reached, then verify the gzip trailer
+ check value and length (modulo 2^32). state->have and state->next are set
+ to point to the just decompressed data, and the crc is updated. If the
+ trailer is verified, state->how is reset to LOOK to look for the next gzip
+ stream or raw data, once state->have is depleted. Returns 0 on success, -1
+ on failure. Failures may include invalid compressed data or a failed gzip
+ trailer verification. */
+local int gz_decomp(state)
+ gz_statep state;
+{
+ int ret;
+ unsigned had;
+ unsigned long crc, len;
+ z_streamp strm = &(state->strm);
+
+ /* fill output buffer up to end of deflate stream */
+ had = strm->avail_out;
+ do {
+ /* get more input for inflate() */
+ if (strm->avail_in == 0 && gz_avail(state) == -1)
+ return -1;
+ if (strm->avail_in == 0) {
+ gz_error(state, Z_DATA_ERROR, "unexpected end of file");
+ return -1;
+ }
+
+ /* decompress and handle errors */
+ ret = inflate(strm, Z_NO_FLUSH);
+ if (ret == Z_STREAM_ERROR || ret == Z_NEED_DICT) {
+ gz_error(state, Z_STREAM_ERROR,
+ "internal error: inflate stream corrupt");
+ return -1;
+ }
+ if (ret == Z_MEM_ERROR) {
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+ if (ret == Z_DATA_ERROR) { /* deflate stream invalid */
+ gz_error(state, Z_DATA_ERROR,
+ strm->msg == NULL ? "compressed data error" : strm->msg);
+ return -1;
+ }
+ } while (strm->avail_out && ret != Z_STREAM_END);
+
+ /* update available output and crc check value */
+ state->have = had - strm->avail_out;
+ state->next = strm->next_out - state->have;
+ strm->adler = crc32(strm->adler, state->next, state->have);
+
+ /* check gzip trailer if at end of deflate stream */
+ if (ret == Z_STREAM_END) {
+ if (gz_next4(state, &crc) == -1 || gz_next4(state, &len) == -1) {
+ gz_error(state, Z_DATA_ERROR, "unexpected end of file");
+ return -1;
+ }
+ if (crc != strm->adler) {
+ gz_error(state, Z_DATA_ERROR, "incorrect data check");
+ return -1;
+ }
+ if (len != (strm->total_out & 0xffffffffL)) {
+ gz_error(state, Z_DATA_ERROR, "incorrect length check");
+ return -1;
+ }
+ state->how = LOOK; /* ready for next stream, once have is 0 (leave
+ state->direct unchanged to remember how) */
+ }
+
+ /* good decompression */
+ return 0;
+}
+
+/* Make data and put in the output buffer. Assumes that state->have == 0.
+ Data is either copied from the input file or decompressed from the input
+ file depending on state->how. If state->how is LOOK, then a gzip header is
+ looked for (and skipped if found) to determine wither to copy or decompress.
+ Returns -1 on error, otherwise 0. gz_make() will leave state->have as COPY
+ or GZIP unless the end of the input file has been reached and all data has
+ been processed. */
+local int gz_make(state)
+ gz_statep state;
+{
+ z_streamp strm = &(state->strm);
+
+ if (state->how == LOOK) { /* look for gzip header */
+ if (gz_head(state) == -1)
+ return -1;
+ if (state->have) /* got some data from gz_head() */
+ return 0;
+ }
+ if (state->how == COPY) { /* straight copy */
+ if (gz_load(state, state->out, state->size << 1, &(state->have)) == -1)
+ return -1;
+ state->next = state->out;
+ }
+ else if (state->how == GZIP) { /* decompress */
+ strm->avail_out = state->size << 1;
+ strm->next_out = state->out;
+ if (gz_decomp(state) == -1)
+ return -1;
+ }
+ return 0;
+}
+
+/* Skip len uncompressed bytes of output. Return -1 on error, 0 on success. */
+local int gz_skip(state, len)
+ gz_statep state;
+ z_off64_t len;
+{
+ unsigned n;
+
+ /* skip over len bytes or reach end-of-file, whichever comes first */
+ while (len)
+ /* skip over whatever is in output buffer */
+ if (state->have) {
+ n = GT_OFF(state->have) || (z_off64_t)state->have > len ?
+ (unsigned)len : state->have;
+ state->have -= n;
+ state->next += n;
+ state->pos += n;
+ len -= n;
+ }
+
+ /* output buffer empty -- return if we're at the end of the input */
+ else if (state->eof && state->strm.avail_in == 0)
+ break;
+
+ /* need more data to skip -- load up output buffer */
+ else {
+ /* get more output, looking for header if required */
+ if (gz_make(state) == -1)
+ return -1;
+ }
+ return 0;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzread(file, buf, len)
+ gzFile file;
+ voidp buf;
+ unsigned len;
+{
+ unsigned got, n;
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* since an int is returned, make sure len fits in one, otherwise return
+ with an error (this avoids the flaw in the interface) */
+ if ((int)len < 0) {
+ gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
+ return -1;
+ }
+
+ /* if len is zero, avoid unnecessary operations */
+ if (len == 0)
+ return 0;
+
+ /* process a skip request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_skip(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* get len bytes to buf, or less than len if at the end */
+ got = 0;
+ do {
+ /* first just try copying data from the output buffer */
+ if (state->have) {
+ n = state->have > len ? len : state->have;
+ memcpy(buf, state->next, n);
+ state->next += n;
+ state->have -= n;
+ }
+
+ /* output buffer empty -- return if we're at the end of the input */
+ else if (state->eof && strm->avail_in == 0)
+ break;
+
+ /* need output data -- for small len or new stream load up our output
+ buffer */
+ else if (state->how == LOOK || len < (state->size << 1)) {
+ /* get more output, looking for header if required */
+ if (gz_make(state) == -1)
+ return -1;
+ continue; /* no progress yet -- go back to memcpy() above */
+ /* the copy above assures that we will leave with space in the
+ output buffer, allowing at least one gzungetc() to succeed */
+ }
+
+ /* large len -- read directly into user buffer */
+ else if (state->how == COPY) { /* read directly */
+ if (gz_load(state, buf, len, &n) == -1)
+ return -1;
+ }
+
+ /* large len -- decompress directly into user buffer */
+ else { /* state->how == GZIP */
+ strm->avail_out = len;
+ strm->next_out = buf;
+ if (gz_decomp(state) == -1)
+ return -1;
+ n = state->have;
+ state->have = 0;
+ }
+
+ /* update progress */
+ len -= n;
+ buf = (char *)buf + n;
+ got += n;
+ state->pos += n;
+ } while (len);
+
+ /* return number of bytes read into user buffer (will fit in int) */
+ return (int)got;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzgetc(file)
+ gzFile file;
+{
+ int ret;
+ unsigned char buf[1];
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* try output buffer (no need to check for skip request) */
+ if (state->have) {
+ state->have--;
+ state->pos++;
+ return *(state->next)++;
+ }
+
+ /* nothing there -- try gzread() */
+ ret = gzread(file, buf, 1);
+ return ret < 1 ? -1 : buf[0];
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzungetc(c, file)
+ int c;
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return -1;
+
+ /* process a skip request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_skip(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* can't push EOF */
+ if (c < 0)
+ return -1;
+
+ /* if output buffer empty, put byte at end (allows more pushing) */
+ if (state->have == 0) {
+ state->have = 1;
+ state->next = state->out + (state->size << 1) - 1;
+ state->next[0] = c;
+ state->pos--;
+ return c;
+ }
+
+ /* if no room, give up (must have already done a gzungetc()) */
+ if (state->have == (state->size << 1)) {
+ gz_error(state, Z_BUF_ERROR, "out of room to push characters");
+ return -1;
+ }
+
+ /* slide output data if needed and insert byte before existing data */
+ if (state->next == state->out) {
+ unsigned char *src = state->out + state->have;
+ unsigned char *dest = state->out + (state->size << 1);
+ while (src > state->out)
+ *--dest = *--src;
+ state->next = dest;
+ }
+ state->have++;
+ state->next--;
+ state->next[0] = c;
+ state->pos--;
+ return c;
+}
+
+/* -- see zlib.h -- */
+char * ZEXPORT gzgets(file, buf, len)
+ gzFile file;
+ char *buf;
+ int len;
+{
+ unsigned left, n;
+ char *str;
+ unsigned char *eol;
+ gz_statep state;
+
+ /* check parameters and get internal structure */
+ if (file == NULL || buf == NULL || len < 1)
+ return NULL;
+ state = (gz_statep)file;
+
+ /* check that we're reading and that there's no error */
+ if (state->mode != GZ_READ || state->err != Z_OK)
+ return NULL;
+
+ /* process a skip request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_skip(state, state->skip) == -1)
+ return NULL;
+ }
+
+ /* copy output bytes up to new line or len - 1, whichever comes first --
+ append a terminating zero to the string (we don't check for a zero in
+ the contents, let the user worry about that) */
+ str = buf;
+ left = (unsigned)len - 1;
+ if (left) do {
+ /* assure that something is in the output buffer */
+ if (state->have == 0) {
+ if (gz_make(state) == -1)
+ return NULL; /* error */
+ if (state->have == 0) { /* end of file */
+ if (buf == str) /* got bupkus */
+ return NULL;
+ break; /* got something -- return it */
+ }
+ }
+
+ /* look for end-of-line in current output buffer */
+ n = state->have > left ? left : state->have;
+ eol = memchr(state->next, '\n', n);
+ if (eol != NULL)
+ n = (unsigned)(eol - state->next) + 1;
+
+ /* copy through end-of-line, or remainder if not found */
+ memcpy(buf, state->next, n);
+ state->have -= n;
+ state->next += n;
+ state->pos += n;
+ left -= n;
+ buf += n;
+ } while (left && eol == NULL);
+
+ /* found end-of-line or out of space -- terminate string and return it */
+ buf[0] = 0;
+ return str;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzdirect(file)
+ gzFile file;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return 0;
+ state = (gz_statep)file;
+
+ /* check that we're reading */
+ if (state->mode != GZ_READ)
+ return 0;
+
+ /* if the state is not known, but we can find out, then do so (this is
+ mainly for right after a gzopen() or gzdopen()) */
+ if (state->how == LOOK && state->have == 0)
+ (void)gz_head(state);
+
+ /* return 1 if reading direct, 0 if decompressing a gzip stream */
+ return state->direct;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzclose_r(file)
+ gzFile file;
+{
+ int ret;
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+
+ /* check that we're reading */
+ if (state->mode != GZ_READ)
+ return Z_STREAM_ERROR;
+
+ /* free memory and close file */
+ if (state->size) {
+ inflateEnd(&(state->strm));
+ free(state->out);
+ free(state->in);
+ }
+ gz_error(state, Z_OK, NULL);
+ free(state->path);
+ ret = close(state->fd);
+ free(state);
+ return ret ? Z_ERRNO : Z_OK;
+}
diff --git a/security/nss/lib/zlib/gzwrite.c b/security/nss/lib/zlib/gzwrite.c
new file mode 100644
index 000000000..e8defc688
--- /dev/null
+++ b/security/nss/lib/zlib/gzwrite.c
@@ -0,0 +1,531 @@
+/* gzwrite.c -- zlib functions for writing gzip files
+ * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "gzguts.h"
+
+/* Local functions */
+local int gz_init OF((gz_statep));
+local int gz_comp OF((gz_statep, int));
+local int gz_zero OF((gz_statep, z_off64_t));
+
+/* Initialize state for writing a gzip file. Mark initialization by setting
+ state->size to non-zero. Return -1 on failure or 0 on success. */
+local int gz_init(state)
+ gz_statep state;
+{
+ int ret;
+ z_streamp strm = &(state->strm);
+
+ /* allocate input and output buffers */
+ state->in = malloc(state->want);
+ state->out = malloc(state->want);
+ if (state->in == NULL || state->out == NULL) {
+ if (state->out != NULL)
+ free(state->out);
+ if (state->in != NULL)
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+
+ /* allocate deflate memory, set up for gzip compression */
+ strm->zalloc = Z_NULL;
+ strm->zfree = Z_NULL;
+ strm->opaque = Z_NULL;
+ ret = deflateInit2(strm, state->level, Z_DEFLATED,
+ 15 + 16, 8, state->strategy);
+ if (ret != Z_OK) {
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+
+ /* mark state as initialized */
+ state->size = state->want;
+
+ /* initialize write buffer */
+ strm->avail_out = state->size;
+ strm->next_out = state->out;
+ state->next = strm->next_out;
+ return 0;
+}
+
+/* Compress whatever is at avail_in and next_in and write to the output file.
+ Return -1 if there is an error writing to the output file, otherwise 0.
+ flush is assumed to be a valid deflate() flush value. If flush is Z_FINISH,
+ then the deflate() state is reset to start a new gzip stream. */
+local int gz_comp(state, flush)
+ gz_statep state;
+ int flush;
+{
+ int ret, got;
+ unsigned have;
+ z_streamp strm = &(state->strm);
+
+ /* allocate memory if this is the first time through */
+ if (state->size == 0 && gz_init(state) == -1)
+ return -1;
+
+ /* run deflate() on provided input until it produces no more output */
+ ret = Z_OK;
+ do {
+ /* write out current buffer contents if full, or if flushing, but if
+ doing Z_FINISH then don't write until we get to Z_STREAM_END */
+ if (strm->avail_out == 0 || (flush != Z_NO_FLUSH &&
+ (flush != Z_FINISH || ret == Z_STREAM_END))) {
+ have = (unsigned)(strm->next_out - state->next);
+ if (have && ((got = write(state->fd, state->next, have)) < 0 ||
+ (unsigned)got != have)) {
+ gz_error(state, Z_ERRNO, zstrerror());
+ return -1;
+ }
+ if (strm->avail_out == 0) {
+ strm->avail_out = state->size;
+ strm->next_out = state->out;
+ }
+ state->next = strm->next_out;
+ }
+
+ /* compress */
+ have = strm->avail_out;
+ ret = deflate(strm, flush);
+ if (ret == Z_STREAM_ERROR) {
+ gz_error(state, Z_STREAM_ERROR,
+ "internal error: deflate stream corrupt");
+ return -1;
+ }
+ have -= strm->avail_out;
+ } while (have);
+
+ /* if that completed a deflate stream, allow another to start */
+ if (flush == Z_FINISH)
+ deflateReset(strm);
+
+ /* all done, no errors */
+ return 0;
+}
+
+/* Compress len zeros to output. Return -1 on error, 0 on success. */
+local int gz_zero(state, len)
+ gz_statep state;
+ z_off64_t len;
+{
+ int first;
+ unsigned n;
+ z_streamp strm = &(state->strm);
+
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return -1;
+
+ /* compress len zeros (len guaranteed > 0) */
+ first = 1;
+ while (len) {
+ n = GT_OFF(state->size) || (z_off64_t)state->size > len ?
+ (unsigned)len : state->size;
+ if (first) {
+ memset(state->in, 0, n);
+ first = 0;
+ }
+ strm->avail_in = n;
+ strm->next_in = state->in;
+ state->pos += n;
+ if (gz_comp(state, Z_NO_FLUSH) == -1)
+ return -1;
+ len -= n;
+ }
+ return 0;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzwrite(file, buf, len)
+ gzFile file;
+ voidpc buf;
+ unsigned len;
+{
+ unsigned put = len;
+ unsigned n;
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return 0;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return 0;
+
+ /* since an int is returned, make sure len fits in one, otherwise return
+ with an error (this avoids the flaw in the interface) */
+ if ((int)len < 0) {
+ gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
+ return 0;
+ }
+
+ /* if len is zero, avoid unnecessary operations */
+ if (len == 0)
+ return 0;
+
+ /* allocate memory if this is the first time through */
+ if (state->size == 0 && gz_init(state) == -1)
+ return 0;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return 0;
+ }
+
+ /* for small len, copy to input buffer, otherwise compress directly */
+ if (len < state->size) {
+ /* copy to input buffer, compress when full */
+ do {
+ if (strm->avail_in == 0)
+ strm->next_in = state->in;
+ n = state->size - strm->avail_in;
+ if (n > len)
+ n = len;
+ memcpy(strm->next_in + strm->avail_in, buf, n);
+ strm->avail_in += n;
+ state->pos += n;
+ buf = (char *)buf + n;
+ len -= n;
+ if (len && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+ } while (len);
+ }
+ else {
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+
+ /* directly compress user buffer to file */
+ strm->avail_in = len;
+ strm->next_in = (voidp)buf;
+ state->pos += len;
+ if (gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+ }
+
+ /* input was all buffered or compressed (put will fit in int) */
+ return (int)put;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzputc(file, c)
+ gzFile file;
+ int c;
+{
+ unsigned char buf[1];
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return -1;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* try writing to input buffer for speed (state->size == 0 if buffer not
+ initialized) */
+ if (strm->avail_in < state->size) {
+ if (strm->avail_in == 0)
+ strm->next_in = state->in;
+ strm->next_in[strm->avail_in++] = c;
+ state->pos++;
+ return c;
+ }
+
+ /* no room in buffer or not initialized, use gz_write() */
+ buf[0] = c;
+ if (gzwrite(file, buf, 1) != 1)
+ return -1;
+ return c;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzputs(file, str)
+ gzFile file;
+ const char *str;
+{
+ int ret;
+ unsigned len;
+
+ /* write string */
+ len = (unsigned)strlen(str);
+ ret = gzwrite(file, str, len);
+ return ret == 0 && len != 0 ? -1 : ret;
+}
+
+#ifdef STDC
+#include <stdarg.h>
+
+/* -- see zlib.h -- */
+int ZEXPORTVA gzprintf (gzFile file, const char *format, ...)
+{
+ int size, len;
+ gz_statep state;
+ z_streamp strm;
+ va_list va;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return 0;
+
+ /* make sure we have some buffer space */
+ if (state->size == 0 && gz_init(state) == -1)
+ return 0;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return 0;
+ }
+
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+
+ /* do the printf() into the input buffer, put length in len */
+ size = (int)(state->size);
+ state->in[size - 1] = 0;
+ va_start(va, format);
+#ifdef NO_vsnprintf
+# ifdef HAS_vsprintf_void
+ (void)vsprintf(state->in, format, va);
+ va_end(va);
+ for (len = 0; len < size; len++)
+ if (state->in[len] == 0) break;
+# else
+ len = vsprintf(state->in, format, va);
+ va_end(va);
+# endif
+#else
+# ifdef HAS_vsnprintf_void
+ (void)vsnprintf(state->in, size, format, va);
+ va_end(va);
+ len = strlen(state->in);
+# else
+ len = vsnprintf((char *)(state->in), size, format, va);
+ va_end(va);
+# endif
+#endif
+
+ /* check that printf() results fit in buffer */
+ if (len <= 0 || len >= (int)size || state->in[size - 1] != 0)
+ return 0;
+
+ /* update buffer and position, defer compression until needed */
+ strm->avail_in = (unsigned)len;
+ strm->next_in = state->in;
+ state->pos += len;
+ return len;
+}
+
+#else /* !STDC */
+
+/* -- see zlib.h -- */
+int ZEXPORTVA gzprintf (file, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10,
+ a11, a12, a13, a14, a15, a16, a17, a18, a19, a20)
+ gzFile file;
+ const char *format;
+ int a1, a2, a3, a4, a5, a6, a7, a8, a9, a10,
+ a11, a12, a13, a14, a15, a16, a17, a18, a19, a20;
+{
+ int size, len;
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return 0;
+
+ /* make sure we have some buffer space */
+ if (state->size == 0 && gz_init(state) == -1)
+ return 0;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return 0;
+ }
+
+ /* consume whatever's left in the input buffer */
+ if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1)
+ return 0;
+
+ /* do the printf() into the input buffer, put length in len */
+ size = (int)(state->size);
+ state->in[size - 1] = 0;
+#ifdef NO_snprintf
+# ifdef HAS_sprintf_void
+ sprintf(state->in, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+ for (len = 0; len < size; len++)
+ if (state->in[len] == 0) break;
+# else
+ len = sprintf(state->in, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+# endif
+#else
+# ifdef HAS_snprintf_void
+ snprintf(state->in, size, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+ len = strlen(state->in);
+# else
+ len = snprintf(state->in, size, format, a1, a2, a3, a4, a5, a6, a7, a8,
+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20);
+# endif
+#endif
+
+ /* check that printf() results fit in buffer */
+ if (len <= 0 || len >= (int)size || state->in[size - 1] != 0)
+ return 0;
+
+ /* update buffer and position, defer compression until needed */
+ strm->avail_in = (unsigned)len;
+ strm->next_in = state->in;
+ state->pos += len;
+ return len;
+}
+
+#endif
+
+/* -- see zlib.h -- */
+int ZEXPORT gzflush(file, flush)
+ gzFile file;
+ int flush;
+{
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return -1;
+ state = (gz_statep)file;
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return Z_STREAM_ERROR;
+
+ /* check flush parameter */
+ if (flush < 0 || flush > Z_FINISH)
+ return Z_STREAM_ERROR;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* compress remaining data with requested flush */
+ gz_comp(state, flush);
+ return state->err;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzsetparams(file, level, strategy)
+ gzFile file;
+ int level;
+ int strategy;
+{
+ gz_statep state;
+ z_streamp strm;
+
+ /* get internal structure */
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+ strm = &(state->strm);
+
+ /* check that we're writing and that there's no error */
+ if (state->mode != GZ_WRITE || state->err != Z_OK)
+ return Z_STREAM_ERROR;
+
+ /* if no change is requested, then do nothing */
+ if (level == state->level && strategy == state->strategy)
+ return Z_OK;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ if (gz_zero(state, state->skip) == -1)
+ return -1;
+ }
+
+ /* change compression parameters for subsequent input */
+ if (state->size) {
+ /* flush previous input with previous parameters before changing */
+ if (strm->avail_in && gz_comp(state, Z_PARTIAL_FLUSH) == -1)
+ return state->err;
+ deflateParams(strm, level, strategy);
+ }
+ state->level = level;
+ state->strategy = strategy;
+ return Z_OK;
+}
+
+/* -- see zlib.h -- */
+int ZEXPORT gzclose_w(file)
+ gzFile file;
+{
+ int ret = 0;
+ gz_statep state;
+
+ /* get internal structure */
+ if (file == NULL)
+ return Z_STREAM_ERROR;
+ state = (gz_statep)file;
+
+ /* check that we're writing */
+ if (state->mode != GZ_WRITE)
+ return Z_STREAM_ERROR;
+
+ /* check for seek request */
+ if (state->seek) {
+ state->seek = 0;
+ ret += gz_zero(state, state->skip);
+ }
+
+ /* flush, free memory, and close file */
+ ret += gz_comp(state, Z_FINISH);
+ (void)deflateEnd(&(state->strm));
+ free(state->out);
+ free(state->in);
+ gz_error(state, Z_OK, NULL);
+ free(state->path);
+ ret += close(state->fd);
+ free(state);
+ return ret ? Z_ERRNO : Z_OK;
+}
diff --git a/security/nss/lib/zlib/infback.c b/security/nss/lib/zlib/infback.c
new file mode 100644
index 000000000..af3a8c965
--- /dev/null
+++ b/security/nss/lib/zlib/infback.c
@@ -0,0 +1,632 @@
+/* infback.c -- inflate using a call-back interface
+ * Copyright (C) 1995-2009 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ This code is largely copied from inflate.c. Normally either infback.o or
+ inflate.o would be linked into an application--not both. The interface
+ with inffast.c is retained so that optimized assembler-coded versions of
+ inflate_fast() can be used with either inflate.c or infback.c.
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+/* function prototypes */
+local void fixedtables OF((struct inflate_state FAR *state));
+
+/*
+ strm provides memory allocation functions in zalloc and zfree, or
+ Z_NULL to use the library memory allocation functions.
+
+ windowBits is in the range 8..15, and window is a user-supplied
+ window and output buffer that is 2**windowBits bytes.
+ */
+int ZEXPORT inflateBackInit_(strm, windowBits, window, version, stream_size)
+z_streamp strm;
+int windowBits;
+unsigned char FAR *window;
+const char *version;
+int stream_size;
+{
+ struct inflate_state FAR *state;
+
+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
+ stream_size != (int)(sizeof(z_stream)))
+ return Z_VERSION_ERROR;
+ if (strm == Z_NULL || window == Z_NULL ||
+ windowBits < 8 || windowBits > 15)
+ return Z_STREAM_ERROR;
+ strm->msg = Z_NULL; /* in case we return an error */
+ if (strm->zalloc == (alloc_func)0) {
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+ }
+ if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ state = (struct inflate_state FAR *)ZALLOC(strm, 1,
+ sizeof(struct inflate_state));
+ if (state == Z_NULL) return Z_MEM_ERROR;
+ Tracev((stderr, "inflate: allocated\n"));
+ strm->state = (struct internal_state FAR *)state;
+ state->dmax = 32768U;
+ state->wbits = windowBits;
+ state->wsize = 1U << windowBits;
+ state->window = window;
+ state->wnext = 0;
+ state->whave = 0;
+ return Z_OK;
+}
+
+/*
+ Return state with length and distance decoding tables and index sizes set to
+ fixed code decoding. Normally this returns fixed tables from inffixed.h.
+ If BUILDFIXED is defined, then instead this routine builds the tables the
+ first time it's called, and returns those tables the first time and
+ thereafter. This reduces the size of the code by about 2K bytes, in
+ exchange for a little execution time. However, BUILDFIXED should not be
+ used for threaded applications, since the rewriting of the tables and virgin
+ may not be thread-safe.
+ */
+local void fixedtables(state)
+struct inflate_state FAR *state;
+{
+#ifdef BUILDFIXED
+ static int virgin = 1;
+ static code *lenfix, *distfix;
+ static code fixed[544];
+
+ /* build fixed huffman tables if first call (may not be thread safe) */
+ if (virgin) {
+ unsigned sym, bits;
+ static code *next;
+
+ /* literal/length table */
+ sym = 0;
+ while (sym < 144) state->lens[sym++] = 8;
+ while (sym < 256) state->lens[sym++] = 9;
+ while (sym < 280) state->lens[sym++] = 7;
+ while (sym < 288) state->lens[sym++] = 8;
+ next = fixed;
+ lenfix = next;
+ bits = 9;
+ inflate_table(LENS, state->lens, 288, &(next), &(bits), state->work);
+
+ /* distance table */
+ sym = 0;
+ while (sym < 32) state->lens[sym++] = 5;
+ distfix = next;
+ bits = 5;
+ inflate_table(DISTS, state->lens, 32, &(next), &(bits), state->work);
+
+ /* do this just once */
+ virgin = 0;
+ }
+#else /* !BUILDFIXED */
+# include "inffixed.h"
+#endif /* BUILDFIXED */
+ state->lencode = lenfix;
+ state->lenbits = 9;
+ state->distcode = distfix;
+ state->distbits = 5;
+}
+
+/* Macros for inflateBack(): */
+
+/* Load returned state from inflate_fast() */
+#define LOAD() \
+ do { \
+ put = strm->next_out; \
+ left = strm->avail_out; \
+ next = strm->next_in; \
+ have = strm->avail_in; \
+ hold = state->hold; \
+ bits = state->bits; \
+ } while (0)
+
+/* Set state from registers for inflate_fast() */
+#define RESTORE() \
+ do { \
+ strm->next_out = put; \
+ strm->avail_out = left; \
+ strm->next_in = next; \
+ strm->avail_in = have; \
+ state->hold = hold; \
+ state->bits = bits; \
+ } while (0)
+
+/* Clear the input bit accumulator */
+#define INITBITS() \
+ do { \
+ hold = 0; \
+ bits = 0; \
+ } while (0)
+
+/* Assure that some input is available. If input is requested, but denied,
+ then return a Z_BUF_ERROR from inflateBack(). */
+#define PULL() \
+ do { \
+ if (have == 0) { \
+ have = in(in_desc, &next); \
+ if (have == 0) { \
+ next = Z_NULL; \
+ ret = Z_BUF_ERROR; \
+ goto inf_leave; \
+ } \
+ } \
+ } while (0)
+
+/* Get a byte of input into the bit accumulator, or return from inflateBack()
+ with an error if there is no input available. */
+#define PULLBYTE() \
+ do { \
+ PULL(); \
+ have--; \
+ hold += (unsigned long)(*next++) << bits; \
+ bits += 8; \
+ } while (0)
+
+/* Assure that there are at least n bits in the bit accumulator. If there is
+ not enough available input to do that, then return from inflateBack() with
+ an error. */
+#define NEEDBITS(n) \
+ do { \
+ while (bits < (unsigned)(n)) \
+ PULLBYTE(); \
+ } while (0)
+
+/* Return the low n bits of the bit accumulator (n < 16) */
+#define BITS(n) \
+ ((unsigned)hold & ((1U << (n)) - 1))
+
+/* Remove n bits from the bit accumulator */
+#define DROPBITS(n) \
+ do { \
+ hold >>= (n); \
+ bits -= (unsigned)(n); \
+ } while (0)
+
+/* Remove zero to seven bits as needed to go to a byte boundary */
+#define BYTEBITS() \
+ do { \
+ hold >>= bits & 7; \
+ bits -= bits & 7; \
+ } while (0)
+
+/* Assure that some output space is available, by writing out the window
+ if it's full. If the write fails, return from inflateBack() with a
+ Z_BUF_ERROR. */
+#define ROOM() \
+ do { \
+ if (left == 0) { \
+ put = state->window; \
+ left = state->wsize; \
+ state->whave = left; \
+ if (out(out_desc, put, left)) { \
+ ret = Z_BUF_ERROR; \
+ goto inf_leave; \
+ } \
+ } \
+ } while (0)
+
+/*
+ strm provides the memory allocation functions and window buffer on input,
+ and provides information on the unused input on return. For Z_DATA_ERROR
+ returns, strm will also provide an error message.
+
+ in() and out() are the call-back input and output functions. When
+ inflateBack() needs more input, it calls in(). When inflateBack() has
+ filled the window with output, or when it completes with data in the
+ window, it calls out() to write out the data. The application must not
+ change the provided input until in() is called again or inflateBack()
+ returns. The application must not change the window/output buffer until
+ inflateBack() returns.
+
+ in() and out() are called with a descriptor parameter provided in the
+ inflateBack() call. This parameter can be a structure that provides the
+ information required to do the read or write, as well as accumulated
+ information on the input and output such as totals and check values.
+
+ in() should return zero on failure. out() should return non-zero on
+ failure. If either in() or out() fails, than inflateBack() returns a
+ Z_BUF_ERROR. strm->next_in can be checked for Z_NULL to see whether it
+ was in() or out() that caused in the error. Otherwise, inflateBack()
+ returns Z_STREAM_END on success, Z_DATA_ERROR for an deflate format
+ error, or Z_MEM_ERROR if it could not allocate memory for the state.
+ inflateBack() can also return Z_STREAM_ERROR if the input parameters
+ are not correct, i.e. strm is Z_NULL or the state was not initialized.
+ */
+int ZEXPORT inflateBack(strm, in, in_desc, out, out_desc)
+z_streamp strm;
+in_func in;
+void FAR *in_desc;
+out_func out;
+void FAR *out_desc;
+{
+ struct inflate_state FAR *state;
+ unsigned char FAR *next; /* next input */
+ unsigned char FAR *put; /* next output */
+ unsigned have, left; /* available input and output */
+ unsigned long hold; /* bit buffer */
+ unsigned bits; /* bits in bit buffer */
+ unsigned copy; /* number of stored or match bytes to copy */
+ unsigned char FAR *from; /* where to copy match bytes from */
+ code here; /* current decoding table entry */
+ code last; /* parent table entry */
+ unsigned len; /* length to copy for repeats, bits to drop */
+ int ret; /* return code */
+ static const unsigned short order[19] = /* permutation of code lengths */
+ {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
+
+ /* Check that the strm exists and that the state was initialized */
+ if (strm == Z_NULL || strm->state == Z_NULL)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* Reset the state */
+ strm->msg = Z_NULL;
+ state->mode = TYPE;
+ state->last = 0;
+ state->whave = 0;
+ next = strm->next_in;
+ have = next != Z_NULL ? strm->avail_in : 0;
+ hold = 0;
+ bits = 0;
+ put = state->window;
+ left = state->wsize;
+
+ /* Inflate until end of block marked as last */
+ for (;;)
+ switch (state->mode) {
+ case TYPE:
+ /* determine and dispatch block type */
+ if (state->last) {
+ BYTEBITS();
+ state->mode = DONE;
+ break;
+ }
+ NEEDBITS(3);
+ state->last = BITS(1);
+ DROPBITS(1);
+ switch (BITS(2)) {
+ case 0: /* stored block */
+ Tracev((stderr, "inflate: stored block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = STORED;
+ break;
+ case 1: /* fixed block */
+ fixedtables(state);
+ Tracev((stderr, "inflate: fixed codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = LEN; /* decode codes */
+ break;
+ case 2: /* dynamic block */
+ Tracev((stderr, "inflate: dynamic codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = TABLE;
+ break;
+ case 3:
+ strm->msg = (char *)"invalid block type";
+ state->mode = BAD;
+ }
+ DROPBITS(2);
+ break;
+
+ case STORED:
+ /* get and verify stored block length */
+ BYTEBITS(); /* go to byte boundary */
+ NEEDBITS(32);
+ if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
+ strm->msg = (char *)"invalid stored block lengths";
+ state->mode = BAD;
+ break;
+ }
+ state->length = (unsigned)hold & 0xffff;
+ Tracev((stderr, "inflate: stored length %u\n",
+ state->length));
+ INITBITS();
+
+ /* copy stored block from input to output */
+ while (state->length != 0) {
+ copy = state->length;
+ PULL();
+ ROOM();
+ if (copy > have) copy = have;
+ if (copy > left) copy = left;
+ zmemcpy(put, next, copy);
+ have -= copy;
+ next += copy;
+ left -= copy;
+ put += copy;
+ state->length -= copy;
+ }
+ Tracev((stderr, "inflate: stored end\n"));
+ state->mode = TYPE;
+ break;
+
+ case TABLE:
+ /* get dynamic table entries descriptor */
+ NEEDBITS(14);
+ state->nlen = BITS(5) + 257;
+ DROPBITS(5);
+ state->ndist = BITS(5) + 1;
+ DROPBITS(5);
+ state->ncode = BITS(4) + 4;
+ DROPBITS(4);
+#ifndef PKZIP_BUG_WORKAROUND
+ if (state->nlen > 286 || state->ndist > 30) {
+ strm->msg = (char *)"too many length or distance symbols";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracev((stderr, "inflate: table sizes ok\n"));
+
+ /* get code length code lengths (not a typo) */
+ state->have = 0;
+ while (state->have < state->ncode) {
+ NEEDBITS(3);
+ state->lens[order[state->have++]] = (unsigned short)BITS(3);
+ DROPBITS(3);
+ }
+ while (state->have < 19)
+ state->lens[order[state->have++]] = 0;
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 7;
+ ret = inflate_table(CODES, state->lens, 19, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid code lengths set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: code lengths ok\n"));
+
+ /* get length and distance code code lengths */
+ state->have = 0;
+ while (state->have < state->nlen + state->ndist) {
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.val < 16) {
+ NEEDBITS(here.bits);
+ DROPBITS(here.bits);
+ state->lens[state->have++] = here.val;
+ }
+ else {
+ if (here.val == 16) {
+ NEEDBITS(here.bits + 2);
+ DROPBITS(here.bits);
+ if (state->have == 0) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ len = (unsigned)(state->lens[state->have - 1]);
+ copy = 3 + BITS(2);
+ DROPBITS(2);
+ }
+ else if (here.val == 17) {
+ NEEDBITS(here.bits + 3);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 3 + BITS(3);
+ DROPBITS(3);
+ }
+ else {
+ NEEDBITS(here.bits + 7);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 11 + BITS(7);
+ DROPBITS(7);
+ }
+ if (state->have + copy > state->nlen + state->ndist) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ while (copy--)
+ state->lens[state->have++] = (unsigned short)len;
+ }
+ }
+
+ /* handle error breaks in while */
+ if (state->mode == BAD) break;
+
+ /* check for end-of-block code (better have one) */
+ if (state->lens[256] == 0) {
+ strm->msg = (char *)"invalid code -- missing end-of-block";
+ state->mode = BAD;
+ break;
+ }
+
+ /* build code tables -- note: do not change the lenbits or distbits
+ values here (9 and 6) without reading the comments in inftrees.h
+ concerning the ENOUGH constants, which depend on those values */
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 9;
+ ret = inflate_table(LENS, state->lens, state->nlen, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid literal/lengths set";
+ state->mode = BAD;
+ break;
+ }
+ state->distcode = (code const FAR *)(state->next);
+ state->distbits = 6;
+ ret = inflate_table(DISTS, state->lens + state->nlen, state->ndist,
+ &(state->next), &(state->distbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid distances set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: codes ok\n"));
+ state->mode = LEN;
+
+ case LEN:
+ /* use inflate_fast() if we have enough input and output */
+ if (have >= 6 && left >= 258) {
+ RESTORE();
+ if (state->whave < state->wsize)
+ state->whave = state->wsize - left;
+ inflate_fast(strm, state->wsize);
+ LOAD();
+ break;
+ }
+
+ /* get a literal, length, or end-of-block code */
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.op && (here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->lencode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ }
+ DROPBITS(here.bits);
+ state->length = (unsigned)here.val;
+
+ /* process literal */
+ if (here.op == 0) {
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ ROOM();
+ *put++ = (unsigned char)(state->length);
+ left--;
+ state->mode = LEN;
+ break;
+ }
+
+ /* process end of block */
+ if (here.op & 32) {
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->mode = TYPE;
+ break;
+ }
+
+ /* invalid code */
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+
+ /* length code -- get extra bits, if any */
+ state->extra = (unsigned)(here.op) & 15;
+ if (state->extra != 0) {
+ NEEDBITS(state->extra);
+ state->length += BITS(state->extra);
+ DROPBITS(state->extra);
+ }
+ Tracevv((stderr, "inflate: length %u\n", state->length));
+
+ /* get distance code */
+ for (;;) {
+ here = state->distcode[BITS(state->distbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if ((here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->distcode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ }
+ DROPBITS(here.bits);
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ state->offset = (unsigned)here.val;
+
+ /* get distance extra bits, if any */
+ state->extra = (unsigned)(here.op) & 15;
+ if (state->extra != 0) {
+ NEEDBITS(state->extra);
+ state->offset += BITS(state->extra);
+ DROPBITS(state->extra);
+ }
+ if (state->offset > state->wsize - (state->whave < state->wsize ?
+ left : 0)) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+ Tracevv((stderr, "inflate: distance %u\n", state->offset));
+
+ /* copy match from window to output */
+ do {
+ ROOM();
+ copy = state->wsize - state->offset;
+ if (copy < left) {
+ from = put + copy;
+ copy = left - copy;
+ }
+ else {
+ from = put - state->offset;
+ copy = left;
+ }
+ if (copy > state->length) copy = state->length;
+ state->length -= copy;
+ left -= copy;
+ do {
+ *put++ = *from++;
+ } while (--copy);
+ } while (state->length != 0);
+ break;
+
+ case DONE:
+ /* inflate stream terminated properly -- write leftover output */
+ ret = Z_STREAM_END;
+ if (left < state->wsize) {
+ if (out(out_desc, state->window, state->wsize - left))
+ ret = Z_BUF_ERROR;
+ }
+ goto inf_leave;
+
+ case BAD:
+ ret = Z_DATA_ERROR;
+ goto inf_leave;
+
+ default: /* can't happen, but makes compilers happy */
+ ret = Z_STREAM_ERROR;
+ goto inf_leave;
+ }
+
+ /* Return unused input */
+ inf_leave:
+ strm->next_in = next;
+ strm->avail_in = have;
+ return ret;
+}
+
+int ZEXPORT inflateBackEnd(strm)
+z_streamp strm;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+ Tracev((stderr, "inflate: end\n"));
+ return Z_OK;
+}
diff --git a/security/nss/lib/zlib/inffast.c b/security/nss/lib/zlib/inffast.c
new file mode 100644
index 000000000..2f1d60b43
--- /dev/null
+++ b/security/nss/lib/zlib/inffast.c
@@ -0,0 +1,340 @@
+/* inffast.c -- fast decoding
+ * Copyright (C) 1995-2008, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+#ifndef ASMINF
+
+/* Allow machine dependent optimization for post-increment or pre-increment.
+ Based on testing to date,
+ Pre-increment preferred for:
+ - PowerPC G3 (Adler)
+ - MIPS R5000 (Randers-Pehrson)
+ Post-increment preferred for:
+ - none
+ No measurable difference:
+ - Pentium III (Anderson)
+ - M68060 (Nikl)
+ */
+#ifdef POSTINC
+# define OFF 0
+# define PUP(a) *(a)++
+#else
+# define OFF 1
+# define PUP(a) *++(a)
+#endif
+
+/*
+ Decode literal, length, and distance codes and write out the resulting
+ literal and match bytes until either not enough input or output is
+ available, an end-of-block is encountered, or a data error is encountered.
+ When large enough input and output buffers are supplied to inflate(), for
+ example, a 16K input buffer and a 64K output buffer, more than 95% of the
+ inflate execution time is spent in this routine.
+
+ Entry assumptions:
+
+ state->mode == LEN
+ strm->avail_in >= 6
+ strm->avail_out >= 258
+ start >= strm->avail_out
+ state->bits < 8
+
+ On return, state->mode is one of:
+
+ LEN -- ran out of enough output space or enough available input
+ TYPE -- reached end of block code, inflate() to interpret next block
+ BAD -- error in block data
+
+ Notes:
+
+ - The maximum input bits used by a length/distance pair is 15 bits for the
+ length code, 5 bits for the length extra, 15 bits for the distance code,
+ and 13 bits for the distance extra. This totals 48 bits, or six bytes.
+ Therefore if strm->avail_in >= 6, then there is enough input to avoid
+ checking for available input while decoding.
+
+ - The maximum bytes that a single length/distance pair can output is 258
+ bytes, which is the maximum length that can be coded. inflate_fast()
+ requires strm->avail_out >= 258 for each loop to avoid checking for
+ output space.
+ */
+void ZLIB_INTERNAL inflate_fast(strm, start)
+z_streamp strm;
+unsigned start; /* inflate()'s starting value for strm->avail_out */
+{
+ struct inflate_state FAR *state;
+ unsigned char FAR *in; /* local strm->next_in */
+ unsigned char FAR *last; /* while in < last, enough input available */
+ unsigned char FAR *out; /* local strm->next_out */
+ unsigned char FAR *beg; /* inflate()'s initial strm->next_out */
+ unsigned char FAR *end; /* while out < end, enough space available */
+#ifdef INFLATE_STRICT
+ unsigned dmax; /* maximum distance from zlib header */
+#endif
+ unsigned wsize; /* window size or zero if not using window */
+ unsigned whave; /* valid bytes in the window */
+ unsigned wnext; /* window write index */
+ unsigned char FAR *window; /* allocated sliding window, if wsize != 0 */
+ unsigned long hold; /* local strm->hold */
+ unsigned bits; /* local strm->bits */
+ code const FAR *lcode; /* local strm->lencode */
+ code const FAR *dcode; /* local strm->distcode */
+ unsigned lmask; /* mask for first level of length codes */
+ unsigned dmask; /* mask for first level of distance codes */
+ code here; /* retrieved table entry */
+ unsigned op; /* code bits, operation, extra bits, or */
+ /* window position, window bytes to copy */
+ unsigned len; /* match length, unused bytes */
+ unsigned dist; /* match distance */
+ unsigned char FAR *from; /* where to copy match from */
+
+ /* copy state to local variables */
+ state = (struct inflate_state FAR *)strm->state;
+ in = strm->next_in - OFF;
+ last = in + (strm->avail_in - 5);
+ out = strm->next_out - OFF;
+ beg = out - (start - strm->avail_out);
+ end = out + (strm->avail_out - 257);
+#ifdef INFLATE_STRICT
+ dmax = state->dmax;
+#endif
+ wsize = state->wsize;
+ whave = state->whave;
+ wnext = state->wnext;
+ window = state->window;
+ hold = state->hold;
+ bits = state->bits;
+ lcode = state->lencode;
+ dcode = state->distcode;
+ lmask = (1U << state->lenbits) - 1;
+ dmask = (1U << state->distbits) - 1;
+
+ /* decode literals and length/distances until end-of-block or not enough
+ input data or output space */
+ do {
+ if (bits < 15) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ here = lcode[hold & lmask];
+ dolen:
+ op = (unsigned)(here.bits);
+ hold >>= op;
+ bits -= op;
+ op = (unsigned)(here.op);
+ if (op == 0) { /* literal */
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ PUP(out) = (unsigned char)(here.val);
+ }
+ else if (op & 16) { /* length base */
+ len = (unsigned)(here.val);
+ op &= 15; /* number of extra bits */
+ if (op) {
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ len += (unsigned)hold & ((1U << op) - 1);
+ hold >>= op;
+ bits -= op;
+ }
+ Tracevv((stderr, "inflate: length %u\n", len));
+ if (bits < 15) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ here = dcode[hold & dmask];
+ dodist:
+ op = (unsigned)(here.bits);
+ hold >>= op;
+ bits -= op;
+ op = (unsigned)(here.op);
+ if (op & 16) { /* distance base */
+ dist = (unsigned)(here.val);
+ op &= 15; /* number of extra bits */
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ }
+ dist += (unsigned)hold & ((1U << op) - 1);
+#ifdef INFLATE_STRICT
+ if (dist > dmax) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ hold >>= op;
+ bits -= op;
+ Tracevv((stderr, "inflate: distance %u\n", dist));
+ op = (unsigned)(out - beg); /* max distance in output */
+ if (dist > op) { /* see if copy from window */
+ op = dist - op; /* distance back in window */
+ if (op > whave) {
+ if (state->sane) {
+ strm->msg =
+ (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ if (len <= op - whave) {
+ do {
+ PUP(out) = 0;
+ } while (--len);
+ continue;
+ }
+ len -= op - whave;
+ do {
+ PUP(out) = 0;
+ } while (--op > whave);
+ if (op == 0) {
+ from = out - dist;
+ do {
+ PUP(out) = PUP(from);
+ } while (--len);
+ continue;
+ }
+#endif
+ }
+ from = window - OFF;
+ if (wnext == 0) { /* very common case */
+ from += wsize - op;
+ if (op < len) { /* some from window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ else if (wnext < op) { /* wrap around window */
+ from += wsize + wnext - op;
+ op -= wnext;
+ if (op < len) { /* some from end of window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = window - OFF;
+ if (wnext < len) { /* some from start of window */
+ op = wnext;
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ }
+ else { /* contiguous in window */
+ from += wnext - op;
+ if (op < len) { /* some from window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ while (len > 2) {
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ len -= 3;
+ }
+ if (len) {
+ PUP(out) = PUP(from);
+ if (len > 1)
+ PUP(out) = PUP(from);
+ }
+ }
+ else {
+ from = out - dist; /* copy direct from output */
+ do { /* minimum length is three */
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ len -= 3;
+ } while (len > 2);
+ if (len) {
+ PUP(out) = PUP(from);
+ if (len > 1)
+ PUP(out) = PUP(from);
+ }
+ }
+ }
+ else if ((op & 64) == 0) { /* 2nd level distance code */
+ here = dcode[here.val + (hold & ((1U << op) - 1))];
+ goto dodist;
+ }
+ else {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ }
+ else if ((op & 64) == 0) { /* 2nd level length code */
+ here = lcode[here.val + (hold & ((1U << op) - 1))];
+ goto dolen;
+ }
+ else if (op & 32) { /* end-of-block */
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->mode = TYPE;
+ break;
+ }
+ else {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+ } while (in < last && out < end);
+
+ /* return unused bytes (on entry, bits < 8, so in won't go too far back) */
+ len = bits >> 3;
+ in -= len;
+ bits -= len << 3;
+ hold &= (1U << bits) - 1;
+
+ /* update state and return */
+ strm->next_in = in + OFF;
+ strm->next_out = out + OFF;
+ strm->avail_in = (unsigned)(in < last ? 5 + (last - in) : 5 - (in - last));
+ strm->avail_out = (unsigned)(out < end ?
+ 257 + (end - out) : 257 - (out - end));
+ state->hold = hold;
+ state->bits = bits;
+ return;
+}
+
+/*
+ inflate_fast() speedups that turned out slower (on a PowerPC G3 750CXe):
+ - Using bit fields for code structure
+ - Different op definition to avoid & for extra bits (do & for table bits)
+ - Three separate decoding do-loops for direct, window, and wnext == 0
+ - Special case for distance > 1 copies to do overlapped load and store copy
+ - Explicit branch predictions (based on measured branch probabilities)
+ - Deferring match copy and interspersed it with decoding subsequent codes
+ - Swapping literal/length else
+ - Swapping window/direct else
+ - Larger unrolled copy loops (three is about right)
+ - Moving len -= 3 statement into middle of loop
+ */
+
+#endif /* !ASMINF */
diff --git a/security/nss/lib/zlib/inffast.h b/security/nss/lib/zlib/inffast.h
new file mode 100644
index 000000000..e5c1aa4ca
--- /dev/null
+++ b/security/nss/lib/zlib/inffast.h
@@ -0,0 +1,11 @@
+/* inffast.h -- header to use inffast.c
+ * Copyright (C) 1995-2003, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+void ZLIB_INTERNAL inflate_fast OF((z_streamp strm, unsigned start));
diff --git a/security/nss/lib/zlib/inffixed.h b/security/nss/lib/zlib/inffixed.h
new file mode 100644
index 000000000..05640fec3
--- /dev/null
+++ b/security/nss/lib/zlib/inffixed.h
@@ -0,0 +1,98 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ /* inffixed.h -- table for decoding fixed codes
+ * Generated automatically by makefixed().
+ */
+
+ /* WARNING: this file should *not* be used by applications. It
+ is part of the implementation of the compression library and
+ is subject to change. Applications should only use zlib.h.
+ */
+
+ static const code lenfix[512] = {
+ {96,7,0},{0,8,80},{0,8,16},{20,8,115},{18,7,31},{0,8,112},{0,8,48},
+ {0,9,192},{16,7,10},{0,8,96},{0,8,32},{0,9,160},{0,8,0},{0,8,128},
+ {0,8,64},{0,9,224},{16,7,6},{0,8,88},{0,8,24},{0,9,144},{19,7,59},
+ {0,8,120},{0,8,56},{0,9,208},{17,7,17},{0,8,104},{0,8,40},{0,9,176},
+ {0,8,8},{0,8,136},{0,8,72},{0,9,240},{16,7,4},{0,8,84},{0,8,20},
+ {21,8,227},{19,7,43},{0,8,116},{0,8,52},{0,9,200},{17,7,13},{0,8,100},
+ {0,8,36},{0,9,168},{0,8,4},{0,8,132},{0,8,68},{0,9,232},{16,7,8},
+ {0,8,92},{0,8,28},{0,9,152},{20,7,83},{0,8,124},{0,8,60},{0,9,216},
+ {18,7,23},{0,8,108},{0,8,44},{0,9,184},{0,8,12},{0,8,140},{0,8,76},
+ {0,9,248},{16,7,3},{0,8,82},{0,8,18},{21,8,163},{19,7,35},{0,8,114},
+ {0,8,50},{0,9,196},{17,7,11},{0,8,98},{0,8,34},{0,9,164},{0,8,2},
+ {0,8,130},{0,8,66},{0,9,228},{16,7,7},{0,8,90},{0,8,26},{0,9,148},
+ {20,7,67},{0,8,122},{0,8,58},{0,9,212},{18,7,19},{0,8,106},{0,8,42},
+ {0,9,180},{0,8,10},{0,8,138},{0,8,74},{0,9,244},{16,7,5},{0,8,86},
+ {0,8,22},{64,8,0},{19,7,51},{0,8,118},{0,8,54},{0,9,204},{17,7,15},
+ {0,8,102},{0,8,38},{0,9,172},{0,8,6},{0,8,134},{0,8,70},{0,9,236},
+ {16,7,9},{0,8,94},{0,8,30},{0,9,156},{20,7,99},{0,8,126},{0,8,62},
+ {0,9,220},{18,7,27},{0,8,110},{0,8,46},{0,9,188},{0,8,14},{0,8,142},
+ {0,8,78},{0,9,252},{96,7,0},{0,8,81},{0,8,17},{21,8,131},{18,7,31},
+ {0,8,113},{0,8,49},{0,9,194},{16,7,10},{0,8,97},{0,8,33},{0,9,162},
+ {0,8,1},{0,8,129},{0,8,65},{0,9,226},{16,7,6},{0,8,89},{0,8,25},
+ {0,9,146},{19,7,59},{0,8,121},{0,8,57},{0,9,210},{17,7,17},{0,8,105},
+ {0,8,41},{0,9,178},{0,8,9},{0,8,137},{0,8,73},{0,9,242},{16,7,4},
+ {0,8,85},{0,8,21},{16,8,258},{19,7,43},{0,8,117},{0,8,53},{0,9,202},
+ {17,7,13},{0,8,101},{0,8,37},{0,9,170},{0,8,5},{0,8,133},{0,8,69},
+ {0,9,234},{16,7,8},{0,8,93},{0,8,29},{0,9,154},{20,7,83},{0,8,125},
+ {0,8,61},{0,9,218},{18,7,23},{0,8,109},{0,8,45},{0,9,186},{0,8,13},
+ {0,8,141},{0,8,77},{0,9,250},{16,7,3},{0,8,83},{0,8,19},{21,8,195},
+ {19,7,35},{0,8,115},{0,8,51},{0,9,198},{17,7,11},{0,8,99},{0,8,35},
+ {0,9,166},{0,8,3},{0,8,131},{0,8,67},{0,9,230},{16,7,7},{0,8,91},
+ {0,8,27},{0,9,150},{20,7,67},{0,8,123},{0,8,59},{0,9,214},{18,7,19},
+ {0,8,107},{0,8,43},{0,9,182},{0,8,11},{0,8,139},{0,8,75},{0,9,246},
+ {16,7,5},{0,8,87},{0,8,23},{64,8,0},{19,7,51},{0,8,119},{0,8,55},
+ {0,9,206},{17,7,15},{0,8,103},{0,8,39},{0,9,174},{0,8,7},{0,8,135},
+ {0,8,71},{0,9,238},{16,7,9},{0,8,95},{0,8,31},{0,9,158},{20,7,99},
+ {0,8,127},{0,8,63},{0,9,222},{18,7,27},{0,8,111},{0,8,47},{0,9,190},
+ {0,8,15},{0,8,143},{0,8,79},{0,9,254},{96,7,0},{0,8,80},{0,8,16},
+ {20,8,115},{18,7,31},{0,8,112},{0,8,48},{0,9,193},{16,7,10},{0,8,96},
+ {0,8,32},{0,9,161},{0,8,0},{0,8,128},{0,8,64},{0,9,225},{16,7,6},
+ {0,8,88},{0,8,24},{0,9,145},{19,7,59},{0,8,120},{0,8,56},{0,9,209},
+ {17,7,17},{0,8,104},{0,8,40},{0,9,177},{0,8,8},{0,8,136},{0,8,72},
+ {0,9,241},{16,7,4},{0,8,84},{0,8,20},{21,8,227},{19,7,43},{0,8,116},
+ {0,8,52},{0,9,201},{17,7,13},{0,8,100},{0,8,36},{0,9,169},{0,8,4},
+ {0,8,132},{0,8,68},{0,9,233},{16,7,8},{0,8,92},{0,8,28},{0,9,153},
+ {20,7,83},{0,8,124},{0,8,60},{0,9,217},{18,7,23},{0,8,108},{0,8,44},
+ {0,9,185},{0,8,12},{0,8,140},{0,8,76},{0,9,249},{16,7,3},{0,8,82},
+ {0,8,18},{21,8,163},{19,7,35},{0,8,114},{0,8,50},{0,9,197},{17,7,11},
+ {0,8,98},{0,8,34},{0,9,165},{0,8,2},{0,8,130},{0,8,66},{0,9,229},
+ {16,7,7},{0,8,90},{0,8,26},{0,9,149},{20,7,67},{0,8,122},{0,8,58},
+ {0,9,213},{18,7,19},{0,8,106},{0,8,42},{0,9,181},{0,8,10},{0,8,138},
+ {0,8,74},{0,9,245},{16,7,5},{0,8,86},{0,8,22},{64,8,0},{19,7,51},
+ {0,8,118},{0,8,54},{0,9,205},{17,7,15},{0,8,102},{0,8,38},{0,9,173},
+ {0,8,6},{0,8,134},{0,8,70},{0,9,237},{16,7,9},{0,8,94},{0,8,30},
+ {0,9,157},{20,7,99},{0,8,126},{0,8,62},{0,9,221},{18,7,27},{0,8,110},
+ {0,8,46},{0,9,189},{0,8,14},{0,8,142},{0,8,78},{0,9,253},{96,7,0},
+ {0,8,81},{0,8,17},{21,8,131},{18,7,31},{0,8,113},{0,8,49},{0,9,195},
+ {16,7,10},{0,8,97},{0,8,33},{0,9,163},{0,8,1},{0,8,129},{0,8,65},
+ {0,9,227},{16,7,6},{0,8,89},{0,8,25},{0,9,147},{19,7,59},{0,8,121},
+ {0,8,57},{0,9,211},{17,7,17},{0,8,105},{0,8,41},{0,9,179},{0,8,9},
+ {0,8,137},{0,8,73},{0,9,243},{16,7,4},{0,8,85},{0,8,21},{16,8,258},
+ {19,7,43},{0,8,117},{0,8,53},{0,9,203},{17,7,13},{0,8,101},{0,8,37},
+ {0,9,171},{0,8,5},{0,8,133},{0,8,69},{0,9,235},{16,7,8},{0,8,93},
+ {0,8,29},{0,9,155},{20,7,83},{0,8,125},{0,8,61},{0,9,219},{18,7,23},
+ {0,8,109},{0,8,45},{0,9,187},{0,8,13},{0,8,141},{0,8,77},{0,9,251},
+ {16,7,3},{0,8,83},{0,8,19},{21,8,195},{19,7,35},{0,8,115},{0,8,51},
+ {0,9,199},{17,7,11},{0,8,99},{0,8,35},{0,9,167},{0,8,3},{0,8,131},
+ {0,8,67},{0,9,231},{16,7,7},{0,8,91},{0,8,27},{0,9,151},{20,7,67},
+ {0,8,123},{0,8,59},{0,9,215},{18,7,19},{0,8,107},{0,8,43},{0,9,183},
+ {0,8,11},{0,8,139},{0,8,75},{0,9,247},{16,7,5},{0,8,87},{0,8,23},
+ {64,8,0},{19,7,51},{0,8,119},{0,8,55},{0,9,207},{17,7,15},{0,8,103},
+ {0,8,39},{0,9,175},{0,8,7},{0,8,135},{0,8,71},{0,9,239},{16,7,9},
+ {0,8,95},{0,8,31},{0,9,159},{20,7,99},{0,8,127},{0,8,63},{0,9,223},
+ {18,7,27},{0,8,111},{0,8,47},{0,9,191},{0,8,15},{0,8,143},{0,8,79},
+ {0,9,255}
+ };
+
+ static const code distfix[32] = {
+ {16,5,1},{23,5,257},{19,5,17},{27,5,4097},{17,5,5},{25,5,1025},
+ {21,5,65},{29,5,16385},{16,5,3},{24,5,513},{20,5,33},{28,5,8193},
+ {18,5,9},{26,5,2049},{22,5,129},{64,5,0},{16,5,2},{23,5,385},
+ {19,5,25},{27,5,6145},{17,5,7},{25,5,1537},{21,5,97},{29,5,24577},
+ {16,5,4},{24,5,769},{20,5,49},{28,5,12289},{18,5,13},{26,5,3073},
+ {22,5,193},{64,5,0}
+ };
diff --git a/security/nss/lib/zlib/inflate.c b/security/nss/lib/zlib/inflate.c
new file mode 100644
index 000000000..a8431abea
--- /dev/null
+++ b/security/nss/lib/zlib/inflate.c
@@ -0,0 +1,1480 @@
+/* inflate.c -- zlib decompression
+ * Copyright (C) 1995-2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * Change history:
+ *
+ * 1.2.beta0 24 Nov 2002
+ * - First version -- complete rewrite of inflate to simplify code, avoid
+ * creation of window when not needed, minimize use of window when it is
+ * needed, make inffast.c even faster, implement gzip decoding, and to
+ * improve code readability and style over the previous zlib inflate code
+ *
+ * 1.2.beta1 25 Nov 2002
+ * - Use pointers for available input and output checking in inffast.c
+ * - Remove input and output counters in inffast.c
+ * - Change inffast.c entry and loop from avail_in >= 7 to >= 6
+ * - Remove unnecessary second byte pull from length extra in inffast.c
+ * - Unroll direct copy to three copies per loop in inffast.c
+ *
+ * 1.2.beta2 4 Dec 2002
+ * - Change external routine names to reduce potential conflicts
+ * - Correct filename to inffixed.h for fixed tables in inflate.c
+ * - Make hbuf[] unsigned char to match parameter type in inflate.c
+ * - Change strm->next_out[-state->offset] to *(strm->next_out - state->offset)
+ * to avoid negation problem on Alphas (64 bit) in inflate.c
+ *
+ * 1.2.beta3 22 Dec 2002
+ * - Add comments on state->bits assertion in inffast.c
+ * - Add comments on op field in inftrees.h
+ * - Fix bug in reuse of allocated window after inflateReset()
+ * - Remove bit fields--back to byte structure for speed
+ * - Remove distance extra == 0 check in inflate_fast()--only helps for lengths
+ * - Change post-increments to pre-increments in inflate_fast(), PPC biased?
+ * - Add compile time option, POSTINC, to use post-increments instead (Intel?)
+ * - Make MATCH copy in inflate() much faster for when inflate_fast() not used
+ * - Use local copies of stream next and avail values, as well as local bit
+ * buffer and bit count in inflate()--for speed when inflate_fast() not used
+ *
+ * 1.2.beta4 1 Jan 2003
+ * - Split ptr - 257 statements in inflate_table() to avoid compiler warnings
+ * - Move a comment on output buffer sizes from inffast.c to inflate.c
+ * - Add comments in inffast.c to introduce the inflate_fast() routine
+ * - Rearrange window copies in inflate_fast() for speed and simplification
+ * - Unroll last copy for window match in inflate_fast()
+ * - Use local copies of window variables in inflate_fast() for speed
+ * - Pull out common wnext == 0 case for speed in inflate_fast()
+ * - Make op and len in inflate_fast() unsigned for consistency
+ * - Add FAR to lcode and dcode declarations in inflate_fast()
+ * - Simplified bad distance check in inflate_fast()
+ * - Added inflateBackInit(), inflateBack(), and inflateBackEnd() in new
+ * source file infback.c to provide a call-back interface to inflate for
+ * programs like gzip and unzip -- uses window as output buffer to avoid
+ * window copying
+ *
+ * 1.2.beta5 1 Jan 2003
+ * - Improved inflateBack() interface to allow the caller to provide initial
+ * input in strm.
+ * - Fixed stored blocks bug in inflateBack()
+ *
+ * 1.2.beta6 4 Jan 2003
+ * - Added comments in inffast.c on effectiveness of POSTINC
+ * - Typecasting all around to reduce compiler warnings
+ * - Changed loops from while (1) or do {} while (1) to for (;;), again to
+ * make compilers happy
+ * - Changed type of window in inflateBackInit() to unsigned char *
+ *
+ * 1.2.beta7 27 Jan 2003
+ * - Changed many types to unsigned or unsigned short to avoid warnings
+ * - Added inflateCopy() function
+ *
+ * 1.2.0 9 Mar 2003
+ * - Changed inflateBack() interface to provide separate opaque descriptors
+ * for the in() and out() functions
+ * - Changed inflateBack() argument and in_func typedef to swap the length
+ * and buffer address return values for the input function
+ * - Check next_in and next_out for Z_NULL on entry to inflate()
+ *
+ * The history for versions after 1.2.0 are in ChangeLog in zlib distribution.
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+#ifdef MAKEFIXED
+# ifndef BUILDFIXED
+# define BUILDFIXED
+# endif
+#endif
+
+/* function prototypes */
+local void fixedtables OF((struct inflate_state FAR *state));
+local int updatewindow OF((z_streamp strm, unsigned out));
+#ifdef BUILDFIXED
+ void makefixed OF((void));
+#endif
+local unsigned syncsearch OF((unsigned FAR *have, unsigned char FAR *buf,
+ unsigned len));
+
+int ZEXPORT inflateReset(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ strm->total_in = strm->total_out = state->total = 0;
+ strm->msg = Z_NULL;
+ strm->adler = 1; /* to support ill-conceived Java test suite */
+ state->mode = HEAD;
+ state->last = 0;
+ state->havedict = 0;
+ state->dmax = 32768U;
+ state->head = Z_NULL;
+ state->wsize = 0;
+ state->whave = 0;
+ state->wnext = 0;
+ state->hold = 0;
+ state->bits = 0;
+ state->lencode = state->distcode = state->next = state->codes;
+ state->sane = 1;
+ state->back = -1;
+ Tracev((stderr, "inflate: reset\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateReset2(strm, windowBits)
+z_streamp strm;
+int windowBits;
+{
+ int wrap;
+ struct inflate_state FAR *state;
+
+ /* get the state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* extract wrap request from windowBits parameter */
+ if (windowBits < 0) {
+ wrap = 0;
+ windowBits = -windowBits;
+ }
+ else {
+ wrap = (windowBits >> 4) + 1;
+#ifdef GUNZIP
+ if (windowBits < 48)
+ windowBits &= 15;
+#endif
+ }
+
+ /* set number of window bits, free window if different */
+ if (windowBits && (windowBits < 8 || windowBits > 15))
+ return Z_STREAM_ERROR;
+ if (state->window != Z_NULL && state->wbits != (unsigned)windowBits) {
+ ZFREE(strm, state->window);
+ state->window = Z_NULL;
+ }
+
+ /* update state and reset the rest of it */
+ state->wrap = wrap;
+ state->wbits = (unsigned)windowBits;
+ return inflateReset(strm);
+}
+
+int ZEXPORT inflateInit2_(strm, windowBits, version, stream_size)
+z_streamp strm;
+int windowBits;
+const char *version;
+int stream_size;
+{
+ int ret;
+ struct inflate_state FAR *state;
+
+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
+ stream_size != (int)(sizeof(z_stream)))
+ return Z_VERSION_ERROR;
+ if (strm == Z_NULL) return Z_STREAM_ERROR;
+ strm->msg = Z_NULL; /* in case we return an error */
+ if (strm->zalloc == (alloc_func)0) {
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+ }
+ if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ state = (struct inflate_state FAR *)
+ ZALLOC(strm, 1, sizeof(struct inflate_state));
+ if (state == Z_NULL) return Z_MEM_ERROR;
+ Tracev((stderr, "inflate: allocated\n"));
+ strm->state = (struct internal_state FAR *)state;
+ state->window = Z_NULL;
+ ret = inflateReset2(strm, windowBits);
+ if (ret != Z_OK) {
+ ZFREE(strm, state);
+ strm->state = Z_NULL;
+ }
+ return ret;
+}
+
+int ZEXPORT inflateInit_(strm, version, stream_size)
+z_streamp strm;
+const char *version;
+int stream_size;
+{
+ return inflateInit2_(strm, DEF_WBITS, version, stream_size);
+}
+
+int ZEXPORT inflatePrime(strm, bits, value)
+z_streamp strm;
+int bits;
+int value;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (bits < 0) {
+ state->hold = 0;
+ state->bits = 0;
+ return Z_OK;
+ }
+ if (bits > 16 || state->bits + bits > 32) return Z_STREAM_ERROR;
+ value &= (1L << bits) - 1;
+ state->hold += value << state->bits;
+ state->bits += bits;
+ return Z_OK;
+}
+
+/*
+ Return state with length and distance decoding tables and index sizes set to
+ fixed code decoding. Normally this returns fixed tables from inffixed.h.
+ If BUILDFIXED is defined, then instead this routine builds the tables the
+ first time it's called, and returns those tables the first time and
+ thereafter. This reduces the size of the code by about 2K bytes, in
+ exchange for a little execution time. However, BUILDFIXED should not be
+ used for threaded applications, since the rewriting of the tables and virgin
+ may not be thread-safe.
+ */
+local void fixedtables(state)
+struct inflate_state FAR *state;
+{
+#ifdef BUILDFIXED
+ static int virgin = 1;
+ static code *lenfix, *distfix;
+ static code fixed[544];
+
+ /* build fixed huffman tables if first call (may not be thread safe) */
+ if (virgin) {
+ unsigned sym, bits;
+ static code *next;
+
+ /* literal/length table */
+ sym = 0;
+ while (sym < 144) state->lens[sym++] = 8;
+ while (sym < 256) state->lens[sym++] = 9;
+ while (sym < 280) state->lens[sym++] = 7;
+ while (sym < 288) state->lens[sym++] = 8;
+ next = fixed;
+ lenfix = next;
+ bits = 9;
+ inflate_table(LENS, state->lens, 288, &(next), &(bits), state->work);
+
+ /* distance table */
+ sym = 0;
+ while (sym < 32) state->lens[sym++] = 5;
+ distfix = next;
+ bits = 5;
+ inflate_table(DISTS, state->lens, 32, &(next), &(bits), state->work);
+
+ /* do this just once */
+ virgin = 0;
+ }
+#else /* !BUILDFIXED */
+# include "inffixed.h"
+#endif /* BUILDFIXED */
+ state->lencode = lenfix;
+ state->lenbits = 9;
+ state->distcode = distfix;
+ state->distbits = 5;
+}
+
+#ifdef MAKEFIXED
+#include <stdio.h>
+
+/*
+ Write out the inffixed.h that is #include'd above. Defining MAKEFIXED also
+ defines BUILDFIXED, so the tables are built on the fly. makefixed() writes
+ those tables to stdout, which would be piped to inffixed.h. A small program
+ can simply call makefixed to do this:
+
+ void makefixed(void);
+
+ int main(void)
+ {
+ makefixed();
+ return 0;
+ }
+
+ Then that can be linked with zlib built with MAKEFIXED defined and run:
+
+ a.out > inffixed.h
+ */
+void makefixed()
+{
+ unsigned low, size;
+ struct inflate_state state;
+
+ fixedtables(&state);
+ puts(" /* inffixed.h -- table for decoding fixed codes");
+ puts(" * Generated automatically by makefixed().");
+ puts(" */");
+ puts("");
+ puts(" /* WARNING: this file should *not* be used by applications.");
+ puts(" It is part of the implementation of this library and is");
+ puts(" subject to change. Applications should only use zlib.h.");
+ puts(" */");
+ puts("");
+ size = 1U << 9;
+ printf(" static const code lenfix[%u] = {", size);
+ low = 0;
+ for (;;) {
+ if ((low % 7) == 0) printf("\n ");
+ printf("{%u,%u,%d}", state.lencode[low].op, state.lencode[low].bits,
+ state.lencode[low].val);
+ if (++low == size) break;
+ putchar(',');
+ }
+ puts("\n };");
+ size = 1U << 5;
+ printf("\n static const code distfix[%u] = {", size);
+ low = 0;
+ for (;;) {
+ if ((low % 6) == 0) printf("\n ");
+ printf("{%u,%u,%d}", state.distcode[low].op, state.distcode[low].bits,
+ state.distcode[low].val);
+ if (++low == size) break;
+ putchar(',');
+ }
+ puts("\n };");
+}
+#endif /* MAKEFIXED */
+
+/*
+ Update the window with the last wsize (normally 32K) bytes written before
+ returning. If window does not exist yet, create it. This is only called
+ when a window is already in use, or when output has been written during this
+ inflate call, but the end of the deflate stream has not been reached yet.
+ It is also called to create a window for dictionary data when a dictionary
+ is loaded.
+
+ Providing output buffers larger than 32K to inflate() should provide a speed
+ advantage, since only the last 32K of output is copied to the sliding window
+ upon return from inflate(), and since all distances after the first 32K of
+ output will fall in the output data, making match copies simpler and faster.
+ The advantage may be dependent on the size of the processor's data caches.
+ */
+local int updatewindow(strm, out)
+z_streamp strm;
+unsigned out;
+{
+ struct inflate_state FAR *state;
+ unsigned copy, dist;
+
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* if it hasn't been done already, allocate space for the window */
+ if (state->window == Z_NULL) {
+ state->window = (unsigned char FAR *)
+ ZALLOC(strm, 1U << state->wbits,
+ sizeof(unsigned char));
+ if (state->window == Z_NULL) return 1;
+ }
+
+ /* if window not in use yet, initialize */
+ if (state->wsize == 0) {
+ state->wsize = 1U << state->wbits;
+ state->wnext = 0;
+ state->whave = 0;
+ }
+
+ /* copy state->wsize or less output bytes into the circular window */
+ copy = out - strm->avail_out;
+ if (copy >= state->wsize) {
+ zmemcpy(state->window, strm->next_out - state->wsize, state->wsize);
+ state->wnext = 0;
+ state->whave = state->wsize;
+ }
+ else {
+ dist = state->wsize - state->wnext;
+ if (dist > copy) dist = copy;
+ zmemcpy(state->window + state->wnext, strm->next_out - copy, dist);
+ copy -= dist;
+ if (copy) {
+ zmemcpy(state->window, strm->next_out - copy, copy);
+ state->wnext = copy;
+ state->whave = state->wsize;
+ }
+ else {
+ state->wnext += dist;
+ if (state->wnext == state->wsize) state->wnext = 0;
+ if (state->whave < state->wsize) state->whave += dist;
+ }
+ }
+ return 0;
+}
+
+/* Macros for inflate(): */
+
+/* check function to use adler32() for zlib or crc32() for gzip */
+#ifdef GUNZIP
+# define UPDATE(check, buf, len) \
+ (state->flags ? crc32(check, buf, len) : adler32(check, buf, len))
+#else
+# define UPDATE(check, buf, len) adler32(check, buf, len)
+#endif
+
+/* check macros for header crc */
+#ifdef GUNZIP
+# define CRC2(check, word) \
+ do { \
+ hbuf[0] = (unsigned char)(word); \
+ hbuf[1] = (unsigned char)((word) >> 8); \
+ check = crc32(check, hbuf, 2); \
+ } while (0)
+
+# define CRC4(check, word) \
+ do { \
+ hbuf[0] = (unsigned char)(word); \
+ hbuf[1] = (unsigned char)((word) >> 8); \
+ hbuf[2] = (unsigned char)((word) >> 16); \
+ hbuf[3] = (unsigned char)((word) >> 24); \
+ check = crc32(check, hbuf, 4); \
+ } while (0)
+#endif
+
+/* Load registers with state in inflate() for speed */
+#define LOAD() \
+ do { \
+ put = strm->next_out; \
+ left = strm->avail_out; \
+ next = strm->next_in; \
+ have = strm->avail_in; \
+ hold = state->hold; \
+ bits = state->bits; \
+ } while (0)
+
+/* Restore state from registers in inflate() */
+#define RESTORE() \
+ do { \
+ strm->next_out = put; \
+ strm->avail_out = left; \
+ strm->next_in = next; \
+ strm->avail_in = have; \
+ state->hold = hold; \
+ state->bits = bits; \
+ } while (0)
+
+/* Clear the input bit accumulator */
+#define INITBITS() \
+ do { \
+ hold = 0; \
+ bits = 0; \
+ } while (0)
+
+/* Get a byte of input into the bit accumulator, or return from inflate()
+ if there is no input available. */
+#define PULLBYTE() \
+ do { \
+ if (have == 0) goto inf_leave; \
+ have--; \
+ hold += (unsigned long)(*next++) << bits; \
+ bits += 8; \
+ } while (0)
+
+/* Assure that there are at least n bits in the bit accumulator. If there is
+ not enough available input to do that, then return from inflate(). */
+#define NEEDBITS(n) \
+ do { \
+ while (bits < (unsigned)(n)) \
+ PULLBYTE(); \
+ } while (0)
+
+/* Return the low n bits of the bit accumulator (n < 16) */
+#define BITS(n) \
+ ((unsigned)hold & ((1U << (n)) - 1))
+
+/* Remove n bits from the bit accumulator */
+#define DROPBITS(n) \
+ do { \
+ hold >>= (n); \
+ bits -= (unsigned)(n); \
+ } while (0)
+
+/* Remove zero to seven bits as needed to go to a byte boundary */
+#define BYTEBITS() \
+ do { \
+ hold >>= bits & 7; \
+ bits -= bits & 7; \
+ } while (0)
+
+/* Reverse the bytes in a 32-bit value */
+#define REVERSE(q) \
+ ((((q) >> 24) & 0xff) + (((q) >> 8) & 0xff00) + \
+ (((q) & 0xff00) << 8) + (((q) & 0xff) << 24))
+
+/*
+ inflate() uses a state machine to process as much input data and generate as
+ much output data as possible before returning. The state machine is
+ structured roughly as follows:
+
+ for (;;) switch (state) {
+ ...
+ case STATEn:
+ if (not enough input data or output space to make progress)
+ return;
+ ... make progress ...
+ state = STATEm;
+ break;
+ ...
+ }
+
+ so when inflate() is called again, the same case is attempted again, and
+ if the appropriate resources are provided, the machine proceeds to the
+ next state. The NEEDBITS() macro is usually the way the state evaluates
+ whether it can proceed or should return. NEEDBITS() does the return if
+ the requested bits are not available. The typical use of the BITS macros
+ is:
+
+ NEEDBITS(n);
+ ... do something with BITS(n) ...
+ DROPBITS(n);
+
+ where NEEDBITS(n) either returns from inflate() if there isn't enough
+ input left to load n bits into the accumulator, or it continues. BITS(n)
+ gives the low n bits in the accumulator. When done, DROPBITS(n) drops
+ the low n bits off the accumulator. INITBITS() clears the accumulator
+ and sets the number of available bits to zero. BYTEBITS() discards just
+ enough bits to put the accumulator on a byte boundary. After BYTEBITS()
+ and a NEEDBITS(8), then BITS(8) would return the next byte in the stream.
+
+ NEEDBITS(n) uses PULLBYTE() to get an available byte of input, or to return
+ if there is no input available. The decoding of variable length codes uses
+ PULLBYTE() directly in order to pull just enough bytes to decode the next
+ code, and no more.
+
+ Some states loop until they get enough input, making sure that enough
+ state information is maintained to continue the loop where it left off
+ if NEEDBITS() returns in the loop. For example, want, need, and keep
+ would all have to actually be part of the saved state in case NEEDBITS()
+ returns:
+
+ case STATEw:
+ while (want < need) {
+ NEEDBITS(n);
+ keep[want++] = BITS(n);
+ DROPBITS(n);
+ }
+ state = STATEx;
+ case STATEx:
+
+ As shown above, if the next state is also the next case, then the break
+ is omitted.
+
+ A state may also return if there is not enough output space available to
+ complete that state. Those states are copying stored data, writing a
+ literal byte, and copying a matching string.
+
+ When returning, a "goto inf_leave" is used to update the total counters,
+ update the check value, and determine whether any progress has been made
+ during that inflate() call in order to return the proper return code.
+ Progress is defined as a change in either strm->avail_in or strm->avail_out.
+ When there is a window, goto inf_leave will update the window with the last
+ output written. If a goto inf_leave occurs in the middle of decompression
+ and there is no window currently, goto inf_leave will create one and copy
+ output to the window for the next call of inflate().
+
+ In this implementation, the flush parameter of inflate() only affects the
+ return code (per zlib.h). inflate() always writes as much as possible to
+ strm->next_out, given the space available and the provided input--the effect
+ documented in zlib.h of Z_SYNC_FLUSH. Furthermore, inflate() always defers
+ the allocation of and copying into a sliding window until necessary, which
+ provides the effect documented in zlib.h for Z_FINISH when the entire input
+ stream available. So the only thing the flush parameter actually does is:
+ when flush is set to Z_FINISH, inflate() cannot return Z_OK. Instead it
+ will return Z_BUF_ERROR if it has not reached the end of the stream.
+ */
+
+int ZEXPORT inflate(strm, flush)
+z_streamp strm;
+int flush;
+{
+ struct inflate_state FAR *state;
+ unsigned char FAR *next; /* next input */
+ unsigned char FAR *put; /* next output */
+ unsigned have, left; /* available input and output */
+ unsigned long hold; /* bit buffer */
+ unsigned bits; /* bits in bit buffer */
+ unsigned in, out; /* save starting available input and output */
+ unsigned copy; /* number of stored or match bytes to copy */
+ unsigned char FAR *from; /* where to copy match bytes from */
+ code here; /* current decoding table entry */
+ code last; /* parent table entry */
+ unsigned len; /* length to copy for repeats, bits to drop */
+ int ret; /* return code */
+#ifdef GUNZIP
+ unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
+#endif
+ static const unsigned short order[19] = /* permutation of code lengths */
+ {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
+
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->next_out == Z_NULL ||
+ (strm->next_in == Z_NULL && strm->avail_in != 0))
+ return Z_STREAM_ERROR;
+
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->mode == TYPE) state->mode = TYPEDO; /* skip check */
+ LOAD();
+ in = have;
+ out = left;
+ ret = Z_OK;
+ for (;;)
+ switch (state->mode) {
+ case HEAD:
+ if (state->wrap == 0) {
+ state->mode = TYPEDO;
+ break;
+ }
+ NEEDBITS(16);
+#ifdef GUNZIP
+ if ((state->wrap & 2) && hold == 0x8b1f) { /* gzip header */
+ state->check = crc32(0L, Z_NULL, 0);
+ CRC2(state->check, hold);
+ INITBITS();
+ state->mode = FLAGS;
+ break;
+ }
+ state->flags = 0; /* expect zlib header */
+ if (state->head != Z_NULL)
+ state->head->done = -1;
+ if (!(state->wrap & 1) || /* check if zlib header allowed */
+#else
+ if (
+#endif
+ ((BITS(8) << 8) + (hold >> 8)) % 31) {
+ strm->msg = (char *)"incorrect header check";
+ state->mode = BAD;
+ break;
+ }
+ if (BITS(4) != Z_DEFLATED) {
+ strm->msg = (char *)"unknown compression method";
+ state->mode = BAD;
+ break;
+ }
+ DROPBITS(4);
+ len = BITS(4) + 8;
+ if (state->wbits == 0)
+ state->wbits = len;
+ else if (len > state->wbits) {
+ strm->msg = (char *)"invalid window size";
+ state->mode = BAD;
+ break;
+ }
+ state->dmax = 1U << len;
+ Tracev((stderr, "inflate: zlib header ok\n"));
+ strm->adler = state->check = adler32(0L, Z_NULL, 0);
+ state->mode = hold & 0x200 ? DICTID : TYPE;
+ INITBITS();
+ break;
+#ifdef GUNZIP
+ case FLAGS:
+ NEEDBITS(16);
+ state->flags = (int)(hold);
+ if ((state->flags & 0xff) != Z_DEFLATED) {
+ strm->msg = (char *)"unknown compression method";
+ state->mode = BAD;
+ break;
+ }
+ if (state->flags & 0xe000) {
+ strm->msg = (char *)"unknown header flags set";
+ state->mode = BAD;
+ break;
+ }
+ if (state->head != Z_NULL)
+ state->head->text = (int)((hold >> 8) & 1);
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ state->mode = TIME;
+ case TIME:
+ NEEDBITS(32);
+ if (state->head != Z_NULL)
+ state->head->time = hold;
+ if (state->flags & 0x0200) CRC4(state->check, hold);
+ INITBITS();
+ state->mode = OS;
+ case OS:
+ NEEDBITS(16);
+ if (state->head != Z_NULL) {
+ state->head->xflags = (int)(hold & 0xff);
+ state->head->os = (int)(hold >> 8);
+ }
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ state->mode = EXLEN;
+ case EXLEN:
+ if (state->flags & 0x0400) {
+ NEEDBITS(16);
+ state->length = (unsigned)(hold);
+ if (state->head != Z_NULL)
+ state->head->extra_len = (unsigned)hold;
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ }
+ else if (state->head != Z_NULL)
+ state->head->extra = Z_NULL;
+ state->mode = EXTRA;
+ case EXTRA:
+ if (state->flags & 0x0400) {
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
+ if (state->head != Z_NULL &&
+ state->head->extra != Z_NULL) {
+ len = state->head->extra_len - state->length;
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
+ }
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ state->length -= copy;
+ }
+ if (state->length) goto inf_leave;
+ }
+ state->length = 0;
+ state->mode = NAME;
+ case NAME:
+ if (state->flags & 0x0800) {
+ if (have == 0) goto inf_leave;
+ copy = 0;
+ do {
+ len = (unsigned)(next[copy++]);
+ if (state->head != Z_NULL &&
+ state->head->name != Z_NULL &&
+ state->length < state->head->name_max)
+ state->head->name[state->length++] = len;
+ } while (len && copy < have);
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ if (len) goto inf_leave;
+ }
+ else if (state->head != Z_NULL)
+ state->head->name = Z_NULL;
+ state->length = 0;
+ state->mode = COMMENT;
+ case COMMENT:
+ if (state->flags & 0x1000) {
+ if (have == 0) goto inf_leave;
+ copy = 0;
+ do {
+ len = (unsigned)(next[copy++]);
+ if (state->head != Z_NULL &&
+ state->head->comment != Z_NULL &&
+ state->length < state->head->comm_max)
+ state->head->comment[state->length++] = len;
+ } while (len && copy < have);
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ if (len) goto inf_leave;
+ }
+ else if (state->head != Z_NULL)
+ state->head->comment = Z_NULL;
+ state->mode = HCRC;
+ case HCRC:
+ if (state->flags & 0x0200) {
+ NEEDBITS(16);
+ if (hold != (state->check & 0xffff)) {
+ strm->msg = (char *)"header crc mismatch";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ }
+ if (state->head != Z_NULL) {
+ state->head->hcrc = (int)((state->flags >> 9) & 1);
+ state->head->done = 1;
+ }
+ strm->adler = state->check = crc32(0L, Z_NULL, 0);
+ state->mode = TYPE;
+ break;
+#endif
+ case DICTID:
+ NEEDBITS(32);
+ strm->adler = state->check = REVERSE(hold);
+ INITBITS();
+ state->mode = DICT;
+ case DICT:
+ if (state->havedict == 0) {
+ RESTORE();
+ return Z_NEED_DICT;
+ }
+ strm->adler = state->check = adler32(0L, Z_NULL, 0);
+ state->mode = TYPE;
+ case TYPE:
+ if (flush == Z_BLOCK || flush == Z_TREES) goto inf_leave;
+ case TYPEDO:
+ if (state->last) {
+ BYTEBITS();
+ state->mode = CHECK;
+ break;
+ }
+ NEEDBITS(3);
+ state->last = BITS(1);
+ DROPBITS(1);
+ switch (BITS(2)) {
+ case 0: /* stored block */
+ Tracev((stderr, "inflate: stored block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = STORED;
+ break;
+ case 1: /* fixed block */
+ fixedtables(state);
+ Tracev((stderr, "inflate: fixed codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = LEN_; /* decode codes */
+ if (flush == Z_TREES) {
+ DROPBITS(2);
+ goto inf_leave;
+ }
+ break;
+ case 2: /* dynamic block */
+ Tracev((stderr, "inflate: dynamic codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = TABLE;
+ break;
+ case 3:
+ strm->msg = (char *)"invalid block type";
+ state->mode = BAD;
+ }
+ DROPBITS(2);
+ break;
+ case STORED:
+ BYTEBITS(); /* go to byte boundary */
+ NEEDBITS(32);
+ if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
+ strm->msg = (char *)"invalid stored block lengths";
+ state->mode = BAD;
+ break;
+ }
+ state->length = (unsigned)hold & 0xffff;
+ Tracev((stderr, "inflate: stored length %u\n",
+ state->length));
+ INITBITS();
+ state->mode = COPY_;
+ if (flush == Z_TREES) goto inf_leave;
+ case COPY_:
+ state->mode = COPY;
+ case COPY:
+ copy = state->length;
+ if (copy) {
+ if (copy > have) copy = have;
+ if (copy > left) copy = left;
+ if (copy == 0) goto inf_leave;
+ zmemcpy(put, next, copy);
+ have -= copy;
+ next += copy;
+ left -= copy;
+ put += copy;
+ state->length -= copy;
+ break;
+ }
+ Tracev((stderr, "inflate: stored end\n"));
+ state->mode = TYPE;
+ break;
+ case TABLE:
+ NEEDBITS(14);
+ state->nlen = BITS(5) + 257;
+ DROPBITS(5);
+ state->ndist = BITS(5) + 1;
+ DROPBITS(5);
+ state->ncode = BITS(4) + 4;
+ DROPBITS(4);
+#ifndef PKZIP_BUG_WORKAROUND
+ if (state->nlen > 286 || state->ndist > 30) {
+ strm->msg = (char *)"too many length or distance symbols";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracev((stderr, "inflate: table sizes ok\n"));
+ state->have = 0;
+ state->mode = LENLENS;
+ case LENLENS:
+ while (state->have < state->ncode) {
+ NEEDBITS(3);
+ state->lens[order[state->have++]] = (unsigned short)BITS(3);
+ DROPBITS(3);
+ }
+ while (state->have < 19)
+ state->lens[order[state->have++]] = 0;
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 7;
+ ret = inflate_table(CODES, state->lens, 19, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid code lengths set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: code lengths ok\n"));
+ state->have = 0;
+ state->mode = CODELENS;
+ case CODELENS:
+ while (state->have < state->nlen + state->ndist) {
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.val < 16) {
+ NEEDBITS(here.bits);
+ DROPBITS(here.bits);
+ state->lens[state->have++] = here.val;
+ }
+ else {
+ if (here.val == 16) {
+ NEEDBITS(here.bits + 2);
+ DROPBITS(here.bits);
+ if (state->have == 0) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ len = state->lens[state->have - 1];
+ copy = 3 + BITS(2);
+ DROPBITS(2);
+ }
+ else if (here.val == 17) {
+ NEEDBITS(here.bits + 3);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 3 + BITS(3);
+ DROPBITS(3);
+ }
+ else {
+ NEEDBITS(here.bits + 7);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 11 + BITS(7);
+ DROPBITS(7);
+ }
+ if (state->have + copy > state->nlen + state->ndist) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ while (copy--)
+ state->lens[state->have++] = (unsigned short)len;
+ }
+ }
+
+ /* handle error breaks in while */
+ if (state->mode == BAD) break;
+
+ /* check for end-of-block code (better have one) */
+ if (state->lens[256] == 0) {
+ strm->msg = (char *)"invalid code -- missing end-of-block";
+ state->mode = BAD;
+ break;
+ }
+
+ /* build code tables -- note: do not change the lenbits or distbits
+ values here (9 and 6) without reading the comments in inftrees.h
+ concerning the ENOUGH constants, which depend on those values */
+ state->next = state->codes;
+ state->lencode = (code const FAR *)(state->next);
+ state->lenbits = 9;
+ ret = inflate_table(LENS, state->lens, state->nlen, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid literal/lengths set";
+ state->mode = BAD;
+ break;
+ }
+ state->distcode = (code const FAR *)(state->next);
+ state->distbits = 6;
+ ret = inflate_table(DISTS, state->lens + state->nlen, state->ndist,
+ &(state->next), &(state->distbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid distances set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: codes ok\n"));
+ state->mode = LEN_;
+ if (flush == Z_TREES) goto inf_leave;
+ case LEN_:
+ state->mode = LEN;
+ case LEN:
+ if (have >= 6 && left >= 258) {
+ RESTORE();
+ inflate_fast(strm, out);
+ LOAD();
+ if (state->mode == TYPE)
+ state->back = -1;
+ break;
+ }
+ state->back = 0;
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.op && (here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->lencode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ state->back += last.bits;
+ }
+ DROPBITS(here.bits);
+ state->back += here.bits;
+ state->length = (unsigned)here.val;
+ if ((int)(here.op) == 0) {
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ state->mode = LIT;
+ break;
+ }
+ if (here.op & 32) {
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->back = -1;
+ state->mode = TYPE;
+ break;
+ }
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+ state->extra = (unsigned)(here.op) & 15;
+ state->mode = LENEXT;
+ case LENEXT:
+ if (state->extra) {
+ NEEDBITS(state->extra);
+ state->length += BITS(state->extra);
+ DROPBITS(state->extra);
+ state->back += state->extra;
+ }
+ Tracevv((stderr, "inflate: length %u\n", state->length));
+ state->was = state->length;
+ state->mode = DIST;
+ case DIST:
+ for (;;) {
+ here = state->distcode[BITS(state->distbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if ((here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->distcode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ state->back += last.bits;
+ }
+ DROPBITS(here.bits);
+ state->back += here.bits;
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ state->offset = (unsigned)here.val;
+ state->extra = (unsigned)(here.op) & 15;
+ state->mode = DISTEXT;
+ case DISTEXT:
+ if (state->extra) {
+ NEEDBITS(state->extra);
+ state->offset += BITS(state->extra);
+ DROPBITS(state->extra);
+ state->back += state->extra;
+ }
+#ifdef INFLATE_STRICT
+ if (state->offset > state->dmax) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracevv((stderr, "inflate: distance %u\n", state->offset));
+ state->mode = MATCH;
+ case MATCH:
+ if (left == 0) goto inf_leave;
+ copy = out - left;
+ if (state->offset > copy) { /* copy from window */
+ copy = state->offset - copy;
+ if (copy > state->whave) {
+ if (state->sane) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ Trace((stderr, "inflate.c too far\n"));
+ copy -= state->whave;
+ if (copy > state->length) copy = state->length;
+ if (copy > left) copy = left;
+ left -= copy;
+ state->length -= copy;
+ do {
+ *put++ = 0;
+ } while (--copy);
+ if (state->length == 0) state->mode = LEN;
+ break;
+#endif
+ }
+ if (copy > state->wnext) {
+ copy -= state->wnext;
+ from = state->window + (state->wsize - copy);
+ }
+ else
+ from = state->window + (state->wnext - copy);
+ if (copy > state->length) copy = state->length;
+ }
+ else { /* copy from output */
+ from = put - state->offset;
+ copy = state->length;
+ }
+ if (copy > left) copy = left;
+ left -= copy;
+ state->length -= copy;
+ do {
+ *put++ = *from++;
+ } while (--copy);
+ if (state->length == 0) state->mode = LEN;
+ break;
+ case LIT:
+ if (left == 0) goto inf_leave;
+ *put++ = (unsigned char)(state->length);
+ left--;
+ state->mode = LEN;
+ break;
+ case CHECK:
+ if (state->wrap) {
+ NEEDBITS(32);
+ out -= left;
+ strm->total_out += out;
+ state->total += out;
+ if (out)
+ strm->adler = state->check =
+ UPDATE(state->check, put - out, out);
+ out = left;
+ if ((
+#ifdef GUNZIP
+ state->flags ? hold :
+#endif
+ REVERSE(hold)) != state->check) {
+ strm->msg = (char *)"incorrect data check";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ Tracev((stderr, "inflate: check matches trailer\n"));
+ }
+#ifdef GUNZIP
+ state->mode = LENGTH;
+ case LENGTH:
+ if (state->wrap && state->flags) {
+ NEEDBITS(32);
+ if (hold != (state->total & 0xffffffffUL)) {
+ strm->msg = (char *)"incorrect length check";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ Tracev((stderr, "inflate: length matches trailer\n"));
+ }
+#endif
+ state->mode = DONE;
+ case DONE:
+ ret = Z_STREAM_END;
+ goto inf_leave;
+ case BAD:
+ ret = Z_DATA_ERROR;
+ goto inf_leave;
+ case MEM:
+ return Z_MEM_ERROR;
+ case SYNC:
+ default:
+ return Z_STREAM_ERROR;
+ }
+
+ /*
+ Return from inflate(), updating the total counts and the check value.
+ If there was no progress during the inflate() call, return a buffer
+ error. Call updatewindow() to create and/or update the window state.
+ Note: a memory error from inflate() is non-recoverable.
+ */
+ inf_leave:
+ RESTORE();
+ if (state->wsize || (state->mode < CHECK && out != strm->avail_out))
+ if (updatewindow(strm, out)) {
+ state->mode = MEM;
+ return Z_MEM_ERROR;
+ }
+ in -= strm->avail_in;
+ out -= strm->avail_out;
+ strm->total_in += in;
+ strm->total_out += out;
+ state->total += out;
+ if (state->wrap && out)
+ strm->adler = state->check =
+ UPDATE(state->check, strm->next_out - out, out);
+ strm->data_type = state->bits + (state->last ? 64 : 0) +
+ (state->mode == TYPE ? 128 : 0) +
+ (state->mode == LEN_ || state->mode == COPY_ ? 256 : 0);
+ if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
+ ret = Z_BUF_ERROR;
+ return ret;
+}
+
+int ZEXPORT inflateEnd(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->window != Z_NULL) ZFREE(strm, state->window);
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+ Tracev((stderr, "inflate: end\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateSetDictionary(strm, dictionary, dictLength)
+z_streamp strm;
+const Bytef *dictionary;
+uInt dictLength;
+{
+ struct inflate_state FAR *state;
+ unsigned long id;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->wrap != 0 && state->mode != DICT)
+ return Z_STREAM_ERROR;
+
+ /* check for correct dictionary id */
+ if (state->mode == DICT) {
+ id = adler32(0L, Z_NULL, 0);
+ id = adler32(id, dictionary, dictLength);
+ if (id != state->check)
+ return Z_DATA_ERROR;
+ }
+
+ /* copy dictionary to window */
+ if (updatewindow(strm, strm->avail_out)) {
+ state->mode = MEM;
+ return Z_MEM_ERROR;
+ }
+ if (dictLength > state->wsize) {
+ zmemcpy(state->window, dictionary + dictLength - state->wsize,
+ state->wsize);
+ state->whave = state->wsize;
+ }
+ else {
+ zmemcpy(state->window + state->wsize - dictLength, dictionary,
+ dictLength);
+ state->whave = dictLength;
+ }
+ state->havedict = 1;
+ Tracev((stderr, "inflate: dictionary set\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateGetHeader(strm, head)
+z_streamp strm;
+gz_headerp head;
+{
+ struct inflate_state FAR *state;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if ((state->wrap & 2) == 0) return Z_STREAM_ERROR;
+
+ /* save header structure */
+ state->head = head;
+ head->done = 0;
+ return Z_OK;
+}
+
+/*
+ Search buf[0..len-1] for the pattern: 0, 0, 0xff, 0xff. Return when found
+ or when out of input. When called, *have is the number of pattern bytes
+ found in order so far, in 0..3. On return *have is updated to the new
+ state. If on return *have equals four, then the pattern was found and the
+ return value is how many bytes were read including the last byte of the
+ pattern. If *have is less than four, then the pattern has not been found
+ yet and the return value is len. In the latter case, syncsearch() can be
+ called again with more data and the *have state. *have is initialized to
+ zero for the first call.
+ */
+local unsigned syncsearch(have, buf, len)
+unsigned FAR *have;
+unsigned char FAR *buf;
+unsigned len;
+{
+ unsigned got;
+ unsigned next;
+
+ got = *have;
+ next = 0;
+ while (next < len && got < 4) {
+ if ((int)(buf[next]) == (got < 2 ? 0 : 0xff))
+ got++;
+ else if (buf[next])
+ got = 0;
+ else
+ got = 4 - got;
+ next++;
+ }
+ *have = got;
+ return next;
+}
+
+int ZEXPORT inflateSync(strm)
+z_streamp strm;
+{
+ unsigned len; /* number of bytes to look at or looked at */
+ unsigned long in, out; /* temporary to save total_in and total_out */
+ unsigned char buf[4]; /* to restore bit buffer to byte string */
+ struct inflate_state FAR *state;
+
+ /* check parameters */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (strm->avail_in == 0 && state->bits < 8) return Z_BUF_ERROR;
+
+ /* if first time, start search in bit buffer */
+ if (state->mode != SYNC) {
+ state->mode = SYNC;
+ state->hold <<= state->bits & 7;
+ state->bits -= state->bits & 7;
+ len = 0;
+ while (state->bits >= 8) {
+ buf[len++] = (unsigned char)(state->hold);
+ state->hold >>= 8;
+ state->bits -= 8;
+ }
+ state->have = 0;
+ syncsearch(&(state->have), buf, len);
+ }
+
+ /* search available input */
+ len = syncsearch(&(state->have), strm->next_in, strm->avail_in);
+ strm->avail_in -= len;
+ strm->next_in += len;
+ strm->total_in += len;
+
+ /* return no joy or set up to restart inflate() on a new block */
+ if (state->have != 4) return Z_DATA_ERROR;
+ in = strm->total_in; out = strm->total_out;
+ inflateReset(strm);
+ strm->total_in = in; strm->total_out = out;
+ state->mode = TYPE;
+ return Z_OK;
+}
+
+/*
+ Returns true if inflate is currently at the end of a block generated by
+ Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
+ implementation to provide an additional safety check. PPP uses
+ Z_SYNC_FLUSH but removes the length bytes of the resulting empty stored
+ block. When decompressing, PPP checks that at the end of input packet,
+ inflate is waiting for these length bytes.
+ */
+int ZEXPORT inflateSyncPoint(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ return state->mode == STORED && state->bits == 0;
+}
+
+int ZEXPORT inflateCopy(dest, source)
+z_streamp dest;
+z_streamp source;
+{
+ struct inflate_state FAR *state;
+ struct inflate_state FAR *copy;
+ unsigned char FAR *window;
+ unsigned wsize;
+
+ /* check input */
+ if (dest == Z_NULL || source == Z_NULL || source->state == Z_NULL ||
+ source->zalloc == (alloc_func)0 || source->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)source->state;
+
+ /* allocate space */
+ copy = (struct inflate_state FAR *)
+ ZALLOC(source, 1, sizeof(struct inflate_state));
+ if (copy == Z_NULL) return Z_MEM_ERROR;
+ window = Z_NULL;
+ if (state->window != Z_NULL) {
+ window = (unsigned char FAR *)
+ ZALLOC(source, 1U << state->wbits, sizeof(unsigned char));
+ if (window == Z_NULL) {
+ ZFREE(source, copy);
+ return Z_MEM_ERROR;
+ }
+ }
+
+ /* copy state */
+ zmemcpy(dest, source, sizeof(z_stream));
+ zmemcpy(copy, state, sizeof(struct inflate_state));
+ if (state->lencode >= state->codes &&
+ state->lencode <= state->codes + ENOUGH - 1) {
+ copy->lencode = copy->codes + (state->lencode - state->codes);
+ copy->distcode = copy->codes + (state->distcode - state->codes);
+ }
+ copy->next = copy->codes + (state->next - state->codes);
+ if (window != Z_NULL) {
+ wsize = 1U << state->wbits;
+ zmemcpy(window, state->window, wsize);
+ }
+ copy->window = window;
+ dest->state = (struct internal_state FAR *)copy;
+ return Z_OK;
+}
+
+int ZEXPORT inflateUndermine(strm, subvert)
+z_streamp strm;
+int subvert;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ state->sane = !subvert;
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ return Z_OK;
+#else
+ state->sane = 1;
+ return Z_DATA_ERROR;
+#endif
+}
+
+long ZEXPORT inflateMark(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16;
+ state = (struct inflate_state FAR *)strm->state;
+ return ((long)(state->back) << 16) +
+ (state->mode == COPY ? state->length :
+ (state->mode == MATCH ? state->was - state->length : 0));
+}
diff --git a/security/nss/lib/zlib/inflate.h b/security/nss/lib/zlib/inflate.h
new file mode 100644
index 000000000..95f4986d4
--- /dev/null
+++ b/security/nss/lib/zlib/inflate.h
@@ -0,0 +1,122 @@
+/* inflate.h -- internal inflate state definition
+ * Copyright (C) 1995-2009 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* define NO_GZIP when compiling if you want to disable gzip header and
+ trailer decoding by inflate(). NO_GZIP would be used to avoid linking in
+ the crc code when it is not needed. For shared libraries, gzip decoding
+ should be left enabled. */
+#ifndef NO_GZIP
+# define GUNZIP
+#endif
+
+/* Possible inflate modes between inflate() calls */
+typedef enum {
+ HEAD, /* i: waiting for magic header */
+ FLAGS, /* i: waiting for method and flags (gzip) */
+ TIME, /* i: waiting for modification time (gzip) */
+ OS, /* i: waiting for extra flags and operating system (gzip) */
+ EXLEN, /* i: waiting for extra length (gzip) */
+ EXTRA, /* i: waiting for extra bytes (gzip) */
+ NAME, /* i: waiting for end of file name (gzip) */
+ COMMENT, /* i: waiting for end of comment (gzip) */
+ HCRC, /* i: waiting for header crc (gzip) */
+ DICTID, /* i: waiting for dictionary check value */
+ DICT, /* waiting for inflateSetDictionary() call */
+ TYPE, /* i: waiting for type bits, including last-flag bit */
+ TYPEDO, /* i: same, but skip check to exit inflate on new block */
+ STORED, /* i: waiting for stored size (length and complement) */
+ COPY_, /* i/o: same as COPY below, but only first time in */
+ COPY, /* i/o: waiting for input or output to copy stored block */
+ TABLE, /* i: waiting for dynamic block table lengths */
+ LENLENS, /* i: waiting for code length code lengths */
+ CODELENS, /* i: waiting for length/lit and distance code lengths */
+ LEN_, /* i: same as LEN below, but only first time in */
+ LEN, /* i: waiting for length/lit/eob code */
+ LENEXT, /* i: waiting for length extra bits */
+ DIST, /* i: waiting for distance code */
+ DISTEXT, /* i: waiting for distance extra bits */
+ MATCH, /* o: waiting for output space to copy string */
+ LIT, /* o: waiting for output space to write literal */
+ CHECK, /* i: waiting for 32-bit check value */
+ LENGTH, /* i: waiting for 32-bit length (gzip) */
+ DONE, /* finished check, done -- remain here until reset */
+ BAD, /* got a data error -- remain here until reset */
+ MEM, /* got an inflate() memory error -- remain here until reset */
+ SYNC /* looking for synchronization bytes to restart inflate() */
+} inflate_mode;
+
+/*
+ State transitions between above modes -
+
+ (most modes can go to BAD or MEM on error -- not shown for clarity)
+
+ Process header:
+ HEAD -> (gzip) or (zlib) or (raw)
+ (gzip) -> FLAGS -> TIME -> OS -> EXLEN -> EXTRA -> NAME -> COMMENT ->
+ HCRC -> TYPE
+ (zlib) -> DICTID or TYPE
+ DICTID -> DICT -> TYPE
+ (raw) -> TYPEDO
+ Read deflate blocks:
+ TYPE -> TYPEDO -> STORED or TABLE or LEN_ or CHECK
+ STORED -> COPY_ -> COPY -> TYPE
+ TABLE -> LENLENS -> CODELENS -> LEN_
+ LEN_ -> LEN
+ Read deflate codes in fixed or dynamic block:
+ LEN -> LENEXT or LIT or TYPE
+ LENEXT -> DIST -> DISTEXT -> MATCH -> LEN
+ LIT -> LEN
+ Process trailer:
+ CHECK -> LENGTH -> DONE
+ */
+
+/* state maintained between inflate() calls. Approximately 10K bytes. */
+struct inflate_state {
+ inflate_mode mode; /* current inflate mode */
+ int last; /* true if processing last block */
+ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */
+ int havedict; /* true if dictionary provided */
+ int flags; /* gzip header method and flags (0 if zlib) */
+ unsigned dmax; /* zlib header max distance (INFLATE_STRICT) */
+ unsigned long check; /* protected copy of check value */
+ unsigned long total; /* protected copy of output count */
+ gz_headerp head; /* where to save gzip header information */
+ /* sliding window */
+ unsigned wbits; /* log base 2 of requested window size */
+ unsigned wsize; /* window size or zero if not using window */
+ unsigned whave; /* valid bytes in the window */
+ unsigned wnext; /* window write index */
+ unsigned char FAR *window; /* allocated sliding window, if needed */
+ /* bit accumulator */
+ unsigned long hold; /* input bit accumulator */
+ unsigned bits; /* number of bits in "in" */
+ /* for string and stored block copying */
+ unsigned length; /* literal or length of data to copy */
+ unsigned offset; /* distance back to copy string from */
+ /* for table and code decoding */
+ unsigned extra; /* extra bits needed */
+ /* fixed and dynamic code tables */
+ code const FAR *lencode; /* starting table for length/literal codes */
+ code const FAR *distcode; /* starting table for distance codes */
+ unsigned lenbits; /* index bits for lencode */
+ unsigned distbits; /* index bits for distcode */
+ /* dynamic table building */
+ unsigned ncode; /* number of code length code lengths */
+ unsigned nlen; /* number of length code lengths */
+ unsigned ndist; /* number of distance code lengths */
+ unsigned have; /* number of code lengths in lens[] */
+ code FAR *next; /* next available space in codes[] */
+ unsigned short lens[320]; /* temporary storage for code lengths */
+ unsigned short work[288]; /* work area for code table building */
+ code codes[ENOUGH]; /* space for code tables */
+ int sane; /* if false, allow invalid distance too far */
+ int back; /* bits back of last unprocessed length/lit */
+ unsigned was; /* initial length of match */
+};
diff --git a/security/nss/lib/zlib/inftrees.c b/security/nss/lib/zlib/inftrees.c
new file mode 100644
index 000000000..11e9c52ac
--- /dev/null
+++ b/security/nss/lib/zlib/inftrees.c
@@ -0,0 +1,330 @@
+/* inftrees.c -- generate Huffman trees for efficient decoding
+ * Copyright (C) 1995-2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+
+#define MAXBITS 15
+
+const char inflate_copyright[] =
+ " inflate 1.2.5 Copyright 1995-2010 Mark Adler ";
+/*
+ If you use the zlib library in a product, an acknowledgment is welcome
+ in the documentation of your product. If for some reason you cannot
+ include such an acknowledgment, I would appreciate that you keep this
+ copyright string in the executable of your product.
+ */
+
+/*
+ Build a set of tables to decode the provided canonical Huffman code.
+ The code lengths are lens[0..codes-1]. The result starts at *table,
+ whose indices are 0..2^bits-1. work is a writable array of at least
+ lens shorts, which is used as a work area. type is the type of code
+ to be generated, CODES, LENS, or DISTS. On return, zero is success,
+ -1 is an invalid code, and +1 means that ENOUGH isn't enough. table
+ on return points to the next available entry's address. bits is the
+ requested root table index bits, and on return it is the actual root
+ table index bits. It will differ if the request is greater than the
+ longest code or if it is less than the shortest code.
+ */
+int ZLIB_INTERNAL inflate_table(type, lens, codes, table, bits, work)
+codetype type;
+unsigned short FAR *lens;
+unsigned codes;
+code FAR * FAR *table;
+unsigned FAR *bits;
+unsigned short FAR *work;
+{
+ unsigned len; /* a code's length in bits */
+ unsigned sym; /* index of code symbols */
+ unsigned min, max; /* minimum and maximum code lengths */
+ unsigned root; /* number of index bits for root table */
+ unsigned curr; /* number of index bits for current table */
+ unsigned drop; /* code bits to drop for sub-table */
+ int left; /* number of prefix codes available */
+ unsigned used; /* code entries in table used */
+ unsigned huff; /* Huffman code */
+ unsigned incr; /* for incrementing code, index */
+ unsigned fill; /* index for replicating entries */
+ unsigned low; /* low bits for current root entry */
+ unsigned mask; /* mask for low root bits */
+ code here; /* table entry for duplication */
+ code FAR *next; /* next available space in table */
+ const unsigned short FAR *base; /* base value table to use */
+ const unsigned short FAR *extra; /* extra bits table to use */
+ int end; /* use base and extra for symbol > end */
+ unsigned short count[MAXBITS+1]; /* number of codes of each length */
+ unsigned short offs[MAXBITS+1]; /* offsets in table for each length */
+ static const unsigned short lbase[31] = { /* Length codes 257..285 base */
+ 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
+ 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
+ static const unsigned short lext[31] = { /* Length codes 257..285 extra */
+ 16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18,
+ 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 73, 195};
+ static const unsigned short dbase[32] = { /* Distance codes 0..29 base */
+ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
+ 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
+ 8193, 12289, 16385, 24577, 0, 0};
+ static const unsigned short dext[32] = { /* Distance codes 0..29 extra */
+ 16, 16, 16, 16, 17, 17, 18, 18, 19, 19, 20, 20, 21, 21, 22, 22,
+ 23, 23, 24, 24, 25, 25, 26, 26, 27, 27,
+ 28, 28, 29, 29, 64, 64};
+
+ /*
+ Process a set of code lengths to create a canonical Huffman code. The
+ code lengths are lens[0..codes-1]. Each length corresponds to the
+ symbols 0..codes-1. The Huffman code is generated by first sorting the
+ symbols by length from short to long, and retaining the symbol order
+ for codes with equal lengths. Then the code starts with all zero bits
+ for the first code of the shortest length, and the codes are integer
+ increments for the same length, and zeros are appended as the length
+ increases. For the deflate format, these bits are stored backwards
+ from their more natural integer increment ordering, and so when the
+ decoding tables are built in the large loop below, the integer codes
+ are incremented backwards.
+
+ This routine assumes, but does not check, that all of the entries in
+ lens[] are in the range 0..MAXBITS. The caller must assure this.
+ 1..MAXBITS is interpreted as that code length. zero means that that
+ symbol does not occur in this code.
+
+ The codes are sorted by computing a count of codes for each length,
+ creating from that a table of starting indices for each length in the
+ sorted table, and then entering the symbols in order in the sorted
+ table. The sorted table is work[], with that space being provided by
+ the caller.
+
+ The length counts are used for other purposes as well, i.e. finding
+ the minimum and maximum length codes, determining if there are any
+ codes at all, checking for a valid set of lengths, and looking ahead
+ at length counts to determine sub-table sizes when building the
+ decoding tables.
+ */
+
+ /* accumulate lengths for codes (assumes lens[] all in 0..MAXBITS) */
+ for (len = 0; len <= MAXBITS; len++)
+ count[len] = 0;
+ for (sym = 0; sym < codes; sym++)
+ count[lens[sym]]++;
+
+ /* bound code lengths, force root to be within code lengths */
+ root = *bits;
+ for (max = MAXBITS; max >= 1; max--)
+ if (count[max] != 0) break;
+ if (root > max) root = max;
+ if (max == 0) { /* no symbols to code at all */
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)1;
+ here.val = (unsigned short)0;
+ *(*table)++ = here; /* make a table to force an error */
+ *(*table)++ = here;
+ *bits = 1;
+ return 0; /* no symbols, but wait for decoding to report error */
+ }
+ for (min = 1; min < max; min++)
+ if (count[min] != 0) break;
+ if (root < min) root = min;
+
+ /* check for an over-subscribed or incomplete set of lengths */
+ left = 1;
+ for (len = 1; len <= MAXBITS; len++) {
+ left <<= 1;
+ left -= count[len];
+ if (left < 0) return -1; /* over-subscribed */
+ }
+ if (left > 0 && (type == CODES || max != 1))
+ return -1; /* incomplete set */
+
+ /* generate offsets into symbol table for each length for sorting */
+ offs[1] = 0;
+ for (len = 1; len < MAXBITS; len++)
+ offs[len + 1] = offs[len] + count[len];
+
+ /* sort symbols by length, by symbol order within each length */
+ for (sym = 0; sym < codes; sym++)
+ if (lens[sym] != 0) work[offs[lens[sym]]++] = (unsigned short)sym;
+
+ /*
+ Create and fill in decoding tables. In this loop, the table being
+ filled is at next and has curr index bits. The code being used is huff
+ with length len. That code is converted to an index by dropping drop
+ bits off of the bottom. For codes where len is less than drop + curr,
+ those top drop + curr - len bits are incremented through all values to
+ fill the table with replicated entries.
+
+ root is the number of index bits for the root table. When len exceeds
+ root, sub-tables are created pointed to by the root entry with an index
+ of the low root bits of huff. This is saved in low to check for when a
+ new sub-table should be started. drop is zero when the root table is
+ being filled, and drop is root when sub-tables are being filled.
+
+ When a new sub-table is needed, it is necessary to look ahead in the
+ code lengths to determine what size sub-table is needed. The length
+ counts are used for this, and so count[] is decremented as codes are
+ entered in the tables.
+
+ used keeps track of how many table entries have been allocated from the
+ provided *table space. It is checked for LENS and DIST tables against
+ the constants ENOUGH_LENS and ENOUGH_DISTS to guard against changes in
+ the initial root table size constants. See the comments in inftrees.h
+ for more information.
+
+ sym increments through all symbols, and the loop terminates when
+ all codes of length max, i.e. all codes, have been processed. This
+ routine permits incomplete codes, so another loop after this one fills
+ in the rest of the decoding tables with invalid code markers.
+ */
+
+ /* set up for code type */
+ switch (type) {
+ case CODES:
+ base = extra = work; /* dummy value--not used */
+ end = 19;
+ break;
+ case LENS:
+ base = lbase;
+ base -= 257;
+ extra = lext;
+ extra -= 257;
+ end = 256;
+ break;
+ default: /* DISTS */
+ base = dbase;
+ extra = dext;
+ end = -1;
+ }
+
+ /* initialize state for loop */
+ huff = 0; /* starting code */
+ sym = 0; /* starting code symbol */
+ len = min; /* starting code length */
+ next = *table; /* current table to fill in */
+ curr = root; /* current table index bits */
+ drop = 0; /* current bits to drop from code for index */
+ low = (unsigned)(-1); /* trigger new sub-table when len > root */
+ used = 1U << root; /* use root table entries */
+ mask = used - 1; /* mask for comparing low */
+
+ /* check available table space */
+ if ((type == LENS && used >= ENOUGH_LENS) ||
+ (type == DISTS && used >= ENOUGH_DISTS))
+ return 1;
+
+ /* process all codes and make table entries */
+ for (;;) {
+ /* create table entry */
+ here.bits = (unsigned char)(len - drop);
+ if ((int)(work[sym]) < end) {
+ here.op = (unsigned char)0;
+ here.val = work[sym];
+ }
+ else if ((int)(work[sym]) > end) {
+ here.op = (unsigned char)(extra[work[sym]]);
+ here.val = base[work[sym]];
+ }
+ else {
+ here.op = (unsigned char)(32 + 64); /* end of block */
+ here.val = 0;
+ }
+
+ /* replicate for those indices with low len bits equal to huff */
+ incr = 1U << (len - drop);
+ fill = 1U << curr;
+ min = fill; /* save offset to next table */
+ do {
+ fill -= incr;
+ next[(huff >> drop) + fill] = here;
+ } while (fill != 0);
+
+ /* backwards increment the len-bit code huff */
+ incr = 1U << (len - 1);
+ while (huff & incr)
+ incr >>= 1;
+ if (incr != 0) {
+ huff &= incr - 1;
+ huff += incr;
+ }
+ else
+ huff = 0;
+
+ /* go to next symbol, update count, len */
+ sym++;
+ if (--(count[len]) == 0) {
+ if (len == max) break;
+ len = lens[work[sym]];
+ }
+
+ /* create new sub-table if needed */
+ if (len > root && (huff & mask) != low) {
+ /* if first time, transition to sub-tables */
+ if (drop == 0)
+ drop = root;
+
+ /* increment past last table */
+ next += min; /* here min is 1 << curr */
+
+ /* determine length of next table */
+ curr = len - drop;
+ left = (int)(1 << curr);
+ while (curr + drop < max) {
+ left -= count[curr + drop];
+ if (left <= 0) break;
+ curr++;
+ left <<= 1;
+ }
+
+ /* check for enough space */
+ used += 1U << curr;
+ if ((type == LENS && used >= ENOUGH_LENS) ||
+ (type == DISTS && used >= ENOUGH_DISTS))
+ return 1;
+
+ /* point entry in root table to sub-table */
+ low = huff & mask;
+ (*table)[low].op = (unsigned char)curr;
+ (*table)[low].bits = (unsigned char)root;
+ (*table)[low].val = (unsigned short)(next - *table);
+ }
+ }
+
+ /*
+ Fill in rest of table for incomplete codes. This loop is similar to the
+ loop above in incrementing huff for table indices. It is assumed that
+ len is equal to curr + drop, so there is no loop needed to increment
+ through high index bits. When the current sub-table is filled, the loop
+ drops back to the root table to fill in any remaining entries there.
+ */
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)(len - drop);
+ here.val = (unsigned short)0;
+ while (huff != 0) {
+ /* when done with sub-table, drop back to root table */
+ if (drop != 0 && (huff & mask) != low) {
+ drop = 0;
+ len = root;
+ next = *table;
+ here.bits = (unsigned char)len;
+ }
+
+ /* put invalid code marker in table */
+ next[huff >> drop] = here;
+
+ /* backwards increment the len-bit code huff */
+ incr = 1U << (len - 1);
+ while (huff & incr)
+ incr >>= 1;
+ if (incr != 0) {
+ huff &= incr - 1;
+ huff += incr;
+ }
+ else
+ huff = 0;
+ }
+
+ /* set return parameters */
+ *table += used;
+ *bits = root;
+ return 0;
+}
diff --git a/security/nss/lib/zlib/inftrees.h b/security/nss/lib/zlib/inftrees.h
new file mode 100644
index 000000000..baa53a0b1
--- /dev/null
+++ b/security/nss/lib/zlib/inftrees.h
@@ -0,0 +1,62 @@
+/* inftrees.h -- header to use inftrees.c
+ * Copyright (C) 1995-2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* Structure for decoding tables. Each entry provides either the
+ information needed to do the operation requested by the code that
+ indexed that table entry, or it provides a pointer to another
+ table that indexes more bits of the code. op indicates whether
+ the entry is a pointer to another table, a literal, a length or
+ distance, an end-of-block, or an invalid code. For a table
+ pointer, the low four bits of op is the number of index bits of
+ that table. For a length or distance, the low four bits of op
+ is the number of extra bits to get after the code. bits is
+ the number of bits in this code or part of the code to drop off
+ of the bit buffer. val is the actual byte to output in the case
+ of a literal, the base length or distance, or the offset from
+ the current table to the next table. Each entry is four bytes. */
+typedef struct {
+ unsigned char op; /* operation, extra bits, table bits */
+ unsigned char bits; /* bits in this part of the code */
+ unsigned short val; /* offset in table or code value */
+} code;
+
+/* op values as set by inflate_table():
+ 00000000 - literal
+ 0000tttt - table link, tttt != 0 is the number of table index bits
+ 0001eeee - length or distance, eeee is the number of extra bits
+ 01100000 - end of block
+ 01000000 - invalid code
+ */
+
+/* Maximum size of the dynamic table. The maximum number of code structures is
+ 1444, which is the sum of 852 for literal/length codes and 592 for distance
+ codes. These values were found by exhaustive searches using the program
+ examples/enough.c found in the zlib distribtution. The arguments to that
+ program are the number of symbols, the initial root table size, and the
+ maximum bit length of a code. "enough 286 9 15" for literal/length codes
+ returns returns 852, and "enough 30 6 15" for distance codes returns 592.
+ The initial root table size (9 or 6) is found in the fifth argument of the
+ inflate_table() calls in inflate.c and infback.c. If the root table size is
+ changed, then these maximum sizes would be need to be recalculated and
+ updated. */
+#define ENOUGH_LENS 852
+#define ENOUGH_DISTS 592
+#define ENOUGH (ENOUGH_LENS+ENOUGH_DISTS)
+
+/* Type of code to build for inflate_table() */
+typedef enum {
+ CODES,
+ LENS,
+ DISTS
+} codetype;
+
+int ZLIB_INTERNAL inflate_table OF((codetype type, unsigned short FAR *lens,
+ unsigned codes, code FAR * FAR *table,
+ unsigned FAR *bits, unsigned short FAR *work));
diff --git a/security/nss/lib/zlib/manifest.mn b/security/nss/lib/zlib/manifest.mn
new file mode 100644
index 000000000..2118f8d4f
--- /dev/null
+++ b/security/nss/lib/zlib/manifest.mn
@@ -0,0 +1,39 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+MODULE = nss
+
+PRIVATE_EXPORTS = zlib.h zconf.h
+
+CSRCS = adler32.c \
+ compress.c \
+ crc32.c \
+ deflate.c \
+ gzclose.c \
+ gzlib.c \
+ gzread.c \
+ gzwrite.c \
+ infback.c \
+ inffast.c \
+ inflate.c \
+ inftrees.c \
+ trees.c \
+ uncompr.c \
+ zutil.c \
+ $(NULL)
+
+LIBRARY_NAME = zlib
+
+PROGRAMS = example minigzip
+
+# REQUIRES = nss
+
+# Define verbose as -1 to turn off all zlib trace messages in
+# debug builds.
+DEFINES = -Dverbose=-1
+
+NO_MD_RELEASE = 1
diff --git a/security/nss/lib/zlib/minigzip.c b/security/nss/lib/zlib/minigzip.c
new file mode 100644
index 000000000..9825ccc3a
--- /dev/null
+++ b/security/nss/lib/zlib/minigzip.c
@@ -0,0 +1,440 @@
+/* minigzip.c -- simulate gzip using the zlib compression library
+ * Copyright (C) 1995-2006, 2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * minigzip is a minimal implementation of the gzip utility. This is
+ * only an example of using zlib and isn't meant to replace the
+ * full-featured gzip. No attempt is made to deal with file systems
+ * limiting names to 14 or 8+3 characters, etc... Error checking is
+ * very limited. So use minigzip only for testing; use gzip for the
+ * real thing. On MSDOS, use only on file names without extension
+ * or in pipe mode.
+ */
+
+/* @(#) $Id$ */
+
+#include "zlib.h"
+#include <stdio.h>
+
+#ifdef STDC
+# include <string.h>
+# include <stdlib.h>
+#endif
+
+#ifdef USE_MMAP
+# include <sys/types.h>
+# include <sys/mman.h>
+# include <sys/stat.h>
+#endif
+
+#if defined(MSDOS) || defined(OS2) || defined(WIN32) || defined(__CYGWIN__)
+# include <fcntl.h>
+# include <io.h>
+# ifdef UNDER_CE
+# include <stdlib.h>
+# endif
+# define SET_BINARY_MODE(file) setmode(fileno(file), O_BINARY)
+#else
+# define SET_BINARY_MODE(file)
+#endif
+
+#ifdef VMS
+# define unlink delete
+# define GZ_SUFFIX "-gz"
+#endif
+#ifdef RISCOS
+# define unlink remove
+# define GZ_SUFFIX "-gz"
+# define fileno(file) file->__file
+#endif
+#if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
+# include <unix.h> /* for fileno */
+#endif
+
+#if !defined(Z_HAVE_UNISTD_H) && !defined(_LARGEFILE64_SOURCE)
+#ifndef WIN32 /* unlink already in stdio.h for WIN32 */
+ extern int unlink OF((const char *));
+#endif
+#endif
+
+#if defined(UNDER_CE)
+# include <windows.h>
+# define perror(s) pwinerror(s)
+
+/* Map the Windows error number in ERROR to a locale-dependent error
+ message string and return a pointer to it. Typically, the values
+ for ERROR come from GetLastError.
+
+ The string pointed to shall not be modified by the application,
+ but may be overwritten by a subsequent call to strwinerror
+
+ The strwinerror function does not change the current setting
+ of GetLastError. */
+
+static char *strwinerror (error)
+ DWORD error;
+{
+ static char buf[1024];
+
+ wchar_t *msgbuf;
+ DWORD lasterr = GetLastError();
+ DWORD chars = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM
+ | FORMAT_MESSAGE_ALLOCATE_BUFFER,
+ NULL,
+ error,
+ 0, /* Default language */
+ (LPVOID)&msgbuf,
+ 0,
+ NULL);
+ if (chars != 0) {
+ /* If there is an \r\n appended, zap it. */
+ if (chars >= 2
+ && msgbuf[chars - 2] == '\r' && msgbuf[chars - 1] == '\n') {
+ chars -= 2;
+ msgbuf[chars] = 0;
+ }
+
+ if (chars > sizeof (buf) - 1) {
+ chars = sizeof (buf) - 1;
+ msgbuf[chars] = 0;
+ }
+
+ wcstombs(buf, msgbuf, chars + 1);
+ LocalFree(msgbuf);
+ }
+ else {
+ sprintf(buf, "unknown win32 error (%ld)", error);
+ }
+
+ SetLastError(lasterr);
+ return buf;
+}
+
+static void pwinerror (s)
+ const char *s;
+{
+ if (s && *s)
+ fprintf(stderr, "%s: %s\n", s, strwinerror(GetLastError ()));
+ else
+ fprintf(stderr, "%s\n", strwinerror(GetLastError ()));
+}
+
+#endif /* UNDER_CE */
+
+#ifndef GZ_SUFFIX
+# define GZ_SUFFIX ".gz"
+#endif
+#define SUFFIX_LEN (sizeof(GZ_SUFFIX)-1)
+
+#define BUFLEN 16384
+#define MAX_NAME_LEN 1024
+
+#ifdef MAXSEG_64K
+# define local static
+ /* Needed for systems with limitation on stack size. */
+#else
+# define local
+#endif
+
+char *prog;
+
+void error OF((const char *msg));
+void gz_compress OF((FILE *in, gzFile out));
+#ifdef USE_MMAP
+int gz_compress_mmap OF((FILE *in, gzFile out));
+#endif
+void gz_uncompress OF((gzFile in, FILE *out));
+void file_compress OF((char *file, char *mode));
+void file_uncompress OF((char *file));
+int main OF((int argc, char *argv[]));
+
+/* ===========================================================================
+ * Display error message and exit
+ */
+void error(msg)
+ const char *msg;
+{
+ fprintf(stderr, "%s: %s\n", prog, msg);
+ exit(1);
+}
+
+/* ===========================================================================
+ * Compress input to output then close both files.
+ */
+
+void gz_compress(in, out)
+ FILE *in;
+ gzFile out;
+{
+ local char buf[BUFLEN];
+ int len;
+ int err;
+
+#ifdef USE_MMAP
+ /* Try first compressing with mmap. If mmap fails (minigzip used in a
+ * pipe), use the normal fread loop.
+ */
+ if (gz_compress_mmap(in, out) == Z_OK) return;
+#endif
+ for (;;) {
+ len = (int)fread(buf, 1, sizeof(buf), in);
+ if (ferror(in)) {
+ perror("fread");
+ exit(1);
+ }
+ if (len == 0) break;
+
+ if (gzwrite(out, buf, (unsigned)len) != len) error(gzerror(out, &err));
+ }
+ fclose(in);
+ if (gzclose(out) != Z_OK) error("failed gzclose");
+}
+
+#ifdef USE_MMAP /* MMAP version, Miguel Albrecht <malbrech@eso.org> */
+
+/* Try compressing the input file at once using mmap. Return Z_OK if
+ * if success, Z_ERRNO otherwise.
+ */
+int gz_compress_mmap(in, out)
+ FILE *in;
+ gzFile out;
+{
+ int len;
+ int err;
+ int ifd = fileno(in);
+ caddr_t buf; /* mmap'ed buffer for the entire input file */
+ off_t buf_len; /* length of the input file */
+ struct stat sb;
+
+ /* Determine the size of the file, needed for mmap: */
+ if (fstat(ifd, &sb) < 0) return Z_ERRNO;
+ buf_len = sb.st_size;
+ if (buf_len <= 0) return Z_ERRNO;
+
+ /* Now do the actual mmap: */
+ buf = mmap((caddr_t) 0, buf_len, PROT_READ, MAP_SHARED, ifd, (off_t)0);
+ if (buf == (caddr_t)(-1)) return Z_ERRNO;
+
+ /* Compress the whole file at once: */
+ len = gzwrite(out, (char *)buf, (unsigned)buf_len);
+
+ if (len != (int)buf_len) error(gzerror(out, &err));
+
+ munmap(buf, buf_len);
+ fclose(in);
+ if (gzclose(out) != Z_OK) error("failed gzclose");
+ return Z_OK;
+}
+#endif /* USE_MMAP */
+
+/* ===========================================================================
+ * Uncompress input to output then close both files.
+ */
+void gz_uncompress(in, out)
+ gzFile in;
+ FILE *out;
+{
+ local char buf[BUFLEN];
+ int len;
+ int err;
+
+ for (;;) {
+ len = gzread(in, buf, sizeof(buf));
+ if (len < 0) error (gzerror(in, &err));
+ if (len == 0) break;
+
+ if ((int)fwrite(buf, 1, (unsigned)len, out) != len) {
+ error("failed fwrite");
+ }
+ }
+ if (fclose(out)) error("failed fclose");
+
+ if (gzclose(in) != Z_OK) error("failed gzclose");
+}
+
+
+/* ===========================================================================
+ * Compress the given file: create a corresponding .gz file and remove the
+ * original.
+ */
+void file_compress(file, mode)
+ char *file;
+ char *mode;
+{
+ local char outfile[MAX_NAME_LEN];
+ FILE *in;
+ gzFile out;
+
+ if (strlen(file) + strlen(GZ_SUFFIX) >= sizeof(outfile)) {
+ fprintf(stderr, "%s: filename too long\n", prog);
+ exit(1);
+ }
+
+ strcpy(outfile, file);
+ strcat(outfile, GZ_SUFFIX);
+
+ in = fopen(file, "rb");
+ if (in == NULL) {
+ perror(file);
+ exit(1);
+ }
+ out = gzopen(outfile, mode);
+ if (out == NULL) {
+ fprintf(stderr, "%s: can't gzopen %s\n", prog, outfile);
+ exit(1);
+ }
+ gz_compress(in, out);
+
+ unlink(file);
+}
+
+
+/* ===========================================================================
+ * Uncompress the given file and remove the original.
+ */
+void file_uncompress(file)
+ char *file;
+{
+ local char buf[MAX_NAME_LEN];
+ char *infile, *outfile;
+ FILE *out;
+ gzFile in;
+ size_t len = strlen(file);
+
+ if (len + strlen(GZ_SUFFIX) >= sizeof(buf)) {
+ fprintf(stderr, "%s: filename too long\n", prog);
+ exit(1);
+ }
+
+ strcpy(buf, file);
+
+ if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
+ infile = file;
+ outfile = buf;
+ outfile[len-3] = '\0';
+ } else {
+ outfile = file;
+ infile = buf;
+ strcat(infile, GZ_SUFFIX);
+ }
+ in = gzopen(infile, "rb");
+ if (in == NULL) {
+ fprintf(stderr, "%s: can't gzopen %s\n", prog, infile);
+ exit(1);
+ }
+ out = fopen(outfile, "wb");
+ if (out == NULL) {
+ perror(file);
+ exit(1);
+ }
+
+ gz_uncompress(in, out);
+
+ unlink(infile);
+}
+
+
+/* ===========================================================================
+ * Usage: minigzip [-c] [-d] [-f] [-h] [-r] [-1 to -9] [files...]
+ * -c : write to standard output
+ * -d : decompress
+ * -f : compress with Z_FILTERED
+ * -h : compress with Z_HUFFMAN_ONLY
+ * -r : compress with Z_RLE
+ * -1 to -9 : compression level
+ */
+
+int main(argc, argv)
+ int argc;
+ char *argv[];
+{
+ int copyout = 0;
+ int uncompr = 0;
+ gzFile file;
+ char *bname, outmode[20];
+
+ strcpy(outmode, "wb6 ");
+
+ prog = argv[0];
+ bname = strrchr(argv[0], '/');
+ if (bname)
+ bname++;
+ else
+ bname = argv[0];
+ argc--, argv++;
+
+ if (!strcmp(bname, "gunzip"))
+ uncompr = 1;
+ else if (!strcmp(bname, "zcat"))
+ copyout = uncompr = 1;
+
+ while (argc > 0) {
+ if (strcmp(*argv, "-c") == 0)
+ copyout = 1;
+ else if (strcmp(*argv, "-d") == 0)
+ uncompr = 1;
+ else if (strcmp(*argv, "-f") == 0)
+ outmode[3] = 'f';
+ else if (strcmp(*argv, "-h") == 0)
+ outmode[3] = 'h';
+ else if (strcmp(*argv, "-r") == 0)
+ outmode[3] = 'R';
+ else if ((*argv)[0] == '-' && (*argv)[1] >= '1' && (*argv)[1] <= '9' &&
+ (*argv)[2] == 0)
+ outmode[2] = (*argv)[1];
+ else
+ break;
+ argc--, argv++;
+ }
+ if (outmode[3] == ' ')
+ outmode[3] = 0;
+ if (argc == 0) {
+ SET_BINARY_MODE(stdin);
+ SET_BINARY_MODE(stdout);
+ if (uncompr) {
+ file = gzdopen(fileno(stdin), "rb");
+ if (file == NULL) error("can't gzdopen stdin");
+ gz_uncompress(file, stdout);
+ } else {
+ file = gzdopen(fileno(stdout), outmode);
+ if (file == NULL) error("can't gzdopen stdout");
+ gz_compress(stdin, file);
+ }
+ } else {
+ if (copyout) {
+ SET_BINARY_MODE(stdout);
+ }
+ do {
+ if (uncompr) {
+ if (copyout) {
+ file = gzopen(*argv, "rb");
+ if (file == NULL)
+ fprintf(stderr, "%s: can't gzopen %s\n", prog, *argv);
+ else
+ gz_uncompress(file, stdout);
+ } else {
+ file_uncompress(*argv);
+ }
+ } else {
+ if (copyout) {
+ FILE * in = fopen(*argv, "rb");
+
+ if (in == NULL) {
+ perror(*argv);
+ } else {
+ file = gzdopen(fileno(stdout), outmode);
+ if (file == NULL) error("can't gzdopen stdout");
+
+ gz_compress(in, file);
+ }
+
+ } else {
+ file_compress(*argv, outmode);
+ }
+ }
+ } while (argv++, --argc);
+ }
+ return 0;
+}
diff --git a/security/nss/lib/zlib/patches/prune-zlib.sh b/security/nss/lib/zlib/patches/prune-zlib.sh
new file mode 100644
index 000000000..6a742fb4d
--- /dev/null
+++ b/security/nss/lib/zlib/patches/prune-zlib.sh
@@ -0,0 +1,34 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+files_to_remove="
+CMakeLists.txt
+ChangeLog
+FAQ
+INDEX
+Makefile
+Makefile.in
+amiga
+configure
+contrib
+doc
+examples
+make_vms.com
+msdos
+nintendods
+old
+qnx
+treebuild.xml
+watcom
+win32
+zconf.h.cmakein
+zconf.h.in
+zlib.3
+zlib.3.pdf
+zlib.map
+zlib.pc.in
+zlib2ansi
+"
+
+rm -rf $files_to_remove
diff --git a/security/nss/lib/zlib/trees.c b/security/nss/lib/zlib/trees.c
new file mode 100644
index 000000000..56e9bb1c1
--- /dev/null
+++ b/security/nss/lib/zlib/trees.c
@@ -0,0 +1,1244 @@
+/* trees.c -- output deflated data using Huffman coding
+ * Copyright (C) 1995-2010 Jean-loup Gailly
+ * detect_data_type() function provided freely by Cosmin Truta, 2006
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * ALGORITHM
+ *
+ * The "deflation" process uses several Huffman trees. The more
+ * common source values are represented by shorter bit sequences.
+ *
+ * Each code tree is stored in a compressed form which is itself
+ * a Huffman encoding of the lengths of all the code strings (in
+ * ascending order by source values). The actual code strings are
+ * reconstructed from the lengths in the inflate process, as described
+ * in the deflate specification.
+ *
+ * REFERENCES
+ *
+ * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
+ * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
+ *
+ * Storer, James A.
+ * Data Compression: Methods and Theory, pp. 49-50.
+ * Computer Science Press, 1988. ISBN 0-7167-8156-5.
+ *
+ * Sedgewick, R.
+ * Algorithms, p290.
+ * Addison-Wesley, 1983. ISBN 0-201-06672-6.
+ */
+
+/* @(#) $Id$ */
+
+/* #define GEN_TREES_H */
+
+#include "deflate.h"
+
+#ifdef DEBUG
+# include <ctype.h>
+#endif
+
+/* ===========================================================================
+ * Constants
+ */
+
+#define MAX_BL_BITS 7
+/* Bit length codes must not exceed MAX_BL_BITS bits */
+
+#define END_BLOCK 256
+/* end of block literal code */
+
+#define REP_3_6 16
+/* repeat previous bit length 3-6 times (2 bits of repeat count) */
+
+#define REPZ_3_10 17
+/* repeat a zero length 3-10 times (3 bits of repeat count) */
+
+#define REPZ_11_138 18
+/* repeat a zero length 11-138 times (7 bits of repeat count) */
+
+local const int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
+ = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
+
+local const int extra_dbits[D_CODES] /* extra bits for each distance code */
+ = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
+
+local const int extra_blbits[BL_CODES]/* extra bits for each bit length code */
+ = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
+
+local const uch bl_order[BL_CODES]
+ = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
+/* The lengths of the bit length codes are sent in order of decreasing
+ * probability, to avoid transmitting the lengths for unused bit length codes.
+ */
+
+#define Buf_size (8 * 2*sizeof(char))
+/* Number of bits used within bi_buf. (bi_buf might be implemented on
+ * more than 16 bits on some systems.)
+ */
+
+/* ===========================================================================
+ * Local data. These are initialized only once.
+ */
+
+#define DIST_CODE_LEN 512 /* see definition of array dist_code below */
+
+#if defined(GEN_TREES_H) || !defined(STDC)
+/* non ANSI compilers may not accept trees.h */
+
+local ct_data static_ltree[L_CODES+2];
+/* The static literal tree. Since the bit lengths are imposed, there is no
+ * need for the L_CODES extra codes used during heap construction. However
+ * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
+ * below).
+ */
+
+local ct_data static_dtree[D_CODES];
+/* The static distance tree. (Actually a trivial tree since all codes use
+ * 5 bits.)
+ */
+
+uch _dist_code[DIST_CODE_LEN];
+/* Distance codes. The first 256 values correspond to the distances
+ * 3 .. 258, the last 256 values correspond to the top 8 bits of
+ * the 15 bit distances.
+ */
+
+uch _length_code[MAX_MATCH-MIN_MATCH+1];
+/* length code for each normalized match length (0 == MIN_MATCH) */
+
+local int base_length[LENGTH_CODES];
+/* First normalized length for each code (0 = MIN_MATCH) */
+
+local int base_dist[D_CODES];
+/* First normalized distance for each code (0 = distance of 1) */
+
+#else
+# include "trees.h"
+#endif /* GEN_TREES_H */
+
+struct static_tree_desc_s {
+ const ct_data *static_tree; /* static tree or NULL */
+ const intf *extra_bits; /* extra bits for each code or NULL */
+ int extra_base; /* base index for extra_bits */
+ int elems; /* max number of elements in the tree */
+ int max_length; /* max bit length for the codes */
+};
+
+local static_tree_desc static_l_desc =
+{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
+
+local static_tree_desc static_d_desc =
+{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
+
+local static_tree_desc static_bl_desc =
+{(const ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
+
+/* ===========================================================================
+ * Local (static) routines in this file.
+ */
+
+local void tr_static_init OF((void));
+local void init_block OF((deflate_state *s));
+local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
+local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
+local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
+local void build_tree OF((deflate_state *s, tree_desc *desc));
+local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
+local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
+local int build_bl_tree OF((deflate_state *s));
+local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
+ int blcodes));
+local void compress_block OF((deflate_state *s, ct_data *ltree,
+ ct_data *dtree));
+local int detect_data_type OF((deflate_state *s));
+local unsigned bi_reverse OF((unsigned value, int length));
+local void bi_windup OF((deflate_state *s));
+local void bi_flush OF((deflate_state *s));
+local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
+ int header));
+
+#ifdef GEN_TREES_H
+local void gen_trees_header OF((void));
+#endif
+
+#ifndef DEBUG
+# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
+ /* Send a code of the given tree. c and tree must not have side effects */
+
+#else /* DEBUG */
+# define send_code(s, c, tree) \
+ { if (z_verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
+ send_bits(s, tree[c].Code, tree[c].Len); }
+#endif
+
+/* ===========================================================================
+ * Output a short LSB first on the stream.
+ * IN assertion: there is enough room in pendingBuf.
+ */
+#define put_short(s, w) { \
+ put_byte(s, (uch)((w) & 0xff)); \
+ put_byte(s, (uch)((ush)(w) >> 8)); \
+}
+
+/* ===========================================================================
+ * Send a value on a given number of bits.
+ * IN assertion: length <= 16 and value fits in length bits.
+ */
+#ifdef DEBUG
+local void send_bits OF((deflate_state *s, int value, int length));
+
+local void send_bits(s, value, length)
+ deflate_state *s;
+ int value; /* value to send */
+ int length; /* number of bits */
+{
+ Tracevv((stderr," l %2d v %4x ", length, value));
+ Assert(length > 0 && length <= 15, "invalid length");
+ s->bits_sent += (ulg)length;
+
+ /* If not enough room in bi_buf, use (valid) bits from bi_buf and
+ * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
+ * unused bits in value.
+ */
+ if (s->bi_valid > (int)Buf_size - length) {
+ s->bi_buf |= (ush)value << s->bi_valid;
+ put_short(s, s->bi_buf);
+ s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
+ s->bi_valid += length - Buf_size;
+ } else {
+ s->bi_buf |= (ush)value << s->bi_valid;
+ s->bi_valid += length;
+ }
+}
+#else /* !DEBUG */
+
+#define send_bits(s, value, length) \
+{ int len = length;\
+ if (s->bi_valid > (int)Buf_size - len) {\
+ int val = value;\
+ s->bi_buf |= (ush)val << s->bi_valid;\
+ put_short(s, s->bi_buf);\
+ s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
+ s->bi_valid += len - Buf_size;\
+ } else {\
+ s->bi_buf |= (ush)(value) << s->bi_valid;\
+ s->bi_valid += len;\
+ }\
+}
+#endif /* DEBUG */
+
+
+/* the arguments must not have side effects */
+
+/* ===========================================================================
+ * Initialize the various 'constant' tables.
+ */
+local void tr_static_init()
+{
+#if defined(GEN_TREES_H) || !defined(STDC)
+ static int static_init_done = 0;
+ int n; /* iterates over tree elements */
+ int bits; /* bit counter */
+ int length; /* length value */
+ int code; /* code value */
+ int dist; /* distance index */
+ ush bl_count[MAX_BITS+1];
+ /* number of codes at each bit length for an optimal tree */
+
+ if (static_init_done) return;
+
+ /* For some embedded targets, global variables are not initialized: */
+#ifdef NO_INIT_GLOBAL_POINTERS
+ static_l_desc.static_tree = static_ltree;
+ static_l_desc.extra_bits = extra_lbits;
+ static_d_desc.static_tree = static_dtree;
+ static_d_desc.extra_bits = extra_dbits;
+ static_bl_desc.extra_bits = extra_blbits;
+#endif
+
+ /* Initialize the mapping length (0..255) -> length code (0..28) */
+ length = 0;
+ for (code = 0; code < LENGTH_CODES-1; code++) {
+ base_length[code] = length;
+ for (n = 0; n < (1<<extra_lbits[code]); n++) {
+ _length_code[length++] = (uch)code;
+ }
+ }
+ Assert (length == 256, "tr_static_init: length != 256");
+ /* Note that the length 255 (match length 258) can be represented
+ * in two different ways: code 284 + 5 bits or code 285, so we
+ * overwrite length_code[255] to use the best encoding:
+ */
+ _length_code[length-1] = (uch)code;
+
+ /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
+ dist = 0;
+ for (code = 0 ; code < 16; code++) {
+ base_dist[code] = dist;
+ for (n = 0; n < (1<<extra_dbits[code]); n++) {
+ _dist_code[dist++] = (uch)code;
+ }
+ }
+ Assert (dist == 256, "tr_static_init: dist != 256");
+ dist >>= 7; /* from now on, all distances are divided by 128 */
+ for ( ; code < D_CODES; code++) {
+ base_dist[code] = dist << 7;
+ for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
+ _dist_code[256 + dist++] = (uch)code;
+ }
+ }
+ Assert (dist == 256, "tr_static_init: 256+dist != 512");
+
+ /* Construct the codes of the static literal tree */
+ for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
+ n = 0;
+ while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
+ while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
+ while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
+ while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
+ /* Codes 286 and 287 do not exist, but we must include them in the
+ * tree construction to get a canonical Huffman tree (longest code
+ * all ones)
+ */
+ gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
+
+ /* The static distance tree is trivial: */
+ for (n = 0; n < D_CODES; n++) {
+ static_dtree[n].Len = 5;
+ static_dtree[n].Code = bi_reverse((unsigned)n, 5);
+ }
+ static_init_done = 1;
+
+# ifdef GEN_TREES_H
+ gen_trees_header();
+# endif
+#endif /* defined(GEN_TREES_H) || !defined(STDC) */
+}
+
+/* ===========================================================================
+ * Genererate the file trees.h describing the static trees.
+ */
+#ifdef GEN_TREES_H
+# ifndef DEBUG
+# include <stdio.h>
+# endif
+
+# define SEPARATOR(i, last, width) \
+ ((i) == (last)? "\n};\n\n" : \
+ ((i) % (width) == (width)-1 ? ",\n" : ", "))
+
+void gen_trees_header()
+{
+ FILE *header = fopen("trees.h", "w");
+ int i;
+
+ Assert (header != NULL, "Can't open trees.h");
+ fprintf(header,
+ "/* header created automatically with -DGEN_TREES_H */\n\n");
+
+ fprintf(header, "local const ct_data static_ltree[L_CODES+2] = {\n");
+ for (i = 0; i < L_CODES+2; i++) {
+ fprintf(header, "{{%3u},{%3u}}%s", static_ltree[i].Code,
+ static_ltree[i].Len, SEPARATOR(i, L_CODES+1, 5));
+ }
+
+ fprintf(header, "local const ct_data static_dtree[D_CODES] = {\n");
+ for (i = 0; i < D_CODES; i++) {
+ fprintf(header, "{{%2u},{%2u}}%s", static_dtree[i].Code,
+ static_dtree[i].Len, SEPARATOR(i, D_CODES-1, 5));
+ }
+
+ fprintf(header, "const uch ZLIB_INTERNAL _dist_code[DIST_CODE_LEN] = {\n");
+ for (i = 0; i < DIST_CODE_LEN; i++) {
+ fprintf(header, "%2u%s", _dist_code[i],
+ SEPARATOR(i, DIST_CODE_LEN-1, 20));
+ }
+
+ fprintf(header,
+ "const uch ZLIB_INTERNAL _length_code[MAX_MATCH-MIN_MATCH+1]= {\n");
+ for (i = 0; i < MAX_MATCH-MIN_MATCH+1; i++) {
+ fprintf(header, "%2u%s", _length_code[i],
+ SEPARATOR(i, MAX_MATCH-MIN_MATCH, 20));
+ }
+
+ fprintf(header, "local const int base_length[LENGTH_CODES] = {\n");
+ for (i = 0; i < LENGTH_CODES; i++) {
+ fprintf(header, "%1u%s", base_length[i],
+ SEPARATOR(i, LENGTH_CODES-1, 20));
+ }
+
+ fprintf(header, "local const int base_dist[D_CODES] = {\n");
+ for (i = 0; i < D_CODES; i++) {
+ fprintf(header, "%5u%s", base_dist[i],
+ SEPARATOR(i, D_CODES-1, 10));
+ }
+
+ fclose(header);
+}
+#endif /* GEN_TREES_H */
+
+/* ===========================================================================
+ * Initialize the tree data structures for a new zlib stream.
+ */
+void ZLIB_INTERNAL _tr_init(s)
+ deflate_state *s;
+{
+ tr_static_init();
+
+ s->l_desc.dyn_tree = s->dyn_ltree;
+ s->l_desc.stat_desc = &static_l_desc;
+
+ s->d_desc.dyn_tree = s->dyn_dtree;
+ s->d_desc.stat_desc = &static_d_desc;
+
+ s->bl_desc.dyn_tree = s->bl_tree;
+ s->bl_desc.stat_desc = &static_bl_desc;
+
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+ s->last_eob_len = 8; /* enough lookahead for inflate */
+#ifdef DEBUG
+ s->compressed_len = 0L;
+ s->bits_sent = 0L;
+#endif
+
+ /* Initialize the first block of the first file: */
+ init_block(s);
+}
+
+/* ===========================================================================
+ * Initialize a new block.
+ */
+local void init_block(s)
+ deflate_state *s;
+{
+ int n; /* iterates over tree elements */
+
+ /* Initialize the trees. */
+ for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
+ for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
+ for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
+
+ s->dyn_ltree[END_BLOCK].Freq = 1;
+ s->opt_len = s->static_len = 0L;
+ s->last_lit = s->matches = 0;
+}
+
+#define SMALLEST 1
+/* Index within the heap array of least frequent node in the Huffman tree */
+
+
+/* ===========================================================================
+ * Remove the smallest element from the heap and recreate the heap with
+ * one less element. Updates heap and heap_len.
+ */
+#define pqremove(s, tree, top) \
+{\
+ top = s->heap[SMALLEST]; \
+ s->heap[SMALLEST] = s->heap[s->heap_len--]; \
+ pqdownheap(s, tree, SMALLEST); \
+}
+
+/* ===========================================================================
+ * Compares to subtrees, using the tree depth as tie breaker when
+ * the subtrees have equal frequency. This minimizes the worst case length.
+ */
+#define smaller(tree, n, m, depth) \
+ (tree[n].Freq < tree[m].Freq || \
+ (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
+
+/* ===========================================================================
+ * Restore the heap property by moving down the tree starting at node k,
+ * exchanging a node with the smallest of its two sons if necessary, stopping
+ * when the heap property is re-established (each father smaller than its
+ * two sons).
+ */
+local void pqdownheap(s, tree, k)
+ deflate_state *s;
+ ct_data *tree; /* the tree to restore */
+ int k; /* node to move down */
+{
+ int v = s->heap[k];
+ int j = k << 1; /* left son of k */
+ while (j <= s->heap_len) {
+ /* Set j to the smallest of the two sons: */
+ if (j < s->heap_len &&
+ smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
+ j++;
+ }
+ /* Exit if v is smaller than both sons */
+ if (smaller(tree, v, s->heap[j], s->depth)) break;
+
+ /* Exchange v with the smallest son */
+ s->heap[k] = s->heap[j]; k = j;
+
+ /* And continue down the tree, setting j to the left son of k */
+ j <<= 1;
+ }
+ s->heap[k] = v;
+}
+
+/* ===========================================================================
+ * Compute the optimal bit lengths for a tree and update the total bit length
+ * for the current block.
+ * IN assertion: the fields freq and dad are set, heap[heap_max] and
+ * above are the tree nodes sorted by increasing frequency.
+ * OUT assertions: the field len is set to the optimal bit length, the
+ * array bl_count contains the frequencies for each bit length.
+ * The length opt_len is updated; static_len is also updated if stree is
+ * not null.
+ */
+local void gen_bitlen(s, desc)
+ deflate_state *s;
+ tree_desc *desc; /* the tree descriptor */
+{
+ ct_data *tree = desc->dyn_tree;
+ int max_code = desc->max_code;
+ const ct_data *stree = desc->stat_desc->static_tree;
+ const intf *extra = desc->stat_desc->extra_bits;
+ int base = desc->stat_desc->extra_base;
+ int max_length = desc->stat_desc->max_length;
+ int h; /* heap index */
+ int n, m; /* iterate over the tree elements */
+ int bits; /* bit length */
+ int xbits; /* extra bits */
+ ush f; /* frequency */
+ int overflow = 0; /* number of elements with bit length too large */
+
+ for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
+
+ /* In a first pass, compute the optimal bit lengths (which may
+ * overflow in the case of the bit length tree).
+ */
+ tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
+
+ for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
+ n = s->heap[h];
+ bits = tree[tree[n].Dad].Len + 1;
+ if (bits > max_length) bits = max_length, overflow++;
+ tree[n].Len = (ush)bits;
+ /* We overwrite tree[n].Dad which is no longer needed */
+
+ if (n > max_code) continue; /* not a leaf node */
+
+ s->bl_count[bits]++;
+ xbits = 0;
+ if (n >= base) xbits = extra[n-base];
+ f = tree[n].Freq;
+ s->opt_len += (ulg)f * (bits + xbits);
+ if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
+ }
+ if (overflow == 0) return;
+
+ Trace((stderr,"\nbit length overflow\n"));
+ /* This happens for example on obj2 and pic of the Calgary corpus */
+
+ /* Find the first bit length which could increase: */
+ do {
+ bits = max_length-1;
+ while (s->bl_count[bits] == 0) bits--;
+ s->bl_count[bits]--; /* move one leaf down the tree */
+ s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
+ s->bl_count[max_length]--;
+ /* The brother of the overflow item also moves one step up,
+ * but this does not affect bl_count[max_length]
+ */
+ overflow -= 2;
+ } while (overflow > 0);
+
+ /* Now recompute all bit lengths, scanning in increasing frequency.
+ * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
+ * lengths instead of fixing only the wrong ones. This idea is taken
+ * from 'ar' written by Haruhiko Okumura.)
+ */
+ for (bits = max_length; bits != 0; bits--) {
+ n = s->bl_count[bits];
+ while (n != 0) {
+ m = s->heap[--h];
+ if (m > max_code) continue;
+ if ((unsigned) tree[m].Len != (unsigned) bits) {
+ Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
+ s->opt_len += ((long)bits - (long)tree[m].Len)
+ *(long)tree[m].Freq;
+ tree[m].Len = (ush)bits;
+ }
+ n--;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Generate the codes for a given tree and bit counts (which need not be
+ * optimal).
+ * IN assertion: the array bl_count contains the bit length statistics for
+ * the given tree and the field len is set for all tree elements.
+ * OUT assertion: the field code is set for all tree elements of non
+ * zero code length.
+ */
+local void gen_codes (tree, max_code, bl_count)
+ ct_data *tree; /* the tree to decorate */
+ int max_code; /* largest code with non zero frequency */
+ ushf *bl_count; /* number of codes at each bit length */
+{
+ ush next_code[MAX_BITS+1]; /* next code value for each bit length */
+ ush code = 0; /* running code value */
+ int bits; /* bit index */
+ int n; /* code index */
+
+ /* The distribution counts are first used to generate the code values
+ * without bit reversal.
+ */
+ for (bits = 1; bits <= MAX_BITS; bits++) {
+ next_code[bits] = code = (code + bl_count[bits-1]) << 1;
+ }
+ /* Check that the bit counts in bl_count are consistent. The last code
+ * must be all ones.
+ */
+ Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
+ "inconsistent bit counts");
+ Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
+
+ for (n = 0; n <= max_code; n++) {
+ int len = tree[n].Len;
+ if (len == 0) continue;
+ /* Now reverse the bits */
+ tree[n].Code = bi_reverse(next_code[len]++, len);
+
+ Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
+ n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
+ }
+}
+
+/* ===========================================================================
+ * Construct one Huffman tree and assigns the code bit strings and lengths.
+ * Update the total bit length for the current block.
+ * IN assertion: the field freq is set for all tree elements.
+ * OUT assertions: the fields len and code are set to the optimal bit length
+ * and corresponding code. The length opt_len is updated; static_len is
+ * also updated if stree is not null. The field max_code is set.
+ */
+local void build_tree(s, desc)
+ deflate_state *s;
+ tree_desc *desc; /* the tree descriptor */
+{
+ ct_data *tree = desc->dyn_tree;
+ const ct_data *stree = desc->stat_desc->static_tree;
+ int elems = desc->stat_desc->elems;
+ int n, m; /* iterate over heap elements */
+ int max_code = -1; /* largest code with non zero frequency */
+ int node; /* new node being created */
+
+ /* Construct the initial heap, with least frequent element in
+ * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
+ * heap[0] is not used.
+ */
+ s->heap_len = 0, s->heap_max = HEAP_SIZE;
+
+ for (n = 0; n < elems; n++) {
+ if (tree[n].Freq != 0) {
+ s->heap[++(s->heap_len)] = max_code = n;
+ s->depth[n] = 0;
+ } else {
+ tree[n].Len = 0;
+ }
+ }
+
+ /* The pkzip format requires that at least one distance code exists,
+ * and that at least one bit should be sent even if there is only one
+ * possible code. So to avoid special checks later on we force at least
+ * two codes of non zero frequency.
+ */
+ while (s->heap_len < 2) {
+ node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
+ tree[node].Freq = 1;
+ s->depth[node] = 0;
+ s->opt_len--; if (stree) s->static_len -= stree[node].Len;
+ /* node is 0 or 1 so it does not have extra bits */
+ }
+ desc->max_code = max_code;
+
+ /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
+ * establish sub-heaps of increasing lengths:
+ */
+ for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
+
+ /* Construct the Huffman tree by repeatedly combining the least two
+ * frequent nodes.
+ */
+ node = elems; /* next internal node of the tree */
+ do {
+ pqremove(s, tree, n); /* n = node of least frequency */
+ m = s->heap[SMALLEST]; /* m = node of next least frequency */
+
+ s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
+ s->heap[--(s->heap_max)] = m;
+
+ /* Create a new node father of n and m */
+ tree[node].Freq = tree[n].Freq + tree[m].Freq;
+ s->depth[node] = (uch)((s->depth[n] >= s->depth[m] ?
+ s->depth[n] : s->depth[m]) + 1);
+ tree[n].Dad = tree[m].Dad = (ush)node;
+#ifdef DUMP_BL_TREE
+ if (tree == s->bl_tree) {
+ fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
+ node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
+ }
+#endif
+ /* and insert the new node in the heap */
+ s->heap[SMALLEST] = node++;
+ pqdownheap(s, tree, SMALLEST);
+
+ } while (s->heap_len >= 2);
+
+ s->heap[--(s->heap_max)] = s->heap[SMALLEST];
+
+ /* At this point, the fields freq and dad are set. We can now
+ * generate the bit lengths.
+ */
+ gen_bitlen(s, (tree_desc *)desc);
+
+ /* The field len is now set, we can generate the bit codes */
+ gen_codes ((ct_data *)tree, max_code, s->bl_count);
+}
+
+/* ===========================================================================
+ * Scan a literal or distance tree to determine the frequencies of the codes
+ * in the bit length tree.
+ */
+local void scan_tree (s, tree, max_code)
+ deflate_state *s;
+ ct_data *tree; /* the tree to be scanned */
+ int max_code; /* and its largest code of non zero frequency */
+{
+ int n; /* iterates over all tree elements */
+ int prevlen = -1; /* last emitted length */
+ int curlen; /* length of current code */
+ int nextlen = tree[0].Len; /* length of next code */
+ int count = 0; /* repeat count of the current code */
+ int max_count = 7; /* max repeat count */
+ int min_count = 4; /* min repeat count */
+
+ if (nextlen == 0) max_count = 138, min_count = 3;
+ tree[max_code+1].Len = (ush)0xffff; /* guard */
+
+ for (n = 0; n <= max_code; n++) {
+ curlen = nextlen; nextlen = tree[n+1].Len;
+ if (++count < max_count && curlen == nextlen) {
+ continue;
+ } else if (count < min_count) {
+ s->bl_tree[curlen].Freq += count;
+ } else if (curlen != 0) {
+ if (curlen != prevlen) s->bl_tree[curlen].Freq++;
+ s->bl_tree[REP_3_6].Freq++;
+ } else if (count <= 10) {
+ s->bl_tree[REPZ_3_10].Freq++;
+ } else {
+ s->bl_tree[REPZ_11_138].Freq++;
+ }
+ count = 0; prevlen = curlen;
+ if (nextlen == 0) {
+ max_count = 138, min_count = 3;
+ } else if (curlen == nextlen) {
+ max_count = 6, min_count = 3;
+ } else {
+ max_count = 7, min_count = 4;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Send a literal or distance tree in compressed form, using the codes in
+ * bl_tree.
+ */
+local void send_tree (s, tree, max_code)
+ deflate_state *s;
+ ct_data *tree; /* the tree to be scanned */
+ int max_code; /* and its largest code of non zero frequency */
+{
+ int n; /* iterates over all tree elements */
+ int prevlen = -1; /* last emitted length */
+ int curlen; /* length of current code */
+ int nextlen = tree[0].Len; /* length of next code */
+ int count = 0; /* repeat count of the current code */
+ int max_count = 7; /* max repeat count */
+ int min_count = 4; /* min repeat count */
+
+ /* tree[max_code+1].Len = -1; */ /* guard already set */
+ if (nextlen == 0) max_count = 138, min_count = 3;
+
+ for (n = 0; n <= max_code; n++) {
+ curlen = nextlen; nextlen = tree[n+1].Len;
+ if (++count < max_count && curlen == nextlen) {
+ continue;
+ } else if (count < min_count) {
+ do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
+
+ } else if (curlen != 0) {
+ if (curlen != prevlen) {
+ send_code(s, curlen, s->bl_tree); count--;
+ }
+ Assert(count >= 3 && count <= 6, " 3_6?");
+ send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
+
+ } else if (count <= 10) {
+ send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
+
+ } else {
+ send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
+ }
+ count = 0; prevlen = curlen;
+ if (nextlen == 0) {
+ max_count = 138, min_count = 3;
+ } else if (curlen == nextlen) {
+ max_count = 6, min_count = 3;
+ } else {
+ max_count = 7, min_count = 4;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Construct the Huffman tree for the bit lengths and return the index in
+ * bl_order of the last bit length code to send.
+ */
+local int build_bl_tree(s)
+ deflate_state *s;
+{
+ int max_blindex; /* index of last bit length code of non zero freq */
+
+ /* Determine the bit length frequencies for literal and distance trees */
+ scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
+ scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
+
+ /* Build the bit length tree: */
+ build_tree(s, (tree_desc *)(&(s->bl_desc)));
+ /* opt_len now includes the length of the tree representations, except
+ * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
+ */
+
+ /* Determine the number of bit length codes to send. The pkzip format
+ * requires that at least 4 bit length codes be sent. (appnote.txt says
+ * 3 but the actual value used is 4.)
+ */
+ for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
+ if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
+ }
+ /* Update opt_len to include the bit length tree and counts */
+ s->opt_len += 3*(max_blindex+1) + 5+5+4;
+ Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
+ s->opt_len, s->static_len));
+
+ return max_blindex;
+}
+
+/* ===========================================================================
+ * Send the header for a block using dynamic Huffman trees: the counts, the
+ * lengths of the bit length codes, the literal tree and the distance tree.
+ * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
+ */
+local void send_all_trees(s, lcodes, dcodes, blcodes)
+ deflate_state *s;
+ int lcodes, dcodes, blcodes; /* number of codes for each tree */
+{
+ int rank; /* index in bl_order */
+
+ Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
+ Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
+ "too many codes");
+ Tracev((stderr, "\nbl counts: "));
+ send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
+ send_bits(s, dcodes-1, 5);
+ send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
+ for (rank = 0; rank < blcodes; rank++) {
+ Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
+ send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
+ }
+ Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
+
+ send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
+ Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
+
+ send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
+ Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
+}
+
+/* ===========================================================================
+ * Send a stored block
+ */
+void ZLIB_INTERNAL _tr_stored_block(s, buf, stored_len, last)
+ deflate_state *s;
+ charf *buf; /* input block */
+ ulg stored_len; /* length of input block */
+ int last; /* one if this is the last block for a file */
+{
+ send_bits(s, (STORED_BLOCK<<1)+last, 3); /* send block type */
+#ifdef DEBUG
+ s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
+ s->compressed_len += (stored_len + 4) << 3;
+#endif
+ copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
+}
+
+/* ===========================================================================
+ * Send one empty static block to give enough lookahead for inflate.
+ * This takes 10 bits, of which 7 may remain in the bit buffer.
+ * The current inflate code requires 9 bits of lookahead. If the
+ * last two codes for the previous block (real code plus EOB) were coded
+ * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
+ * the last real code. In this case we send two empty static blocks instead
+ * of one. (There are no problems if the previous block is stored or fixed.)
+ * To simplify the code, we assume the worst case of last real code encoded
+ * on one bit only.
+ */
+void ZLIB_INTERNAL _tr_align(s)
+ deflate_state *s;
+{
+ send_bits(s, STATIC_TREES<<1, 3);
+ send_code(s, END_BLOCK, static_ltree);
+#ifdef DEBUG
+ s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
+#endif
+ bi_flush(s);
+ /* Of the 10 bits for the empty block, we have already sent
+ * (10 - bi_valid) bits. The lookahead for the last real code (before
+ * the EOB of the previous block) was thus at least one plus the length
+ * of the EOB plus what we have just sent of the empty static block.
+ */
+ if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
+ send_bits(s, STATIC_TREES<<1, 3);
+ send_code(s, END_BLOCK, static_ltree);
+#ifdef DEBUG
+ s->compressed_len += 10L;
+#endif
+ bi_flush(s);
+ }
+ s->last_eob_len = 7;
+}
+
+/* ===========================================================================
+ * Determine the best encoding for the current block: dynamic trees, static
+ * trees or store, and output the encoded block to the zip file.
+ */
+void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
+ deflate_state *s;
+ charf *buf; /* input block, or NULL if too old */
+ ulg stored_len; /* length of input block */
+ int last; /* one if this is the last block for a file */
+{
+ ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
+ int max_blindex = 0; /* index of last bit length code of non zero freq */
+
+ /* Build the Huffman trees unless a stored block is forced */
+ if (s->level > 0) {
+
+ /* Check if the file is binary or text */
+ if (s->strm->data_type == Z_UNKNOWN)
+ s->strm->data_type = detect_data_type(s);
+
+ /* Construct the literal and distance trees */
+ build_tree(s, (tree_desc *)(&(s->l_desc)));
+ Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
+ s->static_len));
+
+ build_tree(s, (tree_desc *)(&(s->d_desc)));
+ Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
+ s->static_len));
+ /* At this point, opt_len and static_len are the total bit lengths of
+ * the compressed block data, excluding the tree representations.
+ */
+
+ /* Build the bit length tree for the above two trees, and get the index
+ * in bl_order of the last bit length code to send.
+ */
+ max_blindex = build_bl_tree(s);
+
+ /* Determine the best encoding. Compute the block lengths in bytes. */
+ opt_lenb = (s->opt_len+3+7)>>3;
+ static_lenb = (s->static_len+3+7)>>3;
+
+ Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
+ opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
+ s->last_lit));
+
+ if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
+
+ } else {
+ Assert(buf != (char*)0, "lost buf");
+ opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
+ }
+
+#ifdef FORCE_STORED
+ if (buf != (char*)0) { /* force stored block */
+#else
+ if (stored_len+4 <= opt_lenb && buf != (char*)0) {
+ /* 4: two words for the lengths */
+#endif
+ /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
+ * Otherwise we can't have processed more than WSIZE input bytes since
+ * the last block flush, because compression would have been
+ * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
+ * transform a block into a stored block.
+ */
+ _tr_stored_block(s, buf, stored_len, last);
+
+#ifdef FORCE_STATIC
+ } else if (static_lenb >= 0) { /* force static trees */
+#else
+ } else if (s->strategy == Z_FIXED || static_lenb == opt_lenb) {
+#endif
+ send_bits(s, (STATIC_TREES<<1)+last, 3);
+ compress_block(s, (ct_data *)static_ltree, (ct_data *)static_dtree);
+#ifdef DEBUG
+ s->compressed_len += 3 + s->static_len;
+#endif
+ } else {
+ send_bits(s, (DYN_TREES<<1)+last, 3);
+ send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
+ max_blindex+1);
+ compress_block(s, (ct_data *)s->dyn_ltree, (ct_data *)s->dyn_dtree);
+#ifdef DEBUG
+ s->compressed_len += 3 + s->opt_len;
+#endif
+ }
+ Assert (s->compressed_len == s->bits_sent, "bad compressed size");
+ /* The above check is made mod 2^32, for files larger than 512 MB
+ * and uLong implemented on 32 bits.
+ */
+ init_block(s);
+
+ if (last) {
+ bi_windup(s);
+#ifdef DEBUG
+ s->compressed_len += 7; /* align on byte boundary */
+#endif
+ }
+ Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
+ s->compressed_len-7*last));
+}
+
+/* ===========================================================================
+ * Save the match info and tally the frequency counts. Return true if
+ * the current block must be flushed.
+ */
+int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+ deflate_state *s;
+ unsigned dist; /* distance of matched string */
+ unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
+{
+ s->d_buf[s->last_lit] = (ush)dist;
+ s->l_buf[s->last_lit++] = (uch)lc;
+ if (dist == 0) {
+ /* lc is the unmatched char */
+ s->dyn_ltree[lc].Freq++;
+ } else {
+ s->matches++;
+ /* Here, lc is the match length - MIN_MATCH */
+ dist--; /* dist = match distance - 1 */
+ Assert((ush)dist < (ush)MAX_DIST(s) &&
+ (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
+ (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
+
+ s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
+ s->dyn_dtree[d_code(dist)].Freq++;
+ }
+
+#ifdef TRUNCATE_BLOCK
+ /* Try to guess if it is profitable to stop the current block here */
+ if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
+ /* Compute an upper bound for the compressed length */
+ ulg out_length = (ulg)s->last_lit*8L;
+ ulg in_length = (ulg)((long)s->strstart - s->block_start);
+ int dcode;
+ for (dcode = 0; dcode < D_CODES; dcode++) {
+ out_length += (ulg)s->dyn_dtree[dcode].Freq *
+ (5L+extra_dbits[dcode]);
+ }
+ out_length >>= 3;
+ Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
+ s->last_lit, in_length, out_length,
+ 100L - out_length*100L/in_length));
+ if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
+ }
+#endif
+ return (s->last_lit == s->lit_bufsize-1);
+ /* We avoid equality with lit_bufsize because of wraparound at 64K
+ * on 16 bit machines and because stored blocks are restricted to
+ * 64K-1 bytes.
+ */
+}
+
+/* ===========================================================================
+ * Send the block data compressed using the given Huffman trees
+ */
+local void compress_block(s, ltree, dtree)
+ deflate_state *s;
+ ct_data *ltree; /* literal tree */
+ ct_data *dtree; /* distance tree */
+{
+ unsigned dist; /* distance of matched string */
+ int lc; /* match length or unmatched char (if dist == 0) */
+ unsigned lx = 0; /* running index in l_buf */
+ unsigned code; /* the code to send */
+ int extra; /* number of extra bits to send */
+
+ if (s->last_lit != 0) do {
+ dist = s->d_buf[lx];
+ lc = s->l_buf[lx++];
+ if (dist == 0) {
+ send_code(s, lc, ltree); /* send a literal byte */
+ Tracecv(isgraph(lc), (stderr," '%c' ", lc));
+ } else {
+ /* Here, lc is the match length - MIN_MATCH */
+ code = _length_code[lc];
+ send_code(s, code+LITERALS+1, ltree); /* send the length code */
+ extra = extra_lbits[code];
+ if (extra != 0) {
+ lc -= base_length[code];
+ send_bits(s, lc, extra); /* send the extra length bits */
+ }
+ dist--; /* dist is now the match distance - 1 */
+ code = d_code(dist);
+ Assert (code < D_CODES, "bad d_code");
+
+ send_code(s, code, dtree); /* send the distance code */
+ extra = extra_dbits[code];
+ if (extra != 0) {
+ dist -= base_dist[code];
+ send_bits(s, dist, extra); /* send the extra distance bits */
+ }
+ } /* literal or match pair ? */
+
+ /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
+ Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
+ "pendingBuf overflow");
+
+ } while (lx < s->last_lit);
+
+ send_code(s, END_BLOCK, ltree);
+ s->last_eob_len = ltree[END_BLOCK].Len;
+}
+
+/* ===========================================================================
+ * Check if the data type is TEXT or BINARY, using the following algorithm:
+ * - TEXT if the two conditions below are satisfied:
+ * a) There are no non-portable control characters belonging to the
+ * "black list" (0..6, 14..25, 28..31).
+ * b) There is at least one printable character belonging to the
+ * "white list" (9 {TAB}, 10 {LF}, 13 {CR}, 32..255).
+ * - BINARY otherwise.
+ * - The following partially-portable control characters form a
+ * "gray list" that is ignored in this detection algorithm:
+ * (7 {BEL}, 8 {BS}, 11 {VT}, 12 {FF}, 26 {SUB}, 27 {ESC}).
+ * IN assertion: the fields Freq of dyn_ltree are set.
+ */
+local int detect_data_type(s)
+ deflate_state *s;
+{
+ /* black_mask is the bit mask of black-listed bytes
+ * set bits 0..6, 14..25, and 28..31
+ * 0xf3ffc07f = binary 11110011111111111100000001111111
+ */
+ unsigned long black_mask = 0xf3ffc07fUL;
+ int n;
+
+ /* Check for non-textual ("black-listed") bytes. */
+ for (n = 0; n <= 31; n++, black_mask >>= 1)
+ if ((black_mask & 1) && (s->dyn_ltree[n].Freq != 0))
+ return Z_BINARY;
+
+ /* Check for textual ("white-listed") bytes. */
+ if (s->dyn_ltree[9].Freq != 0 || s->dyn_ltree[10].Freq != 0
+ || s->dyn_ltree[13].Freq != 0)
+ return Z_TEXT;
+ for (n = 32; n < LITERALS; n++)
+ if (s->dyn_ltree[n].Freq != 0)
+ return Z_TEXT;
+
+ /* There are no "black-listed" or "white-listed" bytes:
+ * this stream either is empty or has tolerated ("gray-listed") bytes only.
+ */
+ return Z_BINARY;
+}
+
+/* ===========================================================================
+ * Reverse the first len bits of a code, using straightforward code (a faster
+ * method would use a table)
+ * IN assertion: 1 <= len <= 15
+ */
+local unsigned bi_reverse(code, len)
+ unsigned code; /* the value to invert */
+ int len; /* its bit length */
+{
+ register unsigned res = 0;
+ do {
+ res |= code & 1;
+ code >>= 1, res <<= 1;
+ } while (--len > 0);
+ return res >> 1;
+}
+
+/* ===========================================================================
+ * Flush the bit buffer, keeping at most 7 bits in it.
+ */
+local void bi_flush(s)
+ deflate_state *s;
+{
+ if (s->bi_valid == 16) {
+ put_short(s, s->bi_buf);
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+ } else if (s->bi_valid >= 8) {
+ put_byte(s, (Byte)s->bi_buf);
+ s->bi_buf >>= 8;
+ s->bi_valid -= 8;
+ }
+}
+
+/* ===========================================================================
+ * Flush the bit buffer and align the output on a byte boundary
+ */
+local void bi_windup(s)
+ deflate_state *s;
+{
+ if (s->bi_valid > 8) {
+ put_short(s, s->bi_buf);
+ } else if (s->bi_valid > 0) {
+ put_byte(s, (Byte)s->bi_buf);
+ }
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+#ifdef DEBUG
+ s->bits_sent = (s->bits_sent+7) & ~7;
+#endif
+}
+
+/* ===========================================================================
+ * Copy a stored block, storing first the length and its
+ * one's complement if requested.
+ */
+local void copy_block(s, buf, len, header)
+ deflate_state *s;
+ charf *buf; /* the input data */
+ unsigned len; /* its length */
+ int header; /* true if block header must be written */
+{
+ bi_windup(s); /* align on byte boundary */
+ s->last_eob_len = 8; /* enough lookahead for inflate */
+
+ if (header) {
+ put_short(s, (ush)len);
+ put_short(s, (ush)~len);
+#ifdef DEBUG
+ s->bits_sent += 2*16;
+#endif
+ }
+#ifdef DEBUG
+ s->bits_sent += (ulg)len<<3;
+#endif
+ while (len--) {
+ put_byte(s, *buf++);
+ }
+}
diff --git a/security/nss/lib/zlib/trees.h b/security/nss/lib/zlib/trees.h
new file mode 100644
index 000000000..d0868d9f2
--- /dev/null
+++ b/security/nss/lib/zlib/trees.h
@@ -0,0 +1,132 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* header created automatically with -DGEN_TREES_H */
+
+local const ct_data static_ltree[L_CODES+2] = {
+{{ 12},{ 8}}, {{140},{ 8}}, {{ 76},{ 8}}, {{204},{ 8}}, {{ 44},{ 8}},
+{{172},{ 8}}, {{108},{ 8}}, {{236},{ 8}}, {{ 28},{ 8}}, {{156},{ 8}},
+{{ 92},{ 8}}, {{220},{ 8}}, {{ 60},{ 8}}, {{188},{ 8}}, {{124},{ 8}},
+{{252},{ 8}}, {{ 2},{ 8}}, {{130},{ 8}}, {{ 66},{ 8}}, {{194},{ 8}},
+{{ 34},{ 8}}, {{162},{ 8}}, {{ 98},{ 8}}, {{226},{ 8}}, {{ 18},{ 8}},
+{{146},{ 8}}, {{ 82},{ 8}}, {{210},{ 8}}, {{ 50},{ 8}}, {{178},{ 8}},
+{{114},{ 8}}, {{242},{ 8}}, {{ 10},{ 8}}, {{138},{ 8}}, {{ 74},{ 8}},
+{{202},{ 8}}, {{ 42},{ 8}}, {{170},{ 8}}, {{106},{ 8}}, {{234},{ 8}},
+{{ 26},{ 8}}, {{154},{ 8}}, {{ 90},{ 8}}, {{218},{ 8}}, {{ 58},{ 8}},
+{{186},{ 8}}, {{122},{ 8}}, {{250},{ 8}}, {{ 6},{ 8}}, {{134},{ 8}},
+{{ 70},{ 8}}, {{198},{ 8}}, {{ 38},{ 8}}, {{166},{ 8}}, {{102},{ 8}},
+{{230},{ 8}}, {{ 22},{ 8}}, {{150},{ 8}}, {{ 86},{ 8}}, {{214},{ 8}},
+{{ 54},{ 8}}, {{182},{ 8}}, {{118},{ 8}}, {{246},{ 8}}, {{ 14},{ 8}},
+{{142},{ 8}}, {{ 78},{ 8}}, {{206},{ 8}}, {{ 46},{ 8}}, {{174},{ 8}},
+{{110},{ 8}}, {{238},{ 8}}, {{ 30},{ 8}}, {{158},{ 8}}, {{ 94},{ 8}},
+{{222},{ 8}}, {{ 62},{ 8}}, {{190},{ 8}}, {{126},{ 8}}, {{254},{ 8}},
+{{ 1},{ 8}}, {{129},{ 8}}, {{ 65},{ 8}}, {{193},{ 8}}, {{ 33},{ 8}},
+{{161},{ 8}}, {{ 97},{ 8}}, {{225},{ 8}}, {{ 17},{ 8}}, {{145},{ 8}},
+{{ 81},{ 8}}, {{209},{ 8}}, {{ 49},{ 8}}, {{177},{ 8}}, {{113},{ 8}},
+{{241},{ 8}}, {{ 9},{ 8}}, {{137},{ 8}}, {{ 73},{ 8}}, {{201},{ 8}},
+{{ 41},{ 8}}, {{169},{ 8}}, {{105},{ 8}}, {{233},{ 8}}, {{ 25},{ 8}},
+{{153},{ 8}}, {{ 89},{ 8}}, {{217},{ 8}}, {{ 57},{ 8}}, {{185},{ 8}},
+{{121},{ 8}}, {{249},{ 8}}, {{ 5},{ 8}}, {{133},{ 8}}, {{ 69},{ 8}},
+{{197},{ 8}}, {{ 37},{ 8}}, {{165},{ 8}}, {{101},{ 8}}, {{229},{ 8}},
+{{ 21},{ 8}}, {{149},{ 8}}, {{ 85},{ 8}}, {{213},{ 8}}, {{ 53},{ 8}},
+{{181},{ 8}}, {{117},{ 8}}, {{245},{ 8}}, {{ 13},{ 8}}, {{141},{ 8}},
+{{ 77},{ 8}}, {{205},{ 8}}, {{ 45},{ 8}}, {{173},{ 8}}, {{109},{ 8}},
+{{237},{ 8}}, {{ 29},{ 8}}, {{157},{ 8}}, {{ 93},{ 8}}, {{221},{ 8}},
+{{ 61},{ 8}}, {{189},{ 8}}, {{125},{ 8}}, {{253},{ 8}}, {{ 19},{ 9}},
+{{275},{ 9}}, {{147},{ 9}}, {{403},{ 9}}, {{ 83},{ 9}}, {{339},{ 9}},
+{{211},{ 9}}, {{467},{ 9}}, {{ 51},{ 9}}, {{307},{ 9}}, {{179},{ 9}},
+{{435},{ 9}}, {{115},{ 9}}, {{371},{ 9}}, {{243},{ 9}}, {{499},{ 9}},
+{{ 11},{ 9}}, {{267},{ 9}}, {{139},{ 9}}, {{395},{ 9}}, {{ 75},{ 9}},
+{{331},{ 9}}, {{203},{ 9}}, {{459},{ 9}}, {{ 43},{ 9}}, {{299},{ 9}},
+{{171},{ 9}}, {{427},{ 9}}, {{107},{ 9}}, {{363},{ 9}}, {{235},{ 9}},
+{{491},{ 9}}, {{ 27},{ 9}}, {{283},{ 9}}, {{155},{ 9}}, {{411},{ 9}},
+{{ 91},{ 9}}, {{347},{ 9}}, {{219},{ 9}}, {{475},{ 9}}, {{ 59},{ 9}},
+{{315},{ 9}}, {{187},{ 9}}, {{443},{ 9}}, {{123},{ 9}}, {{379},{ 9}},
+{{251},{ 9}}, {{507},{ 9}}, {{ 7},{ 9}}, {{263},{ 9}}, {{135},{ 9}},
+{{391},{ 9}}, {{ 71},{ 9}}, {{327},{ 9}}, {{199},{ 9}}, {{455},{ 9}},
+{{ 39},{ 9}}, {{295},{ 9}}, {{167},{ 9}}, {{423},{ 9}}, {{103},{ 9}},
+{{359},{ 9}}, {{231},{ 9}}, {{487},{ 9}}, {{ 23},{ 9}}, {{279},{ 9}},
+{{151},{ 9}}, {{407},{ 9}}, {{ 87},{ 9}}, {{343},{ 9}}, {{215},{ 9}},
+{{471},{ 9}}, {{ 55},{ 9}}, {{311},{ 9}}, {{183},{ 9}}, {{439},{ 9}},
+{{119},{ 9}}, {{375},{ 9}}, {{247},{ 9}}, {{503},{ 9}}, {{ 15},{ 9}},
+{{271},{ 9}}, {{143},{ 9}}, {{399},{ 9}}, {{ 79},{ 9}}, {{335},{ 9}},
+{{207},{ 9}}, {{463},{ 9}}, {{ 47},{ 9}}, {{303},{ 9}}, {{175},{ 9}},
+{{431},{ 9}}, {{111},{ 9}}, {{367},{ 9}}, {{239},{ 9}}, {{495},{ 9}},
+{{ 31},{ 9}}, {{287},{ 9}}, {{159},{ 9}}, {{415},{ 9}}, {{ 95},{ 9}},
+{{351},{ 9}}, {{223},{ 9}}, {{479},{ 9}}, {{ 63},{ 9}}, {{319},{ 9}},
+{{191},{ 9}}, {{447},{ 9}}, {{127},{ 9}}, {{383},{ 9}}, {{255},{ 9}},
+{{511},{ 9}}, {{ 0},{ 7}}, {{ 64},{ 7}}, {{ 32},{ 7}}, {{ 96},{ 7}},
+{{ 16},{ 7}}, {{ 80},{ 7}}, {{ 48},{ 7}}, {{112},{ 7}}, {{ 8},{ 7}},
+{{ 72},{ 7}}, {{ 40},{ 7}}, {{104},{ 7}}, {{ 24},{ 7}}, {{ 88},{ 7}},
+{{ 56},{ 7}}, {{120},{ 7}}, {{ 4},{ 7}}, {{ 68},{ 7}}, {{ 36},{ 7}},
+{{100},{ 7}}, {{ 20},{ 7}}, {{ 84},{ 7}}, {{ 52},{ 7}}, {{116},{ 7}},
+{{ 3},{ 8}}, {{131},{ 8}}, {{ 67},{ 8}}, {{195},{ 8}}, {{ 35},{ 8}},
+{{163},{ 8}}, {{ 99},{ 8}}, {{227},{ 8}}
+};
+
+local const ct_data static_dtree[D_CODES] = {
+{{ 0},{ 5}}, {{16},{ 5}}, {{ 8},{ 5}}, {{24},{ 5}}, {{ 4},{ 5}},
+{{20},{ 5}}, {{12},{ 5}}, {{28},{ 5}}, {{ 2},{ 5}}, {{18},{ 5}},
+{{10},{ 5}}, {{26},{ 5}}, {{ 6},{ 5}}, {{22},{ 5}}, {{14},{ 5}},
+{{30},{ 5}}, {{ 1},{ 5}}, {{17},{ 5}}, {{ 9},{ 5}}, {{25},{ 5}},
+{{ 5},{ 5}}, {{21},{ 5}}, {{13},{ 5}}, {{29},{ 5}}, {{ 3},{ 5}},
+{{19},{ 5}}, {{11},{ 5}}, {{27},{ 5}}, {{ 7},{ 5}}, {{23},{ 5}}
+};
+
+const uch ZLIB_INTERNAL _dist_code[DIST_CODE_LEN] = {
+ 0, 1, 2, 3, 4, 4, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, 8, 8, 8, 8,
+ 8, 8, 8, 8, 9, 9, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 10, 10, 10,
+10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
+11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
+12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
+13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
+13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 0, 0, 16, 17,
+18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
+};
+
+const uch ZLIB_INTERNAL _length_code[MAX_MATCH-MIN_MATCH+1]= {
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 12, 12,
+13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
+17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
+19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
+21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
+22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
+};
+
+local const int base_length[LENGTH_CODES] = {
+0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
+64, 80, 96, 112, 128, 160, 192, 224, 0
+};
+
+local const int base_dist[D_CODES] = {
+ 0, 1, 2, 3, 4, 6, 8, 12, 16, 24,
+ 32, 48, 64, 96, 128, 192, 256, 384, 512, 768,
+ 1024, 1536, 2048, 3072, 4096, 6144, 8192, 12288, 16384, 24576
+};
+
diff --git a/security/nss/lib/zlib/uncompr.c b/security/nss/lib/zlib/uncompr.c
new file mode 100644
index 000000000..ad98be3a5
--- /dev/null
+++ b/security/nss/lib/zlib/uncompr.c
@@ -0,0 +1,59 @@
+/* uncompr.c -- decompress a memory buffer
+ * Copyright (C) 1995-2003, 2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#define ZLIB_INTERNAL
+#include "zlib.h"
+
+/* ===========================================================================
+ Decompresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total
+ size of the destination buffer, which must be large enough to hold the
+ entire uncompressed data. (The size of the uncompressed data must have
+ been saved previously by the compressor and transmitted to the decompressor
+ by some mechanism outside the scope of this compression library.)
+ Upon exit, destLen is the actual size of the compressed buffer.
+
+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer, or Z_DATA_ERROR if the input data was corrupted.
+*/
+int ZEXPORT uncompress (dest, destLen, source, sourceLen)
+ Bytef *dest;
+ uLongf *destLen;
+ const Bytef *source;
+ uLong sourceLen;
+{
+ z_stream stream;
+ int err;
+
+ stream.next_in = (Bytef*)source;
+ stream.avail_in = (uInt)sourceLen;
+ /* Check for source > 64K on 16-bit machine: */
+ if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
+
+ stream.next_out = dest;
+ stream.avail_out = (uInt)*destLen;
+ if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
+
+ stream.zalloc = (alloc_func)0;
+ stream.zfree = (free_func)0;
+
+ err = inflateInit(&stream);
+ if (err != Z_OK) return err;
+
+ err = inflate(&stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ inflateEnd(&stream);
+ if (err == Z_NEED_DICT || (err == Z_BUF_ERROR && stream.avail_in == 0))
+ return Z_DATA_ERROR;
+ return err;
+ }
+ *destLen = stream.total_out;
+
+ err = inflateEnd(&stream);
+ return err;
+}
diff --git a/security/nss/lib/zlib/zconf.h b/security/nss/lib/zlib/zconf.h
new file mode 100644
index 000000000..02ce56c43
--- /dev/null
+++ b/security/nss/lib/zlib/zconf.h
@@ -0,0 +1,428 @@
+/* zconf.h -- configuration of the zlib compression library
+ * Copyright (C) 1995-2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#ifndef ZCONF_H
+#define ZCONF_H
+
+/*
+ * If you *really* need a unique prefix for all types and library functions,
+ * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
+ * Even better than compiling with -DZ_PREFIX would be to use configure to set
+ * this permanently in zconf.h using "./configure --zprefix".
+ */
+#ifdef Z_PREFIX /* may be set to #if 1 by ./configure */
+
+/* all linked symbols */
+# define _dist_code z__dist_code
+# define _length_code z__length_code
+# define _tr_align z__tr_align
+# define _tr_flush_block z__tr_flush_block
+# define _tr_init z__tr_init
+# define _tr_stored_block z__tr_stored_block
+# define _tr_tally z__tr_tally
+# define adler32 z_adler32
+# define adler32_combine z_adler32_combine
+# define adler32_combine64 z_adler32_combine64
+# define compress z_compress
+# define compress2 z_compress2
+# define compressBound z_compressBound
+# define crc32 z_crc32
+# define crc32_combine z_crc32_combine
+# define crc32_combine64 z_crc32_combine64
+# define deflate z_deflate
+# define deflateBound z_deflateBound
+# define deflateCopy z_deflateCopy
+# define deflateEnd z_deflateEnd
+# define deflateInit2_ z_deflateInit2_
+# define deflateInit_ z_deflateInit_
+# define deflateParams z_deflateParams
+# define deflatePrime z_deflatePrime
+# define deflateReset z_deflateReset
+# define deflateSetDictionary z_deflateSetDictionary
+# define deflateSetHeader z_deflateSetHeader
+# define deflateTune z_deflateTune
+# define deflate_copyright z_deflate_copyright
+# define get_crc_table z_get_crc_table
+# define gz_error z_gz_error
+# define gz_intmax z_gz_intmax
+# define gz_strwinerror z_gz_strwinerror
+# define gzbuffer z_gzbuffer
+# define gzclearerr z_gzclearerr
+# define gzclose z_gzclose
+# define gzclose_r z_gzclose_r
+# define gzclose_w z_gzclose_w
+# define gzdirect z_gzdirect
+# define gzdopen z_gzdopen
+# define gzeof z_gzeof
+# define gzerror z_gzerror
+# define gzflush z_gzflush
+# define gzgetc z_gzgetc
+# define gzgets z_gzgets
+# define gzoffset z_gzoffset
+# define gzoffset64 z_gzoffset64
+# define gzopen z_gzopen
+# define gzopen64 z_gzopen64
+# define gzprintf z_gzprintf
+# define gzputc z_gzputc
+# define gzputs z_gzputs
+# define gzread z_gzread
+# define gzrewind z_gzrewind
+# define gzseek z_gzseek
+# define gzseek64 z_gzseek64
+# define gzsetparams z_gzsetparams
+# define gztell z_gztell
+# define gztell64 z_gztell64
+# define gzungetc z_gzungetc
+# define gzwrite z_gzwrite
+# define inflate z_inflate
+# define inflateBack z_inflateBack
+# define inflateBackEnd z_inflateBackEnd
+# define inflateBackInit_ z_inflateBackInit_
+# define inflateCopy z_inflateCopy
+# define inflateEnd z_inflateEnd
+# define inflateGetHeader z_inflateGetHeader
+# define inflateInit2_ z_inflateInit2_
+# define inflateInit_ z_inflateInit_
+# define inflateMark z_inflateMark
+# define inflatePrime z_inflatePrime
+# define inflateReset z_inflateReset
+# define inflateReset2 z_inflateReset2
+# define inflateSetDictionary z_inflateSetDictionary
+# define inflateSync z_inflateSync
+# define inflateSyncPoint z_inflateSyncPoint
+# define inflateUndermine z_inflateUndermine
+# define inflate_copyright z_inflate_copyright
+# define inflate_fast z_inflate_fast
+# define inflate_table z_inflate_table
+# define uncompress z_uncompress
+# define zError z_zError
+# define zcalloc z_zcalloc
+# define zcfree z_zcfree
+# define zlibCompileFlags z_zlibCompileFlags
+# define zlibVersion z_zlibVersion
+
+/* all zlib typedefs in zlib.h and zconf.h */
+# define Byte z_Byte
+# define Bytef z_Bytef
+# define alloc_func z_alloc_func
+# define charf z_charf
+# define free_func z_free_func
+# define gzFile z_gzFile
+# define gz_header z_gz_header
+# define gz_headerp z_gz_headerp
+# define in_func z_in_func
+# define intf z_intf
+# define out_func z_out_func
+# define uInt z_uInt
+# define uIntf z_uIntf
+# define uLong z_uLong
+# define uLongf z_uLongf
+# define voidp z_voidp
+# define voidpc z_voidpc
+# define voidpf z_voidpf
+
+/* all zlib structs in zlib.h and zconf.h */
+# define gz_header_s z_gz_header_s
+# define internal_state z_internal_state
+
+#endif
+
+#if defined(__MSDOS__) && !defined(MSDOS)
+# define MSDOS
+#endif
+#if (defined(OS_2) || defined(__OS2__)) && !defined(OS2)
+# define OS2
+#endif
+#if defined(_WINDOWS) && !defined(WINDOWS)
+# define WINDOWS
+#endif
+#if defined(_WIN32) || defined(_WIN32_WCE) || defined(__WIN32__)
+# ifndef WIN32
+# define WIN32
+# endif
+#endif
+#if (defined(MSDOS) || defined(OS2) || defined(WINDOWS)) && !defined(WIN32)
+# if !defined(__GNUC__) && !defined(__FLAT__) && !defined(__386__)
+# ifndef SYS16BIT
+# define SYS16BIT
+# endif
+# endif
+#endif
+
+/*
+ * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
+ * than 64k bytes at a time (needed on systems with 16-bit int).
+ */
+#ifdef SYS16BIT
+# define MAXSEG_64K
+#endif
+#ifdef MSDOS
+# define UNALIGNED_OK
+#endif
+
+#ifdef __STDC_VERSION__
+# ifndef STDC
+# define STDC
+# endif
+# if __STDC_VERSION__ >= 199901L
+# ifndef STDC99
+# define STDC99
+# endif
+# endif
+#endif
+#if !defined(STDC) && (defined(__STDC__) || defined(__cplusplus))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(__GNUC__) || defined(__BORLANDC__))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(MSDOS) || defined(WINDOWS) || defined(WIN32))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(OS2) || defined(__HOS_AIX__))
+# define STDC
+#endif
+
+#if defined(__OS400__) && !defined(STDC) /* iSeries (formerly AS/400). */
+# define STDC
+#endif
+
+#ifndef STDC
+# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
+# define const /* note: need a more gentle solution here */
+# endif
+#endif
+
+/* Some Mac compilers merge all .h files incorrectly: */
+#if defined(__MWERKS__)||defined(applec)||defined(THINK_C)||defined(__SC__)
+# define NO_DUMMY_DECL
+#endif
+
+/* Maximum value for memLevel in deflateInit2 */
+#ifndef MAX_MEM_LEVEL
+# ifdef MAXSEG_64K
+# define MAX_MEM_LEVEL 8
+# else
+# define MAX_MEM_LEVEL 9
+# endif
+#endif
+
+/* Maximum value for windowBits in deflateInit2 and inflateInit2.
+ * WARNING: reducing MAX_WBITS makes minigzip unable to extract .gz files
+ * created by gzip. (Files created by minigzip can still be extracted by
+ * gzip.)
+ */
+#ifndef MAX_WBITS
+# define MAX_WBITS 15 /* 32K LZ77 window */
+#endif
+
+/* The memory requirements for deflate are (in bytes):
+ (1 << (windowBits+2)) + (1 << (memLevel+9))
+ that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
+ plus a few kilobytes for small objects. For example, if you want to reduce
+ the default memory requirements from 256K to 128K, compile with
+ make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
+ Of course this will generally degrade compression (there's no free lunch).
+
+ The memory requirements for inflate are (in bytes) 1 << windowBits
+ that is, 32K for windowBits=15 (default value) plus a few kilobytes
+ for small objects.
+*/
+
+ /* Type declarations */
+
+#ifndef OF /* function prototypes */
+# ifdef STDC
+# define OF(args) args
+# else
+# define OF(args) ()
+# endif
+#endif
+
+/* The following definitions for FAR are needed only for MSDOS mixed
+ * model programming (small or medium model with some far allocations).
+ * This was tested only with MSC; for other MSDOS compilers you may have
+ * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
+ * just define FAR to be empty.
+ */
+#ifdef SYS16BIT
+# if defined(M_I86SM) || defined(M_I86MM)
+ /* MSC small or medium model */
+# define SMALL_MEDIUM
+# ifdef _MSC_VER
+# define FAR _far
+# else
+# define FAR far
+# endif
+# endif
+# if (defined(__SMALL__) || defined(__MEDIUM__))
+ /* Turbo C small or medium model */
+# define SMALL_MEDIUM
+# ifdef __BORLANDC__
+# define FAR _far
+# else
+# define FAR far
+# endif
+# endif
+#endif
+
+#if defined(WINDOWS) || defined(WIN32)
+ /* If building or using zlib as a DLL, define ZLIB_DLL.
+ * This is not mandatory, but it offers a little performance increase.
+ */
+# ifdef ZLIB_DLL
+# if defined(WIN32) && (!defined(__BORLANDC__) || (__BORLANDC__ >= 0x500))
+# ifdef ZLIB_INTERNAL
+# define ZEXTERN extern __declspec(dllexport)
+# else
+# define ZEXTERN extern __declspec(dllimport)
+# endif
+# endif
+# endif /* ZLIB_DLL */
+ /* If building or using zlib with the WINAPI/WINAPIV calling convention,
+ * define ZLIB_WINAPI.
+ * Caution: the standard ZLIB1.DLL is NOT compiled using ZLIB_WINAPI.
+ */
+# ifdef ZLIB_WINAPI
+# ifdef FAR
+# undef FAR
+# endif
+# include <windows.h>
+ /* No need for _export, use ZLIB.DEF instead. */
+ /* For complete Windows compatibility, use WINAPI, not __stdcall. */
+# define ZEXPORT WINAPI
+# ifdef WIN32
+# define ZEXPORTVA WINAPIV
+# else
+# define ZEXPORTVA FAR CDECL
+# endif
+# endif
+#endif
+
+#if defined (__BEOS__)
+# ifdef ZLIB_DLL
+# ifdef ZLIB_INTERNAL
+# define ZEXPORT __declspec(dllexport)
+# define ZEXPORTVA __declspec(dllexport)
+# else
+# define ZEXPORT __declspec(dllimport)
+# define ZEXPORTVA __declspec(dllimport)
+# endif
+# endif
+#endif
+
+#ifndef ZEXTERN
+# define ZEXTERN extern
+#endif
+#ifndef ZEXPORT
+# define ZEXPORT
+#endif
+#ifndef ZEXPORTVA
+# define ZEXPORTVA
+#endif
+
+#ifndef FAR
+# define FAR
+#endif
+
+#if !defined(__MACTYPES__)
+typedef unsigned char Byte; /* 8 bits */
+#endif
+typedef unsigned int uInt; /* 16 bits or more */
+typedef unsigned long uLong; /* 32 bits or more */
+
+#ifdef SMALL_MEDIUM
+ /* Borland C/C++ and some old MSC versions ignore FAR inside typedef */
+# define Bytef Byte FAR
+#else
+ typedef Byte FAR Bytef;
+#endif
+typedef char FAR charf;
+typedef int FAR intf;
+typedef uInt FAR uIntf;
+typedef uLong FAR uLongf;
+
+#ifdef STDC
+ typedef void const *voidpc;
+ typedef void FAR *voidpf;
+ typedef void *voidp;
+#else
+ typedef Byte const *voidpc;
+ typedef Byte FAR *voidpf;
+ typedef Byte *voidp;
+#endif
+
+#ifdef HAVE_UNISTD_H /* may be set to #if 1 by ./configure */
+# define Z_HAVE_UNISTD_H
+#endif
+
+#ifdef STDC
+# include <sys/types.h> /* for off_t */
+#endif
+
+/* a little trick to accommodate both "#define _LARGEFILE64_SOURCE" and
+ * "#define _LARGEFILE64_SOURCE 1" as requesting 64-bit operations, (even
+ * though the former does not conform to the LFS document), but considering
+ * both "#undef _LARGEFILE64_SOURCE" and "#define _LARGEFILE64_SOURCE 0" as
+ * equivalently requesting no 64-bit operations
+ */
+#if -_LARGEFILE64_SOURCE - -1 == 1
+# undef _LARGEFILE64_SOURCE
+#endif
+
+#if defined(Z_HAVE_UNISTD_H) || defined(_LARGEFILE64_SOURCE)
+# include <unistd.h> /* for SEEK_* and off_t */
+# ifdef VMS
+# include <unixio.h> /* for off_t */
+# endif
+# ifndef z_off_t
+# define z_off_t off_t
+# endif
+#endif
+
+#ifndef SEEK_SET
+# define SEEK_SET 0 /* Seek from beginning of file. */
+# define SEEK_CUR 1 /* Seek from current position. */
+# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */
+#endif
+
+#ifndef z_off_t
+# define z_off_t long
+#endif
+
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+# define z_off64_t off64_t
+#else
+# define z_off64_t z_off_t
+#endif
+
+#if defined(__OS400__)
+# define NO_vsnprintf
+#endif
+
+#if defined(__MVS__)
+# define NO_vsnprintf
+#endif
+
+/* MVS linker does not support external names larger than 8 bytes */
+#if defined(__MVS__)
+ #pragma map(deflateInit_,"DEIN")
+ #pragma map(deflateInit2_,"DEIN2")
+ #pragma map(deflateEnd,"DEEND")
+ #pragma map(deflateBound,"DEBND")
+ #pragma map(inflateInit_,"ININ")
+ #pragma map(inflateInit2_,"ININ2")
+ #pragma map(inflateEnd,"INEND")
+ #pragma map(inflateSync,"INSY")
+ #pragma map(inflateSetDictionary,"INSEDI")
+ #pragma map(compressBound,"CMBND")
+ #pragma map(inflate_table,"INTABL")
+ #pragma map(inflate_fast,"INFA")
+ #pragma map(inflate_copyright,"INCOPY")
+#endif
+
+#endif /* ZCONF_H */
diff --git a/security/nss/lib/zlib/zlib.gyp b/security/nss/lib/zlib/zlib.gyp
new file mode 100644
index 000000000..c89dbd96c
--- /dev/null
+++ b/security/nss/lib/zlib/zlib.gyp
@@ -0,0 +1,49 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ "../../coreconf/config.gypi"
+ ],
+ 'variables': {
+ 'module': 'nss',
+ },
+ 'conditions': [
+ ['use_system_zlib==1', {
+ 'targets': [{
+ 'target_name': 'nss_zlib',
+ 'type': 'none',
+ 'link_settings': {
+ 'libraries': ['<@(zlib_libs)'],
+ },
+ }],
+ }, {
+ 'targets': [{
+ 'target_name': 'nss_zlib',
+ 'type': 'static_library',
+ 'sources': [
+ 'adler32.c',
+ 'compress.c',
+ 'crc32.c',
+ 'deflate.c',
+ 'gzclose.c',
+ 'gzlib.c',
+ 'gzread.c',
+ 'gzwrite.c',
+ 'infback.c',
+ 'inffast.c',
+ 'inflate.c',
+ 'inftrees.c',
+ 'trees.c',
+ 'uncompr.c',
+ 'zutil.c',
+ ],
+ 'defines': [
+ # Define verbose as -1 to turn off all zlib trace messages in
+ # debug builds.
+ 'verbose=-1',
+ ],
+ }],
+ }]
+ ],
+}
diff --git a/security/nss/lib/zlib/zlib.h b/security/nss/lib/zlib/zlib.h
new file mode 100644
index 000000000..bfbba83e8
--- /dev/null
+++ b/security/nss/lib/zlib/zlib.h
@@ -0,0 +1,1613 @@
+/* zlib.h -- interface of the 'zlib' general purpose compression library
+ version 1.2.5, April 19th, 2010
+
+ Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup@gzip.org madler@alumni.caltech.edu
+
+
+ The data format used by the zlib library is described by RFCs (Request for
+ Comments) 1950 to 1952 in the files http://www.ietf.org/rfc/rfc1950.txt
+ (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
+*/
+
+#ifndef ZLIB_H
+#define ZLIB_H
+
+#include "zconf.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define ZLIB_VERSION "1.2.5"
+#define ZLIB_VERNUM 0x1250
+#define ZLIB_VER_MAJOR 1
+#define ZLIB_VER_MINOR 2
+#define ZLIB_VER_REVISION 5
+#define ZLIB_VER_SUBREVISION 0
+
+/*
+ The 'zlib' compression library provides in-memory compression and
+ decompression functions, including integrity checks of the uncompressed data.
+ This version of the library supports only one compression method (deflation)
+ but other algorithms will be added later and will have the same stream
+ interface.
+
+ Compression can be done in a single step if the buffers are large enough,
+ or can be done by repeated calls of the compression function. In the latter
+ case, the application must provide more input and/or consume the output
+ (providing more output space) before each call.
+
+ The compressed data format used by default by the in-memory functions is
+ the zlib format, which is a zlib wrapper documented in RFC 1950, wrapped
+ around a deflate stream, which is itself documented in RFC 1951.
+
+ The library also supports reading and writing files in gzip (.gz) format
+ with an interface similar to that of stdio using the functions that start
+ with "gz". The gzip format is different from the zlib format. gzip is a
+ gzip wrapper, documented in RFC 1952, wrapped around a deflate stream.
+
+ This library can optionally read and write gzip streams in memory as well.
+
+ The zlib format was designed to be compact and fast for use in memory
+ and on communications channels. The gzip format was designed for single-
+ file compression on file systems, has a larger header than zlib to maintain
+ directory information, and uses a different, slower check method than zlib.
+
+ The library does not install any signal handler. The decoder checks
+ the consistency of the compressed data, so the library should never crash
+ even in case of corrupted input.
+*/
+
+typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
+typedef void (*free_func) OF((voidpf opaque, voidpf address));
+
+struct internal_state;
+
+typedef struct z_stream_s {
+ Bytef *next_in; /* next input byte */
+ uInt avail_in; /* number of bytes available at next_in */
+ uLong total_in; /* total nb of input bytes read so far */
+
+ Bytef *next_out; /* next output byte should be put there */
+ uInt avail_out; /* remaining free space at next_out */
+ uLong total_out; /* total nb of bytes output so far */
+
+ char *msg; /* last error message, NULL if no error */
+ struct internal_state FAR *state; /* not visible by applications */
+
+ alloc_func zalloc; /* used to allocate the internal state */
+ free_func zfree; /* used to free the internal state */
+ voidpf opaque; /* private data object passed to zalloc and zfree */
+
+ int data_type; /* best guess about the data type: binary or text */
+ uLong adler; /* adler32 value of the uncompressed data */
+ uLong reserved; /* reserved for future use */
+} z_stream;
+
+typedef z_stream FAR *z_streamp;
+
+/*
+ gzip header information passed to and from zlib routines. See RFC 1952
+ for more details on the meanings of these fields.
+*/
+typedef struct gz_header_s {
+ int text; /* true if compressed data believed to be text */
+ uLong time; /* modification time */
+ int xflags; /* extra flags (not used when writing a gzip file) */
+ int os; /* operating system */
+ Bytef *extra; /* pointer to extra field or Z_NULL if none */
+ uInt extra_len; /* extra field length (valid if extra != Z_NULL) */
+ uInt extra_max; /* space at extra (only when reading header) */
+ Bytef *name; /* pointer to zero-terminated file name or Z_NULL */
+ uInt name_max; /* space at name (only when reading header) */
+ Bytef *comment; /* pointer to zero-terminated comment or Z_NULL */
+ uInt comm_max; /* space at comment (only when reading header) */
+ int hcrc; /* true if there was or will be a header crc */
+ int done; /* true when done reading gzip header (not used
+ when writing a gzip file) */
+} gz_header;
+
+typedef gz_header FAR *gz_headerp;
+
+/*
+ The application must update next_in and avail_in when avail_in has dropped
+ to zero. It must update next_out and avail_out when avail_out has dropped
+ to zero. The application must initialize zalloc, zfree and opaque before
+ calling the init function. All other fields are set by the compression
+ library and must not be updated by the application.
+
+ The opaque value provided by the application will be passed as the first
+ parameter for calls of zalloc and zfree. This can be useful for custom
+ memory management. The compression library attaches no meaning to the
+ opaque value.
+
+ zalloc must return Z_NULL if there is not enough memory for the object.
+ If zlib is used in a multi-threaded application, zalloc and zfree must be
+ thread safe.
+
+ On 16-bit systems, the functions zalloc and zfree must be able to allocate
+ exactly 65536 bytes, but will not be required to allocate more than this if
+ the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS, pointers
+ returned by zalloc for objects of exactly 65536 bytes *must* have their
+ offset normalized to zero. The default allocation function provided by this
+ library ensures this (see zutil.c). To reduce memory requirements and avoid
+ any allocation of 64K objects, at the expense of compression ratio, compile
+ the library with -DMAX_WBITS=14 (see zconf.h).
+
+ The fields total_in and total_out can be used for statistics or progress
+ reports. After compression, total_in holds the total size of the
+ uncompressed data and may be saved for use in the decompressor (particularly
+ if the decompressor wants to decompress everything in a single step).
+*/
+
+ /* constants */
+
+#define Z_NO_FLUSH 0
+#define Z_PARTIAL_FLUSH 1
+#define Z_SYNC_FLUSH 2
+#define Z_FULL_FLUSH 3
+#define Z_FINISH 4
+#define Z_BLOCK 5
+#define Z_TREES 6
+/* Allowed flush values; see deflate() and inflate() below for details */
+
+#define Z_OK 0
+#define Z_STREAM_END 1
+#define Z_NEED_DICT 2
+#define Z_ERRNO (-1)
+#define Z_STREAM_ERROR (-2)
+#define Z_DATA_ERROR (-3)
+#define Z_MEM_ERROR (-4)
+#define Z_BUF_ERROR (-5)
+#define Z_VERSION_ERROR (-6)
+/* Return codes for the compression/decompression functions. Negative values
+ * are errors, positive values are used for special but normal events.
+ */
+
+#define Z_NO_COMPRESSION 0
+#define Z_BEST_SPEED 1
+#define Z_BEST_COMPRESSION 9
+#define Z_DEFAULT_COMPRESSION (-1)
+/* compression levels */
+
+#define Z_FILTERED 1
+#define Z_HUFFMAN_ONLY 2
+#define Z_RLE 3
+#define Z_FIXED 4
+#define Z_DEFAULT_STRATEGY 0
+/* compression strategy; see deflateInit2() below for details */
+
+#define Z_BINARY 0
+#define Z_TEXT 1
+#define Z_ASCII Z_TEXT /* for compatibility with 1.2.2 and earlier */
+#define Z_UNKNOWN 2
+/* Possible values of the data_type field (though see inflate()) */
+
+#define Z_DEFLATED 8
+/* The deflate compression method (the only one supported in this version) */
+
+#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
+
+#define zlib_version zlibVersion()
+/* for compatibility with versions < 1.0.2 */
+
+
+ /* basic functions */
+
+ZEXTERN const char * ZEXPORT zlibVersion OF((void));
+/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
+ If the first character differs, the library code actually used is not
+ compatible with the zlib.h header file used by the application. This check
+ is automatically made by deflateInit and inflateInit.
+ */
+
+/*
+ZEXTERN int ZEXPORT deflateInit OF((z_streamp strm, int level));
+
+ Initializes the internal stream state for compression. The fields
+ zalloc, zfree and opaque must be initialized before by the caller. If
+ zalloc and zfree are set to Z_NULL, deflateInit updates them to use default
+ allocation functions.
+
+ The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
+ 1 gives best speed, 9 gives best compression, 0 gives no compression at all
+ (the input data is simply copied a block at a time). Z_DEFAULT_COMPRESSION
+ requests a default compromise between speed and compression (currently
+ equivalent to level 6).
+
+ deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_STREAM_ERROR if level is not a valid compression level, or
+ Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
+ with the version assumed by the caller (ZLIB_VERSION). msg is set to null
+ if there is no error message. deflateInit does not perform any compression:
+ this will be done by deflate().
+*/
+
+
+ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush));
+/*
+ deflate compresses as much data as possible, and stops when the input
+ buffer becomes empty or the output buffer becomes full. It may introduce
+ some output latency (reading input without producing any output) except when
+ forced to flush.
+
+ The detailed semantics are as follows. deflate performs one or both of the
+ following actions:
+
+ - Compress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in and avail_in are updated and
+ processing will resume at this point for the next call of deflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. This action is forced if the parameter flush is non zero.
+ Forcing flush frequently degrades the compression ratio, so this parameter
+ should be set only when necessary (in interactive applications). Some
+ output may be provided even if flush is not set.
+
+ Before the call of deflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming more
+ output, and updating avail_in or avail_out accordingly; avail_out should
+ never be zero before the call. The application can consume the compressed
+ output when it wants, for example when the output buffer is full (avail_out
+ == 0), or after each call of deflate(). If deflate returns Z_OK and with
+ zero avail_out, it must be called again after making room in the output
+ buffer because there might be more output pending.
+
+ Normally the parameter flush is set to Z_NO_FLUSH, which allows deflate to
+ decide how much data to accumulate before producing output, in order to
+ maximize compression.
+
+ If the parameter flush is set to Z_SYNC_FLUSH, all pending output is
+ flushed to the output buffer and the output is aligned on a byte boundary, so
+ that the decompressor can get all input data available so far. (In
+ particular avail_in is zero after the call if enough output space has been
+ provided before the call.) Flushing may degrade compression for some
+ compression algorithms and so it should be used only when necessary. This
+ completes the current deflate block and follows it with an empty stored block
+ that is three bits plus filler bits to the next byte, followed by four bytes
+ (00 00 ff ff).
+
+ If flush is set to Z_PARTIAL_FLUSH, all pending output is flushed to the
+ output buffer, but the output is not aligned to a byte boundary. All of the
+ input data so far will be available to the decompressor, as for Z_SYNC_FLUSH.
+ This completes the current deflate block and follows it with an empty fixed
+ codes block that is 10 bits long. This assures that enough bytes are output
+ in order for the decompressor to finish the block before the empty fixed code
+ block.
+
+ If flush is set to Z_BLOCK, a deflate block is completed and emitted, as
+ for Z_SYNC_FLUSH, but the output is not aligned on a byte boundary, and up to
+ seven bits of the current block are held to be written as the next byte after
+ the next deflate block is completed. In this case, the decompressor may not
+ be provided enough bits at this point in order to complete decompression of
+ the data provided so far to the compressor. It may need to wait for the next
+ block to be emitted. This is for advanced applications that need to control
+ the emission of deflate blocks.
+
+ If flush is set to Z_FULL_FLUSH, all output is flushed as with
+ Z_SYNC_FLUSH, and the compression state is reset so that decompression can
+ restart from this point if previous compressed data has been damaged or if
+ random access is desired. Using Z_FULL_FLUSH too often can seriously degrade
+ compression.
+
+ If deflate returns with avail_out == 0, this function must be called again
+ with the same value of the flush parameter and more output space (updated
+ avail_out), until the flush is complete (deflate returns with non-zero
+ avail_out). In the case of a Z_FULL_FLUSH or Z_SYNC_FLUSH, make sure that
+ avail_out is greater than six to avoid repeated flush markers due to
+ avail_out == 0 on return.
+
+ If the parameter flush is set to Z_FINISH, pending input is processed,
+ pending output is flushed and deflate returns with Z_STREAM_END if there was
+ enough output space; if deflate returns with Z_OK, this function must be
+ called again with Z_FINISH and more output space (updated avail_out) but no
+ more input data, until it returns with Z_STREAM_END or an error. After
+ deflate has returned Z_STREAM_END, the only possible operations on the stream
+ are deflateReset or deflateEnd.
+
+ Z_FINISH can be used immediately after deflateInit if all the compression
+ is to be done in a single step. In this case, avail_out must be at least the
+ value returned by deflateBound (see below). If deflate does not return
+ Z_STREAM_END, then it must be called again as described above.
+
+ deflate() sets strm->adler to the adler32 checksum of all input read
+ so far (that is, total_in bytes).
+
+ deflate() may update strm->data_type if it can make a good guess about
+ the input data type (Z_BINARY or Z_TEXT). In doubt, the data is considered
+ binary. This field is only for information purposes and does not affect the
+ compression algorithm in any manner.
+
+ deflate() returns Z_OK if some progress has been made (more input
+ processed or more output produced), Z_STREAM_END if all input has been
+ consumed and all output has been produced (only when flush is set to
+ Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
+ if next_in or next_out was Z_NULL), Z_BUF_ERROR if no progress is possible
+ (for example avail_in or avail_out was zero). Note that Z_BUF_ERROR is not
+ fatal, and deflate() can be called again with more input and more output
+ space to continue compressing.
+*/
+
+
+ZEXTERN int ZEXPORT deflateEnd OF((z_streamp strm));
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any pending
+ output.
+
+ deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
+ stream state was inconsistent, Z_DATA_ERROR if the stream was freed
+ prematurely (some input or output was discarded). In the error case, msg
+ may be set but then points to a static string (which must not be
+ deallocated).
+*/
+
+
+/*
+ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm));
+
+ Initializes the internal stream state for decompression. The fields
+ next_in, avail_in, zalloc, zfree and opaque must be initialized before by
+ the caller. If next_in is not Z_NULL and avail_in is large enough (the
+ exact value depends on the compression method), inflateInit determines the
+ compression method from the zlib header and allocates all data structures
+ accordingly; otherwise the allocation will be deferred to the first call of
+ inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to
+ use default allocation functions.
+
+ inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
+ version assumed by the caller, or Z_STREAM_ERROR if the parameters are
+ invalid, such as a null pointer to the structure. msg is set to null if
+ there is no error message. inflateInit does not perform any decompression
+ apart from possibly reading the zlib header if present: actual decompression
+ will be done by inflate(). (So next_in and avail_in may be modified, but
+ next_out and avail_out are unused and unchanged.) The current implementation
+ of inflateInit() does not process any header information -- that is deferred
+ until inflate() is called.
+*/
+
+
+ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush));
+/*
+ inflate decompresses as much data as possible, and stops when the input
+ buffer becomes empty or the output buffer becomes full. It may introduce
+ some output latency (reading input without producing any output) except when
+ forced to flush.
+
+ The detailed semantics are as follows. inflate performs one or both of the
+ following actions:
+
+ - Decompress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in is updated and processing will
+ resume at this point for the next call of inflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. inflate() provides as much output as possible, until there is
+ no more input data or no more space in the output buffer (see below about
+ the flush parameter).
+
+ Before the call of inflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming more
+ output, and updating the next_* and avail_* values accordingly. The
+ application can consume the uncompressed output when it wants, for example
+ when the output buffer is full (avail_out == 0), or after each call of
+ inflate(). If inflate returns Z_OK and with zero avail_out, it must be
+ called again after making room in the output buffer because there might be
+ more output pending.
+
+ The flush parameter of inflate() can be Z_NO_FLUSH, Z_SYNC_FLUSH, Z_FINISH,
+ Z_BLOCK, or Z_TREES. Z_SYNC_FLUSH requests that inflate() flush as much
+ output as possible to the output buffer. Z_BLOCK requests that inflate()
+ stop if and when it gets to the next deflate block boundary. When decoding
+ the zlib or gzip format, this will cause inflate() to return immediately
+ after the header and before the first block. When doing a raw inflate,
+ inflate() will go ahead and process the first block, and will return when it
+ gets to the end of that block, or when it runs out of data.
+
+ The Z_BLOCK option assists in appending to or combining deflate streams.
+ Also to assist in this, on return inflate() will set strm->data_type to the
+ number of unused bits in the last byte taken from strm->next_in, plus 64 if
+ inflate() is currently decoding the last block in the deflate stream, plus
+ 128 if inflate() returned immediately after decoding an end-of-block code or
+ decoding the complete header up to just before the first byte of the deflate
+ stream. The end-of-block will not be indicated until all of the uncompressed
+ data from that block has been written to strm->next_out. The number of
+ unused bits may in general be greater than seven, except when bit 7 of
+ data_type is set, in which case the number of unused bits will be less than
+ eight. data_type is set as noted here every time inflate() returns for all
+ flush options, and so can be used to determine the amount of currently
+ consumed input in bits.
+
+ The Z_TREES option behaves as Z_BLOCK does, but it also returns when the
+ end of each deflate block header is reached, before any actual data in that
+ block is decoded. This allows the caller to determine the length of the
+ deflate block header for later use in random access within a deflate block.
+ 256 is added to the value of strm->data_type when inflate() returns
+ immediately after reaching the end of the deflate block header.
+
+ inflate() should normally be called until it returns Z_STREAM_END or an
+ error. However if all decompression is to be performed in a single step (a
+ single call of inflate), the parameter flush should be set to Z_FINISH. In
+ this case all pending input is processed and all pending output is flushed;
+ avail_out must be large enough to hold all the uncompressed data. (The size
+ of the uncompressed data may have been saved by the compressor for this
+ purpose.) The next operation on this stream must be inflateEnd to deallocate
+ the decompression state. The use of Z_FINISH is never required, but can be
+ used to inform inflate that a faster approach may be used for the single
+ inflate() call.
+
+ In this implementation, inflate() always flushes as much output as
+ possible to the output buffer, and always uses the faster approach on the
+ first call. So the only effect of the flush parameter in this implementation
+ is on the return value of inflate(), as noted below, or when it returns early
+ because Z_BLOCK or Z_TREES is used.
+
+ If a preset dictionary is needed after this call (see inflateSetDictionary
+ below), inflate sets strm->adler to the adler32 checksum of the dictionary
+ chosen by the compressor and returns Z_NEED_DICT; otherwise it sets
+ strm->adler to the adler32 checksum of all output produced so far (that is,
+ total_out bytes) and returns Z_OK, Z_STREAM_END or an error code as described
+ below. At the end of the stream, inflate() checks that its computed adler32
+ checksum is equal to that saved by the compressor and returns Z_STREAM_END
+ only if the checksum is correct.
+
+ inflate() can decompress and check either zlib-wrapped or gzip-wrapped
+ deflate data. The header type is detected automatically, if requested when
+ initializing with inflateInit2(). Any information contained in the gzip
+ header is not retained, so applications that need that information should
+ instead use raw inflate, see inflateInit2() below, or inflateBack() and
+ perform their own processing of the gzip header and trailer.
+
+ inflate() returns Z_OK if some progress has been made (more input processed
+ or more output produced), Z_STREAM_END if the end of the compressed data has
+ been reached and all uncompressed output has been produced, Z_NEED_DICT if a
+ preset dictionary is needed at this point, Z_DATA_ERROR if the input data was
+ corrupted (input stream not conforming to the zlib format or incorrect check
+ value), Z_STREAM_ERROR if the stream structure was inconsistent (for example
+ next_in or next_out was Z_NULL), Z_MEM_ERROR if there was not enough memory,
+ Z_BUF_ERROR if no progress is possible or if there was not enough room in the
+ output buffer when Z_FINISH is used. Note that Z_BUF_ERROR is not fatal, and
+ inflate() can be called again with more input and more output space to
+ continue decompressing. If Z_DATA_ERROR is returned, the application may
+ then call inflateSync() to look for a good compression block if a partial
+ recovery of the data is desired.
+*/
+
+
+ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm));
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any pending
+ output.
+
+ inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
+ was inconsistent. In the error case, msg may be set but then points to a
+ static string (which must not be deallocated).
+*/
+
+
+ /* Advanced functions */
+
+/*
+ The following functions are needed only in some special applications.
+*/
+
+/*
+ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm,
+ int level,
+ int method,
+ int windowBits,
+ int memLevel,
+ int strategy));
+
+ This is another version of deflateInit with more compression options. The
+ fields next_in, zalloc, zfree and opaque must be initialized before by the
+ caller.
+
+ The method parameter is the compression method. It must be Z_DEFLATED in
+ this version of the library.
+
+ The windowBits parameter is the base two logarithm of the window size
+ (the size of the history buffer). It should be in the range 8..15 for this
+ version of the library. Larger values of this parameter result in better
+ compression at the expense of memory usage. The default value is 15 if
+ deflateInit is used instead.
+
+ windowBits can also be -8..-15 for raw deflate. In this case, -windowBits
+ determines the window size. deflate() will then generate raw deflate data
+ with no zlib header or trailer, and will not compute an adler32 check value.
+
+ windowBits can also be greater than 15 for optional gzip encoding. Add
+ 16 to windowBits to write a simple gzip header and trailer around the
+ compressed data instead of a zlib wrapper. The gzip header will have no
+ file name, no extra data, no comment, no modification time (set to zero), no
+ header crc, and the operating system will be set to 255 (unknown). If a
+ gzip stream is being written, strm->adler is a crc32 instead of an adler32.
+
+ The memLevel parameter specifies how much memory should be allocated
+ for the internal compression state. memLevel=1 uses minimum memory but is
+ slow and reduces compression ratio; memLevel=9 uses maximum memory for
+ optimal speed. The default value is 8. See zconf.h for total memory usage
+ as a function of windowBits and memLevel.
+
+ The strategy parameter is used to tune the compression algorithm. Use the
+ value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
+ filter (or predictor), Z_HUFFMAN_ONLY to force Huffman encoding only (no
+ string match), or Z_RLE to limit match distances to one (run-length
+ encoding). Filtered data consists mostly of small values with a somewhat
+ random distribution. In this case, the compression algorithm is tuned to
+ compress them better. The effect of Z_FILTERED is to force more Huffman
+ coding and less string matching; it is somewhat intermediate between
+ Z_DEFAULT_STRATEGY and Z_HUFFMAN_ONLY. Z_RLE is designed to be almost as
+ fast as Z_HUFFMAN_ONLY, but give better compression for PNG image data. The
+ strategy parameter only affects the compression ratio but not the
+ correctness of the compressed output even if it is not set appropriately.
+ Z_FIXED prevents the use of dynamic Huffman codes, allowing for a simpler
+ decoder for special applications.
+
+ deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_STREAM_ERROR if any parameter is invalid (such as an invalid
+ method), or Z_VERSION_ERROR if the zlib library version (zlib_version) is
+ incompatible with the version assumed by the caller (ZLIB_VERSION). msg is
+ set to null if there is no error message. deflateInit2 does not perform any
+ compression: this will be done by deflate().
+*/
+
+ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+/*
+ Initializes the compression dictionary from the given byte sequence
+ without producing any compressed output. This function must be called
+ immediately after deflateInit, deflateInit2 or deflateReset, before any call
+ of deflate. The compressor and decompressor must use exactly the same
+ dictionary (see inflateSetDictionary).
+
+ The dictionary should consist of strings (byte sequences) that are likely
+ to be encountered later in the data to be compressed, with the most commonly
+ used strings preferably put towards the end of the dictionary. Using a
+ dictionary is most useful when the data to be compressed is short and can be
+ predicted with good accuracy; the data can then be compressed better than
+ with the default empty dictionary.
+
+ Depending on the size of the compression data structures selected by
+ deflateInit or deflateInit2, a part of the dictionary may in effect be
+ discarded, for example if the dictionary is larger than the window size
+ provided in deflateInit or deflateInit2. Thus the strings most likely to be
+ useful should be put at the end of the dictionary, not at the front. In
+ addition, the current implementation of deflate will use at most the window
+ size minus 262 bytes of the provided dictionary.
+
+ Upon return of this function, strm->adler is set to the adler32 value
+ of the dictionary; the decompressor may later use this value to determine
+ which dictionary has been used by the compressor. (The adler32 value
+ applies to the whole dictionary even if only a subset of the dictionary is
+ actually used by the compressor.) If a raw deflate was requested, then the
+ adler32 value is not computed and strm->adler is not set.
+
+ deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
+ parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
+ inconsistent (for example if deflate has already been called for this stream
+ or if the compression method is bsort). deflateSetDictionary does not
+ perform any compression: this will be done by deflate().
+*/
+
+ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest,
+ z_streamp source));
+/*
+ Sets the destination stream as a complete copy of the source stream.
+
+ This function can be useful when several compression strategies will be
+ tried, for example when there are several ways of pre-processing the input
+ data with a filter. The streams that will be discarded should then be freed
+ by calling deflateEnd. Note that deflateCopy duplicates the internal
+ compression state which can be quite large, so this strategy is slow and can
+ consume lots of memory.
+
+ deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being Z_NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm));
+/*
+ This function is equivalent to deflateEnd followed by deflateInit,
+ but does not free and reallocate all the internal compression state. The
+ stream will keep the same compression level and any other attributes that
+ may have been set by deflateInit2.
+
+ deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL).
+*/
+
+ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm,
+ int level,
+ int strategy));
+/*
+ Dynamically update the compression level and compression strategy. The
+ interpretation of level and strategy is as in deflateInit2. This can be
+ used to switch between compression and straight copy of the input data, or
+ to switch to a different kind of input data requiring a different strategy.
+ If the compression level is changed, the input available so far is
+ compressed with the old level (and may be flushed); the new level will take
+ effect only at the next call of deflate().
+
+ Before the call of deflateParams, the stream state must be set as for
+ a call of deflate(), since the currently available input may have to be
+ compressed and flushed. In particular, strm->avail_out must be non-zero.
+
+ deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
+ stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR if
+ strm->avail_out was zero.
+*/
+
+ZEXTERN int ZEXPORT deflateTune OF((z_streamp strm,
+ int good_length,
+ int max_lazy,
+ int nice_length,
+ int max_chain));
+/*
+ Fine tune deflate's internal compression parameters. This should only be
+ used by someone who understands the algorithm used by zlib's deflate for
+ searching for the best matching string, and even then only by the most
+ fanatic optimizer trying to squeeze out the last compressed bit for their
+ specific input data. Read the deflate.c source code for the meaning of the
+ max_lazy, good_length, nice_length, and max_chain parameters.
+
+ deflateTune() can be called after deflateInit() or deflateInit2(), and
+ returns Z_OK on success, or Z_STREAM_ERROR for an invalid deflate stream.
+ */
+
+ZEXTERN uLong ZEXPORT deflateBound OF((z_streamp strm,
+ uLong sourceLen));
+/*
+ deflateBound() returns an upper bound on the compressed size after
+ deflation of sourceLen bytes. It must be called after deflateInit() or
+ deflateInit2(), and after deflateSetHeader(), if used. This would be used
+ to allocate an output buffer for deflation in a single pass, and so would be
+ called before deflate().
+*/
+
+ZEXTERN int ZEXPORT deflatePrime OF((z_streamp strm,
+ int bits,
+ int value));
+/*
+ deflatePrime() inserts bits in the deflate output stream. The intent
+ is that this function is used to start off the deflate output with the bits
+ leftover from a previous deflate stream when appending to it. As such, this
+ function can only be used for raw deflate, and must be used before the first
+ deflate() call after a deflateInit2() or deflateReset(). bits must be less
+ than or equal to 16, and that many of the least significant bits of value
+ will be inserted in the output.
+
+ deflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+ZEXTERN int ZEXPORT deflateSetHeader OF((z_streamp strm,
+ gz_headerp head));
+/*
+ deflateSetHeader() provides gzip header information for when a gzip
+ stream is requested by deflateInit2(). deflateSetHeader() may be called
+ after deflateInit2() or deflateReset() and before the first call of
+ deflate(). The text, time, os, extra field, name, and comment information
+ in the provided gz_header structure are written to the gzip header (xflag is
+ ignored -- the extra flags are set according to the compression level). The
+ caller must assure that, if not Z_NULL, name and comment are terminated with
+ a zero byte, and that if extra is not Z_NULL, that extra_len bytes are
+ available there. If hcrc is true, a gzip header crc is included. Note that
+ the current versions of the command-line version of gzip (up through version
+ 1.3.x) do not support header crc's, and will report that it is a "multi-part
+ gzip file" and give up.
+
+ If deflateSetHeader is not used, the default gzip header has text false,
+ the time set to zero, and os set to 255, with no extra, name, or comment
+ fields. The gzip header is returned to the default state by deflateReset().
+
+ deflateSetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+/*
+ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm,
+ int windowBits));
+
+ This is another version of inflateInit with an extra parameter. The
+ fields next_in, avail_in, zalloc, zfree and opaque must be initialized
+ before by the caller.
+
+ The windowBits parameter is the base two logarithm of the maximum window
+ size (the size of the history buffer). It should be in the range 8..15 for
+ this version of the library. The default value is 15 if inflateInit is used
+ instead. windowBits must be greater than or equal to the windowBits value
+ provided to deflateInit2() while compressing, or it must be equal to 15 if
+ deflateInit2() was not used. If a compressed stream with a larger window
+ size is given as input, inflate() will return with the error code
+ Z_DATA_ERROR instead of trying to allocate a larger window.
+
+ windowBits can also be zero to request that inflate use the window size in
+ the zlib header of the compressed stream.
+
+ windowBits can also be -8..-15 for raw inflate. In this case, -windowBits
+ determines the window size. inflate() will then process raw deflate data,
+ not looking for a zlib or gzip header, not generating a check value, and not
+ looking for any check values for comparison at the end of the stream. This
+ is for use with other formats that use the deflate compressed data format
+ such as zip. Those formats provide their own check values. If a custom
+ format is developed using the raw deflate format for compressed data, it is
+ recommended that a check value such as an adler32 or a crc32 be applied to
+ the uncompressed data as is done in the zlib, gzip, and zip formats. For
+ most applications, the zlib format should be used as is. Note that comments
+ above on the use in deflateInit2() applies to the magnitude of windowBits.
+
+ windowBits can also be greater than 15 for optional gzip decoding. Add
+ 32 to windowBits to enable zlib and gzip decoding with automatic header
+ detection, or add 16 to decode only the gzip format (the zlib format will
+ return a Z_DATA_ERROR). If a gzip stream is being decoded, strm->adler is a
+ crc32 instead of an adler32.
+
+ inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
+ version assumed by the caller, or Z_STREAM_ERROR if the parameters are
+ invalid, such as a null pointer to the structure. msg is set to null if
+ there is no error message. inflateInit2 does not perform any decompression
+ apart from possibly reading the zlib header if present: actual decompression
+ will be done by inflate(). (So next_in and avail_in may be modified, but
+ next_out and avail_out are unused and unchanged.) The current implementation
+ of inflateInit2() does not process any header information -- that is
+ deferred until inflate() is called.
+*/
+
+ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+/*
+ Initializes the decompression dictionary from the given uncompressed byte
+ sequence. This function must be called immediately after a call of inflate,
+ if that call returned Z_NEED_DICT. The dictionary chosen by the compressor
+ can be determined from the adler32 value returned by that call of inflate.
+ The compressor and decompressor must use exactly the same dictionary (see
+ deflateSetDictionary). For raw inflate, this function can be called
+ immediately after inflateInit2() or inflateReset() and before any call of
+ inflate() to set the dictionary. The application must insure that the
+ dictionary that was used for compression is provided.
+
+ inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
+ parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
+ inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
+ expected one (incorrect adler32 value). inflateSetDictionary does not
+ perform any decompression: this will be done by subsequent calls of
+ inflate().
+*/
+
+ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm));
+/*
+ Skips invalid compressed data until a full flush point (see above the
+ description of deflate with Z_FULL_FLUSH) can be found, or until all
+ available input is skipped. No output is provided.
+
+ inflateSync returns Z_OK if a full flush point has been found, Z_BUF_ERROR
+ if no more input was provided, Z_DATA_ERROR if no flush point has been
+ found, or Z_STREAM_ERROR if the stream structure was inconsistent. In the
+ success case, the application may save the current current value of total_in
+ which indicates where valid compressed data was found. In the error case,
+ the application may repeatedly call inflateSync, providing more input each
+ time, until success or end of the input data.
+*/
+
+ZEXTERN int ZEXPORT inflateCopy OF((z_streamp dest,
+ z_streamp source));
+/*
+ Sets the destination stream as a complete copy of the source stream.
+
+ This function can be useful when randomly accessing a large stream. The
+ first pass through the stream can periodically record the inflate state,
+ allowing restarting inflate at those points when randomly accessing the
+ stream.
+
+ inflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being Z_NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm));
+/*
+ This function is equivalent to inflateEnd followed by inflateInit,
+ but does not free and reallocate all the internal decompression state. The
+ stream will keep attributes that may have been set by inflateInit2.
+
+ inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL).
+*/
+
+ZEXTERN int ZEXPORT inflateReset2 OF((z_streamp strm,
+ int windowBits));
+/*
+ This function is the same as inflateReset, but it also permits changing
+ the wrap and window size requests. The windowBits parameter is interpreted
+ the same as it is for inflateInit2.
+
+ inflateReset2 returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL), or if
+ the windowBits parameter is invalid.
+*/
+
+ZEXTERN int ZEXPORT inflatePrime OF((z_streamp strm,
+ int bits,
+ int value));
+/*
+ This function inserts bits in the inflate input stream. The intent is
+ that this function is used to start inflating at a bit position in the
+ middle of a byte. The provided bits will be used before any bytes are used
+ from next_in. This function should only be used with raw inflate, and
+ should be used before the first inflate() call after inflateInit2() or
+ inflateReset(). bits must be less than or equal to 16, and that many of the
+ least significant bits of value will be inserted in the input.
+
+ If bits is negative, then the input stream bit buffer is emptied. Then
+ inflatePrime() can be called again to put bits in the buffer. This is used
+ to clear out bits leftover after feeding inflate a block description prior
+ to feeding inflate codes.
+
+ inflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+ZEXTERN long ZEXPORT inflateMark OF((z_streamp strm));
+/*
+ This function returns two values, one in the lower 16 bits of the return
+ value, and the other in the remaining upper bits, obtained by shifting the
+ return value down 16 bits. If the upper value is -1 and the lower value is
+ zero, then inflate() is currently decoding information outside of a block.
+ If the upper value is -1 and the lower value is non-zero, then inflate is in
+ the middle of a stored block, with the lower value equaling the number of
+ bytes from the input remaining to copy. If the upper value is not -1, then
+ it is the number of bits back from the current bit position in the input of
+ the code (literal or length/distance pair) currently being processed. In
+ that case the lower value is the number of bytes already emitted for that
+ code.
+
+ A code is being processed if inflate is waiting for more input to complete
+ decoding of the code, or if it has completed decoding but is waiting for
+ more output space to write the literal or match data.
+
+ inflateMark() is used to mark locations in the input data for random
+ access, which may be at bit positions, and to note those cases where the
+ output of a code may span boundaries of random access blocks. The current
+ location in the input stream can be determined from avail_in and data_type
+ as noted in the description for the Z_BLOCK flush parameter for inflate.
+
+ inflateMark returns the value noted above or -1 << 16 if the provided
+ source stream state was inconsistent.
+*/
+
+ZEXTERN int ZEXPORT inflateGetHeader OF((z_streamp strm,
+ gz_headerp head));
+/*
+ inflateGetHeader() requests that gzip header information be stored in the
+ provided gz_header structure. inflateGetHeader() may be called after
+ inflateInit2() or inflateReset(), and before the first call of inflate().
+ As inflate() processes the gzip stream, head->done is zero until the header
+ is completed, at which time head->done is set to one. If a zlib stream is
+ being decoded, then head->done is set to -1 to indicate that there will be
+ no gzip header information forthcoming. Note that Z_BLOCK or Z_TREES can be
+ used to force inflate() to return immediately after header processing is
+ complete and before any actual data is decompressed.
+
+ The text, time, xflags, and os fields are filled in with the gzip header
+ contents. hcrc is set to true if there is a header CRC. (The header CRC
+ was valid if done is set to one.) If extra is not Z_NULL, then extra_max
+ contains the maximum number of bytes to write to extra. Once done is true,
+ extra_len contains the actual extra field length, and extra contains the
+ extra field, or that field truncated if extra_max is less than extra_len.
+ If name is not Z_NULL, then up to name_max characters are written there,
+ terminated with a zero unless the length is greater than name_max. If
+ comment is not Z_NULL, then up to comm_max characters are written there,
+ terminated with a zero unless the length is greater than comm_max. When any
+ of extra, name, or comment are not Z_NULL and the respective field is not
+ present in the header, then that field is set to Z_NULL to signal its
+ absence. This allows the use of deflateSetHeader() with the returned
+ structure to duplicate the header. However if those fields are set to
+ allocated memory, then the application will need to save those pointers
+ elsewhere so that they can be eventually freed.
+
+ If inflateGetHeader is not used, then the header information is simply
+ discarded. The header is always checked for validity, including the header
+ CRC if present. inflateReset() will reset the process to discard the header
+ information. The application would need to call inflateGetHeader() again to
+ retrieve the header from the next gzip stream.
+
+ inflateGetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+/*
+ZEXTERN int ZEXPORT inflateBackInit OF((z_streamp strm, int windowBits,
+ unsigned char FAR *window));
+
+ Initialize the internal stream state for decompression using inflateBack()
+ calls. The fields zalloc, zfree and opaque in strm must be initialized
+ before the call. If zalloc and zfree are Z_NULL, then the default library-
+ derived memory allocation routines are used. windowBits is the base two
+ logarithm of the window size, in the range 8..15. window is a caller
+ supplied buffer of that size. Except for special applications where it is
+ assured that deflate was used with small window sizes, windowBits must be 15
+ and a 32K byte window must be supplied to be able to decompress general
+ deflate streams.
+
+ See inflateBack() for the usage of these routines.
+
+ inflateBackInit will return Z_OK on success, Z_STREAM_ERROR if any of
+ the paramaters are invalid, Z_MEM_ERROR if the internal state could not be
+ allocated, or Z_VERSION_ERROR if the version of the library does not match
+ the version of the header file.
+*/
+
+typedef unsigned (*in_func) OF((void FAR *, unsigned char FAR * FAR *));
+typedef int (*out_func) OF((void FAR *, unsigned char FAR *, unsigned));
+
+ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm,
+ in_func in, void FAR *in_desc,
+ out_func out, void FAR *out_desc));
+/*
+ inflateBack() does a raw inflate with a single call using a call-back
+ interface for input and output. This is more efficient than inflate() for
+ file i/o applications in that it avoids copying between the output and the
+ sliding window by simply making the window itself the output buffer. This
+ function trusts the application to not change the output buffer passed by
+ the output function, at least until inflateBack() returns.
+
+ inflateBackInit() must be called first to allocate the internal state
+ and to initialize the state with the user-provided window buffer.
+ inflateBack() may then be used multiple times to inflate a complete, raw
+ deflate stream with each call. inflateBackEnd() is then called to free the
+ allocated state.
+
+ A raw deflate stream is one with no zlib or gzip header or trailer.
+ This routine would normally be used in a utility that reads zip or gzip
+ files and writes out uncompressed files. The utility would decode the
+ header and process the trailer on its own, hence this routine expects only
+ the raw deflate stream to decompress. This is different from the normal
+ behavior of inflate(), which expects either a zlib or gzip header and
+ trailer around the deflate stream.
+
+ inflateBack() uses two subroutines supplied by the caller that are then
+ called by inflateBack() for input and output. inflateBack() calls those
+ routines until it reads a complete deflate stream and writes out all of the
+ uncompressed data, or until it encounters an error. The function's
+ parameters and return types are defined above in the in_func and out_func
+ typedefs. inflateBack() will call in(in_desc, &buf) which should return the
+ number of bytes of provided input, and a pointer to that input in buf. If
+ there is no input available, in() must return zero--buf is ignored in that
+ case--and inflateBack() will return a buffer error. inflateBack() will call
+ out(out_desc, buf, len) to write the uncompressed data buf[0..len-1]. out()
+ should return zero on success, or non-zero on failure. If out() returns
+ non-zero, inflateBack() will return with an error. Neither in() nor out()
+ are permitted to change the contents of the window provided to
+ inflateBackInit(), which is also the buffer that out() uses to write from.
+ The length written by out() will be at most the window size. Any non-zero
+ amount of input may be provided by in().
+
+ For convenience, inflateBack() can be provided input on the first call by
+ setting strm->next_in and strm->avail_in. If that input is exhausted, then
+ in() will be called. Therefore strm->next_in must be initialized before
+ calling inflateBack(). If strm->next_in is Z_NULL, then in() will be called
+ immediately for input. If strm->next_in is not Z_NULL, then strm->avail_in
+ must also be initialized, and then if strm->avail_in is not zero, input will
+ initially be taken from strm->next_in[0 .. strm->avail_in - 1].
+
+ The in_desc and out_desc parameters of inflateBack() is passed as the
+ first parameter of in() and out() respectively when they are called. These
+ descriptors can be optionally used to pass any information that the caller-
+ supplied in() and out() functions need to do their job.
+
+ On return, inflateBack() will set strm->next_in and strm->avail_in to
+ pass back any unused input that was provided by the last in() call. The
+ return values of inflateBack() can be Z_STREAM_END on success, Z_BUF_ERROR
+ if in() or out() returned an error, Z_DATA_ERROR if there was a format error
+ in the deflate stream (in which case strm->msg is set to indicate the nature
+ of the error), or Z_STREAM_ERROR if the stream was not properly initialized.
+ In the case of Z_BUF_ERROR, an input or output error can be distinguished
+ using strm->next_in which will be Z_NULL only if in() returned an error. If
+ strm->next_in is not Z_NULL, then the Z_BUF_ERROR was due to out() returning
+ non-zero. (in() will always be called before out(), so strm->next_in is
+ assured to be defined if out() returns non-zero.) Note that inflateBack()
+ cannot return Z_OK.
+*/
+
+ZEXTERN int ZEXPORT inflateBackEnd OF((z_streamp strm));
+/*
+ All memory allocated by inflateBackInit() is freed.
+
+ inflateBackEnd() returns Z_OK on success, or Z_STREAM_ERROR if the stream
+ state was inconsistent.
+*/
+
+ZEXTERN uLong ZEXPORT zlibCompileFlags OF((void));
+/* Return flags indicating compile-time options.
+
+ Type sizes, two bits each, 00 = 16 bits, 01 = 32, 10 = 64, 11 = other:
+ 1.0: size of uInt
+ 3.2: size of uLong
+ 5.4: size of voidpf (pointer)
+ 7.6: size of z_off_t
+
+ Compiler, assembler, and debug options:
+ 8: DEBUG
+ 9: ASMV or ASMINF -- use ASM code
+ 10: ZLIB_WINAPI -- exported functions use the WINAPI calling convention
+ 11: 0 (reserved)
+
+ One-time table building (smaller code, but not thread-safe if true):
+ 12: BUILDFIXED -- build static block decoding tables when needed
+ 13: DYNAMIC_CRC_TABLE -- build CRC calculation tables when needed
+ 14,15: 0 (reserved)
+
+ Library content (indicates missing functionality):
+ 16: NO_GZCOMPRESS -- gz* functions cannot compress (to avoid linking
+ deflate code when not needed)
+ 17: NO_GZIP -- deflate can't write gzip streams, and inflate can't detect
+ and decode gzip streams (to avoid linking crc code)
+ 18-19: 0 (reserved)
+
+ Operation variations (changes in library functionality):
+ 20: PKZIP_BUG_WORKAROUND -- slightly more permissive inflate
+ 21: FASTEST -- deflate algorithm with only one, lowest compression level
+ 22,23: 0 (reserved)
+
+ The sprintf variant used by gzprintf (zero is best):
+ 24: 0 = vs*, 1 = s* -- 1 means limited to 20 arguments after the format
+ 25: 0 = *nprintf, 1 = *printf -- 1 means gzprintf() not secure!
+ 26: 0 = returns value, 1 = void -- 1 means inferred string length returned
+
+ Remainder:
+ 27-31: 0 (reserved)
+ */
+
+
+ /* utility functions */
+
+/*
+ The following utility functions are implemented on top of the basic
+ stream-oriented functions. To simplify the interface, some default options
+ are assumed (compression level and memory usage, standard memory allocation
+ functions). The source code of these utility functions can be modified if
+ you need special options.
+*/
+
+ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+/*
+ Compresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total size
+ of the destination buffer, which must be at least the value returned by
+ compressBound(sourceLen). Upon exit, destLen is the actual size of the
+ compressed buffer.
+
+ compress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer.
+*/
+
+ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen,
+ int level));
+/*
+ Compresses the source buffer into the destination buffer. The level
+ parameter has the same meaning as in deflateInit. sourceLen is the byte
+ length of the source buffer. Upon entry, destLen is the total size of the
+ destination buffer, which must be at least the value returned by
+ compressBound(sourceLen). Upon exit, destLen is the actual size of the
+ compressed buffer.
+
+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
+ Z_STREAM_ERROR if the level parameter is invalid.
+*/
+
+ZEXTERN uLong ZEXPORT compressBound OF((uLong sourceLen));
+/*
+ compressBound() returns an upper bound on the compressed size after
+ compress() or compress2() on sourceLen bytes. It would be used before a
+ compress() or compress2() call to allocate the destination buffer.
+*/
+
+ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+/*
+ Decompresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total size
+ of the destination buffer, which must be large enough to hold the entire
+ uncompressed data. (The size of the uncompressed data must have been saved
+ previously by the compressor and transmitted to the decompressor by some
+ mechanism outside the scope of this compression library.) Upon exit, destLen
+ is the actual size of the uncompressed buffer.
+
+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer, or Z_DATA_ERROR if the input data was corrupted or incomplete.
+*/
+
+
+ /* gzip file access functions */
+
+/*
+ This library supports reading and writing files in gzip (.gz) format with
+ an interface similar to that of stdio, using the functions that start with
+ "gz". The gzip format is different from the zlib format. gzip is a gzip
+ wrapper, documented in RFC 1952, wrapped around a deflate stream.
+*/
+
+typedef voidp gzFile; /* opaque gzip file descriptor */
+
+/*
+ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode));
+
+ Opens a gzip (.gz) file for reading or writing. The mode parameter is as
+ in fopen ("rb" or "wb") but can also include a compression level ("wb9") or
+ a strategy: 'f' for filtered data as in "wb6f", 'h' for Huffman-only
+ compression as in "wb1h", 'R' for run-length encoding as in "wb1R", or 'F'
+ for fixed code compression as in "wb9F". (See the description of
+ deflateInit2 for more information about the strategy parameter.) Also "a"
+ can be used instead of "w" to request that the gzip stream that will be
+ written be appended to the file. "+" will result in an error, since reading
+ and writing to the same gzip file is not supported.
+
+ gzopen can be used to read a file which is not in gzip format; in this
+ case gzread will directly read from the file without decompression.
+
+ gzopen returns NULL if the file could not be opened, if there was
+ insufficient memory to allocate the gzFile state, or if an invalid mode was
+ specified (an 'r', 'w', or 'a' was not provided, or '+' was provided).
+ errno can be checked to determine if the reason gzopen failed was that the
+ file could not be opened.
+*/
+
+ZEXTERN gzFile ZEXPORT gzdopen OF((int fd, const char *mode));
+/*
+ gzdopen associates a gzFile with the file descriptor fd. File descriptors
+ are obtained from calls like open, dup, creat, pipe or fileno (if the file
+ has been previously opened with fopen). The mode parameter is as in gzopen.
+
+ The next call of gzclose on the returned gzFile will also close the file
+ descriptor fd, just like fclose(fdopen(fd, mode)) closes the file descriptor
+ fd. If you want to keep fd open, use fd = dup(fd_keep); gz = gzdopen(fd,
+ mode);. The duplicated descriptor should be saved to avoid a leak, since
+ gzdopen does not close fd if it fails.
+
+ gzdopen returns NULL if there was insufficient memory to allocate the
+ gzFile state, if an invalid mode was specified (an 'r', 'w', or 'a' was not
+ provided, or '+' was provided), or if fd is -1. The file descriptor is not
+ used until the next gz* read, write, seek, or close operation, so gzdopen
+ will not detect if fd is invalid (unless fd is -1).
+*/
+
+ZEXTERN int ZEXPORT gzbuffer OF((gzFile file, unsigned size));
+/*
+ Set the internal buffer size used by this library's functions. The
+ default buffer size is 8192 bytes. This function must be called after
+ gzopen() or gzdopen(), and before any other calls that read or write the
+ file. The buffer memory allocation is always deferred to the first read or
+ write. Two buffers are allocated, either both of the specified size when
+ writing, or one of the specified size and the other twice that size when
+ reading. A larger buffer size of, for example, 64K or 128K bytes will
+ noticeably increase the speed of decompression (reading).
+
+ The new buffer size also affects the maximum length for gzprintf().
+
+ gzbuffer() returns 0 on success, or -1 on failure, such as being called
+ too late.
+*/
+
+ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy));
+/*
+ Dynamically update the compression level or strategy. See the description
+ of deflateInit2 for the meaning of these parameters.
+
+ gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not
+ opened for writing.
+*/
+
+ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len));
+/*
+ Reads the given number of uncompressed bytes from the compressed file. If
+ the input file was not in gzip format, gzread copies the given number of
+ bytes into the buffer.
+
+ After reaching the end of a gzip stream in the input, gzread will continue
+ to read, looking for another gzip stream, or failing that, reading the rest
+ of the input file directly without decompression. The entire input file
+ will be read if gzread is called until it returns less than the requested
+ len.
+
+ gzread returns the number of uncompressed bytes actually read, less than
+ len for end of file, or -1 for error.
+*/
+
+ZEXTERN int ZEXPORT gzwrite OF((gzFile file,
+ voidpc buf, unsigned len));
+/*
+ Writes the given number of uncompressed bytes into the compressed file.
+ gzwrite returns the number of uncompressed bytes written or 0 in case of
+ error.
+*/
+
+ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...));
+/*
+ Converts, formats, and writes the arguments to the compressed file under
+ control of the format string, as in fprintf. gzprintf returns the number of
+ uncompressed bytes actually written, or 0 in case of error. The number of
+ uncompressed bytes written is limited to 8191, or one less than the buffer
+ size given to gzbuffer(). The caller should assure that this limit is not
+ exceeded. If it is exceeded, then gzprintf() will return an error (0) with
+ nothing written. In this case, there may also be a buffer overflow with
+ unpredictable consequences, which is possible only if zlib was compiled with
+ the insecure functions sprintf() or vsprintf() because the secure snprintf()
+ or vsnprintf() functions were not available. This can be determined using
+ zlibCompileFlags().
+*/
+
+ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s));
+/*
+ Writes the given null-terminated string to the compressed file, excluding
+ the terminating null character.
+
+ gzputs returns the number of characters written, or -1 in case of error.
+*/
+
+ZEXTERN char * ZEXPORT gzgets OF((gzFile file, char *buf, int len));
+/*
+ Reads bytes from the compressed file until len-1 characters are read, or a
+ newline character is read and transferred to buf, or an end-of-file
+ condition is encountered. If any characters are read or if len == 1, the
+ string is terminated with a null character. If no characters are read due
+ to an end-of-file or len < 1, then the buffer is left untouched.
+
+ gzgets returns buf which is a null-terminated string, or it returns NULL
+ for end-of-file or in case of error. If there was an error, the contents at
+ buf are indeterminate.
+*/
+
+ZEXTERN int ZEXPORT gzputc OF((gzFile file, int c));
+/*
+ Writes c, converted to an unsigned char, into the compressed file. gzputc
+ returns the value that was written, or -1 in case of error.
+*/
+
+ZEXTERN int ZEXPORT gzgetc OF((gzFile file));
+/*
+ Reads one byte from the compressed file. gzgetc returns this byte or -1
+ in case of end of file or error.
+*/
+
+ZEXTERN int ZEXPORT gzungetc OF((int c, gzFile file));
+/*
+ Push one character back onto the stream to be read as the first character
+ on the next read. At least one character of push-back is allowed.
+ gzungetc() returns the character pushed, or -1 on failure. gzungetc() will
+ fail if c is -1, and may fail if a character has been pushed but not read
+ yet. If gzungetc is used immediately after gzopen or gzdopen, at least the
+ output buffer size of pushed characters is allowed. (See gzbuffer above.)
+ The pushed character will be discarded if the stream is repositioned with
+ gzseek() or gzrewind().
+*/
+
+ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush));
+/*
+ Flushes all pending output into the compressed file. The parameter flush
+ is as in the deflate() function. The return value is the zlib error number
+ (see function gzerror below). gzflush is only permitted when writing.
+
+ If the flush parameter is Z_FINISH, the remaining data is written and the
+ gzip stream is completed in the output. If gzwrite() is called again, a new
+ gzip stream will be started in the output. gzread() is able to read such
+ concatented gzip streams.
+
+ gzflush should be called only when strictly necessary because it will
+ degrade compression if called too often.
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile file,
+ z_off_t offset, int whence));
+
+ Sets the starting position for the next gzread or gzwrite on the given
+ compressed file. The offset represents a number of bytes in the
+ uncompressed data stream. The whence parameter is defined as in lseek(2);
+ the value SEEK_END is not supported.
+
+ If the file is opened for reading, this function is emulated but can be
+ extremely slow. If the file is opened for writing, only forward seeks are
+ supported; gzseek then compresses a sequence of zeroes up to the new
+ starting position.
+
+ gzseek returns the resulting offset location as measured in bytes from
+ the beginning of the uncompressed stream, or -1 in case of error, in
+ particular if the file is opened for writing and the new starting position
+ would be before the current position.
+*/
+
+ZEXTERN int ZEXPORT gzrewind OF((gzFile file));
+/*
+ Rewinds the given file. This function is supported only for reading.
+
+ gzrewind(file) is equivalent to (int)gzseek(file, 0L, SEEK_SET)
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gztell OF((gzFile file));
+
+ Returns the starting position for the next gzread or gzwrite on the given
+ compressed file. This position represents a number of bytes in the
+ uncompressed data stream, and is zero when starting, even if appending or
+ reading a gzip stream from the middle of a file using gzdopen().
+
+ gztell(file) is equivalent to gzseek(file, 0L, SEEK_CUR)
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gzoffset OF((gzFile file));
+
+ Returns the current offset in the file being read or written. This offset
+ includes the count of bytes that precede the gzip stream, for example when
+ appending or when using gzdopen() for reading. When reading, the offset
+ does not include as yet unused buffered input. This information can be used
+ for a progress indicator. On error, gzoffset() returns -1.
+*/
+
+ZEXTERN int ZEXPORT gzeof OF((gzFile file));
+/*
+ Returns true (1) if the end-of-file indicator has been set while reading,
+ false (0) otherwise. Note that the end-of-file indicator is set only if the
+ read tried to go past the end of the input, but came up short. Therefore,
+ just like feof(), gzeof() may return false even if there is no more data to
+ read, in the event that the last read request was for the exact number of
+ bytes remaining in the input file. This will happen if the input file size
+ is an exact multiple of the buffer size.
+
+ If gzeof() returns true, then the read functions will return no more data,
+ unless the end-of-file indicator is reset by gzclearerr() and the input file
+ has grown since the previous end of file was detected.
+*/
+
+ZEXTERN int ZEXPORT gzdirect OF((gzFile file));
+/*
+ Returns true (1) if file is being copied directly while reading, or false
+ (0) if file is a gzip stream being decompressed. This state can change from
+ false to true while reading the input file if the end of a gzip stream is
+ reached, but is followed by data that is not another gzip stream.
+
+ If the input file is empty, gzdirect() will return true, since the input
+ does not contain a gzip stream.
+
+ If gzdirect() is used immediately after gzopen() or gzdopen() it will
+ cause buffers to be allocated to allow reading the file to determine if it
+ is a gzip file. Therefore if gzbuffer() is used, it should be called before
+ gzdirect().
+*/
+
+ZEXTERN int ZEXPORT gzclose OF((gzFile file));
+/*
+ Flushes all pending output if necessary, closes the compressed file and
+ deallocates the (de)compression state. Note that once file is closed, you
+ cannot call gzerror with file, since its structures have been deallocated.
+ gzclose must not be called more than once on the same file, just as free
+ must not be called more than once on the same allocation.
+
+ gzclose will return Z_STREAM_ERROR if file is not valid, Z_ERRNO on a
+ file operation error, or Z_OK on success.
+*/
+
+ZEXTERN int ZEXPORT gzclose_r OF((gzFile file));
+ZEXTERN int ZEXPORT gzclose_w OF((gzFile file));
+/*
+ Same as gzclose(), but gzclose_r() is only for use when reading, and
+ gzclose_w() is only for use when writing or appending. The advantage to
+ using these instead of gzclose() is that they avoid linking in zlib
+ compression or decompression code that is not used when only reading or only
+ writing respectively. If gzclose() is used, then both compression and
+ decompression code will be included the application when linking to a static
+ zlib library.
+*/
+
+ZEXTERN const char * ZEXPORT gzerror OF((gzFile file, int *errnum));
+/*
+ Returns the error message for the last error which occurred on the given
+ compressed file. errnum is set to zlib error number. If an error occurred
+ in the file system and not in the compression library, errnum is set to
+ Z_ERRNO and the application may consult errno to get the exact error code.
+
+ The application must not modify the returned string. Future calls to
+ this function may invalidate the previously returned string. If file is
+ closed, then the string previously returned by gzerror will no longer be
+ available.
+
+ gzerror() should be used to distinguish errors from end-of-file for those
+ functions above that do not distinguish those cases in their return values.
+*/
+
+ZEXTERN void ZEXPORT gzclearerr OF((gzFile file));
+/*
+ Clears the error and end-of-file flags for file. This is analogous to the
+ clearerr() function in stdio. This is useful for continuing to read a gzip
+ file that is being written concurrently.
+*/
+
+
+ /* checksum functions */
+
+/*
+ These functions are not related to compression but are exported
+ anyway because they might be useful in applications using the compression
+ library.
+*/
+
+ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
+/*
+ Update a running Adler-32 checksum with the bytes buf[0..len-1] and
+ return the updated checksum. If buf is Z_NULL, this function returns the
+ required initial value for the checksum.
+
+ An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
+ much faster.
+
+ Usage example:
+
+ uLong adler = adler32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ adler = adler32(adler, buffer, length);
+ }
+ if (adler != original_adler) error();
+*/
+
+/*
+ZEXTERN uLong ZEXPORT adler32_combine OF((uLong adler1, uLong adler2,
+ z_off_t len2));
+
+ Combine two Adler-32 checksums into one. For two sequences of bytes, seq1
+ and seq2 with lengths len1 and len2, Adler-32 checksums were calculated for
+ each, adler1 and adler2. adler32_combine() returns the Adler-32 checksum of
+ seq1 and seq2 concatenated, requiring only adler1, adler2, and len2.
+*/
+
+ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
+/*
+ Update a running CRC-32 with the bytes buf[0..len-1] and return the
+ updated CRC-32. If buf is Z_NULL, this function returns the required
+ initial value for the for the crc. Pre- and post-conditioning (one's
+ complement) is performed within this function so it shouldn't be done by the
+ application.
+
+ Usage example:
+
+ uLong crc = crc32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ crc = crc32(crc, buffer, length);
+ }
+ if (crc != original_crc) error();
+*/
+
+/*
+ZEXTERN uLong ZEXPORT crc32_combine OF((uLong crc1, uLong crc2, z_off_t len2));
+
+ Combine two CRC-32 check values into one. For two sequences of bytes,
+ seq1 and seq2 with lengths len1 and len2, CRC-32 check values were
+ calculated for each, crc1 and crc2. crc32_combine() returns the CRC-32
+ check value of seq1 and seq2 concatenated, requiring only crc1, crc2, and
+ len2.
+*/
+
+
+ /* various hacks, don't look :) */
+
+/* deflateInit and inflateInit are macros to allow checking the zlib version
+ * and the compiler's view of z_stream:
+ */
+ZEXTERN int ZEXPORT deflateInit_ OF((z_streamp strm, int level,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT inflateInit_ OF((z_streamp strm,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
+ int windowBits, int memLevel,
+ int strategy, const char *version,
+ int stream_size));
+ZEXTERN int ZEXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT inflateBackInit_ OF((z_streamp strm, int windowBits,
+ unsigned char FAR *window,
+ const char *version,
+ int stream_size));
+#define deflateInit(strm, level) \
+ deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
+#define inflateInit(strm) \
+ inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
+#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
+ deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
+ (strategy), ZLIB_VERSION, sizeof(z_stream))
+#define inflateInit2(strm, windowBits) \
+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
+#define inflateBackInit(strm, windowBits, window) \
+ inflateBackInit_((strm), (windowBits), (window), \
+ ZLIB_VERSION, sizeof(z_stream))
+
+/* provide 64-bit offset functions if _LARGEFILE64_SOURCE defined, and/or
+ * change the regular functions to 64 bits if _FILE_OFFSET_BITS is 64 (if
+ * both are true, the application gets the *64 functions, and the regular
+ * functions are changed to 64 bits) -- in case these are set on systems
+ * without large file support, _LFS64_LARGEFILE must also be true
+ */
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off64_t ZEXPORT gzseek64 OF((gzFile, z_off64_t, int));
+ ZEXTERN z_off64_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off64_t ZEXPORT gzoffset64 OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off64_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off64_t));
+#endif
+
+#if !defined(ZLIB_INTERNAL) && _FILE_OFFSET_BITS-0 == 64 && _LFS64_LARGEFILE-0
+# define gzopen gzopen64
+# define gzseek gzseek64
+# define gztell gztell64
+# define gzoffset gzoffset64
+# define adler32_combine adler32_combine64
+# define crc32_combine crc32_combine64
+# ifdef _LARGEFILE64_SOURCE
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off_t ZEXPORT gzseek64 OF((gzFile, z_off_t, int));
+ ZEXTERN z_off_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off_t ZEXPORT gzoffset64 OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
+# endif
+#else
+ ZEXTERN gzFile ZEXPORT gzopen OF((const char *, const char *));
+ ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile, z_off_t, int));
+ ZEXTERN z_off_t ZEXPORT gztell OF((gzFile));
+ ZEXTERN z_off_t ZEXPORT gzoffset OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine OF((uLong, uLong, z_off_t));
+#endif
+
+/* hack for buggy compilers */
+#if !defined(ZUTIL_H) && !defined(NO_DUMMY_DECL)
+ struct internal_state {int dummy;};
+#endif
+
+/* undocumented functions */
+ZEXTERN const char * ZEXPORT zError OF((int));
+ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp));
+ZEXTERN const uLongf * ZEXPORT get_crc_table OF((void));
+ZEXTERN int ZEXPORT inflateUndermine OF((z_streamp, int));
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ZLIB_H */
diff --git a/security/nss/lib/zlib/zutil.c b/security/nss/lib/zlib/zutil.c
new file mode 100644
index 000000000..898ed345b
--- /dev/null
+++ b/security/nss/lib/zlib/zutil.c
@@ -0,0 +1,318 @@
+/* zutil.c -- target dependent utility functions for the compression library
+ * Copyright (C) 1995-2005, 2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zutil.h"
+
+#ifndef NO_DUMMY_DECL
+struct internal_state {int dummy;}; /* for buggy compilers */
+#endif
+
+const char * const z_errmsg[10] = {
+"need dictionary", /* Z_NEED_DICT 2 */
+"stream end", /* Z_STREAM_END 1 */
+"", /* Z_OK 0 */
+"file error", /* Z_ERRNO (-1) */
+"stream error", /* Z_STREAM_ERROR (-2) */
+"data error", /* Z_DATA_ERROR (-3) */
+"insufficient memory", /* Z_MEM_ERROR (-4) */
+"buffer error", /* Z_BUF_ERROR (-5) */
+"incompatible version",/* Z_VERSION_ERROR (-6) */
+""};
+
+
+const char * ZEXPORT zlibVersion()
+{
+ return ZLIB_VERSION;
+}
+
+uLong ZEXPORT zlibCompileFlags()
+{
+ uLong flags;
+
+ flags = 0;
+ switch ((int)(sizeof(uInt))) {
+ case 2: break;
+ case 4: flags += 1; break;
+ case 8: flags += 2; break;
+ default: flags += 3;
+ }
+ switch ((int)(sizeof(uLong))) {
+ case 2: break;
+ case 4: flags += 1 << 2; break;
+ case 8: flags += 2 << 2; break;
+ default: flags += 3 << 2;
+ }
+ switch ((int)(sizeof(voidpf))) {
+ case 2: break;
+ case 4: flags += 1 << 4; break;
+ case 8: flags += 2 << 4; break;
+ default: flags += 3 << 4;
+ }
+ switch ((int)(sizeof(z_off_t))) {
+ case 2: break;
+ case 4: flags += 1 << 6; break;
+ case 8: flags += 2 << 6; break;
+ default: flags += 3 << 6;
+ }
+#ifdef DEBUG
+ flags += 1 << 8;
+#endif
+#if defined(ASMV) || defined(ASMINF)
+ flags += 1 << 9;
+#endif
+#ifdef ZLIB_WINAPI
+ flags += 1 << 10;
+#endif
+#ifdef BUILDFIXED
+ flags += 1 << 12;
+#endif
+#ifdef DYNAMIC_CRC_TABLE
+ flags += 1 << 13;
+#endif
+#ifdef NO_GZCOMPRESS
+ flags += 1L << 16;
+#endif
+#ifdef NO_GZIP
+ flags += 1L << 17;
+#endif
+#ifdef PKZIP_BUG_WORKAROUND
+ flags += 1L << 20;
+#endif
+#ifdef FASTEST
+ flags += 1L << 21;
+#endif
+#ifdef STDC
+# ifdef NO_vsnprintf
+ flags += 1L << 25;
+# ifdef HAS_vsprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_vsnprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#else
+ flags += 1L << 24;
+# ifdef NO_snprintf
+ flags += 1L << 25;
+# ifdef HAS_sprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_snprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#endif
+ return flags;
+}
+
+#ifdef DEBUG
+
+# ifndef verbose
+# define verbose 0
+# endif
+int ZLIB_INTERNAL z_verbose = verbose;
+
+void ZLIB_INTERNAL z_error (m)
+ char *m;
+{
+ fprintf(stderr, "%s\n", m);
+ exit(1);
+}
+#endif
+
+/* exported to allow conversion of error code to string for compress() and
+ * uncompress()
+ */
+const char * ZEXPORT zError(err)
+ int err;
+{
+ return ERR_MSG(err);
+}
+
+#if defined(_WIN32_WCE)
+ /* The Microsoft C Run-Time Library for Windows CE doesn't have
+ * errno. We define it as a global variable to simplify porting.
+ * Its value is always 0 and should not be used.
+ */
+ int errno = 0;
+#endif
+
+#ifndef HAVE_MEMCPY
+
+void ZLIB_INTERNAL zmemcpy(dest, source, len)
+ Bytef* dest;
+ const Bytef* source;
+ uInt len;
+{
+ if (len == 0) return;
+ do {
+ *dest++ = *source++; /* ??? to be unrolled */
+ } while (--len != 0);
+}
+
+int ZLIB_INTERNAL zmemcmp(s1, s2, len)
+ const Bytef* s1;
+ const Bytef* s2;
+ uInt len;
+{
+ uInt j;
+
+ for (j = 0; j < len; j++) {
+ if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
+ }
+ return 0;
+}
+
+void ZLIB_INTERNAL zmemzero(dest, len)
+ Bytef* dest;
+ uInt len;
+{
+ if (len == 0) return;
+ do {
+ *dest++ = 0; /* ??? to be unrolled */
+ } while (--len != 0);
+}
+#endif
+
+
+#ifdef SYS16BIT
+
+#ifdef __TURBOC__
+/* Turbo C in 16-bit mode */
+
+# define MY_ZCALLOC
+
+/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
+ * and farmalloc(64K) returns a pointer with an offset of 8, so we
+ * must fix the pointer. Warning: the pointer must be put back to its
+ * original form in order to free it, use zcfree().
+ */
+
+#define MAX_PTR 10
+/* 10*64K = 640K */
+
+local int next_ptr = 0;
+
+typedef struct ptr_table_s {
+ voidpf org_ptr;
+ voidpf new_ptr;
+} ptr_table;
+
+local ptr_table table[MAX_PTR];
+/* This table is used to remember the original form of pointers
+ * to large buffers (64K). Such pointers are normalized with a zero offset.
+ * Since MSDOS is not a preemptive multitasking OS, this table is not
+ * protected from concurrent access. This hack doesn't work anyway on
+ * a protected system like OS/2. Use Microsoft C instead.
+ */
+
+voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, unsigned items, unsigned size)
+{
+ voidpf buf = opaque; /* just to make some compilers happy */
+ ulg bsize = (ulg)items*size;
+
+ /* If we allocate less than 65520 bytes, we assume that farmalloc
+ * will return a usable pointer which doesn't have to be normalized.
+ */
+ if (bsize < 65520L) {
+ buf = farmalloc(bsize);
+ if (*(ush*)&buf != 0) return buf;
+ } else {
+ buf = farmalloc(bsize + 16L);
+ }
+ if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
+ table[next_ptr].org_ptr = buf;
+
+ /* Normalize the pointer to seg:0 */
+ *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
+ *(ush*)&buf = 0;
+ table[next_ptr++].new_ptr = buf;
+ return buf;
+}
+
+void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr)
+{
+ int n;
+ if (*(ush*)&ptr != 0) { /* object < 64K */
+ farfree(ptr);
+ return;
+ }
+ /* Find the original pointer */
+ for (n = 0; n < next_ptr; n++) {
+ if (ptr != table[n].new_ptr) continue;
+
+ farfree(table[n].org_ptr);
+ while (++n < next_ptr) {
+ table[n-1] = table[n];
+ }
+ next_ptr--;
+ return;
+ }
+ ptr = opaque; /* just to make some compilers happy */
+ Assert(0, "zcfree: ptr not found");
+}
+
+#endif /* __TURBOC__ */
+
+
+#ifdef M_I86
+/* Microsoft C in 16-bit mode */
+
+# define MY_ZCALLOC
+
+#if (!defined(_MSC_VER) || (_MSC_VER <= 600))
+# define _halloc halloc
+# define _hfree hfree
+#endif
+
+voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, uInt items, uInt size)
+{
+ if (opaque) opaque = 0; /* to make compiler happy */
+ return _halloc((long)items, size);
+}
+
+void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr)
+{
+ if (opaque) opaque = 0; /* to make compiler happy */
+ _hfree(ptr);
+}
+
+#endif /* M_I86 */
+
+#endif /* SYS16BIT */
+
+
+#ifndef MY_ZCALLOC /* Any system without a special alloc function */
+
+#ifndef STDC
+extern voidp malloc OF((uInt size));
+extern voidp calloc OF((uInt items, uInt size));
+extern void free OF((voidpf ptr));
+#endif
+
+voidpf ZLIB_INTERNAL zcalloc (opaque, items, size)
+ voidpf opaque;
+ unsigned items;
+ unsigned size;
+{
+ if (opaque) items += size - size; /* make compiler happy */
+ return sizeof(uInt) > 2 ? (voidpf)malloc(items * size) :
+ (voidpf)calloc(items, size);
+}
+
+void ZLIB_INTERNAL zcfree (opaque, ptr)
+ voidpf opaque;
+ voidpf ptr;
+{
+ free(ptr);
+ if (opaque) return; /* make compiler happy */
+}
+
+#endif /* MY_ZCALLOC */
diff --git a/security/nss/lib/zlib/zutil.h b/security/nss/lib/zlib/zutil.h
new file mode 100644
index 000000000..d6ee23c6f
--- /dev/null
+++ b/security/nss/lib/zlib/zutil.h
@@ -0,0 +1,275 @@
+/* zutil.h -- internal interface and configuration of the compression library
+ * Copyright (C) 1995-2010 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* @(#) $Id$ */
+
+#ifndef ZUTIL_H
+#define ZUTIL_H
+
+#if ((__GNUC__-0) * 10 + __GNUC_MINOR__-0 >= 33) && !defined(NO_VIZ)
+# define ZLIB_INTERNAL __attribute__((visibility ("hidden")))
+#else
+# define ZLIB_INTERNAL
+#endif
+
+#include "zlib.h"
+
+#ifdef STDC
+# if !(defined(_WIN32_WCE) && defined(_MSC_VER))
+# include <stddef.h>
+# endif
+# include <string.h>
+# include <stdlib.h>
+#endif
+
+#ifndef local
+# define local static
+#endif
+/* compile with -Dlocal if your debugger can't find static symbols */
+
+typedef unsigned char uch;
+typedef uch FAR uchf;
+typedef unsigned short ush;
+typedef ush FAR ushf;
+typedef unsigned long ulg;
+
+extern const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
+/* (size given to avoid silly warnings with Visual C++) */
+
+#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
+
+#define ERR_RETURN(strm,err) \
+ return (strm->msg = (char*)ERR_MSG(err), (err))
+/* To be used only when the state is known to be valid */
+
+ /* common constants */
+
+#ifndef DEF_WBITS
+# define DEF_WBITS MAX_WBITS
+#endif
+/* default windowBits for decompression. MAX_WBITS is for compression only */
+
+#if MAX_MEM_LEVEL >= 8
+# define DEF_MEM_LEVEL 8
+#else
+# define DEF_MEM_LEVEL MAX_MEM_LEVEL
+#endif
+/* default memLevel */
+
+#define STORED_BLOCK 0
+#define STATIC_TREES 1
+#define DYN_TREES 2
+/* The three kinds of block type */
+
+#define MIN_MATCH 3
+#define MAX_MATCH 258
+/* The minimum and maximum match lengths */
+
+#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
+
+ /* target dependencies */
+
+#if defined(MSDOS) || (defined(WINDOWS) && !defined(WIN32))
+# define OS_CODE 0x00
+# if defined(__TURBOC__) || defined(__BORLANDC__)
+# if (__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
+ /* Allow compilation with ANSI keywords only enabled */
+ void _Cdecl farfree( void *block );
+ void *_Cdecl farmalloc( unsigned long nbytes );
+# else
+# include <alloc.h>
+# endif
+# else /* MSC or DJGPP */
+# include <malloc.h>
+# endif
+#endif
+
+#ifdef AMIGA
+# define OS_CODE 0x01
+#endif
+
+#if defined(VAXC) || defined(VMS)
+# define OS_CODE 0x02
+# define F_OPEN(name, mode) \
+ fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
+#endif
+
+#if defined(ATARI) || defined(atarist)
+# define OS_CODE 0x05
+#endif
+
+#ifdef OS2
+# define OS_CODE 0x06
+# ifdef M_I86
+# include <malloc.h>
+# endif
+#endif
+
+#if defined(MACOS) || defined(TARGET_OS_MAC)
+# define OS_CODE 0x07
+# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
+# include <unix.h> /* for fdopen */
+# else
+# ifndef fdopen
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# endif
+# endif
+#endif
+
+#ifdef TOPS20
+# define OS_CODE 0x0a
+#endif
+
+#ifdef WIN32
+# ifndef __CYGWIN__ /* Cygwin is Unix, not Win32 */
+# define OS_CODE 0x0b
+# endif
+#endif
+
+#ifdef __50SERIES /* Prime/PRIMOS */
+# define OS_CODE 0x0f
+#endif
+
+#if defined(_BEOS_) || defined(RISCOS)
+# define fdopen(fd,mode) NULL /* No fdopen() */
+#endif
+
+#if (defined(_MSC_VER) && (_MSC_VER > 600)) && !defined __INTERIX
+# if defined(_WIN32_WCE)
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# ifndef _PTRDIFF_T_DEFINED
+ typedef int ptrdiff_t;
+# define _PTRDIFF_T_DEFINED
+# endif
+# else
+# define fdopen(fd,type) _fdopen(fd,type)
+# endif
+#endif
+
+#if defined(__BORLANDC__)
+ #pragma warn -8004
+ #pragma warn -8008
+ #pragma warn -8066
+#endif
+
+/* provide prototypes for these when building zlib without LFS */
+#if !defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
+#endif
+
+ /* common defaults */
+
+#ifndef OS_CODE
+# define OS_CODE 0x03 /* assume Unix */
+#endif
+
+#ifndef F_OPEN
+# define F_OPEN(name, mode) fopen((name), (mode))
+#endif
+
+ /* functions */
+
+#if defined(STDC99) || (defined(__TURBOC__) && __TURBOC__ >= 0x550) || \
+ (defined(_MSC_VER) && _MSC_VER >= 1500)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+#if defined(__CYGWIN__)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+#ifndef HAVE_VSNPRINTF
+# ifdef MSDOS
+ /* vsnprintf may exist on some MS-DOS compilers (DJGPP?),
+ but for now we just assume it doesn't. */
+# define NO_vsnprintf
+# endif
+# ifdef __TURBOC__
+# define NO_vsnprintf
+# endif
+# ifdef WIN32
+ /* In Win32, vsnprintf is available as the "non-ANSI" _vsnprintf. */
+# if !defined(vsnprintf) && !defined(NO_vsnprintf)
+# if !defined(_MSC_VER) || ( defined(_MSC_VER) && _MSC_VER < 1500 )
+# define vsnprintf _vsnprintf
+# endif
+# endif
+# endif
+# ifdef __SASC
+# define NO_vsnprintf
+# endif
+#endif
+#ifdef VMS
+# define NO_vsnprintf
+#endif
+
+#if defined(pyr)
+# define NO_MEMCPY
+#endif
+#if defined(SMALL_MEDIUM) && !defined(_MSC_VER) && !defined(__SC__)
+ /* Use our own functions for small and medium model with MSC <= 5.0.
+ * You may have to use the same strategy for Borland C (untested).
+ * The __SC__ check is for Symantec.
+ */
+# define NO_MEMCPY
+#endif
+#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
+# define HAVE_MEMCPY
+#endif
+#ifdef HAVE_MEMCPY
+# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
+# define zmemcpy _fmemcpy
+# define zmemcmp _fmemcmp
+# define zmemzero(dest, len) _fmemset(dest, 0, len)
+# else
+# define zmemcpy memcpy
+# define zmemcmp memcmp
+# define zmemzero(dest, len) memset(dest, 0, len)
+# endif
+#else
+ void ZLIB_INTERNAL zmemcpy OF((Bytef* dest, const Bytef* source, uInt len));
+ int ZLIB_INTERNAL zmemcmp OF((const Bytef* s1, const Bytef* s2, uInt len));
+ void ZLIB_INTERNAL zmemzero OF((Bytef* dest, uInt len));
+#endif
+
+/* Diagnostic functions */
+#ifdef DEBUG
+# include <stdio.h>
+ extern int ZLIB_INTERNAL z_verbose;
+ extern void ZLIB_INTERNAL z_error OF((char *m));
+# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
+# define Trace(x) {if (z_verbose>=0) fprintf x ;}
+# define Tracev(x) {if (z_verbose>0) fprintf x ;}
+# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
+# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
+# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
+#else
+# define Assert(cond,msg)
+# define Trace(x)
+# define Tracev(x)
+# define Tracevv(x)
+# define Tracec(c,x)
+# define Tracecv(c,x)
+#endif
+
+
+voidpf ZLIB_INTERNAL zcalloc OF((voidpf opaque, unsigned items,
+ unsigned size));
+void ZLIB_INTERNAL zcfree OF((voidpf opaque, voidpf ptr));
+
+#define ZALLOC(strm, items, size) \
+ (*((strm)->zalloc))((strm)->opaque, (items), (size))
+#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
+#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
+
+#endif /* ZUTIL_H */